xca-RELEASE.2.2.1/0000755000175000017500000000000013614632167012715 5ustar tewardtewardxca-RELEASE.2.2.1/INSTALL.mac0000644000175000017500000000077413614632167014515 0ustar tewardteward brew install pkg-config autoconf automake openssl qt libtool cd xca-2.2.0 ./configure && make # Compile SQL Drivers if necessary: # Download Qt sources with the same version ./configure -sql-mysql -sql-odbc -sql-psql -opensource -confirm-license \ MYSQL_PREFIX=/usr/local/Cellar/mysql-client/8.0.18/ \ MYSQL_INCDIR=/usr/local/Cellar/mysql-client/8.0.18/include/mysql/ \ PSQL_PREFIX=/usr/local/Cellar/postgresql/12.1 \ ODBC_PREFIX=/usr/local make -C qtbase/src/plugins/sqldrivers/ xca-RELEASE.2.2.1/VERSION0000644000175000017500000000000613614632167013761 0ustar tewardteward2.2.1 xca-RELEASE.2.2.1/xca.pro0000644000175000017500000001500713614632167014215 0ustar tewardteward TEMPLATE = app TARGET = xca DEPENDPATH += . lang lib ui widgets INCLUDEPATH += . lib widgets QMAKE_MAKEFILE = makefile QT = gui core sql widgets RESOURCES = img/imgres.rcc RC_FILE = img/w32res.rc macx { ICON = img/xca-mac-icon.icns CONFIG += release_and_debug XCA_RESOURCES.files = misc/oids.txt misc/dn.txt misc/eku.txt XCA_RESOURCES.files += misc/CA.xca misc/TLS_client.xca misc/TLS_server.xca XCA_RESOURCES.files += lang/xca_de.qm lang/xca_es.qm lang/xca_ru.qm lang/xca_fr.qm XCA_RESOURCES.files += lang/xca_hr.qm lang/xca_it.ts lang/xca_ja.ts lang/xca_nl.ts XCA_RESOURCES.files += lang/xca_pl.ts lang/xca_sk.ts lang/xca_tr.ts XCA_RESOURCES.files += lang/xca_zh_CN.ts lang/xca_pt_BR.ts XCA_RESOURCES.path = Contents/Resources QMAKE_BUNDLE_DATA += XCA_RESOURCES } LIBS += -lcrypto -lltdl QMAKE_CXXFLAGS = -Werror -DQMAKE DEFINES += PACKAGE_VERSION=\\\"'$$system(cat VERSION)'\\\" !win32 { commithash.h.commands = ./gen_commithash.h.sh \$@ commithash.h.depends = FORCE QMAKE_EXTRA_TARGETS += commithash.h } win32 { DEFINES += NO_COMMITHASH } # Input HEADERS += lib/asn1int.h \ lib/asn1time.h \ lib/base.h \ lib/db_base.h \ lib/db_crl.h \ lib/db.h \ lib/db_key.h \ lib/db_temp.h \ lib/db_token.h \ lib/db_x509.h \ lib/db_x509req.h \ lib/db_x509super.h \ lib/exception.h \ lib/func.h \ lib/headerlist.h \ lib/load_obj.h \ lib/main.h \ lib/oid.h \ lib/opensc-pkcs11.h \ lib/pass_info.h \ lib/Passwd.h \ lib/pk11_attribute.h \ lib/pkcs11.h \ lib/pkcs11_lib.h \ lib/pki_base.h \ lib/pki_crl.h \ lib/pki_evp.h \ lib/pki_key.h \ lib/pki_multi.h \ lib/pki_pkcs12.h \ lib/pki_pkcs7.h \ lib/pki_scard.h \ lib/pki_temp.h \ lib/pki_x509.h \ lib/pki_x509req.h \ lib/pki_x509super.h \ lib/x509name.h \ lib/x509rev.h \ lib/x509v3ext.h \ lib/builtin_curves.h \ lib/entropy.h \ lib/settings.h \ lib/sql.h \ widgets/CertDetail.h \ widgets/CertExtend.h \ widgets/clicklabel.h \ widgets/CrlDetail.h \ widgets/distname.h \ widgets/ExportDialog.h \ widgets/hashBox.h \ widgets/ImportMulti.h \ widgets/KeyDetail.h \ widgets/kvView.h \ widgets/MainWindow.h \ widgets/NewCrl.h \ widgets/NewKey.h \ widgets/NewX509.h \ widgets/Options.h \ widgets/PwDialog.h \ widgets/v3ext.h \ widgets/validity.h \ widgets/SearchPkcs11.h \ widgets/RevocationList.h \ widgets/XcaTreeView.h \ widgets/CertTreeView.h \ widgets/KeyTreeView.h \ widgets/ReqTreeView.h \ widgets/TempTreeView.h \ widgets/X509SuperTreeView.h \ widgets/XcaHeaderView.h \ widgets/OidResolver.h \ widgets/ItemCombo.h \ widgets/XcaDialog.h \ widgets/XcaProxyModel.h \ widgets/OpenDb.h FORMS += ui/CaProperties.ui \ ui/CertDetail.ui \ ui/CertExtend.ui \ ui/CrlDetail.ui \ ui/ExportDialog.ui \ ui/Help.ui \ ui/ImportMulti.ui \ ui/KeyDetail.ui \ ui/MainWindow.ui \ ui/NewCrl.ui \ ui/NewKey.ui \ ui/NewX509.ui \ ui/Options.ui \ ui/PwDialog.ui \ ui/Revoke.ui \ ui/SelectToken.ui \ ui/SearchPkcs11.ui \ ui/v3ext.ui \ ui/OidResolver.ui \ ui/XcaDialog.ui \ ui/RevocationList.ui \ ui/OpenDb.ui \ ui/ItemProperties.ui SOURCES += lib/asn1int.cpp \ lib/asn1time.cpp \ lib/db_base.cpp \ lib/db.cpp \ lib/db_crl.cpp \ lib/db_key.cpp \ lib/db_temp.cpp \ lib/db_token.cpp \ lib/db_x509.cpp \ lib/db_x509req.cpp \ lib/db_x509super.cpp \ lib/func.cpp \ lib/load_obj.cpp \ lib/main.cpp \ lib/oid.cpp \ lib/pass_info.cpp \ lib/Passwd.cpp \ lib/pk11_attribute.cpp \ lib/pkcs11.cpp \ lib/pkcs11_lib.cpp \ lib/pki_base.cpp \ lib/pki_crl.cpp \ lib/pki_evp.cpp \ lib/pki_key.cpp \ lib/pki_multi.cpp \ lib/pki_pkcs12.cpp \ lib/pki_pkcs7.cpp \ lib/pki_scard.cpp \ lib/pki_temp.cpp \ lib/pki_x509.cpp \ lib/pki_x509req.cpp \ lib/pki_x509super.cpp \ lib/x509name.cpp \ lib/x509rev.cpp \ lib/x509v3ext.cpp \ lib/builtin_curves.cpp \ lib/entropy.cpp \ lib/settings.cpp \ lib/version.cpp \ lib/sql.cpp \ widgets/CertDetail.cpp \ widgets/CertExtend.cpp \ widgets/clicklabel.cpp \ widgets/CrlDetail.cpp \ widgets/distname.cpp \ widgets/ExportDialog.cpp \ widgets/hashBox.cpp \ widgets/ImportMulti.cpp \ widgets/KeyDetail.cpp \ widgets/kvView.cpp \ widgets/MainWindow.cpp \ widgets/MW_database.cpp \ widgets/MW_help.cpp \ widgets/MW_menu.cpp \ widgets/NewCrl.cpp \ widgets/NewKey.cpp \ widgets/NewX509.cpp \ widgets/NewX509_ext.cpp \ widgets/Options.cpp \ widgets/PwDialog.cpp \ widgets/v3ext.cpp \ widgets/validity.cpp \ widgets/SearchPkcs11.cpp \ widgets/RevocationList.cpp \ widgets/XcaTreeView.cpp \ widgets/CertTreeView.cpp \ widgets/KeyTreeView.cpp \ widgets/ReqTreeView.cpp \ widgets/TempTreeView.cpp \ widgets/X509SuperTreeView.cpp \ widgets/XcaHeaderView.cpp \ widgets/OidResolver.cpp \ widgets/XcaProxyModel.cpp \ widgets/OpenDb.cpp TRANSLATIONS += lang/xca.ts \ lang/xca_de.ts \ lang/xca_es.ts \ lang/xca_fr.ts \ lang/xca_hr.ts \ lang/xca_it.ts \ lang/xca_ja.ts \ lang/xca_nl.ts \ lang/xca_pl.ts \ lang/xca_pt_BR.ts \ lang/xca_ru.ts \ lang/xca_sk.ts \ lang/xca_tr.ts \ lang/xca_zh_CN.ts \ xca-RELEASE.2.2.1/README.md0000644000175000017500000000106413614632167014175 0ustar tewardteward# XCA -- X Certificate and Key Management ## __Release Notes__ * This is a patch release, fixing *Issue #159: "Opening existing database"* which prevented the current version opening databases of XCA 2.1.2 * Since version 2 of XCA the database format changed to SQL Don't try to open it with older versions of XCA (< 1.4.0). They will corrupt the database. * Please report issues on github ## __Changelog:__ A detailled changelog can be found here: xca-RELEASE.2.2.1/OpenSSL.version0000644000175000017500000000001713614632167015605 0ustar tewardtewardopenssl-1.1.1d xca-RELEASE.2.2.1/m4/0000755000175000017500000000000013614632167013235 5ustar tewardtewardxca-RELEASE.2.2.1/m4/xca_compile_test.m40000644000175000017500000000330613614632167017023 0ustar tewardtewardAC_DEFUN([XCA_COMPILE_TEST], [ # Try to compile a little application ##################################### AC_TRY_RUN([ #include #include #include #include #include #include #include #include #define C "configure: " #define WARN C"###################### WARNING ######################\n" int main(){ char buf[2048] = ""; int r = lt_dlinit(); printf(C"The Versions of the used libraries are:\n" C"Header:\n" C"\t%s 0x%lxL\n" C"\tQT: %s\n" C"Libraries:\n" C"\t%s\n" C"\tQT: %s\n", OPENSSL_VERSION_TEXT, OPENSSL_VERSION_NUMBER, QT_VERSION_STR, SSLeay_version(SSLEAY_VERSION), qVersion() ); if (strcmp(QT_VERSION_STR, qVersion())) strcat(buf, C"The versions of the QT headers and library differ\n"); if (strcmp(OPENSSL_VERSION_TEXT, SSLeay_version(SSLEAY_VERSION))) strcat(buf, C"The versions of the OpenSSL headers and library differ\n"); if (r) strcat(buf, C"lt_dlinit() returned != 0\n"); #ifdef OPENSSL_NO_EC strcat(buf, C"This OpenSSL installation has no EC cryptography support\n"); #else #ifdef NID_brainpoolP160r1 printf(C"ECC With RFC 5639 Brainpool curves enabled\n" #if OPENSSL_VERSION_NUMBER < 0x10002001L C" (Backported to " OPENSSL_VERSION_TEXT ")\n" #endif ); #endif #endif if (*buf) printf(WARN "%s" WARN, buf); return 0; } ], [ ], [echo "Unable to execute a freshly compiled application, maybe you have to adjust your LD_LIBRARY_PATH or /etc/ld.so.conf"], [echo "Skipping the compile test because of cross-compiling"]) ]) xca-RELEASE.2.2.1/m4/ax_check_gnu_make.m40000644000175000017500000000545713614632167017125 0ustar tewardteward# =========================================================================== # http://www.gnu.org/software/autoconf-archive/ax_check_gnu_make.html # =========================================================================== # # SYNOPSIS # # AX_CHECK_GNU_MAKE() # # DESCRIPTION # # This macro searches for a GNU version of make. If a match is found, the # makefile variable `ifGNUmake' is set to the empty string, otherwise it # is set to "#". This is useful for including a special features in a # Makefile, which cannot be handled by other versions of make. The # variable _cv_gnu_make_command is set to the command to invoke GNU make # if it exists, the empty string otherwise. # # Here is an example of its use: # # Makefile.in might contain: # # # A failsafe way of putting a dependency rule into a makefile # $(DEPEND): # $(CC) -MM $(srcdir)/*.c > $(DEPEND) # # @ifGNUmake@ ifeq ($(DEPEND),$(wildcard $(DEPEND))) # @ifGNUmake@ include $(DEPEND) # @ifGNUmake@ endif # # Then configure.in would normally contain: # # AX_CHECK_GNU_MAKE() # AC_OUTPUT(Makefile) # # Then perhaps to cause gnu make to override any other make, we could do # something like this (note that GNU make always looks for GNUmakefile # first): # # if ! test x$_cv_gnu_make_command = x ; then # mv Makefile GNUmakefile # echo .DEFAULT: > Makefile ; # echo \ $_cv_gnu_make_command \$@ >> Makefile; # fi # # Then, if any (well almost any) other make is called, and GNU make also # exists, then the other make wraps the GNU make. # # LICENSE # # Copyright (c) 2008 John Darrington # # Copying and distribution of this file, with or without modification, are # permitted in any medium without royalty provided the copyright notice # and this notice are preserved. This file is offered as-is, without any # warranty. #serial 7 AC_DEFUN([AX_CHECK_GNU_MAKE], [ AC_CACHE_CHECK( for GNU make,_cv_gnu_make_command, _cv_gnu_make_command='' ; dnl Search all the common names for GNU make for a in "$MAKE" make gmake gnumake ; do if test -z "$a" ; then continue ; fi ; if ( sh -c "$a --version" 2> /dev/null | grep GNU 2>&1 > /dev/null ) ; then _cv_gnu_make_command=$a ; break; fi done ; ) ; dnl If there was a GNU version print its full path, otherwise a Warning if test "x$_cv_gnu_make_command" != "x" ; then mak="`which ${_cv_gnu_make_command}`" AC_MSG_NOTICE([A usable 'make' executable was found in ${mak}]) else AC_MSG_WARN([No usable 'make' executable found.]) fi ] ) xca-RELEASE.2.2.1/bootstrap0000755000175000017500000000022513614632167014657 0ustar tewardteward#!/bin/sh if test -n "$1"; then mkdir -p "$1" O="$1/" fi O="${O}configure" aclocal -Im4 autoconf -o $O rm -f aclocal.m4 rm -rf autom4te.cache/ xca-RELEASE.2.2.1/COPYRIGHT0000644000175000017500000000325113614632167014211 0ustar tewardteward Copyright (C) 2001 - 2020 Christian Hohnstaedt. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. - Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - Neither the name of the author nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. This program links to software with different licenses from: - https://www.openssl.org which includes cryptographic software written by Eric Young (eay@cryptsoft.com)" - https://www.qt.io xca-RELEASE.2.2.1/widgets/0000755000175000017500000000000013614632167014363 5ustar tewardtewardxca-RELEASE.2.2.1/widgets/NewCrl.cpp0000644000175000017500000000210013614632167016252 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2010 - 2011 Christian Hohnstaedt. * * All rights reserved. */ #include "NewCrl.h" #include "lib/base.h" #include "lib/func.h" #include "widgets/validity.h" #include "widgets/MainWindow.h" #include #include #include #include #include NewCrl::NewCrl(QWidget *parent, pki_x509 *signer) :QWidget(parent) { setupUi(this); dateBox->setTitle(signer->getIntName()); validNumber->setText(QString::number(signer->getCrlDays())); validRange->setCurrentIndex(0); on_applyTime_clicked(); nextUpdate->setEndDate(true); pki_key *key = signer->getRefKey(); hashAlgo->setKeyType(key->getKeyType()); hashAlgo->setupHashes(key->possibleHashNids()); a1int num = signer->getCrlNumber(); num++; crlNumber->setText(num.toDec()); if (signer->hasExtension(NID_subject_alt_name)) subAltName->setEnabled(true); else subAltName->setEnabled(false); } void NewCrl::on_applyTime_clicked() { nextUpdate->setDiff(lastUpdate, validNumber->text().toInt(), validRange->currentIndex()); } xca-RELEASE.2.2.1/widgets/KeyTreeView.h0000644000175000017500000000134013614632167016735 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2006 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __KEYTREEVIEW_H #define __KEYTREEVIEW_H #include "XcaTreeView.h" #include "lib/db_key.h" class KeyTreeView: public XcaTreeView { Q_OBJECT db_key *keys; public: KeyTreeView(QWidget *parent) : XcaTreeView(parent) { keys = NULL; } void fillContextMenu(QMenu *menu, QMenu *subExport, const QModelIndex &index, QModelIndexList indexes); void setModel(QAbstractItemModel *model=NULL) { keys = dynamic_cast (model); XcaTreeView::setModel(model); } public slots: void resetOwnPass(); void setOwnPass(); void changePin(); void initPin(); void changeSoPin(); void toToken(); }; #endif xca-RELEASE.2.2.1/widgets/RevocationList.h0000644000175000017500000000200013614632167017471 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2015 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __REVOCATIONLIST_H #define __REVOCATIONLIST_H #include "ui_RevocationList.h" #include "ui_Revoke.h" #include "lib/x509rev.h" #include class pki_x509; class RevocationList: public QDialog, public Ui::RevocationList { Q_OBJECT private: x509revList revList; pki_x509 *issuer; public: static void setupRevocationView(QTreeWidget *certList, const x509revList &revList, const pki_x509 *iss); RevocationList(QWidget *w); void setRevList(const x509revList &rl, pki_x509 *issuer); const x509revList &getRevList(); public slots: void on_addRev_clicked(void); void on_delRev_clicked(void); void on_editRev_clicked(void); void gencrl(void); signals: void genCRL(pki_x509 *iss); }; class Revocation: public QDialog, public Ui::Revoke { Q_OBJECT public: Revocation(QWidget *w, QModelIndexList indexes); x509rev getRevocation(); void setRevocation(x509rev r); }; #endif xca-RELEASE.2.2.1/widgets/OidResolver.h0000644000175000017500000000053213614632167016771 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2015 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __OID_RESOLVER_H #define __OID_RESOLVER_H #include "ui_OidResolver.h" class OidResolver: public QWidget, public Ui::OidResolver { Q_OBJECT public: OidResolver(QWidget *w); public slots: void searchOid(QString s); }; #endif xca-RELEASE.2.2.1/widgets/NewX509.h0000644000175000017500000001070713614632167015660 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2012 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __NEWX509_H #define __NEWX509_H #include "ui_NewX509.h" #include "lib/oid.h" #include "lib/db.h" #include "widgets/kvView.h" #include #include class MainWindow; class extList; class pki_temp; class pki_x509req; class pki_x509super; class pki_x509; class pki_key; class QPixmap; class QListbox; class x509name; class x509v3ext; class extList; class nameEdit { public: int nid; QLineEdit *edit; QLabel *label; nameEdit(int n, QLineEdit *e, QLabel *l) { nid = n; edit = e; label = l; } }; class NewX509: public QDialog, public Ui::NewX509 { Q_OBJECT private: NIDlist eku_nid; NIDlist dn_nid; NIDlist aia_nid; NIDlist attr_nid; QList attrEdits; QList nameEdits; X509V3_CTX ext_ctx; void editV3ext(QLineEdit *le, QString types, int n); enum pki_type pt; enum pki_source pkiSource; void templateChanged(QString templatename); QString mandatoryDnRemain(); QStringList tabnames; QList unusedKeys, allKeys; pki_x509 *ctx_cert; QString v3ext_backup; kvmodel *extDNmodel; extList getExtDuplicates(); void checkIcon(const QString &text, int nid, QLabel*img); void selfComment(QString msg); QMap templateLineEdits; QMap templateCheckBoxes; pki_temp *caTemplate(pki_x509 *ca) const; void setupExplicitDN(NIDlist my_dn_nid); QList setupExplicitInputs(NIDlist nid_list, QWidget *parent, QWidget *old, int columns); public: NewX509(QWidget *parent); virtual ~NewX509(); void initCtx(); void setRequest(); // reduce to request form void setTemp(pki_temp *temp); // reduce to template form void setCert(); // reduce to certificate form void toTemplate(pki_temp *temp); void fromTemplate(pki_temp *temp); void defineTemplate(pki_temp *temp); void defineRequest(pki_x509req *req); void defineSigner(pki_x509 *defcert, bool applyTemp); void fromX509super(pki_x509super *cert_or_req, bool applyTemp); void templateChanged(pki_temp *templ); pki_key *getSelectedKey(); pki_x509 *getSelectedSigner(); pki_x509req *getSelectedReq(); x509name getX509name(int _throw = 0); void setX509name(const x509name &n); void setImage(QPixmap *image); void setAuthInfAcc_string(QString aia_txt); QString getAuthInfAcc_string(); x509v3ext getBasicConstraints(); x509v3ext getSubKeyIdent(); x509v3ext getAuthKeyIdent(); x509v3ext getKeyUsage(); x509v3ext getEkeyUsage(); x509v3ext getSubAltName(); x509v3ext getIssAltName(); x509v3ext getCrlDist(); x509v3ext getAuthInfAcc(); extList getGuiExt(); extList getNetscapeExt(); extList getAdvanced(); extList getAllExt(); void setupTmpCtx(); void initCtx(pki_x509 *subj, pki_x509 *iss, pki_x509req *req); void switchHashAlgo(); void setReqAttributes(pki_x509req *req); void getReqAttributes(pki_x509req *req); int checkExtDuplicates(); void subjectFromTemplate(pki_temp *temp); void extensionsFromTemplate(pki_temp *temp); pki_temp *currentTemplate(); void gotoTab(int tab); void setupLineEditByNid(int nid, QLineEdit *l); int validateExtensions(QString nconf, QString &result); int do_validateExtensions(); void undo_validateExtensions(); enum pki_source getPkiSource() const; public slots: void on_fromReqCB_clicked(); void on_keyList_currentIndexChanged(const QString &); void on_reqList_currentIndexChanged(const QString &); void newKeyDone(pki_key *nkey); void on_applyTime_clicked(); void on_editSubAlt_clicked(); void on_editIssAlt_clicked(); void on_editCrlDist_clicked(); void on_editAuthInfAcc_clicked(); void on_foreignSignRB_toggled(bool checked); void on_genKeyBut_clicked(); void on_showReqBut_clicked(); void on_certList_currentIndexChanged(int index); void on_applyTemplate_clicked(); void on_applySubject_clicked(); void on_applyExtensions_clicked(); void on_adv_validate_clicked(); void on_usedKeysToo_toggled(bool checked); void on_tabWidget_currentChanged(int idx); void on_reqSubChange_clicked(); void accept(); void itemChanged(pki_base*); void setupExtDNwidget(const QString &s, QLineEdit *w); void checkSubAltName(const QString & text); void checkIssAltName(const QString & text); void checkCrlDist(const QString & text); void checkAuthInfAcc(const QString & text); signals: void genKey(QString); void showReq(pki_base *req); }; #endif xca-RELEASE.2.2.1/widgets/clicklabel.cpp0000644000175000017500000000322513614632167017156 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2007 Christian Hohnstaedt. * * All rights reserved. */ #include "clicklabel.h" #include #include #include void DoubleClickLabel::mouseDoubleClickEvent(QMouseEvent * e) { QWidget::mouseDoubleClickEvent(e); if (clicktext.isEmpty()) emit doubleClicked(text()); else emit doubleClicked(clicktext); } void DoubleClickLabel::setClickText(QString s) { clicktext = s; } ClickLabel::ClickLabel(QWidget *parent) :DoubleClickLabel(parent) { QFont fnt( font() ); fnt.setBold(true); setFont( fnt ); setFrameShape( QLabel::Panel ); setFrameShadow( QLabel::Sunken ); setAlignment( Qt::AlignCenter ); setToolTip( tr("Double click for details") ); setAutoFillBackground(true); QPalette pal = palette(); QColor col = QColor(0xff, 0xff, 0xff); pal.setColor(QPalette::Normal, QPalette::Window, col ); pal.setColor(QPalette::Inactive, QPalette::Window, col ); setPalette( pal ); setTextFormat(Qt::PlainText); } void ClickLabel::setColor(const QColor &col) { QPalette pal = palette(); pal.setColor(QPalette::Normal, QPalette::WindowText, col ); pal.setColor(QPalette::Inactive, QPalette::WindowText, col ); setPalette( pal ); } void ClickLabel::setRed() { setColor( QColor( 192, 32, 32) ); } void ClickLabel::setGreen() { setColor( QColor( 32, 192, 32) ); } void ClickLabel::disableToolTip() { setToolTip(QString()); } CopyLabel::CopyLabel(QWidget *parent) :DoubleClickLabel(parent) { setFrameStyle(QFrame::StyledPanel); setTextFormat(Qt::PlainText); #if QT_VERSION >= 0x040200 setTextInteractionFlags( Qt::TextSelectableByMouse | Qt::TextSelectableByKeyboard ); #endif } xca-RELEASE.2.2.1/widgets/KeyTreeView.cpp0000644000175000017500000000660213614632167017276 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2015 Christian Hohnstaedt. * * All rights reserved. */ #include "lib/pki_scard.h" #include "KeyTreeView.h" #include "MainWindow.h" #include #include #include void KeyTreeView::fillContextMenu(QMenu *menu, QMenu *subExport, const QModelIndex &index, QModelIndexList indexes) { bool multi = indexes.size() > 1; pki_key *key = static_cast(index.internalPointer()); if (indexes.size() == 0) return; if (!multi && key && key->isPrivKey() && !key->isToken()) { switch (key->getOwnPass()) { case pki_key::ptCommon: menu->addAction(tr("Change password"), this, SLOT(setOwnPass())); break; case pki_key::ptPrivate: menu->addAction(tr("Reset password"), this, SLOT(resetOwnPass())); break; default: break; } } if (!pkcs11::loaded() || multi) return; if (key->isToken()) { menu->addAction(tr("Change PIN"), this, SLOT(changePin())); menu->addAction(tr("Init PIN with SO PIN (PUK)"), this, SLOT(initPin())); menu->addAction(tr("Change SO PIN (PUK)"), this, SLOT(changeSoPin())); } else if (subExport) { subExport->addAction(tr("Security token"), this, SLOT(toToken())); } } void KeyTreeView::setOwnPass() { try { keys->setOwnPass(currentIndex(), pki_key::ptPrivate); } catch (errorEx &err) { mainwin->Error(err); } } void KeyTreeView::resetOwnPass() { try { keys->setOwnPass(currentIndex(), pki_key::ptCommon); } catch (errorEx &err) { mainwin->Error(err); } } void KeyTreeView::changePin() { pki_scard *scard; QModelIndex currentIdx = currentIndex(); if (!currentIdx.isValid()) return; scard = static_cast(currentIdx.internalPointer()); try { if (!scard->isToken()) { throw errorEx(tr("This is not a token")); } scard->changePin(); } catch (errorEx &err) { mainwin->Error(err); } } void KeyTreeView::initPin() { pki_scard *scard; QModelIndex currentIdx = currentIndex(); if (!currentIdx.isValid()) return; scard = static_cast(currentIdx.internalPointer()); try { if (!scard->isToken()) { throw errorEx(tr("This is not a token")); } scard->initPin(); } catch (errorEx &err) { mainwin->Error(err); } } void KeyTreeView::changeSoPin() { pki_scard *scard; QModelIndex currentIdx = currentIndex(); if (!currentIdx.isValid()) return; scard = static_cast(currentIdx.internalPointer()); try { if (!scard->isToken()) { throw errorEx(tr("This is not a token")); } scard->changeSoPin(); } catch (errorEx &err) { mainwin->Error(err); } } void KeyTreeView::toToken() { QModelIndex currentIdx = currentIndex(); if (!currentIdx.isValid()) return; pki_key *key = static_cast(currentIdx.internalPointer()); if (!key || !pkcs11::loaded() || key->isToken()) return; pki_scard *card = NULL; try { pkcs11 p11; slotid slot; if (!p11.selectToken(&slot, mainwin)) return; card = new pki_scard(key->getIntName()); card->store_token(slot, key->decryptKey()); card->pkiSource = key->pkiSource; QString msg = tr("Shall the original key '%1' be replaced by the key on the token?\nThis will delete the key '%1' and make it unexportable"). arg(key->getIntName()); if (XCA_YESNO(msg)) { keys->deletePKI(currentIdx); keys->insertPKI(card); card = NULL; } } catch (errorEx &err) { mainwin->Error(err); } if (card) delete card; } xca-RELEASE.2.2.1/widgets/KeyDetail.h0000644000175000017500000000057613614632167016417 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2009 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __KEYDETAIL_H #define __KEYDETAIL_H #include "ui_KeyDetail.h" class pki_key; class KeyDetail: public QDialog, public Ui::KeyDetail { Q_OBJECT public: KeyDetail(QWidget *parent); void setKey(pki_key *key); void setupFingerprints(pki_key *key); }; #endif xca-RELEASE.2.2.1/widgets/dhgen.h0000644000175000017500000000175213614632167015626 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2012 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __DHGEN_H #define __DHGEN_H #include "lib/entropy.h" #include "lib/exception.h" #include "lib/xfile.h" #include #include #include #include class DHgen: public QThread { QString fname; int bits; public: errorEx error; DHgen(const QString &n, int b) : QThread() { fname = n; bits = b; } const QString &filename() const { return fname; } protected: void run() { DH *dh = NULL; try { #if OPENSSL_VERSION_NUMBER >= 0x10100000L dh = DH_new(); check_oom(dh); DH_generate_parameters_ex(dh, bits, 2, NULL); #else dh = DH_generate_parameters(bits, 2, NULL, NULL); check_oom(dh); #endif openssl_error(); XFile file(fname); file.open_write(); PEM_write_DHparams(file.fp(), dh); openssl_error(); } catch (errorEx &err) { error = err; } if (dh) DH_free(dh); } }; #endif xca-RELEASE.2.2.1/widgets/OpenDb.h0000644000175000017500000000172413614632167015707 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2017 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __OPENDB_H #define __OPENDB_H #include "ui_OpenDb.h" #include #include typedef QMap DbMap; class OpenDb: public QDialog, public Ui::OpenDb { Q_OBJECT private: static DbMap getDatabases(); static QString lastRemote; bool sqlite, show_connection_settings; bool _openDatabase(QString connName, QString pass) const; void setupDatabaseName(QString db); QString getDbType() const; void fillDbDropDown(QString current = QString()); public: OpenDb(QWidget *parent, QString db); void openDatabase() const; QString getDescriptor() const; static bool hasSqLite(); static void checkSqLite(); static bool hasRemoteDrivers(); static bool isRemoteDB(QString db); static DbMap splitRemoteDbName(QString db); static void setLastRemote(QString db); public slots: int exec(); void driver_selected(); }; #endif xca-RELEASE.2.2.1/widgets/ReqTreeView.h0000644000175000017500000000133013614632167016733 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2015 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __REQTREEVIEW_H #define __REQTREEVIEW_H #include "X509SuperTreeView.h" #include "lib/db_x509req.h" class ReqTreeView: public X509SuperTreeView { Q_OBJECT db_x509req *reqs; public: ReqTreeView(QWidget *parent) : X509SuperTreeView(parent) { reqs = NULL; } void fillContextMenu(QMenu *menu, QMenu *subExport, const QModelIndex &index, QModelIndexList indexes); void setModel(QAbstractItemModel *model=NULL) { reqs = dynamic_cast (model); X509SuperTreeView::setModel(model); } public slots: void toRequest(); void signReq(); void markSigned(); void unmarkSigned(); }; #endif xca-RELEASE.2.2.1/widgets/distname.h0000644000175000017500000000076413614632167016347 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2007 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __DISTNAME_H #define __DISTNAME_H #include #include class x509name; class QLabel; class QComboBox; class QLineEdit; class myGridlayout; class DistName : public QWidget { Q_OBJECT public: DistName(QWidget *parent); void setX509name(const x509name &n); protected: QGridLayout* DistNameLayout; QLineEdit *rfc2253; QLineEdit *namehash; }; #endif xca-RELEASE.2.2.1/widgets/Options.cpp0000644000175000017500000001546013614632167016530 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2012 Christian Hohnstaedt. * * All rights reserved. */ #include "lib/func.h" #include "Options.h" #include "SearchPkcs11.h" #include "lib/pki_scard.h" #include #include #include Options::Options(MainWindow *parent) :QDialog(parent) { mw = parent; setWindowTitle(XCA_TITLE); setupUi(this); foreach(int nid, *MainWindow::dn_nid) { QString n = OBJ_nid2ln(nid); extDNobj->addItem(n); expDNobj->addItem(n); } string_opts << "MASK:0x2002" << "pkix" << "nombstr" << "utf8only" << "default"; QStringList s; s << tr("Printable string or UTF8 (default)") << tr("PKIX recommendation in RFC2459") << tr("No BMP strings, only printable and T61") << tr("UTF8 strings only (RFC2459)") << tr("All strings"); mbstring->addItems(s); mbstring->setCurrentIndex(string_opts.indexOf(Settings["string_opt"])); searchP11 = NULL; transDnEntries->setText(transDnEntries->text() .arg(OBJ_nid2ln(NID_commonName)) .arg(dn_translations[NID_commonName])); setDnString(Settings["mandatory_dn"], extDNlist); setDnString(Settings["explicit_dn"], expDNlist); setupPkcs11Provider(Settings["pkcs11path"]); suppress->setCheckState(Settings["suppress_messages"]); noColorize->setCheckState(Settings["no_expire_colors"]); transDnEntries->setCheckState(Settings["translate_dn"]); onlyTokenHashes->setCheckState(Settings["only_token_hashes"]); disableNetscape->setCheckState(Settings["disable_netscape"]); adapt_explicit_subject->setCheckState(Settings["adapt_explicit_subject"]); QStringList units; QString x = Settings["ical_expiry"]; units << tr("Days") << "D" << tr("Weeks") << "W"; ical_expiry_unit->addItemsData(units, x.right(1)); x.chop(1); ical_expiry_num->setText(x); units << "%" << "%"; x = QString(Settings["cert_expiry"]); cert_expiry_unit->addItemsData(units, x.right(1)); x.chop(1); cert_expiry_num->setText(x); serial_len->setValue(Settings["serial_len"]); connect(pkcs11List, SIGNAL(itemClicked(QListWidgetItem *)), this, SLOT(Pkcs11ItemChanged(QListWidgetItem *))); } Options::~Options() { if (searchP11) delete searchP11; } void Options::on_extDNadd_clicked() { extDNlist->addItem(extDNobj->currentText()); } void Options::on_extDNdel_clicked() { extDNlist->takeItem(extDNlist->currentRow()); } void Options::on_expDNadd_clicked() { expDNlist->addItem(expDNobj->currentText()); } void Options::on_expDNdel_clicked() { expDNlist->takeItem(expDNlist->currentRow()); } void Options::on_expDNdefault_clicked() { setDnString(Settings.defaults("explicit_dn"), expDNlist); } void Options::setDnString(QString dn, QListWidget *w) { QStringList dnl; if (!dn.isEmpty()) dnl = dn.split(","); w->clear(); for (int i=0; i < dnl.count(); i++) { int nid = OBJ_sn2nid(CCHAR(dnl[i])); w->addItem(OBJ_nid2ln(nid)); } } QString Options::getDnString(QListWidget *w) { QStringList dn; for (int j=0; jcount(); j++) { int nid = OBJ_ln2nid(CCHAR(w->item(j)->text())); dn << QString(OBJ_nid2sn(nid)); } return dn.join(","); } int Options::exec() { if (QDialog::exec() == QDialog::Rejected) return QDialog::Rejected; Transaction; if (!TransBegin()) return QDialog::Rejected; Settings["suppress_messages"] = suppress->checkState(); Settings["no_expire_colors"] = noColorize->checkState(); Settings["translate_dn"] = transDnEntries->checkState(); Settings["only_token_hashes"] = onlyTokenHashes->checkState(); Settings["disable_netscape"] = disableNetscape->checkState(); Settings["default_hash"] = hashAlgo->currentHashName(); Settings["mandatory_dn"] = getDnString(extDNlist); Settings["explicit_dn"] = getDnString(expDNlist); Settings["string_opt"] = string_opts[mbstring->currentIndex()]; Settings["pkcs11path"] = getPkcs11Provider(); Settings["cert_expiry"] = cert_expiry_num->text() + cert_expiry_unit->currentItemData().toString(); Settings["ical_expiry"] = ical_expiry_num->text() + ical_expiry_unit->currentItemData().toString(); Settings["serial_len"] = serial_len->value(); Settings["adapt_explicit_subject"] = adapt_explicit_subject->checkState(); return TransCommit() ? QDialog::Accepted : QDialog::Rejected; } void Options::on_addButton_clicked(void) { load_pkcs11 l; QString fname; fname = QFileDialog::getOpenFileName(this, l.caption, getLibDir(), l.filter); addLib(fname); } void Options::addLib(QString fname) { QString status; fname = QFileInfo(fname).canonicalFilePath(); if (fname.isEmpty() || pkcs11::get_lib(fname)) return; pkcs11_lib *l = pkcs11::load_lib(fname); addLibItem(fname); if (searchP11 && l) QToolTip::showText(searchP11->mapToGlobal( QPoint(0,0)), l->driverInfo().trimmed()); } void Options::on_removeButton_clicked(void) { QListWidgetItem *item = pkcs11List->takeItem(pkcs11List->currentRow()); if (!item) return; try { pkcs11::remove_lib(item->text()); } catch (errorEx &err) { mw->Error(err); } } void Options::on_searchPkcs11_clicked(void) { if (!searchP11) { searchP11 = new SearchPkcs11(this, QString()); connect(searchP11, SIGNAL(addLib(QString)), this, SLOT(addLib(QString))); } searchP11->show(); } void Options::Pkcs11ItemChanged(QListWidgetItem *item) { pkcs11List->blockSignals(true); pkcs11_lib *l = pkcs11::get_libs().get_lib(item->text()); qDebug() << item->text() << item->checkState() << l->isEnabled() << l->isLoaded(); if ((item->checkState() == Qt::Checked) != l->isEnabled()) { QString file = listItem2Name(item); pkcs11::remove_lib(file); pkcs11::load_lib(file); updatePkcs11Item(item); } pkcs11List->blockSignals(false); } void Options::updatePkcs11Item(QListWidgetItem *item) const { pkcs11_lib *l = pkcs11::get_libs().get_lib(item->text()); if (!l) return; if (l->isEnabled()) { item->setIcon(l->isLoaded() ? *MainWindow::doneIco : *MainWindow::warnIco); } else { QPixmap m(QSize(20,20)); m.fill(Qt::transparent); item->setIcon(QIcon(m)); } item->setToolTip(l->driverInfo().trimmed()); } QListWidgetItem *Options::addLibItem(const QString &lib) const { pkcs11_lib *l = pkcs11::get_libs().get_lib(lib); if (!l) return NULL; QListWidgetItem *item = new QListWidgetItem(lib); item->setFlags(item->flags() | Qt::ItemIsUserCheckable); updatePkcs11Item(item); item->setText(l->filename()); item->setCheckState(l->isEnabled() ? Qt::Checked : Qt::Unchecked); pkcs11List->addItem(item); return item; } void Options::setupPkcs11Provider(QString list) { foreach(QString libname, list.split('\n')) { addLibItem(libname); } } QString Options::listItem2Name(const QListWidgetItem *item) const { return QString("%1:%2").arg(item->checkState() == Qt::Checked) .arg(item->text()); } QString Options::getPkcs11Provider() { QStringList prov; for (int j=0; jcount(); j++) { prov << listItem2Name(pkcs11List->item(j)); } if (prov.count() == 0) return QString(""); return prov.join("\n"); } xca-RELEASE.2.2.1/widgets/CertExtend.cpp0000644000175000017500000000447113614632167017142 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "CertExtend.h" #include "lib/base.h" #include "lib/func.h" #include "widgets/validity.h" #include "widgets/MainWindow.h" #include #include #include #include #include CertExtend::CertExtend(QWidget *parent, pki_x509 *s) :QDialog(parent) { setupUi(this); setWindowTitle(XCA_TITLE); image->setPixmap(*MainWindow::certImg); validNumber->setText("1"); validRange->setCurrentIndex(2); on_applyTime_clicked(); signer = s; notAfter->setEndDate(true); } void CertExtend::on_applyTime_clicked() { notAfter->setDiff(notBefore, validNumber->text().toInt(), validRange->currentIndex()); } void CertExtend::accept() { if (signer && notBefore->getDate() < signer->getNotBefore()) { QString text = tr("The certificate will be earlier valid than the signer. This is probably not what you want."); xcaWarning msg(this, text); msg.addButton(QMessageBox::Ok)->setText(tr("Edit dates")); msg.addButton(QMessageBox::Close)->setText(tr("Abort rollout")); msg.addButton(QMessageBox::Apply)->setText(tr("Continue rollout")); msg.addButton(QMessageBox::Yes)->setText(tr("Adjust date and continue")); switch (msg.exec()) { case QMessageBox::Ok: case QMessageBox::Cancel: return; case QMessageBox::Close: reject(); return; case QMessageBox::Apply: break; case QMessageBox::Yes: notBefore->setDate(signer->getNotBefore()); } } if (signer && notAfter->getDate() > signer->getNotAfter() && !noWellDefinedExpDate->isChecked()) { QString text = tr("The certificate will be longer valid than the signer. This is probably not what you want."); xcaWarning msg(this, text); msg.addButton(QMessageBox::Ok)->setText(tr("Edit dates")); msg.addButton(QMessageBox::Close)->setText(tr("Abort rollout")); msg.addButton(QMessageBox::Apply)->setText(tr("Continue rollout")); msg.addButton(QMessageBox::Yes)->setText(tr("Adjust date and continue")); switch (msg.exec()) { case QMessageBox::Ok: case QMessageBox::Cancel: return; case QMessageBox::Close: reject(); return; case QMessageBox::Apply: break; case QMessageBox::Yes: notAfter->setDate(signer->getNotAfter()); } } QDialog::accept(); } xca-RELEASE.2.2.1/widgets/validity.h0000644000175000017500000000134413614632167016363 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2003 - 2012 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __VALIDITY_H #define __VALIDITY_H #include #include class Validity : public QDateTimeEdit { Q_OBJECT bool midnight, endDate; void updateFormatString(); protected: QTime mytime; public: Validity( QWidget* parent); ~Validity(); a1time getDate() const; void setDate(const a1time &a); void setDiff(const Validity *start, int number, int range); void hideTime(bool hide); void setEndDate(bool ed) { endDate = ed; } protected slots: void setMyTime(const QTime & time); public slots: void setNow(); void hideTimeCheck(int state); void localTime(int); }; #endif xca-RELEASE.2.2.1/widgets/TempTreeView.h0000644000175000017500000000137213614632167017117 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2006 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __TEMPTREEVIEW_H #define __TEMPTREEVIEW_H #include "XcaTreeView.h" #include "lib/db_temp.h" class TempTreeView: public XcaTreeView { Q_OBJECT db_temp *temps; public: TempTreeView(QWidget *parent) : XcaTreeView(parent) { temps = NULL; } void fillContextMenu(QMenu *menu, QMenu *subExport, const QModelIndex &index, QModelIndexList indexes); void setModel(QAbstractItemModel *model=NULL) { temps = dynamic_cast (model); XcaTreeView::setModel(model); } public slots: void certFromTemp(); void reqFromTemp(); void duplicateTemp(); signals: void newReq(pki_temp *); void newCert(pki_temp *); }; #endif xca-RELEASE.2.2.1/widgets/MainWindow.cpp0000644000175000017500000005200213614632167017142 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2015 Christian Hohnstaedt. * * All rights reserved. */ //#define MDEBUG #include "MainWindow.h" #include "ImportMulti.h" #include "dhgen.h" #include "lib/Passwd.h" #include "lib/entropy.h" #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "lib/exception.h" #include "lib/pki_evp.h" #include "lib/pki_scard.h" #include "lib/pki_pkcs12.h" #include "lib/pki_multi.h" #include "lib/load_obj.h" #include "lib/pass_info.h" #include "lib/func.h" #include "lib/pkcs11.h" #include "lib/builtin_curves.h" #include "XcaDialog.h" #include "PwDialog.h" #include "OpenDb.h" QPixmap *MainWindow::keyImg = NULL, *MainWindow::csrImg = NULL, *MainWindow::certImg = NULL, *MainWindow::tempImg = NULL, *MainWindow::nsImg = NULL, *MainWindow::revImg = NULL, *MainWindow::appIco = NULL, *MainWindow::scardImg = NULL, *MainWindow::doneIco = NULL, *MainWindow::warnIco = NULL; db_key *MainWindow::keys = NULL; db_x509req *MainWindow::reqs = NULL; db_x509 *MainWindow::certs = NULL; db_temp *MainWindow::temps = NULL; db_crl *MainWindow::crls = NULL; NIDlist *MainWindow::eku_nid = NULL; NIDlist *MainWindow::dn_nid = NULL; OidResolver *MainWindow::resolver = NULL; void MainWindow::enableTokenMenu(bool enable) { foreach(QWidget *w, scardList) { w->setEnabled(enable); } } void MainWindow::load_engine() { pkcs11::reload_libs(Settings["pkcs11path"]); // Error(err); enableTokenMenu(pkcs11::loaded()); } void MainWindow::initResolver() { bool shown = false; QString search; if (resolver) { shown = resolver->isVisible(); search = resolver->input->text(); delete resolver; } resolver = new OidResolver(NULL); resolver->setWindowTitle(XCA_TITLE); if (shown) resolver->searchOid(search); } MainWindow::MainWindow(QWidget *parent) :QMainWindow(parent) { dbindex = new QLabel(); dbindex->setFrameStyle(QFrame::Plain | QFrame::NoFrame); dbindex->setMargin(6); dn_translations_setup(); statusBar()->addWidget(dbindex, 1); setupUi(this); setWindowTitle(XCA_TITLE); initResolver(); wdList << keyButtons << reqButtons << certButtons << tempButtons << crlButtons; QStringList drivers = QSqlDatabase::drivers(); foreach(QString driver, drivers) { // QSqlDatabase d = QSqlDatabase::addDatabase(driver, driver +"_C"); qDebug() << "DB driver:" << driver; } historyMenu = NULL; init_menu(); setItemEnabled(false); init_images(); homedir = getHomeDir(); #ifdef MDEBUG CRYPTO_malloc_debug_init(); CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); qWarning() << "malloc() debugging on."; #endif ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); EVP_add_digest_alias(SN_sha1,SN_ecdsa_with_SHA1); EVP_add_digest_alias(SN_sha224,SN_ecdsa_with_SHA224); EVP_add_digest_alias(SN_sha256,SN_ecdsa_with_SHA256); EVP_add_digest_alias(SN_sha256,SN_dsa_with_SHA256); EVP_add_digest_alias(SN_sha384,SN_ecdsa_with_SHA384); EVP_add_digest_alias(SN_sha512,SN_ecdsa_with_SHA512); /* read in all our own OIDs */ initOIDs(); eku_nid = read_nidlist("eku.txt"); dn_nid = read_nidlist("dn.txt"); setAcceptDrops(true); searchEdit = new QLineEdit(); searchEdit->setPlaceholderText(tr("Search")); keyView->setMainwin(this, searchEdit); reqView->setMainwin(this, searchEdit); certView->setMainwin(this, searchEdit); tempView->setMainwin(this, searchEdit); crlView->setMainwin(this, searchEdit); keys = NULL; reqs = NULL; certs = NULL; temps = NULL; crls = NULL; dhgen = NULL; dhgenBar = new QProgressBar(); check_oom(dhgenBar); dhgenBar->setMinimum(0); dhgenBar->setMaximum(0); } void MainWindow::dropEvent(QDropEvent *event) { if (event->mimeData()->hasUrls()) { QList urls = event->mimeData()->urls(); QUrl u; QStringList files; foreach(u, urls) { QString s = u.toLocalFile(); files << s; } openURLs(files); event->acceptProposedAction(); } else if (event->mimeData()->hasText()) { event->acceptProposedAction(); pastePem(event->mimeData()->text()); } } void MainWindow::openURLs(QStringList &files) { urlsToOpen = files; QTimer::singleShot(100, this, SLOT(openURLs())); } void MainWindow::openURLs() { QStringList failed; QString s; ImportMulti *dlgi = new ImportMulti(this); foreach(s, urlsToOpen) { int ret; pki_multi *pki = probeAnything(s, &ret); if (ret) failed << s; else dlgi->addItem(pki); } urlsToOpen.clear(); dlgi->execute(1, failed); delete dlgi; } void MainWindow::dragEnterEvent(QDragEnterEvent *event) { if (event->mimeData()->hasFormat(X_XCA_DRAG_DATA)) return; if (event->mimeData()->hasUrls() || event->mimeData()->hasText()) event->acceptProposedAction(); } void MainWindow::setItemEnabled(bool enable) { foreach(QWidget *w, wdList) { w->setEnabled(enable); } foreach(QWidget *w, wdMenuList) { w->setEnabled(enable); } foreach(QAction *a, acList) { a->setEnabled(enable); } enableTokenMenu(pkcs11::loaded()); } /* creates a new nid list from the given filename */ NIDlist *MainWindow::read_nidlist(QString name) { NIDlist nl; name = QDir::separator() + name; /* first try $HOME/xca/ */ nl = readNIDlist(getUserSettingsDir() + name); #if !defined(Q_OS_WIN32) #if !defined(Q_OS_MAC) if (nl.count() == 0){ /* next is /etx/xca/... */ nl = readNIDlist(QString(ETC) + name); } #endif #endif if (nl.count() == 0) { /* look at /usr/(local/)share/xca/ */ nl = readNIDlist(getPrefix() + name); } return new NIDlist(nl); } void MainWindow::init_images() { keyImg = loadImg("bigkey.png"); csrImg = loadImg("bigcsr.png"); certImg = loadImg("bigcert.png"); tempImg = loadImg("bigtemp.png"); nsImg = loadImg("netscape.png"); revImg = loadImg("bigcrl.png"); scardImg = loadImg("bigscard.png"); appIco = loadImg("key.xpm"); doneIco = loadImg("done.png"); warnIco = loadImg("warn.png"); bigKey->setPixmap(*keyImg); bigCsr->setPixmap(*csrImg); bigCert->setPixmap(*certImg); bigTemp->setPixmap(*tempImg); bigRev->setPixmap(*revImg); setWindowIcon(*appIco); pki_evp::icon[0] = loadImg("key.png"); pki_evp::icon[1] = loadImg("halfkey.png"); pki_scard::icon[0] = loadImg("scard.png"); pki_x509req::icon[0] = loadImg("req.png"); pki_x509req::icon[1] = loadImg("reqkey.png"); pki_x509req::icon[2] = doneIco; pki_x509::icon[0] = loadImg("validcert.png"); pki_x509::icon[1] = loadImg("validcertkey.png"); pki_x509::icon[2] = loadImg("invalidcert.png"); pki_x509::icon[3] = loadImg("invalidcertkey.png"); pki_x509::icon[4] = doneIco; pki_x509super::icon[0] = doneIco; pki_temp::icon = loadImg("template.png"); pki_crl::icon = loadImg("crl.png"); } void MainWindow::read_cmdline(int argc, char *argv[]) { int cnt = 1, opt = 0, force_load = 0, export_index = 0; char *arg = NULL; exitApp = 0; QStringList failed; ImportMulti *dlgi = new ImportMulti(this); while (cnt < argc) { arg = argv[cnt]; if (arg[0] == '-') { // option opt = 1; switch (arg[1]) { case 'c': case 'r': case 'k': case 'p': case '7': case 'l': case 't': case 'P': break; case 'd': force_load=1; break; case 'i': export_index=1; break; case 'I': export_index=2; break; case 'v': cmd_version(); opt=0; break; case 'x': exitApp = 1; opt=0; break; case 'h': cmd_help(NULL); opt=0; break; default: cmd_help(CCHAR(tr("no such option: %1").arg(arg))); } if (arg[2] != '\0' && opt==1) { arg+=2; } else { cnt++; continue; } } QString file = filename2QString(arg); if (force_load) { if (changeDB(file) == 2) exitApp = 1; force_load = 0; } else if (export_index) { if (exportIndex(file, (export_index == 2)) == 2) exitApp = 1; export_index = 0; } else { int ret; pki_multi *pki = probeAnything(file, &ret); if (!pki) { if (ret == 2) exitApp = 1; else if (ret == 1) failed << file; } dlgi->addItem(pki); } cnt++; } dlgi->execute(1, failed); /* force showing of import dialog */ if (dlgi->result() == QDialog::Rejected) exitApp = 1; delete dlgi; } void MainWindow::loadPem() { load_pem l; if (keys) keys->load_default(l); } bool MainWindow::pastePem(QString text, bool silent) { bool success = false; QByteArray pemdata = text.toLatin1(); if (pemdata.size() == 0) return false; pki_multi *pem = NULL; ImportMulti *dlgi = NULL; try { pem = new pki_multi(); dlgi = new ImportMulti(this); pem->fromPEMbyteArray(pemdata, QString()); success = pem->count() != 0; dlgi->addItem(pem); pem = NULL; dlgi->execute(1); } catch (errorEx &err) { if (!silent) Error(err); } if (dlgi) delete dlgi; if (pem) delete pem; return success; } void MainWindow::pastePem() { QClipboard *cb = QApplication::clipboard(); QString text; text = cb->text(QClipboard::Selection); if (text.isEmpty()) text = cb->text(QClipboard::Clipboard); if (!text.isEmpty()) if (pastePem(text, true)) return; QTextEdit *textbox = new QTextEdit(); textbox->setPlainText(text); XcaDialog *input = new XcaDialog(this, x509, textbox, tr("Import PEM data"), QString()); input->noSpacer(); if (input->exec()) { text = textbox->toPlainText(); if (!text.isEmpty()) pastePem(text); } delete input; } void MainWindow::initToken() { bool ok; if (!pkcs11::loaded()) return; try { pkcs11 p11; slotid slot; Passwd pin; int ret; if (!p11.selectToken(&slot, this)) return; tkInfo ti = p11.tokenInfo(slot); QString slotname = QString("%1 (#%2)"). arg(ti.label()).arg(ti.serial()); pass_info p(XCA_TITLE, tr("Please enter the original SO PIN (PUK) of the token '%1'"). arg(slotname) + "\n" + ti.pinInfo()); p.setPin(); if (ti.tokenInitialized()) { ret = PwDialog::execute(&p, &pin, false); } else { p.setDescription(tr("Please enter the new SO PIN (PUK) for the token '%1'"). arg(slotname) + "\n" + ti.pinInfo()); ret = PwDialog::execute(&p, &pin, true); } if (ret != 1) return; QString label = QInputDialog::getText(this, XCA_TITLE, tr("The new label of the token '%1'"). arg(slotname), QLineEdit::Normal, QString(), &ok); if (!ok) return; p11.initToken(slot, pin.constUchar(), pin.size(), label); } catch (errorEx &err) { Error(err); } } void MainWindow::changePin(bool so) { if (!pkcs11::loaded()) return; try { pkcs11 p11; slotid slot; if (!p11.selectToken(&slot, this)) return; p11.changePin(slot, so); } catch (errorEx &err) { Error(err); } } void MainWindow::changeSoPin() { changePin(true); } void MainWindow::initPin() { if (!pkcs11::loaded()) return; try { pkcs11 p11; slotid slot; if (!p11.selectToken(&slot, this)) return; p11.initPin(slot); } catch (errorEx &err) { Error(err); } } void MainWindow::manageToken() { pkcs11 p11; slotid slot; pki_scard *card = NULL; pki_x509 *cert = NULL; ImportMulti *dlgi = NULL; if (!pkcs11::loaded()) return; try { if (!p11.selectToken(&slot, this)) return; ImportMulti *dlgi = new ImportMulti(this); dlgi->tokenInfo(slot); QList objects; QList ml = p11.mechanismList(slot); if (ml.count() == 0) ml << CKM_SHA1_RSA_PKCS; pk11_attlist atts(pk11_attr_ulong(CKA_CLASS, CKO_PUBLIC_KEY)); p11.startSession(slot); p11.getRandom(); objects = p11.objectList(atts); for (int j=0; j< objects.count(); j++) { card = new pki_scard(""); try { card->load_token(p11, objects[j]); card->setMech_list(ml); dlgi->addItem(card); } catch (errorEx &err) { Error(err); delete card; } card = NULL; } atts.reset(); atts << pk11_attr_ulong(CKA_CLASS, CKO_CERTIFICATE) << pk11_attr_ulong(CKA_CERTIFICATE_TYPE,CKC_X_509); objects = p11.objectList(atts); for (int j=0; j< objects.count(); j++) { cert = new pki_x509(""); try { cert->load_token(p11, objects[j]); dlgi->addItem(cert); } catch (errorEx &err) { Error(err); delete cert; } cert = NULL; } if (dlgi->entries() == 0) { tkInfo ti = p11.tokenInfo(); XCA_INFO(tr("The token '%1' did not contain any keys or certificates").arg(ti.label())); } else { dlgi->execute(true); } } catch (errorEx &err) { Error(err); } if (card) delete card; if (cert) delete cert; if (dlgi) delete dlgi; } MainWindow::~MainWindow() { ERR_free_strings(); EVP_cleanup(); OBJ_cleanup(); if (eku_nid) delete eku_nid; if (dn_nid) delete dn_nid; delete dbindex; #ifdef MDEBUG fprintf(stderr, "Memdebug:\n"); CRYPTO_mem_leaks_fp(stderr); #endif } void MainWindow::closeEvent(QCloseEvent *e) { if (dhgen) { if (!XCA_YESNO("Abort Diffie-Hellmann parameter generation?")){ e->ignore(); return; } dhgen->terminate(); } if (resolver) { delete resolver; } close_database(); QMainWindow::closeEvent(e); } QString makeSalt(void) { QString s = "T"; unsigned char rand[8]; Entropy::get(rand, sizeof rand); for (unsigned i=0; i< sizeof rand; i++) s += QString("%1").arg(rand[i]); return s; } int MainWindow::checkOldGetNewPass(Passwd &pass) { QString passHash = Settings["pwhash"]; if (!passHash.isEmpty()) { pass_info p(tr("Current Password"), tr("Please enter the current database password"), this); /* Try empty password */ if (pki_evp::sha512passwT(pass, passHash) != passHash) { /* Not the empty password, check it */ if (PwDialog::execute(&p, &pass, false) != 1) return 0; } if (pki_evp::sha512passwT(pass, passHash) != passHash) { XCA_WARN(tr("The entered password is wrong")); return 0; } } pass_info p(tr("New Password"), tr("Please enter the new password " "to encrypt your private keys in the database-file"), this); return PwDialog::execute(&p, &pass, true) != 1 ? 0 : 1; } void MainWindow::changeDbPass() { Passwd pass; XSqlQuery q; QSqlDatabase db = QSqlDatabase::database(); if (!checkOldGetNewPass(pass)) return; QString salt = makeSalt(); QString passhash = pki_evp::sha512passwT(pass, salt); QList key_list = keys->sqlSELECTpki( "SELECT item FROM private_keys WHERE ownPass=0"); try { Transaction; if (!TransBegin()) { errorEx e(tr("Transaction start failed")); Error(e); return; } foreach(pki_evp *key, key_list) { EVP_PKEY *evp = key->decryptKey(); key->set_evp_key(evp); key->encryptKey(pass.constData()); key->sqlUpdatePrivateKey(); } Settings["pwhash"] = passhash; TransCommit(); pki_evp::passHash = passhash; pki_evp::passwd = pass; } catch (errorEx &e) { Error(e); } } int MainWindow::initPass(QString dbName) { QString passhash = Settings["pwhash"]; return initPass(dbName, passhash); } static void pwhash_upgrade() { /* Start automatic update from sha512 to sha512*8000 * if the password is correct. The old sha512 hash does * start with 'S', while the new hash starts with T. */ /* Start automatic update from md5 to salted sha512*8000 * if the password is correct. The md5 hash does not * start with 'S' or 'T, but with a hex-digit */ if (pki_evp::passHash.startsWith("T")) { /* Fine, current hash function used. */ return; } if (pki_evp::sha512passwd(pki_evp::passwd, pki_evp::passHash) == pki_evp::passHash || pki_evp::md5passwd(pki_evp::passwd) == pki_evp::passHash) { QString salt = makeSalt(); pki_evp::passHash = pki_evp::sha512passwT( pki_evp::passwd, salt); } } int MainWindow::initPass(QString dbName, QString passhash) { pki_evp::passHash = QString(); QString salt, pass; int ret; pass_info p(tr("New Password"), tr("Please enter a password, " "that will be used to encrypt your private keys " "in the database:\n%1"). arg(compressFilename(dbName)), this); pki_evp::passHash = passhash; if (pki_evp::passHash.isEmpty()) { ret = PwDialog::execute(&p, &pki_evp::passwd, true, true); if (ret != 1) return ret; salt = makeSalt(); pki_evp::passHash =pki_evp::sha512passwT(pki_evp::passwd,salt); Settings["pwhash"] = pki_evp::passHash; } else { pwhash_upgrade(); ret = 0; while (pki_evp::sha512passwT(pki_evp::passwd, pki_evp::passHash) != pki_evp::passHash) { if (ret) XCA_WARN( tr("Password verify error, please try again")); p.setTitle(tr("Password")); p.setDescription(tr("Please enter the password for unlocking the database:\n%1").arg(compressFilename(dbName))); ret = PwDialog::execute(&p, &pki_evp::passwd, false, true); if (ret != 1) { pki_evp::passwd = QByteArray(); return ret; } pwhash_upgrade(); } } if (pki_evp::passwd.isNull()) pki_evp::passwd = ""; return 1; } void MainWindow::Error(const errorEx &err) { if (err.isEmpty()) return; QString msg = tr("The following error occurred:") + "\n" + err.getString(); xcaWarning box(NULL, msg); box.addButton(QMessageBox::Apply)->setText(tr("Copy to Clipboard")); box.addButton(QMessageBox::Ok); if (box.exec() == QMessageBox::Apply) { QClipboard *cb = QApplication::clipboard(); cb->setText(msg); if (cb->supportsSelection()) cb->setText(msg, QClipboard::Selection); } } void MainWindow::connNewX509(NewX509 *nx) { connect(nx, SIGNAL(genKey(QString)), keys, SLOT(newItem(QString))); connect(keys, SIGNAL(keyDone(pki_key*)), nx, SLOT(newKeyDone(pki_key*))); connect(nx, SIGNAL(showReq(pki_base*)), reqs, SLOT(showPki(pki_base*))); connect(reqs, SIGNAL(pkiChanged(pki_base*)), nx, SLOT(itemChanged(pki_base*))); } void MainWindow::importAnything(QString file) { int ret; ImportMulti *dlgi = new ImportMulti(this); QStringList failed; pki_multi *pki = probeAnything(file, &ret); if (ret) failed << file; else dlgi->addItem(pki); dlgi->execute(1, failed); delete dlgi; } pki_multi *MainWindow::probeAnything(QString file, int *ret) { if (ret) *ret = 0; pki_multi *pki = NULL; try { if (file.endsWith(".xdb") || !OpenDb::splitRemoteDbName(file).isEmpty()) { int r = init_database(file); if (ret) *ret = r; return pki; } pki = new pki_multi(); pki->probeAnything(file); } catch (errorEx &err) { Error(err); } if (pki && !pki->count()) { delete pki; pki = NULL; } if (!pki && ret) *ret = 1; return pki; } void MainWindow::exportIndex() { exportIndex(QFileDialog::getSaveFileName(this, XCA_TITLE, Settings["workingdir"], tr("Certificate Index ( index.txt )") + ";;" + tr("All files ( * )")), false); } void MainWindow::exportIndexHierarchy() { exportIndex(QFileDialog::getExistingDirectory( this, XCA_TITLE, Settings["workingdir"]), true); } int MainWindow::exportIndex(QString fname, bool hierarchy) { qDebug() << fname << hierarchy; if (fname.isEmpty()) return 1; if (certs == NULL) { open_default_db(); if (certs == NULL) return 2; } certs->writeIndex(fname, hierarchy); return 0; } void MainWindow::generateDHparamDone() { statusBar()->removeWidget(dhgenBar); errorEx e(dhgen->error); if (e.isEmpty()) XCA_INFO(tr("Diffie-Hellman parameters saved as: %1") .arg(dhgen->filename())); else Error(e); dhgen->deleteLater(); dhgen = NULL; } void MainWindow::generateDHparam() { bool ok; int bits; if (dhgen) return; bits = QInputDialog::getDouble(this, XCA_TITLE, tr("Diffie-Hellman parameters are needed for different applications, but not handled by XCA.\nPlease enter the DH parameter bits"), 1024, 1024, 4096, 0, &ok); if (!ok) return; /* * 1024: 6 sec * 2048: 38 sec * 4096: 864 sec */ Entropy::seed_rng(); try { QString fname = QString("%1/dh%2.pem").arg(homedir).arg(bits); fname = QFileDialog::getSaveFileName(this, QString(), fname, tr("All files ( * )"), NULL); if (fname == "") throw errorEx(""); dhgen = new DHgen(fname, bits); check_oom(dhgen); statusBar()->addPermanentWidget(dhgenBar, 1); dhgenBar->show(); dhgen->start(QThread::LowestPriority); connect(dhgen, SIGNAL(finished()), this, SLOT(generateDHparamDone())); } catch (errorEx &err) { Error(err); } } void MainWindow::changeEvent(QEvent *event) { if (event->type() == QEvent::LanguageChange) { retranslateUi(this); dn_translations_setup(); init_menu(); update_history_menu(); foreach(db_base *model, models) model->updateHeaders(); if (!currentDB.isEmpty()) dbindex->setText(tr("Database") + ": " + currentDB); searchEdit->setPlaceholderText(tr("Search")); } QMainWindow::changeEvent(event); } void MainWindow::keyPressEvent(QKeyEvent *e) { if (e->modifiers() != Qt::ControlModifier) { QMainWindow::keyPressEvent(e); return; } int siz = XCA_application::tableFont.pointSize(); QList views; switch (e->key()) { case Qt::Key_Plus: XCA_application::tableFont.setPointSize(siz +1); break; case Qt::Key_Minus: if (siz > 4) { XCA_application::tableFont.setPointSize(siz -1); } break; case Qt::Key_V: if (e->modifiers() == Qt::ControlModifier) { pastePem(); break; } /* FALLTHROUGH */ default: QMainWindow::keyPressEvent(e); return; } views << keyView << reqView << certView << crlView << tempView; foreach(XcaTreeView *v, views) { if (v) { v->header()->resizeSections( QHeaderView::ResizeToContents); v->reset(); } } update(); } xca-RELEASE.2.2.1/widgets/X509SuperTreeView.cpp0000644000175000017500000000232313614632167020226 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2015 Christian Hohnstaedt. * * All rights reserved. */ #include "lib/pki_x509req.h" #include "X509SuperTreeView.h" #include "MainWindow.h" #include #include #include void X509SuperTreeView::fillContextMenu(QMenu *menu, QMenu *subExport, const QModelIndex &index, QModelIndexList indexes) { pki_x509super *x = static_cast (index.internalPointer()); transform = NULL; if (indexes.size() != 1) return; subExport->addAction(tr("OpenSSL config"), this, SLOT(toOpenssl())); transform = menu->addMenu(tr("Transform")); transform->addAction(tr("Template"), this, SLOT(toTemplate())); transform->addAction(tr("Public key"), this, SLOT(extractPubkey()))->setEnabled(!x->getRefKey()); } void X509SuperTreeView::extractPubkey() { QModelIndex idx = currentIndex(); if (idx.isValid() && x509super) x509super->extractPubkey(idx); } void X509SuperTreeView::toTemplate() { QModelIndex idx = currentIndex(); if (idx.isValid() && x509super) x509super->toTemplate(idx); } void X509SuperTreeView::toOpenssl() { QModelIndex idx = currentIndex(); if (idx.isValid() && x509super) x509super->toOpenssl(idx); } xca-RELEASE.2.2.1/widgets/NewX509_ext.cpp0000644000175000017500000001667513614632167017105 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "NewX509.h" #include #include #include #include #include #include #include "MainWindow.h" #include "lib/x509v3ext.h" #include "lib/func.h" #include "lib/openssl_compat.h" x509v3ext NewX509::getBasicConstraints() { QStringList cont; x509v3ext ext; QString ca[] = { "", "CA:TRUE", "CA:FALSE" }; if (basicCA->currentIndex() > 0) { if (bcCritical->isChecked()) cont << "critical"; cont << ca[basicCA->currentIndex()]; if (basicCA->currentIndex() == 1 && !basicPath->text().isEmpty()) { cont << QString("pathlen:") + QString::number(basicPath->text().toInt()); } ext.create(NID_basic_constraints, cont.join(", "), &ext_ctx); } return ext; } x509v3ext NewX509::getSubKeyIdent() { x509v3ext ext; if (subKey->isChecked()) ext.create(NID_subject_key_identifier, "hash", &ext_ctx); return ext; } x509v3ext NewX509::getAuthKeyIdent() { x509v3ext ext; if (!authKey->isChecked() || !authKey->isEnabled()) return ext; QString x = "keyid,issuer"; ext.create(NID_authority_key_identifier, x, &ext_ctx); return ext; } x509v3ext NewX509::getKeyUsage() { QString keyusage[] = { "digitalSignature", "nonRepudiation", "keyEncipherment", "dataEncipherment", "keyAgreement", "keyCertSign", "cRLSign", "encipherOnly", "decipherOnly" }; QStringList cont; x509v3ext ext; int rows = keyUsage->count(); for (int i=0; iisItemSelected(keyUsage->item(i))) { cont << keyusage[i]; } } if (kuCritical->isChecked() && cont.count() > 0) cont.prepend("critical"); ext.create(NID_key_usage, cont.join(", "), &ext_ctx); return ext; } x509v3ext NewX509::getEkeyUsage() { QStringList cont; x509v3ext ext; int rows = ekeyUsage->count(); for (int i=0; iitem(i); //printf("rows = %d, ekeyUsage = %d, %p\n", rows, i, li); if (ekeyUsage->isItemSelected(ekeyUsage->item(i))) { cont << QString(OBJ_nid2sn(eku_nid[i])); } } if (ekuCritical->isChecked() && cont.count() > 0) cont.prepend("critical"); ext.create(NID_ext_key_usage, cont.join(", "), &ext_ctx); return ext; } x509v3ext NewX509::getSubAltName() { x509v3ext ext; QString s = subAltName->text(); if (pt == x509_req) { QStringList sn, sl = s.split(','); foreach (QString str, sl) { if (str != "email:copy") sn += str; } s = sn.join(","); } ext.create(NID_subject_alt_name, s, &ext_ctx); return ext; } x509v3ext NewX509::getIssAltName() { x509v3ext ext; QString s = issAltName->text(); if (pt == x509_req) { QStringList sn, sl = s.split(','); foreach (QString str, sl) { if (str != "issuer:copy") sn += str; } s = sn.join(","); } ext.create(NID_issuer_alt_name, s, &ext_ctx); return ext; } x509v3ext NewX509::getCrlDist() { x509v3ext ext; if (!crlDist->text().isEmpty()) { ext.create(NID_crl_distribution_points, crlDist->text(), &ext_ctx); } return ext; } QString NewX509::getAuthInfAcc_string() { QString rval=""; QString aia_txt = authInfAcc->text(); aia_txt = aia_txt.trimmed(); if (!aia_txt.isEmpty()) { rval = OBJ_nid2sn(aia_nid[aiaOid->currentIndex()]); rval += ";" + aia_txt; } openssl_error(); return rval; } void NewX509::setAuthInfAcc_string(QString aia_txt) { int nid, idx; idx = aia_txt.indexOf(';'); if (idx == -1) return; nid = OBJ_txt2nid(CCHAR(aia_txt.left(idx))); for (int i=0; i < aia_nid.count(); i++) { if (aia_nid[i] == nid) { aiaOid->setCurrentIndex(i); } } authInfAcc->setText(aia_txt.mid(idx +1)); } x509v3ext NewX509::getAuthInfAcc() { x509v3ext ext; QString aia_txt = getAuthInfAcc_string(); if (!aia_txt.isEmpty()) { ext.create(NID_info_access, aia_txt, &ext_ctx); } return ext; } extList NewX509::getAdvanced() { QString conf_str; CONF *conf; BIO *bio; extList elist; long err_line=0; STACK_OF(X509_EXTENSION) **sk, *sk_tmp = NULL; const STACK_OF(X509_EXTENSION) *csk; const char *ext_name = "default"; int ret, start; if (nconf_data->isReadOnly()) { conf_str = v3ext_backup; } else { conf_str = nconf_data->toPlainText(); } if (conf_str.isEmpty()) return elist; QByteArray cs = conf_str.toLatin1(); bio = BIO_from_QByteArray(cs); if (!bio) return elist; conf = NCONF_new(NULL); ret = NCONF_load_bio(conf, bio, &err_line); if (ret != 1) { BIO_free(bio); openssl_error(tr("Configfile error on line %1\n"). arg(err_line)); return elist; } if (ext_ctx.subject_cert) { csk = X509_get0_extensions(ext_ctx.subject_cert); start = csk? sk_X509_EXTENSION_num(csk): 0; } else { sk = &sk_tmp; start = 0; } X509V3_set_nconf(&ext_ctx, conf); if (ext_ctx.subject_cert) { if (X509V3_EXT_add_nconf(conf, &ext_ctx, (char *) ext_name, ext_ctx.subject_cert)) openssl_error(); csk = X509_get0_extensions(ext_ctx.subject_cert); } else { if (X509V3_EXT_add_nconf_sk(conf, &ext_ctx, (char *)ext_name, sk)) openssl_error(); csk = *sk; } elist.setStack(csk, start); if (!ext_ctx.subject_cert) sk_X509_EXTENSION_pop_free(sk_tmp, X509_EXTENSION_free); X509V3_set_nconf(&ext_ctx, NULL); NCONF_free(conf); BIO_free(bio); openssl_error(); return elist; } extList NewX509::getGuiExt() { extList ne; ne << getBasicConstraints(); ne << getSubKeyIdent(); ne << getAuthKeyIdent(); ne << getKeyUsage(); ne << getEkeyUsage(); ne << getSubAltName(); ne << getIssAltName(); ne << getCrlDist(); ne << getAuthInfAcc(); openssl_error(); return ne; } extList NewX509::getAllExt() { extList ne; ne = getGuiExt(); ne += getAdvanced(); if (!Settings["disable_netscape"]) ne += getNetscapeExt(); return ne; } extList NewX509::getNetscapeExt() { QString certTypeList[] = { "client", "server", "email", "objsign", "sslCA", "emailCA", "objCA" }; QStringList cont; x509v3ext ext; extList el; int rows = nsCertType->count(); for (int i=0; iisItemSelected(nsCertType->item(i))) { cont << certTypeList[i]; } } el << ext.create(NID_netscape_cert_type, cont.join(", "), &ext_ctx); el << ext.create_ia5(NID_netscape_base_url, nsBaseUrl->text(), &ext_ctx); el << ext.create_ia5(NID_netscape_revocation_url, nsRevocationUrl->text(), &ext_ctx); el << ext.create_ia5(NID_netscape_ca_revocation_url, nsCARevocationUrl->text(), &ext_ctx); el << ext.create_ia5(NID_netscape_renewal_url, nsRenewalUrl->text(), &ext_ctx); el << ext.create_ia5(NID_netscape_ca_policy_url, nsCaPolicyUrl->text(), &ext_ctx); el << ext.create_ia5(NID_netscape_ssl_server_name, nsSslServerName->text(), &ext_ctx); el << ext.create_ia5(NID_netscape_comment, nsComment->text(), &ext_ctx); return el; } void NewX509::initCtx(pki_x509 *subj, pki_x509 *iss, pki_x509req *req) { X509 *s = NULL, *s1 = NULL; X509_REQ *r = NULL; if (subj) s1 = subj->getCert(); if (iss) s = iss->getCert(); if (req) r = req->getReq(); X509V3_set_ctx(&ext_ctx, s, s1, r, NULL, 0); } extList NewX509::getExtDuplicates() { int i, start, cnt, n1, n; x509v3ext e; const STACK_OF(X509_EXTENSION) *sk; extList el_dup, el; QString olist; if (ext_ctx.subject_cert) { sk = X509_get0_extensions(ext_ctx.subject_cert); } else return el_dup; el.setStack(sk, 0); cnt = el.size(); for (start=0; start < cnt; start++) { n1 = el[start].nid(); for (i = start+1; i #include #include #include #include "MainWindow.h" #include "OpenDb.h" #include "PwDialog.h" #include "lib/base.h" #define NUM_PARAM 6 #define NUM_PARAM_LEAST 5 QString OpenDb::lastRemote; DbMap OpenDb::getDatabases() { QStringList list = QSqlDatabase::drivers(); DbMap databases; databases["QPSQL7"] = "PostgreSQL"; databases["QMYSQL3"] = "MySQL / MariaDB"; databases["QODBC3"] = "Open Database Connectivity (ODBC)"; foreach (QString driver, databases.keys()) { if (!list.contains(driver)) databases.take(driver); } qDebug() << "Available Remote DB Drivers: " << databases.size(); foreach (QString driver, databases.keys()) qDebug() << driver; return databases; } bool OpenDb::hasSqLite() { return QSqlDatabase::isDriverAvailable("QSQLITE"); } bool OpenDb::hasRemoteDrivers() { return getDatabases().size() > 0; } void OpenDb::driver_selected() { if (getDbType() == "QODBC3") dbName_label->setText("DSN"); else dbName_label->setText(tr("Database name")); } DbMap OpenDb::splitRemoteDbName(QString db) { static const char * const names[NUM_PARAM] = { "all", "user", "host", "type", "dbname", "prefix" }; DbMap map; QRegExp rx("(.*)@(.*)/(.*):([^#]*)#?([^#]*)"); int i, pos = rx.indexIn(db); QStringList list = rx.capturedTexts(); if (pos != -1 && list.size() >= NUM_PARAM_LEAST) { if (list.size() == NUM_PARAM_LEAST) list[NUM_PARAM_LEAST] = ""; list[NUM_PARAM_LEAST] = list[NUM_PARAM_LEAST].toLower(); for (i=0; i < NUM_PARAM; i++) { map[names[i]] = list[i]; } qDebug() << "SPLIT DB:" << map; } return map; } bool OpenDb::isRemoteDB(QString db) { DbMap remote_param = splitRemoteDbName(db); return remote_param.size() == NUM_PARAM; } void OpenDb::fillDbDropDown(QString current) { DbMap databases = getDatabases(); dbType->clear(); foreach(QString driver, databases.keys()) { dbType->insertItem(0, databases[driver], driver); if (driver == current) dbType->setCurrentIndex(0); } if (dbType->count() == 1) { dbType->setCurrentIndex(0); dbType->setEnabled(false); } } void OpenDb::setupDatabaseName(QString db) { if (!isRemoteDB(db)) return; DbMap remote_param = splitRemoteDbName(db); userName->setText(remote_param["user"]); hostName->setText(remote_param["host"]); dbName->setText(remote_param["dbname"]); prefix->setText(remote_param["prefix"]); fillDbDropDown(remote_param["type"]); } OpenDb::OpenDb(QWidget *parent, QString db) :QDialog(parent) { setupUi(this); setWindowTitle(XCA_TITLE); fillDbDropDown(); if (isRemoteDB(db)) { setupDatabaseName(db); sqlite = false; show_connection_settings = false; } else if (hasSqLite() && !db.isEmpty()) { dbName->setText(db); sqlite = true; show_connection_settings = false; } else { sqlite = false; show_connection_settings = true; } driver_selected(); connect(dbType, SIGNAL(currentIndexChanged(int)), this, SLOT(driver_selected())); } QString OpenDb::getDbType() const { return sqlite ? hasSqLite() ? QString("QSQLITE") : QString("") : dbType->itemData(dbType->currentIndex()).toString(); } void OpenDb::checkSqLite() { if (hasSqLite()) return; XCA_WARN(tr("No SqLite3 driver available. Please install the qt-sqlite package of your distribution")); } void OpenDb::openDatabase() const { QString type = getDbType(); QString pass = dbPassword->text(); int round = 0; if (type.isEmpty()) { checkSqLite(); return; } if (sqlite) { QFile f(dbName->text()); if (!QFile::exists(dbName->text())) { f.open(QIODevice::WriteOnly); f.setPermissions(QFile::WriteOwner | QFile::ReadOwner); f.close(); } else { QString msg = QString( "The file '%1' is not an XCA database") .arg(f.fileName()); if (f.size() != 0) { f.open(QIODevice::ReadOnly); QByteArray ba = f.read(6); qDebug() << "FILE:" << f.fileName() << ba; if (ba != "SQLite") { XCA_WARN(msg); return; } } } } while (true) { QString connName = QSqlDatabase::addDatabase(type).connectionName(); if (_openDatabase(connName, pass)) break; if (pass.size() > 0 || round > 0) MainWindow::dbSqlError(); Passwd pwd; pass_info p(XCA_TITLE, tr("Please enter the password to access the database server %2 as user '%1'.") .arg(userName->text()).arg(hostName->text())); QSqlDatabase::removeDatabase(connName); if (PwDialog::execute(&p, &pwd) != 1) break; pass = QString(pwd); round++; } } bool OpenDb::_openDatabase(QString connName, QString pass) const { QSqlDatabase db = QSqlDatabase::database(connName, false); QStringList hostport = hostName->text().split(":"); db.setDatabaseName(dbName->text()); if (hostport.size() > 0) db.setHostName(hostport[0]); if (hostport.size() > 1) db.setPort(hostport[1].toInt()); db.setUserName(userName->text()); db.setPassword(pass); XSqlQuery::setTablePrefix(prefix->text().toLower()); db.open(); QSqlError e = db.lastError(); if (!e.isValid() || e.type() != QSqlError::ConnectionError || db.isOpen()) { bool hasTrans = QSqlDatabase::database() .driver()->hasFeature(QSqlDriver::Transactions); DbTransaction::setHasTransaction(hasTrans); if (!hasTrans) { XCA_WARN(tr("The database driver does not support transactions. This may happen if the client and server have different versions. Continue with care.")); } /* This is MySQL specific. Execute it always, because * dbType() could return "ODBC" but connect to MariaDB */ XSqlQuery q("SET SESSION SQL_MODE='ANSI'"); return true; } XSqlQuery::clearTablePrefix(); db.close(); return false; }; QString OpenDb::getDescriptor() const { QString pref = prefix->text(); if (!pref.isEmpty()) pref = QString("#%1").arg(pref.toLower()); return sqlite ? dbName->text() : QString("%1@%2/%3:%4%5") .arg(userName->text()) .arg(hostName->text()) .arg(getDbType()) .arg(dbName->text()) .arg(pref); } void OpenDb::setLastRemote(QString db) { if (isRemoteDB(db)) lastRemote = db; } int OpenDb::exec() { if (!hasSqLite() && !hasRemoteDrivers()) return 0; if (!show_connection_settings) return 1; setupDatabaseName(lastRemote); bool ret = QDialog::exec(); if (ret && !sqlite) lastRemote = getDescriptor(); return ret; } xca-RELEASE.2.2.1/widgets/XcaTreeView.cpp0000644000175000017500000002421213614632167017256 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2006 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #include "XcaHeaderView.h" #include "XcaTreeView.h" #include "XcaProxyModel.h" #include "MainWindow.h" #include #include #include #include #include #include XcaTreeView::XcaTreeView(QWidget *parent) :QTreeView(parent) { mainwin = NULL; setHeader(new XcaHeaderView()); setAlternatingRowColors(true); setSelectionMode(QAbstractItemView::ExtendedSelection); setEditTriggers(QAbstractItemView::EditKeyPressed); setRootIsDecorated(false); setUniformRowHeights(true); setDragEnabled(true); //setAnimated(true); proxy = new XcaProxyModel(this); setSortingEnabled(true); proxy->setDynamicSortFilter(true); sortByColumn(0, Qt::AscendingOrder); basemodel = NULL; connect(header(), SIGNAL(sectionHandleDoubleClicked(int)), this, SLOT(resizeColumnToContents(int))); connect(this, SIGNAL(doubleClicked(const QModelIndex &)), this, SLOT(doubleClick(const QModelIndex &))); #if (QT_VERSION >= QT_VERSION_CHECK(5, 0, 0)) header()->setSectionsClickable(true); #else header()->setClickable(true); #endif throttle.setSingleShot(true); connect(&throttle, SIGNAL(timeout()), this, SLOT(columnsResize())); connect(&throttle, SIGNAL(timeout()), proxy, SLOT(invalidate())); setFocusPolicy(Qt::StrongFocus); setExpandsOnDoubleClick(false); } XcaTreeView::~XcaTreeView() { delete proxy; } void XcaTreeView::contextMenuEvent(QContextMenuEvent * e) { QModelIndex index; if (!basemodel) return; index = indexAt(e->pos()); showContextMenu(e, getIndex(index)); } void XcaTreeView::showHideSections() { if (!basemodel) return; int i, max = basemodel->columnCount(QModelIndex()); basemodel->colResizeStart(); for (i=0; icolumnHidden(i)) header()->hideSection(i); else header()->showSection(i); } basemodel->colResizeEnd(); columnsResize(); } void XcaTreeView::setMainwin(MainWindow *mw, QLineEdit *filter) { mainwin = mw; connect(filter, SIGNAL(textChanged(const QString &)), this, SLOT(setFilter(const QString&))); } void XcaTreeView::setModel(QAbstractItemModel *model) { QByteArray ba; basemodel = (db_base *)model; proxy->setSourceModel(model); QTreeView::setModel(proxy); if (basemodel) { connect(basemodel, SIGNAL(resetHeader()), header(), SLOT(resetMoves())); connect(basemodel, SIGNAL(resetHeader()), this, SLOT(columnsResize())); connect(header(), SIGNAL(sectionMoved(int,int,int)), this, SLOT(sectionMoved(int,int,int))); connect(header(), SIGNAL(sectionResized(int,int,int)), basemodel, SLOT(sectionResized(int,int,int))); connect(header(), SIGNAL(sortIndicatorChanged(int,Qt::SortOrder)), basemodel, SLOT(sortIndicatorChanged(int,Qt::SortOrder))); connect(basemodel, SIGNAL(columnsContentChanged()), this, SLOT(columnsChanged())); basemodel->initHeaderView(header()); } showHideSections(); } void XcaTreeView::headerEvent(QContextMenuEvent *e, int col) { contextMenu(e, NULL, col); } QModelIndex XcaTreeView::getIndex(const QModelIndex &index) { return proxy->mapToSource(index); } QModelIndex XcaTreeView::getProxyIndex(const QModelIndex &index) { return proxy->mapFromSource(index); } QModelIndexList XcaTreeView::getSelectedIndexes() { QModelIndexList list; QItemSelection indexes = selectionModel()->selection(); list = proxy->mapSelectionToSource(indexes).indexes(); /* Reduce list to column 0 items */ QModelIndexList::iterator it = list.begin(); while (it != list.end()) { if ((*it).column() != 0) it = list.erase(it); else ++it; } return list; } void XcaTreeView::columnsChanged() { throttle.start(200); } void XcaTreeView::columnsResize() { int cnt, i; if (!basemodel) return; cnt = basemodel->columnCount(QModelIndex()); basemodel->colResizeStart(); for (i=0; ifixedHeaderSize(i)) { resizeColumnToContents(i); } } basemodel->colResizeEnd(); } void XcaTreeView::sectionMoved(int, int, int) { int cnt = header()->count(); for (int i=0; isetVisualIndex(i, header()->visualIndex(i)); } } QModelIndex XcaTreeView::currentIndex() { QModelIndex idx = QTreeView::currentIndex(); idx = getIndex(idx); idx = basemodel->index(idx.row(), 0, idx.parent()); if (!idx.isValid()) { QModelIndexList l = getSelectedIndexes(); if (l.size() > 0) idx = l[0]; } return idx; } void XcaTreeView::editIdx() { edit(getProxyIndex(currentIndex())); } void XcaTreeView::setFilter(const QString &pattern) { pki_base::limitPattern = QRegExp(pattern, Qt::CaseInsensitive, QRegExp::Wildcard); // Only to tell the model about the changed filter proxy->setFilterFixedString(pattern); } void XcaTreeView::deleteItems(void) { QModelIndex index; QModelIndexList indexes = getSelectedIndexes(); QString items, msg; int count = 0; pki_base *pki = NULL; if (indexes.count() == 0 || !basemodel) return; foreach(index, indexes) { pki = static_cast(index.internalPointer()); items += "'" + pki->getIntName() + "' "; count++; } Transaction; if (!TransBegin()) return; if (count == 1) msg = pki->getMsg(pki_base::msg_delete).arg(pki->getIntName()); else msg = pki->getMsg(pki_base::msg_delete_multi).arg(count). arg(items); if (!XCA_OKCANCEL(msg)) return; foreach(index, indexes) { basemodel->deletePKI(index); } TransCommit(); } void XcaTreeView::storeItems(void) { QModelIndexList indexes = getSelectedIndexes(); if (basemodel) { try { switch (indexes.size()) { case 0: return; case 1: basemodel->store(indexes[0]); return; default: basemodel->store(getSelectedIndexes()); return; } } catch (errorEx &err) { MainWindow::Error(err); } } } void XcaTreeView::showItems(void) { if (basemodel) { QModelIndexList indexes = getSelectedIndexes(); foreach(QModelIndex index, indexes) basemodel->showItem(index); } } void XcaTreeView::newItem(void) { if (basemodel) basemodel->newItem(); } void XcaTreeView::load(void) { if (basemodel) basemodel->load(); } void XcaTreeView::doubleClick(const QModelIndex &m) { if (basemodel) basemodel->showItem(getIndex(m)); } void XcaTreeView::editComment(void) { if (basemodel) basemodel->editComment(currentIndex()); } void XcaTreeView::pem2clipboard(void) { if (basemodel) basemodel->pem2clipboard(getSelectedIndexes()); } void XcaTreeView::headerDetails(void) { if (curr_hd && curr_hd->id > 0 && mainwin) mainwin->getResolver()->searchOid(QString::number(curr_hd->id)); } void XcaTreeView::columnRemove(void) { if (curr_hd->action) curr_hd->action->setChecked(false); } void XcaTreeView::contextMenu(QContextMenuEvent *e, QMenu *parent, int col) { int shown = 0; tipMenu *menu, *dn, *v3ext, *current, *v3ns; QAction *a, *sep; dbheader *hd; dbheaderList allHeaders = basemodel->getAllHeaders(); menu = new tipMenu(QString(), mainwin); dn = new tipMenu(tr("Subject entries"), mainwin); v3ext = new tipMenu(tr("X509v3 Extensions"), mainwin); v3ns = new tipMenu(tr("Netscape extensions"), mainwin); menu->addAction(tr("Reset"), basemodel, SLOT(columnResetDefaults())); if (col >= 0 && col < allHeaders.size()) { curr_hd = allHeaders[col]; menu->addAction(tr("Hide Column"), this,SLOT(columnRemove())); if (curr_hd->id > 0) menu->addAction(tr("Details"), this, SLOT(headerDetails())); } else { curr_hd = NULL; } sep = menu->addSeparator(); foreach(hd, allHeaders) { switch (hd->type) { case dbheader::hd_x509name: current = dn; break; case dbheader::hd_v3ext: current = v3ext; break; case dbheader::hd_v3ext_ns: if (Settings["disable_netscape"]) continue; current = v3ns; break; default: current = menu; break; } a = current->addAction(hd->getName()); a->setCheckable(true); a->setChecked(hd->show); a->setToolTip(hd->getTooltip()); hd->action = a; } if (!dn->isEmpty() || !v3ext->isEmpty()) menu->insertSeparator(sep); if (!dn->isEmpty()) menu->insertMenu(sep, dn); else delete dn; if (!v3ext->isEmpty()) { if (!v3ns->isEmpty()) { v3ext->addSeparator(); v3ext->addMenu(v3ns); } else { delete v3ns; } menu->insertMenu(sep, v3ext); } else { delete v3ext; delete v3ns; } if (parent) { parent->addSeparator(); parent->addMenu(menu)->setText(tr("Columns")); parent->exec(e->globalPos()); } else { menu->exec(e->globalPos()); } foreach(hd, allHeaders) { if (hd->action) hd->show = hd->action->isChecked(); shown += hd->show ? 1 : 0; hd->action = NULL; } if (!shown) allHeaders[0]->show = true; delete menu; if (parent) delete parent; showHideSections(); } void XcaTreeView::showContextMenu(QContextMenuEvent *e, const QModelIndex &idx) { QMenu *menu = new QMenu(mainwin); QMenu *subExport = NULL; QModelIndexList indexes = getSelectedIndexes(); QModelIndex index; index = idx.isValid() ? idx : currentIndex(); menu->addAction(tr("New"), this, SLOT(newItem())); menu->addAction(tr("Import"), this, SLOT(load())); menu->addAction(tr("Paste PEM data"), mainwin, SLOT(pastePem()), QKeySequence::Paste); if (indexes.size() == 1) { menu->addAction(tr("Rename"), this, SLOT(editIdx())); menu->addAction(tr("Properties"), this, SLOT(editComment())); } if (indexes.size() > 0) { menu->addAction(tr("Delete"), this, SLOT(deleteItems()), QKeySequence::Delete); subExport = menu->addMenu(tr("Export")); subExport->addAction(tr("Clipboard"), this, SLOT(pem2clipboard()), QKeySequence::Copy); subExport->addAction(tr("File"), this, SLOT(storeItems()), QKeySequence::Save); } fillContextMenu(menu, subExport, index, indexes); contextMenu(e, menu, -1); } void XcaTreeView::keyPressEvent(QKeyEvent *event) { switch (event->key()) { case Qt::Key_Backspace: case Qt::Key_Delete: deleteItems(); return; case Qt::Key_Enter: case Qt::Key_Return: if (state() != QAbstractItemView::EditingState) showItems(); return; case Qt::Key_F2: editIdx(); return; case Qt::Key_Escape: clearSelection(); return; } if (event->matches(QKeySequence::Save)) { storeItems(); return; } if (event->matches(QKeySequence::Copy)) { pem2clipboard(); return; } QTreeView::keyPressEvent(event); } xca-RELEASE.2.2.1/widgets/CertDetail.h0000644000175000017500000000134513614632167016557 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __CERTDETAIL_H #define __CERTDETAIL_H #include "ui_CertDetail.h" #include "lib/pki_x509req.h" #include "lib/pki_x509.h" class pki_x509; class CertDetail: public QDialog, public Ui::CertDetail { Q_OBJECT bool showConf; QVariant keySqlId, issuerSqlId; QString conf, exts; QLabel *labelFromAsn1String(ASN1_STRING *s); void setX509super(pki_x509super *x); pki_key *myPubKey; public: CertDetail(QWidget *parent); ~CertDetail(); void setCert(pki_x509 *cert); void setReq(pki_x509req *req); private slots: void on_showExt_clicked(); void itemChanged(pki_base *pki); void showPubKey(); }; #endif xca-RELEASE.2.2.1/widgets/XcaTreeView.h0000644000175000017500000000336113614632167016725 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2006 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __XCATREEVIEW_H #define __XCATREEVIEW_H #include #include #include #include #include #include "lib/db_base.h" class XcaTreeView: public QTreeView { Q_OBJECT dbheader *curr_hd; QTimer throttle; protected: db_base *basemodel; QSortFilterProxyModel *proxy; MainWindow *mainwin; public: XcaTreeView(QWidget *parent = 0); virtual ~XcaTreeView(); void contextMenuEvent(QContextMenuEvent *e); virtual void setModel(QAbstractItemModel *model=NULL); void setMainwin(MainWindow *mw, QLineEdit *filter); QModelIndex getIndex(const QModelIndex &index); QModelIndex getProxyIndex(const QModelIndex &index); QModelIndexList getSelectedIndexes(); void headerEvent(QContextMenuEvent *e, int col); QModelIndex currentIndex(); void showContextMenu(QContextMenuEvent *e, const QModelIndex &index); virtual void fillContextMenu(QMenu *menu, QMenu *subExport, const QModelIndex &index, QModelIndexList indexes) { (void)menu; (void)subExport; (void)index; (void)indexes; } void contextMenu(QContextMenuEvent *e, QMenu *parent = NULL, int sect = -1); void keyPressEvent(QKeyEvent *event); public slots: void showHideSections(); void sectionMoved(int idx, int oldI, int newI); void columnsResize(); void editIdx(); void setFilter(const QString &pattern); void deleteItems(void); void storeItems(void); void showItems(void); void newItem(void); void doubleClick(const QModelIndex &m); void load(void); void pem2clipboard(void); void headerDetails(void); void columnRemove(void); void columnsChanged(void); void editComment(void); }; #endif xca-RELEASE.2.2.1/widgets/distname.cpp0000644000175000017500000000406613614632167016701 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #include "distname.h" #include #include #include #include "lib/x509name.h" #include "lib/db_x509super.h" #include "lib/base.h" #include "clicklabel.h" #include "MainWindow.h" DistName::DistName(QWidget* parent) : QWidget(parent) { DistNameLayout = new QGridLayout(); DistNameLayout->setAlignment(Qt::AlignTop); DistNameLayout->setSpacing(6); DistNameLayout->setMargin(11); QGridLayout *g = new QGridLayout(); g->setAlignment(Qt::AlignTop); g->setSpacing(6); g->setMargin(11); QVBoxLayout *v = new QVBoxLayout(this); v->setSpacing(6); v->setMargin(11); v->addLayout(DistNameLayout); v->addStretch(); v->addLayout(g); rfc2253 = new QLineEdit(this); rfc2253->setReadOnly(true); g->addWidget(new QLabel(QString("RFC 2253:"), this), 0, 0); g->addWidget(rfc2253, 0, 1); namehash = new QLineEdit(this); namehash->setReadOnly(true); g->addWidget(new QLabel(QString("Hash:"), this), 1, 0); g->addWidget(namehash, 1, 1); } void DistName::setX509name(const x509name &n) { DoubleClickLabel *l1; QLabel *l2; QStringList sl; for (int i=0; isetTextFormat(Qt::PlainText); l1->setText(label); l1->setClickText(sl[1]); if (l1->text().isEmpty()) l1->setText(sl[0]); l2->setText(sl[2]); l1->setToolTip(QString("[%1] %2").arg(sl[0]).arg(toolt)); l2->setToolTip(sl[3]); connect(l1, SIGNAL(doubleClicked(QString)), MainWindow::getResolver(), SLOT(searchOid(QString))); DistNameLayout->addWidget(l1, i, 0); DistNameLayout->addWidget(l2, i, 1); } rfc2253->setText(n.oneLine(XN_FLAG_RFC2253)); rfc2253->setCursorPosition(0); namehash->setText(n.hash()); updateGeometry(); } xca-RELEASE.2.2.1/widgets/kvView.cpp0000644000175000017500000001325013614632167016343 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2010 Christian Hohnstaedt. * * All rights reserved. */ #include "lib/func.h" #include "widgets/kvView.h" #include #include QWidget *comboDelegate::createEditor(QWidget *parent, const QStyleOptionViewItem &, const QModelIndex &) const { QComboBox *editor = new QComboBox(parent); editor->addItems(keys); return editor; } void comboDelegate::setEditorData(QWidget *editor, const QModelIndex &index) const { QString v = index.model()->data(index, Qt::EditRole).toString(); QComboBox *c = static_cast(editor); c->setCurrentIndex(c->findText(v)); } void comboDelegate::setModelData(QWidget *editor, QAbstractItemModel *model, const QModelIndex &index) const { QComboBox *c = static_cast(editor); model->setData(index, c->currentText(), Qt::EditRole); } QWidget *lineDelegate::createEditor(QWidget *parent, const QStyleOptionViewItem &, const QModelIndex &) const { return new QLineEdit(parent); } void lineDelegate::setEditorData(QWidget *editor, const QModelIndex &index) const { QString v, k; v = index.model()->data(index, Qt::EditRole).toString(); QModelIndex key = index.sibling(index.row(), 0); QLineEdit *l = static_cast(editor); l->setText(v); if (key.isValid()) { k = key.model()->data(key, Qt::DisplayRole).toString(); emit setupLineEdit(k, l); } if (infoLabel) infoLabel->setText(k + ": " + l->toolTip()); } void lineDelegate::setModelData(QWidget *editor, QAbstractItemModel *model, const QModelIndex &index) const { QLineEdit *l = static_cast(editor); model->setData(index, l->text(), Qt::EditRole); } kvmodel::kvmodel(QStringList &heads) { header = heads; myCols = heads.size(); } QStringList kvmodel::getRow(int i) { QStringList sl; sl << items[i*myCols] << items[i *myCols +1]; return sl; } void kvmodel::addRow(const QStringList &newrow) { int row = rowCount(QModelIndex()); beginInsertRows(QModelIndex(), row, row); for (int i = 0; i= newrow.size()) items << QString(); else items << newrow[i].trimmed(); } endInsertRows(); } QVariant kvmodel::data(const QModelIndex &index, int role) const { int id = index.internalId(); QString s = items[id]; switch (role) { case Qt::EditRole: case Qt::DisplayRole: return QVariant(s); } return QVariant(); } QVariant kvmodel::headerData(int section, Qt::Orientation orientation, int role) const { if (role == Qt::DisplayRole) { if (orientation == Qt::Horizontal) return QVariant(header[section]); if (orientation == Qt::Vertical) return QVariant(section); } return QVariant(); } bool kvmodel::insertRows(int row, int count, const QModelIndex &) { beginInsertRows(QModelIndex(), row, row+count-1); for (int i=0; i< count *myCols; i++) { items.insert(row*myCols, QString()); } endInsertRows(); return true; } bool kvmodel::removeRows(int row, int count, const QModelIndex &) { beginRemoveRows(QModelIndex(), row, row+count-1); for (int i=0; i< count*myCols; i++) { items.removeAt(row*myCols); } endRemoveRows(); return true; } bool kvmodel::setData(const QModelIndex &index, const QVariant &value, int role) { if (index.isValid() && role == Qt::EditRole) { items[index.internalId()] = value.toString().trimmed(); emit dataChanged(index, index); return true; } return false; } void kvmodel::moveRow(int oldi, int newi) { QStringList line = items.mid(oldi*myCols, myCols); removeRows(oldi, 1); insertRows(newi, 1); for (int i=0; isetDefaultSectionSize(200); horizontalHeader()->setStretchLastSection(true); #if (QT_VERSION >= QT_VERSION_CHECK(5, 0, 0)) verticalHeader()->setSectionsMovable(true); #else verticalHeader()->setMovable(true); #endif verticalHeader()->setDefaultSectionSize(24); setEditTriggers(QAbstractItemView::AllEditTriggers); connect(verticalHeader(), SIGNAL(sectionMoved(int,int,int)), this, SLOT(moveRow(int,int,int))); infoLabel = NULL; initLineDelegate(); } void kvView::initCols(QStringList &heads) { QAbstractItemModel *m = model(); setModel(new kvmodel(heads)); delete m; } kvView::~kvView() { delete model(); } void kvView::initLineDelegate(int col) { lineDelegate *d = new lineDelegate(infoLabel, this); setItemDelegateForColumn(col, d); connect(static_cast(d), SIGNAL(closeEditor(QWidget *, QAbstractItemDelegate::EndEditHint)), this, SLOT(editorExited())); } void kvView::setKeys(const QStringList &k, int col) { if (!col) keys0 = k; comboDelegate *d = new comboDelegate(k, this); setItemDelegateForColumn(col, d); } void kvView::moveRow(int, int oldi, int newi) { static int moving = 0; if (moving) return; moving = 1; verticalHeader()->moveSection(newi, oldi); static_cast(model())->moveRow(oldi, newi); repaint(); moving = 0; } void kvView::addRow(const QStringList &newrow) { int max = MIN(model()->columnCount(QModelIndex()), newrow.size()); for (int i = 0; i(itemDelegateForColumn(i))->addKey(key); } static_cast(model())->addRow(newrow); } void kvView::addKvRow() { QString k; if (keys0.count() > 0) k = keys0[rowCount() % keys0.count()]; addRow(QStringList(k)); } void kvView::deleteCurrentRow() { model()->removeRows(currentIndex().row(), 1, QModelIndex()); } void kvView::editorExited() { if (infoLabel) infoLabel->clear(); } xca-RELEASE.2.2.1/widgets/ReqTreeView.cpp0000644000175000017500000000227513614632167017277 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2015 Christian Hohnstaedt. * * All rights reserved. */ #include "lib/pki_x509req.h" #include "ReqTreeView.h" #include "MainWindow.h" #include #include #include void ReqTreeView::fillContextMenu(QMenu *menu, QMenu *subExport, const QModelIndex &index, QModelIndexList indexes) { X509SuperTreeView::fillContextMenu(menu, subExport, index, indexes); if (indexes.size() != 1) return; pki_x509req *req = static_cast(index.internalPointer()); menu->addAction(tr("Sign"), this, SLOT(signReq())); if (req->getDone()) menu->addAction(tr("Unmark signed"), this, SLOT(unmarkSigned())); else menu->addAction(tr("Mark signed"), this, SLOT(markSigned())); if (transform) { transform->addAction(tr("Similar Request"), this, SLOT(toRequest())); } } void ReqTreeView::toRequest() { if (reqs) reqs->toRequest(currentIndex()); } void ReqTreeView::signReq() { if (reqs) reqs->signReq(currentIndex()); } void ReqTreeView::markSigned() { if (reqs) reqs->setSigned(currentIndex(), true); } void ReqTreeView::unmarkSigned() { if (reqs) reqs->setSigned(currentIndex(), false); } xca-RELEASE.2.2.1/widgets/CrlDetail.cpp0000644000175000017500000000377413614632167016745 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2012 Christian Hohnstaedt. * * All rights reserved. */ #include "CrlDetail.h" #include "MainWindow.h" #include "distname.h" #include "clicklabel.h" #include "RevocationList.h" #include "OpenDb.h" #include "lib/pki_crl.h" #include #include #include CrlDetail::CrlDetail(MainWindow *mainwin) :QDialog(mainwin) { mw = mainwin; setupUi(this); setWindowTitle(XCA_TITLE); image->setPixmap(*MainWindow::revImg); issuerSqlId = QVariant(); } void CrlDetail::setCrl(pki_crl *crl) { pki_x509 *iss; x509v3ext e1, e2; iss = crl->getIssuer(); signCheck->disableToolTip(); signCheck->setClickText(crl->getSigAlg()); if (iss != NULL) { issuerIntName->setText(iss->getIntName()); issuerIntName->setClickText(iss->getSqlItemId().toString()); issuerIntName->setGreen(); if (crl->verify(iss)) { signCheck->setText(crl->getSigAlg()); signCheck->setGreen(); } else { signCheck->setText(tr("Failed")); signCheck->setRed(); } issuerSqlId = iss->getSqlItemId(); } else { issuerIntName->setText(tr("Unknown signer")); issuerIntName->setDisabled(true); issuerIntName->disableToolTip(); signCheck->setText(tr("Verification not possible")); signCheck->setDisabled(true); } connect(signCheck, SIGNAL(doubleClicked(QString)), MainWindow::getResolver(), SLOT(searchOid(QString))); descr->setText(crl->getIntName()); lUpdate->setText(crl->getLastUpdate().toPretty()); lUpdate->setToolTip(crl->getLastUpdate().toPrettyGMT()); nUpdate->setText(crl->getNextUpdate().toPretty()); nUpdate->setToolTip(crl->getNextUpdate().toPrettyGMT()); version->setText((++crl->getVersion())); issuer->setX509name(crl->getSubject()); RevocationList::setupRevocationView(certList, crl->getRevList(), iss); v3extensions->document()->setHtml(crl->printV3ext()); comment->setPlainText(crl->getComment()); } void CrlDetail::itemChanged(pki_base *pki) { if (pki->getSqlItemId() == issuerSqlId) issuerIntName->setText(pki->getIntName()); } xca-RELEASE.2.2.1/widgets/RevocationList.cpp0000644000175000017500000001312013614632167020031 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2015 Christian Hohnstaedt. * * All rights reserved. */ #include "RevocationList.h" #include "MainWindow.h" #include "lib/asn1int.h" #include "lib/pki_x509.h" enum revCol { Cnumber, Cserial, Cdate, Creason, CiDate, Cmax }; class revListItem : public QTreeWidgetItem { public: revListItem(QTreeWidget *w) : QTreeWidgetItem(w) { }; bool operator < (const QTreeWidgetItem &other) const { int col = treeWidget()->sortColumn(); switch (col) { case Cserial: { return a1int(text(Cserial)) < a1int(other.text(Cserial)); } case Cnumber: return text(Cnumber).toLong() < other.text(Cnumber).toLong(); default: return QTreeWidgetItem::operator < (other); } } }; static void setup_revRevItem(QTreeWidgetItem *item, const x509rev &revit, const pki_x509 *iss) { pki_x509 *rev = iss ? iss->getBySerial(revit.getSerial()) : NULL; if (rev != NULL) { for (int i = 0; i < Cmax; i++) item->setToolTip(i, rev->getIntName()); } item->setText(Cserial, revit.getSerial()); item->setText(Cdate, revit.getDate().toSortable()); item->setText(Creason, revit.getReason()); item->setTextAlignment(Cnumber, Qt::AlignRight); item->setTextAlignment(Cserial, Qt::AlignRight); a1time a = revit.getInvalDate(); if (!a.isUndefined()) item->setText(CiDate, a.toSortable()); } static void addRevItem(QTreeWidget *certList, const x509rev &revit, int no, const pki_x509 *iss) { revListItem *current; current = new revListItem(certList); current->setText(Cnumber, QString("%1").arg(no)); setup_revRevItem(current, revit, iss); } void RevocationList::setupRevocationView(QTreeWidget *certList, const x509revList &revList, const pki_x509 *iss) { QStringList sl; int cols, i; certList->clear(); sl << tr("No.") << tr("Serial") << tr("Revocation") << tr("Reason") << tr("Invalidation"); cols = sl.size(); certList->setColumnCount(cols); certList->setHeaderLabels(sl); certList->setItemsExpandable(false); certList->setRootIsDecorated(false); certList->sortItems(Cnumber, Qt::AscendingOrder); i=1; foreach(x509rev revit, revList) { addRevItem(certList, revit, i++, iss); } for (i=0; iresizeColumnToContents(i); certList->setSortingEnabled(true); certList->setSelectionBehavior(QAbstractItemView::SelectRows); certList->setSelectionMode(QAbstractItemView::ExtendedSelection); } RevocationList::RevocationList(QWidget *w) : QDialog(w) { QPushButton *genCrl; setupUi(this); setWindowTitle(XCA_TITLE); image->setPixmap(*MainWindow::revImg); genCrl = buttonBox->addButton(tr("Generate CRL"), QDialogButtonBox::ActionRole); connect(genCrl, SIGNAL(clicked(void)), this, SLOT(gencrl(void))); connect(certList, SIGNAL(doubleClicked(const QModelIndex &)), this, SLOT(on_editRev_clicked(const QModelIndex &))); } void RevocationList::gencrl(void) { issuer->setRevocations(getRevList()); emit genCRL(issuer); } void RevocationList::setRevList(const x509revList &rl, pki_x509 *iss) { issuer = iss; revList = rl; setupRevocationView(certList, revList, issuer); } const x509revList &RevocationList::getRevList() { return revList; } void RevocationList::on_addRev_clicked(void) { Revocation *revoke = new Revocation(this, QModelIndexList()); if (revoke->exec()) { x509rev revit = revoke->getRevocation(); revList << revit; addRevItem(certList, revit, revList.size(), issuer); } } void RevocationList::on_delRev_clicked(void) { QTreeWidgetItem *current = certList->currentItem(); x509rev rev; int idx; if (!current) return; idx = certList->indexOfTopLevelItem(current); certList->takeTopLevelItem(idx); rev.setSerial(a1int(current->text(Cserial))); idx = revList.indexOf(rev); if (idx != -1) revList.takeAt(idx); } void RevocationList::on_editRev_clicked() { QTreeWidgetItem *current = certList->currentItem(); x509rev rev; int idx; if (!current) return; rev.setSerial(a1int(current->text(Cserial))); idx = revList.indexOf(rev); if (idx == -1) return; rev = revList[idx]; Revocation *revoke = new Revocation(this, QModelIndexList()); revoke->setRevocation(rev); if (revoke->exec()) { a1time a1 = rev.getDate(); rev = revoke->getRevocation(); rev.setDate(a1); revList[idx] = rev; setup_revRevItem(current, rev, issuer); } delete revoke; } Revocation::Revocation(QWidget *w, QModelIndexList indexes) : QDialog(w) { setupUi(this); setWindowTitle(XCA_TITLE); reason->addItems(x509rev::crlreasons()); invalid->setNow(); if (indexes.size() > 1) { QList serials; QStringList sl; serial->setText(QString("Batch revocation of %1 Certificates"). arg(indexes.size())); foreach(QModelIndex idx, indexes) { pki_x509 *cert = static_cast (idx.internalPointer()); serials << cert->getSerial(); } std::sort(serials.begin(), serials.end()); foreach(a1int a, serials) sl << a; serial->setToolTip(sl.join("\n")); serial->setEnabled(false); } else if (indexes.size() == 1) { pki_x509 *cert = static_cast (indexes[0].internalPointer()); serial->setText(cert->getSerial()); serial->setEnabled(false); } else { serial->setValidator( new QRegExpValidator(QRegExp("[A-Fa-f0-9]+"), serial)); } } x509rev Revocation::getRevocation() { x509rev r; r.setSerial(a1int(serial->text())); r.setInvalDate(invalid->getDate()); r.setDate(a1time()); r.setCrlNo(0); r.setReason(reason->currentText()); return r; } void Revocation::setRevocation(x509rev r) { serial->setText(r.getSerial()); invalid->setDate(r.getInvalDate()); int i = reason->findText(r.getReason()); if (i == -1) i = 0; reason->setCurrentIndex(i); } xca-RELEASE.2.2.1/widgets/XcaProxyModel.h0000644000175000017500000000114613614632167017274 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2006 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __XCAPROXYMODEL_H #define __XCAPROXYMODEL_H #include #include #include class XcaProxyModel: public QSortFilterProxyModel { Q_OBJECT public: XcaProxyModel(QWidget *parent = 0) :QSortFilterProxyModel(parent) { } bool lessThan(const QModelIndex &left, const QModelIndex &right) const; bool filterAcceptsRow(int sourceRow, const QModelIndex &sourceParent) const; QVariant data(const QModelIndex &index, int role) const; }; #endif xca-RELEASE.2.2.1/widgets/XcaProxyModel.cpp0000644000175000017500000000403013614632167017622 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2006 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #include "XcaProxyModel.h" #include "lib/db_base.h" bool XcaProxyModel::lessThan(const QModelIndex &left, const QModelIndex &right) const { db_base *db = (db_base *)sourceModel(); if (!db) return QSortFilterProxyModel::lessThan(left, right); dbheaderList headers = db->getAllHeaders(); if (left.column() < 0 || left.column() >= headers.size() || right.column() < 0 || right.column() >= headers.size()) { qDebug("BAD COLUMN: %d %d\n", left.column(), right.column()); return true; } dbheader *hd_left = headers[left.column()]; dbheader *hd_right = headers[right.column()]; if (hd_left->isNumeric() && hd_right->isNumeric()) { int diff; QString l = sourceModel()->data(left).toString(); QString r = sourceModel()->data(right).toString(); diff = l.size() - r.size(); if (diff<0) return true; else if (diff>0) return false; else return l < r; } if (hd_left->type == dbheader::hd_asn1time && hd_right->type == dbheader::hd_asn1time) { pki_base *l = static_cast(left.internalPointer()); pki_base *r = static_cast(right.internalPointer()); if (l && r) return l->column_a1time(hd_left) < r->column_a1time(hd_right); } return QSortFilterProxyModel::lessThan(left, right); } bool XcaProxyModel::filterAcceptsRow(int sourceRow, const QModelIndex &sourceParent) const { QModelIndex idx = sourceModel()->index(sourceRow, 0, sourceParent); return sourceModel()->data(idx, Qt::UserRole).toBool(); } QVariant XcaProxyModel::data(const QModelIndex &index, int role) const { QModelIndex i; QString number; if (index.column() != 1) return QSortFilterProxyModel::data(index, role); /* Row number */ switch (role) { case Qt::EditRole: case Qt::DisplayRole: for (i = index; i.isValid(); i = i.parent()) number += QString(" %1").arg(i.row()+1); return QVariant(number); default: return QSortFilterProxyModel::data(index, role); } return QVariant(); } xca-RELEASE.2.2.1/widgets/XcaWarning.h0000644000175000017500000000241213614632167016574 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2018 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __XCAWARNING_H #define __XCAWARNING_H #include #define XCA_INFO(msg) xcaWarning::information(msg) #define XCA_WARN(msg) xcaWarning::warning(msg) #define XCA_YESNO(msg) xcaWarning::yesno(msg) #define XCA_OKCANCEL(msg) xcaWarning::okcancel(msg) class xcaWarning: public QMessageBox { public: xcaWarning(QWidget *w, QString txt, QMessageBox::Icon icon = QMessageBox::Warning) : QMessageBox(icon, XCA_TITLE, txt, QMessageBox::NoButton, w) { setTextFormat(Qt::PlainText); } static void information(QString msg) { xcaWarning m(NULL, msg, QMessageBox::Information); m.setStandardButtons(QMessageBox::Ok); m.exec(); } static void warning(QString msg) { xcaWarning m(NULL, msg, QMessageBox::Warning); m.setStandardButtons(QMessageBox::Ok); m.exec(); } static bool yesno(QString msg) { xcaWarning m(NULL, msg, QMessageBox::Question); m.setStandardButtons(QMessageBox::Yes | QMessageBox::No); return m.exec() == QMessageBox::Yes; } static bool okcancel(QString msg) { xcaWarning m(NULL, msg, QMessageBox::Warning); m.setStandardButtons(QMessageBox::Ok | QMessageBox::Cancel); return m.exec() == QMessageBox::Ok; } }; #endif xca-RELEASE.2.2.1/widgets/Makefile0000644000175000017500000000106513614632167016025 0ustar tewardteward ifeq ($(TOPDIR),) TOPDIR=.. BUILD=.. endif MOC_NAMES=MainWindow KeyDetail clicklabel XcaTreeView NewX509 \ validity v3ext distname CertDetail CertExtend PwDialog \ ImportMulti CrlDetail ExportDialog hashBox Options NewKey kvView \ NewCrl SearchPkcs11 RevocationList XcaProxyModel XcaHeaderView \ KeyTreeView TempTreeView ReqTreeView X509SuperTreeView CertTreeView \ OidResolver OpenDb NAMES=$(MOC_NAMES) NewX509_ext MW_menu MW_help MW_database OBJS=$(patsubst %,moc_%.o,$(MOC_NAMES)) $(patsubst %,%.o,$(NAMES)) include $(TOPDIR)/Rules.mak sinclude .depend xca-RELEASE.2.2.1/widgets/SearchPkcs11.cpp0000644000175000017500000000731013614632167017260 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2011 Christian Hohnstaedt. * * All rights reserved. */ #include "SearchPkcs11.h" #include "lib/base.h" #include "lib/func.h" #include "lib/pkcs11_lib.h" #include #include #include #include #include #include #include SearchPkcs11::SearchPkcs11(QWidget *parent, QString fname) :QDialog(parent) { setupUi(this); filename->setText(fname); setWindowTitle(XCA_TITLE); filename->setText(getLibDir()); searching = NULL; } SearchPkcs11::~SearchPkcs11() { if (searching) search->click(); } void SearchPkcs11::on_fileBut_clicked() { QString s = QFileDialog::getExistingDirectory(this, QString(XCA_TITLE), filename->text()); if (!s.isEmpty()) { nativeSeparator(s); filename->setText(s); } } void SearchPkcs11::on_search_clicked() { if (searching) { return; } searching = new searchThread(filename->text(), getLibExtensions(), subdirs->isChecked()); liblist->clear(); connect(searching, SIGNAL(updateLibs(QString)), this, SLOT(updateLibs(QString))); connect(searching, SIGNAL(updateCurrFile(QString)), this, SLOT(updateCurrFile(QString))); connect(searching, SIGNAL(finished()), this, SLOT(finishSearch())); connect(search, SIGNAL(clicked()), searching, SLOT(cancelSearch())); search->setText("Cancel"); searching->start(); } void SearchPkcs11::finishSearch() { search->setText("Start"); currFile->setText(tr("The following files are possible PKCS#11 libraries")); if (!searching) return; searching->wait(1000); delete searching; searching = NULL; } void SearchPkcs11::buttonPress(QAbstractButton *but) { QList libitems; QListWidgetItem *lib; switch (buttonBox->standardButton(but)) { case QDialogButtonBox::Ok: accept(); break; default: case QDialogButtonBox::Cancel: reject(); break; case QDialogButtonBox::Open: libitems = liblist->selectedItems(); foreach(lib, libitems) loadItem(lib); break; } } void SearchPkcs11::loadItem(QListWidgetItem *lib) { emit addLib(lib->text()); delete lib; } void SearchPkcs11::updateCurrFile(QString f) { int len = f.length(); QString reduced = f; QFontMetrics fm(currFile->font()); currFile->setToolTip(f); while ((currFile->width() < (fm.width(reduced) -10)) && (len > 0)) { len -= 10; reduced = compressFilename(f, len); } currFile->setText(reduced); currFile->update(); } void SearchPkcs11::updateLibs(QString f) { liblist->addItem(new QListWidgetItem(f)); liblist->update(); } searchThread::searchThread(QString _dir, const QStringList _ext, bool _recursive) { dirname = _dir; ext = _ext; recursive = _recursive; keepOnRunning = true; } void searchThread::cancelSearch() { keepOnRunning = false; } bool searchThread::checkLib(QString file) { qint64 siz; int r = -1; QFile qf(file); siz = qf.size(); if (qf.open(QIODevice::ReadOnly)) { uchar *p = qf.map(0, siz); r = QByteArray::fromRawData((char*)p, siz) .indexOf("C_GetFunctionList"); qf.unmap(p); qf.close(); } return r != -1; } void searchThread::search(QString mydir) { QDir dir = QDir(mydir); QStringList files = dir.entryList( QStringList(ext), QDir::Files | QDir::Readable); while (!files.isEmpty() && keepOnRunning) { QString file = files.takeFirst(); if (file.isEmpty()) continue; file = mydir + QDir::separator() + file; emit updateCurrFile(file); if (checkLib(file)) emit updateLibs(file); } if (recursive && keepOnRunning) { QString d; QStringList dirs = dir.entryList(QStringList(), QDir::AllDirs | QDir::NoDotAndDotDot); foreach(d, dirs) { if (!keepOnRunning) break; QString s = mydir +QDir::separator() +d; emit updateCurrFile(s); search(s); } } } xca-RELEASE.2.2.1/widgets/XcaDialog.h0000644000175000017500000000312313614632167016366 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2015 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __XCADIALOG_H #define __XCADIALOG_H #include #include #include "ui_XcaDialog.h" #include "lib/db.h" #include "MainWindow.h" class XcaDialog : public QDialog, public Ui::XcaDialog { QWidget *widg; public: XcaDialog(QWidget *parent, enum pki_type type, QWidget *w, QString t, QString desc) : QDialog(parent) { setupUi(this); setWindowTitle(XCA_TITLE); QPixmap *icon = NULL; switch (type) { case asym_key: icon = MainWindow::keyImg; break; case x509_req: icon = MainWindow::csrImg; break; case x509: icon = MainWindow::certImg; break; case revocation: icon = MainWindow::revImg; break; case tmpl: icon = MainWindow::tempImg; break; case smartCard: icon = MainWindow::scardImg; break; default: break; } if (icon) image->setPixmap(*icon); content->addWidget(w); widg = w; title->setText(t); if (desc.isEmpty()) { verticalLayout->removeWidget(description); delete description; } else { description->setText(desc); } } void noSpacer() { verticalLayout->removeItem(topSpacer); verticalLayout->removeItem(bottomSpacer); delete topSpacer; delete bottomSpacer; if (widg) widg->setSizePolicy(QSizePolicy::Expanding, QSizePolicy::Expanding); } void aboutDialog(QPixmap *lefticon) { QPixmap left = *lefticon; title->setPixmap(left.scaledToHeight(title->height())); noSpacer(); resize(560, 400); buttonBox->setStandardButtons(QDialogButtonBox::Ok); buttonBox->centerButtons(); } }; #endif xca-RELEASE.2.2.1/widgets/hashBox.cpp0000644000175000017500000001175213614632167016471 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2007 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #include "hashBox.h" #include "lib/base.h" #include /* SHA-256 as default */ #define DEFAULT_MD_IDX 4 /* SHA 1 and below are insecure */ #define INSECURE_MD 2 static const struct { const char *name; int nid; } hashalgos[] = { { "MD 5", NID_md5 }, { "RIPEMD 160", NID_ripemd160 }, { "SHA 1", NID_sha1 }, { "SHA 224", NID_sha224 }, { "SHA 256", NID_sha256 }, { "SHA 384", NID_sha384 }, { "SHA 512", NID_sha512 }, }; int hashBox::default_md = DEFAULT_MD_IDX; hashBox::hashBox(QWidget *parent) :QComboBox(parent) { setupAllHashes(); setDefaultHash(); } void hashBox::setKeyType(int type) { key_type = type; } int hashBox::currentHashIdx() const { QString hash = currentText(); for (unsigned i=0; i= ARRAY_SIZE(hashalgos)) i = DEFAULT_MD_IDX; return EVP_get_digestbynid(hashalgos[i].nid); } void hashBox::setCurrentString(QString md) { int idx = findText(md); if (idx != -1) { setCurrentIndex(idx); wanted_md = ""; } else { wanted_md = md; } } #if OPENSSL_VERSION_NUMBER < 0x10000000L struct nid_triple { int alg; int hash; int sig; }; static const nid_triple sigoid_srt[] = { {NID_md2WithRSAEncryption, NID_md2, NID_rsaEncryption}, {NID_md5WithRSAEncryption, NID_md5, NID_rsaEncryption}, {NID_shaWithRSAEncryption, NID_sha, NID_rsaEncryption}, {NID_sha1WithRSAEncryption, NID_sha1, NID_rsaEncryption}, {NID_dsaWithSHA, NID_sha, NID_dsa}, {NID_dsaWithSHA1_2, NID_sha1, NID_dsa_2}, {NID_mdc2WithRSA, NID_mdc2, NID_rsaEncryption}, {NID_md5WithRSA, NID_md5, NID_rsa}, {NID_dsaWithSHA1, NID_sha1, NID_dsa}, {NID_sha1WithRSA, NID_sha1, NID_rsa}, {NID_ripemd160WithRSA, NID_ripemd160, NID_rsaEncryption}, {NID_md4WithRSAEncryption, NID_md4, NID_rsaEncryption}, {NID_ecdsa_with_SHA1, NID_sha1, NID_X9_62_id_ecPublicKey}, {NID_sha256WithRSAEncryption, NID_sha256, NID_rsaEncryption}, {NID_sha384WithRSAEncryption, NID_sha384, NID_rsaEncryption}, {NID_sha512WithRSAEncryption, NID_sha512, NID_rsaEncryption}, {NID_sha224WithRSAEncryption, NID_sha224, NID_rsaEncryption}, {NID_ecdsa_with_Recommended, NID_undef, NID_X9_62_id_ecPublicKey}, {NID_ecdsa_with_Specified, NID_undef, NID_X9_62_id_ecPublicKey}, {NID_ecdsa_with_SHA224, NID_sha224, NID_X9_62_id_ecPublicKey}, {NID_ecdsa_with_SHA256, NID_sha256, NID_X9_62_id_ecPublicKey}, {NID_ecdsa_with_SHA384, NID_sha384, NID_X9_62_id_ecPublicKey}, {NID_ecdsa_with_SHA512, NID_sha512, NID_X9_62_id_ecPublicKey}, {NID_dsa_with_SHA224, NID_sha224, NID_dsa}, {NID_dsa_with_SHA256, NID_sha256, NID_dsa}, {NID_id_GostR3411_94_with_GostR3410_2001, NID_id_GostR3411_94, NID_id_GostR3410_2001}, {NID_id_GostR3411_94_with_GostR3410_94, NID_id_GostR3411_94, NID_id_GostR3410_94}, {NID_id_GostR3411_94_with_GostR3410_94_cc, NID_id_GostR3411_94, NID_id_GostR3410_94_cc}, {NID_id_GostR3411_94_with_GostR3410_2001_cc, NID_id_GostR3411_94, NID_id_GostR3410_2001_cc}, }; static int OBJ_find_sigid_algs(int alg, int *hash, int *sig) { unsigned i; for (i=0; i< ARRAY_SIZE(sigoid_srt); i++) { if (sigoid_srt[i].alg == alg) { if (hash) *hash = sigoid_srt[i].hash; if (sig) *sig = sigoid_srt[i].sig; return 1; } } return 0; } #endif void hashBox::setCurrentMD(const EVP_MD *md) { int hash_nid; unsigned idx; if (!md) return; if (!OBJ_find_sigid_algs(EVP_MD_type(md), &hash_nid, NULL)) hash_nid = EVP_MD_type(md); for (idx = 0; idx nids) { QString md = currentText(); if (!wanted_md.isEmpty()) md = wanted_md; clear(); for (unsigned i=0; i #include #include #include CertDetail::CertDetail(QWidget *parent) :QDialog(parent) { setupUi(this); setWindowTitle(XCA_TITLE); showConf = false; keySqlId = QVariant(); issuerSqlId = QVariant(); myPubKey = NULL; } void CertDetail::on_showExt_clicked() { if (showConf) { showConf = false; v3extensions->document()->setHtml(exts); showExt->setText(tr("Show config")); } else { showConf = true; v3extensions->document()->setPlainText(conf); showExt->setText(tr("Show extensions")); } } void CertDetail::setX509super(pki_x509super *x) { descr->setText(x->getIntName()); // examine the key pki_key *key= x->getRefKey(); myPubKey = x->getPubKey(); if (key) { privKey->setText(key->getIntName()); privKey->setClickText(key->getSqlItemId().toString()); if (key->isPrivKey()) { privKey->setGreen(); } else { privKey->setRed(); } keySqlId = key->getSqlItemId(); } else if (myPubKey) { privKey->setText(tr("Show public key")); privKey->setRed(); connect(privKey, SIGNAL(doubleClicked(QString)), this, SLOT(showPubKey())); myPubKey->setIntName(x->getIntName()); myPubKey->setComment(tr("This key is not in the database.")); } else { privKey->setText(tr("Not available")); privKey->setDisabled(true); privKey->disableToolTip(); } // details of the subject subject->setX509name(x->getSubject()); // V3 extensions extList el = x->getV3ext(); if (el.count() == 0) { tabwidget->removeTab(4); } else { exts = el.getHtml("
"); el.genGenericConf(&conf); v3extensions->document()->setHtml(exts); } // Algorithm sigAlgo->setText(x->getSigAlg()); connect(sigAlgo, SIGNAL(doubleClicked(QString)), MainWindow::getResolver(), SLOT(searchOid(QString))); // Comment comment->setPlainText(x->getComment()); } void CertDetail::setCert(pki_x509 *cert) { image->setPixmap(*MainWindow::certImg); headerLabel->setText(tr("Details of the Certificate")); try { setX509super(cert); // No attributes tabwidget->removeTab(3); // examine the signature if (cert->getSigner() == NULL) { signature->setText(tr("Signer unknown")); signature->setDisabled(true); signature->disableToolTip(); } else if (cert == cert->getSigner()) { signature->setText(tr("Self signed")); signature->setGreen(); signature->disableToolTip(); } else { pki_x509 *issuer = cert->getSigner(); signature->setText(issuer->getIntName()); signature->setClickText(issuer->getSqlItemId().toString()); signature->setGreen(); issuerSqlId = issuer->getSqlItemId(); } // the serial serialNr->setText(cert->getSerial()); // details of the issuer issuer->setX509name(cert->getIssuerName()); // The dates notBefore->setText(cert->getNotBefore().toPretty()); notBefore->setToolTip(cert->getNotBefore().toPrettyGMT()); notAfter->setText(cert->getNotAfter().toPretty()); notAfter->setToolTip(cert->getNotAfter().toPrettyGMT()); // validation of the Date dateValid->disableToolTip(); if (cert->isRevoked()) { x509rev rev = cert->getRevocation(); dateValid->setText(tr("Revoked at %1") .arg(rev.getDate().toPretty())); dateValid->setRed(); dateValid->setToolTip(rev.getDate().toPrettyGMT()); } else if (!cert->checkDate()) { dateValid->setText(tr("Not valid")); dateValid->setRed(); } else { dateValid->setGreen(); dateValid->setText(tr("Valid")); } // the fingerprints fpMD5->setText(cert->fingerprint(EVP_md5())); fpSHA1->setText(cert->fingerprint(EVP_sha1())); QString fp = cert->fingerprint(EVP_sha256()); int x = fp.size() / 2; fp = fp.mid(0,x) + "\n" + fp.mid(x+1, -1); fpSHA256->setText(fp); openssl_error(); } catch (errorEx &err) { XCA_WARN(err.getString()); } } void CertDetail::setReq(pki_x509req *req) { image->setPixmap(*MainWindow::csrImg); headerLabel->setText(tr("Details of the certificate signing request")); try { setX509super(req); // No issuer tabwidget->removeTab(2); // verification if (!req->verify() ) { signature->setRed(); signature->setText("Failed"); } else { signature->setGreen(); signature->setText("PKCS#10"); } signature->disableToolTip(); fingerprints->hide(); validity->hide(); serialLabel->hide(); serialNr->hide(); // The non extension attributes int cnt = X509_REQ_get_attr_count(req->getReq()); int added = 0; QGridLayout *attrLayout = new QGridLayout(attributes); attrLayout->setAlignment(Qt::AlignTop); attrLayout->setSpacing(6); attrLayout->setMargin(11); for (int i = 0, ii = 0; igetReq(), i); nid = OBJ_obj2nid(X509_ATTRIBUTE_get0_object(att)); if (X509_REQ_extension_nid(nid)) { continue; } label = new QLabel(this); trans = dn_translations[nid]; if (Settings["translate_dn"] && !trans.isEmpty()) { label->setText(trans); label->setToolTip(QString(OBJ_nid2sn(nid))); } else { label->setText(QString(OBJ_nid2ln(nid))); label->setToolTip(trans); } label->setText(QString(OBJ_nid2ln(nid))); label->setToolTip(QString(OBJ_nid2sn(nid))); attrLayout->addWidget(label, ii, 0); added++; int count = X509_ATTRIBUTE_count(att); for (int j=0; jvalue.asn1_string); attrLayout->addWidget(label, ii, j +1); } ii++; } if (!added) { tabwidget->removeTab(2); } openssl_error(); } catch (errorEx &err) { XCA_WARN(err.getString()); } } QLabel *CertDetail::labelFromAsn1String(ASN1_STRING *s) { QLabel *label; label = new CopyLabel(this); label->setText(asn1ToQString(s)); label->setToolTip(QString(ASN1_tag2str(s->type))); return label; } void CertDetail::itemChanged(pki_base *pki) { if (pki->getSqlItemId() == keySqlId) privKey->setText(pki->getIntName()); if (pki->getSqlItemId() == issuerSqlId) signature->setText(pki->getIntName()); } void CertDetail::showPubKey() { if (!myPubKey) return; KeyDetail *dlg = new KeyDetail(this); if (!dlg) return; dlg->setKey(myPubKey); dlg->keyDesc->setReadOnly(true); dlg->comment->setReadOnly(true); dlg->exec(); delete dlg; } CertDetail::~CertDetail() { if (myPubKey) delete myPubKey; } xca-RELEASE.2.2.1/widgets/PwDialog.h0000644000175000017500000000142713614632167016246 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2011 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PWDIALOG_H #define __PWDIALOG_H #include #include "ui_PwDialog.h" #include "lib/Passwd.h" #include "lib/pki_x509.h" #include "lib/pass_info.h" class PwDialog: public QDialog, public Ui::PwDialog { Q_OBJECT private: bool wrDialog; Passwd final; pass_info *pi; public: PwDialog(pass_info *p, bool write = false); Passwd getPass() { return final; } void addAbortButton(); void setRW(bool write); static int execute(pass_info *p, Passwd *passwd, bool write = false, bool abort = false); static int pwCallback(char *buf, int size, int rwflag, void *userdata); public slots: void accept(); void buttonPress(QAbstractButton *but); }; #endif xca-RELEASE.2.2.1/widgets/ItemCombo.h0000644000175000017500000000210613614632167016411 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2015 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __ITEMCOMBO_H #define __ITEMCOMBO_H #include #include #include "lib/pki_base.h" #include "lib/pki_x509.h" #include "lib/pki_x509req.h" #include "lib/pki_temp.h" template class itemCombo : public QComboBox { public: itemCombo(QWidget *parent) : QComboBox(parent) { } void insertPkiItems(QList items) { clear(); foreach(T *p, items) { addItem(p->comboText(), QVariant::fromValue(p)); } } T *currentPkiItem() { return itemData(currentIndex()).template value(); } void setNullItem(QString text) { if (itemData(0).template value() == NULL) removeItem(0); insertItem(0, text, QVariant()); } int setCurrentPkiItem(T *p) { int idx = findData(QVariant::fromValue(p)); setCurrentIndex(idx); return idx; } }; typedef class itemCombo itemComboTemp; typedef class itemCombo itemComboReq; typedef class itemCombo itemComboCert; typedef class itemCombo itemComboKey; #endif xca-RELEASE.2.2.1/widgets/kvView.h0000644000175000017500000000732513614632167016016 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2010 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __KVVIEW_H #define __KVVIEW_H #include #include #include #include #include #include "lib/base.h" class kvView; class kvDelegate : public QItemDelegate { public: kvDelegate(QObject *parent) :QItemDelegate(parent) { } virtual void addKey(QString &) {}; }; class comboDelegate : public kvDelegate { QStringList keys; public: comboDelegate(QStringList k, QObject *parent = 0) :kvDelegate(parent) { keys = k; } void addKey(QString &key) { if (!key.isEmpty() && (keys.count() == 0 || !keys.contains(key))) keys << key; } QWidget *createEditor(QWidget *parent, const QStyleOptionViewItem &option, const QModelIndex &index) const; void setEditorData(QWidget *editor, const QModelIndex &index) const; void setModelData(QWidget *editor, QAbstractItemModel *model, const QModelIndex &index) const; void updateEditorGeometry(QWidget *editor, const QStyleOptionViewItem &option, const QModelIndex &index) const { (void)index; editor->setGeometry(option.rect); } }; class lineDelegate : public kvDelegate { Q_OBJECT QLabel *infoLabel; public: lineDelegate(QLabel *lbl = 0, QObject *parent = 0) :kvDelegate(parent) { infoLabel = lbl; } QWidget *createEditor(QWidget *parent, const QStyleOptionViewItem &option, const QModelIndex &index) const; void setEditorData(QWidget *editor, const QModelIndex &index) const; void setModelData(QWidget *editor, QAbstractItemModel *model, const QModelIndex &index) const; void updateEditorGeometry(QWidget *editor, const QStyleOptionViewItem &option, const QModelIndex &index) const { (void)index; editor->setGeometry(option.rect); } signals: void setupLineEdit(const QString &s, QLineEdit *l) const; }; class kvmodel: public QAbstractTableModel { QStringList items; QStringList header; int myCols; public: kvmodel(QStringList &heads); QStringList getRow(int i); void addRow(const QStringList &newrow); Qt::ItemFlags flags(const QModelIndex &index) const { return QAbstractTableModel::flags(index) | Qt::ItemIsEditable; } QModelIndex index(int row, int column, const QModelIndex &parent = QModelIndex()) const { (void)parent; return createIndex(row, column, row*myCols +column); } QVariant data(const QModelIndex &index, int role) const; QVariant headerData(int section, Qt::Orientation orientation, int role) const; bool insertRows(int row, int count, const QModelIndex &parent = QModelIndex()); bool removeRows(int row, int count, const QModelIndex & parent = QModelIndex()); int rowCount(const QModelIndex &parent) const { (void)parent; return items.count()/myCols; } int columnCount(const QModelIndex &parent) const { (void)parent; return myCols; } bool setData(const QModelIndex &index, const QVariant &value, int role); void moveRow(int oldi, int newi); }; class kvView: public QTableView { Q_OBJECT QStringList keys0; QLabel *infoLabel; public: kvView(QWidget *parent = 0); ~kvView(); int rowCount() { return model()->rowCount(QModelIndex()); } QStringList getRow(int i) { return static_cast(model())->getRow(i); } void addRow(const QStringList &newrow); void deleteAllRows() { model()->removeRows(0, rowCount(), QModelIndex()); } void setInfoLabel(QLabel *lbl, int col = 1) { infoLabel = lbl; initLineDelegate(col); } void initLineDelegate(int col = 1); void setKeys(const QStringList &k, int col = 0); void initCols(QStringList &heads); private slots: void moveRow(int logical, int oldi, int newi); void editorExited(); public slots: void addKvRow(); void deleteCurrentRow(); }; #endif xca-RELEASE.2.2.1/widgets/PwDialog.cpp0000644000175000017500000000503313614632167016576 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "PwDialog.h" #include "lib/base.h" #include "lib/Passwd.h" #include "widgets/MainWindow.h" #include #include static int hex2bin(QString &x, Passwd *final) { bool ok = false; int len = x.length(); if (len % 2) return -1; len /= 2; final->clear(); for (int i=0; iappend((x.mid(i*2, 2).toInt(&ok, 16)) & 0xff); if (!ok) return -1; } return len; } int PwDialog::execute(pass_info *p, Passwd *passwd, bool write, bool abort) { PwDialog *dlg; int ret; dlg = new PwDialog(p, write); if (abort) dlg->addAbortButton(); ret = dlg->exec(); *passwd = dlg->getPass(); delete dlg; return ret; } int PwDialog::pwCallback(char *buf, int size, int rwflag, void *userdata) { int ret; pass_info *p = (pass_info *)userdata; PwDialog *dlg = new PwDialog(p, rwflag); ret = dlg->exec(); QByteArray pw = dlg->getPass(); size = MIN(size, pw.size()); memcpy(buf, pw.constData(), size); delete dlg; return ret == 1 ? size : 0; } PwDialog::PwDialog(pass_info *p, bool write) :QDialog(p->getWidget()) { pi = p; setupUi(this); image->setPixmap(pi->getImage()); description->setText(pi->getDescription()); title->setText(pi->getType()); if (!pi->getTitle().isEmpty()) setWindowTitle(pi->getTitle()); else setWindowTitle(XCA_TITLE); if (pi->getType() != "PIN") takeHex->hide(); setRW(write); } void PwDialog::setRW(bool write) { wrDialog = write; if (write) { label->setText(pi->getType()); repeatLabel->setText(tr("Repeat %1").arg(pi->getType())); label->show(); passA->show(); } else { repeatLabel->setText(pi->getType()); label->hide(); passA->hide(); } } void PwDialog::accept() { if (wrDialog && (passA->text() != passB->text())) { XCA_WARN(tr("%1 mismatch").arg(pi->getType())); return; } QString pw = passB->text(); if (takeHex->isChecked()) { int ret = hex2bin(pw, &final); if (ret == -1) { XCA_WARN(tr("Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters")); return; } } else { final = pw.toLatin1(); } QDialog::accept(); } void PwDialog::buttonPress(QAbstractButton *but) { switch (buttonBox->standardButton(but)) { case QDialogButtonBox::Ok: accept(); break; case QDialogButtonBox::Cancel: reject(); break; case QDialogButtonBox::Abort: default: done(2); } } void PwDialog::addAbortButton() { buttonBox->addButton(tr("E&xit"), QDialogButtonBox::ResetRole); } xca-RELEASE.2.2.1/widgets/v3ext.cpp0000644000175000017500000000734713614632167016153 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2005 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "v3ext.h" #include #include #include #include #include #include #include #include #include "MainWindow.h" #include "lib/exception.h" #include "lib/ipvalidator.h" v3ext::v3ext(QWidget *parent) :QDialog(parent) { setupUi(this); setWindowTitle(XCA_TITLE); tab->horizontalHeader()->setDefaultSectionSize(80); } void v3ext::addInfo(QLineEdit *myle, const QStringList &sl, int n, X509V3_CTX *ctx) { nid = n; le = myle; ext_ctx = ctx; tab->setKeys(sl); keys = sl; tab->setInfoLabel(infoLabel); connect(tab->itemDelegateForColumn(1), SIGNAL(setupLineEdit(const QString &, QLineEdit *)), this, SLOT(setupLineEdit(const QString &, QLineEdit *))); if (le && !le->text().trimmed().isEmpty()) addItem(le->text()); if (n != NID_subject_alt_name) copy_cn->hide(); } void v3ext::addItem(QString list) { int i; QStringList sl; sl = list.split(','); if (sl[0] == "critical") { sl.takeFirst(); critical->setChecked(true); } for (i=0; i< sl.count(); i++) { if (sl[i] == "DNS:copycn" && nid == NID_subject_alt_name) copy_cn->setChecked(true); else addEntry(sl[i]); } } void v3ext::setupLineEdit(const QString &s, QLineEdit *l) { QString tt; QValidator *v = NULL; if (s == "email") { if (nid == NID_subject_alt_name) tt = tr("An email address or 'copy'"); else tt = tr("An email address"); } else if (s == "RID") { tt = tr("A registered ID: OBJECT IDENTIFIER"); QRegExp rx("[a-zA-Z0-9.]+"); v = new QRegExpValidator(rx, this); } else if (s == "URI") { tt = tr("A uniform resource indicator"); QRegExp rx("[a-z]+://.*"); v = new QRegExpValidator(rx, this); } else if (s == "DNS") { if (nid == NID_subject_alt_name) tt = tr("A DNS domain name or 'copycn'"); else tt = tr("A DNS domain name"); } else if (s == "IP") { tt = tr("An IP address"); v = new ipValidator(); } else if (s == "otherName") { tt = tr("Syntax: ;TYPE:text like '1.2.3.4:UTF8:name'"); QRegExp rx("[a-zA-Z0-9.]+;.*"); v = new QRegExpValidator(rx, this); } else if (s == "issuer") { tt = tr("No editing. Only 'copy' allowed here"); l->setText(QString("copy")); l->setReadOnly(true); QRegExp rx("copy"); v = new QRegExpValidator(rx, this); } l->setToolTip(tt); l->setValidator(v); } /* for one TYPE:Content String */ void v3ext::addEntry(QString line) { int idx; QString type, value; line = line.trimmed(); idx = line.indexOf(':'); if (idx == -1) { value = line; } else { type = line.left(idx); value = line.mid(idx+1); } if (!keys.contains(type)) { type = keys[0]; value = line; } tab->addRow(QStringList(type) << value); } QString v3ext::toString() { QStringList str; int i, row = tab->rowCount(); if (critical->isChecked()) str << "critical"; if (copy_cn->isChecked()) str << "DNS:copycn"; for (i=0; igetRow(i); str += s[0] + ":" +s[1]; } return str.join(", "); } void v3ext::on_apply_clicked() { __validate(false); if (le) le->setText(toString()); accept(); } bool v3ext::__validate(bool showSuccess) { x509v3ext ext; QString str, error; validate->setFocus(Qt::OtherFocusReason); str = prefix + toString(); ext.create(nid, str, ext_ctx); while (int i = ERR_get_error() ) { error += ERR_error_string(i ,NULL); error += "\n"; } if (!error.isEmpty()) { XCA_WARN(tr("Validation failed:\n'%1'\n%2"). arg(str).arg(error)); return false; } if (showSuccess) { XCA_INFO(tr("Validation successful:\n'%1'"). arg(ext.getValue())); } return true; } void v3ext::on_validate_clicked() { __validate(true); } xca-RELEASE.2.2.1/widgets/clicklabel.h0000644000175000017500000000143013614632167016617 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2007 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __CLICKLABEL_H #define __CLICKLABEL_H #include class QMouseEvent; class DoubleClickLabel : public QLabel { Q_OBJECT QString clicktext; public: DoubleClickLabel(QWidget *parent) : QLabel(parent) { } void setClickText(QString s); protected: void mouseDoubleClickEvent ( QMouseEvent * e ); signals: void doubleClicked(QString text); }; class ClickLabel : public DoubleClickLabel { Q_OBJECT public: ClickLabel(QWidget *parent); void setRed(); void setGreen(); void disableToolTip(); protected: void setColor(const QColor &col); }; class CopyLabel : public DoubleClickLabel { Q_OBJECT public: CopyLabel(QWidget *parent); }; #endif xca-RELEASE.2.2.1/widgets/CertExtend.h0000644000175000017500000000067313614632167016607 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __CERTEXTEND_H #define __CERTEXTEND_H #include "ui_CertExtend.h" #include "lib/pki_x509.h" class pki_key; class CertExtend: public QDialog, public Ui::CertExtend { Q_OBJECT pki_x509 *signer; public: CertExtend(QWidget *parent, pki_x509 *s); public slots: void on_applyTime_clicked(); void accept(); }; #endif xca-RELEASE.2.2.1/widgets/CrlDetail.h0000644000175000017500000000074013614632167016400 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2007 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __CRLDETAIL_H #define __CRLDETAIL_H #include "ui_CrlDetail.h" class pki_crl; class pki_base; class MainWindow; class CrlDetail: public QDialog, public Ui::CrlDetail { Q_OBJECT private: MainWindow *mw; QVariant issuerSqlId; public: CrlDetail(MainWindow *mainwin); void setCrl(pki_crl *crl); public slots: void itemChanged(pki_base *pki); }; #endif xca-RELEASE.2.2.1/widgets/validity.cpp0000644000175000017500000000504313614632167016716 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2003 - 2012 Christian Hohnstaedt. * * All rights reserved. */ #include "validity.h" #include #include "lib/asn1time.h" #include "lib/func.h" Validity::Validity( QWidget* parent ) : QDateTimeEdit( parent ) { endDate = false; setTimeSpec(Qt::UTC); setNow(); hideTime(false); connect(this, SIGNAL(timeChanged(const QTime &)), this, SLOT(setMyTime(const QTime &))); updateFormatString(); } Validity::~Validity() { } a1time Validity::getDate() const { a1time date(dateTime()); QTime time; if (midnight) { time = endDate ? QTime(23,59,59) : QTime(0,0,0); date.setTimeSpec(Qt::UTC); } else { time = date.time(); time.setHMS(time.hour(), time.minute(), 0); } date.setTime(time); return date; } void Validity::localTime(int state) { if (midnight) return; switch (state) { case Qt::Checked: setTimeSpec(Qt::LocalTime); setDateTime(dateTime().toLocalTime()); break; case Qt::Unchecked: setTimeSpec(Qt::UTC); setDateTime(dateTime().toUTC()); break; } updateFormatString(); setMyTime(time()); } void Validity::hideTimeCheck(int state) { switch (state) { case Qt::Checked: hideTime(true); break; case Qt::Unchecked: hideTime(false); break; } } void Validity::hideTime(bool hide) { if (hide) { if (!midnight && endDate) setDateTime(dateTime().addDays(-1)); midnight = true; } else { if (midnight && endDate) setDateTime(dateTime().addDays(1)); midnight = false; setTime(mytime); } updateFormatString(); } void Validity::updateFormatString() { QString formatDate = tr("yyyy-MM-dd hh:mm"); QString format; if (midnight) { if (!endDate) format = QTime(0,0,0).toString(formatDate); else format = QTime(23,59,59).toString(formatDate); } else { format = formatDate; } if (timeSpec() == Qt::UTC || midnight) { format += " 'GMT'"; } else { format += QString(" '%1'") .arg(QTime::currentTime().toString("t")); } setDisplayFormat(format); } void Validity::setDate(const a1time &a) { setDateTime(a); } void Validity::setDiff(const Validity *start, int number, int range) { QDateTime dt = start->dateTime(); switch (range) { case 0: dt = dt.addDays(number); break; case 1: dt = dt.addMonths(number); break; case 2: dt = dt.addYears(number); break; } // one day less if we go from 0:00:00 to 23:59:59 if (midnight) dt = dt.addDays(-1); setDateTime(dt); setMyTime(start->mytime); } void Validity::setNow() { setDateTime(a1time::now()); setMyTime(time()); } void Validity::setMyTime(const QTime &time) { mytime = time; } xca-RELEASE.2.2.1/widgets/TempTreeView.cpp0000644000175000017500000000256613614632167017460 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2015 Christian Hohnstaedt. * * All rights reserved. */ #include "lib/pki_temp.h" #include "TempTreeView.h" #include "MainWindow.h" #include #include #include void TempTreeView::fillContextMenu(QMenu *menu, QMenu *subExport, const QModelIndex &index, QModelIndexList indexes) { (void)subExport; (void)index; if (indexes.size() != 1) return; menu->addAction(tr("Duplicate"), this, SLOT(duplicateTemp())); menu->addAction(tr("Create certificate"), this, SLOT(certFromTemp())); menu->addAction(tr("Create request"), this, SLOT(reqFromTemp())); } void TempTreeView::duplicateTemp() { QModelIndex currentIdx = currentIndex(); if (!currentIdx.isValid()) return; pki_temp *temp = static_cast(currentIdx.internalPointer()); pki_temp *newtemp = new pki_temp(temp); newtemp->setIntName(newtemp->getIntName() + " " + tr("copy")); temps->insertPKI(newtemp); } void TempTreeView::certFromTemp() { QModelIndex currentIdx = currentIndex(); if (!currentIdx.isValid()) return; pki_temp *temp = static_cast(currentIdx.internalPointer()); emit newCert(temp); } void TempTreeView::reqFromTemp() { QModelIndex currentIdx = currentIndex(); if (!currentIdx.isValid()) return; pki_temp *temp = static_cast(currentIdx.internalPointer()); emit newReq(temp); } xca-RELEASE.2.2.1/widgets/Options.h0000644000175000017500000000222113614632167016164 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 20012 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __OPTIONS_H #define __OPTIONS_H #include "ui_Options.h" #include #include "lib/base.h" #include "SearchPkcs11.h" #include "MainWindow.h" class Options: public QDialog, public Ui::Options { Q_OBJECT private: SearchPkcs11 *searchP11; QStringList string_opts; QString getDnString(QListWidget *w); void setDnString(QString dn, QListWidget *w); void setupPkcs11Provider(QString list); QString getPkcs11Provider(); MainWindow *mw; QString listItem2Name(const QListWidgetItem *item) const; void updatePkcs11Item(QListWidgetItem *item) const; public: Options(MainWindow *parent); ~Options(); int exec(); QListWidgetItem *addLibItem(const QString &) const; public slots: void on_extDNadd_clicked(); void on_extDNdel_clicked(); void on_expDNadd_clicked(); void on_expDNdel_clicked(); void on_expDNdefault_clicked(); void on_addButton_clicked(void); void on_removeButton_clicked(void); void on_searchPkcs11_clicked(void); void addLib(QString); void Pkcs11ItemChanged(QListWidgetItem *); }; #endif xca-RELEASE.2.2.1/widgets/XcaHeaderView.cpp0000644000175000017500000000130213614632167017542 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2015 Christian Hohnstaedt. * * All rights reserved. */ #include "XcaHeaderView.h" #include "XcaTreeView.h" XcaHeaderView::XcaHeaderView() :QHeaderView(Qt::Horizontal) { #if (QT_VERSION >= QT_VERSION_CHECK(5, 0, 0)) setSectionsMovable(true); #else setMovable(true); #endif } void XcaHeaderView::contextMenuEvent(QContextMenuEvent *e) { XcaTreeView *tv = static_cast(parentWidget()); if (tv) tv->headerEvent(e, logicalIndexAt(e->pos())); } void XcaHeaderView::resetMoves() { for (int i=0; i #include #include KeyDetail::KeyDetail(QWidget *parent) :QDialog(parent) { setupUi(this); setWindowTitle(XCA_TITLE); image->setPixmap(*MainWindow::keyImg); keyModulus->setFont(XCA_application::tableFont); tabWidget->setCurrentIndex(0); } #ifndef OPENSSL_NO_EC static QString CurveComment(int nid) { foreach(builtin_curve curve, pki_key::builtinCurves) { if (curve.nid == nid) return curve.comment; } return QString(); } #endif void KeyDetail::setupFingerprints(pki_key *key) { int pos = 0; QWidget *widget = new QWidget(fingerprint); QVBoxLayout *v = new QVBoxLayout(fingerprint); QGridLayout *grid = new QGridLayout(widget); v->addStretch(); v->addWidget(widget); v->addStretch(); QStringList sl; sl << "ssh MD5" << "ssh SHA256 B64" << "x509 SHA1" << "DER SHA256"; foreach(QString type, sl) { qDebug() << type << key->fingerprint(type); QLabel *left = new QLabel(widget); CopyLabel *right = new CopyLabel(widget); left->setTextFormat(Qt::PlainText); left->setText(type); right->setText(key->fingerprint(type)); grid->addWidget(left, pos, 0); grid->addWidget(right, pos, 1); pos++; } } void KeyDetail::setKey(pki_key *key) { keyDesc->setText(key->getIntName()); keyLength->setText(key->length()); keyPrivEx->disableToolTip(); if (!key->isToken()) tabWidget->removeTab(1); tlHeader->setText(tr("Details of the %1 key").arg(key->getTypeString())); comment->setPlainText(key->getComment()); setupFingerprints(key); if (key->isPubKey()) { keyPrivEx->setText(tr("Not available")); keyPrivEx->setRed(); } else if (key->isToken()) { image->setPixmap(*MainWindow::scardImg); pki_scard *card = static_cast(key); cardLabel->setText(card->getCardLabel()); cardModel->setText(card->getModel()); cardManufacturer->setText(card->getManufacturer()); cardSerial->setText(card->getSerial()); slotLabel->setText(card->getLabel()); cardId->setText(card->getId()); keyPrivEx->setText(tr("Security token")); } else { keyPrivEx->setText(tr("Available")); keyPrivEx->setGreen(); } switch (key->getKeyType()) { case EVP_PKEY_RSA: keyPubEx->setText(key->pubEx()); keyModulus->setText(key->modulus()); break; case EVP_PKEY_DSA: tlPubEx->setText(tr("Sub prime")); tlModulus->setTitle(tr("Public key")); tlPrivEx->setText(tr("Private key")); keyPubEx->setText(key->subprime()); keyModulus->setText(key->pubkey()); break; #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: int nid; nid = key->ecParamNid(); tlModulus->setTitle(tr("Public key")); tlPrivEx->setText(tr("Private key")); tlPubEx->setText(tr("Curve name")); keyPubEx->setText(OBJ_nid2sn(nid)); connect(keyPubEx, SIGNAL(doubleClicked(QString)), MainWindow::getResolver(), SLOT(searchOid(QString))); keyPubEx->setToolTip(CurveComment(nid)); keyModulus->setText(key->ecPubKey()); break; #endif default: tlHeader->setText(tr("Unknown key")); } } xca-RELEASE.2.2.1/widgets/OidResolver.cpp0000644000175000017500000000243713614632167017332 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2012 Christian Hohnstaedt. * * All rights reserved. */ #include #include "OidResolver.h" #include "lib/oid.h" #include "lib/base.h" #include "lib/func.h" #include "lib/exception.h" OidResolver::OidResolver(QWidget *parent) :QWidget(parent) { setupUi(this); setWindowTitle(XCA_TITLE); } void OidResolver::searchOid(QString s) { bool ok; int n; if (input->text() != s) // Avoid moving the cursor at end if unchanged. input->setText(s); s = s.trimmed(); n = s.toUInt(&ok); if (!ok) n = OBJ_txt2nid(CCHAR(s)); if (n == NID_undef) { const char *clash = oid_name_clash[s]; if (clash) n = OBJ_txt2nid(clash); } QString lo = s.toLower(); if (n == NID_undef && s != lo) n = OBJ_txt2nid(CCHAR(lo)); if (n == NID_undef && oid_lower_map.contains(lo)) n = oid_lower_map[lo]; ign_openssl_error(); if (n == NID_undef) { ln->clear(); sn->clear(); oid->clear(); nid->clear(); } else { const ASN1_OBJECT *a = OBJ_nid2obj(n); ln->setText(OBJ_nid2ln(n)); sn->setText(OBJ_nid2sn(n)); nid->setText(QString("%1").arg(n)); if (a) { try { oid->setText(OBJ_obj2QString(a, 1)); } catch (errorEx &e) { oid->clear(); } } else { oid->clear(); } } ign_openssl_error(); show(); raise(); } xca-RELEASE.2.2.1/widgets/ExportDialog.cpp0000644000175000017500000001272113614632167017473 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "ExportDialog.h" #include "MainWindow.h" #include "lib/base.h" #include #include #include #include #include #include ExportDialog::ExportDialog(MainWindow *mw, QString title, QString filt, pki_base *pki, QPixmap *img, QList types) :QDialog(mw) { setupUi(this); mainwin = mw; setWindowTitle(XCA_TITLE); if (pki) descr->setText(pki->getIntName()); descr->setReadOnly(true); image->setPixmap(*img); label->setText(title); if (pki) { QString fn = Settings["workingdir"] + QDir::separator() + pki->getUnderlinedName() + "." + types[0].extension; filename->setText(fn); } filter = filt + ";;" + tr("All files ( * )"); foreach(exportType t, types) { QVariant q; q.setValue(t); if (t.type == exportType::Separator) exportFormat->insertSeparator(exportFormat->count()); else exportFormat->addItem(QString("%1 (*.%2)"). arg(t.desc).arg(t.extension), q); } for (int i=0; i < exportType::ETYPE_max; i++) help.append(QString()); help[exportType::Separator] = "What the heck!?"; help[exportType::PEM] = tr("PEM Text format with headers"); help[exportType::PEM_selected] = tr("Concatenated list of all selected items in one PEM text file"); help[exportType::PEM_chain] = tr("Concatenated text format of the complete certificate chain in one PEM file"); help[exportType::PEM_unrevoked] = tr("Concatenated text format of all unrevoked certificates in one PEM file"); help[exportType::PEM_all] = tr("Concatenated text format of all certificates in one PEM file"); help[exportType::DER] = tr("Binary DER encoded file"); help[exportType::PKCS7] = tr("PKCS#7 encoded single certificate"); help[exportType::PKCS7_chain] = tr("PKCS#7 encoded complete certificate chain"); help[exportType::PKCS7_unrevoked] = tr("All unrevoked certificates encoded in one PKCS#7 file"); help[exportType::PKCS7_selected] = tr("All selected certificates encoded in one PKCS#7 file"); help[exportType::PKCS7_all] = tr("All certificates encoded in one PKCS#7 file"); help[exportType::PKCS12] = tr("The certificate and the private key as encrypted PKCS#12 file"); help[exportType::PKCS12_chain] = tr("The complete certificate chain and the private key as encrypted PKCS#12 file"); help[exportType::PEM_cert_key] = tr("Concatenation of the certificate and the unencrypted private key in one PEM file"); help[exportType::PEM_cert_pk8] = tr("Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file"); help[exportType::PEM_key] = tr("Text format of the public key in one PEM file"); help[exportType::DER_key] = tr("Binary DER format of the public key"); help[exportType::PEM_private] = tr("Unencrypted private key in text format"); help[exportType::PEM_private_encrypt] = tr("OpenSSL specific encrypted private key in text format"); help[exportType::DER_private] = tr("Unencrypted private key in binary DER format"); help[exportType::PKCS8] = tr("Unencrypted private key in PKCS#8 text format"); help[exportType::PKCS8_encrypt] = tr("Encrypted private key in PKCS#8 text format"); help[exportType::SSH2_public] = tr("The public key encoded in SSH2 format"); help[exportType::Index] = tr("OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool"); help[exportType::vcalendar] = tr("vCalendar expiry reminder for the selected items"); help[exportType::vcalendar_ca] = tr("vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL"); on_exportFormat_highlighted(0); } void ExportDialog::on_fileBut_clicked() { QString s = QFileDialog::getSaveFileName(this, QString(), filename->text(), filter, NULL, QFileDialog::DontConfirmOverwrite); if (!s.isEmpty()) { nativeSeparator(s); filename->setText(s); } } void ExportDialog::on_exportFormat_activated(int selected) { QString fn = filename->text(); exportType form = exportFormat->itemData(selected).value(); for (int i=0; i< exportFormat->count(); i++) { exportType t = exportFormat->itemData(i).value(); if (fn.endsWith(QString(".") + t.extension)) { fn = fn.left(fn.length() - t.extension.length()) + form.extension; break; } } if (filename->isEnabled()) filename->setText(fn); on_exportFormat_highlighted(selected); } bool ExportDialog::mayWriteFile(const QString &fname) { if (QFile::exists(fname)) { xcaWarning msg(NULL, tr("The file: '%1' already exists!").arg(fname)); msg.addButton(QMessageBox::Ok)->setText( tr("Overwrite")); msg.addButton(QMessageBox::Cancel)->setText( tr("Do not overwrite")); if (msg.exec() != QMessageBox::Ok) { return false; } } return true; } void ExportDialog::accept() { QString fn = filename->text(); if (!filename->isEnabled()) { QDialog::accept(); return; } if (fn.isEmpty()) { reject(); return; } if (mayWriteFile(fn)) { Settings["workingdir"] = fn.mid(0, fn.lastIndexOf( QRegExp("[/\\\\]"))); QDialog::accept(); } } enum exportType::etype ExportDialog::type() { int selected = exportFormat->currentIndex(); exportType form = exportFormat->itemData(selected).value(); return form.type; } void ExportDialog::on_exportFormat_highlighted(int index) { exportType form = exportFormat->itemData(index).value(); infoBox->setText(help[form.type]); } xca-RELEASE.2.2.1/widgets/v3ext.h0000644000175000017500000000161613614632167015611 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2005 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __V3EXT_H #define __V3EXT_H #include "ui_v3ext.h" #include "lib/pki_base.h" #include #include #include #include "widgets/kvView.h" class pki_x509; class pki_key; class v3ext: public QDialog, public Ui::v3ext { Q_OBJECT private: QLineEdit *le; int nid; X509V3_CTX *ext_ctx; bool __validate(bool showSuccess); QStringList keys; QString prefix; public: v3ext( QWidget *parent); void addItem(QString list); void addEntry(QString list); QString toString(); void addInfo(QLineEdit *myle, const QStringList &sl, int n, X509V3_CTX *ctx); void setPrefix(QString p) { prefix = p; } public slots: void on_apply_clicked(); void on_validate_clicked(); void setupLineEdit(const QString &s, QLineEdit *l); }; #endif xca-RELEASE.2.2.1/widgets/MainWindow.h0000644000175000017500000001035013614632167016607 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __MAINWINDOW_H #define __MAINWINDOW_H #include "NewX509.h" #include "XcaWarning.h" #include "OidResolver.h" #include "ui_MainWindow.h" #include "lib/db_key.h" #include "lib/db_x509req.h" #include "lib/db_x509.h" #include "lib/db_temp.h" #include "lib/db_crl.h" #include "lib/exception.h" #include "lib/oid.h" #include "lib/Passwd.h" #include "lib/settings.h" #include "lib/main.h" #include #include #include #include #include #include #include #include class db_x509; class pki_multi; class tipMenu : public QMenu { Q_OBJECT public: tipMenu(QString n, QWidget *w) : QMenu(n, w) {} bool event (QEvent * e) { const QHelpEvent *helpEvent = static_cast (e); if (helpEvent->type() == QEvent::ToolTip && activeAction() && activeAction()->toolTip() != activeAction()->text()) { QToolTip::showText(helpEvent->globalPos(), activeAction()->toolTip()); } else { QToolTip::hideText(); } return QMenu::event(e); } }; class DHgen; class MainWindow: public QMainWindow, public Ui::MainWindow { Q_OBJECT private: static OidResolver *resolver; QString string_opt; QList wdList; QList wdMenuList; QList scardList; QList acList; QStringList history; tipMenu *historyMenu; void update_history_menu(); void set_geometry(QString geo); QLineEdit *searchEdit; QStringList urlsToOpen; int checkOldGetNewPass(Passwd &pass); int exportIndex(QString fname, bool hierarchy); void checkDB(); QSqlError initSqlDB(); QString openSqlDB(QString dbName); QList models; QProgressBar *dhgenBar; DHgen *dhgen; const QList getTranslators() const; protected: void init_images(); void init_menu(); int force_load; NIDlist *read_nidlist(QString name); QLabel *statusLabel; QString homedir; int changeDB(QString fname); void keyPressEvent(QKeyEvent *e); int dbTimer; void timerEvent(QTimerEvent *event); public: static db_x509 *certs; static db_x509req *reqs; static db_key *keys; static db_temp *temps; static db_crl *crls; static QPixmap *keyImg, *csrImg, *certImg, *tempImg, *nsImg, *revImg, *appIco, *scardImg, *doneIco, *warnIco; static NIDlist *eku_nid, *dn_nid; int exitApp; QLabel *dbindex; MainWindow(QWidget *parent); virtual ~MainWindow(); void loadSettings(); void saveSettings(); int initPass(QString dbName); int initPass(QString dbName, QString passhash); void read_cmdline(int argc, char *argv[]); void load_engine(); static OidResolver *getResolver() { return resolver; } static void Error(const errorEx &err); static void dbSqlError(QSqlError err = QSqlError()); void cmd_version(); void cmd_help(const char* msg); bool mkDir(QString dir); void setItemEnabled(bool enable); void enableTokenMenu(bool enable); pki_multi *probeAnything(QString file, int *ret = NULL); void importAnything(QString file); void dropEvent(QDropEvent *event); void dragEnterEvent(QDragEnterEvent *event); int open_default_db(); void load_history(); void update_history(QString file); void initResolver(); bool checkForOldDbFormat(); bool checkForOldDbFormat(QString dbfile); int verifyOldDbPass(QString dbname); void importOldDatabase(QString dbname); public slots: int init_database(QString dbName); void new_database(); void load_database(); void close_database(); void dump_database(); void default_database(); void connNewX509(NewX509 *nx); void about(); void help(); void undelete(); void loadPem(); bool pastePem(QString text, bool silent=false); void pastePem(); void changeDbPass(); void openURLs(QStringList &files); void openURLs(); void changeEvent(QEvent *event); void exportIndex(); void exportIndexHierarchy(); void openRemoteSqlDB(); void generateDHparamDone(); protected slots: void closeEvent(QCloseEvent * event); private slots: void setOptions(); void manageToken(); void initToken(); void changePin(bool so=false); void changeSoPin(); void initPin(); void generateDHparam(); void open_database(QAction* a); }; #endif xca-RELEASE.2.2.1/widgets/NewX509.cpp0000644000175000017500000010252613614632167016214 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "NewX509.h" #include #include #include #include #include #include #include #include #include #include #include #include #include "MainWindow.h" #include "v3ext.h" #include "lib/x509name.h" #include "lib/db_key.h" #include "lib/db_x509req.h" #include "lib/db_x509.h" #include "lib/db_temp.h" #include "lib/oid.h" #include "lib/func.h" void NewX509::setupExplicitDN(NIDlist my_dn_nid = NIDlist()) { NIDlist expl_dn_nid; /* Create configured explicit_dn list */ if (!Settings["explicit_dn"].empty()) { foreach(QString dn, Settings["explicit_dn"].split(",")) { int nid = OBJ_sn2nid(CCHAR(dn)); if (!my_dn_nid.contains(nid)) expl_dn_nid << nid; } } nameEdits = setupExplicitInputs(my_dn_nid + expl_dn_nid, dnWidget, description, 2); } QList NewX509::setupExplicitInputs(NIDlist nid_list, QWidget *parent, QWidget *old, int columns) { QList edits; QGridLayout *layout = dynamic_cast(parent->layout()); if (layout) { QLayoutItem *child; while ((child = layout->takeAt(0))) { delete child->widget(); delete child; } } else { layout = new QGridLayout(parent); layout->setAlignment(Qt::AlignTop); layout->setSpacing(6); layout->setMargin(0); } int n = 0, col = 0; foreach(int nid, nid_list) { DoubleClickLabel *label; QLineEdit *edit; QString trans = dn_translations[nid]; QString ln = OBJ_nid2ln(nid), sn = OBJ_nid2sn(nid); label = new DoubleClickLabel(parent); if (Settings["translate_dn"] && !trans.isEmpty()) { label->setText(trans); label->setToolTip(QString("[%1] %2").arg(sn, ln)); if (sn == ln) label->setToolTip(ln); } else { label->setText(ln); label->setToolTip(QString("[%1] %2").arg(sn, trans)); if (trans == sn) label->setToolTip(trans); } label->setClickText(OBJ_nid2sn(nid)); connect(label, SIGNAL(doubleClicked(QString)), MainWindow::getResolver(), SLOT(searchOid(QString))); edit = new QLineEdit(parent); setupLineEditByNid(nid, edit); edits << nameEdit(nid, edit, label); layout->addWidget(label, n, col); layout->addWidget(edit, n, col +1); n++; if (n > (nid_list.size()-1)/columns) { col += 2; n = 0; } QWidget::setTabOrder(old, edit); old = edit; } return edits; } NewX509::NewX509(QWidget *parent) :QDialog(parent) { int i; eku_nid = *MainWindow::eku_nid; dn_nid = *MainWindow::dn_nid; aia_nid << OBJ_sn2nid("OCSP") << OBJ_sn2nid("caIssuers"); attr_nid << NID_pkcs9_unstructuredName << NID_pkcs9_challengePassword; QStringList keys; setupUi(this); /* temporary storage for creating temporary X509V3_CTX */ ctx_cert = NULL; pkiSource = generated; foreach(int nid, dn_nid) keys << QString(OBJ_nid2ln(nid)); extDNlist->setKeys(keys); extDNlist->setInfoLabel(extDNinfo); connect(extDNlist->itemDelegateForColumn(1), SIGNAL(setupLineEdit(const QString &, QLineEdit *)), this, SLOT(setupExtDNwidget(const QString &, QLineEdit *))); connect(subAltName, SIGNAL(textChanged(const QString &)), this, SLOT(checkSubAltName(const QString &))); connect(issAltName, SIGNAL(textChanged(const QString &)), this, SLOT(checkIssAltName(const QString &))); connect(crlDist, SIGNAL(textChanged(const QString &)), this, SLOT(checkCrlDist(const QString &))); connect(authInfAcc, SIGNAL(textChanged(const QString &)), this, SLOT(checkAuthInfAcc(const QString &))); setWindowTitle(XCA_TITLE); for (i=0; icount(); i++) { tabnames << tabWidget->tabText(i); } nsImg->setPixmap(*MainWindow::nsImg); // are there any useable private keys ? newKeyDone(NULL); // any PKCS#10 requests to be used ? QList requests = MainWindow::reqs->getAllRequests(); if (requests.isEmpty()) { fromReqCB->setDisabled(true); fromReqCB->setChecked(false); } else { reqList->insertPkiItems(requests); } on_fromReqCB_clicked(); // How about signing certificates ? QList issuers = MainWindow::certs->getAllIssuers(); if (issuers.isEmpty()) { foreignSignRB->setDisabled(true); } else { certList->insertPkiItems(issuers); } // set dates to now and now + 1 year validN->setText("1"); validRange->setCurrentIndex(2); on_applyTime_clicked(); // settings for the templates .... tempList->insertPkiItems(MainWindow::temps->getAllAndPredefs()); // setup Extended keyusage foreach(int nid, eku_nid) ekeyUsage->addItem(OBJ_nid2ln(nid)); // setup Authority Info Access foreach(int nid, aia_nid) aiaOid->addItem(OBJ_nid2ln(nid)); // init the X509 v3 context X509V3_set_ctx(&ext_ctx, NULL , NULL, NULL, NULL, 0); X509V3_set_ctx_nodb(&ext_ctx); // Setup dnWidget setupExplicitDN(); // Setup Request Attributes attrEdits = setupExplicitInputs(attr_nid, attrWidget, reqSubChange, 1); // last polish on_certList_currentIndexChanged(0); certList->setDisabled(true); tabWidget->setCurrentIndex(0); attrWidget->hide(); pt = none; notAfter->setEndDate(true); QMap nidLabel; nidLabel[NID_subject_alt_name] = sanLbl; nidLabel[NID_issuer_alt_name] = ianLbl; nidLabel[NID_crl_distribution_points] = crldpLbl; nidLabel[NID_info_access] = aiaLbl; nidLabel[NID_netscape_base_url] = nsBaseLbl; nidLabel[NID_netscape_revocation_url] = nsRevLbl; nidLabel[NID_netscape_ca_revocation_url] = nsCaRevLbl; nidLabel[NID_netscape_renewal_url] = nsRenewLbl; nidLabel[NID_netscape_ca_policy_url] = nsCaPolicyLbl; nidLabel[NID_netscape_ssl_server_name] = nsSslServerLbl; nidLabel[NID_netscape_comment] = nsCommentLbl; foreach(int nid, nidLabel.keys()) { DoubleClickLabel *l = nidLabel[nid]; l->setText(Settings["translate_dn"] ? dn_translations[nid] : OBJ_nid2ln(nid)); if (l->toolTip().isEmpty()) { l->setToolTip(Settings["translate_dn"] ? OBJ_nid2ln(nid) : dn_translations[nid]); } l->setClickText(OBJ_nid2sn(nid)); connect(l, SIGNAL(doubleClicked(QString)), MainWindow::getResolver(), SLOT(searchOid(QString))); } QMap nidGroupBox; nidGroupBox[NID_basic_constraints] = bcBox; nidGroupBox[NID_key_usage] = kuBox; nidGroupBox[NID_ext_key_usage] = ekuBox; nidGroupBox[NID_netscape_cert_type] = nsCertTypeBox; foreach(int nid, nidGroupBox.keys()) { QGroupBox *g = nidGroupBox[nid]; g->setTitle(Settings["translate_dn"] ? dn_translations[nid] : OBJ_nid2ln(nid)); if (g->toolTip().isEmpty()) { g->setToolTip(Settings["translate_dn"] ? OBJ_nid2ln(nid) : dn_translations[nid]); } } if (Settings["translate_dn"]) { QList gb; gb << distNameBox << keyIdentBox; foreach(QGroupBox *g, gb) { QString tt = g->toolTip(); g->setToolTip(g->title()); g->setTitle(tt); } QList cbList; cbList << bcCritical << kuCritical << ekuCritical; foreach(QCheckBox* cb, cbList) { cb->setText(tr("Critical")); } } if (Settings["disable_netscape"]) tabWidget->removeTab(4); // Setup widget <-> Template mapping #define MAP_LE(name) templateLineEdits[#name] = name; MAP_LE(subAltName); MAP_LE(issAltName); MAP_LE(crlDist); MAP_LE(nsComment); MAP_LE(nsBaseUrl); MAP_LE(nsRevocationUrl); MAP_LE(nsCARevocationUrl); MAP_LE(nsRenewalUrl); MAP_LE(nsCaPolicyUrl); MAP_LE(nsSslServerName); MAP_LE(validN); MAP_LE(basicPath); #define MAP_CB(name) templateCheckBoxes[#name] = name; MAP_CB(bcCritical); MAP_CB(kuCritical); MAP_CB(ekuCritical); MAP_CB(subKey); MAP_CB(authKey); MAP_CB(validMidn); MAP_CB(noWellDefinedExpDate); } void NewX509::setRequest() { reqWidget->hide(); attrWidget->show(); signerBox->setEnabled(false); timewidget->setEnabled(false); capt->setText(tr("Create Certificate signing request")); authKey->setEnabled(false); setImage(MainWindow::csrImg); pt = x509_req; } NewX509::~NewX509() { if (ctx_cert) delete(ctx_cert); } void NewX509::setupExtDNwidget(const QString &s, QLineEdit *l) { setupLineEditByNid(OBJ_txt2nid(CCHAR(s)), l); } void NewX509::setupLineEditByNid(int nid, QLineEdit *l) { ASN1_STRING_TABLE *tab = ASN1_STRING_TABLE_get(nid); QValidator *validator = NULL; QStringList info; info << QString("[%1]").arg(OBJ_nid2sn(nid)); if (tab) { if (tab->minsize > 1) info << tr("minimum size: %1").arg(tab->minsize); if (tab->maxsize != -1) info << tr("maximum size: %1").arg(tab->maxsize); if (tab->mask == B_ASN1_PRINTABLESTRING) { info << tr("only a-z A-Z 0-9 '()+,-./:=?"); QRegExp rx("[a-zA-Z0-9'()+,-./:=?]+"); validator = new QRegExpValidator(rx, this); } else if (tab->mask == B_ASN1_IA5STRING) { info << tr("only 7-bit clean characters"); } } l->setToolTip(info.join(" ")); l->setValidator(validator); } void NewX509::getReqAttributes(pki_x509req *req) { foreach(nameEdit e, attrEdits) { req->addAttribute(e.nid, e.edit->text()); } } void NewX509::setReqAttributes(pki_x509req *req) { foreach(nameEdit e, attrEdits) { e.edit->setText(req->getAttribute(e.nid)); } } /* Initialize dialog for Template creation */ void NewX509::setTemp(pki_temp *temp) { description->setText(temp->getIntName()); capt->setText(tr("Edit XCA template")); tabWidget->removeTab(0); privKeyBox->setEnabled(false); validityBox->setEnabled(false); setImage(MainWindow::tempImg); pt = tmpl; fromTemplate(temp); comment->setPlainText(temp->getComment()); } /* Initialize dialog for Certificate creation */ void NewX509::setCert() { capt->setText(tr("Create x509 Certificate")); setImage(MainWindow::certImg); pt = x509; } void NewX509::setImage(QPixmap *img) { image->setPixmap(*img); } /* Select a template and apply it */ void NewX509::defineTemplate(pki_temp *temp) { fromTemplate(temp); templateChanged(temp); pkiSource = transformed; } /* Select a Request for signing it */ void NewX509::defineRequest(pki_x509req *req) { fromReqCB->setEnabled(true); fromReqCB->setChecked(true); reqList->setCurrentPkiItem(req); pkiSource = transformed; on_fromReqCB_clicked(); } /* Preset all values from another request to create a similar one */ void NewX509::fromX509super(pki_x509super *cert_or_req, bool applyTemp) { pki_temp *temp = new pki_temp(""); temp->fromCert(cert_or_req); defineTemplate(temp); delete temp; description->setText(cert_or_req->getIntName()); pki_key *key = cert_or_req->getRefKey(); if (key) { usedKeysToo->setChecked(true); keyList->setCurrentPkiItem(key); } hashAlgo->setCurrentMD(cert_or_req->getDigest()); switch(cert_or_req->getType()) { case x509: { pki_x509 *cert = (pki_x509*)cert_or_req; pki_x509 *signer = cert->getSigner(); if (signer == cert) { foreignSignRB->setChecked(false); } else if (signer) { defineSigner(signer, applyTemp); } notBefore->setDate(cert->getNotBefore()); notAfter->setDate(cert->getNotAfter()); break; } case x509_req: { pki_x509req *req = (pki_x509req*)cert_or_req; setReqAttributes(req); break; } default: break; } } pki_temp *NewX509::caTemplate(pki_x509 *ca) const { QVariant sqlId = ca->getTemplateSqlId(); if (!sqlId.isValid()) return NULL; return MainWindow::temps->lookupPki(sqlId); } /* Preset the signing certificate */ void NewX509::defineSigner(pki_x509 *defcert, bool applyTemp) { // suggested from: Andrey Brindeew if (defcert && defcert->canSign() ) { if (certList->setCurrentPkiItem(defcert) != -1) { foreignSignRB->setChecked(true); certList->setEnabled(true); if (applyTemp && defcert->getTemplateSqlId().isValid()) { on_applyTemplate_clicked(); } } } } static int lb2int(QListWidget *lb) { int i, x=0, c=lb->count(); QListWidgetItem *item; for (i=0; iitem(i); if (lb->isItemSelected(item)){ x |= 1<count(); QListWidgetItem *item; for (i=0; iitem(i); lb->setItemSelected(item, (1< items; for (int i=0; ifindItems(lname, Qt::MatchExactly); if (items.size() > 0) lb->setItemSelected(items[0], 1); } } static QString lb2QString(QListWidget *lb) { QStringList sl; for (int i=0; icount(); i++) { QListWidgetItem *item = lb->item(i); if (lb->isItemSelected(item)) { sl << QString(OBJ_ln2sn(CCHAR(item->text()))); } } return sl.join(", "); } void NewX509::subjectFromTemplate(pki_temp *temp) { if (temp) setX509name(temp->getSubject()); } void NewX509::extensionsFromTemplate(pki_temp *temp) { if (!temp) return; QMapIterator l(templateLineEdits); while (l.hasNext()) { l.next(); l.value()->setText(temp->getSetting(l.key())); } QMapIterator i(templateCheckBoxes); while (i.hasNext()) { i.next(); i.value()->setChecked(temp->getSettingInt(i.key())); } int2lb(nsCertType, temp->getSettingInt("nsCertType")); basicCA->setCurrentIndex(temp->getSettingInt("ca")); int2lb(keyUsage, temp->getSettingInt("keyUse")); QString2lb(ekeyUsage, temp->getSetting("eKeyUse")); validRange->setCurrentIndex(temp->getSettingInt("validM")); nconf_data->document()->setPlainText(temp->getSetting("adv_ext")); setAuthInfAcc_string(temp->getSetting("authInfAcc")); on_applyTime_clicked(); } void NewX509::fromTemplate(pki_temp *temp) { subjectFromTemplate(temp); extensionsFromTemplate(temp); } void NewX509::toTemplate(pki_temp *temp) { temp->setIntName(description->text()); temp->setSubject(getX509name()); QMapIterator l(templateLineEdits); while (l.hasNext()) { l.next(); temp->setSetting(l.key(), l.value()->text()); } QMapIterator i(templateCheckBoxes); while (i.hasNext()) { i.next(); temp->setSetting(i.key(), i.value()->isChecked()); } temp->setSetting("authInfAcc", getAuthInfAcc_string()); temp->setSetting("nsCertType", lb2int(nsCertType)); temp->setSetting("ca", basicCA->currentIndex()); temp->setSetting("keyUse", lb2int(keyUsage)); temp->setSetting("eKeyUse", lb2QString(ekeyUsage)); temp->setSetting("validN", validN->text().toInt()); temp->setSetting("validM", validRange->currentIndex()); if (!temp->getSetting("basicPath").isEmpty()) temp->setSetting("basicPath", temp->getSettingInt("basicPath")); if (nconf_data->isReadOnly()) { temp->setSetting("adv_ext", v3ext_backup); } else { temp->setSetting("adv_ext", nconf_data->toPlainText()); } temp->setComment(comment->toPlainText()); } void NewX509::on_fromReqCB_clicked() { bool request = fromReqCB->isChecked(); bool subj_tab_present = tabWidget->widget(1) == tab_1; bool subChange = reqSubChange->isChecked(); if (request && subj_tab_present && !subChange) tabWidget->removeTab(1); else if ((!request || subChange) && !subj_tab_present) tabWidget->insertTab(1, tab_1, tr("Subject")); reqList->setEnabled(request); copyReqExtCB->setEnabled(request); showReqBut->setEnabled(request); reqSubChange->setEnabled(request); switchHashAlgo(); } void NewX509::on_reqSubChange_clicked() { if (reqSubChange->isChecked()) { pki_x509req *req = getSelectedReq(); description->setText(req->getIntName()); setX509name(req->getSubject()); usedKeysToo->setEnabled(false); keyList->setEnabled(false); genKeyBut->setEnabled(false); } on_fromReqCB_clicked(); } void NewX509::on_keyList_currentIndexChanged(const QString &) { switchHashAlgo(); } void NewX509::on_reqList_currentIndexChanged(const QString &) { switchHashAlgo(); } void NewX509::switchHashAlgo() { pki_key *key; pki_x509super *sig; if (foreignSignRB->isChecked()) sig = getSelectedSigner(); else if (fromReqCB->isChecked()) sig = getSelectedReq(); else sig = NULL; key = sig ? sig->getRefKey() : getSelectedKey(); if (key) { hashAlgo->setKeyType(key->getKeyType()); hashAlgo->setupHashes(key->possibleHashNids()); } else { hashAlgo->setKeyType(EVP_PKEY_RSA); hashAlgo->setupAllHashes(); } } void NewX509::on_showReqBut_clicked() { emit showReq(reqList->currentPkiItem()); } void NewX509::itemChanged(pki_base* req) { reqList->insertPkiItems(MainWindow::reqs->getAllRequests()); reqList->setCurrentPkiItem(dynamic_cast(req)); } void NewX509::on_genKeyBut_clicked() { QString name = description->text(); if (name.isEmpty()) name = getX509name().getMostPopular(); emit genKey(name); } void NewX509::on_certList_currentIndexChanged(int) { a1time snb, sna; pki_x509 *cert = getSelectedSigner(); switchHashAlgo(); if (!cert) return; pki_temp *templ = caTemplate(cert); snb = cert->getNotBefore(); sna = cert->getNotAfter(); if (snb > notBefore->getDate()) notBefore->setDate(snb); if (sna < notAfter->getDate()) notAfter->setDate(sna); if (templ) templateChanged(templ); } void NewX509::templateChanged(QString tempname) { int index; if (!tempList->isEnabled()) return; if ((index = tempList->findText(tempname)) <0) return; tempList->setCurrentIndex(index); } void NewX509::templateChanged(pki_temp *templ) { tempList->setCurrentPkiItem(templ); } pki_temp *NewX509::currentTemplate() { if (!tempList->isEnabled()) return NULL; return tempList->currentPkiItem(); } void NewX509::selfComment(QString msg) { comment->setPlainText(appendXcaComment(comment->toPlainText(), msg)); } void NewX509::on_applyTemplate_clicked() { pki_temp *t = currentTemplate(); if (!t) return; fromTemplate(t); selfComment(tr("Template '%1' applied").arg(t->comboText())); } void NewX509::on_applySubject_clicked() { pki_temp *t = currentTemplate(); subjectFromTemplate(t); selfComment(tr("Subject applied from template '%1'") .arg(t->comboText())); } void NewX509::on_applyExtensions_clicked() { pki_temp *t = currentTemplate(); extensionsFromTemplate(t); selfComment(tr("Extensions applied from template '%1'") .arg(t->comboText())); } void NewX509::on_foreignSignRB_toggled(bool) { switchHashAlgo(); } void NewX509::newKeyDone(pki_key *nkey) { allKeys = MainWindow::keys->getAllKeys(); unusedKeys= MainWindow::keys->getUnusedKeys(); on_usedKeysToo_toggled(true); if (nkey) { selfComment(tr("New key '%1' created") .arg(nkey->comboText())); keyList->setCurrentPkiItem(nkey); } else { keyList->setCurrentIndex(0); } } void NewX509::on_usedKeysToo_toggled(bool) { pki_key *cur = keyList->currentPkiItem(); keyList->clear(); keyList->insertPkiItems(usedKeysToo->isChecked() ? allKeys : unusedKeys); keyList->setCurrentPkiItem(cur); } pki_key *NewX509::getSelectedKey() { return keyList->currentPkiItem(); } pki_x509 *NewX509::getSelectedSigner() { return certList->currentPkiItem(); } pki_x509req *NewX509::getSelectedReq() { return reqList->currentPkiItem(); } x509name NewX509::getX509name(int _throw) { x509name x; int j, row, nid; if (fromReqCB->isChecked() && !reqSubChange->isChecked()) return getSelectedReq()->getSubject(); try { foreach(nameEdit ne, nameEdits) { x.addEntryByNid(ne.nid, ne.edit->text()); } row = extDNlist->rowCount(); for (j=0; jgetRow(j); nid = OBJ_txt2nid(CCHAR(l[0])); x.addEntryByNid(nid, l[1]); } } catch (errorEx &err) { if (!err.isEmpty()) { if (_throw) throw err; else XCA_WARN(err.getString()); } } return x; } void NewX509::setX509name(const x509name &n) { extDNlist->deleteAllRows(); foreach(nameEdit ne, nameEdits) { ne.edit->setText(""); } if (Settings["adapt_explicit_subject"]) { NIDlist mydn; for (int i=0; i< n.entryCount(); i++) mydn << n.nid(i); setupExplicitDN(mydn); } for (int i=0, j=0; i< n.entryCount(); i++) { int nid = n.nid(i); bool done = false; QStringList sl = n.entryList(i); for ( ; j < nameEdits.size(); j++) { nameEdit ne(nameEdits[j]); if (nid == ne.nid && ne.edit->text().isEmpty()) { ne.edit->setText(sl[2]); done = true; break; } } if (!done) { extDNlist->addRow(sl.mid(1, 2)); } } } void NewX509::on_applyTime_clicked() { notAfter->setDiff(notBefore, validN->text().toInt(), validRange->currentIndex()); } void NewX509::setupTmpCtx() { pki_x509 *signcert; pki_x509req *req = NULL; pki_key *key = NULL; a1int serial(1); QString errtxt; // initially create temporary ctx cert if (ctx_cert) delete ctx_cert; ctx_cert = new pki_x509(); ctx_cert->setSubject(getX509name()); if (fromReqCB->isChecked()) { req = getSelectedReq(); if (req) key = req->getRefKey(); } else { key = getSelectedKey(); } if (key) ctx_cert->setPubKey(key); // Step 2 - select Signing if (foreignSignRB->isChecked()) { signcert = getSelectedSigner(); ctx_cert->setIssuer(signcert->getSubject()); } else { signcert = ctx_cert; ctx_cert->setIssuer(ctx_cert->getSubject()); } ctx_cert->setSerial(serial); initCtx(ctx_cert, signcert, req); } void NewX509::editV3ext(QLineEdit *le, QString types, int n) { v3ext *dlg; dlg = new v3ext(this); setupTmpCtx(); if (n == NID_info_access) { int nid, idx = aiaOid->currentIndex(); if (idx >= 0 && idx < aia_nid.size()) { nid = aia_nid[idx]; dlg->setPrefix(QString(OBJ_nid2sn(nid)) + ";"); } } dlg->addInfo(le, types.split(',' ), n, &ext_ctx); dlg->exec(); delete(dlg); } void NewX509::on_adv_validate_clicked() { if (!nconf_data->isReadOnly()) { /* switch from edit to display mode */ do_validateExtensions(); } else { /* switch back to edit mode */ undo_validateExtensions(); } } void NewX509::checkIcon(const QString &text, int nid, QLabel *img) { if (text.isEmpty()) { img->clear(); return; } ign_openssl_error(); switch (nid) { case NID_subject_alt_name: getSubAltName(); break; case NID_issuer_alt_name: getIssAltName(); break; case NID_crl_distribution_points: getCrlDist(); break; case NID_info_access: getAuthInfAcc(); break; } if (ign_openssl_error()) { img->setPixmap(*MainWindow::warnIco); return; } img->setPixmap(*MainWindow::doneIco); } void NewX509::checkSubAltName(const QString & text) { checkIcon(text, NID_subject_alt_name, subAltIco); } void NewX509::checkIssAltName(const QString & text) { checkIcon(text, NID_issuer_alt_name, issAltIco); } void NewX509::checkCrlDist(const QString & text) { checkIcon(text, NID_crl_distribution_points, crlDistIco); } void NewX509::checkAuthInfAcc(const QString & text) { checkIcon(text, NID_info_access, authInfAccIco); } int NewX509::do_validateExtensions() { QString result; int ret = 0; if (!nconf_data->isReadOnly()) { v3ext_backup = nconf_data->toPlainText(); } ret = validateExtensions(v3ext_backup, result); nconf_data->document()->setHtml(result); nconf_data->setReadOnly(true); adv_validate->setText(tr("Edit")); return ret; } void NewX509::undo_validateExtensions() { if (nconf_data->isReadOnly()) { nconf_data->document()->setPlainText(v3ext_backup); } nconf_data->setReadOnly(false); adv_validate->setText(tr("Validate")); } int NewX509::validateExtensions(QString nconf, QString &result) { int ret = 0, ext_count = 0; QStringList errors; extList el, req_el; ign_openssl_error(); setupTmpCtx(); (void)nconf; try { el = getGuiExt(); if (!Settings["disable_netscape"]) el += getNetscapeExt(); el.delInvalid(); } catch (errorEx &err) { errors += err.getString(); el.clear(); } ext_count += el.size(); if (el.size() > 0) { result += "

"; result += tr("Other Tabs") + "

\n"; result += el.getHtml("
"); } try { el = getAdvanced(); } catch (errorEx &err) { errors += err.getString(); el.clear(); } ext_count += el.size(); if (el.size() > 0) { if (!result.isEmpty()) result += "\n

\n"; result += "

"; result += tr("Advanced Tab") + "

\n"; result += el.getHtml("
"); } if (errors.size()) { if (!result.isEmpty()) result += "\n

\n"; result += "

"; result += tr("Errors") + "

  • \n"; result += errors.join("
  • \n"); result += "
"; ret = 1; } el.clear(); if (fromReqCB->isChecked() && copyReqExtCB->isChecked()) { req_el = getSelectedReq()->getV3ext(); for (int i=0; iaddV3ext(req_el[i], true)) el += req_el[i]; } } ext_count += el.size(); if (el.size() > 0) { if (!result.isEmpty()) result += "\n
\n"; result += "

"; result += tr("From PKCS#10 request") +"

\n"; result += el.getHtml("
"); } el = getExtDuplicates(); if (el.size() > 0) { QString errtxt; ret = 1; errtxt = "

Error:" "duplicate extensions:

    \n"; for(int i = 0; i< el.size(); i++) { errtxt += "
  • " +el[i].getObject() +"
    • \n"; } errtxt += "
\n
\n"; result = errtxt + result; } ign_openssl_error(); return ret == 1 ? 1 : ext_count == 0 && pt == x509 ? 2 : 0; } void NewX509::on_editSubAlt_clicked() { QString s = "URI,email,RID,DNS,IP,otherName"; editV3ext(subAltName, s, NID_subject_alt_name); } void NewX509::on_editIssAlt_clicked() { QString s = "URI,email,RID,DNS,IP,otherName,issuer"; editV3ext(issAltName, s, NID_issuer_alt_name); } void NewX509::on_editCrlDist_clicked() { editV3ext(crlDist, "URI", NID_crl_distribution_points); } void NewX509::on_editAuthInfAcc_clicked() { editV3ext(authInfAcc, "URI,email,RID,DNS,IP", NID_info_access); } void NewX509::on_tabWidget_currentChanged(int tab) { if (tabWidget->tabText(tab) == tabnames[5]) do_validateExtensions(); } QString NewX509::mandatoryDnRemain() { QStringList remain, dnl = QString(Settings["mandatory_dn"]).split(","); x509name n; int i; if (QString(Settings["mandatory_dn"]).isEmpty()) return QString(); n = getX509name(); for (i=0; i< n.entryCount(); i++) { int j = dnl.indexOf(QString(OBJ_nid2sn(n.nid(i)))); if (j>=0) dnl.removeAt(j); } if (dnl.size() == 0) return QString(); foreach(QString x, dnl) remain << QString(OBJ_sn2ln(x.toLatin1())); return QString("'%1'").arg(remain.join("','")); } void NewX509::gotoTab(int tab) { for (int i=0; icount(); i++) { if (tabWidget->tabText(i) == tabnames[tab]) { tabWidget->setCurrentIndex(i); break; } } } enum pki_source NewX509::getPkiSource() const { return pkiSource; } void NewX509::accept() { x509name xn; on_tabWidget_currentChanged(0); try { xn = getX509name(1); } catch (errorEx &err) { gotoTab(1); xcaWarning msg(this, err.getString()); msg.addButton(QMessageBox::Ok); msg.addButton(QMessageBox::Close)->setText(tr("Abort rollout")); if (msg.exec() == QMessageBox::Close) { reject(); } return; } QString lenErr = xn.checkLength(); if (!lenErr.isEmpty()) { gotoTab(1); lenErr = tr("The following length restrictions of RFC3280 are violated:") + "\n" + lenErr; xcaWarning msg(this, lenErr); msg.addButton(QMessageBox::Ok)->setText(tr("Edit subject")); msg.addButton(QMessageBox::Close)->setText(tr("Abort rollout")); msg.addButton(QMessageBox::Apply)->setText(tr("Continue rollout")); switch (msg.exec()) { case QMessageBox::Ok: case QMessageBox::Cancel: return; case QMessageBox::Close: reject(); return; case QMessageBox::Apply: break; } } if (fromReqCB->isChecked() && !getSelectedReq()->verify()) { gotoTab(0); xcaWarning msg(this, tr("The verification of the Certificate request failed.\nThe rollout should be aborted.")); msg.addButton(QMessageBox::Ok)->setText(tr("Continue anyway")); msg.addButton(QMessageBox::Close)->setText(tr("Abort rollout")); if (msg.exec() == QMessageBox::Close) { reject(); } } if (description->text().isEmpty() && !fromReqCB->isChecked()) { QString cn = getX509name().getMostPopular(); if (cn.isEmpty()) { gotoTab(1); xcaWarning msg(this, tr("The internal name and the common name are empty.\nPlease set at least the internal name.")); msg.addButton(QMessageBox::Ok)->setText(tr("Edit name")); msg.addButton(QMessageBox::Close)->setText(tr("Abort rollout")); if (msg.exec() == QMessageBox::Close) { reject(); } return; } else { description->setText(cn); } } if (keyList->count() == 0 && keyList->isEnabled() && !fromReqCB->isChecked()) { gotoTab(1); xcaWarning msg(this, tr("There is no Key selected for signing.")); msg.addButton(QMessageBox::Ok)->setText(tr("Select key")); msg.addButton(QMessageBox::Close)->setText(tr("Abort rollout")); if (msg.exec() == QMessageBox::Close) { reject(); } return; } QString unsetDN; if (pt != tmpl) unsetDN = mandatoryDnRemain(); if (!unsetDN.isEmpty()) { gotoTab(1); QString text = tr("The following distinguished name entries are empty:\n%1\nthough you have declared them as mandatory in the options menu.").arg(unsetDN); xcaWarning msg(this, text); msg.addButton(QMessageBox::Ok)->setText(tr("Edit subject")); msg.addButton(QMessageBox::Close)->setText(tr("Abort rollout")); msg.addButton(QMessageBox::Apply)->setText(tr("Continue rollout")); switch (msg.exec()) { case QMessageBox::Ok: case QMessageBox::Cancel: return; case QMessageBox::Close: reject(); return; case QMessageBox::Apply: break; } } pki_key *signkey = NULL; pki_x509 *signer = NULL; if (foreignSignRB->isChecked()) { signer = getSelectedSigner(); if (signer) signkey = signer->getRefKey(); } else if (fromReqCB->isChecked()) { pki_x509req *req = getSelectedReq(); if (req) signkey = req->getRefKey(); } else { signkey = getSelectedKey(); } if ((!signkey || signkey->isPubKey()) && pt != tmpl) { QString txt; gotoTab(signer ? 0 : 1); xcaWarning msg(this, tr("The key you selected for signing is not a private one.")); txt = signer ? tr("Select other signer"):tr("Select other key"); msg.addButton(QMessageBox::Ok)->setText(txt); msg.addButton(QMessageBox::Close)->setText(tr("Abort rollout")); if (msg.exec() == QMessageBox::Close) { reject(); } return; } if (signer && notBefore->getDate() < signer->getNotBefore()) { gotoTab(2); QString text = tr("The certificate will be earlier valid than the signer. This is probably not what you want."); xcaWarning msg(this, text); msg.addButton(QMessageBox::Ok)->setText(tr("Edit dates")); msg.addButton(QMessageBox::Close)->setText(tr("Abort rollout")); msg.addButton(QMessageBox::Apply)->setText(tr("Continue rollout")); msg.addButton(QMessageBox::Yes)->setText(tr("Adjust date and continue")); switch (msg.exec()) { case QMessageBox::Ok: case QMessageBox::Cancel: return; case QMessageBox::Close: reject(); return; case QMessageBox::Apply: break; case QMessageBox::Yes: notBefore->setDate(signer->getNotBefore()); } } if (signer && notAfter->getDate() > signer->getNotAfter() && !noWellDefinedExpDate->isChecked()) { gotoTab(2); QString text = tr("The certificate will be longer valid than the signer. This is probably not what you want."); xcaWarning msg(this, text); msg.addButton(QMessageBox::Ok)->setText(tr("Edit dates")); msg.addButton(QMessageBox::Close)->setText(tr("Abort rollout")); msg.addButton(QMessageBox::Apply)->setText(tr("Continue rollout")); msg.addButton(QMessageBox::Yes)->setText(tr("Adjust date and continue")); switch (msg.exec()) { case QMessageBox::Ok: case QMessageBox::Cancel: return; case QMessageBox::Close: reject(); return; case QMessageBox::Apply: break; case QMessageBox::Yes: notAfter->setDate(signer->getNotAfter()); } } if (validityBox->isEnabled() && notBefore->getDate() > notAfter->getDate()) { gotoTab(2); QString text = tr("The certificate will be out of date before it becomes valid. You most probably mixed up both dates."); xcaWarning msg(this, text); msg.addButton(QMessageBox::Ok)->setText(tr("Edit dates")); msg.addButton(QMessageBox::Close)->setText(tr("Abort rollout")); msg.addButton(QMessageBox::Apply)->setText(tr("Continue rollout")); switch (msg.exec()) { case QMessageBox::Ok: case QMessageBox::Cancel: return; case QMessageBox::Close: reject(); return; case QMessageBox::Apply: break; } } int r = do_validateExtensions(); if (r) { QString text; if (r == 1) { text = tr("The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab."); gotoTab(5); } else { text = tr("The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate."); gotoTab(0); } xcaWarning msg(this, text); msg.addButton(QMessageBox::Ok)->setText(tr("Edit extensions")); msg.addButton(QMessageBox::Close)->setText(tr("Abort rollout")); msg.addButton(QMessageBox::Apply)->setText(tr("Continue rollout")); switch (msg.exec()) { case QMessageBox::Ok: case QMessageBox::Cancel: return; case QMessageBox::Close: reject(); return; case QMessageBox::Apply: break; } } QString cn = xn.getEntryByNid(NID_commonName); QStringList san = subAltName->text().split(QRegExp(" *, *")); if (cn.isEmpty() && san.contains("DNS:copycn") && pt != tmpl) { gotoTab(2); xcaWarning msg(this, tr("The subject alternative name shall contain a copy of the common name. However, the common name is empty.")); msg.addButton(QMessageBox::Ok)->setText(tr("Edit extensions")); msg.addButton(QMessageBox::Close)->setText(tr("Abort rollout")); msg.addButton(QMessageBox::Apply)->setText(tr("Continue rollout")); switch (msg.exec()) { case QMessageBox::Ok: case QMessageBox::Cancel: return; case QMessageBox::Close: reject(); return; case QMessageBox::Apply: break; } } QDialog::accept(); } xca-RELEASE.2.2.1/widgets/MW_help.cpp0000644000175000017500000001272013614632167016424 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "MainWindow.h" #include #include #include #include #ifndef OPENSSL_NO_EC #include #endif #include "XcaDialog.h" #include "ui_Help.h" #include "lib/func.h" #include "lib/entropy.h" const QList MainWindow::getTranslators() const { return QList { QStringList{ "", tr("System") }, QStringList{ "zh_CN", tr("Chinese"), "Xczh", "xczh.me", "foxmail.com" }, QStringList{ "hr", tr("Croatian"), "Nevenko Bartolincic", "nevenko.bartolincic", "gmail.com" }, QStringList{ "nl", tr("Dutch"), "Guido Pennings" }, QStringList{ "en", tr("English") }, QStringList{ "fr", tr("French"), "Patrick Monnerat", "patrick", "monnerat.net" }, QStringList{ "de", tr("German"), "Christian Hohnstädt", "christian", "hohnstaedt.de" }, QStringList{ "it", tr("Italian"), "Paolo Basenghi", "paul69", "libero.it" }, QStringList{ "ja", tr("Japanese"), "ぶらすず", "burasuzu", "gmail.com" }, QStringList{ "pl", tr("Polish"), "Jacek Tyborowski", "jacek", "tyborowski.pl" }, QStringList{ "pt_BR", tr("Portuguese in Brazil"), "Vinicius Ocker", "viniciusockerfagundes", "yandex.com" }, QStringList{ "ru", tr("Russian") }, QStringList{ "sk", tr("Slovak"), "Slavko", "linux", "slavino.sk" }, QStringList{ "es", tr("Spanish"), "Miguel Romera", "mrmsoftdonation", "gmail.com" }, QStringList{ "tr", tr("Turkish") }, }; }; void MainWindow::cmd_version() { fprintf(stderr, XCA_TITLE " Version %s\n", version_str(false)); exitApp = 1; } void MainWindow::cmd_help(const char* msg) { fprintf(stderr, XCA_TITLE " Version %s\n" "\n" " -v show version information and exit\n" " -h shows this help screen and exit\n" " -d expect the following argument to be the database name to use\n" " -i expect the following argument to be the index file to generate\n" " -I expect the following argument to be the base name the index file hierarchy to generate\n" " -x Exit after processing all commandline options\n\n", version_str(false)); if (msg) { fprintf(stderr, "Cmdline Error: %s\n", msg); } exitApp = 1; } void MainWindow::about() { QTextEdit *textbox = new QTextEdit(NULL); XcaDialog *about = new XcaDialog(this, x509, textbox, QString(), QString()); about->aboutDialog(scardImg); QString openssl, qt, cont, version, brainpool; #ifndef OPENSSL_NO_EC #ifdef NID_brainpoolP160r1 EC_GROUP *group = EC_GROUP_new_by_curve_name(NID_brainpoolP160r1); ign_openssl_error(); if (group) { EC_GROUP_free(group); brainpool = "

ECC With RFC 5639 Brainpool curves" #if OPENSSL_VERSION_NUMBER < 0x10002001L "
(Backported to " OPENSSL_VERSION_TEXT ")" #endif ; } #endif #else brainpool = "(Elliptic Curve Cryptography support disabled)"; #endif openssl = SSLeay_version(SSLEAY_VERSION); qt = qVersion(); if (openssl != OPENSSL_VERSION_TEXT || qt != QT_VERSION_STR) { version = QString("" "" "" "" "" "" "" "" "
Compile time:" OPENSSL_VERSION_TEXT "QT version: " QT_VERSION_STR "
Run time:%1QT version: %2
").arg(openssl).arg(qt); } else { version = QString("%1
QT version: %2").arg(openssl).arg(qt); } QStringList rows; foreach(QStringList sl, getTranslators()) { QString email; QStringList tag { "", "" }; if (sl.size() < 3) continue; if (sl.size() > 4) email = QString("<%1@%2>").arg(sl[3]).arg(sl[4]); QString lang(QLocale::languageToString(QLocale(sl[0]).language())); QStringList row { QString("%1").arg(lang), htmlEscape(sl[2]), htmlEscape(email), }; rows << tag[0] + row.join(tag[0] + tag[1]) + tag[1]; } Entropy::seed_rng(); cont = QString( "

XCA%8

" "

Copyright 2001 - 2020 by Christian Hohnstädt\n" "

Version: %4

%1

%2" /* commithash, Brainpool, OpenSSL & Qt Version */ "

https://hohnstaedt.de/xca" "

Entropy strength: %3" "

" "" "" "" "
Installation path:%5
User settings path:%6
Working directory:%7
" "

" "" "" "" "" "
Christian Hohnstädt<christian@hohnstaedt.de>
Programming, Translation and Testing
Kerstin Steinhauff<tine@kerstine.de>
Arts and Graphics
Maintained Translations
" "

%9
").arg(brainpool) .arg(version) .arg(Entropy::strength()) .arg(version_str(true)) .arg(getPrefix()) .arg(getUserSettingsDir()) .arg(QString(Settings["workingdir"])) .arg(portable_app() ? " (Portable)" : "") .arg(rows.join("")); textbox->setHtml(cont); textbox->setReadOnly(true); about->exec(); delete about; } void MainWindow::help() { QDialog *h = new QDialog(this, 0); QString path, uri; Ui::Help ui; ui.setupUi(h); path = QString("file://"); #if defined(Q_OS_WIN32) path += "/"; #endif path += getDocDir() + "/"; #if defined(Q_OS_WIN32) path = path.replace("\\","/"); #endif uri = path + "xca.html"; ui.textbox->setSource(QUrl(uri)); ui.textbox->setSearchPaths(QStringList(path)); h->setWindowTitle(XCA_TITLE); h->show(); } xca-RELEASE.2.2.1/widgets/CertTreeView.cpp0000644000175000017500000001001413614632167017433 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2015 Christian Hohnstaedt. * * All rights reserved. */ #include "lib/pki_x509.h" #include "CertTreeView.h" #include "MainWindow.h" #include #include #include void CertTreeView::fillContextMenu(QMenu *menu, QMenu *subExport, const QModelIndex &index, QModelIndexList indexes) { QMenu *subCa; bool parentCanSign, multi, hasScard, sameParent, allRevoked, allUnrevoked; pki_key *privkey; X509SuperTreeView::fillContextMenu(menu, subExport, index, indexes); menu->addAction(tr("Import PKCS#12"), this, SLOT(loadPKCS12())); menu->addAction(tr("Import from PKCS#7"), this, SLOT(loadPKCS7())); if (indexes.size() == 0) return; pki_x509 *cert = static_cast(index.internalPointer()); pki_x509 *parent; privkey = cert->getRefKey(); parent = cert->getSigner(); parentCanSign = parent && parent->canSign() && (parent != cert); hasScard = pkcs11::loaded(); multi = indexes.size() > 1; allUnrevoked = allRevoked = sameParent = true; foreach(QModelIndex i, indexes) { pki_x509 *c = static_cast (i.internalPointer()); if (c->getSigner() != parent) sameParent = false; if (c->isRevoked()) allUnrevoked = false; else allRevoked = false; } if (!multi) { transform->addAction(tr("Request"), this, SLOT(toRequest()))-> setEnabled(privkey && privkey->isPrivKey()); subExport->addAction(tr("Security token"), this, SLOT(toToken()))->setEnabled(hasScard); subExport->addAction(tr("Other token"), this, SLOT(toOtherToken()))->setEnabled( hasScard && privkey && privkey->isToken()); transform->addAction(tr("Similar Certificate"), this, SLOT(toCertificate())); menu->addAction(tr("Delete from Security token"), this, SLOT(deleteFromToken()))->setEnabled(hasScard); subCa = menu->addMenu(tr("CA")); subCa->addAction(tr("Properties"), this, SLOT(caProperties())); subCa->addAction(tr("Generate CRL"), this, SLOT(genCrl())); subCa->addAction(tr("Manage revocations"), this, SLOT(manageRevocations())); subCa->setEnabled(cert->canSign()); } if (parent == cert && parent->canSign()) menu->addAction(tr("Renewal"), this, SLOT(certRenewal())); if (sameParent && parentCanSign) { QString n = multi ? QString(" [%1]").arg(indexes.size()) : ""; menu->addAction(tr("Renewal") +n, this, SLOT(certRenewal())); if (allUnrevoked) menu->addAction(tr("Revoke") +n, this, SLOT(revoke())); if (allRevoked) menu->addAction(tr("Unrevoke") +n, this, SLOT(unRevoke())); } } void CertTreeView::changeView() { if (!certs) return; db_x509 *c = certs; hide(); setModel(); c->changeView(); setModel(c); show(); setRootIsDecorated(db_x509::treeview); } void CertTreeView::toRequest() { if (certs) certs->toRequest(currentIndex()); } void CertTreeView::toToken() { if (certs) certs->toToken(currentIndex(), false); } void CertTreeView::toOtherToken() { if (certs) certs->toToken(currentIndex(), true); } void CertTreeView::loadPKCS12() { if (certs) { load_pkcs12 l; certs->load_default(l); } } void CertTreeView::loadPKCS7() { if (certs) { load_pkcs7 l; certs->load_default(l); } } void CertTreeView::genCrl() { pki_x509 *cert = static_cast (currentIndex().internalPointer()); mainwin->crls->newItem(cert); } void CertTreeView::toCertificate() { if (certs) certs->toCertificate(currentIndex()); } void CertTreeView::deleteFromToken() { pki_x509 *cert = static_cast (currentIndex().internalPointer()); try { cert->deleteFromToken(); } catch (errorEx &err) { mainwin->Error(err); } } void CertTreeView::manageRevocations() { if (certs) certs->manageRevocations(currentIndex()); } void CertTreeView::caProperties() { if (certs) certs->caProperties(currentIndex()); } void CertTreeView::certRenewal() { if (certs) certs->certRenewal(getSelectedIndexes()); } void CertTreeView::revoke() { if (certs) certs->revoke(getSelectedIndexes()); } void CertTreeView::unRevoke() { if (certs) certs->unRevoke(getSelectedIndexes()); } xca-RELEASE.2.2.1/widgets/NewCrl.h0000644000175000017500000000057413614632167015734 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2010 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __NEWCRL_H #define __NEWCRL_H #include "ui_NewCrl.h" #include "lib/pki_x509.h" class pki_key; class NewCrl: public QWidget, public Ui::NewCrl { Q_OBJECT public: NewCrl(QWidget *parent, pki_x509 *signer); public slots: void on_applyTime_clicked(); }; #endif xca-RELEASE.2.2.1/widgets/FocusCombo.h0000644000175000017500000000134213614632167016573 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2014 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __FOCUSCOMBO_H #define __FOCUSCOMBO_H #include class focusCombo : public QComboBox { public: focusCombo(QWidget *parent) : QComboBox(parent) { } void hidePopup() { QComboBox::hidePopup(); emit highlighted(currentIndex()); } QVariant currentItemData() { return QComboBox::itemData(currentIndex()); } void addItemsData(const QStringList &textdata, const QString &selected) { int c = 0; Q_ASSERT(textdata.size() % 2 == 0); for (int i=0; i< textdata.size(); i+=2) { addItem(textdata[i], textdata[i+1]); if (textdata[i+1] == selected) c = i/2; } setCurrentIndex(c); } }; #endif xca-RELEASE.2.2.1/widgets/NewKey.h0000644000175000017500000000151613614632167015741 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __NEWKEY_H #define __NEWKEY_H #include "ui_NewKey.h" #include "lib/pkcs11_lib.h" #include "lib/builtin_curves.h" #include class NewKey: public QDialog, public Ui::NewKey { Q_OBJECT private: static int defaultType; static int defaultEcNid; static int defaultSize; void updateCurves(unsigned min=0, unsigned max=INT_MAX, unsigned long ec_flags=0); void addCurveBoxCurves(const QList &curves); public: NewKey(QWidget *parent, QString name); int getKeytype(); int getKeysize(); int getKeyCurve_nid(); slotid getKeyCardSlot(); bool isToken(); QString getAsString(); static int setDefault(QString def); public slots: void on_keyType_currentIndexChanged(int); }; #endif xca-RELEASE.2.2.1/widgets/NewKey.cpp0000644000175000017500000001650213614632167016275 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "NewKey.h" #include "MainWindow.h" #include "lib/pki_evp.h" #include "lib/pkcs11.h" #include "distname.h" #include "clicklabel.h" #include "ItemCombo.h" #include #include #include #include struct typelist { const char *name; int type; }; static const struct typelist typeList[] = { { "RSA", EVP_PKEY_RSA }, { "DSA", EVP_PKEY_DSA }, #ifndef OPENSSL_NO_EC { "EC", EVP_PKEY_EC }, #endif }; int NewKey::defaultType = EVP_PKEY_RSA; int NewKey::defaultEcNid = NID_undef; int NewKey::defaultSize = 2048; class keyListItem { protected: const struct typelist *tl; public: bool card; QString printname; slotid slot; unsigned minKeySize; unsigned maxKeySize; unsigned long ec_flags; keyListItem(pkcs11 *p11, slotid nslot, CK_MECHANISM_TYPE m) { slot = nslot; CK_MECHANISM_INFO mechinfo; p11->mechanismInfo(slot, m, &mechinfo); minKeySize = mechinfo.ulMinKeySize; maxKeySize = mechinfo.ulMaxKeySize; if (maxKeySize == 0) { /* Fallback for libraries not filling in the maxKeySize */ maxKeySize = INT_MAX; } tkInfo ti = p11->tokenInfo(slot); switch (m) { case CKM_RSA_PKCS_KEY_PAIR_GEN: tl = typeList; //idx of EVP_PKEY_RSA break; case CKM_DSA_KEY_PAIR_GEN: tl = typeList +1; break; #ifndef OPENSSL_NO_EC case CKM_EC_KEY_PAIR_GEN: tl = typeList +2; CK_MECHANISM_INFO info; p11->mechanismInfo(slot, m, &info); ec_flags = info.flags & (CKF_EC_F_P | CKF_EC_F_2M); if (!ec_flags) { /* Fallback: Assume to support both for * libraries leaving this flag empty */ ec_flags = CKF_EC_F_P | CKF_EC_F_2M; } #endif } printname = QString("%1 #%2 (%3 Key of %4 - %5 bits)"). arg(ti.label()).arg(ti.serial()). arg(tl->name). arg(minKeySize). arg(maxKeySize); card = true; } keyListItem(const struct typelist *t=typeList) { tl = t; printname = QString(tl->name); card = false; slot = slotid(); minKeySize = 0; maxKeySize = INT_MAX; ec_flags = 0; } keyListItem(const keyListItem &k) { tl = k.tl; printname = k.printname; card = k.card; slot = k.slot; minKeySize = k.minKeySize; maxKeySize = k.maxKeySize; ec_flags = k.ec_flags; } int type() { return tl->type; } QString typeName() { return QString(tl->name); } }; Q_DECLARE_METATYPE(keyListItem); NewKey::NewKey(QWidget *parent, QString name) :QDialog(parent) { static const char* const sizeList[] = { "1024", "2048", "4096", "8192" }; size_t i; slotidList p11_slots; QList keytypes; setupUi(this); setWindowTitle(XCA_TITLE); image->setPixmap(*MainWindow::keyImg); if (!name.isEmpty()) keyDesc->setText(name); keyLength->setEditable(true); for (i=0; i < ARRAY_SIZE(sizeList); i++ ) { keyLength->addItem(QString(sizeList[i]) + " bit"); } for (i=0; i < ARRAY_SIZE(typeList); i++ ) { keyListItem gk(typeList +i); keytypes << gk; } updateCurves(); keyLength->setEditText(QString::number(defaultSize) + " bit"); keyDesc->setFocus(); if (pkcs11::loaded()) try { pkcs11 p11; p11_slots = p11.getSlotList(); foreach(slotid slot, p11_slots) { QList ml = p11.mechanismList(slot); if (ml.contains(CKM_RSA_PKCS_KEY_PAIR_GEN)) { keyListItem tk(&p11, slot, CKM_RSA_PKCS_KEY_PAIR_GEN); keytypes << tk; } if (ml.contains(CKM_DSA_KEY_PAIR_GEN)) { keyListItem tk(&p11, slot, CKM_DSA_KEY_PAIR_GEN); keytypes << tk; } #ifndef OPENSSL_NO_EC if (ml.contains(CKM_EC_KEY_PAIR_GEN)) { keyListItem tk(&p11, slot, CKM_EC_KEY_PAIR_GEN); keytypes << tk; } #endif } } catch (errorEx &err) { p11_slots.clear(); } for (int i=0; iaddItem(keytypes[i].printname, q); if (!keytypes[i].card && keytypes[i].type() == defaultType) keyType->setCurrentIndex(i); } buttonBox->button(QDialogButtonBox::Ok)->setText(tr("Create")); } void NewKey::addCurveBoxCurves(const QList &curves) { foreach(builtin_curve curve, curves) { QString sn(OBJ_nid2sn(curve.nid)); QString p, comment = curve.comment; if (comment.isEmpty()) comment = "---"; p = sn + ": " + comment; curveBox->addItem(sn + ": " + comment, curve.nid); } } void NewKey::updateCurves(unsigned min, unsigned max, unsigned long ec_flags) { #ifndef OPENSSL_NO_EC QList curve_rfc5480, curve_x962, curve_other; foreach(builtin_curve curve, pki_key::builtinCurves) { const char *sn = OBJ_nid2sn(curve.nid); if (!sn || curve.order_size < min || curve.order_size > max) continue; if (ec_flags && (curve.type & ec_flags) == 0) continue; switch (curve.flags) { case CURVE_RFC5480: curve_rfc5480 << curve; break; case CURVE_X962: curve_x962 << curve; break; case CURVE_OTHER: curve_other << curve; break; } } curveBox->clear(); addCurveBoxCurves(curve_rfc5480); curveBox->insertSeparator(curveBox->count()); addCurveBoxCurves(curve_x962); curveBox->insertSeparator(curveBox->count()); addCurveBoxCurves(curve_other); int default_index = curveBox->findData(QVariant(defaultEcNid)); curveBox->setCurrentIndex(default_index == -1 ? 0 : default_index); #else (void)min; (void)max; (void)ec_flags; #endif } void NewKey::on_keyType_currentIndexChanged(int idx) { bool curve_enabled; keyListItem ki = keyType->itemData(idx).value(); curve_enabled = (ki.type() == EVP_PKEY_EC); curveBox->setVisible(curve_enabled); curveLabel->setVisible(curve_enabled); keySizeLabel->setVisible(!curve_enabled); keyLength->setVisible(!curve_enabled); rememberDefault->setEnabled(!ki.card); if (curve_enabled && ki.card) { updateCurves(ki.minKeySize, ki.maxKeySize, ki.ec_flags); } } static keyListItem currentKey(QComboBox *keyType) { QVariant q = keyType->itemData(keyType->currentIndex()); return q.value(); } int NewKey::getKeytype() { return currentKey(keyType).type(); } int NewKey::getKeysize() { if (getKeytype() == EVP_PKEY_EC) return -1; QString size = keyLength->currentText(); size.replace(QRegExp("[^0-9]"), ""); return size.toInt(); } int NewKey::getKeyCurve_nid() { bool ok; int nid = curveBox->itemData(curveBox->currentIndex()).toInt(&ok); return ok && getKeytype() == EVP_PKEY_EC ? nid : NID_undef; } bool NewKey::isToken() { keyListItem k = currentKey(keyType); return k.card; } slotid NewKey::getKeyCardSlot() { keyListItem k = currentKey(keyType); return k.slot; } QString NewKey::getAsString() { keyListItem k = currentKey(keyType); QString data; if (k.card) return QString(); if (k.type() == EVP_PKEY_EC) { data = OBJ_obj2QString(OBJ_nid2obj(getKeyCurve_nid()), 1); } else { data = QString::number(getKeysize()); } return QString("%1:%2").arg(currentKey(keyType).typeName()).arg(data); } int NewKey::setDefault(QString def) { int type = -1, size = 0, nid = NID_undef; QStringList sl = def.split(':'); if (sl.size() != 2) return -1; for (unsigned i=0; i < ARRAY_SIZE(typeList); i++ ) { if (sl[0] == typeList[i].name) { type = typeList[i].type; } } if (type == -1) return -2; if (type == EVP_PKEY_EC) { nid = OBJ_txt2nid(sl[1].toLatin1()); if (nid == NID_undef) return -3; defaultEcNid = nid; } else { size = sl[1].toInt(); if (size <= 0) return -4; defaultSize = size; } defaultType = type; return 0; } xca-RELEASE.2.2.1/widgets/ImportMulti.h0000644000175000017500000000204013614632167017015 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __IMPORTMULTI_H #define __IMPORTMULTI_H #include "ui_ImportMulti.h" #include "lib/db_token.h" #include "lib/db_base.h" #include class pki_x509; class pki_key; class ImportMulti: public QDialog, private Ui::ImportMulti { Q_OBJECT private: slotid slot; db_token *mcont; MainWindow *mainwin; void importError(QStringList failed); public: ImportMulti(MainWindow *parent); ~ImportMulti(); void addItem(pki_base *pki); pki_base *getSelected(); pki_base *import(QModelIndex &idx); void execute(int force=0, QStringList failed = QStringList()); int entries(); void tokenInfo(slotid s); void dragEnterEvent(QDragEnterEvent *event); void dropEvent(QDropEvent *event); bool openDB() const; public slots: void on_butRemove_clicked(); void on_butImport_clicked(); void on_butDetails_clicked(); void on_butOk_clicked(); void on_deleteToken_clicked(); void on_renameToken_clicked(); }; #endif xca-RELEASE.2.2.1/widgets/CertTreeView.h0000644000175000017500000000164513614632167017112 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2015 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __CERTTREEVIEW_H #define __CERTTREEVIEW_H #include "X509SuperTreeView.h" #include "lib/db_x509.h" class CertTreeView: public X509SuperTreeView { Q_OBJECT db_x509 *certs; public: CertTreeView(QWidget *parent) : X509SuperTreeView(parent) { certs = NULL; } void fillContextMenu(QMenu *menu, QMenu *subExport, const QModelIndex &index, QModelIndexList indexes); void setModel(QAbstractItemModel *model=NULL) { certs = dynamic_cast (model); X509SuperTreeView::setModel(model); } public slots: void changeView(); void toRequest(); void toCertificate(); void toToken(); void toOtherToken(); void genCrl(); void loadPKCS7(); void loadPKCS12(); void deleteFromToken(); void manageRevocations(); void certRenewal(); void caProperties(); void revoke(); void unRevoke(); }; #endif xca-RELEASE.2.2.1/widgets/X509SuperTreeView.h0000644000175000017500000000136513614632167017700 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2006 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __X509SUPERTREEVIEW_H #define __X509SUPERTREEVIEW_H #include "XcaTreeView.h" #include "lib/db_x509req.h" class X509SuperTreeView: public XcaTreeView { Q_OBJECT db_x509super *x509super; public: QMenu *transform; X509SuperTreeView(QWidget *parent) : XcaTreeView(parent) { x509super = NULL; } void fillContextMenu(QMenu *menu, QMenu *subExport, const QModelIndex &index, QModelIndexList indexes); void setModel(QAbstractItemModel *model=NULL) { x509super = dynamic_cast (model); XcaTreeView::setModel(model); } public slots: void extractPubkey(); void toTemplate(); void toOpenssl(); }; #endif xca-RELEASE.2.2.1/widgets/hashBox.h0000644000175000017500000000140013614632167016123 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2007 - 2011 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __HASH_BOX_H #define __HASH_BOX_H #include #include class hashBox: public QComboBox { Q_OBJECT private: static int default_md; QString wanted_md; int backup; int key_type; public: hashBox(QWidget *parent); void setKeyType(int type); const EVP_MD *currentHash() const; QString currentHashName() const; int currentHashIdx() const; bool isInsecure() const; void setCurrentMD(const EVP_MD *md); void setDefaultHash(); void setupHashes(QList nids); void setupAllHashes(); void setCurrentString(QString md); static void setDefault(QString def); static QString getDefault(); }; #endif xca-RELEASE.2.2.1/widgets/ImportMulti.cpp0000644000175000017500000002327213614632167017362 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "ImportMulti.h" #include "MainWindow.h" #include "lib/pki_base.h" #include "lib/pki_pkcs7.h" #include "lib/pki_pkcs12.h" #include "lib/pki_crl.h" #include "lib/pki_multi.h" #include "lib/pki_scard.h" #include "lib/pki_evp.h" #include "widgets/CrlDetail.h" #include "widgets/CertDetail.h" #include "widgets/KeyDetail.h" #include #include #include #include #include #include #include ImportMulti::ImportMulti(MainWindow *parent) :QDialog(parent) { mainwin = parent; setupUi(this); setWindowTitle(XCA_TITLE); image->setPixmap(*MainWindow::certImg); listView->setEditTriggers(QAbstractItemView::NoEditTriggers); mcont = new db_token(parent); listView->setModel(mcont); listView->setIconSize(pki_evp::icon[0]->size()); listView->setSelectionMode(QAbstractItemView::ExtendedSelection); connect( listView, SIGNAL(doubleClicked(const QModelIndex &)), this, SLOT(on_butDetails_clicked())); deleteToken->hide(); renameToken->hide(); slotInfo->hide(); setAcceptDrops(true); } void ImportMulti::tokenInfo(slotid s) { slot = s; mcont->setSlot(slot); deleteToken->show(); renameToken->show(); slotInfo->show(); listView->setEditTriggers(QAbstractItemView::EditKeyPressed); pkcs11 p11; QString info = p11.driverInfo(slot); tkInfo ti = p11.tokenInfo(slot); info += tr("\nName: %1\nModel: %2\nSerial: %3"). arg(ti.label()).arg(ti.model()).arg(ti.serial()); slotInfo->setText(info); image->setPixmap(*MainWindow::scardImg); heading->setText(tr("Manage security token")); setAcceptDrops(false); } void ImportMulti::addItem(pki_base *pki) { if (!pki) return; if (pki->pkiSource == unknown) pki->pkiSource = imported; const std::type_info &t = typeid(*pki); if (t == typeid(pki_x509)) { pki_x509 *x = static_cast(pki); x->setSigner(x->findIssuer()); x->lookupKey(); mcont->inToCont(pki); } else if (t == typeid(pki_x509req)) { pki_x509req *x = static_cast(pki); x->lookupKey(); mcont->inToCont(pki); } else if (t == typeid(pki_crl)) { pki_crl *x = static_cast(pki); x->lookupIssuer(); mcont->inToCont(pki); } else if (t == typeid(pki_evp) || t == typeid(pki_temp) || t == typeid(pki_scard)) { mcont->inToCont(pki); } else if (t == typeid(pki_pkcs7)) { pki_pkcs7 *p7 = static_cast(pki); for (int i=0; inumCert(); i++) { addItem(p7->getCert(i)); } delete p7; } else if (t == typeid(pki_pkcs12)) { pki_pkcs12 *p12 = static_cast(pki); addItem(p12->getKey()); addItem(p12->getCert()); for (int i=0; inumCa(); i++) { addItem(p12->getCa(i)); } delete p12; } else if (t == typeid(pki_multi)) { pki_multi *pm = static_cast(pki); pki_base *inner; while ((inner = pm->pull())) addItem(inner); delete pm; } else { XCA_WARN(tr("The type of the item '%1' is not recognized"). arg(t.name())); } if (t == typeid(pki_scard)) mcont->rename_token_in_database(dynamic_cast(pki)); } bool ImportMulti::openDB() const { if (currentDB.isEmpty()) { if (mainwin->open_default_db() == 2) return false; if (currentDB.isEmpty()) mainwin->load_database(); } return !currentDB.isEmpty(); } void ImportMulti::dragEnterEvent(QDragEnterEvent *event) { if (event->mimeData()->hasUrls()) event->acceptProposedAction(); } void ImportMulti::dropEvent(QDropEvent *event) { QList urls = event->mimeData()->urls(); QUrl u; QStringList failed; pki_multi *pki = new pki_multi(); foreach(u, urls) { QString s = u.toLocalFile(); int count = pki->count(); pki->probeAnything(s); if (pki->count() == count) failed << s; } importError(failed); addItem(pki); event->acceptProposedAction(); } void ImportMulti::on_butRemove_clicked() { QItemSelectionModel *selectionModel = listView->selectionModel(); QModelIndexList indexes = selectionModel->selectedIndexes(); QModelIndex index; QString items; foreach(index, indexes) { if (index.column() != 0) continue; mcont->remFromCont(index); pki_base *pki = static_cast(index.internalPointer()); delete pki; } } void ImportMulti::on_butOk_clicked() { if (!openDB()) return; Transaction; if (!TransBegin()) return; while (mcont->rootItem->childCount()) { QModelIndex idx = mcont->index(0, 0, QModelIndex()); import(idx); } TransCommit(); accept(); } void ImportMulti::on_butImport_clicked() { QItemSelectionModel *selectionModel = listView->selectionModel(); QModelIndexList indexes = selectionModel->selectedIndexes(); if (!openDB()) return; Transaction; if (!TransBegin()) return; foreach(QModelIndex index, indexes) { if (index.column() != 0) continue; import(index); } TransCommit(); } void ImportMulti::on_deleteToken_clicked() { QItemSelectionModel *selectionModel = listView->selectionModel(); QModelIndexList indexes = selectionModel->selectedIndexes(); QModelIndex index; QString items; foreach(index, indexes) { if (index.column() != 0) continue; pki_base *pki = static_cast(index.internalPointer()); try { pki->deleteFromToken(slot); mcont->remFromCont(index); delete pki; } catch (errorEx &err) { mainwin->Error(err); } } } void ImportMulti::on_renameToken_clicked() { QItemSelectionModel *selectionModel = listView->selectionModel(); QModelIndexList indexes = selectionModel->selectedIndexes(); QModelIndex index; QString items; foreach(index, indexes) { if (index.column() != 0) continue; listView->edit(index); break; } } static db_base *select_db(const std::type_info &t) { if (t == typeid(pki_x509)) return MainWindow::certs; if (t == typeid(pki_evp)) return MainWindow::keys; if (t == typeid(pki_scard)) return MainWindow::keys; if (t == typeid(pki_x509req)) return MainWindow::reqs; if (t == typeid(pki_crl)) return MainWindow::crls; if (t == typeid(pki_temp)) return MainWindow::temps; return NULL; } pki_base *ImportMulti::import(QModelIndex &idx) { pki_base *pki = static_cast(idx.internalPointer()); db_base *db; if (!pki || !mainwin->keys) return NULL; const std::type_info &t = typeid(*pki); mcont->remFromCont(idx); if (!mainwin->keys) { delete pki; return NULL; } if (t == typeid(pki_evp)) static_cast(pki)->setOwnPass(pki_evp::ptCommon); db = select_db(t); if (!db) { XCA_WARN(tr("The type of the item '%1' is not recognized"). arg(t.name())); delete pki; return NULL; } return db->insert(pki); } void ImportMulti::on_butDetails_clicked() { QItemSelectionModel *selectionModel = listView->selectionModel(); QModelIndex index; if (!selectionModel->selectedIndexes().count()) return; index = selectionModel->selectedIndexes().first(); pki_base *pki = static_cast(index.internalPointer()); if (!pki) return; const std::type_info &t = typeid(*pki); try { if (t == typeid(pki_x509)){ CertDetail *dlg = new CertDetail(mainwin); dlg->setCert(static_cast(pki)); connect(dlg->privKey, SIGNAL(doubleClicked(QString)), mainwin->keys, SLOT(showItem(QString))); connect(dlg->signature, SIGNAL(doubleClicked(QString)), mainwin->certs, SLOT(showItem(QString))); if (dlg->exec()) pki->setIntName(dlg->descr->text()); delete dlg; } else if (t == typeid(pki_evp) || t == typeid(pki_scard)) { KeyDetail *dlg = new KeyDetail(mainwin); dlg->setKey(static_cast(pki)); if (dlg->exec()) pki->setIntName(dlg->keyDesc->text()); delete dlg; } else if (t == typeid(pki_x509req)) { CertDetail *dlg = new CertDetail(mainwin); dlg->setReq(static_cast(pki)); connect(dlg->privKey, SIGNAL(doubleClicked(QString)), mainwin->keys, SLOT(showItem(QString))); if (dlg->exec()) pki->setIntName(dlg->descr->text()); delete dlg; } else if (t == typeid(pki_crl)) { CrlDetail *dlg = new CrlDetail(mainwin); dlg->setCrl(static_cast(pki)); connect(dlg->issuerIntName, SIGNAL(doubleClicked(QString)), mainwin->certs, SLOT(showItem(QString))); if (dlg->exec()) pki->setIntName(dlg->descr->text()); delete dlg; } else if (t == typeid(pki_temp)) { XCA_WARN(tr("Details of the item '%1' cannot be shown") .arg("XCA template")); } else XCA_WARN(tr("The type of the item '%1' is not recognized").arg(t.name())); } catch (errorEx &err) { mainwin->Error(err); } } ImportMulti::~ImportMulti() { QModelIndex idx = listView->currentIndex(); while (idx != QModelIndex()) { mcont->remFromCont(idx); pki_base *pki = static_cast(idx.internalPointer()); delete pki; idx = listView->currentIndex(); } listView->setModel(NULL); delete mcont; } int ImportMulti::entries() { return mcont->rootItem->childCount(); } void ImportMulti::importError(QStringList failed) { if (failed.count() == 1) { XCA_INFO(tr("The file '%1' did not contain PKI data"). arg(failed[0])); } else if (failed.count() > 1) { XCA_INFO(tr("The %1 files: '%2' did not contain PKI data"). arg(failed.count()). arg(failed.join("', '"))); } } void ImportMulti::execute(int force, QStringList failed) { importError(failed); /* if there is nothing to import don't pop up */ if (entries() == 0) { accept(); return; } /* if there is only 1 item and force is 0 import it silently */ if (entries() == 1 && force == 0 && openDB()) { QModelIndex idx = mcont->index(0, 0, QModelIndex()); pki_base *pki = import(idx); if (pki && !Settings["suppress_messages"]) XCA_INFO(pki->getMsg(pki_base::msg_import). arg(pki->getIntName())); accept(); return; } /* the behaviour for more than one item */ exec(); } xca-RELEASE.2.2.1/widgets/MW_menu.cpp0000644000175000017500000001573213614632167016446 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "MainWindow.h" #include "PwDialog.h" #include "Options.h" #include "lib/load_obj.h" #include "lib/pass_info.h" #include "lib/pkcs11.h" #include "lib/pki_evp.h" #include "lib/pki_scard.h" #include "lib/func.h" #include "lib/db_x509super.h" #include "ui_Options.h" #include "hashBox.h" #include "OidResolver.h" #include "OpenDb.h" #include #include #include #include static QAction *languageMenuEntry(const QStringList &sl) { QString lang, tooltip; QLocale locale; if (sl[0].isEmpty()) { locale = QLocale::system(); lang = MainWindow::tr("System"); } else { locale = QLocale(sl[0]); lang = QString("%1 (%2)").arg(sl[1]) .arg(QLocale::languageToString(locale.language())); } tooltip = locale.nativeLanguageName(); if (sl.length() > 2) tooltip += " - " + sl[2]; QAction *a = new QAction(lang, NULL); a->setToolTip(tooltip); a->setData(QVariant(locale)); a->setDisabled(!XCA_application::languageAvailable(locale)); a->setCheckable(true); if (locale == XCA_application::language()) a->setChecked(true); return a; } void MainWindow::init_menu() { static QMenu *file = NULL, *help = NULL, *import = NULL, *token = NULL, *languageMenu = NULL, *extra = NULL; static QActionGroup * langGroup = NULL; QAction *a; if (file) delete file; if (help) delete help; if (import) delete import; if (token) delete token; if (extra) delete extra; if (languageMenu) delete languageMenu; if (historyMenu) delete historyMenu; if (langGroup) delete langGroup; wdMenuList.clear(); scardList.clear(); acList.clear(); langGroup = new QActionGroup(this); historyMenu = new tipMenu(tr("Recent DataBases") + " ...", this); connect(historyMenu, SIGNAL(triggered(QAction*)), this, SLOT(open_database(QAction*))); languageMenu = new tipMenu(tr("Language"), this); connect(languageMenu, SIGNAL(triggered(QAction*)), qApp, SLOT(switchLanguage(QAction*))); foreach(const QStringList &sl, getTranslators()) { QAction *a = languageMenuEntry(sl); langGroup->addAction(a); languageMenu->addAction(a); } file = menuBar()->addMenu(tr("&File")); file->addAction(tr("New DataBase"), this, SLOT(new_database()), QKeySequence::New) ->setEnabled(OpenDb::hasSqLite()); file->addAction(tr("Open DataBase"), this, SLOT(load_database()), QKeySequence::Open) ->setEnabled(OpenDb::hasSqLite()); file->addAction(tr("Open Remote DataBase"), this, SLOT(openRemoteSqlDB())) ->setEnabled(OpenDb::hasRemoteDrivers()); file->addMenu(historyMenu); file->addAction(tr("Set as default DataBase"), this, SLOT(default_database())); acList += file->addAction(tr("Close DataBase"), this, SLOT(close_database()), QKeySequence::Close); a = new QAction(tr("Options"), this); connect(a, SIGNAL(triggered()), this, SLOT(setOptions())); a->setMenuRole(QAction::PreferencesRole); file->addAction(a); acList += a; file->addMenu(languageMenu); file->addSeparator(); a = new QAction(tr("Exit"), this); connect(a, SIGNAL(triggered()), qApp, SLOT(quit()), Qt::QueuedConnection); a->setMenuRole(QAction::QuitRole); a->setShortcut(QKeySequence::Quit); file->addAction(a); import = menuBar()->addMenu(tr("I&mport")); import->addAction(tr("Keys"), keyView, SLOT(load()) ); import->addAction(tr("Requests"), reqView, SLOT(load()) ); import->addAction(tr("Certificates"), certView, SLOT(load()) ); import->addAction(tr("PKCS#12"), certView, SLOT(loadPKCS12()) ); import->addAction(tr("PKCS#7"), certView, SLOT(loadPKCS7()) ); import->addAction(tr("Template"), tempView, SLOT(load()) ); import->addAction(tr("Revocation list"), crlView, SLOT(load())); import->addAction(tr("PEM file"), this, SLOT(loadPem()) ); import->addAction(tr("Paste PEM file"), this, SLOT(pastePem()), QKeySequence::Paste); token = menuBar()->addMenu(tr("Token")); token->addAction(tr("&Manage Security token"), this, SLOT(manageToken())); token->addAction(tr("&Init Security token"), this, SLOT(initToken())); token->addAction(tr("&Change PIN"), this, SLOT(changePin()) ); token->addAction(tr("Change &SO PIN"), this, SLOT(changeSoPin()) ); token->addAction(tr("Init PIN"), this, SLOT(initPin()) ); extra = menuBar()->addMenu(tr("Extra")); acList += extra->addAction(tr("&Dump DataBase"), this, SLOT(dump_database())); acList += extra->addAction(tr("&Export Certificate Index"), this, SLOT(exportIndex())); acList += extra->addAction(tr("Export Certificate &Index hierarchy"), this, SLOT(exportIndexHierarchy())); acList += extra->addAction(tr("C&hange DataBase password"), this, SLOT(changeDbPass())); #if 0 acList += extra->addAction(tr("&Undelete items"), this, SLOT(undelete())); #endif extra->addAction(tr("Generate DH parameter"), this, SLOT(generateDHparam())); extra->addAction(tr("OID Resolver"), resolver, SLOT(show())); help = menuBar()->addMenu(tr("&Help") ); help->addAction(tr("Content"), this, SLOT(help()), QKeySequence::HelpContents); a = new QAction(tr("About"), this); connect(a, SIGNAL(triggered()), this, SLOT(about())); a->setMenuRole(QAction::AboutRole); a->setShortcut(QKeySequence::WhatsThis); help->addAction(a); wdMenuList += import; scardList += token; setItemEnabled(!currentDB.isEmpty()); } int MainWindow::changeDB(QString fname) { if (fname.isEmpty()) return 1; close_database(); if (!OpenDb::isRemoteDB(fname)) homedir = fname.mid(0, fname.lastIndexOf(QDir::separator())); return init_database(fname); } void MainWindow::update_history_menu() { historyMenu->clear(); for (int i = 0, j = 0; i < history.size(); i++) { QAction *a; QString txt = history[i]; if (!QFile::exists(txt) && !OpenDb::isRemoteDB(txt)) continue; txt = txt.remove(0, txt.lastIndexOf(QDir::separator()) +1); if (txt.size() > 20) txt = QString("...") + txt.mid(txt.size() - 20); a = historyMenu->addAction(QString("%1 %2").arg(j++).arg(txt)); a->setData(QVariant(history[i])); a->setToolTip(history[i]); } } void MainWindow::open_database(QAction* a) { changeDB(a->data().toString()); } void MainWindow::new_database() { load_db l; QString selectedFilter; QString fname = QFileDialog::getSaveFileName(this, l.caption, homedir, l.filter, &selectedFilter, QFileDialog::DontConfirmOverwrite); // make sure that, if the 3 letter extension was left selected // in Qt's OS X file open dialog, // the filename actually ends with that extension. // Otherwise usability breaks in jarring ways. changeDB(getFullFilename(fname, selectedFilter)); } void MainWindow::load_database() { load_db l; QString fname = QFileDialog::getOpenFileName(this, l.caption, homedir, l.filter); changeDB(fname); } void MainWindow::setOptions() { if (!QSqlDatabase::database().isOpen()) return; Options *opt = new Options(this); if (opt->exec()) { reqView->showHideSections(); certView->showHideSections(); } delete opt; pkcs11::reload_libs(Settings["pkcs11path"]); enableTokenMenu(pkcs11::loaded()); } xca-RELEASE.2.2.1/widgets/XcaHeaderView.h0000644000175000017500000000054413614632167017216 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2015 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __XCAHEADERVIEW_H #define __XCAHEADERVIEW_H #include class XcaHeaderView: public QHeaderView { Q_OBJECT public: XcaHeaderView(); void contextMenuEvent(QContextMenuEvent *e); public slots: void resetMoves(); }; #endif xca-RELEASE.2.2.1/widgets/SearchPkcs11.h0000644000175000017500000000224413614632167016726 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2011 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __SEARCHPKCS11DIALOG_H #define __SEARCHPKCS11DIALOG_H #include #include "ui_SearchPkcs11.h" class SearchPkcs11; class searchThread: public QThread { Q_OBJECT protected: QString dirname; QStringList ext; bool recursive; bool keepOnRunning; bool checkLib(QString file); public: searchThread(QString _dir, const QStringList _ext, bool _recursive); void search(QString mydir); void run() { search(dirname); } public slots: void cancelSearch(); signals: void updateCurrFile(QString f); void updateLibs(QString f); }; class SearchPkcs11: public QDialog, public Ui::SearchPkcs11 { Q_OBJECT protected: void searchDir(QString dirname, bool subdirs); searchThread *searching; public: SearchPkcs11(QWidget *parent, QString fname); ~SearchPkcs11(); public slots: void on_search_clicked(); void on_fileBut_clicked(); void buttonPress(QAbstractButton *but); void loadItem(QListWidgetItem *lib); void updateLibs(QString f); void updateCurrFile(QString f); void finishSearch(); signals: void addLib(QString); }; #endif xca-RELEASE.2.2.1/widgets/ExportDialog.h0000644000175000017500000000315613614632167017142 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2014 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __EXPORTDIALOG_H #define __EXPORTDIALOG_H #include "ui_ExportDialog.h" #include "lib/pki_base.h" class MainWindow; class QPixmap; class exportType { public: enum etype { Separator, PEM, PEM_chain, PEM_unrevoked, PEM_all, DER, PKCS7, PKCS7_chain, PKCS7_unrevoked, PKCS7_all, PKCS12, PKCS12_chain, PEM_cert_key, PEM_cert_pk8, PEM_key, PEM_private, PEM_private_encrypt, DER_private, DER_key, PKCS8, PKCS8_encrypt, SSH2_public, PEM_selected, PKCS7_selected, Index, vcalendar, vcalendar_ca, ETYPE_max }; enum etype type; QString desc; QString extension; exportType(enum etype t, QString e, QString d) { type = t; extension = e; desc = d; } exportType() { type = Separator; } bool isPEM() const { switch (type) { case PEM: case PEM_chain: case PEM_unrevoked: case PEM_all: case PEM_cert_key: case PEM_cert_pk8: case PEM_key: case PEM_private: case PEM_private_encrypt: case PEM_selected: return true; default: return false; } } }; Q_DECLARE_METATYPE(exportType); class ExportDialog: public QDialog, public Ui::ExportDialog { Q_OBJECT protected: QString filter; MainWindow *mainwin; QVector help; public: ExportDialog(MainWindow *mw, QString title, QString filt, pki_base *pki, QPixmap *img, QList types); static bool mayWriteFile(const QString &fname); enum exportType::etype type(); public slots: void on_fileBut_clicked(); void on_exportFormat_activated(int); void on_exportFormat_highlighted(int index); void accept(); }; #endif xca-RELEASE.2.2.1/widgets/MW_database.cpp0000644000175000017500000003237113614632167017244 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "MainWindow.h" #include "lib/exception.h" #include "lib/pki_evp.h" #include "lib/pki_scard.h" #include "lib/entropy.h" #include #include #include #include #include #include "lib/db_base.h" #include "lib/func.h" #include "lib/db.h" #include "ImportMulti.h" #include "NewKey.h" #include "OpenDb.h" QSqlError MainWindow::initSqlDB() { #define MAX_SCHEMAS 7 #define SCHEMA_VERSION "7" QStringList schemas[MAX_SCHEMAS]; #include "database_schema.cpp" XSqlQuery q; QSqlDatabase db = QSqlDatabase::database(); QStringList tables; unsigned int i; if (!db.isOpen()) return QSqlError(); Transaction; if (!TransBegin()) return db.lastError(); for (;;) { i = XSqlQuery::schemaVersion(); if (i >= ARRAY_SIZE(schemas)) break; foreach(QString sql, schemas[i]) { qDebug("EXEC[%d]: '%s'", i, CCHAR(sql)); if (!q.exec(sql) || q.lastError().isValid()) { TransRollback(); return q.lastError(); } } } if (i != MAX_SCHEMAS) Error(errorEx(tr("Failed to update the database schema to the current version"))); TransCommit(); return QSqlError(); } QString MainWindow::openSqlDB(QString dbName) { OpenDb *opendb = new OpenDb(this, dbName); if (opendb->exec()) { close_database(); opendb->openDatabase(); QSqlError e = initSqlDB(); if (e.isValid()) { dbSqlError(e); QSqlDatabase::database().close(); dbName = QString(); } else { dbName = opendb->getDescriptor(); } qDebug() << "DB-DESC:" << opendb->getDescriptor() << dbName << e; } delete opendb; return dbName; } void MainWindow::openRemoteSqlDB() { init_database(""); } void MainWindow::set_geometry(QString geo) { QStringList sl = geo.split(","); if (sl.size() != 3) return; resize(sl[0].toInt(), sl[1].toInt()); int i = sl[2].toInt(); if (i != -1) tabView->setCurrentIndex(i); } void MainWindow::dbSqlError(QSqlError err) { if (!err.isValid()) err = QSqlDatabase::database().lastError(); if (err.isValid()) { qCritical() << "SQL ERROR:" << err.text(); XCA_WARN(err.text()); } } bool MainWindow::checkForOldDbFormat(QString dbfile) { // 0x ca db 19 69 static const unsigned char magic[] = { 0xca, 0xdb, 0x19, 0x69 }; char head[4]; QFile file(dbfile); if (!file.open(QIODevice::ReadOnly)) return 0; file.read(head, sizeof head); file.close(); return !memcmp(head, magic, sizeof head); } int MainWindow::verifyOldDbPass(QString dbname) { // look for the password QString passhash; db_header_t head; class db mydb(dbname); mydb.first(); if (!mydb.find(setting, QString("pwhash"))) { QString val; char *p; if ((p = (char *)mydb.load(&head))) { passhash = p; free(p); return initPass(dbname, passhash); } } return 2; } void MainWindow::importOldDatabase(QString dbname) { class db mydb(dbname); unsigned char *p = NULL; db_header_t head; pki_base *pki; db_base *cont; QList pkitype; pkitype << smartCard << asym_key << tmpl << x509 << x509_req << revocation; Settings["pwhash"] = pki_evp::passHash; for (int i=0; i < pkitype.count(); i++) { mydb.first(); while (mydb.find(pkitype[i], QString()) == 0) { QString s; p = mydb.load(&head); if (!p) { qWarning("Load was empty !"); goto next; } switch (pkitype[i]) { case smartCard: cont = keys; pki = new pki_scard(""); break; case asym_key: cont = keys; pki = new pki_evp(); break; case x509_req: cont = reqs; pki = new pki_x509req(); break; case x509: cont = certs; pki = new pki_x509(); break; case revocation: cont = crls; pki = new pki_crl(); break; case tmpl: cont = temps; pki = new pki_temp(); break; default: goto next; } pki->setIntName(QString::fromUtf8(head.name)); try { pki->fromData(p, &head); pki->pkiSource = legacy_db; } catch (errorEx &err) { err.appendString(pki->getIntName()); Error(err); delete pki; pki = NULL; } free(p); if (pki) { pki_x509req *r=dynamic_cast(pki); if (r && r->issuedCerts() > 0) r->setDone(); qDebug() << "load old:" << pki->getIntName(); cont->insertPKI(pki); } next: if (mydb.next()) break; } } QStringList sl; sl << "workingdir" << "pkcs11path" << "default_hash" << "mandatory_dn" << "explicit_dn" << "string_opt" << "optionflags1" << "defaultkey"; mydb.first(); while (!mydb.find(setting, QString())) { QString val; char *p; if ((p = (char *)mydb.load(&head))) { val = p; free(p); } QString set = QString::fromUtf8(head.name); if (sl.contains(set)) { if (set == "optionflags1") set = "optionflags"; Settings[set] = val; } if (mydb.next()) break; } } int MainWindow::init_database(QString dbName) { int ret = 2; QSqlError err; QString oldDbFile; qDebug("Opening database: %s", QString2filename(dbName)); if (checkForOldDbFormat(dbName)) { QString newname = dbName; if (newname.endsWith(".xdb")) newname = newname.left(newname.length() -4); newname += "_backup_" + QDateTime::currentDateTime() .toString("yyyyMMdd_hhmmss") + ".xdb"; if (!XCA_OKCANCEL(tr("Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format").arg(newname))) { return 1; } if (verifyOldDbPass(dbName) != 1) return 1; if (!QFile::rename(dbName, newname)) { XCA_WARN(tr("Failed to rename the database file, because the target already exists")); return 1; } oldDbFile = newname; } Entropy::seed_rng(); dbName = openSqlDB(dbName); if (!QSqlDatabase::database().isOpen() || dbName.isEmpty()) { /* Error already printed */ return 1; } certView->setRootIsDecorated(db_x509::treeview); ret = 1; try { if (pki_evp::passwd.isEmpty() && oldDbFile.isEmpty()) { ret = initPass(dbName); if (ret == 2) return ret; if (ret == 0 && Settings["pwhash"].empty()) return 2; ret = 0; } keys = new db_key(this); reqs = new db_x509req(this); certs = new db_x509(this); temps = new db_temp(this); crls = new db_crl(this); check_oom(keys && reqs && certs && temps && crls); models << keys << reqs << certs << temps << crls; } catch (errorEx &err) { Error(err); return ret; } if (!oldDbFile.isEmpty()) importOldDatabase(oldDbFile); searchEdit->setText(""); searchEdit->show(); statusBar()->addWidget(searchEdit, 1); connect( certs, SIGNAL(connNewX509(NewX509 *)), this, SLOT(connNewX509(NewX509 *)) ); connect( reqs, SIGNAL(connNewX509(NewX509 *)), this, SLOT(connNewX509(NewX509 *)) ); connect( reqs, SIGNAL(newCert(pki_x509req *)), certs, SLOT(newCert(pki_x509req *)) ); connect( tempView, SIGNAL(newCert(pki_temp *)), certs, SLOT(newCert(pki_temp *)) ); connect( tempView, SIGNAL(newReq(pki_temp *)), reqs, SLOT(newItem(pki_temp *)) ); keyView->setIconSize(pki_evp::icon[0]->size()); reqView->setIconSize(pki_x509req::icon[0]->size()); certView->setIconSize(pki_x509::icon[0]->size()); tempView->setIconSize(pki_temp::icon->size()); crlView->setIconSize(pki_crl::icon->size()); keyView->setModel(keys); reqView->setModel(reqs); certView->setModel(certs); tempView->setModel(temps); crlView->setModel(crls); set_geometry(Settings["mw_geometry"]); setWindowTitle(XCA_TITLE); setItemEnabled(true); if (pki_evp::passwd.isNull()) XCA_INFO(tr("Using or exporting private keys will not be possible without providing the correct password")); load_engine(); hashBox hb(this); if (hb.isInsecure()) { XCA_WARN(tr("The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons.").arg(hb.currentHashName())); setOptions(); } dbindex->setText(tr("Database") + ": " + dbName); currentDB = dbName; dbTimer = startTimer(1500); return ret; } void MainWindow::timerEvent(QTimerEvent *event) { quint64 stamp; if (event->timerId() != dbTimer) return; XSqlQuery q; SQL_PREPARE(q, "SELECT MAX(stamp) from items"); q.exec(); if (!q.first()) return; stamp = q.value(0).toULongLong(); q.finish(); qDebug() << "Stamp" << stamp << "DatabaseStamp" << DbTransaction::DatabaseStamp; if (stamp > DbTransaction::DatabaseStamp) { SQL_PREPARE(q, "SELECT DISTINCT type FROM items WHERE stamp=?"); q.bindValue(0, stamp); q.exec(); QList typelist; while (q.next()) typelist << (enum pki_type)q.value(0).toInt(); q.finish(); qDebug() << "CHANGED" << typelist; foreach(db_base *model, models) model->reloadContainer(typelist); } DbTransaction::DatabaseStamp = stamp; } void MainWindow::dump_database() { QString dirname = QFileDialog::getExistingDirectory( this, XCA_TITLE, Settings["workingdir"]); if (dirname.isEmpty()) return; QDir d(dirname); if (!d.exists() && !d.mkdir(dirname)) { errorEx err("Could not create '" + dirname + "'"); MainWindow::Error(err); return; } qDebug() << "Dumping to" << dirname; try { foreach(db_base *model, models) model->dump(dirname); } catch (errorEx &err) { MainWindow::Error(err); } } void MainWindow::undelete() { #if 0 ImportMulti *dlgi = new ImportMulti(this); db_header_t head; db mydb(dbfile); for (mydb.first(DBFLAG_OUTDATED); !mydb.eof(); mydb.next(DBFLAG_OUTDATED)) { mydb.get_header(&head); if (head.flags & DBFLAG_DELETED) { pki_base *item; unsigned char *p = NULL; QString name = QString::fromUtf8(head.name); switch (head.type) { case asym_key: item = new pki_evp(name); break; case x509_req: item = new pki_x509req(name); break; case x509: item = new pki_x509(name); break; case revocation: item = new pki_crl(name); break; case tmpl: item = new pki_temp(name); break; case smartCard: item = new pki_scard(name); break; default: continue; } try { p = mydb.load(&head); item->fromData(p, &head); dlgi->addItem(item); } catch (errorEx &err) { Error(err); delete item; } free(p); } } if (dlgi->entries() > 0) { dlgi->execute(1); } else { XCA_INFO(tr("No deleted items found")); } delete dlgi; #endif } static QString defaultdb() { return getUserSettingsDir() +QDir::separator() + "defaultdb"; } int MainWindow::open_default_db() { if (QSqlDatabase::database().isOpen()) return 0; QFile inputFile(defaultdb()); if (!inputFile.open(QIODevice::ReadOnly)) return 0; QTextStream in(&inputFile); QString dbfile = in.readLine(); inputFile.close(); if (QFile::exists(dbfile) || OpenDb::isRemoteDB(dbfile)) return init_database(dbfile); return 0; } void MainWindow::default_database() { QFile file(defaultdb()); if (currentDB.isEmpty()) { file.remove(); return; } if (file.open(QIODevice::ReadWrite)) { QByteArray ba; if (OpenDb::isRemoteDB(currentDB)) ba = filename2bytearray(currentDB); else ba = filename2bytearray(relativePath(currentDB)); ba += '\n'; file.write(ba); /* write() failed? Harmless. Only inconvenient */ } file.close(); } void MainWindow::close_database() { QByteArray ba; QString connName; bool dbopen; { /* Destroy "db" at the end of the block */ QSqlDatabase db = QSqlDatabase::database(); connName= db.connectionName(); dbopen = db.isOpen(); } if (!dbopen) { QSqlDatabase::removeDatabase(connName); Settings.clear(); return; } killTimer(dbTimer); qDebug("Closing database: %s", QString2filename(currentDB)); Settings["mw_geometry"] = QString("%1,%2,%3") .arg(size().width()) .arg(size().height()) .arg(tabView->currentIndex()); setItemEnabled(false); statusBar()->removeWidget(searchEdit); dbindex->clear(); keyView->setModel(); reqView->setModel(); certView->setModel(); tempView->setModel(); crlView->setModel(); qDeleteAll(models.begin(), models.end()); models.clear(); db_base::flushLookup(); reqs = NULL; certs = NULL; temps = NULL; keys = NULL; crls = NULL; QSqlDatabase::database().close(); pki_evp::passwd.cleanse(); pki_evp::passwd = QByteArray(); update_history(currentDB); pkcs11::remove_libs(); enableTokenMenu(pkcs11::loaded()); QSqlDatabase::removeDatabase(connName); currentDB.clear(); Settings.clear(); XSqlQuery::clearTablePrefix(); } static QString dbhistory() { return getUserSettingsDir() + QDir::separator() + "dbhistory"; } void MainWindow::load_history() { QString name; QFile file(dbhistory()); if (!file.open(QIODevice::ReadOnly)) return; history.clear(); while (!file.atEnd()) { char buf[1024]; ssize_t size = file.readLine(buf, sizeof buf); if (size <= 0) break; name = filename2QString(buf).trimmed(); if (name.size() == 0) continue; if (history.indexOf(name) == -1) history << name; } file.close(); update_history_menu(); foreach(name, history) { if (OpenDb::isRemoteDB(name)) { OpenDb::setLastRemote(name); break; } } } void MainWindow::update_history(QString fname) { QFile file; int pos; if (!OpenDb::isRemoteDB(fname)) fname = relativePath(fname); pos = history.indexOf(fname); if (pos == 0) return; /* no changes */ if (pos > 0) history.removeAt(pos); history.prepend(fname); while (history.size() > 10) history.removeLast(); update_history_menu(); file.setFileName(dbhistory()); if (!file.open(QIODevice::ReadWrite)) return; for (pos = 0; pos < history.size(); pos++) { QByteArray ba = filename2bytearray(history[pos]); ba.append('\n'); if (file.write(ba) <= 0) break; } file.close(); } xca-RELEASE.2.2.1/widgets/database_schema.cpp0000644000175000017500000002660013614632167020157 0ustar tewardteward/* The "32bit hash" in public_keys, x509super, requests, certs and crls * is used to quickly find items in the DB by reference. * It consists of the first 4 bytes of a SHA1 hash. * Collisions are of course possible. * * All binaries are stored Base64 encoded in a column of type * " B64_BLOB " It is defined here as "VARCHAR(8000)" */ #define B64_BLOB "VARCHAR(8000)" /* * The B64(DER(something)) function means DER encode something * and then Base64 encode that. * So finally this is PEM without newlines, header and footer * * Dates are alway stored as 'CHAR(15)' in the * ASN.1 Generalized time 'yyyyMMddHHmmssZ' format */ #define DB_DATE "CHAR(15)" /* * Configuration settings from * the Options dialog, window size, last export directory, * default key type and size, * table column (position, sort order, visibility) */ schemas[0] << "CREATE TABLE settings (" "key_ CHAR(20) UNIQUE, " /* mySql does not like "key" or "option" */ "value " B64_BLOB ")" << "INSERT INTO settings (key_, value) VALUES ('schema', '" SCHEMA_VERSION "')" /* * All items (keys, tokens, requests, certs, crls, templates) * are stored here with the primary key and some common data * The other tables containing the details reference the "id" * as FOREIGN KEY. */ << "CREATE TABLE items(" "id INTEGER PRIMARY KEY, " "name VARCHAR(128), " /* Internal name of the item */ "type INTEGER, " /* enum pki_type */ "source INTEGER, " /* enum pki_source */ "date " DB_DATE ", " /* Time of insertion (creation/import) */ "comment VARCHAR(2048), " "stamp INTEGER NOT NULL DEFAULT 0, " /* indicate concurrent access */ "del SMALLINT NOT NULL DEFAULT 0)" /* * Storage of public keys. Private keys and tokens also store * their public part here. */ << "CREATE TABLE public_keys (" "item INTEGER, " /* reference to items(id) */ "type CHAR(4), " /* RSA DSA EC (as text) */ "hash INTEGER, " /* 32 bit hash */ "len INTEGER, " /* key size in bits */ "\"public\" " B64_BLOB ", " /* B64(DER(public key)) */ "FOREIGN KEY (item) REFERENCES items (id))" /* * The private part of RSA, DSA, EC keys. * references to "items" and "public_keys" */ << "CREATE TABLE private_keys (" "item INTEGER, " /* reference to items(id) */ "ownPass INTEGER, " /* Encrypted by DB pwd or own pwd */ "private " B64_BLOB ", " /* B64(Encrypt(DER(private key))) */ "FOREIGN KEY (item) REFERENCES items (id))" /* * Smart cards or other PKCS#11 tokens * references to "items" and "public_keys" */ << "CREATE TABLE tokens (" "item INTEGER, " /* reference to items(id) */ "card_manufacturer VARCHAR(64), " /* Card location data */ "card_serial VARCHAR(64), " /* as text */ "card_model VARCHAR(64), " "card_label VARCHAR(64), " "slot_label VARCHAR(64), " "object_id VARCHAR(64), " /* Unique ID on the token */ "FOREIGN KEY (item) REFERENCES items (id))" /* * Encryption and hash mechanisms supported by a token */ << "CREATE TABLE token_mechanism (" "item INTEGER, " /* reference to items(id) */ "mechanism INTEGER, " /* PKCS#11: CK_MECHANISM_TYPE */ "FOREIGN KEY (item) REFERENCES items (id))" /* * An X509 Super class, consisting of a * - Distinguishd name hash * - Referenced key in the database * - hash of the public key, used for lookups if there * is no key to reference * used by Requests and certificates and the use-counter of keys: * "SELECT from x509super WHERE pkey=?" */ << "CREATE TABLE x509super (" "item INTEGER, " /* reference to items(id) */ "subj_hash INTEGER, " /* 32 bit hash of the Distinguished name */ "pkey INTEGER, " /* reference to the key items(id) */ "key_hash INTEGER, " /* 32 bit hash of the public key */ "FOREIGN KEY (item) REFERENCES items (id), " "FOREIGN KEY (pkey) REFERENCES items (id)) " /* * PKCS#10 Certificate request details * also takes information from the "x509super" table. */ << "CREATE TABLE requests (" "item INTEGER, " /* reference to items(id) */ "hash INTEGER, " /* 32 bit hash of the request */ "signed INTEGER, " /* Whether it was once signed. */ "request " B64_BLOB ", " /* B64(DER(PKCS#10 request)) */ "FOREIGN KEY (item) REFERENCES items (id)) " /* * X509 certificate details * also takes information from the "x509super" table. * The content of the columns: hash, iss_hash, serial, ca * can also be retrieved directly from the certificate, but are good * to lurk around for faster lookup */ << "CREATE TABLE certs (" "item INTEGER, " /* reference to items(id) */ "hash INTEGER, " /* 32 bit hash of the cert */ "iss_hash INTEGER, " /* 32 bit hash of the issuer DN */ "serial VARCHAR(64), " /* Serial number of the certificate */ "issuer INTEGER, " /* The items(id) of the issuer or NULL */ "ca INTEGER, " /* CA: yes / no from BasicConstraints */ "cert " B64_BLOB ", " /* B64(DER(certificate)) */ "FOREIGN KEY (item) REFERENCES items (id), " "FOREIGN KEY (issuer) REFERENCES items (id)) " /* * X509 cartificate Authority data */ << "CREATE TABLE authority (" "item INTEGER, " /* reference to items(id) */ "template INTEGER, " /* reference to items(id) of the default template*/ "crlExpire " DB_DATE ", " /* CRL expiry date */ "crlNo INTEGER, " /* Last CRL Number */ "crlDays INTEGER, " /* CRL days until renewal */ "dnPolicy VARCHAR(1024), " /* DistinguishedName policy (UNUSED) */ "FOREIGN KEY (item) REFERENCES items (id), " "FOREIGN KEY (template) REFERENCES items (id)) " /* * Storage of CRLs */ << "CREATE TABLE crls (" "item INTEGER, " /* reference to items(id) */ "hash INTEGER, " /* 32 bit hash of the CRL */ "num INTEGER, " /* Number of revoked certificates */ "iss_hash INTEGER, " /* 32 bit hash of the issuer DN */ "issuer INTEGER, " /* The items(id) of the issuer or NULL */ "crl " B64_BLOB ", " /* B64(DER(revocation list)) */ "FOREIGN KEY (item) REFERENCES items (id), " "FOREIGN KEY (issuer) REFERENCES items (id)) " /* * Revocations (serial, date, reason, issuer) used to create new * CRLs. "Manage revocations" */ << "CREATE TABLE revocations (" "caId INTEGER, " /* reference to certs(item) */ "serial VARCHAR(64), " /* Serial number of the revoked certificate */ "date " DB_DATE ", " /* Time of creating the revocation */ "invaldate " DB_DATE ", " /* Time of invalidation */ "crlNo INTEGER, " /* Crl Number of CRL of first appearance */ "reasonBit INTEGER, " /* Bit number of the revocation reason */ "FOREIGN KEY (caId) REFERENCES items (id))" /* * Templates */ << "CREATE TABLE templates (" "item INTEGER, " /* reference to items(id) */ "version INTEGER, " /* Version of the template format */ "template " B64_BLOB ", " /* The base64 encoded template */ "FOREIGN KEY (item) REFERENCES items (id))" /* Views */ << "CREATE VIEW view_public_keys AS SELECT " "items.id, items.name, items.type AS item_type, items.date, " "items.source, items.comment, " "public_keys.type as key_type, public_keys.len, public_keys.\"public\", " "private_keys.ownPass, " "tokens.card_manufacturer, tokens.card_serial, tokens.card_model, " "tokens.card_label, tokens.slot_label, tokens.object_id " "FROM public_keys LEFT JOIN items ON public_keys.item = items.id " "LEFT JOIN private_keys ON private_keys.item = public_keys.item " "LEFT JOIN tokens ON public_keys.item = tokens.item" << "CREATE VIEW view_certs AS SELECT " "items.id, items.name, items.type, items.date AS item_date, " "items.source, items.comment, " "x509super.pkey, " "certs.serial AS certs_serial, certs.issuer, certs.ca, certs.cert, " "authority.template, authority.crlExpire, " "authority.crlNo AS auth_crlno, authority.crlDays, authority.dnPolicy, " "revocations.serial, revocations.date, revocations.invaldate, " "revocations.crlNo, revocations.reasonBit " "FROM certs LEFT JOIN items ON certs.item = items.id " "LEFT JOIN x509super ON x509super.item = certs.item " "LEFT JOIN authority ON authority.item = certs.item " "LEFT JOIN revocations ON revocations.caId = certs.issuer " "AND revocations.serial = certs.serial" << "CREATE VIEW view_requests AS SELECT " "items.id, items.name, items.type, items.date, " "items.source, items.comment, " "x509super.pkey, " "requests.request, requests.signed " "FROM requests LEFT JOIN items ON requests.item = items.id " "LEFT JOIN x509super ON x509super.item = requests.item" << "CREATE VIEW view_crls AS SELECT " "items.id, items.name, items.type, items.date, " "items.source, items.comment, " "crls.num, crls.issuer, crls.crl " "FROM crls LEFT JOIN items ON crls.item = items.id " << "CREATE VIEW view_templates AS SELECT " "items.id, items.name, items.type, items.date, " "items.source, items.comment, " "templates.version, templates.template " "FROM templates LEFT JOIN items ON templates.item = items.id" << "CREATE VIEW view_private AS SELECT " "name, private FROM private_keys JOIN items ON " "items.id = private_keys.item" << "CREATE INDEX i_settings_key_ ON settings (key_)" << "CREATE INDEX i_items_id ON items (id)" << "CREATE INDEX i_public_keys_item ON public_keys (item)" << "CREATE INDEX i_public_keys_hash ON public_keys (hash)" << "CREATE INDEX i_private_keys_item ON private_keys (item)" << "CREATE INDEX i_tokens_item ON tokens (item)" << "CREATE INDEX i_token_mechanism_item ON token_mechanism (item)" << "CREATE INDEX i_x509super_item ON x509super (item)" << "CREATE INDEX i_x509super_subj_hash ON x509super (subj_hash)" << "CREATE INDEX i_x509super_key_hash ON x509super (key_hash)" << "CREATE INDEX i_x509super_pkey ON x509super (pkey)" << "CREATE INDEX i_requests_item ON requests (item)" << "CREATE INDEX i_requests_hash ON requests (hash)" << "CREATE INDEX i_certs_item ON certs (item)" << "CREATE INDEX i_certs_hash ON certs (hash)" << "CREATE INDEX i_certs_iss_hash ON certs (iss_hash)" << "CREATE INDEX i_certs_serial ON certs (serial)" << "CREATE INDEX i_certs_issuer ON certs (issuer)" << "CREATE INDEX i_certs_ca ON certs (ca)" << "CREATE INDEX i_authority_item ON authority (item)" << "CREATE INDEX i_crls_item ON crls (item)" << "CREATE INDEX i_crls_hash ON crls (hash)" << "CREATE INDEX i_crls_iss_hash ON crls (iss_hash)" << "CREATE INDEX i_crls_issuer ON crls (issuer)" << "CREATE INDEX i_revocations_caId_serial ON revocations (caId, serial)" << "CREATE INDEX i_templates_item ON templates (item)" << "CREATE INDEX i_items_stamp ON items (stamp)" ; /* Schema Version 2: Views added to quickly load the data */ /* Schema Version 3: Add indexes over hashes and primary, foreign keys */ /* Schema Version 4: Add private key view to extract a private key with: mysql: mysql -sNp -u xca xca_msq -e or sqlite: sqlite3 ~/sqlxdb.xdb or psql: psql -t -h 192.168.140.7 -U xca -d xca_pg -c "SELECT private FROM view_private WHERE name='pk8key';" |\ base64 -d | openssl pkcs8 -inform DER * First mysql/psql will ask for a password and then OpenSSL will ask for * the database password. */ /* Schema Version 5: Extend settings value size from 1024 to B64_BLOB * SQLite does not support "ALTER TABLE settings MODIFY ..." */ schemas[5] << "ALTER TABLE settings RENAME TO __settings" << "CREATE TABLE settings (" "key_ CHAR(20) UNIQUE, " /* mySql does not like "key" or "option" */ "value " B64_BLOB ")" << "INSERT INTO settings(key_, value) " "SELECT key_, value " "FROM __settings" << "DROP TABLE __settings" << "UPDATE settings SET value='6' WHERE key_='schema'" ; schemas[6] << "ALTER TABLE items ADD del SMALLINT NOT NULL DEFAULT 0" << "CREATE INDEX i_items_del ON items (del)" << "UPDATE settings SET value='7' WHERE key_='schema'" ; /* When adding new tables or views, also add them to the list * in XSqlQuery::rewriteQuery(QString) in lib/sql.cpp */ xca-RELEASE.2.2.1/img/0000755000175000017500000000000013614632167013471 5ustar tewardtewardxca-RELEASE.2.2.1/img/w32res.rc0000644000175000017500000000015713614632167015147 0ustar tewardtewardIDI_ICON1 ICON DISCARDABLE "key.ico" IDI_ICON2 ICON DISCARDABLE "xdb.ico" IDI_ICON3 ICON DISCARDABLE "xca.ico" xca-RELEASE.2.2.1/img/done.png0000644000175000017500000000076213614632167015131 0ustar tewardtewardPNG  IHDR IDATxQY m۶m۶m۶m}a=}VxUB2l1C#c6,NX(kHdn3\L!Wg`5q'}θ'Mڏ+m9*Õ -Ѓ DQ7aְh{ID9>HidR'}l5{n;;IL4'.zh|'.\GVo %T}Iw&%b2Ѝ4& j)ioeF9g_"x6" p ;k(FmY!W]R]Q= Q҅FGxU˪]  o *>r4#DY)HF+ֱj)L,"i-V$q%&UJs^Q˔ !B=)OLY,ʠsfIENDB`xca-RELEASE.2.2.1/img/bigcert.png0000644000175000017500000004402613614632167015624 0ustar tewardtewardPNG  IHDR^fg[GIDATxdim ڶm;ݱm3۶Y誱m۸9Uߛ<]N‚((((( %C.$E|P 7>`+^&٧ˎ~+F ip@Ome@QQ8C}Xu_;nQwa3S3ҜC[@QlB7ejM[V55g`L??,t(GOa&l1NJ[3y&h7,ׅ0wzJv(M `3O?EoZw sگZ^ ΡWk0c[8RPB `Ȁa@=|K6͚m˖8k\(RJWx~!"(r۞z|7 'o튏>/9)nZjJBg_DJؑ3_O\[~R.1{>ysȘqš ϥXj߾,W1*A0L-oKC90%%ƞz4!"ԝ+^!!!~]˗\*5Kk{QHAxc2Mi>4ܦeͷ, 1MÃ-ڜ0#SKGDc>{&xc,*0syܝFmq*Ԁ"R5- n1,nOݙu⭄R7Jy;{>ޙӶ,xZcAR=_`^עYt|$SÀ!<=8R@o TR xoU1O3kǝWO܋QEިHʕX^4*^U#J#&I$i8r_{U>V$j Ao}Ԯq`KXH7tEcv>Ӷ " ,MMR!Z;%~^) .%@#L?uٲU6un7m[rfl~ܤxoDPL.'$/|ᗇ5'EdۯwjV/\ְsCHz+`xB? | @3КmzʘzqN=t-QE^>f l0>ΧsN+n欯4}ڌQt끍 hwW疬lSN9>s|bMy$dG?bu1 Q-BÎg^倱ci#fH| !!JŨUu12{]&5u[cc 4m.Iznd5by20@U"k{9OC4y~#DScXX]-*k{L5B/UcJTyxjc8/+F6n\qXz÷Ͼ Kۯo; 97v!G~Ƥvʎ#GֲՔ::(v"$J{ݥBA(M]H@7{8 `2=B>|ssmY:;/4iT?QoW!\i*bFH{ hcͶQ^#5G@^x%{機h>dFsZ8#VWcyyy50\D `z+3E+p5S{%bﱖ9dzo~Jrߘ|+\6AUyµ[/AXmߝ?f(BHG"ݨ*I>8Ge:$MRΦ)X]׭XyUkV\ m[X ;1vD6[Azg}Z2h`o B-=]\-x1<ԺU{j5zz,Y}; -D(\$ѥPחsϽ`r9]n{ՕX:WT1۷WB͇lzPMڔJX21Ү" XS4iS3IF&5X7\bl΢*EX+3HS%U5b D*dH-F¢̝{m՗P{c9+#W4D@VctWN0(z `PJ^{{IFx4 \tce&IP.W: ?'7H vd;Fzݦ+?zo>7F\^ѲzTz?g3&VÆhU#_?|D/#irذM7]!sh0F&&uޫl$lϤ.g(&XbDژ"JN0E^TU]:"^գQ^3^#Γq38zqBȬQxs>MS9'ϽOY+}z)ϐ-F^fZX 0T+(y ypNҿ` ?a٫fk hm_k`K|r/_ &3D\ebU/r}LhwJPVNQ'P,hE b㺻ajU^y^vMM1XT=@FDa.F0Hx@A^*R[^Qlk8:!Q**KZMsQ"곦RRkpnEsώW@RSN6#sVѩB5fU`WkHs`b1l/ywdCUR~킱HDH|<%dooM;_$ǿU/Ÿ g~b{oA,)A i,6r鮻̬~_cnj!_WG%_b )47AαjJ)Q  jm!8Bc@`9jj}U%gQZz +3{j=T*jp%+a]&cIbCq,BUxr3E)BTE@*+E&A<"@Z*MeoJ 5CjUy{9oL굒*6SK?6p I!\&B!ʱ{;Wߓe*HX4ı1 I9-!ZMAvXLA\TlB!T*j'Ze3Q\vB~H/DN'f݊_.>Ubt 1ku1zJU#)79TZb]v6( 9xkvd*C5F^F*F"|Wx"0X& %lUI9̯_ziUяËX У^9p ^y:F*^v]˯vyE%>]a1iF F^ZePZ|a D1"0ظyL-ZT-G]Ӌ֩Դ @Yt6̣>8j w^ٶ5G@*UR/_i^X,%]*% /Bs(2V9GQ5xx KT9T2=k)~U8y>ً~()s@u+q{#  ,|Roa߄MxG>̜`oIkK=&t[vV{; MM\=q!Ł!>s:|PEQ^~yﮭٳ[+C rO=|=t (MhtQ7Kh^U`O=_|E劜Cֈ0*Z!jj8ǝI:xEo,TDD9z]dcV8jJQ*ޫ45WV8[wN~n21p}_N~,~32שvemMۿk*z`/I5M5 6O>Ź!r $AU7ٌKvjzF{vkzT}K>dnٲIVmi='ۥ5k֙:t^5 "8dPwtz S(;;ެsJ.跍>2^zm}[[U`2K8mKG@x/'L:Xku1: =%Sa1l$ƒsq*WUrI;/[r^!SøH2Hrw^An`?7 6Uh<_]~w%o(DPRP4L{9:i1莶oW\`S${%9DmJT~Ӌn鮺x|շďK^|{y?i`OЭ|Ay vashʺuL>E2=/.~7yQӪUkltxf]$$6(I>K*91j? ? E[c"^9FY˜A%BpU5*;$V-0Z-=/%F4Ulܼdyn3H <7n0si>o:@6WYHb`%jr&V"3S-浫\^ zEj!;u]zn|NW-ưs\dpɨQë=$wIGu{;FK2s6k.>J.sJbҗyGM/j~FUO^ӟVy~@~ ͙g}ڴ˖o|MW\qC]%`20E$`%>}3NG7E/b<=  G{%V_Res 0& m-se,*+Hbg9VN?PAl&| V`7= ]Y-W}F'^vwxuGhҘ\Kzk,S_s***b{Jb-֘`A$zŸhU:,}zz.U _|U}{{(&@c!9oolRxwTiPFҭJ>U@2&*U& [Wzvs$Zs`bt̘HkeDhn7lyi#G ôq {jq~7 Hުm*hzBfkiI>{\춱8۫AńZaIr%W+k-;EcorggL5,dѢP ű[1L%3fduԨQbL6[U\WV9c,,7nL, 6؁KK :ŏ>۸וJUk ;k-üyWϜ9ܤ= 0<\|HPbv;yR#Z0KDvN{2)XG%eN7oF# @{92u2E킥ʲn8@^z'JV>MSMS2%Aޚq8&$ӵYgP|>ꢳ/\=|auGpdx>p-W4פiyWMRNu Z%{JZUi\-msm<(7eʄxiS[TGC}8E;4.K o}ͥRI֮]oMR9;5zQu֊|%f޻KܪM8@JA% O7*cV]RZ8i3HXpѻ&b7A/9m÷YKG/ݵlpwޗ;{Wfp:Bڻ*j kk.zO.CE o8F^c{=7.s Gu:ʇ>tfšQ#c9luM߰Qӷ̚55m$;qLg>}p@M :̽'vL@j64{V ("?^͞="bWko˯wҺm B/U 29h!*e/p=^7 za,ɝ22z0okrknzA{~P 5uK9CG}ksy3<˽DNHT=%8ƙfT5'\Jx%e3+|.N$Нn쨤NN9s3B

JRP~rkx#b_K!hvA<犇2<_ ZYSHPG:!EŲ\ ٹb!9W_5 9`cffA2 ƭ~SnÏ1:Y%Htodʄ+>6~Y`e>}wM2k"Q\B]afѫ;4>np07,`$3-r2i<؈5n}mƜoφab;zQrbA&Yj"ε”]z3'oц- j.2tIFӧӵ?4A02jmئaʝPܑsZW&Zn鿴ij$]&܏zV4ҹHGԶ $KnnoC|{ok~jL(Gzvoc\o ~76ŹNb!dee^d|u)jA t=!HHww06ºZ5MՂ2!b81dp~2()Ps> x" Dw}Zw^^@|jT ͛7=XP\+y^^8zaf'vptlڴb..9_~iBBm`{Z# 1JrLjO}e$dfeb<<:F+t xic3^ rC xo M}3i̭/uy!};uC F:2 bxw*U˺U+;&XI1f/=W?~܈Md_ S6rK΁gyޏ'_zM_O@۷π@ o~uBьb&uf{> 9bHM_~7cv폮KWC> ^&"U um^x5*Vb:HgR5c۞U6Z#QTHb`2 b; 2nԂL2SWaBz/i%*Ա][e?QỵO|64Id&Qύ}`N',[j֨`/foH+:":29n庼1cǶ??رѣGByi7nvB/ժU#\|[;?hԭ['ԱcAta )=V+FTjgй>qWX5jh?3@bxfꁻ=?78g3YXp(D%[nI)0e:Ww.r9P2dU۫ S=L)nA}~Z}h-~ x&)Jf2)؀դK"^ Z5È\/^wbe4gZ0gԳ%$'d~ŵsg1r'_GA"믿ssyF'xGw6/]`{$ӹy{S bm߾1`C9jUJ>e˞"hDUu\dK0,VfjLlٲI`s95f%SڨͅǢͪK"+ MWUdx^isa,Z4,UsCәz3rʚ]qi0M6;nTTO(M1l]HW6mЇ+2c&^O1R`PKv.AHp ĉҚ`RRJP/KD0Njq|(Icݺ-݋Վʔ*CZt5 >xׂE3 ^Yqo#g~3uO_sˌtYJ}?;pY~3<`1m3$]%*.wf&:gʨ1}0Ѱa}+nܸKo[h`.O?bA"&U_If뗒biȓѐܵkPȴ5z=РAPjUM!F3v^SJIeP"}mwff-Zn>u~qwߝyo?=15uѦM WZ9QliۼɱC;L:PSIM@W,2ͨ , 9N6B{}-u  : K^"Qv6, |ɮ+ΣwU9ǼѶ8K)%/ Abp͛^n#uQn3~dyf#r)mczFP2é]_m$ԋo۾G;vիV)$MwO.]:3` :wn;vhN͂,eɣA6Ɛ!PɅ gf]zf}>uQ띰Yr8ϿvCy+U*0M4$3 2*CzH76 :Q5(*6FdFIحwӵ >ޭ8`.3ili<0\K]sfg24RhtAb6eWW~E@pyEdl֠?UZ%Qyl+ީwd;.ۿ9rܠ#EF:kBԙ/z3WsU,c~fbne#H@HEXVba 1KbġcܣiR(JaĸFaop@MZ`EcrCAFf3zjŒZ΅Gʉ$㎵eLs,vV>1 1`ĔW]եpg(C6^yei٫(Qv~Q6lV–-HoxitR%ɄEEgL!dٵ@$/Oi ^TJ580E?e{Ro!m 2E^櫾dCmŽ%4Ogj<6kraP 6)cĂH-29sbo."#D[m^]u2: "@"g!4vAP͞=9GI IfL?ۺ=^u•sXG5M"qM{,c^xZzT>7LtLDw:Qh޼EPp3i &!k7ni.{!6xx3 ,~>U2/Z # :gz Ξ/<ͻk6WlaST"qy @"z*CrE$`IYJ.S *y2&{XACp>$ VLym4A?߹}xdoʪU/zo|_~{ٲɴ=Xh'nUꫵ[oW۟^YBK_{cOꬖ'9FM*4HCo|:֠ F,H%R",lsP e~v9wk_>*3QDŏ Y9sæ}5:I,8ym~O bÂrA.1E7&U0N|n䜃[0nAkBрP0J5 nzʣRxfhiĈf 6ȀQv ғgĬ9xSg/ {Fp߹'lM&A4p]ze7{]AIu:[nE4ٝɓ2m6dfxhZDjz[0_׶933{,e @s aT>q>>fgĖ#8}cpwcos PK {&2 EM'p|$%ŔK}IL<۬YrHh#tnJG:__/d ðU;u_4H#M ZY0 Ζ;Hı _f ,ۧK{6"T֬y6㏿uWq\3bl-ˑ_|qvV I#'>}:F'#h:ujj^!}'U0|F勳w4AHBYW=)p6f*H^X HAz\\B\ jW+wךkPwGÏL`;8+oD_"֩`M;:pTp _p/o^Wמݳu~|+Ss~ &bBw+1@$_ne4lPD4$0}LNR0 GmscR\VE/z;wnh۶q-J ]}˘Cg@H/[619gϞm8: "L*m>AUN/Rj!>fx p ѱt)ǀMľpDSݑm5uxP=P PgPUˋKW0fh\]7WR6бG +7#3+ĩ}僡ˮ] H`dZvWZ!'ZX] w Iy=D 7Uu!yJfEEGH2@JLiÙ.1V/T RǪT%:Q)@Q,)Or's<"G {[Vb}.RdL|{FXO9\:qI^pv6k1b0ް_H:9WRTùQ ,"E(h|AnAg#^ >c$L>Ԥe-m]^Zqta3j.8 gv-d/333Qcff\af9U[&iwjJsl'WNΆȿN>)JLK$?xV<-"1B7"*'BX%u+1>>Lc1Zh7lSUc'|6{)e禽遝w 'rd4"f3"K(_RО{9"%§?Β%-n Luʴ.G4q68}UD#CXR#&?߸! Rp*hmu ͝lzI?5a=gtZ);6b:B!Q,k֚aqJCpNU^xG>O{wg]? هMNM2#Q2 /LBAKlDTڣ#Y\3a#PHD%?YHQ@CTmh# )]#˗O\V?"<#-88G8ev*Zcf#g @#z{ lԵSI^l1GxzIP#QH Dh.btXU#O0e\C QS~yA{r6;$fGH:i5@+M>eI$h>\% ):RE"B+ 4E&cP۴(P2뮹}KoDZ~߃fw:nלQ-\(E IfQIML[YuSI)q5e2{!_:8ԝ0@i&>^9G]rDJj7q_g'c80yŒ<=[}lN?-lѢyOWU1ӡ$R]J^k Q'OK{FʞO(tYc-O;-r/|.Q\?9Z*;YGtzbdr4wrod0U,gA׌0EkLNRr]8Jy?1bNyMu9rf#:#9fV]v],W"JSSPo]f{wc.YyʴC?M)Ux|p?R$y 2ˎdƾ*'j;{9FSaM˖Y^,TH2H9aZd}_O;8̓fOGC~ۥQVԵ"LN6c WQ>Gl0 "P[mQp[>捹RyGNeCWb$7p)nLDNWz]k2z=3s]Zb9sv*O=浩V5W|U5rY %͋]􄈗m_UrG"Ez0o(RPh9:9ʔx[q&3d <kD<Ř6r7Yʂ+.51>nrcP#릤4x3q͏ъ>&wv#FGAH6̡嵍A[F KRr)w!=Og|#̥-+-;##8(\mXARi+G,6OLH#@Dt(ylztyYR2*u "lՃJ͝Ր-NX~/{/r/A^7 :y4s+m\K3Ƚ#=L I<+DP0YKp![ >[(gѥdݚ5eX${'%7mŖekx~If̠\$ G3U,YDPH)1 uC,APOf'EDJ˴J)y%|зpnx`0ca5}WJH;7Tfa .ŽlQbiWm1cھl]7Hd#~UN<\s2&ly܎ N3g! 2LE (")S,PY"%vY|K ٬@t^43B \f$U'J%IYU4r[l^?:s5k={ti"J9fCD3BHIs|9SrJJCriܰ8 겉( >7%f~זO5C:u}ɽ^ZEӭB>kf:re#JTxHFC6fӸqPʗzCRr'gUkּs۪1##ݙ$MD)hęv7R][Y;>9]0uBvn ~(.0߇ \{͝={ܳf|'|zAYn'4̜5ؘn#픫6&sYl3'')d9A"\yfG_㞽̭)UuYݮ*nj,Ȍdm#J+VXM“ZJ8dPaCj\%ڳKn)ZTA)7!B]^$Yn~- /5d_NJJ\Ks ;_-ʩ(' t:JE%F~%ʚ8R].! xvRSZsq[##KEUEfZqAժkHIq|3֐MBˇ}ܕX3q.>O(qZEFR*$t "%wpte(ȵ)s\c a#V%`0)&G{8͐zWO*0Xq:xBG,jg,@i_U褤jYAwQՆ$Ww`W[UJI8A?7E`gof/Gxisr1dȐ_XoA^P!C ǒ'ᣆ 2I"͐!C6yU!C 2d|BDIENDB`xca-RELEASE.2.2.1/img/key.png0000644000175000017500000000234313614632167014771 0ustar tewardtewardPNG  IHDR(FIDATxV@m۶m۶T:۶m۶m~[W6{FWQz=78UlsMxt׮]K޾yf5Ϧ+Yd={ty~|qijg"^x͛7GslSNE۴i3l6ji4 02V M{ Ja3wN:n'AAXNg Z*gZ=dz>dao)C3 ~*zA9sܫ3Ƨ%FQرcPFkFNb(;,aL!"F<#_5X"U `B58&H+{w8l23䱒|$KPණDA rAВQaTddJxKՑ żrΝ3A/,Y2 Ici.TrpRQL, իWW̜93}F{*UPJWBJ6Iۋz%wСcƌz(IPp@arЃN0$U_$|F&444uw8Lȿ$&R-/Ty)#]r%ȑ#P$lyX^I}O,Ydxe}C 7o0 g!ݻw~ Baz8^&. ܭZoHYlZm۶()#B)oqƾWME~䏈H&ː!C5UV8poBgϞu_>dK(Q҃cTJ+רQ={o|4nx`\J!a8@ lATWPR )/&IENDB`xca-RELEASE.2.2.1/img/warn.png0000644000175000017500000000173213614632167015151 0ustar tewardtewardPNG  IHDR IDATxڍPdQ ٶٶmtmBl۶j^U]?/I~uZzS~7N9;Zy2_*N {|+G 3W}f)՞&T-Uu9l]:C f뜁 Fyg(3{FmL?v.ŘgWRR ,~^O{ګ О a@42c8zm'5p> DkWL5ѤJ Q) |UЃѯ_S@cZI#KŖ׼Re4PRIX)AA^&Rfj0J-Gzj S_aBrh8))2%b6m5)Hj\PbBAbp0)$Jn34$NIc@7;j%@!,IOzAV FKX&@͆͢@V  HJT$I;Rl 7P71|S uZl%dۂv"<3(3z~Iz%~~d z$հ[~;R}Ib?eN~r, 'I˒-b&\%[ !qmATź|O E\|K?fMc^A'֫Ϭ-dr-؎bQ5["T-|26}j~=hŻ(w JDܜA+沸ͻ =j|yoQm욛Ӹ 'ji==U—MyczyZԖrδܐz<$pR,&4nCw/91~]V}֥߫s<\)R5(++cwY> QՐPHwmS`'\?4NW}[ӹSwtҚOh;Ն5N"*HN,').ϰ}ZK3.ZFH'Ӭ_L~uA `u3i"=Diݿ[K|h{GU;CmC_Q8>uKHS:ePR[Yԟɴobi[t챻۱cfeWBP1@aX=qKO_Wۑ*HsN?bV*}[d()*Д2ZD ׊t/d.;=cߣ{b~YUXePߎ@ Pw_(&k]1T{n=ezUu |Â&/( `i&)\ k1;u._rDр#9~9cgQkŪ*h@ 1#kGd>da"21##I?pQ%1;&Y5gj׭߁xf6j]:t葽w?=pžU(@ը _ ʱa6ދBU=j5DmFf 0aD'Qrז|5m0t מyUV^vu]y`U弟J&٧W6{isʚCuzc-޽oWaXUޯO{}mX2 Kx:{]r\rCv *}1}^IM}}bc.GK8TX.[䌱`kmROg> i%}L(oͣv4& OLDjEF᫵ahms3: a *EU3M)`G5h4 {Pb1`_[!мTȯG׋N?|~gNPAa9q ě&-J'iͦ$F])Pc`ι[6I,9Љ=d|CjUZCQXY;?!vw-)4Jcr9WƱgV1b'>f&ffh;fLbnjg8iwgH{z=3HZv̬ZcX|XNv-Q۶q"Dl٪ސ Bїv|^"vӏ\V; Sɳy߮ pV4ap0/3o麊];0UTt-)*+rqh)F"0q= BhZs"hQOƍA;J3#IKU JϱLo!\.,O>ԥ=zX|eN.@ E/>uq>{lV4 L9z9yZ6, C|͚墳pcZ ,Jj9#*+- +6Nc^XX_#B12#M&cg v aFÐ3D!SO_jJX@3c֦ ђACPV Oc@VHE7ࣺz͌^o[YYu넼!A oNc|ލI>` Xes`V<@MA1Vզ&N͎3ׅKWUWWLORĢηJ/-{"ah2o9*w b1fuzvl ۴)O۵+Ŗe[u&06 0Hޑ4 \(s ']Yߪ*uR",:ml1XZ D*˖1- 8B)JPKq1r jUL@$as'|C3CkZ c  ' X`,,@" $- jS_~YS,XNkTK\rvUUMcCCc.5҆$@>K+"-곣V]d4ImSz]Ӧ^''b m21eJCȰ]r&m 9kK1KFuccl"tbFPlq1Ue0J) "g1c@|i: eʸGW|fmhqh#|WVvth: a?4Ƹ=VifB41DIVE ߷UUV" IJD W^c,Yn4q4(..2ZYeXpXP w ?۴)&3Z)VP$|oġ\‘9 RAh:u" AʡfcBי(Q[[dQ5448q^^B UAA>ɵ *??bfhMBc)IԦl0&lٸ^) R;4L^3,Yу9s$b'{7ą\k,"lFQ[㬥 8t'3}Vl,B*BG"h<΄WClɵ_i йD mڔX ZkVB~TyoA ?b眾ou$3eqe @(rTi%Q $#!k9c4&%X>Ep#CP8qAF,MZ$4#R!dhTڭ%HEc212F6㏿LKEj 9O͔A1CA=)у[C#Q̤B ē\:`Yif> 8bs&5N)sHc6YLv~:r=J -8ĄȐe޲Z: -dSS9sZ9sZcL!Bf[EErk"((c"BĨh(g6((C"Qp4씑GJ9Dmn6""e5 , R% H&S^ӑZBQHGN$"#?Qtϓ!`)|3tk\tlKjDb]Cf-mdK˘12Zd@<zY \ yZ[TUaZ5y}|!E@xxǽ.k3ҩ[4E"&ǵe"dc2_3Sd Oӽ|>ѢkvHURcHE޸6O{Q0`AƠfBnresY8Cڦ"p`C2-nrs|T06J]]"^kk `F (i]FGR u!E8C` h>ǔ,`rOa``p꩷.\^z( =sQVV .8QGͅ7E{kOل|D X]g[<&6iiXr,{_kxAm~Hj83B.w(2@A|DÆ 'o $3.1ЭZzEŅpGz lL&2Ʋe[R:aݷƔOzAɾ#wJn͚QepNVD,þO#"uc-l />Iu$C濭s33dY[Yvxm 6|H'&"BM Lb"t!ְtkI Na\894o-)Zm?4&0T5s  WO.}[?Lώ^k&rGDKxC2Uo5"_pA_XVeCkb`L1li%-\LA0obգG' TXEg{ .!>[m5<{b,ʕksϽY8e8Wnm莑KC1<OiRNH35[o?k֜\f 02C%}46oqf…Kާ~wh\oؼy=)yGC_%Wf8c$k1P؆RJSRK%F#vCC\k2[TL[!f)k#ÁRfK~n<)XYzZkU~Q RKqڤ)iL!7B_Cz5uۿur |ϱ{}ur[)ȑ4ngyp̘o/?fFu ̙Ap≇mհpqUUZbԏ 1bPj)WX5b W-\avq.]:vM6 m&h9uE{$o^uapVнQM9&xZ> CX\f#H)n-*tN(b IN m-n4Ã^#%4hdYd;.{nhq?ym;֦|Ɇu|)ݨO4G|@Fhe[NtB{Q7L:+:!XäI3b.i%fz1y}7>:z(2[QQЩS{;\0aZPRRd]}d*-_R5I'Vb^1( pT7|q_坞l] HҍL))AH{ڢRm- BKaߩ]*WH[G",aF?i+$ -/OF(QشAnāZ5o-d9_9fK\vgy`~cH 0.zI|hdMMHfɝ7B(KW^yGY˖fץe/ҳgϏ!riKacp(g߁rE}zju ]]6V `LP1NwD h麵̸WLQF$)IaE[ޮȷVLԗ#(K`<ᬳ7~YE}+8B& `]e7֥Yb H45FhDC+iӜqƵ\Q3Z/cR>}6k 7_“O޾MDσ( wFpp}YqͥEutS<ξOKXĜ.[(3=ATNd ^3iJk<%f5S G+b0N'B֬ ٞ=;BQSӀj'tW7"] KO3q)X<ȂE˜\;.e}[l1,u6Ha Ν~_pd$I6޸{ҭ8;am\3D.cD&JuVXs_6~RQ1s$K)̓,Cu8 Q ӕŧbщ6"EHvÌb=*!Ox }o=ztwSk!T2%k-'Z"b")0~aosķ%d +?;g_ y=G#wO>tz끻|+8<& CS!%26 E|Z1Es]uX&ڵmkƎ:oĩsxC_zY54oBo͚*{3b:'6o֏9sy~86ovhٳGNѣD%r"40`^_G3( 4DN(gQW؈ʲ l?-֣dCRY"xlQ`>oS|a QΌT"+@4Z &|_c.jOJ "t$$(a [_T^/i=FZ4|&obaF7ԮmF3wݾZJyWU%:$e ܫ#XkWId#6ȈRV#6}GnkrvS e(IhJ;n(gacªH/:ԓ't(36%V 5 c>0% ! "Π"Qji,ןUZ/f av@$5HvuW/MnsNf~‡N:Ľ*"BjfYlO0tiV >fŒ,_Lꏪuý!^Ca,W>*uԐ+p{ ,lUh5a(Eʑʱ)~1asϨz}kbpro^…5C dp1.b0Cc[R'xkN9rG_kg 9d[T;UZ# VA/uXZ{y}#PAyYd]t>wfG`]ݑ]:%涶6TbޢEK}+m[D9r:M5Z)m }շ 7/2y8\~WV;s+$׎8_~M~H{/smn5H19FóQ]aqqsi[d>/my;7|m{ BJezZ xeyVvq*6|G' j"3"gHI9uVc^;7'|Z*=0J#؁< fdhAHϩ[ZRf aEE ϬqvO=bQEر_s1>s(O]f ݻn0ݚw޾17}j>{%}\p^[? w=CvO▹mu/Xl2c`"&(٨[x?jQC4jω:20k c9rN4<DHZXzn8e)lGM2+#X_~ᡏ_EhQ9+|KnzTEXSov25ܲ5~sٻ y/Ɏ:fefffffffffffffuL8䫫?yovR_Nw:8޹&ň*qM_P^5έQ Fo (EX*Ԍv{]3f}LoV c ߘc@8 >mkJG]s ;=`^='7S 09iɇm`AȍLZ.ez{y)9VKyE:t r= ./'54*źpq {b>w72 _ =DUWwpP3'&-`Qt1։l뭷hٳG@ߏ 1巑.*XN?1}oe>3%)9";1D2I>kvp) \Ê'9!ٟ ,AJOJJEUO?_3j Z/BWmŪVd#)!` /*^ dJHuy7p@ )UWݒƋ[x8m\r;YBT__O8ጪK/=o>AhQn*)cxТ$D)qf^{KD0Aamo8f02$ < IByLZl=mɅ (AvD*lSĺLMYf'ۻK?3"#6xEI*ݯ90 ŏ?fp:Z]) _gu:kZ0ƔnXf >}ؖ=uf8?(Lq`:k׎Oij+cGDԴ;U{tK]T2`{RF?mE\q#=PRKryõSFyRJf/`ڷ˕'g O="^=7X;qƪ`?]`\$XkPb5pQ˵g`T4+7={>C|^aɢ 1Q}$\pԜ=zt/\zrڜ\tM@~C꣏>Ү]}(G毾*t͛Zx=6]h賔~qO:EHRUOũ5 [vOiҮ䣏>ۮ+M+K PLBͪ Aƿ`y&l2s_SΕ谸< {Cuց3"\vmw9igߣ=r Z"; o׭v>w#KqƱ^.9B)"(Tp( _Z+}? q\E؁Фg]n`8Bj.C:`1b}/Ԥ RCߥKg1\[ZC|' /"Ygº٬~YV6>8 @0}// rǑ+ 1DEBBI9U'd+'A0N_&XgkfqT?HWʥG-;` T_ߤ/G5QuTC,–/wPuЃ ̶*P$R@Ho42F61Fwsj+aBR$LGvŸ2ewWUwl]N7ͧq.®h{HCI̶+h̢͠x,4s36X5Xلm]5;) %Q`fvEF:{m]yw7+ ?xpnTI߈OrFuǪ}\~`Dgة궻_nJڰ|eG̢_OoSWɤ0JcA E2  t_3keeR{  lmS,j $q $f_Q1oiɈ6Ath.6 yxP O_ <: P&n'8Z$^Q,VLFK<.(ʅ12luɷ+o~v9 |٧~9',]t{wwHZzV*n^뾯;|eo1$-pN%$H`4NoRcXkU5 =gc ! v>ijsM漋_Xd9"Uby*tHZ p5%I1-prd?Wc.n}B|tÕGﶁxvʉD$j[#W"XmTY RJE4g FŘ4(4G:ڰVa^ ~2{T\ uNڔ48Ipp"pp ɉZѳZRqg9Kcg hzmuH4HjFu\[6G@0X@CipH EH)uThL;T\ɖH#ض&e` k^Y4 olGõ^|9N8Uv [)f("`pP-4l_yܹ Cd+pu/u_|=EDnyڴ+MvITlj<7.x1C̙޶ ᭻$rGŔq׌cA ,p-N" p00y+}Hs. pqmblQI`d<.{  ]NeWJ#ۃc 8 ybA,(nH]7:'}i pLwShQ}{ _;]XJMuz*ojgvf}Ƃ毜q!\K`$b8P*|eE4Sd\Ud/%.b"(`͙SC9=vߦ)V`8L`J^dhi3%j~p䊇h%I&nc>b`xWNijM"Pn2;m׹mSJu&M]0e?g"x6pqsHV)ϕB6UEe/+ϲl63ٴ@bQxɑv(HFc! Xg+m=vH6P*-DCt8%ibRwK#(6`4 \Whdpǿd8}h{(68}a4s\˟AH+b$x/kuHp \+|pxSR)/OuVZ޽K;^;yf_&5M>~܅ ]@JPY\y*WT]Ull Hٞ s s~(s_Ӏ!+ұcUly.@Yf2]6_dDbv)W/c0=C;?=NhcDYKf 85f@6s0:I㭆4yqULsAGQuq7~ KXm^9 O߫@…C<4O/Zh)iF\QJe}? ߈0y=( qd9\,gl^O@} uk=_n >WNCXĨ(K8w<)h#7/eI:= ݏKZu l5mQpeL$P:kѡG^;W>U lR YZVz9iթ@ܠ%Ԁީ+4lʖ[5p:nhYY:k+I NE$';=yc+8$SL! g"‡I ɤg!N~ĥ G|ܩU?pN`s[Jz/ ތ+{Q^{Ql 7\y{tw]5?%uft 4 BIeИQ=) }1[17Ukœ3m6P?R_>qէ;R"vpJ]܆صٰjür9|%% Lfkf^:*H35/VY$L /kܮJ%B C,$.I8(עϧ~0,FKl5ˁSvnxA+Ι>;m׮| r<ì2oSElN+]bfigHqcIPӕWTd9Ҕ7P ˔ӂliu3f0lݮ3Ӝwz=W_gQr)@c.x #[#F𬱨6 ulkAnE7NT  2E4g`(|1y SfW`O.IENDB`xca-RELEASE.2.2.1/img/imgres.rcc0000644000175000017500000000124013614632167015445 0ustar tewardteward bigcert.png bigcrl.png bigcsr.png bigkey.png bigtemp.png bigscard.png crl.png halfkey.png invalidcertkey.png invalidcert.png key.png key.xpm scard.png netscape.png reqkey.png req.png template.png validcertkey.png validcert.png done.png warn.png xca-RELEASE.2.2.1/img/Makefile0000644000175000017500000000135713614632167015137 0ustar tewardteward ifeq ($(TOPDIR),) TOPDIR=.. BUILD=.. endif OBJS=imgres.o ifeq ($(HOST), WINDOWS) OBJS += w32res.o endif include $(TOPDIR)/Rules.mak sinclude .depend install: xca-32x32.xpm install -D -m 644 $^ $(destdir)$(prefix)/share/pixmaps/xca-32x32.xpm imgres.cpp: imgres.rcc @$(PRINT) " RCC [$(BASENAME)] $@" $(RCC) -o $@ $< imgres.rcc: bigcert.png bigcrl.png bigcsr.png bigkey.png bigtemp.png crl.png halfkey.png invalidcertkey.png invalidcert.png key.png netscape.png reqkey.png req.png template.png validcertkey.png validcert.png scard.png w32res.o: w32res.rc key.ico xca.ico xdb.ico @$(PRINT) " WINDRES $@" $(WINDRES) $< $@ app: xca-mac-icon.icns mkdir -p $(APPDIR)/Resources install -m 644 $^ $(APPDIR)/Resources w32res.cpp: touch $@ xca-RELEASE.2.2.1/img/xdb.ico0000644000175000017500000001027613614632167014750 0ustar tewardteward  ( @ EeuWxW~jjtJetGlWxj`W~Eeu>^nEk}V}etz<[k^nQwdt~<[kAaqLrOuLxdv;ZjLxetz2Pe'DX(Ka/M]Sy]p/M]#?S'DXQw]p~'DX#?SLxatUWV')(#%$ LxetzTVU')(')(#%$  Qw]pced9;:9;:/20 Lx]ogihHJIACA9;: #!QwctcedHJIHJI #%$Ou]owcedRTSGIH #!(+)LxctwgihUWV#%$GIHLx]tced gihcwnjzJZe Jetknl ORPRTS 475cedxca-RELEASE.2.2.1/img/req.png0000644000175000017500000000277413614632167015000 0ustar tewardtewardPNG  IHDR(COIDATxHJ6Gk[g۶m۶m۶m^ zӳFRrV/f}TO]1z'^qY{_.ko㶫  @7wv>wu>U37̧8U/au7.wCᠽ6xgH8Ϸh8P46tH;gc&驙3\l.|qq{ ] Rp)B(Ļi'vܨ [*w}Zike_l* ӻws!iw$z#F 5zh,4TL+-\˲rihj *xHue{{Q]KƲO.).>{K90iu7 R2*%8#/2eIR`` hxܣ#.*%f}em/=DmxØț.#\p\gGRݛM[t*\hҤakB 0Dd˹ 9j·~a&7@ _*Koʊìj~W*Yd@`ҤZ&ӥưqlӖ=#/]gdMs@t*Aʚ/.KEgtl꠳s7);4 \XROXj5xji-ELDfs̒>&RZ, fo:*UYTbM~%M8X}L*8.JVScБZq&O<!TUGUU% @R*5Gx H0͙lK\ٮXRմݽV]`lꅌgp3ёٙg!J niIȏߙℙj`xoQp:`YbH" S^{ڦl%1I( 7o"έb} G#uaGEJ'N_y!&Oxȧ4%;OvJ$bLB8YQ<`XJBX&R0*,[p5+%t]E@AmeCҟS/ROzri 1Gia,W[mTWD&oM:&"9%E{rC.0W,  Ţ}yA-50 $i܅bN[dۥ+5>ܻ}%6 WRɦ0H9SGDnò|`6k׻W(kަ˞l$9]. hmMg{'xe&mD={ƣ#"f0ڮzy+{;C+3V릪ϛS++?b> d>Q7!4 fWzyI=6$*/ItH]VL򎍍݃?$~9_hxy-(^`|$Q:-%IENDB`xca-RELEASE.2.2.1/img/invalidcert.png0000644000175000017500000000323313614632167016504 0ustar tewardtewardPNG  IHDR(CObIDATx͖t4iE׈5M~۶m۶m۶m۶mLQ69WPBC?~|'WZ KD_lٲi3'W\-͝:mOAv-+4l֨tIM7M.3'_-fzalՊζnM7oD:uԛ;f~7Fڿʍ,y_U*9On-M޾r}Joos6`lVJY[ݡm5jF.h^ܯyf zr9s1{^|ƲOlK51hPYt[@,nVί;|亼~*'On4Ӌ8=\7lDɌޚfͧoFVc2sr7}T :f(JKk`9~+~>@-Kc:]i|.)P~mn!N'DB`4k^x(¥g<~H{?qH$B&HfTZP y|?T|U;ϮU1CH)%>.~ /~Z:omwO;xpDVX2}h9Zywm.ٷo }LMKM߃W`ֹw#cG"a {vC1}@롨 c&pHUG\rg|UKe?]k7ń͛+]T,kg<_8;"ozƃ% qS3Sp>I`P z82p!22D5Xbo_21C*NR$5<~c D9f_x@b̜Lwtr O =y0>Ukš7/^zyP(8cPdh%>ǛyIrO>_|!+t^(rݻϦ8a~ExxiIIicCsXSK  :~݁A+k%YLrap,3x|/>rLe_caFHSa"1wN‘×vM! _|l%aSp q.%Ldx9#ƌp+ԡq bEB pH\ݙ;y{S2x==3Ct4uJ"W2 Oܾs 6M[#ӼysQ˟M1tAnnjNBŊ:^Lwvsy;wѣrG;ܫ1fX?Rqc-)LǏѓ'j͚5/IPNJ} uXl kyOF>7IENDB`xca-RELEASE.2.2.1/img/xca-32x32.xpm0000644000175000017500000001003113614632167015544 0ustar tewardteward/* XPM */ static char * xca_32x32_xpm[] = { "32 32 118 2", " c None", ". c #FFFFFF", "+ c #D4D4D4", "@ c #F4F4F4", "# c #D1D2D1", "$ c #EDEDED", "% c #FBFBFB", "& c #D6D6D6", "* c #F5F5F5", "= c #FEFEFE", "- c #DBDBDB", "; c #C9C9C9", "> c #F6F6F6", ", c #FAFBFA", "' c #D3D3D3", ") c #FAFAFA", "! c #E2E2E2", "~ c #E3E3E3", "{ c #D0D0D0", "] c #ECECEC", "^ c #F7F7F7", "/ c #D1D1D1", "( c #F2F2F2", "_ c #F7F8F7", ": c #DEDFDE", "< c #EFEFEF", "[ c #E8E8E8", "} c #CACACA", "| c #EBEBEB", "1 c #CECECE", "2 c #F1F1F1", "3 c #DDDDDD", "4 c #EEEEEE", "5 c #E9E9E9", "6 c #CBCBCB", "7 c #F3F3F3", "8 c #E1E2E1", "9 c #EDEEED", "0 c #D8D8D8", "a c #CDCDCD", "b c #EBECEB", "c c #C7C8C7", "d c #D6D7D6", "e c #F0F0F0", "f c #909090", "g c #C7C7C7", "h c #E7E8E7", "i c #C4C4C4", "j c #EAEAEA", "k c #D4D5D4", "l c #939393", "m c #BBBCBB", "n c #E4E5E4", "o c #C2C2C2", "p c #E7E7E7", "q c #D2D2D2", "r c #929292", "s c #E0E1E0", "t c #BFC0BF", "u c #E4E4E4", "v c #CFD0CF", "w c #8F8F8F", "x c #B5B6B5", "y c #BCBDBC", "z c #E1E1E1", "A c #BDBDBD", "B c #E5E5E5", "C c #CDCECD", "D c #E6E6E6", "E c #DEDEDE", "F c #DFDFDF", "G c #E0E0E0", "H c #888988", "I c #D5D5D4", "J c #BBBBBB", "K c #CACBCA", "L c #8E8E8E", "M c #D5D5D5", "N c #DADADA", "O c #9F9F9E", "P c #9C9C9C", "Q c #A4A4A2", "R c #BEBFBE", "S c #6B6B6B", "T c #C8C8C7", "U c #696969", "V c #CFCFCF", "W c #D9D9D9", "X c #D7D7D7", "Y c #666666", "Z c #989898", "` c #6F6F6F", " . c #DCDCDC", ".. c #636363", "+. c #A7A7A7", "@. c #656565", "#. c #484848", "$. c #828282", "%. c #626262", "&. c #AEAEAE", "*. c #CCCCCC", "=. c #818181", "-. c #C8C8C8", ";. c #BABABA", ">. c #A6A6A6", ",. c #9D9D9D", "'. c #C5C5C5", "). c #9B9B9B", "!. c #525252", "~. c #767676", "{. c #9E9E9E", "]. c #A3A3A3", "^. c #C3C3C3", "/. c #919191", "(. c #B8B8B8", "_. c #ABABAB", ":. c #888888", "<. c #2A2A2A", " . + @ ", " # $ % & * = - ", " ; > , ' @ ) ! ~ ", " { ] ^ / ( _ : < [ ", " } | @ 1 2 * 3 4 @ 5 ", " ( 6 < ( - $ 7 @ 5 ", " 8 ] ; 9 < 0 ] 2 7 ( 0 ", " a [ b c ] ] d | e ( ( ( f ", " g $ h i j j k j < 2 2 ( l ", " m h n o 5 p q [ 4 < < e r ", " 1 s t p u v p $ 4 4 e w ", " x y z A B 8 C D | $ $ < w ", " $ ~ z E F G 3 H I d J u F K B j ] ] $ L ", " ~ M M N G 3 3 0 E O P ~ 3 ; u 5 | | ] l ", " - q 3 ! B ~ u ~ p ! G G Q R ~ p 5 | | S ", " 0 / z ~ G ! ! ~ ~ D D 5 G T ! D [ | | U ", " M V q W X W F z z B ~ 5 p p ~ + B 5 j Y ", " ; V / Z ` f a X F u ! p D z j u .W j .. ", " 6 +.@.#. $.+ z z B B E G u p p + %. ", " &.*.$. / F ! u .F ! 5 j 5 =. ", " &.-.6 M F u - 3 z j | j j ;. ", " +.g { e F X & ~ - E F [ j $ j | >. ", " ,.'.{ V F N M G N E E [ 5 ] $ j 4 ). ", " J -.1 W .- G X 3 3 p [ | ] $ | @ S ", " - -.X . .X 3 .D p j ] ] j $ *.!. ", " J M V W F N - B D 5 | | | ] e ~. ", " + - / 0 G ! D [ 5 [ 5 ] > {. ", " & p 3 0 3 G ~ B p ( 5 ]. ", " &.! 5 e 7 @ * ! ^.r ", " L /.(.J ;._.:.f ", " <. ", " "}; xca-RELEASE.2.2.1/img/validcert.png0000644000175000017500000000305413614632167016156 0ustar tewardtewardPNG  IHDR(COIDATxHT%iMc^۶mKm۶k۶9Iڽ6 Lm$\7O?1 cv`|δ/{̙wl*.o;K jdWzJy n~kƥ۶<=sz[k O_ի/\.BDDUy/oҿoKy/yNʂwE9/HM+/(6)L@`Q6S& SOFclQXߧT.G{tB DR#o/ O/+E  oS_0[θO+vHbY\Y4JADaQZZ) PVV! Cij[[Yb~ 1I: Ij &k'J|C<_4$Vb*wfY!|k1x} 7۷0+V㥥娮AaJ9, p # *ɬ׫[ӧ⣏VY \&!(aԔ7y䥹! Jc~i*jBf6jᄏҧwk$76Gnye1B,15GE9ѿ:74c* d?4tK~c˫J**Y0Hf98#>^3㒈GII)BJA_ܓ{xhPrq3Jm{y9ܑlV#Y8oٲNƷ+Uݻ53JESF8S0E{:l٦X#!!qSՊPUUIU9,I$mVزP+L&44jwXS7A$"MK†'3IιB VBŶa*A0M0 \ΝԥK238Vak',]aN7(=zq|N+l69>Fp 0W۩]:;Cmg!xybGLRo/Y2fPQQE.бc|Mޱy͡CG)瀠n2H7oun.5#]U//.._J_FEe5}6 $C WnW+<o[Dv ,~+)QQ.$ CJ]B$瓀A&EcaJ7w{wha|4(23άSGNeo65 <{*GrT#z3H)u7=%Ͽ5o\r߹q[^3wn5g}׬yb;xS߾P $zdy'1*)Dz\FGQQr~DI@S:])ʧoD4&z'U5Ǔ51!ANIM|>9XU :7r\d'36d&'BrBLcvDc*!kM4zoE;4нIENDB`xca-RELEASE.2.2.1/img/scard.png0000644000175000017500000000163713614632167015302 0ustar tewardtewardPNG  IHDR(COfIDATxSW~{fakڶm۶m۶m`A}LkBQ R] F#@7@<]XZBtB1?XG%}pwUS/<ܔpsQB$8M-aB|R0=jeyySasojjp6hv!;h"oA[j{Hٹlmm>0>> Kp 5F BK ڀc!5HMzmDf";b#g` 908#s8 šV+13jVt-38>>%QX\ SOݨi?栊VM`m)V(1|t ҃ˆOc}*0&̆Ag:p,lO DT&' w ku7t nt(R8KIE' B̆PAja(5۶mvIcY~y+ck9G~BDRI笙Z6q`Bb1Pki?ȍǻMXug1cOVĪgbd-ƓuIENDB`xca-RELEASE.2.2.1/img/banner.bmp0000644000175000017500000024771213614632167015453 0ustar tewardtewardBMOzl:PO  BGRs)\_@Y^G- /CCXYWW]I7_!$fcba_[XW VV VX^'^_AKX WY[\]]]][X]GO^]_G4 YX""`&&b,,g--g//h00i))eXY^` A_]]]^@ V[$$a44k<^ZXWWV U UUV[^Y Y[ \""f22n""e \Y[W 9\^]X U TTUUVZ^Zrrr?^[b<]`++p//sII88w,,n##hc_[W\&YUUUWY W WVX^b/OjpRnpUpoqz̑ˑ~mmkjlrytʚ̚̚zLddH__Mff 76*S^!!m**n$$ifc]X]Irrs1\YWXVWY[^\I4""EVVڰF\\ Pbcc[Y]< _][\[[^]^C$$o!c^YZ]>J]^^^]aKIbbYvvh}յrc$[Y]`$ %* ',(->R[JcoJcnqh?U_!.3b^^^^`5.=9Wttj~¦۳EUUӷh)`^`%.=B#/2oT^^^]]ģܦݨֽ߬^jj4;9ʴгбббаЭP__!((h}}Ҕ""""v8^`&}m ,9[^^^b&ݨبש֩ժիխԯԱԴչпϼ͹ʶȵDz6GGwfmm]cc599qxx@CCZ``>CC^f{t~uKTTU__>FF$))~Wffϲ׷).rrra 0e?TXOio*8;=RU9LPUknQ^^^2-//hppmtt 699aff.11{JNN\bbMRRiooHMM|GKKQUUMRR y')%MRShoo}¬˳ַ_ :PkpYw}d)5Ha]^]!;AAaii:>>CFF%''~>MRRTXXy/22.11ǯ϶ں]<L] V^:WZS:=; @"$!ntmbh_bi`bi`GNL %F =8:E>ʷڻZb Plq(+ݚ T$$b W _4~luulrr ϷܼzV`.)+a޴ b++gY ^4~donq~~GOO*./Xaa{q|}6;;NUV,./!""X]]$&&v{{%&&VYYORR799nrrbff!!Y^{}p=`jSe| V_5  "-/ꗿ4 d//hY ^4LVVVaa.55ISSyNXXt=DD_kkbmmZdd&**|~-22doo"&&?FF:AA399juu266"$$|GLL)++VZ[Y_^hnl3u,hUbc|}pV^O ߬ՇD((f--hY ]4}annbppz&,,.55ess-33DMMU``t.33XddS]]*00U``;CC\ggZddjvw]hh T\\BGO=e+J7j|ZV^Y=QT֧BQVX++g,,gY]3|WbbNXX6==Zff\gg-33MXX,22Q]]uZff{jxx}yMWWVbbRXUKcv}")5{Nd(55O]\ Ϲأ̡++f''d++gY]8uiww7??R\\z.44\fc08(MzK?l4" 5X?_^jԠt 11m `00jY\ @',,7AAdttfuu5::dnnYbbs zAWF k  sgART+`^?٢8$13d%>>v$$dZYZ\  &'޳ܵ׍<`m6CE!,,/?Ba'++j..k\ W[W!"E]`o瞿;TJJCNcbCUUu!"[$$e[ZW?AW\ ~+6dXv|*, 8:9: &(5GI썫ξrrr hirMfk**iQll'45#.0^}$24uxca-RELEASE.2.2.1/img/invalidcertkey.png0000644000175000017500000000351013614632167017213 0ustar tewardtewardPNG  IHDR(COIDATx͖x#[F;36mۨ_7k۶m۶m#iJyy3[ѣGf:ujO`׭[p/HOOoߺ _FQh7\0cRD ^]ۖUpU~4-DO7[b/OVw)eɮº{#G7un1]I9N±$֪n?޽~߻QawiKr )x>YQ:[w{<}|%@+ x$X3-[xq>~(!e ,^ "ƤIQ/[w2@`%_/R-odJ`V+,!Hf:ir߸l8崢F,BD !8"Aeeժ+h~O=Lm%Q\Iju4PBi>@Xɓ;x0>nsw(u=82٬J#[a$Aa.(FiZ'L=Ln3PڜmVVmRvHH>4"J)^[bb"E ǀAxt1R{[+oLFz:F*푚mj]Onr .B@˕+ V]ٴySgnIiib*tEWe$K@7dE@ )ZIIRy©RBU oQ`JRR2hZZK19_ t%ʓ+Ȧǧ/BG'Oób(<=k采˗lhhfC2$w8^* 'OH%IINܾ}FN$RIpQ_ ,9'NߺרN)P`pBS1<~ :A||ج9ˇT l.ooe ޑHshBg@Vtݻw[yi^O:RAX i V;SЦmǖݱJ:[#o99gHBܱkٌy)N$Xbq"Bydd kq[`  R-XZ"21&NƏ9Bx՞=| q˥l%$|Giq^3G ؏w b2i=Rɼy;O8wwQt" $|enr[/JIAݑD$ rswo裇ϟG @8X͒?ljFKsTjt8V ߁AӠr%gk=!=hPnnnQt̸itettђU?u*ڤiˆ9rƄ8K`B6X<>y>}=vDj֬(ˎ!Cw=,N2N6?o!;{Xҳ߷FE[ /%2("bN6/a܄_}kYP_ӤiC>|Ą=,;j:NdIENDB`xca-RELEASE.2.2.1/img/bigtemp.png0000644000175000017500000003276413614632167015642 0ustar tewardtewardPNG  IHDR^fg[5IDATx`dS6L2ۙyڶm۶m۶mۙ[lfgͩtV]_G%TRI%TRI%TRI%TRI%>BJd*VU6L `g"!rpb4ڲ\{Hvߧݒ>m%N}2"dڔ1 TC{SxSRGS)ם x4JO9GZtK6} (kڗ/۰>u tmG ݈ITIɒ6RB%k! L8mYycFXU8P PB9qAI"JAгJs ~9gfMA{ޛmݡ([]&ɣ dp]ml`MӶ"?]"ᏞS bVa5A>IX+ U5Iccow  s'Ւ|u3>;s+K< סjBd::AUz{ᳫ4x~s4xq#^HkçT ( pr8)| HR;Qʡ "|$J8V#9D$}z7sUkX:P)gyrz[f8ԁq n9%ىL{$ ,[Z2 eIɣlR"C^s̙ ^%ڢa(B1R PذOq@5( H嚂„rbP/ ɾ7m:]g5؁(SEJ'7\uZ*ףݤuJ.$U|N'mZ/dYQɂ>h Cהf3̓%R͠.v̐c(Q@FH B\ jC!ŀSbp ιD@Lz!8rRpVplHG-ߏ>׹F77w (Ejr6ي {_Dd~rԒdnUFZn= F 7jZ1VA n?{ n\ ͵1* ܺڸ:88~"Т½8JL9D҂\w/5ҼV<~fUwv^_ُ>Z),nn4|ACtĈt:LLh @j<\Kj wȍ=cE6[қd6M^xdŰk ,(D5}Gk$ Xׁܽ":6:Qu GD":IB1,3F rf{6>boϥˉl5sQU| ,SCRUh>@ %aPvv5 LXݭ(f2ݥo\>б<^+ZI)X63L&0NyTWW 6txd_L SVhbaBj8FDOP>P '$B)Я+DWbQY8IpF}ฌݤL1"DBຎ C9P] i#3k*j8s[pq׼h YB?Nܨ 'lc5 " U^${GtQ3f"J#HHrd\K7qZr-z"ki$Z V ZyYqG }" XbVe 6t>_B.W@ED)D2D0ňHڒ" ~w]'aIaР* ;M?#bPf# \w#7><_?k!?ler'y#8l+/:h1/,:oOdUUrxZ\cF{@~B(DBFgDq]X SDU)w |sHTF»eI%a\@_ڭkUE~'OLݣ.lC_Y=qhw 1ƭytCŝw>E"_Zh*Nߧ 0jR'ro."}]9P*(KQ'p,D6gȹNaUR*\Wa2Ȝe].>x`M@zؒ -&)n`Ү w?knx_&}h0?9""ٜ?/W9([ \3,GK,+j6WarSN>)Qyl*ȍ/u,51113 xl5qgU)=):&?=3]RI߮/ l0Ą:ai"|U(0F#i>QfV!)ԩ8j@ל 4[ jwIۛ =4XO%DHJ~(90YE-9쏞 `oS#] $BO0#kK Wů~u\ZfA;[adVj[kLg;fOndx@4[M83O48Ò|Wߏ_shc(E"b!tzr|"(CzI,6wO&N l`󘽵yr9 kˈ-QPC3<_L.p)M|%O|c5|/{ɸiGg;\Zi E۹.KN'b},Ǵi3fP2ls" )%ܳAی?9Y,rD $)01N$ΫGOL-JaLc2#,սq;eĉG@&̔ՁKN)nYֿF䔷dnmo2Y֚N:nk?+R8]BIN<88qR;Fu$ $db&ECH+YҒV0]EpI 6I(D̤wTHΥZOŴi[Wp?}ދ|_Ht_ ?:w֎12/^&Slewm;.MvN :=C7L֪$ 6㸞!r' A"a$1 Kpb! bha%..Fl_I |/s-^.viY0y<7 6e'ܴ+m]_l|!02!`S?ofvMe°DbsCQG/–vX)H^༸"A1JAzlu&AjDVc$!5%HE&`&$QTCL"/ۿpI%uʬ_]~^{RZ'% "#?vϭ@# & MagVdc@^c|Qt2Sߟ{B)e!iob|#/'vnX#Z fΧ[Ǿo5{1չ,e6g-E DnI0"[8+!3L.z,EkRaba8AD  ʼngUQp #Y,psƤDd\@&{ʂ8 JDWWL)9a d AO&l=nlw/LD'/79³pRNtk]&uIb+W~!ֻMr ZBhHJ*l7 0V; BSDyr.Au$ H:j"0 [šVKpbBBe( ԐKW]] `ID$i}V܍endQO~~"_X(~EL!foaIci. ZkWae \Y -,jH@hr Y^鳛ߠȿ% ~9 Zh1L$Tl* kBbp׬lx;<B~[#wqE~SZHPB 1DI'va1H B*}+],*ʶ3u'zsw~;ےN[cx|9\;2`]-X5v_2 A(\#/, }Q, 8PR1&;>+bH"av,Fv:׋!M6QQm-"D6,e&=N28te I OcvhO\s *}ǂQ2'@"xƐ+ج ÇH* eAE* Dgw-ޫ{1dED""tNyO(<Ō}?[yuU>%-_tG'zemȟƏ>I; ;@%⤣@wϬ2>g!F0'g 9d7/(k|llc'.bs{ Jȋ%^(XDQ#ەp4q T"v_wZ렞.\;pkx<$t;7SW:O?r/uMpZFsO;kʆrIl%;gM7ޓG\Ƨ&ji0szqGRk &=Ʊ6t3gnX"Bsr-u= aP#a6B_ѱJP%[;b IU N-GB bڔp}ݍl-XϯM p"鬕5=_V+@* -gZƺ"S=Na0ׯ7@x)V`,=F3/cL@GC]ҿBG-ozp3˰LEÖ0rp&.U=Q1Tli{vN s0^0F,\H@D-X$&쎒hKctƏ `2ieHBC%;l?'c]#b fUař%}C4Q'0&'VGp Ji H-DD `,yRQx +g ҄K(V \' p޼zw'# c@M˜̇nZi)g>V#[c~MAV+ǖ݉և1~[^?q87T W CEQD"=^iɅ$&*kÎ{X4A ATX$c7F\p?( C'!#Hρ86t3qD)9zppHg}H kkIJGRsK|wnqQ\o8CCx|?S~Q3㰆vz!,1g[;Ytc'67rOz!{bh. 6JJL_JD  4 ƞLn{p6 DG-emLj* 核$@8مHDY@@Lyqu?qIn.=CЅB,yoy ^ůB=o;CLaFP`TψCɵ"dyѵ?-hw~M6p,񢅻}?ԈUA !&face $͖ C[~$sǵݺjڷ$D[o 12_;r/K(;:*SLbM8WWT?.g/>PzTm[TMvף[vWX!%1ҏ߽ffשPS 5rbPT&$Hġ8Fyτ0]؉Y"`CD-Z mC|Ӄ\'(@G8!b"ﮇ+; 3%n@X !3P=alwmNe_\f}@& \vK`f:}'=A7UyٓKVdOه!BE};3V#JbjD @"e6:!ì]8bmI};(VN3N]'ѵ6pKo9<F8m1Tfw(ɢ+:,Bal7-嵇.&B;[[iQ]f"9lm 0" -B b\ ܶ!Y 'zp/a>n:0l'̚5ycӷڶ,HU牊zRڶMc{{kd AO /HBDf,[|+_+r, z>@v։#< 06M#+lWׯċEr zsfpFHK/ˀ-+=Llaiu jOoWϷX- hC_{SG}ܹs=<}me3y3z P,Uf Ov}8>OdHs`A^6*D?'ibaTG $At\}-|)\zCx76?VYDRdv[8pzNi$nslA,ZwҬu,Nq>9U,l9tO~hDWFw1h,5}^zcsŐWDGqwtMݳ`w܁k>xsNy"b 0)P/=q]]o!FtP&ݥQ:0 cFTqʩc)mBe[n|w=[~@8o fa ns$Ag[fK'pNccm)^!) g~ز#"ف@I2*XK gAY)ӹ~్gۄ vҌ_z8` ]y⸮Glmخcvn6ƴ bUvG T/ v_ Z2&6}x'yQ-]w=o{+U _>Hv} \Fx$i Vi;qlMe"'gkXꮽi'a-{=-p=<HNZ{*JB/=tIU<UʃM>Vi+f**L PTv7$ XeTd(U΃4*嵤3Z (߇hd")84HiP\WI´Z ;66Ho` :Ks8݇kL؊G[kM'w>4)]w}%A+W@N&ܨB_,b A]D`eT*h9~5 QJ|$tA Ν@\6gpD{q!ad*ƺV_?_CHgv/ t#E [6MUg&:v$({@ؘ/ MA\k Øt-׏-阆Q+uV|w4D sq"C|bD 5=y01C,AH{g6}:<+|ikoMOfQVbFqlLxxiDɣUE1!Ŋ f)<%ś  aCtow4|@½ % 1zh6q 0&EpoWlI++ 6lvd*Q ?~tJK˅U7i+c>g‰ĥp"PPAȦ+ HJ=᳻xmt'Du[񰯱:c@mJiŪU_eKq܈OyKYDY`U"/Gu6ZEދ`5\c['/!z?g^4DY`­ċ@G%k'r/$;QlT*_vM8R/GA= \5. }P8mpޮ"AXG!cByJMM"X]HV9D$\pYpAcS{+ީT݉EP!F,tsk.ڤ/&Zy{k7$ ܽTD1DžG`GR,lWXHl ;S]ӬV߄Ql23ё}ƥ_7~xw"jGzD$щ*p+u̸8| ff E߆o -EL]LC(.Őeai2!lwV9-ƐJ_c?iRpe`X`4"`$qbsJBHnQ Dq}=0gÅ/ӅAQc(QKe_QlϾ$\ *Q"`oZ+ބ'Qb2VьbTݯ0Qb(F߳n3IENDB`xca-RELEASE.2.2.1/img/key.ico0000644000175000017500000004107613614632167014765 0ustar tewardteward@@ (B(@    (06:;:72+# )8EPW^$$$x???FFF,,, `RI=/!  *=N_PPPۨZZZgD1!7Mbpppĺzzz(((r@* '@Xdddqqq S0 )D^+++n4 &DlEEE2 !?]777~-7W###\$ )Luuuwww8<aIII()N}}};7_MMM# D___mmm. (OC/WFFF5\\\\8QQQkkk! :|Flll 9j fff6 #ZZZ! 1G ) PCCC|. *MMM. :[F) !wwwH0"&8R>>>pppE(rttteeeWGDJY///rrrE).iiiiiiYYYAAANNNmmm锔tttE) ```bbbeeessstttE)ƚvvvE) !xxxE)͜yyyE){{{E)N|||E) yE)ޗ~~~F)e{F)-xF)@@@wvF) Uդ݆ikjsF)Syrkd> 2pF*-L|nF*ڞ* #lF*???VkF*WWWMiF*vvv<fF) fD%wݵb;O){{{5dy}ۚ=heeejwpppt 'pppt ppprnnnq ܧmmmplllqqqlvvve```M`{dddB  ppp)Z\a~~~yyyXXX ??8|???xca-RELEASE.2.2.1/img/netscape.png0000644000175000017500000004242313614632167016006 0ustar tewardtewardPNG  IHDRkkp| DIDATxl6iƳTc*afTr03¬I|[-կ?I}߫jJuiRQ*RxEYnޫ*r<5dZcMuxY5ĜshU(OI/^_nz詧_}.V6@VdAᄺ~AMUKe)%Ue'oYFdj{CF!g=6sr={;Z}ik9u*J9g~iW]swߩ^jlώ_a\U)8|βiX[줲gYIs$ ۶%fA?n{;r'l+ {&vrc,ͲǗ5#å2x 7rߪ^Ԫ5X ;ddwVY(h"#q-x '^;|bi^yyF <4c-vF؉>2vI,HƢì]GgPxVߍZKetrXnVw_k?f{F 週6.2i˅2Uʦ|; yOi_gܡ4cGYEpmeddž=(NS?[½ܼt"|ݫ.56u">c!Q.T7R䪉[wg}G $4bQE$C{gg6@;8hEDL#(T sӶsd0l﷝SAe9{s̺xjvǟ S-Z;U d g;)M)@X%s2aܙ3p;ʙش 8(R"3)QYIeZ;ud?"zz|Ǣ]` LCg:Lb<;(| |?O;器dJ& r$ 0]vikr!u%ӣ(\"p)dFv g"q$@h彇ƨBV6D{^I]`/rHV%a볎}Iܣ@bf^1MRUYuAo{n`L7lYeB)<{M*>bHBdv3g"s>nJ5m#K{g&z>ΌHg>`|JgggBjޫхl 3+.m~3TVI9[o{ns'qȦe-LM2ܴS|ن2 sdzDGei N4I#uEHy tgQ E@vK @asIp_(\f }s@d2J@A9y-~]ϊq2L@ie)o̒+2gԵ/e( Eijtf4m㴜 Ob6rl}ow:38[M 2=vJ`|aiA"ޥ<QaiYcDg>:±9&l?aY EfT]r~I0RW#T/) .wX&2ц4a@ WY9GX>dJl1--WC[7kѡVl#2S}9*p|i1wg/e\ JDFb:!/@ byÞ0<ӽ?9|\EyXHQDeKV k8f |t#kD晳 Y}URd,48 Ǚf|>/>SQP%=qnbAE>N^*CKM $%#[N\"{f'y+7PCgj,JVغViD!R*J"~ " O7@,Տ 8w*qO`sHASPgu6,@gZOKǞz^PDfik Ǧ0 E#F,,a~ 7=V➹G}XhəM;qjfmΞpnZkIP#Gtޯ~eHFZUUF6O͂9pL|[OyE.Wt.Nw^܀uן"g!/<)Rj0u7Ԕ04U8bPU65G'6 Gk\wAYv@>}yRd9i2{W{,(*egrWCQú(9&V]*_Anb"OW-t?zٗUTOD+)c#9%hlEݐq=[(*SRlcASH /2ן"ëEcM_`D_^J}8>>%BjlKkע;1|m۶mK3߳m۶m76 앳z~ժʽgFdFyjz61Ҭ(MvPP @{MEz..sii]6gfQg lkw?"ԎN9Oz5or=nɵSH u}&& g^- hWUp^Lg8'R@$W1(y7pi'y4+Φa_#zH6F40*!֑\.uLG] ^5:1p(ľ p{>& 7Du%9cl;71e"LVfoyVN`e249!֊8P'sBx׳蓡?d4e† ׼5 "G:Rex3NBmt&,q_ sȯXŕl<.j[00nX)Pe8BGR|.rd'$c4/7Ux.{VB6b Om+]rd1¼򱒇Ϙg!Lk!YȚdsc,I9$9V@>Lr<]wfl/CdzU-Ӫh{7iXa:)bQ=v;&9*ec:M  |&կJm9rbt23@݅ r׵fI#K(fmBw2%b2 S=LgcTMaD2VWLDNcH+dqeNW-ZAXt6 :5+{a$ㆁ̬͞eGḣU.`@а$9ٳ{S3tJױmiOzq[?ORwd9 znfo2Py#X;!Mf^˯{^]OcpE` d͏%= {0^ |-Q Yƴe3I-q%AaV56< gd2BeJ!QhZ]C]HH9|?x?=鉸/z̓(Գ:Iŷ^{cɏa,h4x(6#F ǵ@齀,BUsρR 9xZ\ 7Y^xFG3*UoZ>-(J$f:^c17\iekK};g0E{Q,J HS=TlxH6h?zP K4)N2-NŤ~Ez=7-&mM5KicEYg|8>ZEZG'DU\G>71#cae9kjU~+A22p6>xD h'sV@ /`2g!MCsHc -ɣلUH?K 5Yt#… !(kx=$lZi~eΫ|.d:IQEB!,bq>Rh5@E/G?A.SGOd,˚_{pm۶mKڶ| kۺ33#b"6"2==Hk/U=T3=㜕gѤ H4X+#i`O@@|8%m؋J]#yc[]+gis_9 `6q|U^tsSX>eU@e;\^]R0jZ+wu=nØ GqYE`e{m4cDV=vÎ -+Ӣʧ5rگa0~J05*weW7`Wžo6SO 8 BwAMg==??Ӟ/6$~8E;;(WҎ!bN;D-e$==ޛe. (CuOq{M^rlw(lE^,Vٓi-74!=t8(R -i3[l}GōW,V%9OaF؞M^ݭku$zW9z4,x ӿ-Tf^pv2 X$#ih㒹T7ѿ9OL͎aTTEʦ7MFJqpŤ> MԳ?曾? Q.b$lG<Ɲ2'|G'bݰp@^C^FEH0c.U'^rQ8w>*4ʠYf_JgbPtZo .8}~iW0C:.QvH\0(|onfq3RnpaY@#q`>Q~J<+!mXe2n٤AxmF ~OoO#y`\ܰQG,:y/g+\NpXi+gkN4o?岒Fn]:: ,GQ;'Po=Ew?ݦwJ{U N@M!ko&J!$%G%䏚#[%dT&a;뽊k{6l^>zo?ü$x 5.x;?w{O& i&rEIV:X+1G .D!I=xS룶3;zVP]: 0@n- _'tZ9dq }Q\')h8pf6p'JYpR)X5Ƴ3;HHGs70~>~7%Ç"FXNG]^Z}fV>x# \*.DG`\)Hs3pO#HfB&kP/Vw-ݍYk_@kZǻs qՓ1ZSC<7'ƶez5c!ئוivV'Qty }O\퐘g]_<~g'xZcvOV; &!Fvbx 9nG5ʔz۪" |5(U̖ܽ}X]ߨ>QMh ƎzFS>cPbUӎ2a(!V G3 ̨\RPLo5hw&/,_9 7 Y|`h)3e~?ͼq;+,{+şY%ˣ+\C)"Xh+QK4G1xLl8 1 ϋ_bZ(i>>jTI6VX)Ei7*7 ڍ-VUnNYeQ>S"cwRĸ_Ԣ~:J=P=w_WHF*gn3uߓQcpg8O j<ןu M=Cn-x|׮qx ^>_9Ǜ2__jxsf;a$Saq7hRܽfW J]Q>"Wq0UTh] 3%{hJT\*S48p*/#p,ZFK`QP(펾pҕDUks X$gj:ëMx|8Rlj}|͏=?%|ڨOqܼp-/OM_x_%+]0T9q$kny:aTicjcb,aać$67xaiTs*[،#.7ʐO!ΩKQ< UwKɌKPVj䖎pHx!ǔҔNY 腹|U|"I2&7Pc_ax_+ԳšU4uz.ҫ6||<£7(-k*UQ=y<+Lci0nNٴP9-\mfRiIA)$zI1%T k{$b˪%Js#*R(\8#3V\v-ruE) L$^㟮#|/|Q=رЍRI,g>z|~<|OB.:iuTUe4V3m@IdjMq N3K_ZLb7#_+`ô=UE6Wq@k߲()Fi^"Մ/BOJ!%K07"!,їt(_4!Dzoy/]=\AFE{\^˪r3<%*&GHH{ n?$@+:O[WeXkjwNJAn̊5S `$m ,g ?V0,J osW'JUyk݌[QU7gZw!٦I%tR~~'4>'D訖Bx?d0pˢ!_C5$ܨ44c3>z>ZhDL uc(P 5yP3E{IpWHYU.qq0a).:zo֨&`b)Cr}B֑aMs-0w]q$watj0Ҙ{Eb97g$*Ѓ2Uhھi(Z:}zW%،4Z?7! ņ={'~ЇHcC[&%/(Dn?Er>D}dbIݲ^UсX"n rWZ`؀sYo VNq/."˦3$M  gA($#WEa1A :.7NQ3R**0Qfe6*}`,]$~:DЌpqm&}KAWr|G,Vo)_?'ke]QBN c#$y:;,ཨU&ұ8ͽުVU9_Ȝfjl7Jp 8?Q~|΂[\`~@΢#,Jv=>$ 7vNRj9WDi%f.\ܻF!#3~מ=999'2Tr3p-|~oF~͍H 7$[aZO aծ/bANPUgUEץc1((_jXE\pE 1Ά1 jFq/(Zj aFWsf PRJ?ju]i;A4CP vPiڭ{΄/4V+1 @qѪu[Xg1)ד>Pf8#ysQmZ(3O+oS"_8v.@euުjE6BBOF>q:Men0xܽy82IC2ߑ{uu꼢.kS~t~GW{~}p\ͫM?[+뿾rLкYalZ(mECp\\m0]L)Q3TH.9yp\0 E=",r-2^o<1lJjz#&(iE"fܦ!6phGn\.8;?gNM;G顽CJUsc|Oxg-K۱MTRpP gxG?g.oW$! x-{mF !02sb>CV[Kg$GJ'+qj键vm¨*X/[:Aŷj1KPA4@YnGlq Ԇw^6x;r[/qjq귬^MzDF2zEJ~Ŗq1ūʫPnn?\ge oE{\TG]e%}>Vx}0PD 7W7!8BA\ЂNOg]CZ ^NjԒܤ!*v7ySa`9C>UMhpa}#T ~iT*Fs<)y}@;[vihGSXuMNz EӴ"*2e|A&9d۽2Mh㉿2%)y5t@o<> ڕE֠f2IEbRRn#BKVKBD%̪zZ9"|dr לDTVp}"ۦbcs*u 3Yt2 X۶mvim(im۶m|(Lc9ecRZW2)ZSrٔR.cp]J٧k\4C@*=j^Iُ~2*.֖WQ炣tF̜j]S$E=C?Q t~;qաglfj\^(1Z5C3. ȃM&U T[U&nCgnfeBM5%xbQ/RZ6Idc03K^, #₃pNBť,4@,6ll:ZIL 8K8ţ("i$.4hhuX[ayM55UkV@iEOr'=*2r7M@dk$\Wb3+vѲaF s;q=Hh Xv;l{.=ll.ckkruu+@7lf G| :7a:KD¸vʗdb"N&aiS.k2PumT %(G1̦qtr# NسFȅbxOͭso9{! 0*!uKlaL(8u֔XBmNR>fkQid>i(*?CQ,p R~H24i͒? CsaCf}+"HMB FIQyoqhc!#iwms [CABppᰏi81Axg=!Pׯzo:JX^FE˨EA$g2p9CHpW'>ņP!t>U Ɯַ OSᏆI=x?(WL"\R7T5)!B?>Ͱ I'ȿ@I.ca}c$ 8 v"Y6 E) CDe 7ͭ-,mE&`>EXZS}|C`&7Sad!#4F251Y֪""o~Q,2~_̨N"la& ڼq[ǡJthl8 qF+kTjFŘɬ0;Ҵm0f.)Oq`4']Woo uaI<2ҘN}tj .#hq|["9%b@ .ZjSۃA°yy-D.RٓA:`*H/'&Ę:S˲$ WPWոV3hps!ω>dAJ\IXLH$""ř\#1Lv%5SAe@g.r&.R$ɷIlg\>:]pAB*A%O7#! NJ* 4vEzի^uN@ cba4;'9a"`)ռG@QtQR/^;:y"I_g#_E$2BMH=Tc*%# y 5`XgCG֌bO$1 m Ur@38LP:e {=u{]p\{YfbxBEueư=1[f[IHZH xݼT0(ZZ+0- h+ʢtBQgsKOlNG-a8bZrBcL*I)8봴~&*9z}}[=,P? pYoK)ف/dqG#n33G]+Kh ZgD.L`n[5z;ug5[ݺUpo?}>O2E&yl|YXیYk]c ]uעrWk? 7`XTyme:|Bjq.*ORmtvsHٓ`8`W hK:IϘ@omJ/Sgea*j6k}oպS6ሤܻ٘{hJn ]JFp%xTK+zr{Juֱ{uDnDa[oC1/WDH9.?RT6!Th:RQ=fga6f&&yi{Y)S#ꀗb5͔`DF,ëFxn^{%a+y#u60za/n>5+g# vN?ߚQɪD ҂`.sm-:Ĩ)Õ9B0p7nuzENB=./bI_ `pߩa ;UGpl.};a`956 UPuQ iϝ<:%kA+AWo-r3O]`u60_X z]^w-nزXa-J۩H"t#!{S–pu!g3ԛfZgNjh =H~K^"ɅӞg7p" 1xh1=(lDi "׾ ͩ%Xs"%;Fyj06An9 DM6~'+ᘩjAؕ(Ϫ4 {ZdcAx۶b8@`/32~/*Q~z:=eЛh oVv¿OC[ R)zFE}aT"-u]us8Y/ka1ڢ̀nF~37]wma9{v,% Q++9E=j)S/V+JA`ZbSD\^@ OMLU}HrW 2qw!Ed9h6W%-{VvO{(WW2ڇm:Ņg{RhHd֨A^ylafzҪϬ!`=Zԩ⨸\>Y1'2bZ0فKj}o/qjXoQ"2֓[0n$ 竍r}wUЪco!م}OǾ4Yۨ]/ygIENDB`xca-RELEASE.2.2.1/img/key.xpm0000644000175000017500000002742313614632167015017 0ustar tewardteward/* XPM */ static char * key_xpm[] = { "64 64 222 2", " c None", ". c #F5F5F5", "+ c #F7F7F7", "@ c #FBFBFB", "# c #CBCBCB", "$ c #ECECEC", "% c #DADBDA", "& c #D5D6D5", "* c #F0F0F0", "= c #FAFAFA", "- c #C8C8C8", "; c #EBEBEB", "> c #F9F9F9", ", c #FDFDFD", "' c #D1D2D1", ") c #F6F6F6", "! c #FAFBFA", "~ c #C7C7C7", "{ c #E9E9E9", "] c #F4F4F4", "^ c #F8F8F8", "/ c #FCFCFC", "( c #E2E2E2", "_ c #BBBBBB", ": c #F1F1F1", "< c #F9FAF9", "[ c #F7F8F7", "} c #C5C5C5", "| c #E1E1E1", "1 c #DADADA", "2 c #DDDDDD", "3 c #D0D0D0", "4 c #CFCFCF", "5 c #F2F2F2", "6 c #F5F6F5", "7 c #C4C4C4", "8 c #F3F3F3", "9 c #DFDFDF", "0 c #DBDBDB", "a c #CCCCCC", "b c #CACACA", "c c #C2C3C2", "d c #DEDEDE", "e c #DCDCDC", "f c #C9C9C9", "g c #C1C1C1", "h c #E8E8E8", "i c #DCDDDC", "j c #D9D9D9", "k c #C0C0C0", "l c #E7E7E7", "m c #CDCDCD", "n c #EFEFEF", "o c #BFBFBF", "p c #E6E6E6", "q c #D8D8D8", "r c #EEEEEE", "s c #BEBEBE", "t c #E5E5E5", "u c #E0E0E0", "v c #E4E4E4", "w c #EAEAEA", "x c #EDEDED", "y c #D7D7D7", "z c #ECEDEC", "A c #BABABA", "B c #E3E3E3", "C c #D5D5D5", "D c #D6D6D6", "E c #AAAAAA", "F c #E4E5E4", "G c #C5C6C5", "H c #C8C9C8", "I c #E8E9E8", "J c #B9B9B9", "K c #EBECEB", "L c #EDEEED", "M c #D4D4D4", "N c #7B7B7B", "O c #D2D2D2", "P c #C2C2C2", "Q c #E6E7E6", "R c #E5E6E5", "S c #B8B9B8", "T c #EAEBEA", "U c #D2D3D2", "V c #8A8A8A", "W c #CCCDCC", "X c #D3D3D3", "Y c #E3E4E3", "Z c #B6B6B6", "` c #888888", " . c #DFE0DF", ".. c #BCBCBC", "+. c #C3C3C3", "@. c #F0F1F0", "#. c #E2E3E2", "$. c #E1E2E1", "%. c #B5B6B5", "&. c #D1D1D1", "*. c #D4D5D4", "=. c #C0C1C0", "-. c #E0E1E0", ";. c #B3B4B3", ">. c #868686", ",. c #C6C7C6", "'. c #DEDFDE", "). c #B3B3B3", "!. c #CECECE", "~. c #858585", "{. c #DDDEDD", "]. c #B2B3B2", "^. c #848484", "/. c #9B9B9B", "(. c #B0B1B0", "_. c #CACBCA", ":. c #838383", "<. c #D7D8D7", "[. c #AFB0AF", "}. c #C9CAC9", "|. c #ACAEAB", "1. c #9C9C9B", "2. c #9B9C9B", "3. c #BFC0BF", "4. c #ADAEAD", "5. c #828282", "6. c #878886", "7. c #6A6B69", "8. c #A0A09F", "9. c #D6D7D6", "0. c #AEAEAE", "a. c #8F908F", "b. c #DBDCDB", "c. c #C7C8C7", "d. c #BEBFBE", "e. c #ACACAC", "f. c #C6C6C6", "g. c #ABABAA", "h. c #888987", "i. c #9FA09E", "j. c #9C9C9C", "k. c #818181", "l. c #929391", "m. c #838382", "n. c #C4C5C4", "o. c #808080", "p. c #CACAC9", "q. c #B2B3B1", "r. c #CDCECD", "s. c #7E7E7E", "t. c #040404", "u. c #989897", "v. c #9B9C9A", "w. c #A9AAA9", "x. c #7F7F7F", "y. c #020202", "z. c #C2C2C1", "A. c #ABABAB", "B. c #7C7C7C", "C. c #797979", "D. c #787878", "E. c #B0B0B0", "F. c #8E8E8E", "G. c #979797", "H. c #BDBDBD", "I. c #767676", "J. c #606060", "K. c #626262", "L. c #656565", "M. c #737373", "N. c #747474", "O. c #959595", "P. c #696969", "Q. c #595959", "R. c #414141", "S. c #4E4E4E", "T. c #6D6D6D", "U. c #949494", "V. c #2F2F2F", "W. c #9A9A9A", "X. c #B7B7B7", "Y. c #727272", "Z. c #AFAFAF", "`. c #777777", " + c #3E3E3E", ".+ c #707070", "++ c #B4B4B4", "@+ c #4D4D4D", "#+ c #101010", "$+ c #939393", "%+ c #B8B8B8", "&+ c #5A5A5A", "*+ c #8D8D8D", "=+ c #666666", "-+ c #6C6C6C", ";+ c #515151", ">+ c #6B6B6B", ",+ c #5C5C5C", "'+ c #999999", ")+ c #464646", "!+ c #A8A8A8", "~+ c #5F5F5F", "{+ c #B5B5B5", "]+ c #7D7D7D", "^+ c #909090", "/+ c #494949", "(+ c #757575", "_+ c #9D9D9D", ":+ c #B1B1B1", "<+ c #A1A1A1", "[+ c #454545", "}+ c #8F8F8F", "|+ c #A6A6A6", "1+ c #A4A4A4", "2+ c #646464", "3+ c #A9A9A9", "4+ c #A3A3A3", "5+ c #717171", "6+ c #7A7A7A", "7+ c #505050", "8+ c #3F3F3F", "9+ c #2C2C2C", " ", " . + @ # $ . . ", " % & * . = @ - ; . > , , ", " ' ) ! > > ~ { ] ^ / , ( _ ", " : < [ [ } { ] ) = @ | 1 2 ", " $ 3 4 5 > ) 6 7 { 8 ) > = 9 0 ) 2 ", " $ a b ] > ] . c { 5 ] [ ^ 2 1 . ) d ", " e # f ] + 5 8 g h : 8 6 [ i j . . . d ", " 4 b 8 ) 5 : k l * 5 ] ) 0 j ] ] . . 9 ", " m 5 . * n o p * 5 8 . 1 q 8 ] ] . ) 9 ", " 1 8 r r s t n * : 8 j q 8 8 ] ] . . u ", " $ $ $ _ v r n * 5 j q 5 5 8 8 ] . 8 u ", " $ { w _ v x r r * y y : 5 5 8 ] ] 5 ) m ", " 0 z h h A B $ z x n C D : : 5 5 8 ] 5 ] : E ", " F G H 5 r I l J B $ K K L M D * : : : 8 8 : ] . # N ", " O P 5 n Q R S ( ; T w $ U D n * * : 5 5 : . ] m V ", " 2 W X 5 r F Y Z u w w { T ' C n n * * : 5 : ] . m ` ", " ...+.@.L #.$.%.9 { h l { &.*.r n n * : 5 : 8 ] m ` ", " =.=.: z -.u ;.9 h l p h 4 X x r r n * * * 5 8 m >. ", " ,.: K .'.).9 h Q F p !.X x x r n * * n 5 5 # ~. ", " n w {.i ].d l F B R W X $ x x r n n n : 5 # ^. ", " 1 /.h e % (.2 p Y #.Y _.O ; $ x r r * n * 5 a :. ", " a <.# t 0 j [.e t ( -.#.}.O ; ; $ x r r x * : a :. ", " |.1.2.3.r l 1 q 4.0 v | .-.H ' w ; ; x x r x n : # 5. ", " t w $ h t t t t p ( C 0 6.7.8.{ p <.9.0.0 v u d .,.&.{ w ; $ x r $ r * f :. ", " w ; | e y q q q q j j e u 2 q a.b.c.d.*.e.1 B 9 2 d f.&.{ { w ; $ x $ r * - 5. ", " $ ; 2 D D D y y y q q q q q j 1 1 j g.h.i.j.1 ( d b.2 } 3 h { { ; ; x ; x * f k. ", " n d M C C C 1 9 d l { | t v B 0 1 0 e 1 l.m.C | 9.1 b.n.3 l h { w ; $ ; x n - o. ", " d n q M M M 2 d w ( B ( { t | t v { | ( e 2 9 j e p.q.r.c 4 l l h { w ; ; x n ~ s.t. ", " $ M O X M t u ( d x u ( | p t u t l h ( { u 9 9 j u.v.w.4 p l l { w w $ x n } x.y. ", " x O O O 0 9 9 ; 2 | u { 9 B | l v ( { p l t $ ( u | z.A.q t p l h { w $ $ n } B.y. ", " $ M 3 &.C t 9 9 ( h 2 ( d w d | v t t ( { p h t n | | ( D 1 ( p h h { ; $ r } N y. ", " m 1 3 3 O M M X O y 0 l 2 | u t 2 t v p t B x t { l x | B u O 0 t h { w $ r +.C.y. ", " ( 4 4 4 4 X D q y C &.M v e | u l 9 v l v p t $ l { p { B v 1 M d h w $ n P D.y. ", " f.D !.!.4 D E.F.o.G.H.q &.M v e ( B v u p h v l l l B ; { B v p 4 q B $ n s I.y. ", " 4 m m m m 5.J.K.L.M.5.A.M &.D B d t B t ( l w p B 9 | t ; l t p D &.d r s N.y. ", " C a a 4 O.P.P.Q.R.S.T.U.P O X 9 v 9 t v p B w ( 9 u | ( p w p p B !.v _ N.y. ", " 4 # a P N.L. V.W.X X e ( v u h B p | d 9 u ( B w h p l h y X.Y.y. ", " W.b # # Z.`. +a X y t u v ( { u 2 9 u | ( t $ r l h { !..+y. ", " G.b b b ++@+ } M 2 v t | t u e d 9 u ( l ; w x h h { q #+ ", " W.f f b b X M d u v l 2 e 2 d u | B x ; $ x h { w | ", " $+- f f &.%+ s D C u | ( | 0 2 d 9 | v ; ; $ $ x h w ; w &+ ", " *+- - - - ( A | M y h | e 0 2 2 d u v ; h x $ x ; { w ; r =+ ", " ^.~ ~ ~ - a n l 1 v ; C C 9 d | 1 9 9 u 9 B h w $ { x r ; w ; $ l -+ ", " ;+b f.~ a - # 9 $ : ; 9 O X | 9 2 j d 2 9 9 t h h ; $ $ ; * w w $ x | >+ ", " a f.f.D M &.4 m 4 3 &.0 e 9 d j 2 d u 9 | l ; w { x $ r $ w $ x n !.,+ ", " b } f.b j C e j e y 9 ( d 1 q 0 d u 2 t v h w ; ; ; r r ; ; $ x : '+)+ ", " !+4 ~ - 3 1 q 2 0 9 1 B 1 y 0 d e 2 u p w p ; w $ $ x * ; $ x r p >. ", " ~+0 - f # q 1 j u 0 9 j y 0 d e 2 B v h h $ h $ x $ x ; ; x r 8 {+T. ", " M q f # X y e e u j D 0 e d 2 d p { p h w $ w x r w ; $ r * h V @+ ", " >.( C a m D j 2 e | y 2 d 0 u t t h { h ; ; x ; $ ; $ r n + !+]+ ", " 3 v O 4 3 D 1 d u 9 q 1 2 l t l l h ; w x $ w ; $ x r + ~ ^+/+ ", " (+( h y 3 O C q d u ( d v t l p { { w ; { { w ; x r + e O.`. ", " j.( w 2 X M D q 2 u t ( l p h h h { l h w ; x n > e '+` ", " {+9 { { j y q j 0 2 9 u ( B v t p h { ; $ 8 > - _+U. ", " :+0 ( 5 ; 2 1 e d 9 u ( B t p h { w : = n Z <+$+[+ ", " }+D D B ] . $ p v B B v h ; : + / 5 7 |+1+` ", " 2+H.3 !.C v : + @ / / = + r q Z A.3+4+5+ ", " .+A f f.+.P s s A {+).).E.Z.E 6+ ", " 7+5.!+.._ %+Z {+).4+5.&+ ", " 8+)+9+ ", " ", " ", " "}; xca-RELEASE.2.2.1/img/bigkey.png0000644000175000017500000000277013614632167015457 0ustar tewardtewardPNG  IHDR^QPLTE,-/!!#  HINkmtGHM$$&#$&56:lntbcg013$%&$$'569IILPRV##&124abfPQVIJMnns559 '(+ 668 tRNS@ߠpЁxr 'IDATxڅv@$l\60)[ 5={sqjZVժA45iW_+~*%9g"8 hNHѧ %fd\O%LZ0T U5MSɛSd"M9zc>jw/V#%%o)J`uFƥ ĆChڌD5d$glb)Bd`(Br||`ɂ"MGѫHѵ怍-4⼗zr2eS~3QvKVt^2N|x4Low|{,Sy~(3*X oK2സ ˿@Ʉs3OEVO0K+'{bas6x6)y~ya$Ng=tT0~:T93%EWRd֥~ J[gXE _IGv^.US jo[`=Nf#$la?5q$ ľ!+8c2k~hJ2mHߐg?)1O^WZ㻽*|=SQ9w3ws֓)w%1Ο0#DI qxtJTuCIdy7PȇI|Cq\8%:Z v__[H_moᄑ{GD>B%??Z`~*2v-[a'jB^>o@ƣ 0=4aCZ_xd'ZNR>kC`~C4^eR&rxBSl.G^ynh->`M98cV!pdvQS(;RPdT d2ڰ$a&#Ob[3T@Gݮŭ®*(+ni8 B:8;biVZ!Vikvׯ)c-;v0p.pWG?_wX8PL@t#U-HKAYc)B$D9Cj"ClhsVBg:`5JLjEFJ"i|ߐ旔{`^k:?ލm.elqpV_"*i-ӄOϺ=5Ҵ;[_).X ߻͌c9k 3w;V2/Vj_,U&IENDB`xca-RELEASE.2.2.1/img/reqkey.png0000644000175000017500000000327413614632167015505 0ustar tewardtewardPNG  IHDR(COIDATx`'jCw߶m۶m۶m۶mۜnk%9yWڳ!Oe{%su[-7.WQ߈f4rxǎz;&ᙡ,XPF-y`o7+8jQ:eM]j֌n#?\w1_ ;yf! H ~¥KJdo@YWyP`IKڣuD]~Ih2q{O=khL!| El_)}v+P%wPZ!iz%@l*ǯ8#&Qv޽' jU󊢞/N%#1QIId^կ_%ǔ);X:i԰3.>zgMuy=Q24JzYmT+fZ<PL~xEUE'`Y#Ij'Ȳ%Js<6.r+¨iR97o8k ZSd#"YO<Ξ=+!CZ T0 t_ hU>kx;=ySbl} !hQ\Svۖ .GP @8" RʃR^O[gTQ!/O۷XAgPZ$;v3S'_1(v&)ۭB^_z΂3~s֋* g(5dp|_J#ڂYVbqʕS/Q~pBAvOԩTm QDUǯ>}s3 o9۝*{<_(-)z>_;,G)w`M1OHHxs֍c_4*2ϷƟ&c)jdyr|<\PZ@JF|;cQseȘV hoG8 L>!axBϧa~aleqq,>dt3[yzH0'[_ELo(>IENDB`xca-RELEASE.2.2.1/img/bigcsr.png0000644000175000017500000004116013614632167015452 0ustar tewardtewardPNG  IHDR^fg[B7IDATx$km mv|mk6ӽmM2 ?((((B 1@Q>_{-CGs%s =hO?z؄Q͎鋳#8C14a[VJZK4[Iqa \ P}[<yi:eǮ mj͡t8[6 yi 0a>o`E=2&h'G9 WDG_?5'1!'7^ <@}[DGO^g(c )Rt͘qڃ|ͽ\ [92Yej/ӵo_qb:%aq*>#9< PZ(|r€y0= w߽q`5hm/, TB81.X c4 aNӲZLpڲm͹CR$~Je dVWwڜk۶m۶m۶m۶؍ʈUg쳴?ȎȬ:7 3:FK7³[%1'=Eq㍷/& :en8!pgU (ER>[SF* +.nꃶnuV06"Ztͤk*,L "PA81c'i n~WL ϼA睾kϾ{7KXu}N<낻7` ;e ]RCzv9ug "Hk#ĉ?8mᶎ^a҆.U s7ae+)4α8B!X $rk-Y"Bĉ[S `k% ()'qҎ,9R~y~2.aJÁbP5`6s[.c E0 ʝ=6)*- /?}v5 Jf1, ""#H@ꆗD`H4D1/Md2  9k8唛6J;R2ʱDs޴²_c CMXC A,GfBX`|"2p0$LRwb݈ڪM7^~l?āef2X}A9'Qk!""(k EZH2 blP(&L)S[lD̢fCFoѲ2=+ăo`%dĈp:1:MCbD"X1,3oʻ"lV̡,,!A`clvde3s9f@5B/$\}`a'%b@Bzi @$ i1!T 2(|6qFSN2u&'υ[zݡUt-ʴuaMO_uPWUx ZIE1" vch"e,t)) q ۠O#=S\psLU;j{ 7e19!kB INH~*SW%tCJ"1FeED٬XcB%$?gum8qfJXIA&?</⯈[6MˍLF:QK<(V]"IofW;eVe}e>:e|6mUz#u,]5@{HΟ!BE(BWq"1T YqC5iյ|>cT (7hVϿV:=} HrX`e.'E 0_<-w끽[HW@Ũ Rǟŋ!̮JH>DI$g %r$"fKbtzd( 3(& "nCਣn>[9} p IXEְ*Kf}l+b^'rcpuOf6w^XMM(p$AT9#CݭΛ깾_}$pXZZZoMŔ)}E5ѠA+PoLDAkggW^'"/ 0xD*-3FN! D`kÇ l]xbs k8M Xa!v1^kA|Ok* {Di*$xI*d`i^@0LdJhb3L,Jb)"hbXt8EbԽ>fW|Cߞk&if̳"Y|߭DŽRt(q\\zZ3U9:ubzz# ?E&;gwO>yuQ@m(ѩ?N}H.ʓnAE1aȰVZ R*{mr@䀸ɂE"4dկ@$+G+JQ`L>RHTFİ6!pHƙhO'G*G,M>S $/ =2֊UVFK.ϝv-Lܼ 2'ʝ"Мze{Hob!2s9r'uUզs̉\6N~T a.テӭk!K/P1Rl_H@6$yk3LA$I&rkXɯB>ToFR)tUnRؓP(DWY9^J=>ʡIDUkR8oO?= U!jj*Hj4JU5%aK}Fm=mɗwj[s3ֲ'p6/-E2 H$ŒV\|;ݯb&NDϣ2(OnJ1MJB'"hkJZUcH^Y+kF*k_}3k 4}z@a8 OXR"6P1ELpaNoҖV_HWǒ(6+ CҠT*#ƐɯI! 2CHB_&XrɹxO_W ep`Z̘Dr$y\_}}3[+O12K))4lfn=lAg4L c|?~sx街3+` [-gg6&@ blFa5R+PD#ҷ 2Tҭ o ^Et#fx ЯHA_JPBzֈW&]|W;7+4X($Sm?TRww'x$IVf;gv{\zzgNfgg?3,#1 BfLg }6ckjwYz;jgRkCECT.Dv ۾惊$OXeNsօq k; 0/(BHlXCًժZӊH5)6m8)Gw,Y)Il!1)0~ x ‚cm͸'C6M"6 =?\,Wg/q)"It3==wtX "3X[rSqfwF߆`8V5˩ ~ Ckk:L&c-,ѽ5{ C@71# SPee&1 cW}41a6PJ#lԨ)˗o>]□rGW}:63O)il x%>V.+}%U 1iYЯ\hd*Gw@?~|^^}}`Nv=mƭʒ%k]v<eױYym„ovvWϦ Xp|NH'? bQzSQ`$WFY0TՎ:XWM/DpR$mc\CPLݼp#K5*&pOGtBmr 'qGN|9" aStdyK2c"qMl={ }TJY&.fVYkbF!<.\mիsݑ#S*, r`_RR4JQѼyPD1c}wr/\qU8\E1ڶ*'46 v1 -Z99)SX*N zk(#0G1H("#`\UGD$h:S>rN(^8x FaQr$h\/ޔyޒ[~ɧm5.'1Ռt~Qc琸s5eSݒuJ!c<!ݧC6o}%`bdH(uUuZ>G֭T{pD_?K}m,$aO r9mۥBׂ Mمԫ 1idx^R<˙h$[o}E_XGNu(]uU`sz ( M'55E߰aㄛ8wuu-3|5,$N  Ŏh5Etkh8Ñp0b E(ӯDQ 1u8hn܄Ag{iA7QЅiI)LxWHϽ<]welIvvx^\6RC>YRl,.ĕ쩴6j:ɸi*bM&H6mڮL4ͽVaTGVM+ש%%Y~vn߾KݻK 9 Z@~ Xm͚MaY[jDS^~X.++ 9/7; !tQ9fCqiνJYY`{)y UV4:/CԱV8S|.-mLLLʜ"dD$^aM7 t 6 I0r1lr)t* v/EA(LF ~q+VlbԨ_b j, P3g=mټHͮug? ͚,.NN M!MB ¼[֡9O@k$OpFɐ0#2&zwmٲY'j۳ZQ qyL'}iJ?y @"N">ۊC<VC+VU؏:r&<\rn-Fg6¨{^i߹֯ߢ\Cڵ ;/Z }Ou 9r ŧ(0BO3=@cP"+B\ ܥ=Ą0|. qqy{*o+4 3@jLP\쌼}9X]'0w|1P?+{Qo~mzw< i5A6$aN-@,u]Y1.7Gew+㫪k+=mUՊJ (Kɸ57r=Pe8Uh! A@x2o߁c $#e]ogf$Ix +owŕ/%w[o8Z:f~֫gkhyML-E!{Me%s/`1H.8#@lD MBA? F:ɑ+mܶg^ȑ#kjD\5|߄XydZZu*`pX1@Ĉ":L@ 7,Gs`/od- r8@-eÃwzNIfp]@h:In FdvF7_wQϠ㗯jC=NLXlSB/.n @a|N"_8 ۷/ W./^ѪU`&Ӫײ )//'BVVVh7WkFN[n5n(l l !H\9ubL`(_ h @779&ąeLK~GG֒i}:ڣ|Ŷ VVs[H\n,4/rCff']n0.{],xD&gK! HicرK>}+??ry޼΂S{ Pƌy+a%Ezz^CgLv?CUIB5it2pD_G_] %%-C- ƘD&\+8`$8,-MG6|| TunӶY:=@:'Qyʓ/mO.7C{7}zyyueGDřY/Y~3;;ՙ.\2A"DMvŹSg:wxZjY|agxrȐ>5އ^z>t{~K/[xRm=Y&DM&ev=":FM."K@g={snX͝c7A~DcuͰM=BADPe = c +peY,(*[PQ Zﴪ[ @99aB:G)?Z1cR3~#OX 2F{㡿z0ailwIy~^6я,$gY(` Jr=.1&~ԩ,0`5&}^~ڻwҊ3g~lԨa OKOO[f}N3;uj#,D Xvv}^ A\"WS}tPƛޤ \ jtb؀f?':| ߇Q q `L}:Sf*tA)I&f |Fm+8q{ԗ0y^6L h1UE ÍD…Rb`ՂLO##lj~j]%bxStb|ΥgzŲe+W]5mۖl صkܬa<p <6e8R euulr{eiܸqR^~@K|w`]qť;,Xs"tN TH{iݺ1)lI!{ËuL>jûdl C qM E7DEq 7Ͻg&khZ`b:Q`ԋ.:&ѡh c24drvT>:rO> u=Fq$nٲM6J^yexp #P#}njyϛ_rGVu-Cr*D4Л;oZ?J}2͸x};Ou@K_СoxxЦSfY%'C 5Wȸlȩ66oj?~(LQ]-1kxpKc~:!KW]]S`;hGd10BsEzaϡ׹&7Π]zqȧq'HZwB:qTXQ+"H欸ޫW:?i2LЁ MQYpGБrEE>99Ioڴqx-*CA>q.rr/ή5 pÝY{~ꬬ 'O\l]`jYаaIعs=sO' |%zE3 rHMNv-v5~1[E$ p4fB 3Ʉgږ-{zO|}9Ʉ<n>$xȨB7';-Ի{k5֤mnD-FQl9r,am{$'O3w֠ iY?!VۧNŒ9 {+쓷o߭@Vm׮hEp > aVV6V+׺u /<' <ٳpy5P ԥKp*9W 2'9v/ZyدW{칤M*mBBN~ ~Ri:%rMPJUm]eaU b;\\ } t?NXv;ҥEŌ^L/;lpP܁`'*A9S f>ꍶ1 Dya{8V mڲW.GVہВ%3= 5<r7Ϲh}eF@3%&wvYn<:ulw/-Ϸ߰UήIPGP#GPu!Op#ڵkTٯzꩇqہw}6mڬ BUQQֺu:'w J2;,~2c'wgek`˖aI5Oq˄2k׽.!IB狀|jX.uз^y*hh1huT锠DbOfH\2*18K0bp5X9L8ey- ~*] i͟IO]y7ؾ鰣a)D f(aC>rt͎׎LǼ^98uGra˘x%Gcz%8.hzǭQPAB^g0[o BT1j+q1+"r*%v?~GxRކ> v%]pAϺx|/4 )zb՛[yjUEA+$(KF*Fgy*q=܃Am #`,h:fa۩$z+Ø"[ꓙRnUτ/@s("Dv܄Hbb.,2B?4oXdHJ,uCd~饧|֠Cꋮn`c5#vVl,WlL{T1>!q N~D7nw&4g\h5c- N 5VaUk,MlMP0  אτΌE| s(%XJ;sӵk Oj ; pkHVXh%l|vmTww<?(޵r&>e! Gc@,x BDf15fsk5z ΡYBD#Y[1>/^m2z/E=b쟜F=e7umڴM/4i:_zFF^T-ʘ- ϧQ< TH rs/PmcjʫcO|T`]㤤C&>îwBO=< E)`ք+ot1g?u@5|%kq]2ճm *9gH =bƟ0MSRD.Y9FtD07= Dz͢D=(>vlƝi?:^Z2,s.Gz@D#µ^Rϛޮ]qb,B ,n0&H}6 hѓjs\Sum~e"@z\˜R9·3f¼a/\Ӷ*Z:8c%ʨ)GMg6 :U8AܮU#~@!#=ɟ=Qٺu0e3MOak3领L!ߑI /j#tu=CHVCXA@Plj9~cҤN"7jc`f0㗪22={)CԠ6M.tLUMlZʟLߑGbr uգnڂS Sipۂ 9U^(?r?-{e%ztj=qNOw='[øۿoG{=䉱Pg:zB=Bc>mquZ/8Oڄ$֙U_RS@QF!1UI`@$q\lʐ YAÉ, >IHߠp n a'H ps,@X06cw׮gZn _܉1T3SSO}ip 1|&FYg W+oϜN@ dcRf@B;) *P؜6w33wo;m s3sb`]h6NxC$H𽉡$9GP(-=rff$iN]$SUUbN#kTdM||mMRH 84ڦ r!X @bU:r3852Hp2n4Ed#2ηu>~cVM"=Q8Ū\녀2X C[/ @֊JhaK ' s|f4UZJ V XE l٠?3ngƎeg>n4'NXB }s>q-FxBxy J}O]vy8PmD}/h4G$0((fai!A@ۺyֳ;|6n8^4*SrmHr"Q/>Eir eW]9Tse$Jn:}P{Dse[*>][e6q=))mFaLe%A#\ z!PVL2[޶m7{Ñ@Ǝ(:c Y 0@vg^potH@Cȝ()c09C!Qa sƺDe#NoCb#xqBM@N3ڤI!$WXd{ 1 S։)DXb@!Q(ŁHb9+zn3DBiElqH~+DVb!?n>\p9, &@?.׭.=ZQl@r0q2B>iVG1 I̚ גTmOƺDNȅ6*mΘm,I6Nm|׶mm۶mږ^s[_FdTyG:*LcB0x汐W 0w}w~3)&d0PnC96ֶ:|4MʀDmA)4.n]T jQOfMU!AEJ:C"՞f=/> ]ϞCFf&Tr տ xm;c#TW`jyYNox<ܜ$5U3 '$M#e5 Jk+Y^5)݈Z6qFLF% S SI9_,czT5콷\7sؕC-/$yUZbEl 5%O/Bˋ~󂈯ٿ4D$ڦa43E'~DVՅxn zVyGmMѶp(r­i:Ɋn@&bu3s8yW 4B߶XmOa"$m=u߯Ȋ.TU$.lD8p >Oϊƞ,5_0ZcEpezrR~jJUIAJxhDVݶK ,wg-OFٶ{GTӫV )uV~ʆYaw#YQ1ϵ a X9$]3&iJxOJ .+w;GOm %ƫX0$t7RJAZ2U peCvU uJRllUskBǣϏF=hQogi!j"U8:˜el@V+D*%-#.6+ᙗ٪85ED)Bt$1>j 5!`cp<-RJ˹MAphj[ގ9>g'ba>AUP׺YJ^ɖ*\۔uyR״-t_@Ƒk!mz Q|!BBJGf@֖]53sOմ)u>tt0=g$/4mx$%>|ի罶|G˯GT71FdZA9#"tJXjwssJ~u.W`s|HQYy\_z߆y]V%UuUVxD~JNb>.l-:mQ3hR{gמO&·Gq=sGKhңmw1YpA2۶lA~KRz _g i/PYb+H v-J׳(*ٙ}ll(9 ߔږYY}d[ m!>z7>_/CqlUY*%Xq rߩcA` +ύ]D7zz>wsI_:˳ =? ?MOO8_Wp<==={%erIENDB`xca-RELEASE.2.2.1/img/bigscard.png0000644000175000017500000002167513614632167015770 0ustar tewardtewardPNG  IHDR^̗tRNSS.!#rIDATxp,Yۃk۶m۶m۶s6'y}Nz3kk}_5!( ,C`mI X`DU?*X`k   TXXX+X+X13!&@E흈R+so|BElA~y/ *_JU*/ X w__zɦr2Cz3$]3{f⺫** {ŅFt$BA7!Qf 0 " ]ma+,UW{4cG}p6B^~JUD+ SZ8ӓIwP:ȭ6YWzU#i|.eҨ7\kȡʳI ȍ 7%b|/lS"6ZfJ#$eambȐv_o̸k/O̴r͑(uWkѨB`fO_t"G=g }g /ds]ČYS̟ؒ&(–˽ C9[H5 B֊0ayk4a?$CTأfk_f]7xEoB@UooEG613b}C_2(EJ cͅMfEPBlE8lQwo!+Zlʝo*,C P$]u'|'UrSIRk]آYk㉸--ޭr3r4)/qU^z1h"vBR@GCyG|_NwVRdrJU @B:Wd7G?gfILff>f&=ffffffff23|gb`y2_Tc>6TM/ՋTg 3PVUo,DyN ӓHSTUw`uiu=5=eNǞSp:spMh `).k-#htꑵ2eH6-K335_JH%CCN5WA$*:m.?mG_]4`KueYTƧ6^pA*S78UEQ4:f&ʵ30jXc,R5@dҪֺ JCRŏ54ˇ#j5%BJJ ^ 5H0`DS˅oF.n/Jٳg'6 4k"z#kذᮻܼ>`CUj;vVd")"+sT R@ʨ|,B<5 LZsZVLLQfFWo͝u_SSvj}3.|mf/dOٟ9Vkbr"HzMEKVAձDI MUh%V sëDKJ(JBP+a2oI}w}oqr)I"944trb*g###Z>b׮;w<\3믿kZt\Th Mf &a 40< !bn R Hdմ^wr:%K8"<<ʑ{O:dYu59]^;#\^|ToykX9:V` JЈ" ( B`+E ,P `#,@ X0KN-$uD[ (vtZuI+ >sᑓ91>pᔟʇ5̅-'q_Xh]l$3UUrխKc& S]{6PdSHC8s`|Qɴ=0IZ=-5%(*1-/QCb]C} ?T}}޽{|+qrz)y?+SN9u"[I6x5T]wWc_ q۳/PT6D,j!z{u*$B!`ehN 37^FK&F&e+jh%rޝg~ۻi~8Ot15{:>~!5~0;7zkn_ԹZP7̯7;/&ƄžJņ1 MY|a^ehP{-M0S`ÔU, ށɱ-W/ߟ?H䛽>ZwۚZK©(cP_$0MQ B b(D#WP!NT&$&ɴ,iPZ1F6*uVz ՜˝*[JQ*g猚ߐQsL17;~c5:,>*;(f'h5Uw@̔MUgN2&Q jhֿDPL͌G;֬^tl>nh;^ݶs^UܷoɌ#dG @ݷfSM~̇΢W4%\VBaH`zdxȜ&cJxCKF /ڭWߚgr=7;p՞5! AVzP kR,pF(XU>MECܦ)!,<7K ;C`5 ?\33$|g.'>=yDs_ NеlwEՂ+TJX(;iǦif$몆Ob,VQ(VY}Sch ej,ɷerz< Cʹ漻³Ϲ[ZT"ʨhf$DE)k,65 ($AQD`*`TPH`[J3?o{l6[گ"Ʀɳ\jlhi"X̛T>qC%v0}A@gShmlHd L"* JB*Hm GFG!EլE3蹡Xze 'lzF1tCu|w?'7Isӻq8:9ᙫԍ,5T9mlbcvH-E388x=%4G_@'G>V!Z5J n&F)i$|p#JJ:KNB @8x0>M;^xiˣ?iSO^>wޝKj?>|t[e00[+ /)`5h/skr*]w05@f@` cq>jT3s5#` kGy8%XK+/yU?lbNfAUS `Ts.5_#4p8!e(C#j>Y 6D`b)FX>K V1Z2ZY%ܲuwhfn9xgD)2UY2@M^^j֭Lj;t'2ǧ p&(3qc=U"'I#6,K''iPE: @h*@ D02fۚNtꩪ'*)*XVJ0 0L`M4 -uG*qJ(!>&yX֞[)Zty$fZeA,hM^4]~&&a"D LAP J&+{[wv֠Ԩ2ށ5NLt-$d/݅[b` H=+O:G2P|y~-7TrUސ7l5McxGxYtߣj=.]alzPYH CPEIX!t fFTL!*QP`1H  EmzϿSKDkCBZA%"&y񍣧v]!%ˣ=׭?TU/:k9oo5髬IfքpCElQW|{;uwrꉝ)iAFXI .Xc#O$ {M^=_y%@Y:V) 1@Nؽ{ _~hܯ}g|Bښү_~~FWBsϚt4T5Hw{'&'oNjF70__G\ryk$FXIoi[njHHm݇}=\>6!L5"Rʾs T5P5`f3_w}g|;]7o5[oYr$mo HǛ/$43E,&l rt7}g~Gi$! ]}=KV\/3t.jNOl޼wVj]?Ć':>Xj,ٿp[|egtо}fݓdoCr5qKط.9sIOYs].R$_?[oO.]sM@>G}_PY~]ǰ8}MS]ս7,>;UVY0۷7m;V?yQP{kY8RUQW=_֪nV^&07;>_QSֱ ])Ugg3m'% ogAWqj۶m۶9g3sγ8:8nو@D/:_0!AjzI( v?~$x S V`#"Fܤ[8BРkyJqX`xb[lHM:xlcRj]<ѨTW-Gȉ8נs$RO^\{lܒX삸4o[co0k`p̜rWk\'iESK4*UfMu u}5{.Aq$ROX孜.U6:&эXѱI*?+g)ޜ5\eAu kTb gxh 8r,)GR^AVYw[8nl=#J*5*U2;:sUWtmz|b^YDml}^0IJ>0~@Tw_gյMCG*Ftp\|Yfr!*U.;*/W]MH=A0begqRrث[TB]@QY˅ͬ<'jè&+6յ.=.3|e6kT4##ȞFJк"eK V+p+ zxbnVݞX^R'V@&V@ V@?tIENDB`xca-RELEASE.2.2.1/img/dialog.bmp0000644000175000017500000232251213614632167015437 0ustar tewardtewardBMJ |<    BGRsf%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%c#i' d"g"f#g& e(YTqQfH`Bf%f%f%f%f%f%f%f%k%cf$m,c' Z d+t="}cdJs7Zh) g) ]l* f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f"i) ]&h4uWmO^!b e(`%Z!_( _' W[AkQa?pOoNX:c-[!j*gNf%f%f%f%f%f%f%f%i&l, k+ e$c#d$e%g' b ^!mOuWh4]&i) f"f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h"e' wWlMT( W%a& e# k'b"pPkKjL]Dt8"^ k"n% g!l)_b& \!\Bf%f%f%f%f%f%f%f%b"h(e%d!j'n)i#j$e# a& W%T( lMwWe' h"f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%d"f"hq' k%f&W!], \CsZr:!U_& `( e+j0{\^?s:c%d$k' l& i h( f%i&g#m+_ [!aCf%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%m$f h$j* a#u<gHgHW%Z" [p+k%d!i*]#f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f"g!v0\e#l.j3oPP7[# f/Xk2P3_BpSe.c* a%b$f&j& l& k%g'd#g$e!h& a"j0[=f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i#i#e!f&_!a%t;v? w^l3f)^f$k* ` i*f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%t+i%]n2Y }D%|^j.Z" a(]$ lRqTI,f* a%W_#d( g) g%g#h$l& g'd#g$g#e#c$|B%I+f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h"k' e!f$f( [\ c* f& v\M3Wg+ h* e$l) f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%aj' b& TnPdGc' [_& l1{a{A$`$`$Vh* f( e' c%c#c!d"h$j& e%d#j'm) e#e& P3f0f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%g#l( e#e#l,d&a#j,da bEmOR\ l* f f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i$ h' Z"Ȕvk7Wb& m*J0|bc' [a#b$j- ` d$c#c!d"f$h& h& i%e%d#k( l( d"e& \?Z$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h$h& f$b e#h& e%d$q+e#XJ,be+e$h#f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%c' h.gk5Si1_#vZ_B^"j+b$m-e%a!h'h$j& l( k) i' g%f$f$g'c"j'f"b d% eH\&f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e#d"h& c!b k' h$bj'b!d&^"u;ȍsk.f& f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%b0Îsb)\!e(Yċqk2a"m.Rk+ g'a j) c"g!i#i%h$e#d"e#f&h( c"k( cd"b#dG^( f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%d$c!h& e#i%m) i#k%d%l, i( g%\^!‰pf.f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%iY' Y c# f$ ji2Y$ d% ]q1a!b!n-f%j'm$k%k%i%j& h& f&e%h( d#n+ e!h& `!^AZ$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h( d$f$e!k' l& dr) `&c$h%k%k& b" X rf%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%c!h$n% k!m( `$\*g|2f# b% f0fh2_&c%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i&g$f%d$e' a%^A`& f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%g&f%d#d#e$h'k* m, jZ$ d' e j$i#g'f)h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%q-_r.cd#b( w\h6^h(]"bh2c, c%`f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i&g$f%d$e' a%^A`& f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%g&f%e$d#e$g&j) k* h7sZ[n+cn+ b!e(h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%du/]j.X eHJ0]$ d)c(ch0l3Vj( m' f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i&g$f%d$e' a%^A`& f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e$e$e$f%g&h'Y$ |C)sYXd"f$j* b"h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%s) _i-W!{G)Y;f+b" Q}_k3c* c%g&j$l$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i&g$f%d$e' a%^A`& f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e$e$e$Y!i/cFA%e$b"d$h( h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h"b f-Y%|^b,a$ `Y;X:["b$c"q.\m(f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i&g$f%d$e' a%^A`& f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e$f%f%f%f%e$d#d#h* b$Zfc' `!o.`h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%l,h* Y z]s;]%Tl/sTc, e' j) g$c g'i*f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i&g$f%d$e' a%^A`& f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e$f%f%f%f%e$e$d#d#g']!w>tWf)Xi'h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%X"d-~B$Y<]!g+`' oTo6\_q+ g!j*`&`(f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i&g$f%d$e' a%^A`& f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i$d#e* VhKE+j*ah%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%Z) W!ʎpf% m*Y`FP5`"k) h"h n)`!]%[*f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i&g$f%d$e' a%^A`& f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e$e$f%f%g&g&o(d!i.Uf0z`c# g"h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%c* \o.m' f p)f!d!Q!`Ez=#k)e" h(u[X#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%o) an-d"` h) [>g+d#g&h'h%g$k%j$g!f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%g&h'g$g%e%w= eGW( a"fq*f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%`'c&f%h"k%j% f#k*\*nSg*]c!fMn3_( f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%g$l) `c#k-^W:`& c#e$d#b!d!g$j$j$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%d$j) bn* ` i-gIa/h)fj#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%`%g* b!e!l& i$ g& a"\>yC%]#i*h' sWb( Tf%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e"p-_c#e' P3}A$a' e%e%h'i( k( j'h%j$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%d$g&f#l( a]!P3R4a$j%e f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%c&e%g&j& h$g$ d% YoRa) [!b& aEA%a%b& f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%k( h'i( a!_!cF]#[!a!a!c#h'i( i&h%i&f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e(a!l+ e!h& a"e+qTY j*f#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e(c#k* i%g%a"]#}E(S6b& ^$n4pS\b!n-f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h'd#h( f( h,V9^$^& f) e(e%d$e$d#e$g$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e(b"k* cn* h% X]@s>)f'f% f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h( f%j'd j( [_' wYp0[c* cDo6c%j( d f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%d#f&^h* ZqTY!\$^!a$c&e%e%h'g&d#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_$e(b!i%l& j% e$h) iSa'a"f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f&g&i&d e%`$m7qS\g) `'mNW i-c!h"f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%g'f&^!]!f-pS^& `* _$g* g* `#c#i) k* e$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%]$f) `o) g!h#k( [nXl4`$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%d#e$k( h& ^f,{G)wH)h$h( _&gHc, Xn* m$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h( ^m0_#yZzB%]@[=`@\[!a%i& fu+Ym.b( b& gJL0f( _l, k* e$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h#f+]Pf%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%k( f#g&]g) jM]!`& Yb&g+ _#d( ^"a%f* d% c$a"a"b#b#c$c$e) [Zn2Q3dF`BU7\>lN]@Z=Y>ɔy^BS"[Bv>%[ d$ w6rVfJO1L/kN|`{:j' k*i( Y[k/{^c%e' f&g'e%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%k&ZfYf%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%k( g$h'_d&dG_#`& f&g' g' e%h( f&f&g' g&g&g&g&f%f%g&g&b"f&i) h( c#a!d$h( g& Zb& ]$ c.w[kpC(u]_# d+d+ge& l)bd,]%\&jLV9Yh' g$ b& f* }A$\>b$] e%d$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%k&\!aTf%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%g$j) g' c%\?e) ]#f$d"d"d"e#i' f$c!f#h%i&i&h%g$h%i&g%f$d"e#g%h& h& f$i( f' [!^' sA%|M2V)lg$ c% W pZ$d( i$ m$Z ^( P\-qSs;c"g"`& a%e) tVg) d'b"g'f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h#b' YLf%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%c!k,c(^"k- e%p. d![']k& h$_#a(e" k e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"j' d!e$e$l-\@h) _#e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"m# j" h% k+_Ef& bi# d b&ZAD*j$ o$ dd( B)gl$n'[$oRhd-j&j) f&jPf)]j) m)g&g&h'g&f%e$f%h'a(_&^%_&a(b) `'^%a$g* a&_$c(_&]$^%f#g% ]Of%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%o/T`%u2k!g"U#|_ȶƳɺȼ̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾ɻ̾̾´õɻ̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾ɼŸɻǹͿǺʾʽȻǵƴr)j#p(_( cHu,^'i&b!][Aa$ d% c"`b!f%h'f%f%h'g&e$h%h%i&i&h%h%h%i&i#h"d!g$i&e$d#g&g$f$ \Nf%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%d%^"n.dfa%~ƺƾ¹ĻŽżǾǿ¼оl&j&n'WmRr' [!e%c#g+\B^# g+d$h(g'h( f&b"b"g'h( f&l#n%p' o&l#k"m$p' s' j!k"o&n&l$i#k%g$e# [Mf%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%b$q-j!a `/!˫ѭeSk*d b% [$ \ e!`" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" a# a# Zd(d(S:a(^% `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" i$e$^" a'WA`&Yc$``&t^](^! `! dQ{ƴ]k(cg/iNjd*i)c%b& [B\# d( b$e%d$c#d$g' i) g' e%c#g#h$h$h$g#g#h$h$p* h"j& k' g%f$d"e#g$e# YKf%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%s6fm" j9)̾}E@W9d!k!o,e(d%j&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h$g%m+m+f&^;c%d&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&l%j%b"g*kIi*^j'v)[hEVq1_[Z>Y=\@dF_A[=]?cEdFaC\>aCaCfH]?Z<[=Y:kLg$e# [Mf%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%\(xP=̾X-f+g$YIm&q!n%d!f%f"h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" l$ h dh" e" bIg% f$ h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" m" h" d! d$ j,[Ch%h$ ri"_$ r\h+d(ZJ~Rf) s0qVa0r$ c#c' Z m5ÍvXAbInQZ!K.n)L _Tf%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%n( l) e"f#i( g&f&h( q#j& fb/o-ε˻пveX'Wg'n*af#b" [Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%c"g&a!i+ ^"dG_%_' f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%g$h& g%a!f* Yg,_E[>i2W!d+ g& f'_Jzɻ]# l"k'h( g f i.n̖}a*\"c' e%i)h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%a h'e%b$b&a' \?h0l'O#aVf%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%k( i&f#j) i( _a!d$p#oJt9*ϾΤlK;^& Zn. k'k'h%h' a! [Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h'i( ^d&\ R5y?"]%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%l+ d#f%e%j,c' [j.W9gG[, \%l-R^Iijd-l&j,Sa!K8qhj1[!a%d&f&a k+ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%`j) e%d&c' _%oRX l'qE(H=f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e"e$i( i( b"c#h+ g* p$\,S>I;a!f&g%m)bk'm* j* e& [Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%d#j) h( b$[l2\?^& f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h(e$e%g'b"e%f' ]\&sB"xXcDy:j+XC˹Kk0 Y&T5r^ʛsYd+ Wg+ Zg'd$k* c"f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h'k* b"a#]!b( mP\$n)mP_!f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i( g&g&_d$l/c&[\+RoGW6ya|N6K, ^!r2e%c#g'h'k) g%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h'h'c#c%^"w= T7^& dy\T f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i( d#f&a!h+ c&Rm2t`e3Ns* q$j& e#g$ e$` f%m* d"[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h'f%a!b$e) a' dGb* f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e&j+ a"k* i( g%f"j& s,Ye) ^d!f'[FƾSq0`&X9h,WX+ h(a!f&t3c"d"`o-f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%d#c"f&f( d( [>l2\$o* hK^ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h'` h( d$g* [m2؝}˻ʺͭ]$b" p* `%a)d" g% d$ g'f' c"f$m)[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h'b"f( ^"_%W:t<f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%`$e&f'i)b!k( e!l& n!m' j( e#n)[[F}^ il(}<M3p* _%k)b k(c#b!j( i' b f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%g&c"f&`"c' oRX^& O.S6]f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%q$m' wz! X&M'ժϹַʣ_*^t.^e(a(f(f(f(f(f(f(f(f(}WCe" n)h( `$b"h#f(f(f(f(f(f(f(f(f(f(f(f(f(f(f(f(f(f(f(f(f(f(f(f(e!h$g&`"f+Y"c/{Sc'a%f+a$i,f(m/i+f(f(f(f(f(f(f(f(n'm&o+a l*af!j$ f%f%f%f%f%f%f%f%h%e%b(e&k%e# [Eʻc h%g"^& _Dk!b&f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e%h( d$f' @$R6n1[z_i0 \ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%m, _&ir&\7!pYj5 [r(gi i&a"k k k k k k k k ™YHbii"i& l% n" k k k k k k k k k k k k k k k k k k k k k k k k ppo!h o'f!i'_Mp(k!h p'm!l! jr&k k k k k k k k c#e%c&b%c&f&k) j% f%f%f%f%f%f%f%f%h%e%b(e&k%e# [E˼e!i&h#_' `El"c'f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h( a!e%^qUk/Pi,aGe,a#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%Sa3m+]ӽv}k[4F](g,^#k6 Z,S)`&`&`&`&`&`&`&`&}[Lb(e&["X#[# b$ `&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&c# `" _# X_'\& W$ s@&WA]$Y Z!]$ c(Y^# `&`&`&`&`&`&`&`&]']'S f4W!`'h( c f%f%f%f%f%f%f%f%h%e%b(e&k%e# [E˼e!j'i$`( aFm#d(f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%a!d$g) B&Z=d( `# W=tA'b'g' f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%d-Q!e$b&μĴȰú˿ɹȷŮֹԴұвϲȼǻɽŸȻ̿ƹμʿϽ̹Կ`H[%^q- f%f%f%f%f%f%f%f%h%e%b(e&k%e# [E˼e!j'i$_' `Em#d(f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%j,b$Z}`b& \ ^# qW_)d%i' f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f% d*o$d! ³M \-o'o% gq'j#\i*^$e&e&e&e&e&e&e&e&[Mf$h! b c& g'l%e&e&e&e&e&e&e&e&e&e&e&e&e&e&e&e&e&e&e&e&e&e&e&e&g(i*l-e'd&i+e'd&U5O/ZZg*a#n0 `"e&e&e&e&e&e&e&e&T! P T)|T?c.c#l&f%f%f%f%f%f%f%f%h%e%b(e&k%e# [Eʻd h%g"^& _Dl"b&f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%`"c%t8iL]!b( ~C)Z@Z!g&j& f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h" k+ r!g! ƿe*c!i# cj$ e! d! d$ g'`! d$ d$ d$ d$ d$ d$ d$ d$ ZJ`! e" b#a' _#`d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ ` c# g% c!ad" c!b c(p\_# h,d%Xf&a! d$ d$ d$ d$ d$ d$ d$ d$ a& SQ" Ę\J^(a l%f%f%f%f%f%f%f%f%h%e%b(e&k%e# [Eɺc h%g"^& _Dk!b&f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_!i-tVg+b( c) qWa(^" j&j$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%^"p"j*ƾ˵g*n&f#o.p1^m-r0i'k&k(k(k(k(k(k(k(k([Fj$ n% f#c#g$o& k(k(k(k(k(k(k(k(k(k(k(k(k(k(k(k(k(k(k(k(k(k(k(k(h'l(j&j&n(l&m&n'e)\8F"a#f'i+m,h'k(k(k(k(k(k(k(k(n(e%Z$ ÓTBUg#s)f%f%f%f%f%f%f%f%h%e%b(e&k%e# [Eʻd i&h#^& _Dl"c'f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%`$x<X:Wa' yA$Z@`' d$ m&k"f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%\ a,h#`(Vn*e& `$_"_$ f(]k$j! e$e$e$e$e$e$e$e${ZBc$m* g)_(c&m* e$e$e$e$e$e$e$e$e$e$e$e$e$e$e$e$e$e$e$e$e$e$e$e$c# e" ae! j&g! h k" \ f*̐xc& c& b#a"c$e$e$e$e$e$e$e$e$r#m'`# ď{YH_%n* n!f%f%f%f%f%f%f%f%h%e%b(e&k%e# [E˼e!j'i$`( `Em#d(f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%c' gc* e+YkXa(d$ k$k"f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%d#f) r<^?Vb& al"f%e$c"g&i( e$c"c"f(j$b$ |[Dc% j$e'f%f%f%f%f%f%f%f%h%e%b(e&k%e# [Eɹl f%b%f% Z@i) f$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%c&e$f u-cg' \"]) x]e,b* ]#cFy;g' d$h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i( c&d+ vWt=`$l)l% k* f%g&i( d#a g&j) f(j$b$ |[Dc% j$e'f%f%f%f%f%f%f%f%h%e%b(e&k%e# [Eͽp g&c&e$]Ce%g%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h+ g&p* f r.` ^$_AK0c*\$m3qTk-h( f&h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%d$^!^#f-ŌmUj) bf%_e$i( c"c"g&g&f(j$b$ |[Dc% j$e'f%f%f%f%f%f%f%f%h%e%b(e&k%e# [Eͽr"e$d'd#cIb"k)f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%j* [l) cc!h) s9vX_& ^% Xfe& e%c#b h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%k+ ` d'b&{?!^Ah) d% f%b!e$d#e$h'e$c"f(j$b$ |[Dc% j$e'f%f%f%f%f%f%f%f%h%e%b(e&k%e# [Eʺp c"d'c"gMa!l*f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e$h'c!g' j+Wl^% _& a& eH{?"h) e%^n,h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%Yq1_a!c%jMT7Z"i( j) j) `e$k* d#h'f(j$b$ |[Dc% j$e'f%f%f%f%f%f%f%f%h%e%b(e&k%e# [Eɹod#d'c"bHa!h&f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%g#q/b"a%Xik0b' \!N4kNa"g& ]o-_h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%p0\j) d"p0]!rUk7d#a g&c"g&j) b!j) f(j$b$ |[Dc% j$e'f%f%f%f%f%f%f%f%h%e%b(e&k%e# [E˻og&d'd#Y?e%d"f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%n( Yk,`& pVI/We'q6qW`$h) e$j( ar.h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e(d#f#n( Yh,a+ e@!_a h'g&h'b!g&f(j$b$ |[Dc% j$e'f%f%f%f%f%f%f%f%h%e%b(e&k%e# [E˻m h'c&e$Q7r2f$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%l% _g+lr="]& \ o1ji,q2Tk*d"k' f"h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%c&e$k%g!p,Y[' Y+ |]q0b!i( c"f%e$f%f(j$b$ |[Dc% j$e'f%f%f%f%f%f%f%f%h%e%b(e&k%e# [Eʺig&a$g& N4~> m+f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%hj' ei2[& [# d(ib% \\m,d!c!j& g!h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%d6a]) a) e& c fs)h%m"]zaD^$h%b&f%f%f%f%f%f%f%f%h%e%b(e&k%e# [Eɼb g%['j$f _D`$b+^&a'c&a$j* l,c!_%a$o/b!f"q+dp& Y# jk3]& ^% Y!ŋnj0f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%X$p<eh.h) d#k( ]i%q' d$ {^@]#i&d(f%f%f%f%f%f%f%f%h%e%b(e&k%e# [E˾d"i'\(k%f _D`$^!h+ g*c#d$d"b g%m* f#]g'g) _!b& c' km5\% Wp7ƌol2b( f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i-\ f* Ɗm{?"`$_#j.e%ea# ~~W;^$n+ _ f%f%f%f%f%f%f%f%h%e%b(e&k%e# [E˾d"i'])l&h" aFb&l, e%h(i( e$k' n* d gk%k* c%Tk7mNz[n6Y ]$ {B(cf,Xa%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e!n,_]oQ`AR\%`"r,^" ucG`% al- f%f%f%f%f%f%f%f%h%e%b(e&k%e# [EȻa g%\(l&i# bGd( f!ej'l) e!f"j% d!m-a!Xt;~`pRV$W' _& a& `FkNSo3d&]f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%k%i#g#l,ZI*f[%_%\[" ]Da$ i#g&f%f%f%f%f%f%f%f%h%e%b(e&k%e# [Eɼb g%['j$g! _Da%k%q+ k%e!k) g$ a j) Y&h5yZjLZ"Ye*`% `% v\L/^"q3Qe(j* f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h"o, h'b"j- \!u<qPP3i)^%~}U$nV[C]f' a#k+ e%c"^f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f) b%g'` n.a j) f%Tt8 cLª]E^ n$ j& f%f%f%f%f%f%f%f%h%e%b(e&k%e# [EȻa g%\(l&i# cHe) `n.a#v<wZiNb0R"ht*f!h& mSqX_)X% f' f' g' _g&j) j) g$f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e%e%e%c&d'c(b'`%e$h'j) i( e$c"e$g&f%f%f%f%f%f%f%f%V"d( PŢ]Hl*\#`$d(d(b&a%d(c'`$u!ho) q) l!d `L{Ƚg%k&_(l$r(S6B#fKgLfLQ7g,[ a& b% W#h2gJrUw8am( ef%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%g&d#c"d$d$a$a$d'f%e$d#c"d#e$h'i( f%f%f%f%f%f%f%f%h*m' d(z]Jq6"]D_x8k+ c#c#d$c#f&n.k, ]&['[&a'^( ^D}Ƚ^ d!\(i#f H+O/_& S["g,^# ^!l/w: {][>t:d( b#f#i$ g"f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%j$e"f#j'i( f%e%i) j) h'g&h'i( h'f%c"f%f%f%f%f%f%f%f%q)kl'”XE]"m+["ZBlTgOC+e'c% c% [h&h*d+d%l%k' X>\!f'\+j) a\( c(`( a) a' _%z>!jMoSP4_' e+]#\ h' e"_j% f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%k%l& n( m) l( g%f$f$c"c"d#e$f%f%d#c"f%f%f%f%f%f%f%f%g r% g&w\HU# Y"U'S R \)yF2dPlX[G{H4_#]&]']dm(\Kvĸ]#g*O!b"h(X&Y#I,Z=mPhKH,o0e& a \ _#e) h* d$c!h& k) f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%eh"f"d c!f$g%d$g&h'g&e$d#d#f%i( f%f%f%f%f%f%f%f%f*i' PȰ“wt}›{̥Գ̲ӺնخͦTAlJe<`AgNbDbAM0i-]e& f% [`o,f( ]c#g' c#f&g%Zf%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%m*k( g$ c"c"d% e& c$e$f%h'i( h'g&g&g&f%f%f%f%f%f%f%f%`)f( V$ oZC[?dAZ>^B_C\@\@^B^B\@bQZH\HYFZIaV_$k, W&_f# X$h- a#d&g' d$f&l* h& ]f%j) j) f%d$e%f&h( f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e& ^^c' f* _%[!\"j) e$a b!f%i( g&d#f%f%f%f%f%f%f%f%`$aa'`L\#f$ _&c, VUa* c, X!W b+ i ba$ a! f! e$Ƹd$g$b.n( m'Z"`#j* h( f&g%f$h$j& m) e"j'e$b!e$f&e%f&f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%c' \"j0O2`C\?[=bDZ;G(p/d#d#g&g&d#f%f%f%f%f%f%f%f%n, j g$~[Ic r" m%i"o(q*m&k$n'o(l%j$b%^'`&h+ SԺzɾd"f!a*i!m# _%e$e%c#d"g%j& e!d j$l&g$i&g&c"h( k+ b%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%l"h"h& d'`&c)`&`&^ g'l)cd#i)j(h$UY# ^%^(i8(bSƸξڽ̯ʻʻ̯wcTl i g% `'Z%])d-`(f/e&d+ weN`x)k$f%f%f%f%f%f%f%f%e$e%h&[*l$i"̹ɾb"i&_(l$k! c' f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%j$s-f$c#g'b#b#f'p'`g&j,a%`# [ a& c$YB̠͵ǰWFl.Z&['`*X Zf'd#d! UY# Y# T_)L5w`ɓ|DZt}A+ilp#n% ]"l'^ș^H_m' b'f%f%f%f%f%f%f%f%e$e%h&[*l$i"̹ɾb"i&_(l$k! c' f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%d"l* e"j'm* e"l&k%j%h*c&ekj"qA/ѬcLq.bba& ^* c d!k&j#l#r'q$p#i$l'n)l'i$h#j%m(Y"j<+uc޽ƴwgj-gc* h" c" v]Gd( i+Z)f%f%f%f%f%f%f%f%e$e%h&[*l$i"̹ɾb"i&_(l$k! c' f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%d'a!d!k%k"i j$eY)l) r#e" cGҹįvg]'\& X& [' b) h(l$m g+d(d(d&d$e%h&j(c']!\ c'j. h,b&^"m!h i$_ p<+œʸ_0]! b&}XBf' ]b.f%f%f%f%f%f%f%f%e$e%h&[*l$i"̹ɾb"i&_(l$k! c' f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%d*a!h%k"n% n' c g'u WhOɬʲR7` o% bd!c$`$]#b$i(r-\#]$]$a( d( b&c' c' d+ _&]$^%^%["]$c* a%l. `al*Ta+r\ȗ\*^Ij'o%k)f%f%f%f%f%f%f%f%e$e%h&[*l$i"̹ɾb"i&_(l$k! c' f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%^$j+ k( j!p)c!Pa.m1%լ׾|ZCSb" |G,@f* i%m s q$j'^)T)h" j$ h" j$ j$ d!g$ e" f# f# h% k(h% d!e" j'j$c#f.c0\$j'{*{B}eɸ~ZHd%ln&f%f%f%f%f%f%f%f%e$e%h&[*l$i"̹ɾb"i&_(l$k! c' f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%]#k, g!j$aUnB*[Cxck jvcɲ[)tq&k+ `+ Y&["f!o$ j"n&ef f d!j'g$j$i#i#l&n( m' k%k%h. f$l"u#p g"`'V(k2Sb5 ñIJk9%n*`f%f%f%f%f%f%f%f%e$e%h&[*l$i"̹ɾb"i&_(l$k! c' f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%c)e&`t._p=#ͩƬ.TrUiD6ɚpja(b&f#j"k!i! d! b! d%j,e'd)d)`'d-]&d)e*d)b'`%`%a&b'g f#`$`& c* `$_e!n!t*Pvac*f%f%f%f%f%f%f%f%e$e%h&[*l$i"̹ɾb"i&_(l$k! c' f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%^'l#d#e%̽g&j#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%XGd" l, ]%]*c+c#e)h( p#i) wO<ǿks'Kęǫo<b"` p=-ɼi$jz)j#_%\'g't& f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%`"p0QȠ~Qg' h%\'o.`"r(t^ȵmUae$e%h&[*l$i"̹RA_?`9_A[C]A^?`BZ<]@cFR5k1[!a%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(l#d#e%̽g&j#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%ƕ~OAO) t/Q!{f,h#|B,ij^#fnh c" `# `# `# `# `# `# `# `# i"R/0a%c T(^ `# `# `# `# `# `# `# `# `# `# `# `# `# `# `# `# `# `# `# `# `# `# `# `# b"cb$xbT_!b c#T `'` e[g0'a=5^X"r%Y]'`%õyeKZ"k*f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%g)b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(l#d#e%̽g&j#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%zfPu(LE(q9&h#1) βԻ̶Ϸ̰аӵ˴˲ЮͮҷʮӹŮռ«ӹ˯ӳϲδӻϹʷнɶӺʰήаǰ˰˱кμɶĮѭMa' i&i!f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%g)b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(l#d#f&̽g&j#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%^Ede(̲fI]$ w!cTѯMk2U]( V* i'i'i'i'i'i'i'i'd^'g%j0[-p& [# i'i'i'i'i'i'i'i'i'i'i'i'i'i'i'i'i'i'i'i'i'i'i'i'b% d `'wdN^%cd' ^$d% d!m'^a&Q 軦j]O$aq/a! h(ֿp!j* V#X#m, l!Zl0ŧV% d&n&in# f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%g)b#g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&_(l#e$f&̽g&k$ g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&V:\$[K[%Z!i˾^)h' aq* e#f* `&`&`&`&`&`&`&`&n"y)hq~db#sg%`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&n% jct_Gajp' l#o#t$v% oj e" D+οT%y(ker˽sr/Vn0p$t+ d.ǨϼX0_"r(s(j#g$ g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&h%g)b#g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&_(l#e$f&;g&k$ g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&iMa' o;+^. l& vnf;*Uj* d$j,b(\#i!i!i!i!i!i!i!i![%q%W$Q/i-b& ]'i!i!i!i!i!i!i!i!i!i!i!i!i!i!i!i!i!i!i!i!i!i!i!i!Z$f( `+wbE^)f( \&l/ c$g([j* f+ _)W"~dY Z"r/k&Ƶ`% W#`- Z"b&Id<)^& k$u*_j.W! g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&h%g)b#g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&`)m$e$f&;h'k$ g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&[GxdѰ\']&rZ~F3`lz)m"h!:l!c+c+c+c+c+c+c+c+j( mo9f% ̱^M[$ n)c+c+c+c+c+c+c+c+c+c+c+c+c+c+c+c+c+c+c+c+c+c+c+c+i( l#c# }dHa!l#k* i"n'h#p+ g"d!k(n+ f.Xe+k# l l$ kr! q$] 乪i4\# `t. n(m- Z!^)g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&h%g)b#g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&`)m$e$g' ;h'k$ g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&_V|7&S0yJ/~[&g) p)dd* `- Vi)i&i&i&i&i&i&i&i&h,b(`+]!{M;述O& g* i&i&i&i&i&i&i&i&i&i&i&i&i&i&i&i&i&i&i&i&i&i&i&i&\#j) _'{}\B^& k*_&b$d) Ul3]%`(m3`$R {^S- Xv,ije(i%y5Mи~QDk%o, j*`!f']p0d$g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&h%g)b#g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&`)m$f%g' ;h'k$ g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&u{^" Q,ȷWD/f(m&r#i# ]$ U#g- l&g"g"g"g"g"g"g"g"h](q'f$ rķxC/i#g"g"g"g"g"g"g"g"g"g"g"g"g"g"g"g"g"g"g"g"g"g"g"g"f!l ` Ę]F` m! i$ n' d l* c#f&j*cn'e"fC)ԸO$l-kɺd'n*[!ɯǮbPt s*`f)c* Z!o/fu(g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&h%g)b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%er/Wq4`#e%i& dmRpN6[Mb!ae" f# b" b" c% b$ _! p+ g"g"k&i$i$l'k&|%c Z a!e+w^šN!l%k)]#^( Z!j'k um& j"h!l&e#h+ Z#Z&g&d#f%f%i( e$^o.e&h%a' zbD[!n+ f'e$e$e$e$e$e$e$e$W* b Ű[8c' Q&ѵi$ Z ʼ|gf c$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%l)`t4[]l+ g#i! pG0xL?mby/o+o+l+j)g(i*j+g*h%e"j'm* i&i&l)j'ei+e*u.d"R!j2!s)de&a&{B#[?[BV>vE+U#d-e+l.Xv4 o+o(m&m&m&q*r+ k$g m* k c!z`H`m"n+ k(k(k(k(k(k(k(k(f#amZΧs'd" ѻ`#ҶҰ_ ^* k&f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%b"d$b"i*r0 i$f n' ƴuG5R(ͤuTA]g! g! f" h$ g$ e" d! b" [#\$`( `( Z"Z"\$Z"c'b/a'l%h% X*—peKyQEͫ}ӲЪSKV!j+egi$g"e d` b f!b ]e! b(xaKa'c_ d$ d$ d$ d$ d$ d$ d$ d$ r'g)V6#Ͻf b õϩóÜͪg1o`'af%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%d'f(m.f%p,]j' g% N>Z!GM u)n$ k$ l% m& j% g"bc e)f*f*c'a%c'd(d(f# ` i w k!FckȰ_G^,\p(o! mM# Q(~S>̷긡c+h)n*a"b#b#i*h)b#f'h)k(e _!ybOa#`m*e&e&e&e&e&e&e&e&q$^X+ù>3]ofͻ_&jo& lf. f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%`#k- `k'^n0Z" e1ʷɯѹ͵̭ȾǽǽǽȾʿ̰γҽ޽ƺ¾ƾǼտ¼λн˸̹ϼ̹ʷ˸ɬپɱּ˳Թ̯թٻȴW r" k"z& _'f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%e%i( k&m* c%Y& yP:^e$Y" yXE~g(_#_'c+b,`*])^*\(W%d(c'b&d(h,d(`$c'a&_&a! a"Q)tI4p,P k(aq.bg$ g$ g#j'l+ [_+ zN7tTGX"\&d. ]'[%_)[%]'^% b! Y$x_KY$` `'`&`&`&`&`&`&`&`&X$\/Lc`RBI?eUDЩЭe/p["m* f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%g"f"p* d!^& wN8˻Ĵix(g! WBll'j" o'm'f d!j'j'd" h(g'd$g'h(a!b"o/ c* ^% e&g)pZ\?l"gp,Z%_7$xμνƵ~xs4&e o& k$ ` JCs+Wg m%f l$f g j#n g"|_Jd p! k$ k k k k k k k k u& L }NJkM2jq$N:rP@Ƶãh&Y%h#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%dm% i"b ybO?/{}+fg) y_rk b'^ c% a# Zf*E-ZA^EZIYHWFYH[JWFcR{jē||T# |! d&f/ |O*|_`0X p0}ӾyQ.a-e+^'Q"ΐrm/^ e' _!h* b$d&c#j" c% |]F]o'd$f(f(f(f(f(f(f(f(tqQ>L( u' c!cQ;]P@̲ɪk% c$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%^'l#d#e%̽g&j#p"p$j!i$d$j- \$_'\o)[ vbb1#kZy``" ^c-z^ɯͷʹʺ˻ξϿóǭ|reB[?YCZHf+c) k#\' >-~R;s#Z*a"u%W#[?z2!_) n)W)|0S'd$fl% k(f&d"f(j$b$ |[Dc% j$e'r) X!W m&k" Y#_,l*wqk*] al,h!i, O7lOAЮЩP#a%i%l"l) Y#_+_!t*f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%^'l#d#e%̽g&j#d$a k( l&q+ ak+ f) Y(Oܬߵd2X$ٴ˾Z>]#o+` W#X+MUW! V W! [%[%X" W! Y# ^" ^" ]! ]! `$ b&^" XM#i$ ^*r>-Ѽ`$]!m&b)ע~kU p' e-b%ii/ G}ŠwX"e"d) aҵrF/f&r+ k$ ^j* i'f(j$b$ |[Dc% j$e'Yt-g$Yp0i`' }^ŭ\:"h#r5'l+a#q* c#S^IñpM?ԯӬX#b#p& c_$a+g)j#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%^'l#d#e%̽g&j#\, ]'b"i#m$o) f$\J! ڹѭa+ a# tA-_@a( l&j#i&g& h u#q(n%n%o&o&o&p's* m%m%l$k#n&q)q)n&T$gi/Q@^ i( n#`# H c!j) c a$h& f"c'm5$˴`* c$m!j*{r[` l%k$ Zj* h&f(j$b$ |[Dc% j$e'e)ej#j-Zp-ֱS/Dp%VF^h*o( ^m1Mb6λl^άӪQm+bj( a$d'd&f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%^'l#d#e%̽g&j#V"i0d#i#i"`_$ j5ɷxK&c#l( xqc[:b) i$l$l(g$m#v! i'i'i'j(i'f$c!b g'g'f&e%e%f&g'f&]'v' YpjRk*`k _پb'g b's(e+]"l"an%Ժg1\"y a(eWze%h!s,f# i) l*f(j$b$ |[Dc% j$e'j!f'l, `]'Ʈ^( T"^*t' }P@l/_#k%k& e$k._) a5˹qɪqOq-Ys2f)Z f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%^'l#d#e%̽g&j#o/ Xf"n)a!Qg9!ubR' ]- g#f&ڽY=,»sD%Y h#k'e*[&a&ae%e%d$d$d$f&g' g' b& b& b& b& a%_#_#`$e+sf&q_{[o/p&e# ֻXr(_$t)d*^# s)ee^( ]#}$ ["oami) m&m& d! ^f$f(j$b$ |[Dc% j$e'k+h)]q3+ƿ}me"d!j,f+p XG] d(i& dej%] b-_4ͻygƦydf,p*d f&h0 f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%^'l#d#e%̽g&j#iy0m) ]#c0|N6gQe! s4^j* iIӵA" X>f* i#d"](Y,\, \%k# l$ k# i! i! k# k# j" g! f h" j$ j$ g! g! h" _%x% _O;ɰ\[ j#e(ʲn@/b d#f#`#k)g#a% ^MٷTj+ r& ^ħW@\k$eg$ g' i'f(j$b$ |[Dc% j$e'V-ay4*rf\$ k#n$m+Xv' |[Gb% h*^m, o) m' q.[X" j:"scаmX` l% g&_%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%^'l#d#e%̽g&j#u(f \#K}Q9NkVQ=e' g$q$u#o"h&ܨϾ׾¨}n{ZKRC|.TsUxXҗw|ɱ͸̨WFVA~B*X d.Z!c# Zj*l0y4+Ƕm2g&`%\*i(l" _!ġ^1T"c' i&m)l)^d( g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&h%g)b#g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&j"e'u+h) Ųȿe<3潮Kn' m+Ye" l6%tK.Y2Y%h*u5 ^ ]#W(f(h& c&c* d( f$e&e&e&e&e&e&e&e&e%e%e%e%e%e%e%e%f.e-c/Qc3 Q#[0 fbLL" U% ]*a) ^"i+ en+SXBǧf*a# _! __i&k'ar% eZ&ʨr\PydvŦӳۻ˯ҸѢ_) Ql_—a"k&g'p)e' d8'iXb _%`$i'i%k&j'a#g+g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&h%g)b#g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&to(ge*ͻrcea&` p f bTOP[' Sm) p& i ^n. f&㷰t90k o!h h#h mf#f#f#f#f#f#f#f#f!f!f!f!f!f!f!f!i"h#k(j) c#h) ]!^$a6-ثySCw8$e" n)[T{rϹH+c. X#^'h1 b+W \%l2e) ` V"ɰΣb&`'w%p!`j$ k(d#`%G8׶V* S$l[e"p)h% e gVĿ`4#d&u.u5 e"bo* g$b!k-a%g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&h%g)b#g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&y# e"i#R>Ķƻм÷ƶϺŬʸ˽κ͹Ѹӹ̵˵ʽʽʽʽʽʽʽʽζζζζζζζζƿľӽϾϽλDzʴӺ˱Ⱦƿĩ¼ǢӴѺgB(^h#fk$ o-k) g$ ]! T"xpL^/o*e(d$d+àk-u+h'Y'^w3l)h$i& b"e(c&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&h%g)b#g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&i! \( q8"Ϳ]*Ye h%h=*si"n&T+ d q&mk% [#b._#g!_@1左m-m)`# ]$ b% m)b(b(b(b(b(b(b(b(b$ b$ b$ b$ b$ b$ b$ b$ f$ j*a!Yl/b% Zb' f! h#c d! l)j'e" k)d$ _%S g7%V$Uj,_f&e']X\ _# \# i' s%XĝXBV# q* g%b"d o&^V'](i) |C#δq)S!nD'ľzin.p#p%^d/p. e$b!g'c# `!g(h*g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&h%g)b#g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&`)J$ˠúc!|+ i"}^ܾaFc# h"g)b*i( er) g'\(['f$y&F(l0j*a(_+^$b"k%k%k%k%k%k%k%k%k&k&k&k&k&k&k&k&e&f'c&p3^!h+ b(b(k'd"l, f'^$a+['Z(s.i(d(]&γ\$d'h)t*p&j#k%p*o+k'f%_)`k's]QlKBő_&['\(i+o* ^# [9!m%s#͈gog rTyRDf)g#b%a)j(k d$e$f(] a" g( _ h*g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&h%g)b#g&g&g&g&g&g&g&g&^'`(f) d$f%h%h$h$c(UDa0&h!e= Ӹ׳n;!Xv0em. ]#h'h'h'h'h'h'h'h'f&z}mW#m,` f.g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&\&v f/ ^+ ۿh"i'k%g&g&g&g&g&g&g&g&o'b+`#JDd@:R%¤˾k;)_%h$k"`% yj}uc(_) _<.Žï˾n-k* g&f%f%g&g&g&h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'j'i+c$g&g&g&g&g&g&g&g&i/ ] l, f%h%i&o/ b"y3,lKq#{H>ۺw_j>&\$ m*i#eh)b(h'h'h'h'h'h'h'h'b(qC+b!c$}(c)^"g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&_' u"b(W$νy7%d$ l(g&g&g&g&g&g&g&g&s* Y"h( pkdةfD'~XSyeg'a/[& ιmH4f)|J4ɶ˼;ÞN l+ j) g&f%g&h'h'g&h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'j'i+c$g&g&g&g&g&g&g&g&_ p0f n( g#_c' e-ШM$l% lK8e2Ham& k"m* a"e+h'h'h'h'h'h'h'h'h/\«_KO%sp-e' g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&d( t$b&X"~`M_"m)g&g&g&g&g&g&g&g&j#_%k+ ntm޿sԷm;5ܺҹ]*YAῢ`' SҪоxc_&l! i( h'g&h'h'i( h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'j'i+c$g&g&g&g&g&g&g&g&g$i$t+ p( e!p3CxY!]9sp^,]o,l% i p' k( f&c)h'h'h'h'h'h'h'h'd'd% VAα[,`& z% b&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&f% o&h(_( s\{["j)g&g&g&g&g&g&g&g&m' e+\]ET! ], r~mcȷfRQ+xYDQ"i%u%g&g&h'i( i( i( i( h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'j'i+c$h'h'h'h'h'h'h'h'r,g j!q* a V! tKf#ŸF4t/c$h)l- c#g'm+h"l& h'h'h'h'h'h'h'h'c$t- `&hѲpW+t"h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'r" ])o'_#m#͵_0e*g&g&g&g&g&g&g&g&p.Zi cI~ȵb)j i.]`)™Y7*aJQ m4aq)z5d$`$f%h'i( i( h'h'h'i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( j'i+c$h'h'h'h'h'h'h'h'k+ h%g#m/ S7UCR*b*ѽlc&f,b(_%f, b%`q+q' h'h'h'h'h'h'h'h'l% ^)w+d( h,l>&y'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h't" [)u+ c' q!Ӻb6e*g&g&g&g&g&g&g&g&`n.m$}\Bʴ]"t&\"b,R:տY'S)mi%k+ g(d(p3 ^j' k&g&h'j) i( h'g&h'i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( j'i+c$h'h'h'h'h'h'h'h'n$p/Z' \6$Ʊj:f!f$[)һUm&b(b(b(b(b(b(b(b(b(b(b(b(b(b(b(b(e,i+j'i&h) iOϵC+k%d!j+ a(b+g.h*j*d*d*d*d*d*d*d*d*e(e(e(e(e(e(e(e(e(e(e(e(e(e(e(e(u#i)\!k( f&ĒtgK]c)c)c)b(b(b(b(b(b$i$ f" \Eͳ`$ ~ ][<#ոT>y$pD-p.h'i( i( i( i( j) j) j) h'h'h'h'h'h'h'h'i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( j) j) j) j) j) j) j) j) j* j* j* j* j* j* j* j* j'j,d%h'h'h'h'h'h'h'h'r'b"T" ɦxȭ̬`1\x- m) MZ2\) o% o% o% o% o% o% o% o% o% o% o% o% o% o% o% o% V&\'c* h+]$ _0j'i& r/f$n-c h"m' p& p& p& p& p& p& p& p& j' j' j' j' j' j' j' j' j' j' j' j' j' j' j' j' ga* [' j-a({b}dg0p& p& o% o% o% o% n$ n$ c1^g aM|ѷR y#tB,Ӻ{e]$W3K7`)i( i( i( i( i( j) j) j) h'h'h'h'h'h'h'h'i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( j) j) j) j) j) j) j) j) j* j* j* j* j* j* j* j* k( j,d%h'h'h'h'h'h'h'h'q& g'oYdzU:&t[,g$ ky(l' K dzǬȾ¾Ҷſξƿý׽źĽỹΫӴѷ~κQ$d"Ī{fk R&ŧw\u$W!i( i( i( j) j) j) j) j) i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( j) j) j) j) j) j) j) j) j* j* j* j* j* j* j* j* k( k- e&h'h'h'h'h'h'h'h'm% b$ 嶠ҼζiPc,c"c{.t%i$ `/·fVz_J[E[E[E[E[E[E[E[EZDZDZDZDZDZDZDZD^DaGaH]GcNfQ[HhTmVdPWEcQfPT=_D[E[E[E[E[E[E[E[E^F^F^F^F^F^F^F^F^F^F^F^F^F^F^F^FV?cIcKdNYDiT}]J\F\F[E[E[E[EZDZD\G_I`M~WHbUʼU0ͳjei&ñѱn.i( e$j) j) j) j) j) k* k* k* i( i( i( i( i( i( i( i( j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j* j* j* j* j* j* j* j* l) k- e&h'h'h'h'h'h'h'h'f!e(`/R&Y.Ro.p'j+ap*d$`*Õxؽɟ|y}yâdzǞMi*ǟؾXn% a&l, j) j) j) k* k* k* k* k* j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) k* k* k* k* k* k* k* k* j* j* j* j* j* j* j* j* m* l. f'i( i( i( i( i( i( i( i( f'd) a) Re,n0bv, X"g- o2 [c" e(Y d-e)e)e)e)e)e)e)e)e)e)e)e)e)e)e)e)i+j,e'i+k+i)j*k+V/X1nF)a8S&a-`*h,h,h,h,h,h,h,h,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,h)k6 e*y0 g!_0 ̦Y,g+g+g+f*f*f*f*f*c % qtNZ l)q(j) j) j) j) j) j) j) j) o( o( o( o( o( o( o( o( o( o( o( o( o( o( o( o( `'Z( [#m# o)[-cLj) j) j) i( i( i( i( i( R, Z( f,sqR;Y-a# 峝Y*v& i&_ h"h/k* k* k* l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) k* k* k* k* k* k* k* k* k+ k+ k+ k+ k+ k+ k+ k+ n+ m/ g(i( i( i( i( i( i( i( i( e-p2 f"r& r% q' g!k* f$ l. b$l)q( r(k)g,j'j'j'j'j'j'j'j'k(k(k(k(k(k(k(k(}.fq+ l, k, `$h*f(u* c"T! qI7}ea&o,l)l)l)l)l)l)l)l)k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ i&j0 h'y% u# [#n{_m* m* l)l)l)l)k(k(s"wE'ɪĩj1f f.Ħf/d n' p j. _.r'k* k* k* l+ l+ l+ l+ m, l+ l+ l+ l+ l+ l+ l+ l+ j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) k* k* k* k* k* k* k* k* k+ k+ k+ k+ k+ k+ k+ k+ n+ m/ g(h(h(h(h(h(h(h(h(j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*i)i)i)h(h(h(h(h(h(h(h(h(h(h(h(h(i)i)i)i)i)i)i)i)r+ l&r._u?&ඟݽO5m%m)b"h)j- d) j,g) o% q( p( o' o* q. o- j(j*l, l, i)j*m- k+ g'k, f'i'y/ t"r(]Fd, _#e(c)^(d. n-w+olTf'b TD}gh(h(g'g'g'g'h(h(j) k* l+ m, m, m, m, m, k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k* k* k* k* k* j) j) j) k* k* k* k* k* k* k* k* l+ l+ l+ l+ l+ l+ l+ l+ o, n0 g(h(h(h(h(h(h(h(h(j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*i)i)i)i)h(h(h(h(h(h(h(h(h(h(h(h(i)i)i)i)i)i)i)i)o+i$q.p0T_.myW:Z/i.m& o#v- f&h/l) o, m- i)f(i+l. i.j*l, l, i)j*m- n. k+ l, j+ i+p, q* e& nF-īt+p2c,o1o&p*|oyh2]&O%zH2n"h(h(g'g'g'g'h(h(j) k* l+ m, m, m, m, m, l,l,l,l,l,l,l,l,l,l,l,l,l,l,l,l,l+ l+ l+ k* k* k* k* j) l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ o, n0 g(i)i)i)i)i)i)i)i)j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*i)i)i)i)h(h(h(h(i)i)i)i)i)i)i)i)i)i)i)i)i)i)i)i)d&j+d"g't4d+ b.R6e;$[# q/j#p*t/j- `#`#l0 q5j/f+j/l, m- m- k+ k+ m- n. m- j'g*f*h(m- [#N+h,s,t( q1w}m:*i#](dK׻Mk( x(h(h(h(g'g'h(h(h(k* k* l+ m, n-n-n-m, l,l,l,l,l,l,l,l,l,l,l,l,l,l,l,l,l, l, k+ k+ k+ k+ j* j* l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ o, n0 g(i)i)i)i)i)i)i)i)j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*i)i)i)i)h(h(h(i)i)i)i)i)i)i)i)j*j*j*j*j*j*j*j*c+q3 m.k'p, n. i) e* \${uN,T%s1s#h)r2r2g'd$l-q0 m,m- n. n. m- k+ k+ k+ k+ o, h+ g+i)o(j' X&ʳ_G[Gęf4b. ^-wC2ܳU:\t+l- Mi)h(h(g'g'h(h(i)k* l+ m, n-n-n-n-n-m-m-m-m-m-m-m-m-m-m-m-m-m-m-m-m-m-m-l, l, l, l, k+ k+ l+ l+ l+ l+ l+ l+ l+ l+ m, m, m, m, m, m, m, m, o, n0 g(i)i)i)i)i)i)i)i)j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*i)i)i)i)h(i)i)i)i)i)i)i)i)j*j*j*j*j*j*j*j*g0 `%f'p,m&k$n*l*x( k) qB#sѶnP! d,n* j'j'q+ u. s, q)q)l, l, l, m- m- l, k+ k+ q. h)j,s, oz(n'zgydh5[!e, |P3ͫgPw.w$l& b*Y"u:i)i)h(h(h(h(i)i)l+ l+ m, n-o.o.o.o.n.n.n.n.n.n.n.n.n.n.n.n.n.n.n.n.n.n.m-m-m-m-l, l, m, m, m, m, m, m, m, m, m, m, m, m, m, m, m, m, o, n0 g(i)i)i)i)i)i)i)i)j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*i)i)i)i)i)i)i)i)i)i)i)i)j*j*j*j*j*j*j*j*_'i/ s3s. o(n*o- l, v1 i#s, v4m5}@&m0e% j) l)j& n( v0l, j*j*m- o/ n. n. n. p)h(n0 x4s#x& i h(N* e1]i0uYªųna\,a*h) k) g&g(j*e#i)i)h(h(h(h(i)i)l+ m, n-o.o.o.o.o.n.n.n.n.n.n.n.n.n.n.n.n.n.n.n.n.m0m0l/l/l/l/k.k.n-n-n-n-n-n-n-n-m, m, m, m, m, m, m, m, o, n0 g(j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*i)i)i)i)j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*e, e) e%k( p-k+ g(i, i0 n. v- l q*d)\1|_̵ǰƗ~N6Y%b,j2`'t4n. j*l, o/ o/ n. o/ x+ n+ e+_%h)e& ])U,BkDӻɜP@^% _/ u"q2\0 X+l+ s%k#d'i)i)i)h(h(i)i)i)m, m, n-o.p/p/p/o.o/o/o/o/o/o/o/o/o/o/o/o/o/o/o/o/n1m0m0m0m0l/l/l/n-n-n-n-n-n-n-n-m, m, m, m, m, m, m, m, o, n0 g(j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*i)i)i)j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*b' g( j) k) k) j* g- f. h* j,b'k.m. e%p, v. @%^A,w`ӳ־ȰyaH?u5m- m- o/ n. m- m- -u0d/ ^/ b>_ĩٿxO8e2d0a)l+|4l.t. u+ l(f, e/i) q' j*i)i)h(h(i)i)j*m, m, n-o.p/p/p/p/o/o/o/o/o/o/o/o/o/o/o/o/o/o/o/o/n1n1n1m0m0m0m0m0n-n-n-n-n-n-n-n-m, m, m, m, m, m, m, m, o, n0 g(l)l)l)l)l)l)l)l)j*j*j*j*j*j*j*j*m* m* m* m* m* m* m* m* j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*l)l)l)l)l)l)l)l)j*j*j*j*k+ k+ k+ k+ m* m* n+ n+ n+ n+ o, o, s+ t.q.i) k.H(sRɔsó̼ͽ̼̼˻˾ȼɸ̧mZDb2k+k+k+l, l, m- m- n. o- o- o- o- n, m+k)k)i)i)h(h(i)i)j*k+ k+ l, m. o/p0n0n0n0n0n0n0n0n0n0n0n0n0n0n0n0n0n0n0n0n0n0n0n0n0n0n0n0q1p0p0o/n.n.m-m-m, m, m, m, m, m, n-n-p-n0 k,l)l)l)l)l)l)l)l)j*j*j*j*j*j*j*j*m* m* m* m* m* m* m* m* j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*l)l)l)l)l)l)l)l)j*j*j*k+ k+ k+ k+ k+ m* n+ n+ n+ n+ o, o, o, p* q+ p-l, h+ f+ g.h2c$i*m.k,h)h)i*i*c0_*b,c*b& k+ n-g$k+k+l, l, m- m- m- n. o- o- o- o- n, m+l*k)i)i)i)i)i)j*j*k+ k+ m- m. o/p0o1n0n0n0n0n0n0n0n0n0n0o1o1o1o1o1o1o1o1n0n0n0n0n0n0n0n0r2r2q1q1p0o/o/o/n-n-n-n-n-n-n-n-p-n0 k,l)l)l)l)l)l)l)l)j*j*j*j*j*j*j*j*m* m* m* m* m* m* m* m* j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*l)l)l)l)l)l)l)l)j*j*j*k+ k+ k+ k+ l, n+ n+ n+ n+ n+ o, o, o, s-n+ k( k* k.j/g, a(n-p/ q0 o.n-o.q0 q0 t,t- u, s+ t+u-u-u+k+l, l, l, m- n. n. n. p. p. p. p. o- n, m+l*j*j*i)i)j*j*k+ k+ l, m- n/ p0q1o1o1o1o1o1o1o1o1o1o1o1o1o1o1o1o1o1o1o1o1o1o1o1o1o1o1o1s3s3s3r2r2q1q1q1o/o/o/n.n.n.m-m-p-n0 j+l)l)l)l)l)l)l)l)j*j*j*j*j*j*j*j*m* m* m* m* m* m* m* m* j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*l)l)l)l)l)l)l)l)j*k+ k+ k+ k+ l, l, l, n+ n+ n+ n+ o, o, o, o, t1s0p0o/ n/ m0l/ l/ g2g2f1e0f1g2h3h3p, v2s2 p/ p2 k/g+h/l, l, l, m- m- n. n. o/ q/ q/ q/ q/ p. o- n, m+k+ k+ j*j*j*k+ l, l, m- n. o0q1r2p2p2o1o1o1o1o1o1o1o1o1p2p2p2p2p2p2p2p2p2p2p2p2p2p2p2p2q3q3q3q3p2p2p2p2r2r2q1p0p0o/n.n.p-n0 k,l)l)l)l)l)l)l)l)j*j*j*j*j*j*j*j*m* m* m* m* m* m* m* m* k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ m* m* m* m* m* m* m* m* k+ k+ k+ k+ l, l, l, l, n+ n+ n+ o, o, o, o, p- k(k+ m- n. n. n. n/ p1w0v/ u. w0w0w0w0w0r1u4n.g* g- d, b, j6l, m- m- n. n. o/ o/ o/ r0 r0 r0 r0 q/ p. o- n, l, k+ k+ k+ k+ l, m- m- n. o/ p1q1s3q3p2p2p2p2p2p2p2p2p2p2q3q3q3q3q3q3q3q3q3q3q3q3q3q3q3q3q3q3q3q3p2p2p2p2t4t4s3r2r2q1p0p0r/p2k,l)l)l)l)l)l)l)l)j*j*j*j*j*j*j*j*m* m* m* m* m* m* m* m* k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ m* m* m* m* m* m* m* m* k+ k+ k+ l, l, l, l, l, n+ o, o, o, o, p- p- p- s3q1n. m- n. q/ q/ q/ t+r) s*u,v-t+t+t+t+w.u,r,r.k) g$ m*m- m- m- n. o/ o/ o/ p0 s1s1s1s1r0 q/ p. o- l, l, l, l, l, m- m- n. n. p0p1r2s3r4q3q3q3q3q3q3q3q3q3q3r4r4r4r4r4r4r4r4r4r4r4r4r4r4r4r4o3o3o3o3o3o3o3o3s4s4r3r3r3q2q2q2u2r4m.l)l)l)l)l)l)l)l)j*j*j*j*j*j*j*j*m* m* m* m* m* m* m* m* k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ m* m* m* m* m* m* m* m* k+ k+ k+ l, l, l, l, m- o, o, o, o, o, p- p- p- l. l, n. p0 u3t2s/ p, j/i.j/l1l1j/j/l1v2 u1v/ v/ v/q* o' s+ m- n. n. n. o/ o/ p0 p0 t2t2t2t2s1r0 q/ p. m- m- l, l, l, m- n. n. o/ p0q2s3t4r4r4q3r4r4r4r4r4r4r4r4r4r4r4r4r4r4r4r4s5s5s5s5s5s5s5s5p4p4p4q5q5q5q5q5s4s4s4s4s4s4s4s4x5t6o0l)l)l)l)l)l)l)l)j*j*j*j*j*j*j*j*m* m* m* m* m* m* m* m* k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ m* m* m* m* m* m* m* m* k+ k+ l, l, l, l, m- m- o, o, o, o, p- p- p- p- m/ n0 o/ q/ q/ s/ t0 w0q1o/ p0 r2q1o/ p0 t4n8 j3l3n4 o3 m/n0r1 m- n. n. o/ o/ p0 p0 p0 t2u3t2t2s1r0 q/ p. m- m- m- m- m- m- n. o/ o/ p0q2s3t4r4r4r4r4r4r4r4r4r4r4r4s5s5s5s5s5s5s5s5s5s5s5s5s5s5s5s5r6r6r6r6r6r6s7s7s4s4t5t5t5t5t5t5z7v8p1l*l*l*l*k)k)k)k)m+m+m+m+m+m+l*l*m+m+m+m+m+m+m+m+m+m+m+m+m+m+m+m+m+m+m+m+m+m+m+m+n, n, n, n, n, n, n, n, o- o- o- o- o- o- o- o- p. p. p. p. p. q/ q/ q/ q/ q/ q/ r0 r0 r0 r0 s1s1s1s1s1t2t2t2t2s1u3v4u3r0 o- n, o- p/ p/ q0 q0 r1 s2 t3 t3 t3 u4v5v5v5u4t3 s2 r1 q0 n/ n/ m/ n0 o1 n3 r2s3s5t5u6s6s6s6t6t6t6t6t6t6t6t6r6r6r6r6r6r6r6r6r6r6r6r6r6r6r6r6s7s7s7s7s7s7s7s7q7q7q7q7q7q7q7q7n6o9q6"m+m+l*l*l*l*l*l*l*l*l*l*l*l*l*l*l*l*l*l*l*l*l*l*m+m+m+m+m+m+m+m+m+m+m+m+m+m+m+m+n, n, n, n, n, n, n, n, o- o- o- o- o- o- o- o- p. p. p. p. q/ q/ q/ q/ q/ q/ r0 r0 r0 r0 s1s1s1s1s1s1t2t2t2t2s1u3v4u3r0 p. o- o- p/ p/ q0 q0 r1 s2 t3 t3 t3 u4v5w6v5v5t3 t3 s2 r1 o0 o0 n0 o1 p2 o4 r2s3s5t5u6t7t7t7u7u7u7u7u7u7u7u7s7s7s7s7s7s7s7s7s7s7s7s7s7s7s7s7t8t8t8t8t8t8t8t8r8r8r8r8r8r8r8r8o7o9r7#m+m+m+m+m+m+m+m+j(j(k)k)l*l*l*m+k)k)k)k)k)k)k)k)m+m+m+m+m+m+m+m+n, n, n, n, n, n, n, n, n, n, n, n, n, n, n, n, o- o- o- o- o- o- o- o- p. p. p. p. q/ q/ q/ q/ r0 r0 r0 r0 s1s1s1s1s1s1t2t2t2t2u3u3t2u3v4v4s1q/ p. p. p/ p/ q0 r1 s2 s2 t3 t3 u4u4v5w6w6v5u4u4t3 s2 p1 p1 o1 p2 q3 p5t4t4t6v7v7u8u8u8u7u7u7u7u7u7u7u7t8t8t8t8t8t8t8t8t8t8t8t8t8t8t8t8t8t8t8t8t8t8t8t8r8r8r8r8r8r8r8r8p8p:r7#l*l*l*l*l*l*l*m+k)k)l*l*m+n, n, o- m+m+m+m+m+m+m+m+m+m+m+m+m+m+m+m+n, n, n, n, n, n, n, n, o- o- o- o- o- o- o- o- o- o- o- o- o- o- o- o- p. p. p. q/ q/ q/ q/ r0 r0 r0 s1s1s1s1t2t2t2t2t2t2u3u3u3u3u3v4v4v4u3s1r0 q/ p/ q0 q0 r1 s2 t3 t3 t3 u4v5w6x7x7w6v5v5u4u4r3 q2 q3 r4s5r7u5v6v8w8x9v9v9v9v8v8v8v8v8v8v8v8u9u9u9u9u9u9u9u9u9u9u9u9u9u9u9u9u9u9u9u9u9u9u9u9s9s9s9s9s9s9s9s9q9q;s8$k)k)k)l*l*l*m+m+n, n, n, o- p. p. q/ q/ o- o- o- o- o- o- o- o- n, n, n, n, n, n, n, n, n, n, n, n, n, n, n, n, o- o- o- o- o- o- o- o- p. p. p. p. p. p. p. p. p. q/ q/ q/ q/ r0 r0 r0 s1s1s1s1t2t2t2t2t2t2u3u3u3u3v4v4v4v4w5w5v4u3s1r0 q0 q0 q0 r1 s2 t3 t3 u4u4v5w6y8y8x7x7w6w6v5s4s4r4s5t6s8w7x8x:y:z;x;x;x;w9w9w9w9w9w9w9w9v:v:v:v:v:v:v:v:v:v:v:v:v:v:v:v:w;w;w;w;w;w;w;w;u;u;u;u;u;u;u;u;s;r<s8$k)l*l*m+m+n, n, n, p. p. q/ q/ r0 r0 r0 s1q/ q/ q/ q/ q/ q/ q/ q/ p. p. p. p. p. p. p. p. n, n, n, n, n, n, n, n, o- o- o- o- o- o- o- o- p. p. p. p. p. p. p. p. q/ q/ q/ q/ r0 r0 r0 r0 s1s1t2t2t2t2u3u3u3u3u3u3v4v4v4v4w5w5w5w5x6w5u3s1q0 q0 r1 r1 s2 t3 u4u4u4v5x7y8z9z9y8x7x7x7u6t5t6u7v8u:x8y9y;z;{<z=z=z=y;y;y;y;y;y;y;y;w;w;w;w;w;w;w;w;w;w;w;w;w;w;w;w;x<x<x<x<x<x<x<x<v<v<v<v<v<v<v<v<t<s=t9%n, n, n, o- p. p. q/ q/ r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 o- o- o- o- o- o- o- o- o- o- o- o- o- o- o- o- p. p. p. p. p. p. p. p. q/ q/ q/ q/ r0 r0 r0 r0 t2t2t2t2u3u3u3u3u3u3v4v4v4v4w5w5x6w5w5x6y7x6v4t2q0 q0 r1 s2 t3 t3 u4u4v5w6x7z9z9z9z9y8z9y8v7v7u7v8w9v;z:z:z<|=|={>{>{>z<z<z<z<z<z<z<z<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<v<v<v<v<v<v<v<v<u= t>t9%p. p. p. q/ r0 s1s1s1r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 s1s1s1s1s1s1s1s1o- o- o- o- o- o- o- o- o- o- o- o- o- o- o- o- p. p. p. p. p. p. p. p. q/ q/ q/ r0 r0 r0 r0 r0 t2t2t2t2u3u3u3u3u3v4v4v4v4w5w5w5x6w5w5x6y7y7w5t2q0 q0 r1 s2 t3 t3 u4u4v5w6y8z9{:{:z9z9z9z9w8v7u7w9x:w<z:{;{=|=}>{>{>{>{={={={={={={={=x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<y= y= y= y= y= y= y= y= w= w= w= w= w= w= w= w= v>!t>t9%s2 s2 s2 s2 s2 s2 s2 s2 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 q0 q0 q0 s2 s2 s2 s2 s2 s2 s2 s2 p2 p2 r3 t3 r1 s/ q-p*v2 r. p,p/ o.k,m.q2 j)s2 n-p/ s2 o.r1 t3 u7n0 q3 u7p2 n0 q3 p2 t3 t3 u4u4v5v5w6w6v5w6w6w6w6x7x7x7x7x7x7y8y8y8y8y8s2 r1 r1 r1 r1 s2 t3 t3 u4w6x7z9|;|;|;|;{9{9z8y7x6y7{9};}>}>~>|?}?!|@"}A#}A${?!{?!{?!z> z> y=y=y=y= y= z>!z>!z>!z>!z>!z>!u= u= u= u= u= u= u= u= w>$w>$w>$w>$w>$w>$w>$w>$y>$y>$y>$y>$y>$y>$y>$y>$t> vA x=)s2 s2 s2 s2 s2 s2 s2 s2 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 q0 q0 s2 s2 s2 s2 s2 s2 s2 s2 r4r3 o0 n/ q0 o.o+q-n*p,s/ s2 r1 n/ m.l-p/ r1 p/ q0 s2 q0 r1 r1 n/ l-l-n/ p1 q2 p1 n/ t3 t3 u4u4v5v5w6w6w6w6w6w6w6x7x7x7x7x7y8y8y8y8z9z9u4s2 r1 q0 r1 s2 t3 t3 v5w6x7z9{:|;}<}<|:|:{9z8x6y7{9};}>}>~?}@ ~A!}A#~B$~B$}A#}A#}A#|@"|@"{?!{?!z> {?"{?"{?"{?"{?"|@#|@#|@#v>!v>!v>!v>!v>!v>!v>!v>!w>$w>$w>$w>$w>$w>$w>$w>$y>$y>$y>$y>$y>$y>$y>$y>$t> vA x=)s2 s2 s2 s2 s2 s2 s2 s2 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r3 s4q2 t5y:u4o.s2 u3q/ m+k+o/ q3o1 k- n. l, o/ o/ n. n. j*h(o- t2u3s1u3u3s1t2t3 u4u4v5v5w6w6w6w6w6w6x7x7x7x7x7y8y8y8y8z9z9z9z9x7u4r1 q0 r1 t3 u4t3 w6w6x7y8z9{:}<~=}<}<}<{:y8y8{:|;|=~?@B"D$C%C%C%C%C%C%~B$~B$}A#}A#}A#}A$}A$}A$}A$}A$}A$}A$}A$w?"w?"w?"w?"w?"w?"w?"w?"x?%x?%x?%x?%x?%x?%x?%x?%z?%z?%z?%z?%z?%z?%z?%z?%v@"xC"y>*s2 s2 s2 s2 s2 s2 s2 s2 r1 r1 r1 r1 r1 r1 r1 r1 q0 q0 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 u4s4o0 r3 x9p1 g)l.i)m- r2q3l. h*i- o3o1 l. q3o1 m/ q3q3r4x6p. n, o- o- r0 t2t2u4u4u4v5v5w6w6x7x7x7x7x7x7y8y8y8z9z9z9z9z9{:{:{:{:x7s2 q0 r1 t3 u4u4w6w6w6x7y8{:}<~=~=>~=|;{:z9{:|;|>~@AD"F&G'G'E'F'F'F'~E&~E&}D%}D%|C$|B%|B%|B%|B%|B%|B%|B%|B%yA$yA$yA$yA$yA$yA$yA$yA$zA'zA'zA'zA'zA'zA'zA'zA'|A'|A'|A'|A'|A'|A'|A'|A'xB$yD#z?+s2 s2 s2 s2 s2 s2 s2 s2 r1 r1 r1 r1 r1 r1 r1 r1 q0 q0 q0 r1 r1 r1 s2 s2 r1 r1 r1 r1 r1 r1 r1 r1 t3 s2 l-n/ r4m2 k0 q6q2k, k, q2q4l/ i/ l2m0m0n1k. h+ i, m0r5x8k+ o/ y9t4r2t4p0u4u4v5v5w6w6x7x7x7x7x7y8y8y8y8y8z9{:{:{:{:|;|;|;~=z9v5s2 s2 t3 u4u4w6w6w6w6y8{:}<~=>>>~=|;{:|;}<{=}?CE#G%I)I)I)H)H)G(G(F'F'~E&~E&~D'~D'}C&}C&}C&|B%|B%|B%zB%zB%zB%zB%zB%zB%zB%zB%{B({B({B({B({B({B({B({B({B({B({B({B({B({B({B({B(zD&zE$z?+s2 s2 s2 s2 s2 s2 s2 s2 q0 q0 q0 q0 q0 q0 q0 q0 p/ q0 q0 q0 r1 s2 s2 s2 r1 r1 r1 r1 r1 r1 r1 r1 u1 s2 s2 q2 m2 j1 j1 g0 m. n1~A\:pMtQoLlI`=jGhEmJqNlInKoLV4{>m0l/ k. o2s6n1u4u4v5v5w6w6x7x7y8y8y8y8y8z9z9z9{:{:|;|;|;|;}<}<~=|;y8v5t3 s2 t3 u4v5v5w6x7y8{:|;}<>??>~=}<}<~={=}?BF"H&K(L)L,J+J+J+I*I*H)H)~G(~F)~F)}E(}E(|D'|D'{C&{C&|D'|D'|D'|D'|D'|D'|D'|D'|C)|C)|C)|C)|C)|C)|C)|C)|C)|C)|C)|C)|C)|C)|C)|C){E'|G&{@,s2 s2 s2 s2 s2 s2 s2 s2 q0 q0 q0 q0 q0 q0 q0 q0 p/ p/ q0 q0 r1 s2 s2 s2 s2 s2 s2 s2 s2 s2 s2 s2 w3v2 w6p2 h-n5u>o;rPqOeBJ'i1`(c+f0 i/ s9]#c)q7i/ m3k1~F#jG~[lIH%e- c+r:u4v5v5w6w6x7x7x7y8y8y8z9z9z9z9z9|;|;|;|;}<}<}<}<~=~=|;y8t3 r1 s2 u4u4v5w6x7z9{:{:|;~>@A@?~>?@|>}?BE!H$K(N+O,N/M.M.L-L-K,K,K,I,I,H+H+G*~F)~F)}E(}E(}E(}E(}E(}E(}E(}E(}E(}D*}D*}D*}D*}D*}D*}D*}D*|E*|E*|E*|E*|E*|E*|E*|E*}G)}H'|A-s2 s2 s2 s2 s2 s2 s2 s2 q0 q0 q0 q0 q0 q0 q0 q0 p/ p/ q0 q0 r1 s2 s2 t3 s2 s2 s2 s2 s2 s2 s2 s2 w1 r. t3 p2 q6U.wO|Ti, n4n4o5I&gDvSsPyVuRt<f. o7d, l4j2f2k7_+p<sO\U1f2v5v5v5w6w6x7x7x7y8y8y8z9z9z9z9{:|;|;|;}<}<}<}<~=}<>~=z9u4q0 s2 u4t3 u4w6y8z9{:{:{:~>?AA@?@A|>}?AD H$K(N+P-P1P1P1O0N/N/N/M.K.K.J-J-I,H+H+G*~F)~F)~F)~F)~F)~F)~F)~F)~E+~E+~E+~E+~E+~E+~E+~E+}F+}F+}F+}F+}F+}F+}F+}F+~H*~I(|A-t3 t3 s2 s2 s2 s2 s2 s2 p/ p/ p/ q0 q0 r1 r1 r1 u4u4v5w6y8z9{:{:y7y7{:x7u4 ?q/{:y0x5e, |L*|WrMb3 g6T0vRkFuP]6i+u6q2 o5mIp5r4p2 r1 s1t2 m- s3u5p0 n0 BeA^zJ(e/{<w3x2 =t6 t;y8z9{:|;}<}<|;|;}<}<}<~=~=>>>?>??z9s2 r1 v5u4 v5x7y8z9{:|;|;}=~>@BBA@?~=?CDG!J&O+R.S2S2R3Q2Q2P3P3P3M3L2L2K1J0H.H.G-G-G-G-F,F,F,~E+~E+F,F,F,~E+~E+~E+~E+~E+H/H/H/H/H/H/H/H/{I-{J*H5t3 t3 s2 s2 r1 r1 s2 s2 q0 r1 s2 t3 u4v5v5w6x7x7y8y8z9{:|;|;x6Bq0 @|;u4 ?w7t1@!cxVl?`0 uPxSY5~H%`)f,q6n/ t3 m,k1 iEm2 q3 q3 u4 v4 y7s1s3u5s3o1 o1 q5u9iHbr5v6}<r1 Et6 y8z9{:|;}<}<|;|;}<}<~=~=>>???>?@|;u4s2 u4w6x7x7x7x7y8z9|;}=~>@BBBAA@@BDEI#N*R.T3T3T3T5T5R5R5Q4O5O5N4M3L2K1J0I/I/I/I/H.H.G-G-G-H.H.H.G-G-G-G-G-H/H/H/H/H/H/H/H/|J.|K+I6t3 s2 r1 r1 r1 r1 s2 t3 u4u4v5x7y8z9{:|;{:{:{:|;|;}<}<}<~=?~=|={<{=r5 |?P0ȏo{F%h6uQcI%{=w=h. i- l.o0 t3 t1 y4 i/ gCl1 p2 q3 u4 w5 y7s2 s2 t3 u6w8u7q3 l.A}@ÉeJ&l1 Dt3 =z9z9{:|;}<}<}<}<~=~=~=>>??@??@A>y8t3 s2 w6x7y8x7w6w6y8{:|<~>@BCCCCBBBBCG!M'Q-T1T4V6X7X9W8U8U7S8S8R7Q6P5O4N3N3M2M2L1L1K0K0J/J/K0K0K0K0K0J/J/J/I0I0I0I0I0I0I0I0}K/}L,I6s2 r1 r1 r1 r1 t3 u4w6y8y8z9{:|;}<}<~=}<}<}<}<}<}<}<}<?z9A|=|>y>x<iEch5O+`iEx:~?{7z:m- u6w6u1 z5v1 w2 l2jFn3 q3 p2 s2 t2 v4 t3 t3 s2 q2 r3 t5v8y;n*w7t:\_7p5?9{:{:|;}<}<}<~=~=>>>??@@A@@ABA~=x7t3 u4 w6y8x7w6w6y8{:|<}=?ACDEEEDCABEK%P)S0U2X8Z:\;[fCxUl?T0gT0u7E{7H#F x7p,p-n+q.y4 t/n4lHo4 r4p2 r1 s1t2 w4 y6x7v5s2 p2 r4 t6?u4l1 r>X]9v6~:}<}<}<}<~=~=>>??@@AAAB@ABCCA}<w6s2 u4 x7y8y8y8z9{:|<}=?ACDEFHGDBBEI!M&P.S1X5\<_>_>^>]=X=X=Wp5z@cBnMvC#wG#͙uE!s3DCD~=@=t3 v5t3 p0y9t4 m3kGn3 r4q3 t3 u3 w5 v3 w4 y6x7y8w9v8u7q.}<}@l1 t:{WZ8x9~=~=~=~=>?@@@@AABBBCBCCCDEA~=t3 u4 v5x7z9{:{:{:|<}=~>@BDEFIIHEEEGJ"N*R.V4\9_>a@b@aA\A\A[@Z?Y>X=W?F!>G~CD@q3 p2 u7t8t9 p5l2jFo4 r4r4 u4 w5 y7z5 y4 v4 v4 u5 v6 v6 t6 As5 y8Bt4{>|YW6??>>?@ABAAABBCCCCEECDG!G!Dz9w6u4 v5x7{:|;{:}=}=~>?ACDEJJJIGFEFJ'O+T0Z7`Y=X?>~=}<~=~=~=>>??@>>>>>???>Dp3 Z6g{H(tB$ə}s>C?A;D}B|FBEBs6o5 m3 h1r;n4lHp5s5r4 u4 w5 x6 y4 {6z8z8w7w7z:|<v=w9x5}7>u6wA m@????@BCAABBCCDDCF ECDH"J$H">z9t3 s2 w6{:|;|;}=}=~>?@BCDJKKKIFEDH%L)R.Y6_;c?eCfDdHdHcGbFaE`D_C^B\@\@[?Z>Y=W;V:V:U9U9U9T8T8T8T8S7R8R8R8R8R8R8R8R8S7R2M:????????????????????????~=Dw?b{F!u@ʒoz@CCCDDEEEI"G C|9s0 x5{8s0 iHu@t9p3x7 u4r3w7v6 v6 v6 w7w7x8x8x8|<|<|<|<}=}=}=}=ml:~F~@CGBADDDEEFFFGGHHHHHI G <w4 x5|9|9|9~;}=~>?@ACDDFGI K"K"I GFIJN$V.\8_V=V=V=UCCDDEEFF@G H!}:o,t1 z7v3 eDp9s6r3{8 z7 x7 x8w7w7x8x8y9y9z:z:|<|<|<}=}=~>~>~>eEuQo7KC>E >EEEFFGGGHHHHI I I I I"D=z7y6{8~;~;}=~>?@ACDDFGI K"K"J!I HJIL"S+Z3]:aAgFgMgMgMgMgMfLdKcJbHbHaG_E^D]C\B[AX?X?X?X?W>W>V=V=V=V=U~>???s@`J!HDBI"DFFGGHHI I I I J!J!J!J!K"K"K$M&H!}<u4 w6|;|;}=}=~>@ABCDEGI K"L#L#K"J!KHJ N&T-Y5`=gDhLiMkOkOkOiOhNhNfLeKdJcIbHaG`F_E]C\B\B[A[AZ@Z@Z@Z@Z@Y?X>X>X>Y?Y?[:U?UICCCCCCCCCCCCCCCCCCCCCCCCz>}YZ5wBc~G DDEEEFFGGHM&H!H!J#Bv5r1 t3 rSt:u6y4 y4 z5 :|7y9y9y9z:z:{;{;|<}=~>~>?@@AAvAW2~W}@DJ#EI"HHI I J!J!K"K"K"K"K"L#L#L#L#L#M&Q*P)Dy8v5y8|;}=}=~>?ABCDEFI K"M$M$M$M$L IGJ"O'U.^7gBiIlLmOoSnRlRkQjSjPiOhNgMeKdJcIcI_E_E_E^D]C]C\B\B\B\B[AZ@Z@Z@[A[A^=XBXLCCCCCCCCCCCCCCCCCCCCCCCCN+`yD^9tL{CGBFFGGHHHI J"J"L$M%I!~@y;z<oPq8w9>=~:;y6x8y9y9z:z:{;{;{;~>??@ABCCM&r9ƍfM&G J"BGJ!J!J!K"K"L#L#M$M$M$M$N%N%N%N%N%P(Q)S+O'Cv8t6y;|<}=~>?ABCCDFHK"M$N%N%O&M$J!HJ K#P(Z1c:iEkJpPqSqUnTmUnVmSlRkQjPiOgMfLfLbHbHaGaG`F_E^D^D^D]C]C\B\B\B\B\B`?\F[ODDDDDDDDDDDDDDDDDDDDDDDDlL_>t>e}I!I!I CGGHHI I I J!FL$L$L$R*P(~@n0kMk6m3t6x8v6 w9y:y9y9y9z:z:{;{;|<?@@ACDDEFBc?mJK'EI JK"K"L#L#M$M$N%N%O&O&O&O&P'P'P'P'Q)P(S+U-N&Ax:x:|<}=~>?@BCCDFHJ!L#N%O&O&O&M$K"K"L"M#V+^3d?iDoNrRrVqVpXpZqVqVpUoTmRlQkPkPfLfLeKdJcIbHaGaG`F_E_E^D^D^D^D_EbA_I^RFFFFFFFFEEEEEEEEEEEEEEEE~_}G&T0ZyB}CL GHHHI I J!J!J!M%N&I!I!O'M%DBz[vF$s>t<z>s7 r7x?z:z:{;{;|<|<}=}=@@ABDEFF?M%|BbI&G O#NL#L#L#M$M$N%N%N%P'P'P'Q(Q(Q(Q(R)S+Q)S+V.V.N&Bv9|<|<}=?@ABCEFGI K"M$N%O&P)O(O&O&N!LQ$X)^6e=lHrRsWtYs]u^uZuZtYsXqVpUoTnSjPjPiOhNgMeKeKdJcIbHbHaGaGaGaGaGdCaK`TGGGGGGGGGGGGGGGGGGGGGGGG}^zD%^yE M&FIKHHI I J!J!K"K"N&L$K#O'N&N&mEךrheDqKzQzO\1u>n7|<|<|<}=}=~>~>~>@ABCDEFGGED"fyC"M&IKL#L#L#M$N%N%N%O&Q(Q(Q(Q(R)R)R)R)T,T,S+U-Z2X0J"v9|<|<}=?@ABCEFGI K"M$N%N%Q*P)R)Q(O"KO T%X/`8jEqPtUuZw`xcx]x]w\uZtYsXrWqVmSmSlRkQiOhNgMgMeKdJdJcIcIcIcIdJeDcMaUIIIIIIIIHHHHHHHHEIIIFDF~XQ)J"[FFGL$J"H!H!I"J#J#K$L%L%M'I%P+P*|O*cӦ^Dr1 x;y>|EgBb~O)s:t9{=~;@{9CD}@~ADEEEFGIH J$O+^~EM#M M!N"N"O#P$Q%Q%R&S'S'S'T(T(U)U)U)V*V-W-X.W/X0X1X1v9x<y=|>~ADDBGGHIKM!O#Q%S'S'T(T(S'Q%O#M!Q(X0b;kFqPvVyZ{^}`}`}a|azbw_t\q[s[qYoWmUkSjRjRjRgPgPgPgPfOeNdMdMgIiTl^JJJJJJJJHHHHHHHHCG~HJHGJ#\H G{SR*J"}BDGJ!J!K"K"L#M$M$N%P*H"R-O)ėrvQėr[9O&Cp5 yAg0 {Gs>ĐkQ*t9{=>A{;z<{@ACEFFFHI HI!L&O+_J#Q'M O#O#P$Q%R&R&S'S'T(U)U)V*V*W+W+W+X,X/Y/Y/Y1Z2Z3Z3O'~Aw;}?D~A@EGGHIKM!O#P$R&S'U)V*U)S'P$N"O&U,^6hCpLvVz[|]}`~a}b}b{czbx`u_v^u]rZpXnVmUmUlTjRjRjRjRiQhPhPgOkMlWqdJJJJJJJJIIIIIIIIG K!KLIGI"YJ M#xNsItJvL|R\}Q}Q~R~RSTUU|VZxQʙszTleA|J&\VxO|Ss:{Bs:{A~WM&x:y8>A{=~CCEHIIJKLK L#N(M)^M&R(M!Q%Q%R&S'T(T(U)U)W+W+W+X,X,Y-Y-Y-[/Z1[1\2[3\4\5]6a9N&{>z>A~ABFFGHKL N"O#O#R&S'V*W+W+U)R&P$O#Q(X0b;kHtSzZ}^bbdd~f}e}e{ezbyaw_u]s[qYpXpXmUmUmUlTlTkSkSkSpQr\wjJJJJJJJJJJJJJJJJI"M#LLJGG }WHCN$Q'K!L"K!M#K L!L!M"N#O$O$P%T,L%V/㲊ɚtaM)ڦlAY.[0R)֛s|>i*@pI]6z=|;@@z>x?EGIKKLMNKGJ#H$~ZK$Q'Q%R&R&S'T(U)U)V*V*X,X,Y-Y-Z.Z.[/[/\0\3]3]3]5^6^7^7a:[3N&}@y=AEDEFIKM!N"O#O#Q%S'V*X,Y-W+U)S'Q#Q%T*[2d?oKxW}]deghihij~f}e|dyaw_u]t\s[qYqYpXoWoWnVnVnVtWua~qKKKKKKKKJJJJJJJJEI~HKKI I"YIGCICK!K!K!N%N%O&P'P'Q(R)R)R*N&f=tL^6W2[qL`2X*[0_5[3Å]}?x7yEnGFDDz<D~E~BDGHIIKLT(N$R+Q,`M&N%R&S'S'T(T(U)V*W+W+Y-Y-Y-Z.Z.[/[/\0]1]4^4^4^6_7_8_8^7b;^7N&}@{?~@~@DFHJL N"N"N"Q%S'V*Y-Z.Y-X,W+U%T&R%T*[4hCsP{Zdfjjkkkmiig~f|dzbx`w_u]t\s[rZrZrZrZrZwZydzL L L L L L L L KKKKKKKKG J ILKI H!|VLQ$N!P#HN!O"P#K L!L!M"N#O$O$O$I\3uLV,X0[3xSW3X+]0c6[1^4Æ^N&}@k7yR{@|>Bz<~Dw@|B~DGIJ K!L"N$N!J T-Q,_P)P'T(T(T(U)U)V*W+X,X,Z.Z.[/[/\0\0]1]1_3^5`6`6`8`8a:a:`~BDEGIKL M!N"Q%R&U)X,Z.[/Z.Z.[)Y(T&S&U-_8kGtQ}aejlnmmpllkjhg}e|d{bzay`w^w^w^x_x_}a~iL L L L L L L L L L L L L L L L L%N$LNLI FySGJL L JJKO#P$P$Q%Q%R&S'S'T(]3I]X.P(S+_[7U(j>R&a4^4Ŏc\3T+uByRt9z<~@{?{AxAyB|E~G I"J#K$M&N'P#R'Z2~I$zUQ*U,V*V*V*W+W+X,Y-Z.Z.\0\0]1]1^2^2_3_3a5a8b8b8b:c;clHx\}aimoopsooonmljihf~e|c|c|c}d~eisL L L L L L L L L L L L L L L L I"L"KNO"L#J#~XP$HKJO#L JN"R$R$S%T&T&U'V(V(N$_4uJmC^4Y2Ɏg_9\/[.a5a5`6֡v`5f<_7_FBx:CX.uHqLsNvQxSyTzU|W}X[][Y4}XT-V-R'W+X,X,Y-Z.[/[/\0^2^2_3_3`4`4a5a5c7c:d:d:de>c>fBfBe>iBiAX0CDDEFHJM!N"Q%R&S'V*Y-[/]1_3a-`.],W)R(T,]7eAtXz^hmpqruqqqqqonmkjhgfghioxMN N N N O!O!O!N N N N N N O!O!M%J!L JN Q&{J"^L#K"J!N"O#LN Q"P"Q#R$R$R$S%U'W)V)[.Q$՞s\1V-\3߫a3_1e7]/~qG]5e=vбj{ZsRcAfC<~=BHHGJPW$R)N&`U0hR)V)X'Y+Y+Z,[-\.]/^0_1_1_1`2a3b4c5d6e7d7e8e8fh?i@i@i@hAjBjEkFkFlHMHFFHHKP#O!P"S%V(Z,^0`2b4a3b4a3]/Y+X*[-_1hBvQ_hovyxxvuvwxvupqqoonptxO!O!O!O!P"P"P"P"O!O!O!O!O!O!P"P"K#K"Q#P"N M"|I!_O&N%K"L O#S%T&S%Q#S%S%T&S%T&V(X*[.S&^1V{PY0Y0jAɖkΛpđfؤ{pGa8b:f>ʨ]gDfB[6R+C>@~?|?~BFKLKR([3\W2[V-\/],[-[-\.]/^0_1`2`2a3a3b4c5d6e7f8f8f9g:g:g=i?k@jAkBkBkBjClDlGmHmHnJm@V)FHKGGMR$S%T&V(X*Z,\.]/a3b4b4`2\.Z,Z,\.e=qJ}Ydkswvzyxyz{zytvvuuuy{óP"P"Q#Q#Q#Q#Q#R$Q#Q#Q#Q#Q#Q#Q#Q#M#N"T&T$N M N%dL#N%P'N"O"U'V(T&S%T&U'U'U'V(X*Y+V'Z-c6e8˔inCb9a8^5`7d;`8c;d>qKƠޭc=iAnEe]0MEHR!S(\3[X3Őka8U(^.^0_1`2a3b4c5c5d6d6e7f8g9h:i;i;jk>kAmCoDnEoFoFoFoHqIqLqLrMrNqRyYtP^7L"KLIJKMQ#U'Z,^0`2a3c5d6e7c5`2\.Y+[/b8lCySdouw~~Ʃ˵ǿQ#R$R$R$R$R$S%S%R$R$R$Q#Q#Q#P"P"S)O!Q U#OR$R*vOf;P%Q&U(S&R$O!U'U'V(V(V(U'V(W)Y+V%]/V(j;]0c6h=˔ȋiИoۤ}ǔlɚtœ^lGh8wJl>n@vGrCwIyKoDtIwLm@X+GEMN#yPkCgB~Y\4Y-b2_1`2`2a3b4c5d6e7e7f8f8g9h:i;jl?l?lBnDpEoFpGpGqHpIrJrMsNsNsOrUrSwWyTi@Q$GLMMN P"S%V(Z,\.b4c5d6e7e7c5`2]/[-^0e;qJ[jtx~ á£Ĩū̲S%S%S%S%T&T&T&T&T&T&S%S%R$R$Q#Q#S&P!PV$R T&L"Z3WX-N#R%V)Y+S%X*V(W)W)W)V(V(W)Y+^-\+a0[-X)f9iQ&nEf=bf>g>o?h8l;n@qDsEpEtInEqHvKqF_2KEJ{HǕkT,ad?\4a5^.`2a3b4c5d6e7f8f8f8g9h:i;jl>m@m@nAnDoEqFqHqHrIrIrKtLtOtOuPuQvZsTvV~Z|WlCV+HLLMN Q#U'Y+[-`2b4e7f8f8e7d6c5^,],a3kAxQanw~ßáţǥŧĩŪƪƬȮ˲εҼU'V(V(V(V(V(W)W)V(V(V(U'T&T&S%S%T&S$S!X%R W)M$P(`^3S(R%T'\.V(Y+X*Y+Y+X*W)W)Y+Z,Y(c2e4Z,i;a4W*g:f7f7sDh9c6қnqFqFn=l;xJwJrGvMrInFzPxOxOtIc9P$HKa5WW/Đk]8^6a5].c5c5d6e7f8g9h:h:i;i;jm?n@n@oBpCpCpFrHtIsJtKuLuLuNvNvQwRxSxTzZ}[zYwV~Z^pLW3MMMN P"T&X*Z,\.`2e7h:h:g9g9h:d0_-^.e9oG|WfrĠáţɧ˩ūǭʰ̲εҸվƾW)X*X*X*X*Y+Y+Y+Y+X*X*W)V(V(U'U'W)W(V$X%Q\,V-V.Ya5\1V)Q$X*T&W*Z,Z,[-Z,Y+Y+Z,\.b0Y(_.h7Y+i:e8e8l8k8e3n=oAӗij[a<_7^2f7d6e7f8g9h:i;jm?n@oApBpBqDrErErHsIvKuLvMwNwNwPxPxSyTzUzV[~Z|XzY~\`}]vVT&R$P"O!O!P"R$S%Y+_1f8jp?q@rArAsEtFuGvIwJxMyNyNwNwNwPxQyTzU{V{W}\}\~]~^_`aa|[[5KRSSW#W&Y(Z)],c2j9mo?ŗhqCpDtCuDvExIyJyLyLyL[|TyLSp?a4L$œowJh<{OT&_2]/jo>p?q@rAsBtCtCtFuGvHwJxKyNzOzOyPyPyRzS{V|W}X~Z^^_`abcceuQZ/LUW!R U$X'Y(\+a0f5j9me5j9k:l;mp?p?q@rArAsBtCuDvEwFvHwIwIxKzM{P{P|Q|S|S|U~V~YZ[\aabcdeffjepGW(T!V$U#V%W&X'Z)],a0f5l;q@q@n=k:g9b4c6m@zMfØwƟáƧɪͭӴֺؾŵʾ^-Y(W&[*],\+\+^-],],],\+\+\+\+\+],\+\+[*[*[*[*[*[.U(T[}Kb4X)b4^-_._.^-],^-`/a0b1c2f5g6g6g6i8j9m;mp?q@rAsBsBtCuDvEwFxGxGxJyKzL{N|O}R~S~S~U~UWX[\]^ccdefghhge_pGV)S$Z)W&W&X'Y(Y([*a0j9q@q?o=n=mp?q@rAsBtCtCuDvEwFxGyHyH{M{M|N}P~QTUVWWYZ]^_`eeeggiiigdjbkCW,U&U$W&X'X'W&X'^-g6n=p>q?s@q@j9d5g8m>}OdǚxȢ̩ЮѲٸֽó̽yHn=b1\+[*\+^-_.a0a0`/`/`/`/_._.a0`/_._.^-_._._.^.],a2g9Оpd9\1\3`/a0b1b1a0a0b1c2d3g6i8k:k:k:l;mo>p?q@rAsBtCtCuDvEwFxGyHzIzI{J}O~P~PRTWWXYY[\_`abgggiikkllolmdkCT'U$W&X'Y(X'X'[*b1h7pa0^-a0d3c2c2b1b1b1b1b1a0c2b1a0a0a0a0a0a0_-e3\+c3^0WƒiZ3a0b1d3d3c2c2c2d3f5i8l;n=n=n=o>o>r@rAqAtFwG͟pyKxL{J|K~MQTVWXVbجɠbԨ`[-T&P"MV%Q a.\)h5sBsBtCuDvEwFxGxGzIzI{J|K}L~MNNRRSUVYZ[^^`adefglllnnpppnquupƖrÎcsBX'Z)[*[*Z)Z)[*],f2q=xDvCvCwFq@g6f0vEZoȢϭѰֵӾŶQM~KzGr?f3_,_,`-e2g4d1b/d1e2d1d1d1c0c0c0c0b/b/c0b/b1a0].d5}NϘk_1i:a2d1j6e/g/g/j;f7g8n?rCo@l=m>qBvGsDzMtF̗l{PwLE‡ONNUZZ^gҪ{kڭўsk:b,X%S V#T!V#[(]*e2s@uBvCwDwDxEzG|I{H|I}J~KMNOOTTUWX[\\^_abefghllmooqrrrsuwuqjf|ToD`2['[(_+]+[*_,j7uBzG|I|IvCn;jxI_˜vѨҰնռôONOP|Io|M֣xd6_1e6b1k8e1i5j9n=p?n=ml>tEVƕṃѮյջ²;PPRTQyFl9d1c0f3h5h5h5i6j7h5g4g4g4g4g4f3f3f3g4c0b/e4e4a2a2d5pFϜqzOa3k=d5e4e4f3k8or?vBxDvCtAyH֞mRQMQY^eѠxۭУ}lęxӨУk[xGb.Z'U"Y&Y&Z'\)]*f3wDyF|I}J}J}J~KLMNOPQRSTXYY[]``acdfgj‘kkmooprrtuuØwx{||wrme\{Ln:b.^*]+_._,^+e2tA~K}JyFxEp?m{LaǚxЪմֻ˻SQPRQ~KtAl9e2f3g4h5j7k8k8j7h5h5h5h5h5g4g4g4j6e1b/e2e4d2c4d5d:nDўsʗla6b7rGd9q=k7h4l8q=t@vBzFr;xDwC|H|I̕bō\}LXSe٩ڬɜvhaోⵐʝxbfbzIt@\)W$[([(Z'[([(f3xEzG~KLMLMMOOPRSTU‰VZZ[]^abcefÐh‘iÒl“mÔnÓo”rrr•tu–wwxŚy|}~|Öt•pgaW|Hph5_._,^+_,e2s@LO~K|KuBp=r?{L`ȞyԮعʶOPPQTR|Is@oi7d1d1a.a.k8zGOMNzGt@s?wDT—lѨֵܽȳPRST‰VUNxEvCn;h5i6l9k8j7j7l9l9l9k8k8k8k8k8i2j3k7k6j5h5h5i6m9k7m:a0qBsE^0yNѠrϞpēeSuGrDrDqCsEwIzLS~RxM_Tbڪ௃ȗk\^Ēd͗hʖhaeϜqƒdxGpi6j7l9l9k8k8n;n;m:m:m:m:l9l9o8n7m6l7l7l9m:m:l4n6l6q=j7h9uFpBrFnBzN•iУw̟s̟sը|Сu˜p͠uțpҦ}Ф{׫޳ڨ~bX_őcƒc͘fΙgɑ`ΘiϛmɖkǔiȔfPh4c0Y&Z'\)]*b/n;QOPRRRS‰VÊWÊWÊWċXŌYǎ[ȏ\ɐ]ʑ^őbőbƒcœeƔfƕiǖjǖjȘnƙnǙpȚqǚtțuȝvɝxǝzǝzȞ{Ǟ}Ǟ}ƟǠǠɡȡǢƢǣʣʡʟ~ʜsɘlĐaTN|HxEtBr?j7b/b/e2l9yFSMK|Ew@ss>t?vAxCyDzE{F}H~IJKLOSVVÍXŎ[Ő]Ƒ^Ɠaɖd˘fȗgɘjșmȘn˚nƒcLo7e0\'](a,a,i4xCKMMNPRSTUŒWÍXĎYƐ[Ǒ\ɓ^ʔ_˕`ʔeʔeɕfʖhɗiʗl˘m˚nǚoǚoȚqțuɜwʜzʝ{˞}ʟ~ʟ~ɠɠȡȡɡɡʣˤˤ̥ˤʣɢȡ̡ɜwǓjČ]R~JxFvCvAqqt?u@vAxCzE{F{F}H~IKLMPSVVÍXƏ\Ƒ^ǒ_ǔbʗe̙gɘhɘjșmʚp˚nƒcLo7f1_*_*b-e0o:}HMOOPRTUVŒWÍXĎYŏZƐ[Ȓ]ʔ_˕`˕`˕fɕfʖg˗iʘj˘m˚n˚nɜqɜqʜsʝw˞y˞|̟}̡̡͠ˢˢʣʣˣʤ̥̥ͦΧ̥ͦˤʣ͢ʝxǕkÍ^SLyGwDu@qt?t?vAwByDzE{F|G}HJLNOQTVÍXŏZǐ]ǒ_ȓ`ȕc˘f͚h˚j˚lʛo˛q̛oőbKo7f1b-a,d/k6xCNNQRSTVÍXĎYĎYŏZŏZƐ[Ȓ]ʔ_˕`̖a͗b˗h˗h̘i˙k̚l̛o͜p͜p̟t̟t˟v̟y͡|ΡϢ̧̥̥̦̦̦ͤͤͤͨ͢ΩΩΩ̧ͨ˦Ϥ̟zʘnŏ`‰VN|IyFu@r=o:m8j5j5qn;p=p?r=s>s>t?s>s>r=r=p;p;p;p;p;o:o:o:p;p;qs>t?u@u@u@wBxCzE{F|G}H}HKMPQRUŒWĎYƐ[ɒ_ɔaʕbʗe̙gΛi͜l̛m̝qΞtΝqőbJp8e0d/c.g2r=LRPSSTVÍXĎYŏZƐ[Ǒ\Ǒ\ɓ^ʔ_̖a͗bΘcϙd͙j͙j̛k͛m͜nΝqϞrΟsˠu̡v͡x͢{ϣ~УϥϤΥϦͧΧΧΨΨΨΩΩϪЫЫϪΩͨҧϢ}͛qɓdŌYP~K{HvAt?r=p;l7j5n9u@RVTPKyDvA|G^ɟuױ͹tCwDtAp=wBTПg۪r٨pԣkǕ`MuBr?tAsBs>t?t?u@u@u@t?t?r=r=r=r=qt?u@vAvAvAwBxCyD{F|G~I~IJLOQRTVÍXƐ[Ȓ]ʓ`ʕb˖c˘fΛiНkϞnΝoΟsѡwϞrĐa~Ip8e0e0e0i4xCQTQTTUŒWĎYŏZƐ[Ǒ\ɓ^ʔ_˕`̖aΘcϙdћfћf͜lΝmϞnϞpПqϠtСuСu͢w͢wͣyΣ|ФϥЦѦΨΨΨΨΨϩͩΪΩϪЫѬѬѬЫϪӪҦΞtʖgƏ\SN}JzEwBt?r=n9k6m8s>LUVRP~IyDzETƗkլ߽θq@uBvCtAwBOȗ_ԣk֥mդlʘcPwDs@r?o>t?u@u@vAvAvAvAvAt?t?t?s>s>s>s>s>s>s>t?t?u@vAvAwBwBxCyDzE|G}HJJLMPRSUÍXŏZǑ\ɓ^̕b̗d͘e͚hϜjўlѠpϞpСuӣyПsÏ`}Hp8e0f1f1n9JTUSUVŒWĎYŏZǑ\Ȓ]ɓ^˕`̖a͗bΘcКeҜgӝhӝhПoПoРpѠrТsѢvңwУwϤyΤyϥ{Х~ЦѧШЧЪЪЪЪЪϬϫϫάϭЮѯѯѯЮϭ֭թҢxΚkɒ_VPL|GyDvAt?p;l7m8q<|GSWUTO}HzEJ^Хz۸ʲmPVUVÍXÍXĎYƐ[WRʔ_˕`͗b͗bΘcКeҜgӝhԞi՟jҡqѡqҢrӢtҤuӤxҥyҥyЦ{ѧ|Ҩ~ѨҨҪӫӪҬѬҭҬѮѮЮЮЮѯҰӱԲӱӱҰְիҥzΝmʕbÍXRM}HzExCwBs>n9m8p;zESŽYVVSK{F|CVțoկĪпn=m:n;uBzE|GIPRWWN|I}J{HuDu@vAwBwBxCxCxCxCwBwBvAvAvAvAu@u@vAvAvAvAvAvAvAvAxCyDzE{F}HJKKOPQRSVŏZȒ]ɓ^˕`ΗdΙfϚgϜjўlӠnӢrѠrңw֦|ҡuÏ`|Gp8i4i4j5wBTŒWUĎYŏZŏZƐ[Ȓ]V?( Z͗b͗bΘcϙdћfҜgԞi՟j֠kѡqҢrӣsҤuӥvҥyӦzӦzҨ}ө~ҪӪԪԬխլӮӮԯԮӰӰҰҰҰӱԲճִִճԲױ֬Ӧ{Пo˖cĎYSN|GzEzEzEvAp;m8n9yDSÏZWXUL{Fy>P”eΩ۾̻p;r=s>r=qxC|G}H~I}H|G}HKM{I\4zExCvAxC{F|GzE{FyDxCwByDyDyDxCwBxCyDyDzEyDyDyD{F{F|G}HJLMNOQTVWŽYő\Ǔ^Ȕ_ʖa͙dМgҞiաlؤoڦqѢv֨yצx֥u֣qȓ`{Fl7n9i4p;NÏZÏZÏZǓ^SsU6Oa[?/МgНeўfҞiӟjԟl֡nעoעp֤v֤v֥wզzը|Ԫ}ժԪ֫׬׬جخٯׯذױװױױز׳سسմֵֵ׶׶׶׶׶նֱԬҤuΜhɓ^UQL|GxCxCvAs>qt?s>~IVȔ_Ȕ_Đ[VSOLPƕcԪܽμ}H~I~I|GzEyDyD{F{FyD{FLOPSsK<*wBzE}H}H|G}H~I}H|G|G|G|G|G|GzEzE{F|G|G|G{F{F}H}H~IJLNOPRTVXŽYĐ[Ǔ^ɕ`ʖa͙dМgӟjաlףnۧrݩtר|ت{۪|ݬ|\F1mO2X0{S+zS,xQ,uQ.F3'3&.8WXXWY_GD3"Ԡkԡiբj֢mףnأpڥrۦsۦt٧y٧y٨zة}ث׭حخگ۰ٰڰڳ۳ٳڴٴڴڴٶڶٷٷٷ׹غغٻٻٻٻٻڻ۶ذ֨yҠl̖aÍXSN~IzEzEyDu@t?u@s>zERȔ_̘cǓ^XWSLMZ̢uٶ˵JKLLKKLMMKLQTSU^G_:3#p@~I}H}HJJJ~I~I}H}H~I~I{F|G|G}H}H}H}H|G~I~IJKMOPQSUXÏZĐ[ƒ]Ȕ_ʖa̘cΚeҞiԠk֢m٥pܨs߫v٪~ڬ}ݬ~b,**+=>L__ZW V VVZa>nS7աlբj֣kףnؤo٤qۦsܧtܧuڨzڨzک{٪~٬خٮٯٰڱڱٲ۴ڴڴ۵ܷܶڷ۸ڸ۹ٹںغٻٻڼڼڼڼڼۼܷڲت{ԢnϙdƐ[WQL}H|GzEvAt?u@u@xCOǓ^Κeʖaő\Đ[VOJTɛkձȭLMNOPQRSSRSVWWXoQ@X^NwD}H~IKKKKJ~I~IJK|G}H~I~IJ~I~I~IJJKLNPQRTVŽYĐ[ő\Ǔ^ʖa̘cΚeМgӟj֢mؤoۧrުuwګݯு5)E`]][Z ZYXXXYYWW]\ҟj֢mפlפlؤoڦqۦsܧtݨuީwܪ|ܪ|ܫ}۬ۮڰ۰۱۲۲ڳ۴ڵ۵ܶ۷ܹܹܹۺܺۼۻܼټټڽ۾۾۾ڽڽܽݸ۳٫|գoКeȒ]‹XSN~I}H{FwBu@u@wBxCLÏZ͙d͙dɕ`Ǔ^YPKPŖcҬĥԼOOOPQSTUTVWWŽYĐ[ő\X@)Q^_Xd:JJKLLK~I~IJL}H~IJJJJJJKKLMOPRSUWÏZő\ƒ]Ȕ_˗b͙dϛfѝhԠkףn٥pܨs߫vxګ߱qS2ZWXZ[\^^__^^[X\]"kQ6ףn٥p٦nڧoۧrܨsݨuߪwxy߭߭߮ޯޱݳ޳ݳ۴ܵܵ۶ݸ޸ݹ޺ݺݺܻݼܽܽݽݽ۾ܿܿ޿໙ݵۭ~֤pКeǑ\WSNJ~I|GxCwBwByDzEKV˗bϛf͙dʖaZTNN]ͦzܾϳRQPPQRSTSWŽYWŽYǓ^[:+D[^^_] &{W2~IKLMK~I~IJL~I~IJKKKKJKLLMOQSTVXÏZő\Ǔ^Ȕ_˗b͙dϛfҞiաlؤoڦqܨswyګթ}.$0V VY _##a((e++f++f--g//h//h ` XZ^_RA1$ԡl٥pۧrۨpܩqݩtުuߪwyz{ᯁᯁᰂᲆೇߵൊඋݶ޷޷ݸ޹߻߻༘޻޻ݼ޽ܽݾ޾ܾ§§§§Ἒ޶ۭ~֤pϙdƐ[VRM~I~I}HzExCzE{F{FJTɕ`Мgϛf˗bÑ\VNKXʡtٹɫRSTSTVYÑ\XYZÑ\œ^Ǖ`_ S^^^^_TV>%NLKKLMMLLLLLLLLLLLMNPRTUXZÑ\œ^Ɣ_Ǖ`ɗb˙dПgҡiգnզpקsڪvݮz߰}ᴁiT>7X[##a22j::o==q>>r==q<>v f^ [ ZZ^P1#VUTSSSSSSSSUUUVWXYZÑ\œ^ɗb˙d͛fОiӡlգnاo۪r߭xqN )U]]^^[ZXV UUVVX[aI(bܪuݫv߭xzz{}~嶀緃縄縄蹆纇鼉罎罐罐迒鿔–œĞĠĠĢǤȥǦǦȩɪɬʬʯʯ̰ͱͱββββͱǦ俙⺊|եkОd˗bď]TRPNMLKJJ~I~I~I}HKTĒ]ʝjѡmѠhϚa˖]ē[ʚfתwğ͛fΜg͛f̚e̚e͛fϝhҠkҠkӡlӡl[ I^\ \##h;;vMMSS99t!!f`_[ Y[asGVTUUUUUUUUWWWWXZ[Ñ\Ñ\Ɣ_ɗb̚eϝhӡl֤o٧r٨pݬtaL5> WVYZXW V V VUVVV[^`A/$cެwݫvެwy{{|~絀嶀縂鹅麆麆軈鼉뾋鿐辑羑迒–Ę˜œÝşƢšţȥɦȧȧɪɪɬ˭˰˰ββϳддддϳǦ俙⺊߲yզiОd˗bď]VSQOONMK~I}HJK~I|GMTʜlѢnӢjӞeϚaȕ]ȘdԥrԽɚdʛe̝g͞hϠjСkСkѢlԥoӤnfEW][`//o<>{22r))l!!hc`]YY["#WZZWUVVTUXXXYYZ[\“]Ŗ`Ɨașcʛe͞hѢl֧q٪t7*BYVVV VYYX W VVX^bP#+ {];Уnܭw۬v߰z{|}~嶀淁縂縂踄鹅渄klNpZCq[DSD2\L97."L?0meWnsmqwnsymoxivmaa__^~`dkquiz}izselbek`oreVL;oQ6wPUUSQQPOMJKLLLLMMWǙc͟i͟i̞hɛeʜfҤnᵐвѢlңmӤnզp֧q֧qרrרrةs٪t٪tϢobM<8I BK))q''l**n..p((m$$i geaYY^ YSŖ`Ŗ`[XWVTTWYYYYZ\Ô^ĕ_ǘbșcʛe̝gϠjңm֧qP?2D]XWWWVVXY[]]`R*e;N“]֧qݮxݮx{|~嶀縂蹃麄ۮ{\qZA& 2(cdVSeb ?/tFRQPONLLLLMNMMO[ɛeϡkТl˝gʜfϡk߲̭զp֧qרrةs٪t٪t٪t٪t٪t۬vܭwܭwګu٪tXx^A1') 8EW""i!!eecaYZ^VqLѢl̝gƗa\ZWTUXZYYY[“]Ŗ`ǘbɚdʛe͞hϠjѢlѣm_J>\`\ZZ[YZ^^`]O6@/j=JMQ“^ӥpݮxޯy|Өuje]iT,-) ,-)ZWJj8KN5(tFQONOMLMOONMKTŗaϡkѣmΠj͟iϡkݰɧةsةs٪tګuګuګuګuګuګu۬vܭw۬vګu٪t۬vܭwԦqc\kI :` c d_ X[^UnL۬vӤn͞hǘbÔ^ZVVY[ZZ[\ĕ_Ɨașcɚd̝gΟiСkңm}U-]^^]]\]^b]94)@mS>e>sT3b9`8`8fzGJIotq JMKrwtcfdTWU&'&mqoMPNz~{UXVÿ adbw|yDGF !"!NPNEHF698[_]*-,blDYXXZ\“_̝iרtݮzݮzܭyܭyݮz㳃ʤ䵁㴀~~~}~䵁嶂嶂淃淃縄蹅麆껇뼈q,`>q7DEo*33c`~Qfhat4_^^^PKTSY^\8:9]`^}~||++*\_]-/.qur\_]=@?bfcMPOSVU+-,ILK*,+%&%jom W[Y)*).10ntr|~x~|sywu|{¾1%ZZ[^Ô`ɚfңo۬xޯ{ݮzݮzޯ{ޯ{涆ͧ嶂㴀~~㴀㴀~䵁嶂淃縄縄縄麆껇뼈콉ÐÐѬ'^VrUhhIPJa~[qyH^^^_Kv{rzx@B@aca675 QSR*,+JMKVXV*+*;==QSQ_a`%''pwuOWV8*[\“_Ɨcʛgԥqܭy~}}㴀~鸊Эᴁⵂⵂⵂ㶃䷄䷄䷄㶃䷄帅纇軈꽊뾋쿌ŽÏĐĐĎĎ߷$8\S?T_r k8DDe-99)[^^^`.1:txuKMK-/.TVTtvsnpmz{x>>=fignrohjh ]a].I@BE0%]•bėdŘeɜi֩v߲ೀݰ}߲ೀ߲ⵂ廌ѭ㶃㶃㶃䷄帅帅帅湆帅帅湆軈鼉꽊뾋쿌ÏĐĐőƑƑḇ#>]V(5G>=6 #"aG\^ )67#_[]^^;?8:<:-.-))(wxu_a_VWU--,'&%~|}|FHG`b`669}%&)¿(`Řeƙfǚg͠mثxೀᴁޱ~ೀᴁ߲ᴁ漍Ү帅帅帅湆湆纇纇軈軈軈鼉꽊뾋쿌쿌ÎďŐƑǒǒȓɔ⺋#>]Z +M8,-;=%[WZ^^:>7cebPQOvvs''& WYWfCGF¿þ;-ÖcțhǚgɜiӦsܯ|ⵂᴁ߲ⵂⵂ߲ᴁ迒԰湆湆纇纇軈軈鼉鼉뾋쿌쿌쿌ÐÐđŒƓǔȕȕɖ˗⼏$?]\QXRixrg[lh.\YX_V;>8781 )W8}~rw>Ff:Bt;D`GQJToofCƙf˞kɜi̟lثxᴁ䷄ⵂೀ㶃㶃ೀⵂ•״纇纇軈軈鼉鼉꽊꽊ÐÐŒŒƓǔȕɖʗ˘˚˚⽐#@]^0^uu,1./61H_\V_?;?9STe>?>BE=-0$/1&/1&,/% K Z LYT),'Vțh͠m˞kУpݰ}䷄湆㶃ⵂ帅㶃ᴁ䷄ƚڷ鼉鼉꽊꽊뾋뾋쿌쿌ÐđđđđŒŒŒǖȗȗɘʙ˚̛̜͜͝⾔#7[_8E;0`{b/>@z!L!!b _ W _=:?9CGE.123Zhf%& cɜiϢoϢoըuⵂ帅纇䷄䷄湆㶃ⵂ纇ɝܻ쿌쿌쿌ŒŒŒƓƓǔǔȕɘɘʙ˚̛͜ΝΝΡΡ",Y_HsέubNdnh6AB +-t  `))e&&dX _=:@;w|DJHpusx}KPNY]\LQO^ebdkhXZYGHGYYX554NON565JLJ>@?###777ILJM dOY[C9O]I?Kq{oyaD˞k˞kѤqըuܯ|湆湆纇湆湆纇㶃㶃뾋ˡ޽ÐÐđđŒŒƓǔǔȕɖɖʙʙ˚̛͜ΝϞϞУѤ™"-Y_GVJAӭҨ⾕u{_OMCBPOFY]H\^6?>Zuz +^//i++gX _=dmj'**nxv5:9pyvowtEJH^dbOTR475U[Ys{y]cb=A@Z`^;?>dki/10inladbbeb./.bdbSUSEGF figRUT..6cRflgT\AOG]`TĚiϢo͠mҥrثxೀ鼉帅軈湆纇纇㶃䷄̢ÐЏÐÐđŒƓʔʔ˖˖ʗ˘̘˚ϞϞϞРРУУѤѩҪĞ#.Y^WG<:ծӫΡɘ伈޶ԯڱ`UCw B`//j,,gW ^=;C=_igNVSX`^@FE@EDMTSU^\IPN}r}z=CA,10cnkclj*-,clj^ge054JQP(+* ""pzxJOMLQPU[Y033\_]')(otsgkj=@>DVpv &C^  L}krNˢqˢqɠoͤs׮}ḇ潌輇齈细庇缉⺆今ÒѮŒŒŒŒƓƓǔȕʕ˖˖˘˘̛̛͜ϞПРѡУѤҤѥҪӫş#.Y^_װԬУ˚đ澊จܶqRH`dHWSD''e--i,,g W]=:A;s~{NWUOWU="&%5T^`A~֮ҥ͜Ɠ伌vbIi*''b++g((e((e W^;_ic^gdYb_JQP$&#}A6"^G1|<%.Va7,̣rͤsΥtΥtѨwٰ㺉羍羍轊꿌缉㺉今⺉澎əغ̛̛̛̛̛͜ΝϞΝΝϟРУҥӦӧԨԨԨժժխխխ֯װԭfXIN^^bH>3խҥ͜ƓŢyAMLdxv 11l&&d''e))f W];wQZWGNL'+*=DB]fdCHGagedki[caV^\@<Oy\K;g {"y  FT{_v{.*"dΥtЧvЧvЧvӪy۲弋羍龋潌今伋㻋͝͝͝͝͝ΞϟϟРРѡУѤӥӧԨԨժ֫֫խ֮װװװ׳׳شwH_^b׹Ѥ͜ƓI@3!'(C22m!!b))g--h W^*}wy\cb t|fdL}F   ?#cz|;HERB.ˣsѨwҩxӪyԫz׮}߶迎羍翋羍伋彍㽍ėѤϟϟϟϟРѡҢҢҥҥӦӧԨԩժժ׬֮֮ׯװر׳شششٵβ*a^`6r\ҥ͜Ñ4+^\Q..k..j_--h''f VZ 1oSwOONM[ wA Xnm/&ҩxԫzլ{ҩx֭|ڱ߶弋‘‘羍羍迎彍澎濒ǚ֩ѡѡѡѡѡҢӣԤӦԧԨԨժժժԬ֮ׯׯررششششٵٵٵG>;_^^^#HմΝiNKI>_uo G<GX[(+F_SyubD^I%#`EfWndEG>şpӪy֭|د~Ӫyٰ߶弋Ŕ‘潌羍翏澎忏ɜڬҢӣҥӦӧԨԨԨժ֫֫׬׬׬׬׬ٲٲٲڳڳڳڳڳڷڵٵٵ©;b^^\ g9<7!"33l88r a]22k^Y)w@HRRzQFDuk3 _rnhԬ|խ}խ}խ}խ}ܴ彍ÓÓ澎羍Ž•ϤݶӣӣӦӦԨԨթժ֫֫׬ححح׬׬ٲٲٲڳڳڳڳڳڵٵٵٵڳLB>O^^b%}e~ !@AAz++h]]++g YV , i6:=d?uYg5] c~{dIԬ|խ}֮~֮~֮~ٱจĔĔ’Ö迎Óřѩ߻ԧԧԧթթ֫֫֫׬׬حٮٮٮححٲٲٲڳڳڳڳڳٵٵٵڳٲ̦.'0D`8L\[%4::n66p`[_aYP5?;v}whiaZ[THHA>90IB6g_Pupbxvivp`\QAE<0?8.>8-?8-?9.?8-?7->7.=7->8.>7/OF:LD8F?4F?5JIAJ^_{CLD"&qeSfW6^6;NNnY@խ}֮~֮~ׯׯׯจ彍ÓƖƖĔ’’ė‘Öɞ԰ըը֪֪׫׬ححححٮٮگگٮٮٲٲٲڳڳڳڳڳٵٵٲٲذذǟK@8oulE[^&$J>>w&&e[Z][^KF9|bb|Z`acrֲĖÔɚɚǙǙțɛʜʜʟˠˡ̢ͣөѪѪΨγnXOC;:4OWTTaa9JNOineſ <FKZz+6`,^||^L7֮~ذذذذٱڲ澎ŕǗƖĔӒ֒řͤٶ֪֪׫׬ححذذحٮٮگگگگٮٲٲٲڳڳڳڳڳٲٲٲذذح׬֫]P?DUW=QU"<Dvdn~5Wki4*ʤwذڲڲٱڲݵ߷’ĔƖǗŕĔӒ••ǜϫܽ׫׫׫ححذذٰحٮٮگگگگگٲٲٲڳڳڳڳڳٲٲذׯح׬ܽp_L@OOYw| !((g88qa\ WZ^B ˩޶֮~֮~Ԭ|խ}۳翏Ș̜ʚΞϟРѡѡҢԤ֦ըը֪׫׬حٮذٲڳڳڶ۷۸ܹܹ޻޻޼߽޿Զî{jocUQH>PG=T]ZrO]Rfg 91><6, ^ذڲ۳ڲڲܴจ伌ƖƖǗƖŕĔÓӒ’’ėʢԲ׫׬ححذذٲٲحٮٮگگگگٮٲٲٲڳڳڳڳڳڱٱذح׬r;=9Qkpn((V**h$$d[[^U)2)$u伌ׯխ}ׯ֮~ڲ伌Ǘ͝͝͝РРѡҢҢӣեبש֪׫׫حٮٱٱڳڳ۴۷ݸܹݺݺ޼߽߽޿ټϳͷ|oROH;HHYie3i=Jzw||{yXٱڲ۳۳ڲڲݵ伌əəȘǗƖŕŕŕÓÓŕȜϨٺ׬׬ححذٰٲٲححٮگگگگٮٲٲٲڳڳڳڳڳٱذذΥvfQ /?A Q^_ Z [P8!vZǗĔ߷Ԭ|Ԭ|֮~ׯ߷Ó̜ΞϟРРѡҢҢҢӣ֦ب֪׫׫حٮذٱٱڳ۴ڶ۷ܹݺݺ޼߽߽߽ѵʼJOKcmYkd[s7-!ڲڲڲ۳۳ڲڲ޶澎Ĕ˛ʚəȘǗǗǗƖÓŕƙ˟ҫܽذذذذذذذذٱٱٱٱٱٱٱٱٱٱذذذذذׯججɠ1.(D[`k43-aR?xWI8 "/"?'"<% :!<:16MA2u˝ʜĖݹձӯ԰ϫ}ڶĖ̞Π͟ΠТѡѡѤҥԨթ֪֪٭٭٭گگ۲۲ܳݴܵݶݶ޹޹޻޻ʬlMQJs.*"u׳شٵֲֲٵ۷޺”̞țțǚƙŘŘėėÐđȘ΢״ٱٱٱٱٱٱٱٱٱٱٱٱٱٱٱٱذذذذذׯׯׯججŨ4AAPkqPjnxw|rfkbnaMfzӳȚƘ߽ӲӳԴӳӳӲȚ˝ʜʜǙ㿑ڶ԰ӯձش༎Ƙ͟ϡϡѣӥҢҢҥӦԨ֪֪׬٭٭گگ۰۲ܳܳݶݶݶ޹޹޻޻޻̨k/-'MXT7HFyZ׳شٵڶششڶݹ⾐Ƙ͟țțǚƙƙŘėėőƕʚѦٶگگگگگگگگٮٮٮٮٮٮٮٮٮٮٮحححح׬׫׫ʠѲۻ̡Σ̟̟̞ʜɛȚƘĖÕĖŗƘƘȚʜ̞˝Ǚݹֲ԰ձ׳ĖʜΠТҤԦէӦӦԧթ֪׬ححڮگگ۰۲ܳ۴۴ݶݶ޷޹ߺ޻߼߼۲جØn=5)geUĸiul-%׳شٵڶ۷۷ڶ۷༎ŗ˝͟ɜțțǚƙŘŘėƖȘ͠Ԭ޼گگگگگگگگٮٮٮٮٮٮٮٮحححح׬׬׬׬֪֪֪թԨӧӧҦѣΠ˝ʜɛȚƘŗÕĖƘǙȚɛʜ˝Ț”޺׳ձֲڶݹʜ˝͟ТҤԦէէըը֪׫׫حٮٮگ۰۰ܳܳܵܵܵ޷޹ߺߺ߼߼ݶ׬Ӧ̞ʜƘˬs`I>4'@8, eڶڶ۷ܸܸݹܸݹʜΠ̞ɜɜțǚǚƙŘŘƙʝѦرڮڮڮڮڮڮڮڮجججججججج׫׫׫׫֪֪֪֪֪թթԨӧҦҦҦТΠ˝ɛɛȚƘŗĖŗƘȚɛɛɛȚ”὏ڶձֲܸ⾐”ΠΠТҤԦէԦԦ׫׫׫حٮٮٱٱ۰۰ܳܳܵܵݸݸߺߺߺ߼߼۲ըУɛȚĖ὏ݹem[EKC5=NNqi1* صܸ۷ܸݹ۷ݹ޺༎Ė͟ϡ˝ʝɜɜțǚƙƙŘǛ̡ӫ۸٭٭٭٭٭٭٭٭جججججججج׫֪֪֪֪թթթթթԨӧҦҦѥѥϡ͟ʜɛȚȚƘŗƘƘǙȚɛȚƘÕ༎ܸش׳۷⾐Ƙ˝ϡТѣӥԦէէԦجججٮگٱٱ۲ܳܳݴܵݶݸ޹޹߼߼ܵ׬Ҥ͟ȚƘ”㿑὏὏༎ݹղt]N;EY]huX޺ݹܸݹ޺ܸ޺὏”ɛϡΠ˝ʝʝɜțțǚƙƙɡϧر٫٫٫٫٫٫٫٫تتتتتتتتששש֨֨֨֨֨ԨԨӧӧҦѥФФϡ̞ʜɛȚȚƘŗǙǙǙȚȚƘ”㿑۷۷ڶ۷߻Õ˝ТѣҤӥӥԦէ֨ש٭ٮٮٮٱٱڳڳݴݴܵݶݸ޹޹޹߼߼߽ݸٰըТ̜Țŗ⾐㿑㿑⾐὏߻޺޺ϭz\<2&EF?s{Ѱ޺ݹݹݹ߻޺߻ɛТТΠ̞˞ʝʝɜțǚǚƙ̥Ӭܷ٫٫٫٫٫٫٫٫תתתתתתתת֩ըըըըըԧԧԨԨӧҦѥѥФФΠ̞ʜɛȚȚƘŗȚȚǙȚǙĖ㿑߻ڶ۷ܸ޺㿑ŗ͟ҤҤӥӥӥӥէتڬٮٮٮگٱڱڳڳݴݴݶݶ޹޹ߺ޻߼޻۴׬ӧϟ˛ȚĖ⾐㿑㿑὏༎߻޺ݹݹݹѯq|]aٶ޺ݹݹ޺߻༎༎ÕΠԦѣΠΠ˞ʝʝɜțǚǚǚϨձ߼ححح׬׬֫֫֫֫֫֫ժժժժժժԩԩԩԩӨӨӨҤҤҤҤҤѣТϡ͢ˠɞȝƛƛƛƛŚŚƛŚØ⿔ݺٶܹܹ޻ɞϤҧҧԧԧ֨թ֪׬׬حگگ۰ڲ۳۴ܵܵ޵ݶ޷޷޺޺߼߼߽ܺٵׯԩТ˛Ȗ——⿔ᾓᾓདྷ޻ݺݺܹݺ޻߼དྷݺདྷདྷݺ޻ᾓᾓ޻߼Ę͡ѥѥ΢̡̠̠ʟɝɞɜə˛РҨٵحح׬׬֫֫ժժ֫ժժժժԩԩԩԩԩԩӨӨӨӨӨҤҤҤҤѣѣТϡ̡ˠʟȝǜƛƛƛǜƛŚØདྷݺ۸ٶܹ⿔ƛ̡ѦӨӨԧԧթ֪׬׬حׯگ۰۰۳۳ܵܵܵݶݶ޷ݹ޺޻߼߼޼ܸزԬѦΠəƖ——⿔ᾓᾓདྷ޻޻ݺݺ޻޻དྷདྷ߼དྷ߼޻޻དྷདྷ߼–ȜϣӧҦϣ̡͡͡˞ɝɞɜț̜Ѡխܹ׬׬׬֫֫ժժժժժժԩԩԩԩӨӨӨӨӨҧҧҧҧѥѥѥѥФϣ΢΢̡ˠʟȝȝǜǜǜȝƛęᾓ޻ݺݺڷ߼Ś̡ѦӨӨԩ֨թ֪׫׬حذذ۰۰ڲ۳۴ܸܵܵ޷޷޷޺ߺ߼߼߼ݹڶԮШΣʞǙŗ——⿔⿔ᾓᾓ߼߼߼޻߼߼དྷᾓདྷ߼޻߼߼߼དྷʞ΢ӧԨҦФ΢΢ΡʞɝɞȝȜ͟Ҥڳ׬׬֫֫ժժԩԩԩԩԩԩӨӨӨӨӨӨҧҧҧҧѦѦФѥѥѥФϣ΢΢ˠˠʟɞȝȝǜǜŚę—⿔޻ݺݺ޻߼Ø̡ҧԩԩԩժ֪֪׫ححذٱٱڲ۳۳۴ܸܸܸܵ޷ݹ޺ߺ߼߼ܵرҪ̤ʟǛřח—⿔⿔⿔ᾓདྷདྷདྷདྷᾓᾓᾓ⿔޻޻དྷདྷ߼⿔ŚѥӧթԨҦϣ΢΢Ϣ˟ɝɞȝȞΣӨܹ׬׬֫֫ժժԩԩԩԩԩӨӨӨӨӨҧҧҧҧҧѦѦѦХХХХХϤΣ͢ˠˠʟɞȝǜƛƛདྷ޻ݺ޻དྷƛˠҧժԩӨժ֫׫׬حٮذٱڳڳ۳۳۴ܸܸܵݸݺ޺޺ߺ߼߼޻ڱ֭ϧʢǜŚÙ———⿔⿔⿔⿔⿔⿔⿔ᾓ⿔߼߼⿔⿔⿔ęˠթ֪թӧѥ΢΢͡ϡ̞ɝɞɟˣѨװ׬׬׬֫֫ժժժԩԩԩӨӨӨӨӨӨҧҧҧҧѦѦѦХХХХϤϤΣ͢ˠˠʟɞȝƛęęདྷᾓᾓདྷ޻߼⿔—Σҧժ֫ԩԩ֫حححٮٱٱڳ۴۴۴ܸܸܵܵݺݺݺ޺޻߼߼޹ڶ֫Ө͢ɞǜĜ›ØØؗ———⿔⿔⿔—Ś̡ҧ׫֪թҦФ΢΢͡П̞ɝɟʣ̦ԯܷحح׬׬֫֫ժժԩԩԩԩԩӨӨӨӨӨӨҧҧҧҧѦϧϧϧϧΦ̤̤ͥˠˠʟɞǜŚØདྷᾓᾓདྷ߼⿔ƛˠӨժ׬׬ժժ׬گٮٮٱٱڳ۴ܵ۷ܸܵܵܵݸݺݺ޻߼߼߼ߺ۴װԧѤ̡ɞƞŝܜęęØØØØØؗ———⿔⿔—Ø—ęʟӨحج֪թӧѥФϣ΢ϟ̜ɜʠˤϫ״ححح׬׬֫֫֫ժժԩԩԩԩӨӨӨӨӨӨҧҧҧҧϧϧϧϧΦ̤̤ͥˠˠʟɞǜę⿔⿔ᾓདྷདྷ—ˠҧԩժ׬׬׬׬ٮ۰ٮٱٱڲ۴۴۷۷ܸܸܵܵݺݺ޻޼߼߼߼ݹٲխӦУ̟ɞǟƞĞÝęęęęęęęꗗØØؗ⿔⿔ęŚØŚΣ׬۰ج׫թӧҦѥФϣϟ˛ɜʠ̦Ьٶٮٮٮحح׬׬׬խխխԬԬӫӫӫӨҧѦХХХѦѦѦҧҧҧѦϤΣ͢ˠˠʟȝƛ—῔߽—῔޼ȝϤӨժ׬׬ححٮٮگگٱٱڲڳ۴۴۷۷޵ݶ޷޷ߺߺ߼߼߼޷ܱ׫ӦϤ͢ʟȝƛŚƛƛęęęęęęęęØŚƛŚØ——ØꗗȝХح۰۰֪թԨӧҦФϣϣ˥ȡɝ͠Ҥת޵ٮٮٮححح׬׬֮֮խխԬԬӫӫԩӨҧѦХѦѦҧХѦѦѦѦХϤΣ͢ˠȝŚØ———῔Ś̡ҧժժحححٮٮگگگڲڲڲ۴۴۷۷۷ݶݶ޷޹ߺ޻߼߼޻ݶگթҥΣ̡ʟȝƛƛƛǜƛƛƛƛƛƛƛƛęŚƛƛŚęŚƛęŚȝϤ֫گ۰گ׫֪թԨҦѥФϣͥʠʞ͡ҧװ޺ٱذذذذׯׯׯׯׯ֮֮խխԬԬԩԩӨҧҧѦҧҧХХХѦХХϤϤˠɞƛę—Øęę῔—ǜ͢ҧժ֫׬ׯׯذذٱٱڲڲڲڲ۴۴۷۷ܸܹ޷޷޷ߺߺ߼߼߼޼ܹڳ֮ӧФ̡ˠɞǜƛƛǜǜǜǜǜǜǜǜǜǜŚƛǜǜƛƛǜȝĜɡШׯ۳ܴڲذح׬֫ԩҧѦϤϤͣʠ˟Х֯ܺٱٱٱٱٱذذذذذذׯׯ֮֮խ֫ժԩԩӨҧҧҧѦѦѦХϤΣ͢͢ƛƛƛŚŚęؗęɞϤӨ֫׬׬حذذٱٱڲڲ۳۳۴۴ܵ۷ܸݸݺݺ޷޹ߺߺ߼߼߽ܹٵװӫХ΢ʟɞȝǜǜǜǜȝǜǜǜǜǜǜǜǜƛǜȝǜƛƛȝɞȠΦܴ֮޶ܴڲذح׬֫ԩҧХϤΣ΢˟˟ϦӰٺزززززٳٳٳڲٱٱذذׯׯׯ׬֫֫ժԩӨҧҧӨҧѦϤ͢ˠʟʟŚŚŚŚŚęęę̡Хժ׬׬׬حٮٲٲٲڳڳ۴۴ܵܵܵ۷ܸݸݺݺ޻ߺߺߺ߼߼޹ٵ֯ԭѩΣ̡ɞɞȝȝȝȝȝȝǜǜǜǜǜǜǜǜȝȝȝǜƛƛȝɞΧӬڳݶݶ۴ٲر֮խԬҪѩϧΦͥΡ˟Ρԫڷزٳٳٳٳڴڴڴ۳۳ڲڲٱٱذذحح׬׬֫ԩӨҧԩҧХ͢ˠɞȝǜɞǜęØęǜʟ͢Ө֫حٮححٮگڳڳڳ۴۴ܵܵܵݶܸܸ޹ݺ޻޼޼ߺ޻߼߼߸ܵװӬѩΦ̤ʢʟʟɞɞɞȝȝȝǜǜǜǜǜǜǜǜɞɞɞȝǜȝʟ̡ծر۴ݶ۴ڳٲٲ֮խԬӫҪѩШϧϣ̡У֫ܵٳٳٳڴڴڴ۵۵ܴܴ۳۳ڲڲٱٱحٮٮح׬ժӨҧҧѦΣ̡ɞȝǜǜɞǜƛƛȝ͢ҧժ֫׬ٮٮٮٮگ۰ڳڳ۴۴ܵܵݶݶܸܸݹݺ޻޼߽߽߼߼߼ݵٱԬѩΦͥˣʢˠˠˠʟʟɞȝȝɞɞɞɞɞɞɞɞɞɞʟʟʟ̡Ϥҧ۴ܵݶݶ۴ڳٲٲدد׮֭֭լԫԫիҦѤѥѦΨЭұ׽ٳٳٳڴڴ۵۵۵ܴܴܴ۳۳ڲڲڲٮٮٮٮ׬ժԩҧХϤ͢ʟȝǜǜǜŚƛȝˠϤӨ׬ٮ֫׬ٮگ۰۰۰۰ڳ۴۴ܵܵݶݶݶܸݹݺ޻޻߽߽߽߼߼߼ݲذӫϧ̤ͥˣˢ̡̡ˠˠʟɞȝȝʟʟʟʟʟʟʟʟȝɞʟˠ͢ϤӨ׬߸߸޷޷ܵ۴ڳٲررررװװ֮֯֯ԫԧ֨ըӧҫկܵxca-RELEASE.2.2.1/img/template.png0000644000175000017500000000257513614632167016023 0ustar tewardtewardPNG  IHDR(CODIDATx͕$Y|%xm۶m۶m۶-m۶=Vn|_A)^4oGn޶a¿=|Pn6o T0m<_D7:{=mW64~to=Sz<$.QQU6ʝ+Ń}OZ\ZaLH^huIr89q6{{V>ޠcU+oŗ,Y(%!3CBeW)^6ȫV4?994U-rt3f6gT`cqKru+vha^^9g֤xM /LOJN篾JAjj:y<3> CE(g(5&FdmO? lFw۱+Bs__R"iAl%ʑ#Ҍ2o6mfT$[T ) [Ti_}ڶ] wtR)fkhQ=z5>p]Se^p™X* }YQP!x+@ȸ,0 $'gBš0L'g !ʗ-Ii'{K{tA3j/[t=brXfr0\ .bSS}eP Y+vvvvvvvvvvvvvvvvvvvvvvvvvCkppppmU4vvvvvvvvvvvvvvvvvvvvvvWopdGhpppl9vvvvvvvvvvvvvvvvvvvvUoppC Tpopp^vvvvvvvvvvvvvvvvvvv$l]bpD/FUppj:vvvvvvvvvvvvvvvvv(#D?*ppp[PfHKKKKKKKKKKKKHvvvvv&)ppp`O\\\\\\\\\\\\\\Z3v vvvvF2ppp`_qssssssssssssrqi vv E0ppp`XiaSXcHNVHHVB6;@,vLIIbY1- 5ppkAeb(#b6Λ+]&bXQ,)m `n7|ؼ_p0p$ERnנA;X'c^$]GrQ}u('sz-2$I 2Bj呑шX"٦9zָ"sl"3RpWYX6duxfJᢒok/C/ Vc߾ڶmGmێ^N?zZϝ"">^EdTZ0(M'Vc$A0ڵ&|({yp(Gc3Fҕ7Oj tR&N*2glVxhhd;w5UV)>CBTiMu #RQʽ?fv Y&Lx||T%(=u|%lvGLTVbm&=gRD\\1 B3XVI>{&].l(VQCQx\J ܃u +<=MFELO_~ Ǐ.q$+VySgĽ' 4ܼyG޵r-9$$L$n1HDŔzJ"B|8p$dWSougbT3GGǩZ"UI[lo #WrBFGsQdB(K̦߾!N=m>d2q]hHH8#^^ɓB4)LE /}u/C@épwW`6K(C 0#ٿ'#}M#^T.'ӽGoxN.46Oi@D"CLs.s0'dF _^|#Ȳ7o NiJe_cs$!K2epw?g2P@a9TK,r!B4@q1W j!Ӄ_GGG~! _CJIʥ(IB‚W?-m1墏b$ gxS\aOp_QliҦ4-fÇ_CIqW7ɴhS n۸ o`$Jr8v!cfP*}8 K[ Q ( /BHp!QHԮC\S 7a2m>=w[ [KGA8:d\0;ZRW UTz<͛Nr S5q !-f]!w"qXUNcZX@@ "*$ɈD"8Ѵ0*JvYˈc iY`ͦ#)oS}fdWFbwO8gJl {NgB(d&GGcANu8233,f9D5da+F'"B5-$Οv/~pϞb1 il32 k!%$LnxvhH& )'(M_iPuHG9P]<qQqkmrcx+\ !0'8ef/txBJ`qvmT{lLxdFJCv"fUPmayY^TGm\}e\KSVAnnNQ^\ciKOlHOpK^h8U'dJHp~d# [c\Wd}y]W`a j"%$MoywiH& )'(M`kPwIG9Q^=qQrlotez,] !1(8fh0vyBKaswnT}mMyeGKCw#hVQoczY_UHn^f]LTWBnoOR_]djLOnIPrK_j9U(eJIrf$ [c\Wd}y]W`a j"%$Ot~|mJ&)'(M grP~MF=VdAqQzsv|k-` "3);go3}GPgx}sYrQjJOGz%n\Vvi]"eZMuckdQY]FqvTWebkqQOuNUyJep<U*kJ Ozm' [c[Ve{\V`al8mknn@n1 x3LOFnZuF NyBV"]vDekjjjjjjjjjiq9svW%e^it32&O(:WeabbdbR^];(Shx }mQ0 &l x8  H ejK jqlHl~) o8 k_ QwYe tD9bY .E \-  SR%?"cb  i Q)%p} 2 <#dS/ 6@4mk'yrZFs"Soԟ #R(Y .n7  z9~QbunfƽYng$MYxk Is'7::.vCeOhH<+/N(μ;'@Fܱ12D   yhTrDCxSjdf1h\r'lNK`h% :"Lyf|yZ&sM2~p9FwN?LIIKE>EHIQWQGHHLRKFIGPXKPTJTRGIHJHCPMO=6LHHILLGNIEX;$HRGOLz}b #_Yt"vxtuuvsmsvtsqtutstusrusrussutuvstswxtututuuqw|usuq~]W=y$IG.)bp  v O6_VWWXYXWVWVUWVVWVVWVTVWVVWW>$8`NwR.AiQj\Q Q0̀˱q05oB =Y. il (Dս˷6O3`B+Tj)fs^J|˹ ԽFP1aO @(WnNZVd7 xP1`S vn :] > Hy} {S3Eaixzzy|tbA (:XfbccecS_];( Tkz oR1 &m y9  I flL lrnJn) p9 m` RxYf uE;dZ /F ].  TS$?"dc  j R)%r 3 =%fT0 6A5om'zt\Gu"Sp֡ $S([ /p7  |9QbwogɿZoh%MZxl Ju)8:;.wCgOiI=+/O(Ѿ;(AG߳12D   yjUsEDzSleg2i\¥t(mOLai% :"M{g}y\'uM2q9FxO>MJILF=FJJRXRHIIMSLGJHQYLQUKUSHJIKIDQNP>6MJIJMMHOJFY;$ISHPMy~c $`Zu#xyuvvwtptwuttuvuvtsvttutuvuvxu%yzuvvuuvvuvwsy}vtwr_X>y%JH0*cq !x O7`WXXYZYXWWXWWXWWXWVWXY?$8aOwS.BjRl^RR1ʶs16pC >[/ kn (F׿½͸7P4aC+Vk)ht_L~͹ ֿFQ2bP A)XoO\Wf8 wR2aT wp=|)XpCKLMLK LFYP4^J _y6&|xqsmims tn{ yR/bB 7 WTV {DRhbdbN^nijjljXed?+ Zp vW4 )t<  N msP szuNt, x= ug Y_k }I>k_ 2K c0  YY(C$ji  q X-'y 7A&kY3 9C7 us*zbL|"Yuߧ  %W *^ 1w;  !9Vfzsj]sm&P]~q O|+<>>1ClRnK@-2R*=)DJ35G   yq[zJISsjk3m`ʪx)qQOdǶƍ¯n' =$Pkya)|R5x=KTBQNIPJAJNNW]WLMMQXPKOKU^PVZOYWLNMOMHUQTB9QNMNQQLSNI]?'MWLTQyj%f_} &}~~|v|}}{|~}|}~|{~||~||~}~|}|}~}~}~~z~}~ye\Ay'OM2,ix  # U:d[\\]^]\[\[Z\[[\[[\[Y[\[[\]B%:fRvX1FrWsdXX3Ҷv69wG B `2su +JǷտ9W7gG-Zs,n{ ePպ IX6hUF,^vTa]k: wX6hZ wA+^vGPQRQP K^!W7dN e:)y{uou{ |vxX2hF; ]Z\ GUlegeQ?Pegf gapYRPJbi.&%] Or߳NN!aK_u?`.QǂƓƈƋ= Su2ND4hy.i JL܂ߓ߅ߊ=S74Y]f/.?<=DpsrsuaMbkerusqwiZnvrs0qw}4Su0%dMf "} {uxwwuw{yxpfopluyxzrkuyxtgN`]YqO,f}- #cpDFGFHLD1&2FGFHIGFEFH(}%T s fi&Lz}@7pWw+he(b+,(.Mb Kix&3-oql i Osk FQb;  qYE  3 P ,P B Jcu 'kpZyH'~'>%N$8kpCB M D  ?d C  N Z8Jhq}jF t8mk@ Ie Esץn>% 7ɨ\-,niV=E@F^EH5[n=(b= =!AMK)P @ X?/z0s:02$ +m(,4v}'Y%,YQ5G+^Co' iVaʬsӷ."lM-fRdv- ?*bb[  `Rq^ ݥؐ^|l8AdeHk(z{Y:q"o̢?~8w ٓ;[m]r me9{<%3ԊH'(}qE聓ܸ6D6._j,jOt3/ f 0(a7K?+.]"is>>BxA ]qUhiYY+0Th.u0DiʕdgAeGsB-,q)|?Pk,̃P 5ȊfA9_Ob2aV5\[*#=ֺy)Asy1(Yy!SGU1bU:.s %w^vy>'j6[ްizm#Nz1Սs(M;&Sp ŋ&,.}Mb f+=E t/#6cD;vyYL3pJs51R!g NUVE&)Lqxs}m؄unLtjïۼ@I|` lG9MWt4?Ťv֮x|շq94BWSzcUh]FX{e,x@H"5a 6όyoa.o7om VhŇW{\?q˖OqȽźƹktXѯO蓠S &ł|JbkHQޠuqDžPцK-w]kI":ÉmY0Ae[]3&:$hv}(?9U}2| -AO5fWxmQňte3 Ae۸Stvm2M{zIn׏*nphb04īy^ObJˋx~X 7^wrC)@뎒5}VQVwO=RfE| ,0ջ ;kC _bČ>La8 Z04 P@tyɚ4p魴v 1KKE@ DI/U|$.W;HF x Ѡ$JQNڤL d- "%]S.9h*9?Rp#BϛN.@|SV+uLm%_g=uvԄ`R;Lp٠ō$0V];Pod( ׼`mMn"rCw@0rj~"͇{@Ƀ={*K#=-Vi> NTP"|<{e{ yu|ä>JHƤOح$_,望 ^ Aaݑk2G$ǟr#@߷ֶ0B 52ޛ/ZUhU“$P{)(+)|b} v+4/aTӮ̮D Y;/Rx>MBB`f{z;`$k/2tKa/l4em+t7NQֲ8Ѥ%@;G;FƧȠ^:VIwN5  ?0J)uIY~dcjɌ<<}x^ӏ/ ^0Y@K ŒP_TV =apKSGJœY֨<Nϣ-y/Hja6䕿:SF A "FU0F;^:4)2\E-C"t[W3}יJHbAI܏q$ďpqeIq\s?ذ CBYEZ/L}]Wg>ov2 p wk6fPao iU ŭSML4 %~pŊ͟Ѡ}dYȂ  1iEUh)@nH%^ 'EO+ v&F o ݷehF#ѯLpI\zVE0iDf@^c 2T-ŗ 0:*oރ!bt)$_c+e)rژD>߬WDdu³x5 ޯ^` ^)$KRϸpwR~t)$ -cWw޻{=r.@S)f$*>Cm4l#J" VOxٛ@>epeZW0apslMp`.Β2wx<!ḳrۊ vA.%CC?JK$FѐP1'xv2O]萡ۊ m66oksnj{ t<I*:=pc*U21ȐȨn[yνF&ZL^n޿8CO',95CEÏ|]^YJoQeJ_09hwWVlwєV;X 8yQʋ^-gǵ8FqEV;I[cĊŗ^Z9|3jx9q8$^XG쫪U*`I跇#Jy{0 ex;Վ oUȚ~zU@Zo|>)`?Ġ:v_ݫ/մu7:VLF$Cvgfq[hUi$t ZxEg,q1 JWeœ8 wTgx:, ?R~6r|3.`)m۟aZs]A6m\.C2wpۯPF1+ m` jaEz9h歹]z#uԳAĬtIXC`|J&B?/v#zkSpx$Hτ$b[ť^CClĞ!\eBo1~!7?N9:U2yэ6hׄ́€KD0N3/gMEY;#j&x}kX(r鸵T+&V#!X0iɦbqmG=1C2LOR|\yv=+,VTY,{Z'w$!*j۟--HNʏ ) '}f7[iG 8)qSaD,SXTCBZI™[6jy?z}t7M*mPgx5ePtQ$$0y,T"VuQ_+ EPi@cӮ:.[;N(#֨c-vgw&ֶ8%3evZKǸ8OM1dMi $ :|9M 2Q}|)5Gs̾ڰ$T'hLX|k@Y?M8?T?2qC̚u5/=dCTY@u[k,kW=,.VB BJ/ڳ:qJwpہMa]y}ԑ"8W敳k¢fCPZVއGd|1"AuYxu I)em˯NJcϪ+#m$; k"ȝQrۗr+_ N@NUBH~J5mmo"JGHE><]̏zfd3IƭZQԭa+ʗ#wp_jF /_ԏgamt2doJ!{l$\@\NޮVQPݍ8C/=jk``iw+DA6)eS DeqH;7B3s}q(hƍcӋ3+vQ%VYZ/7V[쁦.$l]갯CN')zXke$I8t7rDJ qs;k-ﱧG=HA3̻/r8` TI RATlo5k;j P^OKSouk#ӃruTHO>1{^g?pl%}b8 ._1MvMB Jjnx@ A"CC yRD!jURE~صo׽:\^4YF޽B@A#RRc)j:5> IU y$xɑ{ D6ԙ;;S,l/ao}]ɐKzSy_ZsA.lb QBKMw'[?0l&_/_^(aG$8v'uY2YaY^9# ܲq*wv!+Tz],ʞRTݔ094K7( B̘O+^_KI b ZF`QuU33UZb{H* %C&Qe?Lѧ0v|l͒gGusKxb({5L;W7H=NN5F`zibThqto^ ;f*^j}y*겺ʀGwХUGcBia*: Nj¨~PC<!V@7Q2!YÉ؞g]cXvI\48Ze:) R'_:5* ?cߔZ-WƃrD,E}Z2+~EklQSChi?`(+rU{frD$/鄕ʬp Y# -ecO'l?ٻ;N7s(x x66YsIr/<5[W)2a+.i*5S OaܪxUuI8H 0z6u0Y@jOGJ8z)Cx6F/ZoBUUUUj@XM~u 5 T#7)6mmmH6NI$aURq$lg^`RrI$I$I F`m8n=°ѐ2ń~Pjk@NlNǾU~RmmmiqJrH@⌐ $Mb``B,j_ !Jpkjs5T Rh8;WZpvYTac.pMKg>m7iW ԰=op\}n;f#ksSC)^P *r2!8[jA +2Vg8Z@d bb0̗LHj3G\;dJyD7 F=r19Hto`hU=&I 7׀iXBȏF+Łu_4?nESw[%;g;Ԁzh!x< X̭zlQ0&cNBL IOyo$vBv%bG!B"ޭ9(4¤;R2"-O&fLPlvzVOVI}x7cN"@z|Ls4ArGͻb_˒һ4EX s1_b Ç`dj <pi< @܅ ۉZir"aΔ 8h:@dG`L{FQa=&҅t ):]/j[..kMd 0h+SBvHiںמgwGD<\+բ`:1/~?^R.~8Kg @V/GgqvAQl3! 1EKw[C.ǟxP+̓`>j>?Goph6u#Nr%jj "E ZՃ@90#}-mt"e#Ɨִl~i)NW=8Щ橲b˄;j@̏m&1oM$tBsXw's ^֜t02I<ϰ 48#ᶿI3eIKd|p# o~F[#J#r]=bdElTãM1N<3 rT{:JY*ilR:6-kZ zFR 9].BUaX2'i|-OLyI UqO8JPH$Z669GҰ"j=jʿqS1)`uq7G)ݫaK5{JN놼FՃ\~[K $J֦)β]Z~y$G|T4m0Hwc,,VG/e$.x+I$Q _^RYJ5hYO=զ5(0޴ǝ*-)Y01ZAU`Aknw09 *`tU}*0K Y: [/r.e ~bdxk7jF I *s9ר (UЮDn_GG639ZXr|>q /#4;xY &DFJYt[ Ux2*Uq JFX"qkzC+zT|`f!r} ^"bzJjk;|Pk/X\oGwc)G!P&KРB%=_HW.׆<%-6E:y|$~,:og]2Q9410vQV6CH?b lQJ0-qT^m)ҎQ_3xkrvt~nN "qUS7 ϓ%\ˀ}`^j1 jB^dH8ygʉb=&:W}/sUG }F8𠿅Pn&d`(dEOvd1Kخb:wP8GpCڞ9tWNY%D.WpKb>=T\-(po0Iq#26El]Y`4 /T5!ǺWX$唦$B3e@܂Z`~lzm9PMJPn9bR" g[",_x%e-,)ule~hAU4%/LǧS}ghpV NFd %\L-yԻr|G$2뭮:/x|BH h-OAh(qV#2 XD.2JfSFږPߑ s󺧪G#\*= yh ?9, jVN r7;=T~@> n *zPθUr!&v@]T$gMH3lB#zHTWchT:Ǐes7!ZoJW7 k&eg "}J=>2i{<n0kH! 4P aI SҫKG@s&%ŃBgCX mv _ܪ5i-_*H'GV' mLn0mA7 rd?>]t|sM%x D2ic09/ jP ftypjp2 jp2 Ojp2hihdrcolr"cdefjp2cOQ2R \ PXX`XX`XX`XXXPPXdKakadu-v5.2.1 .{3>B0€&ԀeZF yS;Wl< äP1"0*2ǩAI$/`8G,?0CP4M:2cJ'*M[3;1fjց:8"M(_Z;^W=CZ&+i-pg9cW ܃d3'?pƭZ.4U8 +t`T&Z!yr:arHi= ņ8<8Pd+slMMTE.{T/̔= QY*TJ4e siZ$tXMv+OByJ>OhYaw8*k.+=E r0YXf4K<\ pc2MolY!caظ7܁: kC 2&t8w:p\Fxj:.C$ | 8כ(X{H.ǂm$6Cr-iwyNAUucύr8T&q_ b[Ͻ%?;8,:+쬨(iȾM*s9#ǭ^d?in x]hP}qՠiOUñAMsq\A<)ꎦW$ @7@MцK-=ƼA=󬰿s}y/l{?$=v;zʅ}2| -@8Ĭy"K4ƧO+̈́XH?ik?v]0O[q8a$׷xL# -L?JKp6+KRM6$2#\o,/noEn @:kBzN;/Coڷb~]'m~>18LV20B&ʈ>C4-[^V E@ DI/U|$.-FEܯ<]PQ7@H=B1I 7 HeoR*/,up\HjL:+uO"ZjD @2EWacJRT-'SxVX-%α {7Kٱ?ݢ}N gvI6,i42!獌DUI4I%P6^ |S*m~2/ 9Y0U@@L>dV $; U 5FzZzF<{e{ yu|8å>J`fGx8ڡ-*nPV< qt1 A0r5폟u+b2U )XZ3!ɘ^Xr;Eqwy=2jLQ7W5|htaJ~e/~  ]/qmkDYQԄ]Ix̨\ͺd 3}1DWU m'}rK: IK_0u;I;Lĵ[rJyn.f'.YVlyLkOaHvg;ZmZa+:ZWΕq'@H0Rjx[WM|:aXNLLGTJpE;_-vuVnEU7#*O<<%d{jd0/RQ/iܬߴ|# Z~')q\! ؆8]n'bbýwc[#T[07 {d {/hi.5&j v7,"ђXϜ܁Sl ("ջ2I}fpBZ8U[fIn)b o`ks +S{Śk+KCaKb1g vlVDMa(1l!|BfP^&CN 'g}yV)-3 m`UX2QT^a GnΆZm]1ܷ=n|qY°SŸIȃl1#9D(kD #VrݧfVD%%KOyW<7 WSLk\Qс&U p/ ID}wTjӢ?hAa˝a-AkK|GhNQwh;| E9qUl/fwAY,Ѽez?WuPca+߄Ol? 9asSRZⒺɬssq}R'$;TN0o"YD?49X懗 hކRjHĮR]]u+TЇܘ;66?a]%}.ƛ~m@Xĭ$t㦿Q|6/5C,d DXEs4r!;"^&5 ceoL} H`Btw쨾{pA`0d6yJG_hD!ƅ& FډfK1mS#N$LB7ڲc?(Sm(0n h]1wrףq,!f-#?BTA*eP';$cA#M.z4U +T (= DRO1Ie|Cx%+ar3ZGҐy W+udEE}xv,eb{d^V780ri}]=O2F704Jv*>FqtJ7wi㜱7"_ WgHp8HqRZw&]`>"A .IñZV@$VvN]=V6ʈ{L,]hƟ||80 ;POPB97^~RE~& 0;CY+^e\m~MBMP/d9Υx@?#{PI~G_?+oN`Q"ػ{ةh_K(,PuuE%j 7˦ 5FOKEla c. } ,3+BA!Kaaa-i~Eۼs'^{3h[E Nt^'Ϸ͡{c'Zv6b5¤@1vүZBg^c/TgWYV 5+TcS3`vo:BN f %[}p!yXw*AlR [F:Y0,\A)x(7Qytyd_ނ%$ZliE<{+%Iz8UM(M/^XLkx[ʟz\#Q,Ieu#PAsʎs"\F"ݳ$DJwiˣF{C[!}0=Xܹ)_ӰllsXA$i 5򩓺E\_ɟ; ֙nb[po[h)zv}@N;s] h6T !\NMILå&1d/Z2Viacmx:K Z\ԫqꙸv1dkg,j 26"y_Wõg{GD:ZIªX}uxZ:?יe ]ڨ9OZ0ԏUyD}9 !Nήuz3JN (#g[HՋܫR:}?/lz (=@z7~eԃeMTm;Ba)e_GKڱP kMĎQO6B|F'I23=S.p-' Ӟ©s l1Pn_$eWc{pmvb,77Q|EV*Db:ڝ)dҥ++:|CZ)9m Nwc&3@:iap(=F KCx\'-C<'(I_]"jo|_8@u:mM-dOpz:5XO}>w!PdKBQJ[bUL c,Nނa@MoEc%:Ժ1D_a%aMUUnԔ>j3"LV rcml`q SI*a]1ڧ ,zEK$-f[= E|X뿦1;$:yp K9;f~@?v5bkOxUK4~ԀdOxYk5#p2!2doJ!{l$\@\NޮVQPݍ8C/=jk``iw+DA6)eS DeqH;7B3s}q(hƍcӋ3+vQ%VYZ/7V[쁦.$l]갯CN')zXke$I8t7rDJ qs;k-ﱧG=HA3̻/r8` TI RATlo5k;j P^OKSouk#ӃruTHO>1{^g?pl%}b8 ._1MvMB Jjnx@ A"CC yRD!jURE~صo׽:\^4YF޽B@A#RRc)j:5> IU y$xɑ{ D6ԙ;;S,l/ao}]ɐKzSy_ZsA.lb QBKMw'[?0l&_/_^(aG$8v'uY2YaY^9# ܲq*wv!+Tz],ʞRTݔ094K7( B̘O+^_KI b ZF`QuU33UZb{H* %C&Qe?Lѧ0v|l͒gGusKxb({5L;W7H=NN5F`zibThqto^ ;f*^j}y*겺ʀGwХUGcBia*: Nj¨~PC<!V@7Q2!YÉ؞g]cXvI\48Ze:) R'_:5* ?cߔZ-WƃrD,E}Z2+~EklQSChi?`(+rU{frD$/鄕ʬp Y# -ecO'l?ٻ;N7s(x x66YsIr/<5[W)2a+.i*5S OaܪxUuI8H 0z6u0Y@jOGJ8z)Cx6F/ZoBUUUUj@XM~u 5 T#7)6mmmH6NI$aURq$lg^`RrI$I$I F`m8n=°ѐ2ń~Pjk@NlNǾU~RmmmiqJrH@⌐ $Mb``B,j_ !Jpkjs5T Rh8;WZpvYTac.pMKg>m7iW ԰=op\}n;f#ksSC)^P *r2!8[jA +2Vg8Z@d bb0̗LHj3G\;dJyD7 F=r19Hto`hU=&I 7׀iXBȏF+Łu_4@7+z/z2 _uп";gݯzh!x< X̭zlQ0&cNBL IOyo$vBv%bG!B"ޭ9(4¤;R2"-O&fLPlvzVOVI}x7cN"@z|Ls4ArGͻb_˒һ4EX s1_b Ç`dj <pi< @܅ ۉZir"aΔ 8h:@dG`L{FQa=&҅t ):]/j[..kMd 0h+SBvHiںמgwGD<\+բ`:1/~?^R.~8Kg @V/GgqvAQl3! 1EKw[C.ǟxP+̓`>j>?Goph6u#Nr%jj "E ZՃ@90#}-mt"e#Ɨִl~i)NW=8Щ橲b˄;j@̏m&1oM$tBsXw's ^֜t02I<ϰ 48#ᶿI3eIKd|p# o~F[#J#r]=bdElTãM1N<3 rT{:JY*ilR:6-kZ zFR 9].BUaX2'i|-OLyI UqO8JPH$Z669GҰ"j=jʿqS1)`uq7G)ݫaK5{JN놼FՃ\~[K $J֦)β]Z~y$G|T4m0Hwc,,VG/e$.x+I$Q _^RYJ5hYO=զ5(0޴ǝ*-)Y01Z@>۠_tMDݺmpd@n09 *`tU}*0K Y: [/r.e ~bdxk7jF I *s9ר (UЮDn_GG639ZXr|>q /#4;xY &DFJYt[ Ux2*Uq JFX"qkzC+zT|`f!r} ^"bzJjk;|Pk/X\oGwc)G!P&KРB%=_HW.׆<%-6E:y|$~,:og]2Q9410vQV6CH?b lQJ0-qT^m)ҎQ_3xkrvt~nN "qUS7 ϓ%\ˀ}`^j1 jB^dH8ygʉb=&:W}O/M/"]~9ePK(Pn&d`(dEOvd1Kخb:wP8GpCڞ9tWNY%D.WpKb>=T\-(po0Iq#26El]Y`4 /T5!ǺWX$唦$B3e@܂Z`~lzm9PMJPn9bR" g[",_x%e-,)ule~hAU4%/LǧS}ghpV NFd %\L-yԻr|G$2뭮:/x|BH h-OAh(qV#2 XD.2JfSFږPߑ s󺧪G#\*= yh ?9, jVN r7;=T~@> n *zPθUr!&v@]T$gMH3lB#zHTWchT:Ǐes7!ZoJW7 k&eg "}J=>2i{<n0kH! 4P aI SҫKG@s&%ŃBgCX mv _ܪ5i-_*H'GV' mLn0mA7 rd?>]t|sM%x D2icnV Bxca-RELEASE.2.2.1/img/halfkey.png0000644000175000017500000000327513614632167015631 0ustar tewardtewardPNG  IHDR(FIDATxV m۶mmm۶mF[PZsQʔU.2MGG홙畕pU4NiLL񍍍mmm===)uuu[mb>|*Z^^ Ԡ--- ɊλyzJlE7Օ r;_y7H_qq1222P %@5AeL>11֢"#HoMW_} IIIʚ/{1_b 1 YV^\9<O>ALI~WWjj_D^^d{tϞ=EEEB\ t4/ʅ"H$R^zm5Vv~AT/ȿQ8C .PJ?%%%w`nPmO?4a#*QYチTH*#iH%%}1Rc~ڿ_#<}矝lͼ^]_[;~[jT:L_ZZ*Q 凇{M ouuaJADޙgACc<_#:p'N^ݷg>;񵩩)LOOcvvv}~~ ϛFFF%A-[<]R9A-ETlSS*χNy-I1د G.Grtuŀ&41hf%#q#-->}-͠WtwO7z1M-'wgZfsᠻNNNHLsρr$Z+-y+I8I8q(l184abll ~PÌ*bqqD{zzMK.y - Ɋs5 p <2V {.Eji:=-h#-%68a``CCC1J4m۶=ʝ!!BN $hk Փ`fm0|n[aw UO('WOr ۷k(UTTn *.@b"'N3/`0EGrr pvqD D$(RwN'vp{饗~Lv _~y]wHNRrJkFkEjZ+xOyU't-Vb%hO}>lR(P/IENDB`xca-RELEASE.2.2.1/img/.gitignore0000644000175000017500000000002213614632167015453 0ustar tewardtewardimg.rc imgres.cpp xca-RELEASE.2.2.1/Local.mak.in0000644000175000017500000000140713614632167015050 0ustar tewardteward # WARNING: This file will be overwritten by configure # @configure_input@ export TOPDIR=@abs_srcdir@ export VERSION=@PACKAGE_VERSION@ export HOST=@HOST@ CPPFLAGS+=-Wall -Wextra -DXCA_PREFIX=\"${xca_prefix}\" -DETC=\"@sysconfdir@\" -DDOCDIR=\"@docdir@\" @CXXFLAGS@ CFLAGS+=-O2 -ggdb -std=c++11 LIBS=@LIBS@ MOC=@QT_MOC@ UIC=@QT_UIC@ RCC=@QT_RCC@ LRELEASE=@QT_LRELEASE@ LCONVERT=@QT_LCONVERT@ CC=@CXX@ STRIP=@STRIP@ WINDRES=@WINDRES@ DOCTOOL=@DOCTOOL@ MACDEPLOYQT=@MACDEPLOYQT@ SUFFIX=@SUFFIX@ ENABLE_DOC=@ENABLE_DOC@ PACKAGE_TARNAME=@PACKAGE_TARNAME@ QTDIR=@QT_DIR@ INSTALL_DIR=@INSTALL_DIR@ prefix=@prefix@ exec_prefix=@exec_prefix@ docdir=@docdir@ htmldir=@htmldir@ mandir=@mandir@ bindir=@bindir@ datarootdir=@datarootdir@ xca_prefix=${datarootdir}/${PACKAGE_TARNAME} xca-RELEASE.2.2.1/misc/0000755000175000017500000000000013614632167013650 5ustar tewardtewardxca-RELEASE.2.2.1/misc/TLS_server.xca0000644000175000017500000000147413614632167016403 0ustar tewardteward4 0 validN365validMidn0 validM0 subKey1subAltNameDNS:copycnnsSslServerNamensRevocationUrlnsRenewalUrlnsCommentxca certificatensCertType2nsCaPolicyUrl"nsCARevocationUrlnsBaseUrl(noWellDefinedExpDate0kuCritical0 keyUse23issAltNameekuCritical0eKeyUseserverAuthcrlDistca2bcCritical1basicPathauthKey0authInfAccadv_extxca-RELEASE.2.2.1/misc/preamble.txt0000644000175000017500000000030213614632167016173 0ustar tewardteward# The path of the user settings directory depends on the # operating system and version. # The path where XCA looks for this file is shown in the # "About" dialog of XCA as "User settings path" xca-RELEASE.2.2.1/misc/TLS_client.xca0000644000175000017500000000145013614632167016345 0ustar tewardteward 0 validN365validMidn0 validM0 subKey1subAltNamensSslServerNamensRevocationUrlnsRenewalUrlnsCommentxca certificatensCertType5nsCaPolicyUrl"nsCARevocationUrlnsBaseUrl(noWellDefinedExpDate0kuCritical0 keyUse29issAltNameekuCritical0eKeyUseclientAuthcrlDistca2bcCritical1basicPathauthKey0authInfAccadv_extxca-RELEASE.2.2.1/misc/xca.wxs0000644000175000017500000006036013614632167015173 0ustar tewardteward WIXUI_EXITDIALOGOPTIONALCHECKBOX = 1 and NOT Installed xca-RELEASE.2.2.1/misc/xca.xml0000644000175000017500000000056013614632167015146 0ustar tewardteward XCA database XCA template xca-RELEASE.2.2.1/misc/copyright.rtf0000644000175000017500000000441713614632167016403 0ustar tewardteward{\rtf1\ansi\ansicpg1252\deff0\nouicompat{\fonttbl{\f0\fnil\fcharset0 Arial;}} {\colortbl ;\red0\green0\blue255;} {\*\generator Riched20 10.0.17134}\viewkind4\uc1 \pard\qc\ul\fs32\lang1031 XCA - X Certificate and Key management\par \pard\par \ulnone\fs16 Copyright (C) 2001 - 2020 Christian Hohnstaedt.\par \par All rights reserved.\par \par \par Redistribution and use in source and binary forms, with or without\par modification, are permitted provided that the following conditions are met:\par \par - Redistributions of source code must retain the above copyright notice,\par this list of conditions and the following disclaimer.\par \pard\ri-74 - Redistributions in binary form must reproduce the above copyright notice,\par \pard this list of conditions and the following disclaimer in the documentation\par and/or other materials provided with the distribution.\par - Neither the name of the author nor the names of its contributors may be\par used to endorse or promote products derived from this software without\par specific prior written permission.\par \par \par \pard\qj THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\par \pard\par \par This program links to software with different licenses from:\par \par - {{\field{\*\fldinst{HYPERLINK https://www.openssl.org }}{\fldrslt{https://www.openssl.org\ul0\cf0}}}}\f0\fs16 which includes cryptographic software\par written by Eric Young (eay@cryptsoft.com)"\par \par - {{\field{\*\fldinst{HYPERLINK https://www.qt.io }}{\fldrslt{https://www.qt.io\ul0\cf0}}}}\f0\fs16\par \par } xca-RELEASE.2.2.1/misc/oids.text0000644000175000017500000000161613614632167015520 0ustar tewardteward # OID short name long name 1.3.6.1.4.1.311.20.2: dom: Domain Controller 1.3.6.1.4.1.311.21.1: MsCaV: Microsoft CA Version 1.3.6.1.4.1.311.20.2.3: msUPN: Microsoft Universal Principal Name 1.3.6.1.4.1.311.10.3.4.1:msEFSFR: Microsoft EFS File Recovery 1.3.6.1.5.5.8.2.2: iKEIntermediate: IP security end entity 1.3.6.1.5.5.7.3.1: serverAuth: TLS Web Server Authentication 1.3.6.1.5.5.7.3.2: clientAuth: TLS Web Client Authentication 1.3.6.1.4.1.311.20.2.2: msSmartcardLogin: Microsoft Smartcardlogin 2.5.4.44: generationQualifier: generationQualifier 2.5.4.45: x500UniqueIdentifier: x500UniqueIdentifier 2.5.4.65: pseudonym: pseudonym 0.2.262.1.10.7.20: nameDistinguisher: Name distinguisher # RFC 4334 1.3.6.1.5.5.7.3.13: id-kp-eapOverPPP: EAP over PPP 1.3.6.1.5.5.7.3.14: id-kp-eapOverLAN: EAP over Lan 1.3.6.1.5.2.3.5: pkInitKDC: Signing KDC Response xca-RELEASE.2.2.1/misc/variables.wxi.in0000644000175000017500000000023113614632167016752 0ustar tewardteward xca-RELEASE.2.2.1/misc/Makefile0000644000175000017500000000225313614632167015312 0ustar tewardteward SRCPATH=$(VPATH)/ ifeq ($(TOPDIR),) TOPDIR=.. BUILD=.. endif include $(TOPDIR)/Rules.mak CONFIG_OBJ = dn.txt oids.txt eku.txt misc all: $(CONFIG_OBJ) MSG := \# Do not edit this file, rather use %.txt: preamble.txt %.text @$(PRINT) " GEN [$(BASENAME)] $@" ifeq ($(HOST), WINDOWS) (echo "$(MSG) PROFILE\Application Data\xca\$@" && cat $^) | sed 's/$$/\r/' > $@ else ifeq ($(HOST), DARWIN) (echo "$(MSG) HOME/Library/Application Support/data/xca/$@" && cat $^) > $@ else (echo "$(MSG) /etc/xca/$@ or HOME/.xca/$@" && cat $^) > $@ endif install: install -m 755 -d $(destdir)$(xca_prefix) \ $(destdir)$(datarootdir)/applications \ $(destdir)$(datarootdir)/mime/packages install -m 644 $(CONFIG_OBJ) $(SRCPATH)*.xca \ $(destdir)$(xca_prefix) install -m 644 $(SRCPATH)xca.desktop $(destdir)$(datarootdir)/applications install -m 644 $(SRCPATH)xca.xml $(destdir)$(datarootdir)/mime/packages if test -z "$(destdir)"; then \ update-mime-database $(datarootdir)/mime || :; \ update-desktop-database || :; \ fi app: Info.plist mkdir -p $(APPDIR)/Resources install -m 644 $^ $(SRCPATH)PkgInfo $(APPDIR) install -m 644 $(CONFIG_OBJ) $(SRCPATH)*.xca $(APPDIR)/Resources xca-RELEASE.2.2.1/misc/release.txt0000644000175000017500000000070613614632167016034 0ustar tewardtewardRelease schedule cheat sheet - Test, test, test - Test again - Check - ign_openssl_error() - for TRACE - update translation and xca.pro (qmake-qt4 -o makefile && make) - update changelog.txt doc/xca.sgml and README.md - ./git.release VERSION - Create xca.dmg - Create and sign MSI Installer - git push git.hohnstaedt.de - update xca.hohnstaedt.de: scp changelog git.hohnstaedt.de:/var/cache/git/projects/changelog.txt - update info on heise.de xca-RELEASE.2.2.1/misc/build-w32.sh0000755000175000017500000000243213614632167015720 0ustar tewardteward#!/bin/sh -e XCA_DIR="`dirname $0`" XCA_DIR="`cd $XCA_DIR/.. && pwd`" HOST=x86_64-w64-mingw32 export CROSS="${HOST}-" TARGET=mingw64 read LIBTOOL_DIR < "`dirname $0`/../Libtool.version" LIBTOOL_GZ="${LIBTOOL_DIR}".tar.gz LIBTOOL_DL="http://ftp.gnu.org/gnu/libtool/${LIBTOOL_GZ}" read OPENSSL_DIR < "`dirname $0`/../OpenSSL.version" OPENSSL_GZ="${OPENSSL_DIR}".tar.gz OPENSSL_DL="https://www.openssl.org/source/${OPENSSL_GZ}" unpack() { eval "dir=\${$1_DIR} gz=\${$1_GZ} dl=\${$1_DL} PATCH=\${$1_PATCH}" test -f "$gz" || curl "$dl" -o "$gz" echo "Building '$dir'" rm -rf "$dir" tar -zxf "$gz" cd "$dir" if test -f "$PATCH"; then patch -p1 < "$PATCH" test ! -x bootstrap || ./bootstrap fi } do_openssl() {( unpack OPENSSL ./Configure ${TARGET} shared --cross-compile-prefix="${CROSS}" --prefix="${INSTALL_DIR}" make && make install_sw )} do_libtool() {( unpack LIBTOOL ./configure --host ${HOST} --prefix ${INSTALL_DIR} make && make install )} do_XCA() {( mkdir -p $XCA_BUILD cd $XCA_BUILD $XCA_DIR/configure --host ${HOST} --with-qt=${INSTALL_DIR}/../qt/5.12.0 make -j5 USE_HOSTTOOLS=no cp xca-portable*.zip msi-installer-dir*.zip .. )} XCA_BUILD="`pwd`"/xca_build export INSTALL_DIR=`pwd`/install if test -f build-libs; then do_openssl do_libtool fi do_XCA xca-RELEASE.2.2.1/misc/git.release.something0000755000175000017500000000130413614632167017772 0ustar tewardteward#!/bin/sh set -e type git || exit 1 export TVERSION="$1" commit=master test -z "$2" || commit="$2" if test -z "$TVERSION"; then echo "usage: $0 [commit]" echo " if commit is ommitted, 'master' is used" exit 1 fi if ! git diff-index --quiet HEAD --; then echo "You have local changes, please commit, reset or stash them" exit 1 fi branchname="build-$TVERSION" git checkout -b "$branchname" "$commit" echo "$TVERSION" > VERSION git commit VERSION -m "$TVERSION" git tag RELEASE.$TVERSION # Create the tar.gz make dist # Return to master git checkout master # Cleanup # Delete temporary branch git branch -D "$branchname" # Delete the temporary tag git tag -d RELEASE.$TVERSION xca-RELEASE.2.2.1/misc/xca.bat0000644000175000017500000000045113614632167015113 0ustar tewardteward rem Compile candle.exe -arch x64 -out xca.wixobj xca.wxs rem Link: -sw1076: Silence warning LGHT1076 rem ICE69: Mismatched component reference. light.exe -b .. -sice:69 -sw1076 -ext WixUIExtension -ext WixUtilExtension xca.wixobj rem error LGHT0204 : ICE69 is OK dir xca.msi pause xca-RELEASE.2.2.1/misc/openssl-1.0.0-mingw32-cross.patch0000644000175000017500000000665613614632167021436 0ustar tewardteward--- openssl-1.0.0.orig/ms/mingw32-cross.sh 1970-01-01 01:00:00.000000000 +0100 +++ openssl-1.0.0/ms/mingw32-cross.sh 2010-04-10 10:22:33.000000000 +0200 @@ -0,0 +1,37 @@ +#!/bin/sh +# Mingw32 on Linux + GNU as +# --------------------------- + +set -e + +CROSS=i586-mingw32msvc- + +sh ./Configure mingw $@ + +echo Generating makefile +perl util/mkfiles.pl >MINFO +perl util/mk1mf.pl gaswin $@ Mingw32-cross >ms/mingw32-cross.mak + +echo Generating DLL definition files +perl util/mkdef.pl 32 libeay >ms/libeay32.def +perl util/mkdef.pl 32 ssleay >ms/ssleay32.def + +echo Building the libraries +make -f ms/mingw32-cross.mak CROSS=${CROSS} + +echo Generating the DLLs and input libraries +${CROSS}dllwrap --dllname libeay32.dll --output-lib out/libeay32.a --def ms/libeay32.def out/libcrypto.a -lwsock32 -lgdi32 + +${CROSS}dllwrap --dllname libssl32.dll --output-lib out/libssl32.a --def ms/ssleay32.def out/libssl.a out/libeay32.a + +echo "Done compiling OpenSSL" + +if test -n "${INSTALL_DIR}"; then + echo "Installing OpenSSL to '${INSTALL_DIR}'" + mkdir -p ${INSTALL_DIR}/bin ${INSTALL_DIR}/lib ${INSTALL_DIR}/include + cp -r outinc/openssl ${INSTALL_DIR}/include + cp *.dll ${INSTALL_DIR}/bin + cp out/*.a ${INSTALL_DIR}/lib +fi + + --- openssl-1.0.0.orig/util/mk1mf.pl 2009-09-20 14:47:04.000000000 +0200 +++ openssl-1.0.0/util/mk1mf.pl 2010-04-10 09:28:56.000000000 +0200 @@ -67,6 +67,7 @@ "VC-CE", "Microsoft eMbedded Visual C++ 3.0 - Windows CE ONLY", "VC-NT", "Microsoft Visual C++ [4-6] - Windows NT ONLY", "Mingw32", "GNU C++ - Windows NT or 9x", + "Mingw32-cross", "GNU C++ Linux cross compiling", "Mingw32-files", "Create files with DOS copy ...", "BC-NT", "Borland C++ 4.5 - Windows NT", "linux-elf","Linux elf", @@ -181,6 +182,10 @@ { require 'Mingw32.pl'; } +elsif ($platform eq "Mingw32-cross") + { + require 'Mingw32-cross.pl'; + } elsif ($platform eq "Mingw32-files") { require 'Mingw32f.pl'; --- openssl-1.0.0.orig/util/pl/Mingw32-cross.pl 1970-01-01 01:00:00.000000000 +0100 +++ openssl-1.0.0/util/pl/Mingw32-cross.pl 2010-04-10 10:24:35.000000000 +0200 @@ -0,0 +1,74 @@ +#!/usr/local/bin/perl +# +# Mingw32.pl -- Mingw +# + +$o='/'; +$cp='cp'; +$rm='rm -f'; +$mkdir='mkdir -p'; + +# C compiler stuff + +$asmtype="gaswin"; + +$cc='$(CROSS)gcc'; +if ($debug) + { $cflags="-DL_ENDIAN -DDSO_WIN32 -g2 -ggdb"; } +else + { $cflags="-DL_ENDIAN -DDSO_WIN32 -fomit-frame-pointer -O3 -march=i686 -Wall"; } + +if ($gaswin and !$no_asm) + { $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DOPENSSL_BN_ASM_PART_WORDS"; } + + +$obj='.o'; +$ofile='-o '; + +# EXE linking stuff +$link='${CC}'; +$lflags='${CFLAGS}'; +$efile='-o '; +$exep='.exe'; +$ex_libs="-lwsock32 -lgdi32"; + +# static library stuff +$mklib='$(CROSS)ar r'; +$mlflags=''; +$ranlib='$(CROSS)ranlib'; +$plib='lib'; +$libp=".a"; +$shlibp=".a"; +$lfile=''; + +$asm='$(CROSS)as'; +$afile='-o '; + + +sub do_lib_rule + { + local($obj,$target,$name,$shlib)=@_; + local($ret,$_,$Name); + + $target =~ s/\//$o/g if $o ne '/'; + $target="$target"; + ($Name=$name) =~ tr/a-z/A-Z/; + + $ret.="$target: \$(${Name}OBJ)\n"; + $ret.="\trm -f $target\n"; + $ret.="\t\$(MKLIB) $target \$(${Name}OBJ)\n"; + $ret.="\t\$(RANLIB) $target\n\n"; + } + +sub do_link_rule + { + local($target,$files,$dep_libs,$libs)=@_; + local($ret,$_); + + $file =~ s/\//$o/g if $o ne '/'; + $n=&bname($target); + $ret.="$target: $files $dep_libs\n"; + $ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n\n"; + return($ret); + } +1; xca-RELEASE.2.2.1/misc/eku.text0000644000175000017500000000036513614632167015346 0ustar tewardtewardserverAuth clientAuth codeSigning emailProtection timeStamping msCodeInd msCodeCom msCTLSign msSGC msEFS nsSGC msEFSFR ipsecEndSystem ipsecTunnel ipsecUser iKEIntermediate msSmartcardLogin OCSPSigning id-kp-eapOverPPP id-kp-eapOverLAN pkInitKDC xca-RELEASE.2.2.1/misc/PkgInfo0000644000175000017500000000001113614632167015120 0ustar tewardtewardAPPLcxca xca-RELEASE.2.2.1/misc/CA.xca0000644000175000017500000000153613614632167014635 0ustar tewardtewardV 0 validN10validMidn0 validM2 subKey1subAltNamensSslServerNamensRevocationUrlnsRenewalUrlnsCommentxca certificatensCertType112nsCaPolicyUrl"nsCARevocationUrlnsBaseUrl(noWellDefinedExpDate0kuCriticalkeyUseCritical0 keyUse96issAltNameekuCriticaleKyUseCritical0eKeyUsecrlDistca1bcCritical1basicPathauthKey0authInfAccadv_extxca-RELEASE.2.2.1/misc/openssl-1.0.1-brainpool.patch0000644000175000017500000010715213614632167021000 0ustar tewardtewardFrom 3ee1ac6a0961eb3b97739fb86717e246a45e2743 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Sat, 22 Nov 2014 09:19:47 +0100 Subject: [PATCH] PR: 2239 Submitted by: Dominik Oepen Add Brainpool curves from RFC5639. Original patch by Annie Yousar Backported to OpenSSL 1.0.1j by Christian Hohnstaedt --- crypto/ec/ec_curve.c | 443 ++++++++++++++++++++++++++++++++++++++++++++ crypto/objects/obj_dat.h | 99 +++++++++- crypto/objects/obj_mac.h | 61 ++++++ crypto/objects/obj_mac.num | 15 ++ crypto/objects/objects.txt | 22 +++ 5 files changed, 635 insertions(+), 5 deletions(-) diff --git a/crypto/ec/ec_curve.c b/crypto/ec/ec_curve.c index c72fb26..a36efb2 100644 --- a/crypto/ec/ec_curve.c +++ b/crypto/ec/ec_curve.c @@ -1822,6 +1822,434 @@ static const struct { EC_CURVE_DATA h; unsigned char data[0+24*6]; } #endif +/* These curves were added by Annie Yousar + * For the definition of RFC 5639 curves see + * http://www.ietf.org/rfc/rfc5639.txt + * These curves are generated verifiable at random, nevertheless the seed is + * omitted as parameter because the generation mechanism is different from + * those defined in ANSI X9.62. + */ + +static const struct { EC_CURVE_DATA h; unsigned char data[0+20*6]; } + _EC_brainpoolP160r1 = { + { NID_X9_62_prime_field, 0,20,1 }, + { /* no seed */ + 0xE9,0x5E,0x4A,0x5F,0x73,0x70,0x59,0xDC,0x60,0xDF, /* p */ + 0xC7,0xAD,0x95,0xB3,0xD8,0x13,0x95,0x15,0x62,0x0F, + 0x34,0x0E,0x7B,0xE2,0xA2,0x80,0xEB,0x74,0xE2,0xBE, /* a */ + 0x61,0xBA,0xDA,0x74,0x5D,0x97,0xE8,0xF7,0xC3,0x00, + 0x1E,0x58,0x9A,0x85,0x95,0x42,0x34,0x12,0x13,0x4F, /* b */ + 0xAA,0x2D,0xBD,0xEC,0x95,0xC8,0xD8,0x67,0x5E,0x58, + 0xBE,0xD5,0xAF,0x16,0xEA,0x3F,0x6A,0x4F,0x62,0x93, /* x */ + 0x8C,0x46,0x31,0xEB,0x5A,0xF7,0xBD,0xBC,0xDB,0xC3, + 0x16,0x67,0xCB,0x47,0x7A,0x1A,0x8E,0xC3,0x38,0xF9, /* y */ + 0x47,0x41,0x66,0x9C,0x97,0x63,0x16,0xDA,0x63,0x21, + 0xE9,0x5E,0x4A,0x5F,0x73,0x70,0x59,0xDC,0x60,0xDF, /* order */ + 0x59,0x91,0xD4,0x50,0x29,0x40,0x9E,0x60,0xFC,0x09 } + }; + +static const struct { EC_CURVE_DATA h; unsigned char data[0+20*6]; } + _EC_brainpoolP160t1 = { + { NID_X9_62_prime_field, 0,20,1 }, + { /* no seed */ + 0xE9,0x5E,0x4A,0x5F,0x73,0x70,0x59,0xDC,0x60,0xDF, /* p */ + 0xC7,0xAD,0x95,0xB3,0xD8,0x13,0x95,0x15,0x62,0x0F, + 0xE9,0x5E,0x4A,0x5F,0x73,0x70,0x59,0xDC,0x60,0xDF, /* a */ + 0xC7,0xAD,0x95,0xB3,0xD8,0x13,0x95,0x15,0x62,0x0C, + 0x7A,0x55,0x6B,0x6D,0xAE,0x53,0x5B,0x7B,0x51,0xED, /* b */ + 0x2C,0x4D,0x7D,0xAA,0x7A,0x0B,0x5C,0x55,0xF3,0x80, + 0xB1,0x99,0xB1,0x3B,0x9B,0x34,0xEF,0xC1,0x39,0x7E, /* x */ + 0x64,0xBA,0xEB,0x05,0xAC,0xC2,0x65,0xFF,0x23,0x78, + 0xAD,0xD6,0x71,0x8B,0x7C,0x7C,0x19,0x61,0xF0,0x99, /* y */ + 0x1B,0x84,0x24,0x43,0x77,0x21,0x52,0xC9,0xE0,0xAD, + 0xE9,0x5E,0x4A,0x5F,0x73,0x70,0x59,0xDC,0x60,0xDF, /* order */ + 0x59,0x91,0xD4,0x50,0x29,0x40,0x9E,0x60,0xFC,0x09 } + }; + +static const struct { EC_CURVE_DATA h; unsigned char data[0+24*6]; } + _EC_brainpoolP192r1 = { + { NID_X9_62_prime_field, 0,24,1 }, + { /* no seed */ + 0xC3,0x02,0xF4,0x1D,0x93,0x2A,0x36,0xCD,0xA7,0xA3, /* p */ + 0x46,0x30,0x93,0xD1,0x8D,0xB7,0x8F,0xCE,0x47,0x6D, + 0xE1,0xA8,0x62,0x97, + 0x6A,0x91,0x17,0x40,0x76,0xB1,0xE0,0xE1,0x9C,0x39, /* a */ + 0xC0,0x31,0xFE,0x86,0x85,0xC1,0xCA,0xE0,0x40,0xE5, + 0xC6,0x9A,0x28,0xEF, + 0x46,0x9A,0x28,0xEF,0x7C,0x28,0xCC,0xA3,0xDC,0x72, /* b */ + 0x1D,0x04,0x4F,0x44,0x96,0xBC,0xCA,0x7E,0xF4,0x14, + 0x6F,0xBF,0x25,0xC9, + 0xC0,0xA0,0x64,0x7E,0xAA,0xB6,0xA4,0x87,0x53,0xB0, /* x */ + 0x33,0xC5,0x6C,0xB0,0xF0,0x90,0x0A,0x2F,0x5C,0x48, + 0x53,0x37,0x5F,0xD6, + 0x14,0xB6,0x90,0x86,0x6A,0xBD,0x5B,0xB8,0x8B,0x5F, /* y */ + 0x48,0x28,0xC1,0x49,0x00,0x02,0xE6,0x77,0x3F,0xA2, + 0xFA,0x29,0x9B,0x8F, + 0xC3,0x02,0xF4,0x1D,0x93,0x2A,0x36,0xCD,0xA7,0xA3, /* order */ + 0x46,0x2F,0x9E,0x9E,0x91,0x6B,0x5B,0xE8,0xF1,0x02, + 0x9A,0xC4,0xAC,0xC1 } + }; + +static const struct { EC_CURVE_DATA h; unsigned char data[0+24*6]; } + _EC_brainpoolP192t1 = { + { NID_X9_62_prime_field, 0,24,1 }, + { /* no seed */ + 0xC3,0x02,0xF4,0x1D,0x93,0x2A,0x36,0xCD,0xA7,0xA3, /* p */ + 0x46,0x30,0x93,0xD1,0x8D,0xB7,0x8F,0xCE,0x47,0x6D, + 0xE1,0xA8,0x62,0x97, + 0xC3,0x02,0xF4,0x1D,0x93,0x2A,0x36,0xCD,0xA7,0xA3, /* a */ + 0x46,0x30,0x93,0xD1,0x8D,0xB7,0x8F,0xCE,0x47,0x6D, + 0xE1,0xA8,0x62,0x94, + 0x13,0xD5,0x6F,0xFA,0xEC,0x78,0x68,0x1E,0x68,0xF9, /* b */ + 0xDE,0xB4,0x3B,0x35,0xBE,0xC2,0xFB,0x68,0x54,0x2E, + 0x27,0x89,0x7B,0x79, + 0x3A,0xE9,0xE5,0x8C,0x82,0xF6,0x3C,0x30,0x28,0x2E, /* x */ + 0x1F,0xE7,0xBB,0xF4,0x3F,0xA7,0x2C,0x44,0x6A,0xF6, + 0xF4,0x61,0x81,0x29, + 0x09,0x7E,0x2C,0x56,0x67,0xC2,0x22,0x3A,0x90,0x2A, /* y */ + 0xB5,0xCA,0x44,0x9D,0x00,0x84,0xB7,0xE5,0xB3,0xDE, + 0x7C,0xCC,0x01,0xC9, + 0xC3,0x02,0xF4,0x1D,0x93,0x2A,0x36,0xCD,0xA7,0xA3, /* order */ + 0x46,0x2F,0x9E,0x9E,0x91,0x6B,0x5B,0xE8,0xF1,0x02, + 0x9A,0xC4,0xAC,0xC1 } + }; + +static const struct { EC_CURVE_DATA h; unsigned char data[0+28*6]; } + _EC_brainpoolP224r1 = { + { NID_X9_62_prime_field, 0,28,1 }, + { /* no seed */ + 0xD7,0xC1,0x34,0xAA,0x26,0x43,0x66,0x86,0x2A,0x18, /* p */ + 0x30,0x25,0x75,0xD1,0xD7,0x87,0xB0,0x9F,0x07,0x57, + 0x97,0xDA,0x89,0xF5,0x7E,0xC8,0xC0,0xFF, + 0x68,0xA5,0xE6,0x2C,0xA9,0xCE,0x6C,0x1C,0x29,0x98, /* a */ + 0x03,0xA6,0xC1,0x53,0x0B,0x51,0x4E,0x18,0x2A,0xD8, + 0xB0,0x04,0x2A,0x59,0xCA,0xD2,0x9F,0x43, + 0x25,0x80,0xF6,0x3C,0xCF,0xE4,0x41,0x38,0x87,0x07, /* b */ + 0x13,0xB1,0xA9,0x23,0x69,0xE3,0x3E,0x21,0x35,0xD2, + 0x66,0xDB,0xB3,0x72,0x38,0x6C,0x40,0x0B, + 0x0D,0x90,0x29,0xAD,0x2C,0x7E,0x5C,0xF4,0x34,0x08, /* x */ + 0x23,0xB2,0xA8,0x7D,0xC6,0x8C,0x9E,0x4C,0xE3,0x17, + 0x4C,0x1E,0x6E,0xFD,0xEE,0x12,0xC0,0x7D, + 0x58,0xAA,0x56,0xF7,0x72,0xC0,0x72,0x6F,0x24,0xC6, /* y */ + 0xB8,0x9E,0x4E,0xCD,0xAC,0x24,0x35,0x4B,0x9E,0x99, + 0xCA,0xA3,0xF6,0xD3,0x76,0x14,0x02,0xCD, + 0xD7,0xC1,0x34,0xAA,0x26,0x43,0x66,0x86,0x2A,0x18, /* order */ + 0x30,0x25,0x75,0xD0,0xFB,0x98,0xD1,0x16,0xBC,0x4B, + 0x6D,0xDE,0xBC,0xA3,0xA5,0xA7,0x93,0x9F } + }; + +static const struct { EC_CURVE_DATA h; unsigned char data[0+28*6]; } + _EC_brainpoolP224t1 = { + { NID_X9_62_prime_field, 0,28,1 }, + { /* no seed */ + 0xD7,0xC1,0x34,0xAA,0x26,0x43,0x66,0x86,0x2A,0x18, /* p */ + 0x30,0x25,0x75,0xD1,0xD7,0x87,0xB0,0x9F,0x07,0x57, + 0x97,0xDA,0x89,0xF5,0x7E,0xC8,0xC0,0xFF, + 0xD7,0xC1,0x34,0xAA,0x26,0x43,0x66,0x86,0x2A,0x18, /* a */ + 0x30,0x25,0x75,0xD1,0xD7,0x87,0xB0,0x9F,0x07,0x57, + 0x97,0xDA,0x89,0xF5,0x7E,0xC8,0xC0,0xFC, + 0x4B,0x33,0x7D,0x93,0x41,0x04,0xCD,0x7B,0xEF,0x27, /* b */ + 0x1B,0xF6,0x0C,0xED,0x1E,0xD2,0x0D,0xA1,0x4C,0x08, + 0xB3,0xBB,0x64,0xF1,0x8A,0x60,0x88,0x8D, + 0x6A,0xB1,0xE3,0x44,0xCE,0x25,0xFF,0x38,0x96,0x42, /* x */ + 0x4E,0x7F,0xFE,0x14,0x76,0x2E,0xCB,0x49,0xF8,0x92, + 0x8A,0xC0,0xC7,0x60,0x29,0xB4,0xD5,0x80, + 0x03,0x74,0xE9,0xF5,0x14,0x3E,0x56,0x8C,0xD2,0x3F, /* y */ + 0x3F,0x4D,0x7C,0x0D,0x4B,0x1E,0x41,0xC8,0xCC,0x0D, + 0x1C,0x6A,0xBD,0x5F,0x1A,0x46,0xDB,0x4C, + 0xD7,0xC1,0x34,0xAA,0x26,0x43,0x66,0x86,0x2A,0x18, /* order */ + 0x30,0x25,0x75,0xD0,0xFB,0x98,0xD1,0x16,0xBC,0x4B, + 0x6D,0xDE,0xBC,0xA3,0xA5,0xA7,0x93,0x9F } + }; + +static const struct { EC_CURVE_DATA h; unsigned char data[0+32*6]; } + _EC_brainpoolP256r1 = { + { NID_X9_62_prime_field, 0,32,1 }, + { /* no seed */ + 0xA9,0xFB,0x57,0xDB,0xA1,0xEE,0xA9,0xBC,0x3E,0x66, /* p */ + 0x0A,0x90,0x9D,0x83,0x8D,0x72,0x6E,0x3B,0xF6,0x23, + 0xD5,0x26,0x20,0x28,0x20,0x13,0x48,0x1D,0x1F,0x6E, + 0x53,0x77, + 0x7D,0x5A,0x09,0x75,0xFC,0x2C,0x30,0x57,0xEE,0xF6, /* a */ + 0x75,0x30,0x41,0x7A,0xFF,0xE7,0xFB,0x80,0x55,0xC1, + 0x26,0xDC,0x5C,0x6C,0xE9,0x4A,0x4B,0x44,0xF3,0x30, + 0xB5,0xD9, + 0x26,0xDC,0x5C,0x6C,0xE9,0x4A,0x4B,0x44,0xF3,0x30, /* b */ + 0xB5,0xD9,0xBB,0xD7,0x7C,0xBF,0x95,0x84,0x16,0x29, + 0x5C,0xF7,0xE1,0xCE,0x6B,0xCC,0xDC,0x18,0xFF,0x8C, + 0x07,0xB6, + 0x8B,0xD2,0xAE,0xB9,0xCB,0x7E,0x57,0xCB,0x2C,0x4B, /* x */ + 0x48,0x2F,0xFC,0x81,0xB7,0xAF,0xB9,0xDE,0x27,0xE1, + 0xE3,0xBD,0x23,0xC2,0x3A,0x44,0x53,0xBD,0x9A,0xCE, + 0x32,0x62, + 0x54,0x7E,0xF8,0x35,0xC3,0xDA,0xC4,0xFD,0x97,0xF8, /* y */ + 0x46,0x1A,0x14,0x61,0x1D,0xC9,0xC2,0x77,0x45,0x13, + 0x2D,0xED,0x8E,0x54,0x5C,0x1D,0x54,0xC7,0x2F,0x04, + 0x69,0x97, + 0xA9,0xFB,0x57,0xDB,0xA1,0xEE,0xA9,0xBC,0x3E,0x66, /* order */ + 0x0A,0x90,0x9D,0x83,0x8D,0x71,0x8C,0x39,0x7A,0xA3, + 0xB5,0x61,0xA6,0xF7,0x90,0x1E,0x0E,0x82,0x97,0x48, + 0x56,0xA7 } + }; + +static const struct { EC_CURVE_DATA h; unsigned char data[0+32*6]; } + _EC_brainpoolP256t1 = { + { NID_X9_62_prime_field, 0,32,1 }, + { /* no seed */ + 0xA9,0xFB,0x57,0xDB,0xA1,0xEE,0xA9,0xBC,0x3E,0x66, /* p */ + 0x0A,0x90,0x9D,0x83,0x8D,0x72,0x6E,0x3B,0xF6,0x23, + 0xD5,0x26,0x20,0x28,0x20,0x13,0x48,0x1D,0x1F,0x6E, + 0x53,0x77, + 0xA9,0xFB,0x57,0xDB,0xA1,0xEE,0xA9,0xBC,0x3E,0x66, /* a */ + 0x0A,0x90,0x9D,0x83,0x8D,0x72,0x6E,0x3B,0xF6,0x23, + 0xD5,0x26,0x20,0x28,0x20,0x13,0x48,0x1D,0x1F,0x6E, + 0x53,0x74, + 0x66,0x2C,0x61,0xC4,0x30,0xD8,0x4E,0xA4,0xFE,0x66, /* b */ + 0xA7,0x73,0x3D,0x0B,0x76,0xB7,0xBF,0x93,0xEB,0xC4, + 0xAF,0x2F,0x49,0x25,0x6A,0xE5,0x81,0x01,0xFE,0xE9, + 0x2B,0x04, + 0xA3,0xE8,0xEB,0x3C,0xC1,0xCF,0xE7,0xB7,0x73,0x22, /* x */ + 0x13,0xB2,0x3A,0x65,0x61,0x49,0xAF,0xA1,0x42,0xC4, + 0x7A,0xAF,0xBC,0x2B,0x79,0xA1,0x91,0x56,0x2E,0x13, + 0x05,0xF4, + 0x2D,0x99,0x6C,0x82,0x34,0x39,0xC5,0x6D,0x7F,0x7B, /* y */ + 0x22,0xE1,0x46,0x44,0x41,0x7E,0x69,0xBC,0xB6,0xDE, + 0x39,0xD0,0x27,0x00,0x1D,0xAB,0xE8,0xF3,0x5B,0x25, + 0xC9,0xBE, + 0xA9,0xFB,0x57,0xDB,0xA1,0xEE,0xA9,0xBC,0x3E,0x66, /* order */ + 0x0A,0x90,0x9D,0x83,0x8D,0x71,0x8C,0x39,0x7A,0xA3, + 0xB5,0x61,0xA6,0xF7,0x90,0x1E,0x0E,0x82,0x97,0x48, + 0x56,0xA7 } + }; + +static const struct { EC_CURVE_DATA h; unsigned char data[0+40*6]; } + _EC_brainpoolP320r1 = { + { NID_X9_62_prime_field, 0,40,1 }, + { /* no seed */ + 0xD3,0x5E,0x47,0x20,0x36,0xBC,0x4F,0xB7,0xE1,0x3C, /* p */ + 0x78,0x5E,0xD2,0x01,0xE0,0x65,0xF9,0x8F,0xCF,0xA6, + 0xF6,0xF4,0x0D,0xEF,0x4F,0x92,0xB9,0xEC,0x78,0x93, + 0xEC,0x28,0xFC,0xD4,0x12,0xB1,0xF1,0xB3,0x2E,0x27, + 0x3E,0xE3,0x0B,0x56,0x8F,0xBA,0xB0,0xF8,0x83,0xCC, /* a */ + 0xEB,0xD4,0x6D,0x3F,0x3B,0xB8,0xA2,0xA7,0x35,0x13, + 0xF5,0xEB,0x79,0xDA,0x66,0x19,0x0E,0xB0,0x85,0xFF, + 0xA9,0xF4,0x92,0xF3,0x75,0xA9,0x7D,0x86,0x0E,0xB4, + 0x52,0x08,0x83,0x94,0x9D,0xFD,0xBC,0x42,0xD3,0xAD, /* b */ + 0x19,0x86,0x40,0x68,0x8A,0x6F,0xE1,0x3F,0x41,0x34, + 0x95,0x54,0xB4,0x9A,0xCC,0x31,0xDC,0xCD,0x88,0x45, + 0x39,0x81,0x6F,0x5E,0xB4,0xAC,0x8F,0xB1,0xF1,0xA6, + 0x43,0xBD,0x7E,0x9A,0xFB,0x53,0xD8,0xB8,0x52,0x89, /* x */ + 0xBC,0xC4,0x8E,0xE5,0xBF,0xE6,0xF2,0x01,0x37,0xD1, + 0x0A,0x08,0x7E,0xB6,0xE7,0x87,0x1E,0x2A,0x10,0xA5, + 0x99,0xC7,0x10,0xAF,0x8D,0x0D,0x39,0xE2,0x06,0x11, + 0x14,0xFD,0xD0,0x55,0x45,0xEC,0x1C,0xC8,0xAB,0x40, /* y */ + 0x93,0x24,0x7F,0x77,0x27,0x5E,0x07,0x43,0xFF,0xED, + 0x11,0x71,0x82,0xEA,0xA9,0xC7,0x78,0x77,0xAA,0xAC, + 0x6A,0xC7,0xD3,0x52,0x45,0xD1,0x69,0x2E,0x8E,0xE1, + 0xD3,0x5E,0x47,0x20,0x36,0xBC,0x4F,0xB7,0xE1,0x3C, /* order */ + 0x78,0x5E,0xD2,0x01,0xE0,0x65,0xF9,0x8F,0xCF,0xA5, + 0xB6,0x8F,0x12,0xA3,0x2D,0x48,0x2E,0xC7,0xEE,0x86, + 0x58,0xE9,0x86,0x91,0x55,0x5B,0x44,0xC5,0x93,0x11 } + }; + +static const struct { EC_CURVE_DATA h; unsigned char data[0+40*6]; } + _EC_brainpoolP320t1 = { + { NID_X9_62_prime_field, 0,40,1 }, + { /* no seed */ + 0xD3,0x5E,0x47,0x20,0x36,0xBC,0x4F,0xB7,0xE1,0x3C, /* p */ + 0x78,0x5E,0xD2,0x01,0xE0,0x65,0xF9,0x8F,0xCF,0xA6, + 0xF6,0xF4,0x0D,0xEF,0x4F,0x92,0xB9,0xEC,0x78,0x93, + 0xEC,0x28,0xFC,0xD4,0x12,0xB1,0xF1,0xB3,0x2E,0x27, + 0xD3,0x5E,0x47,0x20,0x36,0xBC,0x4F,0xB7,0xE1,0x3C, /* a */ + 0x78,0x5E,0xD2,0x01,0xE0,0x65,0xF9,0x8F,0xCF,0xA6, + 0xF6,0xF4,0x0D,0xEF,0x4F,0x92,0xB9,0xEC,0x78,0x93, + 0xEC,0x28,0xFC,0xD4,0x12,0xB1,0xF1,0xB3,0x2E,0x24, + 0xA7,0xF5,0x61,0xE0,0x38,0xEB,0x1E,0xD5,0x60,0xB3, /* b */ + 0xD1,0x47,0xDB,0x78,0x20,0x13,0x06,0x4C,0x19,0xF2, + 0x7E,0xD2,0x7C,0x67,0x80,0xAA,0xF7,0x7F,0xB8,0xA5, + 0x47,0xCE,0xB5,0xB4,0xFE,0xF4,0x22,0x34,0x03,0x53, + 0x92,0x5B,0xE9,0xFB,0x01,0xAF,0xC6,0xFB,0x4D,0x3E, /* x */ + 0x7D,0x49,0x90,0x01,0x0F,0x81,0x34,0x08,0xAB,0x10, + 0x6C,0x4F,0x09,0xCB,0x7E,0xE0,0x78,0x68,0xCC,0x13, + 0x6F,0xFF,0x33,0x57,0xF6,0x24,0xA2,0x1B,0xED,0x52, + 0x63,0xBA,0x3A,0x7A,0x27,0x48,0x3E,0xBF,0x66,0x71, /* y */ + 0xDB,0xEF,0x7A,0xBB,0x30,0xEB,0xEE,0x08,0x4E,0x58, + 0xA0,0xB0,0x77,0xAD,0x42,0xA5,0xA0,0x98,0x9D,0x1E, + 0xE7,0x1B,0x1B,0x9B,0xC0,0x45,0x5F,0xB0,0xD2,0xC3, + 0xD3,0x5E,0x47,0x20,0x36,0xBC,0x4F,0xB7,0xE1,0x3C, /* order */ + 0x78,0x5E,0xD2,0x01,0xE0,0x65,0xF9,0x8F,0xCF,0xA5, + 0xB6,0x8F,0x12,0xA3,0x2D,0x48,0x2E,0xC7,0xEE,0x86, + 0x58,0xE9,0x86,0x91,0x55,0x5B,0x44,0xC5,0x93,0x11 } + }; + +static const struct { EC_CURVE_DATA h; unsigned char data[0+48*6]; } + _EC_brainpoolP384r1 = { + { NID_X9_62_prime_field, 0,48,1 }, + { /* no seed */ + 0x8C,0xB9,0x1E,0x82,0xA3,0x38,0x6D,0x28,0x0F,0x5D, /* p */ + 0x6F,0x7E,0x50,0xE6,0x41,0xDF,0x15,0x2F,0x71,0x09, + 0xED,0x54,0x56,0xB4,0x12,0xB1,0xDA,0x19,0x7F,0xB7, + 0x11,0x23,0xAC,0xD3,0xA7,0x29,0x90,0x1D,0x1A,0x71, + 0x87,0x47,0x00,0x13,0x31,0x07,0xEC,0x53, + 0x7B,0xC3,0x82,0xC6,0x3D,0x8C,0x15,0x0C,0x3C,0x72, /* a */ + 0x08,0x0A,0xCE,0x05,0xAF,0xA0,0xC2,0xBE,0xA2,0x8E, + 0x4F,0xB2,0x27,0x87,0x13,0x91,0x65,0xEF,0xBA,0x91, + 0xF9,0x0F,0x8A,0xA5,0x81,0x4A,0x50,0x3A,0xD4,0xEB, + 0x04,0xA8,0xC7,0xDD,0x22,0xCE,0x28,0x26, + 0x04,0xA8,0xC7,0xDD,0x22,0xCE,0x28,0x26,0x8B,0x39, /* b */ + 0xB5,0x54,0x16,0xF0,0x44,0x7C,0x2F,0xB7,0x7D,0xE1, + 0x07,0xDC,0xD2,0xA6,0x2E,0x88,0x0E,0xA5,0x3E,0xEB, + 0x62,0xD5,0x7C,0xB4,0x39,0x02,0x95,0xDB,0xC9,0x94, + 0x3A,0xB7,0x86,0x96,0xFA,0x50,0x4C,0x11, + 0x1D,0x1C,0x64,0xF0,0x68,0xCF,0x45,0xFF,0xA2,0xA6, /* x */ + 0x3A,0x81,0xB7,0xC1,0x3F,0x6B,0x88,0x47,0xA3,0xE7, + 0x7E,0xF1,0x4F,0xE3,0xDB,0x7F,0xCA,0xFE,0x0C,0xBD, + 0x10,0xE8,0xE8,0x26,0xE0,0x34,0x36,0xD6,0x46,0xAA, + 0xEF,0x87,0xB2,0xE2,0x47,0xD4,0xAF,0x1E, + 0x8A,0xBE,0x1D,0x75,0x20,0xF9,0xC2,0xA4,0x5C,0xB1, /* y */ + 0xEB,0x8E,0x95,0xCF,0xD5,0x52,0x62,0xB7,0x0B,0x29, + 0xFE,0xEC,0x58,0x64,0xE1,0x9C,0x05,0x4F,0xF9,0x91, + 0x29,0x28,0x0E,0x46,0x46,0x21,0x77,0x91,0x81,0x11, + 0x42,0x82,0x03,0x41,0x26,0x3C,0x53,0x15, + 0x8C,0xB9,0x1E,0x82,0xA3,0x38,0x6D,0x28,0x0F,0x5D, /* order */ + 0x6F,0x7E,0x50,0xE6,0x41,0xDF,0x15,0x2F,0x71,0x09, + 0xED,0x54,0x56,0xB3,0x1F,0x16,0x6E,0x6C,0xAC,0x04, + 0x25,0xA7,0xCF,0x3A,0xB6,0xAF,0x6B,0x7F,0xC3,0x10, + 0x3B,0x88,0x32,0x02,0xE9,0x04,0x65,0x65 } + }; + +static const struct { EC_CURVE_DATA h; unsigned char data[0+48*6]; } + _EC_brainpoolP384t1 = { + { NID_X9_62_prime_field, 0,48,1 }, + { /* no seed */ + 0x8C,0xB9,0x1E,0x82,0xA3,0x38,0x6D,0x28,0x0F,0x5D, /* p */ + 0x6F,0x7E,0x50,0xE6,0x41,0xDF,0x15,0x2F,0x71,0x09, + 0xED,0x54,0x56,0xB4,0x12,0xB1,0xDA,0x19,0x7F,0xB7, + 0x11,0x23,0xAC,0xD3,0xA7,0x29,0x90,0x1D,0x1A,0x71, + 0x87,0x47,0x00,0x13,0x31,0x07,0xEC,0x53, + 0x8C,0xB9,0x1E,0x82,0xA3,0x38,0x6D,0x28,0x0F,0x5D, /* a */ + 0x6F,0x7E,0x50,0xE6,0x41,0xDF,0x15,0x2F,0x71,0x09, + 0xED,0x54,0x56,0xB4,0x12,0xB1,0xDA,0x19,0x7F,0xB7, + 0x11,0x23,0xAC,0xD3,0xA7,0x29,0x90,0x1D,0x1A,0x71, + 0x87,0x47,0x00,0x13,0x31,0x07,0xEC,0x50, + 0x7F,0x51,0x9E,0xAD,0xA7,0xBD,0xA8,0x1B,0xD8,0x26, /* b */ + 0xDB,0xA6,0x47,0x91,0x0F,0x8C,0x4B,0x93,0x46,0xED, + 0x8C,0xCD,0xC6,0x4E,0x4B,0x1A,0xBD,0x11,0x75,0x6D, + 0xCE,0x1D,0x20,0x74,0xAA,0x26,0x3B,0x88,0x80,0x5C, + 0xED,0x70,0x35,0x5A,0x33,0xB4,0x71,0xEE, + 0x18,0xDE,0x98,0xB0,0x2D,0xB9,0xA3,0x06,0xF2,0xAF, /* x */ + 0xCD,0x72,0x35,0xF7,0x2A,0x81,0x9B,0x80,0xAB,0x12, + 0xEB,0xD6,0x53,0x17,0x24,0x76,0xFE,0xCD,0x46,0x2A, + 0xAB,0xFF,0xC4,0xFF,0x19,0x1B,0x94,0x6A,0x5F,0x54, + 0xD8,0xD0,0xAA,0x2F,0x41,0x88,0x08,0xCC, + 0x25,0xAB,0x05,0x69,0x62,0xD3,0x06,0x51,0xA1,0x14, /* y */ + 0xAF,0xD2,0x75,0x5A,0xD3,0x36,0x74,0x7F,0x93,0x47, + 0x5B,0x7A,0x1F,0xCA,0x3B,0x88,0xF2,0xB6,0xA2,0x08, + 0xCC,0xFE,0x46,0x94,0x08,0x58,0x4D,0xC2,0xB2,0x91, + 0x26,0x75,0xBF,0x5B,0x9E,0x58,0x29,0x28, + 0x8C,0xB9,0x1E,0x82,0xA3,0x38,0x6D,0x28,0x0F,0x5D, /* order */ + 0x6F,0x7E,0x50,0xE6,0x41,0xDF,0x15,0x2F,0x71,0x09, + 0xED,0x54,0x56,0xB3,0x1F,0x16,0x6E,0x6C,0xAC,0x04, + 0x25,0xA7,0xCF,0x3A,0xB6,0xAF,0x6B,0x7F,0xC3,0x10, + 0x3B,0x88,0x32,0x02,0xE9,0x04,0x65,0x65 } + }; + +static const struct { EC_CURVE_DATA h; unsigned char data[0+64*6]; } + _EC_brainpoolP512r1 = { + { NID_X9_62_prime_field, 0,64,1 }, + { /* no seed */ + 0xAA,0xDD,0x9D,0xB8,0xDB,0xE9,0xC4,0x8B,0x3F,0xD4, /* p */ + 0xE6,0xAE,0x33,0xC9,0xFC,0x07,0xCB,0x30,0x8D,0xB3, + 0xB3,0xC9,0xD2,0x0E,0xD6,0x63,0x9C,0xCA,0x70,0x33, + 0x08,0x71,0x7D,0x4D,0x9B,0x00,0x9B,0xC6,0x68,0x42, + 0xAE,0xCD,0xA1,0x2A,0xE6,0xA3,0x80,0xE6,0x28,0x81, + 0xFF,0x2F,0x2D,0x82,0xC6,0x85,0x28,0xAA,0x60,0x56, + 0x58,0x3A,0x48,0xF3, + 0x78,0x30,0xA3,0x31,0x8B,0x60,0x3B,0x89,0xE2,0x32, /* a */ + 0x71,0x45,0xAC,0x23,0x4C,0xC5,0x94,0xCB,0xDD,0x8D, + 0x3D,0xF9,0x16,0x10,0xA8,0x34,0x41,0xCA,0xEA,0x98, + 0x63,0xBC,0x2D,0xED,0x5D,0x5A,0xA8,0x25,0x3A,0xA1, + 0x0A,0x2E,0xF1,0xC9,0x8B,0x9A,0xC8,0xB5,0x7F,0x11, + 0x17,0xA7,0x2B,0xF2,0xC7,0xB9,0xE7,0xC1,0xAC,0x4D, + 0x77,0xFC,0x94,0xCA, + 0x3D,0xF9,0x16,0x10,0xA8,0x34,0x41,0xCA,0xEA,0x98, /* b */ + 0x63,0xBC,0x2D,0xED,0x5D,0x5A,0xA8,0x25,0x3A,0xA1, + 0x0A,0x2E,0xF1,0xC9,0x8B,0x9A,0xC8,0xB5,0x7F,0x11, + 0x17,0xA7,0x2B,0xF2,0xC7,0xB9,0xE7,0xC1,0xAC,0x4D, + 0x77,0xFC,0x94,0xCA,0xDC,0x08,0x3E,0x67,0x98,0x40, + 0x50,0xB7,0x5E,0xBA,0xE5,0xDD,0x28,0x09,0xBD,0x63, + 0x80,0x16,0xF7,0x23, + 0x81,0xAE,0xE4,0xBD,0xD8,0x2E,0xD9,0x64,0x5A,0x21, /* x */ + 0x32,0x2E,0x9C,0x4C,0x6A,0x93,0x85,0xED,0x9F,0x70, + 0xB5,0xD9,0x16,0xC1,0xB4,0x3B,0x62,0xEE,0xF4,0xD0, + 0x09,0x8E,0xFF,0x3B,0x1F,0x78,0xE2,0xD0,0xD4,0x8D, + 0x50,0xD1,0x68,0x7B,0x93,0xB9,0x7D,0x5F,0x7C,0x6D, + 0x50,0x47,0x40,0x6A,0x5E,0x68,0x8B,0x35,0x22,0x09, + 0xBC,0xB9,0xF8,0x22, + 0x7D,0xDE,0x38,0x5D,0x56,0x63,0x32,0xEC,0xC0,0xEA, /* y */ + 0xBF,0xA9,0xCF,0x78,0x22,0xFD,0xF2,0x09,0xF7,0x00, + 0x24,0xA5,0x7B,0x1A,0xA0,0x00,0xC5,0x5B,0x88,0x1F, + 0x81,0x11,0xB2,0xDC,0xDE,0x49,0x4A,0x5F,0x48,0x5E, + 0x5B,0xCA,0x4B,0xD8,0x8A,0x27,0x63,0xAE,0xD1,0xCA, + 0x2B,0x2F,0xA8,0xF0,0x54,0x06,0x78,0xCD,0x1E,0x0F, + 0x3A,0xD8,0x08,0x92, + 0xAA,0xDD,0x9D,0xB8,0xDB,0xE9,0xC4,0x8B,0x3F,0xD4, /* order */ + 0xE6,0xAE,0x33,0xC9,0xFC,0x07,0xCB,0x30,0x8D,0xB3, + 0xB3,0xC9,0xD2,0x0E,0xD6,0x63,0x9C,0xCA,0x70,0x33, + 0x08,0x70,0x55,0x3E,0x5C,0x41,0x4C,0xA9,0x26,0x19, + 0x41,0x86,0x61,0x19,0x7F,0xAC,0x10,0x47,0x1D,0xB1, + 0xD3,0x81,0x08,0x5D,0xDA,0xDD,0xB5,0x87,0x96,0x82, + 0x9C,0xA9,0x00,0x69 } + }; + +static const struct { EC_CURVE_DATA h; unsigned char data[0+64*6]; } + _EC_brainpoolP512t1 = { + { NID_X9_62_prime_field, 0,64,1 }, + { /* no seed */ + 0xAA,0xDD,0x9D,0xB8,0xDB,0xE9,0xC4,0x8B,0x3F,0xD4, /* p */ + 0xE6,0xAE,0x33,0xC9,0xFC,0x07,0xCB,0x30,0x8D,0xB3, + 0xB3,0xC9,0xD2,0x0E,0xD6,0x63,0x9C,0xCA,0x70,0x33, + 0x08,0x71,0x7D,0x4D,0x9B,0x00,0x9B,0xC6,0x68,0x42, + 0xAE,0xCD,0xA1,0x2A,0xE6,0xA3,0x80,0xE6,0x28,0x81, + 0xFF,0x2F,0x2D,0x82,0xC6,0x85,0x28,0xAA,0x60,0x56, + 0x58,0x3A,0x48,0xF3, + 0xAA,0xDD,0x9D,0xB8,0xDB,0xE9,0xC4,0x8B,0x3F,0xD4, /* a */ + 0xE6,0xAE,0x33,0xC9,0xFC,0x07,0xCB,0x30,0x8D,0xB3, + 0xB3,0xC9,0xD2,0x0E,0xD6,0x63,0x9C,0xCA,0x70,0x33, + 0x08,0x71,0x7D,0x4D,0x9B,0x00,0x9B,0xC6,0x68,0x42, + 0xAE,0xCD,0xA1,0x2A,0xE6,0xA3,0x80,0xE6,0x28,0x81, + 0xFF,0x2F,0x2D,0x82,0xC6,0x85,0x28,0xAA,0x60,0x56, + 0x58,0x3A,0x48,0xF0, + 0x7C,0xBB,0xBC,0xF9,0x44,0x1C,0xFA,0xB7,0x6E,0x18, /* b */ + 0x90,0xE4,0x68,0x84,0xEA,0xE3,0x21,0xF7,0x0C,0x0B, + 0xCB,0x49,0x81,0x52,0x78,0x97,0x50,0x4B,0xEC,0x3E, + 0x36,0xA6,0x2B,0xCD,0xFA,0x23,0x04,0x97,0x65,0x40, + 0xF6,0x45,0x00,0x85,0xF2,0xDA,0xE1,0x45,0xC2,0x25, + 0x53,0xB4,0x65,0x76,0x36,0x89,0x18,0x0E,0xA2,0x57, + 0x18,0x67,0x42,0x3E, + 0x64,0x0E,0xCE,0x5C,0x12,0x78,0x87,0x17,0xB9,0xC1, /* x */ + 0xBA,0x06,0xCB,0xC2,0xA6,0xFE,0xBA,0x85,0x84,0x24, + 0x58,0xC5,0x6D,0xDE,0x9D,0xB1,0x75,0x8D,0x39,0xC0, + 0x31,0x3D,0x82,0xBA,0x51,0x73,0x5C,0xDB,0x3E,0xA4, + 0x99,0xAA,0x77,0xA7,0xD6,0x94,0x3A,0x64,0xF7,0xA3, + 0xF2,0x5F,0xE2,0x6F,0x06,0xB5,0x1B,0xAA,0x26,0x96, + 0xFA,0x90,0x35,0xDA, + 0x5B,0x53,0x4B,0xD5,0x95,0xF5,0xAF,0x0F,0xA2,0xC8, /* y */ + 0x92,0x37,0x6C,0x84,0xAC,0xE1,0xBB,0x4E,0x30,0x19, + 0xB7,0x16,0x34,0xC0,0x11,0x31,0x15,0x9C,0xAE,0x03, + 0xCE,0xE9,0xD9,0x93,0x21,0x84,0xBE,0xEF,0x21,0x6B, + 0xD7,0x1D,0xF2,0xDA,0xDF,0x86,0xA6,0x27,0x30,0x6E, + 0xCF,0xF9,0x6D,0xBB,0x8B,0xAC,0xE1,0x98,0xB6,0x1E, + 0x00,0xF8,0xB3,0x32, + 0xAA,0xDD,0x9D,0xB8,0xDB,0xE9,0xC4,0x8B,0x3F,0xD4, /* order */ + 0xE6,0xAE,0x33,0xC9,0xFC,0x07,0xCB,0x30,0x8D,0xB3, + 0xB3,0xC9,0xD2,0x0E,0xD6,0x63,0x9C,0xCA,0x70,0x33, + 0x08,0x70,0x55,0x3E,0x5C,0x41,0x4C,0xA9,0x26,0x19, + 0x41,0x86,0x61,0x19,0x7F,0xAC,0x10,0x47,0x1D,0xB1, + 0xD3,0x81,0x08,0x5D,0xDA,0xDD,0xB5,0x87,0x96,0x82, + 0x9C,0xA9,0x00,0x69 } + }; + typedef struct _ec_list_element_st { int nid; const EC_CURVE_DATA *data; @@ -1928,6 +2356,21 @@ static const ec_list_element curve_list[] = { { NID_ipsec4, &_EC_IPSEC_185_ID4.h, 0, "\n\tIPSec/IKE/Oakley curve #4 over a 185 bit binary field.\n" "\tNot suitable for ECDSA.\n\tQuestionable extension field!" }, #endif + /* brainpool curves */ + { NID_brainpoolP160r1, &_EC_brainpoolP160r1.h, 0, "RFC 5639 curve over a 160 bit prime field"}, + { NID_brainpoolP160t1, &_EC_brainpoolP160t1.h, 0, "RFC 5639 curve over a 160 bit prime field"}, + { NID_brainpoolP192r1, &_EC_brainpoolP192r1.h, 0, "RFC 5639 curve over a 192 bit prime field"}, + { NID_brainpoolP192t1, &_EC_brainpoolP192t1.h, 0, "RFC 5639 curve over a 192 bit prime field"}, + { NID_brainpoolP224r1, &_EC_brainpoolP224r1.h, 0, "RFC 5639 curve over a 224 bit prime field"}, + { NID_brainpoolP224t1, &_EC_brainpoolP224t1.h, 0, "RFC 5639 curve over a 224 bit prime field"}, + { NID_brainpoolP256r1, &_EC_brainpoolP256r1.h, 0, "RFC 5639 curve over a 256 bit prime field"}, + { NID_brainpoolP256t1, &_EC_brainpoolP256t1.h, 0, "RFC 5639 curve over a 256 bit prime field"}, + { NID_brainpoolP320r1, &_EC_brainpoolP320r1.h, 0, "RFC 5639 curve over a 320 bit prime field"}, + { NID_brainpoolP320t1, &_EC_brainpoolP320t1.h, 0, "RFC 5639 curve over a 320 bit prime field"}, + { NID_brainpoolP384r1, &_EC_brainpoolP384r1.h, 0, "RFC 5639 curve over a 384 bit prime field"}, + { NID_brainpoolP384t1, &_EC_brainpoolP384t1.h, 0, "RFC 5639 curve over a 384 bit prime field"}, + { NID_brainpoolP512r1, &_EC_brainpoolP512r1.h, 0, "RFC 5639 curve over a 512 bit prime field"}, + { NID_brainpoolP512t1, &_EC_brainpoolP512t1.h, 0, "RFC 5639 curve over a 512 bit prime field"}, }; #define curve_list_length (sizeof(curve_list)/sizeof(ec_list_element)) diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h index bc69665..cbc8d2c 100644 --- a/crypto/objects/obj_dat.h +++ b/crypto/objects/obj_dat.h @@ -62,12 +62,12 @@ * [including the GNU Public Licence.] */ -#define NUM_NID 920 -#define NUM_SN 913 -#define NUM_LN 913 -#define NUM_OBJ 857 +#define NUM_NID 935 +#define NUM_SN 928 +#define NUM_LN 928 +#define NUM_OBJ 872 -static const unsigned char lvalues[5974]={ +static const unsigned char lvalues[6107]={ 0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 0] OBJ_rsadsi */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 6] OBJ_pkcs */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 13] OBJ_md2 */ @@ -919,6 +919,21 @@ static const unsigned char lvalues[5974]={ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x08,/* [5946] OBJ_mgf1 */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0A,/* [5955] OBJ_rsassaPss */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x07,/* [5964] OBJ_rsaesOaep */ +0x2A,0x86,0x48,0xCE,0x3E,0x02,0x01, /* [5973] OBJ_dhpublicnumber */ +0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x01,/* [5980] OBJ_brainpoolP160r1 */ +0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x02,/* [5989] OBJ_brainpoolP160t1 */ +0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x03,/* [5998] OBJ_brainpoolP192r1 */ +0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x04,/* [6007] OBJ_brainpoolP192t1 */ +0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x05,/* [6016] OBJ_brainpoolP224r1 */ +0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x06,/* [6025] OBJ_brainpoolP224t1 */ +0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x07,/* [6034] OBJ_brainpoolP256r1 */ +0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x08,/* [6043] OBJ_brainpoolP256t1 */ +0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x09,/* [6052] OBJ_brainpoolP320r1 */ +0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x0A,/* [6061] OBJ_brainpoolP320t1 */ +0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x0B,/* [6070] OBJ_brainpoolP384r1 */ +0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x0C,/* [6079] OBJ_brainpoolP384t1 */ +0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x0D,/* [6088] OBJ_brainpoolP512r1 */ +0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x0E,/* [6097] OBJ_brainpoolP512t1 */ }; static const ASN1_OBJECT nid_objs[NUM_NID]={ @@ -2399,6 +2414,35 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={ {"AES-256-CBC-HMAC-SHA1","aes-256-cbc-hmac-sha1", NID_aes_256_cbc_hmac_sha1,0,NULL,0}, {"RSAES-OAEP","rsaesOaep",NID_rsaesOaep,9,&(lvalues[5964]),0}, +{"dhpublicnumber","X9.42 DH",NID_dhpublicnumber,7,&(lvalues[5973]),0}, +{"brainpoolP160r1","brainpoolP160r1",NID_brainpoolP160r1,9, + &(lvalues[5980]),0}, +{"brainpoolP160t1","brainpoolP160t1",NID_brainpoolP160t1,9, + &(lvalues[5989]),0}, +{"brainpoolP192r1","brainpoolP192r1",NID_brainpoolP192r1,9, + &(lvalues[5998]),0}, +{"brainpoolP192t1","brainpoolP192t1",NID_brainpoolP192t1,9, + &(lvalues[6007]),0}, +{"brainpoolP224r1","brainpoolP224r1",NID_brainpoolP224r1,9, + &(lvalues[6016]),0}, +{"brainpoolP224t1","brainpoolP224t1",NID_brainpoolP224t1,9, + &(lvalues[6025]),0}, +{"brainpoolP256r1","brainpoolP256r1",NID_brainpoolP256r1,9, + &(lvalues[6034]),0}, +{"brainpoolP256t1","brainpoolP256t1",NID_brainpoolP256t1,9, + &(lvalues[6043]),0}, +{"brainpoolP320r1","brainpoolP320r1",NID_brainpoolP320r1,9, + &(lvalues[6052]),0}, +{"brainpoolP320t1","brainpoolP320t1",NID_brainpoolP320t1,9, + &(lvalues[6061]),0}, +{"brainpoolP384r1","brainpoolP384r1",NID_brainpoolP384r1,9, + &(lvalues[6070]),0}, +{"brainpoolP384t1","brainpoolP384t1",NID_brainpoolP384t1,9, + &(lvalues[6079]),0}, +{"brainpoolP512r1","brainpoolP512r1",NID_brainpoolP512r1,9, + &(lvalues[6088]),0}, +{"brainpoolP512t1","brainpoolP512t1",NID_brainpoolP512t1,9, + &(lvalues[6097]),0}, }; static const unsigned int sn_objs[NUM_SN]={ @@ -2613,6 +2657,20 @@ static const unsigned int sn_objs[NUM_SN]={ 87, /* "basicConstraints" */ 365, /* "basicOCSPResponse" */ 285, /* "biometricInfo" */ +921, /* "brainpoolP160r1" */ +922, /* "brainpoolP160t1" */ +923, /* "brainpoolP192r1" */ +924, /* "brainpoolP192t1" */ +925, /* "brainpoolP224r1" */ +926, /* "brainpoolP224t1" */ +927, /* "brainpoolP256r1" */ +928, /* "brainpoolP256t1" */ +929, /* "brainpoolP320r1" */ +930, /* "brainpoolP320t1" */ +931, /* "brainpoolP384r1" */ +932, /* "brainpoolP384t1" */ +933, /* "brainpoolP512r1" */ +934, /* "brainpoolP512t1" */ 494, /* "buildingName" */ 860, /* "businessCategory" */ 691, /* "c2onb191v4" */ @@ -2668,6 +2726,7 @@ static const unsigned int sn_objs[NUM_SN]={ 107, /* "description" */ 871, /* "destinationIndicator" */ 28, /* "dhKeyAgreement" */ +920, /* "dhpublicnumber" */ 382, /* "directory" */ 887, /* "distinguishedName" */ 892, /* "dmdName" */ @@ -3451,6 +3510,7 @@ static const unsigned int ln_objs[NUM_LN]={ 85, /* "X509v3 Subject Alternative Name" */ 769, /* "X509v3 Subject Directory Attributes" */ 82, /* "X509v3 Subject Key Identifier" */ +920, /* "X9.42 DH" */ 184, /* "X9.57" */ 185, /* "X9.57 CM ?" */ 478, /* "aRecord" */ @@ -3502,6 +3562,20 @@ static const unsigned int ln_objs[NUM_LN]={ 93, /* "bf-cfb" */ 92, /* "bf-ecb" */ 94, /* "bf-ofb" */ +921, /* "brainpoolP160r1" */ +922, /* "brainpoolP160t1" */ +923, /* "brainpoolP192r1" */ +924, /* "brainpoolP192t1" */ +925, /* "brainpoolP224r1" */ +926, /* "brainpoolP224t1" */ +927, /* "brainpoolP256r1" */ +928, /* "brainpoolP256t1" */ +929, /* "brainpoolP320r1" */ +930, /* "brainpoolP320t1" */ +931, /* "brainpoolP384r1" */ +932, /* "brainpoolP384t1" */ +933, /* "brainpoolP512r1" */ +934, /* "brainpoolP512t1" */ 494, /* "buildingName" */ 860, /* "businessCategory" */ 691, /* "c2onb191v4" */ @@ -4608,6 +4682,7 @@ static const unsigned int obj_objs[NUM_OBJ]={ 416, /* OBJ_ecdsa_with_SHA1 1 2 840 10045 4 1 */ 791, /* OBJ_ecdsa_with_Recommended 1 2 840 10045 4 2 */ 792, /* OBJ_ecdsa_with_Specified 1 2 840 10045 4 3 */ +920, /* OBJ_dhpublicnumber 1 2 840 10046 2 1 */ 258, /* OBJ_id_pkix_mod 1 3 6 1 5 5 7 0 */ 175, /* OBJ_id_pe 1 3 6 1 5 5 7 1 */ 259, /* OBJ_id_qt 1 3 6 1 5 5 7 2 */ @@ -4886,6 +4961,20 @@ static const unsigned int obj_objs[NUM_OBJ]={ 373, /* OBJ_id_pkix_OCSP_valid 1 3 6 1 5 5 7 48 1 9 */ 374, /* OBJ_id_pkix_OCSP_path 1 3 6 1 5 5 7 48 1 10 */ 375, /* OBJ_id_pkix_OCSP_trustRoot 1 3 6 1 5 5 7 48 1 11 */ +921, /* OBJ_brainpoolP160r1 1 3 36 3 3 2 8 1 1 1 */ +922, /* OBJ_brainpoolP160t1 1 3 36 3 3 2 8 1 1 2 */ +923, /* OBJ_brainpoolP192r1 1 3 36 3 3 2 8 1 1 3 */ +924, /* OBJ_brainpoolP192t1 1 3 36 3 3 2 8 1 1 4 */ +925, /* OBJ_brainpoolP224r1 1 3 36 3 3 2 8 1 1 5 */ +926, /* OBJ_brainpoolP224t1 1 3 36 3 3 2 8 1 1 6 */ +927, /* OBJ_brainpoolP256r1 1 3 36 3 3 2 8 1 1 7 */ +928, /* OBJ_brainpoolP256t1 1 3 36 3 3 2 8 1 1 8 */ +929, /* OBJ_brainpoolP320r1 1 3 36 3 3 2 8 1 1 9 */ +930, /* OBJ_brainpoolP320t1 1 3 36 3 3 2 8 1 1 10 */ +931, /* OBJ_brainpoolP384r1 1 3 36 3 3 2 8 1 1 11 */ +932, /* OBJ_brainpoolP384t1 1 3 36 3 3 2 8 1 1 12 */ +933, /* OBJ_brainpoolP512r1 1 3 36 3 3 2 8 1 1 13 */ +934, /* OBJ_brainpoolP512t1 1 3 36 3 3 2 8 1 1 14 */ 418, /* OBJ_aes_128_ecb 2 16 840 1 101 3 4 1 1 */ 419, /* OBJ_aes_128_cbc 2 16 840 1 101 3 4 1 2 */ 420, /* OBJ_aes_128_ofb128 2 16 840 1 101 3 4 1 3 */ diff --git a/crypto/objects/obj_mac.h b/crypto/objects/obj_mac.h index b5ea7cd..704697e 100644 --- a/crypto/objects/obj_mac.h +++ b/crypto/objects/obj_mac.h @@ -4030,3 +4030,64 @@ #define LN_aes_256_cbc_hmac_sha1 "aes-256-cbc-hmac-sha1" #define NID_aes_256_cbc_hmac_sha1 918 +#define SN_dhpublicnumber "dhpublicnumber" +#define LN_dhpublicnumber "X9.42 DH" +#define NID_dhpublicnumber 920 +#define OBJ_dhpublicnumber OBJ_ISO_US,10046L,2L,1L + +#define SN_brainpoolP160r1 "brainpoolP160r1" +#define NID_brainpoolP160r1 921 +#define OBJ_brainpoolP160r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,1L + +#define SN_brainpoolP160t1 "brainpoolP160t1" +#define NID_brainpoolP160t1 922 +#define OBJ_brainpoolP160t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,2L + +#define SN_brainpoolP192r1 "brainpoolP192r1" +#define NID_brainpoolP192r1 923 +#define OBJ_brainpoolP192r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,3L + +#define SN_brainpoolP192t1 "brainpoolP192t1" +#define NID_brainpoolP192t1 924 +#define OBJ_brainpoolP192t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,4L + +#define SN_brainpoolP224r1 "brainpoolP224r1" +#define NID_brainpoolP224r1 925 +#define OBJ_brainpoolP224r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,5L + +#define SN_brainpoolP224t1 "brainpoolP224t1" +#define NID_brainpoolP224t1 926 +#define OBJ_brainpoolP224t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,6L + +#define SN_brainpoolP256r1 "brainpoolP256r1" +#define NID_brainpoolP256r1 927 +#define OBJ_brainpoolP256r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,7L + +#define SN_brainpoolP256t1 "brainpoolP256t1" +#define NID_brainpoolP256t1 928 +#define OBJ_brainpoolP256t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,8L + +#define SN_brainpoolP320r1 "brainpoolP320r1" +#define NID_brainpoolP320r1 929 +#define OBJ_brainpoolP320r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,9L + +#define SN_brainpoolP320t1 "brainpoolP320t1" +#define NID_brainpoolP320t1 930 +#define OBJ_brainpoolP320t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,10L + +#define SN_brainpoolP384r1 "brainpoolP384r1" +#define NID_brainpoolP384r1 931 +#define OBJ_brainpoolP384r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,11L + +#define SN_brainpoolP384t1 "brainpoolP384t1" +#define NID_brainpoolP384t1 932 +#define OBJ_brainpoolP384t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,12L + +#define SN_brainpoolP512r1 "brainpoolP512r1" +#define NID_brainpoolP512r1 933 +#define OBJ_brainpoolP512r1 1L,3L,36L,3L,3L,2L,8L,1L,1L,13L + +#define SN_brainpoolP512t1 "brainpoolP512t1" +#define NID_brainpoolP512t1 934 +#define OBJ_brainpoolP512t1 1L,3L,36L,3L,3L,2L,8L,1L,1L,14L + diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num index 1d0a7c8..9297435 100644 --- a/crypto/objects/obj_mac.num +++ b/crypto/objects/obj_mac.num @@ -917,3 +917,18 @@ aes_128_cbc_hmac_sha1 916 aes_192_cbc_hmac_sha1 917 aes_256_cbc_hmac_sha1 918 rsaesOaep 919 +dhpublicnumber 920 +brainpoolP160r1 921 +brainpoolP160t1 922 +brainpoolP192r1 923 +brainpoolP192t1 924 +brainpoolP224r1 925 +brainpoolP224t1 926 +brainpoolP256r1 927 +brainpoolP256t1 928 +brainpoolP320r1 929 +brainpoolP320t1 930 +brainpoolP384r1 931 +brainpoolP384t1 932 +brainpoolP512r1 933 +brainpoolP512t1 934 diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt index d3bfad7..23a955d 100644 --- a/crypto/objects/objects.txt +++ b/crypto/objects/objects.txt @@ -1290,3 +1290,25 @@ kisa 1 6 : SEED-OFB : seed-ofb : AES-128-CBC-HMAC-SHA1 : aes-128-cbc-hmac-sha1 : AES-192-CBC-HMAC-SHA1 : aes-192-cbc-hmac-sha1 : AES-256-CBC-HMAC-SHA1 : aes-256-cbc-hmac-sha1 + +ISO-US 10046 2 1 : dhpublicnumber : X9.42 DH + +# RFC 5639 curve OIDs (see http://www.ietf.org/rfc/rfc5639.txt) +# versionOne OBJECT IDENTIFIER ::= { +# iso(1) identifified-organization(3) teletrust(36) algorithm(3) +# signature-algorithm(3) ecSign(2) ecStdCurvesAndGeneration(8) +# ellipticCurve(1) 1 } +1 3 36 3 3 2 8 1 1 1 : brainpoolP160r1 +1 3 36 3 3 2 8 1 1 2 : brainpoolP160t1 +1 3 36 3 3 2 8 1 1 3 : brainpoolP192r1 +1 3 36 3 3 2 8 1 1 4 : brainpoolP192t1 +1 3 36 3 3 2 8 1 1 5 : brainpoolP224r1 +1 3 36 3 3 2 8 1 1 6 : brainpoolP224t1 +1 3 36 3 3 2 8 1 1 7 : brainpoolP256r1 +1 3 36 3 3 2 8 1 1 8 : brainpoolP256t1 +1 3 36 3 3 2 8 1 1 9 : brainpoolP320r1 +1 3 36 3 3 2 8 1 1 10 : brainpoolP320t1 +1 3 36 3 3 2 8 1 1 11 : brainpoolP384r1 +1 3 36 3 3 2 8 1 1 12 : brainpoolP384t1 +1 3 36 3 3 2 8 1 1 13 : brainpoolP512r1 +1 3 36 3 3 2 8 1 1 14 : brainpoolP512t1 -- 1.7.9.5 xca-RELEASE.2.2.1/misc/gen-binary-hash0000755000175000017500000000047013614632167016553 0ustar tewardteward#!/bin/sh set -ex export dir="$1" ( head -n -2 test -z "$dir" || cd $dir sha256sum *xca* | while read md file; do echo ' "'$file'":"'$md'",' done cat <<-EOF "last":"" } EOF ) < misc/binary-hashes.json > misc/binary-hashes.json.tmp && mv misc/binary-hashes.json.tmp misc/binary-hashes.json xca-RELEASE.2.2.1/misc/binary-hashes.json0000644000175000017500000001077013614632167017305 0ustar tewardteward{ "setup_xca-1.3.0.exe": "c8695943ec3a3066c867c2370bc99f79fd7ebba6b2f1ad37bf467d07649892a4", "xca-1.3.0.dmg": "4a3ce20b302c400d431613c17e27dcf9468b61c2eac936b87bc0ce3e34519cd4", "xca-1.3.0.tar.gz": "ef5b6e4ed93abb02eb53925edd222bfeb5c26a3b0698af90a416d8e92869414c", "setup_xca-1.3.1.exe": "84052c8f9832b176052d5d0f3ac74de7c3764385467d823d9577bff02858bd28", "xca-1.3.1.dmg": "d1abde80b27ade30a465ba063921cbd744aa83e0730c1a8e1d558e783b9cad6f", "xca-1.3.1.tar.gz": "c2dd8d79b37440126d9fe7281e8c6802b95537c50ad464f6f7799ffa81aa3d83", "setup_xca-1.3.2.exe":"99f68030520c64f52026f09a18a6fca8f6c7dfd570d174eba0aedb301f276080", "xca-1.3.2.dmg": "8117821eef637c3fb78ce6e583fe0a3e667c714525e992b37d4d977a279a967e", "xca-1.3.2.tar.gz": "04f11f2148c8369c1a1b4e109956ed8cc807ec266d0d936410624ba8ee4b5ce4", "setup_xca-1.4.0.exe":"676eaf24348a76bc311db959694c88be86386395686ba05fc1e63f985292aaf6", "xca-1.4.0.dmg": "21d3f6e8199918173a188987de093dc9f16a867ccefb8c348950bb7d843cb1d8", "xca-1.4.0.tar.gz": "ffd4bf247ef49b9977c3166bf9e3269fb96d869ef59877810f794849a791cfbf", "setup_xca-1.4.1-pre02.exe":"54152b8852108e2578b68c2fdeadb469855cf9d596076fd42ce33397120111fd", "xca-1.4.1-pre02.dmg":"a0ad3691ef722c53153ef0e2cb4907582c77548c1084c5771f964358d52b5f0f", "xca-1.4.1-pre02.tar.gz":"619fcd13267c3f4c194003d65c37a534cb1ee1068b5d877e7d17027447f19e4a", "setup_xca-1.4.1.exe":"f2caa3a7aa8c474d546531fbf03ca394069214ca63e8d980c7ea61085a73967f", "xca-1.4.1.dmg":"6d76ac92774d6bc336b1ac21a5bfeb6c83d2426421a39a9fd7b22ef16cd894cb", "xca-1.4.1.tar.gz":"7898ff900d7e1b9b176edc2ce0d16b7bbe593e29b06518ce9d5c7b52c58cd186", "setup_xca-2.0.0-pre01.exe":"c38a844297527e6154f6dc081622cb51251ee9d4f645cab35ed8817a5968d183", "xca-2.0.0-pre01.dmg":"7b84141e86275da53c710067320afa17665824b229766f65e9be52e3bf65f231", "xca-2.0.0-pre01.tar.gz":"6db93a73300cd1c717117223f992847755ab8cf98539baee9aa8c25ca1ea276f", "setup_xca-2.0.0-pre02.exe":"9bb3de4f4b1f4e6c1ba3cc424e25dbf0ea00745a8feb9718ae8bdeae21b10d5c", "xca-2.0.0-pre02.dmg":"c37ab9718a8d76dd5f3bf2d16db0d00059614476548949df2155374da30b1bb0", "xca-2.0.0-pre02.tar.gz":"38849ab27e69e4ed954361e2d3bf856ad3f23289957901b6105943d14743f144", "setup_xca-2.0.0-pre03.exe":"4ef1274b2112f16395bf26f36f15c06122dbcd483386fb228d7d07f7abc8acfe", "xca-2.0.0-pre03.dmg":"5bd77be6a5a25552c8cfda36441d87c2c5538fb107aa9359e919addb1708bfde", "xca-2.0.0-pre03.tar.gz":"42ba9eb3e884cd29188ea75face6e8c653f31459047afd478a1a088a628043d8", "setup_xca-2.0.0-pre04.exe":"5464c91e965d6c250b3e877ca443323ec7380760b4590affa23b90b93d834e83", "xca-2.0.0-pre04.dmg":"2d805e99ac47e6ede577c8e3794c867d5eb636a5afaa140287b7f3ea139fc40d", "xca-2.0.0-pre04.tar.gz":"211c85e9e25145c95fa03d5c80e0f5e15a312ad010c1595cc3a0770cd1a22975", "setup_xca-2.0.0.exe":"300bba922d4720df20ef412a0956cef2348f6f01eda161a9d65667fc0ad427f1", "xca-2.0.0.dmg":"2fa713dc2d4edc55fdde7714d32f953939b6a43597a20601c08614e5270f3d8d", "xca-2.0.0.tar.gz":"881438542d43ede935dace87b50e2a15eccf6ab63f2fe6f2908ced940e9d9a19", "setup_xca-2.0.1.exe":"aefd79221d8148f06a2d38a968fc1b22a025b0aea649db3c7bc7dc245516315b", "xca-2.0.1-High-Sierra.dmg":"6432f049855aadabf4c358f03f448ebc5722528c98cb50e0fa087908fcfe2763", "xca-2.0.1.tar.gz":"4aefcb113bc464af9bf72cea7b760b3e996bc745746e18f9934030595866de89", "setup_xca-2.1.0.exe":"b519aec836d9d4888a2606dc1f3b40077ed17f67caf73ce8b8b3b38f7ccb71db", "xca-2.1.0.dmg":"ad90848e29f199d5b9957e6f8c92bb0de38b8cc869c61ecb707b4199c68bee89", "xca-2.1.0.tar.gz":"9d6adf3f6ae8a471a6f5fa3b76b98bf1c09baddb60847ceeae597aab400e36c9", "setup_xca-2.1.1.exe":"42635b17c3a92b3aa4bc59307a80225cbfa7c553957c1dd59c1fd3aeee022df0", "xca-2.1.1.dmg":"d376bba09657477a20b89b324154c7a76bd3360df37488153727f5d0861a857f", "xca-2.1.1.tar.gz":"6c410e4f7e340681284059d2b7f46828e08dce6ff64e4a48baa02239c2f9d2de", "setup_xca-2.1.2.exe":"8dbdabde2df929019a8f3ce7bd7e1b5de180076edb4ccd5c76625d90fb97e3c0", "xca-2.1.2.dmg":"1cb7d23045ef64b2c30ce927a40d4bcae20b776aa0c94e067029b3b6be63bc49", "xca-2.1.2.tar.gz":"fc845470a02b0b4534b46590be307f784662071fc412fdcad605c3bce901fe05", "xca-portable-2.1.2.zip":"37d2e315dc36c7060a50dd7203339dfa8c8b43cea34f340d456a900a6e5232a6", "xca-2.2.0.dmg":"0f4539d4ce90dc7881afd58c09cc8d7480b341a66017d862ae19c1cbab21dc0a", "xca-2.2.0.msi":"44cdd4df0369d36e0063a86a3cb5713575a41627c92cd7412b39071e3b5794de", "xca-2.2.0.tar.gz":"b07ffbe5ca8e3fbb7c5ad2ef5a0f7c022b3c4a55f1dd41fab5b076992db07b61", "xca-portable-2.2.0.zip":"2bd5c3cc1b428014a038df09d0f6d11399316b3d8de09fe935b317f000b257fb", "last":"" } xca-RELEASE.2.2.1/misc/xca.desktop0000644000175000017500000000130613614632167016016 0ustar tewardteward[Desktop Entry] Encoding=UTF-8 Name=XCA Type=Application Comment=A graphical user interface for handling and issuing X.509 compliant Certificates Comment[de]=Eine graphische Oberfläche zur Erstellung von X.509 konformen Zertifikaten Comment[fi]=Graafinen X.509-varmenteiden hallintatyökalu Comment[fr]=Création et gestion de certificats conformes à la norme X.509 Comment[hr]=Grafičko korisničko sučelje za upravljanje životnim ciklusom X.509 sukladnih potvrda Exec=xca %F Icon=xca-32x32 Terminal=false Categories=Application;Utility;Qt; MimeType=application/x-xca-database;application/x-xca-template;application/x-x509-ca-cert;application/pkcs10;application/x-pkcs7-certificates;application/x-pkcs12; xca-RELEASE.2.2.1/misc/xca.rc0000755000175000017500000000010113614632167014744 0ustar tewardtewardIDI_APPICON ICON DISCARDABLE "img\key.ico" xca-RELEASE.2.2.1/misc/openssl-0.9.8-mingw32-cross.patch0000644000175000017500000001337413614632167021451 0ustar tewardtewarddiff -Nur openssl-0.9.8e.orig/crypto/pqueue/pqueue.c openssl-0.9.8e/crypto/pqueue/pqueue.c --- openssl-0.9.8e.orig/crypto/pqueue/pqueue.c 2005-06-28 14:53:33.000000000 +0200 +++ openssl-0.9.8e/crypto/pqueue/pqueue.c 2007-04-05 10:31:26.000000000 +0200 @@ -199,10 +199,10 @@ return found; } -#if PQ_64BIT_IS_INTEGER void pqueue_print(pqueue_s *pq) { +#if PQ_64BIT_IS_INTEGER pitem *item = pq->items; while(item != NULL) @@ -210,8 +210,8 @@ printf("item\t" PQ_64BIT_PRINT "\n", item->priority); item = item->next; } - } #endif + } pitem * pqueue_iterator(pqueue_s *pq) diff -Nur openssl-0.9.8e.orig/ms/mingw32-cross.sh openssl-0.9.8e/ms/mingw32-cross.sh --- openssl-0.9.8e.orig/ms/mingw32-cross.sh 1970-01-01 01:00:00.000000000 +0100 +++ openssl-0.9.8e/ms/mingw32-cross.sh 2009-11-05 10:07:58.000000000 +0100 @@ -0,0 +1,45 @@ +#!/bin/sh +# Mingw32 on Linux + GNU as +# --------------------------- + +CROSS=i586-mingw32msvc- + +sh Configure mingw $@ + +if echo $@ | grep 'no-asm' >/dev/null 2>&1; then + echo No assembler will be used +else + echo Generating x86 for GNU assember + for name in `find -name "*586.pl"` ./crypto/x86cpuid.pl; do + n=`basename $name` + t=`echo $n | sed 's/\.pl/-win32.s/'` + echo Creating $t from $n + (cd `dirname $name` && perl $n gaswin > $t ) + done +fi + +echo Generating makefile +perl util/mkfiles.pl >MINFO +perl util/mk1mf.pl gaswin $@ Mingw32-cross >ms/mingw32-cross.mak + +echo Generating DLL definition files +perl util/mkdef.pl 32 libeay >ms/libeay32.def +perl util/mkdef.pl 32 ssleay >ms/ssleay32.def + +echo Building the libraries +make -f ms/mingw32-cross.mak CROSS=${CROSS} + +echo Generating the DLLs and input libraries +${CROSS}dllwrap --dllname libeay32.dll --output-lib out/libeay32.a --def ms/libeay32.def out/libcrypto.a -lwsock32 -lgdi32 + +${CROSS}dllwrap --dllname libssl32.dll --output-lib out/libssl32.a --def ms/ssleay32.def out/libssl.a out/libeay32.a + +if test -n "${INSTALL_DIR}"; then + mkdir -p ${INSTALL_DIR}/bin ${INSTALL_DIR}/lib ${INSTALL_DIR}/include + cp -r outinc/openssl ${INSTALL_DIR}/include + cp *.dll ${INSTALL_DIR}/bin + cp out/*.a ${INSTALL_DIR}/lib +fi + +echo Done compiling OpenSSL + diff -Nur openssl-0.9.8e.orig/util/mk1mf.pl openssl-0.9.8e/util/mk1mf.pl --- openssl-0.9.8e.orig/util/mk1mf.pl 2006-11-30 14:04:43.000000000 +0100 +++ openssl-0.9.8e/util/mk1mf.pl 2007-04-05 10:30:27.000000000 +0200 @@ -35,6 +35,7 @@ "VC-CE", "Microsoft eMbedded Visual C++ 3.0 - Windows CE ONLY", "VC-NT", "Microsoft Visual C++ [4-6] - Windows NT ONLY", "Mingw32", "GNU C++ - Windows NT or 9x", + "Mingw32-cross", "GNU C++ Linux cross compiling", "Mingw32-files", "Create files with DOS copy ...", "BC-NT", "Borland C++ 4.5 - Windows NT", "linux-elf","Linux elf", @@ -141,6 +142,10 @@ { require 'Mingw32.pl'; } +elsif ($platform eq "Mingw32-cross") + { + require 'Mingw32-cross.pl'; + } elsif ($platform eq "Mingw32-files") { require 'Mingw32f.pl'; diff -Nur openssl-0.9.8e.orig/util/pl/Mingw32-cross.pl openssl-0.9.8e/util/pl/Mingw32-cross.pl --- openssl-0.9.8e.orig/util/pl/Mingw32-cross.pl 1970-01-01 01:00:00.000000000 +0100 +++ openssl-0.9.8e/util/pl/Mingw32-cross.pl 2007-04-05 10:30:27.000000000 +0200 @@ -0,0 +1,95 @@ +#!/usr/local/bin/perl +# +# Mingw32.pl -- Mingw +# + +$o='/'; +$cp='cp'; +$rm='rm -f'; +$mkdir='mkdir -p'; + +# C compiler stuff + +$cc='$(CROSS)gcc'; +if ($debug) + { $cflags="-DL_ENDIAN -DDSO_WIN32 -g2 -ggdb -DCURSOR_SHOWING=1"; } +else + { $cflags="-DL_ENDIAN -DDSO_WIN32 -fomit-frame-pointer -O3 -march=i586 -Wall -DCURSOR_SHOWING=1 -DOPENSSL_BN_ASM_PART_WORDS"; } + +if ($gaswin and !$no_asm) + { + $bn_asm_obj='$(OBJ_D)//bn-586-win32.o'; + $bn_asm_src='crypto/bn/asm/bn-586-win32.s'; + $bnco_asm_obj='$(OBJ_D)/co-586-win32.o'; + $bnco_asm_src='crypto/bn/asm/co-586-win32.s'; + $des_enc_obj='$(OBJ_D)/crypt586-win32.o $(OBJ_D)/des-586-win32.o'; + $des_enc_src='crypto/des/asm/crypt586-win32.s crypto/des/asm/des-586-win32.s'; + $bf_enc_obj='$(OBJ_D)/bf-586-win32.o'; + $bf_enc_src='crypto/bf/asm/bf-586-win32.s'; +# $cast_enc_obj='$(OBJ_D)/cast-586-win32.o'; +# $cast_enc_src='crypto/cast/asm/cast-586-win32.s'; + $rc4_enc_obj='$(OBJ_D)/rc4-586-win32.o'; + $rc4_enc_src='crypto/rc4/asm/rc4-586-win32.s'; + $rc5_enc_obj='$(OBJ_D)/rc5-586-win32.o'; + $rc5_enc_src='crypto/rc5/asm/rc5-586-win32.s'; + $md5_asm_obj='$(OBJ_D)/md5-586-win32.o'; + $md5_asm_src='crypto/md5/asm/md5-586-win32.s'; + $rmd160_asm_obj='$(OBJ_D)/rmd-586-win32.o'; + $rmd160_asm_src='crypto/ripemd/asm/rmd-586-win32.s'; + $sha1_asm_obj='$(OBJ_D)/sha1-586-win32.o'; + $sha1_asm_src='crypto/sha/asm/sha1-586-win32.s'; + $cpuid_asm_obj='$(OBJ_D)\x86cpuid-win32.o'; + $cpuid_asm_src='crypto/x86cpuid-win32.s'; + $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM"; + } + + +$obj='.o'; +$ofile='-o '; + +# EXE linking stuff +$link='${CC}'; +$lflags='${CFLAGS}'; +$efile='-o '; +$exep='.exe'; +$ex_libs="-lwsock32 -lgdi32"; + +# static library stuff +$mklib='$(CROSS)ar r'; +$mlflags=''; +$ranlib='$(CROSS)ranlib'; +$plib='lib'; +$libp=".a"; +$shlibp=".a"; +$lfile=''; + +$asm='$(CROSS)as'; +$afile='-o '; + +sub do_lib_rule + { + local($obj,$target,$name,$shlib)=@_; + local($ret,$_,$Name); + + $target =~ s/\//$o/g if $o ne '/'; + $target="$target"; + ($Name=$name) =~ tr/a-z/A-Z/; + + $ret.="$target: \$(${Name}OBJ)\n"; + $ret.="\trm -f $target\n"; + $ret.="\t\$(MKLIB) $target \$(${Name}OBJ)\n"; + $ret.="\t\$(RANLIB) $target\n\n"; + } + +sub do_link_rule + { + local($target,$files,$dep_libs,$libs)=@_; + local($ret,$_); + + $file =~ s/\//$o/g if $o ne '/'; + $n=&bname($target); + $ret.="$target: $files $dep_libs\n"; + $ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n\n"; + return($ret); + } +1; xca-RELEASE.2.2.1/misc/dn.text0000644000175000017500000000032613614632167015160 0ustar tewardtewardC ST L O OU CN emailAddress serialNumber givenName surname title initials description role pseudonym name dnQualifier generationQualifier x500UniqueIdentifier businessCategory streetAddress localityName postalCode xca-RELEASE.2.2.1/misc/build-mac.sh0000755000175000017500000000045613614632167016051 0ustar tewardteward#!/bin/sh -e XCA_DIR="`dirname $0`" XCA_DIR="`cd $XCA_DIR/.. && pwd`" export CFLAGS="-mmacosx-version-min=10.10" export EXTRA_VERSION="-Yosemite" XCA_BUILD="xca-macbuild" rm -rf "$XCA_BUILD" mkdir -p "$XCA_BUILD" cd "$XCA_BUILD" (cd $XCA_DIR && ./bootstrap) $XCA_DIR/configure make -j5 cp *.dmg .. xca-RELEASE.2.2.1/misc/Info.plist.in0000644000175000017500000000351413614632167016230 0ustar tewardteward CFBundleExecutable xca NSHumanReadableCopyright © 2020, Christian Hohnstädt NSHighResolutionCapable True CFBundleShortVersionString @PACKAGE_VERSION@ CFBundleVersion @PACKAGE_VERSION@ CFBundleIconFile xca-mac-icon.icns CFBundleIdentifier de.hohnstaedt.xca CFBundleName @PACKAGE_TARNAME@ CFBundleDisplayName @PACKAGE_NAME@ CFBundlePackageType APPL CFBundleSignature cxca CFBundleDocumentTypes CFBundleTypeExtensions xdb CFBundleTypeIconFile xca-mac-icon.icns CFBundleTypeMIMETypes application/x-xca-database CFBundleTypeName XCA Database CFBundleTypeRole Editor LSIsAppleDefaultForType CFBundleTypeExtensions xca CFBundleTypeIconFile xca-mac-icon.icns CFBundleTypeMIMETypes application/x-xca-template CFBundleTypeName XCA Template CFBundleTypeRole Editor LSIsAppleDefaultForType xca-RELEASE.2.2.1/misc/delspace.sh0000755000175000017500000000015313614632167015766 0ustar tewardteward#!/bin/sh for i in $@; do cp "$i" /tmp/x cat /tmp/x |sed 's/[ \t]*$//' |sed 's/ *\t/\t/' > "$i" done xca-RELEASE.2.2.1/misc/.gitignore0000644000175000017500000000003013614632167015631 0ustar tewardtewarddn.txt eku.txt oids.txt xca-RELEASE.2.2.1/doc/0000755000175000017500000000000013614632167013462 5ustar tewardtewardxca-RELEASE.2.2.1/doc/xca.sgml0000644000175000017500000020345013614632167015125 0ustar tewardteward

XCA - X Certificate and key management <author>(c) by Christian Hohnstädt, <tt>christian@hohnstaedt.de</tt> <date>January 2020 - Version 2.2.1 <abstract> This application is intended for creating and managing X.509 certificates, certificate requests, RSA, DSA and EC private keys, Smart-cards and CRLs. Everything that is needed for a CA is implemented. All CAs can sign sub-CAs recursively. These certificate chains are shown clearly. For an easy company-wide use there are customisable templates that can be used for certificate or request generation. All cryptographic data is stored in a SQL database. SQLite, MySQL (MariaDB), PostgreSQL and MicrosoftSQL (ODBC) databases are supported. </abstract> <toc> <sect>Introduction <p> This application is intended as certificate- and key-store and as signing application issuing certificates. <p> All data structures (Keys, Certificate signing requests, Certificates and Templates) can be imported and exported in several formats like DER or PEM. Import means reading a file from the filesystem and storing the data structure into the database file, while exporting means to write the data structure from the database file to the filesystem to be imported into an other application. <p> When opening a new database the first time, it needs a password to encrypt the private keys in the database. This is the default password. Every time this database is opened the application asks for the password. This input dialog may be canceled and the database is still opened successfully. However, the access to the keys is not possible without supplying the correct database password every time a key is used. <p> When setting an empty password, XCA will never ask again for a password when opening this database. This can be useful when playing around with test certificates or if all private keys are on security tokens. <p> The database password can be changed by the Menu item <em>Extra->Change DataBase password</em> <p> The different cryptographic parts are divided over 5 Tabs: Keys, Requests, Certificates, Templates and Revocation lists. All items can be manipulated either by a context menu available by right-clicking on the item, or by using the buttons at the right border. Every item is identified by an internal name which is always shown in the first column as long as the columns are not reordered by the user. <sect1>File Formats <p> There are several default file formats to exchange cryptographic data with other applications. <itemize> <item><bf>DER</bf> <bf>D</bf>istinguished <bf>E</bf>ncoding <bf>R</bf>ules is the binary ASN.1 encoding of the data. <item><bf>PEM</bf> <bf>P</bf>rivacy-<bf>E</bf>nhanced <bf>M</bf>ail is the base64 encoded version of the <bf>DER</bf> formated data with additional header and footer lines to be transported via e.g. E-mail <item><bf>PKCS#X</bf> <bf>P</bf>ublic <bf>K</bf>ey <bf>C</bf>ryptography <bf>S</bf>tandards published by <url url="http://www.rsasecurity.com" name="RSA Laboratories"> </itemize> <sect1>Further Reading <label id="otherdoc"> <p> <enum> <item><url url="http://tldp.org/HOWTO/SSL-Certificates-HOWTO/" name="SSL Certificates HOWTO"> <item><url url="http://ospkibook.sourceforge.net/" name="OS-PKI book"> </enum> <sect1>Copyright <p> <tscreen><verb> Copyright (C) 2001 - 2018 Christian Hohnstaedt. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. - Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - Neither the name of the author nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. This program links to software with different licenses from: - https://www.openssl.org which includes cryptographic software written by Eric Young (eay@cryptsoft.com)" - https://www.qt.io/ </verb></tscreen> <sect1>Credits <p> <tscreen><verb> Kerstin Steinhauff <tine (at) kerstine.de> Arts and graphics </verb></tscreen> Thank you very much. <!-- %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% --> <sect>Miscellaneous <sect1>Updating from versions earlier than 2.0.0 <p> Older versions of XCA used a simple serial proprietary database for storing the cryptographic items. Starting with version 2.0.0 this has changed to SQL. For file based databases the SQLite database format is used. Since XCA uses SQL, it can also be connected to a network database. The databases <em>mySQL</em> and <em>PostgreSQL</em> are tested. Please use the <em>Open Remote DataBase</em> menu item to connect to a remote host. The main disadvantage of the old format leading to the switch to SQL was the inaccessibility by external tools. Since years users ask for command-line access to the database. The new database can be queried by external tools like <em>sqlite3</em> or <em>sqlitebrowser</em> to extract verify or modify content. Please see <ref id="extract" name="Extracting items"> <p> When opening a legacy database, it will be converted to the new format after backing up the original database. Please be careful with older XCA versions. XCA before 1.4.0 will overwrite the new SQLite database during database open. <!-- %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% --> <sect1>Download <p> The most recent stable version of XCA can be downloaded from <url url="http://hohnstaedt.de/xca/index.php/download" name="XCA download"> <p> The current (unstable) HEAD of development can be downloaded and tested via <url url="https://github.com/chris2511/xca/" name="XCA devel on github"> Please do not hesitate to contact me for information about branches. <sect1>DH Parameters <p> Diffie Hellman parameters can be created by XCA. It does neither need nor use the parameters. Applications like OpenVPN however need them and so XCA provides this functionality for users convenience. <sect1>Entropy sources for XCA <p> Entropy is a very important topic for key generation. OpenSSL comes with a good pseudo random number generator. XCA seeds it very thoroughly. <enum> <item>During startup <itemize> <item>The OpenSSL seeding mechanism <tt>RAND_poll()</tt>. It uses <tt>/dev/urandom</tt> where possible and the screen content on Windows. <item>XCA also tries to pull at most 256bit from <tt>/dev/random</tt> and <tt>/dev/hwrng</tt> each. <item>A <tt>.rnd</tt> state file in the XCA application directory is read on startup and erased afterwards to avoid replays. </itemize> <item>Before any key or parameter generation a "re-seeding" is done. Some say re-seeding is not necessary, but all say it does not harm. <itemize> <item>XCA collects entropy by mouse and keyboard events and its timing. (See <tt>main.cpp: bool XCA_application::eventFilter()</tt>) We are on a desktop host after all. <item>256bit from <tt>/dev/urandom</tt> (unix/Mac) </itemize> <item>A <tt>.rnd</tt> state file in the XCA application directory is written whenever XCA finishes. <item>When managing a token or generating a key on a token that supports <tt>C_GenerateRandom</tt> and <tt>C_SeedRandom</tt>, XCA will: <itemize> <item>Seed the token with own random data. <item>Seed the OpenSSL CSPRNG by random bytes from the token. </itemize> </enum> <!-- %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% --> <sect>Command Line Options <p> Usage: <tt>xca [-d new.xdb] [-v] [-x] [-i <index-file>] [-I <directory>] <files></tt> Next to the usual X command line options. There are the following <itemize> <item>-v show version information and exit <item>-d set the database filename (only needed to create a new db) <item>-x exit after processing all command line options <item>-i creates an OpenSSL index file containing all certificates <item>-I creates an OpenSSL index file for each CA in the given, existing directory containing all issued certificates. </itemize> There are some deprecated legacy options: [ -k ] [ -r ] [ -c ] [ -p ] [ -7 ] [ -l ] [ -t ] [ -P ] Before XCA 0.9.0, the type of the items had to be given. This was removed since. Just put all keys, certificates, requests and the database unsorted on the command-line. For backwards compatibility those options are ignored when found. <p> Usually after importing the items from command-line the application will startup as usual. With the -x option given it will exit after finishing the import dialog. This is useful if XCA is used as default application for viewing certificates, keys or requests. <p> <sect1>Extracting items <label id="extract"> <p> The sqlitebrowser may be used to examine the elements of the database. The database schema is documented <url url="database_schema.html" name="here">. All cryptographic items are stored as base64 DER format and must be decoded before feeding them to OpenSSL: <em>| base64 -d | openssl <x509|req|crl|pkcs8> -inform DER ...</em> <p> Extract the private key with internal name 'pk8key' from the database <code> sqlite3 ~/xca.xdb "SELECT private FROM view_private WHERE name='pk8key'" | base64 -d | openssl pkcs8 -inform DER </code> <p> Extract a CRL <code> sqlite3 ~/xca.xdb "SELECT crl FROM view_crls WHERE name='ca'" | base64 -d | openssl crl -inform DER </code> <p> Modify the comment of an item with id 3 <code> sqlite3 ~/xca.xdb "UPDATE items SET comment='My notes' WHERE id=3" </code> The item names are not required to be unique anymore. Each table view in XCA has an optional column "Primary key" that may be shown to get the ID of the item in the database. <p> <!-- %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% --> <sect>Common Actions <p> Many actions are common to all cryptographic parts and are mentioned here once for all. The goal of this application is to provide an easy to use signing-tool and also a common place for all selected PKI items like requests or certificates. <sect1>Column Handling <p> Column visibility can be changed by the context menu of the table header or the "columns" sub menu of the table context menu. It shows all available columns with check-boxes to show or hide them. <enum> <item>Column actions: <itemize> <item><em>Reset:</em> Reset column order and visibility to the default. <item><em>Hide Column:</em> Hide the current column. Only shown in the context menu of the column header </itemize> <item>Common columns: <itemize> <item><em>Internal name:</em> Name of the item in the database. <item><em>No.:</em> A simple counter to easily count the items. <item><em>Primary key:</em> Unique number to identify an item in the database. See <ref id="primary_key" name="Database primary key">. <item><em>Date:</em> Date of the appearance in this XCA database. See <ref id="date_and_source" name="Date and Source"> <item><em>Source:</em> Origin of this item. See <ref id="date_and_source" name="Date and Source">. <item><em>Comment:</em> A multi-line free text input, see <ref id="comment" name="Comment">. </itemize> <item>Private Key columns: <itemize> <item><em>Type:</em> One of <tt>RSA</tt>, <tt>DSA</tt>, <tt>EC</tt> <item><em>Size:</em> Key size in bits. <item><em>EC Group:</em> Curve name of the EC key. <item><em>Use:</em> Number of certificates and requests using this key. <item><em>Password:</em> Protection of the key. See: <ref id="keys" name="RSA, DSA and EC Keys">. </itemize> <item>Certificate and request columns: <itemize> <item><em>Subject:</em> The complete subject name. <item><em>Subject hash:</em> Subject hash used by OpenSSL to lookup certificates. See <url url="https://www.openssl.org/docs/man1.0.2/apps/c_rehash.html" name=" (c_rehash, openssl x509 -hash)">. <item><em>Subject entries:</em> Displays single entries of the subject. The list represents the content of the <ref id="objectids" name="dn.txt"> file. <item><em>X509v3 Extensions:</em> Displays a textual representation of the selected extension. <item><em>X509v3 Extensions:</em> Displays a textual representation of the selected extension. <item><em>Key name:</em> Internal name of the key in the private keys tab. <item><em>Signature algorithm:</em> Signature algorithm used to sign the certificate or request. </itemize> <item>Request columns: <itemize> <item><em>Signed:</em> Whether the request is already signed or not. <item><em>Unstructured name:</em> CSR specific attribute. <item><em>Challenge password:</em> CSR specific attribute. <item><em>Certificate count</em> Number of certificates in the database with the same public key. </itemize> <item>Certificate columns: <itemize> <item><em>CA:</em> CA Basic Constraints flag <item><em>Serial:</em> Serial number <item><em>MD5 / SHA1 / SHA256 fingerprint:</em> Certificate fingerprint <item><em>Start date:</em> Not before date. <item><em>Expiry date:</em> Not after date. <item><em>Revocation:</em> Revocation date of this certificate if revoked. <item><em>CRL Expiration:</em> CRL expiration, if this is a CA </itemize> </enum> <p> Columns can be resized and rearranged. This configuration is stored in the database and will be reassigned next time this database is opened. <sect1>Importing items <p> The import of an item can be done by either clicking the import button on the right or via the context menu available by right clicking into the list. The import function is smart enough to probe all known formats independent of the file extension: <itemize> <item><tt>Keys:</tt> PEM private key, PEM public key, DER private key, DER public key, PKCS#8 private key, SSH public key. <item><tt>Requests</tt> DER request, PEM request <item><tt>Certificates</tt> DER certificate, PEM certificate (PKCS#12 and PKCS#7 certificates must be imported with an extra button, because they may contain more than one certificate and key) </itemize> After selecting the filename XCA will probe for the known formats of that item and in case of an error it prompts the <tt>last</tt> OpenSSL error message. It is possible to select more than one file by selecting them with SHIFT click. Also the <tt>Import</tt> menu may be used to load items. Next to the file-types above, it also supports <tt>PEM</tt> import. PEM describes the encoding instead of the file-type. So a PEM file can be any type of private key, CRL certificate or CSR. This import facility discovers the type and loads it. <p> When importing more than one Key, CRL, Certificate or Request all items are shown in a Multi-import dialog. When importing a PKCS#7 or PKCS#12 item, the contained keys and certificates are shown in the Multi-import dialog. By using the Multi-import dialog the items can be examined, imported or dropped. <p> After reading the item it searches for this item in the database and if it is unique, the item is stored in the database. Otherwise it shows a message containing the internal name of this item in the database. <sect1>Details of an Item <p> The details dialog can be accessed by double clicking the item, by the context menu or by the button on the right. The names of the issuers certificate and the corresponding key are click-able and their content will be shown on "double-click" <sect1>Renaming an Item <p> An Item can be renamed via the context menu by right-clicking on the item, by pressing <F2> or by the <em>Rename</em> button on the right border. <sect1>Deleting Items <p> Items can be deleted by the button on the right or via the context menu. Certificate signing requests can be deleted when they got signed, because they are not needed anymore. The request can be recovered from the resulting certificate by transforming the certificate to a request. This is however only possible if you own the private key of the certificate. Multiple items may be selected to delete them all at once. <sect1>Searching Items <p> The displayed list of items can be reduced by the search-input at the bottom right. It affects all tabs. It does not only search inside the displayed columns but the whole content of the items. It searches the internal name, issuer, subject, extensions, PKCS#10 attributes and token provider. <sect1>Date and source of appearance <label id="date_and_source"> <p> XCA tracks the time and source of any newly appeared item. Both can be seen when selecting <em>Properties</em> in the context menu of an item, or by enabling the <em>Source</em> or <em>Date</em> columns. The source may be one of the following <itemize> <item>Imported <item>Generated <item>Transformed <item>Token <item>Legacy Database </itemize> The content of the date and source fields will never be part of an exported item. <sect1>Comments <label id="comment"> <p> XCA allows to insert multi-line comments for all items. They can be edited by the properties dialog. When showing the <em>Comment</em> column, it will display the first line of the comment field. XCA itself uses the comment field of certificates and requests to leave a note during important operations: <itemize> <item>Applied templates during certificate or request generation <item>Generated keys during certificate or request generation <item>Signing date, time and internal name of the issuing CA when a request gets signed. </itemize> The content of the comment field will never be part of an exported item. <sect1>Database primary key <label id="primary_key"> <p> When inserting an item into the database a new, unique id will be generated and used as primary key in the database. If the item shall be found in the database by external tools, the <tt>items.id</tt> can be used to uniquely identify the item. The internal name cannot be used, since it is not necessarily unique anymore. This ID will never be used outside the database. <!-- %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% --> <sect>The Certificate Input Dialog<label id="wizard"> <p> This input dialog is the central part for collecting all data regarding certificates, requests and templates. It will be invoked whenever such an item is going to be created or, in case of a template, is altered. <sect1>Source <p> This page is not shown when creating or changing templates. <sect2>Signing Request <p> If it is desired to either enroll a certificate from a PKCS#10 request by a local CA, or to create a certificate from a request by self-signing it, the request can be selected here. In the later case the private key of the request must be available. <sect2>Signing <p> Either self-signing or the CA certificate for signing may be selected here. Additionally, the desired signing algorithm can be adjusted. The drop-down list contains all <ref id="ca_cert" name="CA certificates"> with an available private key. <sect2>Signature Algorithm <p> Usually SHA256 or higher should be used, but since older windows versions including XP can not handle them, you may opt to use SHA1. The default signing algorithm may be selected by the <em>Options</em> menu. <sect2>Templates <p> The fields of the certificate can be preset by the values of a template by selecting it and clicking <em>Apply all</em>. Templates can be mixed by applying the subject of one template and then applying the extensions of an other by using the buttons <em>Apply subject</em> and <em>Apply extensions</em> <sect1>Personal Settings <p> <sect2>Subject <p> On this Page all personal data like country, name and email address can be filled in. The <tt>Country code</tt> field must either be empty or exactly contain two letters representing your country code; e.g. <tt>DE</tt> for Germany. If you want to create an SSL-server certificate the <tt>Common name</tt> must contain the <tt>DNS</tt> name of the server. Alternatively the subject-alternative-name extension may be used to define additional DNS names, even wildcards. In this case the CommonName must be repeated here, because TLS clients disregard the CommonName in case the subject-alternative-name extension exists. If the <tt>internal name</tt> is empty, the common name will be used as internal name. It will also be used as default internal name, if a new key is created here. <p> Other rarely used <tt>name-entries</tt> can be selected in the dialog below. By using this table instead of the explicit entries above, the order of the entries can be adjusted. A new line can be added via the <em>Add</em> button. The current line can be deleted via the <em>Delete</em> button. Existing lines can be exchanged and reordered by moving the row-header (containing the row-number) around. All items can be added more than once, even those from above. This is not very usual but allowed. <p> The list of the 7 explicit distinguished name entries may be adjusted in the options dialog at <ref id="expDN" name="Explicit subject entries"> <p> <sect2>Private Key <p> Keys can be generated here "on the fly" by pressing the button. The name of the new key will be preset by the common name of the certificate. The newly generated key will be stored in the database and stay there, even if the input dialog is canceled. The drop-down list of the keys only contains keys that were not used by any other certificate or request. The key-list is not available for creating or changing templates. By checking <tt>Used keys too</tt> the list contains all available keys. Use this with care. You're likely doing something wrong when using this option. <p> This tab does not appear when signing a request, because the request contains all needed data from this tab. Select "Modify subject of the request", if you want to modify it anyway. The content of the subject Tab will then be preset with the content of the request. <sect1>X509v3 Extensions <p> The next three tabs contain all fields for adjusting the certificate extensions. It is not in the focus of this document to explain them all in detail. The most important are the <tt>Basic Constraints</tt> and the <tt>Validity</tt> range. <p> For more information consult the documents in <ref id="otherdoc">. If you don't know what this is all about please read those documents before creating any certificates. <sect2>Basic Constraints <p> If the type is set to <tt>Certification Authority</tt>, the certificate is recognized by XCA and other instances as issuer for other certificates. Server-certificates or E-Mail certificates should set this extension to <tt>End entity</tt> (strongly recommended) or disable it completely by setting it to <tt>Not defined</tt> <sect2>Validity Range <p> The <tt>Not before</tt> field is set to the current date and time of the operating system and the <tt>Not after</tt> field is set to the current date and time plus the specified time range. When applying time ranges, the expiry date (not after) is calculated by taking the currently configured start date (not before) and adding the time range. <p> For templates the specified times are not saved, because it does not make much sense. Rather the time range is stored and automatically applied when selecting this template. Applying the time range means to set notBefore to "now" and notAfter to "now + time range". If the <tt>midnight</tt> button is set both dates will be rounded down and up to midnight. <sect2>Advanced <p> Any extension, not covered on the other tabs can be added here as defined in OpenSSL nconf. The validity can be checked by clicking <tt>Validate</tt>. All extensions from all tabs will be shown here to see them all in their final form. Click on <tt>Edit</tt> to continue editing the extensions here. Refer to the OpenSSL X509v3 configuration for more details: <url url="http://www.openssl.org/docs/apps/x509v3_config.html"> <sect3>Certificate Policies <p> The following example of <tt>openssl.txt</tt> also works in the advanced tab to define certificate policies <tscreen><verb> certificatePolicies=ia5org,1.2.3.4,1.5.6.7.8,@polsect [polsect] policyIdentifier = 1.3.5.8 CPS.1="http://my.host.name/" CPS.2="http://my.your.name/" userNotice.1=@notice [notice] explicitText="Explicit Text Here" organization="Organisation Name" noticeNumbers=1,2,3,4 </verb></tscreen> Adding more than one AuthorityInfoAccess entry is also possible here: <tscreen><verb> authorityInfoAccess=@aia_sect [aia_sect] OCSP;URI.1=http://www.some.responder.org/ OCSP;URI.2=http://www.some.other-responder.org/ caIssuers;URI.3=http://server.whatever.org/cert-path caIssuers;URI.4=ldap://server.whatever.org/xxx,yyy </verb></tscreen> <p> When exporting existing Certificates to templates, the extensions will be translated to OpenSSL config file format. <!-- %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% --> <sect>Smart-cards (Security Tokens) <p> Since XCA 0.8.0 the use of Smart-cards (Security tokens) is supported. It is based on the PKCS#11 standard. The Options dialog contains a list to add one or more PKCS#11 providers (libraries). This is not restricted to Smart-cards but includes all type of security tokens like USB tokens. Up to version 1.0.0 only RSA keys on security tokens were supported. Since version 1.1.0 XCA also supports EC and DSA private keys on security tokens. <p> Once again: This software comes with no warranty at all! If XCA transforms your security token into a fridge, don't blame me. For me everything worked fine and I tested it thoroughly. <p> On Linux the package <tt>opensc</tt> should be installed. Please read the opensc documentation for more details. Generally: if the opensc command-line-tool "pkcs11-tool -L" shows reasonable output, XCA will work. Otherwise fix the opensc setup. I had a functional setup with a "Reiner SCT" and a DELL keyboard with integrated card reader and TCOS Netkey E4 cards. I also used Aladdin Etoken very successfully (Thanks for support!). The Aladdin PKCS#11 library supports all needed features very well. The ECC token support was tested with the www.cardcontact.de ECC tokens. The OpenDNSSEC SoftHSMv2 was used as PKCS#11 reference implementation to test all the token algorithms and certificate and key download functionality to the token. <p> Before the keys of a token can be used, they must be imported into XCA. This means that XCA reads the token and shows the keys and certificates on the token. They can then be imported partially or completely via the Multi-import dialog to be used by XCA. It is not unusual that a token contains more than one key or certificate. It is of course possible to create your own keys on the token. When selecting a token-key for signing, XCA verifies that the corresponding token is available. If the Card reader supports a secure PIN input by a built-in keyboard, it will be used by XCA and it will not ask for the PIN but waits for the Pin-pad input. The following actions with smart-cards are supported: <itemize> <item>Import keys and certificates from the token. (Token->Manage Security token) <item>Everything you can do with other keys can be done with tokens, too. <item>On export, only the Public key is exported. <item>Change the PIN and SO PIN of a token. <item>Create a key on the token. (Button New Key) <item>Store an existing key or certificate on the token. (Context menu of the item) <item>Delete certificates and keys from the token. (Context menu of the item) <item>Initialize cards and the user PIN via SO PIN </itemize> Existing, non-deletable, built-in certificates of Smart-cards may be ignored. A new CA certificate can be created and self-signed by the Smart-card key. It can then be used to issue end-entity certificates, containing other RSA, DSA or EC keys, sign imported certificate requests or generate CRLs <sect1>Key Management on the Token <p> XCA assumes for every private key on the card a corresponding public key. When managing cards, XCA only searches for public keys. There is thus no need to enter a PIN. When using the the key for signing the corresponding private key on the card is selected and a PIN must be entered. <p> Accordingly, every time a key is generated on the card, a public/private key-pair is generated. Every time a key is stored on the card, XCA creates a public and a private key object. <p> Firefox always only looks for private keys on the card. If XCA does not show a key, which is however recognized by Firefox a missing public-key object is the cause. <sect1>The Token Menu <p> The menu item: <tt>Token</tt> is accessible if a PKCS#11 library was loaded and initialized. <sect2>Managing Smart-cards <p> Security token specific operations are collected below the menu-item <tt>Token</tt> <sect3>Manage Security Token <p> This is the Multi import dialog, which allows to view and select the items to be imported. When started it reads the content of the selected token. Additionally, it shows token information in the bottom-right corner and allows to delete and rename items directly on the token. <sect3>Initializing Tokens <p> Initializing tokens is done via the menu item <tt>Initialize token</tt>. During this process either a new SO PIN must be supplied or the old SO PIN must be given. Additionally XCA asks for the label of this token. <p> After this operation succeeded, the User PIN is uninitialized and must be initialized via <tt>Init PIN</tt> <sect3>Deleting Items from the Token <p> Just delete the item as usual. XCA will then ask whether the item shall also be removed from the token. Items on the token that were not yet imported can be deleted via the "Manage security token" menu. <sect3>Changing PINs <p> The User PIN and SO PIN can be changed via the <tt>Token</tt> menu and also via the key context-menu. In this case the correct token containing the key will be enforced. <sect2>Tested Providers <p> The following providers were used for testing: <itemize> <item>OpenSC: default provider for a lot of different cards and readers. Deleting keys or certificates is currently not supported. <itemize> <item>The support of Netkey 4E cards is currently restricted. Only import and using the keys and certificates is possible. <item>Feitian PKI cards work with the following restrictions: <itemize> <item>The cards must be initialized outside XCA with <tt>pkcs15-init</tt> <item>Storing keys onto the card crashes because of <tt>assert(0)</tt> in card-entersafe.c in opensc-0.11.13 <item>Deleting items does not work, because it is not implemented in opensc-0.11.13/card-entersafe.c. </itemize> </itemize> <item>Aladdin eToken PKIclient-5.1: Works perfectly. Read public keys from the token, write private keys to the token, generate keys on the token, write certificates to the token and delete them from the token. <item>Linux only: OpenCryptoki (IBM): may be used as a pure software token, but also supports TPMs and other IBM crypto processors <item>www.cardcontact.de OpenSC branch supports RSA and EC Keys. Downloading keys to the token is not supported. <item>OpenDNSSEC SoftHSMv2 supports all mechanisms in software. A great reference to test the PKCS#11 library interface. </itemize> <sect2>Tested compatibility with other applications <p> For interoperability tests I used the Aladdin eToken together with the Aladdin PKIclient 5.1 software and OpenSC with the Feitian PKI-card. <itemize> <item>Aladdin: /usr/lib/libeTPkcs11.so <item>Feitian: /usr/lib/opensc-pkcs11.so (default) </itemize> I initialized the token as follows: <itemize> <item>Generate CA certificate with software key <item>Generate server certificate with software key <item>Generate client certificate with a key generated on the token <item>Generate 2nd client certificate with software key <item>Copy the software-key of the 2nd client certificate onto the token <item>Copy the 2 client certificates onto the token <item>Export CA certificate as PEM (ca.crt) <item>Export server cert as PKCS12 without password (server.p12) <item>Export server cert as "PEM Cert + key" without password (server.pem) for Apache2 </itemize> <sect2>Firefox / Mozilla -> Apache <p> <itemize> <item>Enable PKCS#11 token in Firefox: Edit->Preferences->Advanced: (Security Devices): (Load) Load PKCS#11 Device: /usr/lib/libeTPkcs11.so <item>Import CA certificate: Edit->Preferences->Advanced: (View Certificates) (Authorities): (Import) <item>Prepare apache config with: <tscreen><verb> SSLEngine on SSLCertificateFile /etc/apache2/ssl/server.pem SSLCertificateKeyFile /etc/apache2/ssl/server.pem SSLCertificateChainFile /etc/apache2/ssl/ca.crt SSLCACertificateFile /etc/apache2/ssl/ca.crt SSLVerifyClient require SSLVerifyDepth 10 </verb></tscreen> <item>Connect with Firefox to the server. Firefox will prompt you to select one of the 2 client certificates. Both work. </itemize> <sect2>OpenVPN <p> The relevant server config is as follows: <tscreen><verb> pkcs12 server.p12 </verb></tscreen> <p> The client config is: <tscreen><verb> ca ca.crt pkcs11-providers /usr/lib/libeTPkcs11.so pkcs11-id 'Aladdin\x20Knowledge\x20Systems\x20Ltd\x2E/eToken/002882d2/F\xC3\xBCr\x20den\x20Firefox/D1A7BFF94B86C061' </verb></tscreen> The pkcs11-id can be obtained with the command: <tt>openvpn --show-pkcs11-ids /usr/lib/libeTPkcs11.so</tt> <sect>RSA, DSA and EC Keys <label id="keys"> <p> For creating certificates, keys are needed. All keys are stored encrypted in the database using the 3DES algorithm. The password can be changed for each key. The password type means: <itemize> <item>common: The database password provided during database load <item>private: The key has its own password, which is not stored by XCA. This can be set and reset via the context menu of the key <item>PIN: Security tokens are usually protected by a PIN <item>No password: Public keys don't need a password </itemize> <p> All keys carry a use counter which counts the times it is used. When creating new requests or certificates the list of available keys is reduced to the keys with a use counter of 0. This can be overridden by the check-box next to the key list. <p> When importing an EC key with explicit curve parameters, the corresponding curve OID is searched and set if found. <p> When exporting the key via SQL from the database, see <ref id="extract" name="Extracting items"> openssl asks for the password, which is either the database password or its own password in case the password type is <tt>private</tt>. <sect1>Generating Keys <p> The dialog asks for the internal name of the key and the key-size in bits. For EC keys, a list of curves is shown. It contains all X9.62 curves and many others. <p> EC Brainpool curves are also supported when linking with OpenSSL 1.0.2. <p> Even if the drop-down list only shows the most usual key sizes, any other value may be set here by editing this box. While searching for random prime numbers a progress bar is shown in the bottom of the base application. After the key generation is done the key will be stored in the database. <p> When checking the <tt>Remember as default</tt> box, the settings (Key-type, key-size or EC curve) will be remembered and preset for the next key generation dialog. This option is not available when generating token keys. <p> For every connected token providing the Key-generate facility an entry in the drop-down menu of the key-types will be shown. It contains the name of the token and the valid key-sizes. <p> In case of EC keys generated on a token, the list of possible curves is restricted based on informations provided by the token (Key size and FP/F2M). The token may support even less ECParameters / OIDs. When selecting an EC curve not supported by the token an error will occur. Please consult the documentation of the provider of the PKCS#11 library. <sect1>Key Export <p> Keys can be exported by either selecting the key and pressing <em>Export</em> or by using the context-menu. It may be chosen to export the key to the clipboard as PEM public, SSH2 public or unencrypted PEM private format. In case of a file export a dialog-box opens where next to the filename one of the following formats may be selected: <itemize> <item><bf>PEM public</bf> the public part of the key in PEM format <item><bf>DER public</bf> the public part of the key in DER format <item><bf>SSH2 public</bf> the public part of the key in SSH2 format <item><bf>PEM private</bf> the private key unencrypt in PEM format <item><bf>PKCS#8 encrypted</bf> the encrypted private key in PKCS#8 format <item><bf>DER private</bf> the private key in binary DER format <item><bf>PEM encrypted</bf> the private key in PEM format with an OpenSSL specific extensions for encryption <item><bf>PKCS#8 unencrypted</bf> the private key unencrypted in PKCS#8 format </itemize> The filename is the internal name plus a <tt>pem</tt>, <tt>der</tt>, <tt>pk8</tt> or <tt>pub</tt> suffix. When changing the file-format, the suffix of the filename changes accordingly. Only PKCS#8 or PEM files can be encrypted, because the DER format (although it could be encrypted) does not support a way to supply the encryption algorithm like e.g. <tt>DES</tt>. Of course, encryption does not make sense if the private part is not exported. <!-- %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% --> <sect>Certificate Signing Requests <label id="csr"> <p> Certificate signing requests are described in PKCS#10 standard. They are used to supply a Certification Authority with the needed information to issue a valid certificate without knowing the private key. This includes personal information, the public key and additional extensions. <p> It is not necessary to generate a request prior to signing it by your CA or before self-signing it. Simply start generating the certificate directly. People using the OpenSSL command line tools are used to generate a request with "openssl req -new ..." and then signing it . This is not necessary with XCA. <p> Tracking signed CSR with XCA can be done by the <em>Signed</em> and <em>Certificate count</em> columns of the certificate signing request tab. The <em>Signed</em> column is an information stored in the database whenever a CSR was used used issue a certificate. Also an automatic comment is left in the comment of the CSR. It does not depend on the certificate remaining in XCA. The <em>Certificate count</em> column displays the number of certificates with the same public key. <p> <sect1>Generating a new Request <p> After clicking on the <tt>New Request</tt> button the Certificate dialog will be started to ask all needed information for generating a new Request. See: <ref id="wizard" name="The Certificate input dialog"> <p> The request generation can also be invoked by the context menu of a certificate (Transform->Request). This menu point is only available if the private key of the certificate is available. In this case all needed data is copied from the certificate and the Certificate dialog is not invoked. <sect1>Request Export <p> Requests can be exported by the context-menu or by the button on the right. <itemize> <item><bf>Clipboard</bf> Writes all selected requests in PEM format to the Clipboard. <item><bf>File</bf> Write the request into a file in PEM or DER format. <item><bf>OpenSSL config</bf> Create and store an OpenSSL configuration file which can be used to generate a similar request with openssl (openssl req -new -config <file>) </itemize> <sect1>Request Transformation <p> A request transformation creates a new database entry based on the selected request <itemize> <item><bf>Template</bf> Create a XCA template with the values of the request. <item><bf>Public Key</bf> Extract the public key from the request and store it in the Private Keys Tab. <item><bf>Similar Request</bf> Starts the Certificate input dialog preset with all values from the current request to create a new request. </itemize> <sect1>Request Details <p> All information contained in the request are shown. If the key-store contains the private key corresponding to the request the keys internal name is shown in the <tt>Key</tt> field. <!-- %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% --> <sect>Certificates <p> All certificates from the database are displayed in a tree view reflecting the chain dependencies. If there is a CA certificate and several client certificates signed by this CA, the client certificates can be shown by clicking on the plus sign of the CA certificate. <sect1>CA certificates <label id="ca_cert"> <p> XCA will recognize CA certificates if the CA flag in the <tt>Basic Constraints</tt> is set to true. If there is a corresponding private key, the <tt>CA</tt> sub-menu in the context-menu will be enabled. <p> For building the chains the CA flag is disregarded, because there are some CAs without this flag. Instead it considers the issuer name and the signature to decide which certificate is the issuer. In case of more than one possible issuer, the one with the latest expiry date will be used as issuer to collect all issued certificates. <sect1>Generating certificates <p> After clicking on the <tt>New Certificate</tt> button the Certificate input dialog will be started to ask all needed information for generating a new Certificate. See: <ref id="wizard" name="The Certificate input dialog"> Certificate creation can also be invoked by the context menu of the certificate list background or by the context menu of the request. In this case the Certificate input dialog is preset with the request to be signed. <p> If a <tt>CA certificate</tt> is selected in the certificate list, this certificate will be preselected as issuing certificate. <sect1>Certificate details <p> The signer is the internal name of the issuers certificate, <em>SELF SIGNED</em> if it is self signed or <em>SIGNER UNKNOWN</em> if the issuer's certificate is not available. The validity is set to <em>valid</em> if the certificate's dates are valid or to <em>Not valid</em> if they are not, compared to the internal time and date of the OS. <p> If the certificate is revoked, the revocation date will be shown instead. <p> On the <em>Subject</em> and <em>Issuer</em> tab the distinguished name is also displayed in a format defined in RFC2253 for copy&paste. <sect1>Certificate Export <p> <itemize> <item><bf>Clipboard</bf> Copy all selected certificates to the clipboard as PEM file <item><bf>File</bf> Export to external file. The filename can be selected in the export dialog and the Export format: <itemize> <item><bf>PEM</bf> - PEM encoded <item><bf>PEM with Certificate chain</bf> - PEM encoded certificate and all issuers up to the root certificate in one file <item><bf>PEM all trusted Certificates</bf> - List of all PEM encoded certificates that are marked as <em>Always trusted</em> (usually all self-signed certificates) in one file for e.g. apache as trusted certificate store. <item><bf>PEM all Certificates</bf> - All PEM encoded certificates in one file. <item><bf>DER</bf> - DER encoded certificate. <item><bf>PKCS#7</bf> - DER encoded PKCS#7 structure containing the certificate. <item><bf>PKCS#7 with Certificate chain</bf> - DER encoded PKCS#7 structure containing the certificate and all issuers up to the root certificate. <item><bf>PKCS#7 all trusted Certificates</bf> - DER encoded PKCS#7 structure containing all certificates that are marked as <em>Always trusted</em> <item><bf>PKCS#7 all Certificates</bf> - DER encoded PKCS#7 structure containing all certificates. <item><bf>PKCS#12</bf> - PKCS#12 structure containing the certificate and the corresponding private key <item><bf>PKCS#12</bf> - PKCS#12 structure containing the certificate, the corresponding private key and the chain of all issuers certificates. <item><bf>PEM cert + key</bf> - concatenation of the private key and certificate in a format used by apache or the X509 patch for OpenSSH. <item><bf>PEM cert + PKCS8 key</bf> - concatenation of the private key in PKCS#8 format and certificate. </itemize> <item><bf>Token</bf> Store certificate on the Security token containing the private key <item><bf>Other token</bf> Store certificate on any Security token <item><bf>OpenSSL config</bf> Create an OpenSSL config file from the content of this certificate, which can be used to generate a similar certificate with openssl (openssl req -new -x509 -config <file>) </itemize> <p> When exporting PKCS#12 structures you are asked later for an encryption password. <sect1>Certificate Transformation <p> A certificate transformation creates a new database entry based on the selected certificate. <itemize> <item><bf>Public Key</bf> Extract the public key from the certificate and store it in the Private Keys Tab. <item><bf>Request</bf> Create a PKCS#10 request by using the data from the certificate. The private key of the certificate must be available for this option. <item><bf>Similar Certificate</bf> Starts the Certificate input dialog preset with all values from the current certificate to create a new certificate. <item><bf>Template</bf> Create a XCA template with the values of the request. </itemize> <sect1>Certificate revocation <p> Certificates can only be revoked, if the private key of the issuer's certificate is available. The certificate will be marked as revoked and the revocation date and reason will be stored with the CA certificate. If more than one unrevoked certificate of the same issuer is selected, all of them will be revoked at once with the same revocation date and reason. The context menu shows this by adding the number of selected certificates in squared brackets. <p> To generate a CRL, revoke the appropriate certificates and select CA->Generate CRL in the context-menu of the signing certificate. <sect1>Certificate renewal <p> Certificates can only be renewed, if the private key of the issuer's certificate is available. Renewal is done by creating a new certificate as a copy of the original one with adjusted validity dates. Use the <tt>Revoke old certificate</tt> check-box to automatically revoke the old certificate. If more than one certificate of the same issuer is selected, all of them will be renewed at once with the same validity dates. The context menu shows this by adding the number of selected certificates in squared brackets. <sect1>CA special functions <p> The context menu of CA certificates contains the <em>CA</em> sub-menu, which makes the following functions available: <itemize> <item><bf>Properties</bf> <item><bf>Generate CRL</bf> Generate the CRL by collecting all revoked certificates and their revocation date. <item><bf>Manage revocations</bf> Displays all revocations and allows to manipulate them. </itemize> <sect2>CA Properties <p> <itemize> <item><bf>CRL days</bf> The days until the next CRL release. <item><bf>Signing Template</bf> The default template for issuing certificates. </itemize> <sect2>Manage revocations <p> Non existing certificates may be revoked by adding the serial number of the certificate. Since version 1.3.0 it is not required anymore to keep revoked certificates in the database, because the revocation information is stored together with the CA certificate. <!-- %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% --> <sect>Templates <p> Templates are special to XCA and not interchangeable with other applications. They store all informations to create certificates or requests. <p> To use templates, just create a new certificate or request and apply one of the templates (or parts of it) in the <tt>Source</tt> Tab. Usually you have the distinguished name parts, that never change and properties (extensions) that define the use of the certificate. You may apply the whole template or only the subject or only the extensions. <p> Next to the 3 default templates for CA, TLS server and client certificates, customized templates may be created. Templates are not signed, they are just a collection of common values for different certificates. Therefore XCA does not care if any duplicates exist in the list of templates. <p> An easy way to create templates is to export an existing certificate or PKCS#10 request to a template. Just select <tt>Transform->Template</tt> in the context-menu of the item. The private key of the Certificate or Request is not needed. <!-- %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% --> <sect>Certificate Revocation Lists <p> All certificates are issued for a restricted period of time. However it may happen that a certificate should not be used or becomes invalid before the "not after" time in the certificate is reached. In this case the issuing CA should revoke this certificate by putting it on the list of revoked certificates, signing and publishing it. <sect1>Generation of Certificate revocation lists <p> In XCA this can be done by the context-menu of the CA and the "revoke" entry in the context-menu of the issued certificate. First all invalid certificates must be marked as revoked and then a Certificate Revocation List should be created and will be stored in the database. <p> <sect>Options <p> The options dialog can be found in the file menu. All options are saved in the database and do not depend on the operating systems registry or configuration files. <p> <sect1>String settings <p> This option applies to all strings converted to ASN1 strings. The selected string type is automatically set to the smallest possible and allowed type, covering all contained characters. <p> The list of allowed string types can be selected: <itemize> <item><bf>PKIX in RFC2459 (default)</bf>All string types are set as described in RFC2459 <item><bf>No BMP strings</bf> All strings containing non printable characters are regarded as errors. <item><bf>PKIX UTF8 only</bf> All string types are selected according to RFC2459 for entities issued after 2004, which means that almost all distinguished name entry types are set to UTF8. <item><bf>All strings</bf>All string types are allowed. </itemize> <p> <sect1>Default hash algorithm <p> Older Windows versions and OpenSSL versions can not handle SHA256 and SHA512. This option allows to set the hash algorithm to SHA1 for instance. <p> <sect1>Suppress success messages <p> After importing and generating new items a success message is shown. This switch disables the messages. <p> <sect1>Don't colorize expired certificates <p> Since version 0.9.2 the expiration dates of certificates will be colorized. Red means expired or not yet valid. Yellow indicates certificates that only have 4/5 of their lifetime until expiration. The CRL expiration date will be marked red 2 days before expiration. <p> <sect1>Translate established x509 terms <p> It is usually more clear to read "commonName" instead of e.g (german) "Allgemeine Bezeichnung". Same is true for "Extended key usage" or "Basic constraints". With this setting the translated terms are shown and the Tool-Tip of the entry shows the established term. If not set, the established term will be displayed and the Tool-Tip contains the translation. <p> <sect1>Only use hashes supported by the token when signing with a token key <p> The PKCS#11 token does probably not support all possible hashes for a signature operation. I.e. the EC and DSA signing algorithms are currently only defined with SHA1 in the PKCS#11 specification. XCA does the hashing part of the digital signature in software outside the token and uses the token to sign the hash. That's why XCA may use additional hashing algorithms like ecdsaWithSha256. If other applications that probably use the token hashing algorithms shall use the token, this option should be set. <p> <sect1>Disable legacy Netscape extensions <p> With this option set the input and use of the legacy Netscape extensions will be suppressed. The certificate input dialog has no Netscape tab, the request and certificate columns don't show the Netscape extensions and when applying a template or converting certificates, the Netscape extensions are removed. However, the details of certificates and requests still show the Netscape extensions if they exist. <p> <sect1>Mandatory subject entries <p> A list of mandatory distinguished name entries may be specified to get a warning, whenever issuing a certificate that lacks one or more listed entries. This requirement is not checked when editing templates, because templates may have empty entries that will be filled during the rollout of the certificate. <p> <sect1>Explicit subject entries<label id="expDN"> <p> This list may be used to change the list of the usual 7 distinguished name entries shown in the subject tab of the Certificate / Request / Template generation dialog to better fit ones needs. When activating the <em>Dynamically arrange explicit subject entries</em> option, the explicit entries are rearranged by the name to be edited. If the name is empty, the entries are unchanged. Otherwise, the entries of the name to be edited are displayed first, followed by the entries of the list above not mentioned in the name to be edited. <p> <sect1>PKCS#11 provider <p> Here you can select the path to one or more PKCS#11 libraries on your system. If the list is empty, the <tt>Token</tt> menu will be unavailable. <!-- %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% --> <sect>Object IDs<label id="objectids"> <p> Private Object IDs and OID lists for the distinguished name or extended key usage can be added in files listed below. The files are: <itemize> <item><bf>oids.txt</bf> additional Object IDs <item><bf>eku.txt</bf> Content of <tt>ExtendedKeyUsage</tt> <item><bf>dn.txt</bf> Content of <tt>DistinguishedName</tt> </itemize> The search path for all the files is listed below. All files except <em>oids.txt</em> are searched in the order listed below and search stops at the first file found. The <em>oids.txt</em> file is searched in reversed order and all <em>oids.txt</em> files found are loaded. <p> <bf>Unix</bf> <itemize> <item>$HOME/.xca/ <item>/etc/xca/ <item>PREFIX/share/xca/ <newline>PREFIX is usually /usr or /usr/local </itemize> <p> <bf>Windows</bf> <itemize> <item>CSIDL_APPDATA\xca, which is something like<newline> C:\Documents and Settings\username\Application Data\xca<newline> or C:\Users\username\AppData\Roaming\xca <item>Installation directory <newline>e.g.: C:\Programs\xca </itemize> <p> <bf>MacOSX</bf> <itemize> <item>$HOME/Library/Application Support/data/xca <item>/Applications/xca.app/Resources </itemize> The path of the user settings directory depends on the operating system and version. The path where XCA looks for this file is shown in the <tt>About</tt> dialog of XCA as <tt>User settings path</tt>. <p> <sect1>New OIDs <label id="new_oids"> <p> All Object IDs that are not official, but belong to your company or organisation can be added in the file <tt>oids.txt</tt>. All possible locations for this file are searched and all <tt>oids.txt</tt> files found are loaded. This way the application-installer adds some in /usr/share/xca, the Administrator in /etc/xca and the user in $HOME/.xca. The format of this file is:<newline> <bf>OID</bf>:<bf>shortname</bf>:<bf>longname</bf><newline> Leading and trailing spaces between the colons and the text are ignored. Lines starting with a <bf>#</bf> are ignored. <p> <sect1>OID lists <p> The files containing OID lists (<tt>eku.txt, dn.txt</tt>) are handled in a different way, only the first one found is used. The format of this files is one entry per line. The entry can be either the numerical OID like <tt>1.3.6.1.5.5.8.2.2</tt>, the short name like <tt>iKEIntermediate</tt> or the long name <tt>IP security end entity</tt>. Lines starting with a <bf>#</bf> are ignored. If this files shall contain new in-official OIDs, they must be also mentioned in one of the <tt>oids.txt</tt> files. <p> <sect1>Adding your company specific Subject entry <p> If you want to / need to add your own company specific subject entry to your certificate it can be done without recompiling XCA. <enum> <item>Add its OID with short name and long name to one of the <tt>oids.txt</tt> file listed in <ref id="new_oids" name="New OIDs"> like:<newline> <tt>1.3.6.1.4.1.12345.1: zodiacSign: Zodiac Sign</tt> <item>Add the OID, short name or long name to the first read <tt>dn.txt</tt> On Linux: <tt>cp /usr/share/xca/dn.txt ~/.xca/dn.txt && echo "zodiacSign" >> ~/.xca/dn.txt</tt> <item>Start XCA, open your database and goto <tt>Options->Distinguished name</tt>. In the <tt>Explicit subject entries</tt> select <tt>Zodiac Sign</tt>, click <tt>Add</tt>, move it by dragging it in the list and click OK when satisfied. <item>Create a new certificate and see. </enum> <sect>Step by Step guides <p> Beginners may follow these steps to easily create their first certificates. This guide shows the minimal requirements for various tasks. For more advanced use of XCA, users are encouraged to familiarize themselves with the applicable standards. <sect1>Setting up a Root CA Certificate <p> <enum> <item>Click the <bf>Certificates</bf> tab. <item>Click the <bf>New Certificate</bf> button. <item>Make sure the <bf>Source</bf> tab is showing, clicking it if necessary. <itemize> <item>At the bottom of the panel, ensure that the <bf>"[default] CA"</bf> template is showing, and click the <bf>Apply all</bf> button. This will fill in appropriate values under the <bf>Extensions</bf>, <bf>Key Usage</bf>, and <bf>Netscape</bf> tabs. </itemize> <item>Click the <bf>Subject</bf> tab. <itemize> <item>Type in the internal name; this is for display purposes in the tool, only. <item>Fill in the required fields in the upper Distinguished Name section (Country name, State/Province, Locality, Organization, Common name, E-Mail address). The common name can be something like "ACME Certificate Authority". <item>If you want to add in any additional parts to the distinguished name, use the <bf>Add</bf> button. <item>Select the desired private key or generate a new one. </itemize> <item>Click the <bf>Extensions</bf> tab. <itemize> <item>The Time Range is probably fine (10 years). If you want to change the duration, then change it and click <bf>Apply</bf>. </itemize> <item>The CRL distribution point will be part of the issued certificates. It should however be thought about a common URL for all of them like <tt>http://www.example.com/crl/crl.der</tt> <item>Click the <bf>OK</bf> button at the bottom. </enum> You may wish to now issue an (initially) empty CRL. Follow the instructions given for issuing CRLs below, except that you do not actually revoke any certificate. </sect1> <sect1>Creating a CA-Signed Host Certificate <p> <enum> <item>Click the <bf>Certificates</bf> tab. <item>Click the <bf>New Certificate</bf> button. <item>Make sure the <bf>Source</bf> tab is showing, clicking it if necessary. <itemize> <item>At the bottom of the panel, select the template <bf>"[default] TLS_server"</bf> (or another suitable template, if you have created your own) and click the <bf>Apply</bf> button. This will fill in appropriate values under the <bf>Extensions</bf>, <bf>Key Usage</bf>, and <bf>Netscape</bf> tabs. <item>In the Signing section, select the certificate that will be used to sign the new certificate. </itemize> <item>Click the <bf>Subject</bf> tab. <itemize> <item>Type in the internal name; this is for display purposes in the tool, only. For host certificates, the host FQDN (fully qualified domain name) is not a bad choice. <item>Fill in the required fields in the upper "Distinguished Name" section (Country code, State/Province, Locality, Organization, Common name, E-Mail address). For host certificates, the common name must be the FQDN to which you wish users to connect. This need not be the canonical name of the host, but can also be an alias. For example, if <tt>pluto.example.com</tt> is your web server and it has a DNS CNAME entry of <tt>www.example.com</tt>, then you probably want the Common Name value in the certificate to be <tt>www.example.com</tt>. <item>If you want to add in any additional parts to the distinguished name, use the drop-down box and <bf>Add</bf> button. <item>Select the desired private key or generate a new one. </itemize> <item>Click the <bf>Extensions</bf> tab. <itemize> <item>Change the Time Range if desired and click <bf>Apply</bf>. <item>In the event that you need to revoke any certificates in the future, you should designate a certificate revocation list location. The location must be unique for this root certificate. XCA exports CRLs in either PEM or DER format with appropriate suffixes, so this should be considered when selecting the URL. Selecting a URI something like <tt>http://www.example.com/crl/crl.der</tt> is probably suitable. On the "CRL distribution point" line, click the <bf>Edit</bf> button. Type in the desired URI, then click <bf>Add</bf>. Add in any additional desired URIs in the same fashion. Click <bf>Validate</bf> and <bf>Apply</bf>. (Alternate mechanisms such as OCSP are beyond the scope of this guide.) </itemize> <item>Click the OK button at the bottom </enum> </sect1> <sect1>Creating a Self-Signed Host Certificate <p> This procedure is almost identical to that of creating a CA-Signed certificate with the following exceptions: <enum> <item>When creating certificate, select "Create a self signed certificate" under the <bf>Source</bf> tab. <item>Self-signed certificates cannot be revoked, so the CRL URI should be blank. </enum> </sect1> <sect1>Setting Up A Template <p> If you have, or expect to have, multiple hosts under one domain and signed by the same root certificate, then setting up a template for your hosts can simplify host certificate creation and improve consistency. <p> The values of templates can be applied on the first tab of the certificate-generation dialog. It can be selected, whether the subject, the extensions or both parts of the template will be applied. This way a subject-only template may be defined and later applied together with the TLS_client or TLS_server template. <enum> <item>Click on the <bf>Templates</bf> tab. <item>Click on the <bf>New Template</bf> button <item>Select an appropriate value for the Preset Template Values, then click <bf>OK</bf> <item>Under the <bf>Subject</bf> tab, specify an internal name for the template. <item>Fill in (or modify) any values that you wish to be populated when using the template. Leave the rest blank (notably the "Common Name" field). <item>When all desired fields are filled in, click the <bf>OK</bf> button at the bottom of the window. </enum> Your template is now ready for use when creating new certificates. Alternatively, you may export an existing Certificate or Certificate signing request to a template by the Export-context menu of the item. </sect1> <sect1>Revoking a Certificate issued by a CA <p> <enum> <item>Click the <bf>Certificates</bf> tab. <item>Right-click on the certificate that you want to revoke and select <bf>Revoke</bf> <item>Right-click the CA certificate that was used to sign the certificate being revoked. Select <bf>CA</bf> --> <bf>Generate CRL</bf> <item>Click the <bf>OK</bf> button in the <bf>Create CRL</bf> dialog. <item>Click on the <bf>Revocation lists</bf> tab in the main window. <item>Right-click on the CRL you just generated and select <bf>Export</bf>. Select the desired format (probably DER) and click <bf>OK</bf> <item>Copy the exported CRL to the location published in the issued certificate's CRL Distribution Points. <item>Optionally, delete older CRLs for the same CA certificate. </enum> </sect1> <!-- %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% --> <sect>Appendix <p> Here one can find several examples for file formats: <sect1>PEM <p> <tscreen><verb> -----BEGIN CERTIFICATE----- MIIC0zCCAjygAwIBAgIQKNOqLomUfJxugwU5FHGCSjANBgkqhkiG9w0BAQQFADBf MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsT LkNsYXNzIDIgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw HhcNOTcxMDEzMDAwMDAwWhcNMDQwMTA1MjM1OTU5WjBDMREwDwYDVQQKEwhWZXJp U2lnbjEuMCwGA1UECxMlVmVyaVNpZ24gQ2xhc3MgMiBPblNpdGUgSW5kaXZpZHVh bCBDQTCBnTANBgkqhkiG9w0BAQEFAAOBiwAwgYcCgYEA3CqZnW4z/LtBdsQ5Ho33 dueQD3RVYWFyPPg3SxsfCOkwHXDFFolgM0ZIf8bQmj12mMOhwaxS0Re5FARphlxh T7NlZYtjou4hfEGvrXJAw02Rs0m+mPtXx1ousEun7wkk84GdOMWS2kqnmFGp2DB2 LWrWry9+2xEqhftlYFpF6BsCAQOjga0wgaowDwYDVR0TBAgwBgEB/wIBADBEBgNV HSAEPTA7MDkGC2CGSAGG+EUBBwEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3 LnZlcmlzaWduLmNvbS9ycGEwMQYDVR0fBCowKDAmoCSgIoYgaHR0cDovL2NybC52 ZXJpc2lnbi5jb20vcGNhMi5jcmwwCwYDVR0PBAQDAgEGMBEGCWCGSAGG+EIBAQQE AwIBBjANBgkqhkiG9w0BAQQFAAOBgQCeTebTWFTbJFzaxCsD3432QbAsiAng0VcA OzlDYn1BMIRT0NsrJbeTjQ8cOmvCkgesEPYsm+SniOktibXDJT+n87Can4+0CQBx qUUsBUoG0PtMGjH4Vr/QD5sG8cMecG3FJR4CWwKitoz47h7sxM50B6RB9je1eIvS 1NMPRGO1nQ== -----END CERTIFICATE----- </verb></tscreen> </article> ������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������xca-RELEASE.2.2.1/doc/xca.1�������������������������������������������������������������������������0000644�0001750�0001750�00000004605�13614632167�014324� 0����������������������������������������������������������������������������������������������������ustar �teward��������������������������teward�����������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������.TH XCA 1 .SH NAME .B xca \- X Certificate and key management .br A GUI for handling X509 certificates, RSA/DSA/EC keys, PKCS#10 Requests and CRLs in Software and on Smartcards. .SH SYNOPSIS .B xca .RI [ -v ] .RI [ -d ] .RI [ -x ] .RI [ -i ] .RI [ -I ] .br .SH "DESCRIPTION" This application is intended as CA, certificate- and Key store. It uses a SQL database to store the items. By default this is SQLite3, but MySQL and PostrgreSQL are also tested and supported. Known types are Certificate signing requests (PKCS#10), Certificates (X509v3), RSA, DSA and EC keys and Certificate revocation lists. The signing of requests, and the creation of self-signed certificates is supported. Both can use templates for simplicity. The PKI structures can be imported and exported in several formats like PKCS#12, PEM, DER, PKCS#8, PKCS#7. .br XCA enables users to manage smartcards via the PKCS#11 interface .SH OPTIONS A summary of options are included below. There are some deprecated legacy options: .RI [ -k ] .RI [ -r ] .RI [ -c ] .RI [ -p ] .RI [ -7 ] .RI [ -l ] .RI [ -t ] .RI [ -P ] .br Before XCA 0.9.0, the type of the items had to be given. This was removed since. Just put all keys, certs, requests and the database unsorted on the commandline. For backwards compatibility those options are ignored when found. .TP .B \-v Show version information and exit. .TP .B \-d <database-name> expect the following argument to be a new database to use. .TP .B \-x Exit after processing all commandline options. Usually after importing the items from commandline the application will startup as usual. With the .I -x option given it will exit after finishing the import dialog. This is useful if xca is used as default application for viewing certificates, keys or requests. .TP .B \-i <index-file> Creates an OpenSSL index file with the file name <index-file>. The file will contain information about all certificates in the database. .TP .B \-I <directory> Creates OpenSSL index files with the file name <directory>/<ca-internal-name>.txt for each CA with issued certificates. Each file will contain information about all issued certificates of the CA. The target directory must exist. .SH SEE ALSO A more detailed HTML documentation can be found in the doc directory, in the "Help" menu of the application or on http://hohnstaedt.de/documentation .SH AUTHOR This manual page was written by Christian Hohnstaedt <christian@hohnstaedt.de> ���������������������������������������������������������������������������������������������������������������������������xca-RELEASE.2.2.1/doc/html.header�������������������������������������������������������������������0000644�0001750�0001750�00000000276�13614632167�015605� 0����������������������������������������������������������������������������������������������������ustar �teward��������������������������teward�����������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> <HTML> <HEAD> <META http-equiv="Content-Type" content="text/html;charset=UTF-8"> <LINK rel="stylesheet" href="xca-doc.css"> ����������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������xca-RELEASE.2.2.1/doc/Makefile����������������������������������������������������������������������0000644�0001750�0001750�00000002723�13614632167�015126� 0����������������������������������������������������������������������������������������������������ustar �teward��������������������������teward�����������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������ifeq ($(TOPDIR),) TOPDIR=.. BUILD=.. endif DELFILES=xca*.html xca.1.gz changelog.html database_schema.html doc: xca.1.gz xca.html changelog.html database_schema.html include $(TOPDIR)/Rules.mak %.1.gz: %.1 @$(PRINT) " MAN [$(BASENAME)] $@" gzip -9 <$^ >$@ xca.html: xca.sgml rm -f xca*.html echo 'The documentation for XCA can be viewed online at: <a href="http://hohnstaedt.de/documentation">http://hohnstaedt.de/documentation</a>.' > $@ test ! -f xca-doc.tgz || tar zxf xca-doc.tgz @$(PRINT) " DOC [$(BASENAME)] $@" $(ENABLE_DOC)$(DOCTOOL) $< >/dev/null install: $(doc) $(ENABLE_DOC)install -m 755 -d $(destdir)$(htmldir) $(ENABLE_DOC)install -m 644 xca*.html $(destdir)$(htmldir) install -m 755 -d $(destdir)$(mandir)/man1 install -m 644 *.1.gz $(destdir)/$(mandir)/man1 app: xca.html mkdir -p $(APPDIR)/Resources install -m 644 xca*.html $(APPDIR)/Resources changelog.html: $(TOPDIR)/changelog $(TOPDIR)/doc/html.header ( cat $(TOPDIR)/doc/html.header; \ echo '</head><body><h2>Changelog</h2><div><ul>'; \ sed 's/&/\&/g; s/</\</g; s/>/\>/g; 2,$$ s/^xca.*-pre[0-9][0-9] .*/ <\/li><li class="prerelease">&/; s/^xca \([^ ]*\) *\(.*\)/<\/ul><\/div><div id="changelog_\1"><h3>xca \1 \2<\/h3><ul>/; s/\*/<\/li><li>/'; \ echo '</body></html>' \ ) < $< > $@ database_schema.html: ../widgets/database_schema.cpp $(TOPDIR)/doc/code2html -lcxx -ohtml $< $@ upload: database_schema.html changelog.html xca.html scp *.html hohnstaedt.de:xca-doc/ ���������������������������������������������xca-RELEASE.2.2.1/doc/code2html���������������������������������������������������������������������0000755�0001750�0001750�00000566540�13614632167�015311� 0����������������������������������������������������������������������������������������������������ustar �teward��������������������������teward�����������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������#!/usr/bin/perl -w my $vernr = "0.9.1"; my $monthshort = "Jan"; my $monthlong = "Jan"; my $year = "2002"; ######################################################################## # # # Code2HTML # # --------- # # # # Code2Html, peter@palfrader.org # # # # $Date: 2002/01/12 21:17:02 $ # $Revision: 1.13 $ # $Id: code2html,v 1.13 2002/01/12 21:17:02 weaselp Exp $ # # # AUTHOR # # Peter Palfrader. Written in 1999, 2000, 2001, 2002. # # A lot of other people. See CREDITS file. # # # # DESCRIPTION # # code2html is a perlscript which converts a program # # source code to syntax highlighted HTML by applying a set # # of regular expressions depending on the language # # the source code is written. # # # # see the man-page for details, # # # ######################################################################## use strict; use Getopt::Long; my $FILES_DISALLOWED_IN_CGI = 1; # you may set this to false to allow file reading from your hd in # cgi mode. This may be not good if your httpd runs as 'root' (yes, I've # seen this!) and so any user could with some knowledge easily read # your /etc/shadow for example! my $FILES_REDIRECT_DISALLOWED = 1; my $LANG_TEST_LENGTH = 1024; # PP: I think Compress::Zlib could be nice for this. but it's not very widespread :( # PP: A hash would be nicer but then it would not possible to get the keys in this very order (AFAIK) # PP: If names contain meta characters, then those must be metaquoted (if you don't want the meta chars to be meta chars of course) my @CGI_ENCODING = ( ['bzip2' , '/usr/bin/bzip2' , '--stdout' ], ['gzip' , '/bin/gzip' , '--stdout' ], ['compress' , '/usr/bin/compress' , '-c' ] ); # undefine the input record separator so everything gets loaded in one turn undef $/; my $pure_version_message = "Code2Html, version $vernr, $monthshort $year, peter\@palfrader.org"; my $version_message = "$pure_version_message\n"; my $short_short_help = "Try `code2html --help' for more information.\n"; my $short_help = "$pure_version_message Usage: code2html [options] [input_file [output_file]] Convert a program source to syntax highlighted HTML, or any other format for wich rules are defined. -l, --language-mode set language mode --fallback LANG fallback language mode -v, --verbose prints progress information to STDER -n, --linenumbers print out the source code with line numbers -P, --prefix optional prefix to use for linenumber anchors -N, --linknumbers linenumbers will link to themselves -t, --replace-tabs[=TABSTOP-WIDTH] replace <tabs> with spaces -L, --language-file=LANGUAGE-FILE specify an alternate file for definitions -m, --modes print all available modes -h, --help print this message -V, --version print version -c, --content-type prints a Content-Type header -o, --output-format selects the output-format -H, --no-header don't use the template --template=FILE override template -T, --title set title -w, --linewidth max characters per line -b, --linebreakprefix prefix of the new lines see the man-page code2html for further help "; my $USE_CGI_FOR_ERRORS = 0; # is switched on in parse params if necessary $SIG{'__DIE__'} = sub { if ($USE_CGI_FOR_ERRORS) { print "Content-Type: text/plain\n\n", $0, ': ', $_[0], "\n"; } else { print STDERR $0, ': ', $_[0]; }; exit 1; }; $SIG{'__WARN__'} = sub { unless ($USE_CGI_FOR_ERRORS) { print STDERR $0.': '.$_[0]; }; }; my $DEFAULT_OUTPUTFORMAT='html'; my $DEFAULT_OUTPUTFORMAT_IN_CGI='html'; my $ENTITIES; my %ENTITIES; my %params = &parse_params; if ($params{'what_to_do'} eq 'patch_html') { &patch_html(\%params) } elsif ($params{'what_to_do'} eq 'normal' ) { &main(\%params) } else { die("I don't know what to do :(\n") }; sub main { my %params = %{shift()}; print STDERR "getting patterns...\n" if ($params{'verbose'}); # building up the database # newer entries overwrite old ones my @CONFIG_FILES; push @CONFIG_FILES, "/etc/code2html.config"; push @CONFIG_FILES, $ENV{'HOME'}."/.code2html.config" if (defined($ENV{'HOME'})); push @CONFIG_FILES, split(/:/,$ENV{'CODE2HTML_CONFIG'}) if ($ENV{'CODE2HTML_CONFIG'}); push @CONFIG_FILES, split(/:/,$params{'langfile'}) if defined($params{'langfile'}); my %STYLESHEET = %{ &get_default_stylesheet } ; my %LANGUAGE = %{ &get_default_database } ; for (@CONFIG_FILES) { if ( -r $_){ # if I use `do $_` instead of scalar eval... %LANGUAGE is not exported and imported correctly (read: at all) (PP) unless (scalar eval `cat $_`) { warn "couldn't parse $_: $@" if $@; }; }; }; if (defined($params{'modes'}) && $params{'modes'}) { print "Defined modes: "; print join( ', ', sort keys %LANGUAGE ), ".\n" ; print "Defined outputformats: "; print join( ', ', sort keys %STYLESHEET ), ".\n" ; exit; }; # set outputformat die "Outputformat $params{'outputformat'} not defined" unless defined $STYLESHEET{$params{'outputformat'}}; my %STYLE = % { $STYLESHEET{$params{'outputformat'}} }; # load alternate template if given if (($params{'template'} ne "") && ( ! $params{'noheader'} )) { open (FILE, $params{'template'}) || die ("Could not open template file $params{'template'}: $!"); $STYLE{'template'} = <FILE>; close (FILE); }; # set up the global ENTITIES variables ( the scalar and the hash ) from the STYLE definition $ENTITIES = $ { $STYLE{'entities'} }{'listofchars'}; %ENTITIES = % { $ { $STYLE{'entities'} }{'replace_by' } }; # modify the header and footer so that the template variables are set correcly unless ($STYLE{'template'} =~ /^(.*)%%code%%(.*)$/s) { die "template does not contain a %%code%% variable"; }; $STYLE{'header'} = $1; $STYLE{'footer'} = $2; $STYLE{'header'} =~ s/%%title%%/$params{'title'}/g; $STYLE{'footer'} =~ s/%%title%%/$params{'title'}/g; $STYLE{'header'} =~ s/%%version%%/$vernr/g; $STYLE{'footer'} =~ s/%%version%%/$vernr/g; # load the input file and set params{'langmode'} if it is not already. this is done by probing a # set of rules defined in %LANGUAGE my $code_ref; print STDERR "loading input file...\n" if ($params{'verbose'}); $code_ref = &get_input_file(\%params, \%LANGUAGE, $params{'langmode'}, $params{'alt_langmode'}); # select the rules for out language. my $language_rules_ref = $LANGUAGE{ lc($params{'langmode'}) }->{'patterns'}; print STDERR "applying stylesheet...\n" if ($params{'verbose'}); # Apply the Stylesheets # set 'starttag' and 'endtag' for every rule according to its 'style' value # the tags are defined in the stylesheet &apply_stylesheets_to_rules( $language_rules_ref, \%STYLE ); print STDERR "outputting headers...\n" if ($params{'verbose'}); &put_headers(\%params, \%STYLE); my $snippetlist_ref = [] ; print STDERR "creating snippet-list...\n" if $params{'verbose'}; &create_snippetlist( $language_rules_ref, $$code_ref, $snippetlist_ref, \%STYLE); print STDERR "outputting file...\n" if $params{'verbose'}; return &put_output(\%params, $snippetlist_ref, \%STYLE); } sub patch_html { my %params = %{shift()}; my $code; open(FILEHANDLE, $params{'infile'}) || die("While opening '$params{'infile'}' for input: ".$!."\n"); $code = <FILEHANDLE>; close(FILEHANDLE); $code =~ s/<!-- code2html delete start -->.*?<!-- code2html delete stop -->//gs; my $counter=0; my @chunks = split ( /(<!-- code2html add.*?-->)/s , $code); $code = ''; for (@chunks) { $code .= $_; if ($_ =~ /<!-- code2html add(.*?)(\n.*?)?-->/s) { my $cmdline = $1; my $input = $2; $cmdline =~ s/^[ \t]*//g; $cmdline =~ s/[ \t]*$//g; @ARGV = split ( / / , $cmdline); my %new_params = &parse_params; $new_params{'input'} = $input if ($new_params{'infile'} eq "-"); undef $new_params{'outfile'}; ++$counter; $new_params{'line_number_prefix'} = $counter unless (defined $new_params{'line_number_prefix'}); $new_params{'verbose'} = $params{'verbose'}; my $no_header = $new_params{'noheader'}; $new_params{'noheader'} = 1; $new_params{'dont_print_output'} = 1; if ($no_header) { $code .= '<!-- code2html delete start -->'.. &main(\%new_params). '<!-- code2html delete stop -->'; } else { $code .= '<!-- code2html delete start --><pre>'. &main(\%new_params). '</pre><!-- code2html delete stop -->'; }; }; }; open(FILEHANDLE, '>'.$params{'outfile'}) || die("While opening '$params{'outfile'}' for output: ".$!."\n"); print FILEHANDLE $code; close(FILEHANDLE); }; ##################################################################### ################### get_input_data ################################## ##################################################################### # Reads the input data for the cgi script. # in : nothing # out: a hash with the input data sub get_input_data { my $input_data; my %f; if($ENV{'REQUEST_METHOD'} eq 'GET') { $input_data = $ENV{'QUERY_STRING'}; } else { read(STDIN, $input_data, $ENV{'CONTENT_LENGTH'}); }; if ($ENV{'CONTENT_TYPE'} =~ m/^multipart\/form-data; boundary=(.*)$/i) { my $boundary = quotemeta($1); my @blocks = split(/$boundary/, $input_data); for (@blocks) { if (my $dummy = m/name="(.*?)"/i) { my $name = $1; $_ =~ s/\r\n/\n/g; m/\n\n(.*)\n/s; my $value = $1; $f{$name}=$value; }; }; } elsif ($ENV{'CONTENT_TYPE'} =~ m/^multipart\/form-data;$/i) # if the boundary is not in the enviroment variable we'll guess { my $dummy = $input_data =~ m/^(.*?)(\n|\r)/; my $boundary = $1; my @blocks = split(/$boundary/, $input_data); for (@blocks) { if (my $dummy = m/name="(.*?)"/i) { my $name = $1; $_ =~ s/\r\n/\n/g; m/\n\n(.*)\n/s; my $value = $1; $f{$name}=$value; }; }; } else { my @form_fields = split(/&/, $input_data); for (@form_fields) { my ($name, $value) = split(/=/, $_); $value =~ tr/+/ /; $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; $f{$name} = $value; } }; return %f; }; ################################################################################ ####################### parse_params ########################################### ################################################################################ sub parse_params { my %RESULT; if (defined($ENV{'GATEWAY_INTERFACE'}) && (!scalar(@ARGV))) # if there is a CGI enviroment and no parameters/options given { $USE_CGI_FOR_ERRORS = 1; $RESULT{'content-type'} = 1; $RESULT{'what_to_do'} = 'normal'; my %input = &get_input_data; $input{'input-selector'} = $input{'input_selector'} unless (defined $input{'input-selector'}); $input{'no-encoding'} = $input{'no_encoding'} unless (defined $input{'no-encoding'}); $input{'line-numbers'} = $input{'line_numbers'} unless (defined $input{'line-numbers'}); $input{'replace-tabs'} = $input{'replace_tabs'} unless (defined $input{'replace-tabs'}); $input{'language-mode'} = $input{'language_mode'} unless (defined $input{'language-mode'}); $input{'cgi-input1'} = $input{'cgi_input1'} unless (defined $input{'cgi-input1'}); $input{'cgi-input2'} = $input{'cgi_input2'} unless (defined $input{'cgi-input2'}); if ($input{'input-selector'} =~ /^cgi[-_]input[12]$/ ) { my $input_selector = $input{'input-selector'}; die("CGI parse error: $input_selector does not exist!") unless (defined $input{$input_selector}); $RESULT{'input'} = $input{$input_selector}; $RESULT{'title'} = 'code2html result of cgi input form'; } elsif ($input{'input-selector'} eq "file") { die('CGI parse error: option not supported due to security reasons!') if ($FILES_DISALLOWED_IN_CGI); die('CGI parse error: filename not defined!') unless (defined $input{'filename'}); $RESULT{'infile'} = $input{'filename'}; $RESULT{'title'} = $RESULT{'infile'}; } elsif ($input{'input-selector'} eq "REDIRECT_URL") { die('CGI parse error: option not supported due to security reasons!') if ($FILES_REDIRECT_DISALLOWED); die('CGI parse error: ENV: REDIRECT_URL not defined!') unless (defined $ENV{'REDIRECT_URL'}); $RESULT{'infile'} = $ENV{'DOCUMENT_ROOT'}.$ENV{'REDIRECT_URL'}; $RESULT{'title'} = $RESULT{'infile'}; } else { die('CGI parse error: input selector not given!'); }; if ((!defined ($input{'no-encoding'})) || $input{'no-encoding'}) { for (@CGI_ENCODING) { if ( ($ENV{'HTTP_ACCEPT_ENCODING'} =~ m/\b $_->[0] \b/x) && # PP: if supported by the browser (-x $_->[1]) ) # PP: and executable by the script { $RESULT{'encoding'} = $_->[0]; $RESULT{'encoder' } = $_->[1] .' '. $_->[2]; last; }; } }; $RESULT{'linenumbers'} = 'none'; if ($input{'line-numbers'} eq "yes") { $RESULT{'linenumbers'} = 'normal'; }; if ($input{'line-numbers'} eq "link") { $RESULT{'linenumbers'} = 'linked'; }; if (defined($input{'replace_tabs'})) { $RESULT{'replacetabs'} = $input{'replace-tabs'} }; if (defined($input{'fallback'})) { $RESULT{'alt_langmode'} = $input{'fallback'} }; if (defined($input{'language_mode'})) { $RESULT{'langmode'} = $input{'language-mode'} }; if (defined($input{'title'})) { $RESULT{'title'} = $input{'title'} }; $RESULT{'content_type'} = 1; $RESULT{'outputformat'} = $DEFAULT_OUTPUTFORMAT_IN_CGI; $RESULT{'outfile'} = '-'; } else { my $verbose = 0; my $linenumbers = 0; my $linknumbers = 0; my $replace_tabs = 0; my $language_file = ''; my $language_mode = ''; my $modes = 0; my $fallback = ''; my $help = 0; my $version = 0; my $content_type = 0; my $no_header = 0; my $outputformat = $DEFAULT_OUTPUTFORMAT; my $template = ''; my $title = "__NOTHING__$$"; # some magix ;( my $prefix = undef; my $linewidth = undef; my $linebreakprefix = undef; my $linebreakprefixdefault = ' '; my $patch_html; # Get Options does not like - as a parameters (used for STDIN and STDOUT) # So we're using a stupid magix again @ARGV = map { $_ eq '-' ? "__STD__$$" : $_ } @ARGV; Getopt::Long::config('bundling'); unless ( GetOptions( "--verbose" , \$verbose , "-v" , \$verbose , "--linenumbers" , \$linenumbers , "-n" , \$linenumbers , "--linknumbers" , \$linknumbers , "-N" , \$linknumbers , "--prefix=s" , \$prefix , "-P=s" , \$prefix , "--replace-tabs=i" , \$replace_tabs , "--replace_tabs=i" , \$replace_tabs , "-t=i" , \$replace_tabs , "--language-file=s" , \$language_file , "--language_file=s" , \$language_file , "-L=s" , \$language_file , "--language-mode=s" , \$language_mode , "--language_mode=s" , \$language_mode , "-l=s" , \$language_mode , "--title=s" , \$title , "-T=s" , \$title , "--modes" , \$modes , "-m" , \$modes , "--fallback=s" , \$fallback , "--output=s" , \$outputformat , "-o=s" , \$outputformat , "--template=s" , \$template , "--help" , \$help , "-h" , \$help , "--version" , \$version , "-V" , \$version , "--content-type" , \$content_type , "--content_type" , \$content_type , "-c" , \$content_type , "--no-header" , \$no_header , "--no_header" , \$no_header , "-H" , \$no_header , "--patch-html" , \$patch_html , "--patch_html" , \$patch_html , "-p" , \$patch_html , "--linewidth=i" , \$linewidth , "-w=i" , \$linewidth , "--linebreakprefix=s" , \$linebreakprefix , "-b=s" , \$linebreakprefix , ) ) { print STDERR $short_short_help; exit 1; } #reversing magix @ARGV = map { $_ eq "__STD__$$" ? '-' : $_ } @ARGV; if ($help) { print STDERR $short_help; exit 0; }; if ($version) { print $version_message; exit 0; }; if ($patch_html) { $RESULT{'what_to_do'} = 'patch_html'; $RESULT{'verbose'} = $verbose; if (!defined ($RESULT{'infile'} = shift(@ARGV))) { $RESULT{'infile'} = '-' }; if (!defined ($RESULT{'outfile'} = shift(@ARGV))) { $RESULT{'outfile'} = $RESULT{'infile'}}; if (defined (shift(@ARGV))) { print STDERR "too many parameters!\n"; print STDERR $short_help; exit 1; }; } else { $RESULT{'what_to_do'} = 'normal'; $RESULT{'verbose'} = $verbose; if ($linknumbers) { $RESULT{'linenumbers'} = 'linked' } elsif ($linenumbers) { $RESULT{'linenumbers'} = 'normal' } else { $RESULT{'linenumbers'} = 'none' }; $RESULT{'line_number_prefix'} = $prefix; $RESULT{'replacetabs'} = $replace_tabs; $RESULT{'langfile'} = $language_file; $RESULT{'modes'} = $modes; $RESULT{'alt_langmode'} = $fallback; $RESULT{'content_type'} = $content_type; $RESULT{'noheader'} = $no_header; $RESULT{'langmode'} = $language_mode; $RESULT{'template'} = $template; $RESULT{'outputformat'} = $outputformat; $RESULT{'linewidth'} = $linewidth; $RESULT{'linebreakprefix'}= $linebreakprefix; if (defined ($RESULT{'linebreakprefix'}) && !defined ($RESULT{'linewidth'})) { printf (STDERR "--linebreakprefix|-b does not make sense without --linewidth|-w!\n"); print STDERR $short_help; exit 1; } if (defined ($RESULT{'linewidth'})) { if ($RESULT{'linewidth'} <= 0) { printf (STDERR "linewidth must be greater then 0!\n"); print STDERR $short_help; exit 1; } if (!defined ($RESULT{'linebreakprefix'})) { $RESULT{'linebreakprefix'} = $linebreakprefixdefault; } } if (!defined ($RESULT{'infile'} = shift(@ARGV))) { $RESULT{'infile'} = '-'}; if (!defined ($RESULT{'outfile'} = shift(@ARGV))) { $RESULT{'outfile'} = '-'}; if (defined (shift(@ARGV))) { print STDERR "too many parameters!\n"; print STDERR $short_help; exit 1; }; }; #the magix again $RESULT{'title'} = $title eq "__NOTHING__$$" ? ($RESULT{'infile'} eq '-' ? 'STDIN' : $RESULT{'infile'}) : $title; }; return %RESULT; }; ################################################################################ ####################### checkTabulator ######################################### ################################################################################ sub checkTabulator { my ($line, $TABSTOP) = @_; while ((my $at = index($line, "\t")) != -1) { my $cnt = ($TABSTOP - ($at % $TABSTOP)); my $replace_with = ' ' x $cnt if ($cnt); $line =~ s/\t/$replace_with/; }; return $line; } ################################################################################ ####################### splitLine ############################################## ################################################################################ sub splitLine { my ($line, $linewidth, $prefix) = @_; my $length = length ($line); my $pos = 0; while ($length - $pos > $linewidth) { my $maxoff = ($pos + $linewidth > $length) ? ($length - 1) : ($pos + $linewidth); my $newpos = rindex ($line, " ", $maxoff); if ($newpos > $pos) { $pos = $newpos; $line = substr ($line, 0, $pos)."\0$prefix".substr ($line, $pos + 1, $length); } else { $pos = $pos + $linewidth + 1; $line = substr ($line, 0, $pos)."\0$prefix".substr ($line, $pos, $length); } }; return $line; } ################################################################################ ####################### get_input_file ######################################### ################################################################################ sub get_input_file { # in : \%params # in : \%LANGUAGE; # in/out : $langmode; # in/out : $alt_langmode; # returns: input file my %PARAMS = %{$_[0]}; my %LANGUAGE = %{$_[1]}; my $langmode = $_[2]; my $alt_langmode = $_[3]; my $code; if (defined $PARAMS{'input'}) { $code = $PARAMS{'input'}; $code =~ s/\r//g; } else { open(FILEHANDLE, $PARAMS{'infile'}) || die("While opening '$PARAMS{'infile'}' for input: ".$!."\n"); $code = <FILEHANDLE>; close(FILEHANDLE); }; if ($PARAMS{'replacetabs'} != 0) { $code = join ( "\n", map{ &checkTabulator($_, $PARAMS{'replacetabs'}) } my @dummy = split(/\n/, $code) ); }; if (defined ($PARAMS{'linewidth'})) { $code = join ( "\n", map{ &splitLine($_, $PARAMS{'linewidth'}, $PARAMS{'linebreakprefix'}) } my @dummy = split(/\n/, $code) ); }; if ((!defined($langmode)) || ($langmode eq '')) { my $test_code = substr($code, 0, $LANG_TEST_LENGTH); warn("language mode not given. guessing...\n"); $langmode = ''; for (keys %LANGUAGE) { if ( (($LANGUAGE{$_}->{'filename'} ne '') && ($PARAMS{'infile'} =~ m/$LANGUAGE{$_}->{filename}/)) || (($LANGUAGE{$_}->{'regex'} ne '') && ($test_code =~ m/$LANGUAGE{$_}->{regex}/ )) ) { $langmode = $_; last; }; }; if ($langmode eq '') { if ((defined($alt_langmode)) && ($alt_langmode ne '')) { warn("Guessing language mode failed. Using fallback mode: '$alt_langmode'\n"); $langmode = $alt_langmode; $alt_langmode = ''; } else { die("Guessing language mode failed.\n") }; } else { warn("using '$langmode'\n"); }; }; $_[2] = $langmode; $_[3] = $alt_langmode; return \$code; }; ################################################################################ ####################### put_headers ############################################ ################################################################################ sub put_headers { my %PARAMS = %{shift()}; my $STYLE_REF = shift(); if (defined($PARAMS{'outfile'})) { unless ($PARAMS{'outfile'} eq '-'){ open(SAVEOUT, ">&STDOUT"); print SAVEOUT ''; # so perl does not typo warn open (STDOUT, '>'.$PARAMS{'outfile'}) || die("While redirecting STDOUT to '$PARAMS{'outfile'}' for output: ".$!."\n"); }; if (defined $PARAMS{'encoding'}) { $|=1; # PP: so the header is written before the data! # PP: this took me hours of debugging :( print "Content-Type: $$STYLE_REF{'content-type'}\n" if ($PARAMS{'content_type'}); print "Content-Encoding: $PARAMS{'encoding'}\n\n"; open (FILEHANDLE, "|$PARAMS{'encoder'}") || die("While opening '$PARAMS{'encoder'}': ".$!."\n"); } else { open( FILEHANDLE, ">&STDOUT" ) ; print FILEHANDLE "Content-Type: $$STYLE_REF{'content-type'}\n\n" if ($PARAMS{'content_type'}); }; print FILEHANDLE $$STYLE_REF{'header'} unless $PARAMS{'noheader'}; } }; ################################################################################ ####################### apply_stylesheets_to_rules ############################# ################################################################################ sub apply_stylesheets_to_rules { my ( $regexps_ref, $style_ref ) = @_; for ( @$regexps_ref ) { # warn ("Style '".$_->{style}."' not defined in stylesheet.\n") unless defined $ { $$style_ref{'tags'} } { $_->{style} }; if (defined ($ { $$style_ref{'tags'} } { $_->{style} })) { $_->{'starttag'} = $ { $ { $$style_ref{'tags'} } { $_->{style} } } { 'start' }; $_->{'endtag'} = $ { $ { $$style_ref{'tags'} } { $_->{style} } } { 'stop' }; } else { # no style no formating; if style == '' formating is done by childregex warn ("Style '".$_->{style}."' not defined in stylesheet.\n") if ($_->{style} ne ''); $_->{'starttag'} = ''; #$ { $ { $$style_ref{'tags'} } { $_->{style} } } { 'start' }; $_->{'endtag'} = ''; #$ { $ { $$style_ref{'tags'} } { $_->{style} } } { 'stop' }; } apply_stylesheets_to_rules( $_->{childregex}, $style_ref ) if $_->{childregex}; }; }; ################################################################################ ####################### create_snippetlist ##################################### ################################################################################ sub create_snippetlist { my ( $regexps_ref, $code, $snippetlist_ref, $style_ref ) = @_ ; my $length = length( $code ); ## An array of regular expression sturctures, each of which is an ## array. @res is kept sorted by starting position of the RExen and ## then by the position of the regex in the language file. This allows ## us to just evaluate $res[0], and to hand write fast code that typically ## handles 90% of the cases without resorting to the _big_ guns. ## ## FWIW, I pronounce '@res' REEZE, as in the plural of '$re'. ## my @res ; my $pos ; for ( @$regexps_ref ) { pos( $code ) = 0 ; #++$m ; next unless $code =~ m/($_->{regex})/gms ; $pos = pos( $code ) ; # $res[@res] = [ # $_->{regex}, # $ { $ { $$style_ref{'tags'} } { $_->{style} } } { 'start' }, # $ { $ { $$style_ref{'tags'} } { $_->{style} } } { 'stop' }, # $_->{childregex}, # $pos - length( $1 ), # $pos, # scalar( @res ), # ] ; $res[@res] = [ $_->{regex}, $_->{starttag}, $_->{endtag}, $_->{childregex}, $pos - length( $1 ), $pos, scalar( @res ), ] ; } ## 90% of all child regexes end up with 0 or 1 regex that needs to be ## worried about. Trimming out the 0's speeds things up a bit and ## makes the below loop simpler, since there's always at least ## 1 regexp. It donsn't speed things up much by itself: the percentage ## of times this fires is really small. But it does simplify the loop ## below and speed it up. unless ( @res ) { $code =~ s/($ENTITIES)/$ENTITIES{$1}/ge ; push @$snippetlist_ref, $code ; return ; } @res = sort { $a->[4] <=> $b->[4] || $a->[6] <=> $b->[6] } @res ; ## Add a dummy at the end, which makes the logic below simpler / faster. $res[@res] = [ undef, undef, undef, undef, $length, $length, scalar( @res ), ] ; ## These are declared here for (minor) speed improvement. my $re ; my $match_spos ; my $match_pos ; my $re_spos ; my $re_pos ; my $re_num ; my $prefix ; my $snippet ; my $rest ; my $i ; my $l ; my @changed_res ; my $j ; $pos = 0 ; MAIN: while ( $pos < $length ) { $re = $res[0] ; $match_spos = $re->[4] ; $match_pos = $re->[5] ; if ( $match_spos > $pos ) { $prefix = substr( $code, $pos, $match_spos - $pos ) ; $prefix =~ s/($ENTITIES)/$ENTITIES{$1}/ge ; push @$snippetlist_ref, $prefix ; } if ( $match_pos > $match_spos ) { $snippet = substr( $code, $match_spos, $match_pos - $match_spos ) ; if ( @{$re->[3]} ) { push @$snippetlist_ref, $re->[1] ; create_snippetlist( $re->[3], $snippet, $snippetlist_ref, $style_ref ) ; push @$snippetlist_ref, $re->[2] ; } else { $snippet =~ s/($ENTITIES)/$ENTITIES{$1}/ge ; push @$snippetlist_ref, $re->[1], $snippet, $re->[2]; } } $pos = $match_pos ; ## ## Hand coded optimizations. Luckily, the cases that arise most often ## are the easiest to tune. ## # =pod if ( $res[1]->[4] >= $pos ) { ## Only first regex needs to be moved, 2nd and later are still valid. ## This is often 90% of the cases for Perl or C (others not tested, ## just uncomment the $n, $o, and $p lines and try it yourself). #++$n{1} ; #++$m ; pos( $code ) = $pos ; unless ( $code =~ m/($re->[0])/gms ) { #++$o{'0'} ; if ( @res == 2 ) { ## If the only regexp left is the dummy, we're done. $rest = substr( $code, $pos ) ; $rest =~ s/($ENTITIES)/$ENTITIES{$1}/ge ; push @$snippetlist_ref, $rest ; last ; } shift @res ; } else { $re->[5] = $re_pos = pos( $code ) ; $re->[4] = $re_spos = $re_pos - length( $1 ) ; ## Walk down the array looking for $re's new home. ## The first few loop iterations are unrolled and done manually ## for speed, which handles 85 to 90% of the cases where only ## $re needs to be moved. ## ## Here's where that dummy regexp at the end of the array comes ## in handy: we don't need to worry about array size here, since ## it will always be after $re no matter what. The unrolled ## loop stuff is outdented to make the conditionals fit on one ## 80 char line. ## Element 4 in @{$res[x]} is the start position of the match. ## Element 6 is the order in which it was declared in the lang file. $re_num = $re->[6] ; if ( ( $re_spos <=> $res[1]->[4] || $re_num <=> $res[1]->[6] ) <= 0 ) { #++$o{'1'} ; next } $res[0] = $res[1] ; #++$o{'2'} ; if ( ( $re_spos <=> $res[2]->[4] || $re_num <=> $res[2]->[6] ) <= 0 ) { $res[1] = $re ; next ; } $res[1] = $res[2] ; if ( ( $re_spos <=> $res[3]->[4] || $re_num <=> $res[3]->[6] ) <= 0 ) { #++$o{'3'} ; $res[2] = $re ; next ; } $res[2] = $res[3] ; if ( ( $re_spos <=> $res[4]->[4] || $re_num <=> $res[4]->[6] ) <= 0 ) { #++$o{'3'} ; $res[3] = $re ; next ; } $res[3] = $res[4] ; if ( ( $re_spos <=> $res[5]->[4] || $re_num <=> $res[5]->[6] ) <= 0 ) { #++$o{'4'} ; $res[4] = $re ; next ; } $res[4] = $res[5] ; #++$o{'ugh'} ; $i = 6 ; $l = $#res ; for ( ; $i < $l ; ++$i ) { last if ( ( $re_spos <=> $res[$i]->[4] || $re_num <=> $res[$i]->[6] ) <= 0 ) ; $res[$i-1] = $res[$i] ; } #++$p{sprintf( "%2d", $i )} ; $res[$i-1] = $re ; } next ; } # =cut ## ## End optimizations. You can comment them all out and this net ## does all the work, just more slowly. If you do that, then ## you also need to comment out the code below that deals with ## the second entry in @res. ## #my $ni = 0 ; ## First re always needs to be tweaked #++$m ; #++$ni ; pos( $code ) = $pos ; unless ( $code =~ m/($re->[0])/gms ) { if ( @res == 2 ) { ## If the only regexp left is the dummy, we're done. $rest = substr( $code, $pos ) ; $rest =~ s/($ENTITIES)/$ENTITIES{$1}/ge ; push @$snippetlist_ref, $rest ; last ; } shift @res ; @changed_res = () ; $i = 0 ; } else { $re->[5] = $re_pos = pos( $code ) ; $re->[4] = $re_pos - length( $1 ) ; @changed_res = ( $re ) ; $i = 1 ; } ## If the optimizations above are in, the second one always ## needs to be tweaked, too. $re = $res[$i] ; #++$m ; #++$ni ; pos( $code ) = $pos ; unless ( $code =~ m/($re->[0])/gms ) { if ( @res == 2 ) { ## If the only regexp left is the dummy, we're done. $rest = substr( $code, $pos ) ; $rest =~ s/($ENTITIES)/$ENTITIES{$1}/ge ; push @$snippetlist_ref, $rest ; last ; } shift @res ; } else { $re->[5] = $re_pos = pos( $code ) ; $re->[4] = $re_spos = $re_pos - length( $1 ) ; if ( @changed_res && ( $changed_res[0]->[4] <=> $re_spos || $changed_res[0]->[6] <=> $re->[6] ) > 0 ) { unshift @changed_res, $re ; } else { $changed_res[$i] = $re ; } ++$i ; } for ( ; ; ++$i ) { local $_ = $res[$i] ; #++$m ; last if $_->[4] >= $pos ; #++$ni ; #++$m ; pos( $code ) = $pos ; unless ( $code =~ m/($_->[0])/gms ) { if ( @res <= 2 ) { $rest = substr( $code, $pos ) ; $rest =~ s/($ENTITIES)/$ENTITIES{$1}/ge ; push @$snippetlist_ref, $rest ; last MAIN ; } ## If this regex is no longer needed, remove it by not pushing it ## on to @changed_res. This means we need one less slot in @res. shift @res ; redo ; } $_->[5] = $re_pos = pos( $code ) ; $_->[4] = $re_spos = $re_pos - length( $1 ) ; ## Insertion sort in to @changed_res $re_num = $_->[6] ; for ( $j = $#changed_res ; $j > -1 ; --$j ) { last if ( ( $changed_res[$j]->[4] <=> $re_spos || $changed_res[$j]->[6] <=> $re_num ) < 0 ) ; $changed_res[$j+1] = $changed_res[$j] ; } $changed_res[$j+1] = $_ ; } ## Merge sort @changed_res and @res in to @res $j = 0 ; $l = $#res ; for ( @changed_res ) { while ( $i < $l && ( $_->[4] <=> $res[$i]->[4] || $_->[6] <=> $res[$i]->[6] ) > 0 ) { $res[$j++] = $res[$i++] ; } $res[$j++] = $_ ; } # =cut } }; ################################################################################## ######################### create_snippetlist ##################################### ################################################################################## ##sub create_snippetlist ## { ## my ( $regexps_ref, $code, $snippetlist_ref ) = @_ ; ## my $length = length( $code ); ## my @regexps; ## $regexps[scalar(@$regexps_ref)] = undef; ## my $head_ptr = undef; ## my $current_ptr; ## my $help_ptr; ## my $index = 0; ## for (@$regexps_ref) ## { ## $current_ptr = $regexps[$index]; #0: start_ptr 1: length 2: next_ptr, 3: regex, 4:start, 5:end, 6: child 7: index ## $current_ptr->[7] = $index++; ## $current_ptr->[6] = $$_{'childregex'}; ## $current_ptr->[5] = $$_{'endtag'}; ## $current_ptr->[4] = $$_{'starttag'}; ## $current_ptr->[3] = $$_{'regex'}; ## pos( $code ) = 0; ## if ( $code =~ /($current_ptr->[3])/gms ) { $current_ptr->[0] = pos ($code) - length($1); $current_ptr->[1] = length($1); } else {next}; ## if (!defined ($head_ptr) || $current_ptr->[0] < $head_ptr->[0] ) ## { ## $current_ptr->[2] = $head_ptr; ## $head_ptr = $current_ptr; ## } ## else ## { ## $help_ptr = $head_ptr; ## $help_ptr = $help_ptr->[2] ## while (defined ( $help_ptr->[2] ) && ($current_ptr->[0] >= $help_ptr->[2]->[0]) ); #iow: while (defined help->next && current->pos <= help->next->pos) ## $current_ptr->[2] = $help_ptr->[2]; ## $help_ptr->[2] = $current_ptr; ## }; ## }; ## my $endpos = 0; ## my $oldhead; ## my %entities ; ## $entities{'&'} = '&' ; ## $entities{'<'} = '<' ; ## $entities{'>'} = '>' ; ## $entities{'"'} = '"' ; ## my $snippet; ## while (defined $head_ptr) ## { ## if ($head_ptr->[0] - $endpos > 0) { ## $snippet = substr($code, $endpos, $head_ptr->[0] - $endpos); ## $snippet =~ s/($ENTITIES)/$ENTITIES{$1}/ge; #"]); ## push @$snippetlist_ref, $snippet; ## }; ## push @$snippetlist_ref, $head_ptr->[4]; ## &create_snippetlist( $head_ptr->[6], substr($code, $head_ptr->[0], $head_ptr->[1]) , $snippetlist_ref); ## push @$snippetlist_ref, $head_ptr->[5]; ## $endpos = $head_ptr->[0] + $head_ptr->[1]; ## # update & repair list : ## $oldhead = $head_ptr; ## # 1) shift now invalid matches from list ## $help_ptr = $head_ptr; ## $help_ptr = $help_ptr->[2] ## while (defined ( $help_ptr->[2] ) && ($endpos > $help_ptr->[2]->[0]) ); ## $head_ptr = $help_ptr->[2]; ## $help_ptr->[2] = undef; ## # 2) rematch invalid matches and insert them into the list ## while (defined $oldhead) ## { ## $current_ptr = $oldhead; ## $oldhead = $oldhead->[2]; ## pos( $code ) = $endpos; ## if ( $code =~ /($current_ptr->[3])/gms ) { $current_ptr->[0] = pos ($code) - length($1); $current_ptr->[1] = length($1); } else {next}; ## if (!defined ($head_ptr) || ## ($current_ptr->[0] < $head_ptr->[0]) || ## ( ## ( $current_ptr->[0] == $head_ptr->[0]) && ## ( $current_ptr->[7] < $head_ptr->[7]) ## ) ## ) ## { ## $current_ptr->[2] = $head_ptr; ## $head_ptr = $current_ptr; ## } ## else ## { ## $help_ptr = $head_ptr; ## $help_ptr = $help_ptr->[2] ## while (defined ( $help_ptr->[2] ) && ## ( ## ($current_ptr->[0] > $help_ptr->[2]->[0]) || ## ( ## ( $current_ptr->[0] == $help_ptr->[2]->[0]) && ## ( $current_ptr->[7] > $help_ptr->[2]->[7]) ## ) ## ) ## ); #iow: while (defined help->next && current->pos <= help->next->pos) # if two patterns match at the same pos ## # the one that was declared earlier is taken ## $current_ptr->[2] = $help_ptr->[2]; ## $help_ptr->[2] = $current_ptr; ## }; ## }; ## # 3) done ## }; ## $snippet = substr($code, $endpos); $snippet =~ s/($ENTITIES)/$ENTITIES{$1}/ge; #" ]); ## push @$snippetlist_ref, $snippet; ## }; ################################################################################ ####################### put_output ############################################# ################################################################################ sub put_output { my ( $params, $snippetlist_ref, $STYLE_REF ) = @_ ; my $result; my $prefix = ''; $prefix = $params->{'line_number_prefix'}.'_' if defined $params->{'line_number_prefix'}; $result = & { $ { $$STYLE_REF{'linenumbers'} }{$params->{'linenumbers'}} } (join ('', @$snippetlist_ref), $prefix); if (defined ($params{'linewidth'})) { $result =~ tr=\0=\n=; } print FILEHANDLE $result unless (defined $params->{'dont_print_output'} && $params->{'dont_print_output'}); print FILEHANDLE $$STYLE_REF{'footer'} unless $params->{'noheader'}; if (defined($params->{'outfile'})) { unless ($params->{'outfile'} eq '-'){ close (FILEHANDLE); close (STDOUT); open (STDOUT, ">&SAVEOUT"); }; }; return $result; }; ################################################################################ ####################### get_default_stylesheet ################################# ################################################################################ sub get_default_stylesheet { my %STYLESHEET; ########## ########## different color modes for html. # those are named html-dark, html-nobc and html-light. # html-light is also named html # the only difference between html-light and html-nobc is # that html-light defines a body background and text color. # nobc stands for no body colors. $STYLESHEET{'html-light'} = { 'template' => '<html> <head> <title>%%title%% 
%%code%%
syntax highlighted by Code2HTML, v. %%version%% ', 'content-type' => 'text/html', 'entities' => { 'listofchars' => '[<>&"]', # a regex actually 'replace_by' => { '&' => '&', '<' => '<', '>' => '>', '"' => '"' } }, 'linenumbers' => { 'none' => sub { return $_[0]; }, 'normal' => sub { # o as the first parameter is the joined snippetlist # o the second is an optional prefix, needed if more than one block # in a file is highlighted. needed in patch-mode. may be empty # the sub should the return a scalar made up of the joined lines including linenumbers my @lines = split ( /\n/, $_[0] ); my $nr = 0; my $lengthofnr = scalar(@lines); my $format = qq{%${lengthofnr}u %s\n} ; join ('', map ( {$nr++; sprintf ( $format , $nr, $nr, $_ )} @lines)); }, 'linked' => sub { # this should do the same as above only with linenumbers that link to themselves # If this style does not support this, use the same as above. my @lines = split ( /\n/, $_[0] ); my $nr = 0; my $lengthofnr = scalar(@lines); my $format = qq{%$ {lengthofnr}u %s\n}; join ('', map ( {$nr++; sprintf ( $format , $nr, $nr, $nr, $_ )} @lines)); } }, 'tags' => { 'comment' => { 'start' => '', 'stop' => '' }, 'doc comment' => { 'start' => '', 'stop' => '' }, 'string' => { 'start' => '', 'stop' => '' }, 'esc string' => { 'start' => '', 'stop' => '' }, 'character' => { 'start' => '', 'stop' => '' }, 'esc character' => { 'start' => '', 'stop' => '' }, 'numeric' => { 'start' => '', 'stop' => '' }, 'identifier' => { 'start' => '', 'stop' => '' }, 'predefined identifier' => { 'start' => '', 'stop' => '' }, 'type' => { 'start' => '', 'stop' => '' }, 'predefined type' => { 'start' => '', 'stop' => '' }, 'reserved word' => { 'start' => '', 'stop' => '' }, 'library function' => { 'start' => '', 'stop' => '' }, 'include' => { 'start' => '', 'stop' => '' }, 'preprocessor' => { 'start' => '', 'stop' => '' }, 'braces' => { 'start' => '', 'stop' => '' }, 'symbol' => { 'start' => '', 'stop' => '' }, 'function header' => { 'start' => '', 'stop' => '' }, 'function header name' => { 'start' => '', 'stop' => '' }, 'function header args' => { 'start' => '', 'stop' => '' }, 'regex' => { 'start' => '', 'stop' => '' }, 'text' => { 'start' => '', 'stop' => ''}, # HTML 'entity' => { 'start' => '', 'stop' => '' }, # MAKEFILE 'assignment' => { 'start' => '', 'stop' => '' }, 'dependency line' => { 'start' => '', 'stop' => '' }, 'dependency target' => { 'start' => '', 'stop' => '' }, 'dependency continuation'=> { 'start' => '', 'stop' => '' }, 'continuation' => { 'start' => '', 'stop' => '' }, 'macro' => { 'start' => '', 'stop' => '' }, 'int macro' => { 'start' => '', 'stop' => '' }, 'esc $$$' => { 'start' => '', 'stop' => '' }, # PATCH 'separator' => { 'start' => '', 'stop' => '' }, 'line spec' => { 'start' => '', 'stop' => '' }, 'deletion' => { 'start' => '', 'stop' => '' }, 'insertion' => { 'start' => '', 'stop' => '' } } }; # html-light is also called html $STYLESHEET{'html'} = $STYLESHEET{'html-light'}; # html-nobc is a modification of html-light # in such a way, that the body tag does not define # a background and a text color # nobc stands for no body colors. %{$STYLESHEET{'html-nobg'}} = %{$STYLESHEET{'html-light'}}; ${ $STYLESHEET{'html-nobg'}} {'template'} = ' %%title%% 
%%code%%
syntax highlighted by Code2HTML, v. %%version%% '; # html-dark is a modification of html-light # in such a way, that the body tag does define # different colors and that the colors are different. %{$STYLESHEET{'html-dark'}} = %{$STYLESHEET{'html-light'}}; ${ $STYLESHEET{'html-dark'}} {'template'} = ' %%title%% 
%%code%%
syntax highlighted by Code2HTML, v. %%version%% '; ${ $STYLESHEET{'html-dark'}} {'tags'} = { 'comment' => { 'start' => '', 'stop' => '' }, 'doc comment' => { 'start' => '', 'stop' => '' }, 'string' => { 'start' => '', 'stop' => '' }, 'esc string' => { 'start' => '', 'stop' => '' }, 'character' => { 'start' => '', 'stop' => '' }, 'esc character' => { 'start' => '', 'stop' => '' }, 'numeric' => { 'start' => '', 'stop' => '' }, 'identifier' => { 'start' => '', 'stop' => '' }, 'predefined identifier' => { 'start' => '', 'stop' => '' }, 'type' => { 'start' => '', 'stop' => '' }, 'predefined type' => { 'start' => '', 'stop' => '' }, 'reserved word' => { 'start' => '', 'stop' => '' }, 'library function' => { 'start' => '', 'stop' => '' }, 'include' => { 'start' => '', 'stop' => '' }, 'preprocessor' => { 'start' => '', 'stop' => '' }, 'braces' => { 'start' => '', 'stop' => '' }, 'symbol' => { 'start' => '', 'stop' => '' }, 'function header' => { 'start' => '', 'stop' => '' }, 'function header name' => { 'start' => '', 'stop' => '' }, 'function header args' => { 'start' => '', 'stop' => '' }, 'regex' => { 'start' => '', 'stop' => '' }, 'text' => { 'start' => '', 'stop' => ''}, # HTML 'entity' => { 'start' => '', 'stop' => '' }, # MAKEFILE 'assignment' => { 'start' => '', 'stop' => '' }, 'dependency line' => { 'start' => '', 'stop' => '' }, 'dependency target' => { 'start' => '', 'stop' => '' }, 'dependency continuation'=> { 'start' => '', 'stop' => '' }, 'continuation' => { 'start' => '', 'stop' => '' }, 'macro' => { 'start' => '', 'stop' => '' }, 'int macro' => { 'start' => '', 'stop' => '' }, 'esc $$$' => { 'start' => '', 'stop' => '' }, # PATCH 'separator' => { 'start' => '', 'stop' => '' }, 'line spec' => { 'start' => '', 'stop' => '' }, 'deletion' => { 'start' => '', 'stop' => '' }, 'insertion' => { 'start' => '', 'stop' => '' } }; ##### # # nocolor # %{$STYLESHEET{'html-nocolor'}} = %{$STYLESHEET{'html-nobg'}}; ${ $STYLESHEET{'html-nocolor'}} {'tags'} = { 'comment' => { 'start' => '', 'stop' => '' }, 'doc comment' => { 'start' => '', 'stop' => '' }, 'string' => { 'start' => '', 'stop' => '' }, 'esc string' => { 'start' => '', 'stop' => '' }, 'character' => { 'start' => '', 'stop' => '' }, 'esc character' => { 'start' => '', 'stop' => '' }, 'numeric' => { 'start' => '', 'stop' => '' }, 'identifier' => { 'start' => '', 'stop' => '' }, 'predefined identifier' => { 'start' => '', 'stop' => '' }, 'type' => { 'start' => '', 'stop' => '' }, 'predefined type' => { 'start' => '', 'stop' => '' }, 'reserved word' => { 'start' => '', 'stop' => '' }, 'library function' => { 'start' => '', 'stop' => '' }, 'include' => { 'start' => '', 'stop' => '' }, 'preprocessor' => { 'start' => '', 'stop' => '' }, 'braces' => { 'start' => '', 'stop' => '' }, 'symbol' => { 'start' => '', 'stop' => '' }, 'function header' => { 'start' => '', 'stop' => '' }, 'function header name' => { 'start' => '', 'stop' => '' }, 'function header args' => { 'start' => '', 'stop' => '' }, 'regex' => { 'start' => '', 'stop' => '' }, 'text' => { 'start' => '', 'stop' => '' }, # HTML 'entity' => { 'start' => '', 'stop' => '' }, # MAKEFILE 'assignment' => { 'start' => '', 'stop' => '' }, 'dependency line' => { 'start' => '', 'stop' => '' }, 'dependency target' => { 'start' => '', 'stop' => '' }, 'dependency continuation' => { 'start' => '', 'stop' => '' }, 'continuation' => { 'start' => '', 'stop' => '' }, 'macro' => { 'start' => '', 'stop' => '' }, 'int macro' => { 'start' => '', 'stop' => '' }, 'esc $$$' => { 'start' => '', 'stop' => '' }, # PATCH 'separator' => { 'start' => '', 'stop' => '' }, 'line spec' => { 'start' => '', 'stop' => '' }, 'deletion' => { 'start' => '', 'stop' => '' }, 'insertion' => { 'start' => '', 'stop' => '' } }; ##### # # simple # %{$STYLESHEET{'html-simple'}} = %{$STYLESHEET{'html-nocolor'}}; ${ $STYLESHEET{'html-simple'}} {'template'} = ' %%title%%

%%title%%

%%code%%
'; # Vincent Sanders # html-fntlck is a modification of html-light # in such a way, that the body tag does define # different colors and that the colors are different. #it is supposed to be the colours i get from emacs default font-lock mode %{$STYLESHEET{'html-fntlck'}} = %{$STYLESHEET{'html-light'}}; ${ $STYLESHEET{'html-fntlck'}} {'template'} = ' %%title%% 
%%code%%
syntax highlighted by Code2HTML, v. %%version%% '; ${ $STYLESHEET{'html-fntlck'}} {'tags'} = { 'comment' => { 'start' => '', 'stop' => '' }, 'doc comment' => { 'start' => '', 'stop' => '' }, 'string' => { 'start' => '', 'stop' => '' }, 'esc string' => { 'start' => '', 'stop' => '' }, 'character' => { 'start' => '', 'stop' => '' }, 'esc character' => { 'start' => '', 'stop' => '' }, 'numeric' => { 'start' => '', 'stop' => '' }, 'identifier' => { 'start' => '', 'stop' => '' }, 'predefined identifier' => { 'start' => '', 'stop' => '' }, 'type' => { 'start' => '', 'stop' => '' }, 'predefined type' => { 'start' => '', 'stop' => '' }, 'reserved word' => { 'start' => '', 'stop' => '' }, 'library function' => { 'start' => '', 'stop' => '' }, 'include' => { 'start' => '', 'stop' => '' }, 'preprocessor' => { 'start' => '', 'stop' => '' }, 'braces' => { 'start' => '', 'stop' => '' }, 'symbol' => { 'start' => '', 'stop' => '' }, 'function header' => { 'start' => '', 'stop' => '' }, 'function header name' => { 'start' => '', 'stop' => '' }, 'function header args' => { 'start' => '', 'stop' => '' }, 'regex' => { 'start' => '', 'stop' => '' }, 'text' => { 'start' => '', 'stop' => ''}, # HTML 'entity' => { 'start' => '', 'stop' => '' }, # MAKEFILE 'assignment' => { 'start' => '', 'stop' => '' }, 'dependency line' => { 'start' => '', 'stop' => '' }, 'dependency target' => { 'start' => '', 'stop' => '' }, 'dependency continuation'=> { 'start' => '', 'stop' => '' }, 'continuation' => { 'start' => '', 'stop' => '' }, 'macro' => { 'start' => '', 'stop' => '' }, 'int macro' => { 'start' => '', 'stop' => '' }, 'esc $$$' => { 'start' => '', 'stop' => '' }, # PATCH 'separator' => { 'start' => '', 'stop' => '' }, 'line spec' => { 'start' => '', 'stop' => '' }, 'deletion' => { 'start' => '', 'stop' => '' }, 'insertion' => { 'start' => '', 'stop' => '' } }; return \%STYLESHEET; }; ################################################################################ ####################### get_default_database ################################### ################################################################################ sub get_default_database { my %LANGUAGE; # written by PP $LANGUAGE{'plain'} = { 'filename' => '', 'regex' => '', 'patterns' => [] }; # taken from nedit # modified by PP $LANGUAGE{'ada'} = { 'filename' => '(?i)\\.a(d[asb]?)?$', 'regex' => '', 'patterns' => [ { 'name' => 'Comments', 'regex' => '--.*?$', 'style' => 'comment', 'childregex' => [], }, { 'name' => 'String Literals', 'regex' => '".*?("|$)', 'style' => 'string', 'childregex' => [] }, { 'name' => 'Character Literals', 'regex' => '\'.\'', 'style' => 'character', 'childregex' => [] }, { 'name' => 'Ada Attributes', 'regex' => '\'[a-zA-Z][a-zA-Z_]+\\b', 'style' => 'reserved word', 'childregex' => [] }, { 'name' => 'Numeric Literals', 'regex' => '(((2|8|10|16)#[_0-9a-fA-F]*#)|[0-9.]+)', 'style' => 'numeric', 'childregex' => [] }, { 'name' => 'Withs Pragmas Use', 'regex' => '\\b(?i)((with|pragma|use)[ \\t\\n\\f\\r]+[a-zA-Z0-9_.]+;)+\\b', 'style' => 'include', 'childregex' => [] }, { 'name' => 'Predefined Types', 'regex' => '\\b(?i)(boolean|character|count|duration|float|integer|long_float|long_integer|priority|short_float|short_integer|string)\\b', 'style' => 'predefined type', 'childregex' => [] }, { 'name' => 'Predefined Subtypes', 'regex' => '\\b(?i)field|natural|number_base|positive|priority\\b', 'style' => 'predefined type', 'childregex' => [] }, { 'name' => 'Reserved Words', 'regex' => '\\b(?i)(abort|abs|accept|access|and|array|at|begin|body|case|constant|declare|delay|delta|digits|do|else|elsif|end|entry|exception|exit|for|function|generic|goto|if|in|is|limited|loop|mod|new|not|null|of|or|others|out|package|pragma|private|procedure|raise|range|record|rem|renames|return|reverse|select|separate|subtype|task|terminate|then|type|use|when|while|with|xor)\\b', 'style' => 'reserved word', 'childregex' => [] }, { 'name' => 'Ada 95 Only', 'regex' => '\\b(?i)(abstract|tagged|all|protected|aliased|requeue|until)\\b', 'style' => 'reserved word', 'childregex' => [] }, { 'name' => 'Identifiers', 'regex' => '\\b[a-zA-Z][a-zA-Z0-9_]*\\b', 'style' => 'identifier', 'childregex' => [] }, { 'name' => 'Dot All', 'regex' => '(?i)\\.all\\b', 'style' => 'predefined identifier', 'childregex' => [] } ] }; $LANGUAGE{'ada95'} = $LANGUAGE{'ada'}; # written by JA $LANGUAGE{'awk'} = { 'filename' => '(?i)\\.awk$', 'regex' => '^\\s*#\\s*![^\\s]*awk', 'patterns' => [ { 'name' => 'comment', 'regex' => '#.*?$', 'style' => 'comment', 'childregex' => [] }, { 'name' => 'string', 'regex' => '""|".*?([^\\\\](\\\\\\\\)*)"|"\\\\\\\\"', # 'regex' => '""|"\\\\\\\\"|"[^"\\\\]"|"[^"].*?[^\\\\]"', 'style' => 'string', 'childregex' => [ { 'name' => 'esc character', 'regex' => '\\\\.', 'style' => 'esc character', 'childregex' => [] } ] }, { 'name' => 'string', 'regex' => '\'\'|\'.*?([^\\\\](\\\\\\\\)*)\'|\'\\\\\\\\\'', # 'regex' => '\'\'|\'\\\\\\\\\'|\'[^\'\\\\]\'|\'[^\'].*?[^\\\\]\'', 'style' => 'string', 'childregex' => [ { 'name' => 'esc character', 'regex' => '\\\\.', 'style' => 'esc character', 'childregex' => [] } ] }, { 'name' => 'function header', 'regex' => 'function[\\t ]+([a-zA-Z0-9_]+)[\\t \\n]*(\\{|\\n)', 'style' => 'function header', 'childregex' => [ { 'name' => 'function coloring', 'regex' => '[\\t ]([a-zA-Z0-9_]+)', 'style' => 'function header name', 'childregex' => [] } ] }, { 'name' => 'regex matching I 1', 'regex' => '(\\b| )?(/)(\\\\/|[^/\\n])*(/[gimesox]*)', 'style' => 'regex', 'childregex' => [] }, { 'name' => 'regex matching I 2', 'regex' => '(?:\\b| )(?:(?:m|q|qq)([!"#$%&\'*+-/]))(\\\\\\2|[^\\2\\n])*(\\2[gimesox]*)', 'style' => 'regex', 'childregex' => [] }, { 'name' => 'regex matching II', 'regex' => '(?:\\b| )?(?:s([!"#$%&\'*+-/]))(?:\\\\\\2|[^\\2\\n])*?(\\2)[^(\\2)\\n]*?(\\2[gimesox]*)', 'style' => 'regex', 'childregex' => [] }, { 'name' => 'translate', 'regex' => '(?:\\b| )(?:(?:tr|y)([^\w\s]))(?:\\\\\\2|[^\\2\\n])*?(\\2)[^(\\2)\\n]*?(\\2[gimesox]*)', 'style' => 'regex', 'childregex' => [] }, { 'name' => 'keywords', 'regex' => '\\b(BEGIN|END|ARGC|ARGIND|ARGV|CONVFMT|ENVIRON|ERRNO|FIELDWIDTHS|FILENAME|FNR|FS|IGNORECASE|NF|NR|OFMT|OFS|ORS|RS|RT|RSTART|RLENGTH|SUBSEP)\\b', 'style' => 'reserved word', 'childregex' => [] }, { 'name' => 'keywords 2', 'regex' => '\\b(if|while|do|for|in|break|continue|delete|exit|next|nextfile|function)\\b', 'style' => 'reserved word', 'childregex' => [] }, { 'name' => 'library fns', 'regex' => '\\b(close|getline|print|printf|system|fflush|atan2|cos|exp|int|log|rand|sin|sqrt|srand|gensub|gsub|index|length|split|sprintf|sub|substr|tolower|toupper|systime|strftime)\\b', 'style' => 'library function', 'childregex' => [] }, { 'name' => 'braces and parens', 'regex' => '[\\[\\]\\{\\}\\(\\)]', 'style' => 'braces', 'childregex' => [] }, { 'name' => '<< stuff', 'regex' => '<<\'([^\\n]*)\';.*?^\\2$', 'style' => 'text', 'childregex' => [] }, { 'name' => '<< stuff', 'regex' => '<<([^\\n]*).*?^\\2$', 'style' => 'text', 'childregex' => [] } ] }; # taken from nedit # modified by PP $LANGUAGE{'c'} = { 'filename' => '\\.[ch]$', 'regex' => '', 'patterns' => [ { 'name' => 'doc comment', 'regex' => '/\\*\\*.*?\\*/', 'style' => 'doc comment', 'childregex' => [] }, { 'name' => 'comment', 'regex' => '/\\*.*?\\*/', 'style' => 'comment', 'childregex' => [] }, { 'name' => 'string', 'regex' => '""|".*?([^\\\\](\\\\\\\\)*)"|"\\\\\\\\"', # 'regex' => '""|"\\\\\\\\"|"[^"\\\\]"|"[^"].*?[^\\\\]"', 'style' => 'string', 'childregex' => [ { 'name' => 'esc character', 'regex' => '\\\\.', 'style' => 'esc character', 'childregex' => [] } ] }, { 'name' => 'preprocessor line', 'regex' => '^[ \\t]*#.*?$', 'style' => 'preprocessor', 'childregex' => [ { 'name' => 'string', 'regex' => '""|".*?([^\\\\](\\\\\\\\)*)"|"\\\\\\\\"', # 'regex' => '""|"\\\\\\\\"|"[^"\\\\]"|"[^"].*?[^\\\\]"', 'style' => 'string', 'childregex' => [ { 'name' => 'esc character', 'regex' => '\\\\.', 'style' => 'esc character', 'childregex' => [] } ] }, { 'name' => '', 'regex' => '<.*?>', 'style' => 'string', 'childregex' => [] }, { 'name' => 'comment', 'regex' => '[^/]/\\*.*?\\*/', 'style' => 'comment', 'childregex' => [] } ] }, { 'name' => 'character constant', 'regex' => '\'(\\\\)?.\'', 'style' => 'character', 'childregex' => [ { 'name' => 'esc character', 'regex' => '\\\\.', 'style' => 'esc character', 'childregex' => [] } ] }, { 'name' => 'numeric constant', 'regex' => '\\b((0(x|X)[0-9a-fA-F]*)|(([0-9]+\\.?[0-9]*)|(\\.[0-9]+))((e|E)(\\+|-)?[0-9]+)?)(L|l|UL|ul|u|U|F|f)?\\b', 'style' => 'numeric', 'childregex' => [] }, { 'name' => 'storage keyword', 'regex' => '\\b(const|extern|auto|register|static|unsigned|signed|volatile|char|double|float|int|long|short|void|typedef|struct|union|enum)\\b', 'style' => 'reserved word', 'childregex' => [] }, { 'name' => 'keyword', 'regex' => '\\b(return|goto|if|else|case|default|switch|break|continue|while|do|for|sizeof)\\b', 'style' => 'reserved word', 'childregex' => [] }, { 'name' => 'braces', 'regex' => '[\\{\\}]', 'style' => 'braces', 'childregex' => [] }, { 'name' => 'symbols', 'regex' => '([\\*\\-\\+=:;%&\\|<>\\(\\)\\[\\]!])', 'style' => 'symbol', 'childregex' => [] }, { 'name' => 'identifiers', 'regex' => '([a-zA-Z_][a-zA-Z_0-9]*)', 'style' => 'identifier', 'childregex' => [] } ] }; # taken from nedit # modified by PP $LANGUAGE{'c++'} = { 'filename' => '\\.(c(c|pp|xx)|h(h|pp|xx)|C(C|PP|XX)?|H(H|PP|XX)?|i)$', 'regex' => '', 'patterns' => [ { 'name' => 'doc comment', 'regex' => '/\\*\\*.*?\\*/', 'style' => 'doc comment', 'childregex' => [] }, { 'name' => 'comment', 'regex' => '/\\*.*?\\*/', 'style' => 'comment', 'childregex' => [] }, { 'name' => 'cplus comment', 'regex' => '//.*?$', 'style' => 'comment', 'childregex' => [] }, { 'name' => 'string', 'regex' => '""|"\\\\\\\\"|".*?([^\\\\](\\\\\\\\)*)"', # 'regex' => '""|"\\\\\\\\"|"[^"\\\\]"|"[^"].*?[^\\\\]"', 'style' => 'string', 'childregex' => [ { 'name' => 'esc character', 'regex' => '\\\\.', 'style' => 'esc character', 'childregex' => [] } ] }, { 'name' => 'preprocessor line', 'regex' => '^[ \\t]*#.*?$', 'style' => 'preprocessor', 'childregex' => [ { 'name' => 'string', 'regex' => '""|".*?([^\\\\](\\\\\\\\)*)"|"\\\\\\\\"', # 'regex' => '""|"\\\\\\\\"|"[^"\\\\]"|"[^"].*?[^\\\\]"', 'style' => 'string', 'childregex' => [ { 'name' => 'esc character', 'regex' => '\\\\.', 'style' => 'esc character', 'childregex' => [] } ] }, { 'name' => '', 'regex' => '<.*?>', 'style' => 'string', 'childregex' => [] }, { 'name' => 'comment', 'regex' => '[^/]/\\*.*?\\*/', 'style' => 'comment', 'childregex' => [] }, { 'name' => 'cplus comment', 'regex' => '//.*?$', 'style' => 'comment', 'childregex' => [] } ] }, { 'name' => 'character constant', 'regex' => '\'(\\\\)?.\'', 'style' => 'character', 'childregex' => [ { 'name' => 'esc character', 'regex' => '\\\\.', 'style' => 'esc character', 'childregex' => [] } ] }, { 'name' => 'numeric constant', 'regex' => '\\b((0(x|X)[0-9a-fA-F]*)|(([0-9]+\\.?[0-9]*)|(\\.[0-9]+))((e|E)(\\+|-)?[0-9]+)?)(L|l|UL|ul|u|U|F|f)?\\b', 'style' => 'numeric', 'childregex' => [] }, { 'name' => 'storage keyword', 'regex' => '\\b(class|typename|typeid|template|friend|virtual|inline|explicit|operator|overload|public|private|protected|const|extern|auto|register|static|mutable|unsigned|signed|volatile|char|double|float|int|long|short|bool|wchar_t|void|typedef|struct|union|enum)\\b', 'style' => 'reserved word', 'childregex' => [], }, { 'name' => 'keyword', 'regex' => '\\b(new|delete|this|return|goto|if|else|case|default|switch|break|continue|while|do|for|catch|throw|sizeof|true|false|namespace|using|dynamic_cast|static_cast|reinterpret_cast)\\b', 'style' => 'reserved word', 'childregex' => [] }, { 'name' => 'braces', 'regex' => '[\\{\\}]', 'style' => 'braces', 'childregex' => [] }, { 'name' => 'symbols', 'regex' => '([\\*\\-\\+=:;%&\\|<>\\(\\)\\[\\]!])', 'style' => 'symbol', 'childregex' => [] }, { 'name' => 'identifiers', 'regex' => '([a-zA-Z_][a-zA-Z_0-9]*)', 'style' => 'identifier', 'childregex' => [] } ] }; $LANGUAGE{'cc'} = $LANGUAGE{'c++'}; $LANGUAGE{'cpp'} = $LANGUAGE{'c++'}; $LANGUAGE{'cxx'} = $LANGUAGE{'c++'}; # written by VRS $LANGUAGE{'gpasm'} = { 'filename' => '(?i)\\.(asm|inc)$', 'regex' => '', 'patterns' => [ { 'name' => 'args', 'regex' => '^.*$', 'style' => 'symbol', 'childregex' => [ { 'name' => 'comment', 'regex' => ';.*?$', 'style' => 'comment', 'childregex' => [] }, { 'name' => 'labels', 'regex' => '^[A-Za-z_][A-Za-z_0-9]*:?', 'style' => 'identifier', 'childregex' => [] }, { 'name' => 'menonics', 'regex' => '^[ \t]+[A-Za-z_][A-Za-z_0-9]*', 'style' => 'reserved word', 'childregex' => [] }, { 'name' => 'string', 'regex' => '""|".*?([^\\\\](\\\\\\\\)*)"|"\\\\\\\\"', 'style' => 'string', 'childregex' => [ { 'name' => 'esc character', 'regex' => '\\\\.', 'style' => 'esc character', 'childregex' => [] } ] } ] } ] }; # written by JA $LANGUAGE{'groff'} = { 'filename' => '\\.groff$', 'regex' => '', 'patterns' => [ { 'name' => 'comment', 'regex' => '\\\\".*?$', 'style' => 'comment', 'childregex' => [] } ] }; # taken from nedit # modified by PP $LANGUAGE{'html'} = { 'filename' => '(?i)\\.html?$', 'regex' => '', 'patterns' => [ { 'name' => 'comment', 'regex' => '', 'style' => 'comment', 'childregex' => [] }, { 'name' => 'entity', 'regex' => '\\&[-.a-zA-Z0-9#]*;?', 'style' => 'entity', 'childregex' => [] }, { 'name' => 'tag', 'regex' => '<(/|!)?[-.a-zA-Z0-9]*.*?>', 'style' => 'predefined identifier', 'childregex' => [ { 'name' => 'double quote string', 'regex' => '".*?"', 'style' => 'string', 'childregex' => [] }, { 'name' => 'single quote string', 'regex' => '\'.*?\'', 'style' => 'string', 'childregex' => [] }, { 'name' => 'brackets', 'regex' => '[<>]', 'style' => 'braces', 'childregex' => [] }, { 'name' => 'attribute', 'regex' => '[^\'" ]+(?=.)', 'style' => 'identifier', 'childregex' => [] } ] } ] }; # taken from nedit # modified by PP $LANGUAGE{'java'} = { 'filename' => '\\.java$', 'regex' => '', 'patterns' => [ { 'name' => 'doc comment', 'regex' => '/\\*\\*.*?\\*/', 'style' => 'doc comment', 'childregex' => [] }, { 'name' => 'comment', 'regex' => '/\\*.*?\\*/', 'style' => 'comment', 'childregex' => [] }, { 'name' => 'cplus comment', 'regex' => '//.*?$', 'style' => 'comment', 'childregex' => [] }, { 'name' => 'string', 'regex' => '""|".*?([^\\\\](\\\\\\\\)*)"|"\\\\\\\\"', # 'regex' => '""|"\\\\\\\\"|"[^"\\\\]"|"[^"].*?[^\\\\]"', 'style' => 'string', 'childregex' => [ { 'name' => 'esc character', 'regex' => '\\\\.', 'style' => 'esc character', 'childregex' => [] } ] }, { 'name' => 'single quoted', 'regex' => '\'\'|\'.*?([^\\\\](\\\\\\\\)*)\'|\'\\\\\\\\\'', # 'regex' => '\'\'|\'\\\\\\\\\'|\'[^\'\\\\]\'|\'[^\'].*?[^\\\\]\'', 'style' => 'string', 'childregex' => [] }, { 'name' => 'numeric constant', 'regex' => '\\b((0(x|X)[0-9a-fA-F]*)|(([0-9]+\\.?[0-9]*)|(\\.[0-9]+))((e|E)(\\+|-)?[0-9]+)?)(L|l|UL|ul|u|U|F|f)?\\b', 'style' => 'numeric', 'childregex' => [] }, { 'name' => 'include', 'regex' => '\\b(import|package)\\b.*?$', 'style' => 'include', 'childregex' => [ { 'name' => 'esc character', 'regex' => '\\\\(.|\\n)', 'style' => 'esc character', 'childregex' => [] }, { 'name' => 'comment', 'regex' => '[^/]/\\*.*?\\*/', 'style' => 'comment', 'childregex' => [] } ] }, { 'name' => 'storage keyword', 'regex' => '\\b(abstract|boolean|byte|char|class|double|extends|final|float|int|interface|long|native|private|protected|public|short|static|transient|synchronized|void|volatile|implements)\\b', 'style' => 'reserved word', 'childregex' => [] }, { 'name' => 'keyword', 'regex' => '\\b(break|case|catch|continue|default|do|else|false|finally|for|if|instanceof|new|null|return|super|switch|this|throw|throws|true|try|while)\\b', 'style' => 'reserved word', 'childregex' => [] }, { 'name' => 'braces and parens', 'regex' => '[\\{\\}\\(\\)\\[\\]]', 'style' => 'braces', 'childregex' => [] }, { 'name' => 'Identifiers', 'regex' => '\\b[a-zA-Z_][a-zA-Z0-9_]*\\b', 'style' => 'identifier', 'childregex' => [] }, { 'name' => 'symbols', 'regex' => '([\\*\\-\\+=:;%&\\|<>!])', 'style' => 'symbol', 'childregex' => [] } ] }; # taken from nedit # modified by PP $LANGUAGE{'javascript'} = { 'filename' => '(?i)\\.js$', 'regex' => '', 'patterns' => [ { 'name' => 'comment', 'regex' => '/\\*.*?\\*/', 'style' => 'comment', 'childregex' => [] }, { 'name' => 'cplus comment', 'regex' => '//.*?$', 'style' => 'comment', 'childregex' => [] }, { 'name' => 'numeric constant', 'regex' => '\\b((0(x|X)[0-9a-fA-F]*)|(([0-9]+\\.?[0-9]*)|(\\.[0-9]+))((e|E)(\\+|-)?[0-9]+)?)(L|l|UL|ul|u|U|F|f)?\\b', 'style' => 'numeric', 'childregex' => [] }, { 'name' => 'events', 'regex' => '\\b(onAbort|onBlur|onClick|onChange|onDblClick|onDragDrop|onError|onFocus|onKeyDown|onKeyPress|onLoad|onMouseDown|onMouseMove|onMouseOut|onMouseOver|onMouseUp|onMove|onResize|onSelect|onSubmit|onUnload)\\b', 'style' => 'reserved word', 'childregex' => [] }, { 'name' => 'braces', 'regex' => '[\\{\\}]', 'style' => 'braces', 'childregex' => [] }, { 'name' => 'statements', 'regex' => '\\b(break|continue|else|for|if|in|new|return|this|typeof|var|while|with)\\b', 'style' => 'reserved word', 'childregex' => [] }, { 'name' => 'function', 'regex' => 'function[\\t ]+([a-zA-Z0-9_]+)[\\t \\(]+.*?[\\n{]', 'style' => 'function header', 'childregex' => [ { 'name' => 'function args', 'regex' => '\\(.*?\\)', 'style' => 'function header args', 'childregex' => [] }, { 'name' => 'function name', 'regex' => '[\\t ][a-zA-Z0-9_]+', 'style' => 'function header name', 'childregex' => [] } ] }, { 'name' => 'built in object type', 'regex' => '\\b(anchor|Applet|Area|Array|button|checkbox|Date|document|elements|FileUpload|form|frame|Function|hidden|history|Image|link|location|Math|navigator|Option|password|Plugin|radio|reset|select|string|submit|text|textarea|window)\\b', 'style' => 'predefined type', 'childregex' => [] }, { 'name' => 'string', 'regex' => '".*?("|$)', 'style' => 'string', 'childregex' => [ { 'name' => 'colors', 'regex' => '(aliceblue|antiquewhite|aqua|aquamarine|azure|beige|bisque|black|blanchedalmond|blue|blueviolet|brown|burlywood|cadetblue|chartreuse|chocolate|coral|cornflowerblue|cornsilk|crimson|cyan|darkblue|darkcyan|darkgoldenrod|darkgray|darkgreen|darkkhaki|darkmagenta|darkolivegreen|darkorange|darkorchid|darkred|darksalmon|darkseagreen|darkslateblue|darkslategray|darkturquoise|darkviolet|deeppink|deepskyblue|dimgray|dodgerblue|firebrick|floralwhite|forestgreen|fuchsia|gainsboro|ghostwhite|gold|goldenrod|gray|green|greenyellow|honeydew|hotpink|indianred|indigo|ivory|khaki|lavender|lavenderblush|lawngreen|lemonchiffon|lightblue|lightcoral|lightcyan|lightgoldenrodyellow|lightgreen|lightgrey|lightpink|lightsalmon|lightseagreen|lightskyblue|lightslategray|lightsteelblue|lightyellow|lime|limegreen|linen|magenta|#008000|mediumaquamarine|mediumblue|mediumorchid|mediumpurple|mediumseagreen|mediumslateblue|mediumspringgreen|mediumturquoise|mediumvioletred|midnightblue|mintcream|mistyrose|moccasin|navajowhite|navy|oldlace|olive|olivedrab|orange|orangered|orchid|palegoldenrod|palegreen|paleturquoise|palevioletred|papayawhip|peachpuff|peru|pink|plum|powderblue|purple|red|rosybrown|royalblue|saddlebrown|salmon|sandybrown|seagreen|seashell|sienna|silver|skyblue|slateblue|slategray|snow|springgreen|steelblue|tan|teal|thistle|tomato|turquoise|violet|wheat|white|whitesmoke|yellow|yellowgreen|#[A-Fa-f0-9][A-Fa-f0-9][A-Fa-f0-9][A-Fa-f0-9][A-Fa-f0-9][A-Fa-f0-9])', 'style' => 'identifier', 'childregex' => [] } ] }, { 'name' => 'string', 'regex' => '\'.*?(\'|$)', 'style' => 'string', 'childregex' => [ { 'name' => 'colors', 'regex' => '(aliceblue|antiquewhite|aqua|aquamarine|azure|beige|bisque|black|blanchedalmond|blue|blueviolet|brown|burlywood|cadetblue|chartreuse|chocolate|coral|cornflowerblue|cornsilk|crimson|cyan|darkblue|darkcyan|darkgoldenrod|darkgray|darkgreen|darkkhaki|darkmagenta|darkolivegreen|darkorange|darkorchid|darkred|darksalmon|darkseagreen|darkslateblue|darkslategray|darkturquoise|darkviolet|deeppink|deepskyblue|dimgray|dodgerblue|firebrick|floralwhite|forestgreen|fuchsia|gainsboro|ghostwhite|gold|goldenrod|gray|green|greenyellow|honeydew|hotpink|indianred|indigo|ivory|khaki|lavender|lavenderblush|lawngreen|lemonchiffon|lightblue|lightcoral|lightcyan|lightgoldenrodyellow|lightgreen|lightgrey|lightpink|lightsalmon|lightseagreen|lightskyblue|lightslategray|lightsteelblue|lightyellow|lime|limegreen|linen|magenta|#008000|mediumaquamarine|mediumblue|mediumorchid|mediumpurple|mediumseagreen|mediumslateblue|mediumspringgreen|mediumturquoise|mediumvioletred|midnightblue|mintcream|mistyrose|moccasin|navajowhite|navy|oldlace|olive|olivedrab|orange|orangered|orchid|palegoldenrod|palegreen|paleturquoise|palevioletred|papayawhip|peachpuff|peru|pink|plum|powderblue|purple|red|rosybrown|royalblue|saddlebrown|salmon|sandybrown|seagreen|seashell|sienna|silver|skyblue|slateblue|slategray|snow|springgreen|steelblue|tan|teal|thistle|tomato|turquoise|violet|wheat|white|whitesmoke|yellow|yellowgreen|#[A-Fa-f0-9][A-Fa-f0-9][A-Fa-f0-9][A-Fa-f0-9][A-Fa-f0-9][A-Fa-f0-9])', 'style' => 'identifier', 'childregex' => [], } ] }, { 'name' => 'event capturing', 'regex' => '\\b(captureEvents|releaseEvents|routeEvent|handleEvent)\\b.*?(\\)|$)', 'style' => 'reserved word', 'childregex' => [] }, { 'name' => 'predefined methods', 'regex' => '\\b(abs|acos|alert|anchor|asin|atan|atan2|back|big|blink|blur|bold|ceil|charAt|clear|clearTimeout|click|close|confirm|cos|escape|eval|exp|fixed|floor|focus|fontcolor|fontsize|forward|getDate|getDay|getHours|getMinutes|getMonth|getSeconds|getTime|getTimezoneOffset|getYear|go|indexOf|isNaN|italics|javaEnabled|join|lastIndexOf|link|log|max|min|open|parse|parseFloat|parseInt|pow|prompt|random|reload|replace|reset|reverse|round|scroll|select|setDate|setHours|setMinutes|setMonth|setSeconds|setTimeout|setTime|setYear|sin|small|sort|split|sqrt|strike|sub|submit|substring|sup|taint|tan|toGMTString|toLocaleString|toLowerCase|toString|toUpperCase|unescape|untaint|UTC|write|writeln)\\b', 'style' => 'library function', 'childregex' => [] }, { 'name' => 'properties', 'regex' => '\\b(action|alinkColor|anchors|appCodeName|appName|appVersion|bgColor|border|checked|complete|cookie|defaultChecked|defaultSelected|defaultStatus|defaultValue|description|E|elements|enabledPlugin|encoding|fgColor|filename|forms|frames|hash|height|host|hostname|href|hspace|index|lastModified|length|linkColor|links|LN2|LN10|LOG2E|LOG10E|lowsrc|method|name|opener|options|parent|pathname|PI|port|protocol|prototype|referrer|search|selected|selectedIndex|self|SQRT1_2|SQRT2|src|status|target|text|title|top|type|URL|userAgent|value|vlinkColor|vspace|width|window)\\b', 'style' => 'predefined identifier', 'childregex' => [] }, { 'name' => 'operators', 'regex' => '([=;->/&|])', 'style' => 'symbol', 'childregex' => [] } ] }; $LANGUAGE{'js'} = $LANGUAGE{'javascript'}; # written by Andreas Krennmair # extremely incomplete $LANGUAGE{'lisp'} = { 'filename' => '\\.(lsp|l)$', 'regex' => '', 'patterns' => [ { 'name' => 'parens', 'regex' => '[()]', 'style' => 'braces', 'childregex' => [] }, { 'name' => 'comment', 'regex' => ';.*?$', 'style' => 'comment', 'childregex' => [] }, { 'name' => 'string', 'regex' => '".*?("|$)', 'style' => 'string', 'childregex' => [] }, { 'name' => 'keywords', 'regex' => '\\b(defun |xyz)\\b', 'style' => 'reserved word', 'childregex' => [] }, { 'name' => 'numeric constant', 'regex' => '(#\([0-9]+ [0-9]+\)|[0-9]+)', 'style' => 'numeric', 'childregex' => [] }, { 'name' => 'identifiers', 'regex' => '([-a-zA-Z]+)', 'style' => 'identifier', 'childregex' => [] } ] }; # written by JA $LANGUAGE{'m4'} = { 'filename' => '\\.m4$', 'regex' => '', 'patterns' => [ { 'regex' => 'dnl.*?$', 'style' => 'doc comment', 'childregex' => [] }, { 'regex' => '#.*?$', 'style' => 'comment', 'childregex' => [] }, { 'regex' => '\\b(define|undefine|defn|pushdef|popdef|indir|builtin|changequote|changecom|changeword|m4wrap|m4exit|include|sinclude|divert|undivert|divnum|cleardiv|shift|dumpdef|traceon|traceoff|debugfile|debugmode|len|index|regexp|substr|translit|patsubst|format|incr|decr|syscmd|esyscmd|sysval|maketemp|errprint)\\b', 'style' => 'reserved word', 'childregex' => [] }, { 'regex' => '\\b(ifdef|ifelse|loops)\\b', 'style' => 'reserved word', 'childregex' => [ { 'regex' => '[$]\\$?({[^}]*}|[^a-zA-Z0-9_/\\t\\n\\.,\\\\[\\\\{\\\\(]|[0-9]+|[a-zA-Z_][a-zA-Z0-9_]*)?', 'style' => 'identifier', 'childregex' => [] } ] } ] }; # taken from nedit # modified by PP $LANGUAGE{'make'} = { 'filename' => '[Mm]akefile.*', 'regex' => '', 'patterns' => [ { 'name' => 'Comment', 'regex' => '#.*?$', 'style' => 'comment', 'childregex' => [] }, { 'name' => 'Assignment', 'regex' => '^( *| [ \\t]*)[A-Za-z0-9_+]*[ \\t]*(\\+|:)?=', 'style' => 'assignment', 'childregex' => [] }, { 'name' => 'Dependency Line', 'regex' => '^ *([A-Za-z0-9./$(){} _%+-]|\\n)*::?', 'style' => 'dependency line', 'childregex' => [ { 'name' => 'Dependency Target', 'regex' => '[A-Za-z0-9./$(){} _%+-]+', 'style' => 'dependency target', 'childregex' => [] }, { 'name' => 'Dependency Continuation', 'regex' => '\\\\\\n', 'style' => 'dependency continuation', 'childregex' => [] }, { 'name' => 'comment', 'regex' => '#.*?$', 'style' => 'comment', 'childregex' => [] }, { 'name' => 'macro', 'regex' => '\\$([A-Za-z0-9_]|\\([^)]*\\)|{[^}]*})', 'style' => 'macro', 'childregex' => [] }, { 'name' => 'int macro', 'regex' => '\\$([<@*?%]|\\$@)', 'style' => 'int macro', 'childregex' => [] } ] }, { 'name' => 'Continuation', 'regex' => '\\\\$', 'style' => 'continuation', 'childregex' => [] }, { 'name' => 'Macro', 'regex' => '\\$([A-Za-z0-9_]|\\([^)]*\\)|{[^}]*})', 'style' => 'macro', 'childregex' => [] }, { 'name' => 'Internal Macro', 'regex' => '\\$([<@*?%]|\\$@)', 'style' => 'int macro', 'childregex' => [] }, { 'name' => 'Escaped $$$', 'regex' => '\\$\\$', 'style' => 'esc $$$', 'childregex' => [] }, { 'name' => 'Include', 'regex' => '^include[ \\t]', 'style' => 'include', 'childregex' => [] } ] }; $LANGUAGE{'makefile'} = $LANGUAGE{'make'}; # taken from nedit # modified by PP $LANGUAGE{'pas'} = { 'filename' => '(?i)\\.p(as)?$', 'regex' => '', 'patterns' => [ { 'name' => 'comment1 (* *)', 'regex' => '\\(\\*.*?\\*\\)', 'style' => 'comment', 'childregex' => [] }, { 'name' => 'comment2 { }', 'regex' => '\\{.*?\\}', 'style' => 'comment', 'childregex' => [] }, { 'name' => 'string', 'regex' => '\'.*?(\'|$)', 'style' => 'string', 'childregex' => [] }, { 'name' => 'preprocessor line', 'regex' => '^[ \\t]*#.*?$', 'style' => 'preprocessor', 'childregex' => [ { 'name' => 'comment1 (* *)', 'regex' => '\\(\\*.*?\\*\\)', 'style' => 'comment', 'childregex' => [] }, { 'name' => 'comment2 { }', 'regex' => '\\{.*?\\}', 'style' => 'comment', 'childregex' => [] } ] }, { 'name' => 'character constant', 'regex' => '\'.\'', 'style' => 'character', 'childregex' => [] }, { 'name' => 'numeric constant', 'regex' => '\\b((0(x|X)[0-9a-fA-F]*)|[0-9.]+((e|E)(\\+|-)?)?[0-9]*)(L|l|UL|ul|u|U|F|f)?\\b', 'style' => 'numeric', 'childregex' => [] }, { 'name' => 'storage and ops', 'regex' => '\\b(?i)(and|array|const|div|export|file|function|import|in|label|mod|module|nil|not|only|or|packed|pow|pragma|procedure|program|protected|qualified|record|restricted|set|type|var)\\b', 'style' => 'reserved word', 'childregex' => [] }, { 'name' => 'keywords', 'regex' => '\\b(?i)(begin|case|do|downto|else|end|for|goto|if|of|otherwise|repeat|then|to|until|while|with)\\b', 'style' => 'reserved word', 'childregex' => [] }, { 'name' => 'sumbols', 'regex' => '([\\*\\-\\+=:;<>\\(\\)\\[\\]!]|[^/]/[^/])', 'style' => 'symbol', 'childregex' => [] }, { 'name' => 'identifiers', 'regex' => '([a-zA-Z_][a-zA-Z_0-9.^]*[a-zA-Z_0-9]|[a-zA-Z_][a-zA-Z_0-9]*)', 'style' => 'identifier', 'childregex' => [ { 'regex' => '(\\.|\\^)+', 'style' => 'symbol', 'childregex' => [] } ] } ], }; $LANGUAGE{'pascal'} = $LANGUAGE{'pas'}; # taken from nedit # modified by PP # modified by BS # modified by JD # modified by JP $LANGUAGE{'perl'} = { 'filename' => '(?i)\\.p([lm5]|od)$', 'regex' => '^\\s*#\\s*![^\\s]*perl', 'patterns' => [ { 'name' => 'comment', 'regex' => '(?:#.*?(?:\r?\n\s*)+)+', 'style' => 'comment', 'childregex' => [] }, { 'name' => 'variables', 'regex' => '[\\$@%]\\$?(?:{[^}]*}|[^a-zA-Z0-9_/\\t\\n\\.,\\\\[\\\\{\\\\(]|[0-9]+|[a-zA-Z_][a-zA-Z0-9_]*)?', 'style' => 'identifier', 'childregex' => [] }, { 'name' => '"" string', 'regex' => '""|".*?([^\\\\](\\\\\\\\)*)"|"\\\\\\\\"', # 'regex' => '""|"\\\\\\\\"|"[^"\\\\]"|"[^"].*?[^\\\\]"', 'style' => 'string', 'childregex' => [ { 'name' => 'esc character', 'regex' => '\\\\.', 'style' => 'esc character', 'childregex' => [] }, { 'name' => 'variables', 'regex' => '[\\$@%]\\$?(?:{[^}]*}|[^a-zA-Z0-9_/\\t\\n\\.,\\\\[\\\\{\\\\(]|[0-9]+|[a-zA-Z_][a-zA-Z0-9_]*)?', 'style' => 'identifier', 'childregex' => [] } ] }, { 'name' => '\'\' string', 'regex' => '\'\'|\'.*?([^\\\\](\\\\\\\\)*)\'|\'\\\\\\\\\'', # 'regex' => '\'\'|\'\\\\\\\\\'|\'[^\'\\\\]\'|\'[^\'].*?[^\\\\]\'', 'style' => 'string', 'childregex' => [ { 'name' => 'esc character', 'regex' => '\\\\.', 'style' => 'esc character', 'childregex' => [] } ] }, { 'name' => 'more strings - q// qw//', 'regex' => '(?:\\b| )(?:q|qw)([^\w\s])(?:\\\\\\2|[^\\2\\n])*\\2', 'style' => 'string', 'childregex' => [ { 'name' => 'esc character', 'regex' => '\\\\.', 'style' => 'esc character', 'childregex' => [] } ] }, { 'name' => 'more strings - qq// qx//', 'regex' => '(?:\\b| )(?:qq|qx)([^\w\s])(?:\\\\\\2|[^\\2\\n])*\\2', 'style' => 'string', 'childregex' => [ { 'name' => 'esc character', 'regex' => '\\\\.', 'style' => 'esc character', 'childregex' => [] }, { 'name' => 'variables', 'regex' => '[\\$@%]\\$?(?:{[^}]*}|[^a-zA-Z0-9_/\\t\\n\\.,\\\\[\\\\{\\\\(]|[0-9]+|[a-zA-Z_][a-zA-Z0-9_]*)?', 'style' => 'identifier', 'childregex' => [] } ] }, { 'name' => 'subroutine header', 'regex' => 'sub[\\t ]+(?:[a-zA-Z0-9_]+)[\\t \\n]*(?:\\{|\\(|\\n)', 'style' => 'function header', 'childregex' => [ { 'name' => 'subroutine header coloring', 'regex' => '[\\t ][a-zA-Z0-9_]+', 'style' => 'function header name', 'childregex' => [] } ] }, { 'name' => 'regex matching I', 'regex' => '(?:\\b| )?(?:/(?:\\\\/|[^/\\n])*(?:/[gimesox]*)|s([^\w\s])(?:\\\\\\2|[^\\2\\n])*?(\\2)[^(\\2)\\n]*?(\\2[gimesox]*))', 'style' => 'regex', 'childregex' => [] }, { 'name' => 'regex matching II', 'regex' => '(?:\\b| )(?:m|qq?|tr|y)([^\w\s])(?:\\\\\\2|[^\\2\\n])*(?:\\2[gimesox]*)', 'style' => 'regex', 'childregex' => [] }, { 'name' => 'keywords', 'regex' => '\\b(my|local|new|if|until|while|elsif|else|eval|unless|for|foreach|continue|exit|die|last|goto|next|redo|return|local|exec|do|use|require|package|eval|BEGIN|END|eq|ne|not|\\|\\||\\&\\&|and|or)\\b', 'style' => 'reserved word', 'childregex' => [] }, { 'name' => 'library functions', 'regex' => '\\b(?:a(?:bs|ccept|larm|tan2)|b(?:ind|inmode|less)|c(?:aller|hdir|hmod|homp|hop|hr|hroot|hown|losedir|lose|onnect|os|rypt)|d(?:bmclose|bmopen|efined|elete|ie|ump)|e(?:ach|nd(?:grent|hostent|netent|protoent|pwent|servent)|of|xec|xists|xp)|f(?:ctnl|ileno|lock|ork|ormat|ormline)|g(?:et(?:c|grent|grgid|grnam|hostbyaddr|hostbyname|hostent|login|netbyaddr|netbyname|netent|peername|pgrp|ppid|priority|protobyname|protobynumber|protoent|pwent|pwnam|pwuid|servbyname|servbyport|servent|sockname|sockopt)|lob|mtime|rep)|hex|i(?:mport|ndex|nt|octl)|join|keys|kill|l(?:cfirst|c|ength|ink|isten|og|ocaltime|stat)|m(?:ap|kdir|sgctl|sgget|sgrcv)|no|o(?:ct|pendir|pen|rd)|p(?:ack|ipe|op|os|rintf|rint|ush)|quotemeta|r(?:and|eaddir|ead|eadlink|ecv|ef|ename|eset|everse|ewinddir|index|mdir)|s(?:calar|eekdir|eek|elect|emctl|emget|emop|end|et(?:grent|hostent|netent|pgrp|priority|protoent|pwent|sockopt)|hift|hmctl|hmget|hmread|hmwrite|hutdown|in|leep|ocket|ocketpair|ort|plice|plit|printf|qrt|rand|tat|tudy|ubstr|ymlink|yscall|ysopen|ysread|ystem|yswrite)|t(?:elldir|ell|ie|ied|ime|imes|runcate)|u(?:c|cfirst|mask|ndef|nlink|npack|nshift|ntie|time)|values|vec|w(?:ait|aitpid|antarray|arn|rite)|qw|-[rwxoRWXOezsfdlpSbctugkTBMAC])\\b', 'style' => 'library function', 'childregex' => [] }, { 'name' => 'braces, parens and brakets', 'regex' => '[\\[\\]\\{\\}\\(\\)]', 'style' => 'braces', 'childregex' => [] }, { 'name' => '<< stuff', 'regex' => '<<(?:("|\')([^\\n]*)\\2|\\w*).*?^\\3$', 'style' => 'text', 'childregex' => [] }, { 'name' => 'POD', 'regex' => '^=.*?^(?:=cut|\\Z)', 'style' => 'doc comment', 'childregex' => [] } ] }; # Thanks to Matt Giwer $LANGUAGE{'pov'} = { 'filename' => '(?i)\\.pov$', 'regex' => '', 'patterns' => [ { 'name' => 'doc comment', 'regex' => '/\\*\\*.*?\\*/', 'style' => 'doc comment', 'childregex' => [] }, { 'name' => 'comment', 'regex' => '/\\*.*?\\*/', 'style' => 'comment', 'childregex' => [] }, { 'name' => 'cplus comment', 'regex' => '//.*?$', 'style' => 'comment', 'childregex' => [] }, { 'name' => 'string', 'regex' => '""|".*?([^\\\\](\\\\\\\\)*)"|"\\\\\\\\"', # 'regex' => '""|"\\\\\\\\"|"[^"\\\\]"|"[^"].*?[^\\\\]"', 'style' => 'string', 'childregex' => [ { 'name' => 'esc character', 'regex' => '\\\\.', 'style' => 'esc character', 'childregex' => [] } ] }, { 'name' => 'preprocessor line', 'regex' => '^[ \\t]*#.*?$', 'style' => 'preprocessor', 'childregex' => [ { 'name' => 'string', 'regex' => '""|".*?([^\\\\](\\\\\\\\)*)"|"\\\\\\\\"', # 'regex' => '""|"\\\\\\\\"|"[^"\\\\]"|"[^"].*?[^\\\\]"', 'style' => 'string', 'childregex' => [ { 'name' => 'esc character', 'regex' => '\\\\.', 'style' => 'esc character', 'childregex' => [] } ] }, { 'name' => '', 'regex' => '<.*?>', 'style' => 'string', 'childregex' => [] }, { 'name' => 'comment', 'regex' => '[^/]/\\*.*?\\*/', 'style' => 'comment', 'childregex' => [] }, { 'name' => 'cplus comment', 'regex' => '//.*?$', 'style' => 'comment', 'childregex' => [] } ] }, { 'name' => 'character constant', 'regex' => '\'(\\\\)?.\'', 'style' => 'character', 'childregex' => [ { 'name' => 'esc character', 'regex' => '\\\\.', 'style' => 'esc character', 'childregex' => [] } ] }, { 'name' => 'numeric constant', 'regex' => '\\b((0(x|X)[0-9a-fA-F]*)|(([0-9]+\\.?[0-9]*)|(\\.[0-9]+))((e|E)(\\+|-)?[0-9]+)?)(L|l|UL|ul|u|U|F|f)?\\b', 'style' => 'numeric', 'childregex' => [] }, { 'name' => 'keyword', 'regex' => '\\b(abs|absorption|acos|acosh|adaptive|adc_bailout|agate|agate_turb|all|alpha|ambient|ambient_light|angle|aperture|append|arc_angle|area_light|array|asc|asin|asinh|assumed_gamma|atan|atan2|atanh|average|background|bezier_spline|bicubic_patch|black_hole|blob|blue|blur_samples|bounded_by|box|boxed|bozo|break|brick|brick_size|brightness|brilliance|bumps|bump_map|bump_size|camera|case|caustics|ceil|checker|chr|clipped_by|clock|clock_delta|color|color_map|colour|colour_map|component|composite|concat|cone|confidence|conic_sweep|control0|control1|cos|cosh|count|crackle|crand|cube|cubic|cubic_spline|cubic_wave|cylinder|cylindrical|debug|declare|default|defined|degrees|density|density_file|density_map|dents|difference|diffuse|dimensions|dimension_size|direction|disc|distance|distance_maximum|div|eccentricity|else|emission|end|error|error_bound|exp|extinction|fade_distance|fade_power|falloff|falloff_angle|false|fclose|file_exists|filter|finish|fisheye|flatness|flip|floor|focal_point|fog|fog_alt|fog_offset|fog_type|fopen|frequency|gif|global_settings|gradient|granite|gray_threshold|green|height_field|hexagon|hf_gray_16|hierarchy|hollow|hypercomplex|if|ifdef|iff|ifndef|image_map|include|int|interior|interpolate|intersection|intervals|inverse|ior|irid|irid_wavelength|jitter|julia_fractal|lambda|lathe|leopard|light_source|linear_spline|linear_sweep|local|location|log|looks_like|look_at|low_error_factor|macro|mandel|map_type|marble|material|material_map|matrix|max|max_intersections|max_iteration|max_trace_level|media|media_attenuation|media_interaction|merge|mesh|metallic|min|minimum_reuse|mod|mortar|nearest_count|no|normal|normal_map|no_shadow|number_of_waves|object|octaves|off|offset|omega|omnimax|on|once|onion|open|orthographic|panoramic|perspective|pgm|phase|phong|phong_size|pi|pigment|pigment_map|planar|plane|png|point_at|poly|polygon|poly_wave|pot|pow|ppm|precision|prism|pwr|quadratic_spline|quadric|quartic|quaternion|quick_color|quick_colour|quilted|radial|radians|radiosity|radius|rainbow|ramp_wave|rand|range|ratio|read|reciprocal|recursion_limit|red|reflection|reflection_exponent|refraction|render|repeat|rgb|rgbf|rgbft|rgbt|right|ripples|rotate|roughness|samples|scale|scallop_wave|scattering|seed|shadowless|sin|sine_wave|sinh|sky|sky_sphere|slice|slope_map|smooth|smooth_triangle|sor|specular|sphere|spherical|spiral1|spiral2|spotlight|spotted|sqr|sqrt|statistics|str|strcmp|strength|strlen|strlwr|strupr|sturm|substr|superellipsoid|switch|sys|t|tan|tanh|text|texture|texture_map|tga|thickness|threshold|tightness|tile2|tiles|torus|track|transform|translate|transmit|triangle|triangle_wave|true|ttf|turbulence|turb_depth|type|u|ultra_wide_angle|undef|union|up|use_color|use_colour|use_index|u_steps|v|val|variance|vaxis_rotate|vcross|vdot|version|vlength|vnormalize|vrotate|v_steps|warning|warp|water_level|waves|while|width|wood|wrinkles|write|x|y|yes|z)\\b', 'style' => 'reserved word', 'childregex' => [] }, { 'name' => 'braces', 'regex' => '[\\{\\}]', 'style' => 'braces', 'childregex' => [] }, { 'name' => 'symbols', 'regex' => '([\\*\\-\\+=:;%&\\|<>\\(\\)\\[\\]!])', 'style' => 'symbol', 'childregex' => [] }, { 'name' => 'identifiers', 'regex' => '([a-zA-Z_][a-zA-Z_0-9]*)', 'style' => 'identifier', 'childregex' => [] } ] }; $LANGUAGE{'povray'} = $LANGUAGE{'pov'}; # by Tom Good $LANGUAGE{'python'} = { 'filename' => '(?i)\\.py$', 'regex' => '^\\s*#\\s*![^\\s]*python', 'patterns' => [ { 'name' => 'python comment', 'regex' => '#.*?$', 'style' => 'comment', 'childregex' => [] }, { 'name' => 'single quote string', 'regex' => '\'.*?\'', 'style' => 'string', 'childregex' => [] }, { 'name' => 'string', 'regex' => '""|"\\\\\\\\"|".*?([^\\\\](\\\\\\\\)*)"', 'regex' => '""|".*?([^\\\\](\\\\\\\\)*)"|"\\\\\\\\"', 'regex' => '""|"\\\\\\\\"|"[^"\\\\]"|"[^"].*?[^\\\\]"', 'style' => 'string', 'childregex' => [ { 'name' => 'esc character', 'regex' => '\\\\.', 'style' => 'esc character', 'childregex' => [] } ] }, { 'name' => 'character constant', 'regex' => '\'(\\\\)?.\'', 'style' => 'character', 'childregex' => [ { 'name' => 'esc character', 'regex' => '\\\\.', 'style' => 'esc character', 'childregex' => [] } ] }, { 'name' => 'numeric constant', 'regex' => '\\b((0(x|X)[0-9a-fA-F]*)|(([0-9]+\\.?[0-9]*)|(\\.[0-9]+))((e|E)(\\+|-)?[0-9]+)?)(L|l|UL|ul|u|U|F|f)?\\b', 'style' => 'numeric', 'childregex' => [] }, { 'name' => 'keyword', 'regex' => '\\b(and|assert|break|class|continue|del|elif|else|except|exec|finally|for|from|global|if|import|in|is|lambda|not|or|pass|print|raise|return|try|while)\\b', 'style' => 'reserved word', 'childregex' => [] }, { 'name' => 'braces', 'regex' => '[\\{\\}]', 'style' => 'braces', 'childregex' => [] }, { 'name' => 'symbols', 'regex' => '([\\*\\-\\+=:;%&\\|<>\\(\\)\\[\\]!])', 'style' => 'symbol', 'childregex' => [] }, { 'name' => 'identifiers', 'regex' => '([a-zA-Z_][a-zA-Z_0-9]*)', 'style' => 'identifier', 'childregex' => [] }, { 'name' => 'function', 'regex' => '[\\t ]*def[\\t ]+([a-zA-Z0-9_]+)[\\t \\(]+.*?[\\n{]', 'style' => 'function header', 'childregex' => [ { 'name' => 'function args', 'regex' => '\\(.*?\\)', 'style' => 'function header args', 'childregex' => [] }, { 'name' => 'function name', 'regex' => '[\\t ][a-zA-Z0-9_]+', 'style' => 'function header name', 'childregex' => [] } ] }, { 'name' => 'library functions', 'regex' => '\\b(__import__|abs|apply|buffer|callable|chr|cmp|coerce|compile|complex|delatter|dir|divmod|eval|execfile|filter|float|getattr|globals|hasattr|hash|hex|id|input|int|intern|isinstance|issubclass|len|list|locals|long|map|max|min|oct|open|ord|pow|range|raw_input|reduce|reload|repr|round|setattr|slice|str|tuple|type|unichr|unicode|vars|xrange|zip)\\b', 'style' => 'library function', 'childregex' => [] }, ] }; # by Joshua Swink $LANGUAGE{'ruby'} = { 'filename' => '\\.rb$', 'regex' => '^\\s*#\\s*![^\\s]*\\bruby\\b', 'patterns' => [ { 'name' => 'comment', 'regex' => '(?:#.*?(?:\r?\n\s*)+)+', 'style' => 'comment', 'childregex' => [] }, { 'name' => 'predefined variables', 'regex' => '(?:\\$(?:[!@&`\'+\\d~=/\\\\,;.<>_*\\$?:"]|DEBUG|FILENAME|LOAD_PATH|stdin|stdout|stderr|VERBOSE|-[0adFiIlpv])|\\b(?:TRUE|FALSE|NIL|STDIN|STDOUT|STDERR|ENV|ARGF|ARGV|DATA|RUBY_VERSION|RUBY_RELEASE_DATE|RUBY_PLATFORM)\\b)', 'style' => 'predefined identifier', 'childregex' => [] }, { 'name' => 'variables', 'regex' => '[\\$@](?:{[^}]*}|[^\\w/\\t\\n\\.,\\\\[\\\\{\\\\(]|[0-9]+|[a-zA-Z_][\\w.]*)?', 'style' => 'identifier', 'childregex' => [] }, { 'name' => '"" string', 'regex' => '""|"(?:\\\\\\\\)+"|".*?(?:[^\\\\](?:\\\\\\\\)*)"|%[Qwx]?([^\\w\\[\\](){}<>])\\2|%[Qwx]?([^\\w\\[\\](){}<>]).*?(?:[^\\\\](?:\\\\\\\\)*)\\3|%[Qwx]?([^\\w\\[\\](){}<>])\\\\\\\\\\4|%[Qwx]?\\[\\]|%[Qwx]?\\[.*?([^\\\\](\\\\\\\\)*)\\]|%[Qwx]?\\[\\\\\\\\\\]|%[Qwx]?\\{\\}|%[Qwx]?\\{.*?([^\\\\](\\\\\\\\)*)\\}|%[Qwx]?\\{\\\\\\\\\\}|%[Qwx]?\\(\\)|%[Qwx]?\\(.*?([^\\\\](\\\\\\\\)*)\\)|%[Qwx]?\\(\\\\\\\\\\)|%[Qwx]?<>|%[Qwx]?<.*?([^\\\\](\\\\\\\\)*)>|%[Qwx]?<\\\\\\\\>', 'style' => 'string', 'childregex' => [ { 'name' => 'esc character', 'regex', => '\\\\(?:x[\\da-fA-F]{2}|\d\d\d|c.|M-\\\\C-.|M-.|C-.|.)', 'style' => 'esc character', 'childregex' => [] }, { 'name' => 'string expression', 'regex' => '#[\\$\\@][a-zA-Z_][\\w.]*|#\\{[\\$\\@]?[^\\}]*\\}', 'style' => 'identifier', 'childregex' => [] } ] }, { 'name' => '\'\' string', 'regex' => '\'\'|\'(?:\\\\\\\\)+\'|\'.*?(?:[^\\\\](?:\\\\\\\\)*)\'|%q([^\\w\\[\\](){}<>])\\2|%q([^\\w\\[\\](){}<>]).*?(?:[^\\\\](?:\\\\\\\\)*)\\3|%q([^\\w\\[\\](){}<>])\\\\\\\\\\4|%q\\[\\]|%q\\[.*?([^\\\\](\\\\\\\\)*)\\]|%q\\[\\\\\\\\\\]|%q\\{\\}|%q\\{.*?([^\\\\](\\\\\\\\)*)\\}|%q\\{\\\\\\\\\\}|%q\\(\\)|%q\\(.*?([^\\\\](\\\\\\\\)*)\\)|%q\\(\\\\\\\\\\)|%q<>|%q<.*?([^\\\\](\\\\\\\\)*)>|%q<\\\\\\\\>', 'style' => 'string', 'childregex' => [ { 'name' => 'esc character', 'regex' => '(?:\\\\\'|\\\\\\\\)', 'style' => 'esc character', 'childregex' => [] } ] }, { 'name' => 'subroutine header', 'regex' => 'def[\\t ]+\\w[\\w.]*(?:\\([^)]*\\))?', 'style' => 'function header', 'childregex' => [ { 'name' => 'arg list', 'regex' => '\\(.*\\)', 'style' => 'function header args', 'childregex' => [ { 'name' => 'arg list parens', 'regex' => '[\\(\\)]', 'style' => 'symbol', 'childregex' => [] } ] }, { 'name' => 'subroutine header', 'regex' => '[\\t ]\w+', 'style' => 'function header name', 'childregex' => [] } ] }, { 'name' => 'class header', 'regex' => 'class[\\t ]+\\w+(?:\\s*<\\s*\\w+)?', 'style' => 'function header', 'childregex' => [ { 'name' => 'class ancestor', 'regex' => '<\\s*\\w+', 'style' => 'include', 'childregex' => [ { 'name' => 'inheritance doohickey', 'regex' => '<', 'style' => 'symbol', 'childregex' => [] } ] }, { 'name' => 'class main', 'regex' => '[\\t ]\\w+', 'style' => 'type', 'childregex' => [] } ] }, { 'name' => 'regex matching 0', 'regex' => '(?:%r([^\\w\\[\\](){}<>])\\2|%r([^\\w\\[\\](){}<>]).*?(?:[^\\\\](?:\\\\\\\\)*)\\3|%r([^\\w\\[\\](){}<>])\\\\\\\\\\4|%r\\[\\]|%r\\[.*?([^\\\\](\\\\\\\\)*)\\]|%r\\[\\\\\\\\\\]|%r\\{\\}|%r\\{.*?([^\\\\](\\\\\\\\)*)\\}|%r\\{\\\\\\\\\\}|%r\\(\\)|%r\\(.*?([^\\\\](\\\\\\\\)*)\\)|%r\\(\\\\\\\\\\)|%r<>|%r<.*?([^\\\\](\\\\\\\\)*)>|%r<\\\\\\\\>)[ixpno]*', 'style' => 'regex', 'childregex' => [ { 'name' => 'string expression', 'regex' => '#[\\$\\@][a-zA-Z_][\\w.]*|#\\{[\\$\\@]?[a-zA-Z_][^\\}]*\\}', 'style' => 'identifier', 'childregex' => [] } ] }, { 'name' => 'regex matching I', 'regex' => '(?:\\b| )?(?:/(?:\\\\/|[^/\\n])*(?:/[ixpno]*))', 'style' => 'regex', 'childregex' => [ { 'name' => 'string expression', 'regex' => '#[\\$\\@][a-zA-Z_][\\w.]*|#\\{[\\$\\@]?[a-zA-Z_][^\\}]*\\}', 'style' => 'identifier', 'childregex' => [] } ] }, { 'name' => 'reserved words', 'regex' => '\\b(BEGIN|class|ensure|nil|self|when|END|def|false|not|super|while|alias|defined|for|or|then|yield|and|do|if|redo|true|begin|else|in|rescue|undef|break|elsif|module|retry|unless|case|end|next|return|until)\\b', 'style' => 'reserved word', 'childregex' => [] }, { 'name' => 'kernel module methods', 'regex', => '\\b(Array|Float|Integer|String|at_exit|autoload|binding|caller|catch|chop|chomp|chomp!|eval|exec|exit|fail|fork|format|gets|global_variables|gsub|iterator|lambda|load|local_variables|loop|open|p|print|printf|proc|putc|puts|raise|rand|readline|readlines|require|select|sleep|split|sprintf|srand|sub|syscall|system|test|trace_var|trap|untrace_var)\\b', 'style' => 'library function', 'childregex' => [] }, { 'name' => 'braces, parens and brakets', 'regex' => '[\\[\\]\\{\\}\\(\\)]', 'style' => 'braces', 'childregex' => [] }, { 'name' => '<< stuff', 'regex' => '<<(?:("|\')([^\\n]*)\\2|\\w*).*?^\\3$', 'style' => 'text', 'childregex' => [] }, { 'name' => 'symbols', 'regex' => '(?:[:*-+<>=^!,/]+|\.\.+)', 'style' => 'symbol', 'childregex' => [] }, { 'name' => 'numbers', 'regex' => '\d[\d.]*', 'style' => 'numeric', 'childregex' => [] }, { 'name' => 'embedded documentation', 'regex' => '^=.*?^(?:=end|\\Z)', 'style' => 'doc comment', 'childregex' => [] } ] }; # taken from nedit # modified by PP # very inclomplete! $LANGUAGE{'sql'} = { 'filename' => '(?i)\\.sql$', 'regex' => '', 'patterns' => [ { 'name' => 'keywords I', 'regex' => '(?i)(,|%|<|>|:=|=|\\(|\\)|\\bselect|on|from|order by|desc|where|and|or|not|null|true|false)\\b', 'style' => 'reserved word', 'childregex' => [] }, { 'name' => 'comment I', 'regex' => '--.*?$', 'style' => 'comment', 'childregex' => [] }, { 'name' => 'comment II', 'regex' => '/\\*.*?\\*/', 'style' => 'comment', 'childregex' => [] }, { 'name' => 'string', 'regex' => '\'\'|\'.*?([^\\\\](\\\\\\\\)*)\'|\'\\\\\\\\\'', # 'regex' => '(\'\'|\'[^\'\\\\]\'|\'[^\'].*?[^\\\\]\')', 'style' => 'string', 'childregex' => [] }, { 'name' => 'keywords II', 'regex' => '(?i)end if;|\\b(create|replace|begin|end|function|return|fetch|open|close|into|is|in|when|others|grant|on|to|exception|show|set|out|pragma|as|package)\\b', 'style' => 'reserved word', 'childregex' => [] }, { 'name' => 'keywords III', 'regex' => '(?i)\\balter\\b', 'style' => 'reserved word', 'childregex' => [] }, { 'name' => 'datatypes', 'regex' => '(?i)\\b(integer|blol|date|numeric|character|varying|varchar|char)\\b', 'style' => 'predefined type', 'childregex' => [] }, { 'name' => 'words', 'regex' => '(?i)\\b(constraint|key|references|primary|table|foreign|add|insert|group by)\\b', 'style' => 'reserved word', 'childregex' => [] } ] }; $LANGUAGE{'patch'} = { 'filename' => '(?i)\\.patch$|\\.diff$', 'regex' => '', 'patterns' => [ { 'name' => 'header', 'regex' => '^Index: .*?$|^===== .*?$|^diff .*?$|^--- .*?$|^\+\+\+ .*?$', 'style' => 'separator', 'childregex' => [] }, { 'name' => 'hunk', 'regex' => '^@@ .*?$', 'style' => 'line spec', 'childregex' => [] }, { 'name' => 'from', 'regex' => '^-.*?$', 'style' => 'deletion', 'childregex' => [] }, { 'name' => 'to', 'regex' => '^\+.*?$', 'style' => 'insertion', 'childregex' => [] } ] }; ##### # # LANGUAGE: shell script # $LANGUAGE{'shellscript'} = { 'filename' => '\\.(sh|shell)$', 'regex' => '^\\s*#\\s*![^\\s]*(sh|bash|ash|zsh|ksh)', 'patterns' => [ { 'name' => 'comment', # 'regex' => '^[ \t]*[^$]?\#[^!]?.*?$', 'regex' => '(^| )#([^\\!].)*?$', 'style' => 'comment', 'childregex' => [] }, { 'name' => 'identifier', 'regex' => '[a-zA-Z][a-zA-Z0-9_]*=', 'style' => '', 'childregex' => [ { 'name' => 'identifier', 'regex' => '[a-zA-Z][a-zA-Z0-9_]*', 'style' => 'identifier', 'childregex' => [] } ] }, { 'name' => 'identifier', 'regex' => '\\$([0-9#\\*]|[a-zA-Z][a-zA-Z0-9_]*)', 'style' => 'identifier', 'childregex' => [] }, { 'name' => 'interpreter line', 'regex' => '^[ \t]*#!.*?$', 'style' => 'preprocessor', childregex => [] }, { 'name' => 'string', 'regex' => '""|"(\\\\"|[^\\"])*"', 'style' => 'string', childregex => [ { 'name' => 'identifier', 'regex' => '\\$([0-9#\\*]|[a-zA-Z][a-zA-Z0-9_]*)', 'style' => 'identifier', 'childregex' => [] } ] } ] }; $LANGUAGE{'sh'} = $LANGUAGE{'shellscript'}; return \%LANGUAGE; }; xca-RELEASE.2.2.1/doc/xca-doc.tgz0000644000175000017500000006250513614632167015536 0ustar tewardteward^\rHr޿n*gWQH'b(gwM]@T&k9g-ξ fz{އrߙ/wN}98<{~?ߕ~kFBƩ(נ+}rxH9?WޜEk`ܜx2vGB Nz>yQ,ԯe|5BjZ"4n>\{?4gE-]J-1uea'Ԛ%/׭?.F׃^^܌.n^ⴼ?½,K77g㟆'~C4eL#QBrQek ,Go UN-c^zCRoAY7C-0k}gl!ukWvݍVrvԻk|xi Nqmp A]ׅ̕K2E&H4+D rG:Sr(qss \&$8Ku'CX0L<7Is"rׯ҅YoQ8On)RuODU+*Ȧt'y".Hq4<2Q7r >{YUVU<:u2ƉBI۸+ w 1A<[DTBxԌ4NͼiKN3_ȕݾgI/b@[IEZeN 8 2d =1avnvE lo`H==QVpQG4KdzTE ݡ,i $H&bneRZ¢x:U9h  pa8-DT-uI:Hwb# JꕸÆjU7e"kj\Wꊇd5MG=m^+ڹUɛ\^uX~lIc'Ɣ6~[-Mv ͓smI R"m W2n]kKƥ=xbk|_8|ku!`nwA!  { ;ͦ[1vP10&;@!M 8k6vZ%Dy @8 w`<0Q><+9' "OO.6`b; S8؟}Tv7d%e.!0ExFq\":Fj]b1PʥFZc f#dCPZf-Wb0o㜐,ɦF-̉R U,OJ-;T L]qÒD(9p<ۀ1}_?_.9<>?[#\=nPq2f)L2uRLfֽ#'8c$oUQgTYnQ~zs|'aK惞Y1kL %xH0'Ʒڧ|7Wi44KSazjG<Ϙ2X8뵶LMv-/Y,p&0s΢w80HJi2M5J!2{yN.KaBK= ,b\&XcFٝMmL|<>/џ.8~7?{C+`奼CG3Ǽ.7);xd! p>عmK}.Ð~"p2bs`~f7dx>`һ~h 潺Uwl7tsCs+(k F eE$[`{MYc#6n\c-s*i Re?+5yipq6Uߕ8G1u+m8AqgIf3fNr"v]rОfҖDN(_(;bHL6ZOՙ'3L)ӧ+Aoo )-Y#d{(%MZkDJҹIF8$ k+\V';"Zij(nٓg.>nK4Gc̡9OM@#*1,X:ݠrXX+\Rj2dي%fi \1iٛC SA\X;_vuW iWEW aFCxP =5r ˜j'\%É3%OA?G)Wq8M+Q!̥x2ż:wDDV:L"ư\r xZN,~#4_q.RJ$#E1Q)ަ#+$%|Rhf9J.\ڲ찀)O@w( V;cN pQС\uիϵz8]cUN:Q쭧xNU]Pz.r5,傢jdAmpCTe4t l.*wiFG &DbwvLuH.wrp&NMs/L-፷`*NXT<Zxk>?@%fƛܮM6|~T'i#*`:(wpBr,^EǛ|QLT(}6 +Ū eI ,޷ uI%KNaL\|J`ĩlz Uk/v50ۚwXXٰq$biu!~.`Ns-},8XrGv\eɾɑN`pwp"S Ppg$5N+'4[K&}:e'^nU},іmqjhn1A>w4'6(8Nc+-ܠDC,7'Ld4kT'u-.LeypH`s9ziӈlo(%·?mUM27^?=xS|@q\KWӟsŷћk{OuKnnIl{;]WW'/XMB# _X3'ilR/cˠN@YHVW| ̓3tƃ+fR唜)'In9gFѨ`М2bS:qi)U,iH\bHasJ[ |tZtwzg_Q+AG5$)_@4_ ,#fHX1'"S^U3Dm &{mec鞳 lR&gd:;A- za3C XU1υoN5ڨ`˔ø)WỜv(2ߘfl9~htS)SҜ\xN?/^fEbiyJB'Id}HP|_!ˤ:5:W 8?ʴ }@ۨ):ʍ\RK'Wn\3]3^Ay&Z5-q|A ɩME5j42o( U{M/:ƪ3k5^ds^ ?`uu \fCɾ/j%ׅ2|:9B[o_0zǽ/'/{/6[Qqd'nMgH|f"vÃGS|!un`#FxIeGS"o5 4JtaMxq1ypW5̉ R_աnMZrfT.$7a|- )~HXJ9>y:C\ y- !37+YSwXBr0| :sʼ})<^q7s"80 nF:ug`r ,ZVI2"]nhѠjWr/#$wetKTHpI98y0oD{^i4cZV `TͧnOmwMAMع8,e̴Ү4Q'ʷvϮo,H"$ ('MA#m SCa}qr(%'{~I[ ޹穉zDoȀ`x>jA0Bٖ˵"331/o[ڮUamGc\as01hES:bIo_\Snt=}Ic݉}ծui2ӺWo|znnY9sCiˁr%3τ\yu=Du`7] k![=9ꆱT LR;(RJɴG'PELՂb!%+[{+gڔ^ڮvæDj_aa SJn6m>]8iE_꘼~}֜7 <)6QQ}!{%_ܕqQۮ`,Z߫=]YՎ'k5γ5(jt9x'ɴ+Nnq%u J1U[,s9z}'tɚ%8`h5y @X 'M;<+IJMEg'lY'頽 veRo]~ SUD|b~s r:!H kt+l09E'FN||z vPMC0+w kÝiEnR*`.c_{f+-NKz۠͏X|B [jGy+WZeu`4վUÆ)XE0 Q|t5:']5hjr:#2`6ghc]K-U'W$.υZP[chA} |;L[N0zh'+۫N ZgfGz wj* v;G: ~?pN%S lUR_<ɹ|nK} d<}Іc5C:ڽڊ]1Mn1zͥF4Ԡ`26+a#^TVU8d+h&lkG4a&>FL~Z_7mlOae3(!t4k !Ѩ2Ԇw=޶Tҹ{UcܱN*#Hn1A &gc$_D`nJE\Y٥a FIR`]y̿q]bER!ZEp{ ;qM)WWPk/j7WQ_dhA"bȤd9#T1 !# 7#Ʒ +uX:aEORZ1_p  OpqYM== (*ͥ)r{\s/uÙoᔘ ˮ"m^?kD6\HM*>嚃]֑ UXz͓x~AnKcND#4/ŗ!QJbMi94ػ!ŧta!gCf-2!ޑyYlˌn;p?etRhBYTeFL{0OcTa&Kk?% $ybBs_/}dueWq}>) <^ `{;I? &Hi.t7|EY-.^iJك4".BZzjqv `V<#==٘!< 8 ≁?M2 WcG.>\L/yJiBv;aT*Ag9 ADfӛeњۻ~6/!???^a x#E^3Hr{+mY1 (\j\P2 ܙԭ2=xyI{_*CᨣiY=_bi~l]OV0??Eb7ttm]m澚qhFK-><Ǜ^\ν(_&S&W4Q*iv1۷vbm>\Z7bb,sRo^ϯuc)l}|l|5΋uшZmڈno_=UAevo[>.vz;n1XtŇ:hɰ%kdl_ڛz8ϛ^_,;֦~6K-ֺnnۏYЃ>`X*/LݛOO60v,.d Y7f|;4Ƿqa~_~}S[GQP ..k.:׷_8ѝٜn7r9OݻA{~כ:^ltD^5fnWrrgU›&DykuxZ/6ʨY;ż\YKżVperݖ4ی݀'&V R¥ԪaU4ykW,nb 6[XlW+ܨZ=.FZmi6ϾѺ6o< ߶CR6zWJJ<0܎j'7,|c;0 y rKðҘp٘,I Z8}K/簄uA_>fTȷFqzhhͯX;\# ? }ݰ90c/Zӕ?)}^2.>j_z *֪^^^oڥBTy7{ECo>*zrŷo޹g?8yTS '(Gޒ}ٿg/OG^ًUip-{=A^u;3=$GD#jP+8I͌HЄRӾObTO}1^)+*}&T )2J_q,,{5 jVMAI\ `Ǒ8R)ߥ67դOAYfe.^ RcUGҍM"[ uNʒpÏ61ceMY݂r *|} zl0M2V &n'R={#5]- VApsU>=}Tp Cp;Ɠ#RbyܨE/KJƜIP3N3 'CC8ά! jzygy)aGg)j6xX)y;Qx;Lni\j * YR_G= Zz\nQq j7"R ,",'PXk F:gי4uѶ5s:a]KӐp A<@ƪh\ JɄ;@lIIX[9U}@Y!2˓9|4o6&5d t#$Ћ x%zB:*,QFXfJ~ N<@L%I08ךp{N"q CA4FȦC Mb^Tz-biр1F"QПrTp{-'nͨ&7$M6%7)$ iO }lQzh-wA1{1|!gfn:.&F!l ޖ=4FD[,w2&aӢMG)\IOώc5"42~i$ O}ԝK!m`.6 a5-A8~Sm7S$P>aS\=H PA f@~e *l:G[ǧ)z[\zQiڟ4zGe"9;ݜx䀂U txUu$2t05XǙ%daFI<@9ci(vY8#r¹U8e$S… <#sozQe#lbC#?PZ)OJ{7'/pWÁ.@SI]X$}^(Q`beďt).Y9$@cjĨzҹإ!pH$te|$%-vBA6yNVh1Zyg''UvB{*m 1u;rot,>:kdޭZ n;vڅC^@\Ύvb8 =0uGqfG뭚 Aѵ-LfW3*ͮVvugkz׭Y?]^6- ztmW3:zi5KalǬv*euhQAGZ Q6 נlXtjY;шO &W;ӝe`,FLXzɨ^ψXױeWtv׵JYysm^k:4Y=:*`1|. ޵:^k7phr *LPsܟwp>i f&A{0]=ް*5b5L 6Xѱ,`s}ѐqO@cbÞBvY3J6v[wlMh̪n…1Őr^Jp*4*8nLFJĥNޔjl=B'dz)#VnAAbS AcΔEFfԣ]KVY<7Ī 油9 -r#P郲 /!қT٧Re5'}'5$1ZP&1XCY%P*dA΢%a3'EA64jIEjD *ZA^=N{Z3`9e$]JvrB.Q) WV,$`agB!""ϭZE Xz>ƴ"A(DDvmq0 TSs25)o(aF/'B `a4|q9 qca'UDy!UCPڛ)avl;"8 ["?ĴXJ] \V=v ;ʂylD \rȤx9jcSvdpڕocg$mGs0,( J-%8ȕO6US#F #1,wODB;&tK^p_NuA'#KJ~#ҺIGlo(aDeZp~N}=_@/W)0  gD6b8@LG0RRUo &zswJ #^K =xDAe[ JF($l!E"D=T1"%᧙ n5 O8"U8֋!ӑؙP$]^ro~.q~TBr+l(ُCr9d "Go!_8D IT 1?T kȿ׊dCkE$Kbo$s9qe1>M8%t9], ʹBw'8Ҁ-yOzѿe]@7օ(c!߰N0z^0lگWLoUcQ#FNa%Lԅa%E~ 'o>ۣ:%y) k<#♾0ӝ%vcue]ZߢiG',d mŝo^CLnvq?ȿO?p_17}9r$}"R\䟜_'@a,h4"J$T Ð = qTŝ8UIb܈R롞_fJOdQi37nG9 YV9Jr4 0b*JR=WncA1oá9k?X'%ytaѴh2x5QO0A5xѐ.NC}GG8~ ;U$XYQUycazD(V;uR(,YRqK$[$o{FrE l$,I]9DN|[IŠMdæ,k~{r "EVWU>B9HJoY@D;Ƙˉ_ݺ<U_kߜ0~ߤJhV,LZK|e9_pKw =A+R\=%M^_:LI\uH4X0;]!mVb0CH]&zHB C:?j";f@F~//(]bۉeն`j{버X7勎~wử iK$ : R~!a `s{9ցzJ\Qq/e7q' H<ݠ$5;\7d6\;A~6K[ν֧;Y|_j6mmx[v1#c_,&|)؎g+JWXKH_'Ӟpgz`|uAl;C:<ޟ/(1rN1A:iq {soC_3?mtM/I?k$r*<.j#|u1o[AEPo2B8u5—~OBGDq%h;<拦X.Q3`xwLn܍pMЂ<(UR񆙡/urWf:aiR~b 7ir"a_,[ZtL0$ff$g*` &=p-H&,r"4<B& 3 >IDBN~ p1qhDzUqK?Bsl[M`}BGx:{q%F>՞]%DQx{_wh(\83qN9 Z\,&t54ӢyuS;-QiY[ۗPmݕS`Տit~&.֕ignC2.ի 01M Suak=\!˔si%D b [xRw“GkrB/Fd~HP|eWMe_xz8;1o7 t5NXS*CyUd3Q$`!4ld/-P ( `w/-N IVnKY) Dci{;X&ҠLYfY(&U7܅ %KǴsU3\^V!_>ͧGČ s)NNFRG ) sXf[)j8blws6;Ƥ0Op{KxS zkHZvx%L5ע! 5^shinsd)5,tނ0ԐJ:J<'PMp6(㙎7YIDӯ uy»L:GR,( GU~^郒4#Ze9ᵊOR NO>QӤ%V(I^lSQ}B,=o)mԼm {8*~ +m'%; x,0yߑXCB/ 6MƢ}vaܸXsxDK;p{;M+u*X Px:߇I8$zpe/΢iW֎b!-9ıXpW{}>OӖ@u hр4,8*Zҧ3۬{V,ǵ=/~n b/@(a|ʹEhK'/ǵL,̯ D'3,w"gqv:eFbuwCZSGVJ4,ᣊx77YBz]# D9\Y:8jwNBPB<yrF@REJ0"v=NrLT B)9#G|$E@L񚦤n zc t"J\A*`:pR"rhm-K]@! ۠ɴǴFůEOOYf\fԢAS d>~!;DO"÷+ / c6 %|^)@UUcɐ:I˂bfې^RE_"TA rn" o (0571y+4RsD٪>˂ҖSXL#|*!PPr&G,- "\I S:E!#R ^ƍq6 fo#A1}^-Y`݌bRTLar^J~} ]IErC֑*~)}?VW'vEˢF`< wc C37 S؂w{3_K7t92? * >CTOy˯1јO" k ^On)KϢغhKĿ}T\af&ރ-Idd46w/r.]GٌEm1R^ JORO#D5yFxʌRf*V@X-sKUl 7昇@(oÌ vOL7rsLﱖ7"0N_ :}4}DU+2C*)1R%P 1U4 )"JvJT8xϢ4QK@m"b:2 $*|s9\VyVʠ|/Pg %^Sj@]B'8P;CQۀN+$Dan1JOuvR? :P N7⚩m#dLJ⑏B/]wY. 줴 ZK` L _0f,T Gދ% d}7|AHnER)r10$1y'ђA[X:_b:qˣAfB`_c1An 00y^x)J+4tKU qVъ`tyV):= D2q75$ֈP8*q PxSdCFR@W]a0ۀ)2+;?Fsv7JݘDk[ d6VsF*<~7Pf=O; QZiVl+t 6Q_ҊtR8cXIHEÀ=pzZU?,l`1'gE= ZکRuDr8|s&آq:bDh1zh(yAk*.xb,B]D27f3^+I]͚DjƈEn'sMJ1 szW wxl`{k?L N d<#6Z)ƫ#ěqX$P؅+.zYs 0#Og!/;J%Veक ,zFTk'Mf}g!U$3F9)cd8ep1 _Qx5>|hמv sݰ>7t B!yuL8ԦGZ ~_Jx?nS9.:v61ُ/pP6A3 ^l0_K;i-KxH#ےyLäwoޞ~w;U\me_Y=^-2!{GUSqCQ7ǁK#x9"/ZFE v UG6ܭv[;𯊖 XP62تAg$ʨS:x.tJd %PqqOMQ?WeWYd8\B%xu]yj C J.-=t\4=4\Ƴ+~c@ ~-W=.r9H6~m:j9IWEBy%#\m5o 9l=$|HrEZB= }Xn;B-brZUe#?Db?E"ACpicdD#yN9PsywN>. 0PoL˜~aIڰҋنU^pVYD8G14U9j׌ U+;[qcIPo@43p/r;()မ9] 4GN^\aC m| N pr D2o(c_O)Fglgh Z-\lJ#ҩj2Uה^FN?S??h la}zS!9>C~As c|m sº="=2^-_D) {KX8u=|w-WpОuCM-9M6{oܱdeo[Y٥5j6&W*jD~>rƛ׍Aw`gCC1AE̹wOymq d%K2˾-njE|]^ho`Pz>YmFPl`hn8&p Қ$Ƴ.F~ENDʑ̧ (QhD'ĎC_-]sOЩN, oSd`Ih1*L9[zھZ@S ]* >䃶e,pcoTU½c842' Ta, Ӥs#1%Ś֝z>M ]'nbn ݄]A/\:PTĵ;B,4H4*Px GI H։c({#Y=pg2RT!5G훛K i*4/2>QI,G͖%;9D.{^#d<9a@5?D]/gN3lb+uhѕGOo6Aؠ +kL]2˙IcTJ)l 9@Bg3 qa"$;$!VDCw0?.IR A#g oK=c ux$^Q9h=ۑx(`)MB YT,Q72"˕ӁCF0=70/UHO5íQ͵Q`bؕ ;KF&7,a{#bk{*[LK'r-5P;OnP_y4#rNP؞ WcTIJwux$qKfDRfj񪄍5CX|jMNWڎݯ?ܞګHN;ic, ߅5,j[Jf?YeD3^usgK/>Eѫ*n}ͬ{H^*X>diC&aqIVوۗ_%In6(?c<;Aoe`4Bott7Ł̸5C<<0.- e 4łtxִ!D|/l#IH H6g*[7]e?!w|i>LQ {t=Z &l6V00f*9;z 1*zCD,bTj==C:Ac0ddKU;l4x$adQJ8Aic`2\N$!\F2B?P3JBLq#_=hgAi6n\= e8^Ih+1 0һ_bkiV>dM':zxGb>n=4|he :j1C[ ̟%W/8w|7%K8×^a6qG(j5`rKp`aQq4[M+b ʡQFkt=xa]osSi( 4iC|oDHIٝ2XekHFԻMhb-t]Fz^n_)qہ'!( kxub:qsUs] >Z`?n0 mPʔTc?Y$7ڿ (h g5Y''`mW 3\ [jrePoY G`=jEV]}PV1+C";`ߠ )cϙI[ 'պlY䩨BruB epH҂Х$Yo"zM^ osa5G!&j0 YGc&[SiXlVXGn7cv[ gp9i 5!jmh`ۑ> 445R'=c(XiÊB0R2&bUm0$3L5sœ+Rd3_7{ˑY@ CV*,Z ZВ L:UPΤaBO[F'j` ECd&féd70" )/޺m5jh!!?"rjk`HBTߠwИ3$OK"QMhYn@=Mun?~_kvuǽgy|j6w{s-iAZ?BR |,uW`,.~ȸ%HմbwaŶ(X"0լk2k dn{!kW_ޞqst;z#D@a(wx׷~~}C$#˪UW~irX2#o< .ӤC !Tzw +/:QnGs%)!w"HnH a |5 wz⏋j^{6[,af8nübݠ.eed㹅´|K$I$#V9G,ɄGTpµ_01,W"e6IkU#뒘C[-Ib=tW DqdƵS$]*npzNvB =Q`%/^D0^σ7l6vx~p]^ޏP0@1GXcZ-V+}Z+W߻zޛddaob2n?J5vmӠWJeXPYBm=p\/,Ʋ^CJI)_+r1@ޑ#sGY[jYFC<H$a4KMMū!$ަ4c,$ꂪΨD^Wm3 >%Tp^R(f3UM>6m~(ڬuA]5šm^'H 3-ȡxw<>䃶|dī8 agHyX46,rO)vފT@"XqL0I U3i,8{o|aKܙ$58Á<C}bпH! >2gF5%U~hreﮃc|xÝnrfHa3k._'-2x4!ö{]7,\W^ԪfM)]y#@-ag)L2VMΩ,%& WĀfL{8{ҾwxnwUwmӈ$I[lьA'IGC(T$I~56$!|jB*Pp m~ǥ˰.*ZhT2>K{}$H@PِqY5bAoX5K{qH_L˫ 1`j!4-Jrd :Ă+ka]h%UCS#;7sV̋n LenoC l\w̤,yrD̸9&n9_#=Xu0ZOrfr\JM}sEIm5ɚ??ͪտn+IpP=$ v;?6 z;A'^aB+}1eyf|ثBD0E;55 @ x1W q_&C~7MNaJ F_,+ۅ28p+c4Բ]ö /H,Ġ>A3FtZJF}C:H@zE>,ƴǒq dRGNo'91%WD@*مJSa*qE~=$NCM{PSb:LM9,c^#q]ML.OϐS%_C$],JHȖ{ǽDWLW!vNARܓNb!eaz=X {crE.LOuB]ucuCB!=PCu8jc4YqK-CeuNJl#b-j[mUݭ(jmuB]uK9S5uE{ sPMC-ǭcZp9)5 ~bS:tx3`ټEa臨Ⱦt\p&|~jg*\~(r BmajsEeff T 6Sr/r-3e@[o`@s5ixnr!,rİՀfJA5p)BMOHxc7WӼk6JzkU5ڪ֪l)U6&6MR:C=sҘTt"Ct[ٺZ !öζZ} a8Zu 'VԪmsj8kU6mmZ} %[_gi}wRL(.~`}j4'ڥ7C'7zհo5 JݯPS d_4'j%} IZ!4z&Q'Ġ>٭>ytjwڔouJT WT ;5{[>O]Oit!=Fp\@' Szǐ2 7l qV RlvOĶ$`{S]1:qH.A'@`#۴-FYEip8&NЄ+V%4MkN#AǠ3+Ɠ nr+P)KE_L廓g4?&(Lqm!`krޜx SJwA9T=T8R6UV MEI?i[KX݃x"Puw~BcJ?ip RDi@ b+ \A^7C:m;{~>,SukMĶ @1 201y5֚ZK'_.)vT St|QOpz=<?ϟy<?ϟ> ؄!xca-RELEASE.2.2.1/doc/.gitignore0000644000175000017500000000006513614632167015453 0ustar tewardteward*.html xca.1 xca.1.gz xca_db_stat.1 xca_db_stat.1.gz xca-RELEASE.2.2.1/lib/0000755000175000017500000000000013614632167013463 5ustar tewardtewardxca-RELEASE.2.2.1/lib/pki_pkcs12.cpp0000644000175000017500000000716513614632167016146 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "pki_pkcs12.h" #include "pass_info.h" #include "exception.h" #include "func.h" #include "widgets/PwDialog.h" #include #include #include "openssl_compat.h" pki_pkcs12::pki_pkcs12(const QString &d, pki_x509 *acert, pki_evp *akey) :pki_base(d) { key = new pki_evp(akey); cert = new pki_x509(acert); certstack = sk_X509_new_null(); pki_openssl_error(); } pki_pkcs12::pki_pkcs12(const QString &fname) :pki_base(fname) { Passwd pass; EVP_PKEY *mykey = NULL; X509 *mycert = NULL; key=NULL; cert=NULL; certstack = sk_X509_new_null(); pass_info p(XCA_TITLE, tr("Please enter the password to decrypt the PKCS#12 file:\n%1").arg(compressFilename(fname))); XFile file(fname); file.open_read(); PKCS12 *pkcs12 = d2i_PKCS12_fp(file.fp(), NULL); if (pki_ign_openssl_error()) { if (pkcs12) PKCS12_free(pkcs12); throw errorEx(tr("Unable to load the PKCS#12 (pfx) file %1.").arg(fname)); } if (PKCS12_verify_mac(pkcs12, "", 0) || PKCS12_verify_mac(pkcs12, NULL, 0)) pass.clear(); else if (PwDialog::execute(&p, &pass) != 1) { /* cancel pressed */ PKCS12_free(pkcs12); throw errorEx("","", E_PASSWD); } PKCS12_parse(pkcs12, pass.constData(), &mykey, &mycert, &certstack); int error = ERR_peek_error(); if (ERR_GET_REASON(error) == PKCS12_R_MAC_VERIFY_FAILURE) { pki_ign_openssl_error(); PKCS12_free(pkcs12); throw errorEx(getClassName(), tr("The supplied password was wrong (%1)") .arg(ERR_reason_error_string(error)), E_PASSWD); } pki_ign_openssl_error(); if (mycert) { unsigned char *str = X509_alias_get0(mycert, NULL); if (str) alias = QString::fromUtf8((const char *)str); alias = QString::fromUtf8(alias.toLatin1()); cert = new pki_x509(mycert); if (alias.isEmpty()) { cert->autoIntName(fname); } else { cert->setIntName(alias); } alias = cert->getIntName(); cert->pkiSource = imported; } if (mykey) { key = new pki_evp(mykey); key->setIntName(alias + "_key"); key->pkiSource = imported; } PKCS12_free(pkcs12); } pki_pkcs12::~pki_pkcs12() { if (sk_X509_num(certstack) > 0) { // free the certs itself, because we own a copy of them sk_X509_pop_free(certstack, X509_free); } if (key) delete key; if (cert) delete cert; pki_openssl_error(); } void pki_pkcs12::addCaCert(pki_x509 *ca) { if (!ca) return; sk_X509_push(certstack, X509_dup(ca->getCert())); pki_openssl_error(); } void pki_pkcs12::writePKCS12(XFile &file) const { Passwd pass; pass_info p(XCA_TITLE, tr("Please enter the password to encrypt the PKCS#12 file")); PKCS12 *pkcs12; if (cert == NULL || key == NULL) my_error(tr("No key or no Cert and no pkcs12")); if (PwDialog::execute(&p, &pass, true) != 1) return; pkcs12 = PKCS12_create(pass.data(), getIntName().toUtf8().data(), key->decryptKey(), cert->getCert(), certstack, 0, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, 0, 0, 0); i2d_PKCS12_fp(file.fp(), pkcs12); pki_openssl_error(); PKCS12_free(pkcs12); } int pki_pkcs12::numCa() { int n= sk_X509_num(certstack); pki_openssl_error(); return n; } pki_key *pki_pkcs12::getKey() { return key ? new pki_evp(key) : NULL; } pki_x509 *pki_pkcs12::getCert() { return cert ? new pki_x509(cert) : NULL; } pki_x509 *pki_pkcs12::getCa(int x) { pki_x509 *cert = NULL; X509 *crt = X509_dup(sk_X509_value(certstack, x)); if (crt) { cert = new pki_x509(crt); if (alias.isEmpty()) { cert->autoIntName(QString()); } else { cert->setIntName(QString(alias + "_ca_%1").arg(x)); } cert->pkiSource = imported; } pki_openssl_error(); return cert; } xca-RELEASE.2.2.1/lib/ipvalidator.h0000644000175000017500000000233413614632167016154 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2018 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __IPVALIDATOR_H #define __IPVALIDATOR_H #include #include #include #include /* Validating IPv4/6 is not as trivial as thought. * - The QHostAddress class requires the network library * and i don't want to add many megabytes for this validator * - I failed to and actually don't want to write my own validator * as there are already thoroughly tested functions. * - inet_pton() does what I want, but * on Windows there is no inet_pton(). * - Openssl validates the result anyway. * So we reduce the validation on windows to the RegEx */ #if !defined(Q_OS_WIN32) #include unsigned char buf[sizeof(struct in6_addr)]; #else #define inet_pton(a,b,c) (1) #endif class ipValidator : public QValidator { public: QValidator::State validate(QString &input, int&) const { if (!QRegExp("[0-9a-fA-F:\\.]*").exactMatch(input)) return Invalid; return inet_pton(AF_INET, CCHAR(input), buf) == 1 || inet_pton(AF_INET6, CCHAR(input), buf) == 1 ? Acceptable : Intermediate; } void fixup(QString &input) const { input = input.toLower(); } }; #endif xca-RELEASE.2.2.1/lib/sql.h0000644000175000017500000000376613614632167014447 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2017 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __SQL_H #define __SQL_H #include #include #define SQL_PREPARE(q,cmd) do { \ (q).prepare(cmd); \ (q).location(__FILE__,__LINE__); \ } while (0) class DbTransaction { private: static int mutex; static int error; static QList items; static bool hasTransaction; bool has_begun; void debug(const char *func, const char *file, int line); bool finish(const char *oper, const char *file, int line); public: DbTransaction(); ~DbTransaction(); bool begin(const char *file, int line); bool commit(const char *file, int line); bool rollback(const char *file, int line); bool done(QSqlError e, const char *file, int line); static quint64 DatabaseStamp; static bool active() { return mutex > 0; } static void addItems(QVariant v) { items << v.toULongLong(); } static void setHasTransaction(bool trans) { hasTransaction = trans; } }; #define Transaction DbTransaction __trans #define TransBegin() __trans.begin(__FILE__, __LINE__) #define TransThrow() if (!__trans.begin(__FILE__, __LINE__)) { \ throw errorEx(QObject::tr("Failed to start a database transaction")); } #define TransCommit() __trans.commit(__FILE__, __LINE__) #define TransRollback() __trans.rollback(__FILE__, __LINE__) #define TransDone(e) __trans.done(e, __FILE__, __LINE__); #define AffectedItems(v) (DbTransaction::addItems(v)) class XSqlQuery: public QSqlQuery { private: QString lastq, query; const char *file; int line; QString rewriteQuery(QString query); static QString table_prefix; public: XSqlQuery(); XSqlQuery(QString q); static int schemaVersion(); static void setTablePrefix(QString p) { table_prefix = p; } static void clearTablePrefix() { table_prefix.clear(); } QString query_details(); QSqlError lastError(); bool exec(QString q); bool exec(); bool prepare(QString q); void location(const char *f, int l); }; #endif xca-RELEASE.2.2.1/lib/x509name.cpp0000644000175000017500000001273013614632167015540 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include #include "x509name.h" #include "base.h" #include "func.h" #include #include #include "exception.h" x509name::x509name() { xn = X509_NAME_new(); } x509name::x509name(const X509_NAME *n) { xn = X509_NAME_dup((X509_NAME *)n); } x509name::x509name(STACK_OF(X509_NAME_ENTRY) *entries) { xn = NULL; set(entries); } x509name::x509name(const x509name &n) { xn = NULL; set(n.xn); } x509name::~x509name() { X509_NAME_free(xn); } x509name &x509name::set(const X509_NAME *n) { if (xn != NULL) X509_NAME_free(xn); xn = X509_NAME_dup((X509_NAME *)n); return *this; } x509name &x509name::set(const STACK_OF(X509_NAME_ENTRY) *entries) { if (xn != NULL) X509_NAME_free(xn); xn = X509_NAME_new(); if (xn && entries) { int count = sk_X509_NAME_ENTRY_num(entries); for (int i = 0; i < count; i++) { X509_NAME_ENTRY *entry = sk_X509_NAME_ENTRY_value(entries, i); X509_NAME_add_entry(xn, entry, -1, 0); } } return *this; } QString x509name::oneLine(unsigned long flags) const { QString ret; long l; const char *p; BIO *mem = BIO_new(BIO_s_mem()); X509_NAME_print_ex(mem, xn, 0, flags); l = BIO_get_mem_data(mem, &p); ret = ret.fromUtf8(p,l); BIO_free(mem); return ret; } QString x509name::getEntryByNid(int nid) const { int i = X509_NAME_get_index_by_NID(xn, nid, -1); if (i < 0) return QString(); return getEntry(i); } QString x509name::getMostPopular() const { static const int nids[] = { NID_commonName, NID_pkcs9_emailAddress, NID_organizationalUnitName, NID_organizationName }; int pos = -1; for (unsigned i = 0; i < ARRAY_SIZE(nids) && pos < 0; i++) { pos = X509_NAME_get_index_by_NID(xn, nids[i], -1); } if (pos < 0) pos = 0; return getEntry(pos); } QString x509name::getEntry(int i) const { QString ret; ASN1_STRING *d; if ( i<0 || i>entryCount() ) return ret; d = X509_NAME_ENTRY_get_data(X509_NAME_get_entry(xn,i)); return asn1ToQString(d); } QString x509name::getEntryTag(int i) const { QString s = QObject::tr("Invalid"); ASN1_STRING *d; if (i<0 || i>=entryCount()) i = entryCount() - 1; d = X509_NAME_ENTRY_get_data(X509_NAME_get_entry(xn,i)); if (!d) return s; s = ASN1_tag2str(d->type); return s; } QString x509name::popEntryByNid(int nid) { int i = X509_NAME_get_index_by_NID(xn, nid, -1); if (i < 0) return QString(); QString n = getEntry(i); X509_NAME_delete_entry(xn, i); return n; } QString x509name::hash() const { return QString("%1").arg(X509_NAME_hash(xn), 8, 16, QChar('0')); } /* 32 bit signed integer */ unsigned long x509name::hashNum() const { return X509_NAME_hash(xn) & 0x7fffffffL; } QStringList x509name::entryList(int i) const { QStringList sl; int n = nid(i); if (n == NID_undef) { QString oid = getOid(i); sl << oid << oid; } else { sl << OBJ_nid2sn(n) << OBJ_nid2ln(n); } sl << getEntry(i) << getEntryTag(i); return sl; } int x509name::nid(int i) const { X509_NAME_ENTRY *ne; ne = X509_NAME_get_entry(xn, i); if (ne == NULL) return NID_undef; return OBJ_obj2nid(X509_NAME_ENTRY_get_object(ne)); } QString x509name::getOid(int i) const { X509_NAME_ENTRY *ne; ne = X509_NAME_get_entry(xn, i); if (ne == NULL) return QString(); return OBJ_obj2QString(X509_NAME_ENTRY_get_object(ne), 1); } void x509name::d2i(QByteArray &ba) { X509_NAME *n = (X509_NAME*)d2i_bytearray(D2I_VOID(d2i_X509_NAME), ba); if (n) { X509_NAME_free(xn); xn = n; } } QByteArray x509name::i2d() const { return i2d_bytearray(I2D_VOID(i2d_X509_NAME), xn); } bool x509name::operator == (const x509name &x) const { return (X509_NAME_cmp(xn, x.xn) == 0); } bool x509name::operator != (const x509name &x) const { return (X509_NAME_cmp(xn, x.xn) != 0); } x509name &x509name::operator = (const x509name &x) { set(x.xn); return *this; } int x509name::entryCount() const { return X509_NAME_entry_count(xn); } int x509name::getNidByName(const QString &nid_name) { return OBJ_txt2nid(nid_name.toLatin1()); } QString x509name::checkLength() const { ASN1_STRING_TABLE *tab; int i, max = entryCount(); QString warn; for (i=0; iminsize > entry.size()) { warn += QObject::tr("%1 is shorter than %2 bytes: '%3'"). arg(OBJ_nid2ln(n)).arg(tab->maxsize).arg(entry); warn += "\n"; } if ((tab->maxsize != -1) && (tab->maxsize < entry.size())) { warn += QObject::tr("%1 is longer than %2 bytes: '%3'"). arg(OBJ_nid2ln(n)).arg(tab->maxsize).arg(entry); warn += "\n"; } } return warn; } bool x509name::search(const QRegExp &pattern) const { int i, max = entryCount(); for (i=0; itype, a->data, a->length, -1, 0); ASN1_STRING_free(a); openssl_error(QString("'%1' (%2)").arg(entry).arg(OBJ_nid2ln(nid))); } X509_NAME *x509name::get() const { return X509_NAME_dup(xn); } const X509_NAME *x509name::get0() const { return xn; } xca-RELEASE.2.2.1/lib/db_base.h0000644000175000017500000001233213614632167015214 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __DB_BASE_H #define __DB_BASE_H #include #include "db.h" #include "base.h" #include "load_obj.h" #include #include #include #include #include #include #include "widgets/ExportDialog.h" #include "pki_base.h" #include "headerlist.h" #define FOR_ALL_pki(pki, pki_type) \ for(pki_type *pki=(pki_type*)rootItem->iterate(); pki; pki=(pki_type*)pki->iterate()) #define X_XCA_DRAG_DATA "application/x-xca-drag-data" class MainWindow; class QContextMenuEvent; class XcaTreeView; class NewX509; class db_base: public QAbstractItemModel { Q_OBJECT protected: static QHash lookup; int secondsTimer, minutesTimer, hoursTimer; void _writePKI(pki_base *pki, bool overwrite); void _removePKI(pki_base *pki ); void removeItem(QString k); QList pkitype; QList pkitype_depends; MainWindow *mainwin; QString class_name; /* Sql table containing the 'hash' of this items */ QString sqlHashTable; dbheaderList allHeaders; virtual dbheaderList getHeaders(); int colResizing; QString sqlItemSelector(); void updateItem(pki_base *pki, QString name, QString comment); virtual exportType::etype clipboardFormat(QModelIndexList) const { return exportType::Separator; } bool isValidCol(int col) const; static XSqlQuery sqlSELECTpki(QString query, QList values = QList()); void timerEvent(QTimerEvent *event); void restart_timer(); public: template static T *lookupPki(quint64 i) { T *pki = dynamic_cast(lookup[i]); if (!pki && i > 0) { pki_base *p = lookup[i]; QString f = QString("Invalid Type of ItemId(%1) %2 %3." " Expected to be %4.") .arg(i).arg(typeid(p).name()) .arg(p?p->getIntName() : "") .arg(typeid(T*).name()); qCritical("%s", CCHAR(f)); } return pki; } template static T *lookupPki(QVariant v) { return lookupPki(v.toULongLong()); } static void flushLookup() { lookup.clear(); } template static QList sqlSELECTpki(QString query, QList values = QList()) { XSqlQuery q = sqlSELECTpki(query, values); QList x; while (q.next()) { T *pki = lookupPki(q.value(0)); if (pki) x << pki; } return x; } virtual pki_base *newPKI(enum pki_type type = none); pki_base *rootItem; db_base(MainWindow *mw); virtual void updateHeaders(); virtual ~db_base(); virtual void insertPKI(pki_base *pki); pki_base *getByName(QString desc); pki_base *getByReference(pki_base *refpki); virtual void loadContainer(); void reloadContainer(const QList &typelist); template QList getAll() { return sqlSELECTpki( QString("SELECT item FROM %1") .arg(sqlHashTable)); } virtual pki_base* insert(pki_base *item); virtual void inToCont(pki_base *pki); virtual void remFromCont(const QModelIndex &idx); QPixmap *loadImg(const char *name); void dump(const QString &dirname) const; QModelIndex index(int row, int column, const QModelIndex &parent)const; QModelIndex index(pki_base *pki)const; QModelIndex parent(const QModelIndex &index) const; int rowCount(const QModelIndex &parent) const; int columnCount(const QModelIndex &parent) const; QVariant data(const QModelIndex &index, int role) const; QVariant headerData(int section, Qt::Orientation orientation, int role) const; Qt::ItemFlags flags(const QModelIndex &index) const; bool setData(const QModelIndex &index, const QVariant &value, int role); void deleteSelectedItems(QModelIndexList indexes); void load_default(load_base &load); void insertChild(pki_base *parent, pki_base *child); void createSuccess(pki_base *pki); bool columnHidden(int col) const; virtual void saveHeaderState(); void initHeaderView(QHeaderView *hv); void setVisualIndex(int i, int visualIndex); bool fixedHeaderSize(int sect); void colResizeStart() { colResizing++; } void colResizeEnd() { colResizing--; } virtual void store(QModelIndexList indexes); virtual void store(QModelIndex index) { (void)index; }; dbheaderList getAllHeaders() { return allHeaders; } void pem2clipboard(QModelIndexList indexes) const; QString pem2QString(QModelIndexList indexes) const; void deletePKI(QModelIndex idx); QMimeData *mimeData(const QModelIndexList &indexes) const; void editComment(const QModelIndex &index); void emitDataChanged(pki_base *pki); bool containsType(enum pki_type t) const; void writeVcalendar(XFile &file, QStringList vcal) const; public slots: virtual void newItem() { } virtual void load() { } void columnResetDefaults(); virtual void showPki(pki_base *) {}; virtual void showItem(const QModelIndex &index); virtual void showItem(const QString keyname); void sectionResized(int i, int, int newSize); void sortIndicatorChanged(int, Qt::SortOrder); signals: void connNewX509(NewX509 *dlg); void resetHeader(); void updateHeader(); void columnsContentChanged(); void pkiChanged(pki_base *pki); }; #endif xca-RELEASE.2.2.1/lib/pki_multi.cpp0000644000175000017500000000632213614632167016167 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "pki_multi.h" #include "pki_x509.h" #include "pki_key.h" #include "pki_x509req.h" #include "pki_pkcs7.h" #include "pki_pkcs12.h" #include "pki_crl.h" #include "pki_temp.h" #include "load_obj.h" #include "exception.h" #include "func.h" #include "xfile.h" #include "widgets/MainWindow.h" #include pki_multi::pki_multi(const QString name) :pki_base(name) { multi.clear(); } pki_multi::~pki_multi() { pki_base *pki; while ((pki = pull())) delete pki; } pki_base *pki_multi::pull() { if (multi.isEmpty()) return NULL; return multi.takeFirst(); } #define D5 "-----" #define BEGIN D5 "BEGIN " /* General PEM loader */ static pki_base *pkiByPEM(QString text, int *skip) { int pos = text.indexOf(BEGIN); if (skip) *skip = pos; if (pos < 0) return NULL; text = text.remove(0, pos + sizeof(BEGIN)-1); if (text.startsWith(PEM_STRING_X509_OLD D5) || text.startsWith(PEM_STRING_X509 D5) || text.startsWith(PEM_STRING_X509_TRUSTED D5)) return new pki_x509(); if (text.startsWith(PEM_STRING_PKCS7 D5)) return new pki_pkcs7(); if (text.startsWith(PEM_STRING_X509_REQ_OLD D5) || text.startsWith(PEM_STRING_X509_REQ D5)) return new pki_x509req(); if (text.startsWith(PEM_STRING_X509_CRL D5)) return new pki_crl(); if (text.startsWith(PEM_STRING_XCA_TEMPLATE D5)) return new pki_temp(); if (text.startsWith(PEM_STRING_EVP_PKEY D5) || text.startsWith(PEM_STRING_PUBLIC D5) || text.startsWith(PEM_STRING_RSA D5) || text.startsWith(PEM_STRING_RSA_PUBLIC D5) || text.startsWith(PEM_STRING_DSA D5) || text.startsWith(PEM_STRING_DSA_PUBLIC D5) || text.startsWith(PEM_STRING_ECDSA_PUBLIC D5) || text.startsWith(PEM_STRING_ECPRIVATEKEY D5) || text.startsWith(PEM_STRING_PKCS8 D5) || text.startsWith(PEM_STRING_PKCS8INF D5)) return new pki_evp(); return NULL; } void pki_multi::fload(const QString &fname) { XFile file(fname); QByteArray ba; file.open_read(); ba = file.readAll(); fromPEMbyteArray(ba, fname); }; void pki_multi::fromPEMbyteArray(const QByteArray &_ba, const QString &name) { pki_base *item = NULL; int startpos; QByteArray ba = _ba; for (;;) { try { item = pkiByPEM(QString::fromLatin1(ba), &startpos); if (!item) break; ba.remove(0, startpos); item->fromPEMbyteArray(ba, name); item->pkiSource = imported; openssl_error(); multi.append(item); } catch (errorEx &err) { MainWindow::Error(err); if (item) delete item; item = NULL; } ba.remove(0, sizeof BEGIN -1); } if (multi.size() == 0) throw errorEx(tr("No known PEM encoded items found")); } void pki_multi::probeAnything(const QString &fname) { pki_base *item = NULL; load_base *lb; QList lbs; lbs << new load_pem() << new load_cert() << new load_pkcs7() << new load_pkcs12() << new load_crl() << new load_req() << new load_key() << new load_temp(); foreach(lb, lbs) { try { item = lb->loadItem(fname); if (item) { multi.append(item); break; } } catch (errorEx &err) { if (err.info == E_PASSWD) { MainWindow::Error(err); break; } } } while (!lbs.isEmpty()) delete lbs.takeFirst(); } xca-RELEASE.2.2.1/lib/func.h0000644000175000017500000000513213614632167014570 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2012 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __FUNC_H #define __FUNC_H #include #include #include #include #include #include #include "base.h" #include #include #include class Validity; extern QString currentDB; QPixmap *loadImg(const char *name); int portable_app(); const QString getPrefix(); const QString getHomeDir(); const QString getLibDir(); const QString getDocDir(); const QString getUserSettingsDir(); const QString getI18nDir(); QString relativePath(QString path); QString getFullFilename(const QString &filename, const QString &selectedFilter); const QStringList getLibExtensions(); QString hostId(); QString formatHash(const QByteArray &data, QString sep = ":", int width = 2); QByteArray filename2bytearray(const QString &fname); QString filename2QString(const char *fname); QString compressFilename(QString filename, int maxlen = 50); QString asn1ToQString(const ASN1_STRING *str, bool quote = false); ASN1_STRING *QStringToAsn1(QString s, int nid); QByteArray Digest(const QByteArray &data, const EVP_MD *type); QString fingerprint(const QByteArray &data, const EVP_MD *type); const char *OBJ_ln2sn(const char *ln); const char *OBJ_sn2ln(const char *sn); const char *OBJ_obj2sn(ASN1_OBJECT *a); QString OBJ_obj2QString(const ASN1_OBJECT *a, int no_name = 0); void inc_progress_bar(int, int, void *p); extern QMap dn_translations; void dn_translations_setup(); #define openssl_error(x) _openssl_error(QString(x), C_FILE, __LINE__) #define ign_openssl_error(x) _ign_openssl_error(QString(x), C_FILE, __LINE__) void _openssl_error(const QString txt, const char *file, int line); bool _ign_openssl_error(const QString txt, const char *file, int line); QByteArray i2d_bytearray(int(*i2d)(const void*, unsigned char**), const void*); void *d2i_bytearray(void *(*d2i)(void*, unsigned char**, long), QByteArray &ba); #define I2D_VOID(a) ((int (*)(const void *, unsigned char **))(a)) #define D2I_VOID(a) ((void *(*)(void *, unsigned char **, long))(a)) #define QString2filename(str) filename2bytearray(str).constData() static inline QString htmlEscape(const QString &html) { #if QT_VERSION < 0x050000 return Qt::escape(html); #else return html.toHtmlEscaped(); #endif } static inline BIO *BIO_from_QByteArray(const QByteArray &ba) { return BIO_new_mem_buf((void*)ba.constData(), ba.length()); } QString appendXcaComment(QString current, QString msg); /* from version.cpp */ const char *version_str(bool html); #endif xca-RELEASE.2.2.1/lib/pki_pkcs7.h0000644000175000017500000000153313614632167015530 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_PKCS7_H #define __PKI_PKCS7_H #include "pki_x509.h" class pki_pkcs7: public pki_base { Q_OBJECT friend class pki_x509; protected: PKCS7 *p7; STACK_OF(X509) *getCertStack(); void signBio(pki_x509 *crt, BIO * bio); void encryptBio(pki_x509 *crt, BIO * bio); public: pki_pkcs7(const QString name = ""); virtual ~pki_pkcs7(); void signFile(pki_x509 *crt, QString filename); void signCert(pki_x509 *crt, pki_x509 *contCert); void encryptFile(pki_x509 *crt, QString filename); void writeP7(XFile &file, bool PEM) const; void fromPEM_BIO(BIO *bio, const QString &name); void fload(const QString &fname); pki_x509 *getCert(int x); void addCert(pki_x509 *crt); int numCert(); // number of certs; }; #endif xca-RELEASE.2.2.1/lib/main.cpp0000644000175000017500000001470713614632167015124 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #include #include #include #include #include #include #include #include #include #include #include "widgets/MainWindow.h" #include "widgets/OpenDb.h" #include "lib/func.h" #include "lib/db.h" #include "lib/main.h" #include "lib/entropy.h" #if defined(Q_OS_WIN32) //For the segfault handler #include #endif QLocale XCA_application::lang = QLocale::system(); QFont XCA_application::tableFont; QList XCA_application::langAvail; void XCA_application::setMainwin(MainWindow *m) { mainw = m; } bool XCA_application::languageAvailable(QLocale l) { return langAvail.contains(l); } static QString defaultlang() { return getUserSettingsDir() + QDir::separator() + "defaultlang"; } XCA_application::XCA_application(int &argc, char *argv[]) :QApplication(argc, argv) { qtTr = NULL; xcaTr = NULL; mainw = NULL; QFile file(defaultlang()); if (file.open(QIODevice::ReadOnly)) { lang = QLocale(QString(file.read(128))); } langAvail << QLocale::system(); langAvail << QString("en"); QDirIterator qmIt(getI18nDir(), QStringList() << "*.qm", QDir::Files); while (qmIt.hasNext()) { XcaTranslator t; qmIt.next(); QString language = qmIt.fileInfo().baseName().mid(4, -1); if (t.load(language, "xca", getI18nDir())) langAvail << QLocale(language); } setupLanguage(lang); #ifdef Q_OS_MAC QStringList libp = libraryPaths(); libp.prepend(applicationDirPath() + "/../Plugins"); setLibraryPaths(libp); #endif tableFont = QFont("Courier", QApplication::font().pointSize() #if defined (Q_OS_WIN32) +1 #else +2 #endif ); installEventFilter(this); } void XCA_application::setupLanguage(QLocale l) { QStringList dirs; lang = l; if (qtTr) { removeTranslator(qtTr); delete qtTr; } qtTr = new XcaTranslator(); if (xcaTr) { removeTranslator(xcaTr); delete xcaTr; } xcaTr = new XcaTranslator(); dirs #ifdef XCA_DEFAULT_QT_TRANSLATE << XCA_DEFAULT_QT_TRANSLATE #endif << getI18nDir() #ifndef WIN32 #if (QT_VERSION >= QT_VERSION_CHECK(5, 0, 0)) << "/usr/local/share/qt5/translations/" << "/usr/share/qt5/translations/" #else << "/usr/local/share/qt4/translations/" << "/usr/share/qt4/translations/" #endif << "/usr/share/qt/translations/" #endif ; qDebug() << "Setup language: " << lang; foreach(QString dir, dirs) { if (qtTr->load(lang, "qt", dir)) { break; } } xcaTr->load(lang, "xca", getI18nDir()); QLocale::setDefault(l); installTranslator(qtTr); installTranslator(xcaTr); if (mainw) mainw->initResolver(); } void XCA_application::quit() { if (mainw) mainw->close(); } void XCA_application::switchLanguage(QAction* a) { QLocale lang = a->data().toLocale(); setupLanguage(lang); QFile file(defaultlang()); if (lang == QLocale::system()) { file.remove(); return; } if (file.open(QIODevice::WriteOnly)) { file.write(lang.name().toUtf8()); } } bool XCA_application::eventFilter(QObject *watched, QEvent *ev) { static int mctr; QMouseEvent *me; QStringList l; XcaTreeView *treeview; int key; switch (ev->type()) { case QEvent::FileOpen: l << static_cast(ev)->file(); mainw->openURLs(l); return true; case QEvent::MouseMove: case QEvent::NonClientAreaMouseMove: if (mctr++ > 8) { me = static_cast(ev); entropy.add(me->globalX()); entropy.add(me->globalY()); mctr = 0; } break; case QEvent::KeyPress: key = static_cast(ev)->key(); if (key < 0x100) { entropy.add(key); } break; case QEvent::MouseButtonPress: me = static_cast(ev); treeview = watched ? dynamic_cast(watched->parent()) : NULL; if ((watched == mainw || treeview) && me->button() == Qt::MidButton && QApplication::clipboard()->supportsSelection()) { mainw->pastePem(); return true; } break; default: break; } return false; } bool XCA_application::notify(QObject* receiver, QEvent* event) { try { return QApplication::notify(receiver, event); } catch (errorEx &err) { mainw->Error(err); } catch (...) { qDebug() << QString("Event exception: ") << receiver << event; abort(); } return false; } XCA_application::~XCA_application() { } char segv_data[1024]; #if defined(Q_OS_WIN32) static LONG CALLBACK w32_segfault(LPEXCEPTION_POINTERS e) { if (e->ExceptionRecord->ExceptionCode == EXCEPTION_ACCESS_VIOLATION) { if (segv_data[0]) { XCA_WARN(QString(segv_data)); abort(); } return EXCEPTION_CONTINUE_EXECUTION; } else return EXCEPTION_CONTINUE_SEARCH; } #else static void segv_handler_gui(int) { if (segv_data[0]) XCA_WARN(QString(segv_data)); abort(); } #endif #define CYAN "\x1b[0;36m" #define LRED "\x1b[0;92m" #define YELL "\x1b[0;33m" #define RED "\x1b[0;31m" #define RESET "\x1b[0m" void myMsgOutput(QtMsgType type, const char *msg) { static QTime *t; static int debug; if (!t) { char *d = getenv("XCA_DEBUG"); t = new QTime(); t->start(); if (d && *d) debug = 1; } int el = t->elapsed(); const char *severity = "Unknown"; switch (type) { case QtDebugMsg: if (!debug) return; severity = CYAN "Debug"; break; case QtWarningMsg: severity = LRED "Warning"; break; case QtCriticalMsg: severity = RED "Critical"; break; case QtFatalMsg: severity = RED "Fatal"; break; #if QT_VERSION >= 0x050000 case QtInfoMsg: severity = CYAN "Info"; break; #endif default: severity = CYAN "Default"; break; } fprintf(stderr, YELL "% 4d.%02d %s:" RESET " %s\n", el/1000, (el%1000)/100, severity, msg); } #if QT_VERSION >= 0x050000 void myMessageOutput(QtMsgType t, const QMessageLogContext &, const QString &m) { myMsgOutput(t, CCHAR(m)); } #endif int main( int argc, char *argv[] ) { int ret = 0; MainWindow *mw; QDir d; #if defined(Q_OS_WIN32) SetUnhandledExceptionFilter(w32_segfault); #else signal(SIGSEGV, segv_handler_gui); #endif d.mkpath(getUserSettingsDir()); #if QT_VERSION < 0x050000 qInstallMsgHandler(myMsgOutput); #else qInstallMessageHandler(myMessageOutput); #endif XCA_application a(argc, argv); mw = new MainWindow(NULL); try { a.setMainwin(mw); OpenDb::checkSqLite(); mw->read_cmdline(argc, argv); if (mw->exitApp == 0) { mw->load_history(); if (mw->open_default_db() != 2) { mw->show(); ret = a.exec(); } } } catch (errorEx &ex) { mw->Error(ex); } delete mw; return ret; } xca-RELEASE.2.2.1/lib/pki_temp.cpp0000644000175000017500000003101113614632167015773 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "pki_temp.h" #include "func.h" #include "db.h" #include "exception.h" #include "widgets/MainWindow.h" #include #include #include #define TEMPLATE_DS_VERSION (QDataStream::Qt_4_2) QList pki_temp::tmpl_keys = QList() << "subAltName" << "issAltName" << "crlDist" << "authInfAcc" << "nsCertType" << "nsComment" << "nsBaseUrl" << "nsRevocationUrl" << "nsCARevocationUrl" << "nsRenewalUrl" << "nsCaPolicyUrl" << "nsSslServerName" << "ca" << "bcCritical" << "ekuCritical" << "kuCritical" << "subKey" << "authKey" << "basicPath" << "validN" << "validM" << "validMidn" << "keyUse" << "eKeyUse" << "adv_ext" << "noWellDefinedExpDate"; QPixmap *pki_temp::icon = NULL; pki_temp::pki_temp(const pki_temp *pk) :pki_x509name(pk->desc) { pkiType = pk->pkiType; pre_defined = false; xname = pk->xname; settings = pk->settings; } pki_temp::pki_temp(const QString d) :pki_x509name(d) { pkiType = tmpl; pre_defined = false; foreach(QString key, tmpl_keys) { settings[key] = QString(); } settings["nsComment"] = "xca certificate"; settings["validN"] = "365"; } QString pki_temp::comboText() const { return pre_defined ? QString("[default] ") + pki_base::comboText() : pki_base::comboText(); } QSqlError pki_temp::insertSqlData() { XSqlQuery q; QSqlError e = pki_x509name::insertSqlData(); if (e.isValid()) return e; SQL_PREPARE(q, "INSERT INTO templates (item, version, template) " "VALUES (?, ?, ?)"); q.bindValue(0, sqlItemId); q.bindValue(1, TMPL_VERSION); q.bindValue(2, toB64Data()); q.exec(); return q.lastError(); } void pki_temp::restoreSql(const QSqlRecord &rec) { pki_base::restoreSql(rec); int version = rec.value(VIEW_temp_version).toInt(); QByteArray ba = QByteArray::fromBase64( rec.value(VIEW_temp_template).toByteArray()); fromData(ba, version); } QSqlError pki_temp::deleteSqlData() { XSqlQuery q; QSqlError e = pki_x509name::deleteSqlData(); if (e.isValid()) return e; SQL_PREPARE(q, "DELETE FROM templates WHERE item=?"); q.bindValue(0, sqlItemId); q.exec(); return q.lastError(); } QString pki_temp::getMsg(msg_type msg) const { /* * We do not construct english sentences from fragments * to allow proper translations. * * %1 will be replaced by the internal name of the template */ switch (msg) { case msg_import: return tr("Successfully imported the XCA template '%1'"); case msg_delete: return tr("Delete the XCA template '%1'?"); case msg_create: return tr("Successfully created the XCA template '%1'"); /* %1: Number of ktemplates; %2: list of templatenames */ case msg_delete_multi: return tr("Delete the %1 XCA templates: %2?"); } return pki_base::getMsg(msg); } x509name pki_temp::getSubject() const { return xname; } static int bitsToInt(extList &el, int nid, bool *crit) { int ret = 0, i = el.idxByNid(nid); if (i != -1) { if (crit) *crit = el[i].getCritical(); ASN1_BIT_STRING *bits; bits = (ASN1_BIT_STRING *)el[i].d2i(); for (int j=0; j<9; j++) { if (ASN1_BIT_STRING_get_bit(bits, j)) ret |= 1 << j; } el.removeAt(i); } return ret; } void pki_temp::fromExtList(extList *el, int nid, const char *item) { QString target; el->genConf(nid, &target, &adv_ext); settings[item] = target; } extList pki_temp::fromCert(pki_x509super *cert_or_req) { x509name n; extList el = cert_or_req->getV3ext(); adv_ext.clear(); settings["nsComment"] = ""; n = cert_or_req->getSubject(); foreach(QString sn, Settings["explicit_dn"].split(",")) { int nid = OBJ_sn2nid(CCHAR(sn)); QString ne = n.popEntryByNid(nid); if (!ne.isNull()) xname.addEntryByNid(nid, ne); } for (int i=0; i> 1)); bool kuCritical; settings["keyUse"] = QString::number( bitsToInt(el, NID_key_usage, &kuCritical)); settings["kuCritical"] = kuCritical ? "1" : "0"; fromExtList(&el, NID_ext_key_usage, "eKeyUse"); QStringList eKeyUse = settings["eKeyUse"].split(QRegExp(",\\s*")); settings["ekuCritical"] = "0"; if (eKeyUse.contains("critical")) { eKeyUse.removeOne("critical"); settings["eKeyUse"] = eKeyUse.join(", "); settings["ekuCritical"] = "1"; } qDebug() << "eKeyUse" << settings["kuCritical"] << settings["eKeyUse"]; el.genGenericConf(&adv_ext); settings["adv_ext"] = adv_ext; if (cert_or_req->getType() == x509) { pki_x509 *cert = (pki_x509*)cert_or_req; if (cert->getNotAfter().isUndefined()) { settings["noWellDefinedExpDate"] = "1"; } else { a1time notBefore = cert->getNotBefore(); a1time notAfter = cert->getNotAfter(); if (notBefore.toPlain().endsWith("000000Z") && notAfter.toPlain().endsWith("235959Z")) { settings["validMidn"] = "1"; } int diff = notBefore.daysTo(notAfter); settings["validM"] = "0"; if (diff > 60) { settings["validM"] = "1"; diff /= 30; if (diff > 24) { settings["validM"] = "2"; diff /= 12; } } settings["validN"] = QString::number(diff); } } return el; } void pki_temp::fromData(const unsigned char *p, db_header_t *head ) { int version, size; size = head->len - sizeof(db_header_t); version = head->version; fromData(p, size, version); } static QString old_eKeyUse2QString(int old) { QStringList sl; NIDlist eku_nid = *MainWindow::eku_nid; for (int i=0; i 5) { settings["basicPath"] = db::stringFromData(ba); } else { settings["basicPath"] = QString::number(db::intFromData(ba)); if (settings["basicPath"] == "0") settings["basicPath"] = ""; } settings["validN"] = QString::number(db::intFromData(ba)); settings["validM"] = QString::number(db::intFromData(ba)); settings["keyUse"] = QString::number(db::intFromData(ba)); if (version > 4) { settings["eKeyUse"] = db::stringFromData(ba); } else { int old = db::intFromData(ba); settings["eKeyUse"] = old_eKeyUse2QString(old); } settings["nsCertType"] = QString::number(db::intFromData(ba)); settings["subAltName"] = db::stringFromData(ba); settings["issAltName"] = db::stringFromData(ba); settings["crlDist"] = db::stringFromData(ba); settings["nsComment"] = db::stringFromData(ba); settings["nsBaseUrl"] = db::stringFromData(ba); settings["nsRevocationUrl"] = db::stringFromData(ba); settings["nsCARevocationUrl"] = db::stringFromData(ba); settings["nsRenewalUrl"] = db::stringFromData(ba); settings["nsCaPolicyUrl"] = db::stringFromData(ba); settings["nsSslServerName"] = db::stringFromData(ba); xname.d2i(ba); settings["authInfAcc"] = db::stringFromData(ba); /* certPol = */ db::stringFromData(ba); settings["validMidn"] = QString::number(db::boolFromData(ba)); if (version>2) settings["adv_ext"] = db::stringFromData(ba); if (version>3) settings["noWellDefinedExpDate"] = QString::number(db::boolFromData(ba)); if (ba.count() > 0) { my_error(tr("Wrong Size %1").arg(ba.count())); } } QByteArray pki_temp::toData() const { QByteArray ba; ba += xname.i2d(); QBuffer buf(&ba); buf.open(QIODevice::WriteOnly | QIODevice::Append); QDataStream out(&buf); out.setVersion(TEMPLATE_DS_VERSION); out << settings; buf.close(); return ba; } void pki_temp::fromData(QByteArray &ba, int version) { xname.d2i(ba); QBuffer buf(&ba); buf.open(QIODevice::ReadOnly); QDataStream in(&buf); in.setVersion(TEMPLATE_DS_VERSION); in >> settings; QMap translate; translate["eKyUseCritical"] = "ekuCritical"; translate["keyUseCritical"] ="kuCritical"; foreach(QString key, translate.keys()) { if (settings.contains(key)) settings[translate[key]] = settings.take(key); } buf.close(); (void)version; //if (version < 11) .... } void pki_temp::fromData(const unsigned char *p, int size, int version) { if (version < 10) { old_fromData(p, size, version); } else { QByteArray ba((const char*)p, size); fromData(ba, version); } } QByteArray pki_temp::toExportData() const { QByteArray data, header; data = toData(); header = db::intToData(data.count()); header += db::intToData(TMPL_VERSION); header += data; return header; } void pki_temp::writeTemp(XFile &file) const { PEM_file_comment(file); file.write(toExportData()); } void pki_temp::writeDefault(const QString &dirname) const { XFile file(get_dump_filename(dirname, ".xca")); file.open_write(); writeTemp(file); } BIO *pki_temp::pem(BIO *b, int format) { (void)format; QByteArray ba = toExportData(); if (!b) b = BIO_new(BIO_s_mem()); PEM_write_bio(b, PEM_STRING_XCA_TEMPLATE, (char*)"", (unsigned char*)(ba.data()), ba.size()); pki_openssl_error(); return b; } void pki_temp::fromExportData(QByteArray data) { int version; if (data.size() < (int)sizeof(uint32_t)) my_error(tr("Template file content error (too small)")); db::intFromData(data); version = db::intFromData(data); fromData((const unsigned char*)data.constData(), data.size(), version); } void pki_temp::try_fload(XFile &file, const char *mode) { BIO *b = BIO_new(BIO_s_file()); check_oom(b); pki_openssl_error(); BIO_set_fp(b, file.fp(mode), BIO_NOCLOSE); try { fromPEM_BIO(b, file.fileName()); } catch (errorEx &err) { file.retry_read(); QByteArray ba = file.read(4096*1024); fromExportData(ba); } BIO_free(b); pki_openssl_error(); } void pki_temp::fload(const QString &fname) { try { XFile file(fname); file.open_read(); try_fload(file, "rb"); } catch (errorEx &err) { #if defined(Q_OS_WIN32) /* Try again in ascii mode on Windows * to support pre 1.1.0 template exports */ XFile file(fname); file.open(QIODevice::ReadOnly | QIODevice::QIODevice::Text); try_fload(file, "r"); #else throw err; #endif } } void pki_temp::fromPEM_BIO(BIO *bio, const QString &name) { QByteArray ba; QString msg; char *nm = NULL, *header = NULL; unsigned char *data = NULL; long len; PEM_read_bio(bio, &nm, &header, &data, &len); if (ign_openssl_error()) throw errorEx(tr("Not a PEM encoded XCA Template"), getClassName()); if (!strcmp(nm, PEM_STRING_XCA_TEMPLATE)) { ba = QByteArray::fromRawData((char*)data, len); fromExportData(ba); setIntName(rmslashdot(name)); } else { msg = tr("Not an XCA Template, but '%1'").arg(nm); } OPENSSL_free(nm); OPENSSL_free(header); OPENSSL_free(data); if (!msg.isEmpty()) my_error(msg); } pki_temp::~pki_temp() { } bool pki_temp::compare(const pki_base *) const { // we don't care if templates with identical contents // are stored in the database ... return false; } QVariant pki_temp::getIcon(const dbheader *hd) const { return hd->id == HD_internal_name ? QVariant(*icon) : QVariant(); } xca-RELEASE.2.2.1/lib/db_crl.h0000644000175000017500000000143313614632167015062 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2007 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __DB_CRL_H #define __DB_CRL_H #include "db_x509.h" #include "pki_crl.h" #include "widgets/ExportDialog.h" #include #include #include class db_crl: public db_x509name { Q_OBJECT protected: QPixmap *crlicon; dbheaderList getHeaders(); public: db_crl(MainWindow *mw); pki_base *newPKI(enum pki_type type); void revokeCerts(pki_crl *crl); void inToCont(pki_base *pki); pki_base *insert(pki_base *item); void removeSigner(pki_base *signer); void store(QModelIndex index); void load(); void showPki(pki_base *pki); void updateCertView(); public slots: void newItem(); void newItem(pki_x509 *cert); }; #endif xca-RELEASE.2.2.1/lib/pki_evp.cpp0000644000175000017500000004602513614632167015633 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "pki_evp.h" #include "pass_info.h" #include "func.h" #include "db.h" #include "entropy.h" #include "widgets/PwDialog.h" #include #include #include #include #include #include #include #include "openssl_compat.h" Passwd pki_evp::passwd; Passwd pki_evp::oldpasswd; QString pki_evp::passHash = QString(); QPixmap *pki_evp::icon[2]= { NULL, NULL }; void pki_evp::init() { ownPass = ptCommon; pkiType = asym_key; } void pki_evp::setOwnPass(enum passType x) { EVP_PKEY *pk=NULL, *pk_back = key; enum passType oldOwnPass = ownPass; if (ownPass == x || isPubKey()) return; try { pk = decryptKey(); if (pk == NULL) return; key = pk; ownPass = x; encryptKey(); } catch (errorEx &err) { if (pk) EVP_PKEY_free(pk); key = pk_back; ownPass = oldOwnPass; throw(err); } } bool pki_evp::sqlUpdatePrivateKey() { Transaction; if (!TransBegin()) return false; XSqlQuery q; SQL_PREPARE(q, "UPDATE private_keys SET private=?, ownPass=? " "WHERE item=?"); q.bindValue(0, encKey_b64()); q.bindValue(1, ownPass); q.bindValue(2, sqlItemId); AffectedItems(sqlItemId); q.exec(); encKey.fill(0); encKey.clear(); if (!q.lastError().isValid() && q.numRowsAffected() == 1) { TransCommit(); return true; } return false; } void pki_evp::generate(int bits, int type, QProgressBar *progress, int curve_nid) { Entropy::seed_rng(); #ifdef OPENSSL_NO_EC (void)curve_nid; #endif progress->setMinimum(0); progress->setMaximum(100); progress->setValue(50); #if OPENSSL_VERSION_NUMBER < 0x10100000L BN_GENCB _bar, *bar = &_bar; #else BN_GENCB *bar = BN_GENCB_new(); #endif BN_GENCB_set_old(bar, inc_progress_bar, progress); switch (type) { case EVP_PKEY_RSA: { RSA *rsakey = RSA_new(); BIGNUM *e = BN_new(); BN_set_word(e, 0x10001); if (RSA_generate_key_ex(rsakey, bits, e, bar)) EVP_PKEY_assign_RSA(key, rsakey); else RSA_free(rsakey); BN_free(e); break; } case EVP_PKEY_DSA: { DSA *dsakey = DSA_new(); progress->setMaximum(500); if (DSA_generate_parameters_ex(dsakey, bits, NULL, 0, NULL, NULL, bar) && DSA_generate_key(dsakey)) EVP_PKEY_assign_DSA(key, dsakey); else DSA_free(dsakey); break; } #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: EC_KEY *eckey; EC_GROUP *group = EC_GROUP_new_by_curve_name(curve_nid); if (!group) break; eckey = EC_KEY_new(); if (eckey == NULL) { EC_GROUP_free(group); break; } EC_GROUP_set_asn1_flag(group, 1); if (EC_KEY_set_group(eckey, group)) { if (EC_KEY_generate_key(eckey)) { EVP_PKEY_assign_EC_KEY(key, eckey); EC_GROUP_free(group); break; } } EC_KEY_free(eckey); EC_GROUP_free(group); break; #endif } #if OPENSSL_VERSION_NUMBER >= 0x10100000L BN_GENCB_free(bar); #endif isPub = false; pkiSource = generated; pki_openssl_error(); encryptKey(); } pki_evp::pki_evp(const pki_evp *pk) :pki_key(pk) { init(); pki_openssl_error(); ownPass = pk->ownPass; isPub = pk->isPub; encKey = pk->getEncKey(); } pki_evp::pki_evp(const QString name, int type) :pki_key(name) { init(); EVP_PKEY_set_type(key, type); pki_openssl_error(); } #if OPENSSL_VERSION_NUMBER >= 0x10100000L static bool EVP_PKEY_isPrivKey(EVP_PKEY *key) { const BIGNUM *b; int keytype = EVP_PKEY_id(key); switch (EVP_PKEY_type(keytype)) { case EVP_PKEY_RSA: RSA_get0_key(EVP_PKEY_get0_RSA(key), NULL, NULL, &b); return b ? true: false; case EVP_PKEY_DSA: DSA_get0_key(EVP_PKEY_get0_DSA(key), NULL, &b); return b ? true: false; #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: return EC_KEY_get0_private_key( EVP_PKEY_get0_EC_KEY(key)) ? true: false; #endif } return false; } #else static bool EVP_PKEY_isPrivKey(EVP_PKEY *key) { int keytype; keytype = EVP_PKEY_id(key); switch (EVP_PKEY_type(keytype)) { case EVP_PKEY_RSA: return key->pkey.rsa->d ? true: false; case EVP_PKEY_DSA: return key->pkey.dsa->priv_key ? true: false; #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: return EC_KEY_get0_private_key(key->pkey.ec) ? true: false; #endif } return false; } #endif pki_evp::pki_evp(EVP_PKEY *pkey) :pki_key() { init(); set_EVP_PKEY(pkey); } void pki_evp::openssl_pw_error(QString fname) { switch (ERR_peek_error() & 0xff000fff) { case ERR_PACK(ERR_LIB_PEM, 0, PEM_R_BAD_DECRYPT): case ERR_PACK(ERR_LIB_PEM, 0, PEM_R_BAD_PASSWORD_READ): case ERR_PACK(ERR_LIB_EVP, 0, EVP_R_BAD_DECRYPT): pki_ign_openssl_error(); throw errorEx(tr("Failed to decrypt the key (bad password) %1") .arg(fname), getClassName(), E_PASSWD); } } void pki_evp::fromPEMbyteArray(const QByteArray &ba, const QString &name) { BIO *bio = BIO_from_QByteArray(ba); EVP_PKEY *pkey; pass_info p(XCA_TITLE, tr("Please enter the password to decrypt the private key.") + " " + name); pkey = PEM_read_bio_PrivateKey(bio, NULL, PwDialog::pwCallback, &p); openssl_pw_error(name); if (!pkey) { pki_ign_openssl_error(); BIO_free(bio); bio = BIO_from_QByteArray(ba); pkey = PEM_read_bio_PUBKEY(bio, NULL, PwDialog::pwCallback, &p); } BIO_free(bio); pki_openssl_error(); set_EVP_PKEY(pkey, name); } static void search_ec_oid(EVP_PKEY *pkey) { #ifndef OPENSSL_NO_EC EC_KEY *ec; int keytype = EVP_PKEY_id(pkey); if (keytype != EVP_PKEY_EC) return; ec = EVP_PKEY_get0_EC_KEY(pkey); const EC_GROUP *ec_group = EC_KEY_get0_group(ec); EC_GROUP *builtin; if (!ec_group) return; if (EC_GROUP_get_curve_name(ec_group)) return; /* There is an EC_GROUP with a missing OID * because of explicit parameters */ foreach(builtin_curve curve, pki_key::builtinCurves) { builtin = EC_GROUP_new_by_curve_name(curve.nid); if (EC_GROUP_cmp(builtin, ec_group, NULL) == 0) { EC_GROUP_set_curve_name((EC_GROUP *)ec_group, curve.nid); EC_GROUP_set_asn1_flag((EC_GROUP *)ec_group, 1); EC_GROUP_free(builtin); break; } EC_GROUP_free(builtin); } #else (void)pkey; #endif } void pki_evp::set_EVP_PKEY(EVP_PKEY *pkey, QString name) { if (!pkey) return; if (!verify(pkey)) { pki_ign_openssl_error(); EVP_PKEY_free(pkey); throw errorEx(tr("The key from file '%1' is incomplete or inconsistent.").arg(name)); } if (key) EVP_PKEY_free(key); key = pkey; isPub = !EVP_PKEY_isPrivKey(key); if (!isPub) bogusEncryptKey(); search_ec_oid(pkey); autoIntName(name); pki_openssl_error(); } void pki_evp::fload(const QString &fname) { pass_info p(XCA_TITLE, tr("Please enter the password to decrypt the private key from file:\n%1"). arg(compressFilename(fname))); pem_password_cb *cb = PwDialog::pwCallback; pki_ign_openssl_error(); XFile file(fname); file.open_read(); EVP_PKEY *pkey = PEM_read_PrivateKey(file.fp(), NULL, cb, &p); openssl_pw_error(fname); if (!pkey) { pki_ign_openssl_error(); file.retry_read(); pkey = d2i_PrivateKey_fp(file.fp(), NULL); } if (!pkey) { pki_ign_openssl_error(); file.retry_read(); pkey = d2i_PKCS8PrivateKey_fp(file.fp(), NULL, cb, &p); } if (!pkey) { PKCS8_PRIV_KEY_INFO *p8inf; pki_ign_openssl_error(); file.retry_read(); p8inf = d2i_PKCS8_PRIV_KEY_INFO_fp(file.fp(), NULL); if (p8inf) { pkey = EVP_PKCS82PKEY(p8inf); PKCS8_PRIV_KEY_INFO_free(p8inf); } } if (!pkey) { pki_ign_openssl_error(); file.retry_read(); pkey = PEM_read_PUBKEY(file.fp(), NULL, cb, &p); } if (!pkey) { pki_ign_openssl_error(); file.retry_read(); pkey = d2i_PUBKEY_fp(file.fp(), NULL); } if (!pkey) { pki_ign_openssl_error(); file.retry_read(); pkey = load_ssh2_key(file); } if (pki_ign_openssl_error() || !pkey) { if (pkey) EVP_PKEY_free(pkey); throw errorEx(tr("Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format.").arg(fname)); } set_EVP_PKEY(pkey, fname); } void pki_evp::fromData(const unsigned char *p, db_header_t *head) { int version, type, size; void *ptr = NULL; if (key) EVP_PKEY_free(key); key = NULL; size = head->len - sizeof(db_header_t); version = head->version; QByteArray ba((const char*)p, size); type = db::intFromData(ba); ownPass = (enum passType)db::intFromData(ba); if (version < 2) { d2i_old(ba, type); } else { d2i(ba); } pki_openssl_error(); if (key) ptr = EVP_PKEY_get0(key); if (!ptr) throw errorEx(tr("Ignoring unsupported private key")); encKey = ba; isPub = encKey.size() == 0; } EVP_PKEY *pki_evp::decryptKey() const { Passwd ownPassBuf; int ret; if (isPubKey()) { QByteArray ba = i2d_bytearray(I2D_VOID(i2d_PUBKEY), key); return (EVP_PKEY*)d2i_bytearray(D2I_VOID(d2i_PUBKEY), ba); } /* This key has its own password */ if (ownPass == ptPrivate) { pass_info pi(XCA_TITLE, tr("Please enter the password to decrypt the private key: '%1'").arg(getIntName())); ret = PwDialog::execute(&pi, &ownPassBuf, false); if (ret != 1) throw errorEx(tr("Password input aborted"), getClassName()); } else if (ownPass == ptBogus) { // BOGUS pass ownPassBuf = "Bogus"; } else { ownPassBuf = passwd; while (passHash.isEmpty() || (sha512passwT(ownPassBuf, passHash) != passHash && sha512passwd(ownPassBuf, passHash) != passHash)) { pass_info p(XCA_TITLE, tr("Please enter the database password for decrypting the key '%1'").arg(getIntName())); ret = PwDialog::execute(&p, &ownPassBuf, passHash.isEmpty()); if (ret != 1) throw errorEx(tr("Password input aborted"), getClassName()); } } QByteArray myencKey = getEncKey(); qDebug() << "myencKey.count()"<= 0x10100000L ctx = EVP_CIPHER_CTX_new(); #else ctx = &ctxbuf; #endif EVP_CIPHER_CTX_init(ctx); EVP_DecryptInit(ctx, cipher, ckey, iv); EVP_DecryptUpdate(ctx, p , &outl, (const unsigned char*)myencKey.constData() +8, myencKey.count() -8); decsize = outl; EVP_DecryptFinal_ex(ctx, p + decsize , &outl); EVP_CIPHER_CTX_cleanup(ctx); decsize += outl; pki_openssl_error(); tmpkey = d2i_PrivateKey(getKeyType(), NULL, &p1, decsize); pki_openssl_error(); OPENSSL_cleanse(p, myencKey.count()); OPENSSL_free(p); EVP_CIPHER_CTX_cleanup(ctx); #if OPENSSL_VERSION_NUMBER >= 0x10100000L EVP_CIPHER_CTX_free(ctx); #endif pki_openssl_error(); if (EVP_PKEY_type(getKeyType()) == EVP_PKEY_RSA) { RSA *rsa = EVP_PKEY_get0_RSA(tmpkey); RSA_blinding_on(rsa, NULL); } myencKey.fill(0); return tmpkey; } EVP_PKEY *pki_evp::priv2pub(EVP_PKEY* key) { int keylen; unsigned char *p, *p1; EVP_PKEY *pubkey; keylen = i2d_PUBKEY(key, NULL); p1 = p = (unsigned char *)OPENSSL_malloc(keylen); check_oom(p); /* convert rsa/dsa/ec to Pubkey */ keylen = i2d_PUBKEY(key, &p); pki_openssl_error(); p = p1; pubkey = d2i_PUBKEY(NULL, (const unsigned char**)&p, keylen); OPENSSL_free(p1); pki_openssl_error(); return pubkey; } void pki_evp::encryptKey(const char *password) { Passwd ownPassBuf; pki_openssl_error(); /* This key has its own, private password */ if (ownPass == ptPrivate) { int ret; pass_info p(XCA_TITLE, tr("Please enter the password to protect the private key: '%1'"). arg(getIntName())); ret = PwDialog::execute(&p, &ownPassBuf, true); if (ret != 1) throw errorEx("Password input aborted", getClassName()); pki_openssl_error(); } else if (ownPass == ptBogus) { // BOGUS password ownPassBuf = "Bogus"; pki_openssl_error(); } else { if (password) { /* use the password parameter * if this is a common password */ ownPassBuf = password; pki_openssl_error(); } else { int ret = 0; ownPassBuf = passwd; pass_info p(XCA_TITLE, tr("Please enter the database password for encrypting the key")); while (passHash.isEmpty() || (sha512passwT(ownPassBuf, passHash) != passHash && sha512passwd(ownPassBuf, passHash) != passHash)) { ret = PwDialog::execute(&p, &ownPassBuf, passHash.isEmpty()); if (ret != 1) throw errorEx("Password input aborted", getClassName()); } } } /* Convert private key to DER(PKCS8-aes) */ const char *p; BIO *bio = BIO_new(BIO_s_mem()); i2d_PKCS8PrivateKey_bio(bio, key, EVP_aes_256_cbc(), ownPassBuf.data(), ownPassBuf.size(), NULL, 0); pki_openssl_error(); int l = BIO_get_mem_data(bio, &p); encKey = QByteArray(p, l); BIO_free(bio); /* Replace private key by public key and have the encrypted private in "encKey" */ EVP_PKEY *pkey1 = priv2pub(key); check_oom(pkey1); EVP_PKEY_free(key); key = pkey1; pki_openssl_error(); } void pki_evp::set_evp_key(EVP_PKEY *pkey) { if (key) free(key); key = pkey; } void pki_evp::bogusEncryptKey() { ownPass = ptBogus; isPub = false; encryptKey(); } pki_evp::~pki_evp() { encKey.fill(0); } QSqlError pki_evp::insertSqlData() { XSqlQuery q; QSqlError e = pki_key::insertSqlData(); if (e.isValid()) return e; if (isPubKey()) return QSqlError(); SQL_PREPARE(q, "INSERT INTO private_keys (item, ownPass, private) " "VALUES (?, ?, ?)"); q.bindValue(0, sqlItemId); q.bindValue(1, ownPass); q.bindValue(2, encKey_b64()); q.exec(); encKey.fill(0); encKey.clear(); return q.lastError(); } void pki_evp::restoreSql(const QSqlRecord &rec) { pki_key::restoreSql(rec); isPub = rec.isNull(VIEW_private_ownpass); if (!isPub) ownPass =(enum passType)rec.value(VIEW_private_ownpass).toInt(); } QByteArray pki_evp::getEncKey() const { XSqlQuery q; QSqlError e; QByteArray ba; if (encKey.count() > 0 || !sqlItemId.isValid()) return encKey; SQL_PREPARE(q, "SELECT private FROM private_keys WHERE item=?"); q.bindValue(0, sqlItemId); q.exec(); e = q.lastError(); if (e.isValid() || !q.first()) return QByteArray(); return QByteArray::fromBase64(q.value(0).toByteArray().trimmed()); } QSqlError pki_evp::deleteSqlData() { XSqlQuery q; QSqlError e = pki_key::deleteSqlData(); if (e.isValid()) return e; SQL_PREPARE(q, "DELETE FROM private_keys WHERE item=?"); q.bindValue(0, sqlItemId); q.exec(); return q.lastError(); } void pki_evp::writePKCS8(XFile &file, const EVP_CIPHER *enc, pem_password_cb *cb, bool pem) const { pass_info p(XCA_TITLE, tr("Please enter the password protecting the PKCS#8 key '%1'") .arg(getIntName())); EVP_PKEY *pkey = decryptKey(); if (!pkey) { pki_openssl_error(); return; } if (pem) { PEM_file_comment(file); PEM_write_PKCS8PrivateKey(file.fp(), pkey, enc, NULL, 0,cb,&p); } else { i2d_PKCS8PrivateKey_fp(file.fp(), pkey, enc, NULL, 0, cb, &p); } EVP_PKEY_free(pkey); } static int mycb(char *buf, int size, int, void *) { strncpy(buf, pki_evp::passwd, size); return strlen(pki_evp::passwd); } void pki_evp::writeDefault(const QString &dirname) const { XFile file(get_dump_filename(dirname, ".pem")); file.open_key(); writeKey(file, pki_evp::passwd[0] ? EVP_des_ede3_cbc() : NULL, mycb, true); } #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined LIBRESSL_VERSION_NUMBER int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc, unsigned char *kstr, int klen, pem_password_cb *cb, void *u) { const char *t = ""; int keytype = EVP_PKEY_id(x); switch (keytype) { case EVP_PKEY_RSA: t = "RSA PRIVATE KEY"; break; case EVP_PKEY_DSA: t = "DSA PRIVATE KEY"; break; #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: t = "EC PRIVATE KEY"; break; #endif } return PEM_ASN1_write_bio((i2d_of_void *)i2d_PrivateKey, t, bp, (char*)x, enc, kstr, klen, cb, u); } #endif void pki_evp::writeKey(XFile &file, const EVP_CIPHER *enc, pem_password_cb *cb, bool pem) const { pass_info p(XCA_TITLE, tr("Please enter the export password for the private key '%1'") .arg(getIntName())); if (isPubKey()) { writePublic(file, pem); return; } EVP_PKEY *pkey = key ? decryptKey() : NULL; if (!pkey) { pki_openssl_error(); return; } if (pem) { PEM_file_comment(file); BIO *b = BIO_new_fp(file.fp(), BIO_NOCLOSE); if (!b) { EVP_PKEY_free(pkey); return; } PEM_write_bio_PrivateKey_traditional(b, pkey, enc, NULL, 0, cb, &p); BIO_free(b); } else { i2d_PrivateKey_fp(file.fp(), pkey); } EVP_PKEY_free(pkey); pki_openssl_error(); } bool pki_evp::verify_priv(EVP_PKEY *pkey) const { bool verify = true; #if OPENSSL_VERSION_NUMBER >= 0x10000000L unsigned char md[32], sig[1024]; size_t mdlen = sizeof md, siglen = sizeof sig; EVP_PKEY_CTX *ctx = NULL; if (!EVP_PKEY_isPrivKey(pkey)) return true; do { ctx = EVP_PKEY_CTX_new(pkey, NULL); pki_ign_openssl_error(); RAND_bytes(md, mdlen); check_oom(ctx); verify = false; /* Sign some random data in "md" */ if (EVP_PKEY_sign_init(ctx) <= 0) break; if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA) EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING); if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) <= 0) break; if (EVP_PKEY_sign(ctx, sig, &siglen, md, mdlen) <= 0) break; /* Verify the signature */ if (EVP_PKEY_verify_init(ctx) <= 0) break; if (EVP_PKEY_verify(ctx, sig, siglen, md, mdlen) <= 0) break; verify = true; } while (0); if (ctx) EVP_PKEY_CTX_free(ctx); #endif if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA && EVP_PKEY_isPrivKey(pkey)) { RSA *rsa = EVP_PKEY_get0_RSA(pkey); if (RSA_check_key(rsa) != 1) verify = false; } pki_openssl_error(); return verify; } QVariant pki_evp::getIcon(const dbheader *hd) const { if (hd->id != HD_internal_name) return QVariant(); int pixnum= isPubKey() ? 1 : 0; return QVariant(*icon[pixnum]); } QString pki_evp::md5passwd(QByteArray pass) { return formatHash(Digest(pass, EVP_md5())); } QString pki_evp::_sha512passwd(QByteArray pass, QString salt, int size, int repeat) { if (salt.length() < size) return QString(); salt = salt.left(size); pass = salt.toLatin1() + pass; while (repeat--) pass = Digest(pass, EVP_sha512()); return salt + formatHash(pass, ""); } QString pki_evp::sha512passwd(QByteArray pass, QString salt) { return _sha512passwd(pass, salt, 5, 1); } QString pki_evp::sha512passwT(QByteArray pass, QString salt) { return _sha512passwd(pass, salt, 17, 8000); } xca-RELEASE.2.2.1/lib/asn1int.cpp0000644000175000017500000000660413614632167015552 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #include "asn1int.h" #include "func.h" #include "exception.h" #include #include ASN1_INTEGER *a1int::dup(const ASN1_INTEGER *a) const { // this wrapper casts the const to work around the nonconst // declared ASN1_STRING_dup (actually it is const ASN1_INTEGER *r = ASN1_INTEGER_dup((ASN1_INTEGER *)a); openssl_error(); if (!r) r = ASN1_INTEGER_new(); check_oom(r); return r; } a1int::a1int() { in = ASN1_INTEGER_new(); check_oom(in); ASN1_INTEGER_set(in, 0); openssl_error(); } a1int::a1int(const ASN1_INTEGER *i) { in = dup(i); } a1int::a1int(const a1int &a) { in = dup(a.in); } a1int::a1int(const QString &hex) { in = ASN1_INTEGER_new(); check_oom(in); setHex(hex); } a1int::a1int(long l) { in = ASN1_INTEGER_new(); check_oom(in); set(l); } a1int::~a1int() { ASN1_INTEGER_free(in); } a1int &a1int::set(const ASN1_INTEGER *i) { ASN1_INTEGER_free(in); in = dup(i); return *this; } a1int &a1int::set(long l) { ASN1_INTEGER_set(in, l); openssl_error(); return *this; } QString a1int::toQString(int dec) const { QString r; if (in->length == 0) { return r; } BIGNUM *bn = ASN1_INTEGER_to_BN(in, NULL); openssl_error(); char *res = dec ? BN_bn2dec(bn) : BN_bn2hex(bn); openssl_error(); r = res; OPENSSL_free(res); BN_free(bn); return r; } QString a1int::toHex() const { return toQString(0); } QString a1int::toDec() const { return toQString(1); } a1int &a1int::setQString(const QString &s, int dec) { BIGNUM *bn = NULL; if (s.isEmpty()) { return *this; } if (dec) BN_dec2bn(&bn, s.toLatin1()); else BN_hex2bn(&bn, s.toLatin1()); openssl_error(); BN_to_ASN1_INTEGER(bn, in); openssl_error(); BN_free(bn); return *this; } a1int &a1int::setHex(const QString &s) { return setQString(s, 0); } a1int &a1int::setDec(const QString &s) { return setQString(s, 1); } a1int &a1int::setRaw(const unsigned char *data, unsigned len) { BIGNUM *bn = BN_bin2bn(data, len, NULL); if (!bn) openssl_error(); BN_to_ASN1_INTEGER(bn, in); openssl_error(); BN_free(bn); return *this; } ASN1_INTEGER *a1int::get() const { return dup(in); } const ASN1_INTEGER *a1int::get0() const { return in; } long a1int::getLong() const { long l = ASN1_INTEGER_get(in); openssl_error(); return l; } a1int &a1int::operator ++ (void) { BIGNUM *bn = ASN1_INTEGER_to_BN(in, NULL); openssl_error(); BN_add(bn, bn, BN_value_one()); openssl_error(); BN_to_ASN1_INTEGER(bn, in); openssl_error(); BN_free(bn); return *this; } a1int a1int::operator ++ (int) { a1int tmp = *this; operator ++ (); return tmp; } a1int &a1int::operator = (const a1int &a) { set(a.in); return *this; } a1int &a1int::operator = (long i) { ASN1_INTEGER_set(in, i); openssl_error(); return *this; } bool a1int::operator > (const a1int &a) const { return (ASN1_INTEGER_cmp(in, a.in) > 0); } bool a1int::operator < (const a1int &a) const { return (ASN1_INTEGER_cmp(in, a.in) < 0); } bool a1int::operator == (const a1int &a) const { return (ASN1_INTEGER_cmp(in, a.in) == 0); } bool a1int::operator != (const a1int &a) const { return (ASN1_INTEGER_cmp(in, a.in) != 0); } a1int::operator QString() const { return toHex(); } QByteArray a1int::i2d() { return i2d_bytearray(I2D_VOID(i2d_ASN1_INTEGER), in); } int a1int::derSize() const { return i2d_ASN1_INTEGER(in, NULL); } xca-RELEASE.2.2.1/lib/db_x509req.h0000644000175000017500000000161513614632167015521 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2007 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __DB_X509REQ_H #define __DB_X509REQ_H #include "db_key.h" #include "db_x509super.h" #include "pki_temp.h" #include "pki_x509req.h" class db_x509req: public db_x509super { Q_OBJECT protected: dbheaderList getHeaders(); public: db_x509req(MainWindow *mw); pki_base* insert(pki_base *item); pki_base *newPKI(enum pki_type type = none); void fillContextMenu(QMenu *menu, const QModelIndex &index); void store(QModelIndex index); void signReq(QModelIndex index); void toRequest(QModelIndex index); void load(); QList getAllRequests(); void resetX509count(); void setSigned(QModelIndex index, bool signe); public slots: void newItem(pki_temp *temp, pki_x509req *orig = NULL); void newItem(); signals: void newCert(pki_x509req *req); }; #endif xca-RELEASE.2.2.1/lib/pki_x509.h0000644000175000017500000001033613614632167015207 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_X509_H #define __PKI_X509_H #include #include #include #include #include "pki_temp.h" #include "pki_key.h" #include "pki_x509req.h" #include "pki_x509super.h" #include "asn1time.h" #include "asn1int.h" #include "x509rev.h" #include "x509v3ext.h" #include "pkcs11.h" #define VIEW_x509_serial 7 #define VIEW_x509_issuer 8 #define VIEW_x509_ca 9 #define VIEW_x509_cert 10 #define VIEW_x509_auth_template 11 #define VIEW_x509_auth_crlExpire 12 #define VIEW_x509_auth_crlNo 13 #define VIEW_x509_auth_crlDays 14 #define VIEW_x509_auth_dnPolicy_UNUSED 15 #define VIEW_x509_revocation 16 class pki_x509 : public pki_x509super { Q_OBJECT private: QVariant issuerSqlId; a1time crlExpire; a1int crlNumber; int crlDays; QVariant caTemplateSqlId; X509 *cert; void init(); x509rev revocation; x509revList fromDataRevList; protected: int sigAlg() const; public: static QPixmap *icon[5]; pki_x509(X509 *c); pki_x509(const pki_x509 *crt); pki_x509(const QString name = ""); ~pki_x509(); void setSigner(pki_x509 *s) { issuerSqlId = s ? s->getSqlItemId() : QVariant(); } void fload(const QString &fname); void load_token(pkcs11 &p11, CK_OBJECT_HANDLE object); void store_token(bool alwaysSelect); void fromPEM_BIO(BIO *bio, const QString &name); void writeDefault(const QString &dirname) const; a1int hashInfo(const EVP_MD *md) const; void setSerial(const a1int &serial); a1int getSerial() const; void setNotBefore(const a1time &a); void setNotAfter(const a1time &a); a1time getNotBefore() const; a1time getNotAfter() const; x509name getSubject() const; x509name getIssuerName() const; void setSubject(const x509name &n); void setIssuer(const x509name &n); bool caAndPathLen(bool *ca, a1int *pathlen, bool *hasLen) const; void fromData(const unsigned char *p, db_header_t *head); bool isCA() const; bool canSign() const; void writeCert(XFile &file, bool PEM) const; QString getIndexEntry(); bool verify(pki_x509 *signer); bool verify_only(pki_x509 *signer); pki_key *getPubKey() const; void setPubKey(pki_key *key); pki_x509 *getSigner(); void delSigner(pki_base *s); QString fingerprint(const EVP_MD *digest) const; extList getV3ext() const; bool checkDate(); bool addV3ext(const x509v3ext &e, bool skip_existing = false); void sign(pki_key *signkey, const EVP_MD *digest); pki_x509 *findIssuer(); X509 *getCert() { return cert; } void setRevoked(bool rev, a1time inval = a1time(), QString reason = QString()); void setRevoked(const x509rev &revok); bool isRevoked() const; pki_x509 *getBySerial(const a1int &a) const; a1int getCrlNumber() const { return crlNumber; } void setCrlNumber(a1int n) { if (n > crlNumber) crlNumber = n; } void setTemplateSqlId(QVariant sqlId) { caTemplateSqlId = sqlId; } QVariant getTemplateSqlId() { return caTemplateSqlId; } void setCrlDays(int s) { if (s > 0) crlDays = s; } int getCrlDays() { return crlDays; } x509rev getRevocation() { return revocation; } pk11_attlist objectAttributes(); bool hasExtension(int nid) const; bool cmpIssuerAndSerial(pki_x509 *refcert); bool visible() const; void updateView(); x509v3ext getExtByNid(int nid) const; QVariant column_data(const dbheader *hd) const; QVariant getIcon(const dbheader *hd) const; a1time column_a1time(const dbheader *hd) const; QByteArray i2d() const; void d2i(QByteArray &ba); void deleteFromToken(); void deleteFromToken(slotid slot); QString getMsg(msg_type msg) const; int renameOnToken(slotid slot, QString name); BIO *pem(BIO *, int); QVariant bg_color(const dbheader *hd) const; void mergeRevList(x509revList &l); void setRevocations(const x509revList &rl); x509revList getRevList() const; bool compareNameAndKey(pki_x509 *other); void setCrlExpire(a1time a) { crlExpire = a; } QSqlError insertSqlData(); QSqlError deleteSqlData(); void restoreSql(const QSqlRecord &rec); QStringList icsVEVENT() const; QStringList icsVEVENT_ca() const; }; Q_DECLARE_METATYPE(pki_x509 *); #endif xca-RELEASE.2.2.1/lib/db_x509super.cpp0000644000175000017500000001337613614632167016432 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "pki_base.h" #include "db_x509super.h" #include "widgets/MainWindow.h" #include "widgets/CertDetail.h" #include "widgets/XcaDialog.h" #include "oid.h" #include db_x509name::db_x509name(MainWindow *mw) :db_base(mw) { } dbheaderList db_x509name::getHeaders() { dbheaderList h = db_base::getHeaders(); h << new dbheader(HD_subject_name, false, tr("Subject"), tr("Complete distinguished name")) << new num_dbheader(HD_subject_hash, false, tr("Subject hash"), tr("Hash to lookup certs in directories")); foreach(int nid, *MainWindow::dn_nid) h << new nid_dbheader(nid, dbheader::hd_x509name); return h; } db_x509super::db_x509super(MainWindow *mw) :db_x509name(mw) { pkitype_depends << asym_key << smartCard; } void db_x509super::loadContainer() { db_x509name::loadContainer(); /* Resolve Key references */ FOR_ALL_pki(pki, pki_x509super) { QVariant keySqlId = pki->getKeySqlId(); if (!keySqlId.isValid()) continue; quint64 id = keySqlId.toULongLong(); if (!lookup.contains(id)) continue; pki->setRefKey(static_cast(lookup[id])); } } dbheaderList db_x509super::getHeaders() { dbheaderList h = db_x509name::getHeaders(); NIDlist v3nid, v3ns_nid; v3nid << NID_subject_alt_name << NID_issuer_alt_name << NID_subject_key_identifier << NID_authority_key_identifier << NID_key_usage << NID_ext_key_usage << NID_crl_distribution_points << NID_info_access; v3ns_nid << NID_netscape_cert_type << NID_netscape_base_url << NID_netscape_revocation_url << NID_netscape_ca_revocation_url << NID_netscape_renewal_url << NID_netscape_ca_policy_url << NID_netscape_ssl_server_name << NID_netscape_comment; h << new dbheader(HD_x509key_name, false, tr("Key name"), tr("Internal name of the key")) << new dbheader(HD_x509_sigalg, false, tr("Signature algorithm")); foreach(int nid, v3nid) h << new nid_dbheader(nid, dbheader::hd_v3ext); foreach(int nid, v3ns_nid) h << new nid_dbheader(nid, dbheader::hd_v3ext_ns); return h; } pki_key *db_x509super::findKey(pki_x509super *ref) { pki_key *key, *refkey; if (!ref) return NULL; if ((key = ref->getRefKey()) != NULL ) return key; refkey = ref->getPubKey(); if (!refkey) return NULL; key = (pki_key *)mainwin->keys->getByReference(refkey); ref->setRefKey(key); delete(refkey); return key; } QList db_x509super::findByPubKey(pki_key *refkey) { QList list; FOR_ALL_pki(pki, pki_x509super) { pki_key *key = pki->getPubKey(); if (!key) continue; if (refkey->compare(key)) list << pki; delete key; } return list; } void db_x509super::extractPubkey(QModelIndex index) { pki_key *key; pki_x509super *pki = static_cast (index.internalPointer()); if (!pki) return; key = pki->getPubKey(); if (!key) return; key->setIntName(pki->getIntName()); key->pkiSource = transformed; key->selfComment(tr("Extracted from %1 '%2'") .arg(pki->getType() == x509 ? tr("Certificate") : tr("Certificate request")) .arg(pki->getIntName())); key = (pki_key*)mainwin->keys->insert(key); if (!key) return; if (Settings["suppress_messages"]) return; XCA_INFO(key->getMsg(pki_base::msg_import).arg(pki->getIntName())); } void db_x509super::toOpenssl(QModelIndex index) const { pki_x509super *pki = static_cast(index.internalPointer()); QString fn = Settings["workingdir"] + QDir::separator() + pki->getUnderlinedName() + ".conf"; QString fname = QFileDialog::getSaveFileName(mainwin, tr("Save as OpenSSL config"), fn, tr("Config files ( *.conf *.cnf);; All files ( * )")); if (fname.isEmpty()) return; fname = nativeSeparator(fname); Settings["workingdir"] = fname.mid(0, fname.lastIndexOf(QRegExp("[/\\\\]"))); pki->opensslConf(fname); } void db_x509super::toTemplate(QModelIndex index) { pki_x509super *pki = static_cast(index.internalPointer()); if (!pki) return; try { pki_temp *temp = new pki_temp(); check_oom(temp); temp->setIntName(pki->getIntName()); extList el = temp->fromCert(pki); if (el.size()) { QString etext; etext = QString("

") + tr("The following extensions were not ported into the template") + QString("

") + el.getHtml("
"); QTextEdit *textbox = new QTextEdit(etext); XcaDialog *d = new XcaDialog(mainwin, x509, textbox, QString(), QString()); d->aboutDialog(MainWindow::tempImg); d->exec(); delete d; } temp->pkiSource = transformed; temp->selfComment(tr("Transformed from %1 '%2'") .arg(pki->getType() == x509 ? tr("Certificate") : tr("Certificate request")) .arg(pki->getIntName())); createSuccess(mainwin->temps->insert(temp)); } catch (errorEx &err) { mainwin->Error(err); } } void db_x509super::showPki(pki_base *pki) { pki_x509super *x = dynamic_cast(pki); if (!x) return; CertDetail *dlg = new CertDetail(mainwin); if (!dlg) return; switch (x->getType()) { case x509_req: dlg->setReq((pki_x509req*)x); break; case x509: dlg->setCert((pki_x509*)x); break; default: delete dlg; return; } connect(dlg->privKey, SIGNAL(doubleClicked(QString)), mainwin->keys, SLOT(showItem(QString))); connect(dlg->signature, SIGNAL(doubleClicked(QString)), this, SLOT(showItem(QString))); connect(this, SIGNAL(pkiChanged(pki_base*)), dlg, SLOT(itemChanged(pki_base*))); connect(mainwin->keys, SIGNAL(pkiChanged(pki_base*)), dlg, SLOT(itemChanged(pki_base*))); if (dlg->exec()) { QString newname = dlg->descr->text(); QString newcomment = dlg->comment->toPlainText(); if (newname != pki->getIntName() || newcomment != pki->getComment()) { updateItem(pki, newname, newcomment); } } delete dlg; } xca-RELEASE.2.2.1/lib/db_base.cpp0000644000175000017500000004160413614632167015553 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #include "db_base.h" #include "func.h" #include "exception.h" #include #include #include #include #include #include #include "widgets/MainWindow.h" #include "widgets/ImportMulti.h" #include "widgets/XcaDialog.h" #include "ui_ItemProperties.h" QHash db_base::lookup; void db_base::restart_timer() { killTimer(secondsTimer); killTimer(minutesTimer); killTimer(hoursTimer); secondsTimer = startTimer(1000); minutesTimer = startTimer(MSECS_PER_MINUTE); hoursTimer = startTimer(MSECS_PER_HOUR); } db_base::db_base(MainWindow *mw) :QAbstractItemModel(NULL) { rootItem = newPKI(); rootItem->setIntName(rootItem->getClassName()); mainwin = mw; colResizing = 0; class_name = "base"; secondsTimer = minutesTimer = hoursTimer = 0; restart_timer(); } db_base::~db_base() { saveHeaderState(); delete rootItem; } pki_base *db_base::newPKI(enum pki_type type) { (void)type; return new pki_base("rootItem"); } void db_base::createSuccess(pki_base *pki) { if (!pki) return; if (Settings["suppress_messages"]) return; XCA_INFO(pki->getMsg(pki_base::msg_create).arg(pki->getIntName())); } void db_base::remFromCont(const QModelIndex &idx) { if (!idx.isValid()) return; pki_base *pki = static_cast(idx.internalPointer()); pki_base *parent_pki = pki->getParent(); int row = pki->row(); beginRemoveRows(parent(idx), row, row); parent_pki->takeChild(pki); endRemoveRows(); emit columnsContentChanged(); } QString db_base::sqlItemSelector() { QStringList sl; QString selector; foreach(enum pki_type pt, pkitype) sl << QString("type=%1").arg(pt); return sl.join(" OR "); } XSqlQuery db_base::sqlSELECTpki(QString query, QList values) { XSqlQuery q; int i, num_values = values.size(); SQL_PREPARE(q, query); for (i=0; i < num_values; i++) { q.bindValue(i, values[i]); } q.exec(); MainWindow::dbSqlError(q.lastError()); return q; } void db_base::loadContainer() { XSqlQuery q; QSqlError e; QString stmt; SQL_PREPARE(q, QString("SELECT * FROM view_") + sqlHashTable); q.exec(); e = q.lastError(); mainwin->dbSqlError(e); while (q.next()) { enum pki_type t; QSqlRecord rec = q.record(); t = (enum pki_type)q.value(VIEW_item_type).toInt(); pki_base *pki = newPKI(t); pki->restoreSql(rec); insertChild(rootItem, pki); lookup[q.value(VIEW_item_id).toULongLong()] = pki; } QString view = Settings[class_name + "_hdView"]; if (view.isEmpty()) { for (int i=0; i< allHeaders.count(); i++) { allHeaders[i]->reset(); } } else { allHeaders.fromData(view); } restart_timer(); emit columnsContentChanged(); } void db_base::reloadContainer(const QList &typelist) { bool match = false; QList all_types = pkitype + pkitype_depends; foreach(enum pki_type t, typelist) { if (all_types.contains(t)) { match = true; break; } } if (!match) return; qDebug() << "RELOAD" << class_name << all_types << typelist; beginResetModel(); delete rootItem; rootItem = newPKI(); endResetModel(); loadContainer(); } void db_base::updateHeaders() { QString s = allHeaders.toData(); foreach(dbheader *h, allHeaders) delete h; allHeaders = getHeaders(); allHeaders.fromData(s); } dbheaderList db_base::getHeaders() { dbheaderList h; /* "No." handled in XcaProxyModel */ h << new dbheader(HD_internal_name, true, tr("Internal name")) << new num_dbheader(HD_counter, false, tr("No.")) << new num_dbheader(HD_primary_key, false, tr("Primary key"), tr("Database unique number")) << new date_dbheader(HD_creation, false, tr("Date"), tr("Date of creation or insertion")) << new dbheader(HD_source, false, tr("Source"), tr("Generated, Imported, Transformed")) << new dbheader(HD_comment, false, tr("Comment"), tr("First line of the comment field")); return h; } void db_base::saveHeaderState() { if (QSqlDatabase::database().isOpen()) Settings[class_name + "_hdView"] = allHeaders.toData(); } void db_base::setVisualIndex(int i, int visualIndex) { if (colResizing) return; allHeaders[i]->visualIndex = visualIndex; } void db_base::sectionResized(int i, int, int newSize) { if (!allHeaders[i]->show || newSize <= 0 || colResizing) return; allHeaders[i]->size = newSize; } bool db_base::fixedHeaderSize(int sect) { return allHeaders[sect]->size != -1; } void db_base::initHeaderView(QHeaderView *hv) { int max = allHeaders.count(); colResizeStart(); for (int i=0; isetupHeaderView(i, hv); } for (int i=0; ivisualIndex == -1) continue; if (hv->visualIndex(i) != allHeaders[i]->visualIndex) { hv->moveSection(hv->visualIndex(i), allHeaders[i]->visualIndex); } } colResizeEnd(); } void db_base::sortIndicatorChanged(int logicalIndex, Qt::SortOrder order) { int max = allHeaders.count(); if (!isValidCol(logicalIndex)) return; for (int i=0; isortIndicator = -1; } allHeaders[logicalIndex]->sortIndicator = order; } void db_base::insertPKI(pki_base *pki) { Transaction; if (!TransBegin()) return; QSqlError e = pki->insertSql(); if (e.isValid()) { mainwin->dbSqlError(e); TransRollback(); return; } lookup[pki->getSqlItemId().toULongLong()] = pki; inToCont(pki); TransCommit(); restart_timer(); emit columnsContentChanged(); } QString db_base::pem2QString(QModelIndexList indexes) const { exportType::etype format; QString msg; format = clipboardFormat(indexes); foreach(QModelIndex idx, indexes) { long l; const char *p; if (idx.column() != 0) continue; BIO *bio = BIO_new(BIO_s_mem()); pki_base *pki = static_cast (idx.internalPointer()); pki->pem(bio, format); openssl_error(); l = BIO_get_mem_data(bio, &p); msg += QString::fromUtf8(p, l); BIO_free(bio); } return msg; } void db_base::pem2clipboard(QModelIndexList indexes) const { QString msg = pem2QString(indexes); QClipboard *cb = QApplication::clipboard(); if (cb->supportsSelection()) cb->setText(msg, QClipboard::Selection); cb->setText(msg); } void db_base::deletePKI(QModelIndex idx) { pki_base *pki = static_cast(idx.internalPointer()); QSqlDatabase db = QSqlDatabase::database(); try { try { pki->deleteFromToken(); } catch (errorEx &err) { MainWindow::Error(err); } Transaction; if (TransBegin()) { QSqlError e = pki->deleteSql(); TransDone(e); if (!e.isValid()) remFromCont(idx); AffectedItems(pki->getSqlItemId()); mainwin->dbSqlError(e); } } catch (errorEx &err) { MainWindow::Error(err); } } void db_base::showItem(const QModelIndex &index) { pki_base *pki = static_cast(index.internalPointer()); if (pki->isVisible() == 1) showPki(pki); } void db_base::showItem(const QString name) { pki_base *pki = lookupPki(name.toULongLong()); if (pki && pki->isVisible() == 1) showPki(pki); } void db_base::insertChild(pki_base *parent, pki_base *child) { QModelIndex idx = QModelIndex(); if (parent == child || parent == NULL) parent = rootItem; if (parent != rootItem) idx = index(parent); beginInsertRows(idx, 0, 0); parent->insert(0,child); endInsertRows(); } /* Does all the linking from existing keys, crls, certs * to the new imported or generated item * called before the new item will be inserted into the database */ void db_base::inToCont(pki_base *pki) { insertChild(rootItem, pki); } pki_base *db_base::getByName(QString desc) { QList list = sqlSELECTpki( QString("SELECT id FROM items WHERE name=? AND del=0 AND ") + sqlItemSelector(), QList() << QVariant(desc)); return list.isEmpty() ? NULL : list[0]; } pki_base *db_base::getByReference(pki_base *refpki) { if (refpki == NULL) return NULL; QList list = sqlSELECTpki( QString("SELECT item FROM %1 WHERE hash=?").arg(sqlHashTable), QList() << QVariant(refpki->hash())); foreach(pki_base *pki, list) { if (refpki->compare(pki)) return pki; } return NULL; } pki_base *db_base::insert(pki_base *item) { insertPKI(item); return item; } void db_base::dump(const QString &dir) const { QString dirname = dir + QDir::separator() + class_name; QDir d(dirname); if (!d.exists() && !d.mkdir(dirname)) { throw errorEx(tr("Could not create directory %1") .arg(dirname)); } try { FOR_ALL_pki(pki, pki_base) { pki->writeDefault(dirname); } } catch (errorEx &err) { mainwin->Error(err); } } QModelIndex db_base::index(int row, int column, const QModelIndex &parent) const { pki_base *parentItem; if(column <0) abort(); if (!parent.isValid()) parentItem = rootItem; else parentItem = static_cast(parent.internalPointer()); pki_base *childItem = parentItem->child(row); if (childItem) return createIndex(row, column, childItem); else return QModelIndex(); } QModelIndex db_base::index(pki_base *pki) const { if (!pki) return QModelIndex(); return createIndex(pki->row(), 0, pki); } QModelIndex db_base::parent(const QModelIndex &idx) const { if (!idx.isValid()) return QModelIndex(); pki_base *childItem = static_cast(idx.internalPointer()); pki_base *parentItem = childItem->getParent(); if (parentItem == rootItem || parentItem == NULL) return QModelIndex(); return index(parentItem); } int db_base::rowCount(const QModelIndex &parent) const { pki_base *parentItem; if (!parent.isValid()) parentItem = rootItem; else parentItem = static_cast(parent.internalPointer()); return parentItem->childCount(); } int db_base::columnCount(const QModelIndex &) const { return allHeaders.count(); } QVariant db_base::data(const QModelIndex &index, int role) const { if (!index.isValid()) return QVariant(); dbheader *hd = allHeaders[index.column()]; pki_base *item = static_cast(index.internalPointer()); switch (role) { case Qt::EditRole: case Qt::DisplayRole: if (hd->id==HD_internal_name || item->isVisible()==1) return item->column_data(hd); break; case Qt::DecorationRole: return item->getIcon(hd); case Qt::TextAlignmentRole: return hd->isNumeric() ? Qt::AlignRight : Qt::AlignLeft; case Qt::FontRole: return QVariant(XCA_application::tableFont); case Qt::BackgroundRole: return item->bg_color(hd); case Qt::UserRole: return item->isVisible(); case Qt::ToolTipRole: if (hd->id==HD_internal_name || item->isVisible()==1) return item->column_tooltip(hd); break; } return QVariant(); } static QVariant getHeaderViewInfo(dbheader *h) { return QVariant( #if 0 QString("H[%1] Show:%2%3 Size:%4 VI:%5 Indi:%6"). arg(sect).arg(h->show).arg(h->showDefault).arg(h->size). arg(h->visualIndex).arg(h->sortIndicator) #else h->getTooltip() #endif ); } QVariant db_base::headerData(int section, Qt::Orientation orientation, int role) const { if (!isValidCol(section)) return QVariant(); if (orientation == Qt::Horizontal) { switch (role) { case Qt::DisplayRole: return QVariant(allHeaders[section]->getName()); case Qt::ToolTipRole: return getHeaderViewInfo(allHeaders[section]); } } return QVariant(); } Qt::ItemFlags db_base::flags(const QModelIndex &index) const { if (!index.isValid()) return Qt::NoItemFlags; Qt::ItemFlags flags = QAbstractItemModel::flags(index) | Qt::ItemIsDragEnabled; pki_base *item = static_cast(index.internalPointer()); if (item->isVisible() == 2) flags &= ~Qt::ItemIsEnabled; else if (index.column() == 0) flags |= Qt::ItemIsEditable; return flags; } bool db_base::setData(const QModelIndex &index, const QVariant &value, int role) { QString on, nn; pki_base *item; if (index.isValid() && role == Qt::EditRole) { nn = value.toString(); item = static_cast(index.internalPointer()); on = item->getIntName(); if (nn == on) return true; updateItem(item, nn, item->getComment()); return true; } return false; } void db_base::updateItem(pki_base *pki, QString name, QString comment) { XSqlQuery q; QSqlError e; Transaction; TransThrow(); SQL_PREPARE(q, "UPDATE items SET name=?, comment=? WHERE id=?"); q.bindValue(0, name); q.bindValue(1, comment); q.bindValue(2, pki->getSqlItemId()); q.exec(); e = q.lastError(); AffectedItems(pki->getSqlItemId()); mainwin->dbSqlError(e); if (e.isValid()) return; TransDone(e); pki->setIntName(name); pki->setComment(comment); QModelIndex i, j; i = index(pki); j = index(i.row(), allHeaders.size(), i.parent()); emit dataChanged(i, j); emit pkiChanged(pki); restart_timer(); } void db_base::timerEvent(QTimerEvent *event) { int youngest = SECS_PER_DAY; int id = event->timerId(); FOR_ALL_pki(pki, pki_base) { for (int idx=0; idx < allHeaders.count(); idx++) { dbheader *hd = allHeaders[idx]; if (hd->type != dbheader::hd_asn1time) continue; a1time t = pki->column_a1time(hd); if (t.isUndefined()) continue; int age = t.age(); if (age < 0) age *= -1; bool do_emit = false; if (age < youngest) youngest = age; if (!hd->show) continue; if (id == secondsTimer && (age < SECS_PER_MINUTE *2 || age % SECS_PER_MINUTE < 2)) do_emit = true; if (id == minutesTimer && (age % SECS_PER_HOUR < 60)) do_emit = true; if (id == hoursTimer && (age % SECS_PER_DAY < SECS_PER_HOUR)) do_emit = true; if (do_emit) { qDebug() << "Date changed for" << pki->getIntName() << ":" << hd->getName() << "Col:" << idx << t.toSortable(); QModelIndex i; i = createIndex(pki->row(), idx, pki); emit dataChanged(i, i); } } } if (secondsTimer && youngest > SECS_PER_HOUR *2) { killTimer(secondsTimer); secondsTimer = 0; } if (minutesTimer && youngest > SECS_PER_DAY *2) { killTimer(minutesTimer); minutesTimer = 0; } } void db_base::editComment(const QModelIndex &index) { pki_base *item = static_cast(index.internalPointer()); if (!index.isValid() || !item) return; QWidget *w = new QWidget(NULL); Ui::ItemProperties *prop = new Ui::ItemProperties(); prop->setupUi(w); prop->comment->setPlainText(item->getComment()); prop->name->setText(item->getIntName()); prop->source->setText(item->pki_source_name()); prop->insertionDate->setText(item->getInsertionDate().toPretty()); XcaDialog *d = new XcaDialog(mainwin, item->getType(), w, tr("Item properties"), QString()); if (d->exec()) updateItem(item, prop->name->text(), prop->comment->toPlainText()); delete d; } void db_base::load_default(load_base &load) { QString s; QStringList slist = QFileDialog::getOpenFileNames(mainwin, load.caption, Settings["workingdir"], load.filter); if (!slist.count()) return; QString fn = slist[0]; Settings["workingdir"] = fn.mid(0, fn.lastIndexOf("/")); ImportMulti *dlgi = new ImportMulti(mainwin); foreach(s, slist) { pki_base *item = NULL; try { item = load.loadItem(s); dlgi->addItem(item); } catch (errorEx &err) { MainWindow::Error(err); delete item; } } dlgi->execute(); delete dlgi; } void db_base::store(QModelIndexList indexes) { int ret; xcaWarning msg(mainwin, tr("How to export the %1 selected items"). arg(indexes.size())); msg.addButton(QMessageBox::Ok)->setText(tr("All in one PEM file")); msg.addButton(QMessageBox::Apply)->setText(tr("Each item in one file")); msg.addButton(QMessageBox::Cancel); ret = msg.exec(); if (ret == QMessageBox::Apply) { foreach(QModelIndex i, indexes) store(i); return; } else if (ret != QMessageBox::Ok) { return; } QString fn = Settings["workingdir"] + QDir::separator() + "export.pem"; QString s = QFileDialog::getSaveFileName(mainwin, tr("Save %1 items in one file as").arg(indexes.size()), fn, tr("PEM files ( *.pem );; All files ( * )")); if (s.isEmpty()) return; s = nativeSeparator(s); Settings["workingdir"] = s.mid(0, s.lastIndexOf(QRegExp("[/\\\\]"))); try { QString pem = pem2QString(indexes); XFile file(s); file.open_write(); file.write(pem.toLatin1()); } catch (errorEx &err) { MainWindow::Error(err); } } bool db_base::columnHidden(int col) const { if (!isValidCol(col)) return true; if (Settings["disable_netscape"] && allHeaders[col]->type == dbheader::hd_v3ext_ns) return true; return !allHeaders[col]->show; } void db_base::columnResetDefaults() { dbheader *hd; foreach(hd, allHeaders) { hd->reset(); } emit resetHeader(); } bool db_base::isValidCol(int col) const { return col >= allHeaders.size() || col < 0 ? false : true; } QMimeData *db_base::mimeData(const QModelIndexList &indexes) const { QString data = pem2QString(indexes); if (data.isEmpty()) return NULL; QMimeData *mimeData = new QMimeData(); mimeData->setText(data.toLatin1()); mimeData->setData(X_XCA_DRAG_DATA, QByteArray()); return mimeData; } void db_base::writeVcalendar(XFile &file, QStringList vcal) const { QStringList ics; ics << "BEGIN:VCALENDAR" << "VERSION:2.0" << "PRODID:-//" XCA_TITLE "//" PACKAGE_VERSION "//" << vcal << "END:VCALENDAR"; file.write(ics.join("\r\n").toUtf8()); } xca-RELEASE.2.2.1/lib/pass_info.h0000644000175000017500000000154213614632167015617 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2007 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PASS_INFO_H #define __PASS_INFO_H #include #include #include #include "widgets/MainWindow.h" class pass_info: public QObject { Q_OBJECT private: QString title; QString description; QWidget *widget; QString type; QPixmap *pixmap; public: pass_info(QString t, QString d, QWidget *w = NULL); QString getTitle() { return title; } QString getDescription() { return description; } QWidget *getWidget() { return widget; } QString getType() { return type; } QPixmap getImage() { return QPixmap(*pixmap); } void setTitle(QString t) { title = t; } void setDescription(QString d) { description = d; } void setWidget(QWidget *w) { widget = w; } void setPin(); }; #endif xca-RELEASE.2.2.1/lib/pki_x509.cpp0000644000175000017500000005632113614632167015546 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "pki_x509.h" #include "pki_evp.h" #include "pki_scard.h" #include "db_base.h" #include "func.h" #include "base.h" #include "exception.h" #include "pass_info.h" #include "widgets/MainWindow.h" #include #include #include #include "openssl_compat.h" QPixmap *pki_x509::icon[5]; pki_x509::pki_x509(X509 *c) :pki_x509super() { init(); cert = c; pki_openssl_error(); } pki_x509::pki_x509(const pki_x509 *crt) :pki_x509super(crt->desc) { init(); cert = X509_dup(crt->cert); pki_openssl_error(); issuerSqlId = crt->issuerSqlId; setRefKey(crt->getRefKey()); caTemplateSqlId = crt->caTemplateSqlId; revocation = crt->revocation; crlDays = crt->crlDays; crlExpire = crt->crlExpire; pki_openssl_error(); } pki_x509::pki_x509(const QString name) :pki_x509super(name) { init(); cert = X509_new(); X509_set_version(cert, 2); pki_openssl_error(); } QString pki_x509::getMsg(msg_type msg) const { /* * We do not construct english sentences from fragments * to allow proper translations. * The drawback are all the slightly different duplicated messages * * %1 will be replaced by the internal name of the certificate */ switch (msg) { case msg_import: return tr("Successfully imported the certificate '%1'"); case msg_delete: return tr("Delete the certificate '%1'?"); case msg_create: return tr("Successfully created the certificate '%1'"); /* %1: Number of certs; %2: list of cert names */ case msg_delete_multi: return tr("Delete the %1 certificates: %2?"); } return pki_base::getMsg(msg); } QSqlError pki_x509::insertSqlData() { XSqlQuery q; a1time now; pki_x509 *signer = findIssuer(); QSqlError e = pki_x509super::insertSqlData(); if (e.isValid()) return e; SQL_PREPARE(q, "INSERT INTO certs (item, hash, iss_hash, serial, issuer, " "ca, cert) " "VALUES (?, ?, ?, ?, ?, ?, ?)"); q.bindValue(0, sqlItemId); q.bindValue(1, hash()); q.bindValue(2, (uint)getIssuerName().hashNum()); q.bindValue(3, getSerial().toHex()); q.bindValue(4, signer ? signer->getSqlItemId() : QVariant()); q.bindValue(5, (int)isCA()); q.bindValue(6, i2d_b64()); q.exec(); MainWindow::reqs->resetX509count(); if (!isCA()) return q.lastError(); SQL_PREPARE(q, "INSERT INTO authority (item, template, crlExpire, crlNo, crlDays) " "VALUES (?, ?, ?, 0, ?)"); q.bindValue(0, sqlItemId); q.bindValue(1, caTemplateSqlId); q.bindValue(2, crlExpire.toPlain()); q.bindValue(3, crlDays); q.exec(); if (fromDataRevList.size() > 0) fromDataRevList.sqlUpdate(sqlItemId); return q.lastError(); } void pki_x509::restoreSql(const QSqlRecord &rec) { pki_x509super::restoreSql(rec); QByteArray ba = QByteArray::fromBase64( rec.value(VIEW_x509_cert).toByteArray()); d2i(ba); issuerSqlId = rec.value(VIEW_x509_issuer); crlNumber.set(rec.value(VIEW_x509_auth_crlNo).toUInt()); crlExpire.fromPlain(rec.value(VIEW_x509_auth_crlExpire).toString()); caTemplateSqlId = rec.value(VIEW_x509_auth_template); if (!rec.isNull(VIEW_x509_auth_crlDays)) crlDays = rec.value(VIEW_x509_auth_crlDays).toInt(); else crlDays = 30; if (!rec.isNull(VIEW_x509_revocation)) revocation = x509rev(rec, VIEW_x509_revocation); } QSqlError pki_x509::deleteSqlData() { XSqlQuery q; QSqlError e = pki_x509super::deleteSqlData(); QStringList tasks; tasks << "DELETE FROM certs WHERE item=?" << "DELETE FROM authority WHERE item=?" << "UPDATE crls SET issuer=NULL WHERE issuer=?" << "UPDATE certs SET issuer=NULL WHERE issuer=?" << "DELETE FROM revocations WHERE caId=?" ; foreach(QString task, tasks) { SQL_PREPARE(q, task); q.bindValue(0, sqlItemId); q.exec(); e = q.lastError(); if (e.isValid()) return e; } // Select affected items QList list = db_base::sqlSELECTpki( "SELECT DISTINCT items.id FROM items, certs, crls " "WHERE (items.id = certs.item OR items.id = crls.item) " "AND crls.issuer = ? AND certs.issuer = ?", QList() << QVariant(sqlItemId) << QVariant(sqlItemId)); foreach(pki_base *pki, list) AffectedItems(pki->getSqlItemId()); MainWindow::reqs->resetX509count(); return q.lastError(); } pki_x509 *pki_x509::findIssuer() { XSqlQuery q; pki_x509 *issuer; unsigned hash; if ((issuer = getSigner()) != NULL) return issuer; // first check for self-signed if (verify(this)) return this; hash = getIssuerName().hashNum(); /* Select X509 CA certificates with subject-hash == hash */ SQL_PREPARE(q, "SELECT x509super.item from x509super " "JOIN certs ON certs.item = x509super.item " "WHERE certs.ca=1 AND x509super.subj_hash=?"); q.bindValue(0, hash); q.exec(); while (q.next()) { issuer = db_base::lookupPki(q.value(0)); if (!issuer) { qDebug("Certificate with id %d not found", q.value(0).toInt()); } if (verify(issuer)) { return issuer; } } return NULL; } void pki_x509::fromPEM_BIO(BIO *bio, const QString &fname) { X509 *_cert; _cert = PEM_read_bio_X509(bio, NULL, NULL, NULL); openssl_error(fname); X509_free(cert); cert = _cert; } void pki_x509::fload(const QString &fname) { X509 *_cert; XFile file(fname); file.open_read(); _cert = PEM_read_X509(file.fp(), NULL, NULL, NULL); if (!_cert) { pki_ign_openssl_error(); file.retry_read(); _cert = d2i_X509_fp(file.fp(), NULL); } if (pki_ign_openssl_error() || !_cert) { if (_cert) X509_free(_cert); throw errorEx(tr("Unable to load the certificate in file %1. Tried PEM and DER certificate.").arg(fname)); } X509_free(cert); cert = _cert; } pki_x509::~pki_x509() { if (cert) { X509_free(cert); } pki_openssl_error(); } void pki_x509::init() { caTemplateSqlId = QVariant(); crlDays = 30; crlExpire.setUndefined(); cert = NULL; pkiType = x509; } void pki_x509::setSerial(const a1int &serial) { X509_set_serialNumber(cert, serial.get()); pki_openssl_error(); } a1int pki_x509::getSerial() const { a1int a(X509_get_serialNumber(cert)); pki_openssl_error(); return a; } pki_x509 *pki_x509::getBySerial(const a1int &a) const { foreach(pki_base *p, childItems) { pki_x509 *pki = static_cast(p); if (a == pki->getSerial()) return pki; } return NULL; } a1int pki_x509::hashInfo(const EVP_MD *md) const { unsigned char digest[EVP_MAX_MD_SIZE]; unsigned len = 0; if (!X509_digest(cert, md, digest, &len)) pki_openssl_error(); a1int a; a.setRaw(digest,len); return a; } void pki_x509::load_token(pkcs11 &p11, CK_OBJECT_HANDLE object) { QString desc; pk11_attr_ulong type(CKA_CERTIFICATE_TYPE); p11.loadAttribute(type, object); if (type.getValue() != CKC_X_509) throw errorEx(QString("Unsupported Certificate type %1" ).arg(type.getValue())); try { pk11_attr_data label(CKA_LABEL); p11.loadAttribute(label, object); desc = label.getText(); } catch(errorEx &err) { qDebug("No Cert Label: %s", err.getCString()); // IGNORE } pk11_attr_data x509(CKA_VALUE); p11.loadAttribute(x509, object); QByteArray der = x509.getData(); d2i(der); if (desc.isEmpty()) { try { x509name xn; pk11_attr_data subj(CKA_SUBJECT); p11.loadAttribute(subj, object); QByteArray der = subj.getData(); xn.d2i(der); desc = xn.getMostPopular(); pki_openssl_error(); } catch(errorEx &err) { qDebug("No Cert Subject: %s", err.getCString()); // IGNORE } } setIntName(desc); pkiSource = token; pki_openssl_error(); } void pki_x509::d2i(QByteArray &ba) { X509 *c = (X509*)d2i_bytearray(D2I_VOID(d2i_X509), ba); if (c) { X509_free(cert); cert = c; } pki_openssl_error(); } QByteArray pki_x509::i2d() const { return i2d_bytearray(I2D_VOID(i2d_X509), cert); } void pki_x509::store_token(bool alwaysSelect) { pki_scard *card = NULL; slotid slot; x509name xname; QList objects; pkcs11 p11; pki_key *privkey = getRefKey(); if (!privkey || !privkey->isToken() || alwaysSelect) { if (!p11.selectToken(&slot, NULL)) return; } else { card = dynamic_cast(privkey); if (!card || !card->prepare_card(&slot)) return; } pk11_attlist p11_atts; p11_atts << pk11_attr_ulong(CKA_CLASS, CKO_CERTIFICATE) << pk11_attr_ulong(CKA_CERTIFICATE_TYPE, CKC_X_509) << pk11_attr_data(CKA_VALUE, i2d()); p11.startSession(slot, true); QList objs = p11.objectList(p11_atts); if (objs.count() != 0) { XCA_WARN(tr("This certificate is already on the security token")); return; } p11_atts << pk11_attr_bool(CKA_TOKEN, true) << pk11_attr_bool(CKA_PRIVATE, false) << pk11_attr_data(CKA_SUBJECT, getSubject().i2d()) << pk11_attr_data(CKA_ISSUER, getIssuerName().i2d()) << pk11_attr_data(CKA_SERIAL_NUMBER, getSerial().i2d()) << pk11_attr_data(CKA_LABEL, desc.toUtf8()) << (card ? card->getIdAttr() : p11.findUniqueID(CKO_CERTIFICATE)); if (p11.tokenLogin(p11.tokenInfo().label(), false).isNull()) return; p11.createObject(p11_atts); } void pki_x509::deleteFromToken() { pki_key *privkey = getRefKey(); pki_scard *card = dynamic_cast(privkey); slotidList p11_slots; if (!card || !pkcs11::loaded()) return; if (privkey && privkey->isToken()) { slotid slot; if (!card->prepare_card(&slot)) return; p11_slots << slot; } else { pkcs11 p11; p11_slots = p11.getSlotList(); } for (int i=0; i objs = p11.objectList(atts); if (!objs.count()) return; tkInfo ti = p11.tokenInfo(); if (!XCA_YESNO(tr("Delete the certificate '%1' from the token '%2 (#%3)'?"). arg(getIntName()).arg(ti.label()).arg(ti.serial()))) { return; } if (p11.tokenLogin(ti.label(), false).isNull()) return; p11.deleteObjects(objs); } int pki_x509::renameOnToken(slotid slot, QString name) { pkcs11 p11; p11.startSession(slot, true); pk11_attlist attrs = objectAttributes(); QList objs = p11.objectList(attrs); if (!objs.count()) return 0; pk11_attr_data label(CKA_LABEL, name.toUtf8()); tkInfo ti = p11.tokenInfo(); if (p11.tokenLogin(ti.label(), false).isNull()) return 0; p11.storeAttribute(label, objs[0]); return 1; } void pki_x509::setNotBefore(const a1time &a) { a1time t(a); X509_set_notBefore(cert, t.get_utc()); pki_openssl_error(); } void pki_x509::setNotAfter(const a1time &a) { a1time t(a); X509_set_notAfter(cert, t.get_utc()); pki_openssl_error(); } a1time pki_x509::getNotBefore() const { a1time a(X509_get_notBefore(cert)); return a; } a1time pki_x509::getNotAfter() const { a1time a(X509_get_notAfter(cert)); return a; } x509name pki_x509::getSubject() const { x509name x(X509_get_subject_name(cert)); pki_openssl_error(); return x; } x509name pki_x509::getIssuerName() const { x509name x(X509_get_issuer_name(cert)); pki_openssl_error(); return x; } void pki_x509::setSubject(const x509name &n) { X509_set_subject_name(cert, n.get()); pki_openssl_error(); } void pki_x509::setIssuer(const x509name &n) { X509_set_issuer_name(cert, n.get()); pki_openssl_error(); } bool pki_x509::addV3ext(const x509v3ext &e, bool skip_existing) { if (!e.isValid()) return false; if (skip_existing && X509_get_ext_by_NID(cert, e.nid(), -1) != -1) return false; X509_EXTENSION *ext = e.get(); X509_add_ext(cert, ext, -1); X509_EXTENSION_free(ext); pki_openssl_error(); return true; } void pki_x509::delSigner(pki_base *s) { if (s && (s->getSqlItemId() == issuerSqlId)) issuerSqlId = QVariant(); } bool pki_x509::isCA() const { bool ca; int crit; BASIC_CONSTRAINTS *bc = (BASIC_CONSTRAINTS *) X509_get_ext_d2i(cert, NID_basic_constraints, &crit, NULL); pki_openssl_error(); ca = bc && bc->ca; if (bc) BASIC_CONSTRAINTS_free(bc); return ca; } bool pki_x509::canSign() const { pki_key *privkey = getRefKey(); if (!privkey || privkey->isPubKey()) return false; if (privkey->isToken() && !pkcs11::loaded()) return false; return isCA(); } bool pki_x509::hasExtension(int nid) const { return getV3ext().idxByNid(nid) != -1; } void pki_x509::sign(pki_key *signkey, const EVP_MD *digest) { EVP_PKEY *tkey; if (!signkey) { my_error(tr("There is no key for signing !")); } tkey = signkey->decryptKey(); pki_openssl_error(); X509_sign(cert, tkey, digest); pki_openssl_error(); EVP_PKEY_free(tkey); pki_openssl_error(); } void pki_x509::fromData(const unsigned char *p, db_header_t *head) { int version, size; bool isRevoked = false; version = head->version; size = head->len - sizeof(db_header_t); QByteArray ba((const char*)p, size); d2i(ba); pki_openssl_error(); /* trust = */ db::intFromData(ba); if (version < 4) { a1time revoked; isRevoked = db::boolFromData(ba); revoked.d2i(ba); pki_openssl_error(); if (isRevoked) { revocation.setDate(revoked); revocation.setSerial(getSerial()); } } pki_openssl_error(); /* Superflous CaSerial = */db::stringFromData(ba); QString caTemplate = db::stringFromData(ba); crlDays = db::intFromData(ba); crlExpire.d2i(ba); pki_openssl_error(); if (version > 1) /* randomSerial = */ db::boolFromData(ba); if (version > 2) crlNumber.setHex(db::stringFromData(ba)); pki_openssl_error(); if (version > 2 && version < 4) { // load own revocation info, to tell daddy about it a1time invalDate; QString revoke_reason = db::stringFromData(ba); invalDate.d2i(ba); pki_openssl_error(); if (isRevoked) { revocation.setReason(revoke_reason); revocation.setInvalDate(invalDate); } } pki_openssl_error(); if (version > 3) { fromDataRevList.fromBA(ba); pki_openssl_error(); } if (ba.count() > 0) { my_error(tr("Wrong Size %1").arg(ba.count())); } pki_openssl_error(); XSqlQuery q; SQL_PREPARE(q, "SELECT id FROM items WHERE name=? AND type=?"); q.bindValue(0, caTemplate); q.bindValue(1, tmpl); q.exec(); if (q.next()) caTemplateSqlId = q.value(0); } void pki_x509::writeDefault(const QString &dirname) const { XFile file(get_dump_filename(dirname, ".crt")); file.open_write(); writeCert(file, true); } void pki_x509::writeCert(XFile &file, bool PEM) const { if (!cert) return; if (PEM) { PEM_file_comment(file); PEM_write_X509(file.fp(), cert); } else { i2d_X509_fp(file.fp(), cert); } pki_openssl_error(); } QString pki_x509::getIndexEntry() { QString flag = NULL; bool revoked = isRevoked(); if (revoked) flag = "R"; else if (checkDate()) flag = "V"; else flag = "E"; return QString("%1\t%2\t%3\t%4\tunknown\t%5\n").arg( flag, getNotAfter().toPlainUTC(), revoked ? revocation.getDate().toPlainUTC() : "", getSerial(), QString(X509_NAME_oneline(getSubject().get(), NULL, 0))); } BIO *pki_x509::pem(BIO *b, int format) { (void)format; if (!b) b = BIO_new(BIO_s_mem()); PEM_write_bio_X509(b, cert); return b; } bool pki_x509::cmpIssuerAndSerial(pki_x509 *refcert) { bool ret = X509_issuer_and_serial_cmp(cert, refcert->cert); pki_openssl_error(); return ret; } bool pki_x509::verify_only(pki_x509 *signer) { X509_NAME *subject = X509_get_subject_name(signer->cert); X509_NAME *issuer = X509_get_issuer_name(cert); pki_openssl_error(); if (X509_NAME_cmp(subject, issuer)) { return false; } EVP_PKEY *pub = X509_get_pubkey(signer->cert); if (!pub) { pki_ign_openssl_error(); return false; } int i = X509_verify(cert, pub); pki_ign_openssl_error(); return i>0; } bool pki_x509::verify(pki_x509 *signer) { if ((issuerSqlId != QVariant()) || (signer == NULL)) return false; if (signer == this && issuerSqlId == sqlItemId && issuerSqlId != QVariant()) return true; if (signer && verify_only(signer)) { int idx; x509rev r; x509revList rl(revocation); r.setSerial(getSerial()); setSigner(signer); signer->mergeRevList(rl); rl = signer->getRevList(); idx = rl.indexOf(r); if (idx != -1) revocation = rl[idx]; return true; } return false; } x509revList pki_x509::getRevList() const { return isCA() ? x509revList::fromSql(sqlItemId) : x509revList(); } void pki_x509::mergeRevList(x509revList &l) { x509revList revList = getRevList(); revList.merge(l); if (revList.merged) revList.sqlUpdate(sqlItemId); } void pki_x509::setRevocations(const x509revList &rl) { x509rev rev; x509revList revList = rl; foreach(pki_base *p, childItems) { pki_x509 *pki = static_cast(p); rev.setSerial(pki->getSerial()); int idx = revList.indexOf(rev); if (idx != -1) pki->revocation = revList[idx]; else pki->revocation = x509rev(); } revList.sqlUpdate(sqlItemId); } pki_key *pki_x509::getPubKey() const { EVP_PKEY *pkey = X509_get_pubkey(cert); pki_ign_openssl_error(); if (pkey == NULL) return NULL; pki_evp *key = new pki_evp(pkey); pki_openssl_error(); return key; } bool pki_x509::compareNameAndKey(pki_x509 *other) { int r; X509_NAME *s1, *s2; EVP_PKEY *pub1, *pub2; if (!cert || !other->cert) return false; s1 = X509_get_subject_name(cert); s2 = X509_get_subject_name(other->cert); pki_openssl_error(); if (!s1 || !s2) return false; /* X509_NAME_cmp returns 0 if they match */ r = X509_NAME_cmp(s1, s2); pki_openssl_error(); if (r) return false; pub1 = X509_get_pubkey(cert); pub2 = X509_get_pubkey(other->cert); pki_ign_openssl_error(); if (!pub1 || !pub2) return false; /* EVP_PKEY_cmp() return 1 if the keys match */ r = EVP_PKEY_cmp(pub1, pub2); pki_openssl_error(); return r == 1; } void pki_x509::setPubKey(pki_key *key) { X509_set_pubkey(cert, key->getPubKey()); pki_openssl_error(); } QString pki_x509::fingerprint(const EVP_MD *digest) const { return ::fingerprint(i2d_bytearray(I2D_VOID(i2d_X509), cert), digest); } bool pki_x509::checkDate() { a1time n, b, a; n = a1time::now(), b = getNotBefore(); a = getNotAfter(); pki_openssl_error(); if (!a.isValid() || !b.isValid()) return false; if (!a.isUndefined() && (a < n)) return false; if (b > n) return false; pki_openssl_error(); return true; } extList pki_x509::getV3ext() const { extList el; el.setStack(X509_get0_extensions(cert)); return el; } x509v3ext pki_x509::getExtByNid(int nid) const { extList el = getV3ext(); int i = el.idxByNid(nid); try { pki_openssl_error(); } catch(errorEx &err) { XCA_WARN(err.getString()); } if (i == -1) return x509v3ext(); return el[i]; } int pki_x509::sigAlg() const { return X509_get_signature_nid(cert); } pki_x509 *pki_x509::getSigner() { return db_base::lookupPki(issuerSqlId); } bool pki_x509::isRevoked() const { return revocation.isValid(); } void pki_x509::setRevoked(const x509rev &revok) { revocation = revok; } bool pki_x509::caAndPathLen(bool *ca, a1int *pathlen, bool *hasLen) const { x509v3ext e = getExtByNid(NID_basic_constraints); if (e.nid() != NID_basic_constraints) return false; BASIC_CONSTRAINTS *bc = (BASIC_CONSTRAINTS *)e.d2i(); if (hasLen) *hasLen = bc->pathlen ? true : false; if (pathlen && bc->pathlen) pathlen->set(bc->pathlen); if (ca) *ca = bc->ca; BASIC_CONSTRAINTS_free(bc); pki_openssl_error(); return true; } QVariant pki_x509::column_data(const dbheader *hd) const { switch (hd->id) { case HD_cert_serial: return QVariant(getSerial().toHex()); case HD_cert_md5fp: return QVariant(fingerprint(EVP_md5())); case HD_cert_sha1fp: return QVariant(fingerprint(EVP_sha1())); case HD_cert_sha256fp: return QVariant(fingerprint(EVP_sha256())); case HD_cert_ca: { a1int len; bool ca, haslen; if (caAndPathLen(&ca, &len, &haslen)) { if (ca && haslen) return QVariant(len.toDec()); if (!ca) return QVariant(tr("No")); else return QVariant(tr("Yes")); } break; } } return pki_x509super::column_data(hd); } a1time pki_x509::column_a1time(const dbheader *hd) const { switch (hd->id) { case HD_cert_notBefore: return getNotBefore(); case HD_cert_notAfter: return getNotAfter(); case HD_cert_revocation: if (isRevoked()) return revocation.getDate(); break; case HD_cert_crl_expire: if (canSign()) return crlExpire; break; } return pki_base::column_a1time(hd); } QStringList pki_x509::icsVEVENT() const { return pki_base::icsVEVENT(getNotAfter(), tr("Renew certificate: %1").arg(getIntName()), tr("The XCA certificate '%1', issued on %2 " "will expire on %3.\n" "It is stored in the XCA database '%4'") .arg(getIntName()) .arg(getNotBefore().toPretty()) .arg(getNotAfter().toPretty()) .arg(currentDB) ); } QStringList pki_x509::icsVEVENT_ca() const { QStringList ics; ics << icsVEVENT(); foreach(pki_base *p, childItems) { pki_x509 *pki = static_cast(p); if (pki->getNotAfter() > a1time() && !isRevoked()) ics << pki->icsVEVENT(); } ics << pki_base::icsVEVENT(crlExpire, tr("CRL Renewal of CA '%1' due").arg(getIntName()), tr("The latest CRL issued by the CA '%1' will expire on %2.\n" "It is stored in the XCA database '%3'") .arg(getIntName()) .arg(crlExpire.toPretty()) .arg(currentDB) ); return ics; } QVariant pki_x509::getIcon(const dbheader *hd) const { int pixnum = 0; bool ca; switch (hd->id) { case HD_cert_ca: if (!caAndPathLen(&ca, NULL, NULL)) return QVariant(); if (!ca) return QVariant(); pixnum = 4; break; case HD_internal_name: if (hasPrivKey()) pixnum += 1; if (isRevoked()) pixnum += 2; break; default: return pki_x509super::getIcon(hd); } return QVariant(*icon[pixnum]); } bool pki_x509::visible() const { if (pki_x509super::visible()) return true; if (getIssuerName().search(limitPattern)) return true; if (fingerprint(EVP_md5()).contains(limitPattern)) return true; if (fingerprint(EVP_sha1()).contains(limitPattern)) return true; if (fingerprint(EVP_sha256()).contains(limitPattern)) return true; if (getSerial().toHex().contains(limitPattern)) return true; return false; } QVariant pki_x509::bg_color(const dbheader *hd) const { #define BG_RED QBrush(QColor(255, 0, 0)) #define BG_YELLOW QBrush(QColor(255,255, 0)) #define BG_CYAN QBrush(QColor(127,255,212)) if (Settings["no_expire_colors"]) return QVariant(); QString unit, cert_expiry_num = Settings["cert_expiry"]; unit = cert_expiry_num.right(1); cert_expiry_num.chop(1); int n = cert_expiry_num.toInt(); a1time nb, na, now, certwarn; nb = getNotBefore(); na = getNotAfter(); now = a1time::now(); if (unit == "%") { quint64 lifetime = nb.secsTo(na); certwarn = nb.addSecs(lifetime *n /100); } else if (unit == "D") { certwarn = na.addDays(-n); } else if (unit == "W") { certwarn = na.addDays(-n*7); } switch (hd->id) { case HD_cert_notBefore: if (nb > now || !nb.isValid() || nb.isUndefined()) return QVariant(BG_RED); break; case HD_cert_notAfter: { if (na.isUndefined()) return QVariant(BG_CYAN); if (na < now) return QVariant(BG_RED); if (certwarn < now) return QVariant(BG_YELLOW); break; } case HD_cert_crl_expire: if (canSign()) { QDateTime crlwarn, crlex; crlex = crlExpire; if (!crlExpire.isUndefined()) { crlwarn = crlex.addSecs(-2 *60*60*24); if (crlex < now) return QVariant(BG_RED); if (crlwarn < now || !crlex.isValid()) return QVariant(BG_YELLOW); } } } return QVariant(); } xca-RELEASE.2.2.1/lib/pkcs11.h0000644000175000017500000001130513614632167014736 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2009 - 2011 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __XCA_PKCS11_H #define __XCA_PKCS11_H #include "pkcs11_lib.h" #include "opensc-pkcs11.h" #include #include #include #include #include "pk11_attribute.h" #define WAITCURSOR_START do { QApplication::setOverrideCursor(QCursor(Qt::WaitCursor)); ign_openssl_error(); } while(0); #define WAITCURSOR_END do { QApplication::restoreOverrideCursor(); ign_openssl_error(); } while(0); #define CALL_P11_C(l, func, ...) do { \ snprintf(segv_data, sizeof segv_data, "Crashed in %s in %s from %s:%d\n" \ "This looks like a bug in the PKC#11 library and not in XCA\n", \ #func, CCHAR((l)->filename()), __func__, __LINE__); \ QApplication::setOverrideCursor(QCursor(Qt::WaitCursor)); \ rv = l->ptr()->func(__VA_ARGS__); \ segv_data[0] = 0; \ QApplication::restoreOverrideCursor(); \ ign_openssl_error(); \ } while(0); class tkInfo { private: CK_TOKEN_INFO token_info; public: tkInfo(const CK_TOKEN_INFO *ti) { set(ti); } tkInfo(const tkInfo &tk) { set(&tk.token_info); } void set(const CK_TOKEN_INFO *ti) { memcpy(&token_info, ti, sizeof(token_info)); // sanitize strings for (int i=0; i<32; i++) { if (token_info.label[i] == 0) token_info.label[i] = ' '; if (token_info.manufacturerID[i] == 0) token_info.manufacturerID[i] = ' '; } for (int i=0; i<16; i++) { if (token_info.model[i] == 0) token_info.model[i] = ' '; if (token_info.serialNumber[i] == 0) token_info.serialNumber[i] = ' '; } } QString label() const { return UTF8QSTRING(token_info.label, 32); } QString manufacturerID() const { return UTF8QSTRING(token_info.manufacturerID, 32); } QString model() const { return UTF8QSTRING(token_info.model, 16); } QString serial() const { return ASCIIQSTRING(token_info.serialNumber, 16); } bool protAuthPath() const { return !!(token_info.flags & CKF_PROTECTED_AUTHENTICATION_PATH); } bool tokenInitialized() const { return !!(token_info.flags & CKF_TOKEN_INITIALIZED); } QString pinInfo() const { return QObject::tr("Required PIN size: %1 - %2"). arg(token_info.ulMinPinLen). arg(token_info.ulMaxPinLen); } }; class pkcs11 { friend class pk11_attribute; friend class pk11_attr_ulong; friend class pk11_attr_data; private: static pkcs11_lib_list libs; slotid p11slot; CK_SESSION_HANDLE session; CK_OBJECT_HANDLE p11obj; public: pkcs11(); ~pkcs11(); static bool loaded() { foreach(pkcs11_lib *l, libs) { if (l->isLoaded()) return true; } return false; } static pkcs11_lib *load_lib(const QString &fname); static pkcs11_lib *get_lib(const QString &fname) { return libs.get_lib(fname); } static bool remove_lib(QString fname) { return libs.remove_lib(fname); } static void remove_libs() { qDeleteAll(libs.begin(), libs.end()); libs.clear(); } static void reload_libs(const QString &libnames); static pkcs11_lib_list get_libs() { return libs; } tkInfo tokenInfo(slotid slot); tkInfo tokenInfo() { return tokenInfo(p11slot); } QString driverInfo(slotid slot) { return slot.lib->driverInfo(); } slotidList getSlotList() { return libs.getSlotList(); } bool selectToken(slotid *slot, QWidget *w); void changePin(slotid slot, bool so); void initPin(slotid slot); void initToken(slotid slot, unsigned char *pin, int pinlen, QString label); QList mechanismList(slotid slot); void mechanismInfo(slotid slot, CK_MECHANISM_TYPE m, CK_MECHANISM_INFO *info); void startSession(slotid slot, bool rw = false); /* Session based functions */ void loadAttribute(pk11_attribute &attribute, CK_OBJECT_HANDLE object); void storeAttribute(pk11_attribute &attribute, CK_OBJECT_HANDLE object); QList objectList(pk11_attlist &atts); QString tokenLogin(QString name, bool so, bool force=false); void getRandom(); void logout(); bool needsLogin(bool so); void login(unsigned char *pin, unsigned long pinlen, bool so); void setPin(unsigned char *oldPin, unsigned long oldPinLen, unsigned char *pin, unsigned long pinLen); CK_OBJECT_HANDLE createObject(pk11_attlist &attrs); pk11_attr_data findUniqueID(unsigned long oclass); pk11_attr_data generateKey(QString name, unsigned long ec_rsa_mech, unsigned long bits, int nid); int deleteObjects(QList objects); EVP_PKEY *getPrivateKey(EVP_PKEY *pub, CK_OBJECT_HANDLE obj); int encrypt(int flen, const unsigned char *from, unsigned char *to, int tolen, unsigned long m); int decrypt(int flen, const unsigned char *from, unsigned char *to, int tolen, unsigned long m); }; #endif xca-RELEASE.2.2.1/lib/pki_temp.h0000644000175000017500000000464013614632167015450 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_TEMP_H #define __PKI_TEMP_H #include "pki_base.h" #include "x509name.h" #include "asn1time.h" #include "pki_x509super.h" #define D5 "-----" #define PEM_STRING_XCA_TEMPLATE "XCA TEMPLATE" #define TMPL_VERSION 10 #define CHECK_TMPL_KEY if (!tmpl_keys.contains(key)) { qDebug("Unknown template key: %s(%s)", __func__, CCHAR(key)); } #define VIEW_temp_version 6 #define VIEW_temp_template 7 class pki_temp: public pki_x509name { Q_OBJECT protected: static QList tmpl_keys; int dataSize(); void try_fload(XFile &file, const char *mode); bool pre_defined; x509name xname; QMap settings; QString adv_ext; void fromExtList(extList *el, int nid, const char *item); public: static QPixmap *icon; // methods QString getSetting(QString key) { CHECK_TMPL_KEY return settings[key]; } int getSettingInt(QString key) { CHECK_TMPL_KEY return settings[key].toInt(); } void setSetting(QString key, QString value) { CHECK_TMPL_KEY settings[key] = value; } void setSetting(QString key, int value) { CHECK_TMPL_KEY settings[key] = QString::number(value); } pki_temp(const pki_temp *pk); pki_temp(const QString d = QString()); void fload(const QString &fname); void writeDefault(const QString &dirname) const ; ~pki_temp(); void fromData(const unsigned char *p, int size, int version); void old_fromData(const unsigned char *p, int size, int version); void fromData(const unsigned char *p, db_header_t *head ); void fromData(QByteArray &ba, int version); void setAsPreDefined() { pre_defined = true; } QString comboText() const; QByteArray toData() const; QString toB64Data() { return QString::fromLatin1(toData().toBase64()); } bool compare(const pki_base *ref) const; void writeTemp(XFile &file) const; QVariant getIcon(const dbheader *hd) const; QString getMsg(msg_type msg) const; x509name getSubject() const; void setSubject(x509name n) { xname = n; } BIO *pem(BIO *b, int format); QByteArray toExportData() const; void fromPEM_BIO(BIO *, const QString &); void fromExportData(QByteArray data); extList fromCert(pki_x509super *cert_or_req); QSqlError insertSqlData(); QSqlError deleteSqlData(); void restoreSql(const QSqlRecord &rec); }; Q_DECLARE_METATYPE(pki_temp *); #endif xca-RELEASE.2.2.1/lib/load_obj.h0000644000175000017500000000231113614632167015402 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __LOAD_OBJ_H #define __LOAD_OBJ_H #include class pki_base; class load_base { public: QString filter; QString caption; load_base(); virtual ~load_base(); virtual pki_base *loadItem(const QString &s); virtual pki_base *newItem(); }; class load_key: public load_base { public: load_key(); pki_base *newItem(); }; class load_req: public load_base { public: load_req(); pki_base *newItem(); }; class load_cert: public load_base { public: load_cert(); pki_base *newItem(); }; class load_pkcs7: public load_base { public: load_pkcs7(); pki_base *newItem(); }; class load_pkcs12: public load_base { public: load_pkcs12(); pki_base *loadItem(const QString &s); }; class load_temp: public load_base { public: load_temp(); pki_base *newItem(); }; class load_crl: public load_base { public: load_crl(); pki_base *newItem(); }; class load_db: public load_base { public: load_db(); }; class load_pkcs11: public load_base { public: load_pkcs11(); }; class load_pem: public load_base { public: load_pem(); pki_base *newItem(); }; #endif xca-RELEASE.2.2.1/lib/x509rev.cpp0000644000175000017500000001537713614632167015426 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2012 Christian Hohnstaedt. * * All rights reserved. */ #include "x509rev.h" #include "db.h" #include "pki_base.h" #include "func.h" #include "exception.h" #include #include #include #include #include "openssl_compat.h" #ifndef CRL_REASON_UNSPECIFIED #define CRL_REASON_UNSPECIFIED 0 #define CRL_REASON_KEY_COMPROMISE 1 #define CRL_REASON_CA_COMPROMISE 2 #define CRL_REASON_AFFILIATION_CHANGED 3 #define CRL_REASON_SUPERSEDED 4 #define CRL_REASON_CESSATION_OF_OPERATION 5 #define CRL_REASON_CERTIFICATE_HOLD 6 #define CRL_REASON_REMOVE_FROM_CRL 8 #define CRL_REASON_PRIVILEGE_WITHDRAWN 9 #define CRL_REASON_AA_COMPROMISE 10 #endif static ENUMERATED_NAMES crl_reasons[] = { {CRL_REASON_UNSPECIFIED, "Unspecified", "unspecified"}, {CRL_REASON_KEY_COMPROMISE, "Key Compromise", "keyCompromise"}, {CRL_REASON_CA_COMPROMISE, "CA Compromise", "CACompromise"}, {CRL_REASON_AFFILIATION_CHANGED, "Affiliation Changed", "affiliationChanged"}, {CRL_REASON_SUPERSEDED, "Superseded", "superseded"}, {CRL_REASON_CESSATION_OF_OPERATION, "Cessation Of Operation", "cessationOfOperation"}, {CRL_REASON_CERTIFICATE_HOLD, "Certificate Hold", "certificateHold"}, {CRL_REASON_REMOVE_FROM_CRL, "Remove From CRL", "removeFromCRL"}, {CRL_REASON_PRIVILEGE_WITHDRAWN, "Privilege Withdrawn", "privilegeWithdrawn"}, {CRL_REASON_AA_COMPROMISE, "AA Compromise", "AACompromise"}, {-1, NULL, NULL} }; QStringList x509rev::crlreasons() { QStringList l; for (int i=0; crl_reasons[i].lname; i++) l << crl_reasons[i].lname; return l; } QString x509rev::getReason() const { return crl_reasons[reason_idx].lname; } static int reasonBit2Idx(int bit) { for (int i=0; crl_reasons[i].lname; i++) { if (bit == crl_reasons[i].bitnum) { return i; } } return 0; } void x509rev::fromREVOKED(const X509_REVOKED *rev) { ASN1_ENUMERATED *reason; ASN1_TIME *at; int j = -1, r; if (!rev) return; serial = a1int(X509_REVOKED_get0_serialNumber(rev)); date = a1time(X509_REVOKED_get0_revocationDate(rev)); reason = (ASN1_ENUMERATED *)X509_REVOKED_get_ext_d2i( (X509_REVOKED *)rev, NID_crl_reason, &j, NULL); openssl_error(); reason_idx = 0; if (reason) { r = ASN1_ENUMERATED_get(reason); openssl_error(); reason_idx = reasonBit2Idx(r); ASN1_ENUMERATED_free(reason); } ivalDate.setUndefined(); at = (ASN1_TIME *)X509_REVOKED_get_ext_d2i((X509_REVOKED *)rev, NID_invalidity_date, &j, NULL); openssl_error(); if (at) { ivalDate = a1time(at); ASN1_GENERALIZEDTIME_free(at); } qDebug() << *this; } X509_REVOKED *x509rev::toREVOKED(bool withReason) const { a1time i = ivalDate; a1time d = date; X509_REVOKED *rev = X509_REVOKED_new(); check_oom(rev); X509_REVOKED_set_serialNumber(rev, serial.get()); X509_REVOKED_set_revocationDate(rev, d.get_utc()); X509_REVOKED_add1_ext_i2d(rev, NID_invalidity_date, i.get(), 0, 0); /* RFC says to not add the extension if it is "unspecified" */ if (reason_idx != 0 && withReason) { ASN1_ENUMERATED *a = ASN1_ENUMERATED_new(); ASN1_ENUMERATED_set(a, crl_reasons[reason_idx].bitnum); X509_REVOKED_add1_ext_i2d(rev, NID_crl_reason, a, 0, 0); ASN1_ENUMERATED_free(a); } openssl_error(); qDebug() << *this; return rev; } void x509rev::d2i(QByteArray &ba) { X509_REVOKED *r; r = (X509_REVOKED *)d2i_bytearray(D2I_VOID(d2i_X509_REVOKED), ba); if (!r) return; fromREVOKED(r); X509_REVOKED_free(r); } QByteArray x509rev::i2d() const { QByteArray ba; X509_REVOKED *r = toREVOKED(); ba = i2d_bytearray(I2D_VOID(i2d_X509_REVOKED), r); X509_REVOKED_free(r); return ba; } void x509rev::set(const x509rev &x) { serial = x.serial; date = x.date; ivalDate = x.ivalDate; reason_idx = x.reason_idx; crlNo = x.crlNo; } bool x509rev::identical(const x509rev &x) const { return serial == x.serial && date == x.date && ivalDate == x.ivalDate && reason_idx == x.reason_idx; } x509rev::operator QString() const { return QString("Rev: %1 D:%2 I:%3 Reason: %4 '%5'\n") .arg(serial.toHex(), date.toSortable(), ivalDate.toSortable()) .arg(reason_idx).arg(crl_reasons[reason_idx].lname); } x509rev::x509rev(QSqlRecord rec, int offset) { serial.setHex(rec.value(offset).toString()); date.fromPlain(rec.value(offset +1).toString()); ivalDate.fromPlain(rec.value(offset +2).toString()); crlNo = rec.value(offset +3).toInt(); reason_idx = reasonBit2Idx(rec.value(offset +4).toInt()); qDebug() << *this; } void x509rev::executeQuery(XSqlQuery &q) { // 0 is the caId q.bindValue(1, serial.toHex()); q.bindValue(2, date.toPlain()); q.bindValue(3, ivalDate.toPlain()); q.bindValue(4, crlNo ? QVariant(crlNo) : QVariant()); q.bindValue(5, crl_reasons[reason_idx].bitnum); q.exec(); } void x509revList::fromBA(QByteArray &ba) { int i, num = db::intFromData(ba); x509rev r; clear(); merged = false; for (i=0; i #include #include #include "widgets/ExportDialog.h" #include "db_key.h" #include "db_x509super.h" #include "pki_x509.h" #include "pki_crl.h" #include "pki_temp.h" class db_x509: public db_x509super { Q_OBJECT protected: QPixmap *certicon[4]; pki_x509 *get1SelectedCert(); dbheaderList getHeaders(); void dereferenceIssuer(); public: static bool treeview; db_x509(MainWindow *mw); pki_base *newPKI(enum pki_type type = none); pki_x509 *findIssuer(pki_x509 *client); virtual void loadContainer(); bool updateView(); void updateViewAll(); void updateViewPKI(pki_base *pki); void remFromCont(const QModelIndex &idx); QList getAllIssuers(); QList getCerts(bool unrevoked); void writeIndex(const QString &fname, bool hierarchy) const; void writeIndex(XFile &file, QList items) const; pki_base *insert(pki_base *item); void markRequestSigned(pki_x509req *req, pki_x509 *cert); pki_x509 *newCert(NewX509 *dlg); void newCert(pki_x509 *cert); void writePKCS12(pki_x509 *cert, XFile &file, bool chain) const; void writePKCS7(pki_x509 *cert, XFile &file, exportType::etype type, QModelIndexList list) const; void fillContextMenu(QMenu *menu, const QModelIndex &index); void inToCont(pki_base *pki); void changeView(); a1int getUniqueSerial(pki_x509 *signer); void toToken(QModelIndex idx, bool alwaysSelect); void toRequest(QModelIndex idx); void store(QModelIndex idx); void store(QModelIndexList list); void load(); void caProperties(QModelIndex idx); void toCertificate(QModelIndex index); void manageRevocations(QModelIndex idx); void certRenewal(QModelIndexList indexes); void revoke(QModelIndexList indexes); void do_revoke(QModelIndexList indexes, const x509rev &r); void unRevoke(QModelIndexList indexes); public slots: void newItem(); void newCert(pki_temp *); void newCert(pki_x509req *); }; #endif xca-RELEASE.2.2.1/lib/asn1time.cpp0000644000175000017500000001115513614632167015713 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2012 Christian Hohnstaedt. * * All rights reserved. */ #include "base.h" #include "func.h" #include "main.h" #include "exception.h" #include #include "asn1time.h" #include #include #include #include /* As defined in rfc-5280 4.1.2.5 */ #define UNDEFINED_DATE "99991231235959Z" #define UTC_FORMAT "yyMMddHHmmss'Z'" #define GEN_FORMAT "yy" UTC_FORMAT bool a1time::isUndefined() const { return toTime_t() == 0; } a1time &a1time::setUndefined() { /* This way we handle "Jan 01, 1970 00:00:00" * like RFC-5280 undefined date. I dare it */ setTimeSpec(Qt::UTC); setTime_t(0); return *this; } int a1time::from_asn1(const ASN1_TIME *a) { ASN1_GENERALIZEDTIME *gt; QString t; *this = QDateTime(); if (!a) return -1; gt = ASN1_TIME_to_generalizedtime((ASN1_TIME*)a, NULL); if (!gt) return -1; t = QString::fromLatin1((char*)gt->data, gt->length); ASN1_GENERALIZEDTIME_free(gt); return fromPlain(t); } int a1time::fromPlain(const QString &plain) { setTimeSpec(Qt::LocalTime); if (plain == UNDEFINED_DATE) setUndefined(); else *this = fromString(plain, GEN_FORMAT); setTimeSpec(Qt::UTC); return isValid() ? 0 : -1; } int a1time::set_asn1(const QString &str, int type) { if (!atime) atime = ASN1_TIME_new(); if (!atime) return -1; atime->type = type; if (ASN1_STRING_set(atime, str.toLatin1(), str.length())) return -1; return 0; } a1time::a1time(const QDateTime &a) : QDateTime(a) { atime = NULL; } a1time::a1time(const a1time &a) : QDateTime(a) { atime = NULL; } a1time &a1time::operator = (const a1time &a) { if (atime) ASN1_TIME_free(atime); atime = NULL; QDateTime::operator=(a); return *this; } a1time::a1time() { atime = NULL; *this = now(); } a1time::a1time(const ASN1_TIME *a) { atime = NULL; from_asn1(a); } a1time::a1time(const QString &plain) { atime = NULL; fromPlain(plain); } a1time::~a1time() { if (atime) ASN1_TIME_free(atime); } ASN1_TIME *a1time::get_utc() { int year = date().year(); if (!isValid() || isUndefined() || year > 2049 || year < 1950) return get(); set_asn1(toUTC().toString(UTC_FORMAT), V_ASN1_UTCTIME); return atime; } ASN1_TIME *a1time::get() { if (isUndefined()) set_asn1(UNDEFINED_DATE, V_ASN1_GENERALIZEDTIME); else if (!isValid()) throw errorEx("Invalid Time"); else set_asn1(toUTC().toString(GEN_FORMAT), V_ASN1_GENERALIZEDTIME); return atime; } a1time &a1time::set(const ASN1_TIME *a) { from_asn1(a); return *this; } QString a1time::toString(QString fmt, Qt::TimeSpec spec) const { if (isUndefined()) return QObject::tr("Undefined"); if (!isValid()) return QObject::tr("Broken / Invalid"); return XCA_application::language().toString( spec == Qt::UTC ? toUTC() : toLocalTime(), fmt); } QString a1time::toPretty() const { QString fmt = XCA_application::language().dateTimeFormat(); return toString(fmt, Qt::LocalTime); } QString a1time::toPrettyGMT() const { return toString("yyyy-MM-dd'T'HH:mm:ss' GMT'"); } QString a1time::toSortable() const { return toString("yyyy-MM-dd"); } QString a1time::toPlain(const QString &fmt) const { if (isUndefined()) return QString(UNDEFINED_DATE); if (!isValid()) return QString("Broken-InvalidZ"); return toString(fmt.isEmpty() ? GEN_FORMAT : fmt); } qint64 a1time::age() const { return secsTo(now()); } QString a1time::toFancy() const { QString fmt("Dunno"); qint64 diff = age(); int dtn = toLocalTime().daysTo(now().toLocalTime()); bool future = false; if (diff < 0) { future = true; diff *= -1; } if (diff < 2 * SECS_PER_MINUTE) { fmt = future ? QObject::tr("in %1 seconds") : QObject::tr("%1 seconds ago"); } else if (diff < 2 *SECS_PER_HOUR) { diff /= SECS_PER_MINUTE; fmt = future ? QObject::tr("in %1 minutes") : QObject::tr("%1 minutes ago"); } else if (dtn == 1) { return QObject::tr("Yesterday"); } else if (dtn == -1) { return QObject::tr("Tomorrow"); } else if (diff < SECS_PER_DAY) { diff /= SECS_PER_HOUR; fmt = future ? QObject::tr("in %1 hours") : QObject::tr("%1 hours ago"); } else { return XCA_application::language().toString(date(), QLocale::ShortFormat); } return fmt.arg(diff); } QString a1time::toPlainUTC() const { return toPlain(UTC_FORMAT); } QDateTime a1time::now(int delta) { return QDateTime::currentDateTime().toUTC().addSecs(delta); } void a1time::d2i(QByteArray &ba) { ASN1_TIME *n = (ASN1_TIME*)d2i_bytearray( D2I_VOID(d2i_ASN1_TIME), ba); openssl_error(); if (n) { from_asn1(n); ASN1_TIME_free(n); } } QByteArray a1time::i2d() { get(); return i2d_bytearray(I2D_VOID(i2d_ASN1_TIME), atime); } xca-RELEASE.2.2.1/lib/db_key.cpp0000644000175000017500000002362013614632167015427 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #include "db_key.h" #include "pki_evp.h" #include "pki_scard.h" #include #include #include #include #include #include #include #include "exception.h" #include "ui_NewKey.h" #include "pkcs11.h" #include "widgets/PwDialog.h" #include "widgets/ExportDialog.h" #include "widgets/KeyDetail.h" #include "widgets/NewKey.h" db_key::db_key(MainWindow *mw) :db_base(mw) { class_name = "keys"; sqlHashTable = "public_keys"; pkitype << asym_key << smartCard; updateHeaders(); loadContainer(); } void db_key::loadContainer() { XSqlQuery q; db_base::loadContainer(); FOR_ALL_pki(key, pki_key) key->setUcount(0); SQL_PREPARE(q, "SELECT pkey, COUNT(*) FROM x509super WHERE pkey IS NOT NULL GROUP by pkey"); q.exec(); while (q.next()) { pki_key *key = lookupPki(q.value(0)); if (!key) { qDebug() << "Unknown key" << q.value(0).toULongLong(); continue; } key->setUcount(q.value(1).toInt()); } MainWindow::dbSqlError(q.lastError()); } dbheaderList db_key::getHeaders() { dbheaderList h = db_base::getHeaders(); h << new dbheader(HD_key_type, true, tr("Type")) << new num_dbheader(HD_key_size, true, tr("Size")) << #ifndef OPENSSL_NO_EC new dbheader(HD_key_curve, false,tr("EC Group")) << #endif new num_dbheader(HD_key_use, true, tr("Use")) << new dbheader(HD_key_passwd, true, tr("Password")); return h; } pki_base *db_key::newPKI(enum pki_type type) { if (type == asym_key) return new pki_evp(""); return new pki_scard(""); } QList db_key::getAllKeys() { return sqlSELECTpki("SELECT item from public_keys"); } QList db_key::getUnusedKeys() { return sqlSELECTpki("SELECT public_keys.item FROM public_keys " "LEFT OUTER JOIN x509super ON x509super.pkey= public_keys.item " "WHERE x509super.item IS NULL"); } void db_key::remFromCont(const QModelIndex &idx) { db_base::remFromCont(idx); XSqlQuery q; /* "pkey" column in "x509super" table already updated * in deleteSql() */ QList items = sqlSELECTpki( "SELECT item FROM x509super WHERE pkey is NULL"); foreach(pki_x509super *x509s, items) { x509s->setRefKey(NULL); } /* "UPDATE x509super SET pkey=NULL WHERE pkey=?" done in * pki->deleteSqlData() */ } void db_key::inToCont(pki_base *pki) { db_base::inToCont(pki); pki_key *key = static_cast(pki); unsigned hash = key->hash(); QList items = sqlSELECTpki( "SELECT item FROM x509super WHERE pkey IS NULL AND key_hash=?", QList() << QVariant(hash)); XSqlQuery q; SQL_PREPARE(q, "UPDATE x509super SET pkey=? WHERE item=?"); q.bindValue(0, key->getSqlItemId()); foreach(pki_x509super *x509s, items) { if (!x509s->compareRefKey(key)) continue; /* Found item matching this key */ x509s->setRefKey(key); q.bindValue(1, x509s->getSqlItemId()); AffectedItems(x509s->getSqlItemId()); q.exec(); mainwin->dbSqlError(q.lastError()); } } pki_base* db_key::insert(pki_base *item) { pki_key *lkey = static_cast(item); pki_key *oldkey; oldkey = static_cast(getByReference(lkey)); if (oldkey != NULL) { if ((oldkey->isPrivKey() && lkey->isPrivKey()) || lkey->isPubKey()){ XCA_INFO( tr("The key is already in the database as:\n'%1'\nand is not going to be imported").arg(oldkey->getIntName())); delete(lkey); return NULL; } else { XCA_INFO( tr("The database already contains the public part of the imported key as\n'%1\nand will be completed by the new, private part of the key").arg(oldkey->getIntName())); lkey->setComment(oldkey->getComment()); lkey->selfComment(tr("Extending public key from %1 by imported key '%2'") .arg(oldkey->getInsertionDate().toPretty()) .arg(lkey->getIntName())); lkey->setIntName(oldkey->getIntName()); deletePKI(index(oldkey->row(), 0, QModelIndex())); } } insertPKI(lkey); return lkey; } void db_key::newItem() { newItem(""); } void db_key::newItem(QString name) { NewKey *dlg = new NewKey(qApp->activeWindow(), name); QProgressBar *bar; QStatusBar *status = mainwin->statusBar(); pki_evp *nkey = NULL; pki_scard *cardkey = NULL; pki_key *key = NULL; if (!dlg->exec()) { delete dlg; return; } int ksize = dlg->getKeysize(); #ifndef OPENSSL_NO_EC if (dlg->getKeytype() != EVP_PKEY_EC) #endif { if (ksize < 32) { XCA_WARN(tr("Key size too small !")); delete dlg; return; } if (ksize < 1024 || ksize > 8192) if (!XCA_YESNO(tr("You are sure to create a key of the size: %1 ?").arg(ksize))) { delete dlg; return; } } mainwin->repaint(); bar = new QProgressBar(); status->addPermanentWidget(bar, 1); try { if (dlg->isToken()) { key = cardkey = new pki_scard(dlg->keyDesc->text()); cardkey->generateKey_card(dlg->getKeytype(), dlg->getKeyCardSlot(), ksize, dlg->getKeyCurve_nid(), bar); } else { key = nkey = new pki_evp(dlg->keyDesc->text()); nkey->generate(ksize, dlg->getKeytype(), bar, dlg->getKeyCurve_nid()); } key->pkiSource = generated; key = (pki_key*)insert(key); emit keyDone(key); createSuccess(key); } catch (errorEx &err) { delete key; mainwin->Error(err); } if (dlg->rememberDefault->isChecked()) { QString def = dlg->getAsString(); if (dlg->setDefault(def) == 0) Settings["defaultkey"] = def; } status->removeWidget(bar); delete bar; delete dlg; } void db_key::load(void) { load_key l; load_default(l); } void db_key::showPki(pki_base *pki) { pki_key *key = dynamic_cast(pki); if (!key) return; KeyDetail *dlg = new KeyDetail(mainwin); if (!dlg) return; dlg->setKey(key); if (dlg->exec()) { QString newname = dlg->keyDesc->text(); QString newcomment = dlg->comment->toPlainText(); if (newname != pki->getIntName() || newcomment != pki->getComment()) { updateItem(pki, newname, newcomment); } } delete dlg; } exportType::etype db_key::clipboardFormat(QModelIndexList indexes) const { QList types; bool allPriv = true; bool ssh2compatible = true; foreach(QModelIndex idx, indexes) { pki_key *key = static_cast (idx.internalPointer()); if (key->isPubKey() || key->isToken()) allPriv = false; if (!key->SSH2_compatible()) ssh2compatible = false; } if (!allPriv && !ssh2compatible) return exportType::PEM_key; types << exportType(exportType::PEM_key, "pem", tr("PEM public")); if (ssh2compatible) types << exportType(exportType::SSH2_public, "pub", tr("SSH2 public")); if (allPriv) types << exportType(exportType::PEM_private, "pem", tr("PEM private")) << exportType(exportType::PKCS8, "pk8", "PKCS#8"); ExportDialog *dlg = new ExportDialog(mainwin, tr("Export keys to Clipboard"), QString(), NULL, MainWindow::keyImg, types); dlg->filename->setText(tr("Clipboard")); dlg->filename->setEnabled(false); dlg->fileBut->setEnabled(false); if (!dlg->exec()) { delete dlg; return exportType::Separator; } return dlg->type(); } void db_key::store(QModelIndex index) { const EVP_CIPHER *algo = NULL, *encrypt = EVP_aes_256_cbc(); QString title = tr("Export public key [%1]"); QList types; if (!index.isValid()) return; pki_key *key =static_cast(index.internalPointer()); pki_evp *privkey = (pki_evp *)key; types << exportType(exportType::PEM_key, "pem", tr("PEM public")) << exportType(exportType::DER_key, "der", tr("DER public")); if (key->SSH2_compatible()) types << exportType(exportType::SSH2_public, "pub", tr("SSH2 public")); if (!key->isPubKey() && !key->isToken()) { QList usual; types << exportType(exportType::DER_private, "der", tr("DER private")) << exportType(exportType::PEM_private_encrypt, "pem", tr("PEM encryped")) << exportType(exportType::PKCS8, "pk8", "PKCS#8"); usual << exportType(exportType::PEM_private, "pem", tr("PEM private")) << exportType(exportType::PKCS8_encrypt, "pk8", tr("PKCS#8 encrypted")); title = tr("Export private key [%1]"); types = usual << exportType() << types; } ExportDialog *dlg = new ExportDialog(mainwin, title.arg(key->getTypeString()), tr("Private Keys ( *.pem *.der *.pk8 );; " "SSH Public Keys ( *.pub )"), key, key->isToken() ? MainWindow::scardImg : MainWindow::keyImg, types); if (!dlg->exec()) { delete dlg; return; } try { exportType::etype type = dlg->type(); pki_base::pem_comment = dlg->pemComment->isChecked(); XFile file(dlg->filename->text()); switch (type) { case exportType::DER_key: case exportType::PEM_key: case exportType::SSH2_public: file.open_write(); break; default: file.open_key(); } switch (type) { case exportType::DER_key: key->writePublic(file, false); break; case exportType::DER_private: privkey->writeKey(file, NULL, NULL, false); break; case exportType::PEM_key: key->writePublic(file, true); break; case exportType::PEM_private_encrypt: algo = encrypt; /* fallthrough */ case exportType::PEM_private: privkey->writeKey(file, algo, PwDialog::pwCallback, true); break; case exportType::PKCS8_encrypt: algo = encrypt; /* fallthrough */ case exportType::PKCS8: privkey->writePKCS8(file, algo, PwDialog::pwCallback, true); break; case exportType::SSH2_public: key->writeSSH2public(file); break; default: exit(1); } } catch (errorEx &err) { mainwin->Error(err); } pki_base::pem_comment = false; delete dlg; } void db_key::setOwnPass(QModelIndex idx, enum pki_key::passType x) { pki_evp *targetKey; enum pki_key::passType old_type; if (!idx.isValid()) return; targetKey = static_cast(idx.internalPointer()); if (targetKey->isToken()) { throw errorEx(tr("Tried to change password of a token")); } old_type = targetKey->getOwnPass(); targetKey->setOwnPass(x); if (!targetKey->sqlUpdatePrivateKey()) targetKey->setOwnPass(old_type); } xca-RELEASE.2.2.1/lib/pk11_attribute.h0000644000175000017500000001232613614632167016477 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2009 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_PKCS11_ATTRIBUTE_H #define __PKI_PKCS11_ATTRIBUTE_H #include #include #include #include "opensc-pkcs11.h" #include "exception.h" #define UTF8QSTRING(x,s) QString::fromUtf8((const char*)(x), s).trimmed() #define ASCIIQSTRING(x,s) QString::fromLatin1((const char*)(x), s).trimmed() class pk11_attlist; class pk11_attribute { friend class pk11_attlist; protected: CK_ATTRIBUTE attr; public: pk11_attribute(unsigned long type) { memset(&attr, 0, sizeof(attr)); attr.type = type; } virtual ~pk11_attribute() { } const CK_ATTRIBUTE *getAttribute() const { return &attr; } unsigned long type() const { return attr.type; } QByteArray getData() const { return QByteArray((char*)attr.pValue, attr.ulValueLen); } virtual void store(slotid slot, CK_SESSION_HANDLE sess, CK_OBJECT_HANDLE obj); virtual void load(slotid slot, CK_SESSION_HANDLE sess, CK_OBJECT_HANDLE obj); bool cmp(const pk11_attribute &other) const { return (attr.type == other.attr.type) && (attr.ulValueLen == other.attr.ulValueLen) && !memcmp(attr.pValue, other.attr.pValue, attr.ulValueLen); } bool operator == (const pk11_attribute &other) const { return cmp(other); } }; class pk11_attr_bool: public pk11_attribute { protected: unsigned char value; public: pk11_attr_bool(unsigned long type, bool v = false) :pk11_attribute(type) { attr.pValue = &value; attr.ulValueLen = sizeof(value); setValue(v); } pk11_attr_bool(const pk11_attr_bool &p) :pk11_attribute(p.type()) { attr.pValue = &value; attr.ulValueLen = sizeof(value); setValue(p.value); } bool getValue() const { return value ? true : false; } void setValue(unsigned long v) { value = v ? 1 : 0; } }; class pk11_attr_ulong: public pk11_attribute { protected: unsigned long value; public: pk11_attr_ulong(unsigned long type, unsigned long v = 0) :pk11_attribute(type) { attr.pValue = &value; attr.ulValueLen = sizeof(value); setValue(v); } pk11_attr_ulong(const pk11_attr_ulong &p) :pk11_attribute(p.type()) { attr.pValue = &value; attr.ulValueLen = sizeof(value); setValue(p.value); } unsigned long getValue() const { return value; } void setValue(unsigned long v) { value = v; } }; class pk11_attr_data: public pk11_attribute { public: pk11_attr_data() :pk11_attribute(0) { } pk11_attr_data(unsigned long type, const unsigned char *v = NULL, unsigned long len = 0) :pk11_attribute(type) { setValue(v, len); } pk11_attr_data(const pk11_attr_data &p) :pk11_attribute(p.type()) { const unsigned char *ptr; unsigned long size = p.getValue(&ptr); setValue(ptr, size); } pk11_attr_data(unsigned long type, QByteArray ba) :pk11_attribute(type) { setValue((const unsigned char *)ba.constData(), ba.size()); } pk11_attr_data(unsigned long type, BIGNUM *bn, bool consume=true) :pk11_attribute(type) { setBignum(bn, consume); } pk11_attr_data(unsigned long type, const BIGNUM *bn) :pk11_attribute(type) { setConstBignum(bn); } pk11_attr_data(unsigned long type, unsigned long value) :pk11_attribute(type) { setULong(value); } void setULong(unsigned long value) { BIGNUM *bn = BN_new(); check_oom(bn); check_oom(BN_set_word(bn, value)); setBignum(bn, true); } unsigned long getValue(const unsigned char **ptr) const { *ptr = (const unsigned char*)attr.pValue; return attr.ulValueLen; } ~pk11_attr_data() { if (attr.pValue) { memset(attr.pValue, 0, attr.ulValueLen); free(attr.pValue); } } QString getText() const { unsigned long len = attr.ulValueLen; char *p = (char*)attr.pValue; /* Fixup 0 padded attributes, returned by some broken libs like OpenLimit */ while (p[len-1] == 0 && len > 0) len--; return UTF8QSTRING(attr.pValue, len); } BIGNUM *getBignum() const { return BN_bin2bn((unsigned char*)attr.pValue, attr.ulValueLen, NULL); } void setBignum(BIGNUM *bn, bool consume=true); void setConstBignum(const BIGNUM *bn); void load(slotid slot, CK_SESSION_HANDLE sess, CK_OBJECT_HANDLE obj); void setValue(const unsigned char *ptr, unsigned long len); pk11_attr_data &operator = (const pk11_attr_data &p) { const unsigned char *ptr; unsigned long size = p.getValue(&ptr); attr.type = p.attr.type; setValue(ptr, size); return *this; } }; class pk11_attlist { private: CK_ATTRIBUTE *attributes; unsigned long attlen; unsigned long alloc_len; void init() { attlen = 0; alloc_len = 0; attributes = NULL; } public: pk11_attlist() { init(); } pk11_attlist(const pk11_attlist &a); pk11_attlist(const pk11_attribute &a) { init(); addAttribute(a); } ~pk11_attlist(); unsigned long get(CK_ATTRIBUTE **attp) { *attp = attributes; return attlen; } void addAttribute(const pk11_attribute &a); pk11_attlist &operator << (const pk11_attribute &a) { addAttribute(a); return *this; } CK_ATTRIBUTE *getAttributes() { return attributes; } unsigned long length() { return attlen; } pk11_attlist &operator = (const pk11_attlist &a) { copy(a); return *this; } void copy(const pk11_attlist &a); void reset(); }; #endif xca-RELEASE.2.2.1/lib/pki_key.cpp0000644000175000017500000004274713614632167015640 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2009 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "pki_key.h" #include "func.h" #include "db.h" #include #include #include #include #include #include "widgets/PwDialog.h" #include "openssl_compat.h" builtin_curves pki_key::builtinCurves; pki_key::pki_key(const QString name) :pki_base(name) { key = EVP_PKEY_new(); key_size = 0; isPub = true; useCount = -1; } pki_key::pki_key(const pki_key *pk) :pki_base(pk->desc) { if (pk->key) { QByteArray ba = i2d_bytearray(I2D_VOID(i2d_PUBKEY), pk->key); key = NULL; d2i(ba); sqlItemId = pk->sqlItemId; } else { key = EVP_PKEY_new(); } key_size = pk->key_size; useCount = -1; } pki_key::~pki_key() { if (key) EVP_PKEY_free(key); } void pki_key::autoIntName(const QString &file) { pki_base::autoIntName(file); if (!getIntName().isEmpty()) return; setIntName(QString("%1 %2%3").arg(length(), getTypeString(), isPubKey() ? QString(" ") + tr("Public key") : QString())); } void pki_key::d2i(QByteArray &ba) { EVP_PKEY *k = (EVP_PKEY*)d2i_bytearray(D2I_VOID(d2i_PUBKEY), ba); pki_openssl_error(); if (k) { if (key) EVP_PKEY_free(key); key = k; } } void pki_key::d2i_old(QByteArray &ba, int type) { const unsigned char *p, *p1; p = p1 = (const unsigned char *)ba.constData(); EVP_PKEY *k = d2i_PublicKey(type, NULL, &p1, ba.count()); pki_openssl_error(); if (k) { if (key) EVP_PKEY_free(key); key = k; } ba = ba.mid(p1-p); } QByteArray pki_key::i2d() const { return i2d_bytearray(I2D_VOID(i2d_PUBKEY), key); } BIO *pki_key::pem(BIO *b, int format) { EVP_PKEY *pkey; QByteArray ba; int keytype; if (!b) b = BIO_new(BIO_s_mem()); switch (format) { case exportType::SSH2_public: ba = SSH2publicQByteArray(); BIO_write(b, ba.data(), ba.size()); break; case exportType::PEM_private: pkey = decryptKey(); keytype = EVP_PKEY_id(pkey); switch (keytype) { case EVP_PKEY_RSA: PEM_write_bio_RSAPrivateKey(b, EVP_PKEY_get0_RSA(pkey), NULL, NULL, 0, NULL, NULL); break; case EVP_PKEY_DSA: PEM_write_bio_DSAPrivateKey(b, EVP_PKEY_get0_DSA(pkey), NULL, NULL, 0, NULL, NULL); break; #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: PEM_write_bio_ECPrivateKey(b, EVP_PKEY_get0_EC_KEY(pkey), NULL, NULL, 0, NULL, NULL); break; #endif } EVP_PKEY_free(pkey); break; case exportType::PKCS8: pkey = decryptKey(); PEM_write_bio_PrivateKey(b, pkey, NULL, NULL, 0, NULL, NULL); EVP_PKEY_free(pkey); break; case exportType::PEM_key: PEM_write_bio_PUBKEY(b, key); break; } return b; } QString pki_key::length() const { bool dsa_unset = false; if (EVP_PKEY_id(key) == EVP_PKEY_DSA) { const BIGNUM *p = NULL; DSA *dsa = EVP_PKEY_get0_DSA(key); if (dsa) DSA_get0_pqg(dsa, &p, NULL, NULL); dsa_unset = p == NULL; } if (dsa_unset) return QString("???"); return QString("%1 bit").arg(EVP_PKEY_bits(key)); } /* getKeyTypeString() returns RSA * getTypeString() returns RSA or "Token RSA" for tokens */ QString pki_key::getKeyTypeString() const { QString type; switch (EVP_PKEY_type(getKeyType())) { case EVP_PKEY_RSA: type = "RSA"; break; case EVP_PKEY_DSA: type = "DSA"; break; case EVP_PKEY_EC: type = "EC"; break; default: type = "---"; } return type; } QString pki_key::getTypeString() const { return getKeyTypeString(); } QString pki_key::getMsg(msg_type msg) const { /* * We do not construct english sentences (just a little bit) * from fragments to allow proper translations. * The drawback are all the slightly different duplicated messages * * %1 will be replaced by "RSA", "DSA", "EC" * %2 is the internal name of the key */ QString ktype = getTypeString(); if (isPubKey()) { switch (msg) { case msg_import: return tr("Successfully imported the %1 public key '%2'").arg(ktype); case msg_delete: return tr("Delete the %1 public key '%2'?").arg(ktype); default: break; } } else { switch (msg) { case msg_import: return tr("Successfully imported the %1 private key '%2'").arg(ktype); case msg_delete: return tr("Delete the %1 private key '%2'?").arg(ktype); case msg_create: return tr("Successfully created the %1 private key '%2'").arg(ktype); default: break; } } if (msg == msg_delete_multi) { /* %1: Number of keys; %2: list of keynames */ return tr("Delete the %1 keys: %2?"); } return pki_base::getMsg(msg); } QString pki_key::comboText() const { return QString("%1 (%2:%3%4)").arg(getIntName()).arg(getTypeString()). arg(length()).arg(isPubKey() ? QString(" ") + tr("Public key") : QString("")); } bool pki_key::isToken() { return false; } bool pki_key::isPrivKey() const { return !isPubKey(); } int pki_key::getUcount() const { XSqlQuery q; if (useCount != -1) return useCount; int size = -1; SQL_PREPARE(q, "SELECT COUNT(*) FROM x509super WHERE pkey=?"); q.bindValue(0, sqlItemId); q.exec(); if (q.first()) size = q.value(0).toInt(); else qDebug("Failed to get key count for %s", CCHAR(getIntName())); MainWindow::dbSqlError(q.lastError()); useCount = size; return size; } int pki_key::getKeyType() const { return EVP_PKEY_id(key); } QString pki_key::modulus() const { if (getKeyType() == EVP_PKEY_RSA) { const BIGNUM *n = NULL; RSA *rsa = EVP_PKEY_get0_RSA(key); RSA_get0_key(rsa, &n, NULL, NULL); return BN2QString(n); } return QString(); } QString pki_key::pubEx() const { if (getKeyType() == EVP_PKEY_RSA) { const BIGNUM *e = NULL; RSA *rsa = EVP_PKEY_get0_RSA(key); RSA_get0_key(rsa, NULL, &e, NULL); return BN2QString(e); } return QString(); } QString pki_key::subprime() const { if (getKeyType() == EVP_PKEY_DSA) { const BIGNUM *q = NULL; DSA *dsa = EVP_PKEY_get0_DSA(key); if (dsa) DSA_get0_pqg(dsa, NULL, &q, NULL); return BN2QString(q); } return QString(); } QString pki_key::pubkey() const { if (getKeyType() == EVP_PKEY_DSA) { const BIGNUM *pubkey = NULL; DSA *dsa = EVP_PKEY_get0_DSA(key); if (dsa) DSA_get0_key(dsa, &pubkey, NULL); return BN2QString(pubkey); } return QString(); } #ifndef OPENSSL_NO_EC int pki_key::ecParamNid() const { const EC_KEY *ec; if (getKeyType() != EVP_PKEY_EC) return NID_undef; ec = EVP_PKEY_get0_EC_KEY(key); return EC_GROUP_get_curve_name(EC_KEY_get0_group(ec)); } BIGNUM *pki_key::ecPubKeyBN() const { if (getKeyType() != EVP_PKEY_EC) return NULL; const EC_KEY *ec = EVP_PKEY_get0_EC_KEY(key); return EC_POINT_point2bn(EC_KEY_get0_group(ec), EC_KEY_get0_public_key(ec), EC_KEY_get_conv_form(ec), NULL, NULL); } QString pki_key::ecPubKey() const { QString pub; BIGNUM *pub_key = ecPubKeyBN(); if (pub_key) { pub = BN2QString(pub_key); BN_free(pub_key); } return pub; } #endif QList pki_key::possibleHashNids() { QList nids; switch (EVP_PKEY_type(getKeyType())) { case EVP_PKEY_RSA: nids << NID_md5 << NID_sha1 << NID_sha224 << NID_sha256 << NID_sha384 << NID_sha512 << NID_ripemd160; break; case EVP_PKEY_DSA: nids << NID_sha1; #if OPENSSL_VERSION_NUMBER >= 0x10000000L nids << NID_sha256; #endif break; case EVP_PKEY_EC: nids << NID_sha1; #if OPENSSL_VERSION_NUMBER >= 0x10000000L nids << NID_sha224 << NID_sha256 << NID_sha384 << NID_sha512; #endif break; } return nids; }; bool pki_key::compare(const pki_base *ref) const { const pki_key *kref = (pki_key *)ref; if (kref->getKeyType() != getKeyType()) return false; if (!kref || !kref->key || !key) return false; int r = EVP_PKEY_cmp(key, kref->key); pki_openssl_error(); return r == 1; } void pki_key::writePublic(XFile &file, bool pem) const { if (pem) { PEM_file_comment(file); PEM_write_PUBKEY(file.fp(), key); } else { i2d_PUBKEY_fp(file.fp(), key); } pki_openssl_error(); } QString pki_key::BNoneLine(BIGNUM *bn) const { QString x; if (bn) { char *hex = BN_bn2hex(bn); x = hex; OPENSSL_free(hex); pki_openssl_error(); } return x; } QString pki_key::BN2QString(const BIGNUM *bn) const { if (bn == NULL) return "--"; QString x=""; char zs[10]; int j, size = BN_num_bytes(bn); unsigned char *buf = (unsigned char *)OPENSSL_malloc(size); check_oom(buf); BN_bn2bin(bn, buf); for (j = 0; j< size; j++) { sprintf(zs, "%02X%c",buf[j], ((j+1)%16 == 0) ? '\n' : jid) { case HD_key_type: return QVariant(getTypeString()); case HD_key_size: return QVariant(length()); case HD_key_use: return QVariant(getUcount()); case HD_key_passwd: if (isPubKey()) return QVariant(tr("No password")); if (ownPass<0 || ownPass>3) return QVariant("Holla die Waldfee"); return QVariant(sl[ownPass]); case HD_key_curve: QString r; #ifndef OPENSSL_NO_EC if (getKeyType() == EVP_PKEY_EC) r = OBJ_nid2sn(ecParamNid()); #endif return QVariant(r); } return pki_base::column_data(hd); } QSqlError pki_key::insertSqlData() { unsigned myhash = hash(); XSqlQuery q; QList list; SQL_PREPARE(q, "SELECT item FROM x509super WHERE key_hash=? AND " "pkey IS NULL"); q.bindValue(0, myhash); q.exec(); if (q.lastError().isValid()) return q.lastError(); while (q.next()) { pki_x509super *x; x = db_base::lookupPki(q.value(0)); if (!x) { qDebug("X509 Super class with id %d not found", q.value(0).toInt()); continue; } if (x->compareRefKey(this)) { x->setRefKey(this); list << x; } } q.finish(); SQL_PREPARE(q, "UPDATE x509super SET pkey=? WHERE item=?"); q.bindValue(0, sqlItemId); foreach(pki_x509super* x, list) { q.bindValue(1, x->getSqlItemId()); q.exec(); AffectedItems(x->getSqlItemId()); if (q.lastError().isValid()) return q.lastError(); } q.finish(); SQL_PREPARE(q, "INSERT INTO public_keys (item, type, hash, len, \"public\") " "VALUES (?, ?, ?, ?, ?)"); q.bindValue(0, sqlItemId); q.bindValue(1, getKeyTypeString()); q.bindValue(2, myhash); q.bindValue(3, EVP_PKEY_bits(key)); q.bindValue(4, i2d_b64()); q.exec(); return q.lastError(); } void pki_key::restoreSql(const QSqlRecord &rec) { pki_base::restoreSql(rec); QByteArray ba = QByteArray::fromBase64( rec.value(VIEW_public_keys_public).toByteArray()); d2i(ba); key_size = rec.value(VIEW_public_keys_len).toInt(); } QSqlError pki_key::deleteSqlData() { XSqlQuery q; QSqlError e; SQL_PREPARE(q, "DELETE FROM public_keys WHERE item=?"); q.bindValue(0, sqlItemId); q.exec(); e = q.lastError(); if (e.isValid()) return e; SQL_PREPARE(q, "UPDATE x509super SET pkey=NULL WHERE pkey=?"); q.bindValue(0, sqlItemId); AffectedItems(sqlItemId); q.exec(); return q.lastError(); } void pki_key::ssh_key_check_chunk(QByteArray *ba, const char *expect) const { QByteArray chunk = ssh_key_next_chunk(ba); if (chunk != expect) throw errorEx(tr("Unexpected SSH2 content: '%1'") .arg(QString(chunk))); } BIGNUM *pki_key::ssh_key_data2bn(QByteArray *ba) const { QByteArray chunk = ssh_key_next_chunk(ba); BIGNUM *bn = BN_bin2bn((const unsigned char *)chunk.constData(), chunk.size(), NULL); check_oom(bn); return bn; } QByteArray pki_key::ssh_key_next_chunk(QByteArray *ba) const { QByteArray chunk; const char *d; int len; if (!ba || ba->size() < 4) throw errorEx(tr("Invalid SSH2 public key")); d = ba->constData(); len = (d[0] << 24) + (d[1] << 16) + (d[2] << 8) + d[3]; if (ba->size() < len + 4) throw errorEx(tr("Invalid SSH2 public key")); chunk = ba->mid(4, len); ba->remove(0, len +4); return chunk; } EVP_PKEY *pki_key::load_ssh2_key(XFile &file) { /* See RFC 4253 Section 6.6 */ QByteArray ba; QStringList sl; EVP_PKEY *pk = NULL; ba = file.read(4096); sl = QString(ba).split(" ", QString::SkipEmptyParts); if (sl.size() < 2) return NULL; ba = QByteArray::fromBase64(sl[1].toLatin1()); if (sl[0].startsWith("ssh-rsa")) { ssh_key_check_chunk(&ba, "ssh-rsa"); BIGNUM *e = ssh_key_data2bn(&ba); BIGNUM *n = ssh_key_data2bn(&ba); RSA *rsa = RSA_new(); check_oom(rsa); RSA_set0_key(rsa, n, e, NULL); pk = EVP_PKEY_new(); check_oom(pk); EVP_PKEY_assign_RSA(pk, rsa); } else if (sl[0].startsWith("ssh-dss")) { ssh_key_check_chunk(&ba, "ssh-dss"); BIGNUM *p = ssh_key_data2bn(&ba); BIGNUM *q = ssh_key_data2bn(&ba); BIGNUM *g = ssh_key_data2bn(&ba); BIGNUM *pubkey = ssh_key_data2bn(&ba); DSA *dsa = DSA_new(); check_oom(dsa); DSA_set0_pqg(dsa, p, q, g); DSA_set0_key(dsa, pubkey, NULL); pk = EVP_PKEY_new(); check_oom(pk); EVP_PKEY_assign_DSA(pk, dsa); #ifndef OPENSSL_NO_EC } else if (sl[0].startsWith("ecdsa-sha2-nistp256")) { EC_KEY *ec; /* Skip "ecdsa-sha2..." */ ssh_key_check_chunk(&ba, "ecdsa-sha2-nistp256"); ssh_key_check_chunk(&ba, "nistp256"); BIGNUM *bn = ssh_key_data2bn(&ba); ec = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); check_oom(ec); EC_KEY_set_asn1_flag(ec, OPENSSL_EC_NAMED_CURVE); EC_KEY_set_public_key(ec, EC_POINT_bn2point( EC_KEY_get0_group(ec), bn, NULL, NULL)); BN_free(bn); pki_openssl_error(); pk = EVP_PKEY_new(); check_oom(pk); EVP_PKEY_assign_EC_KEY(pk, ec); #endif } else { throw errorEx(tr("Unexpected SSH2 content: '%1'").arg(sl[0])); } if (sl.size() > 2 && pk) setComment(sl[2].section('\n', 0, 0)); return pk; } void pki_key::ssh_key_QBA2data(const QByteArray &ba, QByteArray *data) const { int size = ba.size(); unsigned char p[4]; p[0] = (size >> 24) & 0xff; p[1] = (size >> 16) & 0xff; p[2] = (size >> 8) & 0xff; p[3] = size & 0xff; data->append((char*)p, sizeof p); data->append(ba); } void pki_key::ssh_key_bn2data(const BIGNUM *bn, QByteArray *data) const { QByteArray big; big.resize(BN_num_bytes(bn)); BN_bn2bin(bn, (unsigned char *)big.data()); pki_openssl_error(); if ((unsigned char)big[0] >= 0x80) big.prepend('\0'); ssh_key_QBA2data(big, data); } bool pki_key::SSH2_compatible() const { switch (getKeyType()) { #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: if (ecParamNid() != NID_X9_62_prime256v1) break; /* fall */ #endif case EVP_PKEY_RSA: case EVP_PKEY_DSA: return true; } return false; } QByteArray pki_key::SSH2publicQByteArray(bool raw) const { QByteArray txt, data; switch (getKeyType()) { case EVP_PKEY_RSA: txt = "ssh-rsa"; ssh_key_QBA2data(txt, &data); { RSA *rsa = EVP_PKEY_get0_RSA(key); const BIGNUM *n, *e; RSA_get0_key(rsa, &n, &e, NULL); ssh_key_bn2data(e, &data); ssh_key_bn2data(n, &data); } break; case EVP_PKEY_DSA: txt = "ssh-dss"; ssh_key_QBA2data(txt, &data); { DSA *dsa = EVP_PKEY_get0_DSA(key); const BIGNUM *p, *q, *g, *pubkey; DSA_get0_pqg(dsa, &p, &q, &g); DSA_get0_key(dsa, &pubkey, NULL); ssh_key_bn2data(p, &data); ssh_key_bn2data(q, &data); ssh_key_bn2data(g, &data); ssh_key_bn2data(pubkey, &data); } break; #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: if (ecParamNid() != NID_X9_62_prime256v1) return QByteArray(); txt = "ecdsa-sha2-nistp256"; ssh_key_QBA2data(txt, &data); ssh_key_QBA2data("nistp256", &data); { BIGNUM *bn = ecPubKeyBN(); ssh_key_bn2data(bn, &data); BN_free(bn); } pki_openssl_error(); break; #endif default: return QByteArray(); } if (raw) return data; txt += " " + data.toBase64(); QString comm = comment.section('\n', 0, 0).simplified(); if (comm.size() > 0) txt += " " + comm.toUtf8(); return txt + "\n"; } void pki_key::writeSSH2public(XFile &file) const { QByteArray txt = SSH2publicQByteArray(); if (file.write(txt) != txt.size()) throw errorEx(tr("Failed writing to %1").arg(file.fileName())); } bool pki_key::verify(EVP_PKEY *pkey) const { bool verify = true; const BIGNUM *a = NULL; const BIGNUM *b = NULL; const BIGNUM *c = NULL; switch (EVP_PKEY_type(EVP_PKEY_id(pkey))) { case EVP_PKEY_RSA: RSA_get0_key(EVP_PKEY_get0_RSA(pkey), &a, &b, NULL); verify = a && b; break; case EVP_PKEY_DSA: DSA_get0_pqg(EVP_PKEY_get0_DSA(pkey), &a, &b, &c); verify = a && b && c; break; #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: verify = EC_KEY_check_key(EVP_PKEY_get0_EC_KEY(pkey)) == 1; break; #endif default: verify = false; } if (verify) verify = verify_priv(pkey); pki_openssl_error(); return verify; } bool pki_key::verify_priv(EVP_PKEY *) const { return true; } QString pki_key::fingerprint(const QString &format) const { const EVP_MD *md; QByteArray data; QStringList sl = format.toLower().split(" "); if (sl.size() < 2) return QString("Invalid format: %1").arg(format); if (sl[0] == "ssh") data = SSH2publicQByteArray(true); else if (sl[0] == "x509") data = X509_PUBKEY_public_key(); else if (sl[0] == "der") data = i2d_bytearray(I2D_VOID(i2d_PUBKEY), key); else return QString("Invalid format: %1").arg(sl[0]); md = EVP_get_digestbyname(CCHAR(sl[1])); if (!md) return QString("Invalid hash: %1").arg(sl[1]); if (sl.size() > 2 && sl[2] == "b64") { QString s(Digest(data, md).toBase64()); s.chop(1); return s; } return ::fingerprint(data, md); } QByteArray pki_key::X509_PUBKEY_public_key() const { X509_PUBKEY *pk = NULL; const unsigned char *p; int len; X509_PUBKEY_set(&pk, key); #if OPENSSL_VERSION_NUMBER < 0x10000000L p = pk->public_key->data; len = pk->public_key->length; #else X509_PUBKEY_get0_param(NULL, &p, &len, NULL, pk); #endif QByteArray data((const char*)p, len); X509_PUBKEY_free(pk); return data; } void pki_key::PEM_file_comment(XFile &file) const { if (!pem_comment) return; pki_base::PEM_file_comment(file); file.write(QString("%1 %2\n").arg(length(), getTypeString()) .toUtf8()); } xca-RELEASE.2.2.1/lib/Passwd.h0000644000175000017500000000072713614632167015103 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2011 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PASSWD_H #define __PASSWD_H #include class Passwd: public QByteArray { public: void cleanse(); ~Passwd(); unsigned char *constUchar() const; Passwd & operator= (const char *p) { return (Passwd&)QByteArray::operator=(p); } Passwd & operator= (const QByteArray &other) { return (Passwd&)QByteArray::operator=(other); } }; #endif xca-RELEASE.2.2.1/lib/pki_crl.h0000644000175000017500000000407513614632167015265 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_CRL_H #define __PKI_CRL_H #include #include #include "pki_x509.h" #include "x509name.h" #include "asn1time.h" #include "asn1int.h" #define VIEW_crls_num 6 #define VIEW_crls_issuer 7 #define VIEW_crls_crl 8 class pki_crl: public pki_x509name { Q_OBJECT friend class pki_x509; protected: QVariant issuerSqlId; X509_CRL *crl; extList extensions() const; public: pki_crl(const QString name = ""); ~pki_crl(); void fromPEM_BIO(BIO *bio, const QString &name); void fload(const QString &fname); QString getSigAlg() const; void writeDefault(const QString &dirname) const; static QPixmap *icon; void createCrl(const QString d, pki_x509 *iss); void addRev(const x509rev &rev, bool withReason=true); void addExt(int nid, QString value); void addV3ext(const x509v3ext &e); void sign(pki_key *key, const EVP_MD *md = EVP_md5()); void writeCrl(XFile &file, bool pem = true) const; pki_x509 *getIssuer() const; QString getIssuerName() const; void setIssuer(pki_x509 *iss); x509name getSubject() const; void setLastUpdate(const a1time &t); void setNextUpdate(const a1time &t); a1time getNextUpdate() const; a1time getLastUpdate() const; void fromData(const unsigned char *p, db_header_t *head); bool verify(pki_x509 *issuer); int numRev() const; x509revList getRevList(); QString printV3ext(); x509v3ext getExtByNid(int nid); a1int getVersion(); QVariant column_data(const dbheader *hd) const; QVariant getIcon(const dbheader *hd) const; a1time column_a1time(const dbheader *hd) const; QString getMsg(msg_type msg) const; void d2i(QByteArray &ba); QByteArray i2d() const; void setCrlNumber(a1int num); bool getCrlNumber(a1int *num) const; a1int getCrlNumber() const; BIO *pem(BIO *, int); bool visible() const; QSqlError lookupIssuer(); QSqlError insertSqlData(); QSqlError deleteSqlData(); void restoreSql(const QSqlRecord &rec); QStringList icsVEVENT() const; }; #endif xca-RELEASE.2.2.1/lib/pki_x509super.cpp0000644000175000017500000001266113614632167016624 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "func.h" #include "oid.h" #include "pki_x509super.h" #include "db_base.h" QPixmap *pki_x509super::icon[1]; pki_x509super::pki_x509super(const QString name) : pki_x509name(name) { } pki_x509super::~pki_x509super() { } QSqlError pki_x509super::lookupKey() { XSqlQuery q; unsigned hash = pubHash(); SQL_PREPARE(q, "SELECT item FROM public_keys WHERE hash=?"); q.bindValue(0, hash); q.exec(); if (q.lastError().isValid()) return q.lastError(); while (q.next()) { pki_key *x = db_base::lookupPki(q.value(0)); if (!x) { qDebug("Public key with id %d not found", q.value(0).toInt()); continue; } x->resetUcount(); if (compareRefKey(x)) { setRefKey(x); break; } } return q.lastError(); } QSqlError pki_x509super::insertSqlData() { QSqlError e = lookupKey(); if (e.isValid()) return e; XSqlQuery q; SQL_PREPARE(q, "INSERT INTO x509super (item, subj_hash, pkey, key_hash) " "VALUES (?, ?, ?, ?)"); q.bindValue(0, sqlItemId); q.bindValue(1, (uint)getSubject().hashNum()); q.bindValue(2, keySqlId); q.bindValue(3, pubHash()); q.exec(); return q.lastError(); } void pki_x509super::restoreSql(const QSqlRecord &rec) { pki_base::restoreSql(rec); keySqlId = rec.value(VIEW_x509super_keyid); } QSqlError pki_x509super::deleteSqlData() { XSqlQuery q; pki_key *privkey = getRefKey(); if (privkey) privkey->resetUcount(); SQL_PREPARE(q, "DELETE FROM x509super WHERE item=?"); q.bindValue(0, sqlItemId); q.exec(); return q.lastError(); } pki_key *pki_x509super::getRefKey() const { return db_base::lookupPki(keySqlId); } unsigned pki_x509super::pubHash() const { unsigned hash = 0; pki_key *privkey = getRefKey(); if (privkey) { hash = privkey->hash(); } else { pki_key *x = getPubKey(); if (x) { hash = x->hash(); delete x; } } return hash; } bool pki_x509super::compareRefKey(pki_key *ref) const { bool x; if (ref == NULL) return false; pki_key *mk = getPubKey(); if (mk == NULL) return false; x = ref->compare(mk); delete mk; return x; } void pki_x509super::setRefKey(pki_key *ref) { keySqlId = ref ? ref->getSqlItemId() : QVariant(); } QString pki_x509super::getSigAlg() const { return QString(OBJ_nid2ln(sigAlg())); } const EVP_MD *pki_x509super::getDigest() { return EVP_get_digestbynid(sigAlg()); } bool pki_x509super::hasPrivKey() const { pki_key *k = getRefKey(); return k && k->isPrivKey(); } QVariant pki_x509super::getIcon(const dbheader *hd) const { if (hd->id == HD_x509key_name) return hasPrivKey() ? QVariant(*icon[0]) : QVariant(); return pki_base::getIcon(hd); } QVariant pki_x509super::column_data(const dbheader *hd) const { if (hd->id == HD_x509key_name) { pki_key *privkey = getRefKey(); if (!privkey) return QVariant(""); return QVariant(privkey->getIntName()); } if (hd->id == HD_x509_sigalg) { return QVariant(getSigAlg()); } if (hd->type == dbheader::hd_v3ext || hd->type == dbheader::hd_v3ext_ns) { extList el = getV3ext(); int idx = el.idxByNid(hd->id); if (idx == -1) return QVariant(""); return QVariant(el[idx].getValue(false)); } return pki_x509name::column_data(hd); } static QString oid_sect() { QString ret; int i, max = OBJ_new_nid(0); for (i=first_additional_oid; i < max; i++) { const char *sn = OBJ_nid2sn(i); if (!sn) break; ret += QString("%1 = %2\n"). arg(OBJ_nid2sn(i)). arg(OBJ_obj2QString(OBJ_nid2obj(i), 1)); } if (!ret.isEmpty()) { ret = QString("oid_section = xca_oids\n\n" "[ xca_oids ]\n") + ret + "\n"; } return ret; } void pki_x509super::opensslConf(QString fname) { QString extensions; extList el = getV3ext(); x509name n = getSubject(); el.genGenericConf(&extensions); QString name = n.taggedValues(); QString final = oid_sect(); final += QString("[ req ]\n" "default_bits = 1024\n" "default_keyfile = privkey.pem\n" "distinguished_name = xca_dn\n" "x509_extensions = xca_extensions\n" "req_extensions = xca_extensions\n" "string_mask = MASK:0x%3\n" "utf8 = yes\n" "prompt = no\n\n" "[ xca_dn ]\n" "%1\n" "[ xca_extensions ]\n" "%2").arg(name).arg(extensions). arg(ASN1_STRING_get_default_mask(), 0, 16); XFile file(fname); file.open_write(); file.write(final.toUtf8()); } bool pki_x509super::visible() const { if (pki_x509name::visible()) return true; if (getSigAlg().contains(limitPattern)) return true; return getV3ext().search(limitPattern); } // Start class pki_x509name pki_x509name::pki_x509name(const QString name) : pki_base(name) { } void pki_x509name::autoIntName(const QString &file) { QString name = getSubject().getMostPopular(); pki_base::autoIntName(file); if (!name.isEmpty()) setIntName(name); } QVariant pki_x509name::column_data(const dbheader *hd) const { switch (hd->id) { case HD_subject_name: return QVariant(getSubject().oneLine( XN_FLAG_ONELINE & ~ASN1_STRFLGS_ESC_MSB)); case HD_subject_hash: return QVariant(getSubject().hash()); default: if (hd->type == dbheader::hd_x509name) return QVariant(getSubject().getEntryByNid(hd->id)); } return pki_base::column_data(hd); } bool pki_x509name::visible() const { if (pki_base::visible()) return true; return getSubject().search(limitPattern); } void pki_x509name::PEM_file_comment(XFile &file) const { if (!pem_comment) return; pki_base::PEM_file_comment(file); file.write(getSubject().oneLine(XN_FLAG_RFC2253).toUtf8() + "\n"); } xca-RELEASE.2.2.1/lib/openssl_compat.h0000644000175000017500000000503213614632167016662 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2017 Christian Hohnstaedt. * * All rights reserved. */ /* This header equalizes a lot of OpenSSL 1.1.0 vs. 1.0.0 API clashes by defining some macros if OpenSSL < 1.1.0 is used. This way the code is written with the new API and have much less #ifdefs */ #ifndef __OPENSS_COMPAT_XCA_H #define __OPENSS_COMPAT_XCA_H #include #if OPENSSL_VERSION_NUMBER < 0x10100000L #include #include #define RAND_bytes(buf, size) RAND_pseudo_bytes((buf), (size)) #define X509_get0_extensions(cert) ((cert)->cert_info->extensions) #define X509_get_signature_nid(cert) OBJ_obj2nid((cert)->sig_alg->algorithm) #define X509_REQ_get_signature_nid(req) OBJ_obj2nid((req)->sig_alg->algorithm) #define EVP_PKEY_set_type(key, type) ((key)->type = (type)) #define EVP_PKEY_id(pkey) ((pkey)->type) #define X509_REVOKED_get0_serialNumber(r) (r->serialNumber) #define X509_REVOKED_get0_revocationDate(r) (r->revocationDate) #define DSA_SIG_set0(dsa_sig, r, s) ((dsa_sig)->r = r, (dsa_sig)->s = s) #define RSA_set0_key(r,_n,_e,_d) ((r)->n=(_n),(r)->e=(_e),(r)->d=(_d)) #define DSA_set0_pqg(d,_p,_q,_g) ((d)->p=(_p),(d)->q=(_q),(d)->g=(_g)) #define DSA_set0_key(d,pub,priv) ((d)->pub_key=(pub),(d)->priv_key=(priv)) #define EVP_PKEY_get0_DSA(pub) ((pub)->pkey.dsa) #define EVP_PKEY_get0_RSA(pub) ((pub)->pkey.rsa) #define EVP_PKEY_get0_EC_KEY(pub) ((pub)->pkey.ec) #define EVP_PKEY_get0(p) ((p)->pkey.ptr) #define X509_CRL_get_signature_nid(crl) OBJ_obj2nid((crl)->sig_alg->algorithm) #define X509_CRL_get0_extensions(crl) ((crl)->crl->extensions) #define X509_CRL_get0_lastUpdate(crl) ((crl)->crl->lastUpdate) #define X509_CRL_get0_nextUpdate(crl) ((crl)->crl->nextUpdate) static inline void RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d) { if (n) *n = r->n; if (e) *e = r->e; if (d) *d = r->d; } static inline void DSA_get0_pqg(const DSA *d, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g) { if (p) *p = d->p; if (q) *q = d->q; if (g) *g = d->g; } static inline void DSA_get0_key(const DSA *d, const BIGNUM **pub, const BIGNUM **priv) { if (priv) *priv = d->priv_key; if (pub) *pub = d->pub_key; } static inline void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q) { if (p) *p = r->p; if (q) *q = r->q; } static inline void RSA_get0_crt_params(const RSA *r, const BIGNUM **dmp1, const BIGNUM **dmq1, const BIGNUM **iqmp) { if (dmp1) *dmp1=r->dmp1; if (dmq1) *dmq1=r->dmq1; if (iqmp) *iqmp=r->iqmp; } #endif #endif xca-RELEASE.2.2.1/lib/entropy.cpp0000644000175000017500000000752113614632167015674 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2015 Christian Hohnstaedt. * * All rights reserved. */ #include #include #include #include #include #include #include #include #include #include #include #include "func.h" #include "entropy.h" #include "openssl_compat.h" #if defined(Q_OS_WIN32) /* On Windows O_NONBLOCK is an unknown concept :-) * We don't need it anyway on that platform .... */ #define O_NONBLOCK 0 #endif /* Entropy sources for XCA * * Entropy is a very important topic for key generation. * * XCA uses the following sources for entropy: * * 1) During startup * RAND_poll() * The OpenSSL seeding mechanism. * It uses /dev/urandom where possible and the * Screen content on Windows. * * If "/dev/random" exists, it will be used for additional * 256bit entropy. Same is true for "/dev/hwrng" * * 2) Before any key or parameter generation a "reseeding" * is done. Some say reseeding is not neccessary, but * all say it does not harm. * * Entropy by Mouse and keyboard events * main.cpp: bool XCA_application::eventFilter() * 256bit from /dev/urandom (unix/Mac) * * 3) A .rnd state file in the XCA application directory * is written on exit and read on startup. * After reading it, the file will be erased to avoid replays. * * 4) When managing a token that supports C_GenerateRandom * and C_SeedRandom, XCA will seed the token and in return * seed himself from the token. */ #undef DEBUG_ENTROPY #define pool_siz (sizeof(pool)/sizeof(pool[0])) unsigned char Entropy::pool[512]; unsigned Entropy::pool_pos = 0; QTime Entropy::timer; unsigned Entropy::seed_strength = 0; void Entropy::add(int rand) { unsigned char entropy = (rand ^ timer.elapsed()) & 0xff; pool[pool_pos++ % pool_siz] = entropy; } void Entropy::add_buf(const unsigned char *buf, int buflen) { RAND_seed(buf, buflen); seed_strength += buflen; } int Entropy::get(unsigned char *buf, int num) { seed_rng(); return RAND_bytes(buf, num); } void Entropy::seed_rng() { if (pool_pos > pool_siz) pool_pos = pool_siz; RAND_seed(pool, pool_pos); seed_strength += pool_pos; #if !defined(Q_OS_WIN32) random_from_file("/dev/urandom", 32); #endif #ifdef DEBUG_ENTROPY { QDebug dbg = qDebug(); dbg << QString("Seeding %1 bytes:").arg(pool_pos); for (unsigned i=0; i 0;) { int len = read(fd, buf, amount > sizeof buf ? sizeof buf : amount); if (len > 0) { RAND_seed(buf, len); seed_strength += len / weakness; amount -= len; sum += len; } if (len == -1) { if (errno != EWOULDBLOCK) qWarning("Error '%s' while reading '%s'\n", strerror(errno), file); len = 0; } if (len == 0) break; } close(fd); #ifdef DEBUG_ENTROPY qDebug("Entropy from file '%s' = %d bytes", file, sum); #endif return sum; } unsigned Entropy::strength() { return seed_strength; } Entropy::Entropy() { timer.start(); rnd = getUserSettingsDir() + QDir::separator() + ".rnd"; random_from_file(rnd, 1024, 128); QFile::remove(rnd); // don't use it again RAND_poll(); seed_strength += 8; #if !defined(Q_OS_WIN32) random_from_file("/dev/random", 32); random_from_file("/dev/hwrng", 32); #endif } Entropy::~Entropy() { QByteArray ba = filename2bytearray(rnd); RAND_write_file(ba.constData()); #ifdef DEBUG_ENTROPY qDebug("Seed strength: %d", seed_strength); #endif } xca-RELEASE.2.2.1/lib/Makefile0000644000175000017500000000105213614632167015121 0ustar tewardteward ifeq ($(TOPDIR),) TOPDIR=.. BUILD=.. endif MOCNAMES=db_crl db_key db_temp db_x509 db_x509req db_x509super db_base db_token\ pki_temp pki_x509 pki_crl pki_x509req pki_key pki_x509super pki_pkcs12 \ pki_base pki_multi pki_evp pki_scard pass_info pki_pkcs7 main NAMES=$(MOCNAMES) asn1int oid x509rev asn1time version \ x509v3ext func load_obj x509name db settings \ pk11_attribute pkcs11 pkcs11_lib Passwd builtin_curves entropy sql OBJS=$(patsubst %, %.o, $(NAMES)) $(patsubst %, moc_%.o, $(MOCNAMES)) include $(TOPDIR)/Rules.mak sinclude .depend xca-RELEASE.2.2.1/lib/db_x509.cpp0000644000175000017500000006600113614632167015344 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "db_x509.h" #include "pki_pkcs12.h" #include "pki_pkcs7.h" #include "pki_evp.h" #include "pki_scard.h" #include "pass_info.h" #include "widgets/CertExtend.h" #include "widgets/ExportDialog.h" #include "widgets/MainWindow.h" #include "widgets/PwDialog.h" #include "widgets/RevocationList.h" #include "ui_CaProperties.h" #include #include #include #include bool db_x509::treeview = true; db_x509::db_x509(MainWindow *mw) :db_x509super(mw) { class_name = "certificates"; sqlHashTable = "certs"; pkitype << x509; pkitype_depends << x509_req; updateHeaders(); loadContainer(); } void db_x509::loadContainer() { db_x509super::loadContainer(); XSqlQuery q("SELECT item, issuer FROM certs WHERE issuer is NOT NULL"); while (q.next()) { pki_base *root = rootItem; pki_x509 *cert = lookupPki(q.value(0)); pki_x509 *issuer = lookupPki(q.value(1)); if (cert && issuer) { cert->setSigner(issuer); if (cert != issuer) root = issuer; } if (cert && cert->getParent() != root) { qDebug() << "MOVE" << cert->getIntName() << "from" << cert->getParent()->getIntName() << "to" << root->getIntName(); cert->getParent()->takeChild(cert); insertChild(root, cert); } } emit columnsContentChanged(); } dbheaderList db_x509::getHeaders() { dbheaderList h = db_x509super::getHeaders(); h << new dbheader(HD_cert_ca, true, tr("CA"), tr("reflects the basic Constraints extension")) << new num_dbheader(HD_cert_serial, true, tr("Serial")) << new num_dbheader(HD_cert_md5fp, false,tr("MD5 fingerprint")) << new num_dbheader(HD_cert_sha1fp,false,tr("SHA1 fingerprint")) << new num_dbheader(HD_cert_sha256fp,false,tr("SHA256 fingerprint")) << new date_dbheader(HD_cert_notBefore, false,tr("Start date"), tr("Not before")) << new date_dbheader(HD_cert_notAfter, true, tr("Expiry date"), tr("Not after")) << new date_dbheader(HD_cert_revocation,false, tr("Revocation")) << new date_dbheader(HD_cert_crl_expire,true, tr("CRL Expiration")); return h; } pki_base *db_x509::newPKI(enum pki_type type) { (void)type; return new pki_x509(); } QList db_x509::getAllIssuers() { /* Select X509 CA certificates with available private key */ return sqlSELECTpki("SELECT x509super.item FROM x509super " "JOIN private_keys ON x509super.pkey = private_keys.item " "JOIN certs ON certs.item = x509super.item " "WHERE certs.ca=1") + sqlSELECTpki("SELECT x509super.item FROM x509super " "JOIN tokens ON x509super.pkey = tokens.item " "JOIN certs ON certs.item = x509super.item " "WHERE certs.ca=1"); } void db_x509::remFromCont(const QModelIndex &idx) { db_x509super::remFromCont(idx); pki_base *pki = static_cast(idx.internalPointer()); pki_x509 *child; pki_base *new_parent; QList childs; while (pki->childCount()) { child = (pki_x509*)pki->childItems.takeFirst(); child->delSigner((pki_x509*)pki); new_parent = child->findIssuer(); insertChild(new_parent, child); if (new_parent) childs << child; } XSqlQuery q; SQL_PREPARE(q, "UPDATE certs SET issuer=? WHERE item=?"); foreach(pki_x509 *child, childs) { q.bindValue(0, child->getSigner()->getSqlItemId()); q.bindValue(1, child->getSqlItemId()); AffectedItems(child->getSqlItemId()); q.exec(); } mainwin->crls->removeSigner(pki); } void db_x509::changeView() { pki_base *temproot; int rows = rowCount(QModelIndex()); if (!rows) return; temproot = new pki_base(); beginRemoveRows(QModelIndex(), 0, rows -1); pki_base *pki = rootItem; pki_base *parent; while (pki->childCount()) { pki = pki->takeFirst(); while (pki != rootItem && !pki->childCount()) { parent = pki->getParent(); temproot->append(pki); pki = parent; } } endRemoveRows(); treeview = !treeview; if (treeview) mainwin->BNviewState->setText(tr("Plain View")); else mainwin->BNviewState->setText(tr("Tree View")); while ((temproot->childCount())) { pki_base *parent = rootItem; pki = temproot->takeFirst(); if (treeview) parent = static_cast(pki)->getSigner(); insertChild(parent, pki); } delete temproot; } static bool recursiveSigning(pki_x509 *cert, pki_x509 *client) { /* recursive signing check */ for (pki_x509 *s = cert->getSigner(); s; s = s->getSigner()) { if (s == s->getSigner()) { return false; } if (s == client) { qWarning() << "Recursive signing:" << s->getIntName() << "<->" << cert->getIntName(); return true; } } return false; } void db_x509::inToCont(pki_base *pki) { pki_x509 *cert = static_cast(pki); cert->setParent(NULL); pki_base *root = cert->getSigner(); if (!treeview || root == cert || root == NULL) root = rootItem; insertChild(root, cert); QList childs; QList items; unsigned pubhash = cert->pubHash(); unsigned namehash = cert->getSubject().hashNum(); x509revList revList; /* Search for another certificate (name and key) * and use its childs if we are newer */ items = sqlSELECTpki( "SELECT x509super.item FROM x509super " "JOIN public_keys ON x509super.pkey = public_keys.item " "JOIN certs ON certs.item = x509super.item " "WHERE certs.ca=1 AND x509super.subj_hash=? " "AND x509super.key_hash=?", QList() << namehash << pubhash); foreach(pki_x509 *other, items) { if (other == cert) continue; if (!other->compareNameAndKey(cert)) continue; if (cert->getNotAfter() < other->getNotAfter()) continue; foreach(pki_base *b, other->childItems) { pki_x509 *child = static_cast(b); child->delSigner(other); childs << child; } revList.merge(other->getRevList()); } /* Search rootItem childs, whether they are ours */ foreach(pki_base *b, rootItem->childItems) { pki_x509 *child = static_cast(b); if (child == cert || child->getSigner() == child) continue; if (child->verify_only(cert)) childs << child; } /* move collected childs to us */ XSqlQuery q; x509revList revokedChilds; SQL_PREPARE(q, "UPDATE certs SET issuer=? WHERE item=?"); q.bindValue(0, cert->getSqlItemId()); foreach(pki_x509 *child, childs) { int row; if (recursiveSigning(cert, child)) continue; if (!child->verify(cert)) continue; row = child->row(); if (treeview) { beginRemoveRows(index(child->getParent()), row, row); child->getParent()->takeChild(child); endRemoveRows(); insertChild(cert, child); } q.bindValue(1, child->getSqlItemId()); AffectedItems(child->getSqlItemId()); q.exec(); mainwin->dbSqlError(q.lastError()); if (child->isRevoked()) revokedChilds << child->getRevocation(); } q.finish(); revList.merge(revokedChilds); cert->setRevocations(revList); /* Update CRLs */ QList crls = sqlSELECTpki( "SELECT item FROM crls WHERE iss_hash=?", QList() << namehash); SQL_PREPARE(q, "UPDATE crls SET issuer=? WHERE item=?"); foreach(pki_crl *crl, crls) { crl->verify(cert); if (cert != crl->getIssuer()) continue; q.bindValue(0, cert->getSqlItemId()); q.bindValue(1, crl->getSqlItemId()); AffectedItems(crl->getSqlItemId()); q.exec(); mainwin->dbSqlError(q.lastError()); } } QList db_x509::getCerts(bool unrevoked) { QList c; c.clear(); FOR_ALL_pki(pki, pki_x509) { if (unrevoked && pki->isRevoked()) continue; c.append(pki); } return c; } void db_x509::writeIndex(const QString &fname, bool hierarchy) const { if (hierarchy) { QString dir = fname + "/"; dir = nativeSeparator(dir); QList issuers = sqlSELECTpki( "SELECT DISTINCT issuer FROM certs WHERE issuer != item"); foreach(pki_x509 *ca, issuers) { XFile file(dir + ca->getUnderlinedName() + ".txt"); file.open_write(); writeIndex(file, sqlSELECTpki( "SELECT item FROM certs WHERE issuer=?", QList()<getSqlItemId())) ); } } else { XFile file(fname); file.open_write(); writeIndex(file,sqlSELECTpki("SELECT item FROM certs")); } } static a1int randomSerial() { unsigned char buf[SHA512_DIGEST_LENGTH]; unsigned char md[SHA512_DIGEST_LENGTH]; Entropy::seed_rng(); RAND_bytes(buf, SHA512_DIGEST_LENGTH); SHA512(buf, SHA512_DIGEST_LENGTH, md); a1int serial; if (md[0] && md[0] < 0x80) serial.setRaw(md, (int)Settings["serial_len"] / 8); return serial; } a1int db_x509::getUniqueSerial(pki_x509 *signer) { // returns an unused unique serial a1int serial, signer_serial; x509rev rev; x509revList revList; if (signer) { signer_serial = signer->getSerial(); revList = signer->getRevList(); } for (int i=0; ; i++) { if (i > 100) throw errorEx(tr("Failed to retrieve unique random serial")); serial = randomSerial(); if (serial == a1int(0L)) continue; if (!signer) break; if (signer_serial == serial) continue; rev.setSerial(serial); if (revList.contains(rev)) continue; if (signer->getBySerial(serial)) continue; break; } return serial; } pki_base *db_x509::insert(pki_base *item) { pki_x509 *cert = (pki_x509 *)item; pki_x509 *oldcert = (pki_x509 *)getByReference(cert); if (oldcert) { XCA_INFO(tr("The certificate already exists in the database as:\n'%1'\nand so it was not imported").arg(oldcert->getIntName())); delete(cert); return NULL; } insertPKI(cert); return cert; } void db_x509::load(void) { load_cert c; load_default(c); } pki_x509 *db_x509::get1SelectedCert() { QModelIndexList indexes = mainwin->certView->getSelectedIndexes(); QModelIndex index; if (indexes.count()) index = indexes[0]; if (index == QModelIndex()) return NULL; return static_cast(index.internalPointer()); } void db_x509::markRequestSigned(pki_x509req *req, pki_x509 *cert) { if (!req || !cert) return; pki_x509 *issuer = cert->getSigner(); Transaction; if (!TransBegin()) return; XSqlQuery q; req->setDone(); SQL_PREPARE(q, "UPDATE requests SET signed=? WHERE item=?"); q.bindValue(0, 1); q.bindValue(1, req->getSqlItemId()); AffectedItems(req->getSqlItemId()); q.exec(); a1time a; req->selfComment(tr("Signed on %1 by '%2'").arg(a.toPretty()) .arg(issuer ? issuer->getIntName() : tr("Unknown"))); SQL_PREPARE(q, "UPDATE items SET comment=? WHERE id=?"); q.bindValue(0, req->getComment()); q.bindValue(1, req->getSqlItemId()); q.exec(); TransCommit(); } void db_x509::newItem() { NewX509 *dlg = new NewX509(mainwin); emit connNewX509(dlg); dlg->setCert(); pki_x509 *sigcert = get1SelectedCert(); dlg->defineSigner((pki_x509*)sigcert, true); if (dlg->exec()) { newCert(dlg); } delete dlg; } void db_x509::newCert(pki_x509req *req) { NewX509 *dlg = new NewX509(mainwin); emit connNewX509(dlg); pki_x509 *sigcert = get1SelectedCert(); dlg->setCert(); dlg->defineRequest(req); dlg->defineSigner(sigcert, true); if (dlg->exec()) { newCert(dlg); } delete dlg; } void db_x509::newCert(pki_temp *temp) { NewX509 *dlg = new NewX509(mainwin); emit connNewX509(dlg); dlg->setCert(); dlg->defineTemplate(temp); if (dlg->exec()) { newCert(dlg); } delete dlg; } void db_x509::newCert(pki_x509 *cert) { NewX509 *dlg = new NewX509(mainwin); emit connNewX509(dlg); dlg->setCert(); dlg->fromX509super(cert, false); if (dlg->exec()) { newCert(dlg); } delete dlg; } pki_x509 *db_x509::newCert(NewX509 *dlg) { pki_x509 *cert = NULL; pki_x509 *signcert = NULL; pki_x509req *req = NULL; pki_key *signkey = NULL, *clientkey = NULL, *tempkey = NULL; a1int serial; QString intname; try { Transaction; // Step 1 - Subject and key if (!dlg->fromReqCB->isChecked()) { clientkey = dlg->getSelectedKey(); if (!clientkey) return NULL; intname = dlg->description->text(); } else { // A PKCS#10 Request was selected req = dlg->getSelectedReq(); if (!req) return NULL; clientkey = req->getRefKey(); if (clientkey == NULL) { clientkey = req->getPubKey(); tempkey = clientkey; } intname = req->getIntName(); } TransThrow(); if (clientkey == NULL) throw errorEx(tr("Invalid public key")); // initially create cert cert = new pki_x509(); cert->setIntName(intname); cert->setSubject(dlg->getX509name()); cert->setPubKey(clientkey); // Step 2 - select Signing if (dlg->foreignSignRB->isChecked()) { signcert = dlg->getSelectedSigner(); if (!signcert) { delete cert; return NULL; } serial = getUniqueSerial(signcert); signkey = signcert->getRefKey(); } else { signcert = cert; signkey = clientkey; serial = getUniqueSerial(NULL); } dlg->initCtx(cert, signcert, NULL); // if we can not sign if (! signkey || signkey->isPubKey()) { delete cert; throw errorEx(tr("The key you selected for signing is not a private one.")); } // set the issuers name cert->setIssuer(signcert->getSubject()); cert->setSerial(serial); // Step 3 - Choose the Date // Date handling cert->setNotBefore(dlg->notBefore->getDate()); a1time a; if (dlg->noWellDefinedExpDate->isChecked()) a.setUndefined(); else a = dlg->notAfter->getDate(); cert->setNotAfter(a); // STEP 4 handle extensions // apply all extensions to the subject cert in the context dlg->getAllExt(); // apply extensions from CSR if requested if (dlg->copyReqExtCB->isChecked() && dlg->fromReqCB->isChecked()) { extList el = req->getV3ext(); int m = el.count(); for (int i=0; iaddV3ext(el[i], true); } const EVP_MD *hashAlgo = dlg->hashAlgo->currentHash(); // and finally sign the request cert->sign(signkey, hashAlgo); // set the comment field cert->setComment(dlg->comment->toPlainText()); cert->pkiSource = dlg->getPkiSource(); cert = (pki_x509*)insert(cert); createSuccess(cert); if (cert && clientkey->isToken()) { pki_scard *card = (pki_scard*)clientkey; if (XCA_YESNO(tr("Store the certificate to the key on the token '%1 (#%2)' ?"). arg(card->getCardLabel()).arg(card->getSerial()))) { try { cert->store_token(false); } catch (errorEx &err) { mainwin->Error(err); } } } if (tempkey != NULL) delete(tempkey); markRequestSigned(req, cert); TransCommit(); } catch (errorEx &err) { mainwin->Error(err); delete cert; if (tempkey != NULL) delete(tempkey); cert = NULL; } return cert; } void db_x509::store(QModelIndex idx) { QModelIndexList l; l << idx; store(l); } void db_x509::store(QModelIndexList list) { QStringList filt; bool chain; QList types, usual; if (list.size() == 0) return; pki_x509 *crt = static_cast(list[0].internalPointer()); pki_x509 *oldcrt = NULL; if (!crt) return; pki_key *privkey = crt->getRefKey(); pki_evp *pkey; chain = crt->getSigner() && crt->getSigner() != crt; usual << exportType(exportType::PEM, "crt", "PEM") << exportType(exportType::PKCS7, "p7b", "PKCS #7"); types << exportType(exportType::DER, "cer", "DER"); if (list.size() > 1) { usual << exportType(exportType::PEM_selected, "pem", "PEM selected") << exportType(exportType::PKCS7_selected, "pem", "PKCS7 selected"); } if (chain) { types << exportType(exportType::PEM_chain, "pem", tr("PEM chain")) << exportType(exportType::PKCS7_chain, "p7b", tr("PKCS#7 chain")); } if (privkey && privkey->isPrivKey() && !privkey->isToken()) { if (chain) { usual << exportType(exportType::PKCS12_chain, "p12", tr("PKCS#12 chain")); types << exportType(exportType::PKCS12, "p12", "PKCS #12"); } else { usual << exportType(exportType::PKCS12, "p12", "PKCS #12"); } types << exportType(exportType::PEM_cert_key, "pem", tr("PEM + key")) << exportType(exportType::PEM_cert_pk8, "pem", "PEM + PKCS#8"); } types << exportType() << exportType(exportType::PKCS7_unrevoked, "p7b", tr("PKCS#7 unrevoked")) << exportType(exportType::PKCS7_all, "p7b", tr("PKCS#7 all")) << exportType(exportType::PEM_unrevoked, "pem", tr("PEM unrevoked")) << exportType(exportType::PEM_all, "pem", tr("PEM all")) << exportType(exportType::Index, "txt", tr("Certificate Index file")); if (crt->getNotAfter() > a1time()) types << exportType(exportType::vcalendar, "ics", tr("vCalendar")); if (crt->isCA()) types << exportType(exportType::vcalendar_ca, "ics", tr("CA vCalendar")); types = usual << exportType() << types; ExportDialog *dlg = new ExportDialog(mainwin, tr("Certificate export"), tr("X509 Certificates ( *.pem *.cer *.crt *.p12 *.p7b )"), crt, MainWindow::certImg, types); if (!dlg->exec()) { delete dlg; return; } QStringList vcal; QList certs; QList items; enum exportType::etype type = dlg->type(); try { XFile file(dlg->filename->text()); file.open_write(); pki_base::pem_comment = dlg->pemComment->isChecked(); switch (type) { case exportType::PEM: crt->writeCert(file, true); break; case exportType::PEM_chain: while (crt && crt != oldcrt) { crt->writeCert(file, true); oldcrt = crt; crt = crt->getSigner(); } break; case exportType::PEM_selected: foreach(QModelIndex idx, list) { crt = static_cast (idx.internalPointer()); crt->writeCert(file, true); } break; case exportType::PEM_unrevoked: FOR_ALL_pki(pki, pki_x509) { if (!pki->isRevoked()) pki->writeCert(file, true); } break; case exportType::PEM_all: FOR_ALL_pki(pki, pki_x509) { pki->writeCert(file, true); } break; case exportType::DER: crt->writeCert(file, false); break; case exportType::PKCS7: case exportType::PKCS7_chain: case exportType::PKCS7_unrevoked: case exportType::PKCS7_selected: case exportType::PKCS7_all: writePKCS7(crt, file, type, list); break; case exportType::PKCS12: writePKCS12(crt, file, false); break; case exportType::PKCS12_chain: writePKCS12(crt, file, true); break; case exportType::PEM_cert_pk8: case exportType::PEM_cert_key: pkey = (pki_evp *)crt->getRefKey(); if (!pkey || pkey->isPubKey()) { XCA_WARN(tr("There was no key found for the Certificate: '%1'"). arg(crt->getIntName())); break; } if (pkey->isToken()) { XCA_WARN(tr("Not possible for a token key: '%1'"). arg(crt->getIntName())); break; } if (type == exportType::PEM_cert_pk8) { pkey->writePKCS8(file, EVP_des_ede3_cbc(), PwDialog::pwCallback, true); } else { pkey->writeKey(file, NULL, NULL, true); } crt->writeCert(file, true); break; case exportType::Index: foreach(QModelIndex idx, list) certs << static_cast (idx.internalPointer()); writeIndex(file, certs); break; case exportType::vcalendar: foreach(QModelIndex idx, list) { crt = static_cast(idx.internalPointer()); vcal += crt->icsVEVENT(); } writeVcalendar(file, vcal); break; case exportType::vcalendar_ca: foreach(QModelIndex idx, list) { crt = static_cast(idx.internalPointer()); vcal += crt->icsVEVENT_ca(); } writeVcalendar(file, vcal); break; default: exit(1); } } catch (errorEx &err) { MainWindow::Error(err); } pki_base::pem_comment = false; delete dlg; } void db_x509::writeIndex(XFile &file, QList items) const { QString index; foreach(pki_x509 *cert, items) { if (cert) index += cert->getIndexEntry(); } file.write(index.toUtf8()); } void db_x509::writePKCS12(pki_x509 *cert, XFile &file, bool chain) const { QStringList filt; pki_pkcs12 *p12 = NULL; try { pki_evp *privkey = (pki_evp *)cert->getRefKey(); if (!privkey || privkey->isPubKey()) { XCA_WARN(tr("There was no key found for the Certificate: '%1'").arg(cert->getIntName())); return; } if (privkey->isToken()) { XCA_WARN(tr("Not possible for the token-key Certificate '%1'").arg(cert->getIntName())); return; } p12 = new pki_pkcs12(cert->getIntName(), cert, privkey); pki_x509 *signer = cert->getSigner(); while ((signer != NULL ) && (signer != cert) && chain) { p12->addCaCert(signer); cert=signer; signer=signer->getSigner(); } p12->writePKCS12(file); } catch (errorEx &err) { MainWindow::Error(err); } if (p12) delete p12; } void db_x509::writePKCS7(pki_x509 *cert, XFile &file, exportType::etype type, QModelIndexList list) const { pki_pkcs7 *p7 = NULL; try { p7 = new pki_pkcs7(""); switch (type) { case exportType::PKCS7_chain: while (cert != NULL) { p7->addCert(cert); if (cert->getSigner() == cert) cert = NULL; else cert = cert->getSigner(); } break; case exportType::PKCS7: p7->addCert(cert); break; case exportType::PKCS7_selected: foreach(QModelIndex idx, list) { cert = static_cast(idx.internalPointer()); p7->addCert(cert); } break; case exportType::PKCS7_unrevoked: case exportType::PKCS7_all: FOR_ALL_pki(cer, pki_x509) { if ((type == exportType::PKCS7_all) || (!cer->isRevoked())) p7->addCert(cer); } break; default: exit(1); } p7->writeP7(file, false); } catch (errorEx &err) { MainWindow::Error(err); } if (p7 != NULL ) delete p7; } void db_x509::manageRevocations(QModelIndex idx) { pki_x509 *cert = static_cast(idx.internalPointer()); if (!cert) return; RevocationList *dlg = new RevocationList(mainwin); dlg->setRevList(cert->getRevList(), cert); connect(dlg, SIGNAL(genCRL(pki_x509*)), mainwin->crls, SLOT(newItem(pki_x509*))); if (dlg->exec()) { cert->setRevocations(dlg->getRevList()); emit columnsContentChanged(); } } void db_x509::certRenewal(QModelIndexList indexes) { pki_x509 *oldcert = NULL, *signer = NULL, *newcert =NULL; pki_key *signkey = NULL; a1time time; a1int serial; CertExtend *dlg = NULL; x509rev r; bool doRevoke = false; if (indexes.size() == 0) return; QModelIndex idx = indexes[0]; try { oldcert = static_cast(idx.internalPointer()); if (!oldcert || !(signer = oldcert->getSigner()) || !(signkey = signer->getRefKey()) || signkey->isPubKey()) return; bool renew_myself = signer == oldcert; CertExtend *dlg = new CertExtend(mainwin, renew_myself ? NULL : signer); dlg->revoke->setEnabled(!renew_myself); if (!dlg->exec()) { delete dlg; return; } if (dlg->revoke->isChecked() && !renew_myself) { Revocation *revoke = new Revocation(mainwin, indexes); doRevoke = revoke->exec(); r = revoke->getRevocation(); delete revoke; } foreach(idx, indexes) { oldcert = static_cast (idx.internalPointer()); newcert = new pki_x509(oldcert); newcert->pkiSource = renewed; serial = dlg->keepSerial->isChecked() ? oldcert->getSerial() : getUniqueSerial(signer); newcert->setRevoked(x509rev()); // change date and serial newcert->setSerial(serial); newcert->setNotBefore(dlg->notBefore->getDate()); a1time a; if (dlg->noWellDefinedExpDate->isChecked()) a.setUndefined(); else a = dlg->notAfter->getDate(); newcert->setNotAfter(a); // and finally sign the cert newcert->sign(signkey, oldcert->getDigest()); newcert = (pki_x509 *)insert(newcert); createSuccess(newcert); } if (doRevoke) do_revoke(indexes, r); } catch (errorEx &err) { MainWindow::Error(err); if (newcert) delete newcert; } if (dlg) delete dlg; emit columnsContentChanged(); } void db_x509::revoke(QModelIndexList indexes) { if (indexes.size() == 0) return; Revocation *revoke = new Revocation(mainwin, indexes); if (revoke->exec()) { do_revoke(indexes, revoke->getRevocation()); } emit columnsContentChanged(); } void db_x509::do_revoke(QModelIndexList indexes, const x509rev &r) { pki_x509 *parent = NULL, *cert, *iss; x509revList revlist; foreach(QModelIndex idx, indexes) { cert = static_cast(idx.internalPointer()); iss = cert->getSigner(); if (parent == NULL) { parent = iss; } else if (parent != iss) { parent = NULL; break; } } if (!parent) { qWarning("%s(%d): Certs have different/no signer", __func__, __LINE__); } foreach(QModelIndex idx, indexes) { pki_x509 *cert = static_cast(idx.internalPointer()); x509rev rev(r); rev.setSerial(cert->getSerial()); cert->setRevoked(rev); revlist << rev; } parent->mergeRevList(revlist); } void db_x509::unRevoke(QModelIndexList indexes) { pki_x509 *parent = NULL; x509revList revList; foreach(QModelIndex idx, indexes) { pki_x509 *cert = static_cast(idx.internalPointer()); if (!cert) return; pki_x509 *iss = cert->getSigner(); if (parent == NULL) { parent = iss; } else if (parent != iss) { parent = NULL; break; } } if (!parent) { qWarning("%s(%d): Certs have different/no issuer\n", __func__, __LINE__); return; } revList = parent->getRevList(); foreach(QModelIndex idx, indexes) { pki_x509 *cert = static_cast(idx.internalPointer()); int i; x509rev rev; cert->setRevoked(x509rev()); rev.setSerial(cert->getSerial()); i = revList.indexOf(rev); if (i != -1) revList.takeAt(i); } parent->setRevocations(revList); emit columnsContentChanged(); } void db_x509::toCertificate(QModelIndex index) { pki_x509 *cert = static_cast(index.internalPointer()); if (!cert) return; if (!cert->getRefKey() && cert->getSigner() != cert) extractPubkey(index); cert->pkiSource = transformed; newCert(cert); } void db_x509::toRequest(QModelIndex idx) { pki_x509 *cert = static_cast(idx.internalPointer()); if (!cert) return; try { pki_x509req *req = new pki_x509req(); check_oom(req); req->pkiSource = transformed; req->setIntName(cert->getIntName()); req->createReq(cert->getRefKey(), cert->getSubject(), cert->getDigest(), cert->getV3ext()); createSuccess(mainwin->reqs->insert(req)); } catch (errorEx &err) { mainwin->Error(err); } } void db_x509::toToken(QModelIndex idx, bool alwaysSelect) { pki_x509 *cert = static_cast(idx.internalPointer()); if (!cert) return; try { cert->store_token(alwaysSelect); } catch (errorEx &err) { mainwin->Error(err); } } void db_x509::caProperties(QModelIndex idx) { QStringList actions; Ui::CaProperties ui; pki_x509 *cert = static_cast(idx.internalPointer()); if (!cert) return; QDialog *dlg = new QDialog(mainwin); ui.setupUi(dlg); ui.days->setSuffix(QString(" ") + tr("days")); ui.days->setMaximum(1000000); ui.days->setValue(cert->getCrlDays()); ui.image->setPixmap(*MainWindow::certImg); QVariant tmplId = cert->getTemplateSqlId(); pki_temp *templ = mainwin->temps->lookupPki(tmplId); ui.temp->insertPkiItems(mainwin->temps->getAll()); ui.temp->setNullItem(tr("No template")); ui.temp->setCurrentIndex(0); if (templ) ui.temp->setCurrentPkiItem(templ); ui.certName->setTitle(cert->getIntName()); if (dlg->exec()) { XSqlQuery q; QSqlError e; Transaction; TransThrow(); templ = ui.temp->currentPkiItem(); tmplId = templ ? templ->getSqlItemId() : QVariant(); cert->setTemplateSqlId(tmplId); cert->setCrlDays(ui.days->value()); SQL_PREPARE(q, "UPDATE authority SET crlDays=?, " "template=? WHERE item=?"); q.bindValue(0, cert->getCrlDays()); q.bindValue(1, tmplId); q.bindValue(2, cert->getSqlItemId()); AffectedItems(cert->getSqlItemId()); q.exec(); TransDone(q.lastError()); mainwin->dbSqlError(q.lastError()); } delete dlg; } xca-RELEASE.2.2.1/lib/x509v3ext.cpp0000644000175000017500000006270413614632167015677 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2011 Christian Hohnstaedt. * * All rights reserved. */ #include "x509v3ext.h" #include "x509name.h" #include "asn1int.h" #include "func.h" #include "exception.h" #include #include #include #include #include "base.h" x509v3ext::x509v3ext() { ext = X509_EXTENSION_new(); } x509v3ext::x509v3ext(const X509_EXTENSION *n) { ext = X509_EXTENSION_dup((X509_EXTENSION *)n); } x509v3ext::x509v3ext(const x509v3ext &n) { ASN1_OCTET_STRING *str = n.getData(); ext = X509_EXTENSION_new(); if (str && str->length) set(n.ext); } x509v3ext::~x509v3ext() { X509_EXTENSION_free(ext); } x509v3ext &x509v3ext::set(const X509_EXTENSION *n) { if (ext != NULL) X509_EXTENSION_free(ext); ext = X509_EXTENSION_dup((X509_EXTENSION *)n); return *this; } x509v3ext &x509v3ext::create(int nid, const QString &et, X509V3_CTX *ctx) { if (ext) { X509_EXTENSION_free(ext); ext = NULL; } if (!et.isEmpty()) { QString etext = et; if (et.contains("DNS:copycn") && ctx && ctx->subject_cert && nid == NID_subject_alt_name) { x509name xn(X509_get_subject_name(ctx->subject_cert)); QString cn = xn.getEntryByNid(NID_commonName); if (!cn.isEmpty()) etext.replace(QString("DNS:copycn"), QString("DNS:%1").arg(cn)); } QByteArray ba = etext.toLocal8Bit(); ext = X509V3_EXT_conf_nid(NULL, ctx, nid, ba.data()); } if (!ext) ext = X509_EXTENSION_new(); else { if (ctx && ctx->subject_cert) { X509_add_ext(ctx->subject_cert, ext, -1); } } return *this; } x509v3ext &x509v3ext::create_ia5(int nid, const QString &et, X509V3_CTX *ctx) { QByteArray ba = et.toLocal8Bit(); for (int i=0; i"); } int x509v3ext::getCritical() const { return X509_EXTENSION_get_critical(ext); } ASN1_OCTET_STRING *x509v3ext::getData() const { return X509_EXTENSION_get_data(ext); } QString x509v3ext::getValue(bool html) const { QString text = ""; int ret; char *p = NULL; BIO *bio = BIO_new(BIO_s_mem()); ret = X509V3_EXT_print(bio, ext, X509V3_EXT_DEFAULT, 0); if (ign_openssl_error() || !ret) { ret = ASN1_STRING_print(bio, (ASN1_STRING *) getData()); } if (!ign_openssl_error() && ret) { long len = BIO_get_mem_data(bio, &p); text = QString::fromLocal8Bit(p, len); } BIO_free(bio); if (html) { text.replace(QRegExp("&"), "&"); text.replace(QRegExp("<"), "<"); text.replace(QRegExp(">"), ">"); text.replace(QRegExp("\n"), "
\n"); } return text.trimmed(); } static QString vlist2Section(QStringList vlist, QString tag, QString *sect) { /* Check for commas in the text */ if (!vlist.join("").contains(",")) return vlist.join(", "); *sect += QString("\n[%1_sect]\n").arg(tag); for (int i=0; itype) { case GEN_EMAIL: ret = "email:%1"; break; case GEN_DNS: ret = "DNS:%1"; break; case GEN_URI: ret = "URI:%1"; break; case GEN_DIRNAME: { tag += "_dirname"; x509name xn(gen->d.dirn); *sect += QString("\n[%1]\n"). arg(tag); *sect += xn.taggedValues(); *single = QString("dirName:") + tag; return true; } case GEN_IPADD: p = gen->d.ip->data; if (gen->d.ip->length == 4) { *single = QString("IP:%1.%2.%3.%4"). arg(p[0]).arg(p[1]).arg(p[2]).arg(p[3]); return true; } else if(gen->d.ip->length == 8) { *single = QString("IP:%1.%2.%3.%4/%5.%6.%7.%8"). arg(p[0]).arg(p[1]).arg(p[2]).arg(p[3]). arg(p[4]).arg(p[5]).arg(p[6]).arg(p[7]); return true; } else if(gen->d.ip->length == 16) { *single = "IP:" + ipv6_from_binary(gen->d.ip->data); return true; } else if(gen->d.ip->length == 32) { *single = "IP:" + ipv6_from_binary(gen->d.ip->data) + "/" + ipv6_from_binary(gen->d.ip->data +16); return true; } return false; case GEN_RID: *single = QString("RID:%1"). arg(obj2SnOid(gen->d.rid)); return true; case GEN_OTHERNAME: { int type = gen->d.otherName->value->type; ASN1_STRING *a; a = gen->d.otherName->value->value.asn1_string; if (asn1TypePrintable(type)) { *single = QString("otherName:%1;%2:%3"). arg(obj2SnOid(gen->d.otherName->type_id)). arg(asn1Type2Name(type)). arg(asn1ToQString(a, true)); } else { *single = QString("otherName:%1;FORMAT:HEX,%2"). arg(obj2SnOid(gen->d.otherName->type_id)). arg(asn1Type2Name(type)); for (int i=0; ilength; i++) { *single += QString(":%1"). arg((int)(a->data[i]), 2, 16, QChar('0')); } } return true; } default: return false; } if (!ret.isEmpty()) *single = ret.arg(asn1ToQString(gen->d.ia5, true)); return true; } static bool genNameStack2conf(STACK_OF(GENERAL_NAME) *gens, QString tag, QString *single, QString *sect) { int i; QStringList sl; for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) { QString one; if (!genName2conf(sk_GENERAL_NAME_value(gens, i), QString("%1_%2").arg(tag).arg(i), &one, sect)) { return false; } sl << one; } *single = vlist2Section(sl, tag, sect); return true; } QString x509v3ext::parse_critical() const { return QString(getCritical() ? "critical," : ""); } #define TEXTS (\ B_ASN1_TIME | B_ASN1_DIRECTORYSTRING | B_ASN1_DISPLAYTEXT | \ B_ASN1_NUMERICSTRING | B_ASN1_T61STRING | B_ASN1_UNIVERSALSTRING) bool x509v3ext::parse_ia5(QString *single, QString *adv) const { ASN1_STRING *str = (ASN1_STRING *)d2i(); QString ret; if (!str) { const unsigned char *p = getData()->data; str = d2i_ASN1_OCTET_STRING(NULL, &p, getData()->length); if (ign_openssl_error() || !str) return false; ret = QString("%2"). arg(asn1Type2Name(str->type)). arg(QString(asn1ToQString(str))); } else { ret = QString(asn1ToQString(str)); } if (single) *single = ret; else if (adv) *adv = QString("%1=%2\n").arg(OBJ_nid2sn(nid())).arg(ret) +*adv; ASN1_STRING_free(str); return true; } bool x509v3ext::parse_generalName(QString *single, QString *adv) const { bool retval = true; QString sect, ret; STACK_OF(GENERAL_NAME) *gens = (STACK_OF(GENERAL_NAME) *)d2i(); if (!gens) return false; QString tag = OBJ_nid2sn(nid()); if (!genNameStack2conf(gens, tag, &ret, §)) retval = false; else if (sect.isEmpty() && single) { *single = parse_critical() + ret; } else if (adv) { *adv = QString("%1=%2\n").arg(tag). arg(parse_critical() +ret) + *adv + sect; } sk_GENERAL_NAME_free(gens); return retval; } bool x509v3ext::parse_eku(QString *single, QString *adv) const { EXTENDED_KEY_USAGE *eku = (EXTENDED_KEY_USAGE *)d2i(); QStringList sl; int i; if (!eku) return false; for (i = 0; i < sk_ASN1_OBJECT_num(eku); i++) { sl << QString(OBJ_obj2sn(sk_ASN1_OBJECT_value(eku, i))); } QString r = parse_critical() + sl.join(", "); if (single) *single = r; else if (adv) *adv = QString("%1=%2\n").arg(OBJ_nid2sn(nid())).arg(r) + *adv; EXTENDED_KEY_USAGE_free(eku); return true; } bool x509v3ext::parse_ainfo(QString *single, QString *adv) const { bool retval = true; QString sect, ret; QString tag = OBJ_nid2sn(nid()); QStringList sl; int i; AUTHORITY_INFO_ACCESS *ainfo = (AUTHORITY_INFO_ACCESS *)d2i(); if (!ainfo) return false; for (i = 0; i < sk_ACCESS_DESCRIPTION_num(ainfo); i++) { QString one; ACCESS_DESCRIPTION *desc = sk_ACCESS_DESCRIPTION_value(ainfo, i); if (!genName2conf(desc->location, QString("%1_%2").arg(tag).arg(i), &one, §)) { retval = false; break; } sl << QString("%1;%2").arg(OBJ_obj2sn(desc->method)).arg(one); } if (retval) { ret = vlist2Section(sl, tag, §); if (sect.isEmpty() && sk_ACCESS_DESCRIPTION_num(ainfo) == 1 && single) { *single = parse_critical() + ret; } else if (adv) { *adv = QString("%1=%2\n").arg(tag). arg(parse_critical() + ret) + *adv + sect; } } AUTHORITY_INFO_ACCESS_free(ainfo); return retval; } static const BIT_STRING_BITNAME reason_flags[] = { {0, "", "unused"}, {1, "", "keyCompromise"}, {2, "", "CACompromise"}, {3, "", "affiliationChanged"}, {4, "", "superseded"}, {5, "", "cessationOfOperation"}, {6, "", "certificateHold"}, {7, "", "privilegeWithdrawn"}, {8, "", "AACompromise"}, {-1, NULL, NULL} }; static QString parse_bits(const BIT_STRING_BITNAME *flags, ASN1_BIT_STRING *str) { const BIT_STRING_BITNAME *pbn; QStringList r; for (pbn = flags; pbn->sname; pbn++) { if (ASN1_BIT_STRING_get_bit(str, pbn->bitnum)) r << QString(pbn->sname); } return r.join(", "); } bool x509v3ext::parse_Crldp(QString *single, QString *adv) const { QString othersect; QStringList crldps; const char *sn = OBJ_nid2sn(nid()); STACK_OF(DIST_POINT) *crld = (STACK_OF(DIST_POINT)*)d2i(); if (!crld) return false; if (sk_DIST_POINT_num(crld) == 1 && single) { DIST_POINT *point = sk_DIST_POINT_value(crld, 0); if (point->distpoint && !point->reasons && !point->CRLissuer && !point->distpoint->type) { QString sect, ret; if (!genNameStack2conf(point->distpoint->name.fullname, "", &ret, §)) goto could_not_parse; if (sect.isEmpty()) { if (single) *single = parse_critical() +ret; else if (adv) *adv = QString("%1=%2\n").arg(sn). arg(parse_critical() +ret) +*adv; return true; } } } for(int i = 0; i < sk_DIST_POINT_num(crld); i++) { DIST_POINT *point = sk_DIST_POINT_value(crld, i); QString tag = QString("crlDistributionPoint%1_sect").arg(i); QString crldpsect = QString("\n[%1]\n").arg(tag); if (point->distpoint) { if (!point->distpoint->type) { QString ret; if (!genNameStack2conf(point->distpoint->name.fullname, tag + "_fullname", &ret, &othersect)) goto could_not_parse; crldpsect += "fullname=" + ret +"\n"; } else { QString mysect = tag + "_relativename"; x509name xn(point->distpoint->name.relativename); crldpsect += "relativename=" + mysect + "\n"; othersect += QString("\n[%1]\n").arg(mysect) + xn.taggedValues(); } } if (point->reasons) { crldpsect += QString("reasons=%1\n"). arg(parse_bits(reason_flags, point->reasons)); } if (point->CRLissuer) { QString ret; if (genNameStack2conf(point->CRLissuer, tag +"_crlissuer", &ret, &othersect)) goto could_not_parse; crldpsect += "CRLissuer=" + ret + "\n"; } crldps << tag; othersect = crldpsect + othersect; } sk_DIST_POINT_free(crld); if (crldps.size() == 0) return true; if (adv) { *adv = QString("%1=%2\n").arg(sn). arg(parse_critical() + crldps.join(", ")) + *adv + othersect; #if OPENSSL_VERSION_NUMBER < 0x10000000L *adv = QString( "\n" "# This syntax only works for openssl >= 1.0.0\n" "# But this is %1\n" "# ").arg(OPENSSL_VERSION_TEXT) + *adv; #endif } return true; could_not_parse: sk_DIST_POINT_free(crld); return false; } static void gen_cpol_notice(QString tag, USERNOTICE *notice, QString *adv) { *adv += QString("\n[%1]\n").arg(tag); if (notice->exptext) { *adv += QString("explicitText=%1\n"). arg(asn1ToQString(notice->exptext, true)); } if (notice->noticeref) { NOTICEREF *ref = notice->noticeref; QStringList sl; int i; *adv += QString("organization=%1\n"). arg(asn1ToQString(ref->organization, true)); for (i = 0; i < sk_ASN1_INTEGER_num(ref->noticenos); i++) { a1int num(sk_ASN1_INTEGER_value(ref->noticenos, i)); sl << num.toDec(); } if (sl.size()) *adv += QString("noticeNumbers=%1\n"). arg(sl.join(", ")); } } static bool gen_cpol_qual_sect(QString tag, POLICYINFO *pinfo, QString *adv) { QString polsect = QString("\n[%1]\n").arg(tag); QString noticetag, _adv; STACK_OF(POLICYQUALINFO) *quals = pinfo->qualifiers; int i; if (!quals) return false; if (!adv) adv = &_adv; polsect += QString("policyIdentifier=%1\n"). arg(obj2SnOid(pinfo->policyid)); for (i = 0; i < sk_POLICYQUALINFO_num(quals); i++) { POLICYQUALINFO *qualinfo = sk_POLICYQUALINFO_value(quals, i); switch (OBJ_obj2nid(qualinfo->pqualid)) { case NID_id_qt_cps: polsect += QString("CPS.%1=%2\n").arg(i). arg(asn1ToQString(qualinfo->d.cpsuri, true)); break; case NID_id_qt_unotice: noticetag = QString("%1_notice%2_sect").arg(tag).arg(i); polsect += QString("userNotice.%1=@%2\n").arg(i). arg(noticetag); gen_cpol_notice(noticetag, qualinfo->d.usernotice, adv); break; default: return false; } } *adv = polsect + *adv; return true; } bool x509v3ext::parse_certpol(QString *, QString *adv) const { bool retval = true; QStringList pols; QString myadv; int i; STACK_OF(POLICYINFO) *pol = (STACK_OF(POLICYINFO) *)d2i(); if (!pol) return false; for (i = 0; i < sk_POLICYINFO_num(pol); i++) { POLICYINFO *pinfo = sk_POLICYINFO_value(pol, i); if (!pinfo->qualifiers) { pols << obj2SnOid(pinfo->policyid); continue; } QString tag = QString("certpol%1_sect").arg(i); pols << QString("@") + tag; if (!gen_cpol_qual_sect(tag, pinfo, &myadv)) { retval = false; break; } } if (retval && adv) *adv = QString("certificatePolicies=%1ia5org,%2\n"). arg(parse_critical()).arg(pols.join(", ")) + *adv + myadv; sk_POLICYINFO_free(pol); return retval; } bool x509v3ext::parse_bc(QString *single, QString *adv) const { BASIC_CONSTRAINTS *bc = (BASIC_CONSTRAINTS *)d2i(); if (!bc) return false; QString ret = a1int(bc->pathlen).toDec(); if (!ret.isEmpty()) ret = ",pathlen:" + ret; ret = parse_critical() + (bc->ca ? "CA:TRUE" : "CA:FALSE") + ret; if (single) *single = ret; else if (adv) *adv = QString("%1=%2\n").arg(OBJ_nid2sn(nid())).arg(ret) +*adv; BASIC_CONSTRAINTS_free(bc); return true; } static const BIT_STRING_BITNAME key_usage_type_table[] = { {0, "Digital Signature", "digitalSignature"}, {1, "Non Repudiation", "nonRepudiation"}, {2, "Key Encipherment", "keyEncipherment"}, {3, "Data Encipherment", "dataEncipherment"}, {4, "Key Agreement", "keyAgreement"}, {5, "Certificate Sign", "keyCertSign"}, {6, "CRL Sign", "cRLSign"}, {7, "Encipher Only", "encipherOnly"}, {8, "Decipher Only", "decipherOnly"}, {-1, NULL, NULL} }; static const BIT_STRING_BITNAME ns_cert_type_table[] = { {0, "SSL Client", "client"}, {1, "SSL Server", "server"}, {2, "S/MIME", "email"}, {3, "Object Signing", "objsign"}, {4, "Unused", "reserved"}, {5, "SSL CA", "sslCA"}, {6, "S/MIME CA", "emailCA"}, {7, "Object Signing CA", "objCA"}, {-1, NULL, NULL} }; bool x509v3ext::parse_bitstring(QString *single, QString *adv) const { ASN1_BIT_STRING *bs; const BIT_STRING_BITNAME *bnames; int n = nid(); switch (n) { case NID_key_usage: bnames = key_usage_type_table; break; case NID_netscape_cert_type: bnames = ns_cert_type_table; break; default: return false; } bs = (ASN1_BIT_STRING *)d2i(); if (!bs) return false; QString ret = parse_critical() + parse_bits(bnames, bs); if (single) *single = ret; else if (adv) *adv = QString("%1=%2\n").arg(OBJ_nid2sn(nid())).arg(ret) +*adv; ASN1_BIT_STRING_free(bs); return true; } bool x509v3ext::parse_sKeyId(QString *, QString *adv) const { if (adv) *adv = QString("%1=hash\n").arg(OBJ_nid2sn(nid())) + *adv; return true; } bool x509v3ext::parse_aKeyId(QString *, QString *adv) const { QStringList ret; AUTHORITY_KEYID *akeyid = (AUTHORITY_KEYID *)d2i(); if (!akeyid) return false; if (akeyid->keyid) ret << "keyid"; if (akeyid->issuer) ret << "issuer"; if (adv) *adv = QString("%1=%2\n").arg(OBJ_nid2sn(nid())). arg(ret.join(", ")) + *adv; AUTHORITY_KEYID_free(akeyid); return true; } bool x509v3ext::parse_generic(QString *, QString *adv) const { const ASN1_OBJECT *o = object(); QString der, obj = o ? obj2SnOid(o) : QString(""); ASN1_OCTET_STRING *v = getData(); for (int i=0; ilength; i++) der += QString(":%1").arg((int)(v->data[i]), 2, 16, QChar('0')); if (adv) *adv = QString("%1=%2DER%3\n").arg(obj). arg(parse_critical()).arg(der) + *adv; return true; } bool x509v3ext::parse_inhibitAnyPolicy(QString *, QString *adv) const { ASN1_INTEGER *a = (ASN1_INTEGER *)d2i(); if (!a) return false; a1int val(a); if (adv) { *adv = QString("%1=%2%3\n").arg(OBJ_nid2sn(nid())). arg(parse_critical()).arg(val.toDec()) + *adv; } ASN1_INTEGER_free(a); return true; } bool x509v3ext::parse_policyConstraints(QString *, QString *adv) const { QStringList v; a1int a1null(0L), a; POLICY_CONSTRAINTS *pol = (POLICY_CONSTRAINTS *)d2i(); if (!pol) return false; a = a1int(pol->requireExplicitPolicy); if (a != a1null) v << QString("requireExplicitPolicy:%1").arg(a.toDec()); a = a1int(pol->inhibitPolicyMapping); if (a != a1null) v << QString("inhibitPolicyMapping:%1").arg(a.toDec()); if (adv) *adv = QString("%1=%2%3\n").arg(OBJ_nid2sn(nid())). arg(parse_critical()).arg(v.join(", ")) + *adv; POLICY_CONSTRAINTS_free(pol); return true; } bool x509v3ext::parse_policyMappings(QString *, QString *adv) const { bool retval = true; QStringList polMaps; QString myadv; POLICY_MAPPINGS *pmaps = (POLICY_MAPPINGS *)d2i(); if (!pmaps) return false; for (int i = 0; i < sk_POLICY_MAPPING_num(pmaps); i++) { POLICY_MAPPING *pmap = sk_POLICY_MAPPING_value(pmaps, i); polMaps << QString("%1 = %2"). arg(obj2SnOid(pmap->issuerDomainPolicy)). arg(obj2SnOid(pmap->subjectDomainPolicy)); } if (polMaps.size() > 0 && adv) { *adv = QString("policyMappings=%1@policyMappings_sect\n"). arg(parse_critical()) + *adv + QString("[policyMappings_sect]\n") + polMaps.join("\n"); } sk_POLICY_MAPPING_free(pmaps); return retval; } static bool nameConstraint(STACK_OF(GENERAL_SUBTREE) *trees, QString prefix, QString tag, QString *single, QString *sect) { QStringList sl; for (int i = 0; i < sk_GENERAL_SUBTREE_num(trees); i++) { QString one; GENERAL_SUBTREE *tree = sk_GENERAL_SUBTREE_value(trees, i); if (!genName2conf(tree->base, QString("%1_%2").arg(tag).arg(i), &one, sect)) { return false; } qDebug("%s: %d '%s'\n", __func__, i, CCHAR(one)); sl << prefix + ";" + one; } *single = vlist2Section(sl, tag+prefix, sect); qDebug("Single: '%s'\n", CCHAR(*single)); return true; } bool x509v3ext::parse_nameConstraints(QString *, QString *adv) const { bool retval = true; QString sect, ret; QStringList permEx; QString tag = OBJ_nid2sn(nid()); NAME_CONSTRAINTS *cons = (NAME_CONSTRAINTS *)d2i(); if (!cons) return false; if (!nameConstraint(cons->permittedSubtrees, "permitted", tag, &ret, §)) retval = false; if (ret.size() > 0) permEx << ret; if (!nameConstraint(cons->excludedSubtrees, "excluded", tag, &ret, §)) retval = false; if (ret.size() > 0) permEx << ret; if (adv && retval &&permEx.size() > 0) { ret = permEx.join(", "); qDebug("%s %d '%s'\n", __func__, retval, CCHAR(ret)); *adv = QString("%1=%2\n").arg(tag). arg(parse_critical() +ret) + *adv + sect; } NAME_CONSTRAINTS_free(cons); return retval; } bool x509v3ext::genConf(QString *single, QString *adv) const { int n = nid(); switch (n) { case NID_crl_distribution_points: return parse_Crldp(single, adv); case NID_subject_alt_name: case NID_issuer_alt_name: return parse_generalName(single, adv); case NID_info_access: return parse_ainfo(single, adv); case NID_ext_key_usage: return parse_eku(single, adv); case NID_certificate_policies: return parse_certpol(single, adv); case NID_netscape_comment: case NID_netscape_base_url: case NID_netscape_revocation_url: case NID_netscape_ca_revocation_url: case NID_netscape_renewal_url: case NID_netscape_ca_policy_url: case NID_netscape_ssl_server_name: return parse_ia5(single, adv); case NID_basic_constraints: return parse_bc(single, adv); case NID_key_usage: case NID_netscape_cert_type: return parse_bitstring(single, adv); case NID_subject_key_identifier: return parse_sKeyId(single, adv); case NID_authority_key_identifier: return parse_aKeyId(single, adv); case NID_inhibit_any_policy: return parse_inhibitAnyPolicy(single, adv); case NID_policy_constraints: return parse_policyConstraints(single, adv); case NID_policy_mappings: return parse_policyMappings(single, adv); case NID_name_constraints: return parse_nameConstraints(single, adv); case NID_id_pkix_OCSP_noCheck: if (adv) *adv = "noCheck = ignored\n" + *adv; return true; default: return parse_generic(single, adv); } return false; } QString x509v3ext::getHtml() const { QString html; html = "" + getObject(); if (getCritical() != 0) html += " critical"; html += ":
" + getValue(true) + ""; return html; } X509_EXTENSION *x509v3ext::get() const { return X509_EXTENSION_dup(ext); } bool x509v3ext::isValid() const { return ext && getData() && getData()->length > 0 && OBJ_obj2nid(X509_EXTENSION_get_object(ext)) != NID_undef; } /*************************************************************/ bool extList::genConf(int nid, QString *single, QString *adv) { int i = idxByNid(nid); if (i != -1) { if (at(i).genConf(single, adv)) removeAt(i); ign_openssl_error(); return true; } return false; } void extList::genGenericConf(QString *adv) { for (int i=0; i< size();) { if (at(i).genConf(NULL, adv) || at(i).parse_generic(NULL, adv)) removeAt(i); else i++; ign_openssl_error(); } } void extList::setStack(const STACK_OF(X509_EXTENSION) *st, int start) { clear(); int cnt = sk_X509_EXTENSION_num(st); x509v3ext e; for (int i=start; i #include #include #include "pass_info.h" pass_info::pass_info(QString t, QString d, QWidget *w) { title = t; description = d; widget = w; if (!widget) widget = qApp->activeWindow(); type = tr("Password"); pixmap = MainWindow::keyImg; } void pass_info::setPin() { type = tr("PIN"); pixmap = MainWindow::scardImg; } xca-RELEASE.2.2.1/lib/pki_x509req.h0000644000175000017500000000345313614632167015721 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_X509REQ_H #define __PKI_X509REQ_H #include #include #include "pki_key.h" #include "x509v3ext.h" #include "pki_x509super.h" #include "x509name.h" #define VIEW_x509req_request 7 #define VIEW_x509req_signed 8 class pki_x509; class pki_x509req : public pki_x509super { Q_OBJECT mutable int x509count; protected: X509_REQ *request; bool done; int sigAlg() const; public: extList getV3ext() const; static QPixmap *icon[3]; pki_x509req(QString name = ""); void fromPEM_BIO(BIO *bio, const QString &name); void fload(const QString &fname); void writeDefault(const QString &dirname) const; ~pki_x509req(); void fromData(const unsigned char *p, db_header_t *head); x509name getSubject() const; void writeReq(XFile &file, bool pem) const; void markSigned(bool signe); X509_REQ *getReq() { return request; } void addAttribute(int nid, QString content); QString getAttribute(int nid) const; int issuedCerts() const; int verify() const; pki_key *getPubKey() const; void createReq(pki_key *key, const x509name &dn, const EVP_MD *md, extList el); void setSubject(const x509name &n); QVariant column_data(const dbheader *hd) const; QVariant getIcon(const dbheader *hd) const; void setDone(bool d = true) { done = d; } bool getDone() const { return done; } void resetX509count() const { x509count = -1; } virtual QString getMsg(msg_type msg) const; void d2i(QByteArray &ba); QByteArray i2d() const; BIO *pem(BIO *, int); bool visible() const; QSqlError insertSqlData(); QSqlError deleteSqlData(); void restoreSql(const QSqlRecord &rec); }; Q_DECLARE_METATYPE(pki_x509req *); #endif xca-RELEASE.2.2.1/lib/builtin_curves.cpp0000644000175000017500000000722413614632167017231 0ustar tewardteward/* * Copyright (C) 2014 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include #include #include #include "builtin_curves.h" #include "exception.h" #include "func.h" #ifndef OPENSSL_NO_EC #include #include "opensc-pkcs11.h" static const QList rfc5480_curve_nids() { return QList { NID_X9_62_prime192v1, NID_secp224r1, NID_X9_62_prime256v1, NID_secp384r1, NID_secp521r1, }; }; static const QList x962_curve_nids() { return QList { NID_X9_62_prime192v1, NID_X9_62_prime192v2, NID_X9_62_prime192v3, NID_X9_62_prime239v1, NID_X9_62_prime239v2, NID_X9_62_prime239v3, NID_X9_62_prime256v1, NID_X9_62_c2pnb163v1, NID_X9_62_c2pnb163v2, NID_X9_62_c2pnb163v3, NID_X9_62_c2pnb176v1, NID_X9_62_c2tnb191v1, NID_X9_62_c2tnb191v2, NID_X9_62_c2tnb191v3, NID_X9_62_c2pnb208w1, NID_X9_62_c2tnb239v1, NID_X9_62_c2tnb239v2, NID_X9_62_c2tnb239v3, NID_X9_62_c2pnb272w1, NID_X9_62_c2pnb304w1, NID_X9_62_c2tnb359v1, NID_X9_62_c2pnb368w1, NID_X9_62_c2tnb431r1 }; }; static const QList other_curve_nids() { return QList { NID_sect113r1, NID_sect113r2, NID_sect131r1, NID_sect131r2, NID_sect163k1, NID_sect163r1, NID_sect163r2, NID_sect193r1, NID_sect193r2, NID_sect233k1, NID_sect233r1, NID_sect239k1, NID_sect283k1, NID_sect283r1, NID_sect409k1, NID_sect409r1, NID_sect571k1, NID_sect571r1, NID_secp112r1, NID_secp112r2, NID_secp128r1, NID_secp128r2, NID_secp160k1, NID_secp160r1, NID_secp160r2, NID_secp192k1, NID_secp224k1, NID_secp224r1, NID_secp256k1, NID_secp384r1, NID_secp521r1, NID_wap_wsg_idm_ecid_wtls1, NID_wap_wsg_idm_ecid_wtls3, NID_wap_wsg_idm_ecid_wtls4, NID_wap_wsg_idm_ecid_wtls5, NID_wap_wsg_idm_ecid_wtls6, NID_wap_wsg_idm_ecid_wtls7, NID_wap_wsg_idm_ecid_wtls8, NID_wap_wsg_idm_ecid_wtls9, NID_wap_wsg_idm_ecid_wtls10, NID_wap_wsg_idm_ecid_wtls11, NID_wap_wsg_idm_ecid_wtls12, #ifdef NID_brainpoolP160r1 NID_brainpoolP160r1, NID_brainpoolP160t1, NID_brainpoolP192r1, NID_brainpoolP192t1, NID_brainpoolP224r1, NID_brainpoolP224t1, NID_brainpoolP256r1, NID_brainpoolP256t1, NID_brainpoolP320r1, NID_brainpoolP320t1, NID_brainpoolP384r1, NID_brainpoolP384t1, NID_brainpoolP512r1, NID_brainpoolP512t1 #endif }; }; builtin_curves::builtin_curves() { int i, num_curves = EC_get_builtin_curves(NULL, 0); EC_builtin_curve *curves = (EC_builtin_curve*)OPENSSL_malloc( (int)(sizeof(EC_builtin_curve) *num_curves)); check_oom(curves); BIGNUM *order = BN_new(); check_oom(order); EC_get_builtin_curves(curves, num_curves); for (i=0; i < num_curves; i++) { int flag = 0, nid = curves[i].nid; unsigned long type = 0; if (rfc5480_curve_nids().contains(nid)) flag = CURVE_RFC5480; else if (x962_curve_nids().contains(nid)) flag = CURVE_X962; else if (other_curve_nids().contains(nid)) flag = CURVE_OTHER; else continue; EC_GROUP *group = EC_GROUP_new_by_curve_name(nid); EC_GROUP_get_order(group, order, NULL); switch (EC_METHOD_get_field_type(EC_GROUP_method_of(group))) { case NID_X9_62_prime_field: type = CKF_EC_F_P; break; case NID_X9_62_characteristic_two_field: type = CKF_EC_F_2M; break; default: continue; } #undef PRINT_KNOWN_CURVES #ifdef PRINT_KNOWN_CURVES qDebug() << QString(curves[i].comment).leftJustified(50) << QString(OBJ_nid2sn(nid)).leftJustified(27) << OBJ_obj2QString(OBJ_nid2obj(nid),1).leftJustified(20) << (type == CKF_EC_F_P ? "Fp" : "F2m"); #endif append(builtin_curve(nid, QString(curves[i].comment), BN_num_bits(order), flag, type)); EC_GROUP_free(group); } BN_free(order); } #else builtin_curves::builtin_curves() { } #endif xca-RELEASE.2.2.1/lib/asn1time.h0000644000175000017500000000247713614632167015367 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2012, 2018 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __ASN1TIME_H #define __ASN1TIME_H #include #include #include #define SECS_PER_MINUTE (60) #define SECS_PER_HOUR (SECS_PER_MINUTE *60) #define SECS_PER_DAY (SECS_PER_HOUR*24) #define MSECS_PER_MINUTE (SECS_PER_MINUTE*1000) #define MSECS_PER_HOUR (SECS_PER_HOUR*1000) class a1time : public QDateTime { private: ASN1_TIME *atime; int from_asn1(const ASN1_TIME *a); int set_asn1(const QString &str, int type); public: a1time(); a1time(const QDateTime &a); a1time(const ASN1_TIME *a); a1time(const a1time &a); a1time(const QString &plain); a1time &operator = (const a1time &a); ~a1time(); a1time &set(const ASN1_TIME *a); int fromPlain(const QString &plain); a1time &setUndefined(); bool isUndefined() const; QString toString(QString fmt, Qt::TimeSpec spec = Qt::UTC) const; QString toPretty() const; QString toPrettyGMT() const; QString toPlain(const QString &fmt = QString()) const; QString toPlainUTC() const; QString toSortable() const; QString toFancy() const; QString isoLocalDate() const; ASN1_TIME *get(); ASN1_TIME *get_utc(); static QDateTime now(int delta = 0); QByteArray i2d(); void d2i(QByteArray &ba); qint64 age() const; }; #endif xca-RELEASE.2.2.1/lib/base.h0000644000175000017500000000241113614632167014544 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __BASE_H #define __BASE_H #define QT_NO_CAST_TO_ASCII 1 #ifndef PACKAGE_NAME #define XCA_TITLE "X Certificate and Key management" #else #define XCA_TITLE PACKAGE_NAME #endif #include #include #ifndef QMAKE #include "local.h" #else #define PREFIX "/usr/local" #define ETC "/etc" #define DOCDIR "/usr/local/doc/xca" #endif #define CCHAR(x) qPrintable(x) #endif #define C_FILE ((strrchr(__FILE__, '/') ? : __FILE__- 1) + 1) #define TRACE qDebug("File: %s Func: %s Line: %d", C_FILE, __func__, __LINE__); #if (QT_VERSION >= QT_VERSION_CHECK(5, 0, 0)) #define nativeSeparator(s) QDir::toNativeSeparators(s) #else #define nativeSeparator(s) QDir::convertSeparators(s) #endif #define ARRAY_SIZE(x) (sizeof(x)/sizeof((x)[0])) #define MIN(a,b) ((a)<(b)) ? (a) : (b) #if Q_BYTE_ORDER == Q_BIG_ENDIAN #define xhtonl(x) (x) #define xntohl(x) (x) #define xhtons(x) (x) #define xntohs(x) (x) #elif Q_BYTE_ORDER == Q_LITTLE_ENDIAN #define xhtonl(x) (__builtin_bswap32(x)) #define xntohl(x) (__builtin_bswap32(x)) #define xhtons(x) (__builtin_bswap16(x)) #define xntohs(x) (__builtin_bswap16(x)) #else # error "What kind of system is this?" #endif xca-RELEASE.2.2.1/lib/settings.h0000644000175000017500000000332613614632167015500 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2018 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __SETTINGS_H #define __SETTINGS_H #include #include #include #include class settings; class svalue { private: settings *setting; QString key; QString get() const; void set(const QString &val); public: svalue(settings *s, const QString &k); QStringList split(QString sep) { return get().split(sep); } bool empty() { return get().isEmpty(); } const QString &operator = (const QString &val) { set(val); return val; } int operator = (int val) { set(QString("%1").arg(val)); return val; } unsigned operator = (unsigned val) { set(QString("%1").arg(val)); return val; } bool operator = (bool val) { set(QString(val ? "yes" : "no")); return val; } enum Qt::CheckState operator = (enum Qt::CheckState val) { set(QString(val == Qt::Checked ? "yes" : "no")); return val; } operator QString() { return get(); } operator int() { return get().toInt(); } operator unsigned() { return get().toUInt(); } operator bool() { return get() == "yes"; } operator enum Qt::CheckState() { return get() == "yes" ? Qt::Checked : Qt::Unchecked; } }; class settings { friend class svalue; private: bool loaded; QStringList db_keys, hostspecific; QMap values; QMap defaul; void load_settings(); QString get(QString key); void set(QString key, QString value); void setAction(const QString &key, const QString &value); public: settings(); void clear(); QString defaults(const QString &key); svalue operator[] (QString x) { return svalue(this, x); } }; extern settings Settings; #endif xca-RELEASE.2.2.1/lib/pki_scard.h0000644000175000017500000000473413614632167015603 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2009 - 2011 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_SCARD_H #define __PKI_SCARD_H #include #include #include #include "pkcs11.h" #include "pki_key.h" #define VIEW_tokens_card_manufacturer 10 #define VIEW_tokens_card_serial 11 #define VIEW_tokens_card_model 12 #define VIEW_tokens_card_label 13 #define VIEW_tokens_slot_label 14 #define VIEW_tokens_object_id 15 class pki_scard: public pki_key { Q_OBJECT protected: QString card_serial; QString card_manufacturer; QString card_model; QString card_label; QString slot_label; QString object_id; QList mech_list; void init(void); public: pki_scard(const QString name); virtual ~pki_scard(); static QPixmap *icon[1]; void load_token(pkcs11 &p11, CK_OBJECT_HANDLE object); bool prepare_card(slotid *slot) const; bool find_key_on_card(slotid *slot) const; void fromData(const unsigned char *p, db_header_t *head); QString getTypeString(void) const; QString getManufacturer() const { return card_manufacturer; } QString getSerial() const { return card_serial; } QString getModel() const { return card_model; } QString getLabel() const { return slot_label; } void updateLabel(QString label); QString getId() const { return object_id; } pk11_attr_data getIdAttr() const; QString getCardLabel() const { return card_label; } EVP_PKEY *decryptKey() const; QString scardLogin(pkcs11 &p11, bool so, bool force=false)const; void changePin(); void initPin(); void changeSoPin(); int verify(); bool isToken(); QVariant getIcon(const dbheader *hd) const; QList getMech_list() { return mech_list; } pk11_attlist objectAttributes(bool priv) const; pk11_attlist objectAttributesNoId(EVP_PKEY *pk, bool priv) const; void setMech_list(QList ml) { mech_list = ml; }; QList possibleHashNids(); EVP_PKEY *load_pubkey(pkcs11 &p11, CK_OBJECT_HANDLE object) const; void generateKey_card(int type, slotid slot, int size, int curve_nid, QProgressBar *bar); void deleteFromToken(); void deleteFromToken(slotid slot); void store_token(slotid slot, EVP_PKEY *pkey); int renameOnToken(slotid slot, QString name); QString getMsg(msg_type msg) const; bool visible() const; QSqlError insertSqlData(); QSqlError deleteSqlData(); void restoreSql(const QSqlRecord &rec); }; #endif xca-RELEASE.2.2.1/lib/db_token.cpp0000644000175000017500000000257113614632167015761 0ustar tewardteward #include "db_token.h" #include "exception.h" #include "pki_scard.h" #include "sql.h" #include "widgets/MainWindow.h" db_token::db_token(MainWindow *mw) :db_base(mw) { class_name = "manageTokens"; updateHeaders(); } void db_token::saveHeaderState() { } void db_token::rename_token_in_database(pki_scard *token) { if (!token) return; Transaction; if (!TransBegin()) return; QList list = sqlSELECTpki( QString("SELECT item FROM tokens " "WHERE card_serial=? AND card_model=? and object_id=?"), QList() << QVariant(token->getSerial()) << QVariant(token->getModel()) << QVariant(token->getId())); foreach(pki_scard *item, list) { if (token->compare(item)) item->updateLabel(token->getIntName()); } TransCommit(); } bool db_token::setData(const QModelIndex &index, const QVariant &value, int role) { QString on, nn; pki_base *item; if (index.isValid() && role == Qt::EditRole) { nn = value.toString(); item = static_cast(index.internalPointer()); on = item->getIntName(); if (on == nn) return true; try { if (item->renameOnToken(slot, nn)) { item->setIntName(nn); rename_token_in_database( dynamic_cast(item)); emit dataChanged(index, index); return true; } } catch (errorEx &err) { mainwin->Error(err); } } return false; } xca-RELEASE.2.2.1/lib/sql.cpp0000644000175000017500000001114413614632167014767 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2017 Christian Hohnstaedt. * * All rights reserved. */ #include #include #include "base.h" #include "sql.h" #include "settings.h" #include "widgets/MainWindow.h" int DbTransaction::mutex; int DbTransaction::error; bool DbTransaction::hasTransaction; QList DbTransaction::items; quint64 DbTransaction::DatabaseStamp; void DbTransaction::debug(const char *func, const char *file, int line) { qDebug() << QString("%1(%2) Transaction: %3 Level %4, E:%5 ") .arg(file + QString(file).lastIndexOf("/") +1) .arg(line).arg(func).arg(mutex).arg(error); } DbTransaction::DbTransaction() { has_begun = false; } DbTransaction::~DbTransaction() { if (has_begun) rollback("Destructor", 0); } bool DbTransaction::begin(const char *file, int line) { mutex++; has_begun = true; debug("Begin", file, line); if (mutex > 1 || !hasTransaction) return true; QSqlDatabase db = QSqlDatabase::database(); bool ret = db.transaction(); if (!ret) MainWindow::dbSqlError(db.lastError()); return ret; } bool DbTransaction::finish(const char *oper, const char *file, int line) { if (!has_begun) return true; if (mutex > 0) mutex--; else qCritical() << "Unbalanced DB Transaction in " << oper; debug(oper, file, line); has_begun = false; if (mutex > 0) return true; QSqlDatabase db = QSqlDatabase::database(); if (error) { error = 0; items.clear(); return db.rollback(); } mutex++; XSqlQuery q; SQL_PREPARE(q, "SELECT MAX(stamp) +1 from items"); q.exec(); if (q.first()) DatabaseStamp = q.value(0).toULongLong(); SQL_PREPARE(q, "UPDATE items SET stamp=? WHERE stamp=0"); q.bindValue(0, DatabaseStamp); q.exec(); SQL_PREPARE(q, "UPDATE items SET stamp=? WHERE id=?"); q.bindValue(0, DatabaseStamp); foreach(quint64 id, DbTransaction::items) { q.bindValue(1, id); q.exec(); } mutex--; items.clear(); bool ret = db.commit(); if (!ret) MainWindow::dbSqlError(db.lastError()); return ret; } bool DbTransaction::commit(const char *file, int line) { return finish("Commit", file, line); } bool DbTransaction::rollback(const char *file, int line) { error++; return finish("Rollback", file, line); } bool DbTransaction::done(QSqlError e, const char *file, int line) { return e.isValid() ? rollback(file, line) : commit(file, line); } QString XSqlQuery::table_prefix; int XSqlQuery::schemaVersion() { qDebug() << "table_prefix:" << table_prefix;; return QSqlDatabase::database().tables() .contains(table_prefix + "settings") ? Settings["schema"] : 0; } QString XSqlQuery::rewriteQuery(QString _q) { static const QStringList tables { "items" , "crls" , "private_keys" , "public_keys" , "tokens" , "token_mechanism" , "templates" , "certs" , "authority" , "revocations" , "requests" , "x509super" , "settings" , "view_public_keys" , "view_certs" , "view_requests" , "view_crls" , "view_templates" , "view_private", }; lastq = query = _q; if (table_prefix.isEmpty()) return query; QString m = tables.join("|") + "|i_" + tables.join("|i_"); m = QString("\\b(%1)").arg(m); query = query.replace(QRegExp(m), table_prefix + "\\1"); return query; } QString XSqlQuery::query_details() { QString lq = lastq; QList list = boundValues().values(); QStringList sl; if (query != lastq) { lq = QString("%1 (PREFIX[%2]: %3)").arg(lastq) .arg(table_prefix).arg(query); } for (int i = 0; i < list.size(); ++i) sl << list.at(i).toString(); if (sl.size()) lq += QString("[%1]").arg(sl.join(", ")); return QString("%1:%2 (%3)").arg(file).arg(line).arg(lq); } QSqlError XSqlQuery::lastError() { QSqlError e = QSqlQuery::lastError(); if (!e.isValid()) return e; QString dt = e.driverText(); e.setDriverText(QString("%1 - %2").arg(dt).arg(query_details())); return e; } XSqlQuery::XSqlQuery() : QSqlQuery() { } XSqlQuery::XSqlQuery(QString q) : QSqlQuery() { exec(q); } bool XSqlQuery::exec(QString q) { q = rewriteQuery(q); file = ""; line = 0; return QSqlQuery::exec(q); } bool XSqlQuery::exec() { QString res; setForwardOnly(true); bool r = QSqlQuery::exec(); if (isSelect()) { res = QString("Rows selected: %1").arg(size()); } else { res = QString("Rows affected: %1").arg(numRowsAffected()); if (!DbTransaction::active()) { qCritical("########## MISSING Transaction in %s(%d)", file, line); } } qDebug() << QString("QUERY: %1 - %2").arg(query_details()).arg(res); return r; } bool XSqlQuery::prepare(QString q) { q = rewriteQuery(q); setForwardOnly(true); return QSqlQuery::prepare(q); } void XSqlQuery::location(const char *f, int l) { file = f + QString(f).lastIndexOf("/") +1; line = l; } xca-RELEASE.2.2.1/lib/headerlist.h0000644000175000017500000001252013614632167015760 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2010 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __HEADERLIST_H #define __HEADERLIST_H #include #include #include #include #include #include #include "db.h" #include "settings.h" #include "func.h" #define HD_undef NID_undef #define HD_internal_name -2 #define HD_subject_name -3 #define HD_subject_hash -4 #define HD_x509key_name -5 #define HD_counter -6 #define HD_x509_sigalg -7 #define HD_creation -8 #define HD_comment -9 #define HD_source -100 #define HD_primary_key -101 #define HD_cert_serial -10 #define HD_cert_notBefore -11 #define HD_cert_notAfter -12 //#define HD_cert_trust -13 #define HD_cert_revocation -14 #define HD_cert_ca -15 #define HD_cert_md5fp -16 #define HD_cert_sha1fp -17 #define HD_cert_sha256fp -18 #define HD_cert_crl_expire -19 #define HD_req_signed -20 #define HD_req_unstr_name -21 #define HD_req_chall_pass -22 #define HD_req_certs -23 //#define HD_temp_type -30 #define HD_crl_signer -40 #define HD_crl_revoked -42 #define HD_crl_lastUpdate -43 #define HD_crl_nextUpdate -44 #define HD_crl_crlnumber -45 #define HD_key_type -50 #define HD_key_size -51 #define HD_key_use -52 #define HD_key_passwd -53 #define HD_key_curve -54 class dbheader { protected: void init() { id = HD_undef; action = NULL; show = showDefault = false; size = -1; visualIndex = -1; sortIndicator = -1; type = hd_default; } QString name, tooltip; public: enum hdr_type { hd_default, hd_x509name, hd_v3ext, hd_v3ext_ns, hd_number, hd_asn1time, }; int id; bool show; bool showDefault; virtual QString getName() { return name; } virtual QString getTooltip() { return tooltip; } QAction *action; int size; int visualIndex; int sortIndicator; enum hdr_type type; dbheader(QString aname = QString()) { init(); name = aname; } dbheader(int aid, bool ashow = false, QString aname = QString(), QString atip = QString()) { init(); id = aid; name = aname; tooltip = atip; show = showDefault = ashow; } virtual ~dbheader() { } bool mustSave() { return size != -1 || visualIndex != -1 || sortIndicator != -1 || show != showDefault; } bool operator == (const dbheader *h) const { if (h->id == HD_undef) return name == h->name; return id == h->id; } bool isNumeric() { switch (id) { case NID_subject_key_identifier: case NID_authority_key_identifier: return true; } return type == hd_number; } QString toData() { QStringList sl; sl << QString::number(visualIndex) << QString::number(sortIndicator) << QString::number(size) << QString::number(show); return sl.join(" "); } void fromData(QString s) { QStringList sl = s.split(" "); if (sl.count() != 4) { qCritical() << "Invalid header data for" << id << name << s; return; } visualIndex = sl[0].toInt(); if (visualIndex < -1) visualIndex = -1; sortIndicator = sl[1].toInt(); if (sortIndicator != Qt::AscendingOrder && sortIndicator != Qt::DescendingOrder) sortIndicator = -1; size = sl[2].toInt(); if (size == 0) size = -1; show = sl[3].toInt(); } void setupHeaderView(int sect, QHeaderView *hv) { hv->setSectionHidden(sect, !show); if (size != -1) hv->resizeSection(sect, size); if (sortIndicator != -1) { hv->setSortIndicator(sect, sortIndicator ? Qt::DescendingOrder : Qt::AscendingOrder); } } void reset() { action = NULL; show = showDefault; size = -1; visualIndex = -1; sortIndicator = -1; } }; class nid_dbheader : public dbheader { private: QString sn; public: nid_dbheader(int aid, enum hdr_type atype) : dbheader(aid, aid == NID_commonName) { type = atype; tooltip = dn_translations[id]; name = OBJ_nid2ln(id); sn = OBJ_nid2sn(id); if (tooltip.isEmpty()) tooltip = name; } QString getName() { return Settings["translate_dn"] ? tooltip : name; } QString getTooltip() { return QString("[%1] %2").arg(sn) .arg(Settings["translate_dn"] ? name : tooltip); } }; class num_dbheader : public dbheader { public: num_dbheader(int aid, bool ashow = false, QString aname = QString(), QString atip = QString()) : dbheader(aid, ashow, aname, atip) { type = hd_number; } }; class date_dbheader : public dbheader { public: date_dbheader(int aid, bool ashow = false, QString aname = QString(), QString atip = QString()) : dbheader(aid, ashow, aname, atip) { type = hd_asn1time; } }; class dbheaderList: public QList { public: dbheaderList(dbheader *h) :QList() { append(h); } dbheaderList() :QList() { } QString toData() { QStringList sl; for (int i=0; imustSave()) continue; seq << QString("%1").arg(h->id); if (h->id > 0) { seq << OBJ_obj2QString( OBJ_nid2obj(h->id), 1); } seq << h->toData(); sl << seq.join(":"); } return sl.join(","); } void fromData(QString s) { QStringList sl = s.split(","); foreach(QString hd, sl) { QStringList sl1 = hd.split(":"); int id = sl1.takeFirst().toInt(); if (id > 0) { id = OBJ_txt2nid(CCHAR(sl1.takeFirst())); } for (int i=0; iid == id) { h->fromData(sl1.takeFirst()); break; } } } } }; #endif xca-RELEASE.2.2.1/lib/pkcs11.cpp0000644000175000017500000007231013614632167015274 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2009 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "pkcs11_lib.h" #include "pkcs11.h" #include "pk11_attribute.h" #include "exception.h" #include "db_base.h" #include "func.h" #include "pass_info.h" #include "Passwd.h" #include "entropy.h" #include #include #include #include #include #include #include "ui_SelectToken.h" #include "widgets/PwDialog.h" #include "openssl_compat.h" pkcs11_lib_list pkcs11::libs; pkcs11::pkcs11() { session = CK_INVALID_HANDLE; p11obj = CK_INVALID_HANDLE; } pkcs11::~pkcs11() { if (session != CK_INVALID_HANDLE && p11slot.p11()) { CK_RV rv; CALL_P11_C(p11slot.lib, C_CloseSession, session); (void)rv; } } pkcs11_lib *pkcs11::load_lib(const QString &fname) { if (fname.isEmpty()) return NULL; return libs.add_lib(fname); } void pkcs11::reload_libs(const QString &libnames) { QMap store; if (libnames.isEmpty()) { remove_libs(); return; } for (pkcs11_lib_list::iterator i = libs.begin(); i != libs.end(); ++i) store[(*i)->filename()] = *i; libs.clear(); foreach(QString name, libnames.split('\n')) { bool enable; QString n = pkcs11_lib::name2File(name, &enable); pkcs11_lib *l = store.take(n); if (l) { if (enable == l->isEnabled()) { libs.append(l); } else { delete l; l = NULL; } } // NOT else if (!l) l = load_lib(name); qDebug() << "REORDER:" << n << name << "Enabled:" << l->isEnabled() << "Loaded:" << l->isLoaded() << "Should:" << enable; } qDebug() << "Delete remainig Libs start"; qDeleteAll(store.begin(), store.end()); qDebug() << "Delete remainig Libs done"; } void pkcs11::startSession(slotid slot, bool rw) { CK_RV rv; unsigned long flags = CKF_SERIAL_SESSION | (rw ? CKF_RW_SESSION : 0); if (session != CK_INVALID_HANDLE) { CALL_P11_C(slot.lib, C_CloseSession, session); session = CK_INVALID_HANDLE; if (rv != CKR_OK) pk11error(slot, "C_CloseSession", rv); } CALL_P11_C(slot.lib, C_OpenSession, slot.id, flags, NULL, NULL, &session); if (rv != CKR_OK) pk11error(slot, "C_OpenSession", rv); p11slot = slot; } void pkcs11::getRandom() { CK_BYTE buf[64]; CK_ULONG len = sizeof buf; CK_RV rv; if (Entropy::get(buf, len)) { CALL_P11_C(p11slot.lib, C_SeedRandom, session, buf, len); } CALL_P11_C(p11slot.lib, C_GenerateRandom, session, buf, len); if (rv == CKR_OK) Entropy::add_buf(buf, len); else qDebug("C_GenerateRandom: %s", pk11errorString(rv)); } QList pkcs11::mechanismList(slotid slot) { CK_RV rv; CK_MECHANISM_TYPE *m; QList ml; unsigned long count; CALL_P11_C(slot.lib, C_GetMechanismList, slot.id, NULL, &count); if (count != 0) { m = (CK_MECHANISM_TYPE *)malloc(count *sizeof(*m)); check_oom(m); CALL_P11_C(slot.lib, C_GetMechanismList, slot.id, m, &count); if (rv != CKR_OK) { free(m); pk11error(slot, "C_GetMechanismList", rv); } for (unsigned i=0; ilogin(NULL, 0, so); } catch (errorEx &e) { err = e; } } }; static QDialog *newPinPadBox() { QDialog *box = new QDialog(NULL, Qt::WindowStaysOnTopHint); box->setWindowTitle(XCA_TITLE); QHBoxLayout *h = new QHBoxLayout(box); QLabel *l = new QLabel(); l->setPixmap(*MainWindow::scardImg); l->setMaximumSize(QSize(95, 40)); l->setScaledContents(true); h->addWidget(l); l = new QLabel(QObject::tr("Please enter the PIN on the PinPad")); h->addWidget(l); return box; } QString pkcs11::tokenLogin(QString name, bool so, bool force) { Passwd pin; bool need_login; QString text = so ? QObject::tr("Please enter the SO PIN (PUK) of the token %1"): QObject::tr("Please enter the PIN of the token %1"); pass_info p(XCA_TITLE, text.arg(name)); p.setPin(); need_login = needsLogin(so); if (force || need_login) { if (!need_login) logout(); if (tokenInfo().protAuthPath()) { pin.clear(); QDialog *pinpadbox = newPinPadBox(); pinpadbox->show(); pinPadLoginThread ppt(this, so); ppt.start(); while(!ppt.wait(20)) { qApp->processEvents(); pinpadbox->raise(); } delete pinpadbox; if (!ppt.err.isEmpty()) throw errorEx(ppt.err); } else { if (PwDialog::execute(&p, &pin, false) != 1) return QString(); } login(pin.constUchar(), pin.size(), so); } else { return QString(""); } return QString(pin); } bool pkcs11::selectToken(slotid *slot, QWidget *w) { slotidList p11_slots = getSlotList(); QStringList slotnames; QList slotsWithToken; for (int i = 0; i < p11_slots.count(); i++) { try { tkInfo info = tokenInfo(p11_slots[i]); slotsWithToken.append(i); slotnames << QString("%1 (#%2)"). arg(info.label()).arg(info.serial()); } catch (errorEx &e) { if (e.info != CKR_TOKEN_NOT_PRESENT) { XCA_WARN(QString("Error: %1").arg(e.getString())); } } } switch (slotnames.count()) { case 0: XCA_WARN(QObject::tr("No Security token found")); return false; case 1: *slot = p11_slots[slotsWithToken[0]]; return true; } Ui::SelectToken ui; QDialog *select_slot = new QDialog(w); ui.setupUi(select_slot); ui.image->setPixmap(*MainWindow::scardImg); ui.tokenBox->addItems(slotnames); ui.buttonBox->button(QDialogButtonBox::Ok)->setText(QObject::tr("Select")); select_slot->setWindowTitle(XCA_TITLE); if (select_slot->exec() == 0) { delete select_slot; return false; } int selected = ui.tokenBox->currentIndex(); *slot = p11_slots[slotsWithToken[selected]]; delete select_slot; return true; } void pkcs11::setPin(unsigned char *oldPin, unsigned long oldPinLen, unsigned char *pin, unsigned long pinLen) { CK_RV rv; p11slot.isValid(); CALL_P11_C(p11slot.lib, C_SetPIN, session, oldPin, oldPinLen, pin, pinLen); if (rv != CKR_OK) pk11error("C_SetPIN", rv); } static QString newSoPinTxt = QObject::tr( "Please enter the new SO PIN (PUK) for the token: '%1'"); static QString newPinTxt = QObject::tr( "Please enter the new PIN for the token: '%1'"); void pkcs11::changePin(slotid slot, bool so) { Passwd newPin, pinp; QString pin; startSession(slot, true); tkInfo ti = tokenInfo(); if (ti.protAuthPath()) { setPin(NULL, 0, NULL, 0); return; } pin = tokenLogin(ti.label(), so, true); if (pin.isNull()) return; QString msg = so ? newSoPinTxt : newPinTxt; pass_info p(XCA_TITLE, msg.arg(ti.label()) + "\n" + ti.pinInfo()); p.setPin(); if (PwDialog::execute(&p, &newPin, true) == 1) { pinp = pin.toLatin1(); setPin(pinp.constUchar(), pinp.size(), newPin.constUchar(), newPin.size()); } logout(); } void pkcs11::initPin(slotid slot) { Passwd newPin, pinp; int ret = 1; QString pin; startSession(slot, true); tkInfo ti = tokenInfo(); pin = tokenLogin(ti.label(), true, false); if (pin.isNull()) return; pass_info p(XCA_TITLE, newPinTxt.arg(ti.label()) + "\n" + ti.pinInfo()); p.setPin(); if (!ti.protAuthPath()) { ret = PwDialog::execute(&p, &newPin, true); pinp = newPin; } p11slot.isValid(); if (ret == 1) { CK_RV rv; CALL_P11_C(p11slot.lib, C_InitPIN, session, pinp.constUchar(), pinp.size()); if (rv != CKR_OK) pk11error("C_InitPIN", rv); } logout(); } void pkcs11::initToken(slotid slot, unsigned char *pin, int pinlen, QString label) { CK_RV rv; unsigned char clabel[32]; QByteArray ba = label.toUtf8().left(32); memset(clabel, ' ', 32); memcpy(clabel, ba.constData(), ba.size()); CALL_P11_C(slot.lib, C_InitToken, slot.id, pin, pinlen, clabel); if (rv != CKR_OK) pk11error(slot, "C_InitToken", rv); } tkInfo pkcs11::tokenInfo(slotid slot) { CK_TOKEN_INFO token_info; CK_RV rv; CALL_P11_C(slot.lib, C_GetTokenInfo, slot.id, &token_info); if (rv != CKR_OK) { pk11error(slot, "C_GetTokenInfo", rv); } return tkInfo(&token_info); } void pkcs11::loadAttribute(pk11_attribute &attribute, CK_OBJECT_HANDLE object) { p11slot.isValid(); attribute.load(p11slot, session, object); } void pkcs11::storeAttribute(pk11_attribute &attribute, CK_OBJECT_HANDLE object) { p11slot.isValid(); attribute.store(p11slot, session, object); } CK_OBJECT_HANDLE pkcs11::createObject(pk11_attlist &attrs) { CK_RV rv; CK_OBJECT_HANDLE obj; p11slot.isValid(); CALL_P11_C(p11slot.lib, C_CreateObject, session, attrs.getAttributes(), attrs.length(), &obj); if (rv != CKR_OK) { pk11error("C_CreateObject", rv); } return obj; } int pkcs11::deleteObjects(QList objects) { CK_RV rv; p11slot.isValid(); for (int i=0; i< objects.count(); i++) { CALL_P11_C(p11slot.lib, C_DestroyObject, session, objects[i]); if (rv != CKR_OK) { pk11error("C_DestroyObject", rv); } } return objects.count(); } #define ID_LEN 8 pk11_attr_data pkcs11::findUniqueID(unsigned long oclass) { pk11_attr_data id(CKA_ID); pk11_attr_ulong class_att(CKA_CLASS, oclass); while (1) { unsigned char buf[ID_LEN]; pk11_attlist atts(class_att); RAND_bytes(buf, ID_LEN); id.setValue(buf, ID_LEN); atts << id; if (objectList(atts).count() == 0) break; } return id; } pk11_attr_data pkcs11::generateKey(QString name, unsigned long mech, unsigned long bits, int nid) { #ifdef OPENSSL_NO_EC (void)nid; #endif CK_RV rv; CK_OBJECT_HANDLE pubkey, privkey, dsa_param_obj; pk11_attlist priv_atts, pub_atts, dsa_param; CK_MECHANISM mechanism = {mech, NULL_PTR, 0}; pk11_attr_data label(CKA_LABEL, name.toUtf8()); pk11_attr_data new_id = findUniqueID(CKO_PUBLIC_KEY); pub_atts << label << new_id << pk11_attr_ulong(CKA_CLASS, CKO_PUBLIC_KEY) << pk11_attr_bool(CKA_TOKEN, true) << pk11_attr_bool(CKA_PRIVATE, false) << pk11_attr_bool(CKA_ENCRYPT, true) << pk11_attr_bool(CKA_VERIFY, true) << pk11_attr_bool(CKA_WRAP, true); priv_atts << label << new_id << pk11_attr_ulong(CKA_CLASS, CKO_PRIVATE_KEY) << pk11_attr_bool(CKA_TOKEN, true) << pk11_attr_bool(CKA_PRIVATE, true) << pk11_attr_bool(CKA_SENSITIVE, true) << pk11_attr_bool(CKA_DECRYPT, true) << pk11_attr_bool(CKA_SIGN, true) << pk11_attr_bool(CKA_UNWRAP, true); QString mID = tokenInfo().manufacturerID(); switch (mech) { case CKM_RSA_PKCS_KEY_PAIR_GEN: pub_atts << pk11_attr_ulong(CKA_MODULUS_BITS, bits) << pk11_attr_data(CKA_PUBLIC_EXPONENT, 0x10001); break; case CKM_DSA_KEY_PAIR_GEN: { //DSA: Spec Page 191 (175) C_GenerateKey CK_MECHANISM mechanism = {CKM_DSA_PARAMETER_GEN, NULL_PTR, 0}; // nCipher Attributes // as on 10/26/2015 - Thales' PKCS11 provider has // issue to generate Domain Parameters bool token = true; if (mID == "nCipher Corp. Ltd") token = false; dsa_param << label << pk11_attr_ulong(CKA_CLASS, CKO_DOMAIN_PARAMETERS) << pk11_attr_ulong(CKA_KEY_TYPE, CKK_DSA) << pk11_attr_bool(CKA_TOKEN, token) << pk11_attr_bool(CKA_PRIVATE, false) << pk11_attr_ulong(CKA_PRIME_BITS, bits); p11slot.isValid(); CALL_P11_C(p11slot.lib, C_GenerateKey, session, &mechanism, dsa_param.getAttributes(), dsa_param.length(), &dsa_param_obj); if (rv != CKR_OK) pk11error("C_GenerateKey(DSA_PARAMETER)", rv); pk11_attr_data p(CKA_PRIME), q(CKA_SUBPRIME), g(CKA_BASE); loadAttribute(p, dsa_param_obj); loadAttribute(q, dsa_param_obj); loadAttribute(g, dsa_param_obj); pub_atts << p << q << g; break; } #ifndef OPENSSL_NO_EC case CKM_EC_KEY_PAIR_GEN: { CK_MECHANISM_INFO info; mechanismInfo(p11slot, CKM_EC_KEY_PAIR_GEN, &info); EC_GROUP *group = EC_GROUP_new_by_curve_name(nid); EC_GROUP_set_asn1_flag(group, info.flags & CKF_EC_NAMEDCURVE ? OPENSSL_EC_NAMED_CURVE : 0); // Workaround for "www.CardContact.de" bug if (mID == "www.CardContact.de") { EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE); } priv_atts << pk11_attr_bool(CKA_DERIVE, false); pub_atts << pk11_attr_data(CKA_EC_PARAMS, i2d_bytearray(I2D_VOID(i2d_ECPKParameters), group)); EC_GROUP_free(group); break; } #endif default: throw errorEx(("Unsupported Key generation mechanism")); } p11slot.isValid(); CALL_P11_C(p11slot.lib, C_GenerateKeyPair, session, &mechanism, pub_atts.getAttributes(), pub_atts.length(), priv_atts.getAttributes(), priv_atts.length(), &pubkey, &privkey); if (rv != CKR_OK) { pk11error("C_GenerateKeyPair", rv); } return new_id; } QList pkcs11::objectList(pk11_attlist &atts) { CK_RV rv; CK_OBJECT_HANDLE objects[256]; QList list; unsigned long len, i, att_num; CK_ATTRIBUTE *attribute; att_num = atts.get(&attribute); p11slot.isValid(); CALL_P11_C(p11slot.lib, C_FindObjectsInit, session, attribute, att_num); if (rv != CKR_OK) pk11error("C_FindObjectsInit", rv); do { CALL_P11_C(p11slot.lib, C_FindObjects, session, objects, 256, &len); if (rv != CKR_OK) pk11error("C_FindObjects", rv); for (i=0; i= 0x10100000L && ! defined LIBRESSL_VERSION_NUMBER static int rsa_privdata_free(RSA *rsa) { pkcs11 *priv = (pkcs11*)RSA_get_app_data(rsa); delete priv; return 0; } static int rsa_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA * rsa, int padding) { pkcs11 *priv = (pkcs11*)RSA_get_app_data(rsa); const BIGNUM *n = NULL; if (padding != RSA_PKCS1_PADDING) { return -1; } RSA_get0_key(rsa, &n, NULL, NULL); return priv->encrypt(flen, from, to, BN_num_bytes(n), CKM_RSA_PKCS); } static int rsa_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA * rsa, int padding) { pkcs11 *priv = (pkcs11*)RSA_get_app_data(rsa); if (padding != RSA_PKCS1_PADDING) { return -1; } return priv->decrypt(flen, from, to, flen, CKM_RSA_PKCS); } static int dsa_privdata_free(DSA *dsa) { pkcs11 *p11 = (pkcs11*)DSA_get_ex_data(dsa, 0); delete p11; return 0; } static DSA_SIG *dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa) { int len, rs_len; unsigned char rs_buf[128]; pkcs11 *p11 = (pkcs11*)DSA_get_ex_data(dsa, 0); DSA_SIG *dsa_sig = DSA_SIG_new(); BIGNUM *r, *s; // siglen is unsigned and can't cope with -1 as return value len = p11->encrypt(dlen, dgst, rs_buf, sizeof rs_buf, CKM_DSA); if (len & 0x01) // Must be even goto out; rs_len = len / 2; r = BN_bin2bn(rs_buf, rs_len, NULL); s = BN_bin2bn(rs_buf + rs_len, rs_len, NULL); DSA_SIG_set0(dsa_sig, r, s); if (r && s) return dsa_sig; out: DSA_SIG_free(dsa_sig); ign_openssl_error(); return NULL; } #if !defined(OPENSSL_NO_EC) && OPENSSL_VERSION_NUMBER >= 0x10100000L // OpenSSL < 1.0.0 have no EC_KEY_METHOD. static void ec_privdata_free(EC_KEY *ec) { pkcs11 *p11 = (pkcs11*)EC_KEY_get_ex_data(ec, 0); delete p11; } static int ec_sign_setup(EC_KEY *ec, BN_CTX *ctx, BIGNUM **kinvp, BIGNUM **rp) { (void) ec; (void) ctx; (void) kinvp; (void) rp; return 1; } static ECDSA_SIG *ec_do_sign(const unsigned char *dgst, int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *ec) { int len, rs_len; unsigned char rs_buf[512]; ECDSA_SIG *ec_sig = ECDSA_SIG_new(); pkcs11 *p11 = (pkcs11 *) EC_KEY_get_ex_data(ec, 0); BIGNUM *r, *s; (void) in_kinv; (void) in_r; // siglen is unsigned and can' cope with -1 as return value len = p11->encrypt(dgst_len, dgst, rs_buf, sizeof rs_buf, CKM_ECDSA); if (len & 0x01) // Must be even goto out; /* The buffer contains r and s concatenated * Both of equal size * pkcs-11v2-20.pdf chapter 12.13.1, page 232 */ rs_len = len / 2; r = BN_bin2bn(rs_buf, rs_len, NULL); s = BN_bin2bn(rs_buf + rs_len, rs_len, NULL); ECDSA_SIG_set0(ec_sig, r, s); if (r && s) return ec_sig; out: ECDSA_SIG_free(ec_sig); ign_openssl_error(); return NULL; } static int ec_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig, unsigned int *siglen, const BIGNUM *kinv, const BIGNUM *r, EC_KEY *ec) { ECDSA_SIG *ec_sig; int ret = 0; int len; (void) type; ec_sig = ec_do_sign(dgst, dlen, kinv, r, ec); if (!ec_sig) return 0; len = i2d_ECDSA_SIG(ec_sig, &sig); if (len <= 0) goto out; *siglen = len; ret = 1; out: ECDSA_SIG_free(ec_sig); ign_openssl_error(); return ret; } static EC_KEY_METHOD *setup_ec_key_meth() { EC_KEY_METHOD *ec_key_meth; int (*ec_init_proc)(EC_KEY *key); void (*ec_finish_proc)(EC_KEY *key); int (*ec_copy_proc)(EC_KEY *dest, const EC_KEY *src); int (*ec_set_group_proc)(EC_KEY *key, const EC_GROUP *grp); int (*ec_set_private_proc)(EC_KEY *key, const BIGNUM *priv_key); int (*ec_set_public_proc)(EC_KEY *key, const EC_POINT *pub_key); ec_key_meth = EC_KEY_METHOD_new(EC_KEY_get_default_method()); EC_KEY_METHOD_set_sign(ec_key_meth, ec_sign, ec_sign_setup, ec_do_sign); EC_KEY_METHOD_get_init(ec_key_meth, &ec_init_proc, &ec_finish_proc, &ec_copy_proc, &ec_set_group_proc, &ec_set_private_proc, &ec_set_public_proc); EC_KEY_METHOD_set_init(ec_key_meth, ec_init_proc, ec_privdata_free, ec_copy_proc, ec_set_group_proc, ec_set_private_proc, ec_set_public_proc); return ec_key_meth; } #endif EVP_PKEY *pkcs11::getPrivateKey(EVP_PKEY *pub, CK_OBJECT_HANDLE obj) { #if OPENSSL_VERSION_NUMBER < 0x10100000L static RSA_METHOD rsa_meth_buf; static DSA_METHOD dsa_meth_buf; #endif static RSA_METHOD *rsa_meth = NULL; static DSA_METHOD *dsa_meth = NULL; #if !defined(OPENSSL_NO_EC) && OPENSSL_VERSION_NUMBER >= 0x10100000L static EC_KEY_METHOD *ec_key_meth = NULL; EC_KEY *ec; #endif RSA *rsa; DSA *dsa; EVP_PKEY *evp = NULL; int keytype; p11slot.isValid(); keytype = EVP_PKEY_id(pub); switch (EVP_PKEY_type(keytype)) { case EVP_PKEY_RSA: rsa = EVP_PKEY_get0_RSA(pub); rsa = RSAPublicKey_dup(rsa); openssl_error(); if (!rsa_meth) { #if OPENSSL_VERSION_NUMBER >= 0x1010000L rsa_meth = RSA_meth_dup(RSA_get_default_method()); RSA_meth_set_priv_enc(rsa_meth, rsa_encrypt); RSA_meth_set_priv_dec(rsa_meth, rsa_decrypt); RSA_meth_set_finish(rsa_meth, rsa_privdata_free); #else rsa_meth = &rsa_meth_buf; *rsa_meth = *RSA_get_default_method(); rsa_meth->rsa_priv_enc = rsa_encrypt; rsa_meth->rsa_priv_dec = rsa_decrypt; rsa_meth->finish = rsa_privdata_free; #endif } p11obj = obj; RSA_set_method(rsa, rsa_meth); RSA_set_app_data(rsa, this); evp = EVP_PKEY_new(); openssl_error(); EVP_PKEY_assign_RSA(evp, rsa); break; case EVP_PKEY_DSA: dsa = EVP_PKEY_get0_DSA(pub); dsa = DSAparams_dup(dsa); openssl_error(); if (!dsa_meth) { #if OPENSSL_VERSION_NUMBER >= 0x10100000L dsa_meth = DSA_meth_dup(DSA_get_default_method()); DSA_meth_set_sign(dsa_meth, dsa_sign); DSA_meth_set_finish(dsa_meth, dsa_privdata_free); #else dsa_meth = &dsa_meth_buf; *dsa_meth = *DSA_get_default_method(); dsa_meth->dsa_do_sign = dsa_sign; dsa_meth->finish = dsa_privdata_free; #endif } p11obj = obj; DSA_set_method(dsa, dsa_meth); DSA_set_ex_data(dsa, 0, this); evp = EVP_PKEY_new(); openssl_error(); EVP_PKEY_assign_DSA(evp, dsa); break; #if !defined(OPENSSL_NO_EC) && OPENSSL_VERSION_NUMBER >= 0x10100000L case EVP_PKEY_EC: ec = EVP_PKEY_get0_EC_KEY(pub); ec = EC_KEY_dup(ec); openssl_error(); if (!ec_key_meth) { ec_key_meth = setup_ec_key_meth(); } p11obj = obj; EC_KEY_set_method(ec, ec_key_meth); EC_KEY_set_ex_data(ec, 0, this); evp = EVP_PKEY_new(); openssl_error(); EVP_PKEY_assign_EC_KEY(evp, ec); break; #endif } return evp; } #else static int eng_idx = -1; static EVP_PKEY_METHOD *p11_rsa_method; static EVP_PKEY_METHOD *p11_dsa_method; #ifndef OPENSSL_NO_EC static EVP_PKEY_METHOD *p11_ec_method; #endif static int eng_finish(ENGINE *e) { pkcs11 *p11 = (pkcs11 *)ENGINE_get_ex_data(e, eng_idx); delete p11; ENGINE_set_ex_data(e, eng_idx, NULL); return 1; } static int eng_pmeth_ctrl_rsa(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { switch (type) { case EVP_PKEY_CTRL_RSA_PADDING: return p1 == RSA_PKCS1_PADDING ? 1 : -2; #ifndef OPENSSL_NO_EC case EVP_PKEY_CTRL_GET_RSA_PADDING: *(int *)p2 = RSA_PKCS1_PADDING; return 1; #endif case EVP_PKEY_CTRL_MD: EVP_PKEY_CTX_set_data(ctx, p2); return 1; case EVP_PKEY_CTRL_DIGESTINIT: return 1; } return -2; } static int eng_pmeth_ctrl_dsa(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { (void)p1; switch (type) { case EVP_PKEY_CTRL_MD: EVP_PKEY_CTX_set_data(ctx, NULL); switch (EVP_MD_type((const EVP_MD *)p2)) { case NID_sha1: case NID_sha256: EVP_PKEY_CTX_set_data(ctx, p2); return 1; } EVP_PKEY_CTX_set_data(ctx, p2); return 0; case EVP_PKEY_CTRL_DIGESTINIT: return 1; } return -2; } #ifndef OPENSSL_NO_EC static int eng_pmeth_ctrl_ec(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { (void)p1; switch (type) { case EVP_PKEY_CTRL_MD: EVP_PKEY_CTX_set_data(ctx, NULL); switch (EVP_MD_type((const EVP_MD *)p2)) { case NID_ecdsa_with_SHA1: qDebug() << __func__ << "NID_ecdsa_with_SHA1 unexpected"; /* fallthrough */ case NID_sha1: case NID_sha224: case NID_sha256: case NID_sha384: case NID_sha512: EVP_PKEY_CTX_set_data(ctx, p2); return 1; } return 0; case EVP_PKEY_CTRL_DIGESTINIT: return 1; } qWarning() << "EC Don't call me" << type; return -2; } #endif static unsigned char *create_x509_sig(EVP_PKEY_CTX *ctx, const unsigned char *m, size_t m_len, unsigned int *x509_siglen) { X509_SIG sig; ASN1_TYPE parameter; X509_ALGOR algor; ASN1_OCTET_STRING digest; EVP_MD *md = (EVP_MD *)EVP_PKEY_CTX_get_data(ctx); int i; unsigned char *p, *tmps; *x509_siglen = 0; sig.algor = &algor; sig.algor->algorithm = OBJ_nid2obj(EVP_MD_type(md)); if (!sig.algor->algorithm) return NULL; if (sig.algor->algorithm->length == 0) return NULL; parameter.type=V_ASN1_NULL; parameter.value.ptr = NULL; sig.algor->parameter= ¶meter; sig.digest = &digest; sig.digest->data = (unsigned char *)m; sig.digest->length = (unsigned int)m_len; i = i2d_X509_SIG(&sig, NULL); if (i <= 0) return NULL; p = tmps = (unsigned char *)malloc(i); check_oom(tmps); if (i2d_X509_SIG(&sig, &p) <= 0) { free(tmps); return NULL; } *x509_siglen = i; return tmps; } static int eng_pmeth_sign_rsa(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, const unsigned char *tbs, size_t tbslen) { EVP_PKEY *pkey; unsigned int x509_len; unsigned char *sigbuf; int len; sigbuf = create_x509_sig(ctx, tbs, tbslen, &x509_len); pkey = EVP_PKEY_CTX_get0_pkey(ctx); if (EVP_PKEY_type(pkey->type) != EVP_PKEY_RSA) return -1; if ((int)x509_len > (RSA_size(pkey->pkey.rsa) - RSA_PKCS1_PADDING_SIZE)) return -1; pkcs11 *p11 = (pkcs11 *)ENGINE_get_ex_data(pkey->engine, eng_idx); // siglen is unsigned and can't cope with -1 as return value len = p11->encrypt(x509_len, sigbuf, sig, *siglen, CKM_RSA_PKCS); *siglen = len; free(sigbuf); return (len < 0) ? -1 : 1; } static int eng_pmeth_sign_dsa(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, const unsigned char *tbs, size_t tbslen) { EVP_PKEY *pkey; int len, rs_len, ret = -1; unsigned char rs_buf[128]; DSA_SIG *dsa_sig = DSA_SIG_new(); pkey = EVP_PKEY_CTX_get0_pkey(ctx); if (EVP_PKEY_type(pkey->type) != EVP_PKEY_DSA) return -1; pkcs11 *p11 = (pkcs11 *)ENGINE_get_ex_data(pkey->engine, eng_idx); // siglen is unsigned and can't cope with -1 as return value len = p11->encrypt(tbslen, tbs, rs_buf, sizeof rs_buf, CKM_DSA); if (len & 0x01) // Must be even goto out; rs_len = len/2; dsa_sig->r = BN_bin2bn(rs_buf, rs_len, NULL); dsa_sig->s = BN_bin2bn(rs_buf + rs_len, rs_len, NULL); if (!dsa_sig->s || !dsa_sig->r) goto out; len = i2d_DSA_SIG(dsa_sig, &sig); openssl_error(); if (len <= 0) goto out; *siglen = len; ret = 1; out: DSA_SIG_free(dsa_sig); ign_openssl_error(); return ret; } #ifndef OPENSSL_NO_EC static int eng_pmeth_sign_ec(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, const unsigned char *tbs, size_t tbslen) { int len, rs_len, ret = -1; unsigned char rs_buf[512]; ECDSA_SIG *ec_sig = ECDSA_SIG_new(); EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx); pkcs11 *p11 = (pkcs11 *)ENGINE_get_ex_data(pkey->engine, eng_idx); // siglen is unsigned and can' cope with -1 as return value len = p11->encrypt(tbslen, tbs, rs_buf, sizeof rs_buf, CKM_ECDSA); if (len & 0x01) // Must be even goto out; /* The buffer contains r and s concatenated * Both of equal size * pkcs-11v2-20.pdf chapter 12.13.1, page 232 */ rs_len = len/2; if (!BN_bin2bn(rs_buf, rs_len, ec_sig->r)) goto out; if (!BN_bin2bn(rs_buf + rs_len, rs_len, ec_sig->s)) goto out; len = i2d_ECDSA_SIG(ec_sig, &sig); if (len <= 0) goto out; *siglen = len; ret = 1; out: ECDSA_SIG_free(ec_sig); ign_openssl_error(); return ret; } #endif static int eng_pmeth_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) { void *p = EVP_PKEY_CTX_get_app_data(src); EVP_PKEY_CTX_set_app_data(dst, p); return 1; } static int eng_meths(ENGINE *e, EVP_PKEY_METHOD **m, const int **nids, int nid) { static const int my_nids[] = { EVP_PKEY_EC, EVP_PKEY_RSA }; (void)e; if (m) { switch (nid) { #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: *m = p11_ec_method; return 1; #endif case EVP_PKEY_RSA: *m = p11_rsa_method; return 1; case EVP_PKEY_DSA: *m = p11_dsa_method; return 1; } return 0; } if (nids) { *nids = my_nids; return ARRAY_SIZE(my_nids); } return -1; } EVP_PKEY *pkcs11::getPrivateKey(EVP_PKEY *pub, CK_OBJECT_HANDLE obj) { static ENGINE *e = NULL; if (!e) { e = ENGINE_new(); check_oom(e); ENGINE_set_pkey_meths(e, eng_meths); ENGINE_set_finish_function(e, eng_finish); if (eng_idx == -1) eng_idx = ENGINE_get_ex_new_index(0, NULL, NULL, NULL, 0); ENGINE_set_ex_data(e, eng_idx, NULL); CRYPTO_add(&pub->references, 1, CRYPTO_LOCK_EVP_PKEY); pub->engine = e; if (!p11_rsa_method) { p11_rsa_method = EVP_PKEY_meth_new(EVP_PKEY_RSA, 0); EVP_PKEY_meth_set_sign(p11_rsa_method, NULL, eng_pmeth_sign_rsa); EVP_PKEY_meth_set_ctrl(p11_rsa_method, eng_pmeth_ctrl_rsa, NULL); EVP_PKEY_meth_set_copy(p11_rsa_method, eng_pmeth_copy); } if (!p11_dsa_method) { p11_dsa_method = EVP_PKEY_meth_new(EVP_PKEY_RSA, 0); EVP_PKEY_meth_set_sign(p11_dsa_method, NULL, eng_pmeth_sign_dsa); EVP_PKEY_meth_set_ctrl(p11_dsa_method, eng_pmeth_ctrl_dsa, NULL); EVP_PKEY_meth_set_copy(p11_dsa_method, eng_pmeth_copy); } #ifndef OPENSSL_NO_EC if (!p11_ec_method) { p11_ec_method = EVP_PKEY_meth_new(EVP_PKEY_EC, 0); EVP_PKEY_meth_set_sign(p11_ec_method, NULL, eng_pmeth_sign_ec); EVP_PKEY_meth_set_ctrl(p11_ec_method, eng_pmeth_ctrl_ec, NULL); EVP_PKEY_meth_set_copy(p11_ec_method, eng_pmeth_copy); } #endif } if (ENGINE_get_ex_data(e, eng_idx)) qWarning() << "Christian forgot to free the previous Card key. Blame him"; ENGINE_set_ex_data(e, eng_idx, this); p11obj = obj; switch (EVP_PKEY_type(pub->type)) { case EVP_PKEY_RSA: case EVP_PKEY_DSA: #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: #endif /* The private key is a copy of the public * key with an engine attached */ QByteArray ba = i2d_bytearray(I2D_VOID(i2d_PUBKEY), pub); EVP_PKEY *priv = (EVP_PKEY*)d2i_bytearray(D2I_VOID(d2i_PUBKEY), ba); ENGINE_init(e); priv->engine = e; return priv; } return NULL; } #endif xca-RELEASE.2.2.1/lib/db_x509req.cpp0000644000175000017500000000762513614632167016063 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "db_x509req.h" #include "pki_x509req.h" #include "widgets/MainWindow.h" #include #include #include db_x509req::db_x509req(MainWindow *mw) :db_x509super(mw) { class_name = "requests"; sqlHashTable = "requests"; pkitype << x509_req; pkitype_depends << x509; updateHeaders(); loadContainer(); } dbheaderList db_x509req::getHeaders() { dbheaderList h = db_x509super::getHeaders(); h << new dbheader(HD_req_signed, true, tr("Signed"), tr("whether the request is already signed or not")) << new dbheader(HD_req_unstr_name, false, tr("Unstructured name"), QString(OBJ_nid2ln(NID_pkcs9_unstructuredName))) << new dbheader(HD_req_chall_pass, false, tr("Challenge password"), QString(OBJ_nid2ln(NID_pkcs9_challengePassword))) << new num_dbheader(HD_req_certs, false, tr("Certificate count"), tr("Number of certificates in the database with the same public key")); return h; } pki_base *db_x509req::newPKI(enum pki_type type) { (void)type; return new pki_x509req(); } pki_base *db_x509req::insert(pki_base *item) { pki_x509req *oldreq, *req; req = (pki_x509req *)item; oldreq = (pki_x509req *)getByReference(req); if (oldreq) { XCA_INFO(tr("The certificate signing request already exists in the database as\n'%1'\nand thus was not stored").arg(oldreq->getIntName())); delete(req); return NULL; } insertPKI(req); return req; } void db_x509req::newItem() { newItem(NULL, NULL); } void db_x509req::newItem(pki_temp *temp, pki_x509req *orig) { pki_x509req *req = NULL; NewX509 *dlg = new NewX509(mainwin); emit connNewX509(dlg); if (temp) { dlg->defineTemplate(temp); } else if (orig) { dlg->fromX509super(orig, true); } dlg->setRequest(); if (!dlg->exec()){ delete dlg; return; } try { pki_key *key = dlg->getSelectedKey(); x509name xn = dlg->getX509name(); req = new pki_x509req(); req->pkiSource = dlg->getPkiSource(); req->setIntName(dlg->description->text()); dlg->getReqAttributes(req); req->createReq(key, xn, dlg->hashAlgo->currentHash(), dlg->getAllExt()); // set the comment field req->setComment(dlg->comment->toPlainText()); createSuccess(insert(req)); } catch (errorEx &err) { MainWindow::Error(err); if (req) delete req; } } void db_x509req::toRequest(QModelIndex index) { pki_x509req *req = static_cast(index.internalPointer()); if (!req) return; newItem(NULL, req); } void db_x509req::load(void) { load_req l; load_default(l); } void db_x509req::store(QModelIndex index) { QList types; pki_x509req *req = static_cast(index.internalPointer()); if (!req) return; types << exportType(exportType::PEM, "pem", "PEM") << exportType(exportType::DER, "der", "DER"); ExportDialog *dlg = new ExportDialog(mainwin, tr("Certificate request export"), tr("Certificate request ( *.pem *.der *.csr )"), req, MainWindow::csrImg, types); if (!dlg->exec()) { delete dlg; return; } try { XFile file(dlg->filename->text()); pki_base::pem_comment = dlg->pemComment->isChecked(); file.open_write(); req->writeReq(file, dlg->type() == exportType::PEM); } catch (errorEx &err) { mainwin->Error(err); } pki_base::pem_comment = false; delete dlg; } void db_x509req::signReq(QModelIndex index) { pki_x509req *req = static_cast(index.internalPointer()); req->pkiSource = generated; emit newCert(req); } void db_x509req::setSigned(QModelIndex index, bool signe) { pki_x509req *req = static_cast(index.internalPointer()); if (!req) return; req->markSigned(signe); emit columnsContentChanged(); } void db_x509req::resetX509count() { foreach(pki_x509req *r, getAllRequests()) r->resetX509count(); } QList db_x509req::getAllRequests() { return sqlSELECTpki("SELECT item FROM requests"); } xca-RELEASE.2.2.1/lib/db_x509super.h0000644000175000017500000000142713614632167016071 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2011 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __DB_X509SUPER_H #define __DB_X509SUPER_H #include "db_key.h" #include "pki_x509super.h" #include #include class db_x509name: public db_base { Q_OBJECT protected: dbheaderList getHeaders(); public: db_x509name(MainWindow *mw); }; class db_x509super: public db_x509name { Q_OBJECT protected: dbheaderList getHeaders(); void loadContainer(); public: db_x509super(MainWindow *mw); pki_key *findKey(pki_x509super *ref); QList findByPubKey(pki_key *refkey); void extractPubkey(QModelIndex index); void toTemplate(QModelIndex index); void toOpenssl(QModelIndex index) const; void showPki(pki_base *pki); }; #endif xca-RELEASE.2.2.1/lib/main.h0000644000175000017500000000245113614632167014562 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __MAIN_H #define __MAIN_H #include #include #include #include #include "widgets/MainWindow.h" #include "entropy.h" extern char segv_data[1024]; class XcaTranslator : public QTranslator { Q_OBJECT public: XcaTranslator(QObject *p = NULL) : QTranslator(p) { } bool load(const QLocale &locale, const QString &filename, const QString &dir) { #if 0 return QTranslator::load(locale, filename, "_", dir, ".qm"); #else return QTranslator::load(QString("%1_%2").arg(filename).arg(locale.name()), dir); #endif } }; class XCA_application : public QApplication { Q_OBJECT private: MainWindow *mainw; XcaTranslator *qtTr; XcaTranslator *xcaTr; static QLocale lang; Entropy entropy; static QList langAvail; public: XCA_application(int &argc, char *argv[]); virtual ~XCA_application(); void setMainwin(MainWindow *m); void setupLanguage(QLocale lang); static QLocale language() { return lang; } static QFont tableFont; static bool languageAvailable(QLocale l); bool eventFilter(QObject *watched, QEvent *ev); bool notify(QObject* receiver, QEvent* event); public slots: void switchLanguage(QAction* a); void quit(); }; #endif xca-RELEASE.2.2.1/lib/Passwd.cpp0000644000175000017500000000052713614632167015434 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2012 Christian Hohnstaedt. * * All rights reserved. */ #include #include "Passwd.h" void Passwd::cleanse() { memset(data(), 0, size()); } Passwd::~Passwd() { Passwd::cleanse(); } unsigned char *Passwd::constUchar() const { return (unsigned char *)(size() ? constData() : ""); } xca-RELEASE.2.2.1/lib/pki_x509req.cpp0000644000175000017500000002103713614632167016252 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include #include "pki_x509.h" #include "pki_evp.h" #include "func.h" #include "db_base.h" #include "x509name.h" #include "exception.h" #include #include #include #include "openssl_compat.h" QPixmap *pki_x509req::icon[3] = { NULL, NULL, NULL }; pki_x509req::pki_x509req(const QString name) : pki_x509super(name) { request = X509_REQ_new(); pki_openssl_error(); pkiType=x509_req; done = false; resetX509count(); } pki_x509req::~pki_x509req() { if (request) X509_REQ_free(request); } QSqlError pki_x509req::insertSqlData() { XSqlQuery q; QSqlError e = pki_x509super::insertSqlData(); if (e.isValid()) return e; SQL_PREPARE(q, "INSERT INTO requests (item, hash, signed, request) " "VALUES (?, ?, ?, ?)"); q.bindValue(0, sqlItemId); q.bindValue(1, hash()); q.bindValue(2, done ? 1 : 0); q.bindValue(3, i2d_b64()); q.exec(); return q.lastError(); } void pki_x509req::markSigned(bool signe) { XSqlQuery q; Transaction; TransThrow(); SQL_PREPARE(q, "UPDATE requests SET signed=? WHERE item=?"); q.bindValue(0, signe ? 1 : 0); q.bindValue(1, sqlItemId); q.exec(); if (q.lastError().isValid()) return; done = signe; AffectedItems(sqlItemId); TransCommit(); } void pki_x509req::restoreSql(const QSqlRecord &rec) { pki_x509super::restoreSql(rec); QByteArray ba = QByteArray::fromBase64( rec.value(VIEW_x509req_request).toByteArray()); d2i(ba); done = rec.value(VIEW_x509req_signed).toBool(); } QSqlError pki_x509req::deleteSqlData() { XSqlQuery q; QSqlError e = pki_x509super::deleteSqlData(); if (e.isValid()) return e; SQL_PREPARE(q, "DELETE FROM requests WHERE item=?"); q.bindValue(0, sqlItemId); q.exec(); return q.lastError(); } void pki_x509req::createReq(pki_key *key, const x509name &dn, const EVP_MD *md, extList el) { QList bad_nids; bad_nids << NID_authority_key_identifier << NID_issuer_alt_name << NID_undef; EVP_PKEY *privkey = NULL; if (key->isPubKey()) { my_error(tr("Signing key not valid (public key)")); return; } X509_REQ_set_version(request, 0L); X509_REQ_set_pubkey(request, key->getPubKey()); setSubject(dn); pki_openssl_error(); foreach(int nid , bad_nids) el.delByNid(nid); el.delInvalid(); if (el.count() > 0) { STACK_OF(X509_EXTENSION) *sk; sk = el.getStack(); X509_REQ_add_extensions(request, sk); sk_X509_EXTENSION_pop_free(sk, X509_EXTENSION_free); } pki_openssl_error(); privkey = key->decryptKey(); X509_REQ_sign(request, privkey, md); pki_openssl_error(); EVP_PKEY_free(privkey); } QString pki_x509req::getMsg(msg_type msg) const { /* * We do not construct english sentences from fragments * to allow proper translations. * The drawback are all the slightly different duplicated messages * * %1 will be replaced by either "SPKAC" or "PKCS#10" * %2 will be replaced by the internal name of the request */ QString type = "PKCS#10"; switch (msg) { case msg_import: return tr("Successfully imported the %1 certificate request '%2'").arg(type); case msg_delete: return tr("Delete the %1 certificate request '%2'?").arg(type); case msg_create: return tr("Successfully created the %1 certificate request '%2'").arg(type); /* %1: Number of requests; %2: list of request names */ case msg_delete_multi: return tr("Delete the %1 certificate requests: %2?"); } return pki_base::getMsg(msg); } void pki_x509req::fromPEM_BIO(BIO *bio, const QString &name) { X509_REQ *req; req = PEM_read_bio_X509_REQ(bio, NULL, NULL, NULL); openssl_error(name); X509_REQ_free(request); request = req; } void pki_x509req::fload(const QString &fname) { X509_REQ *_req; XFile file(fname); file.open_read(); _req = PEM_read_X509_REQ(file.fp(), NULL, NULL, NULL); if (!_req) { pki_ign_openssl_error(); file.retry_read(); _req = d2i_X509_REQ_fp(file.fp(), NULL); } if (pki_ign_openssl_error() || !_req) { if (_req) X509_REQ_free(_req); throw errorEx(tr("Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format.").arg(fname)); } X509_REQ_free(request); request = _req; } void pki_x509req::d2i(QByteArray &ba) { X509_REQ *r= (X509_REQ*)d2i_bytearray(D2I_VOID(d2i_X509_REQ), ba); if (r) { X509_REQ_free(request); request = r; } } QByteArray pki_x509req::i2d() const { return i2d_bytearray(I2D_VOID(i2d_X509_REQ), request); } void pki_x509req::fromData(const unsigned char *p, db_header_t *head ) { int size; size = head->len - sizeof(db_header_t); QByteArray ba((const char *)p, size); d2i(ba); pki_openssl_error(); if (ba.count() > 0) { my_error(tr("Wrong Size %1").arg(ba.count())); } } void pki_x509req::addAttribute(int nid, QString content) { if (content.isEmpty()) return; ASN1_STRING *a = QStringToAsn1(content, nid); X509_REQ_add1_attr_by_NID(request, nid, a->type, a->data, a->length); ASN1_STRING_free(a); openssl_error(QString("'%1' (%2)").arg(content).arg(OBJ_nid2ln(nid))); } x509name pki_x509req::getSubject() const { x509name x(X509_REQ_get_subject_name(request)); pki_openssl_error(); return x; } int pki_x509req::sigAlg() const { return X509_REQ_get_signature_nid(request); } void pki_x509req::setSubject(const x509name &n) { X509_REQ_set_subject_name(request, n.get()); } void pki_x509req::writeDefault(const QString &dirname) const { XFile file(get_dump_filename(dirname, ".csr")); file.open_write(); writeReq(file, true); } void pki_x509req::writeReq(XFile &file, bool pem) const { if (!request) return; if (pem) { PEM_file_comment(file); PEM_write_X509_REQ(file.fp(), request); } else { i2d_X509_REQ_fp(file.fp(), request); } pki_openssl_error(); } BIO *pki_x509req::pem(BIO *b, int format) { (void)format; if (!b) b = BIO_new(BIO_s_mem()); PEM_write_bio_X509_REQ(b, request); return b; } int pki_x509req::verify() const { EVP_PKEY *pkey = X509_REQ_get_pubkey(request); bool x = X509_REQ_verify(request,pkey) > 0; pki_ign_openssl_error(); EVP_PKEY_free(pkey); return x; } pki_key *pki_x509req::getPubKey() const { EVP_PKEY *pkey = X509_REQ_get_pubkey(request); pki_ign_openssl_error(); if (pkey == NULL) return NULL; pki_evp *key = new pki_evp(pkey); pki_openssl_error(); return key; } extList pki_x509req::getV3ext() const { extList el; STACK_OF(X509_EXTENSION) *sk; sk = X509_REQ_get_extensions(request); el.setStack(sk); sk_X509_EXTENSION_pop_free(sk, X509_EXTENSION_free); return el; } QString pki_x509req::getAttribute(int nid) const { int n; int count; QStringList ret; n = X509_REQ_get_attr_by_NID(request, nid, -1); if (n == -1) return QString(""); X509_ATTRIBUTE *att = X509_REQ_get_attr(request, n); if (!att) return QString(""); count = X509_ATTRIBUTE_count(att); for (int j = 0; j < count; j++) ret << asn1ToQString(X509_ATTRIBUTE_get0_type(att, j)-> value.asn1_string); return ret.join(", "); } int pki_x509req::issuedCerts() const { XSqlQuery q; int count = 0; if (x509count != -1) return x509count; SQL_PREPARE(q, "SELECT item FROM x509super WHERE key_hash=?"); q.bindValue(0, pubHash()); q.exec(); if (q.lastError().isValid()) return 0; pki_key *k = getPubKey(); if (!k) return 0; while (q.next()) { pki_x509super *x; x = db_base::lookupPki(q.value(0)); if (!x) { qDebug("x509 with id %d not found", q.value(0).toInt()); continue; } if (typeid(*x) == typeid(pki_x509) && x->compareRefKey(k)) count++; qDebug() << "Req:" << getIntName() << "Cert with hash" << x->getIntName() << count; } delete k; x509count = count; return count; } QVariant pki_x509req::column_data(const dbheader *hd) const { switch (hd->id) { case HD_req_signed: return QVariant(done ? tr("Signed") : tr("Unhandled")); case HD_req_unstr_name: return getAttribute(NID_pkcs9_unstructuredName); case HD_req_chall_pass: return getAttribute(NID_pkcs9_challengePassword); case HD_req_certs: return QVariant(issuedCerts()); } return pki_x509super::column_data(hd); } QVariant pki_x509req::getIcon(const dbheader *hd) const { int pixnum = -1; switch (hd->id) { case HD_internal_name: pixnum = hasPrivKey() ? 0 : 1; break; case HD_req_signed: if (done) pixnum = 2; break; default: return pki_x509super::getIcon(hd); } if (pixnum == -1) return QVariant(); return QVariant(*icon[pixnum]); } bool pki_x509req::visible() const { if (pki_x509super::visible()) return true; if (getAttribute(NID_pkcs9_unstructuredName).contains(limitPattern)) return true; if (getAttribute(NID_pkcs9_challengePassword).contains(limitPattern)) return true; return false; } xca-RELEASE.2.2.1/lib/oid.h0000644000175000017500000000122613614632167014410 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2011 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __OID_H #define __OID_H class QString; #include #include extern int first_additional_oid; extern QMap oid_name_clash; extern QMap oid_lower_map; typedef QList NIDlist; /* reads additional OIDs from a file: oid, sn, ln */ void initOIDs(); /* reads a list of OIDs/SNs from a file and turns them into a QValueList * of integers, representing the NIDs. Usually to be used by NewX509 for * the list of ExtendedKeyUsage and Distinguished Name */ NIDlist readNIDlist(QString fname); #endif xca-RELEASE.2.2.1/lib/db.cpp0000644000175000017500000003033413614632167014557 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2012 Christian Hohnstaedt. * * All rights reserved. */ #include "db.h" #include "base.h" #include "func.h" #include "exception.h" #include #include #include #include #include #include #include #include #include #include #include #define XNUM(n) CCHAR(QString::number((n), 16)) db::db(QString filename, QFlags perm) { name = filename; file.setFileName(filename); bool newFile = !file.exists(); if (!file.open(QIODevice::ReadWrite)) { fileIOerr("open"); } else { first(); if (newFile) file.setPermissions(perm); else if (!verify_magic()) { file.close(); throw errorEx("Unknown database format", filename); } } } db::~db() { file.close(); } void db::fileIOerr(QString s) { errstr = QString("DB ") + s + "() '" + file.fileName() + "'"; dberrno = errno; throw errorEx(errstr, strerror(errno)); } void db::init_header(db_header_t *db, int ver, int len, enum pki_type type, QString name) { memset(db, 0, sizeof(db_header_t)); db->magic = xhtonl(XCA_MAGIC); db->len = xhtonl(sizeof(db_header_t)+len); db->headver = xhtons(1); db->type = xhtons(type); db->version = xhtons(ver); db->flags = 0; strncpy(db->name, name.toUtf8(), NAMELEN); db->name[NAMELEN-1] = '\0'; } void db::convert_header(db_header_t *h) { h->magic = xntohl(head.magic); h->len = xntohl(head.len); h->headver = xntohs(head.headver); h->type = xntohs(head.type); h->version = xntohs(head.version); h->flags = xntohs(head.flags); memcpy(h->name, head.name, NAMELEN); } bool db::verify_magic(void) { if (!eof()) if (xntohl(head.magic) != XCA_MAGIC) { return false; } return true; } bool db::eof() { return head_offset == file.size(); } int db::find(enum pki_type type, QString name) { while (!eof()) { if (xntohs(head.type) == type) { if (name.isEmpty()) { /* only compare type */ return 0; } else if (QString::fromUtf8(head.name) == name) { return 0; } } if (!verify_magic()) { return -1; } next(); } return 1; } void db::first(int flag) { int ret; memset(&head, 0, sizeof(db_header_t) ); head_offset = 0; file.seek(0); ret = file.read((char*)&head, sizeof(db_header_t) ); if (ret < 0 ) fileIOerr("read"); if (ret==0) { head_offset = file.size(); return; } if (!verify_magic()) return; if (xntohs(head.flags) & flag) next(flag); } int db::next(int flag) { qint64 ret; qint64 garbage = -1; int result = 1; if (eof()) return 1; head_offset += xntohl(head.len); if (head_offset >= file.size()) { head_offset = file.size(); return 1; } while (1) { file.seek(head_offset); ret = file.read((char*)&head, sizeof head); if (ret==0) { head_offset = file.size(); break; } if (ret < 0) { fileIOerr("read"); return -1; } if (ret != sizeof head) { qWarning("next(): Short read: 0x%s of 0x%s @ 0x%s", XNUM(ret), XNUM(sizeof head), XNUM(head_offset)); if (garbage != -1) { ret += head_offset - garbage; head_offset = garbage; } qWarning("next(): Truncating 0x%s garbage bytes @ 0x%s", XNUM(ret), XNUM(head_offset)); if (backup()) file.resize(head_offset); head_offset = file.size(); return -1; } qint64 hlen = xntohl(head.len); if (!verify_magic()) { if (garbage == -1) garbage = head_offset; head_offset += 1; continue; } else { if (garbage != -1) { qWarning("next(): 0x%s bytes garbage skipped at 0x%s", XNUM(head_offset - garbage), XNUM(garbage)); } garbage = -1; if (file.size() < head_offset + hlen) { qWarning("next(): Short item (%s of %s) at 0x%s", XNUM(xntohl(head.len)), XNUM(file.size() - head_offset), XNUM(head_offset)); garbage = head_offset; /* invalidate the header */ qWarning("Invalidate short item @ 0x%s\n", XNUM(head_offset)); file.seek(head_offset); char inval = 0xcb; // 0xca +1 file.write(&inval, 1); head_offset += 4; continue; } } if (!(xntohs(head.flags) & flag)) { result = 0; break; } else { head_offset += hlen; } } if (garbage != -1) { qWarning("next(): 0x%s bytes garbage skipped at 0x%s", XNUM(head_offset - garbage), XNUM(garbage)); } return result; } void db::rename(enum pki_type type, QString name, QString n) { qint64 ret; first(); if (find(type, n) == 0) { throw errorEx(QObject::tr("DB: Rename: '%1' already in use").arg(n)); } first(); if (find(type, name) != 0) { throw errorEx(QObject::tr("DB: Entry to rename not found: %1").arg(name)); } strncpy(head.name, n.toUtf8(), NAMELEN); head.name[NAMELEN-1] = '\0'; file.seek(head_offset); ret = file.write((char*)&head, sizeof(head)); if (ret < 0) { fileIOerr("write"); } if (ret != sizeof head) { throw errorEx(QObject::tr("DB: Write error %1 - %2" ).arg(ret).arg(sizeof(head))); } } QString db::uniq_name(QString s, QList types) { int i; QString myname; QStringList sl; bool ok; s = s.left(NAMELEN-6); sl = s.split("_"); sl.last().toUInt(&ok, 10); if (ok && (sl.count() > 1)) { sl.removeLast(); s = sl.join("_"); } for (i=1, myname = s; ; i++) { bool found = false; foreach (enum pki_type type, types) { first(); if (find(type, myname) == 0) { myname = s + QString("_%1").arg(i); found = true; break; } } if (!found) break; } return myname; } int db::add(const unsigned char *p, int len, int ver, enum pki_type type, QString name) { db_header_t head; init_header(&head, ver, len, type, name); file.seek(file.size()); if (file.write((char*)&head, sizeof head) != sizeof head) { fileIOerr("write"); return -1; } if (file.write((char*)p, len) != len) { fileIOerr("write"); return -1; } return 0; } int db::set(const unsigned char *p, int len, int ver, enum pki_type type, QString name) { qint64 ret; first(); ret = find(type, name); if (ret != 0) { return add(p, len, ver, type, name); } else { file.seek(head_offset); if (len != (int)(xntohl(head.len) - sizeof(db_header_t))) { int flags; flags = head.flags; head.flags |= xhtons(DBFLAG_DELETED | DBFLAG_OUTDATED); if (file.write((char*)&head, sizeof head) != sizeof head) { fileIOerr("write"); return -1; } if (add(p, len, ver, type, name) < 0) { file.seek(head_offset); head.flags = flags; ret = file.write((char*)&head, sizeof head); if (ret != sizeof head) fileIOerr("write"); } return 0; } head.version = xhtons(ver); if (file.write((char*)&head, sizeof head) != sizeof head) { fileIOerr("write"); return -1; } if (file.write((char*)p, len) != len) { fileIOerr("write"); return -1; } } return 0; } unsigned char *db::load(db_header_t *u_header) { uint32_t size; qint64 ret; unsigned char *data; if (eof()) return NULL; size = xntohl(head.len) - sizeof(db_header_t); data = (unsigned char *)malloc(size); file.seek(head_offset + sizeof(db_header_t)); ret = file.read((char*)data, size); if (ret == (qint64)size) { if (u_header) convert_header(u_header); return data; } else { free(data); if (ret < 0) fileIOerr("read"); return NULL; } } bool db::get_header(db_header_t *u_header) { if (eof()) return false; convert_header(u_header); return true; } int db::erase(void) { if (eof()) return -1; head.flags |= xhtons(DBFLAG_DELETED); file.seek(head_offset); if (file.write((char*)&head, sizeof(db_header_t)) != sizeof(db_header_t)) { fileIOerr("write"); return -1; } return 0; } int db::shrink(int flags) { qint64 ret, garbage = -1; uint32_t offs; char buf[BUFSIZ]; QFile new_file; int result = 0; new_file.setFileName(name + "{shrink}"); if (!new_file.open(QIODevice::ReadWrite)) { fileIOerr("open"); return 1; } file.reset(); while ((ret = file.read((char*)&head, sizeof head)) > 0) { if (ret < (qint64)sizeof head) { qWarning("shrink(): Short read: 0x%s instead of 0x%s", XNUM(ret), XNUM(sizeof head)); result = 1; break; } if (!verify_magic()) { file.seek(file.pos() - sizeof(head) +1); if (garbage == -1) garbage = file.pos() -1; result = 1; continue; } if (garbage != -1) qWarning("shrink(): 0x%s garbage found at %s", XNUM(file.pos() - sizeof head - garbage), XNUM(garbage)); garbage = -1; head_offset = xntohl(head.len) - sizeof(head); if ((xntohs(head.flags) & flags)) { /* FF to the next entry */ if (!file.seek(head_offset + file.pos())) { result = 1; break; } continue; } if (head_offset + file.pos() > file.size()) { file.seek(file.pos() - sizeof(head) +4); if (garbage == -1) garbage = file.pos() -4; continue; } ret = new_file.write((char*)&head, sizeof(head)); if (ret != sizeof(head)) { result = 2; break; } offs = head_offset; while (offs) { ret = file.read((char*)buf, (offs > BUFSIZ) ? BUFSIZ : offs); if (ret <= 0) { result = 3; break; } if (new_file.write(buf, ret) != ret) { result = 4; break; } offs -= ret; } if (offs) break; } new_file.close(); file.close(); QString backup, orig; switch (result) { case 0: /* everything is fine */ result = mv(new_file); break; case 1: /* Some repaireable errors in the database occured. * Keep the original as backup */ backup = backup_name(); QFile::remove(backup); orig = file.fileName(); if (file.rename(backup)) { new_file.rename(orig); } else { QFile::remove(new_file.fileName()); result = 2; } break; case 2: case 3: case 4: QFile::remove(new_file.fileName()); result = 2; break; } return result; } QString db::backup_name() { return file.fileName() + "_backup_" + QDateTime::currentDateTime() .toString("yyyyMMdd_hhmmss") + ".xdb"; } bool db::backup() { QFile this_file, new_file; QString backup = backup_name(); qint64 ret, wret; char buf[BUFSIZ]; this_file.setFileName(file.fileName()); if (!this_file.open(QIODevice::ReadOnly)) { return false; } new_file.setFileName(backup); if (!new_file.open(QIODevice::ReadWrite)) { this_file.close(); return false; } while (1) { ret = this_file.read(buf, sizeof buf); if (ret <= 0) break; wret = new_file.write(buf, ret); if (wret != ret) break; } this_file.close(); new_file.close(); return ret == 0; } // Move "new_file" to this database int db::mv(QFile &new_file) { #if defined(Q_OS_WIN32) // here we try to reimplement the simple "mv" command on unix // atomic renaming fails on WIN32 platforms and // forces us to work with temporary files :-( QString tempn = name + "{mv_orig}"; QFile::remove(tempn); if (file.rename(tempn)) { if (new_file.rename(name)) { QFile::remove(tempn); } else { QFile::rename(tempn, name); QFile::remove(new_file.fileName()); qDebug() << name << "file.error:" << file.error(); return 2; } } else { qDebug() << tempn << "file.error:" << file.error(); return 2; } return 0; #else // use the global rename() function and not the method of this class char *newfile = strdup(filename2bytearray(new_file.fileName())); check_oom(newfile); int ret = ::rename(newfile, QString2filename(name)) == -1; free(newfile); return ret == 0 ? 0 : 2; #endif } QByteArray db::intToData(uint32_t val) { uint32_t v = xhtonl(val); return QByteArray((char*)&v, sizeof(uint32_t)); } uint32_t db::intFromData(QByteArray &ba) { uint32_t ret; if ((unsigned)(ba.count()) < sizeof(uint32_t)) { throw errorEx(QObject::tr("Out of data")); } memcpy(&ret, ba.constData(), sizeof(uint32_t)); ba = ba.mid(sizeof(uint32_t)); return xntohl(ret); } QByteArray db::boolToData(bool val) { char c = val ? 1 : 0; return QByteArray(&c, 1); } bool db::boolFromData(QByteArray &ba) { unsigned char c; if (ba.count() < 1) throw errorEx(QObject::tr("Out of data")); c = ba.constData()[0]; ba = ba.mid(1); return c ? true : false; } QByteArray db::stringToData(const QString val) { QByteArray ba = val.toUtf8(); int idx = ba.indexOf('\0'); if (idx == -1) ba += '\0'; else ba.truncate(idx +1); return ba; } QString db::stringFromData(QByteArray &ba) { int idx = ba.indexOf('\0'); if (idx == -1) throw errorEx(QObject::tr("Error finding endmarker of string")); QString ret = QString::fromUtf8(ba.constData(), idx); ba = ba.mid(idx+1); return ret; } xca-RELEASE.2.2.1/lib/pki_pkcs7.cpp0000644000175000017500000000733513614632167016071 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "pki_pkcs7.h" #include "func.h" #include "exception.h" pki_pkcs7::pki_pkcs7(const QString name) :pki_base(name) { p7 = PKCS7_new(); PKCS7_set_type(p7, NID_pkcs7_signed); PKCS7_content_new(p7, NID_pkcs7_data); } pki_pkcs7::~pki_pkcs7() { if (p7) PKCS7_free(p7); } void pki_pkcs7::encryptFile(pki_x509 *crt, QString filename) { BIO *bio = NULL; bio = BIO_new_file(QString2filename(filename), "r"); openssl_error(); encryptBio(crt, bio); BIO_free(bio); } void pki_pkcs7::encryptBio(pki_x509 *crt, BIO *bio) { STACK_OF(X509) *certstack; if (!crt) return; certstack = sk_X509_new_null(); sk_X509_push(certstack, crt->getCert()); openssl_error(); if (p7) PKCS7_free(p7); p7 = PKCS7_encrypt(certstack, bio, EVP_des_ede3_cbc(), PKCS7_BINARY); openssl_error(); sk_X509_free(certstack); } void pki_pkcs7::signBio(pki_x509 *crt, BIO *bio) { pki_key *privkey; EVP_PKEY *pk; STACK_OF(X509) *certstack; if (!crt) return; privkey = crt->getRefKey(); if (!privkey) throw errorEx("No private key for signing found", getClassName()); certstack = sk_X509_new_null(); pki_x509 *signer = crt->getSigner(); if (signer == crt) signer = NULL; while (signer != NULL ) { sk_X509_push(certstack, signer->getCert()); openssl_error(); if (signer == signer->getSigner() ) signer = NULL; else signer = signer->getSigner(); } if (p7) PKCS7_free(p7); pk = privkey->decryptKey(); p7 = PKCS7_sign(crt->getCert(), pk, certstack, bio, PKCS7_BINARY); EVP_PKEY_free(pk); openssl_error(); sk_X509_free(certstack); } void pki_pkcs7::signFile(pki_x509 *crt, QString filename) { BIO *bio; if (!crt) return; bio = BIO_new_file(QString2filename(filename), "r"); openssl_error(); signBio(crt, bio); BIO_free(bio); } void pki_pkcs7::signCert(pki_x509 *crt, pki_x509 *contCert) { BIO *bio; if (!crt) return; bio = BIO_new(BIO_s_mem()); openssl_error(); i2d_X509_bio(bio, contCert->getCert()); signBio(crt, bio); BIO_free(bio); } void pki_pkcs7::writeP7(XFile &file, bool PEM) const { if (!p7) return; if (PEM) PEM_write_PKCS7(file.fp(), p7); else i2d_PKCS7_fp(file.fp(), p7); openssl_error(); } pki_x509 *pki_pkcs7::getCert(int x) { pki_x509 *cert; cert = new pki_x509(X509_dup(sk_X509_value(getCertStack(), x))); openssl_error(); cert->autoIntName(getIntName()); cert->pkiSource = imported; return cert; } int pki_pkcs7::numCert() { int n= sk_X509_num(getCertStack()); openssl_error(); return n; } void pki_pkcs7::fromPEM_BIO(BIO *bio, const QString &name) { PKCS7 *_p7 = PEM_read_bio_PKCS7(bio, NULL, NULL, NULL); openssl_error(name); if (p7) PKCS7_free(p7); p7 = _p7; autoIntName(name); } void pki_pkcs7::fload(const QString &fname) { PKCS7 *_p7; XFile file(fname); file.open_read(); _p7 = PEM_read_PKCS7(file.fp(), NULL, NULL, NULL); if (!_p7) { ign_openssl_error(); file.retry_read(); _p7 = d2i_PKCS7_fp(file.fp(), NULL); } if (ign_openssl_error()) { if (_p7) PKCS7_free(_p7); throw errorEx(tr("Unable to load the PKCS#7 file %1. Tried PEM and DER format.").arg(fname)); } if (p7) PKCS7_free(p7); p7 = _p7; } STACK_OF(X509) *pki_pkcs7::getCertStack() { int i; STACK_OF(X509) *certstack = NULL; if (p7 == NULL) return NULL; i = OBJ_obj2nid(p7->type); switch (i) { case NID_pkcs7_signed: certstack = p7->d.sign->cert; break; case NID_pkcs7_signedAndEnveloped: certstack = p7->d.signed_and_enveloped->cert; break; default: break; } openssl_error(); return certstack; } void pki_pkcs7::addCert(pki_x509 *crt) { if (p7 == NULL || crt == NULL) return; PKCS7_add_certificate(p7, crt->getCert()); openssl_error(); } xca-RELEASE.2.2.1/lib/db_temp.h0000644000175000017500000000133513614632167015250 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2007 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __DB_TEMP_H #define __DB_TEMP_H #include "db_base.h" #include "pki_temp.h" #include "db_x509super.h" #include #include class db_temp: public db_x509name { Q_OBJECT protected: QPixmap *keyicon; QList predefs; public: db_temp(MainWindow *mw); ~db_temp(); pki_base *newPKI(enum pki_type type = none); bool runTempDlg(pki_temp *temp); bool alterTemp(pki_temp *temp); void fillContextMenu(QMenu *menu, const QModelIndex &index); QList getAllAndPredefs(); void newItem(); void showPki(pki_base *pki); void load(); void store(QModelIndex index); }; #endif xca-RELEASE.2.2.1/lib/pki_base.cpp0000644000175000017500000002126713614632167015754 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "func.h" #include "xfile.h" #include "pki_base.h" #include "exception.h" #include #include #include #include #include QRegExp pki_base::limitPattern; bool pki_base::pem_comment; pki_base::pki_base(const QString name, pki_base *p) { desc = name; parent = p; childItems.clear(); pkiType=none; pkiSource=unknown; } pki_base::~pki_base(void) { while (childItems.size() > 0) delete takeFirst(); } QString pki_base::comboText() const { return desc; } void pki_base::autoIntName(const QString &file) { setIntName(rmslashdot(file)); } void pki_base::deleteFromToken() { } void pki_base::deleteFromToken(slotid) { } void pki_base::writeDefault(const QString&) const { } void pki_base::fromPEM_BIO(BIO *, const QString &) { } void pki_base::fload(const QString &) { } int pki_base::renameOnToken(slotid, QString) { return 0; } QString pki_base::getUnderlinedName() const { QString name = getIntName(); QRegExp rx("^(CON|PRN|AUX|NUL|COM[1-9]|LPT[1-9])$"); if (rx.indexIn(name) != -1) name += "_"; return name.replace(QRegExp("[ $&;`/\\\\<>:\"/\\|?*]+"), "_"); } bool pki_base::visible() const { if (limitPattern.isEmpty()) return true; return getIntName().contains(limitPattern) || comment.contains(limitPattern); } void pki_base::PEM_file_comment(XFile &file) const { if (!pem_comment) return; file.write(QString("XCA internal name: %1\n%2\n") .arg(getIntName()).arg(getComment()) .toUtf8()); } bool pki_base::childVisible() const { foreach(pki_base *child, childItems) if (child->isVisible()) return true; return false; } int pki_base::isVisible() { if (limitPattern.isEmpty()) return 1; return visible() ? 1 : childVisible() ? 2 : 0; } QString pki_base::getMsg(msg_type msg) const { return tr("Internal error: Unexpected message: %1 %2") .arg(getClassName()).arg(msg); } QByteArray pki_base::i2d() const { return QByteArray(); } BIO *pki_base::pem(BIO *, int format) { (void)format; return NULL; } const char *pki_base::getClassName() const { return typeid(*this).name(); } void pki_base::my_error(const QString &error) const { if (!error.isEmpty()) { qCritical() << "Error:" << error; throw errorEx(error, getClassName()); } } void pki_base::fromPEMbyteArray(const QByteArray &ba, const QString &name) { BIO *bio = BIO_from_QByteArray(ba); fromPEM_BIO(bio, name); BIO_free(bio); autoIntName(name); } QString pki_base::rmslashdot(const QString &s) { QByteArray a = s.toLatin1().replace("\\", "/"); int r = a.lastIndexOf('.'); int l = a.lastIndexOf('/'); return s.mid(l+1,r-l-1); } QSqlError pki_base::insertSql() { XSqlQuery q; QString insert; QSqlError e; insertion_date.now(); SQL_PREPARE(q, "SELECT MAX(id) +1 from items"); q.exec(); if (q.first()) sqlItemId = q.value(0); if (sqlItemId.toULongLong() == 0) sqlItemId = 1; SQL_PREPARE(q, "INSERT INTO items " "(id, name, type, date, source, comment) " "VALUES (?, ?, ?, ?, ?, ?)"); q.bindValue(0, sqlItemId); q.bindValue(1, getIntName()); q.bindValue(2, getType()); q.bindValue(3, insertion_date.toPlain()); q.bindValue(4, pkiSource); q.bindValue(5, getComment()); q.exec(); e = q.lastError(); if (!e.isValid()) { e = insertSqlData(); } return e; } void pki_base::restoreSql(const QSqlRecord &rec) { sqlItemId = rec.value(VIEW_item_id); desc = rec.value(VIEW_item_name).toString(); insertion_date.fromPlain(rec.value(VIEW_item_date).toString()); comment = rec.value(VIEW_item_comment).toString(); pkiSource = (enum pki_source)rec.value(VIEW_item_source).toInt(); } QSqlError pki_base::deleteSql() { XSqlQuery q; QString insert; QSqlError e; if (!sqlItemId.isValid()) { qDebug("INVALID sqlItemId (DELETE %s)", CCHAR(getIntName())); return sqlItemNotFound(QVariant()); } e = deleteSqlData(); if (e.isValid()) return e; SQL_PREPARE(q, "UPDATE items SET del=1 WHERE id=?"); q.bindValue(0, sqlItemId); q.exec(); return q.lastError(); } QSqlError pki_base::sqlItemNotFound(QVariant sqlId) const { return QSqlError(QString("XCA SQL database inconsistent"), QString("Item %2 not found %1") .arg(getClassName()) .arg(sqlId.toString()), QSqlError::UnknownError); } pki_base *pki_base::getParent() { return parent; } void pki_base::setParent(pki_base *p) { parent = p; } pki_base *pki_base::child(int row) { return childItems.value(row); } void pki_base::append(pki_base *item) { childItems.append(item); item->setParent(this); } void pki_base::insert(int row, pki_base *item) { childItems.insert(row, item); item->setParent(this); } int pki_base::childCount() const { return childItems.size(); } int pki_base::row(void) const { if (parent) return parent->childItems.indexOf(const_cast(this)); return 0; } pki_base *pki_base::iterate(pki_base *pki) { if (pki == NULL) pki = (childItems.isEmpty()) ? NULL : childItems.first(); else pki = childItems.value(pki->row()+1); if (pki) { return pki; } if (!parent) { return NULL; } return parent->iterate(this); } void pki_base::takeChild(pki_base *pki) { childItems.takeAt(pki->row()); } pki_base *pki_base::takeFirst() { return childItems.takeFirst(); } QString pki_base::pki_source_name() const { switch (pkiSource) { default: case unknown: return tr("Unknown"); case imported: return tr("Imported"); case generated: return tr("Generated"); case transformed: return tr("Transformed"); case token: return tr("Token"); case legacy_db: return tr("Legacy Database"); case renewed: return tr("Renewed"); } return QString("???"); } QVariant pki_base::column_data(const dbheader *hd) const { switch (hd->id) { case HD_internal_name: return QVariant(getIntName()); case HD_comment: return QVariant(comment.section('\n', 0, 0)); case HD_source: return QVariant(pki_source_name()); case HD_primary_key: return sqlItemId; } if (hd->type == dbheader::hd_asn1time) { a1time t = column_a1time(hd); if (!t.isUndefined()) return QVariant(t.toFancy()); } return QVariant(); } a1time pki_base::column_a1time(const dbheader *hd) const { switch (hd->id) { case HD_creation: return insertion_date; } return a1time().setUndefined(); } QVariant pki_base::getIcon(const dbheader *hd) const { (void)hd; return QVariant(); } QVariant pki_base::column_tooltip(const dbheader *hd) const { switch (hd->id) { case HD_comment: return QVariant(comment); } if (hd->type == dbheader::hd_asn1time) { a1time t = column_a1time(hd); if (!t.isUndefined()) return QVariant(t.toPretty()); } return QVariant(); } bool pki_base::compare(const pki_base *ref) const { bool ret; ret = (i2d() == ref->i2d()); pki_openssl_error(); return ret; } /* Unsigned 32 bit integer */ unsigned pki_base::hash(QByteArray ba) { unsigned char md[EVP_MAX_MD_SIZE]; SHA1((const unsigned char *)ba.constData(), ba.length(), md); return (((unsigned)md[0] ) | ((unsigned)md[1]<<8L) | ((unsigned)md[2]<<16L) | ((unsigned)md[3]<<24L) ) & 0x7fffffffL; } unsigned pki_base::hash() const { return hash(i2d()); } QString pki_base::get_dump_filename(const QString &dir, const QString &ext) const { QString ctr = "", fn; int count = 0; while (count++ < 1000) { fn = dir +QDir::separator() +getUnderlinedName() +ctr +ext; if (!QFile::exists(fn)) return fn; ctr = QString("_%1").arg(count); } return fn; } void pki_base::selfComment(QString msg) { setComment(appendXcaComment(getComment(), msg)); } static QString icsValue(QString s) { int n = 60; QStringList lines; QString t = s.replace(QRegExp("([,;\\\\])"), "\\\\1") .replace("\n", "\\n") .replace("\r", "\\r"); qDebug() << "S:" << s; for (int j = n; !s.isEmpty(); j--) { QString sub = s.left(j); if (sub.endsWith("\\") || sub.toUtf8().length() > n) continue; s.remove(0, j); lines << sub; j = n = 74; } return lines.join("\r\n "); } QStringList pki_base::icsVEVENT(const a1time &expires, const QString &summary, const QString &description) const { QString uniqueid = formatHash(Digest(i2d(), EVP_sha1()), ""); QString desc = icsValue(description + "\n----------\n" + comment); QString alarm = Settings["ical_expiry"]; return QStringList() << "BEGIN:VEVENT" << QString("DTSTAMP:%1").arg(a1time().toString("yyyyMMdd'T'HHmmss'Z'")) << QString("UID:EXP-%1@xca.ovh").arg(uniqueid) << "STATUS:NEEDS-ACTION" << QString("DTSTART:%1").arg(expires.toString("yyyyMMdd")) << "DURATION:P1D" << QString("SUMMARY:%1").arg(icsValue(summary)) << QString("DESCRIPTION:%1").arg(desc) << "BEGIN:VALARM" << "ACTION:EMAIL" << QString("SUMMARY:%1").arg(icsValue(summary)) << QString("DESCRIPTION:%1").arg(desc) << QString("TRIGGER:-P%1").arg(alarm) << "END:VALARM" << "END:VEVENT"; } xca-RELEASE.2.2.1/lib/db.h0000644000175000017500000000375113614632167014227 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __XCA_DB_H #define __XCA_DB_H #include #include #include #include #include #include #define XCA_MAGIC 0xcadb1969 #define NAMELEN 80 #define FNAMLEN 256 #define DBFLAG_DELETED 0x1 #define DBFLAG_OUTDATED 0x2 enum pki_type { none, asym_key, x509_req, x509, revocation, tmpl, setting, smartCard, }; typedef struct { uint32_t magic; uint32_t len; /* length of this entry */ uint16_t headver; uint16_t type; uint16_t version; uint16_t flags; char name[NAMELEN]; /* name of the entry */ } db_header_t ; class db { private: QFile file; QString name; QString errstr; int dberrno; db_header_t head; void init_header(db_header_t *db, int ver, int len, enum pki_type type, QString name); void convert_header(db_header_t *h); void fileIOerr(QString s); QString backup_name(); bool backup(); public: bool verify_magic(void); qint64 head_offset; db(QString, QFlags perm = QFile::ReadOwner | QFile::WriteOwner); ~db(); bool eof(); void first(int flag = DBFLAG_DELETED); int find(enum pki_type type, QString name); int next(int flag = DBFLAG_DELETED); QString uniq_name(QString s, QList types); void rename(enum pki_type type, QString name, QString n); int add(const unsigned char *p, int len, int ver, enum pki_type type, QString name); int set(const unsigned char *p, int len, int ver, enum pki_type type, QString name); unsigned char *load(db_header_t *u_header); bool get_header(db_header_t *u_header); int erase(void); int shrink(int flags); int mv(QFile &new_file); static QByteArray intToData(uint32_t val); static uint32_t intFromData(QByteArray &ba); static QByteArray boolToData(bool val); static bool boolFromData(QByteArray &ba); static QByteArray stringToData(const QString val); static QString stringFromData(QByteArray &ba); }; #endif xca-RELEASE.2.2.1/lib/pki_multi.h0000644000175000017500000000120013614632167015622 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_MULTI_H #define __PKI_MULTI_H #include #include "pki_x509.h" #include "x509name.h" #include "asn1time.h" #include "asn1int.h" class pki_multi: public pki_base { Q_OBJECT protected: QList multi; public: pki_multi(const QString name = ""); ~pki_multi(); void fromPEMbyteArray(const QByteArray &, const QString &); void fload(const QString &fname); void probeAnything(const QString &fname); pki_base *pull(); int count() const { return multi.count(); } }; #endif xca-RELEASE.2.2.1/lib/xfile.h0000644000175000017500000000323313614632167014744 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2019 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __X_FILE_H #define __X_FILE_H #include #include #include #include #include #include "exception.h" class XFile : public QFile { private: FILE *filp; public: bool open(OpenMode flags) { bool o = QFile::open(flags | Unbuffered); if (error()) { throw errorEx(tr("Error opening file: '%1': %2") .arg(fileName()).arg(strerror(errno))); } return o; } XFile(const QString &name) : QFile(name) { filp = NULL; } FILE *fp(const char *mode = NULL) { if (!filp) { if (!mode) mode = openMode() & WriteOnly ? "ab" : "rb"; filp = fdopen(dup(handle()), mode); check_oom(filp); } qDebug() << fileName() << "FILE ptr @" << ftell(filp); return filp; } qint64 writeData(const char *data, qint64 maxSize) { if (filp) fflush(filp); flush(); seek(size()); qDebug() << "WriteData to" << fileName() << maxSize << "@" << size(); qint64 r = QFile::writeData(data, maxSize); flush(); if (filp) fseek(filp, 0, SEEK_END); return r; } void retry_read() { seek(0); if (filp) fseek(filp, 0, SEEK_SET); if (error()) { throw errorEx( tr("Error rewinding file: '%1': %2") .arg(fileName()) .arg(strerror(errno))); } } bool open_key() { mode_t m = umask(077); bool o = open_write(); umask(m); return o; } bool open_write() { return open(ReadWrite | Truncate); } bool open_read() { return open(ReadOnly); } ~XFile() { if (filp) fclose(filp); } }; #endif xca-RELEASE.2.2.1/lib/pkcs11_lib.h0000644000175000017500000000321513614632167015565 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2009 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __XCA_PKCS11_LIB_H #define __XCA_PKCS11_LIB_H #include "lib/exception.h" #include "opensc-pkcs11.h" #include #include #include class pkcs11_lib { private: lt_dlhandle dl_handle; CK_FUNCTION_LIST *p11; QString file; bool enabled; QString load_error; public: static QString name2File(const QString &name, bool *enabled = NULL); pkcs11_lib(const QString &file); ~pkcs11_lib(); QList getSlotList(); QString driverInfo(); QString filename() { return file; } CK_FUNCTION_LIST *ptr() { return p11; } bool isLoaded() const { return p11 != NULL; } bool isEnabled() const { return enabled; } bool isLib(const QString &name) { return name2File(name) == file; } }; class slotid { public: CK_ULONG id; pkcs11_lib *lib; slotid() { lib = NULL; id = 0; } slotid(pkcs11_lib *l, CK_ULONG i) { lib = l; id = i; } slotid &operator = (const slotid &other) { lib = other.lib; id = other.id; return *this; } void isValid() { if (!lib) throw errorEx("InternalError: slotid is invalid"); } CK_FUNCTION_LIST *p11() { return lib->ptr(); } }; typedef QList slotidList; class pkcs11_lib_list: public QList { public: pkcs11_lib *add_lib(const QString &fname); pkcs11_lib *get_lib(const QString &fname); bool remove_lib(const QString &fname); slotidList getSlotList(); }; void pk11error(const QString &fmt, int r); void pk11error(slotid slot, const QString &func, int rv); const char *pk11errorString(unsigned long rv); #endif xca-RELEASE.2.2.1/lib/load_obj.cpp0000644000175000017500000000640613614632167015746 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "load_obj.h" #include "pki_x509.h" #include "pki_key.h" #include "pki_x509req.h" #include "pki_pkcs7.h" #include "pki_pkcs12.h" #include "pki_multi.h" #include "pki_temp.h" #include "pki_crl.h" load_base::load_base() { filter = QObject::tr("All files ( * )"); caption = ""; } pki_base *load_base::loadItem(const QString &s) { pki_base *pki = newItem(); if (!pki) return NULL; try { pki->fload(s); openssl_error(); } catch (errorEx &err){ delete pki; throw err; } pki->pkiSource = imported; pki->autoIntName(s); return pki; } pki_base * load_base::newItem() { return NULL; } load_base::~load_base() { } /* Keys */ load_key::load_key() :load_base() { filter = QObject::tr("PKI Keys ( *.pem *.der *.key );; " "PKCS#8 Keys ( *.p8 *.pk8 );; " "SSH Public Keys ( *.pub );;") + filter; caption = QObject::tr("Import RSA key"); } pki_base * load_key::newItem() { return new pki_evp(); } /* Requests */ load_req::load_req() :load_base() { filter = QObject::tr("PKCS#10 CSR ( *.pem *.der *.csr );; ") + filter; caption = QObject::tr("Import Request"); } pki_base * load_req::newItem() { return new pki_x509req(); } /* Certificates */ load_cert::load_cert() :load_base() { filter = QObject::tr("Certificates ( *.pem *.der *.crt *.cer );;") + filter; caption = QObject::tr("Import X.509 Certificate"); } pki_base * load_cert::newItem() { return new pki_x509(); } /* PKCS#7 Certificates */ load_pkcs7::load_pkcs7() :load_base() { filter = QObject::tr("PKCS#7 data ( *.p7s *.p7m *.p7b );;") + filter; caption = QObject::tr("Import PKCS#7 Certificates"); } pki_base * load_pkcs7::newItem() { return new pki_pkcs7(); } /* PKCS#12 Certificates */ load_pkcs12::load_pkcs12() :load_base() { filter = QObject::tr("PKCS#12 Certificates ( *.p12 *.pfx );;") + filter; caption = QObject::tr("Import PKCS#12 Private Certificate"); } pki_base * load_pkcs12::loadItem(const QString &s) { pki_base *p12 = new pki_pkcs12(s); return p12; } /* Templates */ load_temp::load_temp() :load_base() { filter = QObject::tr("XCA templates ( *.xca );;") + filter; caption = QObject::tr("Import XCA Templates"); } pki_base * load_temp::newItem() { return new pki_temp(); } /* CRLs */ load_crl::load_crl() :load_base() { filter = QObject::tr("Revocation lists ( *.pem *.der *.crl );;") + filter; caption = QObject::tr("Import Certificate Revocation List"); } pki_base * load_crl::newItem() { return new pki_crl(); } /* Database */ load_db::load_db() :load_base() { filter = QObject::tr("XCA Databases ( *.xdb );;") + filter; caption = QObject::tr("Open XCA Database"); } /* Shared library */ load_pkcs11::load_pkcs11() :load_base() { #if defined(Q_OS_WIN32) filter = QObject::tr("PKCS#11 library ( *.dll );;") + filter; #elif defined(Q_OS_MAC) filter = QObject::tr("PKCS#11 library ( *.dylib *.so );;") + filter; #else filter = QObject::tr("PKCS#11 library ( *.so );;") + filter; #endif caption = QObject::tr("Open PKCS#11 shared library"); } /* General PEM loader */ load_pem::load_pem() :load_base() { filter = QObject::tr("PEM files ( *.pem );;") + filter; caption = QObject::tr("Load PEM encoded file"); } pki_base *load_pem::newItem() { return new pki_multi(); } xca-RELEASE.2.2.1/lib/db_temp.cpp0000644000175000017500000000673613614632167015615 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "db_temp.h" #include "func.h" #include #include #include #include #include #include #include #include #include db_temp::db_temp(MainWindow *mw) :db_x509name(mw) { class_name = "templates"; sqlHashTable = "templates"; pkitype << tmpl; updateHeaders(); loadContainer(); QDir dir; if (!dir.cd(getPrefix())) return; dir.setFilter(QDir::Files | QDir::NoSymLinks); QFileInfoList list = dir.entryInfoList(); load_temp l; pki_temp *tmpl = new pki_temp(tr("Empty template")); tmpl->setAsPreDefined(); predefs << tmpl; for (int i = 0; i < list.size(); ++i) { QFileInfo fileInfo = list.at(i); QString name = getPrefix() + QDir::separator() + fileInfo.fileName(); if (!name.endsWith(".xca", Qt::CaseInsensitive)) continue; try { tmpl = dynamic_cast(l.loadItem(name)); if (tmpl) { tmpl->setAsPreDefined(); predefs << tmpl; } } catch(errorEx &err) { XCA_WARN(tr("Bad template: %1").arg(name)); } } } db_temp::~db_temp() { return; while (!predefs.isEmpty()) delete predefs.takeFirst(); } pki_base *db_temp::newPKI(enum pki_type type) { (void)type; return new pki_temp(""); } QList db_temp::getAllAndPredefs() { return predefs + getAll(); } bool db_temp::runTempDlg(pki_temp *temp) { NewX509 *dlg = new NewX509(mainwin); emit connNewX509(dlg); dlg->setTemp(temp); if (!dlg->exec()) { delete dlg; return false; } dlg->toTemplate(temp); delete dlg; return true; } void db_temp::newItem() { pki_temp *temp = NULL; QString type; itemComboTemp *ic = new itemComboTemp(NULL); ic->insertPkiItems(predefs); XcaDialog *dlg = new XcaDialog(mainwin, tmpl, ic, tr("Preset Template values"), QString()); if (dlg->exec()) { temp = new pki_temp(ic->currentPkiItem()); if (temp) { temp->pkiSource = generated; if (runTempDlg(temp)) { insertPKI(temp); createSuccess(temp); } else { delete temp; } } } delete dlg; } void db_temp::showPki(pki_base *pki) { pki_temp *t = dynamic_cast(pki); if (t) alterTemp(t); } void db_temp::load() { load_temp l; load_default(l); } void db_temp::store(QModelIndex index) { if (!index.isValid()) return; pki_temp *temp = static_cast(index.internalPointer()); QString fn = Settings["workingdir"] + QDir::separator() + temp->getUnderlinedName() + ".xca"; QString s = QFileDialog::getSaveFileName(mainwin, tr("Save template as"), fn, tr("XCA templates ( *.xca );; All files ( * )")); if (s.isEmpty()) return; s = nativeSeparator(s); Settings["workingdir"] = s.mid(0, s.lastIndexOf(QRegExp("[/\\\\]"))); try { XFile file(s); file.open_key(); temp->writeTemp(file); } catch (errorEx &err) { MainWindow::Error(err); } } bool db_temp::alterTemp(pki_temp *temp) { XSqlQuery q; QSqlError e; if (!runTempDlg(temp)) return false; Transaction; if (!TransBegin()) return false; SQL_PREPARE(q, "UPDATE templates SET version=?, template=? WHERE item=?"); q.bindValue(0, TMPL_VERSION); q.bindValue(1, temp->toB64Data()); q.bindValue(2, temp->getSqlItemId()); q.exec(); e = q.lastError(); mainwin->dbSqlError(e); if (e.isValid()) { TransRollback(); return false; } updateItem(temp, temp->getIntName(), temp->getComment()); TransCommit(); return true; } xca-RELEASE.2.2.1/lib/x509name.h0000644000175000017500000000256613614632167015213 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __X509NAME_H #define __X509NAME_H #include #include #include class x509name { private: X509_NAME *xn; public: x509name(); x509name(const X509_NAME *n); x509name(const x509name &n); x509name(STACK_OF(X509_NAME_ENTRY) *entries); ~x509name(); x509name &set(const X509_NAME *n); x509name &set(const STACK_OF(X509_NAME_ENTRY) *entries); QString oneLine(unsigned long flags = XN_FLAG_ONELINE) const; int nid(int i) const; QString getOid(int i) const; QByteArray i2d() const; void d2i(QByteArray &ba); QStringList entryList(int i) const; QString getEntryByNid(int nid) const; QString getEntry(int i) const; QString getEntryTag(int i) const; int entryCount() const; x509name &operator = (const x509name &x); bool operator == (const x509name &x) const; bool operator != (const x509name &x) const; static int getNidByName(const QString &nid_name); void addEntryByNid(int nid, const QString entry); QString checkLength() const; QString popEntryByNid(int nid); X509_NAME *get() const; const X509_NAME *get0() const; QString getMostPopular() const; QString taggedValues() const; QString hash() const; unsigned long hashNum() const; bool search(const QRegExp &pattern) const; }; #endif xca-RELEASE.2.2.1/lib/entropy.h0000644000175000017500000000125513614632167015337 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2012 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __ENTROPY_H #define __ENTROPY_H #include #include #include class Entropy { protected: QString rnd; static QTime timer; static unsigned char pool[512]; static unsigned pool_pos; static unsigned seed_strength; static int random_from_file(QString fname, unsigned amount, int weakness=1); public: Entropy(); ~Entropy(); static void add(int rand); static void add_buf(const unsigned char *buf, int buflen); static int get(unsigned char *buf, int num); static void seed_rng(); static unsigned strength(); }; #endif xca-RELEASE.2.2.1/lib/pki_base.h0000644000175000017500000001037313614632167015415 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_BASE_H #define __PKI_BASE_H #include #include #include #include "asn1time.h" #include "pkcs11_lib.h" #include "db.h" #include "base.h" #include "headerlist.h" #include "settings.h" #include "sql.h" #include "xfile.h" #define __ME QString("(%1[%2]:%3)") \ .arg(getClassName()) \ .arg(getSqlItemId().toString()) \ .arg(getIntName()) #define pki_openssl_error() _openssl_error(__ME, C_FILE, __LINE__) #define pki_ign_openssl_error() _ign_openssl_error(__ME, C_FILE, __LINE__) enum pki_source { unknown, imported, generated, transformed, token, legacy_db, renewed }; #define VIEW_item_id 0 #define VIEW_item_name 1 #define VIEW_item_type 2 #define VIEW_item_date 3 #define VIEW_item_source 4 #define VIEW_item_comment 5 class pki_base : public QObject { Q_OBJECT public: /* static */ static QRegExp limitPattern; static QString rmslashdot(const QString &fname); static unsigned hash(QByteArray ba); static bool pem_comment; protected: QVariant sqlItemId; QString desc, comment; a1time insertion_date; enum pki_type pkiType; /* model data */ pki_base *parent; void my_error(const QString &error) const; virtual void PEM_file_comment(XFile &file) const; public: enum msg_type { msg_import, msg_delete, msg_delete_multi, msg_create, }; enum pki_source pkiSource; QList childItems; pki_base(const QString d = "", pki_base *p = NULL); virtual ~pki_base(); QString getIntName() const { return desc; } virtual QString comboText() const; QString getUnderlinedName() const; void setIntName(const QString &d) { desc = d; } virtual void autoIntName(const QString &file); QString getComment() const { return comment; } void setComment(QString c) { comment = c; } QVariant getSqlItemId() const { return sqlItemId; } enum pki_type getType() const { return pkiType; } QString i2d_b64() const { return QString::fromLatin1(i2d().toBase64()); } a1time getInsertionDate() const { return insertion_date; } virtual QByteArray i2d() const; virtual bool compare(const pki_base *) const; virtual QString getMsg(msg_type msg) const; virtual const char *getClassName() const; /* Tree View management */ void setParent(pki_base *p); virtual pki_base *getParent(); pki_base *child(int row); void append(pki_base *item); void insert(int row, pki_base *item); int childCount() const; pki_base *iterate(pki_base *pki = NULL); void takeChild(pki_base *pki); pki_base *takeFirst(); /* Token handling */ virtual void deleteFromToken(); virtual void deleteFromToken(slotid); virtual int renameOnToken(slotid, QString); /* Import / Export management */ virtual BIO *pem(BIO *, int format=0); virtual void fromPEM_BIO(BIO *, const QString &); virtual void fromPEMbyteArray(const QByteArray &, const QString &); virtual void fload(const QString &); virtual void writeDefault(const QString&) const; /* Old database management methods */ virtual void fromData(const unsigned char *, db_header_t *) {}; /* Qt Model-View methods */ virtual QVariant bg_color(const dbheader *hd) const { (void)hd; return QVariant(); } int row() const; virtual QVariant column_data(const dbheader *hd) const; virtual QVariant getIcon(const dbheader *hd) const; virtual QVariant column_tooltip(const dbheader *hd) const; virtual a1time column_a1time(const dbheader *hd) const; virtual bool visible() const; int isVisible(); bool childVisible() const; /* SQL management methods */ QSqlError insertSql(); virtual QSqlError insertSqlData() { return QSqlError(); } QSqlError deleteSql(); virtual QSqlError deleteSqlData() { return QSqlError(); } virtual void restoreSql(const QSqlRecord &rec); QSqlError sqlItemNotFound(QVariant sqlId) const; unsigned hash() const; QString pki_source_name() const; QString get_dump_filename(const QString &dirname, const QString &ext) const; void selfComment(QString msg); QStringList icsVEVENT(const a1time &expires, const QString &summary, const QString &description) const; }; Q_DECLARE_METATYPE(pki_base *); #endif xca-RELEASE.2.2.1/lib/version.cpp0000644000175000017500000000111113614632167015646 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2018 Christian Hohnstaedt. * * All rights reserved. * Compiles much faster than MW_help.cpp * and needs to get recompiled every time */ #ifndef QMAKE #include "local.h" #endif #ifndef NO_COMMITHASH #include "commithash.h" #else #define COMMITHASH "" #endif const char *version_str(bool html) { if (!COMMITHASH[0]) { return html ? "" PACKAGE_VERSION "" : PACKAGE_VERSION; } return html ? "" PACKAGE_VERSION "+dev
" "commit: " COMMITHASH "" : PACKAGE_VERSION "+dev\n" "commit: " COMMITHASH; } xca-RELEASE.2.2.1/lib/opensc-pkcs11.h0000644000175000017500000012351613614632167016233 0ustar tewardteward/* pkcs11.h Copyright 2006, 2007 g10 Code GmbH Copyright 2006 Andreas Jellinghaus This file is free software; as a special exception the author gives unlimited permission to copy and/or distribute it, with or without modifications, as long as this notice is preserved. This file is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY, to the extent permitted by law; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. */ /* Please submit changes back to the Scute project at http://www.scute.org/ (or send them to marcus@g10code.com), so that they can be picked up by other projects from there as well. */ /* This file is a modified implementation of the PKCS #11 standard by RSA Security Inc. It is mostly a drop-in replacement, with the following change: This header file does not require any macro definitions by the user (like CK_DEFINE_FUNCTION etc). In fact, it defines those macros for you (if useful, some are missing, let me know if you need more). There is an additional API available that does comply better to the GNU coding standard. It can be switched on by defining CRYPTOKI_GNU before including this header file. For this, the following changes are made to the specification: All structure types are changed to a "struct ck_foo" where CK_FOO is the type name in PKCS #11. All non-structure types are changed to ck_foo_t where CK_FOO is the lowercase version of the type name in PKCS #11. The basic types (CK_ULONG et al.) are removed without substitute. All members of structures are modified in the following way: Type indication prefixes are removed, and underscore characters are inserted before words. Then the result is lowercased. Note that function names are still in the original case, as they need for ABI compatibility. CK_FALSE, CK_TRUE and NULL_PTR are removed without substitute. Use . If CRYPTOKI_COMPAT is defined before including this header file, then none of the API changes above take place, and the API is the one defined by the PKCS #11 standard. */ #ifndef PKCS11_H #define PKCS11_H 1 #if defined(__cplusplus) extern "C" { #endif /* The version of cryptoki we implement. The revision is changed with each modification of this file. If you do not use the "official" version of this file, please consider deleting the revision macro (you may use a macro with a different name to keep track of your versions). */ #define CRYPTOKI_VERSION_MAJOR 2 #define CRYPTOKI_VERSION_MINOR 20 #define CRYPTOKI_VERSION_REVISION 6 /* Compatibility interface is default, unless CRYPTOKI_GNU is given. */ #ifndef CRYPTOKI_GNU #ifndef CRYPTOKI_COMPAT #define CRYPTOKI_COMPAT 1 #endif #endif /* System dependencies. */ #if defined(_WIN32) || defined(CRYPTOKI_FORCE_WIN32) /* There is a matching pop below. */ #pragma pack(push, cryptoki, 1) #ifdef CRYPTOKI_EXPORTS #define CK_SPEC __declspec(dllexport) #else #define CK_SPEC __declspec(dllimport) #endif #else #define CK_SPEC #endif #ifdef CRYPTOKI_COMPAT /* If we are in compatibility mode, switch all exposed names to the PKCS #11 variant. There are corresponding #undefs below. */ #define ck_flags_t CK_FLAGS #define ck_version _CK_VERSION #define ck_info _CK_INFO #define cryptoki_version cryptokiVersion #define manufacturer_id manufacturerID #define library_description libraryDescription #define library_version libraryVersion #define ck_notification_t CK_NOTIFICATION #define ck_slot_id_t CK_SLOT_ID #define ck_slot_info _CK_SLOT_INFO #define slot_description slotDescription #define hardware_version hardwareVersion #define firmware_version firmwareVersion #define ck_token_info _CK_TOKEN_INFO #define serial_number serialNumber #define max_session_count ulMaxSessionCount #define session_count ulSessionCount #define max_rw_session_count ulMaxRwSessionCount #define rw_session_count ulRwSessionCount #define max_pin_len ulMaxPinLen #define min_pin_len ulMinPinLen #define total_public_memory ulTotalPublicMemory #define free_public_memory ulFreePublicMemory #define total_private_memory ulTotalPrivateMemory #define free_private_memory ulFreePrivateMemory #define utc_time utcTime #define ck_session_handle_t CK_SESSION_HANDLE #define ck_user_type_t CK_USER_TYPE #define ck_state_t CK_STATE #define ck_session_info _CK_SESSION_INFO #define slot_id slotID #define device_error ulDeviceError #define ck_object_handle_t CK_OBJECT_HANDLE #define ck_object_class_t CK_OBJECT_CLASS #define ck_hw_feature_type_t CK_HW_FEATURE_TYPE #define ck_key_type_t CK_KEY_TYPE #define ck_certificate_type_t CK_CERTIFICATE_TYPE #define ck_attribute_type_t CK_ATTRIBUTE_TYPE #define ck_attribute _CK_ATTRIBUTE #define value pValue #define value_len ulValueLen #define ck_date _CK_DATE #define ck_mechanism_type_t CK_MECHANISM_TYPE #define ck_mechanism _CK_MECHANISM #define parameter pParameter #define parameter_len ulParameterLen #define ck_mechanism_info _CK_MECHANISM_INFO #define min_key_size ulMinKeySize #define max_key_size ulMaxKeySize #define ck_rv_t CK_RV #define ck_notify_t CK_NOTIFY #define ck_function_list _CK_FUNCTION_LIST #define ck_createmutex_t CK_CREATEMUTEX #define ck_destroymutex_t CK_DESTROYMUTEX #define ck_lockmutex_t CK_LOCKMUTEX #define ck_unlockmutex_t CK_UNLOCKMUTEX #define ck_c_initialize_args _CK_C_INITIALIZE_ARGS #define create_mutex CreateMutex #define destroy_mutex DestroyMutex #define lock_mutex LockMutex #define unlock_mutex UnlockMutex #define reserved pReserved #endif /* CRYPTOKI_COMPAT */ typedef unsigned long ck_flags_t; struct ck_version { unsigned char major; unsigned char minor; }; struct ck_info { struct ck_version cryptoki_version; unsigned char manufacturer_id[32]; ck_flags_t flags; unsigned char library_description[32]; struct ck_version library_version; }; typedef unsigned long ck_notification_t; #define CKN_SURRENDER (0) typedef unsigned long ck_slot_id_t; struct ck_slot_info { unsigned char slot_description[64]; unsigned char manufacturer_id[32]; ck_flags_t flags; struct ck_version hardware_version; struct ck_version firmware_version; }; #define CKF_TOKEN_PRESENT (1 << 0) #define CKF_REMOVABLE_DEVICE (1 << 1) #define CKF_HW_SLOT (1 << 2) #define CKF_ARRAY_ATTRIBUTE (1 << 30) struct ck_token_info { unsigned char label[32]; unsigned char manufacturer_id[32]; unsigned char model[16]; unsigned char serial_number[16]; ck_flags_t flags; unsigned long max_session_count; unsigned long session_count; unsigned long max_rw_session_count; unsigned long rw_session_count; unsigned long max_pin_len; unsigned long min_pin_len; unsigned long total_public_memory; unsigned long free_public_memory; unsigned long total_private_memory; unsigned long free_private_memory; struct ck_version hardware_version; struct ck_version firmware_version; unsigned char utc_time[16]; }; #define CKF_RNG (1 << 0) #define CKF_WRITE_PROTECTED (1 << 1) #define CKF_LOGIN_REQUIRED (1 << 2) #define CKF_USER_PIN_INITIALIZED (1 << 3) #define CKF_RESTORE_KEY_NOT_NEEDED (1 << 5) #define CKF_CLOCK_ON_TOKEN (1 << 6) #define CKF_PROTECTED_AUTHENTICATION_PATH (1 << 8) #define CKF_DUAL_CRYPTO_OPERATIONS (1 << 9) #define CKF_TOKEN_INITIALIZED (1 << 10) #define CKF_SECONDARY_AUTHENTICATION (1 << 11) #define CKF_USER_PIN_COUNT_LOW (1 << 16) #define CKF_USER_PIN_FINAL_TRY (1 << 17) #define CKF_USER_PIN_LOCKED (1 << 18) #define CKF_USER_PIN_TO_BE_CHANGED (1 << 19) #define CKF_SO_PIN_COUNT_LOW (1 << 20) #define CKF_SO_PIN_FINAL_TRY (1 << 21) #define CKF_SO_PIN_LOCKED (1 << 22) #define CKF_SO_PIN_TO_BE_CHANGED (1 << 23) #define CKF_EC_F_P (1 << 20) #define CKF_EC_F_2M (1 << 21) #define CKF_EC_ECPARAMETERS (1 << 22) #define CKF_EC_NAMEDCURVE (1 << 23) #define CKF_EC_UNCOMPRESS (1 << 24) #define CKF_EC_COMPRESS (1 << 25) #define CK_UNAVAILABLE_INFORMATION ((unsigned long) -1) #define CK_EFFECTIVELY_INFINITE (0) typedef unsigned long ck_session_handle_t; #define CK_INVALID_HANDLE (0) typedef unsigned long ck_user_type_t; #define CKU_SO (0) #define CKU_USER (1) #define CKU_CONTEXT_SPECIFIC (2) typedef unsigned long ck_state_t; #define CKS_RO_PUBLIC_SESSION (0) #define CKS_RO_USER_FUNCTIONS (1) #define CKS_RW_PUBLIC_SESSION (2) #define CKS_RW_USER_FUNCTIONS (3) #define CKS_RW_SO_FUNCTIONS (4) struct ck_session_info { ck_slot_id_t slot_id; ck_state_t state; ck_flags_t flags; unsigned long device_error; }; #define CKF_RW_SESSION (1 << 1) #define CKF_SERIAL_SESSION (1 << 2) typedef unsigned long ck_object_handle_t; typedef unsigned long ck_object_class_t; #define CKO_DATA (0) #define CKO_CERTIFICATE (1) #define CKO_PUBLIC_KEY (2) #define CKO_PRIVATE_KEY (3) #define CKO_SECRET_KEY (4) #define CKO_HW_FEATURE (5) #define CKO_DOMAIN_PARAMETERS (6) #define CKO_MECHANISM (7) #define CKO_VENDOR_DEFINED ((unsigned long) (1 << 31)) typedef unsigned long ck_hw_feature_type_t; #define CKH_MONOTONIC_COUNTER (1) #define CKH_CLOCK (2) #define CKH_USER_INTERFACE (3) #define CKH_VENDOR_DEFINED ((unsigned long) (1 << 31)) typedef unsigned long ck_key_type_t; #define CKK_RSA (0) #define CKK_DSA (1) #define CKK_DH (2) #define CKK_ECDSA (3) #define CKK_EC (3) #define CKK_X9_42_DH (4) #define CKK_KEA (5) #define CKK_GENERIC_SECRET (0x10) #define CKK_RC2 (0x11) #define CKK_RC4 (0x12) #define CKK_DES (0x13) #define CKK_DES2 (0x14) #define CKK_DES3 (0x15) #define CKK_CAST (0x16) #define CKK_CAST3 (0x17) #define CKK_CAST128 (0x18) #define CKK_RC5 (0x19) #define CKK_IDEA (0x1a) #define CKK_SKIPJACK (0x1b) #define CKK_BATON (0x1c) #define CKK_JUNIPER (0x1d) #define CKK_CDMF (0x1e) #define CKK_AES (0x1f) #define CKK_BLOWFISH (0x20) #define CKK_TWOFISH (0x21) #define CKK_VENDOR_DEFINED ((unsigned long) (1 << 31)) typedef unsigned long ck_certificate_type_t; #define CKC_X_509 (0) #define CKC_X_509_ATTR_CERT (1) #define CKC_WTLS (2) #define CKC_VENDOR_DEFINED ((unsigned long) (1 << 31)) typedef unsigned long ck_attribute_type_t; #define CKA_CLASS (0UL) #define CKA_TOKEN (1UL) #define CKA_PRIVATE (2UL) #define CKA_LABEL (3UL) #define CKA_APPLICATION (0x10UL) #define CKA_VALUE (0x11UL) #define CKA_OBJECT_ID (0x12UL) #define CKA_CERTIFICATE_TYPE (0x80UL) #define CKA_ISSUER (0x81UL) #define CKA_SERIAL_NUMBER (0x82UL) #define CKA_AC_ISSUER (0x83UL) #define CKA_OWNER (0x84UL) #define CKA_ATTR_TYPES (0x85UL) #define CKA_TRUSTED (0x86UL) #define CKA_CERTIFICATE_CATEGORY (0x87UL) #define CKA_JAVA_MIDP_SECURITY_DOMAIN (0x88UL) #define CKA_URL (0x89UL) #define CKA_HASH_OF_SUBJECT_PUBLIC_KEY (0x8aUL) #define CKA_HASH_OF_ISSUER_PUBLIC_KEY (0x8bUL) #define CKA_CHECK_VALUE (0x90UL) #define CKA_KEY_TYPE (0x100UL) #define CKA_SUBJECT (0x101UL) #define CKA_ID (0x102UL) #define CKA_SENSITIVE (0x103UL) #define CKA_ENCRYPT (0x104UL) #define CKA_DECRYPT (0x105UL) #define CKA_WRAP (0x106UL) #define CKA_UNWRAP (0x107UL) #define CKA_SIGN (0x108UL) #define CKA_SIGN_RECOVER (0x109UL) #define CKA_VERIFY (0x10aUL) #define CKA_VERIFY_RECOVER (0x10bUL) #define CKA_DERIVE (0x10cUL) #define CKA_START_DATE (0x110UL) #define CKA_END_DATE (0x111UL) #define CKA_MODULUS (0x120UL) #define CKA_MODULUS_BITS (0x121UL) #define CKA_PUBLIC_EXPONENT (0x122UL) #define CKA_PRIVATE_EXPONENT (0x123UL) #define CKA_PRIME_1 (0x124UL) #define CKA_PRIME_2 (0x125UL) #define CKA_EXPONENT_1 (0x126UL) #define CKA_EXPONENT_2 (0x127UL) #define CKA_COEFFICIENT (0x128UL) #define CKA_PRIME (0x130UL) #define CKA_SUBPRIME (0x131UL) #define CKA_BASE (0x132UL) #define CKA_PRIME_BITS (0x133UL) #define CKA_SUB_PRIME_BITS (0x134UL) #define CKA_VALUE_BITS (0x160UL) #define CKA_VALUE_LEN (0x161UL) #define CKA_EXTRACTABLE (0x162UL) #define CKA_LOCAL (0x163UL) #define CKA_NEVER_EXTRACTABLE (0x164UL) #define CKA_ALWAYS_SENSITIVE (0x165UL) #define CKA_KEY_GEN_MECHANISM (0x166UL) #define CKA_MODIFIABLE (0x170UL) #define CKA_ECDSA_PARAMS (0x180UL) #define CKA_EC_PARAMS (0x180UL) #define CKA_EC_POINT (0x181UL) #define CKA_SECONDARY_AUTH (0x200UL) #define CKA_AUTH_PIN_FLAGS (0x201UL) #define CKA_ALWAYS_AUTHENTICATE (0x202UL) #define CKA_WRAP_WITH_TRUSTED (0x210UL) #define CKA_HW_FEATURE_TYPE (0x300UL) #define CKA_RESET_ON_INIT (0x301UL) #define CKA_HAS_RESET (0x302UL) #define CKA_PIXEL_X (0x400UL) #define CKA_PIXEL_Y (0x401UL) #define CKA_RESOLUTION (0x402UL) #define CKA_CHAR_ROWS (0x403UL) #define CKA_CHAR_COLUMNS (0x404UL) #define CKA_COLOR (0x405UL) #define CKA_BITS_PER_PIXEL (0x406UL) #define CKA_CHAR_SETS (0x480UL) #define CKA_ENCODING_METHODS (0x481UL) #define CKA_MIME_TYPES (0x482UL) #define CKA_MECHANISM_TYPE (0x500UL) #define CKA_REQUIRED_CMS_ATTRIBUTES (0x501UL) #define CKA_DEFAULT_CMS_ATTRIBUTES (0x502UL) #define CKA_SUPPORTED_CMS_ATTRIBUTES (0x503UL) #define CKA_WRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x211UL) #define CKA_UNWRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x212UL) #define CKA_ALLOWED_MECHANISMS (CKF_ARRAY_ATTRIBUTE | 0x600UL) #define CKA_VENDOR_DEFINED ((unsigned long) (1 << 31)) struct ck_attribute { ck_attribute_type_t type; void *value; unsigned long value_len; }; struct ck_date { unsigned char year[4]; unsigned char month[2]; unsigned char day[2]; }; typedef unsigned long ck_mechanism_type_t; #define CKM_RSA_PKCS_KEY_PAIR_GEN (0) #define CKM_RSA_PKCS (1) #define CKM_RSA_9796 (2) #define CKM_RSA_X_509 (3) #define CKM_MD2_RSA_PKCS (4) #define CKM_MD5_RSA_PKCS (5) #define CKM_SHA1_RSA_PKCS (6) #define CKM_RIPEMD128_RSA_PKCS (7) #define CKM_RIPEMD160_RSA_PKCS (8) #define CKM_RSA_PKCS_OAEP (9) #define CKM_RSA_X9_31_KEY_PAIR_GEN (0xa) #define CKM_RSA_X9_31 (0xb) #define CKM_SHA1_RSA_X9_31 (0xc) #define CKM_RSA_PKCS_PSS (0xd) #define CKM_SHA1_RSA_PKCS_PSS (0xe) #define CKM_DSA_KEY_PAIR_GEN (0x10) #define CKM_DSA (0x11) #define CKM_DSA_SHA1 (0x12) #define CKM_DH_PKCS_KEY_PAIR_GEN (0x20) #define CKM_DH_PKCS_DERIVE (0x21) #define CKM_X9_42_DH_KEY_PAIR_GEN (0x30) #define CKM_X9_42_DH_DERIVE (0x31) #define CKM_X9_42_DH_HYBRID_DERIVE (0x32) #define CKM_X9_42_MQV_DERIVE (0x33) #define CKM_SHA256_RSA_PKCS (0x40) #define CKM_SHA384_RSA_PKCS (0x41) #define CKM_SHA512_RSA_PKCS (0x42) #define CKM_SHA256_RSA_PKCS_PSS (0x43) #define CKM_SHA384_RSA_PKCS_PSS (0x44) #define CKM_SHA512_RSA_PKCS_PSS (0x45) #define CKM_RC2_KEY_GEN (0x100) #define CKM_RC2_ECB (0x101) #define CKM_RC2_CBC (0x102) #define CKM_RC2_MAC (0x103) #define CKM_RC2_MAC_GENERAL (0x104) #define CKM_RC2_CBC_PAD (0x105) #define CKM_RC4_KEY_GEN (0x110) #define CKM_RC4 (0x111) #define CKM_DES_KEY_GEN (0x120) #define CKM_DES_ECB (0x121) #define CKM_DES_CBC (0x122) #define CKM_DES_MAC (0x123) #define CKM_DES_MAC_GENERAL (0x124) #define CKM_DES_CBC_PAD (0x125) #define CKM_DES2_KEY_GEN (0x130) #define CKM_DES3_KEY_GEN (0x131) #define CKM_DES3_ECB (0x132) #define CKM_DES3_CBC (0x133) #define CKM_DES3_MAC (0x134) #define CKM_DES3_MAC_GENERAL (0x135) #define CKM_DES3_CBC_PAD (0x136) #define CKM_CDMF_KEY_GEN (0x140) #define CKM_CDMF_ECB (0x141) #define CKM_CDMF_CBC (0x142) #define CKM_CDMF_MAC (0x143) #define CKM_CDMF_MAC_GENERAL (0x144) #define CKM_CDMF_CBC_PAD (0x145) #define CKM_MD2 (0x200) #define CKM_MD2_HMAC (0x201) #define CKM_MD2_HMAC_GENERAL (0x202) #define CKM_MD5 (0x210) #define CKM_MD5_HMAC (0x211) #define CKM_MD5_HMAC_GENERAL (0x212) #define CKM_SHA_1 (0x220) #define CKM_SHA_1_HMAC (0x221) #define CKM_SHA_1_HMAC_GENERAL (0x222) #define CKM_RIPEMD128 (0x230) #define CKM_RIPEMD128_HMAC (0x231) #define CKM_RIPEMD128_HMAC_GENERAL (0x232) #define CKM_RIPEMD160 (0x240) #define CKM_RIPEMD160_HMAC (0x241) #define CKM_RIPEMD160_HMAC_GENERAL (0x242) #define CKM_SHA256 (0x250) #define CKM_SHA256_HMAC (0x251) #define CKM_SHA256_HMAC_GENERAL (0x252) #define CKM_SHA384 (0x260) #define CKM_SHA384_HMAC (0x261) #define CKM_SHA384_HMAC_GENERAL (0x262) #define CKM_SHA512 (0x270) #define CKM_SHA512_HMAC (0x271) #define CKM_SHA512_HMAC_GENERAL (0x272) #define CKM_CAST_KEY_GEN (0x300) #define CKM_CAST_ECB (0x301) #define CKM_CAST_CBC (0x302) #define CKM_CAST_MAC (0x303) #define CKM_CAST_MAC_GENERAL (0x304) #define CKM_CAST_CBC_PAD (0x305) #define CKM_CAST3_KEY_GEN (0x310) #define CKM_CAST3_ECB (0x311) #define CKM_CAST3_CBC (0x312) #define CKM_CAST3_MAC (0x313) #define CKM_CAST3_MAC_GENERAL (0x314) #define CKM_CAST3_CBC_PAD (0x315) #define CKM_CAST5_KEY_GEN (0x320) #define CKM_CAST128_KEY_GEN (0x320) #define CKM_CAST5_ECB (0x321) #define CKM_CAST128_ECB (0x321) #define CKM_CAST5_CBC (0x322) #define CKM_CAST128_CBC (0x322) #define CKM_CAST5_MAC (0x323) #define CKM_CAST128_MAC (0x323) #define CKM_CAST5_MAC_GENERAL (0x324) #define CKM_CAST128_MAC_GENERAL (0x324) #define CKM_CAST5_CBC_PAD (0x325) #define CKM_CAST128_CBC_PAD (0x325) #define CKM_RC5_KEY_GEN (0x330) #define CKM_RC5_ECB (0x331) #define CKM_RC5_CBC (0x332) #define CKM_RC5_MAC (0x333) #define CKM_RC5_MAC_GENERAL (0x334) #define CKM_RC5_CBC_PAD (0x335) #define CKM_IDEA_KEY_GEN (0x340) #define CKM_IDEA_ECB (0x341) #define CKM_IDEA_CBC (0x342) #define CKM_IDEA_MAC (0x343) #define CKM_IDEA_MAC_GENERAL (0x344) #define CKM_IDEA_CBC_PAD (0x345) #define CKM_GENERIC_SECRET_KEY_GEN (0x350) #define CKM_CONCATENATE_BASE_AND_KEY (0x360) #define CKM_CONCATENATE_BASE_AND_DATA (0x362) #define CKM_CONCATENATE_DATA_AND_BASE (0x363) #define CKM_XOR_BASE_AND_DATA (0x364) #define CKM_EXTRACT_KEY_FROM_KEY (0x365) #define CKM_SSL3_PRE_MASTER_KEY_GEN (0x370) #define CKM_SSL3_MASTER_KEY_DERIVE (0x371) #define CKM_SSL3_KEY_AND_MAC_DERIVE (0x372) #define CKM_SSL3_MASTER_KEY_DERIVE_DH (0x373) #define CKM_TLS_PRE_MASTER_KEY_GEN (0x374) #define CKM_TLS_MASTER_KEY_DERIVE (0x375) #define CKM_TLS_KEY_AND_MAC_DERIVE (0x376) #define CKM_TLS_MASTER_KEY_DERIVE_DH (0x377) #define CKM_SSL3_MD5_MAC (0x380) #define CKM_SSL3_SHA1_MAC (0x381) #define CKM_MD5_KEY_DERIVATION (0x390) #define CKM_MD2_KEY_DERIVATION (0x391) #define CKM_SHA1_KEY_DERIVATION (0x392) #define CKM_PBE_MD2_DES_CBC (0x3a0) #define CKM_PBE_MD5_DES_CBC (0x3a1) #define CKM_PBE_MD5_CAST_CBC (0x3a2) #define CKM_PBE_MD5_CAST3_CBC (0x3a3) #define CKM_PBE_MD5_CAST5_CBC (0x3a4) #define CKM_PBE_MD5_CAST128_CBC (0x3a4) #define CKM_PBE_SHA1_CAST5_CBC (0x3a5) #define CKM_PBE_SHA1_CAST128_CBC (0x3a5) #define CKM_PBE_SHA1_RC4_128 (0x3a6) #define CKM_PBE_SHA1_RC4_40 (0x3a7) #define CKM_PBE_SHA1_DES3_EDE_CBC (0x3a8) #define CKM_PBE_SHA1_DES2_EDE_CBC (0x3a9) #define CKM_PBE_SHA1_RC2_128_CBC (0x3aa) #define CKM_PBE_SHA1_RC2_40_CBC (0x3ab) #define CKM_PKCS5_PBKD2 (0x3b0) #define CKM_PBA_SHA1_WITH_SHA1_HMAC (0x3c0) #define CKM_KEY_WRAP_LYNKS (0x400) #define CKM_KEY_WRAP_SET_OAEP (0x401) #define CKM_SKIPJACK_KEY_GEN (0x1000) #define CKM_SKIPJACK_ECB64 (0x1001) #define CKM_SKIPJACK_CBC64 (0x1002) #define CKM_SKIPJACK_OFB64 (0x1003) #define CKM_SKIPJACK_CFB64 (0x1004) #define CKM_SKIPJACK_CFB32 (0x1005) #define CKM_SKIPJACK_CFB16 (0x1006) #define CKM_SKIPJACK_CFB8 (0x1007) #define CKM_SKIPJACK_WRAP (0x1008) #define CKM_SKIPJACK_PRIVATE_WRAP (0x1009) #define CKM_SKIPJACK_RELAYX (0x100a) #define CKM_KEA_KEY_PAIR_GEN (0x1010) #define CKM_KEA_KEY_DERIVE (0x1011) #define CKM_FORTEZZA_TIMESTAMP (0x1020) #define CKM_BATON_KEY_GEN (0x1030) #define CKM_BATON_ECB128 (0x1031) #define CKM_BATON_ECB96 (0x1032) #define CKM_BATON_CBC128 (0x1033) #define CKM_BATON_COUNTER (0x1034) #define CKM_BATON_SHUFFLE (0x1035) #define CKM_BATON_WRAP (0x1036) #define CKM_ECDSA_KEY_PAIR_GEN (0x1040) #define CKM_EC_KEY_PAIR_GEN (0x1040) #define CKM_ECDSA (0x1041) #define CKM_ECDSA_SHA1 (0x1042) #define CKM_ECDH1_DERIVE (0x1050) #define CKM_ECDH1_COFACTOR_DERIVE (0x1051) #define CKM_ECMQV_DERIVE (0x1052) #define CKM_JUNIPER_KEY_GEN (0x1060) #define CKM_JUNIPER_ECB128 (0x1061) #define CKM_JUNIPER_CBC128 (0x1062) #define CKM_JUNIPER_COUNTER (0x1063) #define CKM_JUNIPER_SHUFFLE (0x1064) #define CKM_JUNIPER_WRAP (0x1065) #define CKM_FASTHASH (0x1070) #define CKM_AES_KEY_GEN (0x1080) #define CKM_AES_ECB (0x1081) #define CKM_AES_CBC (0x1082) #define CKM_AES_MAC (0x1083) #define CKM_AES_MAC_GENERAL (0x1084) #define CKM_AES_CBC_PAD (0x1085) #define CKM_DSA_PARAMETER_GEN (0x2000) #define CKM_DH_PKCS_PARAMETER_GEN (0x2001) #define CKM_X9_42_DH_PARAMETER_GEN (0x2002) #define CKM_VENDOR_DEFINED ((unsigned long) (1 << 31)) struct ck_mechanism { ck_mechanism_type_t mechanism; void *parameter; unsigned long parameter_len; }; struct ck_mechanism_info { unsigned long min_key_size; unsigned long max_key_size; ck_flags_t flags; }; #define CKF_HW (1 << 0) #define CKF_ENCRYPT (1 << 8) #define CKF_DECRYPT (1 << 9) #define CKF_DIGEST (1 << 10) #define CKF_SIGN (1 << 11) #define CKF_SIGN_RECOVER (1 << 12) #define CKF_VERIFY (1 << 13) #define CKF_VERIFY_RECOVER (1 << 14) #define CKF_GENERATE (1 << 15) #define CKF_GENERATE_KEY_PAIR (1 << 16) #define CKF_WRAP (1 << 17) #define CKF_UNWRAP (1 << 18) #define CKF_DERIVE (1 << 19) #define CKF_EXTENSION ((unsigned long) (1 << 31)) /* Flags for C_WaitForSlotEvent. */ #define CKF_DONT_BLOCK (1) typedef unsigned long ck_rv_t; typedef ck_rv_t (*ck_notify_t) (ck_session_handle_t session, ck_notification_t event, void *application); /* Forward reference. */ struct ck_function_list; #define _CK_DECLARE_FUNCTION(name, args) \ typedef ck_rv_t (*CK_ ## name) args; \ ck_rv_t CK_SPEC name args _CK_DECLARE_FUNCTION (C_Initialize, (void *init_args)); _CK_DECLARE_FUNCTION (C_Finalize, (void *reserved)); _CK_DECLARE_FUNCTION (C_GetInfo, (struct ck_info *info)); _CK_DECLARE_FUNCTION (C_GetFunctionList, (struct ck_function_list **function_list)); _CK_DECLARE_FUNCTION (C_GetSlotList, (unsigned char token_present, ck_slot_id_t *slot_list, unsigned long *count)); _CK_DECLARE_FUNCTION (C_GetSlotInfo, (ck_slot_id_t slot_id, struct ck_slot_info *info)); _CK_DECLARE_FUNCTION (C_GetTokenInfo, (ck_slot_id_t slot_id, struct ck_token_info *info)); _CK_DECLARE_FUNCTION (C_WaitForSlotEvent, (ck_flags_t flags, ck_slot_id_t *slot, void *reserved)); _CK_DECLARE_FUNCTION (C_GetMechanismList, (ck_slot_id_t slot_id, ck_mechanism_type_t *mechanism_list, unsigned long *count)); _CK_DECLARE_FUNCTION (C_GetMechanismInfo, (ck_slot_id_t slot_id, ck_mechanism_type_t type, struct ck_mechanism_info *info)); _CK_DECLARE_FUNCTION (C_InitToken, (ck_slot_id_t slot_id, unsigned char *pin, unsigned long pin_len, unsigned char *label)); _CK_DECLARE_FUNCTION (C_InitPIN, (ck_session_handle_t session, unsigned char *pin, unsigned long pin_len)); _CK_DECLARE_FUNCTION (C_SetPIN, (ck_session_handle_t session, unsigned char *old_pin, unsigned long old_len, unsigned char *new_pin, unsigned long new_len)); _CK_DECLARE_FUNCTION (C_OpenSession, (ck_slot_id_t slot_id, ck_flags_t flags, void *application, ck_notify_t notify, ck_session_handle_t *session)); _CK_DECLARE_FUNCTION (C_CloseSession, (ck_session_handle_t session)); _CK_DECLARE_FUNCTION (C_CloseAllSessions, (ck_slot_id_t slot_id)); _CK_DECLARE_FUNCTION (C_GetSessionInfo, (ck_session_handle_t session, struct ck_session_info *info)); _CK_DECLARE_FUNCTION (C_GetOperationState, (ck_session_handle_t session, unsigned char *operation_state, unsigned long *operation_state_len)); _CK_DECLARE_FUNCTION (C_SetOperationState, (ck_session_handle_t session, unsigned char *operation_state, unsigned long operation_state_len, ck_object_handle_t encryption_key, ck_object_handle_t authentiation_key)); _CK_DECLARE_FUNCTION (C_Login, (ck_session_handle_t session, ck_user_type_t user_type, unsigned char *pin, unsigned long pin_len)); _CK_DECLARE_FUNCTION (C_Logout, (ck_session_handle_t session)); _CK_DECLARE_FUNCTION (C_CreateObject, (ck_session_handle_t session, struct ck_attribute *templ, unsigned long count, ck_object_handle_t *object)); _CK_DECLARE_FUNCTION (C_CopyObject, (ck_session_handle_t session, ck_object_handle_t object, struct ck_attribute *templ, unsigned long count, ck_object_handle_t *new_object)); _CK_DECLARE_FUNCTION (C_DestroyObject, (ck_session_handle_t session, ck_object_handle_t object)); _CK_DECLARE_FUNCTION (C_GetObjectSize, (ck_session_handle_t session, ck_object_handle_t object, unsigned long *size)); _CK_DECLARE_FUNCTION (C_GetAttributeValue, (ck_session_handle_t session, ck_object_handle_t object, struct ck_attribute *templ, unsigned long count)); _CK_DECLARE_FUNCTION (C_SetAttributeValue, (ck_session_handle_t session, ck_object_handle_t object, struct ck_attribute *templ, unsigned long count)); _CK_DECLARE_FUNCTION (C_FindObjectsInit, (ck_session_handle_t session, struct ck_attribute *templ, unsigned long count)); _CK_DECLARE_FUNCTION (C_FindObjects, (ck_session_handle_t session, ck_object_handle_t *object, unsigned long max_object_count, unsigned long *object_count)); _CK_DECLARE_FUNCTION (C_FindObjectsFinal, (ck_session_handle_t session)); _CK_DECLARE_FUNCTION (C_EncryptInit, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_Encrypt, (ck_session_handle_t session, unsigned char *data, unsigned long data_len, unsigned char *encrypted_data, unsigned long *encrypted_data_len)); _CK_DECLARE_FUNCTION (C_EncryptUpdate, (ck_session_handle_t session, unsigned char *part, unsigned long part_len, unsigned char *encrypted_part, unsigned long *encrypted_part_len)); _CK_DECLARE_FUNCTION (C_EncryptFinal, (ck_session_handle_t session, unsigned char *last_encrypted_part, unsigned long *last_encrypted_part_len)); _CK_DECLARE_FUNCTION (C_DecryptInit, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_Decrypt, (ck_session_handle_t session, unsigned char *encrypted_data, unsigned long encrypted_data_len, unsigned char *data, unsigned long *data_len)); _CK_DECLARE_FUNCTION (C_DecryptUpdate, (ck_session_handle_t session, unsigned char *encrypted_part, unsigned long encrypted_part_len, unsigned char *part, unsigned long *part_len)); _CK_DECLARE_FUNCTION (C_DecryptFinal, (ck_session_handle_t session, unsigned char *last_part, unsigned long *last_part_len)); _CK_DECLARE_FUNCTION (C_DigestInit, (ck_session_handle_t session, struct ck_mechanism *mechanism)); _CK_DECLARE_FUNCTION (C_Digest, (ck_session_handle_t session, unsigned char *data, unsigned long data_len, unsigned char *digest, unsigned long *digest_len)); _CK_DECLARE_FUNCTION (C_DigestUpdate, (ck_session_handle_t session, unsigned char *part, unsigned long part_len)); _CK_DECLARE_FUNCTION (C_DigestKey, (ck_session_handle_t session, ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_DigestFinal, (ck_session_handle_t session, unsigned char *digest, unsigned long *digest_len)); _CK_DECLARE_FUNCTION (C_SignInit, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_Sign, (ck_session_handle_t session, unsigned char *data, unsigned long data_len, unsigned char *signature, unsigned long *signature_len)); _CK_DECLARE_FUNCTION (C_SignUpdate, (ck_session_handle_t session, unsigned char *part, unsigned long part_len)); _CK_DECLARE_FUNCTION (C_SignFinal, (ck_session_handle_t session, unsigned char *signature, unsigned long *signature_len)); _CK_DECLARE_FUNCTION (C_SignRecoverInit, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_SignRecover, (ck_session_handle_t session, unsigned char *data, unsigned long data_len, unsigned char *signature, unsigned long *signature_len)); _CK_DECLARE_FUNCTION (C_VerifyInit, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_Verify, (ck_session_handle_t session, unsigned char *data, unsigned long data_len, unsigned char *signature, unsigned long signature_len)); _CK_DECLARE_FUNCTION (C_VerifyUpdate, (ck_session_handle_t session, unsigned char *part, unsigned long part_len)); _CK_DECLARE_FUNCTION (C_VerifyFinal, (ck_session_handle_t session, unsigned char *signature, unsigned long signature_len)); _CK_DECLARE_FUNCTION (C_VerifyRecoverInit, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_VerifyRecover, (ck_session_handle_t session, unsigned char *signature, unsigned long signature_len, unsigned char *data, unsigned long *data_len)); _CK_DECLARE_FUNCTION (C_DigestEncryptUpdate, (ck_session_handle_t session, unsigned char *part, unsigned long part_len, unsigned char *encrypted_part, unsigned long *encrypted_part_len)); _CK_DECLARE_FUNCTION (C_DecryptDigestUpdate, (ck_session_handle_t session, unsigned char *encrypted_part, unsigned long encrypted_part_len, unsigned char *part, unsigned long *part_len)); _CK_DECLARE_FUNCTION (C_SignEncryptUpdate, (ck_session_handle_t session, unsigned char *part, unsigned long part_len, unsigned char *encrypted_part, unsigned long *encrypted_part_len)); _CK_DECLARE_FUNCTION (C_DecryptVerifyUpdate, (ck_session_handle_t session, unsigned char *encrypted_part, unsigned long encrypted_part_len, unsigned char *part, unsigned long *part_len)); _CK_DECLARE_FUNCTION (C_GenerateKey, (ck_session_handle_t session, struct ck_mechanism *mechanism, struct ck_attribute *templ, unsigned long count, ck_object_handle_t *key)); _CK_DECLARE_FUNCTION (C_GenerateKeyPair, (ck_session_handle_t session, struct ck_mechanism *mechanism, struct ck_attribute *public_key_template, unsigned long public_key_attribute_count, struct ck_attribute *private_key_template, unsigned long private_key_attribute_count, ck_object_handle_t *public_key, ck_object_handle_t *private_key)); _CK_DECLARE_FUNCTION (C_WrapKey, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t wrapping_key, ck_object_handle_t key, unsigned char *wrapped_key, unsigned long *wrapped_key_len)); _CK_DECLARE_FUNCTION (C_UnwrapKey, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t unwrapping_key, unsigned char *wrapped_key, unsigned long wrapped_key_len, struct ck_attribute *templ, unsigned long attribute_count, ck_object_handle_t *key)); _CK_DECLARE_FUNCTION (C_DeriveKey, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t base_key, struct ck_attribute *templ, unsigned long attribute_count, ck_object_handle_t *key)); _CK_DECLARE_FUNCTION (C_SeedRandom, (ck_session_handle_t session, unsigned char *seed, unsigned long seed_len)); _CK_DECLARE_FUNCTION (C_GenerateRandom, (ck_session_handle_t session, unsigned char *random_data, unsigned long random_len)); _CK_DECLARE_FUNCTION (C_GetFunctionStatus, (ck_session_handle_t session)); _CK_DECLARE_FUNCTION (C_CancelFunction, (ck_session_handle_t session)); struct ck_function_list { struct ck_version version; CK_C_Initialize C_Initialize; CK_C_Finalize C_Finalize; CK_C_GetInfo C_GetInfo; CK_C_GetFunctionList C_GetFunctionList; CK_C_GetSlotList C_GetSlotList; CK_C_GetSlotInfo C_GetSlotInfo; CK_C_GetTokenInfo C_GetTokenInfo; CK_C_GetMechanismList C_GetMechanismList; CK_C_GetMechanismInfo C_GetMechanismInfo; CK_C_InitToken C_InitToken; CK_C_InitPIN C_InitPIN; CK_C_SetPIN C_SetPIN; CK_C_OpenSession C_OpenSession; CK_C_CloseSession C_CloseSession; CK_C_CloseAllSessions C_CloseAllSessions; CK_C_GetSessionInfo C_GetSessionInfo; CK_C_GetOperationState C_GetOperationState; CK_C_SetOperationState C_SetOperationState; CK_C_Login C_Login; CK_C_Logout C_Logout; CK_C_CreateObject C_CreateObject; CK_C_CopyObject C_CopyObject; CK_C_DestroyObject C_DestroyObject; CK_C_GetObjectSize C_GetObjectSize; CK_C_GetAttributeValue C_GetAttributeValue; CK_C_SetAttributeValue C_SetAttributeValue; CK_C_FindObjectsInit C_FindObjectsInit; CK_C_FindObjects C_FindObjects; CK_C_FindObjectsFinal C_FindObjectsFinal; CK_C_EncryptInit C_EncryptInit; CK_C_Encrypt C_Encrypt; CK_C_EncryptUpdate C_EncryptUpdate; CK_C_EncryptFinal C_EncryptFinal; CK_C_DecryptInit C_DecryptInit; CK_C_Decrypt C_Decrypt; CK_C_DecryptUpdate C_DecryptUpdate; CK_C_DecryptFinal C_DecryptFinal; CK_C_DigestInit C_DigestInit; CK_C_Digest C_Digest; CK_C_DigestUpdate C_DigestUpdate; CK_C_DigestKey C_DigestKey; CK_C_DigestFinal C_DigestFinal; CK_C_SignInit C_SignInit; CK_C_Sign C_Sign; CK_C_SignUpdate C_SignUpdate; CK_C_SignFinal C_SignFinal; CK_C_SignRecoverInit C_SignRecoverInit; CK_C_SignRecover C_SignRecover; CK_C_VerifyInit C_VerifyInit; CK_C_Verify C_Verify; CK_C_VerifyUpdate C_VerifyUpdate; CK_C_VerifyFinal C_VerifyFinal; CK_C_VerifyRecoverInit C_VerifyRecoverInit; CK_C_VerifyRecover C_VerifyRecover; CK_C_DigestEncryptUpdate C_DigestEncryptUpdate; CK_C_DecryptDigestUpdate C_DecryptDigestUpdate; CK_C_SignEncryptUpdate C_SignEncryptUpdate; CK_C_DecryptVerifyUpdate C_DecryptVerifyUpdate; CK_C_GenerateKey C_GenerateKey; CK_C_GenerateKeyPair C_GenerateKeyPair; CK_C_WrapKey C_WrapKey; CK_C_UnwrapKey C_UnwrapKey; CK_C_DeriveKey C_DeriveKey; CK_C_SeedRandom C_SeedRandom; CK_C_GenerateRandom C_GenerateRandom; CK_C_GetFunctionStatus C_GetFunctionStatus; CK_C_CancelFunction C_CancelFunction; CK_C_WaitForSlotEvent C_WaitForSlotEvent; }; typedef ck_rv_t (*ck_createmutex_t) (void **mutex); typedef ck_rv_t (*ck_destroymutex_t) (void *mutex); typedef ck_rv_t (*ck_lockmutex_t) (void *mutex); typedef ck_rv_t (*ck_unlockmutex_t) (void *mutex); struct ck_c_initialize_args { ck_createmutex_t create_mutex; ck_destroymutex_t destroy_mutex; ck_lockmutex_t lock_mutex; ck_unlockmutex_t unlock_mutex; ck_flags_t flags; void *reserved; }; #define CKF_LIBRARY_CANT_CREATE_OS_THREADS (1 << 0) #define CKF_OS_LOCKING_OK (1 << 1) #define CKR_OK (0) #define CKR_CANCEL (1) #define CKR_HOST_MEMORY (2) #define CKR_SLOT_ID_INVALID (3) #define CKR_GENERAL_ERROR (5) #define CKR_FUNCTION_FAILED (6) #define CKR_ARGUMENTS_BAD (7) #define CKR_NO_EVENT (8) #define CKR_NEED_TO_CREATE_THREADS (9) #define CKR_CANT_LOCK (0xa) #define CKR_ATTRIBUTE_READ_ONLY (0x10) #define CKR_ATTRIBUTE_SENSITIVE (0x11) #define CKR_ATTRIBUTE_TYPE_INVALID (0x12) #define CKR_ATTRIBUTE_VALUE_INVALID (0x13) #define CKR_DATA_INVALID (0x20) #define CKR_DATA_LEN_RANGE (0x21) #define CKR_DEVICE_ERROR (0x30) #define CKR_DEVICE_MEMORY (0x31) #define CKR_DEVICE_REMOVED (0x32) #define CKR_ENCRYPTED_DATA_INVALID (0x40) #define CKR_ENCRYPTED_DATA_LEN_RANGE (0x41) #define CKR_FUNCTION_CANCELED (0x50) #define CKR_FUNCTION_NOT_PARALLEL (0x51) #define CKR_FUNCTION_NOT_SUPPORTED (0x54) #define CKR_KEY_HANDLE_INVALID (0x60) #define CKR_KEY_SIZE_RANGE (0x62) #define CKR_KEY_TYPE_INCONSISTENT (0x63) #define CKR_KEY_NOT_NEEDED (0x64) #define CKR_KEY_CHANGED (0x65) #define CKR_KEY_NEEDED (0x66) #define CKR_KEY_INDIGESTIBLE (0x67) #define CKR_KEY_FUNCTION_NOT_PERMITTED (0x68) #define CKR_KEY_NOT_WRAPPABLE (0x69) #define CKR_KEY_UNEXTRACTABLE (0x6a) #define CKR_MECHANISM_INVALID (0x70) #define CKR_MECHANISM_PARAM_INVALID (0x71) #define CKR_OBJECT_HANDLE_INVALID (0x82) #define CKR_OPERATION_ACTIVE (0x90) #define CKR_OPERATION_NOT_INITIALIZED (0x91) #define CKR_PIN_INCORRECT (0xa0) #define CKR_PIN_INVALID (0xa1) #define CKR_PIN_LEN_RANGE (0xa2) #define CKR_PIN_EXPIRED (0xa3) #define CKR_PIN_LOCKED (0xa4) #define CKR_SESSION_CLOSED (0xb0) #define CKR_SESSION_COUNT (0xb1) #define CKR_SESSION_HANDLE_INVALID (0xb3) #define CKR_SESSION_PARALLEL_NOT_SUPPORTED (0xb4) #define CKR_SESSION_READ_ONLY (0xb5) #define CKR_SESSION_EXISTS (0xb6) #define CKR_SESSION_READ_ONLY_EXISTS (0xb7) #define CKR_SESSION_READ_WRITE_SO_EXISTS (0xb8) #define CKR_SIGNATURE_INVALID (0xc0) #define CKR_SIGNATURE_LEN_RANGE (0xc1) #define CKR_TEMPLATE_INCOMPLETE (0xd0) #define CKR_TEMPLATE_INCONSISTENT (0xd1) #define CKR_TOKEN_NOT_PRESENT (0xe0) #define CKR_TOKEN_NOT_RECOGNIZED (0xe1) #define CKR_TOKEN_WRITE_PROTECTED (0xe2) #define CKR_UNWRAPPING_KEY_HANDLE_INVALID (0xf0) #define CKR_UNWRAPPING_KEY_SIZE_RANGE (0xf1) #define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT (0xf2) #define CKR_USER_ALREADY_LOGGED_IN (0x100) #define CKR_USER_NOT_LOGGED_IN (0x101) #define CKR_USER_PIN_NOT_INITIALIZED (0x102) #define CKR_USER_TYPE_INVALID (0x103) #define CKR_USER_ANOTHER_ALREADY_LOGGED_IN (0x104) #define CKR_USER_TOO_MANY_TYPES (0x105) #define CKR_WRAPPED_KEY_INVALID (0x110) #define CKR_WRAPPED_KEY_LEN_RANGE (0x112) #define CKR_WRAPPING_KEY_HANDLE_INVALID (0x113) #define CKR_WRAPPING_KEY_SIZE_RANGE (0x114) #define CKR_WRAPPING_KEY_TYPE_INCONSISTENT (0x115) #define CKR_RANDOM_SEED_NOT_SUPPORTED (0x120) #define CKR_RANDOM_NO_RNG (0x121) #define CKR_DOMAIN_PARAMS_INVALID (0x130) #define CKR_BUFFER_TOO_SMALL (0x150) #define CKR_SAVED_STATE_INVALID (0x160) #define CKR_INFORMATION_SENSITIVE (0x170) #define CKR_STATE_UNSAVEABLE (0x180) #define CKR_CRYPTOKI_NOT_INITIALIZED (0x190) #define CKR_CRYPTOKI_ALREADY_INITIALIZED (0x191) #define CKR_MUTEX_BAD (0x1a0) #define CKR_MUTEX_NOT_LOCKED (0x1a1) #define CKR_FUNCTION_REJECTED (0x200) #define CKR_VENDOR_DEFINED ((unsigned long) (1 << 31)) /* Compatibility layer. */ #ifdef CRYPTOKI_COMPAT #undef CK_DEFINE_FUNCTION #define CK_DEFINE_FUNCTION(retval, name) retval CK_SPEC name /* For NULL. */ #include typedef unsigned char CK_BYTE; typedef unsigned char CK_CHAR; typedef unsigned char CK_UTF8CHAR; typedef unsigned char CK_BBOOL; typedef unsigned long int CK_ULONG; typedef long int CK_LONG; typedef CK_BYTE *CK_BYTE_PTR; typedef CK_CHAR *CK_CHAR_PTR; typedef CK_UTF8CHAR *CK_UTF8CHAR_PTR; typedef CK_ULONG *CK_ULONG_PTR; typedef void *CK_VOID_PTR; typedef void **CK_VOID_PTR_PTR; #define CK_FALSE 0 #define CK_TRUE 1 #ifndef CK_DISABLE_TRUE_FALSE #ifndef FALSE #define FALSE 0 #endif #ifndef TRUE #define TRUE 1 #endif #endif typedef struct ck_version CK_VERSION; typedef struct ck_version *CK_VERSION_PTR; typedef struct ck_info CK_INFO; typedef struct ck_info *CK_INFO_PTR; typedef ck_slot_id_t *CK_SLOT_ID_PTR; typedef struct ck_slot_info CK_SLOT_INFO; typedef struct ck_slot_info *CK_SLOT_INFO_PTR; typedef struct ck_token_info CK_TOKEN_INFO; typedef struct ck_token_info *CK_TOKEN_INFO_PTR; typedef ck_session_handle_t *CK_SESSION_HANDLE_PTR; typedef struct ck_session_info CK_SESSION_INFO; typedef struct ck_session_info *CK_SESSION_INFO_PTR; typedef ck_object_handle_t *CK_OBJECT_HANDLE_PTR; typedef ck_object_class_t *CK_OBJECT_CLASS_PTR; typedef struct ck_attribute CK_ATTRIBUTE; typedef struct ck_attribute *CK_ATTRIBUTE_PTR; typedef struct ck_date CK_DATE; typedef struct ck_date *CK_DATE_PTR; typedef ck_mechanism_type_t *CK_MECHANISM_TYPE_PTR; typedef struct ck_mechanism CK_MECHANISM; typedef struct ck_mechanism *CK_MECHANISM_PTR; typedef struct ck_mechanism_info CK_MECHANISM_INFO; typedef struct ck_mechanism_info *CK_MECHANISM_INFO_PTR; typedef struct ck_function_list CK_FUNCTION_LIST; typedef struct ck_function_list *CK_FUNCTION_LIST_PTR; typedef struct ck_function_list **CK_FUNCTION_LIST_PTR_PTR; typedef struct ck_c_initialize_args CK_C_INITIALIZE_ARGS; typedef struct ck_c_initialize_args *CK_C_INITIALIZE_ARGS_PTR; #define NULL_PTR NULL /* Delete the helper macros defined at the top of the file. */ #undef ck_flags_t #undef ck_version #undef ck_info #undef cryptoki_version #undef manufacturer_id #undef library_description #undef library_version #undef ck_notification_t #undef ck_slot_id_t #undef ck_slot_info #undef slot_description #undef hardware_version #undef firmware_version #undef ck_token_info #undef serial_number #undef max_session_count #undef session_count #undef max_rw_session_count #undef rw_session_count #undef max_pin_len #undef min_pin_len #undef total_public_memory #undef free_public_memory #undef total_private_memory #undef free_private_memory #undef utc_time #undef ck_session_handle_t #undef ck_user_type_t #undef ck_state_t #undef ck_session_info #undef slot_id #undef device_error #undef ck_object_handle_t #undef ck_object_class_t #undef ck_hw_feature_type_t #undef ck_key_type_t #undef ck_certificate_type_t #undef ck_attribute_type_t #undef ck_attribute #undef value #undef value_len #undef ck_date #undef ck_mechanism_type_t #undef ck_mechanism #undef parameter #undef parameter_len #undef ck_mechanism_info #undef min_key_size #undef max_key_size #undef ck_rv_t #undef ck_notify_t #undef ck_function_list #undef ck_createmutex_t #undef ck_destroymutex_t #undef ck_lockmutex_t #undef ck_unlockmutex_t #undef ck_c_initialize_args #undef create_mutex #undef destroy_mutex #undef lock_mutex #undef unlock_mutex #undef reserved #endif /* CRYPTOKI_COMPAT */ /* System dependencies. */ #if defined(_WIN32) || defined(CRYPTOKI_FORCE_WIN32) #pragma pack(pop, cryptoki) #endif #if defined(__cplusplus) } #endif #endif /* PKCS11_H */ xca-RELEASE.2.2.1/lib/pki_key.h0000644000175000017500000000550513614632167015274 0ustar tewardteward/* * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_KEY_H #define __PKI_KEY_H #include #include #include #include #include #include #include "pki_base.h" #include "builtin_curves.h" #define MAX_KEY_LENGTH 4096 #define VIEW_public_keys_type 6 #define VIEW_public_keys_len 7 #define VIEW_public_keys_public 8 class pki_key: public pki_base { Q_OBJECT public: enum passType { ptCommon, ptPrivate, ptBogus, ptPin }; protected: enum passType ownPass; int key_size; bool isPub; EVP_PKEY *key; QString BN2QString(const BIGNUM *bn) const; QString BNoneLine(BIGNUM *bn) const; QByteArray SSH2publicQByteArray(bool raw=false) const; QByteArray X509_PUBKEY_public_key() const; void PEM_file_comment(XFile &file) const; private: BIGNUM *ssh_key_data2bn(QByteArray *ba) const; void ssh_key_check_chunk(QByteArray *ba, const char *expect) const; QByteArray ssh_key_next_chunk(QByteArray *ba) const; void ssh_key_QBA2data(const QByteArray &ba, QByteArray *data) const; void ssh_key_bn2data(const BIGNUM *bn, QByteArray *data) const; mutable int useCount; // usage counter public: pki_key(const QString name = ""); pki_key(const pki_key *pk); virtual ~pki_key(); static builtin_curves builtinCurves; void autoIntName(const QString &file); QString length() const; QString comboText() const; QString getKeyTypeString(void) const; virtual EVP_PKEY *decryptKey() const = 0; virtual bool isToken(); virtual QString getTypeString(void) const; virtual QList possibleHashNids(); QString getMsg(msg_type msg) const; void writePublic(XFile &file, bool pem) const; bool compare(const pki_base *ref) const; int getKeyType() const; bool isPrivKey() const; bool verify(EVP_PKEY *pkey) const; virtual bool verify_priv(EVP_PKEY *pkey) const; int getUcount() const; void setUcount(int c) { useCount = c; } enum passType getOwnPass(void) { return ownPass; } EVP_PKEY *getPubKey() { return key; } bool isPubKey() const { return isPub; } BIO *pem(BIO *, int); QVariant column_data(const dbheader *hd) const; QString modulus() const; QString pubEx() const; QString subprime() const; QString pubkey() const; int ecParamNid() const; QString ecPubKey() const; BIGNUM *ecPubKeyBN() const; void d2i(QByteArray &ba); void d2i_old(QByteArray &ba, int type); QByteArray i2d() const; EVP_PKEY *load_ssh2_key(XFile &file); void writeSSH2public(XFile &file) const; QString fingerprint(const QString &format) const; bool SSH2_compatible() const; void resetUcount() { useCount = -1; } QSqlError insertSqlData(); QSqlError deleteSqlData(); void restoreSql(const QSqlRecord &rec); }; Q_DECLARE_METATYPE(pki_key *); #endif xca-RELEASE.2.2.1/lib/pki_evp.h0000644000175000017500000000443413614632167015276 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_EVP_H #define __PKI_EVP_H #include #include #include #include #include #include #include "pki_key.h" #include "Passwd.h" #define VIEW_private_ownpass 9 class pki_evp: public pki_key { Q_OBJECT QByteArray encKey; void init(); QByteArray getEncKey() const; QString encKey_b64() { return QString::fromLatin1(encKey.toBase64()); } static QString _sha512passwd(QByteArray pass, QString salt, int size, int repeat); void set_EVP_PKEY(EVP_PKEY *pkey, QString name = QString()); protected: void openssl_pw_error(QString fname); public: static QPixmap *icon[2]; static QString passHash; static Passwd passwd; static Passwd oldpasswd; static QString md5passwd(QByteArray pass); static QString sha512passwd(QByteArray pass, QString salt); static QString sha512passwT(QByteArray pass, QString salt); void generate(int bits, int type, QProgressBar *progress); void generate(int bits, int type, QProgressBar *progress, int curve_nid); void setOwnPass(enum passType); pki_evp(const QString name = "", int type = EVP_PKEY_RSA); pki_evp(EVP_PKEY *pkey); void set_evp_key(EVP_PKEY *pkey); void encryptKey(const char *password = NULL); void bogusEncryptKey(); EVP_PKEY *decryptKey() const; EVP_PKEY *legacyDecryptKey(QByteArray &myencKey, Passwd &ownPassBuf) const; pki_evp(const pki_evp *pk); /* destructor */ virtual ~pki_evp(); EVP_PKEY *priv2pub(EVP_PKEY* key); static QString removeTypeFromIntName(QString n); void fromPEMbyteArray(const QByteArray &ba, const QString &name); void fload(const QString &fname); void writeDefault(const QString &dirname) const; void fromData(const unsigned char *p, db_header_t *head); void writeKey(XFile &file, const EVP_CIPHER *enc, pem_password_cb *cb, bool pem) const; void writePKCS8(XFile &file, const EVP_CIPHER *enc, pem_password_cb *cb, bool pem) const; bool verify_priv(EVP_PKEY *pkey) const; QVariant getIcon(const dbheader *hd) const; bool sqlUpdatePrivateKey(); QSqlError insertSqlData(); QSqlError deleteSqlData(); void restoreSql(const QSqlRecord &rec); }; #endif xca-RELEASE.2.2.1/lib/pki_pkcs12.h0000644000175000017500000000153113614632167015602 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_PKCS12_H #define __PKI_PKCS12_H #include #include #include #include #include #include #include "pki_evp.h" #include "pki_x509.h" class pki_pkcs12: public pki_base { Q_OBJECT friend class pki_x509; friend class pki_evp; protected: QString alias; pki_x509 *cert; pki_evp *key; STACK_OF(X509) *certstack; public: pki_pkcs12(const QString &d, pki_x509 *acert, pki_evp *akey); pki_pkcs12(const QString &fname); ~pki_pkcs12(); void addCaCert(pki_x509 *acert); pki_key *getKey(); pki_x509 *getCert(); pki_x509 *getCa(int x); int numCa(); // number of ca certs; void writePKCS12(XFile &file) const; }; #endif xca-RELEASE.2.2.1/lib/db_token.h0000644000175000017500000000111513614632167015417 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __DB_TOKEN_H #define __DB_TOKEN_H #include #include #include #include "pkcs11_lib.h" #include "db_base.h" class pki_scard; class db_token: public db_base { Q_OBJECT private: slotid slot; public: db_token(MainWindow *mw); bool setData(const QModelIndex &index, const QVariant &value, int role); void setSlot(slotid s) { slot = s; } void saveHeaderState(); void rename_token_in_database(pki_scard *token); }; #endif xca-RELEASE.2.2.1/lib/pki_scard.cpp0000644000175000017500000004616713614632167016144 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2009 -2014 Christian Hohnstaedt. * * All rights reserved. */ #include "pki_scard.h" #include "pass_info.h" #include "pk11_attribute.h" #include "exception.h" #include "db_base.h" #include "pkcs11.h" #include "x509name.h" #include "func.h" #include "db.h" #include "widgets/MainWindow.h" #include #include #include #include #include #include #include #include #include "openssl_compat.h" QPixmap *pki_scard::icon[1] = { NULL }; void pki_scard::init(void) { ownPass = ptPin; pkiType = smartCard; isPub = false; card_serial = card_manufacturer = card_label = ""; card_model = slot_label = ""; } pki_scard::pki_scard(const QString name) :pki_key(name) { init(); } QString pki_scard::getMsg(msg_type msg) const { /* * We do not construct english sentences from fragments * to allow proper translations. * * %1 will be replaced by the name of the smartcard */ switch (msg) { case msg_import: return tr("Successfully imported the token key '%1'"); case msg_delete: return tr("Delete the token key '%1'?"); case msg_create: return tr("Successfully created the token key '%1'"); /* %1: Number of ktemplates; %2: list of templatenames */ case msg_delete_multi: return tr("Delete the %1 keys: %2?"); } return pki_base::getMsg(msg); } QSqlError pki_scard::insertSqlData() { XSqlQuery q; QSqlError e = pki_key::insertSqlData(); if (e.isValid()) return e; SQL_PREPARE(q, "INSERT INTO tokens (item, card_manufacturer, card_serial, " "card_model, card_label, slot_label, " "object_id) " "VALUES (?, ?, ?, ?, ?, ?, ?)"); q.bindValue(0, sqlItemId); q.bindValue(1, card_manufacturer); q.bindValue(2, card_serial); q.bindValue(3, card_model); q.bindValue(4, card_label); q.bindValue(5, slot_label); q.bindValue(6, object_id); q.exec(); e = q.lastError(); if (e.isValid()) return e; SQL_PREPARE(q, "INSERT INTO token_mechanism (item, mechanism) " "VALUES (?, ?)"); q.bindValue(0, sqlItemId); foreach(CK_MECHANISM_TYPE m, mech_list) { q.bindValue(1, QVariant((uint)m)); q.exec(); } return q.lastError(); } void pki_scard::restoreSql(const QSqlRecord &rec) { pki_key::restoreSql(rec); card_manufacturer = rec.value(VIEW_tokens_card_manufacturer).toString(); card_serial = rec.value(VIEW_tokens_card_serial).toString(); card_model = rec.value(VIEW_tokens_card_model).toString(); card_label = rec.value(VIEW_tokens_card_label).toString(); slot_label = rec.value(VIEW_tokens_slot_label).toString(); object_id = rec.value(VIEW_tokens_object_id).toString(); card_manufacturer = rec.value(VIEW_tokens_card_manufacturer).toString(); isPub = false; qDebug() << card_manufacturer <data, os->length, NULL); pki_openssl_error(); EC_POINT *point = EC_POINT_bn2point(group, bn, NULL, NULL); BN_free(bn); ASN1_OCTET_STRING_free(os); pki_openssl_error(); EC_KEY_set_public_key(ec, point); pki_openssl_error(); pkey = EVP_PKEY_new(); EVP_PKEY_assign_EC_KEY(pkey, ec); break; } #endif default: throw errorEx(QString("Unsupported CKA_KEY_TYPE: %1\n").arg(keytype)); } pki_openssl_error(); return pkey; } void pki_scard::load_token(pkcs11 &p11, CK_OBJECT_HANDLE object) { tkInfo ti = p11.tokenInfo(); card_label = ti.label(); card_manufacturer = ti.manufacturerID(); card_serial = ti.serial(); card_model = ti.model(); pkiSource = token; isPub = false; pk11_attr_data id(CKA_ID); p11.loadAttribute(id, object); if (id.getAttribute()->ulValueLen > 0) { BIGNUM *cka_id = id.getBignum(); object_id = BNoneLine(cka_id); BN_free(cka_id); } try { pk11_attr_data label(CKA_LABEL); p11.loadAttribute(label, object); slot_label = label.getText(); } catch (errorEx &err) { qDebug() << "No PubKey Label:" << err.getString(); // ignore } if (slot_label.isEmpty()) { try{ x509name xn; pk11_attr_data subj(CKA_SUBJECT); p11.loadAttribute(subj, object); QByteArray der = subj.getData(); xn.d2i(der); slot_label = xn.getMostPopular(); pki_openssl_error(); } catch (errorEx &err) { qDebug() << "No Pubkey Subject:" << err.getString(); // ignore } } EVP_PKEY *pkey = load_pubkey(p11, object); if (pkey) { if (key) EVP_PKEY_free(key); key = pkey; } setIntName(slot_label); pki_openssl_error(); } pk11_attr_data pki_scard::getIdAttr() const { pk11_attr_data id(CKA_ID); if (object_id.isEmpty()) return id; BIGNUM *bn = NULL; BN_hex2bn(&bn, CCHAR(object_id)); id.setBignum(bn, true); return id; } void pki_scard::deleteFromToken() { slotid slot; if (!prepare_card(&slot)) return; deleteFromToken(slot); } pk11_attlist pki_scard::objectAttributesNoId(EVP_PKEY *pk, bool priv) const { QByteArray ba; RSA *rsa; DSA *dsa; #ifndef OPENSSL_NO_EC EC_KEY *ec; #endif const BIGNUM *n = NULL; const BIGNUM *e = NULL; const BIGNUM *p = NULL; const BIGNUM *q = NULL; const BIGNUM *g = NULL; pk11_attlist attrs(pk11_attr_ulong(CKA_CLASS, priv ? CKO_PRIVATE_KEY : CKO_PUBLIC_KEY)); switch (EVP_PKEY_type(EVP_PKEY_id(pk))) { case EVP_PKEY_RSA: rsa = EVP_PKEY_get0_RSA(pk); RSA_get0_key(rsa, &n, &e, NULL); attrs << pk11_attr_ulong(CKA_KEY_TYPE, CKK_RSA) << pk11_attr_data(CKA_MODULUS, n) << pk11_attr_data(CKA_PUBLIC_EXPONENT, e); break; case EVP_PKEY_DSA: dsa = EVP_PKEY_get0_DSA(pk); DSA_get0_pqg(dsa, &p, &q, &g); attrs << pk11_attr_ulong(CKA_KEY_TYPE, CKK_DSA) << pk11_attr_data(CKA_PRIME, p) << pk11_attr_data(CKA_SUBPRIME, q) << pk11_attr_data(CKA_BASE, g); break; #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: ec = EVP_PKEY_get0_EC_KEY(pk); ba = i2d_bytearray(I2D_VOID(i2d_ECPKParameters), EC_KEY_get0_group(ec)); attrs << pk11_attr_ulong(CKA_KEY_TYPE, CKK_EC) << pk11_attr_data(CKA_EC_PARAMS, ba); break; #endif default: throw errorEx(QString("Unknown Keytype %d") .arg(EVP_PKEY_type(EVP_PKEY_id(pk)))); } return attrs; } pk11_attlist pki_scard::objectAttributes(bool priv) const { pk11_attlist attrs = objectAttributesNoId(key, priv); attrs << getIdAttr(); return attrs; } void pki_scard::deleteFromToken(slotid slot) { pkcs11 p11; p11.startSession(slot, true); tkInfo ti = p11.tokenInfo(); if (!XCA_YESNO(tr("Delete the private key '%1' from the token '%2 (#%3)' ?"). arg(getIntName()).arg(ti.label()).arg(ti.serial()))) return; if (p11.tokenLogin(card_label, false).isNull()) return; pk11_attlist atts = objectAttributes(true); QList priv_objects = p11.objectList(atts); atts = objectAttributes(false); QList pub_objects = p11.objectList(atts); p11.deleteObjects(priv_objects); p11.deleteObjects(pub_objects); } int pki_scard::renameOnToken(slotid slot, QString name) { pkcs11 p11; p11.startSession(slot, true); QList objs; if (p11.tokenLogin(card_label, false).isNull()) return 0; pk11_attr_data label(CKA_LABEL, name.toUtf8()); /* Private key */ pk11_attlist attrs = objectAttributes(true); objs = p11.objectList(attrs); if (!objs.count()) return 0; p11.storeAttribute(label, objs[0]); /* Public key */ attrs = objectAttributes(false); objs = p11.objectList(attrs); if (objs.count()) p11.storeAttribute(label, objs[0]); return 1; } void pki_scard::store_token(slotid slot, EVP_PKEY *pkey) { QByteArray ba; RSA *rsa; DSA *dsa; #ifndef OPENSSL_NO_EC EC_KEY *ec; #endif pk11_attlist pub_atts; pk11_attlist priv_atts; QList objects; const BIGNUM *d = NULL; const BIGNUM *p = NULL; const BIGNUM *q = NULL; const BIGNUM *dmp1 = NULL; const BIGNUM *dmq1 = NULL; const BIGNUM *iqmp = NULL; const BIGNUM *priv_key = NULL; const BIGNUM *pub_key = NULL; pub_atts = objectAttributesNoId(pkey, false); priv_atts = objectAttributesNoId(pkey, true); pkcs11 p11; p11.startSession(slot, true); QList objs = p11.objectList(pub_atts); if (objs.count() == 0) objs = p11.objectList(priv_atts); if (objs.count() != 0) { XCA_INFO(tr("This Key is already on the token")); load_token(p11, objs[0]); return; } pk11_attr_data new_id = p11.findUniqueID(CKO_PUBLIC_KEY); pub_atts << new_id << pk11_attr_bool(CKA_TOKEN, true) << pk11_attr_data(CKA_LABEL, getIntName().toUtf8()) << pk11_attr_bool(CKA_PRIVATE, false) << pk11_attr_bool(CKA_WRAP, true) << pk11_attr_bool(CKA_ENCRYPT, true) << pk11_attr_bool(CKA_VERIFY, true); priv_atts << new_id << pk11_attr_bool(CKA_TOKEN, true) << pk11_attr_data(CKA_LABEL, desc.toUtf8()) << pk11_attr_bool(CKA_PRIVATE, true) << pk11_attr_bool(CKA_UNWRAP, true) << pk11_attr_bool(CKA_DECRYPT, true) << pk11_attr_bool(CKA_SIGN, true); switch (EVP_PKEY_type(EVP_PKEY_id(pkey))) { case EVP_PKEY_RSA: rsa = EVP_PKEY_get0_RSA(pkey); RSA_get0_key(rsa, NULL, NULL, &d); RSA_get0_factors(rsa, &p, &q); RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp); priv_atts << pk11_attr_data(CKA_PRIVATE_EXPONENT, d) << pk11_attr_data(CKA_PRIME_1, p) << pk11_attr_data(CKA_PRIME_2, q) << pk11_attr_data(CKA_EXPONENT_1, dmp1) << pk11_attr_data(CKA_EXPONENT_2, dmq1) << pk11_attr_data(CKA_COEFFICIENT, iqmp); break; case EVP_PKEY_DSA: dsa = EVP_PKEY_get0_DSA(pkey); DSA_get0_key(dsa, &pub_key, &priv_key); priv_atts << pk11_attr_data(CKA_VALUE, priv_key); pub_atts << pk11_attr_data(CKA_VALUE, pub_key); break; #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: { /* Public Key */ BIGNUM *point; int size; unsigned char *buf; ASN1_OCTET_STRING *os; ec = EVP_PKEY_get0_EC_KEY(pkey); point = EC_POINT_point2bn(EC_KEY_get0_group(ec), EC_KEY_get0_public_key(ec), EC_KEY_get_conv_form(ec), NULL, NULL); pki_openssl_error(); size = BN_num_bytes(point); buf = (unsigned char *)OPENSSL_malloc(size); check_oom(buf); BN_bn2bin(point, buf); os = ASN1_OCTET_STRING_new(); /* set0 -> ASN1_OCTET_STRING_free() also free()s buf */ ASN1_STRING_set0(os, buf, size); ba = i2d_bytearray(I2D_VOID(i2d_ASN1_OCTET_STRING), os); ASN1_OCTET_STRING_free(os); BN_free(point); pki_openssl_error(); pub_atts << pk11_attr_data(CKA_EC_POINT, ba); /* Private key */ priv_atts << pk11_attr_data(CKA_VALUE, EC_KEY_get0_private_key(ec)); break; } #endif default: throw errorEx(QString("Unknown Keytype %d") .arg(EVP_PKEY_id(pkey))); } tkInfo ti = p11.tokenInfo(); if (p11.tokenLogin(ti.label(), false).isNull()) throw errorEx(tr("PIN input aborted")); p11.createObject(pub_atts); p11.createObject(priv_atts); pub_atts.reset(); pub_atts = objectAttributesNoId(pkey, false); pub_atts << new_id; objs = p11.objectList(pub_atts); if (objs.count() == 0) throw errorEx(tr("Unable to find copied key on the token")); load_token(p11, objs[0]); } QList pki_scard::possibleHashNids() { QList nids; if (!Settings["only_token_hashes"]) return pki_key::possibleHashNids(); foreach(CK_MECHANISM_TYPE mechanism, mech_list) { switch (EVP_PKEY_type(getKeyType())) { case EVP_PKEY_RSA: switch (mechanism) { case CKM_MD5_RSA_PKCS: nids << NID_md5; break; case CKM_SHA1_RSA_PKCS: nids << NID_sha1; break; case CKM_SHA256_RSA_PKCS: nids << NID_sha256; break; case CKM_SHA384_RSA_PKCS: nids << NID_sha384; break; case CKM_SHA512_RSA_PKCS: nids << NID_sha512; break; case CKM_RIPEMD160_RSA_PKCS: nids << NID_ripemd160; break; } break; case EVP_PKEY_DSA: switch (mechanism) { case CKM_DSA_SHA1: nids << NID_sha1; break; } break; #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: switch (mechanism) { case CKM_ECDSA_SHA1: nids << NID_sha1; break; } break; #endif } } if (nids.count() == 0) { switch (EVP_PKEY_type(getKeyType())) { case EVP_PKEY_RSA: nids << NID_md5 << NID_sha1 << NID_sha256 << NID_sha384 << NID_sha512 << NID_ripemd160; break; case EVP_PKEY_DSA: #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: #endif nids << NID_sha1; break; } } return nids; } bool pki_scard::find_key_on_card(slotid *slot) const { pkcs11 p11; slotid sl; pk11_attlist cls(pk11_attr_ulong(CKA_CLASS, CKO_PUBLIC_KEY)); cls << getIdAttr(); foreach(sl, p11.getSlotList()) { p11.startSession(sl); foreach(CK_OBJECT_HANDLE object, p11.objectList(cls)) { EVP_PKEY *pkey = load_pubkey(p11, object); bool match = EVP_PKEY_cmp(key, pkey) == 1; EVP_PKEY_free(pkey); if (match) { *slot = sl; return true; } } } return false; } /* Assures the correct card is inserted and * returns the slot ID in slot true on success */ bool pki_scard::prepare_card(slotid *slot) const { if (!pkcs11::loaded()) return false; QString msg = tr("Please insert card: %1 %2 [%3] with Serial: %4"). arg(card_manufacturer).arg(card_model). arg(card_label).arg(card_serial); do { try { if (find_key_on_card(slot)) return true; } catch (errorEx &err) { qDebug() << "find_key_on_card:" << err.getString(); } catch (...) { qDebug() << "find_key_on_card exception"; } } while (XCA_OKCANCEL(msg)); return false; } class keygenThread: public QThread { public: errorEx err; pk11_attr_data id; QString name; int size; int curve_nid; int method; pkcs11 *p11; void run() { try { id = p11->generateKey(name, method, size, curve_nid); } catch (errorEx &e) { err = e; } } }; void pki_scard::generateKey_card(int type, slotid slot, int size, int curve_nid, QProgressBar *bar) { pk11_attlist atts; pkcs11 p11; p11.startSession(slot, true); p11.getRandom(); tkInfo ti = p11.tokenInfo(); if (p11.tokenLogin(ti.label(), false).isNull()) return; keygenThread kt; kt.name = getIntName(); kt.size = size; kt.curve_nid = curve_nid; switch (type) { case EVP_PKEY_RSA: kt.method = CKM_RSA_PKCS_KEY_PAIR_GEN; break; case EVP_PKEY_DSA: kt.method = CKM_DSA_KEY_PAIR_GEN; break; #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: kt.method = CKM_EC_KEY_PAIR_GEN; break; #endif default: throw errorEx(tr("Illegal Key generation method")); } kt.p11 = &p11; kt.start(); while (!kt.wait(20)) { inc_progress_bar(0, 0, bar); } if (!kt.err.isEmpty()) throw errorEx(kt.err); atts << pk11_attr_ulong(CKA_CLASS, CKO_PUBLIC_KEY) << kt.id; QList objects = p11.objectList(atts); if (objects.count() != 1) qCritical() << "OBJECTS found:" << objects.count(); if (objects.count() == 0) throw errorEx(tr("Unable to find generated key on card")); load_token(p11, objects[0]); } pki_scard::~pki_scard() { } void pki_scard::fromData(const unsigned char *p, db_header_t *head ) { int version, size; void *ptr = NULL; size = head->len - sizeof(db_header_t); version = head->version; QByteArray ba((const char*)p, size); card_serial = db::stringFromData(ba); card_manufacturer = db::stringFromData(ba); card_label = db::stringFromData(ba); slot_label = db::stringFromData(ba); card_model = db::stringFromData(ba); if (version < 2) card_model.clear(); object_id = db::stringFromData(ba); int count = db::intFromData(ba); mech_list.clear(); for (int i=0; i 0) { my_error(tr("Wrong Size %1").arg(ba.count())); } } QString pki_scard::getTypeString(void) const { return tr("Token %1").arg(pki_key::getTypeString()); } EVP_PKEY *pki_scard::decryptKey() const { slotid slot_id; QString pin, key_id; if (!prepare_card(&slot_id)) throw errorEx(tr("Failed to find the key on the token")); pkcs11 *p11 = new pkcs11(); p11->startSession(slot_id); pin = p11->tokenLogin(card_label, false); if (pin.isNull()) { delete p11; throw errorEx(tr("Invalid Pin for the token")); } pk11_attlist atts = objectAttributes(true); QList priv_objects = p11->objectList(atts); if (priv_objects.count() != 1) { delete p11; throw errorEx(tr("Failed to find the key on the token")); } EVP_PKEY *pkey = p11->getPrivateKey(key, priv_objects[0]); if (!pkey) { delete p11; throw errorEx(tr("Failed to initialize the key on the token")); } pki_openssl_error(); return pkey; } void pki_scard::changePin() { slotid slot; if (!prepare_card(&slot)) return; pkcs11 p11; p11.changePin(slot, false); } void pki_scard::changeSoPin() { slotid slot; if (!prepare_card(&slot)) return; pkcs11 p11; p11.changePin(slot, true); } void pki_scard::initPin() { slotid slot; if (!prepare_card(&slot)) return; pkcs11 p11; p11.initPin(slot); } int pki_scard::verify() { return true; } bool pki_scard::isToken() { return true; } QVariant pki_scard::getIcon(const dbheader *hd) const { return hd->id == HD_internal_name ? QVariant(*icon[0]) : QVariant(); } bool pki_scard::visible() const { QStringList sl; if (pki_base::visible()) return true; sl << card_serial << card_manufacturer << card_model << card_label << slot_label << object_id; foreach(QString s, sl) { if (s.contains(limitPattern)) return true; } return false; } void pki_scard::updateLabel(QString label) { XSqlQuery q; Transaction; if (slot_label == label) return; if (!TransBegin()) return; slot_label = label; SQL_PREPARE(q, "UPDATE tokens SET slot_label=? WHERE item=?"); q.bindValue(0, slot_label); q.bindValue(1, sqlItemId); q.exec(); AffectedItems(sqlItemId); TransCommit(); } xca-RELEASE.2.2.1/lib/func.cpp0000644000175000017500000003711513614632167015131 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #include #include "func.h" #include "exception.h" #include "lib/asn1time.h" #include "lib/settings.h" #include "widgets/validity.h" #include "widgets/XcaWarning.h" #include #include #include #include #include #include #if defined(Q_OS_MAC) #include #if QT_VERSION < 0x050000 #include #else #include #endif #endif #include #include #include #include #include #include #include #include #include #include #include #include #include #if defined(Q_OS_WIN32) #include #endif QString currentDB; QPixmap *loadImg(const char *name ) { return new QPixmap(QString(":") + name); } const QStringList getLibExtensions() { return QStringList { #if defined(Q_OS_WIN32) QString("*.dll"), QString("*.DLL"), #elif defined(Q_OS_MAC) QString("*.dylib"), QString("*.so"), #else QString("*.so"), #endif }; } int portable_app() { static int portable = -1; QString f1, f2; if (portable == -1) { #if defined(Q_OS_WIN32) char fname[512]; HKEY hKey; if (RegOpenKeyEx(HKEY_LOCAL_MACHINE, "Software\\xca", 0, KEY_READ, &hKey) == ERROR_SUCCESS) { unsigned char inst_dir[512]; ULONG len = sizeof inst_dir; if (RegQueryValueEx(hKey, "Install_Dir64", NULL, NULL, inst_dir, &len) == ERROR_SUCCESS) { f1 = QFileInfo(QString("%1\\xca.exe") .arg((char*)inst_dir)) .canonicalFilePath(); } } if (GetModuleFileName(0, fname, sizeof fname -1) > 0) { f2 = QFileInfo(QString(fname)).canonicalFilePath(); } /* f1 == f2 Registry entry of install dir exists and matches * path of this xca.exe -> Installed. Not the portable app */ portable = QDir::toNativeSeparators(f1) == QDir::toNativeSeparators(f2) ? 0 : 1; qDebug() << "Portable:" << QDir::toNativeSeparators(f1) << " != " << QDir::toNativeSeparators(f2); #else const char *p = getenv("XCA_PORTABLE"); portable = p && *p; #endif } return portable; } /* returns e.g. /usr/local/share/xca for unix systems * or HKEY_LOCAL_MACHINE->Software->xca for WIN32 * (e.g. c:\Program Files\xca ) */ const QString getPrefix() { #if defined(Q_OS_WIN32) static char inst_dir[512] = ""; char *p; ULONG dwLength = sizeof inst_dir; HKEY hKey; if (inst_dir[0] != '\0') { /* if we already once discovered the directory just return it */ return QString(inst_dir); } // fallback: directory of xca.exe GetModuleFileName(0, inst_dir, dwLength - 1); p = strrchr(inst_dir, '\\'); if (p) { *p = '\0'; return QString(inst_dir); } if (portable_app()) return QString(inst_dir); p = inst_dir; *p = '\0'; if (RegOpenKeyEx(HKEY_LOCAL_MACHINE, "Software\\xca", 0, KEY_READ, &hKey) != ERROR_SUCCESS) { XCA_WARN("Registry Key: 'HKEY_LOCAL_MACHINE\\Software\\xca' not found"); return QString(inst_dir); } if (RegQueryValueEx(hKey, "Install_Dir64", NULL, NULL, (unsigned char *)inst_dir, &dwLength) != ERROR_SUCCESS) { XCA_WARN("Registry Key: 'HKEY_LOCAL_MACHINE->Software->xca->Install_Dir' not found"); } RegCloseKey(hKey); return QString(inst_dir); #elif defined(Q_OS_MAC) // since this is platform-specific anyway, // this is a more robust way to get the bundle directory QDir bundleDir(qApp->applicationDirPath()); bundleDir.cdUp(); return bundleDir.canonicalPath() + "/Resources"; #else #ifndef XCA_PREFIX #define XCA_PREFIX PREFIX "/share/xca" #endif return QString(XCA_PREFIX); #endif } #if defined(Q_OS_WIN32) static QString specialFolder(int csidl) { LPITEMIDLIST pidl = NULL; TCHAR buf[255] = ""; if (SUCCEEDED(SHGetSpecialFolderLocation(NULL, csidl, &pidl))) SHGetPathFromIDList(pidl, buf); return QDir::toNativeSeparators(buf); } #endif const QString getHomeDir() { #if defined(Q_OS_WIN32) return portable_app() ? getPrefix() : specialFolder(CSIDL_PERSONAL); #else return QDir::homePath(); #endif } /* For portable APP remove leading file name if it is * the app directory. */ QString relativePath(QString path) { QFileInfo fi_path(path); QFileInfo fi_home(getHomeDir()); QString prefix = QDir::toNativeSeparators(fi_home.canonicalFilePath()); path = QDir::toNativeSeparators(fi_path.canonicalFilePath()); if (portable_app()) { if (path.startsWith(prefix)) path = path.mid(prefix.length()+1); } return path; } const QString getLibDir() { #if defined(Q_OS_WIN32) return specialFolder(CSIDL_SYSTEM); #else QString ulib = "/usr/lib/"; QString lib = "/lib/"; QString multi; QString hd = ulib; QFile f(ulib + "pkg-config.multiarch"); if (f.open(QIODevice::ReadOnly)) { QTextStream in(&f); multi = in.readLine(); if (!multi.isEmpty()) multi += "/"; } QStringList dirs; dirs << ulib + multi + "pkcs11/" << lib + multi + "pkcs11/" << ulib + "pkcs11/" << lib + "pkcs11/" << ulib + multi << lib + multi << ulib << lib; foreach(QString dir, dirs) { if (QDir(dir).exists()) { hd = dir; break; } } return QDir::toNativeSeparators(hd); #endif } const QString getDocDir() { #if defined(Q_OS_WIN32) return getPrefix() + "\\html"; #elif defined (Q_OS_MAC) return getPrefix(); #else return QString(DOCDIR); #endif } // The intent of this function is to return the proper location for // user-controlled settings on the current platform // i.e. PROFILE\Application Data\xca on windows, HOME/.xca on UNIX, // ~/Library/Preferences/xca on Mac OS X const QString getUserSettingsDir() { QString rv; #if defined(Q_OS_WIN32) rv = portable_app() ? getPrefix() + "/settings" : specialFolder(CSIDL_APPDATA) + "/xca"; #elif defined(Q_OS_MAC) #if QT_VERSION < 0x050000 rv = QDesktopServices::storageLocation(QDesktopServices::DataLocation); rv.insert(rv.count() - QCoreApplication::applicationName().count(), QCoreApplication::organizationName()); #else rv = QStandardPaths::writableLocation( QStandardPaths::GenericDataLocation) + "/data/" + QCoreApplication::organizationName() + "/" + QCoreApplication::applicationName(); #endif #else rv = QDir::homePath() + "/.xca"; #endif return QDir::toNativeSeparators(rv); } const QString getI18nDir() { #if defined(Q_OS_WIN32) return getPrefix() + "\\i18n"; #else return getPrefix(); #endif } // Qt's open and save dialogs result in some undesirable quirks. // This function makes sure that a filename has the user-selected extension. QString getFullFilename(const QString & filename, const QString & selectedFilter) { QString rv = filename.trimmed(), ext; QRegExp rx(".* \\( ?\\*(.[a-z]{1,3}) ?\\)"); rx.indexIn(selectedFilter); ext = rx.cap(1); if (!ext.isEmpty() && !rv.endsWith(ext)) { rv += ext; } return rv; } QByteArray filename2bytearray(const QString &fname) { #if defined(Q_OS_WIN32) return fname.toLocal8Bit(); #else return fname.toUtf8(); #endif } QString filename2QString(const char *fname) { #if defined(Q_OS_WIN32) return QString::fromLocal8Bit(fname); #else return QString::fromUtf8(fname); #endif } QString hostId() { static QString id; unsigned char guid[100] = "", md[SHA_DIGEST_LENGTH]; if (!id.isEmpty()) return id; #if defined(Q_OS_WIN32) #define REG_CRYPTO "SOFTWARE\\Microsoft\\Cryptography" #define REG_GUID "MachineGuid" ULONG dwGuid = sizeof guid; HKEY hKey; if (RegOpenKeyEx(HKEY_LOCAL_MACHINE, REG_CRYPTO, 0, KEY_READ, &hKey) != ERROR_SUCCESS) { XCA_WARN("Registry Key: '" REG_CRYPTO "' not found"); } else { if (RegQueryValueEx(hKey, REG_GUID, NULL, NULL, guid, &dwGuid) != ERROR_SUCCESS) { XCA_WARN("Registry Key: '" REG_CRYPTO "\\" REG_GUID "' not found"); } } RegCloseKey(hKey); #elif defined(Q_OS_MAC) io_registry_entry_t ioRegistryRoot = IORegistryEntryFromPath( kIOMasterPortDefault, "IOService:/"); CFStringRef uuidCf = (CFStringRef)IORegistryEntryCreateCFProperty( ioRegistryRoot, CFSTR(kIOPlatformUUIDKey), kCFAllocatorDefault, 0); snprintf((char*)guid, sizeof guid, "%s", CCHAR( QString::fromUtf16(CFStringGetCharactersPtr(uuidCf)) )); IOObjectRelease(ioRegistryRoot); CFRelease(uuidCf); #else QString mach_id; QStringList dirs; dirs << "/etc" << "/var/lib/dbus" << "/var/db/dbus"; foreach(QString dir, dirs) { QFile file(dir + "/machine-id"); if (file.open(QIODevice::ReadOnly)) { QTextStream in(&file); mach_id = in.readLine().trimmed(); file.close(); } qDebug() << "ID:" << mach_id; if (!mach_id.isEmpty()) { snprintf((char*)guid, sizeof guid, "%s", CCHAR(mach_id)); break; } } if (mach_id.isEmpty()) sprintf((char*)guid, "%ld", gethostid()); #endif guid[sizeof guid -1] = 0; SHA1(guid, strlen((char*)guid), md); id = QByteArray((char*)md, (int)sizeof md).toBase64().mid(0, 8); qDebug() << "GUID:" << guid << "ID:" << id; return id; } QString compressFilename(QString filename, int maxlen) { if (filename.length() < maxlen) return filename; QString fn = filename.replace("\\", "/"); int len, lastslash = fn.lastIndexOf('/'); QString base = filename.mid(lastslash); len = base.length(); len = maxlen - len -3; if (len < 0) return QString("...") + base.right(maxlen -3); fn = fn.left(len); lastslash = fn.lastIndexOf('/'); return filename.left(lastslash+1) + "..." + base; } QString asn1ToQString(const ASN1_STRING *str, bool quote) { QString qs; unsigned short *bmp; int i; if (!str) return qs; switch (str->type) { case V_ASN1_BMPSTRING: bmp = (unsigned short*)str->data; for (i = 0; i < str->length/2; i++) { unsigned short s = xntohs(bmp[i]); qs += QString::fromUtf16(&s, 1); } break; case V_ASN1_UTF8STRING: qs = QString::fromUtf8((const char*)str->data, str->length); break; case V_ASN1_T61STRING: qs = QString::fromLocal8Bit((const char*)str->data, str->length); break; default: qs = QString::fromLatin1((const char*)str->data, str->length); } #if 0 QString s; qDebug("Convert %s (%d %d) string to '%s' len %d:", ASN1_tag2str(str->type), str->type, V_ASN1_UTF8STRING, CCHAR(qs), str->length); for (int i=0; i< str->length; i++) s += QString(" %1").arg(str->data[i], 2, 16); qDebug() << s; #endif if (quote) qs.replace('\n', "\\n\\"); return qs; } /* returns an encoded ASN1 string from QString for a special nid*/ ASN1_STRING *QStringToAsn1(const QString s, int nid) { QByteArray ba = s.toUtf8(); const unsigned char *utf8 = (const unsigned char *)ba.constData(); unsigned long global_mask = ASN1_STRING_get_default_mask(); unsigned long mask = DIRSTRING_TYPE & global_mask; ASN1_STRING *out = NULL; ASN1_STRING_TABLE *tbl; tbl = ASN1_STRING_TABLE_get(nid); if (tbl) { mask = tbl->mask; if (!(tbl->flags & STABLE_NO_MASK)) mask &= global_mask; } ASN1_mbstring_copy(&out, utf8, -1, MBSTRING_UTF8, mask); openssl_error(QString("'%1' (%2)").arg(s).arg(OBJ_nid2ln(nid))); return out; } const char *OBJ_ln2sn(const char *ln) { return OBJ_nid2sn(OBJ_ln2nid(ln)); } const char *OBJ_sn2ln(const char *sn) { return OBJ_nid2ln(OBJ_sn2nid(sn)); } const char *OBJ_obj2sn(ASN1_OBJECT *a) { OBJ_obj2nid(a); openssl_error(); return OBJ_nid2sn(OBJ_obj2nid(a)); } QString OBJ_obj2QString(const ASN1_OBJECT *a, int no_name) { char buf[512]; int len; len = OBJ_obj2txt(buf, sizeof buf, a, no_name); openssl_error(); return QString::fromLatin1(buf, len); } QByteArray i2d_bytearray(int(*i2d)(const void*, unsigned char **), const void *data) { QByteArray ba; ba.resize(i2d(data, NULL)); unsigned char *p = (unsigned char*)ba.data(); i2d(data, &p); openssl_error(); return ba; } void *d2i_bytearray(void *(*d2i)(void *, unsigned char **, long), QByteArray &ba) { unsigned char *p, *p1; void *ret; p = p1 = (unsigned char *)ba.constData(); ret = d2i(NULL, &p1, ba.count()); ba = ba.mid(p1-p); openssl_error(); return ret; } void _openssl_error(const QString txt, const char *file, int line) { QString error; while (int i = ERR_get_error() ) { error += QString(ERR_error_string(i, NULL)) + "\n"; fputs(CCHAR(QString("OpenSSL error (%1:%2) : %3\n"). arg(file).arg(line).arg(ERR_error_string(i, NULL))), stderr); } if (!error.isEmpty()) { if (!txt.isEmpty()) error = txt + "\n" + error + "\n" + QString("(%1:%2)").arg(file).arg(line); throw errorEx(error); } } #undef PRINT_IGNORED_ANYWAY bool _ign_openssl_error(const QString txt, const char *file, int line) { // ignore openssl errors QString errtxt; #if PRINT_IGNORED_ANYWAY if (!txt.isEmpty() && ERR_peek_error()) qDebug() << txt; #else (void)txt; (void)file; (void)line; #endif while (int i = ERR_get_error() ) { errtxt = ERR_error_string(i, NULL); #if PRINT_IGNORED_ANYWAY qDebug() << QString("IGNORED (%1:%2) : %3\n") .arg(file).arg(line).arg(errtxt); #endif } return !errtxt.isEmpty(); } QString formatHash(const QByteArray &data, QString sep, int width) { return QString(data.toHex()).toUpper() .replace(QRegExp(QString("(.{%1})(?=.)").arg(width)), QString("\\1") + sep); } QByteArray Digest(const QByteArray &data, const EVP_MD *type) { unsigned int n; unsigned char m[EVP_MAX_MD_SIZE]; EVP_Digest(data.constData(), data.size(), m, &n, type, NULL); openssl_error(); return QByteArray((char*)m, (int)n); } QString fingerprint(const QByteArray &data, const EVP_MD *type) { return formatHash(Digest(data, type), Settings["fp_separator"], Settings["fp_digits"]); } void inc_progress_bar(int, int, void *p) { QProgressBar *bar = (QProgressBar *)p; int value = bar->value(); if (value == bar->maximum()) { bar->reset(); } else { bar->setValue(value +1); } } QMap dn_translations; void dn_translations_setup() { #define TRANS(nid, text) dn_translations[(nid)] = QObject::tr(text) TRANS(NID_countryName, "Country code"); TRANS(NID_stateOrProvinceName, "State or Province"); TRANS(NID_localityName, "Locality"); TRANS(NID_organizationName, "Organisation"); TRANS(NID_organizationalUnitName, "Organisational unit"); TRANS(NID_commonName, "Common name"); TRANS(NID_pkcs9_emailAddress, "E-Mail address"); TRANS(NID_serialNumber, "Serial number"); TRANS(NID_givenName, "Given name"); TRANS(NID_surname, "Surname"); TRANS(NID_title, "Title"); TRANS(NID_initials, "Initials"); TRANS(NID_description, "Description"); TRANS(NID_role, "Role"); TRANS(NID_pseudonym, "Pseudonym"); TRANS(NID_generationQualifier, "Generation Qualifier"); TRANS(NID_x500UniqueIdentifier, "x500 Unique Identifier"); TRANS(NID_name, "Name"); TRANS(NID_dnQualifier, "DN Qualifier"); TRANS(NID_pkcs9_unstructuredName, "Unstructured name"); TRANS(NID_pkcs9_challengePassword, "Challenge password"); TRANS(NID_basic_constraints, "Basic Constraints"); TRANS(NID_subject_alt_name, "Subject alternative name"); TRANS(NID_issuer_alt_name, "issuer alternative name"); TRANS(NID_subject_key_identifier, "Subject key identifier"); TRANS(NID_authority_key_identifier, "Authority key identifier"); TRANS(NID_key_usage, "Key usage"); TRANS(NID_ext_key_usage, "Extended key usage"); TRANS(NID_crl_distribution_points, "CRL distribution points"); TRANS(NID_info_access, "Authority information access"); TRANS(NID_netscape_cert_type, "Certificate type"); TRANS(NID_netscape_base_url, "Base URL"); TRANS(NID_netscape_revocation_url, "Revocation URL"); TRANS(NID_netscape_ca_revocation_url, "CA Revocation URL"); TRANS(NID_netscape_renewal_url, "Certificate renewal URL"); TRANS(NID_netscape_ca_policy_url, "CA policy URL"); TRANS(NID_netscape_ssl_server_name, "SSL server name"); TRANS(NID_netscape_comment, "Comment"); } QString appendXcaComment(QString current, QString msg) { if (!current.endsWith("\n") && !current.isEmpty()) current += "\n"; return current + QString("(%1)\n").arg(msg); } xca-RELEASE.2.2.1/lib/asn1int.h0000644000175000017500000000227513614632167015217 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __ASN1INTEGER_H #define __ASN1INTEGER_H #include #include class a1int { private: ASN1_INTEGER *in; ASN1_INTEGER *dup(const ASN1_INTEGER *a) const; a1int &setQString(const QString &s, int dec); QString toQString(int dec) const; public: a1int(); a1int(const ASN1_INTEGER *i); a1int(const a1int &a); a1int(long l); a1int(const QString &hex); ~a1int(); a1int &set(const ASN1_INTEGER *i); a1int &set(long l); QString toHex() const; QString toDec() const; a1int &setHex(const QString &s); a1int &setDec(const QString &s); a1int &setRaw(const unsigned char *data, unsigned len); long getLong() const; ASN1_INTEGER *get() const; const ASN1_INTEGER *get0() const; QByteArray i2d(); int derSize() const; a1int &operator ++ (void); a1int operator ++ (int); a1int &operator = (const a1int &a); a1int &operator = (long i); bool operator > (const a1int &a) const; bool operator < (const a1int &a) const; bool operator == (const a1int &a) const; bool operator != (const a1int &a) const; operator QString() const; }; #endif xca-RELEASE.2.2.1/lib/pki_x509super.h0000644000175000017500000000300213614632167016256 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_X509SUPER_H #define __PKI_X509SUPER_H #include #include #include "pki_key.h" #include "x509name.h" #include "x509v3ext.h" #define VIEW_x509super_keyid 6 class pki_x509name : public pki_base { protected: void PEM_file_comment(XFile &file) const; public: pki_x509name(const QString name = ""); virtual x509name getSubject() const = 0; void autoIntName(const QString &file); QVariant column_data(const dbheader *hd) const; bool visible() const; }; class pki_x509super : public pki_x509name { Q_OBJECT protected: QVariant keySqlId; virtual int sigAlg() const = 0; public: pki_x509super(const QString name = ""); virtual ~pki_x509super(); unsigned pubHash() const; virtual pki_key *getPubKey() const = 0; virtual extList getV3ext() const = 0; virtual QString getSigAlg() const; virtual const EVP_MD *getDigest(); static QPixmap *icon[1]; QVariant getKeySqlId() { return keySqlId; } pki_key *getRefKey() const; bool compareRefKey(pki_key* ref) const; void setRefKey(pki_key *ref); void delRefKey(pki_key *ref); QVariant column_data(const dbheader *hd) const; void opensslConf(QString fname); bool visible() const; bool hasPrivKey() const; QVariant getIcon(const dbheader *hd) const; QSqlError lookupKey(); QSqlError insertSqlData(); QSqlError deleteSqlData(); void restoreSql(const QSqlRecord &rec); }; #endif xca-RELEASE.2.2.1/lib/db_key.h0000644000175000017500000000204313614632167015070 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __DB_KEY_H #define __DB_KEY_H #include "db_base.h" #include "pki_key.h" #include #include class MainWindow; class QModelIndex; class QContextMenuEvent; class db_key: public db_base { Q_OBJECT protected: virtual dbheaderList getHeaders(); exportType::etype clipboardFormat(QModelIndexList indexes) const; public: db_key(MainWindow *mw); QList getUnusedKeys(); QList getAllKeys(); pki_base *newPKI(enum pki_type type = none); void inToCont(pki_base *pki); void remFromCont(const QModelIndex &idx); pki_base* insert(pki_base *item); void setOwnPass(QModelIndex idx, enum pki_key::passType); void loadContainer(); public slots: void newItem(); void newItem(QString name); void load(); void store(QModelIndex index); void showPki(pki_base *pki); signals: void delKey(pki_key *delkey); void newKey(pki_key *newkey); void keyDone(pki_key *nkey); }; #endif xca-RELEASE.2.2.1/lib/x509rev.h0000644000175000017500000000467713614632167015074 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __X509REV_H #define __X509REV_H #include #include #include #include #include #include "asn1time.h" #include "asn1int.h" #include "pki_base.h" class x509rev { private: a1int serial; a1time date, ivalDate; int reason_idx, crlNo; void set(const x509rev &x); X509_REVOKED *toREVOKED(bool withReason=true) const; void fromREVOKED(const X509_REVOKED *rev); public: operator QString() const; static QStringList crlreasons(); void d2i(QByteArray &ba); QByteArray i2d() const; QString getReason() const; bool identical(const x509rev &x) const; x509rev() { reason_idx = 0; date.setUndefined(); } x509rev(X509_REVOKED *n) { fromREVOKED(n); } x509rev(const x509rev &n) { set(n); } x509rev(QSqlRecord rec, int offset = 0); void executeQuery(XSqlQuery &q); bool isValid() const { return serial != a1int(0L) && !date.isUndefined(); } x509rev &set(const X509_REVOKED *r) { fromREVOKED(r); return *this; } bool operator == (const x509rev &x) const { return serial == x.serial; } x509rev &operator = (const x509rev &x) { set(x); return *this; } void setSerial(const a1int &i) { serial = i; } void setDate(const a1time &t) { date = t; } void setInvalDate(const a1time &t) { ivalDate = t; } void setReason(const QString &reason) { reason_idx = crlreasons().indexOf(reason); } void setCrlNo(int n) { crlNo = n; } a1int getSerial() const { return serial; } a1time getDate() const { return date; } a1time getInvalDate() const { return ivalDate; } int getCrlNo() const { return crlNo; } X509_REVOKED *get(bool withReason=true) const { return toREVOKED(withReason); } }; class x509revList : public QList { public: static x509revList fromSql(QVariant caId); bool merged; QByteArray toBA(); void fromBA(QByteArray &ba); void merge(const x509revList &other); bool identical(const x509revList &other) const; x509revList() : QList() { merged = false; } x509revList(const x509revList &r) : QList(r) { merged = r.merged; } x509revList(const x509rev &r) : QList() { if (r.isValid()) { merged = false; append(r); } } bool sqlUpdate(QVariant caId); }; #endif xca-RELEASE.2.2.1/lib/pki_crl.cpp0000644000175000017500000002176313614632167015623 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "pki_crl.h" #include "func.h" #include "exception.h" #include "db_base.h" #include #include "openssl_compat.h" QPixmap *pki_crl::icon = NULL; pki_crl::pki_crl(const QString name ) :pki_x509name(name) { crl = X509_CRL_new(); pki_openssl_error(); pkiType=revocation; } pki_x509 *pki_crl::getIssuer() const { return db_base::lookupPki(issuerSqlId); } QString pki_crl::getIssuerName() const { pki_x509 *issuer = getIssuer(); return issuer ? issuer->getIntName() : QString(); } void pki_crl::setIssuer(pki_x509 *iss) { issuerSqlId = iss ? iss->getSqlItemId() : QVariant(); } void pki_crl::fromPEM_BIO(BIO *bio, const QString &name) { X509_CRL *_crl; _crl = PEM_read_bio_X509_CRL(bio, NULL, NULL, NULL); openssl_error(name); X509_CRL_free(crl); crl = _crl; } QString pki_crl::getMsg(msg_type msg) const { /* * We do not construct english sentences from fragments * to allow proper translations. * * %1 will be replaced by the internal name of the CRL */ switch (msg) { case msg_import: return tr("Successfully imported the revocation list '%1'"); case msg_delete: return tr("Delete the revocation list '%1'?"); case msg_create: return tr("Successfully created the revocation list '%1'"); /* %1: Number of CRLs; %2: list of CRL names */ case msg_delete_multi: return tr("Delete the %1 revocation lists: %2?"); } return pki_base::getMsg(msg); } QSqlError pki_crl::lookupIssuer() { XSqlQuery q; unsigned name_hash = getSubject().hashNum(); SQL_PREPARE(q, "SELECT x509super.item FROM x509super " "JOIN certs ON certs.item = x509super.item " "WHERE x509super.subj_hash=? AND certs.ca=1"); q.bindValue(0, name_hash); q.exec(); if (q.lastError().isValid()) return q.lastError(); while (q.next()) { pki_x509 *x = db_base::lookupPki(q.value(0)); if (!x) { qDebug("CA certificate with id %d not found", q.value(0).toInt()); continue; } verify(x); } return q.lastError(); } QSqlError pki_crl::insertSqlData() { QSqlError e = lookupIssuer(); if (e.isValid()) return e; XSqlQuery q; SQL_PREPARE(q, "INSERT INTO crls (item, hash, num, iss_hash, issuer, crl) " "VALUES (?, ?, ?, ?, ?, ?)"); q.bindValue(0, sqlItemId); q.bindValue(1, hash()); q.bindValue(2, numRev()); q.bindValue(3, (uint)getSubject().hashNum()); q.bindValue(4, issuerSqlId); q.bindValue(5, i2d_b64()); q.exec(); return q.lastError(); } void pki_crl::restoreSql(const QSqlRecord &rec) { pki_base::restoreSql(rec); QByteArray ba = QByteArray::fromBase64( rec.value(VIEW_crls_crl).toByteArray()); d2i(ba); setIssuer(db_base::lookupPki(rec.value(VIEW_crls_issuer))); } QSqlError pki_crl::deleteSqlData() { XSqlQuery q; QSqlError e; SQL_PREPARE(q, "DELETE FROM crls WHERE item=?"); q.bindValue(0, sqlItemId); q.exec(); return q.lastError(); } void pki_crl::fload(const QString &fname) { X509_CRL *_crl; XFile file(fname); file.open_read(); _crl = PEM_read_X509_CRL(file.fp(), NULL, NULL, NULL); if (!_crl) { pki_ign_openssl_error(); file.retry_read(); _crl = d2i_X509_CRL_fp(file.fp(), NULL); } if (pki_ign_openssl_error() || !_crl) { if (_crl) X509_CRL_free(_crl); throw errorEx(tr("Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL.").arg(fname)); } X509_CRL_free(crl); crl = _crl; } QString pki_crl::getSigAlg() const { return QString(OBJ_nid2ln(X509_CRL_get_signature_nid(crl))); } void pki_crl::createCrl(const QString d, pki_x509 *iss) { setIntName(d); if (!iss) my_error(tr("No issuer given")); X509_CRL_set_version(crl, 1); /* version 2 CRL */ X509_CRL_set_issuer_name(crl, (X509_NAME*)iss->getSubject().get0()); setIssuer(iss); pki_openssl_error(); } a1int pki_crl::getVersion() { return a1int(X509_CRL_get_version(crl)); } void pki_crl::setLastUpdate(const a1time &a) { a1time t(a); X509_CRL_set_lastUpdate(crl, t.get_utc()); pki_openssl_error(); } void pki_crl::setNextUpdate(const a1time &a) { a1time t(a); X509_CRL_set_nextUpdate(crl, t.get_utc()); pki_openssl_error(); } pki_crl::~pki_crl() { X509_CRL_free(crl); pki_openssl_error(); } void pki_crl::d2i(QByteArray &ba) { X509_CRL *c = (X509_CRL*)d2i_bytearray(D2I_VOID(d2i_X509_CRL), ba); pki_openssl_error(); if (c) { X509_CRL_free(crl); crl = c; } pki_openssl_error(); } QByteArray pki_crl::i2d() const { return i2d_bytearray(I2D_VOID(i2d_X509_CRL), crl); } void pki_crl::fromData(const unsigned char *p, db_header_t *head) { int size; size = head->len - sizeof(db_header_t); QByteArray ba((const char*)p, size); d2i(ba); if (ba.count() > 0) { my_error(tr("Wrong Size %1").arg(ba.count())); } } void pki_crl::addRev(const x509rev &xrev, bool withReason) { X509_CRL_add0_revoked(crl, xrev.get(withReason)); pki_openssl_error(); } void pki_crl::addV3ext(const x509v3ext &e) { X509_EXTENSION *ext = e.get(); X509_CRL_add_ext(crl, ext, -1); X509_EXTENSION_free(ext); pki_openssl_error(); } extList pki_crl::extensions() const { extList el; el.setStack(X509_CRL_get0_extensions(crl)); pki_openssl_error(); return el; } bool pki_crl::visible() const { if (pki_x509name::visible()) return true; if (getSigAlg().contains(limitPattern)) return true; return extensions().search(limitPattern); } void pki_crl::sign(pki_key *key, const EVP_MD *md) { EVP_PKEY *pkey; if (!key || key->isPubKey()) return; X509_CRL_sort(crl); pkey = key->decryptKey(); X509_CRL_sign(crl, pkey, md); EVP_PKEY_free(pkey); pki_openssl_error(); } void pki_crl::writeDefault(const QString &dirname) const { XFile file(get_dump_filename(dirname, ".crl")); file.open_write(); writeCrl(file, true); } void pki_crl::writeCrl(XFile &file, bool pem) const { if (pem) { PEM_file_comment(file); PEM_write_X509_CRL(file.fp(), crl); } else { i2d_X509_CRL_fp(file.fp(), crl); } pki_openssl_error(); } BIO *pki_crl::pem(BIO *b, int format) { (void)format; if (!b) b = BIO_new(BIO_s_mem()); PEM_write_bio_X509_CRL(b, crl); return b; } a1time pki_crl::getLastUpdate() const { return a1time(X509_CRL_get0_lastUpdate(crl)); } a1time pki_crl::getNextUpdate() const { return a1time(X509_CRL_get0_nextUpdate(crl)); } int pki_crl::numRev() const { STACK_OF(X509_REVOKED) *st = X509_CRL_get_REVOKED(crl); return st ? sk_X509_REVOKED_num(st) : 0; } x509revList pki_crl::getRevList() { x509revList ret; int i, num = numRev(); STACK_OF(X509_REVOKED) *st = X509_CRL_get_REVOKED(crl); for (i=0; igetSubject()) return false; pki_key *key = issuer->getPubKey(); if (!key) return false; int ret = X509_CRL_verify(crl, key->getPubKey()); pki_ign_openssl_error(); if (ret != 1) { delete key; return false; } delete key; pki_x509 *curr = getIssuer(); if (curr && curr->getNotAfter() > issuer->getNotAfter()) return true; setIssuer(issuer); return true; } void pki_crl::setCrlNumber(a1int num) { ASN1_INTEGER *tmpser = num.get(); pki_openssl_error(); X509_CRL_add1_ext_i2d(crl, NID_crl_number, tmpser, 0, 0); ASN1_INTEGER_free(tmpser); pki_openssl_error(); } a1int pki_crl::getCrlNumber() const { a1int num; if (!getCrlNumber(&num)) num.set(0L); return num; } bool pki_crl::getCrlNumber(a1int *num) const { int j; ASN1_INTEGER *i; i = (ASN1_INTEGER *)X509_CRL_get_ext_d2i(crl, NID_crl_number, &j, NULL); pki_openssl_error(); if (j == -1) return false; num->set(i); ASN1_INTEGER_free(i); return true; } x509v3ext pki_crl::getExtByNid(int nid) { extList el = extensions(); x509v3ext e; for (int i=0; i< el.count(); i++){ if (el[i].nid() == nid) return el[i]; } return e; } QString pki_crl::printV3ext() { QString text = extensions().getHtml("
"); pki_openssl_error(); return text; } QVariant pki_crl::column_data(const dbheader *hd) const { switch (hd->id) { case HD_crl_signer: return QVariant(getIssuerName()); case HD_crl_revoked: return QVariant(numRev()); case HD_crl_crlnumber: a1int a; if (getCrlNumber(&a)) return QVariant(a.toDec()); return QVariant(); } return pki_x509name::column_data(hd); } a1time pki_crl::column_a1time(const dbheader *hd) const { switch (hd->id) { case HD_crl_lastUpdate: return getLastUpdate(); case HD_crl_nextUpdate: return getNextUpdate(); } return pki_base::column_a1time(hd); } QVariant pki_crl::getIcon(const dbheader *hd) const { return hd->id == HD_internal_name ? QVariant(*icon) : QVariant(); } QStringList pki_crl::icsVEVENT() const { return pki_base::icsVEVENT(getNextUpdate(), tr("Renew CRL: %1").arg(getIntName()), tr("The XCA CRL '%1', issued by the CA '%2' on %3 will expire on %4.\n" "It is stored in the XCA database '%5'") .arg(getIntName()) .arg(getIssuerName()) .arg(getLastUpdate().toPretty()) .arg(getNextUpdate().toPretty()) .arg(currentDB) ); } xca-RELEASE.2.2.1/lib/exception.h0000644000175000017500000000162413614632167015635 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2012 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_EXCEPTION_H #define __PKI_EXCEPTION_H #include #include #include "base.h" #define E_PASSWD 1 class errorEx { private: QString msg; public: int info; errorEx(QString txt = "", QString className = "", int inf = 0) { msg = txt; if (!className.isEmpty()) msg += " (" + className + ")"; info = inf; } errorEx(const errorEx &e) { msg = e.msg; info = e.info; } void appendString(QString s) { msg = msg + " " + s; } QString getString() const { return msg; } const char *getCString() const { return msg.toLatin1(); } bool isEmpty() const { return msg.isEmpty(); } }; #define check_oom(ptr) \ if(!ptr) { \ throw errorEx(QObject::tr("Out of Memory at %1:%2").\ arg(C_FILE).arg(__LINE__)); \ } #endif xca-RELEASE.2.2.1/lib/settings.cpp0000644000175000017500000000660513614632167016036 0ustar tewardteward#include "settings.h" #include "func.h" #include "sql.h" #include "widgets/hashBox.h" #include "widgets/NewKey.h" #include #include #include settings Settings; svalue::svalue(settings *s, const QString &k) { setting = s; key = k; } QString svalue::get() const { return setting ? setting->get(key) : QString(); } void svalue::set(const QString &val) { if (setting) setting->set(key, val); } settings::settings() { defaul["mandatory_dn"] = ""; defaul["explicit_dn"] = "C,ST,L,O,OU,CN,emailAddress"; defaul["string_opt"] = "MASK:0x2002"; defaul["workingdir"] = getHomeDir(); defaul["default_hash"] = hashBox::getDefault(); defaul["ical_expiry"] = "1W"; defaul["cert_expiry"] = "80%"; defaul["serial_len"] = "64"; defaul["fp_separator"] = ":"; defaul["fp_digits"] = "2"; hostspecific << "pkcs11path" << "workingdir" << "mw_geometry"; clear(); } void settings::clear() { loaded = false; values.clear(); db_keys.clear(); foreach(QString key, defaul.keys()) setAction(key, defaul[key]); } void settings::setAction(const QString &key, const QString &value) { qDebug() << "Settings::setAction(" << key << ", " << value << ")"; if (key == "string_opt") ASN1_STRING_set_default_mask_asc((char*)CCHAR(value)); else if (key == "default_hash") hashBox::setDefault(value); else if (key == "defaultkey") NewKey::setDefault(value); else if (key == "optionflags") { XSqlQuery q; Transaction; if (!TransBegin()) return; SQL_PREPARE(q, "DELETE FROM settings where key_='optionflags'"); q.exec(); foreach(QString flag, value.split(",")) { if (flag == "dont_colorize_expiries") flag = "no_expire_colors"; setAction(flag, "yes"); } TransCommit(); return; } values[key] = value; } QString settings::defaults(const QString &key) { return defaul[key]; } void settings::load_settings() { if (loaded || !QSqlDatabase::database().isOpen()) return; XSqlQuery q("SELECT key_, value FROM settings"); while (q.next()) { QString key = q.value(0).toString().simplified(); QString value = q.value(1).toString(); QStringList l = key.split(":"); if (l.size() == 2 && l[1] != hostId()) continue; // Skip key with non-matching host ID if (l[0] == "workingdir" && !QDir(value).exists()) continue; // Skip non-existing working-dir db_keys << key; // Key with host ID setAction(l[0], value); // Key without host ID } loaded = true; } QString settings::get(QString key) { // const QString schema = "schema"; load_settings(); if (key == "schema" && QSqlDatabase::database().isOpen()) { XSqlQuery q("SELECT value FROM settings WHERE key_='schema'"); if (q.first()) setAction("schema", q.value(0).toString()); } return values.contains(key) ? values[key] : QString(); } void settings::set(QString key, QString value) { XSqlQuery q; load_settings(); QString origkey = key; if (key == "workingdir") { if (!QDir(value).exists()) return; value = relativePath(value); } if (hostspecific.contains(key)) key += QString(":%1").arg(hostId()); if (db_keys.contains(key) && values[origkey] == value) return; Transaction; if (!TransBegin()) return; if (db_keys.contains(key)) { SQL_PREPARE(q, "UPDATE settings SET value=? WHERE key_=?"); } else { SQL_PREPARE(q, "INSERT INTO settings (value, key_) VALUES (?,?)"); db_keys << key; } q.bindValue(0, value); q.bindValue(1, key); q.exec(); setAction(origkey, value); TransCommit(); } xca-RELEASE.2.2.1/lib/db_crl.cpp0000644000175000017500000001754513614632167015430 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "db_crl.h" #include "exception.h" #include "widgets/MainWindow.h" #include "widgets/CrlDetail.h" #include "widgets/NewCrl.h" #include #include #include "widgets/XcaDialog.h" #include "widgets/ItemCombo.h" #include "ui_NewCrl.h" db_crl::db_crl(MainWindow *mw) :db_x509name(mw) { class_name = "crls"; sqlHashTable = "crls"; pkitype << revocation; pkitype_depends << x509; updateHeaders(); loadContainer(); } dbheaderList db_crl::getHeaders() { dbheaderList h = db_x509name::getHeaders(); h << new dbheader(HD_crl_signer, true, tr("Signer"), tr("Internal name of the signer")) << new num_dbheader(HD_crl_revoked, true, tr("No. revoked"), tr("Number of revoked certificates")) << new date_dbheader(HD_crl_lastUpdate,false, tr("Last update")) << new date_dbheader(HD_crl_nextUpdate, true, tr("Next update")) << new num_dbheader(HD_crl_crlnumber, false, tr("CRL number")); return h; } pki_base *db_crl::newPKI(enum pki_type type) { (void)type; return new pki_crl(); } void db_crl::load() { load_crl l; load_default(l); } void db_crl::revokeCerts(pki_crl *crl) { x509revList revlist; if (!mainwin->certs) return; pki_x509 *signer = crl->getIssuer(); if (!signer) return; revlist = crl->getRevList(); signer->mergeRevList(revlist); foreach(x509rev revok, revlist) { pki_x509 *crt = signer->getBySerial(revok.getSerial()); if (crt) crt->setRevoked(revok); } } void db_crl::removeSigner(pki_base *signer) { FOR_ALL_pki(crl, pki_crl) { if (crl->getIssuer() == signer) { crl->setIssuer(NULL); } } } void db_crl::inToCont(pki_base *pki) { pki_crl *crl = static_cast(pki); unsigned hash = crl->getSubject().hashNum(); QList items; items = sqlSELECTpki( "SELECT x509super.item FROM x509super " "JOIN certs ON certs.item = x509super.item " "WHERE x509super.subj_hash=? AND certs.ca=1", QList() << QVariant(hash)); foreach(pki_x509 *x, items) { qDebug() << "Possible Crl issuer:" << x->getIntName(); crl->verify(x); } db_base::inToCont(pki); } pki_base *db_crl::insert(pki_base *item) { pki_crl *crl = static_cast(item); pki_crl *oldcrl = dynamic_cast(getByReference(crl)); if (oldcrl) { XCA_INFO(tr("The revocation list already exists in the database as:\n'%1'\nand so it was not imported").arg(oldcrl->getIntName())); delete(crl); return NULL; } Transaction; if (TransBegin()) { insertPKI(crl); revokeCerts(crl); TransCommit(); } return crl; } void db_crl::showPki(pki_base *pki) { pki_crl *crl = dynamic_cast(pki); if (!crl) return; CrlDetail *dlg = new CrlDetail(mainwin); if (!dlg) return; dlg->setCrl(crl); connect(dlg->issuerIntName, SIGNAL(doubleClicked(QString)), mainwin->certs, SLOT(showItem(QString))); connect(mainwin->certs, SIGNAL(pkiChanged(pki_base*)), dlg, SLOT(itemChanged(pki_base*))); if (dlg->exec()) { QString newname = dlg->descr->text(); QString newcomment = dlg->comment->toPlainText(); if (newname != pki->getIntName() || newcomment != pki->getComment()) { updateItem(pki, newname, newcomment); } } delete dlg; } void db_crl::store(QModelIndex index) { QList types; if (!index.isValid()) return; pki_crl *crl = static_cast(index.internalPointer()); if (!crl) return; types << exportType(exportType::PEM, "pem", "PEM") << exportType(exportType::DER, "der", "DER") << exportType(exportType::vcalendar, "ics", "vCalendar"); ExportDialog *dlg = new ExportDialog(mainwin, tr("Revocation list export"), tr("CRL ( *.pem *.der *.crl )"), crl, MainWindow::revImg, types); if (!dlg->exec()) { delete dlg; return; } try { XFile file(dlg->filename->text()); pki_base::pem_comment = dlg->pemComment->isChecked(); file.open_key(); if (dlg->type() == exportType::vcalendar) { writeVcalendar(file, crl->icsVEVENT()); } else { crl->writeCrl(file, dlg->type() == exportType::PEM); } } catch (errorEx &err) { mainwin->Error(err); } pki_base::pem_comment = false; delete dlg; } #if 0 void db_crl::updateRevocations(pki_x509 *cert) { x509name issname = cert->getSubject(); x509revList revlist; pki_crl *latest = NULL; FOR_ALL_pki(crl, pki_crl) { if (!(issname == crl->getSubject())) continue; pki_key *key = cert->getPubKey(); if (!key) continue; if (!crl->verify(key)) { delete key; continue; } delete key; pki_x509 *old = crl->getIssuer(); if (!old) { crl->setIssuer(cert); } else if (old != cert) { if (old->getNotAfter() < cert->getNotAfter()) crl->setIssuer(cert); } if (!latest || (latest->getCrlNumber() < crl->getCrlNumber())) latest = crl; } if (latest) { revlist = latest->getRevList(); cert->mergeRevList(revlist); cert->setCrlNumber(latest->getCrlNumber()); } } #endif void db_crl::newItem() { QList cas = mainwin->certs->getAllIssuers(); pki_x509 *ca = NULL; switch (cas.size()) { case 0: XCA_INFO(tr("There are no CA certificates for CRL generation")); return; case 1: ca = cas[0]; break; default: { itemComboCert *c = new itemComboCert(NULL); XcaDialog *d = new XcaDialog(mainwin, revocation, c, tr("Select CA certificate"), QString()); c->insertPkiItems(cas); if (!d->exec()) { delete d; return; } ca = c->currentPkiItem(); delete d; } } newItem(ca); } void db_crl::newItem(pki_x509 *cert) { if (!cert) return; pki_crl *crl = NULL; NewCrl *widget = new NewCrl(NULL, cert); XcaDialog *dlg = new XcaDialog(mainwin, revocation, widget, tr("Create CRL"), QString()); if (!dlg->exec()) { delete dlg; return; } QSqlDatabase db = QSqlDatabase::database(); try { x509v3ext e; X509V3_CTX ext_ctx; X509V3_set_ctx(&ext_ctx, cert->getCert(), NULL, NULL, NULL, 0); X509V3_set_ctx_nodb(&ext_ctx); XSqlQuery q; crl = new pki_crl(); crl->createCrl(cert->getIntName(), cert); crl->pkiSource = generated; bool withReason = widget->revocationReasons->isChecked(); foreach(x509rev rev, cert->getRevList()) crl->addRev(rev, withReason); if (widget->authKeyId->isChecked()) { crl->addV3ext(e.create(NID_authority_key_identifier, "keyid,issuer", &ext_ctx)); } if (widget->subAltName->isChecked()) { if (cert->hasExtension(NID_subject_alt_name)) { crl->addV3ext(e.create(NID_issuer_alt_name, "issuer:copy", &ext_ctx)); } } if (widget->setCrlNumber->isChecked()) { a1int num; num.setDec(widget->crlNumber->text()); crl->setCrlNumber(num); cert->setCrlNumber(num); } crl->setIssuer(cert); crl->setLastUpdate(widget->lastUpdate->getDate()); crl->setNextUpdate(widget->nextUpdate->getDate()); crl->sign(cert->getRefKey(), widget->hashAlgo->currentHash()); Transaction; if (!TransBegin()) throw errorEx(tr("Failed to initiate DB transaction")); cert->setCrlExpire(widget->nextUpdate->getDate()); SQL_PREPARE(q, "UPDATE authority set crlNo=?, crlExpire=? WHERE item=?"); q.bindValue(0, (uint)cert->getCrlNumber().getLong()); q.bindValue(1, widget->nextUpdate->getDate().toPlain()); q.bindValue(2, cert->getSqlItemId()); AffectedItems(cert->getSqlItemId()); q.exec(); QSqlError err = q.lastError(); if (err.isValid()) throw errorEx(tr("Database error: %1").arg(err.text())); SQL_PREPARE(q, "UPDATE revocations set crlNo=? " "WHERE crlNo IS NULL AND caId=?"); q.bindValue(0, (uint)crl->getCrlNumber().getLong()); q.bindValue(1, cert->getSqlItemId()); q.exec(); err = q.lastError(); if (err.isValid()) throw errorEx(tr("Database error: %1").arg(err.text())); insertPKI(crl); err = db.lastError(); if (err.isValid()) throw errorEx(tr("Database error: %1").arg(err.text())); TransCommit(); createSuccess((crl)); } catch (errorEx &err) { MainWindow::Error(err); if (crl) delete crl; crl = NULL; } delete dlg; return; } xca-RELEASE.2.2.1/lib/builtin_curves.h0000644000175000017500000000121713614632167016672 0ustar tewardteward/* * Copyright (C) 2014 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __BUILTIN_EC_CURVES_H #define __BUILTIN_EC_CURVES_H #include #include #include "base.h" #define CURVE_X962 1 #define CURVE_OTHER 2 #define CURVE_RFC5480 3 class builtin_curve { public: int nid; QString comment; unsigned order_size; int flags; /* type: CKF_EC_F_P || CKF_EC_F_2M */ unsigned long type; builtin_curve(int n, QString c, int s, int f, int t) { nid = n; comment = c; order_size = s; flags = f; type = t; }; }; class builtin_curves: public QList { public: builtin_curves(); }; #endif xca-RELEASE.2.2.1/lib/pkcs11_lib.cpp0000644000175000017500000002001013614632167016110 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2009 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #include "pkcs11.h" #include "pk11_attribute.h" #include "exception.h" #include "db_base.h" #include "func.h" #include "pass_info.h" #include #include #include #include "ui_SelectToken.h" pkcs11_lib::pkcs11_lib(const QString &f) { CK_RV (*c_get_function_list)(CK_FUNCTION_LIST_PTR_PTR); CK_RV rv; file = name2File(f, &enabled); p11 = NULL; if (!enabled) return; lt_dlinit(); try { dl_handle = lt_dlopen(QString2filename(file)); if (dl_handle == NULL) throw errorEx(QObject::tr("Failed to open PKCS11 library: %1: %2").arg(file).arg(lt_dlerror())); /* Get the list of function pointers */ c_get_function_list = (CK_RV (*)(CK_FUNCTION_LIST_PTR_PTR)) lt_dlsym(dl_handle, "C_GetFunctionList"); if (!c_get_function_list) throw errorEx(QObject::tr("This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found.")); qDebug("Trying to load PKCS#11 provider %s", QString2filename(file)); rv = c_get_function_list(&p11); if (rv != CKR_OK) pk11error("C_GetFunctionList", rv); CALL_P11_C(this, C_Initialize, NULL); if (rv != CKR_OK && rv != CKR_CRYPTOKI_ALREADY_INITIALIZED) pk11error("C_Initialize", rv); qDebug("Successfully loaded PKCS#11 provider %s", QString2filename(file)); } catch (errorEx &err) { load_error = err.getString(); WAITCURSOR_END; if (p11) p11 = NULL; if (dl_handle) lt_dlclose(dl_handle); lt_dlexit(); qDebug("Failed to load PKCS#11 provider %s", QString2filename(file)); } } pkcs11_lib::~pkcs11_lib() { CK_RV rv; (void)rv; if (!isLoaded()) return; qDebug("Unloading PKCS#11 provider %s", QString2filename(file)); CALL_P11_C(this, C_Finalize, NULL); lt_dlclose(dl_handle); lt_dlexit(); qDebug("Unloaded PKCS#11 provider %s", QString2filename(file)); } QList pkcs11_lib::getSlotList() { CK_RV rv; CK_SLOT_ID *p11_slots = NULL; QList sl; unsigned long i, num_slots = 0; if (!isLoaded()) return sl; /* This one helps to avoid errors. * Fist time it fails, 2nd time it works */ CALL_P11_C(this, C_GetSlotList, CK_TRUE, p11_slots, &num_slots); while (1) { CALL_P11_C(this, C_GetSlotList, CK_TRUE, p11_slots, &num_slots); if (rv != CKR_OK && rv != CKR_BUFFER_TOO_SMALL) pk11error("C_GetSlotList", rv); if (num_slots == 0) break; if ((rv == CKR_OK) && p11_slots) break; p11_slots = (CK_SLOT_ID *)realloc(p11_slots, num_slots *sizeof(CK_SLOT_ID)); check_oom(p11_slots); } for (i=0; i 2 && name[1] == ':') { libname = name.mid(2); if (enabled) *enabled = name[0] != '0'; } return libname; } pkcs11_lib *pkcs11_lib_list::add_lib(const QString &fname) { foreach(pkcs11_lib *l, *this) { if (l->isLib(fname)) return l; } pkcs11_lib *l = new pkcs11_lib(fname); append(l); return l; } pkcs11_lib *pkcs11_lib_list::get_lib(const QString &fname) { foreach(pkcs11_lib *l, *this) { if (l->isLib(fname)) return l; } return NULL; } bool pkcs11_lib_list::remove_lib(const QString &fname) { for(int i=0; iisLib(fname)) { delete takeAt(i); return true; } } return false; } slotidList pkcs11_lib_list::getSlotList() { slotidList list; QString ex; bool success = false; for (int i=0; iisLoaded()) continue; try { QList realids; realids = l->getSlotList(); foreach(int id, realids) list << slotid(l, id); success = true; } catch (errorEx &e) { ex = e.getString(); } } if (success || ex.isEmpty()) return list; throw errorEx(ex); } const char *pk11errorString(unsigned long rv) { #define PK11_ERR(x) case x : return #x; switch (rv) { PK11_ERR(CKR_OK) PK11_ERR(CKR_CANCEL) PK11_ERR(CKR_HOST_MEMORY) PK11_ERR(CKR_SLOT_ID_INVALID) PK11_ERR(CKR_GENERAL_ERROR) PK11_ERR(CKR_FUNCTION_FAILED) PK11_ERR(CKR_ARGUMENTS_BAD) PK11_ERR(CKR_NO_EVENT) PK11_ERR(CKR_NEED_TO_CREATE_THREADS) PK11_ERR(CKR_CANT_LOCK) PK11_ERR(CKR_ATTRIBUTE_READ_ONLY) PK11_ERR(CKR_ATTRIBUTE_SENSITIVE) PK11_ERR(CKR_ATTRIBUTE_TYPE_INVALID) PK11_ERR(CKR_ATTRIBUTE_VALUE_INVALID) PK11_ERR(CKR_DATA_INVALID) PK11_ERR(CKR_DATA_LEN_RANGE) PK11_ERR(CKR_DEVICE_ERROR) PK11_ERR(CKR_DEVICE_MEMORY) PK11_ERR(CKR_DEVICE_REMOVED) PK11_ERR(CKR_ENCRYPTED_DATA_INVALID) PK11_ERR(CKR_ENCRYPTED_DATA_LEN_RANGE) PK11_ERR(CKR_FUNCTION_CANCELED) PK11_ERR(CKR_FUNCTION_NOT_PARALLEL) PK11_ERR(CKR_FUNCTION_NOT_SUPPORTED) PK11_ERR(CKR_KEY_HANDLE_INVALID) PK11_ERR(CKR_KEY_SIZE_RANGE) PK11_ERR(CKR_KEY_TYPE_INCONSISTENT) PK11_ERR(CKR_KEY_NOT_NEEDED) PK11_ERR(CKR_KEY_CHANGED) PK11_ERR(CKR_KEY_NEEDED) PK11_ERR(CKR_KEY_INDIGESTIBLE) PK11_ERR(CKR_KEY_FUNCTION_NOT_PERMITTED) PK11_ERR(CKR_KEY_NOT_WRAPPABLE) PK11_ERR(CKR_KEY_UNEXTRACTABLE) PK11_ERR(CKR_MECHANISM_INVALID) PK11_ERR(CKR_MECHANISM_PARAM_INVALID) PK11_ERR(CKR_OBJECT_HANDLE_INVALID) PK11_ERR(CKR_OPERATION_ACTIVE) PK11_ERR(CKR_OPERATION_NOT_INITIALIZED) PK11_ERR(CKR_PIN_INCORRECT) PK11_ERR(CKR_PIN_INVALID) PK11_ERR(CKR_PIN_LEN_RANGE) PK11_ERR(CKR_PIN_EXPIRED) PK11_ERR(CKR_PIN_LOCKED) PK11_ERR(CKR_SESSION_CLOSED) PK11_ERR(CKR_SESSION_COUNT) PK11_ERR(CKR_SESSION_HANDLE_INVALID) PK11_ERR(CKR_SESSION_PARALLEL_NOT_SUPPORTED) PK11_ERR(CKR_SESSION_READ_ONLY) PK11_ERR(CKR_SESSION_EXISTS) PK11_ERR(CKR_SESSION_READ_ONLY_EXISTS) PK11_ERR(CKR_SESSION_READ_WRITE_SO_EXISTS) PK11_ERR(CKR_SIGNATURE_INVALID) PK11_ERR(CKR_SIGNATURE_LEN_RANGE) PK11_ERR(CKR_TEMPLATE_INCOMPLETE) PK11_ERR(CKR_TEMPLATE_INCONSISTENT) PK11_ERR(CKR_TOKEN_NOT_PRESENT) PK11_ERR(CKR_TOKEN_NOT_RECOGNIZED) PK11_ERR(CKR_TOKEN_WRITE_PROTECTED) PK11_ERR(CKR_UNWRAPPING_KEY_HANDLE_INVALID) PK11_ERR(CKR_UNWRAPPING_KEY_SIZE_RANGE) PK11_ERR(CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT) PK11_ERR(CKR_USER_ALREADY_LOGGED_IN) PK11_ERR(CKR_USER_NOT_LOGGED_IN) PK11_ERR(CKR_USER_PIN_NOT_INITIALIZED) PK11_ERR(CKR_USER_TYPE_INVALID) PK11_ERR(CKR_USER_ANOTHER_ALREADY_LOGGED_IN) PK11_ERR(CKR_USER_TOO_MANY_TYPES) PK11_ERR(CKR_WRAPPED_KEY_INVALID) PK11_ERR(CKR_WRAPPED_KEY_LEN_RANGE) PK11_ERR(CKR_WRAPPING_KEY_HANDLE_INVALID) PK11_ERR(CKR_WRAPPING_KEY_SIZE_RANGE) PK11_ERR(CKR_WRAPPING_KEY_TYPE_INCONSISTENT) PK11_ERR(CKR_RANDOM_SEED_NOT_SUPPORTED) PK11_ERR(CKR_RANDOM_NO_RNG) PK11_ERR(CKR_DOMAIN_PARAMS_INVALID) PK11_ERR(CKR_BUFFER_TOO_SMALL) PK11_ERR(CKR_SAVED_STATE_INVALID) PK11_ERR(CKR_INFORMATION_SENSITIVE) PK11_ERR(CKR_STATE_UNSAVEABLE) PK11_ERR(CKR_CRYPTOKI_NOT_INITIALIZED) PK11_ERR(CKR_CRYPTOKI_ALREADY_INITIALIZED) PK11_ERR(CKR_MUTEX_BAD) PK11_ERR(CKR_MUTEX_NOT_LOCKED) PK11_ERR(CKR_VENDOR_DEFINED) } return "unknown PKCS11 error"; } void pk11error(const QString &func, int rv) { WAITCURSOR_END errorEx err(QObject::tr("PKCS#11 function '%1' failed: %2").arg(func). arg(pk11errorString(rv))); throw err; } void pk11error(slotid slot, const QString &func, int rv) { WAITCURSOR_END errorEx err(QObject::tr("PKCS#11 function '%1' failed: %2\nIn library %3\n%4"). arg(func).arg(pk11errorString(rv)).arg(slot.lib->filename()). arg(slot.lib->driverInfo()), "", rv); throw err; } xca-RELEASE.2.2.1/lib/pk11_attribute.cpp0000644000175000017500000000637113614632167017035 0ustar tewardteward/* vi: set sw=4 ts=4: * * Copyright (C) 2009 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #include "pkcs11.h" #include "pk11_attribute.h" #include "exception.h" #include void pk11_attribute::load(slotid slot, CK_SESSION_HANDLE sess, CK_OBJECT_HANDLE obj) { CK_RV rv; rv = slot.p11()->C_GetAttributeValue(sess, obj, &attr, 1); if (rv != CKR_OK) pk11error("C_GetAttribute()", rv); } void pk11_attr_data::load(slotid slot, CK_SESSION_HANDLE sess, CK_OBJECT_HANDLE obj) { CK_RV rv; if (attr.pValue) { free(attr.pValue); attr.pValue = NULL; } attr.ulValueLen = 0; rv = slot.p11()->C_GetAttributeValue(sess, obj, &attr, 1); if (rv == CKR_OK) { attr.pValue = malloc(attr.ulValueLen +1); check_oom(attr.pValue); rv = slot.p11()->C_GetAttributeValue(sess, obj, &attr, 1); \ if (rv == CKR_OK) return; } pk11error("C_GetAttributeValue(data)", rv); \ } void pk11_attr_data::setValue(const unsigned char *ptr, unsigned long len) { if (attr.pValue) free(attr.pValue); if (!ptr || len == 0) { attr.ulValueLen = 0; attr.pValue = NULL; return; } attr.pValue = malloc(len+1); check_oom(attr.pValue); memcpy(attr.pValue, ptr, len); attr.ulValueLen = len; ((char*)attr.pValue)[len] = 0; } void pk11_attr_data::setConstBignum(const BIGNUM *bn) { attr.ulValueLen = BN_num_bytes(bn); if (attr.pValue) free(attr.pValue); attr.pValue = malloc(attr.ulValueLen); check_oom(attr.pValue); attr.ulValueLen = BN_bn2bin(bn, (unsigned char *)attr.pValue); } void pk11_attr_data::setBignum(BIGNUM *bn, bool consume) { setConstBignum(bn); if (consume) BN_free(bn); } void pk11_attribute::store(slotid slot, CK_SESSION_HANDLE sess, CK_OBJECT_HANDLE obj) { CK_RV rv; rv = slot.p11()->C_SetAttributeValue(sess, obj, &attr, 1); if (rv != CKR_OK) pk11error("C_SetAttributeValue", rv); } void pk11_attlist::copy(const pk11_attlist &a) { reset(); attlen = a.attlen; alloc_len = a.alloc_len; if (alloc_len) { attributes = (CK_ATTRIBUTE *)malloc(alloc_len *sizeof(*attributes)); check_oom(attributes); memcpy(attributes, a.attributes, attlen *sizeof(*attributes)); } for (unsigned long i=0; itype = a.attr.type; attr->ulValueLen = a.attr.ulValueLen; attr->pValue = malloc(attr->ulValueLen +1); check_oom(attr->pValue); memcpy(attr->pValue, a.attr.pValue, attr->ulValueLen); ((char*)attr->pValue)[attr->ulValueLen] = 0; } void pk11_attlist::reset() { for (unsigned long i=0; i #include #include #include #include #include #include "func.h" #include "oid.h" #include "widgets/XcaWarning.h" #include "widgets/MainWindow.h" int first_additional_oid = 0; QMap oid_name_clash; QMap oid_lower_map; static void addToLowerMap(int nid) { QString n = OBJ_nid2sn(nid); QString l = n.toLower(); if (n != l) oid_lower_map[l] = nid; n = OBJ_nid2ln(nid); l = n.toLower(); if (n != l) oid_lower_map[l] = nid; } /* reads additional OIDs from a file: oid, sn, ln */ static void insert_new_oid(const QStringList &sl, QString fname, int line) { bool differs = false; QByteArray in_use, oid, sn, ln; oid = sl[0].toLatin1(); sn = sl[1].toLatin1(); ln = sl[2].toLatin1(); if (sl.count() != 3) { XCA_WARN(QObject::tr("Error reading config file %1 at line %2") .arg(fname).arg(line)); return; } int nid = OBJ_txt2nid(oid.constData()); if (nid != NID_undef) { /* OID already known by OpenSSL */ if (sn != OBJ_nid2sn(nid)) { /* ... but with a different ShortName */ qWarning() << "OID: " << oid << "SN differs: " << sn << " " << OBJ_nid2sn(nid); oid_name_clash[sn] = OBJ_nid2sn(nid); differs = true; } if (ln != OBJ_nid2ln(nid)) { /* ... but with a different LongName */ qWarning() << "OID: " << oid << "LN differs: " << ln << " " << OBJ_nid2ln(nid); oid_name_clash[ln] = OBJ_nid2ln(nid); differs = true; } } else { /* Check whether ShortName or LongName are already in use * for a different OID */ if (OBJ_txt2nid(sn.constData()) != NID_undef) in_use = sn; if (OBJ_txt2nid(ln.constData()) != NID_undef) in_use = ln; } ign_openssl_error(); if (differs) { /* OID exists with different SN or LN. The differing names * are added as "alias" in "oid_name_clash" used when loading * dn.txt and eku.txt */ XCA_WARN(QObject::tr("The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed.") .arg(sl.join(":")).arg(fname).arg(line) .arg(OBJ_obj2QString(OBJ_nid2obj(nid), 1)) .arg(OBJ_nid2sn(nid)).arg(OBJ_nid2ln(nid)) ); } else if (!in_use.isEmpty()) { /* OID does not exist, but SN or LN however do. * Do NOT create OID and tell the user about */ nid = OBJ_txt2nid(in_use.constData()); XCA_WARN(QObject::tr("The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts.") .arg(in_use.constData()) .arg(oid.constData()) .arg(fname).arg(line) .arg(OBJ_obj2QString(OBJ_nid2obj(nid), 1)) .arg(OBJ_nid2sn(nid)).arg(OBJ_nid2ln(nid)) ); } else if (nid == NID_undef) { nid=OBJ_create(oid.constData(), sn.constData(), ln.constData()); qDebug() << "Creating OID:" << fname << line << nid << oid << sn << ln; try { openssl_error(); addToLowerMap(nid); } catch (errorEx &e) { errorEx err(errorEx(e.getString() + QString("%1:%2 OID: %3") .arg(fname).arg(line).arg(oid.constData()))); MainWindow::Error(err); } } } static void readOIDs(QString fname) { int line = 0; QFile file(fname); if (!file.open(QIODevice::ReadOnly)) return; QTextStream in(&file); while (!in.atEnd()) { QString entry = in.readLine().trimmed(); line++; if (entry.startsWith('#') || entry.isEmpty()) continue; insert_new_oid(entry.split(QRegExp("\\s*:\\s*")), fname, line); } } void initOIDs() { QString oids = QString(QDir::separator()) + "oids.txt"; QString dir = getPrefix(); first_additional_oid = OBJ_new_nid(0); openssl_error(); for (int i=0; i #include #include #include class QString; class x509v3ext { private: X509_EXTENSION *ext; const ASN1_OBJECT *object() const; public: x509v3ext(); x509v3ext(const X509_EXTENSION *n); x509v3ext(const x509v3ext &n); ~x509v3ext(); x509v3ext &set(const X509_EXTENSION *n); x509v3ext &create(int nid, const QString &et, X509V3_CTX *ctx = NULL); x509v3ext &create_ia5(int nid, const QString &et, X509V3_CTX *ctx = NULL); x509v3ext &operator = (const x509v3ext &x); // bool operator == (const x509v3ext &x) const; QString getObject() const; int getCritical() const; ASN1_OCTET_STRING *getData() const; QString getValue(bool html=false) const; QString getHtml() const; X509_EXTENSION *get() const; bool isValid() const; int nid() const; void *d2i() const; bool genConf(QString *single, QString *adv) const; bool parse_generic(QString *single, QString *adv) const; protected: QString parse_critical() const; bool parse_certpol(QString *single, QString *adv) const; bool parse_ainfo(QString *single, QString *adv) const; bool parse_Crldp(QString *single, QString *adv) const; bool parse_eku(QString *single, QString *adv) const; bool parse_generalName(QString *single, QString *adv) const; bool parse_ia5(QString *single, QString *adv) const; bool parse_bc(QString *single, QString *adv) const; bool parse_bitstring(QString *single, QString *adv) const; bool parse_sKeyId(QString *single, QString *adv) const; bool parse_aKeyId(QString *single, QString *adv) const; bool parse_inhibitAnyPolicy(QString *, QString *adv) const; bool parse_policyConstraints(QString *, QString *adv) const; bool parse_policyMappings(QString *, QString *adv) const; bool parse_nameConstraints(QString *, QString *adv) const; }; class extList : public QList { public: void setStack(const STACK_OF(X509_EXTENSION) *st, int start=0); STACK_OF(X509_EXTENSION) *getStack(); QString getHtml(const QString &sep); bool delByNid(int nid); int delInvalid(); int idxByNid(int nid); bool genConf(int nid, QString *single, QString *adv = NULL); void genGenericConf(QString *adv); bool search(const QRegExp &pattern); }; #endif xca-RELEASE.2.2.1/INSTALL.w320000644000175000017500000000105513614632167014361 0ustar tewardteward This is a short overview of how to build XCA for windows. This is for debian hosts, cross-compiling a windows binary. Needed packages: mingw cross compiler makensis cross tool wine (to run moc.exe and uic.exe) # apt-get install mingw-w64 nsis wine create a new, empty directory say xca-w32 $ cd xca-w32 $ tar zxf xca-0.x.y.tar.gz Use a W32 host to execute and install the QT5 tools copy the installed tree to ./qt/ Edit the Qt Version in xca-x.y.z/misc/build-w32.sh Now call xca-x.y.z/misc/build-w32.sh and wait until xca_setup.exe is built. xca-RELEASE.2.2.1/git.release0000755000175000017500000000315513614632167015051 0ustar tewardteward#!/bin/sh set -e type git || exit 1 test -s VERSION && test -s changelog && test -d ../qt export TVERSION="$1" commit=master test -z "$2" || commit="$2" if test -z "$TVERSION"; then echo "usage: $0 [commit]" echo " if commit is ommitted, 'master' is used" exit 1 fi if ! git diff-index --quiet HEAD --; then echo "You have local changes, please commit, reset or stash them" exit 1 fi lasttag=$(git describe --abbrev=0 HEAD) unset unchanged for i in changelog doc/xca.sgml README.md; do if git diff --quiet "$lasttag" -- $i; then echo "File $i untouched since $lasttag" unchanged="x" fi done if test -n "$unchanged"; then echo "Are you sure to not change the file(s) above?" read a fi x=$(git grep "^xca $TVERSION " changelog || git grep "^$TVERSION\$" VERSION || :) if test -n "$x"; then echo "$x" echo Release $TVERSION already exists exit 1 fi echo "$TVERSION" > VERSION ( LANG=C date +"xca $TVERSION %a %b %d %Y" echo cat changelog ) > changelog.new mv changelog.new changelog git commit VERSION changelog -m "Prepare XCA $TVERSION" git tag -a "RELEASE.$TVERSION" -m "Release version $TVERSION" # Create the tar.gz make dist releasedir="$HOME/xca-$TVERSION" mkdir -p "$releasedir" cp xca-$TVERSION.tar.gz "$releasedir" ( cd .. tar zxf "$releasedir/xca-$TVERSION.tar.gz" mkdir -p "xca-$TVERSION/BUILD" && cd "xca-$TVERSION/BUILD" ../configure && make -j7 mkdir "$releasedir/doc" cp doc/*.html "$releasedir/doc" ) ( cd .. "./xca-$TVERSION/misc/build-w32.sh" cp "xca-portable-${TVERSION}.zip" msi-installer-dir-${TVERSION}.zip "$releasedir" ) ls -la "$releasedir" xca-RELEASE.2.2.1/Makefile0000644000175000017500000001404313614632167014357 0ustar tewardteward# # Makefile for XCA # ##################################################################### TAG=RELEASE.$(TVERSION) TARGET=xca-$(TVERSION) MAKEFLAGS += -rR export BUILD=$(shell pwd) ifneq ($(MAKECMDGOALS), distclean) ifneq ($(MAKECMDGOALS), clean) ifneq ($(MAKECMDGOALS), dist) include Local.mak endif endif endif ifeq ($(TOPDIR),) TOPDIR=. endif VPATH=$(TOPDIR) SUBDIRS=lib widgets img misc OBJECTS=$(patsubst %, %/.build-stamp, $(SUBDIRS)) INSTDIR=misc lang doc img INSTTARGET=$(patsubst %, install.%, $(INSTDIR)) APPTARGET=$(patsubst %, app.%, $(INSTDIR)) DMGSTAGE=$(BUILD)/xca-$(VERSION) MACTARGET=$(DMGSTAGE)${EXTRA_VERSION} APPDIR=$(DMGSTAGE)/xca.app/Contents OSSLSIGN=PKCS11SPY=/opt/SimpleSign/libcrypto3PKCS.so /usr/local/bin/osslsigncode OSSLSIGN_OPT=sign -askpass -certs ~/osdch.crt -askpass \ -key "pkcs11:object=Open%20Source%20Developer%2C%20Christian%20Hohnstaedt" \ -pkcs11engine /usr/lib/x86_64-linux-gnu/engines-1.1/libpkcs11.so \ -pkcs11module /usr/lib/x86_64-linux-gnu/pkcs11-spy.so \ -n "XCA $(VERSION)" -i https://hohnstaedt.de/xca \ -t http://timestamp.comodoca.com -h sha2 MAKENSIS=makensis ifeq ($(SUFFIX), .exe) all: xca-portable.zip msi-installer-dir.zip else ifneq ($(MACDEPLOYQT),) all: $(MACTARGET).dmg else all: xca$(SUFFIX) do.doc do.lang @echo @echo "Ok, compilation was successful." @echo "Now do as root: 'make install'" @echo endif endif ifeq ($(MAKECMDGOALS),) MAKEFLAGS += -s PRINT=echo else PRINT=: endif export PRINT ifneq ($(TOPDIR), $(BUILD)) do.ui: clean_topdir clean_topdir: $(MAKE) -C $(TOPDIR) clean endif xca$(SUFFIX): $(OBJECTS) @$(PRINT) " LINK $@" $(CC) $(CPPFLAGS) $(CFLAGS) $(LDFLAGS) $(patsubst %,@%, $^) $(LIBS) -o $@ do.ui do.doc do.lang do.misc: do.%: mkdir -p $* $(MAKE) -C $* -f $(TOPDIR)/$*/Makefile VPATH=$(TOPDIR)/$* $* headers: do.ui commithash.h %/.build-stamp: headers mkdir -p $* $(MAKE) -C $* -f $(TOPDIR)/$*/Makefile \ VPATH=$(TOPDIR)/$* $(INSTTARGET): install.%: %/.build-stamp mkdir -p $* $(MAKE) -C $* -f $(TOPDIR)/$*/Makefile \ VPATH=$(TOPDIR)/$* install $(APPTARGET): app.%: %/.build-stamp mkdir -p $* $(MAKE) -C $* -f $(TOPDIR)/$*/Makefile \ VPATH=$(TOPDIR)/$* APPDIR=$(APPDIR) app clean: find lib widgets img misc -name "*.o" \ -o -name ".build-stamp" \ -o -name ".depend" \ -o -name "moc_*.cpp" | xargs rm -f rm -f ui/ui_*.h lang/xca_*.qm doc/*.html doc/xca.1.gz img/imgres.cpp rm -f lang/*.xml lang/.build-stamp misc/dn.txt misc/eku.txt rm -f commithash.h misc/oids.txt rm -f xca$(SUFFIX) *.dmg xca-portable*.zip msi-installer-dir*.zip xca*.msi rm -rf xca-$(VERSION)* msi-installer-dir-$(VERSION)* xca-portable-$(VERSION)* distclean: clean rm -f local.h Local.mak config.log config.status misc/Info.plist dist: $(TARGET).tar.gz $(TARGET).tar: test ! -z "$(TVERSION)" git archive --format=tar --prefix=$(TARGET)/ $(TAG) > _$@ V=`tar xf _$@ -O $(TARGET)/VERSION` && \ test "$(TVERSION)" = "$$V" && echo "$$V" > VERSION ./bootstrap "$(TARGET)" tar -rf _$@ "$(TARGET)/configure" rm -rf "$(TARGET)" mv _$@ $@ $(TARGET).tar.gz: $(TARGET).tar gzip -9 < $^ > $@ snapshot: HASH=$$(git rev-parse HEAD) && \ git archive --format=tar --prefix=xca-$${HASH}/ HEAD | \ gzip -9 > xca-$${HASH}.tar.gz install: xca$(SUFFIX) $(INSTTARGET) install -m 755 -d $(destdir)$(bindir) install -m 755 xca $(destdir)$(bindir) $(STRIP) $(destdir)$(bindir)/xca xca$(SUFFIX).signed: xca$(SUFFIX) %.signed: % $(STRIP) $< || : if test -n "$(OSSLSIGN)"; then \ $(OSSLSIGN) $(OSSLSIGN_OPT) -in "$<" -out "$@" 2>/dev/null; \ else \ mv "$<" "$@"; \ fi msi-installer-dir-$(VERSION): misc/xca.wxs misc/xca.bat misc/variables.wxi img/banner.bmp img/dialog.bmp img/key.ico misc/copyright.rtf rm -f $@/* && mkdir -p $@ && cp -ra $^ $@ xca-portable-$(VERSION): xca$(SUFFIX).signed do.doc do.lang do.misc rm -rf $@ mkdir -p $@/sqldrivers $@/platforms $@/html $@/i18n cp xca$(SUFFIX).signed $@/xca$(SUFFIX) cp $(patsubst %,misc/%.txt, dn eku oids) \ $(patsubst %,"$(QTDIR)/bin/%.dll", Qt5Gui Qt5Core Qt5Widgets \ Qt5Sql libwinpthread-1 libstdc++-6 libgcc_s_seh-1) \ "$(INSTALL_DIR)/bin/libltdl-7.dll" \ "$(INSTALL_DIR)/bin/libcrypto-1_1-x64.dll" \ "$(TOPDIR)"/misc/*.xca "${TOPDIR}/../sql/"*.dll $@ cp doc/*.html $@/html cp $(patsubst %,"$(QTDIR)/translations/qt_%.qm", de es pl pt ru fr sk it ja) \ lang/*.qm $@/i18n sed 's/$$/\r/' < "$(TOPDIR)"/COPYRIGHT > $@/copyright.txt cp "$(QTDIR)/plugins/platforms/qwindows.dll" $@/platforms cp $(patsubst %,"$(QTDIR)/plugins/sqldrivers/%.dll", qsqlite qsqlmysql qsqlpsql qsqlodbc) $@/sqldrivers xca-portable.zip: xca-portable-$(VERSION).zip msi-installer-dir.zip: msi-installer-dir-$(VERSION).zip %-$(VERSION).zip: %-$(VERSION) zip -r $@ $^ $(DMGSTAGE): xca$(SUFFIX) rm -rf $(DMGSTAGE) mkdir -p $(DMGSTAGE)/xca.app/Contents/MacOS mkdir -p $(DMGSTAGE)/xca.app/Contents/Resources mkdir -p $(DMGSTAGE)/manual ln -s /Applications $(DMGSTAGE) install -m 644 $(TOPDIR)/COPYRIGHT $(DMGSTAGE)/COPYRIGHT.txt install -m 755 xca $(DMGSTAGE)/xca.app/Contents/MacOS $(STRIP) $(DMGSTAGE)/xca.app/Contents/MacOS/xca $(MAKE) $(APPTARGET) cp -r $(DMGSTAGE)/xca.app/Contents/Resources/*.html $(DMGSTAGE)/manual ln -s xca.html $(DMGSTAGE)/manual/index.html $(MACDEPLOYQT) $(DMGSTAGE)/xca.app xca.dmg: $(MACTARGET).dmg xca.app: $(DMGSTAGE) $(MACTARGET).dmg: $(DMGSTAGE) # Check for "Users" or "chris" in the resulting DMG image rpath="`cd $(DMGSTAGE) && otool -l xca.app/Contents/MacOS/xca | grep -e "chris\|Users" ||:`" && \ if test -n "$$rpath"; then echo " ERROR $$rpath"; false; fi -codesign --force --deep --signature-size=96000 -s "Christian Hohnstaedt" $(DMGSTAGE)/xca.app --timestamp hdiutil create -ov -fs HFS+ -volname "xca-$(VERSION)" -srcfolder "$<" "$@" trans: $(MAKE) -C lang po2ts lupdate -locations relative $(TOPDIR)/xca.pro $(MAKE) -C lang xca.pot .PHONY: $(SUBDIRS) $(INSTDIR) xca.app doc lang macdeployqt/macdeployqt $(DMGSTAGE) commithash.h xca-portable.zip msi-installer-dir.zip do.doc do.lang headers: local.h Local.mak: configure Local.mak.in $(TOPDIR)/configure commithash.h: @$(PRINT) " GEN $@" $(TOPDIR)/gen_commithash.h.sh $@ xca-RELEASE.2.2.1/lang/0000755000175000017500000000000013614632167013636 5ustar tewardtewardxca-RELEASE.2.2.1/lang/tr.po0000644000175000017500000014440213614632167014630 0ustar tewardteward# Turkish translation for xca # Copyright (c) 2010 Rosetta Contributors and Canonical Ltd 2010 # This file is distributed under the same license as the xca package. # FIRST AUTHOR , 2010. # msgid "" msgstr "" "Project-Id-Version: xca\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2011-04-30 08:24+0200\n" "PO-Revision-Date: 2011-04-28 09:11+0000\n" "Last-Translator: Mesut YETER \n" "Language-Team: Turkish \n" "Language: tr\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "X-Launchpad-Export-Date: 2011-04-30 05:52+0000\n" "X-Generator: Launchpad (build 12915)\n" #: About#1 msgid "Done" msgstr "Bitti" #: CaProperties#1 msgid "CA Properties" msgstr "CA Özellikleri" #: CaProperties#2 msgid "Use random Serial numbers" msgstr "Değişken Seri numaralar kullan" #: CaProperties#3 msgid "Days until next CRL issuing" msgstr "" #: CaProperties#4 msgid "Default template" msgstr "Varsayılan şablon" #: CaProperties#5 msgid "Next serial for signing" msgstr "İmza için sonraki seri" #: CertDetail#1 msgid "Details of the Certificate" msgstr "Sertifika bilgileri" #: CertDetail#2 msgid "S&tatus" msgstr "&Durum" #: CertDetail#3 msgctxt "CertDetail#3" msgid "Serial" msgstr "Seri" #: CertDetail#4 msgid "The serial number of the certificate" msgstr "Sertifika seri numarası" #: CertDetail#5 msgid "The internal name of the certificate in the database" msgstr "Sertifika veritabanındaki isim" #: CertDetail#6 msgctxt "CertDetail#6" msgid "Internal name" msgstr "Dahili adı" #: CertDetail#7 msgctxt "CertDetail#7" msgid "Signature algorithm" msgstr "İmza algoritması" #: CertDetail#8 msgctxt "CertDetail#8" msgid "Signature" msgstr "İmza" #: CertDetail#9 msgctxt "CertDetail#9" msgid "Key" msgstr "Anahtar" #: CertDetail#10 msgid "Fingerprints" msgstr "Parmak izleri" #: CertDetail#11 msgid "SHA1" msgstr "SHA1" #: CertDetail#12 msgid "MD5" msgstr "MD5" #: CertDetail#13 msgid "A SHA-1 hashsum of the certificate" msgstr "A SHA-1 hashsum sertifikası" #: CertDetail#14 msgid "An md5 hashsum of the certificate" msgstr "An md5 hassum sertifikası" #: CertDetail#15 msgctxt "CertDetail#15" msgid "Validity" msgstr "Geçerlilik" #: CertDetail#16 msgid "The time since the certificate is valid" msgstr "Zamana kadar geçerli sertifika" #: CertDetail#17 msgid "The time until the certificate is valid" msgstr "Bu zaman kadar sertifika geçerli" #: CertDetail#18 msgid "&Subject" msgstr "&Konu" #: CertDetail#19 msgctxt "CertDetail#19" msgid "&Issuer" msgstr "&veren" #: CertDetail#20 msgid "Attributes" msgstr "Nitelikler" #: CertDetail#21 msgctxt "CertDetail#21" msgid "&Extensions" msgstr "&Uzantıları" #: CertDetail#22 msgid "Show config" msgstr "Yapılandırmayı göster" #: CertDetail#23 msgid "Show extensions" msgstr "Uzantıları göster" #: CertDetail#24 msgctxt "CertDetail#24" msgid "Not available" msgstr "Kullanılamaz" #: CertDetail#25 msgid "Details of the certificate" msgstr "Sertifika detayları" #: CertDetail#26 msgid "Signer unknown" msgstr "Bilinmeyen imzalayan makam" #: CertDetail#27 msgid "Self signed" msgstr "Kendinden imzalı" #: CertDetail#28 msgctxt "CertDetail#28" msgid "Not trusted" msgstr "Güvenilmeyen" #: CertDetail#29 msgid "Trusted" msgstr "Güvenilir" #: CertDetail#30 msgid "Revoked: " msgstr "İptaledilmiş " #: CertDetail#31 msgid "Not valid" msgstr "Geçersiz" #: CertDetail#32 msgid "Valid" msgstr "Geçerli" #: CertDetail#33 msgid "Details of the certificate signing request" msgstr "sertifika imzalama isteği detayları" #: CertExtend#1 msgid "Certificate renewal" msgstr "Sertifika yenileme" #: CertExtend#2 msgid "" "This will create a new certificate as a copy of the old one with a new " "serial number and adjusted validity values." msgstr "" "Bu yeni bir seri numarası ve düzeltilmiş geçerlilik değerleri ile eski bir " "kopyası olarak yeni bir sertifika oluşturur." #: CertExtend#3 msgctxt "CertExtend#3" msgid "Validity" msgstr "Geçerlilik" #: CertExtend#4 msgctxt "CertExtend#4" msgid "Not before" msgstr "Öncedeğil" #: CertExtend#5 msgctxt "CertExtend#5" msgid "Not after" msgstr "Sonradeğil" #: CertExtend#6 msgctxt "CertExtend#6" msgid "Time range" msgstr "Zaman aralığı" #: CertExtend#7 msgctxt "CertExtend#7" msgid "No well-defined expiration" msgstr "Tanımlanmamış son" #: CertExtend#8 msgctxt "CertExtend#8" msgid "Apply" msgstr "Uygula" #: CertExtend#9 msgctxt "CertExtend#9" msgid "Days" msgstr "Gün" #: CertExtend#10 msgctxt "CertExtend#10" msgid "Months" msgstr "Ay" #: CertExtend#11 msgctxt "CertExtend#11" msgid "Years" msgstr "Yıl" #: CertExtend#12 msgctxt "CertExtend#12" msgid "Midnight" msgstr "Gece Yarısı" #: CertExtend#13 msgctxt "CertExtend#13" msgid "" "The certificate will be earlier valid than the signer. This is probably not " "what you want." msgstr "" "Sertifika önceki imzalayandan daha geçerli olacaktır. Muhtemelen istediğiniz " "bu değildir." #: CertExtend#14 msgid "Edit times" msgstr "Zamanı düzenle" #: CertExtend#15 msgctxt "CertExtend#15" msgid "Abort rollout" msgstr "" #: CertExtend#16 msgctxt "CertExtend#16" msgid "Continue rollout" msgstr "" #: CertExtend#17 msgctxt "CertExtend#17" msgid "Adjust date and continue" msgstr "Tarihi düzenler ve devam eder" #: CertExtend#18 msgctxt "CertExtend#18" msgid "" "The certificate will be longer valid than the signer. This is probably not " "what you want." msgstr "" "Sertifika önceki imzalayandan daha geçerli olacaktır. Muhtemelen istediğiniz " "bu değildir." #: CertView#1 msgctxt "CertView#1" msgid "There was no key found for the Certificate: " msgstr "Sertifikadaki anahtar bulunamıyor. " #: CertView#2 msgctxt "CertView#2" msgid "Import Certificate signing request" msgstr "Sertifika imzalama isteği" #: ClickLabel#1 msgid "Double click for details" msgstr "Detaylariçin çift tıklayın" #: CrlDetail#1 msgid "Details of the Revocation list" msgstr "İptal listesi için çift tıklayın" #: CrlDetail#2 msgid "&Status" msgstr "&Durum" #: CrlDetail#3 msgid "Version" msgstr "Sürüm" #: CrlDetail#4 msgctxt "CrlDetail#4" msgid "Signature" msgstr "İmza" #: CrlDetail#5 msgid "Signed by" msgstr "İmzalayan:" #: CrlDetail#6 msgctxt "CrlDetail#6" msgid "Name" msgstr "İsim" #: CrlDetail#7 msgid "The internal name of the CRL in the database" msgstr "CRL veritabanındaki isim" #: CrlDetail#8 msgid "issuing dates" msgstr "Verilen tarih" #: CrlDetail#9 msgid "Next Update" msgstr "Sonraki Güncelleme" #: CrlDetail#10 msgid "Last Update" msgstr "Son Güncelleme" #: CrlDetail#11 msgctxt "CrlDetail#11" msgid "&Issuer" msgstr "&veren" #: CrlDetail#12 msgctxt "CrlDetail#12" msgid "&Extensions" msgstr "&Uzantıları" #: CrlDetail#13 msgid "&Revocation list" msgstr "&İptal listesi" #: CrlDetail#14 msgid "0" msgstr "0" #: CrlDetail#15 msgctxt "CrlDetail#15" msgid "Serial" msgstr "Seri" #: CrlDetail#16 msgctxt "CrlDetail#16" msgid "Revocation" msgstr "İptal" #: CrlDetail#17 msgid "Reason" msgstr "Neden" #: CrlDetail#18 msgid "Invalidation" msgstr "İptal" #: CrlDetail#19 msgid "Failed" msgstr "Başarısız" #: CrlDetail#20 msgid "Unknown signer" msgstr "Bilinmeyen imzalayan" #: CrlDetail#21 msgid "Verification not possible" msgstr "Doğrulama mümkün değil" #: CrlDetail#22 msgid "Unknown certificate" msgstr "Bilinmeyen sertifika" #: ExportCert#1 msgid "X509 Certificates ( *.cer *.crt *.p12 *.p7b);;All files ( * )" msgstr "X509 sertifikası (*cer *.crt *.p12 *.p7b);;Tüm dosyalar (*)" #: ExportCert#2 msgid "" "DER is a binary format of the Certificate\n" "PEM is a base64 encoded Certificate\n" "PKCS#7 is an official Certificate exchange format\n" "PKCS#12 is an encrypted official Key-Certificate exchange format\n" msgstr "" "DER ikili sertifika formatı\n" "PEM base64 kodlu sertifika\n" "PKCS#7 resmi değişim sertifikası\n" "PKCS#12 kriptolu anahtar sertifikası\n" #: ExportCert#3 msgid "Please enter the filename for the certificate." msgstr "Lütfen sertifika ismini giriniz." #: ExportCert#4 msgid "Certificate export" msgstr "Sertifika dışa aktar" #: ExportDer#1 msgctxt "ExportDer#1" msgid "All files ( * )" msgstr "Bütün dosyalar ( * )" #: ExportDer#2 msgid "" "DER is a binary format\n" "PEM is a base64 encoded DER file\n" msgstr "" "DER ikili biçimdir\n" "PEM base64 kodlanmış DER dosyası\n" #: ExportDialog#1 msgid "..." msgstr "..." #: ExportDialog#2 msgid "Filename" msgstr "Dosya adı" #: ExportDialog#3 msgid "Please enter the filename" msgstr "Lütfen dosya adını giriniz" #: ExportDialog#4 msgid "Export Format" msgstr "Verme biçimi" #: ExportDialog#5 msgid "The file: '%1' already exists!" msgstr "Dosya: 2%1' zaten var" #: ExportDialog#6 msgid "Overwrite" msgstr "Üzerine yaz" #: ExportDialog#7 msgid "Do not overwrite" msgstr "Üzerine yazmayın" #: ExportKey#1 msgid "When exporting the private key it should be encrypted." msgstr "Özel anahtar dışa aktarılırken şifreli olmalıdır." #: ExportKey#2 msgid "When exporting the private part, it should be encrypted." msgstr "Özel bölüm aktarılırken şifreli olmalıdır." #: ExportKey#3 msgid "E&xport the private part of the Key too" msgstr "Dışa aktarılan özel bölüm anahtarı çok" #: ExportKey#4 msgid "Export as PKCS#8" msgstr "PKCS#8 olarak aktar" #: ExportKey#5 msgid "&Encrypt the Key with a password" msgstr "" #: ExportKey#6 msgid "Private keys ( *.pem *.der *.pk8 );;All files ( * )" msgstr "Özel anatarlar (*.pem *.der *.pk8);;Tüm dosyalar ( * )" #: ExportKey#7 msgid "" "DER is a binary format of the key without encryption\n" "PEM is a base64 encoded key with optional encryption\n" "PKCS#8 is an encrypted official Key-exchange format" msgstr "" #: ExportKey#8 msgid "Please enter the filename for the key." msgstr "" #: ExportKey#9 msgid "Public key export" msgstr "" #: ExportKey#10 msgid "Key export" msgstr "" #: Help#1 msgid "<<" msgstr "<<" #: Help#2 msgid ">>" msgstr ">>" #: Help#3 msgctxt "Help#3" msgid "&Done" msgstr "&Bitti" #: ImportMulti#1 msgid "Import PKI Items" msgstr "" #: ImportMulti#2 msgid "Import &All" msgstr "" #: ImportMulti#3 msgctxt "ImportMulti#3" msgid "&Import" msgstr "&İçe Aktar" #: ImportMulti#4 msgctxt "ImportMulti#4" msgid "&Done" msgstr "&Bitti" #: ImportMulti#5 #, fuzzy msgid "&Remove from list" msgstr "&İptal listesi" #: ImportMulti#6 msgid "Details" msgstr "Detaylar" #: ImportMulti#7 msgid "Delete from token" msgstr "" #: ImportMulti#8 msgid "Rename on token" msgstr "" #: ImportMulti#9 msgid "" "\n" "Name: %1\n" "Model: %2\n" "Serial: %3" msgstr "" #: ImportMulti#10 msgid "Manage security token" msgstr "" #: ImportMulti#11 msgid "The type of the Item '%1' is not recognized" msgstr "" #: ImportMulti#12 msgid "Details of the item '%1' cannot be shown" msgstr "" #: ImportMulti#13 msgid "The type of the item '%1' is not recognized" msgstr "" #: ImportMulti#14 msgid "The file '%1' did not contain PKI data" msgstr "" #: ImportMulti#15 msgid "The %1 files: '%2' did not contain PKI data" msgstr "" #: KeyDetail#1 msgctxt "KeyDetail#1" msgid "Name" msgstr "İsim" #: KeyDetail#2 msgid "The internal name of the key used by xca" msgstr "" #: KeyDetail#3 msgctxt "KeyDetail#3" msgid "Security token" msgstr "" #: KeyDetail#4 msgid "Manufacturer" msgstr "" #: KeyDetail#5 msgctxt "KeyDetail#5" msgid "Serial" msgstr "Seri" #: KeyDetail#6 msgctxt "KeyDetail#6" msgid "Key" msgstr "" #: KeyDetail#7 msgid "Public Exponent" msgstr "" #: KeyDetail#8 msgctxt "KeyDetail#8" msgid "Keysize" msgstr "" #: KeyDetail#9 msgid "Private Exponent" msgstr "" #: KeyDetail#10 msgid "Modulus" msgstr "" #: KeyDetail#11 msgid "Details of the %1 key" msgstr "" #: KeyDetail#12 msgctxt "KeyDetail#12" msgid "Not available" msgstr "" #: KeyDetail#13 msgid "Token" msgstr "" #: KeyDetail#14 msgid "Security token ID:%1" msgstr "" #: KeyDetail#15 msgid "Available" msgstr "" #: KeyDetail#16 msgid "Sub prime" msgstr "" #: KeyDetail#17 msgid "Public key" msgstr "" #: KeyDetail#18 msgctxt "KeyDetail#18" msgid "Private key" msgstr "" #: KeyDetail#19 msgid "Curve name" msgstr "" #: KeyDetail#20 msgid "Unknown key" msgstr "" #: MainWindow#1 msgid "Private Keys" msgstr "" #: MainWindow#2 msgid "&New Key" msgstr "" #: MainWindow#3 msgid "&Export" msgstr "" #: MainWindow#4 msgctxt "MainWindow#4" msgid "&Import" msgstr "" #: MainWindow#5 msgid "Import PFX (PKCS#12)" msgstr "" #: MainWindow#6 msgid "&Show Details" msgstr "" #: MainWindow#7 msgid "&Delete" msgstr "&Sil" #: MainWindow#8 msgid "Certificate signing requests" msgstr "" #: MainWindow#9 msgid "&New Request" msgstr "" #: MainWindow#10 msgid "Certificates" msgstr "Sertifikalar" #: MainWindow#11 msgid "&New Certificate" msgstr "" #: MainWindow#12 msgid "Import &PKCS#12" msgstr "" #: MainWindow#13 msgid "Import P&KCS#7" msgstr "" #: MainWindow#14 msgctxt "MainWindow#14" msgid "Plain View" msgstr "" #: MainWindow#15 msgid "Templates" msgstr "" #: MainWindow#16 msgid "&New template" msgstr "" #: MainWindow#17 msgid "Ch&ange Template" msgstr "" #: MainWindow#18 msgid "Revocation lists" msgstr "" #: MainWindow#19 msgid "" "Using or exporting private keys will not be possible without providing the " "correct password" msgstr "" #: MainWindow#20 msgid "Database" msgstr "Veri Tabanı" #: MainWindow#21 msgid "No deleted items found" msgstr "" #: MainWindow#22 msgid "&File" msgstr "&Dosya" #: MainWindow#23 msgid "&New DataBase" msgstr "" #: MainWindow#24 msgid "&Open DataBase" msgstr "" #: MainWindow#25 msgid "Generate DH parameter" msgstr "" #: MainWindow#26 msgid "Set as default DataBase" msgstr "" #: MainWindow#27 msgid "&Close DataBase" msgstr "" #: MainWindow#28 msgid "&Dump DataBase" msgstr "" #: MainWindow#29 msgid "C&hange DataBase password" msgstr "" #: MainWindow#30 msgid "&Import old db_dump" msgstr "" #: MainWindow#31 msgid "&Undelete items" msgstr "" #: MainWindow#32 msgid "Options" msgstr "" #: MainWindow#33 msgid "Exit" msgstr "Çıkış" #: MainWindow#34 msgid "I&mport" msgstr "" #: MainWindow#35 msgid "Keys" msgstr "" #: MainWindow#36 msgid "Requests" msgstr "" #: MainWindow#37 msgid "PKCS#12" msgstr "" #: MainWindow#38 msgctxt "MainWindow#38" msgid "PKCS#7" msgstr "" #: MainWindow#39 msgctxt "MainWindow#39" msgid "Template" msgstr "" #: MainWindow#40 msgid "Revocation list" msgstr "" #: MainWindow#41 msgid "PEM file" msgstr "" #: MainWindow#42 msgid "&Token" msgstr "" #: MainWindow#43 msgid "&Manage Security token" msgstr "" #: MainWindow#44 msgid "&Init Security token" msgstr "" #: MainWindow#45 msgid "&Change PIN" msgstr "" #: MainWindow#46 msgid "Change &SO PIN" msgstr "" #: MainWindow#47 msgid "Init PIN" msgstr "" #: MainWindow#48 msgid "&Help" msgstr "&Yardım" #: MainWindow#49 msgid "&Content" msgstr "" #: MainWindow#50 msgid "&About" msgstr "&Hakkında" #: MainWindow#51 msgid "Donations" msgstr "" #: MainWindow#52 msgid "Database dump ( *.dump );;All files ( * )" msgstr "" #: MainWindow#53 msgid "Import password" msgstr "" #: MainWindow#54 msgid "Please enter the password of the old database" msgstr "" #: MainWindow#55 msgid "Password verification error. Ignore keys ?" msgstr "" #: MainWindow#56 msgid "Import anyway" msgstr "" #: MainWindow#57 #, fuzzy msgctxt "MainWindow#57" msgid "Cancel" msgstr "İptal" #: MainWindow#58 msgid "no such option: %1" msgstr "" #: MainWindow#59 msgid "Import PEM data" msgstr "" #: MainWindow#60 msgid "Please enter the original SO PIN (PUK) of the token '%1'" msgstr "" #: MainWindow#61 msgid "Please enter the new SO PIN (PUK) of the token '%1'" msgstr "" #: MainWindow#62 msgid "The new label of the token '%1'" msgstr "" #: MainWindow#63 msgid "The token '%1' did not contain any keys or certificates" msgstr "" #: MainWindow#64 msgid "New Password" msgstr "Yeni Parola" #: MainWindow#65 msgid "" "Please enter the new password to encrypt your private keys in the database-" "file" msgstr "" #: MainWindow#66 msgid "" "Please enter a password, that will be used to encrypt your private keys in " "the database file:\n" "%1" msgstr "" #: MainWindow#67 msgid "Password verify error, please try again" msgstr "" #: MainWindow#68 #, fuzzy msgctxt "MainWindow#68" msgid "Password" msgstr "Parola" #: MainWindow#69 msgid "" "Please enter the password for unlocking the database:\n" "%1" msgstr "" #: MainWindow#70 msgid "The following error occurred:" msgstr "" #: MainWindow#71 msgid "Copy to Clipboard" msgstr "" #: MainWindow#72 msgid "" "Diffie-Hellman paramters are needed for different applications. They are " "neither used by XCA nor stored in the database. After generating them, XCA " "will ask for a filename to store the DH parameters\n" "Please enter the DH parameter bits" msgstr "" #: MainWindow#73 msgctxt "MainWindow#73" msgid "Error opening file: '%1': %2" msgstr "" #: NewCrl#1 msgid "Create CRL" msgstr "" #: NewCrl#2 msgid "Dates" msgstr "" #: NewCrl#3 msgid "last update" msgstr "" #: NewCrl#4 msgid "next update" msgstr "" #: NewCrl#5 msgctxt "NewCrl#5" msgid "Days" msgstr "Gün" #: NewCrl#6 msgctxt "NewCrl#6" msgid "Months" msgstr "Ay" #: NewCrl#7 msgctxt "NewCrl#7" msgid "Years" msgstr "Yıl" #: NewCrl#8 msgctxt "NewCrl#8" msgid "Midnight" msgstr "" #: NewCrl#9 msgctxt "NewCrl#9" msgid "Apply" msgstr "Uygula" #: NewCrl#10 msgid "Hashing algorithm" msgstr "" #: NewCrl#11 msgctxt "NewCrl#11" msgid "Extensions" msgstr "" #: NewCrl#12 msgid "Authority key identifier" msgstr "" #: NewCrl#13 msgid "Subject alternative name" msgstr "" #: NewCrl#14 msgid "CRL Number" msgstr "" #: NewCrl#15 msgid "Revocation reasons" msgstr "" #: NewKey#1 msgid "New key" msgstr "" #: NewKey#2 msgid "Please give a name to the new key and select the desired keysize" msgstr "" #: NewKey#3 msgid "Key properties" msgstr "" #: NewKey#4 msgctxt "NewKey#4" msgid "Name" msgstr "İsim" #: NewKey#5 msgid "The internal name of the new key" msgstr "" #: NewKey#6 msgctxt "NewKey#6" msgid "New Key" msgstr "" #: NewKey#7 msgid "Curve" msgstr "" #: NewKey#8 msgctxt "NewKey#8" msgid "Keysize" msgstr "" #: NewKey#9 msgid "Usually 1024 or 2048 bit keys are used" msgstr "" #: NewKey#10 msgid "Keytype" msgstr "" #: NewKey#11 msgctxt "NewKey#11" msgid "Create" msgstr "Oluştur" #: NewX509#1 msgctxt "NewX509#1" msgid "Create" msgstr "Oluştur" #: NewX509#2 msgid "Source" msgstr "Kaynak" #: NewX509#3 msgid "Signing request" msgstr "" #: NewX509#4 msgid "" "A certificate signing request can be signed, even if the private key of the " "request is not available. This is the intention of a CSR:\n" "Getting signed by a CA certificate, whoes certificate of course must be in " "the database\n" "Of course you need the private key of the CSR if you want to create a self-" "signed cert from it." msgstr "" #: NewX509#5 msgid "Show request" msgstr "" #: NewX509#6 msgid "Sign this Certificate signing &request" msgstr "" #: NewX509#7 msgid "Copy extensions from the request" msgstr "" #: NewX509#8 msgid "Modify subject of the request" msgstr "" #: NewX509#9 msgid "Signing" msgstr "" #: NewX509#10 msgid "Create a &self signed certificate with the serial" msgstr "" #: NewX509#11 msgid "If you leave this blank the serial 00 will be used" msgstr "" #: NewX509#12 msgid "1" msgstr "1" #: NewX509#13 msgid "Use &this Certificate for signing" msgstr "" #: NewX509#14 msgid "All certificates in your database that can create valid signatures" msgstr "" #: NewX509#15 msgid "" "This list contains all certificates with the CA-flag set to true and whoes " "private key is present in the key-database.\n" "If this list is disabled, you only can create a self-signed certificate." msgstr "" #: NewX509#16 msgctxt "NewX509#16" msgid "Signature algorithm" msgstr "" #: NewX509#17 msgid "Template for the new certificate" msgstr "" #: NewX509#18 msgid "All available templates" msgstr "" #: NewX509#19 msgid "This list contains all templates from the toplevel template Tab" msgstr "" #: NewX509#20 msgid "Apply extensions" msgstr "" #: NewX509#21 msgid "Apply subject" msgstr "" #: NewX509#22 msgid "Apply all" msgstr "" #: NewX509#23 msgctxt "NewX509#23" msgid "Subject" msgstr "Konu" #: NewX509#24 msgid "Organisation" msgstr "Organizasyon" #: NewX509#25 msgid "" "This name is only used internally and does not appear in the resulting " "certificate" msgstr "" #: NewX509#26 msgid "Must be exactly 2 letter of size (DE, UK)" msgstr "" #: NewX509#27 msgid "Country code" msgstr "Ülke kodu" #: NewX509#28 msgid "State or Province" msgstr "" #: NewX509#29 msgid "Locality" msgstr "" #: NewX509#30 msgid "Organisational unit" msgstr "" #: NewX509#31 msgid "E-Mail address" msgstr "E-posta adresi" #: NewX509#32 msgctxt "NewX509#32" msgid "Internal name" msgstr "Dahili adı" #: NewX509#33 msgid "Common name" msgstr "" #: NewX509#34 msgctxt "NewX509#34" msgid "Add" msgstr "Ekle" #: NewX509#35 msgctxt "NewX509#35" msgid "Delete" msgstr "Sil" #: NewX509#36 msgctxt "NewX509#36" msgid "Private key" msgstr "" #: NewX509#37 msgid "This list only contains unused keys" msgstr "" #: NewX509#38 msgid "Used keys too" msgstr "" #: NewX509#39 msgid "&Generate a new key" msgstr "" #: NewX509#40 msgctxt "NewX509#40" msgid "Extensions" msgstr "" #: NewX509#41 msgid "Basic constraints" msgstr "" #: NewX509#42 msgctxt "NewX509#42" msgid "Type" msgstr "Tür" #: NewX509#43 msgid "If this will become a CA certificate or not" msgstr "" #: NewX509#44 msgid "" "Set this to TRUE if you want to create a CA certificate that signs other " "certificates.\n" "This is always set to FALSE for client or server certificates. In most cases " "self-signed certificates are CA certificates.\n" "Self-signed non-CA certificates are unusual although they are possible." msgstr "" #: NewX509#45 msgid "Not defined" msgstr "" #: NewX509#46 msgid "Certification Authority" msgstr "" #: NewX509#47 msgid "End Entity" msgstr "" #: NewX509#48 msgid "Path length" msgstr "" #: NewX509#49 msgid "How much CAs may be below this." msgstr "" #: NewX509#50 msgid "" "If this is left empty the pathlen is not included in the certificate. " "Otherwise it distinguishes the count of chained CA certificates below this " "one.\n" "A pathlen of 0 means, that this certificate may not issue other sub-CA " "certificates. Although it can do it, all chain-checking algorithms in e.g. " "your browser or openssl will (should) fail." msgstr "" #: NewX509#51 msgid "The basic constraints should always be critical" msgstr "" #: NewX509#52 msgid "Key identifier" msgstr "" #: NewX509#53 msgid "Creates a hash of the key following the PKIX guidelines" msgstr "" #: NewX509#54 msgid "Copy the Subject Key Identifier from the issuer" msgstr "" #: NewX509#55 msgid "" "If this box is checked an attempt is made to copy the subject key identifier " "from the signing certificate.\n" "It also copies the issuer and serial number from the issuer certificate. " "Normally this will only be done if the keyid option fails." msgstr "" #: NewX509#56 msgctxt "NewX509#56" msgid "Validity" msgstr "" #: NewX509#57 msgctxt "NewX509#57" msgid "Not before" msgstr "" #: NewX509#58 msgctxt "NewX509#58" msgid "Not after" msgstr "" #: NewX509#59 msgctxt "NewX509#59" msgid "Time range" msgstr "" #: NewX509#60 msgctxt "NewX509#60" msgid "Days" msgstr "Gün" #: NewX509#61 msgctxt "NewX509#61" msgid "Months" msgstr "Ay" #: NewX509#62 msgctxt "NewX509#62" msgid "Years" msgstr "Yıl" #: NewX509#63 msgctxt "NewX509#63" msgid "Apply" msgstr "Uygula" #: NewX509#64 msgid "Set the time to 00:00:00 and 23:59:59 respectively" msgstr "" #: NewX509#65 msgctxt "NewX509#65" msgid "Midnight" msgstr "" #: NewX509#66 msgctxt "NewX509#66" msgid "No well-defined expiration" msgstr "" #: NewX509#67 msgid "Authority Info Access" msgstr "" #: NewX509#68 msgid "CRL distribution point" msgstr "" #: NewX509#69 msgid "issuer alternative name" msgstr "" #: NewX509#70 msgid "URI:" msgstr "" #: NewX509#71 msgid "" "This is a multi-valued extension that supports all the literal options of " "subject alternative name. Of the few software packages that currentlyi " "nterpret this extension most only interpret the URI option.\n" "Currently each option will set a new DistributionPoint with the fullName " "field set to the given value.\n" "Other fields like cRLissuer and reasons cannot currently be set or " "displayed: at this time no examples were available that used these fields.\n" "If you see this extension with when you attempt to print it " "out or it doesn't appear to display correctly then let steve know, including " "the certificate (mail steve at openssl dot org) .\n" "Examples:\n" "URI:http://www.myhost.com/myca.crl\n" "URI:http://www.my.com/my.crl, URI:http://www.oth.com/my.crl" msgstr "" #: NewX509#72 msgid "can be altered by the file \"aia.txt\"" msgstr "" #: NewX509#73 msgid "Edit" msgstr "Düzenle" #: NewX509#74 msgid "DNS: IP: URI: email: RID:" msgstr "" #: NewX509#75 msgid "" "The authority information access extension gives details about how to access " "certain information relating to the CA. Its syntax is accessOID;location " "where 'location' has the same syntax as subject alternative name (except " "that email:copy is not supported). accessOID can be any valid OID but only " "certain values are meaningful for example OCSP and caIssuers. OCSP gives the " "location of an OCSP responder: this is used by Netscape PSM and other " "software.\n" "\n" "Example:\n" "\n" "OCSP;URI:http://ocsp.my.host/\n" "caIssuers;URI:http://my.ca/ca.html" msgstr "" #: NewX509#76 msgid "" "The subject alternative name extension allows various literal values to be " "used. These include \"email\" (an email address) , \"URI\" a uniform " "resource indicator, \"DNS\" (a DNS domain name) , RID (a registered ID: " "OBJECT IDENTIFIER) and IP (an IP address).\n" "Examples:\n" "email:my@other.address, IP: 1.1.1.1 , URI:http://my.url.here/\n" "email:my@other.address, RID:1.2.3.4, DNS: ns.server.tld" msgstr "" #: NewX509#77 msgid "subject alternative name" msgstr "" #: NewX509#78 msgid "" "The issuer alternative name extension allows various literal values to be " "used. These include \"email\" (an email address) , \"URI\" a uniform " "resource indicator, \"DNS\" (a DNS domain name), RID (a registered ID: " "OBJECT IDENTIFIER) and IP (an IP address).\n" "Examples:\n" "email:my@other.address, IP: 1.1.1.1 , URI:http://my.url.here/\n" "email:my@other.address, RID:1.2.3.4, DNS: ns.server.tld" msgstr "" #: NewX509#79 msgid "Key usage" msgstr "" #: NewX509#80 msgid "Extended key usage" msgstr "" #: NewX509#81 msgid "Netscape" msgstr "" #: NewX509#82 msgid "CA Revocation URL" msgstr "" #: NewX509#83 msgid "Revocation URL" msgstr "" #: NewX509#84 msgid "SSL server name" msgstr "" #: NewX509#85 msgid "Certificate renewal URL" msgstr "" #: NewX509#86 msgid "Comment" msgstr "" #: NewX509#87 msgid "CA policy URL" msgstr "" #: NewX509#88 msgid "Base URL" msgstr "" #: NewX509#89 msgid "If you know a more pretty one tell me" msgstr "" #: NewX509#90 msgid "Advanced" msgstr "Gelişmiş" #: NewX509#91 msgctxt "NewX509#91" msgid "Validate" msgstr "" #: NewX509#92 msgid "Create a &self signed certificate with a MD5-hashed QA serial" msgstr "" #: NewX509#93 msgid "Create Certificate signing request" msgstr "" #: NewX509#94 msgid "minimum size: %1" msgstr "" #: NewX509#95 msgid "maximum size: %1" msgstr "" #: NewX509#96 msgid "only a-z A-Z 0-9 '()+,-./:=?" msgstr "" #: NewX509#97 msgid "only 7-bit clean characters" msgstr "" #: NewX509#98 msgid "XCA template" msgstr "" #: NewX509#99 msgid "Create x509 Certificate" msgstr "" #: NewX509#100 msgid "From PKCS#10 request" msgstr "" #: NewX509#101 msgid "Other Tabs" msgstr "" #: NewX509#102 msgid "Advanced Tab" msgstr "" #: NewX509#103 msgid "Errors" msgstr "Hatalar" #: NewX509#104 msgctxt "NewX509#104" msgid "Abort rollout" msgstr "" #: NewX509#105 msgid "The following length restrictions of RFC3280 are violated:" msgstr "" #: NewX509#106 msgid "Edit subject" msgstr "" #: NewX509#107 msgctxt "NewX509#107" msgid "Continue rollout" msgstr "" #: NewX509#108 msgid "" "The verification of the Certificate request failed.\n" "The rollout should be aborted." msgstr "" #: NewX509#109 msgid "Continue anyway" msgstr "" #: NewX509#110 msgid "" "The internal name and the common name are empty.\n" "Please set at least the internal name." msgstr "" #: NewX509#111 msgid "Edit name" msgstr "İsmi Düzenle" #: NewX509#112 msgid "There is no Key selected for signing." msgstr "" #: NewX509#113 msgid "Select key" msgstr "" #: NewX509#114 msgid "" "The following distinguished name entries are empty:\n" "%1\n" "though you have declared them as mandatory in the options menu." msgstr "" #: NewX509#115 msgctxt "NewX509#115" msgid "The key you selected for signing is not a private one." msgstr "" #: NewX509#116 msgid "Select other signer" msgstr "" #: NewX509#117 msgid "Select other key" msgstr "" #: NewX509#118 msgctxt "NewX509#118" msgid "" "The certificate will be earlier valid than the signer. This is probably not " "what you want." msgstr "" #: NewX509#119 msgid "Edit dates" msgstr "" #: NewX509#120 msgctxt "NewX509#120" msgid "Adjust date and continue" msgstr "" #: NewX509#121 msgctxt "NewX509#121" msgid "" "The certificate will be longer valid than the signer. This is probably not " "what you want." msgstr "" #: NewX509#122 msgid "" "The certificate will be out of date before it becomes valid. You most " "probably mixed up both dates." msgstr "" #: NewX509#123 msgid "" "The certificate contains duplicated extensions. Check the validation on the " "advanced tab." msgstr "" #: NewX509#124 msgid "Edit extensions" msgstr "" #: NewX509#125 msgid "Configfile error on line %1\n" msgstr "" #: Options#1 msgid "XCA Options" msgstr "" #: Options#2 msgid "Mandatory subject entries" msgstr "" #: Options#3 msgctxt "Options#3" msgid "Add" msgstr "" #: Options#4 msgctxt "Options#4" msgid "Delete" msgstr "" #: Options#5 msgid "Default hash algorithm" msgstr "" #: Options#6 msgid "String types" msgstr "" #: Options#7 msgid "Suppress success messages" msgstr "" #: Options#8 msgid "PKCS#11 provider" msgstr "" #: Options#9 msgid "Remove" msgstr "" #: Options#10 msgid "Printable string or UTF8 (default)" msgstr "" #: Options#11 msgid "PKIX recommendation in RFC2459" msgstr "" #: Options#12 msgid "No BMP strings, only printable and T61" msgstr "" #: Options#13 msgid "UTF8 strings only (RFC2459)" msgstr "" #: Options#14 msgid "All strings" msgstr "" #: Options#15 msgid "Load failed" msgstr "" #: PwDialog#1 #, fuzzy msgctxt "PwDialog#1" msgid "Password" msgstr "Parola" #: PwDialog#2 msgid "" "The password is parsed as 2-digit hex code. It must have an equal number of " "digits (0-9 and a-f)" msgstr "" #: PwDialog#3 msgid "Take as HEX string" msgstr "" #: PwDialog#4 msgid "Repeat %1" msgstr "" #: PwDialog#5 msgid "%1 mismatch" msgstr "" #: PwDialog#6 msgid "" "Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it " "must consist of an even number of characters" msgstr "" #: PwDialog#7 msgid "E&xit" msgstr "" #: QObject#1 msgid "Undefined" msgstr "" #: QObject#2 msgid "DB: Rename: '%1' already in use" msgstr "" #: QObject#3 msgid "DB: Entry to rename not found: %1" msgstr "" #: QObject#4 msgid "DB: Write error %1 - %2" msgstr "" #: QObject#5 msgid "Out of data" msgstr "" #: QObject#6 msgid "Error finding endmarker of string" msgstr "" #: QObject#7 msgid "Out of Memory at %1:%2" msgstr "" #: QObject#8 msgctxt "QObject#8" msgid "All files ( * )" msgstr "" #: QObject#9 msgid "PKI Keys ( *.pem *.der *.key );;PKCS#8 Keys ( *.p8 *.pk8 );;" msgstr "" #: QObject#10 msgid "Import RSA key" msgstr "" #: QObject#11 msgid "PKCS#10 CSR ( *.pem *.der *.csr );;Netscape Request ( *.spkac *.spc );;" msgstr "" #: QObject#12 msgid "Import Request" msgstr "" #: QObject#13 msgid "Certificates ( *.pem *.der *.crt *.cer );;" msgstr "" #: QObject#14 msgid "Import X.509 Certificate" msgstr "" #: QObject#15 msgid "PKCS#7 data ( *.p7s *.p7m *.p7b );;" msgstr "" #: QObject#16 msgid "Import PKCS#7 Certificates" msgstr "" #: QObject#17 msgid "PKCS#12 Certificates ( *.p12 *.pfx );;" msgstr "" #: QObject#18 msgid "Import PKCS#12 Private Certificate" msgstr "" #: QObject#19 msgid "XCA templates ( *.xca );;" msgstr "" #: QObject#20 msgid "Import XCA Templates" msgstr "" #: QObject#21 msgid "Revocation lists ( *.pem *.der *.crl );;" msgstr "" #: QObject#22 msgid "Import Certificate Revocation List" msgstr "" #: QObject#23 msgid "XCA Databases ( *.xdb );;" msgstr "" #: QObject#24 msgid "Open XCA Database" msgstr "" #: QObject#25 msgid "PKCS#11 library ( *.dll );;" msgstr "" #: QObject#26 msgid "PKCS#11 library ( *.dylib *.so );;" msgstr "" #: QObject#27 msgid "PKCS#11 library ( *.so );;" msgstr "" #: QObject#28 msgid "Open PKCS#11 shared library" msgstr "" #: QObject#29 msgid "PEM files ( *.pem );;" msgstr "" #: QObject#30 msgid "Load PEM encoded file" msgstr "" #: QObject#31 msgid "Please enter the PIN on the PinPad" msgstr "" #: QObject#32 msgid "Please enter the SO PIN (PUK) of the token %1" msgstr "" #: QObject#33 msgid "Please enter the PIN of the token %1" msgstr "" #: QObject#34 msgid "No Security token found" msgstr "" #: QObject#35 msgid "Select" msgstr "" #: QObject#36 msgid "Please enter the new SO PIN (PUK) for the token: '%1'" msgstr "" #: QObject#37 msgid "Please enter the new PIN for the token: '%1'" msgstr "" #: QObject#38 msgid "Required PIN size: %1 - %2" msgstr "" #: QObject#39 msgid "Failed to open PKCS11 library: %1" msgstr "" #: QObject#40 msgid "PKCS#11 function '%1' failed: %2" msgstr "" #: QObject#41 msgid "" "PKCS#11 function '%1' failed: %2\n" "In library %3\n" "%4" msgstr "" #: QObject#42 msgid "Invalid" msgstr "" #: QObject#43 msgid "%1 is shorter than %2 bytes: '%3'" msgstr "" #: QObject#44 msgid "%1 is longer than %2 bytes: '%3'" msgstr "" #: Revoke#1 msgid "Revocation details" msgstr "" #: Revoke#2 msgid "Invalid since" msgstr "" #: Revoke#3 msgid "Revocation reason" msgstr "" #: SelectToken#1 msgid "Select Token" msgstr "" #: SelectToken#2 msgctxt "SelectToken#2" msgid "Security token" msgstr "" #: SelectToken#3 msgid "Please select the security token" msgstr "" #: TrustState#1 msgid "Set trustment of the Certificate" msgstr "" #: TrustState#2 msgid "Trustment" msgstr "" #: TrustState#3 msgid "&Never trust this certificate" msgstr "" #: TrustState#4 msgid "Only &trust this certificate, if we trust the signer" msgstr "" #: TrustState#5 msgid "&Always trust this certificate" msgstr "" #: Validity#1 msgid "yyyy-MM-dd hh:mm" msgstr "" #: db_base#1 msgctxt "db_base#1" msgid "Internal name" msgstr "" #: db_base#2 msgid "Reset" msgstr "" #: db_base#3 msgid "Subject entries" msgstr "" #: db_base#4 msgid "Paste PEM data" msgstr "" #: db_base#5 msgid "Columns" msgstr "" #: db_crl#1 msgid "Signer" msgstr "" #: db_crl#2 msgid "Internal name of the signer" msgstr "" #: db_crl#3 msgid "No. revoked" msgstr "" #: db_crl#4 msgid "Number of revoked certificates" msgstr "" #: db_crl#5 msgid "Last update" msgstr "" #: db_crl#6 msgid "Next update" msgstr "" #: db_crl#7 msgid "CRL number" msgstr "" #: db_crl#8 msgid "" "The revocation list already exists in the database as:\n" "'%1'\n" "and so it was not imported" msgstr "" #: db_crl#9 msgid "CRL ( *.pem *.der *.crl )" msgstr "" #: db_crl#10 msgid "Revocation list export" msgstr "" #: db_crl#11 msgctxt "db_crl#11" msgid "Import" msgstr "" #: db_crl#12 msgctxt "db_crl#12" msgid "Rename" msgstr "" #: db_crl#13 msgctxt "db_crl#13" msgid "Export" msgstr "" #: db_crl#14 msgctxt "db_crl#14" msgid "Clipboard" msgstr "" #: db_crl#15 msgctxt "db_crl#15" msgid "File" msgstr "" #: db_crl#16 msgctxt "db_crl#16" msgid "Delete" msgstr "" #: db_key#1 msgctxt "db_key#1" msgid "Type" msgstr "" #: db_key#2 msgid "Size" msgstr "" #: db_key#3 msgid "Use" msgstr "" #: db_key#4 msgctxt "db_key#4" msgid "Password" msgstr "" #: db_key#5 msgid "" "The key is already in the database as:\n" "'%1'\n" "and is not going to be imported" msgstr "" #: db_key#6 msgid "" "The database already contains the public part of the imported key as\n" "'%1\n" "and will be completed by the new, private part of the key" msgstr "" #: db_key#7 msgid "Key size too small !" msgstr "" #: db_key#8 msgid "You are sure to create a key of the size: %1 ?" msgstr "" #: db_key#9 msgid "" "Shall the original key '%1' be replaced by the key on the token?\n" "This will delete the key '%1' and make it unexportable" msgstr "" #: db_key#10 msgctxt "db_key#10" msgid "New Key" msgstr "" #: db_key#11 msgctxt "db_key#11" msgid "Import" msgstr "" #: db_key#12 msgctxt "db_key#12" msgid "Rename" msgstr "" #: db_key#13 msgctxt "db_key#13" msgid "Show Details" msgstr "" #: db_key#14 msgctxt "db_key#14" msgid "Delete" msgstr "" #: db_key#15 msgctxt "db_key#15" msgid "Export" msgstr "" #: db_key#16 msgid "Change password" msgstr "" #: db_key#17 msgid "Reset password" msgstr "" #: db_key#18 msgid "Change PIN" msgstr "" #: db_key#19 msgid "Init PIN with SO PIN (PUK)" msgstr "" #: db_key#20 msgid "Change SO PIN (PUK)" msgstr "" #: db_key#21 msgid "Store on Security token" msgstr "" #: db_key#22 msgid "Tried to change password of a token" msgstr "" #: db_key#23 msgid "Tried to change PIN of a key" msgstr "" #: db_key#24 msgid "Tried to init PIN of a key" msgstr "" #: db_key#25 msgid "Tried to change SO PIN of a key" msgstr "" #: db_temp#1 msgctxt "db_temp#1" msgid "Type" msgstr "" #: db_temp#2 msgid "Bad template: %1" msgstr "" #: db_temp#3 msgid "Nothing" msgstr "" #: db_temp#4 msgid "Preset Template values" msgstr "" #: db_temp#5 msgid "copy" msgstr "" #: db_temp#6 msgid "Save template as" msgstr "" #: db_temp#7 msgid "XCA templates ( *.xca);; All files ( * )" msgstr "" #: db_temp#8 msgid "New Template" msgstr "" #: db_temp#9 msgctxt "db_temp#9" msgid "Import" msgstr "" #: db_temp#10 msgctxt "db_temp#10" msgid "Rename" msgstr "" #: db_temp#11 msgctxt "db_temp#11" msgid "Export" msgstr "" #: db_temp#12 msgid "Change" msgstr "" #: db_temp#13 msgctxt "db_temp#13" msgid "Delete" msgstr "" #: db_temp#14 msgid "Duplicate" msgstr "" #: db_temp#15 msgid "Create certificate" msgstr "" #: db_temp#16 msgid "Create request" msgstr "" #: db_x509#1 msgid "CA" msgstr "" #: db_x509#2 msgid "reflects the basic Constraints extension" msgstr "" #: db_x509#3 msgctxt "db_x509#3" msgid "Serial" msgstr "" #: db_x509#4 msgid "md5 fingerprint" msgstr "" #: db_x509#5 msgid "sha1 fingerprint" msgstr "" #: db_x509#6 msgid "Start date" msgstr "" #: db_x509#7 msgid "not Before" msgstr "" #: db_x509#8 msgid "Expiry date" msgstr "" #: db_x509#9 msgid "not After" msgstr "" #: db_x509#10 msgid "Trust state" msgstr "" #: db_x509#11 msgctxt "db_x509#11" msgid "Revocation" msgstr "" #: db_x509#12 msgctxt "db_x509#12" msgid "Plain View" msgstr "" #: db_x509#13 msgid "Tree View" msgstr "" #: db_x509#14 msgid "" "The certificate already exists in the database as:\n" "'%1'\n" "and so it was not imported" msgstr "" #: db_x509#15 msgid "Invalid public key" msgstr "" #: db_x509#16 msgid "Please enter the new hexadecimal secret number for the QA process." msgstr "" #: db_x509#17 msgid "The QA process has been terminated by the user." msgstr "" #: db_x509#18 msgctxt "db_x509#18" msgid "The key you selected for signing is not a private one." msgstr "" #: db_x509#19 msgid "Store the certificate to the key on the token '%1 (#%2)' ?" msgstr "" #: db_x509#20 msgid "New Certificate" msgstr "" #: db_x509#21 #, fuzzy msgctxt "db_x509#21" msgid "Import" msgstr "&İçe Aktar" #: db_x509#22 msgid "Import PKCS#12" msgstr "" #: db_x509#23 msgid "Import from PKCS#7" msgstr "" #: db_x509#24 #, fuzzy msgctxt "db_x509#24" msgid "Rename" msgstr "Dosya adı" #: db_x509#25 #, fuzzy msgctxt "db_x509#25" msgid "Show Details" msgstr "Detaylar" #: db_x509#26 msgctxt "db_x509#26" msgid "Extract public Key" msgstr "" #: db_x509#27 #, fuzzy msgctxt "db_x509#27" msgid "Export" msgstr "Verme biçimi" #: db_x509#28 msgctxt "db_x509#28" msgid "Clipboard" msgstr "" #: db_x509#29 #, fuzzy msgctxt "db_x509#29" msgid "File" msgstr "&Dosya" #: db_x509#30 msgid "Request" msgstr "" #: db_x509#31 msgctxt "db_x509#31" msgid "Security token" msgstr "" #: db_x509#32 msgid "Other token" msgstr "" #: db_x509#33 msgctxt "db_x509#33" msgid "Template" msgstr "" #: db_x509#34 #, fuzzy msgctxt "db_x509#34" msgid "OpenSSL config" msgstr "Yapılandırmayı göster" #: db_x509#35 #, fuzzy msgctxt "db_x509#35" msgid "Delete" msgstr "Sil" #: db_x509#36 msgid "Delete from Security token" msgstr "" #: db_x509#37 msgid "Trust" msgstr "" #: db_x509#38 msgid "Properties" msgstr "" #: db_x509#39 msgid "Generate CRL" msgstr "" #: db_x509#40 msgctxt "db_x509#40" msgid "PKCS#7" msgstr "" #: db_x509#41 #, fuzzy msgctxt "db_x509#41" msgid "Sign" msgstr "İmzalayan:" #: db_x509#42 msgid "Encrypt" msgstr "" #: db_x509#43 msgid "Renewal" msgstr "" #: db_x509#44 msgid "Unrevoke" msgstr "" #: db_x509#45 msgid "Revoke" msgstr "" #: db_x509#46 msgid "There was no key found for the Certificate: '%1'" msgstr "" #: db_x509#47 msgid "Not possible for a token key: '%1'" msgstr "" #: db_x509#48 msgid "Not possible for the token-key Certificate '%1'" msgstr "" #: db_x509#49 msgid " days" msgstr "" #: db_x509name#1 msgctxt "db_x509name#1" msgid "Subject" msgstr "" #: db_x509name#2 msgid "Complete distinguished name" msgstr "" #: db_x509name#3 msgid "Subject hash" msgstr "" #: db_x509name#4 msgid "Hash to lookup certs in directories" msgstr "" #: db_x509req#1 msgctxt "db_x509req#1" msgid "Signed" msgstr "" #: db_x509req#2 msgid "whether the request is already signed or not" msgstr "" #: db_x509req#3 msgid "Unstructured name" msgstr "" #: db_x509req#4 #, fuzzy msgid "Challenge password" msgstr "Yeni Parola" #: db_x509req#5 msgid "" "The certificate signing request already exists in the database as\n" "'%1'\n" "and thus was not stored" msgstr "" #: db_x509req#6 msgid "Certificate request ( *.pem *.der *.crl )" msgstr "" #: db_x509req#7 msgid "Certificate request export" msgstr "" #: db_x509req#8 msgid "New Request" msgstr "" #: db_x509req#9 msgctxt "db_x509req#9" msgid "Import" msgstr "" #: db_x509req#10 msgctxt "db_x509req#10" msgid "Extract public Key" msgstr "" #: db_x509req#11 msgctxt "db_x509req#11" msgid "Rename" msgstr "" #: db_x509req#12 msgctxt "db_x509req#12" msgid "Show Details" msgstr "" #: db_x509req#13 msgctxt "db_x509req#13" msgid "Sign" msgstr "" #: db_x509req#14 msgctxt "db_x509req#14" msgid "Export" msgstr "" #: db_x509req#15 msgctxt "db_x509req#15" msgid "Clipboard" msgstr "" #: db_x509req#16 msgctxt "db_x509req#16" msgid "File" msgstr "" #: db_x509req#17 msgctxt "db_x509req#17" msgid "Template" msgstr "" #: db_x509req#18 #, fuzzy msgctxt "db_x509req#18" msgid "OpenSSL config" msgstr "Yapılandırmayı göster" #: db_x509req#19 #, fuzzy msgctxt "db_x509req#19" msgid "Delete" msgstr "Sil" #: db_x509super#1 msgid "Key name" msgstr "" #: db_x509super#2 msgid "Internal name of the key" msgstr "" #: db_x509super#3 msgid "Save as OpenSSL config" msgstr "" #: db_x509super#4 #, fuzzy msgid "Config files ( *.conf *.cnf);; All files ( * )" msgstr "X509 sertifikası (*cer *.crt *.p12 *.p7b);;Tüm dosyalar (*)" #: db_x509super#5 msgid "The following extensions were not ported into the template" msgstr "" #: kvView#1 msgctxt "kvView#1" msgid "Type" msgstr "" #: kvView#2 msgid "Content" msgstr "" #: pass_info#1 msgctxt "pass_info#1" msgid "Password" msgstr "" #: pass_info#2 msgctxt "pass_info#2" msgid "PIN" msgstr "" #: pki_base#1 msgctxt "pki_base#1" msgid "Error opening file: '%1': %2" msgstr "" #: pki_base#2 msgid "Error writing to file: '%1': %2" msgstr "" #: pki_base#3 msgid "Error: " msgstr "" #: pki_base#4 msgid "Internal error: Unexpected message: %1 %2" msgstr "" #: pki_crl#1 msgid "Successfully imported the revocation list '%1'" msgstr "" #: pki_crl#2 msgid "Delete the revocation list '%1'?" msgstr "" #: pki_crl#3 msgid "Successfully created the revocation list '%1'" msgstr "" #: pki_crl#4 msgid "Delete the %1 revocation lists: %2?" msgstr "" #: pki_crl#5 msgid "" "Unable to load the revocation list in file %1. Tried PEM and DER formatted " "CRL." msgstr "" #: pki_crl#6 msgid "No issuer given" msgstr "" #: pki_crl#7 msgctxt "pki_crl#7" msgid "Wrong Size %1" msgstr "" #: pki_crl#8 msgid "unknown" msgstr "" #: pki_evp#1 msgid "Failed to decrypt the key (bad password) " msgstr "" #: pki_evp#2 msgid "Please enter the password to decrypt the private key." msgstr "" #: pki_evp#3 msgid "" "Please enter the password to decrypt the private key from file:\n" "%1" msgstr "" #: pki_evp#4 msgid "" "Unable to load the private key in file %1. Tried PEM and DER private, public " "and PKCS#8 key types." msgstr "" #: pki_evp#5 msgid "Please enter the password to decrypt the private key: '%1'" msgstr "" #: pki_evp#6 msgid "Password input aborted" msgstr "" #: pki_evp#7 msgid "Please enter the database password for decrypting the key '%1'" msgstr "" #: pki_evp#8 msgid "Please enter the password to protect the private key: '%1'" msgstr "" #: pki_evp#9 msgid "Please enter the database password for encrypting the key" msgstr "" #: pki_evp#10 msgid "Please enter the password protecting the PKCS#8 key '%1'" msgstr "" #: pki_evp#11 msgid "Please enter the export password for the private key '%1'" msgstr "" #: pki_key#1 msgid "Successfully imported the %1 public key '%2'" msgstr "" #: pki_key#2 msgid "Delete the %1 public key '%2'?" msgstr "" #: pki_key#3 msgid "Successfully imported the %1 private key '%2'" msgstr "" #: pki_key#4 msgid "Delete the %1 private key '%2'?" msgstr "" #: pki_key#5 msgid "Successfully created the %1 private key '%2'" msgstr "" #: pki_key#6 msgctxt "pki_key#6" msgid "Delete the %1 keys: %2?" msgstr "" #: pki_key#7 msgid "public key" msgstr "" #: pki_key#8 msgid "Common" msgstr "" #: pki_key#9 msgid "Private" msgstr "" #: pki_key#10 msgid "Bogus" msgstr "" #: pki_key#11 msgctxt "pki_key#11" msgid "PIN" msgstr "" #: pki_key#12 msgid "No password" msgstr "" #: pki_multi#1 msgid "Seek failed" msgstr "" #: pki_pkcs12#1 msgid "" "Please enter the password to decrypt the PKCS#12 file:\n" "%1" msgstr "" #: pki_pkcs12#2 msgid "Unable to load the PKCS#12 (pfx) file %1." msgstr "" #: pki_pkcs12#3 msgid "The supplied password was wrong (%1)" msgstr "" #: pki_pkcs12#4 msgid "Please enter the password to encrypt the PKCS#12 file" msgstr "" #: pki_pkcs12#5 msgid "No key or no Cert and no pkcs12" msgstr "" #: pki_pkcs7#1 msgid "Unable to load the PKCS#7 file %1. Tried PEM and DER format." msgstr "" #: pki_scard#1 msgid "Successfully imported the token key '%1'" msgstr "" #: pki_scard#2 msgid "Delete the token key '%1'?" msgstr "" #: pki_scard#3 msgid "Successfully created the token key '%1'" msgstr "" #: pki_scard#4 msgctxt "pki_scard#4" msgid "Delete the %1 keys: %2?" msgstr "" #: pki_scard#5 msgid "Delete the private key '%1' from the token '%2 (#%3)' ?" msgstr "" #: pki_scard#6 msgid "only RSA keys can be stored on tokens" msgstr "" #: pki_scard#7 msgid "This Key is already on the token" msgstr "" #: pki_scard#8 msgid "PIN input aborted" msgstr "" #: pki_scard#9 msgid "Unable to find copied key on the token" msgstr "" #: pki_scard#10 msgid "Please insert card: %1 %2 [%3] with Serial: %4" msgstr "" #: pki_scard#11 msgid "Public Key mismatch. Please re-import card" msgstr "" #: pki_scard#12 msgid "Unable to find generated key on card" msgstr "" #: pki_scard#13 msgctxt "pki_scard#13" msgid "Wrong Size %1" msgstr "" #: pki_scard#14 msgid "Token %1" msgstr "" #: pki_scard#15 msgid "Failed to find the key on the token" msgstr "" #: pki_scard#16 msgid "Invalid Pin for the token" msgstr "" #: pki_temp#1 msgid "Successfully imported the XCA template '%1'" msgstr "" #: pki_temp#2 msgid "Delete the XCA template '%1'?" msgstr "" #: pki_temp#3 msgid "Successfully created the XCA template '%1'" msgstr "" #: pki_temp#4 msgid "Delete the %1 XCA templates: %2?" msgstr "" #: pki_temp#5 msgctxt "pki_temp#5" msgid "Wrong Size %1" msgstr "" #: pki_temp#6 msgid "Template file content error (too small): %1" msgstr "" #: pki_temp#7 msgid "Template file content error (bad size): %1 " msgstr "" #: pki_temp#8 msgid "Template file content error (bad length) :%1" msgstr "" #: pki_x509#1 msgid "Successfully imported the certificate '%1'" msgstr "" #: pki_x509#2 msgid "Delete the certificate '%1'?" msgstr "" #: pki_x509#3 msgid "Successfully created the certificate '%1'" msgstr "" #: pki_x509#4 msgid "Delete the %1 certificates: %2?" msgstr "" #: pki_x509#5 msgid "" "Unable to load the certificate in file %1. Tried PEM and DER certificate." msgstr "" #: pki_x509#6 msgid "This certificate is already on the security token" msgstr "" #: pki_x509#7 msgid "Delete the certificate '%1' from the token '%2 (#%3)'?" msgstr "" #: pki_x509#8 msgid "There is no key for signing !" msgstr "" #: pki_x509#9 msgctxt "pki_x509#9" msgid "Wrong Size %1" msgstr "" #: pki_x509#10 msgctxt "pki_x509#10" msgid "Not trusted" msgstr "" #: pki_x509#11 msgid "Trust inherited" msgstr "" #: pki_x509#12 msgid "Always Trusted" msgstr "" #: pki_x509#13 msgid "CRL expires: %1" msgstr "" #: pki_x509#14 msgid "No" msgstr "" #: pki_x509#15 msgid "Yes" msgstr "" #: pki_x509req#1 msgid "Signing key not valid (public key)" msgstr "" #: pki_x509req#2 msgid "Successfully imported the %1 certificate request '%2'" msgstr "" #: pki_x509req#3 msgid "Delete the %1 certificate request '%2'?" msgstr "" #: pki_x509req#4 msgid "Successfully created the %1 certificate request '%2'" msgstr "" #: pki_x509req#5 msgid "Delete the %1 certificate requests: %2?" msgstr "" #: pki_x509req#6 msgid "" "Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC " "format." msgstr "" #: pki_x509req#7 msgctxt "pki_x509req#7" msgid "Signed" msgstr "" #: pki_x509req#8 msgid "Unhandled" msgstr "" #: pki_x509req#9 msgctxt "pki_x509req#9" msgid "Wrong Size %1" msgstr "" #: v3ext#1 msgctxt "v3ext#1" msgid "Add" msgstr "" #: v3ext#2 msgctxt "v3ext#2" msgid "Delete" msgstr "" #: v3ext#3 msgctxt "v3ext#3" msgid "Apply" msgstr "" #: v3ext#4 msgctxt "v3ext#4" msgid "Validate" msgstr "" #: v3ext#5 msgctxt "v3ext#5" msgid "Cancel" msgstr "" #: v3ext#6 msgid "An email address or 'copy'" msgstr "" #: v3ext#7 msgid "An email address" msgstr "" #: v3ext#8 msgid "a registered ID: OBJECT IDENTIFIER" msgstr "" #: v3ext#9 msgid "a uniform resource indicator" msgstr "" #: v3ext#10 msgid "a DNS domain name" msgstr "" #: v3ext#11 msgid "an IP address" msgstr "" #: v3ext#12 msgid "Syntax: ;TYPE:text like '1.2.3.4:UTF8:name'" msgstr "" #: v3ext#13 msgid "No editing. Only 'copy' allowed here" msgstr "" #: v3ext#14 msgid "" "Validation failed:\n" "'%1'\n" "%2" msgstr "" #: v3ext#15 msgid "" "Validation successful:\n" "'%1'" msgstr "" #: void#1 msgctxt "void#1" msgid "There was no key found for the Certificate: " msgstr "" #: void#2 msgctxt "void#2" msgid "Import Certificate signing request" msgstr "" #, fuzzy #~ msgctxt "db_x509#36" #~ msgid "Delete" #~ msgstr "Sil" #~ msgid "&Remove" #~ msgstr "&Kaldır" xca-RELEASE.2.2.1/lang/xca_pt_BR.ts0000644000175000017500000043561413614632167016064 0ustar tewardteward CaProperties CA Properties Propriedades do CA Days until next CRL issuing Dias até a próxima emissão de CRL Default template Template Padrão CertDetail Details of the Certificate Detalhes do certificado Serial Serial The serial number of the certificate O número de serial do certificado The internal name of the certificate in the database O nome interno do certificado no banco de dados Status Status Internal name Nome interno Signature Signature Key Key Fingerprints Fingerprints MD5 MD5 An md5 hashsum of the certificate Um hashsum md5 do certificado SHA1 SHA1 A SHA-1 hashsum of the certificate Um hashsum SHA-1 do certificado SHA256 SHA256 A SHA-256 hashsum of the certificate Um hashsum SHA-256 do certificado Validity Validade The time since the certificate is valid O tempo desde que o certificado é válido The time until the certificate is valid O tempo até que o certificado é válido Subject Sujeito Issuer Emitente Extensions Extensões Comment comentário Attributes Atributos Show config Mostrar configuração Show extensions Mostrar extensões Show public key This key is not in the database. Not available Não disponível Signer unknown Signatário desconhecido Self signed Auto-assinado Revoked at %1 Revoked: Revogado: Not valid Inválido Valid Válido Details of the certificate signing request Detalhes da solicitação de assinatura de certificado CertExtend Certificate renewal Renovação de certificado This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. Isso criará um novo certificado como uma cópia do antigo com um novo número de série e valores de validade ajustados. Validity Validade Not before Não antes Not after Não após Time range Intervalo de tempo Local time Horário local Days Dias Months Meses Years Anos No well-defined expiration Nenhuma expiração bem definida Midnight Meia noite Apply Aplique Revoke old certificate Revogar certificado antigo Keep serial number The certificate will be earlier valid than the signer. This is probably not what you want. O certificado será válido anteriormente do que o assinante. Isso provavelmente não é o que você quer. Edit dates Editar datas Abort rollout Abortar rollourt Continue rollout Continuar rollourt Adjust date and continue Ajuste a data e continue The certificate will be longer valid than the signer. This is probably not what you want. O certificado será mais válido do que o signatário. Isso provavelmente não é o que você quer. CertTreeView Import PKCS#12 Importar PKCS#12 Import from PKCS#7 Importado do PKCS#7 Request Requisitar Security token Token de segurança Other token Outro token Similar Certificate Certificado semelhante Delete from Security token Excluir do token de segurança CA CA Properties Propriedades Generate CRL Gerar CRL Manage revocations Gerenciar revogações Renewal Renovação Revoke Revogar Unrevoke Revogação ClickLabel Double click for details Clique duas vezes para mais detalhes CrlDetail Details of the Revocation list Detalhes da lista de revogação &Status &Status Version Signature Signature Signed by Name Nome The internal name of the CRL in the database issuing dates Next update Last update &Issuer &Extensions &Revocation list Comment comentário Failed Unknown signer Verification not possible ExportDialog Name Nome The internal name of the CRL in the database ... ... Filename Export comment into PEM file Export Format All files ( * ) Todos os arquivos (*) PEM Text format with headers Concatenated list of all selected items in one PEM text file Concatenated text format of the complete certificate chain in one PEM file Concatenated text format of all certificates in one PEM file Binary DER encoded file PKCS#7 encoded single certificate PKCS#7 encoded complete certificate chain Concatenated text format of all unrevoked certificates in one PEM file All unrevoked certificates encoded in one PKCS#7 file All selected certificates encoded in one PKCS#7 file All certificates encoded in one PKCS#7 file The certificate and the private key as encrypted PKCS#12 file The complete certificate chain and the private key as encrypted PKCS#12 file Concatenation of the certificate and the unencrypted private key in one PEM file Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Text format of the public key in one PEM file Binary DER format of the public key Unencrypted private key in text format OpenSSL specific encrypted private key in text format Unencrypted private key in binary DER format Unencrypted private key in PKCS#8 text format Encrypted private key in PKCS#8 text format The public key encoded in SSH2 format OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool vCalendar expiry reminder for the selected items vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL The file: '%1' already exists! Overwrite Do not overwrite Help << << >> >> &Done &Feito ImportMulti Import PKI Items Importar itens de PKI Import &All Importar &tudo &Import &Importar &Done &Feito &Remove from list Details Delete from token Rename on token Name: %1 Model: %2 Serial: %3 Manage security token Details of the item '%1' cannot be shown The type of the item '%1' is not recognized The file '%1' did not contain PKI data The %1 files: '%2' did not contain PKI data ItemProperties Name Nome Source Fonte Insertion date Data de inserção Comment comentário KeyDetail Name Nome The internal name of the key used by xca Security token Token de segurança Manufacturer Serial Serial Key Key Public Exponent Keysize Private Exponent Security Token Label PKCS#11 ID Token information Model Fingerprint Comment comentário Details of the %1 key Not available Não disponível Available Sub prime Public key Public key Private key Curve name Unknown key KeyTreeView Change password Mudar senha Reset password Redefinir senha Change PIN Alterar PIN Init PIN with SO PIN (PUK) PIN de inicialização com SO PIN (PUK) Change SO PIN (PUK) Alterar SO PIN (PUK) Security token Token de segurança This is not a token Isto não é um token Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable A chave original '%1' será substituída pela chave no token? Isso excluirá a chave '%1' e a tornará não exportável MainWindow Private Keys Private Keys &New Key &Nova key &Export &Exportar &Import &Importar Import PFX (PKCS#12) Importar PFX (PKCS#12) &Show Details &Mostrar detalhes &Delete &Excluir Certificate signing requests Solicitações de Assinatura de Certificado &New Request &Nova requisição Certificates Certificados &New Certificate &Novo certificado Import &PKCS#12 Importar &PKCS#12 Import P&KCS#7 Importar P&KCS#7 Plain View Vista plana Templates Modelos &New Template &Novo modelo &New CRL &Nova CRL Ch&ange Template &Alterar modelo Revocation lists Listas de revogação Using or exporting private keys will not be possible without providing the correct password Usar ou exportar chaves privadas não será possível sem fornecer a senha correta Database Base de dados The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. O hash padrão atualmente usado '%1' é inseguro. Por favor, selecione pelo menos 'SHA 224' por motivos de segurança. Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Formato de banco de dados herdado detectado. Criando uma cópia de backup chamada: '%1' e convertendo o banco de dados para o novo formato Failed to rename the database file, because the target already exists Falha ao renomear o arquivo de banco de dados, porque o destino já existe No deleted items found Nenhum item excluído encontrado Recent DataBases Bancos de Dados Recentes System System Croatian Croatian English English French French German German Russian Russian Slovak Slovak Spanish Spanish Polish Italian Chinese Dutch Portuguese in Brazil Turkish Turkish Language Language &File Ar&quivo &New DataBase &Nova base de dados &Open DataBase A&brir banco de dados Open Remote DataBase Abrir banco de dados remoto Set as default DataBase Definir como banco de dados padrão &Close DataBase &Fechar banco de dados New DataBase Open DataBase Close DataBase Options Opções Exit Saída I&mport Keys Keys Requests PKCS#12 PKCS#12 PKCS#7 PKCS#7 Template Modelos Revocation list Lista de revogação PEM file Arquivo PEM Paste PEM file Token Export Certificate &Index hierarchy Content Conteúdo &Token &Token &Manage Security token &Init Security token &Change PIN Change &SO PIN Init PIN Extra Extra &Dump DataBase &Export Certificate Index C&hange DataBase password &Undelete items Generate DH parameter OID Resolver OID Resolver &Help A&juda About Sobre no such option: %1 Import PEM data Please enter the original SO PIN (PUK) of the token '%1' Search Procurar Please enter the new SO PIN (PUK) for the token '%1' The new label of the token '%1' The token '%1' did not contain any keys or certificates Current Password Please enter the current database password The entered password is wrong New Password Nova senha Please enter the new password to encrypt your private keys in the database-file Transaction start failed Please enter a password, that will be used to encrypt your private keys in the database: %1 Password verify error, please try again Password Senha Please enter the password for unlocking the database: %1 The following error occurred: Copy to Clipboard Certificate Index ( index.txt ) All files ( * ) Todos os arquivos (*) Diffie-Hellman parameters saved as: %1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits Error opening file: '%1': %2 Erro ao abrir o arquivo: '%1': %2 NewCrl Last update Next update Days Dias Months Meses Years Anos Midnight Meia noite Local time Horário local Apply Aplique Options Opções CRL number Número CRL Subject alternative name Revocation reasons Authority key identifier Hash algorithm NewKey Please give a name to the new key and select the desired keysize Key properties Name Nome The internal name of the new key Curve name Usually at least 2048 bit keys are recommended New Key Keysize Keytype Remember as default Create NewX509 Source Fonte Signing request Show request Sign this Certificate signing &request Copy extensions from the request Modify subject of the request Signing Create a &self signed certificate Use &this Certificate for signing All certificates in your database that can create valid signatures Signature algorithm Template for the new certificate All available templates Apply extensions Apply subject Apply all Subject Sujeito Internal Name Distinguished name Nome distinto Add Adicionar Delete Excluir Private key This list only contains unused keys Used keys too &Generate a new key Extensions Extensões Type Tipo If this will become a CA certificate or not Not defined Certification Authority End Entity Path length How much CAs may be below this. The basic constraints should always be critical Key identifier Creates a hash of the key following the PKIX guidelines Copy the Subject Key Identifier from the issuer Validity Validade Not before Não antes Not after Não após Time range Intervalo de tempo Days Dias Months Meses Years Anos Apply Aplique Set the time to 00:00:00 and 23:59:59 respectively Midnight Meia noite Local time Horário local No well-defined expiration Nenhuma expiração bem definida DNS: IP: URI: email: RID: Edit Editar URI: Key usage Netscape Advanced Validate Validar Comment comentário This name is only used internally and does not appear in the resulting certificate Critical Create Certificate signing request minimum size: %1 maximum size: %1 only a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters Edit XCA template Create x509 Certificate Template '%1' applied Subject applied from template '%1' Extensions applied from template '%1' New key '%1' created Other Tabs Advanced Tab Errors From PKCS#10 request Abort rollout Abortar rollourt The following length restrictions of RFC3280 are violated: Edit subject Continue rollout Continuar rollourt The verification of the Certificate request failed. The rollout should be aborted. Continue anyway The internal name and the common name are empty. Please set at least the internal name. Edit name There is no Key selected for signing. Select key The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. The key you selected for signing is not a private one. Select other signer Select other key The certificate will be earlier valid than the signer. This is probably not what you want. O certificado será válido anteriormente do que o assinante. Isso provavelmente não é o que você quer. Edit dates Editar datas Adjust date and continue Ajuste a data e continue The certificate will be longer valid than the signer. This is probably not what you want. O certificado será mais válido do que o signatário. Isso provavelmente não é o que você quer. The certificate will be out of date before it becomes valid. You most probably mixed up both dates. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. Edit extensions The subject alternative name shall contain a copy of the common name. However, the common name is empty. Configfile error on line %1 OidResolver OID Resolver OID Resolver Enter the OID, the Nid, or one of the textual representations Digite o OID, o Nid ou uma das representações textuais Search Procurar OID OID Long name Nome longo OpenSSL internal ID ID interno do OpenSSL Nid Nid Short name Nome curto OpenDb Open remote database Abrir banco de dados remotamente Database type Tipo de banco de dados Hostname Hostname Username Nome de usuário Password Senha Database name Nome do banco de dados Table prefix Prefixo da tabela No SqLite3 driver available. Please install the qt-sqlite package of your distribution Nenhum driver SqLite3 disponível. Por favor, instale o pacote qt-sqlite de sua distribuição Please enter the password to access the database server %2 as user '%1'. Por favor, digite a senha para acessar o servidor de banco de dados %2 como usuário '%1'. The database driver does not support transactions. This may happen if the client and server have different versions. Continue with care. O driver do banco de dados não suporta transações. Isso pode acontecer se o cliente e o servidor tiverem versões diferentes. Continue com cuidado. Options XCA Options Opções XCA Settings Default hash algorithm String types Suppress success messages Don't colorize expired certificates Translate established x509 terms (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. Only use hashes supported by the token when signing with a token key Disable legacy Netscape extensions Certificate expiry warning threshold Send vCalendar expiry reminder Serial number length bit bit Distinguished name Nome distinto Mandatory subject entries Inscrições obrigatórias Add Adicionar Delete Excluir Explicit subject entries Dynamically arrange explicit subject entries Default PKCS#11 provider Remove Search Procurar Printable string or UTF8 (default) PKIX recommendation in RFC2459 No BMP strings, only printable and T61 UTF8 strings only (RFC2459) All strings Days Dias Weeks PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) A senha é analisada como código hexadecimal de 2 dígitos. Deve ter um número par de dígitos (0-9 e a-f) Take as HEX string String HEX Repeat %1 Repetir %1 %1 mismatch %1 incompatibilidade Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters A senha hexadecimal deve conter apenas os caracteres '0' - '9' e 'a' - 'f' e deve conter um número par de caracteres E&xit &Saída QObject Undefined Indefinido Broken / Invalid Quebrado / Inválido in %1 seconds em %1 segundos %1 seconds ago in %1 minutes %1 minutes ago Yesterday Tomorrow in %1 hours %1 hours ago DB: Rename: '%1' already in use DB: Entry to rename not found: %1 DB: Write error %1 - %2 Out of data Error finding endmarker of string Out of Memory at %1:%2 All files ( * ) Todos os arquivos (*) Import RSA key PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; SSH Public Keys ( *.pub );; PKCS#10 CSR ( *.pem *.der *.csr );; Import Request Certificates ( *.pem *.der *.crt *.cer );; Import X.509 Certificate PKCS#7 data ( *.p7s *.p7m *.p7b );; Import PKCS#7 Certificates PKCS#12 Certificates ( *.p12 *.pfx );; Import PKCS#12 Private Certificate XCA templates ( *.xca );; Import XCA Templates Revocation lists ( *.pem *.der *.crl );; Import Certificate Revocation List XCA Databases ( *.xdb );; Open XCA Database PKCS#11 library ( *.dll );; PKCS#11 library ( *.dylib *.so );; PKCS#11 library ( *.so );; Open PKCS#11 shared library PEM files ( *.pem );; Load PEM encoded file Please enter the PIN on the PinPad Please enter the SO PIN (PUK) of the token %1 Please enter the PIN of the token %1 No Security token found Nenhum token de segurança encontrado Select Please enter the new SO PIN (PUK) for the token: '%1' Please enter the new PIN for the token: '%1' Required PIN size: %1 - %2 Failed to open PKCS11 library: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Disabled Library loading failed PKCS#11 function '%1' failed: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 Invalid Inválido %1 is shorter than %2 bytes: '%3' %1 is longer than %2 bytes: '%3' String '%1' for '%2' contains invalid characters Error reading config file %1 at line %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. Unknown object '%1' in file %2 line %3 Failed to start a database transaction ReqTreeView Sign Assinar Unmark signed Mark signed Similar Request Pedido semelhante RevocationList Manage revocations Gerenciar revogações Add Adicionar Delete Excluir Edit Editar No. Número. Serial Serial Revocation Revogação Reason Razão Invalidation Invalidação Generate CRL Gerar CRL Revoke Certificate revocation Revogação de certificados Revocation details Detalhes da revogação Revocation reason Motivo da revogação Local time Horário local Invalid since Inválido desde Serial Serial SearchPkcs11 Directory Diretório ... ... Include subdirectories Incluir subdiretórios Search Procurar The following files are possible PKCS#11 libraries Os seguintes arquivos são possíveis bibliotecas PKCS#11 SelectToken Security token Token de segurança Please select the security token Por favor, selecione o token de segurança TempTreeView Duplicate Duplicado Create certificate Criar certificado Create request Criar requisição copy cópia de Validity yyyy-MM-dd hh:mm yyyy-MM-dd hh:mm X509SuperTreeView OpenSSL config OpenSSL config Transform Transform Template Template Public key Public key XcaTreeView Subject entries X509v3 Extensions Netscape extensions Reset Hide Column Details Columns New Import Paste PEM data Rename Properties Propriedades Delete Excluir Export Clipboard File db_base Internal name Nome interno No. Número. Primary key Database unique number Date Date of creation or insertion Source Fonte Generated, Imported, Transformed Comment comentário First line of the comment field Could not create directory %1 Item properties How to export the %1 selected items All in one PEM file Each item in one file Save %1 items in one file as PEM files ( *.pem );; All files ( * ) db_crl Signer Internal name of the signer No. revoked Number of revoked certificates Last update Next update CRL number Número CRL The revocation list already exists in the database as: '%1' and so it was not imported Revocation list export CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) There are no CA certificates for CRL generation Select CA certificate Create CRL Failed to initiate DB transaction Database error: %1 db_key Type Tipo Size EC Group Use Password Senha The key is already in the database as: '%1' and is not going to be imported The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key Extending public key from %1 by imported key '%2' Key size too small ! You are sure to create a key of the size: %1 ? PEM public PEM public SSH2 public SSH2 public PEM private PEM private Export keys to Clipboard Clipboard Export public key [%1] DER public DER public DER private DER private PEM encryped PKCS#8 encrypted Export private key [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Tried to change password of a token db_temp Bad template: %1 Modelo ruim: %1 Empty template Modelo vazio Preset Template values Valores predefinidos do modelo Save template as Salvar modelo como XCA templates ( *.xca );; All files ( * ) Modelos XCA ( *.xca );; Todos os arquivos ( * ) db_x509 CA CA reflects the basic Constraints extension Serial Serial Start date Expiry date MD5 fingerprint SHA1 fingerprint SHA256 fingerprint Not before Não antes Not after Não após Revocation Revogação CRL Expiration Plain View Vista plana Tree View Failed to retrieve unique random serial The certificate already exists in the database as: '%1' and so it was not imported Signed on %1 by '%2' Unknown Desconhecido Invalid public key PKCS#7 unrevoked PEM unrevoked vCalendar CA vCalendar days No template The key you selected for signing is not a private one. Store the certificate to the key on the token '%1 (#%2)' ? PEM chain PKCS#7 chain PKCS#12 chain PKCS#7 all PEM + key PEM all Certificate Index file Certificate export X509 Certificates ( *.pem *.cer *.crt *.p12 *.p7b ) There was no key found for the Certificate: '%1' Not possible for a token key: '%1' Not possible for the token-key Certificate '%1' days dias db_x509name Subject Sujeito Complete distinguished name Nome distinto completo Subject hash Assunto hash Hash to lookup certs in directories Hash para pesquisar certificados em diretórios db_x509req Signed whether the request is already signed or not Unstructured name Challenge password Certificate count Number of certificates in the database with the same public key The certificate signing request already exists in the database as '%1' and thus was not stored Certificate request export Certificate request ( *.pem *.der *.csr ) db_x509super Key name Internal name of the key Signature algorithm Extracted from %1 '%2' Certificate Certificate request Save as OpenSSL config Config files ( *.conf *.cnf);; All files ( * ) The following extensions were not ported into the template Transformed from %1 '%2' kvView Type Tipo Content Conteúdo pass_info Password Senha PIN PIN pki_base Error opening file: '%1': %2 Erro ao abrir o arquivo: '%1': %2 Error writing to file: '%1': %2 Erro ao gravar no arquivo: '%1': %2 Unknown Desconhecido Imported Generated Transformed Token Legacy Database Renewed Internal error: Unexpected message: %1 %2 pki_crl Successfully imported the revocation list '%1' Delete the revocation list '%1'? Successfully created the revocation list '%1' Delete the %1 revocation lists: %2? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. No issuer given Wrong Size %1 Renew CRL: %1 The XCA CRL '%1', issued by the CA '%2' on %3 will expire on %4. It is stored in the XCA database '%5' pki_evp Failed to decrypt the key (bad password) %1 Please enter the password to decrypt the private key. The key from file '%1' is incomplete or inconsistent. Please enter the password to decrypt the private key from file: %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. Ignoring unsupported private key Please enter the password to decrypt the private key: '%1' Password input aborted Please enter the database password for decrypting the key '%1' Please enter the password to protect the private key: '%1' Please enter the database password for encrypting the key Please enter the password protecting the PKCS#8 key '%1' Please enter the export password for the private key '%1' pki_key Successfully imported the %1 public key '%2' Delete the %1 public key '%2'? Successfully imported the %1 private key '%2' Delete the %1 private key '%2'? Successfully created the %1 private key '%2' Delete the %1 keys: %2? Public key Public key Common Private Bogus PIN PIN No password Unexpected SSH2 content: '%1' Invalid SSH2 public key Failed writing to %1 pki_multi No known PEM encoded items found Não foram encontrados itens codificados PEM conhecidos pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 Por favor, digite a senha para descriptografar o arquivo PKCS#12: %1 Unable to load the PKCS#12 (pfx) file %1. Não é possível carregar o arquivo PKCS#12 (pfx) %1. The supplied password was wrong (%1) Please enter the password to encrypt the PKCS#12 file No key or no Cert and no pkcs12 pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. Não é possível carregar o arquivo PKCS#7 %1. Tentei o formato PEM e DER. pki_scard Successfully imported the token key '%1' Delete the token key '%1'? Successfully created the token key '%1' Delete the %1 keys: %2? Delete the private key '%1' from the token '%2 (#%3)' ? This Key is already on the token PIN input aborted Unable to find copied key on the token Please insert card: %1 %2 [%3] with Serial: %4 Illegal Key generation method Unable to find generated key on card Ignoring unsupported token key Wrong Size %1 Token %1 Failed to find the key on the token Invalid Pin for the token Failed to initialize the key on the token pki_temp Successfully imported the XCA template '%1' Delete the XCA template '%1'? Successfully created the XCA template '%1' Delete the %1 XCA templates: %2? Wrong Size %1 Template file content error (too small) Erro no conteúdo do arquivo de modelo (muito pequeno) Template file content error (too small): %1 Erro no conteúdo do arquivo de modelo (muito pequeno): %1 Not a PEM encoded XCA Template Not an XCA Template, but '%1' pki_x509 Successfully imported the certificate '%1' Delete the certificate '%1'? Successfully created the certificate '%1' Delete the %1 certificates: %2? Unable to load the certificate in file %1. Tried PEM and DER certificate. This certificate is already on the security token Delete the certificate '%1' from the token '%2 (#%3)'? There is no key for signing ! Wrong Size %1 No Não Yes Sim Renew certificate: %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' CRL Renewal of CA '%1' due The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' pki_x509req Signing key not valid (public key) Chave de assinatura inválida (oublic key) Successfully imported the %1 certificate request '%2' Delete the %1 certificate request '%2'? Successfully created the %1 certificate request '%2' Delete the %1 certificate requests: %2? Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. Wrong Size %1 Signed Unhandled v3ext Copy Common Name Add Adicionar Delete Excluir Apply Aplique Validate Validar Cancel An email address or 'copy' An email address A registered ID: OBJECT IDENTIFIER A uniform resource indicator A DNS domain name or 'copycn' A DNS domain name Um DNS nome de domínio An IP address Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' No editing. Only 'copy' allowed here Validation failed: '%1' %2 Falha na validação: '%1' %2 Validation successful: '%1' xca-RELEASE.2.2.1/lang/xca_tr.ts0000644000175000017500000054144313614632167015501 0ustar tewardteward Done Bitti About#1 CA Properties CA Özellikleri CaProperties#1 Use random Serial numbers Değişken Seri numaralar kullan CaProperties#2 Default template Varsayılan şablon CaProperties#4 Next serial for signing İmza için sonraki seri CaProperties#5 Details of the Certificate Sertifika bilgileri CertDetail#1 S&tatus &Durum CertDetail#2 Serial CertDetail#3 Seri CertDetail#3 The serial number of the certificate Sertifika seri numarası CertDetail#4 The internal name of the certificate in the database Sertifika veritabanındaki isim CertDetail#5 Internal name CertDetail#6 Dahili adı CertDetail#6 Signature algorithm CertDetail#7 İmza algoritması CertDetail#7 Signature CertDetail#8 İmza CertDetail#8 Key CertDetail#9 Anahtar CertDetail#9 Fingerprints Parmak izleri CertDetail#10 SHA1 SHA1 CertDetail#11 MD5 MD5 CertDetail#12 A SHA-1 hashsum of the certificate A SHA-1 hashsum sertifikası CertDetail#13 An md5 hashsum of the certificate An md5 hassum sertifikası CertDetail#14 Validity CertDetail#15 Geçerlilik CertDetail#15 The time since the certificate is valid Zamana kadar geçerli sertifika CertDetail#16 The time until the certificate is valid Bu zaman kadar sertifika geçerli CertDetail#17 &Subject &Konu CertDetail#18 &Issuer CertDetail#19 &veren CertDetail#19 Attributes Nitelikler CertDetail#20 &Extensions CertDetail#21 &Uzantıları CertDetail#21 Show config Yapılandırmayı göster CertDetail#22 Show extensions Uzantıları göster CertDetail#23 Not available CertDetail#24 Kullanılamaz CertDetail#24 Details of the certificate Sertifika detayları CertDetail#25 Signer unknown Bilinmeyen imzalayan makam CertDetail#26 Self signed Kendinden imzalı CertDetail#27 Not trusted CertDetail#28 Güvenilmeyen CertDetail#28 Trusted Güvenilir CertDetail#29 Revoked: İptaledilmiş CertDetail#30 Not valid Geçersiz CertDetail#31 Valid Geçerli CertDetail#32 Details of the certificate signing request sertifika imzalama isteği detayları CertDetail#33 Certificate renewal Sertifika yenileme CertExtend#1 This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. Bu yeni bir seri numarası ve düzeltilmiş geçerlilik değerleri ile eski bir kopyası olarak yeni bir sertifika oluşturur. CertExtend#2 Validity CertExtend#3 Geçerlilik CertExtend#3 Not before CertExtend#4 Öncedeğil CertExtend#4 Not after CertExtend#5 Sonradeğil CertExtend#5 Time range CertExtend#6 Zaman aralığı CertExtend#6 No well-defined expiration CertExtend#7 Tanımlanmamış son CertExtend#7 Apply CertExtend#8 Uygula CertExtend#8 Days CertExtend#9 Gün CertExtend#9 Months CertExtend#10 Ay CertExtend#10 Years CertExtend#11 Yıl CertExtend#11 Midnight CertExtend#12 Gece Yarısı CertExtend#12 The certificate will be earlier valid than the signer. This is probably not what you want. CertExtend#13 Sertifika önceki imzalayandan daha geçerli olacaktır. Muhtemelen istediğiniz bu değildir. CertExtend#13 Edit times Zamanı düzenle CertExtend#14 Adjust date and continue CertExtend#17 Tarihi düzenler ve devam eder CertExtend#17 The certificate will be longer valid than the signer. This is probably not what you want. CertExtend#18 Sertifika önceki imzalayandan daha geçerli olacaktır. Muhtemelen istediğiniz bu değildir. CertExtend#18 There was no key found for the Certificate: CertView#1 Sertifikadaki anahtar bulunamıyor. CertView#1 Import Certificate signing request CertView#2 Sertifika imzalama isteği CertView#2 Double click for details Detaylariçin çift tıklayın ClickLabel#1 Details of the Revocation list İptal listesi için çift tıklayın CrlDetail#1 &Status &Durum CrlDetail#2 Version Sürüm CrlDetail#3 Signature CrlDetail#4 İmza CrlDetail#4 Signed by İmzalayan: CrlDetail#5 Name CrlDetail#6 İsim CrlDetail#6 The internal name of the CRL in the database CRL veritabanındaki isim CrlDetail#7 issuing dates Verilen tarih CrlDetail#8 Next Update Sonraki Güncelleme CrlDetail#9 Last Update Son Güncelleme CrlDetail#10 &Issuer CrlDetail#11 &veren CrlDetail#11 &Extensions CrlDetail#12 &Uzantıları CrlDetail#12 &Revocation list &İptal listesi CrlDetail#13 0 0 CrlDetail#14 Serial CrlDetail#15 Seri CrlDetail#15 Revocation CrlDetail#16 İptal CrlDetail#16 Reason Neden CrlDetail#17 Invalidation İptal CrlDetail#18 Failed Başarısız CrlDetail#19 Unknown signer Bilinmeyen imzalayan CrlDetail#20 Verification not possible Doğrulama mümkün değil CrlDetail#21 Unknown certificate Bilinmeyen sertifika CrlDetail#22 X509 Certificates ( *.cer *.crt *.p12 *.p7b);;All files ( * ) X509 sertifikası (*cer *.crt *.p12 *.p7b);;Tüm dosyalar (*) ExportCert#1 DER is a binary format of the Certificate PEM is a base64 encoded Certificate PKCS#7 is an official Certificate exchange format PKCS#12 is an encrypted official Key-Certificate exchange format DER ikili sertifika formatı PEM base64 kodlu sertifika PKCS#7 resmi değişim sertifikası PKCS#12 kriptolu anahtar sertifikası ExportCert#2 Please enter the filename for the certificate. Lütfen sertifika ismini giriniz. ExportCert#3 Certificate export Sertifika dışa aktar ExportCert#4 All files ( * ) ExportDer#1 Bütün dosyalar ( * ) ExportDer#1 DER is a binary format PEM is a base64 encoded DER file DER ikili biçimdir PEM base64 kodlanmış DER dosyası ExportDer#2 ... ... ExportDialog#1 Filename Dosya adı ExportDialog#2 Please enter the filename Lütfen dosya adını giriniz ExportDialog#3 Export Format Verme biçimi ExportDialog#4 The file: '%1' already exists! Dosya: 2%1' zaten var ExportDialog#5 Overwrite Üzerine yaz ExportDialog#6 Do not overwrite Üzerine yazmayın ExportDialog#7 When exporting the private key it should be encrypted. Özel anahtar dışa aktarılırken şifreli olmalıdır. ExportKey#1 When exporting the private part, it should be encrypted. Özel bölüm aktarılırken şifreli olmalıdır. ExportKey#2 E&xport the private part of the Key too Dışa aktarılan özel bölüm anahtarı çok ExportKey#3 Export as PKCS#8 PKCS#8 olarak aktar ExportKey#4 Private keys ( *.pem *.der *.pk8 );;All files ( * ) Özel anatarlar (*.pem *.der *.pk8);;Tüm dosyalar ( * ) ExportKey#6 << << Help#1 >> >> Help#2 &Done Help#3 &Bitti Help#3 &Import ImportMulti#3 &İçe Aktar ImportMulti#3 &Done ImportMulti#4 &Bitti ImportMulti#4 &Remove from list &İptal listesi ImportMulti#5 Details Detaylar ImportMulti#6 Name KeyDetail#1 İsim KeyDetail#1 Serial KeyDetail#5 Seri KeyDetail#5 &Delete &Sil MainWindow#7 Certificates Sertifikalar MainWindow#10 Database Veri Tabanı MainWindow#20 &File &Dosya MainWindow#22 Exit Çıkış MainWindow#33 &Help &Yardım MainWindow#48 &About &Hakkında MainWindow#50 Cancel MainWindow#57 İptal MainWindow#57 New Password Yeni Parola MainWindow#64 Password MainWindow#68 Parola MainWindow#68 Days NewCrl#5 Gün NewCrl#5 Months NewCrl#6 Ay NewCrl#6 Years NewCrl#7 Yıl NewCrl#7 Apply NewCrl#9 Uygula NewCrl#9 Name NewKey#4 İsim NewKey#4 Create NewKey#11 Oluştur NewKey#11 Create NewX509#1 Oluştur NewX509#1 Source Kaynak NewX509#2 1 1 NewX509#12 Subject NewX509#23 Konu NewX509#23 Organisation Organizasyon NewX509#24 Country code Ülke kodu NewX509#27 E-Mail address E-posta adresi NewX509#31 Internal name NewX509#32 Dahili adı NewX509#32 Add NewX509#34 Ekle NewX509#34 Delete NewX509#35 Sil NewX509#35 Type NewX509#42 Tür NewX509#42 Days NewX509#60 Gün NewX509#60 Months NewX509#61 Ay NewX509#61 Years NewX509#62 Yıl NewX509#62 Apply NewX509#63 Uygula NewX509#63 Edit Düzenle NewX509#73 Advanced Gelişmiş NewX509#90 Errors Hatalar NewX509#103 Edit name İsmi Düzenle NewX509#111 Password PwDialog#1 Parola PwDialog#1 Import db_x509#21 &İçe Aktar db_x509#21 Rename db_x509#24 Dosya adı db_x509#24 Show Details db_x509#25 Detaylar db_x509#25 Export db_x509#27 Verme biçimi db_x509#27 File db_x509#29 &Dosya db_x509#29 OpenSSL config db_x509#34 Yapılandırmayı göster db_x509#34 Delete db_x509#35 Sil db_x509#35 Sign db_x509#41 İmzalayan: db_x509#41 Challenge password Yeni Parola db_x509req#4 OpenSSL config db_x509req#18 Yapılandırmayı göster db_x509req#18 Delete db_x509req#19 Sil db_x509req#19 Config files ( *.conf *.cnf);; All files ( * ) X509 sertifikası (*cer *.crt *.p12 *.p7b);;Tüm dosyalar (*) db_x509super#4 Delete db_x509#36 Sil &Remove &Kaldır CaProperties CA Properties CA Özellikleri Days until next CRL issuing Default template Varsayılan şablon CertDetail Details of the Certificate Sertifika bilgileri Status Internal name Dahili adı The internal name of the certificate in the database Sertifika veritabanındaki isim Signature İmza Key Anahtar Serial Seri The serial number of the certificate Sertifika seri numarası Fingerprints Parmak izleri MD5 MD5 An md5 hashsum of the certificate An md5 hassum sertifikası SHA1 SHA1 A SHA-1 hashsum of the certificate A SHA-1 hashsum sertifikası SHA256 SHA256 A SHA-256 hashsum of the certificate A SHA-1 hashsum sertifikası {256 ?} Validity Geçerlilik The time since the certificate is valid Zamana kadar geçerli sertifika The time until the certificate is valid Bu zaman kadar sertifika geçerli Subject Konu Issuer Attributes Nitelikler Extensions Show config Yapılandırmayı göster Comment Show extensions Uzantıları göster Show public key This key is not in the database. Not available Kullanılamaz Signer unknown Bilinmeyen imzalayan makam Self signed Kendinden imzalı Revoked at %1 Revoked: İptaledilmiş Not valid Geçersiz Valid Geçerli Details of the certificate signing request sertifika imzalama isteği detayları CertExtend Certificate renewal Sertifika yenileme This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. Bu yeni bir seri numarası ve düzeltilmiş geçerlilik değerleri ile eski bir kopyası olarak yeni bir sertifika oluşturur. Validity Geçerlilik Not before Öncedeğil Not after Sonradeğil Time range Zaman aralığı Local time Days Gün Months Ay Years Yıl No well-defined expiration Tanımlanmamış son Midnight Gece Yarısı Apply Uygula Revoke old certificate Keep serial number The certificate will be earlier valid than the signer. This is probably not what you want. Sertifika önceki imzalayandan daha geçerli olacaktır. Muhtemelen istediğiniz bu değildir. Edit dates Abort rollout Continue rollout Adjust date and continue Tarihi düzenler ve devam eder The certificate will be longer valid than the signer. This is probably not what you want. Sertifika önceki imzalayandan daha geçerli olacaktır. Muhtemelen istediğiniz bu değildir. CertTreeView Import PKCS#12 Import from PKCS#7 Request Security token Other token Similar Certificate Delete from Security token CA Properties Generate CRL Manage revocations Renewal Revoke Unrevoke ClickLabel Double click for details Detaylariçin çift tıklayın CrlDetail Details of the Revocation list İptal listesi için çift tıklayın &Status &Durum Version Sürüm Signature İmza Signed by İmzalayan: Name İsim The internal name of the CRL in the database CRL veritabanındaki isim issuing dates Verilen tarih Next update Last update &Issuer &veren &Extensions &Uzantıları &Revocation list &İptal listesi Comment Failed Başarısız Unknown signer Bilinmeyen imzalayan Verification not possible Doğrulama mümkün değil ExportDialog Name İsim The internal name of the CRL in the database CRL veritabanındaki isim ... ... Filename Dosya adı Export comment into PEM file Export Format Verme biçimi All files ( * ) Bütün dosyalar ( * ) PEM Text format with headers Concatenated list of all selected items in one PEM text file Concatenated text format of the complete certificate chain in one PEM file Concatenated text format of all unrevoked certificates in one PEM file Concatenated text format of all certificates in one PEM file Binary DER encoded file PKCS#7 encoded single certificate PKCS#7 encoded complete certificate chain All unrevoked certificates encoded in one PKCS#7 file All selected certificates encoded in one PKCS#7 file All certificates encoded in one PKCS#7 file The certificate and the private key as encrypted PKCS#12 file The complete certificate chain and the private key as encrypted PKCS#12 file Concatenation of the certificate and the unencrypted private key in one PEM file Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Text format of the public key in one PEM file Binary DER format of the public key Unencrypted private key in text format OpenSSL specific encrypted private key in text format Unencrypted private key in binary DER format Unencrypted private key in PKCS#8 text format Encrypted private key in PKCS#8 text format The public key encoded in SSH2 format OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool vCalendar expiry reminder for the selected items vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL The file: '%1' already exists! Dosya: 2%1' zaten var Overwrite Üzerine yaz Do not overwrite Üzerine yazmayın Help << << >> >> &Done &Bitti ImportMulti Import PKI Items Import &All &Import &İçe Aktar &Done &Bitti &Remove from list &İptal listesi Details Detaylar Delete from token Rename on token Name: %1 Model: %2 Serial: %3 Manage security token The type of the item '%1' is not recognized Details of the item '%1' cannot be shown The file '%1' did not contain PKI data The %1 files: '%2' did not contain PKI data ItemProperties Name İsim Source Kaynak Insertion date Comment KeyDetail Name İsim The internal name of the key used by xca Key Anahtar Public Exponent Keysize Private Exponent Security Token Label PKCS#11 ID Token information Model Manufacturer Serial Seri Fingerprint Comment Details of the %1 key Not available Kullanılamaz Security token Available Sub prime Public key Private key Curve name Unknown key KeyTreeView Change password Reset password Change PIN Init PIN with SO PIN (PUK) Change SO PIN (PUK) Security token This is not a token Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable MainWindow Private Keys &New Key &Export &Import &İçe Aktar Import PFX (PKCS#12) &Show Details &Delete &Sil Certificate signing requests &New Request Certificates Sertifikalar &New Certificate Import &PKCS#12 Import P&KCS#7 Plain View Templates &New Template Ch&ange Template Revocation lists &New CRL Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Failed to rename the database file, because the target already exists Using or exporting private keys will not be possible without providing the correct password The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. Database Veri Tabanı No deleted items found Recent DataBases System Croatian English French German Russian Slovak Spanish Polish Italian Chinese Dutch Portuguese in Brazil Turkish Language &File &Dosya Open Remote DataBase Set as default DataBase New DataBase Open DataBase Close DataBase Options Exit Çıkış I&mport Keys Requests PKCS#12 PKCS#7 Template Revocation list PEM file Paste PEM file Token Export Certificate &Index hierarchy Content &Manage Security token &Init Security token &Change PIN Change &SO PIN Init PIN Extra &Dump DataBase &Export Certificate Index C&hange DataBase password &Undelete items Generate DH parameter OID Resolver &Help &Yardım About Search no such option: %1 Import PEM data Please enter the original SO PIN (PUK) of the token '%1' Please enter the new SO PIN (PUK) for the token '%1' The new label of the token '%1' The token '%1' did not contain any keys or certificates Current Password Please enter the current database password The entered password is wrong New Password Yeni Parola Please enter the new password to encrypt your private keys in the database-file Transaction start failed Please enter a password, that will be used to encrypt your private keys in the database: %1 Password verify error, please try again Password Parola Please enter the password for unlocking the database: %1 The following error occurred: Copy to Clipboard Certificate Index ( index.txt ) All files ( * ) Bütün dosyalar ( * ) Diffie-Hellman parameters saved as: %1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits NewCrl Last update Next update Days Gün Months Ay Years Yıl Midnight Gece Yarısı Local time Apply Uygula Options Hash algorithm Subject alternative name Authority key identifier CRL number Revocation reasons NewKey New Key Please give a name to the new key and select the desired keysize Key properties Name İsim The internal name of the new key Curve name Keysize Usually at least 2048 bit keys are recommended Keytype Remember as default Create Oluştur NewX509 Source Kaynak Signing request Show request Sign this Certificate signing &request Copy extensions from the request Modify subject of the request Signing Create a &self signed certificate Use &this Certificate for signing All certificates in your database that can create valid signatures Signature algorithm İmza algoritması Template for the new certificate All available templates Apply extensions Apply subject Apply all Subject Konu Internal Name Distinguished name Add Ekle Delete Sil Private key This list only contains unused keys Used keys too &Generate a new key Extensions Type Tür If this will become a CA certificate or not Not defined Certification Authority End Entity Path length How much CAs may be below this. The basic constraints should always be critical Key identifier Creates a hash of the key following the PKIX guidelines Copy the Subject Key Identifier from the issuer Validity Geçerlilik Not before Öncedeğil Not after Sonradeğil Time range Zaman aralığı Days Gün Months Ay Years Yıl Apply Uygula Set the time to 00:00:00 and 23:59:59 respectively Midnight Gece Yarısı Local time No well-defined expiration Tanımlanmamış son DNS: IP: URI: email: RID: Edit Düzenle URI: Key usage Netscape Advanced Gelişmiş Validate Comment This name is only used internally and does not appear in the resulting certificate Internal name Dahili adı Critical Create Certificate signing request minimum size: %1 maximum size: %1 only a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters Edit XCA template Create x509 Certificate Template '%1' applied Subject applied from template '%1' Extensions applied from template '%1' New key '%1' created Other Tabs Advanced Tab Errors Hatalar From PKCS#10 request Abort rollout The following length restrictions of RFC3280 are violated: Edit subject Continue rollout The verification of the Certificate request failed. The rollout should be aborted. Continue anyway The internal name and the common name are empty. Please set at least the internal name. Edit name İsmi Düzenle There is no Key selected for signing. Select key The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. The key you selected for signing is not a private one. Select other signer Select other key The certificate will be earlier valid than the signer. This is probably not what you want. Sertifika önceki imzalayandan daha geçerli olacaktır. Muhtemelen istediğiniz bu değildir. Edit dates Adjust date and continue Tarihi düzenler ve devam eder The certificate will be longer valid than the signer. This is probably not what you want. Sertifika önceki imzalayandan daha geçerli olacaktır. Muhtemelen istediğiniz bu değildir. The certificate will be out of date before it becomes valid. You most probably mixed up both dates. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. Edit extensions The subject alternative name shall contain a copy of the common name. However, the common name is empty. Configfile error on line %1 OidResolver OID Resolver Enter the OID, the Nid, or one of the textual representations Search OID Long name OpenSSL internal ID Nid Short name OpenDb Open remote database Database type Hostname Username Password Parola Database name Table prefix No SqLite3 driver available. Please install the qt-sqlite package of your distribution Please enter the password to access the database server %2 as user '%1'. The database driver does not support transactions. This may happen if the client and server have different versions. Continue with care. Options XCA Options Settings Default hash algorithm String types Suppress success messages Don't colorize expired certificates Translate established x509 terms (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. Only use hashes supported by the token when signing with a token key Disable legacy Netscape extensions Certificate expiry warning threshold Send vCalendar expiry reminder Serial number length bit Distinguished name Mandatory subject entries Add Ekle Delete Sil Explicit subject entries Dynamically arrange explicit subject entries Default PKCS#11 provider Remove Search Printable string or UTF8 (default) PKIX recommendation in RFC2459 No BMP strings, only printable and T61 UTF8 strings only (RFC2459) All strings Days Gün Weeks PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) Take as HEX string Repeat %1 %1 mismatch Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters E&xit QObject Undefined Broken / Invalid in %1 seconds %1 seconds ago in %1 minutes %1 minutes ago Yesterday Tomorrow in %1 hours %1 hours ago DB: Rename: '%1' already in use DB: Entry to rename not found: %1 DB: Write error %1 - %2 Out of data Error finding endmarker of string Out of Memory at %1:%2 Country code Ülke kodu Organisation Organizasyon E-Mail address E-posta adresi Name İsim Challenge password Yeni Parola All files ( * ) Bütün dosyalar ( * ) PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; SSH Public Keys ( *.pub );; Import RSA key PKCS#10 CSR ( *.pem *.der *.csr );; Import Request Certificates ( *.pem *.der *.crt *.cer );; Import X.509 Certificate PKCS#7 data ( *.p7s *.p7m *.p7b );; Import PKCS#7 Certificates PKCS#12 Certificates ( *.p12 *.pfx );; Import PKCS#12 Private Certificate XCA templates ( *.xca );; Import XCA Templates Revocation lists ( *.pem *.der *.crl );; Import Certificate Revocation List XCA Databases ( *.xdb );; Open XCA Database PKCS#11 library ( *.dll );; PKCS#11 library ( *.dylib *.so );; PKCS#11 library ( *.so );; Open PKCS#11 shared library PEM files ( *.pem );; Load PEM encoded file Error reading config file %1 at line %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. Unknown object '%1' in file %2 line %3 Please enter the PIN on the PinPad Please enter the SO PIN (PUK) of the token %1 Please enter the PIN of the token %1 No Security token found Select Please enter the new SO PIN (PUK) for the token: '%1' Please enter the new PIN for the token: '%1' Required PIN size: %1 - %2 Failed to open PKCS11 library: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Disabled Library loading failed PKCS#11 function '%1' failed: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 Failed to start a database transaction Invalid %1 is shorter than %2 bytes: '%3' %1 is longer than %2 bytes: '%3' String '%1' for '%2' contains invalid characters ReqTreeView Sign İmzalayan: Unmark signed Mark signed Similar Request RevocationList Manage revocations Add Ekle Delete Sil Edit Düzenle No. Serial Seri Revocation İptal Reason Neden Invalidation İptal Generate CRL Revoke Certificate revocation Revocation details Revocation reason Local time Invalid since Serial Seri SearchPkcs11 Directory ... ... Include subdirectories Search The following files are possible PKCS#11 libraries SelectToken Security token Please select the security token TempTreeView Duplicate Create certificate Create request copy Validity yyyy-MM-dd hh:mm X509SuperTreeView OpenSSL config Yapılandırmayı göster Transform Template Public key XcaTreeView Subject entries X509v3 Extensions Netscape extensions Reset Hide Column Details Detaylar Columns New Import &İçe Aktar Paste PEM data Rename Dosya adı Properties Delete Sil Export Verme biçimi Clipboard File &Dosya db_base Internal name Dahili adı No. Primary key Database unique number Date Date of creation or insertion Source Kaynak Generated, Imported, Transformed Comment First line of the comment field Could not create directory %1 Item properties How to export the %1 selected items All in one PEM file Each item in one file Save %1 items in one file as PEM files ( *.pem );; All files ( * ) db_crl Signer Internal name of the signer No. revoked Number of revoked certificates Last update Next update CRL number The revocation list already exists in the database as: '%1' and so it was not imported Revocation list export CRL ( *.pem *.der *.crl ) There are no CA certificates for CRL generation Select CA certificate Create CRL Failed to initiate DB transaction Database error: %1 db_key Type Tür Size EC Group Use Password Parola The key is already in the database as: '%1' and is not going to be imported The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key Extending public key from %1 by imported key '%2' Key size too small ! You are sure to create a key of the size: %1 ? PEM public SSH2 public PEM private Export keys to Clipboard Clipboard Export public key [%1] DER public DER private PEM encryped PKCS#8 encrypted Export private key [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Tried to change password of a token db_temp Empty template Bad template: %1 Preset Template values Save template as XCA templates ( *.xca );; All files ( * ) db_x509 CA reflects the basic Constraints extension Serial Seri MD5 fingerprint SHA1 fingerprint SHA256 fingerprint Start date Not before Öncedeğil Expiry date Not after Sonradeğil Revocation İptal CRL Expiration Plain View Tree View Failed to retrieve unique random serial The certificate already exists in the database as: '%1' and so it was not imported Signed on %1 by '%2' Unknown Invalid public key The key you selected for signing is not a private one. Store the certificate to the key on the token '%1 (#%2)' ? PEM chain PKCS#7 chain PKCS#12 chain PEM + key PKCS#7 unrevoked PKCS#7 all PEM unrevoked PEM all Certificate Index file vCalendar CA vCalendar Certificate export Sertifika dışa aktar X509 Certificates ( *.pem *.cer *.crt *.p12 *.p7b ) There was no key found for the Certificate: '%1' Not possible for a token key: '%1' Not possible for the token-key Certificate '%1' days No template db_x509name Subject Konu Complete distinguished name Subject hash Hash to lookup certs in directories db_x509req Signed whether the request is already signed or not Unstructured name Challenge password Yeni Parola Certificate count Number of certificates in the database with the same public key The certificate signing request already exists in the database as '%1' and thus was not stored Certificate request export Certificate request ( *.pem *.der *.csr ) db_x509super Key name Internal name of the key Signature algorithm İmza algoritması Extracted from %1 '%2' Certificate Certificate request Save as OpenSSL config Config files ( *.conf *.cnf);; All files ( * ) X509 sertifikası (*cer *.crt *.p12 *.p7b);;Tüm dosyalar (*) The following extensions were not ported into the template Transformed from %1 '%2' kvView Type Tür Content pass_info Password Parola PIN pki_base Internal error: Unexpected message: %1 %2 Error opening file: '%1': %2 Unknown Imported Generated Transformed Token Legacy Database Renewed pki_crl Successfully imported the revocation list '%1' Delete the revocation list '%1'? Successfully created the revocation list '%1' Delete the %1 revocation lists: %2? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. No issuer given Wrong Size %1 Renew CRL: %1 The XCA CRL '%1', issued by the CA '%2' on %3 will expire on %4. It is stored in the XCA database '%5' pki_evp Failed to decrypt the key (bad password) %1 Please enter the password to decrypt the private key. The key from file '%1' is incomplete or inconsistent. Please enter the password to decrypt the private key from file: %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. Ignoring unsupported private key Please enter the password to decrypt the private key: '%1' Password input aborted Please enter the database password for decrypting the key '%1' Please enter the password to protect the private key: '%1' Please enter the database password for encrypting the key Please enter the password protecting the PKCS#8 key '%1' Please enter the export password for the private key '%1' pki_key Successfully imported the %1 public key '%2' Delete the %1 public key '%2'? Successfully imported the %1 private key '%2' Delete the %1 private key '%2'? Successfully created the %1 private key '%2' Delete the %1 keys: %2? Public key Common Private Bogus PIN No password Unexpected SSH2 content: '%1' Invalid SSH2 public key Failed writing to %1 pki_multi No known PEM encoded items found pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 Unable to load the PKCS#12 (pfx) file %1. The supplied password was wrong (%1) Please enter the password to encrypt the PKCS#12 file No key or no Cert and no pkcs12 pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. pki_scard Successfully imported the token key '%1' Delete the token key '%1'? Successfully created the token key '%1' Delete the %1 keys: %2? Delete the private key '%1' from the token '%2 (#%3)' ? This Key is already on the token PIN input aborted Unable to find copied key on the token Please insert card: %1 %2 [%3] with Serial: %4 Illegal Key generation method Unable to find generated key on card Ignoring unsupported token key Wrong Size %1 Token %1 Failed to find the key on the token Invalid Pin for the token Failed to initialize the key on the token pki_temp Successfully imported the XCA template '%1' Delete the XCA template '%1'? Successfully created the XCA template '%1' Delete the %1 XCA templates: %2? Wrong Size %1 Template file content error (too small) Not a PEM encoded XCA Template Not an XCA Template, but '%1' pki_x509 Successfully imported the certificate '%1' Delete the certificate '%1'? Successfully created the certificate '%1' Delete the %1 certificates: %2? Unable to load the certificate in file %1. Tried PEM and DER certificate. This certificate is already on the security token Delete the certificate '%1' from the token '%2 (#%3)'? There is no key for signing ! Wrong Size %1 No Yes Renew certificate: %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' CRL Renewal of CA '%1' due The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' pki_x509req Signing key not valid (public key) Successfully imported the %1 certificate request '%2' Delete the %1 certificate request '%2'? Successfully created the %1 certificate request '%2' Delete the %1 certificate requests: %2? Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. Wrong Size %1 Signed Unhandled v3ext Copy Common Name Add Ekle Delete Sil Apply Uygula Validate Cancel İptal An email address or 'copy' An email address A registered ID: OBJECT IDENTIFIER A uniform resource indicator A DNS domain name or 'copycn' A DNS domain name An IP address Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' No editing. Only 'copy' allowed here Validation failed: '%1' %2 Validation successful: '%1' xca-RELEASE.2.2.1/lang/xca_nl.ts0000644000175000017500000045361213614632167015465 0ustar tewardteward CaProperties CA Properties CA Eigenschappen Days until next CRL issuing Dagen tot de volgende CRL uitgifte Default template Standaard sjabloon CertDetail Details of the Certificate Eigenschappen van het certificaat Serial Serienummer The serial number of the certificate Het serienummer van het certificaat The internal name of the certificate in the database De interne naam van het certificaat in de database Status Status Internal name Interne naam Signature Handtekening Key Sleutel Fingerprints Fingerprints MD5 MD5 An md5 hashsum of the certificate De MD5 hash van het certificaat SHA1 SHA1 A SHA-1 hashsum of the certificate De SHA-1 hash van het certificaat SHA256 SHA256 A SHA-256 hashsum of the certificate De SHA-256 hash van het certificaat Validity Geldigheid The time since the certificate is valid Het tijdstip sinds het certificaat geldig is The time until the certificate is valid Het tijdstip tot wanneer het certificaat geldig is Subject Onderwerp Issuer Uitgever Extensions Uitbreidingen Comment Commentaar Attributes Attributen Show config Toon configuratie Show extensions Toon uitbreidingen Show public key Toon openbare sleutel This key is not in the database. Deze sleutel is niet aanwezig in de database. Not available Niet beschikbaar Signer unknown Onbekende ondertekenaar Self signed Zelf ondertekend Revoked at %1 Ingetrokken op %1 Not valid Niet geldig Valid Geldig Details of the certificate signing request Gegevens van het certificaat onderteken verzoek (CSR) CertExtend Certificate renewal Certificaat vernieuwing This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. Een nieuw certificaat wordt aangemaakt, als kopie van het oude certificaat, met een nieuw serienummer en aangepaste geldigheidswaarden. Validity Geldigheid Not before Niet voor Not after Niet na Time range Tijdspanne Local time Lokale tijdstip Days Dagen Months Maanden Years Jaren No well-defined expiration Geen correct gedefinieerde expiratie Midnight Middernacht Apply Toepassen Revoke old certificate Oude certificaat intrekken Keep serial number Gebruik het oude serienummer The certificate will be earlier valid than the signer. This is probably not what you want. De startdatum van het certificaat ligt voor de datum van ondertekening. Dit is waarschijnlijk niet gewenst. Edit dates Datums aanpassen Abort rollout Uitgave stopzetten Continue rollout Uitgave voortzetten Adjust date and continue Datum aanpassen en doorgaan The certificate will be longer valid than the signer. This is probably not what you want. De einddatum van het certificaat is later dan de einddatum van ondertekening. Dit is waarschijnlijk niet gewenst. CertTreeView Import PKCS#12 Importeren van PKCS#12 bestand Import from PKCS#7 Importeren van PKCS#7 bestand Request Verzoek Security token Beveiligingstoken Other token Ander token Similar Certificate Gelijksoortig certificaat Delete from Security token Verwijder van beveiligingstoken CA Certificaat Autoriteit (CA) Properties Eigenschappen Generate CRL Genereer CRL Manage revocations Beheer intrekkingen Renewal Vernieuwing Revoke Intrekken Unrevoke Intrekken ongedaan maken ClickLabel Double click for details Dubbel klik voor details CrlDetail Details of the Revocation list Details van de intrekkingslijst &Status &Status Version Versie Signature Handtekening Signed by Ondertekend door Name Naam The internal name of the CRL in the database De interne naam van de CRL in de database issuing dates datum van afgifte Next update Volgende update Last update Laatste update &Issuer U&itgever &Extensions Uitbr&eidingen &Revocation list Lijst van int&rekkingen Comment Commentaar Failed Mislukt Unknown signer Onbekende ondertekenaar Verification not possible Verificatie is niet mogelijk ExportDialog Name Naam The internal name of the CRL in the database De interne naam van de CRL in de database ... ... Filename Bestandsnaam Export comment into PEM file Exporteer commentaar in het PEM bestand Export Format Exporteer formaat All files ( * ) Alle bestanden ( * ) PEM Text format with headers PEM Tekst formaat met koppen Concatenated list of all selected items in one PEM text file Samengevoegde lijst van alle geselecteerde items in één PEM tekstbestand Concatenated text format of the complete certificate chain in one PEM file Samengevoegd tekstformaat van de volledige certificaat reeks in één PEM bestand Concatenated text format of all certificates in one PEM file Samengevoegd tekstformaat van alle certificaten in één PEM bestand Binary DER encoded file Binair DER gecodeerd bestand PKCS#7 encoded single certificate PKCS#7 gecodeerd mono certificaat PKCS#7 encoded complete certificate chain PKCS#7 gecodeerde, complete certificaat reeks Concatenated text format of all unrevoked certificates in one PEM file Samengevoegd tekstformaat van alle niet-ingetrokken certificaten in één PEM bestand All unrevoked certificates encoded in one PKCS#7 file Alle niet-ingetrokken certificaten gecodeerd in één PKCS#7 bestand All selected certificates encoded in one PKCS#7 file Alle geselecteerde certificaten gecodeerd in één PKCS#7 bestand All certificates encoded in one PKCS#7 file Alle certificaten gecodeerd in een PKCS#7 bestand The certificate and the private key as encrypted PKCS#12 file Het certificaat en de privé-sleutel als versleuteld PKCS#12 bestand The complete certificate chain and the private key as encrypted PKCS#12 file De volledige certificaat reeks en de privé-sleutel als versleuteld PKCS#12 bestand Concatenation of the certificate and the unencrypted private key in one PEM file Samenvoeging van het certificaat en de niet-versleutelde privé-sleutel in één PEM bestand Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Samenvoeging van het certificaat en de versleutelde privé-sleutel in PKCS#8 bestand Text format of the public key in one PEM file Tekstformaat van de openbare sleutel in één PEM bestand Binary DER format of the public key Binair DER-formaat van de openbare sleutel Unencrypted private key in text format Niet-versleutelde privé-sleutel in tekst formaat OpenSSL specific encrypted private key in text format OpenSSL-specifieke versleutelde privé-sleutel in tekstformaat Unencrypted private key in binary DER format Niet-versleutelde privé-sleutel in binair DER formaat Unencrypted private key in PKCS#8 text format Niet-versleutelde privé-sleutel in PKCS#8 formaat Encrypted private key in PKCS#8 text format Versleutelde privé-sleutel in PKCS#8 formaat The public key encoded in SSH2 format De openbare sleutel gecodeerd in SSH2-indeling OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool OpenSSL-specifiek certificaat-indexbestand, gemaakt met de opdracht 'ca' en vereist voor de OCSP-tool vCalendar expiry reminder for the selected items vCalendar vervaldatum herinnering voor de geselecteerde items vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL vCalendar vervaldatum herinnering met daarin bevattend: alle uitgegeven, geldige certificaten, de CA zelf en de nieuwste CRL The file: '%1' already exists! Het bestand: '%1' bestaat al! Overwrite Overschrijven Do not overwrite Niet overschrijven Help << << >> >> &Done Uitgevoer&d ImportMulti Import PKI Items Importeer PKI gegevens Import &All &Alles importeren &Import &Importeren &Done Uitgevoer&d &Remove from list Ve&rwijder van de lijst Details Details Delete from token Verwijderen uit token Rename on token Hernoem in token Name: %1 Model: %2 Serial: %3 Naam: %1 Model: %2 Serienummer: %3 Manage security token Beheer beveiligingstoken Details of the item '%1' cannot be shown Details van het item '%1' kunnen niet worden weergegeven The type of the item '%1' is not recognized Het type van het item '%1' wordt niet herkend The file '%1' did not contain PKI data Het bestand %1 bevatte geen PKI-gegevens The %1 files: '%2' did not contain PKI data De %1 bestanden: '%2' bevatten geen PKI-gegevens ItemProperties Name Naam Source Bron Insertion date Invoegdatum Comment Commentaar KeyDetail Name Naam The internal name of the key used by xca De interne naam van de sleutel die wordt gebruikt door XCA Security token Beveiligingstoken Manufacturer Fabrikant Serial Serienummer Key Sleutel Public Exponent Openbare Exponent Keysize Sleutelgrootte Private Exponent Privé Exponent Security Token Beveiligingstoken Label Label PKCS#11 ID PKCS#11 ID Token information Token informatie Model Model Fingerprint Fingerprint Comment Commentaar Details of the %1 key Details van de %1-sleutel Not available Niet beschikbaar Available Beschikbaar Sub prime Sub priemgetal Public key Openbare sleutel Private key Privé-sleutel Curve name Curve naam Unknown key Onbekende sleutel KeyTreeView Change password Verander het wachtwoord Reset password Reset het wachtwoord Change PIN Verander de PIN Init PIN with SO PIN (PUK) Initiele PIN met SO PIN (PUK) Change SO PIN (PUK) Verander het SO PIN (PUK) Security token Beveiligingstoken This is not a token Dit is geen token Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable Moet de oorspronkelijke sleutel '%1' worden vervangen door de sleutel van de token? Hiermee wordt de sleutel %1 verwijderd en wordt deze onbruikbaar gemaakt MainWindow Private Keys Privé-sleutels &New Key &Nieuwe Sleutel &Export &Exporteren &Import &Importeren Import PFX (PKCS#12) Importeer PFX (PKCS#12) &Show Details Toon Detail&s &Delete Verwij&deren Certificate signing requests Certificaat onderteken verzoeken &New Request &Nieuw Verzoek Certificates Certificaten &New Certificate &Nieuw certificaat Import &PKCS#12 Importeer &PKCS#12 Import P&KCS#7 Importeer P&KCS#7 Plain View Tekst weergave Templates Sjablonen &New Template &Nieuw Sjabloon &New CRL &Nieuwe CRL Ch&ange Template Bewerk Sj&abloon Revocation lists Intrekkingslijsten Using or exporting private keys will not be possible without providing the correct password Het gebruik of exporteren van privé-sleutels is niet mogelijk zonder het juiste wachtwoord op te geven Database Database The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. De momenteel gebruikte standaard hash '%1' is onveilig. Selecteer om veiligheidsredenen ten minste 'SHA 224'. Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Legacy database indeling gedetecteerd. Een reservekopie wordt gemaakt met de naam '%1' en de database wordt geconverteerd naar de nieuwe indeling Failed to rename the database file, because the target already exists Kan het database bestand niet hernoemen, omdat het bestand al bestaat No deleted items found Geen verwijderde gegevens gevonden Recent DataBases Recente databases System Systeem Croatian Kroatisch English Engels French Frans German Duits Russian Russisch Slovak Slowaaks Spanish Spaans Polish Pools Italian Italiaans Chinese Chinees Dutch Nederlands Portuguese in Brazil Braziliaans Portugees Turkish Turks Language Taal &File Bestand Open Remote DataBase Open database (op netwerk) Set as default DataBase Stel in als standaard database New DataBase Nieuwe database Open DataBase Open database Close DataBase Sluit database Options Opties Exit Sluiten I&mport I&mport Keys Sleutels Requests Verzoeken PKCS#12 PKCS#12 bestanden PKCS#7 PKCS#7 bestanden Template Sjablonen Revocation list Intrekkingslijsten PEM file PEM bestanden Paste PEM file Plak het PEM bestand Token Token Export Certificate &Index hierarchy Exporteer certificaten &index hiërarchie Content Inhoud &Manage Security token Beheer beveiligingstoken &Init Security token &Initialiseer Beveiligingstoken &Change PIN Verander PIN Change &SO PIN Verander het &SO PIN Init PIN Initialiseer PIN Extra Extra &Dump DataBase &Dump database &Export Certificate Index &Exporteer certificaten index C&hange DataBase password V&erander database wachtwoord &Undelete items Herstel gegevens Generate DH parameter Genereer DH parameter OID Resolver OID Vertaler &Help &Help About Over no such option: %1 Onbekende keuze: %1 Import PEM data Importeer PEM gegevens Please enter the original SO PIN (PUK) of the token '%1' Voer de oorspronkelijke SO PIN (PUK) van het token '%1' in Search Zoeken Please enter the new SO PIN (PUK) for the token '%1' Voer de nieuwe SO PIN (PUK) van het token '%1' in The new label of the token '%1' Het nieuwe label van het token '%1' The token '%1' did not contain any keys or certificates Het token '%1' bevatte geen sleutels of certificaten Current Password Huidig wachtwoord Please enter the current database password Voer het huidige database wachtwoord in The entered password is wrong Het ingevoerde wachtwoord is niet correct New Password Nieuw wachtwoord Please enter the new password to encrypt your private keys in the database-file Voer het nieuwe wachtwoord in om uw privé-sleutels te versleutelen in het database bestand Transaction start failed Start van de transactie is mislukt Please enter a password, that will be used to encrypt your private keys in the database: %1 Voer een wachtwoord in, dat zal worden gebruikt om uw privé-sleutels in de database te versleutelen: %1 Password verify error, please try again Fout bij wachtwoordverificatie, probeer het opnieuw Password Wachtwoord Please enter the password for unlocking the database: %1 Voer het wachtwoord in om de database te ontgrendelen: %1 The following error occurred: De volgende fout is opgetreden: Copy to Clipboard Kopieer naar klembord Certificate Index ( index.txt ) Certificaat Index ( index.txt ) All files ( * ) Alle bestanden ( * ) Diffie-Hellman parameters saved as: %1 Diffie-Hellman parameters opgeslagen als: %1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits Diffie-Hellman parameters zijn nodig voor verschillende toepassingen (zoals b.v. OpenVPN). XCA heeft ze echter niet nodig en gebruikt de parameters zelf niet. Voer de Diffie-Hellman bit modulus in, voor later gebruik (Advies > 2048 bit) NewCrl Last update Laatste update Next update Volgende update Days Dagen Months Maanden Years Jaren Midnight Middernacht Local time Lokale tijdstip Apply Toepassen Options Opties CRL number CRL nummer Subject alternative name Alternatieve naam van het onderwerp Revocation reasons Redenen van intrekken Authority key identifier Autoriteit sleutel-ID Hash algorithm Hash algoritme NewKey Please give a name to the new key and select the desired keysize Geef een naam op voor de nieuwe sleutel en selecteer de gewenste sleutelgrootte Key properties Sleutel eigenschappen Name Naam The internal name of the new key De interne naam van de nieuwe sleutel Curve name Curve naam Usually at least 2048 bit keys are recommended Meestal worden ten minste 2048 bit sleutels aanbevolen New Key Nieuwe sleutel Keysize Sleutelgrootte Keytype Sleuteltype Remember as default Onthoud als standaard Create Creëren NewX509 Source Bron Signing request Ondertekeningsverzoek Show request Verzoek weergeven Sign this Certificate signing &request Onde&rteken dit certificaat ondertekeningsverzoek Copy extensions from the request Kopieer uitbreidingen van het verzoek Modify subject of the request Wijzig het onderwerp van het verzoek Signing Ondertekening Create a &self signed certificate Maak een zelf ondertekend certificaat Use &this Certificate for signing Gebruik di&t certificaat voor ondertekening All certificates in your database that can create valid signatures Alle certificaten in uw database voor het maken van geldige handtekeningen Signature algorithm Handtekening algoritme Template for the new certificate Sjabloon voor het nieuwe certificaat All available templates Alle beschikbare sjablonen Apply extensions Uitbreidingen toepassen Apply subject Onderwerp toepassen Apply all Alles toepassen Subject Onderwerp Internal Name Interne naam Distinguished name DistinguishedName (DN) Add Toevoegen Delete Verwijderen Private key Privé-sleutel This list only contains unused keys Deze lijst bevat alleen ongebruikte sleutels Used keys too Ook gebruikte sleutels &Generate a new key &Genereer een nieuwe sleutel Extensions Uitbreidingen Type Type If this will become a CA certificate or not Of dit een CA certificaat wordt of niet Not defined Niet gedefinieerd Certification Authority Certificaat Authoriteit End Entity Eindentiteit Path length Pad lengte How much CAs may be below this. Hoeveel CA's zitten hier mogelijk onder. The basic constraints should always be critical De basisbeperkingen behoren altijd kritisch te zijn Key identifier Sleutelidentificatie Creates a hash of the key following the PKIX guidelines Creëert een hash van de sleutel volgens de PKIX-richtlijnen Copy the Subject Key Identifier from the issuer Kopieer de Onderwerp Key Identifier van de uitgever Validity Geldigheid Not before Niet voor Not after Niet na Time range Tijdspanne Days Dagen Months Maanden Years Jaren Apply Toepassen Set the time to 00:00:00 and 23:59:59 respectively Stel de tijd in op respectievelijk 00:00:00 en 23:59:59 Midnight Middernacht Local time Lokale tijdstip No well-defined expiration Geen correct gedefinieerde expiratie DNS: IP: URI: email: RID: DNS: IP: URI: email: RID: Edit Bewerken URI: URI: Key usage Sleutelgebruik Netscape Netscape Advanced Gevorderd Validate Valideren Comment Commentaar This name is only used internally and does not appear in the resulting certificate Deze naam wordt alleen intern gebruikt en verschijnt niet in het resulterende certificaat Critical Kritisch Create Certificate signing request Maak een certificaat ondertekeningsverzoek minimum size: %1 minimale grootte: %1 maximum size: %1 maximale grootte: %1 only a-z A-Z 0-9 '()+,-./:=? enkel a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters alleen 7-bits ascii karakters Edit XCA template Bewerk XCA sjabloon Create x509 Certificate Maak een X.509 certificaat Template '%1' applied Sjabloon '%1' wordt toegepast Subject applied from template '%1' Onderwerp toegepast vanuit sjabloon '%1' Extensions applied from template '%1' Uitbreidingen toegepast van sjabloon '%1' New key '%1' created Nieuwe sleutel '%1' gemaakt Other Tabs Andere tabbladen Advanced Tab Geavanceerd tabblad Errors Fouten From PKCS#10 request Vanaf PKCS#10 verzoek Abort rollout Uitgave stopzetten The following length restrictions of RFC3280 are violated: De volgende lengtebeperkingen van RFC3280 worden overtreden: Edit subject Onderwerp bewerken Continue rollout Uitgave voortzetten The verification of the Certificate request failed. The rollout should be aborted. De verificatie van de certificaataanvraag is mislukt. De uitrol moet worden afgebroken. Continue anyway Ga toch verder The internal name and the common name are empty. Please set at least the internal name. De interne naam en de commonName (CN) zijn leeg. Stel ten minste de interne naam in. Edit name Bewerk naam There is no Key selected for signing. Er is geen sleutel geselecteerd voor ondertekening. Select key Selecteer sleutel The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. De volgende DistinguishedName (DN) gegevens zijn leeg: %1 hoewel ze als verplicht zijn aangegeven in het optiemenu. The key you selected for signing is not a private one. De sleutel die geselecteerd is voor ondertekening, is geen privésleutel. Select other signer Selecteer andere ondertekenaar Select other key Selecteer andere sleutel The certificate will be earlier valid than the signer. This is probably not what you want. De startdatum van het certificaat ligt voor de datum van ondertekening. Dit is waarschijnlijk niet gewenst. Edit dates Datums aanpassen Adjust date and continue Datum aanpassen en doorgaan The certificate will be longer valid than the signer. This is probably not what you want. De einddatum van het certificaat is later dan de einddatum van ondertekening. Dit is waarschijnlijk niet gewenst. The certificate will be out of date before it becomes valid. You most probably mixed up both dates. Het certificaat is verouderd voordat het geldig is. Waarschijnlijk zijn beide datums verwisseld. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. Het certificaat bevat ongeldige of dubbele uitbreidingen. Controleer de validatie op het tabblad Geavanceerd. The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. Het certificaat bevat geen uitbreidingen. U kunt de uitbreidingen van een van de sjablonen toepassen om het doel van het certificaat te definiëren. Edit extensions Bewerk uitbreidingen The subject alternative name shall contain a copy of the common name. However, the common name is empty. De alternatieve naam van het onderwerp moet een kopie van de commonName (CN) bevatten. De commonName is echter leeg. Configfile error on line %1 Config bestand fout op regel %1 OidResolver OID Resolver OID Vertaler Enter the OID, the Nid, or one of the textual representations Voer de OID, de NID of een van de tekstuele Engelse omschrijvingen in Search Zoeken OID OID (Object IDentifier) Long name Lange naam OpenSSL internal ID OpenSSL interne ID Nid NID (Numeric IDentifier) Short name Korte naam OpenDb Open remote database Open database (op netwerk) Database type Database type Hostname Hostnaam Username Gebruikersnaam Password Wachtwoord Database name Database naam Table prefix Tabel voorvoegsel No SqLite3 driver available. Please install the qt-sqlite package of your distribution Geen SqLite3-stuurprogramma beschikbaar. Installeer alstublieft het qt-sqlite-pakket van uw distributie Please enter the password to access the database server %2 as user '%1'. Voer het wachtwoord in om toegang te krijgen tot de database server %2 als gebruiker '%1'. The database driver does not support transactions. This may happen if the client and server have different versions. Continue with care. Het database stuurprogramma ondersteunt geen transacties. Dit kan gebeuren als de client en de server verschillende software versies hebben. Ga voorzichtig verder. Options XCA Options XCA Opties Settings Instellingen Default hash algorithm Standaard hash algoritme String types String types Suppress success messages Onderdruk succes berichten Don't colorize expired certificates Verlopen certificaten niet tonen in kleur Translate established x509 terms (%1 -> %2) Vertaal vastgestelde X.509 termen (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. De hash-functionaliteit van het token wordt niet gebruikt door XCA. Het kan echter een beperkte hash-set respecteren die door het token wordt gepropageerd. Vooral EC en DSA worden alleen gedefinieerd met SHA1 in de PKCS#11-specificatie. Only use hashes supported by the token when signing with a token key Gebruik alleen hashes die door het token worden ondersteund bij het ondertekenen met een token sleutel Disable legacy Netscape extensions Verouderde Netscape-uitbreidingen uitschakelen Certificate expiry warning threshold Waarschuwingsdrempel voor vervallen van certificaat Send vCalendar expiry reminder Verstuur de vCalendar vervaldatum herinnering Serial number length Lengte van serienummer bit bit Distinguished name DistinguishedName (DN) Mandatory subject entries Verplichte onderwerp gegevens Add Toevoegen Delete Verwijderen Explicit subject entries Expliciete onderwerp gegevens Dynamically arrange explicit subject entries Dynamisch georganiseerde, expliciete, onderwerp gegevens Default Standaard PKCS#11 provider PKCS#11 provider Remove Verwijderen Search Zoeken Printable string or UTF8 (default) Afdrukbare reeks of UTF8 (standaard) PKIX recommendation in RFC2459 PKIX-aanbeveling uit RFC2459 No BMP strings, only printable and T61 Geen BMP-reeksen, alleen afdrukbaar en T61 UTF8 strings only (RFC2459) Alleen UTF8 reeksen (RFC2459) All strings Alle reeksen Days Dagen Weeks Weken PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) Het wachtwoord wordt ontbonden als tweecijferige hexadecimale code. Het moet een even aantal cijfers hebben (0-9 en A-F) Take as HEX string Neem als hexadecimale-string Repeat %1 Herhaal %1 %1 mismatch %1 komt niet overeen Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters Hexadecimale-wachtwoord mag alleen de tekens '0' - '9' en 'a' - 'f' bevatten en het moet uit een even aantal tekens bestaan E&xit Sluiten QObject Undefined Onbepaald Broken / Invalid Gebroken / Ongeldig in %1 seconds in %1 seconden %1 seconds ago %1 seconde(n) geleden in %1 minutes in %1 minuten %1 minutes ago %1 minuten geleden Yesterday Gisteren Tomorrow Morgen in %1 hours in %1 uur %1 hours ago %1 uur/uren geleden DB: Rename: '%1' already in use DB: Hernoemen: '%1' al in gebruik DB: Entry to rename not found: %1 DB: toegang tot naam niet gevonden:%1 DB: Write error %1 - %2 DB: schrijffout %1 - %2 Out of data Geen gegevens meer Error finding endmarker of string Fout bij het vinden van einde markering van tekenreeks Out of Memory at %1:%2 Geheugen vol op %1:%2 All files ( * ) Alle bestanden ( * ) Import RSA key RSA-sleutel importeren PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; SSH Public Keys ( *.pub );; PKI Sleutels ( *.pem *.der *.key );; PKCS#8 Sleutels ( *.p8 *.pk8 );; SSH Openbare Sleutels ( *.pub );; PKCS#10 CSR ( *.pem *.der *.csr );; PKCS#10 CSR ( *.pem *.der *.csr );; Import Request Importeer verzoek Certificates ( *.pem *.der *.crt *.cer );; Certificaten ( *.pem *.der *.crt *.cer );; Import X.509 Certificate Importeer X.509 certificaat PKCS#7 data ( *.p7s *.p7m *.p7b );; PKCS#7 data ( *.p7s *.p7m *.p7b );; Import PKCS#7 Certificates Importeer PKCS#7 certificaten PKCS#12 Certificates ( *.p12 *.pfx );; PKCS#12 certificaten ( *.p12 *.pfx );; Import PKCS#12 Private Certificate Importeer PKCS#12 privé certificaat XCA templates ( *.xca );; XCA sjablonen ( *.xca );; Import XCA Templates XCA sjablonen importeren Revocation lists ( *.pem *.der *.crl );; Intrekkingslijsten ( *.pem *.der *.crl );; Import Certificate Revocation List Certificaatintrekkingslijst importeren XCA Databases ( *.xdb );; XCA databases ( *.xdb );; Open XCA Database Open XCA database PKCS#11 library ( *.dll );; PKCS#11 bibliotheek ( *.dll );; PKCS#11 library ( *.dylib *.so );; PKCS#11 bibliotheek ( *.dylib *.so );; PKCS#11 library ( *.so );; PKCS#11 bibliotheek ( *.so );; Open PKCS#11 shared library Open PKCS#11 gedeelde bibliotheek bestand PEM files ( *.pem );; PEM bestanden ( *.pem );; Load PEM encoded file PEM gecodeerd bestand laden Please enter the PIN on the PinPad Voer de PIN in op het PIN ingave apparaat Please enter the SO PIN (PUK) of the token %1 Voer de SO PIN (PUK) van het token %1 in Please enter the PIN of the token %1 Voer de PIN van het token %1 in No Security token found Geen beveiligingstoken gevonden Select Selecteer Please enter the new SO PIN (PUK) for the token: '%1' Voer de nieuwe SO PIN (PUK) voor het token: '%1' in Please enter the new PIN for the token: '%1' Voer de nieuwe PIN voor het token: '%1' in Required PIN size: %1 - %2 Vereiste PIN grootte: %1 - %2 Failed to open PKCS11 library: %1: %2 Openen van PKCS#11-bibliotheek bestand is mislukt: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Dit lijkt geen PKCS#11 bibliotheek bestand. Teken: 'C_GetFunctionList' not found. Disabled Uitgeschakeld Library loading failed Laden van bibliotheek bestand is mislukt PKCS#11 function '%1' failed: %2 PKCS#11 functie '%1' is mislukt: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 PKCS#11 functie '%1' is mislukt: %2 In bibliotheek bestand %3 %4 Invalid Ongeldig %1 is shorter than %2 bytes: '%3' %1 is korter dan %2 bytes: '%3' %1 is longer than %2 bytes: '%3' %1 is langer dan %2 bytes: '%3' String '%1' for '%2' contains invalid characters Tekenreeks '%1' voor '%2' bevat ongeldige tekens Error reading config file %1 at line %2 Fout bij het lezen van configuratiebestand %1 op regel %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. Het object '%1' van bestand %2 op regel %3 staat al bekend als '%4:%5:%6' en moet worden verwijderd. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. De ID %1 voor OID %2 uit bestand %3 op regel %4 wordt al voor een andere OID gebruikt als %5:%6:%7 en moet worden gewijzigd om conflicten te voorkomen. Unknown object '%1' in file %2 line %3 Onbekend object '%1' in bestand %2 op regel %3 Failed to start a database transaction Starten van database transactie is mislukt ReqTreeView Sign Ondertekenen Unmark signed Niet ondertekend Mark signed Ondertekend Similar Request Gelijksoortig verzoek RevocationList Manage revocations Beheer intrekkingen Add Toevoegen Delete Verwijderen Edit Bewerken No. No. Serial Serienummer Revocation Intrekking Reason Reden Invalidation Ongeldigverklaring Generate CRL Genereer CRL Revoke Certificate revocation Intrekken van certificaat Revocation details Details voor intrekken Revocation reason Reden van intrekken Local time Lokale tijdstip Invalid since Niet geldig sinds Serial Serienummer SearchPkcs11 Directory Directory (X.500) ... ... Include subdirectories Subdirectories opnemen Search Zoeken The following files are possible PKCS#11 libraries De volgende bestanden zijn mogelijk PKCS#11 bibliotheken SelectToken Security token Beveiligingstoken Please select the security token Selecteer het beveiligingstoken TempTreeView Duplicate Dupliceren Create certificate Certificaat aanmaken Create request Verzoek creëren copy kopiëren Validity yyyy-MM-dd hh:mm yyyy-MM-dd hh:mm X509SuperTreeView OpenSSL config OpenSSL configuratie Transform Transformeren Template Sjablonen Public key Openbare sleutel XcaTreeView Subject entries Onderwerp gegevens X509v3 Extensions X.509v3 Uitbreidingen Netscape extensions Netscape uitbreidingen Reset Reset Hide Column Kolom verbergen Details Details Columns Kolommen New Nieuw Import Import Paste PEM data Plak PEM gegevens Rename Hernoemen Properties Eigenschappen Delete Verwijderen Export Exporteren Clipboard Klembord File Bestand db_base Internal name Interne naam No. No. Primary key Hoofdsleutel Database unique number Database uniek nummer Date Datum Date of creation or insertion Datum van creatie of invoeging Source Bron Generated, Imported, Transformed Gegenereerd, Geïmporteerd, Getransformeerd Comment Commentaar First line of the comment field Eerste regel van het opmerkingenveld Could not create directory %1 Maken van folder is mislukt %1 Item properties Item eigenschappen How to export the %1 selected items Hoe moeten de %1 geselecteerde items geëxporteerd worden All in one PEM file Alles in één PEM bestand Each item in one file Elk item in één bestand Save %1 items in one file as Sla %1 items in één bestand op als PEM files ( *.pem );; All files ( * ) PEM bestanden ( *.pem );; Alle bestanden ( * ) db_crl Signer Ondertekenaar Internal name of the signer Interne naam van de ondertekenaar No. revoked No. ingetrokken Number of revoked certificates Aantal ingetrokken certificaten Last update Laatste update Next update Volgende update CRL number CRL nummer The revocation list already exists in the database as: '%1' and so it was not imported De intrekkingslijst bestaat al in de database als: '%1' en dus werd het niet geïmporteerd Revocation list export Intrekkingslijst exporteren CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) There are no CA certificates for CRL generation Er zijn geen CA certificaten voor CRL-generatie Select CA certificate Selecteer CA certificaat Create CRL creëer een CRL Failed to initiate DB transaction Kan DB-transactie niet starten Database error: %1 Database fout: %1 db_key Type Type Size Grootte EC Group EC Groep Use Gebruik Password Wachtwoord The key is already in the database as: '%1' and is not going to be imported De sleutel staat al in de database als: '%1' en wordt niet geïmporteerd The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key De database bevat al het openbare gedeelte van de geïmporteerde sleutel als '%1' en wordt voltooid door het nieuwe, privégedeelte van de sleutel Extending public key from %1 by imported key '%2' Openbare sleutel uitbreiden van %1 door geïmporteerde sleutel '%2' Key size too small ! Sleutellengte te klein ! You are sure to create a key of the size: %1 ? Bent u zeker om een sleutel van deze grootte te maken: %1 ? PEM public PEM openbaar SSH2 public SSH2 openbaar PEM private PEM privé Export keys to Clipboard Exporteer sleutels naar het klembord Clipboard Klembord Export public key [%1] Openbare sleutel exporteren [%1] DER public DER openbaar DER private DER privé PEM encryped PEM versleuteld PKCS#8 encrypted PKCS#8 versleuteld Export private key [%1] privé-sleutel exporteren [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Privé-sleutels ( *.pem *.der *.pk8 );; SSH Openbare sleutels ( *.pub ) Tried to change password of a token Het wachtwoord van een token is geprobeerd te wijzigen db_temp Bad template: %1 Incorrect sjabloon: %1 Empty template Lege sjabloon Preset Template values Preset-sjabloonwaarden Save template as Sla sjabloon op als XCA templates ( *.xca );; All files ( * ) XCA sjablonen ( *.xca );; Alle bestanden ( * ) db_x509 CA Certificaat Autoriteit (CA) reflects the basic Constraints extension weerspiegelt de basisbeperkingen uitbreiding Serial Serienummer Start date Startdatum Expiry date Vervaldatum MD5 fingerprint MD5 fingerprint SHA1 fingerprint SHA1 fingerprint SHA256 fingerprint SHA256 fingerprint Not before Niet voor Not after Niet na Revocation Intrekking CRL Expiration CRL Vervaldatum Plain View Tekst weergave Tree View Vertakkingen overzicht Failed to retrieve unique random serial Het ophalen van een uniek willekeurig getal is mislukt The certificate already exists in the database as: '%1' and so it was not imported Het certificaat bestaat al in de database als: '%1' en dus werd het niet geïmporteerd Signed on %1 by '%2' Ondertekend op %1 door '%2' Unknown Onbekend Invalid public key Ongeldige openbare sleutel PKCS#7 unrevoked PKCS#7 niet ingetrokken PEM unrevoked PEM niet ingetrokken vCalendar vCalendar CA vCalendar CA vCalendar days dagen No template Geen sjabloon The key you selected for signing is not a private one. De sleutel die geselecteerd is voor ondertekening, is geen privésleutel. Store the certificate to the key on the token '%1 (#%2)' ? Sla het certificaat op de sleutel op, op token '%1 (#%2)' ? PEM chain PEM reeks PKCS#7 chain PKCS#7 reeks PKCS#12 chain PKCS#12 reeks PKCS#7 all PKCS#7-alles PEM + key PEM + sleutel PEM all PEM alles Certificate Index file Certificaat index bestand Certificate export Certificaat export X509 Certificates ( *.pem *.cer *.crt *.p12 *.p7b ) X.509 Certificaten ( *.pem *.cer *.crt *.p12 *.p7b ) There was no key found for the Certificate: '%1' Er is geen sleutel gevonden voor het certificaat: '%1' Not possible for a token key: '%1' Niet mogelijk voor een tokensleutel: '%1' Not possible for the token-key Certificate '%1' Niet mogelijk voor het tokensleutel-certificaat '%1' db_x509name Subject Onderwerp Complete distinguished name Volledige DistinguishedName (DN) invullen Subject hash Onderwerp hash Hash to lookup certs in directories Hash om certificaten op te zoeken in directories db_x509req Signed Ondertekend whether the request is already signed or not of het verzoek al ondertekend is of niet Unstructured name Ongestructureerde naam Challenge password Challenge wachtwoord Certificate count Certificaat aantal Number of certificates in the database with the same public key Certificaat aantal met de zelfde openbare sleutel in de database The certificate signing request already exists in the database as '%1' and thus was not stored Het ondertekenverzoek voor certificaten bestaat al in de database als '%1' en werd dus niet opgeslagen Certificate request export Exporteren van certificaat verzoeken Certificate request ( *.pem *.der *.csr ) Certificaataanvraag (* .pem * .der * .csr) db_x509super Key name Sleutelnaam Internal name of the key Interne naam van de sleutel Signature algorithm Handtekening algoritme Extracted from %1 '%2' Geëxtraheerd van %1 '%2' Certificate Certificaat Certificate request Certificaat verzoek Save as OpenSSL config Opslaan als OpenSSL-configuratie Config files ( *.conf *.cnf);; All files ( * ) Configuratiebestanden ( *.conf *.cnf);; Alle bestanden ( * ) The following extensions were not ported into the template De volgende uitbreidingen zijn niet in het sjabloon opgenomen Transformed from %1 '%2' Getransformeerd van %1 '%2' kvView Type Type Content Inhoud pass_info Password Wachtwoord PIN PIN pki_base Error opening file: '%1': %2 Fout bij openen van bestand: '%1':%2 Unknown Onbekend Imported geïmporteerd Generated Gegenereerd Transformed Getransformeerd Token Token Legacy Database Legacy database Renewed Vernieuwd Internal error: Unexpected message: %1 %2 Interne fout: Onverwacht bericht: %1 %2 pki_crl Successfully imported the revocation list '%1' De intrekkingslijst '%1' is succesvol geïmporteerd Delete the revocation list '%1'? Verwijder de intrekkingslijst '%1'? Successfully created the revocation list '%1' De intrekkingslijst '%1' is succesvol aangemaakt Delete the %1 revocation lists: %2? Verwijder de %1 intrekkingslijsten: %2? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. Kan de intrekkingslijst niet laden in bestand %1. Geprobeerd met PEM en DER geformatteerde CRL. No issuer given Geen uitgever genoemd Wrong Size %1 Verkeerde grootte %1 Renew CRL: %1 CRL vernieuwen: %1 The XCA CRL '%1', issued by the CA '%2' on %3 will expire on %4. It is stored in the XCA database '%5' De XCA CRL '%1', uitgegeven door CA '%2' op %3, en vervalt op %4. De CRL is opgeslagen in de XCA database '%5' pki_evp Failed to decrypt the key (bad password) %1 Decoderen van de sleutel niet gelukt (onjuist wachtwoord) %1 Please enter the password to decrypt the private key. Voer het wachtwoord in om de privé-sleutel te decoderen. The key from file '%1' is incomplete or inconsistent. De sleutel van bestand '%1' is onvolledig of inconsistent. Please enter the password to decrypt the private key from file: %1 Voer het wachtwoord in om de privé-sleutel uit het bestand te decoderen: %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. Laden van de privé-sleutel in bestand %1 niet mogelijk. Gebruikte methoden PEM- en DER privé, openbaar, PKCS#8 sleuteltypen en SSH2 formaat. Ignoring unsupported private key Niet-ondersteunde privé-sleutel wordt genegeerd Please enter the password to decrypt the private key: '%1' Voer het wachtwoord in om de privé-sleutel te decoderen: '%1' Password input aborted Wachtwoordinvoer afgebroken Please enter the database password for decrypting the key '%1' Voer het database wachtwoord in voor het decoderen van de sleutel '%1' Please enter the password to protect the private key: '%1' Voer het wachtwoord in om de privé-sleutel te coderen: '%1' Please enter the database password for encrypting the key Voer het database wachtwoord in om de sleutel te versleutelen Please enter the password protecting the PKCS#8 key '%1' Voer het wachtwoord in dat de PKCS#8-sleutel '%1' beschermt Please enter the export password for the private key '%1' Voer het exportwachtwoord in voor de privé-sleutel '%1' pki_key Successfully imported the %1 public key '%2' De %1-openbare sleutel '%2' is succesvol geïmporteerd Delete the %1 public key '%2'? De %1 openbare sleutel '%2' verwijderen? Successfully imported the %1 private key '%2' De %1 privé-sleutel '%2' is geïmporteerd Delete the %1 private key '%2'? De %1 privé-sleutel '%2' verwijderen? Successfully created the %1 private key '%2' De %1 privé-sleutel '%2' is succesvol aangemaakt Delete the %1 keys: %2? Verwijder de %1-sleutels: %2? Public key Openbare sleutel Common Gemeenschappelijk Private Privé Bogus Onzin PIN PIN No password Geen wachtwoord Unexpected SSH2 content: '%1' Onverwachte SSH2 inhoud: '%1' Invalid SSH2 public key Ongeldige openbare SSH2-sleutel Failed writing to %1 Schrijven naar %1 is mislukt pki_multi No known PEM encoded items found Geen bekende PEM gecodeerde items gevonden pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 Voer het wachtwoord in om het PKCS#12 bestand te decoderen: %1 Unable to load the PKCS#12 (pfx) file %1. Laden van PKCS#12 (pfx) bestand %1 is mislukt. The supplied password was wrong (%1) Het opgegeven wachtwoord was fout (%1) Please enter the password to encrypt the PKCS#12 file Voer het wachtwoord in om het PKCS#12 bestand te versleutelen No key or no Cert and no pkcs12 Geen sleutel of Cert én geen PKCS#12 pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. Kon het PKCS#7 bestand %1 niet laden. Geprobeerd met PEM- en DER-formaat. pki_scard Successfully imported the token key '%1' De token-sleutel '%1' is succesvol geïmporteerd Delete the token key '%1'? De token-sleutel '%1' verwijderen? Successfully created the token key '%1' De token-sleutel '%1' is succesvol aangemaakt Delete the %1 keys: %2? Verwijder de %1-sleutels: %2? Delete the private key '%1' from the token '%2 (#%3)' ? Verwijder de privé-sleutel '%1' uit het token '%2 (#%3)' ? This Key is already on the token Deze sleutel bevindt zich al in het token PIN input aborted PIN-invoer afgebroken Unable to find copied key on the token De gekopieerde sleutel is niet gevonden op het token Please insert card: %1 %2 [%3] with Serial: %4 Voer de kaart in: %1 %2 [%3] met het serienummer: %4 Illegal Key generation method Illegale methode voor het genereren van sleutels Unable to find generated key on card Kan gegenereerde sleutel niet vinden op kaart Ignoring unsupported token key Niet-ondersteunde token-sleutel negeren Wrong Size %1 Verkeerde grootte %1 Token %1 Token %1 Failed to find the key on the token De sleutel op het token is niet gevonden Invalid Pin for the token Ongeldige PIN voor het token Failed to initialize the key on the token Initialiseren van de sleutel op het token is mislukt pki_temp Successfully imported the XCA template '%1' Het XCA sjabloon '%1' is succesvol geïmporteerd Delete the XCA template '%1'? Het XCA sjabloon '%1' verwijderen? Successfully created the XCA template '%1' Het XCA sjabloon '%1' is succesvol aangemaakt Delete the %1 XCA templates: %2? Verwijder de %1 XCA sjablonen: %2? Wrong Size %1 Verkeerde grootte %1 Template file content error (too small) Sjabloon bestand bevat inhoudsfout (te klein) Not a PEM encoded XCA Template Geen PEM gecodeerd XCA sjabloon Not an XCA Template, but '%1' Geen XCA sjabloon, maar '%1' pki_x509 Successfully imported the certificate '%1' Het certificaat '%1' is succesvol geïmporteerd Delete the certificate '%1'? Het certificaat '%1' verwijderen? Successfully created the certificate '%1' Het certificaat '%1' is succesvol aangemaakt Delete the %1 certificates: %2? Verwijder de '%1' certificaten : %2? Unable to load the certificate in file %1. Tried PEM and DER certificate. Kon het certificaat niet laden in bestand %1. Geprobeerd met PEM- en DER-certificaat. This certificate is already on the security token Dit certificaat bevindt zich al in het beveiligingstoken Delete the certificate '%1' from the token '%2 (#%3)'? Verwijder het certificaat '%1' van het token '%2 (#%3)'? There is no key for signing ! Er is geen sleutel voor ondertekening ! Wrong Size %1 Verkeerde grootte %1 No Nee Yes Ja Renew certificate: %1 Certificaat vernieuwen: %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' Het XCA certificaat '%1', uitgegeven op %2, vervalt op %3. Het certificaat is opgeslagen in de XCA database '%4' CRL Renewal of CA '%1' due CRL Vernieuwing van CA nodig op '%1' The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' De laatste CRL uitgegeven door CA '%1' vervalt op %2. Het is opgeslagen in de XCA database '%3' pki_x509req Signing key not valid (public key) Sleutel voor ondertekening is niet geldig (openbare sleutel) Successfully imported the %1 certificate request '%2' Het %1 certificaatverzoek '%2' is succesvol geïmporteerd Delete the %1 certificate request '%2'? Verwijder het %1 certificaatverzoek '%2'? Successfully created the %1 certificate request '%2' Het %1 certificaatverzoek '%2' is succesvol aangemaakt Delete the %1 certificate requests: %2? Verwijder de %1 certificaatverzoeken: %2? Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. Het certificaatverzoek is niet geladen in bestand %1. Geprobeerd met PEM-, DER- en SPKAC formaat. Wrong Size %1 Verkeerde grootte %1 Signed Ondertekend Unhandled Onverwerkt v3ext Copy Common Name CommonName (CN) kopiëren Add Toevoegen Delete Verwijderen Apply Toepassen Validate Valideren Cancel Annuleren An email address or 'copy' Een e-mailadres of 'kopie' An email address Een e-mailadres A registered ID: OBJECT IDENTIFIER Een geregistreerd ID: OBJECT IDENTIFIER A uniform resource indicator A uniform resource indicator A DNS domain name or 'copycn' Een DNS domeinnaam of 'copycn' A DNS domain name Een DNS domeinnaam An IP address Een IP adres Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' Syntaxis: <OID>;TYPE:tekst als '1.2.3.4:UTF8:naam' No editing. Only 'copy' allowed here Validation failed: '%1' %2 Validatie mislukt: '%1' %2 Validation successful: '%1' Validatie succesvol: '%1' xca-RELEASE.2.2.1/lang/xca_ja.ts0000644000175000017500000046501213614632167015443 0ustar tewardteward CaProperties CA Properties CAプロパティ Days until next CRL issuing 次のCRL発行までの日数 Default template デフォルトテンプレート CertDetail Details of the Certificate 証明書の詳細 Serial シリアル番号 The serial number of the certificate 証明書のシリアル番号 The internal name of the certificate in the database データベース内の証明書内部名 Status ステータス Internal name 内部名 Signature 署名アルゴリズム Key 秘密キー Fingerprints フィンガープリント MD5 MD5 An md5 hashsum of the certificate 証明書のMD5ハッシュ SHA1 SHA1 A SHA-1 hashsum of the certificate 証明書のSHA-1ハッシュ SHA256 SHA256 A SHA-256 hashsum of the certificate 証明書のSHA-256ハッシュ Validity 有効性 The time since the certificate is valid 証明書が有効になってからの時間 The time until the certificate is valid 証明書が有効になるまでの時間 Subject サブジェクト Issuer 発行者 Extensions 拡張キー Comment コメント Attributes 属性 Show config コンフィグを表示 Show extensions 拡張キーを表示 Show public key 公開キーを表示 This key is not in the database. このキーはデータベースに存在しません。 Not available 使用不可 Signer unknown 署名者不明 Self signed 自己署名 Revoked at %1 %1で取り消し Not valid 無効 Valid 有効 Details of the certificate signing request 証明書署名要求の詳細 CertExtend Certificate renewal 証明書の更新 This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. これにより、新しいシリアル番号と修正された有効値を持つ古い証明書のコピーとして、新しい証明書が作成されます。 Validity 有効性 Not before 前ではない Not after 以降でない Time range 時間の範囲 Local time ローカル時間 Days Months Years No well-defined expiration 有効期限が明確に定義されていない Midnight 深夜時間 Apply 適用 Revoke old certificate 古い証明書の失効 Keep serial number シリアル番号を保持 The certificate will be earlier valid than the signer. This is probably not what you want. 証明書は署名者よりも前に有効になります。これはおそらくあなたが望むものではありません。 Edit dates 日付の編集 Abort rollout 展開の中止 Continue rollout 展開を続ける Adjust date and continue 日付を調整して続行 The certificate will be longer valid than the signer. This is probably not what you want. 証明書は署名者よりも有効期間が長くなります。これはおそらくあなたが望むものではありません。 CertTreeView Import PKCS#12 PKCS#12形式でインポート Import from PKCS#7 PKCS#7形式でインポート Request リクエスト Security token セキュリティトークン Other token その他のトークン Similar Certificate 類似の証明書 Delete from Security token セキュリティトークンから削除 CA CA Properties プロパティ Generate CRL CRLを作成 Manage revocations 失効の管理 Renewal 更新 Revoke 失効 Unrevoke 失効の取消 ClickLabel Double click for details ダブルクリックして詳細を表示 CrlDetail Details of the Revocation list 失効リストの詳細 &Status ステータス(&S) Version バージョン Signature 署名アルゴリズム Signed by 署名者: Name 名前 The internal name of the CRL in the database データベース内のCRL内部名 issuing dates 発行日 Next update 次回の更新 Last update 最後の更新 &Issuer 発行者(&I) &Extensions 拡張キー(&E) &Revocation list 失効リスト(&R) Comment コメント Failed 失敗 Unknown signer 不明な署名者 Verification not possible 検証できません ExportDialog Name 名前 The internal name of the CRL in the database データベース内のCRL内部名 ... ... Filename ファイル名 Export comment into PEM file コメントをPEMファイルにエクスポート Export Format エクスポートフォーマット All files ( * ) All files ( * ) PEM Text format with headers ヘッダ付きPEMテキスト形式 Concatenated list of all selected items in one PEM text file 1つのPEMテキストファイルで選択されたすべての項目を連結したリスト Concatenated text format of the complete certificate chain in one PEM file 1つのPEMファイル内の完全な証明書チェーンの連結テキスト形式 Concatenated text format of all certificates in one PEM file 1つのPEMファイルにすべての証明書を連結したテキスト形式 Binary DER encoded file バイナリDERエンコードファイル PKCS#7 encoded single certificate PKCS#7でエンコードされた単一の証明書 PKCS#7 encoded complete certificate chain PKCS#7エンコードされた完全な証明書チェーン Concatenated text format of all unrevoked certificates in one PEM file 1つのPEMファイル内の失効していないすべての証明書を連結したテキスト形式 All unrevoked certificates encoded in one PKCS#7 file 1つのPKCS#7ファイルにエンコードされた、失効していないすべての証明書 All selected certificates encoded in one PKCS#7 file 選択されたすべての証明書が1つのPKCS#7ファイルにエンコードされている All certificates encoded in one PKCS#7 file 1つのPKCS#7ファイルにエンコードされたすべての証明書 The certificate and the private key as encrypted PKCS#12 file 暗号化されたPKCS#12ファイルとしての証明書と秘密キー The complete certificate chain and the private key as encrypted PKCS#12 file 完全な証明書チェーンと暗号化されたPKCS#12ファイルとしての秘密キー Concatenation of the certificate and the unencrypted private key in one PEM file 1つのPEMファイルでの証明書と暗号化されていない秘密キーの連結 Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file 証明書と暗号化された秘密キーをPKCS#8形式で1つのファイルに連結したもの Text format of the public key in one PEM file 1つのPEMファイル内の公開キーのテキスト形式 Binary DER format of the public key 公開キーのバイナリDERフォーマット Unencrypted private key in text format テキスト形式の暗号化されていない秘密キー OpenSSL specific encrypted private key in text format OpenSSL固有の暗号化された秘密キー (テキスト形式) Unencrypted private key in binary DER format バイナリDER形式の暗号化されていない秘密キー Unencrypted private key in PKCS#8 text format PKCS#8テキスト形式の暗号化されていない非公開キー Encrypted private key in PKCS#8 text format 暗号化された秘密キー (PKCS#8テキスト形式) The public key encoded in SSH2 format SSH2形式でエンコードされた公開キー OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool 'CA'コマンドで作成され、OCSPツールで必要なOpenSSL固有の証明書インデックスファイル vCalendar expiry reminder for the selected items 選択したアイテムのvCalendar有効期限リマインダ vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL 発行されたすべての有効な証明書、CA自体、および最新のCRLを含むvCalendar有効期限リマインダ The file: '%1' already exists! ファイル「%1 」はすでに存在します! Overwrite 上書き Do not overwrite 上書きしない Help << << >> >> &Done 完了(&D) ImportMulti Import PKI Items PKI項目のインポート Import &All すべてインポート(&A) &Import インポート(&I) &Done 完了(&D) &Remove from list リストから削除(&R) Details 詳細 Delete from token トークンから削除 Rename on token トークンの名前を変更 Name: %1 Model: %2 Serial: %3 製品名: %1 モデル名: %2 シリアル番号: %3 Manage security token セキュリティトークンを管理 Details of the item '%1' cannot be shown アイテム「%1 」の詳細を表示できません The type of the item '%1' is not recognized アイテムのタイプ「%1 」が認識されません The file '%1' did not contain PKI data ファイル「%1 」にPKIデータが含まれていませんでした The %1 files: '%2' did not contain PKI data %1ファイル:「%2 」にPKIデータが含まれていませんでした ItemProperties Name 名前 Source ソース Insertion date 挿入日 Comment コメント KeyDetail Name 名前 The internal name of the key used by xca xcaが使用するキーの内部名 Security token セキュリティトークン Manufacturer 製造元 Serial シリアル Key キー Public Exponent 公開指数 Keysize キー長 Private Exponent 秘密指数 Security Token セキュリティトークン Label ラベル PKCS#11 ID PKCS#11 ID Token information トークン情報 Model モデル Fingerprint フィンガープリント Comment コメント Details of the %1 key %1キーの詳細 Not available 使用不可 Available 使用可能 Sub prime サブプライム Public key 公開キー Private key 秘密キー Curve name カーブ名 Unknown key 不明なキー KeyTreeView Change password パスワードの変更 Reset password パスワードリセット Change PIN PINコード変更 Init PIN with SO PIN (PUK) SO PIN (PUK)でPINを初期化します Change SO PIN (PUK) SO PIN (PUK)を変更 Security token セキュリティトークン This is not a token これはトークンではありません Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable 元のキー「%1 」をトークンのキーに置き換えますか? キー「%1 」が削除され、エクスポートできなくなります。 MainWindow Private Keys 秘密キー &New Key 新しい秘密キー(&N) &Export エクスポート(&E) &Import インポート Import PFX (PKCS#12) PFX (PKCS#12)形式でインポート &Show Details 詳細を表示 &Delete 削除(&D) Certificate signing requests 証明書署名要求 &New Request 署名リクエスト(&N) Certificates 署名済証明書 &New Certificate 新しい証明書を作成(&N) Import &PKCS#12 PKCS#12形式でインポート(&P) Import P&KCS#7 PKCS#7形式でインポート(&K) Plain View プレイン表示 Templates テンプレート &New Template 新しいテンプレート(&N) &New CRL 新しいCRLを作成(&N) Ch&ange Template テンプレートを変更(&a) Revocation lists 失効リスト Using or exporting private keys will not be possible without providing the correct password 正しいパスワードを入力しないと、秘密キーの使用またはエクスポートはできません。 Database データベース The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. 現在使用されているデフォルトハッシュ「%1」は安全ではありません。セキュリティ上の理由から、少なくとも「SHA 224」を選択してください。 Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format 旧バージョンのデータベース形式が検出されました。「%1」という名前のバックアップコピーを作成し、データベースを新しい形式に変換しています Failed to rename the database file, because the target already exists ターゲットがすでに存在するため、データベースファイルの名前を変更できませんでした No deleted items found 削除されたアイテムは見つかりませんでした Recent DataBases 最近使用したデータベース System システム言語 Croatian クロアチア語 English 英語 French フランス語 German ドイツ語 Russian ロシア語 Slovak スロバキア語 Spanish スペイン語 Polish ポーランド語 Italian イタリア語 Chinese 中国語 Dutch オランダ語 Portuguese in Brazil ポルトガル語(ブラジル) Turkish トルコ語 Language 言語 &File ファイル(&F) Open Remote DataBase リモートデータベースを開く Set as default DataBase デフォルトデータベースに指定する New DataBase 新しいデータベース Open DataBase データベースを開く Close DataBase データベースを閉じる Options オプション Exit 終了 I&mport インポート(&m) Keys 秘密キー Requests 証明書署名要求を作成 PKCS#12 PKCS#12 PKCS#7 PKCS#7 Template テンプレート Revocation list 失効リスト PEM file PEMファイル Paste PEM file PEMファイルを貼り付け Token トークン Export Certificate &Index hierarchy 証明書とインデックスの階層をエクスポート Content コンテンツ &Manage Security token セキュリティトークンを管理(&M) &Init Security token セキュリティトークンを初期化(&I) &Change PIN PINを変更(&C) Change &SO PIN SO PINを変更(&S) Init PIN PINを初期化 Extra 追加 &Dump DataBase データベースをダンプ(&D) &Export Certificate Index 証明書インデックスのエクスポート(&E) C&hange DataBase password データベースパスワードの変更(&h) &Undelete items 削除取り消し(&U) Generate DH parameter DH parameterを生成 OID Resolver OID 検索 &Help ヘルプ(&H) About XCAについて no such option: %1 そのようなオプションはありません:%1 Import PEM data PEMデータを読み込む Please enter the original SO PIN (PUK) of the token '%1' トークン'%1'の元のSO PIN(PUK)を入力してください Search 検索 Please enter the new SO PIN (PUK) for the token '%1' トークン'%1'の新しいSO PIN(PUK)を入力してください The new label of the token '%1' トークン'%1'の新しいラベル The token '%1' did not contain any keys or certificates トークン「%1」にキーまたは証明書が含まれていませんでした Current Password 現在のパスワード Please enter the current database password 現在のデータベースパスワードを入力してください The entered password is wrong 入力したパスワードが間違っています New Password 新しいパスワード Please enter the new password to encrypt your private keys in the database-file データベースファイルの秘密キーを暗号化するための新しいパスワードを入力してください Transaction start failed トランザクションの開始に失敗しました Please enter a password, that will be used to encrypt your private keys in the database: %1 データベースの秘密キーを暗号化するためのパスワードを入力してください: %1 Password verify error, please try again パスワード確認エラーです。再試行してください Password パスワード Please enter the password for unlocking the database: %1 データベースのロックを解除するためのパスワードを入力してください: %1 The following error occurred: 次のエラーが発生しました: Copy to Clipboard クリップボードにコピー Certificate Index ( index.txt ) 証明書インデックス(index。テキスト) All files ( * ) All files ( * ) Diffie-Hellman parameters saved as: %1 Diffie-Hellmanパラメータを%1として保存しました Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits Diffie-Hellmanパラメータはさまざまなアプリケーションに必要ですが、XCAでは処理されません。 DHパラメータビットを入力してください NewCrl Last update 最後の更新 Next update 最後の更新 Days Months Years Midnight 深夜時間 Local time ローカル時間 Apply 適用 Options オプション CRL number CRL番号 Subject alternative name サブジェクト代替名 Revocation reasons 失効理由 Authority key identifier 機関キー識別子 Hash algorithm ハッシュアルゴリズム NewKey Please give a name to the new key and select the desired keysize 新しい秘密キーに名前を付けて、目的の秘密キーサイズを選択してください Key properties 秘密キーのプロパティ Name 名前 The internal name of the new key 新しい秘密キーの内部名 Curve name カーブ名 Usually at least 2048 bit keys are recommended 通常は少なくとも2048ビットの秘密キーを推奨します。 New Key 新しい秘密キー Keysize キー長 Keytype 暗号タイプ Remember as default デフォルトとして保存 Create 作成 NewX509 Source ソース Signing request 署名リクエスト Show request リクエストを表示 Sign this Certificate signing &request この証明書署名要求に署名する Copy extensions from the request 要求からの拡張キーのコピー Modify subject of the request 証明書署名要求のサブジェクトを変更する Signing 署名 Create a &self signed certificate 自己署名証明書を作成(&s) Use &this Certificate for signing 署名にこの証明書を使用(&t) All certificates in your database that can create valid signatures 有効な署名を作成できるデータベース内のすべての証明書 Signature algorithm 署名アルゴリズム Template for the new certificate 新しい証明書のテンプレート All available templates 使用可能なすべてのテンプレート Apply extensions 拡張キーの適用 Apply subject サブジェクトに適用 Apply all すべてに適用 Subject サブジェクト Internal Name 内部名 Distinguished name 識別名 Add 追加 Delete 削除 Private key 秘密キー This list only contains unused keys このリストには未使用のキーのみが含まれています Used keys too 使用しているキー &Generate a new key 新しい秘密キーを生成(&G) Extensions 拡張キー Type サブジェクトタイプ If this will become a CA certificate or not これがCA証明書になるかどうか Not defined Not defined Certification Authority Certification Authority End Entity End Entity Path length Path length How much CAs may be below this. これより低いCAの数 The basic constraints should always be critical 基本的な制約は常に重要でなければならない Key identifier 機関キー識別子 Creates a hash of the key following the PKIX guidelines PKIXガイドラインに従って、キーのハッシュを作成します。 Copy the Subject Key Identifier from the issuer 発行者から機関キー識別子をコピーする Validity 有効期間 Not before 有効開始日 Not after 有効終了日 Time range 範囲 Days Months Years Apply 適用 Set the time to 00:00:00 and 23:59:59 respectively 時刻をそれぞれ00:00:00と23:59:59に設定します。 Midnight 深夜時間 Local time ローカル時間 No well-defined expiration 有効期限が明確に定義されていない DNS: IP: URI: email: RID: DNS: IP: URI: email: RID: Edit 編集 URI: URI: Key usage キー使用法 Netscape Netscape Advanced 詳細設定 Validate 検証 Comment コメント This name is only used internally and does not appear in the resulting certificate この名前は内部でのみ使用され、結果の証明書には表示されません。 Critical 重要 Create Certificate signing request 証明書署名要求の作成 minimum size: %1 最小サイズ:%1 maximum size: %1 最大サイズ:%1 only a-z A-Z 0-9 '()+,-./:=? a-z A-Z 0-9 '()+,-./:=?のみ only 7-bit clean characters 7ビットのみ Edit XCA template XCA テンプレートの編集 Create x509 Certificate x509証明書の作成 Template '%1' applied テンプレート「%1 」が適用されました Subject applied from template '%1' テンプレート'%1'から適用されたサブジェクト Extensions applied from template '%1' テンプレート'%1'から適用された拡張キー New key '%1' created 新しい秘密キー「%1」が作成されました Other Tabs その他のタブ Advanced Tab 詳細設定 タブ Errors エラー From PKCS#10 request PKCS#10要求 Abort rollout 展開の注視 The following length restrictions of RFC3280 are violated: RFC3280の次の長さ制限に違反しています: Edit subject サブジェクトを編集 Continue rollout 展開を続ける The verification of the Certificate request failed. The rollout should be aborted. 証明書要求の検証に失敗しました。 展開を中止してください。 Continue anyway 続行 The internal name and the common name are empty. Please set at least the internal name. 内部名とコモンネームが空です。 少なくとも内部名を設定してください。 Edit name 名前を変更 There is no Key selected for signing. 署名する秘密キーが選択されていません。 Select key 秘密キーを選択 The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. 次の識別名エントリは空です: %1 ただし、オプションメニューで必須として宣言しています。 The key you selected for signing is not a private one. 署名用に選択したキーは秘密キーではありません。 Select other signer 他の署名者を選択 Select other key 他の秘密キーを選択 The certificate will be earlier valid than the signer. This is probably not what you want. 証明書は署名者よりも前に有効になります。これはおそらくあなたが望むものではありません。 Edit dates 日時を変更 Adjust date and continue 日付を調整して続行 The certificate will be longer valid than the signer. This is probably not what you want. 証明書は署名者よりも有効期間が長くなります。これはおそらくあなたが望むものではありません。 The certificate will be out of date before it becomes valid. You most probably mixed up both dates. 証明書は有効になる前に期限切れになります。おそらく、あなたは両方の日付を間違えているでしょう。 The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. 証明書に無効な拡張キーまたは重複した拡張キーが含まれています。詳細タブで検証を確認します。 The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. 証明書に拡張キーが含まれていません。いずれかのテンプレートの拡張キーを適用して、証明書の目的を定義できます。 Edit extensions 拡張キーの編集 The subject alternative name shall contain a copy of the common name. However, the common name is empty. サブジェクト代替名は、コモンネームのコピーを含む。ただし、コモンネームは空です。 Configfile error on line %1 %1行目のコンフィグエラー OidResolver OID Resolver OID検索 Enter the OID, the Nid, or one of the textual representations OID、Nid、またはテキストのどれかを入力してください Search 検索 OID OID Long name 長い名前 OpenSSL internal ID OpenSSL内部ID Nid Nid Short name 短い名前 OpenDb Open remote database リモートデータベースを開く Database type データベースタイプ Hostname ホスト名 Username ユーザ名 Password パスワード Database name データベース名 Table prefix テーブルプレフィクス No SqLite3 driver available. Please install the qt-sqlite package of your distribution SQLite3ドライバがありません。お使いのディストリビューションのqt-sqliteパッケージをインストールしてください。 Please enter the password to access the database server %2 as user '%1'. ユーザ'%1'としてデータベースサーバ%2にアクセスするためのパスワードを入力してください。 The database driver does not support transactions. This may happen if the client and server have different versions. Continue with care. データベースドライバはトランザクションをサポートしていません。これは、クライアントとサーバーのバージョンが異なる場合に発生することがあります。注意して続けてください。 Options XCA Options XCA オプション Settings 設定 Default hash algorithm デフォルトハッシュアルゴリズム String types 文字列タイプ Suppress success messages 成功メッセージを表示しない Don't colorize expired certificates 期限切れの証明書に色を付けない Translate established x509 terms (%1 -> %2) x509用語を翻訳(%1->%2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. トークンのハッシュ機能は、XCAでは使用されません。 ただし、トークンによって伝搬される制限されたハッシュ・セットが優先される場合もあります。 特に、ECおよびDSAは、PKCS#11仕様ではSHA1でのみ定義されています。 Only use hashes supported by the token when signing with a token key トークン・キーによる署名時に、トークンがサポートするハッシュのみを使用する Disable legacy Netscape extensions Netscapeのレガシー拡張キーを無効にする Certificate expiry warning threshold 証明書有効期限警告しきい値 Send vCalendar expiry reminder vCalendarの有効期限の通知を送信する Serial number length シリアル番号の長さ bit ビット Distinguished name 識別名 Mandatory subject entries 必須のサブジェクトエントリ Add 追加 Delete 削除 Explicit subject entries 明示的なサブジェクトエントリ Dynamically arrange explicit subject entries 明示的なサブジェクトエントリを動的に配置する Default デフォルト PKCS#11 provider PKCS#11 プロバイダ Remove 削除 Search 検索 Printable string or UTF8 (default) 印刷可能な文字列またはUTF8(デフォルト) PKIX recommendation in RFC2459 RFC2459のPKIX勧告 No BMP strings, only printable and T61 BMP文字列なし、印刷可能およびT61のみ UTF8 strings only (RFC2459) UTF8文字列のみ(RFC2459) All strings すべての文字列 Days Weeks PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) パスワードは2桁の16進コードとして解析されます。偶数桁である必要があります(0-9およびa-f)。 Take as HEX string 16進文字列とみなす Repeat %1 繰り返し%1 %1 mismatch %1の不一致 Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters 16進パスワードには、「0 」-「9 」および「a 」-「f 」の文字のみを使用し、偶数の文字で構成する必要があります。 E&xit 終了(&x) QObject Undefined 未定義 Broken / Invalid 破損/無効 in %1 seconds %1秒以内 %1 seconds ago %1秒前 in %1 minutes %1分以内 %1 minutes ago %1分前 Yesterday 昨日 Tomorrow 明日 in %1 hours %1時間以内 %1 hours ago %1時間前 DB: Rename: '%1' already in use DB:名前変更:「%1 」はすでに使用されています DB: Entry to rename not found: %1 DB:名前を変更するエントリが見つかりません:%1 DB: Write error %1 - %2 DB:書き込みエラー%1-%2 Out of data データがありません Error finding endmarker of string 文字列のエンドマーカーの検索中にエラーが発生しました Out of Memory at %1:%2 %1のメモリ不足:%2 All files ( * ) All files ( * ) Import RSA key キーをインポート PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; SSH Public Keys ( *.pub );; PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; SSH Public Keys ( *.pub );; PKCS#10 CSR ( *.pem *.der *.csr );; PKCS#10 CSR ( *.pem *.der *.csr );; Import Request 証明書署名要求のインポート Certificates ( *.pem *.der *.crt *.cer );; Certificates ( *.pem *.der *.crt *.cer );; Import X.509 Certificate X.509形式の証明書をインポート PKCS#7 data ( *.p7s *.p7m *.p7b );; Import PKCS#7 Certificates PKCS#7形式の証明書のインポート PKCS#12 Certificates ( *.p12 *.pfx );; PKCS#12 Certificates ( *.p12 *.pfx );; Import PKCS#12 Private Certificate PKCS#12形式の秘密キー・証明書をインポート XCA templates ( *.xca );; XCA テンプレート ( *.xca );; Import XCA Templates XCAテンプレートのインポート Revocation lists ( *.pem *.der *.crl );; Revocation lists ( *.pem *.der *.crl );; Import Certificate Revocation List 失効証明書のインポート XCA Databases ( *.xdb );; XCA Databases ( *.xdb );; Open XCA Database XCAデータベースを開く PKCS#11 library ( *.dll );; PKCS#11 library ( *.dll );; PKCS#11 library ( *.dylib *.so );; PKCS#11 library ( *.dylib *.so );; PKCS#11 library ( *.so );; PKCS#11 library ( *.so );; Open PKCS#11 shared library PKCS#11共有ライブラリを開く PEM files ( *.pem );; PEM files ( *.pem );; Load PEM encoded file PEMエンコードファイルを読み込み Please enter the PIN on the PinPad ピンパッドにPINを入力してください Please enter the SO PIN (PUK) of the token %1 トークン%1のSO PIN(PUK)を入力してください Please enter the PIN of the token %1 トークン%1のPINを入力してください No Security token found セキュリティトークンが見つかりません Select 選択 Please enter the new SO PIN (PUK) for the token: '%1' トークン'%1'の新しいSO PIN(PUK)を入力してください Please enter the new PIN for the token: '%1' トークンの新しいPINを入力してください:'%1' Required PIN size: %1 - %2 必要なPINのサイズ:%1-%2 Failed to open PKCS11 library: %1: %2 PKCS11ライブラリ%1を開けませんでした:%2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. これはPKCS#11ライブラリとして認識できません。シンボル「C_GetFunctionList」が見つかりません。 Disabled 無効 Library loading failed ライブラリのロードに失敗しました PKCS#11 function '%1' failed: %2 PKCS#11関数「%1 」が失敗しました:%2 PKCS#11 function '%1' failed: %2 In library %3 %4 PKCS#11関数「%1 」が失敗しました:%2 ライブラリ%3内 %4 Invalid 無効 %1 is shorter than %2 bytes: '%3' %1は%2バイトより短い:'%3' %1 is longer than %2 bytes: '%3' %1は%2バイトを超えています:'%3 String '%1' for '%2' contains invalid characters 「%2 」の文字列「%1 」に無効な文字が含まれています Error reading config file %1 at line %2 %2行目の構成ファイル%1の読み取り中にエラーが発生しました The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. ファイル%2の行%3のオブジェクト「%1 」は既に「%4:%5:%6 」として知られているため、削除する必要があります。 The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. ファイル%3行%4のOID%2の識別子「%1 」は、別のOIDで「%5:%6:%7 」としてすでに使用されています。競合を避けるために変更する必要があります。 Unknown object '%1' in file %2 line %3 ファイル%2の%3行目に不明なオブジェクト「%1 」があります Failed to start a database transaction データベーストランザクションを開始できませんでした ReqTreeView Sign 署名 Unmark signed 署名済みのマークを解除 Mark signed 署名済みをマーク Similar Request 類似のリクエスト RevocationList Manage revocations 失効の管理 Add 追加 Delete 削除 Edit 編集 No. No. Serial シリアル Revocation 失効 Reason 理由 Invalidation 無効化 Generate CRL CRLの生成 Revoke Certificate revocation 証明書の失効 Revocation details 失効の詳細 Revocation reason 失効理由 Local time ローカル時間 Invalid since 無効な日付です Serial シリアル SearchPkcs11 Directory ディレクトリ ... ... Include subdirectories サブディレクトリを含める Search 検索 The following files are possible PKCS#11 libraries PKCS#11ライブラリには、次のファイルがあります。 SelectToken Security token セキュリティトークン Please select the security token セキュリティトークンを選択してください TempTreeView Duplicate 重複 Create certificate 証明書の作成 Create request リクエストの作成 copy コピー Validity yyyy-MM-dd hh:mm yyyy-MM-dd hh:mm X509SuperTreeView OpenSSL config OpenSSL コンフィグ Transform 変換 Template テンプレート Public key 公開キー XcaTreeView Subject entries サブジェクトエンティティ X509v3 Extensions X509v3拡張キー Netscape extensions Netscape 拡張キー Reset リセット Hide Column 項目を非表示 Details 詳細 Columns 項目 New 新規 Import インポート Paste PEM data PEMデータを貼り付け Rename リネーム Properties プロパティ Delete 削除 Export エクスポート Clipboard クリップボード File ファイル db_base Internal name 内部名 No. No. Primary key プライマリキー Database unique number データベースユニーク番号 Date 日付 Date of creation or insertion 作成または挿入の日付 Source ソース Generated, Imported, Transformed 生成済み、インポート済み、変換済み Comment コメント First line of the comment field コメントフィールドの最初の行 Could not create directory %1 ディレクトリ%1を作成できませんでした Item properties アイテムのプロパティ How to export the %1 selected items %1個の選択したアイテムをエクスポートする方法 All in one PEM file 1つのPEMファイル内のすべて Each item in one file 1つのファイル内の各アイテム Save %1 items in one file as %1アイテムを1つのファイルに次の名前で保存する: PEM files ( *.pem );; All files ( * ) PEM files ( *.pem );; All files ( * ) db_crl Signer 署名者 Internal name of the signer 署名者の内部名 No. revoked 廃止 Number of revoked certificates 失効した証明書の数 Last update 最後の更新 Next update 最後の更新 CRL number CRL番号 The revocation list already exists in the database as: '%1' and so it was not imported 失効リストはすでに次のようにデータベースに存在します: '%1' インポートされませんでした Revocation list export 失効リストのエクスポート CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) There are no CA certificates for CRL generation CRL生成のためのCA証明書がありません Select CA certificate CA証明書の選択 Create CRL CRLの作成 Failed to initiate DB transaction DBトランザクションを開始できませんでした Database error: %1 データベースエラー:%1 db_key Type タイプ Size キー長 EC Group EC グループ Use 用途 Password パスワード The key is already in the database as: '%1' and is not going to be imported キーはすでに次のようにデータベースに存在します: '%1' インポートされません。 The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key データベースには、インポートされたキーの公開部分がすでに次のように含まれています。 '%1 キーの新しいプライベート部分によって完了します。 Extending public key from %1 by imported key '%2' インポートされたキー'%2'によって%1から公開キーを拡張しています Key size too small ! キーサイズが小さすぎます! You are sure to create a key of the size: %1 ? サイズ%1のキーを作成しますか? PEM public PEM public SSH2 public SSH2 public PEM private PEM private Export keys to Clipboard キーをクリップボードにエクスポート Clipboard クリップボード Export public key [%1] 公開キーのエクスポート[%1] DER public DER public DER private DER private PEM encryped PEM encryped PKCS#8 encrypted PKCS#8 encrypted Export private key [%1] 秘密キーをエクスポートする[%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Tried to change password of a token トークンのパスワードを変更しようとしました db_temp Bad template: %1 不正なテンプレート:%1 Empty template 空のテンプレート Preset Template values プリセットテンプレートの値 Save template as テンプレートに名前を付けて保存 XCA templates ( *.xca );; All files ( * ) XCA templates ( *.xca );; All files ( * ) db_x509 CA CA reflects the basic Constraints extension 基本的なConstraints拡張機能を反映する Serial シリアル Start date 開始日 Expiry date 終了日 MD5 fingerprint MD5フィンガープリント SHA1 fingerprint SHA1フィンガープリント SHA256 fingerprint SHA256フィンガープリント Not before Not before Not after Not after Revocation 失効 CRL Expiration CRLの有効期限 Plain View プレインビュー Tree View ツリービュー Failed to retrieve unique random serial 一意のランダムシリアルの取得に失敗しました The certificate already exists in the database as: '%1' and so it was not imported 証明書はすでに次のようにデータベースに存在します: '%1' インポートはされませんでした Signed on %1 by '%2' %1に'%2'によって署名されました Unknown 不明 Invalid public key 公開キーが無効です PKCS#7 unrevoked PKCS#7の取り消し PEM unrevoked PEMの取り消し vCalendar vCalendar CA vCalendar CA vCalendar days No template テンプレートなし The key you selected for signing is not a private one. 署名用に選択したキーはプライベートキーではありません。 Store the certificate to the key on the token '%1 (#%2)' ? 証明書をトークン上のキーに格納する「%1(#%2) 」? PEM chain PEMチェーン PKCS#7 chain PKCS#7チェーン PKCS#12 chain PKCS#12チェーン PKCS#7 all PKCS#7 すべて PEM + key PEM + key PEM all PEM all Certificate Index file 証明書インデックスファイル Certificate export 証明書のエクスポート X509 Certificates ( *.pem *.cer *.crt *.p12 *.p7b ) X509 Certificates ( *.pem *.cer *.crt *.p12 *.p7b ) There was no key found for the Certificate: '%1' 証明書'%1'のキーが見つかりませんでした。 Not possible for a token key: '%1' トークンキー'%1'は使用できません。 Not possible for the token-key Certificate '%1' トークンキー証明書'%1'は使用できません。 db_x509name Subject サブジェクト Complete distinguished name 完全な識別名 Subject hash サブジェクトハッシュ Hash to lookup certs in directories ディレクトリ内の証明書を検索するためのハッシュ db_x509req Signed 署名済み whether the request is already signed or not 要求がすでに署名されているかどうか Unstructured name 構造化されていない名前 Challenge password チャレンジパスワード Certificate count 証明書の数 Number of certificates in the database with the same public key 同じ公開キーを持つデータベース内の証明書の数 The certificate signing request already exists in the database as '%1' and thus was not stored 証明書署名要求はすでに次のようにデータベースに存在しています: '%1' 保管されなかった Certificate request export 証明書要求のエクスポート Certificate request ( *.pem *.der *.csr ) Certificate request ( *.pem *.der *.csr ) db_x509super Key name 秘密キー名 Internal name of the key 秘密キーの内部名 Signature algorithm 署名アルゴリズム Extracted from %1 '%2' %1'%2'から抽出 Certificate 証明書 Certificate request 証明書リクエスト Save as OpenSSL config OpenSSL設定として保存 Config files ( *.conf *.cnf);; All files ( * ) Config files ( *.conf *.cnf);; All files ( * ) The following extensions were not ported into the template 次の拡張機能はテンプレートに移植されませんでした Transformed from %1 '%2' %1'%2'から変換されました kvView Type タイプ Content 内容 pass_info Password パスワード PIN PIN番号 pki_base Error opening file: '%1': %2 ファイル%1を開くときにエラーが発生しました:%2 Unknown 不明 Imported インポート済み Generated 生成済 Transformed 変換済 Token トークン Legacy Database レガシーデータベース Renewed 更新 Internal error: Unexpected message: %1 %2 内部エラー:予期しないメッセージ:%1% 2 pki_crl Successfully imported the revocation list '%1' 失効リスト'%1'が正常にインポートされました Delete the revocation list '%1'? 失効リスト'%1'を削除しますか? Successfully created the revocation list '%1' 失効リスト'%1'が正常に作成されました Delete the %1 revocation lists: %2? %1失効リストを削除しますか:%2? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. ファイル%1の失効リストを読み込めません。PEMおよびDER形式のCRLを試しました。 No issuer given 発行者が指定されていません Wrong Size %1 サイズ%1が間違っています Renew CRL: %1 CRLの更新:%1 The XCA CRL '%1', issued by the CA '%2' on %3 will expire on %4. It is stored in the XCA database '%5' %3のCA「%2 」によって発行されたXCA CRL「%1 」は%4に有効期限が切れます。 これはXCAデータベース'%5'に保管されています。 pki_evp Failed to decrypt the key (bad password) %1 キー(パスワードが間違っています)%1の暗号化を解除できませんでした Please enter the password to decrypt the private key. 秘密キーを解読するためのパスワードを入力してください。 The key from file '%1' is incomplete or inconsistent. ファイル「%1 」のキーが不完全または矛盾しています。 Please enter the password to decrypt the private key from file: %1 ファイルから秘密キーを復号化するためのパスワードを入力してください: %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. ファイル%1の秘密キーを読み込めません。PEMおよびDERの秘密キー、公開キー、PKCS#8キーの種類、およびSSH2形式を試しました。 Ignoring unsupported private key サポートされていない秘密キーを無視します Please enter the password to decrypt the private key: '%1' 秘密キーを解読するためのパスワードを入力してください:'%1' Password input aborted パスワードの入力が中断されました Please enter the database password for decrypting the key '%1' キー'%1'を復号化するためのデータベースパスワードを入力してください。 Please enter the password to protect the private key: '%1' 秘密キーを保護するためのパスワードを入力してください:'%1' Please enter the database password for encrypting the key キーを暗号化するためのデータベースパスワードを入力してください Please enter the password protecting the PKCS#8 key '%1' PKCS#8キー'%1'を保護するパスワードを入力してください Please enter the export password for the private key '%1' 秘密キー'%1'のエクスポートパスワードを入力してください。 pki_key Successfully imported the %1 public key '%2' %1公開キー'%2'のインポートに成功しました Delete the %1 public key '%2'? %1公開キー'%2'を削除しますか? Successfully imported the %1 private key '%2' %1秘密キー'%2'のインポートに成功しました Delete the %1 private key '%2'? %1形式の秘密キー'%2'を削除しますか? Successfully created the %1 private key '%2' %1形式の秘密キー'%2'の作成に成功しました Delete the %1 keys: %2? %1キーを削除しますか:%2? Public key 公開キー Common 共通 Private プライベート Bogus 偽物 PIN PIN No password パスワードなし Unexpected SSH2 content: '%1' 予期しないSSH2コンテンツ:'%1' Invalid SSH2 public key 無効なSSH2公開キーです Failed writing to %1 %1への書き込みに失敗しました pki_multi No known PEM encoded items found 既知のPEMエンコードされた項目が見つかりません pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 PKCS#12ファイルを復号化するためのパスワードを入力してください: %1 Unable to load the PKCS#12 (pfx) file %1. PKCS#12(pfx)ファイル%1を読み込めません。 The supplied password was wrong (%1) 指定されたパスワードが間違っています(%1) Please enter the password to encrypt the PKCS#12 file PKCS#12ファイルを暗号化するためのパスワードを入力してください No key or no Cert and no pkcs12 キーまたはCertがないか、pkcs12がありません pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. PKCS#7ファイル%1を読み込めません。PEMおよびDER形式を試しました。 pki_scard Successfully imported the token key '%1' トークンキー'%1'が正常にインポートされました Delete the token key '%1'? トークンキー'%1'を削除しますか? Successfully created the token key '%1' トークンキー'%1'が正常に作成されました Delete the %1 keys: %2? %1キーを削除しますか:%2? Delete the private key '%1' from the token '%2 (#%3)' ? トークン「%2(#%3) 」から秘密キー「%1 」を削除しますか? This Key is already on the token このキーはすでにトークン上にあります PIN input aborted PIN入力を中止しました Unable to find copied key on the token トークン上にコピーされたキーが見つかりません Please insert card: %1 %2 [%3] with Serial: %4 カードを挿入してください:%1% 2[%3]シリアル番号:%4 Illegal Key generation method 不正なキー生成方法 Unable to find generated key on card カード上に生成されたキーが見つかりません Ignoring unsupported token key サポートされていないトークンキーを無視します Wrong Size %1 サイズ%1が間違っています Token %1 トークン%1 Failed to find the key on the token トークン上のキーが見つかりませんでした Invalid Pin for the token トークンのPINが無効です Failed to initialize the key on the token トークンのキーの初期化に失敗しました pki_temp Successfully imported the XCA template '%1' XCAテンプレート'%1'が正常にインポートされました Delete the XCA template '%1'? XCAテンプレート'%1'を削除しますか? Successfully created the XCA template '%1' XCAテンプレート'%1'が正常に作成されました Delete the %1 XCA templates: %2? %1XCAテンプレートを削除しますか:%2? Wrong Size %1 サイズ%1が間違っています Template file content error (too small) テンプレートファイルのコンテンツエラー(小さすぎる) Not a PEM encoded XCA Template PEMエンコードされたXCAテンプレートではありません Not an XCA Template, but '%1' XCAテンプレートではありませんが'%1' pki_x509 Successfully imported the certificate '%1' 証明書'%1'が正常にインポートされました。 Delete the certificate '%1'? 証明書'%1'を削除しますか? Successfully created the certificate '%1' 証明書'%1'が正常に作成されました Delete the %1 certificates: %2? %1証明書を削除しますか:%2? Unable to load the certificate in file %1. Tried PEM and DER certificate. ファイル%1の証明書を読み込めません。PEMおよびDER証明書を試しました。 This certificate is already on the security token この証明書は既にセキュリティトークンにあります Delete the certificate '%1' from the token '%2 (#%3)'? トークン'%2(#%3)'から証明書「%1 」を削除しますか? There is no key for signing ! 署名用のキーがありません! Wrong Size %1 サイズ%1が間違っています No いいえ Yes はい Renew certificate: %1 証明書を書き換える:%1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' %2で発行されたXCA証明書「%1 」は%3に有効期限が切れます。 これはXCAデータベース'%4'に保存されています。 CRL Renewal of CA '%1' due CRL CA「%1 」の更新期限 The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' CAによって発行された最新のCRL「%1 」は%2に有効期限が切れます。 これはXCAデータベース'%3'に保管されています。 pki_x509req Signing key not valid (public key) 署名キーが無効です(公開キー) Successfully imported the %1 certificate request '%2' %1証明書要求'%2'が正常にインポートされました。 Delete the %1 certificate request '%2'? %1証明書要求'%2'を削除しますか? Successfully created the %1 certificate request '%2' %1証明書要求'%2'が正常に作成されました Delete the %1 certificate requests: %2? %1証明書要求を削除しますか:%2? Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. ファイル%1の証明書要求を読み込めません。PEM、DER、およびSPKAC形式を試しました。 Wrong Size %1 サイズ%1が間違っています Signed 署名済み Unhandled 未処理 v3ext Copy Common Name コモンネームのコピー Add 追加 Delete 削除 Apply 適用 Validate 検証 Cancel キャンセル An email address or 'copy' 電子メールアドレスまたはコピー An email address 電子メールアドレス A registered ID: OBJECT IDENTIFIER 登録ID:オブジェクト識別子 A uniform resource indicator 統一資源指標 A DNS domain name or 'copycn' DNSドメイン名または'copycn' A DNS domain name DNSドメイン名 An IP address IPアドレス Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' 構文:<OID>;TYPE:text like'1.2.3.4:UTF8:name' No editing. Only 'copy' allowed here 編集なし。ここでは「コピー 」のみ指定してください Validation failed: '%1' %2 検証に失敗しました: '%1' %2 Validation successful: '%1' 検証に成功しました: '%1' xca-RELEASE.2.2.1/lang/fr.po0000644000175000017500000032164413614632167014617 0ustar tewardteward# # demonipuch , 2012, 2014, 2015. # Patrick Monnerat <.>, 2011, 2015, 2017, 2018, 2019. # msgid "" msgstr "" "Project-Id-Version: xca 1.3.3\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2018-03-16 18:14+0200\n" "PO-Revision-Date: 2019-12-19 01:28+0100\n" "Last-Translator: Patrick Monnerat <.>\n" "Language-Team: French <>\n" "Language: fr\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "X-Generator: Gtranslator 2.91.7\n" "Plural-Forms: nplurals=2; plural=(n > 1);\n" "X-Qt-Contexts: true\n" #: ../ui/CaProperties.ui:30 msgctxt "CaProperties|" msgid "CA Properties" msgstr "Propriétés du CA" #: ../ui/CaProperties.ui:92 msgctxt "CaProperties|" msgid "Days until next CRL issuing" msgstr "" "Nombre de jours avant la génération de la prochaine liste de révocation" #: ../ui/CaProperties.ui:102 msgctxt "CaProperties|" msgid "Default template" msgstr "Modèle par défaut" #: ../ui/CertDetail.ui:30 ../widgets/CertDetail.cpp:99 msgctxt "CertDetail|" msgid "Details of the Certificate" msgstr "Détails du Certificat" #: ../ui/CertDetail.ui:165 msgctxt "CertDetail|" msgid "Serial" msgstr "Numéro de série" #: ../ui/CertDetail.ui:178 msgctxt "CertDetail|" msgid "The serial number of the certificate" msgstr "Le numéro de série du certificat" #: ../ui/CertDetail.ui:113 msgctxt "CertDetail|" msgid "The internal name of the certificate in the database" msgstr "Le nom interne du certificat dans la base de données" #: ../ui/CertDetail.ui:78 msgctxt "CertDetail|" msgid "Status" msgstr "Etat" #: ../ui/CertDetail.ui:106 msgctxt "CertDetail|" msgid "Internal name" msgstr "Nom interne" #: ../ui/CertDetail.ui:120 msgctxt "CertDetail|" msgid "Signature" msgstr "Signature" #: ../ui/CertDetail.ui:145 msgctxt "CertDetail|" msgid "Key" msgstr "Clé" #: ../ui/CertDetail.ui:191 msgctxt "CertDetail|" msgid "Fingerprints" msgstr "Empreinte" #: ../ui/CertDetail.ui:203 msgctxt "CertDetail|" msgid "MD5" msgstr "MD5" #: ../ui/CertDetail.ui:216 msgctxt "CertDetail|" msgid "An md5 hashsum of the certificate" msgstr "La somme de hachage MD5 du certificat" #: ../ui/CertDetail.ui:229 msgctxt "CertDetail|" msgid "SHA1" msgstr "SHA1" #: ../ui/CertDetail.ui:242 msgctxt "CertDetail|" msgid "A SHA-1 hashsum of the certificate" msgstr "La somme de hachage SHA-1 du certificat" #: ../ui/CertDetail.ui:255 msgctxt "CertDetail|" msgid "SHA256" msgstr "SHA256" #: ../ui/CertDetail.ui:268 msgctxt "CertDetail|" msgid "A SHA-256 hashsum of the certificate" msgstr "La somme de hachage SHA-256 du certificat" #: ../ui/CertDetail.ui:278 msgctxt "CertDetail|" msgid "Validity" msgstr "Validité" #: ../ui/CertDetail.ui:287 msgctxt "CertDetail|" msgid "The time since the certificate is valid" msgstr "Le moment depuis lequel le certificat est valide" #: ../ui/CertDetail.ui:294 msgctxt "CertDetail|" msgid "The time until the certificate is valid" msgstr "Le moment auquel le certificat échoit" #: ../ui/CertDetail.ui:328 msgctxt "CertDetail|" msgid "Subject" msgstr "Sujet" #: ../ui/CertDetail.ui:341 msgctxt "CertDetail|" msgid "Issuer" msgstr "Emetteur" #: ../ui/CertDetail.ui:364 msgctxt "CertDetail|" msgid "Extensions" msgstr "Extensions" #: ../ui/CertDetail.ui:385 msgctxt "CertDetail|" msgid "Comment" msgstr "Commentaire" #: ../ui/CertDetail.ui:354 msgctxt "CertDetail|" msgid "Attributes" msgstr "Attributs" #: ../ui/CertDetail.ui:377 ../widgets/CertDetail.cpp:36 msgctxt "CertDetail|" msgid "Show config" msgstr "Afficher la configuration" #: ../widgets/CertDetail.cpp:40 msgctxt "CertDetail|" msgid "Show extensions" msgstr "Afficher les extensions" #: ../widgets/CertDetail.cpp:62 msgctxt "CertDetail|" msgid "Show public key" msgstr "Afficher la clé publique" #: ../widgets/CertDetail.cpp:67 msgctxt "CertDetail|" msgid "This key is not in the database." msgstr "Cette clé ne figure pas dans la base de données" #: ../widgets/CertDetail.cpp:69 msgctxt "CertDetail|" msgid "Not available" msgstr "Non disponible" #: ../widgets/CertDetail.cpp:108 msgctxt "CertDetail|" msgid "Signer unknown" msgstr "Signataire inconnu" #: ../widgets/CertDetail.cpp:112 msgctxt "CertDetail|" msgid "Self signed" msgstr "Auto-signé" #: ../widgets/CertDetail.cpp:139 #, qt-format msgctxt "CertDetail|" msgid "Revoked at %1" msgstr "Révoqué le %1" #: ../widgets/CertDetail.cpp:144 msgctxt "CertDetail|" msgid "Not valid" msgstr "Invalide" #: ../widgets/CertDetail.cpp:148 msgctxt "CertDetail|" msgid "Valid" msgstr "Valide" #: ../widgets/CertDetail.cpp:167 msgctxt "CertDetail|" msgid "Details of the certificate signing request" msgstr "Détails de la requête de signature" #: ../ui/CertExtend.ui:30 msgctxt "CertExtend|" msgid "Certificate renewal" msgstr "Renouvellement du certificat" #: ../ui/CertExtend.ui:74 msgctxt "CertExtend|" msgid "" "This will create a new certificate as a copy of the old one with a new " "serial number and adjusted validity values." msgstr "" "Créer un nouveau certificat conforme à l'ancien, mais avec un nouveau numéro " "de série et les limites de validité ajustées." #: ../ui/CertExtend.ui:100 msgctxt "CertExtend|" msgid "Validity" msgstr "Validité" #: ../ui/CertExtend.ui:111 msgctxt "CertExtend|" msgid "Not before" msgstr "Pas avant" #: ../ui/CertExtend.ui:118 msgctxt "CertExtend|" msgid "Not after" msgstr "Pas après" #: ../ui/CertExtend.ui:144 msgctxt "CertExtend|" msgid "Time range" msgstr "Intervalle de temps" #: ../ui/CertExtend.ui:150 msgctxt "CertExtend|" msgid "Local time" msgstr "Heure locale" #: ../ui/CertExtend.ui:158 msgctxt "CertExtend|" msgid "Days" msgstr "Jours" #: ../ui/CertExtend.ui:163 msgctxt "CertExtend|" msgid "Months" msgstr "Mois" #: ../ui/CertExtend.ui:168 msgctxt "CertExtend|" msgid "Years" msgstr "Années" #: ../ui/CertExtend.ui:176 msgctxt "CertExtend|" msgid "No well-defined expiration" msgstr "Pas de date d'expiration précise" #: ../ui/CertExtend.ui:183 msgctxt "CertExtend|" msgid "Midnight" msgstr "Minuit" #: ../ui/CertExtend.ui:190 msgctxt "CertExtend|" msgid "Apply" msgstr "Appliquer" #: ../ui/CertExtend.ui:216 msgctxt "CertExtend|" msgid "Revoke old certificate" msgstr "Révoquer l'ancien certificat" #: ../ui/CertExtend.ui:226 msgctxt "CertExtend|" msgid "Keep serial number" msgstr "Conserver le numéro de série" #: ../widgets/CertExtend.cpp:43 msgctxt "CertExtend|" msgid "" "The certificate will be earlier valid than the signer. This is probably not " "what you want." msgstr "" "Le certificat serait valide avant son signataire. Ce n'est probablement pas " "ce qui est désiré." #: ../widgets/CertExtend.cpp:45 ../widgets/CertExtend.cpp:67 msgctxt "CertExtend|" msgid "Edit dates" msgstr "Modifier les limites de validité" #: ../widgets/CertExtend.cpp:46 ../widgets/CertExtend.cpp:68 msgctxt "CertExtend|" msgid "Abort rollout" msgstr "Interrompre le déploiement" #: ../widgets/CertExtend.cpp:47 ../widgets/CertExtend.cpp:69 msgctxt "CertExtend|" msgid "Continue rollout" msgstr "Continuer le déploiement" #: ../widgets/CertExtend.cpp:48 ../widgets/CertExtend.cpp:70 msgctxt "CertExtend|" msgid "Adjust date and continue" msgstr "Ajuster la date et continuer" #: ../widgets/CertExtend.cpp:65 msgctxt "CertExtend|" msgid "" "The certificate will be longer valid than the signer. This is probably not " "what you want." msgstr "" "Le certificat serait valide plus longtemps que son signataire. Ce n'est " "probablement pas ce qui est désiré." #: ../widgets/CertTreeView.cpp:25 msgctxt "CertTreeView|" msgid "Import PKCS#12" msgstr "Importer en PKCS#12" #: ../widgets/CertTreeView.cpp:26 msgctxt "CertTreeView|" msgid "Import from PKCS#7" msgstr "Importer en PKCS#7" #: ../widgets/CertTreeView.cpp:54 msgctxt "CertTreeView|" msgid "Request" msgstr "Requête" #: ../widgets/CertTreeView.cpp:56 msgctxt "CertTreeView|" msgid "Security token" msgstr "Jeton de sécurité" #: ../widgets/CertTreeView.cpp:58 msgctxt "CertTreeView|" msgid "Other token" msgstr "Autre jeton" #: ../widgets/CertTreeView.cpp:62 msgctxt "CertTreeView|" msgid "Similar Certificate" msgstr "Certificat similaire" #: ../widgets/CertTreeView.cpp:65 msgctxt "CertTreeView|" msgid "Delete from Security token" msgstr "Détruire sur le jeton de sécurité" #: ../widgets/CertTreeView.cpp:68 msgctxt "CertTreeView|" msgid "CA" msgstr "CA" #: ../widgets/CertTreeView.cpp:69 msgctxt "CertTreeView|" msgid "Properties" msgstr "Propriétés" #: ../widgets/CertTreeView.cpp:70 msgctxt "CertTreeView|" msgid "Generate CRL" msgstr "Générer la liste de révocation" #: ../widgets/CertTreeView.cpp:71 msgctxt "CertTreeView|" msgid "Manage revocations" msgstr "Gérer les révocations" #: ../widgets/CertTreeView.cpp:76 ../widgets/CertTreeView.cpp:79 msgctxt "CertTreeView|" msgid "Renewal" msgstr "Renouvellement" #: ../widgets/CertTreeView.cpp:81 msgctxt "CertTreeView|" msgid "Revoke" msgstr "Révoquer" #: ../widgets/CertTreeView.cpp:83 msgctxt "CertTreeView|" msgid "Unrevoke" msgstr "Dé-révoquer" #: ../widgets/clicklabel.cpp:37 msgctxt "ClickLabel|" msgid "Double click for details" msgstr "Double-cliquer pour afficher les détails" #: ../ui/CrlDetail.ui:30 msgctxt "CrlDetail|" msgid "Details of the Revocation list" msgstr "Détails de la liste de révocation" #: ../ui/CrlDetail.ui:78 msgctxt "CrlDetail|" msgid "&Status" msgstr "&Etat" #: ../ui/CrlDetail.ui:126 msgctxt "CrlDetail|" msgid "Version" msgstr "Version" #: ../ui/CrlDetail.ui:145 msgctxt "CrlDetail|" msgid "Signature" msgstr "Signature" #: ../ui/CrlDetail.ui:152 msgctxt "CrlDetail|" msgid "Signed by" msgstr "Signée par" #: ../ui/CrlDetail.ui:159 msgctxt "CrlDetail|" msgid "Name" msgstr "Nom" #: ../ui/CrlDetail.ui:166 msgctxt "CrlDetail|" msgid "The internal name of the CRL in the database" msgstr "Le nom interne de la liste de révocation dans la base de données" #: ../ui/CrlDetail.ui:179 msgctxt "CrlDetail|" msgid "issuing dates" msgstr "dates d'émission" #: ../ui/CrlDetail.ui:188 msgctxt "CrlDetail|" msgid "Next update" msgstr "Prochaine mise-à-jour" #: ../ui/CrlDetail.ui:195 msgctxt "CrlDetail|" msgid "Last update" msgstr "Dernière mise-à-jour" #: ../ui/CrlDetail.ui:228 msgctxt "CrlDetail|" msgid "&Issuer" msgstr "&Emetteur" #: ../ui/CrlDetail.ui:241 msgctxt "CrlDetail|" msgid "&Extensions" msgstr "&Extensions" #: ../ui/CrlDetail.ui:261 msgctxt "CrlDetail|" msgid "&Revocation list" msgstr "Liste de &révocation" #: ../ui/CrlDetail.ui:286 msgctxt "CrlDetail|" msgid "Comment" msgstr "Commentaire" #: ../widgets/CrlDetail.cpp:47 msgctxt "CrlDetail|" msgid "Failed" msgstr "Echoué" #: ../widgets/CrlDetail.cpp:52 msgctxt "CrlDetail|" msgid "Unknown signer" msgstr "Signataire inconnu" #: ../widgets/CrlDetail.cpp:55 msgctxt "CrlDetail|" msgid "Verification not possible" msgstr "Vérification impossible" #: ../ui/ExportDialog.ui:76 msgctxt "ExportDialog|" msgid "Name" msgstr "Nom" #: ../ui/ExportDialog.ui:83 msgctxt "ExportDialog|" msgid "The internal name of the CRL in the database" msgstr "Le nom interne de la liste de révocation dans la base de données" #: ../ui/ExportDialog.ui:113 msgctxt "ExportDialog|" msgid "..." msgstr "..." #: ../ui/ExportDialog.ui:126 msgctxt "ExportDialog|" msgid "Filename" msgstr "Nom du fichier" #: ../ui/ExportDialog.ui:191 msgctxt "ExportDialog|" msgid "Export comment into PEM file" msgstr "Exporter le commentaire dans le fichier PEM" #: ../ui/ExportDialog.ui:213 msgctxt "ExportDialog|" msgid "Export Format" msgstr "Format d'exportation" #: ../widgets/ExportDialog.cpp:37 msgctxt "ExportDialog|" msgid "All files ( * )" msgstr "Tous les fichiers ( * )" #: ../widgets/ExportDialog.cpp:52 msgctxt "ExportDialog|" msgid "PEM Text format with headers" msgstr "Format textuel PEM avec des en-têtes" #: ../widgets/ExportDialog.cpp:54 msgctxt "ExportDialog|" msgid "Concatenated list of all selected items in one PEM text file" msgstr "" "Concaténation de tous les éléments sélectionnés dans un seul fichier texte " "en format PEM" #: ../widgets/ExportDialog.cpp:55 msgctxt "ExportDialog|" msgid "" "Concatenated text format of the complete certificate chain in one PEM file" msgstr "" "Fichier PEM contenant la concaténation de tous les certificats de la chaîne" #: ../widgets/ExportDialog.cpp:59 msgctxt "ExportDialog|" msgid "Concatenated text format of all certificates in one PEM file" msgstr "Fichier PEM contenant la concaténation de tous les certificats" #: ../widgets/ExportDialog.cpp:60 msgctxt "ExportDialog|" msgid "Binary DER encoded file" msgstr "Fichier binaire en format DER" #: ../widgets/ExportDialog.cpp:61 msgctxt "ExportDialog|" msgid "PKCS#7 encoded single certificate" msgstr "Un seul certificat en format PKCS#7" #: ../widgets/ExportDialog.cpp:63 msgctxt "ExportDialog|" msgid "PKCS#7 encoded complete certificate chain" msgstr "" "La chaîne complète de certificats en format PKCS#7 dans un seul fichier" #: ../widgets/ExportDialog.cpp:57 msgctxt "ExportDialog|" msgid "Concatenated text format of all unrevoked certificates in one PEM file" msgstr "" "Fichier PEM contenant la concaténation de tous les certificats non-révoqués" #: ../widgets/ExportDialog.cpp:65 msgctxt "ExportDialog|" msgid "All unrevoked certificates encoded in one PKCS#7 file" msgstr "" "Tous les certificats non-révoqués dans un seul fichier en format PKCS#7" #: ../widgets/ExportDialog.cpp:67 msgctxt "ExportDialog|" msgid "All selected certificates encoded in one PKCS#7 file" msgstr "" "Tous les certificats sélectionnés dans un seul fichier en format PKCS#7" #: ../widgets/ExportDialog.cpp:69 msgctxt "ExportDialog|" msgid "All certificates encoded in one PKCS#7 file" msgstr "Tous les certificats dans un seul fichier en format PKCS#7" #: ../widgets/ExportDialog.cpp:71 msgctxt "ExportDialog|" msgid "The certificate and the private key as encrypted PKCS#12 file" msgstr "Le certificat et sa clé privée dans un fichier en format PKCS#12" #: ../widgets/ExportDialog.cpp:72 msgctxt "ExportDialog|" msgid "" "The complete certificate chain and the private key as encrypted PKCS#12 file" msgstr "" "La chaîne complète des certificats et la clé privée en un seul fichier " "chiffré en format PKCS#12" #: ../widgets/ExportDialog.cpp:73 msgctxt "ExportDialog|" msgid "" "Concatenation of the certificate and the unencrypted private key in one PEM " "file" msgstr "" "La concaténation du certificat et de sa clé privée non-chiffrée dans un seul " "fichier PEM" #: ../widgets/ExportDialog.cpp:74 msgctxt "ExportDialog|" msgid "" "Concatenation of the certificate and the encrypted private key in PKCS#8 " "format in one file" msgstr "" "La concaténation du certificat et de sa clé privée chiffrée en format PKCS#8 " "dans un seul fichier" #: ../widgets/ExportDialog.cpp:75 msgctxt "ExportDialog|" msgid "Text format of the public key in one PEM file" msgstr "Formattage textuel de la clé publique dans un fichier PEM" #: ../widgets/ExportDialog.cpp:76 msgctxt "ExportDialog|" msgid "Binary DER format of the public key" msgstr "Format binaire DER de la clé publique" #: ../widgets/ExportDialog.cpp:78 msgctxt "ExportDialog|" msgid "Unencrypted private key in text format" msgstr "Clé privée non-chiffrée en format texte" #: ../widgets/ExportDialog.cpp:80 msgctxt "ExportDialog|" msgid "OpenSSL specific encrypted private key in text format" msgstr "Clé privée chiffrée spécifiquement par OpenSSL en format texte" #: ../widgets/ExportDialog.cpp:82 msgctxt "ExportDialog|" msgid "Unencrypted private key in binary DER format" msgstr "Clé privée non-chiffrée en format binaire DER" #: ../widgets/ExportDialog.cpp:84 msgctxt "ExportDialog|" msgid "Unencrypted private key in PKCS#8 text format" msgstr "Clé privée non-chiffrée en format texte PKCS#8" #: ../widgets/ExportDialog.cpp:86 msgctxt "ExportDialog|" msgid "Encrypted private key in PKCS#8 text format" msgstr "Clé privée chiffrée en format texte PKCS#8" #: ../widgets/ExportDialog.cpp:87 msgctxt "ExportDialog|" msgid "The public key encoded in SSH2 format" msgstr "La clé publique en format SSH2" #: ../widgets/ExportDialog.cpp:88 msgctxt "ExportDialog|" msgid "" "OpenSSL specific Certificate Index file as created by the 'ca' command and " "required by the OCSP tool" msgstr "" "Fichier d'index des certificats spécifique à OpenSSL, tel que créé par la " "commande 'ca' et nécessaire à l'outil OCSP" #: ../widgets/ExportDialog.cpp:89 msgctxt "ExportDialog|" msgid "vCalendar expiry reminder for the selected items" msgstr "message vCalendar de rappel d'expiration des éléments sélectionnés" #: ../widgets/ExportDialog.cpp:90 msgctxt "ExportDialog|" msgid "" "vCalendar expiry reminder containing all issued, valid certificates, the CA " "itself and the latest CRL" msgstr "" "message vCalendar de rappel d'expiration contenant tous les certificats " "valides émis, le CA lui-même et la liste de révocation la plus récente" #: ../widgets/ExportDialog.cpp:129 #, qt-format msgctxt "ExportDialog|" msgid "The file: '%1' already exists!" msgstr "Le fichier '%1' existe déjà!" #: ../widgets/ExportDialog.cpp:131 msgctxt "ExportDialog|" msgid "Overwrite" msgstr "Ecraser" #: ../widgets/ExportDialog.cpp:133 msgctxt "ExportDialog|" msgid "Do not overwrite" msgstr "Ne pas écraser" #: ../ui/Help.ui:36 msgctxt "Help|" msgid "<<" msgstr "<<" #: ../ui/Help.ui:46 msgctxt "Help|" msgid ">>" msgstr "<<" #: ../ui/Help.ui:72 msgctxt "Help|" msgid "&Done" msgstr "&OK" #: ../ui/ImportMulti.ui:36 msgctxt "ImportMulti|" msgid "Import PKI Items" msgstr "Importer des objets PKI" #: ../ui/ImportMulti.ui:94 msgctxt "ImportMulti|" msgid "Import &All" msgstr "Importer &tout" #: ../ui/ImportMulti.ui:101 msgctxt "ImportMulti|" msgid "&Import" msgstr "&Importer" #: ../ui/ImportMulti.ui:108 msgctxt "ImportMulti|" msgid "&Done" msgstr "&OK" #: ../ui/ImportMulti.ui:115 msgctxt "ImportMulti|" msgid "&Remove from list" msgstr "&Retirer de la liste" #: ../ui/ImportMulti.ui:122 msgctxt "ImportMulti|" msgid "Details" msgstr "Détails" #: ../ui/ImportMulti.ui:129 msgctxt "ImportMulti|" msgid "Delete from token" msgstr "Enlever du jeton" #: ../ui/ImportMulti.ui:136 msgctxt "ImportMulti|" msgid "Rename on token" msgstr "Renommer dans le jeton" #: ../widgets/ImportMulti.cpp:62 #, qt-format msgctxt "ImportMulti|" msgid "" "\n" "Name: %1\n" "Model: %2\n" "Serial: %3" msgstr "" "\n" "Nom: %1\n" "Modèle: %2\n" "Numéro de série: %3" #: ../widgets/ImportMulti.cpp:67 msgctxt "ImportMulti|" msgid "Manage security token" msgstr "Gérer les jetons de sécurité" #: ../widgets/ImportMulti.cpp:338 #, qt-format msgctxt "ImportMulti|" msgid "Details of the item '%1' cannot be shown" msgstr "Les détails de l'objet '%1' ne peuvent pas être affichés" #: ../widgets/ImportMulti.cpp:125 ../widgets/ImportMulti.cpp:280 #: ../widgets/ImportMulti.cpp:341 #, qt-format msgctxt "ImportMulti|" msgid "The type of the item '%1' is not recognized" msgstr "Le type de l'objet '%1' n'est pas reconnu" #: ../widgets/ImportMulti.cpp:369 #, qt-format msgctxt "ImportMulti|" msgid "The file '%1' did not contain PKI data" msgstr "Le fichier '%1' ne contient pas de données PKI" #: ../widgets/ImportMulti.cpp:372 #, qt-format msgctxt "ImportMulti|" msgid "The %1 files: '%2' did not contain PKI data" msgstr "Les %1 fichiers: '%2' ne contiennent pas de données PKI" #: ../ui/ItemProperties.ui:22 msgctxt "ItemProperties|" msgid "Name" msgstr "Nom" #: ../ui/ItemProperties.ui:32 msgctxt "ItemProperties|" msgid "Source" msgstr "Source" #: ../ui/ItemProperties.ui:39 msgctxt "ItemProperties|" msgid "Insertion date" msgstr "Date d'insertion" #: ../ui/ItemProperties.ui:54 msgctxt "ItemProperties|" msgid "Comment" msgstr "Commentaire" #: ../ui/KeyDetail.ui:82 msgctxt "KeyDetail|" msgid "Name" msgstr "Nom" #: ../ui/KeyDetail.ui:89 msgctxt "KeyDetail|" msgid "The internal name of the key used by xca" msgstr "Le nom interne de la clé utilisé par xca" #: ../widgets/KeyDetail.cpp:96 msgctxt "KeyDetail|" msgid "Security token" msgstr "Jeton de sécurité" #: ../ui/KeyDetail.ui:286 msgctxt "KeyDetail|" msgid "Manufacturer" msgstr "Fabricant" #: ../ui/KeyDetail.ui:296 msgctxt "KeyDetail|" msgid "Serial" msgstr "Numéro de série" #: ../ui/KeyDetail.ui:102 ../ui/KeyDetail.ui:182 msgctxt "KeyDetail|" msgid "Key" msgstr "Clé" #: ../ui/KeyDetail.ui:110 msgctxt "KeyDetail|" msgid "Public Exponent" msgstr "Exposant public" #: ../ui/KeyDetail.ui:136 msgctxt "KeyDetail|" msgid "Keysize" msgstr "Taille de la clé" #: ../ui/KeyDetail.ui:163 msgctxt "KeyDetail|" msgid "Private Exponent" msgstr "Exposant privé" #: ../ui/KeyDetail.ui:214 msgctxt "KeyDetail|" msgid "Security Token" msgstr "Jeton de sécurité" #: ../ui/KeyDetail.ui:235 ../ui/KeyDetail.ui:306 msgctxt "KeyDetail|" msgid "Label" msgstr "Etiquette" #: ../ui/KeyDetail.ui:245 msgctxt "KeyDetail|" msgid "PKCS#11 ID" msgstr "ID PKCS#11" #: ../ui/KeyDetail.ui:270 msgctxt "KeyDetail|" msgid "Token information" msgstr "Information du jeton" #: ../ui/KeyDetail.ui:276 msgctxt "KeyDetail|" msgid "Model" msgstr "Modèle" #: ../ui/KeyDetail.ui:324 msgctxt "KeyDetail|" msgid "Fingerprint" msgstr "Empreinte" #: ../ui/KeyDetail.ui:329 msgctxt "KeyDetail|" msgid "Comment" msgstr "Commentaire" #: ../widgets/KeyDetail.cpp:79 #, qt-format msgctxt "KeyDetail|" msgid "Details of the %1 key" msgstr "Détails de la clé %1" #: ../widgets/KeyDetail.cpp:85 msgctxt "KeyDetail|" msgid "Not available" msgstr "Non disponible" #: ../widgets/KeyDetail.cpp:98 msgctxt "KeyDetail|" msgid "Available" msgstr "Disponible" #: ../widgets/KeyDetail.cpp:107 msgctxt "KeyDetail|" msgid "Sub prime" msgstr "Sous-premier" #: ../widgets/KeyDetail.cpp:108 ../widgets/KeyDetail.cpp:117 msgctxt "KeyDetail|" msgid "Public key" msgstr "Clé publique" #: ../widgets/KeyDetail.cpp:109 ../widgets/KeyDetail.cpp:118 msgctxt "KeyDetail|" msgid "Private key" msgstr "Clé privée" #: ../widgets/KeyDetail.cpp:119 msgctxt "KeyDetail|" msgid "Curve name" msgstr "Nom de la courbe" #: ../widgets/KeyDetail.cpp:129 msgctxt "KeyDetail|" msgid "Unknown key" msgstr "Clé inconnue" #: ../widgets/KeyTreeView.cpp:28 msgctxt "KeyTreeView|" msgid "Change password" msgstr "Changer le mot de passe" #: ../widgets/KeyTreeView.cpp:32 msgctxt "KeyTreeView|" msgid "Reset password" msgstr "Effacer le mot de passe" #: ../widgets/KeyTreeView.cpp:44 msgctxt "KeyTreeView|" msgid "Change PIN" msgstr "Changer le NIP" #: ../widgets/KeyTreeView.cpp:46 msgctxt "KeyTreeView|" msgid "Init PIN with SO PIN (PUK)" msgstr "Initialiser le NIP avec le PUK" #: ../widgets/KeyTreeView.cpp:48 msgctxt "KeyTreeView|" msgid "Change SO PIN (PUK)" msgstr "Changer le PUK" #: ../widgets/KeyTreeView.cpp:51 msgctxt "KeyTreeView|" msgid "Security token" msgstr "Jeton de sécurité" #: ../widgets/KeyTreeView.cpp:84 ../widgets/KeyTreeView.cpp:102 #: ../widgets/KeyTreeView.cpp:120 msgctxt "KeyTreeView|" msgid "This is not a token" msgstr "Ce n'est pas un jeton" #: ../widgets/KeyTreeView.cpp:149 #, qt-format msgctxt "KeyTreeView|" msgid "" "Shall the original key '%1' be replaced by the key on the token?\n" "This will delete the key '%1' and make it unexportable" msgstr "" "La clé originale '%1' doit-elle être remplacée par la clé en provenance du " "jeton ?\n" "Cela détruirait la clé '%1' et la rendrait non-exportable." #: ../ui/MainWindow.ui:22 msgctxt "MainWindow|" msgid "Private Keys" msgstr "Clés privées" #: ../ui/MainWindow.ui:49 msgctxt "MainWindow|" msgid "&New Key" msgstr "&Nouvelle clé" #: ../ui/MainWindow.ui:56 ../ui/MainWindow.ui:161 ../ui/MainWindow.ui:253 #: ../ui/MainWindow.ui:391 ../ui/MainWindow.ui:456 msgctxt "MainWindow|" msgid "&Export" msgstr "&Exporter" #: ../ui/MainWindow.ui:63 ../ui/MainWindow.ui:168 ../ui/MainWindow.ui:260 #: ../ui/MainWindow.ui:384 ../ui/MainWindow.ui:463 msgctxt "MainWindow|" msgid "&Import" msgstr "&Importer" #: ../ui/MainWindow.ui:70 msgctxt "MainWindow|" msgid "Import PFX (PKCS#12)" msgstr "Importer en PFX (PKCS#12)" #: ../ui/MainWindow.ui:77 ../ui/MainWindow.ui:175 ../ui/MainWindow.ui:267 #: ../ui/MainWindow.ui:470 msgctxt "MainWindow|" msgid "&Show Details" msgstr "&Afficher les Détails" #: ../ui/MainWindow.ui:84 ../ui/MainWindow.ui:182 ../ui/MainWindow.ui:274 #: ../ui/MainWindow.ui:377 ../ui/MainWindow.ui:477 msgctxt "MainWindow|" msgid "&Delete" msgstr "&Détruire" #: ../ui/MainWindow.ui:124 msgctxt "MainWindow|" msgid "Certificate signing requests" msgstr "Requêtes de signature de certificat" #: ../ui/MainWindow.ui:154 msgctxt "MainWindow|" msgid "&New Request" msgstr "&Nouvelle requête" #: ../ui/MainWindow.ui:222 ../widgets/MW_menu.cpp:128 msgctxt "MainWindow|" msgid "Certificates" msgstr "Certificats" #: ../ui/MainWindow.ui:246 msgctxt "MainWindow|" msgid "&New Certificate" msgstr "&Nouveau Certificat" #: ../ui/MainWindow.ui:281 msgctxt "MainWindow|" msgid "Import &PKCS#12" msgstr "Importer en &PKCS#12" #: ../ui/MainWindow.ui:288 msgctxt "MainWindow|" msgid "Import P&KCS#7" msgstr "Importer en P&KCS#7" #: ../ui/MainWindow.ui:295 msgctxt "MainWindow|" msgid "Plain View" msgstr "Vue à plat" #: ../ui/MainWindow.ui:335 msgctxt "MainWindow|" msgid "Templates" msgstr "Modèles" #: ../ui/MainWindow.ui:363 msgctxt "MainWindow|" msgid "&New Template" msgstr "&Nouveau modèle" #: ../ui/MainWindow.ui:449 msgctxt "MainWindow|" msgid "&New CRL" msgstr "&Nouvelle liste de révocation" #: ../ui/MainWindow.ui:370 msgctxt "MainWindow|" msgid "Ch&ange Template" msgstr "&Modifier le Modèle" #: ../ui/MainWindow.ui:431 msgctxt "MainWindow|" msgid "Revocation lists" msgstr "Listes de révocation" #: ../widgets/MW_database.cpp:322 msgctxt "MainWindow|" msgid "" "Using or exporting private keys will not be possible without providing the " "correct password" msgstr "" "Il sera impossible d'utiliser ou d'exporter des clés privées sans fournir le " "mot de passe correct." #: ../widgets/MW_database.cpp:330 ../widgets/MainWindow.cpp:928 msgctxt "MainWindow|" msgid "Database" msgstr "Base de données" #: ../widgets/MW_database.cpp:327 #, qt-format msgctxt "MainWindow|" msgid "" "The currently used default hash '%1' is insecure. Please select at least " "'SHA 224' for security reasons." msgstr "" "L'algorithme de hachage '%1' sélectionné n'est pas sûr. SVP choisissez au " "moins 'SHA 224' pour raisons de sécurité." #: ../widgets/MW_database.cpp:246 #, qt-format msgctxt "MainWindow|" msgid "" "Legacy database format detected. Creating a backup copy called: '%1' and " "converting the database to the new format" msgstr "" "Format historique de base de données détecté. Une copie de sauvegarde " "appelée '%1' est créée et la base de données est convertie au nouveau format" #: ../widgets/MW_database.cpp:252 msgctxt "MainWindow|" msgid "Failed to rename the database file, because the target already exists" msgstr "" "Le changement de nom du fichier de base de données a échoué parce qu'un " "autre fichier du même nom existe déjà" #: ../widgets/MW_database.cpp:430 msgctxt "MainWindow|" msgid "No deleted items found" msgstr "Aucun objet détruit n'a été trouvé" #: ../widgets/MW_menu.cpp:79 msgctxt "MainWindow|" msgid "Recent DataBases" msgstr "Bases de données utilisées recemment" #: ../widgets/MW_help.cpp:25 ../widgets/MW_menu.cpp:35 msgctxt "MainWindow|" msgid "System" msgstr "Système" #: ../widgets/MW_help.cpp:28 msgctxt "MainWindow|" msgid "Croatian" msgstr "Croate" #: ../widgets/MW_help.cpp:32 msgctxt "MainWindow|" msgid "English" msgstr "Anglais" #: ../widgets/MW_help.cpp:33 msgctxt "MainWindow|" msgid "French" msgstr "Français" #: ../widgets/MW_help.cpp:35 msgctxt "MainWindow|" msgid "German" msgstr "Allemand" #: ../widgets/MW_help.cpp:43 msgctxt "MainWindow|" msgid "Russian" msgstr "Russe" #: ../widgets/MW_help.cpp:44 msgctxt "MainWindow|" msgid "Slovak" msgstr "Slovaque" #: ../widgets/MW_help.cpp:46 msgctxt "MainWindow|" msgid "Spanish" msgstr "Espagnol" #: ../widgets/MW_help.cpp:39 msgctxt "MainWindow|" msgid "Polish" msgstr "Polonais" #: ../widgets/MW_help.cpp:37 msgctxt "MainWindow|" msgid "Italian" msgstr "Italien" #: ../widgets/MW_help.cpp:26 msgctxt "MainWindow|" msgid "Chinese" msgstr "Chinois" #: ../widgets/MW_help.cpp:30 msgctxt "MainWindow|" msgid "Dutch" msgstr "Néerlandais" #: ../widgets/MW_help.cpp:41 msgctxt "MainWindow|" msgid "Portuguese in Brazil" msgstr "Portugais du Brésil" #: ../widgets/MW_help.cpp:48 msgctxt "MainWindow|" msgid "Turkish" msgstr "Turc" #: ../widgets/MW_menu.cpp:83 msgctxt "MainWindow|" msgid "Language" msgstr "Langue" #: ../widgets/MW_menu.cpp:92 msgctxt "MainWindow|" msgid "&File" msgstr "&Fichier" #: ../widgets/MW_menu.cpp:99 msgctxt "MainWindow|" msgid "Open Remote DataBase" msgstr "Ouvrir une base de données externe" #: ../widgets/MW_menu.cpp:104 msgctxt "MainWindow|" msgid "Set as default DataBase" msgstr "Définir comme base de données par défaut" #: ../widgets/MW_menu.cpp:93 msgctxt "MainWindow|" msgid "New DataBase" msgstr "Nouvelle base de données" #: ../widgets/MW_menu.cpp:96 msgctxt "MainWindow|" msgid "Open DataBase" msgstr "Ouvrir une base de données" #: ../widgets/MW_menu.cpp:107 msgctxt "MainWindow|" msgid "Close DataBase" msgstr "Fermer la base de données" #: ../widgets/MW_menu.cpp:110 msgctxt "MainWindow|" msgid "Options" msgstr "Options" #: ../widgets/MW_menu.cpp:118 msgctxt "MainWindow|" msgid "Exit" msgstr "Quitter" #: ../widgets/MW_menu.cpp:125 msgctxt "MainWindow|" msgid "I&mport" msgstr "I&mporter" #: ../widgets/MW_menu.cpp:126 msgctxt "MainWindow|" msgid "Keys" msgstr "Clés" #: ../widgets/MW_menu.cpp:127 msgctxt "MainWindow|" msgid "Requests" msgstr "Requêtes" #: ../widgets/MW_menu.cpp:129 msgctxt "MainWindow|" msgid "PKCS#12" msgstr "PKCS#12" #: ../widgets/MW_menu.cpp:130 msgctxt "MainWindow|" msgid "PKCS#7" msgstr "PKCS#7" #: ../widgets/MW_menu.cpp:131 msgctxt "MainWindow|" msgid "Template" msgstr "Modèle" #: ../widgets/MW_menu.cpp:132 msgctxt "MainWindow|" msgid "Revocation list" msgstr "Liste de révocation" #: ../widgets/MW_menu.cpp:133 msgctxt "MainWindow|" msgid "PEM file" msgstr "Fichier PEM" #: ../widgets/MW_menu.cpp:134 msgctxt "MainWindow|" msgid "Paste PEM file" msgstr "Coller un fichier PEM" #: ../widgets/MW_menu.cpp:137 msgctxt "MainWindow|" msgid "Token" msgstr "Jeton" #: ../widgets/MW_menu.cpp:154 msgctxt "MainWindow|" msgid "Export Certificate &Index hierarchy" msgstr "Exporter la hiérarchie de l'index des certificats" #: ../widgets/MW_menu.cpp:167 msgctxt "MainWindow|" msgid "Content" msgstr "Contenu" #: ../widgets/MW_menu.cpp:138 msgctxt "MainWindow|" msgid "&Manage Security token" msgstr "&Gérer le jeton de sécurité" #: ../widgets/MW_menu.cpp:140 msgctxt "MainWindow|" msgid "&Init Security token" msgstr "&Initialiser le jeton de sécurité" #: ../widgets/MW_menu.cpp:142 msgctxt "MainWindow|" msgid "&Change PIN" msgstr "&Changer le NIP" #: ../widgets/MW_menu.cpp:144 msgctxt "MainWindow|" msgid "Change &SO PIN" msgstr "Changer le P&UK" #: ../widgets/MW_menu.cpp:146 msgctxt "MainWindow|" msgid "Init PIN" msgstr "Initialiser le NIP" #: ../widgets/MW_menu.cpp:149 msgctxt "MainWindow|" msgid "Extra" msgstr "Extra" #: ../widgets/MW_menu.cpp:150 msgctxt "MainWindow|" msgid "&Dump DataBase" msgstr "C&licher la base de données" #: ../widgets/MW_menu.cpp:152 msgctxt "MainWindow|" msgid "&Export Certificate Index" msgstr "Exporter l'index des certificats" #: ../widgets/MW_menu.cpp:156 msgctxt "MainWindow|" msgid "C&hange DataBase password" msgstr "C&hanger le mot de passe de la base de données" #: ../widgets/MW_menu.cpp:159 msgctxt "MainWindow|" msgid "&Undelete items" msgstr "&Récupérer des objets détruits" #: ../widgets/MW_menu.cpp:162 msgctxt "MainWindow|" msgid "Generate DH parameter" msgstr "Générer le paramètre DH" #: ../widgets/MW_menu.cpp:164 msgctxt "MainWindow|" msgid "OID Resolver" msgstr "Convertisseur d'OID" #: ../widgets/MW_menu.cpp:166 msgctxt "MainWindow|" msgid "&Help" msgstr "&Aide" #: ../widgets/MW_menu.cpp:169 msgctxt "MainWindow|" msgid "About" msgstr "A propos" #: ../widgets/MainWindow.cpp:332 #, qt-format msgctxt "MainWindow|" msgid "no such option: %1" msgstr "'%1' n'est pas une option" #: ../widgets/MainWindow.cpp:422 msgctxt "MainWindow|" msgid "Import PEM data" msgstr "Importer les données PEM" #: ../widgets/MainWindow.cpp:451 #, qt-format msgctxt "MainWindow|" msgid "Please enter the original SO PIN (PUK) of the token '%1'" msgstr "SVP saisir le PUK original du jeton '%1'" #: ../widgets/MainWindow.cpp:149 ../widgets/MainWindow.cpp:929 msgctxt "MainWindow|" msgid "Search" msgstr "Rechercher" #: ../widgets/MainWindow.cpp:457 #, qt-format msgctxt "MainWindow|" msgid "Please enter the new SO PIN (PUK) for the token '%1'" msgstr "SVP saisir le nouveau NIP SO (PUK) pour le jeton: '%1'" #: ../widgets/MainWindow.cpp:464 #, qt-format msgctxt "MainWindow|" msgid "The new label of the token '%1'" msgstr "La nouvelle étiquette du jeton '%1'" #: ../widgets/MainWindow.cpp:572 #, qt-format msgctxt "MainWindow|" msgid "The token '%1' did not contain any keys or certificates" msgstr "Le jeton '%1' ne contient aucune clé ni aucun certificat" #: ../widgets/MainWindow.cpp:634 msgctxt "MainWindow|" msgid "Current Password" msgstr "Mot de passe actuel" #: ../widgets/MainWindow.cpp:635 msgctxt "MainWindow|" msgid "Please enter the current database password" msgstr "SVP saisir le mot de passe de la base de données" #: ../widgets/MainWindow.cpp:645 msgctxt "MainWindow|" msgid "The entered password is wrong" msgstr "Le mot de passe renseigné est inexact" #: ../widgets/MainWindow.cpp:650 ../widgets/MainWindow.cpp:728 msgctxt "MainWindow|" msgid "New Password" msgstr "Nouveau mot de passe" #: ../widgets/MainWindow.cpp:650 msgctxt "MainWindow|" msgid "" "Please enter the new password to encrypt your private keys in the database-" "file" msgstr "" "SVP saisir le nouveau mot de passe pour chiffrer les clés privées dans le " "fichier de base de données" #: ../widgets/MainWindow.cpp:674 msgctxt "MainWindow|" msgid "Transaction start failed" msgstr "Le démarrage de la transaction a échoué" #: ../widgets/MainWindow.cpp:728 #, qt-format msgctxt "MainWindow|" msgid "" "Please enter a password, that will be used to encrypt your private keys in " "the database:\n" "%1" msgstr "" "Veuillez saisir un mot de passe, qui sera utilisé pour chiffrer vos clés " "privées dans la base de données:\n" "%1" #: ../widgets/MainWindow.cpp:749 msgctxt "MainWindow|" msgid "Password verify error, please try again" msgstr "La vérification du mot de passe a échoué. SVP essayez encore" #: ../widgets/MainWindow.cpp:750 msgctxt "MainWindow|" msgid "Password" msgstr "Mot de passe" #: ../widgets/MainWindow.cpp:751 #, qt-format msgctxt "MainWindow|" msgid "" "Please enter the password for unlocking the database:\n" "%1" msgstr "" "Veuillez entrer le mot passe pour déverrouiller la base de données:\n" "%1" #: ../widgets/MainWindow.cpp:770 msgctxt "MainWindow|" msgid "The following error occurred:" msgstr "L'erreur suivante s'est produite:" #: ../widgets/MainWindow.cpp:772 msgctxt "MainWindow|" msgid "Copy to Clipboard" msgstr "Copier dans le presse-papier" #: ../widgets/MainWindow.cpp:841 msgctxt "MainWindow|" msgid "Certificate Index ( index.txt )" msgstr "Index des certificats ( index.txt )" #: ../widgets/MainWindow.cpp:842 ../widgets/MainWindow.cpp:902 msgctxt "MainWindow|" msgid "All files ( * )" msgstr "Tous les fichiers ( * )" #: ../widgets/MainWindow.cpp:871 #, qt-format msgctxt "MainWindow|" msgid "Diffie-Hellman parameters saved as: %1" msgstr "Les paramètres Diffie-Hellman on été sauvegardés dans: %1" #: ../widgets/MainWindow.cpp:887 msgctxt "MainWindow|" msgid "" "Diffie-Hellman parameters are needed for different applications, but not " "handled by XCA.\n" "Please enter the DH parameter bits" msgstr "" "Les paramètres de Diffie-Hellman sont nécessaires à certaines applications " "mais ne sont pas gérés par XCA.\n" "Saisir le nombre de bits du paramètre de Diffie-Hellman SVP" #: ../ui/NewCrl.ui:32 msgctxt "NewCrl|" msgid "Last update" msgstr "Dernière mise-à-jour" #: ../ui/NewCrl.ui:46 msgctxt "NewCrl|" msgid "Next update" msgstr "Prochaine mise-à-jour" #: ../ui/NewCrl.ui:70 msgctxt "NewCrl|" msgid "Days" msgstr "Jours" #: ../ui/NewCrl.ui:75 msgctxt "NewCrl|" msgid "Months" msgstr "Mois" #: ../ui/NewCrl.ui:80 msgctxt "NewCrl|" msgid "Years" msgstr "Années" #: ../ui/NewCrl.ui:88 msgctxt "NewCrl|" msgid "Midnight" msgstr "Minuit" #: ../ui/NewCrl.ui:95 msgctxt "NewCrl|" msgid "Local time" msgstr "Heure locale" #: ../ui/NewCrl.ui:102 msgctxt "NewCrl|" msgid "Apply" msgstr "Appliquer" #: ../ui/NewCrl.ui:128 msgctxt "NewCrl|" msgid "Options" msgstr "Options" #: ../ui/NewCrl.ui:172 msgctxt "NewCrl|" msgid "CRL number" msgstr "Numéro de la liste de révocation" #: ../ui/NewCrl.ui:144 msgctxt "NewCrl|" msgid "Subject alternative name" msgstr "Nom alternatif du sujet" #: ../ui/NewCrl.ui:199 msgctxt "NewCrl|" msgid "Revocation reasons" msgstr "Raisons de la révocation" #: ../ui/NewCrl.ui:158 msgctxt "NewCrl|" msgid "Authority key identifier" msgstr "Identifiant de clé de l'autorité" #: ../ui/NewCrl.ui:134 msgctxt "NewCrl|" msgid "Hash algorithm" msgstr "Algorithme de hachage" #: ../ui/NewKey.ui:86 msgctxt "NewKey|" msgid "Please give a name to the new key and select the desired keysize" msgstr "" "SVP donner un nom à la nouvelle clé et sélectionner la taille de clé désirée" #: ../ui/NewKey.ui:96 msgctxt "NewKey|" msgid "Key properties" msgstr "Propriétés de la clé" #: ../ui/NewKey.ui:102 msgctxt "NewKey|" msgid "Name" msgstr "Nom" #: ../ui/NewKey.ui:121 msgctxt "NewKey|" msgid "The internal name of the new key" msgstr "Le nom interne de la nouvelle clé" #: ../ui/NewKey.ui:151 msgctxt "NewKey|" msgid "Curve name" msgstr "Nom de la courbe" #: ../ui/NewKey.ui:171 msgctxt "NewKey|" msgid "Usually at least 2048 bit keys are recommended" msgstr "Généralement une clé de 2048 bits est recommandée" #: ../ui/NewKey.ui:39 ../ui/NewKey.ui:124 msgctxt "NewKey|" msgid "New Key" msgstr "Nouvelle Clé" #: ../ui/NewKey.ui:158 msgctxt "NewKey|" msgid "Keysize" msgstr "Taille de la clé" #: ../ui/NewKey.ui:178 msgctxt "NewKey|" msgid "Keytype" msgstr "Type de clé" #: ../ui/NewKey.ui:188 msgctxt "NewKey|" msgid "Remember as default" msgstr "Enregistrer comme valeur par défaut" #: ../widgets/NewKey.cpp:181 msgctxt "NewKey|" msgid "Create" msgstr "Créer" #: ../ui/NewX509.ui:75 msgctxt "NewX509|" msgid "Source" msgstr "Source" #: ../ui/NewX509.ui:97 msgctxt "NewX509|" msgid "Signing request" msgstr "Requête de signature" #: ../ui/NewX509.ui:112 msgctxt "NewX509|" msgid "Show request" msgstr "Afficher la requête" #: ../ui/NewX509.ui:119 msgctxt "NewX509|" msgid "Sign this Certificate signing &request" msgstr "Signer cette &requête" #: ../ui/NewX509.ui:126 msgctxt "NewX509|" msgid "Copy extensions from the request" msgstr "Copier les extensions de la requête" #: ../ui/NewX509.ui:136 msgctxt "NewX509|" msgid "Modify subject of the request" msgstr "Modifier le sujet de la requête" #: ../ui/NewX509.ui:169 msgctxt "NewX509|" msgid "Signing" msgstr "Signer" #: ../ui/NewX509.ui:177 msgctxt "NewX509|" msgid "Create a &self signed certificate" msgstr "Créer un certificat auto-&signé" #: ../ui/NewX509.ui:191 msgctxt "NewX509|" msgid "Use &this Certificate for signing" msgstr "Utiliser &ce certificat pour signer" #: ../ui/NewX509.ui:198 msgctxt "NewX509|" msgid "All certificates in your database that can create valid signatures" msgstr "" "Tous les certificats dans la base de données qui peuvent produire des " "signatures valables" #: ../ui/NewX509.ui:225 msgctxt "NewX509|" msgid "Signature algorithm" msgstr "Algorithme de signature" #: ../ui/NewX509.ui:253 msgctxt "NewX509|" msgid "Template for the new certificate" msgstr "Modèle pour le nouveau certificat" #: ../ui/NewX509.ui:265 msgctxt "NewX509|" msgid "All available templates" msgstr "Tous les modèles disponibles" #: ../ui/NewX509.ui:287 msgctxt "NewX509|" msgid "Apply extensions" msgstr "Appliquer les extensions" #: ../ui/NewX509.ui:294 msgctxt "NewX509|" msgid "Apply subject" msgstr "Appliquer le sujet" #: ../ui/NewX509.ui:307 msgctxt "NewX509|" msgid "Apply all" msgstr "Appliquer tout" #: ../ui/NewX509.ui:336 ../widgets/NewX509.cpp:590 msgctxt "NewX509|" msgid "Subject" msgstr "Sujet" #: ../ui/NewX509.ui:344 msgctxt "NewX509|" msgid "Internal Name" msgstr "Nom interne" #: ../ui/NewX509.ui:360 msgctxt "NewX509|" msgid "Distinguished name" msgstr "Nom distinctif" #: ../ui/NewX509.ui:386 msgctxt "NewX509|" msgid "Add" msgstr "Ajouter" #: ../ui/NewX509.ui:393 msgctxt "NewX509|" msgid "Delete" msgstr "Enlever" #: ../ui/NewX509.ui:430 msgctxt "NewX509|" msgid "Private key" msgstr "Clé privée" #: ../ui/NewX509.ui:442 msgctxt "NewX509|" msgid "This list only contains unused keys" msgstr "Cette liste ne contient que les clés inutilisées" #: ../ui/NewX509.ui:449 msgctxt "NewX509|" msgid "Used keys too" msgstr "Inclure les clés utilisées" #: ../ui/NewX509.ui:456 msgctxt "NewX509|" msgid "&Generate a new key" msgstr "&Générer une nouvelle clé" #: ../ui/NewX509.ui:467 msgctxt "NewX509|" msgid "Extensions" msgstr "Extensions" #: ../ui/NewX509.ui:478 msgctxt "NewX509|" msgid "Type" msgstr "Type" #: ../ui/NewX509.ui:485 msgctxt "NewX509|" msgid "If this will become a CA certificate or not" msgstr "Si un certificat d'autorité (CA) est en train d'être créé ou non" #: ../ui/NewX509.ui:489 msgctxt "NewX509|" msgid "Not defined" msgstr "Non défini" #: ../ui/NewX509.ui:494 msgctxt "NewX509|" msgid "Certification Authority" msgstr "Autorité de Certification" #: ../ui/NewX509.ui:499 msgctxt "NewX509|" msgid "End Entity" msgstr "Entité Finale" #: ../ui/NewX509.ui:507 msgctxt "NewX509|" msgid "Path length" msgstr "Distance aux entités finales" #: ../ui/NewX509.ui:514 msgctxt "NewX509|" msgid "How much CAs may be below this." msgstr "" "Combien de niveau de sous-CA peuvent apparaître jusqu'à une entité finale." #: ../ui/NewX509.ui:521 msgctxt "NewX509|" msgid "The basic constraints should always be critical" msgstr "Les contraintes basiques doivent toujours être critiques" #: ../ui/NewX509.ui:534 msgctxt "NewX509|" msgid "Key identifier" msgstr "Identifiant de clé" #: ../ui/NewX509.ui:546 msgctxt "NewX509|" msgid "Creates a hash of the key following the PKIX guidelines" msgstr "Crée un hachage de la clé conformément aux directives PKIX" #: ../ui/NewX509.ui:556 msgctxt "NewX509|" msgid "Copy the Subject Key Identifier from the issuer" msgstr "Copie l'identifiant de clé du sujet du signataire" #: ../ui/NewX509.ui:593 msgctxt "NewX509|" msgid "Validity" msgstr "Validité" #: ../ui/NewX509.ui:599 msgctxt "NewX509|" msgid "Not before" msgstr "Pas avant" #: ../ui/NewX509.ui:613 msgctxt "NewX509|" msgid "Not after" msgstr "Pas après" #: ../ui/NewX509.ui:630 msgctxt "NewX509|" msgid "Time range" msgstr "Intervalle de temps" #: ../ui/NewX509.ui:640 msgctxt "NewX509|" msgid "Days" msgstr "Jours" #: ../ui/NewX509.ui:645 msgctxt "NewX509|" msgid "Months" msgstr "Mois" #: ../ui/NewX509.ui:650 msgctxt "NewX509|" msgid "Years" msgstr "Années" #: ../ui/NewX509.ui:664 msgctxt "NewX509|" msgid "Apply" msgstr "Appliquer" #: ../ui/NewX509.ui:671 msgctxt "NewX509|" msgid "Set the time to 00:00:00 and 23:59:59 respectively" msgstr "Définir les heures à 00:00:00 et 23:59:59 respectivement" #: ../ui/NewX509.ui:674 msgctxt "NewX509|" msgid "Midnight" msgstr "Minuit" #: ../ui/NewX509.ui:681 msgctxt "NewX509|" msgid "Local time" msgstr "Heure locale" #: ../ui/NewX509.ui:688 msgctxt "NewX509|" msgid "No well-defined expiration" msgstr "Pas de date d'expiration précise" #: ../ui/NewX509.ui:738 ../ui/NewX509.ui:755 ../ui/NewX509.ui:827 msgctxt "NewX509|" msgid "DNS: IP: URI: email: RID:" msgstr "DNS: IP: URI: email: RID:" #: ../ui/NewX509.ui:745 ../ui/NewX509.ui:762 ../ui/NewX509.ui:795 #: ../ui/NewX509.ui:834 ../widgets/NewX509.cpp:972 msgctxt "NewX509|" msgid "Edit" msgstr "Modifier" #: ../ui/NewX509.ui:788 msgctxt "NewX509|" msgid "URI:" msgstr "URI:" #: ../ui/NewX509.ui:866 msgctxt "NewX509|" msgid "Key usage" msgstr "Utilisation de la clé" #: ../ui/NewX509.ui:977 msgctxt "NewX509|" msgid "Netscape" msgstr "Netscape" #: ../ui/NewX509.ui:1135 msgctxt "NewX509|" msgid "Advanced" msgstr "Avancé" #: ../ui/NewX509.ui:1159 ../widgets/NewX509.cpp:982 msgctxt "NewX509|" msgid "Validate" msgstr "Valider" #: ../ui/NewX509.ui:1182 msgctxt "NewX509|" msgid "Comment" msgstr "Commentaire" #: ../ui/NewX509.ui:351 msgctxt "NewX509|" msgid "" "This name is only used internally and does not appear in the resulting " "certificate" msgstr "" "Ce nom est seulement utilisé par xca et n'apparaît pas dans le certificat " "exporté" #: ../widgets/NewX509.cpp:253 msgctxt "NewX509|" msgid "Critical" msgstr "Critique" #: ../widgets/NewX509.cpp:291 msgctxt "NewX509|" msgid "Create Certificate signing request" msgstr "Créer une requête de signature de certificat" #: ../widgets/NewX509.cpp:318 #, qt-format msgctxt "NewX509|" msgid "minimum size: %1" msgstr "taille minimale: %1" #: ../widgets/NewX509.cpp:320 #, qt-format msgctxt "NewX509|" msgid "maximum size: %1" msgstr "taille maximale: %1" #: ../widgets/NewX509.cpp:322 msgctxt "NewX509|" msgid "only a-z A-Z 0-9 '()+,-./:=?" msgstr "seulement a-z A-Z 0-9 '()+,-./:=?" #: ../widgets/NewX509.cpp:326 msgctxt "NewX509|" msgid "only 7-bit clean characters" msgstr "seulement des caractères 7-bit ASCII imprimables" #: ../widgets/NewX509.cpp:351 msgctxt "NewX509|" msgid "Edit XCA template" msgstr "Editer un modèle XCA" #: ../widgets/NewX509.cpp:364 msgctxt "NewX509|" msgid "Create x509 Certificate" msgstr "Créer un certificat x509" #: ../widgets/NewX509.cpp:722 #, qt-format msgctxt "NewX509|" msgid "Template '%1' applied" msgstr "Le modèle '%1' a été appliqué" #: ../widgets/NewX509.cpp:729 #, qt-format msgctxt "NewX509|" msgid "Subject applied from template '%1'" msgstr "Sujet extrait du modèle '%1'" #: ../widgets/NewX509.cpp:737 #, qt-format msgctxt "NewX509|" msgid "Extensions applied from template '%1'" msgstr "Les extensions du modéle '%1' ont été appliquées" #: ../widgets/NewX509.cpp:752 #, qt-format msgctxt "NewX509|" msgid "New key '%1' created" msgstr "La nouvelle clé '%1' a été créée" #: ../widgets/NewX509.cpp:1005 msgctxt "NewX509|" msgid "Other Tabs" msgstr "Autres Onglets" #: ../widgets/NewX509.cpp:1019 msgctxt "NewX509|" msgid "Advanced Tab" msgstr "Onglet Avancé" #: ../widgets/NewX509.cpp:1026 msgctxt "NewX509|" msgid "Errors" msgstr "Erreurs" #: ../widgets/NewX509.cpp:1044 msgctxt "NewX509|" msgid "From PKCS#10 request" msgstr "A partir d'une requête en PKCS#10" #: ../widgets/NewX509.cpp:1140 ../widgets/NewX509.cpp:1153 #: ../widgets/NewX509.cpp:1172 ../widgets/NewX509.cpp:1184 #: ../widgets/NewX509.cpp:1200 ../widgets/NewX509.cpp:1214 #: ../widgets/NewX509.cpp:1248 ../widgets/NewX509.cpp:1259 #: ../widgets/NewX509.cpp:1282 ../widgets/NewX509.cpp:1305 #: ../widgets/NewX509.cpp:1331 ../widgets/NewX509.cpp:1351 msgctxt "NewX509|" msgid "Abort rollout" msgstr "Interrompre le déploiement" #: ../widgets/NewX509.cpp:1149 msgctxt "NewX509|" msgid "The following length restrictions of RFC3280 are violated:" msgstr "" "Pour être en conformité avec la RFC3280, les règles de restriction de " "longueur suivantes ne sont pas respectées:" #: ../widgets/NewX509.cpp:1152 ../widgets/NewX509.cpp:1213 msgctxt "NewX509|" msgid "Edit subject" msgstr "Modifier le sujet" #: ../widgets/NewX509.cpp:1154 ../widgets/NewX509.cpp:1215 #: ../widgets/NewX509.cpp:1260 ../widgets/NewX509.cpp:1283 #: ../widgets/NewX509.cpp:1306 ../widgets/NewX509.cpp:1332 #: ../widgets/NewX509.cpp:1352 msgctxt "NewX509|" msgid "Continue rollout" msgstr "Continuer le déploiement" #: ../widgets/NewX509.cpp:1170 msgctxt "NewX509|" msgid "" "The verification of the Certificate request failed.\n" "The rollout should be aborted." msgstr "" "La vérification de la requête de signature à échoué.\n" "Le déploiement devrait être interrompu." #: ../widgets/NewX509.cpp:1171 msgctxt "NewX509|" msgid "Continue anyway" msgstr "Continuer quand-même" #: ../widgets/NewX509.cpp:1182 msgctxt "NewX509|" msgid "" "The internal name and the common name are empty.\n" "Please set at least the internal name." msgstr "" "Le nom interne et le nom commun sont vides.\n" "SVP saisir au moins le nom interne." #: ../widgets/NewX509.cpp:1183 msgctxt "NewX509|" msgid "Edit name" msgstr "Modifier le nom" #: ../widgets/NewX509.cpp:1198 msgctxt "NewX509|" msgid "There is no Key selected for signing." msgstr "Aucune clé n'est sélectionnée pour la signature." #: ../widgets/NewX509.cpp:1199 msgctxt "NewX509|" msgid "Select key" msgstr "Sélectionner la clé" #: ../widgets/NewX509.cpp:1211 #, qt-format msgctxt "NewX509|" msgid "" "The following distinguished name entries are empty:\n" "%1\n" "though you have declared them as mandatory in the options menu." msgstr "" "Les indications de nom distinctif suivantes sont vides:\n" "%1\n" "bien que vous les avez déclarées comme obligatoires dans le menu des options." #: ../widgets/NewX509.cpp:1245 msgctxt "NewX509|" msgid "The key you selected for signing is not a private one." msgstr "La clé sélectionnée pour la signature n'est pas une clé privée." #: ../widgets/NewX509.cpp:1246 msgctxt "NewX509|" msgid "Select other signer" msgstr "Sélectionner un autre signataire" #: ../widgets/NewX509.cpp:1246 msgctxt "NewX509|" msgid "Select other key" msgstr "Sélectionner une autre clé" #: ../widgets/NewX509.cpp:1256 msgctxt "NewX509|" msgid "" "The certificate will be earlier valid than the signer. This is probably not " "what you want." msgstr "" "Le certificat serait valide avant son signataire. Ce n'est probablement pas " "ce qui est désiré." #: ../widgets/NewX509.cpp:1258 ../widgets/NewX509.cpp:1281 #: ../widgets/NewX509.cpp:1304 msgctxt "NewX509|" msgid "Edit dates" msgstr "Modifier les limites de validité" #: ../widgets/NewX509.cpp:1261 ../widgets/NewX509.cpp:1284 msgctxt "NewX509|" msgid "Adjust date and continue" msgstr "Ajuster la date et continuer" #: ../widgets/NewX509.cpp:1279 msgctxt "NewX509|" msgid "" "The certificate will be longer valid than the signer. This is probably not " "what you want." msgstr "" "Le certificat serait valide plus longtemps que son signataire. Ce n'est " "probablement pas ce qui est désiré." #: ../widgets/NewX509.cpp:1302 msgctxt "NewX509|" msgid "" "The certificate will be out of date before it becomes valid. You most " "probably mixed up both dates." msgstr "" "Le certificat serait échu avant de devenir actif. Vous avez probablement " "interverti les deux dates." #: ../widgets/NewX509.cpp:1323 msgctxt "NewX509|" msgid "" "The certificate contains invalid or duplicate extensions. Check the " "validation on the advanced tab." msgstr "" "Le certificat contient des extensions dupliquées ou invalides. Vérifier la " "validité sur l'onglet \"Avancé\"." #: ../widgets/NewX509.cpp:1326 msgctxt "NewX509|" msgid "" "The certificate contains no extensions. You may apply the extensions of one " "of the templates to define the purpose of the certificate." msgstr "" "Le certificat ne contient aucune extension. Vous pouvez appliquer des " "extensions à partir de l'un des modèles pour définir l'usage du certificat" #: ../widgets/NewX509.cpp:1330 ../widgets/NewX509.cpp:1350 msgctxt "NewX509|" msgid "Edit extensions" msgstr "Modifier les extensions" #: ../widgets/NewX509.cpp:1349 msgctxt "NewX509|" msgid "" "The subject alternative name shall contain a copy of the common name. " "However, the common name is empty." msgstr "" "Le nom alternatif du sujet devrait contenir une copie du nom commun. " "Cependant ce dernier est vide." #: ../widgets/NewX509_ext.cpp:217 #, qt-format msgctxt "NewX509|" msgid "Configfile error on line %1\n" msgstr "Erreur dans le fichier de configuration à la ligne %1\n" #: ../ui/OidResolver.ui:28 msgctxt "OidResolver|" msgid "OID Resolver" msgstr "Convertisseur d'OID" #: ../ui/OidResolver.ui:38 msgctxt "OidResolver|" msgid "Enter the OID, the Nid, or one of the textual representations" msgstr "Saisir l'OID, le Nid ou une des représentations symboliques" #: ../ui/OidResolver.ui:47 msgctxt "OidResolver|" msgid "Search" msgstr "Rechercher" #: ../ui/OidResolver.ui:74 msgctxt "OidResolver|" msgid "OID" msgstr "OID" #: ../ui/OidResolver.ui:119 msgctxt "OidResolver|" msgid "Long name" msgstr "Nom complet" #: ../ui/OidResolver.ui:145 ../ui/OidResolver.ui:167 msgctxt "OidResolver|" msgid "OpenSSL internal ID" msgstr "Identification interne à OpenSSL" #: ../ui/OidResolver.ui:148 msgctxt "OidResolver|" msgid "Nid" msgstr "Nid" #: ../ui/OidResolver.ui:177 msgctxt "OidResolver|" msgid "Short name" msgstr "Nom abrégé" #: ../ui/OpenDb.ui:36 msgctxt "OpenDb|" msgid "Open remote database" msgstr "Ouvrir une base de données externe" #: ../ui/OpenDb.ui:98 msgctxt "OpenDb|" msgid "Database type" msgstr "Type de base de données" #: ../ui/OpenDb.ui:108 msgctxt "OpenDb|" msgid "Hostname" msgstr "Nom du serveur" #: ../ui/OpenDb.ui:118 msgctxt "OpenDb|" msgid "Username" msgstr "Nom de l'utilisateur" #: ../ui/OpenDb.ui:128 msgctxt "OpenDb|" msgid "Password" msgstr "Mot de passe" #: ../ui/OpenDb.ui:142 msgctxt "OpenDb|" msgid "Database name" msgstr "Nom de la base de données" #: ../ui/OpenDb.ui:152 msgctxt "OpenDb|" msgid "Table prefix" msgstr "Préfixe du nom des tables" #: ../widgets/OpenDb.cpp:143 msgctxt "OpenDb|" msgid "" "No SqLite3 driver available. Please install the qt-sqlite package of your " "distribution" msgstr "" "Le pilote SqLite3 n'est pas disponible. SVP installez le paquetage qt-sqlite " "de votre distribution" #: ../widgets/OpenDb.cpp:187 #, qt-format msgctxt "OpenDb|" msgid "" "Please enter the password to access the database server %2 as user '%1'." msgstr "" "SVP saisir le mot de passe de l'utilisateur '%1' sur le serveur de base de " "données %2." #: ../widgets/OpenDb.cpp:220 msgctxt "OpenDb|" msgid "" "The database driver does not support transactions. This may happen if the " "client and server have different versions. Continue with care." msgstr "" "Le pilote de base de données ne supporte pas les transactions. Ceci peut se " "produire si le client et le serveur n'ont pas les mêmes versions. Continuez " "avec prudence" #: ../ui/Options.ui:28 msgctxt "Options|" msgid "XCA Options" msgstr "Options de XCA" #: ../ui/Options.ui:42 msgctxt "Options|" msgid "Settings" msgstr "Réglages" #: ../ui/Options.ui:50 msgctxt "Options|" msgid "Default hash algorithm" msgstr "Algorithme de hachage par défaut" #: ../ui/Options.ui:64 msgctxt "Options|" msgid "String types" msgstr "Types de chaînes" #: ../ui/Options.ui:76 msgctxt "Options|" msgid "Suppress success messages" msgstr "Supprimer les messages en cas de succès" #: ../ui/Options.ui:109 msgctxt "Options|" msgid "Don't colorize expired certificates" msgstr "Ne pas coloriser les certificats expirés" #: ../ui/Options.ui:90 #, qt-format msgctxt "Options|" msgid "Translate established x509 terms (%1 -> %2)" msgstr "Traduire les termes standards définis par x509 (%1 -> %2)" #: ../ui/Options.ui:97 msgctxt "Options|" msgid "" "The hashing functionality of the token is not used by XCA.\n" "It may however honor a restricted hash-set propagated by the token.\n" "Especially EC and DSA are only defined with SHA1 in the PKCS#11 " "specification." msgstr "" "La fonctionalité de hachage du jeton n'est pas utilisée par XCA.\n" "Ce dernier peut néanmoins se limiter à un jeu restreint de fonctions de " "hachage reconnus par le jeton.\n" "En particulier, EC et DSA ne sont définis qu'avec SHA1 dans la spécification " "PKCS#11." #: ../ui/Options.ui:102 msgctxt "Options|" msgid "Only use hashes supported by the token when signing with a token key" msgstr "" "N'utiliser que des fonction de hachage supportées par le jeton lors d'une " "signature avec une clé du jeton" #: ../ui/Options.ui:83 msgctxt "Options|" msgid "Disable legacy Netscape extensions" msgstr "Désactiver les extensions Netscape désuètes" #: ../ui/Options.ui:127 msgctxt "Options|" msgid "Certificate expiry warning threshold" msgstr "Seuil d'avertissement de l'expiration d'un certificat" #: ../ui/Options.ui:146 msgctxt "Options|" msgid "Send vCalendar expiry reminder" msgstr "Envoyer un message vCalendar de rappel d'expiration" #: ../ui/Options.ui:157 msgctxt "Options|" msgid "Serial number length" msgstr "Longueur du numéro de série" #: ../ui/Options.ui:164 msgctxt "Options|" msgid " bit" msgstr " bits" #: ../ui/Options.ui:199 msgctxt "Options|" msgid "Distinguished name" msgstr "Nom distinctif" #: ../ui/Options.ui:205 msgctxt "Options|" msgid "Mandatory subject entries" msgstr "Inscriptions du sujet obligatoires" #: ../ui/Options.ui:223 ../ui/Options.ui:284 ../ui/Options.ui:363 msgctxt "Options|" msgid "Add" msgstr "Ajouter" #: ../ui/Options.ui:230 ../ui/Options.ui:291 msgctxt "Options|" msgid "Delete" msgstr "Enlever" #: ../ui/Options.ui:255 msgctxt "Options|" msgid "Explicit subject entries" msgstr "Inscriptions explicites du sujet" #: ../ui/Options.ui:273 msgctxt "Options|" msgid "Dynamically arrange explicit subject entries" msgstr "Arranger dynamiquement les éléments explicites du sujet" #: ../ui/Options.ui:298 msgctxt "Options|" msgid "Default" msgstr "Défaut" #: ../ui/Options.ui:324 msgctxt "Options|" msgid "PKCS#11 provider" msgstr "Fournisseur PKCS#11" #: ../ui/Options.ui:376 msgctxt "Options|" msgid "Remove" msgstr "Enlever" #: ../ui/Options.ui:383 msgctxt "Options|" msgid "Search" msgstr "Rechercher" #: ../widgets/Options.cpp:32 msgctxt "Options|" msgid "Printable string or UTF8 (default)" msgstr "Chaîne imprimable ou UTF8 (défaut)" #: ../widgets/Options.cpp:33 msgctxt "Options|" msgid "PKIX recommendation in RFC2459" msgstr "La recommandation PKIX est dans la RFC2459" #: ../widgets/Options.cpp:34 msgctxt "Options|" msgid "No BMP strings, only printable and T61" msgstr "Pas de chaîne BMP, seulement imprimable et T61" #: ../widgets/Options.cpp:35 msgctxt "Options|" msgid "UTF8 strings only (RFC2459)" msgstr "Chaînes UTF8 uniquement (RFC2459)" #: ../widgets/Options.cpp:36 msgctxt "Options|" msgid "All strings" msgstr "Toutes les chaînes" #: ../widgets/Options.cpp:59 msgctxt "Options|" msgid "Days" msgstr "Jours" #: ../widgets/Options.cpp:59 msgctxt "Options|" msgid "Weeks" msgstr "Semaines" #: ../ui/PwDialog.ui:118 msgctxt "PwDialog|" msgid "" "The password is parsed as 2-digit hex code. It must have an even number of " "digits (0-9 and a-f)" msgstr "" "Le mot de passe doit être exprimé sous forme d'une suite de chiffres " "hexadécimaux. Il doit contenir un nombre pair de chiffres (0-9 et a-f)" #: ../ui/PwDialog.ui:121 msgctxt "PwDialog|" msgid "Take as HEX string" msgstr "Exprimé en hexadécimal" #: ../widgets/PwDialog.cpp:85 #, qt-format msgctxt "PwDialog|" msgid "Repeat %1" msgstr "Répéter %1" #: ../widgets/PwDialog.cpp:98 #, qt-format msgctxt "PwDialog|" msgid "%1 mismatch" msgstr "%1 ne correspond pas" #: ../widgets/PwDialog.cpp:105 msgctxt "PwDialog|" msgid "" "Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it " "must consist of an even number of characters" msgstr "" "Un mot de passe hexadécimal peut seulement contenir les caractères '0' à '9' " "et 'a' à 'f' et il doit consister en un nombre pair de caractères" #: ../widgets/PwDialog.cpp:131 msgctxt "PwDialog|" msgid "E&xit" msgstr "&Quitter" #: ../lib/asn1time.cpp:155 msgctxt "QObject|" msgid "Undefined" msgstr "Indéfini" #: ../lib/asn1time.cpp:157 msgctxt "QObject|" msgid "Broken / Invalid" msgstr "Invalide" #: ../lib/asn1time.cpp:203 #, qt-format msgctxt "QObject|" msgid "in %1 seconds" msgstr "dans %1 secondes" #: ../lib/asn1time.cpp:204 #, qt-format msgctxt "QObject|" msgid "%1 seconds ago" msgstr "il y a %1 secondes" #: ../lib/asn1time.cpp:207 #, qt-format msgctxt "QObject|" msgid "in %1 minutes" msgstr "dans %1 minutes" #: ../lib/asn1time.cpp:208 #, qt-format msgctxt "QObject|" msgid "%1 minutes ago" msgstr "il y a %1 minutes" #: ../lib/asn1time.cpp:210 msgctxt "QObject|" msgid "Yesterday" msgstr "Hier" #: ../lib/asn1time.cpp:212 msgctxt "QObject|" msgid "Tomorrow" msgstr "Demain" #: ../lib/asn1time.cpp:215 #, qt-format msgctxt "QObject|" msgid "in %1 hours" msgstr "dans %1 heures" #: ../lib/asn1time.cpp:216 #, qt-format msgctxt "QObject|" msgid "%1 hours ago" msgstr "il y a %1 heures" #: ../lib/db.cpp:222 #, qt-format msgctxt "QObject|" msgid "DB: Rename: '%1' already in use" msgstr "DB: Renommer: '%1' déjà en utilisation" #: ../lib/db.cpp:226 #, qt-format msgctxt "QObject|" msgid "DB: Entry to rename not found: %1" msgstr "DB: l'inscription à renommer n'a pas été trouvée: '%1'" #: ../lib/db.cpp:236 #, qt-format msgctxt "QObject|" msgid "DB: Write error %1 - %2" msgstr "DB: Erreur d'écriture %1 - %2" #: ../lib/db.cpp:565 ../lib/db.cpp:582 msgctxt "QObject|" msgid "Out of data" msgstr "A court de données" #: ../lib/db.cpp:605 msgctxt "QObject|" msgid "Error finding endmarker of string" msgstr "Erreur: une marque de fin de chaîne n'a pas été trouvée" #: ../lib/exception.h:55 #, qt-format msgctxt "QObject|" msgid "Out of Memory at %1:%2" msgstr "A court de mémoire à %1:%2" #: ../lib/load_obj.cpp:20 msgctxt "QObject|" msgid "All files ( * )" msgstr "Tous les fichiers ( * )" #: ../lib/load_obj.cpp:57 msgctxt "QObject|" msgid "Import RSA key" msgstr "Importer une clé RSA" #: ../lib/load_obj.cpp:54 msgctxt "QObject|" msgid "" "PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; SSH Public " "Keys ( *.pub );;" msgstr "" "Clés PKI ( *.pem *.der *.key );;Clés PKCS#8 ( *.p8 *.pk8 );;Clés publiques " "SSH ( *.pub );;" #: ../lib/load_obj.cpp:69 msgctxt "QObject|" msgid "PKCS#10 CSR ( *.pem *.der *.csr );; " msgstr "PKCS#10 CSR ( *.pem *.der *.csr );;" #: ../lib/load_obj.cpp:70 msgctxt "QObject|" msgid "Import Request" msgstr "Importer une requête" #: ../lib/load_obj.cpp:82 msgctxt "QObject|" msgid "Certificates ( *.pem *.der *.crt *.cer );;" msgstr "Certificats ( *.pem *.der *.crt *.cer );;" #: ../lib/load_obj.cpp:83 msgctxt "QObject|" msgid "Import X.509 Certificate" msgstr "Importer un certificat X.509" #: ../lib/load_obj.cpp:95 msgctxt "QObject|" msgid "PKCS#7 data ( *.p7s *.p7m *.p7b );;" msgstr "Données PKCS#7 ( *.p7s *.p7m *.p7b );;" #: ../lib/load_obj.cpp:96 msgctxt "QObject|" msgid "Import PKCS#7 Certificates" msgstr "Importer un certificat PKCS#7" #: ../lib/load_obj.cpp:108 msgctxt "QObject|" msgid "PKCS#12 Certificates ( *.p12 *.pfx );;" msgstr "Certificats PKCS#12 ( *.p12 *.pfx );;" #: ../lib/load_obj.cpp:109 msgctxt "QObject|" msgid "Import PKCS#12 Private Certificate" msgstr "Importer un certificat privé PKCS#12" #: ../lib/load_obj.cpp:122 msgctxt "QObject|" msgid "XCA templates ( *.xca );;" msgstr "Modèles XCA ( *.xca );;" #: ../lib/load_obj.cpp:123 msgctxt "QObject|" msgid "Import XCA Templates" msgstr "Importer des modèles XCA" #: ../lib/load_obj.cpp:135 msgctxt "QObject|" msgid "Revocation lists ( *.pem *.der *.crl );;" msgstr "Listes de révocation ( *.pem *.der *.crl );;" #: ../lib/load_obj.cpp:136 msgctxt "QObject|" msgid "Import Certificate Revocation List" msgstr "Importer une liste de révocation de certificats" #: ../lib/load_obj.cpp:148 msgctxt "QObject|" msgid "XCA Databases ( *.xdb );;" msgstr "Bases de données XCA ( *.xdb );;" #: ../lib/load_obj.cpp:149 msgctxt "QObject|" msgid "Open XCA Database" msgstr "Ouvrir une Base de Données XCA" #: ../lib/load_obj.cpp:157 msgctxt "QObject|" msgid "PKCS#11 library ( *.dll );;" msgstr "Bibliothèque PKCS#11 ( *.dll );;" #: ../lib/load_obj.cpp:159 msgctxt "QObject|" msgid "PKCS#11 library ( *.dylib *.so );;" msgstr "Bibliothèque PKCS#11 ( *.dylib *.so );;" #: ../lib/load_obj.cpp:161 msgctxt "QObject|" msgid "PKCS#11 library ( *.so );;" msgstr "Bibliothèque PKCS#11 ( *.so );;" #: ../lib/load_obj.cpp:163 msgctxt "QObject|" msgid "Open PKCS#11 shared library" msgstr "Ouvrir une bibliothèque partagée PKCS#11" #: ../lib/load_obj.cpp:170 msgctxt "QObject|" msgid "PEM files ( *.pem );;" msgstr "Fichiers PEM ( *.pem );;" #: ../lib/load_obj.cpp:171 msgctxt "QObject|" msgid "Load PEM encoded file" msgstr "Charger un fichier en format PEM" #: ../lib/pkcs11.cpp:245 msgctxt "QObject|" msgid "Please enter the PIN on the PinPad" msgstr "Saisir le NIP sur le pavé prévu à cet effet SVP" #: ../lib/pkcs11.cpp:256 #, qt-format msgctxt "QObject|" msgid "Please enter the SO PIN (PUK) of the token %1" msgstr "SVP saisir le PUK du jeton '%1'" #: ../lib/pkcs11.cpp:257 #, qt-format msgctxt "QObject|" msgid "Please enter the PIN of the token %1" msgstr "SVP saisir le NIP du jeton '%1'" #: ../lib/pkcs11.cpp:310 msgctxt "QObject|" msgid "No Security token found" msgstr "Aucun jeton de sécurité trouvé" #: ../lib/pkcs11.cpp:321 msgctxt "QObject|" msgid "Select" msgstr "Sélectionner" #: ../lib/pkcs11.cpp:344 #, qt-format msgctxt "QObject|" msgid "Please enter the new SO PIN (PUK) for the token: '%1'" msgstr "SVP saisir le nouveau PUK pour le jeton: '%1'" #: ../lib/pkcs11.cpp:346 #, qt-format msgctxt "QObject|" msgid "Please enter the new PIN for the token: '%1'" msgstr "SVP saisir le nouveau NIP pour le jeton: '%1'" #: ../lib/pkcs11.h:92 #, qt-format msgctxt "QObject|" msgid "Required PIN size: %1 - %2" msgstr "Taille du NIP requise: %1 - %2" #: ../lib/pkcs11_lib.cpp:35 #, qt-format msgctxt "QObject|" msgid "Failed to open PKCS11 library: %1: %2" msgstr "L'ouverture de la bibliothèque PKCS#11 '%1' a échoué: %2" #: ../lib/pkcs11_lib.cpp:41 msgctxt "QObject|" msgid "" "This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not " "found." msgstr "" "Cela n'a pas l'air d'une bibliothèque PKCS#11. Le symbole " "'C_GetFunctionList' n'a pas été trouvé." #: ../lib/pkcs11_lib.cpp:123 msgctxt "QObject|" msgid "Disabled" msgstr "Désactivé" #: ../lib/pkcs11_lib.cpp:127 msgctxt "QObject|" msgid "Library loading failed" msgstr "Le chargement de la bibliothèque a échoué" #: ../lib/pkcs11_lib.cpp:312 #, qt-format msgctxt "QObject|" msgid "PKCS#11 function '%1' failed: %2" msgstr "La fonction PKCS#11 '%1' a échoué: %2" #: ../lib/pkcs11_lib.cpp:320 #, qt-format msgctxt "QObject|" msgid "" "PKCS#11 function '%1' failed: %2\n" "In library %3\n" "%4" msgstr "" "La fonction PKCS#11 '%1' a échoué: %2\n" "Dans la bibliothèque %3\n" "%4" #: ../lib/x509name.cpp:116 msgctxt "QObject|" msgid "Invalid" msgstr "Invalide" #: ../lib/x509name.cpp:240 #, qt-format msgctxt "QObject|" msgid "%1 is shorter than %2 bytes: '%3'" msgstr "%1 est plus court que %2 octets: '%3'" #: ../lib/x509name.cpp:245 #, qt-format msgctxt "QObject|" msgid "%1 is longer than %2 bytes: '%3'" msgstr "%1 est plus long que %2 octets: '%3'" #: ../lib/x509v3ext.cpp:85 #, qt-format msgctxt "QObject|" msgid "String '%1' for '%2' contains invalid characters" msgstr "La chaîne '%1' pour '%2' contient des caractères invalides" #: ../lib/oid.cpp:49 #, qt-format msgctxt "QObject|" msgid "Error reading config file %1 at line %2" msgstr "Erreur de lecture du ficher de configuration %1 à la ligne %2" #: ../lib/oid.cpp:84 #, qt-format msgctxt "QObject|" msgid "" "The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and " "should be removed." msgstr "" "L'objet '%1' du fichier %2, ligne %3 est déjà connu comme '%4:%5:%6' et " "devrait être détruit." #: ../lib/oid.cpp:93 #, qt-format msgctxt "QObject|" msgid "" "The identifier '%1' for OID %2 from file %3 line %4 is already used for a " "different OID as '%5:%6:%7' and should be changed to avoid conflicts." msgstr "" "L'identificateur '%1' de l'OID %2 du ficher %3, ligne %4 est déjà utilisé " "pour un OID différent connu comme '%5:%6:%7' et devrait être changé pour " "éviter les conflits." #: ../lib/oid.cpp:177 #, qt-format msgctxt "QObject|" msgid "Unknown object '%1' in file %2 line %3" msgstr "Objet inconnu '%1' dans le ficher %2, ligne %3" #: ../lib/sql.h:55 msgctxt "QObject|" msgid "Failed to start a database transaction" msgstr "Impossible de démarrer la transaction BDD" #: ../widgets/ReqTreeView.cpp:25 msgctxt "ReqTreeView|" msgid "Sign" msgstr "Signer" #: ../widgets/ReqTreeView.cpp:27 msgctxt "ReqTreeView|" msgid "Unmark signed" msgstr "Marquer comme non-signée" #: ../widgets/ReqTreeView.cpp:30 msgctxt "ReqTreeView|" msgid "Mark signed" msgstr "Marquer comme signée" #: ../widgets/ReqTreeView.cpp:33 msgctxt "ReqTreeView|" msgid "Similar Request" msgstr "Requête similaire" #: ../ui/RevocationList.ui:30 msgctxt "RevocationList|" msgid "Manage revocations" msgstr "Gérer les révocations" #: ../ui/RevocationList.ui:96 msgctxt "RevocationList|" msgid "Add" msgstr "Ajouter" #: ../ui/RevocationList.ui:103 msgctxt "RevocationList|" msgid "Delete" msgstr "Enlever" #: ../ui/RevocationList.ui:110 msgctxt "RevocationList|" msgid "Edit" msgstr "Modifier" #: ../widgets/RevocationList.cpp:73 msgctxt "RevocationList|" msgid "No." msgstr "No." #: ../widgets/RevocationList.cpp:73 msgctxt "RevocationList|" msgid "Serial" msgstr "Numéro de série" #: ../widgets/RevocationList.cpp:73 msgctxt "RevocationList|" msgid "Revocation" msgstr "Révocation" #: ../widgets/RevocationList.cpp:73 msgctxt "RevocationList|" msgid "Reason" msgstr "Raison" #: ../widgets/RevocationList.cpp:74 msgctxt "RevocationList|" msgid "Invalidation" msgstr "Invalidation" #: ../widgets/RevocationList.cpp:101 msgctxt "RevocationList|" msgid "Generate CRL" msgstr "Générer la liste de révocation" #: ../ui/Revoke.ui:30 msgctxt "Revoke|" msgid "Certificate revocation" msgstr "Révocation du certificat" #: ../ui/Revoke.ui:87 msgctxt "Revoke|" msgid "Revocation details" msgstr "Détails de la révocation" #: ../ui/Revoke.ui:96 msgctxt "Revoke|" msgid "Revocation reason" msgstr "Raison de la révocation" #: ../ui/Revoke.ui:110 msgctxt "Revoke|" msgid "Local time" msgstr "Heure locale" #: ../ui/Revoke.ui:117 msgctxt "Revoke|" msgid "Invalid since" msgstr "Non-valide depuis" #: ../ui/Revoke.ui:124 msgctxt "Revoke|" msgid "Serial" msgstr "Numéro de série" #: ../ui/SearchPkcs11.ui:41 msgctxt "SearchPkcs11|" msgid "Directory" msgstr "Dossier" #: ../ui/SearchPkcs11.ui:57 msgctxt "SearchPkcs11|" msgid "..." msgstr "..." #: ../ui/SearchPkcs11.ui:64 msgctxt "SearchPkcs11|" msgid "Include subdirectories" msgstr "include les sous-dossiers" #: ../ui/SearchPkcs11.ui:71 msgctxt "SearchPkcs11|" msgid "Search" msgstr "Rechercher" #: ../widgets/SearchPkcs11.cpp:77 msgctxt "SearchPkcs11|" msgid "The following files are possible PKCS#11 libraries" msgstr "" "Les fichiers suivants sont susceptibles d'être des bibliothèques PKCS#11" #: ../ui/SelectToken.ui:39 msgctxt "SelectToken|" msgid "Security token" msgstr "Jeton de sécurité" #: ../ui/SelectToken.ui:86 msgctxt "SelectToken|" msgid "Please select the security token" msgstr "SVP sélectionner le jeton de sécurité" #: ../widgets/TempTreeView.cpp:22 msgctxt "TempTreeView|" msgid "Duplicate" msgstr "Dupliquer" #: ../widgets/TempTreeView.cpp:23 msgctxt "TempTreeView|" msgid "Create certificate" msgstr "Créer un certificat" #: ../widgets/TempTreeView.cpp:24 msgctxt "TempTreeView|" msgid "Create request" msgstr "Créer une requête" #: ../widgets/TempTreeView.cpp:35 msgctxt "TempTreeView|" msgid "copy" msgstr "copier" #: ../widgets/validity.cpp:94 msgctxt "Validity|" msgid "yyyy-MM-dd hh:mm" msgstr "yyyy-MM-dd hh:mm" #: ../widgets/X509SuperTreeView.cpp:25 msgctxt "X509SuperTreeView|" msgid "OpenSSL config" msgstr "Configuration OpenSSL" #: ../widgets/X509SuperTreeView.cpp:26 msgctxt "X509SuperTreeView|" msgid "Transform" msgstr "Transformer" #: ../widgets/X509SuperTreeView.cpp:27 msgctxt "X509SuperTreeView|" msgid "Template" msgstr "Modèle" #: ../widgets/X509SuperTreeView.cpp:28 msgctxt "X509SuperTreeView|" msgid "Public key" msgstr "Clé publique" #: ../widgets/XcaTreeView.cpp:318 msgctxt "XcaTreeView|" msgid "Subject entries" msgstr "Inscriptions du sujet" #: ../widgets/XcaTreeView.cpp:319 msgctxt "XcaTreeView|" msgid "X509v3 Extensions" msgstr "Extensions X509v3" #: ../widgets/XcaTreeView.cpp:320 msgctxt "XcaTreeView|" msgid "Netscape extensions" msgstr "Extensions Netscape" #: ../widgets/XcaTreeView.cpp:321 msgctxt "XcaTreeView|" msgid "Reset" msgstr "Réinitialisation" #: ../widgets/XcaTreeView.cpp:324 msgctxt "XcaTreeView|" msgid "Hide Column" msgstr "Cacher la colonne" #: ../widgets/XcaTreeView.cpp:326 msgctxt "XcaTreeView|" msgid "Details" msgstr "Détails" #: ../widgets/XcaTreeView.cpp:377 msgctxt "XcaTreeView|" msgid "Columns" msgstr "Colonnes" #: ../widgets/XcaTreeView.cpp:405 msgctxt "XcaTreeView|" msgid "New" msgstr "Créer" #: ../widgets/XcaTreeView.cpp:406 msgctxt "XcaTreeView|" msgid "Import" msgstr "Importer" #: ../widgets/XcaTreeView.cpp:407 msgctxt "XcaTreeView|" msgid "Paste PEM data" msgstr "Coller les données en format PEM" #: ../widgets/XcaTreeView.cpp:411 msgctxt "XcaTreeView|" msgid "Rename" msgstr "Renommer" #: ../widgets/XcaTreeView.cpp:412 msgctxt "XcaTreeView|" msgid "Properties" msgstr "Propriétés" #: ../widgets/XcaTreeView.cpp:415 msgctxt "XcaTreeView|" msgid "Delete" msgstr "Enlever" #: ../widgets/XcaTreeView.cpp:417 msgctxt "XcaTreeView|" msgid "Export" msgstr "Exporter" #: ../widgets/XcaTreeView.cpp:418 msgctxt "XcaTreeView|" msgid "Clipboard" msgstr "Presse-papier" #: ../widgets/XcaTreeView.cpp:420 msgctxt "XcaTreeView|" msgid "File" msgstr "Fichier" #: ../lib/db_base.cpp:177 msgctxt "db_base|" msgid "Internal name" msgstr "Nom interne" #: ../lib/db_base.cpp:178 msgctxt "db_base|" msgid "No." msgstr "No." #: ../lib/db_base.cpp:179 msgctxt "db_base|" msgid "Primary key" msgstr "Clé primaire" #: ../lib/db_base.cpp:180 msgctxt "db_base|" msgid "Database unique number" msgstr "Numéro unique de la base de données" #: ../lib/db_base.cpp:181 msgctxt "db_base|" msgid "Date" msgstr "Date" #: ../lib/db_base.cpp:182 msgctxt "db_base|" msgid "Date of creation or insertion" msgstr "Date de création ou d'importation" #: ../lib/db_base.cpp:183 msgctxt "db_base|" msgid "Source" msgstr "Source" #: ../lib/db_base.cpp:184 msgctxt "db_base|" msgid "Generated, Imported, Transformed" msgstr "Généré, Importé, Transformé" #: ../lib/db_base.cpp:185 msgctxt "db_base|" msgid "Comment" msgstr "Commentaire" #: ../lib/db_base.cpp:186 msgctxt "db_base|" msgid "First line of the comment field" msgstr "Première ligne du champ de commentaire" #: ../lib/db_base.cpp:391 #, qt-format msgctxt "db_base|" msgid "Could not create directory %1" msgstr "Impossible de créer le répertoire %1" #: ../lib/db_base.cpp:642 msgctxt "db_base|" msgid "Item properties" msgstr "Propriétés de l'élement" #: ../lib/db_base.cpp:680 #, qt-format msgctxt "db_base|" msgid "How to export the %1 selected items" msgstr "Comment exporter les %1 éléments sélectionnés" #: ../lib/db_base.cpp:682 msgctxt "db_base|" msgid "All in one PEM file" msgstr "Tout dans un seul fichier PEM" #: ../lib/db_base.cpp:683 msgctxt "db_base|" msgid "Each item in one file" msgstr "Chaque élément dans un fichier" #: ../lib/db_base.cpp:696 #, qt-format msgctxt "db_base|" msgid "Save %1 items in one file as" msgstr "Sauvegarder %1 éléments dans un seul fichier comme" #: ../lib/db_base.cpp:697 msgctxt "db_base|" msgid "PEM files ( *.pem );; All files ( * )" msgstr "Fichiers PEM ( *.pem );; Tous les fichiers ( * )" #: ../lib/db_crl.cpp:34 msgctxt "db_crl|" msgid "Signer" msgstr "Signataire" #: ../lib/db_crl.cpp:35 msgctxt "db_crl|" msgid "Internal name of the signer" msgstr "Nom interne du signataire" #: ../lib/db_crl.cpp:36 msgctxt "db_crl|" msgid "No. revoked" msgstr "Numéro révoqué" #: ../lib/db_crl.cpp:37 msgctxt "db_crl|" msgid "Number of revoked certificates" msgstr "Nombre de certificats révoqués" #: ../lib/db_crl.cpp:38 msgctxt "db_crl|" msgid "Last update" msgstr "Dernière mise-à-jour" #: ../lib/db_crl.cpp:39 msgctxt "db_crl|" msgid "Next update" msgstr "Prochaine mise-à-jour" #: ../lib/db_crl.cpp:40 msgctxt "db_crl|" msgid "CRL number" msgstr "Numéro de la liste de révocation" #: ../lib/db_crl.cpp:106 #, qt-format msgctxt "db_crl|" msgid "" "The revocation list already exists in the database as:\n" "'%1'\n" "and so it was not imported" msgstr "" "Cette liste de révocation figure déjà dans la base de données sous le nom:\n" "'%1'\n" "En conséquence, elle n'a pas été importée" #: ../lib/db_crl.cpp:161 msgctxt "db_crl|" msgid "Revocation list export" msgstr "Exportation d'une liste de révocation" #: ../lib/db_crl.cpp:162 msgctxt "db_crl|" msgid "CRL ( *.pem *.der *.crl )" msgstr "Listes de révocation ( *.pem *.der *.crl )" #: ../lib/db_crl.cpp:228 msgctxt "db_crl|" msgid "There are no CA certificates for CRL generation" msgstr "Il n'y a pas de certificat CA pour la génération de la CRL" #: ../lib/db_crl.cpp:236 msgctxt "db_crl|" msgid "Select CA certificate" msgstr "Sélectionner un certificat d'autorité" #: ../lib/db_crl.cpp:257 msgctxt "db_crl|" msgid "Create CRL" msgstr "Créer une liste de révocation" #: ../lib/db_crl.cpp:301 msgctxt "db_crl|" msgid "Failed to initiate DB transaction" msgstr "Impossible de démarrer la transaction BDD" #: ../lib/db_crl.cpp:311 ../lib/db_crl.cpp:319 ../lib/db_crl.cpp:323 #, qt-format msgctxt "db_crl|" msgid "Database error: %1" msgstr "Erreur de la base de données: %1" #: ../lib/db_key.cpp:65 msgctxt "db_key|" msgid "Type" msgstr "Type" #: ../lib/db_key.cpp:66 msgctxt "db_key|" msgid "Size" msgstr "Taille" #: ../lib/db_key.cpp:68 msgctxt "db_key|" msgid "EC Group" msgstr "Groupe EC" #: ../lib/db_key.cpp:70 msgctxt "db_key|" msgid "Use" msgstr "Usage" #: ../lib/db_key.cpp:71 msgctxt "db_key|" msgid "Password" msgstr "Mot de passe" #: ../lib/db_key.cpp:143 #, qt-format msgctxt "db_key|" msgid "" "The key is already in the database as:\n" "'%1'\n" "and is not going to be imported" msgstr "" "Cette clé figure déjà dans la base de données sous le nom:\n" "'%1'\n" "En conséquence, elle ne va pas être importée" #: ../lib/db_key.cpp:148 #, qt-format msgctxt "db_key|" msgid "" "The database already contains the public part of the imported key as\n" "'%1\n" "and will be completed by the new, private part of the key" msgstr "" "La base de données connait déjà la partie publique de la clé importée sous " "le nom\n" "'%1'\n" "En conséquence, cette dernière sera complétée par la partie privée de la clé " "importée" #: ../lib/db_key.cpp:150 #, qt-format msgctxt "db_key|" msgid "Extending public key from %1 by imported key '%2'" msgstr "Extension de la clé publique de %1 par la clé importée '%2'" #: ../lib/db_key.cpp:185 msgctxt "db_key|" msgid "Key size too small !" msgstr "Taille de clé trop petite !" #: ../lib/db_key.cpp:190 #, qt-format msgctxt "db_key|" msgid "You are sure to create a key of the size: %1 ?" msgstr "Etes-vous sûr de vouloir créer une clé de taille %1 ?" #: ../lib/db_key.cpp:272 ../lib/db_key.cpp:309 msgctxt "db_key|" msgid "PEM public" msgstr "clé publique PEM" #: ../lib/db_key.cpp:275 ../lib/db_key.cpp:313 msgctxt "db_key|" msgid "SSH2 public" msgstr "Clé publique SSH2" #: ../lib/db_key.cpp:278 ../lib/db_key.cpp:325 msgctxt "db_key|" msgid "PEM private" msgstr "Clé privée PEM" #: ../lib/db_key.cpp:283 msgctxt "db_key|" msgid "Export keys to Clipboard" msgstr "Exporter les clés vers le presse-papier" #: ../lib/db_key.cpp:286 msgctxt "db_key|" msgid "Clipboard" msgstr "Presse-papier" #: ../lib/db_key.cpp:299 #, qt-format msgctxt "db_key|" msgid "Export public key [%1]" msgstr "Exporter la clé publique [%1]" #: ../lib/db_key.cpp:310 msgctxt "db_key|" msgid "DER public" msgstr "Clé publique DER" #: ../lib/db_key.cpp:318 msgctxt "db_key|" msgid "DER private" msgstr "Clé privée DER" #: ../lib/db_key.cpp:320 msgctxt "db_key|" msgid "PEM encryped" msgstr "Chiffrée en PEM" #: ../lib/db_key.cpp:327 msgctxt "db_key|" msgid "PKCS#8 encrypted" msgstr "Chiffrée en PKCS#8" #: ../lib/db_key.cpp:328 #, qt-format msgctxt "db_key|" msgid "Export private key [%1]" msgstr "Exporter la clé privée [%1]" #: ../lib/db_key.cpp:333 msgctxt "db_key|" msgid "Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub )" msgstr "Clés privées ( *.pem *.der *.pk8 );; Clé publiques SSH ( *.pub )" #: ../lib/db_key.cpp:403 msgctxt "db_key|" msgid "Tried to change password of a token" msgstr "Tentative de changement de mot de passe d'un jeton de sécurité" #: ../lib/db_temp.cpp:54 #, qt-format msgctxt "db_temp|" msgid "Bad template: %1" msgstr "Mauvais modèle: %1" #: ../lib/db_temp.cpp:37 msgctxt "db_temp|" msgid "Empty template" msgstr "Modèle vide" #: ../lib/db_temp.cpp:100 msgctxt "db_temp|" msgid "Preset Template values" msgstr "Initaliser les valeurs du modèle" #: ../lib/db_temp.cpp:138 msgctxt "db_temp|" msgid "Save template as" msgstr "Enregistrer le modèle sous" #: ../lib/db_temp.cpp:139 msgctxt "db_temp|" msgid "XCA templates ( *.xca );; All files ( * )" msgstr "Modèles XCA ( *.xca);; Tous les fichiers ( * )" #: ../lib/db_x509.cpp:67 msgctxt "db_x509|" msgid "CA" msgstr "CA" #: ../lib/db_x509.cpp:68 msgctxt "db_x509|" msgid "reflects the basic Constraints extension" msgstr "reflète l'extension des contraintes basiques" #: ../lib/db_x509.cpp:69 msgctxt "db_x509|" msgid "Serial" msgstr "Numéro de série" #: ../lib/db_x509.cpp:73 msgctxt "db_x509|" msgid "Start date" msgstr "Date de début" #: ../lib/db_x509.cpp:75 msgctxt "db_x509|" msgid "Expiry date" msgstr "Date d'expiration" #: ../lib/db_x509.cpp:70 msgctxt "db_x509|" msgid "MD5 fingerprint" msgstr "Empreinte MD5" #: ../lib/db_x509.cpp:71 msgctxt "db_x509|" msgid "SHA1 fingerprint" msgstr "Empreinte SHA1" #: ../lib/db_x509.cpp:72 msgctxt "db_x509|" msgid "SHA256 fingerprint" msgstr "Empreinte SHA256" #: ../lib/db_x509.cpp:74 msgctxt "db_x509|" msgid "Not before" msgstr "Pas avant" #: ../lib/db_x509.cpp:76 msgctxt "db_x509|" msgid "Not after" msgstr "Pas après" #: ../lib/db_x509.cpp:77 msgctxt "db_x509|" msgid "Revocation" msgstr "Révocation" #: ../lib/db_x509.cpp:78 msgctxt "db_x509|" msgid "CRL Expiration" msgstr "Expiration de la CRL" #: ../lib/db_x509.cpp:152 msgctxt "db_x509|" msgid "Plain View" msgstr "Vue à plat" #: ../lib/db_x509.cpp:154 msgctxt "db_x509|" msgid "Tree View" msgstr "Vue arborescente" #: ../lib/db_x509.cpp:336 msgctxt "db_x509|" msgid "Failed to retrieve unique random serial" msgstr "L'extraction d'un numéro de série aléatoire a échoué" #: ../lib/db_x509.cpp:359 #, qt-format msgctxt "db_x509|" msgid "" "The certificate already exists in the database as:\n" "'%1'\n" "and so it was not imported" msgstr "" "Ce certificat figure déjà dans la base de données sous le nom:\n" "'%1'\n" "En conséquence, il n'a pas été importé" #: ../lib/db_x509.cpp:403 #, qt-format msgctxt "db_x509|" msgid "Signed on %1 by '%2'" msgstr "Signé le %1 par '%2'" #: ../lib/db_x509.cpp:404 msgctxt "db_x509|" msgid "Unknown" msgstr "Inconnu" #: ../lib/db_x509.cpp:496 msgctxt "db_x509|" msgid "Invalid public key" msgstr "Clé publique invalide" #: ../lib/db_x509.cpp:654 msgctxt "db_x509|" msgid "PKCS#7 unrevoked" msgstr "PKCS#7 non-révoqué" #: ../lib/db_x509.cpp:658 msgctxt "db_x509|" msgid "PEM unrevoked" msgstr "PEM non-révoqué" #: ../lib/db_x509.cpp:665 msgctxt "db_x509|" msgid "vCalendar" msgstr "message vCalendar" #: ../lib/db_x509.cpp:669 msgctxt "db_x509|" msgid "CA vCalendar" msgstr "message vCalendar pour le CA" #: ../lib/db_x509.cpp:1094 msgctxt "db_x509|" msgid "days" msgstr " jours" #: ../lib/db_x509.cpp:1103 msgctxt "db_x509|" msgid "No template" msgstr "Pas de modèle" #: ../lib/db_x509.cpp:522 msgctxt "db_x509|" msgid "The key you selected for signing is not a private one." msgstr "La clé sélectionnée pour la signature n'est pas une clé privée." #: ../lib/db_x509.cpp:564 #, qt-format msgctxt "db_x509|" msgid "Store the certificate to the key on the token '%1 (#%2)' ?" msgstr "Enregistrer le certificate avec la clé sur le jeton '%1 (#%2)' ?" #: ../lib/db_x509.cpp:631 msgctxt "db_x509|" msgid "PEM chain" msgstr "Chaîne en PEM" #: ../lib/db_x509.cpp:633 msgctxt "db_x509|" msgid "PKCS#7 chain" msgstr "Chaîne PKCS#7" #: ../lib/db_x509.cpp:639 msgctxt "db_x509|" msgid "PKCS#12 chain" msgstr "Chaîne PKCS#12" #: ../lib/db_x509.cpp:656 msgctxt "db_x509|" msgid "PKCS#7 all" msgstr "Tous les certificats en PKCS#7" #: ../lib/db_x509.cpp:648 msgctxt "db_x509|" msgid "PEM + key" msgstr "PEM + clé" #: ../lib/db_x509.cpp:660 msgctxt "db_x509|" msgid "PEM all" msgstr "Tous les certificats en PEM" #: ../lib/db_x509.cpp:662 msgctxt "db_x509|" msgid "Certificate Index file" msgstr "Ficher d'index des certificats" #: ../lib/db_x509.cpp:672 msgctxt "db_x509|" msgid "Certificate export" msgstr "Exportation de certificat" #: ../lib/db_x509.cpp:673 msgctxt "db_x509|" msgid "X509 Certificates ( *.pem *.cer *.crt *.p12 *.p7b )" msgstr "Certificats X509 ( *.pem *.cer *.crt *.p12 *.p7b)" #: ../lib/db_x509.cpp:737 ../lib/db_x509.cpp:803 #, qt-format msgctxt "db_x509|" msgid "There was no key found for the Certificate: '%1'" msgstr "Aucune clé n'a été trouvée pour le Certificat. '%1'" #: ../lib/db_x509.cpp:742 #, qt-format msgctxt "db_x509|" msgid "Not possible for a token key: '%1'" msgstr "Impossible pour une clé d'un jeton de sécurité: '%1'" #: ../lib/db_x509.cpp:807 #, qt-format msgctxt "db_x509|" msgid "Not possible for the token-key Certificate '%1'" msgstr "Impossible pour le certificat d'une clé d'un jeton de sécurité: '%1'" #: ../lib/db_x509super.cpp:24 msgctxt "db_x509name|" msgid "Subject" msgstr "Sujet" #: ../lib/db_x509super.cpp:25 msgctxt "db_x509name|" msgid "Complete distinguished name" msgstr "Nom distinctif complet" #: ../lib/db_x509super.cpp:26 msgctxt "db_x509name|" msgid "Subject hash" msgstr "Hachage du sujet" #: ../lib/db_x509super.cpp:27 msgctxt "db_x509name|" msgid "Hash to lookup certs in directories" msgstr "Hachage de recherche dans un dossier" #: ../lib/db_x509req.cpp:31 msgctxt "db_x509req|" msgid "Signed" msgstr "Signée" #: ../lib/db_x509req.cpp:32 msgctxt "db_x509req|" msgid "whether the request is already signed or not" msgstr "si la requête a déjà été signée ou non" #: ../lib/db_x509req.cpp:33 msgctxt "db_x509req|" msgid "Unstructured name" msgstr "Nom non-structuré" #: ../lib/db_x509req.cpp:35 msgctxt "db_x509req|" msgid "Challenge password" msgstr "Mot de passe challenge" #: ../lib/db_x509req.cpp:37 msgctxt "db_x509req|" msgid "Certificate count" msgstr "Nombre de certificats" #: ../lib/db_x509req.cpp:38 msgctxt "db_x509req|" msgid "Number of certificates in the database with the same public key" msgstr "Nombre de certificats dans la base de données avec la même clé" #: ../lib/db_x509req.cpp:55 #, qt-format msgctxt "db_x509req|" msgid "" "The certificate signing request already exists in the database as\n" "'%1'\n" "and thus was not stored" msgstr "" "Cette requête de signature figure déjà dans la base de données sous le nom\n" "'%1'\n" "En conséquence, elle n'a pas été chargée" #: ../lib/db_x509req.cpp:132 msgctxt "db_x509req|" msgid "Certificate request export" msgstr "Exporter la requête de signature" #: ../lib/db_x509req.cpp:133 msgctxt "db_x509req|" msgid "Certificate request ( *.pem *.der *.csr )" msgstr "Requête de signature de certificat ( *.pem *.der *.csr )" #: ../lib/db_x509super.cpp:78 msgctxt "db_x509super|" msgid "Key name" msgstr "Nom de la clé" #: ../lib/db_x509super.cpp:79 msgctxt "db_x509super|" msgid "Internal name of the key" msgstr "Nom interne de la clé" #: ../lib/db_x509super.cpp:80 msgctxt "db_x509super|" msgid "Signature algorithm" msgstr "Algorithme de signature" #: ../lib/db_x509super.cpp:134 #, qt-format msgctxt "db_x509super|" msgid "Extracted from %1 '%2'" msgstr "Extrait de %1 '%2'" #: ../lib/db_x509super.cpp:136 ../lib/db_x509super.cpp:188 msgctxt "db_x509super|" msgid "Certificate" msgstr "Certificat" #: ../lib/db_x509super.cpp:136 ../lib/db_x509super.cpp:188 msgctxt "db_x509super|" msgid "Certificate request" msgstr "Requête de certificat" #: ../lib/db_x509super.cpp:152 msgctxt "db_x509super|" msgid "Save as OpenSSL config" msgstr "Enregistrer en format de configuration OpenSSL" #: ../lib/db_x509super.cpp:153 msgctxt "db_x509super|" msgid "Config files ( *.conf *.cnf);; All files ( * )" msgstr "Fichiers de configuration (*.conf *.cnf);; Tous les fichiers ( * )" #: ../lib/db_x509super.cpp:175 msgctxt "db_x509super|" msgid "The following extensions were not ported into the template" msgstr "Les extensions suivantes n'ont pas été enregistrées dans le modèle" #: ../lib/db_x509super.cpp:186 #, qt-format msgctxt "db_x509super|" msgid "Transformed from %1 '%2'" msgstr "Transformé à partir de %1 '%2'" #: ../widgets/kvView.cpp:164 msgctxt "kvView|" msgid "Type" msgstr "Type" #: ../widgets/kvView.cpp:164 msgctxt "kvView|" msgid "Content" msgstr "Contenu" #: ../lib/pass_info.cpp:21 msgctxt "pass_info|" msgid "Password" msgstr "Mot de passe" #: ../lib/pass_info.cpp:27 msgctxt "pass_info|" msgid "PIN" msgstr "NIP" #: ../lib/pki_base.cpp:123 #, qt-format msgctxt "pki_base|" msgid "Error opening file: '%1': %2" msgstr "Erreur lors de l'ouverture du fichier: '%1': %2" #: ../lib/pki_base.cpp:292 msgctxt "pki_base|" msgid "Unknown" msgstr "Inconnu" #: ../lib/pki_base.cpp:293 msgctxt "pki_base|" msgid "Imported" msgstr "Importé" #: ../lib/pki_base.cpp:294 msgctxt "pki_base|" msgid "Generated" msgstr "Généré" #: ../lib/pki_base.cpp:295 msgctxt "pki_base|" msgid "Transformed" msgstr "Transformé" #: ../lib/pki_base.cpp:296 msgctxt "pki_base|" msgid "Token" msgstr "Jeton" #: ../lib/pki_base.cpp:297 msgctxt "pki_base|" msgid "Legacy Database" msgstr "Base de données antérieure" #: ../lib/pki_base.cpp:298 msgctxt "pki_base|" msgid "Renewed" msgstr "Renouvelé" #: ../lib/pki_base.cpp:101 #, qt-format msgctxt "pki_base|" msgid "Internal error: Unexpected message: %1 %2" msgstr "Erreur interne: message inattendu: %1 %2" #: ../lib/pki_crl.cpp:61 #, qt-format msgctxt "pki_crl|" msgid "Successfully imported the revocation list '%1'" msgstr "La liste de révocation '%1' a été importée avec succès" #: ../lib/pki_crl.cpp:62 #, qt-format msgctxt "pki_crl|" msgid "Delete the revocation list '%1'?" msgstr "Détruire la liste de révocation '%1' ?" #: ../lib/pki_crl.cpp:63 #, qt-format msgctxt "pki_crl|" msgid "Successfully created the revocation list '%1'" msgstr "La liste de révocation '%1' a été créée avec succès" #: ../lib/pki_crl.cpp:65 #, qt-format msgctxt "pki_crl|" msgid "Delete the %1 revocation lists: %2?" msgstr "Détruire les %1 listes de révocation: %2 ?" #: ../lib/pki_crl.cpp:148 #, qt-format msgctxt "pki_crl|" msgid "" "Unable to load the revocation list in file %1. Tried PEM and DER formatted " "CRL." msgstr "" "Impossible de charger le liste de révocation du fichier %1. Les formats PEM " "et DER ont été essayés." #: ../lib/pki_crl.cpp:164 msgctxt "pki_crl|" msgid "No issuer given" msgstr "Aucun signataire spécifié" #: ../lib/pki_crl.cpp:222 #, qt-format msgctxt "pki_crl|" msgid "Wrong Size %1" msgstr "Taille fausse %1" #: ../lib/pki_crl.cpp:438 #, qt-format msgctxt "pki_crl|" msgid "Renew CRL: %1" msgstr "Renouvellement de CRL: %1" #: ../lib/pki_crl.cpp:439 #, qt-format msgctxt "pki_crl|" msgid "" "The XCA CRL '%1', issued by the CA '%2' on %3 will expire on %4.\n" "It is stored in the XCA database '%5'" msgstr "" "La liste de révocation XCA '%1' émise par le CA '%2' le %3 expirera le %4.\n" "Elle est stockée dans la base de données XCA '%5'" #: ../lib/pki_evp.cpp:239 #, qt-format msgctxt "pki_evp|" msgid "Failed to decrypt the key (bad password) %1" msgstr "Le déchiffrage de la clé a échoué (mauvais mot de passe) %1" #: ../lib/pki_evp.cpp:249 msgctxt "pki_evp|" msgid "Please enter the password to decrypt the private key." msgstr "SVP saisir le mot de passe pour déchiffrer la clé privée" #: ../lib/pki_evp.cpp:304 #, qt-format msgctxt "pki_evp|" msgid "The key from file '%1' is incomplete or inconsistent." msgstr "La clé dans le fichier '%1' est incomplète ou incorrecte." #: ../lib/pki_evp.cpp:322 #, qt-format msgctxt "pki_evp|" msgid "" "Please enter the password to decrypt the private key from file:\n" "%1" msgstr "" "SVP saisir le mot de passe pour déchiffrer la clé privée du fichier:\n" "%1" #: ../lib/pki_evp.cpp:369 #, qt-format msgctxt "pki_evp|" msgid "" "Unable to load the private key in file %1. Tried PEM and DER private, " "public, PKCS#8 key types and SSH2 format." msgstr "" "Impossible de charger la clé privée du fichier %1. Les formats PEM et DER " "ainsi que les types de clés privé, public, PKCS#8 et le format SSH2 ont été " "essayés." #: ../lib/pki_evp.cpp:400 msgctxt "pki_evp|" msgid "Ignoring unsupported private key" msgstr "Clé privée non-supportée: ignorée" #: ../lib/pki_evp.cpp:417 #, qt-format msgctxt "pki_evp|" msgid "Please enter the password to decrypt the private key: '%1'" msgstr "SVP saisir le mot de passe pour déchiffrer la clé privée: '%1'" #: ../lib/pki_evp.cpp:420 ../lib/pki_evp.cpp:434 msgctxt "pki_evp|" msgid "Password input aborted" msgstr "Saisie du mot de passe abandonnée" #: ../lib/pki_evp.cpp:430 #, qt-format msgctxt "pki_evp|" msgid "Please enter the database password for decrypting the key '%1'" msgstr "" "SVP saisir le mot de passe de la base de données pour déchiffrer la clé '%1'" #: ../lib/pki_evp.cpp:547 #, qt-format msgctxt "pki_evp|" msgid "Please enter the password to protect the private key: '%1'" msgstr "SVP saisir le mot de passe pour protéger la clé privée: '%1'" #: ../lib/pki_evp.cpp:565 msgctxt "pki_evp|" msgid "Please enter the database password for encrypting the key" msgstr "SVP saisir le mot de passe de la base de données pour chiffrer la clé" #: ../lib/pki_evp.cpp:680 #, qt-format msgctxt "pki_evp|" msgid "Please enter the password protecting the PKCS#8 key '%1'" msgstr "SVP saisir le mot de passe protégeant la clé en PKCS#8 '%1'" #: ../lib/pki_evp.cpp:735 #, qt-format msgctxt "pki_evp|" msgid "Please enter the export password for the private key '%1'" msgstr "SVP saisir le mot de passe d'exportation pour la clé privée '%1'" #: ../lib/pki_key.cpp:200 #, qt-format msgctxt "pki_key|" msgid "Successfully imported the %1 public key '%2'" msgstr "La clé publique %1 '%2' a été importée avec succès" #: ../lib/pki_key.cpp:201 #, qt-format msgctxt "pki_key|" msgid "Delete the %1 public key '%2'?" msgstr "Détruire la clé publique %1 '%2' ?" #: ../lib/pki_key.cpp:206 #, qt-format msgctxt "pki_key|" msgid "Successfully imported the %1 private key '%2'" msgstr "La clé privée %1 '%2' a été importée avec succès" #: ../lib/pki_key.cpp:207 #, qt-format msgctxt "pki_key|" msgid "Delete the %1 private key '%2'?" msgstr "Détruire la clé privée %1 '%2' ?" #: ../lib/pki_key.cpp:208 #, qt-format msgctxt "pki_key|" msgid "Successfully created the %1 private key '%2'" msgstr "La clé privée %1 '%2' a été créée avec succès" #: ../lib/pki_key.cpp:214 #, qt-format msgctxt "pki_key|" msgid "Delete the %1 keys: %2?" msgstr "Détruire les %1 clés: %2?" #: ../lib/pki_key.cpp:56 ../lib/pki_key.cpp:223 msgctxt "pki_key|" msgid "Public key" msgstr "Clé publique" #: ../lib/pki_key.cpp:424 msgctxt "pki_key|" msgid "Common" msgstr "Global" #: ../lib/pki_key.cpp:424 msgctxt "pki_key|" msgid "Private" msgstr "Privé" #: ../lib/pki_key.cpp:424 msgctxt "pki_key|" msgid "Bogus" msgstr "Erroné" #: ../lib/pki_key.cpp:424 msgctxt "pki_key|" msgid "PIN" msgstr "NIP" #: ../lib/pki_key.cpp:434 msgctxt "pki_key|" msgid "No password" msgstr "Pas de mot de passe" #: ../lib/pki_key.cpp:530 ../lib/pki_key.cpp:624 #, qt-format msgctxt "pki_key|" msgid "Unexpected SSH2 content: '%1'" msgstr "Contenu SSH2 inattendu: '%1'" #: ../lib/pki_key.cpp:550 ../lib/pki_key.cpp:556 msgctxt "pki_key|" msgid "Invalid SSH2 public key" msgstr "Clé publique SSH2 invalide" #: ../lib/pki_key.cpp:732 #, qt-format msgctxt "pki_key|" msgid "Failed writing to %1" msgstr "Echec d'écriture sur %1" #: ../lib/pki_multi.cpp:127 msgctxt "pki_multi|" msgid "No known PEM encoded items found" msgstr "Aucun objet PEM connu n'a été trouvé" #: ../lib/pki_pkcs12.cpp:37 #, qt-format msgctxt "pki_pkcs12|" msgid "" "Please enter the password to decrypt the PKCS#12 file:\n" "%1" msgstr "" "SVP saisir le mot de passe pour déchiffrer le fichier en PKCS#12:\n" "%1" #: ../lib/pki_pkcs12.cpp:45 #, qt-format msgctxt "pki_pkcs12|" msgid "Unable to load the PKCS#12 (pfx) file %1." msgstr "Impossible de charger le fichier en PKCS#12 (pfx) %1." #: ../lib/pki_pkcs12.cpp:60 #, qt-format msgctxt "pki_pkcs12|" msgid "The supplied password was wrong (%1)" msgstr "Le mot de passe renseigné était faux (%1)" #: ../lib/pki_pkcs12.cpp:112 msgctxt "pki_pkcs12|" msgid "Please enter the password to encrypt the PKCS#12 file" msgstr "SVP saisir le mot de passe pour chiffrer le fichier en PKCS#12" #: ../lib/pki_pkcs12.cpp:116 msgctxt "pki_pkcs12|" msgid "No key or no Cert and no pkcs12" msgstr "Pas de clé ou pas de certificat et pas en PKCS#12" #: ../lib/pki_pkcs7.cpp:160 #, qt-format msgctxt "pki_pkcs7|" msgid "Unable to load the PKCS#7 file %1. Tried PEM and DER format." msgstr "" "Impossible de charger le fichier en PKCS#7 %1. Les formats PEM et DER ont " "été essayés." #: ../lib/pki_scard.cpp:59 #, qt-format msgctxt "pki_scard|" msgid "Successfully imported the token key '%1'" msgstr "La clé du jeton '%1' a été importée avec succès" #: ../lib/pki_scard.cpp:60 #, qt-format msgctxt "pki_scard|" msgid "Delete the token key '%1'?" msgstr "Détruire la clé du jeton '%1' ?" #: ../lib/pki_scard.cpp:61 #, qt-format msgctxt "pki_scard|" msgid "Successfully created the token key '%1'" msgstr "La clé du jeton '%1' a été créée avec succès" #: ../lib/pki_scard.cpp:63 #, qt-format msgctxt "pki_scard|" msgid "Delete the %1 keys: %2?" msgstr "Détruire les %1 clés: %2?" #: ../lib/pki_scard.cpp:365 #, qt-format msgctxt "pki_scard|" msgid "Delete the private key '%1' from the token '%2 (#%3)' ?" msgstr "Détruire la clé privée '%1' sur le jeton '%2 (#%3)' ?" #: ../lib/pki_scard.cpp:438 msgctxt "pki_scard|" msgid "This Key is already on the token" msgstr "Cette clé est déjà sur le jeton" #: ../lib/pki_scard.cpp:524 msgctxt "pki_scard|" msgid "PIN input aborted" msgstr "Saisie du NIP abandonnée" #: ../lib/pki_scard.cpp:536 msgctxt "pki_scard|" msgid "Unable to find copied key on the token" msgstr "Impossible de trouver la clé copiée sur le jeton" #: ../lib/pki_scard.cpp:623 #, qt-format msgctxt "pki_scard|" msgid "Please insert card: %1 %2 [%3] with Serial: %4" msgstr "SVP insérer la carte %1 %2 [%3] avec le numéro de série: %4" #: ../lib/pki_scard.cpp:691 msgctxt "pki_scard|" msgid "Illegal Key generation method" msgstr "Méthode de génération de clé illégale" #: ../lib/pki_scard.cpp:707 msgctxt "pki_scard|" msgid "Unable to find generated key on card" msgstr "Impossible de trouver la clé générée sur la carte" #: ../lib/pki_scard.cpp:745 msgctxt "pki_scard|" msgid "Ignoring unsupported token key" msgstr "La clé non-supportée sur le jeton est ignorée" #: ../lib/pki_scard.cpp:748 #, qt-format msgctxt "pki_scard|" msgid "Wrong Size %1" msgstr "Taille fausse %1" #: ../lib/pki_scard.cpp:754 #, qt-format msgctxt "pki_scard|" msgid "Token %1" msgstr "Jeton %1" #: ../lib/pki_scard.cpp:763 ../lib/pki_scard.cpp:776 msgctxt "pki_scard|" msgid "Failed to find the key on the token" msgstr "Impossible de trouver la clé sur le jeton" #: ../lib/pki_scard.cpp:770 msgctxt "pki_scard|" msgid "Invalid Pin for the token" msgstr "NIP invalide pour le jeton" #: ../lib/pki_scard.cpp:782 msgctxt "pki_scard|" msgid "Failed to initialize the key on the token" msgstr "Impossible d'initialiser la clé sur le jeton" #: ../lib/pki_temp.cpp:123 #, qt-format msgctxt "pki_temp|" msgid "Successfully imported the XCA template '%1'" msgstr "Le modèle XCA '%1' a été importé avec succès" #: ../lib/pki_temp.cpp:124 #, qt-format msgctxt "pki_temp|" msgid "Delete the XCA template '%1'?" msgstr "Détruire le modèle XCA '%1' ?" #: ../lib/pki_temp.cpp:125 #, qt-format msgctxt "pki_temp|" msgid "Successfully created the XCA template '%1'" msgstr "Le modèle XCA '%1' a été créé avec succès" #: ../lib/pki_temp.cpp:127 #, qt-format msgctxt "pki_temp|" msgid "Delete the %1 XCA templates: %2?" msgstr "Détruire les %1 modèles XCA: %2 ?" #: ../lib/pki_temp.cpp:327 #, qt-format msgctxt "pki_temp|" msgid "Wrong Size %1" msgstr "Taille fausse %1" #: ../lib/pki_temp.cpp:409 msgctxt "pki_temp|" msgid "Template file content error (too small)" msgstr "Erreur de contenu du fichier de modèle (trop petit)" #: ../lib/pki_temp.cpp:465 msgctxt "pki_temp|" msgid "Not a PEM encoded XCA Template" msgstr "Ce n'est pas un modèle XCA en format PEM" #: ../lib/pki_temp.cpp:473 #, qt-format msgctxt "pki_temp|" msgid "Not an XCA Template, but '%1'" msgstr "Ce n'est pas un modèle XCA, mais '%1'" #: ../lib/pki_x509.cpp:68 #, qt-format msgctxt "pki_x509|" msgid "Successfully imported the certificate '%1'" msgstr "Le certificat '%1' a été importé avec succès" #: ../lib/pki_x509.cpp:69 #, qt-format msgctxt "pki_x509|" msgid "Delete the certificate '%1'?" msgstr "Détruire le certificat '%1' ?" #: ../lib/pki_x509.cpp:70 #, qt-format msgctxt "pki_x509|" msgid "Successfully created the certificate '%1'" msgstr "Le certificat '%1' a été créé avec succès" #: ../lib/pki_x509.cpp:72 #, qt-format msgctxt "pki_x509|" msgid "Delete the %1 certificates: %2?" msgstr "Détruire les %1 certificats: '%2' ?" #: ../lib/pki_x509.cpp:220 #, qt-format msgctxt "pki_x509|" msgid "" "Unable to load the certificate in file %1. Tried PEM and DER certificate." msgstr "" "Impossible de charger le certificat du fichier %1. Les formats PEM et DER " "ont été essayés." #: ../lib/pki_x509.cpp:368 msgctxt "pki_x509|" msgid "This certificate is already on the security token" msgstr "Ce certificat est déjà dans le jeton de sécurité" #: ../lib/pki_x509.cpp:431 #, qt-format msgctxt "pki_x509|" msgid "Delete the certificate '%1' from the token '%2 (#%3)'?" msgstr "Détruire le certificat '%1' sur le jeton '%2 (#%3)' ?" #: ../lib/pki_x509.cpp:564 msgctxt "pki_x509|" msgid "There is no key for signing !" msgstr "Il n'y a pas de clé pour signer !" #: ../lib/pki_x509.cpp:625 #, qt-format msgctxt "pki_x509|" msgid "Wrong Size %1" msgstr "Taille fausse %1" #: ../lib/pki_x509.cpp:916 msgctxt "pki_x509|" msgid "No" msgstr "Non" #: ../lib/pki_x509.cpp:918 msgctxt "pki_x509|" msgid "Yes" msgstr "Oui" #: ../lib/pki_x509.cpp:948 #, qt-format msgctxt "pki_x509|" msgid "Renew certificate: %1" msgstr "Renouvellement du certificat: %1" #: ../lib/pki_x509.cpp:949 #, qt-format msgctxt "pki_x509|" msgid "" "The XCA certificate '%1', issued on %2 will expire on %3.\n" "It is stored in the XCA database '%4'" msgstr "" "Le certificat XCA '%1' émis le %2 expirera le %3.\n" "Il est stocké dans la base de données XCA '%4'" #: ../lib/pki_x509.cpp:970 #, qt-format msgctxt "pki_x509|" msgid "CRL Renewal of CA '%1' due" msgstr "" "Le renouvellement de la liste de révocation du CA '%1' arrive à échéance" #: ../lib/pki_x509.cpp:971 #, qt-format msgctxt "pki_x509|" msgid "" "The latest CRL issued by the CA '%1' will expire on %2.\n" "It is stored in the XCA database '%3'" msgstr "" "La dernière liste de révocation générée par le CA '%1' expirera le %2.\n" "Elle est stockée dans la base de données XCA '%3'" #: ../lib/pki_x509req.cpp:104 msgctxt "pki_x509req|" msgid "Signing key not valid (public key)" msgstr "La clé de signature n'est pas valide (c'est une clé publique)" #: ../lib/pki_x509req.cpp:146 #, qt-format msgctxt "pki_x509req|" msgid "Successfully imported the %1 certificate request '%2'" msgstr "La requête %1 de signature '%2' a été importée avec succès" #: ../lib/pki_x509req.cpp:147 #, qt-format msgctxt "pki_x509req|" msgid "Delete the %1 certificate request '%2'?" msgstr "Détruire la requête %1 de signature '%2' ?" #: ../lib/pki_x509req.cpp:148 #, qt-format msgctxt "pki_x509req|" msgid "Successfully created the %1 certificate request '%2'" msgstr "La requête %1 de signature '%2' a été créée avec succès" #: ../lib/pki_x509req.cpp:150 #, qt-format msgctxt "pki_x509req|" msgid "Delete the %1 certificate requests: %2?" msgstr "Détruire la requête %1 de signature '%2' ?" #: ../lib/pki_x509req.cpp:179 #, qt-format msgctxt "pki_x509req|" msgid "" "Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC " "format." msgstr "" "Impossible de charger la requête de signature du fichier %1. Les formats " "PEM, DER et SPKAC ont été essayés." #: ../lib/pki_x509req.cpp:217 #, qt-format msgctxt "pki_x509req|" msgid "Wrong Size %1" msgstr "Taille fausse %1" #: ../lib/pki_x509req.cpp:365 msgctxt "pki_x509req|" msgid "Signed" msgstr "Signée" #: ../lib/pki_x509req.cpp:365 msgctxt "pki_x509req|" msgid "Unhandled" msgstr "Non-géré" #: ../ui/v3ext.ui:26 msgctxt "v3ext|" msgid "Copy Common Name" msgstr "Copier le nom commun" #: ../ui/v3ext.ui:56 msgctxt "v3ext|" msgid "Add" msgstr "Ajouter" #: ../ui/v3ext.ui:63 msgctxt "v3ext|" msgid "Delete" msgstr "Enlever" #: ../ui/v3ext.ui:89 msgctxt "v3ext|" msgid "Apply" msgstr "Appliquer" #: ../ui/v3ext.ui:96 msgctxt "v3ext|" msgid "Validate" msgstr "Valider" #: ../ui/v3ext.ui:125 msgctxt "v3ext|" msgid "Cancel" msgstr "Annuler" #: ../widgets/v3ext.cpp:72 msgctxt "v3ext|" msgid "An email address or 'copy'" msgstr "Une adresse de courriel ou 'copy'" #: ../widgets/v3ext.cpp:74 msgctxt "v3ext|" msgid "An email address" msgstr "Une adresse de courriel" #: ../widgets/v3ext.cpp:76 msgctxt "v3ext|" msgid "A registered ID: OBJECT IDENTIFIER" msgstr "un IDentifiant enregistré: IDENTIFICATEUR.OBJET" #: ../widgets/v3ext.cpp:80 msgctxt "v3ext|" msgid "A uniform resource indicator" msgstr "un indicateur uniforme de ressource" #: ../widgets/v3ext.cpp:85 msgctxt "v3ext|" msgid "A DNS domain name or 'copycn'" msgstr "un nom de domaine DNS ou 'copycn'" #: ../widgets/v3ext.cpp:87 msgctxt "v3ext|" msgid "A DNS domain name" msgstr "un nom de domaine DNS" #: ../widgets/v3ext.cpp:89 msgctxt "v3ext|" msgid "An IP address" msgstr "Une adresse IP" #: ../widgets/v3ext.cpp:92 msgctxt "v3ext|" msgid "Syntax: ;TYPE:text like '1.2.3.4:UTF8:name'" msgstr "Syntaxe: ;TYPE:texte sous la forme '1.2.3.4:UTF8:nom'" #: ../widgets/v3ext.cpp:96 msgctxt "v3ext|" msgid "No editing. Only 'copy' allowed here" msgstr "Pas de modification possible. Seul 'copy' est permis ici" #: ../widgets/v3ext.cpp:165 #, qt-format msgctxt "v3ext|" msgid "" "Validation failed:\n" "'%1'\n" "%2" msgstr "" "La validation a échoué:\n" "'%1'\n" "%2" #: ../widgets/v3ext.cpp:170 #, qt-format msgctxt "v3ext|" msgid "" "Validation successful:\n" "'%1'" msgstr "" "La validation a été effectuée avec succès:\n" "'%1'" xca-RELEASE.2.2.1/lang/Makefile0000644000175000017500000000151313614632167015276 0ustar tewardteward ifeq ($(TOPDIR),) TOPDIR=.. BUILD=.. endif include $(TOPDIR)/Rules.mak PO_LANGUAGES=tr fr sk LANGUAGES=de ru hr pl pt_BR es it zh_CN nl ja $(PO_LANGUAGES) QM_XCA=$(patsubst %, xca_%.qm, $(LANGUAGES)) QM_QT=$(patsubst %, qt_%.qm, $(LANGUAGES)) TS_XCA=$(patsubst %, xca_%.ts, $(PO_LANGUAGES)) lang all: $(QM_XCA) %.qm: %.ts @$(PRINT) " LANG [$(BASENAME)] $@" $(LRELEASE) -silent $< -qm $@ install: $(QM_XCA) install -m 755 -d $(destdir)$(xca_prefix) install -m 644 $(QM_XCA) $(destdir)$(xca_prefix) app: mkdir -p $(APPDIR)/Resources install -m 644 $(QM_XCA) $(APPDIR)/Resources cd $(TRANSLATIONS) && \ for x in $(QM_QT); do \ test -f "$$x" && install $$x $(APPDIR)/Resources;\ done || : po2ts: $(TS_XCA) xca_%.ts: %.po $(LCONVERT) -if po -i $< -of ts -o $(@) xca.pot: xca.ts $(LCONVERT) -if ts -of po -i $< -o $@ xca-RELEASE.2.2.1/lang/indent.xslt0000644000175000017500000000051613614632167016035 0ustar tewardteward xca-RELEASE.2.2.1/lang/xca_pl.ts0000644000175000017500000044307113614632167015465 0ustar tewardteward CaProperties CA Properties Days until next CRL issuing Default template CertDetail Details of the Certificate Szczegóły certyfikatu Serial Numer seryjny The serial number of the certificate Numer seryjny certyfikatu The internal name of the certificate in the database Wewnętrzna nazwa certyfikatu w bazie danych Status Status Internal name Nazwa wewnętrzna Signature Podpis Key Klucz Fingerprints Odciski palców MD5 MD5 An md5 hashsum of the certificate Suma kontrolna certyfikatu w formacie MD5 SHA1 SHA1 A SHA-1 hashsum of the certificate Suma kontrolna certyfikatu w formacie SHA-1 SHA256 SHA256 A SHA-256 hashsum of the certificate Suma kontrola certyfikatu w formacie SHA-256 Validity Ważność The time since the certificate is valid Moment, od którego certyfikat jest ważny The time until the certificate is valid Moment, do którego certyfikat jest ważny Subject Podmiot Issuer Wystawca Extensions Rozszerzenia Comment Komentarz Attributes Atrybuty Show config Pokaż konfigurację Show extensions Pokaż rozszerzenia Show public key Pokaż klucz publiczny This key is not in the database. Tego klucza nie ma w bazie danych. Not available Niedostępne Signer unknown Podpis nieznany Self signed Samopodpisany Revoked at %1 Unieważniony o %1 Revoked: Unieważniony: Not valid Nieważny Valid Ważny Details of the certificate signing request Szczegóły żądania certyfikacyjnego CertExtend Certificate renewal Odnowienie certyfikatu This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. Zostanie wydany nowy certyfikat będący kopią starego z nadanym nowym numerem seryjnym i kolejnym okresem ważności. Validity Okres ważności Not before Nieważny przed Not after Nieważny po Time range Przedział czasu Local time Czas lokalny Days Dni Months Miesiące Years Lata No well-defined expiration Bezterminowo Midnight Północ Apply Zastosuj Revoke old certificate Unieważnij stary certyfikat Keep serial number Zachowaj numer seryjny The certificate will be earlier valid than the signer. This is probably not what you want. Certyfikat będzie ważny wcześniej niż certyfikat wystawcy, to wygląda na błąd. Edit dates Popraw daty Abort rollout Przerwij operację Continue rollout Kontynuuj operację Adjust date and continue Popraw daty i kontynuuj The certificate will be longer valid than the signer. This is probably not what you want. Certyfikat będzie ważniejszy dłużej niż wystawca, to wygląda na błąd. CertTreeView Import PKCS#12 Importuj plik PKCS#12 Import from PKCS#7 Importuj plik PKCS#7 Request Żądanie certyfikacyjne Security token Bezpieczny token Other token Inny token Similar Certificate Podobny certyfikat Delete from Security token Usuń z bezpiecznego tokena CA Urząd Certyfikacji Properties Parametry Generate CRL Generuj listę unieważnień Manage revocations Zarządzaj unieważnieniami Renewal Odnów Revoke Unieważnij Unrevoke Uchyl unieważnienie ClickLabel Double click for details Kliknij dwukrotnie, aby wyświetlić szczegóły CrlDetail Details of the Revocation list Szczególy listy unieważnionych certyfikatów &Status &Status Version Wersja Signature Podpis Signed by Podpisane przez Name Nazwa The internal name of the CRL in the database Wewnętrzna nazwa listy CRL w bazie danych issuing dates Daty wydań Next update Następna aktualizacja Last update Ostatnia aktualizacja &Issuer &Wystawca &Extensions &Rozszerzenia &Revocation list &Lista unieważnień Comment Komentarz Failed Nieudane Unknown signer Nieznany Verification not possible Weryfikacja niemożliwa ExportDialog Name Nazwa The internal name of the CRL in the database Wewnętrzna nazwa w bazie danych ... ... Filename Plik Export comment into PEM file Export Format Format docelowy All files ( * ) Wszystkie pliki ( * ) PEM Text format with headers Concatenated list of all selected items in one PEM text file Concatenated text format of the complete certificate chain in one PEM file Concatenated text format of all certificates in one PEM file Binary DER encoded file PKCS#7 encoded single certificate PKCS#7 encoded complete certificate chain Concatenated text format of all unrevoked certificates in one PEM file All unrevoked certificates encoded in one PKCS#7 file All selected certificates encoded in one PKCS#7 file All certificates encoded in one PKCS#7 file The certificate and the private key as encrypted PKCS#12 file The complete certificate chain and the private key as encrypted PKCS#12 file Concatenation of the certificate and the unencrypted private key in one PEM file Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Text format of the public key in one PEM file Binary DER format of the public key Unencrypted private key in text format OpenSSL specific encrypted private key in text format Unencrypted private key in binary DER format Unencrypted private key in PKCS#8 text format Encrypted private key in PKCS#8 text format The public key encoded in SSH2 format OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool vCalendar expiry reminder for the selected items vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL The file: '%1' already exists! Overwrite Do not overwrite Help << Poprzedni >> Następny &Done &Zamknij ImportMulti Import PKI Items Import elementów PKI Import &All Importuj &wszystko &Import &Importuj &Done &Zakończ &Remove from list &Usuń z listy Details Szczegóły Delete from token Usuń z tokena Rename on token Zmień nazwę na tokenie Name: %1 Model: %2 Serial: %3 Nazwa: %1 Wersja: %2 Numer seryjny: %3 Manage security token Zarządzanie bezpiecznym tokenem Details of the item '%1' cannot be shown Nie można wyświetlić szczegółów elementu '%1' The type of the item '%1' is not recognized Nie rozpoznano typu elementu '%1' The file '%1' did not contain PKI data Plik '%1' nie zawiera danych PKI The %1 files: '%2' did not contain PKI data Pliki: '%2' elementu %1 nie zawierają danych PKI ItemProperties Name Nazwa Source Źródło Insertion date Data utworzenia Comment Komentarz KeyDetail Name Nazwa The internal name of the key used by xca Wewnętrzna nazwa klucza używana przez XCA Security token Token Manufacturer Producent Serial Numer seryjny Key Klucz Public Exponent Wykładnik publiczny Keysize Rozmiar klucza Private Exponent Wykładnik prywatny Security Token Token Label Nazwa PKCS#11 ID Identyfikator PKCS#11 Token information Informacja o tokenie Model Model Fingerprint Odcisk palca Comment Komentarz Details of the %1 key Szczegóły klucza %1 Not available Nie dostępny Available Dostępny Sub prime Public key Klucz publiczny Private key Klucz prywatny Curve name Rodzaj krzywej Unknown key Nieznany klucz KeyTreeView Change password Zmień hasło Reset password Usuń hasło Change PIN Zmień PIN Init PIN with SO PIN (PUK) Nadaj PIN używając PUK (SO PIN) Change SO PIN (PUK) Zmień PUK (SO PIN) Security token Bezpieczny token This is not a token To nie jest token Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable Czy nadpisać oryginalny klucz '%1' pobranym z tokena? Operacja usunie klucz '%1' i oznaczy go jako nieeksportowalny MainWindow Private Keys Klucze prywatne &New Key &Dodaj klucz &Export &Eksportuj &Import &Importuj Import PFX (PKCS#12) Importuj PFX (PKCS#12) &Show Details Pokaż &szczegóły &Delete &Usuń Certificate signing requests Żądania certyfikacyjne &New Request &Dodaj żądanie Certificates Certyfikaty &New Certificate &Dodaj certyfikat Import &PKCS#12 Importuj &PKCS#12 Import P&KCS#7 Importuj P&KCS#7 Plain View Płaski widok Templates Szablony &New Template &Dodaj szablon &New CRL &Dodaj CRL Ch&ange Template &Zmień szablon Revocation lists Listy unieważnień Using or exporting private keys will not be possible without providing the correct password Używanie lub eksportowanie kluczy prywatnych będzie niemożliwe bez podania poprawnego hasła Database Baza danych The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. Używana funkcja skrótu '%1' nie jest bezpieczna. Proszę wybrać conajmniej 'SHA 224' z powodów bezpieczeństwa. Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Wykryto stary format bazy danych. Tworzę kopię pod nazwą: '%1' i konwertuję bazę do nowego formatu Failed to rename the database file, because the target already exists Nieudana zmiana nazwy ponieważ docelowy plik już istnieje No deleted items found Nie znaleziono usuniętych elementów Recent DataBases Ostatnio otwierane bazy System Systemowy Croatian Chorwacki English Angielski French Francuski German Niemiecki Russian Rosyjski Slovak Słowacki Spanish Hiszpański Polish Polski Italian Włoski Chinese Chiński Dutch Holenderski Portuguese in Brazil Brazylijski portugalski Turkish Turecki Language Język &File &Plik &New DataBase &Dodaj bazę danych &Open DataBase &Otwórz bazę danych Open Remote DataBase Połącz z bazą danych Set as default DataBase Ustaw bazę jako domyślną &Close DataBase &Zamknij bazę danych New DataBase Nowa baza danych Open DataBase Otwórz bazę danych Close DataBase Zamknij bazę danych Options Ustawienia Exit Wyjście I&mport I&mport Keys Klucze Requests Żądania certyfikacyjne PKCS#12 PKCS#12 PKCS#7 PKCS#7 Template Szablon Revocation list Lista CRL PEM file Plik PEM Paste PEM file Wklej zawartość PEM Token Token Export Certificate &Index hierarchy Eksport indeksu certyfikatów wg h&ierarchii Content Zawartość &Token &Token &Manage Security token &Zarządzanie tokenem &Init Security token &Inicjalizacja tokenu &Change PIN &Zmień PIN Change &SO PIN Zmień &SO PIN Init PIN Nadaj PIN Extra Dodatki &Dump DataBase &Zrzut bazy danych &Export Certificate Index &Eksport indeksu certyfikatów &Export Certificate Index hierarchy Eksport indeksu certyfikatów z &hierarchią C&hange DataBase password &Zmień hasło bazy danych &Undelete items &Odzyskaj usunięte elementy Generate DH parameter Generuj parametr DH OID Resolver Rozpoznawanie OID &Help P&omoc &Content &Treść About O programie no such option: %1 brak opcji: %1 Import PEM data Wklej dane PEM Please enter the original SO PIN (PUK) of the token '%1' Wprowadź obecny SO PIN (PUK) dla tokenu '%1' Search Szukaj Please enter the new SO PIN (PUK) for the token '%1' Wprowadź nowy SO PIN (PUK) dla tokenu '%1' The new label of the token '%1' Nowa nazwa tokenu '%1' The token '%1' did not contain any keys or certificates Token '%1' nie zawiera żadnych kluczy ani certyfikatów Current Password Obecne hasło Please enter the current database password Podaj obecne hasło bazy danych The entered password is wrong Wprowadzone hasło jest błędne New Password Zmiana hasła Please enter the new password to encrypt your private keys in the database-file Podaj nowe hasło to szyfrowania twoich kluczy prywatnych w bazie danych Transaction start failed Nieudana transakcja Please enter a password, that will be used to encrypt your private keys in the database: %1 Podaj hasło, które będzie używane do szyfrowania twoich kluczy prywatnych w bazie danych: %1 Password verify error, please try again Błąd weryfikacji hasła, spróbuj ponownie Password Hasło Please enter the password for unlocking the database: %1 Proszę wprowadzić hasło do odblokowania bazy danych: %1 The following error occurred: Wystąpił błąd: Copy to Clipboard Kopiuj do schowka Certificate Index ( index.txt ) Indeks certyfkatów ( index.txt ) All files ( * ) Wszystkie pliki ( * ) Diffie-Hellman parameters saved as: %1 Parametry Diffie-Hellman zapisane jako: %1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits Parametry Diffie-Hellman są wymagane przez różne aplikacje, ale nie są obsługiwane przez XCA. Podaj liczbę bitów parametru DH Error opening file: '%1': %2 Nieudane otwarcie pliku: '%1': %2 NewCrl Last update Ostatnia aktualizacja Next update Następna aktualizacja Days Dni Months Miesiące Years Lata Midnight Północ Local time Czas lokalny Apply Zastosuj Options Parametry CRL number Numer listy CRL Subject alternative name Alternatywna nazwa podmiotu Revocation reasons Powody unieważnień Authority key identifier Identyfikator urzędu Hash algorithm Funkcja skrótu NewKey Please give a name to the new key and select the desired keysize Podaj nazwę dla nowego klucza i określ jego parametry Key properties Parametry klucza Name Nazwa The internal name of the new key Wewnętrzna nazwa nowego klucza Curve name Rodzaj krzywej Usually at least 2048 bit keys are recommended Zazwyczaj stosuje się klucze co najmniej 2048 bitowe New Key Nowy klucz Keysize Rozmiar klucza Keytype Rodzaj klucza Remember as default Ustaw jako domyślne Create Wygeneruj NewX509 Source Źródło Signing request Żądanie certyfikacyjne Show request Pokaż żądanie Sign this Certificate signing &request Podpisz to żądanie ce&rtyfikacyjne Copy extensions from the request Skopiuj rozszerzenia z żądania Modify subject of the request Zmień dane podmiotu z żądania Signing Podpisywanie Create a &self signed certificate Utwórz certyfikat &samopodpisany Use &this Certificate for signing Użyj &tego certyfikatu do podpisania All certificates in your database that can create valid signatures Lista wszystkich certyfikatów w bazie umożliwiających podpisanie Signature algorithm Funkcja skrótu Template for the new certificate Szablon nowego certyfikatu All available templates Dostępne szablony Apply extensions Zastosuj rozszerzenia Apply subject Zastosuj dane podmiotu Apply all Zastosuj wszystko Subject Podmiot Internal Name Nazwa wewnętrzna Distinguished name Nazwa wyróżniająca Add Dodaj Delete Usuń Private key Klucz prywatny This list only contains unused keys Lista zawiera tylko nieużywane klucze Used keys too Pokaż wszystkie &Generate a new key Wy&generuj nowy klucz Extensions Rozszerzenia Type Rodzaj If this will become a CA certificate or not Określa, czy podmiot będzie urzędem certyfikacji CA Not defined Nieokreślony Certification Authority Urząd Certyfikacji (CA) End Entity Odbiorca końcowy Path length Długość ścieżki How much CAs may be below this. Określa ile poziomów urzędów CA może być poniżej tworzonego. The basic constraints should always be critical Oznacza, że rozszerzenie zawsze powinno być traktowane jako krytyczne Key identifier Identyfikatory kluczy Creates a hash of the key following the PKIX guidelines Tworzy i zamieszcza skrót kulcza podmiotu zgodnie ze standardem PKIX Copy the Subject Key Identifier from the issuer Kopiuje i zamieszcza identyfiaktor klucza wystawcy Validity Okres ważności Not before Nieważny przed Not after Nieważny po Time range Przedział czasu Days Dni Months Miesiące Years Lata Apply Zastosuj Set the time to 00:00:00 and 23:59:59 respectively Ustaw czasy odpowiednio na 00:00:00 i 23:59:59 Midnight Północ Local time Czas lokalny No well-defined expiration Bezterminowo DNS: IP: URI: email: RID: DNS: IP: URI: email: RID: Edit Zmień URI: URI: Key usage Użycie klucza Netscape Rozszerzenia Netscape Advanced Zaawansowane Validate Weryfikuj Comment Komentarz This name is only used internally and does not appear in the resulting certificate Nazwa używana wewnętrznie, nie będzie widoczna w wynikowym certyfikacie Critical Krytyczne Create Certificate signing request Nowe żądanie certyfikacyjne minimum size: %1 minimalny rozmiar: %1 maximum size: %1 maksymalny rozmiar: %1 only a-z A-Z 0-9 '()+,-./:=? tylko: a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters tylko proste 7-bitowe znaki Edit XCA template Edycja szablonu XCA Create x509 Certificate Nowy certyfikat x509 Template '%1' applied Załadowany szablon '%1' Subject applied from template '%1' Załadowany podmiot z szablonu '%1' Extensions applied from template '%1' Załadowane rozszerzenia z szablonu '%1' New key '%1' created Utworzony nowy klucz '%1' Other Tabs Pozostałe ustawienia Advanced Tab Zaawansowane ustawienia Errors Błędy From PKCS#10 request Na podstawie żądania PKCS#10 Abort rollout Przerwij operację The following length restrictions of RFC3280 are violated: Następujące ograniczenia długości wg RFC3280 są naruszone: Edit subject Popraw dane podmiotu Continue rollout Kontynuuj operację The verification of the Certificate request failed. The rollout should be aborted. Błąd weryfikacji żądania certyfikacyjnego. Wystawianie powinno zostać przerwane. Continue anyway Kontynuuj mimo wszystko The internal name and the common name are empty. Please set at least the internal name. Nazwa wewnętrzna i kanoniczna są puste. Proszę podać przynajmniej nazwę wewnętrzną. Edit name Popraw nazwę There is no Key selected for signing. Nie wybrano klucza do podpisania. Select key Wybierz klucz The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. Następujące wpisy nazwy wyróżniającej są puste: %1 podczas, gdy ustawiono je jako obowiązkowe w menu opcji. The key you selected for signing is not a private one. Klucz wybrany do podpisu nie jest kluczem prywatnym. Select other signer Wybierz innego podpisującego Select other key Wybierz inny klucz The certificate will be earlier valid than the signer. This is probably not what you want. Certyfikat będzie ważny wcześniej niż certyfikat wystawcy, to wygląda na błąd. Edit dates Popraw daty Adjust date and continue Popraw daty i kontynuuj The certificate will be longer valid than the signer. This is probably not what you want. Certyfikat będzie ważniejszy dłużej niż wystawca, to wygląda na błąd. The certificate will be out of date before it becomes valid. You most probably mixed up both dates. Certyfikat w momencie wystawienia będzie już przeterminowany, to wygląda na błąd. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. Certyfikat zawiera błędne lub powielone rozszerzenia. Zweryfikuj zakładkę Zaawansowane. The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. Certyfikat nie zawiera żadnych rozszerzeń. Możesz załadować rozszerzenia bazując na stosownym szablonie. Edit extensions Popraw rozszerzenia The subject alternative name shall contain a copy of the common name. However, the common name is empty. Alternatywna nazwa podmiotu powinna zawierać kopię nazwy powszechnej. Jednak nazwa powszechna jest pusta. Configfile error on line %1 Błąd pliku konfiguracyjnego w linii %1 OidResolver OID Resolver Rozpoznawanie OID Enter the OID, the Nid, or one of the textual representations Search Szukaj OID Long name OpenSSL internal ID Nid Short name OpenDb Open remote database Połączenie z zewnętrzną bazą danych Database type Rodzaj bazy Hostname Serwer bazy Username Użytkownik Password Hasło Database name Nazwa bazy Table prefix Prefiks tabel No SqLite3 driver available. Please install the qt-sqlite package of your distribution Brak sterownika SqLite3. Zainstaluj pakiet qt-sqlite dla Twojej dystrybucji Please enter the password to access the database server %2 as user '%1'. Podaj hasło dostępu do serwera bazy %2 jako '%1'. The database driver does not support transactions. This may happen if the client and server have different versions. Continue with care. Sterownik bazy danych nie wspiera transakcji. Może to być spowodowane niezgodnością wersji. Zachowaj ostrożność. Options XCA Options Ustawienia XCA Settings Ustawienia Default hash algorithm Domyślna funkcja skrótu String types Rodzaje ciągów znaków Suppress success messages Ograniczaj komunikaty o sukcesie Don't colorize expired certificates Nie koloruj wygasłych certyfikatów Translate established x509 terms (%1 -> %2) Tłumacz standardowe pojęcia X509 (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. Funkcje mieszania z tokenu nie są używane przez XCA. Istnieje jednak możliwość uwzględniania ograniczonego zestawu funkcji zwracanych przez token. W szczególności EC i DSA są zdefiniowane tylko z funkcją SHA1 w specyfikacji PKCS#11. Only use hashes supported by the token when signing with a token key Używaj jedynie skrótów wspieranych przez token podczas podpisywania z użyciem tokenu Disable legacy Netscape extensions Wyłącz starsze rozszerzenia Netscape Certificate expiry warning threshold Moment ostrzegania przed wygaśnięciem certyfikatu Send vCalendar expiry reminder Wyślij przypomnienie vCalendar o wygasaniu Serial number length Długość numeru seryjnego bit bity/bitów Distinguished name Nazwa wyróżniająca Mandatory subject entries Obowiązkowe wpisy dla podmiotu Add Dodaj Delete Usuń Explicit subject entries Jawne wpisy dla podmiotu Dynamically arrange explicit subject entries Dynamicznie układaj wpisy jawne Default Domyślnie PKCS#11 provider Dostawca PKCS#11 Remove Usuń Search Szukaj Printable string or UTF8 (default) Ciąg drukowalny lub UTF8 (domyślnie) PKIX recommendation in RFC2459 PKIX zgodnie z RFC2459 No BMP strings, only printable and T61 Bez ciągów BPM, tylko drukowalne i T61 UTF8 strings only (RFC2459) Tylko UTF8 zgodnie z RFC2459 All strings Wszystkie rodzaje Days Dni Weeks Tygodnie Load failed Błąd ładowania PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) Take as HEX string Repeat %1 %1 mismatch Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters E&xit &Wyjście QObject Undefined Nieokreślono Broken / Invalid in %1 seconds %1 seconds ago in %1 minutes %1 minutes ago Yesterday Tomorrow in %1 hours %1 hours ago DB: Rename: '%1' already in use DB: Entry to rename not found: %1 DB: Write error %1 - %2 Out of data Error finding endmarker of string Out of Memory at %1:%2 All files ( * ) Wszystkie pliki ( * ) Import RSA key PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; SSH Public Keys ( *.pub );; PKCS#10 CSR ( *.pem *.der *.csr );; Import Request Certificates ( *.pem *.der *.crt *.cer );; Import X.509 Certificate PKCS#7 data ( *.p7s *.p7m *.p7b );; Import PKCS#7 Certificates PKCS#12 Certificates ( *.p12 *.pfx );; Import PKCS#12 Private Certificate XCA templates ( *.xca );; Import XCA Templates Revocation lists ( *.pem *.der *.crl );; Import Certificate Revocation List XCA Databases ( *.xdb );; Open XCA Database PKCS#11 library ( *.dll );; PKCS#11 library ( *.dylib *.so );; PKCS#11 library ( *.so );; Open PKCS#11 shared library PEM files ( *.pem );; Load PEM encoded file Please enter the PIN on the PinPad Please enter the SO PIN (PUK) of the token %1 Please enter the PIN of the token %1 No Security token found Select Please enter the new SO PIN (PUK) for the token: '%1' Please enter the new PIN for the token: '%1' Required PIN size: %1 - %2 Failed to open PKCS11 library: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Disabled Library loading failed PKCS#11 function '%1' failed: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 Invalid %1 is shorter than %2 bytes: '%3' %1 is longer than %2 bytes: '%3' String '%1' for '%2' contains invalid characters Error reading config file %1 at line %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. Unknown object '%1' in file %2 line %3 Failed to start a database transaction ReqTreeView Sign Podpisz Unmark signed Mark signed Similar Request Podobne żądanie RevocationList Manage revocations Zarządzaj unieważnieniami Add Dodaj Delete Usuń Edit Zmień No. L.p. Serial Numer seryjny Revocation Data wpisu Reason Przyczyna Invalidation Data unieważnienia Generate CRL Generuj listę unieważnień Revoke Certificate revocation Unieważnienie certyfikatu Revocation details Szczegóły unieważnienia Revocation reason Powód unieważnienia Local time Czas lokalny Invalid since Unieważnij od Serial Numer seryjny SearchPkcs11 Directory ... ... Include subdirectories Search Szukaj The following files are possible PKCS#11 libraries SelectToken Security token Bezpieczny token Please select the security token Wybierz bezpieczny token TempTreeView Duplicate Powiel Create certificate Utwórz certyfikat Create request Utwórz żądanie copy Kopiuj Validity yyyy-MM-dd hh:mm yyyy-MM-dd hh:mm X509SuperTreeView OpenSSL config Konfiguracja OpenSSL Transform Przekształć Template Szablon Public key Klucz publiczny XcaTreeView Subject entries Atrybuty podmiotu X509v3 Extensions Rozszerzenia X509v3 Netscape extensions Rozszerzenia Netscape Reset Przywróć domyślne Hide Column Ukryj kolumnę Details Szczegóły Columns Kolumny New Dodaj Import Importuj Paste PEM data Wklej dane PEM Rename Zmień nazwę Properties Parametry Delete Usuń Export Eksportuj Clipboard Schowek File Plik db_base Internal name Nazwa wewnętrzna No. Lp. Primary key Klucz główny Database unique number Unikalny numer w bazie danych Date Data Date of creation or insertion Data dodania Source Źródło Generated, Imported, Transformed Utworzony, zaimportowany lub zmodyfikowany Comment Komentarz First line of the comment field Pierwsza linia komentarza Could not create directory %1 Item properties Parametry obiektu How to export the %1 selected items All in one PEM file Each item in one file Save %1 items in one file as PEM files ( *.pem );; All files ( * ) db_crl Signer Wystawca Internal name of the signer Wewnętrzna nazwa wystawcy No. revoked Unieważnienia Number of revoked certificates Liczba unieważnionych certyfikatów Last update Ostatnia aktualizacja Next update Następna aktualizacja CRL number Numer CRL The revocation list already exists in the database as: '%1' and so it was not imported Lista unieważnień już istnieje w bazie danych jako: '%1' import został przerwany Revocation list export Eksport listy unieważnień CRL ( *.pem *.der *.crl ) There are no CA certificates for CRL generation Brakuje certyfikatów urzędów (CA) do wygenerowania listy CRL Select CA certificate Wybierz certyfikat Urzędu Certyfikacji Create CRL Nowa lista CRL Failed to initiate DB transaction Database error: %1 db_key Type Rodzaj Size Rozmiar EC Group Grupa EC Use Użycia Password Hasło The key is already in the database as: '%1' and is not going to be imported The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key Extending public key from %1 by imported key '%2' Key size too small ! Rozmiar klucza jest za mały ! You are sure to create a key of the size: %1 ? PEM public SSH2 public PEM private Export keys to Clipboard Eksport kluczy do schowka Clipboard Schowek Export public key [%1] DER public DER private PEM encryped PKCS#8 encrypted Export private key [%1] Eksport klucza prywatnego [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Tried to change password of a token db_temp Bad template: %1 Błędny szablon: %1 Empty template Pusty szablon Preset Template values Domyślna zawartość szablonu Save template as Zapisz szablon jako XCA templates ( *.xca );; All files ( * ) Szablony XCA ( *.xca );; Wszystkie pliki ( * ) db_x509 CA Urząd certyfikacji reflects the basic Constraints extension Określa, czy jest to urząd certyfikacji bazując na podstawowych ograniczeniach Serial Numer seryjny Start date Data wydania Expiry date Data ważności MD5 fingerprint Odcisk palca MD5 SHA1 fingerprint Odcisk palca SHA1 SHA256 fingerprint Odcisk palca SHA256 Not before Nieważny przed Not after Nieważny po Revocation Unieważnienie CRL Expiration Ważność CRL Plain View Widok płaski Tree View Widok struktury Failed to retrieve unique random serial The certificate already exists in the database as: '%1' and so it was not imported Signed on %1 by '%2' Unknown Invalid public key PKCS#7 unrevoked PEM unrevoked vCalendar CA vCalendar days No template The key you selected for signing is not a private one. Klucz wybrany do podpisu nie jest kluczem prywatnym. Store the certificate to the key on the token '%1 (#%2)' ? Czy zapisać certyfikat do klucza na bezpiecznym tokenie '%1 (#%2)' ? PEM chain PKCS#7 chain PKCS#12 chain PKCS#7 all PEM + key PEM all Certificate Index file Certificate export Eksport certyfikatu X509 Certificates ( *.pem *.cer *.crt *.p12 *.p7b ) There was no key found for the Certificate: '%1' Not possible for a token key: '%1' Not possible for the token-key Certificate '%1' db_x509name Subject Podmiot Complete distinguished name Kompletna nazwa wyróżniająca Subject hash Skrót podmiotu Hash to lookup certs in directories Skrót do wyszukiwania certyfikatów w katalogach db_x509req Signed Podpisany whether the request is already signed or not Określa, czy żądanie zostało już podpisane Unstructured name Challenge password Certificate count Number of certificates in the database with the same public key The certificate signing request already exists in the database as '%1' and thus was not stored Certificate request export Eksport żądania certyfikacjnego Certificate request ( *.pem *.der *.csr ) Żądanie certyfikacyjne ( *.pem *.der *.csr ) db_x509super Key name Internal name of the key Signature algorithm Funkcja skrótu Extracted from %1 '%2' Certificate Certificate request Save as OpenSSL config Config files ( *.conf *.cnf);; All files ( * ) The following extensions were not ported into the template Transformed from %1 '%2' kvView Type Rodzaj Content Zawartość pass_info Password Hasło PIN PIN pki_base Error opening file: '%1': %2 Nieudane otwarcie pliku: '%1': %2 Unknown Imported Generated Transformed Token Token Legacy Database Renewed Internal error: Unexpected message: %1 %2 pki_crl Successfully imported the revocation list '%1' Poprawnie zaimportowano listę unieważnień '%1' Delete the revocation list '%1'? Czy usunąć listę unieważnień '%1'? Successfully created the revocation list '%1' Poprawnie utworzono listę unieważnień '%1' Delete the %1 revocation lists: %2? Czy usunąć %1 listy unieważnień: %2? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. Nie można załadować listy unieważnień z pliku %1. Próbowano listy CRL w formacie PEM i DER. No issuer given Wrong Size %1 Renew CRL: %1 The XCA CRL '%1', issued by the CA '%2' on %3 will expire on %4. It is stored in the XCA database '%5' pki_evp Failed to decrypt the key (bad password) Błąd deszyfracji klucza (błędne hasło) Failed to decrypt the key (bad password) %1 Please enter the password to decrypt the private key. Podaj hasło, aby odszyfrować klucz prywatny. The key from file '%1' is incomplete or inconsistent. Please enter the password to decrypt the private key from file: %1 Podaj hasło, aby odszyfrować klucz prywatny z pliku: %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. Nie można załadować klucza prywatnego z pliku %1. Próbowano PEM i DER prywatny, publiczny, klucze w formacie PKCS#8 i SSH2. Ignoring unsupported private key Please enter the password to decrypt the private key: '%1' Password input aborted Please enter the database password for decrypting the key '%1' Please enter the password to protect the private key: '%1' Please enter the database password for encrypting the key Please enter the password protecting the PKCS#8 key '%1' Please enter the export password for the private key '%1' pki_key Successfully imported the %1 public key '%2' Poprawnie zaimportowano klucz publiczny %1 jako '%2' Delete the %1 public key '%2'? Czy usunąć klucz publiczny '%2' typu %1? Successfully imported the %1 private key '%2' Poprawnie zaimportowano klucz prywatny %1 jako '%2' Delete the %1 private key '%2'? Czy usunąć klucz prywatny '%2' typu %1? Successfully created the %1 private key '%2' Poprawnie utworzono klucz prywatny %1 jako '%2' Delete the %1 keys: %2? Czy usunąć %1 klucze: %2? Public key Klucz publiczny Common Private Bogus PIN PIN No password Unexpected SSH2 content: '%1' Invalid SSH2 public key Failed writing to %1 pki_multi No known PEM encoded items found pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 Unable to load the PKCS#12 (pfx) file %1. Nie można załadować pliku PKCS#12 (pfx): %1. The supplied password was wrong (%1) Please enter the password to encrypt the PKCS#12 file No key or no Cert and no pkcs12 pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. Nie można załadować pliku PKCS#7: %1. Próbowano format PEM i DER. pki_scard Successfully imported the token key '%1' Delete the token key '%1'? Successfully created the token key '%1' Delete the %1 keys: %2? Czy usunąć %1 klucze: %2? Delete the private key '%1' from the token '%2 (#%3)' ? This Key is already on the token PIN input aborted Unable to find copied key on the token Please insert card: %1 %2 [%3] with Serial: %4 Illegal Key generation method Unable to find generated key on card Ignoring unsupported token key Wrong Size %1 Token %1 Failed to find the key on the token Invalid Pin for the token Failed to initialize the key on the token pki_temp Successfully imported the XCA template '%1' Poprawnie zaimportowano szablon XCA '%1' Delete the XCA template '%1'? Czy usunąć szablon XCA '%1'? Successfully created the XCA template '%1' Poprawnie utworzono szablon XCA '%1' Delete the %1 XCA templates: %2? Czy usunąć %1 szablony XCA: %2? Wrong Size %1 Template file content error (too small) Not a PEM encoded XCA Template Not an XCA Template, but '%1' pki_x509 Successfully imported the certificate '%1' Poprawnie zaimportowano certyfikat '%1' Delete the certificate '%1'? Czy usunąć certyfikat '%1'? Successfully created the certificate '%1' Poprawnie utworzono certyfikat '%1' Delete the %1 certificates: %2? Czy usunąć %1 certyfikaty: %2? Unable to load the certificate in file %1. Tried PEM and DER certificate. Nie można załadować certyfikatu z pliku %1. Próbowano certyfikaty w formacie PEM i DER. This certificate is already on the security token Ten certyfikat już istnieje na bezpiecznym tokenie Delete the certificate '%1' from the token '%2 (#%3)'? There is no key for signing ! Wrong Size %1 No Yes Renew certificate: %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' CRL Renewal of CA '%1' due The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' pki_x509req Signing key not valid (public key) Successfully imported the %1 certificate request '%2' Poprawnie zaimportowano żądanie certyfikacyjne %1 jako '%2' Delete the %1 certificate request '%2'? Czy usunąć żądanie certyfikacyjne '%2' typu %1? Successfully created the %1 certificate request '%2' Poprawnie utworzono żądanie certyfikacyjne %1 jako '%2' Delete the %1 certificate requests: %2? Czy usunąć %1 żądania certyfikacyjne: %2? Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. Nie można załadować żądania certyfikacyjnego z pliku %1. Próbowano format PEM, DER i SPKAC. Wrong Size %1 Signed Podpisany Unhandled v3ext Copy Common Name Add Dodaj Delete Usuń Apply Zastosuj Validate Weryfikuj Cancel An email address or 'copy' An email address A registered ID: OBJECT IDENTIFIER A uniform resource indicator A DNS domain name or 'copycn' A DNS domain name An IP address Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' No editing. Only 'copy' allowed here Validation failed: '%1' %2 Validation successful: '%1' xca-RELEASE.2.2.1/lang/xca_it.ts0000644000175000017500000047110313614632167015463 0ustar tewardteward CaProperties CA Properties Proprietà della CA Days until next CRL issuing Prossimo rilascio della CRL (giorni) Default template Modello predefinito CertDetail Details of the Certificate Dettagli del certificato Serial Seriale The serial number of the certificate Il numero di serie del certificato The internal name of the certificate in the database Nome interno del certificato nel database Status Stato Internal name Nome interno Signature Firma Key Chiave Fingerprints Fingerprints MD5 MD5 An md5 hashsum of the certificate Un hash MD5 del certificato SHA1 SHA1 A SHA-1 hashsum of the certificate Un hash SHA-1 del certificato SHA256 SHA256 A SHA-256 hashsum of the certificate Un hash SHA-256 del certificato Validity Validità The time since the certificate is valid Data/ora inizio validità The time until the certificate is valid Data/ora fine validità Subject Soggetto Issuer Emittente Extensions Estensioni Comment Commento Attributes Attributi Show config Visualizza configurazione Show extensions Visualizza estensioni Show public key Visualizza chiave pubblica This key is not in the database. Chiave assente nel database. Not available Non disponibile Signer unknown Firmatario sconosciuto Self signed Auto-firmato Revoked at %1 Revocato il %1 Revoked: Revocato: Not valid Non valido Valid Valido Details of the certificate signing request Dettagli della CSR (richiesta di firma certificato) CertExtend Certificate renewal Rinnovo certificato This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. Sarà creato un nuovo certificato come copia del precedente con un nuovo numero di serie e date di validità adattate. Validity Validità Not before Non prima Not after Non dopo Time range Intervallo di tempo Local time Ora locale Days Giorni Months Mesi Years Anni No well-defined expiration Scadenza non ben definita Midnight Mezzanotte Apply Applica Revoke old certificate Revoca vecchio certificato Keep serial number Mantieni numero di serie The certificate will be earlier valid than the signer. This is probably not what you want. La validità del certificato sarebbe antecedente a quella del firmatario. Questo probabilmente non è ciò che si desidera. Edit dates Modifica date Abort rollout Interrompi rilascio Continue rollout Continua rilascio Adjust date and continue Adatta la data e continua The certificate will be longer valid than the signer. This is probably not what you want. La validità del certificato sarebbe posteriore a quella del firmatario. Questo probabilmente non è ciò che si desidera. CertTreeView Import PKCS#12 Importa da PKCS#12 Import from PKCS#7 Importa da PKCS#7 Request Richiesta Security token Token di sicurezza Other token Altro token Similar Certificate Certificato simile Delete from Security token CA CA Properties Proprietà Generate CRL Genera CRL Manage revocations Gestisci revoche Renewal Rinnovo Revoke Revoca Unrevoke Annulla revoca ClickLabel Double click for details Doppio click per dettagli CrlDetail Details of the Revocation list Dettagli della lista di revoca (CRL) &Status &Stato Version Versione Signature Firma Signed by Firmato da Name Nome The internal name of the CRL in the database Nome interno della CRL nel database issuing dates Date di rilascio Next update Prossimo aggiornamento Last update Ultimo aggiornamento &Issuer &Emittente &Extensions &Estensioni &Revocation list &Lista di revoca Comment Commento Failed Fallito Unknown signer Firmatario sconosciuto Verification not possible Impossibile verificare ExportDialog Name Nome The internal name of the CRL in the database Nome interno della CRL nel database ... ... Filename Nome File Export comment into PEM file Esporta commento nel file PEM Export Format Formato di esportazione All files ( * ) Tutti i file (*) PEM Text format with headers Formato testo PEM con intestazioni Concatenated list of all selected items in one PEM text file Lista concatenata di tutti gli oggetti selezionati in un file di testo PEM Concatenated text format of the complete certificate chain in one PEM file Formato testo concatenato della catena di certificazione completa in un file PEM Concatenated text format of all certificates in one PEM file Formato testo concatenato di tutti i certificati in un file PEM Binary DER encoded file File in codifica DER binaria PKCS#7 encoded single certificate Singolo certificato con codifica PKCS#7 PKCS#7 encoded complete certificate chain Catena di certificazione completa con codifica PKCS#7 Concatenated text format of all unrevoked certificates in one PEM file Formato testo concatenato di tutti i certificati non revocati in un file PEM All unrevoked certificates encoded in one PKCS#7 file Tutti i certificati non revocati codificati in un file PKCS#7 All selected certificates encoded in one PKCS#7 file Tutti i certificati selezionati codificati in un file PKCS#7 All certificates encoded in one PKCS#7 file Tutti i certificati codificati in un file PKCS#7 The certificate and the private key as encrypted PKCS#12 file Certificato e chiave privata in un file PKCS#12 crittato The complete certificate chain and the private key as encrypted PKCS#12 file Catena di certificazione completa e chiave privata in un file PKCS#12 crittato Concatenation of the certificate and the unencrypted private key in one PEM file Certificato e chiave privata concatenati in chiaro in unico file con codifica PEM Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Certificato e chiave privata concatenati e crittati in unico file con codifica PKCS#8 Text format of the public key in one PEM file Chiave pubblica formato testo in unico file PEM Binary DER format of the public key Chiave pubblica formato DER binario Unencrypted private key in text format Chiave privata in chiaro in formato testo OpenSSL specific encrypted private key in text format Chiave privata crittata OpenSSL in formato testo Unencrypted private key in binary DER format Chiave privata in chiaro in formato DER binario Unencrypted private key in PKCS#8 text format Chiave privata in chiaro in formato testo PKCS#8 Encrypted private key in PKCS#8 text format Chiave privata crittata in formato testo PKCS#8 The public key encoded in SSH2 format Chiave pubblica codificata in formato SSH2 OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool File indice dei certificati in formato specifico OpenSSL come creato dal comando 'ca' e richiesto dallo strumento OCSP vCalendar expiry reminder for the selected items Promemoria scadenza in formato vCalendar per gli oggetti selezionati vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL Promemoria scadenza in formato vCalendar contenente tutti i certificati rilasciati e validi, la CA stessa e l'ultima CRL The file: '%1' already exists! Il file: '%1' esiste già! Overwrite Sovrascrivi Do not overwrite Non sovrascrivere Help << << >> >> &Done &Eseguito ImportMulti Import PKI Items Importazione oggetti PKI Import &All Importa &Tutto &Import &Importa &Done &Eseguito &Remove from list &Rimuovi dalla lista Details Dettagli Delete from token Elimina dal token Rename on token Rinomina nel token Name: %1 Model: %2 Serial: %3 Nome: %1 Modello: %2 Seriale: %3 Manage security token Gestisci token di sicurezza Details of the item '%1' cannot be shown Dettagli dell'elemento '%1' non possono essere mostrati The type of the item '%1' is not recognized Il tipo dell'elemento '%1' non è riconosciuto The file '%1' did not contain PKI data Il file '%1' non contiene dati PKI The %1 files: '%2' did not contain PKI data I file %1: '%2' non contengono dati PKI ItemProperties Name Nome Source Sorgente Insertion date Data di inserimento Comment Commento KeyDetail Name Nome The internal name of the key used by xca Nome interno della chiave utilizzato da xca Security token Token di sicurezza Manufacturer Produttore Serial Seriale Key Chiave Public Exponent Esponente pubblico Keysize Dimensione della chiave Private Exponent Esponente privato Security Token Token di sicurezza Label Etichetta PKCS#11 ID ID PKCS#11 Token information Informazioni token Model Modello Fingerprint Fingerprint Comment Commento Details of the %1 key Dettagli della chiave %1 Not available Non disponibile Available Disponibile Sub prime Sub prime Public key Chiave pubblica Private key Chiave privata Curve name Nome della curva Unknown key Chiave sconosciuta KeyTreeView Change password Cambio passoword Reset password Reset della password Change PIN Cambio PIN Init PIN with SO PIN (PUK) Inizializza PIN con SO PIN (PUK) Change SO PIN (PUK) Modifica SO PIN (PUK) Security token Token di sicurezza This is not a token Questo non è un token Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable Si desidera che la chiave originale '%1' sia sostituita nel token? Ciò eliminerà la chiave '%1' e la renderà non esportabile MainWindow Private Keys Chiavi private &New Key &Nuova chiave &Export &Esporta &Import &Importa Import PFX (PKCS#12) Importa PFX (PKCS#12) &Show Details &Mostra dettagli &Delete &Elimina Certificate signing requests Richieste di firma certificato (CSR) &New Request &Nuova richiesta Certificates Certificati &New Certificate &Nuovo certificato Import &PKCS#12 Importa &PKCS#12 Import P&KCS#7 Importa P&KCS#7 Plain View Visualizzazione semplice Templates Modelli &New Template &Nuovo modello &New CRL &Nuova CRL Ch&ange Template Modific&a modello Revocation lists Liste di revoca Using or exporting private keys will not be possible without providing the correct password Utilizzo ed esportazione di chiavi private non consentito senza fornire la password corretta Database Database The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. L'hash predefinito corrente '%1' non è sicuro. Prego selezionare almeno SHA 244. Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Rilevato formato database obsoleto. Creo un copia di backup chiamata: '%1' e converto il database nel nuovo formato Failed to rename the database file, because the target already exists Impossibile rinominare il file database: nome destinazione già esistente No deleted items found Non trovati elementi cancellati Recent DataBases Database recenti System Sistema Croatian Croato English Inglese French Francese German Tedesco Russian Russo Slovak Slovacco Spanish Spagnolo Polish Polacco Italian Italiano Chinese Cinese Dutch Olandese Portuguese in Brazil Portoghese brasiliano Turkish Turco Language Lingua &File &File &New DataBase &Nuovo database &Open DataBase &Apri database Open Remote DataBase Apri database remoto Set as default DataBase Imposta come database predefinito &Close DataBase &Chiudi database New DataBase Nuovo database Open DataBase Apri database Close DataBase Chiudi database Options Opzioni Exit Esci I&mport I&mporta Keys Chiavi Requests Richieste PKCS#12 PKCS#12 PKCS#7 PKCS#7 Template Modello Revocation list Lista di revoca PEM file File PEM Paste PEM file Incolla file PEM Token Token Export Certificate &Index hierarchy &Esporta gerarchia degli indici certificati Content Contenuto &Token &Token &Manage Security token &Gestisci token di sicurezza &Init Security token &Inizializza token di sicurezza &Change PIN &Cambia PIN Change &SO PIN Cambia &SO PIN Init PIN Inizializza PIN Extra Extra &Dump DataBase &Database dump &Export Certificate Index &Esporta indice certificati &Export Certificate Index hierarchy &Esporta gerarchia degli indici certificati C&hange DataBase password C&ambia password del database &Undelete items Ann&ulla eliminazione elementi Generate DH parameter Genera parametro DH OID Resolver OID Resolver &Help &Help &Content &Contenuti About A proposito di no such option: %1 opzione inesistente: %1 Import PEM data Importa dati PEM Please enter the original SO PIN (PUK) of the token '%1' Prego inserire il SO PIN (PUK) originale del token '%1' Search Cerca Please enter the new SO PIN (PUK) for the token '%1' Prego inserire il nuovo SO PIN (PUK) del token '%1' The new label of the token '%1' La nuova etichetta del token '%1' The token '%1' did not contain any keys or certificates Il token '%1' non contiene nessuna chiave o certificato Current Password Password corrente Please enter the current database password Prego inserire la password corrente del database The entered password is wrong La password inserita non è corretta New Password Nuova password Please enter the new password to encrypt your private keys in the database-file Prego inserire la nuova password per crittare le chiavi private nel file di database Transaction start failed Fallito lo start della transazione Please enter a password, that will be used to encrypt your private keys in the database: %1 Prego inserire una password che verrà utilizzata per crittare le chiavi private nel database: %1 Password verify error, please try again Errore di verifica password, prego riprovare Password Password Please enter the password for unlocking the database: %1 Prego inserire la password per sbloccare il database: %1 The following error occurred: Incontrato l'errore seguente: Copy to Clipboard Copia negli appunti Certificate Index ( index.txt ) Indice dei certificati ( index.txt ) All files ( * ) Tutti i file ( * ) Diffie-Hellman parameters saved as: %1 Parametri Diffie-Hellman salvati come: %1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits I parametri Diffie-Hellman sono necessari per varie applicazioni ma non sono gestiti da XCA. Prego inserire i bit dei parametri DH Error opening file: '%1': %2 Errore in apertura file: '%1': %2 NewCrl Last update Ultimo aggiornamento Next update Prossimo aggiornamento Days Giorni Months Mesi Years Anni Midnight Mezzanotte Local time Ora locale Apply Applica Options Opzioni CRL number Numero CRL Subject alternative name Nome alternativo soggetto Revocation reasons Motivi di revoca Authority key identifier Identificatore della chiave dell'Authority Hash algorithm Algoritmo di hash NewKey Please give a name to the new key and select the desired keysize Prego dare un nome alla nuova chiave e selezionare la dimensione desiderata Key properties Proprietà della chiave Name Nome The internal name of the new key Nome interno della nuova chiave Curve name Nome della curva Usually at least 2048 bit keys are recommended Sono raccomandate chiavi almeno 2048 bit New Key Nuova chiave Keysize Dimensione chiave Keytype Tipo di chiave Remember as default Ricorda come predefinito Create Crea NewX509 Source Sorgente Signing request Richiesta di firma Show request Mostra richiesta Sign this Certificate signing &request Firma questa &richiesta di firma certificato (CSR) Copy extensions from the request Copia le estensioni dalla richiesta Modify subject of the request Modifica il soggetto della richiesta Signing Firma Create a &self signed certificate &Crea un certificato auto-firmato Use &this Certificate for signing Utilizza ques&to certificato per la firma All certificates in your database that can create valid signatures Tutti i certificati nel database che possono creare firme valide Signature algorithm Algoritmo di firma Template for the new certificate Modello per il nuovo certificato All available templates Tutti i modelli disponibili Apply extensions Applica le estesnsioni Apply subject Applica il soggetto Apply all Applica tutto Subject Soggetto Internal Name Nome interno Distinguished name Distinguished name Add Aggiungi Delete Elimina Private key Chiave privata This list only contains unused keys Questa lista contiene solo chiavi inutilizzate Used keys too Anche chiavi utilizzate &Generate a new key &Genera una nuova chiave Extensions Estensioni Type Tipo If this will become a CA certificate or not Se questo diventerà un certificato CA o no Not defined Non definito Certification Authority Autorità di certificazione End Entity Entità finale Path length Lunghezza del path How much CAs may be below this. Quante CA possono esistere sotto a questa. The basic constraints should always be critical I vincoli di base dovrebbero sempre essere 'critical' Key identifier Identificatore chiave Creates a hash of the key following the PKIX guidelines Crea un hash della chiave secondo le direttive PKIX Copy the Subject Key Identifier from the issuer Copia il campo Identificatore Chiave Soggetto dall'emittente Validity Validità Not before Non prima Not after Non dopo Time range Intervallo di tempo Days Giorni Months Mesi Years Anni Apply Applica Set the time to 00:00:00 and 23:59:59 respectively Imposta orario a 00:00:00 e 23:59:59 rispettivamente Midnight Mezzanotte Local time Ora locale No well-defined expiration Scadenza non ben definita DNS: IP: URI: email: RID: DNS: IP: URI: email: RID: Edit Modifica URI: URI: Key usage Utilizzo chiave Netscape Netscape Advanced Avanzate Validate Validazione Comment Commento This name is only used internally and does not appear in the resulting certificate Questo nome è utilizzato solo internamente e non compare nel certificato risultante Critical Critico Create Certificate signing request Crea una richiesta di firma certificato (CSR) minimum size: %1 dimensione minima: %1 maximum size: %1 dimensione massima: %1 only a-z A-Z 0-9 '()+,-./:=? solamente a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters solamente caratteri a 7-bit Edit XCA template Modifica modello XCA Create x509 Certificate Crea certificato x509 Template '%1' applied Applicato modello '%1' Subject applied from template '%1' Applicato soggetto da modello '%1' Extensions applied from template '%1' Applicate estensioni da modello '%1' New key '%1' created Creata nuova chiave '%1' Other Tabs Altre Tab Advanced Tab Tab avanzate Errors Errori From PKCS#10 request Dalla richiesta PKCS#10 Abort rollout The following length restrictions of RFC3280 are violated: I seguenti vincoli di lunghezza dall'RFC3280 sono violati: Edit subject Modifica soggetto Continue rollout The verification of the Certificate request failed. The rollout should be aborted. La verifica della richiesta certificato è fallita. Il rollout dovrebbe essere abortito. Continue anyway Continua comunque The internal name and the common name are empty. Please set at least the internal name. I campi nome interno e nome comune sono vuoti. Prego definire almeno il nome interno. Edit name Modifica nome There is no Key selected for signing. Nessuna chiave selezionata per la firma. Select key selezione chiave The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. I seguenti campi "Distinguished name" sono vuoti: %1 nonostante siano stati dichiarati come obbligatori nel menu opzioni. The key you selected for signing is not a private one. La chiave selezionata per la firma non è una chiave privata. Select other signer Seleziona altro firmatario Select other key Seleziona altra chiave The certificate will be earlier valid than the signer. This is probably not what you want. La validità del certificato sarebbe antecedente a quella del firmatario. Questo probabilmente non è ciò che si desidera. Edit dates Modifica date Adjust date and continue Aggiusta la data e continua The certificate will be longer valid than the signer. This is probably not what you want. La validità del certificato sarebbe posteriore a quella del firmatario. Questo probabilmente non è ciò che si desidera. The certificate will be out of date before it becomes valid. You most probably mixed up both dates. La data di scadenza del certificato è antecedente a quella di inizio validità. Probabilmente sono state scambiate. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. Il certificato contiene estensioni non valide o duplicate. Controllare la validazione nella linguetta "avanzate". The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. Il certificato non contiene estensioni. Puoi applicare le estensioni di uno dei modelli per definire lo scopo del certificato. Edit extensions Modifica estensioni The subject alternative name shall contain a copy of the common name. However, the common name is empty. Il nome alternativo del soggetto sarà copiato dal nome comune. Tuttavia, il campo nome comune è vuoto. Configfile error on line %1 Errore nella linea %1 del file di configurazione OidResolver OID Resolver Enter the OID, the Nid, or one of the textual representations Inserire OID, Nid oppure una delle rappresentazioni testuali Search Ricerca OID OID Long name Nome completo OpenSSL internal ID ID interno OpenSSL Nid Nid Short name Nome breve OpenDb Open remote database Apri database remoto Database type Tipo di database Hostname Username Password Database name Nome database Table prefix Prefisso tabelle No SqLite3 driver available. Please install the qt-sqlite package of your distribution Driver SqLite3 non disponibile. Prego installare il pacchetto qt-sqlite della distribuzione in uso Please enter the password to access the database server %2 as user '%1'. Prego inserire la password di accesso al database server %2 come utente: '%1'. The database driver does not support transactions. This may happen if the client and server have different versions. Continue with care. Il driver database non supporta le transazioni. Questo può succedere se il client e il server hanno versioni differenti. Continuare con attenzione. Options XCA Options Opzioni XCA Settings Impostazioni Default hash algorithm Algoritmo di hash predefinito String types Tipi di stringa Suppress success messages Sopprimi i messaggi di successo Don't colorize expired certificates Non colorare i certificati scaduti Translate established x509 terms (%1 -> %2) Traduci i termini x509 stabiliti (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. La funzionalità hash del token non è utilizzata da XCA. Può comunque onorare un ritretto insieme di hash propagati dal token. Nello specifico EC e DSA sono definiti solo con SHA1 nelle specifiche PKCS#11. Only use hashes supported by the token when signing with a token key Utilizzare solo hash supportati dal token quando si firma con una chiave del token Disable legacy Netscape extensions Disabilita estensioni Netscape obsolete Certificate expiry warning threshold Limite di avviso scdenza certificato Send vCalendar expiry reminder Spedisci promemoria scadenza in formato vCalendar Serial number length Lunghezza del numero di serie bit Distinguished name Mandatory subject entries Elementi obbligatori del soggetto Add Aggiungi Delete Elimina Explicit subject entries Elementi espliciti del soggetto Dynamically arrange explicit subject entries Sistemazione dinamica degli elementi espliciti del soggetto Default Predefinito PKCS#11 provider Provider PKCS#11 Remove Rimuovi Search Ricerca Printable string or UTF8 (default) Stringa stampabile o UTF8 (predefinito) PKIX recommendation in RFC2459 Raccomandazioni PKIX da RFC2459 No BMP strings, only printable and T61 No stringhe BMP, solo stampabili e T61 UTF8 strings only (RFC2459) Solo stringhe UTF8 (RFC2459) All strings Tutte le stringhe Days Giorni Weeks Settimane Load failed Caricamento fallito PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) La password è processata come sequenza di codici esadecimali a 2 cifre. Deve avere un numero pari di caratteri (0-9 e a-f) Take as HEX string Considera come stringa HEX Repeat %1 Ripeti %1 %1 mismatch %1 mancata corrispondenza Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters La password di tipo hex può contenere solo caratteri '0' -'9' e 'a' - 'f' in numero pari E&xit E&sci QObject Undefined Indefinito Broken / Invalid Non valido in %1 seconds entro %1 secondi %1 seconds ago %1 secondi fa in %1 minutes entro %1 minuti %1 minutes ago %1 minuti fa Yesterday Ieri Tomorrow Domani in %1 hours entro %1 ore %1 hours ago %1 ore fa DB: Rename: '%1' already in use DB: Rinomina: '%1' già in uso DB: Entry to rename not found: %1 DB: Elemento da rinominare non trovato: %1 DB: Write error %1 - %2 DB: Errore di scrittura %1 - %2 Out of data Dati esauriti Error finding endmarker of string Errore: non trovato marcatore di fine stringa Out of Memory at %1:%2 Memoria esaurita a %1:%2 Country code Codice paese State or Province Stato o provincia Locality Località Organisation Organizzazione Organisational unit Unità organizzativa Common name Nome comune E-Mail address Indirizzo e-mail Serial number Numero di serie Given name Nome Surname Cognome Title Titolo Initials Iniziali Description Descrizione Role Ruolo Pseudonym Pseudonimo Generation Qualifier Qualificatore di generazione x500 Unique Identifier Identificativo univoco x500 Name Nome DN Qualifier Qualificatore DN Unstructured name Nome non strutturato Basic Constraints Vincoli base Subject alternative name Nome alternativo soggetto issuer alternative name Nome alternativo emittente Subject key identifier Identificativo chiave soggetto Authority key identifier Identificativo chiave authority Key usage Utilizzo della chiave Extended key usage Utilizzo esteso della chiave CRL distribution points Punti di distribuzione CRL Authority information access Informazioni di accesso all'authority Certificate type Tipo di certificato Base URL URL base Revocation URL URL di revoca CA Revocation URL URL di revoca della CA Certificate renewal URL URL per rinnovo certificato CA policy URL URL delle policy CA SSL server name Nome server SSL Comment Commento All files ( * ) Tutti i file (*) Import RSA key Importa chiave RSA PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; SSH Public Keys ( *.pub );; Chiavi PKI ( *.pem *.der *.key );; Chiavi PKCS#8 ( *.p8 *.pk8 );; Chiavi pubbliche SSH ( *.pub );; PKCS#10 CSR ( *.pem *.der *.csr );; Import Request Importa richiesta Certificates ( *.pem *.der *.crt *.cer );; Certificati ( *.pem *.der *.crt *.cer );; Import X.509 Certificate Importa certificato x509 PKCS#7 data ( *.p7s *.p7m *.p7b );; Dati PKCS#7 ( *.p7s *.p7m *.p7b );; Import PKCS#7 Certificates Importa certificati PKCS#7 PKCS#12 Certificates ( *.p12 *.pfx );; Certificati PKCS#12 ( *.p12 *.pfx );; Import PKCS#12 Private Certificate Importa certificato privato PKCS#12 XCA templates ( *.xca );; Modelli XCA ( *.xca );; Import XCA Templates Importa modelli XCA Revocation lists ( *.pem *.der *.crl );; Liste di revocas ( *.pem *.der *.crl );; Import Certificate Revocation List Importa liste di revoca certificati (CRL) XCA Databases ( *.xdb );; Database XCA ( *.xdb );; Open XCA Database Apri database XCA PKCS#11 library ( *.dll );; Libreria PKCS#11 ( *.dll );; PKCS#11 library ( *.dylib *.so );; Libreria PKCS#11 ( *.dylib *.so );; PKCS#11 library ( *.so );; Libreria PKCS#11 ( *.so );; Open PKCS#11 shared library Apri libreria condivisa PKCS#11 PEM files ( *.pem );; File PEM ( *.pem );; Load PEM encoded file Carica file codificato PEM Please enter the PIN on the PinPad Prego inserire il PIN nella PinPad Please enter the SO PIN (PUK) of the token %1 Prego inserire il SO PIN (PUK) del token %1 Please enter the PIN of the token %1 Prego inserire il PIN del token %1 No Security token found Nessun token di sicurezza trovato Select Seleziona Please enter the new SO PIN (PUK) for the token: '%1' Prego inserire il nuovo SO PIN (PUK) del token: '%1' Please enter the new PIN for the token: '%1' Prego inserire il nuovo PIN del token: '%1' Required PIN size: %1 - %2 Dimensione PIN richiesta: %1 - %2 Failed to open PKCS11 library: %1 Impossibile aprire libreria PKCS#11: %1 Failed to open PKCS11 library: %1: %2 Impossibile aprire libreria PKCS#11: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Questo non sembra essere una libreria PKCS#11. Simbolo 'C_GetFunctionList' non trovato. Disabled Disabilitato Library loading failed Impossibile caricare libreria PKCS#11 function '%1' failed: %2 Funzione PKCS#11 '%1' fallita: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 Funzione PKCS#11 '%1' fallita: %2 nella libreria %3 %4 Invalid Non valido %1 is shorter than %2 bytes: '%3' %1 è minore di %2 bytes: '%3' %1 is longer than %2 bytes: '%3' %1 è maggiore di %2 bytes: '%3' String '%1' for '%2' contains invalid characters La stringa '%1' per '%2' contiene caratteri non validi Error reading config file %1 at line %2 Errore nella lettura del file di configurazione %1 alla linea %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. L'oggetto '%1' nel file %2 alla linea %3 è già conosciuto come '%4:%5:%6' e dovrebbe essere rimosso. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. L'identificativo '%1' per l'OID %2 nel file %3 alla linea %4 è già utilizzato per un OID differente come '%5:%6:%7' e dovrebbe essere modificato per evitare conflitti. Unknown object '%1' in file %2 line %3 Oggetto sconosciuto '%1' nel file %2 linea %3 Failed to start a database transaction Impossibile iniziare una transazione database ReqTreeView Sign Firma Unmark signed Marca non firmato Mark signed Marca firmato Similar Request Richiesta simile RevocationList Manage revocations Gestisci revoche Add Aggiungi Delete Elimina Edit Modifica No. Num. Serial Seriale Revocation Revoca Reason Motivo Invalidation Annullamento Generate CRL Genera CRL Revoke Certificate revocation Revoca certificato Revocation details Dettagli della revoca Revocation reason Motivo della revoca Local time Ora locale Invalid since Non valido dal Serial Seriale SearchPkcs11 Directory ... Include subdirectories Includi le subdirectory Search Ricerca The following files are possible PKCS#11 libraries I seguenti file potrebbero essere librerie PKCS#11 SelectToken Security token Token di sicurezza Please select the security token Prego selezionare il token di sicurezza TempTreeView Duplicate Duplica Create certificate Crea certificato Create request Crea richiesta copy Copia Validity yyyy-MM-dd hh:mm aaaa-MM-gg hh:mm X509SuperTreeView OpenSSL config Configurazione OpenSSL Transform Trasforma Template Modello Public key Chiave pubblica XcaTreeView Subject entries Elementi del soggetto X509v3 Extensions Estensioni X509v3 Netscape extensions Estensioni Netscape Reset Reimposta Hide Column Nascondi colonna Details DettagliDettagli Columns Colonne New Nuovo Import Importa Paste PEM data Incolla dati PEM Rename Rinomina Properties Proprietà Delete Elimina Export Esporta Clipboard Appunti File File db_base Error opening file: '%1': %2 Errore in apertura file: '%1': %2 Internal name Nome interno No. Primary key Chiave primaria Database unique number Numero univoco database Date Data Date of creation or insertion Data di creazione o inserimento Source Sorgente Generated, Imported, Transformed Generato, importato, trasformato Comment Commento First line of the comment field Prima linea del campo commento Could not create directory %1 Impossibile creare la directory %1 Item properties Proprietà elemento How to export the %1 selected items Come esportare l'elemento selezionato %1 All in one PEM file Tutto in un unico file PEM Each item in one file Ciascun elemento in un singolo file Save %1 items in one file as Salva gli elementi %1 in un singolo file come PEM files ( *.pem );; All files ( * ) File PEM ( *.pem );; Tutti i file ( * ) db_crl Signer Firmatario Internal name of the signer Nome interno del firmatario No. revoked N. Revocati Number of revoked certificates Numero di certificati revocati Last update Ultimo aggiornamento Next update Prossimo aggiornamento CRL number Numero CRL The revocation list already exists in the database as: '%1' and so it was not imported La lista di revoca esiste già nel database come: '%1' quindi non è stata importata Revocation list export Esportazione lista di revoca CRL ( *.pem *.der *.crl ) There are no CA certificates for CRL generation Non esistono certificati CA per generare la CRL Select CA certificate Seleziona un certificato CA Create CRL Crea CRL Failed to initiate DB transaction Inizializzazione transazione DB fallita Database error: %1 Errore database: %1 Database error: Errore database: db_key Type Tipo Size Dimensione EC Group Gruppo EC Use Utilizzo Password Password The key is already in the database as: '%1' and is not going to be imported La chiave esiste già nel DB com: '%1' e non verrà importata The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key Il DB contiene già la parte pubblica della chiave importata come '%1 e sarà completata con la nuova parte privata della chiave Extending public key from %1 by imported key '%2' Estensione chiave pubblica da %1 per mezzo della chiave importata '%2' Key size too small ! Dimensione della chiave troppo piccola ! You are sure to create a key of the size: %1 ? Siete sicuri di voler creare una chiave di dimensione: %1 ? PEM public PEM pubblica SSH2 public SSH2 pubblica PEM private PEM privata Export keys to Clipboard Esporta chiavi negli appunti Clipboard Appunti Export public key [%1] Esporta chiave pubblica [%1] DER public DER pubblica DER private DER privata PEM encryped PEM crittata PKCS#8 encrypted PKCS#8 crittata Export private key [%1] Esporta chiave privata [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Chiavi private ( *.pem *.der *.pk8 );; Chiavi pubbliche SSH ( *.pub );; Tried to change password of a token Si è tentato di cambiare la password di un token db_temp Bad template: %1 Modello errato: %1 Empty template Modello vuoto Preset Template values Valori modello predefiniti Save template as Salva modello come XCA templates ( *.xca );; All files ( * ) Modelli XCA ( *.xca );; Tutti i file ( * ) db_x509 CA CA reflects the basic Constraints extension riflette le estensioni vincolo di base Serial Seriale Start date Data di inizio Expiry date Data di scadenza MD5 fingerprint SHA1 fingerprint SHA256 fingerprint Not before Non prima Not after Non dopo Revocation Revoca CRL Expiration Scadenza CRL Plain View Visualizzazione semplice Tree View Visualizzazione ad albero Failed to retrieve unique random serial Impossibile reperire un seriale univoco casuale The certificate already exists in the database as: '%1' and so it was not imported Il certificato esiste già nel database come: '%1' pertanto non è stato importato Signed on %1 by '%2' Firmato su %1 da '%2' Unknown Sconosciuto Invalid public key Chiave pubblica non valida PKCS#7 unrevoked PKCS#7 annullata revoca PEM unrevoked PEM annullata revoca vCalendar vCalendar CA vCalendar CA vCalendar days giorni No template Nessun modello The key you selected for signing is not a private one. La chiave selezionata per la firma non è una chiave privata. Store the certificate to the key on the token '%1 (#%2)' ? Salvare il certificato nella chiave sul token '%1 (#%2)' ? PEM chain Catena PEM PKCS#7 chain Catena PKCS#7 PKCS#12 chain Catena PKCS#12 PKCS#7 all PKCS#7 tutto PEM + key PEM + chiave PEM all PEM tutto Certificate Index file File indice certificati Certificate export Esportazione Certificato X509 Certificates ( *.pem *.cer *.crt *.p12 *.p7b ) Certificati x509 ( *.pem *.cer *.crt *.p12 *.p7b ) There was no key found for the Certificate: '%1' Nessuna chiave trovata per il certificato: '%1' Not possible for a token key: '%1' Impossibile per una chiave token: '%1' Error opening file: '%1': %2 Errore in apertura file: '%1': %2 Not possible for the token-key Certificate '%1' Impossibile per il certificato chiave token: '%1' days giorni db_x509name Subject Soggetto Complete distinguished name Distinguished name completo Subject hash Hash del soggetto Hash to lookup certs in directories Hash per ricerca certificati nelle directory db_x509req Signed Firmato whether the request is already signed or not se la richiesta è già firmata o meno Unstructured name Nome non strutturato Challenge password Challenge password Certificate count Numero certificati Number of certificates in the database with the same public key Numero certificati nel database con la stessa chiave pubblica The certificate signing request already exists in the database as '%1' and thus was not stored La richiesta di firma certificato esiste già nel database come '%1' pertanto non è stata salvata Certificate request export Esportazione richiesta certificato Certificate request ( *.pem *.der *.csr ) Richiesta certificato ( *.pem *.der *.csr ) db_x509super Key name Nome chiave Internal name of the key Nome interno della chiave Signature algorithm Algoritmo di firma Extracted from %1 '%2' Estratto da %1 '%2' Certificate Certificato Certificate request Richiesta certificato Save as OpenSSL config Salva come configurazione OpenSSL Config files ( *.conf *.cnf);; All files ( * ) File di configurazione ( *.conf *.cnf);; Tutti i file ( * ) The following extensions were not ported into the template Le seguenti estensioni non erano state portate nel modello Transformed from %1 '%2' Trasformato da %1 '%2' kvView Type Tipo Content Contenuto pass_info Password Password PIN PIN pki_base Error opening file: '%1': %2 Errore in apertura file: '%1': %2 Error writing to file: '%1': %2 Errore scrittura file: '%1': %2 Unknown Sconosciuto Imported Importato Generated Generato Transformed Trasformato Token Token Legacy Database Database obsoleto Renewed Rinnovato Internal error: Unexpected message: %1 %2 Errore interno: Messaggio inaspettato: %1 %2 pki_crl Successfully imported the revocation list '%1' Lista di revoca '%1' importata correttamente Delete the revocation list '%1'? Elimino la lista di revoca '%1'? Successfully created the revocation list '%1' Lista di revoca '%1' creata correttamente Delete the %1 revocation lists: %2? Elimino la lista di revoca %1: '%2'? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. Impossibile caricare la lista di revoca dal file %1. Tentati i formati PEM e DER. No issuer given Non è stato fornito l'emittente Wrong Size %1 Dimensione non corretta %1 unknown Sconosciuto Renew CRL: %1 Rinnova CRL: %1 The XCA CRL '%1', issued by the CA '%2' on %3 will expire on %4. It is stored in the XCA database '%5' La CRL XCA '%1', rilasciata dalla CA '%2' il %3, scadrà il %4. E' mantenuta nel database XCA '%5' pki_evp Failed to decrypt the key (bad password) Impossibile decrittare la chiave (password errata) Failed to decrypt the key (bad password) %1 Impossibile decrittare la chiave (password errata) %1 Please enter the password to decrypt the private key. Prego inserire la password per decrittare la chiave privata. The key from file '%1' is incomplete or inconsistent. La chiave nel file '%1' è incompleta o inconsistente. Please enter the password to decrypt the private key from file: %1 Prego inserire la password per decrittare la chiave privata dal file: %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. Impossibile caricare la chiave privata nel file %1. Tentativi con i formati PEM e DER privati, pubblici, tipi chiave PKCS#8 e formato SSH2. Ignoring unsupported private key Ignorata chiave privata non supportata Please enter the password to decrypt the private key: '%1' Prego inserire la password per decrittare la chiave privata: '%1' Password input aborted Inserimento password abortito Please enter the database password for decrypting the key '%1' Prego inserire la password del database per decrittare la chiave: '%1' Please enter the password to protect the private key: '%1' Prego inserire la password per proteggere la chiave privata: '%1' Please enter the database password for encrypting the key Prego inserire la password del database per crittare la chiave Please enter the password protecting the PKCS#8 key '%1' Prego inserire la password della chiave PKCS#8 '%1' Please enter the export password for the private key '%1' Prego inserire la password per esportare la chiave privata: '%1' pki_key Successfully imported the %1 public key '%2' Chiave pubblica '%2' di %1 importata correttamente Delete the %1 public key '%2'? Elimina chiave pubblica '%2' di %1? Successfully imported the %1 private key '%2' Chiave privata '%2' di %1 importata correttamente Delete the %1 private key '%2'? Elimina chiave privata '%2' di %1? Successfully created the %1 private key '%2' Chiave privata '%2' di %1 creata correttamente Delete the %1 keys: %2? Eliminare le chiavi di %1: %2? Public key Chiave pubblica Common Comune Private Privata Bogus Fasullo PIN PIN No password Nessuna password Unexpected SSH2 content: '%1' Contenuto SSH2 non previsto: '%1' Invalid SSH2 public key Chiave pubblica SSH2 non valida Failed writing to %1 Errore scrittura su %1 pki_multi No known PEM encoded items found Non trovato nessun elemento codificato PEM pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 Prego inserire la password per decrittare il file PKCS#12: %1 Unable to load the PKCS#12 (pfx) file %1. Impossibile caricare il file PKCS#12 (pfx) %1. The supplied password was wrong (%1) La password fornita non è corretta (%1) Please enter the password to encrypt the PKCS#12 file Prego inserire la password per crittare il file PKCS#12 No key or no Cert and no pkcs12 Nessuna chiave o nessun certificato e nessun pkcs12 pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. Impossibile caricare il file PKCS#7 %1. Tentati i formati PEM e DER. pki_scard Successfully imported the token key '%1' Chiave token '%1' importata correttamente Delete the token key '%1'? Elimina chiave token '%1'? Successfully created the token key '%1' Chiave token '%1' creata correttamente Delete the %1 keys: %2? Eliminare le chiavi di %1: %2? Delete the private key '%1' from the token '%2 (#%3)' ? Eliminare la chiave privata '%1' dal token '%2 (#%3)' ? This Key is already on the token Questa chiave è già sul token PIN input aborted Inserimento PIN abortito Unable to find copied key on the token Impossibile trovare la chiave copiata sul token Please insert card: %1 %2 [%3] with Serial: %4 Prego inserire la card: %1 %2 [%3] con Seriale: %4 Public Key mismatch. Please re-import card Differenza di chiave pubblica. Prego re-importare la card Illegal Key generation method Metodo non previsto per la generazione della chiave Unable to find generated key on card Impossibile trovare la chiave generata sulla card Ignoring unsupported token key Ignorata chiave token non supportata Wrong Size %1 Dimensione non corretta %1 Token %1 Token %1 Failed to find the key on the token Impossibile trovare la chiave sul token Invalid Pin for the token PIN per il token non valido Failed to initialize the key on the token Impossibile inizializzare la chiave sul token pki_temp Successfully imported the XCA template '%1' Modello XCA '%1' importato correttamente Delete the XCA template '%1'? Eliminare modello XCA '%1'? Successfully created the XCA template '%1' Modello XCA '%1' creato correttamente Delete the %1 XCA templates: %2? Eliminare il modello XCA %1: '%2'? Wrong Size %1 Dimensione non corretta %1 Template file content error (too small) Errore contenuto del file del modello (troppo piccolo) Template file content error (too small): %1 Errore contenuto del file del modello (troppo piccolo): %1 Not a PEM encoded XCA Template Non è un modello XCA con codifica PEM Not an XCA Template, but '%1' Non è un modello XCA, ma '%1' pki_x509 Successfully imported the certificate '%1' Certificato '%1' importato correttamente Delete the certificate '%1'? Eliminare certificato '%1'? Successfully created the certificate '%1' Certificato '%1' creato correttamente Delete the %1 certificates: %2? Eliminare i certificati %1: '%2'? Unable to load the certificate in file %1. Tried PEM and DER certificate. Impossibile caricare il certificato dal file %1. Tentati i formati PEM e DER. This certificate is already on the security token Questo certificato si trova già sul token Delete the certificate '%1' from the token '%2 (#%3)'? Eliminare il certificato '%1' dal token '%2 (#%3)'? There is no key for signing ! Nessuna chiave per la firma ! Wrong Size %1 Dimensione non corretta %1 No No Yes Renew certificate: %1 Rinnovo certificato: %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' Il certificato XCA '%1', rilasciato il %2, scadrà il %3. E' mantenuto nel database XCA '%4' CRL Renewal of CA '%1' due Rinnovo CRL della CA '%1' scaduto The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' L'ultima CRL rilasciata dalla CA '%1' scadrà il %2. E' mantenuta nel database XCA '%3' pki_x509req Signing key not valid (public key) Chiave per la firma non valida (chiave pubblica) Successfully imported the %1 certificate request '%2' Richiesta certificato %1 '%2' importata correttamente Delete the %1 certificate request '%2'? Eliminare la richiesta certificato %1 '%2'? Successfully created the %1 certificate request '%2' Richiesta certificato %1 '%2' creata correttamente Delete the %1 certificate requests: %2? Eliminare la richiesta certificato %1: %2? Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. Impossibile caricare la richiesta certificato dal file %1. Tentati i formati PEM, DER e SPKAC. Wrong Size %1 Dimensione non corretta %1 Signed Firmato Unhandled Non gestito v3ext Copy Common Name Copia nome comune Add Aggiungi Delete Elimina Apply Applica Validate Validazione Cancel Annulla An email address or 'copy' Un indirizzo e-mail oppure 'copy' An email address Un indirizzo e-mail A registered ID: OBJECT IDENTIFIER Un ID registrato: OBJECT IDENTIFIER A uniform resource indicator Una URI (uniform resource indicator) A DNS domain name or 'copycn' Un nome dominio DNS oppure 'copycn' A DNS domain name Un nome dominio DNS An IP address Un indirizzo IP Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' Sintassi: <OID>;TIPO:testo come '1.2.3.4:UTF8:nome' No editing. Only 'copy' allowed here Consentito solo 'copy' qui Validation failed: '%1' %2 Validazione fallita: '%1' %2 Validation successful: '%1' Validazione riuscita: '%1' xca-RELEASE.2.2.1/lang/xca.pot0000644000175000017500000023516313614632167015147 0ustar tewardtewardmsgid "" msgstr "" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "X-Qt-Contexts: true\n" #: ../ui/CaProperties.ui:30 msgctxt "CaProperties|" msgid "CA Properties" msgstr "" #: ../ui/CaProperties.ui:92 msgctxt "CaProperties|" msgid "Days until next CRL issuing" msgstr "" #: ../ui/CaProperties.ui:102 msgctxt "CaProperties|" msgid "Default template" msgstr "" #: ../ui/CertDetail.ui:30 ../widgets/CertDetail.cpp:99 msgctxt "CertDetail|" msgid "Details of the Certificate" msgstr "" #: ../ui/CertDetail.ui:165 msgctxt "CertDetail|" msgid "Serial" msgstr "" #: ../ui/CertDetail.ui:178 msgctxt "CertDetail|" msgid "The serial number of the certificate" msgstr "" #: ../ui/CertDetail.ui:113 msgctxt "CertDetail|" msgid "The internal name of the certificate in the database" msgstr "" #: ../ui/CertDetail.ui:78 msgctxt "CertDetail|" msgid "Status" msgstr "" #: ../ui/CertDetail.ui:106 msgctxt "CertDetail|" msgid "Internal name" msgstr "" #: ../ui/CertDetail.ui:120 msgctxt "CertDetail|" msgid "Signature" msgstr "" #: ../ui/CertDetail.ui:145 msgctxt "CertDetail|" msgid "Key" msgstr "" #: ../ui/CertDetail.ui:191 msgctxt "CertDetail|" msgid "Fingerprints" msgstr "" #: ../ui/CertDetail.ui:203 msgctxt "CertDetail|" msgid "MD5" msgstr "" #: ../ui/CertDetail.ui:216 msgctxt "CertDetail|" msgid "An md5 hashsum of the certificate" msgstr "" #: ../ui/CertDetail.ui:229 msgctxt "CertDetail|" msgid "SHA1" msgstr "" #: ../ui/CertDetail.ui:242 msgctxt "CertDetail|" msgid "A SHA-1 hashsum of the certificate" msgstr "" #: ../ui/CertDetail.ui:255 msgctxt "CertDetail|" msgid "SHA256" msgstr "" #: ../ui/CertDetail.ui:268 msgctxt "CertDetail|" msgid "A SHA-256 hashsum of the certificate" msgstr "" #: ../ui/CertDetail.ui:278 msgctxt "CertDetail|" msgid "Validity" msgstr "" #: ../ui/CertDetail.ui:287 msgctxt "CertDetail|" msgid "The time since the certificate is valid" msgstr "" #: ../ui/CertDetail.ui:294 msgctxt "CertDetail|" msgid "The time until the certificate is valid" msgstr "" #: ../ui/CertDetail.ui:328 msgctxt "CertDetail|" msgid "Subject" msgstr "" #: ../ui/CertDetail.ui:341 msgctxt "CertDetail|" msgid "Issuer" msgstr "" #: ../ui/CertDetail.ui:364 msgctxt "CertDetail|" msgid "Extensions" msgstr "" #: ../ui/CertDetail.ui:385 msgctxt "CertDetail|" msgid "Comment" msgstr "" #: ../ui/CertDetail.ui:354 msgctxt "CertDetail|" msgid "Attributes" msgstr "" #: ../ui/CertDetail.ui:377 ../widgets/CertDetail.cpp:36 msgctxt "CertDetail|" msgid "Show config" msgstr "" #: ../widgets/CertDetail.cpp:40 msgctxt "CertDetail|" msgid "Show extensions" msgstr "" #: ../widgets/CertDetail.cpp:62 msgctxt "CertDetail|" msgid "Show public key" msgstr "" #: ../widgets/CertDetail.cpp:67 msgctxt "CertDetail|" msgid "This key is not in the database." msgstr "" #: ../widgets/CertDetail.cpp:69 msgctxt "CertDetail|" msgid "Not available" msgstr "" #: ../widgets/CertDetail.cpp:108 msgctxt "CertDetail|" msgid "Signer unknown" msgstr "" #: ../widgets/CertDetail.cpp:112 msgctxt "CertDetail|" msgid "Self signed" msgstr "" #: ../widgets/CertDetail.cpp:139 #, qt-format msgctxt "CertDetail|" msgid "Revoked at %1" msgstr "" #: ../widgets/CertDetail.cpp:144 msgctxt "CertDetail|" msgid "Not valid" msgstr "" #: ../widgets/CertDetail.cpp:148 msgctxt "CertDetail|" msgid "Valid" msgstr "" #: ../widgets/CertDetail.cpp:167 msgctxt "CertDetail|" msgid "Details of the certificate signing request" msgstr "" #: ../ui/CertExtend.ui:30 msgctxt "CertExtend|" msgid "Certificate renewal" msgstr "" #: ../ui/CertExtend.ui:74 msgctxt "CertExtend|" msgid "" "This will create a new certificate as a copy of the old one with a new " "serial number and adjusted validity values." msgstr "" #: ../ui/CertExtend.ui:100 msgctxt "CertExtend|" msgid "Validity" msgstr "" #: ../ui/CertExtend.ui:111 msgctxt "CertExtend|" msgid "Not before" msgstr "" #: ../ui/CertExtend.ui:118 msgctxt "CertExtend|" msgid "Not after" msgstr "" #: ../ui/CertExtend.ui:144 msgctxt "CertExtend|" msgid "Time range" msgstr "" #: ../ui/CertExtend.ui:150 msgctxt "CertExtend|" msgid "Local time" msgstr "" #: ../ui/CertExtend.ui:158 msgctxt "CertExtend|" msgid "Days" msgstr "" #: ../ui/CertExtend.ui:163 msgctxt "CertExtend|" msgid "Months" msgstr "" #: ../ui/CertExtend.ui:168 msgctxt "CertExtend|" msgid "Years" msgstr "" #: ../ui/CertExtend.ui:176 msgctxt "CertExtend|" msgid "No well-defined expiration" msgstr "" #: ../ui/CertExtend.ui:183 msgctxt "CertExtend|" msgid "Midnight" msgstr "" #: ../ui/CertExtend.ui:190 msgctxt "CertExtend|" msgid "Apply" msgstr "" #: ../ui/CertExtend.ui:216 msgctxt "CertExtend|" msgid "Revoke old certificate" msgstr "" #: ../ui/CertExtend.ui:226 msgctxt "CertExtend|" msgid "Keep serial number" msgstr "" #: ../widgets/CertExtend.cpp:43 msgctxt "CertExtend|" msgid "" "The certificate will be earlier valid than the signer. This is probably not " "what you want." msgstr "" #: ../widgets/CertExtend.cpp:45 ../widgets/CertExtend.cpp:67 msgctxt "CertExtend|" msgid "Edit dates" msgstr "" #: ../widgets/CertExtend.cpp:46 ../widgets/CertExtend.cpp:68 msgctxt "CertExtend|" msgid "Abort rollout" msgstr "" #: ../widgets/CertExtend.cpp:47 ../widgets/CertExtend.cpp:69 msgctxt "CertExtend|" msgid "Continue rollout" msgstr "" #: ../widgets/CertExtend.cpp:48 ../widgets/CertExtend.cpp:70 msgctxt "CertExtend|" msgid "Adjust date and continue" msgstr "" #: ../widgets/CertExtend.cpp:65 msgctxt "CertExtend|" msgid "" "The certificate will be longer valid than the signer. This is probably not " "what you want." msgstr "" #: ../widgets/CertTreeView.cpp:25 msgctxt "CertTreeView|" msgid "Import PKCS#12" msgstr "" #: ../widgets/CertTreeView.cpp:26 msgctxt "CertTreeView|" msgid "Import from PKCS#7" msgstr "" #: ../widgets/CertTreeView.cpp:54 msgctxt "CertTreeView|" msgid "Request" msgstr "" #: ../widgets/CertTreeView.cpp:56 msgctxt "CertTreeView|" msgid "Security token" msgstr "" #: ../widgets/CertTreeView.cpp:58 msgctxt "CertTreeView|" msgid "Other token" msgstr "" #: ../widgets/CertTreeView.cpp:62 msgctxt "CertTreeView|" msgid "Similar Certificate" msgstr "" #: ../widgets/CertTreeView.cpp:65 msgctxt "CertTreeView|" msgid "Delete from Security token" msgstr "" #: ../widgets/CertTreeView.cpp:68 msgctxt "CertTreeView|" msgid "CA" msgstr "" #: ../widgets/CertTreeView.cpp:69 msgctxt "CertTreeView|" msgid "Properties" msgstr "" #: ../widgets/CertTreeView.cpp:70 msgctxt "CertTreeView|" msgid "Generate CRL" msgstr "" #: ../widgets/CertTreeView.cpp:71 msgctxt "CertTreeView|" msgid "Manage revocations" msgstr "" #: ../widgets/CertTreeView.cpp:76 ../widgets/CertTreeView.cpp:79 msgctxt "CertTreeView|" msgid "Renewal" msgstr "" #: ../widgets/CertTreeView.cpp:81 msgctxt "CertTreeView|" msgid "Revoke" msgstr "" #: ../widgets/CertTreeView.cpp:83 msgctxt "CertTreeView|" msgid "Unrevoke" msgstr "" #: ../widgets/clicklabel.cpp:37 msgctxt "ClickLabel|" msgid "Double click for details" msgstr "" #: ../ui/CrlDetail.ui:30 msgctxt "CrlDetail|" msgid "Details of the Revocation list" msgstr "" #: ../ui/CrlDetail.ui:78 msgctxt "CrlDetail|" msgid "&Status" msgstr "" #: ../ui/CrlDetail.ui:126 msgctxt "CrlDetail|" msgid "Version" msgstr "" #: ../ui/CrlDetail.ui:145 msgctxt "CrlDetail|" msgid "Signature" msgstr "" #: ../ui/CrlDetail.ui:152 msgctxt "CrlDetail|" msgid "Signed by" msgstr "" #: ../ui/CrlDetail.ui:159 msgctxt "CrlDetail|" msgid "Name" msgstr "" #: ../ui/CrlDetail.ui:166 msgctxt "CrlDetail|" msgid "The internal name of the CRL in the database" msgstr "" #: ../ui/CrlDetail.ui:179 msgctxt "CrlDetail|" msgid "issuing dates" msgstr "" #: ../ui/CrlDetail.ui:188 msgctxt "CrlDetail|" msgid "Next update" msgstr "" #: ../ui/CrlDetail.ui:195 msgctxt "CrlDetail|" msgid "Last update" msgstr "" #: ../ui/CrlDetail.ui:228 msgctxt "CrlDetail|" msgid "&Issuer" msgstr "" #: ../ui/CrlDetail.ui:241 msgctxt "CrlDetail|" msgid "&Extensions" msgstr "" #: ../ui/CrlDetail.ui:261 msgctxt "CrlDetail|" msgid "&Revocation list" msgstr "" #: ../ui/CrlDetail.ui:286 msgctxt "CrlDetail|" msgid "Comment" msgstr "" #: ../widgets/CrlDetail.cpp:47 msgctxt "CrlDetail|" msgid "Failed" msgstr "" #: ../widgets/CrlDetail.cpp:52 msgctxt "CrlDetail|" msgid "Unknown signer" msgstr "" #: ../widgets/CrlDetail.cpp:55 msgctxt "CrlDetail|" msgid "Verification not possible" msgstr "" #: ../ui/ExportDialog.ui:76 msgctxt "ExportDialog|" msgid "Name" msgstr "" #: ../ui/ExportDialog.ui:83 msgctxt "ExportDialog|" msgid "The internal name of the CRL in the database" msgstr "" #: ../ui/ExportDialog.ui:113 msgctxt "ExportDialog|" msgid "..." msgstr "" #: ../ui/ExportDialog.ui:126 msgctxt "ExportDialog|" msgid "Filename" msgstr "" #: ../ui/ExportDialog.ui:191 msgctxt "ExportDialog|" msgid "Export comment into PEM file" msgstr "" #: ../ui/ExportDialog.ui:213 msgctxt "ExportDialog|" msgid "Export Format" msgstr "" #: ../widgets/ExportDialog.cpp:37 msgctxt "ExportDialog|" msgid "All files ( * )" msgstr "" #: ../widgets/ExportDialog.cpp:52 msgctxt "ExportDialog|" msgid "PEM Text format with headers" msgstr "" #: ../widgets/ExportDialog.cpp:54 msgctxt "ExportDialog|" msgid "Concatenated list of all selected items in one PEM text file" msgstr "" #: ../widgets/ExportDialog.cpp:55 msgctxt "ExportDialog|" msgid "" "Concatenated text format of the complete certificate chain in one PEM file" msgstr "" #: ../widgets/ExportDialog.cpp:59 msgctxt "ExportDialog|" msgid "Concatenated text format of all certificates in one PEM file" msgstr "" #: ../widgets/ExportDialog.cpp:60 msgctxt "ExportDialog|" msgid "Binary DER encoded file" msgstr "" #: ../widgets/ExportDialog.cpp:61 msgctxt "ExportDialog|" msgid "PKCS#7 encoded single certificate" msgstr "" #: ../widgets/ExportDialog.cpp:63 msgctxt "ExportDialog|" msgid "PKCS#7 encoded complete certificate chain" msgstr "" #: ../widgets/ExportDialog.cpp:57 msgctxt "ExportDialog|" msgid "Concatenated text format of all unrevoked certificates in one PEM file" msgstr "" #: ../widgets/ExportDialog.cpp:65 msgctxt "ExportDialog|" msgid "All unrevoked certificates encoded in one PKCS#7 file" msgstr "" #: ../widgets/ExportDialog.cpp:67 msgctxt "ExportDialog|" msgid "All selected certificates encoded in one PKCS#7 file" msgstr "" #: ../widgets/ExportDialog.cpp:69 msgctxt "ExportDialog|" msgid "All certificates encoded in one PKCS#7 file" msgstr "" #: ../widgets/ExportDialog.cpp:71 msgctxt "ExportDialog|" msgid "The certificate and the private key as encrypted PKCS#12 file" msgstr "" #: ../widgets/ExportDialog.cpp:72 msgctxt "ExportDialog|" msgid "" "The complete certificate chain and the private key as encrypted PKCS#12 file" msgstr "" #: ../widgets/ExportDialog.cpp:73 msgctxt "ExportDialog|" msgid "" "Concatenation of the certificate and the unencrypted private key in one PEM " "file" msgstr "" #: ../widgets/ExportDialog.cpp:74 msgctxt "ExportDialog|" msgid "" "Concatenation of the certificate and the encrypted private key in PKCS#8 " "format in one file" msgstr "" #: ../widgets/ExportDialog.cpp:75 msgctxt "ExportDialog|" msgid "Text format of the public key in one PEM file" msgstr "" #: ../widgets/ExportDialog.cpp:76 msgctxt "ExportDialog|" msgid "Binary DER format of the public key" msgstr "" #: ../widgets/ExportDialog.cpp:78 msgctxt "ExportDialog|" msgid "Unencrypted private key in text format" msgstr "" #: ../widgets/ExportDialog.cpp:80 msgctxt "ExportDialog|" msgid "OpenSSL specific encrypted private key in text format" msgstr "" #: ../widgets/ExportDialog.cpp:82 msgctxt "ExportDialog|" msgid "Unencrypted private key in binary DER format" msgstr "" #: ../widgets/ExportDialog.cpp:84 msgctxt "ExportDialog|" msgid "Unencrypted private key in PKCS#8 text format" msgstr "" #: ../widgets/ExportDialog.cpp:86 msgctxt "ExportDialog|" msgid "Encrypted private key in PKCS#8 text format" msgstr "" #: ../widgets/ExportDialog.cpp:87 msgctxt "ExportDialog|" msgid "The public key encoded in SSH2 format" msgstr "" #: ../widgets/ExportDialog.cpp:88 msgctxt "ExportDialog|" msgid "" "OpenSSL specific Certificate Index file as created by the 'ca' command and " "required by the OCSP tool" msgstr "" #: ../widgets/ExportDialog.cpp:89 msgctxt "ExportDialog|" msgid "vCalendar expiry reminder for the selected items" msgstr "" #: ../widgets/ExportDialog.cpp:90 msgctxt "ExportDialog|" msgid "" "vCalendar expiry reminder containing all issued, valid certificates, the CA " "itself and the latest CRL" msgstr "" #: ../widgets/ExportDialog.cpp:129 #, qt-format msgctxt "ExportDialog|" msgid "The file: '%1' already exists!" msgstr "" #: ../widgets/ExportDialog.cpp:131 msgctxt "ExportDialog|" msgid "Overwrite" msgstr "" #: ../widgets/ExportDialog.cpp:133 msgctxt "ExportDialog|" msgid "Do not overwrite" msgstr "" #: ../ui/Help.ui:36 msgctxt "Help|" msgid "<<" msgstr "" #: ../ui/Help.ui:46 msgctxt "Help|" msgid ">>" msgstr "" #: ../ui/Help.ui:72 msgctxt "Help|" msgid "&Done" msgstr "" #: ../ui/ImportMulti.ui:36 msgctxt "ImportMulti|" msgid "Import PKI Items" msgstr "" #: ../ui/ImportMulti.ui:94 msgctxt "ImportMulti|" msgid "Import &All" msgstr "" #: ../ui/ImportMulti.ui:101 msgctxt "ImportMulti|" msgid "&Import" msgstr "" #: ../ui/ImportMulti.ui:108 msgctxt "ImportMulti|" msgid "&Done" msgstr "" #: ../ui/ImportMulti.ui:115 msgctxt "ImportMulti|" msgid "&Remove from list" msgstr "" #: ../ui/ImportMulti.ui:122 msgctxt "ImportMulti|" msgid "Details" msgstr "" #: ../ui/ImportMulti.ui:129 msgctxt "ImportMulti|" msgid "Delete from token" msgstr "" #: ../ui/ImportMulti.ui:136 msgctxt "ImportMulti|" msgid "Rename on token" msgstr "" #: ../widgets/ImportMulti.cpp:62 #, qt-format msgctxt "ImportMulti|" msgid "" "\n" "Name: %1\n" "Model: %2\n" "Serial: %3" msgstr "" #: ../widgets/ImportMulti.cpp:67 msgctxt "ImportMulti|" msgid "Manage security token" msgstr "" #: ../widgets/ImportMulti.cpp:338 #, qt-format msgctxt "ImportMulti|" msgid "Details of the item '%1' cannot be shown" msgstr "" #: ../widgets/ImportMulti.cpp:125 ../widgets/ImportMulti.cpp:280 #: ../widgets/ImportMulti.cpp:341 #, qt-format msgctxt "ImportMulti|" msgid "The type of the item '%1' is not recognized" msgstr "" #: ../widgets/ImportMulti.cpp:369 #, qt-format msgctxt "ImportMulti|" msgid "The file '%1' did not contain PKI data" msgstr "" #: ../widgets/ImportMulti.cpp:372 #, qt-format msgctxt "ImportMulti|" msgid "The %1 files: '%2' did not contain PKI data" msgstr "" #: ../ui/ItemProperties.ui:22 msgctxt "ItemProperties|" msgid "Name" msgstr "" #: ../ui/ItemProperties.ui:32 msgctxt "ItemProperties|" msgid "Source" msgstr "" #: ../ui/ItemProperties.ui:39 msgctxt "ItemProperties|" msgid "Insertion date" msgstr "" #: ../ui/ItemProperties.ui:54 msgctxt "ItemProperties|" msgid "Comment" msgstr "" #: ../ui/KeyDetail.ui:82 msgctxt "KeyDetail|" msgid "Name" msgstr "" #: ../ui/KeyDetail.ui:89 msgctxt "KeyDetail|" msgid "The internal name of the key used by xca" msgstr "" #: ../widgets/KeyDetail.cpp:96 msgctxt "KeyDetail|" msgid "Security token" msgstr "" #: ../ui/KeyDetail.ui:286 msgctxt "KeyDetail|" msgid "Manufacturer" msgstr "" #: ../ui/KeyDetail.ui:296 msgctxt "KeyDetail|" msgid "Serial" msgstr "" #: ../ui/KeyDetail.ui:102 ../ui/KeyDetail.ui:182 msgctxt "KeyDetail|" msgid "Key" msgstr "" #: ../ui/KeyDetail.ui:110 msgctxt "KeyDetail|" msgid "Public Exponent" msgstr "" #: ../ui/KeyDetail.ui:136 msgctxt "KeyDetail|" msgid "Keysize" msgstr "" #: ../ui/KeyDetail.ui:163 msgctxt "KeyDetail|" msgid "Private Exponent" msgstr "" #: ../ui/KeyDetail.ui:214 msgctxt "KeyDetail|" msgid "Security Token" msgstr "" #: ../ui/KeyDetail.ui:235 ../ui/KeyDetail.ui:306 msgctxt "KeyDetail|" msgid "Label" msgstr "" #: ../ui/KeyDetail.ui:245 msgctxt "KeyDetail|" msgid "PKCS#11 ID" msgstr "" #: ../ui/KeyDetail.ui:270 msgctxt "KeyDetail|" msgid "Token information" msgstr "" #: ../ui/KeyDetail.ui:276 msgctxt "KeyDetail|" msgid "Model" msgstr "" #: ../ui/KeyDetail.ui:324 msgctxt "KeyDetail|" msgid "Fingerprint" msgstr "" #: ../ui/KeyDetail.ui:329 msgctxt "KeyDetail|" msgid "Comment" msgstr "" #: ../widgets/KeyDetail.cpp:79 #, qt-format msgctxt "KeyDetail|" msgid "Details of the %1 key" msgstr "" #: ../widgets/KeyDetail.cpp:85 msgctxt "KeyDetail|" msgid "Not available" msgstr "" #: ../widgets/KeyDetail.cpp:98 msgctxt "KeyDetail|" msgid "Available" msgstr "" #: ../widgets/KeyDetail.cpp:107 msgctxt "KeyDetail|" msgid "Sub prime" msgstr "" #: ../widgets/KeyDetail.cpp:108 ../widgets/KeyDetail.cpp:117 msgctxt "KeyDetail|" msgid "Public key" msgstr "" #: ../widgets/KeyDetail.cpp:109 ../widgets/KeyDetail.cpp:118 msgctxt "KeyDetail|" msgid "Private key" msgstr "" #: ../widgets/KeyDetail.cpp:119 msgctxt "KeyDetail|" msgid "Curve name" msgstr "" #: ../widgets/KeyDetail.cpp:129 msgctxt "KeyDetail|" msgid "Unknown key" msgstr "" #: ../widgets/KeyTreeView.cpp:28 msgctxt "KeyTreeView|" msgid "Change password" msgstr "" #: ../widgets/KeyTreeView.cpp:32 msgctxt "KeyTreeView|" msgid "Reset password" msgstr "" #: ../widgets/KeyTreeView.cpp:44 msgctxt "KeyTreeView|" msgid "Change PIN" msgstr "" #: ../widgets/KeyTreeView.cpp:46 msgctxt "KeyTreeView|" msgid "Init PIN with SO PIN (PUK)" msgstr "" #: ../widgets/KeyTreeView.cpp:48 msgctxt "KeyTreeView|" msgid "Change SO PIN (PUK)" msgstr "" #: ../widgets/KeyTreeView.cpp:51 msgctxt "KeyTreeView|" msgid "Security token" msgstr "" #: ../widgets/KeyTreeView.cpp:84 ../widgets/KeyTreeView.cpp:102 #: ../widgets/KeyTreeView.cpp:120 msgctxt "KeyTreeView|" msgid "This is not a token" msgstr "" #: ../widgets/KeyTreeView.cpp:149 #, qt-format msgctxt "KeyTreeView|" msgid "" "Shall the original key '%1' be replaced by the key on the token?\n" "This will delete the key '%1' and make it unexportable" msgstr "" #: ../ui/MainWindow.ui:22 msgctxt "MainWindow|" msgid "Private Keys" msgstr "" #: ../ui/MainWindow.ui:49 msgctxt "MainWindow|" msgid "&New Key" msgstr "" #: ../ui/MainWindow.ui:56 ../ui/MainWindow.ui:161 ../ui/MainWindow.ui:253 #: ../ui/MainWindow.ui:391 ../ui/MainWindow.ui:456 msgctxt "MainWindow|" msgid "&Export" msgstr "" #: ../ui/MainWindow.ui:63 ../ui/MainWindow.ui:168 ../ui/MainWindow.ui:260 #: ../ui/MainWindow.ui:384 ../ui/MainWindow.ui:463 msgctxt "MainWindow|" msgid "&Import" msgstr "" #: ../ui/MainWindow.ui:70 msgctxt "MainWindow|" msgid "Import PFX (PKCS#12)" msgstr "" #: ../ui/MainWindow.ui:77 ../ui/MainWindow.ui:175 ../ui/MainWindow.ui:267 #: ../ui/MainWindow.ui:470 msgctxt "MainWindow|" msgid "&Show Details" msgstr "" #: ../ui/MainWindow.ui:84 ../ui/MainWindow.ui:182 ../ui/MainWindow.ui:274 #: ../ui/MainWindow.ui:377 ../ui/MainWindow.ui:477 msgctxt "MainWindow|" msgid "&Delete" msgstr "" #: ../ui/MainWindow.ui:124 msgctxt "MainWindow|" msgid "Certificate signing requests" msgstr "" #: ../ui/MainWindow.ui:154 msgctxt "MainWindow|" msgid "&New Request" msgstr "" #: ../ui/MainWindow.ui:222 ../widgets/MW_menu.cpp:128 msgctxt "MainWindow|" msgid "Certificates" msgstr "" #: ../ui/MainWindow.ui:246 msgctxt "MainWindow|" msgid "&New Certificate" msgstr "" #: ../ui/MainWindow.ui:281 msgctxt "MainWindow|" msgid "Import &PKCS#12" msgstr "" #: ../ui/MainWindow.ui:288 msgctxt "MainWindow|" msgid "Import P&KCS#7" msgstr "" #: ../ui/MainWindow.ui:295 msgctxt "MainWindow|" msgid "Plain View" msgstr "" #: ../ui/MainWindow.ui:335 msgctxt "MainWindow|" msgid "Templates" msgstr "" #: ../ui/MainWindow.ui:363 msgctxt "MainWindow|" msgid "&New Template" msgstr "" #: ../ui/MainWindow.ui:449 msgctxt "MainWindow|" msgid "&New CRL" msgstr "" #: ../ui/MainWindow.ui:370 msgctxt "MainWindow|" msgid "Ch&ange Template" msgstr "" #: ../ui/MainWindow.ui:431 msgctxt "MainWindow|" msgid "Revocation lists" msgstr "" #: ../widgets/MW_database.cpp:322 msgctxt "MainWindow|" msgid "" "Using or exporting private keys will not be possible without providing the " "correct password" msgstr "" #: ../widgets/MW_database.cpp:330 ../widgets/MainWindow.cpp:928 msgctxt "MainWindow|" msgid "Database" msgstr "" #: ../widgets/MW_database.cpp:327 #, qt-format msgctxt "MainWindow|" msgid "" "The currently used default hash '%1' is insecure. Please select at least " "'SHA 224' for security reasons." msgstr "" #: ../widgets/MW_database.cpp:246 #, qt-format msgctxt "MainWindow|" msgid "" "Legacy database format detected. Creating a backup copy called: '%1' and " "converting the database to the new format" msgstr "" #: ../widgets/MW_database.cpp:252 msgctxt "MainWindow|" msgid "Failed to rename the database file, because the target already exists" msgstr "" #: ../widgets/MW_database.cpp:430 msgctxt "MainWindow|" msgid "No deleted items found" msgstr "" #: ../widgets/MW_menu.cpp:79 msgctxt "MainWindow|" msgid "Recent DataBases" msgstr "" #: ../widgets/MW_help.cpp:25 ../widgets/MW_menu.cpp:35 msgctxt "MainWindow|" msgid "System" msgstr "" #: ../widgets/MW_help.cpp:28 msgctxt "MainWindow|" msgid "Croatian" msgstr "" #: ../widgets/MW_help.cpp:32 msgctxt "MainWindow|" msgid "English" msgstr "" #: ../widgets/MW_help.cpp:33 msgctxt "MainWindow|" msgid "French" msgstr "" #: ../widgets/MW_help.cpp:35 msgctxt "MainWindow|" msgid "German" msgstr "" #: ../widgets/MW_help.cpp:43 msgctxt "MainWindow|" msgid "Russian" msgstr "" #: ../widgets/MW_help.cpp:44 msgctxt "MainWindow|" msgid "Slovak" msgstr "" #: ../widgets/MW_help.cpp:46 msgctxt "MainWindow|" msgid "Spanish" msgstr "" #: ../widgets/MW_help.cpp:39 msgctxt "MainWindow|" msgid "Polish" msgstr "" #: ../widgets/MW_help.cpp:37 msgctxt "MainWindow|" msgid "Italian" msgstr "" #: ../widgets/MW_help.cpp:26 msgctxt "MainWindow|" msgid "Chinese" msgstr "" #: ../widgets/MW_help.cpp:30 msgctxt "MainWindow|" msgid "Dutch" msgstr "" #: ../widgets/MW_help.cpp:41 msgctxt "MainWindow|" msgid "Portuguese in Brazil" msgstr "" #: ../widgets/MW_help.cpp:48 msgctxt "MainWindow|" msgid "Turkish" msgstr "" #: ../widgets/MW_menu.cpp:83 msgctxt "MainWindow|" msgid "Language" msgstr "" #: ../widgets/MW_menu.cpp:92 msgctxt "MainWindow|" msgid "&File" msgstr "" #: ../widgets/MW_menu.cpp:99 msgctxt "MainWindow|" msgid "Open Remote DataBase" msgstr "" #: ../widgets/MW_menu.cpp:104 msgctxt "MainWindow|" msgid "Set as default DataBase" msgstr "" #: ../widgets/MW_menu.cpp:93 msgctxt "MainWindow|" msgid "New DataBase" msgstr "" #: ../widgets/MW_menu.cpp:96 msgctxt "MainWindow|" msgid "Open DataBase" msgstr "" #: ../widgets/MW_menu.cpp:107 msgctxt "MainWindow|" msgid "Close DataBase" msgstr "" #: ../widgets/MW_menu.cpp:110 msgctxt "MainWindow|" msgid "Options" msgstr "" #: ../widgets/MW_menu.cpp:118 msgctxt "MainWindow|" msgid "Exit" msgstr "" #: ../widgets/MW_menu.cpp:125 msgctxt "MainWindow|" msgid "I&mport" msgstr "" #: ../widgets/MW_menu.cpp:126 msgctxt "MainWindow|" msgid "Keys" msgstr "" #: ../widgets/MW_menu.cpp:127 msgctxt "MainWindow|" msgid "Requests" msgstr "" #: ../widgets/MW_menu.cpp:129 msgctxt "MainWindow|" msgid "PKCS#12" msgstr "" #: ../widgets/MW_menu.cpp:130 msgctxt "MainWindow|" msgid "PKCS#7" msgstr "" #: ../widgets/MW_menu.cpp:131 msgctxt "MainWindow|" msgid "Template" msgstr "" #: ../widgets/MW_menu.cpp:132 msgctxt "MainWindow|" msgid "Revocation list" msgstr "" #: ../widgets/MW_menu.cpp:133 msgctxt "MainWindow|" msgid "PEM file" msgstr "" #: ../widgets/MW_menu.cpp:134 msgctxt "MainWindow|" msgid "Paste PEM file" msgstr "" #: ../widgets/MW_menu.cpp:137 msgctxt "MainWindow|" msgid "Token" msgstr "" #: ../widgets/MW_menu.cpp:154 msgctxt "MainWindow|" msgid "Export Certificate &Index hierarchy" msgstr "" #: ../widgets/MW_menu.cpp:167 msgctxt "MainWindow|" msgid "Content" msgstr "" #: ../widgets/MW_menu.cpp:138 msgctxt "MainWindow|" msgid "&Manage Security token" msgstr "" #: ../widgets/MW_menu.cpp:140 msgctxt "MainWindow|" msgid "&Init Security token" msgstr "" #: ../widgets/MW_menu.cpp:142 msgctxt "MainWindow|" msgid "&Change PIN" msgstr "" #: ../widgets/MW_menu.cpp:144 msgctxt "MainWindow|" msgid "Change &SO PIN" msgstr "" #: ../widgets/MW_menu.cpp:146 msgctxt "MainWindow|" msgid "Init PIN" msgstr "" #: ../widgets/MW_menu.cpp:149 msgctxt "MainWindow|" msgid "Extra" msgstr "" #: ../widgets/MW_menu.cpp:150 msgctxt "MainWindow|" msgid "&Dump DataBase" msgstr "" #: ../widgets/MW_menu.cpp:152 msgctxt "MainWindow|" msgid "&Export Certificate Index" msgstr "" #: ../widgets/MW_menu.cpp:156 msgctxt "MainWindow|" msgid "C&hange DataBase password" msgstr "" #: ../widgets/MW_menu.cpp:159 msgctxt "MainWindow|" msgid "&Undelete items" msgstr "" #: ../widgets/MW_menu.cpp:162 msgctxt "MainWindow|" msgid "Generate DH parameter" msgstr "" #: ../widgets/MW_menu.cpp:164 msgctxt "MainWindow|" msgid "OID Resolver" msgstr "" #: ../widgets/MW_menu.cpp:166 msgctxt "MainWindow|" msgid "&Help" msgstr "" #: ../widgets/MW_menu.cpp:169 msgctxt "MainWindow|" msgid "About" msgstr "" #: ../widgets/MainWindow.cpp:332 #, qt-format msgctxt "MainWindow|" msgid "no such option: %1" msgstr "" #: ../widgets/MainWindow.cpp:422 msgctxt "MainWindow|" msgid "Import PEM data" msgstr "" #: ../widgets/MainWindow.cpp:451 #, qt-format msgctxt "MainWindow|" msgid "Please enter the original SO PIN (PUK) of the token '%1'" msgstr "" #: ../widgets/MainWindow.cpp:149 ../widgets/MainWindow.cpp:929 msgctxt "MainWindow|" msgid "Search" msgstr "" #: ../widgets/MainWindow.cpp:457 #, qt-format msgctxt "MainWindow|" msgid "Please enter the new SO PIN (PUK) for the token '%1'" msgstr "" #: ../widgets/MainWindow.cpp:464 #, qt-format msgctxt "MainWindow|" msgid "The new label of the token '%1'" msgstr "" #: ../widgets/MainWindow.cpp:572 #, qt-format msgctxt "MainWindow|" msgid "The token '%1' did not contain any keys or certificates" msgstr "" #: ../widgets/MainWindow.cpp:634 msgctxt "MainWindow|" msgid "Current Password" msgstr "" #: ../widgets/MainWindow.cpp:635 msgctxt "MainWindow|" msgid "Please enter the current database password" msgstr "" #: ../widgets/MainWindow.cpp:645 msgctxt "MainWindow|" msgid "The entered password is wrong" msgstr "" #: ../widgets/MainWindow.cpp:650 ../widgets/MainWindow.cpp:728 msgctxt "MainWindow|" msgid "New Password" msgstr "" #: ../widgets/MainWindow.cpp:650 msgctxt "MainWindow|" msgid "" "Please enter the new password to encrypt your private keys in the " "database-file" msgstr "" #: ../widgets/MainWindow.cpp:674 msgctxt "MainWindow|" msgid "Transaction start failed" msgstr "" #: ../widgets/MainWindow.cpp:728 #, qt-format msgctxt "MainWindow|" msgid "" "Please enter a password, that will be used to encrypt your private keys in " "the database:\n" "%1" msgstr "" #: ../widgets/MainWindow.cpp:749 msgctxt "MainWindow|" msgid "Password verify error, please try again" msgstr "" #: ../widgets/MainWindow.cpp:750 msgctxt "MainWindow|" msgid "Password" msgstr "" #: ../widgets/MainWindow.cpp:751 #, qt-format msgctxt "MainWindow|" msgid "" "Please enter the password for unlocking the database:\n" "%1" msgstr "" #: ../widgets/MainWindow.cpp:770 msgctxt "MainWindow|" msgid "The following error occurred:" msgstr "" #: ../widgets/MainWindow.cpp:772 msgctxt "MainWindow|" msgid "Copy to Clipboard" msgstr "" #: ../widgets/MainWindow.cpp:841 msgctxt "MainWindow|" msgid "Certificate Index ( index.txt )" msgstr "" #: ../widgets/MainWindow.cpp:842 ../widgets/MainWindow.cpp:902 msgctxt "MainWindow|" msgid "All files ( * )" msgstr "" #: ../widgets/MainWindow.cpp:871 #, qt-format msgctxt "MainWindow|" msgid "Diffie-Hellman parameters saved as: %1" msgstr "" #: ../widgets/MainWindow.cpp:887 msgctxt "MainWindow|" msgid "" "Diffie-Hellman parameters are needed for different applications, but not " "handled by XCA.\n" "Please enter the DH parameter bits" msgstr "" #: ../ui/NewCrl.ui:32 msgctxt "NewCrl|" msgid "Last update" msgstr "" #: ../ui/NewCrl.ui:46 msgctxt "NewCrl|" msgid "Next update" msgstr "" #: ../ui/NewCrl.ui:70 msgctxt "NewCrl|" msgid "Days" msgstr "" #: ../ui/NewCrl.ui:75 msgctxt "NewCrl|" msgid "Months" msgstr "" #: ../ui/NewCrl.ui:80 msgctxt "NewCrl|" msgid "Years" msgstr "" #: ../ui/NewCrl.ui:88 msgctxt "NewCrl|" msgid "Midnight" msgstr "" #: ../ui/NewCrl.ui:95 msgctxt "NewCrl|" msgid "Local time" msgstr "" #: ../ui/NewCrl.ui:102 msgctxt "NewCrl|" msgid "Apply" msgstr "" #: ../ui/NewCrl.ui:128 msgctxt "NewCrl|" msgid "Options" msgstr "" #: ../ui/NewCrl.ui:172 msgctxt "NewCrl|" msgid "CRL number" msgstr "" #: ../ui/NewCrl.ui:144 msgctxt "NewCrl|" msgid "Subject alternative name" msgstr "" #: ../ui/NewCrl.ui:199 msgctxt "NewCrl|" msgid "Revocation reasons" msgstr "" #: ../ui/NewCrl.ui:158 msgctxt "NewCrl|" msgid "Authority key identifier" msgstr "" #: ../ui/NewCrl.ui:134 msgctxt "NewCrl|" msgid "Hash algorithm" msgstr "" #: ../ui/NewKey.ui:86 msgctxt "NewKey|" msgid "Please give a name to the new key and select the desired keysize" msgstr "" #: ../ui/NewKey.ui:96 msgctxt "NewKey|" msgid "Key properties" msgstr "" #: ../ui/NewKey.ui:102 msgctxt "NewKey|" msgid "Name" msgstr "" #: ../ui/NewKey.ui:121 msgctxt "NewKey|" msgid "The internal name of the new key" msgstr "" #: ../ui/NewKey.ui:151 msgctxt "NewKey|" msgid "Curve name" msgstr "" #: ../ui/NewKey.ui:171 msgctxt "NewKey|" msgid "Usually at least 2048 bit keys are recommended" msgstr "" #: ../ui/NewKey.ui:39 ../ui/NewKey.ui:124 msgctxt "NewKey|" msgid "New Key" msgstr "" #: ../ui/NewKey.ui:158 msgctxt "NewKey|" msgid "Keysize" msgstr "" #: ../ui/NewKey.ui:178 msgctxt "NewKey|" msgid "Keytype" msgstr "" #: ../ui/NewKey.ui:188 msgctxt "NewKey|" msgid "Remember as default" msgstr "" #: ../widgets/NewKey.cpp:181 msgctxt "NewKey|" msgid "Create" msgstr "" #: ../ui/NewX509.ui:75 msgctxt "NewX509|" msgid "Source" msgstr "" #: ../ui/NewX509.ui:97 msgctxt "NewX509|" msgid "Signing request" msgstr "" #: ../ui/NewX509.ui:112 msgctxt "NewX509|" msgid "Show request" msgstr "" #: ../ui/NewX509.ui:119 msgctxt "NewX509|" msgid "Sign this Certificate signing &request" msgstr "" #: ../ui/NewX509.ui:126 msgctxt "NewX509|" msgid "Copy extensions from the request" msgstr "" #: ../ui/NewX509.ui:136 msgctxt "NewX509|" msgid "Modify subject of the request" msgstr "" #: ../ui/NewX509.ui:169 msgctxt "NewX509|" msgid "Signing" msgstr "" #: ../ui/NewX509.ui:177 msgctxt "NewX509|" msgid "Create a &self signed certificate" msgstr "" #: ../ui/NewX509.ui:191 msgctxt "NewX509|" msgid "Use &this Certificate for signing" msgstr "" #: ../ui/NewX509.ui:198 msgctxt "NewX509|" msgid "All certificates in your database that can create valid signatures" msgstr "" #: ../ui/NewX509.ui:225 msgctxt "NewX509|" msgid "Signature algorithm" msgstr "" #: ../ui/NewX509.ui:253 msgctxt "NewX509|" msgid "Template for the new certificate" msgstr "" #: ../ui/NewX509.ui:265 msgctxt "NewX509|" msgid "All available templates" msgstr "" #: ../ui/NewX509.ui:287 msgctxt "NewX509|" msgid "Apply extensions" msgstr "" #: ../ui/NewX509.ui:294 msgctxt "NewX509|" msgid "Apply subject" msgstr "" #: ../ui/NewX509.ui:307 msgctxt "NewX509|" msgid "Apply all" msgstr "" #: ../ui/NewX509.ui:336 ../widgets/NewX509.cpp:590 msgctxt "NewX509|" msgid "Subject" msgstr "" #: ../ui/NewX509.ui:344 msgctxt "NewX509|" msgid "Internal Name" msgstr "" #: ../ui/NewX509.ui:360 msgctxt "NewX509|" msgid "Distinguished name" msgstr "" #: ../ui/NewX509.ui:386 msgctxt "NewX509|" msgid "Add" msgstr "" #: ../ui/NewX509.ui:393 msgctxt "NewX509|" msgid "Delete" msgstr "" #: ../ui/NewX509.ui:430 msgctxt "NewX509|" msgid "Private key" msgstr "" #: ../ui/NewX509.ui:442 msgctxt "NewX509|" msgid "This list only contains unused keys" msgstr "" #: ../ui/NewX509.ui:449 msgctxt "NewX509|" msgid "Used keys too" msgstr "" #: ../ui/NewX509.ui:456 msgctxt "NewX509|" msgid "&Generate a new key" msgstr "" #: ../ui/NewX509.ui:467 msgctxt "NewX509|" msgid "Extensions" msgstr "" #: ../ui/NewX509.ui:478 msgctxt "NewX509|" msgid "Type" msgstr "" #: ../ui/NewX509.ui:485 msgctxt "NewX509|" msgid "If this will become a CA certificate or not" msgstr "" #: ../ui/NewX509.ui:489 msgctxt "NewX509|" msgid "Not defined" msgstr "" #: ../ui/NewX509.ui:494 msgctxt "NewX509|" msgid "Certification Authority" msgstr "" #: ../ui/NewX509.ui:499 msgctxt "NewX509|" msgid "End Entity" msgstr "" #: ../ui/NewX509.ui:507 msgctxt "NewX509|" msgid "Path length" msgstr "" #: ../ui/NewX509.ui:514 msgctxt "NewX509|" msgid "How much CAs may be below this." msgstr "" #: ../ui/NewX509.ui:521 msgctxt "NewX509|" msgid "The basic constraints should always be critical" msgstr "" #: ../ui/NewX509.ui:534 msgctxt "NewX509|" msgid "Key identifier" msgstr "" #: ../ui/NewX509.ui:546 msgctxt "NewX509|" msgid "Creates a hash of the key following the PKIX guidelines" msgstr "" #: ../ui/NewX509.ui:556 msgctxt "NewX509|" msgid "Copy the Subject Key Identifier from the issuer" msgstr "" #: ../ui/NewX509.ui:593 msgctxt "NewX509|" msgid "Validity" msgstr "" #: ../ui/NewX509.ui:599 msgctxt "NewX509|" msgid "Not before" msgstr "" #: ../ui/NewX509.ui:613 msgctxt "NewX509|" msgid "Not after" msgstr "" #: ../ui/NewX509.ui:630 msgctxt "NewX509|" msgid "Time range" msgstr "" #: ../ui/NewX509.ui:640 msgctxt "NewX509|" msgid "Days" msgstr "" #: ../ui/NewX509.ui:645 msgctxt "NewX509|" msgid "Months" msgstr "" #: ../ui/NewX509.ui:650 msgctxt "NewX509|" msgid "Years" msgstr "" #: ../ui/NewX509.ui:664 msgctxt "NewX509|" msgid "Apply" msgstr "" #: ../ui/NewX509.ui:671 msgctxt "NewX509|" msgid "Set the time to 00:00:00 and 23:59:59 respectively" msgstr "" #: ../ui/NewX509.ui:674 msgctxt "NewX509|" msgid "Midnight" msgstr "" #: ../ui/NewX509.ui:681 msgctxt "NewX509|" msgid "Local time" msgstr "" #: ../ui/NewX509.ui:688 msgctxt "NewX509|" msgid "No well-defined expiration" msgstr "" #: ../ui/NewX509.ui:738 ../ui/NewX509.ui:755 ../ui/NewX509.ui:827 msgctxt "NewX509|" msgid "DNS: IP: URI: email: RID:" msgstr "" #: ../ui/NewX509.ui:745 ../ui/NewX509.ui:762 ../ui/NewX509.ui:795 #: ../ui/NewX509.ui:834 ../widgets/NewX509.cpp:972 msgctxt "NewX509|" msgid "Edit" msgstr "" #: ../ui/NewX509.ui:788 msgctxt "NewX509|" msgid "URI:" msgstr "" #: ../ui/NewX509.ui:866 msgctxt "NewX509|" msgid "Key usage" msgstr "" #: ../ui/NewX509.ui:977 msgctxt "NewX509|" msgid "Netscape" msgstr "" #: ../ui/NewX509.ui:1135 msgctxt "NewX509|" msgid "Advanced" msgstr "" #: ../ui/NewX509.ui:1159 ../widgets/NewX509.cpp:982 msgctxt "NewX509|" msgid "Validate" msgstr "" #: ../ui/NewX509.ui:1182 msgctxt "NewX509|" msgid "Comment" msgstr "" #: ../ui/NewX509.ui:351 msgctxt "NewX509|" msgid "" "This name is only used internally and does not appear in the resulting " "certificate" msgstr "" #: ../widgets/NewX509.cpp:253 msgctxt "NewX509|" msgid "Critical" msgstr "" #: ../widgets/NewX509.cpp:291 msgctxt "NewX509|" msgid "Create Certificate signing request" msgstr "" #: ../widgets/NewX509.cpp:318 #, qt-format msgctxt "NewX509|" msgid "minimum size: %1" msgstr "" #: ../widgets/NewX509.cpp:320 #, qt-format msgctxt "NewX509|" msgid "maximum size: %1" msgstr "" #: ../widgets/NewX509.cpp:322 msgctxt "NewX509|" msgid "only a-z A-Z 0-9 '()+,-./:=?" msgstr "" #: ../widgets/NewX509.cpp:326 msgctxt "NewX509|" msgid "only 7-bit clean characters" msgstr "" #: ../widgets/NewX509.cpp:351 msgctxt "NewX509|" msgid "Edit XCA template" msgstr "" #: ../widgets/NewX509.cpp:364 msgctxt "NewX509|" msgid "Create x509 Certificate" msgstr "" #: ../widgets/NewX509.cpp:722 #, qt-format msgctxt "NewX509|" msgid "Template '%1' applied" msgstr "" #: ../widgets/NewX509.cpp:729 #, qt-format msgctxt "NewX509|" msgid "Subject applied from template '%1'" msgstr "" #: ../widgets/NewX509.cpp:737 #, qt-format msgctxt "NewX509|" msgid "Extensions applied from template '%1'" msgstr "" #: ../widgets/NewX509.cpp:752 #, qt-format msgctxt "NewX509|" msgid "New key '%1' created" msgstr "" #: ../widgets/NewX509.cpp:1005 msgctxt "NewX509|" msgid "Other Tabs" msgstr "" #: ../widgets/NewX509.cpp:1019 msgctxt "NewX509|" msgid "Advanced Tab" msgstr "" #: ../widgets/NewX509.cpp:1026 msgctxt "NewX509|" msgid "Errors" msgstr "" #: ../widgets/NewX509.cpp:1044 msgctxt "NewX509|" msgid "From PKCS#10 request" msgstr "" #: ../widgets/NewX509.cpp:1140 ../widgets/NewX509.cpp:1153 #: ../widgets/NewX509.cpp:1172 ../widgets/NewX509.cpp:1184 #: ../widgets/NewX509.cpp:1200 ../widgets/NewX509.cpp:1214 #: ../widgets/NewX509.cpp:1248 ../widgets/NewX509.cpp:1259 #: ../widgets/NewX509.cpp:1282 ../widgets/NewX509.cpp:1305 #: ../widgets/NewX509.cpp:1331 ../widgets/NewX509.cpp:1351 msgctxt "NewX509|" msgid "Abort rollout" msgstr "" #: ../widgets/NewX509.cpp:1149 msgctxt "NewX509|" msgid "The following length restrictions of RFC3280 are violated:" msgstr "" #: ../widgets/NewX509.cpp:1152 ../widgets/NewX509.cpp:1213 msgctxt "NewX509|" msgid "Edit subject" msgstr "" #: ../widgets/NewX509.cpp:1154 ../widgets/NewX509.cpp:1215 #: ../widgets/NewX509.cpp:1260 ../widgets/NewX509.cpp:1283 #: ../widgets/NewX509.cpp:1306 ../widgets/NewX509.cpp:1332 #: ../widgets/NewX509.cpp:1352 msgctxt "NewX509|" msgid "Continue rollout" msgstr "" #: ../widgets/NewX509.cpp:1170 msgctxt "NewX509|" msgid "" "The verification of the Certificate request failed.\n" "The rollout should be aborted." msgstr "" #: ../widgets/NewX509.cpp:1171 msgctxt "NewX509|" msgid "Continue anyway" msgstr "" #: ../widgets/NewX509.cpp:1182 msgctxt "NewX509|" msgid "" "The internal name and the common name are empty.\n" "Please set at least the internal name." msgstr "" #: ../widgets/NewX509.cpp:1183 msgctxt "NewX509|" msgid "Edit name" msgstr "" #: ../widgets/NewX509.cpp:1198 msgctxt "NewX509|" msgid "There is no Key selected for signing." msgstr "" #: ../widgets/NewX509.cpp:1199 msgctxt "NewX509|" msgid "Select key" msgstr "" #: ../widgets/NewX509.cpp:1211 #, qt-format msgctxt "NewX509|" msgid "" "The following distinguished name entries are empty:\n" "%1\n" "though you have declared them as mandatory in the options menu." msgstr "" #: ../widgets/NewX509.cpp:1245 msgctxt "NewX509|" msgid "The key you selected for signing is not a private one." msgstr "" #: ../widgets/NewX509.cpp:1246 msgctxt "NewX509|" msgid "Select other signer" msgstr "" #: ../widgets/NewX509.cpp:1246 msgctxt "NewX509|" msgid "Select other key" msgstr "" #: ../widgets/NewX509.cpp:1256 msgctxt "NewX509|" msgid "" "The certificate will be earlier valid than the signer. This is probably not " "what you want." msgstr "" #: ../widgets/NewX509.cpp:1258 ../widgets/NewX509.cpp:1281 #: ../widgets/NewX509.cpp:1304 msgctxt "NewX509|" msgid "Edit dates" msgstr "" #: ../widgets/NewX509.cpp:1261 ../widgets/NewX509.cpp:1284 msgctxt "NewX509|" msgid "Adjust date and continue" msgstr "" #: ../widgets/NewX509.cpp:1279 msgctxt "NewX509|" msgid "" "The certificate will be longer valid than the signer. This is probably not " "what you want." msgstr "" #: ../widgets/NewX509.cpp:1302 msgctxt "NewX509|" msgid "" "The certificate will be out of date before it becomes valid. You most " "probably mixed up both dates." msgstr "" #: ../widgets/NewX509.cpp:1323 msgctxt "NewX509|" msgid "" "The certificate contains invalid or duplicate extensions. Check the " "validation on the advanced tab." msgstr "" #: ../widgets/NewX509.cpp:1326 msgctxt "NewX509|" msgid "" "The certificate contains no extensions. You may apply the extensions of one " "of the templates to define the purpose of the certificate." msgstr "" #: ../widgets/NewX509.cpp:1330 ../widgets/NewX509.cpp:1350 msgctxt "NewX509|" msgid "Edit extensions" msgstr "" #: ../widgets/NewX509.cpp:1349 msgctxt "NewX509|" msgid "" "The subject alternative name shall contain a copy of the common name. " "However, the common name is empty." msgstr "" #: ../widgets/NewX509_ext.cpp:217 #, qt-format msgctxt "NewX509|" msgid "Configfile error on line %1\n" msgstr "" #: ../ui/OidResolver.ui:28 msgctxt "OidResolver|" msgid "OID Resolver" msgstr "" #: ../ui/OidResolver.ui:38 msgctxt "OidResolver|" msgid "Enter the OID, the Nid, or one of the textual representations" msgstr "" #: ../ui/OidResolver.ui:47 msgctxt "OidResolver|" msgid "Search" msgstr "" #: ../ui/OidResolver.ui:74 msgctxt "OidResolver|" msgid "OID" msgstr "" #: ../ui/OidResolver.ui:119 msgctxt "OidResolver|" msgid "Long name" msgstr "" #: ../ui/OidResolver.ui:145 ../ui/OidResolver.ui:167 msgctxt "OidResolver|" msgid "OpenSSL internal ID" msgstr "" #: ../ui/OidResolver.ui:148 msgctxt "OidResolver|" msgid "Nid" msgstr "" #: ../ui/OidResolver.ui:177 msgctxt "OidResolver|" msgid "Short name" msgstr "" #: ../ui/OpenDb.ui:36 msgctxt "OpenDb|" msgid "Open remote database" msgstr "" #: ../ui/OpenDb.ui:98 msgctxt "OpenDb|" msgid "Database type" msgstr "" #: ../ui/OpenDb.ui:108 msgctxt "OpenDb|" msgid "Hostname" msgstr "" #: ../ui/OpenDb.ui:118 msgctxt "OpenDb|" msgid "Username" msgstr "" #: ../ui/OpenDb.ui:128 msgctxt "OpenDb|" msgid "Password" msgstr "" #: ../ui/OpenDb.ui:142 msgctxt "OpenDb|" msgid "Database name" msgstr "" #: ../ui/OpenDb.ui:152 msgctxt "OpenDb|" msgid "Table prefix" msgstr "" #: ../widgets/OpenDb.cpp:143 msgctxt "OpenDb|" msgid "" "No SqLite3 driver available. Please install the qt-sqlite package of your " "distribution" msgstr "" #: ../widgets/OpenDb.cpp:187 #, qt-format msgctxt "OpenDb|" msgid "" "Please enter the password to access the database server %2 as user '%1'." msgstr "" #: ../widgets/OpenDb.cpp:220 msgctxt "OpenDb|" msgid "" "The database driver does not support transactions. This may happen if the " "client and server have different versions. Continue with care." msgstr "" #: ../ui/Options.ui:28 msgctxt "Options|" msgid "XCA Options" msgstr "" #: ../ui/Options.ui:42 msgctxt "Options|" msgid "Settings" msgstr "" #: ../ui/Options.ui:50 msgctxt "Options|" msgid "Default hash algorithm" msgstr "" #: ../ui/Options.ui:64 msgctxt "Options|" msgid "String types" msgstr "" #: ../ui/Options.ui:76 msgctxt "Options|" msgid "Suppress success messages" msgstr "" #: ../ui/Options.ui:109 msgctxt "Options|" msgid "Don't colorize expired certificates" msgstr "" #: ../ui/Options.ui:90 #, qt-format msgctxt "Options|" msgid "Translate established x509 terms (%1 -> %2)" msgstr "" #: ../ui/Options.ui:97 msgctxt "Options|" msgid "" "The hashing functionality of the token is not used by XCA.\n" "It may however honor a restricted hash-set propagated by the token.\n" "Especially EC and DSA are only defined with SHA1 in the PKCS#11 " "specification." msgstr "" #: ../ui/Options.ui:102 msgctxt "Options|" msgid "Only use hashes supported by the token when signing with a token key" msgstr "" #: ../ui/Options.ui:83 msgctxt "Options|" msgid "Disable legacy Netscape extensions" msgstr "" #: ../ui/Options.ui:127 msgctxt "Options|" msgid "Certificate expiry warning threshold" msgstr "" #: ../ui/Options.ui:146 msgctxt "Options|" msgid "Send vCalendar expiry reminder" msgstr "" #: ../ui/Options.ui:157 msgctxt "Options|" msgid "Serial number length" msgstr "" #: ../ui/Options.ui:164 msgctxt "Options|" msgid " bit" msgstr "" #: ../ui/Options.ui:199 msgctxt "Options|" msgid "Distinguished name" msgstr "" #: ../ui/Options.ui:205 msgctxt "Options|" msgid "Mandatory subject entries" msgstr "" #: ../ui/Options.ui:223 ../ui/Options.ui:284 ../ui/Options.ui:363 msgctxt "Options|" msgid "Add" msgstr "" #: ../ui/Options.ui:230 ../ui/Options.ui:291 msgctxt "Options|" msgid "Delete" msgstr "" #: ../ui/Options.ui:255 msgctxt "Options|" msgid "Explicit subject entries" msgstr "" #: ../ui/Options.ui:273 msgctxt "Options|" msgid "Dynamically arrange explicit subject entries" msgstr "" #: ../ui/Options.ui:298 msgctxt "Options|" msgid "Default" msgstr "" #: ../ui/Options.ui:324 msgctxt "Options|" msgid "PKCS#11 provider" msgstr "" #: ../ui/Options.ui:376 msgctxt "Options|" msgid "Remove" msgstr "" #: ../ui/Options.ui:383 msgctxt "Options|" msgid "Search" msgstr "" #: ../widgets/Options.cpp:32 msgctxt "Options|" msgid "Printable string or UTF8 (default)" msgstr "" #: ../widgets/Options.cpp:33 msgctxt "Options|" msgid "PKIX recommendation in RFC2459" msgstr "" #: ../widgets/Options.cpp:34 msgctxt "Options|" msgid "No BMP strings, only printable and T61" msgstr "" #: ../widgets/Options.cpp:35 msgctxt "Options|" msgid "UTF8 strings only (RFC2459)" msgstr "" #: ../widgets/Options.cpp:36 msgctxt "Options|" msgid "All strings" msgstr "" #: ../widgets/Options.cpp:59 msgctxt "Options|" msgid "Days" msgstr "" #: ../widgets/Options.cpp:59 msgctxt "Options|" msgid "Weeks" msgstr "" #: ../ui/PwDialog.ui:118 msgctxt "PwDialog|" msgid "" "The password is parsed as 2-digit hex code. It must have an even number of " "digits (0-9 and a-f)" msgstr "" #: ../ui/PwDialog.ui:121 msgctxt "PwDialog|" msgid "Take as HEX string" msgstr "" #: ../widgets/PwDialog.cpp:85 #, qt-format msgctxt "PwDialog|" msgid "Repeat %1" msgstr "" #: ../widgets/PwDialog.cpp:98 #, qt-format msgctxt "PwDialog|" msgid "%1 mismatch" msgstr "" #: ../widgets/PwDialog.cpp:105 msgctxt "PwDialog|" msgid "" "Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it " "must consist of an even number of characters" msgstr "" #: ../widgets/PwDialog.cpp:131 msgctxt "PwDialog|" msgid "E&xit" msgstr "" #: ../lib/asn1time.cpp:155 msgctxt "QObject|" msgid "Undefined" msgstr "" #: ../lib/asn1time.cpp:157 msgctxt "QObject|" msgid "Broken / Invalid" msgstr "" #: ../lib/asn1time.cpp:203 #, qt-format msgctxt "QObject|" msgid "in %1 seconds" msgstr "" #: ../lib/asn1time.cpp:204 #, qt-format msgctxt "QObject|" msgid "%1 seconds ago" msgstr "" #: ../lib/asn1time.cpp:207 #, qt-format msgctxt "QObject|" msgid "in %1 minutes" msgstr "" #: ../lib/asn1time.cpp:208 #, qt-format msgctxt "QObject|" msgid "%1 minutes ago" msgstr "" #: ../lib/asn1time.cpp:210 msgctxt "QObject|" msgid "Yesterday" msgstr "" #: ../lib/asn1time.cpp:212 msgctxt "QObject|" msgid "Tomorrow" msgstr "" #: ../lib/asn1time.cpp:215 #, qt-format msgctxt "QObject|" msgid "in %1 hours" msgstr "" #: ../lib/asn1time.cpp:216 #, qt-format msgctxt "QObject|" msgid "%1 hours ago" msgstr "" #: ../lib/db.cpp:222 #, qt-format msgctxt "QObject|" msgid "DB: Rename: '%1' already in use" msgstr "" #: ../lib/db.cpp:226 #, qt-format msgctxt "QObject|" msgid "DB: Entry to rename not found: %1" msgstr "" #: ../lib/db.cpp:236 #, qt-format msgctxt "QObject|" msgid "DB: Write error %1 - %2" msgstr "" #: ../lib/db.cpp:565 ../lib/db.cpp:582 msgctxt "QObject|" msgid "Out of data" msgstr "" #: ../lib/db.cpp:605 msgctxt "QObject|" msgid "Error finding endmarker of string" msgstr "" #: ../lib/exception.h:55 #, qt-format msgctxt "QObject|" msgid "Out of Memory at %1:%2" msgstr "" #: ../lib/load_obj.cpp:20 msgctxt "QObject|" msgid "All files ( * )" msgstr "" #: ../lib/load_obj.cpp:57 msgctxt "QObject|" msgid "Import RSA key" msgstr "" #: ../lib/load_obj.cpp:54 msgctxt "QObject|" msgid "" "PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; SSH Public " "Keys ( *.pub );;" msgstr "" #: ../lib/load_obj.cpp:69 msgctxt "QObject|" msgid "PKCS#10 CSR ( *.pem *.der *.csr );; " msgstr "" #: ../lib/load_obj.cpp:70 msgctxt "QObject|" msgid "Import Request" msgstr "" #: ../lib/load_obj.cpp:82 msgctxt "QObject|" msgid "Certificates ( *.pem *.der *.crt *.cer );;" msgstr "" #: ../lib/load_obj.cpp:83 msgctxt "QObject|" msgid "Import X.509 Certificate" msgstr "" #: ../lib/load_obj.cpp:95 msgctxt "QObject|" msgid "PKCS#7 data ( *.p7s *.p7m *.p7b );;" msgstr "" #: ../lib/load_obj.cpp:96 msgctxt "QObject|" msgid "Import PKCS#7 Certificates" msgstr "" #: ../lib/load_obj.cpp:108 msgctxt "QObject|" msgid "PKCS#12 Certificates ( *.p12 *.pfx );;" msgstr "" #: ../lib/load_obj.cpp:109 msgctxt "QObject|" msgid "Import PKCS#12 Private Certificate" msgstr "" #: ../lib/load_obj.cpp:122 msgctxt "QObject|" msgid "XCA templates ( *.xca );;" msgstr "" #: ../lib/load_obj.cpp:123 msgctxt "QObject|" msgid "Import XCA Templates" msgstr "" #: ../lib/load_obj.cpp:135 msgctxt "QObject|" msgid "Revocation lists ( *.pem *.der *.crl );;" msgstr "" #: ../lib/load_obj.cpp:136 msgctxt "QObject|" msgid "Import Certificate Revocation List" msgstr "" #: ../lib/load_obj.cpp:148 msgctxt "QObject|" msgid "XCA Databases ( *.xdb );;" msgstr "" #: ../lib/load_obj.cpp:149 msgctxt "QObject|" msgid "Open XCA Database" msgstr "" #: ../lib/load_obj.cpp:157 msgctxt "QObject|" msgid "PKCS#11 library ( *.dll );;" msgstr "" #: ../lib/load_obj.cpp:159 msgctxt "QObject|" msgid "PKCS#11 library ( *.dylib *.so );;" msgstr "" #: ../lib/load_obj.cpp:161 msgctxt "QObject|" msgid "PKCS#11 library ( *.so );;" msgstr "" #: ../lib/load_obj.cpp:163 msgctxt "QObject|" msgid "Open PKCS#11 shared library" msgstr "" #: ../lib/load_obj.cpp:170 msgctxt "QObject|" msgid "PEM files ( *.pem );;" msgstr "" #: ../lib/load_obj.cpp:171 msgctxt "QObject|" msgid "Load PEM encoded file" msgstr "" #: ../lib/pkcs11.cpp:245 msgctxt "QObject|" msgid "Please enter the PIN on the PinPad" msgstr "" #: ../lib/pkcs11.cpp:256 #, qt-format msgctxt "QObject|" msgid "Please enter the SO PIN (PUK) of the token %1" msgstr "" #: ../lib/pkcs11.cpp:257 #, qt-format msgctxt "QObject|" msgid "Please enter the PIN of the token %1" msgstr "" #: ../lib/pkcs11.cpp:310 msgctxt "QObject|" msgid "No Security token found" msgstr "" #: ../lib/pkcs11.cpp:321 msgctxt "QObject|" msgid "Select" msgstr "" #: ../lib/pkcs11.cpp:344 #, qt-format msgctxt "QObject|" msgid "Please enter the new SO PIN (PUK) for the token: '%1'" msgstr "" #: ../lib/pkcs11.cpp:346 #, qt-format msgctxt "QObject|" msgid "Please enter the new PIN for the token: '%1'" msgstr "" #: ../lib/pkcs11.h:92 #, qt-format msgctxt "QObject|" msgid "Required PIN size: %1 - %2" msgstr "" #: ../lib/pkcs11_lib.cpp:35 #, qt-format msgctxt "QObject|" msgid "Failed to open PKCS11 library: %1: %2" msgstr "" #: ../lib/pkcs11_lib.cpp:41 msgctxt "QObject|" msgid "" "This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not " "found." msgstr "" #: ../lib/pkcs11_lib.cpp:123 msgctxt "QObject|" msgid "Disabled" msgstr "" #: ../lib/pkcs11_lib.cpp:127 msgctxt "QObject|" msgid "Library loading failed" msgstr "" #: ../lib/pkcs11_lib.cpp:312 #, qt-format msgctxt "QObject|" msgid "PKCS#11 function '%1' failed: %2" msgstr "" #: ../lib/pkcs11_lib.cpp:320 #, qt-format msgctxt "QObject|" msgid "" "PKCS#11 function '%1' failed: %2\n" "In library %3\n" "%4" msgstr "" #: ../lib/x509name.cpp:116 msgctxt "QObject|" msgid "Invalid" msgstr "" #: ../lib/x509name.cpp:240 #, qt-format msgctxt "QObject|" msgid "%1 is shorter than %2 bytes: '%3'" msgstr "" #: ../lib/x509name.cpp:245 #, qt-format msgctxt "QObject|" msgid "%1 is longer than %2 bytes: '%3'" msgstr "" #: ../lib/x509v3ext.cpp:85 #, qt-format msgctxt "QObject|" msgid "String '%1' for '%2' contains invalid characters" msgstr "" #: ../lib/oid.cpp:49 #, qt-format msgctxt "QObject|" msgid "Error reading config file %1 at line %2" msgstr "" #: ../lib/oid.cpp:84 #, qt-format msgctxt "QObject|" msgid "" "The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and " "should be removed." msgstr "" #: ../lib/oid.cpp:93 #, qt-format msgctxt "QObject|" msgid "" "The identifier '%1' for OID %2 from file %3 line %4 is already used for a " "different OID as '%5:%6:%7' and should be changed to avoid conflicts." msgstr "" #: ../lib/oid.cpp:177 #, qt-format msgctxt "QObject|" msgid "Unknown object '%1' in file %2 line %3" msgstr "" #: ../lib/sql.h:55 msgctxt "QObject|" msgid "Failed to start a database transaction" msgstr "" #: ../widgets/ReqTreeView.cpp:25 msgctxt "ReqTreeView|" msgid "Sign" msgstr "" #: ../widgets/ReqTreeView.cpp:27 msgctxt "ReqTreeView|" msgid "Unmark signed" msgstr "" #: ../widgets/ReqTreeView.cpp:30 msgctxt "ReqTreeView|" msgid "Mark signed" msgstr "" #: ../widgets/ReqTreeView.cpp:33 msgctxt "ReqTreeView|" msgid "Similar Request" msgstr "" #: ../ui/RevocationList.ui:30 msgctxt "RevocationList|" msgid "Manage revocations" msgstr "" #: ../ui/RevocationList.ui:96 msgctxt "RevocationList|" msgid "Add" msgstr "" #: ../ui/RevocationList.ui:103 msgctxt "RevocationList|" msgid "Delete" msgstr "" #: ../ui/RevocationList.ui:110 msgctxt "RevocationList|" msgid "Edit" msgstr "" #: ../widgets/RevocationList.cpp:73 msgctxt "RevocationList|" msgid "No." msgstr "" #: ../widgets/RevocationList.cpp:73 msgctxt "RevocationList|" msgid "Serial" msgstr "" #: ../widgets/RevocationList.cpp:73 msgctxt "RevocationList|" msgid "Revocation" msgstr "" #: ../widgets/RevocationList.cpp:73 msgctxt "RevocationList|" msgid "Reason" msgstr "" #: ../widgets/RevocationList.cpp:74 msgctxt "RevocationList|" msgid "Invalidation" msgstr "" #: ../widgets/RevocationList.cpp:101 msgctxt "RevocationList|" msgid "Generate CRL" msgstr "" #: ../ui/Revoke.ui:30 msgctxt "Revoke|" msgid "Certificate revocation" msgstr "" #: ../ui/Revoke.ui:87 msgctxt "Revoke|" msgid "Revocation details" msgstr "" #: ../ui/Revoke.ui:96 msgctxt "Revoke|" msgid "Revocation reason" msgstr "" #: ../ui/Revoke.ui:110 msgctxt "Revoke|" msgid "Local time" msgstr "" #: ../ui/Revoke.ui:117 msgctxt "Revoke|" msgid "Invalid since" msgstr "" #: ../ui/Revoke.ui:124 msgctxt "Revoke|" msgid "Serial" msgstr "" #: ../ui/SearchPkcs11.ui:41 msgctxt "SearchPkcs11|" msgid "Directory" msgstr "" #: ../ui/SearchPkcs11.ui:57 msgctxt "SearchPkcs11|" msgid "..." msgstr "" #: ../ui/SearchPkcs11.ui:64 msgctxt "SearchPkcs11|" msgid "Include subdirectories" msgstr "" #: ../ui/SearchPkcs11.ui:71 msgctxt "SearchPkcs11|" msgid "Search" msgstr "" #: ../widgets/SearchPkcs11.cpp:77 msgctxt "SearchPkcs11|" msgid "The following files are possible PKCS#11 libraries" msgstr "" #: ../ui/SelectToken.ui:39 msgctxt "SelectToken|" msgid "Security token" msgstr "" #: ../ui/SelectToken.ui:86 msgctxt "SelectToken|" msgid "Please select the security token" msgstr "" #: ../widgets/TempTreeView.cpp:22 msgctxt "TempTreeView|" msgid "Duplicate" msgstr "" #: ../widgets/TempTreeView.cpp:23 msgctxt "TempTreeView|" msgid "Create certificate" msgstr "" #: ../widgets/TempTreeView.cpp:24 msgctxt "TempTreeView|" msgid "Create request" msgstr "" #: ../widgets/TempTreeView.cpp:35 msgctxt "TempTreeView|" msgid "copy" msgstr "" #: ../widgets/validity.cpp:94 msgctxt "Validity|" msgid "yyyy-MM-dd hh:mm" msgstr "" #: ../widgets/X509SuperTreeView.cpp:25 msgctxt "X509SuperTreeView|" msgid "OpenSSL config" msgstr "" #: ../widgets/X509SuperTreeView.cpp:26 msgctxt "X509SuperTreeView|" msgid "Transform" msgstr "" #: ../widgets/X509SuperTreeView.cpp:27 msgctxt "X509SuperTreeView|" msgid "Template" msgstr "" #: ../widgets/X509SuperTreeView.cpp:28 msgctxt "X509SuperTreeView|" msgid "Public key" msgstr "" #: ../widgets/XcaTreeView.cpp:318 msgctxt "XcaTreeView|" msgid "Subject entries" msgstr "" #: ../widgets/XcaTreeView.cpp:319 msgctxt "XcaTreeView|" msgid "X509v3 Extensions" msgstr "" #: ../widgets/XcaTreeView.cpp:320 msgctxt "XcaTreeView|" msgid "Netscape extensions" msgstr "" #: ../widgets/XcaTreeView.cpp:321 msgctxt "XcaTreeView|" msgid "Reset" msgstr "" #: ../widgets/XcaTreeView.cpp:324 msgctxt "XcaTreeView|" msgid "Hide Column" msgstr "" #: ../widgets/XcaTreeView.cpp:326 msgctxt "XcaTreeView|" msgid "Details" msgstr "" #: ../widgets/XcaTreeView.cpp:377 msgctxt "XcaTreeView|" msgid "Columns" msgstr "" #: ../widgets/XcaTreeView.cpp:405 msgctxt "XcaTreeView|" msgid "New" msgstr "" #: ../widgets/XcaTreeView.cpp:406 msgctxt "XcaTreeView|" msgid "Import" msgstr "" #: ../widgets/XcaTreeView.cpp:407 msgctxt "XcaTreeView|" msgid "Paste PEM data" msgstr "" #: ../widgets/XcaTreeView.cpp:411 msgctxt "XcaTreeView|" msgid "Rename" msgstr "" #: ../widgets/XcaTreeView.cpp:412 msgctxt "XcaTreeView|" msgid "Properties" msgstr "" #: ../widgets/XcaTreeView.cpp:415 msgctxt "XcaTreeView|" msgid "Delete" msgstr "" #: ../widgets/XcaTreeView.cpp:417 msgctxt "XcaTreeView|" msgid "Export" msgstr "" #: ../widgets/XcaTreeView.cpp:418 msgctxt "XcaTreeView|" msgid "Clipboard" msgstr "" #: ../widgets/XcaTreeView.cpp:420 msgctxt "XcaTreeView|" msgid "File" msgstr "" #: ../lib/db_base.cpp:177 msgctxt "db_base|" msgid "Internal name" msgstr "" #: ../lib/db_base.cpp:178 msgctxt "db_base|" msgid "No." msgstr "" #: ../lib/db_base.cpp:179 msgctxt "db_base|" msgid "Primary key" msgstr "" #: ../lib/db_base.cpp:180 msgctxt "db_base|" msgid "Database unique number" msgstr "" #: ../lib/db_base.cpp:181 msgctxt "db_base|" msgid "Date" msgstr "" #: ../lib/db_base.cpp:182 msgctxt "db_base|" msgid "Date of creation or insertion" msgstr "" #: ../lib/db_base.cpp:183 msgctxt "db_base|" msgid "Source" msgstr "" #: ../lib/db_base.cpp:184 msgctxt "db_base|" msgid "Generated, Imported, Transformed" msgstr "" #: ../lib/db_base.cpp:185 msgctxt "db_base|" msgid "Comment" msgstr "" #: ../lib/db_base.cpp:186 msgctxt "db_base|" msgid "First line of the comment field" msgstr "" #: ../lib/db_base.cpp:391 #, qt-format msgctxt "db_base|" msgid "Could not create directory %1" msgstr "" #: ../lib/db_base.cpp:642 msgctxt "db_base|" msgid "Item properties" msgstr "" #: ../lib/db_base.cpp:680 #, qt-format msgctxt "db_base|" msgid "How to export the %1 selected items" msgstr "" #: ../lib/db_base.cpp:682 msgctxt "db_base|" msgid "All in one PEM file" msgstr "" #: ../lib/db_base.cpp:683 msgctxt "db_base|" msgid "Each item in one file" msgstr "" #: ../lib/db_base.cpp:696 #, qt-format msgctxt "db_base|" msgid "Save %1 items in one file as" msgstr "" #: ../lib/db_base.cpp:697 msgctxt "db_base|" msgid "PEM files ( *.pem );; All files ( * )" msgstr "" #: ../lib/db_crl.cpp:34 msgctxt "db_crl|" msgid "Signer" msgstr "" #: ../lib/db_crl.cpp:35 msgctxt "db_crl|" msgid "Internal name of the signer" msgstr "" #: ../lib/db_crl.cpp:36 msgctxt "db_crl|" msgid "No. revoked" msgstr "" #: ../lib/db_crl.cpp:37 msgctxt "db_crl|" msgid "Number of revoked certificates" msgstr "" #: ../lib/db_crl.cpp:38 msgctxt "db_crl|" msgid "Last update" msgstr "" #: ../lib/db_crl.cpp:39 msgctxt "db_crl|" msgid "Next update" msgstr "" #: ../lib/db_crl.cpp:40 msgctxt "db_crl|" msgid "CRL number" msgstr "" #: ../lib/db_crl.cpp:106 #, qt-format msgctxt "db_crl|" msgid "" "The revocation list already exists in the database as:\n" "'%1'\n" "and so it was not imported" msgstr "" #: ../lib/db_crl.cpp:161 msgctxt "db_crl|" msgid "Revocation list export" msgstr "" #: ../lib/db_crl.cpp:162 msgctxt "db_crl|" msgid "CRL ( *.pem *.der *.crl )" msgstr "" #: ../lib/db_crl.cpp:228 msgctxt "db_crl|" msgid "There are no CA certificates for CRL generation" msgstr "" #: ../lib/db_crl.cpp:236 msgctxt "db_crl|" msgid "Select CA certificate" msgstr "" #: ../lib/db_crl.cpp:257 msgctxt "db_crl|" msgid "Create CRL" msgstr "" #: ../lib/db_crl.cpp:301 msgctxt "db_crl|" msgid "Failed to initiate DB transaction" msgstr "" #: ../lib/db_crl.cpp:311 ../lib/db_crl.cpp:319 ../lib/db_crl.cpp:323 #, qt-format msgctxt "db_crl|" msgid "Database error: %1" msgstr "" #: ../lib/db_key.cpp:65 msgctxt "db_key|" msgid "Type" msgstr "" #: ../lib/db_key.cpp:66 msgctxt "db_key|" msgid "Size" msgstr "" #: ../lib/db_key.cpp:68 msgctxt "db_key|" msgid "EC Group" msgstr "" #: ../lib/db_key.cpp:70 msgctxt "db_key|" msgid "Use" msgstr "" #: ../lib/db_key.cpp:71 msgctxt "db_key|" msgid "Password" msgstr "" #: ../lib/db_key.cpp:143 #, qt-format msgctxt "db_key|" msgid "" "The key is already in the database as:\n" "'%1'\n" "and is not going to be imported" msgstr "" #: ../lib/db_key.cpp:148 #, qt-format msgctxt "db_key|" msgid "" "The database already contains the public part of the imported key as\n" "'%1\n" "and will be completed by the new, private part of the key" msgstr "" #: ../lib/db_key.cpp:150 #, qt-format msgctxt "db_key|" msgid "Extending public key from %1 by imported key '%2'" msgstr "" #: ../lib/db_key.cpp:185 msgctxt "db_key|" msgid "Key size too small !" msgstr "" #: ../lib/db_key.cpp:190 #, qt-format msgctxt "db_key|" msgid "You are sure to create a key of the size: %1 ?" msgstr "" #: ../lib/db_key.cpp:272 ../lib/db_key.cpp:309 msgctxt "db_key|" msgid "PEM public" msgstr "" #: ../lib/db_key.cpp:275 ../lib/db_key.cpp:313 msgctxt "db_key|" msgid "SSH2 public" msgstr "" #: ../lib/db_key.cpp:278 ../lib/db_key.cpp:325 msgctxt "db_key|" msgid "PEM private" msgstr "" #: ../lib/db_key.cpp:283 msgctxt "db_key|" msgid "Export keys to Clipboard" msgstr "" #: ../lib/db_key.cpp:286 msgctxt "db_key|" msgid "Clipboard" msgstr "" #: ../lib/db_key.cpp:299 #, qt-format msgctxt "db_key|" msgid "Export public key [%1]" msgstr "" #: ../lib/db_key.cpp:310 msgctxt "db_key|" msgid "DER public" msgstr "" #: ../lib/db_key.cpp:318 msgctxt "db_key|" msgid "DER private" msgstr "" #: ../lib/db_key.cpp:320 msgctxt "db_key|" msgid "PEM encryped" msgstr "" #: ../lib/db_key.cpp:327 msgctxt "db_key|" msgid "PKCS#8 encrypted" msgstr "" #: ../lib/db_key.cpp:328 #, qt-format msgctxt "db_key|" msgid "Export private key [%1]" msgstr "" #: ../lib/db_key.cpp:333 msgctxt "db_key|" msgid "Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub )" msgstr "" #: ../lib/db_key.cpp:403 msgctxt "db_key|" msgid "Tried to change password of a token" msgstr "" #: ../lib/db_temp.cpp:54 #, qt-format msgctxt "db_temp|" msgid "Bad template: %1" msgstr "" #: ../lib/db_temp.cpp:37 msgctxt "db_temp|" msgid "Empty template" msgstr "" #: ../lib/db_temp.cpp:100 msgctxt "db_temp|" msgid "Preset Template values" msgstr "" #: ../lib/db_temp.cpp:138 msgctxt "db_temp|" msgid "Save template as" msgstr "" #: ../lib/db_temp.cpp:139 msgctxt "db_temp|" msgid "XCA templates ( *.xca );; All files ( * )" msgstr "" #: ../lib/db_x509.cpp:67 msgctxt "db_x509|" msgid "CA" msgstr "" #: ../lib/db_x509.cpp:68 msgctxt "db_x509|" msgid "reflects the basic Constraints extension" msgstr "" #: ../lib/db_x509.cpp:69 msgctxt "db_x509|" msgid "Serial" msgstr "" #: ../lib/db_x509.cpp:73 msgctxt "db_x509|" msgid "Start date" msgstr "" #: ../lib/db_x509.cpp:75 msgctxt "db_x509|" msgid "Expiry date" msgstr "" #: ../lib/db_x509.cpp:70 msgctxt "db_x509|" msgid "MD5 fingerprint" msgstr "" #: ../lib/db_x509.cpp:71 msgctxt "db_x509|" msgid "SHA1 fingerprint" msgstr "" #: ../lib/db_x509.cpp:72 msgctxt "db_x509|" msgid "SHA256 fingerprint" msgstr "" #: ../lib/db_x509.cpp:74 msgctxt "db_x509|" msgid "Not before" msgstr "" #: ../lib/db_x509.cpp:76 msgctxt "db_x509|" msgid "Not after" msgstr "" #: ../lib/db_x509.cpp:77 msgctxt "db_x509|" msgid "Revocation" msgstr "" #: ../lib/db_x509.cpp:78 msgctxt "db_x509|" msgid "CRL Expiration" msgstr "" #: ../lib/db_x509.cpp:152 msgctxt "db_x509|" msgid "Plain View" msgstr "" #: ../lib/db_x509.cpp:154 msgctxt "db_x509|" msgid "Tree View" msgstr "" #: ../lib/db_x509.cpp:336 msgctxt "db_x509|" msgid "Failed to retrieve unique random serial" msgstr "" #: ../lib/db_x509.cpp:359 #, qt-format msgctxt "db_x509|" msgid "" "The certificate already exists in the database as:\n" "'%1'\n" "and so it was not imported" msgstr "" #: ../lib/db_x509.cpp:403 #, qt-format msgctxt "db_x509|" msgid "Signed on %1 by '%2'" msgstr "" #: ../lib/db_x509.cpp:404 msgctxt "db_x509|" msgid "Unknown" msgstr "" #: ../lib/db_x509.cpp:496 msgctxt "db_x509|" msgid "Invalid public key" msgstr "" #: ../lib/db_x509.cpp:654 msgctxt "db_x509|" msgid "PKCS#7 unrevoked" msgstr "" #: ../lib/db_x509.cpp:658 msgctxt "db_x509|" msgid "PEM unrevoked" msgstr "" #: ../lib/db_x509.cpp:665 msgctxt "db_x509|" msgid "vCalendar" msgstr "" #: ../lib/db_x509.cpp:669 msgctxt "db_x509|" msgid "CA vCalendar" msgstr "" #: ../lib/db_x509.cpp:1094 msgctxt "db_x509|" msgid "days" msgstr "" #: ../lib/db_x509.cpp:1103 msgctxt "db_x509|" msgid "No template" msgstr "" #: ../lib/db_x509.cpp:522 msgctxt "db_x509|" msgid "The key you selected for signing is not a private one." msgstr "" #: ../lib/db_x509.cpp:564 #, qt-format msgctxt "db_x509|" msgid "Store the certificate to the key on the token '%1 (#%2)' ?" msgstr "" #: ../lib/db_x509.cpp:631 msgctxt "db_x509|" msgid "PEM chain" msgstr "" #: ../lib/db_x509.cpp:633 msgctxt "db_x509|" msgid "PKCS#7 chain" msgstr "" #: ../lib/db_x509.cpp:639 msgctxt "db_x509|" msgid "PKCS#12 chain" msgstr "" #: ../lib/db_x509.cpp:656 msgctxt "db_x509|" msgid "PKCS#7 all" msgstr "" #: ../lib/db_x509.cpp:648 msgctxt "db_x509|" msgid "PEM + key" msgstr "" #: ../lib/db_x509.cpp:660 msgctxt "db_x509|" msgid "PEM all" msgstr "" #: ../lib/db_x509.cpp:662 msgctxt "db_x509|" msgid "Certificate Index file" msgstr "" #: ../lib/db_x509.cpp:672 msgctxt "db_x509|" msgid "Certificate export" msgstr "" #: ../lib/db_x509.cpp:673 msgctxt "db_x509|" msgid "X509 Certificates ( *.pem *.cer *.crt *.p12 *.p7b )" msgstr "" #: ../lib/db_x509.cpp:737 ../lib/db_x509.cpp:803 #, qt-format msgctxt "db_x509|" msgid "There was no key found for the Certificate: '%1'" msgstr "" #: ../lib/db_x509.cpp:742 #, qt-format msgctxt "db_x509|" msgid "Not possible for a token key: '%1'" msgstr "" #: ../lib/db_x509.cpp:807 #, qt-format msgctxt "db_x509|" msgid "Not possible for the token-key Certificate '%1'" msgstr "" #: ../lib/db_x509super.cpp:24 msgctxt "db_x509name|" msgid "Subject" msgstr "" #: ../lib/db_x509super.cpp:25 msgctxt "db_x509name|" msgid "Complete distinguished name" msgstr "" #: ../lib/db_x509super.cpp:26 msgctxt "db_x509name|" msgid "Subject hash" msgstr "" #: ../lib/db_x509super.cpp:27 msgctxt "db_x509name|" msgid "Hash to lookup certs in directories" msgstr "" #: ../lib/db_x509req.cpp:31 msgctxt "db_x509req|" msgid "Signed" msgstr "" #: ../lib/db_x509req.cpp:32 msgctxt "db_x509req|" msgid "whether the request is already signed or not" msgstr "" #: ../lib/db_x509req.cpp:33 msgctxt "db_x509req|" msgid "Unstructured name" msgstr "" #: ../lib/db_x509req.cpp:35 msgctxt "db_x509req|" msgid "Challenge password" msgstr "" #: ../lib/db_x509req.cpp:37 msgctxt "db_x509req|" msgid "Certificate count" msgstr "" #: ../lib/db_x509req.cpp:38 msgctxt "db_x509req|" msgid "Number of certificates in the database with the same public key" msgstr "" #: ../lib/db_x509req.cpp:55 #, qt-format msgctxt "db_x509req|" msgid "" "The certificate signing request already exists in the database as\n" "'%1'\n" "and thus was not stored" msgstr "" #: ../lib/db_x509req.cpp:132 msgctxt "db_x509req|" msgid "Certificate request export" msgstr "" #: ../lib/db_x509req.cpp:133 msgctxt "db_x509req|" msgid "Certificate request ( *.pem *.der *.csr )" msgstr "" #: ../lib/db_x509super.cpp:78 msgctxt "db_x509super|" msgid "Key name" msgstr "" #: ../lib/db_x509super.cpp:79 msgctxt "db_x509super|" msgid "Internal name of the key" msgstr "" #: ../lib/db_x509super.cpp:80 msgctxt "db_x509super|" msgid "Signature algorithm" msgstr "" #: ../lib/db_x509super.cpp:134 #, qt-format msgctxt "db_x509super|" msgid "Extracted from %1 '%2'" msgstr "" #: ../lib/db_x509super.cpp:136 ../lib/db_x509super.cpp:188 msgctxt "db_x509super|" msgid "Certificate" msgstr "" #: ../lib/db_x509super.cpp:136 ../lib/db_x509super.cpp:188 msgctxt "db_x509super|" msgid "Certificate request" msgstr "" #: ../lib/db_x509super.cpp:152 msgctxt "db_x509super|" msgid "Save as OpenSSL config" msgstr "" #: ../lib/db_x509super.cpp:153 msgctxt "db_x509super|" msgid "Config files ( *.conf *.cnf);; All files ( * )" msgstr "" #: ../lib/db_x509super.cpp:175 msgctxt "db_x509super|" msgid "The following extensions were not ported into the template" msgstr "" #: ../lib/db_x509super.cpp:186 #, qt-format msgctxt "db_x509super|" msgid "Transformed from %1 '%2'" msgstr "" #: ../widgets/kvView.cpp:164 msgctxt "kvView|" msgid "Type" msgstr "" #: ../widgets/kvView.cpp:164 msgctxt "kvView|" msgid "Content" msgstr "" #: ../lib/pass_info.cpp:21 msgctxt "pass_info|" msgid "Password" msgstr "" #: ../lib/pass_info.cpp:27 msgctxt "pass_info|" msgid "PIN" msgstr "" #: ../lib/pki_base.cpp:123 #, qt-format msgctxt "pki_base|" msgid "Error opening file: '%1': %2" msgstr "" #: ../lib/pki_base.cpp:292 msgctxt "pki_base|" msgid "Unknown" msgstr "" #: ../lib/pki_base.cpp:293 msgctxt "pki_base|" msgid "Imported" msgstr "" #: ../lib/pki_base.cpp:294 msgctxt "pki_base|" msgid "Generated" msgstr "" #: ../lib/pki_base.cpp:295 msgctxt "pki_base|" msgid "Transformed" msgstr "" #: ../lib/pki_base.cpp:296 msgctxt "pki_base|" msgid "Token" msgstr "" #: ../lib/pki_base.cpp:297 msgctxt "pki_base|" msgid "Legacy Database" msgstr "" #: ../lib/pki_base.cpp:298 msgctxt "pki_base|" msgid "Renewed" msgstr "" #: ../lib/pki_base.cpp:101 #, qt-format msgctxt "pki_base|" msgid "Internal error: Unexpected message: %1 %2" msgstr "" #: ../lib/pki_crl.cpp:61 #, qt-format msgctxt "pki_crl|" msgid "Successfully imported the revocation list '%1'" msgstr "" #: ../lib/pki_crl.cpp:62 #, qt-format msgctxt "pki_crl|" msgid "Delete the revocation list '%1'?" msgstr "" #: ../lib/pki_crl.cpp:63 #, qt-format msgctxt "pki_crl|" msgid "Successfully created the revocation list '%1'" msgstr "" #: ../lib/pki_crl.cpp:65 #, qt-format msgctxt "pki_crl|" msgid "Delete the %1 revocation lists: %2?" msgstr "" #: ../lib/pki_crl.cpp:148 #, qt-format msgctxt "pki_crl|" msgid "" "Unable to load the revocation list in file %1. Tried PEM and DER formatted " "CRL." msgstr "" #: ../lib/pki_crl.cpp:164 msgctxt "pki_crl|" msgid "No issuer given" msgstr "" #: ../lib/pki_crl.cpp:222 #, qt-format msgctxt "pki_crl|" msgid "Wrong Size %1" msgstr "" #: ../lib/pki_crl.cpp:438 #, qt-format msgctxt "pki_crl|" msgid "Renew CRL: %1" msgstr "" #: ../lib/pki_crl.cpp:439 #, qt-format msgctxt "pki_crl|" msgid "" "The XCA CRL '%1', issued by the CA '%2' on %3 will expire on %4.\n" "It is stored in the XCA database '%5'" msgstr "" #: ../lib/pki_evp.cpp:239 #, qt-format msgctxt "pki_evp|" msgid "Failed to decrypt the key (bad password) %1" msgstr "" #: ../lib/pki_evp.cpp:249 msgctxt "pki_evp|" msgid "Please enter the password to decrypt the private key." msgstr "" #: ../lib/pki_evp.cpp:304 #, qt-format msgctxt "pki_evp|" msgid "The key from file '%1' is incomplete or inconsistent." msgstr "" #: ../lib/pki_evp.cpp:322 #, qt-format msgctxt "pki_evp|" msgid "" "Please enter the password to decrypt the private key from file:\n" "%1" msgstr "" #: ../lib/pki_evp.cpp:369 #, qt-format msgctxt "pki_evp|" msgid "" "Unable to load the private key in file %1. Tried PEM and DER private, " "public, PKCS#8 key types and SSH2 format." msgstr "" #: ../lib/pki_evp.cpp:400 msgctxt "pki_evp|" msgid "Ignoring unsupported private key" msgstr "" #: ../lib/pki_evp.cpp:417 #, qt-format msgctxt "pki_evp|" msgid "Please enter the password to decrypt the private key: '%1'" msgstr "" #: ../lib/pki_evp.cpp:420 ../lib/pki_evp.cpp:434 msgctxt "pki_evp|" msgid "Password input aborted" msgstr "" #: ../lib/pki_evp.cpp:430 #, qt-format msgctxt "pki_evp|" msgid "Please enter the database password for decrypting the key '%1'" msgstr "" #: ../lib/pki_evp.cpp:547 #, qt-format msgctxt "pki_evp|" msgid "Please enter the password to protect the private key: '%1'" msgstr "" #: ../lib/pki_evp.cpp:565 msgctxt "pki_evp|" msgid "Please enter the database password for encrypting the key" msgstr "" #: ../lib/pki_evp.cpp:680 #, qt-format msgctxt "pki_evp|" msgid "Please enter the password protecting the PKCS#8 key '%1'" msgstr "" #: ../lib/pki_evp.cpp:735 #, qt-format msgctxt "pki_evp|" msgid "Please enter the export password for the private key '%1'" msgstr "" #: ../lib/pki_key.cpp:200 #, qt-format msgctxt "pki_key|" msgid "Successfully imported the %1 public key '%2'" msgstr "" #: ../lib/pki_key.cpp:201 #, qt-format msgctxt "pki_key|" msgid "Delete the %1 public key '%2'?" msgstr "" #: ../lib/pki_key.cpp:206 #, qt-format msgctxt "pki_key|" msgid "Successfully imported the %1 private key '%2'" msgstr "" #: ../lib/pki_key.cpp:207 #, qt-format msgctxt "pki_key|" msgid "Delete the %1 private key '%2'?" msgstr "" #: ../lib/pki_key.cpp:208 #, qt-format msgctxt "pki_key|" msgid "Successfully created the %1 private key '%2'" msgstr "" #: ../lib/pki_key.cpp:214 #, qt-format msgctxt "pki_key|" msgid "Delete the %1 keys: %2?" msgstr "" #: ../lib/pki_key.cpp:56 ../lib/pki_key.cpp:223 msgctxt "pki_key|" msgid "Public key" msgstr "" #: ../lib/pki_key.cpp:424 msgctxt "pki_key|" msgid "Common" msgstr "" #: ../lib/pki_key.cpp:424 msgctxt "pki_key|" msgid "Private" msgstr "" #: ../lib/pki_key.cpp:424 msgctxt "pki_key|" msgid "Bogus" msgstr "" #: ../lib/pki_key.cpp:424 msgctxt "pki_key|" msgid "PIN" msgstr "" #: ../lib/pki_key.cpp:434 msgctxt "pki_key|" msgid "No password" msgstr "" #: ../lib/pki_key.cpp:530 ../lib/pki_key.cpp:624 #, qt-format msgctxt "pki_key|" msgid "Unexpected SSH2 content: '%1'" msgstr "" #: ../lib/pki_key.cpp:550 ../lib/pki_key.cpp:556 msgctxt "pki_key|" msgid "Invalid SSH2 public key" msgstr "" #: ../lib/pki_key.cpp:732 #, qt-format msgctxt "pki_key|" msgid "Failed writing to %1" msgstr "" #: ../lib/pki_multi.cpp:127 msgctxt "pki_multi|" msgid "No known PEM encoded items found" msgstr "" #: ../lib/pki_pkcs12.cpp:37 #, qt-format msgctxt "pki_pkcs12|" msgid "" "Please enter the password to decrypt the PKCS#12 file:\n" "%1" msgstr "" #: ../lib/pki_pkcs12.cpp:45 #, qt-format msgctxt "pki_pkcs12|" msgid "Unable to load the PKCS#12 (pfx) file %1." msgstr "" #: ../lib/pki_pkcs12.cpp:60 #, qt-format msgctxt "pki_pkcs12|" msgid "The supplied password was wrong (%1)" msgstr "" #: ../lib/pki_pkcs12.cpp:112 msgctxt "pki_pkcs12|" msgid "Please enter the password to encrypt the PKCS#12 file" msgstr "" #: ../lib/pki_pkcs12.cpp:116 msgctxt "pki_pkcs12|" msgid "No key or no Cert and no pkcs12" msgstr "" #: ../lib/pki_pkcs7.cpp:160 #, qt-format msgctxt "pki_pkcs7|" msgid "Unable to load the PKCS#7 file %1. Tried PEM and DER format." msgstr "" #: ../lib/pki_scard.cpp:59 #, qt-format msgctxt "pki_scard|" msgid "Successfully imported the token key '%1'" msgstr "" #: ../lib/pki_scard.cpp:60 #, qt-format msgctxt "pki_scard|" msgid "Delete the token key '%1'?" msgstr "" #: ../lib/pki_scard.cpp:61 #, qt-format msgctxt "pki_scard|" msgid "Successfully created the token key '%1'" msgstr "" #: ../lib/pki_scard.cpp:63 #, qt-format msgctxt "pki_scard|" msgid "Delete the %1 keys: %2?" msgstr "" #: ../lib/pki_scard.cpp:365 #, qt-format msgctxt "pki_scard|" msgid "Delete the private key '%1' from the token '%2 (#%3)' ?" msgstr "" #: ../lib/pki_scard.cpp:438 msgctxt "pki_scard|" msgid "This Key is already on the token" msgstr "" #: ../lib/pki_scard.cpp:524 msgctxt "pki_scard|" msgid "PIN input aborted" msgstr "" #: ../lib/pki_scard.cpp:536 msgctxt "pki_scard|" msgid "Unable to find copied key on the token" msgstr "" #: ../lib/pki_scard.cpp:623 #, qt-format msgctxt "pki_scard|" msgid "Please insert card: %1 %2 [%3] with Serial: %4" msgstr "" #: ../lib/pki_scard.cpp:691 msgctxt "pki_scard|" msgid "Illegal Key generation method" msgstr "" #: ../lib/pki_scard.cpp:707 msgctxt "pki_scard|" msgid "Unable to find generated key on card" msgstr "" #: ../lib/pki_scard.cpp:745 msgctxt "pki_scard|" msgid "Ignoring unsupported token key" msgstr "" #: ../lib/pki_scard.cpp:748 #, qt-format msgctxt "pki_scard|" msgid "Wrong Size %1" msgstr "" #: ../lib/pki_scard.cpp:754 #, qt-format msgctxt "pki_scard|" msgid "Token %1" msgstr "" #: ../lib/pki_scard.cpp:763 ../lib/pki_scard.cpp:776 msgctxt "pki_scard|" msgid "Failed to find the key on the token" msgstr "" #: ../lib/pki_scard.cpp:770 msgctxt "pki_scard|" msgid "Invalid Pin for the token" msgstr "" #: ../lib/pki_scard.cpp:782 msgctxt "pki_scard|" msgid "Failed to initialize the key on the token" msgstr "" #: ../lib/pki_temp.cpp:123 #, qt-format msgctxt "pki_temp|" msgid "Successfully imported the XCA template '%1'" msgstr "" #: ../lib/pki_temp.cpp:124 #, qt-format msgctxt "pki_temp|" msgid "Delete the XCA template '%1'?" msgstr "" #: ../lib/pki_temp.cpp:125 #, qt-format msgctxt "pki_temp|" msgid "Successfully created the XCA template '%1'" msgstr "" #: ../lib/pki_temp.cpp:127 #, qt-format msgctxt "pki_temp|" msgid "Delete the %1 XCA templates: %2?" msgstr "" #: ../lib/pki_temp.cpp:327 #, qt-format msgctxt "pki_temp|" msgid "Wrong Size %1" msgstr "" #: ../lib/pki_temp.cpp:409 msgctxt "pki_temp|" msgid "Template file content error (too small)" msgstr "" #: ../lib/pki_temp.cpp:465 msgctxt "pki_temp|" msgid "Not a PEM encoded XCA Template" msgstr "" #: ../lib/pki_temp.cpp:473 #, qt-format msgctxt "pki_temp|" msgid "Not an XCA Template, but '%1'" msgstr "" #: ../lib/pki_x509.cpp:68 #, qt-format msgctxt "pki_x509|" msgid "Successfully imported the certificate '%1'" msgstr "" #: ../lib/pki_x509.cpp:69 #, qt-format msgctxt "pki_x509|" msgid "Delete the certificate '%1'?" msgstr "" #: ../lib/pki_x509.cpp:70 #, qt-format msgctxt "pki_x509|" msgid "Successfully created the certificate '%1'" msgstr "" #: ../lib/pki_x509.cpp:72 #, qt-format msgctxt "pki_x509|" msgid "Delete the %1 certificates: %2?" msgstr "" #: ../lib/pki_x509.cpp:220 #, qt-format msgctxt "pki_x509|" msgid "" "Unable to load the certificate in file %1. Tried PEM and DER certificate." msgstr "" #: ../lib/pki_x509.cpp:368 msgctxt "pki_x509|" msgid "This certificate is already on the security token" msgstr "" #: ../lib/pki_x509.cpp:431 #, qt-format msgctxt "pki_x509|" msgid "Delete the certificate '%1' from the token '%2 (#%3)'?" msgstr "" #: ../lib/pki_x509.cpp:564 msgctxt "pki_x509|" msgid "There is no key for signing !" msgstr "" #: ../lib/pki_x509.cpp:625 #, qt-format msgctxt "pki_x509|" msgid "Wrong Size %1" msgstr "" #: ../lib/pki_x509.cpp:916 msgctxt "pki_x509|" msgid "No" msgstr "" #: ../lib/pki_x509.cpp:918 msgctxt "pki_x509|" msgid "Yes" msgstr "" #: ../lib/pki_x509.cpp:948 #, qt-format msgctxt "pki_x509|" msgid "Renew certificate: %1" msgstr "" #: ../lib/pki_x509.cpp:949 #, qt-format msgctxt "pki_x509|" msgid "" "The XCA certificate '%1', issued on %2 will expire on %3.\n" "It is stored in the XCA database '%4'" msgstr "" #: ../lib/pki_x509.cpp:970 #, qt-format msgctxt "pki_x509|" msgid "CRL Renewal of CA '%1' due" msgstr "" #: ../lib/pki_x509.cpp:971 #, qt-format msgctxt "pki_x509|" msgid "" "The latest CRL issued by the CA '%1' will expire on %2.\n" "It is stored in the XCA database '%3'" msgstr "" #: ../lib/pki_x509req.cpp:104 msgctxt "pki_x509req|" msgid "Signing key not valid (public key)" msgstr "" #: ../lib/pki_x509req.cpp:146 #, qt-format msgctxt "pki_x509req|" msgid "Successfully imported the %1 certificate request '%2'" msgstr "" #: ../lib/pki_x509req.cpp:147 #, qt-format msgctxt "pki_x509req|" msgid "Delete the %1 certificate request '%2'?" msgstr "" #: ../lib/pki_x509req.cpp:148 #, qt-format msgctxt "pki_x509req|" msgid "Successfully created the %1 certificate request '%2'" msgstr "" #: ../lib/pki_x509req.cpp:150 #, qt-format msgctxt "pki_x509req|" msgid "Delete the %1 certificate requests: %2?" msgstr "" #: ../lib/pki_x509req.cpp:179 #, qt-format msgctxt "pki_x509req|" msgid "" "Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC " "format." msgstr "" #: ../lib/pki_x509req.cpp:217 #, qt-format msgctxt "pki_x509req|" msgid "Wrong Size %1" msgstr "" #: ../lib/pki_x509req.cpp:365 msgctxt "pki_x509req|" msgid "Signed" msgstr "" #: ../lib/pki_x509req.cpp:365 msgctxt "pki_x509req|" msgid "Unhandled" msgstr "" #: ../ui/v3ext.ui:26 msgctxt "v3ext|" msgid "Copy Common Name" msgstr "" #: ../ui/v3ext.ui:56 msgctxt "v3ext|" msgid "Add" msgstr "" #: ../ui/v3ext.ui:63 msgctxt "v3ext|" msgid "Delete" msgstr "" #: ../ui/v3ext.ui:89 msgctxt "v3ext|" msgid "Apply" msgstr "" #: ../ui/v3ext.ui:96 msgctxt "v3ext|" msgid "Validate" msgstr "" #: ../ui/v3ext.ui:125 msgctxt "v3ext|" msgid "Cancel" msgstr "" #: ../widgets/v3ext.cpp:72 msgctxt "v3ext|" msgid "An email address or 'copy'" msgstr "" #: ../widgets/v3ext.cpp:74 msgctxt "v3ext|" msgid "An email address" msgstr "" #: ../widgets/v3ext.cpp:76 msgctxt "v3ext|" msgid "A registered ID: OBJECT IDENTIFIER" msgstr "" #: ../widgets/v3ext.cpp:80 msgctxt "v3ext|" msgid "A uniform resource indicator" msgstr "" #: ../widgets/v3ext.cpp:85 msgctxt "v3ext|" msgid "A DNS domain name or 'copycn'" msgstr "" #: ../widgets/v3ext.cpp:87 msgctxt "v3ext|" msgid "A DNS domain name" msgstr "" #: ../widgets/v3ext.cpp:89 msgctxt "v3ext|" msgid "An IP address" msgstr "" #: ../widgets/v3ext.cpp:92 msgctxt "v3ext|" msgid "Syntax: ;TYPE:text like '1.2.3.4:UTF8:name'" msgstr "" #: ../widgets/v3ext.cpp:96 msgctxt "v3ext|" msgid "No editing. Only 'copy' allowed here" msgstr "" #: ../widgets/v3ext.cpp:165 #, qt-format msgctxt "v3ext|" msgid "" "Validation failed:\n" "'%1'\n" "%2" msgstr "" #: ../widgets/v3ext.cpp:170 #, qt-format msgctxt "v3ext|" msgid "" "Validation successful:\n" "'%1'" msgstr "" xca-RELEASE.2.2.1/lang/xca_fr.ts0000644000175000017500000046127513614632167015467 0ustar tewardteward CaProperties CA Properties Propriétés du CA Days until next CRL issuing Nombre de jours avant la génération de la prochaine liste de révocation Default template Modèle par défaut CertDetail Details of the Certificate Détails du Certificat Serial Numéro de série The serial number of the certificate Le numéro de série du certificat The internal name of the certificate in the database Le nom interne du certificat dans la base de données Status Etat Internal name Nom interne Signature Signature Key Clé Fingerprints Empreinte MD5 MD5 An md5 hashsum of the certificate La somme de hachage MD5 du certificat SHA1 SHA1 A SHA-1 hashsum of the certificate La somme de hachage SHA-1 du certificat SHA256 SHA256 A SHA-256 hashsum of the certificate La somme de hachage SHA-256 du certificat Validity Validité The time since the certificate is valid Le moment depuis lequel le certificat est valide The time until the certificate is valid Le moment auquel le certificat échoit Subject Sujet Issuer Emetteur Extensions Extensions Comment Commentaire Attributes Attributs Show config Afficher la configuration Show extensions Afficher les extensions Show public key Afficher la clé publique This key is not in the database. Cette clé ne figure pas dans la base de données Not available Non disponible Signer unknown Signataire inconnu Self signed Auto-signé Revoked at %1 Révoqué le %1 Not valid Invalide Valid Valide Details of the certificate signing request Détails de la requête de signature CertExtend Certificate renewal Renouvellement du certificat This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. Créer un nouveau certificat conforme à l'ancien, mais avec un nouveau numéro de série et les limites de validité ajustées. Validity Validité Not before Pas avant Not after Pas après Time range Intervalle de temps Local time Heure locale Days Jours Months Mois Years Années No well-defined expiration Pas de date d'expiration précise Midnight Minuit Apply Appliquer Revoke old certificate Révoquer l'ancien certificat Keep serial number Conserver le numéro de série The certificate will be earlier valid than the signer. This is probably not what you want. Le certificat serait valide avant son signataire. Ce n'est probablement pas ce qui est désiré. Edit dates Modifier les limites de validité Abort rollout Interrompre le déploiement Continue rollout Continuer le déploiement Adjust date and continue Ajuster la date et continuer The certificate will be longer valid than the signer. This is probably not what you want. Le certificat serait valide plus longtemps que son signataire. Ce n'est probablement pas ce qui est désiré. CertTreeView Import PKCS#12 Importer en PKCS#12 Import from PKCS#7 Importer en PKCS#7 Request Requête Security token Jeton de sécurité Other token Autre jeton Similar Certificate Certificat similaire Delete from Security token Détruire sur le jeton de sécurité CA CA Properties Propriétés Generate CRL Générer la liste de révocation Manage revocations Gérer les révocations Renewal Renouvellement Revoke Révoquer Unrevoke Dé-révoquer ClickLabel Double click for details Double-cliquer pour afficher les détails CrlDetail Details of the Revocation list Détails de la liste de révocation &Status &Etat Version Version Signature Signature Signed by Signée par Name Nom The internal name of the CRL in the database Le nom interne de la liste de révocation dans la base de données issuing dates dates d'émission Next update Prochaine mise-à-jour Last update Dernière mise-à-jour &Issuer &Emetteur &Extensions &Extensions &Revocation list Liste de &révocation Comment Commentaire Failed Echoué Unknown signer Signataire inconnu Verification not possible Vérification impossible ExportDialog Name Nom The internal name of the CRL in the database Le nom interne de la liste de révocation dans la base de données ... ... Filename Nom du fichier Export comment into PEM file Exporter le commentaire dans le fichier PEM Export Format Format d'exportation All files ( * ) Tous les fichiers ( * ) PEM Text format with headers Format textuel PEM avec des en-têtes Concatenated list of all selected items in one PEM text file Concaténation de tous les éléments sélectionnés dans un seul fichier texte en format PEM Concatenated text format of the complete certificate chain in one PEM file Fichier PEM contenant la concaténation de tous les certificats de la chaîne Concatenated text format of all certificates in one PEM file Fichier PEM contenant la concaténation de tous les certificats Binary DER encoded file Fichier binaire en format DER PKCS#7 encoded single certificate Un seul certificat en format PKCS#7 PKCS#7 encoded complete certificate chain La chaîne complète de certificats en format PKCS#7 dans un seul fichier Concatenated text format of all unrevoked certificates in one PEM file Fichier PEM contenant la concaténation de tous les certificats non-révoqués All unrevoked certificates encoded in one PKCS#7 file Tous les certificats non-révoqués dans un seul fichier en format PKCS#7 All selected certificates encoded in one PKCS#7 file Tous les certificats sélectionnés dans un seul fichier en format PKCS#7 All certificates encoded in one PKCS#7 file Tous les certificats dans un seul fichier en format PKCS#7 The certificate and the private key as encrypted PKCS#12 file Le certificat et sa clé privée dans un fichier en format PKCS#12 The complete certificate chain and the private key as encrypted PKCS#12 file La chaîne complète des certificats et la clé privée en un seul fichier chiffré en format PKCS#12 Concatenation of the certificate and the unencrypted private key in one PEM file La concaténation du certificat et de sa clé privée non-chiffrée dans un seul fichier PEM Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file La concaténation du certificat et de sa clé privée chiffrée en format PKCS#8 dans un seul fichier Text format of the public key in one PEM file Formattage textuel de la clé publique dans un fichier PEM Binary DER format of the public key Format binaire DER de la clé publique Unencrypted private key in text format Clé privée non-chiffrée en format texte OpenSSL specific encrypted private key in text format Clé privée chiffrée spécifiquement par OpenSSL en format texte Unencrypted private key in binary DER format Clé privée non-chiffrée en format binaire DER Unencrypted private key in PKCS#8 text format Clé privée non-chiffrée en format texte PKCS#8 Encrypted private key in PKCS#8 text format Clé privée chiffrée en format texte PKCS#8 The public key encoded in SSH2 format La clé publique en format SSH2 OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool Fichier d'index des certificats spécifique à OpenSSL, tel que créé par la commande 'ca' et nécessaire à l'outil OCSP vCalendar expiry reminder for the selected items message vCalendar de rappel d'expiration des éléments sélectionnés vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL message vCalendar de rappel d'expiration contenant tous les certificats valides émis, le CA lui-même et la liste de révocation la plus récente The file: '%1' already exists! Le fichier '%1' existe déjà! Overwrite Ecraser Do not overwrite Ne pas écraser Help << << >> << &Done &OK ImportMulti Import PKI Items Importer des objets PKI Import &All Importer &tout &Import &Importer &Done &OK &Remove from list &Retirer de la liste Details Détails Delete from token Enlever du jeton Rename on token Renommer dans le jeton Name: %1 Model: %2 Serial: %3 Nom: %1 Modèle: %2 Numéro de série: %3 Manage security token Gérer les jetons de sécurité Details of the item '%1' cannot be shown Les détails de l'objet '%1' ne peuvent pas être affichés The type of the item '%1' is not recognized Le type de l'objet '%1' n'est pas reconnu The file '%1' did not contain PKI data Le fichier '%1' ne contient pas de données PKI The %1 files: '%2' did not contain PKI data Les %1 fichiers: '%2' ne contiennent pas de données PKI ItemProperties Name Nom Source Source Insertion date Date d'insertion Comment Commentaire KeyDetail Name Nom The internal name of the key used by xca Le nom interne de la clé utilisé par xca Security token Jeton de sécurité Manufacturer Fabricant Serial Numéro de série Key Clé Public Exponent Exposant public Keysize Taille de la clé Private Exponent Exposant privé Security Token Jeton de sécurité Label Etiquette PKCS#11 ID ID PKCS#11 Token information Information du jeton Model Modèle Fingerprint Empreinte Comment Commentaire Details of the %1 key Détails de la clé %1 Not available Non disponible Available Disponible Sub prime Sous-premier Public key Clé publique Private key Clé privée Curve name Nom de la courbe Unknown key Clé inconnue KeyTreeView Change password Changer le mot de passe Reset password Effacer le mot de passe Change PIN Changer le NIP Init PIN with SO PIN (PUK) Initialiser le NIP avec le PUK Change SO PIN (PUK) Changer le PUK Security token Jeton de sécurité This is not a token Ce n'est pas un jeton Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable La clé originale '%1' doit-elle être remplacée par la clé en provenance du jeton ? Cela détruirait la clé '%1' et la rendrait non-exportable. MainWindow Private Keys Clés privées &New Key &Nouvelle clé &Export &Exporter &Import &Importer Import PFX (PKCS#12) Importer en PFX (PKCS#12) &Show Details &Afficher les Détails &Delete &Détruire Certificate signing requests Requêtes de signature de certificat &New Request &Nouvelle requête Certificates Certificats &New Certificate &Nouveau Certificat Import &PKCS#12 Importer en &PKCS#12 Import P&KCS#7 Importer en P&KCS#7 Plain View Vue à plat Templates Modèles &New Template &Nouveau modèle &New CRL &Nouvelle liste de révocation Ch&ange Template &Modifier le Modèle Revocation lists Listes de révocation Using or exporting private keys will not be possible without providing the correct password Il sera impossible d'utiliser ou d'exporter des clés privées sans fournir le mot de passe correct. Database Base de données The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. L'algorithme de hachage '%1' sélectionné n'est pas sûr. SVP choisissez au moins 'SHA 224' pour raisons de sécurité. Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Format historique de base de données détecté. Une copie de sauvegarde appelée '%1' est créée et la base de données est convertie au nouveau format Failed to rename the database file, because the target already exists Le changement de nom du fichier de base de données a échoué parce qu'un autre fichier du même nom existe déjà No deleted items found Aucun objet détruit n'a été trouvé Recent DataBases Bases de données utilisées recemment System Système Croatian Croate English Anglais French Français German Allemand Russian Russe Slovak Slovaque Spanish Espagnol Polish Polonais Italian Italien Chinese Chinois Dutch Néerlandais Portuguese in Brazil Portugais du Brésil Turkish Turc Language Langue &File &Fichier Open Remote DataBase Ouvrir une base de données externe Set as default DataBase Définir comme base de données par défaut New DataBase Nouvelle base de données Open DataBase Ouvrir une base de données Close DataBase Fermer la base de données Options Options Exit Quitter I&mport I&mporter Keys Clés Requests Requêtes PKCS#12 PKCS#12 PKCS#7 PKCS#7 Template Modèle Revocation list Liste de révocation PEM file Fichier PEM Paste PEM file Coller un fichier PEM Token Jeton Export Certificate &Index hierarchy Exporter la hiérarchie de l'index des certificats Content Contenu &Manage Security token &Gérer le jeton de sécurité &Init Security token &Initialiser le jeton de sécurité &Change PIN &Changer le NIP Change &SO PIN Changer le P&UK Init PIN Initialiser le NIP Extra Extra &Dump DataBase C&licher la base de données &Export Certificate Index Exporter l'index des certificats C&hange DataBase password C&hanger le mot de passe de la base de données &Undelete items &Récupérer des objets détruits Generate DH parameter Générer le paramètre DH OID Resolver Convertisseur d'OID &Help &Aide About A propos no such option: %1 '%1' n'est pas une option Import PEM data Importer les données PEM Please enter the original SO PIN (PUK) of the token '%1' SVP saisir le PUK original du jeton '%1' Search Rechercher Please enter the new SO PIN (PUK) for the token '%1' SVP saisir le nouveau NIP SO (PUK) pour le jeton: '%1' The new label of the token '%1' La nouvelle étiquette du jeton '%1' The token '%1' did not contain any keys or certificates Le jeton '%1' ne contient aucune clé ni aucun certificat Current Password Mot de passe actuel Please enter the current database password SVP saisir le mot de passe de la base de données The entered password is wrong Le mot de passe renseigné est inexact New Password Nouveau mot de passe Please enter the new password to encrypt your private keys in the database-file SVP saisir le nouveau mot de passe pour chiffrer les clés privées dans le fichier de base de données Transaction start failed Le démarrage de la transaction a échoué Please enter a password, that will be used to encrypt your private keys in the database: %1 Veuillez saisir un mot de passe, qui sera utilisé pour chiffrer vos clés privées dans la base de données: %1 Password verify error, please try again La vérification du mot de passe a échoué. SVP essayez encore Password Mot de passe Please enter the password for unlocking the database: %1 Veuillez entrer le mot passe pour déverrouiller la base de données: %1 The following error occurred: L'erreur suivante s'est produite: Copy to Clipboard Copier dans le presse-papier Certificate Index ( index.txt ) Index des certificats ( index.txt ) All files ( * ) Tous les fichiers ( * ) Diffie-Hellman parameters saved as: %1 Les paramètres Diffie-Hellman on été sauvegardés dans: %1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits Les paramètres de Diffie-Hellman sont nécessaires à certaines applications mais ne sont pas gérés par XCA. Saisir le nombre de bits du paramètre de Diffie-Hellman SVP NewCrl Last update Dernière mise-à-jour Next update Prochaine mise-à-jour Days Jours Months Mois Years Années Midnight Minuit Local time Heure locale Apply Appliquer Options Options CRL number Numéro de la liste de révocation Subject alternative name Nom alternatif du sujet Revocation reasons Raisons de la révocation Authority key identifier Identifiant de clé de l'autorité Hash algorithm Algorithme de hachage NewKey Please give a name to the new key and select the desired keysize SVP donner un nom à la nouvelle clé et sélectionner la taille de clé désirée Key properties Propriétés de la clé Name Nom The internal name of the new key Le nom interne de la nouvelle clé Curve name Nom de la courbe Usually at least 2048 bit keys are recommended Généralement une clé de 2048 bits est recommandée New Key Nouvelle Clé Keysize Taille de la clé Keytype Type de clé Remember as default Enregistrer comme valeur par défaut Create Créer NewX509 Source Source Signing request Requête de signature Show request Afficher la requête Sign this Certificate signing &request Signer cette &requête Copy extensions from the request Copier les extensions de la requête Modify subject of the request Modifier le sujet de la requête Signing Signer Create a &self signed certificate Créer un certificat auto-&signé Use &this Certificate for signing Utiliser &ce certificat pour signer All certificates in your database that can create valid signatures Tous les certificats dans la base de données qui peuvent produire des signatures valables Signature algorithm Algorithme de signature Template for the new certificate Modèle pour le nouveau certificat All available templates Tous les modèles disponibles Apply extensions Appliquer les extensions Apply subject Appliquer le sujet Apply all Appliquer tout Subject Sujet Internal Name Nom interne Distinguished name Nom distinctif Add Ajouter Delete Enlever Private key Clé privée This list only contains unused keys Cette liste ne contient que les clés inutilisées Used keys too Inclure les clés utilisées &Generate a new key &Générer une nouvelle clé Extensions Extensions Type Type If this will become a CA certificate or not Si un certificat d'autorité (CA) est en train d'être créé ou non Not defined Non défini Certification Authority Autorité de Certification End Entity Entité Finale Path length Distance aux entités finales How much CAs may be below this. Combien de niveau de sous-CA peuvent apparaître jusqu'à une entité finale. The basic constraints should always be critical Les contraintes basiques doivent toujours être critiques Key identifier Identifiant de clé Creates a hash of the key following the PKIX guidelines Crée un hachage de la clé conformément aux directives PKIX Copy the Subject Key Identifier from the issuer Copie l'identifiant de clé du sujet du signataire Validity Validité Not before Pas avant Not after Pas après Time range Intervalle de temps Days Jours Months Mois Years Années Apply Appliquer Set the time to 00:00:00 and 23:59:59 respectively Définir les heures à 00:00:00 et 23:59:59 respectivement Midnight Minuit Local time Heure locale No well-defined expiration Pas de date d'expiration précise DNS: IP: URI: email: RID: DNS: IP: URI: email: RID: Edit Modifier URI: URI: Key usage Utilisation de la clé Netscape Netscape Advanced Avancé Validate Valider Comment Commentaire This name is only used internally and does not appear in the resulting certificate Ce nom est seulement utilisé par xca et n'apparaît pas dans le certificat exporté Critical Critique Create Certificate signing request Créer une requête de signature de certificat minimum size: %1 taille minimale: %1 maximum size: %1 taille maximale: %1 only a-z A-Z 0-9 '()+,-./:=? seulement a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters seulement des caractères 7-bit ASCII imprimables Edit XCA template Editer un modèle XCA Create x509 Certificate Créer un certificat x509 Template '%1' applied Le modèle '%1' a été appliqué Subject applied from template '%1' Sujet extrait du modèle '%1' Extensions applied from template '%1' Les extensions du modéle '%1' ont été appliquées New key '%1' created La nouvelle clé '%1' a été créée Other Tabs Autres Onglets Advanced Tab Onglet Avancé Errors Erreurs From PKCS#10 request A partir d'une requête en PKCS#10 Abort rollout Interrompre le déploiement The following length restrictions of RFC3280 are violated: Pour être en conformité avec la RFC3280, les règles de restriction de longueur suivantes ne sont pas respectées: Edit subject Modifier le sujet Continue rollout Continuer le déploiement The verification of the Certificate request failed. The rollout should be aborted. La vérification de la requête de signature à échoué. Le déploiement devrait être interrompu. Continue anyway Continuer quand-même The internal name and the common name are empty. Please set at least the internal name. Le nom interne et le nom commun sont vides. SVP saisir au moins le nom interne. Edit name Modifier le nom There is no Key selected for signing. Aucune clé n'est sélectionnée pour la signature. Select key Sélectionner la clé The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. Les indications de nom distinctif suivantes sont vides: %1 bien que vous les avez déclarées comme obligatoires dans le menu des options. The key you selected for signing is not a private one. La clé sélectionnée pour la signature n'est pas une clé privée. Select other signer Sélectionner un autre signataire Select other key Sélectionner une autre clé The certificate will be earlier valid than the signer. This is probably not what you want. Le certificat serait valide avant son signataire. Ce n'est probablement pas ce qui est désiré. Edit dates Modifier les limites de validité Adjust date and continue Ajuster la date et continuer The certificate will be longer valid than the signer. This is probably not what you want. Le certificat serait valide plus longtemps que son signataire. Ce n'est probablement pas ce qui est désiré. The certificate will be out of date before it becomes valid. You most probably mixed up both dates. Le certificat serait échu avant de devenir actif. Vous avez probablement interverti les deux dates. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. Le certificat contient des extensions dupliquées ou invalides. Vérifier la validité sur l'onglet "Avancé". The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. Le certificat ne contient aucune extension. Vous pouvez appliquer des extensions à partir de l'un des modèles pour définir l'usage du certificat Edit extensions Modifier les extensions The subject alternative name shall contain a copy of the common name. However, the common name is empty. Le nom alternatif du sujet devrait contenir une copie du nom commun. Cependant ce dernier est vide. Configfile error on line %1 Erreur dans le fichier de configuration à la ligne %1 OidResolver OID Resolver Convertisseur d'OID Enter the OID, the Nid, or one of the textual representations Saisir l'OID, le Nid ou une des représentations symboliques Search Rechercher OID OID Long name Nom complet OpenSSL internal ID Identification interne à OpenSSL Nid Nid Short name Nom abrégé OpenDb Open remote database Ouvrir une base de données externe Database type Type de base de données Hostname Nom du serveur Username Nom de l'utilisateur Password Mot de passe Database name Nom de la base de données Table prefix Préfixe du nom des tables No SqLite3 driver available. Please install the qt-sqlite package of your distribution Le pilote SqLite3 n'est pas disponible. SVP installez le paquetage qt-sqlite de votre distribution Please enter the password to access the database server %2 as user '%1'. SVP saisir le mot de passe de l'utilisateur '%1' sur le serveur de base de données %2. The database driver does not support transactions. This may happen if the client and server have different versions. Continue with care. Le pilote de base de données ne supporte pas les transactions. Ceci peut se produire si le client et le serveur n'ont pas les mêmes versions. Continuez avec prudence Options XCA Options Options de XCA Settings Réglages Default hash algorithm Algorithme de hachage par défaut String types Types de chaînes Suppress success messages Supprimer les messages en cas de succès Don't colorize expired certificates Ne pas coloriser les certificats expirés Translate established x509 terms (%1 -> %2) Traduire les termes standards définis par x509 (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. La fonctionalité de hachage du jeton n'est pas utilisée par XCA. Ce dernier peut néanmoins se limiter à un jeu restreint de fonctions de hachage reconnus par le jeton. En particulier, EC et DSA ne sont définis qu'avec SHA1 dans la spécification PKCS#11. Only use hashes supported by the token when signing with a token key N'utiliser que des fonction de hachage supportées par le jeton lors d'une signature avec une clé du jeton Disable legacy Netscape extensions Désactiver les extensions Netscape désuètes Certificate expiry warning threshold Seuil d'avertissement de l'expiration d'un certificat Send vCalendar expiry reminder Envoyer un message vCalendar de rappel d'expiration Serial number length Longueur du numéro de série bit bits Distinguished name Nom distinctif Mandatory subject entries Inscriptions du sujet obligatoires Add Ajouter Delete Enlever Explicit subject entries Inscriptions explicites du sujet Dynamically arrange explicit subject entries Arranger dynamiquement les éléments explicites du sujet Default Défaut PKCS#11 provider Fournisseur PKCS#11 Remove Enlever Search Rechercher Printable string or UTF8 (default) Chaîne imprimable ou UTF8 (défaut) PKIX recommendation in RFC2459 La recommandation PKIX est dans la RFC2459 No BMP strings, only printable and T61 Pas de chaîne BMP, seulement imprimable et T61 UTF8 strings only (RFC2459) Chaînes UTF8 uniquement (RFC2459) All strings Toutes les chaînes Days Jours Weeks Semaines PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) Le mot de passe doit être exprimé sous forme d'une suite de chiffres hexadécimaux. Il doit contenir un nombre pair de chiffres (0-9 et a-f) Take as HEX string Exprimé en hexadécimal Repeat %1 Répéter %1 %1 mismatch %1 ne correspond pas Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters Un mot de passe hexadécimal peut seulement contenir les caractères '0' à '9' et 'a' à 'f' et il doit consister en un nombre pair de caractères E&xit &Quitter QObject Undefined Indéfini Broken / Invalid Invalide in %1 seconds dans %1 secondes %1 seconds ago il y a %1 secondes in %1 minutes dans %1 minutes %1 minutes ago il y a %1 minutes Yesterday Hier Tomorrow Demain in %1 hours dans %1 heures %1 hours ago il y a %1 heures DB: Rename: '%1' already in use DB: Renommer: '%1' déjà en utilisation DB: Entry to rename not found: %1 DB: l'inscription à renommer n'a pas été trouvée: '%1' DB: Write error %1 - %2 DB: Erreur d'écriture %1 - %2 Out of data A court de données Error finding endmarker of string Erreur: une marque de fin de chaîne n'a pas été trouvée Out of Memory at %1:%2 A court de mémoire à %1:%2 All files ( * ) Tous les fichiers ( * ) Import RSA key Importer une clé RSA PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; SSH Public Keys ( *.pub );; Clés PKI ( *.pem *.der *.key );;Clés PKCS#8 ( *.p8 *.pk8 );;Clés publiques SSH ( *.pub );; PKCS#10 CSR ( *.pem *.der *.csr );; PKCS#10 CSR ( *.pem *.der *.csr );; Import Request Importer une requête Certificates ( *.pem *.der *.crt *.cer );; Certificats ( *.pem *.der *.crt *.cer );; Import X.509 Certificate Importer un certificat X.509 PKCS#7 data ( *.p7s *.p7m *.p7b );; Données PKCS#7 ( *.p7s *.p7m *.p7b );; Import PKCS#7 Certificates Importer un certificat PKCS#7 PKCS#12 Certificates ( *.p12 *.pfx );; Certificats PKCS#12 ( *.p12 *.pfx );; Import PKCS#12 Private Certificate Importer un certificat privé PKCS#12 XCA templates ( *.xca );; Modèles XCA ( *.xca );; Import XCA Templates Importer des modèles XCA Revocation lists ( *.pem *.der *.crl );; Listes de révocation ( *.pem *.der *.crl );; Import Certificate Revocation List Importer une liste de révocation de certificats XCA Databases ( *.xdb );; Bases de données XCA ( *.xdb );; Open XCA Database Ouvrir une Base de Données XCA PKCS#11 library ( *.dll );; Bibliothèque PKCS#11 ( *.dll );; PKCS#11 library ( *.dylib *.so );; Bibliothèque PKCS#11 ( *.dylib *.so );; PKCS#11 library ( *.so );; Bibliothèque PKCS#11 ( *.so );; Open PKCS#11 shared library Ouvrir une bibliothèque partagée PKCS#11 PEM files ( *.pem );; Fichiers PEM ( *.pem );; Load PEM encoded file Charger un fichier en format PEM Please enter the PIN on the PinPad Saisir le NIP sur le pavé prévu à cet effet SVP Please enter the SO PIN (PUK) of the token %1 SVP saisir le PUK du jeton '%1' Please enter the PIN of the token %1 SVP saisir le NIP du jeton '%1' No Security token found Aucun jeton de sécurité trouvé Select Sélectionner Please enter the new SO PIN (PUK) for the token: '%1' SVP saisir le nouveau PUK pour le jeton: '%1' Please enter the new PIN for the token: '%1' SVP saisir le nouveau NIP pour le jeton: '%1' Required PIN size: %1 - %2 Taille du NIP requise: %1 - %2 Failed to open PKCS11 library: %1: %2 L'ouverture de la bibliothèque PKCS#11 '%1' a échoué: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Cela n'a pas l'air d'une bibliothèque PKCS#11. Le symbole 'C_GetFunctionList' n'a pas été trouvé. Disabled Désactivé Library loading failed Le chargement de la bibliothèque a échoué PKCS#11 function '%1' failed: %2 La fonction PKCS#11 '%1' a échoué: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 La fonction PKCS#11 '%1' a échoué: %2 Dans la bibliothèque %3 %4 Invalid Invalide %1 is shorter than %2 bytes: '%3' %1 est plus court que %2 octets: '%3' %1 is longer than %2 bytes: '%3' %1 est plus long que %2 octets: '%3' String '%1' for '%2' contains invalid characters La chaîne '%1' pour '%2' contient des caractères invalides Error reading config file %1 at line %2 Erreur de lecture du ficher de configuration %1 à la ligne %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. L'objet '%1' du fichier %2, ligne %3 est déjà connu comme '%4:%5:%6' et devrait être détruit. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. L'identificateur '%1' de l'OID %2 du ficher %3, ligne %4 est déjà utilisé pour un OID différent connu comme '%5:%6:%7' et devrait être changé pour éviter les conflits. Unknown object '%1' in file %2 line %3 Objet inconnu '%1' dans le ficher %2, ligne %3 Failed to start a database transaction Impossible de démarrer la transaction BDD ReqTreeView Sign Signer Unmark signed Marquer comme non-signée Mark signed Marquer comme signée Similar Request Requête similaire RevocationList Manage revocations Gérer les révocations Add Ajouter Delete Enlever Edit Modifier No. No. Serial Numéro de série Revocation Révocation Reason Raison Invalidation Invalidation Generate CRL Générer la liste de révocation Revoke Certificate revocation Révocation du certificat Revocation details Détails de la révocation Revocation reason Raison de la révocation Local time Heure locale Invalid since Non-valide depuis Serial Numéro de série SearchPkcs11 Directory Dossier ... ... Include subdirectories include les sous-dossiers Search Rechercher The following files are possible PKCS#11 libraries Les fichiers suivants sont susceptibles d'être des bibliothèques PKCS#11 SelectToken Security token Jeton de sécurité Please select the security token SVP sélectionner le jeton de sécurité TempTreeView Duplicate Dupliquer Create certificate Créer un certificat Create request Créer une requête copy copier Validity yyyy-MM-dd hh:mm yyyy-MM-dd hh:mm X509SuperTreeView OpenSSL config Configuration OpenSSL Transform Transformer Template Modèle Public key Clé publique XcaTreeView Subject entries Inscriptions du sujet X509v3 Extensions Extensions X509v3 Netscape extensions Extensions Netscape Reset Réinitialisation Hide Column Cacher la colonne Details Détails Columns Colonnes New Créer Import Importer Paste PEM data Coller les données en format PEM Rename Renommer Properties Propriétés Delete Enlever Export Exporter Clipboard Presse-papier File Fichier db_base Internal name Nom interne No. No. Primary key Clé primaire Database unique number Numéro unique de la base de données Date Date Date of creation or insertion Date de création ou d'importation Source Source Generated, Imported, Transformed Généré, Importé, Transformé Comment Commentaire First line of the comment field Première ligne du champ de commentaire Could not create directory %1 Impossible de créer le répertoire %1 Item properties Propriétés de l'élement How to export the %1 selected items Comment exporter les %1 éléments sélectionnés All in one PEM file Tout dans un seul fichier PEM Each item in one file Chaque élément dans un fichier Save %1 items in one file as Sauvegarder %1 éléments dans un seul fichier comme PEM files ( *.pem );; All files ( * ) Fichiers PEM ( *.pem );; Tous les fichiers ( * ) db_crl Signer Signataire Internal name of the signer Nom interne du signataire No. revoked Numéro révoqué Number of revoked certificates Nombre de certificats révoqués Last update Dernière mise-à-jour Next update Prochaine mise-à-jour CRL number Numéro de la liste de révocation The revocation list already exists in the database as: '%1' and so it was not imported Cette liste de révocation figure déjà dans la base de données sous le nom: '%1' En conséquence, elle n'a pas été importée Revocation list export Exportation d'une liste de révocation CRL ( *.pem *.der *.crl ) Listes de révocation ( *.pem *.der *.crl ) There are no CA certificates for CRL generation Il n'y a pas de certificat CA pour la génération de la CRL Select CA certificate Sélectionner un certificat d'autorité Create CRL Créer une liste de révocation Failed to initiate DB transaction Impossible de démarrer la transaction BDD Database error: %1 Erreur de la base de données: %1 db_key Type Type Size Taille EC Group Groupe EC Use Usage Password Mot de passe The key is already in the database as: '%1' and is not going to be imported Cette clé figure déjà dans la base de données sous le nom: '%1' En conséquence, elle ne va pas être importée The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key La base de données connait déjà la partie publique de la clé importée sous le nom '%1' En conséquence, cette dernière sera complétée par la partie privée de la clé importée Extending public key from %1 by imported key '%2' Extension de la clé publique de %1 par la clé importée '%2' Key size too small ! Taille de clé trop petite ! You are sure to create a key of the size: %1 ? Etes-vous sûr de vouloir créer une clé de taille %1 ? PEM public clé publique PEM SSH2 public Clé publique SSH2 PEM private Clé privée PEM Export keys to Clipboard Exporter les clés vers le presse-papier Clipboard Presse-papier Export public key [%1] Exporter la clé publique [%1] DER public Clé publique DER DER private Clé privée DER PEM encryped Chiffrée en PEM PKCS#8 encrypted Chiffrée en PKCS#8 Export private key [%1] Exporter la clé privée [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Clés privées ( *.pem *.der *.pk8 );; Clé publiques SSH ( *.pub ) Tried to change password of a token Tentative de changement de mot de passe d'un jeton de sécurité db_temp Bad template: %1 Mauvais modèle: %1 Empty template Modèle vide Preset Template values Initaliser les valeurs du modèle Save template as Enregistrer le modèle sous XCA templates ( *.xca );; All files ( * ) Modèles XCA ( *.xca);; Tous les fichiers ( * ) db_x509 CA CA reflects the basic Constraints extension reflète l'extension des contraintes basiques Serial Numéro de série Start date Date de début Expiry date Date d'expiration MD5 fingerprint Empreinte MD5 SHA1 fingerprint Empreinte SHA1 SHA256 fingerprint Empreinte SHA256 Not before Pas avant Not after Pas après Revocation Révocation CRL Expiration Expiration de la CRL Plain View Vue à plat Tree View Vue arborescente Failed to retrieve unique random serial L'extraction d'un numéro de série aléatoire a échoué The certificate already exists in the database as: '%1' and so it was not imported Ce certificat figure déjà dans la base de données sous le nom: '%1' En conséquence, il n'a pas été importé Signed on %1 by '%2' Signé le %1 par '%2' Unknown Inconnu Invalid public key Clé publique invalide PKCS#7 unrevoked PKCS#7 non-révoqué PEM unrevoked PEM non-révoqué vCalendar message vCalendar CA vCalendar message vCalendar pour le CA days jours No template Pas de modèle The key you selected for signing is not a private one. La clé sélectionnée pour la signature n'est pas une clé privée. Store the certificate to the key on the token '%1 (#%2)' ? Enregistrer le certificate avec la clé sur le jeton '%1 (#%2)' ? PEM chain Chaîne en PEM PKCS#7 chain Chaîne PKCS#7 PKCS#12 chain Chaîne PKCS#12 PKCS#7 all Tous les certificats en PKCS#7 PEM + key PEM + clé PEM all Tous les certificats en PEM Certificate Index file Ficher d'index des certificats Certificate export Exportation de certificat X509 Certificates ( *.pem *.cer *.crt *.p12 *.p7b ) Certificats X509 ( *.pem *.cer *.crt *.p12 *.p7b) There was no key found for the Certificate: '%1' Aucune clé n'a été trouvée pour le Certificat. '%1' Not possible for a token key: '%1' Impossible pour une clé d'un jeton de sécurité: '%1' Not possible for the token-key Certificate '%1' Impossible pour le certificat d'une clé d'un jeton de sécurité: '%1' db_x509name Subject Sujet Complete distinguished name Nom distinctif complet Subject hash Hachage du sujet Hash to lookup certs in directories Hachage de recherche dans un dossier db_x509req Signed Signée whether the request is already signed or not si la requête a déjà été signée ou non Unstructured name Nom non-structuré Challenge password Mot de passe challenge Certificate count Nombre de certificats Number of certificates in the database with the same public key Nombre de certificats dans la base de données avec la même clé The certificate signing request already exists in the database as '%1' and thus was not stored Cette requête de signature figure déjà dans la base de données sous le nom '%1' En conséquence, elle n'a pas été chargée Certificate request export Exporter la requête de signature Certificate request ( *.pem *.der *.csr ) Requête de signature de certificat ( *.pem *.der *.csr ) db_x509super Key name Nom de la clé Internal name of the key Nom interne de la clé Signature algorithm Algorithme de signature Extracted from %1 '%2' Extrait de %1 '%2' Certificate Certificat Certificate request Requête de certificat Save as OpenSSL config Enregistrer en format de configuration OpenSSL Config files ( *.conf *.cnf);; All files ( * ) Fichiers de configuration (*.conf *.cnf);; Tous les fichiers ( * ) The following extensions were not ported into the template Les extensions suivantes n'ont pas été enregistrées dans le modèle Transformed from %1 '%2' Transformé à partir de %1 '%2' kvView Type Type Content Contenu pass_info Password Mot de passe PIN NIP pki_base Error opening file: '%1': %2 Erreur lors de l'ouverture du fichier: '%1': %2 Unknown Inconnu Imported Importé Generated Généré Transformed Transformé Token Jeton Legacy Database Base de données antérieure Renewed Renouvelé Internal error: Unexpected message: %1 %2 Erreur interne: message inattendu: %1 %2 pki_crl Successfully imported the revocation list '%1' La liste de révocation '%1' a été importée avec succès Delete the revocation list '%1'? Détruire la liste de révocation '%1' ? Successfully created the revocation list '%1' La liste de révocation '%1' a été créée avec succès Delete the %1 revocation lists: %2? Détruire les %1 listes de révocation: %2 ? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. Impossible de charger le liste de révocation du fichier %1. Les formats PEM et DER ont été essayés. No issuer given Aucun signataire spécifié Wrong Size %1 Taille fausse %1 Renew CRL: %1 Renouvellement de CRL: %1 The XCA CRL '%1', issued by the CA '%2' on %3 will expire on %4. It is stored in the XCA database '%5' La liste de révocation XCA '%1' émise par le CA '%2' le %3 expirera le %4. Elle est stockée dans la base de données XCA '%5' pki_evp Failed to decrypt the key (bad password) %1 Le déchiffrage de la clé a échoué (mauvais mot de passe) %1 Please enter the password to decrypt the private key. SVP saisir le mot de passe pour déchiffrer la clé privée The key from file '%1' is incomplete or inconsistent. La clé dans le fichier '%1' est incomplète ou incorrecte. Please enter the password to decrypt the private key from file: %1 SVP saisir le mot de passe pour déchiffrer la clé privée du fichier: %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. Impossible de charger la clé privée du fichier %1. Les formats PEM et DER ainsi que les types de clés privé, public, PKCS#8 et le format SSH2 ont été essayés. Ignoring unsupported private key Clé privée non-supportée: ignorée Please enter the password to decrypt the private key: '%1' SVP saisir le mot de passe pour déchiffrer la clé privée: '%1' Password input aborted Saisie du mot de passe abandonnée Please enter the database password for decrypting the key '%1' SVP saisir le mot de passe de la base de données pour déchiffrer la clé '%1' Please enter the password to protect the private key: '%1' SVP saisir le mot de passe pour protéger la clé privée: '%1' Please enter the database password for encrypting the key SVP saisir le mot de passe de la base de données pour chiffrer la clé Please enter the password protecting the PKCS#8 key '%1' SVP saisir le mot de passe protégeant la clé en PKCS#8 '%1' Please enter the export password for the private key '%1' SVP saisir le mot de passe d'exportation pour la clé privée '%1' pki_key Successfully imported the %1 public key '%2' La clé publique %1 '%2' a été importée avec succès Delete the %1 public key '%2'? Détruire la clé publique %1 '%2' ? Successfully imported the %1 private key '%2' La clé privée %1 '%2' a été importée avec succès Delete the %1 private key '%2'? Détruire la clé privée %1 '%2' ? Successfully created the %1 private key '%2' La clé privée %1 '%2' a été créée avec succès Delete the %1 keys: %2? Détruire les %1 clés: %2? Public key Clé publique Common Global Private Privé Bogus Erroné PIN NIP No password Pas de mot de passe Unexpected SSH2 content: '%1' Contenu SSH2 inattendu: '%1' Invalid SSH2 public key Clé publique SSH2 invalide Failed writing to %1 Echec d'écriture sur %1 pki_multi No known PEM encoded items found Aucun objet PEM connu n'a été trouvé pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 SVP saisir le mot de passe pour déchiffrer le fichier en PKCS#12: %1 Unable to load the PKCS#12 (pfx) file %1. Impossible de charger le fichier en PKCS#12 (pfx) %1. The supplied password was wrong (%1) Le mot de passe renseigné était faux (%1) Please enter the password to encrypt the PKCS#12 file SVP saisir le mot de passe pour chiffrer le fichier en PKCS#12 No key or no Cert and no pkcs12 Pas de clé ou pas de certificat et pas en PKCS#12 pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. Impossible de charger le fichier en PKCS#7 %1. Les formats PEM et DER ont été essayés. pki_scard Successfully imported the token key '%1' La clé du jeton '%1' a été importée avec succès Delete the token key '%1'? Détruire la clé du jeton '%1' ? Successfully created the token key '%1' La clé du jeton '%1' a été créée avec succès Delete the %1 keys: %2? Détruire les %1 clés: %2? Delete the private key '%1' from the token '%2 (#%3)' ? Détruire la clé privée '%1' sur le jeton '%2 (#%3)' ? This Key is already on the token Cette clé est déjà sur le jeton PIN input aborted Saisie du NIP abandonnée Unable to find copied key on the token Impossible de trouver la clé copiée sur le jeton Please insert card: %1 %2 [%3] with Serial: %4 SVP insérer la carte %1 %2 [%3] avec le numéro de série: %4 Illegal Key generation method Méthode de génération de clé illégale Unable to find generated key on card Impossible de trouver la clé générée sur la carte Ignoring unsupported token key La clé non-supportée sur le jeton est ignorée Wrong Size %1 Taille fausse %1 Token %1 Jeton %1 Failed to find the key on the token Impossible de trouver la clé sur le jeton Invalid Pin for the token NIP invalide pour le jeton Failed to initialize the key on the token Impossible d'initialiser la clé sur le jeton pki_temp Successfully imported the XCA template '%1' Le modèle XCA '%1' a été importé avec succès Delete the XCA template '%1'? Détruire le modèle XCA '%1' ? Successfully created the XCA template '%1' Le modèle XCA '%1' a été créé avec succès Delete the %1 XCA templates: %2? Détruire les %1 modèles XCA: %2 ? Wrong Size %1 Taille fausse %1 Template file content error (too small) Erreur de contenu du fichier de modèle (trop petit) Not a PEM encoded XCA Template Ce n'est pas un modèle XCA en format PEM Not an XCA Template, but '%1' Ce n'est pas un modèle XCA, mais '%1' pki_x509 Successfully imported the certificate '%1' Le certificat '%1' a été importé avec succès Delete the certificate '%1'? Détruire le certificat '%1' ? Successfully created the certificate '%1' Le certificat '%1' a été créé avec succès Delete the %1 certificates: %2? Détruire les %1 certificats: '%2' ? Unable to load the certificate in file %1. Tried PEM and DER certificate. Impossible de charger le certificat du fichier %1. Les formats PEM et DER ont été essayés. This certificate is already on the security token Ce certificat est déjà dans le jeton de sécurité Delete the certificate '%1' from the token '%2 (#%3)'? Détruire le certificat '%1' sur le jeton '%2 (#%3)' ? There is no key for signing ! Il n'y a pas de clé pour signer ! Wrong Size %1 Taille fausse %1 No Non Yes Oui Renew certificate: %1 Renouvellement du certificat: %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' Le certificat XCA '%1' émis le %2 expirera le %3. Il est stocké dans la base de données XCA '%4' CRL Renewal of CA '%1' due Le renouvellement de la liste de révocation du CA '%1' arrive à échéance The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' La dernière liste de révocation générée par le CA '%1' expirera le %2. Elle est stockée dans la base de données XCA '%3' pki_x509req Signing key not valid (public key) La clé de signature n'est pas valide (c'est une clé publique) Successfully imported the %1 certificate request '%2' La requête %1 de signature '%2' a été importée avec succès Delete the %1 certificate request '%2'? Détruire la requête %1 de signature '%2' ? Successfully created the %1 certificate request '%2' La requête %1 de signature '%2' a été créée avec succès Delete the %1 certificate requests: %2? Détruire la requête %1 de signature '%2' ? Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. Impossible de charger la requête de signature du fichier %1. Les formats PEM, DER et SPKAC ont été essayés. Wrong Size %1 Taille fausse %1 Signed Signée Unhandled Non-géré v3ext Copy Common Name Copier le nom commun Add Ajouter Delete Enlever Apply Appliquer Validate Valider Cancel Annuler An email address or 'copy' Une adresse de courriel ou 'copy' An email address Une adresse de courriel A registered ID: OBJECT IDENTIFIER un IDentifiant enregistré: IDENTIFICATEUR.OBJET A uniform resource indicator un indicateur uniforme de ressource A DNS domain name or 'copycn' un nom de domaine DNS ou 'copycn' A DNS domain name un nom de domaine DNS An IP address Une adresse IP Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' Syntaxe: <OID>;TYPE:texte sous la forme '1.2.3.4:UTF8:nom' No editing. Only 'copy' allowed here Pas de modification possible. Seul 'copy' est permis ici Validation failed: '%1' %2 La validation a échoué: '%1' %2 Validation successful: '%1' La validation a été effectuée avec succès: '%1' xca-RELEASE.2.2.1/lang/xca.ts0000644000175000017500000042756613614632167015005 0ustar tewardteward CaProperties CA Properties Days until next CRL issuing Default template CertDetail Details of the Certificate Serial The serial number of the certificate The internal name of the certificate in the database Status Internal name Signature Key Fingerprints MD5 An md5 hashsum of the certificate SHA1 A SHA-1 hashsum of the certificate SHA256 A SHA-256 hashsum of the certificate Validity The time since the certificate is valid The time until the certificate is valid Subject Issuer Extensions Comment Attributes Show config Show extensions Show public key This key is not in the database. Not available Signer unknown Self signed Revoked at %1 Not valid Valid Details of the certificate signing request CertExtend Certificate renewal This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. Validity Not before Not after Time range Local time Days Months Years No well-defined expiration Midnight Apply Revoke old certificate Keep serial number The certificate will be earlier valid than the signer. This is probably not what you want. Edit dates Abort rollout Continue rollout Adjust date and continue The certificate will be longer valid than the signer. This is probably not what you want. CertTreeView Import PKCS#12 Import from PKCS#7 Request Security token Other token Similar Certificate Delete from Security token CA Properties Generate CRL Manage revocations Renewal Revoke Unrevoke ClickLabel Double click for details CrlDetail Details of the Revocation list &Status Version Signature Signed by Name The internal name of the CRL in the database issuing dates Next update Last update &Issuer &Extensions &Revocation list Comment Failed Unknown signer Verification not possible ExportDialog Name The internal name of the CRL in the database ... Filename Export comment into PEM file Export Format All files ( * ) PEM Text format with headers Concatenated list of all selected items in one PEM text file Concatenated text format of the complete certificate chain in one PEM file Concatenated text format of all certificates in one PEM file Binary DER encoded file PKCS#7 encoded single certificate PKCS#7 encoded complete certificate chain Concatenated text format of all unrevoked certificates in one PEM file All unrevoked certificates encoded in one PKCS#7 file All selected certificates encoded in one PKCS#7 file All certificates encoded in one PKCS#7 file The certificate and the private key as encrypted PKCS#12 file The complete certificate chain and the private key as encrypted PKCS#12 file Concatenation of the certificate and the unencrypted private key in one PEM file Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Text format of the public key in one PEM file Binary DER format of the public key Unencrypted private key in text format OpenSSL specific encrypted private key in text format Unencrypted private key in binary DER format Unencrypted private key in PKCS#8 text format Encrypted private key in PKCS#8 text format The public key encoded in SSH2 format OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool vCalendar expiry reminder for the selected items vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL The file: '%1' already exists! Overwrite Do not overwrite Help << >> &Done ImportMulti Import PKI Items Import &All &Import &Done &Remove from list Details Delete from token Rename on token Name: %1 Model: %2 Serial: %3 Manage security token Details of the item '%1' cannot be shown The type of the item '%1' is not recognized The file '%1' did not contain PKI data The %1 files: '%2' did not contain PKI data ItemProperties Name Source Insertion date Comment KeyDetail Name The internal name of the key used by xca Security token Manufacturer Serial Key Public Exponent Keysize Private Exponent Security Token Label PKCS#11 ID Token information Model Fingerprint Comment Details of the %1 key Not available Available Sub prime Public key Private key Curve name Unknown key KeyTreeView Change password Reset password Change PIN Init PIN with SO PIN (PUK) Change SO PIN (PUK) Security token This is not a token Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable MainWindow Private Keys &New Key &Export &Import Import PFX (PKCS#12) &Show Details &Delete Certificate signing requests &New Request Certificates &New Certificate Import &PKCS#12 Import P&KCS#7 Plain View Templates &New Template &New CRL Ch&ange Template Revocation lists Using or exporting private keys will not be possible without providing the correct password Database The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Failed to rename the database file, because the target already exists No deleted items found Recent DataBases System Croatian English French German Russian Slovak Spanish Polish Italian Chinese Dutch Portuguese in Brazil Turkish Language &File Open Remote DataBase Set as default DataBase New DataBase Open DataBase Close DataBase Options Exit I&mport Keys Requests PKCS#12 PKCS#7 Template Revocation list PEM file Paste PEM file Token Export Certificate &Index hierarchy Content &Manage Security token &Init Security token &Change PIN Change &SO PIN Init PIN Extra &Dump DataBase &Export Certificate Index C&hange DataBase password &Undelete items Generate DH parameter OID Resolver &Help About no such option: %1 Import PEM data Please enter the original SO PIN (PUK) of the token '%1' Search Please enter the new SO PIN (PUK) for the token '%1' The new label of the token '%1' The token '%1' did not contain any keys or certificates Current Password Please enter the current database password The entered password is wrong New Password Please enter the new password to encrypt your private keys in the database-file Transaction start failed Please enter a password, that will be used to encrypt your private keys in the database: %1 Password verify error, please try again Password Please enter the password for unlocking the database: %1 The following error occurred: Copy to Clipboard Certificate Index ( index.txt ) All files ( * ) Diffie-Hellman parameters saved as: %1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits NewCrl Last update Next update Days Months Years Midnight Local time Apply Options CRL number Subject alternative name Revocation reasons Authority key identifier Hash algorithm NewKey Please give a name to the new key and select the desired keysize Key properties Name The internal name of the new key Curve name Usually at least 2048 bit keys are recommended New Key Keysize Keytype Remember as default Create NewX509 Source Signing request Show request Sign this Certificate signing &request Copy extensions from the request Modify subject of the request Signing Create a &self signed certificate Use &this Certificate for signing All certificates in your database that can create valid signatures Signature algorithm Template for the new certificate All available templates Apply extensions Apply subject Apply all Subject Internal Name Distinguished name Add Delete Private key This list only contains unused keys Used keys too &Generate a new key Extensions Type If this will become a CA certificate or not Not defined Certification Authority End Entity Path length How much CAs may be below this. The basic constraints should always be critical Key identifier Creates a hash of the key following the PKIX guidelines Copy the Subject Key Identifier from the issuer Validity Not before Not after Time range Days Months Years Apply Set the time to 00:00:00 and 23:59:59 respectively Midnight Local time No well-defined expiration DNS: IP: URI: email: RID: Edit URI: Key usage Netscape Advanced Validate Comment This name is only used internally and does not appear in the resulting certificate Critical Create Certificate signing request minimum size: %1 maximum size: %1 only a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters Edit XCA template Create x509 Certificate Template '%1' applied Subject applied from template '%1' Extensions applied from template '%1' New key '%1' created Other Tabs Advanced Tab Errors From PKCS#10 request Abort rollout The following length restrictions of RFC3280 are violated: Edit subject Continue rollout The verification of the Certificate request failed. The rollout should be aborted. Continue anyway The internal name and the common name are empty. Please set at least the internal name. Edit name There is no Key selected for signing. Select key The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. The key you selected for signing is not a private one. Select other signer Select other key The certificate will be earlier valid than the signer. This is probably not what you want. Edit dates Adjust date and continue The certificate will be longer valid than the signer. This is probably not what you want. The certificate will be out of date before it becomes valid. You most probably mixed up both dates. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. Edit extensions The subject alternative name shall contain a copy of the common name. However, the common name is empty. Configfile error on line %1 OidResolver OID Resolver Enter the OID, the Nid, or one of the textual representations Search OID Long name OpenSSL internal ID Nid Short name OpenDb Open remote database Database type Hostname Username Password Database name Table prefix No SqLite3 driver available. Please install the qt-sqlite package of your distribution Please enter the password to access the database server %2 as user '%1'. The database driver does not support transactions. This may happen if the client and server have different versions. Continue with care. Options XCA Options Settings Default hash algorithm String types Suppress success messages Don't colorize expired certificates Translate established x509 terms (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. Only use hashes supported by the token when signing with a token key Disable legacy Netscape extensions Certificate expiry warning threshold Send vCalendar expiry reminder Serial number length bit Distinguished name Mandatory subject entries Add Delete Explicit subject entries Dynamically arrange explicit subject entries Default PKCS#11 provider Remove Search Printable string or UTF8 (default) PKIX recommendation in RFC2459 No BMP strings, only printable and T61 UTF8 strings only (RFC2459) All strings Days Weeks PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) Take as HEX string Repeat %1 %1 mismatch Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters E&xit QObject Undefined Broken / Invalid in %1 seconds %1 seconds ago in %1 minutes %1 minutes ago Yesterday Tomorrow in %1 hours %1 hours ago DB: Rename: '%1' already in use DB: Entry to rename not found: %1 DB: Write error %1 - %2 Out of data Error finding endmarker of string Out of Memory at %1:%2 All files ( * ) Import RSA key PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; SSH Public Keys ( *.pub );; PKCS#10 CSR ( *.pem *.der *.csr );; Import Request Certificates ( *.pem *.der *.crt *.cer );; Import X.509 Certificate PKCS#7 data ( *.p7s *.p7m *.p7b );; Import PKCS#7 Certificates PKCS#12 Certificates ( *.p12 *.pfx );; Import PKCS#12 Private Certificate XCA templates ( *.xca );; Import XCA Templates Revocation lists ( *.pem *.der *.crl );; Import Certificate Revocation List XCA Databases ( *.xdb );; Open XCA Database PKCS#11 library ( *.dll );; PKCS#11 library ( *.dylib *.so );; PKCS#11 library ( *.so );; Open PKCS#11 shared library PEM files ( *.pem );; Load PEM encoded file Please enter the PIN on the PinPad Please enter the SO PIN (PUK) of the token %1 Please enter the PIN of the token %1 No Security token found Select Please enter the new SO PIN (PUK) for the token: '%1' Please enter the new PIN for the token: '%1' Required PIN size: %1 - %2 Failed to open PKCS11 library: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Disabled Library loading failed PKCS#11 function '%1' failed: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 Invalid %1 is shorter than %2 bytes: '%3' %1 is longer than %2 bytes: '%3' String '%1' for '%2' contains invalid characters Error reading config file %1 at line %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. Unknown object '%1' in file %2 line %3 Failed to start a database transaction ReqTreeView Sign Unmark signed Mark signed Similar Request RevocationList Manage revocations Add Delete Edit No. Serial Revocation Reason Invalidation Generate CRL Revoke Certificate revocation Revocation details Revocation reason Local time Invalid since Serial SearchPkcs11 Directory ... Include subdirectories Search The following files are possible PKCS#11 libraries SelectToken Security token Please select the security token TempTreeView Duplicate Create certificate Create request copy Validity yyyy-MM-dd hh:mm X509SuperTreeView OpenSSL config Transform Template Public key XcaTreeView Subject entries X509v3 Extensions Netscape extensions Reset Hide Column Details Columns New Import Paste PEM data Rename Properties Delete Export Clipboard File db_base Internal name No. Primary key Database unique number Date Date of creation or insertion Source Generated, Imported, Transformed Comment First line of the comment field Could not create directory %1 Item properties How to export the %1 selected items All in one PEM file Each item in one file Save %1 items in one file as PEM files ( *.pem );; All files ( * ) db_crl Signer Internal name of the signer No. revoked Number of revoked certificates Last update Next update CRL number The revocation list already exists in the database as: '%1' and so it was not imported Revocation list export CRL ( *.pem *.der *.crl ) There are no CA certificates for CRL generation Select CA certificate Create CRL Failed to initiate DB transaction Database error: %1 db_key Type Size EC Group Use Password The key is already in the database as: '%1' and is not going to be imported The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key Extending public key from %1 by imported key '%2' Key size too small ! You are sure to create a key of the size: %1 ? PEM public SSH2 public PEM private Export keys to Clipboard Clipboard Export public key [%1] DER public DER private PEM encryped PKCS#8 encrypted Export private key [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Tried to change password of a token db_temp Bad template: %1 Empty template Preset Template values Save template as XCA templates ( *.xca );; All files ( * ) db_x509 CA reflects the basic Constraints extension Serial Start date Expiry date MD5 fingerprint SHA1 fingerprint SHA256 fingerprint Not before Not after Revocation CRL Expiration Plain View Tree View Failed to retrieve unique random serial The certificate already exists in the database as: '%1' and so it was not imported Signed on %1 by '%2' Unknown Invalid public key PKCS#7 unrevoked PEM unrevoked vCalendar CA vCalendar days No template The key you selected for signing is not a private one. Store the certificate to the key on the token '%1 (#%2)' ? PEM chain PKCS#7 chain PKCS#12 chain PKCS#7 all PEM + key PEM all Certificate Index file Certificate export X509 Certificates ( *.pem *.cer *.crt *.p12 *.p7b ) There was no key found for the Certificate: '%1' Not possible for a token key: '%1' Not possible for the token-key Certificate '%1' db_x509name Subject Complete distinguished name Subject hash Hash to lookup certs in directories db_x509req Signed whether the request is already signed or not Unstructured name Challenge password Certificate count Number of certificates in the database with the same public key The certificate signing request already exists in the database as '%1' and thus was not stored Certificate request export Certificate request ( *.pem *.der *.csr ) db_x509super Key name Internal name of the key Signature algorithm Extracted from %1 '%2' Certificate Certificate request Save as OpenSSL config Config files ( *.conf *.cnf);; All files ( * ) The following extensions were not ported into the template Transformed from %1 '%2' kvView Type Content pass_info Password PIN pki_base Error opening file: '%1': %2 Unknown Imported Generated Transformed Token Legacy Database Renewed Internal error: Unexpected message: %1 %2 pki_crl Successfully imported the revocation list '%1' Delete the revocation list '%1'? Successfully created the revocation list '%1' Delete the %1 revocation lists: %2? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. No issuer given Wrong Size %1 Renew CRL: %1 The XCA CRL '%1', issued by the CA '%2' on %3 will expire on %4. It is stored in the XCA database '%5' pki_evp Failed to decrypt the key (bad password) %1 Please enter the password to decrypt the private key. The key from file '%1' is incomplete or inconsistent. Please enter the password to decrypt the private key from file: %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. Ignoring unsupported private key Please enter the password to decrypt the private key: '%1' Password input aborted Please enter the database password for decrypting the key '%1' Please enter the password to protect the private key: '%1' Please enter the database password for encrypting the key Please enter the password protecting the PKCS#8 key '%1' Please enter the export password for the private key '%1' pki_key Successfully imported the %1 public key '%2' Delete the %1 public key '%2'? Successfully imported the %1 private key '%2' Delete the %1 private key '%2'? Successfully created the %1 private key '%2' Delete the %1 keys: %2? Public key Common Private Bogus PIN No password Unexpected SSH2 content: '%1' Invalid SSH2 public key Failed writing to %1 pki_multi No known PEM encoded items found pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 Unable to load the PKCS#12 (pfx) file %1. The supplied password was wrong (%1) Please enter the password to encrypt the PKCS#12 file No key or no Cert and no pkcs12 pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. pki_scard Successfully imported the token key '%1' Delete the token key '%1'? Successfully created the token key '%1' Delete the %1 keys: %2? Delete the private key '%1' from the token '%2 (#%3)' ? This Key is already on the token PIN input aborted Unable to find copied key on the token Please insert card: %1 %2 [%3] with Serial: %4 Illegal Key generation method Unable to find generated key on card Ignoring unsupported token key Wrong Size %1 Token %1 Failed to find the key on the token Invalid Pin for the token Failed to initialize the key on the token pki_temp Successfully imported the XCA template '%1' Delete the XCA template '%1'? Successfully created the XCA template '%1' Delete the %1 XCA templates: %2? Wrong Size %1 Template file content error (too small) Not a PEM encoded XCA Template Not an XCA Template, but '%1' pki_x509 Successfully imported the certificate '%1' Delete the certificate '%1'? Successfully created the certificate '%1' Delete the %1 certificates: %2? Unable to load the certificate in file %1. Tried PEM and DER certificate. This certificate is already on the security token Delete the certificate '%1' from the token '%2 (#%3)'? There is no key for signing ! Wrong Size %1 No Yes Renew certificate: %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' CRL Renewal of CA '%1' due The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' pki_x509req Signing key not valid (public key) Successfully imported the %1 certificate request '%2' Delete the %1 certificate request '%2'? Successfully created the %1 certificate request '%2' Delete the %1 certificate requests: %2? Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. Wrong Size %1 Signed Unhandled v3ext Copy Common Name Add Delete Apply Validate Cancel An email address or 'copy' An email address A registered ID: OBJECT IDENTIFIER A uniform resource indicator A DNS domain name or 'copycn' A DNS domain name An IP address Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' No editing. Only 'copy' allowed here Validation failed: '%1' %2 Validation successful: '%1' xca-RELEASE.2.2.1/lang/xca_zh_CN.ts0000644000175000017500000045340513614632167016055 0ustar tewardteward CaProperties CA Properties CA属性 Days until next CRL issuing CRL发布间隔 Default template 默认模板 CertDetail Details of the Certificate 证书的详细信息 Serial 序列号 The serial number of the certificate 证书的序列号 The internal name of the certificate in the database XCA数据库中证书的内部名称 Status 状态 Internal name 内部名称 Signature 签名状态 Key 密钥 Fingerprints 指纹信息 MD5 MD5 An md5 hashsum of the certificate 证书的MD5哈希值 SHA1 SHA1 A SHA-1 hashsum of the certificate 证书的SHA-1哈希值 SHA256 SHA256 A SHA-256 hashsum of the certificate 证书的SHA-256哈希值 Validity 有效期 The time since the certificate is valid 生效时间 The time until the certificate is valid 失效时间 Subject 主体 Issuer 颁发者 Extensions 扩展 Comment 备注 Attributes 属性 Show config 显示配置文件 Show extensions 显示扩展 Show public key 显示公钥 This key is not in the database. 密钥不在数据库中。 Not available 不可用 Signer unknown 未知的签发人 Self signed 自签名 Revoked at %1 于%1吊销 Revoked: 已吊销: Not valid 无效 Valid 有效 Details of the certificate signing request 证书签名请求(CSR)的详细信息 CertExtend Certificate renewal 证书续签 This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. 这将创建一个新证书作为旧证书的副本,其中包含新的序列号和有效期。 Validity 有效期 Not before 不早于 Not after 不晚于 Time range 时间跨度 Local time 当地时间 Days Months Years No well-defined expiration 未明确定义到期日 Midnight UTC午夜时间 Apply 应用 Revoke old certificate 吊销旧证书 Keep serial number 保持序列号不变 The certificate will be earlier valid than the signer. This is probably not what you want. 证书的生效时间早于签名者。这可能不是你想要的。 Edit dates 手动修改日期 Abort rollout 中止 Continue rollout 继续 Adjust date and continue 将证书的生效时间自动调整为签名者的生效时间,或将证书的失效时间自动调整为签名者的失效时间 自动调整日期并继续 The certificate will be longer valid than the signer. This is probably not what you want. 证书的失效日期晚于签名者。这可能不是你想要的。 CertTreeView Import PKCS#12 导入PKCS#12 Import from PKCS#7 从PKCS#7导入 Request 请求 Security token 安全令牌 Other token 其他令牌 Similar Certificate 证书副本 Delete from Security token 从安全令牌中删除 CA CA Properties 属性 Generate CRL 生成CRL Manage revocations 吊销管理 Renewal 续签 Revoke 吊销 Unrevoke 反吊销 ClickLabel Double click for details 双击查看详细信息 CrlDetail Details of the Revocation list 吊销列表的详细信息 &Status 状态 Version 版本 Signature 签名算法 Signed by 签名CA Name 内部名称 The internal name of the CRL in the database CRL的内部名称 issuing dates 发布日期 Next update 下次更新时间 Last update 最近更新时间 &Issuer 签发人 &Extensions 扩展 &Revocation list 吊销列表 Comment 备注 Failed 失败 Unknown signer 未知的签发人 Verification not possible 无法验证 ExportDialog Name 内部名称 The internal name of the CRL in the database CRL的内部名称 ... ... Filename 文件名 Export comment into PEM file 导出备注到PEM文件 Export Format 导出格式 All files ( * ) All files ( * ) PEM Text format with headers 带头部的PEM文本格式 Concatenated list of all selected items in one PEM text file 导出选定的条目到一个PEM文本文件中 Concatenated text format of the complete certificate chain in one PEM file 导出完整的证书链到一个PEM文件中 Concatenated text format of all certificates in one PEM file 导出所有的证书到一个PEM文件中 Binary DER encoded file 二进制DER编码文件 PKCS#7 encoded single certificate PKCS#7编码的单个证书 PKCS#7 encoded complete certificate chain PKCS#7编码的完整证书链 Concatenated text format of all unrevoked certificates in one PEM file 导出所有未吊销的证书到一个PEM文件中 All unrevoked certificates encoded in one PKCS#7 file 导出所有未吊销的证书到一个PKCS#7文件中 All selected certificates encoded in one PKCS#7 file 导出选定的证书到一个PKCS#7文件中 All certificates encoded in one PKCS#7 file 导出所有的证书到一个PKCS#7文件中 The certificate and the private key as encrypted PKCS#12 file 导出证书和加密私钥到PKCS#12文件中 The complete certificate chain and the private key as encrypted PKCS#12 file 导出完整证书链和加密私钥到PKCS#12文件中 Concatenation of the certificate and the unencrypted private key in one PEM file 导出证书和未加密私钥到一个PEM文件中 Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file 导出证书和加密私钥到PKCS#8文件中 Text format of the public key in one PEM file 导出公钥到PEM文本文件中 Binary DER format of the public key 导出公钥到DER二进制文件中 Unencrypted private key in text format 导出未加密私钥到文本文件中 OpenSSL specific encrypted private key in text format 导出OpenSSL风格的加密私钥到文本文件中 Unencrypted private key in binary DER format 导出未加密的私钥到DER二进制文件中 Unencrypted private key in PKCS#8 text format 导出未加密私钥到PKCS#8文本文件中 Encrypted private key in PKCS#8 text format 导出加密私钥到PKCS#8文本文件中 The public key encoded in SSH2 format 以SSH2格式编码的公钥 OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool 导出OpenSSL风格的证书索引文件(Index),该文件由'openssl ca'命令创建,通常OCSP工具需要使用它 vCalendar expiry reminder for the selected items 所选条目的vCalendar到期提醒 vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL 包含所有已颁发的有效证书,CA本身和最新的CRL的vCalendar到期提醒 The file: '%1' already exists! 文件: '%1'已存在! Overwrite 覆盖 Do not overwrite 不覆盖 Help << 后退 >> 前进 &Done 关闭 ImportMulti Import PKI Items 导入PKI条目 Import &All 导入全部 &Import 导入 &Done 完成 &Remove from list 从列表中移除 Details 详细信息 Delete from token 从令牌中删除 Rename on token 重命名令牌 Name: %1 Model: %2 Serial: %3 名称: %1 型号: %2 序列号: %3 Manage security token 管理安全令牌 Details of the item '%1' cannot be shown 无法显示条目'%1'的详细信息 The type of the item '%1' is not recognized 条目'%1'的类型无法识别 The file '%1' did not contain PKI data 文件'%1'不包含PKI数据 The %1 files: '%2' did not contain PKI data 这%1个文件: '%2'不包含PKI数据 ItemProperties Name 内部名称 Source 来源 Insertion date 添加日期 Comment 备注 KeyDetail Name 内部名称 The internal name of the key used by xca 密钥的内部名称 Security token 安全令牌 Manufacturer 生产厂商 Serial 序列号 Key 密钥 Public Exponent Public Exponent Keysize 密钥长度 Private Exponent Private Exponent Security Token 安全令牌 Label 标签 PKCS#11 ID PKCS#11 ID Token information 令牌信息 Model 型号 Fingerprint 指纹 Comment 备注 Details of the %1 key %1密钥的详细信息 Not available 不可用 Available 可用 Sub prime Sub prime Public key 公钥 Private key 私钥 Curve name 曲线名称 Unknown key 未知的密钥 KeyTreeView Change password 修改密码 Reset password 重置密码 Change PIN 修改PIN Init PIN with SO PIN (PUK) 使用SO PIN (PUK)初始化PIN Change SO PIN (PUK) 修改SO PIN (PUK) Security token 安全令牌 This is not a token 这不是个令牌 Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable 旧密钥 '%1'是否应该被令牌上的密钥替换? 这将删除密钥 '%1'并使其无法导出 MainWindow Private Keys 私钥 &New Key 创建密钥 &Export 导出 &Import 导入 Import PFX (PKCS#12) 导入PFX(PKCS#12) &Show Details 显示详细信息 &Delete 删除 Certificate signing requests 证书签名请求 &New Request 创建请求 Certificates 证书 &New Certificate 创建证书 Import &PKCS#12 导入PKCS#12 Import P&KCS#7 导入PKCS#7 Plain View 平铺视图 Templates 模板 &New Template 创建模板 &New CRL 创建CRL Ch&ange Template 编辑模板 Revocation lists 吊销列表 Using or exporting private keys will not be possible without providing the correct password 如果没有提供正确的密码,将无法使用或导出私钥 Database 数据库 The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. 当前使用的默认哈希'%1'是不安全的。 出于安全原因,请至少选择'SHA 224'。 Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format 检测到旧版数据库格式。 创建名为'%1'的备份副本,并将数据库转换为新格式 Failed to rename the database file, because the target already exists 无法重命名数据库文件,因为目标已存在 No deleted items found 找不到已删除的项目 Recent DataBases 最近打开的数据库 System 使用系统语言 Croatian 克罗地亚语 English 英语 French 法语 German 德语 Russian 俄语 Slovak 斯洛伐克语 Spanish 西班牙语 Polish 波兰语 Italian 意大利语 Chinese 简体中文 Dutch 荷兰语 Portuguese in Brazil 巴西葡萄牙语 Turkish 土耳其语 Language 语言 &File 文件 &New DataBase 新建数据库 &Open DataBase 打开数据库 Open Remote DataBase 打开远程数据库 Set as default DataBase 设置为默认数据库 &Close DataBase 关闭数据库 New DataBase 新建数据库 Open DataBase 打开数据库 Close DataBase 关闭数据库 Options 选项 Exit 退出 I&mport 导入 Keys 密钥 Requests 请求 PKCS#12 PKCS#12 PKCS#7 PKCS#7 Template 模板 Revocation list 吊销列表 PEM file PEM文件 Paste PEM file 粘贴PEM文件 Token 令牌 Export Certificate &Index hierarchy 分CA导出证书索引 Content 内容 &Token 令牌 &Manage Security token 管理安全令牌 &Init Security token 初始化安全令牌 &Change PIN 修改PIN Change &SO PIN 修改SO PIN Init PIN 初始化PIN Extra 其他工具 &Dump DataBase 转储数据库 &Export Certificate Index 导出所有证书索引(Index) &Export Certificate Index hierarchy 分CA导出证书索引(Index) C&hange DataBase password 修改数据库密码 &Undelete items 取消删除项目 Generate DH parameter 生成DH参数 OID Resolver OID解析器 &Help 帮助 &Content 帮助 About 关于 no such option: %1 没有这个选项: %1 Import PEM data 导入PEM数据 Please enter the original SO PIN (PUK) of the token '%1' 请输入安全令牌'%1'的旧SO PIN(PUK) Search 搜索 Please enter the new SO PIN (PUK) for the token '%1' 请输入安全令牌'%1'的新SO PIN(PUK) The new label of the token '%1' 令牌的新标签 '%1' The token '%1' did not contain any keys or certificates 安全令牌'%1'不包含任何密钥和证书 Current Password 当前密码 Please enter the current database password 请输入数据库的当前密码 The entered password is wrong 输入的密码有误 New Password 新密码 Please enter the new password to encrypt your private keys in the database-file 请输入数据库的新密码,用于加密数据库中的私钥信息 Transaction start failed 数据库事务开始失败 Please enter a password, that will be used to encrypt your private keys in the database: %1 请输入数据库的密码,用于加密数据库中的私钥信息: %1 Password verify error, please try again 密码校验错误,请再试一次 Password 密码 Please enter the password for unlocking the database: %1 请输入数据库密码,用于解锁数据库: %1 The following error occurred: 下列错误发生: Copy to Clipboard 复制到剪贴板 Certificate Index ( index.txt ) Certificate Index ( index.txt ) All files ( * ) All files ( * ) Diffie-Hellman parameters saved as: %1 DH参数保存为:%1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits 有些应用程序需要Diffie-Hellman参数。 请输入DH参数的位数 Error opening file: '%1': %2 打开文件错误: '%1': %2 NewCrl Last update 最近更新时间 Next update 下次更新时间 Days Months Years Midnight UTC午夜时间 Local time 当地时间 Apply 应用 Options 选项 CRL number CRL编号 Subject alternative name 主体可选名称(SAN) Revocation reasons 吊销原因 Authority key identifier CA主体密钥标识符 Hash algorithm 哈希算法 NewKey Please give a name to the new key and select the desired keysize 请为新密钥指定名称,然后选择所需的密钥长度 Key properties 密钥属性 Name 内部名称 The internal name of the new key 新密钥的内部名称 Curve name 曲线名称 Usually at least 2048 bit keys are recommended 通常建议至少使用2048位密钥 New Key 创建密钥 Keysize 密钥长度 Keytype 密钥类型 Remember as default 设置为默认 Create 创建 NewX509 Source 来源 Signing request 签名请求 Show request 显示签名请求 Sign this Certificate signing &request 签发证书签名请求(CSR) Copy extensions from the request 从签名请求复制扩展信息 Modify subject of the request 修改签名请求的主体信息 Signing 签名 Create a &self signed certificate 创建自签名证书 Use &this Certificate for signing 使用此CA证书进行签名 All certificates in your database that can create valid signatures 数据库中可以创建有效签名的所有CA证书 Signature algorithm 签名算法 Template for the new certificate 使用模板创建新证书 All available templates 所有可用的模板 Apply extensions 应用模板扩展信息 Apply subject 应用模板主体信息 Apply all 应用模板所有信息 Subject 主体 Internal Name 内部名称 Distinguished name 专有名称 Add 添加 Delete 删除 Private key 私钥 This list only contains unused keys 此列表仅包含未使用的密钥 Used keys too 包含已使用的密钥 &Generate a new key 生成新密钥 Extensions 扩展 Type 类型 If this will become a CA certificate or not 新证书是否为CA证书 Not defined 未定义 Certification Authority CA End Entity 最终实体 Path length CA路径长度 How much CAs may be below this. 若新证书为CA证书,此项目限制该CA证书下最多还能拥有几级CA。 The basic constraints should always be critical 该基本约束应当始终是关键的 Key identifier 密钥标识符 Creates a hash of the key following the PKIX guidelines 根据PKIX准则创建密钥的哈希值 Copy the Subject Key Identifier from the issuer 从颁发者复制其主体密钥标识符 Validity 有效期 Not before 不早于 Not after 不晚于 Time range 时间跨度 Days Months Years Apply 应用 Set the time to 00:00:00 and 23:59:59 respectively 将时间分别设置为00:00:00和23:59:59 Midnight UTC午夜时间 Local time 当地时间 No well-defined expiration 未明确定义到期日 DNS: IP: URI: email: RID: DNS: IP: URI: email: RID: Edit 编辑 URI: URI: Key usage 密钥用法 Netscape Netscape扩展 Advanced 高级 Validate 验证 Comment 备注 This name is only used internally and does not appear in the resulting certificate 此名称仅在内部使用,不会出现在生成的证书中 Critical 关键 Create Certificate signing request 创建证书签名请求(CSR) minimum size: %1 最小长度: %1 maximum size: %1 最大长度: %1 only a-z A-Z 0-9 '()+,-./:=? 只允许使用 a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters 只允许使用7-bit可打印字符 Edit XCA template 编辑XCA模板 Create x509 Certificate 创建x509证书 Template '%1' applied 模板'%1'已应用 Subject applied from template '%1' 模板'%1'的主体信息已应用 Extensions applied from template '%1' 模板'%1'的扩展信息已应用 New key '%1' created 新密钥'%1'已创建 Other Tabs 其他标签页 Advanced Tab 高级标签页 Errors 错误 From PKCS#10 request 来自PKCS#10请求 Abort rollout 中止 The following length restrictions of RFC3280 are violated: 违反了RFC3280的以下长度限制: Edit subject 编辑主体信息 Continue rollout 继续 The verification of the Certificate request failed. The rollout should be aborted. 证书请求的合法性验证失败。 本次操作应当中止。 Continue anyway 无论如何都继续 The internal name and the common name are empty. Please set at least the internal name. 内部名称和通用名称(CN)为空。 请至少设置内部名称。 Edit name 编辑名称 There is no Key selected for signing. 没有选择密钥进行签名。 Select key 选择密钥 The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. 以下专有名称条目为空: %1 尽管您已在选项菜单中将其声明为必需项。 The key you selected for signing is not a private one. 您选择的用于签名的密钥不是私钥。 Select other signer 选择其他签名CA Select other key 选择其他密钥 The certificate will be earlier valid than the signer. This is probably not what you want. 证书的生效时间早于签名者。这可能不是你想要的。 Edit dates 手动修改日期 Adjust date and continue 自动调整日期并继续 The certificate will be longer valid than the signer. This is probably not what you want. 证书的失效日期晚于签名者。这可能不是你想要的。 The certificate will be out of date before it becomes valid. You most probably mixed up both dates. 证书的失效日期早于生效日期。你可能混淆了这两个日期。 The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. 证书包含无效或重复的扩展信息。检查高级标签页上的验证信息。 The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. 证书不包含扩展名。您可以应用模板的扩展信息来定义证书的用途。 Edit extensions 编辑扩展信息 The subject alternative name shall contain a copy of the common name. However, the common name is empty. 主体可选名称应包含通用名称(CN)。但是,通用名称为空。 Configfile error on line %1 配置文件错误位于行%1 OidResolver OID Resolver OID解析器 Enter the OID, the Nid, or one of the textual representations 输入OID、Nid或者一个文本表示 Search 搜索 OID OID Long name 长名称 OpenSSL internal ID OpenSSL内部ID Nid Nid Short name 短名称 OpenDb Open remote database 打开远程数据库 Database type 数据库类型 Hostname 主机名 Username 用户名 Password 密码 Database name 数据库名 Table prefix 表前缀 No SqLite3 driver available. Please install the qt-sqlite package of your distribution SqLite3数据库驱动不可用。 请安装您的发行版的qt-sqlite包 Please enter the password to access the database server %2 as user '%1'. 请输入密码,用于以用户身份'%1'访问数据库服务器%2。 The database driver does not support transactions. This may happen if the client and server have different versions. Continue with care. 数据库驱动不支持事务。 这通常是客户端和服务器版本不一致导致的。请谨慎操作。 Options XCA Options XCA选项 Settings 设置 Default hash algorithm 默认哈希算法 String types 字符串类型 Suppress success messages 不显示操作成功提示 Don't colorize expired certificates 不使用彩色显示过期证书 Translate established x509 terms (%1 -> %2) 将x509术语翻译后显示(%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. XCA不使用令牌的哈希功能。 但是,XCA可以遵守令牌规定的受限制的哈希算法集合。 特别的,在PKCS#11规范中,EC和DSA仅仅使用SHA1定义。 Only use hashes supported by the token when signing with a token key 当使用安全令牌密钥签名时仅使用令牌支持的哈希算法 Disable legacy Netscape extensions 禁用传统的Netscape扩展信息 Certificate expiry warning threshold 证书到期警告阈值 Send vCalendar expiry reminder 发送vCalendar到期提醒 Serial number length 序列号长度 bit bit Distinguished name 专有名称 Mandatory subject entries 必填的主体信息条目 Add 添加 Delete 删除 Explicit subject entries 明确的主体信息条目 Dynamically arrange explicit subject entries 动态安排明确的主题条目 Default 默认 PKCS#11 provider PKCS#11 provider Remove 移除 Search 搜索 Printable string or UTF8 (default) 可打印字符串或UTF8(默认) PKIX recommendation in RFC2459 RFC2459中的PKIX建议 No BMP strings, only printable and T61 无BMP字符串,仅可打印字符串和T61 UTF8 strings only (RFC2459) 仅限UTF8字符串(RFC2459) All strings 所有字符串 Days Weeks Load failed 加载失败 PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) 密码被解析为2位十六进制代码。 它必须具有偶数位数(0-9和a-f) Take as HEX string 作为HEX字符串 Repeat %1 重复%1 %1 mismatch %1不匹配 Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters 十六进制密码只能包含字符0-9和a-f,并且必须具有偶数个字符 E&xit 退出 QObject Undefined 未定义 Broken / Invalid 损坏的 / 不合法的 in %1 seconds %1秒内 %1 seconds ago %1秒之前 in %1 minutes %1分钟内 %1 minutes ago %1分钟之前 Yesterday 昨天 Tomorrow 明天 in %1 hours %1小时内 %1 hours ago %1小时之前 DB: Rename: '%1' already in use 数据库: 重命名: '%1'正在使用 DB: Entry to rename not found: %1 数据库: 找不到待重命名的条目: %1 DB: Write error %1 - %2 数据库: 写入错误 %1 - %2 Out of data 无数据 Error finding endmarker of string 查找字符串的结束标记出现错误 Out of Memory at %1:%2 内存不足 %1:%2 Country code 国家代码 State or Province 省份名称 Locality 城市名称 Organisation 组织名称 Organisational unit 内设机构名称 Common name 通用名称 E-Mail address 电子邮件地址 Serial number 序列号 Unstructured name 非结构化名称 Challenge password 质询密码 Basic Constraints 基本约束 Subject alternative name 主体可选名称(SAN) issuer alternative name 颁发者可选名称 Subject key identifier 主体密钥标识符 Authority key identifier CA密钥标识符 Key usage 密钥用法 Extended key usage 扩展密钥用法 CRL distribution points CRL发布点 Authority information access CA信息访问 Certificate type 证书类型 Base URL 基本URL Revocation URL 吊销URL CA Revocation URL CA吊销URL Certificate renewal URL 证书续签URL CA policy URL CA政策URL SSL server name SSL服务器名称 Comment 备注 All files ( * ) All files ( * ) Import RSA key 导入RSA密钥 PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; SSH Public Keys ( *.pub );; PKCS#10 CSR ( *.pem *.der *.csr );; Import Request 导入请求 Certificates ( *.pem *.der *.crt *.cer );; Import X.509 Certificate 导入X.509证书 PKCS#7 data ( *.p7s *.p7m *.p7b );; Import PKCS#7 Certificates 导入PKCS#7证书 PKCS#12 Certificates ( *.p12 *.pfx );; Import PKCS#12 Private Certificate 导入PKCS#12私有证书 XCA templates ( *.xca );; Import XCA Templates 导入XCA模板 Revocation lists ( *.pem *.der *.crl );; Import Certificate Revocation List 导入证书吊销列表 XCA Databases ( *.xdb );; Open XCA Database 打开XCA数据库 PKCS#11 library ( *.dll );; PKCS#11 library ( *.dylib *.so );; PKCS#11 library ( *.so );; Open PKCS#11 shared library 打开PKCS#11动态库 PEM files ( *.pem );; Load PEM encoded file 加载PEM文件 Please enter the PIN on the PinPad 请输入PIN Please enter the SO PIN (PUK) of the token %1 请输入令牌%1的SO PIN (PUK) Please enter the PIN of the token %1 请输入令牌%1的PIN No Security token found 未找到安全令牌 Select 选择 Please enter the new SO PIN (PUK) for the token: '%1' 请输入令牌 '%1'的新SO PIN (PUK): Please enter the new PIN for the token: '%1' 请输入令牌 '%1'的新PIN: Required PIN size: %1 - %2 合法的PIN长度: %1 - %2 Failed to open PKCS11 library: %1 打开PKCS11动态库失败: %1 Failed to open PKCS11 library: %1: %2 打开PKCS11动态库失败: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. 这好像不是PKCS#11动态库。找不到符号'C_GetFunctionList'。 Disabled 已禁用 Library loading failed 动态库加载失败 PKCS#11 function '%1' failed: %2 PKCS#11函数 '%1'失败: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 PKCS#11函数 '%1'失败: %2 位于动态库 %3 %4 Invalid 不合法 %1 is shorter than %2 bytes: '%3' %1小于%2 bytes: '%3' %1 is longer than %2 bytes: '%3' %1大于%2 bytes: '%3' String '%1' for '%2' contains invalid characters 字符串 '%2'中的 '%1'包含无效字符 Error reading config file %1 at line %2 读取配置文件%1(行%2)错误 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. 文件%2(行%3)中的对象 '%1'已经存在 '%4:%5:%6',应当被移除。 The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. 文件%3(行%4)中用于OID %2的标识符 '%1'已经用于另一个OID '%5:%6:%7',应当修改以避免冲突。 Unknown object '%1' in file %2 line %3 文件 %2(行%3)中的未知对象'%1' Failed to start a database transaction 数据库事务开始失败 ReqTreeView Sign 签发 Unmark signed 标记为未处理 Mark signed 标记为已签发 Similar Request 请求副本 RevocationList Manage revocations 吊销管理 Add 添加 Delete 删除 Edit 编辑 No. No. Serial 序列号 Revocation 吊销 Reason 原因 Invalidation 不合法 Generate CRL 生成CRL Revoke Certificate revocation 证书吊销 Revocation details 吊销详细信息 Revocation reason 吊销原因 Local time 当地时间 Invalid since 失效开始时间 Serial 序列号 SearchPkcs11 Directory 目录 ... Include subdirectories 包含子目录 Search 搜索 The following files are possible PKCS#11 libraries 下列文件是可能的PKCS#11动态库 SelectToken Security token 安全令牌 Please select the security token 请选择安全令牌 TempTreeView Duplicate 生成副本 Create certificate 创建证书 Create request 创建请求 copy 复制 Validity yyyy-MM-dd hh:mm X509SuperTreeView OpenSSL config OpenSSL配置 Transform 转换 Template 模板 Public key 公钥 XcaTreeView Subject entries 主体条目 X509v3 Extensions X503v3扩展信息 Netscape extensions Netscape扩展信息 Reset 恢复默认 Hide Column 隐藏该列 Details 详细信息 Columns New 创建 Import 导入 Paste PEM data 粘贴PEM数据 Rename 重命名 Properties 属性 Delete 删除 Export 导出 Clipboard 剪贴板 File 文件 db_base Error opening file: '%1': %2 打开文件错误: '%1': %2 Internal name 内部名称 No. No. Primary key 主键 Database unique number 数据库唯一编号 Date 日期 Date of creation or insertion 创建日期 Source 来源 Generated, Imported, Transformed 生成,导入,转换 Comment 备注 First line of the comment field 备注栏首行 Could not create directory %1 创建文件夹失败 %1 Item properties 条目属性 How to export the %1 selected items 如何导出选定的%1个条目 All in one PEM file 将全部条目导出到一个PEM文件 Each item in one file 每个条目导出到单个文件 Save %1 items in one file as 保存%1个条目到单个文件 PEM files ( *.pem );; All files ( * ) db_crl Signer 签发人 Internal name of the signer 签发人的内部名称 No. revoked 数量 Number of revoked certificates 已吊销证书的数量 Last update 最近更新时间 Next update 下次更新时间 CRL number CRL编号 The revocation list already exists in the database as: '%1' and so it was not imported 吊销列表在数据库中已存在: '%1' 因此未被导入 Revocation list export 吊销列表导出 CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) There are no CA certificates for CRL generation 没有可用于生成CRL的CA证书 Select CA certificate 选择CA证书 Create CRL 创建CRL Failed to initiate DB transaction 初始化数据库事务失败 Database error: %1 数据库错误: %1 Database error: 数据库错误: db_key Type 类型 Size 长度 EC Group 椭圆曲线簇 Use 使用 Password 密码 The key is already in the database as: '%1' and is not going to be imported 密钥在数据库中已存在: '%1' 因此未被导入 The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key 数据库中已存在导入密钥的公钥部分: '%1' 和新导入的私钥部分组成完整密钥 Extending public key from %1 by imported key '%2' 通过导入的密钥'%2'从%1扩展公钥 Key size too small ! 密钥长度太小 ! You are sure to create a key of the size: %1 ? 确认创建长度为%1的密钥? PEM public SSH2 public PEM private Export keys to Clipboard 导出密钥到剪贴板 Clipboard 剪贴板 Export public key [%1] 导出公钥 [%1] DER public DER private PEM encryped PKCS#8 encrypted Export private key [%1] 导出私钥 [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Tried to change password of a token 尝试修改令牌密码 db_temp Bad template: %1 损坏的模板: %1 Empty template 空模板 Preset Template values 内置模板 Save template as 将模板保存为 XCA templates ( *.xca );; All files ( * ) db_x509 CA reflects the basic Constraints extension 反映基本约束扩展 Serial 序列号 Start date 开始日期 Expiry date 过期时间 MD5 fingerprint MD5指纹 SHA1 fingerprint SHA1指纹 SHA256 fingerprint SHA256指纹 Not before 不早于 Not after 不晚于 Revocation 吊销 CRL Expiration CRL过期 Plain View 平铺视图 Tree View 层次视图 Failed to retrieve unique random serial 获取唯一随机序号失败 The certificate already exists in the database as: '%1' and so it was not imported 证书在数据库中已存在: '%1' 因此未被导入 Signed on %1 by '%2' 由'%2'在%1上签名 Unknown 未知 Invalid public key 不合法的公钥 PKCS#7 unrevoked PKCS#7反吊销 PEM unrevoked PEM反吊销 vCalendar CA vCalendar days No template 无模板 The key you selected for signing is not a private one. 您选择的用于签名的密钥不是私钥。 Store the certificate to the key on the token '%1 (#%2)' ? 将证书保存到令牌'%1 (#%2)'? PEM chain PEM证书链 PKCS#7 chain PKCS#7证书链 PKCS#12 chain PKCS#12证书链 PKCS#7 all PKCS#7 全部 PEM + key PEM all Certificate Index file 证书索引文件(Index) Certificate export 证书导出 X509 Certificates ( *.pem *.cer *.crt *.p12 *.p7b ) There was no key found for the Certificate: '%1' 找不到证书'%1'的密钥 Not possible for a token key: '%1' 令牌密钥'%1'不可用 Error opening file: '%1': %2 打开文件错误: '%1': %2 Not possible for the token-key Certificate '%1' 令牌证书'%1'不可用 days db_x509name Subject 主体 Complete distinguished name 完整的专有名称 Subject hash 主体哈希 Hash to lookup certs in directories 在目录中查找证书的哈希值 db_x509req Signed 已签发 whether the request is already signed or not 请求是否已签发 Unstructured name 非结构化名称 Challenge password 质询密码 Certificate count 证书数量 Number of certificates in the database with the same public key 数据库中具有相同公钥的证书数量 The certificate signing request already exists in the database as '%1' and thus was not stored 证书签名请求(CSR)在数据库中已存在: '%1' 因此未被导入 Certificate request export 证书请求导出 Certificate request ( *.pem *.der *.csr ) db_x509super Key name 密钥名称 Internal name of the key 密钥的内部名称 Signature algorithm 签名算法 Extracted from %1 '%2' 从%1中提取得到'%2' Certificate 证书 Certificate request 证书请求 Save as OpenSSL config 保存为OpenSSL配置 Config files ( *.conf *.cnf);; All files ( * ) The following extensions were not ported into the template 以下扩展未进入到模板中 Transformed from %1 '%2' 从%1转换得到'%2' kvView Type 类型 Content 内容 pass_info Password 密码 PIN PIN pki_base Error opening file: '%1': %2 打开文件错误: '%1': %2 Error writing to file: '%1': %2 写入文件错误: '%1': %2 Unknown 未知 Imported 导入 Generated 生成 Transformed 转换 Token 令牌 Legacy Database 旧版的数据库 Renewed 已续签 Internal error: Unexpected message: %1 %2 内部错误: 意料之外的消息: %1 %2 pki_crl Successfully imported the revocation list '%1' 成功导入CRL '%1' Delete the revocation list '%1'? 删除CRL '%1'? Successfully created the revocation list '%1' 成功创建CRL '%1' Delete the %1 revocation lists: %2? 删除这%1个CRL: %2? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. 无法从文件%1加载CRL。尝试使用PEM或DER格式的CRL。 No issuer given 未指定颁发者 Wrong Size %1 错误的大小%1 unknown 未知 Renew CRL: %1 更新CRL: %1 The XCA CRL '%1', issued by the CA '%2' on %3 will expire on %4. It is stored in the XCA database '%5' 由%3上的CA '%2'发布的XCA CRL '%1'将在'%4'到期。 它存储在XCA数据库'%5'中 pki_evp Failed to decrypt the key (bad password) 无法解密密钥(密码错误) Failed to decrypt the key (bad password) %1 无法解密密钥(密码错误) %1 Please enter the password to decrypt the private key. 请输入密码,用于解锁私钥。 The key from file '%1' is incomplete or inconsistent. 文件'%1'中的密钥不完整或不一致。 Please enter the password to decrypt the private key from file: %1 请输入密码,用于从文件中解密私钥: %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. 无法从文件%1中加载私钥。尝试使用PEM和DER私钥,公钥,PKCS#8密钥类型和SSH2格式。 Ignoring unsupported private key 忽略不支持的私钥 Please enter the password to decrypt the private key: '%1' 请输入密码,用于解密私钥: '%1' Password input aborted 密码输入中止 Please enter the database password for decrypting the key '%1' 请输入数据库密码,用于解密密钥 '%1' Please enter the password to protect the private key: '%1' 请输入密码,用于保护私钥: '%1' Please enter the database password for encrypting the key 请输入数据库密码,用于加密密钥 Please enter the password protecting the PKCS#8 key '%1' 请输入密码,用于保护PKCS#8密钥 '%1' Please enter the export password for the private key '%1' 请输入私钥'%1'的导出密码 pki_key Successfully imported the %1 public key '%2' 成功导入%1个公钥 '%2' Delete the %1 public key '%2'? 删除%1个公钥 '%2'? Successfully imported the %1 private key '%2' 成功导入%1个私钥 '%2' Delete the %1 private key '%2'? 删除%1个私钥 '%2'? Successfully created the %1 private key '%2' 成功创建%1个私钥 '%2' Delete the %1 keys: %2? 删除%1个密钥 '%2'? Public key 公钥 Common Private Bogus PIN PIN No password 无密码 Unexpected SSH2 content: '%1' 意料之外的SSH2内容:'%1' Invalid SSH2 public key 不合法的SSH2公钥 Failed writing to %1 写入到%1失败 pki_multi No known PEM encoded items found 找不到已知的PEM编码条目 pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 请输入密码,用于解密PKCS#12文件: %1 Unable to load the PKCS#12 (pfx) file %1. 无法加载PKCS#12 (pfx)文件 %1. The supplied password was wrong (%1) 提供的密码有误 (%1) Please enter the password to encrypt the PKCS#12 file 请输入密码,用于加密PKCS#12文件 No key or no Cert and no pkcs12 没有证书或没有密钥 pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. 无法加载PKCS#7文件 %1。尝试使用PEM或DER格式。 pki_scard Successfully imported the token key '%1' 成功导入令牌密钥 '%1' Delete the token key '%1'? 删除令牌密钥 '%1'? Successfully created the token key '%1' 成功创建令牌密钥 '%1' Delete the %1 keys: %2? 删除%1个密钥: %2? Delete the private key '%1' from the token '%2 (#%3)' ? 从令牌 '%2 (#%3)'中删除私钥 '%1'? This Key is already on the token 令牌中已存在该密钥 PIN input aborted PIN输入中止 Unable to find copied key on the token 无法在令牌上找到复制的密钥 Please insert card: %1 %2 [%3] with Serial: %4 请插入智能卡: %1 %2 [%3] 序列号: %4 Public Key mismatch. Please re-import card 公钥不匹配。请重新导入智能卡 Illegal Key generation method 不合法的密钥生成方法 Unable to find generated key on card 无法在智能卡上找到生成的密钥 Ignoring unsupported token key 忽略不支持的令牌密钥 Wrong Size %1 错误的大小%1 Token %1 令牌 %1 Failed to find the key on the token 无法在令牌上找到密钥 Invalid Pin for the token 不合法的令牌PIN Failed to initialize the key on the token 初始化令牌密钥失败 pki_temp Successfully imported the XCA template '%1' 成功导入XCA模板 '%1' Delete the XCA template '%1'? 删除XCA模板 '%1'? Successfully created the XCA template '%1' 成功创建XCA模板 '%1' Delete the %1 XCA templates: %2? 删除%1个XCA模板: %2? Wrong Size %1 错误的大小%1 Template file content error (too small) 模板文件内容错误 (太小) Template file content error (too small): %1 模板文件内容错误 (太小): %1 Not a PEM encoded XCA Template 不是PEM编码的XCA模板 Not an XCA Template, but '%1' 不是一个XCA模板,而是 '%1' pki_x509 Successfully imported the certificate '%1' 成功导入证书 '%1' Delete the certificate '%1'? 删除证书 '%1'? Successfully created the certificate '%1' 成功创建证书 '%1' Delete the %1 certificates: %2? 删除%1个证书: %2? Unable to load the certificate in file %1. Tried PEM and DER certificate. 无法从文件%1加载证书。尝试使用PEM或DER格式的证书。 This certificate is already on the security token 安全令牌上已存在该证书 Delete the certificate '%1' from the token '%2 (#%3)'? 从令牌 '%2 (#%3)'中删除证书 '%1'? There is no key for signing ! 没有可用于签名的密钥 ! Wrong Size %1 错误的大小%1 No Yes Renew certificate: %1 续签证书: %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' 由%2签发的XCA证书 '%1'将在'%3'到期。 它存储在XCA数据库'%4'中 CRL Renewal of CA '%1' due CA '%1'的CRL更新时间到了 The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' 由CA '%1'签发的最新CRL将在%2到期。 它存储在XCA数据库'%3'中 pki_x509req Signing key not valid (public key) 签名密钥不合法 (公钥) Successfully imported the %1 certificate request '%2' 成功导入%1个证书请求 '%2' Delete the %1 certificate request '%2'? 删除%1个证书请求: '%2'? Successfully created the %1 certificate request '%2' 成功创建%1个证书请求 '%2' Delete the %1 certificate requests: %2? 删除%1个证书请求: %2? Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. 无法从文件%1加载证书请求。尝试使用PEM、DER或SPKAC格式。 Wrong Size %1 错误的大小%1 Signed 已签发 Unhandled 未处理 v3ext Copy Common Name 复制通用名称(CN) Add 添加 Delete 删除 Apply 应用 Validate 验证 Cancel 取消 An email address or 'copy' 一个email地址或'copy' An email address 一个email地址 A registered ID: OBJECT IDENTIFIER 一个已注册ID: 对象标识符 A uniform resource indicator 统一资源定位符 A DNS domain name or 'copycn' 一个DNS域名或'copycn' A DNS domain name DNS域名 An IP address IP地址 Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' 语法: <OID>;TYPE:形如 '1.2.3.4:UTF8:name'的文本 No editing. Only 'copy' allowed here 不允许编辑,此处只允许填写'copy' Validation failed: '%1' %2 验证失败: '%1' %2 Validation successful: '%1' 验证成功: '%1' xca-RELEASE.2.2.1/lang/xca_es.ts0000644000175000017500000054606713614632167015472 0ustar tewardteward Done Hecho About#1 CA Properties Propiedades de la CA CaProperties#1 Use random Serial numbers Usar números de Serie aleatorios CaProperties#2 Default template Plantilla predeterminada CaProperties#4 Details of the Certificate Detalles del Certificado CertDetail#1 S&tatus Estado CertDetail#2 Serial CertDetail#3 Número de serie CertDetail#3 The serial number of the certificate El número de serie del certificado CertDetail#4 The internal name of the certificate in the database El nombre interno del certificado en la base de datos CertDetail#5 Internal name CertDetail#6 Nombre interno CertDetail#6 Signature algorithm CertDetail#7 Firma CertDetail#7 Signature CertDetail#8 Firma CertDetail#8 Key CertDetail#9 Clave CertDetail#9 Fingerprints Huellas digitales CertDetail#10 SHA1 SHA1 CertDetail#11 MD5 MD5 CertDetail#12 Validity CertDetail#15 Validez CertDetail#15 The time since the certificate is valid El momento desde el que el certificado es válido CertDetail#16 The time until the certificate is valid El momento hasta el que el certificado es válido CertDetail#17 &Subject As&unto CertDetail#18 Attributes Atributos CertDetail#20 &Extensions CertDetail#21 &Extensiones CertDetail#21 Show config Mostrar configuración CertDetail#22 Show extensions Mostrar extensiones CertDetail#23 Not available CertDetail#24 No disponible CertDetail#24 Details of the certificate Detalles del certificado CertDetail#25 Not trusted CertDetail#28 No fiable CertDetail#28 Trusted Fiable CertDetail#29 Revoked: Revocado: CertDetail#30 Not valid No válido CertDetail#31 Valid Válido CertDetail#32 Details of the certificate signing request Detalles de la solicitud CertDetail#33 Certificate renewal Renovación de certificado CertExtend#1 Validity CertExtend#3 Validez CertExtend#3 Not before CertExtend#4 No antes de CertExtend#4 Not after CertExtend#5 No después de CertExtend#5 Time range CertExtend#6 Rango de tiempo CertExtend#6 Apply CertExtend#8 Aplicar CertExtend#8 Days CertExtend#9 Días CertExtend#9 Months CertExtend#10 Meses CertExtend#10 Years CertExtend#11 Años CertExtend#11 Midnight CertExtend#12 Medianoche CertExtend#12 Double click for details Haga doble click para obtener detalles ClickLabel#1 Signature CrlDetail#4 Firma CrlDetail#4 Name CrlDetail#6 Nombre CrlDetail#6 ... ... ExportDialog#1 DER is a binary format of the key without encryption PEM is a base64 encoded key with optional encryption PKCS#8 is an encrypted official Key-exchange format DER es un formato binario sin cifrado PEM es un formato texto bas64 con cifrado opcional PKCS#8 es un formato estandar de intercambio de claves ExportKey#7 Please enter the filename for the key. Introduzca nombre de fichero que contendrá la clave. ExportKey#8 Key export Exportar clave ExportKey#10 Name KeyDetail#1 Nombre KeyDetail#1 Public Exponent Exponente público KeyDetail#7 Keysize KeyDetail#8 Tamaño de clave KeyDetail#8 Private Exponent Exponente secreto KeyDetail#9 Modulus Módulo KeyDetail#10 Not available KeyDetail#12 Disponible KeyDetail#12 Available Disponible KeyDetail#15 Private key KeyDetail#18 Exponente secreto KeyDetail#18 &Import MainWindow#4 Importar MainWindow#4 Cancel MainWindow#58 Cancelar MainWindow#58 Password verify error, please try again Contraeña incorrecta, inténtelo de nuevo MainWindow#68 Password MainWindow#69 Contraseña MainWindow#69 Name NewKey#4 Nombre NewKey#4 New Key NewKey#6 Nueva clave NewKey#6 Keysize NewKey#8 Tamaño de clave NewKey#8 Signature algorithm NewX509#16 Firma NewX509#16 Subject NewX509#23 Sujeto NewX509#23 Private key NewX509#36 Exponente secreto NewX509#36 Validity NewX509#56 Validez NewX509#56 Import db_crl#11 Importar db_crl#11 Password db_key#4 Contraseña db_key#4 New Key db_key#10 Nueva clave db_key#10 Import db_key#11 Importar db_key#11 Export db_key#15 Exportar db_key#15 Change password Cambiar contraseña db_key#16 Reset password Restablecer la contraseña db_key#17 Change PIN Cambiar PIN db_key#18 Import db_temp#9 Importar db_temp#9 Export db_temp#11 Importar db_temp#11 Import db_x509#21 Importar db_x509#21 Export db_x509#27 Exportar db_x509#27 Clipboard db_x509#28 Portapapeles db_x509#28 File db_x509#29 Archivo db_x509#29 Request Solicitud db_x509#30 Template db_x509#33 Plantilla db_x509#33 Delete db_x509#35 Eliminar db_x509#35 Subject db_x509name#1 Sujeto db_x509name#1 Signed db_x509req#1 Firma db_x509req#1 Import db_x509req#9 Importar db_x509req#9 Rename db_x509req#11 Renombrar db_x509req#11 Show Details db_x509req#12 Mostrar detalles db_x509req#12 Sign db_x509req#13 Firma db_x509req#13 Export db_x509req#14 Importar db_x509req#14 Password pass_info#1 Contraseña pass_info#1 Cancel v3ext#5 Cancelar v3ext#5 CaProperties CA Properties Propiedades de la CA Days until next CRL issuing Días hasta la emisión de CRL Default template Plantilla predeterminada CertDetail Details of the Certificate Detalles del Certificado Status Estado Internal name Nombre interno The internal name of the certificate in the database El nombre interno del certificado en la base de datos Signature Firma Key Clave Serial Número de serie The serial number of the certificate El número de serie del certificado Fingerprints Huellas digitales MD5 MD5 An md5 hashsum of the certificate Un hash MD5 del certificado SHA1 SHA1 A SHA-1 hashsum of the certificate Un hash SHA-1 del certificado SHA256 SHA256 A SHA-256 hashsum of the certificate Un hash SHA-256 del certificado Validity Validez The time since the certificate is valid El momento desde el que el certificado es válido The time until the certificate is valid El momento hasta el que el certificado es válido Subject Sujeto Issuer Emisor Attributes Atributos Extensions Extensiones Show config Mostrar configuración Comment Comentarios Show extensions Mostrar extensiones Show public key This key is not in the database. Not available No disponible Signer unknown Firmante desconocido Self signed Autofirmado Revoked at %1 Revoked: Revocado: Not valid No válido Valid Válido Details of the certificate signing request Detalles de la solicitud de certificado CertExtend Certificate renewal Renovación de certificado This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. Esto creará un nuevo certificado como copia del antiguo con un nuevo número de serie y las fechas de validez modificadas. Validity Validez Not before No antes de Not after No después de Time range Rango de tiempo Local time Hora local Days Días Months Meses Years Años No well-defined expiration Caducidad sin definir Midnight Medianoche Apply Aplicar Revoke old certificate Revocar el certificado antiguo Keep serial number The certificate will be earlier valid than the signer. This is probably not what you want. El certificado entrará en vigor antes que el certificado firmante. Probablemente no es lo que pretendes. Edit dates Modificar fechas Abort rollout Cancelar la emisión Continue rollout Continuar la emisión Adjust date and continue Ajustar fecha y continuar The certificate will be longer valid than the signer. This is probably not what you want. El certificado caducará después que el certificado firmante. Probablemente no es lo que pretendes. CertTreeView Import PKCS#12 Importar PKCS#12 Import from PKCS#7 Importar desde PKCS#7 Request Solicitud Security token Token de seguridad Other token Otro token Similar Certificate Certificado similar Delete from Security token Eliminar del Token de seguridad CA CA Properties Propiedades Generate CRL Generar CRL Manage revocations Gestionar revocaciones Renewal Renovación Revoke Revocar Unrevoke Deshacer revocación ClickLabel Double click for details Haga doble click para obtener detalles CrlDetail Details of the Revocation list Detalles de la lista de revocación &Status E&stado Version Versión Signature Firma Signed by Firmante Name Nombre The internal name of the CRL in the database El nombre interno de la CRL en la base de datos issuing dates Fechas de emisión Next update Siguiente actualización Last update Última actualización &Issuer Em&isor &Extensions &Extensiones &Revocation list Lista de &Revocación Comment Comentarios Failed Error Unknown signer Firmante desconocido Verification not possible Verificación imposible ExportDialog Name Nombre The internal name of the CRL in the database El nombre interno de la CRL en la base de datos ... ... Filename Archivo Export comment into PEM file Export Format Formato All files ( * ) Todos los archivos ( * ) PEM Text format with headers Formato de Texto PEM con cabeceras Concatenated list of all selected items in one PEM text file Lista concatenada de todos los elementos seleccionados en un archivo PEM Concatenated text format of the complete certificate chain in one PEM file Cadena de certificados completa, concatenados en formato de texto en un archivo PEM Concatenated text format of all unrevoked certificates in one PEM file Todos los certificados no revocados concatenados en formato de texto en un archivo PEM Concatenated text format of all certificates in one PEM file Todos los certificados concatenados en formato de texto en un archivo PEM Binary DER encoded file Archivo codificado DER binario PKCS#7 encoded single certificate Certificado individual codificado en PKCS#7 PKCS#7 encoded complete certificate chain Cadena de certificados completa codificada en PKCS#7 All unrevoked certificates encoded in one PKCS#7 file Todos los certificados no revocados en un fichero con formato PKCS#7 All selected certificates encoded in one PKCS#7 file Todos los certificados seleccionados en un fichero codificado en PKCS#7 All certificates encoded in one PKCS#7 file Todos los certificados codificados en un fichero PKCS#7 The certificate and the private key as encrypted PKCS#12 file Certificado y su clave privada encriptados en fichero PKCS#11 The complete certificate chain and the private key as encrypted PKCS#12 file La cadena completa de certificados y la clave privada encriptados en fichero PKCS#12 Concatenation of the certificate and the unencrypted private key in one PEM file Certificado y la clave privada sin encriptar concatenados en un único fichero PEM Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Certificado y la clave privada encriptada concatenados en un único fichero con formato PKCS#8 Text format of the public key in one PEM file Clave pública en formato texto en un único archivo PEM Binary DER format of the public key Clave pública en formato DER Binario Unencrypted private key in text format Clave privada desencriptada en un fichero de texto OpenSSL specific encrypted private key in text format Clave privada encriptada en formato de texto específico de OpenSSL Unencrypted private key in binary DER format Clave privada desencriptada en formato DER Binario Unencrypted private key in PKCS#8 text format Clave privada desencriptada en formato PKCS#8 Encrypted private key in PKCS#8 text format Clave privada encriptada en formato de texto PKCS#8 The public key encoded in SSH2 format Clave pública codificada en fomrato SSH2 OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool Fichero de índice de certificados específico de OpenSSL como el comando created by the 'ca' y requerido por la herramienta OCSP vCalendar expiry reminder for the selected items vCalendar con el recordatorio de caducidad de los elementos seleccionados vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL vCalendar con la caducidad de todos los certificados emitidos y válidos; de la propia CA y de la última CRL The file: '%1' already exists! ¡El archivo '%1' ya existe! Overwrite Sobrescribir Do not overwrite No sobrescribir Help << << >> >> &Done &Hecho ImportMulti Import PKI Items Importar elementos PKI Import &All Importar &Todos &Import &Importar &Done &Hecho &Remove from list &Eliminar de la lista Details Detalles Delete from token Eliminar del token Rename on token Renombrar en el token Name: %1 Model: %2 Serial: %3 Nombre: %1 Modelo: %2 Nº serie: %3 Manage security token Gestionar token de seguridad The type of the item '%1' is not recognized El tipo del elemento '%1' no ha sido reconocido Details of the item '%1' cannot be shown Los detalles del elemento '%1' no se pueden mostrar The file '%1' did not contain PKI data El archivo '%1' no contiene datos de PKI The %1 files: '%2' did not contain PKI data Los %1 archivos: '%2' no contienen datos de PKI ItemProperties Name Nombre Source Origen Insertion date Fecha de inserción Comment Comentarios KeyDetail Name Nombre The internal name of the key used by xca El nombre interno de la clave usado por xca Key Clave Public Exponent Exponente público Keysize Tamaño de clave Private Exponent Exponente privado Security Token Token de Seguridad Label Etiqueta PKCS#11 ID ID PKCS#11 Token information Información del token Model Modelo Manufacturer Fabricante Serial Número de serie Fingerprint Comment Comentarios Details of the %1 key Detalles de la clave %1 Not available No disponible Security token Token de seguridad Available Disponible Sub prime Sub prime Public key Clave pública Private key Clave privada Curve name Nombre de curva Unknown key Clave desconocida KeyTreeView Change password Cambiar contraseña Reset password Restablecer la contraseña Change PIN Cambiar PIN Init PIN with SO PIN (PUK) Inicializar PIN con el PIN SO (PUK) Change SO PIN (PUK) Cambiar PIN SO (PUK) Security token Token de seguridad This is not a token Esto no es un token Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable ¿Debe la clave original '%1' ser reemplazada por la clave del token? Esto borrará la clave '%1' y imposibilitará su exportación MainWindow Private Keys Claves Privadas &New Key &Nueva Clave &Export &Exportar &Import &Importar Import PFX (PKCS#12) Importar PFX (PKCS#12) &Show Details &Mostrar Detalles &Delete &Borrar Certificate signing requests Solicitudes de certificado &New Request &Nueva Solicitud Certificates Certificados &New Certificate &Nuevo Certificado Import &PKCS#12 Importar &PKCS#12 Import P&KCS#7 Importar P&KCS#7 Plain View Vista Plana Templates Plantillas &New Template &Nueva Plantilla Ch&ange Template C&ambiar Plantilla Revocation lists Listas de Revocación &New CRL &Nueva CRL Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Formato antiguo de base de datos detectado. Creando una copia de seguridad llamada: '%1' y convirtiendo la base de datos al nuevo formato Failed to rename the database file, because the target already exists Error al renombrar el archivo de base de datos, porque el destino ya existe Using or exporting private keys will not be possible without providing the correct password Usar o exportar las claves privadas no será posible sin proporcionar la contraseña correcta The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. El algoritmo de hash '%1' utilizado actualmente no es seguro. Por favor seleccione al menos 'SHA-224' por razones de seguridad. Database Base de datos No deleted items found No se han encontrado elementos eliminados Recent DataBases Bases de datos recientes System Sistema Croatian Croatian English English French French German German Russian Russian Slovak Slovak Spanish Spanish Polish Italian Chinese Dutch Portuguese in Brazil Turkish Turkish Language Idioma &File &Archivo &New DataBase &Nueva base de datos &Open DataBase &Abrir base de datos Open Remote DataBase Abrir base de datos remota Set as default DataBase Establecer Base de datos por defecto &Close DataBase &Cerrar Base de datos New DataBase Open DataBase Close DataBase Options Opciones Exit Salir I&mport I&mportar Keys Claves Requests Solicitudes PKCS#12 PKCS#12 PKCS#7 PKCS#7 Template Plantilla Revocation list Lista de revocación PEM file Archivo PEM Paste PEM file Pegar archivo PEM Token Token Export Certificate &Index hierarchy Content Contenido &Token &Token &Manage Security token &Gestionar Token de Seguridad &Init Security token &Iniciar Token de Seguridad &Change PIN &Cambiar PIN Change &SO PIN Cambiar PIN &SO Init PIN Iniciar PIN Extra Extra &Dump DataBase Exportar Base de &Datos &Export Certificate Index &Exportar Índice de Certificados &Export Certificate Index hierarchy &Exportar Jerarquía de Índice de Certificados C&hange DataBase password Ca&mbiar contraseñas de Base de datos &Undelete items Rec&uperar elementos Generate DH parameter Generar parámetro DH OID Resolver Resolución de OID &Help A&yuda &Content &Contenido About Acerca de Search Buscar no such option: %1 No existe la opción: %1 Import PEM data Importar datos PEM Please enter the original SO PIN (PUK) of the token '%1' Por favor, introduzca el PIN SO (PUK) original del token '%1' Please enter the new SO PIN (PUK) for the token '%1' Por favor, introduzca el nuevo PIN SO (PUK) del token '%1' The new label of the token '%1' La nueva etiqueta del token '%1' The token '%1' did not contain any keys or certificates El token '%1' no contiene claves ni certificados Current Password Contraseña actual Please enter the current database password Por favor, introduzca la contraseña actual de la base de datos The entered password is wrong La contraseña introducida es incorrecta New Password Nueva Contraseña Please enter the new password to encrypt your private keys in the database-file Por favor introduzca la nueva contraseña para encriptar las claves privadas en el archivo de base de datos Transaction start failed Inicio de la transacción fallido Please enter a password, that will be used to encrypt your private keys in the database: %1 Por favor, introduzca una contraseña, que será utilizada para encriptar las claves privadas de la base de datos: %1 Password verify error, please try again Contraseña incorrecta, inténtelo de nuevo Password Contraseña Please enter the password for unlocking the database: %1 Por favor, introduzca la contraseña para desbloquear la base de datos: %1 The following error occurred: El siguiente error ha ocurrido: Copy to Clipboard Copiar al Portapapeles Certificate Index ( index.txt ) Índice de Certificados ( index.txt ) All files ( * ) Todos los archivos ( * ) Diffie-Hellman parameters saved as: %1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits Los parámetros Diffie-Hellman son necesitados por diferentes aplicaciones, pero no son gestionados por XCA. Por favor, introduzca los bits de parámetros DH Error opening file: '%1': %2 Error abriendo el archivo: '%1': %2 NewCrl Last update Última actualización Next update Siguiente actualización Days Días Months Meses Years Años Midnight Medianoche Local time Hora local Apply Aplicar Options Opciones Hash algorithm Algoritmo hash Subject alternative name Nombre alternativo del sujeto Authority key identifier Indentificador de clave de la autoridad CRL number Número de CRL Revocation reasons Razones de revocación NewKey New Key Nueva clave Please give a name to the new key and select the desired keysize Por favor, asigne un nombre a la nueva clave y seleccione el tamaño deseado Key properties Propiedades de la clave Name Nombre The internal name of the new key El nombre interno de la nueva clave Curve name Nombre de curva Keysize Tamaño de clave Usually at least 2048 bit keys are recommended Normalmente se recomiendan claves de al menos 2048 bits Keytype Tipo de clave Remember as default Recordar como valores por defecto Create Crear NewX509 Source Origen Signing request Solicitud de firma Show request Mostrar solicitud Sign this Certificate signing &request &Firmar esta solicitud de firma Copy extensions from the request Copiar extensiones de la solicitud Modify subject of the request Modificar sujeto de la solicitud Signing Firma Create a &self signed certificate Crear un certificado &autofirmado Use &this Certificate for signing Usar &este Certificado para firmar All certificates in your database that can create valid signatures Todos los certificados de la base de datos que pueden crear firmas válidas Signature algorithm Algoritmo de Firma Template for the new certificate Plantilla para el nuevo certificado All available templates Todas las plantillas disponibles Apply extensions Aplicar extensiones Apply subject Aplicar sujeto Apply all Aplicar todo Subject Sujeto Internal Name Nombre interno Distinguished name Nombre distinguido Add Añadir Delete Eliminar Private key Clave privada This list only contains unused keys Esta lista contiene únicamente claves sin utilizar Used keys too También claves utilizadas &Generate a new key &Generar una nueva clave Extensions Extensiones Type Tipo If this will become a CA certificate or not Si este será un certificado de CA o no Not defined No definido Certification Authority Autoridad certificadora End Entity Entidad final Path length Longitud de la ruta How much CAs may be below this. Cuantas CAs puede haber dependiendo de esta. The basic constraints should always be critical Las restricciones básicas deben ser siempre críticas Key identifier Identificador de clave Creates a hash of the key following the PKIX guidelines Crea un hash de la clave siguiendo las sugerencias PKIX Copy the Subject Key Identifier from the issuer Copia la clave del identificador del sujeto del emisor Validity Validez Not before No antes de Not after No después de Time range Rango de tiempo Days Días Months Meses Years Años Apply Aplicar Set the time to 00:00:00 and 23:59:59 respectively Establece la hora a 00:00:00 y 23:59:59 respectivamente Midnight Medianoche Local time Hora local No well-defined expiration Caducidad no definida DNS: IP: URI: email: RID: DNS: IP: URI: email: RID: Edit Editar URI: URI: Key usage Uso de la clave Netscape Netscape Advanced Avanzadas Validate Validar Comment Comentarios This name is only used internally and does not appear in the resulting certificate Este nombre sólo se usa internamente y no aparece en el certificado resultante Internal name Nombre interno Critical Crítica Create Certificate signing request Crear solicitud de firma de certificado minimum size: %1 tamaño mínimo: %1 maximum size: %1 tamaño máximo: %1 only a-z A-Z 0-9 '()+,-./:=? únicamente a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters únicamente caracteres 7-bit Edit XCA template Editar plantilla XCA Create x509 Certificate Crear certificado x509 Template '%1' applied Plantilla '%1' aplicada Subject applied from template '%1' Sujeto aplicado de la plantilla '%1' Extensions applied from template '%1' Extensiones aplicadas de la plantilla '%1' New key '%1' created Nueva clave '%1' creada Other Tabs Otras pestañas Advanced Tab Pestaña avanzadas Errors Errores From PKCS#10 request De la solicitud PKCS#10 Abort rollout Cancelar emisión The following length restrictions of RFC3280 are violated: Se violan las siguientes restricciones de longitud de RFC3280: Edit subject Editar sujeto Continue rollout Continuar emisión The verification of the Certificate request failed. The rollout should be aborted. La verificación de la solicitud de certificado ha fallado. La emisión debería ser cancelada. Continue anyway Continuar de todas formas The internal name and the common name are empty. Please set at least the internal name. El nombre interno y el nombre común están vacíos. Por favor, especifique al menos el nombre interno. Edit name Editar nombre There is no Key selected for signing. No se ha seleccionado Clave para la firma. Select key Clave seleccionada The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. Las siguientes entradas del nombre distinguido están vacías: %1 aunque las has declarado como obligatorias en el menú de opciones. The key you selected for signing is not a private one. La clave seleccionada para la firma no es una clave privada. Select other signer Seleccione otro firmante Select other key Seleccione otra clave The certificate will be earlier valid than the signer. This is probably not what you want. El certificado entrará en vigor antes que el certificado firmante. Probablemente no es lo que pretendes. Edit dates Modificar fechas Adjust date and continue Ajustar fecha y continuar The certificate will be longer valid than the signer. This is probably not what you want. El certificado caducará después que el certificado firmante. Probablemente no es lo que pretendes. The certificate will be out of date before it becomes valid. You most probably mixed up both dates. El certificado caducará antes de entrar en vigor. Probablemente has cruzado ambas fechas. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. El certificado contiene extensiones no válidas o duplicadas. Compruebe la validación en la pestaña avanzadas. The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. El certificado no contiene extensiones. Debes aplicar las extensiones de una de las plantillas para definir el propósito del certificado. Edit extensions Modificar extensiones The subject alternative name shall contain a copy of the common name. However, the common name is empty. El nombre alternativo del sujeto debe contener una copia del nombre común. Sin embargo el nombre común está vacío. Configfile error on line %1 Error en la línea %1 del fichero de configuración OidResolver OID Resolver Resolución de OID Enter the OID, the Nid, or one of the textual representations Introduzca el OID, el Nid, o alguna de las representaciones textuales Search Buscar OID OID Long name Nombre largo OpenSSL internal ID ID interno OpenSSL Nid Nid Short name Nombre corto OpenDb Open remote database Abrir base de datos remota Database type Tipo de base de datos Hostname Servidor Username Usuario Password Contraseña Database name Nombre de la base de datos Table prefix Prefijo de tabla No SqLite3 driver available. Please install the qt-sqlite package of your distribution No hay disponible un driver de SqLite3. Por favor instale el paquete 'qt-sqlite' de la distribución Please enter the password to access the database server %2 as user '%1'. Por favor, introduzca la contraseña de acceso del usuario '%1' al servidor de base de datos %2. The database driver does not support transactions. This may happen if the client and server have different versions. Continue with care. El driver de base de datos no soporta transacciones. Esto puede deberse a que el cliente y el servidor sean de versiones diferentes. Continue con cuidado. Options XCA Options Opciones de XCA Settings Ajustes Default hash algorithm Algoritmo de Hash por defecto String types Tipos de cadenas Suppress success messages Suprimir mensajes de éxito Don't colorize expired certificates No colorear los certificados caducados Translate established x509 terms (%1 -> %2) Traducir los términos de x509 (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. La funcionalidad de hash del token no es utilizada por XCA. Sin embargo, puede respetar un conjunto restringido de algoritmos de hash proporcionados por el token. Especialmente EC y DSA están definidos únicamente con SHA.1 en la especificación de PKCS#11. Only use hashes supported by the token when signing with a token key Utilizar sólo los algoritmos hash soportados por el token cuando se firme con una clave de token Disable legacy Netscape extensions Deshabilitar las antiguas extensiones Netscape Certificate expiry warning threshold Rango de aviso de caducidad de certificado Send vCalendar expiry reminder Enviar recordatorio de caducidad vCalendar Serial number length Longitud del número de serie bit bits Distinguished name Nombre distinguido Mandatory subject entries Entradas obligatorias en el sujeto Add Añadir Delete Eliminar Explicit subject entries Entradas explícitas en el sujeto Dynamically arrange explicit subject entries Agrupar dinámicamente las entradas explícitas del sujeto Default Por defecto PKCS#11 provider Proveedor PKCS#11 Remove Eliminar Search Buscar Printable string or UTF8 (default) Cadena imprimible o UTF8 (por defecto) PKIX recommendation in RFC2459 Recomendación PKIX de la RFC2459 No BMP strings, only printable and T61 Sin cadenas BMP, sólo imprimible y T61 UTF8 strings only (RFC2459) Sólo cadenas UTF8 (RFC2459) All strings Todas las cadenas Days Días Weeks Semanas Load failed Error en la carga PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) La contraseña se convierte a código de hex de 2 dígitos. Debe contener un número par de dígitos (0-9; a-f) Take as HEX string Considerar cadena HEX Repeat %1 Repita %1 %1 mismatch %1 no coincide Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters La contraseña HEX debe contener sólo los caracteres '0'-'9' y 'a'-'f' y debe consistir en un número par de caracteres E&xit &Salir QObject Undefined Sin definir Broken / Invalid Erroneo / Inválido in %1 seconds en %1 segundos %1 seconds ago hace %1 segundos in %1 minutes en %1 minutos %1 minutes ago Hace %1 minutos Yesterday Ayer Tomorrow Mañana in %1 hours en %1 horas %1 hours ago Hace %1 horas DB: Rename: '%1' already in use DB: Renombrar: '%1' ya utilizado DB: Entry to rename not found: %1 DB: Entrada a renombrar no encontrada: %1 DB: Write error %1 - %2 DB: Error de escritura %1 -%2 Out of data Faltan datos Error finding endmarker of string Error encontrando el final de la cadena Out of Memory at %1:%2 Error de memoria en %1:%2 Country code Código de país State or Province Estado o Provincia Locality Localidad Organisation Organización Organisational unit Unidad de organización Common name Nombre común E-Mail address Dirección E-Mail Serial number Número de serie Given name Nombre Surname Apellido Title Título Initials Iniciales Description Descripción Role Rol Pseudonym Pseudónimo Generation Qualifier Calificador de Generación x500 Unique Identifier Identificador único x500 Name Nombre DN Qualifier Calificador DN Unstructured name Nombre estructurado Challenge password Contraseña Basic Constraints Restricciones básicas Subject alternative name Nombre alternativo del sujeto issuer alternative name nombre alternativo del emisor Subject key identifier Indentificador de clave de sujeto Authority key identifier Identificador de clave de autoridad Key usage Uso de la clave Extended key usage Uso extendido de la clave CRL distribution points Puntos de distribución de CRL Authority information access Acceso a la información de Autoridad Certificate type Tipo de Certificado Base URL URL Base Revocation URL URL de revocación CA Revocation URL URL de revocación de CA Certificate renewal URL URL de renovación de certificado CA policy URL URL de políticas de CA SSL server name Nombre de servidor SSL Comment Comentarios All files ( * ) Todos los archivos ( * ) PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; SSH Public Keys ( *.pub );; Claves PKI ( *.pem *.der *.key );; Claves PKCS#8 ( *.p8 *.pk8 );; Claves Públicas SSH ( *.pub );; Import RSA key Importar clave RSA PKCS#10 CSR ( *.pem *.der *.csr );; PKCS#10 CSR ( *.pem *.der *.csr );; Import Request Importar Solicitud Certificates ( *.pem *.der *.crt *.cer );; Certificados ( *.pem *.der *.crt *.cer );; Import X.509 Certificate Importar certificado X.509 PKCS#7 data ( *.p7s *.p7m *.p7b );; Datos PKCS#7 ( *.p7s *.p7m *.p7b );; Import PKCS#7 Certificates Importar Certificados PKCS#7 PKCS#12 Certificates ( *.p12 *.pfx );; Certificados PKCS#12 ( *.p12 *.pfx );; Import PKCS#12 Private Certificate Importar Certificado Privado PKCS#12 XCA templates ( *.xca );; Plantillas XCA (*.xca);; Import XCA Templates Importar Plantillas XCA Revocation lists ( *.pem *.der *.crl );; Listas de Revocación ( *.pem *.der *.crl );; Import Certificate Revocation List Importar Lista de Revocación (CRL) XCA Databases ( *.xdb );; Base de datos XCA (*xdb);; Open XCA Database Abrir Base de datos XCA PKCS#11 library ( *.dll );; Librería PKCS#11 ( *.dll );; PKCS#11 library ( *.dylib *.so );; Librería PKCS#11 ( *.dylib *.so );; PKCS#11 library ( *.so );; Librería PKCS#11 ( *.so );; Open PKCS#11 shared library Abrir librería compartida PKCS#11 PEM files ( *.pem );; Archivos PEM ( *.pem );; Load PEM encoded file Abrir archivo codificado PEM Error reading config file %1 at line %2 Error leyendo fichero de configuración %1 en la línea %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. El Objeto'%1' del archivo %2 línea %3 ya existe como '%4:%5:%6' y debería ser eliminado. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. El identificador '%1' del OID %2 del archivo %3 línea %4 ya está usado par un OID diferente como '%5:%6:%7' y debería ser modificado para evitar conflictos. Unknown object '%1' in file %2 line %3 Objeto desconocido '%1' en archivo %2 línea %3 Please enter the PIN on the PinPad Por favor, introduzca el PIN en el PinPad Please enter the SO PIN (PUK) of the token %1 Por favor, introduzca el PIN SO (PUK) del token %1 Please enter the PIN of the token %1 Por favor, introduzca el PIN del token %1 No Security token found No se ha encontrado Token de seguridad Select Seleccionar Please enter the new SO PIN (PUK) for the token: '%1' Por favor, introduzca el nuevo PIN SO (PUK) para el token: '%1' Please enter the new PIN for the token: '%1' Por favor, introduzca el nuevo PIN para el token: '%1' Required PIN size: %1 - %2 Tamaño de PIN requerido: %1 - %2 Failed to open PKCS11 library: %1 Error al abrir la librería PKCS11: %1 Failed to open PKCS11 library: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Disabled Library loading failed PKCS#11 function '%1' failed: %2 La función PKCS#11 '%1' falló: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 La función PKCS#11 '%1' falló: %2 en la librería %3 %4 Failed to start a database transaction Error al iniciar transacción de base de datos Invalid No válido %1 is shorter than %2 bytes: '%3' %1 tiene menos de %2 bytes: '%3' %1 is longer than %2 bytes: '%3' %1 tiene más de %2 bytes: '%3' String '%1' for '%2' contains invalid characters La cadena '%1' para '%2' contiene caracteres no válidos ReqTreeView Sign Firma Unmark signed Mark signed Similar Request Solicitud similar RevocationList Manage revocations Gestionar Revocaciones Add Añadir Delete Eliminar Edit Editar No. I understand it as 'Number', right? Serial Número de serie Revocation Revocación Reason Razón Invalidation Invalidación Generate CRL Generar CRL Revoke Certificate revocation Revocación de certificados Revocation details Detalles de la revocación Revocation reason Razones de la revocación Local time Hora local Invalid since No válido desde Serial Número de serie SearchPkcs11 Directory Directorio ... ... Include subdirectories Incluir subdirectorios Search Buscar The following files are possible PKCS#11 libraries Los siguientes archivos son posibles librerías PKCS#11 SelectToken Security token Token de seguridad Please select the security token Por favor, seleccione el token de seguridad TempTreeView Duplicate Duplicar Create certificate Crear certificado Create request Solicitud de certificado copy copy Validity yyyy-MM-dd hh:mm yyyy-MM-dd hh:mm X509SuperTreeView OpenSSL config Configuración OpenSSL Transform Transformar Template Plantilla Public key Clave pública XcaTreeView Subject entries Entradas del Sujeto X509v3 Extensions Extensiones X509v3 Netscape extensions Extensiones Netscape Reset Restablecer Hide Column Ocultar columna Details Detalles Columns Columnas New Nuevo Import Importar Paste PEM data Pegar datos PEM Rename Renombrar Properties Propiedades Delete Eliminar Export Exportar Clipboard Portapapeles File Archivo db_base Internal name Nombre interno No. I understand it as 'Number', right? Primary key Clave primaria Database unique number Número único de base de datos Date Fecha Date of creation or insertion Fecha de creación o inserción Source Origen Generated, Imported, Transformed Gemerado, Importado, Transformado Comment Comentarios First line of the comment field Primera línea del campo de comentarios Could not create directory %1 Item properties Propiedades del elemento How to export the %1 selected items Como exportar los %1 elementos seleccionados All in one PEM file Todos en un único archivo PEM Each item in one file Cada elemento en un archivo Save %1 items in one file as Guardar %1 elementos en un archivo como PEM files ( *.pem );; All files ( * ) Archivos PEM ( *.pem );; Todos los archivos ( * ) Error opening file: '%1': %2 Error abriendo archivo: '%1': %2 db_crl Signer Firmante Internal name of the signer Nombre interno del firmante No. revoked Nº revocados Number of revoked certificates Número de certificados revocados Last update Última actualización Next update Siguiente actualización CRL number Número de CRL The revocation list already exists in the database as: '%1' and so it was not imported La lista de revocación ya existe en base de datos como: '%1' Y por lo tanto no será importada Revocation list export Exportar lista de revocación CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) There are no CA certificates for CRL generation No hay certificados de CA para generar la CRL Select CA certificate Seleccione certificado de CA Create CRL Crear CRL Failed to initiate DB transaction Error al iniciar la transacción de DB Database error: %1 Database error: Error de base de datos: db_key Type Tipo Size Tamaño EC Group Grupo EC Use Uso Password Contraseña The key is already in the database as: '%1' and is not going to be imported La clave ya existe en base de datos como: '%1' Y por lo tanto no será importada The database already contains the public part of the imported key as '%1' and will be completed by the new, private part of the key La base de datos ya contiene la parte pública de la clave importada como: '%1' Y será completada con la nueva parte privada de la clave The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key Extending public key from %1 by imported key '%2' Extendiendo la clave pública de %1 con la clave importada '%2' Key size too small ! ¡Tamaño de clave demasiado pequeño! You are sure to create a key of the size: %1 ? ¿Está seguro de crear una nueva clave de tamaño: %1? PEM public PEM publico SSH2 public SSH2 publico PEM private PEM privado Export keys to Clipboard Exportar claves al portapapeles Clipboard Portapapeles Export public key [%1] Exportar la clave pública [%1] DER public DER publico DER private DER privado PEM encryped PEM encriptado PKCS#8 encrypted PKCS#8 encriptado Export private key [%1] Exportar clave privada [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Claves privadas ( *.pem *.der *.pk8 );; Claves públicas SSH ( *.pub ) Tried to change password of a token Intentó cambiar la contraseña de un token db_temp Empty template Plantilla vacía Bad template: %1 Plantilla incorrecta: %1 Preset Template values Establecer valores de la plantilla Save template as Guardar plantilla como XCA templates ( *.xca );; All files ( * ) Plantillas XCA( *.xca );;Todos los archivos( * ) db_x509 CA CA reflects the basic Constraints extension refleja las extensiones de restricciones básicas Serial Número de serie MD5 fingerprint Huella digital MD5 SHA1 fingerprint Huella digital SHA1 SHA256 fingerprint Huella digital SHA256 Start date Fecha de inicio Not before No antes de Expiry date Fecha de caducidad Not after No después de Revocation Revocación CRL Expiration Caducidad de CRL Plain View Vista Plana Tree View Vista de árbol Failed to retrieve unique random serial Error al obtener un número de serie aleatorio único The certificate already exists in the database as: '%1' and so it was not imported El certificado ya existe en base de datos como: '%1' Y por lo tanto no será importado Signed on %1 by '%2' Firmado el %1 por '%2' Unknown Desconocido Invalid public key Clave pública no válida The key you selected for signing is not a private one. La clave seleccionada para la firma no es una clave privada. Store the certificate to the key on the token '%1 (#%2)' ? ¿Guardar el certificado a la clave en el token '%1 (#%2)'? PEM chain Cadena PEM PKCS#7 chain Cadena PKCS#7 PKCS#12 chain Cadena PKCS#12 PEM + key PEM + clave PKCS#7 unrevoked PKCS#7 no revocados PKCS#7 all PKCS#7 todos PEM unrevoked PEM no revocados PEM all PEM Todos Certificate Index file Fichero de índice de certificados vCalendar vCalendar CA vCalendar vCalendar CA Certificate export Exportar certificado X509 Certificates ( *.pem *.cer *.crt *.p12 *.p7b ) Certificados X509 ( *.pem *.cer *.crt *.p12 *.p7b ) There was no key found for the Certificate: '%1' No se ha encontrado clave asociada al Certificado '%1' Not possible for a token key: '%1' No es posible para una clave de token '%1' days Error opening file: '%1': %2 Error abriendo archivo: '%1': %2 Not possible for the token-key Certificate '%1' No es posible para un certificado con clave de token '%1' days días No template Sin plantilla db_x509name Subject Sujeto Complete distinguished name Nombre completo Subject hash Hash del sujeto Hash to lookup certs in directories Hash para buscar certificados en directorios db_x509req Signed Firmado whether the request is already signed or not Si el certificado está firmado o no Unstructured name Nombre sin estructurar Challenge password Contraseña Certificate count Number of certificates in the database with the same public key The certificate signing request already exists in the database as '%1' and thus was not stored La solicitud de firma de certificado ya existe en la base de datos como '%1' y por lo tanto no será almacenada Certificate request export Exportación de solicitud Certificate request ( *.pem *.der *.csr ) Solicitud de firma de certificado ( *.pem *.der *.csr ) db_x509super Key name Nombre de clave Internal name of the key Nombre interno de la clave Signature algorithm Algoritmo de firma Extracted from %1 '%2' Extraído de %1: '%2' Certificate Certificado Certificate request Solicitud de certificado Save as OpenSSL config Almacenar como configuración OpenSSL Config files ( *.conf *.cnf);; All files ( * ) Archivo de configuración ( *.conf *.cnf);; Todos los archivos ( * ) The following extensions were not ported into the template Las siguientes extensiones no fueron importadas en la plantilla Transformed from %1 '%2' Transformado de %1 '%2' kvView Type Tipo Content Contenido pass_info Password Contraseña PIN PIN pki_base Internal error: Unexpected message: %1 %2 Error interno: Mensaje inesperado: %1 %2 Error opening file: '%1': %2 Error abriendo archivo: '%1': %2 Error writing to file: '%1': %2 Error escribiendo en archivo: '%1': %2 Unknown Desconocido Imported Importado Generated Generado Transformed Transformado Token Token Legacy Database Antigua base de datos Renewed pki_crl Successfully imported the revocation list '%1' La lista de revocación '%1' se importó con éxito Delete the revocation list '%1'? ¿Eliminar la lista de revocación '%1'? Successfully created the revocation list '%1' Creada con éxito la lista de revocación '%1' Delete the %1 revocation lists: %2? ¿Eliminar las %1 listas de revocación: %2? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. Imposible cargar la lista de revocación del archivo %1. Se intentó con los formatos de PEM y DER de CRL. No issuer given No se proporcionó emisor Wrong Size %1 Tamaño erroneo: %1 unknown desconocido Renew CRL: %1 Renovar CRL: %1 The XCA CRL '%1', issued by the CA '%2' on %3 will expire on %4. It is stored in the XCA database '%5' La CRL de XCA '%1', emitida por la CA '%2' el %3 caducará el %4. Está almacenada en la base de datos de XCA '%5' pki_evp Failed to decrypt the key (bad password) Error al desencriptar la clave (contraseña incorrecta) Failed to decrypt the key (bad password) %1 Please enter the password to decrypt the private key. Por favor, introduzca la contraseña para desencriptar la clave privada. The key from file '%1' is incomplete or inconsistent. Please enter the password to decrypt the private key from file: %1 Por favor, introduzca la contraseña para desencriptar la clave privada del archivo: %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. Imposible cargar la clave privada del archivo %1. Se intentó con los formatos de PEM y DER privada, pública, tipos de clave PKCS#8 y formato SSH2. Ignoring unsupported private key Ignorar clave privada no soportada Please enter the password to decrypt the private key: '%1' Por favor, introduzca la contraseña para desencriptar la clave privada: '%1' Password input aborted Introducción de la contraseña abortada Please enter the database password for decrypting the key '%1' Por favor, introduzca la contraseña de base de datos para desencriptar la clave: '%1' Please enter the password to protect the private key: '%1' Por favor, introduzca la contraseña para proteger la clave privada: '%1' Please enter the database password for encrypting the key Por favor, introduzca la contraseña de base de datos para encriptar la clave Please enter the password protecting the PKCS#8 key '%1' Por favor, introduzca la contraseña que protege la clave PKCS#8 '%1' Please enter the export password for the private key '%1' Por favor, introduzca la clave de exportación para la clave privada '%1' pki_key Successfully imported the %1 public key '%2' Importada con éxito la %1 clave pública '%2' Delete the %1 public key '%2'? ¿Eliminar la %1 clave pública '%2'? Successfully imported the %1 private key '%2' Importada con éxito la %1 clave privada '%2' Delete the %1 private key '%2'? ¿Eliminar la %1 clave privada '%2'? Successfully created the %1 private key '%2' Creada con éxito la %1 clave privada '%2' Delete the %1 keys: %2? ¿Eliminar las %1 claves: %2? Public key Clave pública Common Común Private Privada Bogus Falso PIN PIN No password Sin contraseña Unexpected SSH2 content: '%1' Invalid SSH2 public key Clave pública SSH2 no válida Failed writing to %1 Error escribiendo a %1 pki_multi No known PEM encoded items found No se han encontrado elementos PEM codifiicados pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 Por favor, introduzca la contraseña para desencriptar el archvo PKCS#12: %1 Unable to load the PKCS#12 (pfx) file %1. No se puede cargar el archivo PKCS#12 (pfx) %1. The supplied password was wrong (%1) La contraseña introducida es incorrecta (%1) Please enter the password to encrypt the PKCS#12 file Por favor, introduzca la contraseña para encriptar el archvo PKCS#12 No key or no Cert and no pkcs12 No existe clave o no existe certifcado y no existe pkcs12 pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. No se puede cargar el archivo PKCS#7 %1. Se he probado con los formatos PEM y DER. pki_scard Successfully imported the token key '%1' Importada con éxito la clave del token '%1' Delete the token key '%1'? ¿Eliminar la clave del token '%1'? Successfully created the token key '%1' Creada con éxito la clave del token '%1' Delete the %1 keys: %2? ¿Eliminar las %1 claves: %2? Delete the private key '%1' from the token '%2 (#%3)' ? ¿Eliminar la clave privada '%1' del token '%2 (#%3)'? This Key is already on the token Esta Clave ya existe en el token PIN input aborted Introducción de PIN abortada Unable to find copied key on the token No se puede encontrar la clave copiada en el token Please insert card: %1 %2 [%3] with Serial: %4 Por favor, inserte tarjeta: %1 %2 [%3] con Nº de Serie: %4 Public Key mismatch. Please re-import card Error de comprobación de Clave Pública. Por favor, reimporte la tarjeta Illegal Key generation method Método de generación de claves ilegal Unable to find generated key on card No se puede encontrar la clave generada en la tarjeta Ignoring unsupported token key Ignorando clave de token no soportada Wrong Size %1 Tamaño erroneo: %1 Token %1 Token %1 Failed to find the key on the token No se puede encontrar la clave en el token Invalid Pin for the token Pin del token no válido Failed to initialize the key on the token No se puede inicializar la clave en el token pki_temp Successfully imported the XCA template '%1' Importada con éxito la plantilla XCA '%1' Delete the XCA template '%1'? ¿Eliminar la plantilla XCA '%1'? Successfully created the XCA template '%1' Creada con éxito la plantilla XCA '%1' Delete the %1 XCA templates: %2? ¿Eliminar las %1 plantillas XCA: %2? Wrong Size %1 Tamaño erroneo: %1 Template file content error (too small) Error en el contenido del fichero de plantilla (demasiado pequeño) Template file content error (too small): %1 Error en el contenido del fichero de plantilla (demasiado pequeño): %1 Not a PEM encoded XCA Template No es una plantilla XCA codificada en PEM Not an XCA Template, but '%1' No es una Plantilla XCA, sino '%1' pki_x509 Successfully imported the certificate '%1' Importado con éxito el certificado '%1' Delete the certificate '%1'? ¿Eliminar el certificado '%1'? Successfully created the certificate '%1' Creada con éxito el certificado '%1' Delete the %1 certificates: %2? ¿Eliminar los %1 certificados: %2? Unable to load the certificate in file %1. Tried PEM and DER certificate. Imposible cargar el certificado del archivo %1. Se intentó con los formatos de PEM y DER de certificado. This certificate is already on the security token Este certificado ya existe en el token de seguridad Delete the certificate '%1' from the token '%2 (#%3)'? ¿Eliminar el certificado '%1' del token '%2 (#%3)'? There is no key for signing ! ¡No existe clave para la firma! Wrong Size %1 Tamaño erroneo: %1 No No Yes Renew certificate: %1 Renovar certificado: %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' El certificado de XCA '%1', emitido el %2 caducará el %3. Está almacenado en la base de datos de XCA '%4' CRL Renewal of CA '%1' due Renovación de CRL de CA '%1' debido a The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' La última CRL emitida por la CA '%1' caducará el %2. Está almacenada en la base de datos de XCA '%3' pki_x509req Signing key not valid (public key) Clave de firma no válida (clave pública) Successfully imported the %1 certificate request '%2' Importada con éxito la %1 solicitud de certificado '%2' Delete the %1 certificate request '%2'? ¿Eliminar las %1 solicitudes de certificado: '%2'? Successfully created the %1 certificate request '%2' Creada con éxito la %1 solicitud de certificado '%2' Delete the %1 certificate requests: %2? ¿Eliminar las %1 solicitudes de certificado: %2? Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. Imposible cargar la solicitud de certificado del archivo %1. Se intentó con los formatos de PEM, DER y SPKAC. Wrong Size %1 Tamaño erroneo: %1 Signed Firmado Unhandled No manejado v3ext Copy Common Name Copiar Nombre Común Add Añadir Delete Eliminar Apply Aplicar Validate Validar Cancel Cancelar An email address or 'copy' Una dirección de correo o 'copiar' An email address Una dirección de correo A registered ID: OBJECT IDENTIFIER Un ID registrado: OBJECT IDENTIFIER A uniform resource indicator Un indicador de recurso uniforme (URI) A DNS domain name or 'copycn' Un nombre de dominio DNS o 'copycn' A DNS domain name Un nombre de dominio DNS An IP address Una dirección IP Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' Sintaxis: <OID>;TYPE:text por ejemplo '1.2.3.4:UTF8:name' No editing. Only 'copy' allowed here No editar. Sólo 'copiar' está permitido aquí Validation failed: '%1' %2 Error de validación: '%1' %2 Validation successful: '%1' Validado con éxito: '%1' xca-RELEASE.2.2.1/lang/xca_de.ts0000644000175000017500000062471313614632167015446 0ustar tewardteward About Done Schliessen CaProperties Next serial for signing Nächste Seriennummer beim signieren Days until next CRL issuing Tage bis zur nächsten CRL Default template Standard Template CA Properties CA Einstellungen Use random Serial numbers Verwende zufällige Seriennummern CertDetail Show extensions Erweiterungen anzeigen Show public key Öffentlichen Schlüssel anzeigen This key is not in the database. Dieser Schlüssel ist nicht in der Datenbank. Not available Nicht verfügbar Revoked at %1 Zurückgezogen am %1 Details of the certificate Details des Zertifikates Signer unknown Unterzeichner unbekannt Self signed Selbstsigniert Not trusted Nicht vertrauenswürdig Trusted Vertrauenswürdig Revoked: Zurückgezogen: Not valid Nicht gültig Valid Gültig Details of the certificate signing request Details des Zertifikatsantrags Details of the Certificate Details des Zertifikates S&tatus S&tatus Serial Seriennummer The serial number of the certificate Die Seriennummer des Zertifikats The internal name of the certificate in the database Der interne Name des Zerifikats in der Datenbank Internal name Interner Name Signature algorithm Signatur algorithmus Signature Unterschrift Key Schlüssel Fingerprints Fingerprints SHA1 SHA1 MD5 MD5 A SHA-1 hashsum of the certificate Eine SHA-1 Summe des Zertifikats An md5 hashsum of the certificate Eine md5 Summe des Zertifikats Status Status SHA256 SHA256 A SHA-256 hashsum of the certificate Eine SHA-256 Summe des Zertifikats Validity Gültigkeit The time since the certificate is valid Beginn der Zertifikatsgültigkeit The time until the certificate is valid Ablaufdatum des Zertifikats Subject Inhaber Issuer Aussteller Extensions Erweiterungen Comment Kommentar &Subject Inha&ber &Issuer &Aussteller Attributes Attribute &Extensions &Erweiterungen Show config Konfiguration anzeigen CertExtend This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. Hiermit wird ein neues Zertifikat als Kopie des alten Zertifikats erstellt, mit neuer Seriennummer und aktueller Gültigkeit. Validity Gültigkeit Not before Nicht vor dem Not after Nicht nach dem Time range Zeitspanne Days Tage Months Monate Years Jahre Midnight Mitternacht Apply Übernehmen Revoke old certificate Altes Zertifikat zurückziehen Keep serial number Seriennummer übernehmen Certificate renewal Zertifikatsverlängerung Local time Ortszeit No well-defined expiration Undefiniertes Ablaufdatum The certificate will be earlier valid than the signer. This is probably not what you want. Das Zertifikat is früher gültig als der Aussteller. Dies ist wahrscheinlich ungewollt. Edit times Zeiten einstellen Edit dates Zeiten einstellen Abort rollout Ausstellung abbrechen Continue rollout Ausstellung fortführen Adjust date and continue Datum anpassen und fortführen The certificate will be longer valid than the signer. This is probably not what you want. Das Zertifikat ist länger gültig als der Aussteller. Dies ist wahrscheinlich nicht gewollt. CertTreeView Import PKCS#12 Import PKCS#12 Import from PKCS#7 Import aus PKCS #7 Request Zertifikatsantrag Security token Chipkarte Other token Andere Chipkarte Similar Certificate Ähnliches Zertifikat Delete from Security token Von der Chipkarte löschen CA CA Properties Eigenschaften Generate CRL CRL erstellen Manage revocations Sperrlisteneinträge bearbeiten Trust Vertrauen Renewal Verlängerung Revoke Sperren Unrevoke Sperrung aufheben CertView There was no key found for the Certificate: Es wurde kein Schlüssel gefunden für das Zertifikat: Import Certificate signing request Zertifikatsantrag importieren ClickLabel Double click for details Doppelklick für Details CrlDetail Name Name Serial Seriennummer Revocation Sperrung Reason Grund Invalidation Ungültig seit Failed Fehlgeschlagen Verification not possible Überprüfung nicht möglich Unknown signer Unterzeichner unbekannt Unknown certificate Unbekanntes Zertifikat Details of the Revocation list Details der Sperrliste &Status &Status Version Version Signature Unterschrift Signed by Unterschrieben von The internal name of the CRL in the database Der interne Name der CRL in der Datenbank issuing dates Ausstellungszeiten Next update Nächstes Update Last update Letztes update Comment Kommentar Next Update Nächstes Update Last Update Letztes Update &Issuer &Aussteller &Extensions &Erweiterungen &Revocation list &Sperrliste 0 0 ExportCert X509 Certificates ( *.cer *.crt *.p12 *.p7b);;All files ( * ) X509 Zertifikate ( *.cer *.crt *.p12 *.p7b);;Alle Dateien ( * ) DER is a binary format of the Certificate PEM is a base64 encoded Certificate PKCS#7 is an official Certificate exchange format PKCS#12 is an encrypted official Key-Certificate exchange format DER ist das Binärformat des Zertifikats PEM ist ein base64 kodiertes Zertifikat PKCS#7 ist ein offizielles Zertifikatsaustauschformat PKCS#12 ist ein verschlüsseltes, offizielles Austauschformat für Zertifikats/Schlüssel paare Please enter the filename for the certificate. Bitte geben sie den Dateinamen des Zertifikats ein. Certificate export Zertifikatsexport ExportDer All files ( * ) Alle Dateien ( * ) DER is a binary format PEM is a base64 encoded DER file DER ist ein Binärformat PEM ist eine base64 kodierte PEM Datei im Textformat ExportDialog Name Name The internal name of the CRL in the database Der interne Name der CRL in der Datenbank ... ... Filename Dateiname Export comment into PEM file Kommentar in die PEM Datei übernehmen Please enter the filename Bitte den Dateinamen eingeben Export Format Exportformat All files ( * ) Alle Dateien ( * ) PEM Text format with headers PEM Textformat mit Kopf- und Fußzeilen Concatenated list of all selected items in one PEM text file Aneinandergereihte Liste aller ausgewählter Einträge in eine PEM Text Datei Concatenated text format of the complete certificate chain in one PEM file Aneinandergehängte Zertifikatskette in einer PEM Datei Concatenated text format of all trusted certificates in one PEM file Alle vertrauenswürdigen Zertifikate aneinandergehängt in einer PEM Datei Concatenated text format of all certificates in one PEM file Alle Zertifikate aneinandergehängt in einer PEM Datei Binary DER encoded file Binäre DER formatierte Datei PKCS#7 encoded single certificate Einzelnes Zertifikat im PKCS#7 format PKCS#7 encoded complete certificate chain Vollständige Zertifikatskette in einer PKCS#7 Datei All trusted certificates encoded in one PKCS#7 file Alle vertrauenswürdigen Zertifikate in einer PKCS#7 Datei Concatenated text format of all unrevoked certificates in one PEM file Alle ungesperrten Zertifikate hintereinander in einer PEM Textdatei All unrevoked certificates encoded in one PKCS#7 file Alle nicht zurückgezogenen Zertifikate in einer PKCS#7 Datei All selected certificates encoded in one PKCS#7 file Alle ausgewählten Zertifikate in einer PKCS#7 Datei All certificates encoded in one PKCS#7 file Alle Zertifikate in einer PKCS#7 Datei The certificate and the private key as encrypted PKCS#12 file Das Zertifikat und der zugehörige private Schlüssel als verschlüsselte PKCS#12 Datei The complete certificate chain and the private key as encrypted PKCS#12 file Die vollständige Zertifikatskette und der private Schlüssel als verschlüsselte PKCS#12 Datei Concatenation of the certificate and the unencrypted private key in one PEM file Das PEM Zertifikat und der unverschlüsselte private PEM Schlüssel in einer Textdatei Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Das PEM Zertifikat und der unverschlüsselte private PKCS#8 Schlüssel in einer Textdatei Text format of the public key in one PEM file Eine PEM Textdatei mit dem öffentlichen Schlüssel Binary DER format of the public key Der öffentliche Schlüssel in einer binären DER Datei Unencrypted private key in text format Der unverschlüsselte private Schlüssel in einer PEM Textdatei OpenSSL specific encrypted private key in text format OpenSSL spezifischer privater Schlüssel im Textformat Unencrypted private key in binary DER format Unverschlüsselter privater Schlüssel in einer binären DER Datei Unencrypted private key in PKCS#8 text format Unverschlüsselter privater Schlüssel in einer PKCS#8 Textdatei Encrypted private key in PKCS#8 text format Verschlüsselter privater Schlüssel in einer PKCS#8 Textdatei The public key encoded in SSH2 format Der öffentliche Schlüssel im SSH2 Format OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool OpenSSL spezifische Zertifikatsindexdatei in dem Format wie sie von dem OpenSSL 'ca' kommando erzeugt und von der OCSP Funktion benötigt wird vCalendar expiry reminder for the selected items Fälligkeitserinnerung für alle ausgewählten Elemente im vCalendar Format vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL Fälligkeitserinnerung für alle ausgestellten Zertifikate, der CA und der letzten CRL im vCalendar Format Certificate Index file Zertifikatsindexdatei The file: '%1' already exists! Die Datei '%1' existiert bereits! Overwrite Überschreiben Do not overwrite Nicht überschreiben ExportKey Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub );; All files ( * ) Private Schlüssel ( *.pem *.der *.pk8 );; Öffentliche SSH Schlüssel ( *.pub );; Alle Dateien ( * ) Please enter the filename for the key. Bitte geben Sie den Dateinamen für den Schlüssel ein. Export public %1 key Öffentlichen %1 Schlüssel exportieren Export %1 key %1 Schlüssel exportieren DER is a binary format of the key without encryption PEM is a base64 encoded key with optional encryption PKCS#8 is an encrypted official Key-exchange format DER ist ein binärformat ohne Passwort sicherung PEM ist ein base64 codierter Schlüssel mit optionaler Passwort sicherung PKCS#8 ist ein offizielles Austauschformat für Passwort gesicherte Schlüssel When exporting the private key it should be encrypted. Der Private Schlüssel sollte beim Export durch ein Passwort geschützt werden. When exporting the private part, it should be encrypted. Wenn der private Teil mit exportiert wird, sollte er verschlüsselt werden. E&xport the private part of the Key too Den privaten Teil des Schlüssels mit e&xportieren Export as PKCS#8 Exportieren als PKCS#8 &Encrypt the Key with a password D&en Schlüssel mit einem Passwort sichern Private keys ( *.pem *.der *.pk8 );;All files ( * ) Private Schlüssel ( *.pem *.der *.pk8 );;Alle Dateien ( * ) Help << << >> >> &Done &Fertig ImportMulti Details Details Import &All &Alle importieren &Import &Import &Done &Fertig The type of the Item '%1' is not recognized Unbekannter Typ bei '%1' Details of the item '%1' cannot be shown Details von '%1' können nicht angezeigt werden The type of the item '%1' is not recognized Unbekannter Typ bei '%1' The file '%1' did not contain PKI data Die Datei '%1' enthielt keine verwendbaren Daten The %1 files: '%2' did not contain PKI data Die %1 Dateien: '%2' enthielten keine verwendbaren Daten Import PKI Items Importieren &Remove from list &Aus Liste entfernen Delete from token Von der Chipkarte löschen Rename on token Auf der Chipkarte umbenennen Name: %1 Model: %2 Serial: %3 Name: %1 Modell: %2 Seriennummer: %3 Manage security token Chipkarte verwalten ItemProperties Name Name Source Herkunft Insertion date Einfügezeitpunkt Comment Kommentar KeyDetail Not available Nicht verfügbar Available Verfügbar Name Name The internal name of the key used by xca Der interne Name in der Datenbank Keysize Schlüssellänge Private Exponent Privater Exponent Security Token Chipkarte Label Bezeichnung PKCS#11 ID PKCS#11 ID Token information Chipkarteninformation Model Modell Fingerprint Fingerabdruck Comment Kommentar Public Exponent Öffentlicher Exponent Modulus Modulus Sub prime Sub prime Public key Öffentlicher Schlüssel Private key Privater Schlüssel Security token Chipkarte Manufacturer Hersteller Serial Seriennummer Key Schlüssel Token Chipkarte Curve name Kurvenname Details of the %1 key Details des %1 Schlüssels Security token ID:%1 Chipkarte ID:%1 Unknown key Unbekannter Schlüssel KeyTreeView Change password Passwort ändern Reset password Passwort zurücksetzen Change PIN PIN ändern Init PIN with SO PIN (PUK) PIN mithilfe der SO PIN (PUK) initialisieren Change SO PIN (PUK) SO PIN (PUK) ändern Security token Chipkarte This is not a token Dies ist keine Smartcard Tried to change PIN of a key Die PIN eines Schlüssels ohne Chipkarte kann nicht geändert werden Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable Soll der Originalschlüssel '%1' durch den Chipkartenschlüssel ersetzt werden? Dies löscht den Schlüssel '%1' und macht ihn nicht-exportierbar MainWindow Password Passwort Password verify error, please try again Die Passwort überprüfung ist fehlgeschlagen Search Suchen Please enter the new SO PIN (PUK) for the token '%1' Bitte die neue SO PIN (PUK) für '%1' eingeben Current Password Aktuelles Passwort Please enter the current database password Bitte das aktuelle Passwort eingeben The entered password is wrong Das angegebene Passwort war falsch New Password Neues Passwort Transaction start failed Transaktionsstart fehlgeschlagen Please enter a password, that will be used to encrypt your private keys in the database: %1 Bitte das Passwort zur Verschlüsselung der privaten Schlüssel in der Datenbank %1 eingeben The following error occurred: Der folgende Fehler ist aufgetreten: Copy to Clipboard In die Zwischenablage &Close DataBase Datenbank s&chliessen &Content &Inhalt &About Ü&ber &File D&atei Recent DataBases Zuletzt geöffnet System System Croatian Kroatisch English Englisch French Französisch German Deutsch Russian Russisch Slovak Slowakisch Spanish Spanisch Polish Polnisch Italian Italienisch Chinese Chinesisch Dutch Niederländisch Portuguese in Brazil Brasilianisches Portugiesisch Turkish Türkisch Language Sprache Open Remote DataBase Netzwerkdatenbank öffnen Paste PEM file PEM Datei Einfügen Token Chipkarte Extra Extra &Export Certificate Index Zertifikatsindex &exportieren &Export Certificate Index hierarchy Zertifikatsindexhierarchie &exportieren OID Resolver OID Resolver &Help &Hilfe Database dump ( *.dump );; All files ( * ) Datenbankausgabe ( *.dump );; Alle Dateien ( * ) Private Keys Private Schlüssel &New Key &Neuer Schlüssel &Export &Export &Import &Import Import PFX (PKCS#12) Import PFX (PKCS#12) &Show Details Detail&s anzeigen &Delete &Löschen Certificate signing requests Zertifikatsanträge &New Request &Neuer Zertifikatsantrag Certificates Zertifikate &New Certificate &Neues Zertifikat Import &PKCS#12 Import &PKCS#12 Import P&KCS#7 Import P&KCS#7 Plain View Einfache Ansicht Templates Vorlagen &New Template &Neue Vorlage &New CRL &Neue Sperrliste &New template &Neue Vorlage Ch&ange Template Vorl&age Ändern Revocation lists Sperrlisten Database Datenbank The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. Das aktuell verwendete Standard-Hash-Verfahren '%1' gilt als unsicher. Aus Sicherheitsgründen sollte mindestens SHA-224 gewählt werden. Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Veraltetes Datenbankformat entdeckt. Eine Sicherheitskopie mit dem Namen: '%1' wird erstellt und die Datenbank in das neue Format umgewandelt Failed to rename the database file, because the target already exists Datenbank konnte nicht umbenannt werden, da die Zieldatei bereits existiert No deleted items found Keine gelöschten Einträge gefunden Errors detected and repaired while deleting outdated items from the database. A backup file was created Beim Löschen veralteter Datenbankeinträge wurden Fehler erkannt und repariert. Eine Backup-datei wurde erstellt Removing deleted or outdated items from the database failed. Das Entfernen gelöschter oder veralteter Elemente aus der Datenbank ist Fehlgeschlagen. &Dump DataBase &Datenbank ausgeben &Import old db_dump Alten db_dump &Importieren &Undelete items &Gelöschte Einträge wiederherstellen Options Optionen New DataBase Neue Datenbank Open DataBase Datenbank Öffnen Close DataBase Datenbank schliessen Keys Schlüssel Requests Zertifikatsanträge PKCS#12 PKCS#12 PKCS#7 PKCS#7 Template Vorlage Revocation list Sperrliste PEM file PEM Datei Content Inhalt Donations Spenden Import password Import Passwort Please enter the password of the old database Bitte das Passwort der alten Datenbank eingeben Password verification error. Ignore keys ? Falsches Passwort. Schlüssel ignorieren ? Import anyway Trotzdem importieren I&mport I&mport paste PEM file PEM datei (copy+paste) About Über Database dump ( *.dump );;All files ( * ) Database dump ( *.dump );;All files ( * ) Import PEM data PEM daten importieren The new label of the token '%1' Die neue Bezeichnung der Chipkarte '%1' Please enter the new password to encrypt your private keys in the database-file Bitte das neue Passwort zur Verschlüsselung der privaten Schlüssel in der Datenbank eingeben Please enter a password, that will be used to encrypt your private keys in the database file: %1 Bitte geben Sie ein Passwort an um die privaten Schlüssel in der Datenbank %1 zu verschlüsseln Please enter the password for unlocking the database: %1 Bitte geben Sie das Passwort ein um die Datenbank %1 zu öffnen Certificate Index ( index.txt ) Zertifikatsindex ( index.txt ) All files ( * ) Alle Dateien ( * ) Diffie-Hellman parameters saved as: %1 Diffie-Hellmann Parameter gespeichert als: %1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits Diffie-Hellman Parameter werden von anderen Applikationen benötigt. XCA verwendet oder speichert sie aber nicht. Bitte die DH Parameter bits angeben &New DataBase &Neue Datenbank &Open DataBase Datenbank &Öffnen &Init Security token Chipkarte &initialisieren Export Certificate &Index hierarchy Zertifikats&indexhierarchie exportieren C&hange DataBase password Da&tenbankpasswort ändern Exit Beenden no such option: %1 unbekannte option: %1 Using or exporting private keys will not be possible without providing the correct password Die Benutzung oder der Export privater Schlüssel ist nur mit dem richtigen Datenbankpasswort möglich Please enter the original SO PIN (PUK) of the token '%1' Die alte SO PIN (PUK) für die Chipkarte '%1' eingeben Please enter the new SO PIN (PUK) of the token '%1' Die neue SO PIN (PUK) für die Chipkarte '%1' eingeben The token '%1' did not contain any keys or certificates Die Chipkarte '%1' enthält keine Schlüssel oder Zertifikate Error opening file: '%1': %2 Öffnen der Datei '%1' fehlgeschlagen: %2 Generate DH parameter DH Parameter erstellen Set as default DataBase Als Standard datenbank &Token &Chipkarte &Manage Security token Chipkarte &verwalten &Change PIN &PIN ändern Change &SO PIN &SO PIN ändern Init PIN PIN initialisieren NewCrl Create CRL CRL erstellen Dates Zeiten next update Nächstes Update last update Letztes Update Days Tage Months Monate Years Jahre Midnight Mitternacht Local time Ortszeit Apply Übernehmen CRL number CRL Nummer Hash algorithm Hash algorithmus Hashing algorithm Hash algorithmus Extensions Erweiterungen Authority key identifier Authority key identifier Subject alternative name Subject alternative name Last update Letztes update Next update Nächstes Update Options Optionen CRL Number CRL Nummer Revocation reasons Sperrungsgrund NewKey New key Neuer Schlüssel Please give a name to the new key and select the desired keysize Bitte geben Sie dem Schlüssel einen Namen und wählen Sie die gewünschte Schlüssellänge Key properties Schlüsseleigenschaften Name Name Curve name Kurvenname Keysize Schlüssellänge Usually 1024 or 2048 bit keys are used Normalerweise werden 1024 oder 2048 bit Schlüssel verwendet Remember as default Als Standard speichern The internal name of the new key Interner Name des neuen Schlüssels New Key Neuer Schlüssel Usually at least 2048 bit keys are recommended Heutzutage wird eine Mindestlänge von 2048 bit empfohlen Keytype Schlüsseltyp Curve Kurve Create Erstellen NewX509 Create Erstellen Source Herkunft Signing request Zertifikatsantrag Show request Request anzeigen Country code Länder code State or Province Bundesland, Kreis Locality Ort Organisation Firma Organisational unit Firmenabteilung Common name Üblicher Name E-Mail address E-Mail Adresse Sign this Certificate signing &request Diesen Zertifikatsant&rag unterschreiben Copy extensions from the request Erweiterungen aus dem Zertifikatsantrag kopieren Signing Unterschreiben Create a &self signed certificate with the serial Erstelle ein &Selbst signiertes Zertifikat mit der Serien nummer If you leave this blank the serial 00 will be used Wenn Sie dieses Feld frei lassen wird die Seriennummer 00 verwendet 1 1 All certificates in your database that can create valid signatures Alle Zertifikate aus der Datenbank, die gültige Unterschriften leisten können Signature algorithm Signatur algorithmus Template for the new certificate Vorlage für das neue Zertifikat All available templates Alle verfügbaren Vorlagen Internal Name Interner Name Apply Übernehmen Subject Inhaber Create a &self signed certificate Selbst&signiertes Zertifikat erstellen Use &this Certificate for signing Verwende dieses Zertifika&t zum Unterschreiben Distinguished name Eindeutiger Name This name is only used internally and does not appear in the resulting certificate Dieser Name wird nur intern verwendet und erscheint nicht im Zertifikat Must be exactly 2 letter of size (DE, UK) Muss exakt 2 Zeichen lang sein (DE,UK) Internal name Interner Name Add Hinzufügen Delete Löschen Private key Privater Schlüssel This list only contains unused keys Diese Liste enthält nur unbenutzte Schlüssel Used keys too auch verwendete Schlüssel &Generate a new key &Erstelle einen neuen Schlüssel Extensions Erweiterungen Basic constraints Grundsätzliche Einschränkungen Type Typ If this will become a CA certificate or not Ob dies ein CA Zertifikat wird oder nicht Not defined Nicht definiert Certification Authority Zertifikats Authorität End Entity End Instanz Path length Pfadlänge How much CAs may be below this. Wieviele CAs in der Kette unter diesem sein dürfen. The basic constraints should always be critical Die "basic constraints" sollten immer "critical" sein Key identifier Schlüsselkennung Creates a hash of the key following the PKIX guidelines Erstellt eine hashsumme nach PKIX Vorgaben Copy the Subject Key Identifier from the issuer Kopiere den "Subject key identifier" vom Aussteller Validity Gültigkeit Not before Nicht vor dem Not after Nicht nach dem Time range Zeitspanne Days Tage Months Monate Years Jahre Set the time to 00:00:00 and 23:59:59 respectively Stell die Zeiten auf 00:00:00 und 23:59:59 Midnight Mitternacht Local time Ortszeit Authority Info Access Ausstellerinformationszugang CRL distribution point CRL Verteilungsstelle issuer alternative name Alternativer Ausstellername URI: URI: can be altered by the file "aia.txt" Kann in der Datei "aia.txt" angepasst werden Edit Bearbeiten DNS: IP: URI: email: RID: DNS: IP: URI: email: RID: subject alternative name Alternativer Eigentümername Key usage Schlüsselverwendung Extended key usage Erweiterte Schlüsselverwendung Netscape Netscape CA Revocation URL CA Sperrlisten URL Revocation URL Sperrlisten URL SSL server name SSL Servername Certificate renewal URL Zertifikatsverlängerungs URL Comment Kommentar CA policy URL CA Richtlinien URL Base URL Basis URL Create a &self signed certificate with a MD5-hashed QA serial Erstelle ein &Selbst signiertes Zertifikat mit eine MD5-gehashten Serien nummer Create Certificate signing request Erstelle einen Zertifikatsantrag XCA template XCA Vorlage Create x509 Certificate Erstelle x509 Zertifikat Abort rollout Ausstellung abbrechen The following length restrictions of RFC3280 are violated: Die folgenden Längenbeschränkungen aus RFC3280 werden verletzt: The internal name and the common name are empty. Please set at least the internal name. Der interne Name und der commonName sind leer. Bitte mindestens den internen Namen setzen. There is no Key selected for signing. Es ist kein Schlüssel zum Signieren ausgewählt. Continue rollout Ausstellung fortführen The certificate will be out of date before it becomes valid. You most probably mixed up both dates. Das Zertifikat wird abgelaufen sein, bevor es gültig wurde. Wahrscheinlich sind die Zeiten vertauscht. Modify subject of the request Inhaberinformation "subject" des Zertifikatsantrags ändern Advanced Erweitert Validate Überprüfen The verification of the Certificate request failed. The rollout should be aborted. Die Validierung des Requests ist fehlgeschlagen. Die Zertifikatserstellung sollte abgebrochen werden. Continue anyway Trotzdem fortfahren No well-defined expiration Undefiniertes Ablaufdatum Edit name Namen editieren Select key Schlüssel auswählen The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. Die folgenden Subject-name Einträge sind leer: %1, obwohl sie im Optionen-menu als notwendig deklariert wurden. Edit subject Subject editieren Edit dates Zeiten einstellen The key you selected for signing is not a private one. Der ausgewählte Schlüssel zum signieren ist nicht vollständig. Critical Wichtig Create XCA template XCA Vorlage erstellen Edit XCA template XCA Vorlage ändern Template '%1' applied Vorlage '%1' angewendet Subject applied from template '%1' Eigentümerinformation aus Vorlage '%1' angewendet Extensions applied from template '%1' Erweiterungen aus Vorlage '%1' angewendet New key '%1' created Der Schlüssel '%1' wurde neu erstellt Select other signer Andere CA wählen Select other key Anderen Schlüssel wählen The certificate will be earlier valid than the signer. This is probably not what you want. Das Zertifikat is früher gültig als der Aussteller. Dies ist wahrscheinlich ungewollt. Adjust date and continue Datum anpassen und fortführen The certificate will be longer valid than the signer. This is probably not what you want. Das Zertifikat ist länger gültig als der Aussteller. Dies ist wahrscheinlich nicht gewollt. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. Das Zertifikat enthält ungültige oder duplizierte Extensions. Bitte prüfen Sie die Validierung auf dem Erweitert Reiter. The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. Das Zertifikat enthält keine Erweiterungen. Sie sollten die Erweiterungen aus einer der Vorlagen anwenden, um den Zweck des Zertifikats zu definieren. Edit extensions Extensions editieren The subject alternative name shall contain a copy of the common name. However, the common name is empty. Der 'subject alternative name' (SAN) soll vom 'common name' kopiert werden. Dieser ist allerdings leer. Apply extensions Erweiterungen übernehmen Apply subject Subject übernehmen Apply all Alles übernehmen minimum size: %1 Mindestlänge: %1 maximum size: %1 Maximallänge: %1 only a-z A-Z 0-9 '()+,-./:=? nur die Zeichen a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters Keine Sonderzeichen oder Umlaute From PKCS#10 request Aus dem PKCS#10 Zertifikatsantrag Other Tabs Andere Tabs Advanced Tab Erweiterter Tab Errors Fehler Configfile error on line %1 Fehler in der Konfigurationsdatei in Zeile %1 OidResolver OID Resolver OID Resolver Enter the OID, the Nid, or one of the textual representations Die OID, die Nid oder den Text eingeben Search Suchen OID OID Long name Kurzbezeichner Ausführliche Bezeichnung OpenSSL internal ID Interne OpenSSL ID Nid Nid Short name Kurzbezeichnung OpenDb Open remote database Netzwerkdatenbank öffnen Database type Datenbanktyp Hostname Rechnername Username Benutzername Password Passwort Database name Datenbankname Table prefix Tabellen Prefix No SqLite3 driver available. Please install the qt-sqlite package of your distribution Kein SQLite3 Treiber verfügbar. Bitte das qt-sqlite Paket der Paketdistribution installieren Please enter the password to access the database server %2 as user '%1'. Bitte das Datenbankpasswort des Benutzers '%1' für die Datenbank auf '%2' eingeben. The database driver does not support transactions. This may happen if the client and server have different versions. Continue with care. Der Datenbanktreiber unterstützt keine Transaktionen. Dies kann vorkommen, wenn client und server unterschiedliche Versionen haben. Options Mandatory subject entries Pflichtfelder im subject-name Add Hinzufügen Delete Löschen Default hash algorithm Standard Hash Algorithmus Settings Einstellungen String types Zeichenkettentyp Suppress success messages Erstellungs- und Importnachrichten unterdrücken Don't colorize expired certificates Abgelaufene Zertifikate nicht farblich markieren Translate established x509 terms (%1 -> %2) Feststehende x509 Begriffe übersetzen (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. Die Hash funktionen der Smartcard werden von XCA nicht verwendet. Die Smartcard kann einen eingeschränkten Satz an Hash-funktionen anbieten. Insbesondere sind in der PKCS#11 Spezifikation EC und DSA signaturen nur mit SHA1 definiert. Only use hashes supported by the token when signing with a token key Verwende nur von der Smartcard angebotene Hash-funktionen Disable legacy Netscape extensions Veraltete Netscape Erweiterungen abschalten Certificate expiry warning threshold Zeitpunkt der Zertifikatsablauferinnerung Send vCalendar expiry reminder Zertifikatsablauferinnerung in vCalendar Serial number length Länge der Seriennummer bit bit Distinguished name Eindeutiger Name Explicit subject entries Besondere Namensteile Dynamically arrange explicit subject entries Besondere Namensteile dynamisch anordnen Default Standard PKCS#11 provider PKCS#11 anbieter Remove Entfernen Search Suchen UTF8 strings only (RFC2459) Nur UTF8 Zeichenketten (RFC2459) Printable string or UTF8 (default) PKIX recommendation in RFC2459 No BMP strings, only printable and T61 All strings Days Tage Weeks Wochen Load failed Laden fehlgeschlagen XCA Options XCA Optionen PwDialog Repeat %1 %1 wiederholen %1 mismatch Keine %1 übereinstimmung Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters Das Passwort wird als 2stelliger hex-code interpretiert. Er muss eine gradstellige Anzahl der Zeichen 0-9 und a-f enthalten E&xit B&eenden The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) Das Passwort wird als 2 stelliger hex-code interpretiert. Er muss eine grade Anzahl an Ziffern enthalten (0-9 und a-f) Take as HEX string Als HEX Zeichenkette interpretieren QObject Import RSA key Import von RSA Schlüssel PKCS#10 CSR ( *.pem *.der *.csr );; PKCS#10 Zertifikatsantrag ( *.pem *.der *.csr );; Import Request Import von Zertifikatsanträgen Import X.509 Certificate Import von X.509 Zertifikaten Import PKCS#7 Certificates Import von PKCS#7 Zertifikaten Import PKCS#12 Private Certificate Import von PKCS#12 Privaten Zertifikaten Import XCA Templates Import von XCA Vorlagen Open XCA Database Öffnen einer XCA Datenbank Import Certificate Revocation List Importiere Zertifikatsrücknahmeliste PKI Keys ( *.pem *.der *.key );;PKCS#8 Keys ( *.p8 *.pk8 );; PKI Schlüssel ( *.pem *.der *.key );;PKCS#8 Schlüssel ( *.p8 *.pk8 );; PKI Keys ( *.pem *.der *.key );;PKCS#8 Keys ( *.p8 *.pk8 );;SSH Public Keys ( *.pub );; PKI Schlüssel ( *.pem *.der *.key );;PKCS#8 Schlüssel ( *.p8 *.pk8 );; Öffentliche SSH2 Schlüssel ( *.pub );; PKCS#10 CSR ( *.pem *.der *.csr );;Netscape Request ( *.spkac *.spc );; PKCS#10 CSR ( *.pem *.der *.csr );;Netscape Request ( *.spkac *.spc );; PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; SSH Public Keys ( *.pub );; PKI Schlüssel ( *.pem *.der *.key );; PKCS#8 Schlüssel ( *.p8 *.pk8 );; Öffentliche SSH Schlüssel ( *.pub );; PKCS#10 CSR ( *.pem *.der *.csr );; Netscape Request ( *.spkac *.spc );; PKCS#10 CSR ( *.pem *.der *.csr );; Netscape Request ( *.spkac *.spc );; Certificates ( *.pem *.der *.crt *.cer );; Zertifikate ( *.pem *.der *.crt *.cer );; PKCS#7 data ( *.p7s *.p7m *.p7b );; PKCS#7 Daten ( *.p7s *.p7m *.p7b );; PKCS#12 Certificates ( *.p12 *.pfx );; PKCS#12 Zertifikate ( *.p12 *.pfx );; XCA templates ( *.xca );; XCA Vorlagen ( *.xca);; Revocation lists ( *.pem *.der *.crl );; Sperrliste ( *.pem *.der *.crl );; XCA Databases ( *.xdb );; XCA Datenbanken ( *.xdb );; PKCS#11 library ( *.dylib *.so );; PKCS#11 Bibliothek ( *.dylib *.so );; PEM files ( *.pem );; PEM Dateien ( *.pem );; Load PEM encoded file Lade PEM codierte Datei Invalid Ungültig %1 is shorter than %2 bytes: '%3' %1 ist kürzer als %2 bytes: '%3' %1 is longer than %2 bytes: '%3' %1 ist länger als %2 bytes: '%3' All files ( * ) Alle Dateien ( * ) Undefined Undefiniert Broken / Invalid Ungültig in %1 seconds In %1 Sekunden %1 seconds ago Vor %1 Sekunden in %1 minutes In %1 Minuten %1 minutes ago Vor %1 Minuten Yesterday Gestern Tomorrow Morgen in %1 hours In %1 Stunden %1 hours ago Vor %1 Stunden DB: Rename: '%1' already in use DB: Rename: '%1' wird bereits verwendet DB: Entry to rename not found: %1 DB: Eintrag zur Umbenennung nicht gefunden: %1 PKCS#11 library ( *.dll );; PKCS#11 library ( *.so );; Open PKCS#11 shared library PKCS#11 library öffnen DB: Write error %1 - %2 Datenbank: Schreibfehler %1 - %2 Please enter the PIN on the PinPad Bitte die PIN am Lesegerät eingeben Please enter the SO PIN (PUK) of the token %1 Bitte die SO PIN (PUK) der Chipkarte %1 eingeben Please enter the PIN of the token %1 Bitte die PIN der Chipkarte %1 eingeben No Security token found Keine Chipkarte gefunden Out of Memory at %1:%2 Kein Speicher verfügbar %1: %2 Out of data zuwenig Daten Error finding endmarker of string Fehlerhafter String Select Auswählen Please enter the new SO PIN (PUK) for the token: '%1' Bitte die neue SO PIN (PUK) für die Chipkarte '%1' eingeben Please enter the new PIN for the token: '%1' Bitte die neue PIN der Chipkarte %1 eingeben Failed to open PKCS11 library: %1 Die PKCS#11 Bibliothek %1 konnte nicht geöffnet werden Failed to open PKCS11 library: %1: %2 PKCS11 Bibliothek %1 konnte nicht geöffnet werden: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Dies scheint keine PKCS#11 Bibliothek zu sein. Sie enthält nicht das Symbol 'C_GetFunctionList'. Disabled Deaktiviert Library loading failed Laden der Bibliothek fehlgeschlagen PKCS#11 function '%1' failed: %2 PKCS#11 Funktion '%1' fehlgeschlagen: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 PKCS#11 Funktion '%1' fehlgeschlagen: %2 in Bibliothek %3 %4 Required PIN size: %1 - %2 Benötigte PIN länge: %1 - %2 Country code Länder code State or Province Bundesland, Kreis Locality Ort Organisation Firma Organisational unit Firmenabteilung Common name Allgemeine Bezeichnung E-Mail address E-Mail Adresse Serial number Seriennummer Given name Vorname Surname Nachname Title Titel Initials Initialien Description Beschreibung Role Rolle Pseudonym Pseudonym Generation Qualifier Generierungskennzeichnung x500 Unique Identifier Eindeutige x500 Identifizierung Name Name DN Qualifier DN Kennzeichnung Unstructured name Unstrukturierter Name Challenge password Passwort nach Aufforderung Basic Constraints Basiseinschränkungen Subject alternative name Alternativer Eigentümername subject alternative name Alternativer Eigentümername issuer alternative name Alternativer Ausstellername Subject key identifier Inhaberschlüssel identifizierung Authority key identifier Ausstellerschlüssel identifizierung Key usage Schlüsselverwendung Extended key usage Erweiterte Schlüsselverwendung CRL distribution points CRL Verteilungspunkte Authority information access Aussteller informations zugriff Certificate type Zertifikatstyp Base URL Basis URL Revocation URL Sperrlisten URL CA Revocation URL CA Sperrlisten URL Certificate renewal URL Zertifikatsverlängerungs URL CA policy URL CA Richtlinien URL SSL server name SSL Servername Comment Kommentar String '%1' for '%2' contains invalid characters Der Text '%1' für '%2' enthält ungültige Zeichen Error reading config file %1 at line %2 Fehler beim Einlesen der Konfigurationsdatei %1 in Zeile %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. Das Objekt '%1' aus der Datei %2 in Zeile %3 ist bereits bekannt als '%4:%5:%6' und sollte entfernt werden. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. Der Bezeichner '%1' für die OID %2 aus der Datei %3 in Zeile %4 wird bereits für die OID '%5:%6:%7' verwendet und sollte entfernt werden. Unknown object '%1' in file %2 line %3 Unbekanntes Objekt '%1' in Datei %2 in Zeile %3 Failed to start a database transaction Datenbanktransaktionsinitialisierung fehlgeschlagen ReqTreeView Sign Unterschreiben Unmark signed Markiere als unsigniert Mark signed Markiere als signiert Similar Request Ähnlicher Zertifikatsantrag RevocationList Manage revocations Sperrlisteneinträge bearbeiten Add Hinzufügen Delete Löschen Edit Bearbeiten No. Nr. Serial Seriennummer Revocation Sperrung Reason Grund Invalidation Ungültig seit Generate CRL CRL erstellen Revoke Revocation details Details der Sperrliste Invalid since Ungültig seit Local time Ortszeit Certificate revocation Zertifikatsrückzug Revocation reason Sperrgrund Serial Seriennummer SearchPkcs11 Directory Verzeichnis ... ... Include subdirectories Unterverzeichnisse einschliessen Search Suchen The following files are possible PKCS#11 libraries Die folgenden Dateien sind mögliche PKCS#11 Bibliotheken SelectToken Select Token Chipkarte auswählen Security token Chipkarte Please select the security token Bitte wählen Sie die Chipkarte TempTreeView Duplicate Duplizieren Create certificate Zertifikat erstellen Create request Zertifikatsantrag erstellen copy kopie TrustState Certificate trust Zertifikatsvertrauensstatus Trustment Vertrauen &Never trust this certificate &Niemals diesem Zertifikat vertrauen Only &trust this certificate, if we trust the signer Nur dann ver&trauen, wenn wir dem Aussteller vertrauen &Always trust this certificate Diesem Zertifikat immer vertr&auen Set trustment of the Certificate Vertrauenseinstellung des Zertifikats Validity yyyy-MM-dd hh:mm dd.MM.yyyy hh:mm X509SuperTreeView OpenSSL config OpenSSL Konfiguration Transform Umwandeln Template Vorlage Public key Öffentlicher Schlüssel Public Key Öffentlicher Schlüssel XcaTreeView Subject entries Namensteile X509v3 Extensions X509v3 Erweiterungen Netscape extensions Netscape Erweiterungen Reset Zurücksetzen Remove Column Spalte ausblenden Hide Column Spalte ausblenden Details Details Columns Spalten New Neu Import Import Paste PEM data Einfügen (PEM) Rename Umbenennen Properties Eigenschaften Delete Löschen Export Export Clipboard Zwischenablage File Datei db_base Internal name Interner Name Reset Zurücksetzen Subject entries Namensteile Bad database item Name: %1 Type: %2 Size: %3 %4 Problematischer Datenbankeintrag Name: %1 Typ: %2 Grösse %3 %4 Do you want to delete the item from the database? The bad item may be extracted into a separate file. Soll der Eintrag aus der Datenbank gelöscht werden? Der problematische Eintrag kann in eine separate Datei extrahiert werden. Delete Löschen Delete and extract Löschen und extrahieren Continue Weiter Error opening file: '%1': %2 Fehler beim Öffnen der Datei %1: %2 No. Nr. Primary key Primärschlüssel Database unique number Eindeutige Nummer des Eintrags in der Datenbank Date Datum Date of creation or insertion Datum der Erstellung oder des Einfügens Source Herkunft Generated, Imported, Transformed Generiert, Importiert, Umgewandelt Comment Kommentar First line of the comment field Erste Zeile des Kommentarfelds Could not create directory %1 Verzeichnis %1 konnte nicht erstellt werden Item properties Eigenschaften How to export the %1 selected items Wie sollen die %1 ausgewählten Einträge exportiert werden All in one PEM file Alles in eine PEM Datei Each item in one file Jeder Eintrag in eine separate Datei Save %1 items in one file as %1 Einträge in einer Datei speichern PEM files ( *.pem );; All files ( * ) PEM Dateien ( *.pem );; All files ( * ) PEM Files( *.pem );; All files ( * ) PEM Dateien ( *.pem );; Alle Dateien ( * ) X509v3 Extensions X509v3 Erweiterungen Netscape extensions Netscape Erweiterungen Paste PEM data Einfügen (PEM) Columns Spalten db_crl Signer Aussteller Internal name of the signer Interner Name des Ausstellers No. revoked Anzahl Number of revoked certificates Anzahl zurückgezogener Zertifikate Last update Letztes update Next update Nächstes Update CRL number CRL Nummer CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) There are no CA certificates for CRL generation Es existieren keine CA Zertifikate für eine CRL generierung Select CA certificate CA Zertifikat wählen Create CRL CRL erstellen Failed to initiate DB transaction Datenbanktransaktion konte nicht gestartet werden Database error: %1 Datenbankfehler: %1 Database error: Datenbankfehler: Revocation list export Sperrliste exportieren Import Import Rename Umbenennen Export Export Clipboard Zwischenablage File Datei Delete Löschen The revocation list already exists in the database as: '%1' and so it was not imported Die Sperrliste existiert bereits in der Datenbank als: '%1' daher wurde ssie nicht importiert db_key Key size too small ! Schlüsselgrösse zu klein ! New Key Neuer Schlüssel Import Import Rename Umbenennen Show Details Details anzeigen Export Export Delete Löschen Change password Passwort ändern Reset password Passwort zurücksetzen Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable Soll der Originalschlüssel '%1' durch den Chipkartenschlüssel ersetzt werden? Dies löscht den Schlüssel '%1' und macht ihn nicht-exportierbar Type Typ Size Länge EC Group EC Gruppe Use Benutzt Password Passwort Extending public key from %1 by imported key '%2' Öffentlicher Schlüssel vom %1 durch dem importierten Schlüssel '%2' erweitert Clipboard Zwischenablage File Datei Change PIN PIN ändern Init PIN with SO PIN (PUK) PIN mithilfe der SO PIN (PUK) initialisieren Change SO PIN (PUK) SO PIN (PUK) ändern Store on Security token Auf der Chipkarte speichern Export public key [%1] Export des öffentlichen Schlüssels [%1] PEM public PEM öffentlich DER public DER öffentlich SSH2 public SSH2 öffentlich DER private DER privat PEM encryped PEM verschlüsselt PKCS#8 PKCS#8 PEM private PEM privat Export keys to Clipboard Schlüssel In die Zwischenablage exportieren PKCS#8 encrypted PKCS#8 verschlüsselt Export private key [%1] Privaten Schlüssel exportieren [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Private Schlüssel ( *.pem *.der *.pk8 );; Öffentliche SSH Schlüssel ( *.pub ) Tried to change password of a token The key is already in the database as: '%1' and is not going to be imported Der Schlüssel ist bereits in der Datenbank als: '%1' und wird daher nicht importiert The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key Die Datenbank enthält schon den öffentlichen Schlüssel '%1' und wird duch den importierten, privaten Teil vervollständigt You are sure to create a key of the size: %1 ? Soll wirklich ein Schlüssel der Grösse %1 erstellt werden ? db_temp Type Typ Nothing Nichts Empty template Leere Vorlage Preset Template values Vorlagenwerte voreinstellen XCA templates ( *.xca );; All files ( * ) XCA Vorlagen ( *.xca );; All files ( * ) copy kopie Save template as Vorlage speichern als New Template Neue Vorlage Import Import Rename Umbenennen Export Export Change Ändern Delete Löschen Duplicate Duplizieren Create certificate Zertifikat erstellen Create request Zertifikatsantrag erstellen XCA templates ( *.xca);; All files ( * ) XCA Vorlagen ( *.xca);; All files ( * ) Bad template: %1 Ungültige Vorlage %1 db_x509 Serial Seriennummer md5 fingerprint md5 Fingerprint sha1 fingerprint sha1 Fingerprint sha256 fingerprint sha256 Fingerprint Start date Gültigkeitsbeginn not Before not Before Expiry date Ablaufdatum not After not After MD5 fingerprint MD5 Kennung SHA1 fingerprint SHA1 Kennung SHA256 fingerprint SHA256 Kennung Not before Nicht vor dem Not after Nicht nach dem Trust state Vertrauensstatus Revocation Sperrung CRL Expiration CRL Ablauf Plain View Einfache Ansicht Tree View Baumansicht Failed to retrieve unique random serial Fehler beim Generieren einer eindeutigen zufälligen Seriennummer Signed on %1 by '%2' Am %1 ausgestellt durch '%2' Unknown Unbekannt Invalid public key Ungültiger öffentlicher Schlüssel PKCS#7 unrevoked PKCS#7 nicht gesperrt PEM unrevoked PEM nicht gesperrt vCalendar vCalendar CA vCalendar CA vCalendar days Tage No template Keine Vorlage The key you selected for signing is not a private one. Der ausgewählte Schlüssel zum signieren ist nicht vollständig. PKCS#7 chain PKCS#7 Zertifikatskette PKCS#12 chain PKCS#12 Zertifikatskette PKCS#7 trusted PKCS#7 vertrauenswürdig PKCS#7 all Alle PKCS#7 New Certificate Neues Zertifikat Import Import Import PKCS#12 Import PKCS#12 Import from PKCS#7 Import von PKCS #7 Rename Umbenennen Show Details Details anzeigen Extract public Key Öffentlichen Schlüssel extrahieren Export Export Clipboard Zwischenablage File Datei Request Zertifikatsantrag OpenSSL config OpenSSL Konfiguration Delete Löschen Trust Vertrauen CA CA reflects the basic Constraints extension Zeigt den Inhalt der basic constraints erweiterung Transform Umwandeln Public Key Öffentlicher Schlüssel Similar Certificate Ähnliches Zertifikat Properties Eigenschaften Generate CRL CRL erstellen PKCS#7 PKCS#7 Sign Unterschreiben Encrypt Verschlüsseln Renewal Verlängerung Unrevoke Sperrung aufheben Revoke Sperrung Certificate export Zertifikatsexport X509 Certificates ( *.pem *.cer *.crt *.p12 *.p7b ) X509 Zertifikate ( *.cer *.crt *.p12 *.p7b ) Not possible for a token key: '%1' Nicht möglich für einen Chipkartenschlüssel '%1' There was no key found for the Certificate: Es wurde kein Schlüssel gefunden für das Zertifikat: File to be signed Zu signierende Datei All Files ( * ) Alle Dateien ( * ) File to be encrypted Zu verschlüsselnde Datei days Tage Security token Chipkarte Template Vorlage Delete from Security token Von der Chipkarte löschen The certificate already exists in the database as: '%1' and so it was not imported Das Zertifikat existiert bereits in der Datenbank als: '%1' und wurde daher nicht importiert PEM chain PEM Kette PKCS #7 chain PKCS #7 Kette PKCS #12 chain PKCS #12 Kette PEM + key PEM + Schlüssel PKCS #7 trusted PKCS #7 vertrauenswürdig PKCS #7 all PKCS #7 alle PEM trusted PEM vertrauenswürdig PEM all PEM alle Certificate Index file Zertifikatsindexdatei There was no key found for the Certificate: '%1' Es wurde kein Schlüssel für das Zertifikat: '%1' gefunden Error opening file: '%1': %2 Fehler '%2' beim öffnen det Datei '%1' Not possible for the token-key Certificate '%1' Nicht möglich für das Chipkartenzertifikat '%1' Store the certificate to the key on the token '%1 (#%2)' ? Soll das Zertifikat zum privaten Schlüssel auf der Chipkarte '%1' mit der Seriennummer %2 abgelegt werden ? Other token Andere Chipkarte db_x509name Subject Inhaber Complete distinguished name Vollständiger name Subject hash Namenshash Hash to lookup certs in directories OpenSSL Prüfsumme zum Auffinden von Zertifikaten in Verzeichnissen Country code Länder code State or Province Bundesland, Kreis Locality Ort Organisation Firma Organisational unit Firmenabteilung Common name Allgemeine Bezeichnung E-Mail address E-Mail Adresse Serial number Seriennummer Given name Vorname Surname Nachname Title Titel Initials Initialien Description Beschreibung Role Rolle Pseudonym Pseudonym Generation Qualifier Generierungskennzeichnung x500 Unique Identifier Eindeutige x500 Identifizierung Name Name DN Qualifier DN Kennzeichnung Unstructured name Unstrukturierter Name Challenge password Passwort nach Aufforderung Basic Constraints Basiseinschränkungen subject alternative name Alternativer Eigentümername issuer alternative name Alternativer Ausstellername Subject key identifier Inhaberschlüssel identifizierung Authority key identifier Ausstellerschlüssel identifizierung Key usage Schlüsselverwendung Extended key usage Erweiterte Schlüsselverwendung CRL distribution points CRL Verteilungspunkte Authority information access Aussteller informations zugriff Certificate type Zertifikatstyp Base URL Basis URL Revocation URL Sperrlisten URL CA Revocation URL CA Sperrlisten URL Certificate renewal URL Zertifikatsverlängerungs URL CA policy URL CA Richtlinien URL SSL server name SSL Servername Comment Kommentar db_x509req Certificate request ( *.pem *.der *.crl ) Zertifikatsantrag ( *.pem *.der *.crl ) Certificate request export Zertifikatsantrag exportieren New Request Neuer Zertifikatsantrag Import Import Extract public Key Öffentlichen Schlüssel extrahieren Rename Umbenennen Show Details Details anzeigen Sign Unterschreiben Export Export Clipboard Zwischenablage OpenSSL config OpenSSL Konfiguration Transform Umwandeln Public Key Öffentlicher Schlüssel Similar Request Ähnlicher Zertifikatsantrag Delete Löschen Signed Signiert whether the request is already signed or not Ob der Zertifikatsantrag bearbeitet wurde oder nicht Unstructured name unstrukturierter Name Challenge password Challenge-Passwort Certificate count Zertifikatszähler Number of certificates in the database with the same public key Anzahl an Zertifikaten in der Datenbank mit dem gleichen öffentlichen Schlüssel Certificate request ( *.pem *.der *.csr ) Zertifikatsantrag ( *.pem *.der *.csr ) File Datei Template Vorlage The certificate signing request already exists in the database as '%1' and thus was not stored Der Request existiert bereits in der Datenbank als '%1' und wurde daher nicht importiert db_x509super Key name Schlüsselname Internal name of the key Interner name des Schlüssels Signature Algorithm Signatur algorithmus Signature algorithm Signatur algorithmus Extracted from %1 '%2' Extrahiert aus %1 '%2' Certificate Zertifikat Certificate request Zertifikatsantrag Save as OpenSSL config OpenSSL Konfiguration speichern Config files ( *.conf *.cnf);; All files ( * ) Konfigurations dateien ( *.conf *.cnf);; Alle Dateien ( * ) The following extensions were not ported into the template Die folgenden Extensions wurden nicht ins Template übertragen Transformed from %1 '%2' Umgewandelt von %1 '%2' kvView Type Typ Content Inhalt pass_info Password Passwort PIN PIN pki_base Error opening file: '%1': %2 Öffnen der Datei %1 fehlgeschlagen: %2 Error writing to file: '%1': %2 Fehler beim Schreiben der Datei: '%1': %2 Unknown Unbekannt Imported Importiert Generated Erstellt Transformed Umgewandelt Token Chipkarte Legacy Database Alte Datenbank Renewed Erneuert Error: Fehler: Internal error: Unexpected message: %1 %2 Interner Fehler: Unerwartete Nachricht: %1 %2 pki_crl Delete the revocation list '%1'? Die Sperrliste '%1' löschen? Successfully created the revocation list '%1' Die Sperrliste '%1' wurde erfolgreich erstellt Delete the %1 revocation lists: %2? Die %1 Sperrlisten: %2 löschen? No issuer given Keine Austeller angegeben unknown unbekannt Renew CRL: %1 CRL %1 erneuern The XCA CRL '%1', issued by the CA '%2' on %3 will expire on %4. It is stored in the XCA database '%5' Die XCA CRL '%1', ausgestellt von der CA '%2' am %3 wird am %4 ablaufen. Diese ist in der XCA Datenbank '%5' gespeichert Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. Konnte die Sperrliste %1 nicht laden. Ist weder eine PEM noch eine DER formatierte CRL. Successfully imported the revocation list '%1' Die Sperrliste '%1' wurde erfolgreich importiert Wrong Size %1 Ungültige Größe %1 pki_evp Failed to decrypt the key (bad password) Konnte den Schlüssel nicht entschlüsseln. (Falsches Passwort) Password input aborted Passworteingabe abgebrochen Please enter the password to protect the private key: '%1' Bitte geben sie das Passwort zur Verschlüsselung des privaten Schlüssels: '%1' ein Unable to load the private key in file %1. Tried PEM and DER private, public and PKCS#8 key types. Der Schlüssel aus der Datei %1 konnte nicht geladen werden. Private und öffentliche, sowie PKCS#8 Schlüssel im PEM und DER format wurden versucht. Failed to decrypt the key (bad password) %1 Konnte den Schlüssel nicht entschlüsseln. (Falsches Passwort) %1 Please enter the password to decrypt the private key. Bitte geben sie das Passwort zur Entschlüsselung des privaten Schlüssels ein. The key from file '%1' is incomplete or inconsistent. Der Schlüssel aus der Datei '%1' ist unvollständig oder inkonsistent. Please enter the password to decrypt the private key from file: %1 Bitte das Passwort zur Entschlüsselung der Schlüsseldatei %1 eingeben Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. Der Schlüssel aus der Datei %1 konnte nicht geladen werden. Private und öffentliche, sowie SSH2 und PKCS#8 Schlüssel im PEM und DER format wurden versucht. Ignoring unsupported private key Ignoriere nicht unterstützen privaten Schlüssel Please enter the password to decrypt the private key: '%1' Bitte das Passwort zur Entschlüsselung des privaten Schlüssels: '%1' eingeben Please enter the database password for encrypting the key Bitte geben sie das Datenbankpasswort zur Verschlüsselung des Schlüssels ein Please enter the password protecting the PKCS#8 key '%1' Bitte das Passwort zum Schutz des PKCS#8 Schlüssels '%1' eingeben Please enter the export password for the private key '%1' Bitte das Passwort zum Schutz des privaten Schlüssels '%1' eingeben Please enter the database password for decrypting the key '%1' Bitte das Datenbankpasswort zur Entschlüsselung des Schlüssels '%1' eingeben pki_key Do you really want to export the private key unencrypted to the clipboard ? Soll der private Schlüssel wirklich unverschlüsselt in die Zwischenablage kopiert werden ? Only export the public key Nur den öffentlichen Schlüssel exportieren Export the private key unencrypted Privaten Schlüssel unverschlüsselt exportieren Successfully imported the %1 public key '%2' Der öffentliche %1 Schlüssel '%2' wurde erfolgreich importiert Delete the %1 public key '%2'? Den öffentlichen %1 Schlüssel '%2' löschen? Successfully imported the %1 private key '%2' Der private %1 Schlüssel '%2' wurde erfolgreich importiert Delete the %1 private key '%2'? Den privaten %1 Schlüssel '%2' löschen? Successfully created the %1 private key '%2' Der private %1 Schlüssel '%2' wurde erfolgreich erstellt Delete the %1 keys: %2? Die %1 Schlüssel: %2 löschen? Public key Öffentlicher Schlüssel public key öffentlicher Schlüssel Common Standard Private Privat Bogus Nichts No password Kein Passwort Unexpected SSH2 content: '%1' Unerwarteter SSH2 inhalt: '%1' Invalid SSH2 public key Üngültiger öffentlicher SSH2 Schlüssel Failed writing to %1 Fehler beim Schreiben von %1 PIN PIN pki_multi No known PEM encoded items found Keine bekanntes PEM Format gefunden pki_pkcs12 Please enter the password to encrypt the PKCS#12 file Bitte geben Sie das Passwort zur Verschlüsselung der PKCS#12 Datei an No key or no Cert and no pkcs12 Kein Schlüssel oder kein Zertifikat und kein PKCS#12 Unable to load the PKCS#12 (pfx) file %1. Die PKCS#12 (pfx) Datei %1 konnte nicht geladen werden. Please enter the password to decrypt the PKCS#12 file: %1 Bitte geben Sie das Passwort zur Entschlüsselung der PKCS#12 Datei: %1 ein The supplied password was wrong (%1) Das eingegebene Passwort war falsch (%1) pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. Konnte die PKCS#7 Datei %1 nicht laden. Ist weder im PEM noch im DER Format. pki_scard This Key is already on the token Der Schlüssel ist bereits auf der SmartCard Only RSA and EC keys can be stored on tokens Auf der Chipkarte können nur RSA oder EC Schlüssel gespeichert werden Unable to find copied key on the token Kann den eben kopierten Schlüssel auf der Chipkarte nicht finden Public Key mismatch. Please re-import card Öffentlicher Schlüssel passt nicht. Bitte Chipkarte neu importieren Unable to find generated key on card Kann den erstellten Schlüssel auf der Karte nicht finden Failed to find the key on the token Konnte den Schlüssel auf der Chipkarte nicht finden Invalid Pin for the token Ungültige Pin für die Chipkarte Delete the private key '%1' from the token '%2 (#%3)' ? Soll der private Schlüssel '%1' von der Chipkarte '%2' mit der Seriennummer %3 gelöscht werden ? Successfully imported the token key '%1' Der Chipkartenschlüssel '%1' wurde erfolgreich importiert Delete the token key '%1'? Den Chipkartenschlüssel '%1' löschen? Successfully created the token key '%1' Der Chipkartenschlüssel '%1' wurde erfolgreich erstellt Delete the %1 keys: %2? Die %1 Schlüssel: %2 löschen? PIN input aborted PIN Eingabe abgebrochen Please insert card: %1 %2 [%3] with Serial: %4 Bitte die Chipkarte: %1 %2 [%3] mit Seriennummer: %4 einlegen Illegal Key generation method Ungültige Schlüsselgenerierungsmethode Ignoring unsupported token key Ignoriere nicht unterstützten Chipkartenschlüssel Wrong Size %1 Falsche Größe %1 Token %1 %1 Chipkarte Failed to initialize the key on the token Der Schlüssel auf der Chipkarte konnte nicht initialisiert werden pki_temp Delete the XCA template '%1'? Die XCA Vorlage '%1' löschen? Template file content error (too small) Fehler bei Vorlagendatei (zu klein) Template file content error (bad size) Fehler bei Vorlagendatei (zu klein) Template file content error (too small): %1 Template zu klein: %1 Not a PEM encoded XCA Template Dies ist keine PEM formatierte XCA Vorlage Not an XCA Template, but '%1' Dies ist keine XCA Vorlage, sondern: %1 Template file content error (bad length) :%1 Templatefile ungültig (länge): %1 Wrong Size %1 Ungültige Größe %1 Successfully imported the XCA template '%1' Die XCA Vorlage '%1' wurde erfolgreich importiert Successfully created the XCA template '%1' Die XCA Vorlage '%1' wurde erfolgreich erstellt Delete the %1 XCA templates: %2? Die %1 XCA Vorlagen: %2 löschen? Template file content error (bad size): %1 Templatefile ungültig (Größe): %1 pki_x509 Not trusted Nicht vertrauenswürdig Trust inherited Vertrauensstellung geerbt Always Trusted Immer Vertraut There is no key for signing ! Kein Schlüssel zum Unterschreiben! Delete the certificate '%1'? Das Zertifikat '%1' löschen? Successfully created the certificate '%1' Das Zertifikat '%1' wurde erfolgreich erstellt Delete the %1 certificates: %2? Die %1 Zertifikate: %2 löschen? Unable to load the certificate in file %1. Tried PEM and DER certificate. Das Zertifikat aus der Datei %1 konnte nicht geladen werden. Ist weder PEM noch DER. This certificate is already on the security token Dieses Zertifikat ist bereits auf der Chipkarte Delete the certificate '%1' from the token '%2 (#%3)'? Das Zertifikat '%1' von der Chipkarte '%2 (#%3)' löschen? Renew certificate: %1 Zertifikat %1 erneuern The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' Das XCA Zertifikat '%1', ausgestellt am %2 wird am %3 ablaufen. Es ist in der XCA Datenbank '%4' gespeichert CRL Renewal of CA '%1' due CRL erneuerung der CA '%1' fällig The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' Die neueste von CA '%1' ausgestellte CRL wird am %2 ablaufen. Sie ist in der XCA Datenbank '%3' gespeichert CRL expires: %1 CRL ungültig ab: %1 No Nein Yes Ja Successfully imported the certificate '%1' Das Zertifikat '%1' wurde erfolgreich importiert Wrong Size %1 Ungültige Größe %1 pki_x509req Signing key not valid (public key) Signaturschlüssel ungültig (public key) Delete the %1 certificate request '%2'? Den %1 Zertifikatsantrag '%2' löschen? Successfully imported the %1 certificate request '%2' Der %1 Zertifikatsantrag '%2' wurde erfolgreich importiert Successfully created the %1 certificate request '%2' Der %1 Zertifikatsantrag '%2' wurde erfolgreich erstellt Delete the %1 certificate requests: %2? Die %1 Zertifikatsanträge: %2 löschen? Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. Konnte den Zertifikatsantrag aus der Datei %1 nicht laden. Versuchte Formate PEM, DER und SPKAC. Signed Signiert Unhandled Unbehandelt Wrong Size %1 Ungültige Größe %1 v3ext Copy Common Name Den allgemeinen Bezeichner (common Name) kopieren Add Hinzufügen Delete Löschen Apply Übernehmen Validate Überprüfen Cancel Abbrechen Validation successful: '%1' Überprüfung erfolgreich: '%1' An email address or 'copy' Eine E-Mail adresse oder 'copy' An email address Eine email Adresse a registered ID: OBJECT IDENTIFIER Eine OID numerisch oder als Text a uniform resource indicator Ein Uniform Resource Identifier a DNS domain name Ein DNS domain Name an IP address Eine IP Adresse No editing. Only 'copy' allowed here Kein Editieren. Nur 'copy' möglich, um Subject alternative name vom Aussteller zu kopieren Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' Format:<OID>;TYPE Beispiel: '1.2.3.4:UTF8:name' A registered ID: OBJECT IDENTIFIER Eine OID numerisch oder als Text A uniform resource indicator Ein Uniform Resource Identifier A DNS domain name or 'copycn' Ein DNS domain Name oder 'copycn' A DNS domain name Ein DNS domain Name An IP address Eine IP Adresse Validation failed: '%1' %2 Überprüfung fehlgeschlagen: '%1' %2 void There was no key found for the Certificate: Es wurde kein Schlüssel gefunden für das Zertifikat: Import Certificate signing request Zertifikatsantrag importieren xca-RELEASE.2.2.1/lang/xca_sk.ts0000644000175000017500000046532613614632167015476 0ustar tewardteward CaProperties CA Properties Vlastnosti CA Days until next CRL issuing Dní do nasledujúceho vydania CRL Default template Predvolená šablóna CertDetail Details of the Certificate Podrobnosti certifikátu Serial Sériové číslo The serial number of the certificate Sériové číslo certifikátu The internal name of the certificate in the database Interný názov certifikátu v databáze Status Stav Internal name Interný názov Signature Podpis Key Kľúč Fingerprints Odtlačky MD5 MD5 An md5 hashsum of the certificate Odtlačok certifikátu MD5 SHA1 SHA1 A SHA-1 hashsum of the certificate Odtlačok certifikátu SHA-1 SHA256 SHA256 A SHA-256 hashsum of the certificate Odtlačok certifikátu SHA-256 Validity Platnosť The time since the certificate is valid Čas odkedy je certifikát platný The time until the certificate is valid Čas dokedy je certifikát platný Subject Predmet Issuer Vydavateľ Extensions Rozšírenia Comment Komentár Attributes Atribúty Show config Zobraziť konfiguráciu Show extensions Zobraziť rozšírenia Show public key Zobraziť verejný kľúč This key is not in the database. Tento kľúč nie je v databáze. Not available Nedostupné Signer unknown Neznámy podpis Self signed Sebou podpísaný Revoked at %1 Odvolaný %1: Not valid Neplatný Valid Platný Details of the certificate signing request Podrobnosti žiadosti o podpísanie certifikátu CertExtend Certificate renewal Obnovenie certifikátu This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. Týmto vytvoríte nový certifikát ako kópiu starého s novým sériovým číslom a novými hodnotami platnosti. Validity Platnosť Not before Nie pred Not after Nie po Time range Časový rozsah Local time Lokálny čas Days Dni Months Mesiace Years Roky No well-defined expiration Bez vypršania Midnight Polnoc Apply Použiť Revoke old certificate Odvolať starý certifikát Keep serial number Zachovať sériové číslo The certificate will be earlier valid than the signer. This is probably not what you want. Certifikát bude platný skôr ako jeho vydavateľ. To asi nie je to, čo chcete. Edit dates Upraviť dátumy Abort rollout Prerušiť operáciu Continue rollout Pokračovať v operácii Adjust date and continue Opraviť dátum a pokračovať The certificate will be longer valid than the signer. This is probably not what you want. Certifikát bude platný dlhšie ako jeho vydavateľ. To asi nie je to, čo chcete. CertTreeView Import PKCS#12 Import PKCS#12 Import from PKCS#7 Importovať z PKCS#7 Request Žiadosť Security token Bezpečnostný token Other token Iný token Similar Certificate Podobný certifikát Delete from Security token Odstrániť z Bezpečnostného tokenu CA CA Properties Vlastnosti Generate CRL Generovať CRL Manage revocations Spravovať odvolania Renewal Obnoviť Revoke Odvolať Unrevoke Zrušiť odvolanie ClickLabel Double click for details Dvojklikom podrobnosti CrlDetail Details of the Revocation list Podrobnosti CRL &Status &Stav Version Verzia Signature Podpis Signed by Podpísal Name Názov The internal name of the CRL in the database Interný názov CRL v databáze issuing dates Dátumy vydania Next update Nasled. aktualizácia Last update Posledná aktualizácia &Issuer &Vydavateľ &Extensions &Rozšírenia &Revocation list Zoznam &odvolaných Comment Komentár Failed Zlyhalo Unknown signer Neznámy podpis Verification not possible Overenie nemožné ExportDialog Name Názov The internal name of the CRL in the database Interný názov CRL v databáze ... Filename Meno súboru Export comment into PEM file Exportovať komentáre do súboru PEM Export Format Formát exportu All files ( * ) Všetky súbory (*) PEM Text format with headers Textový formát PEM s hlavičkami Concatenated list of all selected items in one PEM text file Zlúčený zoznam zvolených položiek v jednom textovom súbore PEM Concatenated text format of the complete certificate chain in one PEM file Zlúčený textový formát úplnej reťaze certifikátu v jednom súbore PEM Concatenated text format of all certificates in one PEM file Zlúčený textový formát všetkých certifikátov v jednom súbore PEM Binary DER encoded file Binárne kódovaný súbor DER PKCS#7 encoded single certificate PKCS#7 kódovaný jeden certifikát PKCS#7 encoded complete certificate chain PKCS#7 kódovaná úplná reťaz certifikátov Concatenated text format of all unrevoked certificates in one PEM file Zlúčený textový formát všetkých dôveryhodných certifikátov v jednom súbore PEM All unrevoked certificates encoded in one PKCS#7 file Všetky neodvolané certifikáty kódované v jednom súbore PKCS#7 All selected certificates encoded in one PKCS#7 file Všetky zvolené certifikáty kódované v jednom súbore PKCS#7 All certificates encoded in one PKCS#7 file Všetky certifikáty kódované v jednom súbore PKCS#7 The certificate and the private key as encrypted PKCS#12 file Certifikát a súkromný kľúč ako šifrovaný súbor PKCS#12 The complete certificate chain and the private key as encrypted PKCS#12 file Úplná reťaz certifikátu a súkromný kľúč ako šifrovaný súbor PKCS#12 Concatenation of the certificate and the unencrypted private key in one PEM file Spojenie certifikátu a nešifrovaného súkromného kľúča v jednom súbore PEM Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Spojenie certifikátu a šifrovaného súkromného kľúča v jednom súbore PKCS#8 Text format of the public key in one PEM file Textový formát verejného kľúča v súbore PEM Binary DER format of the public key Binárny formát DER verejného kľúča Unencrypted private key in text format Nešifrovaný súkromný kľúč v textovom formáte OpenSSL specific encrypted private key in text format Šifrovaný súkromný kľúč v textovom formáte (špecifický pre OpenSSL) Unencrypted private key in binary DER format Nešifrovaný súkromný kľúč v binárnom formáte DER Unencrypted private key in PKCS#8 text format Nešifrovaný súkromný kľúč v textovom formáte PKCS#8 Encrypted private key in PKCS#8 text format Šifrovaný súkromný kľúč v textovom formáte PKCS#8 The public key encoded in SSH2 format Verejný kľúč kódovaný vo formáte SSH2 OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool Súbor indexu certifikátov, špecifický pre OpenSSL, vytvorený ako príkazom „ca” a vyžadovaný nástrojom OCSP vCalendar expiry reminder for the selected items Pripomienka vCalendar vypršania platnosti zvolených položiek vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL Pripomienka vCalendar vypršania platnosti všetkých vydaných, platných certifikátov, samotnej CA i posledného CRL The file: '%1' already exists! Súbor: „%1” už existuje! Overwrite Prepísať Do not overwrite Neprepísať Help << << >> >> &Done &Hotovo ImportMulti Import PKI Items Importovať položky PKI Import &All Importovať &všetky &Import &Importovať &Done &Hotovo &Remove from list Odstrániť zo zoznamu Details Podrobnosti Delete from token Odstrániť z tokenu Rename on token Premenovať token Name: %1 Model: %2 Serial: %3 Názov: %1 Model: %2 Sér. č.: %3 Manage security token Spravovať bezpečnostný token Details of the item '%1' cannot be shown Podrobnosti položky „%1” nemožno zobraziť The type of the item '%1' is not recognized Typ položky „%1” nie je rozpoznaný The file '%1' did not contain PKI data Súbor „%1” neobsahuje dáta PKI The %1 files: '%2' did not contain PKI data %1 súbory: „%2” neobsahuje dáta PKI ItemProperties Name Názov Source Zdroj Insertion date Dátum vloženia Comment Komentár KeyDetail Name Názov The internal name of the key used by xca Interný názov kľúča používaný v xca Security token Bezpečnostný token Manufacturer Výrobca Serial Sériové číslo Key Kľúč Public Exponent Verejný exponent Keysize Veľkosť kľúča Private Exponent Súkromný exponent Security Token Bezpečnostný token Label Menovka PKCS#11 ID ID PKCS#11 Token information Informácie tokenu Model Model Fingerprint Odtlačok Comment Komentár Details of the %1 key Podrobnosti kľúča %1 Not available Nedostupné Available Dostupný Sub prime Sub prime Public key Verejný kľúč Private key Súkromný kľúč Curve name Názov krivky Unknown key Neznámy kľúč KeyTreeView Change password Zmeniť heslo Reset password Odstrániť heslo Change PIN Zmeniť PIN Init PIN with SO PIN (PUK) Inicializovať PIN pomocou SO PIN (PUK) Change SO PIN (PUK) Zmeniť SO PIN (PUK) Security token Bezpečnostný token This is not a token Toto nie je token Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable Má byť pôvodný kľúč „%1” nahradený kľúčom z tokenu? Týmto bude kľúč „%1” odstránený a nebude ho možné exportovať MainWindow Private Keys Súkromné kľúče &New Key &Nový kľúč &Export &Exportovať &Import &Importovať Import PFX (PKCS#12) Importovať PFX (PKCS#12) &Show Details &Zobraziť podrobnosti &Delete &Odstrániť Certificate signing requests Žiadosti o podpísanie &New Request &Nová žiadosť Certificates Certifikáty &New Certificate &Nový certifikát Import &PKCS#12 Importovať &PKCS#12 Import P&KCS#7 Importovať P&KCS#7 Plain View Prosté zobrazenie Templates Šablóny &New Template &Nová šablóna &New CRL &Nový CRL Ch&ange Template &Zmeniť šablónu Revocation lists Zoznamy odvolaných Using or exporting private keys will not be possible without providing the correct password Použitie alebo exportovanie súkromných kľúčov nebude možné bez zadania správneho hesla Database Databáza The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. Aktuálne použitý predvolený odtlačok „%1” nie je bezpečný. Prosím, kvôli bezpečnosti, zvoľte aspoň „SHA 224”. Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Detegovaný starý formát databázy. Vytvorená záložná kópia, nazvaná: „%1” a databáza konvertovaná do nového formátu Failed to rename the database file, because the target already exists Premenovanie súboru databázy zlyhalo, pretože cieľ už existuje No deleted items found Nenájdené žiadne zmazané položky Recent DataBases Nedávne databázy System systémový Croatian chorvátsky English anglicky French francúzsky German nemecky Russian rusky Slovak slovensky Spanish španielsky Polish poľsky Italian taliansky Chinese čínsky Dutch holandsky Portuguese in Brazil brazílska portugalčina Turkish turecky Language Jazyk &File &Súbor Open Remote DataBase Otvoriť vzdialenú databázu Set as default DataBase Predvolená databáza New DataBase Nová databáza Open DataBase Otvoriť databázu Close DataBase Zatvoriť databázu Options Voľby Exit Skončiť I&mport &Importovať Keys Kľúče Requests Žiadosti PKCS#12 PKCS#12 PKCS#7 PKCS#7 Template Šablóna Revocation list Zoznam odvolaných PEM file Ssúbor PEM Paste PEM file Vložte súbor PEM Token Token Export Certificate &Index hierarchy Exportovať hierarchiu &indexu certifikátov Content Obsah &Manage Security token &Spravovať Bezpečnostný token &Init Security token &Inicializovať Bezpečnostný token &Change PIN Zmeniť @PIN Change &SO PIN Zmeniť &SO PIN Init PIN Inicializovať PIN Extra Extra &Dump DataBase Vypísať &databázu &Export Certificate Index &Exportovať index certifikátov C&hange DataBase password Z&meniť heslo databázy &Undelete items O&bnoviť zmazané Generate DH parameter Generovať parametre DH OID Resolver Prekladač OID &Help &Pomocník About O programe no such option: %1 neznáma voľba: %1 Import PEM data Importovať dáta PEM Please enter the original SO PIN (PUK) of the token '%1' Prosím, zadajte pôvodný SO PIN (PUK) tokenu „%1” Search Hľadať Please enter the new SO PIN (PUK) for the token '%1' Prosím, zadajte nový SO PIN (PUK) tokenu „%1” The new label of the token '%1' Nová menovka tokenu „%1” The token '%1' did not contain any keys or certificates Token „%1” neobsahuje žiadne kľúče ani certifikáty Current Password Aktuálne heslo Please enter the current database password Prosím, zadajte heslo aktuálnej databázy The entered password is wrong Zadané heslo je zlé New Password Nové heslo Please enter the new password to encrypt your private keys in the database-file Prosím, zadajte nové heslo na šifrovanie svojich súkromných kľúčov v súbore databázy Transaction start failed Spustenie transakcie zlyhalo Please enter a password, that will be used to encrypt your private keys in the database: %1 Prosím, zadajte heslo, ktoré bude slúžiť na šifrovanie súkromných kľúčov v databáze: %1 Password verify error, please try again Chyba overenia hesla, prosím, skúste znova Password Heslo Please enter the password for unlocking the database: %1 Prosím, zadajte heslo na odomknutie databázy: %1 The following error occurred: Nastala nasledujúca chyba: Copy to Clipboard Kopírovať do schránky Certificate Index ( index.txt ) Index certifikátov (index.txt) All files ( * ) Všetky súbory ( * ) Diffie-Hellman parameters saved as: %1 Parametre Diffie-Hellman uložené do: %1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits Parametre Diffie-Hellman sú potrebné pre rôzne aplikácie, ale nie sú používané v XCA. Prosím, zadajte bity parametra DH &Token &Token &Content &Obsah Error opening file: '%1': %2 Chyba otvorenia súboru: „%1”: %2 NewCrl Last update Posledná aktualizácia Next update Nasled. aktualizácia Days Dni Months Mesiace Years Roky Midnight Polnoc Local time Lokálny čas Apply Použiť Options Voľby CRL number Číslo CRL Subject alternative name Alternatívne meno predmetu Revocation reasons Dôvody odvolania Authority key identifier Identifikátor kľúča autority Hash algorithm Algoritmus odtlačku NewKey Please give a name to the new key and select the desired keysize Prosím, zadajte meno nového kľúča a zvoľte jeho požadovanú veľkosť Key properties Vlastnosti kľúča Name Názov The internal name of the new key Interný názov nového kľúča Curve name Názov krivky Usually at least 2048 bit keys are recommended Zvyčajne sú odporúčané kľúče aspoň 2048 bitov New Key Nový kľúč Keysize Veľkosť kľúča Keytype Typ kľúča Remember as default Zapamätať ako predvolené Create Vytvoriť NewX509 Source Zdroj Signing request Žiadosť o podpísanie Show request Zobraziť žiadosť Sign this Certificate signing &request Podpísať túto Žiadosť o certifikát Copy extensions from the request Kopírovať rozšírenia zo žiadosti Modify subject of the request Zmeniť predmet žiadosti Signing Podpísanie Create a &self signed certificate Vytvoriť &sebou podpísaný certifikát Use &this Certificate for signing Podpísať &týmto certifikátom All certificates in your database that can create valid signatures Všetky certifikáty v databáze, ktoré môžu vytvoriť platný podpis Signature algorithm Algoritmus podpisu Template for the new certificate Šablóna nového certifikátu All available templates Všetky dostupné šablóny Apply extensions Pridať rozšírenia Apply subject Pridať predmet Apply all Pridať všetko Subject Predmet Internal Name Interný názov Distinguished name Rozlišovací názov Add Pridať Delete Odstrániť Private key Súkromný kľúč This list only contains unused keys Tento zoznam obsahuje len nepoužité kľúče Used keys too Aj použité kľúče &Generate a new key &Generovať nový kľúč Extensions Rozšírenia Type Typ If this will become a CA certificate or not Či to bude certifikát CA alebo nie Not defined Nedefinované Certification Authority Certifikačná autorita End Entity Koncový certifikát Path length Dĺžka cesty How much CAs may be below this. Koľko CA môže byť pod týmto. The basic constraints should always be critical Základné obmedzenia by mali byť vždy kritické Key identifier Identifikátor kľúča Creates a hash of the key following the PKIX guidelines Vytvorí odtlačok kľúča v súlade s odporúčaním PKIX Copy the Subject Key Identifier from the issuer Kopírovať Identifikátor kľúča predmetu vydavateľa Validity Platnosť Not before Nie pred Not after Nie po Time range Časový rozsah Days Dni Months Mesiace Years Roky Apply Použiť Set the time to 00:00:00 and 23:59:59 respectively Nastavuje čas na 00:00:00 a 23:59:59 Midnight Polnoc Local time Lokálny čas No well-defined expiration Bez vypršania DNS: IP: URI: email: RID: DNS:, IP:, URI:, email:, RID: Edit Upraviť URI: URI: Key usage Použitie kľúča Netscape Netscape Advanced Pokročilé Validate Overiť Comment Komentár This name is only used internally and does not appear in the resulting certificate Tento názov je použitý len interne a neobjaví sa vo výslednom certifikáte Critical Kritické Create Certificate signing request Vytvoriť Žiadosť o podpísanie certifikátu minimum size: %1 minimálna veľkosť: %1 maximum size: %1 maximálna veľkosť: %1 only a-z A-Z 0-9 '()+,-./:=? len a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters len prosté 7-b znaky Edit XCA template Upraviť šablónu XCA Create x509 Certificate Vytvoriť certifikát x509 Template '%1' applied Šablóna „%1” aplikovaná Subject applied from template '%1' Predmet nastavený zo šablóny „%1” Extensions applied from template '%1' Rozšírenia nastavené zo šablóny „%1” New key '%1' created Vytvorený nový kľúč „%1” Other Tabs Záložka Iné Advanced Tab Záložka Pokročilé Errors Chyby From PKCS#10 request Zo žiadosti PKCS#10 Abort rollout Prerušiť operáciu The following length restrictions of RFC3280 are violated: Nie sú splnené Nasledujúce obmedzenia veľkosti z RFC3280: Edit subject Upraviť predmet Continue rollout Pokračovať v operácii The verification of the Certificate request failed. The rollout should be aborted. Overenie žiadosti o certifikát zlyhalo. Operácia by mala byť prerušená. Continue anyway Pokračovať i tak The internal name and the common name are empty. Please set at least the internal name. Interný názov a bežný názov sú prázdne. Prosím, zadajte aspoň interný názov. Edit name Upraviť názov There is no Key selected for signing. Nebol zvolený kľúč na podpísanie. Select key Vybrať kľúč The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. Nasledujúce položky rozlišovacieho názvu sú prázdne: %1 hoci ste ich v nastavení definovali ako povinné. The key you selected for signing is not a private one. Kľúč, zvolený na podpísanie, nie je súkromný. Select other signer Zvoliť iného vydavateľa Select other key Zvoliť iný kľúč The certificate will be earlier valid than the signer. This is probably not what you want. Certifikát bude platný skôr ako jeho vydavateľ. To asi nie je to, čo chcete. Edit dates Upraviť dátumy Adjust date and continue Opraviť dátum a pokračovať The certificate will be longer valid than the signer. This is probably not what you want. Certifikát bude platný dlhšie ako jeho vydavateľ. To asi nie je to, čo chcete. The certificate will be out of date before it becomes valid. You most probably mixed up both dates. Certifikát vyprší ešte pred nadobudnutím platnosti. Pravdepodobne ste zamenili oba dátumy. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. Certifikát obsahuje neplatné alebo duplicitné rozšírenia. Skontrolujte platnosť na záložke Pokročilé. The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. Certifikát neobsahuje rozšírenia. Na definovanie určenia certifikátu môžete pridať rozšírenia jednej zo šablón. Edit extensions Upraviť rozšírenia The subject alternative name shall contain a copy of the common name. However, the common name is empty. Alternatívne meno predmetu má obsahovať kópiu bežného mena. Avšak, bežné meno je prázdne. Configfile error on line %1 Chyba konfiguračného súboru v riadku %1 OidResolver OID Resolver Prekladač OID Enter the OID, the Nid, or one of the textual representations Zadajte OID, Nid alebo jednu z textových reprezentácií Search Hľadať OID OID Long name Dlhý názov OpenSSL internal ID Interné ID OpenSSL Nid Nid Short name Krátky názov OpenDb Open remote database Otvoriť vzdialené databázu Database type Typ databázy Hostname Názov stroja Username Meno používateľa Password Heslo Database name Názov databázy Table prefix Predpona tabuľky No SqLite3 driver available. Please install the qt-sqlite package of your distribution Nie je dostupný ovládač SQLite3. Prosím, nainštalujte balík qt-sqlite svojej distribúcie Please enter the password to access the database server %2 as user '%1'. Prosím, zadajte heslo na prístup k databázovému serveru %2 ako používateľ „%1”. The database driver does not support transactions. This may happen if the client and server have different versions. Continue with care. Ovládač databázy nepodporuje transakcie. Toto môže nastať, ak majú kleint a server rôzne verzie. Pokračujte s opatrnosťou. Options XCA Options Nastavenia XCA Settings Nastavenia Default hash algorithm Predvolený algoritmus odtlačku String types Typy reťazcov Suppress success messages Potlačiť správy o úspechu Don't colorize expired certificates Nezvýrazňovať vypršané certifikáty Translate established x509 terms (%1 -> %2) Preložiť platné položky x509 (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. Hašovacia funkčnosť tokenu nie je v XCA použitá. Môže však rešpektovať obmedzenú sadu hašovacích algoritmov zverejnených tokenom. Najmä EC a DSA sú v špecifikácii PKCS#11 definované len s SHA1. Only use hashes supported by the token when signing with a token key Použiť len odtlačky podporované tokenom pri podpisovaní kľúčom z tokenu Disable legacy Netscape extensions Vypnúť staré rozšírenia Netscape Certificate expiry warning threshold Hranica upozornenia vypršania platnosti certifikátu Send vCalendar expiry reminder Poslať pripomienku vCalendar o vypršaní platnosti Serial number length Dĺžka sériového čísla bit bit Distinguished name Rozlišovací názov Mandatory subject entries Povinné položky predmetu Add Pridať Delete Odstrániť Explicit subject entries Explicitné položky predmetu Dynamically arrange explicit subject entries Dynamicky rozložiť explicitné položky predmetu Default Predvolené PKCS#11 provider Poskytovateľ PKCS#11 Remove Odstrániť Search Hľadať Printable string or UTF8 (default) Tlačiteľné znaky alebo UTF-8 (predvolené) PKIX recommendation in RFC2459 Odporúčania PKIX v RFC2459 No BMP strings, only printable and T61 Nie reťazce BMP, len tlačiteľné a T61 UTF8 strings only (RFC2459) Len reťazce UTF-8 (RFC2459) All strings Všetky reťazce Days Dni Weeks Týždne PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) Heslo je spracované ako 2-ciferný šestnástkový kód. Musí mať párny počet číslic (0-9 a a-f) Take as HEX string Zadajte šestnástkový reťazec Repeat %1 Opakovať %1 %1 mismatch %1 nezhoda Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters Šestnástkové heslo môže obsahovať len znaky „0” – „9” a „a” – „f” a musí mať párny počet znakov E&xit S&končiť QObject Undefined Nedefinované Broken / Invalid Poškodený/Neplatný in %1 seconds za %1 sekúnd %1 seconds ago pred %1 sekundami in %1 minutes za %1 minút %1 minutes ago pred %1 minútami Yesterday Včera Tomorrow Zajtra in %1 hours za %1 hodiny %1 hours ago pred %1 hodinami DB: Rename: '%1' already in use Premenovanie DB: „%1” už je použité DB: Entry to rename not found: %1 DB: Položka na premenovanie nenájdená: %1 DB: Write error %1 - %2 DB: Chyba zápisu %1 – %2 Out of data Nedostatok dát Error finding endmarker of string Chyba nájdenia koncovej značky reťazca Out of Memory at %1:%2 Nedostatok pamäte na %1:%2 All files ( * ) Všetky súbory ( * ) Import RSA key Importovať kľúč RSA PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; SSH Public Keys ( *.pub );; Kľúče PKI ( *.pem *.der *.key );;Kľúče PKCS#8 ( *.p8 *.pk8 );;Verejné kľúče SSH ( *.pub );; PKCS#10 CSR ( *.pem *.der *.csr );; Žiadosť PKCS#10 ( *.pem *.der *.csr );; Import Request Importovať Žiadosť Certificates ( *.pem *.der *.crt *.cer );; Certifikáty ( *.pem *.der *.crt *.cer );; Import X.509 Certificate Importovať Certifikát X.509 PKCS#7 data ( *.p7s *.p7m *.p7b );; Dáta PKCS#7 ( *.p7s *.p7m *.p7b );; Import PKCS#7 Certificates Importovať Certifikáty PKCS#7 PKCS#12 Certificates ( *.p12 *.pfx );; Certifikáty PKCS#12 ( *.p12 *.pfx );; Import PKCS#12 Private Certificate Importovať Súkromný certifikát PKCS#12 XCA templates ( *.xca );; Šablóny XCA ( *.xca );; Import XCA Templates Importovať Šablóny XCA Revocation lists ( *.pem *.der *.crl );; Zoznamy odvolaných ( *.pem *.der *.crl );; Import Certificate Revocation List Importovať Zoznam odvolaných certifikátov XCA Databases ( *.xdb );; Databázy XCA ( *.xdb );; Open XCA Database Otvoriť databázu XCA PKCS#11 library ( *.dll );; Knižnica PKCS#11 ( *.dll );; PKCS#11 library ( *.dylib *.so );; Knižnica PKCS#11 ( *.dylib *.so );; PKCS#11 library ( *.so );; Knižnica PKCS#11 ( *.so );; Open PKCS#11 shared library Otvoriť zdieľanú knižnicu PKCS#11 PEM files ( *.pem );; Súbory PEM ( *.pem );; Load PEM encoded file Načítať súbor kódovaný PEM Please enter the PIN on the PinPad Prosím, zadajte PIN na PinPad-e Please enter the SO PIN (PUK) of the token %1 Prosím, zadajte SO PIN (PUK) tokenu %1 Please enter the PIN of the token %1 Prosím, zadajte PIN tokenu %1 No Security token found Nebol nájdený bezpečnostný token Select Zvoliť Please enter the new SO PIN (PUK) for the token: '%1' Prosím, zadajte nový SO PIN (PUK) tokenu: „%1” Please enter the new PIN for the token: '%1' Prosím, zadajte nový PIN tokenu: '%1' Required PIN size: %1 - %2 Požadovaná veľkosť PIN: %1 - %2 Failed to open PKCS11 library: %1: %2 Zlyhalo otvorenie knižnice PKCS#11: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Toto nevyzerá ako knižnica PKCS#11. Symbol 'C_GetFunctionList' nenájdený. Disabled Vypnuté Library loading failed Načítanie knižnice zlyhalo PKCS#11 function '%1' failed: %2 Funkcia PKCS#11 „%1” zlyhala: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 Funkcia PKCS#11 „%1” zlyhala: %2 V knižnici %3 %4 Invalid Neplatné %1 is shorter than %2 bytes: '%3' %1 je kratšie ako %2 B: „%3” %1 is longer than %2 bytes: '%3' %1 je dlhšie ako %2 B: „%3” String '%1' for '%2' contains invalid characters Reťazec „%1” pre „%2” obsahuje neplatné znaky Error reading config file %1 at line %2 Chyba čítania konfiguračného súboru %1 na riadku %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. Objekt „%1” zo súboru %2 riadok %3 je už známy ako „%4:%5:%6” a mal by byť odstránený. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. Identifikátor „%1” pre OID %2 zo súboru %3 riadok %4 je už použitý pre iné OID ako „%5:%6:%7” a treba ho zmeniť, aby ste predišli konfliktom. Unknown object '%1' in file %2 line %3 Neznámy objekt „%1” v súbore %2 riadok %3 Failed to start a database transaction Zlyhala inicializácia DB transakcie Country code Kód krajiny State or Province Štát alebo provincia Locality Lokalita Organisation Organizácia Organisational unit Organizačná jednotka Common name Bežný názov E-Mail address Emailová adresa Given name Rodné meno Surname Priezvisko Title Titul Initials Iniciály Description Popis Role Rola Pseudonym Pseudonym Generation Qualifier Prívlastok generácie x500 Unique Identifier Jedinečný identifikátor x500 Name Názov DN Qualifier Prívlastok DN Unstructured name Neštruktúrovaný názov Challenge password Heslo výzvy Basic Constraints Základné obmedzenia Subject alternative name Alternatívne meno predmetu issuer alternative name Alternatívny názov vydavateľa Subject key identifier Identifikátor kľúča predmetu Authority key identifier Identifikátor kľúča autority Key usage Použitie kľúča Extended key usage Rozšírené použitie kľúča CRL distribution points Distribučné body CRL Authority information access Prístup k informácii CA (AIA) Certificate type Typ certifikátu Base URL Základná URL Revocation URL URL odvolaní CA Revocation URL URL odvolaní CA Certificate renewal URL URL obnovenia CRL CA policy URL URL politiky CA SSL server name Meno servera SSL Comment Komentár ReqTreeView Sign Podpísať Unmark signed Zrušiť označenie podpísané Mark signed Označiť podpísané Similar Request Podobné žiadosti RevocationList Manage revocations Spravovať odvolania Add Pridať Delete Odstrániť Edit Upraviť No. Č. Serial Sériové číslo Revocation Odvolanie Reason Dôvod Invalidation Zneplatnenie Generate CRL Generovať CRL Revoke Certificate revocation Odvolanie certifikátu Revocation details Podrobnosti odvolania Revocation reason Dôvod odvolania Local time Lokálny čas Invalid since Neplatný od Serial Sériové číslo SearchPkcs11 Directory Adresár ... ... Include subdirectories Zahrnúť podadresáre Search Hľadať The following files are possible PKCS#11 libraries nasledujúce súbory sú možné knižnice PKCS#11 SelectToken Security token Bezpečnostný token Please select the security token Prosím, vyberte bezpečnostný token TempTreeView Duplicate Duplikát Create certificate Vytvoriť certifikát Create request Vytvoriť žiadosť copy kopírovať Validity yyyy-MM-dd hh:mm d. MMM yyyy hh:mm X509SuperTreeView OpenSSL config Konfigurácia OpenSSL Transform Transformovať Template Šablóna Public key Verejný kľúč XcaTreeView Subject entries Položky predmetu X509v3 Extensions Rozšírenia X509v3 Netscape extensions Rozšírenia Netscape Reset Vymazať Hide Column Odstrániť stĺpec Details Podrobnosti Columns Stĺpce New Nový Import Importovať Paste PEM data Vložiť dáta PEM Rename Premenovať Properties Vlastnosti Delete Odstrániť Export Exportovať Clipboard Schránka File Súbor db_base Internal name Interný názov No. Č. Primary key Primárny kľúč Database unique number Jedinečné číslo databázy Date Dátum Date of creation or insertion Dátum vytvorenia alebo vloženia Source Zdroj Generated, Imported, Transformed Generovaný, Importovaný, Transformovaný Comment Komentár First line of the comment field Prvý riadok poľa komentára Could not create directory %1 Nemožno vytvoriť zložku %1 Item properties Vlastnosti položky How to export the %1 selected items Ako exportovať %1 zvolených položiek All in one PEM file Všetky v jednom súbore PEM Each item in one file Každá položka v samostatnom súbore Save %1 items in one file as Uložiť %1 položiek v jednom súbore ako PEM files ( *.pem );; All files ( * ) Súbory PEM ( *.pem );; Všetky súbory ( * ) Error opening file: '%1': %2 Chyba otvorenia súboru: „%1”: %2 db_crl Signer Vydavateľ Internal name of the signer Interný názov vydavateľa No. revoked Počet odvolaných Number of revoked certificates Počet odvolaných certifikátov Last update Posledná aktualizácia Next update Nasled. aktualizácia CRL number Číslo CRL The revocation list already exists in the database as: '%1' and so it was not imported Zoznam odvolaní už v databáze existuje ako: „%1”, a tak nebol importovaný Revocation list export Export Zoznamu odvolaných CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) There are no CA certificates for CRL generation Neexistujú certifikáty CA na generovanie CRL Select CA certificate vyberte certifikát CA Create CRL Vytvoriť CRL Failed to initiate DB transaction Zlyhala inicializácia DB transakcie Database error: %1 Chyba databázy: %1 db_key Type Typ Size Veľkosť EC Group Skupina EC Use Použiť Password Heslo The key is already in the database as: '%1' and is not going to be imported Kľúč už je v databáze ako: „%1”, a tak nebude importovaný The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key Databáza už obsahuje verejnú časť importovaného kľúča ako „%1” a bude doplnená novou, súkromnou, časťou kľúča Extending public key from %1 by imported key '%2' Rozšírenie verejného kľúča z %1 importovaním kľúča „%2” Key size too small ! Dĺžka kľúča je príliš malá! You are sure to create a key of the size: %1 ? Naozaj chcete vytvoriť kľúč s veľkosťou: %1? PEM public PEM verejný SSH2 public SSH2 verejný PEM private PEM súkromný Export keys to Clipboard Exportovať kľúče do schránky Clipboard Schránka Export public key [%1] Exportovať verejný kľúč [%1] DER public DER verejný DER private DER súkromný PEM encryped PEM šifrovaný PKCS#8 encrypted PKCS#8 šifrovaný Export private key [%1] Exportovať súkromný kľúč [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Súkromné kľúče ( *.pem *.der *.pk8 );; Verejné kľúče SSH ( *.pub ) Tried to change password of a token Vyskúšaná zmena hesla tokenu db_temp Bad template: %1 Zlá šablóna: %1 Empty template Prázdna šablóna Preset Template values Predvoľby hodnôt zo šablóny Save template as Uložiť šablónu ako XCA templates ( *.xca );; All files ( * ) Šablóny XCA ( *.xca );; Všetky súbory ( * ) db_x509 CA CA reflects the basic Constraints extension Odráža rozšírenie Základné obmedzenia Serial Sériové číslo Start date Dátum začiatku Expiry date Dátum vypršania MD5 fingerprint Odtlačok MD5 SHA1 fingerprint Odtlačok SHA1 SHA256 fingerprint Odtlačok SHA256 Not before Nie pred Not after Nie po Revocation Odvolanie CRL Expiration CRL vypršania Plain View Prosté zobrazenie Tree View Stromové zobrazenie Failed to retrieve unique random serial Zlyhalo získanie jedinečného náhodného sériového čísla The certificate already exists in the database as: '%1' and so it was not imported Certifikát v databáze už existuje ako: „%1”, a tak nebol importovaný Signed on %1 by '%2' %1 podpísané „%2” Unknown Neznáme Invalid public key Neplatný verejný kľúč PKCS#7 unrevoked Neodvolané PKCS#7 PEM unrevoked Neodvolané PEM vCalendar vCalendar CA vCalendar CA vCalendar days dní No template Bez šablóny The key you selected for signing is not a private one. Kľúč, zvolený na podpísanie, nie je súkromný. Store the certificate to the key on the token '%1 (#%2)' ? Uložiť certifikát do kľúča na tokene „%1 (#%2)”? PEM chain Reťaz PEM PKCS#7 chain Reťaz PKCS #7 PKCS#12 chain Reťaz PKCS#12 PKCS#7 all PKCS#7 všetky PEM + key PEM + kľúč PEM all PEM všetky Certificate Index file Súbor indexu certifikátov Certificate export Export certifikátu X509 Certificates ( *.pem *.cer *.crt *.p12 *.p7b ) Certifikáty X509 ( *.pem *.cer *.crt *.p12 *.p7b ) There was no key found for the Certificate: '%1' Nebol nájdený kľúč certifikátu: „%1” Not possible for a token key: '%1' Nie je možné pre kľúč tokenu: „%1” Not possible for the token-key Certificate '%1' Nie je možné pre Certifikát kľúča tokenu „%1” Error opening file: '%1': %2 Chyba otvorenia súboru: „%1”: %2 db_x509name Subject Predmet Complete distinguished name Úplný rozlišovací názov Subject hash Odtlačok predmetu Hash to lookup certs in directories Odtlačok na hľadanie certifikátov v adresároch db_x509req Signed Podpísaný whether the request is already signed or not Či už bola žiadosť podpísaná alebo nie Unstructured name Neštruktúrovaný názov Challenge password Heslo výzvy Certificate count Počet certifikátov Number of certificates in the database with the same public key Počet certifikátov s rovnakým verejným kľúčom v databáze The certificate signing request already exists in the database as '%1' and thus was not stored Žiadosť o podpísanie certifikátu už v databáze existuje ako „%1”, a tak nebola uložená Certificate request export Export Žiadosti o certifikát Certificate request ( *.pem *.der *.csr ) Žiadosť o certifikát ( *.pem *.der *.csr ) db_x509super Key name Názov kľúča Internal name of the key Interný názov kľúča Signature algorithm Algoritmus podpisu Extracted from %1 '%2' Vyňaté z %1 „%2” Certificate Certifikát Certificate request Žiadosť o certifikát Save as OpenSSL config Uložiť ako konfiguráciu OpenSSL Config files ( *.conf *.cnf);; All files ( * ) Konfiguračné súbory ( *.conf *.cnf );; Všetky súbory ( * ) The following extensions were not ported into the template Do šablóny neboli prenesené nasledujúce rozšírenia Transformed from %1 '%2' Transformované z %1 „%2” kvView Type Typ Content Obsah pass_info Password Heslo PIN PIN pki_base Error opening file: '%1': %2 Chyba otvorenia súboru: „%1”: %2 Unknown Neznáme Imported Importovaný Generated Generovaný Transformed Transformovaný Token Token Legacy Database Stará databáza Renewed Obnovené Internal error: Unexpected message: %1 %2 Interná chyba: Neočakávaná správa: %1 %2 Error writing to file: '%1': %2 Chyba zápisu do súboru „%1”: %2 pki_crl Successfully imported the revocation list '%1' Úspešne importovaný Zoznam odvolaní „%1” Delete the revocation list '%1'? Odstrániť Zoznam odvolaní „%1”? Successfully created the revocation list '%1' Úspešne vytvorený Zoznam odvolaní „%1” Delete the %1 revocation lists: %2? Odstrániť %1 uoznamov odvolaní: %2? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. Nemožno načítať zoznam odvolaní zo súboru %1. Vyskúšaný formát CRL PEM a DER. No issuer given Nebol zadaný vydavateľ Wrong Size %1 Zlá veľkosť %1 Renew CRL: %1 Obnoviť CRL: %1 The XCA CRL '%1', issued by the CA '%2' on %3 will expire on %4. It is stored in the XCA database '%5' XCA CRL „%1”, vydané CA „%2” %3 vyprší %4. Je uložené v databáze XCA „%5” unknown neznáme pki_evp Failed to decrypt the key (bad password) %1 Zlyhalo dešifrovanie kľúča (zlé heslo) %1 Please enter the password to decrypt the private key. Prosím, zadajte heslo na dešifrovanie súkromného kľúča. The key from file '%1' is incomplete or inconsistent. Kľúč zo súboru „%1” je nekompletný ale nekonzistentný. Please enter the password to decrypt the private key from file: %1 Prosím, zadajte heslo na dešifrovanie súkromného kľúča zo súboru: %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. Nemožno načítať súkromný kľúč zo súboru %1. Vyskúšaný PEM a DER súkromný, verejný, typy kľúčov PKCS#8 a formát SSH2. Ignoring unsupported private key Ignorujem nepodporovaný súkromný kľúč Please enter the password to decrypt the private key: '%1' Prosím, zadajte heslo na dešifrovanie súkromného kľúča: „%1” Password input aborted Zadávanie hesla zrušené Please enter the database password for decrypting the key '%1' Prosím, zadajte heslo databázy na dešifrovanie kľúča „%1” Please enter the password to protect the private key: '%1' Prosím, zadajte heslo na ochranu súkromného kľúča: „%1” Please enter the database password for encrypting the key Prosím, zadajte heslo databázy na zašifrovanie kľúča Please enter the password protecting the PKCS#8 key '%1' Prosím, zadajte heslo na ochranu kľúča PKCS#8 „%1” Please enter the export password for the private key '%1' Prosím, zadajte heslo exportu súkromného kľúča „%1” pki_key Successfully imported the %1 public key '%2' Úspešne importovaný %1 verejný kľúč „%2” Delete the %1 public key '%2'? Odstrániť %1 verejný kľúč „%2”? Successfully imported the %1 private key '%2' Úspešne importovaný %1 súkromný kľúč „%2” Delete the %1 private key '%2'? Odstrániť %1 súkromný kľúč „%2”? Successfully created the %1 private key '%2' Úspešne vytvorený %1 súkromný kľúč „%2” Delete the %1 keys: %2? Odstrániť %1 kľúčov: %2? Public key Verejný kľúč Common Spoločný Private Súkromný Bogus Pododný PIN PIN No password Bez hesla Unexpected SSH2 content: '%1' Neočakávaný obsah SSH2: „%1” Invalid SSH2 public key Neplatný verejný kľúč SSH2 Failed writing to %1 Zlyhal zápis do %1 pki_multi No known PEM encoded items found Nájdené neznáme kódované položky PEM pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 Prosím, zadajte heslo na dešifrovanie súboru PKCS#12: %1 Unable to load the PKCS#12 (pfx) file %1. Nemožno načítať súbor PKCS#12 (pfx) %1. The supplied password was wrong (%1) Zadané heslo je zlé (%1) Please enter the password to encrypt the PKCS#12 file Prosím, zadajte heslo na zašifrovanie súboru PKCS#12 No key or no Cert and no pkcs12 Nie je to kľúč, ani Certifikát a ani PKCS#12 pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. Nemožno načítať súbor PKCS#7 %1. Vyskúšaný formát PEM a DER. pki_scard Successfully imported the token key '%1' Úspešne importovaný kľúč tokenu „%1” Delete the token key '%1'? Odstrániť kľúč tokenu „%1”? Successfully created the token key '%1' úspešne vytvorený kľúč tokenu „%1” Delete the %1 keys: %2? Odstrániť %1 kľúčov: %2? Delete the private key '%1' from the token '%2 (#%3)' ? Odstrániť súkromný kľúč „%1” z tokenu „%2 (#%3)”? This Key is already on the token Tento kľúč už je na tokene PIN input aborted Zadanie PIN zrušené Unable to find copied key on the token Nemožno nájsť kópiu kľúča na tokene Please insert card: %1 %2 [%3] with Serial: %4 Prosím, vložte kartu: %1 %2 [%3] so sér. číslom: %4 Illegal Key generation method Neprípustná metóda generovania kľúča Unable to find generated key on card Nemožno nájsť vygenerovaný kľúč na karte Ignoring unsupported token key Ignorovanie nepodporovaného kľúča tokenu Wrong Size %1 Zlá veľkosť %1 Token %1 Token %1 Failed to find the key on the token Zlyhalo nájdenie kľúča na tokene Invalid Pin for the token Neplatný PIN tokenu Failed to initialize the key on the token Zlyhal inicializácia kľúča na tokene Public Key mismatch. Please re-import card Nezhoda verejného kľúča. Prosím, znova importujte kartu pki_temp Successfully imported the XCA template '%1' Úspešne importovaná šablóna XCA „%1” Delete the XCA template '%1'? Odstrániť šablónu XCA „%1”? Successfully created the XCA template '%1' Úspešne vytvorená šablóna XCA „%1” Delete the %1 XCA templates: %2? Odstrániť %1 šablón XCA: %2? Wrong Size %1 Zlá veľkosť %1 Template file content error (too small) Chyba obsahu súboru šablóny (príliš malá) Not a PEM encoded XCA Template Šablóna XCA nie je vo formáte PEM Not an XCA Template, but '%1' Nie je šablóna XCA, ale „%1” Template file content error (too small): %1 Chyba obsahu súboru šablóny (príliš malá): %1 pki_x509 Successfully imported the certificate '%1' Úspešne importovaný certifikát „%1” Delete the certificate '%1'? Odstrániť certifikát „%1”? Successfully created the certificate '%1' Úspešne vytvorený certifikát „%1” Delete the %1 certificates: %2? Odstrániť %1 certifikátov: %2? Unable to load the certificate in file %1. Tried PEM and DER certificate. Nemožno načítať certifikát zo súboru %1. Vyskúšaný certifikát PEM a DER. This certificate is already on the security token Tento certifikát už je na bezpečnostnom tokene Delete the certificate '%1' from the token '%2 (#%3)'? Odstrániť certifikát „%1” z tokenu „%2 (#%3)”? There is no key for signing ! Chýba kľúč na podpísanie! Wrong Size %1 Zlá veľkosť %1 No Nie Yes Áno Renew certificate: %1 Obnoviť certifikát: %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' Certifikát XCA „%1”, vydaný %2 vyprší %3. Je uložený v databáze XCA „%4” CRL Renewal of CA '%1' due Termín obnovenia CRL CA „%1” The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' Posledné CRL vydané CA „%1” vyprší %2. Je uložené v databáze XCA „%3” pki_x509req Signing key not valid (public key) Podpisujúci kľúč neplatný (verejný kľúč) Successfully imported the %1 certificate request '%2' úspešne importovaná %1 žiadosť o certifikát „%2” Delete the %1 certificate request '%2'? Odstrániť %1 žiadosť o certifikát „%2”? Successfully created the %1 certificate request '%2' Úspešne vytvorená %1 žiadosť o certifikát „%2” Delete the %1 certificate requests: %2? Odstrániť %1 žiadosť o certifikát: %2? Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. Nemožno načítať žiadosť o certifikát zo súboru %1. Vyskúšané formáty PEM, DER a SPKAC. Wrong Size %1 Zlá veľkosť %1 Signed Podpísaný Unhandled Nespracované v3ext Copy Common Name Kopírovať bežný názov Add Pridať Delete Odstrániť Apply Použiť Validate Overiť Cancel Zrušiť An email address or 'copy' Emailová adresa alebo „copy” An email address Emailová adresa A registered ID: OBJECT IDENTIFIER Registrované ID: IDENTIFIKÁTOR OBJEKTU A uniform resource indicator Jednotný indikátor zdroja A DNS domain name or 'copycn' Doménové meno DNS alebo „copycn” A DNS domain name Doménové meno DNS An IP address Adresa IP Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' Syntax: <OID>;TYP:text ako '1.2.3.4:UTF8:názov' No editing. Only 'copy' allowed here Neupravovať. Je tu dovolené len „copy” Validation failed: '%1' %2 Overenie zlyhalo: „%1” %2 Validation successful: '%1' Overenie úspešné: „%1” xca-RELEASE.2.2.1/lang/xca_hr.ts0000644000175000017500000062372613614632167015472 0ustar tewardteward About Done Završeno, Obavljeno Gotovo CaProperties CA Properties Svojstva CA Osobine CA Use random Serial numbers Koristi slučajan Serijski broj Days until next CRL issuing Broj dana do izdavanja CRL Broj dana do sljedećeg CRL Default template Osnovni obrazac Osnovni predložak Next serial for signing Sljedeći Serijski broj za potpis CertDetail Details of the Certificate Detalji Potvrde S&tatus Status? S&tanje Serial Serijski broj The serial number of the certificate Serijski broj potvrde The internal name of the certificate in the database Interno ime potvrde (u bazi) Internal name Interno ime Signature algorithm Algoritam potpisa Signature Potpis Key Ključ Fingerprints Sažeci potvrde SHA1 SHA1 MD5 MD5 A SHA-1 hashsum of the certificate SHA-1 sažetak potvrde An md5 hashsum of the certificate MD5 sažetak potvrde Status Stanje SHA256 SHA256 A SHA-256 hashsum of the certificate SHA-256 sažetak potvrde Validity Valjanost The time since the certificate is valid Vrijeme od kada je potvrda valjana The time until the certificate is valid Vrijeme do kada je potvrda valjana Subject Subjekt Issuer Izdavač Extensions Proširenja Comment Napomena &Subject Nositelj? &Subjekt &Issuer &Izdavač Attributes Svojstva &Extensions Ekstenzije, Produžeci, Dodaci? &Proširenja Show config Pokaži konfiguraciju Show extensions Ekstenzije? Pokaži proširenja Show public key This key is not in the database. Not available Nije dostupno Revoked at %1 Details of the certificate Detalji potvrde Signer unknown Potpisnik (izdavač) nepoznat Self signed Samopotpisan Not trusted kome se ne vjeruje Nepouzdan Trusted Pouzdan Revoked: Opozvan: Not valid Nevažeći Valid Važeći Details of the certificate signing request Detalji zahtjeva za izdavanje potvrde CertExtend Certificate renewal Obnova potvrde This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. trajanja, važenja Ovo će izraditi novu potvrdu kao kopiju postojeće s novim serijskim brojem i podešenim vrijednostima valjanosti potvrde. Validity Ispravnost, važenje, Valjanost Not before Ne prije Od Not after Ne nakon Do Time range Vremensko razdoblje Days Dana Months Mjeseci Years Godina Apply Primijeni Revoke old certificate Opozovi staru potvrdu Keep serial number Midnight Ponoć Local time Lokalno vrijeme No well-defined expiration Neodređeno trajanje Nejasno definirano trajanje The certificate will be earlier valid than the signer. This is probably not what you want. Početak valjanosti potvrde je prije početka valjanosti potvrde potpisnika (ovjeritelja). To vjerojatno nije ono što ste htjeli. Edit times Uredi vremena Edit dates Uredi datume Abort rollout Izdavanju??? teško je reči O uvođenju Continue rollout Nastavi uvođenje Adjust date and continue Podesi datum i nastavi The certificate will be longer valid than the signer. This is probably not what you want. Kraj valjanosti potvrde je nakon isteka valjanosti potvrde potpisnika (ovjeritelja). To vjerojatno nije ono što ste htjeli. CertTreeView Import PKCS#12 Uvezi PKCS#12 Import from PKCS#7 Uvezi PKCS#7 Request Zahtjev Security token Pametni token Other token Drugi token Similar Certificate Slična Potvrda Delete from Security token Obriši s pametnog tokena CA CA Properties Osobine Generate CRL Izradi CRL Manage revocations Upravljaj opozivima Trust Povjerenje Renewal Obnovi Revoke Opozovi Unrevoke Nemoj opozvat CertView There was no key found for the Certificate: Nije pronađen ključ za Potvrdu: Import Certificate signing request Uvezi zahtjev za izdavanje Potvrde (CSR) ClickLabel Double click for details Dvaput kliknite za detalje CrlDetail Details of the Revocation list Detalji popisa opozvanih potvrda &Status &Stanje Version Inačica Signature Potpis Signed by Potpisao Name Ime The internal name of the CRL in the database Interno ime popisa povučenih potvrda (u bazi podataka) issuing dates datumi izdavanja Next update Sljedeća obnova Last update Posljednja obnova Comment Napomena Next Update Sljedeća obnova Last Update Posljednja obnova &Issuer &Izdavač &Extensions &Proširenja &Revocation list &Popis opoziva 0 0 Serial Serijski broj Revocation Opoziv Reason Razlog Invalidation Poništenje Failed Neuspješno Unknown signer Nepoznat potpisnik (izdavač) Verification not possible Nije moguće obaviti provjeru Unknown certificate Nepoznata potvrda ExportCert X509 Certificates ( *.cer *.crt *.p12 *.p7b);;All files ( * ) X509 Potvrda ( *.cer *.crt *.p12 *.p7b);;Sve datoteke ( * ) DER is a binary format of the Certificate PEM is a base64 encoded Certificate PKCS#7 is an official Certificate exchange format PKCS#12 is an encrypted official Key-Certificate exchange format DER je binarni format Potvrde PEM je base64 kodirana Potvrde PKCS#7 is službeni format za razmjenu Potvrda PKCS#12 je kriptirani format za razmjenu Ključa i Potvrde Please enter the filename for the certificate. Unesite ime datoteke za potvrdu. Certificate export Izvoz potvrde ExportDer All files ( * ) Sve datoteke ( * ) DER is a binary format PEM is a base64 encoded DER file DER je binarni format PEM je base64 kodirana DER datoteka ExportDialog Name Ime The internal name of the CRL in the database Interno ime popisa povučenih potvrda (u bazi podataka) ... ... Filename Datoteka Export comment into PEM file Please enter the filename Unesite ime datoteke Export Format Format izvoza All files ( * ) Sve datoteke ( * ) PEM Text format with headers PEM Tekst format sa zaglavljima Concatenated list of all selected items in one PEM text file Lista svih odabranih stavki spojena u jednu PEM datoteku Concatenated text format of the complete certificate chain in one PEM file Cjelokupni lanac potvrda spojen u jednu tekstualnu PEM datoteku Tekstualni format s cjelokupnim lancem potvrda spojenim u jednu PEM datoteku Concatenated text format of all trusted certificates in one PEM file Tekstualni format sa svim pouzdanim potvrdama u jednoj PEM datoteci Concatenated text format of all certificates in one PEM file Sve potvrde spojene u jednu tekstualnu PEM datoteku Tekstualni format sa svim potvrdama spojenim u jednu PEM datoteku Binary DER encoded file Binarna datoteka kodirana u DER formatu PKCS#7 encoded single certificate Pojedinačni certifikat kodiran u PKCS#7 formatu PKCS#7 encoded complete certificate chain Cjelokupni lanac potvrda kodiran u PKCS#7 formatu All trusted certificates encoded in one PKCS#7 file Sve pouzdane potvrde kodirane u jednoj PKCS#7 datoteci Concatenated text format of all unrevoked certificates in one PEM file Tekstualni format sa svim nepozvanim potvrdama spojenim u jednu PEM datoteku Tekstualni format sa svim nepozvanim potrdama u jednoj PEM datoteku All unrevoked certificates encoded in one PKCS#7 file Sve neopozvane potvrde kodirane u jednoj PKCS#7 datoteci All selected certificates encoded in one PKCS#7 file Sve odabrane potvrde kodirane u jednoj PKCS#7 datoteci All certificates encoded in one PKCS#7 file Sve potvrde kodirane u jednoj PKCS#7 datoteci The certificate and the private key as encrypted PKCS#12 file Potvrda i privatni ključ u kriptiranoj PKCS#12 datoteci The complete certificate chain and the private key as encrypted PKCS#12 file Cjelokupni lanac potvrda i privatni ključ u kriptiranoj PKCS#12 datoteci Concatenation of the certificate and the unencrypted private key in one PEM file Spajanje potvrde i nekriptiranog privatnog ključa u jednu PEM datoteku Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Spajanje potvrde i kriptiranog privatnog ključa u PKCS#8 formatu u jednu datoteku Text format of the public key in one PEM file Tekstualni format javnog ključa u jednoj PEM datoteci Binary DER format of the public key Binarni DER format javnog ključa Unencrypted private key in text format Nekriptirani privatni ključ u tekstualnom formatu OpenSSL specific encrypted private key in text format Privatni ključ kriptiran na OpenSSL način u tekstualnom formatu Unencrypted private key in binary DER format Nekriptirani privatni ključ u binarnom DER formatu Unencrypted private key in PKCS#8 text format Nekriptirani privatni ključ u PKCS#8 tekst formatu Encrypted private key in PKCS#8 text format Kriptirani privatni ključ u PKCS#8 tekst formatu The public key encoded in SSH2 format Javni ključ kodiran u SSH2 formatu OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool Certificate Index datoteka na OpenSSL način, izrađena pomoću naredbe 'ca' kako zahtjeva OCSP alat vCalendar expiry reminder for the selected items vCalendar podsjetnik o prestanku važenja odabranih stavki vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL vCalendar podsjetnik o prestanku važenja sadrži sve izdane, važeće potvrde, CA certifikat i zadnji CRL Certificate Index file Kazalo datoteka Potvrda The file: '%1' already exists! Datoteka: '%1' već postoji! Overwrite Prepiši Do not overwrite Nemoj prepisati ExportKey When exporting the private key it should be encrypted. Kod izvoza privatni ključ bi trebao biti kriptiran. When exporting the private part, it should be encrypted. Kod izvoza privatni dio bi trebao biti kriptiran. E&xport the private part of the Key too I&zvezi i privatni dio Ključa Export as PKCS#8 Izvezi kao PKCS#8 &Encrypt the Key with a password &Kriptiraj Ključ sa zaporkom Private keys ( *.pem *.der *.pk8 );;All files ( * ) Privatni ključevi ( *.pem *.der *.pk8 );;Sve datoteke ( * ) DER is a binary format of the key without encryption PEM is a base64 encoded key with optional encryption PKCS#8 is an encrypted official Key-exchange format DER je binarni format ključa bez kripcije PEM je base64 kodirani ključ s opcionalnom kripcijom PKCS#8 je službeni format za razmjenu ključeva Please enter the filename for the key. Unesite ime datoteke za ključ. Export public %1 key Izvezi javni %1 ključ Export %1 key Izvezi %1 ključ Help << << >> >> &Done Završeno, Obavljeno &Gotovo ImportMulti Import PKI Items Uvezi PKI stavke Import &All Uvezi &Sve &Import &Uvezi &Done &Gotovo &Remove from list &Obriši s popisa Details Detalji Delete from token Obriši s tokena Rename on token Preimenuj na tokenu Name: %1 Model: %2 Serial: %3 ime, naziv? Ime: %1 Model: %2 Serijski broj: %3 Manage security token Upravljaj pametnim tokenom The type of the Item '%1' is not recognized Vrsta stavke '%1' je nepoznata Details of the item '%1' cannot be shown Detalji stavke '%1' ne mogu se prikazani The type of the item '%1' is not recognized Vrsta stavke '%1' je nepoznata The file '%1' did not contain PKI data Datoteka '%1' ne sadrži PKI podatke The %1 files: '%2' did not contain PKI data Datoteke %1: '%2'ne sadrže PKI podatke ItemProperties Form Obrazac Name Ime Source Izvor Insertion date Datum unošenja Comment Napomena KeyDetail Name Ime The internal name of the key used by xca Interno ime ključa korištenog od strane xca Security token Pametni token Manufacturer Proizvođač Serial Serijski broj Key Ključ Public Exponent Javni Eksponent Keysize Dužina ključa Private Exponent Privatni Exponent Security Token Pametni token Label Oznaka PKCS#11 ID PKCS#11 ID Token information Podaci o tokenu Model Model Fingerprint Comment Napomena Modulus Modul Details of the %1 key Detalji %1 ključa Not available Nije dostupno Token Token Security token ID:%1 Oznaka pametnog tokena:%1 Available Dostupno Sub prime Ostaviti u orginalu? Prosti broj - 1 Public key Javni ključ Private key Privatni ključ Curve name Ime krivulje Unknown key Nepoznati ključ KeyTreeView Change password Promjena zaporke Reset password Postavi početnu zaporku Change PIN Promijeni PIN Init PIN with SO PIN (PUK) Pripremi PIN pomoću SO PIN (PUK) Change SO PIN (PUK) Promijeni SO PIN (PUK) Security token Pametni token This is not a token Ovo nije token Tried to change PIN of a key Pokušaj promjene PIN ključa Tried to init PIN of a key Pokušaj inicijalizacije PIN ključa Tried to change SO PIN of a key Pokušaj inicijalizacije SO PIN ključa Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable Da li da originalni ključ '%1' treba biti zamijenjen ključem s tokena? To će obrisati ključ '%1' i zabraniti njegov izvoz MainWindow Private Keys Privatni Ključevi &New Key &Novi Ključ &Export &Izvezi &Import &Uvezi Import PFX (PKCS#12) Uvezi PFX (PKCS#12) &Show Details &Prikaži Detalje &Delete &Brisanje Certificate signing requests Zahtjev za izdavanje potvrde (CSR) &New Request &Novi Zahtjev Certificates Potvrde &New Certificate &Nova Potvrda Import &PKCS#12 Uvezi &PKCS#12 Import P&KCS#7 Uvezi &PKCS#7 Plain View Običan pregled Templates Predlošci &New Template &Novi predložak &New CRL &Novi CRL &New template &Novi predložak Ch&ange Template Pr&omijeni predložak Revocation lists Popis opozvanih potvrda Using or exporting private keys will not be possible without providing the correct password Korištenje ili izvoz privatnih ključeva neće biti moguće bez davanja ispravne zaporke Database Baza podataka The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. Trenutno korišteni osnovni sažetak '%1' je nesiguran. Iz sigurnosnih razloga odaberite barem 'SHA 224'. Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Detektiran stari format baze podataka. Izrađujem rezervnu kopiju s imenom: '%1' i pretvaram bazu podataka u novi format Failed to rename the database file, because the target already exists Nije moguće preimenovati datoteku baze podataka, ciljano ime već postoji No deleted items found Nisu pronađene obrisane stavke Errors detected and repaired while deleting outdated items from the database. A backup file was created Tijekom brisanja zastarjelih stavaka iz baze podataka otkrivene su i popravljene greške. Kreirana je rezervna kopija Removing deleted or outdated items from the database failed. Nije uspjelo uklanjanje obrisanih ili zastarjelih stavki iz baze podataka. Recent DataBases Nedavna baza podataka System Sustav Croatian Hrvatski English Engleski French Francuski German Njemački Russian Ruski Spanish Španjolski Polish Italian Chinese Dutch Portuguese in Brazil Turkish Turski Language Jezik &File &Datoteka &New DataBase &Nova baza podataka &Open DataBase &Otvori bazu podataka Open Remote DataBase Otvori udaljenu bazu podataka Paste PEM file Ubaci, zalijepi Zalijepi PEM datoteku Token Token &Export Certificate Index &Izvezi kazalo Potvrda &Export Certificate Index hierarchy &Izvezi hijerarhiju kazala Potvrda Generate DH parameter Generiraj DH parametar Database dump ( *.dump );; All files ( * ) Istovar baze podataka ( *dump );; Sve datoteke ( * ) Set as default DataBase Postavi kao osnovnu bazu podataka &Close DataBase &Zatvori bazu podataka &Dump DataBase I&stovari bazu podataka C&hange DataBase password P&romijeni zaporku baze podataka &Import old db_dump &Uvezi stari istovar baze podataka &Undelete items &Vrati obrisane stavke Options Opcije Slovak Slovački New DataBase Open DataBase Close DataBase Exit Izlaz I&mport U&vezi Keys Ključevi Requests Zahtjevi PKCS#12 PKCS#12 PKCS#7 PKCS#7 Template Predložak Revocation list Popis opozvanih potvrda PEM file PEM datoteka Content Sadržaj paste PEM file zalijepi PEM datoteku &Token &Token &Manage Security token &Upravljaj pametnim tokenom &Init Security token &Inicijaliziraj pametni token &Change PIN &Promijeni PIN Change &SO PIN Promijeni &SO PIN Init PIN Inicijaliziraj PIN Extra Dodatno Export Certificate &Index hierarchy OID Resolver Prevoditelj OID &Help &Pomoć &Content &Sadržaj About O &About &O programu Donations Donacije Database dump ( *.dump );;All files ( * ) Istovari baze podataka ( *.dump );;Sve datoteke ( * ) Import password Zaporka za uvoz Please enter the password of the old database Unesite zaporku stare baze podataka Password verification error. Ignore keys ? Greška provjere zaporke. Ignorirati ključeve? Import anyway Ipak uvezi no such option: %1 nema te opcije: %1 Import PEM data Uvezi PEM podatke Please enter the original SO PIN (PUK) of the token '%1' Unesi originalni SO PIN (PUK) pametnog tokena '%1' Please enter the new SO PIN (PUK) of the token '%1' Unesite novi SO PIN (PUK) pametnog tokena '%1' Search Traži Please enter the new SO PIN (PUK) for the token '%1' Molimo unesite novi SO PIN (PUK) ključ za pametni token '%1' The new label of the token '%1' Nova oznaka pametnog tokena '%1' The token '%1' did not contain any keys or certificates Token '%1' ne sadrži ni jedan ključ ili potvrdu Current Password Trenutna zaporka Please enter the current database password Unesite trenutnu zaporku baze podataka The entered password is wrong Unesena zaporka je neispravna New Password Nova Zaporka Please enter the new password to encrypt your private keys in the database-file Unesite novu zaporku za kripciju privatnih ključeva u bazi podataka Transaction start failed Neuspješan početak transakcije Please enter a password, that will be used to encrypt your private keys in the database: %1 Unesite zaporku za kripciju privatnih ključeva u bazi podataka: %1 Please enter a password, that will be used to encrypt your private keys in the database file: %1 Unesite novu zaporku, koja će se koristiti za kripciju Vaših privatnih ključeva u datoteci baze podataka: %1 Password verify error, please try again Greška provjere zaporke, pokušajte ponovo Password Zaporka Please enter the password for unlocking the database: %1 Unesite zaporku za otključavanje baze podataka: %1 The following error occurred: Desila se sljedeća greška: Copy to Clipboard Kopiraj u Clipboard Certificate Index ( index.txt ) Kazalo Potvrda ( index.txt ) All files ( * ) Sve datoteke ( * ) Diffie-Hellman parameters saved as: %1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits Diffie-Hellman parametri su potrebni za različite aplikacije, no XCA ih nije obradila. Unesite bitove za DH parametre Error opening file: '%1': %2 Greška u otvaranju datoteke: '%1': %2 NewCrl Create CRL Izradi CRL Dates Datumi last update posljednja obnova next update sljedeća obnova Days Dani? Dana Months Mjeseci Years Godina Midnight Ponoć Local time Lokal. vrijeme Apply Primjeni CRL number Broj CRL Hash algorithm Algoritam sažetka Hashing algorithm Algoritam sažetka Extensions Proširenja Authority key identifier Oznaka ključa Autoriteta Subject alternative name Alternativno ime subjekta Form Obrazac Last update Posljednja obnova Next update Sljedeća obnova Options Opcije CRL Number Broj CRL Revocation reasons Razlog za opoziv NewKey New key Novi ključ Please give a name to the new key and select the desired keysize Unesite ime novog ključa i odaberite njegovu dužinu Key properties Osobine ključa Name Ime The internal name of the new key Interno ime novog ključa Curve name Ime krivulje Usually at least 2048 bit keys are recommended Obično se savjetuje koristiti ključeve dužine najmanje 2048 bitova New Key Novi ključ Curve Krivulja Keysize Dužina ključa Usually 1024 or 2048 bit keys are used Uobičajene dužine ključa su 1024 i 2048 bita Keytype Vrsta ključa Remember as default Zapamti kao osnovnu vrijednost Create Stvori NewX509 Create Izradi Source Izvor, mislim da je Zahtjev više u duhu jezika Zahtjev Signing request Zahtjev za izdavanje Show request Prikaži Pokaži zahtjev Sign this Certificate signing &request ovaj - da li treba? Potpiši ovaj &zahtjev za izdavanje potvrde Copy extensions from the request Kopiraj proširenja iz zahtjeva Modify subject of the request Promijeni Subjekt iz zahtjeva Signing Potpisivanje Create a &self signed certificate with the serial Stvori ili napravi ili izradi? Izradi &samopotpisanu potvrdu s ovim serijskim brojem If you leave this blank the serial 00 will be used Ako ovo ne ispunite koristiti će se serijski broj 00 1 1 Use &this Certificate for signing Koristi &ovu Potvrdu za potpisivanje All certificates in your database that can create valid signatures Sve potvrde u vašoj bazi podataka koje mogu izraditi valjani potpis Signature algorithm Algoritam potpisivanja Template for the new certificate Predložak za novu potvrdu All available templates Svi raspoloživi predlošci Apply extensions Primijeni proširenja Apply subject Primijeni subjekt Apply all Primijeni sve Subject Subjekt Distinguished name Jedinstveno ime (DN) Organisation Organizacija This name is only used internally and does not appear in the resulting certificate Ovo ime se samo interno koristi i neće se pojaviti u izrađenoj potvrdi Must be exactly 2 letter of size (DE, UK) Mora biti točno 2 velika slova (HR, UK) Country code Kod države State or Province U smislu savezna država Država ili Pokrajina Locality Mjesto Organisational unit Organizacijska jedinica E-Mail address E-mail adresa Internal name Interno ime Common name Uobičajeno ime Add Dodaj Delete Brisanje Private key Privatni ključ This list only contains unused keys Ovaj popis sadrži samo neiskorištene ključeve Used keys too Korišteni ključevi također &Generate a new key &Generiraj novi ključ Extensions Proširenja Basic constraints Osnovna ograničenja Create a &self signed certificate Izradi &samopotpisanu potvrdu Internal Name Interno ime Type Vrsta If this will become a CA certificate or not Da li će ovo postati CA potvrda ili ne Not defined Nije definirano Certification Authority Tijelo ovjeravanja (CA) End Entity Krajnji subjekt Path length Dužina puta How much CAs may be below this. Koliko CA može biti ispod ove CA. The basic constraints should always be critical Osnovna ograničenja bi uvijek trebala biti kritična osobina potvrde Key identifier Oznaka ključa Creates a hash of the key following the PKIX guidelines Izradi sažetak ključa sljedeći PKIX preporuke Copy the Subject Key Identifier from the issuer Kopiraj Oznaku ključa Subjekta iz izdavača Validity Nepobitnost, pravomoćnost, valjanost Ispravnost Not before Od Not after Do Time range Vremensko razdoblje Days Dana Months Mjeseci Years Godina Apply Primjeni Set the time to 00:00:00 and 23:59:59 respectively Postavi vrijeme na 00:00:00 odnosno 23:59:59 Midnight Ponoć Local time Lokalno vrijeme No well-defined expiration Nejasno definiran istek roka subject alternative name Alternativno ime subjekta DNS: IP: URI: email: RID: DNS: IP: URI: email: RID: Edit Uredi issuer alternative name alternativno ime izdavača CRL distribution point Točka objave popisa opozvanih potvrda URI: URI: Authority Info Access Dohvat informacija Autoriteta (AIA) can be altered by the file "aia.txt" može biti promijenjeno pomoću datoteke "aia.txt" Key usage Namjena ključa Extended key usage Proširena upotreba ključa Netscape Netscape CA Revocation URL URL opoziva CA Revocation URL URL opoziva SSL server name SSL ime poslužitelja Certificate renewal URL URL za obnovu potvrde Comment Napomena CA policy URL URL politike CA Base URL Osnovni URL If you know a more pretty one tell me !!! Ovo vrijedi i za hrvatski prijevod Ako znate bolje, javite mi Advanced Napredno Validate Potvrditi Create a &self signed certificate with a MD5-hashed QA serial Izradi &samopotpisanu potvrdu s MD5 sažetkom CA serijskog broja Create Certificate signing request Izradi zahtjev za izdavanje potvrde (CSR) minimum size: %1 najmanja veličina: %1 maximum size: %1 najveća veličina: %1 only a-z A-Z 0-9 '()+,-./:=? samo a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters samo 7 bitni znaci XCA template XCA predložak Create x509 Certificate Izradi x509 Potvrdu From PKCS#10 request Iz PKCS#10 zahtjeva Other Tabs Druge Kartice Critical Ključan Create XCA template Izradi XCA predložak Edit XCA template Uredi XCA predložak Template '%1' applied Primijenjen obrazac '%1' Subject applied from template '%1' Subjekt primijenjen iz predloška '%1' Extensions applied from template '%1' Proširenja primijenjena iz predloška '%1' New key '%1' created Izrađen je novi ključ '%1' Advanced Tab Kartica Napredno Errors Greške Abort rollout O uvođenju The following length restrictions of RFC3280 are violated: Sljedeća ograničenja dužine iz RFC3280 su prekršena: Edit subject Uredi subjekt Continue rollout Nastavi uvođenje The verification of the Certificate request failed. The rollout should be aborted. Provjera zahtjeva za izdavanje Potvrde nije uspješna. Uvođenje će biti prekinuto. Continue anyway Nastavi bez obzira na sve The internal name and the common name are empty. Please set at least the internal name. Interno ime i uobičajeno ime (CN) nisu popunjeni. Molimo vas popunite barem interno ime. Edit name Uredi ime There is no Key selected for signing. Nije odabran Ključ za potpisivanje. Select key Odaberi ključ The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. Sljedeća polja jedinstvenog imena su nepopunjena: %1 premda ste ih označili kao obavezno prisutnima u meniju s opcijama. The key you selected for signing is not a private one. Ključ kojeg ste odabrali za potpisivanje nije privatni ključ. Select other signer Odaberite drugog potpisnika Select other key Odaberite drugi ključ The certificate will be earlier valid than the signer. This is probably not what you want. Početak valjanosti potvrde je prije početka valjanosti potvrde potpisnika (ovjeritelja). To vjerojatno nije ono što ste htjeli. Edit dates Uredi datume Adjust date and continue Podesi datum i nastavi The certificate will be longer valid than the signer. This is probably not what you want. Kraj valjanosti potvrde je nakon isteka valjanosti potvrde potpisnika (ovjeritelja). To vjerojatno nije ono što ste htjeli. The certificate will be out of date before it becomes valid. You most probably mixed up both dates. Potvrda će prestati važiti prije nego što je izdana. Vjerojatno ste zamijenili datume. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. Potvrda sadrži neispravna ili duplicirana proširenja. Provjerite valjanost na Kartici Napredno. The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. Potvrda ne sadrži proširenja. Možete primijeniti proširenja na neki od predložaka kako bi definirali svrhu potvrde. Edit extensions Uredi proširenja The subject alternative name shall contain a copy of the common name. However, the common name is empty. Alternativno ime subjekta treba sadržavati kopiju uobičajenog imena. Međutim, uobičajeno ime nije definirano. Configfile error on line %1 Greška u konfiguracijskoj datoteci u liniji %1 OidResolver OID Resolver Prevoditelj OID Enter the OID, the Nid, or one of the textual representations Unesite OID, Nid ili neki oblik imena Search Traži OID OID Long name Puno ime OpenSSL internal ID Interni OpenSSL ID Nid Nid Short name Skraćeno ime OpenDb Dialog Dijalog Open remote database Otvori udaljenu bazu Database type Vrsta baze podataka Hostname Ime stroja Username Korisničko ime Password Zaporka Database name Ime baze podataka Table prefix Predmetak tablice No SqLite3 driver available. Please install the qt-sqlite package of your distribution Nedostaje upravljački program za SqLite3. Iz vaše distribucije instalirajte paket qt-sqlite Please enter the password to access the database server %2 as user '%1'. Unesite zaporku za pristup poslužitelju baze podatka %2 kao korisnik '%1'. The database driver does not support transactions. This may happen if the client and server have different versions. Continue with care. Upravljački program baze podataka ne podržava transakciju. Mogući uzrok je različita verzija na klijentu i poslužitelju. Nastavite oprezno. Options XCA Options XCA Opcije Mandatory subject entries Obavezne stavke subjekta Add Dodaj Delete Obriši Default hash algorithm Osnovni algoritam sažetka Settings Postavke String types Vrste nizova Suppress success messages Izostavi poruke o uspješnoj akciji Don't colorize expired certificates Nemoj obojiti istekle potvrde Translate established x509 terms (%1 -> %2) Prevedi uspostavljene x509 pojmove (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. XCA ne koristi funkcionalnost sažetka tokena. XCA će možda prihvatiti ograničeni skup sažetka koje pruža token. Posebno EC i DSA su samo definirani sa SHA1 u PKCS#11 specifikaciji. Only use hashes supported by the token when signing with a token key Kod potpisivanja ključem iz tokena koristi samo sažetke koje podržava token Disable legacy Netscape extensions Deaktiviraj/isključi zastarjela Netscape proširenja Onemogući nasljeđena Netscape proširenja Certificate expiry warning threshold Prag upozorenja o isteku potvrde Send vCalendar expiry reminder Pošalji vCalendar podsjetnik o isteku Serial number length Dužina serijskog broja bit bita Distinguished name Jedinstveno ime Explicit subject entries Izričite stavke subjekta Dynamically arrange explicit subject entries Dinamički posloži izričite stavke subjekta Default Osnovno Osnovni PKCS#11 provider PKCS#11 poslužitelj Remove Izbaci Search Traži Printable string or UTF8 (default) !!! Ispisljivi koja je alternativa za Čitljivi Čitljivi niz ili UTF8 (osnovni odabir) PKIX recommendation in RFC2459 PKIX preporuke iz RFC2459 No BMP strings, only printable and T61 Ne BMP nizovi, samo čitljivi i T61 UTF8 strings only (RFC2459) Samo UTF8 nizovi (RFC2459) All strings Svi nizovi Days Dana Weeks Tjedana Load failed Učitavanje nije uspjelo PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) Zaporka se rastavlja i tumači kao 2 znamenkasti heksadecimalni kod. Mora imati paran broj znamenki (0-9 and a-f) Take as HEX string Uzmi heksadekadni niz Repeat %1 Ponovi %1 %1 mismatch %1 je neodgovarajući Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters Heksadecimalna zaporka smije sadržavati samo znakove '0' - '9' i 'a' - 'f' i mora se sastojati od parnog broja znakova E&xit I&zlaz QObject Undefined Nedefinirano Broken / Invalid Poništen / Neispravan in %1 seconds za %1 sekundi %1 seconds ago prije %1 sekundi in %1 minutes za %1 minuta %1 minutes ago prije %1 minuta Yesterday Jučer Tomorrow Sutra in %1 hours za %1 sati %1 hours ago prije %1 sati DB: Rename: '%1' already in use DB: Preimenuj: '%1' je već u upotrebi DB: Entry to rename not found: %1 DB: Stavka za preimenovati nije pronađena: %1 DB: Write error %1 - %2 DB: Greška u pisanju %1 - %2 Out of data Nema podatka Error finding endmarker of string Greška u traženju oznake kraja niza Out of Memory at %1:%2 Ponestalo slobodne memorije u %1:%2 All files ( * ) Sve datoteke ( * ) PKI Keys ( *.pem *.der *.key );;PKCS#8 Keys ( *.p8 *.pk8 );; PKI ključevi ( *.pem *.der *.key );;PKCS#8 ključevi ( *.p8 *.pk8 );; PKI Keys ( *.pem *.der *.key );;PKCS#8 Keys ( *.p8 *.pk8 );;SSH Public Keys ( *.pub );; PKI ključevi ( *.pem *.der *.key );;PKCS#8 ključevi ( *.p8 *.pk8 );;SSH javni ključevi ( *.pub );; Import RSA key Uvezi RSA ključ PKCS#10 CSR ( *.pem *.der *.csr );;Netscape Request ( *.spkac *.spc );; PKCS#10 CSR ( *.pem *.der *.csr );;Netscape zahtjev ( *.spkac *.spc );; PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; SSH Public Keys ( *.pub );; PKI ključevi ( *.pem *.der *.key );; PKCS#8 ključevi ( *.p8 *.pk8 );; SSH javni ključevi ( *.pub );; PKCS#10 CSR ( *.pem *.der *.csr );; Netscape Request ( *.spkac *.spc );; PKCS#10 CSR ( *.pem *.der *.csr );; Netscape zahtjev ( *.spkac *.spc );; PKCS#10 CSR ( *.pem *.der *.csr );; PKCS#10 CSR ( *.pem *.der *.csr );; Import Request Uvezi zahtjev Certificates ( *.pem *.der *.crt *.cer );; Potvrde ( *.pem *.der *.crt *.cer );; Import X.509 Certificate Uvezi x509 Potvrdu PKCS#7 data ( *.p7s *.p7m *.p7b );; PKCS#7 podaci ( *.p7s *.p7m *.p7b );; Import PKCS#7 Certificates Uvezi PKCS#7 Potvrde PKCS#12 Certificates ( *.p12 *.pfx );; PKCS#12 Potvrde ( *.p12 *.pfx );; Import PKCS#12 Private Certificate Uvezi PKCS#12 Privatne Potvrde XCA templates ( *.xca );; XCA predloške ( *.xca );; Import XCA Templates Uvezi XCA Predloške Revocation lists ( *.pem *.der *.crl );; Popis opozvanih potvrda ( *.pem *.der *.crl );; Import Certificate Revocation List Uvezi Popis Opozvanih Potvrda XCA Databases ( *.xdb );; XCA Baze podataka ( *.xdb );; Open XCA Database Otvori XCA Bazu podataka PKCS#11 library ( *.dll );; PKCS#11 knjižnica ( *.dll );; PKCS#11 library ( *.dylib *.so );; PKCS#11 knjižnica ( *.dylib *.so );; PKCS#11 library ( *.so );; PKCS#11 knjižnica ( *.so );; Open PKCS#11 shared library Otvori PKCS#11 zajedničku knjižnicu PEM files ( *.pem );; PEM datoteke ( *.pem );; Load PEM encoded file Učitaj PEM kodiranu datoteku Please enter the PIN on the PinPad Unesite PIN u PinPad Please enter the SO PIN (PUK) of the token %1 Unesite SO PIN (PUK) tokena %1 Please enter the PIN of the token %1 Unesite PIN tokena %1 No Security token found Nije pronađen pametni token Select Odaberi Please enter the new SO PIN (PUK) for the token: '%1' Unesite novi SO PIN (PUK) za token: '%1' Please enter the new PIN for the token: '%1' Unesite novi PIN za token: '%1' Required PIN size: %1 - %2 Obavezna dužina PIN: %1 - %2 Failed to open PKCS11 library: %1 Neuspješno otvaranje PKCS11 knjižnice: %1 Failed to open PKCS11 library: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Disabled Library loading failed PKCS#11 function '%1' failed: %2 PKSC#11 funkcija '%1'prijavila grešku: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 PKCS#11 function '%1' failed: %2 U knjižnici %3 %4 Invalid Neispravno %1 is shorter than %2 bytes: '%3' %1 je kraće od %2 okteta: '%3' %1 is longer than %2 bytes: '%3' %1 je duže od %2 okteta: '%3' Country code Kod države State or Province Država ili Pokrajina Locality Mjesto Organisation Organizacija Organisational unit Organizacijska jedinica Common name Uobičajeno ime E-Mail address E-mail adresa Serial number Serijski broj Given name Ime Surname Prezime Title Titula Initials Inicijali Description Opis Role Funkcija Pseudonym Pseudonim Generation Qualifier Oznaka Generacije x500 Unique Identifier x500 Jedinstveni Identifikator Name Ime DN Qualifier DN Oznaka Unstructured name Nestrukturirano ime Challenge password Zaporka za izazov Basic Constraints Osnovna Ograničenja Subject alternative name Alternativno ime subjekta subject alternative name alternativno ime subjekta issuer alternative name alternativno ime izdavača Subject key identifier Oznaka ključa Subjekta Authority key identifier Oznaka ključa Autoriteta Key usage Namjena ključa Extended key usage Proširena upotreba ključa CRL distribution points Točka objave popisa opozvanih potvrda Authority information access Dohvat informacija Autoriteta Certificate type Vrsta Potvrde Base URL Osnovni URL Revocation URL URL opoziva CA Revocation URL URL opoziva CA Certificate renewal URL URL za obnovu potvrde CA policy URL URL politike CA SSL server name SSL ime poslužitelja Comment Napomena String '%1' for '%2' contains invalid characters Niz'%1' za '%2' sadrži nevažeće znakove Error reading config file %1 at line %2 Greška u konfiguracijskoj datoteci %1 u liniji %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. Objekt '%1' iz datoteke %2 linija %3 je već poznat kao '%4:%5:%6' i potrebno ga je ukloniti. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. Identifikator '%1' za OID %2 iz datoteke %3 linija %4 je već iskorišten za drugi OID kao '%5:%6:%7' i potrebno ga je promijeniti da se izbjegne nesporazum. Unknown object '%1' in file %2 line %3 Nepoznati objekt '%1' u datoteci %2 linija %3 Failed to start a database transaction Neuspješan početak transakcije ReqTreeView Sign Potpiši Unmark signed Mark signed Similar Request Sličan zahtjev RevocationList Manage revocations Upravljaj opozivima Add Dodaj Delete Obriši Edit Uredi No. Br. Serial Serijski broj Revocation Opoziv Reason Razlog Invalidation Poništenje Generate CRL Izradi CRL Revoke Revocation details Detalji opoziva Invalid since Nevažeće od Local time Lokalno vrijeme Certificate revocation Opoziv potvrde Revocation reason Razlog za opoziv Serial Serijski broj SearchPkcs11 Dialog Dijalog Directory Mape ... ... Include subdirectories Uključi podmape Search Traži The following files are possible PKCS#11 libraries Sljedeće datoteke su kandidati za PKCS#11 datoteke SelectToken Select Token Odaberi token Security token Pametni token Please select the security token Odaberite pametni token TempTreeView Duplicate Podvostruči Create certificate Izradi potvrdu Create request Izradi zahtjev copy kopiraj TrustState Set trustment of the Certificate Podesi pouzdanost Potvrde Certificate trust Povjerenje u potvrdu Trustment Pouzdanost &Never trust this certificate &Nikad ne vjeruj ovoj potvrdi Only &trust this certificate, if we trust the signer Uvijek &vjeruj potvrdi, ako vjerujemo izdavaču &Always trust this certificate &Uvijek vjeruj ovoj potvrdi Validity yyyy-MM-dd hh:mm yyyy-MM-dd hh:mm X509SuperTreeView OpenSSL config OpenSSL konfiguracija Transform Preobrazi Template Predložak Public key Javni ključ Public Key Javni ključ XcaTreeView Subject entries Stavke subjekta X509v3 Extensions X509v3 Proširenja Netscape extensions Netscape proširenja Reset Vrati na početak Remove Column Izbaci Stupac Hide Column Sakrij Stupac Details Detalji Columns Stupci New Novo Import Uvezi Paste PEM data Zalijepi PEM podatke Rename Preimenuj Properties Osobine Delete Obriši Export Izvezi Clipboard Clipboard File Datoteka db_base Internal name Interno ime Bad database item Name: %1 Type: %2 Size: %3 %4 Loša stavka baze podatka Ime: %1 Vrsta: %2 Veličina: %3 %4 Do you want to delete the item from the database? The bad item may be extracted into a separate file. Da li želite izbrisati stavku iz baze podataka? Pogrešne stavke mogu biti izdvojene u zasebnu datoteku. Delete Brisanje Obriši Delete and extract Obriši i izdvoji Continue Nastavi Error opening file: '%1': %2 Greška u otvaranju datoteke: '%1': %2 No. Broj Br. Primary key Osnovni ključ Database unique number Jedinstven broj baze podataka Date Datum Date of creation or insertion Datum stvaranja ili umetanja Source Izvor Generated, Imported, Transformed Izrađen, Uvezen, Preinačen Comment Napomena First line of the comment field Prva linija polja za komentar Could not create directory %1 Item properties Osobine predmeta How to export the %1 selected items Kako da izvezemo %1 odabranih stavki All in one PEM file Sve u jednoj PEM datoteci Each item in one file Svaka stavka u zasebnoj datoteci Save %1 items in one file as Spremi %1 stavki u jednoj datoteci kao PEM files ( *.pem );; All files ( * ) PEM datoteke ( *.pem );; Sve datoteke ( * ) PEM Files( *.pem );; All files ( * ) PEM datoteke (*.pem);; Sve datoteke ( * ) Subject entries Stavke subjekta X509v3 Extensions X509v3 Proširenja Netscape extensions Netscape proširenja Reset Vrati na početak Paste PEM data Zalijepi PEM podatke Columns Stupci db_crl Signer Potpisnik Internal name of the signer Interno ime potpisnika No. revoked Broj opozvanih Number of revoked certificates Broj opozvanih potvrda Last update Posljednja obnova Next update Sljedeća obnova CRL number Broj CRL The revocation list already exists in the database as: '%1' and so it was not imported Popis opozvanih potvrda već postoji u bazi podataka kao: '%1' i zbog toga nije uvezen CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) There are no CA certificates for CRL generation Nema CA potvrda za izradu liste opozvanih potvrda Select CA certificate Odaberi CA potvrdu Create CRL Izradi CRL Failed to initiate DB transaction Neuspješno pokretanje promjene baze podataka Database error: %1 Database error: Greška u bazi podataka: Revocation list export Izvoz popisa opozvanih potvrda Import Uvezi Rename Preimenuj Export Izvoz Clipboard Clipboard File Datoteka Delete Obriši db_key Type Vrsta Size Dužina EC Group EC Grupa Use Namjena Password Zaporka The key is already in the database as: '%1' and is not going to be imported Ključ već postoji u bazi podataka kao: '%1' i zbog toga nije uvezen The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key Baza podataka već sadrži javni dio uvezenog ključa kao '%1 i biti će nadopunjena s novim, privatnim dijelom ključa Extending public key from %1 by imported key '%2' Proširivanje javnog ključa iz %1 uvezenim ključem '%2' Key size too small ! Prekratki ključ! You are sure to create a key of the size: %1 ? Da li stvarno želite izraditi ključ dužine: %1 ? Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable Da li da originalni ključ '%1' treba biti zamijenjen ključem s tokena? To će obrisati ključ '%1' i zabraniti njegov izvoz New Key Novi ključ Import Uvezi Rename Preimenuj Show Details Prikaži Detalje Delete Obriši Export Izvoz Clipboard Clipboard File Datoteka Change password Promjena zaporke Reset password Postavi početnu zaporku Change PIN Promijeni PIN Init PIN with SO PIN (PUK) Pripremi PIN pomoću SO PIN (PUK) Change SO PIN (PUK) Promijeni SO PIN (PUK) Store on Security token Spremi na Pametni token Export public key [%1] Izvezi javni ključ [%1] PEM public PEM javni DER public DER javni SSH2 public SSH2 javni Export keys to Clipboard Izvezi ključeve u Clipboard DER private DER privatni PEM encryped PEM kriptirani PKCS#8 PKCS#8 PEM private PEM privatni PKCS#8 encrypted PKCS#8 kriptirani Export private key [%1] Izvezi privatni ključ [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Privatni ključevi ( *.pem *.der *.pk8 );; SSH javni ključevi ( *.pub ) Tried to change password of a token Pokušaj promjene zaporke tokena Tried to change PIN of a key Pokušaj promjene PIN ključa Tried to init PIN of a key Pokušaj inicijalizacije PIN ključa Tried to change SO PIN of a key Pokušaj inicijalizacije SO PIN ključa db_temp Type Vrsta Bad template: %1 Loš predložak: %1 Nothing Ništa Empty template Prazan predložak Preset Template values Postavljanje vrijednosti Predloška XCA templates ( *.xca );; All files ( * ) XCA predlošci ( *.xca );; Sve datoteke ( * ) copy kopiraj Save template as Spremi predložak kao XCA templates ( *.xca);; All files ( * ) XCA predlošci ( *.xca );; Sve datoteke ( * ) New Template Novi Predložak Import Uvezi Rename Preimenuj Export Izvoz Change Promijeni Delete Brisanje Duplicate Podvostruči Create certificate Izradi potvrdu Create request Izradi zahtjev db_x509 CA CA reflects the basic Constraints extension odražava proširenja osnovna Ograničenja Serial Serijski broj md5 fingerprint md5 sažetak sha1 fingerprint sha1 sažetak sha256 fingerprint sha256 sažetak Start date Početni datum not Before Od Expiry date Datum isteka valjanosti not After Do MD5 fingerprint MD5 sažetak SHA1 fingerprint SHA1 sažetak SHA256 fingerprint SHA256 sažetak Not before Od Not after Do Trust state Stupanj pouzdanosti Revocation Opoziv CRL Expiration Rok trajanja CRL Plain View Običan pregled Tree View Stablast pregled Failed to retrieve unique random serial Nuspješno pronalaženje jedinstvenog slučajnog broja The certificate already exists in the database as: '%1' and so it was not imported Potvrda već postoji u bazi podataka kao: '%1' i zbog toga nije uvezena Signed on %1 by '%2' Potpisano %1 od '%2' Unknown Nepoznato Invalid public key Neispravan javni ključ PKCS#7 unrevoked PKCS#7 neopozvani vCalendar vCalendar CA vCalendar CA vCalendar days No template Nema predloška Please enter the new hexadecimal secret number for the QA process. !!! Bolji rješenje za QA proces? Unesite novi heksadecimalni tajni broj za QA proces. The QA process has been terminated by the user. QA proces je prekinut od strane korisnika. The key you selected for signing is not a private one. Ključ kojeg ste odabrali za potpisivanje nije privatni ključ. Store the certificate to the key on the token '%1 (#%2)' ? Spremiti potvrdu k ključu na token '%1 (#%2)' ? PKCS#7 chain PKCS#7 lanac PKCS#12 chain PKCS#12 lanac PKCS#7 trusted PKCS#7 pouzdan PKCS#7 all PKCS#7 svi PEM unrevoked PEM nepozovani Certificate Index file Datoteka kazalo Potvrda New Certificate Nova Potvrda Import Uvezi Import PKCS#12 Uvezi PKCS#12 Import from PKCS#7 Uvezi PKCS#7 Rename Preimenuj Show Details Prikaži Detalje PEM chain PEM lanac PKCS #7 chain PKCS #7 lanac PKCS #12 chain PKCS #12 lanac PEM + key PEM + ključ PKCS #7 trusted PKCS #7 pouzdan PKCS #7 all PKCS #7 sve PEM trusted PEM pouzdan PEM all PEM sve Extract public Key Izdvoji javni ključ Export Izvoz Clipboard Clipboard File Datoteka Request Zahtjev Security token Pametni token Other token Drugi token Template Predložak OpenSSL config OpenSSL konfiguracija Transform Preobrazi Public Key Javni ključ Similar Certificate Slična potvrda Delete Brisanje Delete from Security token Obriši s pametnog tokena Trust Povjerenje Properties Osobine Generate CRL Izradi CRL PKCS#7 PKCS#7 Sign Potpiši Encrypt Kriptiraj Renewal Obnovi Unrevoke Nemoj opozvat Revoke Opozovi Certificate export Izvoz potvrde X509 Certificates ( *.pem *.cer *.crt *.p12 *.p7b ) X509 potvrde ( *.pem *.cer *.crt *.p12 *.p7b ) There was no key found for the Certificate: '%1' Nije pronađen ključ za Potvrdu: '%1' Not possible for a token key: '%1' Nije moguće za ključ s tokena: '%1' Error opening file: '%1': %2 Greška u otvaranju datoteke: '%1': %2 Not possible for the token-key Certificate '%1' Nije moguće za potvrdu s ključem na tokenu '%1' There was no key found for the Certificate: Nije pronađen ključ za Potvrdu: days ana db_x509name Subject Subjekt Complete distinguished name Potpuno jedinstveno ime (DN) Subject hash Sažetak subjekta Hash to lookup certs in directories Sažmi za pregledavanje potvrda u katalogu Country code Kod države State or Province Država ili Pokrajina Locality Mjesto Organisation Organizacija Organisational unit Organizacijska jedinica Common name Uobičajeno ime E-Mail address E-mail adresa Serial number Serijski broj Given name Ime Surname Prezime Title Titula Initials Inicijali Description Opis Role Uloga Funkcija Pseudonym Pseudonim Generation Qualifier OID: 2.5.4.44 Oznaka Generacije x500 Unique Identifier x500 Jedinstveni Identifikator Name Ime DN Qualifier DN Oznaka Unstructured name Nestrukturirano ime Challenge password Zaporka za izazov Basic Constraints Osnovna Ograničenja subject alternative name alternativno ime subjekta issuer alternative name alternativno ime izdavača Subject key identifier Oznaka ključa Subjekta Authority key identifier Oznaka ključa Autoriteta Key usage Namjena ključa Extended key usage Proširena upotreba ključa CRL distribution points Točka objave popisa opozvanih potvrda Authority information access Dohvat informacija Autoriteta Certificate type Vrsta Potvrde Base URL Osnovni URL Revocation URL URL opoziva CA Revocation URL URL opoziva CA Certificate renewal URL URL za obnovu potvrde CA policy URL URL politike CA SSL server name SSL ime poslužitelja Comment Napomena db_x509req Signed Potpisan whether the request is already signed or not da li je zahtjev već potpisan ili ne Unstructured name Nestrukturirano ime Challenge password Zaporka za izazov Certificate count Number of certificates in the database with the same public key The certificate signing request already exists in the database as '%1' and thus was not stored Zahtjev za izdavanje potvrde već postoji u bazi podataka kao '%1' i zbog toga nije spreman Certificate request ( *.pem *.der *.crl ) Zahtjev za izdavanje potvrde ( *.pem *.der *.crl ) Certificate request export Izvoz zahtjeva za izdavanje potvrde New Request Novi Zahtjev Import Uvezi Extract public Key Izdvoji javni ključ Rename Preimenuj Show Details Prikaži Detalje Sign Potpiši Export Izvoz Clipboard Clipboard File Datoteka Transform Preobrazi Template Predložak OpenSSL config OpenSSL konfiguracija Certificate request ( *.pem *.der *.csr ) Zahtjev za izdavanje potvrde ( *.pem *.der *.csr ) Public Key Javni ključ Similar Request Sličan zahtjev Delete Brisanje db_x509super Key name Ime ključa Internal name of the key Interno ime ključa Signature Algorithm Algoritam potpisa Signature algorithm Algoritam potpisa Extracted from %1 '%2' Izdvojeno iz %1 '%2' Certificate Potvrda Certificate request Zahtjev za potvrdu Save as OpenSSL config Spremi kao OpenSSL konfiguraciju Config files ( *.conf *.cnf);; All files ( * ) Konfiguracijske datoteke ( *.conf *.cnf);; Sve datoteke ( * ) The following extensions were not ported into the template Sljedeća proširenja neće biti uključena u predložak Transformed from %1 '%2' Preobraženo iz %1 '%2' kvView Type Vrsta Content Sadržaj pass_info Password Zaporka PIN PIN pki_base Error opening file: '%1': %2 Greška u otvaranju datoteke: '%1': %2 Error writing to file: '%1': %2 Greška u pisanju u datoteku: '%1': %2 Unknown Nepoznato Imported Uvezeno Generated izrađeno Transformed Preobraženo Token Token Legacy Database Nasljeđena baza podataka Renewed Error: Greška: Internal error: Unexpected message: %1 %2 Interna greška: Neočekivana poruka: %1 %2 pki_crl Successfully imported the revocation list '%1' Uspješno uvezen popis opozvanih potvrda '%1' Delete the revocation list '%1'? Obrisati listu opozvanih potvrda '%1'? Successfully created the revocation list '%1' Uspješno izrađen popis opozvanih potvrda '%1' Delete the %1 revocation lists: %2? Obriši %1 popis opozvanih potvrda '%2'? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. Nije moguće učitati popis opozvanih potvrda %1. Proban je PEM i DER format CRL. No issuer given Nije dan izdavač Wrong Size %1 Pogrešna Dužina %1 unknown nepoznato Renew CRL: %1 Obnovi CRL: %1 The XCA CRL '%1', issued by the CA '%2' on %3 will expire on %4. It is stored in the XCA database '%5' XCA CRL '%1', izdan %3 od CA '%2' ističe %4. Spremljen je u XCA bazi '%5' pki_evp Failed to decrypt the key (bad password) Neuspješno dekriptiran ključ (pogrešna zaporka) Please enter the password to decrypt the private key. Unesite zaporku za dekripciju privatnog ključa. The key from file '%1' is incomplete or inconsistent. Please enter the password to decrypt the private key from file: %1 Unesite zaporku za dekripciju privatnog ključa iz datoteke: %1 Unable to load the private key in file %1. Tried PEM and DER private, public and PKCS#8 key types. Nije moguće učitati privatni ključ u datoteci %1. Probani su PEM i DER privatni, javni i PKCS#8 tip ključeva. Failed to decrypt the key (bad password) %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. Nije moguće učitati privatni ključ u datoteci %1. Probani su PEM i DER privatni, javni, PKCS#8 tip ključeva i SSH2 format. Ignoring unsupported private key Ignoriram nepodržani privatni ključ Please enter the password to decrypt the private key: '%1' Unesite zaporku za dekripciju privatnog ključa: '%1' Password input aborted Prekinut unos zaporke Please enter the database password for decrypting the key '%1' Unesite zaporku baze podataka za dekripciju ključa '%1' Please enter the password to protect the private key: '%1' Unesite zaporku za zaštitu privatnog ključa: '%1' Please enter the database password for encrypting the key Unesite zaporku baze podataka za kripciju ključa Please enter the password protecting the PKCS#8 key '%1' Unesite zaporku za zaštitu PKCS#8 ključa '%1' Please enter the export password for the private key '%1' Unesite zaporku za izvoz privatnog ključa '%1' pki_key Do you really want to export the private key unencrypted to the clipboard ? Da li stvarno želite izvesti u clipboard nekriptirani privatni ključ? Only export the public key Izvezi samo javni ključ Export the private key unencrypted Izvezi nekriptirani privatni ključ Successfully imported the %1 public key '%2' Uspješno uvezen %1 javni ključ '%2' Delete the %1 public key '%2'? Obrisati %1 javni ključ '%2'? Successfully imported the %1 private key '%2' Uspješno uvezen %1 privatni ključ '%2' Delete the %1 private key '%2'? Obrisati %1 privatni ključ '%2'? Successfully created the %1 private key '%2' Uspješno izrađen %1 privatni ključ '%2' Delete the %1 keys: %2? Obrisati %1 ključ '%2'? public key javni ključ Public key Javni ključ Common Opće Private Privatno Bogus Lažno PIN PIN No password Bez zaporke Unexpected SSH2 content: '%1' Invalid SSH2 public key Neispravan SSH2 javni ključ Failed writing to %1 Nije moguće pisati u %1 pki_multi Seek failed Neuspješno traženje No known PEM encoded items found Nije pronađena nijedna poznata PEM stavka pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 Unesite zaporku za dekripciju PKCS#12 datoteke: %1 Unable to load the PKCS#12 (pfx) file %1. Nije moguće učitati PKCS#12 (pfx) datoteku %1. The supplied password was wrong (%1) Unesena zaporka je neispravna (%1) Please enter the password to encrypt the PKCS#12 file Unesite zaporku za kripciju PKCS#12 datoteke No key or no Cert and no pkcs12 Nema ključa ili nema Potvrde i nema PKSCS#12 pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. Nije moguće učitati PKCS#7 datoteku %1. Proban je PEM i DER format. pki_scard Successfully imported the token key '%1' !!! Da li je ključ s tokena ili ključ za token??? Uspješno uvezen ključ za token '%1' Delete the token key '%1'? Obrisati ključ za token '%1'? Successfully created the token key '%1' Uspješno izrađen ključ za token '%1' Delete the %1 keys: %2? Obrisati %1 ključ '%2'? Delete the private key '%1' from the token '%2 (#%3)' ? Obrisati privatni ključ '%1' s tokena '%2 (#%3)' ? This Key is already on the token Ovaj ključ se već nalazi na tokenu Only RSA and EC keys can be stored on tokens Samo RSA i EC ključevi mogu biti spremljeni na tokenu PIN input aborted Prekinut unos PIN-a Unable to find copied key on the token Nije moguće naći kopirani ključ na tokenu Please insert card: %1 %2 [%3] with Serial: %4 Umetnite karticu: %1 %2 [%3] s sa serijskim brojem: %4 Public Key mismatch. Please re-import card Neodgovarajući javni ključ. Molimo ponovo umetnite karticu Illegal Key generation method Nedozvoljeni način generiranja Ključa Unable to find generated key on card Nemoguće je pronaći ključ generiran na kartici Ignoring unsupported token key Ignoriram nepodržani ključ za token Wrong Size %1 Pogrešna Dužina %1 Token %1 Token %1 Failed to find the key on the token Nije moguće naći ključ na tokenu Invalid Pin for the token Pogrešan PIN za token Failed to initialize the key on the token Nije moguće inicijalizirati ključ na tokenu pki_temp Successfully imported the XCA template '%1' Uspješno uvezen XCA predložak '%1' Delete the XCA template '%1'? Obrisati XCA predložak '%1'? Successfully created the XCA template '%1' Uspješno izrađen XCA predložak '%1' Delete the %1 XCA templates: %2? Obrisati %1 XCA predložak '%2'? Wrong Size %1 Kriva Dužina %1 Template file content error (too small) Greška u sadržaju datoteke predloška (prekratka) Template file content error (bad size) Greška u sadržaju datoteke predloška (pogrešna dužina) Template file content error (too small): %1 Greška u sadržaju datoteke predloška (prekratka): %1 Not a PEM encoded XCA Template To nije PEM kodirani XCA Predložak Not an XCA Template, but '%1' To nije XCA Predložak, već '%1' Template file content error (bad size): %1 Greška u sadržaju datoteke predloška (pogrešna dužina): %1 Template file content error (bad length) :%1 Greška u sadržaju datoteke predloška (pogrešna veličina): %1 pki_x509 Successfully imported the certificate '%1' Uspješno uvezena potvrda '%1' Delete the certificate '%1'? Obrisati potvrdu '%1'? Successfully created the certificate '%1' Uspješno izrađena potvrda '%1' Delete the %1 certificates: %2? Obrisati %1 potvrdu: '%2'? Unable to load the certificate in file %1. Tried PEM and DER certificate. Nije moguće učitati potvrdu u datoteci %1. Proban je PEM i DER format. This certificate is already on the security token Ova potvrda se već nalazi na pametnom tokenu Delete the certificate '%1' from the token '%2 (#%3)'? Obrisati potvrdu %1 s tokena '%2 (#%3)'? There is no key for signing ! Nema ključa za potpisivanje ! Wrong Size %1 Pogrešna Dužina %1 Renew certificate: %1 Obnovi potvrdu: %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' XCA potvrda '%1', izdana %2 ističe %3. Spremljena je u XCA bazi '%4' CRL Renewal of CA '%1' due Krajnji rok za obnovu CRL od CA '%1' The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' Zadnji popis opozvanih potvrda izdan od CA '%1' ističe %2. Spremljen je u XCA bazi '%3' Not trusted Nepouzdan Trust inherited Povjerenje naslijeđeno Always Trusted Uvijek vjeruj CRL expires: %1 Popis opozvanih potvrda ističe: %1 No Ne Yes Da pki_x509req Signing key not valid (public key) Neispravan ključ za potpisivanje (javni ključ) Successfully imported the %1 certificate request '%2' Uspješno uvezen %1 zahtjev za izdavanje potvrde '%2' Delete the %1 certificate request '%2'? Obriši %1 zahtjev a izdavanje potvrde '%2'? Successfully created the %1 certificate request '%2' Uspješno izrađen %1 zahtjev za izdavanje potvrde '%2' Delete the %1 certificate requests: %2? Obriši %1 zahtjev za izdavanje potvrde %2? Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. Nije moguće učitati zahtjev za izdavanje potvrde u datoteci %1. Proban je PEM, DER SPKAC format. Signed Potpisan Unhandled Neobrađen Wrong Size %1 Kriva dužina %1 v3ext Copy Common Name Kopiraj uobičajeno ime Add Dodaj Delete Obriši Apply Primijeni Validate Potvrdi Cancel Odustani An email address or 'copy' Email adresa ili 'copy' An email address Email adresa a registered ID: OBJECT IDENTIFIER registriran ID: OBJECT IDENTIFIER a uniform resource indicator jedinstveni identifikator resursa a DNS domain name DNS domensko ime an IP address IP adresa A registered ID: OBJECT IDENTIFIER Registriran ID: OBJECT IDENTIFIER A uniform resource indicator Jedinstveni identifikator resursa A DNS domain name or 'copycn' DNS domensko ime ili 'copycn' A DNS domain name DNS domensko ime An IP address IP adresa Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' Sintaksa: <OID>;TIP:tekst poput '1.2.3.4:UTF8:name' No editing. Only 'copy' allowed here Nema uređivanja. Samo kopiranje je ovdje dozvoljeno Validation failed: '%1' %2 Neuspješna provjera: '%1' %2 Validation successful: '%1' Provjera uspješna: '%1' void There was no key found for the Certificate: Nije pronađen ključ za Potvrdu: Import Certificate signing request Uvezi zahtjev za izdavanje Potvrde (CSR) xca-RELEASE.2.2.1/lang/xca_ru.ts0000644000175000017500000056260713614632167015507 0ustar tewardteward About Done Готово CaProperties Next serial for signing "подписи" благозвучнее, чем "подписания" / better wording Следующий серийный номер для подписи Days until next CRL issuing 'CRL' лучше не переводить, мне кажется Дней до следующего выпуска CRL Default template Шаблон по-умолчанию CA Properties Свойства ЦС Use random Serial numbers Использовать случайные cерийные номера CertDetail Show extensions there was a typo, sorry Показать расширения Show public key This key is not in the database. Not available Недоступен Signer unknown Издатель неизвестен Self signed Самозаверенный Revoked at %1 Not trusted Не доверенный Trusted Доверенный Revoked: Отозванный: Not valid Недействительный Valid Действительный Details of the certificate signing request Сведения о запросе на получение сертификата Details of the Certificate Сведения о сертификате S&tatus С&татус Serial Серийный номер The serial number of the certificate Серийный номер сертификата The internal name of the certificate in the database Внутреннее имя сертификата Internal name Внутреннее имя Signature algorithm Алгоритм подписи Signature Подпись Key Ключ Fingerprints Отпечатки SHA1 SHA1 MD5 MD5 A SHA-1 hashsum of the certificate SHA-1 отпечаток сертификата An md5 hashsum of the certificate MD5 отпечаток сертификата Status Состояние SHA256 SHA256 A SHA-256 hashsum of the certificate SHA-256 отпечаток сертификата Validity Период действия The time since the certificate is valid Сертификат действителен с The time until the certificate is valid Сертификат действителен по Subject Субъект Issuer Издатель Extensions Расширения Comment Комментарий &Subject &Субъект &Issuer &Издатель Attributes Атрибуты &Extensions &Расширения Show config Показать конфигурацию CertExtend This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. Это позволит создать копию сертификата с новым серийным номером и скорректированным значением срока действия. Validity единообразия для Период действия Not before Сертификат действителен с Not after Сертификат действителен по Time range Выбор периода Days Дней Months Месяцев Years Лет Midnight Начинать с полуночи Apply Применить Revoke old certificate Отозвать старый сертификат Keep serial number Certificate renewal Продление сертификата Local time По местному времени No well-defined expiration Конечный срок не определён The certificate will be earlier valid than the signer. This is probably not what you want. Срок действия сертификата начинается раньше срока действия издателя. Скорее всего, здесь ошибка. Edit dates Изменить период Abort rollout Прервать Continue rollout Продолжить всё равно Adjust date and continue Скорректировать дату и продолжить The certificate will be longer valid than the signer. This is probably not what you want. Срок действия сертификата больше срока действия издателя. Скорее всего, здесь ошибка. CertTreeView Import PKCS#12 Ипорт PKCS#12 Import from PKCS#7 Импорт из PKCS#7 Request Запрос Security token Модуль защиты Other token Другой модуль защиты Similar Certificate Похожий сертификат Delete from Security token Удалить из модуля защиты CA ЦС Properties Свойства Generate CRL Сгенерировать CRL Manage revocations Управление отзывами Trust Доверять Renewal Продлить Revoke Отозвать Unrevoke Вернуть ClickLabel Double click for details Щёлкните дважды, чтобы просмотреть сведения CrlDetail Name Внутреннее имя Failed Ошибка Unknown signer Неизвестный издатель Verification not possible Проверка не возможна Details of the Revocation list Сведения о CRL &Status &Состояние Version Версия Signature Подпись Signed by Подписан The internal name of the CRL in the database 'CRL' лучше не переводить, мне кажется Внутреннее имя CRL issuing dates Даты публикации Next update Следующее обновление Last update Последнее обновление &Issuer &Издатель &Extensions &Расширения &Revocation list &Список отзыва Comment Комментарий ExportDialog Name Внутреннее имя The internal name of the CRL in the database Внутреннее имя CRL ... ... Filename Имя файла Export comment into PEM file Export Format Формат для экспорта All files ( * ) Все файлы ( * ) PEM Text format with headers Текстовый PEM формат с заголовками Concatenated list of all selected items in one PEM text file Все выбранные элементы в одном PEM файле Concatenated text format of the complete certificate chain in one PEM file Вся цепочка сертификации в одном PEM файле Concatenated text format of all trusted certificates in one PEM file Сцепленные вместе все доверенные сертификаты в одном PEM файле Concatenated text format of all certificates in one PEM file Все сертификаты в одном PEM файле Binary DER encoded file Двоичный DER формат PKCS#7 encoded single certificate Отдельный сертификат в формате PKCS#7 PKCS#7 encoded complete certificate chain Вся цепочка сертификации в формате PKCS#7 All trusted certificates encoded in one PKCS#7 file Все доверенные сертификаты в одном PKCS#7 файле Concatenated text format of all unrevoked certificates in one PEM file Все неотозванные сертификаты в одном PEM файле All unrevoked certificates encoded in one PKCS#7 file Все неотозванные сертификаты в одном PKCS#7 файле All selected certificates encoded in one PKCS#7 file Все выбранные сертификаты в одном PKCS#7 файле All certificates encoded in one PKCS#7 file Все сертификаты в одном PKCS#7 файле The certificate and the private key as encrypted PKCS#12 file Сертификат и закрытый ключ в зашифрованном PKCS#12 файле The complete certificate chain and the private key as encrypted PKCS#12 file Вся цепочка сертификатов и закртый ключ в зашифрованном PKCS#12 файле Concatenation of the certificate and the unencrypted private key in one PEM file Сертификат и нешифрованный закрытый ключ в одном PEM файле Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Сертификат и зашифрованный закрытый ключ в одном PKCS#8 файле Text format of the public key in one PEM file Открытый ключ в текстовом формате PEM Binary DER format of the public key Открытый ключ в двоичном формате DER Unencrypted private key in text format Закрытый ключ в тектовом формате без пароля OpenSSL specific encrypted private key in text format Закрытый ключ в тектовом формате OpenSSL без пароля Unencrypted private key in binary DER format Закрытый ключ в двоичном формате DER без пароля Unencrypted private key in PKCS#8 text format Закрытый ключ в текстовом формате PKCS#8 без пароля Encrypted private key in PKCS#8 text format Закрытый ключ в текстовом формате PKCS#8 с паролем The public key encoded in SSH2 format Открытый ключ в формате SSH2 OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool Список сертификатов в тектовом формате OpenSSL, который создаётся командой 'ca', необходимый для OCSP vCalendar expiry reminder for the selected items vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL The file: '%1' already exists! Файл '%1' уже существует! Overwrite Перезаписать Do not overwrite Не перезаписывать Help << << >> >> &Done &Готово ImportMulti Details Показать сведения Import &All Импортировать &всё &Import &Импортировать &Done &Готово Details of the item '%1' cannot be shown Невозможно отобразить сведения о '%1' The type of the item '%1' is not recognized Тип элемента '%1' невозможно определить The file '%1' did not contain PKI data В файле '%1' данных PKI не обнаружено The %1 files: '%2' did not contain PKI data %1 файла(ов) не содержали данных PKI: '%2' Import PKI Items Импортировать элементы PKI &Remove from list &Удалить из списка Delete from token Удалить из модуля защиты Rename on token Переименовать в модуле защиты Name: %1 Model: %2 Serial: %3 Название: %1 Модель: %2 Серийный номер: %3 Manage security token Управление модулями защиты ItemProperties Name Внутреннее имя Source Источник Insertion date Дата добавления Comment Комментарий KeyDetail Available Известна Not available Неизвестна Name Внутреннее имя The internal name of the key used by xca Внутреннее имя ключа Keysize Длина ключа Private Exponent Закрытая экспонента Security Token Модуль защиты Label Название PKCS#11 ID Идентификатор PKCS#11 Token information Сведения о модуле защиты Model Модель Fingerprint Comment Комментарий Public Exponent Открытая экспонента Modulus Модуль Sub prime Полупростое Public key Открытый ключ Private key Закрытый ключ Security token Модуль защиты Manufacturer Изготовитель Serial Серийный номер Key Ключ Token Модуль защиты Curve name Эллиптическая кривая Details of the %1 key Сведения о ключе %1 Security token ID:%1 ID модуля защиты:%1 Unknown key Неизвестный ключ KeyTreeView Change password Изменить пароль Reset password Сбросить пароль Change PIN Изменить PIN Init PIN with SO PIN (PUK) Инициализировать PIN при помощи SO PIN (PUK) Change SO PIN (PUK) Изменить SO PIN (PUK) Security token Модуль защиты This is not a token Это не модуль защиты Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable Заменить ли исходный ключ '%1' на ключ в модуле защиты? Ключ '%1' будет безвозвратно удалён MainWindow Password Пароль Password verify error, please try again Неверный пароль, попробуйте еще раз &Close DataBase &Закрыть базу данных &Content &Справка &File &Файл Recent DataBases Недавно открытые базы данных System Язык системы Croatian Хорватский English Английский French Французский German Немецкий Russian Русский Slovak Словацкий Spanish Испанский Polish Italian Chinese Dutch Portuguese in Brazil Turkish Турецкий Language Язык Open Remote DataBase Открыть сетевую базу данных Paste PEM file Вставить файл PEM Token Модуль защиты Extra Дополнительно &Export Certificate Index Экспортировать &список сертификатов &Export Certificate Index hierarchy Экспортировать &иерархию сертификатов OID Resolver Поиск OID &Help &Помощь New Password Новый Пароль The following error occurred: Произошла ошибка: Copy to Clipboard Копировать в буфер обмена Private Keys Закрытые ключи &New Key &Новый ключ &Export &Экспорт &Import &Импорт Import PFX (PKCS#12) Импорт PFX (PKCS#12) &Show Details &Показать сведения &Delete &Удалить Certificate signing requests Запросы на получение сертификата &New Request &Новый запрос Certificates Сертификаты &New Certificate &Новый сертификат Import &PKCS#12 Импорт &PKCS#12 Import P&KCS#7 Импорт P&KCS#7 Plain View В виде списка Templates Шаблоны &New Template &Новый шаблон Ch&ange Template Из&менить шаблон Revocation lists Списки отзыва сертификатов &New CRL &Новый CRL Database База данных The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. Выбранная в данный момент хэш-функция '%1' не надёжна. Пожалуйста, выберите хотя бы 'SHA 224' из соображений безопасности. Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Открываемая база данных сохранена в старом формате. Создаём запасную копию в файле '%1' и преобразуем базу данных в новый формат Failed to rename the database file, because the target already exists Не удалось переименовать файл базы данных, потому что файл с таким именем уже существует No deleted items found Нет удаленных записей Errors detected and repaired while deleting outdated items from the database. A backup file was created Во время удаления устаревших данных из базы данных были обнаружены и исправлены ошибки. Создана запасная копия базы данных Removing deleted or outdated items from the database failed. Во время удаления устаревших данных из базы данных произошла ошибка. &Dump DataBase &Сделать дамп базы данных &Import old db_dump &Импорт дампа базы данных &Undelete items &Восстановить удаленные элементы Options Настройки New DataBase Open DataBase Close DataBase Keys Ключи Requests Запросы PKCS#12 PKCS#12 PKCS#7 PKCS#7 Template Шаблоны Revocation list Список отзыва сертификатов PEM file PEM файл Database dump ( *.dump );; All files ( * ) Дамп базы данных ( *.dump );; Все файлы ( * ) Import password Пароль при импорте Please enter the password of the old database Пожалуйста, введите пароль от старой базы данных Password verification error. Ignore keys ? Неверный пароль. Игнорировать ключи? Import anyway Импортировать всё равно I&mport И&мпорт Export Certificate &Index hierarchy Content Содержание About О программе Search Поиск Import PEM data Импортировать PEM данные Please enter the new SO PIN (PUK) for the token '%1' Пожалуйста, введите новый PIN SO (PUK) для модуля защиты '%1' The new label of the token '%1' Новое название модуля защиты '%1' Please enter the new password to encrypt your private keys in the database-file Пожалуйста, введите новый пароль для шифрования закрытых ключей в базе данных Please enter a password, that will be used to encrypt your private keys in the database file: %1 Пожалуйста, введите пароль для шифрования закрытых ключей в базе данных: %1 Please enter the password for unlocking the database: %1 Пожалуйста, введите пароль для разблокировки базы данных %1 Certificate Index ( index.txt ) Список сертификатов ( index.txt ) All files ( * ) Все файлы ( * ) Diffie-Hellman parameters saved as: %1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits Параметры Диффи-Хэллмана нужны для других приложений, и не используются в XCA. Пожалуйста, введите желаемую длину параметров &New DataBase &Новая база данных &Open DataBase &Открыть базу данных &Init Security token &Инициализировать модуль защиты C&hange DataBase password Из&менить пароль базы данных Exit Выход no such option: %1 нет таких параметров: %1 Using or exporting private keys will not be possible without providing the correct password Использование или экспорт закрытых ключей будет невозможен без ввода правильного пароля Please enter the original SO PIN (PUK) of the token '%1' Пожалуйста, введите первоначальный PIN SO (PUK) для модуля защиты '%1' The token '%1' did not contain any keys or certificates Модуль защиты '%1' не содержит ни ключей, ни сертификатов Current Password Действующий пароль Please enter the current database password Пожалуйста, введите действующий пароль от базы данных The entered password is wrong Введённый пароль неверен Transaction start failed Не удалось начать транзакцию Please enter a password, that will be used to encrypt your private keys in the database: %1 Пожалуйста, введите пароль, который будет использован для зашифровки закрытых ключей в базе данных: %1 Error opening file: '%1': %2 Ошибка при открытии файла: '%1': %2 Generate DH parameter Сгенерировать параметры Диффи-Хэллмана Set as default DataBase Установить как базу данных по умолчанию &Token as translated in firefox for example &Модуль защиты &Manage Security token &Управление модулями защиты &Change PIN &Изменить PIN Change &SO PIN Изменить &SO PIN Init PIN Инициализировать PIN NewCrl Create CRL Новый CRL Days Дней Months Месяцев Years Лет Midnight Начинать с полуночи Local time По местному времени Apply Применить CRL number Порядковый номер CRL Hash algorithm Алгоритм подписи Authority key identifier Идентификатор ключа ЦС Subject alternative name Альтернативное имя субъекта Options Параметры Last update Последнее обновление Next update Следующее обновление Revocation reasons Указывать причину отзыва NewKey Please give a name to the new key and select the desired keysize Пожалуйста, введите название нового ключа и задайте длину ключа Key properties Параметры ключа Name Внутреннее имя Curve name Эллиптическая кривая Keysize Длина ключа Remember as default Использовать заданные здесь параметры по умолчанию The internal name of the new key Внутреннее имя нового ключа New Key Новый ключ Usually at least 2048 bit keys are recommended Обычно рекомендуется генерировать как минимум 2048-битные ключи Keytype Тип ключа Create Создать NewX509 Source Первоисточник Signing request Запрос на подпись Show request Показать запрос Sign this Certificate signing &request Подписать этот &запрос на подпись Copy extensions from the request Копировать расширения из запроса Signing Подписание Create a &self signed certificate with the serial Создать &самоподписанный сертификат с серийным номером If you leave this blank the serial 00 will be used Если оставить это поле пустым, будет использован серийный номер 00 1 1 All certificates in your database that can create valid signatures Все сертификаты в базе данных, которыми можно создать действительные подписи Signature algorithm Алгоритм подписи Template for the new certificate Шаблон для нового сертификата All available templates Все доступные шаблоны Internal Name Apply Применить Subject Субъект Create a &self signed certificate Создать &самозаверенный сертификат Use &this Certificate for signing вероятно, имеется в виду ЦС &Использовать этот сертификат для подписи Distinguished name Уникальное имя This name is only used internally and does not appear in the resulting certificate Это имя используется XCA и не оказывается в итоговом сертификате Internal name Внутреннее имя Add Добавить Delete Удалить Private key Закрытый ключ This list only contains unused keys Этот список содержит только неиспользованные ключи Used keys too Добавить в список использованные ключи &Generate a new key &Сгенерировать новый ключ Extensions Расширения Type Тип If this will become a CA certificate or not Это будет сертификат для ЦС или для конечного субъекта Not defined Не определен Certification Authority Центр Сертификации End Entity Конечный субъект Path length Длина цепочки How much CAs may be below this. Сколько ЦС может быть в цепочке. The basic constraints should always be critical Основные ограничения всегда должны быть отмечены критичными Key identifier Идентификотор ключа Creates a hash of the key following the PKIX guidelines Создаёт хэш ключа в соответствии с инструкциями PKIX Copy the Subject Key Identifier from the issuer Копировать идентификатор ключа субъекта у издателя Validity Период действия Not before Сертификат действителен с Not after Сертификат действителен по Time range Выбор периода Days Дней Months Месяцев Years Лет Set the time to 00:00:00 and 23:59:59 respectively Начало и конец - в полночь Midnight Начинать с полуночи Local time По местному времени URI: URI: Comment Комментарий can be altered by the file "aia.txt" может быть изменен в файле "aia.txt" Edit Редактировать DNS: IP: URI: email: RID: DNS: IP: URI: email: RID: Key usage Область применения ключа Netscape Netscape Create a &self signed certificate with a MD5-hashed QA serial Создать &самоподписанный сертификат с серийным номером хэшированным MD5 Create Certificate signing request Создать запрос на сертификат Create x509 Certificate Создать сертификат x509 Abort rollout Прервать The following length restrictions of RFC3280 are violated: Требования RFC3280 по длине нарушены: The internal name and the common name are empty. Please set at least the internal name. Поля "Внутреннее имя" и "Общее имя"пусты. Пожалуйста, укажите хотябы внутреннее имя. There is no Key selected for signing. Не выбран ключ для подписи. Continue rollout Продолжить The certificate will be out of date before it becomes valid. You most probably mixed up both dates. Срок действия сертификата истечёт до того, как он станет действительным. Скорее всего, даты перепутаны. Modify subject of the request Изменить субъекта в запросе Advanced Дополнительно Validate Проверить The verification of the Certificate request failed. The rollout should be aborted. Проверка запроса на подпись завершилась ошибкой. Необходимо отменить операцию. Continue anyway Продолжать всё равно No well-defined expiration Конечный срок не определён Edit name Изменить имя Select key Выберите ключ The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. Следующие уникальные имена пусты: %1 хотя они были объявлены обязательными в параметрах. Edit subject Изменить субъекта Edit dates Изменить даты The key you selected for signing is not a private one. Выбранный для подписи ключ не закрытый. Critical Критично Create XCA template Создать шаблон XCA Edit XCA template Редактировать шаблон XCA Template '%1' applied Применён шаблон %1 Subject applied from template '%1' Субъект подставлен из шаблона '%1' Extensions applied from template '%1' Расширения подставлены из шаблона '%1' New key '%1' created Создан новый ключ '%1' Select other signer Выберите другого издателя Select other key Выберите другой ключ The certificate will be earlier valid than the signer. This is probably not what you want. Срок действия сертификата начинается раньше срока действия издателя. Скорее всего, здесь ошибка. Adjust date and continue Скорректировать дату и продолжить The certificate will be longer valid than the signer. This is probably not what you want. Срок действия сертификата больше срока действия издателя. Скорее всего, здесь ошибка. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. Сертификат содержит недействительные либо дублированные расширения. Необходимо выполнить проверку во вкладке "Дополнительно". The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. У сертификата отсутствуют расширения. Вы можете подставить расширения из одного из шаблонов, чтобы определить назначение сертификата. Edit extensions Редактировать расширения The subject alternative name shall contain a copy of the common name. However, the common name is empty. Apply extensions Применить расширения Apply subject Применить субъекта Apply all Применить всё minimum size: %1 минимальный размер: %1 maximum size: %1 максимальный размер: %1 only a-z A-Z 0-9 '()+,-./:=? только a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters только 7-битные символы From PKCS#10 request Из запроса PKCS#10 Other Tabs Другие вкладки Advanced Tab Вкладка "Дополнительно" Errors Ошибки Configfile error on line %1 Ошибкав кофигурационном файле в строке %1 OidResolver OID Resolver Поиск OID Enter the OID, the Nid, or one of the textual representations Введите OID, Nid, или одно из текстовых представлений Search Поиск OID OID Long name Полное название OpenSSL internal ID Внутренний ID OpenSSL Nid Nid Short name Краткое название OpenDb Dialog Поиск Open remote database Открыть сетевую базу данных Database type Тип базы данных Hostname Имя хоста Username Имя пользователя Password Пароль Database name Название базы данных Table prefix Префикс для таблиц No SqLite3 driver available. Please install the qt-sqlite package of your distribution Драйвер SqLite3 недоступен. Пожалуйста, установите пакет qt-sqlite вашего дистрибутива Please enter the password to access the database server %2 as user '%1'. Пожалуйста, введите пароль для доступа к серверу баз данных %2 от имени пользователя '%1'. The database driver does not support transactions. This may happen if the client and server have different versions. Continue with care. Драйвер сервера баз данных не поддерживает транзакции. Это может произойти, если сервер и клиент разных версий. Продолжайте с осторожностью. Options Mandatory subject entries Обязательные поля Add Добавить Delete Удалить Default hash algorithm Алгоритм подписи по-умолчанию Settings Настройки String types Типы строк Suppress success messages Не выводить сообщения об успешном выполнении Don't colorize expired certificates Не выделять цветом просроченные сертификаты Translate established x509 terms (%1 -> %2) Преобразовывать устоявшиеся поля x509 (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. Хэш-функции из модуля защиты не используются XCA. Однако можно ограничить используемые хэш-функции согласно модулю защиты. В-особенности с EC и DSA, которые в спецификации PKCS#11 определены с SHA1. Only use hashes supported by the token when signing with a token key При использовании модуля защиты применять только те хэш-функции, которые доступны в модуле Disable legacy Netscape extensions Отключить устаревшие расширения Netscape Certificate expiry warning threshold Send vCalendar expiry reminder Serial number length bit Distinguished name Уникальное имя Explicit subject entries Явно заданные поля Dynamically arrange explicit subject entries Default По-умолчанию PKCS#11 provider Провайдер PKCS#11 Remove Удалить Search Поиск UTF8 strings only (RFC2459) Только строки UTF8 (RFC2459) Printable string or UTF8 (default) Печатаемые строки или UTF8 (по-умолчанию) PKIX recommendation in RFC2459 Рекоммендации PKIX из RFC2459 No BMP strings, only printable and T61 Без строк из BMP, только печатаемые и T61 All strings Все строки Days Дней Weeks Load failed Ошибка при загрузке XCA Options Параметры XCA PwDialog Repeat %1 Повторите %1 %1 mismatch %1 не соответствуют Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters Шестнадцатеричный пароль должен содержать символы '0 '- '9' и 'a' - 'f' и должен состоять из четного числа символов E&xit &Выход The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) Пароль обрабатывается как 2-символьный шестнадцатеричный код, должен содержать символы '0 '- '9' и 'a' - 'f' и состоять из четного числа символов Take as HEX string Считать шестнадцатеричной строкой QObject Import RSA key Импортировать RSA ключ PKCS#10 CSR ( *.pem *.der *.csr );; Запрос на сертификат PKCS#10 ( *.pem *.der *.csr );; Import Request Импортировать запрос Import X.509 Certificate Импортировать X.509 сертификат Import PKCS#7 Certificates Импортировать сертификат PKCS#7 Import PKCS#12 Private Certificate Импортировать закрытый сертификат PKCS#12 Import XCA Templates Импортировать шаблоны XCA Import Certificate Revocation List Импортировать CRL Open XCA Database Открыть базу данных XCA PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; SSH Public Keys ( *.pub );; Ключи PKI ( *.pem *.der *.key );; Ключи PKCS#8 ( *.p8 *.pk8 );; Открытые ключи SSH ( *.pub );; PKCS#10 CSR ( *.pem *.der *.csr );; Netscape Request ( *.spkac *.spc );; PKCS#10 CSR ( *.pem *.der *.csr );; Запрос Netscape ( *.spkac *.spc );; Certificates ( *.pem *.der *.crt *.cer );; Сертификаты ( *.pem *.der *.crt *.cer );; PKCS#7 data ( *.p7s *.p7m *.p7b );; Данные PKCS#7 ( *.p7s *.p7m *.p7b );; PKCS#12 Certificates ( *.p12 *.pfx );; Сертификаты PKCS#12 ( *.p12 *.pfx );; XCA templates ( *.xca );; Шаблоны XCA ( *.xca );; Revocation lists ( *.pem *.der *.crl );; Списки отзыва ( *.pem *.der *.crl );; XCA Databases ( *.xdb );; Базы данных XCA ( *.xdb );; PKCS#11 library ( *.dylib *.so );; Библиотека PKCS#11 ( *.dylib *.so );; PEM files ( *.pem );; Файлы PEM ( *.pem );; Load PEM encoded file Открыть файл PEM Invalid Неверный %1 is shorter than %2 bytes: '%3' %1 короче, чем %2 байт: '%3' %1 is longer than %2 bytes: '%3' %1 длиннее, чем %2 байт: '%3' All files ( * ) Все файлы ( * ) Undefined Неопределённый Broken / Invalid Испорчен / Недействителен in %1 seconds %1 seconds ago in %1 minutes %1 minutes ago Yesterday Tomorrow in %1 hours %1 hours ago DB: Rename: '%1' already in use DB: Rename: '%1' уже используется DB: Entry to rename not found: %1 DB: Не найдено значение для переименования: %1 PKCS#11 library ( *.dll );; Библиотека PKCS#11 ( *.dll );; PKCS#11 library ( *.so );; Библиотека PKCS#11 ( *.so );; Open PKCS#11 shared library Открыть библиотеку PKCS#11 DB: Write error %1 - %2 DB: Ошибка записи %1 - %2 Please enter the PIN on the PinPad Пожалуйста, введите PIN-код Please enter the SO PIN (PUK) of the token %1 Пожалуйста, введите SO PIN (PUK) модуля защиты %1 Please enter the PIN of the token %1 Пожалуйста, введите PIN-код модуля защиты %1 No Security token found Не найдено модулей защиты Out of Memory at %1:%2 Недостаточно памяти %1:%2 Out of data Нет данных Error finding endmarker of string Не найден символ конца строки Select Выберите Please enter the new SO PIN (PUK) for the token: '%1' Пожалуйста, введите новый PIN SO (PUK) для модуля защиты '%1' Please enter the new PIN for the token: '%1' Пожалуйста, введите новый PIN SO (PUK) для модуля защиты '%1' Required PIN size: %1 - %2 Требуемая длина PIN-кода: %1 - %2 Failed to open PKCS11 library: %1 Невозможно открыть библиотеку PKCS#11: %1 Failed to open PKCS11 library: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Disabled Library loading failed PKCS#11 function '%1' failed: %2 PKCS#11 функция '%1' завершилась ошибкой: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 PKCS#11 функция '%1' завершилась ошибкой: %2 в библиотеке %3 %4 Country code Код страны State or Province Республика, край, область Locality Город, поселок, село Organisation Организация Organisational unit Департамент, отдел Common name Общее имя E-Mail address Адрес электронной почты Serial number Серийный номер Given name Имя Surname Фамилия Title Звание Initials Инициалы Description Описание Role Должность Pseudonym Псевдоним Generation Qualifier трудно подобрать Именная приставка x500 Unique Identifier Уникальный идентификатор x500 Name Имя DN Qualifier трудно подобрать Информация для устранения неоднозначности Unstructured name трудно подобрать Произвольное имя Challenge password Пароль Basic Constraints Основные ограничения Subject alternative name Альтернативное название субъекта issuer alternative name Альтернативное название издателя Subject key identifier Идентификатор ключа субъекта Authority key identifier Идентификатор ключа ЦС Key usage Область применения ключа Extended key usage Расширенная область применения ключа CRL distribution points Адреса CRL Authority information access Доступ к информации о ЦС Certificate type Тип сертификата Base URL Основной URL Revocation URL URL отзывов CA Revocation URL URL отзывов ЦС Certificate renewal URL URL обновления сертификата CA policy URL URL на политики ЦС SSL server name Имя SSL сервера Comment Комментарий String '%1' for '%2' contains invalid characters Строка '%1' содержит неподходящие символы для '%2' Error reading config file %1 at line %2 Ошибка чтения файла настроек %1 в строке %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. Элемент '%1' из файла %2 на строке %3 уже известен как '%4:%5:%6' и должен быть удалён. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. Идентификатор '%1' OID %2 из файла %3 на строке %4 уже использован для другого OID '%5:%6:%7' и должен быть изменён во избежание конфликтов. Unknown object '%1' in file %2 line %3 Низвестный объект '%1' в файле %2 на строке %3 Failed to start a database transaction Не удалось начать транзакцию ReqTreeView Sign Подписать Unmark signed Mark signed Similar Request Похожий запрос RevocationList Manage revocations Управление отзывами Add Добавить Delete Удалить Edit Редактировать No. №. Serial Серийный номер Revocation Аннулирован Reason Причина Invalidation Недействительность Generate CRL Сгенерировать CRL Revoke Revocation details Сведения об отзыве Invalid since Недействителен с Local time По местному времени Certificate revocation Отзыв сертификата Revocation reason Причина отзыва Serial Серийный номер SearchPkcs11 Dialog Поиск Directory Папка ... ... Include subdirectories Включая подпапки Search Поиск The following files are possible PKCS#11 libraries Ниже приведён список файлов, которые могут быть библиотеками провайдеров PKCS#11 SelectToken Select Token Выберите Токен Security token Модуль защиты Please select the security token Пожалуйста, выберите модуль защиты TempTreeView Duplicate Дублировать Create certificate Создать сертификат Create request Создать запрос copy копировать TrustState Certificate trust Доверие к сертификату Trustment Доверие &Never trust this certificate &Никогда не доверять этому сертификату Only &trust this certificate, if we trust the signer Доверять этому сертификату &только, если есть доверие к подписавшему &Always trust this certificate &Всегда доверять этому сертификату Validity yyyy-MM-dd hh:mm гггг-ММ-дд чч:мм X509SuperTreeView OpenSSL config Конфигурация OpenSSL Transform Преобразовать Template Шаблон Public key Открытый ключ XcaTreeView Subject entries Поля субъекта X509v3 Extensions Расширения X509v3 Netscape extensions Расширения Netscape Reset Сбросить Remove Column Убрать колонку Hide Column Спрятать колонку Details Сведения Columns Колонки New Новый Import Импорт Paste PEM data Вставить данные PEM Rename Переименовать Properties Свойства Delete Удалить Export Экспорт Clipboard Буфер обмена File Файл db_base Internal name Внутреннее имя Bad database item Name: %1 Type: %2 Size: %3 %4 Плохой элемент базы данных Имя: %1 Тип: %2 Размер: %3 %4 Do you want to delete the item from the database? The bad item may be extracted into a separate file. Удалить элемент из базы данных? Плохой элемент можно извлечь в отдельный файл. Delete Удалить Delete and extract Удалить и извлечь Continue Продолжить Error opening file: '%1': %2 Ошибка при открытии файла: '%1': %2 No. №. Primary key Первичный ключ Database unique number Уникальный номер в базе данных Date Дата Date of creation or insertion Дата создания или добавления Source Источник Generated, Imported, Transformed Сгенерировано, Импортировано, Преобразовано Comment Комментарий First line of the comment field Первая строчка поля комментария Could not create directory %1 Item properties Свойства элемента How to export the %1 selected items Как экспортировать %1 выбранных элементов All in one PEM file Все в один PEM файл Each item in one file Каждый в свой файл Save %1 items in one file as Сохранить %1 элементов в одном файле как PEM files ( *.pem );; All files ( * ) Файлы PEM ( *.pem );; Все файлы ( * ) db_crl Signer Подписавший Internal name of the signer Внутреннее имя подписавего No. revoked Кол. отозванных Number of revoked certificates Количество отозванных сертификатов Last update Последнее обновление Next update Следующее обновление CRL number Кол. отозванных CRL ( *.pem *.der *.crl ) Списки отзыва ( *.pem *.der *.crl );; There are no CA certificates for CRL generation Нет ЦС для генерирования CRL Select CA certificate Выберите сертификат ЦС Create CRL Создать CRL Failed to initiate DB transaction Не удалось начать транзакцию в БД Database error: %1 Database error: Ошибка БД: Revocation list export Экспорт списка отзывов The revocation list already exists in the database as: '%1' and so it was not imported Список отзывов уже существует в базе данных: '%1' и поэтому не был импортирован db_key Key size too small ! Слишком маленькая длина ключа! Type Тип Size Длина EC Group Группа EC Use Использован Password Пароль Extending public key from %1 by imported key '%2' Дополняем открытый ключ %1 импортированным ключом '%2' Clipboard Буфер обмена Export public key [%1] Экспортировать открытый ключ [%1] PEM public Открытый ключ PEM DER public Открытый ключ DER SSH2 public Открытый ключ SSH2 DER private Закрытый ключ DER PEM encryped Зашифрованный PEM PEM private Закрытый ключ PEM Export keys to Clipboard Экспортировать ключи в буфер обмена PKCS#8 encrypted Зашифрованный PKCS#8 Export private key [%1] Экспортировать закрытый ключ [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Закрытые ключи ( *.pem *.der *.pk8 );; Открытые ключи SSH ( *.pub ) Tried to change password of a token Попытка изменить пароль модуля защиты The key is already in the database as: '%1' and is not going to be imported Ключ уже существует в базе данных: '%1' и поэтому не был импортирован The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key Открытый ключ уже существует в базе данных: '%1' и будет дополнен закрытой частью ключа You are sure to create a key of the size: %1 ? Вы уверены, что хотите создать ключ длиной %1 ? db_temp Type Тип Nothing Ничего Empty template Пустой шаблон Preset Template values Взять значения из шаблона Save template as Сохранить шаблон как XCA templates ( *.xca );; All files ( * ) XCA шаблоны ( *.xca );; Все файлы ( * ) Bad template: %1 Неправильный шаблон: %1 db_x509 Serial Серийный номер Trust state Состояние доверия Revocation Аннулирован Expiry date Действителен до reflects the basic Constraints extension отражает расширение основных настроек Start date Действителен с CRL Expiration CRL действителен до Plain View В виде списка Tree View В виде дерева Failed to retrieve unique random serial Signed on %1 by '%2' Подписан %1 '%2' Unknown Неизвестный Invalid public key Недействительный открытый ключ PKCS#7 unrevoked Неотозванные PKCS#7 vCalendar CA vCalendar days No template Нет шаблона Please enter the new hexadecimal secret number for the QA process. Пожалуйста, введите новое секретное шестнадцатеричное число для QA. The QA process has been terminated by the user. Процесс QA был прерван пользователем. The key you selected for signing is not a private one. Выбранный для подписи ключ не закрытый. CA ЦС MD5 fingerprint Отпечаток MD5 SHA1 fingerprint Отпечаток SHA1 SHA256 fingerprint Отпечаток SHA256 PKCS#7 chain Цепочка PKCS#7 PKCS#12 chain Цепочка PKCS#12 PKCS#7 trusted Доверенный PKCS#7 PKCS#7 all Всё PKCS#7 PEM unrevoked Неотозванные PEM Certificate Index file Файл списка сертификатов Certificate export Экспортировать сертификат X509 Certificates ( *.pem *.cer *.crt *.p12 *.p7b ) Сертификаты X509 ( *.pem *.cer *.crt *.p12 *.p7b ) Not possible for a token key: '%1' Невозможно для модуля защиты: '%1' Error opening file: '%1': %2 Ошибка при открытии файла: '%1': %2 days дней The certificate already exists in the database as: '%1' and so it was not imported Сертификат уже существует в базе данных: '%1' и поэтому не был импортирован Not before Сертификат действителен с Not after Сертификат действителен по PEM chain Цепочка PEM PEM + key PEM + ключ PEM trusted Доверенный PEM PEM all Всё PEM There was no key found for the Certificate: '%1' Для сертификата '%1' не был найден ключ Not possible for the token-key Certificate '%1' Невозможно для сертификата модуля защиты: '%1' Store the certificate to the key on the token '%1 (#%2)' ? Сохранить сертификат ключа в модуле защиты '%1 (#%2)'? db_x509name Subject Субъект Complete distinguished name Полное уникальное имя Subject hash Хэш субъекта Hash to lookup certs in directories Хэш для поиска сертификатов в директориях db_x509req Challenge password Пароль Certificate request export Экспорт запроса на сертификат Certificate request ( *.pem *.der *.csr ) Запрос на сертификат ( *.pem *.der *.csr ) Signed Подписанный whether the request is already signed or not запрос подписан или нет Unstructured name Произвольное имя Certificate count Number of certificates in the database with the same public key The certificate signing request already exists in the database as '%1' and thus was not stored Запрос на подпись уже существует в базе данных: '%1' и поэтому не был импортирован db_x509super Key name Имя ключа Internal name of the key Внутреннее имя ключа Signature algorithm Алгоритм подписи Extracted from %1 '%2' Извлечено из %1 '%2 Certificate Сертификат Certificate request Запрос на сертификат Save as OpenSSL config Сохранить конфигурацию OpenSSL Config files ( *.conf *.cnf);; All files ( * ) Файлы настроек ( *.conf *.cnf );; Все файлы ( * ) The following extensions were not ported into the template Следующие расширения не были перенесены в шаблон Transformed from %1 '%2' Преобразован из %1 '%2' kvView Type Тип Content Содержание pass_info Password Пароль PIN для единообразия PIN-код pki_base Error opening file: '%1': %2 Ошибка при открытии файла: '%1': %2 Error writing to file: '%1': %2 Ошибка при записи в файл: '%1': %2 Unknown Неизвестный Imported Импортирован Generated Сгенерирован Transformed Преобразован Token Модуль защиты Legacy Database База данных в старом формате Renewed Error: Ошибка: Internal error: Unexpected message: %1 %2 Внутренняя ошибка: Неожиданное сообщение: %1 %2 pki_crl No issuer given Не указан издатель unknown неизвестный Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. Не удается загрузить список отзыва сертификатов из файла %1. Формат файла, содержащий CRL, должен быть PEM или DER. Successfully imported the revocation list '%1' Список отзыва '%1' импортирован успешно Delete the revocation list '%1'? Удалить список отзыва '%1'? Successfully created the revocation list '%1' Список отзыва '%1' создан успешно Delete the %1 revocation lists: %2? Удалить %1 списки отзыва: %2? Wrong Size %1 Неправильный размер %1 Renew CRL: %1 The XCA CRL '%1', issued by the CA '%2' on %3 will expire on %4. It is stored in the XCA database '%5' pki_evp Failed to decrypt the key (bad password) Не удалось расшифровать ключ (неверный пароль) Password input aborted Ввод пароля прерван Please enter the password to protect the private key: '%1' Пожалуйста, введите пароль для защиты закрытого ключа '%1' Please enter the password to decrypt the private key. Пожалуйста, введите пароль для расшифровки закрытого ключа. Failed to decrypt the key (bad password) %1 The key from file '%1' is incomplete or inconsistent. Please enter the password to decrypt the private key from file: %1 Пожалуйста, введите пароль для расшифровки закрытого ключа из файла: %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. Не удалось загрузить закрытый ключ из файла %1. Испробованные форматы: PEM, DER закрытый, открытый, ключи типа PKCS#8 и SSH2. Ignoring unsupported private key Неподдерживаемый закрытый ключ проигнорирован Please enter the password to decrypt the private key: '%1' Пожалуйста, введите пароль для расшифровки закрытого ключа: '%1' Please enter the database password for encrypting the key Пожалуйста, введите пароль к базе данных для шифрования ключа Please enter the password protecting the PKCS#8 key '%1' Пожалуйста, введите пароль для защиты PKCS#8 ключа '%1' Please enter the export password for the private key '%1' Пожалуйста, введите пароль для экспорта закрытого ключа '%1' Please enter the database password for decrypting the key '%1' Пожалуйста, введите пароль к базе данных для расшифровки ключа '%1' pki_key Successfully imported the %1 public key '%2' Открытый ключ %1 '%2' импортирован успешно Delete the %1 public key '%2'? Удалить открытый ключ %1 '%2'? Successfully imported the %1 private key '%2' Закрытый ключ %1 '%2' импортирован успешно Delete the %1 private key '%2'? Удалить закрытый ключ %1 '%2'? Successfully created the %1 private key '%2' Закрытый ключ %1 '%2' создан успешно Delete the %1 keys: %2? Удалить ключ %1: %2? Public key Открытый ключ Common Общий Private Закрытый Bogus Поддельный No password Без пароля Unexpected SSH2 content: '%1' Invalid SSH2 public key Недействительный открытый ключ SSH2 Failed writing to %1 Ошибка записи в %1 PIN PIN-код pki_multi Seek failed Ошибка позиционирования No known PEM encoded items found Не найдено PEM элементов pki_pkcs12 Please enter the password to encrypt the PKCS#12 file Пожалуйста, введите пароль для защиты файла PKCS#12 No key or no Cert and no pkcs12 Нет ключа, нет Сертификата, нет PKCS#12 Unable to load the PKCS#12 (pfx) file %1. Не удалось загрузить PKCS#12 (pfx) файл %1. Please enter the password to decrypt the PKCS#12 file: %1 Пожалуйста, введите пароль для расшифровки файла PKCS#12: %1 The supplied password was wrong (%1) Введённый пароль неверен (%1) pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. Не удалось загрузить PKCS#7 файл %1. Формат файла должен быть PEM или DER. pki_scard This Key is already on the token Этот ключ уже есть в модуле защиты Unable to find copied key on the token Не удалось найти ключ в модуле защиты Public Key mismatch. Please re-import card Ошибка открытого ключа. Пожалуйста, импортируйте карту снова Unable to find generated key on card Не удалось найти сгенерированный ключ на карте Failed to find the key on the token Не удалось найти ключ в модуле защиты Invalid Pin for the token Введён неверный PIN-код для модуля защиты Delete the private key '%1' from the token '%2 (#%3)' ? Удалить закрытый ключ '%1' из модуля защиты '%2 (#%3)'? Successfully imported the token key '%1' Ключ '%1' импортирован успешно из модуля защиты Delete the token key '%1'? Удалить ключ '%1' из модуля защиты? Successfully created the token key '%1' Ключ '%1' создан успешно в модуле защиты Delete the %1 keys: %2? Удалить ключи %1: %2? PIN input aborted Ввод PIN-кода прерван Please insert card: %1 %2 [%3] with Serial: %4 Пожалуйста, вставьте карту %1 %2 [%3] с серийным номером %4 Illegal Key generation method Недопустимый способ генерирования ключа Ignoring unsupported token key Неподдерживаемый ключ в модуле защиты проигнорирован Wrong Size %1 Неправильный размер %1 Token %1 Модуль защиты %1 Failed to initialize the key on the token Не удалось инициализировать ключ в модуле защиты pki_temp Template file content error (too small): %1 Содержимое файла шаблона ошибочно (слишком мал) :%1 Wrong Size %1 Неправильный размер %1 Successfully imported the XCA template '%1' Шаблон XCA '%1' ипортирован успешно Delete the XCA template '%1'? Удалить шаблон XCA '%1'? Successfully created the XCA template '%1' Шаблон XCA '%1' создан успешно Delete the %1 XCA templates: %2? Удалить %1 шаблоны XCA: %2? Template file content error (too small) Содержимое файла шаблона ошибочно (слишком мал) Template file content error (bad size) Содержимое файла шаблона ошибочно (неверный размер) Not a PEM encoded XCA Template Не шаблон XCA в формате PEM Not an XCA Template, but '%1' Не шаблон XCA, а '%1' pki_x509 Successfully imported the certificate '%1' Сертификат '%1' импортирован успешно Delete the certificate '%1'? Удалить сертификат '%1'? Successfully created the certificate '%1' Сертификат '%1' создан успешно Delete the %1 certificates: %2? Удалить %1 сертификатов: %2? Delete the certificate '%1' from the token '%2 (#%3)'? Удалить сертификат '%1' из модуля защиты '%2 (#%3)'? Renew certificate: %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' CRL Renewal of CA '%1' due The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' Not trusted Не доверенный Trust inherited Доверие унаследовано Always Trusted Всегда доверять No Нет Yes Да There is no key for signing ! Не выбран ключ для подписи! Unable to load the certificate in file %1. Tried PEM and DER certificate. Не удалось загрузить сертификат из файла %1. Испробованные форматы: PEM и DER. This certificate is already on the security token Этот сертификат уже есть в модуле защиты Wrong Size %1 Неправильный размер %1 pki_x509req Signing key not valid (public key) Ключ для подписи не действителен (открытый ключ) Successfully imported the %1 certificate request '%2' Запрос %1 '%2' импортирован успешно Delete the %1 certificate request '%2'? Удалить запрос %1: %2? Successfully created the %1 certificate request '%2' Запрос на сертификат %1 '%2' создан успешно Delete the %1 certificate requests: %2? Удалить запрос %1: %2? Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. Не удлось загрузить запрос на подпись из файла %1. Испробованные форматы: PEM, DER и SPKAC. Signed Подписан Unhandled Не обработан Wrong Size %1 Неправильный размер %1 v3ext Copy Common Name Add Добавить Delete Удалить Apply Применить Validate Проверить Cancel Отменить Validation successful: '%1' Проверка успешна: '%1' An email address or 'copy' Адрес электронной почты или 'copy' An email address Адрес электронной почты a registered ID: OBJECT IDENTIFIER зарегистрированный ID: OBJECT IDENTIFIER a uniform resource indicator унифицированный идентификатор ресурса a DNS domain name DNS имя домена an IP address IP адрес No editing. Only 'copy' allowed here Редактирование запрещено. Разрешено только копирование Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' Синтаксис: <OID>;TYPE:text like '1.2.3.4:UTF8:name' A registered ID: OBJECT IDENTIFIER A uniform resource indicator A DNS domain name or 'copycn' A DNS domain name An IP address Validation failed: '%1' %2 Проверка завершилась ошибкой: '%1' %2 xca-RELEASE.2.2.1/lang/sk.po0000644000175000017500000032336113614632167014623 0ustar tewardteward# This file is distributed under the same license as the XCA package. # Slavko , 2016-2019. # msgid "" msgstr "" "Project-Id-Version: X Certificate and Key management 2.0\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2018-03-16 18:14+0200\n" "PO-Revision-Date: 2019-12-16 22:44+0100\n" "Last-Translator: Slavko \n" "Language-Team: slovenčina \n" "Language: sk\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "X-Generator: Gtranslator 3.34.0\n" "Plural-Forms: nplurals=3; plural=(n==1) ? 0 : (n>=2 && n<=4) ? 1 : 2;\n" "X-Qt-Contexts: true\n" #: ../ui/CaProperties.ui:30 msgctxt "CaProperties|" msgid "CA Properties" msgstr "Vlastnosti CA" #: ../ui/CaProperties.ui:92 msgctxt "CaProperties|" msgid "Days until next CRL issuing" msgstr "Dní do nasledujúceho vydania CRL" #: ../ui/CaProperties.ui:102 msgctxt "CaProperties|" msgid "Default template" msgstr "Predvolená šablóna" #: ../ui/CertDetail.ui:30 ../widgets/CertDetail.cpp:99 msgctxt "CertDetail|" msgid "Details of the Certificate" msgstr "Podrobnosti certifikátu" #: ../ui/CertDetail.ui:165 msgctxt "CertDetail|" msgid "Serial" msgstr "Sériové číslo" #: ../ui/CertDetail.ui:178 msgctxt "CertDetail|" msgid "The serial number of the certificate" msgstr "Sériové číslo certifikátu" #: ../ui/CertDetail.ui:113 msgctxt "CertDetail|" msgid "The internal name of the certificate in the database" msgstr "Interný názov certifikátu v databáze" #: ../ui/CertDetail.ui:78 msgctxt "CertDetail|" msgid "Status" msgstr "Stav" #: ../ui/CertDetail.ui:106 msgctxt "CertDetail|" msgid "Internal name" msgstr "Interný názov" #: ../ui/CertDetail.ui:120 msgctxt "CertDetail|" msgid "Signature" msgstr "Podpis" #: ../ui/CertDetail.ui:145 msgctxt "CertDetail|" msgid "Key" msgstr "Kľúč" #: ../ui/CertDetail.ui:191 msgctxt "CertDetail|" msgid "Fingerprints" msgstr "Odtlačky" #: ../ui/CertDetail.ui:203 msgctxt "CertDetail|" msgid "MD5" msgstr "MD5" #: ../ui/CertDetail.ui:216 msgctxt "CertDetail|" msgid "An md5 hashsum of the certificate" msgstr "Odtlačok certifikátu MD5" #: ../ui/CertDetail.ui:229 msgctxt "CertDetail|" msgid "SHA1" msgstr "SHA1" #: ../ui/CertDetail.ui:242 msgctxt "CertDetail|" msgid "A SHA-1 hashsum of the certificate" msgstr "Odtlačok certifikátu SHA-1" #: ../ui/CertDetail.ui:255 msgctxt "CertDetail|" msgid "SHA256" msgstr "SHA256" #: ../ui/CertDetail.ui:268 msgctxt "CertDetail|" msgid "A SHA-256 hashsum of the certificate" msgstr "Odtlačok certifikátu SHA-256" #: ../ui/CertDetail.ui:278 msgctxt "CertDetail|" msgid "Validity" msgstr "Platnosť" #: ../ui/CertDetail.ui:287 msgctxt "CertDetail|" msgid "The time since the certificate is valid" msgstr "Čas odkedy je certifikát platný" #: ../ui/CertDetail.ui:294 msgctxt "CertDetail|" msgid "The time until the certificate is valid" msgstr "Čas dokedy je certifikát platný" #: ../ui/CertDetail.ui:328 msgctxt "CertDetail|" msgid "Subject" msgstr "Predmet" #: ../ui/CertDetail.ui:341 msgctxt "CertDetail|" msgid "Issuer" msgstr "Vydavateľ" #: ../ui/CertDetail.ui:364 msgctxt "CertDetail|" msgid "Extensions" msgstr "Rozšírenia" #: ../ui/CertDetail.ui:385 msgctxt "CertDetail|" msgid "Comment" msgstr "Komentár" #: ../ui/CertDetail.ui:354 msgctxt "CertDetail|" msgid "Attributes" msgstr "Atribúty" #: ../ui/CertDetail.ui:377 ../widgets/CertDetail.cpp:36 msgctxt "CertDetail|" msgid "Show config" msgstr "Zobraziť konfiguráciu" #: ../widgets/CertDetail.cpp:40 msgctxt "CertDetail|" msgid "Show extensions" msgstr "Zobraziť rozšírenia" #: ../widgets/CertDetail.cpp:62 msgctxt "CertDetail|" msgid "Show public key" msgstr "Zobraziť verejný kľúč" #: ../widgets/CertDetail.cpp:67 msgctxt "CertDetail|" msgid "This key is not in the database." msgstr "Tento kľúč nie je v databáze." #: ../widgets/CertDetail.cpp:69 msgctxt "CertDetail|" msgid "Not available" msgstr "Nedostupné" #: ../widgets/CertDetail.cpp:108 msgctxt "CertDetail|" msgid "Signer unknown" msgstr "Neznámy podpis" #: ../widgets/CertDetail.cpp:112 msgctxt "CertDetail|" msgid "Self signed" msgstr "Sebou podpísaný" #: ../widgets/CertDetail.cpp:139 #, qt-format msgctxt "CertDetail|" msgid "Revoked at %1" msgstr "Odvolaný %1: " #: ../widgets/CertDetail.cpp:144 msgctxt "CertDetail|" msgid "Not valid" msgstr "Neplatný" #: ../widgets/CertDetail.cpp:148 msgctxt "CertDetail|" msgid "Valid" msgstr "Platný" #: ../widgets/CertDetail.cpp:167 msgctxt "CertDetail|" msgid "Details of the certificate signing request" msgstr "Podrobnosti žiadosti o podpísanie certifikátu" #: ../ui/CertExtend.ui:30 msgctxt "CertExtend|" msgid "Certificate renewal" msgstr "Obnovenie certifikátu" #: ../ui/CertExtend.ui:74 msgctxt "CertExtend|" msgid "" "This will create a new certificate as a copy of the old one with a new " "serial number and adjusted validity values." msgstr "" "Týmto vytvoríte nový certifikát ako kópiu starého s novým sériovým číslom a " "novými hodnotami platnosti." #: ../ui/CertExtend.ui:100 msgctxt "CertExtend|" msgid "Validity" msgstr "Platnosť" #: ../ui/CertExtend.ui:111 msgctxt "CertExtend|" msgid "Not before" msgstr "Nie pred" #: ../ui/CertExtend.ui:118 msgctxt "CertExtend|" msgid "Not after" msgstr "Nie po" #: ../ui/CertExtend.ui:144 msgctxt "CertExtend|" msgid "Time range" msgstr "Časový rozsah" #: ../ui/CertExtend.ui:150 msgctxt "CertExtend|" msgid "Local time" msgstr "Lokálny čas" #: ../ui/CertExtend.ui:158 msgctxt "CertExtend|" msgid "Days" msgstr "Dni" #: ../ui/CertExtend.ui:163 msgctxt "CertExtend|" msgid "Months" msgstr "Mesiace" #: ../ui/CertExtend.ui:168 msgctxt "CertExtend|" msgid "Years" msgstr "Roky" #: ../ui/CertExtend.ui:176 msgctxt "CertExtend|" msgid "No well-defined expiration" msgstr "Bez vypršania" #: ../ui/CertExtend.ui:183 msgctxt "CertExtend|" msgid "Midnight" msgstr "Polnoc" #: ../ui/CertExtend.ui:190 msgctxt "CertExtend|" msgid "Apply" msgstr "Použiť" #: ../ui/CertExtend.ui:216 msgctxt "CertExtend|" msgid "Revoke old certificate" msgstr "Odvolať starý certifikát" #: ../ui/CertExtend.ui:226 msgctxt "CertExtend|" msgid "Keep serial number" msgstr "Zachovať sériové číslo" #: ../widgets/CertExtend.cpp:43 msgctxt "CertExtend|" msgid "" "The certificate will be earlier valid than the signer. This is probably not " "what you want." msgstr "" "Certifikát bude platný skôr ako jeho vydavateľ. To asi nie je to, čo chcete." #: ../widgets/CertExtend.cpp:45 ../widgets/CertExtend.cpp:67 msgctxt "CertExtend|" msgid "Edit dates" msgstr "Upraviť dátumy" #: ../widgets/CertExtend.cpp:46 ../widgets/CertExtend.cpp:68 msgctxt "CertExtend|" msgid "Abort rollout" msgstr "Prerušiť operáciu" #: ../widgets/CertExtend.cpp:47 ../widgets/CertExtend.cpp:69 msgctxt "CertExtend|" msgid "Continue rollout" msgstr "Pokračovať v operácii" #: ../widgets/CertExtend.cpp:48 ../widgets/CertExtend.cpp:70 msgctxt "CertExtend|" msgid "Adjust date and continue" msgstr "Opraviť dátum a pokračovať" #: ../widgets/CertExtend.cpp:65 msgctxt "CertExtend|" msgid "" "The certificate will be longer valid than the signer. This is probably not " "what you want." msgstr "" "Certifikát bude platný dlhšie ako jeho vydavateľ. To asi nie je to, čo " "chcete." #: ../widgets/CertTreeView.cpp:25 msgctxt "CertTreeView|" msgid "Import PKCS#12" msgstr "Import PKCS#12" #: ../widgets/CertTreeView.cpp:26 msgctxt "CertTreeView|" msgid "Import from PKCS#7" msgstr "Importovať z PKCS#7" #: ../widgets/CertTreeView.cpp:54 msgctxt "CertTreeView|" msgid "Request" msgstr "Žiadosť" #: ../widgets/CertTreeView.cpp:56 msgctxt "CertTreeView|" msgid "Security token" msgstr "Bezpečnostný token" #: ../widgets/CertTreeView.cpp:58 msgctxt "CertTreeView|" msgid "Other token" msgstr "Iný token" #: ../widgets/CertTreeView.cpp:62 msgctxt "CertTreeView|" msgid "Similar Certificate" msgstr "Podobný certifikát" #: ../widgets/CertTreeView.cpp:65 msgctxt "CertTreeView|" msgid "Delete from Security token" msgstr "Odstrániť z Bezpečnostného tokenu" #: ../widgets/CertTreeView.cpp:68 msgctxt "CertTreeView|" msgid "CA" msgstr "CA" #: ../widgets/CertTreeView.cpp:69 msgctxt "CertTreeView|" msgid "Properties" msgstr "Vlastnosti" #: ../widgets/CertTreeView.cpp:70 msgctxt "CertTreeView|" msgid "Generate CRL" msgstr "Generovať CRL" #: ../widgets/CertTreeView.cpp:71 msgctxt "CertTreeView|" msgid "Manage revocations" msgstr "Spravovať odvolania" #: ../widgets/CertTreeView.cpp:76 ../widgets/CertTreeView.cpp:79 msgctxt "CertTreeView|" msgid "Renewal" msgstr "Obnoviť" #: ../widgets/CertTreeView.cpp:81 msgctxt "CertTreeView|" msgid "Revoke" msgstr "Odvolať" #: ../widgets/CertTreeView.cpp:83 msgctxt "CertTreeView|" msgid "Unrevoke" msgstr "Zrušiť odvolanie" #: ../widgets/clicklabel.cpp:37 msgctxt "ClickLabel|" msgid "Double click for details" msgstr "Dvojklikom podrobnosti" #: ../ui/CrlDetail.ui:30 msgctxt "CrlDetail|" msgid "Details of the Revocation list" msgstr "Podrobnosti CRL" #: ../ui/CrlDetail.ui:78 msgctxt "CrlDetail|" msgid "&Status" msgstr "&Stav" #: ../ui/CrlDetail.ui:126 msgctxt "CrlDetail|" msgid "Version" msgstr "Verzia" #: ../ui/CrlDetail.ui:145 msgctxt "CrlDetail|" msgid "Signature" msgstr "Podpis" #: ../ui/CrlDetail.ui:152 msgctxt "CrlDetail|" msgid "Signed by" msgstr "Podpísal" #: ../ui/CrlDetail.ui:159 msgctxt "CrlDetail|" msgid "Name" msgstr "Názov" #: ../ui/CrlDetail.ui:166 msgctxt "CrlDetail|" msgid "The internal name of the CRL in the database" msgstr "Interný názov CRL v databáze" #: ../ui/CrlDetail.ui:179 msgctxt "CrlDetail|" msgid "issuing dates" msgstr "Dátumy vydania" #: ../ui/CrlDetail.ui:188 msgctxt "CrlDetail|" msgid "Next update" msgstr "Nasled. aktualizácia" #: ../ui/CrlDetail.ui:195 msgctxt "CrlDetail|" msgid "Last update" msgstr "Posledná aktualizácia" #: ../ui/CrlDetail.ui:228 msgctxt "CrlDetail|" msgid "&Issuer" msgstr "&Vydavateľ" #: ../ui/CrlDetail.ui:241 msgctxt "CrlDetail|" msgid "&Extensions" msgstr "&Rozšírenia" #: ../ui/CrlDetail.ui:261 msgctxt "CrlDetail|" msgid "&Revocation list" msgstr "Zoznam &odvolaných" #: ../ui/CrlDetail.ui:286 msgctxt "CrlDetail|" msgid "Comment" msgstr "Komentár" #: ../widgets/CrlDetail.cpp:47 msgctxt "CrlDetail|" msgid "Failed" msgstr "Zlyhalo" #: ../widgets/CrlDetail.cpp:52 msgctxt "CrlDetail|" msgid "Unknown signer" msgstr "Neznámy podpis" #: ../widgets/CrlDetail.cpp:55 msgctxt "CrlDetail|" msgid "Verification not possible" msgstr "Overenie nemožné" #: ../ui/ExportDialog.ui:76 msgctxt "ExportDialog|" msgid "Name" msgstr "Názov" #: ../ui/ExportDialog.ui:83 msgctxt "ExportDialog|" msgid "The internal name of the CRL in the database" msgstr "Interný názov CRL v databáze" #: ../ui/ExportDialog.ui:113 msgctxt "ExportDialog|" msgid "..." msgstr "…" #: ../ui/ExportDialog.ui:126 msgctxt "ExportDialog|" msgid "Filename" msgstr "Meno súboru" #: ../ui/ExportDialog.ui:191 msgctxt "ExportDialog|" msgid "Export comment into PEM file" msgstr "Exportovať komentáre do súboru PEM" #: ../ui/ExportDialog.ui:213 msgctxt "ExportDialog|" msgid "Export Format" msgstr "Formát exportu" #: ../widgets/ExportDialog.cpp:37 msgctxt "ExportDialog|" msgid "All files ( * )" msgstr "Všetky súbory (*)" #: ../widgets/ExportDialog.cpp:52 msgctxt "ExportDialog|" msgid "PEM Text format with headers" msgstr "Textový formát PEM s hlavičkami" #: ../widgets/ExportDialog.cpp:54 msgctxt "ExportDialog|" msgid "Concatenated list of all selected items in one PEM text file" msgstr "Zlúčený zoznam zvolených položiek v jednom textovom súbore PEM" #: ../widgets/ExportDialog.cpp:55 msgctxt "ExportDialog|" msgid "" "Concatenated text format of the complete certificate chain in one PEM file" msgstr "Zlúčený textový formát úplnej reťaze certifikátu v jednom súbore PEM" #: ../widgets/ExportDialog.cpp:59 msgctxt "ExportDialog|" msgid "Concatenated text format of all certificates in one PEM file" msgstr "Zlúčený textový formát všetkých certifikátov v jednom súbore PEM" #: ../widgets/ExportDialog.cpp:60 msgctxt "ExportDialog|" msgid "Binary DER encoded file" msgstr "Binárne kódovaný súbor DER" #: ../widgets/ExportDialog.cpp:61 msgctxt "ExportDialog|" msgid "PKCS#7 encoded single certificate" msgstr "PKCS#7 kódovaný jeden certifikát" #: ../widgets/ExportDialog.cpp:63 msgctxt "ExportDialog|" msgid "PKCS#7 encoded complete certificate chain" msgstr "PKCS#7 kódovaná úplná reťaz certifikátov" #: ../widgets/ExportDialog.cpp:57 msgctxt "ExportDialog|" msgid "Concatenated text format of all unrevoked certificates in one PEM file" msgstr "" "Zlúčený textový formát všetkých dôveryhodných certifikátov v jednom súbore " "PEM" #: ../widgets/ExportDialog.cpp:65 msgctxt "ExportDialog|" msgid "All unrevoked certificates encoded in one PKCS#7 file" msgstr "Všetky neodvolané certifikáty kódované v jednom súbore PKCS#7" #: ../widgets/ExportDialog.cpp:67 msgctxt "ExportDialog|" msgid "All selected certificates encoded in one PKCS#7 file" msgstr "Všetky zvolené certifikáty kódované v jednom súbore PKCS#7" #: ../widgets/ExportDialog.cpp:69 msgctxt "ExportDialog|" msgid "All certificates encoded in one PKCS#7 file" msgstr "Všetky certifikáty kódované v jednom súbore PKCS#7" #: ../widgets/ExportDialog.cpp:71 msgctxt "ExportDialog|" msgid "The certificate and the private key as encrypted PKCS#12 file" msgstr "Certifikát a súkromný kľúč ako šifrovaný súbor PKCS#12" #: ../widgets/ExportDialog.cpp:72 msgctxt "ExportDialog|" msgid "" "The complete certificate chain and the private key as encrypted PKCS#12 file" msgstr "Úplná reťaz certifikátu a súkromný kľúč ako šifrovaný súbor PKCS#12" #: ../widgets/ExportDialog.cpp:73 msgctxt "ExportDialog|" msgid "" "Concatenation of the certificate and the unencrypted private key in one PEM " "file" msgstr "" "Spojenie certifikátu a nešifrovaného súkromného kľúča v jednom súbore PEM" #: ../widgets/ExportDialog.cpp:74 msgctxt "ExportDialog|" msgid "" "Concatenation of the certificate and the encrypted private key in PKCS#8 " "format in one file" msgstr "" "Spojenie certifikátu a šifrovaného súkromného kľúča v jednom súbore PKCS#8" #: ../widgets/ExportDialog.cpp:75 msgctxt "ExportDialog|" msgid "Text format of the public key in one PEM file" msgstr "Textový formát verejného kľúča v súbore PEM" #: ../widgets/ExportDialog.cpp:76 msgctxt "ExportDialog|" msgid "Binary DER format of the public key" msgstr "Binárny formát DER verejného kľúča" #: ../widgets/ExportDialog.cpp:78 msgctxt "ExportDialog|" msgid "Unencrypted private key in text format" msgstr "Nešifrovaný súkromný kľúč v textovom formáte" #: ../widgets/ExportDialog.cpp:80 msgctxt "ExportDialog|" msgid "OpenSSL specific encrypted private key in text format" msgstr "Šifrovaný súkromný kľúč v textovom formáte (špecifický pre OpenSSL)" #: ../widgets/ExportDialog.cpp:82 msgctxt "ExportDialog|" msgid "Unencrypted private key in binary DER format" msgstr "Nešifrovaný súkromný kľúč v binárnom formáte DER" #: ../widgets/ExportDialog.cpp:84 msgctxt "ExportDialog|" msgid "Unencrypted private key in PKCS#8 text format" msgstr "Nešifrovaný súkromný kľúč v textovom formáte PKCS#8" #: ../widgets/ExportDialog.cpp:86 msgctxt "ExportDialog|" msgid "Encrypted private key in PKCS#8 text format" msgstr "Šifrovaný súkromný kľúč v textovom formáte PKCS#8" #: ../widgets/ExportDialog.cpp:87 msgctxt "ExportDialog|" msgid "The public key encoded in SSH2 format" msgstr "Verejný kľúč kódovaný vo formáte SSH2" #: ../widgets/ExportDialog.cpp:88 msgctxt "ExportDialog|" msgid "" "OpenSSL specific Certificate Index file as created by the 'ca' command and " "required by the OCSP tool" msgstr "" "Súbor indexu certifikátov, špecifický pre OpenSSL, vytvorený ako príkazom " "„ca” a vyžadovaný nástrojom OCSP" #: ../widgets/ExportDialog.cpp:89 msgctxt "ExportDialog|" msgid "vCalendar expiry reminder for the selected items" msgstr "Pripomienka vCalendar vypršania platnosti zvolených položiek" #: ../widgets/ExportDialog.cpp:90 msgctxt "ExportDialog|" msgid "" "vCalendar expiry reminder containing all issued, valid certificates, the CA " "itself and the latest CRL" msgstr "" "Pripomienka vCalendar vypršania platnosti všetkých vydaných, platných " "certifikátov, samotnej CA i posledného CRL" #: ../widgets/ExportDialog.cpp:129 #, qt-format msgctxt "ExportDialog|" msgid "The file: '%1' already exists!" msgstr "Súbor: „%1” už existuje!" #: ../widgets/ExportDialog.cpp:131 msgctxt "ExportDialog|" msgid "Overwrite" msgstr "Prepísať" #: ../widgets/ExportDialog.cpp:133 msgctxt "ExportDialog|" msgid "Do not overwrite" msgstr "Neprepísať" #: ../ui/Help.ui:36 msgctxt "Help|" msgid "<<" msgstr "<<" #: ../ui/Help.ui:46 msgctxt "Help|" msgid ">>" msgstr ">>" #: ../ui/Help.ui:72 msgctxt "Help|" msgid "&Done" msgstr "&Hotovo" #: ../ui/ImportMulti.ui:36 msgctxt "ImportMulti|" msgid "Import PKI Items" msgstr "Importovať položky PKI" #: ../ui/ImportMulti.ui:94 msgctxt "ImportMulti|" msgid "Import &All" msgstr "Importovať &všetky" #: ../ui/ImportMulti.ui:101 msgctxt "ImportMulti|" msgid "&Import" msgstr "&Importovať" #: ../ui/ImportMulti.ui:108 msgctxt "ImportMulti|" msgid "&Done" msgstr "&Hotovo" #: ../ui/ImportMulti.ui:115 msgctxt "ImportMulti|" msgid "&Remove from list" msgstr "Odstrániť zo zoznamu" #: ../ui/ImportMulti.ui:122 msgctxt "ImportMulti|" msgid "Details" msgstr "Podrobnosti" #: ../ui/ImportMulti.ui:129 msgctxt "ImportMulti|" msgid "Delete from token" msgstr "Odstrániť z tokenu" #: ../ui/ImportMulti.ui:136 msgctxt "ImportMulti|" msgid "Rename on token" msgstr "Premenovať token" #: ../widgets/ImportMulti.cpp:62 #, qt-format msgctxt "ImportMulti|" msgid "" "\n" "Name: %1\n" "Model: %2\n" "Serial: %3" msgstr "" "\n" "Názov: %1\n" "Model: %2\n" "Sér. č.: %3" #: ../widgets/ImportMulti.cpp:67 msgctxt "ImportMulti|" msgid "Manage security token" msgstr "Spravovať bezpečnostný token" #: ../widgets/ImportMulti.cpp:338 #, qt-format msgctxt "ImportMulti|" msgid "Details of the item '%1' cannot be shown" msgstr "Podrobnosti položky „%1” nemožno zobraziť" #: ../widgets/ImportMulti.cpp:125 ../widgets/ImportMulti.cpp:280 #: ../widgets/ImportMulti.cpp:341 #, qt-format msgctxt "ImportMulti|" msgid "The type of the item '%1' is not recognized" msgstr "Typ položky „%1” nie je rozpoznaný" #: ../widgets/ImportMulti.cpp:369 #, qt-format msgctxt "ImportMulti|" msgid "The file '%1' did not contain PKI data" msgstr "Súbor „%1” neobsahuje dáta PKI" #: ../widgets/ImportMulti.cpp:372 #, qt-format msgctxt "ImportMulti|" msgid "The %1 files: '%2' did not contain PKI data" msgstr "%1 súbory: „%2” neobsahuje dáta PKI" #: ../ui/ItemProperties.ui:22 msgctxt "ItemProperties|" msgid "Name" msgstr "Názov" #: ../ui/ItemProperties.ui:32 msgctxt "ItemProperties|" msgid "Source" msgstr "Zdroj" #: ../ui/ItemProperties.ui:39 msgctxt "ItemProperties|" msgid "Insertion date" msgstr "Dátum vloženia" #: ../ui/ItemProperties.ui:54 msgctxt "ItemProperties|" msgid "Comment" msgstr "Komentár" #: ../ui/KeyDetail.ui:82 msgctxt "KeyDetail|" msgid "Name" msgstr "Názov" #: ../ui/KeyDetail.ui:89 msgctxt "KeyDetail|" msgid "The internal name of the key used by xca" msgstr "Interný názov kľúča používaný v xca" #: ../widgets/KeyDetail.cpp:96 msgctxt "KeyDetail|" msgid "Security token" msgstr "Bezpečnostný token" #: ../ui/KeyDetail.ui:286 msgctxt "KeyDetail|" msgid "Manufacturer" msgstr "Výrobca" #: ../ui/KeyDetail.ui:296 msgctxt "KeyDetail|" msgid "Serial" msgstr "Sériové číslo" #: ../ui/KeyDetail.ui:102 ../ui/KeyDetail.ui:182 msgctxt "KeyDetail|" msgid "Key" msgstr "Kľúč" #: ../ui/KeyDetail.ui:110 msgctxt "KeyDetail|" msgid "Public Exponent" msgstr "Verejný exponent" #: ../ui/KeyDetail.ui:136 msgctxt "KeyDetail|" msgid "Keysize" msgstr "Veľkosť kľúča" #: ../ui/KeyDetail.ui:163 msgctxt "KeyDetail|" msgid "Private Exponent" msgstr "Súkromný exponent" #: ../ui/KeyDetail.ui:214 msgctxt "KeyDetail|" msgid "Security Token" msgstr "Bezpečnostný token" #: ../ui/KeyDetail.ui:235 ../ui/KeyDetail.ui:306 msgctxt "KeyDetail|" msgid "Label" msgstr "Menovka" #: ../ui/KeyDetail.ui:245 msgctxt "KeyDetail|" msgid "PKCS#11 ID" msgstr "ID PKCS#11" #: ../ui/KeyDetail.ui:270 msgctxt "KeyDetail|" msgid "Token information" msgstr "Informácie tokenu" #: ../ui/KeyDetail.ui:276 msgctxt "KeyDetail|" msgid "Model" msgstr "Model" #: ../ui/KeyDetail.ui:324 msgctxt "KeyDetail|" msgid "Fingerprint" msgstr "Odtlačok" #: ../ui/KeyDetail.ui:329 msgctxt "KeyDetail|" msgid "Comment" msgstr "Komentár" #: ../widgets/KeyDetail.cpp:79 #, qt-format msgctxt "KeyDetail|" msgid "Details of the %1 key" msgstr "Podrobnosti kľúča %1" #: ../widgets/KeyDetail.cpp:85 msgctxt "KeyDetail|" msgid "Not available" msgstr "Nedostupné" #: ../widgets/KeyDetail.cpp:98 msgctxt "KeyDetail|" msgid "Available" msgstr "Dostupný" #: ../widgets/KeyDetail.cpp:107 msgctxt "KeyDetail|" msgid "Sub prime" msgstr "Sub prime" #: ../widgets/KeyDetail.cpp:108 ../widgets/KeyDetail.cpp:117 msgctxt "KeyDetail|" msgid "Public key" msgstr "Verejný kľúč" #: ../widgets/KeyDetail.cpp:109 ../widgets/KeyDetail.cpp:118 msgctxt "KeyDetail|" msgid "Private key" msgstr "Súkromný kľúč" #: ../widgets/KeyDetail.cpp:119 msgctxt "KeyDetail|" msgid "Curve name" msgstr "Názov krivky" #: ../widgets/KeyDetail.cpp:129 msgctxt "KeyDetail|" msgid "Unknown key" msgstr "Neznámy kľúč" #: ../widgets/KeyTreeView.cpp:28 msgctxt "KeyTreeView|" msgid "Change password" msgstr "Zmeniť heslo" #: ../widgets/KeyTreeView.cpp:32 msgctxt "KeyTreeView|" msgid "Reset password" msgstr "Odstrániť heslo" #: ../widgets/KeyTreeView.cpp:44 msgctxt "KeyTreeView|" msgid "Change PIN" msgstr "Zmeniť PIN" #: ../widgets/KeyTreeView.cpp:46 msgctxt "KeyTreeView|" msgid "Init PIN with SO PIN (PUK)" msgstr "Inicializovať PIN pomocou SO PIN (PUK)" #: ../widgets/KeyTreeView.cpp:48 msgctxt "KeyTreeView|" msgid "Change SO PIN (PUK)" msgstr "Zmeniť SO PIN (PUK)" #: ../widgets/KeyTreeView.cpp:51 msgctxt "KeyTreeView|" msgid "Security token" msgstr "Bezpečnostný token" #: ../widgets/KeyTreeView.cpp:84 ../widgets/KeyTreeView.cpp:102 #: ../widgets/KeyTreeView.cpp:120 msgctxt "KeyTreeView|" msgid "This is not a token" msgstr "Toto nie je token" #: ../widgets/KeyTreeView.cpp:149 #, qt-format msgctxt "KeyTreeView|" msgid "" "Shall the original key '%1' be replaced by the key on the token?\n" "This will delete the key '%1' and make it unexportable" msgstr "" "Má byť pôvodný kľúč „%1” nahradený kľúčom z tokenu?\n" "Týmto bude kľúč „%1” odstránený a nebude ho možné exportovať" #: ../ui/MainWindow.ui:22 msgctxt "MainWindow|" msgid "Private Keys" msgstr "Súkromné kľúče" #: ../ui/MainWindow.ui:49 msgctxt "MainWindow|" msgid "&New Key" msgstr "&Nový kľúč" #: ../ui/MainWindow.ui:56 ../ui/MainWindow.ui:161 ../ui/MainWindow.ui:253 #: ../ui/MainWindow.ui:391 ../ui/MainWindow.ui:456 msgctxt "MainWindow|" msgid "&Export" msgstr "&Exportovať" #: ../ui/MainWindow.ui:63 ../ui/MainWindow.ui:168 ../ui/MainWindow.ui:260 #: ../ui/MainWindow.ui:384 ../ui/MainWindow.ui:463 msgctxt "MainWindow|" msgid "&Import" msgstr "&Importovať" #: ../ui/MainWindow.ui:70 msgctxt "MainWindow|" msgid "Import PFX (PKCS#12)" msgstr "Importovať PFX (PKCS#12)" #: ../ui/MainWindow.ui:77 ../ui/MainWindow.ui:175 ../ui/MainWindow.ui:267 #: ../ui/MainWindow.ui:470 msgctxt "MainWindow|" msgid "&Show Details" msgstr "&Zobraziť podrobnosti" #: ../ui/MainWindow.ui:84 ../ui/MainWindow.ui:182 ../ui/MainWindow.ui:274 #: ../ui/MainWindow.ui:377 ../ui/MainWindow.ui:477 msgctxt "MainWindow|" msgid "&Delete" msgstr "&Odstrániť" #: ../ui/MainWindow.ui:124 msgctxt "MainWindow|" msgid "Certificate signing requests" msgstr "Žiadosti o podpísanie" #: ../ui/MainWindow.ui:154 msgctxt "MainWindow|" msgid "&New Request" msgstr "&Nová žiadosť" #: ../ui/MainWindow.ui:222 ../widgets/MW_menu.cpp:128 msgctxt "MainWindow|" msgid "Certificates" msgstr "Certifikáty" #: ../ui/MainWindow.ui:246 msgctxt "MainWindow|" msgid "&New Certificate" msgstr "&Nový certifikát" #: ../ui/MainWindow.ui:281 msgctxt "MainWindow|" msgid "Import &PKCS#12" msgstr "Importovať &PKCS#12" #: ../ui/MainWindow.ui:288 msgctxt "MainWindow|" msgid "Import P&KCS#7" msgstr "Importovať P&KCS#7" #: ../ui/MainWindow.ui:295 msgctxt "MainWindow|" msgid "Plain View" msgstr "Prosté zobrazenie" #: ../ui/MainWindow.ui:335 msgctxt "MainWindow|" msgid "Templates" msgstr "Šablóny" #: ../ui/MainWindow.ui:363 msgctxt "MainWindow|" msgid "&New Template" msgstr "&Nová šablóna" #: ../ui/MainWindow.ui:449 msgctxt "MainWindow|" msgid "&New CRL" msgstr "&Nový CRL" #: ../ui/MainWindow.ui:370 msgctxt "MainWindow|" msgid "Ch&ange Template" msgstr "&Zmeniť šablónu" #: ../ui/MainWindow.ui:431 msgctxt "MainWindow|" msgid "Revocation lists" msgstr "Zoznamy odvolaných" #: ../widgets/MW_database.cpp:322 msgctxt "MainWindow|" msgid "" "Using or exporting private keys will not be possible without providing the " "correct password" msgstr "" "Použitie alebo exportovanie súkromných kľúčov nebude možné bez zadania " "správneho hesla" #: ../widgets/MW_database.cpp:330 ../widgets/MainWindow.cpp:928 msgctxt "MainWindow|" msgid "Database" msgstr "Databáza" #: ../widgets/MW_database.cpp:327 #, qt-format msgctxt "MainWindow|" msgid "" "The currently used default hash '%1' is insecure. Please select at least " "'SHA 224' for security reasons." msgstr "" "Aktuálne použitý predvolený odtlačok „%1” nie je bezpečný. Prosím, kvôli " "bezpečnosti, zvoľte aspoň „SHA 224”." #: ../widgets/MW_database.cpp:246 #, qt-format msgctxt "MainWindow|" msgid "" "Legacy database format detected. Creating a backup copy called: '%1' and " "converting the database to the new format" msgstr "" "Detegovaný starý formát databázy. Vytvorená záložná kópia, nazvaná: „%1” a " "databáza konvertovaná do nového formátu" #: ../widgets/MW_database.cpp:252 msgctxt "MainWindow|" msgid "Failed to rename the database file, because the target already exists" msgstr "Premenovanie súboru databázy zlyhalo, pretože cieľ už existuje" #: ../widgets/MW_database.cpp:430 msgctxt "MainWindow|" msgid "No deleted items found" msgstr "Nenájdené žiadne zmazané položky" #: ../widgets/MW_menu.cpp:79 msgctxt "MainWindow|" msgid "Recent DataBases" msgstr "Nedávne databázy" #: ../widgets/MW_help.cpp:25 ../widgets/MW_menu.cpp:35 msgctxt "MainWindow|" msgid "System" msgstr "systémový" #: ../widgets/MW_help.cpp:28 msgctxt "MainWindow|" msgid "Croatian" msgstr "chorvátsky" #: ../widgets/MW_help.cpp:32 msgctxt "MainWindow|" msgid "English" msgstr "anglicky" #: ../widgets/MW_help.cpp:33 msgctxt "MainWindow|" msgid "French" msgstr "francúzsky" #: ../widgets/MW_help.cpp:35 msgctxt "MainWindow|" msgid "German" msgstr "nemecky" #: ../widgets/MW_help.cpp:43 msgctxt "MainWindow|" msgid "Russian" msgstr "rusky" #: ../widgets/MW_help.cpp:44 msgctxt "MainWindow|" msgid "Slovak" msgstr "slovensky" #: ../widgets/MW_help.cpp:46 msgctxt "MainWindow|" msgid "Spanish" msgstr "španielsky" #: ../widgets/MW_help.cpp:39 msgctxt "MainWindow|" msgid "Polish" msgstr "poľsky" #: ../widgets/MW_help.cpp:37 msgctxt "MainWindow|" msgid "Italian" msgstr "taliansky" #: ../widgets/MW_help.cpp:26 msgctxt "MainWindow|" msgid "Chinese" msgstr "čínsky" #: ../widgets/MW_help.cpp:30 msgctxt "MainWindow|" msgid "Dutch" msgstr "holandsky" #: ../widgets/MW_help.cpp:41 msgctxt "MainWindow|" msgid "Portuguese in Brazil" msgstr "brazílska portugalčina" #: ../widgets/MW_help.cpp:48 msgctxt "MainWindow|" msgid "Turkish" msgstr "turecky" #: ../widgets/MW_menu.cpp:83 msgctxt "MainWindow|" msgid "Language" msgstr "Jazyk" #: ../widgets/MW_menu.cpp:92 msgctxt "MainWindow|" msgid "&File" msgstr "&Súbor" #: ../widgets/MW_menu.cpp:99 msgctxt "MainWindow|" msgid "Open Remote DataBase" msgstr "Otvoriť vzdialenú databázu" #: ../widgets/MW_menu.cpp:104 msgctxt "MainWindow|" msgid "Set as default DataBase" msgstr "Predvolená databáza" #: ../widgets/MW_menu.cpp:93 msgctxt "MainWindow|" msgid "New DataBase" msgstr "Nová databáza" #: ../widgets/MW_menu.cpp:96 msgctxt "MainWindow|" msgid "Open DataBase" msgstr "Otvoriť databázu" #: ../widgets/MW_menu.cpp:107 msgctxt "MainWindow|" msgid "Close DataBase" msgstr "Zatvoriť databázu" #: ../widgets/MW_menu.cpp:110 msgctxt "MainWindow|" msgid "Options" msgstr "Voľby" #: ../widgets/MW_menu.cpp:118 msgctxt "MainWindow|" msgid "Exit" msgstr "Skončiť" #: ../widgets/MW_menu.cpp:125 msgctxt "MainWindow|" msgid "I&mport" msgstr "&Importovať" #: ../widgets/MW_menu.cpp:126 msgctxt "MainWindow|" msgid "Keys" msgstr "Kľúče" #: ../widgets/MW_menu.cpp:127 msgctxt "MainWindow|" msgid "Requests" msgstr "Žiadosti" #: ../widgets/MW_menu.cpp:129 msgctxt "MainWindow|" msgid "PKCS#12" msgstr "PKCS#12" #: ../widgets/MW_menu.cpp:130 msgctxt "MainWindow|" msgid "PKCS#7" msgstr "PKCS#7" #: ../widgets/MW_menu.cpp:131 msgctxt "MainWindow|" msgid "Template" msgstr "Šablóna" #: ../widgets/MW_menu.cpp:132 msgctxt "MainWindow|" msgid "Revocation list" msgstr "Zoznam odvolaných" #: ../widgets/MW_menu.cpp:133 msgctxt "MainWindow|" msgid "PEM file" msgstr "Ssúbor PEM" #: ../widgets/MW_menu.cpp:134 msgctxt "MainWindow|" msgid "Paste PEM file" msgstr "Vložte súbor PEM" #: ../widgets/MW_menu.cpp:137 msgctxt "MainWindow|" msgid "Token" msgstr "Token" #: ../widgets/MW_menu.cpp:154 msgctxt "MainWindow|" msgid "Export Certificate &Index hierarchy" msgstr "Exportovať hierarchiu &indexu certifikátov" #: ../widgets/MW_menu.cpp:167 msgctxt "MainWindow|" msgid "Content" msgstr "Obsah" #: ../widgets/MW_menu.cpp:138 msgctxt "MainWindow|" msgid "&Manage Security token" msgstr "&Spravovať Bezpečnostný token" #: ../widgets/MW_menu.cpp:140 msgctxt "MainWindow|" msgid "&Init Security token" msgstr "&Inicializovať Bezpečnostný token" #: ../widgets/MW_menu.cpp:142 msgctxt "MainWindow|" msgid "&Change PIN" msgstr "Zmeniť @PIN" #: ../widgets/MW_menu.cpp:144 msgctxt "MainWindow|" msgid "Change &SO PIN" msgstr "Zmeniť &SO PIN" #: ../widgets/MW_menu.cpp:146 msgctxt "MainWindow|" msgid "Init PIN" msgstr "Inicializovať PIN" #: ../widgets/MW_menu.cpp:149 msgctxt "MainWindow|" msgid "Extra" msgstr "Extra" #: ../widgets/MW_menu.cpp:150 msgctxt "MainWindow|" msgid "&Dump DataBase" msgstr "Vypísať &databázu" #: ../widgets/MW_menu.cpp:152 msgctxt "MainWindow|" msgid "&Export Certificate Index" msgstr "&Exportovať index certifikátov" #: ../widgets/MW_menu.cpp:156 msgctxt "MainWindow|" msgid "C&hange DataBase password" msgstr "Z&meniť heslo databázy" #: ../widgets/MW_menu.cpp:159 msgctxt "MainWindow|" msgid "&Undelete items" msgstr "O&bnoviť zmazané" #: ../widgets/MW_menu.cpp:162 msgctxt "MainWindow|" msgid "Generate DH parameter" msgstr "Generovať parametre DH" #: ../widgets/MW_menu.cpp:164 msgctxt "MainWindow|" msgid "OID Resolver" msgstr "Prekladač OID" #: ../widgets/MW_menu.cpp:166 msgctxt "MainWindow|" msgid "&Help" msgstr "&Pomocník" #: ../widgets/MW_menu.cpp:169 msgctxt "MainWindow|" msgid "About" msgstr "O programe" #: ../widgets/MainWindow.cpp:332 #, qt-format msgctxt "MainWindow|" msgid "no such option: %1" msgstr "neznáma voľba: %1" #: ../widgets/MainWindow.cpp:422 msgctxt "MainWindow|" msgid "Import PEM data" msgstr "Importovať dáta PEM" #: ../widgets/MainWindow.cpp:451 #, qt-format msgctxt "MainWindow|" msgid "Please enter the original SO PIN (PUK) of the token '%1'" msgstr "Prosím, zadajte pôvodný SO PIN (PUK) tokenu „%1”" #: ../widgets/MainWindow.cpp:149 ../widgets/MainWindow.cpp:929 msgctxt "MainWindow|" msgid "Search" msgstr "Hľadať" #: ../widgets/MainWindow.cpp:457 #, qt-format msgctxt "MainWindow|" msgid "Please enter the new SO PIN (PUK) for the token '%1'" msgstr "Prosím, zadajte nový SO PIN (PUK) tokenu „%1”" #: ../widgets/MainWindow.cpp:464 #, qt-format msgctxt "MainWindow|" msgid "The new label of the token '%1'" msgstr "Nová menovka tokenu „%1”" #: ../widgets/MainWindow.cpp:572 #, qt-format msgctxt "MainWindow|" msgid "The token '%1' did not contain any keys or certificates" msgstr "Token „%1” neobsahuje žiadne kľúče ani certifikáty" #: ../widgets/MainWindow.cpp:634 msgctxt "MainWindow|" msgid "Current Password" msgstr "Aktuálne heslo" #: ../widgets/MainWindow.cpp:635 msgctxt "MainWindow|" msgid "Please enter the current database password" msgstr "Prosím, zadajte heslo aktuálnej databázy" #: ../widgets/MainWindow.cpp:645 msgctxt "MainWindow|" msgid "The entered password is wrong" msgstr "Zadané heslo je zlé" #: ../widgets/MainWindow.cpp:650 ../widgets/MainWindow.cpp:728 msgctxt "MainWindow|" msgid "New Password" msgstr "Nové heslo" #: ../widgets/MainWindow.cpp:650 msgctxt "MainWindow|" msgid "" "Please enter the new password to encrypt your private keys in the database-" "file" msgstr "" "Prosím, zadajte nové heslo na šifrovanie svojich súkromných kľúčov v súbore " "databázy" #: ../widgets/MainWindow.cpp:674 msgctxt "MainWindow|" msgid "Transaction start failed" msgstr "Spustenie transakcie zlyhalo" #: ../widgets/MainWindow.cpp:728 #, qt-format msgctxt "MainWindow|" msgid "" "Please enter a password, that will be used to encrypt your private keys in " "the database:\n" "%1" msgstr "" "Prosím, zadajte heslo, ktoré bude slúžiť na šifrovanie súkromných kľúčov v " "databáze:\n" "%1" #: ../widgets/MainWindow.cpp:749 msgctxt "MainWindow|" msgid "Password verify error, please try again" msgstr "Chyba overenia hesla, prosím, skúste znova" #: ../widgets/MainWindow.cpp:750 msgctxt "MainWindow|" msgid "Password" msgstr "Heslo" #: ../widgets/MainWindow.cpp:751 #, qt-format msgctxt "MainWindow|" msgid "" "Please enter the password for unlocking the database:\n" "%1" msgstr "" "Prosím, zadajte heslo na odomknutie databázy:\n" "%1" #: ../widgets/MainWindow.cpp:770 msgctxt "MainWindow|" msgid "The following error occurred:" msgstr "Nastala nasledujúca chyba:" #: ../widgets/MainWindow.cpp:772 msgctxt "MainWindow|" msgid "Copy to Clipboard" msgstr "Kopírovať do schránky" #: ../widgets/MainWindow.cpp:841 msgctxt "MainWindow|" msgid "Certificate Index ( index.txt )" msgstr "Index certifikátov (index.txt)" #: ../widgets/MainWindow.cpp:842 ../widgets/MainWindow.cpp:902 msgctxt "MainWindow|" msgid "All files ( * )" msgstr "Všetky súbory ( * )" #: ../widgets/MainWindow.cpp:871 #, qt-format msgctxt "MainWindow|" msgid "Diffie-Hellman parameters saved as: %1" msgstr "Parametre Diffie-Hellman uložené do: %1" #: ../widgets/MainWindow.cpp:887 msgctxt "MainWindow|" msgid "" "Diffie-Hellman parameters are needed for different applications, but not " "handled by XCA.\n" "Please enter the DH parameter bits" msgstr "" "Parametre Diffie-Hellman sú potrebné pre rôzne aplikácie, ale nie sú " "používané v XCA.\n" "Prosím, zadajte bity parametra DH" #: ../ui/NewCrl.ui:32 msgctxt "NewCrl|" msgid "Last update" msgstr "Posledná aktualizácia" #: ../ui/NewCrl.ui:46 msgctxt "NewCrl|" msgid "Next update" msgstr "Nasled. aktualizácia" #: ../ui/NewCrl.ui:70 msgctxt "NewCrl|" msgid "Days" msgstr "Dni" #: ../ui/NewCrl.ui:75 msgctxt "NewCrl|" msgid "Months" msgstr "Mesiace" #: ../ui/NewCrl.ui:80 msgctxt "NewCrl|" msgid "Years" msgstr "Roky" #: ../ui/NewCrl.ui:88 msgctxt "NewCrl|" msgid "Midnight" msgstr "Polnoc" #: ../ui/NewCrl.ui:95 msgctxt "NewCrl|" msgid "Local time" msgstr "Lokálny čas" #: ../ui/NewCrl.ui:102 msgctxt "NewCrl|" msgid "Apply" msgstr "Použiť" #: ../ui/NewCrl.ui:128 msgctxt "NewCrl|" msgid "Options" msgstr "Voľby" #: ../ui/NewCrl.ui:172 msgctxt "NewCrl|" msgid "CRL number" msgstr "Číslo CRL" #: ../ui/NewCrl.ui:144 msgctxt "NewCrl|" msgid "Subject alternative name" msgstr "Alternatívne meno predmetu" #: ../ui/NewCrl.ui:199 msgctxt "NewCrl|" msgid "Revocation reasons" msgstr "Dôvody odvolania" #: ../ui/NewCrl.ui:158 msgctxt "NewCrl|" msgid "Authority key identifier" msgstr "Identifikátor kľúča autority" #: ../ui/NewCrl.ui:134 msgctxt "NewCrl|" msgid "Hash algorithm" msgstr "Algoritmus odtlačku" #: ../ui/NewKey.ui:86 msgctxt "NewKey|" msgid "Please give a name to the new key and select the desired keysize" msgstr "Prosím, zadajte meno nového kľúča a zvoľte jeho požadovanú veľkosť" #: ../ui/NewKey.ui:96 msgctxt "NewKey|" msgid "Key properties" msgstr "Vlastnosti kľúča" #: ../ui/NewKey.ui:102 msgctxt "NewKey|" msgid "Name" msgstr "Názov" #: ../ui/NewKey.ui:121 msgctxt "NewKey|" msgid "The internal name of the new key" msgstr "Interný názov nového kľúča" #: ../ui/NewKey.ui:151 msgctxt "NewKey|" msgid "Curve name" msgstr "Názov krivky" #: ../ui/NewKey.ui:171 msgctxt "NewKey|" msgid "Usually at least 2048 bit keys are recommended" msgstr "Zvyčajne sú odporúčané kľúče aspoň 2048 bitov" #: ../ui/NewKey.ui:39 ../ui/NewKey.ui:124 msgctxt "NewKey|" msgid "New Key" msgstr "Nový kľúč" #: ../ui/NewKey.ui:158 msgctxt "NewKey|" msgid "Keysize" msgstr "Veľkosť kľúča" #: ../ui/NewKey.ui:178 msgctxt "NewKey|" msgid "Keytype" msgstr "Typ kľúča" #: ../ui/NewKey.ui:188 msgctxt "NewKey|" msgid "Remember as default" msgstr "Zapamätať ako predvolené" #: ../widgets/NewKey.cpp:181 msgctxt "NewKey|" msgid "Create" msgstr "Vytvoriť" #: ../ui/NewX509.ui:75 msgctxt "NewX509|" msgid "Source" msgstr "Zdroj" #: ../ui/NewX509.ui:97 msgctxt "NewX509|" msgid "Signing request" msgstr "Žiadosť o podpísanie" #: ../ui/NewX509.ui:112 msgctxt "NewX509|" msgid "Show request" msgstr "Zobraziť žiadosť" #: ../ui/NewX509.ui:119 msgctxt "NewX509|" msgid "Sign this Certificate signing &request" msgstr "Podpísať túto Žiadosť o certifikát" #: ../ui/NewX509.ui:126 msgctxt "NewX509|" msgid "Copy extensions from the request" msgstr "Kopírovať rozšírenia zo žiadosti" #: ../ui/NewX509.ui:136 msgctxt "NewX509|" msgid "Modify subject of the request" msgstr "Zmeniť predmet žiadosti" #: ../ui/NewX509.ui:169 msgctxt "NewX509|" msgid "Signing" msgstr "Podpísanie" #: ../ui/NewX509.ui:177 msgctxt "NewX509|" msgid "Create a &self signed certificate" msgstr "Vytvoriť &sebou podpísaný certifikát" #: ../ui/NewX509.ui:191 msgctxt "NewX509|" msgid "Use &this Certificate for signing" msgstr "Podpísať &týmto certifikátom" #: ../ui/NewX509.ui:198 msgctxt "NewX509|" msgid "All certificates in your database that can create valid signatures" msgstr "Všetky certifikáty v databáze, ktoré môžu vytvoriť platný podpis" #: ../ui/NewX509.ui:225 msgctxt "NewX509|" msgid "Signature algorithm" msgstr "Algoritmus podpisu" #: ../ui/NewX509.ui:253 msgctxt "NewX509|" msgid "Template for the new certificate" msgstr "Šablóna nového certifikátu" #: ../ui/NewX509.ui:265 msgctxt "NewX509|" msgid "All available templates" msgstr "Všetky dostupné šablóny" #: ../ui/NewX509.ui:287 msgctxt "NewX509|" msgid "Apply extensions" msgstr "Pridať rozšírenia" #: ../ui/NewX509.ui:294 msgctxt "NewX509|" msgid "Apply subject" msgstr "Pridať predmet" #: ../ui/NewX509.ui:307 msgctxt "NewX509|" msgid "Apply all" msgstr "Pridať všetko" #: ../ui/NewX509.ui:336 ../widgets/NewX509.cpp:590 msgctxt "NewX509|" msgid "Subject" msgstr "Predmet" #: ../ui/NewX509.ui:344 msgctxt "NewX509|" msgid "Internal Name" msgstr "Interný názov" #: ../ui/NewX509.ui:360 msgctxt "NewX509|" msgid "Distinguished name" msgstr "Rozlišovací názov" #: ../ui/NewX509.ui:386 msgctxt "NewX509|" msgid "Add" msgstr "Pridať" #: ../ui/NewX509.ui:393 msgctxt "NewX509|" msgid "Delete" msgstr "Odstrániť" #: ../ui/NewX509.ui:430 msgctxt "NewX509|" msgid "Private key" msgstr "Súkromný kľúč" #: ../ui/NewX509.ui:442 msgctxt "NewX509|" msgid "This list only contains unused keys" msgstr "Tento zoznam obsahuje len nepoužité kľúče" #: ../ui/NewX509.ui:449 msgctxt "NewX509|" msgid "Used keys too" msgstr "Aj použité kľúče" #: ../ui/NewX509.ui:456 msgctxt "NewX509|" msgid "&Generate a new key" msgstr "&Generovať nový kľúč" #: ../ui/NewX509.ui:467 msgctxt "NewX509|" msgid "Extensions" msgstr "Rozšírenia" #: ../ui/NewX509.ui:478 msgctxt "NewX509|" msgid "Type" msgstr "Typ" #: ../ui/NewX509.ui:485 msgctxt "NewX509|" msgid "If this will become a CA certificate or not" msgstr "Či to bude certifikát CA alebo nie" #: ../ui/NewX509.ui:489 msgctxt "NewX509|" msgid "Not defined" msgstr "Nedefinované" #: ../ui/NewX509.ui:494 msgctxt "NewX509|" msgid "Certification Authority" msgstr "Certifikačná autorita" #: ../ui/NewX509.ui:499 msgctxt "NewX509|" msgid "End Entity" msgstr "Koncový certifikát" #: ../ui/NewX509.ui:507 msgctxt "NewX509|" msgid "Path length" msgstr "Dĺžka cesty" #: ../ui/NewX509.ui:514 msgctxt "NewX509|" msgid "How much CAs may be below this." msgstr "Koľko CA môže byť pod týmto." #: ../ui/NewX509.ui:521 msgctxt "NewX509|" msgid "The basic constraints should always be critical" msgstr "Základné obmedzenia by mali byť vždy kritické" #: ../ui/NewX509.ui:534 msgctxt "NewX509|" msgid "Key identifier" msgstr "Identifikátor kľúča" #: ../ui/NewX509.ui:546 msgctxt "NewX509|" msgid "Creates a hash of the key following the PKIX guidelines" msgstr "Vytvorí odtlačok kľúča v súlade s odporúčaním PKIX" #: ../ui/NewX509.ui:556 msgctxt "NewX509|" msgid "Copy the Subject Key Identifier from the issuer" msgstr "Kopírovať Identifikátor kľúča predmetu vydavateľa" #: ../ui/NewX509.ui:593 msgctxt "NewX509|" msgid "Validity" msgstr "Platnosť" #: ../ui/NewX509.ui:599 msgctxt "NewX509|" msgid "Not before" msgstr "Nie pred" #: ../ui/NewX509.ui:613 msgctxt "NewX509|" msgid "Not after" msgstr "Nie po" #: ../ui/NewX509.ui:630 msgctxt "NewX509|" msgid "Time range" msgstr "Časový rozsah" #: ../ui/NewX509.ui:640 msgctxt "NewX509|" msgid "Days" msgstr "Dni" #: ../ui/NewX509.ui:645 msgctxt "NewX509|" msgid "Months" msgstr "Mesiace" #: ../ui/NewX509.ui:650 msgctxt "NewX509|" msgid "Years" msgstr "Roky" #: ../ui/NewX509.ui:664 msgctxt "NewX509|" msgid "Apply" msgstr "Použiť" #: ../ui/NewX509.ui:671 msgctxt "NewX509|" msgid "Set the time to 00:00:00 and 23:59:59 respectively" msgstr "Nastavuje čas na 00:00:00 a 23:59:59" #: ../ui/NewX509.ui:674 msgctxt "NewX509|" msgid "Midnight" msgstr "Polnoc" #: ../ui/NewX509.ui:681 msgctxt "NewX509|" msgid "Local time" msgstr "Lokálny čas" #: ../ui/NewX509.ui:688 msgctxt "NewX509|" msgid "No well-defined expiration" msgstr "Bez vypršania" #: ../ui/NewX509.ui:738 ../ui/NewX509.ui:755 ../ui/NewX509.ui:827 msgctxt "NewX509|" msgid "DNS: IP: URI: email: RID:" msgstr "DNS:, IP:, URI:, email:, RID:" #: ../ui/NewX509.ui:745 ../ui/NewX509.ui:762 ../ui/NewX509.ui:795 #: ../ui/NewX509.ui:834 ../widgets/NewX509.cpp:972 msgctxt "NewX509|" msgid "Edit" msgstr "Upraviť" #: ../ui/NewX509.ui:788 msgctxt "NewX509|" msgid "URI:" msgstr "URI:" #: ../ui/NewX509.ui:866 msgctxt "NewX509|" msgid "Key usage" msgstr "Použitie kľúča" #: ../ui/NewX509.ui:977 msgctxt "NewX509|" msgid "Netscape" msgstr "Netscape" #: ../ui/NewX509.ui:1135 msgctxt "NewX509|" msgid "Advanced" msgstr "Pokročilé" #: ../ui/NewX509.ui:1159 ../widgets/NewX509.cpp:982 msgctxt "NewX509|" msgid "Validate" msgstr "Overiť" #: ../ui/NewX509.ui:1182 msgctxt "NewX509|" msgid "Comment" msgstr "Komentár" #: ../ui/NewX509.ui:351 msgctxt "NewX509|" msgid "" "This name is only used internally and does not appear in the resulting " "certificate" msgstr "" "Tento názov je použitý len interne a neobjaví sa vo výslednom certifikáte" #: ../widgets/NewX509.cpp:253 msgctxt "NewX509|" msgid "Critical" msgstr "Kritické" #: ../widgets/NewX509.cpp:291 msgctxt "NewX509|" msgid "Create Certificate signing request" msgstr "Vytvoriť Žiadosť o podpísanie certifikátu" #: ../widgets/NewX509.cpp:318 #, qt-format msgctxt "NewX509|" msgid "minimum size: %1" msgstr "minimálna veľkosť: %1" #: ../widgets/NewX509.cpp:320 #, qt-format msgctxt "NewX509|" msgid "maximum size: %1" msgstr "maximálna veľkosť: %1" #: ../widgets/NewX509.cpp:322 msgctxt "NewX509|" msgid "only a-z A-Z 0-9 '()+,-./:=?" msgstr "len a-z A-Z 0-9 '()+,-./:=?" #: ../widgets/NewX509.cpp:326 msgctxt "NewX509|" msgid "only 7-bit clean characters" msgstr "len prosté 7-b znaky" #: ../widgets/NewX509.cpp:351 msgctxt "NewX509|" msgid "Edit XCA template" msgstr "Upraviť šablónu XCA" #: ../widgets/NewX509.cpp:364 msgctxt "NewX509|" msgid "Create x509 Certificate" msgstr "Vytvoriť certifikát x509" #: ../widgets/NewX509.cpp:722 #, qt-format msgctxt "NewX509|" msgid "Template '%1' applied" msgstr "Šablóna „%1” aplikovaná" #: ../widgets/NewX509.cpp:729 #, qt-format msgctxt "NewX509|" msgid "Subject applied from template '%1'" msgstr "Predmet nastavený zo šablóny „%1”" #: ../widgets/NewX509.cpp:737 #, qt-format msgctxt "NewX509|" msgid "Extensions applied from template '%1'" msgstr "Rozšírenia nastavené zo šablóny „%1”" #: ../widgets/NewX509.cpp:752 #, qt-format msgctxt "NewX509|" msgid "New key '%1' created" msgstr "Vytvorený nový kľúč „%1”" #: ../widgets/NewX509.cpp:1005 msgctxt "NewX509|" msgid "Other Tabs" msgstr "Záložka Iné" #: ../widgets/NewX509.cpp:1019 msgctxt "NewX509|" msgid "Advanced Tab" msgstr "Záložka Pokročilé" #: ../widgets/NewX509.cpp:1026 msgctxt "NewX509|" msgid "Errors" msgstr "Chyby" #: ../widgets/NewX509.cpp:1044 msgctxt "NewX509|" msgid "From PKCS#10 request" msgstr "Zo žiadosti PKCS#10" #: ../widgets/NewX509.cpp:1140 ../widgets/NewX509.cpp:1153 #: ../widgets/NewX509.cpp:1172 ../widgets/NewX509.cpp:1184 #: ../widgets/NewX509.cpp:1200 ../widgets/NewX509.cpp:1214 #: ../widgets/NewX509.cpp:1248 ../widgets/NewX509.cpp:1259 #: ../widgets/NewX509.cpp:1282 ../widgets/NewX509.cpp:1305 #: ../widgets/NewX509.cpp:1331 ../widgets/NewX509.cpp:1351 msgctxt "NewX509|" msgid "Abort rollout" msgstr "Prerušiť operáciu" #: ../widgets/NewX509.cpp:1149 msgctxt "NewX509|" msgid "The following length restrictions of RFC3280 are violated:" msgstr "Nie sú splnené Nasledujúce obmedzenia veľkosti z RFC3280:" #: ../widgets/NewX509.cpp:1152 ../widgets/NewX509.cpp:1213 msgctxt "NewX509|" msgid "Edit subject" msgstr "Upraviť predmet" #: ../widgets/NewX509.cpp:1154 ../widgets/NewX509.cpp:1215 #: ../widgets/NewX509.cpp:1260 ../widgets/NewX509.cpp:1283 #: ../widgets/NewX509.cpp:1306 ../widgets/NewX509.cpp:1332 #: ../widgets/NewX509.cpp:1352 msgctxt "NewX509|" msgid "Continue rollout" msgstr "Pokračovať v operácii" #: ../widgets/NewX509.cpp:1170 msgctxt "NewX509|" msgid "" "The verification of the Certificate request failed.\n" "The rollout should be aborted." msgstr "" "Overenie žiadosti o certifikát zlyhalo.\n" "Operácia by mala byť prerušená." #: ../widgets/NewX509.cpp:1171 msgctxt "NewX509|" msgid "Continue anyway" msgstr "Pokračovať i tak" #: ../widgets/NewX509.cpp:1182 msgctxt "NewX509|" msgid "" "The internal name and the common name are empty.\n" "Please set at least the internal name." msgstr "" "Interný názov a bežný názov sú prázdne.\n" "Prosím, zadajte aspoň interný názov." #: ../widgets/NewX509.cpp:1183 msgctxt "NewX509|" msgid "Edit name" msgstr "Upraviť názov" #: ../widgets/NewX509.cpp:1198 msgctxt "NewX509|" msgid "There is no Key selected for signing." msgstr "Nebol zvolený kľúč na podpísanie." #: ../widgets/NewX509.cpp:1199 msgctxt "NewX509|" msgid "Select key" msgstr "Vybrať kľúč" #: ../widgets/NewX509.cpp:1211 #, qt-format msgctxt "NewX509|" msgid "" "The following distinguished name entries are empty:\n" "%1\n" "though you have declared them as mandatory in the options menu." msgstr "" "Nasledujúce položky rozlišovacieho názvu sú prázdne:\n" "%1\n" "hoci ste ich v nastavení definovali ako povinné." #: ../widgets/NewX509.cpp:1245 msgctxt "NewX509|" msgid "The key you selected for signing is not a private one." msgstr "Kľúč, zvolený na podpísanie, nie je súkromný." #: ../widgets/NewX509.cpp:1246 msgctxt "NewX509|" msgid "Select other signer" msgstr "Zvoliť iného vydavateľa" #: ../widgets/NewX509.cpp:1246 msgctxt "NewX509|" msgid "Select other key" msgstr "Zvoliť iný kľúč" #: ../widgets/NewX509.cpp:1256 msgctxt "NewX509|" msgid "" "The certificate will be earlier valid than the signer. This is probably not " "what you want." msgstr "" "Certifikát bude platný skôr ako jeho vydavateľ. To asi nie je to, čo chcete." #: ../widgets/NewX509.cpp:1258 ../widgets/NewX509.cpp:1281 #: ../widgets/NewX509.cpp:1304 msgctxt "NewX509|" msgid "Edit dates" msgstr "Upraviť dátumy" #: ../widgets/NewX509.cpp:1261 ../widgets/NewX509.cpp:1284 msgctxt "NewX509|" msgid "Adjust date and continue" msgstr "Opraviť dátum a pokračovať" #: ../widgets/NewX509.cpp:1279 msgctxt "NewX509|" msgid "" "The certificate will be longer valid than the signer. This is probably not " "what you want." msgstr "" "Certifikát bude platný dlhšie ako jeho vydavateľ. To asi nie je to, čo " "chcete." #: ../widgets/NewX509.cpp:1302 msgctxt "NewX509|" msgid "" "The certificate will be out of date before it becomes valid. You most " "probably mixed up both dates." msgstr "" "Certifikát vyprší ešte pred nadobudnutím platnosti. Pravdepodobne ste " "zamenili oba dátumy." #: ../widgets/NewX509.cpp:1323 msgctxt "NewX509|" msgid "" "The certificate contains invalid or duplicate extensions. Check the " "validation on the advanced tab." msgstr "" "Certifikát obsahuje neplatné alebo duplicitné rozšírenia. Skontrolujte " "platnosť na záložke Pokročilé." #: ../widgets/NewX509.cpp:1326 msgctxt "NewX509|" msgid "" "The certificate contains no extensions. You may apply the extensions of one " "of the templates to define the purpose of the certificate." msgstr "" "Certifikát neobsahuje rozšírenia. Na definovanie určenia certifikátu môžete " "pridať rozšírenia jednej zo šablón." #: ../widgets/NewX509.cpp:1330 ../widgets/NewX509.cpp:1350 msgctxt "NewX509|" msgid "Edit extensions" msgstr "Upraviť rozšírenia" #: ../widgets/NewX509.cpp:1349 msgctxt "NewX509|" msgid "" "The subject alternative name shall contain a copy of the common name. " "However, the common name is empty." msgstr "" "Alternatívne meno predmetu má obsahovať kópiu bežného mena. Avšak, bežné " "meno je prázdne." #: ../widgets/NewX509_ext.cpp:217 #, qt-format msgctxt "NewX509|" msgid "Configfile error on line %1\n" msgstr "Chyba konfiguračného súboru v riadku %1\n" #: ../ui/OidResolver.ui:28 msgctxt "OidResolver|" msgid "OID Resolver" msgstr "Prekladač OID" #: ../ui/OidResolver.ui:38 msgctxt "OidResolver|" msgid "Enter the OID, the Nid, or one of the textual representations" msgstr "Zadajte OID, Nid alebo jednu z textových reprezentácií" #: ../ui/OidResolver.ui:47 msgctxt "OidResolver|" msgid "Search" msgstr "Hľadať" #: ../ui/OidResolver.ui:74 msgctxt "OidResolver|" msgid "OID" msgstr "OID" #: ../ui/OidResolver.ui:119 msgctxt "OidResolver|" msgid "Long name" msgstr "Dlhý názov" #: ../ui/OidResolver.ui:145 ../ui/OidResolver.ui:167 msgctxt "OidResolver|" msgid "OpenSSL internal ID" msgstr "Interné ID OpenSSL" #: ../ui/OidResolver.ui:148 msgctxt "OidResolver|" msgid "Nid" msgstr "Nid" #: ../ui/OidResolver.ui:177 msgctxt "OidResolver|" msgid "Short name" msgstr "Krátky názov" #: ../ui/OpenDb.ui:36 msgctxt "OpenDb|" msgid "Open remote database" msgstr "Otvoriť vzdialené databázu" #: ../ui/OpenDb.ui:98 msgctxt "OpenDb|" msgid "Database type" msgstr "Typ databázy" #: ../ui/OpenDb.ui:108 msgctxt "OpenDb|" msgid "Hostname" msgstr "Názov stroja" #: ../ui/OpenDb.ui:118 msgctxt "OpenDb|" msgid "Username" msgstr "Meno používateľa" #: ../ui/OpenDb.ui:128 msgctxt "OpenDb|" msgid "Password" msgstr "Heslo" #: ../ui/OpenDb.ui:142 msgctxt "OpenDb|" msgid "Database name" msgstr "Názov databázy" #: ../ui/OpenDb.ui:152 msgctxt "OpenDb|" msgid "Table prefix" msgstr "Predpona tabuľky" #: ../widgets/OpenDb.cpp:143 msgctxt "OpenDb|" msgid "" "No SqLite3 driver available. Please install the qt-sqlite package of your " "distribution" msgstr "" "Nie je dostupný ovládač SQLite3. Prosím, nainštalujte balík qt-sqlite svojej " "distribúcie" #: ../widgets/OpenDb.cpp:187 #, qt-format msgctxt "OpenDb|" msgid "" "Please enter the password to access the database server %2 as user '%1'." msgstr "" "Prosím, zadajte heslo na prístup k databázovému serveru %2 ako používateľ " "„%1”." #: ../widgets/OpenDb.cpp:220 msgctxt "OpenDb|" msgid "" "The database driver does not support transactions. This may happen if the " "client and server have different versions. Continue with care." msgstr "" "Ovládač databázy nepodporuje transakcie. Toto môže nastať, ak majú kleint a " "server rôzne verzie. Pokračujte s opatrnosťou." #: ../ui/Options.ui:28 msgctxt "Options|" msgid "XCA Options" msgstr "Nastavenia XCA" #: ../ui/Options.ui:42 msgctxt "Options|" msgid "Settings" msgstr "Nastavenia" #: ../ui/Options.ui:50 msgctxt "Options|" msgid "Default hash algorithm" msgstr "Predvolený algoritmus odtlačku" #: ../ui/Options.ui:64 msgctxt "Options|" msgid "String types" msgstr "Typy reťazcov" #: ../ui/Options.ui:76 msgctxt "Options|" msgid "Suppress success messages" msgstr "Potlačiť správy o úspechu" #: ../ui/Options.ui:109 msgctxt "Options|" msgid "Don't colorize expired certificates" msgstr "Nezvýrazňovať vypršané certifikáty" #: ../ui/Options.ui:90 #, qt-format msgctxt "Options|" msgid "Translate established x509 terms (%1 -> %2)" msgstr "Preložiť platné položky x509 (%1 -> %2)" #: ../ui/Options.ui:97 msgctxt "Options|" msgid "" "The hashing functionality of the token is not used by XCA.\n" "It may however honor a restricted hash-set propagated by the token.\n" "Especially EC and DSA are only defined with SHA1 in the PKCS#11 " "specification." msgstr "" "Hašovacia funkčnosť tokenu nie je v XCA použitá.\n" "Môže však rešpektovať obmedzenú sadu hašovacích algoritmov zverejnených " "tokenom.\n" "Najmä EC a DSA sú v špecifikácii PKCS#11 definované len s SHA1." #: ../ui/Options.ui:102 msgctxt "Options|" msgid "Only use hashes supported by the token when signing with a token key" msgstr "" "Použiť len odtlačky podporované tokenom pri podpisovaní kľúčom z tokenu" #: ../ui/Options.ui:83 msgctxt "Options|" msgid "Disable legacy Netscape extensions" msgstr "Vypnúť staré rozšírenia Netscape" #: ../ui/Options.ui:127 msgctxt "Options|" msgid "Certificate expiry warning threshold" msgstr "Hranica upozornenia vypršania platnosti certifikátu" #: ../ui/Options.ui:146 msgctxt "Options|" msgid "Send vCalendar expiry reminder" msgstr "Poslať pripomienku vCalendar o vypršaní platnosti" #: ../ui/Options.ui:157 msgctxt "Options|" msgid "Serial number length" msgstr "Dĺžka sériového čísla" #: ../ui/Options.ui:164 msgctxt "Options|" msgid " bit" msgstr " bit" #: ../ui/Options.ui:199 msgctxt "Options|" msgid "Distinguished name" msgstr "Rozlišovací názov" #: ../ui/Options.ui:205 msgctxt "Options|" msgid "Mandatory subject entries" msgstr "Povinné položky predmetu" #: ../ui/Options.ui:223 ../ui/Options.ui:284 ../ui/Options.ui:363 msgctxt "Options|" msgid "Add" msgstr "Pridať" #: ../ui/Options.ui:230 ../ui/Options.ui:291 msgctxt "Options|" msgid "Delete" msgstr "Odstrániť" #: ../ui/Options.ui:255 msgctxt "Options|" msgid "Explicit subject entries" msgstr "Explicitné položky predmetu" #: ../ui/Options.ui:273 msgctxt "Options|" msgid "Dynamically arrange explicit subject entries" msgstr "Dynamicky rozložiť explicitné položky predmetu" #: ../ui/Options.ui:298 msgctxt "Options|" msgid "Default" msgstr "Predvolené" #: ../ui/Options.ui:324 msgctxt "Options|" msgid "PKCS#11 provider" msgstr "Poskytovateľ PKCS#11" #: ../ui/Options.ui:376 msgctxt "Options|" msgid "Remove" msgstr "Odstrániť" #: ../ui/Options.ui:383 msgctxt "Options|" msgid "Search" msgstr "Hľadať" #: ../widgets/Options.cpp:32 msgctxt "Options|" msgid "Printable string or UTF8 (default)" msgstr "Tlačiteľné znaky alebo UTF-8 (predvolené)" #: ../widgets/Options.cpp:33 msgctxt "Options|" msgid "PKIX recommendation in RFC2459" msgstr "Odporúčania PKIX v RFC2459" #: ../widgets/Options.cpp:34 msgctxt "Options|" msgid "No BMP strings, only printable and T61" msgstr "Nie reťazce BMP, len tlačiteľné a T61" #: ../widgets/Options.cpp:35 msgctxt "Options|" msgid "UTF8 strings only (RFC2459)" msgstr "Len reťazce UTF-8 (RFC2459)" #: ../widgets/Options.cpp:36 msgctxt "Options|" msgid "All strings" msgstr "Všetky reťazce" #: ../widgets/Options.cpp:59 msgctxt "Options|" msgid "Days" msgstr "Dni" #: ../widgets/Options.cpp:59 msgctxt "Options|" msgid "Weeks" msgstr "Týždne" #: ../ui/PwDialog.ui:118 msgctxt "PwDialog|" msgid "" "The password is parsed as 2-digit hex code. It must have an even number of " "digits (0-9 and a-f)" msgstr "" "Heslo je spracované ako 2-ciferný šestnástkový kód. Musí mať párny počet " "číslic (0-9 a a-f)" #: ../ui/PwDialog.ui:121 msgctxt "PwDialog|" msgid "Take as HEX string" msgstr "Zadajte šestnástkový reťazec" #: ../widgets/PwDialog.cpp:85 #, qt-format msgctxt "PwDialog|" msgid "Repeat %1" msgstr "Opakovať %1" #: ../widgets/PwDialog.cpp:98 #, qt-format msgctxt "PwDialog|" msgid "%1 mismatch" msgstr "%1 nezhoda" #: ../widgets/PwDialog.cpp:105 msgctxt "PwDialog|" msgid "" "Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it " "must consist of an even number of characters" msgstr "" "Šestnástkové heslo môže obsahovať len znaky „0” – „9” a „a” – „f” a musí mať " "párny počet znakov" #: ../widgets/PwDialog.cpp:131 msgctxt "PwDialog|" msgid "E&xit" msgstr "S&končiť" #: ../lib/asn1time.cpp:155 msgctxt "QObject|" msgid "Undefined" msgstr "Nedefinované" #: ../lib/asn1time.cpp:157 msgctxt "QObject|" msgid "Broken / Invalid" msgstr "Poškodený/Neplatný" #: ../lib/asn1time.cpp:203 #, qt-format msgctxt "QObject|" msgid "in %1 seconds" msgstr "za %1 sekúnd" #: ../lib/asn1time.cpp:204 #, qt-format msgctxt "QObject|" msgid "%1 seconds ago" msgstr "pred %1 sekundami" #: ../lib/asn1time.cpp:207 #, qt-format msgctxt "QObject|" msgid "in %1 minutes" msgstr "za %1 minút" #: ../lib/asn1time.cpp:208 #, qt-format msgctxt "QObject|" msgid "%1 minutes ago" msgstr "pred %1 minútami" #: ../lib/asn1time.cpp:210 msgctxt "QObject|" msgid "Yesterday" msgstr "Včera" #: ../lib/asn1time.cpp:212 msgctxt "QObject|" msgid "Tomorrow" msgstr "Zajtra" #: ../lib/asn1time.cpp:215 #, qt-format msgctxt "QObject|" msgid "in %1 hours" msgstr "za %1 hodiny" #: ../lib/asn1time.cpp:216 #, qt-format msgctxt "QObject|" msgid "%1 hours ago" msgstr "pred %1 hodinami" #: ../lib/db.cpp:222 #, qt-format msgctxt "QObject|" msgid "DB: Rename: '%1' already in use" msgstr "Premenovanie DB: „%1” už je použité" #: ../lib/db.cpp:226 #, qt-format msgctxt "QObject|" msgid "DB: Entry to rename not found: %1" msgstr "DB: Položka na premenovanie nenájdená: %1" #: ../lib/db.cpp:236 #, qt-format msgctxt "QObject|" msgid "DB: Write error %1 - %2" msgstr "DB: Chyba zápisu %1 – %2" #: ../lib/db.cpp:565 ../lib/db.cpp:582 msgctxt "QObject|" msgid "Out of data" msgstr "Nedostatok dát" #: ../lib/db.cpp:605 msgctxt "QObject|" msgid "Error finding endmarker of string" msgstr "Chyba nájdenia koncovej značky reťazca" #: ../lib/exception.h:55 #, qt-format msgctxt "QObject|" msgid "Out of Memory at %1:%2" msgstr "Nedostatok pamäte na %1:%2" #: ../lib/load_obj.cpp:20 msgctxt "QObject|" msgid "All files ( * )" msgstr "Všetky súbory ( * )" #: ../lib/load_obj.cpp:57 msgctxt "QObject|" msgid "Import RSA key" msgstr "Importovať kľúč RSA" #: ../lib/load_obj.cpp:54 msgctxt "QObject|" msgid "" "PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; SSH Public " "Keys ( *.pub );;" msgstr "" "Kľúče PKI ( *.pem *.der *.key );;Kľúče PKCS#8 ( *.p8 *.pk8 );;Verejné kľúče " "SSH ( *.pub );;" #: ../lib/load_obj.cpp:69 msgctxt "QObject|" msgid "PKCS#10 CSR ( *.pem *.der *.csr );; " msgstr "Žiadosť PKCS#10 ( *.pem *.der *.csr );; " #: ../lib/load_obj.cpp:70 msgctxt "QObject|" msgid "Import Request" msgstr "Importovať Žiadosť" #: ../lib/load_obj.cpp:82 msgctxt "QObject|" msgid "Certificates ( *.pem *.der *.crt *.cer );;" msgstr "Certifikáty ( *.pem *.der *.crt *.cer );;" #: ../lib/load_obj.cpp:83 msgctxt "QObject|" msgid "Import X.509 Certificate" msgstr "Importovať Certifikát X.509" #: ../lib/load_obj.cpp:95 msgctxt "QObject|" msgid "PKCS#7 data ( *.p7s *.p7m *.p7b );;" msgstr "Dáta PKCS#7 ( *.p7s *.p7m *.p7b );;" #: ../lib/load_obj.cpp:96 msgctxt "QObject|" msgid "Import PKCS#7 Certificates" msgstr "Importovať Certifikáty PKCS#7" #: ../lib/load_obj.cpp:108 msgctxt "QObject|" msgid "PKCS#12 Certificates ( *.p12 *.pfx );;" msgstr "Certifikáty PKCS#12 ( *.p12 *.pfx );;" #: ../lib/load_obj.cpp:109 msgctxt "QObject|" msgid "Import PKCS#12 Private Certificate" msgstr "Importovať Súkromný certifikát PKCS#12" #: ../lib/load_obj.cpp:122 msgctxt "QObject|" msgid "XCA templates ( *.xca );;" msgstr "Šablóny XCA ( *.xca );;" #: ../lib/load_obj.cpp:123 msgctxt "QObject|" msgid "Import XCA Templates" msgstr "Importovať Šablóny XCA" #: ../lib/load_obj.cpp:135 msgctxt "QObject|" msgid "Revocation lists ( *.pem *.der *.crl );;" msgstr "Zoznamy odvolaných ( *.pem *.der *.crl );;" #: ../lib/load_obj.cpp:136 msgctxt "QObject|" msgid "Import Certificate Revocation List" msgstr "Importovať Zoznam odvolaných certifikátov" #: ../lib/load_obj.cpp:148 msgctxt "QObject|" msgid "XCA Databases ( *.xdb );;" msgstr "Databázy XCA ( *.xdb );;" #: ../lib/load_obj.cpp:149 msgctxt "QObject|" msgid "Open XCA Database" msgstr "Otvoriť databázu XCA" #: ../lib/load_obj.cpp:157 msgctxt "QObject|" msgid "PKCS#11 library ( *.dll );;" msgstr "Knižnica PKCS#11 ( *.dll );;" #: ../lib/load_obj.cpp:159 msgctxt "QObject|" msgid "PKCS#11 library ( *.dylib *.so );;" msgstr "Knižnica PKCS#11 ( *.dylib *.so );;" #: ../lib/load_obj.cpp:161 msgctxt "QObject|" msgid "PKCS#11 library ( *.so );;" msgstr "Knižnica PKCS#11 ( *.so );;" #: ../lib/load_obj.cpp:163 msgctxt "QObject|" msgid "Open PKCS#11 shared library" msgstr "Otvoriť zdieľanú knižnicu PKCS#11" #: ../lib/load_obj.cpp:170 msgctxt "QObject|" msgid "PEM files ( *.pem );;" msgstr "Súbory PEM ( *.pem );;" #: ../lib/load_obj.cpp:171 msgctxt "QObject|" msgid "Load PEM encoded file" msgstr "Načítať súbor kódovaný PEM" #: ../lib/pkcs11.cpp:245 msgctxt "QObject|" msgid "Please enter the PIN on the PinPad" msgstr "Prosím, zadajte PIN na PinPad-e" #: ../lib/pkcs11.cpp:256 #, qt-format msgctxt "QObject|" msgid "Please enter the SO PIN (PUK) of the token %1" msgstr "Prosím, zadajte SO PIN (PUK) tokenu %1" #: ../lib/pkcs11.cpp:257 #, qt-format msgctxt "QObject|" msgid "Please enter the PIN of the token %1" msgstr "Prosím, zadajte PIN tokenu %1" #: ../lib/pkcs11.cpp:310 msgctxt "QObject|" msgid "No Security token found" msgstr "Nebol nájdený bezpečnostný token" #: ../lib/pkcs11.cpp:321 msgctxt "QObject|" msgid "Select" msgstr "Zvoliť" #: ../lib/pkcs11.cpp:344 #, qt-format msgctxt "QObject|" msgid "Please enter the new SO PIN (PUK) for the token: '%1'" msgstr "Prosím, zadajte nový SO PIN (PUK) tokenu: „%1”" #: ../lib/pkcs11.cpp:346 #, qt-format msgctxt "QObject|" msgid "Please enter the new PIN for the token: '%1'" msgstr "Prosím, zadajte nový PIN tokenu: '%1'" #: ../lib/pkcs11.h:92 #, qt-format msgctxt "QObject|" msgid "Required PIN size: %1 - %2" msgstr "Požadovaná veľkosť PIN: %1 - %2" #: ../lib/pkcs11_lib.cpp:35 #, qt-format msgctxt "QObject|" msgid "Failed to open PKCS11 library: %1: %2" msgstr "Zlyhalo otvorenie knižnice PKCS#11: %1: %2" #: ../lib/pkcs11_lib.cpp:41 msgctxt "QObject|" msgid "" "This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not " "found." msgstr "" "Toto nevyzerá ako knižnica PKCS#11. Symbol 'C_GetFunctionList' nenájdený." #: ../lib/pkcs11_lib.cpp:123 msgctxt "QObject|" msgid "Disabled" msgstr "Vypnuté" #: ../lib/pkcs11_lib.cpp:127 msgctxt "QObject|" msgid "Library loading failed" msgstr "Načítanie knižnice zlyhalo" #: ../lib/pkcs11_lib.cpp:312 #, qt-format msgctxt "QObject|" msgid "PKCS#11 function '%1' failed: %2" msgstr "Funkcia PKCS#11 „%1” zlyhala: %2" #: ../lib/pkcs11_lib.cpp:320 #, qt-format msgctxt "QObject|" msgid "" "PKCS#11 function '%1' failed: %2\n" "In library %3\n" "%4" msgstr "" "Funkcia PKCS#11 „%1” zlyhala: %2\n" "V knižnici %3\n" "%4" #: ../lib/x509name.cpp:116 msgctxt "QObject|" msgid "Invalid" msgstr "Neplatné" #: ../lib/x509name.cpp:240 #, qt-format msgctxt "QObject|" msgid "%1 is shorter than %2 bytes: '%3'" msgstr "%1 je kratšie ako %2 B: „%3”" #: ../lib/x509name.cpp:245 #, qt-format msgctxt "QObject|" msgid "%1 is longer than %2 bytes: '%3'" msgstr "%1 je dlhšie ako %2 B: „%3”" #: ../lib/x509v3ext.cpp:85 #, qt-format msgctxt "QObject|" msgid "String '%1' for '%2' contains invalid characters" msgstr "Reťazec „%1” pre „%2” obsahuje neplatné znaky" #: ../lib/oid.cpp:49 #, qt-format msgctxt "QObject|" msgid "Error reading config file %1 at line %2" msgstr "Chyba čítania konfiguračného súboru %1 na riadku %2" #: ../lib/oid.cpp:84 #, qt-format msgctxt "QObject|" msgid "" "The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and " "should be removed." msgstr "" "Objekt „%1” zo súboru %2 riadok %3 je už známy ako „%4:%5:%6” a mal by byť " "odstránený." #: ../lib/oid.cpp:93 #, qt-format msgctxt "QObject|" msgid "" "The identifier '%1' for OID %2 from file %3 line %4 is already used for a " "different OID as '%5:%6:%7' and should be changed to avoid conflicts." msgstr "" "Identifikátor „%1” pre OID %2 zo súboru %3 riadok %4 je už použitý pre iné " "OID ako „%5:%6:%7” a treba ho zmeniť, aby ste predišli konfliktom." #: ../lib/oid.cpp:177 #, qt-format msgctxt "QObject|" msgid "Unknown object '%1' in file %2 line %3" msgstr "Neznámy objekt „%1” v súbore %2 riadok %3" #: ../lib/sql.h:55 msgctxt "QObject|" msgid "Failed to start a database transaction" msgstr "Zlyhala inicializácia DB transakcie" #: ../widgets/ReqTreeView.cpp:25 msgctxt "ReqTreeView|" msgid "Sign" msgstr "Podpísať" #: ../widgets/ReqTreeView.cpp:27 msgctxt "ReqTreeView|" msgid "Unmark signed" msgstr "Zrušiť označenie podpísané" #: ../widgets/ReqTreeView.cpp:30 msgctxt "ReqTreeView|" msgid "Mark signed" msgstr "Označiť podpísané" #: ../widgets/ReqTreeView.cpp:33 msgctxt "ReqTreeView|" msgid "Similar Request" msgstr "Podobné žiadosti" #: ../ui/RevocationList.ui:30 msgctxt "RevocationList|" msgid "Manage revocations" msgstr "Spravovať odvolania" #: ../ui/RevocationList.ui:96 msgctxt "RevocationList|" msgid "Add" msgstr "Pridať" #: ../ui/RevocationList.ui:103 msgctxt "RevocationList|" msgid "Delete" msgstr "Odstrániť" #: ../ui/RevocationList.ui:110 msgctxt "RevocationList|" msgid "Edit" msgstr "Upraviť" #: ../widgets/RevocationList.cpp:73 msgctxt "RevocationList|" msgid "No." msgstr "Č." #: ../widgets/RevocationList.cpp:73 msgctxt "RevocationList|" msgid "Serial" msgstr "Sériové číslo" #: ../widgets/RevocationList.cpp:73 msgctxt "RevocationList|" msgid "Revocation" msgstr "Odvolanie" #: ../widgets/RevocationList.cpp:73 msgctxt "RevocationList|" msgid "Reason" msgstr "Dôvod" #: ../widgets/RevocationList.cpp:74 msgctxt "RevocationList|" msgid "Invalidation" msgstr "Zneplatnenie" #: ../widgets/RevocationList.cpp:101 msgctxt "RevocationList|" msgid "Generate CRL" msgstr "Generovať CRL" #: ../ui/Revoke.ui:30 msgctxt "Revoke|" msgid "Certificate revocation" msgstr "Odvolanie certifikátu" #: ../ui/Revoke.ui:87 msgctxt "Revoke|" msgid "Revocation details" msgstr "Podrobnosti odvolania" #: ../ui/Revoke.ui:96 msgctxt "Revoke|" msgid "Revocation reason" msgstr "Dôvod odvolania" #: ../ui/Revoke.ui:110 msgctxt "Revoke|" msgid "Local time" msgstr "Lokálny čas" #: ../ui/Revoke.ui:117 msgctxt "Revoke|" msgid "Invalid since" msgstr "Neplatný od" #: ../ui/Revoke.ui:124 msgctxt "Revoke|" msgid "Serial" msgstr "Sériové číslo" #: ../ui/SearchPkcs11.ui:41 msgctxt "SearchPkcs11|" msgid "Directory" msgstr "Adresár" #: ../ui/SearchPkcs11.ui:57 msgctxt "SearchPkcs11|" msgid "..." msgstr "..." #: ../ui/SearchPkcs11.ui:64 msgctxt "SearchPkcs11|" msgid "Include subdirectories" msgstr "Zahrnúť podadresáre" #: ../ui/SearchPkcs11.ui:71 msgctxt "SearchPkcs11|" msgid "Search" msgstr "Hľadať" #: ../widgets/SearchPkcs11.cpp:77 msgctxt "SearchPkcs11|" msgid "The following files are possible PKCS#11 libraries" msgstr "nasledujúce súbory sú možné knižnice PKCS#11" #: ../ui/SelectToken.ui:39 msgctxt "SelectToken|" msgid "Security token" msgstr "Bezpečnostný token" #: ../ui/SelectToken.ui:86 msgctxt "SelectToken|" msgid "Please select the security token" msgstr "Prosím, vyberte bezpečnostný token" #: ../widgets/TempTreeView.cpp:22 msgctxt "TempTreeView|" msgid "Duplicate" msgstr "Duplikát" #: ../widgets/TempTreeView.cpp:23 msgctxt "TempTreeView|" msgid "Create certificate" msgstr "Vytvoriť certifikát" #: ../widgets/TempTreeView.cpp:24 msgctxt "TempTreeView|" msgid "Create request" msgstr "Vytvoriť žiadosť" #: ../widgets/TempTreeView.cpp:35 msgctxt "TempTreeView|" msgid "copy" msgstr "kopírovať" #: ../widgets/validity.cpp:94 msgctxt "Validity|" msgid "yyyy-MM-dd hh:mm" msgstr "d. MMM yyyy hh:mm" #: ../widgets/X509SuperTreeView.cpp:25 msgctxt "X509SuperTreeView|" msgid "OpenSSL config" msgstr "Konfigurácia OpenSSL" #: ../widgets/X509SuperTreeView.cpp:26 msgctxt "X509SuperTreeView|" msgid "Transform" msgstr "Transformovať" #: ../widgets/X509SuperTreeView.cpp:27 msgctxt "X509SuperTreeView|" msgid "Template" msgstr "Šablóna" #: ../widgets/X509SuperTreeView.cpp:28 msgctxt "X509SuperTreeView|" msgid "Public key" msgstr "Verejný kľúč" #: ../widgets/XcaTreeView.cpp:318 msgctxt "XcaTreeView|" msgid "Subject entries" msgstr "Položky predmetu" #: ../widgets/XcaTreeView.cpp:319 msgctxt "XcaTreeView|" msgid "X509v3 Extensions" msgstr "Rozšírenia X509v3" #: ../widgets/XcaTreeView.cpp:320 msgctxt "XcaTreeView|" msgid "Netscape extensions" msgstr "Rozšírenia Netscape" #: ../widgets/XcaTreeView.cpp:321 msgctxt "XcaTreeView|" msgid "Reset" msgstr "Vymazať" #: ../widgets/XcaTreeView.cpp:324 msgctxt "XcaTreeView|" msgid "Hide Column" msgstr "Odstrániť stĺpec" #: ../widgets/XcaTreeView.cpp:326 msgctxt "XcaTreeView|" msgid "Details" msgstr "Podrobnosti" #: ../widgets/XcaTreeView.cpp:377 msgctxt "XcaTreeView|" msgid "Columns" msgstr "Stĺpce" #: ../widgets/XcaTreeView.cpp:405 msgctxt "XcaTreeView|" msgid "New" msgstr "Nový" #: ../widgets/XcaTreeView.cpp:406 msgctxt "XcaTreeView|" msgid "Import" msgstr "Importovať" #: ../widgets/XcaTreeView.cpp:407 msgctxt "XcaTreeView|" msgid "Paste PEM data" msgstr "Vložiť dáta PEM" #: ../widgets/XcaTreeView.cpp:411 msgctxt "XcaTreeView|" msgid "Rename" msgstr "Premenovať" #: ../widgets/XcaTreeView.cpp:412 msgctxt "XcaTreeView|" msgid "Properties" msgstr "Vlastnosti" #: ../widgets/XcaTreeView.cpp:415 msgctxt "XcaTreeView|" msgid "Delete" msgstr "Odstrániť" #: ../widgets/XcaTreeView.cpp:417 msgctxt "XcaTreeView|" msgid "Export" msgstr "Exportovať" #: ../widgets/XcaTreeView.cpp:418 msgctxt "XcaTreeView|" msgid "Clipboard" msgstr "Schránka" #: ../widgets/XcaTreeView.cpp:420 msgctxt "XcaTreeView|" msgid "File" msgstr "Súbor" #: ../lib/db_base.cpp:177 msgctxt "db_base|" msgid "Internal name" msgstr "Interný názov" #: ../lib/db_base.cpp:178 msgctxt "db_base|" msgid "No." msgstr "Č." #: ../lib/db_base.cpp:179 msgctxt "db_base|" msgid "Primary key" msgstr "Primárny kľúč" #: ../lib/db_base.cpp:180 msgctxt "db_base|" msgid "Database unique number" msgstr "Jedinečné číslo databázy" #: ../lib/db_base.cpp:181 msgctxt "db_base|" msgid "Date" msgstr "Dátum" #: ../lib/db_base.cpp:182 msgctxt "db_base|" msgid "Date of creation or insertion" msgstr "Dátum vytvorenia alebo vloženia" #: ../lib/db_base.cpp:183 msgctxt "db_base|" msgid "Source" msgstr "Zdroj" #: ../lib/db_base.cpp:184 msgctxt "db_base|" msgid "Generated, Imported, Transformed" msgstr "Generovaný, Importovaný, Transformovaný" #: ../lib/db_base.cpp:185 msgctxt "db_base|" msgid "Comment" msgstr "Komentár" #: ../lib/db_base.cpp:186 msgctxt "db_base|" msgid "First line of the comment field" msgstr "Prvý riadok poľa komentára" #: ../lib/db_base.cpp:391 #, qt-format msgctxt "db_base|" msgid "Could not create directory %1" msgstr "Nemožno vytvoriť zložku %1" #: ../lib/db_base.cpp:642 msgctxt "db_base|" msgid "Item properties" msgstr "Vlastnosti položky" #: ../lib/db_base.cpp:680 #, qt-format msgctxt "db_base|" msgid "How to export the %1 selected items" msgstr "Ako exportovať %1 zvolených položiek" #: ../lib/db_base.cpp:682 msgctxt "db_base|" msgid "All in one PEM file" msgstr "Všetky v jednom súbore PEM" #: ../lib/db_base.cpp:683 msgctxt "db_base|" msgid "Each item in one file" msgstr "Každá položka v samostatnom súbore" #: ../lib/db_base.cpp:696 #, qt-format msgctxt "db_base|" msgid "Save %1 items in one file as" msgstr "Uložiť %1 položiek v jednom súbore ako" #: ../lib/db_base.cpp:697 msgctxt "db_base|" msgid "PEM files ( *.pem );; All files ( * )" msgstr "Súbory PEM ( *.pem );; Všetky súbory ( * )" #: ../lib/db_crl.cpp:34 msgctxt "db_crl|" msgid "Signer" msgstr "Vydavateľ" #: ../lib/db_crl.cpp:35 msgctxt "db_crl|" msgid "Internal name of the signer" msgstr "Interný názov vydavateľa" #: ../lib/db_crl.cpp:36 msgctxt "db_crl|" msgid "No. revoked" msgstr "Počet odvolaných" #: ../lib/db_crl.cpp:37 msgctxt "db_crl|" msgid "Number of revoked certificates" msgstr "Počet odvolaných certifikátov" #: ../lib/db_crl.cpp:38 msgctxt "db_crl|" msgid "Last update" msgstr "Posledná aktualizácia" #: ../lib/db_crl.cpp:39 msgctxt "db_crl|" msgid "Next update" msgstr "Nasled. aktualizácia" #: ../lib/db_crl.cpp:40 msgctxt "db_crl|" msgid "CRL number" msgstr "Číslo CRL" #: ../lib/db_crl.cpp:106 #, qt-format msgctxt "db_crl|" msgid "" "The revocation list already exists in the database as:\n" "'%1'\n" "and so it was not imported" msgstr "" "Zoznam odvolaní už v databáze existuje ako:\n" "„%1”,\n" "a tak nebol importovaný" #: ../lib/db_crl.cpp:161 msgctxt "db_crl|" msgid "Revocation list export" msgstr "Export Zoznamu odvolaných" #: ../lib/db_crl.cpp:162 msgctxt "db_crl|" msgid "CRL ( *.pem *.der *.crl )" msgstr "CRL ( *.pem *.der *.crl )" #: ../lib/db_crl.cpp:228 msgctxt "db_crl|" msgid "There are no CA certificates for CRL generation" msgstr "Neexistujú certifikáty CA na generovanie CRL" #: ../lib/db_crl.cpp:236 msgctxt "db_crl|" msgid "Select CA certificate" msgstr "vyberte certifikát CA" #: ../lib/db_crl.cpp:257 msgctxt "db_crl|" msgid "Create CRL" msgstr "Vytvoriť CRL" #: ../lib/db_crl.cpp:301 msgctxt "db_crl|" msgid "Failed to initiate DB transaction" msgstr "Zlyhala inicializácia DB transakcie" #: ../lib/db_crl.cpp:311 ../lib/db_crl.cpp:319 ../lib/db_crl.cpp:323 #, qt-format msgctxt "db_crl|" msgid "Database error: %1" msgstr "Chyba databázy: %1" #: ../lib/db_key.cpp:65 msgctxt "db_key|" msgid "Type" msgstr "Typ" #: ../lib/db_key.cpp:66 msgctxt "db_key|" msgid "Size" msgstr "Veľkosť" #: ../lib/db_key.cpp:68 msgctxt "db_key|" msgid "EC Group" msgstr "Skupina EC" #: ../lib/db_key.cpp:70 msgctxt "db_key|" msgid "Use" msgstr "Použiť" #: ../lib/db_key.cpp:71 msgctxt "db_key|" msgid "Password" msgstr "Heslo" #: ../lib/db_key.cpp:143 #, qt-format msgctxt "db_key|" msgid "" "The key is already in the database as:\n" "'%1'\n" "and is not going to be imported" msgstr "" "Kľúč už je v databáze ako:\n" "„%1”,\n" "a tak nebude importovaný" #: ../lib/db_key.cpp:148 #, qt-format msgctxt "db_key|" msgid "" "The database already contains the public part of the imported key as\n" "'%1\n" "and will be completed by the new, private part of the key" msgstr "" "Databáza už obsahuje verejnú časť importovaného kľúča ako\n" "„%1”\n" "a bude doplnená novou, súkromnou, časťou kľúča" #: ../lib/db_key.cpp:150 #, qt-format msgctxt "db_key|" msgid "Extending public key from %1 by imported key '%2'" msgstr "Rozšírenie verejného kľúča z %1 importovaním kľúča „%2”" #: ../lib/db_key.cpp:185 msgctxt "db_key|" msgid "Key size too small !" msgstr "Dĺžka kľúča je príliš malá!" #: ../lib/db_key.cpp:190 #, qt-format msgctxt "db_key|" msgid "You are sure to create a key of the size: %1 ?" msgstr "Naozaj chcete vytvoriť kľúč s veľkosťou: %1?" #: ../lib/db_key.cpp:272 ../lib/db_key.cpp:309 msgctxt "db_key|" msgid "PEM public" msgstr "PEM verejný" #: ../lib/db_key.cpp:275 ../lib/db_key.cpp:313 msgctxt "db_key|" msgid "SSH2 public" msgstr "SSH2 verejný" #: ../lib/db_key.cpp:278 ../lib/db_key.cpp:325 msgctxt "db_key|" msgid "PEM private" msgstr "PEM súkromný" #: ../lib/db_key.cpp:283 msgctxt "db_key|" msgid "Export keys to Clipboard" msgstr "Exportovať kľúče do schránky" #: ../lib/db_key.cpp:286 msgctxt "db_key|" msgid "Clipboard" msgstr "Schránka" #: ../lib/db_key.cpp:299 #, qt-format msgctxt "db_key|" msgid "Export public key [%1]" msgstr "Exportovať verejný kľúč [%1]" #: ../lib/db_key.cpp:310 msgctxt "db_key|" msgid "DER public" msgstr "DER verejný" #: ../lib/db_key.cpp:318 msgctxt "db_key|" msgid "DER private" msgstr "DER súkromný" #: ../lib/db_key.cpp:320 msgctxt "db_key|" msgid "PEM encryped" msgstr "PEM šifrovaný" #: ../lib/db_key.cpp:327 msgctxt "db_key|" msgid "PKCS#8 encrypted" msgstr "PKCS#8 šifrovaný" #: ../lib/db_key.cpp:328 #, qt-format msgctxt "db_key|" msgid "Export private key [%1]" msgstr "Exportovať súkromný kľúč [%1]" #: ../lib/db_key.cpp:333 msgctxt "db_key|" msgid "Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub )" msgstr "Súkromné kľúče ( *.pem *.der *.pk8 );; Verejné kľúče SSH ( *.pub )" #: ../lib/db_key.cpp:403 msgctxt "db_key|" msgid "Tried to change password of a token" msgstr "Vyskúšaná zmena hesla tokenu" #: ../lib/db_temp.cpp:54 #, qt-format msgctxt "db_temp|" msgid "Bad template: %1" msgstr "Zlá šablóna: %1" #: ../lib/db_temp.cpp:37 msgctxt "db_temp|" msgid "Empty template" msgstr "Prázdna šablóna" #: ../lib/db_temp.cpp:100 msgctxt "db_temp|" msgid "Preset Template values" msgstr "Predvoľby hodnôt zo šablóny" #: ../lib/db_temp.cpp:138 msgctxt "db_temp|" msgid "Save template as" msgstr "Uložiť šablónu ako" #: ../lib/db_temp.cpp:139 msgctxt "db_temp|" msgid "XCA templates ( *.xca );; All files ( * )" msgstr "Šablóny XCA ( *.xca );; Všetky súbory ( * )" #: ../lib/db_x509.cpp:67 msgctxt "db_x509|" msgid "CA" msgstr "CA" #: ../lib/db_x509.cpp:68 msgctxt "db_x509|" msgid "reflects the basic Constraints extension" msgstr "Odráža rozšírenie Základné obmedzenia" #: ../lib/db_x509.cpp:69 msgctxt "db_x509|" msgid "Serial" msgstr "Sériové číslo" #: ../lib/db_x509.cpp:73 msgctxt "db_x509|" msgid "Start date" msgstr "Dátum začiatku" #: ../lib/db_x509.cpp:75 msgctxt "db_x509|" msgid "Expiry date" msgstr "Dátum vypršania" #: ../lib/db_x509.cpp:70 msgctxt "db_x509|" msgid "MD5 fingerprint" msgstr "Odtlačok MD5" #: ../lib/db_x509.cpp:71 msgctxt "db_x509|" msgid "SHA1 fingerprint" msgstr "Odtlačok SHA1" #: ../lib/db_x509.cpp:72 msgctxt "db_x509|" msgid "SHA256 fingerprint" msgstr "Odtlačok SHA256" #: ../lib/db_x509.cpp:74 msgctxt "db_x509|" msgid "Not before" msgstr "Nie pred" #: ../lib/db_x509.cpp:76 msgctxt "db_x509|" msgid "Not after" msgstr "Nie po" #: ../lib/db_x509.cpp:77 msgctxt "db_x509|" msgid "Revocation" msgstr "Odvolanie" #: ../lib/db_x509.cpp:78 msgctxt "db_x509|" msgid "CRL Expiration" msgstr "CRL vypršania" #: ../lib/db_x509.cpp:152 msgctxt "db_x509|" msgid "Plain View" msgstr "Prosté zobrazenie" #: ../lib/db_x509.cpp:154 msgctxt "db_x509|" msgid "Tree View" msgstr "Stromové zobrazenie" #: ../lib/db_x509.cpp:336 msgctxt "db_x509|" msgid "Failed to retrieve unique random serial" msgstr "Zlyhalo získanie jedinečného náhodného sériového čísla" #: ../lib/db_x509.cpp:359 #, qt-format msgctxt "db_x509|" msgid "" "The certificate already exists in the database as:\n" "'%1'\n" "and so it was not imported" msgstr "" "Certifikát v databáze už existuje ako:\n" "„%1”,\n" "a tak nebol importovaný" #: ../lib/db_x509.cpp:403 #, qt-format msgctxt "db_x509|" msgid "Signed on %1 by '%2'" msgstr "%1 podpísané „%2”" #: ../lib/db_x509.cpp:404 msgctxt "db_x509|" msgid "Unknown" msgstr "Neznáme" #: ../lib/db_x509.cpp:496 msgctxt "db_x509|" msgid "Invalid public key" msgstr "Neplatný verejný kľúč" #: ../lib/db_x509.cpp:654 msgctxt "db_x509|" msgid "PKCS#7 unrevoked" msgstr "Neodvolané PKCS#7" #: ../lib/db_x509.cpp:658 msgctxt "db_x509|" msgid "PEM unrevoked" msgstr "Neodvolané PEM" #: ../lib/db_x509.cpp:665 msgctxt "db_x509|" msgid "vCalendar" msgstr "vCalendar" #: ../lib/db_x509.cpp:669 msgctxt "db_x509|" msgid "CA vCalendar" msgstr "CA vCalendar" #: ../lib/db_x509.cpp:1094 msgctxt "db_x509|" msgid "days" msgstr "dní" #: ../lib/db_x509.cpp:1103 msgctxt "db_x509|" msgid "No template" msgstr "Bez šablóny" #: ../lib/db_x509.cpp:522 msgctxt "db_x509|" msgid "The key you selected for signing is not a private one." msgstr "Kľúč, zvolený na podpísanie, nie je súkromný." #: ../lib/db_x509.cpp:564 #, qt-format msgctxt "db_x509|" msgid "Store the certificate to the key on the token '%1 (#%2)' ?" msgstr "Uložiť certifikát do kľúča na tokene „%1 (#%2)”?" #: ../lib/db_x509.cpp:631 msgctxt "db_x509|" msgid "PEM chain" msgstr "Reťaz PEM" #: ../lib/db_x509.cpp:633 msgctxt "db_x509|" msgid "PKCS#7 chain" msgstr "Reťaz PKCS #7" #: ../lib/db_x509.cpp:639 msgctxt "db_x509|" msgid "PKCS#12 chain" msgstr "Reťaz PKCS#12" #: ../lib/db_x509.cpp:656 msgctxt "db_x509|" msgid "PKCS#7 all" msgstr "PKCS#7 všetky" #: ../lib/db_x509.cpp:648 msgctxt "db_x509|" msgid "PEM + key" msgstr "PEM + kľúč" #: ../lib/db_x509.cpp:660 msgctxt "db_x509|" msgid "PEM all" msgstr "PEM všetky" #: ../lib/db_x509.cpp:662 msgctxt "db_x509|" msgid "Certificate Index file" msgstr "Súbor indexu certifikátov" #: ../lib/db_x509.cpp:672 msgctxt "db_x509|" msgid "Certificate export" msgstr "Export certifikátu" #: ../lib/db_x509.cpp:673 msgctxt "db_x509|" msgid "X509 Certificates ( *.pem *.cer *.crt *.p12 *.p7b )" msgstr "Certifikáty X509 ( *.pem *.cer *.crt *.p12 *.p7b )" #: ../lib/db_x509.cpp:737 ../lib/db_x509.cpp:803 #, qt-format msgctxt "db_x509|" msgid "There was no key found for the Certificate: '%1'" msgstr "Nebol nájdený kľúč certifikátu: „%1”" #: ../lib/db_x509.cpp:742 #, qt-format msgctxt "db_x509|" msgid "Not possible for a token key: '%1'" msgstr "Nie je možné pre kľúč tokenu: „%1”" #: ../lib/db_x509.cpp:807 #, qt-format msgctxt "db_x509|" msgid "Not possible for the token-key Certificate '%1'" msgstr "Nie je možné pre Certifikát kľúča tokenu „%1”" #: ../lib/db_x509super.cpp:24 msgctxt "db_x509name|" msgid "Subject" msgstr "Predmet" #: ../lib/db_x509super.cpp:25 msgctxt "db_x509name|" msgid "Complete distinguished name" msgstr "Úplný rozlišovací názov" #: ../lib/db_x509super.cpp:26 msgctxt "db_x509name|" msgid "Subject hash" msgstr "Odtlačok predmetu" #: ../lib/db_x509super.cpp:27 msgctxt "db_x509name|" msgid "Hash to lookup certs in directories" msgstr "Odtlačok na hľadanie certifikátov v adresároch" #: ../lib/db_x509req.cpp:31 msgctxt "db_x509req|" msgid "Signed" msgstr "Podpísaný" #: ../lib/db_x509req.cpp:32 msgctxt "db_x509req|" msgid "whether the request is already signed or not" msgstr "Či už bola žiadosť podpísaná alebo nie" #: ../lib/db_x509req.cpp:33 msgctxt "db_x509req|" msgid "Unstructured name" msgstr "Neštruktúrovaný názov" #: ../lib/db_x509req.cpp:35 msgctxt "db_x509req|" msgid "Challenge password" msgstr "Heslo výzvy" #: ../lib/db_x509req.cpp:37 msgctxt "db_x509req|" msgid "Certificate count" msgstr "Počet certifikátov" #: ../lib/db_x509req.cpp:38 msgctxt "db_x509req|" msgid "Number of certificates in the database with the same public key" msgstr "Počet certifikátov s rovnakým verejným kľúčom v databáze" #: ../lib/db_x509req.cpp:55 #, qt-format msgctxt "db_x509req|" msgid "" "The certificate signing request already exists in the database as\n" "'%1'\n" "and thus was not stored" msgstr "" "Žiadosť o podpísanie certifikátu už v databáze existuje ako\n" "„%1”,\n" "a tak nebola uložená" #: ../lib/db_x509req.cpp:132 msgctxt "db_x509req|" msgid "Certificate request export" msgstr "Export Žiadosti o certifikát" #: ../lib/db_x509req.cpp:133 msgctxt "db_x509req|" msgid "Certificate request ( *.pem *.der *.csr )" msgstr "Žiadosť o certifikát ( *.pem *.der *.csr )" #: ../lib/db_x509super.cpp:78 msgctxt "db_x509super|" msgid "Key name" msgstr "Názov kľúča" #: ../lib/db_x509super.cpp:79 msgctxt "db_x509super|" msgid "Internal name of the key" msgstr "Interný názov kľúča" #: ../lib/db_x509super.cpp:80 msgctxt "db_x509super|" msgid "Signature algorithm" msgstr "Algoritmus podpisu" #: ../lib/db_x509super.cpp:134 #, qt-format msgctxt "db_x509super|" msgid "Extracted from %1 '%2'" msgstr "Vyňaté z %1 „%2”" #: ../lib/db_x509super.cpp:136 ../lib/db_x509super.cpp:188 msgctxt "db_x509super|" msgid "Certificate" msgstr "Certifikát" #: ../lib/db_x509super.cpp:136 ../lib/db_x509super.cpp:188 msgctxt "db_x509super|" msgid "Certificate request" msgstr "Žiadosť o certifikát" #: ../lib/db_x509super.cpp:152 msgctxt "db_x509super|" msgid "Save as OpenSSL config" msgstr "Uložiť ako konfiguráciu OpenSSL" #: ../lib/db_x509super.cpp:153 msgctxt "db_x509super|" msgid "Config files ( *.conf *.cnf);; All files ( * )" msgstr "Konfiguračné súbory ( *.conf *.cnf );; Všetky súbory ( * )" #: ../lib/db_x509super.cpp:175 msgctxt "db_x509super|" msgid "The following extensions were not ported into the template" msgstr "Do šablóny neboli prenesené nasledujúce rozšírenia" #: ../lib/db_x509super.cpp:186 #, qt-format msgctxt "db_x509super|" msgid "Transformed from %1 '%2'" msgstr "Transformované z %1 „%2”" #: ../widgets/kvView.cpp:164 msgctxt "kvView|" msgid "Type" msgstr "Typ" #: ../widgets/kvView.cpp:164 msgctxt "kvView|" msgid "Content" msgstr "Obsah" #: ../lib/pass_info.cpp:21 msgctxt "pass_info|" msgid "Password" msgstr "Heslo" #: ../lib/pass_info.cpp:27 msgctxt "pass_info|" msgid "PIN" msgstr "PIN" #: ../lib/pki_base.cpp:123 #, qt-format msgctxt "pki_base|" msgid "Error opening file: '%1': %2" msgstr "Chyba otvorenia súboru: „%1”: %2" #: ../lib/pki_base.cpp:292 msgctxt "pki_base|" msgid "Unknown" msgstr "Neznáme" #: ../lib/pki_base.cpp:293 msgctxt "pki_base|" msgid "Imported" msgstr "Importovaný" #: ../lib/pki_base.cpp:294 msgctxt "pki_base|" msgid "Generated" msgstr "Generovaný" #: ../lib/pki_base.cpp:295 msgctxt "pki_base|" msgid "Transformed" msgstr "Transformovaný" #: ../lib/pki_base.cpp:296 msgctxt "pki_base|" msgid "Token" msgstr "Token" #: ../lib/pki_base.cpp:297 msgctxt "pki_base|" msgid "Legacy Database" msgstr "Stará databáza" #: ../lib/pki_base.cpp:298 msgctxt "pki_base|" msgid "Renewed" msgstr "Obnovené" #: ../lib/pki_base.cpp:101 #, qt-format msgctxt "pki_base|" msgid "Internal error: Unexpected message: %1 %2" msgstr "Interná chyba: Neočakávaná správa: %1 %2" #: ../lib/pki_crl.cpp:61 #, qt-format msgctxt "pki_crl|" msgid "Successfully imported the revocation list '%1'" msgstr "Úspešne importovaný Zoznam odvolaní „%1”" #: ../lib/pki_crl.cpp:62 #, qt-format msgctxt "pki_crl|" msgid "Delete the revocation list '%1'?" msgstr "Odstrániť Zoznam odvolaní „%1”?" #: ../lib/pki_crl.cpp:63 #, qt-format msgctxt "pki_crl|" msgid "Successfully created the revocation list '%1'" msgstr "Úspešne vytvorený Zoznam odvolaní „%1”" #: ../lib/pki_crl.cpp:65 #, qt-format msgctxt "pki_crl|" msgid "Delete the %1 revocation lists: %2?" msgstr "Odstrániť %1 uoznamov odvolaní: %2?" #: ../lib/pki_crl.cpp:148 #, qt-format msgctxt "pki_crl|" msgid "" "Unable to load the revocation list in file %1. Tried PEM and DER formatted " "CRL." msgstr "" "Nemožno načítať zoznam odvolaní zo súboru %1. Vyskúšaný formát CRL PEM a DER." #: ../lib/pki_crl.cpp:164 msgctxt "pki_crl|" msgid "No issuer given" msgstr "Nebol zadaný vydavateľ" #: ../lib/pki_crl.cpp:222 #, qt-format msgctxt "pki_crl|" msgid "Wrong Size %1" msgstr "Zlá veľkosť %1" #: ../lib/pki_crl.cpp:438 #, qt-format msgctxt "pki_crl|" msgid "Renew CRL: %1" msgstr "Obnoviť CRL: %1" #: ../lib/pki_crl.cpp:439 #, qt-format msgctxt "pki_crl|" msgid "" "The XCA CRL '%1', issued by the CA '%2' on %3 will expire on %4.\n" "It is stored in the XCA database '%5'" msgstr "" "XCA CRL „%1”, vydané CA „%2” %3 vyprší %4.\n" "Je uložené v databáze XCA „%5”" #: ../lib/pki_evp.cpp:239 #, qt-format msgctxt "pki_evp|" msgid "Failed to decrypt the key (bad password) %1" msgstr "Zlyhalo dešifrovanie kľúča (zlé heslo) %1" #: ../lib/pki_evp.cpp:249 msgctxt "pki_evp|" msgid "Please enter the password to decrypt the private key." msgstr "Prosím, zadajte heslo na dešifrovanie súkromného kľúča." #: ../lib/pki_evp.cpp:304 #, qt-format msgctxt "pki_evp|" msgid "The key from file '%1' is incomplete or inconsistent." msgstr "Kľúč zo súboru „%1” je nekompletný ale nekonzistentný." #: ../lib/pki_evp.cpp:322 #, qt-format msgctxt "pki_evp|" msgid "" "Please enter the password to decrypt the private key from file:\n" "%1" msgstr "" "Prosím, zadajte heslo na dešifrovanie súkromného kľúča zo súboru:\n" "%1" #: ../lib/pki_evp.cpp:369 #, qt-format msgctxt "pki_evp|" msgid "" "Unable to load the private key in file %1. Tried PEM and DER private, " "public, PKCS#8 key types and SSH2 format." msgstr "" "Nemožno načítať súkromný kľúč zo súboru %1. Vyskúšaný PEM a DER súkromný, " "verejný, typy kľúčov PKCS#8 a formát SSH2." #: ../lib/pki_evp.cpp:400 msgctxt "pki_evp|" msgid "Ignoring unsupported private key" msgstr "Ignorujem nepodporovaný súkromný kľúč" #: ../lib/pki_evp.cpp:417 #, qt-format msgctxt "pki_evp|" msgid "Please enter the password to decrypt the private key: '%1'" msgstr "Prosím, zadajte heslo na dešifrovanie súkromného kľúča: „%1”" #: ../lib/pki_evp.cpp:420 ../lib/pki_evp.cpp:434 msgctxt "pki_evp|" msgid "Password input aborted" msgstr "Zadávanie hesla zrušené" #: ../lib/pki_evp.cpp:430 #, qt-format msgctxt "pki_evp|" msgid "Please enter the database password for decrypting the key '%1'" msgstr "Prosím, zadajte heslo databázy na dešifrovanie kľúča „%1”" #: ../lib/pki_evp.cpp:547 #, qt-format msgctxt "pki_evp|" msgid "Please enter the password to protect the private key: '%1'" msgstr "Prosím, zadajte heslo na ochranu súkromného kľúča: „%1”" #: ../lib/pki_evp.cpp:565 msgctxt "pki_evp|" msgid "Please enter the database password for encrypting the key" msgstr "Prosím, zadajte heslo databázy na zašifrovanie kľúča" #: ../lib/pki_evp.cpp:680 #, qt-format msgctxt "pki_evp|" msgid "Please enter the password protecting the PKCS#8 key '%1'" msgstr "Prosím, zadajte heslo na ochranu kľúča PKCS#8 „%1”" #: ../lib/pki_evp.cpp:735 #, qt-format msgctxt "pki_evp|" msgid "Please enter the export password for the private key '%1'" msgstr "Prosím, zadajte heslo exportu súkromného kľúča „%1”" #: ../lib/pki_key.cpp:200 #, qt-format msgctxt "pki_key|" msgid "Successfully imported the %1 public key '%2'" msgstr "Úspešne importovaný %1 verejný kľúč „%2”" #: ../lib/pki_key.cpp:201 #, qt-format msgctxt "pki_key|" msgid "Delete the %1 public key '%2'?" msgstr "Odstrániť %1 verejný kľúč „%2”?" #: ../lib/pki_key.cpp:206 #, qt-format msgctxt "pki_key|" msgid "Successfully imported the %1 private key '%2'" msgstr "Úspešne importovaný %1 súkromný kľúč „%2”" #: ../lib/pki_key.cpp:207 #, qt-format msgctxt "pki_key|" msgid "Delete the %1 private key '%2'?" msgstr "Odstrániť %1 súkromný kľúč „%2”?" #: ../lib/pki_key.cpp:208 #, qt-format msgctxt "pki_key|" msgid "Successfully created the %1 private key '%2'" msgstr "Úspešne vytvorený %1 súkromný kľúč „%2”" #: ../lib/pki_key.cpp:214 #, qt-format msgctxt "pki_key|" msgid "Delete the %1 keys: %2?" msgstr "Odstrániť %1 kľúčov: %2?" #: ../lib/pki_key.cpp:56 ../lib/pki_key.cpp:223 msgctxt "pki_key|" msgid "Public key" msgstr "Verejný kľúč" #: ../lib/pki_key.cpp:424 msgctxt "pki_key|" msgid "Common" msgstr "Spoločný" #: ../lib/pki_key.cpp:424 msgctxt "pki_key|" msgid "Private" msgstr "Súkromný" #: ../lib/pki_key.cpp:424 msgctxt "pki_key|" msgid "Bogus" msgstr "Pododný" #: ../lib/pki_key.cpp:424 msgctxt "pki_key|" msgid "PIN" msgstr "PIN" #: ../lib/pki_key.cpp:434 msgctxt "pki_key|" msgid "No password" msgstr "Bez hesla" #: ../lib/pki_key.cpp:530 ../lib/pki_key.cpp:624 #, qt-format msgctxt "pki_key|" msgid "Unexpected SSH2 content: '%1'" msgstr "Neočakávaný obsah SSH2: „%1”" #: ../lib/pki_key.cpp:550 ../lib/pki_key.cpp:556 msgctxt "pki_key|" msgid "Invalid SSH2 public key" msgstr "Neplatný verejný kľúč SSH2" #: ../lib/pki_key.cpp:732 #, qt-format msgctxt "pki_key|" msgid "Failed writing to %1" msgstr "Zlyhal zápis do %1" #: ../lib/pki_multi.cpp:127 msgctxt "pki_multi|" msgid "No known PEM encoded items found" msgstr "Nájdené neznáme kódované položky PEM" #: ../lib/pki_pkcs12.cpp:37 #, qt-format msgctxt "pki_pkcs12|" msgid "" "Please enter the password to decrypt the PKCS#12 file:\n" "%1" msgstr "" "Prosím, zadajte heslo na dešifrovanie súboru PKCS#12:\n" "%1" #: ../lib/pki_pkcs12.cpp:45 #, qt-format msgctxt "pki_pkcs12|" msgid "Unable to load the PKCS#12 (pfx) file %1." msgstr "Nemožno načítať súbor PKCS#12 (pfx) %1." #: ../lib/pki_pkcs12.cpp:60 #, qt-format msgctxt "pki_pkcs12|" msgid "The supplied password was wrong (%1)" msgstr "Zadané heslo je zlé (%1)" #: ../lib/pki_pkcs12.cpp:112 msgctxt "pki_pkcs12|" msgid "Please enter the password to encrypt the PKCS#12 file" msgstr "Prosím, zadajte heslo na zašifrovanie súboru PKCS#12" #: ../lib/pki_pkcs12.cpp:116 msgctxt "pki_pkcs12|" msgid "No key or no Cert and no pkcs12" msgstr "Nie je to kľúč, ani Certifikát a ani PKCS#12" #: ../lib/pki_pkcs7.cpp:160 #, qt-format msgctxt "pki_pkcs7|" msgid "Unable to load the PKCS#7 file %1. Tried PEM and DER format." msgstr "Nemožno načítať súbor PKCS#7 %1. Vyskúšaný formát PEM a DER." #: ../lib/pki_scard.cpp:59 #, qt-format msgctxt "pki_scard|" msgid "Successfully imported the token key '%1'" msgstr "Úspešne importovaný kľúč tokenu „%1”" #: ../lib/pki_scard.cpp:60 #, qt-format msgctxt "pki_scard|" msgid "Delete the token key '%1'?" msgstr "Odstrániť kľúč tokenu „%1”?" #: ../lib/pki_scard.cpp:61 #, qt-format msgctxt "pki_scard|" msgid "Successfully created the token key '%1'" msgstr "úspešne vytvorený kľúč tokenu „%1”" #: ../lib/pki_scard.cpp:63 #, qt-format msgctxt "pki_scard|" msgid "Delete the %1 keys: %2?" msgstr "Odstrániť %1 kľúčov: %2?" #: ../lib/pki_scard.cpp:365 #, qt-format msgctxt "pki_scard|" msgid "Delete the private key '%1' from the token '%2 (#%3)' ?" msgstr "Odstrániť súkromný kľúč „%1” z tokenu „%2 (#%3)”?" #: ../lib/pki_scard.cpp:438 msgctxt "pki_scard|" msgid "This Key is already on the token" msgstr "Tento kľúč už je na tokene" #: ../lib/pki_scard.cpp:524 msgctxt "pki_scard|" msgid "PIN input aborted" msgstr "Zadanie PIN zrušené" #: ../lib/pki_scard.cpp:536 msgctxt "pki_scard|" msgid "Unable to find copied key on the token" msgstr "Nemožno nájsť kópiu kľúča na tokene" #: ../lib/pki_scard.cpp:623 #, qt-format msgctxt "pki_scard|" msgid "Please insert card: %1 %2 [%3] with Serial: %4" msgstr "Prosím, vložte kartu: %1 %2 [%3] so sér. číslom: %4" #: ../lib/pki_scard.cpp:691 msgctxt "pki_scard|" msgid "Illegal Key generation method" msgstr "Neprípustná metóda generovania kľúča" #: ../lib/pki_scard.cpp:707 msgctxt "pki_scard|" msgid "Unable to find generated key on card" msgstr "Nemožno nájsť vygenerovaný kľúč na karte" #: ../lib/pki_scard.cpp:745 msgctxt "pki_scard|" msgid "Ignoring unsupported token key" msgstr "Ignorovanie nepodporovaného kľúča tokenu" #: ../lib/pki_scard.cpp:748 #, qt-format msgctxt "pki_scard|" msgid "Wrong Size %1" msgstr "Zlá veľkosť %1" #: ../lib/pki_scard.cpp:754 #, qt-format msgctxt "pki_scard|" msgid "Token %1" msgstr "Token %1" #: ../lib/pki_scard.cpp:763 ../lib/pki_scard.cpp:776 msgctxt "pki_scard|" msgid "Failed to find the key on the token" msgstr "Zlyhalo nájdenie kľúča na tokene" #: ../lib/pki_scard.cpp:770 msgctxt "pki_scard|" msgid "Invalid Pin for the token" msgstr "Neplatný PIN tokenu" #: ../lib/pki_scard.cpp:782 msgctxt "pki_scard|" msgid "Failed to initialize the key on the token" msgstr "Zlyhal inicializácia kľúča na tokene" #: ../lib/pki_temp.cpp:123 #, qt-format msgctxt "pki_temp|" msgid "Successfully imported the XCA template '%1'" msgstr "Úspešne importovaná šablóna XCA „%1”" #: ../lib/pki_temp.cpp:124 #, qt-format msgctxt "pki_temp|" msgid "Delete the XCA template '%1'?" msgstr "Odstrániť šablónu XCA „%1”?" #: ../lib/pki_temp.cpp:125 #, qt-format msgctxt "pki_temp|" msgid "Successfully created the XCA template '%1'" msgstr "Úspešne vytvorená šablóna XCA „%1”" #: ../lib/pki_temp.cpp:127 #, qt-format msgctxt "pki_temp|" msgid "Delete the %1 XCA templates: %2?" msgstr "Odstrániť %1 šablón XCA: %2?" #: ../lib/pki_temp.cpp:327 #, qt-format msgctxt "pki_temp|" msgid "Wrong Size %1" msgstr "Zlá veľkosť %1" #: ../lib/pki_temp.cpp:409 msgctxt "pki_temp|" msgid "Template file content error (too small)" msgstr "Chyba obsahu súboru šablóny (príliš malá)" #: ../lib/pki_temp.cpp:465 msgctxt "pki_temp|" msgid "Not a PEM encoded XCA Template" msgstr "Šablóna XCA nie je vo formáte PEM" #: ../lib/pki_temp.cpp:473 #, qt-format msgctxt "pki_temp|" msgid "Not an XCA Template, but '%1'" msgstr "Nie je šablóna XCA, ale „%1”" #: ../lib/pki_x509.cpp:68 #, qt-format msgctxt "pki_x509|" msgid "Successfully imported the certificate '%1'" msgstr "Úspešne importovaný certifikát „%1”" #: ../lib/pki_x509.cpp:69 #, qt-format msgctxt "pki_x509|" msgid "Delete the certificate '%1'?" msgstr "Odstrániť certifikát „%1”?" #: ../lib/pki_x509.cpp:70 #, qt-format msgctxt "pki_x509|" msgid "Successfully created the certificate '%1'" msgstr "Úspešne vytvorený certifikát „%1”" #: ../lib/pki_x509.cpp:72 #, qt-format msgctxt "pki_x509|" msgid "Delete the %1 certificates: %2?" msgstr "Odstrániť %1 certifikátov: %2?" #: ../lib/pki_x509.cpp:220 #, qt-format msgctxt "pki_x509|" msgid "" "Unable to load the certificate in file %1. Tried PEM and DER certificate." msgstr "" "Nemožno načítať certifikát zo súboru %1. Vyskúšaný certifikát PEM a DER." #: ../lib/pki_x509.cpp:368 msgctxt "pki_x509|" msgid "This certificate is already on the security token" msgstr "Tento certifikát už je na bezpečnostnom tokene" #: ../lib/pki_x509.cpp:431 #, qt-format msgctxt "pki_x509|" msgid "Delete the certificate '%1' from the token '%2 (#%3)'?" msgstr "Odstrániť certifikát „%1” z tokenu „%2 (#%3)”?" #: ../lib/pki_x509.cpp:564 msgctxt "pki_x509|" msgid "There is no key for signing !" msgstr "Chýba kľúč na podpísanie!" #: ../lib/pki_x509.cpp:625 #, qt-format msgctxt "pki_x509|" msgid "Wrong Size %1" msgstr "Zlá veľkosť %1" #: ../lib/pki_x509.cpp:916 msgctxt "pki_x509|" msgid "No" msgstr "Nie" #: ../lib/pki_x509.cpp:918 msgctxt "pki_x509|" msgid "Yes" msgstr "Áno" #: ../lib/pki_x509.cpp:948 #, qt-format msgctxt "pki_x509|" msgid "Renew certificate: %1" msgstr "Obnoviť certifikát: %1" #: ../lib/pki_x509.cpp:949 #, qt-format msgctxt "pki_x509|" msgid "" "The XCA certificate '%1', issued on %2 will expire on %3.\n" "It is stored in the XCA database '%4'" msgstr "" "Certifikát XCA „%1”, vydaný %2 vyprší %3.\n" "Je uložený v databáze XCA „%4”" #: ../lib/pki_x509.cpp:970 #, qt-format msgctxt "pki_x509|" msgid "CRL Renewal of CA '%1' due" msgstr "Termín obnovenia CRL CA „%1”" #: ../lib/pki_x509.cpp:971 #, qt-format msgctxt "pki_x509|" msgid "" "The latest CRL issued by the CA '%1' will expire on %2.\n" "It is stored in the XCA database '%3'" msgstr "" "Posledné CRL vydané CA „%1” vyprší %2.\n" "Je uložené v databáze XCA „%3”" #: ../lib/pki_x509req.cpp:104 msgctxt "pki_x509req|" msgid "Signing key not valid (public key)" msgstr "Podpisujúci kľúč neplatný (verejný kľúč)" #: ../lib/pki_x509req.cpp:146 #, qt-format msgctxt "pki_x509req|" msgid "Successfully imported the %1 certificate request '%2'" msgstr "úspešne importovaná %1 žiadosť o certifikát „%2”" #: ../lib/pki_x509req.cpp:147 #, qt-format msgctxt "pki_x509req|" msgid "Delete the %1 certificate request '%2'?" msgstr "Odstrániť %1 žiadosť o certifikát „%2”?" #: ../lib/pki_x509req.cpp:148 #, qt-format msgctxt "pki_x509req|" msgid "Successfully created the %1 certificate request '%2'" msgstr "Úspešne vytvorená %1 žiadosť o certifikát „%2”" #: ../lib/pki_x509req.cpp:150 #, qt-format msgctxt "pki_x509req|" msgid "Delete the %1 certificate requests: %2?" msgstr "Odstrániť %1 žiadosť o certifikát: %2?" #: ../lib/pki_x509req.cpp:179 #, qt-format msgctxt "pki_x509req|" msgid "" "Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC " "format." msgstr "" "Nemožno načítať žiadosť o certifikát zo súboru %1. Vyskúšané formáty PEM, " "DER a SPKAC." #: ../lib/pki_x509req.cpp:217 #, qt-format msgctxt "pki_x509req|" msgid "Wrong Size %1" msgstr "Zlá veľkosť %1" #: ../lib/pki_x509req.cpp:365 msgctxt "pki_x509req|" msgid "Signed" msgstr "Podpísaný" #: ../lib/pki_x509req.cpp:365 msgctxt "pki_x509req|" msgid "Unhandled" msgstr "Nespracované" #: ../ui/v3ext.ui:26 msgctxt "v3ext|" msgid "Copy Common Name" msgstr "Kopírovať bežný názov" #: ../ui/v3ext.ui:56 msgctxt "v3ext|" msgid "Add" msgstr "Pridať" #: ../ui/v3ext.ui:63 msgctxt "v3ext|" msgid "Delete" msgstr "Odstrániť" #: ../ui/v3ext.ui:89 msgctxt "v3ext|" msgid "Apply" msgstr "Použiť" #: ../ui/v3ext.ui:96 msgctxt "v3ext|" msgid "Validate" msgstr "Overiť" #: ../ui/v3ext.ui:125 msgctxt "v3ext|" msgid "Cancel" msgstr "Zrušiť" #: ../widgets/v3ext.cpp:72 msgctxt "v3ext|" msgid "An email address or 'copy'" msgstr "Emailová adresa alebo „copy”" #: ../widgets/v3ext.cpp:74 msgctxt "v3ext|" msgid "An email address" msgstr "Emailová adresa" #: ../widgets/v3ext.cpp:76 msgctxt "v3ext|" msgid "A registered ID: OBJECT IDENTIFIER" msgstr "Registrované ID: IDENTIFIKÁTOR OBJEKTU" #: ../widgets/v3ext.cpp:80 msgctxt "v3ext|" msgid "A uniform resource indicator" msgstr "Jednotný indikátor zdroja" #: ../widgets/v3ext.cpp:85 msgctxt "v3ext|" msgid "A DNS domain name or 'copycn'" msgstr "Doménové meno DNS alebo „copycn”" #: ../widgets/v3ext.cpp:87 msgctxt "v3ext|" msgid "A DNS domain name" msgstr "Doménové meno DNS" #: ../widgets/v3ext.cpp:89 msgctxt "v3ext|" msgid "An IP address" msgstr "Adresa IP" #: ../widgets/v3ext.cpp:92 msgctxt "v3ext|" msgid "Syntax: ;TYPE:text like '1.2.3.4:UTF8:name'" msgstr "Syntax: ;TYP:text ako '1.2.3.4:UTF8:názov'" #: ../widgets/v3ext.cpp:96 msgctxt "v3ext|" msgid "No editing. Only 'copy' allowed here" msgstr "Neupravovať. Je tu dovolené len „copy”" #: ../widgets/v3ext.cpp:165 #, qt-format msgctxt "v3ext|" msgid "" "Validation failed:\n" "'%1'\n" "%2" msgstr "" "Overenie zlyhalo:\n" "„%1”\n" "%2" #: ../widgets/v3ext.cpp:170 #, qt-format msgctxt "v3ext|" msgid "" "Validation successful:\n" "'%1'" msgstr "" "Overenie úspešné:\n" "„%1”" #~ msgctxt "MainWindow|" #~ msgid "&Token" #~ msgstr "&Token" #~ msgctxt "MainWindow|" #~ msgid "&Content" #~ msgstr "&Obsah" #~ msgctxt "MainWindow|" #~ msgid "Error opening file: '%1': %2" #~ msgstr "Chyba otvorenia súboru: „%1”: %2" #~ msgctxt "QObject|" #~ msgid "Country code" #~ msgstr "Kód krajiny" #~ msgctxt "QObject|" #~ msgid "State or Province" #~ msgstr "Štát alebo provincia" #~ msgctxt "QObject|" #~ msgid "Locality" #~ msgstr "Lokalita" #~ msgctxt "QObject|" #~ msgid "Organisation" #~ msgstr "Organizácia" #~ msgctxt "QObject|" #~ msgid "Organisational unit" #~ msgstr "Organizačná jednotka" #~ msgctxt "QObject|" #~ msgid "Common name" #~ msgstr "Bežný názov" #~ msgctxt "QObject|" #~ msgid "E-Mail address" #~ msgstr "Emailová adresa" #~ msgctxt "QObject|" #~ msgid "Given name" #~ msgstr "Rodné meno" #~ msgctxt "QObject|" #~ msgid "Surname" #~ msgstr "Priezvisko" #~ msgctxt "QObject|" #~ msgid "Title" #~ msgstr "Titul" #~ msgctxt "QObject|" #~ msgid "Initials" #~ msgstr "Iniciály" #~ msgctxt "QObject|" #~ msgid "Description" #~ msgstr "Popis" #~ msgctxt "QObject|" #~ msgid "Role" #~ msgstr "Rola" #~ msgctxt "QObject|" #~ msgid "Pseudonym" #~ msgstr "Pseudonym" #~ msgctxt "QObject|" #~ msgid "Generation Qualifier" #~ msgstr "Prívlastok generácie" #~ msgctxt "QObject|" #~ msgid "x500 Unique Identifier" #~ msgstr "Jedinečný identifikátor x500" #~ msgctxt "QObject|" #~ msgid "Name" #~ msgstr "Názov" #~ msgctxt "QObject|" #~ msgid "DN Qualifier" #~ msgstr "Prívlastok DN" #~ msgctxt "QObject|" #~ msgid "Unstructured name" #~ msgstr "Neštruktúrovaný názov" #~ msgctxt "QObject|" #~ msgid "Challenge password" #~ msgstr "Heslo výzvy" #~ msgctxt "QObject|" #~ msgid "Basic Constraints" #~ msgstr "Základné obmedzenia" #~ msgctxt "QObject|" #~ msgid "Subject alternative name" #~ msgstr "Alternatívne meno predmetu" #~ msgctxt "QObject|" #~ msgid "issuer alternative name" #~ msgstr "Alternatívny názov vydavateľa" #~ msgctxt "QObject|" #~ msgid "Subject key identifier" #~ msgstr "Identifikátor kľúča predmetu" #~ msgctxt "QObject|" #~ msgid "Authority key identifier" #~ msgstr "Identifikátor kľúča autority" #~ msgctxt "QObject|" #~ msgid "Key usage" #~ msgstr "Použitie kľúča" #~ msgctxt "QObject|" #~ msgid "Extended key usage" #~ msgstr "Rozšírené použitie kľúča" #~ msgctxt "QObject|" #~ msgid "CRL distribution points" #~ msgstr "Distribučné body CRL" #~ msgctxt "QObject|" #~ msgid "Authority information access" #~ msgstr "Prístup k informácii CA (AIA)" #~ msgctxt "QObject|" #~ msgid "Certificate type" #~ msgstr "Typ certifikátu" #~ msgctxt "QObject|" #~ msgid "Base URL" #~ msgstr "Základná URL" #~ msgctxt "QObject|" #~ msgid "Revocation URL" #~ msgstr "URL odvolaní" #~ msgctxt "QObject|" #~ msgid "CA Revocation URL" #~ msgstr "URL odvolaní CA" #~ msgctxt "QObject|" #~ msgid "Certificate renewal URL" #~ msgstr "URL obnovenia CRL" #~ msgctxt "QObject|" #~ msgid "CA policy URL" #~ msgstr "URL politiky CA" #~ msgctxt "QObject|" #~ msgid "SSL server name" #~ msgstr "Meno servera SSL" #~ msgctxt "QObject|" #~ msgid "Comment" #~ msgstr "Komentár" #~ msgctxt "db_base|" #~ msgid "Error opening file: '%1': %2" #~ msgstr "Chyba otvorenia súboru: „%1”: %2" #~ msgctxt "db_x509|" #~ msgid "Error opening file: '%1': %2" #~ msgstr "Chyba otvorenia súboru: „%1”: %2" #~ msgctxt "pki_base|" #~ msgid "Error writing to file: '%1': %2" #~ msgstr "Chyba zápisu do súboru „%1”: %2" #~ msgctxt "pki_crl|" #~ msgid "unknown" #~ msgstr "neznáme" #~ msgctxt "pki_scard|" #~ msgid "Public Key mismatch. Please re-import card" #~ msgstr "Nezhoda verejného kľúča. Prosím, znova importujte kartu" #~ msgctxt "pki_temp|" #~ msgid "Template file content error (too small): %1" #~ msgstr "Chyba obsahu súboru šablóny (príliš malá): %1" xca-RELEASE.2.2.1/lang/.gitignore0000644000175000017500000000000513614632167015621 0ustar tewardteward*.qm xca-RELEASE.2.2.1/changelog0000644000175000017500000006657113614632167014606 0ustar tewardtewardxca 2.2.1 Thu Jan 30 2020 * Close #159 Opening existing database xca 2.2.0 Wed Jan 29 2020 * Switch to MSI installer * Close #129 Unattended Installation * Rename HTTPS templates to TLS and support KU/EKU extensions needed by OpenVPN * Close #93 Default output folder / Improve Portable App usability * Improve EC Curve selection for key generation. * Close #21 Support for ODBC (MSSQL) * Close #136 Provide 64bit version of xca * Close #156 secp256k1, secp256r1 and NIST-P256 * Transfer Key Usage and Extended Key Usage critical flags * Improve item loading. Inspired by #153 * Add japanese translation * Close #138: Portable Version does not remember paths * Close #83: Token selection should not insist on name or serial of the token * Close #95: Copy mysql and psql windows dll files into portable app * Close #144: Database export has issues with wildcards in internal names * Close #143: Hotkey for import * Close #140: Certificate renewal with option to preserved serial number * Fix possible XCA crash * Add Dutch translation * Add Chinese translation * Add Italian language * CLose #120: Mark signed a request doesn't work * Close #119: Rename "PostgreSQL 6 and 7" to just "PostgreSQL" * Close #116: Duplicate extensions erroneously shown * Close #114: SAN - IPv6 address input not working * Close #68 Generating large DH params freezes UI * Support concurrent database access. * Close #91: Change order of "PKCS#11 provider" * Extend PEM files by human readable information about the item * Support ecdsa SSH public keys * Close #98 Add comment at import/export RSA keys from/to SSH public key * Close #101: Finish Rename with Enter shows Property Dialog * Close #104: Also show sha256 digests of public keys * Close #82: Renew CA ROOT Cert * Verify imported keys thoroughly xca 2.1.2 Wed Nov 07 2018 * Close #40 macOS: Crash after xca v2.0.1 quit * Close #37: XCA 2: EVP_DecryptFinal_ex:bad decrypt * Close #74: Exiting XCA 2.1.1 corrupts database * Make PKCS11 libs, working dir and main-window size host-dependent * Support for XCA as portable App * Close #69 Library not loaded: @rpath/ contains local directory * Close #60: Fix MacOSX 2.1.1 binary * Add new maintained languages: Polish, Spanish, Portuguese xca 2.1.1 Thu Sep 13 2018 * Allow manual override of the CSR signed flag * Close #56: Duplicate Serials after Upgrade 2.1.0 * Close #57: SAN IP not working in 2.1.0 * Close #55: Calculate "CSR signed" information from legacy database * Close #55: Add Certificate counter column for CSR * Fix slovak translation * Close #50: Hang while importing 1.4.1 database into 2.1.0 xca 2.1.0 Tue Jul 24 2018 * Close #48: The SKI tickbox isn't generating an SKI extension for CSRs * Fix translation of dates * Add private key icon to the key name * Inspired by #42: display dates relative (seconds ago, yesterday, ...) while column ordering is still strict by age. The ToolTip shows date and time. * Related to #39: Dynamically adjust explicit DN entries * Close #39: Subject entries shuffled * Close #36: Support adding CN to X509v3 SAN automatically * Close #35: Configurable size of serial number. * Close #34: Improve Mac OSX installation * Close #27: Configurable certificate expiry warning threshold * Generate calender (.ics) files for certificate and CRL expiries xca 2.0.1 Tue May 08 2018 * Close #32: Version field contains "Created by Qt/QMake" on MacOSX * Review and update russian ltranslation * Close #31: Closing certificate details window toggles tree folding * Close #25: Certificates are no longer coloured * Close #24: Add LibreSSL support. Tested with LibreSSL 2.7.2 * Close #23: Improve limiting to pattern in certificate tree view * Close #20: Unable to chose remote database type (dropdown empty) * Close #19: Replace 3DES encryption by AES-256 during key export xca 2.0.0 Tue Apr 10 2018 * Open database before starting a transaction * Fix default hash during startup * Fix Importing PKCS#12 and PKCS#7 files * Improve automatic setting of the certificate internal name * Don't use remote DB descriptor as local database filename proposal * Usability: Preset remote database input values with previous ones * Add another missing windows postgres library xca 2.0.0-pre04 Thu Mar 22 2018 * Accept drivers that don't support transactions * Install MySQL and PostgreSQL drivers on windows * Closes #10: Warn if certificate without any extension is created * Add table prefix to be prepended to each table for remote SQL DB * Update translations xca 2.0.0-pre03 Thu Mar 15 2018 * Fix installation of sql plugins in the Windows installer * Fix opening, importing and dropping databases xca 2.0.0-pre02 Tue Mar 13 2018 * Fix crash during PKCS#12 export * Update HTTPS_server template and add example SAN * Acceppt empty password for private key decryption * Fix legacy database-without-password import xca 2.0.0-pre01 Sun Mar 11 2018 * Close GitHub Bug #5: Exporting a private key results in too-permissive permissions * Close GitHub Bug #4: Workaround QT bug of editing in QDateTimeEdit * Fix display of dates in the Certificate details (local time displayed a GMT) * The internal name is not neccessarily unique anymore and can be edited in the details dialog as well as the comment. * CSR signing is now statically stored in the database and the comment of the issued certificate. * Private keys in the database are PKCS#8 encrypted and can be exported and decrypted without XCA. * No more incrementing serials. Only unique random serial numbers. * "xca_db_stat" application removed. Use the SQLite3 browser "sqlitebrowser". * "xca extract" functionality removed. SQL views may be used instead. * Each item may be commented. XCA itself comments important events in the item. * Each item knows its time and origin of appearance. * Change database format to SQL(ite) and support MySQL and PostgreSQL. xca 1.4.1 Sat Mar 3 2018 * Replace links to XCA on Sourceforge in the software and documentation by links to my Site. xca 1.4.1-pre02 Thu Mar 1 2018 * SF Bug #122 isValid() tried to convert the serial to 64 bit * Beautify mandatory distinguished name entry errors * Support dragging certificates and other items as PEM text * Show User settings and installation path in the about dialog xca 1.4.1-pre01 Sun Feb 18 2018 * Remove SPKAC support. Netscape is not of this world anymore. * SF bug #124 Wrong assumptions about slots returned by PKCS11 library * Cleanup and improve the OID text files, remove senseless aia.txt * Update HTML documentation * Refine and document Entropy gathering * Indicate development and release version by git commit hash * Fix dumping private keys during "Dump database" * Fix Null pointer exception when importing PKCS#12 with OpenSSL 1.1.0 * SF Bug #110 Exported private key from 4096 bit SSH key is wrong * SF Bug #109 Revoked.png isn't a valid image * SF Bug #121 CA serial number is ignored in hierarchical view * Improve speed of Bulk import. * Fix starting xca with a database as first arg xca 1.4.0 Thu Jan 4 2018 * Update OpenSSL version for MacOSX and W32 to 1.1.0g * Change default hash to SHA-256 and add a warning if the default hash algorithm is SHA1 or less * Switch to Qt5 for Windows build and installation * Do not apply the default template when creating a similar cert * Close SF #120 Crash when importing CA certificate * Close SF #116 db_x509.cpp:521: Mismatching allocation and deallocation * Add support for OpenSSL 1.1 (by Patrick Monnerat) * Support generating an OpenSSL "index.txt" (by Adam Dawidowski) * Thales nCipher key generation changes for EC and DSA keys * Add Slovak translation xca 1.3.2 Sat Oct 10 2015 * Gentoo Bug #562288 linking fails * Add OID resolver, move some Menu items to "Extra" * SF. Bug. #81 Make xca qt5 compatible * SF. Bug. #107 error:0D0680A8:asn1 encoding * Don't validate notBefore and notAfter if they are disabled. xca 1.3.1 Fri Aug 21 2015 * Fix endless loop while searching for a signer of a CRL xca 1.3.0 Thu Aug 11 2015 * Update to OpenSSL 1.0.2d for Windows and MAC * SF Bug #105 1.2.0 OS X Retina Display Support * Digitaly sign Windows and MAC binaries with a valid certificate * Refactor the context menu. Exporting many selected items to the clipboard or a PEM file now works. Certificate renewal and revocation may now be performed on a batch of certificates. * Feat. Reg. #83 Option to revoke old certificate when renewing * Refactor revocation handling. All revocation information is stored with the CA and may be modified. Revoked certificates may now be deleted from the database * Support nameConstraints, policyMappings, InhibitAnyPolicy, PolicyConstraint and (OSCP)noCheck when transforming certificates to templates or OpenSSL configs * Fix SF Bug #104 Export to template introduces spaces * Add option for disabling legacy Netscape extensions * Support exporting SSH2 public key to the clipboard * SF Bug #102 Weak entropy source used for key generation: Use /dev/random, mouse/kbd entropy, token RNG * SF Feat. Req. #80 Create new certificate, based on existing certificate, same for requests * Add Cert/Req Column for Signature Algorithm * SF Feat. Req. #81 Show key size in New Certificate dialog * Distinguish export from transform: - Export writes to an external file, - Transform generates another XCA item xca 1.2.0 Sat Mar 21 2015 * Update to OpenSSL 1.0.2a for Windows and MAC drop brainpool extra builds * Use CTRL +/- to change the font size in the view * Add Row numbering for easy item counting * Support SSH2 public key format for import and export * Add support for SHA-224 * add "xca extract" to export items from the database on the commandline xca 1.1.0 Sat Nov 22 2014 * SF Bug #79 Template export from WinXP cannot be imported in Linux and Mac OS X * Support for Brainpool windows and MacOSX binaries * SF Feat. Req. #70 ability to search certificates * SF Feat. Req. #75 show SHA-256 digest * RedHat Bug #1164340 - segfault when viewing a RHEL entitlement certificate * Database hardening - Delete invalid items (on demand) - Be more tolerant against database errors - Gracefully handle and repair corrupt databases - Add "xca_db_stat(.exe)" binary to all installations * Translation updates * Optionally allow hash algos not supported by the token * Select whether to translate established x509 terms * Finish Token EC and DSA support - generate, import, export, sign * SF Feat. Req. #57 More options for Distinguished Name * Switch to autoconf for the configure script * SF Feature Req. #76 Export private keys to clipboard * EC Keys: show Curve name in table * Support EC key generation on PKCS#11 token * PKCS#11: Make EC and RSA signatures work * PKCS#11: Fix reading EC keys from card * SF Bug #82 Certificate Creation out of Spec * SF Bug #95 XCA 1.0 only runs in French on a UK English Mac xca 1.0.0 Wed Oct 22 2014 * SF Bug #89 Validating CRL distribution point results in error * SF Feature Req. #69 Create "Recent databases..." file menu item * SF Bug #75 authorityInfoAccess set error * SF Bug #88 Minor spelling error * SF Bug #87 Unable to set default key length The Key generation dialog now allows to remember the current settings * Do not interpret HTML tags in message boxes * Overwite extensions from the PKCS#10 request by local extensions This avoids duplication errors and allows to overwrite some extensions from the request * SF Bug #78 replace path separators in export filenames * SF Feature Req. #71 Add KDC Authentication OIDs to default files * SF Bug #82 Certificate Creation out of Spec * Add Croatian translation * SF Bug #83 Inappropriate gcc argument order in configure script xca 0.9.3 Sat May 12 2012 * Fix double free in a1time resulting in random crashes xca 0.9.2 Sun May 6 2012 * Support for Local timezone dates. Differentiate between invalid and undefined dates. * Fix Bug #3461403 Error when create certificate with CRL distribution point User error -> Improve user-friendlyness * Fix Bug #3485139 Exception when creating certificates in passwordless db * Avoid very long names resulting in duplicate names in the database. * Add warning colors for expired dates. xca 0.9.1 Fri Oct 21 2011 * Close bug [ 3372449 ] All numeric names cannot be used * add search functionality for PKCS#11 libraries * fix ASN.1 encoding of PKCS#10 request * Close bug [ 3318203 ] Build failure with GNU gold linker * Add x509v3 extensions to the list of selectable columns * Close bug [ 3314262 ] Incorrect "Path length" template parameter handling * Close bug [ 3314263 ] Unrevoking a certificate does not make it "Trusted" * Feature Request [3286442] Make success/import messges optional * improve Password entry * Improve SPKAC import * add french translation by Patrick Monnerat * Export requests or certificates as openssl config file * Support building with EC disabled * Close bug [3091576] Private key export is always PKCS#8 encoded * Feature Request [3058196] Autoload database * Feature Request [3058195] Export directly to the clipboard * Close bug [3062711] Additional OIDs * Close bug [3062708] Invalid user configuration file path name * Fix PKCS#11 library handling xca 0.9.0 Sun Aug 29 2010 * support loading more than one PKCS#11 library * remove the need for engine_pkcs11 now more than one PKCS#11 library can be loaded and used in parallel * Add de/selection of columns and add a lot of new possible columns All Subject entries, the subject hash and whole name, Certificate fingerprints, dates, CA info, CRL number, corresponding key of certs and requests * Improve CRL generation [3035294] CRLNumber, CRLReason * improve creating templates from cert - enhance parsing of CRL-DP, SAN, IAN and AuthInfoAcc - add support for CertificatePolicies - unknown extension are written as generic DER * improve date handling. "notBefore" is not reset to now anymore when applying a time range * Support dropping files onto the application * russian translation by Pavel Belly * support loading DER formatted PKCS#8 keys * ease commandline use * add DH param generation menu entry * improve token handling and PIN changing dialogs * improve key-value table input for "additional DN entries" * PIN and PUK changing implemented * apply partial template-contents - applying the subject only or the extensions only is possible now * add informational messageboxes - whenever an item was successfully created or imported * add support for random serial numbers * improve messages, usability and german translation * improve token support - token initializing - creating keys on a token - store existing keys on a token - delete keys and certs from a token xca 0.8.1 Tue Jan 5 2010 * fix string conversion from QString to ASN1 xca 0.8.0 Thu Dec 10 2009 * improve documentation * improve file-dialog handling * Generate Template from certificate or PKCS#10 request -> Feature request [2213094] and [1108304] * add hash algos "ripemd160" and "SHA384" * add the "no well-defined date" from RFC 5280 as checkbox * Feature request [1996192] Include "OCSPSigning" in misc/eku.txt * Support for EC keys * Update Step-by-step documentation Thanks Devin Reade * Support for Smart Cards * set proper file-extension .xdb on opening databases xca 0.7.0 Fri Sep 11 2009 * support modifying the CSR subject during signing * update key images * fix date settings in Certificate renewal dialog * fix certificate request verification * check for duplicate x509 v3 extensions Bug [ 1881482 ] and [ 1998815 ] * make sha1 the default hash to avoid problems with other software Bug [ 1751397 ] * add validation button to see all extensions before creating the cert * change the hashing for the default password. this makes it incompatible to older versions * Major changes for MAC OS X * extend template format for nconf settings * add nconf input field for arbitrary OpenSSL extensions and a "validate" button to check the settings before applying * fix xca.desktop Bug [ 1837956 ] * fix item-export error handling * add PEM paste import feature * extend PEM import to import all items from a PEM file xca 0.6.4 Mon Aug 13 2007 * Bug "tree view loose track" fixed * check for certificate errors and display them instead of crashing * move used-keys-button form options to NewX509 dialog * Set string options in options dialog * remove extension and attribute tab in details dialog if no extensions or attributes available * documentation updated * X509 request attributes (like challange password) can be set and viewed. xca 0.6.3 Thu May 17 2007 * show CRL signature algorithm information * Add options dialog to set the default hash algo, mandatory distinguished name entries and allow duplicate key use as requested by some users * make cert, crl and key details copy&paste able * fix background color of clicklabels Bug [ 1704699 ] * remove missleading tooltips Bug [ 1704700 ] * fix segfault * switch string handling to UTF8 xca 0.6.2 Mon Apr 9 2007 * break endless loop in chain building Bug [ 1696878 ] xca 0.6.1 Thu Apr 5 2007 * minor documentation updates * Fix openssl-cross patch * recognize certificates with circular references [ xca-Bugs-1693027 ] * be compatibile to QT-4.1 (thanks Tamas TEVESZ) * remove all usages of QT3 backward lib [ xca-Feature Requests-1692800 ] xca 0.6.0 Fri Mar 16 2007 * set initial sorting to ascending order * add RFC2253 representation of subject and issuer to copy & paste * fix dialog sizes for long DNs * move hash algo into signer box [ 1656260 ] * make QA serial a compile time option * fix date generation and warn if generalized time is used * autodetect and load any type of PEM files * fix version number in exported *.xca template * fix import of older XCA templates * add support for predefined templates as there was in 0.5.1 * fix cmdline import of crypto items * add undelete feature for deleted items * fix database shrinking of curent db during opening of new db xca 0.6.0-beta02 Fri Feb 2 2007 * correct and fixate the order of x509name entries * Add CRL properties dialog to select the dates and the signing algo * Add SHA256 and SHA512 * Certificate export for apache and OpenSSH+X509 * Default templates for client, server, CA removed * template duplication added * sort serial numbers numerically and not lexicographically Bug [1166075] * add build support for cygwin and mingw-cross * delete rpm/ and debian/ subdirs * Port to QT4 and openssl 0.9.8 remove the need of Berkeley DB importing of old database dump possible * finish support for Mac OS X * add X509 V3 extensions to PKCS#10 requests * add "validation" function for editable extensions below * add "edit" buttons for subject/issuer alt. name, crl dist. point and cert. auth. info access * add DB-dump function into subdirs * Support for DSA keys * Fix error in template changing * change storage-format of keys: store the public unencrypted and the private additionally encrypted. * Allow different passwords for keys xca 0.5.1 Tue Jul 13 2004 * support for different languages on WIN platform (Thanks Ilya) * better installation and deinstallation on WIN platform * documentation updated xca 0.5.0 Sun Jun 13 2004 * orthographical changes * more translations * segfault in CRL import removed * manpage and documentation updated * store "midnight" in template xca 0.4.7-RC2 Fri Apr 16 2004 * open db if explicit mentioned, otherwise do not. * Errormessage on a wrong pkcs12 password more comprehensive * postinst and postrm do update-menu * search more intensive for the CRL signer * add /etc/xca/nid.txt to OID search path * debian build enhanced, lintian satisfied, manpage added. * AuthorityInfoAccess enhanced "aia.txt" as oid list added * allow empty passwords on PKCS#12 import xca 0.4.7-RC1 Thu Feb 5 2004 * debian menu-entry added * Open and closing of different databases * Menu added * German translation * CRLs will revoke existing certs * memory leaks removed * support for other compiled in basedir on unix * Authority info access added Certificate policies still pending :-( * additional (private) oids can be registered in oids.txt * OIDs for extended key usage and Distinguished name are now read from eku.txt and dn.txt respectively. * About dialog and help window added. * Requestdetail is now tabdialog xca 0.4.6 Tue Nov 25 2003 * Country is State or Province * xca.dsp: WIN32 changes from Ilya * New configure added, Makefile.in's purged and one configuration: "Local.mak" for flags and compilers. supports parallel builds (make -j) * SmartCard Logon OID added * Fixed bugs: * [ 846052 ] Tab order in Certificate Netscape extensions is wrong * [ 845800 ] CRL Generation problem for Netscape * [ 836967 ] Unable to specify alternate database * [ 843725 ] xca dies when opened with a pem key as argument * [ 789374 ] Bad encoding in misc/xca.desktop * by Wolfgang Glas : - Support for UTF8 in x509name - Netscape SPKAC support added xca 0.4.5 Wed Aug 13 2003 * more german translations * [ 737036 ] make error texts copiable from pop-up-windows to clipboard by adding a button doing this * [ 767603 ] Key sizes Implemented by making the Key-size ComboBox editable to enter arbitrary key sizes. * [ 765774 ] change password for database xca 0.4.4 Wed Aug 6 2003 * [ 783853 ] renewal uses 'notBefore' as 'notAfter' date * [ 783830 ] GeneralizedTime-format breaks browsers xca 0.4.3 Tue Aug 5 2003 * remove Certificate creation bug (AuthKeyId) * always take the right cert for signing * critical flag in key usage and extended key usage works now * Import of Multiple items is done and works [ 739726 ] extend description of -p option [ 775529 ] Import of PKCS#7 item not shown * made the details dialogs internal name read only * some segmentation faults removed * VPN OIDs added to Ext. Keyusage xca 0.4.2 Sun Jul 20 2003 * Memory leak removed * Template import and export added * fix bug [ 773056 ] Duplicate 'All files (*.*)' selection on import menus * import of PKCS#12 keys repaired * crl icon added to W32 installation * /usr/local/include removed from CPP flags * Buttons "Export Cert" and "Change Template" reconnected. * Authority Key identifier repaired xca 0.4.1 Tue Jul 15 2003 * some compiling issues removed * Import via commandline repaired, * signing of requests without key fixed * Changes for WIN32 version from Ilya added * solved bug: [ 770120 ] Attempting to export private key results in no file exported * implemented feature request: [ 755599 ] add PFX import button to Keytab xca 0.4.0 Tue Jul 8 2003 * Solved bugs: * [ 752111 ] Cannot handle dates past 32-bit boundary (2038) * [ 744227 ] Bug in handling of 3rd. party CRLs * The following Feature requests were implemented: * [ 743152 ] Attributes in subject name * [ 755853 ] select the hash algorithm for signing. * The code was completely rewritten to remove many unpretty codefragements and get a more stable codebase * The names of certs and keys in the detailsview of Certs, CRLs and Requests are clickable. * xca desktopfile added and will be installed in applications, key.xpm will be installed as xca.xpm in pixmaps ([ 763954 ] xca.desktop file) Thanks to Enrico Scholz xca 0.3.2 Thu May 15 2003 * Optimizations, icon for WIN32 platform * MS Registry and %USERPROFILE% support * Support for PKCS#7 certs (im/export) * small UI changes xca 0.3.1 Thu Apr 24 2003 * Tool Tips added * CRL handling (import, export, details) added xca 0.3.0 Fri Apr 25 2003 * several bugfixes and memoryleaks removed * export to TinyCA and "openssl ca" added * switch between tree/plain view in certificate list * notAfter dates in certificate view can be sorted reasonably * libdb-4.1.24 and higher is supported * The certificate details dialog was redesigned to be a smaller tab-dialog * Mainwindow dialog shrinked * Item viewing and import via the commandline is possible * documentation littlebit updated * changes in configure * The wizard invokes the key generation process only if really needed xca 0.2.12 Mon Jan 6 2003 * PKCS#7 encryption and signing of files added * First attempt of documentation added * Several export targets added * Certificate renewal repaired xca 0.2.11 Wed Dec 4 2002 * Certificate export enhanced, increase signer-serial on certimport. * interpretation of serial as hex and not as dezimal. * configure continues even if qt lib is absent. * $HOME/xca is created if it does not exist. xca 0.2.10 Tue Oct 29 2002 * shows not After time and serial in listview * some segfaults removed * Certificate renewal implemented * extension-bug removed * request-kontextmenu contains signing * create request from certificate * FreeBSD paths and libs recognized by configure xca 0.2.9 Mon Oct 21 2002 * several segfaults eliminated * key-use counter corrected * initial truststate fixed * remembers Im/Export directories * import of mutiple certs/keys/requests/pkcs12 * database transactions activated * exception-handling completed xca 0.2.8 Sun Oct 13 2002 * consistency checks for Iss-alt-name and Sub-alt-name * Check for certificate dates to not exceed those of the signer * defines for libdb >4.1.x * default templates added * package-builder do build without printf-debugging * key-use counter works now well xca 0.2.7 Tue Oct 8 2002 * segfaults removed * minor wizard changes xca 0.2.6 Mon Sep 30 2002 * show common name in request list and certificate list * CRL generation added * Key-export fixed * signing-template, CRL date and CRL time interval adjustable * Fix for windows filenames xca 0.2.5 Tue Sep 24 2002 * Certificate and Template Wizard completed * CA-serial can be changed and is stored with the cert * Passwordboxes set focus right (Andrey Brindeew ) * configure enhanced with error and success messages * x509 v3 extensions completed inc. Netscape extensions * Templates implemented * Files for MS Visual C++ added (yes, it compiles on MS Windows) * Windows Installer added (Nullsoft) xca 0.2.4 Tue Sep 10 2002 * PKCS#12 import added * bugfixes fileview, requestgeneration xca 0.2.3 Wed Sep 4 2002 * icons changed * context menu on right mousebutton * trust state settings added * dialogboxes are resizeable * extended keyusage added to v3 extensions when creating new cert * all dialogs translated to english * no more images in *.ui files xca 0.2.2 Thu Jul 18 2002 * basic constraints, key usage and subject/authority key identifier * signing wizard... * Signatures can be done with requests and from scratch * Certificate for signing can be self or foreign, * password is saved as md5sum xca 0.1.12 Thu Jul 11 2002 * icons added * treeview for Certificates * private keys are triple DES encrypted in db * program asks for initial password on startup * some segfaulting bugs removed xca 0.1.11 Wed Jul 3 2002 * RSA Keys are generated and stored to or loaded from a file in either DER or PEM format. * They get stored in a local Berkeley DB. * Changing their description and viewing their contents, as well as deleting them from local DB is possible. xca-RELEASE.2.2.1/test/0000755000175000017500000000000013614632167013674 5ustar tewardtewardxca-RELEASE.2.2.1/test/opendb.pl0000755000175000017500000000127113614632167015504 0ustar tewardteward#!/usr/bin/perl use X11::GUITest qw/StartApp WaitWindowViewable SendKeys GetInputFocus GetWindowName WaitWindowClose/; my $password = "ThisIsMyPassword"; my $db = "__x.xdb"; unlink $db; StartApp("./xca"); my ($xcaId) = WaitWindowViewable("X Certificate and Key management"); SendKeys("%(fn)"); WaitWindowViewable("Open XCA Database"); SendKeys($db . "{ENT}"); WaitWindowViewable("New Password"); SendKeys($password . "{TAB}" . $password . "{ENT}"); SendKeys("%(fc)"); SendKeys("%(fo)"); WaitWindowViewable("Open XCA Database"); SendKeys($db . "{ENT}"); WaitWindowViewable("Password"); SendKeys($password ."{ENT}"); SendKeys("%({F4})"); WaitWindowClose($xcaId, 10); exec("lib/db_dump", $db); xca-RELEASE.2.2.1/test/create_key.pl0000755000175000017500000000176513614632167016360 0ustar tewardteward#!/usr/bin/perl use X11::GUITest qw/StartApp WaitWindowViewable SendKeys SetInputFocus WaitWindowClose GetInputFocus GetWindowName GetChildWindows/; my $xcaId; my $password = "ThisIsMyPassword"; my $db = "__x.xdb"; sub new_key { my $id; my ($name, $size, $type) = @_; print "name=$name, size=$size, Type=$type\n"; SendKeys("%(n)"); $id = WaitWindowViewable(); SendKeys($name ."{TAB}" .$size ."{TAB}". $type ."{ENT}"); WaitWindowClose($id, 100); } StartApp("./xca"); ($xcaId) = WaitWindowViewable("X Certificate and Key management"); printf "XCA id: $xcaId\n"; SendKeys("%(fo)"); WaitWindowViewable("Open XCA Database"); SendKeys($db . "{ENT}"); WaitWindowViewable("Password"); SendKeys($password ."{ENT}"); for ($i=0; $i<500; $i++) { my $len=int(rand(3200)) + 1024; new_key("rsa_key-$len", $len, "r"); $len=int(rand(1500)) + 1024; new_key("dsa_key-$len", $len, "d"); new_key("ec_key-$len", $len, "e"); } SendKeys("%({F4})"); WaitWindowClose($xcaId, 10); exec("lib/db_dump", $db); xca-RELEASE.2.2.1/test/im_export_key.pl0000755000175000017500000000213613614632167017114 0ustar tewardteward#!/usr/bin/perl use strict; use warnings; use X11::GUITest qw/StartApp WaitWindowViewable SendKeys SetInputFocus WaitWindowClose GetInputFocus GetWindowName GetChildWindows ClickWindow/; my $xcaId; my $password = "ThisIsMyPassword"; my $db = "__x.xdb"; unlink $db; sub new_key { my $id; my ($name, $size, $type) = @_; print "name=$name, size=$size, Type=$type\n"; SendKeys("%(i)"); $id = WaitWindowViewable("New key"); SendKeys($name ."{TAB}" .$size ."{TAB}". $type ."{ENT}"); WaitWindowClose($id, 10); } StartApp("./xca $db"); ($xcaId) = WaitWindowViewable("X Certificate and Key management"); printf "XCA id: $xcaId\n"; WaitWindowViewable("Password"); SendKeys($password . "{TAB}" . $password . "{ENT}"); SendKeys("%(i)"); my $id = WaitWindowViewable("Import RSA key"); SendKeys("{BS 20}" . "test/key.pem" . "{ENT}"); WaitWindowClose($id, 10); system("xev -id $xcaId &"); ClickWindow($xcaId); SendKeys("{SPACE}"); #ClickWindow($xcaId, 100, 110); #ClickWindow($xcaId, 200, 110); #ClickWindow($xcaId, 300, 110); #SendKeys("%({F4})"); #WaitWindowClose($xcaId, 10); #exec("lib/db_dump", $db); xca-RELEASE.2.2.1/github.release.py0000755000175000017500000000205513614632167016175 0ustar tewardteward#!/usr/bin/python3 import sys import requests import json import os import re readme = open("README.md", "r").read() #.replace('\n', '\\n').replace('"','\\"') user = "chris2511" if len(sys.argv) < 2: print("Usage: " + sys.argv[0] + " full-path-binaries ... ") exit(1) version = sys.argv[1] url = 'https://api.github.com/repos/' + user + '/xca/releases' data = { "tag_name" : "RELEASE." + version, "target_commitish": "master", "name": "XCA " + version, "body": readme, "draft": True, "prerelease": True } passwd = input("Github Password for " + user + ": ") r = [] response = requests.post(url, json=data, auth=(user, passwd)) r.append(response.json()) upload_url = response.json().get('upload_url') print(upload_url) headers = {'Content-Type': 'text/plain'} for file in sys.argv[2:]: name = re.sub(".*/", "", file) url = upload_url.replace("{?name,label}", "?name=" + name) print("Upload", file) response = requests.post(url, headers=headers, data=open(file, 'rb'), auth=(user, passwd)) r.append(response.json()) print(r) xca-RELEASE.2.2.1/Rules.mak0000644000175000017500000000160613614632167014504 0ustar tewardtewardinclude $(BUILD)/Local.mak export VERSION=$(shell cat $(TOPDIR)/VERSION ) BASENAME=$(shell basename `pwd`) CPPFLAGS += -I$(TOPDIR) -I$(BUILD) -I$(BUILD)/ui all: .build-stamp .build-stamp: $(OBJS) for i in $(patsubst %, $(shell pwd)/%, $(OBJS)); do echo $$i; done > $@ @$(PRINT) " DONE [$(BASENAME)]" SRCS=$(patsubst %.o, %.cpp, $(OBJS)) HEADERS=$(shell ls *.h 2>/dev/null) GCH=$(patsubst %, %.gch, $(HEADERS)) # how to create a moc_* file moc_%.cpp: %.h %.cpp @$(PRINT) " MOC [$(BASENAME)] $@" $(MOC) $< -o $@ # how to create the headerfile from the *.ui ui_%.h: %.ui @$(PRINT) " UIC [$(BASENAME)] $@" $(UIC) -o $@ $< # default compile rule %.o: %.cpp @$(PRINT) " CC [$(BASENAME)] $@" $(CC) $(CPPFLAGS) $(CFLAGS) $(EXTRA_CFLAGS) -c $< -o $@ .depend: $(SRCS) @$(PRINT) " DEP [$(BASENAME)]" $(CC) -MM $(CPPFLAGS) $(CFLAGS) $^ > $@ .SECONDARY: .PHONY: .build-stamp xca-RELEASE.2.2.1/Libtool.version0000644000175000017500000000001613614632167015725 0ustar tewardtewardlibtool-2.4.6 xca-RELEASE.2.2.1/configure.ac0000644000175000017500000002153313614632167015207 0ustar tewardtewardAC_INIT([X Certificate and Key management], m4_esyscmd([tr -d '\n' < VERSION]), [christian@hohnstaedt.de], [xca], [http://xca.hohnstaedt.de]) AC_MSG_NOTICE([ ***************************************************]) AC_MSG_NOTICE([ * ${PACKAGE_NAME} ${PACKAGE_VERSION}]) AC_MSG_NOTICE([ ***************************************************]) AC_CONFIG_MACRO_DIR([m4]) AC_PROG_CXX AC_LANG(C++) AC_CHECK_TOOL(STRIP, [strip], [:]) AC_CHECK_TOOL(WINDRES, [windres], [:]) VERSIONNODOT="$(IFS='.'; for x in $PACKAGE_VERSION; do printf "%02d" ${x%-*}; done)" AC_SUBST([VERSIONNODOT]) if test -d "$INSTALL_DIR"; then AC_MSG_NOTICE([Using INSTALL_DIR $INSTALL_DIR]) test -d "${INSTALL_DIR}/include" && CXXFLAGS="${CXXFLAGS} -I${INSTALL_DIR}/include" test -d "${INSTALL_DIR}/lib" && LIBS="${LIBS} -L${INSTALL_DIR}/lib" fi case "$(${CXX} -dumpmachine)" in *apple-darwin*) HOST=DARWIN CXXFLAGS="${CXXFLAGS} -pipe -gdwarf-2" LIBS="${LIBS} -framework IOKit -framework CoreFoundation" for d in $(find /usr/local/Cellar -name 'pkgconfig' -type d); do PKG_CONFIG_PATH="${d}:${PKG_CONFIG_PATH}" done export DYLD_LIBRARY_PATH ;; *mingw*) HOST=WINDOWS SUFFIX=".exe" PKG_CONFIG="$(which pkg-config) --define-prefix" PKG_CONFIG_LIBDIR="" CXXFLAGS="${CXXFLAGS} -mthreads -mwindows -mnop-fun-dllimport -Wno-strict-aliasing" LIBS="${LIBS} -Wl,-enable-stdcall-fixup -Wl,-enable-auto-import -Wl,-enable-runtime-pseudo-reloc -static-libgcc" ;; *linux*) HOST=LINUX ;; *) HOST=UNIX ;; esac AC_MSG_NOTICE([Compiling for host: $HOST]) AC_SUBST([HOST]) AC_SUBST([MACDEPLOYQT]) AC_SUBST([SUFFIX]) AC_SUBST([INSTALL_DIR]) export PKG_CONFIG_PATH export LD_LIBRARY_PATH if test "$srcdir" != "."; then exist="" for f in Local.mak local.h commithash.h; do test ! -r "$srcdir"/"$f" || exist="$exist $f" done if test -n "$exist"; then AC_ERROR([The source directory (${srcdir}) contains the file(s):$exist. They must be removed before building here.]) fi fi # Detect the OpenSSL libraries and header ######################################### AC_ARG_WITH([openssl], AS_HELP_STRING([--with-openssl], [Select the OpenSSL installation directory]), [ if test -d "$withval"; then _OPENSSLDIR="$withval" else AC_MSG_WARN([OpenSSL directory '$withval' does not exist or is not a directory]) fi ], [_OPENSSLDIR="$OPENSSLDIR"]) if test -n "${_OPENSSLDIR}" && test -d "${_OPENSSLDIR}"; then _OPENSSLDIR=`cd ${_OPENSSLDIR} && pwd` PKG_CONFIG_PATH="${_OPENSSLDIR}/lib/pkgconfig:${PKG_CONFIG_PATH}" LD_LIBRARY_PATH="${_OPENSSLDIR}/lib:${LD_LIBRARY_PATH}" DYLD_LIBRARY_PATH="${_OPENSSLDIR}/lib:${DYLD_LIBRARY_PATH}" fi PKG_CHECK_MODULES([OpenSSL], [libcrypto >= 0.9.8], [ ], [ OpenSSL_LIBS=" -lcrypto "; AC_MSG_WARN([OpenSSL pkg-config failed, using fallback defaults (${OpenSSL_LIBS})]); ] ) OPENSSL_LIBS="$OpenSSL_LIBS" OPENSSL_CFLAGS="$OpenSSL_CFLAGS" # Detect the Qt libraries and header #################################### AC_ARG_WITH([qt], AS_HELP_STRING([--with-qt], [Select the Qt installation directory]), [ if test -d "$withval"; then _QTDIR="$withval" else AC_MSG_WARN([Qt directory '$withval' does not exist or is not a directory]) fi ], [_QTDIR="${QTDIR}"]) if test -n "${_QTDIR}" && test -d "${_QTDIR}"; then _QTDIR=`cd ${_QTDIR} && pwd` PKG_CONFIG_PATH="${_QTDIR}/lib/pkgconfig:${PKG_CONFIG_PATH}" LD_LIBRARY_PATH="${_QTDIR}/lib:${LD_LIBRARY_PATH}" DYLD_LIBRARY_PATH="${_QTDIR}/lib:${DYLD_LIBRARY_PATH}" fi AC_ARG_WITH([qt-version], AS_HELP_STRING([--with-qt-version], [Select the Qt version]), [WANT_QT_VERSION="$withval"], [WANT_QT_VERSION=detect]) if test "${WANT_QT_VERSION}" = detect -o "${WANT_QT_VERSION}" = 5; then PKG_CHECK_MODULES(Qt5, [Qt5Core >= 5.0 Qt5Widgets >= 5.0 Qt5Sql >= 5.0], [ _QT_HOST_BINS="`pkg-config --variable=host_bins Qt5Core`" QT_MOC="${_QT_HOST_BINS}/moc" QT_UIC="${_QT_HOST_BINS}/uic" if test "$HOST" = "DARWIN"; then FRAMEDIR=`pkg-config --variable=libdir Qt5Core` Qt5_CFLAGS="$Qt5_CFLAGS -std=c++11 -F${FRAMEDIR} -I${FRAMEDIR}/QtCore.framework/Headers -I${FRAMEDIR}/QtGui.framework/Headers -I${FRAMEDIR}/QtWdgets.framework/Headers -I${FRAMEDIR}/QtSql.framework/Headers" Qt5_LDFLAGS=" -Xlinker -rpath -Xlinker ${FRAMEDIR}" fi WANT_QT_VERSION=5 QT_VERSION=5 QT_CFLAGS="${Qt5_CFLAGS} -fPIC" QT_LIBS="${Qt5_LIBS}${Qt5_LDFLAGS}" ],[ : ]) fi if test "${WANT_QT_VERSION}" = detect -o "${WANT_QT_VERSION}" = 4; then PKG_CHECK_MODULES(Qt4, [QtCore >= 4.7 QtCore < 5.0 QtGui >= 4.7 QtGui < 5.0 QtSql >= 4.7 QtSql < 5.0], [ QT_MOC="`pkg-config --variable=moc_location QtCore`" QT_UIC="`pkg-config --variable=uic_location QtCore`" if test -n "${QT_MOC}"; then _QT_HOST_BINS="`dirname ${QT_MOC}`" fi if test "$HOST" = "DARWIN"; then FRAMEDIR=`pkg-config --variable=libdir QtCore` Qt4_CFLAGS="$Qt4_CFLAGS -F${FRAMEDIR} -I${FRAMEDIR}/QtCore.framework/Headers -I${FRAMEDIR}/QtGui.framework/Headers -I${FRAMEDIR}/QtSql.framework/Headers" Qt4_LDFLAGS=" -Xlinker -rpath -Xlinker ${FRAMEDIR}" fi WANT_QT_VERSION=4 QT_VERSION=4 QT_CFLAGS="${Qt4_CFLAGS}" QT_LIBS="${Qt4_LIBS}${Qt4_LDFLAGS}" ],[ : ]) fi if test -z "${QT_VERSION}"; then if test -z "$DARWIN"; then QT_LIBS=" -lQtCore -lQtGui " else _QT_HOST_BINS="${_QTDIR}/bin" QT_MOC="${_QT_HOST_BINS}/moc" QT_UIC="${_QT_HOST_BINS}/uic" FRAMEDIR=${_QTDIR}/lib QT_LIBS=" -framework QtGui -framework QtCore -framework QtWidgets -framework QtSql -Xlinker -rpath -Xlinker ${FRAMEDIR}" QT_CFLAGS="-std=c++11 -F${FRAMEDIR} -I${FRAMEDIR}/QtCore.framework/Headers -I${FRAMEDIR}/QtGui.framework/Headers -I${FRAMEDIR}/QtCore.framework/Headers -I${FRAMEDIR}/QtWidgets.framework/Headers -I${FRAMEDIR}/QtSql.framework/Headers" fi AC_MSG_WARN([Qt pkg-config failed, using fallback defaults (${QT_LIBS})]); fi QT_DIR="$_QTDIR" # Delete trailing d (Debug) from Qt libs (@<:@ == [) (@:>@ == ]) QT_LIBS="$(echo " $QT_LIBS " | sed 's/-lQt\(@<:@^ @:>@*\)d\s/-lQt\1 /g')" AC_SUBST([QT_CFLAGS]) AC_SUBST([QT_LIBS]) AC_SUBST([QT_DIR]) # Setup MOC UIC RCC LRELEASE LCONVERT with absolute PATH if test ! -x "${QT_MOC}"; then QT_MOC="`which moc-qt${QT_VERSION} || which moc`" fi if test ! -x "${QT_UIC}"; then QT_UIC="`which uic-qt${QT_VERSION} || which uic`" fi QT_BIN_PATH="${_QT_HOST_BINS}:$PATH" AC_PATH_PROG([QT_LRELEASEQT], [lrelease-qt${QT_VERSION}], , [$QT_BIN_PATH]) if test "x${QT_LRELEASEQT}" = "x"; then AC_PATH_PROG([QT_LRELEASE], [lrelease], [lrelease], [$QT_BIN_PATH]) else QT_LRELEASE="$QT_LRELEASEQT" fi AC_PATH_PROG([QT_LCONVERTQT], [lconvert-qt${QT_VERSION}], , [$QT_BIN_PATH]) if test "x${QT_LCONVERTQT}" = "x"; then AC_PATH_PROG([QT_LCONVERT], [lconvert], [lconvert], [$QT_BIN_PATH]) else QT_LCONVERT="$QT_LCONVERTQT" fi AC_PATH_PROG([QT_RCCQT], [rcc-qt${QT_VERSION}], , [$QT_BIN_PATH]) if test "x${QT_RCCQT}" = "x"; then AC_PATH_PROG([QT_RCC], [rcc], [rcc], [$QT_BIN_PATH]) else QT_RCC="$QT_RCCQT" fi if test "$HOST" = "DARWIN"; then AC_PATH_PROG([MACDEPLOYQT], [macdeployqt], [macdeployqt], [$QT_BIN_PATH]) fi AC_SUBST([QT_MOC]) AC_SUBST([QT_UIC]) AC_SUBST([QT_LRELEASE]) AC_SUBST([QT_LCONVERT]) AC_SUBST([QT_RCC]) # The dyn_loader library libltdl ################################## AC_CHECK_LIB(ltdl, lt_dlopen, , [ echo "ERROR: Library 'ltdl' with symbol 'lt_dlopen' not found." echo " Try installing the package 'libltdl-dev' or 'libtool'" exit 1 ]) AC_CHECK_HEADER(ltdl.h, , [ echo "ERROR: Header 'ltdl.h' not found." echo " Try installing the package 'libltdl-dev' or 'libtool'" exit 1 ]) # Finally collect the compiler flags ##################################### CXXFLAGS="${CXXFLAGS} ${OPENSSL_CFLAGS} ${QT_CFLAGS}" LIBS="${LIBS} ${OPENSSL_LIBS} ${QT_LIBS} -lstdc++" # Just give it a try ..... ########################## XCA_COMPILE_TEST() AX_CHECK_GNU_MAKE() # linuxdoc application detection ################################## AC_ARG_ENABLE([doc], AS_HELP_STRING([--disable-doc], [Disable documentation installation]), , [enable_doc=yes]) test "${enable_doc}" = "yes" && ENABLE_DOC= || ENABLE_DOC='\#' AC_SUBST([ENABLE_DOC]) if test "${enable_doc}"; then AC_CHECK_PROGS([DOCTOOL], [linuxdoc sgml2html], [":"]) AC_SUBST([DOCTOOL]) case "$DOCTOOL" in linuxdoc) DOCTOOL="linuxdoc -B html -H \$(TOPDIR)/doc/html.header";; sgml2html) DOCTOOL="sgml2html -s 1 -H \$(TOPDIR)/doc/html.header";; :) if test "${srcdir}" != "."; then mkdir -p doc cp ${srcdir}/doc/xca-doc.tgz doc/ fi AC_MSG_WARN(['linuxdoc' or 'sgml2html' not found, using pre-compiled documentation]) ;; esac fi # Setup done. Write local.h and Local.mak ############################################ AC_CONFIG_HEADERS(local.h) AC_CONFIG_LINKS(Makefile:Makefile) AC_CONFIG_FILES([Local.mak misc/Info.plist misc/variables.wxi]) AC_OUTPUT xca-RELEASE.2.2.1/AUTHORS0000644000175000017500000000021113614632167013757 0ustar tewardtewardChristian Hohnstädt Programming, translation, testing Kerstin Steinhauff Arts, Graphics xca-RELEASE.2.2.1/git.publish0000755000175000017500000000103713614632167015074 0ustar tewardteward#!/bin/sh set -e test -s VERSION && test -s changelog && test -s README.md test -d .git read TVERSION < VERSION export TVERSION releasedir="$HOME/xca-$TVERSION" ./misc/gen-binary-hash "$releasedir" echo "$TVERSION""+" > VERSION git commit -a -m "Release XCA $TVERSION done" ./github.release.py "$TVERSION" "${releasedir}/"*xca*"$TVERSION"* cat << EOF After verifying the commits, tags and github release, finally do: git push origin --tags master scp ${releasedir}/doc/* hohnstaedt.de:xca-doc/ Un-draft the release on github EOF xca-RELEASE.2.2.1/INSTALL0000644000175000017500000000437513614632167013757 0ustar tewardteward -------------------=[ XCA ]=--------------------- A graphical user interface to OpenSSL. Requirements: ============== for compilation, you need the following Libraries: QT >= 4.8.0 from http://www.troll.no OpenSSL >= 0.9.8 from http://www.openssl.org GNU C++ compiler >= 3.1.0 GNU make Installation: ============= Configuration: -------------- When cloning the git sources the autoconf configure script must be assembled by calling $ ./bootstrap The officially published sources already come with a configure script. To build, just do the following steps: $ ./configure; make -j6; make install You can build in a different subdirectory: - cd into the build directory and - call configure by its full path. For example, if you are in the freshly unpacked xca-1.1.0 directory: $ mkdir Build && cd Build && ../configure && make -j10 To clean all built files: rm -rf Build If you have a special setup, you can predefine the following variables: CC, LD, STRIP, CFLAGS, prefix. e.g.: $ CC="ccache gcc" STRIP=: CFLAGS="-Wall -g" prefix=/opt/xca ./configure to have a cached build and to not strip xca when installing it. XCA expects the translationfiles in /opt/xca/share/xca/ and installs itself to /opt/xca/bin/ configure allows to set the openssl and QT installation dir. $ ./configure --help shows all options. It writes all found settings to "Local.mak" and "local.h" Building: ----------- The Makefiles do support parallel builds (-j) targets: all, xca : builds the app install : installs the app headers : UICs the headers in ui/ needed by other files. clean : deletes all builded files distclean: deletes also Local.mak xca.exe : W32 executable (see INSTALL.w32) snapshot : Creates a current snapshot from the local git repository xca.app : Creates the MacOSX xca.app xca.dmg : Creates the MacOSX Disk image Installing: ------------ make destdir=/my/virtual/root provides /my/virtual/root/ as root-directory for installation to be mounted by others as root or as installdir for package builders. Running/invoking: ================= a detailed manual can be found in docs/ ---------------------------------------------------------- if there are any questions regarding this software, dont hesitate to contact me: christian@hohnstaedt.de xca-RELEASE.2.2.1/ui/0000755000175000017500000000000013614632167013332 5ustar tewardtewardxca-RELEASE.2.2.1/ui/CertExtend.ui0000644000175000017500000002322013614632167015735 0ustar tewardteward CertExtend 0 0 411 416 Arial 14 50 false false false false Certificate renewal Qt::Horizontal QSizePolicy::Expanding 78 20 95 40 95 40 true This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. true Qt::Vertical QSizePolicy::Expanding 368 16 Validity 8 Not before Not after true true Time range Local time Days Months Years No well-defined expiration Midnight Apply Qt::Vertical 20 2 Revoke old certificate true Keep serial number Qt::Vertical QSizePolicy::Expanding 368 16 QDialogButtonBox::Cancel|QDialogButtonBox::Ok Validity QDateTimeEdit
widgets/validity.h
1 hideTimeCheck(int) localTime(int) validNumber validRange midnightCB applyTime midnightCB stateChanged(int) notAfter hideTimeCheck(int) 453 197 231 187 noWellDefinedExpDate clicked(bool) notAfter setDisabled(bool) 738 193 331 200 midnightCB stateChanged(int) notBefore hideTimeCheck(int) 453 197 239 157 buttonBox accepted() CertExtend accept() 124 253 28 255 buttonBox rejected() CertExtend reject() 217 257 74 220 midnightCB clicked(bool) checkBox setDisabled(bool) 421 182 544 197 checkBox stateChanged(int) notBefore localTime(int) 518 189 331 164 checkBox stateChanged(int) notAfter localTime(int) 505 190 331 200 xca-RELEASE.2.2.1/ui/NewX509.ui0000644000175000017500000013047513614632167015022 0ustar tewardteward NewX509 0 0 747 637 Arial 14 50 false false false false Qt::Horizontal QSizePolicy::Expanding 20 20 95 40 95 40 true 0 Source Qt::Vertical QSizePolicy::Expanding 20 16 Signing request 0 Show request Sign this Certificate signing &request Copy extensions from the request true Modify subject of the request Qt::Vertical QSizePolicy::Expanding 20 16 Signing Create a &self signed certificate true Use &this Certificate for signing All certificates in your database that can create valid signatures Qt::Vertical 20 16 Signature algorithm Qt::Vertical QSizePolicy::Expanding 20 16 Template for the new certificate 0 0 All available templates Qt::Horizontal 13 20 Apply extensions Apply subject 0 0 Apply all Qt::Vertical QSizePolicy::Expanding 20 16 Subject Internal Name This name is only used internally and does not appear in the resulting certificate Distinguished name Distinguished name 200 true Add Delete Qt::Vertical 20 40 QFrame::Panel QFrame::Sunken Private key 0 0 This list only contains unused keys Used keys too &Generate a new key Extensions Type If this will become a CA certificate or not Not defined Certification Authority End Entity Path length How much CAs may be below this. The basic constraints should always be critical Critical Key identifier Key identifier 8 Creates a hash of the key following the PKIX guidelines &Subject Key Identifier Copy the Subject Key Identifier from the issuer &Authority Key Identifier Qt::Vertical 20 40 true 0 Validity Not before true Not after true Time range Days Months Years 0 0 Apply Set the time to 00:00:00 and 23:59:59 respectively Midnight Local time No well-defined expiration Qt::Vertical 20 40 20 20 20 20 DNS: IP: URI: email: RID: Edit DNS: IP: URI: email: RID: Edit 20 20 20 20 URI: Edit 20 20 20 20 DNS: IP: URI: email: RID: Edit 20 20 20 20 Key usage 8 8 Critical QAbstractItemView::MultiSelection QAbstractItemView::SelectRows Digital Signature Non Repudiation Key Encipherment Data Encipherment Key Agreement Certificate Sign CRL Sign Encipher Only Decipher Only 8 Critical QAbstractItemView::MultiSelection QAbstractItemView::SelectRows Netscape QAbstractItemView::MultiSelection SSL Client SSL Server S/MIME Object Signing SSL CA S/MIME CA Object Signing CA Qt::Horizontal QSizePolicy::Expanding 20 20 107 107 true Qt::Vertical QSizePolicy::Expanding 20 20 If you know a more pretty one tell me Advanced Qt::Horizontal 40 20 Validate Qt::Horizontal 40 20 Comment QDialogButtonBox::Cancel|QDialogButtonBox::Ok hashBox QComboBox
widgets/hashBox.h
 Validity QDateTimeEdit
widgets/validity.h
1 hideTimeCheck(int) localTime(int) kvView QTableView
widgets/kvView.h
addKvRow() deleteCurrentRow() DoubleClickLabel QLabel
widgets/clicklabel.h
 itemComboReq QComboBox
widgets/ItemCombo.h
 itemComboKey QComboBox
widgets/ItemCombo.h
 itemComboCert QComboBox
widgets/ItemCombo.h
 itemComboTemp QComboBox
widgets/ItemCombo.h
 fromReqCB reqList copyReqExtCB showReqBut reqSubChange selfSignRB foreignSignRB certList hashAlgo tempList applyExtensions applySubject applyTemplate extDNlist extDNadd extDNdel keyList usedKeysToo genKeyBut basicCA basicPath bcCritical subKey authKey notBefore notAfter validN validMidn checkBox noWellDefinedExpDate validRange applyTime subAltName editSubAlt issAltName editIssAlt crlDist editCrlDist aiaOid authInfAcc editAuthInfAcc kuCritical keyUsage ekuCritical ekeyUsage nsCertType nsBaseUrl nsRevocationUrl nsCARevocationUrl nsRenewalUrl nsCaPolicyUrl nsSslServerName nsComment nconf_data adv_validate buttonBox tabWidget noWellDefinedExpDate clicked(bool) notAfter setDisabled(bool) 595 341 203 342 fromReqCB clicked(bool) reqList setEnabled(bool) 292 147 402 147 extDNdel clicked() extDNlist deleteCurrentRow() 713 199 57 251 extDNadd clicked() extDNlist addKvRow() 713 167 57 251 foreignSignRB toggled(bool) certList setEnabled(bool) 279 344 388 332 validMidn stateChanged(int) notBefore hideTimeCheck(int) 384 341 203 311 validMidn stateChanged(int) notAfter hideTimeCheck(int) 384 341 203 342 buttonBox accepted() NewX509 accept() 566 627 285 570 buttonBox rejected() NewX509 reject() 652 627 405 566 checkBox stateChanged(int) notAfter localTime(int) 451 329 290 328 checkBox stateChanged(int) notBefore localTime(int) 459 337 268 301 validMidn clicked(bool) checkBox setDisabled(bool) 431 348 447 337 xca-RELEASE.2.2.1/ui/MainWindow.ui0000644000175000017500000006366613614632167015766 0ustar tewardteward MainWindow 0 0 702 511 2 Private Keys 8 0 0 QFrame::Box QFrame::Sunken &New Key &Export &Import Import PFX (PKCS#12) &Show Details &Delete Qt::Vertical QSizePolicy::Expanding 20 20 200 94 true Certificate signing requests 8 0 0 QFrame::Box QFrame::Sunken 8 &New Request &Export &Import &Show Details &Delete Qt::Vertical QSizePolicy::Expanding 20 20 200 94 true Certificates 8 QFrame::Box QFrame::Sunken 11 &New Certificate &Export &Import &Show Details &Delete Import &PKCS#12 Import P&KCS#7 Plain View Qt::Vertical QSizePolicy::Expanding 20 20 200 94 true Templates 8 true QFrame::Box QFrame::Sunken 11 &New Template Ch&ange Template &Delete &Import &Export Qt::Vertical QSizePolicy::Expanding 20 20 200 94 true Revocation lists QFrame::Box QFrame::Sunken &New CRL &Export &Import &Show Details &Delete Qt::Vertical QSizePolicy::Expanding 20 20 200 94 true XcaTreeView QTreeView
widgets/XcaTreeView.h
newItem() load() storeItems() showItems() deleteItems() KeyTreeView QTreeView
widgets/KeyTreeView.h
 TempTreeView QTreeView
widgets/TempTreeView.h
 ReqTreeView QTreeView
widgets/ReqTreeView.h
 CertTreeView QTreeView
widgets/CertTreeView.h
loadPKCS12() loadPKCS7() changeView() BNimportKey clicked() keyView load() 505 129 382 135 BNnewKey clicked() keyView newItem() 488 67 392 67 BNexportKey clicked() keyView storeItems() 526 99 393 99 BNdetailsKey clicked() keyView showItems() 473 200 405 200 BNdeleteKey clicked() keyView deleteItems() 470 229 404 230 BNnewReq clicked() reqView newItem() 496 57 371 58 BNexportReq clicked() reqView storeItems() 489 91 400 95 BNimportReq clicked() reqView load() 500 123 412 130 BNdetailsReq clicked() reqView showItems() 497 157 419 166 BNdeleteReq clicked() reqView deleteItems() 475 196 399 196 BNnewCert clicked() certView newItem() 478 63 398 63 BNexportCert clicked() certView storeItems() 499 97 401 99 BNimportCert clicked() certView load() 475 127 401 128 BNdetailsCert clicked() certView showItems() 486 162 395 165 BNdeleteCert clicked() certView deleteItems() 482 203 357 207 BNnewTemp clicked() tempView newItem() 513 60 363 62 BNchangeTemp clicked() tempView showItems() 481 94 415 97 BNdeleteTemp clicked() tempView deleteItems() 482 126 428 126 BNimportTemp clicked() tempView load() 487 165 407 165 BNexportTemp clicked() tempView storeItems() 488 201 428 201 BNexportCrl clicked() crlView storeItems() 472 70 381 70 BNimportCrl clicked() crlView load() 496 99 382 99 BNdetailsCrl clicked() crlView showItems() 477 131 391 131 BNdeleteCrl clicked() crlView deleteItems() 471 173 386 172 BNimportPKCS12 clicked() certView loadPKCS12() 504 239 420 234 BNimportPKCS7 clicked() certView loadPKCS7() 544 265 406 260 BNimportPFX clicked() certView loadPKCS12() 483 170 230 263 BNviewState clicked() certView changeView() 472 304 402 301 BNnewCrl clicked() crlView newItem() 568 62 235 264 xca-RELEASE.2.2.1/ui/CaProperties.ui0000644000175000017500000001033013614632167016266 0ustar tewardteward CaProperties 0 0 487 238 Arial 14 50 false false false false CA Properties Qt::Horizontal QSizePolicy::Expanding 20 20 95 40 95 40 true Qt::Vertical 20 20 Days until next CRL issuing Default template Qt::Vertical 20 40 QDialogButtonBox::Cancel|QDialogButtonBox::Ok itemComboTemp QComboBox
widgets/ItemCombo.h
 buttonBox accepted() CaProperties accept() 341 472 292 254 buttonBox rejected() CaProperties reject() 445 473 445 237 xca-RELEASE.2.2.1/ui/KeyDetail.ui0000644000175000017500000002665413614632167015561 0ustar tewardteward KeyDetail 0 0 572 403 Arial 14 50 false false false false Qt::Horizontal QSizePolicy::Expanding 20 20 0 0 95 40 95 40 true Name The internal name of the key used by xca 0 Key Public Exponent Qt::Horizontal QSizePolicy::MinimumExpanding 20 20 Keysize 0 0 0 0 Private Exponent 0 0 Key QFrame::NoFrame QFrame::Sunken Qt::ScrollBarAlwaysOff false Qt::TextSelectableByKeyboard|Qt::TextSelectableByMouse false Security Token Qt::Vertical 20 33 Label PKCS#11 ID Qt::Vertical 20 32 Token information Model Manufacturer Serial Label Fingerprint Comment false <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd"> <html><head><meta name="qrichtext" content="1" /><style type="text/css"> p, li { white-space: pre-wrap; } </style></head><body style=" font-family:'Ubuntu'; font-size:11pt; font-weight:400; font-style:normal;"> <p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; font-family:'Sans Serif'; font-size:9pt;"><br /></p></body></html> QDialogButtonBox::Ok ClickLabel QLabel
widgets/clicklabel.h
 CopyLabel QLabel
widgets/clicklabel.h
 buttonBox accepted() KeyDetail accept() 485 405 258 379 xca-RELEASE.2.2.1/ui/NewCrl.ui0000644000175000017500000002071413614632167015067 0ustar tewardteward NewCrl 0 0 354 428 QLayout::SetMinAndMaxSize Last update true Next update true Days Months Years Midnight Local time Apply Qt::Vertical 20 1 Options Hash algorithm Subject alternative name Authority key identifier CRL number QLayout::SetDefaultConstraint true Revocation reasons true hashBox QComboBox
widgets/hashBox.h
 Validity QDateTimeEdit
widgets/validity.h
1 hideTimeCheck(int) localTime(int) setCrlNumber clicked(bool) crlNumber setEnabled(bool) 204 369 325 370 midnightCB stateChanged(int) nextUpdate hideTimeCheck(int) 81 182 195 93 midnightCB stateChanged(int) lastUpdate hideTimeCheck(int) 53 178 161 51 midnightCB clicked(bool) checkBox setDisabled(bool) 106 176 146 183 checkBox stateChanged(int) nextUpdate localTime(int) 164 182 170 88 checkBox stateChanged(int) lastUpdate localTime(int) 197 175 189 60 xca-RELEASE.2.2.1/ui/ImportMulti.ui0000644000175000017500000001173513614632167016165 0ustar tewardteward ImportMulti 0 0 516 477 6 0 Arial 14 50 false false false false Import PKI Items Qt::Horizontal QSizePolicy::Expanding 20 20 95 40 95 40 true QFrame::Box QFrame::Sunken Import &All &Import &Done &Remove from list Details Delete from token Rename on token Qt::Vertical QSizePolicy::Expanding 204 21 0 0 QFrame::Box butCancel clicked() ImportMulti accept() 373 131 287 358 xca-RELEASE.2.2.1/ui/OpenDb.ui0000644000175000017500000001275513614632167015052 0ustar tewardteward OpenDb 0 0 441 292 6 0 Arial 14 50 false false false false Open remote database Qt::Horizontal QSizePolicy::Expanding 20 20 95 40 95 40 true Qt::Vertical 20 20 Database type Hostname Username Password QLineEdit::Password Database name Table prefix Qt::Vertical 20 21 Qt::Horizontal Qt::Horizontal QDialogButtonBox::Cancel|QDialogButtonBox::Ok buttonBox accepted() Dialog accept() 248 254 157 274 buttonBox rejected() Dialog reject() 316 260 286 274 xca-RELEASE.2.2.1/ui/Makefile0000644000175000017500000000071113614632167014771 0ustar tewardteward ifeq ($(TOPDIR),) TOPDIR=.. BUILD=.. endif UI_H = ui_CaProperties.h ui_CertDetail.h ui_CertExtend.h \ ui_CrlDetail.h ui_ExportDialog.h ui_Help.h \ ui_ImportMulti.h ui_KeyDetail.h ui_MainWindow.h ui_NewCrl.h \ ui_NewKey.h ui_NewX509.h ui_Options.h ui_PwDialog.h ui_Revoke.h \ ui_SelectToken.h ui_XcaDialog.h ui_v3ext.h ui_SearchPkcs11.h \ ui_RevocationList.h ui_OidResolver.h ui_OpenDb.h ui_ItemProperties.h include $(TOPDIR)/Rules.mak ui: $(UI_H) xca-RELEASE.2.2.1/ui/NewKey.ui0000644000175000017500000001500713614632167015076 0ustar tewardteward NewKey 0 0 449 320 6 0 Arial 14 50 false false false false New Key Qt::Horizontal QSizePolicy::Expanding 20 20 95 40 95 40 true Please give a name to the new key and select the desired keysize true Key properties Name 0 0 32767 32767 The internal name of the new key New Key 0 0 0 0 Curve name Keysize 0 0 Usually at least 2048 bit keys are recommended Keytype Remember as default Qt::Vertical QSizePolicy::Expanding 351 16 QDialogButtonBox::Cancel|QDialogButtonBox::Ok keyDesc keyType keyLength curveBox buttonBox accepted() NewKey accept() 303 274 173 248 buttonBox rejected() NewKey reject() 408 270 56 236 xca-RELEASE.2.2.1/ui/PwDialog.ui0000644000175000017500000001017213614632167015400 0ustar tewardteward PwDialog 0 0 400 264 6 0 Arial 14 50 false false false false Qt::Horizontal QSizePolicy::Expanding 20 20 95 40 95 40 true QFrame::NoFrame QFrame::Box QFrame::Sunken QLineEdit::Password QLineEdit::Password The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) Take as HEX string Qt::Horizontal QDialogButtonBox::Cancel|QDialogButtonBox::Ok buttonBox clicked(QAbstractButton*) PwDialog buttonPress(QAbstractButton*) 63 221 102 21 buttonPress(QAbstractButton*) xca-RELEASE.2.2.1/ui/Help.ui0000644000175000017500000000600613614632167014563 0ustar tewardteward Help 0 0 737 619 8 6 0 6 << true >> true Qt::Horizontal QSizePolicy::Expanding 20 20 &Done true true buttonOk clicked() Help accept() 668 26 520 19 forward clicked() textbox forward() 128 33 189 161 back clicked() textbox backward() 57 25 61 254 xca-RELEASE.2.2.1/ui/Revoke.ui0000644000175000017500000001176013614632167015131 0ustar tewardteward Revoke 0 0 417 282 Arial 14 50 false false false false Certificate revocation Qt::Horizontal QSizePolicy::Expanding 78 20 95 40 95 40 true Qt::Vertical 20 10 Revocation details Revocation reason true Local time Invalid since Serial Qt::Horizontal QDialogButtonBox::Cancel|QDialogButtonBox::Ok Validity QDateTimeEdit
widgets/validity.h
1 hideTimeCheck(int) localTime(int) buttonBox accepted() Revoke accept() 242 277 157 164 checkBox stateChanged(int) invalid localTime(int) 398 194 389 167 buttonBox rejected() Revoke reject() 97 268 109 59 xca-RELEASE.2.2.1/ui/v3ext.ui0000644000175000017500000001073413614632167014747 0ustar tewardteward v3ext 0 0 473 233 Critical Copy Common Name QFrame::Panel QFrame::Sunken Add Delete Qt::Vertical 20 40 Apply Validate Qt::Horizontal QSizePolicy::Expanding 20 20 0 0 Cancel kvView QTableView
widgets/kvView.h
addKvRow() deleteCurrentRow() cancel clicked() v3ext reject() 375 221 227 150 delEntry clicked() tab deleteCurrentRow() 323 51 222 52 addEntry clicked() tab addKvRow() 307 31 270 30 xca-RELEASE.2.2.1/ui/ExportDialog.ui0000644000175000017500000001720213614632167016274 0ustar tewardteward ExportDialog 0 0 589 303 Arial 14 50 false false false false Qt::Horizontal QSizePolicy::Expanding 20 20 95 40 95 40 true Name The internal name of the CRL in the database QFrame::Box QFrame::Sunken 8 0 0 ... 0 0 Filename QFrame::Box QFrame::Sunken 0 0 Qt::AlignLeading|Qt::AlignLeft|Qt::AlignTop true QFrame::Box QFrame::Sunken Qt::Vertical 20 10 Export comment into PEM file Qt::Vertical 20 18 Export Format Qt::Vertical 20 11 QDialogButtonBox::Cancel|QDialogButtonBox::Ok focusCombo QComboBox
widgets/FocusCombo.h
 filename fileBut buttonBox accepted() ExportDialog accept() 358 304 232 274 buttonBox rejected() ExportDialog reject() 463 300 130 280 xca-RELEASE.2.2.1/ui/SearchPkcs11.ui0000644000175000017500000000773713614632167016077 0ustar tewardteward SearchPkcs11 0 0 480 378 0 0 QFrame::Box QFrame::Sunken 0 0 Directory 0 0 ... Include subdirectories Search Qt::PlainText false QAbstractItemView::NoEditTriggers false Qt::Horizontal QDialogButtonBox::Cancel|QDialogButtonBox::Ok|QDialogButtonBox::Open buttonBox clicked(QAbstractButton*) SearchPkcs11 buttonPress(QAbstractButton*) 229 362 368 104 liblist itemDoubleClicked(QListWidgetItem*) SearchPkcs11 loadItem(QListWidgetItem*) 339 279 368 225 buttonPress(QAbstractButton*) loadItem(QListWidgetItem*) xca-RELEASE.2.2.1/ui/SelectToken.ui0000644000175000017500000000706713614632167016123 0ustar tewardteward SelectToken 0 0 369 162 6 0 Arial 14 50 false false false false Security token Qt::Horizontal QSizePolicy::Expanding 20 20 95 40 95 40 true Please select the security token Qt::AlignCenter Qt::Vertical QSizePolicy::Expanding 351 16 QDialogButtonBox::Cancel|QDialogButtonBox::Ok buttonBox accepted() SelectToken accept() 222 138 90 114 buttonBox rejected() SelectToken reject() 331 129 144 103 xca-RELEASE.2.2.1/ui/OidResolver.ui0000644000175000017500000001272213614632167016132 0ustar tewardteward OidResolver 0 0 404 241 Arial 14 50 false false false false OID Resolver Qt::AlignCenter Enter the OID, the Nid, or one of the textual representations Search Qt::Horizontal QFormLayout::AllNonFixedFieldsGrow Qt::AlignLeading|Qt::AlignLeft|Qt::AlignVCenter OID 0 0 0 18 0 0 0 18 Long name 0 0 0 18 OpenSSL internal ID Nid 0 0 0 18 OpenSSL internal ID Short name CopyLabel QLabel
widgets/clicklabel.h
 input textChanged(QString) OidResolver searchOid(QString) 207 103 144 47 searchOid(QString) xca-RELEASE.2.2.1/ui/CrlDetail.ui0000644000175000017500000002503613614632167015542 0ustar tewardteward CrlDetail 0 0 530 381 Arial 14 50 false false false false Details of the Revocation list Qt::Horizontal QSizePolicy::Expanding 20 20 95 40 95 40 true 0 &Status 8 Qt::Vertical QSizePolicy::Expanding 20 20 QFrame::Box QFrame::Sunken 8 0 0 Version 0 0 Signature Signed by Name The internal name of the CRL in the database issuing dates 8 Next update Last update Qt::Vertical QSizePolicy::Expanding 20 20 &Issuer 11 &Extensions 11 false true &Revocation list 11 true QAbstractItemView::NoSelection 1 Comment <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd"> <html><head><meta name="qrichtext" content="1" /><style type="text/css"> p, li { white-space: pre-wrap; } </style></head><body style=" font-family:'DejaVu Sans'; font-size:9pt; font-weight:400; font-style:normal;"> <p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; font-family:'Sans Serif';"><br /></p></body></html> false QDialogButtonBox::Cancel|QDialogButtonBox::Ok ClickLabel QLabel
widgets/clicklabel.h
 DistName QWidget
widgets/distname.h
1 CopyLabel QLabel
widgets/clicklabel.h
 buttonBox accepted() CrlDetail accept() 364 371 169 308 buttonBox rejected() CrlDetail reject() 387 353 529 345 xca-RELEASE.2.2.1/ui/XcaDialog.ui0000644000175000017500000001123013614632167015521 0ustar tewardteward XcaDialog 0 0 435 177 QLayout::SetMinimumSize 0 0 95 40 16777215 40 Arial 14 50 false false false false true Qt::Horizontal QSizePolicy::Expanding 20 20 0 0 95 40 95 40 true Qt::Vertical 20 40 Qt::Vertical 20 1 0 0 QDialogButtonBox::Cancel|QDialogButtonBox::Ok buttonBox accepted() XcaDialog accept() 286 264 83 245 buttonBox rejected() XcaDialog reject() 386 260 430 85 xca-RELEASE.2.2.1/ui/CertDetail.ui0000644000175000017500000003402713614632167015717 0ustar tewardteward CertDetail 0 0 535 498 Arial 14 50 false false false false Details of the Certificate Qt::Horizontal QSizePolicy::Expanding 20 20 95 40 95 40 true 0 Status Qt::Vertical QSizePolicy::Expanding 20 20 QFrame::Sunken Internal name The internal name of the certificate in the database Signature Key 0 0 Serial 0 0 The serial number of the certificate Fingerprints 0 0 MD5 0 0 An md5 hashsum of the certificate 0 0 SHA1 0 0 A SHA-1 hashsum of the certificate 0 0 SHA256 0 0 A SHA-256 hashsum of the certificate Validity 8 The time since the certificate is valid The time until the certificate is valid Qt::Vertical QSizePolicy::Expanding 20 20 Subject 11 Issuer 11 Attributes Extensions true Show config Comment <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd"> <html><head><meta name="qrichtext" content="1" /><style type="text/css"> p, li { white-space: pre-wrap; } </style></head><body style=" font-family:'Ubuntu'; font-size:11pt; font-weight:400; font-style:normal;"> <p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; font-family:'Sans Serif'; font-size:9pt;"><br /></p></body></html> false QDialogButtonBox::Cancel|QDialogButtonBox::Ok ClickLabel QLabel
widgets/clicklabel.h
 DistName QWidget
widgets/distname.h
1 CopyLabel QLabel
widgets/clicklabel.h
 buttonBox accepted() CertDetail accept() 378 488 235 405 buttonBox rejected() CertDetail reject() 485 475 530 428 xca-RELEASE.2.2.1/ui/RevocationList.ui0000644000175000017500000001035413614632167016641 0ustar tewardteward RevocationList 0 0 628 320 Arial 14 50 false false false false Manage revocations Qt::Horizontal QSizePolicy::Expanding 20 20 95 40 95 40 true true QAbstractItemView::MultiSelection QAbstractItemView::SelectRows 1 Add Delete Edit Qt::Vertical 20 40 QDialogButtonBox::Cancel|QDialogButtonBox::Ok buttonBox accepted() RevocationList accept() 341 291 292 254 buttonBox rejected() RevocationList reject() 445 292 445 237 xca-RELEASE.2.2.1/ui/TrustState.ui0000644000175000017500000001000613614632167016010 0ustar tewardteward TrustState 0 0 435 211 Arial 14 50 false false false false Certificate trust Qt::Horizontal QSizePolicy::Expanding 20 20 95 40 95 40 true Qt::Vertical 20 40 Trustment 8 &Never trust this certificate Only &trust this certificate, if we trust the signer &Always trust this certificate QDialogButtonBox::Cancel|QDialogButtonBox::Ok trust0 trust1 trust2 buttonBox accepted() TrustState accept() 286 264 83 245 buttonBox rejected() TrustState reject() 386 260 430 85 xca-RELEASE.2.2.1/ui/ItemProperties.ui0000644000175000017500000000364513614632167016654 0ustar tewardteward ItemProperties 0 0 400 295 Name Source Insertion date Comment false CopyLabel QLabel
widgets/clicklabel.h
 xca-RELEASE.2.2.1/ui/Options.ui0000644000175000017500000003457613614632167015343 0ustar tewardteward Options 0 0 635 500 Arial 14 50 false false false false XCA Options Qt::AlignCenter 0 Settings Default hash algorithm String types Suppress success messages Disable legacy Netscape extensions Translate established x509 terms (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. Only use hashes supported by the token when signing with a token key Don't colorize expired certificates QLayout::SetDefaultConstraint 0 0 Certificate expiry warning threshold Send vCalendar expiry reminder Serial number length bit 8 256 8 64 Qt::Vertical 20 241 Distinguished name Mandatory subject entries Add Delete Qt::Vertical 20 40 Explicit subject entries QAbstractItemView::InternalMove Dynamically arrange explicit subject entries Add Delete Default Qt::Vertical 20 18 PKCS#11 provider true false QAbstractItemView::InternalMove QAbstractItemView::SelectRows QListView::Snap QListView::Adjust true 0 0 Add 0 0 Remove Search Qt::Vertical 77 17 Qt::Horizontal QDialogButtonBox::Cancel|QDialogButtonBox::Ok hashBox QComboBox
widgets/hashBox.h
 focusCombo QComboBox
widgets/FocusCombo.h
 hashAlgo buttonBox accepted() Options accept() 376 495 109 380 buttonBox rejected() Options reject() 453 495 194 374 noColorize toggled(bool) cert_expiry_num setDisabled(bool) 139 241 333 267 noColorize toggled(bool) cert_expiry_unit setDisabled(bool) 448 242 529 266 xca-RELEASE.2.2.1/ui/TimeInput.ui0000644000175000017500000001347413614632167015620 0ustar tewardteward Form 0 0 491 224 QLayout::SetMinAndMaxSize last update true next update true Days Months Years Apply Midnight Local time No well-defined expiration Validity QDateTimeEdit
widgets/validity.h
1 hideTimeCheck(int) localTime(int) midnightCB clicked(bool) checkBox setDisabled(bool) 128 189 256 189 checkBox stateChanged(int) nextUpdate localTime(int) 187 187 360 100 checkBox stateChanged(int) lastUpdate localTime(int) 256 189 360 64 midnightCB stateChanged(int) lastUpdate hideTimeCheck(int) 131 189 360 64 midnightCB stateChanged(int) nextUpdate hideTimeCheck(int) 146 189 360 100 applyTime clicked() Form applyTimeRange() 310 195 297 228 applyTimeRange() xca-RELEASE.2.2.1/ui/.gitignore0000644000175000017500000000000413614632167015314 0ustar tewardteward*.h xca-RELEASE.2.2.1/local.h.in0000644000175000017500000000027613614632167014572 0ustar tewardteward/* Filled in version number from the VERSION file */ #undef PACKAGE_VERSION /* usually "xca" */ #undef PACKAGE_TARNAME /* usually "X Certificate and Key management" */ #undef PACKAGE_NAME xca-RELEASE.2.2.1/INSTALL.qt50000644000175000017500000000037313614632167014461 0ustar tewardteward(Just my scratch board) export QTDIR=/home/chris/Qt5.1.1/5.1.1/gcc_64 export LD_LIBRARY_PATH="/home/chris/instopenssl102/lib:${QTDIR}/lib" export PATH="${QTDIR}/bin:$PATH" ../configure --with-openssl=/home/chris/instopenssl102 --with-qt="${QTDIR}" xca-RELEASE.2.2.1/gen_commithash.h.sh0000755000175000017500000000043213614632167016466 0ustar tewardteward#!/bin/sh ( cd `dirname $0` echo '#define COMMITHASH "' git rev-parse HEAD git diff-index --quiet HEAD -- || test ! -d .git || echo "+local-changes" echo '"' ) 2>/dev/null | tr -d '\n' > "$1.new" if cmp -s "$1" "$1.new"; then rm -f "$1.new" else mv "$1.new" "$1" fi xca-RELEASE.2.2.1/INSTALL.qmake0000644000175000017500000000114113614632167015040 0ustar tewardteward Next to the usual configuration script, there is an alternative way to build xca. At least on unix, one can use qmake to create a makefile for building. Maybe this will help, if you have a weired setup. $ qmake -o makefile creates the makefile. I recommend "makefile" to not overwrite "Makefile" and also assures, that it is used instead of the original Makefile. (At least on debian the qmake command is "qmake-qt4") Now you need to create the file Local.h $ cat >local.h <, +:IWemwhJ=?4" %8Ocqw}jF/# $9Qhw}xvt}znZE2  &;Uky}tsnjq|p`K<.  *=Vjuyywqqkfwmj`V@2)% ,AVcotw~{xzul`f|f\LI8/#  -CS`ls{~riqusddpvqbNC>0+&"  .@N\ht}n_[egkwplhXF;4,'&$#  -8407:<65/6*+><;;: Q: : w9*|p9 28lp8 "-78'$8<9 ;<= ><;;: Q: : w9*|p9 28lp8 "-78'$8<9 ;<= ><;;: Q: : w9*|p9 28lp8 "-78'$8<9 ;<= ?<<<== *ߡdF%bثkN6ⰁY;ֺn;,vItC㘷κd$𚣾ԻǦ Л̲Ƨxҙ厉k\pļ[jFQ ?ˏ^G+$ fzuvqz z"PXs2'\WRFMJi\W5E_;; 9hiZ+f! @JMt9靈ଜ)$Qy+ F!vob,g[icGM]~-0>E> $=N??2 *ߡdF%bثkN6ⰁY;ֺn;,vItC㘷κd$𚣾ԻǦ Л̲Ƨxҙ厉k\pļ[jFQ ?ˏ^G+$ fzuvqz z"PXs2'\WRFMJi\W5E_;; 9hiZ+f! @JMt9靈ଜ)$Qy+ F!vob,g[icGM]~-0>E> $=N??2 *ߡdF%bثkN6ⰁY;ֺn;,vItC㘷κd$𚣾ԻǦ Л̲Ƨxҙ厉k\pļ[jFQ ?ˏ^G+$ fzuvqz z"PXs2'\WRFMJi\W5E_;; 9hiZ+f! @JMt9靈ଜ)$Qy+ F!vob,g[icGM]~-0>E> $=N??2 #-E]xumi^cgf`WLE?;6<@DB@7&1I4%%:Ros^jk`_\WLKID9=@88+" 4J\oxynXcneWVSNJF@96EQRJGDLRK:13*  ->P_bcuaJJMPIE;315,1AIBFFMQUOD=3+  (6GI|v\q_\gnD?EDC2%- &.3748DHPKHE>5%!  ,9Je|RA0%+/56799?D7,   ;KO3  ,=44564=ELPZ<%2A53/2>KSXKO#, &-:50-/?MTQ50A+ -7*+7.3@P=8N,!1*#A4)4;J5 .G!+2*0K8  &2--.  , 1 3$&/($##/BL`>jf]QWk\P'Y"9KT_js|~q [ B>i`x& fntrvûN%O̳ƻԕd% )Ľ5&sƿC>rͿ[>uŮ`^Ҿ0%,f{ϻmF-/2 IZyͫ}fp^  )Yk~۾TC(RhؽR +Mvص\.^۵BF@t̡a#H 2Xg˷Q&7$?`_r¥V#$67d{ͼoX0  Vwy͓K))IbuݸK&)DDjضoC)Upץv3$(AuЌbE($|ܻ\W*Nڼ}(+%zŨ *F޸>*xjf* A}skr̿L)dtaXiŮ)0SG6E`ϻ) &"@{{) *_yrvhrt~{M(ATi`eMOeX`]Zij9(*DLJF(cSDH;7I]L,!4!3(OTJ.5408B?," 5E93,B:<3$&/($##/BL`>jf]QWk\P'Y"9KT_js|~q [ B>i`x& fntrvûN%O̳ƻԕd% )Ľ5&sƿC>rͿ[>uŮ`^Ҿ0%,f{ϻmF-/2 IZyͫ}fp^  )Yk~۾TC(RhؽR +Mvص\.^۵BF@t̡a#H 2Xg˷Q&7$?`_r¥V#$67d{ͼoX0  Vwy͓K))IbuݸK&)DDjضoC)Upץv3$(AuЌbE($|ܻ\W*Nڼ}(+%zŨ *F޸>*xjf* A}skr̿L)dtaXiŮ)0SG6E`ϻ) &"@{{) *_yrvhrt~{M(ATi`eMOeX`]Zij9(*DLJF(cSDH;7I]L,!4!3(OTJ.5408B?," 5E93,B:<3$&/($##/BL`>jf]QWk\P'Y"9KT_js|~q [ B>i`x& fntrvûN%O̳ƻԕd% )Ľ5&sƿC>rͿ[>uŮ`^Ҿ0%,f{ϻmF-/2 IZyͫ}fp^  )Yk~۾TC(RhؽR +Mvص\.^۵BF@t̡a#H 2Xg˷Q&7$?`_r¥V#$67d{ͼoX0  Vwy͓K))IbuݸK&)DDjضoC)Upץv3$(AuЌbE($|ܻ\W*Nڼ}(+%zŨ *F޸>*xjf* A}skr̿L)dtaXiŮ)0SG6E`ϻ) &"@{{) *_yrvhrt~{M(ATi`eMOeX`]Zij9(*DLJF(cSDH;7I]L,!4!3(OTJ.5408B?," 5E93,B:<*)$   -  )  "$$!!!)  &%'(%!!( #+*+--*#(  !%..01231-   %*12258641.'  #*45779:9620,  $ !*3887;<<;970)&  " #-587:<>><;74.+-  &-359;660)  &-36:@BAA>97996&  #)28>ACECA>99:<3." ".5=@DHEC?=;9=:50.%"(.+ %/8753/(  '26:MTKCA==:;::>@>=6." &'T_WIB=;:78:;:BE>3+   AcdOG?:8678<;>ED<2( !  'Mn^OC><96779/& (1853:CB+. "4458BJC- $'+58@JM:.-*-3# / !%)~">r"t"!z髩Io",T?a_mOdH`/ZBR",l$DG*fgzfcC(&dɹ}jA. !K~ľl^[G! >jǹj?.)'iľ~kD0G`(8BD!][sWRRZ^]PH( (tпǽP|Sw Zu QN:Νz\H) 1Vh+-+>YO?"RbCku~S_*)& `rX-"$C0 M<ĄlnlhT,&*[Jly}y~s#X׿yZR ld9F55XL Q}α̻ƻ½-h%`(hý<ɻP 1ʬǥ棛 (_|>W?p{ - 54&m8 )\;3}r+0~2LZ~/ s滺. ,s("XhKu"s}pSI9gw!䭚!{#|#">~">r"t"!z髩Io",T?a_mOdH`/ZBR",l$DG*fgzfcC(&dɹ}jA. !K~ľl^[G! >jǹj?.)'iľ~kD0G`(8BD!][sWRRZ^]PH( (tпǽP|Sw Zu QN:Νz\H) 1Vh+-+>YO?"RbCku~S_*)& `rX-"$C0 M<ĄlnlhT,&*[Jly}y~s#X׿yZR ld9F55XL Q}α̻ƻ½-h%`(hý<ɻP 1ʬǥ棛 (_|>W?p{ - 54&m8 )\;3}r+0~2LZ~/ s滺. ,s("XhKu"s}pSI9gw!䭚!{#|#">~">r"t"!z髩Io",T?a_mOdH`/ZBR",l$DG*fgzfcC(&dɹ}jA. !K~ľl^[G! >jǹj?.)'iľ~kD0G`(8BD!][sWRRZ^]PH( (tпǽP|Sw Zu QN:Νz\H) 1Vh+-+>YO?"RbCku~S_*)& `rX-"$C0 M<ĄlnlhT,&*[Jly}y~s#X׿yZR ld9F55XL Q}α̻ƻ½-h%`(hý<ɻP 1ʬǥ棛 (_|>W?p{ - 555  4"!  0 0=A4""*>@//0O__XMU\MI5- ,%&Gdet||wphu&),#6RQfvL"  /GL_s| !12%(;GRZirG%2!;c^J=48EMZgmpzbV #ZtlmqqrxY #j}tnlsȳh#,h|zqe]am}Żj5"-c{sjdkvla("  Y|umpwjJ[%"GrxcI[ki`_YLUTYldNL11DX8%3!)\_A! B[`U+ 5=3"$4#%A1o1+%1!18,*1! ,!(=@9@@:79;%)?PZKw~Wyw|]]XnjSRHM[X>(%%BM1BM1@f]@Z]5 04  %%%%6    -#  !']J533/68*"     BofRHKKDC=6-"  !!"" "K{kaWYWSTNF?AFED>2,-7<72)',(&$$" "$" !%,.-)')+*)(&&('' Huxsicedge`^dlib\YYZRRQK>5:DDA;940*'%(--/533650.++-/.-.,. 'Gsyqrvwz|zy|{zyzwpkmnga_XQIED=6-'" ")372+)-540))+,./++-)e|xuuxyyvtvzwtsocTIMNI9!B# .~}zv3   < ʷ£}qY)0Ȣm /ӶR/țmO:.ɞTK@0.Α//|4縄oliZJ'*˪fzhV (ɮY]`K'ܳڹ( 411KA FC>9!B# .~}zv3   < ʷ£}qY)0Ȣm /ӶR/țmO:.ɞTK@0.Α//|4縄oliZJ'*˪fzhV (ɮY]`K'ܳڹ( 411KA FC>9!B# .~}zv3   < 3#!  1:960-($ /KHGEB<2*(/SRROH>8*0VUUWWN=% 3WUSY^V?$4MKQRNI0 1:9?@;899<&/&$#.  4     )**,-,,*'$! "$#"02469::840-*'$#"##"##&,/1010--*# /136677530-)&&$$#"##'*.//-143* 24699761.*'%$$%$##&',.0029:% 8:<>ACDC@=94/++**()*-/257:<3/;/,*-7<930473.+,& $*'&,'1F3 $<%$7@1(9:1  21 /7/3"1 %$9 29 -W9 6Kx9U9wy9#mr9h9"w: c9 G9N:]:U:V: 0r::j:#G=<<-<9 9 29 -W9 6Kx9U9wy9#mr9h9"w: c9 G9N:]:U:V: 0r::j:#G=<<-<9 9 29 -W9 6Kx9U9wy9#mr9h9"w: c9 G9N:]:U:V: 0r::j:#G=<<-<9 <;;=;;; << < ; ; <<= :%:8>6:bG:.|TGJ(慎vpn& ݨ^Z3IF  /RN;9  "*7<Ϯǔq]R8lwvDEb=9j\bpn ׹ø<$()֙ƿĹxuF/,2 ӾҼo_n]*ѿy{i@" տtS,x~_îɷq ıqч:e::^:IR&vq}+Ta@IcoGK^4  LjLL0 M~dbwKSwa7 B]tʾq]= =uʷM! Ryλt  (@kԹqbJ =`ִ) ?hĤS& ,HuϹ{>^ǿftA[I"CJmù#/]l+3qzY+99S|%]l Db ;^a5pZ^5>p/i_*Hr𭻨ɾ$ehWtMmyxtaP+4"T>>,)Yrdcq`+-7# 6:%:8>6:bG:.|TGJ(慎vpn& ݨ^Z3IF  /RN;9  "*7<Ϯǔq]R8lwvDEb=9j\bpn ׹ø<$()֙ƿĹxuF/,2 ӾҼo_n]*ѿy{i@" տtS,x~_îɷq ıqч:e::^:IR&vq}+Ta@IcoGK^4  LjLL0 M~dbwKSwa7 B]tʾq]= =uʷM! Ryλt  (@kԹqbJ =`ִ) ?hĤS& ,HuϹ{>^ǿftA[I"CJmù#/]l+3qzY+99S|%]l Db ;^a5pZ^5>p/i_*Hr𭻨ɾ$ehWtMmyxtaP+4"T>>,)Yrdcq`+-7# 6:%:8>6:bG:.|TGJ(慎vpn& ݨ^Z3IF  /RN;9  "*7<Ϯǔq]R8lwvDEb=9j\bpn ׹ø<$()֙ƿĹxuF/,2 ӾҼo_n]*ѿy{i@" տtS,x~_îɷq ıqч:e::^:IR&vq}+Ta@IcoGK^4  LjLL0 M~dbwKSwa7 B]tʾq]= =uʷM! Ryλt  (@kԹqbJ =`ִ) ?hĤS& ,HuϹ{>^ǿftA[I"CJmù#/]l+3qzY+99S|%]l Db ;^a5pZ^5>p/i_*Hr𭻨ɾ$ehWtMmyxtaP+4"T>>,)Yrdcq`+-7# 6=<; :  # 0&&   (7.-0'     -6?<6/+*( (..'&$&&(" "# ;HHA?=60*%""/8>DBACBBAE@:1*! &$+IMLKDA7/,-/6=HOUY[Z_^ZUI<4/(" .8,7MPKG@;5//13>GV`chpqmh`VNF==4&.6:3BMHC=84059=ASZcjtwutolgb^VK>1+  &0EHPZ`ekrvxvutqojcQ@4)& ,:>C;HLKHKHNNZbfiorvxwwtsoh]N=/#!!' //6@G@OY]V[Xakpqtrrqmmoqplg^VG8((.0""/,5@P_ed`ovomhd``^]\\`gjhec_[`fa]]bbW, 2>GNRZcgonlhgffdcafjnpmkgbdhgcaa^\C0  %+09>EP]djkmnnjiimqssplkbY\b\YWVJ@/  &.5?LZcjptsrstwxutrmge^UPQPNKHA4'"  "/:@KYcovz~{xrkif\]TMCGDC=5.+&! !+6=CO\ju}yrh_ZVTTKE>>:43.,( %0=MV_gq{zqe[UTPKIC@<83.-(#  #-7DOU[jwpf[SQMHDA>><5/)&$!  ",7@FO^kzsg^UNMJE@<:@<0-(%    '4FN\kx{uj`UOONIE=;BSH@5-%    (:2jlnhc^g`VUSY`eZVPFQfXM@31,"!LJR8:MTV^\WZ]clpedkspi[[REA620-+& ##"'*3 1(BHNY[^_`gnzx}wlcTJJGA:635:::;<<;<;<<:=:::<:::<::::;:::99::<;::::::=:::9:::<<:<<<<: !.-----,555"!!!#- -:%$!! # ""!       !!$" # $ %  ! ! ##! ! ! $ & ===============================================================1 ===============================================================1 ===============================================================1:::<;::<<<;<;:::99::=:::99::= ') % !" # " ! <;::<:::<:===:::<< =======1 =======1 =======1dd22Text 1     ^tawM *:Jz6FVfv?????? 5<977779996 5 4444??? (&%% ' ) +  5 ,?????????====================================================================================================================================================================================4:::;<=>>>>>>6976 5 43::::::;<=<:;=?<54=<;;<=> 8:<<<==<;99 !#%&*,)>>>>>=<;. // + ) ('&%$$$"" "  " %%% &)(''%$#$ % 3 * ) ) ( ================================================================================================================================================================================================:>==97555569;;;<==>>>> (     !#'+ .:::::2 2 2 1.- 210/ . . . . . <;;::;<=>a========================dd22Rand     [{›§#+AWmq+E%j/?O_o???<<<=??? % !478989999:;;;;;;;;;;<>??? >>>:><>?=>?>?=?=>>>>>=>>>>> ?????????====================================================================================================================================================================================;=<<<=<<=<<=<<<<=<====<====2333233445445555555555544332211 1 0==== )% $" ====>================<<;<;!#& )%4>=>=>=>=>==>===<>  21 0 "       ( ) <.9<<======>>>9+9=<=====?=?8        -?@??@???;!%$,"33232 1>=>=>>>>>>=;><<<<7<<<<<<<<<<,<<================================================================================================================================================================================================1====>>==>===>=>>===>=>=>=>?>=>>>>>>>>>>>====<<;;<>==><:<; ><<<====<==<==<=<<<=<=<=<=<<<<;;::9:9:::;::9778:71 $<;<& 069 * 3&'<<&========================dd22 Schlüssel     Zz s yԹ֮ہ})6<;;:<;;:<;;:<<<; e #&)+- / 0 2 3456789:;<~ e #&)+- / 0 2 3456789:;<~ e #&)+- / 0 2 3456789:;<~ e #&),-0 1 2 4 56789:;<= @=95 2 -*(&$#!  "#%'(*+,-/ 0 1  @=95 2 -*(&$#!  "#%'(*+,-/ 0 1  @=95 2 -*(&$#!  "#%'(*+,-/ 0 1  @=9 5 2-*(&$#! !#$&')*,-./1 2 3 ;::99888776665544443 3 3 3 2 2 2 2 223334566766666666445666666533210 0 / 0 0 ;::99888776665544443 3 3 3 2 2 2 2 223334566766666666445666666533210 0 / 0 0 ;::99888776665544443 3 3 3 2 2 2 2 223334566766666666445666666533210 0 / 0 0 ;::99888776665 5 4 4 4 4 3 3 3 3 2 2 2 2 2 2 4 4 4 566687777777744 566666663 3 2 100000Ð-($#!                   !#&)'Ò-($#!                   !#&)'Û-($#!                   !#&)'.*%#"!!                     !""$(*-)2 3 455667788889999;>=== 2 3 455667788889999;>=== 2 3 455667788889999;>=== 4 5 5 667788999::::< Q52 0 .         <;;=Ɛ989:;;;;;;;:989Ő:9:;;;;;;;:989?Q52 0 .         <;;=ƒ989:;;;;;;;:989Œ:9:;;;;;;;:989?Q52 0 .         <;;=ƛ989:;;;;;;;:989ś:9:;;;;;;;:989?Q5 2 1/     % ' *  K     ,??@????     ,??@????     ,??@????        !- <! ! !!##/ / 0 0 1 2 3 45678:876643 2 1 0 / .-,+*))'<! ! !!##/ / 0 0 1 2 3 45678:876643 2 1 0 / .-,+*))'<! ! !!##/ / 0 0 1 2 3 45678:876643 2 1 0 / .-,+*))'<!  !""##/001 1 2 3 4 5 6789:98765 4 3 2 1 0/.-,+*)(0 0 0 0 1 1 1 2 2 2 3 3 4455556677899:;<<>0 0 0 0 1 1 1 2 2 2 3 3 4455556677899:;<<>0 0 0 0 1 1 1 2 2 2 3 3 4455556677899:;<<>00001 1 1 2 2 2 3 3 4 4 5 5 5 5 6677899:;<=>2 =<;;:98755 3 2 1 0 /-,*(%#$'*/ 3 2 =<;;:98755 3 2 1 0 /-,*(%#$'*/ 3 2 =<;;:98755 3 2 1 0 /-,*(%#$'*/ 3  m===<;:977 5 4 3 2 1/.,+(&#$'*/3 <:;;:::::998887766555443 3 2 1 0 0 .-,+)(&%"  "$&* / 13<:;;:::::998887766555443 3 2 1 0 0 .-,+)(&%"  "$&* / 13<:;;:::::998887766555443 3 2 1 0 0 .-,+)(&%"  "$&* / 13>=<<<;;;;::99988776665 5 4 4 3 2 1 1 0.-,+)(&%"  "$&*/ 1 3%$%&' 27: k%$%&' 27: k%$%&' 27: k$&&(3 8; k?@?@?@@&%%Z&%%Z&%%Z'&%Zdd22 Hintergrund     (4@hx(8HXhxdd22xca-RELEASE.2.2.1/xcf/dialog.xcf0000644000175000017500000041445513614632167015453 0ustar tewardtewardgimp xcf file<BB@jpeg-settings U            gimp-image-grid(style solid) (fgcolor (color-rgba 0.000000 0.000000 0.000000 1.000000)) (bgcolor (color-rgba 1.000000 1.000000 1.000000 1.000000)) (xspacing 10.000000) (yspacing 10.000000) (spacing-unit inches) (xoffset 0.000000) (yoffset 0.000000) (offset-unit inches) P@GEingefügte Ebene      mGP(P4G"IO@OsPS<Z!a^`6:ήkj_hfVZ E_^b'CmbghW^*N^^bGv ldefW];WK)AcT^`AߍȬ*bgeeW^;ad_Y^b#ι=WhgfW^=6qt@HY^_dRDeigW]=9}UU@MY^W ׋B`jgW^=;gS^DCR[Y_G".K\]9z+^igX_=;"4@=k)wY_H[>-޿`edX_=8}GuM&[_8~@Lb_W_=7D1]^0 u'0H_\V_?70]\Jqߍh.\YX_V60]ZM=֖%[WZ^^5aO0]VG#^7#_[]^^68+'w`U)\S_B8)[^^`8tJ-Tuo(]T~?d*"63N^^a5.Aa)+J'^VeCzH^^_K{v?a5R,`>C0i4_^^PRZ7^*9a;!;sTw [^^[>Hq KveL`:uW5X^^_;|ßJfa`6oFV^^]%L``71tH_^^_^?`^`8shE`^^_IM+[^^`7.ғW*[^^_;` 'ZY[^`6#(*OhfodD-b^^`M Ap a^\X]^US^^]+ :`cd_X[^U-]^^]]\]^b]9. 4EWieecaYZ^V\`\ZZ[YZ^^`]O58IBKqlnpmigeaYY^X D]XWWVXY[]]`RJ^^isu{rlhc`]YY[BYVVYXWVVX^bW][`oyrida][Y_2 DZUWWVUUVVWXH^\\hvtf`_[Y[a>WVYZXWVVUVV@X][`m|vf^[ZZ^P'U]]^^[ZXVUU$a\\drype]ZZ]^(J_^^]ZYWUUR][^enga[Z[_=!I\^^ZXUU.`][[a`\Z[\7#N][YWWU^YXY[YZ^-%W]]\^]P^\YXZ\_!&%Z]`bdgIR^^_T(7X[ajo:[^^_]#&VVY_aQ^_X,1ZWXZX^N.E`]]%`:/,**S<9kizYI7[+ =  +$k%*$,Fw (8 %OQ<1 (T[$>&"9/#R%:6>w]N70MXB ~!A++ ο% 38 2$s <'/" V7ί..-' &2!)- Dv1&') WK)Ac߈Ƭ'+(( ed_"͸.,+* 9qt@H `U'-, =}UU@M Ԏ /, ?gS^DCR[ ,HWY6t /+ ="4@=k(vW:+׼ )& <}GtMx=;! ;D p%4;Glԇj:+:ԗ:aO5![5;8+'w`UT?6.tJ-Tuo{<ޱ`( 3,.Aa)+J`?~p~v?a5Q@.~dQZ7^* 8nPrHr KvepSwŸIen9/qncC+vSɼѻR%%G]\dZ<Eo     "! )'*.($  !/3K>2)!  /   7A6    2' " # %'"%)-*#2:(   #/06S <*PN\B7 7 D`+񷶓- +Q򹾬n*$,4򷶣Y (8 %;=<1 (?D&>&1) #=:63jTE0*BK5|洳a A++  Ǻᵳ38 2s賮[<'/" C*..-'  2!)- yyq3`1&') oLC$9Wf'+(( X}YT%,+* 3􏎎cg8?~ H·E'-, 5nJK8uD s/, 6[IS<T+65PfW6 ,{5]L(`D(65)&s[R?f`/_(*x|nF*Ppj\-H&#*=\')FrH/_Xqk<\3Mq0f"`^K`qGS3Yyy)r *R`?YR+fr#}USJ 2 Yte=>5FEKsfC- 4Tcs     "! )'*.($  !/3K>2)!  /   7A6    2' " # %'"%)-*#2:(   #/06R*67еZ6 *֖5ۿ=( l'T8'"'&vRL746(   ο9[%y-wƸ V!" Jw ^tAZ@>>sSޢ& *z _ 2- k ] 6[ b Y@ !Pm"AB $k' N( 1*\n,W-7y,2 ]0 L.  )8e+JE(/ !SC1Ykd[Ad3տizCOfֿg9<Bvնdn~5i BUMnӿ<˫FKZz+6`,|  #^˯@p܁eSfW6^6i6:=d?uYg5] ƻܳOſRzQFDuk3ǻDü_SyubD^I%#`EfdĺϢ0úoSwOONM[wA m^ࣆ Żt|fdL}F?#}Dbf^էX@ż<Oy\K;g |"yFT{{ L }ɭA6"^G1}L__ZWVVZa>0y*~؀2 X0 I.  )8e+HE(- !P?/~?fIAY=;k ?QIiÓ |   "\˱H$ƻCǻ(nĺ n󬫪^飆  zDbf^զY v L#.S4]"[l}P<,?;$?W+J7S $o90tB6Z2:w󞝠c+VLy?.ih*gb2M( uJLV0Z&of<  7usF`P3Vw^=[;f.i_`+_PBcP+NZM`fVDT2K3Gƫpx;O]ȫ%rS+KU):{wxq~`]ɬiW63JL0]-r\=bMS*I)$kW(.p|ʒytxU%nM{U axD LD6[ʮ*ݺuk- dgM?#hOHDY~wo9-jsƬʽtpclݷ0E1xgKjnj}#eZH@Q ޹5m1~5-j|KBogVҘlrZY9J7F^թ 6Dzb/X\]q~mWXa':887 65.,+.. 4=>=<9.4(++-// 22 4 1y^`5 B·h0 6hºi.eþļ) *M+6p3(!rͽŤ !;0#^kf0T;tyyx|õ 0kI0ǣh1VȠ /=7Oeſ} ^F{Ӻ>¾ : ؙ$V¨WĕrUxc>Zʓ]UO_Cz %Jv.RP_nG4{)247L&A0I c2|*f:/}Q,~}4m[(ECvk7(\\&\W,D$iCEN,U#h`8}1ih?XI~/NlV7S6]+bZ[*[M?_L*?SFz{W]zRA~R1H1D9 3Cz ;wÓ˗x+VÔN9=)++(  HÙ򜞠3w먚{k957C~o#񟠡Q> ⢥*#wvAZ2" ᢥt9_ga W;𤫫|ks9L񱬤Y}"iJ}३(GQ'7tqz{sky\YcQ2/DG,ݢX*kW9\H|N{(D'"dR&+hv񋧣qmoդP{#hHtP\q@ H@2UǢ'|md* ^`H*4Ge﵏ +w3\깺J#CEFUivmaa__^`dkquiz}RBCJ:887 65.,+.. 4=>=<9.4(++-// 22 4 1; .SN6V2 *`0H-}D*M⪼'e;R%nC/TP 8rԿB  YG}   ,aﳷ             ݺ  B;vqtӵ)6H6Kɻ ^ 7l¬ǽq, -EEDDC@AAD0!7+6J54 3|3r2 '1 0 ~0 / y/vNm1B3   M    o        0  :  sNHvNm1B3   M    o     v 1  7  rKHv;`S©%Ň2a& Ġ e Ĺ: o Ŭ  T æ í ² ¸ ò { b Y ô% j ) q c V}j8HJzk' #  [  H  m   O     =  > }  % < T$'2./n?@"< >6 8WXXWY_G9,U\`G:Oa[;(%>:<2:<2@N5Z7k90r;;pK#%< dialog.jpg     P<Q !<Q~,DZ$b@@@@@@\(mm! 󚛝孮쯰㫩שׂ㙘䦥ۦ馥ۦ棢󮱱䒐礣ޝ眛󛚘০󦥤옔٨󢠝ک ֬٫ }񱰰ݕ||~퓒}~ΰ~~|}󭬬咑{{z}笪{{z~񬪦吖|zyyڬ}vwxx߬~ruxuyݴyuoqwx젡޳}wootu߰xomqrޱ~zplmo󚛜ޯ}|~}smkm󖗗߱}z{}~xpkk}ywy{}~~skj~zwuxz}~vkj}xtsrvwy{ynjŕ~~}yurqquwy|}qkŖ}{yuqoopuvy|vmȓ~~|yuqnnoptvy|{oΎ}{{xrnmmoprtx{qю~zyzvpllmopprvz~vؒ{wvwsnjjlmnnquz~|ƒ~yusuqliikllmpty}~~~͓}xutqmifghjjloruy~~~~ˆ{vsrmjgfgijklnqux}~~~}~ytpnigffgijjkmqtw|~~|}~}wrnkfedeghhkmprvz~}}~~|{{|}~~ݎzupkhedcdfgfejlnqty~~}}{yzz{||}|vqmiecbbdeedikmpsw|~}}|zxzyyxyz{|}~~vpmjeba`_`ceehjmorv{~~}}|ywyyxxyz{{|}zrmjgc__^]_begghjloquz}zzyxxzxvvwxx|{{z{}{uoje_]_]^__``aacfjmpswyxxyyxxwwxwvuvwwzyyz{}~xrlgb]\^]]^_`aacfjmpsvxuvvwwvvuvvuvwvvwxyz{{~~~{tngc^YY\\^_abdgjmoruw}sstuuvwvutvwtuvwxxyz{~{vnhb^ZVVY[ZZ[\_acdgikmpsv{}pqrsttvwwutuwstuuvvyz}~}yrlga\ZWTUXZYY[]`bdehjlorux{lmnpqqrrstuuttsrsyzyvqjd``[XWVTTWYYZ\^_bcegjmquvzghjkmnnqrsrqprqponnotspia[YZZWUVVTUXXYZ[\]`acehlqttx~deghjkklonnoqqomqpnljjklmkf^VRUYVTTVVUUXXYZZ[[^`bdgkqttx~Ŀ¿¿Ľ佻¿ÿĿ¿ü½º ǿ ĹķǼö˽ŷ˾ĸȿľó½Ǹ̿ķƼ̾ľȺՠ¼̿ûȺ¹బʽµǿȻƿ뼽ļǷ蹸º̾񶷸²Ʒ˺ſǻIJü蟡Ǵﱲ½ʳﯰꘙʲװɲѰư²Ů백┕ī欭蔕éү¦ߑﯰ搒索Đ𔖘 þÿĿûﲰ򜛛 홚𘚛¾¾񷹺ƹ򷹺Ǽǽ»񽾿ý⮯򭮮Ŀﷹ¾މ񥦨½ÿ죦²㡢õ֞ûþ~»}|︺ù|ż|ˬ|zxz쟡﻽º|zyryý|zzpqw{yyootżzxwlonlqɷ{xvijlkkrůþ~ywjefkmmw歯{xedcbdjorѾ~eecbcgkoeddbabfjvĻdcbb`_bgnƾeb`a_]_dhy~hb_`_\^beq»nd^__[\`ej󵷸ÁĿrf^__[Z]ffrf[XYYXY]aqwj]YYXX\ao~~p`ZXWWXZ`lsbYWVVWX^iubYUTUWV\e{wdYUTTUT[avü|h\WSRSSZ^s½k^XSQQRY]q¿o`UNMQOSZk~raUNMONRYi|ᴵxbTOMLNQVfy}~eTOMJLOSbu|{ԨhTOLHJMQ_ryy}~kVMJGIKO^qxx{|~nWKHHGJO^qwvz{|}~oXJGHFIN^qwvy{{}~        ¿ ¾ ÿ ¿½ľƿþüĿ»żȾ¹Ǿǿżɿ¸Ļɾ¾Ŀʽꐕÿ˾ùżŴƵŸļ򺼾¿}̙ο|ν~}}ν~}}|񳴶     ɫĿ¿ľƾɾýżżǼ˿ùĹŸȸ˸κѻҼ箫񴵶𦤥宱$姬$堦$䜡#䙚#噗$䔙#㔗"㕔"陠"񔐐󟝞!蒕!񑒑󞝞!␓!ꋌ 荌 򜛛䊉㇆߅߄򂃃怂~}~끂}|}~~툍z{|}~~큈xz{|}}yxwvvwxyyxy|~yxwvuuvwwxz{x|wutssrsuvuvvwxyz}vtsrqqpqsttvyvusrqppqssrsttwvusqpoopoopqqpqrsu|vusqponnomllnonmoqrrwvusqponnmkiikllknqqos}sqommlkhiijjijpomrxuromlkjhiihhijilkkqu|vsolkihfjhgffghjhhgioouvsokjhgfhgfeefghfchmkp}vrnjihhgeedchebfkilxvsnjihhgddcbaafeachgis|yuokhggfdccbaa``dd``efgmx~{wpkhfedeca`__`aad`]bdeiv}~yrkfdcca`_^^\[\_cgqy~}}~{tlhedca`_^^]]\[]admu{|{|}}~vnigeca`_^]\\[Z[^`fox{zz{{wojgdb`_^]\[[Z[ZYXXZ\_itzzyyzwojfb__^][ZYYZYWWXZdpxzyyzꌃxojfa]]\[YXWVVWXYYWVVW^juyxxy~ꏆzqlhb]\[YXVUTTUWYYWUUSXdqxwwx|ے|smic^[ZXWUTSSTVXYWVUUQU_nvvuv|㚎sia^^ZXUTSSQPQRSRPOPQTP\nssp{ۜtjb^_ZXUTSRQPQRRQPOPPRO[lqqrp|xlc__YWUSSRPOQPPO[joopp~۞ynfaaYWTSRQPOPONNPPOMLP]jnllm۠|qga`XVTRRQONOMLMOONMKTakmjik}rhbbXVSRQPONLLMNMMO[eklgfk~shaaWUSQQPOMJKLLMWciihefnܢ~shaaWURQPPNMIKLLKKLN\hkhfcfp$$$####""!⿻!!!񻾽!깺 黺!ู丷߶㵴߲߳򲳳𲳲氲뱲娩½ꩫ¾䣤者줥롢ܧܧ뜝띜ܩꙚ떛薕ܬܮ򵯨𑕘򸲪򻴫뎏򽵫򌎘󋒞ú󇌘ƼƽǾȿ·¹ù􍙟ù%$$$####""!!!!!! 뽾Ǿ½ý𲳲ļƼ????????????????33 g 33 fgfeefhkkllmnoppnmljihggiaWSUWVTUUWXZ[\\_behlorptz~bbccbcfhjjklmmnnligfdcba[USTVUTSSUVWXYZ\^bdfilnorx|]^_``bcfghijkllmjfdb`^\VTRRSUTSQQSTUVXY\^acdfikmpvy}~\]__^^_`ccdefhhijgdba^ZVPPRSSRQRSTVWX[]`bcfhkloux{}]^__^]]^__`bceffedcb`\WSNPRSSQPPQRSTVXYY\_acfiklntvz|\]][\]\\]_abcdbcca]XSQNPQQPNNPPQRSUWXX[^`cehkkmruxz~WXXWXZ\YZ[]_abbcb^XROONNM NOPRTVWXZ]_acehikprux|RSTSTVY\XYZ\^`abcdb[SMLMNLKKLMML LMNPRTUXZ\^_`bdginpsvz}RQPPQRSTSWYWY^^\^a^SKIIKLMKIIJLIIJKKJKLLMOQSTVXZ\^_bdfiloqswyOOPQSTUTVWWY[\[_^XPJHJJKLLKIIJLHIJJKLMOPRSUWZ\]_bdfhknpsvxLMNOPQRSSRSVWWXZ_WOJIHIKKJIIJKGHIIJIIJKLNPQRTVY[\^acegjmoruwJKLLKKLMMKLQTSUZZPGGIHHJJIHIFGGHHGIIJKMOPQSUXZ[]_aceikmpsvHIIGEDDFFDFLOPSXSICEHHGHIHGGEFGGFHIJLNOPRTVXY[^`adgjlnrtEFEB??ACDCEHKMQTKFBCGGFEGFEDEFEECDEEFEEGHIKMNOPRUWXZ]_`behjmpr@AA?=>CGHIHGHKMMEECACFGEFDCBDDCBCDDEDDFGHJLMNOQTVWY\^_adgiloq;=>=<@FLMOMHFJJHCED@@EGFECAACCABBCDDCFFGHIKMNOQTUWY[]^`dfhknq=:;BEGIPRWWNIJHD@ABBCCBA@ACDEFHJKKOPQRSVZ]^`dfgjln<?@@AA?>?@AABBCDEGHJJLMPRSUXZ\^bdehjlCDA=BTgrpk`MB?AB>??@@?=<=>?@AABCDFGIIJLOQRTVX[]`bcfik??@K]inqi[I>;=?=>>?>>==;;:;<=>>?@@BCEFGHHKMPQRUWY[_abegi8;BLXcdcf\OA;:;==<;::9:;<==>??ABDEFGHJLNOQTVXZ]_`cfh?BLW^_\[ULA::;=><<;::98:;<>?@ACEFFHIKLMPSVVX\^_begMNU]\XUXMC:68;;:<<;:998:;>?ACDEFHIJKLOSVVX[]^adfTUUTUWRKH>679988;;::9876779::466=79FBFBNiwss|upup}{~bX_ccfgPRSTVUNEC;569877998237655697:0BE0NrpeSGDDCEILSRM_Tbk\^dOPPQTRI@<73588776/2443259937H;Rq7CE<;EHADHAPJVrkS`xhSPOOQNF?64358876654102236:9?7Gug8C::99=A@=CI@J@RoX\nZgSQPRQKA92345788755461/24245:Dsl67G9=748=@BF;DCHIb\LXSevhaPPRTQF91035567544340/44225FqO3=54438<<;<>?BDCAHmRQMQY^ex}ONOPI<1,.35313432210/1322>Mx61618159=?=BGDMFlPLEONNUZZ^JOL>0-03221102100-3+30Wi3013322358;==>@AAFGpKLJKMQTVWXKH@5-,/110100//0.-//Oa6:0122112357:<<=?EFoIKIJLQSUVWH=1+*+-.00//.0/..-..,29p913/0110012368::;<==CDmGIHIKOQTUU=1('*+,..-.--,,+4.gA)4/./0/..01246889:;<?hCDCDEIJLL$''$%)'#(('('&&'4j,).3&++*)*,./1233468677<=fABCCEHIKK)**+*)(('')($%,-.Y51)$*&*,,-,++,.0(.7+:883=Ai<@=HBHKHTS'(()('&&%%&$!% )$(`3(%'.(+*++*))+,(24,;4*:77D96nFF=;JJGMIF%%&%$#&!$ &"3W-#%)+%*())()+-+0-)9<65>&E=b>>?8;@DEEI#$$%$#")! #$*O;%&(&$!''(('()+%/(;06=iio}lt^G8J>@GCIK##$#(#%%#,c&#*'##%&'(('(*+0),.9ko4@,A6AZ:;CA?DDA""##$##"&$ %d#%'""'(&%&''(*+'-68iC9857;8;>K=AE]DB6+  ! !%!  &"^#"!"# ""#$$%')).$s1-3317/~G5=vjZRAC  ""##X$# "$$%&&'(($4JC42g9/.556v5<7_.H  %$ S #$$%%&''(3].(+_7(>&44c3+R    !V$!#!"# !!"#$$3L,03S3+0614^&R "Y!!%&''())*&=L62[L2*053]G"# W$'!"!# !!"#$$%,%/ta)A.0)sI6 !"Y #NIJLR\QQRRSTUUVZQsTlA&\VOSW&#\ S*"!!""#$$%*"-)rQr9&  k*X)"[$"!!"##$%%'%+**c^ Bb)^%^ & !!""&$#'&&ErhDKQO1_&0Z  !%&!!'%[$ L>e!!   !$$*(M +`9L ""$%!PY5c &!!# S "Z!:M # H S?R= !  D b!o"   H   ߛݍ𡞜狌嗘ω̈臈둒膇 ʄ Ԃ~~􀁂~~~~}~~}~ҁ~}~~~|}~~~~Ҁ||~}}~}~{||}}|~~}~~|zyy{{y{~xz}}|}~}||z{||{}~z{zwttvxyxz}{wx||{z|{zyz{zzxyzz{zz|}~uvvtrsx|}~}|}zzxvx{|z{yxwyyxwxyyzyy{|}prsrqu{}{}xzyuuz|{zxvvxxvwwxyyx{{|}~nmnuz||}{uuvwwxxwvuvxyz{}morvzyvsmuuvwwvutuvwxxy{}~quvtwwsrotuuvvtstuvvwwxyz|}twtpwurtssttuutrqrstuvvwxy{|~~prrs~qnpprsstssrrppopqrsstuuwxz{|}}inuvnmnnrrqpoonopqrrsttvwyz{|}puvomnpoqqpoonmopqstuvxz{{}~~{okknnkqqponnmopstvxyz{}~~{qijllkknnmmlonmllmlnlqjhuprnzxvnhilkjjllkijkkjhhimkmaqs^yurrqswz~x|sojfhkkjjifhifegkjdfvi}iuwnmwzsvzsz{yrigfhkkjiihedeehldjbrbmnnmmqutqw}u}s~tlefghjkkjhhgjebeedcddnabrdqkhlqtvzrxw||}yldcfhhijhggfgcbeeaadpzakdeefkoonoqrvxvty|od_afhfdfgfeedcbbdaam|d_ebkeijnpnmpstlqquw{z}~zrf__`egdbdeddcbcbba]d}_iadjeggjfgnrolmqvszt{w{}oa^adccbbacbaa_e\c^Zabddccdfilnnorqtwyx{|~|yqf^]`bbabaa``a`^a_}_cabccbbcdfhkmmnqposvwwz{}ynb\[\^_aa``_a`__^__^]agd\\`abbaabcdgikklmonmqtuuyz|~nbYX[\]__^_^^]]Yc\oWa\_`a`__abcegiijkmmlostsxy{}^YW[]\\^]]\]\\[[UKbXb^__^]^`abcfggijmmkortsvwy{|}}TUY\][[\[[Z[ZYYZW^V^\V_]^^]\\^`abdeefhilljnqsruvxy{z{{SVYYZZYXZZYXZYXXRjV_YY\]][Z[^``bcddegijjhloqptuvxyyUXXUVZXTYYXYXWWX[VW^KeX\\[Z[]_`bcddegihhgjmonttvwxxWXXYXWVVUUWWVXQ\VVa\VQXTWZZ[ZYYZ\bY_hYieelkenojnowostoyxUVVWVUTTSSTSSXRWMP^SRT\VYXYYXWWYZYceZiaWgffshcqqnlxwrvrnSSTSRQSPPVRTLZXNRVYSXVWWVWY^\a[Xfic_iQnffgohlnqsptQRRSRQPSOQUORRvfPQUSROUUVVUVWYV]Vj]chƒlhwlnvrwyQQRQRPSUOPUPMTTPQQSTUVVUVXY^W[[f_gSh[gȬdhpnlqqpPPQQRQQMNTTNMNLNPNOUVTSTUUVXYVZcenba^`d`cdqƭcinem]fOOPOPKQPNMIONKLOSTSQSSTSTVX[S^{YYjpabfgf[RC>MNNONOMJLJNQJLKJNOLNQPQRRSUWV[Q\V\a_e]q]e{scfB*@p]=;@@>?JJIGKKLIGIJMxstv|}}~~|xzeJx|:B:A~M:8>A=CJJHCGHJHGJHG{RJBDGJJKKLMMNPHROv[OC5A0G>Q9=>A;<@IIHEIIFDF~QJFFGLJHHIJJKLLMIPPOD1;>EgO:9=;@9CDGG}DEMFIKHHIIJJKKNLKONNmeqzz\>7<<=>FE~GTBCLGHHIJMNIIOMDBzF><>77?::;;<<==DDl_>IICGGHHIIJFLLRP@0k636869:99:;=:;6899::;;C>}ZBGDDEEFGHMHHJB513r:6445:799:;CCDDEEFF@GH:,173e9638778778899::??=D?F@@CCDEIGC90580i@9374376678Ⱦݿ¼罾ýϻ̺þ蹺Ŀ踹㾿ſ ʶṺÿº Դ߻Ǽ泴๺ҵᵶҴ೴ṵ̀߱IJݮͱ۩ͰڤҬڦԮӥǹӭөʹЫѬǶЭШ²٭ΡŶէͨľש̶ſתþǧڿμɡIJȼĻ˞͞¬¿ȞŔֿű追ͣʔŵɻǠϭֹлȜ֘ӯҽ͜ϓ̮¾󞠔Ƒ祭ͭ뜟夫̫윗З姨ʩ앛ǡ奦Ȩ팶}񤥠ȨΕɈǧ喕ťLj喕ãܓӨԑҨ䓕􍊌㑒ﭖ͌єӠ퉋䒔ˣޔΈ|ؤ陋{䏑Ցߒ૘аώɝ֓xϑŔutz~{{xꌆ煔Ë}k{|z~w~Ꮠ}xyz~ώɶڟ|iz|zxόʩ|s{s{xy{~~}ㄅģĉpyg{sĈt{{z{ϊ|Ӯrxy|~st{~{zyױun||}~}y}苆vstzsrxzz{{||}}t}~nkmtxvwyyz{|y{鉈~yzqw~yxyyzz{{zw~vrttuyyz|yyz{|}~򇄈{yyuquy~~{xyyzz{{mp{}otzvpsr{zxxwwxxyyzz~w{uz|sx{sutpxurwvvwxĉtZJGECCI[osrwvwy{{|~óv[JECBCI[nrqvuvxzz{}~w]JDAABIZmqotsuwxxy{}|~z_JC@@BHZlomrqrtvvwy{z||aKBA?AHZjljpnprssuwxy{~ą}cLDC=AHYijhnlnpqqrtvxy|}}Ă~eNEE<@HYhhfljlnooqstuwz{{}~Ɂ~fNGG<@HYghekikmnnprssuxyy{}~|lTDB;;FYcbcihiklmnprpqtuwyz{æ}mTBA;;FYcbbhfgikklnpnorsuwxy~pU@?;:DXbaagceghijlmlloqstuw||}~}~~rV?=;9CU``ebcegghjljknoqstuzz{~|{||sY@:;8@S^^babdffgikijmnprstyyz}yzyr\C8:6=P\\`_acddegihhklopqswxy|~vyxuq`F794;NZZ^]^`bbcegefijlnopvvwz|}tyxsobH783:LYYX\[\^``acecdghklmntuvyz{}~rw|u`G8445BTWUYZZ[]_`abbcdfgijkqrsuvyzz}~qrw{u`H8233>PVUVXXY[]^_`bbceghijqqrtuxyy{|~ppuys`H80119JTUSUVWYZ\]^`abceghhooprsvwwyy{~noswraI8004CQTQTTUWYZ[\^_`acdfflmnpqtuuwwy|lmqtqbJ80/.2=LRPSSTVXYZ[\\^_abcdjjkmnqrsuvx{~jloqobK71-,/6CNNQRSTVXYYZZ[]_`abhhikloppttvy|hjmpncL71**-0:HMOOPRTUVWXYZ[]_``ffgijmnnqqswy|}gjmnncL70'(,,4CKMMNPRSTUWXY[\^_`eefhilmnooquwz{}~~`imkifP40&')*/;QOPRRSVWWXY[\]^bbcefijjnnpqtuvxzz{}}~hhaeqdG<0&()),5HLNPQQRSUUVWYZ[\``acdghhllnorstuyyz{|~z^gmkd_Q:/&(('(-=IKNOOPQRSTUVWXY]^^`beefijklopqswwxzz|}}~{wpedlm`I5,%(('&(5FILNNOPQRSTVWW[\]_`cddggijmnoqtuuwxzz|}~xtxbfbI@)$(('((3EGKLMLMMOOPRSTUVZZ[]^abcefhilmnorrtuwwxy|}~|tplxk[G.'"&&')*3DFIJJKLMNOPQRSTXYY[]``acdfgjkkmooprrtuuwx{||wrmvz\A1&!$#%)*3BDFGGIKJKLMOPQQVVWYZ]^^aacdghijmmnpqrssuuwyxtnig{ks:,% #!#(*2@BCDDEGIHIJKMNOOTTUWX[\\^_abefghllmooqrrsuwuqjfVbb`-&"% .)5BBCDEFGGIIJKLMNNRRSUVYZ[^^`adefgllnpnquuprcBV__BqG""$%*'/8@@ABCDEFGGHIJKLLQQRTUXYZ[\^_bcdejjlnptqpr_@1[Wa]~o2u7"!+(3;>>?@ABCCDEFGHIIJOPPRTWWXYY[\_`abggiklolmdC'$PL_[Wx;&Z( !(24<<=>?@ABCCDEFGHHMMNPQTUVWWYZ]^_`eegigdjbC,&$VZR[NH~#NM'(+678;;<=>?@ABBCDEFGGJKLNORSSUUWX[\]^ccdefghhge_G)$)&QXTQR67\Z2(/.>59:;<=>??@AABCDEFHIIKMPPQSSUVYZ[\aabcdeffjeG(!$#%[TLS?4$o>?@ABCCFGHJKNOOPPRSVWXZ^^_`abcceQ/! $RSQEF)),Zs*3962556789:;<<=>?@AAEFGIJMNNPQTUVW\\]^_`aa[5#&LNSP@( a0>[<7276789:;<<=>?@ABBDEEHIKLMNNPPSTUV[ZXY\`]V&$"!!"$%POOI9$5W/k865.556789::;;<=>?@@BCCFHIJKLLNNQRSTZ[YVZ^L3 "&*,EHKF2k,a?45.234567889:;<=>>@@ADEFHHIIKLOOPQZTVZWC+ #'+-DIL@+#PCBY4-2122345677889:;<=>??BDEFGGHIJMNNOUSWT@$ "%(,.LH>0!(3[3k8(.012345566789:;;<=>>ACDEFFHILLMNRYP7"#',024,"&3_3a5--//01234556789:;<<=@ABDDFGJJKLSI4  !#%),/1(3\2[-/,--./0122334567889::=?@ABBCDGHHJ@)$%&(*,./$)&`0h))'++,-./011234567788<=>?@@ABEFFH#!"%(,024LNQSTUWX[][4X--'+,,-.//0223344557::<>B>BA0!"%&'*-/13 "#$&'#'2$U*,**+,-..00112233588:;<BDEGIKLMNQRUXZ[ZZBDGHIIKLTNRQMNRSSTTUVWWYYZ[\]]^^_^b^N@?@@DFHJLNNQSVYZYXWEGIKKLMNKGJH~KQQRRSTUUVVXXYYZZ[[\\]]^a[N@=AEDEFIKMNOOQSVXYWUSCEHIIJKLKLNMMRMQQRSTTUUWWXY[Z[\[\\]aN>>AABFFGHKLNOORSVWWURPACEFFHIHILOJQMOOPQRRSSTUUVVWWXYZOA;?DA@EGGHIKMOPRSUVUSPN@ADEEFGIHJOEMMNOPQQRSSTUVWXWXX9<=>ADDBGGHIKMOQSSTTSQOM@ABCDEFGGEDCMIKLLMNNOQQRTSUZXJ9<<=?@ABCEFGIKMNNQPRQOKOT@@ABDEFF?MBIGONLLMNPQRSQSVVNB9<<=?@ABCEFGIKMNOPOONLQX?@@ACDDEFBcmKEIJKKLLMMNNOOPQPSUNA::<=>?@BCCDFHJLNOOMKKLMV^>??@ABCCM9MGJBGJJKLMNPQSOC86;<=>?ABCCDFHKMNNOMJHJKPZc=>>?@@AAW~@DJEIHHIIJJKKLMQPD858;==>?ABCDEFIKMMLIGJOU^g==>?@JHDBIDFFGGHHIIJKMH<46;;==>@ABCDEGIKLLKJKHJNTY`g<<=>eu7KC>E>EEFGHID=768;;=>?@ACDDFGIKKJIHJILSZ]ag<<=:F@CGBADDEFGHIG<4599;=>?@ACDDFGIKKIGFIJNV\_cfòŲdzɴ˶̶ѼҼս׾ĬȯʱòóóĴ⟮ŵŶƷ˛Ʒȹʿư¼̾²Ỽäʴ»㷸ԺоѣɬԺíϔͧϼĎӝ緸ӗ~괵vw󤥦xЌѳĔ䊌{LJ͊řࠪଣ~|~阙Ӡ~ˆܞ¡y|~~ɝ|~˝~z~~򗛙}{~~ҐϜ}yޗ{z~膇~w}~}~탄~vxy|~yѐv||}|ϒv||}Ϗxx|}~~rƈʏvty|}~}~~v}뎒yvy|}}~}}~sߌ}uw||}}~||}~oߌzy{~~}~||}l~~wx||~}~ܦyidb]VSQOONMKIHJKIGMTlnjea]dr|kdb]TRPNMLKJJIIHKT]jmha][fw򥘊|lec^RQPNKIIJIHGIO\hjmf]Y[jܧ|leb]QRQNJHHIIHGGKTblikd[V[o蓮}mgc^RRQNJHHIGGHNYcjhiaXW]tݦ}mgb]SRPNJHGHFFGKT^efed^VXb{ݦ~ofd\SQNLJHFEFFGLYegdc`YRXgݦ~ogd\RPLJIGECFFGN\ijd`^UOWlݢ~pd[VRMIIHECEFFJT`gfb\VNKXtݠ~pe\WSNJIGCBBDEKVbfdaZTNN]zݞ|oe]XSNIHFB@@BCLZdd`^YPKPcޝ{nd[WQLHGEA?@@CO^ea\[VOJTkޜylaXSNIEED@?@>ER_c^XWSLMZuޚwj_VQLGDDC@>?>IV__[VSOLPcޗuh^UQLGCCA><=?MZ][YTOLKUnޔtg^UQMHDCA=:;?P\[XXTMJKXs{ocYSNGEEA;89DSZWXULF>PeߎzmbXRMHECB>98;ESYVVSKFCVoߌxk_VPLGDA?;78LUVRPIDETk}qdYPKHA?=;759@RVTPKDAG^uzn`VNIF@=:855711..8GOMNG@?DTl ibYOH>5.,+,2@LOKKB=?L`y gaWH<3-,+(-:GLKIE?Lax]P=-((+.,1;EKIC?>>EVmTD2'(++*,7BGIIC;<>I_v')**))*,2=DCCF@60EZo'())()-08@EC@?:38Kat&'(''*17<@DB=857CXm|&''&'-6=>?@@958>Odx&'((*09@?==<73:G\o~&'),05;@@=:946@Mfw'(+059<==:643;IVp}(),29<<:86404@Q`t+18<<;;<4.-4@N`m.27::99:0-.9GWfr24788765,,3AQanw~4567752/-0;J[jtx~356752.+/8CSdouw~~34553/,+6AP[hruv}||}|}~~3442.,,.=JYdkswvzyxyz{zytvvuuy{343/+*-1BQ_hovyxxvuvwxvupqqoonptx-.,)(,7AX^hmpqruqqonmkjhgfghiox,+)')1>H\aimoopsoonmljihfeccdeis)(&&-8GQaejlnmmpllkjhgedba`^^_ai%&%*4CPZdfjjkkmiigfdb`_]\[ZZdz#%*2?KW]deghihijfeda_]\[YYXWWVVWaq#(0;HSZ^bbddfeeba_][YXXUUTSQ\j&,6CLV[]`abbcb`_^]ZXVUUTRRQPPOMWd(0;FPVZ^``aab_\[[YWUSRRPONMMIT^/8EPUZ`c]]\ZYXWVSSRQONMMKJJIIJDMU6=HRWY]^ZZYXVUTSPPONMKKJIHHGGCKT?DNRVVXZVVUTRQPPLLKJIHGGFEEDDEAIREJPSUTUVSRQPOMLLHHGGFEDDCB?FOILOSRRQSPONMKJIIEEDCCBBA@@A=BLLMOONLKJIHGFECBBAA@@?>>?:?IMLKJHHGEDCBA??>=<;<9==<;:99:8;Fǿ~}~|ǿ~~}ƾ~~~}|~ž}}~~}||ļ}}~||}ü}|}{{|ü}{z{{|ü~|zx{{|~~}zxz{{޿~|xwwyzݽ~}{wuuwx޼}|zvtuux޻~zzyutusz޹|yyxusts~߶|xxvsqrt~~޳}yxvropt|~|zzvpmny{y߰}zxwsnmpz{|߭|yvtplmq|}zદ}zwtrnkms~yzৢ~{vtrpljnuyv|ट|yuromjjqz}uw࢝ywuqmifit~zuz࡜~xvvqkfciw|yu}|xtrjbbely|wsx᜕|vrlhbagr}}zvt| ᖑyqiddaakzztsw |rh__^_es~|upr{|pg`]^[`mz~|vpmu{nb^]__^et~}yxpmo{{la[\]__dnx~|vrllt|o`[[_][_juz||vnjlxXZ[[ZZ[]fqxvvwqgfvXYZZYZ^altyvspkdl|WXYXX[bhptwunifftWXXWX^gnpqsqjdgm}WXYY[ajqqonmebitWXZ]aflqqnkgbcmzXY\afjmnnkgbahvYZ]cjmmkigb^am~Y_fjjiijhb]`hv\`ehhgghd_^eo|`beffedc^]akxbcdeec`][^eqacdec`\Y[blyabcca]ZY_juabb`\ZZ\eq}aba]YX[_hva`]WRT]etz񈇆^]ZTSXblx}~||}~TSU_kt}󈄄}|{zywwx}~UTRT[hs{~|zxwutsrrwyQT[dox}~}|ywutsqqpoonntu~OQXbktz}~}}{zywusqppmmlkprwOU^hpvz|}~}}{zxuvurpnmmljjihhgklqQXbkqvy{}}|zwtqsqomkjjgfeddgilX`jqtuwxxwutsrqmmlkihggeddccdeca^elrstsuutsqponjjihgeedcbbaada`diorrqppqqpomlkkffedcbaa`__^^_b_^ikpqqnmnmlkjigffbbaa`_^^]\`\[ilmonlkjjihgedcc__^]]\\[ZZ[^XXhikkihhfedcba`_]\\[[ZZYXXY[UUgfdcbba_^]\[XXWVUTUZRSihfeebba__^\[ZYXVVUTSRRSYQRĽĻ𯲻ù챰¸ƿ¹þĻ¼ǿľýĿ½Ļ묦ú¿Ž¼ÿĿĿƿ½¿ะ߰ߒߑޑޑݑݒݓĽ¾ݕܘܜ񞟠ܝ㝞ܝ񘓎񱰯𙘕䖔򓐍⏎菓䎔ꢡ䙝非    6g($} H 9N0%w!  F    BM##u!   G    CU0g0#  H      Ec+`E   F    0o%Qc%  C      !cV PS5%  E         *WM 0RFP6 I   A^      .OT &DSPVR  O\1       POB'  #G[I%        :MQLI=GEJNIKL4                                                                                                       !    "    "    #                          _    Ԏ  #sn   {u 6È$  m:    &        7e        =>        1)x糘 P VJEEDGHGNQHTVPEQP=DEE Y&t  þĶǿк x         $̦ O   7C    & vĸ>4   p uxlJ    C   _& + D& ! zmλ ^F   "*s  1   >ܻʸɼݩc TP  0  3  %t     ~$ .  } AK < d& "W nn   89<>?>=<==>?@>>?>D3ZHB>C?A;DBFBEB6531;4l554456468877:<569;<==@=G9\oPC?>?F>GCD@3278952j445754456623468:<<==<=<<;<>5@cnCGE3DCD=@=3530943k3433534678987112468:;;<=<<;9<4A@>fx?TT7E7HF7,-+.4/4l44211246752246211346889:;<<=<>;rqeJ1(+0/9#)7/31Fj~lH-+:220/001221210.1A\ptol`jhmqlnoV>0/.261221012132-/42062,,24//2001.+,058+/942402210 140391).)-23.*-31.31/3346.,--02213425:4.23/++/31-.,//..*(-23133122 102430/0.+-*,/21/.-/1/02011/--/121/22 10 231/-*2.,/.,.2)2-/2.1370372032../01101-./0,-..//00-./0)**++,,./01//.,-./0)*+,-..//--,-./0*+))**+,,-++,-./0++()*+))+,-./+*+,-./*)+*+,-./)*+*+,-,-)*+*+,-,,-)*+*+,+,,-)*+*+,+,-))*)*++,+,)*)*+,++,)*)*+*++,)*)*+*+,*)*'())*-.*,'..%,.**)*,)%(-+(,0.- *)1|))* )*'/3.(*-,1#,45))*)())*0%',&$**()Bц!,))*)()*+3.',.)*$ِ,%1#))*)()&+"'4+.Rם;#/#*/((*) ()+$.0.W/.&#-&/((*) ()+&.?5%)")-),)((-2"&%'!*$.$)((),''(.+,,$*(*"!I}&,))(,#2) $7-"-0''+''$)$'%,,$"LJ )())(')),0,"-2"( -))+,'++)*+/XF8&-*,,'!(/&..'+*$*'%$i,".%$/f_[[Z^aa]cf[hmdWcfT_[['&'o:Շ,$('Ƕžý'"򦈒1-)2)%%&'*+$0'&/$- "'&&'$/'6Ԯ:!$)&((,+'&)i+%!+(+.**'+%#/SU**&,(%,%+''%)+(,>''!&/)V#F/$)-#'+"&''$-&+"'' 1.,/凃n]$''*$%&$''*&&^.#'', !* !KTJZ&)*"*#.%''$#(`%"&''&$+(!3!9s,,% '(&)''%V,&%&& 0 (#'-ب$%K2&"*"+''/_%-'&&/ ,%%&/"3l#Hw>$*#)(''(C!$()"&&'()$%%$$(U0!=;0.#''&}#, .&&)$!+"}a#")*()'('$&(0*(+$"%%&!(8* %="&+ &%#.#!@-)#$%)(($&#"#R&(*r& bO')& .&9 !# ##!&"'+)<'+"6ޡ.2%*5 #((&&*($&&%*%*'+"((#&8*#A )(%(+(##&%$%-%)-(&'%`l#, ]$*)'($))%+&&#*!"u8&&"7l'+##'!%%&yz}~}~~p{ts}|somhrnpsruwxy{zzwwz|vwz|}~~ς}uuv|~qputtplorruwyzyvvuvvtstuwy{}}~~}~}}{}|pzvws~tvtpytmnrqtuwvwyxywvurrsuwy{||}~}}|z}s|xlu{xppnqytnorprstwyxvsprtsrrtuwyyz{|}}~}}Հz||yxhx~{zmuwuzvwlnqpstvttsqrtvytsrrstuuvxyz{|{{|}~~|{{r|{h{whilottyilpquwysstuwuqlttssrrssqrstuvvwxxyyz{||xq|uwtl`~`fqntmkmqquvyssusooquttsspqruvwyz{{yy{xuq{yxe|bgiuqoprprstmsupnssqpqrsstsswrtpqinnotfodljfk_pfssqpqrs swvwphnuoi`cfis]cqimk~ecrssqpqqrssrussqmjjgmn~{mlkosnssrqrsrtslnrmkqqkkqqlilmmnkhimrxkoytrtpssrq rusorxpglimrqlhioolqomqqrxpnoorttssrsqtyuosuqmkoqoknloonnjhotusuustss rqsronqooqnpssrnmlprpqsqrrnllnpqpnss rqsprtrsqpvrppokmqjsnpsortunqupnqppqrssrsopqrnoppqqrropqrkllmmnnpqrsqqpnopqrklmnoppqqoonopqrlmkkllmnnommnopqrmmjklmkkmnopqmlmnopqlkmlmnopqljmkmklmopljmkmklmoopljmkmklnoopljmkmklnoplljmjljkklnoljmjljklnnoljmjljkmnnoljmjljkmnojijbgjkkjgfhjbkmepvjjijekpkgiinvlqd\iij ij_issonolvisvmiijihiijg`fpmknlxkqPdiijihijcqmkpnie\NTssiijihidjdgtdbe[qjpthhji hioiqpT_yZimovfhhji hirlr_uOmmbhjdjgiiepfrrqgkflblqrkgjjk}fqlk`hfucTqaolligarmej}eg\iqnciihhfde^_\eekc~ZlqjjifdaRenbvXgo[ceYdeeijeikijkVnaSa`hhfe`RYRopjapd`𶹽ؿɳhmbcc{ti`zhqgU[gkylKhrbTɢ`\xmMZ\ooV\ch]_jirfnchmpphnpZ\jff[UmbbeijihCkdjabghjddhkhgmRblcfb_fb`qqhhl^wdhlyhhclv^]xfքtchlcgmhlhhct`hѪWthhdygsfZĕpmejmghhfhhft_c\shhrgjqaVtylopksi`nbhhbgrUtfhhgitpepCY]^]olipkfchhd[`zbgg_pfng_ceMlleHamkmaehh\Ospeggi]lfhiobyq{j\miehbhhbqbc}c^gg^`fdfhhcahenXvem]hhfWm`fgg`Jc|ichgbierg\[fyFlja_^bkkgi\q]YehhinTdqmk[b_g_mm`]bmbbgyeigtogeea`pf[Smpi^nftkohhmffgjeuheKnmYelKYYhu^]WfhccdfeefiYn]P`[ctqYJ]\\dkOfib`fijjfdZpZ_gXgkk\e[Zl]Rhqjejkggfr`fc[ft^hky]i`dY]bgpidmnbb m "$" %).6;?CD Y6!! '+07@@A X9 !&.15<>>=\7 %)028:;<:9e&   !'-14679887Hb   #*.3354(    !&+.2232233   $(+-110//. !$(+,/..--,, "&(),++*)( #%))('& "&''&%$   "$%%$#   !#$$##"!   !"#$!!                                                                                                    (RsmD     ,`yH  >_̉8    ص6   D@    &        Ya        gd 3P      GGʊ 2:       w}*K        -oy2       F  oT Dg    n_ '          L   s;        -     B:m     I~*J    I  &۩v      <  Hyė坴    \{ E r~cܷRߊD   ~M nms5A c   %  pd'Se 44  D:) ju .   QBƋ !go TǖD       % B  #'ȾiſƷéd¼(  xpϵ  -yC$ TrЮʎ    8 [ V޶# fL   Bƒ  Pdv _ '׷X     Z4>Xw|FA* + ܌  o >V= ƾnKC<i/    ^ .( zϒz^  %   m=S?  9=957>6A@??@BCAABBCCDDCFECDHJH>9326:;;==>?@BCDJKKIFEDHLRY_cefA58B4>|W??>>?@ABAABCECDGGD96457:;:==>?ACDEJJIGFEFJOTZ`cde.<@1:{Z9==>?@@ABCBCCDEA=34579::<=>@BDEFIIHEEGJNRV\_aba?41>]6:<<=>?@AB@ABCCA<6247889:<=?ACDEFHGDBBEIMPSX\__^]*7:_5?9::;<<=>?@A@@ABA=734687668:<=?ACDEEDCABEKPSUXZ\[YYA@J1D3=99:;<<=>?@??@A>8326787668:<>@BCCBCGMQTTVXXWUUi56<1E689:;<<;;<<==>>??>?@;42467789;=>@BBA@BDEINRTTRQJ/<32=6;89:;<<;;<<=>?>??921545789:;;=>@BBA@?=?CDGJORSSRQQPP56789:;;<=<>=9402434689::>?AA@?@A>?ADHKNPPONNM455667789;<=;8312445679::;>@A@?>?@>?BEHKNONMMLLKK456789:;<=;85323455678:;<>??>=<<==?BFHKLLJJIHG4455667789::;=9522344668:<=>>=;:;<=?CEGIIHGFE456789:72013446678:<==>=;:9:;>@ADFGGEFFEDC34455667897410134366789:<=<<:88:;=?@BDCCBA3456789421012335679:;<<::98679;>>?@AABBAA@?>33445566566782112334679;;987679;>>?@AA??>=234565567752001233445689::998779:<:;==>>=23456556764200123344567998987789;::<==>><123456531001123445789987765678:89;;<==;12345431001233445688776654456878::;;901234310//00123345677655443234575688998012323441/..//01223344566544321123544677887/01213430.--//00123345655332100124235567 7/01213430-,-//00123345543210//01323556 6/0//01/021/0483343/01-..//00232210/.--.//0234 4.,.032/,/./11//121//*'+-../0210/.--,,-../0234434431.-.//+)*,-++.,,.)$*--.//0110/.-,,-.0123433(+-../10/.0014.*-,,6,--..//0/.-,,++,--./113322100//0//22101233,22/2/+/,,-./.-,++*+,,-.01221-+(*./,(-/0.-.00,-,++--++,,-..-,+**)*+,-/01 1*+-,++.2$*.,))**0*,*&+-$++,,--.--,+*))*+-./0100+..).HsɧZ2++,-.--,+))()*++,./0 0%AwȐa?5--/.--0//b֙O20)+4..+(,/)'*))(())*,,-./ /ǗN%,2'4.*,//./++%)&),BkҜP%/"20++%#'))(),-.//.//@0%))&(0,**-/..)(04#& (*10un,*))&(*#))(()+,-. .*''+.,)),,-,++.),,('zy5!,Pg.$&*":))(()+,-. .)22'$-0,-..-++,++)('&_[֙4.-CU+-)((''(()*+,- -#05/+/,--++-.-'**(-#+,,(1Տ:#(dמ(('(*+,--,),-)(+..*,,)*-.+,++,*&F+2,1&*|ϑ2&%H"((''()*+, ,%(('*.-(*,,)*-+',''/"(],#()(.-+l'T}((''()*+,,+&0'%##{**))("Eɩ1.ġ/ ' ..'**+,++('(##)-c))(,(,R-#*&& "/** +,)6*0!0,++* %Nސ&%+$,$**+*Ǟ*%&,))*)^VccdYi]\\[[Z\_`Wb0&.($))*(ɻה$"{&w$!(()('*'-({}0&&%%$1 a #B{$3K)(()'(#)!(&g))($"\$=;::99878872:EDCBA@@>=<;:987767619A@?>=<;:99865545443509=<;:988766543223323/8;::9766544332112 1-78765433221100//00/0/,6543210//.-.-/.+632210..--,+,+/-*5.-,++*))+*(-,+*))((*)'-)('&')'&,'& %(&$+%$'$#+$"%"*"#!$ ) ! $ ) !% %%$$##"                                                                  /B  dcba`_^\\[ZYWVVUUTSRRSRMa`_^]\\ZYXWVUTSSRQRQL\[ZYXWVUTTSQPPOPOO NQPLXWVUTSSRQQPONMMNNMLOKVUUTRQQPOONNMLLMLJMJSRQPONNMMLLKKJJKKJIKLIONMLKJIIHGHGHJKIMLLKJHHGGFEFEHIJHKJIHHGFFEFHIAIHGFFEEDEGHAFEDCDCEG@DCBDE?BABD?A?@C>?@>A==>=>A=<=>9<=>9;<=9:;<8 9;8 8:778797676965674578145454560434324.324322100/2,232100/..-0,1321/.-0+10210//-0,0100/..--,,-0,/10-,0(/100/-,0(.0/.-,0( .-,0( -, +,0( ,+*+,0(,+*)++,0(+*)*+,0()*+/()*+/()*+*/')*.')*)-&()*(-&()*(,%()*',%('+$('+$('+$ '+$ '+$ '+$ '+$ '+$$("( *&&%)#.$!'#!(*&&%)#3)$&"(&&%)#5"*$!-%&&%)#%$'%&'#+&&%)#1"'&))(&&%)#B1$!-#&&%)#W**(&&%)#񕔓 򒑐 𐏎񌋊 򍌌~񉈇 }|~~{~~}~|~~}}|}|~}|{|{|{~}|z{z|yz|xyz}wxzvxy{|vwytvxyzuwytvxxywvttxvuttwxvtstvwusrsusqstrprstrorrsqnoqsrstzvprspqsxtorosrqurmqptsrrqpprpkpqprqpponnpnkosrqonmpnjonrqpoonpnknqpponnmmnpnkonmnmongonmmlnmongnmlknmong nmlmong mlklmong lkjlong lkjllong kjklongjknmgjknmgjkmfjkjmlfjlkeijkeijkjdijdijicijicijichjichjichjichjichjicdef]ag_hgghgbpebgc`ghgghgb^wlhibecgghgbuebogbkagghgb_`iikjagghgb^Tciml^dgghgbjRoifncgghgbTmnbhgghgb   e8 $zM  9<)zB       6Q  I >    !b ,%   x xc:     -ɋ@     >     b#Z` ^|r   b/{ _r -AEIHFHJFRj    8ӫ B        : E~    ݷֵ   >      5A      0?b    R6M  þ u{ ,з/   þ V&/~  ¾ GdZ3¾ M + n* ½ :K  ½EI T zP(& ߻A {,  }H ]     : +A H A f H XU D  b b zD  hq EM  F2  G   ;@  Z?$xx& C    |J  J2:@ 4  7G  xK `B?D о¼û漳ǩە   kG  > yO3f  eEӰ}ѥK   xK  # !#?B>+   zH Z   ^      zD    g / F  )P ;  {B   ^ D  M   }H        wE   d  qd tG   +   wN   ]   貮׮⼫񶺰ҰĮ0  xT   '5+   |> UA?9ACA?M   ~G      x: f iu  {J  e  $  I  h%    w?f 1   wN w   <'    a      %      eԸH     \ˁI     + }B  ĒL +cg vG  BF   5`|űt+ H   (SǾĻwT  wN  2C?=D;( ~I  z     L         oC?A>BC@@BB@QHHFIV    wt}{AJ    zJ"D_   D} +/   H  L{6#   LE  E  H  DJ*vJ E C  P3~<  EA*f D  E  DQA uG  E  G  m" ~;  E Fe   {@ E Da zD E  D ]  |D  E 4   e! |D  E 7 U   |D  E?M7   |D  EH !A  |D  EMm   |D  EI  W    |D  EC ?   |D  E  @ )##!Q*&#!6"'!3+#+Y%$$ $&($$[%$'?Y%!)*%!%&'*%$%"'%)!-$/,'$k(*,&"*,Z!)*#B$(!$& ($$[%$'1HY"%&)2a.1%%-!%%O #(@ ##F)#%^+&W$$''($$[%$'-4r$#$+'[%*,)'.":+&q/&#($)*#)(#$"o)&&!$($$[%$'+)3}"!,+ X (&% -4''j* ''(+""%1" (e%!,#)*($$[%$'!','("*'P/#%&$.)5$/Q(##!) $&"'5*$!*r %$*&($$[%$')#--/%V*(16l#$*>$!&)~ '-%/"")F&+$*'($$[%$'-$0'}:#5+#*#^Me[YZ+)#'>R#*"%#[2))0'$%(&"($$[%$')! &"#,*w* ,!,OO##!&/O|00Q-+'"/ '!*$&#"%]'$((Q('!QP%$*%&)p\",%7~4&$ J+%$#"_!$&NM$NP&%#&&!")I, (.$$#'++NT"&.'%)%'%!$_$'&&$/cRIU/"*ҽϿ㞴""&'# !c_,(!#(S̸+)*"##*)#')(!b#*&&$+>o&&.'/'%%*pQժS!+$" !!(a' $$')6Ú1'+*."!2)&&B[[VE#-+.4+(&&*+$ * !`"+((#m'"ё#*&% !+w!%)#(!'&"!&#+#&&#%%($.&%'b!+'$$*8'&ѐ$ | $('$C#""! ]!$' *#&*'"C$-ɖ'*!b,(+!M&*&&#)'\&*&$)3%(3${-,č(%5Q(9%^$)++(##d!#*"'#+"!(+.+#К$!$%%$/-&'!!$(+b)(&/$(*+)"~ "/&Ə%#-"&")~#%&&%_'##$% "D%(˒/0$+.'%0-&#''% 'd%'$%!'&j$/!(!*##,!0"/% (##"$b!# '0="%'%Ó @,(& %%$'\'%'."(m$%&*$"̐R_`_[]^'j+(#'%%#'d!*3#!'$%&*$"̐%)&&!$%/')+"&&%%))T)%/&}("&$%&*$"̐%#$%!$&#('&&%%!%&a2""}-#))$%&*$"̐ "(*$&)@$&$#"(%%#(`);*!)$%&*$"̐#&+(#'&)%%&#%%-&U$-|8'"*%$%&*$"̐"%)"#'G"")&*+ %%$%(c&6!%'*$$%&*$"̐"'*%!++$)#%''&%%"0Q:.2&$ $%&*$"̐!&*&$(#(&#"!!%,'))'-&)*)'%%&' #$&*$!!*v*%%$%&*$"̐"&($!'%&++&"!$"& !'$$##&('%%.$"# "'(259*%%$%&*$"̐"&($!'%*% $'))"$"$$!$"##%(%!"'$#.0$'*}Z%&%%$%&*$"̐"&($!'%!$$#$(-#$$((&''+&$%%"$*%.*+r*^'%)%%$%&*$"̐"&($!'%'&&')($ +((&$%&('! '.,&"!$<ʜ0!&X'.%%$%&*$"̐"&($!'%߬c.&* !&##'$#$')'$#%("+%%(##(,+@ '&'!&($$[%$'%%(&%#['&$Q2$%%0)"0!r7# &"&)!)($$[%$'%%(&%#[&'#Y%"%%1!%jT"())$*#'($$[%$'%%(&%#[#'"b!&%%+ '&?^)%%!$#$'$"($$[%$'%%(&%#[ "'"g!*%%$!#-)%$(""&&($$[%$'%%(&%#["$'#c")%%(&+v=$)%*%&(# &)($$[%$'%%(&%#[ &&$]%%#)<^&"%$"&($""($$[%$'%%(&%#[%%Z)$h`s^XΈ_dXiцRfqgزfahYIekkcdhfjbcjewrhqdldlVoVcg^fegkinl`qj]hbh]]sdcld[WleindohgfbfjbcjeWts]phu\lkYlm[fcchm^_x_\[jenbdf`kgaTjr^ă\keggifjbcjeVay\knmXvbh^momq[Xjesf[opeXr_td^see^]}[immd^ffjbcjekh]qedjfp]didej]b_]vYk`k_bgbse]lang\yaehsfilfjbcjejfl`]^T^tl_kkek_aTgi^in`Hcjcahfcm`cmj`lkZjhfjbcjeejZpSDp^ho^mMbMi^r`]mbלUpebiiGXedarfrk^jifjbcjeYtgYpi`\hrlaqcSpӍfck\~sZauWz_nW|SdflkfdfjbcjerXWmkY_lk]alhilPĴT|df|`Xpyae^Qm^e_hbdcjc]odfftqLucc]kcc^eglgpZ_غseok`sWgmflfgjngdpkkuL}kjqrhYha_aaQtpPkaqbggjl[_ztX\d][_[]^bYY``X\Leep[mWrkz_f`iwkF^\pomMQ~chnabbihbfhke_a`meeq^X]_jolfcbalhX¨KyМЁVjegiged`bfb]ebac_ddrgVfbޠgo`aeieudRjsdea{vUdelXvoommqrkgmkc`mnkkfasd`_^k|cZaeNlk]^ZjkumjhlehZZgdffie^oeha[nfeeWb[cQݭiZfch]qfrxiggfl`ĉ`mindlcfjcnefOlkdn[ܐthb`]{Ogii\j_}^k_bdUl]`m`RSXvޝeiyM~jmof̣[nccilcalkinhpgdknfXekllkrq][qWQib]iiZf`^f\lcg[jf_WYZrkژ`W`ZbInyhbsg``njcajplotvojeTykersrVnptdd^gj[p[iibd`^cd^ddm^aQOaqah֨pjVXmlZliRacT^``bcb_bcT``e[ga^XrY]`޹cw[\qm`ffsgYgh\o`rt^aeeh[liۯ舘_ߔ^iihcffmnTaidazUUZgeeh[liۯ`fUfdV\XS`qkjbffoc^st\rbXhobeeh[liۯccWig[cRennhaffbg[mjrbXYmq_eeh[liۯegarn`jhZgifbffbhRÖjuXVtirZ]eeh[liۯhmfqj_j\_nedfgffk]]i^Z_c~c[aeeh[liۯflakf_jflpbaliffbf^Z]g]i^bjmeeh[liۯdk`lkdjijzj_\gtff`pQ~rXemeL`rveeh[liۯ`h^kk_aabfjkidbdjedd`d]dedb``abgf``c`_entPcffeh[liۯbi_lkcftqk`Y[fojneffdjgjiilnmkkhflupg`VkSbkn`ffeh[liۯbi_lkcffimsqj^Thjhjjdgeffhkhdejjcfc\j{{B~dlnffeh[liۯbi_lkcfbdc`]bir\]]adbccd_]^^[]cal`alTa\jokffeh[liۯbi_lkcf]\X[bhlmgddehjc]\cjhb^mhi_p_]bf]bffeh[liۯbi_lkcfљqbba^cdkjlrqpilnlihjmYjjgchcdiZffeh[liۯbi_lkcfclZ[`XZfddUYYT_ܳ}ilpn]l^ȍ_mbffeh[liۯbi_lkcfUY^^iڻ̣lig`Z]d`fed`xkffeh[liۯbi_lkcffc\jpddggdffnjgcrmioqmknoljb^`hSdfaim_effe^^cf_[\jeabfigdff`aa\f_cVUacXWbibaafedgbnmZ`ffmkgccdecefhihggf`fV_kW_fXhffehfdcfgdghgeddfiffiP¼¾ꎩffklnmlgffccdeffdcffgrgUYUSR\y{_]]dm]gObhXYffjefjifeijhghihfcffqkl‚]m[ecc[hhddlk\f\ja\cffgdcddaadfedcdehiffhmdqxkccdcfnk][[a^^d\ifffecdcb`ehjiecegffVdPŔl\`ddbadc`uhoqldgk_lrffbg`najfTt^njffhebekeag\lieffgcgbciWmwf]rffhebekedi\jf_ffhohbj\ui^}dp_ffhebekedi[id]ffkiglZ[_\[aigffhebekebg[jgaffen_]R\`r^`alffhebekeag\lidffi\f{`_jeea~^n_ffhebekedi]lhbffXphhdk]iqd]idffhebekedi\kf`ffd]aecfshm]^hbffhebekebg[jf`ffcekgpY[Yqbicfeffjbcjeffhebekeigag~mffedfnYha_ahghbgfjbcjeffhebekemhcerffp\jdp]kdagcgjbjfjbcjeffhebekeogddedffYq_acZijj`ekdhfjbcjeffhebekeoddcahffk`db{hdfbedehecfjbcjeffhebekepcdcalffd^^fUjbf_eiccggfjbcjeffhebekereddbkfficdt`llkfgidagjfjbcjeffhebekepgceegffdfrVbalfecgieccfjbcjeffhebekelfbfifi !jH cX gd q               )      eB<@F5                         0   ,=PK,    !MS4      ]>  KLL7 JU ZN SX    #KX $VC    UM 3`   ZL \/   `R FN    N[ (c    k o   j n e i   l" j   V/W  i 4N  l H"   X f   A0T   ] F |("$%%&#+{^#'"%%&#sm %&%%&#yy,* &0%%&#-2) %%&#+($'&%%&##&$+)#%%&#%")#+!*%%&# %&# %&# %&# %&# %&# %&# %&# %&#*)*!/(&&%)#%,*!'0$&&%)#4#.(-!)&&%)#<&$*.!&&%)#0"((#$&&%)#%&&#%%)#'&!%%)#y"*%%)#`Z]cR1!%%&#$"%)% (%%&##%&##%((%%&#!$&##$!%%&#'%$%&''(%%&#*&$&&""%%&#%$%&&#"$%%&#('%#$'(%%&# %&# %&# %&# %&# %&# %&# %&# %&#%#"%&! $&$&&"(+%%&#*(&%$$&)"'$!$&%&%%&##&'$&*&%))%$%&(%%&#M-&%,(#'#&%%%&#IZmhH0& #)*$!&)%%&#()'%>joP'+# '"%%&#&",#!/:{[:(##$"%%&#fgfQ, &%#2gr8(%%&#.#n['#+%"%%&#'$(#.+um3."$J}.-%1&%%&#%+%!)$ )&5yj"*%%vL"3(*%%&#!')!"%!-!;~p$'&&`k3&%%&#,%(($'* %*%7mz6 $B,%%&#!+*#$" %*#')!&'5%72(%%&#+&'&$*,!%$/!"+&%!0%%&#%'2&#(%,!!&!%&#%+=& 1,2*"'"%&#%(,&pI'6q$)$(.%&#%#/"%0'!Nk"&-%&#%$'!'+%&&e?)%,%&#%*)!)9v&%&%# %&#%+&* . $_K*$3q-(&%&#%&$ -'")x,*#c;'$%&#TpliffhdbDjmbffhdbМ`lg_ffhdbƦfpdfhffhdbɲOqYsfZffhdbQmbjaddffhdbXbpc_agjffhdbaillY__tffhdbfhdbfhdbfhdbfhdbfhdbfhdbfhdbfhdbs`fcZofugghgbkoj`f]pdgghgbi\`tnmZ^gghgbd^ku_jWgghgbX_rsjgghgbVdninffhgbMaiiffhgbKZkffhgbk[affhdb^\_ea]_gffhdbbdeddhkkffhdbafheghgcffhdbigfijmmnffhdbjfegieekffhdbbabffdceffhdbcb`dghffhdbfhdbfhdbfhdbfhdbfhdbfhdbfhdbfhdbecdgjedjlgigchkbffhdbjhfgfhjmejebefeffhdbadgdflh]fjjfdefhffhdbi]ef[`of]cgcfgZffhdboea\_ehdchkffhdb`aa_z_e]\he_jffhdb_S[g^^lwtdbfigffhdbg[abWhwameffhdb`navbRhtfh_Xffg_gjjgffhdbn_dh_viZ_bU{]fakec^ffhdbmahj\_kfgTibfjlc^qffhdbkqkekgajYhZYe``^qQejffhdbfejlefjdmaXtVW_aSod]ffhdblehiekndgkkcTknY]{fXaffhdb^hgcddbgmf]gg_bcm\Wplbffhdbb^acajlc_aobfqdpYk]^Yjffhdbfhji[[db\\mdcjghdbfl_gr]\oiqTkdkfhdbfnYk`Weq`hejarhdbfgqbaXkb\ag]o_hdbfehcgjW^_a{he^nhdbfj[lcchs_^Xeecbhdbfhgpfr`^c\mkhfhdbfcefucg\]eb]ygdhdb      {B  F   ˿    J       M  Ǯvk }L  !ňY   H    }C    }  E    `Ȇ    E   <ь   E    >Ԓ; E    *;  E      e E     d E     uƅ E 0cϟE .=ϴI  6̽@   )@9 !ۛS   ~˸_þ     % ,#(*&$"$($!$$Z$*)(&*$$%"*Ƶ*&#.1-0'&(([$%##$&((%"+!!*!#$!!$'!$$Z!"#'#$$%*$!-'%'#*$&&[$! &'%&&%-!$&%3+ӈ}4(,#6,)&&[(&"##$&&%,&&7֓p5( &"Y"&%"%$'!&'*.((W")($"#((%' ($*2˺$"*%)"%$''"$)[#%&(% %(#&!+&2tݙ3*$&#$$ %*"[#%&(% %(&&$/&+R.#&#*'"#)%[#%&(% %"$(("#+*$,SI!&%)'**&[#%&(% %(&#)(!$#9ϤK&.''%'![#%&(% %()"#(&&(#&/-v''*#"[#%&(% % #)&$&# "*+%3p3)(($[#%&(% %' (("(('''/( *|˖1%&"#[#%&(%0%sݪ#+,\"),/&%.%(P-+$Y&!%!%""%+F*!W#"&!&)%.%6"9EW!!,(%&&%$-!/e* %$ !"" %".%%/%2!"#|%!,("-%.!'&$#(""" %f\ah`Vne`__f]kjeecmg_cmeefh^pjgnfop^mrikkjnfcgokkfhkrgecicjeddg`dd`eba_`ddfdodM\oogqj\i^eefhbcgleefdQebfSam][F]g^kZS``be[X[b``fm_ir\j[rgiiakk‘biilnkkfqmwzXM_^t^eaffenh`bhffh`hdg[m]bp`adgdgfcfmekebehffidfahcRmeNsqjege`fmdekebehffigg_dlc[\db{khmjedjfekebehffeibchgp\afgmbkmjeekebehffkifji_adpoJtl^ZnkkhhaekebehffnlefigfhqjfboآXWgnafbekebehffiliegd`dtjkXidTkmjgekebehffmfnkeiihfTfhdS`iekfeekebehf.f޼YuoWbgmghaeef\xXfgmqndffhhfTkUpeji]cieefsfmj}dkoedjhhfbqja`їkdb[\e``fd^ndfafoT`ukgUfckc^kepd[]kh_aekee f   x  {H  E E8" B E  D    \    J E  D5/  |? E  D[ڵH  E E  &A     E F   M      E E S  E  D :   F}3  G    F9  N   HNrJ>G6a6  ?  "XDC 5^Y 5"  9G I8q G   E> Jz   H  8E  I     J  U  K}]K = b nCf    I  C  \J~ V  C 3 +NF} K ;IEN@=>yBB% VJ1/N`   C (E;F?>% W  3$   SM  :   E# [  > p F5  A $< T  A  ]T  A ^ ;: A  ); _  A H0 c  A  \b  A   g f A i  j     Asq    G  gZB  H v 0b     ? PG a$    3%^  RT,   %+P7 3BS   =  CZ! \?  C& WM  PKLD"   B& WO AQ?ON:N& Jc >QHB&   $6rfOLk|:'*(%%$"$$*`-#+GdZe^][b`]]^``[abR:(&+#(-+2n:)$ "*"B>%&+.(%%#$"+%IF#) K  7 \     PPh   R(=n}  ?V ~Z   !.T  =R@y       A O vAIQ>=@FA=?EFC>CCH?<=:L M N       K B     KB      MA  N P    O  V  L $>T^ Y J0  P5D *96 C   N  P  @#   X  S  @)   T  34 I G `  K+W f F%  )Y  Z  j     r   p  s   ,b EO    \3    ^  HH   MW   OW  "cJ  #TZ8  %'*+($$"%$K) _%24#,%(%%&'&$*&Z!,]!,Y(*&'(!&'"!!("%#'%]#%]' 5XbnZd[L:-%##*'%&)*(%"!'#'(,U$$\'#"l(* "4LZZY\d_[]cda\aaf]Z[Yk$#['(%g'**+$$+,&$')&#%()'$" (%%*(-$#Y)%&[#($%$#$')'%##$$#$*"&'%$"#$#Y%#+\#+$('(&""'(&#%'&#"$''!"&&$#%$#[&![$%"!%'%%'&$%%&&%%&#"!$&$#&$$\&)&j)))&&'&%$%'(&%&()'%$*&$(&$%#%]&%)t)'"'%%#'Y&*A\$ %$%%&!a/{%'&'%%&f&gL(,*$%%#+]Q`)$'!%%#DFR$,)$ &%%']-&0&+"%%(h!'#!!$*"&%%&j%&%'$,VF(%$))!#(n4$%$(!%&%$)i'"%("**%]>'%%(!+!&"+q *#%$&#(!PR$% %$)* -g/)#%&'$%%=e("*%$%&(!.0z#"%&#%$#*hE*%&#%$%%$#'!>t)'%&#%$%%$##*$'!.%&#%$!/cA$"$(%&#%$%&'$Cs"$*"%&#%&%$#$&)*7s++!(%&#%&%##$'*,$' $#')%&#%($$!'&)&$%%&" %%&#%$!&#%)#%%,(%!.%%&#%#"&! '$'!&";.&%%&#%$&$ #&%$+#J+$#%%&#%#(##,&#, bm * %%&#%"'!$( *&vM+*$)%%&#%#!&!%;?w3)$* *%%&#%$ $*#'xca-RELEASE.2.2.1/xcf/smartcard.xcf0000644000175000017500000006224113614632167016164 0ustar tewardtewardgimp xcf file^BBEHjpeg-settings Ugimp-image-grid(style intersections) (fgcolor (color-rgba 0.000000 0.000000 0.000000 1.000000)) (bgcolor (color-rgba 1.000000 1.000000 1.000000 1.000000)) (xspacing 32.000000) (yspacing 32.000000) (spacing-unit inches) (xoffset 0.000000) (yoffset 0.000000) (offset-unit inches) 'l+Xy Serial     N #gimp-text-layer(text "982845235693219567941432") (font "Sans") (font-size 8.000000) (font-size-unit pixels) (hinting yes) (antialias yes) (language "en-us") (base-direction ltr) (color (color-rgb 0.000000 0.000000 0.000000)) (justify left) (box-mode dynamic) (box-unit pixels) y y dy=iikii%kZy=Z4444?44?@㰲 44@?44A44+QA<Q6<A8TRJ+TRuPJ+UP8UJ 44m-44Km-EK44 Em-T}T>|}:::qky=y=%%Zk44 t44@?Q6C++<A+8P$8uuUJ+ K44| Em-T>|?}p<@@ Pasted Layer     Q@@@@1~yX1-+p)`ؾd(v'lq'm&n&p&p&p"e  {͈͊߼͈v͆W޳˅?ܲ˄ڰ̃ ˨ٯ̃Ԁح˂ ۇj֮Ƀ @؏ǾԬȂ ٫Ɂ ڒȀ ʲ~ ٘ «| { yxְv݂`bestϕiiYANmtte/׷r˯w>pM CѸZflQk\Fܨ_mMކ}ǐIuܕwܙ#ȝ7ﶡEĦ+dضq  p¾z("PZ$ $?F, (*/ $1~yX1-+p)`ؾd(v'lq'm&n&p&p&p"e  {͈͈͊v͆W߳˅?ݳ˄۱̃ ˨ٰ̃Ԁخ˂ ۈk׮Ƀ @ؐȿլȂ ٫Ɂ ړȀ ʳ~ ٘ «| { yxְv݂`bestϕiiYANmtte/׷r˯w>pM CѸZflQk\Fܨ_mMކ}ǐIuܕwܙ#ȝ7ﶡEĦ+dضq  p¾z("PZ$ $?F, (*/ $1~yX1-+p)`ؾd(v'lq'm&n&p&p&p"e  {͈͊߼͈v͆W޳˅?ܲ˄ڰ̃ ˨ٯ̃Ԁح˂ ۆi֮Ƀ @؏ǾԬȂ ٪Ɂ ڑȀ ɱ~ ٗ | { yxְv݂`bestϕiiYANmtte/׷r˯w>pM CѸZflQk\Fܨ_mMކ}ǐIuܕwܙ#ȝ7ﶡEĦ+dضq  p¾z("PZ$ $?F, (*/ $2 0\a.Z, ) *M`{ B )e(l' p'q& r& 't&wt$hj!dy}= 5O)wb; fD%<fF)MiF*VkF** #lF*-L|nF*Syrkd> 2pF* UޤsF) w#vF) -$xF) e${F) $F)  y$E) N$E) $E) $E)  !#E)#E) "E).ةE)rWGDJYE) !H0"&8RE( *. :[F)1G )P|.6 #! 9j :|F 8 ! 5\ /W (OCD.7_# )N;\txyxutvw _WYBex}|zyy{ bjYT dl\W fndW eniU cmiT cljS ajkS _fiQ ]8|􋌋rgA ^9qrkjjkijibUCg1ESSVTQMKJ bhiJ ckhL eohO docN di a/9 aMBCCBBFHGJMLMMk _`0 bfJ _fM agH `CsIϻ _&QOOPPOOLJGGHD3Gf443.24224 ae٢NM bhPM ahQN _eNG _eOI _fMJ `fMJ ahNJ _^ԠLJ a97557;BEGJ6F;]rpoqpqrq _U깳K9_nolnnoo `gKJ ahOJ agVI `fZH `fYH afYH bhXG ceZG a8w}e\< `8ke_^^_]]VK3X)AKDFHGEB? beٙXC bfWH ahWI _gUI `a/HONKHIHIKKIW\ZZP5 aU틌}~}}h7 * * * * * * * * * * 4 4 4 4 4 4 4 4   : ) ; )FNPMIEHHJYP=JFHIIJ= ' ;w||~}y{z~(,q|}zyyz|wwt ) U{pfbeiihgkns!x{noigffgffdbfgghfiji ] FogfddejyOcmeiodeffeffdcefiijihf ,nffiUxh_beZaggfggfegifghh ~a~khhfbi v|mefi^gllklkklnmlghfefhi ]{lfggfkk|ywy||}}zwljfccehk ]*}cbeddedfow  crjdbbehl ]1|`_baadcbcluOUUVYYU[_\XXYXXVMnlkdcbehk _5}`cffefdjqptomnmhpssrsstrpmgeefhj _8iillkjjkls}!mhdbcb^dffeffgjihihgghh `>rpqqrqwzggdcgheeffecadejiihgf e*PDEFFGJSSOON mddfklhghhghffhjqp\Xcfefddi i%#""#! #pecfjhaceghedchmy8 `>ysttwutv~hcbgkibceghedbioqYt{~vuvql Z.spgcdegghhilxr`]aglicdegheddhoq\pztihgfi Z*nhfeffhgikjjmc_cdhkicdegheddgoohtpj`cb]b ].qiighiijldbgghigabeghedchqikunh^adch ^2ulgeffghnikmihhf`beghedchojilgb\bgfh ^/rjgghiol!qqiffaceghedchojhiebahmii ]-qhdbbcdnm"qogdegedeghedchokkmhghoqjg ]1xqjggfggmiljcafjjfeghedchojjkfflja^ `9zywvvtwz{wofjf__ekkfeghfddholqwtutywnm j"'(%#ke\^dhgeeghfeejpp.22324301 b6nkb__^XPNPTY!nf__ehedeghfeejqr:47757765 ]7|soonopr|nfbcghddeghfeejpnr~ywuz|yz [-skiggihgfhsi!mhggiicdeghfeejql`ijc]bhfh \,mefgghgflY$kijijhcdeghfeejpnjoib]chhj ^/qidcciS$kjkkhcdeghfdejoolnhb\agej _3umgeejT$jiijkhcdeghfdekqmopke_cgfj ^1unjhhnW$khghjicdeghfdfjpgklie^bebe \,qlgffgr\%kgefhhcdeghfdfiqckkhbeeac [1}ytrrsrrvh$ghgdfieedcefedhre!uvxwruvqr ]==@@?AJ^D"bolccjihc^aghcdokSOSRNS^ae \.(()&(&nsnfejkic`bhhcdom#"$%"#! ];{yyz|{vu^%kjjeeinmgbejicdol#wwyutywop [3sfdccdcedcdgP&ohca__fnkfhmlefpjkjpminnhi \0yfbbcdgY.ujib]enkfhmlefpiiikhcggcf ]/uafhhiijkkjlW.~}uorxvns|shife`cdad ^/ydabbdepe "(%'$!/..79qmliejkhh `-{idccdeeiyMGG@GLHGHFCFK?: 7ɽ 7&7%7&7%7 7[< n:d#S9z: j8eos+8hypT8kfm97kdfrX 7qfXfj 7ofZak7lf_fl7igell7ghkrp7jlnqn7 7ihnrr7ignww7cbgqt7lsu7mnlrv7da]fn 7a\X`j 7fe_en7~|7656:A 71010,7yuz{7filtx7fbcnr7gfdkq7lkflr7lkeip7hg_fo7tpkpu7f`a`_ 7 7popp7a`fpo 7dglvv7los|7[Ybov7[\dpn 7=:9998888888888888888888888888888888888888 ( ( ( ( ( ( ( ( ( (((((((((((((((((((((((((((((((((((((((((((((((((((( ( ( ( ( ( ( ( ( ( (((((((((((((((((((((((((((((((((((((((((((((((((((( ( ( ( ( ( ( ( ( ( (((((((((((((((((((((((((((((((((((((((((((((((((((( f:V ~m ] P X݉\ %%E ݣ# lvF 4,Oy r;cuJ Ӏ-      4 4 4 4 4 4 4 4 * * * * * * * * * * c4M |b YF T ԁS #! ܅< ݣ"ai9 / &Kuh/[~lD ւ.     4 4 4 4 4 4 4 4 * * * * * * * * * * dtphffhingemziowogmkgkstrr~a"tfdb]cfdg |Z|jfhhijihfgoibgtehnhafdafnmfj{D!ufb_]aece ӽ)ofhlonkgcbhhghjhhihgjfdjnibjyAunggdcfgd LUvgde`abdfhkllkjkc\\qyD srokhgiijl  S~wkd]^chlgddbim`YgN]qgfbaab`dl  =|~urv|xttsvvz}v:o|wstqruwwm 1 '@FCDHJIIHHIHD>;E>DWNHJIGIGIH8 })   4 4 4 4 4 4 4 4 * * * * * * * * * *+++**D(('D f̪̪f?7s$7+S7`8q`8O R9!d:Q<7o!7'P7[8j\8KM9`:N<fgn~X7dgv87YazvM8fu1 8|<Y8['O9 ^:P<88898:;=~((((((((((((((((( ( ( ( ( ( ( ( ( ( ((((((((((((((((( ( ( ( ( ( ( ( ( ( ((((((((((((((((( ( ( ( ( ( ( ( ( ( d/2^Card     X^Xdd^X\\``bbdy.R0R 1R 2R 3R 3R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R.Z0Z 1Z 2Z 3Z 3Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z.y0y 1y 2y 3y 3y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y.0 1 2 3 3 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4@R@Z@y@R.R,R+R*R)R)R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(Z.Z,Z+Z*Z)Z)Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(y.y,y+y*y)y)y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(.,+*))((((((((((((((((((((((((((((((((((((((((((((((((((((((( 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 3R 3R 2R 1R0R.R 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 3Z 3Z 2Z 1Z0Z.Z 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 3y 3y 2y 1y0y.y 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 3 3 2 10.RZyR(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R)R)R*R+R,RZ(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z)Z)Z*Z+Z,Zy(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y)y)y*y+y,y((((((((((((((((((((())*+,d/2xca-RELEASE.2.2.1/xcf/icons.xcf0000644000175000017500000004041113614632167015312 0ustar tewardtewardgimp xcf file@@BBrK gimp-commentCreated with The GIMPgimp-image-grid(style solid) (fgcolor (color-rgba 0.000000 0.000000 0.000000 1.000000)) (bgcolor (color-rgba 1.000000 1.000000 1.000000 1.000000)) (xspacing 10.000000) (yspacing 10.000000) (spacing-unit inches) (xoffset 0.000000) (yoffset 0.000000) (offset-unit inches)  z@S+K2@@ Pasted Layer     n{@@@@;BZ35NlqvvpskD1 G/r .,:s T *8e~ )@qx?({n%p[^90##>hxtxG<,^WKk@Q~y5UA( g|oU{Ꮛjjk^nrlonl]`iko8p*lUfC6QF 9o7MZFnTbt 8 po;zPag >oyNJlcceccf >(mq^#qm9 >K[wy23aM @e,+4Nl yk:vxuoNNMNNB9BNNIMNN4 pwz0H_kho3#1{{$couT).mt3*-t+1 o-SP0GF6(1GGF$*~wSRRSF=FRRMRRS7 x3Nfsqx8#5 $jw~Z)1u}7*0} +5 x-!ZU0MK6+6MML(*_] E4Դ0)H.++ K) F)(JR& aȣ`Y}4DD9BH T9;5.   /0&ef)#'' + $!') , #0 ^N !)-% ( &% `& (L  & r! %   " #e 50 'Z   d.71?      +$E&F O  E  68'      .$      %m1>%( >#)5$8#8k SE9B4 ! 0*#B2/#lm.' )*&&&"./+-)*'! !5*-7  ^V 3"71+ .) F+R"#* 0  ) #  # 'n&! B 3 6\   $U7M#$<Y  * $   ,%I' $/)J U    N"7@2#      7'))'      & !.#4Y-0A#/L#3>%8!v  <];K !3KI5KA[#em%o>Xt>LxK:`C%xexy?Ck\2cټQT,OōjOFwJy7ż$WVEΔhr@Gj W҇{/Vs“EaߎS~U Y>UC,ތaa7' [AуMЖqT /r w6+<ܹ\q0C6hp)^ /IYOG0<*,"ڏ@}_jsSK%34 _ : @@E#rev     Y@@0@@@A:4Nqd >7! *=,LJ'Zou5cljg,_)c?]ؙwW3k<-2 cte-Ke0 3J6F,$=d&o\8-s\A,/P)86:~v7,M54 4t&.`pj Sj;ko{B @@ E#sealsign     @@@@"$%38gDpF1U;6]aWh#:'5I8rg] 5ck%j_KU5a*|?7Z7 8GUW5 8 @@E#seal     @@@@9o=*2tzmV3gjf35›ƚ3yɢh0g}91}ťn2ZIӬ91aĽ[_ . H@K&&+_'>,z}P{'2;<f_;QD@:NE .&:/ǫRH@4 G3<2E2A1>2o0"3-Tq GNo} /4(0$<?R:\;9( T@@E#text     Fd@@x@@V8N -4^$/ZI/  IL-NFM^jRbrz`gt +6#'Q' ;BYZCUQ+,)DWC4{  J:-`MgYG%aU:--Wg\rw~iQ1  87 ";H& @@ New Layer     o@@@@%Mxµ}~vnӾ}zwu{ȵ}zxuqnki_Ĭzw¾xµ}~vnӾ}zwu{ȵ}zxuqnki_Ĭzw¾Txtµ}~vnӾ}zwu{ȵ}zxuqnki_Ĭzw¾{Mį}zuqlgbWK7ǹ{wrmjea]WTaKFBb]YTOIC5+!¿{wsnie`\XSOKFB>95TNHB;9.)/ÿ{wrnjea\XSOKFB=941,'$>820{wr|uplgT>9YTOJD?80{w~}zupfc^[SKį}zuqlgbWK7ǹ{wrmjea]WTaKFBb]YTOIC5+!¿{wsnie`\XSOKFB>95TNHB;9.)/ÿ{wrnjea\XSOKFB=941,'$>820{wr|uplgT>9YTOJD?80{w~}zupfc^[SKTį}zuqlgbWK71ǹ{wrmjea]WTaKFBb]YTOIC5+!¿{wsnie`\XSOKFB>95TNHB;9.)/ÿ{wrnjea\XSOKFB=941,'$>820{wr|uplgT>9YTOJD?80{w~}zupfc^[SK8M¿}zvspmhda\WOD1zwtomiea^[WTQMJFU?<8YUQNJC?2(!տ~zwsolheb^ZWTPMJFB?<951.LHD?68.)/ɴzwsplieb^[XTQMIGC?<851.+'$ ;620źolifb^}zvsogd`\K52QNIE@<50¾fbl{zwspmid[XURKE¿}zvspmhda\WOD1zwtomiea^[WTQMJFU?<8YUQNJC?2(!տ~zwsolheb^ZWTPMJFB?<951.LHD?68.)/ɴzwsplieb^[XTQMIGC?<851.+'$ ;620źolifb^}zvsogd`\K52QNIE@<50¾fbl{zwspmid[XURKETտ¿}zvspmhda\WOD1,zwtomiea^[WTQMJFU?<8YUQNJC?2(!տ~zwsolheb^ZWTPMJFB?<951.LHD?68.)/ɴzwsplieb^[XTQMIGC?<851.+'$ ;620źolifb^}zvsogd`\K52QNIE@<50չ¾fbl{zwspmid[XURKE4M.?QdwȺwdQ?.4d(՛d4N2NN2N4d(՛d4.?QdwȺwdQ?..?QdwȺwdQ?.4d(՛d4N2NN2N4d(՛d4.?QdwȺwdQ?.T '@WlǻlW@' >s(Ǡs>22>s(Ǡs> '@WlǻlW@' @@E#band     +@@,@@,-D8&1*%JI@*29 BkZK 3>BYc^A21SQ#"/lcT1?T;ReY;1DN: 9hX;1GI2+*fW61IJ+_V70PCMV=0Q?2GYE/BA6>_R.;=%2`U,.@;_ZE*AR8'M`U6+"@ZT<#2^_U<8 $!E=DNb`TE!MY[ZP?6($T]}td_J7*HUXY[RE8 )Uexr^Z?%%AS\XVYTB';]cfZI+;V[WUVYG-"*@_#" +<  ;3+ 3, 2.# 3"%3)3&32 11=/1 - +  =2 $?4   ! ##((! '-)  5  ;3+ 3, 2.# 3"%3)3&32 11=/1 - +  =2 $?4   ! ##((! '-)  5  'EA;#8bm3I*2| 61Y_g1 80R0#<0".l0"#>0"ũ0+щ />| Z/sy}-Kw.)MxE!$*Nwo;ĀD!NM9!J" BQ!Q 8= )] 6G\-^ ]"%.X/ˀ< @@E#Paper     3y@@3@@345:v 'gM`k!Vg>N}6o%ໟ{$b~ nռN I^ *sûmƺbjý񝠬OȵnȷtP .fIJ󯴹 Lħ򭳾M +}h׻䢣 佮kջ ir𬭭l ߯¿S 8ޒ ;.PK4argjtԦ"@YدTq&Lm|ŵǶC' 43:p 'dK\f!RVg=Jx-}o$ճt"`~ i̶N D^ (nžûmǻbf¼񝠬Kȴn Ƶ栟tN -b󯴹 H򭳾M (wcзغ䢣 ٴgտҹ 融dmʿ𬭭k ߧ¿K 6ସݑ 8(Gz}C.[lbhrԦ"@YٮRq&JhyǶC& 4&:Rm'L8o EL!;ANˬ-8jjaY!\hVpžqqdW E^Ŀ³`N}tzhE 2fitqƩG R|œR`JK됏ɻq8ˣRm햜ɌW: "J{i 6~; Y|J񡠤ȉc a|fM򡢣Ȏi euiJRĂP }c8 (nĿm *5[]f1"BOIMVi{}" -Ag=V&4KXlsvswuy3 p 7$r=Wd7 <6NnC* %7XpN0#  +HReu~b"H3%r  %N3 i ! 32 _0 \ +   E C IkUhyd;';fz _%):ZotK- Mxca-RELEASE.2.2.1/xcf/cert.xcf0000644000175000017500000115360013614632167015142 0ustar tewardtewardgimp xcf file BBj/ gimp-commentCreated with The GIMPݐp1  E#revoked     jT x $4DTdt&6IdH   1|T vq 2BRbrԂԒԢԲ=<=<<<=<<===<===<==<===<=<=<==<=<==<<<=<<<<<<=<===<<<<=<======<=<<=<<<<<<=<=<=<<=====<<==<<=<<=<<<<<<==<===<<=<<<==<<<<<======<<=====<========<===<<<<<==<<<<<=<<===<<<<<=<ϒte_cfv[* 2PY 9|݌. 5n. )% f I   )+#Z#,Pp_C1($  x-.2A˜Q& kov  'ܫ    l #z  =  :Y 4    | ![ N  F %{\    "q  C%:    LN  !V)  )",$ w.  ,8*/! ]/ 'A<(  0y( B E)  1#Sދ E!2  ^"WsN4  ^$_[h.7  Mlݿ.=   < o1   / w$    )~G   lހ     }U X   yT ^1@   vOo  pL"^"   da"d8'  fX rv*  gln #A 4z#   _wh!ڈ/|  \t U)dѧ #"  Vs&&dwg#    [t ;e;   da6 5|x h  "sN |m3{By $:C= D   0& %A8 U"    /yT[]^?  g3  08   ίvQ  20 6  ̘Z  j! -    ݘN  Y '   t cI  ? W޿݃  t Gc -˨o %&5g 5L ?elS Mmާt  KnzZN  Qjtu   jW߇  }EB '  2ɼŨ ϓvheejtZ(!5Q_9|؎&  !%>k7 ! &b O  "*6! !!T! $'0On`A30$  !  #uڻ3!"-*?F !"$ ip{  . k !'٘~  A  !EZ 9!~ #[)L I)y`!  &t = :  OU " R$  (-- v+  / <-2'     \3!A5&     2w- C A)(   3/ Sڋ G8  _.TuQ8 \# a\n3?  H"nܿ#/= =' m.  1&w  *O  p!}     }W"X   vV_+> vP!!i  kK 'N  hc!ۼj;,iZ$j 'x4    gp#j=7x!bxd*ߋ3~" YrS.\Ϊ  Vt //c{`؀"   [t :f# >  c` 3 ;~u  g#   "lRvl7}  ?w!  ':E8D   1&   %@< W( 1xyKS^\>  k,  ,8 ̪vS :*    0  ˓a  l$   $  ڛP   Y#   *! s aM(   ;  Ձ    V  ڂ    qʃ N e     ,˨o% ڀ,     7h 4M       Df k  X   Mkz Gkw\ ހO   Zlr s   n^    "~IF *    %:ǽǧ ا}vy|p;#!%Afk &$%!(KޓB !'$  !#2P|42B@2#&"# !"'#!)8xL "$(*(@L&&5&#'&*!n'   (t%kZA_!<;}  H/T"ed$%lE@7 #L#/ N) :#N6I8  /j8.KQC"  B6 J# [DE >5 aޒd>Xk. cxj6R6 j0%kc5K[[/$x@P_J-!"|M# <+%2 3&,*[ /t)) *`$-k,  )_#+w =N-+`0*+z4*W =2k9,|hlZJ *xc #u 9K)2w{%q0U#JF!+t~j(@ 8=',l|h.@tײ1 '=* )iz9 @tǁ  m@. -ox  3Mv+  A62"3ri6 +N !jހ231;Vzo&D G-5?UJD"R%?19 D\@ c- $ISXdbA !w/< 6I?   ԳZB-: 2=:   ўc"t-A 1<5 ߡ[ h0B  -D%   |  t`=9  4X#    ݾۇ ';@  9l   ގ 5   #9υ [  l. &  -IϪw 1"  :!;   -Um7d  /   ,Yl r  b     *Yx ,    *[tf Z      cx y  }   0u_  '  8M E>    4D˿ʭ ?J5 .9   .`?   DZ O   #   J )J . DO   p &&k&D'%9D#O!` p     D  J  O D p ? #{ `kpv   UZ  k 9 #  #  O pU pv U  ǭȵĽԹӹȱęЩ໛»ֺݽ֭׷پˠӻ@ܸϲۀַpЭֿ´ҾǬȴҾƼ &ؿƴ1AɺͲߵ kͿ׺ϸ.ݱʸȸؾYָԾӯڿ϶ɰCȳ݀ؿзwŨʳҲϩݺغRغٿtڿեĨ ͣު˺W<.Ԩ޾ֺ2'ǕܑⲤًܿ) h۬㽞îӸ-Wݽßȶɭ+*w˚Ďնӹm  '׹޳ޜǶQ B㮟մ93ނ注غ"'`ե ]Ե޺ #nȶjz!/ݢ8J]ĹDzcŰζ }߾ٵ# ʤݷ   2ὣހ߃  SrȥN  aYӭڍ# v=FظK  #f?߿݀׋"  6hŬt; 4   T!wϳA0O  _ ߲ 'K l ' / ! DϰO4  2 ߡ G' m 61R  _f Q  t <ȧ G 8 'ᬡ)  Qʀ w Y攓O  cݨ qɕp vѿS fɵ v̘ |J a  I縝 }F iDZŵľޙ澖лϸƱŲ́޻ٺҺ߀ؼհ׹ֿǣѻ6¬׷ɲҹ rͯԽ܀ƭŵѿ¾!/Ƶ; F˻ϵ !nܖӽι!0ʹȺ ]ۓջӾϯ ֻ˸Ű ! IǶԿϹܺ  y©ʴϲέٸԺ UѺܙؿ oؿϫ¨̤ݪ˺[!@:ӫܲػ޿4&ĖಧՍ- !lڭ἟įθ) V۽¢˶ǭ“* )xʛÏ۪Գλq,ӺݠƸM !$Aݶ߯Ѻ?$6ڌⶩӶ,%+\ͨ_Թ#*sʺo{6ª3K¿#WŻIJ ců˶ !~յ(ϥٷ   3ݽ   QqǦJ   _[ùϭڋ#  x>FָJ -f Bݿ۳Ԍ* ! :eĭr? 2 T'wͲ?.P]"޵ ,M p1ê 4 %D̯R   5  8ܦ  A+iۣ6ؿ0 N  _ۿf  E t!Bŭ L   >ـ@ '⨥) U˄  u \ߓQ eޣ u"Șo  z;^ f˶ u˙s־I c Qⷞ tG k˸˼ĘտټʶȞijѯ«սíֱ׻ͤıӼIůغϳ¨sѰԿŸôɱθ®-2°ɸ+ Iξй" qҿ!$#9ͻ˽£   _ټ׶%$!!ĶҺɵ' # I˹Լ "#zįθڷ!#%г޿ٿ %aؿƩƬ  tĦڪǬ#Ψ㯚о\"H;װŘݾ6&ɛ๬īڏ, m߲çDzԿ0  `è˧Ϲϲ,#+BРɖٺԻv" Aپ塮ʺ\1<\簤ؽO&3(C껪ԳB .Dlīѫ !+j׸ƾ!)@ιo~2L9c& cŻȸ!qƲҹ,ܺ5"ժݼ! , @߁ * Z}˪O   ij¾ֱ-   TWغW   ;yS°ٓ) ,  G}!uȱwA 8  d7շI!  2X $i9㶦   /M  )~Eĭ   0  2!Xҳ^   0  ?+ð   C0 k!Lƹ< R&  1oíq  P#  u*Vɫ   J  @  .H泪%  Sϋ  xޣ"1f㗕`  eŤݬ(  2Зu  v` /xϺǿ Р  uR4m[侜 uQ#s@=<D;<;9:9986764 5 4 337J688889v!Uv)!"74 J2 2 /D e     `     4        9 `   { k e ٲ៍ݾ±ҿƳ߫βïзĽͿøIJʷ̶Ѳ۴ڳѮ˭ѹŰȹս__݀úm ֽ׽q rǯʺr  ֿٻ  +ҽߏŭ ŦͰ  hܲ߻׺ɬ B͗£: ]۴ȵ  mӮ۷  iݳc  Mګϝ  9ݹ޽  gϚЏ|ɤ   M˓])ݾ 5і  "߀ϱ fֵ&  &  )ͦG &ϲ   E<  ճc   Z9  $͖N . R  ݀⾚w  ^زJ 4h|ٱg   ๯) @Z I۶H S kǭ.( ڛ9   * +  5  N Ű j8 ,Y  Ǜ/b  S°lՓ 8hˮ+:`n֧[X  z mg    l  쥣ֶߞؾߘµ˵˳óʷƽøIJ̷˶ҳ׵ܳѬͯзijƹҼc%"ażp տ޺ؿl nȰɹr ϼվ  1ϽŰ Ƨ߂˭ eٶ׽Ĭ A͛ħ6 ^ڲʶ mϨڷ jٰ]  Qڮ۶ˠ $:ܹ  "iΞђɥ Rʗ_)ށ۾ 8͙ %ί fԱ& .  ,̥K *γ   IA  Ҷf  ];  +ڀ͚T 5 ĪR  ῜z   ]ֲM 1h xױi  ݺ) 8]  HַK  U  mDz5 #*  ܀ݝ@     .   6  H &Ǯn  < 5Z  ʠ<  `   U dҖ  8 bǫ ̾) =e gթ ^ S  mh  h  򥩥ởūƸ÷θϹɶκ»ùƽȷμл׸߹߹ִϳűԻȷɺh"*'^Ǿp vqʶξv ݿ 2DZ! ȫմ nἤ²Ȯ SҢƩ; mܷκ .}խ߽  (v⸖ħp#,_ⱟר"1K⿒ƞ  $2qԣӕΪ  !*ZЙd<«   )>֛7϶  %)nڼ,BĴ    ;ѧU >Ը#    OI   "׻p   cD 2ҟZ < "ĬW Ġ|    eճX=n  y۵m   +޽6 O` BںO a tͱ44, ޤC   .*++  .     V:ƲƑ n  J  $" Af     (ͨ/ ]  !Y±  bݗ  #F  aϳ 3  $Cke׫ c $e    5up    $r    7644577565434 )2 D       k k            9  ?9          D    ܸٺȽܮ;ܽοجͱëͮԶӺ¨̮݀ѽҼᾩ˶ճ˷ķ䴕ɳ_fүnEѿ彡̫+¾Z y³ٹŢƍɭl˾͢˻U  ®/AÓģZ  4ǯژ   ι޲Dz@ H#  cس˰G Sż۳(  Ƴά bǾHoּ ܾ} oj ߱  j VΨa  D  Ʒ䶤  : AѨL   ճ  'ƸD hȶ ʻ<  л  -Ÿ  kk Į  ǵ   ҾǸ) ֻƹU  ռǶݩ  ѷȻɺ3 9Ҵů  AǮΰO̶Ʃه  Q' [ӻ   rߔ2 _ĵ   e7 kù 1U qøzp  k yδ* pp x׳  ds c }xS% t T ţxb^  UuN X rB ףh /mD  [Z~  4T\uH QBʯr  h ?x ޲js ѫP䤡DԼA,ؼ˾yγ5 pУ עⰡdڻ׷ƾڱͿھ׭Ͷ¯ɯӶڀԽͱѻѼܽǰش̴Ķ޶˴imԱxM̿ݿȬ۶4ds¶ԺŦď ǰt̥݀0˼X  1 @ǽå] 4˳ך   λڲŰE  Iʾ*   dùڳDzI NȻ״,  ŴЪ¶ dO jԸڽƈ  kk  ౭ q QͦbC   Ź㶥  ;   AΩM     Թݓ   %ùE   fǹ   ɺ ݡB    λ  -ȷ  iݳl ǯ    ƶ  $ Ѻ+   ʽ߽Z ڿȷ  ηȺ  !˽ȹ)  .ӷ  =DZ˱ !ھ J˹ƪ׎ [- Vҽ    !s9 Zõ   d@   h¹    1[ l¸yr  ݙo t͵/ lxuյ*   cy `  {xR7  !v S%  ĦeYSyL  Wx @  ϡi  2n G ` Z 5؁ U_ oI J;ϯ|   e    A u~pu   ЪV   ڪJֿJ  %} δ9   fͤԦ$  }ݵ_߻߻߶ñìòߴθŲѰ׻¿Ǫѯh¾ò˶ۺͺǺ滘̷txٶT´ϲ 7j !{ɺܽɪȖ ҳy#÷Щ[  Ų<9Ɯƪj *ʶÿ٢$ Ӽ⸧ιRK5   fú߸ϸPQ۹7     ɷұŻ fQ f׿Ǩʎ jq ³渰  {  ZҬj#J( ȼ꺫&C  @ҪY غ!  ,ɼP    i˺    ;J         .ɼ  lƴv   IJ    ɹ   ǻ1   ̿]   ¼ʺ  ҽȽ   ˽)   .۷²    Bʹϴ  #  Iҷʭޒ  [5  P     qD  ]Ǹ   ]I iƼ  (^  oƼr    w  wԹ9     k  p۷1     e|  _' Z9     V+ ˩~i_ P I  ^ } B  اn(  1t  D  d Y  2 Sj nP K 9ϴ (   h    GÝq  x w  ح ^  ܫQĭK 7ȇ Ӹ?   nץܧ-  ߺh#!k " $ $ ' &  )v ) ++---/00 / 2 2 2 2 2 3          Z k  Up  p OU ` J D  k   )  O k 9#   4 # _ƺ߫ҶƱݥȶѼб͜ƻ¸Ȥʬû֩ݿӴÛƹƵϳöȼھ͘ɾ߿ǫϪɰʚ׶ɵҲͽùҵۖİӷ¹Ѽܔ׸ż±ӷľ̻Ͱ´Ĺ̠۬ƴQƼɿۼŸξIõϴ0ڀ ³"ȶռ˵Įǻͺ¼ϸóɵȵ禲̸ʪրǷgٰͳĶɶɸT ة׿νǴL ͟ѳ׼Ź\ΦƲѸխбڹ׺ŷĬ߉ĭϽԽƫ۽֠Ϳо֊ּʭؾ߹ظ\ģ HgX|vH+< Fޒ> ʥ~A QҸ#)   9ٻ_'  )Կc!  #¡1c ?ȫ ͳCX ¬ Y 4~ xȥ8&  ƺ h ^3 7ǵ݀ź۬ѹů٥ǵӼҴ߸¸̠ûÀ˥ǯŻ٭IJɨϵƖ¹˶ôζŸǿ׿͝Ǭ̥ͱʛԾ׹ȵҳ˽¹ն³Ӷ¹ϻٹŽո˻ͱޙú̢õZŻƾ£̻Oĵʹ:׾-ɷ¨սʵƻ6ͻ¥̹ƾأɸĸʶƫǸlձ˵ɷ˸[֬ξƵ] ˟׀̳Ҹųý`̧ŰͷӪ̳ٻ¸ĬоҽǮӀ׻ǾϾ½Իɪ޹¾ֶ^ Fm^ zOx(C ?E ̬KVи ,- <պ\)  &݄о ^!  1c   FǮ   y˶7W  ] 3~  rǤ 4&   ƻa^7;ŵĸ᯶ǰ־Ͷ߫˺պùСȲƿþѭ˶ɿݲŹغǡſŨλĸԺͽưҞ°ʮӲ̸ӣúܻʹظƽؼĺȵپż©߾Ķ۽ƵýշƹȿƲҧǺaþȨ¬PǺɹƲҹ>ƴ߇ĭƸ.νôϺȲԿêſѽۀŸƷީνȻͽѰ˼wݶѸɻͺ̽e߬ހȨIJλdԨѲӽʸĹpѫʷսúӴԷʼȹȯɳéȳè¿ĩ˯忨ۼ_ǩ Co` vS w 'H" HM ҪT XӾ '9  0׿\0 Ĩ [0  ʧ+o  >޵̳ + ~Ӿ :h  !Ķe  :ܝ   wʬ /7   ` a= A˹?========<<==>?==OpJO    J   )p꡸歳쫴ƿѾͷ̽õнuT^̾Ķ 6  Q   ] 5  Y  D  O B R  ]  ?    6  `o  В< /мe  zӿƬ`  nIJէO  JĬΘ@  Yศ¨ϋ@   7TӿǑI  `̳ȃ+ (t7 ?ȢРG   %uӷѼn( 4⽨ĐA  *ҵQ  ֤߉ qR( (V   Eֱh   a2x  sU JJ   t61   8W2  -z r$   21 4   /n O   ܾ.  l   󣸱⟞֕殮箱ݮž°ɷʼĴ̼wS`ƽ$ø9 N ^  4 X  ?  J  A H X  7      D   _ہ  ЙF  ̹i   uѿƧ_   nòѣS%   IıЛF  P۴ѕJ    1SǘZ"   ^εȇ1  &o6  <ţТH   %pϸѺs,   4ȓI  +ؠӸY   ֨  h֩ ֪T+'+a  Fֲj  W5  m[ JT   u=8   <Q3   'w  m/   ,?-   1pW  5i   롺ܦ֚ꫨⱸﲸź÷ôлȺ~_bĻ%ƻ6  R  ]6 Z  ;  I =  F  Q   A $    ^    J    ԠL   տm    |òũf   pɷڬY!    Iɴ֨T    Pܸŭ٣S   -MöΟ^(   f  Ի·4   *p?  8˫֨M    &qսx4   7ªϚN   )֪f    g  [/!0g ;n   X8   q[IT  z9B  AE@    ! mE .C/ -y{f! =i)  `9e8987J4 4 3 2 10/.--,v,,+,..$&p D'*.) 1 04 2 , * )4{ & J$ % # " k  =<==<<<=====<<==<<<=r<6=`<<========<==<=<=<<=<?=<====<<<<====<<<=<=p<4=]<=<==<<<<====<=<<<=<<?=<<<====<==<<=<==<<=~<?=a<<<===<============<<@<> H  -%&щ   ?1̶Gތ   [Fռ-   uj Lŵ7   cHѲB    W]޼Q*Tq̮~ 7Q س   6E ɧ I  2: ϲ˩vW ( #7 ڼ}dR@% uɮ-ɴuS; 3O%ΰ~-  (ղb#  ԫ@2    Q_    !)99  (]zoe^SA5)   6n z QoW-  &: ` 6~G$   ! g ] $ލ€6   WE٣_  nܾp,   Ŝ\   -ކ!  ފ'  ً6ю7  jдӛBԽЪkT´¼пƸ?P   2&#׿Ҋ}   C&/˹R&  \GҾ'    skJ<   "i GҮ?    ([ \ڿQ  0W rʱ|    8Vش܀  # =G ɩ#  I )B³ŽvhV>%    ˱>͹ĆpZ) !   4Gc3ϵ@       52ڵr/  #%دFO   gހ+s        6DX@ ;nwphWK?,#  4:@V   j̿rM  2@H_q "" %QΎbA =7{ l 9ɐO0   OVs4  sńS/  ϭp  # 1( <!ܛK$Ԛ?oչ֥L ´Ҳr^˼ôƼ? O 4&v&&%%` 9&&U# O)k9UJ#%* ,  O#k`vv)#*`J. 2 5799<   ٩ u/ &˷   wͧ  m$ ?;   hʜ"  Z 3p XÒA  2 3۶ .Ṗh G/  %߲ Føt ݭ QŨ¨  ٨ N֮%  ˤ,  :Ƴƽ1  qؿT +Yͬȱʼ% Xֽk ˮζ'   Xγu ݹ̳"  _Ŵk פмr  V߶q ӯگл  UۮB| 챙 TŸ.w ՟ۀ]437 I FO  2\s@{  $  j  6aԄ- ޺ @. { ή (KI    2Э0 9J  Od  LהO    L Nڿs ((AP!   87oڈܽ  Ph  9 "x̨ܼm  w'    C쥎b  D`Sتݚn   *Tֻ6 Tˢדւ>(7Tζ   vѵۨ݇­ >ܸжʺN PǤϸx`Yɨ̴͵ܵаֺ̹׸ǸƝĪôހֶ̭íȫһͯƹͷ̴ȵյĮŴػҳɯıèޥ˵ͳЮε? ݯ y, *Ƕ/ |ϡ  r& <ƻjɟ& U ;oT“C  2  <ٵ/ܹk   N½4$۵  L¹r$۰   Mի Mѿ"Ǩ/ @Ƴļ3t׿P 4\ʭŲļ$Yָf ʱͶ''Uα׀q ٷ˴ ]ȸk  ֤̼q Tٷu  ϯϻ  $Q֯D~ 뱜  %Tģ/u ֣`856  M =R 5[t   ?}    l} 9c֌ ) ĭ ۻ K( z{  ΰ ,EJ  4Ѯ, !4J  _k IԘR      M Oq  'AR)    <5p܉ھ*    Qj  ;*zڼ˥h  tٲ+   ;־餔`Ka X֪ܚk 0SکԻ: YɢՐӃD5>V͸$  $wڀ϶٥±  A۹̷˻HJǥ˹s`Z˩˴̶ϳ˸ոַǹȞªõҴʰɮެϾʲŷϹ͸ƸѶìŷ׼Ӹdzòǫʶʶϭ˸? -߭  y8 Cͻ "~ԫ   p/"P,tС*  ]L{7bʔN   1I!F侟m   _E?幥   XȽz@ߴ  bʰҫ9ܬ  Xų.2Ϭ4 H˹ǿ<+~ƥY  :fαͷ1.k׼p $Ҳн63oϷx  !⾤ѹ8.uʹw ٭ޅv #mܶx شѾ  ,qܱC 񹞨݀Ľ ,lȤ=   ؤf>;7  a  Fc  " 5i|  _  .  ! l XsՍ  '  ¯⿦4M !   '*ҳ&  -MX  ,Pհ8    JX bt/a֝Z   " T 1`ĩ {  +Ѫo4 1 (   $Uŝo#4$&0dg- *k߭⟛}3*FqުվD  -lϪܙܔT>KoѺ)/ֺƴŴ Jһ;L^ͨһĺzdcѮͻѷ׵ѻݿܼ˺ͣȮȶڻϴȵγôϷŮߺʻԼѶʼٺʰʸۿؼεȶʯӸԼյԺ?  {     O          J  `   D U#  Z e      O e   Z58:#   M +  T ' a { l 7 a q M  E ve-/ ~.   & + ~ 5  x" H¿ {, W  y d  b ſٺ  Խ1 {  ~ x  ʤG  0 A eͿ   v xi  J_  F  =2  ~w    |:U d !i͖<o 7$P .  ~}    }7V   e bЖ:s'     2# R          }    ʨ _   $     F  $e    r | [j   X   B:  {   @ ^ g  +i؟C u%    G+[     J0$  'XgY  Y4 p   %ؼ+ Q0  LX [}?wҕ? J       e       ` 9 ? 9  J  k  Z  e  ? 9    D  e         v   !`D!k  Z4 # 4 D J 3 68;?*Ҭ  ͍Zֽ ԹT׻y ѸY ѱl,d ǰ3A ?] r\ 5idxݭFL WȼIe EŽJD , .*  UP>ߠ y޶E(0l|GH񭬬K C!Ƈ yׁt ߵj~m> ۯթF5iyk⺐![* ᠡӉ G~ 9֢;LG8 L翦!I; Zجͥs4(aH wȵW f Y ɔ[ # {G _  .:U}'wz n΅  :F  mŢ\ Lk YʼnI   2IJ   X^%  < $ ݾ E -; c  LW  ^  I0 Ƒ t߁ۇ  q ޾v oJ ۀ񰚟TAs pc' g;⫣Ӑ  V # DৱK  NQ -Në  %U :Tկɬv?+h {P  nʹZ   s T ϛk  -   B i ,@T -{ hӌ(  5P   wͱm,   My  ^ˌO E, J߾d "jV   $/ I|   i3  /O4-  Wq5Gx #ϣH1"k믖ųʠܭ˙ٮʬͩŮ?        U p k   #  Z  )    4 k 4   4   e          ?v  O 4p.   k 9 .9 ߗ X\¸Ї g rɭԔ .`  ܶL -qNTȦJX #k  xbu! Z x \  } ( L  l 6 <  =<  NV ۚa 5ڨU < Gǜbހ6  >  nն{) Ӳ  M MÝ fc  aӳ؜   ˶ɦ y  ·ͫ   dٿ3  0Ӷ̻nUc ؽn   e  5ȧn VЍ Ͼe| ݹ â  eGvէ ؏  xt  jA g [  *?F "- ,3 4  o6" L V޾  Dȱǥ`LFE?1  ; 1y  + 0خɱǛX    Qc514  c\ಟѴЎ?  tٺt< 2ע­̩D 3۬rJ~1(aŚ̷׹= XȢЯߴJ &ԮǨݭHΛطd ހغĪNϰڣ۽ƴ˧жѷĜ?ٚ Z ]̈́ h  qɰ͓ -g  , ڴH/yU^  ƦJ^  q   ݶ!j  u,Wz W! ڀ   %'M u > F   @G J]   b 9ة] !  D  Dǝb۴= ! z@nԷ &t0 дN Q`m  dҵ  !̳Ǧs  ͯ     eĪԽ<    6ϳμrGh 󶟤ؽҀq  ijhݪ  5ɩsTА  ˾eݺ  ! cLxѭ  ֑  qunG  j  _ 0   7ۯF(鿑3$ 4 { 8%  gɃ3"  N U۾ BŵĩaSHF;*    ;  0w 0,ޮƱŗX    Lg11<  h \ݵʹόA  qն|81Ԧ˾ͯN *ٯvHׅ;.eşɵֿL  ]ȤҬݸV   !ڀׯʥخ#AΟҹj ׻ŮQϱ٤޿ɵȫ̴͸ٽ׿?   c_ƽב n,  rβљ @x2  ߻Q 4|Tb   ͫMl %v  (u   x3\   ])    &5 K  z N P#"  DƮSG߸j #  q@஗* f#%  NNͥ bF!* |I& tڽ ! y>ֹ    X Wɦ bފx    kػ     #ϽϬ!!t   þձ  1   hŮĭD   ,վڀzTn  -ðs     Ʒs   <ѰPџ  Ɨ]  Ǧ%kP|ظ   ޛ o~ hI   n e   +   ?L09 - 6 ڃE.   fЍ0.     Q"^#  F̵˭dQBAB/     : O  A n G    J   N  & X > ^ ^ qq r ~V   5   " + < 3 p Hy  "  CP  @ 92    F  @,  @ A   K I  N J   \ R  R.K  L   Mq  <=  (<   Uiײy   f[ Blކ   bޤ*  k1  NC  Ƀ6   eۨ5  ӟ> k. 7I(}V :#      ]f   6 +  -  @  8!  P  6  i B    E   L   W  @ \  Zmu  m wX   x C  (    + 6  8   l  9~   ;\   K >5   >  ?7  I =&  B  E K  F S Q  M .U   M &  F  h 9 >   ' =    V    g  ι  t   ]]   Bp#  (fߪ1   iݩ5  DJ   |dž8  cܫA  اDl9 4R&{V5       ]r# $  H  0  3&  >  4   N <#l E    H    N # R  > ]   Y  l %  n  vf' y R %   $0  * @  -  f  B  % G[ 8 =I  H ;A  8  ?5  F  D  G C   U  T   O  /] M '  Lk < ? -A   Z   e    s  Xl   "Mz/      ,j: t;  LR    ѓF  lܵI  %کJ wB =U"V  4       U       vO .    ! ! ! ! ! ! !9 ! ! ! !  ! # !    #&(*k-` 2 46:q@D " E#rev     Yդ `lx݄ dtքִ֤֔z 0@ۧ'ܐܠܰ 0@P"85 20 6' + * ) !  ''* 7<<<., * 79:r+ )       4 5;8++         ;:99/*  , $  ,:4 / ' """ -9t#5 3   "  #*/3 (:) %" ###<<<3   $&*9+ * * * * % %**/0 <<;;   4   I;::;;51 - @D "  E#sealsign     7 [ '7GW +;K[~.>N^n~ / '  =======                                         #)=>=============<=@D " E#seal      pppp AQFw   $''49>GGH<HLH\HlR)RuRip{ppp ? <#;+::4I:=R:#>S:":3E:4E:3>:3;:7;:'=A:UD;._=, ?<;$1:,>:3E:4E:3>:3;:7;:'=A:UD;._=,  7&(,(%!6ENNF>4,( 3Z]WME?944, 1[Y`]VOG?;?D8,!.VcbdfaYOF@IMH>/ ,U`cmprlbVKFMRMH9'*R[dqzypeZPLMRTOJ=,(PTdryyrg\PMSUSPC:, &Raoy~vj^RPUVQJ@4' $RT_mw|obWRTXQMC9-" "\V]jwznaXWXSNG=4*! !ug\gvse^[[UOJC:3+#  'jjfsxjc_]WRMGA<5.% !fkq}tld^YUPLGC?:2,(  Cfsy}tjd^YUQLJHGC@7*  Nhxzof_[WUSOONF8* Pm{tld^YVTSPRUWSH9*  4Suzph`[WTURRVYZWK7%  @atld_XVUTQSX]_WD/$ !Dozpia[VTTRRW]cbU@-%  7Nttlf`YVUTSX`gkeR<,&# *R{|rkd^XUUSW`jqqeM7+'! ,_xnha[WUTU\gqwsaG3,' 7 !%!69AA92*%! 3LNHA:4.+)$ 1LJOMHA;4057.$.HRSSUPIA95<@;3' ,HPR[]]YQF=9?C@;/*FLS^fe\SJB>?BDA=1# (DGS_dfd^UKA?BDD@5/#'DEQ]djkhbXMCADEA:3( $DGOZdkqof\PFCCE@<4," "NGNXblpomeZOGFFA=7/(! !bWMVblosqj^SLIHC>94-'"  !ZYU`jpssncWPLJEA<73/*% !TZ_horsph_XQLGC>;863/)%! !9U^enrtsog^WPJFB?<<:97/# !BWdjqttrndZSLGDBA?@ACD<0# DZgpttqh^WPJFBA@?BGLI?1#  +DaosstsncZTMGDAC?AGLONB/  6Pjpsutqh^WPJEBAA?CJQVO;( 8]lrtusncZTMGDAC@AHPXZM8& .A`osutqh^WQKFBBAAIR[b]J3$ !Dfrttsne\VPJEBB@ER^gh\E." $OksutrlaXSMGDBABLZgnjX>*"  7 !%!69AA92*%! 3LNHA:4.+)$ 1LJOMHA;4057.$.HRSSUPIA95<@;3' ,HPR[]]YQF=9?C@;/*FLS^fe\SJB>?BDA=1# (DGS_dfd^UKA?BDD@5/#'DEQ]djkhbXMCADEA:3( $DGOZdkqof\PFCCE@<4," "NGNXblpomeZOGFFA=7/(! !bWMVblosqj^SLIHC>94-'"  !ZYU`jpssncWPLJEA<73/*% !TZ_horsph_XQLGC>;863/)%! !9U^enrtsog^WPJFB?<<:97/# !BWdjqttrndZSLGDBA?@ACD<0# DZgpttqh^WPJFBA@?BGLI?1#  +DaosstsncZTMGDAC?AGLONB/  6Pjpsutqh^WPJEBAA?CJQVO;( 8]lrtusncZTMGDAC@AHPXZM8& .A`osutqh^WQKFBBAAIR[b]J3$ !Dfrttsne\VPJEBB@ER^gh\E." $OksutrlaXSMGDBABLZgnjX>*"  ; : 8 |5 2r1  <:9863/ -  .--3/HZdheT;-,- ʶ~yqdXWM&.* ƶtcYV>K( s_[Z= 'ĽytP2!!rüwP@?- ù|7  ZĻ} ɿݻu! Ǿr |ɻt˿Ȼ ɺ… ǹ|´׺ɿޣ굶|  + ( %$"       @=======8q~rjd^XVURXdoz|oV7.#6fzphc^XW]s~bE9>@2"H{~tkea[WZl~dG;=D8## *ixohc^YYf~~hM=%5c~xrmiecerybJ@=Y1<%#Uv{vpkfdgpzdK@>X,;%Dl}wqmiggnzvaJ@>W*7& 7d|~ysnigjqzxaK@>U%. & .[vxroljjmxw_J@>T''&(Om{~ytqmkkowx_JA?Q+'Cbv}zvrponpv}z_J@?N5'3Wo{zwsrpprw}zaJA?J; ( 'Mgwzwtsrqrw}zdI@?I@ (C`qwvutsqrv{zfJ@?GD):Whtvvtuttw{ziL@?GK)0O`nuvuuttw{zkN@?FN%()FTgsuuvvuwzymP@?FP*(!8I^puvwwvwyyoS@>EZ-(+?VlsuwxwxzypW@>FVC(#9LfqvxyxxyxoYA>FVO)1B_nuxzxyzxn[C>EWB),9VjtxzyywmZD=D[/)%1OgtxzzyzvlYC=B`0*)*GcrxzyywmZB;@a=) 'A_owxzzxvm]E;>]8*%;Zktxyyxul\H:=ZJ$) 3RgrwxxvsiZG;5Cdc5+ .Pcklmmh]M>2Gk^)+ (K`ijlleZI:2OlG+,$H]egihcVH90VvB- BXadgf_TE60_F$-?T^`ba[OA3.L@/9OY^a`XL>2../4JVY\ZSH;.(0/EPUYWOD7+%1*?LQTRK?3(#2%8CILJB90$2 0:@C@91) 2 %07:70("2$)+)# 2 !#! 3  3  447-_quutpg\UOJEBB@FUcpsfM2%"!FhsuuslaXTOJEBACSamur\=*%" !-WpuvtogaXQLHDBAP_mxxeC+('!"=dsuurnf[TOJEBBN_lwziJ2)*&!#Nltvtpi`WPLHDBH]kx|tZ<,+)!"4]pvtrmdZSNJEBEZiw~zdC/+.("Fgsttoh_VPLGDCRht~}nR6,/+$#,UortqkbYRNJECLguuV7,02(";epssnf]UPLGDG_t~uZ;-/5,# "Vkqspi`XRNJEEWsu\@/.75#Bbmrqld\TOJGFOj~zfI2-76,"+Siprof]UOKGGPg|~jK3.8+'*F[cca_`_`cjrpS;10<0 ( =Taba`aacjroV:00:4 (6O[``abgnoX;0097)/GT]``addeino\=008<)(@MY_abddejnn^?008@ ( !8CS]`befgimn_B008B# ( .:KZ`cfggimlcC0/7K$ (#2DW^cfhijmmdI1/7F8 ) -=R\bgiijllbL1/7HB )'4MYafjkkmlaM3/7G6)"-EVagjjklk`L4/5L')&?R`fkllj_J4-3P(#)  8P_gjkkj_K3-2P3) 3M]dhkmliaO6,0M.* .HXbhjkkh^M8,0I>)'CTagikjf]L9,.HJ"* ;P_eijidZI8+.IT%* 5N]dfhgbWF5+0KX** -JZadee_UD4(2P[,+ (FX^acb]Q@0)5SS-+#AS\`aa[O>/':YO$,=QY]`_XL;,%@[<$-:OVZ\[VI:,%Hd9-5JSXZZRF7)&Q:.2FOSUTNB4'%@7/-BKRTTL>1&%'/)>HLOMG;-# 0$9CJMKC7+!1 4?EHF?3(2 .8>@>7.%2&0585.&2'-0-' 2 !#! 2 3  3 458-_quutpg\UOJEBB@FUcpsfM2%"!FhsuuslaXTOJEBACSamur\=*%" !-WpuvtogaXQLHDBAP_mxxeC+('!"=dsuurnf[TOJEBBN_lwziJ2)*&!#Nltvtpi`WPLHDBH]kx|tZ<,+)!"4]pvtrmdZSNJEBEZiw~zdC/+.("Fgsttoh_VPLGDCRht~}nR6,/+$#,UortqkbYRNJECLguuV7,02(";epssnf]UPLGDG_t~uZ;-/5,# "Vkqspi`XRNJEEWsu\@/.75#Bbmrqld\TOJGFOj~zfI2-76,"+Siprof]UOKGGPg|~jK3.8+'*F[cca_`_`cjrpS;10<0 ( =Taba`aacjroV:00:4 (6O[``abgnoX;0097)/GT]``addeino\=008<)(@MY_abddejnn^?008@ ( !8CS]`befgimn_B008B# ( .:KZ`cfggimlcC0/7K$ (#2DW^cfhijmmdI1/7F8 ) -=R\bgiijllbL1/7HB )'4MYafjkkmlaM3/7G6)"-EVagjjklk`L4/5L')&?R`fkllj_J4-3P(#)  8P_gjkkj_K3-2P3) 3M]dhkmliaO6,0M.* .HXbhjkkh^M8,0I>)'CTagikjf]L9,.HJ"* ;P_eijidZI8+.IT%* 5N]dfhgbWF5+0KX** -JZadee_UD4(2P[,+ (FX^acb]Q@0)5SS-+#AS\`aa[O>/':YO$,=QY]`_XL;,%@[<$-:OVZ\[VI:,%Hd9-5JSXZZRF7)&Q:.2FOSUTNB4'%@7/-BKRTTL>1&%'/)>HLOMG;-# 0$9CJMKC7+!1 4?EHF?3(2 .8>@>7.%2&0585.&2'-0-' 2 !#! 2 3  3 4581 . |+J*6v) B(O'/' '¾'þ'վ'ջ' ֺ'(ÿ(?( (0½)ÿ*w*+ ¾,, »- .ƻ/ ÷0 3 ͻ4 5 6r:<<W<=2 8 W7+W3+ 0 /r 0| 1=3"3^ 3 7q h, *((''''&&&&&&$$$%'''())) * + ,. 0 055689;<===>;:9863 .- , ,+,-,-.//0 'ȿ䪫 ¸ɾڜźۚ÷ڕ󿲬ޏ۹}‰~Ύ¨ܘݧݖݧזΨ􈉈ߍ̦݌ǣ􆇆⋍Ģ򅄅߈á񄈋߆Ġ߆£󌉈å냂ᅈ¤¡ق숆́Ѐ¨ڂ®ŀςǻɁºȁż၃ž󰬪ށ貭ǂ¿κþݛ. J݁Ź݌ E ¼ Z ü $ q !u&20j 0W 2 º e %!#$&%'()* ++ * )447             v  % % %-0 =7<0;ӻr8}8"7+6oW 3۬ 2ݯ1}1ݼ112222 132 24r33 4ܯ 5r6r8ȸr========<<;:9776532110/////{/e///001112 2 3 57<~< <<%=5050E:4''$$@TG3 HLNMKP\S1'4LXcdb`^]Y0-4D[ellmlhc`\/455Ifonnmlie`,+DO\_hnooponlgb+)*5Qcidgoqoopmid*$@::;\ekoolopopoomid*DNLQ\msqroprqpoonkhd !$>ASctms{zvvsrsrppnmjhd#!!#-;ObjXAk}z|zwuvusrssrplh$XNNLOSVdr|~}|zyxxvtpmi )W]OF4Qkxss{}|{{xwsplh !+2?M[blv{~}||{zvsplh '/6D[m{}}zxtpnjf$,5AN_q}}{wuqlieb(/9DQ_mz~{wspljhfb`%09BMXgt~ztqnkifbb^Z"-6?HUamz~yuromiec`[\V (4BLD1 !+@JQRRONMJ0&+8LTZYZYVROL/+,,=U\[[ZYVSN,$8ALOU[\[\[ZXUP+##,CRWRT\\[Z[[ZXUQ*6102LSY\\X[[ZYXUQ*9AADK[_\][\]\[ZYXVTP 47FSjaZ`ed``_\^\ZZXWVSQ'2CT[I7Zn{xieeda``_][]\[YVSJBB@BEIT`hnnxzyvqkggeecc`b``]ZXT #JPC<,EZkktqkf`agntwxxvtqnkjigedcca`\YVS$*5AMS\dij~~|yupopqwwutsponmkjhffddb`]ZWT '-:N]itwwz~{xyxwvtrpqnmkhgffca^[WTR%+6AQanv|z{{}{xvurspnkiggfa^ZVTQO!&/8DQ^ku{{|{y|{xxuupokiea]ZVUSRNL'/6@JXepx~|y|{vuqoje_[XVTRNNKG $+4;GS_ku|}~{vtpid_\YXUQOLHID *08CMYdox~zuqkea_\YVROKJHEC%+4=HR^ju}~wsmfda_\XURNKHGDE &/8BLXdoz}uoieb_\ZWUQNJFFBD *3<84-< <<<,(5(914!!5E;3<@A@>BLD1 !+@JQRRONMJ0&+8LTZYZYVROL/+,,=U\[[ZYVSN,$8ALOU[\[\[ZXUP+##,CRWRT\\[Z[[ZXUQ*6102LSY\\X[[ZYXUQ*9AADK[_\][\]\[ZYXVTP 47FSjaZ`ed``_\^\ZZXWVSQ'2CT[I7Zn{xieeda``_][]\[YVSJBB@BEIT`hnnxzyvqkggeecc`b``]ZXT #JPC<,EZkktqkf`agntwxxvtqnkjigedcca`\YVS$*5AMS\dij~~|yupopqwwutsponmkjhffddb`]ZWT '-:N]itwwz~{xyxwvtrpqnmkhgffca^[WTR%+6AQanv|z{{}{xvurspnkiggfa^ZVTQO!&/8DQ^ku{{|{y|{xxuupokiea]ZVUSRNL'/6@JXepx~|y|{vuqoje_[XVTRNNKG $+4;GS_ku|}~{vtpid_\YXUQOLHID *08CMYdox~zuqkea_\YVROKJHEC%+4=HR^ju}~wsmfda_\XURNKHGDE &/8BLXdoz}uoieb_\ZWUQNJFFBD *3<84-< : : 87*75% 6;*! 5J5$ 4UE0 3YP>*4[RH5!  4]TI9%4^UK:( 4^WL<' 4_XN=' 4b[O?* 3e]SC/!3c]SF5& 3d]TH;+!!3b\SH>/&# 2_[SG@2)# 2ZUQG@/- 2WPNG>2( 2TPLFB) 2QOJJ2% 2NPI?1 3NKB84GC7#8>6)88+ 8. 8* 9<: : 9 7# 7, 60! 5<, 4F9(3HB3! 4JC;+ 4KD8+@K9 0G: 0 r0.. - -   .  . / / 0  "!1  $&%%2 #'*+3  !%++3# !(.4 %&!!$-5 *)%#(6 %*,'(7'.-+7,718"4<9'::' r0.. - -   .  . / / 0  "!1  $&%%2 #'*+3  !%++3# !(.4 %&!!$-5 *)%#(6 %*,'(7'.-+7,718"4<9'::' @=; : 7 7 0 (! .*,'# *$21/-'%  (#.44630.*'$# %$%(-488641/,*(# .)'&+087651.,))'&%$$&'*)+'(%$"/.-.6>ET^de`\TOLGEA>><;996511)+)873368>EMTX[\[XWUSOLKHFCA?=<77/10><::;=@CFHIJJIHIGGEEDCA@@=?:;574=@C@@ABA@?>==>==>?@?AG;+  :BGGFECA?=;9:88776656678::8CJ<-% "!7@HMMLJIFC@=;997755421//../-18<84.**&,6;;976542/.,,*+*++,/0033220-3.<;CFORRQOMJGDA>>;988521100/..--,,+,+,..2.0(*.E@DBLSUUTRPMKHHECAACDCBA?=<:76320.,+**,//2.!$LKJFIPUXYXVWVXWUTTVSSQPMLIHDC?=:7420,+)(()+,21 FSTQLMQW\]__^__^[YWVSRONKHEC@=<952/-*)'&&'),  @=;: 8  7  0 .!" *'%$" ("((*'%#! &"'+*)(%"!   $ !%+*)(%#!!!" $#)06CLQRNJC?<96200..-,**&'!#",+(')+06><;9630.++*)(&&$"!  ! "%%')*))'%*% 0/58?@@?=;8530..+*))&%$$##"!!"$%(&'!$&7264<:865310//1211//,,*('&$#"  "'&)%>;<7:>CDDCBBCAA@@A??=<:96510-,*(%$"  "#))  9DCA==?EHIJJIJIHECB@?=;97420/,,*'%" !$  @=;: 8  7  0 .!" *'%$" ("((*'%#! &"'+*)(%"!   $ !%+*)(%#!!!" $#)06CLQRNJC?<96200..-,**&'!#",+(')+06><;9630.++*)(&&$"!  ! "%%')*))'%*% 0/58?@@?=;8530..+*))&%$$##"!!"$%(&'!$&7264<:865310//1211//,,*('&$#"  "'&)%>;<7:>CDDCBBCAA@@A??=<:96510-,*(%$"  "#))  9DCA==?EHIJJIJIHECB@?=;97420/,,*'%" !$ # WW 9 W9WW9jԗ 8 ݀8 ݘ8|5++5l 6|7q 7Wݼ 8 j  6<;;::98886654 4 4344 45{677" $)5?LWep|znkje^ZVTRQNHC:1"%,7CQ\goz}ojid\VRPNKFA:3*"((/5@N[gr||rjge\TOMJD=8-")+-2;FR^lzzqhheYMIGC?8,! (+-09ER_juzqhfaSHEB=73, '*,.4?LXdpz~vmea]QE?=;7.'%(+.09FS^it}|vma[YQE:82.( &'+/3?KWbkuzx}|xph^TUPF3/.$&  ""'+2;EPZdnqkwzwvrmeYOPQF0/&$$-8@IS\cd`o~zurpmf^SLKOD.*#%28AIRXZYcrwvuqnke_YOGHL?+%,2:CKQSRYekmmkifaYPGCGB5&  %-4=DJLLPY`dfgfaYPIFD>7( )/7>CFFHPX\]^[\VPE>61'! #,38BEFHKOMGA5(" ! "+059;>??@BAB>3  " "#(-/159:<<61-& !"#'09EQ_lxwncXWRH>;964-$ "#&-8ER\hs{}undXUOB:751-*% !#$)4@KWbnw|{sk`VPLA8320-%  "$&-;FR\gquw{zwqj_SJHB8/,(%! !%)3?JU^inmw{usrme[OEEB8(%&")0:CMWbfam~|vpmlhaXK?AA9'&$-5>GPWXVdtwupkhfb[QF>>@8%!  (.6>GMONYhmlkgda[SLC:8=2"  "(08@EHGO[bdcb_\VND;8:6+%*2:?ABFOWZ]^\WOE>:82*    &-38;<61-& !"#'09EQ_lxwncXWRH>;964-$ "#&-8ER\hs{}undXUOB:751-*% !#$)4@KWbnw|{sk`VPLA8320-%  "$&-;FR\gquw{zwqj_SJHB8/,(%! !%)3?JU^inmw{usrme[OEEB8(%&")0:CMWbfam~|vpmlhaXK?AA9'&$-5>GPWXVdtwupkhfb[QF>>@8%!  (.6>GMONYhmlkgda[SLC:8=2"  "(08@EHGO[bdcb_\VND;8:6+%*2:?ABFOWZ]^\WOE>:82*    &-38;;752.,(%#"#$%'-*4$!  2NcbYV\``baa``_^\ZYXVVSROMKIFEC@>971/)%#"!!$&)-'4!$3Oac]_b`aa_`__\ZZYWVTRPNKJHFEB@:5.(%#" !! $#')'.' 1O__]aZ`^a]__^[ZXVUSQPMLKIHFC>61/.,+)('&%#" !!'(/ 1KXS]U]\_^^__][ZXVTSPPNNMKHDB=<763300.-+*(&# #$- -FIVTV\\_]_`__]\\YXUUSQNKIEB?<9663210/.-+)'$"$&%5BIVOY[]_]__`^]]ZVOKHED@><:86543210..,+)(%# +& )7AQTQY[^_^_^^_ZUOKFDBA>=;988766543210.-,*'%!(-# ")CFRVVX[]__]YTOLIGEDAA>=;;9::9976655421//.,)%$"&+"'  0GNUZ]^]\YVRONIHHFFCD@A>><==<;:9987554432//-,(%')&,&6@OZ]\\[\ZVTPMLKLIJGGEDCBABBA??>>=::997554432.+'**'1! .GQVX[]^][[XVSRQPNNMLLJKIJIJHEEB@@?>;;:850,(+)'+/9GMRWZ]]^]\[YWUVUTTRSRRQPMMHEBCBCBB@=60*)-)"$6:FITX[\]^]\[YXYXYXXYXVTUTUQQMLLMKF<4*)%6$ #)4:HMTTZ\^_]]\]]^\]\]\]_`aa`_a\\]YXXZ[\\WQF?5-)5!"  +1 %*039AFNOV\abcgjpquxz}~~}~}}xtoe\NB !"'+07@HKQV\_`diopy{􅄃zukaTG $.289@GJPXYZ_cjox{|ul_Q  !047;BGJOSUW\blswyx|{~~{ti[ 8JHGJMNQXfkpoqsswvy{}{~|~|~|~}}|~|~~|vn` -CH>@BGJL\`edghjmmptwuwvwvwvxvwwvwvwxytnb 5?76:@EHSW[[]_`dcgknnonooppqrstusrokd"--,06IVZ[[\]]^^`abbcbcegfeffghhjijjii !',37@INQSWWXWZ]__^^_bddbcdcdcdc #(-7CHJKPRRQTVYYZ\]^]^]]^]^]^]^ #)-0349?GJKMPQRUUWVW W  &-38;?CEKNNONONONONON #(-8>@AACBDCDD #)+--.132455778  $#'')0 6 89 :);GJD?>DGKLKKJIIEDBB??<;96521.-+)'$" $"'(?MOF@BHKKJHEDBB??<<975310/-*(&$"!%#,)@QOGDHKKMKLJJHHEDCB@@=<:864210-,('%!!$ +*@NPJKMKLKKIJIHFCCBA?><;965432/-)& ! &  (AMMJLGKJKHIHHGECBA?><;9865430,%#! & (=GAJBHHIIHIIGEDBA?><;:98641.+)'%$"" $ %8:CBCHHJHIIHFCB@A><9652/-*''%$#"! *5:D=EFHIHJJIHHEA:7521.-+)(&%$##!" !!  ,3@B?FGJJKJEA:7310.-+*)(''%%$#"" % 57ACCGIILJHD@;86421..++))''(''&&%%$$#"!!$  &8=DHJIIGEB>;965523/1-/,,++)(('&%$$#"!!$ +3@GIJHIHFB@<998:6856332110.--,))((&%%$$#"  ! ( $9AEGHIKIIGEC@?>><<;;:99885410//-+**)&# "!#%.8>BFJKJKIIGECBBA@A@A@A@A??>;<;<8774221.($ # */8;CGKKLIIGEEFFGFGFGFGGECDCD?@?@=;<;<<60( + !*/;?EEJLLMJKILJMJLJKKLOOQPPQMLLMHGHHJKMMID:4+$ * "(17<@FIMNNPOQNPOPQQRTVWVUWXWWXZXWWZ\``\UPG;,%"" $)24<@FKMPQSTSVUVUWVWXYZZYYZZ\^__abfhjjid^VI;2'# %..8:CGLNQUVXXZ[Z]\^]_`bcb``__`abegijjif`VK?3* ")+35>BIJOSVXY[_`baddghkmnonmnjigfeefhjkmllf`WL?4#(+07@FMNPTX_enputxyy|{}{}{}{}|}|{|{{zyvrkbUF '*-08<>DHJKQWahlnnqqttvwxxyxywxvqj^Q-;;=ABELZ_ddfhhlloqsqtrtrtrtstsstsutsldV %69246;>@PTZX[\^aaejlkllmllmlmnojdW +2+*/59;FJNNQRSWW[`ccdeffhijjhgd`X$""&+/7AKPORQSSTTVYZZ[[\^`bdefgfdc_\$(1;FJKKMNNPORSTTUTVWYYZ[]]_^__^^"'+09?ABFFGGJMPOOPTVVTUVUVU #*389;>AA@CFIJIKLNONONNOO "$&'+17::=>>=?=?=?=?=?= "+01211323233 !""#$&%&'')(*- 0 6 89 :);GJD?>DGKLKKJIIEDBB??<;96521.-+)'$" $"'(?MOF@BHKKJHEDBB??<<975310/-*(&$"!%#,)@QOGDHKKMKLJJHHEDCB@@=<:864210-,('%!!$ +*@NPJKMKLKKIJIHFCCBA?><;965432/-)& ! &  (AMMJLGKJKHIHHGECBA?><;9865430,%#! & (=GAJBHHIIHIIGEDBA?><;:98641.+)'%$"" $ %8:CBCHHJHIIHFCB@A><9652/-*''%$#"! *5:D=EFHIHJJIHHEA:7521.-+)(&%$##!" !!  ,3@B?FGJJKJEA:7310.-+*)(''%%$#"" % 57ACCGIILJHD@;86421..++))''(''&&%%$$#"!!$  &8=DHJIIGEB>;965523/1-/,,++)(('&%$$#"!!$ +3@GIJHIHFB@<998:6856332110.--,))((&%%$$#"  ! ( $9AEGHIKIIGEC@?>><<;;:99885410//-+**)&# "!#%.8>BFJKJKIIGECBBA@A@A@A@A??>;<;<8774221.($ # */8;CGKKLIIGEEFFGFGFGFGGECDCD?@?@=;<;<<60( + !*/;?EEJLLMJKILJMJLJKKLOOQPPQMLLMHGHHJKMMID:4+$ * "(17<@FIMNNPOQNPOPQQRTVWVUWXWWXZXWWZ\``\UPG;,%"" $)24<@FKMPQSTSVUVUWVWXYZZYYZZ\^__abfhjjid^VI;2'# %..8:CGLNQUVXXZ[Z]\^]_`bcb``__`abegijjif`VK?3* ")+35>BIJOSVXY[_`baddghkmnonmnjigfeefhjkmllf`WL?4#(+07@FMNPTX_enputxyy|{}{}{}{}|}|{|{{zyvrkbUF '*-08<>DHJKQWahlnnqqttvwxxyxywxvqj^Q-;;=ABELZ_ddfhhlloqsqtrtrtrtstsstsutsldV %69246;>@PTZX[\^aaejlkllmllmlmnojdW +2+*/59;FJNNQRSWW[`ccdeffhijjhgd`X$""&+/7AKPORQSSTTVYZZ[[\^`bdefgfdc_\$(1;FJKKMNNPORSTTUTVWYYZ[]]_^__^^"'+09?ABFFGGJMPOOPTVVTUVUVU #*389;>AA@CFIJIKLNONONNOO "$&'+17::=>>=?=?=?=?=?= "+01211323233 !""#$&%&'')(*- 0 6 89 :;'! :)% 9.+)%96.0*9:12,&9<332-9D944B8L>;-;:7SB9:$;7VF8A%3#6XN;69< 6a\QJ>5,4gfb^VNB6-!/dcdca^WOA7.$ -]^^_]YOG?3( -WXYY[ZYUOF<.# ,OPRSTVVTOG?3) +EGHLLOPQPMHB8/  +:=>ACFHJJGC=6(  *,02695+!-GHIJLLMLID;3' ,?@BDDFFGGB<5*"+568;;5-& +*-.03589::850*  *!#%'*,/135531,%*#%)*.0110,(! )!$&)+-..+'! )!$&')++)$! )"$'((&  )  %((&! - !%$ .  /  0 0  2 55 ;  : !9# 9,&'#90(($92*)(%9:.*+6 8B41$117H9/117K;.6)6MB2-/16UPF@4,%4\[WSKC8-& /VWURKD7.& -OPQRRPMD>5+!-GHIJLLMLID;3' ,?@BDDFFGGB<5*"+568;;5-& +*-.03589::850*  *!#%'*,/135531,%*#%)*.0110,(! )!$&)+-..+'! )!$&')++)$! )"$'((&  )  %((&! - !%$ .  /  0 0  2 55@D " E#text     Fq q % rVrfrvrrrrrrrrssvQy,zWzgzwzzzz|$AQaq<, +++ +* <<<            <<=<@   P<<;;=/:(95443,+*(<<<<<<<<<<<89:2//0......-./78:9:8   E'' ' & & &           &1 <=z@D " E#band       ,(8HXhxHXhx9IYiyƉM-peu ^[Z7^\ZZ7^]ZY[:]XX[:]XWY:\XWX;YY; [< <=^;^9^6 ^" 7 7: : : ; ; < <;96 " 7 7: : : ; ; < <;96 " 2 0001 3 5 689:;<>=765 2/, @8ZYZ[]^3]\ZYXXZ]]^0]\^][ZYXXWX[]^^-[__`^\ZYXYYXX[]^^*[^_cdeb_[YXYZYXXZ\^^)Z]`eiid`\ZYYZ[YYXY[\^^'Z[`fiiea]ZYZ[ZZXWXZ\]^^%[Z_dimnlhb^ZZ[[ZXWWXZ\]^^$[^diosqkd_[Z[\ZYWWY[\]^^"\]biosrpjd_\[\ZYXWWXY[\]^^!]`horvtnf`^]][YXWWXY[\]]^! `fmsvuqib_^][ZYXWWXY[[\\]^^ dkruvsmgc`^\[YYXWWXXYZ[\\]]^^ $iptwvrlgb`^\[ZYXXYY[\]^^ +msxxuqjea^][[ZYYZZYZ[\]]^^jrwwxtmgc`^\[ZZYZ[\[ZYYZ[\]]^ (puvxvrkea^][Z[ZZ[\\ZYZZ[\]^!7rvxxungc`^\[[ZZ\]^\ZYYZ[[]^ !otwyvrkeb_][ZZ[]__\YYZ\^^ eqvxyungca^\[[ZZ\^ab_[YYZ]^^ \iswxvrlfc`^\[[Z[^bdd_ZYXXY\^^ mvxyupida_\[[Z[]aege^ZXXZ]^ @8 4 1  -  *!##  )%,*# '(+,+% %&,120*! $$-4:7.$ "!+6:95-# !*5:?;3( ! %2;?>7,"  ".9>?:1)#  )6=@>91)"  $0;AA>8.%  +9@AA<2)# !!6=?A?9.&  ".8=BA=3*# !1;@B@9.& !!5=BA=3*$!! (:@A@90(#"&# "/=BA>7-%  '*$  @8 4 1  -  *!##  )%,*# '(+,+% %&,120*! $$-4:7.$ "!+6:95-# !*5:?;3( ! %2;?>7,"  ".9>?:1)#  )6=@>91)"  $0;AA>8.%  +9@AA<2)# !!6=?A?9.&  ".8=BA=3*# !1;@B@9.& !!5=BA=3*$!! (:@A@90(#"&# "/=BA>7-%  '*$  4/,*'$#! !" $%$$##"#"# ^1^/^.^-^.^-^-^,^-^.^.^/^0 ^1 ^1 ^1 ^1 ^1 ^2 ^1 ^1 ^1 ^1 ^2 ^2 ^1 ^2 ^2 ^2 ^2 ^3 ^3 ^3 ^3 ^3 ^3 ^4 ^4 ^4 ^4 ^4 ^4 ^4 ^4 ^4 ^4 ^4 ^4 ^4 ^4 ^5 ^5 ^5 ^5 ^5 ^5 ^5 ^5^6^6^6^6^6^/ 1/.-.--,-../0 1 1 1 1 1 2 1 1 1 1 2 2 1 2 2 2 2 3 3 3 3 3 3 4 4 4 4 4 4 4 4 4 4 4 4 4 4 5 5 5 5 5 5 5 566666/ 1/.-.--,-../0 1 1 1 1 1 2 1 1 1 1 2 2 1 2 2 2 2 3 3 3 3 3 3 4 4 4 4 4 4 4 4 4 4 4 4 4 4 5 5 5 5 5 5 5 566666/(''&''((***+*++,++,+,,,-,,,------.......///////000000000 1 1 1 1 1 1 1 -&rwyxtmfb`^\[[Z\`diic\XXY[^"kuxyvpieb`^\[Z[_chkh_YXWXZ]^!qwyxtnida_][[Z_chmkbZWWX]^^! gtxyvsmfb`^\[[^bhmld[XWWX[^^!mwywuoida_][[\bgmni_YWWZ]^"dsywwrlfb_^\[\bgmplcZXWWY\^^!jwwtoic`_\[[_flpog]XWWX\^^"`ruwvqkeb_^\[]flqqj_XWWZ^^#Zjrwwsmhc`_\[\clqqj_YWWXX]^^"Zaotwuojea_^\\`lrqkaZWWXXY]^"\[hqwvqlfb`^\\^hprnd[WVXX[]#Z`otvtngc`^\]_gpspf\XWXYWY\#]Ziqutnhca_^]^eospf\WVWZWX[^"^Zbnttojfb`^]_dnsof\XWW[WV[^$[hqtqkgca_^^blsof^XWW[WVZ^^#Yantrnhda_^_bksrk`YWW\WV[^^#[issnhdb`_^bjsqj_YWW\WW[^^$Yepsnifca__biqrj`YWW\WW\^^$_mrojfdb`_`fppi_XWW\XW\^^$[hpolieca`aempi`YWW\WW]^^%Ycnpmifdbaadjog^XWW[XX]^^%Y`lonjgdbabejnh^YWW[YX]^^%]hnnjfecbbdinh^XWVZYY]^^%Zckmjgfdccdhlh^XWWZYZ^^%X_hmkhfeddehki^XWWYY\^^&X\dkkigfeefhkj_XWWXY\^^&YZaikiggfefhkj`XWWXX\^^&[X^eiihgfefhjj`XWWXX\^^'X[aghhgghjjbYWWXY[^^'XZ^dhhghjjbYWWXYY^^'X[aghhghjicZWWXZY]^^'XY^ehhidZWVW\Y]^^(X[cghiihijie[WVX[X\^^(YWY`fhiid\WWX[Z]^^(ZXX^dhijiijid]WVW[Y[^^([XW[bgijiihc\WVW]W\^^)YWZagijjijhc\WVW^Z]^^)YXX_fijiihc\WVW^[^^)ZXX^ehijjihc]XVV]Z^^)ZXW\cgiigc]XVV\Z^^)ZXWZafhiihfb\XWV[\]^^*ZXY_eghhea\XVV\_\^^*[YW^dggfd_[WVW]a[^^*\ZW]beec_ZWVW^bZ^^*][W[addedb^YVVW__Z^^+\WZ_bcca]YWVXb^Z^^+]XY^bbcc`\XVVZbZ\^^+^XX]`aba_[XVV[fZ\^^+^YW\_`a`^[WVV^YY]^^+^ZW[^^__]YWVVYY[^^+^ZWY\^_^\YWVVW[]^^+^[WX[\]\ZXWVWY]^^*\WXZ[\[YWVWY]^^+\WWYZ[ZYWVWZ^^+]XVWXYXWVVX[^^+]YWWVWY[^^+]ZWWVWXZ\^^+^[YWWVVWXY[\^^+^\[YXXY[\]^^+^]\ZZYYZ[\]]^^+^]]\[[\]^)^]\] ^ )^] ^*^( 8ABA<2("&-, " ,=BB@7-&"%-0) !6ACA<3-% $-40" &@A<5,$+3:7(  "8=A>8/'!*4<;. # *9?@;3*#%4;;/ #3<@=6-&! 3=<0  ")7>>91)"-<>5$  #2;?<3*#+;?9(  # ,7=<4+%!(9?9( "2;=5.'"'8?8( $*7<70*$ #4?9* #2;93+$ #1@>2  $,9:3*%""/?=0  % $694-(# ".==0  $185/)%"):;.  $*761,'#  &5;.  % "462-(%" !&08, %053/*%" "(07- %*33.)'$#"&.6- %#/2/+(%##&-4. & +1/,)'&%',30 &%//-*)'').30 &,.-+*)()-30  & &,,+*)((,10  ' ),+*+**-11" '%+,++**-00$ ' )++,,-00$ '&+,--,-//' ( #),-.-.0/(  ((+..-.//' ( %+-//0.&  ("*././/.% ))-/0//-$ )(.//-% ) &,./0/-& ) #*-./.,%  ) )-./-*# *'+--)" * %)+,+' *#'())%  *!%'('#  +#%&&" +!#%%   +!#" $+  !! +  + + ,  +  +  + + ++ ++++, 8ABA<2("&-, " ,=BB@7-&"%-0) !6ACA<3-% $-40" &@A<5,$+3:7(  "8=A>8/'!*4<;. # *9?@;3*#%4;;/ #3<@=6-&! 3=<0  ")7>>91)"-<>5$  #2;?<3*#+;?9(  # ,7=<4+%!(9?9( "2;=5.'"'8?8( $*7<70*$ #4?9* #2;93+$ #1@>2  $,9:3*%""/?=0  % $694-(# ".==0  $185/)%"):;.  $*761,'#  &5;.  % "462-(%" !&08, %053/*%" "(07- %*33.)'$#"&.6- %#/2/+(%##&-4. & +1/,)'&%',30 &%//-*)'').30 &,.-+*)()-30  & &,,+*)((,10  ' ),+*+**-11" '%+,++**-00$ ' )++,,-00$ '&+,--,-//' ( #),-.-.0/(  ((+..-.//' ( %+-//0.&  ("*././/.% ))-/0//-$ )(.//-% ) &,./0/-& ) #*-./.,%  ) )-./-*# *'+--)" * %)+,+' *#'())%  *!%'('#  +#%&&" +!#%%   +!#" $+  !! +  + + ,  +  +  + + ++ ++++,"!"!"!            !!! !!!!"""#####$$$$$$$%%%%%&&&&&&''''''(?^=^<^<^;^\9^][8^[Y7^ZX6\[ZZ[\ZX5[XXWZ[Y4ZWZZYZ][3XZ\__^]\1[Z]`bbcba_^]0YXY`ccba`^/Z[]^accddca_,YY[_a_`cdccdca`+YXX]_accbccdcdca`*[Z[]beddccddccba`']^dcbehgffeddcba_!\ZZ\^_]\`gophghgfefeddcba]\\[[\\_bdffkprqnkiihhgffedcba &,,' beiigdcceimpqrqpoljjiihggfedcba 8JTYYU]^_``binsqqpmkjklopponnllkjihggfedcb` ,MZ[[Z[]`dhiiloquwustutrpqpoonmllkjjihggfedcba` ,R\[[^bgknnoprsswyyvusrqpnnllkjihggfedcba__ ^^]\\[[\^aejnoppopty~{wurqoommjjhhfedcaa``_^ ^\[]_chloqqpps{~yvtrpomljihfdcba``__^\ ^]\[[\^aejnqturqyyutrpolkjhedcbb`__^]]\ ^]\[[\]_cglqtvwuxzvtrpmkiheddcba`_^^]\[ -\^^]]\\[[\^aejnsvyx{~wtroljheeddcba`^^]\[[ -\^^]]\[[\]_cglquxzzytrokhfeddcba`_^]\\[[ 'V^^]\[[\^aejotxzz~}urpkgeedbba``_^]\\Z[ K^^]\[]_chmrvyz|~vqolfddbaa``_^^][[ZZ 9^^]\[\^aejptwy{wqokfdcaa`__^^]\ZYY ^ W^^]\[]_chlqtwy}{snjecca__^^]]\[ZYY^9]^^]]\[[\^aeinqtx||tnkebba_^]]\[[ZZY?=<<;:976 5 4  3 1  0   /   ! , !! +   *  '  ##!! ! )-%##!  #,0/,($$#"!! !!"(,//..,)%$$#!  $--,+)&%&',--,*('&%$"!!  "'*/421243/-/.--*)((&%$"!!  &)')),./599;;74310-,+))'%#"!   &+,,)*19AGNMF>:730--**&&#!  ").10-*/ITZXUOE;751,(# "+38=?>GQWZYUL?851*%  '/7?BKTXYUQG;41,"  (07:730--**&&#!  ").10-*/ITZXUOE;751,(# "+38=?>GQWZYUL?851*%  '/7?BKTXYUQG;41,"  (079^M^^]\]]\[[\_bginruz~~}wplgba`_^]\\[[ZYO^^]\]\[[\]_bfjnsy}~zzwplhb``_]\\[[ZZYZJ]^^]]\\[]_cglrwz}{yxuplhc``_]\[[ZZ[\M]^^]\\[\^afkotw{}~zvusokgc``_][[ZZYYZ[\]Y^^]\\[\^`dhmqsw{|xsrqnjgc`_^\[ZZYZ]^H^^]\\[]_bfjmosxzvqpomieb_^]\ZZYZZ[]^/\^]\\[\^`dgijovwtolljheb^]]\ZZ[]^^T^^\\[\^adffjstqliihfc`^\\[ZZ[Z\]^^B^^]]\[[\]_bcaenomjgfedb_][[\ZZ[Z[\]^^)[^]]\[[\]__^bhjigedcb`^\[[Z[\]]^^ O^]]^]]\[[\]_cfeecba_^\[Z[[ZZ[\]]^^5\^]][Z[\[\_abbaa`^\[ZZ[\]]^^U^^]^\[ZZ[\^_``^\[ZZ[Z]]^^A]^^]^\[ZZ[\]]^]]\[ZYY[\^^#[^^][ZYYZ[\[ZYY[Y]^^Q^^][ZZYYZYZ[\^^D^^][YXXYXYYZ[[\[Z\]^^<^^]\ZYXXYZ[[]\\^^;]^^]WXWWXWXXY[ZZ[\]]^^ <]^^\YXWWYZ[\]]\\]]^!8]^ ^\[[\[\^^"/]^^#'X^^%K^^&^9\^^&^ N^^( ,R^^* ,N^^, ^^.^ ^1 ^1 ^2 ^3 ^4^6^7^9^9^;^ "&.5;AGMOLIIG?3-$    (08?EIMLHDC>4-&   ",5;92,$  &-48>DEA:861*$  ").18@C>754/)"  $(*2<>;3/.,'!  "")7:6.*)($  "030+&$#    (+)&#!   $##                !"  #$%'&&+-./ 1 1 2 3 46799; "&.5;AGMOLIIG?3-$    (08?EIMLHDC>4-&   ",5;92,$  &-48>DEA:861*$  ").18@C>754/)"  $(*2<>;3/.,'!  "")7:6.*)($  "030+&$#    (+)&#!   $##                !"  #$%'&&+-./ 1 1 2 3 46799;'-..-,,,+***))(('&%$#  !!"%' ()*,-/0 1 2 3 4689:;<<<`Z[\]^^6[\]^^7]^^7^8^9^9^:^;^<^=^ ~677899:;<= ~677899:;<= ~ 4 4 4 566799:;;<= ~>X=\>=>=:;<=>VW[][YYZ\^__^]\[[ZZYYXXWWVVUVWXZX]^^XVY^_[YZ\^__^_^^]\[[ZZYYXXWWVVUVWVWVVWWXYZ]^^XVY`_\[]^^__^]\\[[ZYXXWWVVUVWXWXZ\^^YVY_`]^_^__^]\\[ZYYXWWVUVWXWZ[^^VY^^]_\^^_]^^\[ZYXWVUUVWXW\^^VX[Z]Z]]^^]\\[[ZZYYXXWVVU UVW[]^^VWX[Z[]]^]^^]\[ZZYXXWVV UVWXYZ[]]^^VWW[Y\\]^]^^]\[YXWVV UTUTUUVWVY[]]^VWZZY\\^^\ZYXWVVUVWXZ]]^^XWZ[[\]^^]\ZYXWWVVUVWXY\]^^XY[\]^]]\[YYXWWVUVUUVWWXWY]^^ Y\]]\]\[ZYXXWXWW V UVWWXWY]^[[\]^]\\[[ZZYYXXWXWXWWVUVWWXW\^5[\]]^]]\\[Z[ZZYXWVWVWVVWXYZ^ FZ\\]]^]]\\[\[\[[\[[Z[Z[YYXYXWVVWX\^  +XYZZ\]^^]]^]]^_^_]]\[[\][ZXWWYZ FWXYZ[]^^_^_^__`aa``aa`acdca^]ZXWWX TWWYZ\]^^_`_``a`aabbabbcdefghhgeb_[XWW 9VWWYZ\\^_`aabacbccddeedcdefghhgfc_[XWV  EWVXY[[]^_``acddfghijjkjjiggfghiihfc_[XW LWWXYY[]__abefhijlmopqqrqrqrppnnmmlmlligd`]YW !"MWWXYZ[]^^`bdejknpprrsttsrqponmjgc_[X $NWWXYZ\\^_bdikmmnppqqrqrqrqrrqponkgc^Z  YWWXXYZ[[]_cfijikkmmnoopopoonomkgb]]ZWXXYZ\`cedeffhhjklkmkmkmlmllmlmmkhd^]ZWWXVWWXXY]^``aabddegihihihihihiihihiijgd_]\XVWVVWXZ[\]]^^`_acddedeefghgfec`]ZXWVVWY\^]^^_abcdeeffedca\[YWWVVX[\\]^_`aa`aab][ZXWWVVWXYZZ[[\]^^_``_`_`_`_^]\ZYXWWVWWXXYZZYZ[\\]^]^]]^]^]^]^]\\ZYYXWWVVWXXYYZ[[^]]\\[[ZYXWVVWXY Y^]]\]\\[ZZYWWVVWVVWVWW^][XWW V^][[ZYXWV^]\[ZYY* ^]\[ZZ3^\[[ZY4^]\[Z<]\     !    !                                         "#"!"#""#$""$%(('#    ! "!"!#"##$$#$$%&&'')),-//-)$   !"#$%$&%'&((**)((''()+-.//.+&    !"$'')(++-.02332/.-,,+,-//10/+&   #&*+/1368:<>=>=>=>=;:87656551,)!  !$)*348;>=<;973.&    %)1377:;;>=?=?=?=?>?>=>==<;84.'  ',01244778::;:9:84-$"%))+,-/024647575757676676775/(  "!##%''*.0/001002.)   #'))*)*+-.-,)'!  "#"##$#%'(**+,,*)&#  !""#$$&%&&%%                  "+45 =     !    !                                         "#"!"#""#$""$%(('#    ! "!"!#"##$$#$$%&&'')),-//-)$   !"#$%$&%'&((**)((''()+-.//.+&    !"$'')(++-.02332/.-,,+,-//10/+&   #&*+/1368:<>=>=>=>=;:87656551,)!  !$)*348;>=<;973.&    %)1377:;;>=?=?=?=?>?>=>==<;84.'  ',01244778::;:9:84-$"%))+,-/024647575757676676775/(  "!##%''*.0/001002.)   #'))*)*+-.-,)'!  "#"##$#%'(**+,,*)&#  !""#$$&%&&%%                  "+45 = l==;;:88/4. 2 2 1 0  /  . .--,,,!**)((!%&&&% 8<@^=^=^<^:^9^8^7^7 ^5 ^4 ^4[]^^3YZ\]^^2WXY[^^2WY\^^1WXZ^^0WVVY^^0WVVW^ ^/WVVWX\^ ^.YWVWWX]^ ^-ZWVWXWZ^ ^-[XVWXVW\^ ^,\YWVW\W]^ ^,_]ZXWWYY]^ ^+a_^[YWWYZ\]]^^+`_`__^[YWWXY[\]^^*]^^]\YXWWXZ\]^^*[\[YWWVXZ\]^^)YZ[ZYXWVWXZ]]^^'WXYXWVVWY[]^^'VWXWVWZ[]^^&VWVWYZ]^^&XW VXY]]^^%YXXWWV VWY\]^^%YXXWWVWY\\^^%YZYXWVVWXY[\]^^%\][YWWVVWXY[\]^^&^][YXWVVWWXYY[\]^^-\ZXWWXYZ[]]^^/[YXWXXYZ]]^^1YXYZ\]]^1[ZY[\\]]^^2[\\]]^^4 ^4 ^6^9^:^'==<:9877 5 4 4 3 2210 0  /   .   -   -  ,   ,  +#  + ! * * ) ' '  &  &  % % %%&-/1 1 2 4 4 69:'==<:9877 5 4 4 3 2210 0  /   .   -   -  ,   ,  +#  + ! * * ) ' '  &  &  % % %%&-/1 1 2 4 4 69:'==<:988766 4 4 3 2 110/.-,,++*)(('&%%$$$##""""""$(+-./02 5 68::@D " E#Paper     y P\ht 9IO(.222A@o$ɆI<[~8Lְ 0@ G= 3.-)*&## #  $&%$#"   !"" G= 3.-)*&## #  $&%$#"!!"#" G= 3.-)*&## #  $&%$#"! !!""\Wgd6.𨚒adoQ%f̿$ !T T4ԡi6xY/)گG!ީD w#ľx% G$ 5(!u)C%'$A#e" 8!nQٮVP< ; 5 Nd."%5    ෇bR% МgUV7& սd_Q?/)$  Ǵmi]I81+! ʵvrfZWSI>1# ɺqXF?9.& ؽyoc[[VG0* ; 5 Nd."%5    ෇bR% МgUV7& սd_Q?/)$  Ǵmi]I81+! ʵvrfZWSI>1# ɺqXF?9.& ؽyoc[[VG0* ; 5 ;M$)골kNA ڷ~SDF/! tSPE7*$   役x]ZQ?2+& ⽾|gcZOLI@7+ ݼ{dM>72)  ⺻xkcWPPLJ?*$ <s:~# 6ƜsS2 1ؾV7.i7* ь8  !ýnS6.)%  ƿs[? ϶sV4թzX5ɡ]@$  Ѡb=1-18EOI- ij~Ê{fɩʿ<<<9/# 6‰mn^2-(  -گƈ{1)  ƹ{1)   ɾӾ{1)  򭠗񸷷 >7"L2@.3Ty#Rɳ帓K =fݿ-آ  7[|   (E  М ѕҷ  9641-*     f 8641,)   a 8640,) 븺⸻䶸뻼  I󷶶峲뵴㻼㹸󰯯䰯״갯:75l켌2 _ݿA!0 eӸ/ (-[*X% V" 9!F $F  H  D  > OŖ`5ߪíИ`V   82 /-+)&# !#      򿼽ɾ𹺼Ӱ籰82/-+)&#           ֜վ𹺼Ӱ籰82/-+)&# 𸻹      ¾    꽾 综ݺ۷´񯰯ï𺼽ȭᯰ̪⯰˧宯ʤ۞ˠ笭̜ȗΚΖϘ픓⟡91^)1wſO+ (D~U)QȯU$ Hj!8j  P kC8q 'CjF{- CmG !~F# ̥y#T Ϧ. &+ͫ  A¹; ʞzo`Ɍf(㼌pVյC nO3       !"#$%&''' ====<;;;:9987654 3 2 1 1 0 //. ====<;;;:9987654 3 2 1 1 0 //. ====<;;;:998654432110 // .== <<<9;2;?;:1: 998U8[7E6!5f4 .3U3#2r2]1O1t0Ǘ/8.- -- , + * * <)"('$$$%&'') * * ,,-...//0112222*2ľ3_43}4 f}5$r68z63889;;<<- ''' )6== 6 )            $$$%&'')**, , - . ..//011ܲ2222)23[41y4 by5"n66t61889;;<<- ''' '3:: 4 '            $%%%&'()**, , . . .. //󪫪0󫳭1򶞢1򶥅2󜓠2󢤑2223E4%[5IZ5R7)W6%889;;<<- ''' ',, '              !!+"$ #T $0֋0%o%t%&Y'=(ސ?)ݢ*++--../0022233345567 .EH;. /&E~#4P`t Se 9Ii*|Lg@ = 9ف . %u: z B % 9b x   3׼ x 0$% ^  żz򾼻禥ݤþ ¾ ½¾ÿ򨦧  ſ¼þþ ¾ ¾ݝþ驧Ŀ ¿|uȿgļ ݟT6Ľ۟JýڞĿſĿ¼ żz 踹߷¿񽾼򯮮ÿ½ 󪩪Ŀÿ 赳¿밮¾󷴴 ľþþ ſſ𬩨Ŀȝ񟞟 þvǾoĽc ݟQĽ4û۟G۞¾ÿĿÿ¼ſٹ|~ulpﱲ𷸹ľ鷸˴鷹鯰Ѵ󳴴δ먧ⲳƳᱲ󱰰쭬ߧ𹶲乸궴ﲰ결 ஬쟜ⶴḶﹸ𗔔繸긷ḷܷⷶﵴ蛚 괵 𵳯 봰 㴳ⲯ󏐐򰭫񲯪񱭨󯳲赴讉ݑY䑒T ┕K=ԑ' 5갮巶񣢣񶴲ﷸ󡟟丷践 巺ⷺƿ   !499988777, & ! !!    ""&%%('&()'%%      pY\PBKRavD:0$$⛐|!彼ٸ㻺ޯ 񭬬 =y񡠠  靜  %"坜ߞ󞝝  죤pY\PBKRavD:0$$⛐|   ߦ 顢%?0⠟  %)  '%"坜ߞ󞝝  죤bMOD:BJWfly:0($܊||pupou}밯üɾƿ̷Ϭ̣򫬬š⠣۟험 . '4>1    鎏돐ꑒ向   䑐񖕕Ւ󔒒ܔ┕陘򘙚񚛝񚙙  瞝󜞝񔕖󝞝󕔖"  ?;;  *Nn¿¿ڣĽ֡򷶴󯮭!(|<92/)   򞝝       䝞  띞  󣢢 硢򣢢᪩  )Ml¿¿Ľ֡󯮭"851("             䝞  띞  󣢢 硢򣢢᪩ 9R츹ſﺸ ߽򹸸𻺹¿𴲰Ӿגג      󓒒ߔ󒓔򏐐Ў 폎6.,"  򒑑񑒒󙘘옙왘왚虘𚛜𙚘 團򛜜𜞝ݡ뜞 㜞眝鞝𞝜 뢎  &+60, % ٺٳ񽼻ﵴ ⧦$*.l8501-*%""    򡣤񠣤񞝜  򟞞  󢡢󪩪 򧨨 &* - .32ٺٳ񽼻ﵴ ⧦$*.-9621-*'#"        񠣤񞜜  򟞞  󢡢󪩪 򧨨 &* - .32򶵵鮭㨦𠞞䤥 얕!)/<52.&!򏐐 򎐐􏐐鏐 񐏎򐏎򐎎 򓒒򓒒 򔕖 𖘙씖 񝞟ᖗ󨥘򨧧򔕕󧦧򗖗薗 򧦦 殮𚛛랟 #󥣢%'+9s366 $'* .2469 𧩪޵䯱줢Чݨ֡뢣١렟ܡ柠埡⟠硣론㠡ޝ렠ڭ쟟֞ۥꞞѠ鞞ͣ睞Π坞ɠ睞ؠ랟㟞⟟򠡣៟桢򡢥ݡ꺼ڧ軾ة׫֭֮й֯춷د𵳳ٱ紵ۭ쳲߫簯߫仼ެ笭ذت浶֪񬭭㴵ת𴶵ת۰תԫ֪ګت̫۪૬ݪѬު Ԯު ѭݪ ܪ Ѯڪ𭮯ڪ׮٪նڪӫϫ𧩪޵䯱줢񧨩᪫ݨ֡񥧥١렟ڞ柠 埡ݝ졡 硣㠡ޝܭ쟟̥֞ꞞѠ鞞ͣ睞Π坞ɠ睞ؠ랟㟞⟟򠡣៟桢򡢥ݡ꺼ڧ軾ة׫֭֮й֯춷د𵳳ٱ紵ۭ쳲߫簯߫仼ެ笭ذت浶֪񬭭괵֪𴶵֪װתث֪ޫت櫬۪㫬ݪѬު Ԯު ѭݪ ԰ܪ Ѯڪ𭮯ڪ׮٪Ȭ٪تӫϫ䚙ȓӘÒΔ’Ԓ¾ ޑ  ޏ򵷶󏑓提ۏ⏐向둓񸹺 ޑ 呓㒔蔕򖘘갱咓哔벳𓔕𓔕簱训鱰믛񩪪橪񪨨󩪫󪩪𥦧򨧨ꦧ릥礣򧦦饧碣ۢ 뢣#颣&(񤥧(򫪪&飥%$頻#!𫬬 ꩫ妧復뮭񭮮󨩪(())** ( ( ( ' )+,*//01122287786;;<==>~<::;B,+* ( ' ' & & % $ # " "!!                 ,+* ( ' ' & & % $ # " "!!                     , +* ( ' ' & & % $ # " "񽿾! !]   󼽿     󽻼 󹺻    򴵷 ﱲ    챲 밲 뱳 ﱳ붷 ﻺ򹺻굴鳲챳 Ǹ챳 ÿ 𳴵 봵 ﵶ쵷񶸺󸹻  鼽  ﻼ  궷 羿   򾼽 󴶸  󭮯 /&%$ $ # " ! T! ,    m~U+a;& M5~)     H     I r m    ?            & A               *  ++*(&%$"!  "  %                *  ++*(&%$"!" %                *  ++*(&%$"!" %   {   1 D  S ;  s 4 & 0  VǶ8   %* /* ) +'F %3 $P #! Ҳ㲂ݓX)   Ǹ%ÿ ň)i I20ü ſ¼Ŀ񥤣ÿÿʰ氯׮¸۽yvWVUYISS^epo|ǢbP;:*&!*2DNPRcmq}}qjkkljhgc_`hmpx֧pUB494*  !"$/;GWji[TRLFIMLLSYTMN! #$(./-.0.--,(%""( -  ¼  ľý¿ÿ¿乶   ¾¿¶~ĩxrmkNMLPCJKV^fht}ƻ|XG54&!&-@IKM[fluukegfgedb_\\ejmtydL:/3.%   !,8CRccVPNHCEJIIOTQKJ!  "',,+,-,**+*'#!!(  - ż Ḽ廼𢟝貱⯮豰򝛚򥤣𥤢󳲲쮭 鯰찯 򳰭     󵴳  렙ѪҨ{roba`b]__b_cfjkorvy|~||{{}|~Ҫ~|trYTPO:98<267@ELMU]`ajmlnrrprtiba_`dhkᨠle_\B4'&".679DKPVWOKKIHFCDJOQVܧpZK8+"%"  *2;78!   ( -    #(&%#$&%&&&'(&&#"  ¿ſ͹ù{ήιylTOLKG@9./228HPT]hmou /Rje_kʙoaUHIL]gk  #'1$01$󣢢󟠠窱䪫𫬭잟񫬫񠟟󟡟򮯮ퟠ󡢠򥧦𧨧거񯮮乺붷󻼼ߵ[!괹򁉉OG>@B957956AJP[kor   '**3@946855AJPZkor~   '**3