pax_global_header00006660000000000000000000000064145040771130014514gustar00rootroot0000000000000052 comment=4ddb086128665268082dc3d328bfcca889648dd4 xca-RELEASE.2.5.0/000077500000000000000000000000001450407711300133525ustar00rootroot00000000000000xca-RELEASE.2.5.0/.github/000077500000000000000000000000001450407711300147125ustar00rootroot00000000000000xca-RELEASE.2.5.0/.github/workflows/000077500000000000000000000000001450407711300167475ustar00rootroot00000000000000xca-RELEASE.2.5.0/.github/workflows/cmake.yaml000066400000000000000000000063421450407711300207200ustar00rootroot00000000000000name: CMake on: push env: BUILD_TYPE: Release MSYS: D:\msys2 jobs: build: strategy: matrix: os: [ ubuntu, macos, windows ] qt: [ "5.15.2", "6.6.0" ] include: - os: ubuntu generator: Unix Makefiles openssl_root: /usr artifact: build/xca-*-Linux.tar.gz host: linux runs: ubuntu-latest - os: macos generator: Unix Makefiles openssl_root: /usr/local/opt/openssl@1.1 artifact: build/xca-*.dmg host: mac runs: macos-latest - os: windows generator: MinGW Makefiles openssl_root: D:\msys2\msys64\mingw64 artifact: | build/xca-*.msi build/xca-portable-*.zip host: windows - os: windows qt: "5.15.2" winarch: win64_mingw81 runs: windows-2019 exclude: - os: windows qt: "6.6.0" #winarch: win64_mingw #runs: windows-latest runs-on: ${{matrix.runs}} steps: - name: Install Sphinx run: pip3 install sphinx - name: Install Qt uses: jurplel/install-qt-action@v3 with: arch: ${{matrix.winarch}} version: ${{matrix.qt}} - name: Install MSYS2 and OpenSSL on Windows uses: msys2/setup-msys2@v2 if: matrix.os == 'windows' with: location: ${{env.MSYS}} msystem: mingw64 install: mingw-w64-x86_64-openssl openssl-devel base-devel mingw-w64-x86_64-gcc - name: Brew install OpenSSL if: matrix.os == 'macos' run: brew install openssl - name: Checkout XCA uses: actions/checkout@v3 with: fetch-depth: 0 - name: Configure # No YAML Multiline mechanism (>, |, \, >-, >+2 whatever) works as expected # Give up. Live with the long line run: cmake -B ${{github.workspace}}/build -G "${{matrix.generator}}" -DCMAKE_BUILD_TYPE=${{env.BUILD_TYPE}} -DOPENSSL_ROOT_DIR=${{matrix.openssl_root}} --warn-uninitialized -DCMAKE_OSX_ARCHITECTURES=x86_64 - name: Build run: cmake --build ${{github.workspace}}/build --config ${{env.BUILD_TYPE}} -j 5 -v - name: Fixup after WindeployQT and Install if: matrix.os == 'windows' run: | cd ${{env.MSYS}}\msys64\mingw64\bin cmake -E copy libgcc_s_seh-1.dll libstdc++-6.dll libwinpthread-1.dll ${{github.workspace}}\build cmake --build ${{github.workspace}}/build --config ${{env.BUILD_TYPE}} -t install #- name: Test #working-directory: ${{github.workspace}}/build # Execute tests defined by the CMake configuration. # See https://cmake.org/cmake/help/latest/manual/ctest.1.html for more detail #run: ctest -C ${{env.BUILD_TYPE}} - name: Install if: matrix.os != 'windows' run: DESTDIR=${{github.workspace}}/build/INSTALL cmake --build ${{github.workspace}}/build --config ${{env.BUILD_TYPE}} -t install - name: Pack run: | cd ${{github.workspace}}/build cpack -C ${{env.BUILD_TYPE}} # type _CPack_Packages/win64/WIX/wix.log - name: Deploy uses: actions/upload-artifact@v3 with: path: ${{matrix.artifact}} name: ${{matrix.os}}-${{matrix.qt}} xca-RELEASE.2.5.0/.gitignore000066400000000000000000000001111450407711300153330ustar00rootroot00000000000000*.o *.obj *.rej *.orig *.dll *.h.gch ui_*.h moc_* xca misc/variables.wxi xca-RELEASE.2.5.0/AUTHORS000066400000000000000000000002111450407711300144140ustar00rootroot00000000000000Christian Hohnstädt Programming, translation, testing Kerstin Steinhauff Arts, Graphics xca-RELEASE.2.5.0/CMakeLists.txt000066400000000000000000000166351450407711300161250ustar00rootroot00000000000000cmake_minimum_required(VERSION 3.16.0) project(xca DESCRIPTION "X Certificate and Key management" HOMEPAGE_URL http://xca.hohnstaedt.de LANGUAGES CXX ) file(READ VERSION.txt ver) string(REGEX MATCH "([0-9\.]*)" _ ${ver}) set(PROJECT_VERSION ${CMAKE_MATCH_1}) cmake_host_system_information(RESULT OS_DATA_LIST QUERY OS_NAME OS_RELEASE OS_VERSION OS_PLATFORM) list(JOIN OS_DATA_LIST " -- " OS_DATA) message(STATUS ${OS_DATA}) include(GNUInstallDirs) ##### Git command to tweak the version and commit hash include(cmake/git_version.cmake) ##### Build specifications set(ADDRESS_SANITIZER OFF CACHE BOOL "Enable Address sanitizing") set(CMAKE_POSITION_INDEPENDENT_CODE ON) set(CMAKE_CXX_STANDARD 17) set(CMAKE_CXX_STANDARD_REQUIRED ON) set(CMAKE_AUTOMOC ON) set(CMAKE_AUTORCC ON) set(CMAKE_AUTOUIC_SEARCH_PATHS "${PROJECT_SOURCE_DIR}/ui") set(CMAKE_AUTOUIC ON) add_compile_definitions(OPENSSL_SUPPRESS_DEPRECATED QT_MESSAGELOGCONTEXT) if (ADDRESS_SANITIZER) add_compile_options(-fsanitize=address -O1 -fno-omit-frame-pointer -g) set(ASAN_LIB -fsanitize=address) endif() file(GLOB UI_FILES ${CMAKE_AUTOUIC_SEARCH_PATHS}/*.ui) configure_file(local.h.in local.h) ##### Libraries and executables add_executable(${CMAKE_PROJECT_NAME} img/imgres.qrc ${UI_FILES} ${PROJECT_BINARY_DIR}/local.h) add_executable(xcadoc ${PROJECT_BINARY_DIR}/local.h) include_directories(${PROJECT_BINARY_DIR} ${PROJECT_SOURCE_DIR}) if (APPLE) execute_process(COMMAND brew --prefix OUTPUT_STRIP_TRAILING_WHITESPACE OUTPUT_VARIABLE BREW_PREFIX ERROR_QUIET) # Preset the default brew paths.... if (NOT CMAKE_PREFIX_PATH) set(CMAKE_PREFIX_PATH ${BREW_PREFIX}/opt/qt@6/ ${BREW_PREFIX}/opt/openssl@3) endif() elseif(WIN32) if (NOT CMAKE_PREFIX_PATH) set(CMAKE_PREFIX_PATH $ENV{UserProfile} $ENV{PROGRAMFILES}/OpenSSL-Win64) endif() if (NOT OPENSSL_LIBRARY_MAJOR) set(OPENSSL_LIBRARY_MAJOR 3) # For OpenSSL 1.1.1 use "1_1" endif() file(TO_CMAKE_PATH $ENV{WINDIR}/system32 SYSTEM32) endif() set(QTFIXEDVERSION Qt6 Qt5 CACHE STRING "Force q specific QT version 'Qt5' or 'Qt6'") find_package(OpenSSL REQUIRED) find_package(QT NAMES ${QTFIXEDVERSION} REQUIRED COMPONENTS Core) set(QT Qt${QT_VERSION_MAJOR}) find_package(${QT} REQUIRED COMPONENTS Core Widgets Sql Help LinguistTools) message(STATUS "Using ${QT} with version ${QT_VERSION}") get_target_property(qmake_executable ${QT}::qmake IMPORTED_LOCATION) get_filename_component(_qt_bin_dir "${qmake_executable}" DIRECTORY) if (NOT OPENSSL_ROOT_DIR) get_filename_component(OPENSSL_ROOT_DIR ${OPENSSL_INCLUDE_DIR} DIRECTORY) endif() target_link_libraries(${CMAKE_PROJECT_NAME} OpenSSL::Crypto ${QT}::Widgets ${QT}::Core ${QT}::Sql ${QT}::Help ${ASAN_LIB} ) target_link_libraries(xcadoc OpenSSL::Crypto ${QT}::Widgets ${QT}::Core ${QT}::Sql ${QT}::Help ${ASAN_LIB} ) if (APPLE) find_library(IOKIT_LIBRARY IOKit) find_library(COREFOUNDATION_LIBRARY CoreFoundation) target_link_libraries(${CMAKE_PROJECT_NAME} ${IOKIT_LIBRARY} ${COREFOUNDATION_LIBRARY} ) set(CMAKE_MACOSX_BUNDLE ON) # Avoid bin/ sub-directory in DMG set(RUNTIME_DEST .) set(CMAKE_CXX_VISIBILITY_PRESET hidden) elseif(WIN32) set(RUNTIME_DEST ${CMAKE_PROJECT_NAME}-portable-${PROJECT_VERSION}) else() set(RUNTIME_DEST ${CMAKE_INSTALL_BINDIR}) endif() macro(guid content) string( UUID GUID NAMESPACE f243d4ea-d51d-42fc-a3c0-4eb186c55d34 NAME ${content} TYPE SHA1 ) endmacro() macro(WixFile filename content) file(WRITE ${filename} "\n" "\n\n" ${content} "\n\n") endmacro() ##### Sub directories add_subdirectory(lib) add_subdirectory(widgets) include(misc/CMakeLists.txt) include(lang/CMakeLists.txt) include(doc/CMakeLists.txt) include(img/CMakeLists.txt) install(TARGETS ${CMAKE_PROJECT_NAME} RESOURCE DESTINATION Resources BUNDLE DESTINATION . RUNTIME DESTINATION ${RUNTIME_DEST} ) set(CPACK_PACKAGE_VERSION "${PROJECT_VERSION}") ############################################### ##### Host specific settings if(APPLE) set_target_properties(${CMAKE_PROJECT_NAME} PROPERTIES MACOSX_BUNDLE TRUE XCODE_ATTRIBUTE_INSTALL_PATH /Applications XCODE_ATTRIBUTE_SKIP_INSTALL No RESOURCE "${APP_RESOURCES}" ) find_program(MACDEPLOYQT_EXECUTABLE macdeployqt HINTS ${_qt_bin_dir}) add_custom_command(TARGET ${PROJECT_NAME} POST_BUILD COMMAND ${MACDEPLOYQT_EXECUTABLE} $/../.. -always-overwrite COMMENT "Running macdeployqt..." ) if (DEFINED ENV{APPLE_DEVELOPER_HASH}) add_custom_command(TARGET ${PROJECT_NAME} POST_BUILD COMMAND codesign --deep --signature-size=96000 --options=runtime --timestamp --entitlements ${PROJECT_SOURCE_DIR}/misc/entitlement.plist --force -s "$ENV{APPLE_DEVELOPER_HASH}" $/../.. COMMENT "Running codesign for $ENV{APPLE_DEVELOPER} ..." ) endif() set(CPACK_BUNDLE_NAME ${PROJECT_NAME}) set(CPACK_GENERATOR "DragNDrop") #;productbuild") elseif(WIN32) find_program(WINDEPLOYQT_EXECUTABLE windeployqt HINTS ${_qt_bin_dir}) add_custom_command(TARGET ${CMAKE_PROJECT_NAME} POST_BUILD COMMAND ${WINDEPLOYQT_EXECUTABLE} $ --dir ${CMAKE_BINARY_DIR} --compiler-runtime --no-translations COMMENT "Running windeployqt on ${CMAKE_PROJECT_NAME} ..." ) add_custom_command(TARGET xcadoc POST_BUILD COMMAND ${WINDEPLOYQT_EXECUTABLE} $ --dir ${CMAKE_BINARY_DIR} --no-translations COMMENT "Running windeployqt on xcadoc ..." ) set(QT_USE_QTMAIN TRUE) set(CPACK_GENERATOR WIX) set(CPACK_PACKAGE_VENDOR "Christian Hohnstädt") set(CPACK_WIX_TEMPLATE "${PROJECT_SOURCE_DIR}/misc/xca.wxs") set(CPACK_WIX_UPGRADE_GUID "23fdacfe-3ef8-45b4-81e8-b0c90244c217") set(CPACK_WIX_UI_BANNER "${PROJECT_SOURCE_DIR}/img/banner.bmp") set(CPACK_WIX_UI_DIALOG "${PROJECT_SOURCE_DIR}/img/dialog.bmp") set(CPACK_WIX_LICENSE_RTF "${PROJECT_SOURCE_DIR}/misc/copyright.rtf") set(CPACK_WIX_EXTRA_SOURCES ${CMAKE_BINARY_DIR}/language.wxs ${CMAKE_BINARY_DIR}/doc/documentation.wxs ${CMAKE_BINARY_DIR}/misc/misc.wxs ${CMAKE_BINARY_DIR}/misc/dynamic.wxs ) target_link_options(${CMAKE_PROJECT_NAME} PRIVATE -mwindows -MD) install(DIRECTORY ${CMAKE_BINARY_DIR}/platforms ${CMAKE_BINARY_DIR}/sqldrivers ${CMAKE_BINARY_DIR}/styles DESTINATION ${RUNTIME_DEST} ) install(FILES ${CMAKE_BINARY_DIR}/${QT}Core.dll ${CMAKE_BINARY_DIR}/${QT}Gui.dll ${CMAKE_BINARY_DIR}/${QT}Help.dll ${CMAKE_BINARY_DIR}/${QT}Sql.dll ${CMAKE_BINARY_DIR}/${QT}Widgets.dll ${CMAKE_BINARY_DIR}/libgcc_s_seh-1.dll ${CMAKE_BINARY_DIR}/libstdc++-6.dll ${CMAKE_BINARY_DIR}/libwinpthread-1.dll ${SYSTEM32}/vcruntime140.dll ${OPENSSL_ROOT_DIR}/bin/libcrypto-${OPENSSL_LIBRARY_MAJOR}-x64.dll DESTINATION ${RUNTIME_DEST} ) install(CODE "execute_process(COMMAND cmake -E chdir \${CMAKE_INSTALL_PREFIX} tar cvf ${RUNTIME_DEST}.zip --format=zip -- ${RUNTIME_DEST})") set(CMAKE_INSTALL_PREFIX ${CMAKE_BINARY_DIR}) else() if(CMAKE_INSTALL_PREFIX_INITIALIZED_TO_DEFAULT) set(CMAKE_INSTALL_PREFIX /usr/local CACHE PATH "Default installation directory" FORCE) endif() message(STATUS "PREFIX: " ${CMAKE_INSTALL_PREFIX}) set(CPACK_SOURCE_GENERATOR "TGZ") set(CPACK_SOURCE_IGNORE_FILES \\.git/ build/ ".*~$") set(CPACK_VERBATIM_VARIABLES YES) endif() include(CPack) xca-RELEASE.2.5.0/COPYRIGHT000066400000000000000000000032511450407711300146460ustar00rootroot00000000000000 Copyright (C) 2001 - 2023 Christian Hohnstaedt. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. - Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - Neither the name of the author nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. This program links to software with different licenses from: - https://www.openssl.org which includes cryptographic software written by Eric Young (eay@cryptsoft.com)" - https://www.qt.io xca-RELEASE.2.5.0/Dockerfile000066400000000000000000000012461450407711300153470ustar00rootroot00000000000000ARG REGISTRY_PREFIX='' ARG CODENAME=jammy FROM ${REGISTRY_PREFIX}ubuntu:${CODENAME} as builder RUN set -x \ && apt update \ && apt upgrade -y \ && apt install --yes --no-install-recommends \ build-essential libssl-dev pkg-config qtbase5-dev \ qttools5-dev-tools qttools5-dev libqt5sql5 libqt5help5 \ python3-sphinxcontrib.qthelp git cmake ARG PARALLELMFLAGS=-j6 ARG BUILD_DIR=/tmp/build COPY . ${BUILD_DIR} RUN set -x \ && cd ${BUILD_DIR} \ && cmake -B BUILD \ && cmake --build BUILD ${PARALLELMFLAGS} \ && cmake --install BUILD \ && cd \ && rm -rf ${BUILD_DIR} ARG USER_ID=1000 RUN set -x \ && useradd -u "$USER_ID" -ms /bin/bash user ENTRYPOINT ["xca"] xca-RELEASE.2.5.0/INSTALL.docker000066400000000000000000000027001450407711300156500ustar00rootroot00000000000000 This is a short overview of how to build and run XCA using docker. Install docker ============== To install docker, follow the instructions provided at https://docs.docker.com/install/ Build XCA container =================== Use the following command to build XCA container: docker build --rm --build-arg USER_ID=`id -u` --tag xca . This will build a container named "xca" using default configuration. Build options ------------- There are some options to customize build. Use dockers "--build-arg" option to add options. CODENAME : code name of ubuntu version example: --build-arg CODENAME=jammy USER_ID : id of user "user" inside of container example: --build-arg USER_ID=`id -u` PARALLELMFLAGS : make flags for parralel build example: --build-arg PARALLELMFLAGS=-j2 Run XCA ======= Once the container is built, run it using the following command: docker run --rm -it --user `id -u` --network=host \ -e DISPLAY=$DISPLAY -e "QT_X11_NO_MITSHM=1" \ xca Share local directory --------------------- Use docker volumes to share a local directory. This might be useful to store data base files. mkdir -p ./some_local_directory docker run --rm -it --user `id -u` --network=host \ -e DISPLAY=$DISPLAY -e "QT_X11_NO_MITSHM=1" \ -v ./some_local_directory:/backup \ xca This makes ./some_local_directory accessible in the container as /backup. xca-RELEASE.2.5.0/INSTALL.mac000066400000000000000000000033761450407711300151530ustar00rootroot00000000000000# This installation is for building macos 10.13 compatible releases including # database drivers. IOW: For me brew install python3 cmake pkg-config # Compile SQL Drivers if necessary: brew install mariadb-connector-c postgresql unixodbc # Download Qt sources with the same version, currently: # qtbase-everywhere-src-5.15.1 ./configure -recheck -sql-mysql -sql-odbc -sql-psql -opensource -confirm-license -feature-datestring \ MYSQL_LIBDIR=$(pkg-config --variable=prefix libmariadb)/lib/mariadb \ MYSQL_INCDIR=$(pkg-config --variable=prefix libmariadb)/include/mariadb/ \ MYSQL_LIBS="-lmariadb" \ PSQL_PREFIX=$(brew --prefix)/opt/postgresql@14 \ ODBC_PREFIX=$(pkg-config --variable=prefix odbc) make sub-plugins https://github.com/PostgresApp/PostgresApp/releases/download/v2.6.2/Postgres-2.6.2-14.dmg # Compile OpenSSL #! /bin/sh OSSL="openssl-3.0.8" INSTALL="$(pwd)/install" test -d "$OSSL" for arch in x86_64 arm64; do mkdir -p "${OSSL}-${arch}" ( cd "${OSSL}-${arch}" && ../${OSSL}/Configure \ darwin64-${arch}-cc shared \ --prefix="$INSTALL" \ -mmacosx-version-min=10.14 # make -j6 # make install_sw ) PARTS_crypto="$PARTS_crypto ${OSSL}-${arch}/libcrypto.3.dylib" PARTS_ssl="$PARTS_ssl ${OSSL}-${arch}/libssl.3.dylib" done rm -f "$INSTALL"/lib/libcrypto.3.dylib "$INSTALL"/lib/libssl.3.dylib lipo -create -output "$INSTALL"/lib/libcrypto.3.dylib $PARTS_crypto lipo -create -output "$INSTALL"/lib/libssl.3.dylib $PARTS_ssl #Install Qt6 QT_VERSION="6.2.4" pip install aqtinstall aqt install-qt mac desktop $QT_VERSION # Compile XCA cmake -DOPENSSL_ROOT_DIR=$(pwd)/install \ -DCMAKE_PREFIX_PATH=$(pwd)/$QT_VERSION/macos/lib/cmake \ -B build xca cmake --build build -j7 cd build && cpack xca-RELEASE.2.5.0/README.md000066400000000000000000000121001450407711300146230ustar00rootroot00000000000000# XCA -- X Certificate and Key Management [![CMake](https://github.com/chris2511/xca/actions/workflows/cmake.yaml/badge.svg)](https://github.com/chris2511/xca/actions/workflows/cmake.yaml) ## __Release Notes__ * The latest release is *2.5.0* * Drop support for Qt4, old XCA < 2.0.0 databases and OpenSSL < 1.1.0 * Add Support for Qt6 and OpenSSL 3.x * Switch from autotools/qmake to cmake * Fix a lot of bugs (and probably added some new) * Add translations for Indonesian, Persian and Bulgarian * Please report issues on github ## __Changelog:__ A detailled changelog can be found here: ## __Documentation__ This application is documented in the *Help* menu and here: ## __Build from Source__ ### Dependencies To build XCA you need: - a toolchain - cmake: https://cmake.org - Qt5 or Qt6: https://www.qt.io - OpenSSL: https://www.openssl.org (1.1.1 or higher) - Sphinx-Build: https://www.sphinx-doc.org ### Linux / Unix - Install the dependencies ``` # Bookworm sudo apt install build-essential libssl-dev pkg-config qtbase5-dev qttools5-dev-tools libqt5sql5 libqt5help5 cmake qttools5-dev python3-sphinxcontrib.qthelp # Bullseye sudo apt install build-essential libssl-dev pkg-config qtbase5-dev qttools5-dev-tools libqt5sql5 libqt5help5 cmake qttools5-dev python3-sphinx ``` - Clone: `git clone https://github.com/chris2511/xca.git` - Configure: `cmake -B build xca` - Make: `cmake --build build -j5` - Install: `sudo cmake --install build` - Or install local and copy later as root: `DESTDIR=DEST cmake --install build --prefix /usr` ### Apple macos - Install the dependencies ``` xcode-select --install brew install openssl@3 qt6 python3 cmake pip3 install sphinx ``` - Clone: `git clone https://github.com/chris2511/xca.git` - Configure: `cmake -B build xca` - Make: `cmake --build build -j5` - Build the DMG: `cd build && cpack` - Build the PKG: `cd build && cpack -G productbuild` XCA can be used with Xcode after initializing the directory with: `cmake -G Xcode -B .` ### Windows - Install the dependencies - Install Python for windows from the store or https://www.python.org/downloads/windows/ - Install OpenSSL from here: https://slproweb.com/download/Win64OpenSSL-3_0_8.msi and verify the sha256 from https://github.com/slproweb/opensslhashes/blob/master/win32_openssl_hashes.json - To install the Qt libraries, cmake and the MinGW compiler [aqtinstall](https://github.com/miurahr/aqtinstall) is used. Sphinx is used to generate the documentation ``` pip3 install sphinx aqtinstall ``` - Add the PATH shown by pip to your PATH - Install Qt, cmake and the MinGW toolchain ``` aqt install-qt windows desktop 6.6.0 win64_mingw aqt install-tool windows desktop tools_mingw90 qt.tools.win64_mingw900 aqt install-tool windows desktop tools_vcredist qt.tools.vcredist_64 ``` - If 7z is missing, install it from the store. `7-Zip File Manager (unofficial)` or from 7-zip.org - Install the "vcredist\\vcredist_64.exe" - Add cmake, MinGW, OpenSSL and Qt5 to your Path ``` %USERPROFILE%\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.10_qbz5n2kfra8p0\LocalCache\local-packages\Python310\Scripts; %USERPROFILE%\AppData\Local\Microsoft\WindowsApps; %USERPROFILE%\Tools\CMake_64\bin; %USERPROFILE%\Tools\mingw_64\bin; %USERPROFILE%\5.15.2\mingw_64\bin; ``` - Create `CMAKE_PREFIX_PATH` environment variable: ``` %USERPROFILE%\6.6.0\mingw_64\lib\cmake ``` - Install `https://wixtoolset.org/releases/` if you want to create the MSI installer - Clone: `git clone https://github.com/chris2511/xca.git` - Configure: `cmake -B build -G "MinGW Makefiles" xca` - Make: `cmake --build build -j5` - Create the Portable App: `cmake --build build -t install` - Build the MSI installer (and the Portable App): `cd build ; cpack` ## __SQL Remote Database Drivers__ MySQL plugins are not shipped with QT anymore because of license issues. ### Linux - Debian: `libqt6sql6-psql` `libqt6sql6-mysql` or `libqt6sql6-odbc`. - RPM: `libqt6-database-plugin-pgsql` `libqt6-database-plugin-mysql` `libqt6-database-plugin-odbc` They should pull in all necessary dependencies. ### Apple macos - **PostgreSQL**: Install the https://postgresapp.com/ - **ODBC**: It requires the `/usr/local/opt/libiodbc/lib/libiodbc.2.dylib`. When installing unixodbc via `brew` the library must be symlinked from `/opt/homebrew/Cellar/libiodbc/3.52.16/lib/libiodbc.2.dylib` - **MariaDB**: Probably via ODBC ? ### Windows - **PostgreSQL**: https://www.enterprisedb.com/downloads/postgres-postgresql-downloads (Commandline tools). Add the `bin` directory of the Postgres installation directory to your PATH (C:\\Program Files\\PostgreSQL\\16) - **ODBC**: Use the `ODBC Datasources 64bit app` to configure the SQL Server - **MariaDB (MySQL)**: Install the Plugin from here: https://github.com/thecodemonkey86/qt_mysql_driver. Select the MinGW variant and install it as documented. xca-RELEASE.2.5.0/VERSION.txt000066400000000000000000000000061450407711300152340ustar00rootroot000000000000002.5.0 xca-RELEASE.2.5.0/changelog000066400000000000000000000753471450407711300152440ustar00rootroot00000000000000xca 2.5.0 Sun Sep 24 2023 * Close #423: parameter --name is not respected when running with CLI * Close #457: Support Qt5 < 5.12 / python3-sphinxcontrib.qthelp * Close #440: yellow background makes date text hard to read in dark themes * Close #437: loading CRL at startup generates an error * Close #444 cannot update template internal name * Close #442: asan checks failed * Close #446: show more information in Recent Databases * Improve/Fix database loading * Document vCalendar/ics feature #456 * Fix possible segfault caused by wrong free() * Add Bulgarian translation * Close #368: error while creating CRL with CA using EC key (ed25519) * Treat CKA_ID as byte array, not Bignum * Fix #321 - decryptKey shows OpenSSL error * Merge #325 Update entitlement.plist * Close #366: Not Responding after upgrade * Add Persian translation .ts file to XCA. * Close #327: "Dump database" dumps everything to everywhere * Close #317: "Please insert card: ..." message * Add Indonesian translation * Close #283 Nitrokey HSM2 can't create EC keys on 2.4.0 * Switch from autotools/qmake to cmake * Close #278: Miss components to connect remote database * Commandline: Add "--list-items" to print a list of database items * Close #67: possibility to ignore password prompt from CLI * Close #259: Follow the XDG base directory specification * Add support for Qt6 and OpenSSL 3.x * Drop support for Qt4 * Drop support for old XCA < 2.0.0 databases * Drop support for OpenSSL < 1.1.0 xca 2.4.0 Fri May 07 2021 * Unify XCA icon (certificate) on all platforms * Close #247: Apple silicon (M1) configure fixes * Add Microsoft BitLocker extended key usage * Disregard OpenSSL 0.9.8 compatibility * Add bash completion script * Add context sensitive help * Convert documentation from linuxdoc/SGML to sphinxdoc * Close #258: xca aborts on exit and on access to own templates * Close #142: Support Ed25519 Import / Export private SSH2 key * Close #142: Support Ed25519: Key-generation, import, export * Close #251: AuthorityKeyIdentifier: use issuer:always * Change language maintainer of brazilian portuguese * Close #230: Change PKCS12 export extension from .p12 to .pfx * Close #208: XCA hung when importing EC keys. For example prime256v1 * Close #210: Make dialog to edit SAN less strict * Close #224: Store original path/filename on import * Close #213: configure.ac: add description to AC_DEFINE_UNQUOTED * Close #172 #46: Multiple OCSP Responders * Store default database and recently opened file as UTF8 * Close #157 Generate and export CRLs from commandline * Add command line support for creating CRLs, keys and analyzing items xca 2.3.0 Wed Apr 29 2020 * Close #191 OID LN differs warning popups at startup * Close #189 Database compaction #189 * Improve PKCS11 library loading for portable app * Refactor native separators / and \ on windows. * Support TLS encrypted MariaDB and PostgreSQL connection * Close #182: UI not using Windows native theme in 2.2.1 portable * Close #70: cant open ics file in ical on macos mojave * Close #72: Add checkbox for OCSP staple feature * Use DESTDIR instead of destdir when installing. Follows autotools convention. * Close #172 #46: Multiple OCSP Responders * Close #170 xca-portable-2.2.1 cannot change language * Fix certificate assignment when importing a CA certificate * Close #163: Show key type/size on column of Certificates tab xca 2.2.1 Thu Jan 30 2020 * Close #159 Opening existing database xca 2.2.0 Wed Jan 29 2020 * Switch to MSI installer * Close #129 Unattended Installation * Rename HTTPS templates to TLS and support KU/EKU extensions needed by OpenVPN * Close #93 Default output folder / Improve Portable App usability * Improve EC Curve selection for key generation. * Close #21 Support for ODBC (MSSQL) * Close #136 Provide 64bit version of xca * Close #156 secp256k1, secp256r1 and NIST-P256 * Transfer Key Usage and Extended Key Usage critical flags * Improve item loading. Inspired by #153 * Add japanese translation * Close #138: Portable Version does not remember paths * Close #83: Token selection should not insist on name or serial of the token * Close #95: Copy mysql and psql windows dll files into portable app * Close #144: Database export has issues with wildcards in internal names * Close #143: Hotkey for import * Close #140: Certificate renewal with option to preserved serial number * Fix possible XCA crash * Add Dutch translation * Add Chinese translation * Add Italian language * CLose #120: Mark signed a request doesn't work * Close #119: Rename "PostgreSQL 6 and 7" to just "PostgreSQL" * Close #116: Duplicate extensions erroneously shown * Close #114: SAN - IPv6 address input not working * Close #68 Generating large DH params freezes UI * Support concurrent database access. * Close #91: Change order of "PKCS#11 provider" * Extend PEM files by human readable information about the item * Support ecdsa SSH public keys * Close #98 Add comment at import/export RSA keys from/to SSH public key * Close #101: Finish Rename with Enter shows Property Dialog * Close #104: Also show sha256 digests of public keys * Close #82: Renew CA ROOT Cert * Verify imported keys thoroughly xca 2.1.2 Wed Nov 07 2018 * Close #40 macOS: Crash after xca v2.0.1 quit * Close #37: XCA 2: EVP_DecryptFinal_ex:bad decrypt * Close #74: Exiting XCA 2.1.1 corrupts database * Make PKCS11 libs, working dir and main-window size host-dependent * Support for XCA as portable App * Close #69 Library not loaded: @rpath/ contains local directory * Close #60: Fix MacOSX 2.1.1 binary * Add new maintained languages: Polish, Spanish, Portuguese xca 2.1.1 Thu Sep 13 2018 * Allow manual override of the CSR signed flag * Close #56: Duplicate Serials after Upgrade 2.1.0 * Close #57: SAN IP not working in 2.1.0 * Close #55: Calculate "CSR signed" information from legacy database * Close #55: Add Certificate counter column for CSR * Fix slovak translation * Close #50: Hang while importing 1.4.1 database into 2.1.0 xca 2.1.0 Tue Jul 24 2018 * Close #48: The SKI tickbox isn't generating an SKI extension for CSRs * Fix translation of dates * Add private key icon to the key name * Inspired by #42: display dates relative (seconds ago, yesterday, ...) while column ordering is still strict by age. The ToolTip shows date and time. * Related to #39: Dynamically adjust explicit DN entries * Close #39: Subject entries shuffled * Close #36: Support adding CN to X509v3 SAN automatically * Close #35: Configurable size of serial number. * Close #34: Improve Mac OSX installation * Close #27: Configurable certificate expiry warning threshold * Generate calender (.ics) files for certificate and CRL expiries xca 2.0.1 Tue May 08 2018 * Close #32: Version field contains "Created by Qt/QMake" on MacOSX * Review and update russian ltranslation * Close #31: Closing certificate details window toggles tree folding * Close #25: Certificates are no longer coloured * Close #24: Add LibreSSL support. Tested with LibreSSL 2.7.2 * Close #23: Improve limiting to pattern in certificate tree view * Close #20: Unable to chose remote database type (dropdown empty) * Close #19: Replace 3DES encryption by AES-256 during key export xca 2.0.0 Tue Apr 10 2018 * Open database before starting a transaction * Fix default hash during startup * Fix Importing PKCS#12 and PKCS#7 files * Improve automatic setting of the certificate internal name * Don't use remote DB descriptor as local database filename proposal * Usability: Preset remote database input values with previous ones * Add another missing windows postgres library xca 2.0.0-pre04 Thu Mar 22 2018 * Accept drivers that don't support transactions * Install MySQL and PostgreSQL drivers on windows * Closes #10: Warn if certificate without any extension is created * Add table prefix to be prepended to each table for remote SQL DB * Update translations xca 2.0.0-pre03 Thu Mar 15 2018 * Fix installation of sql plugins in the Windows installer * Fix opening, importing and dropping databases xca 2.0.0-pre02 Tue Mar 13 2018 * Fix crash during PKCS#12 export * Update HTTPS_server template and add example SAN * Acceppt empty password for private key decryption * Fix legacy database-without-password import xca 2.0.0-pre01 Sun Mar 11 2018 * Close GitHub Bug #5: Exporting a private key results in too-permissive permissions * Close GitHub Bug #4: Workaround QT bug of editing in QDateTimeEdit * Fix display of dates in the Certificate details (local time displayed a GMT) * The internal name is not neccessarily unique anymore and can be edited in the details dialog as well as the comment. * CSR signing is now statically stored in the database and the comment of the issued certificate. * Private keys in the database are PKCS#8 encrypted and can be exported and decrypted without XCA. * No more incrementing serials. Only unique random serial numbers. * "xca_db_stat" application removed. Use the SQLite3 browser "sqlitebrowser". * "xca extract" functionality removed. SQL views may be used instead. * Each item may be commented. XCA itself comments important events in the item. * Each item knows its time and origin of appearance. * Change database format to SQL(ite) and support MySQL and PostgreSQL. xca 1.4.1 Sat Mar 3 2018 * Replace links to XCA on Sourceforge in the software and documentation by links to my Site. xca 1.4.1-pre02 Thu Mar 1 2018 * SF Bug #122 isValid() tried to convert the serial to 64 bit * Beautify mandatory distinguished name entry errors * Support dragging certificates and other items as PEM text * Show User settings and installation path in the about dialog xca 1.4.1-pre01 Sun Feb 18 2018 * Remove SPKAC support. Netscape is not of this world anymore. * SF bug #124 Wrong assumptions about slots returned by PKCS11 library * Cleanup and improve the OID text files, remove senseless aia.txt * Update HTML documentation * Refine and document Entropy gathering * Indicate development and release version by git commit hash * Fix dumping private keys during "Dump database" * Fix Null pointer exception when importing PKCS#12 with OpenSSL 1.1.0 * SF Bug #110 Exported private key from 4096 bit SSH key is wrong * SF Bug #109 Revoked.png isn't a valid image * SF Bug #121 CA serial number is ignored in hierarchical view * Improve speed of Bulk import. * Fix starting xca with a database as first arg xca 1.4.0 Thu Jan 4 2018 * Update OpenSSL version for MacOSX and W32 to 1.1.0g * Change default hash to SHA-256 and add a warning if the default hash algorithm is SHA1 or less * Switch to Qt5 for Windows build and installation * Do not apply the default template when creating a similar cert * Close SF #120 Crash when importing CA certificate * Close SF #116 db_x509.cpp:521: Mismatching allocation and deallocation * Add support for OpenSSL 1.1 (by Patrick Monnerat) * Support generating an OpenSSL "index.txt" (by Adam Dawidowski) * Thales nCipher key generation changes for EC and DSA keys * Add Slovak translation xca 1.3.2 Sat Oct 10 2015 * Gentoo Bug #562288 linking fails * Add OID resolver, move some Menu items to "Extra" * SF. Bug. #81 Make xca qt5 compatible * SF. Bug. #107 error:0D0680A8:asn1 encoding * Don't validate notBefore and notAfter if they are disabled. xca 1.3.1 Fri Aug 21 2015 * Fix endless loop while searching for a signer of a CRL xca 1.3.0 Thu Aug 11 2015 * Update to OpenSSL 1.0.2d for Windows and MAC * SF Bug #105 1.2.0 OS X Retina Display Support * Digitaly sign Windows and MAC binaries with a valid certificate * Refactor the context menu. Exporting many selected items to the clipboard or a PEM file now works. Certificate renewal and revocation may now be performed on a batch of certificates. * Feat. Reg. #83 Option to revoke old certificate when renewing * Refactor revocation handling. All revocation information is stored with the CA and may be modified. Revoked certificates may now be deleted from the database * Support nameConstraints, policyMappings, InhibitAnyPolicy, PolicyConstraint and (OSCP)noCheck when transforming certificates to templates or OpenSSL configs * Fix SF Bug #104 Export to template introduces spaces * Add option for disabling legacy Netscape extensions * Support exporting SSH2 public key to the clipboard * SF Bug #102 Weak entropy source used for key generation: Use /dev/random, mouse/kbd entropy, token RNG * SF Feat. Req. #80 Create new certificate, based on existing certificate, same for requests * Add Cert/Req Column for Signature Algorithm * SF Feat. Req. #81 Show key size in New Certificate dialog * Distinguish export from transform: - Export writes to an external file, - Transform generates another XCA item xca 1.2.0 Sat Mar 21 2015 * Update to OpenSSL 1.0.2a for Windows and MAC drop brainpool extra builds * Use CTRL +/- to change the font size in the view * Add Row numbering for easy item counting * Support SSH2 public key format for import and export * Add support for SHA-224 * add "xca extract" to export items from the database on the commandline xca 1.1.0 Sat Nov 22 2014 * SF Bug #79 Template export from WinXP cannot be imported in Linux and Mac OS X * Support for Brainpool windows and MacOSX binaries * SF Feat. Req. #70 ability to search certificates * SF Feat. Req. #75 show SHA-256 digest * RedHat Bug #1164340 - segfault when viewing a RHEL entitlement certificate * Database hardening - Delete invalid items (on demand) - Be more tolerant against database errors - Gracefully handle and repair corrupt databases - Add "xca_db_stat(.exe)" binary to all installations * Translation updates * Optionally allow hash algos not supported by the token * Select whether to translate established x509 terms * Finish Token EC and DSA support - generate, import, export, sign * SF Feat. Req. #57 More options for Distinguished Name * Switch to autoconf for the configure script * SF Feature Req. #76 Export private keys to clipboard * EC Keys: show Curve name in table * Support EC key generation on PKCS#11 token * PKCS#11: Make EC and RSA signatures work * PKCS#11: Fix reading EC keys from card * SF Bug #82 Certificate Creation out of Spec * SF Bug #95 XCA 1.0 only runs in French on a UK English Mac xca 1.0.0 Wed Oct 22 2014 * SF Bug #89 Validating CRL distribution point results in error * SF Feature Req. #69 Create "Recent databases..." file menu item * SF Bug #75 authorityInfoAccess set error * SF Bug #88 Minor spelling error * SF Bug #87 Unable to set default key length The Key generation dialog now allows to remember the current settings * Do not interpret HTML tags in message boxes * Overwite extensions from the PKCS#10 request by local extensions This avoids duplication errors and allows to overwrite some extensions from the request * SF Bug #78 replace path separators in export filenames * SF Feature Req. #71 Add KDC Authentication OIDs to default files * SF Bug #82 Certificate Creation out of Spec * Add Croatian translation * SF Bug #83 Inappropriate gcc argument order in configure script xca 0.9.3 Sat May 12 2012 * Fix double free in a1time resulting in random crashes xca 0.9.2 Sun May 6 2012 * Support for Local timezone dates. Differentiate between invalid and undefined dates. * Fix Bug #3461403 Error when create certificate with CRL distribution point User error -> Improve user-friendlyness * Fix Bug #3485139 Exception when creating certificates in passwordless db * Avoid very long names resulting in duplicate names in the database. * Add warning colors for expired dates. xca 0.9.1 Fri Oct 21 2011 * Close bug [ 3372449 ] All numeric names cannot be used * add search functionality for PKCS#11 libraries * fix ASN.1 encoding of PKCS#10 request * Close bug [ 3318203 ] Build failure with GNU gold linker * Add x509v3 extensions to the list of selectable columns * Close bug [ 3314262 ] Incorrect "Path length" template parameter handling * Close bug [ 3314263 ] Unrevoking a certificate does not make it "Trusted" * Feature Request [3286442] Make success/import messges optional * improve Password entry * Improve SPKAC import * add french translation by Patrick Monnerat * Export requests or certificates as openssl config file * Support building with EC disabled * Close bug [3091576] Private key export is always PKCS#8 encoded * Feature Request [3058196] Autoload database * Feature Request [3058195] Export directly to the clipboard * Close bug [3062711] Additional OIDs * Close bug [3062708] Invalid user configuration file path name * Fix PKCS#11 library handling xca 0.9.0 Sun Aug 29 2010 * support loading more than one PKCS#11 library * remove the need for engine_pkcs11 now more than one PKCS#11 library can be loaded and used in parallel * Add de/selection of columns and add a lot of new possible columns All Subject entries, the subject hash and whole name, Certificate fingerprints, dates, CA info, CRL number, corresponding key of certs and requests * Improve CRL generation [3035294] CRLNumber, CRLReason * improve creating templates from cert - enhance parsing of CRL-DP, SAN, IAN and AuthInfoAcc - add support for CertificatePolicies - unknown extension are written as generic DER * improve date handling. "notBefore" is not reset to now anymore when applying a time range * Support dropping files onto the application * russian translation by Pavel Belly * support loading DER formatted PKCS#8 keys * ease commandline use * add DH param generation menu entry * improve token handling and PIN changing dialogs * improve key-value table input for "additional DN entries" * PIN and PUK changing implemented * apply partial template-contents - applying the subject only or the extensions only is possible now * add informational messageboxes - whenever an item was successfully created or imported * add support for random serial numbers * improve messages, usability and german translation * improve token support - token initializing - creating keys on a token - store existing keys on a token - delete keys and certs from a token xca 0.8.1 Tue Jan 5 2010 * fix string conversion from QString to ASN1 xca 0.8.0 Thu Dec 10 2009 * improve documentation * improve file-dialog handling * Generate Template from certificate or PKCS#10 request -> Feature request [2213094] and [1108304] * add hash algos "ripemd160" and "SHA384" * add the "no well-defined date" from RFC 5280 as checkbox * Feature request [1996192] Include "OCSPSigning" in misc/eku.txt * Support for EC keys * Update Step-by-step documentation Thanks Devin Reade * Support for Smart Cards * set proper file-extension .xdb on opening databases xca 0.7.0 Fri Sep 11 2009 * support modifying the CSR subject during signing * update key images * fix date settings in Certificate renewal dialog * fix certificate request verification * check for duplicate x509 v3 extensions Bug [ 1881482 ] and [ 1998815 ] * make sha1 the default hash to avoid problems with other software Bug [ 1751397 ] * add validation button to see all extensions before creating the cert * change the hashing for the default password. this makes it incompatible to older versions * Major changes for MAC OS X * extend template format for nconf settings * add nconf input field for arbitrary OpenSSL extensions and a "validate" button to check the settings before applying * fix xca.desktop Bug [ 1837956 ] * fix item-export error handling * add PEM paste import feature * extend PEM import to import all items from a PEM file xca 0.6.4 Mon Aug 13 2007 * Bug "tree view loose track" fixed * check for certificate errors and display them instead of crashing * move used-keys-button form options to NewX509 dialog * Set string options in options dialog * remove extension and attribute tab in details dialog if no extensions or attributes available * documentation updated * X509 request attributes (like challange password) can be set and viewed. xca 0.6.3 Thu May 17 2007 * show CRL signature algorithm information * Add options dialog to set the default hash algo, mandatory distinguished name entries and allow duplicate key use as requested by some users * make cert, crl and key details copy&paste able * fix background color of clicklabels Bug [ 1704699 ] * remove missleading tooltips Bug [ 1704700 ] * fix segfault * switch string handling to UTF8 xca 0.6.2 Mon Apr 9 2007 * break endless loop in chain building Bug [ 1696878 ] xca 0.6.1 Thu Apr 5 2007 * minor documentation updates * Fix openssl-cross patch * recognize certificates with circular references [ xca-Bugs-1693027 ] * be compatibile to QT-4.1 (thanks Tamas TEVESZ) * remove all usages of QT3 backward lib [ xca-Feature Requests-1692800 ] xca 0.6.0 Fri Mar 16 2007 * set initial sorting to ascending order * add RFC2253 representation of subject and issuer to copy & paste * fix dialog sizes for long DNs * move hash algo into signer box [ 1656260 ] * make QA serial a compile time option * fix date generation and warn if generalized time is used * autodetect and load any type of PEM files * fix version number in exported .xca template * fix import of older XCA templates * add support for predefined templates as there was in 0.5.1 * fix cmdline import of crypto items * add undelete feature for deleted items * fix database shrinking of curent db during opening of new db xca 0.6.0-beta02 Fri Feb 2 2007 * correct and fixate the order of x509name entries * Add CRL properties dialog to select the dates and the signing algo * Add SHA256 and SHA512 * Certificate export for apache and OpenSSH+X509 * Default templates for client, server, CA removed * template duplication added * sort serial numbers numerically and not lexicographically Bug [1166075] * add build support for cygwin and mingw-cross * delete rpm/ and debian/ subdirs * Port to QT4 and openssl 0.9.8 remove the need of Berkeley DB importing of old database dump possible * finish support for Mac OS X * add X509 V3 extensions to PKCS#10 requests * add "validation" function for editable extensions below * add "edit" buttons for subject/issuer alt. name, crl dist. point and cert. auth. info access * add DB-dump function into subdirs * Support for DSA keys * Fix error in template changing * change storage-format of keys: store the public unencrypted and the private additionally encrypted. * Allow different passwords for keys xca 0.5.1 Tue Jul 13 2004 * support for different languages on WIN platform (Thanks Ilya) * better installation and deinstallation on WIN platform * documentation updated xca 0.5.0 Sun Jun 13 2004 * orthographical changes * more translations * segfault in CRL import removed * manpage and documentation updated * store "midnight" in template xca 0.4.7-RC2 Fri Apr 16 2004 * open db if explicit mentioned, otherwise do not. * Errormessage on a wrong pkcs12 password more comprehensive * postinst and postrm do update-menu * search more intensive for the CRL signer * add /etc/xca/nid.txt to OID search path * debian build enhanced, lintian satisfied, manpage added. * AuthorityInfoAccess enhanced "aia.txt" as oid list added * allow empty passwords on PKCS#12 import xca 0.4.7-RC1 Thu Feb 5 2004 * debian menu-entry added * Open and closing of different databases * Menu added * German translation * CRLs will revoke existing certs * memory leaks removed * support for other compiled in basedir on unix * Authority info access added Certificate policies still pending :-( * additional (private) oids can be registered in oids.txt * OIDs for extended key usage and Distinguished name are now read from eku.txt and dn.txt respectively. * About dialog and help window added. * Requestdetail is now tabdialog xca 0.4.6 Tue Nov 25 2003 * Country is State or Province * xca.dsp: WIN32 changes from Ilya * New configure added, Makefile.in's purged and one configuration: "Local.mak" for flags and compilers. supports parallel builds (make -j) * SmartCard Logon OID added * Fixed bugs: * [ 846052 ] Tab order in Certificate Netscape extensions is wrong * [ 845800 ] CRL Generation problem for Netscape * [ 836967 ] Unable to specify alternate database * [ 843725 ] xca dies when opened with a pem key as argument * [ 789374 ] Bad encoding in misc/xca.desktop * by Wolfgang Glas : - Support for UTF8 in x509name - Netscape SPKAC support added xca 0.4.5 Wed Aug 13 2003 * more german translations * [ 737036 ] make error texts copiable from pop-up-windows to clipboard by adding a button doing this * [ 767603 ] Key sizes Implemented by making the Key-size ComboBox editable to enter arbitrary key sizes. * [ 765774 ] change password for database xca 0.4.4 Wed Aug 6 2003 * [ 783853 ] renewal uses 'notBefore' as 'notAfter' date * [ 783830 ] GeneralizedTime-format breaks browsers xca 0.4.3 Tue Aug 5 2003 * remove Certificate creation bug (AuthKeyId) * always take the right cert for signing * critical flag in key usage and extended key usage works now * Import of Multiple items is done and works [ 739726 ] extend description of -p option [ 775529 ] Import of PKCS#7 item not shown * made the details dialogs internal name read only * some segmentation faults removed * VPN OIDs added to Ext. Keyusage xca 0.4.2 Sun Jul 20 2003 * Memory leak removed * Template import and export added * fix bug [ 773056 ] Duplicate 'All files (*.*)' selection on import menus * import of PKCS#12 keys repaired * crl icon added to W32 installation * /usr/local/include removed from CPP flags * Buttons "Export Cert" and "Change Template" reconnected. * Authority Key identifier repaired xca 0.4.1 Tue Jul 15 2003 * some compiling issues removed * Import via commandline repaired, * signing of requests without key fixed * Changes for WIN32 version from Ilya added * solved bug: [ 770120 ] Attempting to export private key results in no file exported * implemented feature request: [ 755599 ] add PFX import button to Keytab xca 0.4.0 Tue Jul 8 2003 * Solved bugs: * [ 752111 ] Cannot handle dates past 32-bit boundary (2038) * [ 744227 ] Bug in handling of 3rd. party CRLs * The following Feature requests were implemented: * [ 743152 ] Attributes in subject name * [ 755853 ] select the hash algorithm for signing. * The code was completely rewritten to remove many unpretty codefragements and get a more stable codebase * The names of certs and keys in the detailsview of Certs, CRLs and Requests are clickable. * xca desktopfile added and will be installed in applications, key.xpm will be installed as xca.xpm in pixmaps ([ 763954 ] xca.desktop file) Thanks to Enrico Scholz xca 0.3.2 Thu May 15 2003 * Optimizations, icon for WIN32 platform * MS Registry and %USERPROFILE% support * Support for PKCS#7 certs (im/export) * small UI changes xca 0.3.1 Thu Apr 24 2003 * Tool Tips added * CRL handling (import, export, details) added xca 0.3.0 Fri Apr 25 2003 * several bugfixes and memoryleaks removed * export to TinyCA and "openssl ca" added * switch between tree/plain view in certificate list * notAfter dates in certificate view can be sorted reasonably * libdb-4.1.24 and higher is supported * The certificate details dialog was redesigned to be a smaller tab-dialog * Mainwindow dialog shrinked * Item viewing and import via the commandline is possible * documentation littlebit updated * changes in configure * The wizard invokes the key generation process only if really needed xca 0.2.12 Mon Jan 6 2003 * PKCS#7 encryption and signing of files added * First attempt of documentation added * Several export targets added * Certificate renewal repaired xca 0.2.11 Wed Dec 4 2002 * Certificate export enhanced, increase signer-serial on certimport. * interpretation of serial as hex and not as dezimal. * configure continues even if qt lib is absent. * $HOME/xca is created if it does not exist. xca 0.2.10 Tue Oct 29 2002 * shows not After time and serial in listview * some segfaults removed * Certificate renewal implemented * extension-bug removed * request-kontextmenu contains signing * create request from certificate * FreeBSD paths and libs recognized by configure xca 0.2.9 Mon Oct 21 2002 * several segfaults eliminated * key-use counter corrected * initial truststate fixed * remembers Im/Export directories * import of mutiple certs/keys/requests/pkcs12 * database transactions activated * exception-handling completed xca 0.2.8 Sun Oct 13 2002 * consistency checks for Iss-alt-name and Sub-alt-name * Check for certificate dates to not exceed those of the signer * defines for libdb >4.1.x * default templates added * package-builder do build without printf-debugging * key-use counter works now well xca 0.2.7 Tue Oct 8 2002 * segfaults removed * minor wizard changes xca 0.2.6 Mon Sep 30 2002 * show common name in request list and certificate list * CRL generation added * Key-export fixed * signing-template, CRL date and CRL time interval adjustable * Fix for windows filenames xca 0.2.5 Tue Sep 24 2002 * Certificate and Template Wizard completed * CA-serial can be changed and is stored with the cert * Passwordboxes set focus right (Andrey Brindeew ) * configure enhanced with error and success messages * x509 v3 extensions completed inc. Netscape extensions * Templates implemented * Files for MS Visual C++ added (yes, it compiles on MS Windows) * Windows Installer added (Nullsoft) xca 0.2.4 Tue Sep 10 2002 * PKCS#12 import added * bugfixes fileview, requestgeneration xca 0.2.3 Wed Sep 4 2002 * icons changed * context menu on right mousebutton * trust state settings added * dialogboxes are resizeable * extended keyusage added to v3 extensions when creating new cert * all dialogs translated to english * no more images in .ui files xca 0.2.2 Thu Jul 18 2002 * basic constraints, key usage and subject/authority key identifier * signing wizard... * Signatures can be done with requests and from scratch * Certificate for signing can be self or foreign, * password is saved as md5sum xca 0.1.12 Thu Jul 11 2002 * icons added * treeview for Certificates * private keys are triple DES encrypted in db * program asks for initial password on startup * some segfaulting bugs removed xca 0.1.11 Wed Jul 3 2002 * RSA Keys are generated and stored to or loaded from a file in either DER or PEM format. * They get stored in a local Berkeley DB. * Changing their description and viewing their contents, as well as deleting them from local DB is possible. xca-RELEASE.2.5.0/cmake/000077500000000000000000000000001450407711300144325ustar00rootroot00000000000000xca-RELEASE.2.5.0/cmake/database_schema.cmake000066400000000000000000000007501450407711300205220ustar00rootroot00000000000000 if (SRC AND DST) file(READ ${SRC} DB_SCHEMA) string(REPLACE "<<" "" DB_SCHEMA "${DB_SCHEMA}") string(REPLACE "\\\"" "'" DB_SCHEMA "${DB_SCHEMA}") string(REPLACE "//" "--" DB_SCHEMA "${DB_SCHEMA}") string(REPLACE "\"" " " DB_SCHEMA "${DB_SCHEMA}") string(REGEX REPLACE "^[ \t\r\n]+schemas\\[(.*)\\].*" " -- Schema Version \\1" DB_SCHEMA "${DB_SCHEMA}") file(WRITE ${DST} "${DB_SCHEMA}") else() message(FATAL_ERROR "Mandatory FILE or SRC variable not defined") endif() xca-RELEASE.2.5.0/cmake/git_version.cmake000066400000000000000000000036041450407711300177670ustar00rootroot00000000000000find_package(Git) string(REPLACE "." ";" VERSION_LIST ${PROJECT_VERSION}) list(GET VERSION_LIST 0 PROJECT_VERSION_MAJOR) list(GET VERSION_LIST 1 PROJECT_VERSION_MINOR) list(GET VERSION_LIST 2 PROJECT_VERSION_PATCH) if(Git_FOUND AND EXISTS "${PROJECT_SOURCE_DIR}/.git") message(STATUS "Git found: ${GIT_EXECUTABLE}") execute_process(COMMAND git rev-parse HEAD WORKING_DIRECTORY "${PROJECT_SOURCE_DIR}" OUTPUT_VARIABLE GIT_REV OUTPUT_STRIP_TRAILING_WHITESPACE ERROR_QUIET ) execute_process(COMMAND git diff-index --quiet HEAD -- WORKING_DIRECTORY "${PROJECT_SOURCE_DIR}" OUTPUT_QUIET ERROR_QUIET RESULT_VARIABLE GIT_LOCAL_CHANGES OUTPUT_STRIP_TRAILING_WHITESPACE ) execute_process(COMMAND git rev-list --count RELEASE.${PROJECT_VERSION}..HEAD WORKING_DIRECTORY "${PROJECT_SOURCE_DIR}" OUTPUT_VARIABLE GIT_COMMIT_COUNTER RESULT_VARIABLE GIT_COMMIT_COUNTER_RESULT OUTPUT_STRIP_TRAILING_WHITESPACE ERROR_QUIET ) if(NOT GIT_COMMIT_COUNTER_RESULT) math(EXPR PROJECT_VERSION_PATCH "${PROJECT_VERSION_PATCH} + ${GIT_COMMIT_COUNTER}") set(PROJECT_VERSION "${PROJECT_VERSION_MAJOR}.${PROJECT_VERSION_MINOR}.${PROJECT_VERSION_PATCH}") message(STATUS "Commit counter: ${GIT_COMMIT_COUNTER} - ${GIT_REV} - ${PROJECT_VERSION}") endif() set(RELEASE_TAG "RELEASE.${PROJECT_VERSION}" CACHE STRING "Release TAG for the release") if (DEFINED ENV{RELEASE_TAG}) set(RELEASE_TAG "$ENV{RELEASE_TAG}") endif() set(RELEASE_NAME "${PROJECT_NAME}-${PROJECT_VERSION}") add_custom_command( OUTPUT "${RELEASE_NAME}.tar.gz" WORKING_DIRECTORY "${PROJECT_SOURCE_DIR}" COMMAND git archive --format=tar.gz --prefix=${RELEASE_NAME}/ ${RELEASE_TAG} > ${CMAKE_BINARY_DIR}/${RELEASE_NAME}.tar.gz COMMENT "Create ${RELEASE_NAME}.tar.gz from tag ${RELEASE_TAG}" ) add_custom_target(release DEPENDS ${RELEASE_NAME}.tar.gz) endif() message(STATUS "XCA Version: ${PROJECT_VERSION}") xca-RELEASE.2.5.0/cmake/text_header_file.cmake000066400000000000000000000010561450407711300207310ustar00rootroot00000000000000 if (FILE AND SRC AND DST) if (APPLE) set(DIR_HINT "HOME/Library/Application Support/data/xca/${FILE}.txt") elseif (WIN32) set(DIR_HINT "PROFILE\\Application Data\\xca\\${FILE}.txt") else() set(DIR_HINT "/usr/local/share/xca/${FILE}.txt or HOME/.local/share/xca/${FILE}.txt") endif() file(READ "${SRC}/preamble.txt" PREAMBLE) file(READ "${SRC}/${FILE}.text" CONT) file(WRITE "${DST}/${FILE}.txt" ${PREAMBLE} "\n# " ${DIR_HINT} "\n" ${CONT}) else() message(FATAL_ERROR "Mandatory FILE or SRC variable not defined") endif() xca-RELEASE.2.5.0/doc/000077500000000000000000000000001450407711300141175ustar00rootroot00000000000000xca-RELEASE.2.5.0/doc/.gitignore000066400000000000000000000001041450407711300161020ustar00rootroot00000000000000*.html xca.1 xca.1.gz xca_db_stat.1 xca_db_stat.1.gz sphinx conf.py xca-RELEASE.2.5.0/doc/CMakeLists.txt000066400000000000000000000126471450407711300166710ustar00rootroot00000000000000 set(S "${PROJECT_SOURCE_DIR}/doc") set(D "${PROJECT_BINARY_DIR}/doc") file(MAKE_DIRECTORY "${D}") find_program(SPHINX sphinx-build) find_package(Qt6 QUIET OPTIONAL_COMPONENTS ToolsTools) set(FILENAMES index commandline requests object-ids common-actions database options certificates revocationlist changelog introduction privatekey step-by-step certificate-input template smartcard miscellaneous ) foreach(file ${FILENAMES}) list(APPEND RST_SOURCE "${S}/rst/${file}.rst") list(APPEND RST_DEST "${D}/rst/${file}.rst") list(APPEND HTML_DEST "${D}/html/${file}.html") list(APPEND HTML_FILE "${file}.html") list(APPEND QTHELP_DEST "${D}/qthelp/${file}.html") endforeach() foreach(doc ${HTML_FILE} xca.qhc xca.qch) string(REPLACE "-" "" id ${doc}) guid(${doc}) list(APPEND DOC_COMPREFS " \n") list(APPEND DOC_COMPS " \n") endforeach() string(APPEND WIX_DOC_CONTENT "\n" ${DOC_COMPS} "\n" "\n" ${DOC_COMPREFS} "" ) WixFile(${D}/documentation.wxs ${WIX_DOC_CONTENT}) if(SPHINX) configure_file(${S}/conf.py.in ${D}/rst/conf.py) add_custom_command( OUTPUT ${HTML_DEST} COMMAND ${SPHINX} -q -b html ${D}/rst ${D}/html DEPENDS ${D}/rst/conf.py sphinx-src COMMENT "Create HTML documentation" ) add_custom_target(sphinx-html DEPENDS ${HTML_DEST}) add_custom_command( OUTPUT ${D}/qthelp/xca.qhcp ${D}/qthelp/xca.qhp ${QTHELP_DEST} COMMAND ${SPHINX} -q -b qthelp ${D}/rst ${D}/qthelp DEPENDS ${D}/rst/conf.py sphinx-src COMMENT "Create context sensitive help" ) add_custom_target(sphinx-qthelp DEPENDS ${D}/qthelp/xca.qhcp ${D}/qthelp/xca.qhp ${QTHELP_DEST} ) add_custom_command( OUTPUT ${D}/rst/database_schema.sql COMMAND ${CMAKE_COMMAND} -E make_directory ${D}/rst/_static COMMAND ${CMAKE_COMMAND} -D SRC=${PROJECT_SOURCE_DIR}/lib/database_schema.cpp -D DST=${D}/rst/database_schema.sql -P ${PROJECT_SOURCE_DIR}/cmake/database_schema.cmake DEPENDS ${PROJECT_SOURCE_DIR}/lib/database_schema.cpp COMMENT "Generating database schema SQL documentation" ) add_custom_command( OUTPUT ${D}/rst.stamp COMMAND ${CMAKE_COMMAND} -E make_directory ${D}/rst/_static COMMAND ${CMAKE_COMMAND} -E copy_if_different ${PROJECT_SOURCE_DIR}/img/bigcert.png ${D}/rst/_static COMMAND ${CMAKE_COMMAND} -E copy_if_different ${PROJECT_SOURCE_DIR}/COPYRIGHT ${PROJECT_SOURCE_DIR}/changelog ${RST_SOURCE} ${D}/rst DEPENDS ${PROJECT_SOURCE_DIR}/COPYRIGHT ${PROJECT_SOURCE_DIR}/changelog ${RST_SOURCE} COMMENT "Prepare Sphinx source directory" ) add_custom_command( OUTPUT ${D}/rst/arguments.rst COMMAND xcadoc rst ${D}/rst/arguments.rst COMMENT "Generate 'rst' commandline documentation" ) add_dependencies(${CMAKE_PROJECT_NAME} sphinx-html) target_sources(${CMAKE_PROJECT_NAME} PRIVATE ${HTML_DEST}) add_custom_target(sphinx-src DEPENDS ${D}/rst.stamp ${D}/rst/database_schema.sql ${D}/rst/arguments.rst ) if (UNIX) if (APPLE) execute_process(COMMAND ln -fs .doc/html/index.html ${D}/manual.html) install(FILES ${D}/manual.html DESTINATION .) set(HTML_INSTALL_DEST .doc/html) install(DIRECTORY ${D}/html DESTINATION .doc PATTERN ".*" EXCLUDE) else() install(DIRECTORY ${D}/html/ DESTINATION ${CMAKE_INSTALL_DOCDIR} PATTERN ".*" EXCLUDE ) endif() endif() if (QT_VERSION VERSION_LESS 5.12.0) if (TARGET ${QT}::qcollectiongenerator) set(QHELPGEN $) endif() else() if(TARGET ${QT}::qhelpgenerator) set(QHELPGEN $) endif() endif() if(QHELPGEN) set(QTHELP_IDX ${D}/qthelp/xca.qhc ${D}/qthelp/xca.qch) add_custom_command( OUTPUT ${QTHELP_IDX} COMMAND ${QHELPGEN} ${D}/qthelp/xca.qhcp DEPENDS sphinx-qthelp COMMENT "Create context sensitive help index" ) add_custom_target(sphinx-qtcollgen DEPENDS ${QTHELP_IDX}) target_sources(${CMAKE_PROJECT_NAME} PRIVATE ${QTHELP_DEST} ${QTHELP_IDX}) add_dependencies(${CMAKE_PROJECT_NAME} sphinx-qtcollgen) list(APPEND APP_RESOURCES ${QTHELP_DEST} ${QTHELP_IDX}) if (UNIX AND NOT APPLE) install(FILES ${QTHELP_DEST} ${QTHELP_IDX} DESTINATION ${CMAKE_INSTALL_DATADIR}/${CMAKE_PROJECT_NAME}/html ) elseif (WIN32) install(FILES ${QTHELP_DEST} ${QTHELP_IDX} DESTINATION ${RUNTIME_DEST}/html ) endif() else() message(WARNING "Application 'qhelpgenerator' not found. In-app documentation disabed.") endif() else(SPHINX) message(WARNING "sphinx-build binary not found. Documentation generation disabled") endif(SPHINX) if (NOT WIN32) add_custom_command( OUTPUT "${D}/xca.1.gz" COMMAND cat "${S}/xca.1.head" "${D}/xca.1.options" "${S}/xca.1.tail" | gzip -n9 > "${D}/xca.1.gz" DEPENDS "${S}/xca.1.head" "${S}/xca.1.tail" "${D}/xca.1.options" COMMENT "Compiling man page" ) add_custom_command( OUTPUT "${D}/xca.1.options" COMMAND xcadoc man "${D}/xca.1.options" COMMENT "Generate 'man' commandline documentation" ) add_custom_target(manpage ALL DEPENDS ${D}/xca.1.gz) if (NOT APPLE) install(FILES "${D}/xca.1.gz" DESTINATION ${CMAKE_INSTALL_MANDIR}/man1 ) endif() add_dependencies(${CMAKE_PROJECT_NAME} manpage) endif() xca-RELEASE.2.5.0/doc/conf.py.in000066400000000000000000000041051450407711300160230ustar00rootroot00000000000000# Configuration file for the Sphinx documentation builder. # # This file only contains a selection of the most common options. For a full # list see the documentation: # https://www.sphinx-doc.org/en/master/usage/configuration.html # -- Path setup -------------------------------------------------------------- # If extensions (or modules to document with autodoc) are in another directory, # add these directories to sys.path here. If the directory is relative to the # documentation root, use os.path.abspath to make it absolute, like shown here. # # import os # import sys # sys.path.insert(0, os.path.abspath('.')) # -- Project information ----------------------------------------------------- project = '@PROJECT_NAME@' copyright = '2023, Christian Hohnstädt' author = 'Christian Hohnstädt' master_doc = 'index' # The full version, including alpha/beta/rc tags release = '@PROJECT_VERSION@' # -- General configuration --------------------------------------------------- # Add any Sphinx extension module names here, as strings. They can be # extensions coming with Sphinx (named 'sphinx.ext.*') or your custom # ones. extensions = [ ] # Add any paths that contain templates here, relative to this directory. templates_path = ['_templates'] # List of patterns, relative to source directory, that match files and # directories to ignore when looking for source files. # This pattern also affects html_static_path and html_extra_path. exclude_patterns = ['_build', 'Thumbs.db', '.DS_Store'] # -- Options for HTML output ------------------------------------------------- # The theme to use for HTML and HTML Help pages. See the documentation for # a list of builtin themes. # html_theme = 'alabaster' html_theme_options = { 'logo': 'bigcert.png', 'logo_name': 'true', 'fixed_sidebar': 'pinned', 'page_width': '1150px', } # Add any paths that contain custom static files (such as style sheets) here, # relative to this directory. They are copied after the builtin static files, # so a file named "default.css" will overwrite the builtin "default.css". html_static_path = ['_static'] xca-RELEASE.2.5.0/doc/rst/000077500000000000000000000000001450407711300147275ustar00rootroot00000000000000xca-RELEASE.2.5.0/doc/rst/certificate-input.rst000066400000000000000000000150641450407711300211060ustar00rootroot00000000000000 .. index:: wizard (wizard) .. _wizard: Certificate Input Dialog ======================== This input dialog is the central part for collecting all data regarding certificates, requests and templates. It will be invoked whenever such an item is going to be created or, in case of a template, is altered. .. index:: wizard_src (wizard_src) Source ------ This page is not shown when creating or changing templates. Signing Request ............... If it is desired to either enroll a certificate from a PKCS#10 request by a local CA, or to create a certificate from a request by self-signing it, the request can be selected here. In the later case the private key of the request must be available. Signing ....... Either self-signing or the CA certificate for signing may be selected here. Additionally, the desired signing algorithm can be adjusted. The drop-down list contains all :ref:`ca_cert` with an available private key. Signature Algorithm ................... Usually SHA256 or higher should be used, but since older windows versions including XP can not handle them, you may opt to use SHA1. The default signing algorithm may be selected by the *Options* menu. Templates ......... The fields of the certificate can be preset by the values of a template by selecting it and clicking *Apply all*. Templates can be mixed by applying the subject of one template and then applying the extensions of an other by using the buttons *Apply subject* and *Apply extensions* .. index:: wizard_subject (wizard_subject) Personal Settings ----------------- Subject ....... On this Page all personal data like country, name and email address can be filled in. The *Country code* field must either be empty or exactly contain two letters representing your country code; e.g. *DE* for Germany. If you want to create an SSL-server certificate the *Common name* must contain the DNS name of the server. The subject-alternative-name extension must be used to define additional DNS names, even wildcards. In this case the CommonName must be repeated here, because TLS clients disregard the CommonName in case the subject-alternative-name extension exists. If the *internal name* is empty, the common name will be used as internal name. It will also be used as default internal name, if a new key is created here. Other rarely used *name-entries* can be selected in the dialog below. By using this table instead of the explicit entries above, the order of the entries can be adjusted. A new line can be added via the *Add* button. The current line can be deleted via the *Delete* button. Existing lines can be exchanged and reordered by moving the row-header (containing the row-number) around. All items can be added more than once, even those from above. This is not very usual but allowed. The list of the 7 explicit distinguished name entries may be adjusted in the options dialog at :ref:`options` Private Key ............ Keys can be generated here "on the fly" by pressing the button. The name of the new key will be preset by the common name of the certificate. The newly generated key will be stored in the database and stay there, even if the input dialog is canceled. The drop-down list of the keys only contains keys that were not used by any other certificate or request. The key-list is not available for creating or changing templates. By checking *Used keys too* the list contains all available keys. Use this with care. You're likely doing something wrong when using this option. This tab does not appear when signing a request, because the request contains all needed data from this tab. Select "Modify subject of the request", if you want to modify it anyway. The content of the subject Tab will then be preset with the content of the request. .. index:: wizard_extensions (wizard_extensions) .. index:: wizard_keyusage (wizard_keyusage) .. index:: wizard_netcape (wizard_netcape) X509v3 Extensions ----------------- The next three tabs contain all fields for adjusting the certificate extensions. It is not in the focus of this document to explain them all in detail. The most important are the *Basic Constraints* and the *Validity* range. More details can be found in `RFC5280 `_. Basic Constraints ................. If the type is set to *Certification Authority*, the certificate is recognized by XCA and other instances as issuer for other certificates. Server-certificates or E-Mail certificates should set this extension to *End entity* (strongly recommended) or disable it completely by setting it to *Not defined* Validity Range .............. The *Not before* field is set to the current date and time of the operating system and the *Not after* field is set to the current date and time plus the specified time range. When applying time ranges, the expiry date (not after) is calculated by taking the currently configured start date (not before) and adding the time range. For templates the specified times are not saved, because it does not make much sense. Rather the time range is stored and automatically applied when selecting this template. Applying the time range means to set notBefore to "now" and notAfter to "now + time range". If the *midnight* button is set both dates will be rounded down and up to midnight. .. index:: wizard_advanced (wizard_advanced) Advanced ........ Any extension, not covered on the other tabs can be added here as defined in OpenSSL nconf. The validity can be checked by clicking *Validate*. All extensions from all tabs will be shown here to see them all in their final form. Click on *Edit* to continue editing the extensions here. Refer to the OpenSSL X509v3 configuration for more details: https://www.openssl.org/docs/manmaster/man5/x509v3_config.html Certificate Policies '''''''''''''''''''' The following example of *openssl.txt* also works in the advanced tab to define certificate policies .. code-block:: ini certificatePolicies=ia5org,1.2.3.4,1.5.6.7.8,@polsect [polsect] policyIdentifier = 1.3.5.8 CPS.1="http://my.host.name/" CPS.2="http://my.your.name/" userNotice.1=@notice [notice] explicitText="Explicit Text Here" organization="Organisation Name" noticeNumbers=1,2,3,4 Adding more than one AuthorityInfoAccess entry is also possible here: .. code-block:: ini authorityInfoAccess=@aia_sect [aia_sect] OCSP;URI.1=http://www.some.responder.org/ OCSP;URI.2=http://www.some.other-responder.org/ caIssuers;URI.3=http://server.whatever.org/cert-path caIssuers;URI.4=ldap://server.whatever.org/xxx,yyy When exporting existing Certificates to templates, the extensions will be translated to OpenSSL config file format. xca-RELEASE.2.5.0/doc/rst/certificates.rst000066400000000000000000000165021450407711300201320ustar00rootroot00000000000000 .. index:: certdetail (certdetail) .. _certificates: X.509 Certificates ================== All certificates from the database are displayed in a tree view reflecting the chain dependencies. If there is a CA certificate and several client certificates signed by this CA, the client certificates can be shown by clicking on the plus sign of the CA certificate. .. _ca_cert: CA Certificates --------------- XCA will recognize CA certificates if the CA flag in the *Basic Constraints* is set to true. If there is a corresponding private key, the *CA* sub-menu in the context-menu will be enabled. For building the chains the CA flag is disregarded, because there are some CAs without this flag. Instead it considers the issuer name and the signature to decide which certificate is the issuer. If there is more than one CA certificate with the same subject and private key, it is undeterminable which one was selected during the signing process. This is not an issue. This usually happens if a CA certificate got renewed. In this case XCA selects the certificate with the later expiry date as anchor for the issued certificates. .. index:: ca_properties (ca_properties) .. _ca_properties: CA Properties ------------- For every CA a default template can be configured that will be automatically applied when creating a new certificate. The CRL days define the preset expiry time to the next CRL release when issuing a new CRL. .. index:: certgen (certgen) Generating certificates ----------------------- After clicking on the *New Certificate* button the Certificate input dialog will be started to ask all needed information for generating a new Certificate. See: :ref:`wizard`. Certificate creation can also be invoked by the context menu of the certificate list background or by the context menu of the request. In this case the Certificate input dialog is preset with the request to be signed. If a *CA certificate* is selected in the certificate list, this certificate will be preselected as issuing certificate. Certificate details ------------------- The signer is the internal name of the issuers certificate, *SELF SIGNED* if it is self signed or *SIGNER UNKNOWN* if the issuer's certificate is not available. The validity is set to *valid* if the certificate's dates are valid or to *Not valid* if they are not, compared to the internal time and date of the Operating System. If the certificate is revoked, the revocation date will be shown instead. On the *Subject* and *Issuer* tab the distinguished name is also displayed in a format defined in RFC2253 for copy&paste. .. index:: certexport (certexport) Certificate Export ------------------ - **Clipboard:** Copy all selected certificates to the clipboard as PEM file - **File:** Export to external file. The filename can be selected in the export dialog and the Export format: - **PEM:** PEM encoded - **PEM with Certificate chain:** PEM encoded certificate and all issuers up to the root certificate in one file - **PEM all trusted Certificates:** List of all PEM encoded certificates that are marked as *Always trusted* (usually all self-signed certificates) in one file for e.g. apache as trusted certificate store. - **PEM all Certificates:** All PEM encoded certificates in one file. - **DER:** DER encoded certificate. - **PKCS#7:** DER encoded PKCS#7 structure containing the certificate. - **PKCS#7 with Certificate chain:** DER encoded PKCS#7 structure containing the certificate and all issuers up to the root certificate. - **PKCS#7 all trusted Certificates:** DER encoded PKCS#7 structure containing all certificates that are marked as *Always trusted* - **PKCS#7 all Certificates:** DER encoded PKCS#7 structure containing all certificates. - **PKCS#12:** PKCS#12 structure containing the certificate and the corresponding private key - **PKCS#12:** PKCS#12 structure containing the certificate, the corresponding private key and the chain of all issuers certificates. - **PEM cert + key:** concatenation of the private key and certificate in a format used by apache or the X509 patch for OpenSSH. - **PEM cert + PKCS8 key:** concatenation of the private key in PKCS#8 format and certificate. - **vCalendar (*.ics)** expiry notifications for all selected certificates to be imported into your favorite calendar app. - **CA vCalendar (*.ics)** expiry notifications for the CA certificate, valid, issued cdrtificates and the latest CRL. - **Token:** Store certificate on the Security token containing the private key. - **Other token:** Store certificate on any Security token. - **OpenSSL config:** Create an OpenSSL config file from the content of this certificate, which can be used to generate a similar certificate with openssl: `openssl req -new -x509 -config ` When exporting PKCS#12 structures XCA asks later for an encryption password. Certificate Transformation -------------------------- A certificate transformation creates a new database entry based on the selected certificate. - **Public Key:** Extract the public key from the certificate and store it in the Private Keys Tab. - **Request:** Create a PKCS#10 request by using the data from the certificate. The private key of the certificate must be available for this option. - **Similar Certificate:** Starts the Certificate input dialog preset with all values from the current certificate to create a new certificate. - **Template:** Create a XCA template with the values of the request. Certificate revocation ---------------------- Certificates can only be revoked, if the private key of the issuer's certificate is available. The certificate will be marked as revoked and the revocation date and reason will be stored with the CA certificate. If more than one unrevoked certificate of the same issuer is selected, all of them will be revoked at once with the same revocation date and reason. The context menu shows this by adding the number of selected certificates in squared brackets. To generate a CRL, revoke the appropriate certificates and select *CA->Generate CRL* in the context-menu of the signing certificate. Certificate renewal ------------------- Certificates can only be renewed, if the private key of the issuer's certificate is available. Renewal is done by creating a new certificate as a copy of the original one with adjusted validity dates. Use the *Revoke old certificate* check-box to automatically revoke the old certificate. If more than one certificate of the same issuer is selected, all of them will be renewed at once with the same validity dates. The context menu shows this by adding the number of selected certificates in squared brackets. CA special functions -------------------- The context menu of CA certificates contains the *CA* sub-menu, which makes the following functions available: - **Properties:** - **CRL days:** The days until the next CRL release. - **Signing Template:** The default template for issuing certificates. - **Generate CRL:** Generate the CRL by collecting all revoked certificates and their revocation date. - **Manage revocations:** Displays all revocations and allows to manipulate them. Non existing certificates may be revoked by adding the serial number of the certificate. It is not required anymore to keep revoked certificates in the database, because the revocation information is stored together with the CA certificate. xca-RELEASE.2.5.0/doc/rst/changelog.rst000066400000000000000000000000551450407711300174100ustar00rootroot00000000000000 Changelog ========= .. include:: changelog xca-RELEASE.2.5.0/doc/rst/commandline.rst000066400000000000000000000003241450407711300177460ustar00rootroot00000000000000 Commandline =========== XCA can be used without GUI to analyze PKI items and to generate CRLs and keys. In this case no X-Server connection is required (Linux) Arguments --------- .. include:: arguments.rst xca-RELEASE.2.5.0/doc/rst/common-actions.rst000066400000000000000000000170701450407711300204140ustar00rootroot00000000000000 Common Actions ============== Many actions are common to all cryptographic parts and are mentioned here once for all. The goal of this application is to provide an easy to use signing-tool and also a common place for all selected PKI items like requests or certificates. .. _columns: .. index:: columns (columns) Column Handling --------------- Column visibility can be changed by the context menu of the table header or the "columns" sub menu of the table context menu. It shows all available columns with check-boxes to show or hide them. - Column actions - **Reset** Reset column order and visibility to the default. - **Hide Column** Hide the current column. Only shown in the context menu of the column header. - Common columns - **Internal name** Name of the item in the database. - **No.** A simple counter to easily count the items. - **Primary key** Unique number to identify an item in the database. See :ref:`primary_key`. - **Date** Date of the appearance in this XCA database. See :ref:`date_and_source` - **Source** Origin of this item, See :ref:`date_and_source`. - **Comment** A multi-line free text input, see :ref:`comment`. - Certificate and request columns - **Subject** The complete subject name. - **Subject hash** Subject hash used by OpenSSL to lookup certificates. See https://www.openssl.org/docs/man1.0.2/apps/c_rehash.html - **Subject entries** Displays single entries of the subject. The list represents the content of the :ref:`objectids` file. - **X509v3 Extensions** Displays a textual representation of the selected extension. - **Key name** Internal name of the key in the private keys tab. - **Signature algorithm** Signature algorithm used to sign the certificate or request. - Request columns - **Signed** Whether the request is already signed or not. - **Unstructured name** CSR specific attribute. - **Challenge password** CSR specific attribute. - **Certificate count** Number of certificates in the database with the same public key. - Certificate columns - **CA** CA Basic Constraints flag - **Serial** Serial number - **MD5 / SHA1 / SHA256 fingerprint** Certificate fingerprint Columns can be resized and rearranged. This configuration is stored in the database and will be reassigned next time this database is opened. .. index:: import (import) Importing items --------------- The import of an item can be done by either clicking the import button on the right or via the context menu available by right clicking into the list. The import function is smart enough to probe all known formats independent of the file extension: Keys PEM private key, PEM public key, DER private key, DER public key, PKCS#8 private key, SSH public key. Requests DER request, PEM request Certificates DER certificate, PEM certificate (PKCS#12 and PKCS#7 certificates must be imported with an extra button, because they may contain more than one certificate and key) After selecting the filename XCA will probe for the known formats of that item and in case of an error it prompts the *last* OpenSSL error message. It is possible to select more than one file by selecting them with SHIFT click. Also the *Import* menu may be used to load items. Next to the file-types above, it also supports *PEM* import. PEM describes the encoding instead of the file-type. So a PEM file can be any type of private key, CRL certificate or CSR. This import facility discovers the type and loads it. When importing more than one Key, CRL, Certificate or Request all items are shown in a Multi-import dialog. When importing a PKCS#7 or PKCS#12 item, the contained keys and certificates are shown in the Multi-import dialog. By using the Multi-import dialog the items can be examined, imported or dropped. After reading the item it searches for this item in the database and if it is unique, the item is stored in the database. Otherwise it shows a message containing the internal name of this item in the database. Details of an Item ------------------ The details dialog can be accessed by double clicking the item, by the context menu or by the button on the right. The names of the issuers certificate and the corresponding key are click-able and their content will be shown on "double-click" Renaming an Item ---------------- An Item can be renamed via the context menu by right-clicking on the item, by pressing or by the *Rename* button on the right border. Deleting Items -------------- Items can be deleted by the button on the right or via the context menu. Certificate signing requests can be deleted when they got signed, because they are not needed anymore. The request can be recovered from the resulting certificate by transforming the certificate to a request. This is however only possible if you own the private key of the certificate. Multiple items may be selected to delete them all at once. Searching Items --------------- The displayed list of items can be reduced by the search-input at the bottom right. It affects all tabs. It does not only search inside the displayed columns but the whole content of the items. It searches the internal name, issuer, subject, extensions, PKCS#10 attributes and token provider. .. _internal_name: Internal name ------------- The internal name is only used inside the database and is intended to uniquely identify the items. In earlier versions of XCA this name had to be unique. This is not a requirement anymore. .. _date_and_source: Date and source of appearance ----------------------------- XCA tracks the time and source of any newly appeared item. Both can be seen when selecting *Properties* in the context menu of an item, or by enabling the *Source* or *Date* columns. The source may be one of the following - Imported: From a file or by pasting PEM data - Generated Created by XCA - Transformed Converted from an other item by the "transform" context menu - Token The device has been initially read from a hardware token - Legacy Database The item was already present in a legacy XCA database that did not track the Source information. The content of the date and source fields will never be part of an exported item. .. index:: comment (comment) .. _comment: Comment ------- XCA allows to insert multi-line comments for all items. They can be edited by the properties dialog. When showing the *Comment* column, it will display the first line of the comment field. XCA itself uses the comment field of certificates and requests to leave a note during important operations: - Applied templates during certificate or request generation - Generated keys during certificate or request generation - Signing date, time and internal name of the issuing CA when a request gets signed. - File name when the item got imported from a file. The content of the comment field will never be part of an exported item, except when explicitly selected during PEM export. .. _primary_key: Database primary key -------------------- When inserting an item into the database a new, unique id will be generated and used as primary key in the database. If the item shall be found in the database by external tools, the *items.id* can be used to uniquely identify the item. The internal name cannot be used, since it is not necessarily unique anymore. This ID will never be used outside the database. .. index:: itemproperties (itemproperties) Item properties --------------- Common properties can be displayed and edited for all items: - Internal name :ref:`internal_name` - Comment :ref:`comment` - Date and source :ref:`date_and_source` xca-RELEASE.2.5.0/doc/rst/database.rst000066400000000000000000000026561450407711300172360ustar00rootroot00000000000000 Database ======== .. _extracting-items: Extracting items ---------------- .. highlight:: bash The sqlitebrowser may be used to examine the elements of the database. The database schema is documented :ref:`database-schema` All cryptographic items are stored as base64 DER format and must be decoded before feeding them to OpenSSL:: | base64 -d | openssl -inform DER ... Extract the private key with internal name 'pk8key' from the database:: sqlite3 ~/xca.xdb "SELECT private FROM view_private WHERE name='pk8key'" | base64 -d | openssl pkcs8 -inform DER Extract the certificate with internal name 'rootca' from the database:: sqlite3 ~/xca.xdb "SELECT cert FROM view_certs WHERE name='rootca'" | base64 -d | openssl x509 -inform DER Extract the public part of a key by database primary key:: sqlite3 ~/xca.xdb "SELECT public from view_public_keys WHERE id=3" | base64 -d | openssl pkey -inform DER -pubin Extract a CRL:: sqlite3 ~/xca.xdb "SELECT crl FROM view_crls WHERE name='ca'" | base64 -d | openssl crl -inform DER Modify the comment of an item with id 3:: sqlite3 ~/xca.xdb "UPDATE items SET comment='My notes' WHERE id=3" The item names are not required to be unique anymore. Each table view in XCA has an optional column "Primary key" that may be shown to get the ID of the item in the database. .. _database-schema: Schema ------ .. literalinclude:: database_schema.sql :language: sql xca-RELEASE.2.5.0/doc/rst/index.rst000066400000000000000000000011651450407711300165730ustar00rootroot00000000000000.. XCA documentation master file, created by sphinx-quickstart on Fri Apr 2 10:32:00 2021. You can adapt this file completely to your liking, but it should at least contain the root `toctree` directive. ======================================== XCA - X Certificate and Key management ======================================== .. toctree:: :maxdepth: 2 :caption: Contents: introduction miscellaneous commandline common-actions certificate-input smartcard privatekey requests certificates template revocationlist options object-ids step-by-step database changelog xca-RELEASE.2.5.0/doc/rst/introduction.rst000066400000000000000000000052371450407711300202110ustar00rootroot00000000000000 .. admonition:: Abstract This application is intended for creating and managing X.509 certificates, certificate requests, RSA, DSA and EC private keys, Smart-cards and CRLs. Everything that is needed for a CA is implemented. All CAs can sign sub-CAs recursively. These certificate chains are shown clearly. For an easy company-wide use there are customisable templates that can be used for certificate or request generation. All cryptographic data is stored in a SQL database. SQLite, MySQL (MariaDB), PostgreSQL and MicrosoftSQL (ODBC) databases are supported. Introduction ============ This application is intended as certificate- and key-store and as signing application issuing certificates. All data structures (Keys, Certificate signing requests, Certificates and Templates) can be imported and exported in several formats like DER or PEM. Import means reading a file from the filesystem and storing the data structure into the database file, while exporting means to write the data structure from the database file to the filesystem to be imported into an other application. When opening a new database the first time, it needs a password to encrypt the private keys in the database. This is the default password. Every time this database is opened the application asks for the password. This input dialog may be canceled and the database is still opened successfully. However, the access to the keys is not possible without supplying the correct database password every time a key is used. When setting an empty password, XCA will never ask again for a password when opening this database. This can be useful when playing around with test certificates or if all private keys are on security tokens. The database password can be changed by the Menu item *Extra->Change DataBase password* The different cryptographic parts are divided over 5 Tabs: Keys, Requests, Certificates, Templates and Revocation lists. All items can be manipulated either by a context menu available by right-clicking on the item, or by using the buttons at the right border. Every item is identified by an internal name which is always shown in the first column as long as the columns are not reordered by the user. File Formats ------------ There are several default file formats to exchange cryptographic data with other applications. DER : Distinguished Encoding Rules is the binary ASN.1 encoding of the data. PEM : Privacy Enhanced Mail is the base64 encoded version of the DER formated data with additional header and footer lines to be transported via e.g. E-mail. PKCS#X : Public Key Cryptography Standards published by https://www.rsa.com Copyright --------- .. include:: COPYRIGHT xca-RELEASE.2.5.0/doc/rst/miscellaneous.rst000066400000000000000000000060131450407711300203240ustar00rootroot00000000000000 Miscellaneous ============= Updating -------- Usually XCA knows database formats used in previous versions and does an automatic upgrade of the database if neccessary when opened the first time. *Updating from versions earlier than 2.0.0* Older versions of XCA used a simple serial proprietary database for storing the cryptographic items. Starting with version 2.0.0 this has changed to SQL. The main disadvantage of the old format leading to the switch to SQL was the inaccessibility by external tools. Since years users ask for command-line access to the database. The new database can be queried by external tools like `sqlite3` or `sqlitebrowser` to extract verify or modify content. Please see :ref:`extracting-items` .. Note:: To convert legacy XCA databases, XCA <= 2.4.x is needed. Newer versions of XCA cannot read the old format anymore. .. Danger:: Please be careful with older XCA versions. XCA before 1.4.0 will overwrite the new SQLite database during database open. For file based databases the SQLite database format is used. Since XCA uses SQL, it can also be connected to a network database. The databases *mySQL* *PostgreSQL* and *Microsoft SqlServer* are tested. Please use the *Open Remote DataBase* menu item to connect to a remote host. Download -------- The most recent stable version of XCA can be downloaded from http://hohnstaedt.de/xca/index.php/download The current (unstable) HEAD of development can be downloaded and tested via https://github.com/chris2511/xca/ Please do not hesitate to contact me for information about branches. DH Parameters -------------- Diffie Hellman parameters can be created by XCA. It does neither need nor use the parameters. Applications like OpenVPN however need them and so XCA provides this functionality for users convenience. Entropy sources for XCA ----------------------- Entropy is a very important topic for key generation. OpenSSL comes with a good pseudo random number generator. XCA seeds it very thoroughly. 1) During startup - The OpenSSL seeding mechanism `RAND_poll()`. It uses */dev/urandom* where possible and the screen content on Windows. - XCA also tries to pull at most 256bit from */dev/random* and */dev/hwrng* each. - A *.rnd* state file in the XCA application directory is read on startup and erased afterwards to avoid replays. 2) Before any key or parameter generation a "re-seeding" is done. Some say re-seeding is not necessary, but all say it does not harm. - XCA collects entropy by mouse and keyboard events and its timing. `XcaApplication.cpp: bool XcaApplication::eventFilter()` We are on a desktop host after all. - 256bit from */dev/urandom* (unix/Mac) 3) A *.rnd* state file in the XCA application directory is written whenever XCA finishes. 4) When managing a token or generating a key on a token that supports `C_GenerateRandom` and `C_SeedRandom`, XCA will: - Seed the token with own random data. - Seed the OpenSSL CSPRNG by random bytes from the token. xca-RELEASE.2.5.0/doc/rst/object-ids.rst000066400000000000000000000056131450407711300175110ustar00rootroot00000000000000 .. _objectids: Object IDs ========== Private Object IDs and OID lists for the distinguished name or extended key usage can be added in files listed below. The files are: - **oids.txt:** additional Object IDs - **eku.txt:** Content of *ExtendedKeyUsage* - **dn.txt:** Content of *DistinguishedName* The search path for all the files is listed below. All files except *oids.txt* are searched in the order listed below and search stops at the first file found. The *oids.txt* file is searched in reversed order and all *oids.txt* files found are loaded. - Unix - $HOME/.xca/ - /etc/xca/ - PREFIX/share/xca/ PREFIX is usually /usr or /usr/local - Windows - CSIDL_APPDATA\xca, which is something like C:\Documents and Settings\username\Application Data\xca or C:\Users\username\AppData\Roaming\xca - Installation directory e.g.: `C:\Programs\xca` - MacOSX - $HOME/Library/Application Support/data/xca - /Applications/xca.app/Resources The path of the user settings directory depends on the operating system and version. The path where XCA looks for this file is shown in the *About* dialog of XCA as *User settings path*. .. _new_oids: New OIDs -------- All Object IDs that are not official, but belong to your company or organisation can be added in the file *oids.txt*. All possible locations for this file are searched and all *oids.txt* files found are loaded. This way the application-installer adds some in */usr/share/xca*, the Administrator in */etc/xca* and the user in *$HOME/.xca*. The format of this file is: *OID*:*shortname*:*longname* Leading and trailing spaces between the colons and the text are ignored. Lines starting with a *#* are ignored. OID lists --------- The files containing OID lists (*eku.txt, dn.txt*) are handled in a different way, only the first one found is used. The format of this files is one entry per line. The entry can be either the numerical OID like *1.3.6.1.5.5.8.2.2*, the short name like *iKEIntermediate* or the long name *IP security end entity*. Lines starting with a *#* are ignored. If this files shall contain new in-official OIDs, they must be also mentioned in one of the *oids.txt* files. Configure Subject entries ------------------------- If you want to / need to add your own company specific subject entry to your certificate it can be done without recompiling XCA. 1) Add its OID with short name and long name to one of the *oids.txt* file listed in :ref:`new_oids` like: *1.3.6.1.4.1.12345.1: zodiacSign: Zodiac Sign* 2) Add the OID, short name or long name to the first read *dn.txt* On Linux: `cp /usr/share/xca/dn.txt ~/.xca/dn.txt && echo "zodiacSign" >> ~/.xca/dn.txt` 3) Start XCA, open your database and goto *Options->Distinguished name*. In the *Explicit subject entries* select *Zodiac Sign*, click *Add*, move it by dragging it in the list and click OK when satisfied. 4) Create a new certificate and see. xca-RELEASE.2.5.0/doc/rst/options.rst000066400000000000000000000101041450407711300171500ustar00rootroot00000000000000 .. index:: options (options) .. _options: Options ======= The options dialog can be found in the file menu. All options are saved in the database and do not depend on the operating systems registry or configuration files. - String settings This option applies to all strings converted to ASN1 strings. The selected string type is automatically set to the smallest possible and allowed type, covering all contained characters. The list of allowed string types can be selected: - **PKIX in RFC2459 (default):** All string types are set as described in RFC2459 - **No BMP strings:** All strings containing non printable characters are regarded as errors. - **PKIX UTF8 only:** All string types are selected according to RFC2459 for entities issued after 2004, which means that almost all distinguished name entry types are set to UTF8. - **All strings:** All string types are allowed. - Default hash algorithm Older Windows versions and OpenSSL versions can not handle SHA256 and SHA512. This option allows to set the hash algorithm to SHA1 for instance. - Suppress success messages After importing and generating new items a success message is shown. This switch disables the messages. - Don't colorize expired certificates Since version 0.9.2 the expiration dates of certificates will be colorized. Red means expired or not yet valid. Yellow indicates certificates that only have 4/5 of their lifetime until expiration. The CRL expiration date will be marked red 2 days before expiration. With this option, the colorization can be disabled. - Translate established x509 terms It is usually more clear to read "commonName" instead of e.g (german) "Allgemeine Bezeichnung". Same is true for "Extended key usage" or "Basic constraints". With this setting the translated terms are shown and the Tool-Tip of the entry shows the established term. If not set, the established term will be displayed and the Tool-Tip contains the translation. - Only use hashes supported by the token when signing with a token key The PKCS#11 token does probably not support all possible hashes for a signature operation. I.e. the EC and DSA signing algorithms are currently only defined with SHA1 in the PKCS#11 specification. XCA does the hashing part of the digital signature in software outside the token and uses the token to sign the hash. That's why XCA may use additional hashing algorithms like ecdsaWithSha256. If other applications that probably use the token hashing algorithms shall use the token, this option should be set. - Disable legacy Netscape extensions With this option set the input and use of the legacy Netscape extensions will be suppressed. The certificate input dialog has no Netscape tab, the request and certificate columns don't show the Netscape extensions and when applying a template or converting certificates, the Netscape extensions are removed. However, the details of certificates and requests still show the Netscape extensions if they exist. - Mandatory subject entries A list of mandatory distinguished name entries may be specified to get a warning, whenever issuing a certificate that lacks one or more listed entries. This requirement is not checked when editing templates, because templates may have empty entries that will be filled during the rollout of the certificate. - Explicit subject entries This list may be used to change the list of the usual 7 distinguished name entries shown in the subject tab of the Certificate / Request / Template generation dialog to better fit ones needs. When activating the *Dynamically arrange explicit subject entries* option, the explicit entries are rearranged by the name to be edited. If the name is empty, the entries are unchanged. Otherwise, the entries of the name to be edited are displayed first, followed by the entries of the list above not mentioned in the name to be edited. - PKCS#11 provider Here you can select the path to one or more PKCS#11 libraries on your system. If the list is empty, the *Token* menu will be unavailable. xca-RELEASE.2.5.0/doc/rst/privatekey.rst000066400000000000000000000104631450407711300176500ustar00rootroot00000000000000 .. index:: keydetail (keydetail) .. _keys: RSA, DSA and EC Keys ==================== For creating certificates, keys are needed. All keys are stored encrypted in the database using the PKCS#8 AES algorithm. The password can be changed for each key. .. index:: keytab (keytab) The password type means: common: The database password provided during database load. private: The key is encrypted with an individual passphrase, which is not stored by XCA. This can be set and reset via the context menu of the key. PIN: Security tokens are usually protected by a PIN. No password: Public keys don't need a password. All keys carry a use counter which counts the times it is used in requests or certificates. When creating new requests or certificates the list of available keys is reduced to the keys with a use counter of 0. This can be overridden by the check-box next to the key list. Keys should *never* be used multiple times. When importing an EC key with explicit curve parameters, the corresponding curve OID is searched and set if found. - Private Key columns - **Type** One of *RSA*, *DSA*, *EC*, *ED25519*. - **Size** Key size in bits. - **EC Group** Curve name of the EC key. - **Use** Number of certificates and requests in the database using this key. For new certificates and requests only unused or newly generated keys should be used. - **Password** Protection of the key. See :ref:`keys` .. index:: keygen (keygen) Generating Keys --------------- The dialog asks for the internal name of the key and the key-size in bits. For EC keys, a list of curves is shown. It contains all X9.62 curves and many others. For ED25519 keys no further information is required. Even if the size drop-down list only shows the most usual key sizes, any other size may be set here by editing this box. While searching for random prime numbers a progress bar is shown in the bottom of the base application. After the key generation is done the key will be stored in the database. When checking the *Remember as default* box, the settings (Key-type, key-size or EC curve) will be remembered and preset for the next key generation dialog. This option is not available when generating keys on 'ref'`token`. For every connected token providing the Key-Generate facility, an entry in the drop-down menu of the key-types will be shown. It contains the name of the token and the valid key-sizes. In case of EC keys generated on a token, the list of possible curves is restricted based on informations provided by the token (Key size and FP/F2M). The token may support even less ECParameters / OIDs. When selecting an unsupported EC curve an error will occur. Please consult the documentation of the provider of the PKCS#11 library. .. index:: keyexport (keyexport) Key Export ---------- Keys can be exported by either selecting the key and pressing *Export* or by using the context-menu. It may be chosen to export the key to the clipboard as PEM public, SSH2 public or unencrypted PEM private format. In case of a file export a dialog-box opens where next to the filename one of the following formats may be selected: - **PEM public:** the public part of the key in PEM format - **DER public:** the public part of the key in DER format - **SSH2 public:** the public part of the key in SSH2 format - **PEM private:** the private key unencrypt in PEM format - **PKCS#8 encrypted:** the encrypted private key in PKCS#8 format - **DER private:** the private key in binary DER format - **PEM encrypted:** the private key in PEM format with an OpenSSL specific extensions for encryption - **PKCS#8 unencrypted:** the private key unencrypted in PKCS#8 format - **SSH2 private:** the private key unencrypted in SSH2 format The filename is the internal name plus a *pem*, *der*, *pk8*, *pub* or *priv* suffix. When changing the file-format, the suffix of the filename changes accordingly. Only PKCS#8 or PEM files can be encrypted, because the DER format (although it could be encrypted) does not support a way to supply the encryption algorithm like e.g. *DES*. Of course, encryption does not make sense if the private part is not exported. When exporting the key via SQL from the database, see :ref:`extracting-items` openssl asks for the password, which is either the database password or its own password in case the password type is *private*. xca-RELEASE.2.5.0/doc/rst/requests.rst000066400000000000000000000055031450407711300173370ustar00rootroot00000000000000 .. index:: csrdetail (csrdetail) .. _csr: Certificate Signing Requests ============================ Certificate signing requests are described in PKCS#10 standard. They are used to supply a Certification Authority with the needed information to issue a valid certificate without knowing the private key. This includes personal information, the public key and additional extensions. It is not necessary to generate a request prior to signing it by your CA or before self-signing it. Simply start generating the certificate directly. People using the OpenSSL command line tools are used to generate a request with `"openssl req -new ...` and then signing it. This is not necessary with XCA. Tracking signed CSR with XCA can be done by the *Signed* and *Certificate count* columns of the certificate signing request tab. The *Signed* column is an information stored in the database whenever a CSR was used to issue a certificate. Also an automatic comment is left in the comment of the CSR in this case. It does not depend on the certificate remaining in the XCA database. The *Certificate count* column on the other hand displays the number of currently available certificates with the same public key in the database. .. index:: csrgen (csrgen) Generating a new Request ------------------------ After clicking on the *New Request* button, the Certificate dialog will be started to ask all needed information for generating a new Request. See: :ref:`wizard` The request generation can also be invoked by the context menu of a certificate *Transform->Request*. This menu point is only available if the private key of the certificate is available. In this case all needed data is copied from the certificate and the Certificate dialog is not invoked. .. index:: csrexport (csrexport) Request Export -------------- Requests can be exported by the context-menu or by the button on the right. - **Clipboard** Writes all selected requests in PEM format to the Clipboard. - **File** Write the request into a file in PEM or DER format. - **OpenSSL config** Create and store an OpenSSL configuration file which can be used to generate a similar request with openssl `openssl req -new -config ` Request Transformation ---------------------- A request transformation creates a new database entry based on the selected request - **Template** Create an XCA template with the values of the request. - **Public Key** Extract the public key from the request and store it in the Private Keys Tab. - **Similar Request** Starts the Certificate input dialog preset with all values from the current request to create a new request. Request Details --------------- All information contained in the request are shown. If the key-store contains the private key corresponding to the request the keys internal name is shown in the *Key* field, which can be clicked to show it. xca-RELEASE.2.5.0/doc/rst/revocationlist.rst000066400000000000000000000042771450407711300205400ustar00rootroot00000000000000.. index:: crldetail (crldetail) Certificate Revocation Lists ============================ All certificates are issued for a restricted period of time. However it may happen that a certificate should not be used or becomes invalid before the *not after* time in the certificate is reached. In this case the issuing CA should revoke this certificate by putting it on the list of revoked certificates, signing the list and publishing it. .. index:: crlgenerate (crlgenerate) Generation of CRLs ------------------ In XCA this can be done by the context-menu of the CA and the *revoke* entry in the context-menu of the issued certificate. First all invalid certificates must be marked as revoked and then a Certificate Revocation List should be created and will be stored in the database. The validity times define start and expiry date of the CRL. The default interval can be configured in the :ref:`ca_properties` dialog. The options section allows to select, whether the Subject Alternative Name and the Authority Key Identifier of the issuing CA should be placed into the CRL. The CRL Number (https://tools.ietf.org/html/rfc5280#section-5.2.3) will be tracked by XCA and updated on every use. There is also a commandline option to issue a CRL: .. code-block:: bash xca --crlgen="My Ca" --pem --print .. index:: crlmanage (crlmanage) Manage revocations ------------------ Revoked certificates may be managed without the revoked certificate in the database. The revocations are stored inside the database for each CA with revocation date, revocation reason and invalidation date. They get automatically updated when importing a CRL of this CA or by manually revoking an issued certificate. The Manage revocations dialog is accessible by the CA submenu of the ontext menu of the CA. Entries can be added, deleted and modified. .. index:: crlrevocation (crlrevocation) Revocation properties --------------------- The certificate revocation happens by the CA at the *revocation date* which is the time when the revocation is performed. The *invalidity date* can be set to an earlier time in this dialog. The *revocation reason* is explains why the certificate has been revoked. https://tools.ietf.org/html/rfc5280#section-5.3 xca-RELEASE.2.5.0/doc/rst/smartcard.rst000066400000000000000000000202471450407711300174460ustar00rootroot00000000000000 .. _token: Smart-cards =========== Since XCA 0.8.0 the use of Smart-cards (Security tokens) is supported. It is based on the PKCS#11 standard. The Options dialog contains a list to add one or more PKCS#11 providers (libraries). This is not restricted to Smart-cards but includes all type of security tokens like USB tokens. Up to version 1.0.0 only RSA keys on security tokens were supported. Since version 1.1.0 XCA also supports EC and DSA private keys on security tokens. Once again: This software comes with no warranty at all! If XCA transforms your security token into a fridge, don't blame me. For me everything worked fine and I tested it thoroughly. On Linux the package *opensc* should be installed. Please read the opensc documentation for more details. Generally: if the opensc command-line-tool *pkcs11-tool -L* shows reasonable output, XCA will work. Otherwise fix the opensc setup. I had a functional setup with a "Reiner SCT" and a DELL keyboard with integrated card reader and TCOS Netkey E4 cards. I also used Aladdin Etoken very successfully (Thanks for support!). The Aladdin PKCS#11 library supports all needed features very well. The ECC token support was tested with the https://www.cardcontact.de ECC tokens. The OpenDNSSEC SoftHSMv2 was used as PKCS#11 reference implementation to test all the token algorithms and certificate and key download functionality to the token. Before the keys of a token can be used, they must be imported into XCA. This means that XCA reads the token and shows the keys and certificates on the token. They can then be imported partially or completely via the Multi-import dialog to be used by XCA. It is not unusual that a token contains more than one key or certificate. It is of course possible to create your own keys on the token. When selecting a token-key for signing, XCA verifies that the corresponding token is available. If the Card reader supports a secure PIN input by a built-in keyboard, it will be used by XCA and it will not ask for the PIN but waits for the Pin-pad input. The following actions with smart-cards are supported: - Import keys and certificates from the token. (Token->Manage Security token) - Everything you can do with other keys can be done with tokens, too. - On export, only the Public key is exported. - Change the PIN and SO PIN of a token. - Create a key on the token. (Button New Key) - Store an existing key or certificate on the token. (Context menu of the item) - Delete certificates and keys from the token. (Context menu of the item) - Initialize cards and the user PIN via SO PIN Existing, non-deletable, built-in certificates of Smart-cards may be ignored. A new CA certificate can be created and self-signed by the Smart-card key. It can then be used to issue end-entity certificates, containing other RSA, DSA or EC keys, sign imported certificate requests or generate CRLs. Key Management on the Token --------------------------- XCA assumes for every private key on the card a corresponding public key. When managing cards, XCA only searches for public keys. There is thus no need to enter a PIN. When using the the key for signing the corresponding private key on the card is selected and a PIN must be entered. Accordingly, every time a key is generated on the card, a public/private key-pair is generated. Every time a key is stored on the card, XCA creates a public and a private key object. Firefox always only looks for private keys on the card. If XCA does not show a key, which is however recognized by Firefox a missing public-key object is the cause. The Token Menu --------------- The menu item: *Token* is accessible if a PKCS#11 library was loaded and initialized. Managing Smart-cards .................... Security token specific operations are collected below the menu-item *Token* Manage Security Token ''''''''''''''''''''' This is the Multi import dialog, which allows to view and select the items to be imported. When started it reads the content of the selected token. Additionally, it shows token information in the bottom-right corner and allows to delete and rename items directly on the token. Initializing Tokens ''''''''''''''''''' Initializing tokens is done via the menu item *Initialize token*. During this process either a new SO PIN must be supplied or the old SO PIN must be given. Additionally XCA asks for the label of this token. After this operation succeeded, the User PIN is uninitialized and must be initialized via *Init PIN* Deleting Items from the Token ''''''''''''''''''''''''''''' Just delete the item as usual. XCA will then ask whether the item shall also be removed from the token. Items on the token that were not yet imported can be deleted via the "Manage security token" menu. Changing PINs ''''''''''''' The User PIN and SO PIN can be changed via the *Token* menu and also via the key context-menu. In this case the correct token containing the key will be enforced. Tested Providers ................ The following providers were used for testing: 1) OpenSC: default provider for a lot of different cards and readers. Deleting keys or certificates is currently not supported. - The support of Netkey 4E cards is currently restricted. Only import and using the keys and certificates is possible. - Feitian PKI cards work with the following restrictions: - The cards must be initialized outside XCA with *pkcs15-init* - Storing keys onto the card crashes because of *assert(0)* in card-entersafe.c in opensc-0.11.13 - Deleting items does not work, because it is not implemented in opensc-0.11.13/card-entersafe.c. 2) Aladdin eToken PKIclient-5.1: Works perfectly. Read public keys from the token, write private keys to the token, generate keys on the token, write certificates to the token and delete them from the token. - Linux only: OpenCryptoki (IBM): may be used as a pure software token, but also supports TPMs and other IBM crypto processors - https://www.cardcontact.de OpenSC branch supports RSA and EC Keys. Downloading keys to the token is not supported. - OpenDNSSEC SoftHSMv2 supports all mechanisms in software. A great reference to test the PKCS#11 library interface. Tested compatibility with other applications ............................................ For interoperability tests I used the Aladdin eToken together with the Aladdin PKIclient 5.1 software and OpenSC with the Feitian PKI-card. - Aladdin: /usr/lib/libeTPkcs11.so - Feitian: /usr/lib/opensc-pkcs11.so (default) I initialized the token as follows: - Generate CA certificate with software key - Generate server certificate with software key - Generate client certificate with a key generated on the token - Generate 2nd client certificate with software key - Copy the software-key of the 2nd client certificate onto the token - Copy the 2 client certificates onto the token - Export CA certificate as PEM (ca.crt) - Export server cert as PKCS12 without password (server.p12) - Export server cert as "PEM Cert + key" without password (server.pem) for Apache2 Firefox / Mozilla -> Apache ........................... - Enable PKCS#11 token in Firefox: - *Edit->Preferences->Advanced:* (Security Devices): (Load) Load PKCS#11 Device: /usr/lib/libeTPkcs11.so - Import CA certificate: *Edit->Preferences->Advanced:* (View Certificates) (Authorities): (Import) - Prepare apache config with: .. code-block:: apache SSLEngine on SSLCertificateFile /etc/apache2/ssl/server.pem SSLCertificateKeyFile /etc/apache2/ssl/server.pem SSLCertificateChainFile /etc/apache2/ssl/ca.crt SSLCACertificateFile /etc/apache2/ssl/ca.crt SSLVerifyClient require SSLVerifyDepth 10 - Connect with Firefox to the server. Firefox will prompt you to select one of the 2 client certificates. Both work. OpenVPN ....... The relevant server config is as follows: .. code-block:: apache pkcs12 server.p12 The client config is: .. code-block:: output ca ca.crt pkcs11-providers /usr/lib/libeTPkcs11.so pkcs11-id 'Aladdin\x20Knowledge\x20Systems\x20Ltd\x2E/eToken/002882d2/F\xC3\xBCr\x20den\x20Firefox/D1A7BFF94B86C061' The pkcs11-id can be obtained with the command: .. code-block:: bash $ openvpn --show-pkcs11-ids /usr/lib/libeTPkcs11.so xca-RELEASE.2.5.0/doc/rst/step-by-step.rst000066400000000000000000000153751450407711300200300ustar00rootroot00000000000000 Step by Step guides =================== Beginners may follow these steps to easily create their first certificates. This guide shows the minimal requirements for various tasks. For more advanced use of XCA, users are encouraged to familiarize themselves with the applicable standards. Create a new Database --------------------- If the New Certificate button is greyed out you first need to create a new database. If you have a database already you may need to open it instead. 1) Click the File menu. 2) Click New Database. 3) Type the name of the new database into the file selector box. 4) Enter a password into the New Password dialog. 5) Click the *OK* button at the bottom. Setting up a Root CA Certificate -------------------------------- 1) Click the *Certificates* tab. 2) Click the *New Certificate* button. 3) Make sure the *Source* tab is showing, clicking it if necessary. - At the bottom of the panel, ensure that the *default CA* template is showing, and click the *Apply all* button. This will fill in appropriate values under the *Extensions*, *Key Usage*, and *Netscape* tabs. 4) Click the *Subject* tab. - Type in the internal name; this is for display purposes in the tool, only. - Fill in the required fields in the upper Distinguished Name section (Country name, State/Province, Locality, Organization, Common name, E-Mail address). The common name can be something like "ACME Certificate Authority". - If you want to add in any additional parts to the distinguished name, use the *Add* button. - Select the desired private key or generate a new one. 5) Click the *Extensions* tab. - The Time Range is probably fine (10 years). If you want to change the duration, then change it and click *Apply*. 6) The CRL distribution point will be part of the issued certificates. It should however be thought about a common URL for all of them like *http://www.example.com/crl/crl.der* 7) Click the *OK* button at the bottom. You may wish to now issue an (initially) empty CRL. Follow the instructions given for issuing CRLs below, except that you do not actually revoke any certificate. Creating a CA-Signed Host Certificate ------------------------------------- 1) Click the *Certificates* tab. 2) Click the *New Certificate* button. 3) Make sure the *Source* tab is showing, clicking it if necessary. - At the bottom of the panel, select the template "(default) TLS_server" (or another suitable template, if you have created your own) and click the *Apply* button. This will fill in appropriate values under the *Extensions*, *Key Usage*, and *Netscape* tabs. - In the Signing section, select the certificate that will be used to sign the new certificate. 4) Click the *Subject* tab. - Type in the internal name; this is for display purposes in the tool, only. For host certificates, the host FQDN (fully qualified domain name) is not a bad choice. - Fill in the required fields in the upper "Distinguished Name" section (Country code, State/Province, Locality, Organization, Common name, E-Mail address). For host certificates, the common name must be the FQDN to which you wish users to connect. This need not be the canonical name of the host, but can also be an alias. For example, if *pluto.example.com* is your web server and it has a DNS CNAME entry of *www.example.com*, then you probably want the Common Name value in the certificate to be *www.example.com*. - If you want to add in any additional parts to the distinguished name, use the drop-down box and *Add* button. - Select the desired private key or generate a new one. 5) Click the *Extensions* tab. - Change the Time Range if desired and click *Apply*. - In the event that you need to revoke any certificates in the future, you should designate a certificate revocation list location. The location must be unique for this root certificate. XCA exports CRLs in either PEM or DER format with appropriate suffixes, so this should be considered when selecting the URL. Selecting a URI something like *http://www.example.com/crl/crl.der* is probably suitable. On the "CRL distribution point" line, click the *Edit* button. Type in the desired URI, then click *Add*. Add in any additional desired URIs in the same fashion. Click *Validate* and *Apply*. (Alternate mechanisms such as OCSP are beyond the scope of this guide.) - Click the OK button at the bottom Creating a Self-Signed Host Certificate --------------------------------------- This procedure is almost identical to that of creating a CA-Signed certificate with the following exceptions: 1) When creating certificate, select "Create a self signed certificate" under the *Source* tab. 2) Self-signed certificates cannot be revoked, so the CRL URI should be blank. Setting Up A Template --------------------- If you have, or expect to have, multiple hosts under one domain and signed by the same root certificate, then setting up a template for your hosts can simplify host certificate creation and improve consistency. The values of templates can be applied on the first tab of the certificate-generation dialog. It can be selected, whether the subject, the extensions or both parts of the template will be applied. This way a subject-only template may be defined and later applied together with the TLS_client or TLS_server template. 1) Click on the *Templates* tab. 2) Click on the *New Template* button 3) Select an appropriate value for the Preset Template Values, then click *OK* 4) Under the *Subject* tab, specify an internal name for the template. 5) Fill in (or modify) any values that you wish to be populated when using the template. Leave the rest blank (notably the "Common Name" field). 6) When all desired fields are filled in, click the *OK* button at the bottom of the window. Your template is now ready for use when creating new certificates. Alternatively, you may export an existing Certificate or Certificate signing request to a template by the Export-context menu of the item. Revoking a Certificate issued by a CA ------------------------------------- 1) Click the *Certificates* tab. 2) Right-click on the certificate that you want to revoke and select *Revoke* 3) Right-click the CA certificate that was used to sign the certificate being revoked. Select *CA* --> *Generate CRL* 4) Click the *OK* button in the *Create CRL* dialog. 5) Click on the *Revocation lists* tab in the main window. 6) Right-click on the CRL you just generated and select *Export*. Select the desired format (probably DER) and click *OK* 7) Copy the exported CRL to the location published in the issued certificate's CRL Distribution Points. 8) Optionally, delete older CRLs for the same CA certificate. xca-RELEASE.2.5.0/doc/rst/template.rst000066400000000000000000000020261450407711300172740ustar00rootroot00000000000000 Templates ========= Templates are special to XCA and not interchangeable with other applications. They store all informations to create certificates or requests. To use templates, just create a new certificate or request and apply one of the templates (or parts of it) in the *Source* Tab. Usually you have the distinguished name parts, that never change and properties (extensions) that define the use of the certificate. You may apply the whole template or only the subject or only the extensions. Next to the 3 default templates for CA, TLS server and client certificates, customized templates may be created. Templates are not signed, they are just a collection of common values for different certificates. Therefore XCA does not care if any duplicates exist in the list of templates. An easy way to create templates is to export an existing certificate or PKCS#10 request to a template. Just select *Transform->Template* in the context-menu of the item. The private key of the Certificate or Request is not required for this operation. xca-RELEASE.2.5.0/doc/xca.1.head000066400000000000000000000015531450407711300156600ustar00rootroot00000000000000.TH XCA 1 .SH NAME .B xca \- X Certificate and key management .br A GUI for handling X509 certificates, RSA/DSA/EC keys, PKCS#10 Requests and CRLs in Software and on Smartcards. .SH SYNOPSIS .B xca .RI [ OPTIONS ] .br .SH "DESCRIPTION" This application is intended as CA, certificate- and Key store. It uses a SQL database to store the items. By default this is SQLite3, but MySQL and PostrgreSQL are also tested and supported. Known types are Certificate signing requests (PKCS#10), Certificates (X509v3), RSA, DSA and EC keys and Certificate revocation lists. The signing of requests, and the creation of self-signed certificates is supported. Both can use templates for simplicity. The PKI structures can be imported and exported in several formats like PKCS#12, PEM, DER, PKCS#8, PKCS#7. .br XCA enables users to manage smartcards via the PKCS#11 interface .SH OPTIONS xca-RELEASE.2.5.0/doc/xca.1.tail000066400000000000000000000037271450407711300157150ustar00rootroot00000000000000.SH ENVIRONMENT VARIABLES Some more or less useful environment variables are evaluated by xca .TP .B XCA_NO_GUI=1 Do not start the graphical user interface forcefully. Same as \fB--no-gui\fP argument. If both were not given, XCA tries to be smart and looks at the other arguments to judge whether to start the GUI or not. .TP .B XCA_DEBUG= The environment variable .B XCA_DEBUG controls the dynamic debugging. The format is a comma separate list of pattern. Each pattern is: \fBall|[-]|[-]:[-]\fP A leading dash skips the match. The \fIfirstline\fR and \fIlastline\fR may be empty and will be replaced by the first and last line of the file. If \fI-\fR is omitted then only the exact line number of \fIlastline\fR is matched. .br Example: \fIXCA_DEBUG=all,-timerEvent\fR Log everything but skip the annoying timerEvent messages. .br Example: \fIXCA_DEBUG=pki_base.cpp:100-,-pki_base.cpp:340\fR Log pki_base Messages from line 100 up to the last line, except line 340. .TP .B XCA_ABORT_ON_WARNING=1 Developer option to crash into debugger in case of a warning-level log message. Documented for completeness. Not useful for non-developers .TP .B XCA_PORTABLE=1 Force the windows portable mode. Documented for completeness. Not useful for non-developers .TP .B XCA_ARGUMENTS= Outputs the commandline arguments in man-page nroff, sphinx rst or as oneline list for command-completion to automatically update the documentation if new arguments are added. .TP .B QPSQL_OPTIONS QMYSQL_OPTIONS QODBC_OPTIONS Additional connection options for the SQL database drivers as described in https://doc.qt.io/qt-5/qsqldatabase.html#setConnectOptions like \fIQPSQL_OPTIONS=requiressl=1\fR .SH SEE ALSO A more detailed HTML documentation can be found in the doc directory, in the "Help" menu of the application or on https://hohnstaedt.de/documentation .SH AUTHOR This manual page was written by Christian Hohnstaedt xca-RELEASE.2.5.0/img/000077500000000000000000000000001450407711300141265ustar00rootroot00000000000000xca-RELEASE.2.5.0/img/.gitignore000066400000000000000000000000221450407711300161100ustar00rootroot00000000000000img.rc imgres.cpp xca-RELEASE.2.5.0/img/CMakeLists.txt000066400000000000000000000027331450407711300166730ustar00rootroot00000000000000 set(S "${PROJECT_SOURCE_DIR}/img") set(D "${PROJECT_BINARY_DIR}/img") file(MAKE_DIRECTORY ${D}) macro(Install_PNG size) install(FILES ${S}/xca-icons.iconset/icon_${size}.png DESTINATION ${ICONDIR}/${size}/apps RENAME xca.png ) install(FILES ${S}/xca-icons.iconset/icon_${size}.png DESTINATION ${ICONDIR}/${size}/mimetypes RENAME x-xca-database.png ) install(FILES ${S}/xca-icons.iconset/icon_${size}.png DESTINATION ${ICONDIR}/${size}/mimetypes RENAME x-xca-template.png ) endmacro() if(APPLE) ###### MAC ICONS find_program(ICONUTIL iconutil) if(ICONUTIL) set(ICONS "${D}/xca-icons.icns") file(GLOB ICON_SRC ${S}/xca-icons.iconset/*.png) add_custom_command(OUTPUT ${ICONS} COMMAND iconutil --convert icns -o ${ICONS} ${S}/xca-icons.iconset DEPENDS ${ICON_SRC} ) set_source_files_properties(${ICONS} PROPERTIES GENERATED TRUE) add_custom_target(mac-icons DEPENDS ${ICONS}) add_dependencies(${CMAKE_PROJECT_NAME} mac-icons) target_sources(${CMAKE_PROJECT_NAME} PRIVATE ${ICONS}) list(APPEND APP_RESOURCES ${ICONS}) endif() set(CPACK_BUNDLE_ICON ${ICONS}) elseif(WIN32) ENABLE_LANGUAGE(RC) target_sources(${CMAKE_PROJECT_NAME} PRIVATE ${S}/w32res.rc) endif() if (UNIX AND NOT APPLE) install(FILES ${S}/xca-32x32.xpm DESTINATION ${CMAKE_INSTALL_DATADIR}/pixmaps ) set(ICONDIR ${CMAKE_INSTALL_DATADIR}/icons/hicolor) Install_PNG(16x16) Install_PNG(32x32) Install_PNG(48x48) Install_PNG(64x64) endif() xca-RELEASE.2.5.0/img/banner.bmp000066400000000000000000002477121450407711300161100ustar00rootroot00000000000000BMOzl:PO  BGRs)\_@Y^G- /CCXYWW]I7_!$fcba_[XW VV VX^'^_AKX WY[\]]]][X]GO^]_G4 YX""`&&b,,g--g//h00i))eXY^` A_]]]^@ V[$$a44k<^ZXWWV U UUV[^Y Y[ \""f22n""e \Y[W 9\^]X U TTUUVZ^Zrrr?^[b<]`++p//sII88w,,n##hc_[W\&YUUUWY W WVX^b/OjpRnpUpoqz̑ˑ~mmkjlrytʚ̚̚zLddH__Mff 76*S^!!m**n$$ifc]X]Irrs1\YWXVWY[^\I4""EVVڰF\\ Pbcc[Y]< _][\[[^]^C$$o!c^YZ]>J]^^^]aKIbbYvvh}յrc$[Y]`$ %* ',(->R[JcoJcnqh?U_!.3b^^^^`5.=9Wttj~¦۳EUUӷh)`^`%.=B#/2oT^^^]]ģܦݨֽ߬^jj4;9ʴгбббаЭP__!((h}}Ҕ""""v8^`&}m ,9[^^^b&ݨبש֩ժիխԯԱԴչпϼ͹ʶȵDz6GGwfmm]cc599qxx@CCZ``>CC^f{t~uKTTU__>FF$))~Wffϲ׷).rrra 0e?TXOio*8;=RU9LPUknQ^^^2-//hppmtt 699aff.11{JNN\bbMRRiooHMM|GKKQUUMRR y')%MRShoo}¬˳ַ_ :PkpYw}d)5Ha]^]!;AAaii:>>CFF%''~>MRRTXXy/22.11ǯ϶ں]<L] V^:WZS:=; @"$!ntmbh_bi`bi`GNL %F =8:E>ʷڻZb Plq(+ݚ T$$b W _4~luulrr ϷܼzV`.)+a޴ b++gY ^4~donq~~GOO*./Xaa{q|}6;;NUV,./!""X]]$&&v{{%&&VYYORR799nrrbff!!Y^{}p=`jSe| V_5  "-/ꗿ4 d//hY ^4LVVVaa.55ISSyNXXt=DD_kkbmmZdd&**|~-22doo"&&?FF:AA399juu266"$$|GLL)++VZ[Y_^hnl3u,hUbc|}pV^O ߬ՇD((f--hY ]4}annbppz&,,.55ess-33DMMU``t.33XddS]]*00U``;CC\ggZddjvw]hh T\\BGO=e+J7j|ZV^Y=QT֧BQVX++g,,gY]3|WbbNXX6==Zff\gg-33MXX,22Q]]uZff{jxx}yMWWVbbRXUKcv}")5{Nd(55O]\ Ϲأ̡++f''d++gY]8uiww7??R\\z.44\fc08(MzK?l4" 5X?_^jԠt 11m `00jY\ @',,7AAdttfuu5::dnnYbbs zAWF k  sgART+`^?٢8$13d%>>v$$dZYZ\  &'޳ܵ׍<`m6CE!,,/?Ba'++j..k\ W[W!"E]`o瞿;TJJCNcbCUUu!"[$$e[ZW?AW\ ~+6dXv|*, 8:9: &(5GI썫ξrrr hirMfk**iQll'45#.0^}$24uxca-RELEASE.2.5.0/img/bigcert.png000066400000000000000000000440261450407711300162610ustar00rootroot00000000000000PNG  IHDR^fg[GIDATxdim ڶm;ݱm3۶Y誱m۸9Uߛ<]N‚((((( %C.$E|P 7>`+^&٧ˎ~+F ip@Ome@QQ8C}Xu_;nQwa3S3ҜC[@QlB7ejM[V55g`L??,t(GOa&l1NJ[3y&h7,ׅ0wzJv(M `3O?EoZw sگZ^ ΡWk0c[8RPB `Ȁa@=|K6͚m˖8k\(RJWx~!"(r۞z|7 'o튏>/9)nZjJBg_DJؑ3_O\[~R.1{>ysȘqš ϥXj߾,W1*A0L-oKC90%%ƞz4!"ԝ+^!!!~]˗\*5Kk{QHAxc2Mi>4ܦeͷ, 1MÃ-ڜ0#SKGDc>{&xc,*0syܝFmq*Ԁ"R5- n1,nOݙu⭄R7Jy;{>ޙӶ,xZcAR=_`^עYt|$SÀ!<=8R@o TR xoU1O3kǝWO܋QEިHʕX^4*^U#J#&I$i8r_{U>V$j Ao}Ԯq`KXH7tEcv>Ӷ " ,MMR!Z;%~^) .%@#L?uٲU6un7m[rfl~ܤxoDPL.'$/|ᗇ5'EdۯwjV/\ְsCHz+`xB? | @3КmzʘzqN=t-QE^>f l0>ΧsN+n欯4}ڌQt끍 hwW疬lSN9>s|bMy$dG?bu1 Q-BÎg^倱ci#fH| !!JŨUu12{]&5u[cc 4m.Iznd5by20@U"k{9OC4y~#DScXX]-*k{L5B/UcJTyxjc8/+F6n\qXz÷Ͼ Kۯo; 97v!G~Ƥvʎ#GֲՔ::(v"$J{ݥBA(M]H@7{8 `2=B>|ssmY:;/4iT?QoW!\i*bFH{ hcͶQ^#5G@^x%{機h>dFsZ8#VWcyyy50\D `z+3E+p5S{%bﱖ9dzo~Jrߘ|+\6AUyµ[/AXmߝ?f(BHG"ݨ*I>8Ge:$MRΦ)X]׭XyUkV\ m[X ;1vD6[Azg}Z2h`o B-=]\-x1<ԺU{j5zz,Y}; -D(\$ѥPחsϽ`r9]n{ՕX:WT1۷WB͇lzPMڔJX21Ү" XS4iS3IF&5X7\bl΢*EX+3HS%U5b D*dH-F¢̝{m՗P{c9+#W4D@VctWN0(z `PJ^{{IFx4 \tce&IP.W: ?'7H vd;Fzݦ+?zo>7F\^ѲzTz?g3&VÆhU#_?|D/#irذM7]!sh0F&&uޫl$lϤ.g(&XbDژ"JN0E^TU]:"^գQ^3^#Γq38zqBȬQxs>MS9'ϽOY+}z)ϐ-F^fZX 0T+(y ypNҿ` ?a٫fk hm_k`K|r/_ &3D\ebU/r}LhwJPVNQ'P,hE b㺻ajU^y^vMM1XT=@FDa.F0Hx@A^*R[^Qlk8:!Q**KZMsQ"곦RRkpnEsώW@RSN6#sVѩB5fU`WkHs`b1l/ywdCUR~킱HDH|<%dooM;_$ǿU/Ÿ g~b{oA,)A i,6r鮻̬~_cnj!_WG%_b )47AαjJ)Q  jm!8Bc@`9jj}U%gQZz +3{j=T*jp%+a]&cIbCq,BUxr3E)BTE@*+E&A<"@Z*MeoJ 5CjUy{9oL굒*6SK?6p I!\&B!ʱ{;Wߓe*HX4ı1 I9-!ZMAvXLA\TlB!T*j'Ze3Q\vB~H/DN'f݊_.>Ubt 1ku1zJU#)79TZb]v6( 9xkvd*C5F^F*F"|Wx"0X& %lUI9̯_ziUяËX У^9p ^y:F*^v]˯vyE%>]a1iF F^ZePZ|a D1"0ظyL-ZT-G]Ӌ֩Դ @Yt6̣>8j w^ٶ5G@*UR/_i^X,%]*% /Bs(2V9GQ5xx KT9T2=k)~U8y>ً~()s@u+q{#  ,|Roa߄MxG>̜`oIkK=&t[vV{; MM\=q!Ł!>s:|PEQ^~yﮭٳ[+C rO=|=t (MhtQ7Kh^U`O=_|E劜Cֈ0*Z!jj8ǝI:xEo,TDD9z]dcV8jJQ*ޫ45WV8[wN~n21p}_N~,~32שvemMۿk*z`/I5M5 6O>Ź!r $AU7ٌKvjzF{vkzT}K>dnٲIVmi='ۥ5k֙:t^5 "8dPwtz S(;;ެsJ.跍>2^zm}[[U`2K8mKG@x/'L:Xku1: =%Sa1l$ƒsq*WUrI;/[r^!SøH2Hrw^An`?7 6Uh<_]~w%o(DPRP4L{9:i1莶oW\`S${%9DmJT~Ӌn鮺x|շďK^|{y?i`OЭ|Ay vashʺuL>E2=/.~7yQӪUkltxf]$$6(I>K*91j? ? E[c"^9FY˜A%BpU5*;$V-0Z-=/%F4Ulܼdyn3H <7n0si>o:@6WYHb`%jr&V"3S-浫\^ zEj!;u]zn|NW-ưs\dpɨQë=$wIGu{;FK2s6k.>J.sJbҗyGM/j~FUO^ӟVy~@~ ͙g}ڴ˖o|MW\qC]%`20E$`%>}3NG7E/b<=  G{%V_Res 0& m-se,*+Hbg9VN?PAl&| V`7= ]Y-W}F'^vwxuGhҘ\Kzk,S_s***b{Jb-֘`A$zŸhU:,}zz.U _|U}{{(&@c!9oolRxwTiPFҭJ>U@2&*U& [Wzvs$Zs`bt̘HkeDhn7lyi#G ôq {jq~7 Hުm*hzBfkiI>{\춱8۫AńZaIr%W+k-;EcorggL5,dѢP ű[1L%3fduԨQbL6[U\WV9c,,7nL, 6؁KK :ŏ>۸וJUk ;k-üyWϜ9ܤ= 0<\|HPbv;yR#Z0KDvN{2)XG%eN7oF# @{92u2E킥ʲn8@^z'JV>MSMS2%Aޚq8&$ӵYgP|>ꢳ/\=|auGpdx>p-W4פiyWMRNu Z%{JZUi\-msm<(7eʄxiS[TGC}8E;4.K o}ͥRI֮]oMR9;5zQu֊|%f޻KܪM8@JA% O7*cV]RZ8i3HXpѻ&b7A/9m÷YKG/ݵlpwޗ;{Wfp:Bڻ*j kk.zO.CE o8F^c{=7.s Gu:ʇ>tfšQ#c9luM߰Qӷ̚55m$;qLg>}p@M :̽'vL@j64{V ("?^͞="bWko˯wҺm B/U 29h!*e/p=^7 za,ɝ22z0okrknzA{~P 5uK9CG}ksy3<˽DNHT=%8ƙfT5'\Jx%e3+|.N$Нn쨤NN9s3B

JRP~rkx#b_K!hvA<犇2<_ ZYSHPG:!EŲ\ ٹb!9W_5 9`cffA2 ƭ~SnÏ1:Y%Htodʄ+>6~Y`e>}wM2k"Q\B]afѫ;4>np07,`$3-r2i<؈5n}mƜoφab;zQrbA&Yj"ε”]z3'oц- j.2tIFӧӵ?4A02jmئaʝPܑsZW&Zn鿴ij$]&܏zV4ҹHGԶ $KnnoC|{ok~jL(Gzvoc\o ~76ŹNb!dee^d|u)jA t=!HHww06ºZ5MՂ2!b81dp~2()Ps> x" Dw}Zw^^@|jT ͛7=XP\+y^^8zaf'vptlڴb..9_~iBBm`{Z# 1JrLjO}e$dfeb<<:F+t xic3^ rC xo M}3i̭/uy!};uC F:2 bxw*U˺U+;&XI1f/=W?~܈Md_ S6rK΁gyޏ'_zM_O@۷π@ o~uBьb&uf{> 9bHM_~7cv폮KWC> ^&"U um^x5*Vb:HgR5c۞U6Z#QTHb`2 b; 2nԂL2SWaBz/i%*Ա][e?QỵO|64Id&Qύ}`N',[j֨`/foH+:":29n庼1cǶ??رѣGByi7nvB/ժU#\|[;?hԭ['ԱcAta )=V+FTjgй>qWX5jh?3@bxfꁻ=?78g3YXp(D%[nI)0e:Ww.r9P2dU۫ S=L)nA}~Z}h-~ x&)Jf2)؀դK"^ Z5È\/^wbe4gZ0gԳ%$'d~ŵsg1r'_GA"믿ssyF'xGw6/]`{$ӹy{S bm߾1`C9jUJ>e˞"hDUu\dK0,VfjLlٲI`s95f%SڨͅǢͪK"+ MWUdx^isa,Z4,UsCәz3rʚ]qi0M6;nTTO(M1l]HW6mЇ+2c&^O1R`PKv.AHp ĉҚ`RRJP/KD0Njq|(Icݺ-݋Վʔ*CZt5 >xׂE3 ^Yqo#g~3uO_sˌtYJ}?;pY~3<`1m3$]%*.wf&:gʨ1}0Ѱa}+nܸKo[h`.O?bA"&U_If뗒biȓѐܵkPȴ5z=РAPjUM!F3v^SJIeP"}mwff-Zn>u~qwߝyo?=15uѦM WZ9QliۼɱC;L:PSIM@W,2ͨ , 9N6B{}-u  : K^"Qv6, |ɮ+ΣwU9ǼѶ8K)%/ Abp͛^n#uQn3~dyf#r)mczFP2é]_m$ԋo۾G;vիV)$MwO.]:3` :wn;vhN͂,eɣA6Ɛ!PɅ gf]zf}>uQ띰Yr8ϿvCy+U*0M4$3 2*CzH76 :Q5(*6FdFIحwӵ >ޭ8`.3ili<0\K]sfg24RhtAb6eWW~E@pyEdl֠?UZ%Qyl+ީwd;.ۿ9rܠ#EF:kBԙ/z3WsU,c~fbne#H@HEXVba 1KbġcܣiR(JaĸFaop@MZ`EcrCAFf3zjŒZ΅Gʉ$㎵eLs,vV>1 1`ĔW]եpg(C6^yei٫(Qv~Q6lV–-HoxitR%ɄEEgL!dٵ@$/Oi ^TJ580E?e{Ro!m 2E^櫾dCmŽ%4Ogj<6kraP 6)cĂH-29sbo."#D[m^]u2: "@"g!4vAP͞=9GI IfL?ۺ=^u•sXG5M"qM{,c^xZzT>7LtLDw:Qh޼EPp3i &!k7ni.{!6xx3 ,~>U2/Z # :gz Ξ/<ͻk6WlaST"qy @"z*CrE$`IYJ.S *y2&{XACp>$ VLym4A?߹}xdoʪU/zo|_~{ٲɴ=Xh'nUꫵ[oW۟^YBK_{cOꬖ'9FM*4HCo|:֠ F,H%R",lsP e~v9wk_>*3QDŏ Y9sæ}5:I,8ym~O bÂrA.1E7&U0N|n䜃[0nAkBрP0J5 nzʣRxfhiĈf 6ȀQv ғgĬ9xSg/ {Fp߹'lM&A4p]ze7{]AIu:[nE4ٝɓ2m6dfxhZDjz[0_׶933{,e @s aT>q>>fgĖ#8}cpwcos PK {&2 EM'p|$%ŔK}IL<۬YrHh#tnJG:__/d ðU;u_4H#M ZY0 Ζ;Hı _f ,ۧK{6"T֬y6㏿uWq\3bl-ˑ_|qvV I#'>}:F'#h:ujj^!}'U0|F勳w4AHBYW=)p6f*H^X HAz\\B\ jW+wךkPwGÏL`;8+oD_"֩`M;:pTp _p/o^Wמݳu~|+Ss~ &bBw+1@$_ne4lPD4$0}LNR0 GmscR\VE/z;wnh۶q-J ]}˘Cg@H/[619gϞm8: "L*m>AUN/Rj!>fx p ѱt)ǀMľpDSݑm5uxP=P PgPUˋKW0fh\]7WR6бG +7#3+ĩ}僡ˮ] H`dZvWZ!'ZX] w Iy=D 7Uu!yJfEEGH2@JLiÙ.1V/T RǪT%:Q)@Q,)Or's<"G {[Vb}.RdL|{FXO9\:qI^pv6k1b0ް_H:9WRTùQ ,"E(h|AnAg#^ >c$L>Ԥe-m]^Zqta3j.8 gv-d/333Qcff\af9U[&iwjJsl'WNΆȿN>)JLK$?xV<-"1B7"*'BX%u+1>>Lc1Zh7lSUc'|6{)e禽遝w 'rd4"f3"K(_RО{9"%§?Β%-n Luʴ.G4q68}UD#CXR#&?߸! Rp*hmu ͝lzI?5a=gtZ);6b:B!Q,k֚aqJCpNU^xG>O{wg]? هMNM2#Q2 /LBAKlDTڣ#Y\3a#PHD%?YHQ@CTmh# )]#˗O\V?"<#-88G8ev*Zcf#g @#z{ lԵSI^l1GxzIP#QH Dh.btXU#O0e\C QS~yA{r6;$fGH:i5@+M>eI$h>\% ):RE"B+ 4E&cP۴(P2뮹}KoDZ~߃fw:nלQ-\(E IfQIML[YuSI)q5e2{!_:8ԝ0@i&>^9G]rDJj7q_g'c80yŒ<=[}lN?-lѢyOWU1ӡ$R]J^k Q'OK{FʞO(tYc-O;-r/|.Q\?9Z*;YGtzbdr4wrod0U,gA׌0EkLNRr]8Jy?1bNyMu9rf#:#9fV]v],W"JSSPo]f{wc.YyʴC?M)Ux|p?R$y 2ˎdƾ*'j;{9FSaM˖Y^,TH2H9aZd}_O;8̓fOGC~ۥQVԵ"LN6c WQ>Gl0 "P[mQp[>捹RyGNeCWb$7p)nLDNWz]k2z=3s]Zb9sv*O=浩V5W|U5rY %͋]􄈗m_UrG"Ez0o(RPh9:9ʔx[q&3d <kD<Ř6r7Yʂ+.51>nrcP#릤4x3q͏ъ>&wv#FGAH6̡嵍A[F KRr)w!=Og|#̥-+-;##8(\mXARi+G,6OLH#@Dt(ylztyYR2*u "lՃJ͝Ր-NX~/{/r/A^7 :y4s+m\K3Ƚ#=L I<+DP0YKp![ >[(gѥdݚ5eX${'%7mŖekx~If̠\$ G3U,YDPH)1 uC,APOf'EDJ˴J)y%|зpnx`0ca5}WJH;7Tfa .ŽlQbiWm1cھl]7Hd#~UN<\s2&ly܎ N3g! 2LE (")S,PY"%vY|K ٬@t^43B \f$U'J%IYU4r[l^?:s5k={ti"J9fCD3BHIs|9SrJJCriܰ8 겉( >7%f~זO5C:u}ɽ^ZEӭB>kf:re#JTxHFC6fӸqPʗzCRr'gUkּs۪1##ݙ$MD)hęv7R][Y;>9]0uBvn ~(.0߇ \{͝={ܳf|'|zAYn'4̜5ؘn#픫6&sYl3'')d9A"\yfG_㞽̭)UuYݮ*nj,Ȍdm#J+VXM“ZJ8dPaCj\%ڳKn)ZTA)7!B]^$Yn~- /5d_NJJ\Ks ;_-ʩ(' t:JE%F~%ʚ8R].! xvRSZsq[##KEUEfZqAժkHIq|3֐MBˇ}ܕX3q.>O(qZEFR*$t "%wpte(ȵ)s\c a#V%`0)&G{8͐zWO*0Xq:xBG,jg,@i_U褤jYAwQՆ$Ww`W[UJI8A?7E`gof/Gxisr1dȐ_XoA^P!C ǒ'ᣆ 2I"͐!C6yU!C 2d|BDIENDB`xca-RELEASE.2.5.0/img/bigcrl.png000066400000000000000000000337621450407711300161110ustar00rootroot00000000000000PNG  IHDR^fg[7IDATx+dc۶ym۶m۶m[:mil%ӽm*Vu|\.r\.rR>Ԗrδܐz<$pR,&4nCw/91~]V}֥߫s<\)R5(++cwY> QՐPHwmS`'\?4NW}[ӹSwtҚOh;Ն5N"*HN,').ϰ}ZK3.ZFH'Ӭ_L~uA `u3i"=Diݿ[K|h{GU;CmC_Q8>uKHS:ePR[Yԟɴobi[t챻۱cfeWBP1@aX=qKO_Wۑ*HsN?bV*}[d()*Д2ZD ׊t/d.;=cߣ{b~YUXePߎ@ Pw_(&k]1T{n=ezUu |Â&/( `i&)\ k1;u._rDр#9~9cgQkŪ*h@ 1#kGd>da"21##I?pQ%1;&Y5gj׭߁xf6j]:t葽w?=pžU(@ը _ ʱa6ދBU=j5DmFf 0aD'Qrז|5m0t מyUV^vu]y`U弟J&٧W6{isʚCuzc-޽oWaXUޯO{}mX2 Kx:{]r\rCv *}1}^IM}}bc.GK8TX.[䌱`kmROg> i%}L(oͣv4& OLDjEF᫵ahms3: a *EU3M)`G5h4 {Pb1`_[!мTȯG׋N?|~gNPAa9q ě&-J'iͦ$F])Pc`ι[6I,9Љ=d|CjUZCQXY;?!vw-)4Jcr9WƱgV1b'>f&ffh;fLbnjg8iwgH{z=3HZv̬ZcX|XNv-Q۶q"Dl٪ސ Bїv|^"vӏ\V; Sɳy߮ pV4ap0/3o麊];0UTt-)*+rqh)F"0q= BhZs"hQOƍA;J3#IKU JϱLo!\.,O>ԥ=zX|eN.@ E/>uq>{lV4 L9z9yZ6, C|͚墳pcZ ,Jj9#*+- +6Nc^XX_#B12#M&cg v aFÐ3D!SO_jJX@3c֦ ђACPV Oc@VHE7ࣺz͌^o[YYu넼!A oNc|ލI>` Xes`V<@MA1Vզ&N͎3ׅKWUWWLORĢηJ/-{"ah2o9*w b1fuzvl ۴)O۵+Ŗe[u&06 0Hޑ4 \(s ']Yߪ*uR",:ml1XZ D*˖1- 8B)JPKq1r jUL@$as'|C3CkZ c  ' X`,,@" $- jS_~YS,XNkTK\rvUUMcCCc.5҆$@>K+"-곣V]d4ImSz]Ӧ^''b m21eJCȰ]r&m 9kK1KFuccl"tbFPlq1Ue0J) "g1c@|i: eʸGW|fmhqh#|WVvth: a?4Ƹ=VifB41DIVE ߷UUV" IJD W^c,Yn4q4(..2ZYeXpXP w ?۴)&3Z)VP$|oġ\‘9 RAh:u" AʡfcBי(Q[[dQ5448q^^B UAA>ɵ *??bfhMBc)IԦl0&lٸ^) R;4L^3,Yу9s$b'{7ą\k,"lFQ[㬥 8t'3}Vl,B*BG"h<΄WClɵ_i йD mڔX ZkVB~TyoA ?b眾ou$3eqe @(rTi%Q $#!k9c4&%X>Ep#CP8qAF,MZ$4#R!dhTڭ%HEc212F6㏿LKEj 9O͔A1CA=)у[C#Q̤B ē\:`Yif> 8bs&5N)sHc6YLv~:r=J -8ĄȐe޲Z: -dSS9sZ9sZcL!Bf[EErk"((c"BĨh(g6((C"Qp4씑GJ9Dmn6""e5 , R% H&S^ӑZBQHGN$"#?Qtϓ!`)|3tk\tlKjDb]Cf-mdK˘12Zd@<zY \ yZ[TUaZ5y}|!E@xxǽ.k3ҩ[4E"&ǵe"dc2_3Sd Oӽ|>ѢkvHURcHE޸6O{Q0`AƠfBnresY8Cڦ"p`C2-nrs|T06J]]"^kk `F (i]FGR u!E8C` h>ǔ,`rOa``p꩷.\^z( =sQVV .8QGͅ7E{kOل|D X]g[<&6iiXr,{_kxAm~Hj83B.w(2@A|DÆ 'o $3.1ЭZzEŅpGz lL&2Ʋe[R:aݷƔOzAɾ#wJn͚QepNVD,þO#"uc-l />Iu$C濭s33dY[Yvxm 6|H'&"BM Lb"t!ְtkI Na\894o-)Zm?4&0T5s  WO.}[?Lώ^k&rGDKxC2Uo5"_pA_XVeCkb`L1li%-\LA0obգG' TXEg{ .!>[m5<{b,ʕksϽY8e8Wnm莑KC1<OiRNH35[o?k֜\f 02C%}46oqf…Kާ~wh\oؼy=)yGC_%Wf8c$k1P؆RJSRK%F#vCC\k2[TL[!f)k#ÁRfK~n<)XYzZkU~Q RKqڤ)iL!7B_Cz5uۿur |ϱ{}ur[)ȑ4ngyp̘o/?fFu ̙Ap≇mհpqUUZbԏ 1bPj)WX5b W-\avq.]:vM6 m&h9uE{$o^uapVнQM9&xZ> CX\f#H)n-*tN(b IN m-n4Ã^#%4hdYd;.{nhq?ym;֦|Ɇu|)ݨO4G|@Fhe[NtB{Q7L:+:!XäI3b.i%fz1y}7>:z(2[QQЩS{;\0aZPRRd]}d*-_R5I'Vb^1( pT7|q_坞l] HҍL))AH{ڢRm- BKaߩ]*WH[G",aF?i+$ -/OF(QشAnāZ5o-d9_9fK\vgy`~cH 0.zI|hdMMHfɝ7B(KW^yGY˖fץe/ҳgϏ!riKacp(g߁rE}zju ]]6V `LP1NwD h麵̸WLQF$)IaE[ޮȷVLԗ#(K`<ᬳ7~YE}+8B& `]e7֥Yb H45FhDC+iӜqƵ\Q3Z/cR>}6k 7_“O޾MDσ( wFpp}YqͥEutS<ξOKXĜ.[(3=ATNd ^3iJk<%f5S G+b0N'B֬ ٞ=;BQSӀj'tW7"] KO3q)X<ȂE˜\;.e}[l1,u6Ha Ν~_pd$I6޸{ҭ8;am\3D.cD&JuVXs_6~RQ1s$K)̓,Cu8 Q ӕŧbщ6"EHvÌb=*!Ox }o=ztwSk!T2%k-'Z"b")0~aosķ%d +?;g_ y=G#wO>tz끻|+8<& CS!%26 E|Z1Es]uX&ڵmkƎ:oĩsxC_zY54oBo͚*{3b:'6o֏9sy~86ovhٳGNѣD%r"40`^_G3( 4DN(gQW؈ʲ l?-֣dCRY"xlQ`>oS|a QΌT"+@4Z &|_c.jOJ "t$$(a [_T^/i=FZ4|&obaF7ԮmF3wݾZJyWU%:$e ܫ#XkWId#6ȈRV#6}GnkrvS e(IhJ;n(gacªH/:ԓ't(36%V 5 c>0% ! "Π"Qji,ןUZ/f av@$5HvuW/MnsNf~‡N:Ľ*"BjfYlO0tiV >fŒ,_Lꏪuý!^Ca,W>*uԐ+p{ ,lUh5a(Eʑʱ)~1asϨz}kbpro^…5C dp1.b0Cc[R'xkN9rG_kg 9d[T;UZ# VA/uXZ{y}#PAyYd]t>wfG`]ݑ]:%涶6TbޢEK}+m[D9r:M5Z)m }շ 7/2y8\~WV;s+$׎8_~M~H{/smn5H19FóQ]aqqsi[d>/my;7|m{ BJezZ xeyVvq*6|G' j"3"gHI9uVc^;7'|Z*=0J#؁< fdhAHϩ[ZRf aEE ϬqvO=bQEر_s1>s(O]f ݻn0ݚw޾17}j>{%}\p^[? w=CvO▹mu/Xl2c`"&(٨[x?jQC4jω:20k c9rN4<DHZXzn8e)lGM2+#X_~ᡏ_EhQ9+|KnzTEXSov25ܲ5~sٻ y/Ɏ:fefffffffffffffuL8䫫?yovR_Nw:8޹&ň*qM_P^5έQ Fo (EX*Ԍv{]3f}LoV c ߘc@8 >mkJG]s ;=`^='7S 09iɇm`AȍLZ.ez{y)9VKyE:t r= ./'54*źpq {b>w72 _ =DUWwpP3'&-`Qt1։l뭷hٳG@ߏ 1巑.*XN?1}oe>3%)9";1D2I>kvp) \Ê'9!ٟ ,AJOJJEUO?_3j Z/BWmŪVd#)!` /*^ dJHuy7p@ )UWݒƋ[x8m\r;YBT__O8ጪK/=o>AhQn*)cxТ$D)qf^{KD0Aamo8f02$ < IByLZl=mɅ (AvD*lSĺLMYf'ۻK?3"#6xEI*ݯ90 ŏ?fp:Z]) _gu:kZ0ƔnXf >}ؖ=uf8?(Lq`:k׎Oij+cGDԴ;U{tK]T2`{RF?mE\q#=PRKryõSFyRJf/`ڷ˕'g O="^=7X;qƪ`?]`\$XkPb5pQ˵g`T4+7={>C|^aɢ 1Q}$\pԜ=zt/\zrڜ\tM@~C꣏>Ү]}(G毾*t͛Zx=6]h賔~qO:EHRUOũ5 [vOiҮ䣏>ۮ+M+K PLBͪ Aƿ`y&l2s_SΕ谸< {Cuց3"\vmw9igߣ=r Z"; o׭v>w#KqƱ^.9B)"(Tp( _Z+}? q\E؁Фg]n`8Bj.C:`1b}/Ԥ RCߥKg1\[ZC|' /"Ygº٬~YV6>8 @0}// rǑ+ 1DEBBI9U'd+'A0N_&XgkfqT?HWʥG-;` T_ߤ/G5QuTC,–/wPuЃ ̶*P$R@Ho42F61Fwsj+aBR$LGvŸ2ewWUwl]N7ͧq.®h{HCI̶+h̢͠x,4s36X5Xلm]5;) %Q`fvEF:{m]yw7+ ?xpnTI߈OrFuǪ}\~`Dgة궻_nJڰ|eG̢_OoSWɤ0JcA E2  t_3keeR{  lmS,j $q $f_Q1oiɈ6Ath.6 yxP O_ <: P&n'8Z$^Q,VLFK<.(ʅ12luɷ+o~v9 |٧~9',]t{wwHZzV*n^뾯;|eo1$-pN%$H`4NoRcXkU5 =gc ! v>ijsM漋_Xd9"Uby*tHZ p5%I1-prd?Wc.n}B|tÕGﶁxvʉD$j[#W"XmTY RJE4g FŘ4(4G:ڰVa^ ~2{T\ uNڔ48Ipp"pp ɉZѳZRqg9Kcg hzmuH4HjFu\[6G@0X@CipH EH)uThL;T\ɖH#ض&e` k^Y4 olGõ^|9N8Uv [)f("`pP-4l_yܹ Cd+pu/u_|=EDnyڴ+MvITlj<7.x1C̙޶ ᭻$rGŔq׌cA ,p-N" p00y+}Hs. pqmblQI`d<.{  ]NeWJ#ۃc 8 ybA,(nH]7:'}i pLwShQ}{ _;]XJMuz*ojgvf}Ƃ毜q!\K`$b8P*|eE4Sd\Ud/%.b"(`͙SC9=vߦ)V`8L`J^dhi3%j~p䊇h%I&nc>b`xWNijM"Pn2;m׹mSJu&M]0e?g"x6pqsHV)ϕB6UEe/+ϲl63ٴ@bQxɑv(HFc! Xg+m=vH6P*-DCt8%ibRwK#(6`4 \Whdpǿd8}h{(68}a4s\˟AH+b$x/kuHp \+|pxSR)/OuVZ޽K;^;yf_&5M>~܅ ]@JPY\y*WT]Ull Hٞ s s~(s_Ӏ!+ұcUly.@Yf2]6_dDbv)W/c0=C;?=NhcDYKf 85f@6s0:I㭆4yqULsAGQuq7~ KXm^9 O߫@…C<4O/Zh)iF\QJe}? ߈0y=( qd9\,gl^O@} uk=_n >WNCXĨ(K8w<)h#7/eI:= ݏKZu l5mQpeL$P:kѡG^;W>U lR YZVz9iթ@ܠ%Ԁީ+4lʖ[5p:nhYY:k+I NE$';=yc+8$SL! g"‡I ɤg!N~ĥ G|ܩU?pN`s[Jz/ ތ+{Q^{Ql 7\y{tw]5?%uft 4 BIeИQ=) }1[17Ukœ3m6P?R_>qէ;R"vpJ]܆صٰjür9|%% Lfkf^:*H35/VY$L /kܮJ%B C,$.I8(עϧ~0,FKl5ˁSvnxA+Ι>;m׮| r<ì2oSElN+]bfigHqcIPӕWTd9Ҕ7P ˔ӂliu3f0lݮ3Ӝwz=W_gQr)@c.x #[#F𬱨6 ulkAnE7NT  2E4g`(|1y SfW`O.IENDB`xca-RELEASE.2.5.0/img/bigcsr.png000066400000000000000000000411601450407711300161070ustar00rootroot00000000000000PNG  IHDR^fg[B7IDATx$km mv|mk6ӽmM2 ?((((B 1@Q>_{-CGs%s =hO?z؄Q͎鋳#8C14a[VJZK4[Iqa \ P}[<yi:eǮ mj͡t8[6 yi 0a>o`E=2&h'G9 WDG_?5'1!'7^ <@}[DGO^g(c )Rt͘qڃ|ͽ\ [92Yej/ӵo_qb:%aq*>#9< PZ(|r€y0= w߽q`5hm/, TB81.X c4 aNӲZLpڲm͹CR$~Je dVWwڜk۶m۶m۶m۶؍ʈUg쳴?ȎȬ:7 3:FK7³[%1'=Eq㍷/& :en8!pgU (ER>[SF* +.nꃶnuV06"Ztͤk*,L "PA81c'i n~WL ϼA睾kϾ{7KXu}N<낻7` ;e ]RCzv9ug "Hk#ĉ?8mᶎ^a҆.U s7ae+)4α8B!X $rk-Y"Bĉ[S `k% ()'qҎ,9R~y~2.aJÁbP5`6s[.c E0 ʝ=6)*- /?}v5 Jf1, ""#H@ꆗD`H4D1/Md2  9k8唛6J;R2ʱDs޴²_c CMXC A,GfBX`|"2p0$LRwb݈ڪM7^~l?āef2X}A9'Qk!""(k EZH2 blP(&L)S[lD̢fCFoѲ2=+ăo`%dĈp:1:MCbD"X1,3oʻ"lV̡,,!A`clvde3s9f@5B/$\}`a'%b@Bzi @$ i1!T 2(|6qFSN2u&'υ[zݡUt-ʴuaMO_uPWUx ZIE1" vch"e,t)) q ۠O#=S\psLU;j{ 7e19!kB INH~*SW%tCJ"1FeED٬XcB%$?gum8qfJXIA&?</⯈[6MˍLF:QK<(V]"IofW;eVe}e>:e|6mUz#u,]5@{HΟ!BE(BWq"1T YqC5iյ|>cT (7hVϿV:=} HrX`e.'E 0_<-w끽[HW@Ũ Rǟŋ!̮JH>DI$g %r$"fKbtzd( 3(& "nCਣn>[9} p IXEְ*Kf}l+b^'rcpuOf6w^XMM(p$AT9#CݭΛ깾_}$pXZZZoMŔ)}E5ѠA+PoLDAkggW^'"/ 0xD*-3FN! D`kÇ l]xbs k8M Xa!v1^kA|Ok* {Di*$xI*d`i^@0LdJhb3L,Jb)"hbXt8EbԽ>fW|Cߞk&if̳"Y|߭DŽRt(q\\zZ3U9:ubzz# ?E&;gwO>yuQ@m(ѩ?N}H.ʓnAE1aȰVZ R*{mr@䀸ɂE"4dկ@$+G+JQ`L>RHTFİ6!pHƙhO'G*G,M>S $/ =2֊UVFK.ϝv-Lܼ 2'ʝ"Мze{Hob!2s9r'uUզs̉\6N~T a.テӭk!K/P1Rl_H@6$yk3LA$I&rkXɯB>ToFR)tUnRؓP(DWY9^J=>ʡIDUkR8oO?= U!jj*Hj4JU5%aK}Fm=mɗwj[s3ֲ'p6/-E2 H$ŒV\|;ݯb&NDϣ2(OnJ1MJB'"hkJZUcH^Y+kF*k_}3k 4}z@a8 OXR"6P1ELpaNoҖV_HWǒ(6+ CҠT*#ƐɯI! 2CHB_&XrɹxO_W ep`Z̘Dr$y\_}}3[+O12K))4lfn=lAg4L c|?~sx街3+` [-gg6&@ blFa5R+PD#ҷ 2Tҭ o ^Et#fx ЯHA_JPBzֈW&]|W;7+4X($Sm?TRww'x$IVf;gv{\zzgNfgg?3,#1 BfLg }6ckjwYz;jgRkCECT.Dv ۾惊$OXeNsօq k; 0/(BHlXCًժZӊH5)6m8)Gw,Y)Il!1)0~ x ‚cm͸'C6M"6 =?\,Wg/q)"It3==wtX "3X[rSqfwF߆`8V5˩ ~ Ckk:L&c-,ѽ5{ C@71# SPee&1 cW}41a6PJ#lԨ)˗o>]□rGW}:63O)il x%>V.+}%U 1iYЯ\hd*Gw@?~|^^}}`Nv=mƭʒ%k]v<eױYym„ovvWϦ Xp|NH'? bQzSQ`$WFY0TՎ:XWM/DpR$mc\CPLݼp#K5*&pOGtBmr 'qGN|9" aStdyK2c"qMl={ }TJY&.fVYkbF!<.\mիsݑ#S*, r`_RR4JQѼyPD1c}wr/\qU8\E1ڶ*'46 v1 -Z99)SX*N zk(#0G1H("#`\UGD$h:S>rN(^8x FaQr$h\/ޔyޒ[~ɧm5.'1Ռt~Qc琸s5eSݒuJ!c<!ݧC6o}%`bdH(uUuZ>G֭T{pD_?K}m,$aO r9mۥBׂ Mمԫ 1idx^R<˙h$[o}E_XGNu(]uU`sz ( M'55E߰aㄛ8wuu-3|5,$N  Ŏh5Etkh8Ñp0b E(ӯDQ 1u8hn܄Ag{iA7QЅiI)LxWHϽ<]welIvvx^\6RC>YRl,.ĕ쩴6j:ɸi*bM&H6mڮL4ͽVaTGVM+ש%%Y~vn߾KݻK 9 Z@~ Xm͚MaY[jDS^~X.++ 9/7; !tQ9fCqiνJYY`{)y UV4:/CԱV8S|.-mLLLʜ"dD$^aM7 t 6 I0r1lr)t* v/EA(LF ~q+VlbԨ_b j, P3g=mټHͮug? ͚,.NN M!MB ¼[֡9O@k$OpFɐ0#2&zwmٲY'j۳ZQ qyL'}iJ?y @"N">ۊC<VC+VU؏:r&<\rn-Fg6¨{^i߹֯ߢ\Cڵ ;/Z }Ou 9r ŧ(0BO3=@cP"+B\ ܥ=Ą0|. qqy{*o+4 3@jLP\쌼}9X]'0w|1P?+{Qo~mzw< i5A6$aN-@,u]Y1.7Gew+㫪k+=mUՊJ (Kɸ57r=Pe8Uh! A@x2o߁c $#e]ogf$Ix +owŕ/%w[o8Z:f~֫gkhyML-E!{Me%s/`1H.8#@lD MBA? F:ɑ+mܶg^ȑ#kjD\5|߄XydZZu*`pX1@Ĉ":L@ 7,Gs`/od- r8@-eÃwzNIfp]@h:In FdvF7_wQϠ㗯jC=NLXlSB/.n @a|N"_8 ۷/ W./^ѪU`&Ӫײ )//'BVVVh7WkFN[n5n(l l !H\9ubL`(_ h @779&ąeLK~GG֒i}:ڣ|Ŷ VVs[H\n,4/rCff']n0.{],xD&gK! HicرK>}+??ry޼΂S{ Pƌy+a%Ezz^CgLv?CUIB5it2pD_G_] %%-C- ƘD&\+8`$8,-MG6|| TunӶY:=@:'Qyʓ/mO.7C{7}zyyueGDřY/Y~3;;ՙ.\2A"DMvŹSg:wxZjY|agxrȐ>5އ^z>t{~K/[xRm=Y&DM&ev=":FM."K@g={snX͝c7A~DcuͰM=BADPe = c +peY,(*[PQ Zﴪ[ @99aB:G)?Z1cR3~#OX 2F{㡿z0ailwIy~^6я,$gY(` Jr=.1&~ԩ,0`5&}^~ڻwҊ3g~lԨa OKOO[f}N3;uj#,D Xvv}^ A\"WS}tPƛޤ \ jtb؀f?':| ߇Q q `L}:Sf*tA)I&f |Fm+8q{ԗ0y^6L h1UE ÍD…Rb`ՂLO##lj~j]%bxStb|ΥgzŲe+W]5mۖl صkܬa<p <6e8R euulr{eiܸqR^~@K|w`]qť;,Xs"tN TH{iݺ1)lI!{ËuL>jûdl C qM E7DEq 7Ͻg&khZ`b:Q`ԋ.:&ѡh c24drvT>:rO> u=Fq$nٲM6J^yexp #P#}njyϛ_rGVu-Cr*D4Л;oZ?J}2͸x};Ou@K_СoxxЦSfY%'C 5Wȸlȩ66oj?~(LQ]-1kxpKc~:!KW]]S`;hGd10BsEzaϡ׹&7Π]zqȧq'HZwB:qTXQ+"H欸ޫW:?i2LЁ MQYpGБrEE>99Ioڴqx-*CA>q.rr/ή5 pÝY{~ꬬ 'O\l]`jYаaIعs=sO' |%zE3 rHMNv-v5~1[E$ p4fB 3Ʉgږ-{zO|}9Ʉ<n>$xȨB7';-Ի{k5֤mnD-FQl9r,am{$'O3w֠ iY?!VۧNŒ9 {+쓷o߭@Vm׮hEp > aVV6V+׺u /<' <ٳpy5P ԥKp*9W 2'9v/ZyدW{칤M*mBBN~ ~Ri:%rMPJUm]eaU b;\\ } t?NXv;ҥEŌ^L/;lpP܁`'*A9S f>ꍶ1 Dya{8V mڲW.GVہВ%3= 5<r7Ϲh}eF@3%&wvYn<:ulw/-Ϸ߰UήIPGP#GPu!Op#ڵkTٯzꩇqہw}6mڬ BUQQֺu:'w J2;,~2c'wgek`˖aI5Oq˄2k׽.!IB狀|jX.uз^y*hh1huT锠DbOfH\2*18K0bp5X9L8ey- ~*] i͟IO]y7ؾ鰣a)D f(aC>rt͎׎LǼ^98uGra˘x%Gcz%8.hzǭQPAB^g0[o BT1j+q1+"r*%v?~GxRކ> v%]pAϺx|/4 )zb՛[yjUEA+$(KF*Fgy*q=܃Am #`,h:fa۩$z+Ø"[ꓙRnUτ/@s("Dv܄Hbb.,2B?4oXdHJ,uCd~饧|֠Cꋮn`c5#vVl,WlL{T1>!q N~D7nw&4g\h5c- N 5VaUk,MlMP0  אτΌE| s(%XJ;sӵk Oj ; pkHVXh%l|vmTww<?(޵r&>e! Gc@,x BDf15fsk5z ΡYBD#Y[1>/^m2z/E=b쟜F=e7umڴM/4i:_zFF^T-ʘ- ϧQ< TH rs/PmcjʫcO|T`]㤤C&>îwBO=< E)`ք+ot1g?u@5|%kq]2ճm *9gH =bƟ0MSRD.Y9FtD07= Dz͢D=(>vlƝi?:^Z2,s.Gz@D#µ^Rϛޮ]qb,B ,n0&H}6 hѓjs\Sum~e"@z\˜R9·3f¼a/\Ӷ*Z:8c%ʨ)GMg6 :U8AܮU#~@!#=ɟ=Qٺu0e3MOak3领L!ߑI /j#tu=CHVCXA@Plj9~cҤN"7jc`f0㗪22={)CԠ6M.tLUMlZʟLߑGbr uգnڂS Sipۂ 9U^(?r?-{e%ztj=qNOw='[øۿoG{=䉱Pg:zB=Bc>mquZ/8Oڄ$֙U_RS@QF!1UI`@$q\lʐ YAÉ, >IHߠp n a'H ps,@X06cw׮gZn _܉1T3SSO}ip 1|&FYg W+oϜN@ dcRf@B;) *P؜6w33wo;m s3sb`]h6NxC$H𽉡$9GP(-=rff$iN]$SUUbN#kTdM||mMRH 84ڦ r!X @bU:r3852Hp2n4Ed#2ηu>~cVM"=Q8Ū\녀2X C[/ @֊JhaK ' s|f4UZJ V XE l٠?3ngƎeg>n4'NXB }s>q-FxBxy J}O]vy8PmD}/h4G$0((fai!A@ۺyֳ;|6n8^4*SrmHr"Q/>Eir eW]9Tse$Jn:}P{Dse[*>][e6q=))mFaLe%A#\ z!PVL2[޶m7{Ñ@Ǝ(:c Y 0@vg^potH@Cȝ()c09C!Qa sƺDe#NoCb#xqBM@N3ڤI!$WXd{ 1 S։)DXb@!Q(ŁHb9+zn3DBiElqH~+DVb!?n>\p9, &@?.׭.=ZQl@r0q2B>iVG1 I̚ גTmOƺDNȅ6*mΘm,I6Nm|׶mm۶mږ^s[_FdTyG:*LcB0x汐W 0w}w~3)&d0PnC96ֶ:|4MʀDmA)4.n]T jQOfMU!AEJ:C"՞f=/> ]ϞCFf&Tr տ xm;c#TW`jyYNox<ܜ$5U3 '$M#e5 Jk+Y^5)݈Z6qFLF% S SI9_,czT5콷\7sؕC-/$yUZbEl 5%O/Bˋ~󂈯ٿ4D$ڦa43E'~DVՅxn zVyGmMѶp(r­i:Ɋn@&bu3s8yW 4B߶XmOa"$m=u߯Ȋ.TU$.lD8p >Oϊƞ,5_0ZcEpezrR~jJUIAJxhDVݶK ,wg-OFٶ{GTӫV )uV~ʆYaw#YQ1ϵ a X9$]3&iJxOJ .+w;GOm %ƫX0$t7RJAZ2U peCvU uJRllUskBǣϏF=hQogi!j"U8:˜el@V+D*%-#.6+ᙗ٪85ED)Bt$1>j 5!`cp<-RJ˹MAphj[ގ9>g'ba>AUP׺YJ^ɖ*\۔uyR״-t_@Ƒk!mz Q|!BBJGf@֖]53sOմ)u>tt0=g$/4mx$%>|ի罶|G˯GT71FdZA9#"tJXjwssJ~u.W`s|HQYy\_z߆y]V%UuUVxD~JNb>.l-:mQ3hR{gמO&·Gq=sGKhңmw1YpA2۶lA~KRz _g i/PYb+H v-J׳(*ٙ}ll(9 ߔږYY}d[ m!>z7>_/CqlUY*%Xq rߩcA` +ύ]D7zz>wsI_:˳ =? ?MOO8_Wp<==={%erIENDB`xca-RELEASE.2.5.0/img/bigkey.png000066400000000000000000000027701450407711300161140ustar00rootroot00000000000000PNG  IHDR^QPLTE,-/!!#  HINkmtGHM$$&#$&56:lntbcg013$%&$$'569IILPRV##&124abfPQVIJMnns559 '(+ 668 tRNS@ߠpЁxr 'IDATxڅv@$l\60)[ 5={sqjZVժA45iW_+~*%9g"8 hNHѧ %fd\O%LZ0T U5MSɛSd"M9zc>jw/V#%%o)J`uFƥ ĆChڌD5d$glb)Bd`(Br||`ɂ"MGѫHѵ怍-4⼗zr2eS~3QvKVt^2N|x4Low|{,Sy~(3*X oK2സ ˿@Ʉs3OEVO0K+'{bas6x6)y~ya$Ng=tT0~:T93%EWRd֥~ J[gXE _IGv^.US jo[`=Nf#$la?5q$ ľ!+8c2k~hJ2mHߐg?)1O^WZ㻽*|=SQ9w3ws֓)w%1Ο0#DI qxtJTuCIdy7PȇI|Cq\8%:Z v__[H_moᄑ{GD>B%??Z`~*2v-[a'jB^>o@ƣ 0=4aCZ_xd'ZNR>kC`~C4^eR&rxBSl.G^ynh->`M98cV!pdvQS(;RPdT d2ڰ$a&#Ob[3T@Gݮŭ®*(+ni8 B:8;biVZ!Vikvׯ)c-;v0p.pWG?_wX8PL@t#U-HKAYc)B$D9Cj"ClhsVBg:`5JLjEFJ"i|ߐ旔{`^k:?ލm.elqpV_"*i-ӄOϺ=5Ҵ;[_).X ߻͌c9k 3w;V2/Vj_,U&IENDB`xca-RELEASE.2.5.0/img/bigscard.png000066400000000000000000000216751450407711300164250ustar00rootroot00000000000000PNG  IHDR^̗tRNSS.!#rIDATxp,Yۃk۶m۶m۶s6'y}Nz3kk}_5!( ,C`mI X`DU?*X`k   TXXX+X+X13!&@E흈R+so|BElA~y/ *_JU*/ X w__zɦr2Cz3$]3{f⺫** {ŅFt$BA7!Qf 0 " ]ma+,UW{4cG}p6B^~JUD+ SZ8ӓIwP:ȭ6YWzU#i|.eҨ7\kȡʳI ȍ 7%b|/lS"6ZfJ#$eambȐv_o̸k/O̴r͑(uWkѨB`fO_t"G=g }g /ds]ČYS̟ؒ&(–˽ C9[H5 B֊0ayk4a?$CTأfk_f]7xEoB@UooEG613b}C_2(EJ cͅMfEPBlE8lQwo!+Zlʝo*,C P$]u'|'UrSIRk]آYk㉸--ޭr3r4)/qU^z1h"vBR@GCyG|_NwVRdrJU @B:Wd7G?gfILff>f&=ffffffff23|gb`y2_Tc>6TM/ՋTg 3PVUo,DyN ӓHSTUw`uiu=5=eNǞSp:spMh `).k-#htꑵ2eH6-K335_JH%CCN5WA$*:m.?mG_]4`KueYTƧ6^pA*S78UEQ4:f&ʵ30jXc,R5@dҪֺ JCRŏ54ˇ#j5%BJJ ^ 5H0`DS˅oF.n/Jٳg'6 4k"z#kذᮻܼ>`CUj;vVd")"+sT R@ʨ|,B<5 LZsZVLLQfFWo͝u_SSvj}3.|mf/dOٟ9Vkbr"HzMEKVAձDI MUh%V sëDKJ(JBP+a2oI}w}oqr)I"944trb*g###Z>b׮;w<\3믿kZt\Th Mf &a 40< !bn R Hdմ^wr:%K8"<<ʑ{O:dYu59]^;#\^|ToykX9:V` JЈ" ( B`+E ,P `#,@ X0KN-$uD[ (vtZuI+ >sᑓ91>pᔟʇ5̅-'q_Xh]l$3UUrխKc& S]{6PdSHC8s`|Qɴ=0IZ=-5%(*1-/QCb]C} ?T}}޽{|+qrz)y?+SN9u"[I6x5T]wWc_ q۳/PT6D,j!z{u*$B!`ehN 37^FK&F&e+jh%rޝg~ۻi~8Ot15{:>~!5~0;7zkn_ԹZP7̯7;/&ƄžJņ1 MY|a^ehP{-M0S`ÔU, ށɱ-W/ߟ?H䛽>ZwۚZK©(cP_$0MQ B b(D#WP!NT&$&ɴ,iPZ1F6*uVz ՜˝*[JQ*g猚ߐQsL17;~c5:,>*;(f'h5Uw@̔MUgN2&Q jhֿDPL͌G;֬^tl>nh;^ݶs^UܷoɌ#dG @ݷfSM~̇΢W4%\VBaH`zdxȜ&cJxCKF /ڭWߚgr=7;p՞5! AVzP kR,pF(XU>MECܦ)!,<7K ;C`5 ?\33$|g.'>=yDs_ NеlwEՂ+TJX(;iǦif$몆Ob,VQ(VY}Sch ej,ɷerz< Cʹ漻³Ϲ[ZT"ʨhf$DE)k,65 ($AQD`*`TPH`[J3?o{l6[گ"Ʀɳ\jlhi"X̛T>qC%v0}A@gShmlHd L"* JB*Hm GFG!EլE3蹡Xze 'lzF1tCu|w?'7Isӻq8:9ᙫԍ,5T9mlbcvH-E388x=%4G_@'G>V!Z5J n&F)i$|p#JJ:KNB @8x0>M;^xiˣ?iSO^>wޝKj?>|t[e00[+ /)`5h/skr*]w05@f@` cq>jT3s5#` kGy8%XK+/yU?lbNfAUS `Ts.5_#4p8!e(C#j>Y 6D`b)FX>K V1Z2ZY%ܲuwhfn9xgD)2UY2@M^^j֭Lj;t'2ǧ p&(3qc=U"'I#6,K''iPE: @h*@ D02fۚNtꩪ'*)*XVJ0 0L`M4 -uG*qJ(!>&yX֞[)Zty$fZeA,hM^4]~&&a"D LAP J&+{[wv֠Ԩ2ށ5NLt-$d/݅[b` H=+O:G2P|y~-7TrUސ7l5McxGxYtߣj=.]alzPYH CPEIX!t fFTL!*QP`1H  EmzϿSKDkCBZA%"&y񍣧v]!%ˣ=׭?TU/:k9oo5髬IfքpCElQW|{;uwrꉝ)iAFXI .Xc#O$ {M^=_y%@Y:V) 1@Nؽ{ _~hܯ}g|Bښү_~~FWBsϚt4T5Hw{'&'oNjF70__G\ryk$FXIoi[njHHm݇}=\>6!L5"Rʾs T5P5`f3_w}g|;]7o5[oYr$mo HǛ/$43E,&l rt7}g~Gi$! ]}=KV\/3t.jNOl޼wVj]?Ć':>Xj,ٿp[|egtо}fݓdoCr5qKط.9sIOYs].R$_?[oO.]sM@>G}_PY~]ǰ8}MS]ս7,>;UVY0۷7m;V?yQP{kY8RUQW=_֪nV^&07;>_QSֱ ])Ugg3m'% ogAWqj۶m۶9g3sγ8:8nو@D/:_0!AjzI( v?~$x S V`#"Fܤ[8BРkyJqX`xb[lHM:xlcRj]<ѨTW-Gȉ8נs$RO^\{lܒX삸4o[co0k`p̜rWk\'iESK4*UfMu u}5{.Aq$ROX孜.U6:&эXѱI*?+g)ޜ5\eAu kTb gxh 8r,)GR^AVYw[8nl=#J*5*U2;:sUWtmz|b^YDml}^0IJ>0~@Tw_gյMCG*Ftp\|Yfr!*U.;*/W]MH=A0begqRrث[TB]@QY˅ͬ<'jè&+6յ.=.3|e6kT4##ȞFJк"eK V+p+ zxbnVݞX^R'V@&V@ V@?tIENDB`xca-RELEASE.2.5.0/img/bigtemp.png000066400000000000000000000327641450407711300162770ustar00rootroot00000000000000PNG  IHDR^fg[5IDATx`dS6L2ۙyڶm۶m۶mۙ[lfgͩtV]_G%TRI%TRI%TRI%TRI%>BJd*VU6L `g"!rpb4ڲ\{Hvߧݒ>m%N}2"dڔ1 TC{SxSRGS)ם x4JO9GZtK6} (kڗ/۰>u tmG ݈ITIɒ6RB%k! L8mYycFXU8P PB9qAI"JAгJs ~9gfMA{ޛmݡ([]&ɣ dp]ml`MӶ"?]"ᏞS bVa5A>IX+ U5Iccow  s'Ւ|u3>;s+K< סjBd::AUz{ᳫ4x~s4xq#^HkçT ( pr8)| HR;Qʡ "|$J8V#9D$}z7sUkX:P)gyrz[f8ԁq n9%ىL{$ ,[Z2 eIɣlR"C^s̙ ^%ڢa(B1R PذOq@5( H嚂„rbP/ ɾ7m:]g5؁(SEJ'7\uZ*ףݤuJ.$U|N'mZ/dYQɂ>h Cהf3̓%R͠.v̐c(Q@FH B\ jC!ŀSbp ιD@Lz!8rRpVplHG-ߏ>׹F77w (Ejr6ي {_Dd~rԒdnUFZn= F 7jZ1VA n?{ n\ ͵1* ܺڸ:88~"Т½8JL9D҂\w/5ҼV<~fUwv^_ُ>Z),nn4|ACtĈt:LLh @j<\Kj wȍ=cE6[қd6M^xdŰk ,(D5}Gk$ Xׁܽ":6:Qu GD":IB1,3F rf{6>boϥˉl5sQU| ,SCRUh>@ %aPvv5 LXݭ(f2ݥo\>б<^+ZI)X63L&0NyTWW 6txd_L SVhbaBj8FDOP>P '$B)Я+DWbQY8IpF}ฌݤL1"DBຎ C9P] i#3k*j8s[pq׼h YB?Nܨ 'lc5 " U^${GtQ3f"J#HHrd\K7qZr-z"ki$Z V ZyYqG }" XbVe 6t>_B.W@ED)D2D0ňHڒ" ~w]'aIaР* ;M?#bPf# \w#7><_?k!?ler'y#8l+/:h1/,:oOdUUrxZ\cF{@~B(DBFgDq]X SDU)w |sHTF»eI%a\@_ڭkUE~'OLݣ.lC_Y=qhw 1ƭytCŝw>E"_Zh*Nߧ 0jR'ro."}]9P*(KQ'p,D6gȹNaUR*\Wa2Ȝe].>x`M@zؒ -&)n`Ү w?knx_&}h0?9""ٜ?/W9([ \3,GK,+j6WarSN>)Qyl*ȍ/u,51113 xl5qgU)=):&?=3]RI߮/ l0Ą:ai"|U(0F#i>QfV!)ԩ8j@ל 4[ jwIۛ =4XO%DHJ~(90YE-9쏞 `oS#] $BO0#kK Wů~u\ZfA;[adVj[kLg;fOndx@4[M83O48Ò|Wߏ_shc(E"b!tzr|"(CzI,6wO&N l`󘽵yr9 kˈ-QPC3<_L.p)M|%O|c5|/{ɸiGg;\Zi E۹.KN'b},Ǵi3fP2ls" )%ܳAی?9Y,rD $)01N$ΫGOL-JaLc2#,սq;eĉG@&̔ՁKN)nYֿF䔷dnmo2Y֚N:nk?+R8]BIN<88qR;Fu$ $db&ECH+YҒV0]EpI 6I(D̤wTHΥZOŴi[Wp?}ދ|_Ht_ ?:w֎12/^&Slewm;.MvN :=C7L֪$ 6㸞!r' A"a$1 Kpb! bha%..Fl_I |/s-^.viY0y<7 6e'ܴ+m]_l|!02!`S?ofvMe°DbsCQG/–vX)H^༸"A1JAzlu&AjDVc$!5%HE&`&$QTCL"/ۿpI%uʬ_]~^{RZ'% "#?vϭ@# & MagVdc@^c|Qt2Sߟ{B)e!iob|#/'vnX#Z fΧ[Ǿo5{1չ,e6g-E DnI0"[8+!3L.z,EkRaba8AD  ʼngUQp #Y,psƤDd\@&{ʂ8 JDWWL)9a d AO&l=nlw/LD'/79³pRNtk]&uIb+W~!ֻMr ZBhHJ*l7 0V; BSDyr.Au$ H:j"0 [šVKpbBBe( ԐKW]] `ID$i}V܍endQO~~"_X(~EL!foaIci. ZkWae \Y -,jH@hr Y^鳛ߠȿ% ~9 Zh1L$Tl* kBbp׬lx;<B~[#wqE~SZHPB 1DI'va1H B*}+],*ʶ3u'zsw~;ےN[cx|9\;2`]-X5v_2 A(\#/, }Q, 8PR1&;>+bH"av,Fv:׋!M6QQm-"D6,e&=N28te I OcvhO\s *}ǂQ2'@"xƐ+ج ÇH* eAE* Dgw-ޫ{1dED""tNyO(<Ō}?[yuU>%-_tG'zemȟƏ>I; ;@%⤣@wϬ2>g!F0'g 9d7/(k|llc'.bs{ Jȋ%^(XDQ#ەp4q T"v_wZ렞.\;pkx<$t;7SW:O?r/uMpZFsO;kʆrIl%;gM7ޓG\Ƨ&ji0szqGRk &=Ʊ6t3gnX"Bsr-u= aP#a6B_ѱJP%[;b IU N-GB bڔp}ݍl-XϯM p"鬕5=_V+@* -gZƺ"S=Na0ׯ7@x)V`,=F3/cL@GC]ҿBG-ozp3˰LEÖ0rp&.U=Q1Tli{vN s0^0F,\H@D-X$&쎒hKctƏ `2ieHBC%;l?'c]#b fUař%}C4Q'0&'VGp Ji H-DD `,yRQx +g ҄K(V \' p޼zw'# c@M˜̇nZi)g>V#[c~MAV+ǖ݉և1~[^?q87T W CEQD"=^iɅ$&*kÎ{X4A ATX$c7F\p?( C'!#Hρ86t3qD)9zppHg}H kkIJGRsK|wnqQ\o8CCx|?S~Q3㰆vz!,1g[;Ytc'67rOz!{bh. 6JJL_JD  4 ƞLn{p6 DG-emLj* 核$@8مHDY@@Lyqu?qIn.=CЅB,yoy ^ůB=o;CLaFP`TψCɵ"dyѵ?-hw~M6p,񢅻}?ԈUA !&face $͖ C[~$sǵݺjڷ$D[o 12_;r/K(;:*SLbM8WWT?.g/>PzTm[TMvף[vWX!%1ҏ߽ffשPS 5rbPT&$Hġ8Fyτ0]؉Y"`CD-Z mC|Ӄ\'(@G8!b"ﮇ+; 3%n@X !3P=alwmNe_\f}@& \vK`f:}'=A7UyٓKVdOه!BE};3V#JbjD @"e6:!ì]8bmI};(VN3N]'ѵ6pKo9<F8m1Tfw(ɢ+:,Bal7-嵇.&B;[[iQ]f"9lm 0" -B b\ ܶ!Y 'zp/a>n:0l'̚5ycӷڶ,HU牊zRڶMc{{kd AO /HBDf,[|+_+r, z>@v։#< 06M#+lWׯċEr zsfpFHK/ˀ-+=Llaiu jOoWϷX- hC_{SG}ܹs=<}me3y3z P,Uf Ov}8>OdHs`A^6*D?'ibaTG $At\}-|)\zCx76?VYDRdv[8pzNi$nslA,ZwҬu,Nq>9U,l9tO~hDWFw1h,5}^zcsŐWDGqwtMݳ`w܁k>xsNy"b 0)P/=q]]o!FtP&ݥQ:0 cFTqʩc)mBe[n|w=[~@8o fa ns$Ag[fK'pNccm)^!) g~ز#"ف@I2*XK gAY)ӹ~్gۄ vҌ_z8` ]y⸮Glmخcvn6ƴ bUvG T/ v_ Z2&6}x'yQ-]w=o{+U _>Hv} \Fx$i Vi;qlMe"'gkXꮽi'a-{=-p=<HNZ{*JB/=tIU<UʃM>Vi+f**L PTv7$ XeTd(U΃4*嵤3Z (߇hd")84HiP\WI´Z ;66Ho` :Ks8݇kL؊G[kM'w>4)]w}%A+W@N&ܨB_,b A]D`eT*h9~5 QJ|$tA Ν@\6gpD{q!ad*ƺV_?_CHgv/ t#E [6MUg&:v$({@ؘ/ MA\k Øt-׏-阆Q+uV|w4D sq"C|bD 5=y01C,AH{g6}:<+|ikoMOfQVbFqlLxxiDɣUE1!Ŋ f)<%ś  aCtow4|@½ % 1zh6q 0&EpoWlI++ 6lvd*Q ?~tJK˅U7i+c>g‰ĥp"PPAȦ+ HJ=᳻xmt'Du[񰯱:c@mJiŪU_eKq܈OyKYDY`U"/Gu6ZEދ`5\c['/!z?g^4DY`­ċ@G%k'r/$;QlT*_vM8R/GA= \5. }P8mpޮ"AXG!cByJMM"X]HV9D$\pYpAcS{+ީT݉EP!F,tsk.ڤ/&Zy{k7$ ܽTD1DžG`GR,lWXHl ;S]ӬV߄Ql23ё}ƥ_7~xw"jGzD$щ*p+u̸8| ff E߆o -EL]LC(.Őeai2!lwV9-ƐJ_c?iRpe`X`4"`$qbsJBHnQ Dq}=0gÅ/ӅAQc(QKe_QlϾ$\ *Q"`oZ+ބ'Qb2VьbTݯ0Qb(F߳n3IENDB`xca-RELEASE.2.5.0/img/crl.png000066400000000000000000000024161450407711300154170ustar00rootroot00000000000000PNG  IHDR(COIDATxJ[X϶m۶mm۶m#uI=aιGʟK*˼jzoi=yÃ=t PT-h֬_6VR5m6kO tvOmZݳQN};JINkݶMo45 >[ [KGA8:d\0;ZRW UTz<͛Nr S5q !-f]!w"qXUNcZX@@ "*$ɈD"8Ѵ0*JvYˈc iY`ͦ#)oS}fdWFbwO8gJl {NgB(d&GGcANu8233,f9D5da+F'"B5-$Οv/~pϞb1qQfH`Bf%f%f%f%f%f%f%f%k%cf$m,c' Z d+t="}cdJs7Zh) g) ]l* f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f"i) ]&h4uWmO^!b e(`%Z!_( _' W[AkQa?pOoNX:c-[!j*gNf%f%f%f%f%f%f%f%i&l, k+ e$c#d$e%g' b ^!mOuWh4]&i) f"f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h"e' wWlMT( W%a& e# k'b"pPkKjL]Dt8"^ k"n% g!l)_b& \!\Bf%f%f%f%f%f%f%f%b"h(e%d!j'n)i#j$e# a& W%T( lMwWe' h"f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%d"f"hq' k%f&W!], \CsZr:!U_& `( e+j0{\^?s:c%d$k' l& i h( f%i&g#m+_ [!aCf%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%m$f h$j* a#u<gHgHW%Z" [p+k%d!i*]#f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f"g!v0\e#l.j3oPP7[# f/Xk2P3_BpSe.c* a%b$f&j& l& k%g'd#g$e!h& a"j0[=f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i#i#e!f&_!a%t;v? w^l3f)^f$k* ` i*f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%t+i%]n2Y }D%|^j.Z" a(]$ lRqTI,f* a%W_#d( g) g%g#h$l& g'd#g$g#e#c$|B%I+f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h"k' e!f$f( [\ c* f& v\M3Wg+ h* e$l) f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%aj' b& TnPdGc' [_& l1{a{A$`$`$Vh* f( e' c%c#c!d"h$j& e%d#j'm) e#e& P3f0f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%g#l( e#e#l,d&a#j,da bEmOR\ l* f f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i$ h' Z"Ȕvk7Wb& m*J0|bc' [a#b$j- ` d$c#c!d"f$h& h& i%e%d#k( l( d"e& \?Z$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h$h& f$b e#h& e%d$q+e#XJ,be+e$h#f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%c' h.gk5Si1_#vZ_B^"j+b$m-e%a!h'h$j& l( k) i' g%f$f$g'c"j'f"b d% eH\&f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e#d"h& c!b k' h$bj'b!d&^"u;ȍsk.f& f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%b0Îsb)\!e(Yċqk2a"m.Rk+ g'a j) c"g!i#i%h$e#d"e#f&h( c"k( cd"b#dG^( f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%d$c!h& e#i%m) i#k%d%l, i( g%\^!‰pf.f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%iY' Y c# f$ ji2Y$ d% ]q1a!b!n-f%j'm$k%k%i%j& h& f&e%h( d#n+ e!h& `!^AZ$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h( d$f$e!k' l& dr) `&c$h%k%k& b" X rf%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%c!h$n% k!m( `$\*g|2f# b% f0fh2_&c%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i&g$f%d$e' a%^A`& f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%g&f%d#d#e$h'k* m, jZ$ d' e j$i#g'f)h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%q-_r.cd#b( w\h6^h(]"bh2c, c%`f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i&g$f%d$e' a%^A`& f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%g&f%e$d#e$g&j) k* h7sZ[n+cn+ b!e(h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%du/]j.X eHJ0]$ d)c(ch0l3Vj( m' f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i&g$f%d$e' a%^A`& f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e$e$e$f%g&h'Y$ |C)sYXd"f$j* b"h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%s) _i-W!{G)Y;f+b" Q}_k3c* c%g&j$l$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i&g$f%d$e' a%^A`& f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e$e$e$Y!i/cFA%e$b"d$h( h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h"b f-Y%|^b,a$ `Y;X:["b$c"q.\m(f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i&g$f%d$e' a%^A`& f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e$f%f%f%f%e$d#d#h* b$Zfc' `!o.`h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%l,h* Y z]s;]%Tl/sTc, e' j) g$c g'i*f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i&g$f%d$e' a%^A`& f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e$f%f%f%f%e$e$d#d#g']!w>tWf)Xi'h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%X"d-~B$Y<]!g+`' oTo6\_q+ g!j*`&`(f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i&g$f%d$e' a%^A`& f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i$d#e* VhKE+j*ah%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%Z) W!ʎpf% m*Y`FP5`"k) h"h n)`!]%[*f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i&g$f%d$e' a%^A`& f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e$e$f%f%g&g&o(d!i.Uf0z`c# g"h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%c* \o.m' f p)f!d!Q!`Ez=#k)e" h(u[X#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%o) an-d"` h) [>g+d#g&h'h%g$k%j$g!f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%g&h'g$g%e%w= eGW( a"fq*f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%`'c&f%h"k%j% f#k*\*nSg*]c!fMn3_( f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%g$l) `c#k-^W:`& c#e$d#b!d!g$j$j$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%d$j) bn* ` i-gIa/h)fj#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%`%g* b!e!l& i$ g& a"\>yC%]#i*h' sWb( Tf%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e"p-_c#e' P3}A$a' e%e%h'i( k( j'h%j$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%d$g&f#l( a]!P3R4a$j%e f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%c&e%g&j& h$g$ d% YoRa) [!b& aEA%a%b& f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%k( h'i( a!_!cF]#[!a!a!c#h'i( i&h%i&f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e(a!l+ e!h& a"e+qTY j*f#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e(c#k* i%g%a"]#}E(S6b& ^$n4pS\b!n-f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h'd#h( f( h,V9^$^& f) e(e%d$e$d#e$g$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e(b"k* cn* h% X]@s>)f'f% f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h( f%j'd j( [_' wYp0[c* cDo6c%j( d f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%d#f&^h* ZqTY!\$^!a$c&e%e%h'g&d#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_$e(b!i%l& j% e$h) iSa'a"f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f&g&i&d e%`$m7qS\g) `'mNW i-c!h"f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%g'f&^!]!f-pS^& `* _$g* g* `#c#i) k* e$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%]$f) `o) g!h#k( [nXl4`$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%d#e$k( h& ^f,{G)wH)h$h( _&gHc, Xn* m$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h( ^m0_#yZzB%]@[=`@\[!a%i& fu+Ym.b( b& gJL0f( _l, k* e$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h#f+]Pf%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%k( f#g&]g) jM]!`& Yb&g+ _#d( ^"a%f* d% c$a"a"b#b#c$c$e) [Zn2Q3dF`BU7\>lN]@Z=Y>ɔy^BS"[Bv>%[ d$ w6rVfJO1L/kN|`{:j' k*i( Y[k/{^c%e' f&g'e%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%k&ZfYf%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%k( g$h'_d&dG_#`& f&g' g' e%h( f&f&g' g&g&g&g&f%f%g&g&b"f&i) h( c#a!d$h( g& Zb& ]$ c.w[kpC(u]_# d+d+ge& l)bd,]%\&jLV9Yh' g$ b& f* }A$\>b$] e%d$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%k&\!aTf%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%g$j) g' c%\?e) ]#f$d"d"d"e#i' f$c!f#h%i&i&h%g$h%i&g%f$d"e#g%h& h& f$i( f' [!^' sA%|M2V)lg$ c% W pZ$d( i$ m$Z ^( P\-qSs;c"g"`& a%e) tVg) d'b"g'f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h#b' YLf%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%c!k,c(^"k- e%p. d![']k& h$_#a(e" k e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"j' d!e$e$l-\@h) _#e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"m# j" h% k+_Ef& bi# d b&ZAD*j$ o$ dd( B)gl$n'[$oRhd-j&j) f&jPf)]j) m)g&g&h'g&f%e$f%h'a(_&^%_&a(b) `'^%a$g* a&_$c(_&]$^%f#g% ]Of%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%o/T`%u2k!g"U#|_ȶƳɺȼ̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾ɻ̾̾´õɻ̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾ɼŸɻǹͿǺʾʽȻǵƴr)j#p(_( cHu,^'i&b!][Aa$ d% c"`b!f%h'f%f%h'g&e$h%h%i&i&h%h%h%i&i#h"d!g$i&e$d#g&g$f$ \Nf%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%d%^"n.dfa%~ƺƾ¹ĻŽżǾǿ¼оl&j&n'WmRr' [!e%c#g+\B^# g+d$h(g'h( f&b"b"g'h( f&l#n%p' o&l#k"m$p' s' j!k"o&n&l$i#k%g$e# [Mf%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%b$q-j!a `/!˫ѭeSk*d b% [$ \ e!`" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" a# a# Zd(d(S:a(^% `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" i$e$^" a'WA`&Yc$``&t^](^! `! dQ{ƴ]k(cg/iNjd*i)c%b& [B\# d( b$e%d$c#d$g' i) g' e%c#g#h$h$h$g#g#h$h$p* h"j& k' g%f$d"e#g$e# YKf%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%s6fm" j9)̾}E@W9d!k!o,e(d%j&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h$g%m+m+f&^;c%d&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&l%j%b"g*kIi*^j'v)[hEVq1_[Z>Y=\@dF_A[=]?cEdFaC\>aCaCfH]?Z<[=Y:kLg$e# [Mf%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%\(xP=̾X-f+g$YIm&q!n%d!f%f"h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" l$ h dh" e" bIg% f$ h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" m" h" d! d$ j,[Ch%h$ ri"_$ r\h+d(ZJ~Rf) s0qVa0r$ c#c' Z m5ÍvXAbInQZ!K.n)L _Tf%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%n( l) e"f#i( g&f&h( q#j& fb/o-ε˻пveX'Wg'n*af#b" [Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%c"g&a!i+ ^"dG_%_' f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%g$h& g%a!f* Yg,_E[>i2W!d+ g& f'_Jzɻ]# l"k'h( g f i.n̖}a*\"c' e%i)h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%a h'e%b$b&a' \?h0l'O#aVf%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%k( i&f#j) i( _a!d$p#oJt9*ϾΤlK;^& Zn. k'k'h%h' a! [Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h'i( ^d&\ R5y?"]%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%l+ d#f%e%j,c' [j.W9gG[, \%l-R^Iijd-l&j,Sa!K8qhj1[!a%d&f&a k+ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%`j) e%d&c' _%oRX l'qE(H=f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e"e$i( i( b"c#h+ g* p$\,S>I;a!f&g%m)bk'm* j* e& [Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%d#j) h( b$[l2\?^& f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h(e$e%g'b"e%f' ]\&sB"xXcDy:j+XC˹Kk0 Y&T5r^ʛsYd+ Wg+ Zg'd$k* c"f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h'k* b"a#]!b( mP\$n)mP_!f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i( g&g&_d$l/c&[\+RoGW6ya|N6K, ^!r2e%c#g'h'k) g%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h'h'c#c%^"w= T7^& dy\T f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i( d#f&a!h+ c&Rm2t`e3Ns* q$j& e#g$ e$` f%m* d"[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h'f%a!b$e) a' dGb* f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e&j+ a"k* i( g%f"j& s,Ye) ^d!f'[FƾSq0`&X9h,WX+ h(a!f&t3c"d"`o-f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%d#c"f&f( d( [>l2\$o* hK^ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h'` h( d$g* [m2؝}˻ʺͭ]$b" p* `%a)d" g% d$ g'f' c"f$m)[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h'b"f( ^"_%W:t<f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%`$e&f'i)b!k( e!l& n!m' j( e#n)[[F}^ il(}<M3p* _%k)b k(c#b!j( i' b f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%g&c"f&`"c' oRX^& O.S6]f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%q$m' wz! X&M'ժϹַʣ_*^t.^e(a(f(f(f(f(f(f(f(f(}WCe" n)h( `$b"h#f(f(f(f(f(f(f(f(f(f(f(f(f(f(f(f(f(f(f(f(f(f(f(f(e!h$g&`"f+Y"c/{Sc'a%f+a$i,f(m/i+f(f(f(f(f(f(f(f(n'm&o+a l*af!j$ f%f%f%f%f%f%f%f%h%e%b(e&k%e# [Eʻc h%g"^& _Dk!b&f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e%h( d$f' @$R6n1[z_i0 \ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%m, _&ir&\7!pYj5 [r(gi i&a"k k k k k k k k ™YHbii"i& l% n" k k k k k k k k k k k k k k k k k k k k k k k k ppo!h o'f!i'_Mp(k!h p'm!l! jr&k k k k k k k k c#e%c&b%c&f&k) j% f%f%f%f%f%f%f%f%h%e%b(e&k%e# [E˼e!i&h#_' `El"c'f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h( a!e%^qUk/Pi,aGe,a#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%Sa3m+]ӽv}k[4F](g,^#k6 Z,S)`&`&`&`&`&`&`&`&}[Lb(e&["X#[# b$ `&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&c# `" _# X_'\& W$ s@&WA]$Y Z!]$ c(Y^# `&`&`&`&`&`&`&`&]']'S f4W!`'h( c f%f%f%f%f%f%f%f%h%e%b(e&k%e# [E˼e!j'i$`( aFm#d(f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%a!d$g) B&Z=d( `# W=tA'b'g' f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%d-Q!e$b&μĴȰú˿ɹȷŮֹԴұвϲȼǻɽŸȻ̿ƹμʿϽ̹Կ`H[%^q- f%f%f%f%f%f%f%f%h%e%b(e&k%e# [E˼e!j'i$_' `Em#d(f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%j,b$Z}`b& \ ^# qW_)d%i' f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f% d*o$d! ³M \-o'o% gq'j#\i*^$e&e&e&e&e&e&e&e&[Mf$h! b c& g'l%e&e&e&e&e&e&e&e&e&e&e&e&e&e&e&e&e&e&e&e&e&e&e&e&g(i*l-e'd&i+e'd&U5O/ZZg*a#n0 `"e&e&e&e&e&e&e&e&T! P T)|T?c.c#l&f%f%f%f%f%f%f%f%h%e%b(e&k%e# [Eʻd h%g"^& _Dl"b&f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%`"c%t8iL]!b( ~C)Z@Z!g&j& f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h" k+ r!g! ƿe*c!i# cj$ e! d! d$ g'`! d$ d$ d$ d$ d$ d$ d$ d$ ZJ`! e" b#a' _#`d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ ` c# g% c!ad" c!b c(p\_# h,d%Xf&a! d$ d$ d$ d$ d$ d$ d$ d$ a& SQ" Ę\J^(a l%f%f%f%f%f%f%f%f%h%e%b(e&k%e# [Eɺc h%g"^& _Dk!b&f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_!i-tVg+b( c) qWa(^" j&j$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%^"p"j*ƾ˵g*n&f#o.p1^m-r0i'k&k(k(k(k(k(k(k(k([Fj$ n% f#c#g$o& k(k(k(k(k(k(k(k(k(k(k(k(k(k(k(k(k(k(k(k(k(k(k(k(h'l(j&j&n(l&m&n'e)\8F"a#f'i+m,h'k(k(k(k(k(k(k(k(n(e%Z$ ÓTBUg#s)f%f%f%f%f%f%f%f%h%e%b(e&k%e# [Eʻd i&h#^& _Dl"c'f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%`$x<X:Wa' yA$Z@`' d$ m&k"f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%\ a,h#`(Vn*e& `$_"_$ f(]k$j! e$e$e$e$e$e$e$e${ZBc$m* g)_(c&m* e$e$e$e$e$e$e$e$e$e$e$e$e$e$e$e$e$e$e$e$e$e$e$e$c# e" ae! j&g! h k" \ f*̐xc& c& b#a"c$e$e$e$e$e$e$e$e$r#m'`# ď{YH_%n* n!f%f%f%f%f%f%f%f%h%e%b(e&k%e# [E˼e!j'i$`( `Em#d(f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%c' gc* e+YkXa(d$ k$k"f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%d#f) r<^?Vb& al"f%e$c"g&i( e$c"c"f(j$b$ |[Dc% j$e'f%f%f%f%f%f%f%f%h%e%b(e&k%e# [Eɹl f%b%f% Z@i) f$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%c&e$f u-cg' \"]) x]e,b* ]#cFy;g' d$h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i( c&d+ vWt=`$l)l% k* f%g&i( d#a g&j) f(j$b$ |[Dc% j$e'f%f%f%f%f%f%f%f%h%e%b(e&k%e# [Eͽp g&c&e$]Ce%g%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h+ g&p* f r.` ^$_AK0c*\$m3qTk-h( f&h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%d$^!^#f-ŌmUj) bf%_e$i( c"c"g&g&f(j$b$ |[Dc% j$e'f%f%f%f%f%f%f%f%h%e%b(e&k%e# [Eͽr"e$d'd#cIb"k)f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%j* [l) cc!h) s9vX_& ^% Xfe& e%c#b h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%k+ ` d'b&{?!^Ah) d% f%b!e$d#e$h'e$c"f(j$b$ |[Dc% j$e'f%f%f%f%f%f%f%f%h%e%b(e&k%e# [Eʺp c"d'c"gMa!l*f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e$h'c!g' j+Wl^% _& a& eH{?"h) e%^n,h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%Yq1_a!c%jMT7Z"i( j) j) `e$k* d#h'f(j$b$ |[Dc% j$e'f%f%f%f%f%f%f%f%h%e%b(e&k%e# [Eɹod#d'c"bHa!h&f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%g#q/b"a%Xik0b' \!N4kNa"g& ]o-_h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%p0\j) d"p0]!rUk7d#a g&c"g&j) b!j) f(j$b$ |[Dc% j$e'f%f%f%f%f%f%f%f%h%e%b(e&k%e# [E˻og&d'd#Y?e%d"f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%n( Yk,`& pVI/We'q6qW`$h) e$j( ar.h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e(d#f#n( Yh,a+ e@!_a h'g&h'b!g&f(j$b$ |[Dc% j$e'f%f%f%f%f%f%f%f%h%e%b(e&k%e# [E˻m h'c&e$Q7r2f$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%l% _g+lr="]& \ o1ji,q2Tk*d"k' f"h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%c&e$k%g!p,Y[' Y+ |]q0b!i( c"f%e$f%f(j$b$ |[Dc% j$e'f%f%f%f%f%f%f%f%h%e%b(e&k%e# [Eʺig&a$g& N4~> m+f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%hj' ei2[& [# d(ib% \\m,d!c!j& g!h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%d6a]) a) e& c fs)h%m"]zaD^$h%b&f%f%f%f%f%f%f%f%h%e%b(e&k%e# [Eɼb g%['j$f _D`$b+^&a'c&a$j* l,c!_%a$o/b!f"q+dp& Y# jk3]& ^% Y!ŋnj0f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%X$p<eh.h) d#k( ]i%q' d$ {^@]#i&d(f%f%f%f%f%f%f%f%h%e%b(e&k%e# [E˾d"i'\(k%f _D`$^!h+ g*c#d$d"b g%m* f#]g'g) _!b& c' km5\% Wp7ƌol2b( f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i-\ f* Ɗm{?"`$_#j.e%ea# ~~W;^$n+ _ f%f%f%f%f%f%f%f%h%e%b(e&k%e# [E˾d"i'])l&h" aFb&l, e%h(i( e$k' n* d gk%k* c%Tk7mNz[n6Y ]$ {B(cf,Xa%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e!n,_]oQ`AR\%`"r,^" ucG`% al- f%f%f%f%f%f%f%f%h%e%b(e&k%e# [EȻa g%\(l&i# bGd( f!ej'l) e!f"j% d!m-a!Xt;~`pRV$W' _& a& `FkNSo3d&]f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%k%i#g#l,ZI*f[%_%\[" ]Da$ i#g&f%f%f%f%f%f%f%f%h%e%b(e&k%e# [Eɼb g%['j$g! _Da%k%q+ k%e!k) g$ a j) Y&h5yZjLZ"Ye*`% `% v\L/^"q3Qe(j* f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h"o, h'b"j- \!u<qPP3i)^%~}U$nV[C]f' a#k+ e%c"^f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f) b%g'` n.a j) f%Tt8 cLª]E^ n$ j& f%f%f%f%f%f%f%f%h%e%b(e&k%e# [EȻa g%\(l&i# cHe) `n.a#v<wZiNb0R"ht*f!h& mSqX_)X% f' f' g' _g&j) j) g$f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e%e%e%c&d'c(b'`%e$h'j) i( e$c"e$g&f%f%f%f%f%f%f%f%V"d( PŢ]Hl*\#`$d(d(b&a%d(c'`$u!ho) q) l!d `L{Ƚg%k&_(l$r(S6B#fKgLfLQ7g,[ a& b% W#h2gJrUw8am( ef%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%g&d#c"d$d$a$a$d'f%e$d#c"d#e$h'i( f%f%f%f%f%f%f%f%h*m' d(z]Jq6"]D_x8k+ c#c#d$c#f&n.k, ]&['[&a'^( ^D}Ƚ^ d!\(i#f H+O/_& S["g,^# ^!l/w: {][>t:d( b#f#i$ g"f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%j$e"f#j'i( f%e%i) j) h'g&h'i( h'f%c"f%f%f%f%f%f%f%f%q)kl'”XE]"m+["ZBlTgOC+e'c% c% [h&h*d+d%l%k' X>\!f'\+j) a\( c(`( a) a' _%z>!jMoSP4_' e+]#\ h' e"_j% f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%k%l& n( m) l( g%f$f$c"c"d#e$f%f%d#c"f%f%f%f%f%f%f%f%g r% g&w\HU# Y"U'S R \)yF2dPlX[G{H4_#]&]']dm(\Kvĸ]#g*O!b"h(X&Y#I,Z=mPhKH,o0e& a \ _#e) h* d$c!h& k) f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%eh"f"d c!f$g%d$g&h'g&e$d#d#f%i( f%f%f%f%f%f%f%f%f*i' PȰ“wt}›{̥Գ̲ӺնخͦTAlJe<`AgNbDbAM0i-]e& f% [`o,f( ]c#g' c#f&g%Zf%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%m*k( g$ c"c"d% e& c$e$f%h'i( h'g&g&g&f%f%f%f%f%f%f%f%`)f( V$ oZC[?dAZ>^B_C\@\@^B^B\@bQZH\HYFZIaV_$k, W&_f# X$h- a#d&g' d$f&l* h& ]f%j) j) f%d$e%f&h( f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e& ^^c' f* _%[!\"j) e$a b!f%i( g&d#f%f%f%f%f%f%f%f%`$aa'`L\#f$ _&c, VUa* c, X!W b+ i ba$ a! f! e$Ƹd$g$b.n( m'Z"`#j* h( f&g%f$h$j& m) e"j'e$b!e$f&e%f&f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%c' \"j0O2`C\?[=bDZ;G(p/d#d#g&g&d#f%f%f%f%f%f%f%f%n, j g$~[Ic r" m%i"o(q*m&k$n'o(l%j$b%^'`&h+ SԺzɾd"f!a*i!m# _%e$e%c#d"g%j& e!d j$l&g$i&g&c"h( k+ b%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%l"h"h& d'`&c)`&`&^ g'l)cd#i)j(h$UY# ^%^(i8(bSƸξڽ̯ʻʻ̯wcTl i g% `'Z%])d-`(f/e&d+ weN`x)k$f%f%f%f%f%f%f%f%e$e%h&[*l$i"̹ɾb"i&_(l$k! c' f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%j$s-f$c#g'b#b#f'p'`g&j,a%`# [ a& c$YB̠͵ǰWFl.Z&['`*X Zf'd#d! UY# Y# T_)L5w`ɓ|DZt}A+ilp#n% ]"l'^ș^H_m' b'f%f%f%f%f%f%f%f%e$e%h&[*l$i"̹ɾb"i&_(l$k! c' f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%d"l* e"j'm* e"l&k%j%h*c&ekj"qA/ѬcLq.bba& ^* c d!k&j#l#r'q$p#i$l'n)l'i$h#j%m(Y"j<+uc޽ƴwgj-gc* h" c" v]Gd( i+Z)f%f%f%f%f%f%f%f%e$e%h&[*l$i"̹ɾb"i&_(l$k! c' f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%d'a!d!k%k"i j$eY)l) r#e" cGҹįvg]'\& X& [' b) h(l$m g+d(d(d&d$e%h&j(c']!\ c'j. h,b&^"m!h i$_ p<+œʸ_0]! b&}XBf' ]b.f%f%f%f%f%f%f%f%e$e%h&[*l$i"̹ɾb"i&_(l$k! c' f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%d*a!h%k"n% n' c g'u WhOɬʲR7` o% bd!c$`$]#b$i(r-\#]$]$a( d( b&c' c' d+ _&]$^%^%["]$c* a%l. `al*Ta+r\ȗ\*^Ij'o%k)f%f%f%f%f%f%f%f%e$e%h&[*l$i"̹ɾb"i&_(l$k! c' f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%^$j+ k( j!p)c!Pa.m1%լ׾|ZCSb" |G,@f* i%m s q$j'^)T)h" j$ h" j$ j$ d!g$ e" f# f# h% k(h% d!e" j'j$c#f.c0\$j'{*{B}eɸ~ZHd%ln&f%f%f%f%f%f%f%f%e$e%h&[*l$i"̹ɾb"i&_(l$k! c' f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%]#k, g!j$aUnB*[Cxck jvcɲ[)tq&k+ `+ Y&["f!o$ j"n&ef f d!j'g$j$i#i#l&n( m' k%k%h. f$l"u#p g"`'V(k2Sb5 ñIJk9%n*`f%f%f%f%f%f%f%f%e$e%h&[*l$i"̹ɾb"i&_(l$k! c' f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%c)e&`t._p=#ͩƬ.TrUiD6ɚpja(b&f#j"k!i! d! b! d%j,e'd)d)`'d-]&d)e*d)b'`%`%a&b'g f#`$`& c* `$_e!n!t*Pvac*f%f%f%f%f%f%f%f%e$e%h&[*l$i"̹ɾb"i&_(l$k! c' f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%^'l#d#e%̽g&j#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%XGd" l, ]%]*c+c#e)h( p#i) wO<ǿks'Kęǫo<b"` p=-ɼi$jz)j#_%\'g't& f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%`"p0QȠ~Qg' h%\'o.`"r(t^ȵmUae$e%h&[*l$i"̹RA_?`9_A[C]A^?`BZ<]@cFR5k1[!a%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(l#d#e%̽g&j#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%ƕ~OAO) t/Q!{f,h#|B,ij^#fnh c" `# `# `# `# `# `# `# `# i"R/0a%c T(^ `# `# `# `# `# `# `# `# `# `# `# `# `# `# `# `# `# `# `# `# `# `# `# `# b"cb$xbT_!b c#T `'` e[g0'a=5^X"r%Y]'`%õyeKZ"k*f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%g)b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(l#d#e%̽g&j#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%zfPu(LE(q9&h#1) βԻ̶Ϸ̰аӵ˴˲ЮͮҷʮӹŮռ«ӹ˯ӳϲδӻϹʷнɶӺʰήаǰ˰˱кμɶĮѭMa' i&i!f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%g)b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(l#d#f&̽g&j#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%^Ede(̲fI]$ w!cTѯMk2U]( V* i'i'i'i'i'i'i'i'd^'g%j0[-p& [# i'i'i'i'i'i'i'i'i'i'i'i'i'i'i'i'i'i'i'i'i'i'i'i'b% d `'wdN^%cd' ^$d% d!m'^a&Q 軦j]O$aq/a! h(ֿp!j* V#X#m, l!Zl0ŧV% d&n&in# f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%g)b#g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&_(l#e$f&̽g&k$ g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&V:\$[K[%Z!i˾^)h' aq* e#f* `&`&`&`&`&`&`&`&n"y)hq~db#sg%`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&n% jct_Gajp' l#o#t$v% oj e" D+οT%y(ker˽sr/Vn0p$t+ d.ǨϼX0_"r(s(j#g$ g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&h%g)b#g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&_(l#e$f&;g&k$ g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&iMa' o;+^. l& vnf;*Uj* d$j,b(\#i!i!i!i!i!i!i!i![%q%W$Q/i-b& ]'i!i!i!i!i!i!i!i!i!i!i!i!i!i!i!i!i!i!i!i!i!i!i!i!Z$f( `+wbE^)f( \&l/ c$g([j* f+ _)W"~dY Z"r/k&Ƶ`% W#`- Z"b&Id<)^& k$u*_j.W! g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&h%g)b#g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&`)m$e$f&;h'k$ g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&[GxdѰ\']&rZ~F3`lz)m"h!:l!c+c+c+c+c+c+c+c+j( mo9f% ̱^M[$ n)c+c+c+c+c+c+c+c+c+c+c+c+c+c+c+c+c+c+c+c+c+c+c+c+i( l#c# }dHa!l#k* i"n'h#p+ g"d!k(n+ f.Xe+k# l l$ kr! q$] 乪i4\# `t. n(m- Z!^)g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&h%g)b#g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&`)m$e$g' ;h'k$ g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&_V|7&S0yJ/~[&g) p)dd* `- Vi)i&i&i&i&i&i&i&i&h,b(`+]!{M;述O& g* i&i&i&i&i&i&i&i&i&i&i&i&i&i&i&i&i&i&i&i&i&i&i&i&\#j) _'{}\B^& k*_&b$d) Ul3]%`(m3`$R {^S- Xv,ije(i%y5Mи~QDk%o, j*`!f']p0d$g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&h%g)b#g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&`)m$f%g' ;h'k$ g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&u{^" Q,ȷWD/f(m&r#i# ]$ U#g- l&g"g"g"g"g"g"g"g"h](q'f$ rķxC/i#g"g"g"g"g"g"g"g"g"g"g"g"g"g"g"g"g"g"g"g"g"g"g"g"f!l ` Ę]F` m! i$ n' d l* c#f&j*cn'e"fC)ԸO$l-kɺd'n*[!ɯǮbPt s*`f)c* Z!o/fu(g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&h%g)b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%er/Wq4`#e%i& dmRpN6[Mb!ae" f# b" b" c% b$ _! p+ g"g"k&i$i$l'k&|%c Z a!e+w^šN!l%k)]#^( Z!j'k um& j"h!l&e#h+ Z#Z&g&d#f%f%i( e$^o.e&h%a' zbD[!n+ f'e$e$e$e$e$e$e$e$W* b Ű[8c' Q&ѵi$ Z ʼ|gf c$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%l)`t4[]l+ g#i! pG0xL?mby/o+o+l+j)g(i*j+g*h%e"j'm* i&i&l)j'ei+e*u.d"R!j2!s)de&a&{B#[?[BV>vE+U#d-e+l.Xv4 o+o(m&m&m&q*r+ k$g m* k c!z`H`m"n+ k(k(k(k(k(k(k(k(f#amZΧs'd" ѻ`#ҶҰ_ ^* k&f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%b"d$b"i*r0 i$f n' ƴuG5R(ͤuTA]g! g! f" h$ g$ e" d! b" [#\$`( `( Z"Z"\$Z"c'b/a'l%h% X*—peKyQEͫ}ӲЪSKV!j+egi$g"e d` b f!b ]e! b(xaKa'c_ d$ d$ d$ d$ d$ d$ d$ d$ r'g)V6#Ͻf b õϩóÜͪg1o`'af%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%d'f(m.f%p,]j' g% N>Z!GM u)n$ k$ l% m& j% g"bc e)f*f*c'a%c'd(d(f# ` i w k!FckȰ_G^,\p(o! mM# Q(~S>̷긡c+h)n*a"b#b#i*h)b#f'h)k(e _!ybOa#`m*e&e&e&e&e&e&e&e&q$^X+ù>3]ofͻ_&jo& lf. f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%`#k- `k'^n0Z" e1ʷɯѹ͵̭ȾǽǽǽȾʿ̰γҽ޽ƺ¾ƾǼտ¼λн˸̹ϼ̹ʷ˸ɬپɱּ˳Թ̯թٻȴW r" k"z& _'f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%e%i( k&m* c%Y& yP:^e$Y" yXE~g(_#_'c+b,`*])^*\(W%d(c'b&d(h,d(`$c'a&_&a! a"Q)tI4p,P k(aq.bg$ g$ g#j'l+ [_+ zN7tTGX"\&d. ]'[%_)[%]'^% b! Y$x_KY$` `'`&`&`&`&`&`&`&`&X$\/Lc`RBI?eUDЩЭe/p["m* f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%g"f"p* d!^& wN8˻Ĵix(g! WBll'j" o'm'f d!j'j'd" h(g'd$g'h(a!b"o/ c* ^% e&g)pZ\?l"gp,Z%_7$xμνƵ~xs4&e o& k$ ` JCs+Wg m%f l$f g j#n g"|_Jd p! k$ k k k k k k k k u& L }NJkM2jq$N:rP@Ƶãh&Y%h#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%dm% i"b ybO?/{}+fg) y_rk b'^ c% a# Zf*E-ZA^EZIYHWFYH[JWFcR{jē||T# |! d&f/ |O*|_`0X p0}ӾyQ.a-e+^'Q"ΐrm/^ e' _!h* b$d&c#j" c% |]F]o'd$f(f(f(f(f(f(f(f(tqQ>L( u' c!cQ;]P@̲ɪk% c$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%^'l#d#e%̽g&j#p"p$j!i$d$j- \$_'\o)[ vbb1#kZy``" ^c-z^ɯͷʹʺ˻ξϿóǭ|reB[?YCZHf+c) k#\' >-~R;s#Z*a"u%W#[?z2!_) n)W)|0S'd$fl% k(f&d"f(j$b$ |[Dc% j$e'r) X!W m&k" Y#_,l*wqk*] al,h!i, O7lOAЮЩP#a%i%l"l) Y#_+_!t*f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%^'l#d#e%̽g&j#d$a k( l&q+ ak+ f) Y(Oܬߵd2X$ٴ˾Z>]#o+` W#X+MUW! V W! [%[%X" W! Y# ^" ^" ]! ]! `$ b&^" XM#i$ ^*r>-Ѽ`$]!m&b)ע~kU p' e-b%ii/ G}ŠwX"e"d) aҵrF/f&r+ k$ ^j* i'f(j$b$ |[Dc% j$e'Yt-g$Yp0i`' }^ŭ\:"h#r5'l+a#q* c#S^IñpM?ԯӬX#b#p& c_$a+g)j#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%^'l#d#e%̽g&j#\, ]'b"i#m$o) f$\J! ڹѭa+ a# tA-_@a( l&j#i&g& h u#q(n%n%o&o&o&p's* m%m%l$k#n&q)q)n&T$gi/Q@^ i( n#`# H c!j) c a$h& f"c'm5$˴`* c$m!j*{r[` l%k$ Zj* h&f(j$b$ |[Dc% j$e'e)ej#j-Zp-ֱS/Dp%VF^h*o( ^m1Mb6λl^άӪQm+bj( a$d'd&f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%^'l#d#e%̽g&j#V"i0d#i#i"`_$ j5ɷxK&c#l( xqc[:b) i$l$l(g$m#v! i'i'i'j(i'f$c!b g'g'f&e%e%f&g'f&]'v' YpjRk*`k _پb'g b's(e+]"l"an%Ժg1\"y a(eWze%h!s,f# i) l*f(j$b$ |[Dc% j$e'j!f'l, `]'Ʈ^( T"^*t' }P@l/_#k%k& e$k._) a5˹qɪqOq-Ys2f)Z f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%^'l#d#e%̽g&j#o/ Xf"n)a!Qg9!ubR' ]- g#f&ڽY=,»sD%Y h#k'e*[&a&ae%e%d$d$d$f&g' g' b& b& b& b& a%_#_#`$e+sf&q_{[o/p&e# ֻXr(_$t)d*^# s)ee^( ]#}$ ["oami) m&m& d! ^f$f(j$b$ |[Dc% j$e'k+h)]q3+ƿ}me"d!j,f+p XG] d(i& dej%] b-_4ͻygƦydf,p*d f&h0 f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%^'l#d#e%̽g&j#iy0m) ]#c0|N6gQe! s4^j* iIӵA" X>f* i#d"](Y,\, \%k# l$ k# i! i! k# k# j" g! f h" j$ j$ g! g! h" _%x% _O;ɰ\[ j#e(ʲn@/b d#f#`#k)g#a% ^MٷTj+ r& ^ħW@\k$eg$ g' i'f(j$b$ |[Dc% j$e'V-ay4*rf\$ k#n$m+Xv' |[Gb% h*^m, o) m' q.[X" j:"scаmX` l% g&_%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%^'l#d#e%̽g&j#u(f \#K}Q9NkVQ=e' g$q$u#o"h&ܨϾ׾¨}n{ZKRC|.TsUxXҗw|ɱ͸̨WFVA~B*X d.Z!c# Zj*l0y4+Ƕm2g&`%\*i(l" _!ġ^1T"c' i&m)l)^d( g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&h%g)b#g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&j"e'u+h) Ųȿe<3潮Kn' m+Ye" l6%tK.Y2Y%h*u5 ^ ]#W(f(h& c&c* d( f$e&e&e&e&e&e&e&e&e%e%e%e%e%e%e%e%f.e-c/Qc3 Q#[0 fbLL" U% ]*a) ^"i+ en+SXBǧf*a# _! __i&k'ar% eZ&ʨr\PydvŦӳۻ˯ҸѢ_) Ql_—a"k&g'p)e' d8'iXb _%`$i'i%k&j'a#g+g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&h%g)b#g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&to(ge*ͻrcea&` p f bTOP[' Sm) p& i ^n. f&㷰t90k o!h h#h mf#f#f#f#f#f#f#f#f!f!f!f!f!f!f!f!i"h#k(j) c#h) ]!^$a6-ثySCw8$e" n)[T{rϹH+c. X#^'h1 b+W \%l2e) ` V"ɰΣb&`'w%p!`j$ k(d#`%G8׶V* S$l[e"p)h% e gVĿ`4#d&u.u5 e"bo* g$b!k-a%g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&h%g)b#g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&y# e"i#R>Ķƻм÷ƶϺŬʸ˽κ͹Ѹӹ̵˵ʽʽʽʽʽʽʽʽζζζζζζζζƿľӽϾϽλDzʴӺ˱Ⱦƿĩ¼ǢӴѺgB(^h#fk$ o-k) g$ ]! T"xpL^/o*e(d$d+àk-u+h'Y'^w3l)h$i& b"e(c&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&h%g)b#g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&i! \( q8"Ϳ]*Ye h%h=*si"n&T+ d q&mk% [#b._#g!_@1左m-m)`# ]$ b% m)b(b(b(b(b(b(b(b(b$ b$ b$ b$ b$ b$ b$ b$ f$ j*a!Yl/b% Zb' f! h#c d! l)j'e" k)d$ _%S g7%V$Uj,_f&e']X\ _# \# i' s%XĝXBV# q* g%b"d o&^V'](i) |C#δq)S!nD'ľzin.p#p%^d/p. e$b!g'c# `!g(h*g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&h%g)b#g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&`)J$ˠúc!|+ i"}^ܾaFc# h"g)b*i( er) g'\(['f$y&F(l0j*a(_+^$b"k%k%k%k%k%k%k%k%k&k&k&k&k&k&k&k&e&f'c&p3^!h+ b(b(k'd"l, f'^$a+['Z(s.i(d(]&γ\$d'h)t*p&j#k%p*o+k'f%_)`k's]QlKBő_&['\(i+o* ^# [9!m%s#͈gog rTyRDf)g#b%a)j(k d$e$f(] a" g( _ h*g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&h%g)b#g&g&g&g&g&g&g&g&^'`(f) d$f%h%h$h$c(UDa0&h!e= Ӹ׳n;!Xv0em. ]#h'h'h'h'h'h'h'h'f&z}mW#m,` f.g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&\&v f/ ^+ ۿh"i'k%g&g&g&g&g&g&g&g&o'b+`#JDd@:R%¤˾k;)_%h$k"`% yj}uc(_) _<.Žï˾n-k* g&f%f%g&g&g&h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'j'i+c$g&g&g&g&g&g&g&g&i/ ] l, f%h%i&o/ b"y3,lKq#{H>ۺw_j>&\$ m*i#eh)b(h'h'h'h'h'h'h'h'b(qC+b!c$}(c)^"g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&_' u"b(W$νy7%d$ l(g&g&g&g&g&g&g&g&s* Y"h( pkdةfD'~XSyeg'a/[& ιmH4f)|J4ɶ˼;ÞN l+ j) g&f%g&h'h'g&h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'j'i+c$g&g&g&g&g&g&g&g&_ p0f n( g#_c' e-ШM$l% lK8e2Ham& k"m* a"e+h'h'h'h'h'h'h'h'h/\«_KO%sp-e' g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&d( t$b&X"~`M_"m)g&g&g&g&g&g&g&g&j#_%k+ ntm޿sԷm;5ܺҹ]*YAῢ`' SҪоxc_&l! i( h'g&h'h'i( h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'j'i+c$g&g&g&g&g&g&g&g&g$i$t+ p( e!p3CxY!]9sp^,]o,l% i p' k( f&c)h'h'h'h'h'h'h'h'd'd% VAα[,`& z% b&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&f% o&h(_( s\{["j)g&g&g&g&g&g&g&g&m' e+\]ET! ], r~mcȷfRQ+xYDQ"i%u%g&g&h'i( i( i( i( h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'j'i+c$h'h'h'h'h'h'h'h'r,g j!q* a V! tKf#ŸF4t/c$h)l- c#g'm+h"l& h'h'h'h'h'h'h'h'c$t- `&hѲpW+t"h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'r" ])o'_#m#͵_0e*g&g&g&g&g&g&g&g&p.Zi cI~ȵb)j i.]`)™Y7*aJQ m4aq)z5d$`$f%h'i( i( h'h'h'i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( j'i+c$h'h'h'h'h'h'h'h'k+ h%g#m/ S7UCR*b*ѽlc&f,b(_%f, b%`q+q' h'h'h'h'h'h'h'h'l% ^)w+d( h,l>&y'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h't" [)u+ c' q!Ӻb6e*g&g&g&g&g&g&g&g&`n.m$}\Bʴ]"t&\"b,R:տY'S)mi%k+ g(d(p3 ^j' k&g&h'j) i( h'g&h'i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( j'i+c$h'h'h'h'h'h'h'h'n$p/Z' \6$Ʊj:f!f$[)һUm&b(b(b(b(b(b(b(b(b(b(b(b(b(b(b(b(e,i+j'i&h) iOϵC+k%d!j+ a(b+g.h*j*d*d*d*d*d*d*d*d*e(e(e(e(e(e(e(e(e(e(e(e(e(e(e(e(u#i)\!k( f&ĒtgK]c)c)c)b(b(b(b(b(b$i$ f" \Eͳ`$ ~ ][<#ոT>y$pD-p.h'i( i( i( i( j) j) j) h'h'h'h'h'h'h'h'i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( j) j) j) j) j) j) j) j) j* j* j* j* j* j* j* j* j'j,d%h'h'h'h'h'h'h'h'r'b"T" ɦxȭ̬`1\x- m) MZ2\) o% o% o% o% o% o% o% o% o% o% o% o% o% o% o% o% V&\'c* h+]$ _0j'i& r/f$n-c h"m' p& p& p& p& p& p& p& p& j' j' j' j' j' j' j' j' j' j' j' j' j' j' j' j' ga* [' j-a({b}dg0p& p& o% o% o% o% n$ n$ c1^g aM|ѷR y#tB,Ӻ{e]$W3K7`)i( i( i( i( i( j) j) j) h'h'h'h'h'h'h'h'i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( j) j) j) j) j) j) j) j) j* j* j* j* j* j* j* j* k( j,d%h'h'h'h'h'h'h'h'q& g'oYdzU:&t[,g$ ky(l' K dzǬȾ¾Ҷſξƿý׽źĽỹΫӴѷ~κQ$d"Ī{fk R&ŧw\u$W!i( i( i( j) j) j) j) j) i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( j) j) j) j) j) j) j) j) j* j* j* j* j* j* j* j* k( k- e&h'h'h'h'h'h'h'h'm% b$ 嶠ҼζiPc,c"c{.t%i$ `/·fVz_J[E[E[E[E[E[E[E[EZDZDZDZDZDZDZDZD^DaGaH]GcNfQ[HhTmVdPWEcQfPT=_D[E[E[E[E[E[E[E[E^F^F^F^F^F^F^F^F^F^F^F^F^F^F^F^FV?cIcKdNYDiT}]J\F\F[E[E[E[EZDZD\G_I`M~WHbUʼU0ͳjei&ñѱn.i( e$j) j) j) j) j) k* k* k* i( i( i( i( i( i( i( i( j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j* j* j* j* j* j* j* j* l) k- e&h'h'h'h'h'h'h'h'f!e(`/R&Y.Ro.p'j+ap*d$`*Õxؽɟ|y}yâdzǞMi*ǟؾXn% a&l, j) j) j) k* k* k* k* k* j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) k* k* k* k* k* k* k* k* j* j* j* j* j* j* j* j* m* l. f'i( i( i( i( i( i( i( i( f'd) a) Re,n0bv, X"g- o2 [c" e(Y d-e)e)e)e)e)e)e)e)e)e)e)e)e)e)e)e)i+j,e'i+k+i)j*k+V/X1nF)a8S&a-`*h,h,h,h,h,h,h,h,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,h)k6 e*y0 g!_0 ̦Y,g+g+g+f*f*f*f*f*c % qtNZ l)q(j) j) j) j) j) j) j) j) o( o( o( o( o( o( o( o( o( o( o( o( o( o( o( o( `'Z( [#m# o)[-cLj) j) j) i( i( i( i( i( R, Z( f,sqR;Y-a# 峝Y*v& i&_ h"h/k* k* k* l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) k* k* k* k* k* k* k* k* k+ k+ k+ k+ k+ k+ k+ k+ n+ m/ g(i( i( i( i( i( i( i( i( e-p2 f"r& r% q' g!k* f$ l. b$l)q( r(k)g,j'j'j'j'j'j'j'j'k(k(k(k(k(k(k(k(}.fq+ l, k, `$h*f(u* c"T! qI7}ea&o,l)l)l)l)l)l)l)l)k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ i&j0 h'y% u# [#n{_m* m* l)l)l)l)k(k(s"wE'ɪĩj1f f.Ħf/d n' p j. _.r'k* k* k* l+ l+ l+ l+ m, l+ l+ l+ l+ l+ l+ l+ l+ j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) k* k* k* k* k* k* k* k* k+ k+ k+ k+ k+ k+ k+ k+ n+ m/ g(h(h(h(h(h(h(h(h(j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*i)i)i)h(h(h(h(h(h(h(h(h(h(h(h(h(i)i)i)i)i)i)i)i)r+ l&r._u?&ඟݽO5m%m)b"h)j- d) j,g) o% q( p( o' o* q. o- j(j*l, l, i)j*m- k+ g'k, f'i'y/ t"r(]Fd, _#e(c)^(d. n-w+olTf'b TD}gh(h(g'g'g'g'h(h(j) k* l+ m, m, m, m, m, k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k* k* k* k* k* j) j) j) k* k* k* k* k* k* k* k* l+ l+ l+ l+ l+ l+ l+ l+ o, n0 g(h(h(h(h(h(h(h(h(j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*i)i)i)i)h(h(h(h(h(h(h(h(h(h(h(h(i)i)i)i)i)i)i)i)o+i$q.p0T_.myW:Z/i.m& o#v- f&h/l) o, m- i)f(i+l. i.j*l, l, i)j*m- n. k+ l, j+ i+p, q* e& nF-īt+p2c,o1o&p*|oyh2]&O%zH2n"h(h(g'g'g'g'h(h(j) k* l+ m, m, m, m, m, l,l,l,l,l,l,l,l,l,l,l,l,l,l,l,l,l+ l+ l+ k* k* k* k* j) l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ o, n0 g(i)i)i)i)i)i)i)i)j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*i)i)i)i)h(h(h(h(i)i)i)i)i)i)i)i)i)i)i)i)i)i)i)i)d&j+d"g't4d+ b.R6e;$[# q/j#p*t/j- `#`#l0 q5j/f+j/l, m- m- k+ k+ m- n. m- j'g*f*h(m- [#N+h,s,t( q1w}m:*i#](dK׻Mk( x(h(h(h(g'g'h(h(h(k* k* l+ m, n-n-n-m, l,l,l,l,l,l,l,l,l,l,l,l,l,l,l,l,l, l, k+ k+ k+ k+ j* j* l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ o, n0 g(i)i)i)i)i)i)i)i)j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*i)i)i)i)h(h(h(i)i)i)i)i)i)i)i)j*j*j*j*j*j*j*j*c+q3 m.k'p, n. i) e* \${uN,T%s1s#h)r2r2g'd$l-q0 m,m- n. n. m- k+ k+ k+ k+ o, h+ g+i)o(j' X&ʳ_G[Gęf4b. ^-wC2ܳU:\t+l- Mi)h(h(g'g'h(h(i)k* l+ m, n-n-n-n-n-m-m-m-m-m-m-m-m-m-m-m-m-m-m-m-m-m-m-l, l, l, l, k+ k+ l+ l+ l+ l+ l+ l+ l+ l+ m, m, m, m, m, m, m, m, o, n0 g(i)i)i)i)i)i)i)i)j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*i)i)i)i)h(i)i)i)i)i)i)i)i)j*j*j*j*j*j*j*j*g0 `%f'p,m&k$n*l*x( k) qB#sѶnP! d,n* j'j'q+ u. s, q)q)l, l, l, m- m- l, k+ k+ q. h)j,s, oz(n'zgydh5[!e, |P3ͫgPw.w$l& b*Y"u:i)i)h(h(h(h(i)i)l+ l+ m, n-o.o.o.o.n.n.n.n.n.n.n.n.n.n.n.n.n.n.n.n.n.n.m-m-m-m-l, l, m, m, m, m, m, m, m, m, m, m, m, m, m, m, m, m, o, n0 g(i)i)i)i)i)i)i)i)j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*i)i)i)i)i)i)i)i)i)i)i)i)j*j*j*j*j*j*j*j*_'i/ s3s. o(n*o- l, v1 i#s, v4m5}@&m0e% j) l)j& n( v0l, j*j*m- o/ n. n. n. p)h(n0 x4s#x& i h(N* e1]i0uYªųna\,a*h) k) g&g(j*e#i)i)h(h(h(h(i)i)l+ m, n-o.o.o.o.o.n.n.n.n.n.n.n.n.n.n.n.n.n.n.n.n.m0m0l/l/l/l/k.k.n-n-n-n-n-n-n-n-m, m, m, m, m, m, m, m, o, n0 g(j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*i)i)i)i)j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*e, e) e%k( p-k+ g(i, i0 n. v- l q*d)\1|_̵ǰƗ~N6Y%b,j2`'t4n. j*l, o/ o/ n. o/ x+ n+ e+_%h)e& ])U,BkDӻɜP@^% _/ u"q2\0 X+l+ s%k#d'i)i)i)h(h(i)i)i)m, m, n-o.p/p/p/o.o/o/o/o/o/o/o/o/o/o/o/o/o/o/o/o/n1m0m0m0m0l/l/l/n-n-n-n-n-n-n-n-m, m, m, m, m, m, m, m, o, n0 g(j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*i)i)i)j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*b' g( j) k) k) j* g- f. h* j,b'k.m. e%p, v. @%^A,w`ӳ־ȰyaH?u5m- m- o/ n. m- m- -u0d/ ^/ b>_ĩٿxO8e2d0a)l+|4l.t. u+ l(f, e/i) q' j*i)i)h(h(i)i)j*m, m, n-o.p/p/p/p/o/o/o/o/o/o/o/o/o/o/o/o/o/o/o/o/n1n1n1m0m0m0m0m0n-n-n-n-n-n-n-n-m, m, m, m, m, m, m, m, o, n0 g(l)l)l)l)l)l)l)l)j*j*j*j*j*j*j*j*m* m* m* m* m* m* m* m* j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*l)l)l)l)l)l)l)l)j*j*j*j*k+ k+ k+ k+ m* m* n+ n+ n+ n+ o, o, s+ t.q.i) k.H(sRɔsó̼ͽ̼̼˻˾ȼɸ̧mZDb2k+k+k+l, l, m- m- n. o- o- o- o- n, m+k)k)i)i)h(h(i)i)j*k+ k+ l, m. o/p0n0n0n0n0n0n0n0n0n0n0n0n0n0n0n0n0n0n0n0n0n0n0n0n0n0n0n0q1p0p0o/n.n.m-m-m, m, m, m, m, m, n-n-p-n0 k,l)l)l)l)l)l)l)l)j*j*j*j*j*j*j*j*m* m* m* m* m* m* m* m* j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*l)l)l)l)l)l)l)l)j*j*j*k+ k+ k+ k+ k+ m* n+ n+ n+ n+ o, o, o, p* q+ p-l, h+ f+ g.h2c$i*m.k,h)h)i*i*c0_*b,c*b& k+ n-g$k+k+l, l, m- m- m- n. o- o- o- o- n, m+l*k)i)i)i)i)i)j*j*k+ k+ m- m. o/p0o1n0n0n0n0n0n0n0n0n0n0o1o1o1o1o1o1o1o1n0n0n0n0n0n0n0n0r2r2q1q1p0o/o/o/n-n-n-n-n-n-n-n-p-n0 k,l)l)l)l)l)l)l)l)j*j*j*j*j*j*j*j*m* m* m* m* m* m* m* m* j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*l)l)l)l)l)l)l)l)j*j*j*k+ k+ k+ k+ l, n+ n+ n+ n+ n+ o, o, o, s-n+ k( k* k.j/g, a(n-p/ q0 o.n-o.q0 q0 t,t- u, s+ t+u-u-u+k+l, l, l, m- n. n. n. p. p. p. p. o- n, m+l*j*j*i)i)j*j*k+ k+ l, m- n/ p0q1o1o1o1o1o1o1o1o1o1o1o1o1o1o1o1o1o1o1o1o1o1o1o1o1o1o1o1s3s3s3r2r2q1q1q1o/o/o/n.n.n.m-m-p-n0 j+l)l)l)l)l)l)l)l)j*j*j*j*j*j*j*j*m* m* m* m* m* m* m* m* j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*l)l)l)l)l)l)l)l)j*k+ k+ k+ k+ l, l, l, n+ n+ n+ n+ o, o, o, o, t1s0p0o/ n/ m0l/ l/ g2g2f1e0f1g2h3h3p, v2s2 p/ p2 k/g+h/l, l, l, m- m- n. n. o/ q/ q/ q/ q/ p. o- n, m+k+ k+ j*j*j*k+ l, l, m- n. o0q1r2p2p2o1o1o1o1o1o1o1o1o1p2p2p2p2p2p2p2p2p2p2p2p2p2p2p2p2q3q3q3q3p2p2p2p2r2r2q1p0p0o/n.n.p-n0 k,l)l)l)l)l)l)l)l)j*j*j*j*j*j*j*j*m* m* m* m* m* m* m* m* k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ m* m* m* m* m* m* m* m* k+ k+ k+ k+ l, l, l, l, n+ n+ n+ o, o, o, o, p- k(k+ m- n. n. n. n/ p1w0v/ u. w0w0w0w0w0r1u4n.g* g- d, b, j6l, m- m- n. n. o/ o/ o/ r0 r0 r0 r0 q/ p. o- n, l, k+ k+ k+ k+ l, m- m- n. o/ p1q1s3q3p2p2p2p2p2p2p2p2p2p2q3q3q3q3q3q3q3q3q3q3q3q3q3q3q3q3q3q3q3q3p2p2p2p2t4t4s3r2r2q1p0p0r/p2k,l)l)l)l)l)l)l)l)j*j*j*j*j*j*j*j*m* m* m* m* m* m* m* m* k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ m* m* m* m* m* m* m* m* k+ k+ k+ l, l, l, l, l, n+ o, o, o, o, p- p- p- s3q1n. m- n. q/ q/ q/ t+r) s*u,v-t+t+t+t+w.u,r,r.k) g$ m*m- m- m- n. o/ o/ o/ p0 s1s1s1s1r0 q/ p. o- l, l, l, l, l, m- m- n. n. p0p1r2s3r4q3q3q3q3q3q3q3q3q3q3r4r4r4r4r4r4r4r4r4r4r4r4r4r4r4r4o3o3o3o3o3o3o3o3s4s4r3r3r3q2q2q2u2r4m.l)l)l)l)l)l)l)l)j*j*j*j*j*j*j*j*m* m* m* m* m* m* m* m* k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ m* m* m* m* m* m* m* m* k+ k+ k+ l, l, l, l, m- o, o, o, o, o, p- p- p- l. l, n. p0 u3t2s/ p, j/i.j/l1l1j/j/l1v2 u1v/ v/ v/q* o' s+ m- n. n. n. o/ o/ p0 p0 t2t2t2t2s1r0 q/ p. m- m- l, l, l, m- n. n. o/ p0q2s3t4r4r4q3r4r4r4r4r4r4r4r4r4r4r4r4r4r4r4r4s5s5s5s5s5s5s5s5p4p4p4q5q5q5q5q5s4s4s4s4s4s4s4s4x5t6o0l)l)l)l)l)l)l)l)j*j*j*j*j*j*j*j*m* m* m* m* m* m* m* m* k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ m* m* m* m* m* m* m* m* k+ k+ l, l, l, l, m- m- o, o, o, o, p- p- p- p- m/ n0 o/ q/ q/ s/ t0 w0q1o/ p0 r2q1o/ p0 t4n8 j3l3n4 o3 m/n0r1 m- n. n. o/ o/ p0 p0 p0 t2u3t2t2s1r0 q/ p. m- m- m- m- m- m- n. o/ o/ p0q2s3t4r4r4r4r4r4r4r4r4r4r4r4s5s5s5s5s5s5s5s5s5s5s5s5s5s5s5s5r6r6r6r6r6r6s7s7s4s4t5t5t5t5t5t5z7v8p1l*l*l*l*k)k)k)k)m+m+m+m+m+m+l*l*m+m+m+m+m+m+m+m+m+m+m+m+m+m+m+m+m+m+m+m+m+m+m+m+n, n, n, n, n, n, n, n, o- o- o- o- o- o- o- o- p. p. p. p. p. q/ q/ q/ q/ q/ q/ r0 r0 r0 r0 s1s1s1s1s1t2t2t2t2s1u3v4u3r0 o- n, o- p/ p/ q0 q0 r1 s2 t3 t3 t3 u4v5v5v5u4t3 s2 r1 q0 n/ n/ m/ n0 o1 n3 r2s3s5t5u6s6s6s6t6t6t6t6t6t6t6t6r6r6r6r6r6r6r6r6r6r6r6r6r6r6r6r6s7s7s7s7s7s7s7s7q7q7q7q7q7q7q7q7n6o9q6"m+m+l*l*l*l*l*l*l*l*l*l*l*l*l*l*l*l*l*l*l*l*l*l*m+m+m+m+m+m+m+m+m+m+m+m+m+m+m+m+n, n, n, n, n, n, n, n, o- o- o- o- o- o- o- o- p. p. p. p. q/ q/ q/ q/ q/ q/ r0 r0 r0 r0 s1s1s1s1s1s1t2t2t2t2s1u3v4u3r0 p. o- o- p/ p/ q0 q0 r1 s2 t3 t3 t3 u4v5w6v5v5t3 t3 s2 r1 o0 o0 n0 o1 p2 o4 r2s3s5t5u6t7t7t7u7u7u7u7u7u7u7u7s7s7s7s7s7s7s7s7s7s7s7s7s7s7s7s7t8t8t8t8t8t8t8t8r8r8r8r8r8r8r8r8o7o9r7#m+m+m+m+m+m+m+m+j(j(k)k)l*l*l*m+k)k)k)k)k)k)k)k)m+m+m+m+m+m+m+m+n, n, n, n, n, n, n, n, n, n, n, n, n, n, n, n, o- o- o- o- o- o- o- o- p. p. p. p. q/ q/ q/ q/ r0 r0 r0 r0 s1s1s1s1s1s1t2t2t2t2u3u3t2u3v4v4s1q/ p. p. p/ p/ q0 r1 s2 s2 t3 t3 u4u4v5w6w6v5u4u4t3 s2 p1 p1 o1 p2 q3 p5t4t4t6v7v7u8u8u8u7u7u7u7u7u7u7u7t8t8t8t8t8t8t8t8t8t8t8t8t8t8t8t8t8t8t8t8t8t8t8t8r8r8r8r8r8r8r8r8p8p:r7#l*l*l*l*l*l*l*m+k)k)l*l*m+n, n, o- m+m+m+m+m+m+m+m+m+m+m+m+m+m+m+m+n, n, n, n, n, n, n, n, o- o- o- o- o- o- o- o- o- o- o- o- o- o- o- o- p. p. p. q/ q/ q/ q/ r0 r0 r0 s1s1s1s1t2t2t2t2t2t2u3u3u3u3u3v4v4v4u3s1r0 q/ p/ q0 q0 r1 s2 t3 t3 t3 u4v5w6x7x7w6v5v5u4u4r3 q2 q3 r4s5r7u5v6v8w8x9v9v9v9v8v8v8v8v8v8v8v8u9u9u9u9u9u9u9u9u9u9u9u9u9u9u9u9u9u9u9u9u9u9u9u9s9s9s9s9s9s9s9s9q9q;s8$k)k)k)l*l*l*m+m+n, n, n, o- p. p. q/ q/ o- o- o- o- o- o- o- o- n, n, n, n, n, n, n, n, n, n, n, n, n, n, n, n, o- o- o- o- o- o- o- o- p. p. p. p. p. p. p. p. p. q/ q/ q/ q/ r0 r0 r0 s1s1s1s1t2t2t2t2t2t2u3u3u3u3v4v4v4v4w5w5v4u3s1r0 q0 q0 q0 r1 s2 t3 t3 u4u4v5w6y8y8x7x7w6w6v5s4s4r4s5t6s8w7x8x:y:z;x;x;x;w9w9w9w9w9w9w9w9v:v:v:v:v:v:v:v:v:v:v:v:v:v:v:v:w;w;w;w;w;w;w;w;u;u;u;u;u;u;u;u;s;r<s8$k)l*l*m+m+n, n, n, p. p. q/ q/ r0 r0 r0 s1q/ q/ q/ q/ q/ q/ q/ q/ p. p. p. p. p. p. p. p. n, n, n, n, n, n, n, n, o- o- o- o- o- o- o- o- p. p. p. p. p. p. p. p. q/ q/ q/ q/ r0 r0 r0 r0 s1s1t2t2t2t2u3u3u3u3u3u3v4v4v4v4w5w5w5w5x6w5u3s1q0 q0 r1 r1 s2 t3 u4u4u4v5x7y8z9z9y8x7x7x7u6t5t6u7v8u:x8y9y;z;{<z=z=z=y;y;y;y;y;y;y;y;w;w;w;w;w;w;w;w;w;w;w;w;w;w;w;w;x<x<x<x<x<x<x<x<v<v<v<v<v<v<v<v<t<s=t9%n, n, n, o- p. p. q/ q/ r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 o- o- o- o- o- o- o- o- o- o- o- o- o- o- o- o- p. p. p. p. p. p. p. p. q/ q/ q/ q/ r0 r0 r0 r0 t2t2t2t2u3u3u3u3u3u3v4v4v4v4w5w5x6w5w5x6y7x6v4t2q0 q0 r1 s2 t3 t3 u4u4v5w6x7z9z9z9z9y8z9y8v7v7u7v8w9v;z:z:z<|=|={>{>{>z<z<z<z<z<z<z<z<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<v<v<v<v<v<v<v<v<u= t>t9%p. p. p. q/ r0 s1s1s1r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 s1s1s1s1s1s1s1s1o- o- o- o- o- o- o- o- o- o- o- o- o- o- o- o- p. p. p. p. p. p. p. p. q/ q/ q/ r0 r0 r0 r0 r0 t2t2t2t2u3u3u3u3u3v4v4v4v4w5w5w5x6w5w5x6y7y7w5t2q0 q0 r1 s2 t3 t3 u4u4v5w6y8z9{:{:z9z9z9z9w8v7u7w9x:w<z:{;{=|=}>{>{>{>{={={={={={={={=x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<y= y= y= y= y= y= y= y= w= w= w= w= w= w= w= w= v>!t>t9%s2 s2 s2 s2 s2 s2 s2 s2 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 q0 q0 q0 s2 s2 s2 s2 s2 s2 s2 s2 p2 p2 r3 t3 r1 s/ q-p*v2 r. p,p/ o.k,m.q2 j)s2 n-p/ s2 o.r1 t3 u7n0 q3 u7p2 n0 q3 p2 t3 t3 u4u4v5v5w6w6v5w6w6w6w6x7x7x7x7x7x7y8y8y8y8y8s2 r1 r1 r1 r1 s2 t3 t3 u4w6x7z9|;|;|;|;{9{9z8y7x6y7{9};}>}>~>|?}?!|@"}A#}A${?!{?!{?!z> z> y=y=y=y= y= z>!z>!z>!z>!z>!z>!u= u= u= u= u= u= u= u= w>$w>$w>$w>$w>$w>$w>$w>$y>$y>$y>$y>$y>$y>$y>$y>$t> vA x=)s2 s2 s2 s2 s2 s2 s2 s2 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 q0 q0 s2 s2 s2 s2 s2 s2 s2 s2 r4r3 o0 n/ q0 o.o+q-n*p,s/ s2 r1 n/ m.l-p/ r1 p/ q0 s2 q0 r1 r1 n/ l-l-n/ p1 q2 p1 n/ t3 t3 u4u4v5v5w6w6w6w6w6w6w6x7x7x7x7x7y8y8y8y8z9z9u4s2 r1 q0 r1 s2 t3 t3 v5w6x7z9{:|;}<}<|:|:{9z8x6y7{9};}>}>~?}@ ~A!}A#~B$~B$}A#}A#}A#|@"|@"{?!{?!z> {?"{?"{?"{?"{?"|@#|@#|@#v>!v>!v>!v>!v>!v>!v>!v>!w>$w>$w>$w>$w>$w>$w>$w>$y>$y>$y>$y>$y>$y>$y>$y>$t> vA x=)s2 s2 s2 s2 s2 s2 s2 s2 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r3 s4q2 t5y:u4o.s2 u3q/ m+k+o/ q3o1 k- n. l, o/ o/ n. n. j*h(o- t2u3s1u3u3s1t2t3 u4u4v5v5w6w6w6w6w6w6x7x7x7x7x7y8y8y8y8z9z9z9z9x7u4r1 q0 r1 t3 u4t3 w6w6x7y8z9{:}<~=}<}<}<{:y8y8{:|;|=~?@B"D$C%C%C%C%C%C%~B$~B$}A#}A#}A#}A$}A$}A$}A$}A$}A$}A$}A$w?"w?"w?"w?"w?"w?"w?"w?"x?%x?%x?%x?%x?%x?%x?%x?%z?%z?%z?%z?%z?%z?%z?%z?%v@"xC"y>*s2 s2 s2 s2 s2 s2 s2 s2 r1 r1 r1 r1 r1 r1 r1 r1 q0 q0 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 u4s4o0 r3 x9p1 g)l.i)m- r2q3l. h*i- o3o1 l. q3o1 m/ q3q3r4x6p. n, o- o- r0 t2t2u4u4u4v5v5w6w6x7x7x7x7x7x7y8y8y8z9z9z9z9z9{:{:{:{:x7s2 q0 r1 t3 u4u4w6w6w6x7y8{:}<~=~=>~=|;{:z9{:|;|>~@AD"F&G'G'E'F'F'F'~E&~E&}D%}D%|C$|B%|B%|B%|B%|B%|B%|B%|B%yA$yA$yA$yA$yA$yA$yA$yA$zA'zA'zA'zA'zA'zA'zA'zA'|A'|A'|A'|A'|A'|A'|A'|A'xB$yD#z?+s2 s2 s2 s2 s2 s2 s2 s2 r1 r1 r1 r1 r1 r1 r1 r1 q0 q0 q0 r1 r1 r1 s2 s2 r1 r1 r1 r1 r1 r1 r1 r1 t3 s2 l-n/ r4m2 k0 q6q2k, k, q2q4l/ i/ l2m0m0n1k. h+ i, m0r5x8k+ o/ y9t4r2t4p0u4u4v5v5w6w6x7x7x7x7x7y8y8y8y8y8z9{:{:{:{:|;|;|;~=z9v5s2 s2 t3 u4u4w6w6w6w6y8{:}<~=>>>~=|;{:|;}<{=}?CE#G%I)I)I)H)H)G(G(F'F'~E&~E&~D'~D'}C&}C&}C&|B%|B%|B%zB%zB%zB%zB%zB%zB%zB%zB%{B({B({B({B({B({B({B({B({B({B({B({B({B({B({B({B(zD&zE$z?+s2 s2 s2 s2 s2 s2 s2 s2 q0 q0 q0 q0 q0 q0 q0 q0 p/ q0 q0 q0 r1 s2 s2 s2 r1 r1 r1 r1 r1 r1 r1 r1 u1 s2 s2 q2 m2 j1 j1 g0 m. n1~A\:pMtQoLlI`=jGhEmJqNlInKoLV4{>m0l/ k. o2s6n1u4u4v5v5w6w6x7x7y8y8y8y8y8z9z9z9{:{:|;|;|;|;}<}<~=|;y8v5t3 s2 t3 u4v5v5w6x7y8{:|;}<>??>~=}<}<~={=}?BF"H&K(L)L,J+J+J+I*I*H)H)~G(~F)~F)}E(}E(|D'|D'{C&{C&|D'|D'|D'|D'|D'|D'|D'|D'|C)|C)|C)|C)|C)|C)|C)|C)|C)|C)|C)|C)|C)|C)|C)|C){E'|G&{@,s2 s2 s2 s2 s2 s2 s2 s2 q0 q0 q0 q0 q0 q0 q0 q0 p/ p/ q0 q0 r1 s2 s2 s2 s2 s2 s2 s2 s2 s2 s2 s2 w3v2 w6p2 h-n5u>o;rPqOeBJ'i1`(c+f0 i/ s9]#c)q7i/ m3k1~F#jG~[lIH%e- c+r:u4v5v5w6w6x7x7x7y8y8y8z9z9z9z9z9|;|;|;|;}<}<}<}<~=~=|;y8t3 r1 s2 u4u4v5w6x7z9{:{:|;~>@A@?~>?@|>}?BE!H$K(N+O,N/M.M.L-L-K,K,K,I,I,H+H+G*~F)~F)}E(}E(}E(}E(}E(}E(}E(}E(}E(}D*}D*}D*}D*}D*}D*}D*}D*|E*|E*|E*|E*|E*|E*|E*|E*}G)}H'|A-s2 s2 s2 s2 s2 s2 s2 s2 q0 q0 q0 q0 q0 q0 q0 q0 p/ p/ q0 q0 r1 s2 s2 t3 s2 s2 s2 s2 s2 s2 s2 s2 w1 r. t3 p2 q6U.wO|Ti, n4n4o5I&gDvSsPyVuRt<f. o7d, l4j2f2k7_+p<sO\U1f2v5v5v5w6w6x7x7x7y8y8y8z9z9z9z9{:|;|;|;}<}<}<}<~=}<>~=z9u4q0 s2 u4t3 u4w6y8z9{:{:{:~>?AA@?@A|>}?AD H$K(N+P-P1P1P1O0N/N/N/M.K.K.J-J-I,H+H+G*~F)~F)~F)~F)~F)~F)~F)~F)~E+~E+~E+~E+~E+~E+~E+~E+}F+}F+}F+}F+}F+}F+}F+}F+~H*~I(|A-t3 t3 s2 s2 s2 s2 s2 s2 p/ p/ p/ q0 q0 r1 r1 r1 u4u4v5w6y8z9{:{:y7y7{:x7u4 ?q/{:y0x5e, |L*|WrMb3 g6T0vRkFuP]6i+u6q2 o5mIp5r4p2 r1 s1t2 m- s3u5p0 n0 BeA^zJ(e/{<w3x2 =t6 t;y8z9{:|;}<}<|;|;}<}<}<~=~=>>>?>??z9s2 r1 v5u4 v5x7y8z9{:|;|;}=~>@BBA@?~=?CDG!J&O+R.S2S2R3Q2Q2P3P3P3M3L2L2K1J0H.H.G-G-G-G-F,F,F,~E+~E+F,F,F,~E+~E+~E+~E+~E+H/H/H/H/H/H/H/H/{I-{J*H5t3 t3 s2 s2 r1 r1 s2 s2 q0 r1 s2 t3 u4v5v5w6x7x7y8y8z9{:|;|;x6Bq0 @|;u4 ?w7t1@!cxVl?`0 uPxSY5~H%`)f,q6n/ t3 m,k1 iEm2 q3 q3 u4 v4 y7s1s3u5s3o1 o1 q5u9iHbr5v6}<r1 Et6 y8z9{:|;}<}<|;|;}<}<~=~=>>???>?@|;u4s2 u4w6x7x7x7x7y8z9|;}=~>@BBBAA@@BDEI#N*R.T3T3T3T5T5R5R5Q4O5O5N4M3L2K1J0I/I/I/I/H.H.G-G-G-H.H.H.G-G-G-G-G-H/H/H/H/H/H/H/H/|J.|K+I6t3 s2 r1 r1 r1 r1 s2 t3 u4u4v5x7y8z9{:|;{:{:{:|;|;}<}<}<~=?~=|={<{=r5 |?P0ȏo{F%h6uQcI%{=w=h. i- l.o0 t3 t1 y4 i/ gCl1 p2 q3 u4 w5 y7s2 s2 t3 u6w8u7q3 l.A}@ÉeJ&l1 Dt3 =z9z9{:|;}<}<}<}<~=~=~=>>??@??@A>y8t3 s2 w6x7y8x7w6w6y8{:|<~>@BCCCCBBBBCG!M'Q-T1T4V6X7X9W8U8U7S8S8R7Q6P5O4N3N3M2M2L1L1K0K0J/J/K0K0K0K0K0J/J/J/I0I0I0I0I0I0I0I0}K/}L,I6s2 r1 r1 r1 r1 t3 u4w6y8y8z9{:|;}<}<~=}<}<}<}<}<}<}<}<?z9A|=|>y>x<iEch5O+`iEx:~?{7z:m- u6w6u1 z5v1 w2 l2jFn3 q3 p2 s2 t2 v4 t3 t3 s2 q2 r3 t5v8y;n*w7t:\_7p5?9{:{:|;}<}<}<~=~=>>>??@@A@@ABA~=x7t3 u4 w6y8x7w6w6y8{:|<}=?ACDEEEDCABEK%P)S0U2X8Z:\;[fCxUl?T0gT0u7E{7H#F x7p,p-n+q.y4 t/n4lHo4 r4p2 r1 s1t2 w4 y6x7v5s2 p2 r4 t6?u4l1 r>X]9v6~:}<}<}<}<~=~=>>??@@AAAB@ABCCA}<w6s2 u4 x7y8y8y8z9{:|<}=?ACDEFHGDBBEI!M&P.S1X5\<_>_>^>]=X=X=Wp5z@cBnMvC#wG#͙uE!s3DCD~=@=t3 v5t3 p0y9t4 m3kGn3 r4q3 t3 u3 w5 v3 w4 y6x7y8w9v8u7q.}<}@l1 t:{WZ8x9~=~=~=~=>?@@@@AABBBCBCCCDEA~=t3 u4 v5x7z9{:{:{:|<}=~>@BDEFIIHEEEGJ"N*R.V4\9_>a@b@aA\A\A[@Z?Y>X=W?F!>G~CD@q3 p2 u7t8t9 p5l2jFo4 r4r4 u4 w5 y7z5 y4 v4 v4 u5 v6 v6 t6 As5 y8Bt4{>|YW6??>>?@ABAAABBCCCCEECDG!G!Dz9w6u4 v5x7{:|;{:}=}=~>?ACDEJJJIGFEFJ'O+T0Z7`Y=X?>~=}<~=~=~=>>??@>>>>>???>Dp3 Z6g{H(tB$ə}s>C?A;D}B|FBEBs6o5 m3 h1r;n4lHp5s5r4 u4 w5 x6 y4 {6z8z8w7w7z:|<v=w9x5}7>u6wA m@????@BCAABBCCDDCF ECDH"J$H">z9t3 s2 w6{:|;|;}=}=~>?@BCDJKKKIFEDH%L)R.Y6_;c?eCfDdHdHcGbFaE`D_C^B\@\@[?Z>Y=W;V:V:U9U9U9T8T8T8T8S7R8R8R8R8R8R8R8R8S7R2M:????????????????????????~=Dw?b{F!u@ʒoz@CCCDDEEEI"G C|9s0 x5{8s0 iHu@t9p3x7 u4r3w7v6 v6 v6 w7w7x8x8x8|<|<|<|<}=}=}=}=ml:~F~@CGBADDDEEFFFGGHHHHHI G <w4 x5|9|9|9~;}=~>?@ACDDFGI K"K"I GFIJN$V.\8_V=V=V=UCCDDEEFF@G H!}:o,t1 z7v3 eDp9s6r3{8 z7 x7 x8w7w7x8x8y9y9z:z:|<|<|<}=}=~>~>~>eEuQo7KC>E >EEEFFGGGHHHHI I I I I"D=z7y6{8~;~;}=~>?@ACDDFGI K"K"J!I HJIL"S+Z3]:aAgFgMgMgMgMgMfLdKcJbHbHaG_E^D]C\B[AX?X?X?X?W>W>V=V=V=V=U~>???s@`J!HDBI"DFFGGHHI I I I J!J!J!J!K"K"K$M&H!}<u4 w6|;|;}=}=~>@ABCDEGI K"L#L#K"J!KHJ N&T-Y5`=gDhLiMkOkOkOiOhNhNfLeKdJcIbHaG`F_E]C\B\B[A[AZ@Z@Z@Z@Z@Y?X>X>X>Y?Y?[:U?UICCCCCCCCCCCCCCCCCCCCCCCCz>}YZ5wBc~G DDEEEFFGGHM&H!H!J#Bv5r1 t3 rSt:u6y4 y4 z5 :|7y9y9y9z:z:{;{;|<}=~>~>?@@AAvAW2~W}@DJ#EI"HHI I J!J!K"K"K"K"K"L#L#L#L#L#M&Q*P)Dy8v5y8|;}=}=~>?ABCDEFI K"M$M$M$M$L IGJ"O'U.^7gBiIlLmOoSnRlRkQjSjPiOhNgMeKdJcIcI_E_E_E^D]C]C\B\B\B\B[AZ@Z@Z@[A[A^=XBXLCCCCCCCCCCCCCCCCCCCCCCCCN+`yD^9tL{CGBFFGGHHHI J"J"L$M%I!~@y;z<oPq8w9>=~:;y6x8y9y9z:z:{;{;{;~>??@ABCCM&r9ƍfM&G J"BGJ!J!J!K"K"L#L#M$M$M$M$N%N%N%N%N%P(Q)S+O'Cv8t6y;|<}=~>?ABCCDFHK"M$N%N%O&M$J!HJ K#P(Z1c:iEkJpPqSqUnTmUnVmSlRkQjPiOgMfLfLbHbHaGaG`F_E^D^D^D]C]C\B\B\B\B\B`?\F[ODDDDDDDDDDDDDDDDDDDDDDDDlL_>t>e}I!I!I CGGHHI I I J!FL$L$L$R*P(~@n0kMk6m3t6x8v6 w9y:y9y9y9z:z:{;{;|<?@@ACDDEFBc?mJK'EI JK"K"L#L#M$M$N%N%O&O&O&O&P'P'P'P'Q)P(S+U-N&Ax:x:|<}=~>?@BCCDFHJ!L#N%O&O&O&M$K"K"L"M#V+^3d?iDoNrRrVqVpXpZqVqVpUoTmRlQkPkPfLfLeKdJcIbHaGaG`F_E_E^D^D^D^D_EbA_I^RFFFFFFFFEEEEEEEEEEEEEEEE~_}G&T0ZyB}CL GHHHI I J!J!J!M%N&I!I!O'M%DBz[vF$s>t<z>s7 r7x?z:z:{;{;|<|<}=}=@@ABDEFF?M%|BbI&G O#NL#L#L#M$M$N%N%N%P'P'P'Q(Q(Q(Q(R)S+Q)S+V.V.N&Bv9|<|<}=?@ABCEFGI K"M$N%O&P)O(O&O&N!LQ$X)^6e=lHrRsWtYs]u^uZuZtYsXqVpUoTnSjPjPiOhNgMeKeKdJcIbHbHaGaGaGaGaGdCaK`TGGGGGGGGGGGGGGGGGGGGGGGG}^zD%^yE M&FIKHHI I J!J!K"K"N&L$K#O'N&N&mEךrheDqKzQzO\1u>n7|<|<|<}=}=~>~>~>@ABCDEFGGED"fyC"M&IKL#L#L#M$N%N%N%O&Q(Q(Q(Q(R)R)R)R)T,T,S+U-Z2X0J"v9|<|<}=?@ABCEFGI K"M$N%N%Q*P)R)Q(O"KO T%X/`8jEqPtUuZw`xcx]x]w\uZtYsXrWqVmSmSlRkQiOhNgMgMeKdJdJcIcIcIcIdJeDcMaUIIIIIIIIHHHHHHHHEIIIFDF~XQ)J"[FFGL$J"H!H!I"J#J#K$L%L%M'I%P+P*|O*cӦ^Dr1 x;y>|EgBb~O)s:t9{=~;@{9CD}@~ADEEEFGIH J$O+^~EM#M M!N"N"O#P$Q%Q%R&S'S'S'T(T(U)U)U)V*V-W-X.W/X0X1X1v9x<y=|>~ADDBGGHIKM!O#Q%S'S'T(T(S'Q%O#M!Q(X0b;kFqPvVyZ{^}`}`}a|azbw_t\q[s[qYoWmUkSjRjRjRgPgPgPgPfOeNdMdMgIiTl^JJJJJJJJHHHHHHHHCG~HJHGJ#\H G{SR*J"}BDGJ!J!K"K"L#M$M$N%P*H"R-O)ėrvQėr[9O&Cp5 yAg0 {Gs>ĐkQ*t9{=>A{;z<{@ACEFFFHI HI!L&O+_J#Q'M O#O#P$Q%R&R&S'S'T(U)U)V*V*W+W+W+X,X/Y/Y/Y1Z2Z3Z3O'~Aw;}?D~A@EGGHIKM!O#P$R&S'U)V*U)S'P$N"O&U,^6hCpLvVz[|]}`~a}b}b{czbx`u_v^u]rZpXnVmUmUlTjRjRjRjRiQhPhPgOkMlWqdJJJJJJJJIIIIIIIIG K!KLIGI"YJ M#xNsItJvL|R\}Q}Q~R~RSTUU|VZxQʙszTleA|J&\VxO|Ss:{Bs:{A~WM&x:y8>A{=~CCEHIIJKLK L#N(M)^M&R(M!Q%Q%R&S'T(T(U)U)W+W+W+X,X,Y-Y-Y-[/Z1[1\2[3\4\5]6a9N&{>z>A~ABFFGHKL N"O#O#R&S'V*W+W+U)R&P$O#Q(X0b;kHtSzZ}^bbdd~f}e}e{ezbyaw_u]s[qYpXpXmUmUmUlTlTkSkSkSpQr\wjJJJJJJJJJJJJJJJJI"M#LLJGG }WHCN$Q'K!L"K!M#K L!L!M"N#O$O$P%T,L%V/㲊ɚtaM)ڦlAY.[0R)֛s|>i*@pI]6z=|;@@z>x?EGIKKLMNKGJ#H$~ZK$Q'Q%R&R&S'T(U)U)V*V*X,X,Y-Y-Z.Z.[/[/\0\3]3]3]5^6^7^7a:[3N&}@y=AEDEFIKM!N"O#O#Q%S'V*X,Y-W+U)S'Q#Q%T*[2d?oKxW}]deghihij~f}e|dyaw_u]t\s[qYqYpXoWoWnVnVnVtWua~qKKKKKKKKJJJJJJJJEI~HKKI I"YIGCICK!K!K!N%N%O&P'P'Q(R)R)R*N&f=tL^6W2[qL`2X*[0_5[3Å]}?x7yEnGFDDz<D~E~BDGHIIKLT(N$R+Q,`M&N%R&S'S'T(T(U)V*W+W+Y-Y-Y-Z.Z.[/[/\0]1]4^4^4^6_7_8_8^7b;^7N&}@{?~@~@DFHJL N"N"N"Q%S'V*Y-Z.Y-X,W+U%T&R%T*[4hCsP{Zdfjjkkkmiig~f|dzbx`w_u]t\s[rZrZrZrZrZwZydzL L L L L L L L KKKKKKKKG J ILKI H!|VLQ$N!P#HN!O"P#K L!L!M"N#O$O$O$I\3uLV,X0[3xSW3X+]0c6[1^4Æ^N&}@k7yR{@|>Bz<~Dw@|B~DGIJ K!L"N$N!J T-Q,_P)P'T(T(T(U)U)V*W+X,X,Z.Z.[/[/\0\0]1]1_3^5`6`6`8`8a:a:`~BDEGIKL M!N"Q%R&U)X,Z.[/Z.Z.[)Y(T&S&U-_8kGtQ}aejlnmmpllkjhg}e|d{bzay`w^w^w^x_x_}a~iL L L L L L L L L L L L L L L L L%N$LNLI FySGJL L JJKO#P$P$Q%Q%R&S'S'T(]3I]X.P(S+_[7U(j>R&a4^4Ŏc\3T+uByRt9z<~@{?{AxAyB|E~G I"J#K$M&N'P#R'Z2~I$zUQ*U,V*V*V*W+W+X,Y-Z.Z.\0\0]1]1^2^2_3_3a5a8b8b8b:c;clHx\}aimoopsooonmljihf~e|c|c|c}d~eisL L L L L L L L L L L L L L L L I"L"KNO"L#J#~XP$HKJO#L JN"R$R$S%T&T&U'V(V(N$_4uJmC^4Y2Ɏg_9\/[.a5a5`6֡v`5f<_7_FBx:CX.uHqLsNvQxSyTzU|W}X[][Y4}XT-V-R'W+X,X,Y-Z.[/[/\0^2^2_3_3`4`4a5a5c7c:d:d:de>c>fBfBe>iBiAX0CDDEFHJM!N"Q%R&S'V*Y-[/]1_3a-`.],W)R(T,]7eAtXz^hmpqruqqqqqonmkjhgfghioxMN N N N O!O!O!N N N N N N O!O!M%J!L JN Q&{J"^L#K"J!N"O#LN Q"P"Q#R$R$R$S%U'W)V)[.Q$՞s\1V-\3߫a3_1e7]/~qG]5e=vбj{ZsRcAfC<~=BHHGJPW$R)N&`U0hR)V)X'Y+Y+Z,[-\.]/^0_1_1_1`2a3b4c5d6e7d7e8e8fh?i@i@i@hAjBjEkFkFlHMHFFHHKP#O!P"S%V(Z,^0`2b4a3b4a3]/Y+X*[-_1hBvQ_hovyxxvuvwxvupqqoonptxO!O!O!O!P"P"P"P"O!O!O!O!O!O!P"P"K#K"Q#P"N M"|I!_O&N%K"L O#S%T&S%Q#S%S%T&S%T&V(X*[.S&^1V{PY0Y0jAɖkΛpđfؤ{pGa8b:f>ʨ]gDfB[6R+C>@~?|?~BFKLKR([3\W2[V-\/],[-[-\.]/^0_1`2`2a3a3b4c5d6e7f8f8f9g:g:g=i?k@jAkBkBkBjClDlGmHmHnJm@V)FHKGGMR$S%T&V(X*Z,\.]/a3b4b4`2\.Z,Z,\.e=qJ}Ydkswvzyxyz{zytvvuuuy{óP"P"Q#Q#Q#Q#Q#R$Q#Q#Q#Q#Q#Q#Q#Q#M#N"T&T$N M N%dL#N%P'N"O"U'V(T&S%T&U'U'U'V(X*Y+V'Z-c6e8˔inCb9a8^5`7d;`8c;d>qKƠޭc=iAnEe]0MEHR!S(\3[X3Őka8U(^.^0_1`2a3b4c5c5d6d6e7f8g9h:i;i;jk>kAmCoDnEoFoFoFoHqIqLqLrMrNqRyYtP^7L"KLIJKMQ#U'Z,^0`2a3c5d6e7c5`2\.Y+[/b8lCySdouw~~Ʃ˵ǿQ#R$R$R$R$R$S%S%R$R$R$Q#Q#Q#P"P"S)O!Q U#OR$R*vOf;P%Q&U(S&R$O!U'U'V(V(V(U'V(W)Y+V%]/V(j;]0c6h=˔ȋiИoۤ}ǔlɚtœ^lGh8wJl>n@vGrCwIyKoDtIwLm@X+GEMN#yPkCgB~Y\4Y-b2_1`2`2a3b4c5d6e7e7f8f8g9h:i;jl?l?lBnDpEoFpGpGqHpIrJrMsNsNsOrUrSwWyTi@Q$GLMMN P"S%V(Z,\.b4c5d6e7e7c5`2]/[-^0e;qJ[jtx~ á£Ĩū̲S%S%S%S%T&T&T&T&T&T&S%S%R$R$Q#Q#S&P!PV$R T&L"Z3WX-N#R%V)Y+S%X*V(W)W)W)V(V(W)Y+^-\+a0[-X)f9iQ&nEf=bf>g>o?h8l;n@qDsEpEtInEqHvKqF_2KEJ{HǕkT,ad?\4a5^.`2a3b4c5d6e7f8f8f8g9h:i;jl>m@m@nAnDoEqFqHqHrIrIrKtLtOtOuPuQvZsTvV~Z|WlCV+HLLMN Q#U'Y+[-`2b4e7f8f8e7d6c5^,],a3kAxQanw~ßáţǥŧĩŪƪƬȮ˲εҼU'V(V(V(V(V(W)W)V(V(V(U'T&T&S%S%T&S$S!X%R W)M$P(`^3S(R%T'\.V(Y+X*Y+Y+X*W)W)Y+Z,Y(c2e4Z,i;a4W*g:f7f7sDh9c6қnqFqFn=l;xJwJrGvMrInFzPxOxOtIc9P$HKa5WW/Đk]8^6a5].c5c5d6e7f8g9h:h:i;i;jm?n@n@oBpCpCpFrHtIsJtKuLuLuNvNvQwRxSxTzZ}[zYwV~Z^pLW3MMMN P"T&X*Z,\.`2e7h:h:g9g9h:d0_-^.e9oG|WfrĠáţɧ˩ūǭʰ̲εҸվƾW)X*X*X*X*Y+Y+Y+Y+X*X*W)V(V(U'U'W)W(V$X%Q\,V-V.Ya5\1V)Q$X*T&W*Z,Z,[-Z,Y+Y+Z,\.b0Y(_.h7Y+i:e8e8l8k8e3n=oAӗij[a<_7^2f7d6e7f8g9h:i;jm?n@oApBpBqDrErErHsIvKuLvMwNwNwPxPxSyTzUzV[~Z|XzY~\`}]vVT&R$P"O!O!P"R$S%Y+_1f8jp?q@rArAsEtFuGvIwJxMyNyNwNwNwPxQyTzU{V{W}\}\~]~^_`aa|[[5KRSSW#W&Y(Z)],c2j9mo?ŗhqCpDtCuDvExIyJyLyLyL[|TyLSp?a4L$œowJh<{OT&_2]/jo>p?q@rAsBtCtCtFuGvHwJxKyNzOzOyPyPyRzS{V|W}X~Z^^_`abcceuQZ/LUW!R U$X'Y(\+a0f5j9me5j9k:l;mp?p?q@rArAsBtCuDvEwFvHwIwIxKzM{P{P|Q|S|S|U~V~YZ[\aabcdeffjepGW(T!V$U#V%W&X'Z)],a0f5l;q@q@n=k:g9b4c6m@zMfØwƟáƧɪͭӴֺؾŵʾ^-Y(W&[*],\+\+^-],],],\+\+\+\+\+],\+\+[*[*[*[*[*[.U(T[}Kb4X)b4^-_._.^-],^-`/a0b1c2f5g6g6g6i8j9m;mp?q@rAsBsBtCuDvEwFxGxGxJyKzL{N|O}R~S~S~U~UWX[\]^ccdefghhge_pGV)S$Z)W&W&X'Y(Y([*a0j9q@q?o=n=mp?q@rAsBtCtCuDvEwFxGyHyH{M{M|N}P~QTUVWWYZ]^_`eeeggiiigdjbkCW,U&U$W&X'X'W&X'^-g6n=p>q?s@q@j9d5g8m>}OdǚxȢ̩ЮѲٸֽó̽yHn=b1\+[*\+^-_.a0a0`/`/`/`/_._.a0`/_._.^-_._._.^.],a2g9Оpd9\1\3`/a0b1b1a0a0b1c2d3g6i8k:k:k:l;mo>p?q@rAsBtCtCuDvEwFxGyHzIzI{J}O~P~PRTWWXYY[\_`abgggiikkllolmdkCT'U$W&X'Y(X'X'[*b1h7pa0^-a0d3c2c2b1b1b1b1b1a0c2b1a0a0a0a0a0a0_-e3\+c3^0WƒiZ3a0b1d3d3c2c2c2d3f5i8l;n=n=n=o>o>r@rAqAtFwG͟pyKxL{J|K~MQTVWXVbجɠbԨ`[-T&P"MV%Q a.\)h5sBsBtCuDvEwFxGxGzIzI{J|K}L~MNNRRSUVYZ[^^`adefglllnnpppnquupƖrÎcsBX'Z)[*[*Z)Z)[*],f2q=xDvCvCwFq@g6f0vEZoȢϭѰֵӾŶQM~KzGr?f3_,_,`-e2g4d1b/d1e2d1d1d1c0c0c0c0b/b/c0b/b1a0].d5}NϘk_1i:a2d1j6e/g/g/j;f7g8n?rCo@l=m>qBvGsDzMtF̗l{PwLE‡ONNUZZ^gҪ{kڭўsk:b,X%S V#T!V#[(]*e2s@uBvCwDwDxEzG|I{H|I}J~KMNOOTTUWX[\\^_abefghllmooqrrrsuwuqjf|ToD`2['[(_+]+[*_,j7uBzG|I|IvCn;jxI_˜vѨҰնռôONOP|Io|M֣xd6_1e6b1k8e1i5j9n=p?n=ml>tEVƕṃѮյջ²;PPRTQyFl9d1c0f3h5h5h5i6j7h5g4g4g4g4g4f3f3f3g4c0b/e4e4a2a2d5pFϜqzOa3k=d5e4e4f3k8or?vBxDvCtAyH֞mRQMQY^eѠxۭУ}lęxӨУk[xGb.Z'U"Y&Y&Z'\)]*f3wDyF|I}J}J}J~KLMNOPQRSTXYY[]``acdfgj‘kkmooprrtuuØwx{||wrme\{Ln:b.^*]+_._,^+e2tA~K}JyFxEp?m{LaǚxЪմֻ˻SQPRQ~KtAl9e2f3g4h5j7k8k8j7h5h5h5h5h5g4g4g4j6e1b/e2e4d2c4d5d:nDўsʗla6b7rGd9q=k7h4l8q=t@vBzFr;xDwC|H|I̕bō\}LXSe٩ڬɜvhaోⵐʝxbfbzIt@\)W$[([(Z'[([(f3xEzG~KLMLMMOOPRSTU‰VZZ[]^abcefÐh‘iÒl“mÔnÓo”rrr•tu–wwxŚy|}~|Öt•pgaW|Hph5_._,^+_,e2s@LO~K|KuBp=r?{L`ȞyԮعʶOPPQTR|Is@oi7d1d1a.a.k8zGOMNzGt@s?wDT—lѨֵܽȳPRST‰VUNxEvCn;h5i6l9k8j7j7l9l9l9k8k8k8k8k8i2j3k7k6j5h5h5i6m9k7m:a0qBsE^0yNѠrϞpēeSuGrDrDqCsEwIzLS~RxM_Tbڪ௃ȗk\^Ēd͗hʖhaeϜqƒdxGpi6j7l9l9k8k8n;n;m:m:m:m:l9l9o8n7m6l7l7l9m:m:l4n6l6q=j7h9uFpBrFnBzN•iУw̟s̟sը|Сu˜p͠uțpҦ}Ф{׫޳ڨ~bX_őcƒc͘fΙgɑ`ΘiϛmɖkǔiȔfPh4c0Y&Z'\)]*b/n;QOPRRRS‰VÊWÊWÊWċXŌYǎ[ȏ\ɐ]ʑ^őbőbƒcœeƔfƕiǖjǖjȘnƙnǙpȚqǚtțuȝvɝxǝzǝzȞ{Ǟ}Ǟ}ƟǠǠɡȡǢƢǣʣʡʟ~ʜsɘlĐaTN|HxEtBr?j7b/b/e2l9yFSMK|Ew@ss>t?vAxCyDzE{F}H~IJKLOSVVÍXŎ[Ő]Ƒ^Ɠaɖd˘fȗgɘjșmȘn˚nƒcLo7e0\'](a,a,i4xCKMMNPRSTUŒWÍXĎYƐ[Ǒ\ɓ^ʔ_˕`ʔeʔeɕfʖhɗiʗl˘m˚nǚoǚoȚqțuɜwʜzʝ{˞}ʟ~ʟ~ɠɠȡȡɡɡʣˤˤ̥ˤʣɢȡ̡ɜwǓjČ]R~JxFvCvAqqt?u@vAxCzE{F{F}H~IKLMPSVVÍXƏ\Ƒ^ǒ_ǔbʗe̙gɘhɘjșmʚp˚nƒcLo7f1_*_*b-e0o:}HMOOPRTUVŒWÍXĎYŏZƐ[Ȓ]ʔ_˕`˕`˕fɕfʖg˗iʘj˘m˚n˚nɜqɜqʜsʝw˞y˞|̟}̡̡͠ˢˢʣʣˣʤ̥̥ͦΧ̥ͦˤʣ͢ʝxǕkÍ^SLyGwDu@qt?t?vAwByDzE{F|G}HJLNOQTVÍXŏZǐ]ǒ_ȓ`ȕc˘f͚h˚j˚lʛo˛q̛oőbKo7f1b-a,d/k6xCNNQRSTVÍXĎYĎYŏZŏZƐ[Ȓ]ʔ_˕`̖a͗b˗h˗h̘i˙k̚l̛o͜p͜p̟t̟t˟v̟y͡|ΡϢ̧̥̥̦̦̦ͤͤͤͨ͢ΩΩΩ̧ͨ˦Ϥ̟zʘnŏ`‰VN|IyFu@r=o:m8j5j5qn;p=p?r=s>s>t?s>s>r=r=p;p;p;p;p;o:o:o:p;p;qs>t?u@u@u@wBxCzE{F|G}H}HKMPQRUŒWĎYƐ[ɒ_ɔaʕbʗe̙gΛi͜l̛m̝qΞtΝqőbJp8e0d/c.g2r=LRPSSTVÍXĎYŏZƐ[Ǒ\Ǒ\ɓ^ʔ_̖a͗bΘcϙd͙j͙j̛k͛m͜nΝqϞrΟsˠu̡v͡x͢{ϣ~УϥϤΥϦͧΧΧΨΨΨΩΩϪЫЫϪΩͨҧϢ}͛qɓdŌYP~K{HvAt?r=p;l7j5n9u@RVTPKyDvA|G^ɟuױ͹tCwDtAp=wBTПg۪r٨pԣkǕ`MuBr?tAsBs>t?t?u@u@u@t?t?r=r=r=r=qt?u@vAvAvAwBxCyD{F|G~I~IJLOQRTVÍXƐ[Ȓ]ʓ`ʕb˖c˘fΛiНkϞnΝoΟsѡwϞrĐa~Ip8e0e0e0i4xCQTQTTUŒWĎYŏZƐ[Ǒ\ɓ^ʔ_˕`̖aΘcϙdћfћf͜lΝmϞnϞpПqϠtСuСu͢w͢wͣyΣ|ФϥЦѦΨΨΨΨΨϩͩΪΩϪЫѬѬѬЫϪӪҦΞtʖgƏ\SN}JzEwBt?r=n9k6m8s>LUVRP~IyDzETƗkլ߽θq@uBvCtAwBOȗ_ԣk֥mդlʘcPwDs@r?o>t?u@u@vAvAvAvAvAt?t?t?s>s>s>s>s>s>s>t?t?u@vAvAwBwBxCyDzE|G}HJJLMPRSUÍXŏZǑ\ɓ^̕b̗d͘e͚hϜjўlѠpϞpСuӣyПsÏ`}Hp8e0f1f1n9JTUSUVŒWĎYŏZǑ\Ȓ]ɓ^˕`̖a͗bΘcКeҜgӝhӝhПoПoРpѠrТsѢvңwУwϤyΤyϥ{Х~ЦѧШЧЪЪЪЪЪϬϫϫάϭЮѯѯѯЮϭ֭թҢxΚkɒ_VPL|GyDvAt?p;l7m8q<|GSWUTO}HzEJ^Хz۸ʲmPVUVÍXÍXĎYƐ[WRʔ_˕`͗b͗bΘcКeҜgӝhԞi՟jҡqѡqҢrӢtҤuӤxҥyҥyЦ{ѧ|Ҩ~ѨҨҪӫӪҬѬҭҬѮѮЮЮЮѯҰӱԲӱӱҰְիҥzΝmʕbÍXRM}HzExCwBs>n9m8p;zESŽYVVSK{F|CVțoկĪпn=m:n;uBzE|GIPRWWN|I}J{HuDu@vAwBwBxCxCxCxCwBwBvAvAvAvAu@u@vAvAvAvAvAvAvAvAxCyDzE{F}HJKKOPQRSVŏZȒ]ɓ^˕`ΗdΙfϚgϜjўlӠnӢrѠrңw֦|ҡuÏ`|Gp8i4i4j5wBTŒWUĎYŏZŏZƐ[Ȓ]V?( Z͗b͗bΘcϙdћfҜgԞi՟j֠kѡqҢrӣsҤuӥvҥyӦzӦzҨ}ө~ҪӪԪԬխլӮӮԯԮӰӰҰҰҰӱԲճִִճԲױ֬Ӧ{Пo˖cĎYSN|GzEzEzEvAp;m8n9yDSÏZWXUL{Fy>P”eΩ۾̻p;r=s>r=qxC|G}H~I}H|G}HKM{I\4zExCvAxC{F|GzE{FyDxCwByDyDyDxCwBxCyDyDzEyDyDyD{F{F|G}HJLMNOQTVWŽYő\Ǔ^Ȕ_ʖa͙dМgҞiաlؤoڦqѢv֨yצx֥u֣qȓ`{Fl7n9i4p;NÏZÏZÏZǓ^SsU6Oa[?/МgНeўfҞiӟjԟl֡nעoעp֤v֤v֥wզzը|Ԫ}ժԪ֫׬׬جخٯׯذױװױױز׳سسմֵֵ׶׶׶׶׶նֱԬҤuΜhɓ^UQL|GxCxCvAs>qt?s>~IVȔ_Ȕ_Đ[VSOLPƕcԪܽμ}H~I~I|GzEyDyD{F{FyD{FLOPSsK<*wBzE}H}H|G}H~I}H|G|G|G|G|G|GzEzE{F|G|G|G{F{F}H}H~IJLNOPRTVXŽYĐ[Ǔ^ɕ`ʖa͙dМgӟjաlףnۧrݩtר|ت{۪|ݬ|\F1mO2X0{S+zS,xQ,uQ.F3'3&.8WXXWY_GD3"Ԡkԡiբj֢mףnأpڥrۦsۦt٧y٧y٨zة}ث׭حخگ۰ٰڰڳ۳ٳڴٴڴڴٶڶٷٷٷ׹غغٻٻٻٻٻڻ۶ذ֨yҠl̖aÍXSN~IzEzEyDu@t?u@s>zERȔ_̘cǓ^XWSLMZ̢uٶ˵JKLLKKLMMKLQTSU^G_:3#p@~I}H}HJJJ~I~I}H}H~I~I{F|G|G}H}H}H}H|G~I~IJKMOPQSUXÏZĐ[ƒ]Ȕ_ʖa̘cΚeҞiԠk֢m٥pܨs߫v٪~ڬ}ݬ~b,**+=>L__ZW V VVZa>nS7աlբj֣kףnؤo٤qۦsܧtܧuڨzڨzک{٪~٬خٮٯٰڱڱٲ۴ڴڴ۵ܷܶڷ۸ڸ۹ٹںغٻٻڼڼڼڼڼۼܷڲت{ԢnϙdƐ[WQL}H|GzEvAt?u@u@xCOǓ^Κeʖaő\Đ[VOJTɛkձȭLMNOPQRSSRSVWWXoQ@X^NwD}H~IKKKKJ~I~IJK|G}H~I~IJ~I~I~IJJKLNPQRTVŽYĐ[ő\Ǔ^ʖa̘cΚeМgӟj֢mؤoۧrުuwګݯு5)E`]][Z ZYXXXYYWW]\ҟj֢mפlפlؤoڦqۦsܧtݨuީwܪ|ܪ|ܫ}۬ۮڰ۰۱۲۲ڳ۴ڵ۵ܶ۷ܹܹܹۺܺۼۻܼټټڽ۾۾۾ڽڽܽݸ۳٫|գoКeȒ]‹XSN~I}H{FwBu@u@wBxCLÏZ͙d͙dɕ`Ǔ^YPKPŖcҬĥԼOOOPQSTUTVWWŽYĐ[ő\X@)Q^_Xd:JJKLLK~I~IJL}H~IJJJJJJKKLMOPRSUWÏZő\ƒ]Ȕ_˗b͙dϛfѝhԠkףn٥pܨs߫vxګ߱qS2ZWXZ[\^^__^^[X\]"kQ6ףn٥p٦nڧoۧrܨsݨuߪwxy߭߭߮ޯޱݳ޳ݳ۴ܵܵ۶ݸ޸ݹ޺ݺݺܻݼܽܽݽݽ۾ܿܿ޿໙ݵۭ~֤pКeǑ\WSNJ~I|GxCwBwByDzEKV˗bϛf͙dʖaZTNN]ͦzܾϳRQPPQRSTSWŽYWŽYǓ^[:+D[^^_] &{W2~IKLMK~I~IJL~I~IJKKKKJKLLMOQSTVXÏZő\Ǔ^Ȕ_˗b͙dϛfҞiաlؤoڦqܨswyګթ}.$0V VY _##a((e++f++f--g//h//h ` XZ^_RA1$ԡl٥pۧrۨpܩqݩtުuߪwyz{ᯁᯁᰂᲆೇߵൊඋݶ޷޷ݸ޹߻߻༘޻޻ݼ޽ܽݾ޾ܾ§§§§Ἒ޶ۭ~֤pϙdƐ[VRM~I~I}HzExCzE{F{FJTɕ`Мgϛf˗bÑ\VNKXʡtٹɫRSTSTVYÑ\XYZÑ\œ^Ǖ`_ S^^^^_TV>%NLKKLMMLLLLLLLLLLLMNPRTUXZÑ\œ^Ɣ_Ǖ`ɗb˙dПgҡiգnզpקsڪvݮz߰}ᴁiT>7X[##a22j::o==q>>r==q<>v f^ [ ZZ^P1#VUTSSSSSSSSUUUVWXYZÑ\œ^ɗb˙d͛fОiӡlգnاo۪r߭xqN )U]]^^[ZXV UUVVX[aI(bܪuݫv߭xzz{}~嶀緃縄縄蹆纇鼉罎罐罐迒鿔–œĞĠĠĢǤȥǦǦȩɪɬʬʯʯ̰ͱͱββββͱǦ俙⺊|եkОd˗bď]TRPNMLKJJ~I~I~I}HKTĒ]ʝjѡmѠhϚa˖]ē[ʚfתwğ͛fΜg͛f̚e̚e͛fϝhҠkҠkӡlӡl[ I^\ \##h;;vMMSS99t!!f`_[ Y[asGVTUUUUUUUUWWWWXZ[Ñ\Ñ\Ɣ_ɗb̚eϝhӡl֤o٧r٨pݬtaL5> WVYZXW V V VUVVV[^`A/$cެwݫvެwy{{|~絀嶀縂鹅麆麆軈鼉뾋鿐辑羑迒–Ę˜œÝşƢšţȥɦȧȧɪɪɬ˭˰˰ββϳддддϳǦ俙⺊߲yզiОd˗bď]VSQOONMK~I}HJK~I|GMTʜlѢnӢjӞeϚaȕ]ȘdԥrԽɚdʛe̝g͞hϠjСkСkѢlԥoӤnfEW][`//o<>{22r))l!!hc`]YY["#WZZWUVVTUXXXYYZ[\“]Ŗ`Ɨașcʛe͞hѢl֧q٪t7*BYVVV VYYX W VVX^bP#+ {];Уnܭw۬v߰z{|}~嶀淁縂縂踄鹅渄klNpZCq[DSD2\L97."L?0meWnsmqwnsymoxivmaa__^~`dkquiz}izselbek`oreVL;oQ6wPUUSQQPOMJKLLLLMMWǙc͟i͟i̞hɛeʜfҤnᵐвѢlңmӤnզp֧q֧qרrרrةs٪t٪tϢobM<8I BK))q''l**n..p((m$$i geaYY^ YSŖ`Ŗ`[XWVTTWYYYYZ\Ô^ĕ_ǘbșcʛe̝gϠjңm֧qP?2D]XWWWVVXY[]]`R*e;N“]֧qݮxݮx{|~嶀縂蹃麄ۮ{\qZA& 2(cdVSeb ?/tFRQPONLLLLMNMMO[ɛeϡkТl˝gʜfϡk߲̭զp֧qרrةs٪t٪t٪t٪t٪t۬vܭwܭwګu٪tXx^A1') 8EW""i!!eecaYZ^VqLѢl̝gƗa\ZWTUXZYYY[“]Ŗ`ǘbɚdʛe͞hϠjѢlѣm_J>\`\ZZ[YZ^^`]O6@/j=JMQ“^ӥpݮxޯy|Өuje]iT,-) ,-)ZWJj8KN5(tFQONOMLMOONMKTŗaϡkѣmΠj͟iϡkݰɧةsةs٪tګuګuګuګuګuګu۬vܭw۬vګu٪t۬vܭwԦqc\kI :` c d_ X[^UnL۬vӤn͞hǘbÔ^ZVVY[ZZ[\ĕ_Ɨașcɚd̝gΟiСkңm}U-]^^]]\]^b]94)@mS>e>sT3b9`8`8fzGJIotq JMKrwtcfdTWU&'&mqoMPNz~{UXVÿ adbw|yDGF !"!NPNEHF698[_]*-,blDYXXZ\“_̝iרtݮzݮzܭyܭyݮz㳃ʤ䵁㴀~~~}~䵁嶂嶂淃淃縄蹅麆껇뼈q,`>q7DEo*33c`~Qfhat4_^^^PKTSY^\8:9]`^}~||++*\_]-/.qur\_]=@?bfcMPOSVU+-,ILK*,+%&%jom W[Y)*).10ntr|~x~|sywu|{¾1%ZZ[^Ô`ɚfңo۬xޯ{ݮzݮzޯ{ޯ{涆ͧ嶂㴀~~㴀㴀~䵁嶂淃縄縄縄麆껇뼈콉ÐÐѬ'^VrUhhIPJa~[qyH^^^_Kv{rzx@B@aca675 QSR*,+JMKVXV*+*;==QSQ_a`%''pwuOWV8*[\“_Ɨcʛgԥqܭy~}}㴀~鸊Эᴁⵂⵂⵂ㶃䷄䷄䷄㶃䷄帅纇軈꽊뾋쿌ŽÏĐĐĎĎ߷$8\S?T_r k8DDe-99)[^^^`.1:txuKMK-/.TVTtvsnpmz{x>>=fignrohjh ]a].I@BE0%]•bėdŘeɜi֩v߲ೀݰ}߲ೀ߲ⵂ廌ѭ㶃㶃㶃䷄帅帅帅湆帅帅湆軈鼉꽊뾋쿌ÏĐĐőƑƑḇ#>]V(5G>=6 #"aG\^ )67#_[]^^;?8:<:-.-))(wxu_a_VWU--,'&%~|}|FHG`b`669}%&)¿(`Řeƙfǚg͠mثxೀᴁޱ~ೀᴁ߲ᴁ漍Ү帅帅帅湆湆纇纇軈軈軈鼉꽊뾋쿌쿌ÎďŐƑǒǒȓɔ⺋#>]Z +M8,-;=%[WZ^^:>7cebPQOvvs''& WYWfCGF¿þ;-ÖcțhǚgɜiӦsܯ|ⵂᴁ߲ⵂⵂ߲ᴁ迒԰湆湆纇纇軈軈鼉鼉뾋쿌쿌쿌ÐÐđŒƓǔȕȕɖ˗⼏$?]\QXRixrg[lh.\YX_V;>8781 )W8}~rw>Ff:Bt;D`GQJToofCƙf˞kɜi̟lثxᴁ䷄ⵂೀ㶃㶃ೀⵂ•״纇纇軈軈鼉鼉꽊꽊ÐÐŒŒƓǔȕɖʗ˘˚˚⽐#@]^0^uu,1./61H_\V_?;?9STe>?>BE=-0$/1&/1&,/% K Z LYT),'Vțh͠m˞kУpݰ}䷄湆㶃ⵂ帅㶃ᴁ䷄ƚڷ鼉鼉꽊꽊뾋뾋쿌쿌ÐđđđđŒŒŒǖȗȗɘʙ˚̛̜͜͝⾔#7[_8E;0`{b/>@z!L!!b _ W _=:?9CGE.123Zhf%& cɜiϢoϢoըuⵂ帅纇䷄䷄湆㶃ⵂ纇ɝܻ쿌쿌쿌ŒŒŒƓƓǔǔȕɘɘʙ˚̛͜ΝΝΡΡ",Y_HsέubNdnh6AB +-t  `))e&&dX _=:@;w|DJHpusx}KPNY]\LQO^ebdkhXZYGHGYYX554NON565JLJ>@?###777ILJM dOY[C9O]I?Kq{oyaD˞k˞kѤqըuܯ|湆湆纇湆湆纇㶃㶃뾋ˡ޽ÐÐđđŒŒƓǔǔȕɖɖʙʙ˚̛͜ΝϞϞУѤ™"-Y_GVJAӭҨ⾕u{_OMCBPOFY]H\^6?>Zuz +^//i++gX _=dmj'**nxv5:9pyvowtEJH^dbOTR475U[Ys{y]cb=A@Z`^;?>dki/10inladbbeb./.bdbSUSEGF figRUT..6cRflgT\AOG]`TĚiϢo͠mҥrثxೀ鼉帅軈湆纇纇㶃䷄̢ÐЏÐÐđŒƓʔʔ˖˖ʗ˘̘˚ϞϞϞРРУУѤѩҪĞ#.Y^WG<:ծӫΡɘ伈޶ԯڱ`UCw B`//j,,gW ^=;C=_igNVSX`^@FE@EDMTSU^\IPN}r}z=CA,10cnkclj*-,clj^ge054JQP(+* ""pzxJOMLQPU[Y033\_]')(otsgkj=@>DVpv &C^  L}krNˢqˢqɠoͤs׮}ḇ潌輇齈细庇缉⺆今ÒѮŒŒŒŒƓƓǔȕʕ˖˖˘˘̛̛͜ϞПРѡУѤҤѥҪӫş#.Y^_װԬУ˚đ澊จܶqRH`dHWSD''e--i,,g W]=:A;s~{NWUOWU="&%5T^`A~֮ҥ͜Ɠ伌vbIi*''b++g((e((e W^;_ic^gdYb_JQP$&#}A6"^G1|<%.Va7,̣rͤsΥtΥtѨwٰ㺉羍羍轊꿌缉㺉今⺉澎əغ̛̛̛̛̛͜ΝϞΝΝϟРУҥӦӧԨԨԨժժխխխ֯װԭfXIN^^bH>3խҥ͜ƓŢyAMLdxv 11l&&d''e))f W];wQZWGNL'+*=DB]fdCHGagedki[caV^\@<Oy\K;g {"y  FT{_v{.*"dΥtЧvЧvЧvӪy۲弋羍龋潌今伋㻋͝͝͝͝͝ΞϟϟРРѡУѤӥӧԨԨժ֫֫խ֮װװװ׳׳شwH_^b׹Ѥ͜ƓI@3!'(C22m!!b))g--h W^*}wy\cb t|fdL}F   ?#cz|;HERB.ˣsѨwҩxӪyԫz׮}߶迎羍翋羍伋彍㽍ėѤϟϟϟϟРѡҢҢҥҥӦӧԨԩժժ׬֮֮ׯװر׳شششٵβ*a^`6r\ҥ͜Ñ4+^\Q..k..j_--h''f VZ 1oSwOONM[ wA Xnm/&ҩxԫzլ{ҩx֭|ڱ߶弋‘‘羍羍迎彍澎濒ǚ֩ѡѡѡѡѡҢӣԤӦԧԨԨժժժԬ֮ׯׯررششششٵٵٵG>;_^^^#HմΝiNKI>_uo G<GX[(+F_SyubD^I%#`EfWndEG>şpӪy֭|د~Ӫyٰ߶弋Ŕ‘潌羍翏澎忏ɜڬҢӣҥӦӧԨԨԨժ֫֫׬׬׬׬׬ٲٲٲڳڳڳڳڳڷڵٵٵ©;b^^\ g9<7!"33l88r a]22k^Y)w@HRRzQFDuk3 _rnhԬ|խ}խ}խ}խ}ܴ彍ÓÓ澎羍Ž•ϤݶӣӣӦӦԨԨթժ֫֫׬ححح׬׬ٲٲٲڳڳڳڳڳڵٵٵٵڳLB>O^^b%}e~ !@AAz++h]]++g YV , i6:=d?uYg5] c~{dIԬ|խ}֮~֮~֮~ٱจĔĔ’Ö迎Óřѩ߻ԧԧԧթթ֫֫֫׬׬حٮٮٮححٲٲٲڳڳڳڳڳٵٵٵڳٲ̦.'0D`8L\[%4::n66p`[_aYP5?;v}whiaZ[THHA>90IB6g_Pupbxvivp`\QAE<0?8.>8-?8-?9.?8-?7->7.=7->8.>7/OF:LD8F?4F?5JIAJ^_{CLD"&qeSfW6^6;NNnY@խ}֮~֮~ׯׯׯจ彍ÓƖƖĔ’’ė‘Öɞ԰ըը֪֪׫׬ححححٮٮگگٮٮٲٲٲڳڳڳڳڳٵٵٲٲذذǟK@8oulE[^&$J>>w&&e[Z][^KF9|bb|Z`acrֲĖÔɚɚǙǙțɛʜʜʟˠˡ̢ͣөѪѪΨγnXOC;:4OWTTaa9JNOineſ <FKZz+6`,^||^L7֮~ذذذذٱڲ澎ŕǗƖĔӒ֒řͤٶ֪֪׫׬ححذذحٮٮگگگگٮٲٲٲڳڳڳڳڳٲٲٲذذح׬֫]P?DUW=QU"<Dvdn~5Wki4*ʤwذڲڲٱڲݵ߷’ĔƖǗŕĔӒ••ǜϫܽ׫׫׫ححذذٰحٮٮگگگگگٲٲٲڳڳڳڳڳٲٲذׯح׬ܽp_L@OOYw| !((g88qa\ WZ^B ˩޶֮~֮~Ԭ|խ}۳翏Ș̜ʚΞϟРѡѡҢԤ֦ըը֪׫׬حٮذٲڳڳڶ۷۸ܹܹ޻޻޼߽޿Զî{jocUQH>PG=T]ZrO]Rfg 91><6, ^ذڲ۳ڲڲܴจ伌ƖƖǗƖŕĔÓӒ’’ėʢԲ׫׬ححذذٲٲحٮٮگگگگٮٲٲٲڳڳڳڳڳڱٱذح׬r;=9Qkpn((V**h$$d[[^U)2)$u伌ׯխ}ׯ֮~ڲ伌Ǘ͝͝͝РРѡҢҢӣեبש֪׫׫حٮٱٱڳڳ۴۷ݸܹݺݺ޼߽߽޿ټϳͷ|oROH;HHYie3i=Jzw||{yXٱڲ۳۳ڲڲݵ伌əəȘǗƖŕŕŕÓÓŕȜϨٺ׬׬ححذٰٲٲححٮگگگگٮٲٲٲڳڳڳڳڳٱذذΥvfQ /?A Q^_ Z [P8!vZǗĔ߷Ԭ|Ԭ|֮~ׯ߷Ó̜ΞϟРРѡҢҢҢӣ֦ب֪׫׫حٮذٱٱڳ۴ڶ۷ܹݺݺ޼߽߽߽ѵʼJOKcmYkd[s7-!ڲڲڲ۳۳ڲڲ޶澎Ĕ˛ʚəȘǗǗǗƖÓŕƙ˟ҫܽذذذذذذذذٱٱٱٱٱٱٱٱٱٱذذذذذׯججɠ1.(D[`k43-aR?xWI8 "/"?'"<% :!<:16MA2u˝ʜĖݹձӯ԰ϫ}ڶĖ̞Π͟ΠТѡѡѤҥԨթ֪֪٭٭٭گگ۲۲ܳݴܵݶݶ޹޹޻޻ʬlMQJs.*"u׳شٵֲֲٵ۷޺”̞țțǚƙŘŘėėÐđȘ΢״ٱٱٱٱٱٱٱٱٱٱٱٱٱٱٱٱذذذذذׯׯׯججŨ4AAPkqPjnxw|rfkbnaMfzӳȚƘ߽ӲӳԴӳӳӲȚ˝ʜʜǙ㿑ڶ԰ӯձش༎Ƙ͟ϡϡѣӥҢҢҥӦԨ֪֪׬٭٭گگ۰۲ܳܳݶݶݶ޹޹޻޻޻̨k/-'MXT7HFyZ׳شٵڶششڶݹ⾐Ƙ͟țțǚƙƙŘėėőƕʚѦٶگگگگگگگگٮٮٮٮٮٮٮٮٮٮٮحححح׬׫׫ʠѲۻ̡Σ̟̟̞ʜɛȚƘĖÕĖŗƘƘȚʜ̞˝Ǚݹֲ԰ձ׳ĖʜΠТҤԦէӦӦԧթ֪׬ححڮگگ۰۲ܳ۴۴ݶݶ޷޹ߺ޻߼߼۲جØn=5)geUĸiul-%׳شٵڶ۷۷ڶ۷༎ŗ˝͟ɜțțǚƙŘŘėƖȘ͠Ԭ޼گگگگگگگگٮٮٮٮٮٮٮٮحححح׬׬׬׬֪֪֪թԨӧӧҦѣΠ˝ʜɛȚƘŗÕĖƘǙȚɛʜ˝Ț”޺׳ձֲڶݹʜ˝͟ТҤԦէէըը֪׫׫حٮٮگ۰۰ܳܳܵܵܵ޷޹ߺߺ߼߼ݶ׬Ӧ̞ʜƘˬs`I>4'@8, eڶڶ۷ܸܸݹܸݹʜΠ̞ɜɜțǚǚƙŘŘƙʝѦرڮڮڮڮڮڮڮڮجججججججج׫׫׫׫֪֪֪֪֪թթԨӧҦҦҦТΠ˝ɛɛȚƘŗĖŗƘȚɛɛɛȚ”὏ڶձֲܸ⾐”ΠΠТҤԦէԦԦ׫׫׫حٮٮٱٱ۰۰ܳܳܵܵݸݸߺߺߺ߼߼۲ըУɛȚĖ὏ݹem[EKC5=NNqi1* صܸ۷ܸݹ۷ݹ޺༎Ė͟ϡ˝ʝɜɜțǚƙƙŘǛ̡ӫ۸٭٭٭٭٭٭٭٭جججججججج׫֪֪֪֪թթթթթԨӧҦҦѥѥϡ͟ʜɛȚȚƘŗƘƘǙȚɛȚƘÕ༎ܸش׳۷⾐Ƙ˝ϡТѣӥԦէէԦجججٮگٱٱ۲ܳܳݴܵݶݸ޹޹߼߼ܵ׬Ҥ͟ȚƘ”㿑὏὏༎ݹղt]N;EY]huX޺ݹܸݹ޺ܸ޺὏”ɛϡΠ˝ʝʝɜțțǚƙƙɡϧر٫٫٫٫٫٫٫٫تتتتتتتتששש֨֨֨֨֨ԨԨӧӧҦѥФФϡ̞ʜɛȚȚƘŗǙǙǙȚȚƘ”㿑۷۷ڶ۷߻Õ˝ТѣҤӥӥԦէ֨ש٭ٮٮٮٱٱڳڳݴݴܵݶݸ޹޹޹߼߼߽ݸٰըТ̜Țŗ⾐㿑㿑⾐὏߻޺޺ϭz\<2&EF?s{Ѱ޺ݹݹݹ߻޺߻ɛТТΠ̞˞ʝʝɜțǚǚƙ̥Ӭܷ٫٫٫٫٫٫٫٫תתתתתתתת֩ըըըըըԧԧԨԨӧҦѥѥФФΠ̞ʜɛȚȚƘŗȚȚǙȚǙĖ㿑߻ڶ۷ܸ޺㿑ŗ͟ҤҤӥӥӥӥէتڬٮٮٮگٱڱڳڳݴݴݶݶ޹޹ߺ޻߼޻۴׬ӧϟ˛ȚĖ⾐㿑㿑὏༎߻޺ݹݹݹѯq|]aٶ޺ݹݹ޺߻༎༎ÕΠԦѣΠΠ˞ʝʝɜțǚǚǚϨձ߼ححح׬׬֫֫֫֫֫֫ժժժժժժԩԩԩԩӨӨӨҤҤҤҤҤѣТϡ͢ˠɞȝƛƛƛƛŚŚƛŚØ⿔ݺٶܹܹ޻ɞϤҧҧԧԧ֨թ֪׬׬حگگ۰ڲ۳۴ܵܵ޵ݶ޷޷޺޺߼߼߽ܺٵׯԩТ˛Ȗ——⿔ᾓᾓདྷ޻ݺݺܹݺ޻߼དྷݺདྷདྷݺ޻ᾓᾓ޻߼Ę͡ѥѥ΢̡̠̠ʟɝɞɜə˛РҨٵحح׬׬֫֫ժժ֫ժժժժԩԩԩԩԩԩӨӨӨӨӨҤҤҤҤѣѣТϡ̡ˠʟȝǜƛƛƛǜƛŚØདྷݺ۸ٶܹ⿔ƛ̡ѦӨӨԧԧթ֪׬׬حׯگ۰۰۳۳ܵܵܵݶݶ޷ݹ޺޻߼߼޼ܸزԬѦΠəƖ——⿔ᾓᾓདྷ޻޻ݺݺ޻޻དྷདྷ߼དྷ߼޻޻དྷདྷ߼–ȜϣӧҦϣ̡͡͡˞ɝɞɜț̜Ѡխܹ׬׬׬֫֫ժժժժժժԩԩԩԩӨӨӨӨӨҧҧҧҧѥѥѥѥФϣ΢΢̡ˠʟȝȝǜǜǜȝƛęᾓ޻ݺݺڷ߼Ś̡ѦӨӨԩ֨թ֪׫׬حذذ۰۰ڲ۳۴ܸܵܵ޷޷޷޺ߺ߼߼߼ݹڶԮШΣʞǙŗ——⿔⿔ᾓᾓ߼߼߼޻߼߼དྷᾓདྷ߼޻߼߼߼དྷʞ΢ӧԨҦФ΢΢ΡʞɝɞȝȜ͟Ҥڳ׬׬֫֫ժժԩԩԩԩԩԩӨӨӨӨӨӨҧҧҧҧѦѦФѥѥѥФϣ΢΢ˠˠʟɞȝȝǜǜŚę—⿔޻ݺݺ޻߼Ø̡ҧԩԩԩժ֪֪׫ححذٱٱڲ۳۳۴ܸܸܸܵ޷ݹ޺ߺ߼߼ܵرҪ̤ʟǛřח—⿔⿔⿔ᾓདྷདྷདྷདྷᾓᾓᾓ⿔޻޻དྷདྷ߼⿔ŚѥӧթԨҦϣ΢΢Ϣ˟ɝɞȝȞΣӨܹ׬׬֫֫ժժԩԩԩԩԩӨӨӨӨӨҧҧҧҧҧѦѦѦХХХХХϤΣ͢ˠˠʟɞȝǜƛƛདྷ޻ݺ޻དྷƛˠҧժԩӨժ֫׫׬حٮذٱڳڳ۳۳۴ܸܸܵݸݺ޺޺ߺ߼߼޻ڱ֭ϧʢǜŚÙ———⿔⿔⿔⿔⿔⿔⿔ᾓ⿔߼߼⿔⿔⿔ęˠթ֪թӧѥ΢΢͡ϡ̞ɝɞɟˣѨװ׬׬׬֫֫ժժժԩԩԩӨӨӨӨӨӨҧҧҧҧѦѦѦХХХХϤϤΣ͢ˠˠʟɞȝƛęęདྷᾓᾓདྷ޻߼⿔—Σҧժ֫ԩԩ֫حححٮٱٱڳ۴۴۴ܸܸܵܵݺݺݺ޺޻߼߼޹ڶ֫Ө͢ɞǜĜ›ØØؗ———⿔⿔⿔—Ś̡ҧ׫֪թҦФ΢΢͡П̞ɝɟʣ̦ԯܷحح׬׬֫֫ժժԩԩԩԩԩӨӨӨӨӨӨҧҧҧҧѦϧϧϧϧΦ̤̤ͥˠˠʟɞǜŚØདྷᾓᾓདྷ߼⿔ƛˠӨժ׬׬ժժ׬گٮٮٱٱڳ۴ܵ۷ܸܵܵܵݸݺݺ޻߼߼߼ߺ۴װԧѤ̡ɞƞŝܜęęØØØØØؗ———⿔⿔—Ø—ęʟӨحج֪թӧѥФϣ΢ϟ̜ɜʠˤϫ״ححح׬׬֫֫֫ժժԩԩԩԩӨӨӨӨӨӨҧҧҧҧϧϧϧϧΦ̤̤ͥˠˠʟɞǜę⿔⿔ᾓདྷདྷ—ˠҧԩժ׬׬׬׬ٮ۰ٮٱٱڲ۴۴۷۷ܸܸܵܵݺݺ޻޼߼߼߼ݹٲխӦУ̟ɞǟƞĞÝęęęęęęęꗗØØؗ⿔⿔ęŚØŚΣ׬۰ج׫թӧҦѥФϣϟ˛ɜʠ̦Ьٶٮٮٮحح׬׬׬խխխԬԬӫӫӫӨҧѦХХХѦѦѦҧҧҧѦϤΣ͢ˠˠʟȝƛ—῔߽—῔޼ȝϤӨժ׬׬ححٮٮگگٱٱڲڳ۴۴۷۷޵ݶ޷޷ߺߺ߼߼߼޷ܱ׫ӦϤ͢ʟȝƛŚƛƛęęęęęęęęØŚƛŚØ——ØꗗȝХح۰۰֪թԨӧҦФϣϣ˥ȡɝ͠Ҥת޵ٮٮٮححح׬׬֮֮խխԬԬӫӫԩӨҧѦХѦѦҧХѦѦѦѦХϤΣ͢ˠȝŚØ———῔Ś̡ҧժժحححٮٮگگگڲڲڲ۴۴۷۷۷ݶݶ޷޹ߺ޻߼߼޻ݶگթҥΣ̡ʟȝƛƛƛǜƛƛƛƛƛƛƛƛęŚƛƛŚęŚƛęŚȝϤ֫گ۰گ׫֪թԨҦѥФϣͥʠʞ͡ҧװ޺ٱذذذذׯׯׯׯׯ֮֮խխԬԬԩԩӨҧҧѦҧҧХХХѦХХϤϤˠɞƛę—Øęę῔—ǜ͢ҧժ֫׬ׯׯذذٱٱڲڲڲڲ۴۴۷۷ܸܹ޷޷޷ߺߺ߼߼߼޼ܹڳ֮ӧФ̡ˠɞǜƛƛǜǜǜǜǜǜǜǜǜǜŚƛǜǜƛƛǜȝĜɡШׯ۳ܴڲذح׬֫ԩҧѦϤϤͣʠ˟Х֯ܺٱٱٱٱٱذذذذذذׯׯ֮֮խ֫ժԩԩӨҧҧҧѦѦѦХϤΣ͢͢ƛƛƛŚŚęؗęɞϤӨ֫׬׬حذذٱٱڲڲ۳۳۴۴ܵ۷ܸݸݺݺ޷޹ߺߺ߼߼߽ܹٵװӫХ΢ʟɞȝǜǜǜǜȝǜǜǜǜǜǜǜǜƛǜȝǜƛƛȝɞȠΦܴ֮޶ܴڲذح׬֫ԩҧХϤΣ΢˟˟ϦӰٺزززززٳٳٳڲٱٱذذׯׯׯ׬֫֫ժԩӨҧҧӨҧѦϤ͢ˠʟʟŚŚŚŚŚęęę̡Хժ׬׬׬حٮٲٲٲڳڳ۴۴ܵܵܵ۷ܸݸݺݺ޻ߺߺߺ߼߼޹ٵ֯ԭѩΣ̡ɞɞȝȝȝȝȝȝǜǜǜǜǜǜǜǜȝȝȝǜƛƛȝɞΧӬڳݶݶ۴ٲر֮խԬҪѩϧΦͥΡ˟Ρԫڷزٳٳٳٳڴڴڴ۳۳ڲڲٱٱذذحح׬׬֫ԩӨҧԩҧХ͢ˠɞȝǜɞǜęØęǜʟ͢Ө֫حٮححٮگڳڳڳ۴۴ܵܵܵݶܸܸ޹ݺ޻޼޼ߺ޻߼߼߸ܵװӬѩΦ̤ʢʟʟɞɞɞȝȝȝǜǜǜǜǜǜǜǜɞɞɞȝǜȝʟ̡ծر۴ݶ۴ڳٲٲ֮խԬӫҪѩШϧϣ̡У֫ܵٳٳٳڴڴڴ۵۵ܴܴ۳۳ڲڲٱٱحٮٮح׬ժӨҧҧѦΣ̡ɞȝǜǜɞǜƛƛȝ͢ҧժ֫׬ٮٮٮٮگ۰ڳڳ۴۴ܵܵݶݶܸܸݹݺ޻޼߽߽߼߼߼ݵٱԬѩΦͥˣʢˠˠˠʟʟɞȝȝɞɞɞɞɞɞɞɞɞɞʟʟʟ̡Ϥҧ۴ܵݶݶ۴ڳٲٲدد׮֭֭լԫԫիҦѤѥѦΨЭұ׽ٳٳٳڴڴ۵۵۵ܴܴܴ۳۳ڲڲڲٮٮٮٮ׬ժԩҧХϤ͢ʟȝǜǜǜŚƛȝˠϤӨ׬ٮ֫׬ٮگ۰۰۰۰ڳ۴۴ܵܵݶݶݶܸݹݺ޻޻߽߽߽߼߼߼ݲذӫϧ̤ͥˣˢ̡̡ˠˠʟɞȝȝʟʟʟʟʟʟʟʟȝɞʟˠ͢ϤӨ׬߸߸޷޷ܵ۴ڳٲررررװװ֮֯֯ԫԧ֨ըӧҫկܵxca-RELEASE.2.5.0/img/done.png000066400000000000000000000007621450407711300155660ustar00rootroot00000000000000PNG  IHDR IDATxQY m۶m۶m۶m}a=}VxUB2l1C#c6,NX(kHdn3\L!Wg`5q'}θ'Mڏ+m9*Õ -Ѓ DQ7aְh{ID9>HidR'}l5{n;;IL4'.zh|'.\GVo %T}Iw&%b2Ѝ4& j)ioeF9g_"x6" p ;k(FmY!W]R]Q= Q҅FGxU˪]  o *>r4#DY)HF+ֱj)L,"i-V$q%&UJs^Q˔ !B=)OLY,ʠsfIENDB`xca-RELEASE.2.5.0/img/halfkey.png000066400000000000000000000032751450407711300162660ustar00rootroot00000000000000PNG  IHDR(FIDATxV m۶mmm۶mF[PZsQʔU.2MGG홙畕pU4NiLL񍍍mmm===)uuu[mb>|*Z^^ Ԡ--- ɊλyzJlE7Օ r;_y7H_qq1222P %@5AeL>11֢"#HoMW_} IIIʚ/{1_b 1 YV^\9<O>ALI~WWjj_D^^d{tϞ=EEEB\ t4/ʅ"H$R^zm5Vv~AT/ȿQ8C .PJ?%%%w`nPmO?4a#*QYチTH*#iH%%}1Rc~ڿ_#<}矝lͼ^]_[;~[jT:L_ZZ*Q 凇{M ouuaJADޙgACc<_#:p'N^ݷg>;񵩩)LOOcvvv}~~ ϛFFF%A-[<]R9A-ETlSS*χNy-I1د G.Grtuŀ&41hf%#q#-->}-͠WtwO7z1M-'wgZfsᠻNNNHLsρr$Z+-y+I8I8q(l184abll ~PÌ*bqqD{zzMK.y - Ɋs5 p <2V {.Eji:=-h#-%68a``CCC1J4m۶=ʝ!!BN $hk Փ`fm0|n[aw UO('WOr ۷k(UTTn *.@b"'N3/`0EGrr pvqD D$(RwN'vp{饗~Lv _~y]wHNRrJkFkEjZ+xOyU't-Vb%hO}>lR(P/IENDB`xca-RELEASE.2.5.0/img/imgres.qrc000066400000000000000000000020551450407711300161250ustar00rootroot00000000000000 xca-icons.iconset/icon_128x128.png done.png warn.png bigcert.png bigcrl.png bigcsr.png bigkey.png bigtemp.png bigscard.png netscape.png crl.png halfkey.png invalidcertkey.png invalidcert.png key.png scard.png reqkey.png req.png template.png validcertkey.png validcert.png xca-RELEASE.2.5.0/img/invalidcert.png000066400000000000000000000032331450407711300171410ustar00rootroot00000000000000PNG  IHDR(CObIDATx͖t4iE׈5M~۶m۶m۶m۶mLQ69WPBC?~|'WZ KD_lٲi3'W\-͝:mOAv-+4l֨tIM7M.3'_-fzalՊζnM7oD:uԛ;f~7Fڿʍ,y_U*9On-M޾r}Joos6`lVJY[ݡm5jF.h^ܯyf zr9s1{^|ƲOlK51hPYt[@,nVί;|亼~*'On4Ӌ8=\7lDɌޚfͧoFVc2sr7}T :f(JKk`9~+~>@-Kc:]i|.)P~mn!N'DB`4k^x(¥g<~H{?qH$B&HfTZP y|?T|U;ϮU1CH)%>.~ /~Z:omwO;xpDVX2}h9Zywm.ٷo }LMKM߃W`ֹw#cG"a {vC1}@롨 c&pHUG\rg|UKe?]k7ń͛+]T,kg<_8;"ozƃ% qS3Sp>I`P z82p!22D5Xbo_21C*NR$5<~c D9f_x@b̜Lwtr O =y0>Ukš7/^zyP(8cPdh%>ǛyIrO>_|!+t^(rݻϦ8a~ExxiIIicCsXSK  :~݁A+k%YLrap,3x|/>rLe_caFHSa"1wN‘×vM! _|l%aSp q.%Ldx9#ƌp+ԡq bEB pH\ݙ;y{S2x==3Ct4uJ"W2 Oܾs 6M[#ӼysQ˟M1tAnnjNBŊ:^Lwvsy;wѣrG;ܫ1fX?Rqc-)LǏѓ'j͚5/IPNJ} uXl kyOF>7IENDB`xca-RELEASE.2.5.0/img/invalidcertkey.png000066400000000000000000000035101450407711300176500ustar00rootroot00000000000000PNG  IHDR(COIDATx͖x#[F;36mۨ_7k۶m۶m#iJyy3[ѣGf:ujO`׭[p/HOOoߺ _FQh7\0cRD ^]ۖUpU~4-DO7[b/OVw)eɮº{#G7un1]I9N±$֪n?޽~߻QawiKr )x>YQ:[w{<}|%@+ x$X3-[xq>~(!e ,^ "ƤIQ/[w2@`%_/R-odJ`V+,!Hf:ir߸l8崢F,BD !8"Aeeժ+h~O=Lm%Q\Iju4PBi>@Xɓ;x0>nsw(u=82٬J#[a$Aa.(FiZ'L=Ln3PڜmVVmRvHH>4"J)^[bb"E ǀAxt1R{[+oLFz:F*푚mj]Onr .B@˕+ V]ٴySgnIiib*tEWe$K@7dE@ )ZIIRy©RBU oQ`JRR2hZZK19_ t%ʓ+Ȧǧ/BG'Oób(<=k采˗lhhfC2$w8^* 'OH%IINܾ}FN$RIpQ_ ,9'NߺרN)P`pBS1<~ :A||ج9ˇT l.ooe ޑHshBg@Vtݻw[yi^O:RAX i V;SЦmǖݱJ:[#o99gHBܱkٌy)N$Xbq"Bydd kq[`  R-XZ"21&NƏ9Bx՞=| q˥l%$|Giq^3G ؏w b2i=Rɼy;O8wwQt" $|enr[/JIAݑD$ rswo裇ϟG @8X͒?ljFKsTjt8V ߁AӠr%gk=!=hPnnnQt̸itettђU?u*ڤiˆ9rƄ8K`B6X<>y>}=vDj֬(ˎ!Cw=,N2N6?o!;{Xҳ߷FE[ /%2("bN6/a܄_}kYP_ӤiC>|Ą=,;j:NdIENDB`xca-RELEASE.2.5.0/img/key.png000066400000000000000000000023431450407711300154260ustar00rootroot00000000000000PNG  IHDR(FIDATxV@m۶m۶T:۶m۶m~[W6{FWQz=78UlsMxt׮]K޾yf5Ϧ+Yd={ty~|qijg"^x͛7GslSNE۴i3l6ji4 02V M{ Ja3wN:n'AAXNg Z*gZ=dz>dao)C3 ~*zA9sܫ3Ƨ%FQرcPFkFNb(;,aL!"F<#_5X"U `B58&H+{w8l23䱒|$KPණDA rAВQaTddJxKՑ żrΝ3A/,Y2 Ici.TrpRQL, իWW̜93}F{*UPJWBJ6Iۋz%wСcƌz(IPp@arЃN0$U_$|F&444uw8Lȿ$&R-/Ty)#]r%ȑ#P$lyX^I}O,Ydxe}C 7o0 g!ݻw~ Baz8^&. ܭZoHYlZm۶()#B)oqƾWME~䏈H&ː!C5UV8poBgϞu_>dK(Q҃cTJ+רQ={o|4nx`\J!a8@ lATWPR )/&IENDB`xca-RELEASE.2.5.0/img/key.xpm000066400000000000000000000274231450407711300154540ustar00rootroot00000000000000/* XPM */ static char * key_xpm[] = { "64 64 222 2", " c None", ". c #F5F5F5", "+ c #F7F7F7", "@ c #FBFBFB", "# c #CBCBCB", "$ c #ECECEC", "% c #DADBDA", "& c #D5D6D5", "* c #F0F0F0", "= c #FAFAFA", "- c #C8C8C8", "; c #EBEBEB", "> c #F9F9F9", ", c #FDFDFD", "' c #D1D2D1", ") c #F6F6F6", "! c #FAFBFA", "~ c #C7C7C7", "{ c #E9E9E9", "] c #F4F4F4", "^ c #F8F8F8", "/ c #FCFCFC", "( c #E2E2E2", "_ c #BBBBBB", ": c #F1F1F1", "< c #F9FAF9", "[ c #F7F8F7", "} c #C5C5C5", "| c #E1E1E1", "1 c #DADADA", "2 c #DDDDDD", "3 c #D0D0D0", "4 c #CFCFCF", "5 c #F2F2F2", "6 c #F5F6F5", "7 c #C4C4C4", "8 c #F3F3F3", "9 c #DFDFDF", "0 c #DBDBDB", "a c #CCCCCC", "b c #CACACA", "c c #C2C3C2", "d c #DEDEDE", "e c #DCDCDC", "f c #C9C9C9", "g c #C1C1C1", "h c #E8E8E8", "i c #DCDDDC", "j c #D9D9D9", "k c #C0C0C0", "l c #E7E7E7", "m c #CDCDCD", "n c #EFEFEF", "o c #BFBFBF", "p c #E6E6E6", "q c #D8D8D8", "r c #EEEEEE", "s c #BEBEBE", "t c #E5E5E5", "u c #E0E0E0", "v c #E4E4E4", "w c #EAEAEA", "x c #EDEDED", "y c #D7D7D7", "z c #ECEDEC", "A c #BABABA", "B c #E3E3E3", "C c #D5D5D5", "D c #D6D6D6", "E c #AAAAAA", "F c #E4E5E4", "G c #C5C6C5", "H c #C8C9C8", "I c #E8E9E8", "J c #B9B9B9", "K c #EBECEB", "L c #EDEEED", "M c #D4D4D4", "N c #7B7B7B", "O c #D2D2D2", "P c #C2C2C2", "Q c #E6E7E6", "R c #E5E6E5", "S c #B8B9B8", "T c #EAEBEA", "U c #D2D3D2", "V c #8A8A8A", "W c #CCCDCC", "X c #D3D3D3", "Y c #E3E4E3", "Z c #B6B6B6", "` c #888888", " . c #DFE0DF", ".. c #BCBCBC", "+. c #C3C3C3", "@. c #F0F1F0", "#. c #E2E3E2", "$. c #E1E2E1", "%. c #B5B6B5", "&. c #D1D1D1", "*. c #D4D5D4", "=. c #C0C1C0", "-. c #E0E1E0", ";. c #B3B4B3", ">. c #868686", ",. c #C6C7C6", "'. c #DEDFDE", "). c #B3B3B3", "!. c #CECECE", "~. c #858585", "{. c #DDDEDD", "]. c #B2B3B2", "^. c #848484", "/. c #9B9B9B", "(. c #B0B1B0", "_. c #CACBCA", ":. c #838383", "<. c #D7D8D7", "[. c #AFB0AF", "}. c #C9CAC9", "|. c #ACAEAB", "1. c #9C9C9B", "2. c #9B9C9B", "3. c #BFC0BF", "4. c #ADAEAD", "5. c #828282", "6. c #878886", "7. c #6A6B69", "8. c #A0A09F", "9. c #D6D7D6", "0. c #AEAEAE", "a. c #8F908F", "b. c #DBDCDB", "c. c #C7C8C7", "d. c #BEBFBE", "e. c #ACACAC", "f. c #C6C6C6", "g. c #ABABAA", "h. c #888987", "i. c #9FA09E", "j. c #9C9C9C", "k. c #818181", "l. c #929391", "m. c #838382", "n. c #C4C5C4", "o. c #808080", "p. c #CACAC9", "q. c #B2B3B1", "r. c #CDCECD", "s. c #7E7E7E", "t. c #040404", "u. c #989897", "v. c #9B9C9A", "w. c #A9AAA9", "x. c #7F7F7F", "y. c #020202", "z. c #C2C2C1", "A. c #ABABAB", "B. c #7C7C7C", "C. c #797979", "D. c #787878", "E. c #B0B0B0", "F. c #8E8E8E", "G. c #979797", "H. c #BDBDBD", "I. c #767676", "J. c #606060", "K. c #626262", "L. c #656565", "M. c #737373", "N. c #747474", "O. c #959595", "P. c #696969", "Q. c #595959", "R. c #414141", "S. c #4E4E4E", "T. c #6D6D6D", "U. c #949494", "V. c #2F2F2F", "W. c #9A9A9A", "X. c #B7B7B7", "Y. c #727272", "Z. c #AFAFAF", "`. c #777777", " + c #3E3E3E", ".+ c #707070", "++ c #B4B4B4", "@+ c #4D4D4D", "#+ c #101010", "$+ c #939393", "%+ c #B8B8B8", "&+ c #5A5A5A", "*+ c #8D8D8D", "=+ c #666666", "-+ c #6C6C6C", ";+ c #515151", ">+ c #6B6B6B", ",+ c #5C5C5C", "'+ c #999999", ")+ c #464646", "!+ c #A8A8A8", "~+ c #5F5F5F", "{+ c #B5B5B5", "]+ c #7D7D7D", "^+ c #909090", "/+ c #494949", "(+ c #757575", "_+ c #9D9D9D", ":+ c #B1B1B1", "<+ c #A1A1A1", "[+ c #454545", "}+ c #8F8F8F", "|+ c #A6A6A6", "1+ c #A4A4A4", "2+ c #646464", "3+ c #A9A9A9", "4+ c #A3A3A3", "5+ c #717171", "6+ c #7A7A7A", "7+ c #505050", "8+ c #3F3F3F", "9+ c #2C2C2C", " ", " . + @ # $ . . ", " % & * . = @ - ; . > , , ", " ' ) ! > > ~ { ] ^ / , ( _ ", " : < [ [ } { ] ) = @ | 1 2 ", " $ 3 4 5 > ) 6 7 { 8 ) > = 9 0 ) 2 ", " $ a b ] > ] . c { 5 ] [ ^ 2 1 . ) d ", " e # f ] + 5 8 g h : 8 6 [ i j . . . d ", " 4 b 8 ) 5 : k l * 5 ] ) 0 j ] ] . . 9 ", " m 5 . * n o p * 5 8 . 1 q 8 ] ] . ) 9 ", " 1 8 r r s t n * : 8 j q 8 8 ] ] . . u ", " $ $ $ _ v r n * 5 j q 5 5 8 8 ] . 8 u ", " $ { w _ v x r r * y y : 5 5 8 ] ] 5 ) m ", " 0 z h h A B $ z x n C D : : 5 5 8 ] 5 ] : E ", " F G H 5 r I l J B $ K K L M D * : : : 8 8 : ] . # N ", " O P 5 n Q R S ( ; T w $ U D n * * : 5 5 : . ] m V ", " 2 W X 5 r F Y Z u w w { T ' C n n * * : 5 : ] . m ` ", " ...+.@.L #.$.%.9 { h l { &.*.r n n * : 5 : 8 ] m ` ", " =.=.: z -.u ;.9 h l p h 4 X x r r n * * * 5 8 m >. ", " ,.: K .'.).9 h Q F p !.X x x r n * * n 5 5 # ~. ", " n w {.i ].d l F B R W X $ x x r n n n : 5 # ^. ", " 1 /.h e % (.2 p Y #.Y _.O ; $ x r r * n * 5 a :. ", " a <.# t 0 j [.e t ( -.#.}.O ; ; $ x r r x * : a :. ", " |.1.2.3.r l 1 q 4.0 v | .-.H ' w ; ; x x r x n : # 5. ", " t w $ h t t t t p ( C 0 6.7.8.{ p <.9.0.0 v u d .,.&.{ w ; $ x r $ r * f :. ", " w ; | e y q q q q j j e u 2 q a.b.c.d.*.e.1 B 9 2 d f.&.{ { w ; $ x $ r * - 5. ", " $ ; 2 D D D y y y q q q q q j 1 1 j g.h.i.j.1 ( d b.2 } 3 h { { ; ; x ; x * f k. ", " n d M C C C 1 9 d l { | t v B 0 1 0 e 1 l.m.C | 9.1 b.n.3 l h { w ; $ ; x n - o. ", " d n q M M M 2 d w ( B ( { t | t v { | ( e 2 9 j e p.q.r.c 4 l l h { w ; ; x n ~ s.t. ", " $ M O X M t u ( d x u ( | p t u t l h ( { u 9 9 j u.v.w.4 p l l { w w $ x n } x.y. ", " x O O O 0 9 9 ; 2 | u { 9 B | l v ( { p l t $ ( u | z.A.q t p l h { w $ $ n } B.y. ", " $ M 3 &.C t 9 9 ( h 2 ( d w d | v t t ( { p h t n | | ( D 1 ( p h h { ; $ r } N y. ", " m 1 3 3 O M M X O y 0 l 2 | u t 2 t v p t B x t { l x | B u O 0 t h { w $ r +.C.y. ", " ( 4 4 4 4 X D q y C &.M v e | u l 9 v l v p t $ l { p { B v 1 M d h w $ n P D.y. ", " f.D !.!.4 D E.F.o.G.H.q &.M v e ( B v u p h v l l l B ; { B v p 4 q B $ n s I.y. ", " 4 m m m m 5.J.K.L.M.5.A.M &.D B d t B t ( l w p B 9 | t ; l t p D &.d r s N.y. ", " C a a 4 O.P.P.Q.R.S.T.U.P O X 9 v 9 t v p B w ( 9 u | ( p w p p B !.v _ N.y. ", " 4 # a P N.L. V.W.X X e ( v u h B p | d 9 u ( B w h p l h y X.Y.y. ", " W.b # # Z.`. +a X y t u v ( { u 2 9 u | ( t $ r l h { !..+y. ", " G.b b b ++@+ } M 2 v t | t u e d 9 u ( l ; w x h h { q #+ ", " W.f f b b X M d u v l 2 e 2 d u | B x ; $ x h { w | ", " $+- f f &.%+ s D C u | ( | 0 2 d 9 | v ; ; $ $ x h w ; w &+ ", " *+- - - - ( A | M y h | e 0 2 2 d u v ; h x $ x ; { w ; r =+ ", " ^.~ ~ ~ - a n l 1 v ; C C 9 d | 1 9 9 u 9 B h w $ { x r ; w ; $ l -+ ", " ;+b f.~ a - # 9 $ : ; 9 O X | 9 2 j d 2 9 9 t h h ; $ $ ; * w w $ x | >+ ", " a f.f.D M &.4 m 4 3 &.0 e 9 d j 2 d u 9 | l ; w { x $ r $ w $ x n !.,+ ", " b } f.b j C e j e y 9 ( d 1 q 0 d u 2 t v h w ; ; ; r r ; ; $ x : '+)+ ", " !+4 ~ - 3 1 q 2 0 9 1 B 1 y 0 d e 2 u p w p ; w $ $ x * ; $ x r p >. ", " ~+0 - f # q 1 j u 0 9 j y 0 d e 2 B v h h $ h $ x $ x ; ; x r 8 {+T. ", " M q f # X y e e u j D 0 e d 2 d p { p h w $ w x r w ; $ r * h V @+ ", " >.( C a m D j 2 e | y 2 d 0 u t t h { h ; ; x ; $ ; $ r n + !+]+ ", " 3 v O 4 3 D 1 d u 9 q 1 2 l t l l h ; w x $ w ; $ x r + ~ ^+/+ ", " (+( h y 3 O C q d u ( d v t l p { { w ; { { w ; x r + e O.`. ", " j.( w 2 X M D q 2 u t ( l p h h h { l h w ; x n > e '+` ", " {+9 { { j y q j 0 2 9 u ( B v t p h { ; $ 8 > - _+U. ", " :+0 ( 5 ; 2 1 e d 9 u ( B t p h { w : = n Z <+$+[+ ", " }+D D B ] . $ p v B B v h ; : + / 5 7 |+1+` ", " 2+H.3 !.C v : + @ / / = + r q Z A.3+4+5+ ", " .+A f f.+.P s s A {+).).E.Z.E 6+ ", " 7+5.!+.._ %+Z {+).4+5.&+ ", " 8+)+9+ ", " ", " ", " "}; xca-RELEASE.2.5.0/img/netscape.png000066400000000000000000000424231450407711300164430ustar00rootroot00000000000000PNG  IHDRkkp| DIDATxl6iƳTc*afTr03¬I|[-կ?I}߫jJuiRQ*RxEYnޫ*r<5dZcMuxY5ĜshU(OI/^_nz詧_}.V6@VdAᄺ~AMUKe)%Ue'oYFdj{CF!g=6sr={;Z}ik9u*J9g~iW]swߩ^jlώ_a\U)8|βiX[줲gYIs$ ۶%fA?n{;r'l+ {&vrc,ͲǗ5#å2x 7rߪ^Ԫ5X ;ddwVY(h"#q-x '^;|bi^yyF <4c-vF؉>2vI,HƢì]GgPxVߍZKetrXnVw_k?f{F 週6.2i˅2Uʦ|; yOi_gܡ4cGYEpmeddž=(NS?[½ܼt"|ݫ.56u">c!Q.T7R䪉[wg}G $4bQE$C{gg6@;8hEDL#(T sӶsd0l﷝SAe9{s̺xjvǟ S-Z;U d g;)M)@X%s2aܙ3p;ʙش 8(R"3)QYIeZ;ud?"zz|Ǣ]` LCg:Lb<;(| |?O;器dJ& r$ 0]vikr!u%ӣ(\"p)dFv g"q$@h彇ƨBV6D{^I]`/rHV%a볎}Iܣ@bf^1MRUYuAo{n`L7lYeB)<{M*>bHBdv3g"s>nJ5m#K{g&z>ΌHg>`|JgggBjޫхl 3+.m~3TVI9[o{ns'qȦe-LM2ܴS|ن2 sdzDGei N4I#uEHy tgQ E@vK @asIp_(\f }s@d2J@A9y-~]ϊq2L@ie)o̒+2gԵ/e( Eijtf4m㴜 Ob6rl}ow:38[M 2=vJ`|aiA"ޥ<QaiYcDg>:±9&l?aY EfT]r~I0RW#T/) .wX&2ц4a@ WY9GX>dJl1--WC[7kѡVl#2S}9*p|i1wg/e\ JDFb:!/@ byÞ0<ӽ?9|\EyXHQDeKV k8f |t#kD晳 Y}URd,48 Ǚf|>/>SQP%=qnbAE>N^*CKM $%#[N\"{f'y+7PCgj,JVغViD!R*J"~ " O7@,Տ 8w*qO`sHASPgu6,@gZOKǞz^PDfik Ǧ0 E#F,,a~ 7=V➹G}XhəM;qjfmΞpnZkIP#Gtޯ~eHFZUUF6O͂9pL|[OyE.Wt.Nw^܀uן"g!/<)Rj0u7Ԕ04U8bPU65G'6 Gk\wAYv@>}yRd9i2{W{,(*egrWCQú(9&V]*_Anb"OW-t?zٗUTOD+)c#9%hlEݐq=[(*SRlcASH /2ן"ëEcM_`D_^J}8>>%BjlKkע;1|m۶mK3߳m۶m76 앳z~ժʽgFdFyjz61Ҭ(MvPP @{MEz..sii]6gfQg lkw?"ԎN9Oz5or=nɵSH u}&& g^- hWUp^Lg8'R@$W1(y7pi'y4+Φa_#zH6F40*!֑\.uLG] ^5:1p(ľ p{>& 7Du%9cl;71e"LVfoyVN`e249!֊8P'sBx׳蓡?d4e† ׼5 "G:Rex3NBmt&,q_ sȯXŕl<.j[00nX)Pe8BGR|.rd'$c4/7Ux.{VB6b Om+]rd1¼򱒇Ϙg!Lk!YȚdsc,I9$9V@>Lr<]wfl/CdzU-Ӫh{7iXa:)bQ=v;&9*ec:M  |&կJm9rbt23@݅ r׵fI#K(fmBw2%b2 S=LgcTMaD2VWLDNcH+dqeNW-ZAXt6 :5+{a$ㆁ̬͞eGḣU.`@а$9ٳ{S3tJױmiOzq[?ORwd9 znfo2Py#X;!Mf^˯{^]OcpE` d͏%= {0^ |-Q Yƴe3I-q%AaV56< gd2BeJ!QhZ]C]HH9|?x?=鉸/z̓(Գ:Iŷ^{cɏa,h4x(6#F ǵ@齀,BUsρR 9xZ\ 7Y^xFG3*UoZ>-(J$f:^c17\iekK};g0E{Q,J HS=TlxH6h?zP K4)N2-NŤ~Ez=7-&mM5KicEYg|8>ZEZG'DU\G>71#cae9kjU~+A22p6>xD h'sV@ /`2g!MCsHc -ɣلUH?K 5Yt#… !(kx=$lZi~eΫ|.d:IQEB!,bq>Rh5@E/G?A.SGOd,˚_{pm۶mKڶ| kۺ33#b"6"2==Hk/U=T3=㜕gѤ H4X+#i`O@@|8%m؋J]#yc[]+gis_9 `6q|U^tsSX>eU@e;\^]R0jZ+wu=nØ GqYE`e{m4cDV=vÎ -+Ӣʧ5rگa0~J05*weW7`Wžo6SO 8 BwAMg==??Ӟ/6$~8E;;(WҎ!bN;D-e$==ޛe. (CuOq{M^rlw(lE^,Vٓi-74!=t8(R -i3[l}GōW,V%9OaF؞M^ݭku$zW9z4,x ӿ-Tf^pv2 X$#ih㒹T7ѿ9OL͎aTTEʦ7MFJqpŤ> MԳ?曾? Q.b$lG<Ɲ2'|G'bݰp@^C^FEH0c.U'^rQ8w>*4ʠYf_JgbPtZo .8}~iW0C:.QvH\0(|onfq3RnpaY@#q`>Q~J<+!mXe2n٤AxmF ~OoO#y`\ܰQG,:y/g+\NpXi+gkN4o?岒Fn]:: ,GQ;'Po=Ew?ݦwJ{U N@M!ko&J!$%G%䏚#[%dT&a;뽊k{6l^>zo?ü$x 5.x;?w{O& i&rEIV:X+1G .D!I=xS룶3;zVP]: 0@n- _'tZ9dq }Q\')h8pf6p'JYpR)X5Ƴ3;HHGs70~>~7%Ç"FXNG]^Z}fV>x# \*.DG`\)Hs3pO#HfB&kP/Vw-ݍYk_@kZǻs qՓ1ZSC<7'ƶez5c!ئוivV'Qty }O\퐘g]_<~g'xZcvOV; &!Fvbx 9nG5ʔz۪" |5(U̖ܽ}X]ߨ>QMh ƎzFS>cPbUӎ2a(!V G3 ̨\RPLo5hw&/,_9 7 Y|`h)3e~?ͼq;+,{+şY%ˣ+\C)"Xh+QK4G1xLl8 1 ϋ_bZ(i>>jTI6VX)Ei7*7 ڍ-VUnNYeQ>S"cwRĸ_Ԣ~:J=P=w_WHF*gn3uߓQcpg8O j<ןu M=Cn-x|׮qx ^>_9Ǜ2__jxsf;a$Saq7hRܽfW J]Q>"Wq0UTh] 3%{hJT\*S48p*/#p,ZFK`QP(펾pҕDUks X$gj:ëMx|8Rlj}|͏=?%|ڨOqܼp-/OM_x_%+]0T9q$kny:aTicjcb,aać$67xaiTs*[،#.7ʐO!ΩKQ< UwKɌKPVj䖎pHx!ǔҔNY 腹|U|"I2&7Pc_ax_+ԳšU4uz.ҫ6||<£7(-k*UQ=y<+Lci0nNٴP9-\mfRiIA)$zI1%T k{$b˪%Js#*R(\8#3V\v-ruE) L$^㟮#|/|Q=رЍRI,g>z|~<|OB.:iuTUe4V3m@IdjMq N3K_ZLb7#_+`ô=UE6Wq@k߲()Fi^"Մ/BOJ!%K07"!,їt(_4!Dzoy/]=\AFE{\^˪r3<%*&GHH{ n?$@+:O[WeXkjwNJAn̊5S `$m ,g ?V0,J osW'JUyk݌[QU7gZw!٦I%tR~~'4>'D訖Bx?d0pˢ!_C5$ܨ44c3>z>ZhDL uc(P 5yP3E{IpWHYU.qq0a).:zo֨&`b)Cr}B֑aMs-0w]q$watj0Ҙ{Eb97g$*Ѓ2Uhھi(Z:}zW%،4Z?7! ņ={'~ЇHcC[&%/(Dn?Er>D}dbIݲ^UсX"n rWZ`؀sYo VNq/."˦3$M  gA($#WEa1A :.7NQ3R**0Qfe6*}`,]$~:DЌpqm&}KAWr|G,Vo)_?'ke]QBN c#$y:;,ཨU&ұ8ͽުVU9_Ȝfjl7Jp 8?Q~|΂[\`~@΢#,Jv=>$ 7vNRj9WDi%f.\ܻF!#3~מ=999'2Tr3p-|~oF~͍H 7$[aZO aծ/bANPUgUEץc1((_jXE\pE 1Ά1 jFq/(Zj aFWsf PRJ?ju]i;A4CP vPiڭ{΄/4V+1 @qѪu[Xg1)ד>Pf8#ysQmZ(3O+oS"_8v.@euުjE6BBOF>q:Men0xܽy82IC2ߑ{uu꼢.kS~t~GW{~}p\ͫM?[+뿾rLкYalZ(mECp\\m0]L)Q3TH.9yp\0 E=",r-2^o<1lJjz#&(iE"fܦ!6phGn\.8;?gNM;G顽CJUsc|Oxg-K۱MTRpP gxG?g.oW$! x-{mF !02sb>CV[Kg$GJ'+qj键vm¨*X/[:Aŷj1KPA4@YnGlq Ԇw^6x;r[/qjq귬^MzDF2zEJ~Ŗq1ūʫPnn?\ge oE{\TG]e%}>Vx}0PD 7W7!8BA\ЂNOg]CZ ^NjԒܤ!*v7ySa`9C>UMhpa}#T ~iT*Fs<)y}@;[vihGSXuMNz EӴ"*2e|A&9d۽2Mh㉿2%)y5t@o<> ڕE֠f2IEbRRn#BKVKBD%̪zZ9"|dr לDTVp}"ۦbcs*u 3Yt2 X۶mvim(im۶m|(Lc9ecRZW2)ZSrٔR.cp]J٧k\4C@*=j^Iُ~2*.֖WQ炣tF̜j]S$E=C?Q t~;qաglfj\^(1Z5C3. ȃM&U T[U&nCgnfeBM5%xbQ/RZ6Idc03K^, #₃pNBť,4@,6ll:ZIL 8K8ţ("i$.4hhuX[ayM55UkV@iEOr'=*2r7M@dk$\Wb3+vѲaF s;q=Hh Xv;l{.=ll.ckkruu+@7lf G| :7a:KD¸vʗdb"N&aiS.k2PumT %(G1̦qtr# NسFȅbxOͭso9{! 0*!uKlaL(8u֔XBmNR>fkQid>i(*?CQ,p R~H24i͒? CsaCf}+"HMB FIQyoqhc!#iwms [CABppᰏi81Axg=!Pׯzo:JX^FE˨EA$g2p9CHpW'>ņP!t>U Ɯַ OSᏆI=x?(WL"\R7T5)!B?>Ͱ I'ȿ@I.ca}c$ 8 v"Y6 E) CDe 7ͭ-,mE&`>EXZS}|C`&7Sad!#4F251Y֪""o~Q,2~_̨N"la& ڼq[ǡJthl8 qF+kTjFŘɬ0;Ҵm0f.)Oq`4']Woo uaI<2ҘN}tj .#hq|["9%b@ .ZjSۃA°yy-D.RٓA:`*H/'&Ę:S˲$ WPWոV3hps!ω>dAJ\IXLH$""ř\#1Lv%5SAe@g.r&.R$ɷIlg\>:]pAB*A%O7#! NJ* 4vEzի^uN@ cba4;'9a"`)ռG@QtQR/^;:y"I_g#_E$2BMH=Tc*%# y 5`XgCG֌bO$1 m Ur@38LP:e {=u{]p\{YfbxBEueư=1[f[IHZH xݼT0(ZZ+0- h+ʢtBQgsKOlNG-a8bZrBcL*I)8봴~&*9z}}[=,P? pYoK)ف/dqG#n33G]+Kh ZgD.L`n[5z;ug5[ݺUpo?}>O2E&yl|YXیYk]c ]uעrWk? 7`XTyme:|Bjq.*ORmtvsHٓ`8`W hK:IϘ@omJ/Sgea*j6k}oպS6ሤܻ٘{hJn ]JFp%xTK+zr{Juֱ{uDnDa[oC1/WDH9.?RT6!Th:RQ=fga6f&&yi{Y)S#ꀗb5͔`DF,ëFxn^{%a+y#u60za/n>5+g# vN?ߚQɪD ҂`.sm-:Ĩ)Õ9B0p7nuzENB=./bI_ `pߩa ;UGpl.};a`956 UPuQ iϝ<:%kA+AWo-r3O]`u60_X z]^w-nزXa-J۩H"t#!{S–pu!g3ԛfZgNjh =H~K^"ɅӞg7p" 1xh1=(lDi "׾ ͩ%Xs"%;Fyj06An9 DM6~'+ᘩjAؕ(Ϫ4 {ZdcAx۶b8@`/32~/*Q~z:=eЛh oVv¿OC[ R)zFE}aT"-u]us8Y/ka1ڢ̀nF~37]wma9{v,% Q++9E=j)S/V+JA`ZbSD\^@ OMLU}HrW 2qw!Ed9h6W%-{VvO{(WW2ڇm:Ņg{RhHd֨A^ylafzҪϬ!`=Zԩ⨸\>Y1'2bZ0فKj}o/qjXoQ"2֓[0n$ 竍r}wUЪco!م}OǾ4Yۨ]/ygIENDB`xca-RELEASE.2.5.0/img/req.png000066400000000000000000000027741450407711300154350ustar00rootroot00000000000000PNG  IHDR(COIDATxHJ6Gk[g۶m۶m۶m^ zӳFRrV/f}TO]1z'^qY{_.ko㶫  @7wv>wu>U37̧8U/au7.wCᠽ6xgH8Ϸh8P46tH;gc&驙3\l.|qq{ ] Rp)B(Ļi'vܨ [*w}Zike_l* ӻws!iw$z#F 5zh,4TL+-\˲rihj *xHue{{Q]KƲO.).>{K90iu7 R2*%8#/2eIR`` hxܣ#.*%f}em/=DmxØț.#\p\gGRݛM[t*\hҤakB 0Dd˹ 9j·~a&7@ _*Koʊìj~W*Yd@`ҤZ&ӥưqlӖ=#/]gdMs@t*Aʚ/.KEgtl꠳s7);4 \XROXj5xji-ELDfs̒>&RZ, fo:*UYTbM~%M8X}L*8.JVScБZq&O<!TUGUU% @R*5Gx H0͙lK\ٮXRմݽV]`lꅌgp3ёٙg!J niIȏߙℙj`xoQp:`YbH" S^{ڦl%1I( 7o"έb} G#uaGEJ'N_y!&Oxȧ4%;OvJ$bLB8YQ<`XJBX&R0*,[p5+%t]E@AmeCҟS/ROzri 1Gia,W[mTWD&oM:&"9%E{rC.0W,  Ţ}yA-50 $i܅bN[dۥ+5>ܻ}%6 WRɦ0H9SGDnò|`6k׻W(kަ˞l$9]. hmMg{'xe&mD={ƣ#"f0ڮzy+{;C+3V릪ϛS++?b> d>Q7!4 fWzyI=6$*/ItH]VL򎍍݃?$~9_hxy-(^`|$Q:-%IENDB`xca-RELEASE.2.5.0/img/reqkey.png000066400000000000000000000032741450407711300161420ustar00rootroot00000000000000PNG  IHDR(COIDATx`'jCw߶m۶m۶m۶mۜnk%9yWڳ!Oe{%su[-7.WQ߈f4rxǎz;&ᙡ,XPF-y`o7+8jQ:eM]j֌n#?\w1_ ;yf! H ~¥KJdo@YWyP`IKڣuD]~Ih2q{O=khL!| El_)}v+P%wPZ!iz%@l*ǯ8#&Qv޽' jU󊢞/N%#1QIId^կ_%ǔ);X:i԰3.>zgMuy=Q24JzYmT+fZ<PL~xEUE'`Y#Ij'Ȳ%Js<6.r+¨iR97o8k ZSd#"YO<Ξ=+!CZ T0 t_ hU>kx;=ySbl} !hQ\Svۖ .GP @8" RʃR^O[gTQ!/O۷XAgPZ$;v3S'_1(v&)ۭB^_z΂3~s֋* g(5dp|_J#ڂYVbqʕS/Q~pBAvOԩTm QDUǯ>}s3 o9۝*{<_(-)z>_;,G)w`M1OHHxs֍c_4*2ϷƟ&c)jdyr|<\PZ@JF|;cQseȘV hoG8 L>!axBϧa~aleqq,>dt3[yzH0'[_ELo(>IENDB`xca-RELEASE.2.5.0/img/scard.png000066400000000000000000000016371450407711300157370ustar00rootroot00000000000000PNG  IHDR(COfIDATxSW~{fakڶm۶m۶m`A}LkBQ R] F#@7@<]XZBtB1?XG%}pwUS/<ܔpsQB$8M-aB|R0=jeyySasojjp6hv!;h"oA[j{Hٹlmm>0>> Kp 5F BK ڀc!5HMzmDf";b#g` 908#s8 šV+13jVt-38>>%QX\ SOݨi?栊VM`m)V(1|t ҃ˆOc}*0&̆Ag:p,lO DT&' w ku7t nt(R8KIE' B̆PAja(5۶mvIcY~y+ck9G~BDRI笙Z6q`Bb1Pki?ȍǻMXug1cOVĪgbd-ƓuIENDB`xca-RELEASE.2.5.0/img/template.png000066400000000000000000000025751450407711300164600ustar00rootroot00000000000000PNG  IHDR(CODIDATx͕$Y|%xm۶m۶m۶-m۶=Vn|_A)^4oGn޶a¿=|Pn6o T0m<_D7:{=mW64~to=Sz<$.QQU6ʝ+Ń}OZ\ZaLH^huIr89q6{{V>ޠcU+oŗ,Y(%!3CBeW)^6ȫV4?994U-rt3f6gT`cqKru+vha^^9g֤xM /LOJN篾JAjj:y<3> CE(g(5&FdmO? lFw۱+Bs__R"iAl%ʑ#Ҍ2o6mfT$[T ) [Ti_}ڶ] wtR)fkhQ=z5>p]Se^p™X* }YQP!x+@ȸ,0 $'gBš0L'g !ʗ-Ii'{K{tA3j/[t=brXfr0\ .bSS}eP Y^3㒈GII)BJA_ܓ{xhPrq3Jm{y9ܑlV#Y8oٲNƷ+Uݻ53JESF8S0E{:l٦X#!!qSՊPUUIU9,I$mVزP+L&44jwXS7A$"MK†'3IιB VBŶa*A0M0 \ΝԥK238Vak',]aN7(=zq|N+l69>Fp 0W۩]:;Cmg!xybGLRo/Y2fPQQE.бc|Mޱy͡CG)瀠n2H7oun.5#]U//.._J_FEe5}6 $C WnW+<o[Dv ,~+)QQ.$ CJ]B$瓀A&EcaJ7w{wha|4(23άSGNeo65 <{*GrT#z3H)u7=%Ͽ5o\r߹q[^3wn5g}׬yb;xS߾P $zdy'1*)Dz\FGQQr~DI@S:])ʧoD4&z'U5Ǔ51!ANIM|>9XU :7r\d'36d&'BrBLcvDc*!kM4zoE;4нIENDB`xca-RELEASE.2.5.0/img/validcertkey.png000066400000000000000000000033641450407711300173300ustar00rootroot00000000000000PNG  IHDR(COIDATx`+IfdTJm۶m۶m۶m۶U#IٝlKrlIyr+}3&u_vj[I``@yxX lȡ84M?5P;~U siAij;zv~Wl55,!aG2eL^lڔNC]u󝎓[n˕Iָry㮞[0thK#GFBO6\-AAV)z;]^ O>eb(#b6Λ+]&bXQ,)m `n7|ؼ_p0p$ERnנA;X'c^$]GrQ}u('sz-2$I 2Bj呑шX"٦9zָ"sl"3RpWYX6duxfJᢒok/C/ Vc߾ڶmGmێ^N?zZϝ"">^EdTZ0(M'Vc$A0ڵ&|({yp(Gc3Fҕ7Oj tR&N*2glVxhhd;w5UV)>CBTiMu #RQʽ?fv Y&Lx||T%(=u|%lvGLTVbm&=gRD\\1 B3XVI>{&].l(VQCQx\J ܃u +<=MFELO_~ Ǐ.q$+VySgĽ' 4ܼyG޵r-9$$L$n1HDŔzJ"B|8p$dWSougbT3GGǩZ"UI[lo #WrBFGsQdB(K̦߾!N=m>d2q]hHH8#^^ɓB4)LE /}u/C@épwW`6K(C 0#ٿ'#}M#^T.'ӽGoxN.46Oi@D"CLs.s0'dF _^|#Ȳ7o NiJe_cs$!K2epw?g2P@a9TK,r!B4@q1W j!Ӄ_GGG~! _CJIʥ(IB‚W?-m1墏b$ gxS\aOp_QliҦ4-fÇ_CIqW7ɴhS n۸ o`$Jr8v!cfP*}8 K[ Q ( /BHp!QHԮC\S 7a2m>=wyg(3{FmL?v.ŘgWRR ,~^O{ګ О a@42c8zm'5p> DkWL5ѤJ Q) |UЃѯ_S@cZI#KŖ׼Re4PRIX)AA^&Rfj0J-Gzj S_aBrh8))2%b6m5)Hj\PbBAbp0)$Jn34$NIc@7;j%@!,IOzAV FKX&@͆͢@V  HJT$I;Rl 7P71|S uZl%dۂv"<3(3z~Iz%~~d z$հ[~;R}Ib?eN~r, 'I˒-b&\%[ !qmATź|O E\|K?fMc^A'֫Ϭ-dr-؎bQ5["T-|26}j~=hŻ(w JDܜA+沸ͻ =j|yoQm욛Ӹ 'ji==U—MyczyZ c #730101", ", c #770101", "< c #760504", "1 c #7E0101", "2 c #780605", "3 c #7D0606", "4 c #700907", "5 c #760A09", "6 c #700E0A", "7 c #700E0E", "8 c #641613", "9 c #601818", "0 c #6F1A1A", "q c #701717", "w c #711919", "e c #7E1818", "r c #602222", "t c #612424", "y c #632725", "u c #622626", "i c #672D29", "p c #6C2E2E", "a c #732E23", "s c #7C3125", "d c #71322B", "f c #76362C", "g c #793434", "h c #7F574B", "j c #686863", "k c #6E6E61", "l c #747466", "z c #77776B", "x c #79796B", "c c #7A7A6C", "v c #7C7C71", "b c #7B7B75", "n c #7E7C74", "m c #7E7E77", "M c #7E7E79", "N c #840605", "B c #8F0404", "V c #8A0908", "C c #99110F", "Z c #811414", "A c #9D1715", "S c #A10404", "D c #A0110E", "F c #A3130F", "G c #842626", "H c #972722", "J c #972C25", "K c #813629", "L c #A52E27", "P c #B72A26", "I c #AC322B", "U c #A43733", "Y c #8C4234", "T c #884738", "R c #A94034", "E c #935742", "W c #866259", "Q c #AE7357", "! c #866B62", "~ c #8C7164", "^ c #8C7B75", "/ c #9E7974", "( c #A97168", ") c #A07974", "_ c #9D846D", "` c #818173", "' c #828274", "] c #908F7C", "[ c #AB827C", "{ c #AF837C", "} c #D3896E", "| c #DD9F7E", " . c #8E8E85", ".. c #8F8F85", "X. c #8D8D88", "o. c #989887", "O. c #919188", "+. c #929289", "@. c #91918A", "#. c #949489", "$. c #94948D", "%. c #96968C", "&. c #96968E", "*. c #9A9A89", "=. c #99998C", "-. c #98988E", ";. c #9A9A93", ":. c #9B9B95", ">. c #B5958A", ",. c #B39E92", "<. c #AAA48B", "1. c #B5A387", "2. c #BCAA86", "3. c #A0A099", "4. c #A6A699", "5. c #B2AB98", "6. c #B3B39F", "7. c #B8B8A2", "8. c #B2B0A8", "9. c #B4B3AB", "0. c #BCBBAB", "q. c #B9B9AE", "w. c #D39E82", "e. c #C4AE86", "r. c #D8A885", "t. c #D2A88B", "y. c #D3C995", "u. c #DCCE9F", "i. c #E9C59D", "p. c #E0D29E", "a. c #E1D69F", "s. c #C6C1A9", "d. c #C6C5AE", "f. c #CFC7AC", "g. c #CBC9AD", "h. c #C8C8AE", "j. c #DCC8AF", "k. c #C2C2B1", "l. c #C5C5B0", "z. c #C6C6B0", "x. c #C5C5B4", "c. c #CBCBB1", "v. c #D1D1B4", "b. c #D7D7B9", "n. c #D7D7BC", "m. c #DADABC", "M. c #E6CFA3", "N. c #EBD1A4", "B. c #E6DBA4", "V. c #E9DEA7", "C. c #E4DEBE", "Z. c #EFE2A8", "A. c #EFE5AC", "S. c #F0E3AE", "D. c #EBE6B2", "F. c #E0E0BB", "G. c #E2E2BD", "H. c #E9E8BE", "J. c #F8EAB0", "K. c #FAEEB3", "L. c #FFF0B3", "P. c #FCF0B9", "I. c #F8F3BC", "U. c #EDEDC5", "Y. c #EEEDC4", "T. c #ECECC8", "R. c #F4F4C5", "E. c #FEFDC3", "W. c #F8F8C6", "Q. c #FAFAC7", "!. c #FFF9C6", "~. c #FDFDC6", "^. c #FFFEC6", "/. c #F9F6C8", "(. c #F8F8C8", "). c #FDFACB", "_. c #FFFFC9", "`. c #FFFFCB", "'. c #FFFFCF", "]. c #FFFFD2", "[. c #FFFFD7", "{. c #F1F1D8", "}. c #F0F0DA", "|. c #F5F5DE", " X c #FAFADB", ".X c #FFFFD8", "XX c #FFFFDC", "oX c #FFFFDD", "OX c #FFFFDF", "+X c #FFFFE1", "@X c #FFFFE3", "#X c #FFFFE4", "$X c #FFFFE5", "%X c #FFFFE6", "&X c #FFFFE9", "*X c #FFFFEA", "=X c #FFFFEC", "-X c #FFFFF2", ";X c #FFFFF8", ":X c #FFFFFA", ">X c #FFFFFC", ",X c white", ".,.k.l.z.c.F.W.E. o # 5 XaiCCPICC Profile(}KQ?GC EA-Z d46-S Z4(8# ڴZZi][m(h?k2LhE=s?TeER?Yp`^ĪN&?6olrUS+x_w&1ΚhդSQ[b^,_,hec}RY"6Ya\`;\֞27 !8f,j( )U>VukZQ.|qE`h`~Uw^okb|hkK^_&$;.^N w .V!Gd#sh 04;kN:Q\#W#ˇ5_#Fwb(8eXIfMM*ikF&M,;IDATx|\řgЯsOwOI( ! 1{罟vgnv >1^[`dHFQiFs鑄E T߫W5cf100000000000000000000000000000000000000000000000000000000000000000000000!|Fdhb[Uq ]VHתcՅˮ> bY'_Ֆ{hL6ˇI+-YPQǂyne5)G;P.jZ dk[I׊s]ݼe7,YdQ57'mΗ^ƏEZ0݌O^2S1"*qh O̿Sp̖ei55W7,Ɋ"1LppJ RV֤a:4Uu>@7rw:l9ymm#%UKI*! h4N_`q^F oAu}޺>ghi_\^^Ps\$Y*3o;~Z q9[zZu aXUUV4MUx4_gUqe }YwvuqƥUŚ 7u#?Г,07 2>9ɌXC L|k7c{Ć<>=s9Kf.ڭUkV֔] %{+F<􉉐oq{]( alIuk%yyT4Ee7,6))j{{_W?s$q!^'[V巾ry5v E3~ϲY &c}}, C!8:8/.Hҟyȇ L#y,?+ȟv'Gܪ9řNf, l KThaDc:`Mɳ ~b=,!\&n\L";oEYzUT7+۶..Sh42!iE7>_ԭ)9 `xr'.)fCC,0<`4B,E MH{< w(Ċ`"?"㲎USr>0<:|٩m A ([mN.+QnH)hu0Ï޽M? 3 æ?.Ɗ{TnG?Eqgoș3m##ccؤ32R{UMO8$x* 1UX%9d4F17-(+Y2wvaJ"KaAEhhr%dǹ &#, KE#+*cȷ3r{u{wP!\|Yـf.K Њ\:謘l17~#j,+VxlY`ѣm3i ]<+o}twGAN%-' apN߾l[@QdN XVQ7!#a6<<a[e CVU5@? <K VK00` cmKjl*Y- ql*sɡ%b SՉ(85"K?~ڑ֕Ŭ1n{'0[Az&10/ݴ\?;t*UJ w>3<;^ES}rt=j\#?ܺ Ct&F HLnXmvuX~t(A#vf H +UD(LrKJr b"VBLQ 2j\LB):hK%/apJ$:tsfC@0 "I=@E'tVQo`LB0FЉB_K` :R!kW9:&۶T~L,|ztB64.;4!/ 3d‚g;AIq%WH*|q0PA\bibEsI|ݏèCmBST9\Ih%zl\^pt鴥LL8a(+ }nP\0 t\%K n~__g~ro\rۿ_${*3%t&#hC55Tz̹pX 6o@i]Ps]nåA(4(I5ᘮ" ra^ {e|<8rLz0T";j:Ds!{<8$ҝ >AKJwwrKaa b#6 I:vRBDA,Ɖ p)?9Z֎Epbpq;݊QjB$ա}<zI۹s/S7x`"`>b& -h>2ST K--CJN<.9I *AL?g+Ŏ1ApH 7T`p.B;bn{#:"%--% pg'/߲̔,?+I4p~_" O}}UwT.H6K~[T_z7.8pDN2,QXQY4н G4YʊuREl].oh8bdb^h;vegg/-%mttGК" WmHX5֮]ٽzhV BCo&mxzUegVQ1b<c'JA2uC#~6sA.0ZڃqĒL?[OpLSڞ ]1?=a ֆ"[6.,+^q•Us}j-XFwTJʊaϥ_d"9$OBzUHm@&(--"Hii~zvᰕ,]L_3 lߐb#J~c˗D[:adV[[{[II1ih+`0:>&ɩZm,=7װͯ12&gwt6<f /VE̲t0쿐:h :O`ݐ݆9Ѯ}7n^a E z&n)H;544!LQ߱`W@lzB'70rWY2TcRk[/CY(|b$+ױD$fx 2x*V) Rh="b{>lh>nQj1 7.BB0pf\;kuȗb-o|=dĉ܎C[3{>pn}2c HD"vD004gYY"D())ϛ77pPdeӦX,i!D1^i;wc1T`<ȗFhn$@$AĿZ5+~}(PYYl6fӠ7Ű> K``ZM%z2c@B1}/{Sރeguo`y0Q#\N?A:Lr3s ȴ0$i&6YU6+NRIߩ,:;ot&,>6:* iS1sa2A'ʋw~",S&Dc3R ͋'@.R}/;_(+3f#XK/ݻyt\q7,6~K}&}:6gc!q?rt%GN1c0jZɛXl"C'/^J(yL~ڥ3<2J(x`O:14}&N>xe65<+:-K5"ڹ8+A Mɓcc4V 4\7/uK ##MY`NhB}0JNm]|ӧ=$gHӾnU8c;< O%C9/̠;ҫL*2@OeeF7&, ŀjBÈ `[1G+EҌQHTkkZUU^ooBE`ܹѣGN ɧq b %?<"D[H6,l†">Z4n\xjK̊Ȅ_K!w $b0TQQ 6CfX~⾮nbC[ϝbŢێ@TN^>7 $T'H05iEtQ "|۶SgO:l<U=wU HE}*މu۷ﴑvQLw ʇ3xJ% tC#ضiCh0o]hBT!"J-oZ'21hFώi 0&ZI5F>j[Z#;fṹ9[ G{-W_6!sQVV'A{m6;_6jղ(E]N| x)筷n Lb"35%I_;9=)H4B]BՓɀF CZ H">U8rs՚I.vƊE0Nfuu/|#?cϒO +^"a&!ED` +A2k#Νׯdee@I &ZҞ|ƹ#33ՀI%E O#hh`ij?ӂ\2ņ( DHVt0X$^)<;qEci펞" elPq"s: Lm<7Mq;ӂ7:*0T{.6,xi[Ni1D8tF:Y<Q""eDRxa$k4xҴhs{r1P|,QfϮ#|Abb˄#I\x0Dsgr/{vHYN¡ÁN="J3&37RzӑŨɒL*A:24e}HYND V ((vؼ~JlnvkkE 2MksMͭ'.,x4k;~^}4獦ʥs,CAT0QP"R`2$#ԞFr1>7'?tNa̭6l2%OU#3) +e*BSEM^#9PtL|F^^g 6hqMdb SFjvkTI_z$.Uö3t"].h&CA-rA=C5}ϼGxrI9,GgSłsز⡴cU+~+JsA.{׺5Yp*3-Xc2"{=p*~ަH~%Y7.nZX1MWΩB8P{  Z)΄Bp 8W),JQR)hU#} @WVD,i2gI9גGjG5QHơHI1C#3 @y#ڕbmm/<mhrөp܊X .v%:Ӝ/?/u|5Ɗ$)gGX>(~aqIP@zX03+yRvQ 37@sd֖[ͫp,\X/)&4M` )#y41 I>H ifBAd FgĽ(tD DNjܱc_َ؟Ebmy$QsY> $U+) FKp*Z=I0g hs`ԕұi""dyyqZ[45,`Ey^fWڭ܌TlCN9 R|2l"TTjR džYu&遼_;8:=P?HSӭ=544{Dt}E}*t/O¢t95ixWJo@ 6=(R&]U`R@E~4Bl.1CDF Io2Y&~/4Z!c+%D:+ P +AB J l3xD["N3bSS%i=. @ ` \iV$"$`r]`m3߯~8.l%uOA3bZ" tP` 8 &(C >ǻ\^T}=9{1=/'Dm "V ޞqpp{`)b0`OB| ȅo lbƃ !)6)~ af8yW#c_7`W)y D FbRhUzD٢ 0I<_Q}a2V,$B`3.V$Ùj4> H "*.`ȿވlYF>TW$$%w40 N"iJ+fQ |Ï_"@FAUHPP43G(}yWobv}QJ/ЛFTI)g@+m(L Im%(W"@%tK*|ď7I?r~I0 $l/8`li *%I1||̇qWd!u pF;c#Yt𬛱Ol9zk!تG(9ې3Kk p] lǦ$S4aH;V'cϣ0Xϰr5rd7e?X^a/M,YEZHZa3\zY?ioUm(I͑ 6'č7ü# pL?Av V-`%mRX`_/I=`m|/ˑdlBI+Q}&nDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD#VJwIENDB`xca-RELEASE.2.5.0/img/xca-icons.iconset/icon_16x16.png000066400000000000000000000010211450407711300217520ustar00rootroot00000000000000PNG  IHDRasRGBDeXIfMM*i4Uq{IDAT8c`#Ȅ ##78 b M@5ρ4 jd3˳7KVr5Lb2@d٪ rIb@O ح,?&~gaO&_W&~m̀PR-+2VukZQ.|qE`h`~Uw^okb|hkK^_&$;.^N w .V!Gd#sh 04;kN:Q\#W#ˇ5_#Fwb(8eXIfMM*iD"8s@IDATxWŵ{W@  "PcXŒ}I11=3vWPQ)H{g?ߙ[D|;0;sϙ9gΜ93?>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C?x?Q;C@-þ݃Au7>| M]݆ ֩WT*1a#'7>~G=34w[*(?0#Z5!v⋵=Y32쳎6n p'LNe N[o daă'c{i0u9dž?{d~:C4/O:N:$L=;O~P7[@etm޷wFq~uܜ̨ H^ xA|XmbwaP'? D={-Ӈ&ǝ0zffhvV|`c*K_Nmc[ݏX S f~ Hw?TlmJ9ۗxLFVeF3Y{8)\l+Ԁh:ĭ C)]6e躱!r ELho|_:a'`@)ӟ|cV]A 1X5SRZ.**5)sSH>”Jዷn/w'j,ޯm8H*jU:0Ry֭]Q>n& R!VzfB@jH(M]Vx!+֜Ai1Z-jXW~E0Br7m^v_7ޘ%'Xzc{5S3|1d]fX$A8{ 7H?Oرw歅O$v= `mUGSVͨi HKcVp`5Uv'74|Bz-zľuC:rQ18/lvٔ O(LPk*L"Na;Op;O%|<=跬7FW^5c9n0I 5C, KxP"ɔ/7PfR[/;='x\"7/[?B(֮@,x}e4qWb\`"(q;on|C{۶ikW7ee `lj申nIlڼ;pD8L' P^T$!:I'%N"A1UŅ (v"o4k6 +)_x1yw̜,q,Mjd<7ٵ׊!Ld"|ɡ]ykֈxyvFQQW8h|wɸ+Nj<{İGs! DC B"4iB( A6-Eg߷۟ħ P`3ڋi2\=n{֭kuL.8(vzgd8 P{7IC !q;2Ap@7Lis"=Bnjո^=tv6{tV: e_{ g.]]鹗;sx'$$ > ;f?n/II $V #Af8<q)bwSNvz*ǯm%|q?ɩ\uH $ܶm!C-[QS &ݞ<-S%qroNmZ56T4 @ "_Pd@NюN@4 wd2!{ k,x$ *ժ.(l{(VއзkghвUhܠ BEwV\RYhE؛'N:_ޟQG f&E^9 )'JEMs.k ڄmh7e,1?3NdDN wye U67z5] :%v!3jl4VC=~d#~Uі-iB}-tNj4q64Խd`&y?v@aD`roF|EL`oi87GEcH* eeŖo2{zYyy9@‘P82R553ZsYKZ/7.èiNJN'rYAw#rtU{A] s(4xָFKN.g-atl>]Z#"$)xvoLǣQ4m㕫WycԨk[|*t n4:x`6?+qA}_L2/}9t[ed;[p T2&Sp.\A@T*Nt:Apm&ae<h_ת~v,v;v'MMڂyH>!͚6Xn{ahyc,~H U]N H& /򳷷AzRo߳b.̝ixr~Bm !~p։QҬ~@1Cub/i2\p:^$" !fٓ --g~mPӕD$Ss%Xb/{P4MRkV1bX^4!a w>q/:2 '`.J` hu naFlw~~*+3! TJ&h̐=X'7ĶŞ՜O9,"`{gwځ}R#z+<"y8`i}F0 ob~ I ">@J5(b]QQ|m7ܑ3zo{Gfbzw3 ^ĩyg3Al\([iTw+Pgu( ϨVMw~Pzhem|bU|CPQVӗ=K ;m~&[2mv7GvcJz?<:];'KX]  @L !݁t]\@{ǏZ3~`0TgOQiYYy1wn***RRRa?K9VD >ǮTa7Vܧfռ=Fb/˦l![ 7 jR׾]ӌH$24 =Z6Ѧt8NefFM!BEG.7uWj"Rz*j]HnWoŁD қp}sn/dט(_%'=Us|=17rhY+(s^ng|d‹ƌ!^7zf0Fȋ?&QzGrpnGNQH8PTD! wKKJ lvnv))***3(,ݽ{O.Daxqqih4R-++#D1)S+QJ fS)5+oۋ+yDpbag1 ucp]%0ߡɞ=ڧPr ʆ23h$ G_(Jax`߱U]ɕ^ /Eh}(r.1 x^+Oc/9IY*+\X~kQpS0}T{*HQ~´9ۛFRZm3_ `Wa@W2o*(YHQRt6lvثθY`3ËN0u/#?}lW)ʱL[7K2"YaYy!zk,+imըA"O/B󝌼7'{wvvfF %A~t )xx :-tfkw!3 "El!k%'tj 924P!Ƥ۵ksoe{!%eXoL3^mVlVﭔ!'By=NZo+h]es)!ϕ |kF!J-I3Bw|WСCp%W": Gũ]]^d=}} wނMnߤu5+&OJjJ =ݿsV rsv9: b)`@W.t}vb/NFhfdOa ܔH 1']@EEE&TJ:,AܐD4@&- A~p"I<24Di!1bBMP<#ҝujV #$kcbihUar D/+d ljVu) LDjo5kn\5k[ɾʑ8r_y#1hG154/)E/ǖQIdZ*t'\g?át_+ iG]SH] o#;@KKƮЛ . E+^tE 2xNo_l2a7s0%nmfبW~!Lth49fc\ߩ[mѢ „Dʭ˯_K#l@ct(g1"V md^Bp8;NNN6`=l}^zN.al'9i;Nz;`¥ iR$p5DS-ŎkqO>u@Al gM>Apeј$5E<BB4n h=yBn%ʔVĩTGxj\4ƉWNi);Qm.]ZܛW y @ e%\Rks<ĵ)BC4٧Aakߔ1G=pˈ2A̶ B\h\׸$ 0X ܤI?)72 ,q>Bd"БȝK8TD$~D"d]8}!v S䲕 ~ }ae)7M #ŧ!Zo (FH֦g~-CCFP뭐UrZBPr73> kBurKXrZ@##IybE++aKuH)q}蛷>t>{T$8cT;$7U̙ nڴk*Da}f/"R?Y$I#;ȁݲT<թhъ4Ka|'($ QslZy05y]P *˘e KhD|_ kfp#WVh'`]$ e5h`T= 3H#A6F'@5aL83TgB0^҈ `͐f$ng ߴMo}(Jv0v A/~\+Xt!bӅ"XJ?*UN˜pӔ~N:UW ;OM3uEM[Ґet Y!_2/-[}sɷ掅k{Bg" CFijCG ٥3P^UFbN^bE?Ɗޙ<-W9L'>rdtFFS9_e4f8mگ'LZI#ރhICQL:!4f#]ObMYGtұ}smkȼ9fORk6dqF VTޟ6/\S&b5m(P|s{bs$8{1Ct$H#khUjrakɣs YN*KYaTZ \deɭ /i[RZRXn6qjQ+\,e-ˮ=;(DraKg51,@-R|Ue/<4}ŁF Y!)K x߽=4>[7;wY[Q{X (6^nI?z)"c~XUV~ێeypzSDF1.[W5E?ቷl5H;ܔRO+Wodɺ"?fpVT :9uM%с [`aCC*Qk'V*VH_ d"]\'NK|jղY2 '&F)E(Fe8Ml$)bLL^.l9t9[N TMeOWژU%سgoPEfpBSe,TWq88bV81dhu`w8+zZDm@|"yKAdb.Sз(eG޹j 4nY?̤@߾=R6fRV" ~K/}$![spg$e^5ثpƚA׈Qvݖ3Pj5k0ăi+2)&|R=%!K"y9Sh?n[~Mrm `K&mt!}yDjtyyR[~\ŭ߰}bfee)e9Cޙѣk%s}}"N:8 V%pߦMV$(kSAMψΛ$ܶmk }5Zښ4B{>CIk5e˦+V>۹;B-F<ҭOTǮ&9&7@wct(A6qKɵ Bc $@ d\^}!!)*5 G siӂ]9ɔ2![]ӦMӢ N?ՑĈ]S7wu0tfXxeV'x%2STRZY~c q6j2Ipo8?3Ri @O>YZak=.`7%3@8D@Bog. 116:R%lt}]~睏lݲ\,{7f} d*Gt֪UB; ABLZkWqD3Ұ>u@}* ŶȾ}׎Ӣ-1e|oGoϵmԇϏsY%lܐO~i fj9ٲv2R@q'i2 }YҽP(x]ͷTAjMXҜA rNecoTMQD"QG SҏFX7u0 ~%_M`Yfݶ[/о9o~D1T`?.R RjSfMo;3DkVyC".=G1ATiߞ4h63vc7ldUvI\ *^>[{H^!8y`oRz*5 ' D ҙ;)WABJC ؐ.?4ͅӐ&aO”g1PHHw@OJcD'DY,M kF;wziѢ)_jDJjډ?i +YN@: x1r ŎkPpEmӺIV ]  RxBR !g(@\~ A)(@Fm[})" J ͒܅G (?5th~ի[ڵB~B) Bj_ NsψhYR>ȪXxԩm^oVѐ9cǮ̌|25:AKFD?E3Bڽ3оmbڬ9հ( ^kȢgPAmgZH a`>Ȯׄ4[l4e ;A2-x~d28I~xϾeuԀ uwPNފkCs .i}\T겎;vsrLҠCZr3Μ9E~,Du8 w>ѢEاkEW\fB*{q"H^Oka_.bk,K[OЎ>\_,GT yỹN ֐7 ErBEph:Yg(V0Q`Gc ѧp:wnC ϨVOQߴiǶɓ"}wfjF;_< ͔z'Pzйݻ GdAlr]Y`^ u 8kIŷG2y Ʉݤ!^\zB\ ߄hsQ)꫓2zLNCo۶erz%"jڴ Ś7o1 "oB}w2;vl0W>pᲈ/^"zN;wng."dH'^*,, x/?G܊QB>ڻle*Ֆ$t|3ƕK۵k]p N1QNFPH+!f"kVYYnݺ^تyb%i91 n;2=k O9"{En=HMXN N _LXw|L=|z3/"TyQds$\]{w򳟝F$d)%c=1TQ^";X`;)j<{"W_~νD`yx}~U&)p7c !P鄱91B(꫚3E5kܹ=:B wMfm /)3eqRVd3[x7@W_㢛n?UWixFB-[V+KۂIƄ^?_f !s#x<3fv#iCv˙>h 9g͏@յ[<^}- Kof.Z42c82 ֠~j) sRK ViQe?)poiP?umz3.`u+u\Nh \MW!b[2H7`[7*L~;XŮɤ=唣]dϨvfȨQ} |?0;@XwM;IE,Nsbn8+"0'8gy\U1@1d‰ԃfk*Mb]j]hÆ-rhE~SF {͛w6OkhӦURzZHGO?}liE]=v)XFi"cxʼner^ %bU믿q3Ӧ ql#27k${[׫C+LʀC{Ω%Q1fMINʔn̘HFz#xmNddd!pus{p1QZdwߝ[t%ˠE|\t-<Reޛ)~waQ`5 {Af 06+KOYM:*? x ,%(ic' "PY+ig{yGWZ@ aC<jsPN*/HEg{`_,IϿ<}˯OCcvnN Bs"9XA^( 7옻F=?#G1&S8LT&,$[e a>l]q}$=Xa=W^~;ǔDٺeeFyYF;vle{CÑ dq^bN"- eJ@ČGXA/-մG!ޤP71:H턨Ұ(((H?+v'@{H*8]~ZzN Bz"YPץU7K'J@0VCm#ذT꿍ۤ= VYB "Y ^wݏ]rWwb wRW,T=?a KPhb`3R)-h0/:n@68(cHt很עSRF#G] Z;-i%ьqG\qo7}` y}{tEh. jn`Ѻ[DS14ƾtγ/L l޲ˁd)C't?4ZVHbW}e1֘-!QjX;2iTNFg:UoFa몋Lڵc|ܸQe8yТESR\"O|qeߟ=~1eM`u}gK?vFQ:E~mP[,ҀӸak.-jִ+KCS3D$s]*;vZiUW]VZ|OFK.tqqofN256~ɥ:u4r;v^xUdKȇlck֬ n-)LvW ,b[w1Ɋ K7̶p# - IZ~Ap(}| AAק#Qi[FoI?@O%^ϩ![M"HY︶$ޘ(<\Ȋ?13VoS-)k"VW:1K|?<DZycs0 J[ sz@?<*wƬ%Π6f?SCb_*.HYy PQL&$Rr ߜ3|$RP4@: ~w(Ȍ)mժ5x / ԿBtm\T,o`+*vM'ʑKˠ?.2Ah$7 33٧4H{6lH,6nއWulY;|Qe6mioٲۑr[n<\C׃(:hi=߶m[`!\#zUX+JXZpm=7'1g-5l0=-vN.7FB.. &皓>Q]QI pPld<\cxmAg.mCw 0,޽cyƜne?AQCks@#N{k׬1L5 Ј B6[\ޡCu wֱN0eS7Ԝ+RW^:SH~FD`=]C3< @r}s* G;u-4cr_h jºT&m)v8OVVai{1f:ifJ]1U [%ye>!c\1y/1j*G#;3JVkO=$nIoO_|:Jꪫ,BYDӺ⊋ڣ7|AUHAyF{!䇣_֡CR{FmYW|[?pMF[Jz D'^p?Rw;%XXIHr0Z}0}M R6rxj Fc~cP)"f@@b1"P~y.:F Z]cNoqPV3ĶGt_ΰK/> {0`ulON?tapj=,Cl HbnZt'VS=7ݻϘϏ A| `dphg5/0}!oj"hB ڗX)Q5Fuj}+\eOEro3mJ_;G^VdUvݔl>ŽexQG `ٸqcމ}䤆?B]m53UT^ 7\S4un#f';wviK܊w6ct_DW[f5O>zC3_#%Ư"gaP<]׷ 4m/,1bP3"]XKB $먁9jS }yS.jAdaU\Wu9h X2Oz󅇠Ϋ/5]:lpy;i=bx ܑ ڙ7۽(.h݆gX kZ0j.o z摗RE 9TVsoUVM,g7 cL>vY$$հ<\x\uX=T6&m:3xM>GUt"Zz O=l  D@ #bd qL%;\ʞtRM,7z% $yˣ?IDAT 8O'I/u28ꓨ h'D:F=cuڀ19;Ő";ͼ]Ze_BI' js^tŝM{ Sg>smN >opes(t30kf"H #N@B%y{FVפzVMȠj"*S=SS-GU rkۦQKo}&:M$UgzV!5y-r۶nIe*a{.䗿vY}(| E?= 6:a&|*F-+ YFNN4ݴiK@Y r>uzO4lX7%]#hi`G[%U ʴDBJ_B*3yر ^{mm¿7-TRzi{@ʌ9v0QȌ6<~doi`q'Oye $T o~ 0rg6幦s)SPBۙk'G,[nݲ-آedoJr.ɺ1ӇF5q4tfvm#p)ߖ2id%rPǎ O|9g4k.6I6xuXb٬mp3Rԭ|??3#憬f2!DAfqd4v]{v?omۄ mv4f- 3a;Ey J' ;˫ ` {Y'/3+s |źV|n%#~fNj'K9z^ş5\i3J|B^7T¢EO>lC+ W6k}BO[@>cu4+e̝;/2{ȸqct u-2Xc˩AnXdT%NH ѱb㛷 : 9߇]{%:~Sj+5~(mmƯzֶHpܖ}_R 0wMЫ{-cʄjWDiہ'"o `h9 6g=}!~.ITe%J^~̉'e<;߳~ώ\zE{u}wrǟn߾ަM&!>^ڱ/"%#W3 .eLq_+W~RީIV^^\<5&O>Q۷wuoa{A?"D.|6C˻u;ֱJ횾v{lk"BzC~[l KWq6Vg4clPvˠDjUrNn IՌ 9tAh)TeH&AAP5*ͩ+{6i0o6R9}uS;w sv4k݂T^ G CjnM+񯳗/2-.h.(h[i6Ns'.bw}?D[lQz)c@MsCx2>â \xBtTB˾DŽ2"$pSVN;YW krRж,6_g~-elzhDž?ߋ; iѥ:3nvIjofa`g%N<{050n^WFxP`{xʇq.<ܧڮ Szvد}AΩ~ss(m6U;?\D*3 `18eVL5`tIqM)d,e@jtvm']MplbO9l`(G`-t eQ={vO49f MCÜkG9 ~èkRtLXVw!dD=S6JOet%vIlAxZbPΝ |K" tйQ*,l6rC X"t1S;Ϳjcm\2}ۮ|bՅF+;c^gk<׊oeI+&No2g#@Suc8e:J!)kԭy/毕H|¾F~]:jZgdDK/S[IJ ̛n87!]q Ŝ=sѶY:zB5vu7F0ATV,4{05aFr3#SߛFUjՐ|39J;̊I)I d7cNQOZmSl #Y]v$938LO> w܉G?sM^)u߲r2RNF@%>As!jN ĵGە[ u̕ .1mG%oklR.~B>@v`Y_CjYF+sU[36&Q *nߔĖdϺ$B( =DF6ji4$ULiM3huk` |X֬K+qJ3Z@"a~^3h֍MΊ`~YSx"{@߮rz."\ BO?M8sFLq% E!"} gPzͥI{^=xauK-&3؆i#({$oI+[/{q?g$rgWVڷ>|5o5dvoNN:,Y*//qZlio}7hP5Gϟӟsw3"6nذ!ĪZV^PjA"X~ #$8YtdWV_m-WK>Z_+\&[@钌bcq faA$/qݻtUr4nMk4hоYgMp/}[wvԢ1mM*M[X"?CǏnF*5/ XUvFU Vxׇ°zp`UĆK6O}I*ő;sJΖ\/J$IuMX{ak5Zי}9rΝ?N H¹Ino Rr_rhs?)~ /ZƜ9"^{cޯ~޽{ƅwwޙxd-Y<,:1vމNwܲW[!^wٮD[F52oѢEpKd%e8"XbeP?[s,Y/}s{X {*j$&(EʈDX+oeu܁(w k3g~-Ǖ:O [iݺ5bAnK8Bʯ5RC,Ѳe+^`?l̘ m޼iC?~~Xrn+'///C  "au_yuyJPOi~x8 *jY+VW?fl̈ؽ _r4h빵YD!@~/zM?* ʊ`G)(Z )W%6ŋWK1f[37Gogߞr ko?>{ފhdw$ޤ|lCYYG{?=@P%C &ǼԠANz+/͔KL ]0PT;Ѐ}: „E%2]tNmݓ90RW^\rSxǞԉ~uK= >}VV\0SeW?,+}r-A.GBo vV NnLG<10(o=qq#*'mwҙiWeJ^O9fXń b߿JEL4]_q7*xN|g@o9 UAߊ}ګ# kE>=t/p75p24ЦU`EJsaCA]@ 4iuYOD5ݯ[bJKz~S H@t [7p9OXFq&_8Q`3}[X+\^W93KWQ O{.㜪C$YGzG5&8sw?4L2]жAxƌ#ѣGC@Rb5Ғ^zyL]ӕPG~8݄ K'c8:O:'#Vj!7h\A8v x񬾴}.Dž_ús~Fg]fs:Ί`,!{ KrNw@ڃ|SJ@n IlL';uO {+WΞ4S(I$S㙝`G!JxPܰq+ۄIHq,շoWp rp(pᆫڵkkV~.g j6 i)Eq2BzCLH/]vW;Ѡd5$a0N .1^8oXTphFMLٟ<߬/݄ `^]&F|om_{rie9`l+JtpcKNz94y559#?BfQ*3Jm@pk0 (\IDyB խ*`*0ﺴt{"#9;w CMZlWymjm!&4˄Ym~ڷ[& ږ=Ei-7FeG^3: PƖD){/YMji:[ZQM>byLoDv.p9?.joGD`lP* ,8mFIV]*@u,Y!8iҬ%h1.~)_ B8%SGF2B.AR `$2𙞛 = WuyZ3P2YaVcZ~/Lq1P7H8nc,!rfzw=QU-Pn{zF]T?>W5O=ײVgp!VhXJԸqje:kdkUm>D{^z/rM˭AB7J뺆$*FMh(ﶍۊ|rv/Toh]ޙ|< g'mhy²zf|U2@`%~ߛK\~+;xC"ܤo eXP><ɋ@z,Vkp:ƫBA  `q 1y#tM4i'bZ ($..+ VdF~[f"h2yHET(\.ѤF@'V>B-Phĥal%OW,dokƔ%XeJYW~*Ps׮˯׺yQ Yݩ][YYt_ݭKu>uRJ[+Ӟ(xo`CY&爵*e,\v&k:?y [^\|Yuv4_$t+~۳/\&+۳c~&B`E6V-X_4?2x`Ј£zI!d{A!KV?dI~n*ܪ ]mh |/.#oPتEyqb4MQaOaEzwڹes֫ys !((>2 BQkhgt>cuƎ:mgX[Q >J !&q__Ks]gs{^{}NXI{Q߭wl`侇k>vO]xTvaygk^޳gGv=/]33xpup^=o|kvYrXKѻ2ëh0Zav j}H*|ːMS6nYhVpHwXa@n,a&ϳu7\Ox24S|A9-׵M"ln)ЦKjx󦭃_qNۘ"I)[}?o~!O՟h-1E&ZflB&Gjy9}S{6nY,c_`Ngg\f,]`9gAj]s0R[9G^iࡇR lۏ>ophx6Nu}-o}<8#lf͞9e|il 6$p8Ɛ rC[N4D^DK$t B2(B ŗY +.BA!}E"q51b dB_[(2qHՍ[˯Gvկ9 _ L5`xW E[C0{W\8uVn\~U׽2} Q4FK!Y-@mzkY4{Mézϼ{ǵ(-7@ [j@/΁BD[^hxyO 7lں}߻_g^>^no5s/^`  qv@aҽK,?x¬[з`֝3s4YB9"(8wc2u#N% [֊B)jԧH3/׉+Əs<a0DIf%cŕ{<M5弚8wX-7i=+kK)ZzOXJt(6&nԧ37@㻰EǑpں. E5SYZZ|2mi|垞 #$l[Iˠm/)H~ B~E7i\0Ł+k-8SdwzBsA{<#c>d 7 b}<ᄕ.e:bj| .Z\ɥʯ8B !4/C@p" KP8o=e6''޴fJ~Ű7kޚ_Xį/oKhccN^os=1郈Doآ /_zlsO$^(^9kՔ)s,hϦi}P3fûv} q{3~콫h Mޖ1q6S,O-OVlQ>>V\i9"4Si0Eb{YP|pË-qժ3N?}G~l)|1]`ފOf)*4*Nk#p[)MHac. :rKDי/q,___W-Nn1W{x2玖[B\Y7H̍|Goe|ﳒ'+ݶ.#߹o\y;I:Tۛٞ2# W* lϏ2e婬c7fs]Zmx0naF$aDiLt˸¬x/M>#A+;̣ja⽝ή|OC:mr zR(m4x A'Ch?]^-]|'e8od1U85z-9]ޮ施l Bȷ l~0Q*HA0ud֮X2 MrQ͡Zng̸Ycqyϓ^-6~ ǵ;_l=߽>ˏ_WJyúBr ς瞎^E,x {s}HwmVB<:?n߾cpq{2fPǒ4M6Jfbn+MWxQ֕ O@w/#{ DF[;r_eqH#yd9` 7}ܹk M"rHGU[COno f&bX2{UevԜ Hcc3>LJ_b`s;6#Amfdw}}Ҵ :t} ]n|Z[m˃c+raǓe9ihQ3 2,c(*2ǪKXޛ! )N ¿{z%QO&xHUuHAd>G%{ECVF%]Wݝ Z"@@V6eb|U:w@g}3N~Yj˭gN߼rsx"7T?sb(YByx1":?D\<,5eD,O'](0!YMˉl\+걸T QR g X;axߺ>߸ɡ?@@{!r7.P'27 7C, zlL?6|.Z>ׇ0a| ~TX?Gv;TƴO0G50 PV/h-6`vpBM*6/>.M |fW`v).g{`ah}{Iu(CBBk /^߃n+7e{+޲libo#hO~,x^8cڄK8L^!2f+g); B5uȲ Ex-: 8ݙfqTU隫mݻko窫ny߄nBjVO^"_vOE?Gbs3,)eȃmfޱًe?,0r(@#WKsE pl xK%࿦eg~ !p>B`M߆.6P|m&عt!;%!Mz+jWPlw}t ,T9˥\0e=(% 1r; i CXdWuEOY׺~OЦm+HB+vu2C -2쟆R2et.3n鶑n[)%6}]yqCmWz 3ae;DK|a*z)aQMyc cOְ.ײΝof;0,_k0|*9_D+Jm oHXAω ?~gگ@,ˤ%!@8]A`VTg\7ܦiFf;=#gW"ys§[A;pOCM}RHXC}$q|RLPOue;>oٺ.l ?ҥ|e/=|Bw|6GBo޼促dHπv;ZB "ucvKul^~j aK5-Snü|#v;v3yi:0q94&nxP 5 &f1 xGVH%!pP` +4!&0z=XmK_c.fkS?|AU6Cw >Bs8xP##'-F8)oZ |bt}&1EOy,3݇.)17mͪx[cR|C ]jF:o!xsQ|;}_2c㓰S2OZتTc^{OUJkӇl 8V p/ӇhR2?i. x ԶzBi*'m9fLǪ l-a-),@ljlXV1[8b8i/}Zס{O^W áwRƔx۶mh[I  ZB6HzZ^GdźُgYi&c;#pJӭβ}qļ[qm JJ7Y8\~.8oEUdh^>8_ Z=*0= ԓ?ww6|⑑_@og[Wu |),6w>1+L&`MV[vᨲV!`/Sz}Ua`FC's p%ޡ|7K&$5׏U)H414\H݊cН6 (cN`V$~\47fb ?46&M^! >.j F߾IO/+ -Pl@2yMX,Y敨7M"%2ki IW2.9F} XNJ7o``xywö`B }e`v] !"9,v8VG}Yb!>KDɄ?_ol0o ~(g5U9Tz={|Q޶N5s0=AQwwXU 0u>"ؕ5r u8Y"#ym7n!Кi(Pn`{ o(%7&u!na+X(U# ^fڿȞx)B#@sp8F1Z EBc&DT[ɂ4[<v?qڌ϶^7h2a&f0~_3 Vjo1U(@`hUXn}}Ӌzp1A,H78iDş g/( 8xxoY&sY{We7/`x4,1WT!}G23p Q\Sլy `ZA]n$-^NA2a]KIC鴫4U&hl~ R&:dMV6X*8rݼo_z"ꭄҍ'O=e:>LTkLûf7:t]dBP.-_B8s36WC&82Xt¡\6%^~ Jt~` ^ ]qYMaZfM^ߊm ^v8]5,`- -7FWmz:z-3qM?nf.csc$Za6XDϭ]6KuE47K$@2j}+/C\P Hq;Z_]'M7 ZLC@ ˎjT?z|~ÓCݙZƏ!S&ﯤ ѩ7A8R 0`_^}knB5' tpszV͚@ > CstPd{O@/Aȗ;i @)bR9U91b6d̰3zq;Dh 3 ɯ1> ?zi^G}C"I3AyD`"Rh3Ι1e X@"pAwi9y2)H&0xAC.GN$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$.)H')IENDB`xca-RELEASE.2.5.0/img/xca-icons.iconset/icon_32x32.png000066400000000000000000000024461450407711300217620ustar00rootroot00000000000000PNG  IHDR szzsRGBDeXIfMM*i  bIDATX Umh[U~Wd7muYvUQE넉cLYc˚( [AβZc lce*1 St.sik{ZՖU)yɹ9yP"E /_VJCE7Œ`FdY }@lES5\7.VsT; TV{>yŚy+ry{)c*Ӡ^?M %kB P#L:ڴٳk[˴uOU! mbhcXf3rwkSoOx Gc\ge R.rZ':6t-7Ǧ|hA+p{~Au˩0>>eh4?bk/!t5;7΅d1/5'+#{Wo ߁w&yMJeYs(JvmU~SޑZ,;:McstOW #-.|ɴ+ Vc㵜tׄBW;.o(dW'4 $v( &'Db)H2!#\ ΄`ǎD`081U!%4>٠$5H4n~{p6,2}y8~Ə1; &ߪ{l+U(ʹ>fM&ScdH` aCؗ&'XdV@xpK ݱl_ }se%Et6 KkM80,8Kϣ0S}۬ 7918J.t=nu9]Dv|3/J"EAݵYIENDB`xca-RELEASE.2.5.0/img/xca-icons.iconset/icon_48x48.png000066400000000000000000000053471450407711300220030ustar00rootroot00000000000000PNG  IHDR00WiCCPICC Profile(}KQ?GC EA-Z d46-S Z4(8# ڴZZi][m(h?k2LhE=s?TeER?Yp`^ĪN&?6olrUS+x_w&1ΚhդSQ[b^,_,hec}RY"6Ya\`;\֞27 !8f,j( )U>VukZQ.|qE`h`~Uw^okb|hkK^_&$;.^N w .V!Gd#sh 04;kN:Q\#W#ˇ5_#Fwb(bKGD pHYs  tIME 'IDAThkUysݙٝk^uk[~P* A)Q A)TQӀ $Ri)r+voٙݙy罞P P~ ߗ7oޜА%"UEXݢ#E&3o(;ЛPKK$$\0Ir].\:#@@-E㙦ób=G*11.ZϣgcU6mYs:DD dt}ZB.{1dUSXpyk@ XWDx(b5,FƸqݜ= {cc|<sDġ ` ,h%s\\vGh!zDg~kW[C#Ʈ}ژt:s(v Exv3yPi|>OJNVW(Q5*&Z PjEhn=ﭷO(qKݶ"А:2v: sX`"#000,)"D*x~9Jxpg29k$YihhtB+΃do{2pKB>CȪ oJJpIGMMr˖bt BxSϟoVm}mcqN=4ɐ$]tvvڦiS&eh_L8m ""۶i i *#j>uZ!(cUy.dEkP1 6]EP(3Uv(V/ YraUihNaY)TYFd,9)/X0a>ȳqm n֟c ., \ I $AV$ $n#ːY\fCBW/YQ\+Xp$Mb<ӯF1kV+f;4{v388  $Qk/Ho#2( @p]y/Ө`P%McDEQSU}M~: |zn]3)UdD|Y%$0&A*'ɏdI@R`@Qb~I01?Xt.iKSF]ʅ/'g39} f]/UΘ/(~18 p-@\ "3%L&{{.iN}@+m";L΋_ᅂ4 ùwX9]x _|]L (ro|}28F 1!:`{Z<7Ejt\8 g m|CV)+ @a0žYm+Yh0 \~cM Z|Vş !q*Qݗ6afBL2eʔ)S-DIENDB`xca-RELEASE.2.5.0/img/xca-icons.iconset/icon_512x512.png000066400000000000000000002734001450407711300221300ustar00rootroot00000000000000PNG  IHDRxiCCPICC Profile(}KQ?GC EA-Z d46-S Z4(8# ڴZZi][m(h?k2LhE=s?TeER?Yp`^ĪN&?6olrUS+x_w&1ΚhդSQ[b^,_,hec}RY"6Ya\`;\֞27 !8f,j( )U>VukZQ.|qE`h`~Uw^okb|hkK^_&$;.^N w .V!Gd#sh 04;kN:Q\#W#ˇ5_#Fwb(8eXIfMM*i(0@IDATx nSsg3kI$C"C%4PS3TJE)4T*iP T* ȗdH;g~߳:u]\9ϻggwQT@Ł*T8Pq@Ł*T8Pq@Ł*T8Pq@Ł*T8Pq@Ł*T8Pq@Ł*T8Pq@Ł*T8Pq@Ł*T8Pq@Ł*T8Pq@Ł*T8Pq@Ł*T8Pq@Ł*T8Pq@Ł*T8Pq@Ł*Txd=2 @Ł*<"(g$9.*@ŁP<x: /\*DrRHnWeU8PqWB7:eU U+f݀@`T 𪸊*W[ }&ykwn{L[o _S\6\u"8׊f2+Jr K='U*Tq@=w4+{@_ދWHNA@jh7_ce~ـ1ŪSm Xύ["r*YѪ8Pq(O +}NX^%"KJ&.4tZ1 frbR`*nE@Ł/ (YS軂Sf]zMkqN/P.+yTBU48(Dq% 6X};|[>c $Zlj++*T88/rwwـS׭1m=kV+?!}O~O 5V+3*MW P XʹC;8Ƣz6!;~ y`PY`8Pq@Ł9UPT ?gx瞷Ͷ3wZz4\#~zQ5EF# Z- 4Muls. |h8/LTF=$!\z9=3lxm]WP6Pw߬bu_Wwv@ʭb(r0 ƳfϯOP<]&N2eOӛ-@mŵ>? p$0^SZr*<}8^t }yȁ}mxfgnpx[[니WZ}n9.cpj<܍'٥"P aޮNdieKQeqtɭta>@'08M5FR?,:Uy}O/?= rMjS~Uu@n}`vxm>ϙqɷ1Ƞz\:pG W:ʗ\)L)޻8492;8=uԢ7[@Qt=D$"9 ?vP S"_~n{D3xs`@`7O+kxR}ݵk֔Uʧuҥ}WשT2uu9+ yG\ 4 _ ~GfCkLqƸ'&T@ŁcƱ= X xV |Ԗbva\I3n뭬³Y=F3\rIK<+7^ߙ! ~dO1ZaNM rKlQtd 9 "士(Wik.%h< կ8x<1]=N*871Qxjd>f'gDN6ھ6lz (g7V=08K/{I-p#p+p( g_H%5>QkKfa>#?FF8y#F<8 9[y*T*]r{``u^S׆ۋ^-"piu>"|Y,>J<|O=y^wW;oQ\{2#D:0x;oiB2K4rn!jՉA[6I]o寮'V⸘f"N ďokfxxZD3jrMD"9:\ՔW_뽧3>_aչ50L4%.wtpvUӻ=X9 G 0pIqWMrNxG@ {Zr10 pXд)s>alҪ\s[mIc"#6$e~ O\9/`ĔDb;{3?/׃f\kQVay`7~;h|wKKeO PP ˜"?ht;nD>}9D/y緿/Ÿ;{(ocʮ)^P@EB~~:]Na9 )/^@㷿Kз|²ӯ&`d0Qe>꿫haFcQ' 5ZF,'B hyX5e%@*%,~o5/Vj)*ȂɟH@A.3VD)6 5շ2?DqSFG_u'FD@`;+I]r] ,ԥ\2~\cv玃O?YT͎J`D9w`ŏ}Ÿ)HpNG|d I0|沞9 `+8w1f/J?yMm|Ow혣_gۉz|…Kq򕋮(N:s k0TX\M(*Rp_C`__(8^U ["h* lk] lt8s27b`|yJm,>U#Zq&㍔u^= L~F|#!i[H6sGByVCp%/9kxQ\wMf!8 eOiYnCr)yY38T{*/f/ʬ' rA}r+z7ְoJ,4\Slp[*[,wbdNG7Ҍ`,9V?ǵff#&~[<|h]2uBpk1+琊~2t$<954Ή!no`# a-s  qE{wwViìҥq&As:RuU  Qo-;COUl+?fb0rVG~Zk]Xȫˡ5W{x1TL*]"pwߋ57!EL.4FWcAR*tRB6jB~" v>鮻PlᄓQz+F/}]+B;o>U|WC htPvҺȿF,)/Zj`6@b{6"ӲSgY<*-W9j}xX_Ep`. v9 ߜP\p18oh=}ohsr?wžo8E^t߁LEw_tNPGXhQ\!YJ@ngLS &'UeVxk94k[8P݌]1 ;T]>Ug˹;qX.](aB2Ťhʃ~dd %( 9WByse*o v_}lgِ'͍N?zT#0)2iַ(F yFǺ{k3 4A5;^ҵ:Ye=q7~7k~ BL`yփ7^?~u}NzmlҲ ˳o_ו[I;r9=v]gyX7Upss/+{)'O.vCS((# s*avdUˍ&8 };0,ZP0\k_ XP{0W d_mm:w5&Zj-ǽlZ,35֜9oUw!Zo(it`z5&fq\ZP'\?CCn=a⨠N%=l˙̤̋Gm/͏X峢G /Q EB>]0A :[7o:@2g t~]s ?V&~.Poy7/1VKQKl^[Hhx34 [q suE8Uڊ9pNJi9=j~wUI'Ļ̝[lbO5X+c@Q6❵C `d9C/qxl |XEbQg]mϥ p\3|_x:5ryg~nO尗NIkK 2{„ |;^dcpmmkz'c`e\OW޷UľFyA(쇆Jn-yHcCD 2_aOZ(f0,G-͞я~ZώgQ_q4Ÿg]@gʧYE'*V%9]?LAp2!y +n ՕA7KVR#L;'Rp=*w/+\e>u׿4]w |fgWqi5<| Gv Kx>WԒlVޗ=v qur" `-3>tvuuU OW3gEd-ĩS'M*`ÀQ:߭}I'pb+;ńۡ2R ~iX6Yv N.!~*`\Q3IN8urAf9J(!d KEDhkA^굈m71ٴ(nQ,u' ,(2sax[6p SG\3}!<ӿqP5+3iK6ruQ>W9ֹXp p/DL'"3 ,O*#.m˱j=ۿIz,qͬp< V2pL<ȳ{k=vgGxPPi=Sϼ+~zv;Es!rB<^D\ w Z|L0O xi&@VX,ݢڧ)CȍrEL*]Tt}۾zเ8 Nj-ea Jq{~;vk5'_ӎ[ӓdVl)Ccvjvd-a 󘋧P ƥ̐-D\#U }CZLB1HD~Hӓs.x-m\,Xk^)dU 8Ǡ4JC>Hmæ y3KV/F`O.5mW_#5+oK4# ?DBUW{rWN{97x9:FΌrsy[el\("==8Yy ,'W|CKv~:;^|*qw hìß/Ϝ9S{N1mʔxн9}< ~ Ł_G;bOYēQj*VL8 HL" 윋̮36C{ÁwTx$Ӽ? Lc`}`C`=~>فQnOcx6Ġυa5~?_79#aNs.6)"vRc}jQ+9@ +s*ȚZ 2j2 V Xpqz7qye2#£K2 |/YxtMР7WM2_`.@8SV~BDrLm4nxm\UVW_5ܲ8 ~x[Ζz#@V|/VR%"/&m!pp|*s0c18/ҏj' 'b?m\,c:"QpyQYO}pU,k)l /fܪa;ܲ a ,׸!l5ހ,“A:3Ӹ6+ yGyQ8Ò v> .8QeFuO%7nOA3@>?DbBd%0/ɹ*r *toqglqq!薖"Mcl9s9R v0 V-Δ 41K35y` [ 4Ö:iv9Ux7~N5Ozgq]mb,}E7+ٜB1Zv"b>D%Bp WX[sT8'z5!#i䪂NsT`K`-` `"#<ŏ?}N(ojm?cZN(9,8҂?#qXAK{k+; \UlP hb؛B>ٯV|u&|;{t!W /GamAh?ԄQ W ob p}׏#i9:˴x`؍txn(3*@Bt0~d[<*X%,qַN'[M89r@CIVȁSHUY\n̯#4tGn#Y R@; ø.? 36m Mqtx_c^6H1 TS[C@ D#|Zn >[o]vy6 -Y j,Y-&EKfaPw0(N*StS[ "g -s~Y>]塷=:N>y ܂F63\Gr .GbC1լ+Mi79cK)!KȯG&H9' ǥ,9=]SM @Ԃ&Bp((zH##9 fko\s4VcGܹ֜I.D AcߟOf^16PqzvcjC:%Uةн>(7޷Jv<<:ܡz 3|'xQml+trRuܹ:{Y PFB1su%K"]BnpB(5n适*<|*;@M`jz p`s] hz (s+2 3,/9ٿ<\FnV [[:yv1Y~GԷvF}ΜË57dήCha^›rCnWP>Ų/tj2:710IcGn5y%4!g'J46Hi'F4.|⧸DQ]wq}P]}}P> xR!nܐw!P4o ~byu{>OAM9xڦ"CKKA֍>@ot-7"hw8j 9䌁xQl)ꇵ3 ti<&d'β\` &\&&/ySvws@(x3j ȵr%ו[9ڮ@V{XTW pfD388,veII%LiTFb4~9mPQx?T g2/K~(sml W E^^5xZ b$M Ol\}[?4%K ΡFk_Э1x}̟QSL^h&\)bϖ7PX>QܹfΝ;b0wE>n\wm!owu!ZFy}-ui}^̙ܵ߁r i6iٟ6v/]]Nw³5;N4a2^kWN3guW뮿kvY]l1˽|/ߵ%ÑFWwz#jCXEwq.ݎ==Q%Kx'HZ#輚f,0 {T?HwY2ia2S ?KgMen|HǽM8?\îYֵnY~7\%Q[| }K7h[ï1 p3V o#$ 4?yO1 j!qo3z.m"iNϤ?| |y$ܓn,W⡋.<p~|8kum\@d#|MvrTu_zV#fq(RmEG}_<=F?6cD>np|HC!瓣Ûn<_Xv,f!O+C[5D4 :z4x?O N*yuWmҺgqLmm?\_s܊B0QK9EN l`P h_ximҥ(M>]%~X9iyYbn )u"P(pa(OkNo6[N?=GPԘ a( Mh Jũ"+qu>d[tuЀ,H .1)LRLv0Rq^]$6XoܹoE0DOhtV#ǷF=;J!&ժpxƯp6NW au,4$k!o:ĕPR*1FRoD_r၅QquшԴe֬$⪫~Ωq3+݀#gk mLTwG0qJ$lx&hP?o>q^Kԇk|┫*5C<kL4X~L!l12bGZmC?|}c2lu%?SFa*,$ jM;\bOuweءw]j_YL^o^6 @3ӛcptFvp63IiqLƔ=~G ؎?h~6~!@9Ifha5-< n':3f=w\DWYy+~e_ [,9)]i9)~R؛MD[ F^`-K*ȁh m&OZ?#'3䗍F ёOrbA/>h-E@7ZR9g9)7U ok '5AE5^8Rbm* ANqWJI,'~\ی.ʾ1ƾYq@zRΏو"`q/e|jN,љjgx[;bosne@ lp2`_aĝ<ؒajes #4Ǐ,Mtu9?dc5\j (akayoRF˰ay L1LrТy LNJ9LS XQu*md9|)׈?ǭqWw+&N+ϜKL>VD7THJ<)z {YrL$*eJVӈVI/eMIOf,@82c?}VV-#(嘧s7]} 3 =!jm#iP@} ߷}mOAVe g/G0Č`DgxEx!O\}^ċHz+cK7 "1a.0C]M>E1hT<-8/y&ۀuH>075—wU?$:uteQW.( 1c02h\1 '#+x6ÕL\=( !>Vv+XWJӦ{~ Ud)2snfE9Z(dr l) 8?$ i8h ׅ|- Eo8'_ D+oԭ-/MdabSLWP*uf6.epAp藎M6oNO=Ѳƒ Ys"MR )tٙ%|sHwG'ڷ7vW"xهўE0݈~ ֨CV:iUL@IDATٽYR` ?cŸ^vZb?|^ߍ2! n+ٓ/V/ӸX _@`n8P:FA2(bbO7Z~3+rHqS!v$Lm9lJV*|8{H"10 :|qo-?+x1/!h]L1F'Nι',iV%^ۛ.Z6o,@j%mF$MIS"y%u|Aʂj[m%qxzLGs ()-ML Z6NTB9RP@&1Ƣ'FH)A~mQF4yy; @r׷ۘgD ˆqd8.˨e8E̻ F) 0'BuS=5NCA [_vkWy–sZ*/*" _ƓIǯك.z|f}Х(\7.{>98Tj`:a潙j(}XH6(ӉP+|GV(4۱`N1?O;*cxhtix88_3,>w>1̚M C_X;jeb5dM~:qbO3Hj [ݭz*\-SjbO`xÝȧ,} >4#Mm ;]6gdyX+1iIbvT|‡*"e QƯ܂w8|­<ߣqgѰk@b.'AP:(' x&AKz9,zrBK]\'Aó,1vSoL&khOfFYEBP4~vٿ3B);(S4PY(拲4e=MD=yܯXL[P1ɣL\uP:q5`LC9tq8,#}_ԡc7 e*@-E?= ;|DR]1r>r_Lӻi*`qjB|t/qE nr5s42&rK)=C$ڙ$$yL Ey9U^%Û?6),hrlB! 2_r 'HmWϺȭNTC>Ьu|Rƞh*qxoA?W#sCً_p?GK!NT{չϷVOb8V5{##)VmxBؽq`W+F5g>rp/g@o{愣JkB|`-VZ,x(zmb;7S3bv]ڔ){ ztjMZ.Z^I@yO*ߞZmK%=M%:~y9ttn|=?rg| >Nx.o ;f mk N1t+$*|."F\Y~_Zp4iE p7: WWi]Iy ezbv&DT x yn/AڃݲR sϿkӦI(el6Ts-ݝCo}9fpLJ¨Oc#~z e+LX{Cv|[?y v6Ѵ92Ayj $30$'?N p::mE7u+0Z 4~FeLnaFm< 9!Z1wTjZfpSvv"P1KSP<dP•ފ(qN'0KKC M f^T< W4ISrؒ\R[dIJ}`8ն2)9YXה/eNyS5MH. zRVP;'dٮ6/^:g~LtMi(d%| 4 r^YR5/ߑ#|⢼g ^q߻po͵I% |  q&gYBw5x6Bx6V*g@uw9\7;BqYώ D)w.'%X%`?=X`rdϳr[KtN:_*ij=#roy>vAghxp#"$GD6?1M_ˁ?l8ʗ{๡;e-ohoی &! d1j}>h JQL2q=LbB~@4WRL5 hYQL ;+qwn{+vX UUp"`BCu̬ NjpWS{' ~8U*-5)qQiF./`W@V2?-)J?r;nMӟ_<L`LyŕgVWWAI (AW+B`*ߺ[AGWUkրщ5ōTH34,";8rڪZ&ju޲2&9eM+jSdg⸱iw//b]u^qu1=I#?H܀"aY#p˪|5x#}PSU#;b!>~,ELai*`QF|{'oShLqnJ{ j#PA܈f̟ `(j휎7>ןoxm 7Qӊ/1 >WtDOS8r66^묊s?Gڈ#[9tүϏ|ssb^XґD9d,B̨ KӢ1j)ehwM3xp^R%MIVY0-)H;5oz.&g9z[\\OQGޯQþx;;鬹SR07<g.pnH 9^}N?G7A/X{%텻3"?XQЧl/|?pa>J@vgI'q\|X+q}'t?x?ouz!ptNe90A6po?9R38nIltv@ `9ġP24G}$@ "<J{h:ti!1(Yǂ("{Nz9X\fг 9*c Di79R*M)#%G> gTht݄~ <Mz-qISD²ۡ~ "2o ')p #_W'xsBc\c3.q$X!#f|J6_8_k3|S :&$y5loUnQƳ mI03^J]+; @$gwaAAu B~w"+eyVDO~F3+re,cܸ v#^y v>2 PCW:)z1W^|?U/)>C== X姴͉$#qv&;{$K\%ozܹ '5+1s&' iŽIڬq),qZML_gh}wwq;/`/}'oTH[|ERt @ JPY(R fZ<}FL6H ETP"+n"$]Fzm2Z\ʙ.XѺa^LDߠW'5놻yMy*..Fۨ)Á39}[4¿$#Eé kv8b>u쭍Mei^2h2yվ+.YsQ-]o@m.X qa!Pł|MAX 3TAWn(&M9 PJQmv^}GXFFT.6`|?3elYxh86'Q&YYzrc^qJ]XƂmQհhTঞ$!L0ߖ|@2 ٟLĕ(G{b X|o+ HCnѾ`E/Jes ~jB,ϸQY`^͜)Lېi _ңۮ |F8k`ъg?N~[ne"^6݀D<%]VmlIX<Amg}::i|Wfa* 㻕 d j^ycO6v>xTOTSJr2=AVT@+|h8+sH.ϙJCh0o 9@ 2 LJ:7Ar^Y%L$e8e4aKT%gq뮻-&/n82\8(D;&hZkUHFigp ޞtW{kΜxo3oJ/w=?^Ѷ'Qǥjé^0m$6/P6 T?j6>'!&Q~EtJTiI>L'9K$,'O/S Z)<|s2,{tAgoS9kjwC.l92?=\GɇOyv>Qqd7%n\ʣcNJ=Pk陎 勯 QӑA]㖠_7c w5чo:36!w1+z߿叏N(eY< KȗtՈK/q 2ݼ 'Bx_?Y:,׺KOp Q'16W;6[ *>:3S'5]PDo27|[MN>Cއqc3fw(6Is£: QOW)rdЌxFw(=oh1[*svu&/hmUОm~I8˂Y2q+A,> h\l3xЦ)aL4~ s;H Z ҃@ * ;3QW0O7/T[tM7DIuO4H]ⳟs{?-.Cs8y'x8qgV(_e\s]yO8믿["(10ۛF*dg=Ki9ch=R rXDRlx'ϟ2瞛\TpolVۜGu;߸4ibSX^Ѷ/:~f\un{V[mHp#}q"xu* {4aw x>b{=W׶'f8;(N8s^?|IY| %|fٝX83*e`_\ǜOۺq?M~`G\^S[o$--}`)iϪE{˝fX4),էj/8zz'-`剁dp1<*8mZ&JcuX,n3W-\tЃ,mAF 7׷[ kE+Ih1v HeH+/q>iH JC$/K2mɒ"uZ+ mB8 Mc ΰ~Kw;Ywއ'O^v)!|3=S<%Fq?]= ~3pu#\%Z3\ ^kh_Я8 _)?JLrNjh[{cz֨وWOz2aP?3/:gr[\xrA+pp!'u$?߇ʊ@s 6y;5W߼ PF04exE>kZ6<ǩXn)L 2Lz -!ŧ8DOzȫ@$B } b[I(ɗ~kʙ$(3j3,f3~UW]i}?mf sd>,S5)hxK.8 o y~)-Èfg\@Kr*qRh-5ͦ85sQ qZq?8it9o_/J87E2qi+s5X &*jCȘ.WV)OzjYEke<ۡ=! 4kHf"17Mx!#,1 \Gmk !itbh.fQݡCoh,ze;opNd^'NM!j:>eVez)̰kxTzW_8믿x,u"u2t",K',ڎ-|c:|l-*?DmQ 7MɚSbN"?QJ^ 5xTxvf2ʀFZ蠭Gߟe?pg[k4hF9PylV4ZRA#D76ݴo'^'{H(f|ddG`<J< :a#Kb2ͮ:tgN[j|D+iXɣ#JhYKGx ʗf{CPj d fȬUF#3VdDh4~^T4d藱|We_O6ʞGz᧫۵oڳl| F#G~9Wikft)+^Z&* 5xw밶@/pf6,k'=vDn ߨAq%a:h`yoVy#,}y/Pw_h#wV~Yt$߬«9-<[駟 tmɓ7߭:?b ףJ[{QSƴbH w؀pjϊa謳8#(#HP:7|?[ :b!MђL{dinT |nW}v?1#;3z5~Á " FQQg%6-;T >{)_だD0f ^jhg.~n8y`UsRXtҁF7QJ)p-;wlaͧ~vŕWުmBNTjŢ]!UL|R~ wN0 kUzt޵iw }4ߨ|ݏ/jNϡ<۾\knݻg2~G˺tܜ,oY{.n/z⋯|sгmTd>EʺeeA: ?V[mk nG}RΣKW+d&ҋ,`v#{;͎xG 8PO *V֑Q೴+b) '2[zOB*Z_yKgG#n]BW⦃dβAfip:ixC!WH\gm\nQXk+(VYHTl ;VVzZNwۄ˯+y*>5"Ir&uYT2% h Եr=R/SzfSEruX m럄a m@2LAojʔiyo6K⋯3?tΰ[nvֿgj?0pnVU ;27|Pm{ f`ᇟqkG\̚@v:I,[Zzk韽jQS#%)YDsB/׿+p#b=;`C՚τZ5).s悚Oum~81exuhDƊ\2bhgTɣB٠wذES;i]eia4iJw^yeh:6crhxn4/SnqhM:slR-"9H_U4ng̢*kwO7rf + C W!zkw>cWV8p-4이2-Ѻ|ʗt0Ÿ0BavYLJ˨F%{-ڳlPBKG 4DzG#w>8GSQ+ Ƈi'ߞ{.M"hjD!뮻r!tg^d`+鏥HlU gghu?pڄvz+;usi;%uOFʅW+NG4F-!9R^.4kPHiRMK |c`-i6ld_"䅹 U&V4z3C,B s+*'V_0}_s:nE^(NsųGpkaGy- Cj+t~Mӕj_.wMke*?/[Re@vqilIvռb]s^6kikf5W-<܋õ[uҳt*^FM*+OD8OMB-Ŗ'Z`ZXkzmݬ.Cw~6K: ՅEjsci}N~b@nZfZnF2Ġ&]،;rg`#XJLrھL©ᇛo,\ Z7:/Pj>pE0P2`P`g]D5 M9cGuRʾL?%K~/D_~5|ȯ;pbVD_`Q}d2aja5Wjgf:l1`% fc=a c RDg}xD:S P'G=w2FU3 y2OCgzIP¿[봺PzX+`AW.c/pnozϞ 6ASLX|ά>O Dp//LϾ8ە4m&u<@tw PgN|!spncL7_yyhe<:O핲tge~_)O?YYkfTI[NcСn >X7Ό- b[)A{[}AL76[W.ƍ/+WK\O aר:‡D45g xR^y{ o^QZ! !?;A;ozAK x vuh` |pS1@FoiLp~Q_EE[])k %:ܟ2k ٍN "~{ M#4ky%|0R+Qo*֊E}ZhiI⇢=+:hT&>e[ȗ4jJ怎Lu IK `be2 ~6MAV7tRHŸ@iLbB:Au 3X)/\ y]پZ69&/R6g|lU@}6z/Y;3oVw} .-IE_I$K73 ,{k[Ÿ`K6V5cvO Iؚ?6k|} $?+gh/ʳ_gJsmXW]⊛_1!1gCfE<͋wzQ Zt&_OV;ğu!C]yprVR9{ |1";EA1]hGa2". $BL{I9gEcƖ|t]T"XEY5Ѐ@~d uzyȋm֊UM sN' hBVn|,Pnz'+gi2gro8_Q\&[FWhh,TxJP;r˙;ONtgfAh@?”Yj<:Y>oyΡXg־NYc_KS#c_-k#5YYN @IDAT@Rz{'l%;մu7xl°ّ k m^>Uq{m7q=~lZQcoh*inT;i*8": ᮻ|}o :hX'GiC| O_T+v2Zd6pnW8y*}L:KX4 HmY txݳA,vj[m&;Ck:W a|'uP\Z_>]3W &LNa\70rȤp~Xc狼pSN0Q2` w Ut.JλC^ T['x 9u<5zK/:i^t[? jh( 1;ЗKjRisM 04l_j%XBO]vٵv9V^Ppu'EKvFZ)?Uy\$:̣䩔Eeq*;N54t`hq2yfIy?&@ $- @ΗNvy 0z\Iŏj|8"ؐ =*O*wҬBNEJv swЖ7v\E Mp6Jo31۱kɞUIc@MJ4`Ш#j l5=} r&(4jN_XJf4D5/a45nc(S8 )@`3@.SCyfzL|VZO<_u&eg܅vWvc۩ִS%5C!KН;whQۣ5G}]suN:b"g ,B_$š$Pc3;2Xx/m,8?aB}--ɓ9M߹s']&/Hc~чN~7+Xv+믿Sy R}T)x3>2hTE o_KEnZ߀AU"&Hc=U~3WYYnz(&ɓ'vڟ;Hޣ'XqnJpUQq1]_|^O 6 5<$~G281z:a*n<}7C (bw/y{m$R}S1< Ԧ^jHߥ%$ }-iG0Z衹N exR=IP _,aagn0}U"1ݧ>X.Ѳ-L6t#7qr 8/! Z4dLTMMUnذ$@ORybF)tqgKZx?=KGn(6NH#KsaRVBjcVGͶ;ۚe>{n n oDl7WiI4j_Z6#ߨ~J]JtneyZm[BHynJ 8[3E䜢{LJ-SMfon~j^ӮoΟu֥> ;\t"4=$BZ}g.SY 4c]cYINHtHAO+[Vs̀I,TGҹa1TYY]@g`xa[].4pW{^zc:GY<"_X |`))8tQV'玓&SG%.o߮sN~:{㍷0|6_"V]G}r]4nS  P3%ƣpzW_2je=q=_w |A\Wy0t#n#<)_ZA^ f[b]4_(,5X=AkPҶݬz=[gX&a |L`Lq~:w#3W T.x\t;.L:KS/Q#ND*eN>7]Tvd}ZpQ_u` ]h.Wg&m!} , (a %5pɼ\Joy_Mǎ5NZBN>3y~4DZJ4~A5fPto6ei[5Hvxd,AfKcB ֻkc]@cs^+6rJ7hhS0d|NWZ)2-Rh?JȚ3쐃 TfI ׿~Ԩ6]1G4h{~XQ݂:0r ais9~|9WW`,G"HTn,a7ٯ5K0{gD.J>v;0˔^^,QwN>=w_oݹWLM7cGDd2 2tKo'Oxa& I}^yq|BKF/)aW;T^ov4t6/-[@֗%lŨJR9 d8ieTҶ픅2?39fWG {I"G*jʿZD5j_~Htg]qԨBu􁚃S]eOWNSg0pvVnЅU/>W/UIY YgV@IB򨣎ƒR}:eP=X[[Z%a0 +q8~[@' &\|,fxfA޾Q퀡~j8U5jW}^JЭZ;+D& T)fH7o!IRuhjXgF>P;2=F|S%9~O6x1⑉VZWW<7e9UӬRi} E!&IEE~KEK*4l,/VLT&;32K!]?3kt O^vpU;/_8qja=No~n{< ߶M*d)Ftϸ_ML:BǢ:u0M>$Z1@4 'D SaUTOEEdv_0(y*|[G-uL}҉ P <(q~LEY |X{k^>Z :Lvqi<h#4\QdP "oA.;/N%eB5'yHRvE6]zXFۄ?c5w(oS*{غ$tp ^{{nmm&Q) 0^8K.0E)[ y uB_~E\S֒,Q"̙1!@LgdjkpHoRkbS&SIwڷDVQ*]T` й 8eo)r gN&"4v!j4|  ` Ykc_RbcKG+|t0oU;Xp)2y&v$.StdaotxIvXm) 4sxV (÷c†=0|iI4㷧΀/?HI乿u/!p nMwB7˷ ~;hy(SCoĵ^z4}u"7-bֿy|"NMIJ }!:=?= (cDtRA鼸cC(>=d~KͺOPYC'&p:j$'({ Jkf󣕆qn VT{(5@2HbPeH K z zܲ9ᖻc[w[JTAQ;X\[,A6ޭt-F&x_xl: UȢ9w%v>O;hz[+!W+j 0;le*%|!; ;.M([(t_O;F-(An^˳ FlRD\%<#'bJ:ouj_=6L׋.H㩧t^3쬝Fm8?ԗƗ}X[ F픍6`;nE͢J(sA^z6Ot$ 8u>bG1YJZBN'.L'0+x){/val׻w]vP?_|FV:^`p(``M6g4`h<:s?wIꎬ=^_GbI?*$¹o߾80DL49@ ݆ / @'R^"fޤ=|vc@v1;gYml ]O'&1KM,-E)ԥp:oVj kXMiNa=#O6?yNI+C"nP&x\;Dyi/|=&UO28=KN;Jv~BEZ2Hk\kK>[I0vq:k { u;Ϩ׌P xjh'^;=;ujЫGs31Ʊ&tnxQ =הfCr\ q3ǮqkNۣ'Qȱ @xсHoēz\]U f'oH ِ}2žK4=y3[X>&'p)`\25E̸ui U60ɺS*oY봜7+8`[h}}UŃ*H&'K*-VXk cK,!zd~}!ŨD*<. Xcݦu19 ڵkz-LZt>TV ]p&BiB*,F_~&NhHs:N|\(#N"yyr|el L(yV_-'OU;hf@nMP-dɬ/pN8Ô5{ڹ$  NLKVΪӏ:j=irϖJ+jvcjEY0@ˤ]éSIΨUj-[Ko&o閉~$^As"^Z 8G #w* {湋ۯ[sn]nҁߢ>3y+Xn5/@CI̓4# %,:l/̻R{ءNoZ^NP.tPk~ݾIFON]v޴OT1OLWÏm3ARD./VY? N`Zow*8Mcٻ tE\r7 %;؝&Q0_}u= }g NKnnExrIY5;4igHe֌_WLbuH)ti ޒ& &KʂC=S|qCW(z/XXiޒ.pmA;UXw\_lhGW)APݴڥ)b>[)ja?@m1R]ꠏ;V1hCJFKo^V_ʄUũ=ԠQK'g? m>9׊hMVkgdۓF\rËJ8qyctdsyEUvxj4nA1F6YBJ˴Y Y%7{#׽ N;\tѳxd@V|˃x?wfZϞzDa$>QIC& A88J*:7p9 dZ;`q#J\.toN7CTO&V@ْl.Dバtx|`7/ "J$TCLhhي!fk?')yDQПout S/Wr4F3o[oӯ|ŀٱCm({ n5B8J^*T;j6UcAVQ+3OmDV& "ij<9WYI?k UO[&3.ƞ^,*)5‚ !;:`I?/[ _),ݕY fME4a\(GW-n CƯxxkRà$QQw™K+xj 6q.yiJ.0vxjg=e?/mjuֹd+CFz[7믿 P:؛8/>8,oa's/8CY:IҳUc*s[O7mP\p6[ǾL D'b}h&(oa۰ֽu?v(Xe`5g[.\n}puҌK5r/o25U5|.p߃通ʅiYA@g=ny>%@iNr fP~k4>Dy;7+7DG;=Ͻ=/ :mb ^r} 6P>C9ƉDP2T:.;9ɋ,ҳWZJ9 +OG/씛 AiS%.R1I=?\ϳ*htTfس8D"eiygC[٫۷+?ʂKH-=__^ W~^q ?4(]W7pXz?Wh`V樨O]Ԙ:wjхE,@ WU]/nUU4ke6+D` s)-G .j000D@'UYg N-&ͰLn & o÷ \Ec\N(1M#aO &(hwXL!aAt||o".P)h;>󁋗ns7aExb5Jq?hF:#ENYz1ia=JD-h&/4o?"4m&4Pn^zqx6޸ ?0/[|#QvH5)g"Y%"LA~YuMHZ[sy%#?@oUW~ԅء@+romRKvf(y]ZV3\YPf   0Z^̕0 }U ~@ѴұB#Lqb=y_m?0Y{_k.ÙMTQǙ iT@O.tzYWIQSޗQҭi OaOW`D Z20G[{T4A"{CU0yt0",( b^E<.'^ЂOxNe`<&4RsrWE:ZAɢ)n=w#+e:f34y%:PO3DqB+( C&mƣ+ڽٙ/\n _#V~c=|>xd/WS |e7;|%߂ŀ`M=Y3&mP.=mo+ՂҬ{m!ZSl9RF"~P=,ɓvE1h0dK&#FC&lnL>g@MF[l4;sjСw`@\e0JIn{K/#[:E3ԇg>9#/oK[t\5>@/(옵h@mCSU9 @۲"\ ] ֙nH3(O1vSK}iޮx'@PWF.ab昪!p q,irNޡh;4`{|; `r_׬ ytOǎ'-Mc@8)q.nhXtfO˳wO3kvȐU,\nq:W7~qj1M]Lβ8Pg=_0$duct=sm}(8D\f4|=B{ZA)PYI6+n(=*N껊-GabL%PΜ隠y*LХ@XYH4 a.~DH01\Be=o+-oҳXG1@/~C/wqW.|];'f7憾򧛻b,n "us $ijv@39@L4Z*YgE~<+*Hi_K4RrFx'eM : 9GazM=x.Nʄ:Ǝ ub%&1p"a_ͺov׋ +t *=_ Lč`]4pӑF|SKhE p҄7-^O:ƒIқU2?%E*08&rgB<<CZt0<BxRPlRF^&y٥e-PGy/3#m状 40壨v%3vDI R0ˁlv7$S'(F@:]fk77jeQ=>{s' 3O }ǁ>]z+zs&q`kۆ֛]4՝dxtzuNEI sc"K[`|_7|H${nz8 Z+՚u%Aiew=p,A|JV|;/btc\qF YϠ<<;?FaMкjƥJ /PgMcbhkf]wS;Q㎚[7nl1ǜX<\r4 xh27RJJ c=m4c\KtI?vګK+ gNa1Cv99x}5??W:'vڟ:Kqx㵬&Vo 8͟( |֪uG<3t r>L-={?!?I1ߕsڎEy> < ^?f*9'ݔ_azb0𠅝:9΁,d? $`""6W,bb΋+=ԝ/y(504%׀Di!׬c N`aO+&L4u5˳15yL Ͽ#駟8Z2[0?8>`XF4-_CY_xІ}/^mW{=iܚp#"Pc|Gn}a]gYcuםmՖܹ^aT}An&wxS9Oo3I)"ypGʏu{=UO=-YܢJ%OFǞXGnoU6)0Zg?pw71@.'74PY// qFЇ;=¢|,>h ŔS,a}˧`}3A<[PN'C<RTQ$&t&ݳHCsU7s._}7v"V- ,27Z3+R{3 $ WֲNr>PѤOuFaZQXl-\6+p[§z'|/qxkT駟S}z/ϽUbo]W[[DGWʽЊSoзtvn;l[gEUsU4=D$ 9*Ę1n=K^; .jUPs.#CX@0ݎ;ᛚ端*њ<# [lQ;dcwdK$y¤|mYMب兽vio0_ 4y,)9vt4O5o+'(pQP{F8np)gnGt3^^cǜy`|Hc$3 _.m2bxp #.:3byEL|iS4X@HU^d\}n~I0 |~$*Ͽ^^Dz1iȤB4r؝t܃J|[|3QXGzJMhfR 6m:ԖkS/()ijGtXF[_ jY^U5Aĝ 8lyHc6.0ߵki?Ϸֻ|N3",$bWu}iӹL49W_OC &הlr-V=cv+|v"+se/KÛnAZYYYᤓr f|hKF`h'xZ·i&vÏGfd#k.?= #Fz#G~^l?$enmtYJ;?B7n#ml͖uzg &L(Y{5Q6zw&PoL٢3cC$wLH@IDAT/7hqGU }J*'OAkXH}ڶtp&gF1{, 谝c?5yO]Y>즛n6#||?/8bd}*ڎ7գj¤>C=uu{2RK-b0 IIwz| 7fQ^ |(yFy턴"ʖ:F7N T`x5b/ƖI&I>?.َ@ p,&Ack|(vKui*]<"m6B@vxz˶o :b74sELׇuebo~՞ycJ2­;oz%W-<ڳST9qI;;2}špð]UVT6} jZЎ |Zgs|ؠhػqǭ!dsJ+а޻M[h5gVQzՑ,̒{_?XאOᄈ `E'Û8x~35Nt8[NNj ;G._h`Vt= IJ0tf<>^]CܽAiK..A]v{v-tK/GX[epÍ n?鞿eq0ʌ0+. X6%6Wٲ'£ܤ>rF69/iE9٬Z!-@0^9#$V _"DGZ(aGt*0@Z噘u {_7l@qsE?8{%=}9EIIf ȃoEQ|amyžo c*>ciV7lezV\pA :k=EyQw2jk/>b6UYy)%m&EAT4b54I)]iaٮDOhVKIϰ"X qhz-`2!k߾]aa%gfWeUVVz:x5_{[-[Ecen}yg˕07<KWFZz,H=AdipTNӅ+Cve APT@7xZ} E/4|`A! fTM7ZA}s.ӸR;ΣTWUU*V/]3W}WmyߊO59o"nZn 3V̀iI]ԗoฝ2,Oit(PgT9{p i=şzI$V a<)d`$5$4y\}^TF#_.p1mHv ,69c&C׶L;Ie SOUʖ(3XaKCe05;G=?þ^l]hw-)L( %Y'x* 0>;a4Iw.Lo *zRq3ULxJn:6-r%*QP4T٩Ʒ+/ fWiUtʣk9@=[BZ|6;w؛vZ~:77id&~$JI1*3c  3`vg_/ի;= ]qġ{a>.|aqB_qŵbx)09C4CXɡ@sLޜ`=#VU!Rk" zFfזxϰ>@y@i"(P@iTBfwsoo6BHٝ;3g93͏7 h{[rM7Rk|{E.@8Kٱ0#_Mlz}q>^(K໤>ʄӥs,[h0 ctU%'b۩ ϣ | r:Z0X ʎQ \L`Q.:Sg:&VQ&_ԫHsM'zuY;Ry+dNhbKK[!?[ۣ 0Ii@)R\FN jFG)'Gw4҈=G g#0K2pFˆ)$p++E k>fB*p&?]4]wDO= ^QFi.w4i9 ђL2qJ>30rFmС;}_a@멧:neoeyA̙M3\%Ql Յ}^p0^ K٬.A' e:aW {!9+$x޴Ӂ.4|,:ޞ_͇([ķ)-K~ TD2M˧)AEFێf* Q+LAV8iS鼅?u;r&v3*D36=7STQ:@ y݌>|@ꦷn\^^Xf'O?mua@ןX["Vx q2{?EҸ- Y;f$/ӿ歷=ޯJ%_^̨zvm cƜ~a~0P]~hIp@|R \+A&E)ǛG?9J0C@h.24DɯTx'k+mm{챫0'|ЉӤ$j,W[m n׫s nn\z%?-l2ϣZV&/\g.eϧNua7VZiLqBxO ;usx*:t@yv!OɁtAM:+c`1IasŷrB<S<}`07E&#^aR(t26,HT9\Pnz4B6uǦR6⑅a~5t@]w!Cn,~<РC)A-ȿLSS QAհ;+?cF*? EfbBa iGOH `J+,| 0F.;3[T&(n5kyr&,j`$ CAN.L yxh- +*:2#_yeӘݗћ ]]vُ6,!ųk:O躀pvez OǟO KDShha ; aI :^Љ4\&I7FЄF#h?(wME؜;È#cH)d0ҔG)y](\i NS)b#"V~-t>b~rJ+OSw/֦,wA_J@oucCKV 2}%'Z8kQnl*c6/ ft .= dΣZ5 uYnP%FU6,%GȊ`kVuc<3XEEYAx r'6NT΢o6!0D}㍷C97 m/ Yj`|y}㌌a^Q|jt?BCaf3po]y'[^J:CSں_ 祐Ǟ4t9U7pmj^<㌳w+yYR@eKngg{C6\$sfW-| eOz*J*Oϥ!G)&3 0nrVsq֗Íp?yZFymwIϛ{4P픿Q1sV!6?Y8pj$$~(3锳`C8JUQ`tOJHEGIﺏN3/D_SԁTLѲ {Wu@#][ q|zcab!4o-a![Эqb`-o˾dkm/~8  XTV5_QhR*LٸB`xwMԷ}J/! I&]0d~ G7w¹P?m;D. y SL:易[lڡ UmmmŻk9#OSJ;7([Y[n.:_(tnGU?ey䲂$/]|Og{, ʋ Ѩݤž{8\E<8eͲLx8'uq e+_9ªy9n0 yaO˧0pnˇcHQ Ĺ}cdާ2n(!{?E%ìc.PfDSK YFFa~ԯ7WpQFϻ$%wHϫWC+}.82zb#A*0Lje6ETUZYAWfr]"/>U-BaȐ=YC⯻ .{]lA'|'|kҤ@ 9%tkqW]uٴjɶ>hçvbKq_Agyvk$~aC{.bݢSmczxw8y: 7pkÝwa^ٿPW[UQs-d$Ñ5U5յUvؖWpp+b&,y r㓽L21@ BW N<&0CxxY2ġ?,F00Car'lxTj'甥&N ;.!۵*?^?rGj]ޑҰ.Ͳ R۟Mg2jIzW^FnH̆~9H0`r2}Wp5tL 94$ܒ#opY%WIi(je/WW>g?f/R;ut6]pwt`fw[񗿜4P ?∯6Zbµ~4HBC.V^epxoSܻ͆߫>Ӈ^S{ַh/n{ |#?/ujey*Õxx]E#?oχSa7g|s4cG>⏛OMohKo HwxW0[Y93&&t:X2EL DzA-w3"a%arCd~0{rWu熌Zy*ԧ>U'. . -Ko3qvQg\K[1٬3LXKls10JE4%aKP)qbE-ʥ<# lp!9PHw+jJ CQ覸v4&M!۶RK+5,P+o,+T~fqk>$!#!tᅗI|x;r˯~7cW㌓uv =OP_3EN#֥ң>Ɏ*Qp㰔34q}\F6e_ o++ BjO\0)DN~] d  Z tGV>79+_ L+ ?F~[=񪪇}~;YVco2[C_X&@z^>`d.ఁ (6$n Od{M(Lx mJ,3+-uuT4^V~,۬(28l`;Ie:`c1٣B듎3;_p @(lZk.mm07է\vԀ-#s1d=|ܡ^3M$w}o z-JVО^{M#/zVѻCz|*8!" /AǯOlMeIV=.mڶ?  NrS(>|ر+uo'۷JNT8dd6HBonCPZ ӟ]w^Q ibG }8UM  z x! 5OkLjm>)Cyz@]s?7~&/5_iRB Eh&Cbʨ:Tc^{ᅗjVXa^˕&BA_MCPo~v4 g[7ߜs@:pWǑ6h΃__dD+W1V^hQW.#uz%k/K ꣡rIe\7p;>B.٠q)eQs~[n<8̏<N]>M{W \Geze>#>pvD|.9a!|6Fꞎ8b?~*h8uT$hvu(ڿLC8S 34Z8S}PmXg% 7K@,? w1s1:t}wK{>`B~{O$F_nH:|+vܻ9K,ҷMF娟4`5|AYY;]RjjZ'i?9T_:}[w/|k#@a:`@N,! Pټfw::LU?3 %dފA: {ڪO)4+'q`Agt#i9rVk=∃[C^d۟݊g}fml?찯1"805'N^V=,=}n7|GNWs j_Ql@K~ڈ6_,iN+  (Ȳ^!>LQ־3'~DZxp T ZLbx/Lƚm?-Bu@5ay0ih:*ər ~b᠃k]g] ꔡt'4ۨ^RW_&9k?.(Cu Wo{{3(z@K.)|ɄQ fxznڨ!#Q&|3 x -X[t%B97AhEd3ijQi1i򠍨pSa$R0X~SMp tx}ମSZWXatѣN%*>Uw£M7X%"wD~#-"_4BojNnqE֞z.T`3O2O2^^[BiΫ^Nzs Jw"?;S:-}{20a&Vgp3X+E_z?Քȵ,IS[_è8)*A' 5xS*N8xuITSry9^bO]ob Îdk51Jk#/!Jx‹ƯV{F#qA+;@NY{N` G7M_xz]N~{8QYٝeth|Y D] {zexoWzs<18nϐq%8oVf +"KG֏-3M<3Uj9⨫WxeBqǔE] #?Nmg~9 O!G_LHnrt%Ux:5~bl+mO_Ve MPƇ㲝ټ{UL8jYGJ4󚇭? n g3`7A8ݯ_ã<'ń 5jۈn$3,ttK$O Eo(Y). 8*WM$\s B '  <$ΏՋ~B)ut*0<6+*U&?FlQQ~ S^_Ϋƅ-v'ކ@ 1"zE:w3J%v u{hȞ}ė|g-{^VT~A v=]?m}$>^U[ʜ :r׊G@ٖ3$M )͂Q t*@!>dS'j܁[Xa`e8C.*_a+94+6&drTL%P|laE3˗?&Id଎,~\:0ぃ,=Pu* 4&* )XLZ<ƺa^?t ў陟n譖q2~x x_͒XХLC+]፱짨wӭ*^tUSuC!2G_%\4\deQ,!|f0˗{O (XA`\*}} C$7ႏ1n+Rka6J7?yVtWUU=.ZO/ +OJ"o>I;<x굞eWg֛#U4[u(ۿAmc VB6AIO((4 -5 -/5ur>E? uޥjFh.hh28APtpe @xZ#=l6\&T,29σD|`Lv<}VwK^t h߉W㴣<xQϡPǔ]U ˟tok7wX/%/2=Ä!O{4p}8.х>. )"gY[<`0ͥhU(Ad3~MWGB^,?ewhƷIgc4/?u:Ga4Q}y# ҩ'sq{Q*2YCC!iB=*D%բegSVH4Yծ$-&hZq=ٲHDȶ[5яC,;s$t Qq 8 pOY7􈣱BIp!qZy@۷`E(k RuYj]Ɨ3톋ǟOSvzfvL6 .a. ,ZcvjX=Er_{cjiϟ_-wzPB2dpir{|qzkb9*Ebѧ Rg4X&=*+iBu}FOAd,SbaWg'wgy[9{.9`@x^>&#ĴրWZ$8?05AF4anJ3jSa*w#a95y&O`l-{@dI՜NJat'#M( w{0QRS:|AK$E]Ώ:&VoX eaq?g'yĮ5}kWjKvvғ 2]35 J~ԍOiuu~`]kׇ:<#_ \g3~2Y}Jsw2{I P|@YHkMϑ=*zU}>Qv#.֏ܹCoG,7m?T p~xmlv#J7qؾy^aftvL^)W]SZc}mQ7:gph,rY//OYn#G uI1%`$ *(}V^+-4>5ի[MFPB@*aiuxɄଖS4A!~c+,7rɜ"L~+\yH+<MZ+X*ڀ_rh{ZrJ42=sqZM N@8^^PٓVZk wMG-Ȟ[n4u!;\`ɏ>FV/B:ireqZcEyb Xx,{,ZpeWQ3bؠqܞk\^V3Ӧa]O>pX\Pa2 Ff'4e~@icxzؿk' SuR7dFjlk Vā?ѣۻkpt祵S~6 xy6Y!!!ZށEI=Ť&fxDM{τ0(!V AM"TrZMQw8JJ&j'sQLcExĥHB%?ŕҤv^]x4e$V4*4lޘpwWo`/{,xbJ fY /9sWN. ;Lxם!*|. Gzye<ߌV>qiG/?GuE}%MG 0ּ&4Ƅ2z3;[o}UkG|)53 :V]Y1^@Ŋz_HmW]nI_-0!)bސ:heO>FQ^΀+tx~ag5 to㌿jx`ר:*- 2Ej1( 9z']vJ0]vq2M0Ƃ0h'GGtS^n{&h7.hUŠy՗yGßRN!aA0bg,Yo(PaJ$TL~,`D(܏2<"`'@ M$D+*ۯ]H鄒"v~Ly1PDP<4p|;mGӶ"l؆;ӈ<*3*7pS)_X&:~28+-nHǍ[{mLl޲̥486K\5qY^HuK8k3b3%5كIM DZ3̈(x5~Jc*!:a DȾFƼ@9E1oA ҃ˌ8PZ P|&X{6ksiqRa )ѕ V%3 Nǭ!0%ב~ئl7J6?a;<aXPJu?ΛSp|2 zG? ;Х 8^ q%ˇ3o_ps >tUaa^"@( "_)ջS}+B,gW 1t% R=|q&'^QY~K(੄*GSePKgxN!~nf> <{~Qv=YVdF- (y:^,+B~Xy][Xjk.i2]v٥G~@ГdUjjnik,ui3tP¬^ܣm5ls, |+~؎3?nJy6Re) ~Gv"x94iIbpRFu 7p0C}+s2Q#^.{13P(SkoN磔vlt`;cq7ì!i,!;]4T|~Y`dއ) ,Y岴`b 7\lA݄,pX1V[Ԯ %ď<8O^-aOպN b 51(-BV5p=N]͛,|8xdpp 6R  lS 2`ClX)]d22H Y6@-2xtGFu>ocLZz \sk\VIfM۫;Ƌk4TDs# OC'nAZ՘ΰl^~kF̆R0 ~T{{H@q)%_A~ Cn8g~YǏy 'O+]t +el OpyXeメ~xv@ ٣ݴ9@<6:NWSȓYM{?lذ~>B%Rv,j,jhm),ȝ0:^]n'֊(F; 54RbW3:d襠i˯5eZK/{3f4tiuΖvM-Sg,ˌjiaSÇzwm6zpРg :nmP5ruujazrРfa PYB7 |ܑB5Xp@.! @~SyRȀI0#C&tf3Aal3ev}#?H}O躟XV*0)␥AKhL"i2Xb,S"NBf~ kGd:1lyN{Y_` AT)i,x GdK-ctS̡ȘqX8?E#$Ap4ExY&W~ 9F8`f}$tyNu*G5 ac?_ @ӱ\"+1&ʯP)'>,[8 By?N&kyո݋+EbX-Y;uU̾U ók)nY/1@Et\H:Es.һ"B?,c,avHgF `eȒ7uJ t*QRDZb_uխҲ5$% E2uf_z];զ=zծ#|k~EуӀU[,,Cq&)Ci!C<.A%ۢZ+I3hlV\w]]mG]]M.G YjU6v/Đa z}}qDM7@ gf=V(VB&VuGn;ӏM? і+:䆰%Æ#?'Cm0j[PdfН`nK&+l($ȑFH\ci ?vfTH$2б] imd\ xbY>'r&|גF`(h 4ay-@ͅ FaTAS\/XF"FA:yd0Ar1x=ZЧLtE-@Ly3S8*Ut {r6<3]>d;=|nQborm, ryS8gZӻDg4ZjӺPJ <B GqO@jl3MvKQds{+ʞ*,*$f7ٗd1Ў(7yxA<޴h`x\m\/3īr/6ſGҦICN%K@{RfX?~!C[Fҥ:+>z%G 2g #ⱄi҃V^yCh бΎzeT uLʇl+>ltg-ի_Bzi19,9E4fSrj3fIC'O$-QP(+C|Clk X"=>ASƉO|ȓA?faXto g 8n,^`ȓ jk\l {=ĵVz7~ʹY]^>=zKpQ8/||sԂ sP!VK헗][e%@gx0ЈDYPEI aa{ԖdG;'|9` a&N}WP-k(\>U) zvPU6lp]? I5x\pԶ |a&k'!c'0} P|`3Ci%\O Zp>.0 5~P$Px~~ZɟI\ a e[t `Ti4OSPS΄SQ^W \ZC)z1Dq#,YPÂsET~zrV-2_ѳ_Two(H25b"Wc~tȄ^ǟ8唟tyX-ؘ9~.{Z?ղ=uuBO;P-N69DߔB{&o̧PxZ¥HQ!;P$9]=zhљ1cFMW+)?P7)P8Be3BQ t:,͆q?/N?f 1 Aq#k:Nzn#z2a{8O7*ЊL^ ʌ0~ I[{HCr6JUa;^V9+D(oa b;+%Ԗ$w1(ۮeK!XaEi⟗/ʅrthWf<|Pe&z˂>ꅺ 媲sm}G>,+dOجY D̢^'ָ@J=\b@ Hw(@J.KQRUY1O?}}U?nڨ=vc[Y3\e):lcOeⱔ%X?SyC::n[SdC!M7]c =FhsPзkfןuȑCluAr;I7H᧘La]cP9@z`VE;# X'QA|_e4W\ ^um<eސ*A(Weq7~p*~(3xr@ m 9|CQ>e+Æb?B`3r CQ,!Ë \p 妕|.Osl߄򛡽R_}YңiTwI?6/:-Feg􉷘G]K3qH#^ĩU>mB-u zHr",ukM(]PwU#;_5pm` OB1Db἟p.I;gʤ*/.X޺"ÍtvPbLCsp] -Bs 0 *Ə۴&k`ڴz<1keG5jhUFy[ C :(@A8A;ׇW}"@0v,͋nB c |"*(Ka ҡM9x~~|<7=^$;4?(hԼ YIed4{!)U1|J|(Odx  S5V ɵ?*a.G@+=xWYu?堣J鳹,hiO~yc,%CSeiy?^\ߋPbwJ?MVZVo4gg;ʭ%( 06HcK@)^ /TS.JFjKu+V #~8dy.+ À°@ͩDЦBYӿ[> HD(r< lȯ:cudN-Nxjή%w=_o.3?~MJؚr%dӳ0jA*_QY;*edct; O|\ Cn"[O#vn8:ԓu2y+#%b ϸWwW 3L"[& GmX&$e]|crC9 {o>,1KدYYk1rI&m2kh)}Pl_c^հM&w`˕M $Vj[ͲVF7Bbd|{VE3;pgQhJY,G(A/-1KyLWxz+ē< +ywDȇ\G}:Q¨@U?U =] `HBю|c~jIx7:@ WG8%~ǿ]ZwF6th3M~MRbIG)/2!ifԪъNvv@`됄-d {i`%M0pQѩ @qϨ̈́@[K% 8:[\P~xKH E ($ϖl#<Cyke): %.l&I򏲯NmykjJz7ch<\y#=-h8i2C:_*dagʲ+|5oPx 6`xӅ, >|]9?ÊRY1IXd<O&hGW#}2}-=BޓEꚝQ)S9Re_%S0Mal@8TKcq x-)yA,'y;d_{ӭaV[7ߞ'ݲ_kˈ>'1Tm+^% ah}k}Q+]Vnk_i+f7~I]PPcbr >u] dq|7E⧏%,>^[LB}+ $>!zHB̳TR/ˢ+,&xT6!Q<6 6MGOxQ>ه^y͖Yfa.kFcb80G&L:ԣGI43V{ lZMS@BVLHi#&D&%ʱDwJ MP\”X/L2:BfZFʡHF'9*Va[|ZP$$7)aIh_܅8ȫr|/%|!D2Q"a.w&HJPDdD >'$JN^Ё38a -z Urމ;IVR9.82g 8'!X5k0'x1͌ ֲ:J/&uoWr>bQ|BG"Z!_%K v,:%d.-P6U-T~mmyTS  Z ;'ןMy-!`Q ,c E@ǙC'0=q hڟW7Q?.V+ q*:/~dKkΜ>(,sOM*@+K8ZhK%`<+zcbUGC1}V[e۞?7E?q VeM28lGhEꟲ+I_'!Y5ʒ-gm/҃%,mhOsV;aLG-I.ej"Pg0Y eD̅yz.nqRM`Ye7]U8,&eE1@A28%0)Jmw|q;KAҝ!)V ῍S `3; eICc1B@\js| J?aL)wp#})`2+' R,e.8R0:r,p9ayxԩM'U]w=]¿3]IY}GY> d?5}=?@#;:WAcrfo XVꀱ_:Jۭ~R jG; 鱲00kDzKu ڈl@E/E{)a 5Β=vrI+ Z~xhay_^H7|<o,sˏ0 .lPX\YQyd,zC ocfݹz Bc6vHD$G$?P0 (!$"B QH,Aa /`c x6lpY<~o[~t:{=ysjiYvmec^}=>DcƂ_Mr씉_p]FY[,mk.#&ͽWo '?.Mo?B#%Ǿf*]9T+7v$~<]Nke}c'n}zB.ܸUQ0D\Jcyt>-Tf@Ugb#`d+ǐW&fZq왅٩ΓyߥdxQ;zWlr?,攀qZ`|7j@u?/јkxXz,mϠdz 96& c6e.o7]RR5fVn Â3eߐ6!y<ֲлa|m4z4 rc >'7Mq]'P UMQMw\ۆbo J&cn6)LM+eo~\}[lgNX:ǓǀmqzwA>.]?yg+ʤ_+[],T&r'*wdܰߓ}  d%*G뙩6+W`'c _ :zW^~Ń~N24Y\A:]nm*aͤ[LJrQMT$BZnvOOsUo~շVlFVqcSBa^Fy(?صt׷#,^R8(o2ƦʉҺV ?{SEM? yeem.}<;>t-VMw.@}M\mYP{Ӣ'S+@J{Qj#b2ήt,-VҜ E?eW}Wŝխ];^]@+)M/>OhE$VO[ xOk|<ik4VjXce'7VIW֊CLdm}lȴ'\ D:f|/-V V}Q-˗pJ e@JBx@iU s?R:=ޚ? ҵ_B=wWa+yܥXؕ꾪F ڡ')eQxqޭC h8@1LW| 7KJv 0NOKD[ 4ڹ+ )>$VC\nk(.kP0Vg~\ݑxڿT5}?"v$K蔿*U)J1dAeԜ&FǙfz :,^qcjjn@"+)._Goɾ p! !¿ڵE4ӕ1΂\۴q @+r+Xx[{&%kNMY'PakeO:+(oWf#6Y L5kMN>cʢʫ)s^]^q#R,?./Ü.0Yw"󚊄g _ |(+Z/Vf=Q7"α j% 4kI1Wc VZc'L/  9Ze,1lwVmCnu OͳP1_1q E(o%1)`\vfm3dY:ÜnA@_K{wa% d,@/zL1t oҁ'X鱞آZˆ,&5Pi,c_ { wb_LQ=E# Gο!{@@[='(DOBZ TӣH)zil]ט;V4_aM:Qz3]].ɛewT\*"JӸ_$g4z㖂bz­ o= M\q;c hAw^/0T4IDAT8~랏pI;g7GR@%5Ji?Zwp#{7E0KGI^ j`1 6ZC{ӱ'PO>x([0bgr^P<\wΜʠ{TWz?S*Q 4<ؽ%E@#Rv} e&ƮqW)aH&eU^a"Wq^I17q1# |N h-Qۑ^fT&ߤS'h P4[VpOWa9k"??J/KC nUǪ?cͻ's+9&?]ŅQY!=ފu2Q"&Yʩ PiL}(OP{w0Jc)ަsRJƿ9Y5[QOJ43uYM{Lbc7XNalJVd,{]~+@`X;YڐGO!rsJ7&QOf1N6Ib2k(]So]TgL#uC"pNI}P^SqM~KBV!Z1ǔl %yc7ck{W%qDO(jMp`uk\_ͽ[e낀4 5i-/#dZ+IO²kA^oZ@PP|1P+r"v|(uhҎ Yy;7)?&イ%o7~+返}[2Yuqƾ҇`fY:| P6*oM"M9 w>R5w|P5'? lyVƝw<&-xc߅(OmySqXv{-Ž#iV}6n;a]yB~Oe},.PIc-**OXQLl ]XL z o'Pt/7VWO48| ~aah/^tE0[$oy>qZs5gXh=)>c:jYitxTxƭ.e7>kD̥ z}[USԁ8JK'uhZaߨB<䖮br<Ī:~wIO@ ~ŝxb|}O4v2̅xQo ?M_@9n/_{wAyHRCxgRZUǓcXsW[KiTǮ _Yg=e#ǻغ nE:w"]ʼ[o p J _WSd??-)<'fUf7=VГ'=[M"(' .|bWpҥG>ovtE;O8+Wżxc4Y8fqEߖYPx AI)<xgs R^a@ǽ-_rg+W[ֻ!d1(e$|/@/IJ<+yeU~rĩ41Y WQv%}4eyY] -/Cs|_+<'|{{x|,Xm8mJ] g+qc0q0HV;_ﴲ W5 +쒩|!e.*Q*s.ۧ R6~W5ٴ'>Ov!iq 8(&A;k2tƓBt~d*9n%4zo=DS}wIksCw|V1~g >4!u?;boe霧v]_K6%NYWE+]q_'{, x@ ;Bqᱏ~}}'~H ոmS Ėºq-Sc8:V ®?}[i#Zb G6ή˻~s{m?^iy{|_-G/A~!p<z'ܨēR| q5eco;^F{i4 ߥɀxϟ}O;^2y?ߢݪg߄ܨdalF9qq0*9JB_$+WN.='u|ٮ^r&![ v]W(EjTF8Li|Q]qJgKΗso@GB` =7#zz@,RgV .{LP}u< .-~ݯ^r?~JeSc9 Z.an!oo%>t/i2P+*,wg60jXSx((nwJ9JU $BL` 3z>BIV K/]yNyAg2m~<‡GG`'B8պzܭ(Upp]O}d2m]%B텲M lBx_/k~ lP|B;n1OE)יִa+s/\:jѫF[%})g\S^_~?hڍ[j[/kFڪ%wYxiמYKҪީOOF'`y#~%}Ʈ~Ю6 q~S@󼎯-CO(NeUXp땾.VA-}R|fVb2Y{b #,^c\G{UzRX$qC$Vyo h[ a,ut ` d,fAqU wZWTX_XFtrc7@5?`嫝Vu3Iy\@0L/wOO}mX;'/EW<+U_yO^:[X+, ^;L֮zl|U_q}P 6xS.5^gk% 8M]}苔WF<{rz`K/+T ";O$$G,1 .W-pRjVBއ-oɧvo  d/× BȼQ2PF\2ʵTo\}헪y,89mt*1UK}WaOb Kwr(?:HAΚj,W;Q~veMc|-dSC]Nʄ30okl*V :dW $m'(:LQ@ R 7ϑϏ_vh~WBe^"`Š-wΆ+i۴9.F4s$E>V~[>X0G|N> E ^+JJow _(@ A '# `9VY/W6+{~wbqؕ)KھJo*I¾m#t|bޛؘkTEh4ۥ8JL9C@`v0o*Ie:7j@\_o?_g@@:S ҾEQ~Z>ַa@E w8@<oT?4-@`CLK&;o].*H @` &%p(j6 A ʁu )Wcr0DŽNYA`<=#Uu @! '0S% `! mNt(u@8hL۽sE@DCGM`A;% 1q@دG_(k# pPk?;%`uf ~-~B&EA{K`?QXa-Eka<&w}R\yS4 0Lv鋮 ֡d \I88LpR}ӣpLTLCmΫւ_HQFI1 ̯3tMJ`xW.2fPf!0Mz@5vC p3vv FIl44[4ة&-]X v9\C"2!GC9]A(ӱ&@`{PCi03C pC]  e V@Ekj lLK _l2vaͦ4@V+PxvvA:!M =B&NC7LcG/WBsBmx-0H@`ÑRh Ǔ"f<{Bx LXﴦӶP9 >""׮]cdŏ[ 0L (}dvF`B '=tMz @/"Xul Ǯg:ssv vS9h+:i-O'ow4)2*ΗtvLw1UoAX3,L hl> !枝WU(c!݇S :YܟK&`xKx~Кo$-#lN4_'?Vc hxöu:0X eh&-5dvw/966BYy40v5J Aީ(A[ Cl]*v[(m+I";63nwf2Vus5UxZQ>쨯iK/vJ`J-x':qqo[M|NU'WOd캆Y֦e8:¬ 'IUi6 wwQgW; C.Ah@L2 -91fh Ux ܊rΛC"ۘ^!*V]hkaQk 5uYvxF̈́Q)d$,l)gДeM8#Z9O5By.k k 1>.ϳl+\&ŗiC`c<1nL%R,C+؊iŠtM=EX<Oۊj4ECgJ)DZ.YYv` n-TA@`z6,bkxsl # e=D},VoYޞ8-jה݊h|Hsڑ5fnM}:/.4fi8nxu-89pqw Bpn-*.k ӥq چ0X-u.n3 ЗeB ]*R]PYv]Vv9>..i[TukS=Ba9Wd^8"hڪi}.ɪ|΋ypK!PT2Ѳ첌2}W]oKW)&Ν/D̛eȁrdnߑO7VOK|aj;:<NGt&5Y0jҺq]e.u,}]FGALo]i`P_ "Oor] YF_un޴C`C杜Oݠ)d;SPgE5uLSGK/z3@ WY'lUIǤ9 T, [I<%?]`-+|ݶ,+!Gpϫڐx=PR6usgQ\O4iG)B ߕ"PǕ#LY¶6#jvܮ);?ۂ"$pFtu02>Aʄ \+g2kgY5hPl3r'dTn[QjiǪyzaHU)XlNV?A` Bk~i_Eo:W>'Y'<\G?u#vLԋl ~3 *#$..{`Q6G(Pk0>:v 95NJ@2A X YLf;̬C9~*x,Rn6I9X Xڶ-@̈́)@.˶aszns=uwPf4$QgkSvIheX&Z[ȋy>rb(@` ?ԑ@ǃ0 %nAkb9sܗ7çqȺqN geSPJ'# =&T4 4ת`-lg.NʵZ!n>V<7URޡ ^]EoDsy`@)z[*WM["J-ȭ@ot%Bg'+֝,aI[[s8C_j--X@K^2V3\@ MbI{[*v 9@ϱW `8mܕԻUAjmu6BP 'Q&Ù FOtTat&L؏VzV)xm&3ߕbҮqv9 .ccO<8%qZUbM}cDh-瑛_Ҏ+`e!+yR.Ҕݚ`w@'؜b!0ǕK)'V3wK_Ayr=)Ɇ3|nyvͦmGB5&t8{ڴ~kv=e閝mZV沶[߲2NJ[ƪr pMs'z*t8VkS P:lL:)9`?4b>>αSk>B؀@YߺjeV-gʙ3-#xlDum!79(업օcv^ D@kh][(? hA؃jb[YiM814}kwn 9iq:'>Հ3]R):ϸP2s}=?}k>zl+[|7}0QR e'ۗ/սqo׼UrfW[s:vw fJoC 0@``}d‘x!y@P彳 ῳ^b@`v,h N+}c~-E;fUxL/~]ucXѧM?ϱ 8nLPHpo(S; |@PLź[K0* +f pv4a4& j);ܨFhd @#ONɑo^aqMm 0YMy*Pր,]^@`(n^t()@_PN&H^Ƶ4s#CjI-aպ(|@0qͬC4%pBOI m@s:ԖwAH̑{eyPJ,+X)!ߠj ୒ -BD`zk(c@ L!P: OrߕǘOQ`2<_8N`9'_f T }f#}J8 %CaNe 3NK#`d ʀS10K! $9ɖ8W)X{Hz@ 02&Me:voQ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @8BIENDB`xca-RELEASE.2.5.0/img/xca-icons.iconset/icon_512x512@2x.png000066400000000000000000011145611450407711300225050ustar00rootroot00000000000000PNG  IHDR+iCCPICC Profile(}KQ?GC EA-Z d46-S Z4(8# ڴZZi][m(h?k2LhE=s?TeER?Yp`^ĪN&?6olrUS+x_w&1ΚhդSQ[b^,_,hec}RY"6Ya\`;\֞27 !8f,j( )U>VukZQ.|qE`h`~Uw^okb|hkK^_&$;.^N w .V!Gd#sh 04;kN:Q\#W#ˇ5_#Fwb(8eXIfMM*i'@IDATx]Wug47[l˽{ /H!ԔG ?yK#H(l 6ݖjKg߹3lˑdҺ9k9(LLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLL)'Py{ 'MJZ$uɠd@2Tk`&`&`&`&`&`&`c@MGH&I$%8r)Cҟ#5#(&`&`&`&`&`&009Q2Y+Y,/-i'uJnI:t0M}}}v&`&`&`&`&0`#/m0ۿR2W280 0?MrddNAp8rp\k 5,g)9FL!ό?a琟qG$J'&p>Q00008`ϖ{^ >2A?Crdqyܣ-e0)0y @V`G;40000É78F>s$s$,Y e(`# m'/cxe`G;50000;aQϖ>[!#e~ x-_s[UwU+RVվ٦+8 X]l "`u}&`&`&`&`&p `xc3\T $A@^gc?*z+-ikkm\~ Pr?+j:'`>C00008xG01yƾK >>/;VZrci6ukJw1dd@gV+%g/1};|_W+L``]R 4MOW|rͳg#o}YY쮶XKdVjII==m֚bUA*V @V"ϖrYE}꓎j՝2)p/)>viZKA7[^*`G;40000'M~f'XT)8l $qs)^+ ڵjq CLkeogU"UM?e}b\"Y)Y#1&0 0/OLLLL,n  #,??>5z g-:Z6zYǵM9Z4dh?8D(g>^G@$ϒ<$&"᥃&0 0/OLLLLL?3,_"a|* +*fϡst/_:cpppgbOUyL㞙gslc  V4_r@P8-ΐ<,GCKL`\`\_^ <&lIVu<$" O͢د>qI1cDMWv͙1oi+.KjͧTs~k4@{B BSG Y/Y+iv`;٘ bFҭ} %HT3yf =ioxs+}?3s@Yl .<%s0ۆ't1O z,vHw|y?>ՕpURѨ\{9 @ ӃU$J.Apge&`&`&`&`ef~%LK{@¹;":= KLgǘgf8VKz%n>lc0q~vU?GPWg{[}n[?G>@ TRQϲ~G/DdBYK8DXUIWH<-9!`>0000#+;*ɉ fI)Yʞ-lV8F{61svj2KOLw#pfU Dnr+f0)Ds9}v6uPSx$?V4 `;"&px. &+$3" 3A88J|N.}Ʊ֖fIT8jjG㑷EZM](m| @s%-lm%_X٫O>=ڡ+=fU }QO~d'@$@s2dßn 9 }:h<0N N̋xӗϝ70008`^"a֟7ճez[lL/{Yz{:{w][[;ۊẐl:VDJ> e52P9]D0A6l8~kџlӻ.xu1s_~htFVO%I``ccb&`&`&`&`Gb-3$~HYiaU%I֜}qSsi˻'ȢExnC0000M|ubIde,b Tcb19u$d۹g]{9sgO=VmS p!f@'.&nt(ӣ(B},r9?uԦ 9n-E^Bk?+x)aG~q'b N%Ԏ8 _ '0ڸ½@rYSW1Hϖ0,F+ ֵ3|k7|K/lS/h8>IJմ x!;i6*#,ʱAy# #VJʥhh\F: /&oΛ*;5sMLLL> _̐X:&Y}~ceX3u5O;oeնֶZG1񲾘6J=VՏz1?s-p¾'ݹvŊPx77⏗T  z:&p& "w7$8rȎ ~ N ~gt,iٵhԾ2mm+]|1,ZwQ v}WZ[_K1c_%H@KfY^?]E0 ɀ+ -G ]V"jJ[/]yS^u: KJIX}*4XCC]5000sX &$`HΕL`2Ꮠ CU3㵒;𭿺sOx֤gO{NW*UU?aH_F_`zclGȦH*F|pžNltp-bMu9ϟ޾u뎉_dy+%[$D`cc&`&`&`&`%~79K$x-1~6yc?y֟mCs|)ZKm ݛOҧ1cYs*--j!WV>olz4qzƞ2UJi90lb_ +F9pD̿e\/T|pa@sF*?Fu]K vSdQ -vޚ 0($֠GKV+<Ï1ʋfl>;/{+1s֔+3[[۶&Vj-)A1 h>(Sc|_,Nd=ʟw)NʒBT$̩R$rU-$>hwT4秜r~W)hBAVpJ8 ,;sMLLL"ZJoo`/TEM}il1b2>3,_mxǯΙ7oLt߶ٳ/Y:oFWO'Ϧ+`WÞW2Y߼ ?Klډ* ?o@vJ'VA 7{]]}oz+6[ׯtr_] 8 pvT`c*&`&`&`&`&p 03璥 z)/́"1[f_#;Gaڴ[o{z:_#g2Z6R+ ? @vi@ ٺбM2K'cT6i姊!St@,9#\6*͉yG-* EPvus 2LLL`,`\Ll?cۓ%KfIF=H6+-¬?3k$m/o_złS{S'hoҤ Wկb'}0 MpbAMR=dRĨ\Ϟ۔gC2\0 eَatm#hޞ[̙3X{w6*ZTO(ca8#q0D/ÑGg^*-d$9!,y.,6%6$(@9BPI|sn 8 _% cv cu#/L0Ny~I<缅 g}G2:!F rxa7l)o.O!EPei J-M/Tx`"Sy""5t@JsF.82~&?~+zz:w#1&f|LL1e 9vKv@:̍ ŵL1󏑏`+(:GfK֕v f8Iy冊peOB;J6LLL  KF@gK4!`E"I2qy˸ %H0oK/=ϙ{GƦ?̧H5' H|Jm$?_ȣqgsѢY;7U|C.$AW+ "V:f_$ydG70(;7</my-(B\?+%o A lFʃIڧI~.@ݾ 'qɛ%oO1AϓlXN/-$vsg͝;okJimN՟mɸOCQzCO99$[EJ'@-CHQgJ{My3I@SqB8@B9X)CCC^X|?,w4;?HFrG~8NÑGʉhs%x1Qtk;cUwʏnebPNhO1ß٠?YQK$(Cn!hfNN<,a@ HX r%9X2;000LH AN\$a<;U؅qH^8Ðc&=l^>z߱ݝ[;Zwuh\RUub+]i3g?h}fõ|_Y"LL@ɮNmDFAŖE= =;@*HWoTLj#2=#Ejb3yWq _V'a ƹu0ß5:=DmPVPt*rt TaWD 3́%攑4(QBDO,3,xH# u;LLL `lxcɫ%Kc =%g\»Diqi+gLtR8Lv+S_b6d溢9,.(FDFY(/9.ͦs"ĤzR+E#ԮgQ$ļMXY>V.Wff"0t R̫rmϏFbɒ9EGsZ @j"}W36&0&0&.$ J yBK[\8? qrlUso5+_xmEϏ PcGc([p pO:ycI"ƩA'H/%̓"_j=b#sH׃BAAZy~coW = pIÖ+7o: # fI(adq3@p0yV/_tɜEz~wwǦM/tĬh2&U:ˡ !}0*y(U0$*I*lGiY{2fK7Hy 0Fޯex* HMET)uM9sM'kΦdϧzIdRUO]^MUndAԨTq/)/x{?5:ߛI&Nb 8 vtz%{( />6}s,Z8+q J`E2jp׮3ԅ .M۶0qh;]rGq#8{k 'cד K\ TaflKI2U_ !]`!fMиcAD^t^Gϟ=gT'"haoC =5Z~f{Y6yı2Xj8"1Qjd&OI\{ƑeF5U5T{h'vQdNvq>mpMèM!&ռVJ QbrWC "sU)(N[ 5?FybѢŖ-$;SBW0t01A`cLtם<OR3m gE-'ीu|]py7ַ<ǾFb@HGH rߓ8D']!_ݯ <}گ 8CiIROQGܬ 't.NGX(9G q<'6>rT,b֬)::(Pl "@etILlʎ$RNQG^eS(_:'Y)_6x8yi R6bۆ1?21UQnӁr'IYoB36{Y>mtk!S5TM ^[\qw|sYr䃒oJFO()?^p]C#?+xp:ږ~OzV>K gNJرx%'g[=SB\h-C#[MqAatsfrsQ7oF1} 'ZJ :aMÑK`Nݒ$M҃ _GY;)S&~ڹ&Mڛ eg9 N9$BkW^?o;4!k{s?$K\+Fy>po]%m'4hn;:ۤW9$w/$wN B? g,+'Aa5[(Sy-^_8lԩCr|@BX2+Ҳ1`g8HEqˆr1]!_#a'{4e+gs|>SP]2!T_̈́k[fFF⊢8b"lՃfg@pmd jR1+SUwJ*tLM_VPSR7q̹}Rd:灣$S'-p0×9=ۦF~(AqN#_&;%ڭ_homŅܢ%UǸ-jx,{܀rY~sۅݻo;;obK ;i\ S#SZ*V&QGK:hhQ:$Ȑʤԅ9ʏZ See>!;QtS{iQ0Qw(/C^`}%+W.*ohv8rL cK{?06t0Î_XA Í6a 7.$kֻ 7~vcէLڪޮtg"LH/Sgyl]oX[7C;}o?aP|P. 2H~$y@jfIPU `^PTJ P3(peҖ3dY"S /1 LR:"@۱Ç=}G*c: <t!oB9tJ :J|80_{ i]x&љܹ3eG-L`H pu,U!d>՞N%Ғme|ҼWĺt*HQSXfC~F&aS>HMg?h2:DzA*8 iS'̛*5 UU!FUERz4ܴۈ/$WHcٴښxN,}&&OP[yeqfN2NY`O;2UÿPo^/Ar-[%|?X@<}v?2mjWg{8O7M1ە z}@i笚vǢb V_ׯ۶' 3 O((*[c fN/Ѣ.JVF*?W:8rwk&-M:uݡ&@} E|RBW)KA`&`&`"@1bI5;F?id$K%3N*/|9v"kURmE[S~/)@w1l_СF2+9{GwC_((2>CjpC\S{/|Տ~-͏Y\T {9&W1hv}8E 5,_UoiQIqWʙ:KG|{Ew)f1HyUi;"veipp`E 1Η;oSsG28a&Hq p AaSBچ5 4ql" h)=kTW * U*hh%wk~I.ߢ8V 8 yn >3 t$IXQѿr.q&!Hӫd+V&҂tb4tQсQi@nN*O 0f6C-&h>N`j@14lu/n['\}ջ^\hD`tzF$Jm-; NnuXSZzM*:;KsCF1(9vMz}JE+-W*c¯InvL&'TwF0^QX%ϑ\yˠB͚: LCӒW[AЧK[N9ppsB7@5ߔ(Gzk&`&pD@R?Yd1*0Iɸֹ-_:E/ L!ZV:Iz>S =n.Yet0i)TMP/>Ub]V=@ ހ+Ɋn7@ԓCNV,ƫWymj*WNS=U'cDlJ˟#Xȭ>9H.P62#=}FmJD骲Q4G?;Iܿ=̣ib?pꩯ]JM[%|UjQ:SN &K$Y(/ߟ|FEt RtXY2/!`@` >%NajhVm)-kBfCRX}f>F z8x9`v tT ?R.$i رN6|~#K$K%;Nɵ/022*c !nY~&fJ0r9ʒm 7:,28(1.YV0~ = 9e:&g6uo 予!ppˤ$ |{.POR6!XeyrQ[0OԯQ-;.;[n7g6I @zhL=c}%ϒ,fȍ7o- *i 'A>tܪN8n i-0@.>#Arq kT9:Qj4* M1<[a_HkhZ֦ELkM* ЇґYp̽R_V"J1ڡu)dgKg@. yc;ղD!TnYWJ_T?m{m4=$=K2Gꓖ΀X UKu4; /fitܙU>mÉâ4Vɷ%vLLܿ]HcLD/`3V.Ï.ߵOߚjjh kPjDFiln'j͖<궖T9B;v뤚Y{::[Dbi$HAxq,`;+t<@#ݰ~ G\w֟^km9CgLdx94=Nc ԍcv\F\g1<6i%@PkY&ϝD99*7cgIx[^O~g)۹e^p.Y/ x |nd8M ȋ=TH[duӍ>Ϗsoҹ7)f1(VCJq#G[Ojӆ-CZ-( Mh )OhRJ2*Qws} Z '>V4|ı?Me.Ԗ)"{ d?C' R7$ߗ8 \܃U#؏l^$a9zM-A:GΟ\^#;q fa) )Cf1tgR5ų/S>򤚨#c? Vi*銌xRGxN1OIG}:CQ^CQśb oVwu֧?2cJo~]E::re_<k t"JRap9mbvńWڮC;cY\sŰ".$dԤ:8fRʓ)ON!3=KS*X| iD}6M] յF48L٧,_"Y*Y,iIbQg8D8DY3ܴp$[r䵒K$(|nz䉛Rs1h 0cKhX(vh0&`(=4"IUlC 8j/,URw֚i?8O4ocTCzxxTOBt'H8~ #A1.dBazd,)+}9ס]dOz)ZU+ڤˈW@ WFٰ"93h(]_T(1k ȧTWe_!ҕ]ۥҴ,ct'C^1~I &ӿtk%NCz9?Hpd1j8RK:,4=]2t ݮm{KXmGq՗nݤ.贁vREE+]/aD(MquGdNW~Eb!EHy>{|cs洘')F2Oq>)YL>ظq+}C'G8p)K`O ;Q ]-A_'a( ;v.7l/5.t`ތmm3;}֙G?4 F:'K,p-J!b'@\[;qh=jt` PC-kNd/g?;hO(E mL>&\23m*s#t/fɧ%?8 |f[(Y&XA.8fKec66TI'}8D( \c F?q1Vk:6wh81#v$Q{F~٨ǫVQ[^:MbxR 'ڧJˋ zTc)\%o]s͏Z6ncDx_ͥ'?χވڢX#8fi.U/s.2 e9:Ĭ}ʑʔ\dW,u):Wc,<ÏL^:9\VOiR4P^cUeYo u-[Ps6؎\J'^?grPuݦ N:qbE2[JtmS1Azr3 {<<ӭt-L =8f` o*:z8 ]Z5PېDCqS |X lN b9?N6/A?uQ6G—0a˥؟PcŊW\vٯtw\ph=n@e74 x Nd&*9nHn䧯*8bou"`T>4 ? щ18Y a3'p/k\ U-9(mj}-ʢY1󱗀3?>M$9Y 0nY2yڲ?qϑ̖̐mHnLxxNץ4_9qVWj:.C7 m df͒8 =-Gdj:G#%d_R2wt?򓺤2㱨!=:4Jk:=UΣRW*Wگڶ_7)!xsX-O Oԓпzo2qh7Y1A;sV ƌ=h )"c#{B @:?38Qq=Eɝ|1}PeT79>sg>BeJD}ݨJjb?m>޾Y'\.Ò]z҈>7"_Hn>Ȩc8;"I䗒$IIXJpf W\[ zoGi%@WWG3982c/x +5+:_n7-D[oSS?7VtW"LWMmÐW4a͒_0y_4~@p G8ZG/˺حFvڧ=)׹UJ[S#.5plը o~N?C>2$d._U u_s&~җ}Q7,ߕ|E L^C֠:"pEc$< @_j—P ߲3<,&gfO22,Z8+)~q8 $wyۥu̝:Vm׶d0q>-!LN[0:Fh$^YGrveP}o4*0qr7%?``&`cF+PH<}fx %ϽtS*"#,:~I Î[5slSOETk5{ֺ '.vv1I2,E@~-EM|nFu#-5,QRXv}q"\I,g?EWb`i,5XQ3ǧܑN$'&1m6mRٸ5>b[,9WrdF6 ~KtzធɝK;he 'EZS!+&_X%wt]m*E7C'V/(b|!y2iN;=({U*/rԩZ% DLS̞=GPA.=0s洭۶}c#_]pāz̸$ N5:^WӦ >$=r#7^sJY-znd N미_gݓz^S ^GdXaKvşg}; [5TL fY+XWh\ԓ,pYr%@MY̠eEJ X e<%ʰO7y?3h}V2+e{$S0#-]0Om=c]-zæ˜yq`[oy?[l!#]=A<ưldtFKeՖj_Z뫵Ԫ]2Z*J1A:"'xepTp֙Xf̟e4$WK~(Ap84P &pp熆:@ۻ$xDr$ p>V?W$]9'vzְY)3gL*/8Žm(6l"[ V9Fv ζIS1jՖAD-9b s`!h*~czoy!AO]"Ri'_7"T[h˵32E/PrNIL"v-3EY3؆Hb(,B>IC0̶y ;{RK^p^YS:t_M2ߥ|܅3+2|8w5tU۲*u)bI(vT0YŠxTdFĖR2B˸eʪ:R9QujJIo7li4ͤUh/22Gt+4Y񩂜4 {Y+~;z?Zu'9Wr; 1WfʂnX|1  ~L,ZԒp"_\#1Rf:qǼ$/q 6QқT$m8b{ C:r .xfVoܬG+Yf9sZ_+[p57{{4v *.[W;GAѮ]qX4 & ;QX:t0O`?qx{`1S##cw\LZl2 $0xcaϐ\,aпV0aǐ<؇؅c0 uL~B1sVn_xŋf.s*fpjΩEz{=[0A1@zCnL˼̻#tG?\AYU /B s%Ywg@`mzvʹʆSb[4EzyNu]~ǺDmQپ}gdB,0a1X+4_E g=hy<5E _Ǫlvqr\ANNI/% jC9qҧ #r8KZĦ/sЮ*?Pk3WdbG'ڸrrŧ'::ڋɓ{ZբK?oCPxb1>$c~`˺u\>{ K.eі;%HZr*L`7;4j@X)P2Y7oe[>] 0Qn)g^zjx[[kSQl}tG*)!m^(uF<MB`% @Xty8!?ʫ <\q CȬ:lvrQGV9>/=gWWcݣќe`=Kx 06(ӭ*;#p贉$$3>GE'8(]}3W.KvBۊwL騵TmM'GpRhjR++-zZ>ɍ>dT@"蜛8-u.c{(N$œVG~4O(M\T& D7meO Ol.IәRnݺ~/+$g\[#7B ,Ǭ{/SK~ _89< c/$iT'hϛx/}o2\|Kh:&FyH:U/rW0P,9Z@ޢ_N" ձE [tFu2мKrcvk  fVW\\u~8uވ,[n5͛S}eH}{&8Jp0B`7JM`JN̗pcͱ gU=hP#3k}X0.ū^'7kf;?QPS\Mi>`G=RgwA8 \b< 8ҵ7LoPZ^ ǣЊ5s7ht&`&F ڙD1!y2?r8 p` []űN4"tG0=,}E]r90?S/ev%KwwgX]+ 0469 Sm'C,-JTO"Pe:a?W4))ɴKq)0bTʤRXħJ!ч )BЈKeS|$7_~eg/< %II˧ :_M.v[1|HyZ2u_(E9 ;Qp'!<5R _~}@% ^G^ čC0#s"-#&VDޒ!VGt|oH3`{+{׽Ո:g3́A|`W}[2u~OHΐKI$/i :SEA/$ч WӛY񍷇7wzmBϑN^Nx/"@`p2(#}]V42aeҀ兮Lw?_*k41m}S~Jr/ƅ*NsP\IE_֕I=ɉ81_/@[ߑ\+n8{&`& [M-*LT skfL< $ⱊ "nXlk>a$a-hQuo%-mik=qƩ+t|}rŋ̞?MvMtxkl߱ow^͔qOmZ e/RP ޸8F/D|#IF/AFJ+ԑ\GBlYse\ C}12->eX̳9!MT&Fg3b7Tog-\sC əfIR&p $ W M =͏o?>~VYץ7sϹcOnnͭYH$$1X1c`༐g //NKxccb'66` a!fM Z#hzpU}on ,ԽTժV]Vڵ~bESnt Y c_H$N^a̓>_ k Ƽ AF I5:gP~,WxjQA댩WkWc7q k@t;s~иw|uݙV7;ve}'ؽhhVn] SS~oϓ;x>WW~ש^rVaW~bj+0x-VOF?2af|Xi LZl>ݳAЍh tCڌ;Mv~ÛciY<9$[ lfH :l k N=֧sO R^Mv_;gkf8}4ƕܔ60ϡc;c U;b."2vxj 'MXиX ku*aMw̝l\p1݅h{7e _cۘ;]{ӻ{֮^z׮]$ яcĬ<x.a!p-"t & Ԗ7|u(`xA6k<rѧmy(O(:k`\5'zS8Ϟ4M+0xqjy/z__}Q )ΞvD =J +0ںJvB%QYm/Z~ ZT%oÛ/] 2ɠnj/943:ŅHnJf&x/<2dFœiCw|un- Ӏg6'*S2.;0M2-zXTzɔN~< N槰muyꦩ KXAQ+O<5/(]S-l$3)˳8IWFާQdărEV:Jŕ[n ~9o^.[7 6vxRj`IH ;5;=W;NiG؝0;G>w3~gxwd[>̓>yUo~Q>pr0{bՈ7.|: 8BI"w)F5P9f3b!AF_=rs<_rw%t|tPSayӁm 6_cN~y|@{2}⯭Vvy v;HsecL_qK޲i_w?u9gl\yB3QJk0xdI8iۈKM5?փy^{A̬oݺbcAb[~ 4qbÃed8MNM+Ji.T sDGGd.NL4pV`_~PC6>x6p: S]32#FϻMD"O '-4%OzgZ@嗃fu~| s!2-.]ِ&&sҶDtJ[Q /F'}DET%ZI؜s.i78z?G'}⾚yLЇM5/¯Ї>'QUs^w8> ?YQ㮁-f0csr$Jg(މ~ ͉W{}8*luqm;+??x'mE迏Wnrv_^ pS5+pI8&L?pʓ&.~,.|#>HQ|PX Hc> VX@؟Cm*DI,Ic7q <j{ }ڒas$;nTXqw'>u-7rUǡa5͛sldO3yn{]XY3m'wS7nXwq ]k.Y@PuG q+C'EJhA]}F pI#qTh0$GK̗I! yô1'J]KqW^#rhHÙ# ;;z畳KvqFFic}L4N-ns|Hp ]۸A[t!OلG~ߛ_݃&Гf7\dujg $GtU9 ~o˵̺h>$J+/ɑ-?zfjp֖G}xW Pdm VDݏan3W wCsŁEqSN흴|@A~ NN\J&#iL]&YlQ7o"vlsn~|M^Q)ô@J ULVQ!y>6}zaw0]\aV:qmu蟦` հ ~Oo!*hғoF|'4GW?% )1Lyܔ>#| R7饛q3PfWK2?H7C|eD|i^@p)6HyePiPL~s }Y^N4z߱_ޅy8aKYWظ?Gc{/[_zLpPo{cW͘PvnC{K u$]g'㻁~7m[7jWSIN\޳ ">p1YШ}0g`yH.5x:wh g^107?x--,GHwP5+~mE)IAO+H4}kx1O9u}oY0Z%9@d/>$tzmq#~307,'O ixo8o" >%w$eTgA &yj$㝽({[6ŏJ P]l *;:#}>ɡJInocXPZY9C<{$}K>w$ZfoJVW;c7_1g NN~B'\g|Ӏ>쓯;~˱wDWMŏo/CF_vt]p5ԯj޹Uƹ6䱽X)K[|o߮$XL/2w|qp?_c󥗲5+d1xN*'x |h`g k(kÐ&L3VQrB<|u{/"W^y; y,`}< p!gR1l  .oAv*$iE#kg@e~MV<\9VJ/Pv|$z1iҽgR!0rUCN,]BƯ9P,_;;bqݚm9p|:َ}8rtg-(TN8/_{M7~x_"y`@%Wc7ov 8:It A 8{W'}3?ܱkr: }\GQb x>/< LE,|s,,)b`uW^22:0C. kuJ twq@%+-8[e0+%"2Z>;y! }46{w#pN0*w#[\fq_+Kv*Ptn\OV*g[n^NL8-/שhZ3}}~7V`kKlϹi3sZ;~nrB{ҩi*]>հc=_BBҌ>"7 o(ˆZ( , _4YsHL4#UPE H|Qˆ.`t֤| 4CEʓ/2 Y]Nݻs5|a>䁄by'JJ"K+z7 > iiCc\MAuS:cՌ[ [s%V'+Vxi zI@|)~EttViBA}sHEzAV U1oAЅp#o~vrW.̤cHXəTWcw֭ s_h|^LIe|z|0vTc^N/e'cѳ=l3Vw9'}9GX?~3o<_GG&y`,9;ۛIWO4q1}io>3-g_5p' 9~_@yǣB@IDATwrlN5au[9YXXXnڝ 8#l>=,w>}v v" ݍj!)] ;9};:s:Z'~5۳ ; 8/@v>lع)vϦ+d|Lӽ?M4}yk^/:wտ\qo5xz<{Sӓl=񏀴h\MçCF6D=h߅?YҩE?TYL:A/2 4 -}ZHy 2 Ҕ[/\)>dȈ'4TCW9+ eerH˵u!Sfȩ\sm)j-./^PtP/2L^q~C.\&׿2"oR;P{dɉB|T[6^8p73y; '0L~BKv,:d7pNˎ^: >dF@9%肴BCv믥nD: t FUќZJx\R+6?i͇ky5ͪDž \ g >Clv_[P2 pgf6_czj8a~˺6tF cQxrtn۶Mᆛn罵Pw=o_+>ƛlʚyUEipNw P'gWCX@'hReN]?Ȍщodld֜35lc<GX \vHBtgw0+?Ppec e0KX5Tgsv ^+vtuǡ*0M8;Zڑx C۱s|}hz6OZ5Dm9G/ K.\0[@ْΡ:ѽ~rb+y{N; zs$xQD3ģ4^34CNT}D4 Y7O}\4˓䥧$ReʻGGWrp OV~Kmr( (pE)myKg}b{rp_9 ";t.\9V# D_q{TNӛxOܧ@>F 9k 5~ 卪&: guuo.5L<(Q7 ܬV'o M+,}i=Xuu໗|wv-ej#,B*x0uƚkZԺF C7;6'v;rDuh|saJP߰a-ww4 n8y5`n|}"`jA5ͪ'`pCCo`u㮰`gXO;H'{sտ{KWy3M/-,PЉw Fe\~&gp],alDŽ@Sz2c31OD>沎z@U=j! &fhW@Zq_ВO Y7 ןFg؁BduM8p`q߾qP0I|ga+'st"8n=, Nsvk.[%Z[UM؂V4}e۽ }Ώe༪}A|wx B> ..ݝ庠WWS_P^nvi^z9oZeF:Sa`#v5Bk[d?k<|{V $svo}Ӱ=P1iavP;)()D6ȡ|U !2[/gSn$WL'XD#\.v騣0d fD*.k QfP֕uPHV_wü ry , [Cӧ/.Nmq6$.rh8/ڿy 㮻&S9xɿ7Hj<ɚ.,Zd|loon`}r&3O@)Ɔz7L/';˨K}JJSu 3xi&y q&teel\U[l /l? |z"xսt ةgE絰,A;drُґ=<Q,eKOϼ^cqŵ^w?ݸW wݸ5`a~|T`\ +@%MAǭtw7aD*YE|o> ϸyͳ3'tȧXJ`7L4Û6w1U- ޽ws0_4$x`pY@.K^Z&Z0M51(OU&& r"" ?L6@'¦8knl[ܻ@;b-ϓ8=mxH?(q1 ʀƓ`ܶZ~US:8 iZEkE@U%%_JCWt!Jo8>H8׵+ x9n81,vgc>n]q8}6|D}B:?y48Q.>ePθ/$˟-v4tdt FqCUi0g<3)<dKN\]Y,w<.׽t5Cɯ/Yx):3cL⺲ѤL|Cdyncjמ}3 +a.8awKwlP𽖄u>fȿ),"󦑾N]x?>gΤdAJ}jtX{?ŅFWu i2h|iu^:C7\;I| ׍BLt/8sr$~ lʟ͐iҕ^#tuyrG9}}nvv'6n]qI Cd\ WN ·.ho#Ә翸;~ի^rqmؿk) x/jƷEV?o%,B0EqCJ0 ~ YX ۜUm>HrK_]:p "w!G]nr*"[sK *WUZና4vߢ5`X^Wۀm ~mQ?muۆa۝Nv׾|%l޻ q' x̱ÝR~F\q߁z)s'/blMPrǑ1vqYAW7F9o1|fSSC6d?W_“˨\f<.'Jqw0^ hM7fcf\W*n8LE{,of]cz}.e܉c۵y?Gp"yMB|Yj3L:G]Gr2|$NJ?Sz~U*N8n\ ƄO.8:S;L{}w9ow|b/骗|%7rJs*S9O E4HzF9Ρ'ss}[wuECpA]C:,8h4c'0DK=Ca53mDY䛇n `|ʆ/aی0.Ozgy{'tq}gvGL9k}d r$< Y$ 4HpXp+A })}em@SYWv{A·ʒt!+ΪW+wk~.F8-Zu B9ÖCp*8ynޠ-ϻ5r <ֵ;<{ 5QRۅ8#Ьwp Zcj^9ta;@3?Wg1GთxJah!^p$Wu6K9Yi~>Vփ{o"|pmߥ^7?9+ _(% A\gT{4aَBLCvL0<$vމ'n)@=p.2~c؍k1@wDx5rxm$!0>fc>3݁m|gm1sÛ~wƟxϯYꩼ:;[TtV+@d?/?_v@|$9Ak8kk{R* v@@#W_\s5Fg̼ǰV0q+ Ya<˃Sz-Y= ;-;)vFL-W#;xhhqlC>_[wh0k {f!'sZ?bz!~0 C!|/0.z$`>4#pe]%o a<ʼn=ơiu!Z*v95Mp&o>g5v#E`'Py*Ɉr[21/4BM(^|ɕ^躼]̷kp pW6l'.SLZ/Ou 8W>o-wpp,gi;oܸG{xqjrrvM̮/#N0Ifϡ~XB8Nw@E}XhOPcd3,&@7͋>Լ!<۪ +\OˍۗDB!jʗCOGNWFHQ#?t%,vr}L̖1`IZ#+ԥK йYp`ܧ_{}g# y<֓[픪󲴣8E cmĥU4Wضjib{1ʆ8d[/aL|fQ`+oiuq;R{i 0wS۸*ielN>vGr-7o-~LYkŊ/X</lQ??MY;:JiאYH4]_@ֿ.tAQKbfK(:ԢMl^Bn,(v~<>/~y55p{QXBƩ!d4f:u:bHIl$VAkrYep'>y󮓶mZ7_,ᩐ@і\DEdZY"=F(fgJ秃W2h;zut}8xN2xx8}5+׍^crNNIo*/iVn+u<_⊋7n([{\`a#ݭnaZ|mh5wG|.U@YD8J]BXA ^ xuLQeȚw<_,X\8X~>̔UQC9Jk`%|TzeYƥ1^y<ആ&wprWCWyuq"k|nT~Wӹ~ud^W^kT$h~p׿ENc'ѡM7 XZܳ}Ջ=џ/Z5ϣM-/rC;+ &>1aٝQKNh<(ǭE0Mǰ$4#9g >BPxG6*[#vFe>W\ysWFvq)Fy5.(),b"ҡCʧtRD;ct;qq~vL ӧ.)7EeӁm7p48Q+ܐm"F<C Hziu7Sn`2̉v k;rVQyUʴC; AۑsKx7,SfofGוݡP}!V:|Ч,nk"<>dG"2v ;G)8"}MStK0``u|]KTId쬊. ;s8~6b9^llT6 ݸ'bc7'\Xn9k;>Qgp|]c|h<:VWDADgP)LWNs $} S Rɔct(B|辇[ `:19 h0w@,0Xkĺe?&8 hʙyGAfD,Am#-B;Oy~[3Oݸgs褓33 o{APZv*vObP5|Npy<̱s`ރ'}oOKYG<33ԦyZ#rz]Ӽ~Ev,L o޽N>"./Z%/}*P_z ezBtN, 4YG SKS.ȿ._ͫY 'JxqJҬa[7^i []J?0v?==1? x3.8C>hW<`U'zrjz7cmSSU.zvdInuiyߟd{Z^Eڏ"\ do.xS]IGb "#iwDuD")tueY<SM)S?0g?UxzkɁf^I+.]>TwKVP9υϴQ<:Uޘ;_õ{MǍt2 H ~s=OG4X1nP^3L:?CPaXșV~"7NMD(3jp#TKx3Owt%|]`TS=B.jQ$c|z1PG65 z?<8#79˼ !>_g9FD[IbHb҉nޕ_},DY.;ѮD佋7!n"a<.~J QULm_r_z 3#w=tc7k؍kɬ1qPp6s_>;os>8/e2l8>F$D(zM \ C SO6xk^0ӻ}S kWꝀ-P0HU8xL*Q-I[HV{/5/ ` Vp-?[S<4>3**p@|!z 9_8_?hSUi,kb@N&W.<v׋-<|Z^<;ۊMSnMĚ5wĺu0NijN___zՀ "k ,`x<,$??5HNc%>>"8-j?THX. IGDuQ cJ]ܑi&wbNr klذճs7o8/lNjbp҉kV/nz \'`OV +zzv ;lh6b"?P n2}V;1!xƒ"|QH^!{d-Sn Ci:@BmH}@̴1%q ^  _JCW3LY%GE]~d,BklSVJMS2/X^GD7ܤ#\/9]̻JO}|;w#|M.`&w x)@ 搹|¹ PF~ri] Ɍ?A`Y #7jW +Gm;I*`F-r -][nOc įfn+BW!9zTyʗq5 +vb$DԈO,g " KVN;:bD)r. Obե9aӠ橃͎/wlfe ԡv `GKbGSϟ<?û',|H^VjyFN/.ʏݸVWL#58khؿ+Y[D ؃<\UD +Wrq zex3?E5,cHs03ilϤqz`N$7>y7Xzuc7l8k rzo2 .$4x6f>ix`~νqǽ0nkX Y9`q4O]ǨTkW.O M[věu4 j?MKܑe b9m/C-tka.(xhkEڹbp%mBe{y]|6gBlشe-۶m:pY'zs߲yP7pxgaLbس4ni;-KqTOÌ754!}ɿ[n?VNXn[a#Q12 K7_49^_qGu`}<·)3KEY_GWwc7u elaj,.˟%S?:En\FLL/ P0Nt\!|x 5O}iߙ۷{yPoKv}b'6~r\A{БX (*dG&dVۯ:tyM]WM#1Ժ8Sޱ?z Mt p)^,8%E 2jED!8p!ta#@5:ysvV8ȯu%%]?uƼGFnMQUCۇSai|>0 E8v`G2YOb,4Yq( bt gr$}~F ƺa,`x{h! T}7nmk4Tט5m3;܆ ?|jrz#۱R8yq1; Eۼ _|s=3$|m"2 䟼 u)y^Pe2zE5^\A7ݫ*<{ nIܼ cVLڹ@mZ9 Rr!K\W%C&c]|T kuaqhիh/_ZUX D?}hO!0o?";acn`I#7a'=C0=k$JPHNQHh?q]l 3ĕOd{޸7]O|IcZ%~o=ӖEv4#r ex]ROi) eke3t fx`Gh(?-/yӕnYW3,md>9ojӟn^af ~`;pp"0-R1vCbI_KQ\jkyn CW,tc]gu93(,%5a <@^F/ㅋ/&Ss1V946^?ovna*=oC?~p\5F@RxbnM ׈o:euew[?/L1a~<cojrDck}3"ݑqEgm 嶺( uZ|o\p#| "/kn=]901x;x6&֮{hi2'/z t." 2W |m ^!9\X}sɇ 1x׏s,Cb{A$ܩ`cONcxε|n`!03%ў>;Vnb!fHO<3#Ţd7<^ _=Ke$-?ZTH:+!úa%mŒ~;jv‹m)/òޘ}@Vo+?ٲλlUh"Q'.8͹‹ ȝ +}TRv6'4C:QxYI5kRJ6|p͸ ѷb dpK+Mh3oGinm4-.Z+hgO}r2ϖ5r|r>VB ZKוYD:hp-pjfz;wCW^wݗU0[ >|SDۃύ C,7/Djہr1`6ʓ<_s 6yb] X3ݕY0p }6MQoz;rUʥ,aDa]PF,7͌R gx$,o`^;uܷ!<sOLRFivn^2Ua~u R53UeC$2mqĸAUdi9&:J;O|y9Iceܝo<ી3vSj6|(w+W 9,>p 9Gm-==w\$‰6 #QNc .W`g56 `A]_@@Nafzc zZsQ_1bꋙqheh5WdLD| &;vAN1ߎlcヌ˿1^c?C6'ICMj*ẌECf:"M'VxL vO޼tZ '"B9}xy˓v%b@7X?챬8 q2@?SR8 twuX fT ۝W\$P8:nϘpgBJdU?(xf0RvdideZ~e$μQGz5X@/֤pF0Lo1K%)xwf.7dX޲ًTPn<H&* <ܷZjiK v. XyF-"6k~G^.v-#+pzR$ĭM(4!dQĐ?>jHLKaM&dN^'H2]*s.-WfF^w:ؿ{{/~o]W _ҾÀFѬF-Nh]Xrę55XkjJ:}uqT:鏶inb}͌lah+>JyLށ]*IQv}JnT8iiK 2'ӌ>V.Ev1~?t%7zty> `SOr 570NB 7>>C.(V[&Sp ]uC"#8>TsJ>gPr_,e5O,>L=d= J}| #b1W-;RLbo߾-.;oOwmn37m0vx=_op\mSKtxS('u.׷w]0zۚ 4~,c qŐsY` cO 0>&|;a'-$[~/>٩wܹ}A<;O\Bߧ8A Ѕ!ŤQuӍKc%~ ıd+_BG:e86.\`Ж%iB#$_4kUz]\W]]N=U]#_މeW$h. :{ @+!_303'V`N(Òy5_]9R)@nD斧= l)\x )WQ R%7OtD%?yҕ%s4*ut7b7;o%4 7$dUy+I|K3.4GyI7I> 3tIO+Ma(N̫MKs@?UNz@")Pw-+^zTd /ŋ+n8:-Tֵu 71wºsK?2^O5ã 9Tqz C"L7DDK_>zD{޵"njޞt[~с* ;2Rх!t:۟K`@* i^8RAIo+›7;z`p}֭v>9='osu=32 4)=sb,tl6JXxYkcښ5xƙ ['8xgjߘ@2VIaCk_y #/G8ygmA\G HWwx[hG4%lp&WtM&AG׈'ʚ{/u\1t_ĦWvE[quiEtE\Vr.]k}([l%e r:J$ ,$TPJTY,df93SBB ?Ul}nE+|.}\s.\%Kߴ§P W#.=}eT<)/ӓo$s$e)nĈƐ@IDATo(E3;u沂=di4\ZMrm5{?kiHk=Gt:-\ND< q(+jm(QY wbަ!l3RS18GZt)#~$cʲ0|r݇B|˥LK̃fwFrx^ ֟8]ӀL;܇U7]$ X;]46JܗƥT7HW|%`xhk_&sIKp7BFKRїfGvxq-zS[y/ZSJ捸M_Bi˵4{* [{rP>xӛ~h۾@7@^x\1q <p^l9|?[¾#uې8nTuO0?μgif$)51pØH$plPMtbk:ƗtpܜeڧwI@3;EЂ~j;#NR[' 7WƮ.'rj@&ai|oZ?X%5hEZ-J5rKO寣>}y%y$T+KǨΡw|,z%%oI'me' ԕLc);Az֕ߏ~jXupkKdۉť.wz~>=WY*7/]WaH?/b@-4]וQ.M7,Jne)򷃜esNuDwŁ]o$}W~sGj7ҧ|>_YiwF>/Mlݶi֭VT4oF+\*m%bDQFBc>n͚Yvxlhq> w7؋?v5`q <p_{#v5hf:;;}+g< 8ζƂ}?ś锓uӦ'C&PF}b06z!MDrU4G%=sM"O6lX7xs/\k|F-ou;Sd7x 1[Ȍ2=Y)p vZaKFthF訞RWE\s9m/bePh)]|+w+9mƳ(Y7UG-!ӂ'#1QTVVCx?9=* 1Q!3c&p A Z]uŏo)M|~y)oK[iК.O>q蚼)s}Ke}siMAOYp`:ޱ_&vo׊$"@`l`-q {N:?$؝g>θ{8nlx b6UbZA $v-w~=zBޫSUέԩ˟XlIc;ڌvQNb3ID-,NFD|ܪUH"ۜPWw-\xhϕDx:~yk9AR<.ZٽL ̦q彫jknMj>˭ ,ָKdMcHÏ3@ح Y0t \c |&[u d7`cijS<X:mXyb2*s,"60E {S:V)~[z%oAGՐcV'BF!t[*hs<IT!? .E)J&!6@CEa@]4^M=ah.#Bի|+VKfHS[r +ImR`H82q=98'QH`3wuSX'HY6papE]L~>H,) o%Fy84-3dΐKòhمwsu=m9LRBex$ZY8 { w9bwz!]qK'NK yrYN'PƤ*:\E$Sɳ%3QEga_O:%S`]Y}E@L݈}6(p~dHKG'2r٧qݍ=_/ӇkO鳀۴pv*OٺbEc!'H, X':,#nV+9q`ζ.tmC4.+RcKT㵽۵ zxtAhCRϥx0L -^d:x/ +;pN>ϛOLTkb"u- _OZ^%rWJq[ ] J(>rC[hvsf~Ǝsn:I)X=4"t: 5X ktC<<dEv/.ϨUr^R+m -i./!0-H8adGWu0IgΘȳ}GB,T\'X7 X.\T)J[oӄ2D崤C*w@u U[;tw]|pw 9v|TOyݱ.6沙HOEI RyU]t9bcIܮԯwuuQ s&7q}Oi}T,@A vWϕ717 乚\B/?G Eoa4d,^vi:kZ lNg v(?Bx+b<0q,mMiQvGelb!E'e @Xǘ Nqʔ&:e@1qj0~(m*.:/,XTރ z .NZlVߊ:%S,=ĆӰI0{;vۉ_E;"8zRYQ3Ȯ ϡpЁs65RDA.p^FP ќ^Y;Ep*4e'j6xG-t"'{>*iB.-ZymAbz]E@ZЛ9]Mry7Cl7ݖ`7VySod^4QTEZLI< nƅ g5i&BŅ$ERb垤ΝN/qG{~W+;mTӉzer!is|+;!#O8xcnn"S$hKd21)%d/Ȫmza®RO (C5*>rU=}ݳgh[[ yPLƘp2rE[ 8iϵd)p[M8xhU t:_ix*SyzD>W6 ɨnEf~c&8ÖQ.DdU a,Y[:忶P}W+ʐAO*Zāyːg$ys!a<@I8߳#WڹE"8~dSAQ#XlLN*[/;c31y&_9GaMᐩʞ,xK4jQ{Xj7X*~A F^;Ԏ1Mz."yƾcϸ{@ye<#Ո-V~y^ !|cʳP,y,p66w8l(1rE"Nط5710XZOڵ- ;xd&` h<92Q~I-p$8 9N±xW8# I}Q^MN:xuM2R(TXfJ{Uw:B  ;k_]]p맮_|[#t81v4O)먘xRS & t$6,#Υ%Z\mP'`C,U:UPMey'2)NxSƑ>/ z#x%m0 O b!"+JC|w0R{ /qLmo=ET#W+p, =egz 桓$WMTiK~# .bo¤ Z(cd |M]"[W$ mvR_(mEH.dk'a_g :tDV3+ f+OM^3@9}"IxhK8<L'Oy)ɂp_Wxhl=ཌbw>%p$4H2J]a ȳ.pJAG_LXcuoĻ-Uڇl?vr݆'ː`,aGk%\z/yKXǝȠy:h&hf?=-\9s=N­<ڬ"ikƣũYT*g>[}G5'ouJsH=4]s NMZOy],+hEnS}v$cf]=xtwk2]_ '@lbįɼAڦғPF.,vwJf\,{ߧEzI?[⌎.*4 G2UNiۻ>U Gl۶~u?K.7}:/V4ۏ7 Be$ʝ~'XNo(g^klr o0{Bey慌-]c׉s948C'x itؑ^ ::z&ݒw` %Gl{΢?˻Wt{cFUkZL5`٥N]JY f[,Sir""ĉ| Vp[8(PWq,~j}/?W/U+SQ1֜Ecw4h`ԛQ!"H.v2x4gP1x5,տ3ƽ;p#s]N4)nD7L%Oh87ٯ+3$@EI)?'8[\3b%ClT:,Uy3)<U >Ø`QM:.ގbI xb@m,O6 f9/R^_ u_4QCo )])<߯/AE}e(~9=tl4m./ ?j1Kվ30a}xv x5ib>>3~AY:pEqvq-Ʈtv$ ,呿ʟ:"CFВYc 1]E v?0-MAtmr}=&T݃Nd닂'ot2#/A?q,l&tS*7"ǩG;(hhyULYu֋%[n߾cמiSN$hGc4L` GcI Š/-\Ǒ,8]aH'yCܴ.ރyuEcҏG\11P<3NȜINhd uق%Ciisw  ֮jEl$`N` 9k+p0OfXmN:yV){Prъ[F9d.t8hAhi n ĥPovz^K|PHDZyj#If1Jr|G8pJu\d;.w8x]ۣ:9.#^[Bf!;0D;>l-2xiVJx9n|Q pD9D'ȅ=sAGJ[71xf?.y8i=Ԇe6y򄏫Q+A9a~'Z碾y&>ad LOzOOE\K] (RZ7:~pDvp@Woo3 `O0ּ::Bs#S\ⷁx vYE6&=/!,,M[TVeb$3G>Z0&J([g .(iađE;'8q 5qgLMDV\.ХPJ2v&Ew{aw(- \Gă Oʠ:Gnȋrw8T8x<ڌC8h`|:Tl!9Y%/.4Yӡӹi#4X>M(]AQ/$&^s}$?M1ir_> ,]rҾĝ.ES^h&ݹ ;|8˩Zؑs{U!+nQ7TFP߮IIci&O}1ywtl9vSJLUH8cę5E qJ *lBi> |5Oi~pBZW5yvөG˵Eyo.lROw_uղO|&1l[RҔeM \);^{zkȥgqu7ۿ0C4YF;K@#q7^YLyɩiR˦qF,Kٮ6˧Z~uMp<|Zwhͺ{>ixw^џ1whkO=S驌So@DޔrCЅhĉ} Vk:+t(lE{L6?7 ,jlU{;O   + I5|K:YV#g|X xQ̕3CcBu^ NYP9^ڎ#p =_ {FԸ':Q@Jfrt<HeeD[(#%"E&^K)+(YeDte11ysh2vz" |vN>J\s^¤&[VX{&BSnrq>v0./\LA1e~{C wY?d^;Đ'rπ曞([%"+C6L #RxÃ0]Ж2r7zmm$$rZHZZ ’[d7~SyBdett<4/o~l 6ZW-ʃtRl?1WXA'lYwJµ 4t.1GVq9w?m˻JO h=Y ZL u6Q-'L=):38*MළxOVEHBx-Ry.%](X&hvvAucyI[)Ժ!û5 6blRB|>C{B9@GV`Ɠ\ #;4L a1H|ś4" ݤSIîH!Q 0dV\/0'U+ |*3BkCv`숇,҅5i>B"}Nxv2c J9؃#bXW啡 QsLeY@}^zصP+A X fk.ASHwa,.QHU ٹ ]2qlUWim6wuh-UsB{fhbv'>ߋ@jQ@OMC#3&H}POYlUuoa:Q-'8eB@mrKEY \M QJOڽՑY4!؁ &Qm]҅Lv2us>-U`rbx@q،wW'>s}-.7kִM4$&iH4Z1sǫVT&9ҊqRy-qqw1Vcb6ڭ1RN,ר$ աYLyFsϹw/:u~gxuL,@?Sa &hfdPԟ X6닰+6ǧT'G tDҴkt`a-;j&4B l޻̳^00hJ 02Oe GR8+w"-u:TW1 /b6xє%&$>cA a-nK塠ߢ2Y6 4^d#x0<>vsX/)% T&|3Vx &9T,'Â4#nG-9y D/S؟3(.xoe>d.E>,.CյL;Ip&@5Ȣuz))k^xN7dU!gkſdˈ‘&o\b]j oϹ!mZ^:KZ0[b-#?ITn=M*^j p9 g h]~<(CSd$ (w^HU2nO*I Ks G3\*]7p|^s{8(/Xw. f) +J\Pxhħ% M,ԇJPx=,. ,.q'(e{UbN8djqQz8= +គ)xT~Ouy:*:ש'u&Br3I~2:ȇ.BE_>qт6wb"J U(,2Vl?~u_|^ ;"C+OWO9*CjHƫjo{Nߒ~O5_9]Y$}_l[q^nsx:Eݬ1y꬟uON'<ШSzrH䑶D}J^Ehp ,BE?:gwޢ6ЇqZ[~yvzh/~?}lUJgm?ӊ _-u E~OG?h?p_C~*Ơ9nVP"+ g]n7'ũC0 +0HxHܟB\Au0yn_ '5lm7f ; ٤#Iv.d*U=٢qp)sa榘iPKqI c\4 r]E UD5Z w2(gyKZ-e@RX2.%t%aPK"AyRM&Y19s_K =KYoT"-V&*%^ꚋ߇ 8td'up5pWxE"ty[T@nh!LɟB/GbS&M{ʹd;e ԎPz2epG2*̂DmD@("}Rˆ|t@܍ z(x%IVv<L2@  h3S&;WJ 6E8'mq` ^bFºdK!\"LnR&ȃi \KWzF0~[Bz4YppGɫ zxJApth3x‡-8zmuBY`&|; uėQDv8%}Q>.%} [K<lX=NHC; ;m{Um+קڢum :߯>`*VY`gJ0N4La)q`eFGMDZ$ x s;9OS;}GЗF{4?%G\/_'I?Oqʎo ɢD86=n+@mC䡒Q.B>hԢ#*իđO9cO/>e𥗶֟yf}M[:8$!0EE-0yA3At2\B[FB`5$L ^avE}!JpsXoTj8qOBA 0UPoi#qWx|0" ުol^vr>tČ7fӖ$JRH& QCK."'7ȋ&h`:18Dp'8 ^d ,7rC*!q1h>iuH9qu&!DC;rBHA$ІO a:,RIBdH2{UL9(MrE̓wtܹ+o~(yh'SeŒ~13y ;=v.j* !iM^uLBbJF8OUHs9vյ T8X̆Gm|w4Ǹn]N*?R<htS2]5B+`ᜂ١J+9w!(kH<@P %C?;3-Dy^KT+,<-GёgE3wfK5E+9/i:r☱Θ1Gtm}Ŋ5}{7|slX(ZydA65x#=g`r <Vυ _W% g򘈧O)7tv#Zj|X}QvMm>2M6RG:o1 xIjT:1uAjbbN,M+/sϯ@ExBaZ5.M30$9V%Zc'yKCx򤟉2کp(rFD&HHaOUr0 5'&؊v L=HET'3[4ƀ$Xh/knXp(_䖺 ͖\`"&! J$+h=9)X *_!s!'# ),^@ƛVB:>3xK!2=VܷH`Le/V'~cMˋ+lj$"S:(4:9I2uaCq&V5)%H"z>[HeR@,aW5NϨ H#B=%~ZnԇRVd՗/P;ʮCK`_ 38d!0(tIjw1A՜w8` {IHpxpLowoXwW_9aC l (ؔS'"|P ZVyC}Ư]?ghɒ^G ˀ_PNoFv 5rǘOZ7jq3Ж :OyXd4axdOz!|pWI _{zjLL ]K= gk@1WK&tj-W; 8ч}23Cu}P6rFAVBNA0P(EzC#/Qc=ּW]F϶X&{f 7]6(-?m `MD- kz -L=g nd$cnV(ayg]Sw._9[qwėmǸ/JDwഌo< ޿/?KPӗOc[i >D YsvT[ߛ~P_!{x ~_PZzo 6gX- *( HGX^mwyMDb}pX~WN@Z}Рό'J| N<EF!)PnB23Da6{%H!dx4*% KhbްQF"/ D G-s\#r< [ngq϶sy.\IWm2*2G&Jrア~U4$DccC\Li+H[k7۹2%`!pi/]LJ"3#0t:, >XxHmt]wċ/^B1i ޳o֏`I}S'w[205Dk౿i(3ݟf/@p}t T/˾\s-zEA265vޜ>p`vy/wD`^yv C 0fv(_Bk 8 XL>?0_3*;0h ' _AL䟗ghO0 `ζ7tp~5[ ,wrۀRQ 4C~Fyg ͇;<.?<-㊟-ߥbz^ݾOOYpoq~^dݭzbzm/cy"aЯ>9_D`Ú$&%!g`fڬ=p"`˱'Sk;@i^*'7]a锝rCmK,M%.%QGH#l1*JLL УJvܾcյ•J(lhKKW\P..#4ՖtOP8I}p#Ovw=Nn5 3d|]d*nFQsN^Q7&] +"",m%m)/M'iʮv8y)H- 211r@~9M1>FK+Hq޻zxs;.ߧΤrK| $B69@+.>%..XVa0k#nmXW`0-Ok_SGeé 2"Hn`߈).N}zBri&iܧ34%;&l'@w n@HuRx5RasnWI,؄@;݇zr ςoG]@+c+ dH$@Cd.;l]Taݘ@3{=.s.BM#UUqtێ'ȳJقLOˣb*g '4C5% { 5LȒ.&<4TjpVI~%xv8oaP.ߝ"(UHK܁1@nkf ag$27uHY_ Th RI."u8 J4뵭[oξɓ' %===%Q+"InPSu`U#1}x _|qs| 2)먌XGN>~/;m+ܩֶ/|o^X>W!5Gm@ţqkJV?;?G$a1%]P:?\٘!e'o{>Bp>G\.i,q9 8er9^|_.͒ØKuߝr~^#5}"b4߆Q {ӯՓ Ke[݊BuyZa=Kct@^PVVxY̜_1G()w} ߔ4q¼Ikju^LGЮK~dԉ?Po_s>ԓOdNNcuwOϮ!}RI}ݥZ}>MْUm|.?/rcQcluUF*! XO]{޳l`wP z-N͞c͙z%D1< ;s[ĶAa;@Gc}n 0{"z ߌ+1 1-| GTW+kEx^ca /|پӏʅ2KD9 8^+xtU_ѳjsz@R-]z?kC醂QI^Nϥ3 `L )©v,e|@ 7!ă |X/P ]Ya|/WmyptL2E%Swsσ={&USLV3Q޿eˎj:ov5o|NгrSzX7 .8gg!\GԞi2"|u?ۿ]+Vyǵ^bnW[2z8¤)X46kH nXITNxVŁKkLI$!ᠫS|=7/SԶCNF;v0xP[ &^ӄ>C/k͒c 6F&絁 ?XlyVg<ƒTg '/`t=Q-t5pei >AbX~{4n Ae!˼ ܧquoٻ>NxhϾw_"z=_R|oO6;,E(r=-p"S<(^[Wze%0pUرl.{Pe"aygO2X<j_oIcIsz`-&HzI>Ŷv42wvusԉ't&z.N=IXQ;rVz)sDK$- vU%BɅ,Ko^z/?{&]A|z&4\S{j7ZU_Y~87.Wbb+Ԥzs{BFcׇ]dxBʈzt#8E.Z1\FU,iΩطڂgNo,߱~v s^A1[>5\Qԧ>dw j N KKCSv>xeϽy%{<81fJ70h%v96%+豝pџр؂TR{l)Ovo>Q l%ݻ{>}N6eZ^.Sݠh1BD; ͽAo4yËN"%SHCϜdth[LPF*:`riqnk MM4ͫô'B-j0'8\O1̂p$gqdF8 Xܹs?qZpj+T Vur [%e1xp^QXk}=k@)pí/}.Dsb}/&|t|mn gu}ַ'M83.Jeu/&Š <*M5]a$l_Q0 El'Tד|'`F%ިcCV^!RV- v @>xHWh\)1C{D:4, \s &U<';)c<^ sxES|r H;$CWgAat&AC H2G~shrqY+0\7i݂*g#|*]$rQ$*/o8o,'WfwO͛[S2A޳OɯrZnS ?s'?A)r{Dir@NCIY,=XZ/oyݮ0?g̎((1耎\8R ,s=?ns$5 ?}5">(' k&Զ쬽+z:Ԙ3O^]LW5qzcy#鑻?wJ3*+Id"͡!W# 0؄Dځ-MZzssɭ=RH֟TARg y{_(MޱO>:<"8\OR:1,[/npOFpN^=]G0i97Zjqfr[O)vWIⒽ-==ߵmFMN߮84{>?OsΎ믿O.u0%KNwն^{5),it`'HfA.Jqn6,+"Wz(T~(9<hŐ~a9 <G]((la"˓±;HJi<;~%Oa2ۤ6oyUܥ:LFm7OLEvj}F/Oŵ@Gҡz9I n= [@AQ)bUInh0{g5m.R:iD(y@RTn8kxomǗ}MH "i6"d iVy(2a[6@phVƒ?`# Wu=?s]O'Lkp;EN34iҤ5mb֭vs(. 9sKj6mX|eB:qҿN3n,^|[ AD5-/cKӬ$GU(7ץ6#xX,|֠[NuRL;2.xQ \UV;;ᑮ ^vePfAjYӰb'`S ':YΎ RAr9'Mk\[W;3Է~Ë  tnp̯FЇ pL!y:A_4aFDO" ` sޗ^d:=Ϸ.YhrO^f,q}}?nTo:q}q:7 drI\sYf`Ty# ZyTG^9)1 a! HNh;rgϞ9}hI'Q?఍ ;C <#A3 '7\6#ɦF9ڲN5t5sIsU]Nf;XU4 <pxW#x\.y^!:tk*Ϥjʌov-xbSq:`Y4ӟceVe@Хe9?rWp8:!`ȼOл| 4{DpήƩ;€= VEdxr ;=pWcqKp1A^vE_JX=Q{nF%Oj\0S_zW~ t;E~N.x67YD'-!}.e{ 氇mKI󤈽o >ُRuaM,okYuNˎz&2#Fw"& 9ԹZ)3\v X&i?1XPnx\ Q~Ek U8f,+kppT;&|. l;֬ŮS'"k0{;!EfxN.-[;ʮ|3r$s$$RDSH`Kc=g̙cٝٙgfd[hV =DIQ 29sw]~KUlK,]sX'Su\4[1k={z'+E>& ͩ,K[zx]Vqp ɓ'x͛ݡ#B4ZsMt_&4FTiqYt ?PJU?~ȁiMMYu,OKVMb6;BXN8*ŇoX8֫( kJYut¹s[~Cv)˺UdVQ1Oà0#* qQQ9\3&\ y߮:32='zVw4c?B$d]B"R0̿_jjMODF>7qa#``S_F ?4tr^øL ,,+#ӕBc\:~py><ӄ!DAzOȲBԩ>:t=浺! K=s.$,G^]7qne).+eY %nмOs`p}`>jY~]ٿEw 5Thě=7:Nd/4u1kߢ~(+Ha t%rÝ,B1/j}P ղ?eaٙe&k50\H32HkT'kTW4Js`^BdoB~qFQx"oG1Y'~^:ܦt뙒uX&R'hW3!@KEC;e;wYVdK1p[&au[o]7;_|qS3lN!W $($2sʍd3H>z[THsIPpW.W?-^Tj/IC.\ʝ>s^guF^PNJ6KbԕKOUWhr|Ev=y A3,:znu@4ah4[Ɱ(:h;DȌ5կ<жeο4<stpگNkQ L5Y|袃2+橣8W>nj|2Q8=tп/͙3%au_nD@IDATrWz?%}a#{yzN)0ϳn D Pz`oraiY8}-*ZH!kasMaƙ?iWg8FFW 'Mp7"׊0;MnJiMo, 'MC8Mc4#eA[rhTDگ[񟆼{&Ƹ`H!8΂9W<oktC'*_ ~%cUჇ 7ݻҲAg ,Uܴt8fR=&9u 0HmM+5ἄ`B$Ld+ O6x Zt0u>Yu4H}%cܭ+gYHxV[nYT;gڳg/4 Se["{T]4볲JA^怽5?9@@ zȰaϫSRaIC/u@K3-wtO5zqzZͬ2nV[ŭh P9GOf0q(he,ttpŻ N+&EbA(i"504|Xۢ`2MO nvi r!.2dk |XE3 P "l]}2bf-O. ڵduxe͸ӰBtL,,k׾;hMPv'It//z<]8xl!NyOykpK.+ex^:lp0.5-' ! /gnVVhǢE:ChV[oWrM~>tq Dcȗ[ ɗ:i #A2`+uK/GOwԪ\)U/Fq"x]#f %2.J{v*=ŪŅfOC݊"]XM Y& _(N `*gHb%3Hsh`\JyU__˫ڹ ,%[ >OӾ^Ef*lZ[K5O+>U]w7nan~ =w*"UFOilGp( a9vU ؁dkx9Rܿb4B~`cbT!ށ\|CM1Z@:-(G<|G,ʀ)ՠp K6:_h#W3RSn%]hs yfQw׿^ZMY}/x1ׇø,20 ]7TB YrctBdQѲ[0tJycjY%`,(z60*ᤀtA_FA1$l,4 3\¸1_{5`V ?rz'ͫBk4W7B4aJ bFǎiEυ #ZfJ4siI8ߘm 4džpW4V2tܰt%p5d3%Vn,#Ͳ|\}Z ,n14u O!}|:)ez yPWW!u/4657dK9t+Y=_S O GD?b0 u.DL)KrA;6b\C(H|J[>.lFd7:8pF 0E8R xUsm]K}9SNJUY|&mqpn}=G(2̉ ж(a0PUTɎXLR@hԏ80geW5i g=g۷o(8!| ]#WcnHc<8S,RAGL4(o<0:VL#-H;wK^AKM"٬A.jh k߻~@jVUc`k鐷Z|*J8$plfxdVQg$ %SIsN s+*vhe@^YB9 k.i#.+M:V%7My4PӨ:l9ݏ4Z\V`LSs=r~Uzr<\g7X(Yn`O%}yI: (_r`쿓@`\xE\ߔF`FLu{=W5 iZڇmÇ@d|ÉՁm?AlX7N<u̮.^z?Ay=^4xWbM4H`ЭA44ވ8[%X<\|D:e/D˖u۷>08 ~*L]}̞=ZW\ ìJVL9,|Yj'f8 1a|8p-3_6.!xz~o{WYދtKf0•nqFgas2k5 p8s\ғTD4 G j@~ K@DAYj>f22PY3Efvވ'@gc64muN[q=tԶ-dLӹpBТ@<ˡ/i! Ԏا5Qp9X=ScsqMYYy^o&Ǝ ok8=PVAK=ЭDw8WW/_> ׬feYaY |eߖe R)6^"zPF`ك[j(]LPܢNԽ-#8۽p%#F )NvtaİBV^YWF~+T㸀r}G.rp x#u^6mr7^^㹰j붂~𭄺o56Q7G3.[y^X ۣH[ؾ5 #0q 6'B^ K#.-BZ¡\¡~R|H xZt8UƅQU#b ^ybEj0w:vخ͛֝=[~+dBP}*ܦ/ vFJPyKIG6j PR2+~hNdMmj[N(hMӥgjw`A="5+ŧ` :7@jG _ L,Ze)/9 #aLoąVԍ1s]{aE־ r®fo}o}IwXuH;$;Ke,4t}xXWsI=*v'idm1[&&`V޹Pӿڐ[dV[Ԩ)ԩgDTVSa)Q{$ =2P\AP@1;.N kPױŻn'%  ?!2 2@  Haa`dB"Mr`֝uͪxòEkxG.]jίZwy ؼn em w-;kufAȑ#{0~뿫t c1ouPW#ԨŘ[M|_=ˊ7=#x~17ςeg˂{{ϓx>XgÁQ p͊sRUVzމ\bn(`FcaÉiҞh* AB*P`\\bYS;<\sy h,L yԠΐ&Tn .UhXhƖ1C|*_P!B#48xLUI[. yMvd-Hl(6`BOcbdE)+Z`Cq:"0?Ax6uX6qI{o,GC݀Vm+(`'P+LTڞEE•_?GB +=Ī:9j,@>?V0gVxOzUb]I]-j)%-eﷴ/{<+>UNUcǍdo5$g!h w F}styEiH\)pGVcSNw0Fh$@!js*᫃b9[4k<ºZu|"4 \e-D_9GTO'eV$##z,xUܲmɒcǎW+B[^r+W׬| sǎ,ݻߪсZ3 nݺv;긾 V=X`woy\ku{\{JgϞ/hYxɓ8 PtyMmq!:p2Ł^-Z\%ځЄjW_}xeu۳Vtt$M(]=㡞?4>L RRiVX4z3=p$=V/xX#>eȈb1cDy"Pf+ Rx;k_}5 &^ ݒ;V̪۠0ȔdGCc*cjc0)O3BХ}G) F4JKU.N} 4:LoE2:fH絚 .x0lMT܋:4LbOS[Ը8CoU;启00X"+48A 8nT5:xpញ&MarPzm[m_~+$).0ZWX 7ٟ}t)"}vSN";8Lx?AA>9bȦomȐ=Q%/9z:gu;OйƹuS&ӀK1u,oX[Q*L?ws:sE~#3VHA;:4qc)z $[LF^5V+_p||G,|8 aw?,":{cYÎFN?s@p eڋ;7C\:D/7l\O<]%ܚ#⋯+޵* K G 4wSKkݪ{{~/F7>|hi\.r{؉ʕΜ)_PMSVB8qM4rG>rC;rzRy"> FO}~9|+A,ՓLy_{gϧ:lXSai Nw(0M(0[D8h\ \t9@vJ8P1)qyؙڑ#u(`̙ Z:&O]w\%ZӣV@ * U(8 /DJz(=!Q_@4/3p]r@f__KOtmvY&^U׭]z=3t܅Ot:ù6-n]oվnV6d:n=ظqkɓ mm3gNկV6ZA܅ .?g]٠_uޞ7v{+&C{zVr੟; 7N-q$,բ-(/i|pbZRD{eLWN=$X~~;H"~F/<7 oW53*ً3dH?_~z&=FaC*@KW>2TץQr(Z.<Rիq!)6_Fh Fu~W 3"6F Dӥ!8j]2rwQ}Z(CF)|k ImOi%T ީ5а`7 W=RTm:%~# V }jݕO16/BU4YPA w7Hzw69@{dΟZpbːg/P͌kNTTPJRW` x$: #h *U964ܦ*(38y,h  d!^4 @: TWjA)3р8>Cj8fKGZtaǒ% 5 ?{xcGݛo:MM ̦eG3;-} 4tuJV 4g ZhHgٍ_V7AѣNj7nӡ}Y] wuKЛ9"ҁCꆾЇ8l^}キ fuCkEAaK2;߂+:U(*0CȂgccV}83u㬜í^eD19p6CnLX-# TZؗIT7Uj --myxbϗ,otYz+i:rn \꒴^ۂ'j.64 t Ijq |FkV\"f706iBl|^"&pfaYϪfe3\|: ܬbck>RxS"aw o"\gҹw~0rzP6 ͥd$`Ж)Ю|AKAѲD5IkiccA3sdsZP} m'OwQ5Rk&N]]uBj5[WDQ]~0Pq@1ͪMnA\3ֽ-{5 OUpNΧ>uosSSS?)3 _jEpsZV02OnZz@ɮCg])z:pbIFx jaڸ 6xg5^>{#?_;z.ᐼcV ܢC L5@sLV*r {5pZ]LN~_-zQ@a|e=+0 ; DEO.ukq]̣KoBX ]~՜ ͒e D]Åbd4q (bߍF((aʲ'.iޣCkϞX:wbf5[W tEB kUi8nHYOGmŁ-Ob R *{t92~*3(^ӼZ@' Q%V ,0r-<`7,kzmvתX|umZ: ^4.Vu$0^VPL>㐥[7>UghݻpVB"i die+ A3``ԃT90tPeAPرsVwԙC|s߶hYGOUoL*ռPE@FP|$+µI ׺Jy}(o #;5["]Pk(wJ9>OӂR:JU,+shį!Af\d '7`'\xrgOLxrׯ9u:fFӻ:\ Wgo&:Q'WFlIx_5%+Q Atݚ5oO6q %Ɨ_^Yu`$,fku?!;/(a,~,=SR}{Ĝ]<m',M0kG41cF[G?oEik㎻Ws_ڧzQyU1}^;_l3=s\k 0?BCvYe'8 A˴e\$ TPQXSiDz(kPs?ZnsO+:kQo\ԹoߡCUyD9#;lIdYQ%6N($?qp3{ DG dDvH3>ikOlYx ̘r='s_hKgay@A'et#, `25C,.!mbW lS?,p!?~l"7FʯtpS>Iϓ̸eCoձY'uio?`gjvdgUaǎ5~d 眿6$׻"~yެw؞v13^X\Է{(ܩS'uՕ'ԿJhe\]MMcf̘00 %x,08Lx/{2uWRŎz5Nۚ[]Կ;$WX8ۛL T_& 2!6{@}L 'nđxC|O?zOTc eK  :jsm1#ðxy1 wKYa0L?y _rtVڵG,{Vhgh]=ί6o~VʇЉdxOi&w~kk~'x励h\骶֡:ӾNς+"wIkߕ5W\ص`Uo`)?J=3tRV ^3ED̡?|_K:oo4ߜ7|^ $b ;njӁ2bU! ?*pK ̽z77Eab%S%+ٮ|{9pU|˟4y2mڮd￷E6_x 'k %93p >l-ֳ5ILG+ENL8IAr7ݴ}EZmWcW'n]=6 {gEdN*&t%] L*'CQΰ&V8u %fol 8't\fgٿgx.MI{V?`ø*XDvtu>&oBrXs2['4FڐJ'sɗo.fс֬/JFaGzPj"S?&_৺hU[\ >^0޸.uJFƆ:VlPFD9$ÓQz?.w4剓紌A[L<Ć1~UFPЧq@-|p+< w%hې nz͆=B5G:DwgWƠ 1nIt@ȐZK~ CfAj1>y)S&TM2SSLb֙ڀtl}CБ7on'>n(f&t`uAnay6V':\6|x<5kivjy@_,t3`pGx'*r~嬈R0ݷ`MM e|{ƛo=Eόsvޯ<=f_}uSe d;ų jeHE<8AG%Q}ik˥f?HuJZ pYI&tiDܒ/o,I6I0d,butY84M:\"hE02B7hoωj3dٯ,;[ڹ<<̻Kͅ:pV24x.tSYnU{|PqH E{=< ÛIKuCpi$?Xq/ 0)-kfygHnX#l*)uaqqx#\B#E}waqō p2K v&#ИɇTf`1H-B&]0N%24"m?4,pᜎ,uݲ7'?e:{n$~?˚},җ>siҤk?~bi}s:}!|_;ƍ[|Ft yS8a:m(#\e:øj~:ZTïǬ7n {4%׊lnR :V# ' lѨ,ʗ\ uNgUkv}¹̞k7}gilҝf^b0++Ư&J!t;̙rq9O YYiA޽k97 ?0>YuO}uw~x;V 輈j5`cNJ@Dt=|xq}Fp}|:Kz;va~ =+WZjA U"$^!o= ee&ґ*"t^Ʃ,[|rf K&R&p:;wf)]:qN ||S+JQn'Ff2JR<w,ʬ)jf9[u" ߩ8"/-!18//0&c=ѝ- KU6jT-rI64JT?)J_?-{y'awCJgA5+ܣU RuϗދgqIT7LbbyAEW}uͼf6@:NկitC=:2s eߕ-.G7N5<^W9}-md 7lB _ a@ʗr!b2~V\?Ƶk7սbiitj^r]=t?}}ǝ(ۯs4 +>DAw|#'ƍ[~3PWP~_*y'zARŬSx% p@7y4ʲ"bgz,.3BȟKtC=вz}z~Vhv;wZ r`,m}}VDP'u+ˢ ehq@:OżfK+$z0pX !WZbXv;rCκqabO\9CS/oUHgG k`vR c=s< fӣHu&.7?鶴FHo,:Ä4C'Y7!m:ѳ9 V}8Yk*[ˌuahc_ʳ$4t jK ʼۃ(|r4hoopٳ'LVV[Ke`p@nw3eUʁ,}p܂w~Bvl~}k5w)(C]GFE~84:"fDs.K\qM_!e̿[N Ue8ud8~|Ҽy:[^۸׶ǍXaU1T9ҹ21^ ae"ژB|xEb|`\ѡK>LYO m,Mi IƬ42,{yei42uZy&Ԩt_v:گA#=_x<;Iv2 ey{-Ǝ*~w#O7Zܸqsݔɓ,]@|ay5K$c}0/̵XdRϧ.>}j?}KGG{2m]ZqAM ZM/f580xayHZ<~cF*,2UCEYkH_=^.AC:z7KXt+\fLG\ [Xژ.{ 4p1SucyydQzaą\9(''NUu8FӍ Z. ~7YCs8쏕f֒k\οލEbp(eD 7Dzp@QX`1 ;}n;@8Wy.@dGߙ!x0=|J]΁wYAq9"@IDATaˁJ;dr1%lj8jWT^;Z=KTe֟U4n6E4UAT§_/onXݨ/iyw6N{3$4jU1ۭNq((qՎԏlע%Fo~Jsu3G_]dq#3p<;긿!+د~Uj0#7mt8^!}a=ϝ;Q\/П&}}IwG+g4lx!?{P׾AWm'0F`ٞ?Ϙ!ghrk׾^|fb3r|f]G/C߸c'Zv[?2TǿV {]2Ks-(|ƨ1\WY:qˍv-ތS:x .NIL8q71އGkGuQ}VH@K_[nYΊ X3٦_ui7wpm67ХN 60B$Ŧm;wБϾL$/^qݷg,:jޯ|I}m7͛jK+ tPLqaxFP:U?5BFyA=ۥ+WDF=bW7]1Ú䍴x$ЄŁ$)?*U7o)=Rީ U3X Ns?[5A nnlP}Kt %ҟ"'*ӸLX~~Iz|E*>NtiN'ܫђ]ɵxkʝ*Ch-_}YY54/XAnedWHcu# &kҩSkeo].{QY x\9:ȯbU=Ei,fXLғH͂[9 dTsUp\M~ +@ =ξwgp@ ti$@{G]*.)$Tq׭7Q^i{XEcE̺p.-G3BK+:aid9 &(()ނZ֡Y6 3..F7:*=gD%A .}(r/i`9'ݏt,/: !_>qm(^oc6N)OY74҃LTYܻT;IM[ksQ`o})b w7߼LJxCVOt455i7{~m7F q4*.M6p}VCWNVԝ>}#8,OkW^YWJI~*'|xc!ٿcw [;2.BmtV^^SM}l_hў/Yz3uqǭ[nݰ!ٮmesz9Ƃիֳ$drm17߫fy=sNgՂO2#mUe&&4!E0d㡯c ,Gϧy>Iڀ&0ྮw"j'̗7tcѣ_~yŤbstnS2%uOH?u#qc`! ]SYjYW醀<NsWPtp1K#CVp ]$A2|g3=PZbQҾk=>'2 q ~{k”?*wu}iROB/?G:UQ?@s .`n0\cZ_ [<+p)0.oQL zL`33J,ƫxuRkC4lTA".j??gEJ3(?c7AN0U6ZVnNE3]Z7 Kltise mX[xc<#L"]й̟D<{gz52I(t3h1TG f48R `hU^g9>qNSIJ̙91{K4t؇n:-S!}tenmŲ 5@:-opPK`=Ϝ9^8=IyCَOfHՙ_y7O455n6,@λݔ`t&8ҥmWad졭e^p=I % $I_R[{%kkE9eV+ Bkj' DGGA y/@'r382 klpܳ1(c@]/]Z=_5j.>A<4j$Ҭy͚5y`z&Յ)#6$nii=vu@oAo5,Ĺ|+zRS׻'zItr< ~6oO3ly9sfv2sر[=x>$-2ZX{2^ba{DxwNQ]ЛE"b5s]jludu\% Mp]a(4xڅ'NX_CDMA"v,zo7H?)0$u.^2p]>Wr ;T6nQs8*3!N\!Q_)F$ ՏVò,1ת!=K_i X-?|̘11iu40 H]@ Jo){N{22 !@ ?.<\RG7WI GWw0ww}Hg:esYڿ04W9r/ρ,yʙ]ِFKgg5dj- 1|S>OG!;^vO>'?~)!OFJX5 !Pr7n,T:lޙn,u:oA!@+2E=C߱PRך{@1XTav ,\])J-V-!% %>i^) J791g(qXHpi):3O=|Z7`/?d~[ &qzS,'jIOHg!uncGE- /%@ wSOиmN@ȃx@ÿ@<2o}+)c#wCRA5P/i e,g܂s;V~@>kQ |#ȑ'|A|s|zOLu4?Ϛ``a֬QN~6)ۺul:uR׷U5QrjٓE}ahjeF| c=,:"$-a__n`x{7g&[UkYbts{(cܹ;gM'C7_)ˏ={~{0wIeCD[o]79dw⋫8 M,}w<=kJO? z7maAp Oʈr{Do匧WJP9s~fx{<2,\Oc e4)>j'|a]ۙ}dN6\tSF ?=%2..pݠ^5_ CIUT!S?Y&'IޫQ;^ߨNg'CqW xq= TfxLPAM-#X[Y'5krR †o.{[B`#z[wdy٦^'7ӠW11Kln!XV/efufOS-B3LPG&J~5Źo䦻] 6x֚ o9 Onͦ^9냒a ΄i ҙ=Nv\ىte0g6$j 0+00hܕ׿h[8ob k+b@= i(xBbMQkb9ZbHiEͼ$ n GY5Cs1ʊ.4EH ԰DK+2'^_7zюdẚ. :رSGǞ;h%?~L7cFf! msܹ= WK;Yw9[| iˁlqYGe3?u Љ'Hetkt eEl4ӮE#G!Hx_fp nX^jX V;vꅥK*ieQgGo4<7tZ:*p/hq=c'gezL6kܸݻvu_Pcľ^S7p_ H^(~/')tX<ȞOV T[UƯn=&waUG.:O^7I^chGIu;U꿼+"|2`ۀ+0Y~h ?4FsIS@Q xPP}Jpfm,?H6ٻevHؠ,qD[C2Ö-ˮ7 ѣG nH X_!I'ͩ à9.ׂtRDߜjfVou[fͶN?eě04W1`WQ x|t3?Gv,3|'X[(g%!fJI5\+ ޳bAMWH:NyPKF,'d4P*# Tm4TXbx,QJ &#Tqc,EX_WAkQ Nn9eC$%ȗ19"s2'.7fx{Zuwzw ^)|{ TK4 I=qbGd[y~q£>4u\V'NJH8dӻoF/޽ogO7J?]gs<44DڊНc>*W(b]9Ā?O5h(&c ҽ}%rCup*ڦ: FCj3g[TNCIJ'/E$I 'p9]Ojy1q$%,'a0u~-/xџuAFvVHM2T6BRNB1B`ݻK57:{@wi w]'PlNάP9"&W,k=O\.>5pxL1J~$wcguVs%"B1D ]3x??q؅5N@ `!PέVRǛ{zO޾}}nUW!\> >tE~mгa!HGb:J; r-AV) {}O9v_-{ JKOɲgD iW~?'J=Όң80L9<땷sY$ 8׭[>+vؠWFz"u76#!UP01CVX]XJ <;#x;_ӱ{cjWʯg3|"xҝ8saݤ8u~8GY>9ϤO+!AyHatM%7s;߼oFkGoD!m<\hO]o&YIֻ>ֻK/klMvOVNt Pz]7胕(f"bAu܂?У:IdCL~dBFc(SJwq|nav9㰇uV rGD hbca &}EMl6MYPF`bɤ}:щogMtQV,_:M+񖡭u]z5K,@j+rgx3>W=21Q_Lm^x'7#vc+, WoR~ rG9Ȯ%7{⋝R}:)D7"V\I^kpB4=>\2֭[;yo,"k\{uxEp>Kvyw\2EeE,bŋ$q;^=Un[|DQ>䳺@$5hVdD;4 f!=p:mC j7Ri,TGCnS`8~㯧u: :\Rv'ݯ&''M7Kɾϑέɟ#πh<C7Keyp kJ^C>0WTmJH KA XzvOa*H UL'A,O'9xfYKtG wɫ^x>Mi2fߦ&* yj`.شm`'J6MQ7육]; GӟrND0ILe260 B:| k#Nt@]f#4{"QH؟:n@JTE=iX М ?x8 f7>D׭]5mݥ;tǩk"Ƒ`w&'povu4{St-ЙW3}EVZ1P3z4}z*#~ەÖ#G4 mJ>ə]vqgUq,| _;we{V;ZTԳΚ5w(+^6Q*amGx_eo%Bw>5c ϛ;V4 W/18_0x;zt}R2{Uηs6}uⓟNF[]1e i xuD;︧tw#zV}%[\V/~<=TTOL磸T|--t_f:~s`VBd'Y߳gw3G8@eY|ߚJyH7\}l,Q6֤x9o۹:,ș)ClSߟ/ϸpg:2?;x'<2mY啝 *¡C+6гw A U.F!:S W{|)kZW@EɤWƻTާLNĻ5\#Y꾫EH3*҉E0l,I[&Z6YXȈ@L"2!nϏP'Z4 uҸ)L)|lk0K[ۡ/ȯTZ?-s8|5w]vٞA6f̘:2w(L͹<ɥ"P (IFQSM+%MU҆z]Ɠ k4EV'83erb~Bo%'*Ur&RtWu^I;_cbb~h_w7Odkg5D.Y2dγ]]>U??U4n{` 9zlP וU~R |&`RmH+{Gov-JğMy͜NmƔyZ9T=d2k@c`( tE|KD:F Xpao}Ue#FqYܥ+sy.%'+8]wYtbB Pe֦$-_TcjB&ԝ.\D{K,P.+VS_V~m˩ ^,}E2n1 4??v;-.D)>ښv=nvy˗/ڴi+c]Ք-"<.>}vl͚U}_t?C ϙ'vt":jpN+̙B?N ㈖l Y-~8Ŵ#GYxƥ,xQPΗӎKM}V&F1]sÃzߜF{rlBx 4!pT৊"j-3jB2 MQivB7w Ʈ?o;+* m1p9'9p1: =m(4PyЎKqC8Q:}-BE$ǀW*(f0C'y,[|2=CKY G}ڰ~N,V_1#眳ipٲQ!UaZL bPUpK$cDxw@hQb4Nr-\l E-*kҘذ{XqZJH(txcV&mOZy!RDb;x\YKªLXy)Jdxk2aQhC8óУt7'[eI00 D CT8̶2:#byC~[Rn0|;N?\V3]aʧG$Nb-&|[~LkZ!@WB l<.} =xN9j$E:7l暫qQ[d5 d;k' 7!+HK0-1[H2 2^XȧF?C9SvG ;a49xdySuY&]{a1 ݤW~u=+*wTo};Sx]@ o:#pFLTU,|_}Y-t OGM&2).ByFD/"cP.P|ra?y9?5)T2ntY x0%.%zHnGH\Xʈjm/y,&3VeI%?s  95 p `ާnqm4nTާ+~!,4+}辘ʃ"ʱ Q{Tc8F{؏'Y<$V1w7_>?}'[C"yRV+V"ˆ:=KXw)-[֗30NHhI˄Z U(+Zx[nDf/6ƱS22m~|zId7y#m;kR=a"ŤVZ̜9S;-2z'koߣs|(^bdnܸapڴc!4JIS,D6nX'>څV zZ|fgEo۶E?_O}ȎEcN$8p߸~ʽ׃z6k֬\vʁRSeJI>'U10cIFxEH2(Wuz!.ӄ c(xZUw霃>cb_N3!p ,#FGT;ED܊na3kjl!eF^U覊] ~<>ߙhI*}_(4m`-*>`6Oaءdsr`e0AS!Ǽl ^p+Q7N;tpB/sFzY"[o|uD`87cv/wxQn=sxG(H▴OHݻm^W~dU9-8\I`[-ǘKj*l8E I?D4Ot ,zc9lG??OS+K^xNQ>Y2&K`"%0F[ɯm?4 xN1=ߐ6P!YfIՋ;/hP;ҥvemkDV* ]}H 4R!nP}"ж0uq,D{+ZM  i\hJJ=JBov5H[1av֢R4nVUk:CH u0-ĆJB[<Jsz~8-w9}|8.vkI\-䂌|ƸV梭ٴiOxxexL=*Goa#Ji%u,~݇iBmXK71I+\I3˺D/ x鉤fQU țrձ ןh=3ro<ʢ.1ّ4UHS2sh]t|a>!!y2zy?L]đo?ÖK~G]&C=Oe? pԩw\Ý߽徣ǎw^hiSM#`m9Qou-hib)@~Dg}AiOۂ, pi`6H ɿ 7KC)وhyCFJW:RIBuc &8^:ۚ|Opԏ@wk tT $2Y Yz^ypǫ-:c71~7Lp:; 9m`aIOMnlC7v wx'VhBvl;@=uv QdغEe)}`[! M'XSV[uzu0dDLg?xm4 [c8gxӦ ۷o" i[uc ߞ&L/_f7o Md+Üі_:&/*z#pWE`]ws!~*zbѫFNmLQ.u.ϤlvY`8u@V яИĨ <> } =\viNt9z|H{Ov Lkg8C)%I4F7.Yhz?ZEE7@1]Mn&7yש@IDATxSt%3.n&K&'/o|3||Q)4x$nFQE$cLN'ֻwC=IH#<.{[>qx$8.3nao\w S>~wGYH9xzRJ غ\.޷W!jWU $1ps/ػGmR+I6 ,WU}{cDnY, #^KtӦMˏoۺIs? 8g'tѢk3fB^<C߇񎷩e;_%Xh9sؓO>W/ :HۖO8A3ܻ<}IE}R~Yg 9"@IGn5Yƛ蔂>WVʹn5o/ZxY8Uepix ZfsXd#tD3P;Xk:2?:<߀PEYFܹC.\zd`WD|@g  :'1)%œl틆?I:(CtѨgrS d⑦/?1BeE^°x8`WXaA0&-F:}CZ0^xͲbCY,!GZɳZ>W|Τ?Sekg|Co;v9`adh)x$2cMXB+EV䘐ȅv2?7s+>,|mvy-C.(X?s._1db턽(;a?R]za_îPU55bGuAn悳UwJO[d-r#W=:9U)V5㋅WiBxX2oXH~"s6nX7H;pv@Jm!/QwߪE-О&ИD #|]Q#*ӑb ;Ý{ {u}@8!{#_Q8a u;vP~ &1,kV`4Bsׂ0 Gο^%!4"g!GxH.^x^qᙹ|JM҆As} u2Gk,߅:m_<߲qr=75YD bqJ/G'~MhFg{Cٮٽ_ 'vU6VζˎKwJy&/~В8AzqWݸW_]>-ƌv8q*,Y}O%"V GM˟p(k U*)2Z@ 2K췐h͖tu;#,&6:3i<ݏjM l"Z/?W&:!o L.&~%5?(g=c鍮nzgl׎|xf?C.mt!??Ⱥ|G[sx;^OH 8$;3]B+s2Mma<[|:'4=>R(lSx '8=fHCuVf ìv0w4c7cT<ϖ=lR [SMwUp%l]Kl,{g\e5?z^gdpJ/Є"M#Yܝi?S#?RqμՐv *:Ǡ*]]WIӕeūNϞ={4pː|׮]oxgy_~i}t֋/hmʕ+οMR͞ow]ia6l v!rC6 /wy.5[ wP\zE};v_/\`?jCi.א v84b8pWeT53 [!6dC_)ZV?WA>kuQ rHZ",q}UeyY- pXDtdtXfϓ@v<%_V/:B?tf[v;5IWSB+CKd<&c~Cuo;$|zBDxo~AM;@ME3V`G'1fO~Q$Q(c]*9x֥wGRHN͙=ѧ^5/?_^ymy=n"%P MD$d b Ї͖_)T~^Y`& w]w\1wL"Xh5·u ]7"Vvo[N0D`Wd-"&{4t8|@Wi#&8kR36 = y[WF4d_6'BH%)6ߩO o)FdZYH@?IJEU8Iyȑ| <aMy6ǏݎXYW_|\vΛ78驄v yqLAi )cBʀ;e7՚_9&$`%没W흪,|)up/E&_N6>,^(eVMVW .?λ7tKO?űŋ y}6lЅz,eZk{MozñW^y%(Eei~մ=:f"BNE۹smڗ:N}:O_Ͽ( a'F!EzhH0 +nn$LmE폓 GI*tp4 \ı:<dHQSvH˖%VKU+̝;Nkk- BN~|}`Ϟێ~ gly+yxL \wus\ a47U:R(O?\A2[a,8m~֙Q__aywqC$C++TWppG8g͒.CH_wBkVJc0b ?pnq*ǯ_$Q&,/d>T;WǞ3wRچ}9ĄI  UE+'a*o 'M'DHHUZϵeELƤExƢ¯8el͠p/݁?tx"2cg#lҝB L.BsgMi&qS+V)-'fC~u+.d V*Aቓ\ﰺ0*:R)42&xPd9 K8fqRb"_iZ!!r77i;qQq;^A#i%e 96.}Yl&^VNG y$fon .8ŊeALZҾuz~y:|6×|,?G.qNjh_s,CbSD*4,Fyg4X2?AzDXs3?{*m0s<4#wx?ugSu9j)`x(άMDiLL/EeAPi~dCz4`3ma_E%%);BMؑRx1F?<JYnd`.Pu'm=i÷=q+;b9+ݛ6o^=HKIf F.R62>p/\e" Vsr7D́ 'yC- ]WKQg/:PSHcf`0%[#!$# $ ܤ;\80/sir/ ^0~|czY7^0uϙ=-]:|xtzE_>kFU{pȷogX'hl:Xh47uӲO~?N@~> x-=<;wZ R~-4}0Mav[%-UYBV[ Nѣ:y[nm O.J۴i},o4Y=Ac_+$O  uˡ?q@?ou21l`]d;wNqu,=pR) /s \3dӣuvϬMfO2FY5ELҫ!-َl#^HW(#ws\&x_xڣᆵo^[OC@QhhpgnWsnfLMik9?eW,<>GI(o ‹yE;`jW˳ѭL2W@ś 3B $Ar-+ p\לg/̆nkd 0v;5QET3GYDΈ.;Sz~Ph, %M1cȹnӽ9usltn`c&eJ^ʭLQQ bH2/enjd_,E:vSQ+BlUV3~ymQuЎ@pc!Ԥ;Q NsZӹM#=_*ATe/ھv#?ekW/yjԩz۵j"Ϗ|}х~#dBtC-EݍiS{t&9} pQ6-Is`"du`'H⑘\~b FV.dO5+>ٯNbl:oGh_Ňa3yÀ F8 rv_=-w46q@tAD* ɔ* \*m Y~Y.U5ǖ,^$抧YXIp&~,7z,2Oo7CGQ1*YWs@]+ ޱxLyiZeg mYbhrW:h ),'8*A5<]x1`XH1aeC̤ rx;ƍL#nK6dy{L4붹`眳]!}BJh {#L^uYNW'^ߕsyR./8}?/L t*` HLh&h$*Y13?~t*+l,Z`A߾r-(]j aΔSHDOcdtSpXrbQ}ѥx:=iz}lǀ͍"-14U6V%i)<²,Bll:BFCL^~N,7dh:P\kD(oH6wi6aaV/…u. \O:~%ʈLd̗ML>DOr,83</ 6VF8:NLϏT F) {۽WDw[KGGmz?G.l]`BG1a=Zr^8؆;&м ._"@sޡ~kԑ9~v}:%7Y3 ݊4f_ir %\m! =@=&hUP(E2(]~F[FX *'E&vXx(_]=<.T'~"86VJqn%00ђgW6g(b7k;LqI<jnZm+ӧMu" D…sz?7W^Wny/6>_j,]<_;^ؼq\z>W"ܩB~c\XxW}H1, /x&w@) Zٮҁ;ѫg5cv\θK0}Cҍ[4ĭNXk[Xz=ЋI^ɢS*tҳ$Țv#F;M)A![\g|Qm98 MuhC~7Q(a?n[]˖--CWd7T-`3l3щ)LuXpx݌i-TvU,P,ó Y9LԉU;]Oy⨱􃣕ths:r䈚]w+$|OluiBl͎rŊCz;6ΝsUdQ&'!/X*"pt)^|nG%zՌ?VrnΜɿY~lݧ]׾UӧOi;za~W5U5ͽZqY᭯;n\@iECV4^cfD|Dt\Qx!;?rHù+rK?eryق;E)Jf鐝.txu>NEf>ss:>ai=H7 ,H%aQs3h뎲 TI{͟it3<'Ϭ1cH[>lOӝlr"a mysӧ&u܁19WpԬc!n(OW8{ósW1IofL7]wݿpΑgqCt+?s?sA> ^(d맃ݪDb"쿡 ijwPQdn\vJ[ȫO;WH'6#*HN*y;ŋ/ȳ&jy#?;NNI^%Ȑ~|ߟN1G~?n]aݲSy|NH|'~ӆ3OÜ[o{73]{c7Z|];[왳ϚM34owux|oHcts5t4k -@HDCY);>H+ We9aaeX,>j%mH%'n5HUG f˙TV%:f5`ܱSZDM/<֞aI3GK FʋI ;p<<( H7@z*eͲc|^=T99,Gy`48W2p}.份^Jׂ,N($0llO9}peǶN )GAr :?3/G8b2Ldcr] R ÎmyLZȳmvP=pO>3u@+1r5k5# 㷥g{" weԭDFX6g 4M)Xrq?]==]#<\׾}3$, KT^ `a`ti`/4O7]Dpߘ"&eEMZ]aC ]3ҭI;E{w偧:oՅrkxÆUCgRu݉nK+`!'p'ZAB37vJ=@f\Cx,2>BD3Hҗ*sjt( $ɗ@մ8+?yo?wmLKטn߶tY?죡2NY7W|ku,ڬBs7Mȑ#}C߾^?x{)íniӫkxl+^Q4>q@.)KeV|39^z2Xxs9 g;'.L;,<(țV#l_a{FRI1@:Kw>6IAIȀyeDž̀ؽ1])}Z52?Nw ?D׿RC{~6-~׻=Fyo~ޏ/f?SO$B^>z^a(;ӉN䯔g2-XФqS|zn힞︿lwe)O}o;vPPoBokQ2^:-pmRw:Rt(G#]kQl0=[ҮlF\:zGoʼndd7(3*a801r,0II7\gAMM:_cp7گK^m_ , qRWos7g)|Wfȯeʿ]pZ8qLuW&~]鲿c #~}9pzd"(7%p {}ۼ*^M R Zio, uJ$?!*f+8#lR(ɎH*\6ҋ6~zzw2.;& l% [~֪}b1?Ib"5 qxKN }z&S^Cݴi%I1.J֕6?,#'II$ɕB_&`&OyבW\V*ur"-Μ]瞳q?2yn!>^ >v|p}<٨e͂{PH.Դܝ> S{uJBܦII@e" 4@c>Y_@kM+n޽;(ϔ'%ELJa# epGOR0Ç`ag vgm`jYMyGH[oy{ti[*Ug [f߾G]=`myz۲em֯_54d?۱"h_"N5kVo9(oC*t'Q 'QX4I=՟dq9;-'Ԯ5IG#zբK̟/>(#Yu\.4J+/JZ]SoS:Nc#ZW[N h/+x;6[\kC\nɍ 2U:l=)A:/=b`-sxEtP %3x~;i-BtHy:o"@>MB+c@\Q`yHYh&p,1R^pP O].Q_C6z*pl!cS/2=*y'9.I5p2Q|<2ߡ#:q9Yrt:؈ 9nG,Nu;(6 ;OS+!Mu,^cw | s`wȡ Dz<- tu-8Xק( %ls 7Eꓒnc؊)'YLaP'tY E. 4QyNh$8eO +\a%ٙ$*dX%AVs 6$?ʂ!ҕMFix`e9h/q/[| twtq2A|݆+y)ˠ\eڅ,w&/hJ~9o%]<鸺AYl )aey)$IЖހGUpcP2؄Gۖ_" y&nI8MK8eIqcםOt&~H>w ;+y=58f~OqT}93/H6OFۺu>t168&B~gs\Gė|eWo[Z;EaSn`!$-ml'bMxRcwK1Ռ\#e3ے^!IeŃ":џjͬmV<+#O=śy@֖&Tq':OD$d 4:g̚-tG= n?˯>[f?1būnn;6_W Ncȑ#mZ;^{oOWCe GC74֜C.{s$T)>]RP= p:oJds:CM4З tuthr4wtF`yP.И7"K|-;I hM4pxN NL4TPe mʉR)C)pЂɃstq`!҆]i3oyn*%F9vbC؝93S:K\R#]_N+i\F#4yaxA/e?pД.;_z! ͈ʶ7y.QΕe󊐲ɒv7e23oBKQNNyh~_)>lqe{|9'.P<2o7; P/> ؛Fd鲬SV .",Fq[ۘj9l#_ڍ7|g-Z4_ý% ߡƚ5ˇZo_9tSʼv!2:F567s_Ms[fQCFj(gϥ D!_V)YVFJX`ii׌}46Т"S3IQ8{v/} "/By*1NN89Uԓ%%ЭoB3+~X+]/1}L}j|91??<'^`l 4:juܟ S៶.1cJ^敀px? P&; em HO`o$VRN~BL ?j'B $'n^QPUNI hY r%m+]K'txv%F}Ls:/G i " NQ?Qi{!S/ϴV>l,m# ͼk xmW .:uM.L 0\J({%M.:M{q%儭`"GԟKWP [t0u +Cd6=]ͩ8R-ֲbݣܖfU0|ymg-ZܪU+|ʻb((2x"]ˆ~AEHUjucڕC֭zC U2[>*;M ;Oݰ?[t^Ȁ9%MBG@Y7&  GNܙd# \ &^oT@ą1|vL9칽 BFe'n4>hҝ&NTBhSjyg̘PO*$!A+_7\͝KLGF{}& vܾ&tţ'w!j>8o:Gɧ+;O?;6"/G_.=y,tv)U)p;_0Ċ3Vz +J<6x]Zಋ,g\)7+FyL[yDeo L'AU|\.6nRV؃n x} <#ʎ|WW}WQ+Eb,KdYq|3'33d$g2I&3q&>"%JbhIɦn⾁;@@;z{F7 !zo_UݭnݪM>CV*lys=x ֢|G:(Z޼K^~:"v{\.'4.nd:BK Cn=p/ 2YQbۓUKTU-8-llz&6lƿa=ԙ }ҷ?|]#r*SU/Χ'Kܗt )}&&Ie$ @:-~]@3H#t~#`'Һ \/`c%zfn'g<|IE.\`%ąG i!UcU=FZv,I ]R DSbOx{-:èH%NwXæz>74h(t!/mrPb/UW$̝%m_C`C_?\ R9.Ѻ I-:'&|ncT7U(' y>qֿH4C&tUjOwر;nd!&,cH^ѩ\Wetp.d$|:#AW2`TVa/ !0a ڵ;{'7I0}X-%4>Ф(HqEBC"Y>ؤ9s&XdQ@KDU ,H$mJ A y \5JLtqGq{+ "TiX12]G|2-'MZV9zޢz,&nё& NeXLKmM0Vd3OϖK:-T`qTMET:]?|N.OFCwPa#;G:]s ~h&$`]=ZcG,]?O2W ,8[uTzqAtj}K+W48v4=y.pˁyAS>.뀠VE.pI@p`~=}X;~θZq9E\K1xtqNŜe'E2&Sf~n] Fwt-嵒KJ֝v/z9zRA|!=) Vb@G̡`jtэkۦ&_0db_Ju~=Йد:fc?ve=^ _ݠ:wzCCF7tЧ7u3u& NE=:ܡXWȧҶڞ!t %!늛H{SBgdˤ Q^HL 'e"$ xn_\֭ ^❴ 5?Vx9ktyJfKB}C: .?Ν;t:cNf,ː:7qmi{@^\ʁ+08HJ\WB? wO_;(I ,CbO%"BO}`R+*FPYY+\ h1`3@4|)R77YR$!l/Ԙ@E8&D@)EQaɁC?$'%]OhGt2 3WaaOt牞-8Ν .-RH;.lI8RaC p:#9I~۶m]^yhy+lK/[?yQ_o^bEIW&>lD~Ss*7B_+0?|VF^gНtuu^`n较#xrz+?YY+u՚9m``|]]s`ρ/=/86(cֵ=Vruu{ $NXy\'c*9tHq?{^L XDrΛKuy[]84do}p[t!<ޤ+lX(Q.VlSrnrdL@!;7 ]f3C 23fC[E:tDd' y5 ܱ,oy+wg%Tixl(i;0ǟܰqhxd,N lwaLk!E]Vz-n#m_LRhJQ3Z%J*SWs>yl6n޹s{$9BM`qi5E0dV9a];kQ (bׯPl߾^R^_ɊމG1jJcSw1Ԏtąj1=S> >B tf3*#f< ̛8F4TXZdm1rD2ߨ~"r_R‹{/lΝ, ǎ8bO_|nVlj7@i6ʹ(BwyBg=|> 8&~v*8gӗkhvxS&q~*]4A[<sejUG~RlCV uEοd nqX)&#W͛7"q̈́ /#4U\Np (Z3L/ T7}GR]$ }u#_za:7Áo掌ĵi`~pO+.\X1nKf֔I2J yN_&6Jhȯ)ۧz8 Qn [!`*V vEtn-1JSkoX}f^ߣ%zŠj3NsNqAGG\Q-3D+'舁;Ι0p~mWyr nR.F9^ }uxJ$C}-deCy?>a aH# 㱥-ELf́-`TB CL n05 N]&9:,p{uf !xW-9߈tEs瞡ͯK!.* 4* PJt+Kz/[زR6okM}HyH瓇t? ]Ԋgm|n߿|'ccW&&/ FE5?)zwD(r ;ݮk *r$a-q"D@<&,\5w]g}w͚{oŮyAx^:W8l2^Yg$w{ďwElzj˖ũ:6LqL|p!_|㼲ݿ?Ɨ_}m%y5U0AUO fOn`v_4׿,P/jbq?ro8 ${]L2Ld2Ey]T{Sc^_ 0 t?]L8|ˀHFwǎ]_À6@pYkyZ.ݕDɞ3~㿝k}ZRy;W;Ȯv^pI\6> }?:]d%:N:.`ղNЮɖOQ><=Y+Ml:qr;"(rz* _ꕢYV}ow<;azhwZ'_9.Nw+4w׹.h諸-YYχNv]8U+hdYU6Ŝ+:At]~~㼨2V)g7lNgk"f7-6nUFɷU٥b FC.%Ib*yp&y!`4 VԟIy#8,Zu}^wM9p{}O]j شis{Z>^VHmB}?{{Yz Ȏq xYI'|ǟ*mλ*i22V@><\l,Vpfm~ < R|aBZ\sNIvrBˍ^RP A:2dFP2=Yg)I$Bke6xdNY f EEazՙXg9Ē?Pو%P'}J@Y!7])[5_m4`3xOE@k 4tTQsEOşMvG/U^(gO_)tJ@hp6I2Oh)c:j&g5=+Ú=,J]^otN4 Gָ PL%`i}Z„br@YU\[M0}š25qXFfwgp<)29fێU9jv[#˟g=ۣo=˘ e?@6+#@tZs鴟ohP^ӯ҄ xU\^;*Ls~}X9#_Kis[gj<簵TX=M>]KuN:ھִuN.u𭎭Vym(''7F&_}5||)D[ Ye |T}*đ8:L|/f> .~I1rÐ4Sߺ|ЕdTݑEKXيg*mWQ@XQ@Q&^@D|>bdsMD}$ W&$ -Z't\!bJs\ }8hsnp 6wh~u"ߛkϿ)Uc;hoټyu+Uvvg@> i*(6FG'qmgO[`~cu/)WBL}n ǯ<ˋs2L[ *@zkuM2y;(/w@AjgK`#aA2 !DDIyy`o]0'LC}|wyqE?|>ȁnSt D8 'nZb^y~ D E:@~p]DG)g‡~ʘO5NTk?ΤL< u)<9dKykE]8> k֬cGk>|8봵e o qs` tϯ\ ް`cV<𣺇'yllq G/]pӘ\KzUkTx"{K452ܡAk<;E̦6z'.s9sL'ޟڝKW<o"q:sX.3ip]J\~Yɦރ'8%88QVq=vu=Lo+Å2HT&삠[(!\0Pa(H*!j2]WND9P0)- P&Ҋ(T*a=A 2aP-|a@i׀zC:o.ߵc: {RHG~W.7*uM1h$WIh\1_uR9<2}?^Fx9~08m3fBBvJJww'Jj*{kۥj;րA](Hj9X򡽋/3ޯXfh'=~ۻH ]'dFILphM7izĠ|!|A_ =U?ܱ.4 ؛X)Ne +{+A J جq۶`d +"irK5IO]K8h -r9y:Lh L5 &i\pVtiөw{X%-ͯ<K߀l~hc/yTxfK4w]xyo>adY?|Ȋ8qO䰩!JýEnUZ|N]Y)jlsnGL{If+H;Zk{\Rnf@=ˆN>/|᳻9Δ пa҆V_ռ?wK.\=X]60Vy}M`t #< }zu,޿ݗ-xG=O坭"7˗/䒋yA껕ũIC ~V$o.fA5&.36?cg>rmr={c?Q 24xL-JogXZh;!{lͼj0ȗ!B%(Jؔ3W!>O}t"MRmEڨ3xTKu-JuFIN@ApUT 犲EL9VR6S& QtZJ;,8yrnI1Af¸Fw )1f"1fA>(Vб QI` 10N% ix`4;$U`0:kށM_F𰂛kw H3IZT;feN_h'< z'^:3_yeFQ>j"De:" C]n p\h~'51 BO ~cf ,~S0t/+t[%k>l]vG}G S^ԍVgy:6@˙m&)dqm8\,z} /uS|L@\}駟޵k xkD oFa-6".9F}`\)!y-ʹ܄vd`b&Z$[UHi#ڪ&F0-)aa.GY"ry/K.40`pQ%YfFx'S]b% ~=`„ !@ۙW3ՂI+]ИN~`)zDiMhJFͮZ 7mxP0B/Nz49=#Y$Z愼W^y>v_tJ^N 8SF=ϻӱݗh<~p`+pOv< O|K/b]}g\('? ߾}c=fϾիӀ83]C[ }'u/{{0W,Q"kJL6RQ?(Y*ZH8 '#xM }@.Z HsNE:d37)vo(Zy GwԓY6,Yd|Μ !;wh;y+|z즛n֓Oj.62'-Ptrԗ y9v\ ۊRRNviŸ[r:ҭ=ݵk] mBnuSNO xX#/s xz*ؒ eV1ɵơjKK{.j K>9bUFh[z?k;uo.]<`dѥ_hNsT9Y='xt౨VxzC V4j{yF\jh!k2ҟ<ݚ+ Fk+q,V>iܛNJvuUD&uYXiTQ KuVU`E* W=-(һ+_ (yiٜG&̕ mJ AZC)9/B"v"}`3U2ga& 4CYGq'L=;qStf:ū_~vē./g?w@YU Tv#cHW'czjM%2Ac]yj'?s|ȏ#>΃3?dM!KIv44*g$զ`Yr편odl&\.[␠‰NChJ~ʱ qJw|cHe$[~0ZvݭqohXt6]U 'DeZVMm/`t%- χ?|.**ښ y50B_X#y<^d_И4#{eS8Rf)QVq?e1Ć6n8QЂ"[| !/2CIbSs|QJX`=ҶgH1i|ia!rFф^ (anNt;Nx`=ȄQ龢v ygy|㒋NSwڱevv5;vewu#u8Y[m;[__jؤHYG[zdE_wz(Db13dEzP2'^\H,tFALѢM@IDAT܎94s5~4։zA9fUE) .7eSF)g}0OggY+q-=F8QF4n2橺68#FY1mkϮ_߳Ls~Yqn#0(a&|O={ J## ^x,G=i+xŦnMjl\u>lij0tӍr{]BtDJ:|%%<Ty䥗^^I'uZioP ?ʛ+`_G!۝`#8<^$'(&ӡ53WV6oq>, pyLbhd?1dVҰ/CqƂb1y$jnzc6Yg0WFIǑR}Γ# =>crAr]_. O:}P!t E@^?.`gU&CQ$ׯ܋.; 97 ;y.dJc⸰Sq $mAU[j,{:$N\ڟO N$,&be,VC*w|;ɾ(RѢJ&GEia&JR߼0QDR[!pqE r l7,{GG Noځ7>~4@ f ?}z}`{-4n}jKi:H)rZ`p=\`/ BOx?9|Հ 7lLYy}]U~W}YYA\ p)F:nn;IN燾J\vnonSt!|ǭ1D@RYbC&pǑv_:gM6LMzkR[wk^^Lo}~ω'0k,ʖ[<>_{Yg\{uJe:a";߹~ )u SO=is> /6kz:)Ob߹Cqo\cKH\FF'z%|2Cx v!>H',C{Rmꁗ~i#lze|>W H<,|OI>0У{0_@Gy4ɜ~4!dGw O<ג{tn+BGO;_;q7xrzΗ6itUgrQE%XMRȳM0 uk5 QEbc(崔ɘd"D]F&80{0ŝ0Xm]vU3,kY̐o} =vhT-Ukp4 kt DN>m7 ƢT :ix쭪 tzqKl_‹[z&VHF}z@dAuxO E'mGq Z Ab]ig0F PO#K˗JotfY[hU-#i;g}3N46wI^2ZZQ%9WqA]Jv5<߷AKG~?'6 nb˟j)V 8wӦ=l+[SEvԿ?sy2r,4P/~~]P_d^ ?׾9/V 藿d v1h_0y [o鼒2;˖-jz+ׯ陔yHso:!:OCԑN2~uKo{ɗ y!{9.k mH;zI'xQh,I=r! u.LdqD哪B7R] u߻L`؈O}?K6!Pu6 SvĨ}2*H0 ":̦ez82r) X a7 Q8$A"=hqȠs-:=tjL5`s*FVGQ]e ύσ⢂jmG-}S=x>:  !8p݁8x?Xe\_1`uCL b*D"Q4;|=6QؚkV%V̈́X#&7:[T9) ljuG]rІ2UF{plŻwm>ޫ'mj@=Zx,ߵkxЊF `绑`D [ m D1O1YB=~u3w,Yl40=cGٗO!ˡy71NZHyimU=>u9IKL4( EmIdw%.xE !;|TrxvF:tPHBBO W {)svm\K\g'zZ91V:}n[.AJx~^+ut-/bs8{xٲ%UI9x \r4?I$ '=B;)^/yΗ@ >ָ:ýk-M-JRmeǥ<0h p9mwq#:|#kv"+4Ma8d '$_^ǸLJu]66^])tPO${'?f K&PU#f$R[VAG!6v2yS+jmDYb]X,J :x @g`PԭO~Y|کybQG-[e/h{*,*B^Ttԍab'X8Le9Lk ]W˞Pi{k+3x:sίyZ;jw&'zwk[jE2ƾqTȩ˪C-xfƗHt.Q0nuK./h^'Υu\vPPO"!(CDm%?,'KReҐ@y>d:ṽL LuBQ.;v}ؑn x3FgP)nL`REKͣ|q2VpN*J!!#JBdUcgo~_~<үߤ#V( @g`zOVYc|xxW ꘧ZZT>V9u',7e;׌Ȟ\ r'B~ҬJ`reJA8sy'؟>k{}C;ބ&!Ah}Xz͘5F|W:'=Ws3[4µ*G4-JpIݡr'qpq|;6|Zp]k<ѻqF^ЎV:(_;9UD㩧ίr+WA>p C^O/_]_}[kߟy+ t1CU?羪u磕o>,߭ @]6UM05^1Ğ YsU:BMtDm7)s:q.btE:%' tCu]\!߯]:]%瓸)GF^G=KpEJיA?<8u_⠁>(;~_٫y v-3֟(1٪%6I#t^o`If=Z½zW:m=H 7 ,xy41ZBo (u:W4yyvƹs^]?q|#c"O#V ]f\΄mq xBNG .|u[jȋJ$l׵ەҭtqʘV 8pA%u_r2^wcE%e z ÂݟPQF@.R*`]QiHpڌ@&)DRA[M?^$PWtg3YRFј֐c? =+aBD! wYOefJu&Aq'A8g7>sﺐu GёvMԓ.9cOoxhROG*[Tl={ſ;v{pS j;xy^66%,*{a2HjԲ{Rzф$ ў9J`f;?6%]buɄ܂08 tX]xY;Hhs>xLf#4e"{k)ztMs5sJ& %xނ5P*^NR]\7;Я6%\<PO.}U\,d@ aaOCv!3ȣ4#C\Бvd1lq%k u†|5y2 h9 |~E2C@w n|&Q_#(n QMC.i Yà +tK//9ŋT5U!}CW^ypնY#a!/2=]}2śgYs y >a(SM] }<ऴCIsNI v yp9o>HעINGel ZWbWpyY =ǑzDD6e (m.;Wt"lI3z_RyR%[+PB~]H؋J7Sv\2F-XC\O5e 8@R pL&ܭ,F5cctz!4GMe4sGlWh1mNQ-]~/lPx6d¢gwqy'7WrA *tScrpeMCIך8NXh dp Y|_Gzn]f?\t,5##_},&t*s(_\R\VBhÃ) ".!.zwϞ=T(ơTʃv:t3b'_Ben ˚e<ɒ)ىcc;G'4_F*P 8O>eKoW^yвe=w u{իwdC'ϟ?/w_~s@ߤ/W]usd}p___b>1@gcDXȷm'+[]'9Tpu!s*yh4? .8O]psjԨ ])ϔ;7:u<x86enkum撾uGGwްy,ocBVs|8U{'9%uۼ|T4\/^:oͽ3iVP*"m_4[(TP,P1+'"0Fs3_pP1df1h C20:)Xzx{fK͗_ s*y tɂ~vuv9bG3TwkE..h,Y"$8˞=nZu8'YR[Fv҅ cTyG@)ڰZѴѹ eu8 s_KMi @[m[l8ܼucg}X,Π&`q5?NWcs=kDnR/o]z黆#1aylfs9s<#^auy 8;SN^GHd l#<ЗÃ6[9O||_Z!#oDF 9onK]^%l][U#W%RG }uBVs/#tO[ !'Q#-4F6W$HپY53!|6c=.^gCpDB pߐyůLq y\_}w/bओVY Yge>𞡳:c4||?Ҧ}9h_[7xΧUwйdi[]2>.NW^q\ud 2eh>Yߔ:qQqTpn neGl pBȏtؑÍ/h.z4<3O:/Ʒ66aQ@,J%0^ x:ńԬp|HdO!4S]?[]C&!fOPV+>tA+sӿmNP2섎~<М70-?裖oH=۷wxG5Oohx=KzyxbTNJnИlH7cWv]t)~!+DE,jrK8qnQMdD8}RJ̜pNUgƉ҉-SJиXCI6 oT=%>3EM>MyR<ۯF>T#G Uˆºz6ͬHgW 2GYֈk:Gz#OǞ|n>]fzI VMYH> &ZOJlm%@.賲A8zqxxΟ>1ټ6lبg5u[ݾ}eX6`6w ')ǍD:GwWjKrū"O^!<Kpp*0)1=8?8ASwCf9>`8y tдMi{Iu=yTO>}xq$RP X,Um:ˢ%՘p;ƌx6jOFmxF,* 3@g`&i)/yr\3}9w]x u-[`=xsoLd:feVR%t+>`VME1¤yoM j܌ym(8C L"qp>˘$3O87΅p2ywT uƞӴH___8w5pRMk!3eZ2|) ]@NnCJc:b1 .M//߼uJI|pӦ3^˻Q$zޟ*K"zoW_/h82_O\ٟ}c>ɏMfu;O*pÍs|/~=C{XtÂ͛_bg?{;9sH˻(pMhdb-& B5t-sT>]~6y!ۚ?0m۶kݺu=?ٸ]t#W]}G}EϹiCxeLvx~粂c/*@~`1z.7+x%*ZkDH!*CV5)0qOiC<^v1;yxwŊ_|T̯Z2?]H;a+ XcJf_9Ӵ`Iܭsؘ?޸Ϸ9k[+~≧zyM$ʯ QM['45;$>҆LRڬB9&ww+bUI:>]x~}yȃÑ|#<1m#^itAPQ戧+l~mJ2PhV)80j)mqĖd$'au _&ND@gsZx6LtiUV0 PkEV;Z;%gwϛ`tfop7z{gҮ\8NI&$8lD/~K mNg-aG`3jDA*bkʬ(k!5"$vpk_HOرns'~ZdQ굪pS(z("Dp $o˩v^ᘡFΩ[VHA?˖-{^e̐r@7Vf뭌=mT.o?a ?}yCfnVAd[lV Z>/+rG>p.v8yо38};l{_&%.< )~2w=|=_gsΙ6G7#A0OOO4A6o߾Sߙʮ]xݡOh<#G_v>7ܝ_s@[n~G%dM_vٻ?i̾p7{?r2;(7>ߝ'8'_~{>yǸt<`au=_{G_xbF>Q8HC7p9>V4H{uU I KF08l5hf@Pi]U\{ef()l)g$CG6#x^pa DZwO=g=:;M]%j."˽7b qZOMB%B/a!5lcqo&ْ-K<*d{ޙy<3gΙ9su:ukn[Y` 67@{ nΞx\<8zXoo퓽 ʉV%P}rLɸi&+ ‡Q%Kɜ.&2W!dza(Tx[velKȈ_|o+2wL+;SmcK솞okœoŕ48Kl+q;{:|Os8|GW}@U\YE{_Y9, ͩ؊6|%XKG_m_#tP`gB?ƍֱ=kd2QTၭ`tvD"Էr6uW@\* ղ&O)oiHHB5i! 0z`c_U,aH;5vMlx2Ugc1GDp[}̒ &oR&m0dԴX7W>5wRfh9Tq[{>vmW}ì:xWI*"ߴ[,kxg/]I`p6߭ sc7rG[vR,#MD~g_&xE%Vse}ǎfۯž8oZe/6NϽ8ՀRGy_I gې [ӅdK=\2;i:ke!'\8:bc0@LX[I{=18tILOLL͖jLl3ߝ{?g}=tN~{nHwtL F{lw8%O eMwbI哃zWkV pJsҿhC̣U 9"'Xl#dIbU@G b?o)b],}q>wew6~V~f߀Wp&M]pϮ UɅدKzj+Av_CHi;ז2QJIg2Ja) <#̊mm3A.! ^C9xx릾]j;VmB;(?RSjbFj|3o?2Oc5nV"P>uSxUn>1[QfF>o6,+\o!-l!>w^@u|Q@X<Fdꙹk׮UoLiM6mi_;='#\KJxECu2dA_C9t:zjI>.eHMHP/cc'\ ѩ F/m1h%NT2ctMVȨ 3*S1lB@&cА=@IDAT3O_sqx:{`z'Ӑfz^:뀕>Ko}©U)]ҿ]u>ĺ MW_sj#> sK7:&x[}%Bu^[''M6S$Cm ,Ctŗ\OǍ- ѧsh14'$ .-rjƪAS/a&S/;oڻIa;/G3'S|_ šiHq'024=Qꂬ vu\?j~3t{:t4%1-O1:hJTW Sgx?DZtܟ"cwި$W%M7)dϮhe3.)M}ry|mw>ݼ:}]%3sϽ;vO2k˷c{wtjkU'~)Kݗ;z>zX| srn)'>LG/cTQ`h'w֩_&QnɞvSWj[o|'Z?B^&tL{{`3ͨ7U~'+Fd2zQ2ÄMNp^f폰qzUi``I W J3c*3*ܬY'+`OЗTK&x.wm\S|;h'p;WQXSBٸmgJ-G=25=V[ck[3@W`ʝEw0 ^s4zy!lR3~Ӆ5ķF/L*K „-73K^Xo;ev01PlhUmfw61'?3#>ܞXe_WfZO].\(4߹{z>Oh{}=* AuxK<{" c\p^?wR^_S{["_l?i, C:| U]wcߟ?=.&>/e~Kw_8/l2sskAiηғMo*\ȍ8h#ύeS28[%pq95 {E?걍%Nu1/[%;n Y.y  4FT `]f"]6(I"<쌏)Um42u,"ei]vwϟ?j`30ؼ䩧2'{nntltlT-G:J1:X;=\r4 .Ƒ#JiK>pe Art~?Ra7|/jX_;a!`M+]jX%?fGy'A\p}˳['i8%=2ZtD=?;YÏ>3oVMTwX,Vqġ#o{Q|&L5 tm~z㨣ooY^IWJ*s%LZ`=l<1/}鋆xojhg7$c+KK+m <ݧܼܘ`ˆ/I{U=m\xԭӵtz9!]{pzPZ(=.峋_fOz->Fc&>>pfZeyLws<5d6N/ew_#!_sNZRoU7)38Mt94>n ct?`eŐ` N$hU4t$Ƽ/ F#NXG!Fv 3 8|ApQjzHO/uLeӜzH+g J^y8<͆}ؕk_zvj:lI>"V|ߜuG?a~H~%6?xr~Z1R+N%t-K+_5;cGcT_et{t]ǓVʫZIa2JNlrw}H1,*/z0R;9=6](͟ 6m :VMhk64/z þ ۪ǜ/~Ëj'<\e哒p>Dp&̛a*u8@^+ZyUil}ִ8$L&>nKxTTm2LGvN|s]9WY~:438 2 +Z2y$ 'C:$$@L nQ1h? 6֗Wz;=C`STL mt4ێ}CӽY?}|And3齞AIOϨ'>L*G9wF4= x#t5ϝ;(;w^W)ЦeC6 $s;:mPяpןBZ*r F0$nF)qéN>?̼5~by`sHW \hp|M%&Lle/[O|ⳳb)2N߳qާZt5kZjmkSi]{}駟O~:TtN;E=uZ?SO~$vEL 2}k1g M-MLظim^q}]wC{ՠ.L P#e?e3>hyMЎiUQ݋awb>ϿMsxy"XtʴC%o x2@ Bg+yd0w:׼敃?eI)}~Xn}q CPrx/%6ъ~xN:aUUC.=+6ASJaem9&Z]8:V_zm 2\~e ssڰ}s7~*['3UN0_ ^hCU!æ7EtEQDܴЍu6Ս|l+nY/ưY`j]t@ŦQ8k@&SJd"5.@~LpT*Ce$Z)/{ɶ;~G>/:GNى#]6c*9aQB]5`F.G5<-~F P$E'Ev=nUɫ%^'?}TlA/?c_xYhelO}4@`|)' Ͽ^%vO)/;wd)㪫ckGy&6,ӽ.ʾ{ʏ~{=~Ձ2[]~ %77dnåڍW@tވ,5W\R]FꚶЌ,?*1ebVvK#FD5βs SO}0:gJ JU)Z GII%zЪUҞ}t O3D(v۝GN:XU4͛7׿fn]@ eyBFxq{U$I3T~Q|.i8@f~q >8|?ҾlR8N1S¦ޜO)ĕLT|qȊ8#1tq8|q# FyC!xZm<θN2] ,4ݎLCed!Hk "wj8yޓ)=b3OJ.]BMaގ S]'^s}ARZtZl *sw[?8~±>=bB`zƖ,|\8G7S;ōV.npwp]|,v~?x$3`!πV&l .uîxѹ5ő~L銤f#pl H m$2fJE8zؑ&`Br7Y׵F|3gΘqA+?*h_%8DQK YЅٰM,Oe/jK6rr*<P"ɿ]pz%cr*7<<Ԝ17m* &N422Ѹᆛ{,ب%csƠΤER2d?o4qg+qs=<УzO;Q ybIVssc:tMZ(I\HږL{H $=ӆ 荴:,'˦Of . w2&0ƅC{>M=Q Niٳgڄց?SO_Ⓡ6^{}& |n&9N>e"yÓN:~xѢE\sC&&rQ!thmy C}=üN]O/ZY+6aJxpk%M Q~i#Sš ?m/tF<d;]6;.e'< VE[/S ISϕ< <,F>Lr;<Ü mtn'D9&+p`bIMF& ^d~>0avU/ʎ7&F?}/붓_K1SU?]x$cns|#Pu m;_uK :fssf65sPKQ,lw$,kHmbi)]\EĥpeQ|we7u*@{V,Ysw~rKO=n3OѰʍ9i,xvIESѩot<Ş l ;C^'925X)7h\(i8k(-> 7d_~T]wտPF?eWA@p ՟ʕ٤OD+NN/-+i®OdOy2ܱyeymmd.~e<sMP]:?$RHx 7 NE^FVE9&MqXz p %IpgU{&{QJĴ@x-t^mтGFWɶzyKڻk,LV 8vakuiP8qg usKRcev[4~dzqazzPW+j[l=h~< O>$}. 8O!rBeCgfvɿ_ЧotiozHW N8a|[8::PM9*ۉ>?~z3W*IK5版,T2[W DyKI"o*{L>jO.~B/xe !:Νmm_ l[BE22;7Of*SJٝy*)=ASRMdNt<56_=7Σf^]Q]B4 "x"mА@(xMK [x(/ }P6D;iM [Q9v01&4 j}=0=}HL饧Qs/;'J0vӎj㭯^<[\_ uxErlf?VB12dNtsp KT\)5ن uM:TdFR%P=_BAaF_'Ǹ+tYٝ.5Q/(ȳǚ`BQFb#puNUڛn6J4F))3~{[?au"TYzJӟ]sEW7Lڶ0 ISa8s{17{gPLoXA>f ʕAfs|-8}'`L4wrx9.$DX̝6@:ӆ/_f)x|*yդLKp9]|_.?rOYU ؃Q~&<9NAxst6o L,_T&bLϯ7/Y WA?̲qyf}wk;G 0˖->!ꚁkSƞ%,\6׻~o^M7.GId0Dq/ZbʴlsДulο^x]Gq.W o=+0EŌ.kt<56|/&{"ll&}o H= V؞k|ptjS;JYۭ2˨;ss:ia[n%oNwΩ-FghWsr{\yKq1>t8n4GǦ~$yoT uwx*iR5da%`j5lb|WL }nĩ&C ތiy`z`BKXc6@b>du;=vm\W6z4FZogIT"f:5:z)ͽܽz &iıGez't&%?1L>6U=N/<M>4xzW)=)O>dw_/~]= }Gt Oϣ _a37Sdxr#'Ohŗy>&ow=$VoNELQT*6ۍ=l)X j+䀛3E4?.‘5>p~WP4#[ o8xc;X${1}] _ .7v{hZc䱆ZEv%! ?hCD܎Ϳ5BJ$Wu,?FW#['08e59z-W#/$~Wb9 Js/eY+[j;Џs9s`:,vx?pڷas_!οS%/R|ؿpBתmBȗg>6&^ϊ}fFu~I*0GjCҿk!gTE}/iy)tCxH9:l3qNGB}ToK ǔ|B#:"hBFX}'b(J/qu|k9Cn+ܸV<ߪCOMcbq&1;W,[]/0;Нn~4?'+VCee.Lƫn }fgpEB$Oq8s d"\ӯ"O2:l;9< L ׎k G LcVD 2#A:V&$OuX͝5SZJ.Ad٠U0]bct)CnƁ8cYPUՙo^Z"UרˁexV)sG@'NxQ$P_V¤'Nٗtc=Hc˭ J4'M1(%  r c!7/`xWCN L|Gyfq?oEEyxA2_(@tx}%B%AOt4a7~"O \%`./;#Q(\z ʧ"Yn\s-bG9{,w M/ԋ BIeȈΣR VIc>Mx׉8 {|+Vo?v/ tJl14G- 0W`=&~9: NtpB/>iXOYnl|(q]=JW6L|UR ͆6c3aO\'p?i?'{{^M ڧ~\}R %ח kV96{./koM DYۇF¡ly. *^fA`oF`q^LJl$LFCbD~\sSƊQRq,E O*(k!Λ:>X#o~JJ|>G2o"Vu;K9^N6|费PsQfZ>'?V7*L L1/G8Lai~s/+. ͨ&,*'葓lU ԟ_H u3E/(p:ux:;8#5x_@Y݅xzCC,ãK=,Oz{zZn_YwDoS12 =,J.Nn̤3n\;vәr2$\v]k>R)Tf`L76) 2rLV VUd#UsPc"fYع7~IGRvX1^ǡq )*`Twb2;nZ _ =CYG %̚$(11?&ĵX$~fmv*2Ѝ*@>NC#d}zۗZ;_6Wdf;۸wIiVw;Q!2i߱5d4zջMIE#q&3w؉'?tұ\3"NPeOR%V19#.],lRrW>8j~^89O)GYB^།m#.TL其/z :/:'6맘:O%P/&{6GݿQgIm4QMu|+ml eq*j—87u;6IJmxseiugCȏ8//}p6q lË_lԇ>Mt끶әNі+ 4UYA#kpPI<򫣕Ě=j%*X.%xЯD tLHB/N[ƣ<1qCkuTo Mg gἝu[0>wp:x@#O'6*k:^'1pY,hiO%6xUpM%%gHpae]{啷}o[\+ tL7ɧO&HjgrcP~w:C^ jVm5A#(wb.E0A)_Omzf;)nahG50錃:!4{?I @F2꣔}|gʒ˟};¦:]mFx 'Fߢ6HMJyv!2lnr'4SɆ|'4Re.uⷜzDo6ԄG:luyJtY,7d8eIi2]}W@/'2b2y>w|FM`!#&;MڕMhdׁ0Ff'V$DT,q^Sʫ&&/)q-ʲEv}x&T2LH6ތU^$'/e'_LJu|KG,Tr:l?ilT|vWj\vk:Xذa5O<sz^.K~ڎV}CҏmL0f$茡q;g}p覛~s-~ !W+q3p.ONZuQ2>؀m+84#_LRTOuw-N/n[[` #6f ģ rKD~ u}m 6 KY> y>v^Ʋ驿VQcq"]neL<:/yDU])fѰ6` UEB}u b^Iij@껰=|8$tflŀbuL36D svQb_l\Î灇}WbSu5:C{6z:L-+-D.خPg Db'd-e6;^{ŕ7x{/tNWǪH-r*s^!R2I%=TxB*̶, Rrk,2iW<%|j;dSΛl@Uv>noBc+e*gj@ [p+ AW+~hK 9[b1)bHV,SJLlV0c֩|0;󹕮L&#Q@b(BPꀇ uؖq~-oy.)vOj/o*4i#YEѿ^˵9‰]/v!đ20JK9,˲OD?rځۓ(C2ͮ--AB'u@IDAT 54eᐧCΜh=pǵKC+Fx$Mp5200@{XBW/{ .asG24v24fAK ԆRwoxo{ e:[:~GN7Ok~͙3-xlq9i+Um\ҕ!1mo |tƹ U^v}ăSs'c,Zf(BǜU?*ň$qӒ0PEf DnxRDw5*daՂxW;ܖD9PS=E:6///l~^P6-^F~n6J{GGGYc W wu쫃Ms1.va}>|Fq/1;> lónjxjȅ~e 0|ЇT鲽 |>k!)x"'Y?EFyLY"A~Gd8` s* B*)pOe*.qF'@jPDw~g|ym ܖp)tP]:v@ (i;Δ]eO>͉;=vֹ7|b{^`~]8{][;g nY_: b~8;!!W).ֿ/̦ ];V}䫍rj.)(n$KQ;RV`y=ƻz ٲ5~sEΏĂS@a¦v06xJ}nqeZZ 'teb_|\xSև>E;:.t[K+q_oQO˳7mM`!n@U ᔄƅMIMĬ}gT?mW2~܂LiC)ԍ)ne2=<$98 v;-q!3s0iD\pX'.d9N\Azym 9EW[<_򈃷g#U^zPE߄S: Z#Bƴ?Y"ѓ"ivzlnZĊk!㈯lN>KLO/>%?v䐃Wt/[?/JGFzfcoy#e++'YMߨo3l!t[.޹ZO QA]uўn!ZrFR$b[ u%M.8K b~= W42;ೀg·=_]gqv%kI>1XrI峄ߖT+A2?*7+BOr7iRU`. AdV8x ",y,$p4K !H1Dy2R(Qΰʵùv{bh_ tQ&ׁU^ -@$ E L n̢X3 JɩA%j?%o Q^G>3s8mh-jٞR]TN u:JiJqawYv8})rwW::=FC}YťynDv]v}?w R` p_uTqCҮV|>tEuuRj`iVG=e%}Cm8-:\;mʺ{O;m!+d9|(]A+݀ a8DULDtg`)yCbu8q^CQRf3T F84BA0"#f:*8xq+ +ҔG7|O"BgN[ vN:YD?ohx#m.YjLg##~3o-:A5F{{Ɩ-ݵϕEK=)|Jjו/&{Wm z,CdJB-vƅ'ܹX PnW;'{#l p}6,+s@bԉDaRa6^CF>%_ĤR1Ih#&Jd25^ґw:ȬDKr%2*\Ek:)O)ہm93J2O+a}]y@sGА/y_%-}Oַ;k͚'FcVg4=W>6{\[{;G@sgތG:YfAs zt|0.._3T |+oF@sX7h{yձNZfaSP_?ē&?{JO0Z<>Wx:X}$wN8o-X}>3ϟ=CVonJ^"R^,X{wn}py %ib2$ XEhH!DzHH\Z'wI@gtd:eݺ ͏~3O<׽ey08uL7< [ MOMHCfҥ8c&KeSDmK%C +]HĤC93y[8{YND BɈtl=0=l=ğISu\P÷]#"liǬ؇/l뼮͌ҹN쁡ᑹOf +tz4ΓأNfX;RN2ti8 -[JD#2uo $."Ν;16d T$o<L͟]qsO`qȂ OBgEzKr 34T\$ߺ$|*0"JxV!ީqIb=x`sՁ#,سN=yO#0ypq& lJ0I)*+"8!c*#<8ȧQhШ}&Cr;:%͑MrZu9`aN%Pp1R+9[$pGw)uAۺ2m+.mta2l( \^ ,]o<χrKi#4AdzfcsxjGbs*[F;UO`Ι3'Ԓѭ>e)w{,!SpxkD QYUozp$q!/x1(J~?w\zLϣȯ8(ᔥU&^qQ1G9}@^惯w%vۖuܐ?r%O ۙ hS,L"Gq( `9MGeDKOrU+A&`u6:*/Њ*SB6JOL_Zt?>2'3wQ{t,ҹoI<_ci/9g[u*& g#m:,—~{{._n{{.l+.)'M\ XՅ[,pW&@XK\$x.y]mPГىH?bj:>$3vzXC4`%s b n;)}@A, R 3Fk`BePl3>ByU)U fO& W%*|jMx!+%,8X% pBC˘ 2#8}eyYRUBNH\%r[(SŠ/|iܙ'e,/_ɴ8dE ,~[3ޅir_qpĝ9P͞ag.,OѸF_W\1g~p^! (!xG{ps[,,< C,1aQj*,jd}(%K,6gQ'N$\$);/ZBF4(w&n6MB$-m~5U UPF\ j,M$t{$$p>/#Vp#Bn<.eg,~J^77zb`^\U?zV*z668COL-hF- AXDnJ,9WL]}6-|8`.!yYCG;yj1:<?O%Nc믷U4GϼzͣN4OyCO~⑓O\3oz#ڰaSŗ^sW>끇KK9'xl)l14хAuF{CIK[DjKJAeFo%٠K!cR- ZW/&./-Z Qq? [*{R2y9@? Ao DbQ ^o"pЕ<V$F"byH̀9~͎xdAp LKO`}Yi7E"?|T}БRf#kFMYvm7Q4g SPXMRI.!X6Ī|+ Teڠw2g_F׌(Wi+dDi$偊.{Ĭ#Nd OTfzmr]' V;ˊt.ku;izqnKET& ]E yV&>WBiA0xɸ*4woEJB q MI\..>f߿~-rbÆ!t񌇰UewK<%șy=~;u6PKGTs6Jo`vv#:O{ѥ ~mW O\|5ҏr_Uե z} E ru+EuE,nk 3'UdT݌Tr166#x"0<%>KyMLSWIz}2^>7|wϪ[lq{pUC;H8e'-B PS+n*x6y!w8,PfU@xpaYtv@Ta\R$~^nE>2|ZLxu}9!+sSeH\X DD"N:Go,'2JC/6SAno "f2c0`'^ -hPkWkz}߷~-W꽺UWuﭪ[ i 8vS+7傣m(G:oTCRЬɿ{ţk7Y&SJZJu}3Oj-9qGmuCM{*jy>ֳoLt+:9~.r;PѸ-*/zO8M_@œԟv)6$p 6U0CS<7 smX9,ξrp]<4_@5_ƴ)\G'R-?3ڢ=pd.WTLwp:2]|?9aElCɨ{ Q,$r6 ,0RИ k%7ZAO4LL-/ e&DŽ>}Rڞ"FQ8bV%vW#1@$%Ȋ X;Tȝ CtsNФЩ7k\ x$0FOUVldpp}aCY~((!d jU*Bm~(٩OHp"h?ZஜxY.rMHx!mAWꅨm_gY :3;06C'н|U}J?8 o~d?g?vWxkS}^5W\2e"N*+ೲo?OKkƗ *O(^RENj +\/S0 U_aqqiS{W硉{{~W]sW]<;6(>C r%Z#BIyt<GaOڤi`2^t"i(vkx {Ww>:IMydiLnힶy&3/^/{م+9G8>x -4B\&<7aPl0V<}1pQ!"ת7<+=rZntڈ .h22-yȌR"%Ae5xbNr%`TNxKOiEAg37 p_I3ᬤ5e=>Gɉ0 d 9E͒S`kZ.WՑWyi(-z۷2i:hZ9'4a&c] ?t)e:-6v`˶G=l"SN΄UZG'X?K ۶m]t˯|KjB-Y78%<ˤi+yվ/RFWakJB|)t\ubO޴- eIVM2g1 (UEJk\!o-WN\Zy$d:kZLz,|Cx< g/!\OUDx yy21S]y?ŻP\frq [y`'JEȗ<&~_SqEL ી2kG7zy;_afA/̰>O|֝ ?}ߺevvt/ȷPq~#̐(~]5  }&+Vԉ7-;a韼?nIʇbm77cᗴ1w T 5}󵸼cy/;;exѣkvc!I3PDl d[a%)ah?1/0H4؂A m'mC L5@CDCIr> |-#u޾a |#i7?%\O6`ԋ0`mA\}UOOPf#ߧ-*}F NT~2km2/ ehsr)[/4)vȆ4igRԓ)8z5j&D&%>y>Ai~)'UFuQJ:_D߲IǶx$ITkϷjEźIP[\W@* I#-?8m*|-nA.'殹_yr3$T^M;'FFPM*>q-Eѥ2Z BfN !iaƅxJkKqS'g 10nL[$ Q-+?BO%pd83JL b5m⢻e6妯m~|Oz7m,u 6Mʰw8]/ ɻGWEssohvhfz{>{ T l<ʗ-Zsnt9m}xkwBv$zS>"PnCtrG{tz/uݹczhR OyYęw՞ M@&!if O(4k;FZy[>CO=02)ᤫ۴hG>-:mh-her]>;~cv O) oP\Վ|JVdLVr3atWY?ymuϿ腸? >5O~Gf~)̷X ;ػdRs7= ?Zi{/1&k^ax|}.pSPRVN_'ZBGFFiD{Pd D޸SAb%p;^XETG"MdMsRِЈLVD%>˻apQژ<#́8r2to()zǶ{FCzR*Ȋ68k5Č6RB}S=Fv1\YX&Q׺c&oU|⥊csO:?,M背$'}왑Qҍwo0ҋt3N_|'f;5Wꎻf&gui+LE6Z|z/}#T<:Idn''/w[kZf4x۾qyvvzⳟ}zO=*3u&!LO9KFsB_zܢO_nٴqnuůnZ˕]SA^x'@"<p҄(<}d Gx $#ORҨnEKE* pALoI .#.D9X50`Y,XE sh7'-pW+9=R )YMBW^C ]6aK3 Sgbk R!: DGWIUrl\W]6>ں$m~sL36k~fWT3yxΎ}bN=6of5f^ѫnȐ\)IM9w̵Se~/k6l\s\fZf_F҆{xkIs uL2w]\ w0tNSZp 42`=F鿭goVֻaP^ڕ,[L$b.Ҥŗܱ׍@,Ӷ/zlSt='Wb]19:rOR«( 3 Og_;^ ~oo^_W#ms/^.˺fk(hwzS'gL#2 巽U+|<+JFwSr$mu9ٱQ>v>)ܵ\[g/W]}ɒ',I'zA2YH<K) IRt) bXZ8ZCu!_@^W!hJ&vDc$:_ mx|kqpx =o@E1S_Ϊ )]Ȱۓ~\*/OeKe!y) OkS.uJg 7*޴=;g< (?=_=ˇж-wͧo ع hUj\k[:;mPaȑi-鐶ŵyҷyhӞNz8-OvWDĕU.K?[L.4WYH3ø3يv=-Y#!4B1| uH96bFb@>I'*`jRƫ G{yjܼ'b”]9 9:e{ٺJ0NUO(~CW\u/,,,=M6L^u矷u-e|"S( jq!>yh~q;z뮜S/p$[ssGy*jtBO I k툹-ᖑw-,(htہ׷N܂9?y!ܭno6ղ[T}L)eW\ |[WV? jWsAq$|`Os_gX&sҚ` pRz ! \puB3#ί{-*<4yם.~}W)*>x⹊`$oN׏9(8[o{A77׷S\SNv+#6?зN~ۛ³ =r`? ' ZM E[XCR }[u'ͩ+`̇p?{}3o]DdRܬewqVbSf(C*U)e~ЖFh+}ihƄ[-n j> mTէ^heq)!ZV_??yXSKc"TnqGc%/&:_} +.Nj&1aL6 {ʪc3m֍49qu=Ե;BmRK"-vB:7m#/)J%^edxG/<˿3cEFz8X_8~h;5b(eT'}V)&WSP_}O*jŷ+X1GԤ6'ԗ|٥<0=59;~gjfܦNĽ訽ϧ oA]nuť) ft]cI1#LV&د㨭9,!A ZNVT?Ue1eю)qSeuo.| 7M8119\7?=ȓS~|EvKzZ%Nt~G-[J0p'oM7yrFi!:w\I1@IM(J Ow(,LeU BvLh""e*c<1 sLAF)qzU C=lصLRw|&e%֕iD=6eij'8D=C t'(To{]GF+*2-#6>yN$/)vpKrCO iP$d/FBDN m il+~>c VemX-pL!Lƈ~5}RKymo{\r2<ж\ZX?Z^䏣]K8x% Zms8G\J٫RJg|7j&~5.,dy]\yb\̰m_fcyH R`䔒TtL/ʩDt3>G%cDHՠToejڑdF0} |&l_l NKݺŤ8mR_N8a}D{v8V+=c^NS8S\tM xG|mCw(>OSm>sf\l2W_T059ucS<-01-cࢾ{d89"!(J#A?6M|`A wv ]軮hY8xlbRx8D;34i(jxh v#!8]; 0hTق܎ @@x3u!GzWYt:4^z_+2"tჯAuhA)$ћ"R&ue%d [ӠXejxk^T-{;%L_p«Zﴽ̋}i5;`*hL)iT6$e? #%*@IDAT6Kz82RV8Mg^U+7333]~} w~[l6'{ږLmglɓZ\B3~&IPo-OjH\X37j{>h}vئg;-e!$41yiU|X\_s yCIfxT@ƶҀ_?ۯzNKW_C׿ģ"p- JBu"Q@Y,_إe? QݣQv=H щ4kHnE_r -rAMųk3,0fm鼳?i6ozr ϜmN/;13Ӣ1 ;8羲'|n~r^+b3i4\Y}bI?f»&P̖1&ߐ瀏4{&F&$L,j1E?;+ܻvW[H:4΁i-:$xɋ?2oxg_`Zhe34յ[[ެejԩ.\'jYԇzg,E`7XgL2փxIzL'&v>=*L!+ ssW]2ʺ%޶~Z5,r,C}[n28x\6~iT+9m:j{&o*36Zvy8ܑGϋm'ÅJ]oAu";2}:34$LcԱ)92Ԩ͔bvAnjkר  *, A)% ^Ea88L'tw'cu@z8qX_8q~.drD34OU9 Oဉ\ 6+ޭȯ ] GE}Ǖ>OqG7of9aK.Nggg76p^X\/Ōt'}/]&qs>MgSDN@ 4Dv%lgOx7G,SԺŠ\hbneC]w(r˟!,ᤄķ6Hk>|EȑxRWK2Ztr eȨ,W\ g&xb ϳ+}檴6մSh+9jLu,/KAOHJf9wto#a >hĮ'<4koUl!4NN*^6dil?‡S5OWpY.g(S50-p"{p@ߡzx/?}GνߨOjț.:ͯl ̳*,#|oG_<=Ԟ}zޡ[yH| 眽}EOꯛ7\mÆ?8︆GLK0Wt_3$>&TL[}hZX4vh7U/9_,@wlA%GSv~_90?Ė|Me}sTҎ.1[jU\'NEx8e$CN,ȡH;*U̕)2&E00%Gٔ8Q d+6׀CY> ɞUQN'Zz%+CH6+[Y!3\,3^ zJ1 JmB_`|63I,ceTP!9AY!f=Nьl!qi3Qބf;$[ ,L5hLYN2.f&-B$m\c)$qRS, .M&-<"* Al\joBj[t r2'ph&e!>y=|mrNzבO bK||,k}- Ӗ|ϊ8kO˜39T ]8(E'LUYݘ RhC_-{3'2>:Up<p<9[Ҳ`< g|Ԭl8geӄ9qf<'TEC?wHj¿@ܻa}٣ſ}x6>RFX_"gpH@.(B‡F_?ƉO_b7whq~61 8𣃇F۶nfӷ׿(wy8;T=ؽ{ԫ_CxK眻}y>$qdW0Ftmm]k4CbnM/A(.)XvNe{x LY0|&]h 1 s5&r{hI8B!*'9ֆZx!𴫻93 b2M>&O0CN\nV(k8zPW_!4Hm9>,&*LR1`+JfV-׾2~O^RnZx[ē|-)#|j'CZ5e_}};}̶Ͳ/CǻW^l@AXm #.$/r 0Xj~ Yq ),5SrBm W{7~ܜ\\Ȉ`UHy .-D`q)s]_cE[t*s_xa}lYT-tV1x"U>FL7 -~;ʘ̷>ŃoP|+Y`B^[Y``~6-vk: ՜\sMphFʸO5[U6\ZK҄M0?fr<5mt~7m.;%ne3 @/O%>'j`ieb =x_OGK³yViO`ee}+=%~ڽN'za|,43^W{]{8c>E `R;ᗙj/ӊFn :F)!Ֆ:Z(4IS|ókB4M#-bTSR(x/I@Lo0T(IY[')Ja]Sf-Q)".2:htհFX0|녖z9q92a60-*`xE!8Zsa0>)~SA2T=ʓ јs Y9M̓5` OH[$2ʺ%!|p+EV'嗖ǜN%Ц§@SXdKyKI.p`ȭvvLĶ865ķ8QH^9e-~a>Zhm:C:%P?Ε^~ʙ͑u%鵰匭fCW%NX.: XRآ'80#VFdՈZo^X|=37|g?wgaXz,=okE+\Fa8l%Q'kG jر/8 7鑏a)1F!.[ g(ER<1'C)@eir;<up[ .L!Զ#DeU!LV1| ёUa:hʀIA\0BLLKZ\Rg[^*ѪzA .8f3ZŤkFkki'a2`'Uu)&+/Q.8%*j1c"r!>D{FX mO; Clcsxkj6r-Z%icR7c};ɤHC ;reT-,}Vqm3Ξ#}Yn>oՋo/Sgշ9 j]k}b:|]eW^:$r\WZjWC@(9AC6%[%s$K-e;,'\kAx#+~7A 7Z@x-;#CN|P|ȲG *! &K-} zx䱰Z"/,6HbA^sl;L#xE`-?8O]<6ŁaH-)+~rmqUE<ɗK8W:KJGAc9 ҏBnf( z |Od p "8_u8b;7 JI$~|Vf= w+4ׂrܫ#$LmѢO֬]LLu[c5Ѯ]O'ԧw*)${ ''ٌylO"OP^;q/W- i0ܼ|)[ 6/R3x HMU<泂خ"ޠ/UܪȨpMm`Yxp#mG/y9ۛR|H;3C'T&Ҽ)b7 ii#-Ȅ" aAaJ})~f9/uЅYE1zl& &tuܲi9;O h hriV[\>2:zBxW<Y/ ~43]^xe`qib;GÀ({#5g *Uv|Q {O/-Oi՝n"ls%@,5XHkE=yɍf5GYha`rM3޽)$@ fg6裙BjN{ C"S9]6h! LdاQ,e28t XI-TH=ƑxR|aUs5 :Im$秤5d P'rMzQdVd)$+v=(zg. 2 '1-rr :X0@k+-&Ų`5p/YMaD :Sp~mJC|ĮOԻ |EBRo$ u2Qd#Hʾ̬Д 7|*cN"p !JeY#>«W& 0ķhq+UB:Yu/R#_/>K^#N]O ."jKWyOA:|g;251&fDA"LIg͏C>*~Q_b|P"TbK91@w:uz3CW3}ʕzdP82(2h*; ;@r(Es1ΡIʓG' <G@ܽwrrgwh=g@;emgטfz'*,vÀ OӮy2s`T|2Z /D=Ӄ:>]sEs嗿19QX9dAg4anIf5gvLlݺiz&igQ n'lٸq߭Z<={~sm}oԂ$[ԅ&i`zæHf&^h%aV\[`NcV/}{"ՔL٥]8XI =n(D 04\$lS6vFSiU3Hz0˰pPi2|'%xRzhkLT'7 0U^CpH1mMY%~wӴOR]]9oV#'YDg@r+D!5&L}5|V]'_W\!@ }t2Bag҆ a)$M:_h+@g8x谥@ We/\aBtIGdu$`YLCo6 Jod}MQ<ʸ>oW$ U2ϑlM)CȄ2px!P_i[N&,rrUZE;Ĺ-kWS>_H $&O?osMs6^S}&S^n#`+?f2ϓڂ& @0#M L5i}pn۶sUx#K6lܲuӋd[Fqɑ5ZA`,*M@ .,>>0g~]T>dPy=EJ t&] (x!Ct.q6SMPksf)5|f 80CE>"p< L0A*ߌ@wg\h}5Ȫ`?A”](pB%%ΰT67tt7(ҡJ4HAN_f-a, O{9oaOp4F8M'2&2-Y@iḋ-LebPRV!S&x/찮B%i_+3 O8;Eu|}*ʸVetBm%[Pv-BZ9 #{oQ!ُ, Z<.8vdi4ꀼ۵zz@uZj ~lXu <%mUd6w-nMUHc6b%M[I;Re)-_=0GWS3n_Wuʌx.q"c;{qHÉ@(z:\^%&۔yBNF A^(Ґ'g5o1h~YdF; `+I-\ا|m}V>*=+%8$9h$Oy ,\(]]9k#Tv88#c7&C?'}3!r #B?yuI8[tΰBY98|Ey&ϨF%?[5׷#Qx"_"Ԃ&AA&GO,i)w$%05-(̬ x4͊[700]6v۷oٲymUk&U;ԛkFjV}AI?b&YzDq e$v!`"4Ni$+BL &[]z-'xӤM#7 bsʶ+] %.y)JHzѶYY(Jm=)@HKy+i'+caa3}|HMYcSۮZy۲Ayr[i |0@Xi]!oN2]`r:Ӧ_Ґ C)%Nb״b|]{%̬GdŹv\|)skVO$ObUTv8L eoEU#_[|c5j5G.ҷ6땾+\j- lh J) (2>R2{ ]w+)}'OFAd{ z8;ߪd7*9lMY6,CROu%gdE/Wwt(+6Q7H&O^y<;.jRfJ*4!GCx дu#«<ο[I.t7nlW-P_ML e+{&okh?)X GrwCG6qsa;# "`/@#rRz O53'=՟ܫ.˥!ڹy)Zk`rQSs^)XҬ_ jAVkBPf7&bv&,;Z6}Z; Qn^Y`q`㎳خ/lNia`V7;G`NeV-\." ^Fw#礏,jo2(8`PdeCrA-!aqmA|\ҡ–`NU>_#3~}6E'U-\ҝ2HXO!ߡuV!M-oQ&?Pt(($m)5ECZO2rn^a ZJQكK.CF+úTxÂQ,*Od ## YO+TCؽR˙S*q-Y+Uf_Ms' qoj$řf!Z3[]UZ!`Fd-6<̂6B Z 0S)EڠM- >ip@JW2. {= ѵ.Jk:r*T,o/wb4@l_/r2L,x`G =.t=+yn4X 9tjGrZ69[yю 釡qZTk#o8);ӎT.U ׍&YLJo(7?HZmNf2ƕm.5.{"y .w:p㶚rԀ )b3mȴ`޼ψYReWY^Kh=d#kM"]>$`I"K34ĘJSM6pUꜶ¿q_PN^ɿp*l=p~)2}⥊c 2я363qpL$<\wvąޗW4CʣRLbD+ *,(ܩAEVm_ d*P~x"J*2g7G`f-Yp@bEv k\L}%Ii,+AUa;ơk%H}( ? $Xx+ =0%S~EyRJy3BGO@#O/Z-Ln8a IvSyvRb105?Bp̞d+Y^KK,L?s^5"N\q; J+ l FFN؄3!(WSP[kzנp *MLbAܨZddmS5e;b< Zr'` r! Oyvq%&η,'tӝ-L#s{E.w9&ӥ'[Fҭ_ (d]J"$Dl<:ZpG0Ը7LޔeKO]w,t~Dm? k4PGA?87<= Rz_AWq8%w¬RZu]=¯L$=sK=)I 3¥Mdxuuȴ$LCxOtC߹^REF&o諑#K 5M7RV C\8Сm\ƻWq,ܢ~=`81}{Ʃ3'W+zq5M"Wy_ $zr:NL]!KP'/jqB]xt \?x\ERdd3qeî6 OJDvrR$O'f߮kiwDM"ιa3O0$k6y!.89?O@4_"⠚FxKT;c,\X8x )+R-%I<зy%p'KE(?ygjPRnn5 ]0FzEym0YTR^]\^78 ls֗mU1 :E} ˩u7v1gztdJׅ2preބilc,:$ |n섛u셗ɠ;c1$1|g:BoѠ$ mXMRKK>uyje-N EGR[_j *#V8Tzc@](_ y·B\O`[+ 8mcŸE0r;.%*%Ցg!)EY( nLM.~!KH!}[U|ß\_*3w)'S ǿqZ+v-U qH[4''c(W\su/y>-7 *9+⶘=8/kzxY/l&b] i9(גWQ<7&l9!mJF = _&Ŕ ڇ{`mSC[e#N鉁L3K_Vl~J^Bd0@[_ʗ|{ DeyپFY*G)m`TId}[N7l+rL}>v->.)C|OaIO]}z-ک0~)__^]#T-&N2\+܃2E"Z3<+9QN d61x"G L|LthGujD ׹v`^PU"VAPR3 M"pmPpcZy쉧 YD`+ip:y0'MLZUrȆ-y[.zNaJ}|=Gh{,uARSCZ*d×83Ϝq֝e`|lqbaaqϻ Nt*qshJ*@(>{@:x!6&T :Rܚes%DmDD\N~Xgxɟ_{VSP1.Jb=tpF)@ɛzܦmSxT[y"u2;& @%^ep/iJ 3 zd &<8hgkI'VoגLJ*"q~1r8 EV`]Tjp28Sǡ,T r`*U܁8CYCMq8Y-au-wȯdl&(U4|jڶOtSaS1>37k{ϼRO<v?,|O%/b;ߪ|}"\ys5)ߠ9K1ig^bE+}RL#_&qIw2ɝ:pI6O);Q,`ѝx"<!s<@8pPQC_Om`峊O*rI#1"$*~" ߮HuAl3k_㖳a )fԓOt3Z LIL^e",0bGG@`u⃊ӭcrCgo:#4zE!~QB`cKc7YElyLf "&#sr &2)/| !:_-eaGGEgW-4HSnM_- b's`O[ (d"p Y0C( z!SY84 :]A E?Ar-3tI.2،*OxdwuW+L+@ږʷGnǧ>^huZZ| ϴ/ӾKK7L.Srۡ2:9UY/Tݞ*45m=,p 'dJmKIeSev×儵)#A½<[K}* (IrITdN#SWʪxp%gj"Lߧ򄟳Xe>اZA j^@IDAT]%nI?w~tqGKg;9axVts_8 >ΏVXK\JZRhנ_,Nr"6Їi%O3݉<> 2'd9'ׁ'gЇ- nO3ˊ΅3Bϫ,<{n–-0phǎ3l߾mI_:Kߡŀg9pH?xP?:k5\M[.μ2NTUX0-D꒓5&FƹA̤-Z"jȸ5@ۖyie%O-.%ӔSHC$ ksWnۅ6 Hɪ&Rvˆ#v݄Tv~R[ `|?)תS K޴)goyoH -Uߤ̖<ӺI82iP5!\B. :!#2AQKV@y+u0p]&GT\%aХǠ$@JE HOAaqiI]A<lA,qR6IJ.^<8?^_wdžKP}Jڻz[;X Bb, 3p33`<m0^c 3,>BRhAB$RKʪNj}ߗWuǭ_D-"ލx^WYa3Gs+— 9z"^w1Eu2? }0&{F'P -wPAC0ۦ`*\37$_hר?qWmq[ne˳qt:SR?Uȁ>;fA࣊N="O!|T=޳rGy>>t߭ӽ ox_筏?ƇzlQ_Y^^z/ /E{\sQ n'VX$R@АQ8 C'AM362SԲrס4ShAfX^ۜBV޴3X[Έ7*% \!&Zv~4nyP=naE'{wc\Gɭݳr!Lb1+~Ggy bu8<>K9vDBe— %KKw w 43QO ?GGaAV̦4͙%i=x[Jq4쒜ݯځh꛵qe*7-"!LQvQV!bm!AL1[=Œ(k.1&l# $ . r{0i{.TI&~`^",6pp^敄cʀmz^ -3 t߾ۅ7vA*quZ p۠,f 9_Ф[&p`-o߶쳷?C[Y?*e6,_iNk;{\uoTON" }h,]b<7?LYlq&AF:AnN6b:1a:uy+mb*VZRw?M=R ^9YvfцM4#1՝/7kE=m:5M#nl,{zmRIZ`סv*[jk) [8l,`k.Fm]6{bGY]q\%WrC"\VCe7gyԡ|4!E(`TA ,hE>CtoO?[;~ ?%|&!p{/}^+#BG!e\(Kt+G;>yxڟ|)2.̚x!<Պ$y=7 ]mxT,sv5336qfu+@%kb6Jޣfb5 ~'74Oߨ}m1r.>)4&.!O \!~j!0slӑcvg,D;4`"Lݴ?mzzTxt͏ܹ .8疋.:oy\o׽ XDND&!4Cb=.wDoҰQ4˗z(x,nQ]. n#3*_ԅ'%. Y)I91=vxC#S访]TciO^xy>mRhXб3@~R%Ӽ|w uXwپSdRF~F g ڞeSuSR [xa,+M`QQbGEbRpS@1\o yqB2V Ԕ%U/W(=JzwHCS姱Z:qY mQ;sgi =U)cېbqH=?P)V{ۻ>?{o?bYxf(? Y/Ug =Z᳄=kyʲnyez0,0׶}uI#Z4:#G 2$lFq|SዄLpb% Ћ{+#>[v\I[74Qo1 <&Bx\ ` +dwTOLp+; vdBv\!dwOl/@._:9xRԗ_ꪛx,`+'`?sutc7ozT K+ġMTԷT.0p$4*^.<vd=q*WyAAbk BhEhia%l2+{OtA*?!.v*啭&_9 vKpm+69@ pY^My97雁7ˣs?&2בx:-Wt5tN_5I[Qk g8Ttьŀ ~&>U'X&Ki9uhM+'ejZMnR r:qQa#\7&tIt,h heۼ9\w޿z-w/~W8-y}Fy?,l33浟 p@Cg,8"У//3٧ cQ߰qcE 57%Y?ayJJf␲}L*ܯ(CҡC n?mvP!k2kW \+|ӗS Pf!gvp鱈Κ{,:0~'9]5|75M)wγ*ݯNpP;޽_ٰN٩EeU/ D UY1MW2{e u]%kkۈjä&bS+ǃGtj]\d&9EmJ8vB;y# 5g,8C6iȰǹs f_DA+cPFfRfz!]0b=$¦&y:՞CyжvBI\ġ /zo[Q*\Ya0Ϸ}__:^J"&/Y'=OHѠA=Yeo=$Y("1DОI*Zkr'DT蚚 h`itǴCnXYWxۦ;z# 3*E2 {hj!8 rLf~<'HaW . "i&4gI 1g!>iM: 1ɛ(kz:{7-~0;arD*vBqmA)u.ͪhmT\LbOuaBx_5E; uǓ5Q&Cv0SZB)l"R![?@俽ԬoslLo'cQ嘋hqPA>&,>4|0u1f\9Fc6 ,6uTJ֡1,zQPJESCj$źWj0bW_sⵟ'f݇2.wxzੰ:wܜebf ?a˖eT4_B6 L5-3|i.7 s3uyr[6?OgLCqCp>r:*J | M|isQ:o4RO ޘ UK{fͥ~8Sn:X4`Lx¹Kd,gqŀ^yX[vݩF4fBi*6)MJCF#6]ucz+/LLXB!~J|Y4 U[fNT$?fG`xhoo@c'3-3E4)t|˵i=I˛s4:2z1?#<99aڈV5MEAy%E0K5Eדrt*:@ (p]"PQCv%3[GpG êM[[OɢrYSp ߻%B;Qq]~}LF }_-tҐ̎u ~aqt13~Ј,m8O>hbhO+d>^& Ba=^6kKUJ~E:X]s!d˨ωy.K"6jɳ{SxHĎ믿>Og|Jjg}zo,Үm[ܧ(]eqZP B1 0Y'' sr A*Y)[MDu˘2 c[&MڅBG\ӼSZ U*ʞ4vJ}opHK>LQH2~1<^ET ˥hqdaJvdnMQ^HX`EA|p U8MFl[)Eįv J sT#Ɔ^CX|$- j(I*2EpRQOF,0^! Ks h!`?d=RwkmWUe *Dꡡ #g(z.ty,7H=޽/:xh¡-+9i!OpE{BOro֧/Զyy_4"ߨ ."f>lqI=[lgҟO7l޼!Y{8`adL'r$OJ3=L]-Oo||QN9R@r'L8"KRWߡ~1_t hg#(Zf8؁M@6IA m17;'⇗1ܫz@ q13<3{Fu1PF[y'$(}B}( (d񀅃?hufbxR! 7?#u']I *r[t*f.X$a&TzTx?m(tʃmFClFeY"An2=dCƩç+5]mqQ#d*l0ԸAmѩͤEκś_Gi8WmL%/4|\h!JOJJ_  'e ><krJ}z %M)y ~]6w~w <򶷽 _nܸM;k>}Xѳ-[kiiˆj-VR+XԼ_hTTAIHzhksI($EL ̪=hjň,>}>m( XP*3MB+AAD^A3::⢎jБCS8CEN .,&R,XE8^xPeR >[)h[aG3^LAH&~hmFkBLj(ɉH(U\2ʦ;CR˖?YO?O_wwH6z݋~/k0xt^em~LwCO8:ՇEI)3Lз+i ]{5E 8_=MW1$[X${''X`A|¿zp?"*+@H\%ł@36Z{(4?嶭<6Ft"K ߈tb]y>GQ=2.m~yKr6O_2фa%%aCkYT6},)̬klSwPc!0lGŠNƿ3eOw9Ihf{k6 @i{9qΠ)p~ s.d _wB e@@bw׿[nj/Dtt\R TAUpª.+>`W(hMzK 8nLsh Vx$J-b3=TPV,x11DP-ƅMFCO! 4)D `Qv)ψRu0]PtJ}вH}Q}`IAhi0+9ʜVa.6„x7 RLam 8 r<'4}C4 : YE(%w;HK;0YhZ`!N2YO*|PP d O)Jlj`,ŢnC:1,;N/:sCeت&moo`\`.K-r/-;PxSstW]Vʕz4PzQ rs%'*~&l_kL֕xF'"V "@N>y+G:CGGOIǐJ})`v)#k:!X>.=p=k_]i]gs7e#h =7MSV5}m7Fbt?GT2VXܴ|'eMaU%XI5bǔߨcZ]{x%dU{ 'EgBRL>C|!|Y95Ş]Yr{^"<0@E^)-~cWw}={vQ}E6ۼy矿=mٰaګMZ~Â!E!zW{qUFj[&9 Uv_vBRb \YDS! R˶2ZC)ӴUȔ(v͊r ǻ{/ж '˅L Z`$ (جEJHy ,Lрz,#vz},M7iE&BOCA7+*4vX6)fMSlu.F9!8ODVH$J2a'/&k"[=2x_ۡ2)/ٰX'd46t'tƊF*j>$d=iRy.l9Ȧ .2EF*p Q px?"n?ic/2O#ILV3Rr\ *ǵcpR>YL6;?ʌ_uԁjyg~Hd[Y?砾ؿXV'~'5;ER8RO|q)s ;tToq3g?~jΣWǻ:b 6*MyI%tj*a,lJI,pZeZV( _jm19nCXY'ZtvYڱsjWL5>,rb ,դbtؼ$ Ō"Y:Qz՘#&ie?a6ə2Z miFTID6Q*cX,ڈ~aGP#7yΚk">(d3ÿD^x1v\u!%$(⚢̵RfƟ z`̈́BDc C M&BtMM@zdƪX1D9cd+Q\@lr)u oW{qߎ.暛1x(_+-!ND 8 fn\ MW鋸z AxϤ?Et4;. ჌O_z-<`]AʨTl) w?H y#mf:!k^Dʱqt'|LoU@Ȗ倝|(q(Ƣ_ =&k%Y z7e{CƶΧpecekS?p-i]_)T;l }BN%OUr1pZJo:OJd8Pl 7& 2{4~,/-dLz \V,</U[xt&ĝtiiqEFW *e᠎\ttdଥ Ë-  ^!#a <`1 3lrm_< _yB qq|b*)3(C%?[ 7ܱ{u8 dbњqK`TwY/<;+{zdǏ\MsKXb=w|csUǶz Ljg܊r:: cY%g~/Pg yh| + zla+ t?~X9xw%iܓ728xb|y^uj$9 ޞ6a# `NL Vq{=Rf~M7mZZ$nAKGh vԇL[?4>9]QJiiy AJ5ǜCShNb/W&0(68<_CpHd<3Nʈ)boH@A@u _ PM݇OѦ>65yu8XW|}c"b{LuTiX8JR;O)m*~~5~-2圚vYHRtc lQZgٛUiaotR3("A@1ܭK"jBQM l_>L?O9}W  >)sHHqK'` ]YBإn 1pAٳoSqmǞXX x/ئ?^;' +د^?`Ⓘ:v΁ j=$ Q%V0cV n\(9hƐQhM5fjT MCry<b׺$dq*;01Jqej";<Lll A3l]̅ˮq6ha|R"C%`=p&zjPssuPk 􋶯4X\C.}QYj!f~uLԛ?Ws;]y6Wr5F'&xYkI k8/϶"_u _2#S?>.p=˃2!5Fc#(PxB1a еe+P/<6"og/2$mf'2 !Go7>-[6.n\^~P;8g׎[gmݻqֶ}۷nڿuƃgm۲yC.oRݿ_~fyUA h cUIs>9?: {%=4hQ;ba 9u7L-i%GO--㻎HHg@k(_ey߅(>óH"K4ݩH 8dꔛڛWߤ%kHŅ}/\sʹ : nU7y-#|qۄ.;t/@LKS>W~k yx:0X|C5wHlLb$$^7%=vV_ a+m0?Ճu򻐔?+ I~ 6?i;( b_26N6LX7k팉<= {Egx!<"E `k˅;{};50:)ȕ)?/`jBl?FBIFO`a醙CiTGXqŶbaBIvxq UuleOT:mCue&[7%`AMSt#O?j,AR'6-ADRRh%7m%5rYr6Ӕ|Rxo}/l>p`e(ݮV}Zv*Y9 8xَG^m}O];}B8~-z!m㉾C ƑKwY+=p -?eK3rTW2qȽP Oʸҍz^ߔ<ҋyFIEW7rb.xe@^- !M8pH_ p]qƅw}14!"Em* @6?]vXZF4&g ldtqQź\}VC@Kʑ2)ny#z9`+ߔo40^(vHbcVa׼)Ɖb.D>dcqI]ڂMZ֙Hy{6- .cjpA0i'ܞӚmDZ2O8݄<&$`. .LDnmd9ׇ?ȴr*V󢻈psE+s7_ogʮ7nݼv (ݸcC7m\ݼi%TGC:cPL*^XvR&'PG9^ל&)ѡG_Wʷ A RjK(ߌ7sg‹ciBfSG3X3_V=-`?ė,m}QUr|oj}jC=moО믿|i?'wv;CEoJo.K9Sf{}:qq!a3OW&^dt#ܠw8nB>Z`u‹P+7 @e,s%a] =+i 1>t݀,R@ , ꓾=Iz":Qʟ䅌lkѳ~#jMaz CN'ac@Н^RJF\xѡ{L,|9z:ݺw_7[)?@۷7H /E&;MO%eY{$\X,hƹ!:fо1fSӐimjCE[m[?>Mu|p4uhz,N4& 2< ˋ^ų!cSl C;pz}#LCD4-ꈂ .8gק+&!t241C+\'pҷqCӇ[U@@IDATӏs9H PH@&NUxt/(>ݡ{x¹RE˄\ʖKg AO:(#-O$% Tʧo4m^`_\ ;$:BB,&_R7g@7lKС𠁲/iѾmӬW˴60Q~xZQ:Vhb=d;u0|P<_| ɌL'+xpFelBow뱄rk alq"2#(s - m:-:S&,Z,£n 1`Թy|̘XlYxu8==.؇jn|9E& B& `p— 73syVj]0؎AE,\xzCji+5PF mt}` osYbO $0]-CdW^[9FkP%$&a)Rņ+6f- v4$-&eUBh ݤ=sgo=Q"4khڭ޾?/VD^ŕ ,t=.N7y~QwhÏ?J-l4-uP&~Rxv!},N#JDz@8s5{܋

pȷ?#Y>rǮ%[B@BzIs2\ti= G6viKxx(ع Y9+7/9ʷQ@ߏ /2)pzr/yx.'Ei,g]bxƗ-$~rX 1t\-z;=fwܲя^>W6VmŕXB<7+ͫ-Inh5|t$#YhCv?+~Bf&No\u stK<,+nsvX;)4 7|M>\dž&w yJLYCf\ E6/\Jk 7uIPCb?)*YJ$dFށ# $>R3qפ: 3 :ܸe¦mi,-,ze[270/2 ?tR&:>@F) 6&ȍ l$=tb6h 4(O>-#[2@vxz-$__o = Q2U w$}E_zm(RHr[jTҙ%7ҩZךll(͑ux{W $#]©HNxz6!^V|n,`I|{WCVO+w8d k%2H+$2&8lh,fۯ|,:'a#p v-=P@6aSOԉlGa~ClGRN6ӖlOLFd@|WyCS=B_,U'w(Cʦ|Io )[,mmr4ˬ,z.i@i?ш+WJY&Ǵ81qFW(EJ9ok A?'IȻQѡ{`-0iKB#&\Į.E.2nbQ0jNEd/<kxZv!O|A-:}=-[#v*RDz@|䕯*zø'G%ȍu'Pl5eR=1"i}'A';D䘌&:W> * *XA=#f t9 G ]!u۶8M>rUk!G{8 R.[Y=[W JÖnTw.L}cg-Er_}ǣ!NWe/Vy^vX^|ꎾ츞qv\ )Zvt1ˊ1jI2`Y ,ZY_Նͪ u>I5(.![<vhS\Nl8o: }H=p< xtRCB+UMpHE(1k0K~.XUzZxzϢ=RX<4^!0&&芇l|Ojagf=hSl;l[E@ SU?)~1"Nk0v<=|*x᏾G"}d4^QJ_BnWPȑw{̛ٷŜmʮ#oi'?wI+["\(cdE_)1VK.ґ,H$*kjayr3 D=0L@7!;J|͗(vke?=N!دmV|)d̛:`KS>fB6E&FMHBSy"6M 0;:ݭݾlnL[m=䍪sf7AeR-23"xC㥍B06$Oq7 '…`Pi;XR &3Ėz11~I:- ٖ-G|+rصۏۂ|xcKrخ#D?rٞ(gf_aCl1?DN;\=^(AC@@@@ 3bvO>/U?`,_2܂ʒOt) rv.l<'Ln C`4gR_ kɪ-AT[𱗄wA;qLEzB'AN ϝ$=B;ޓz#W#ܤ>ɢ>θx|qyMv,r~njNѧ*#g=7鬺rc9b Gf eщ28-nȅsiӕ~8#`7Y#nDzB >2F }<Շ'@ pmXд@ze%=EK!.BS5oN! Di؇R͏mvH^TۖrD3l&att>(d-B^ZQ.PgkL}-x1͉jB( 528T"5*G=]t?Vrט6CǾhc브h17mAv0+/.Kac@^"w 'l?G# (C@@@@@@i`| Ofķ xR^YGex*[,&R2qPrLp1&.`3߁Zؼ{4N&zoZ2oV_۬>ɀ+*NlWNT7(W[Q &[Z!?\RƁVݖFN06a|2asGM,|/Cru.T2.p>aSꁉǩ%,$|ԟaI7*[oO"HqO zRNj4?yŜS WH[b"h/2AR.P|fޔaI y)3Xpf?/'$e;t$L:"QBba 9KTf7n:ttܬrӅ/Ĥaa,haWnx_#iw ߘXW)y˥3Aڴ )\1ҙI4/01&vD].76g9^)(l0GU_*| _!aꁓp@OmeEB۴p6x 6#S` B>!zarXEL+4@i&Ar drL)uޯȒu$ci=臯1q <`3㇅k:tt0O '>Gg瞽CCO@ppza,JH!АegKLrxr44яWra um/f8㛑6G?;|E9ף4D'V`T)d{?=pp 't818% W)wށQҡG3D@&SiNE@sQNrPöZh3e U'1̓`I>e/TYhAlȦmNX,?e6Æ4&1Ӧ,;˗/Zjv0y==p`иY4/xFʇiJɵKQ?8Ӊ|;:#OĉYgјdMOL ~c1 frЀ5: H! c[h#BAC6a'`\Sx~گ5cd1=˶C`4?hW+|pF*jc"dU1b?Wd\d1`EŢƔc̓Lgct?%T~_[fLl4(5α35ɟe,qh3rZt&IU_muٟ1Ǎ1@9C[J|R `#^pQ?.3%X1ZimSt7O3 rਞ! 3牾'Ak3r*+;atRx6OGRdzJGgB^K==p<xpm5laBrvG^q,FixbџH3t#6Aj]])qv1~zlLqdI jSnySj)68vB sd,!¯^%]ء{{{{{{{=p,y뽀MA<`F)&H9 rsؐSԝe&hO ==pj HF&mOG%gDX7 4 v ˖"v‹ rw Y=======pXn <~ i 6a1@F*3qGٴ̣^-@ғDd7WMC ,HYC3?V۞r1/s~ղL?_ٟExs¡q*t8%^%o>S8Lo~C::9$4#m14g֘Dc:c ƸB6t8<@e+! )dX~k {=.ެd'Ţ1.3>qNEyN%b|+׶(Y176!cXgyNMvN:wcJ; ;LHʮ-6 t# e LTw*0)5DA%)*OGKr hZڀ)@lF-Hڦ‛rҦcu8yxzrtIQy&L(cz{ tϱvibW@Lc1q _z ?YJ1.y15Me`Qh囋UYyt8 yAʟ<%@-[##^|?% S!g@6bgD pk#XʵT[w" -cRٱCZ7Hѱ>qgP~@LYe"lϸG0=v ikhˣsę_lێ<c9Ȏm3iqI ϵv$W)/5:ب2y.6~P6 5d71.'[ ߤƽ薕 |g:.GHʉA- ؄Њ>  Ec:~-@Dh^#Kk?f8l#B Xxo:tA`UB>!Ɩ)|PA^oV5 Т gMc 8$c_R*f KXkl 1-kg4S5ұaeouZy) il8~M]6^^ /*{(ˮ<\F9H (%2)f$ŎIdBQ Ãl+N%Eq,)K,+bH$%)p )AF7Csuy}wԩ[sUo>>w{:ORdzK@fhԍ~oyӿs7|PE\\~% $>Gjs;:xD@43T 7YOtR;KIfw4Pqx2/O' ).r);V9=G*:{qOuUU{9w? L 0=Iy_68r s.KSxaRһ^;Ak\%嗛q)yݙcWw^E8rn$ՙ|KӴ<+_ G\-koDv7V-Tm, 4[U^Y:%uiPNAZy@4యf܁_Z넪L2Jdҵ?.뼕F27ZAՐGgn$@ r 7 eXQQyE*<U c>sSUq~V$ T:ʸ\Ԟ\U25u|)r4մT_#/ܤ>s=ؒV\{_qy\7NKզr!~ @HZ} Ӡ;Y>=q'f)tQ4;Jg0򧎙 T0rKlX;OZ|<32L`i @q/7'|FFpYSIv6NJ@oxoa OG{~{'odw^ԓGi.[5H\LNo"45?ze@:%N|EݫZ&Y~g;kzE3:ip2+$w/ח?uͧ@@Jsy5]í\s!{iUqqWs| P) qntQ-}屉 SSo{iWzwqYzV~6n^nH*S;1's^mW扼ey]sAkˍ:Ol\$/ *_j' My]onS7ʘmW^oſ{wq-ro)?'! c4UzB$h~h4$]6˝J,i͒)qD.:xvklch?k,eMڅSo|?Prc%@`)2zzFloGƾ22:8n w˿M%6viOsYܼ??z+>'|OE\qYǹ-sp52ޔ믖 m@u=uh_q wO.`ozr1aUu=(nV;^ ]swE}Xh0',A N ,SgU'VuT fKZBs,Kq84F$?ڢc8؏\w*;.SUG;l?%{qZ/&)RIi7E @@wٴսʫ5== O׈Y-OCV7(Bfx%)|gŻ5ȟf+qP)dTDU:pL71DO^/7GZvoho﴿RyW̦EY{|Z|f;(~"\sOhKofz\^&O@:#N+f</{"!3jq\wr-F\WÊsT-g 8]Z ӽ|岾 GV}?e+z?Α, ~YrwRmٴ|ܹ'GFnQ6ϒk4ֻזּlP- `@+Z2j3ޣ.7DE%pYvO wtԡU߫޹:}7CQNu9T)SZi!ȯSӼB=TOw!Ab]#ރa+|͒|:֋~^ҿ.1@:#ж6=#w!OR1:dʟD9wrUZtfuШƵݾz#Eϟ{#׳qmyC+ϟde?B`Ho"S60aQLJ;w'jKӃiv=)*IzW]hy$KE!Ŕxڛ6R\N/9_upJ>l+בN;9 Ο¾/٤x?VOր 8(oF;Ϟ$m:{[  tpZcqkD5:e)H 72:.SWϓMJn_z| ැ_~7 @IDAT=>MSS^~qеuF6Z)KS9Iz\R2y2K.8ujUޛ>W[ҵzO_nVj^z=Q Lz.Y=XΆk1;_/\尽~W^1okPd>"c7I2  @`Xr?ߺCRo^J .wR+W٤pZN(W2l%'2G8U(UH+wĄ)/t2m%)9wl=+<-|vSRFv"+˄?ꨆ#vuVeoE{.T\'Yk$^ҩn<)2+9}w{Y柛ҧs# !+fri1O'zOv=:^.o=5*<ã{9]41c㬖p߈{{UeV0+I=^@~xƿKc704-[ٳ/ݧ<\uZ{rB b.k:+%v#70t㽛y>pa_+v;!SmKVn*ղP;.F[^])qR[)6O&_ ?+<)NXu:Q90N9~Qd'! t0?iQo{K2ĥ\ޝVK[t;=i6T6T_BeJ8{K']3<-w\mzY<3)KT:@@Z0e7Lz=ɐ7IG8a `^zkDi~:'UatZRPG|#C*qrZF~T;=S#OOΧp'}p{J),ݐ(׸ Wʔes#rF Ksb_H7J" @S ,{Fq:Bve:W6%1b30NQ,t+o̊%aKmFSO|v guoT~',@/tGߒ"f`g [rrl|{ƍn˧OONNGvɀ#^BMe"  ;1tl\k^DMys8TO.wAS\ʺM>Wjz m]7s|Z)k;گqtp!{ Iv˟rEFʒF`H_Yڋ<~\K=|I@ Ёq-/qSݙÉN ;IV[27[^*눺*[Gu-w;f&U駥z.@)-!ja){ZMN^Q7U@coƧ PCމkèMpΗ*[{1걫6xEBL'Ft.uA9o-897\eRA͡JK*8>kVِTJ," \¯ FxH#ˋ@ )V<{~ @xt9NX8ӕYso=zoqZxdV9]1WėzE_"M@&tD}Z-GЩ񱱞-7ɓ/clrzހYA%`l[+.} Zx=K痗 R\yxNFsU~ߍ@2(o L aIjjv~KWQ)5a嶖|Λ*W7lW1rTUYdDB yq == ^fٝWq6D" ͔$?gƯʇamס0~Sq>ISZG9Ӑz8rÈ|TښrŸKF Mtc|:kOAyp}UK r?;ǤK@:@Se?7Ҙj{)sSR|BH2@&pҥ4< 0!1=st柌Zeփ{փA޵!+ɘlcXanʩ?a_'0p}{=u^( KD]p*4[P!ǪOi/EʀV٘]O\&ד6Km7jSa_oLEѵ}HuU\◯Inqm{uyE%W^:/*@3RmٺI}@@hu4cCoUC1ul7Y_/(KL5? #s il"C&2@:mWzXA+Mn6dcv,tGd^qV8_WiFgKC8_q8JQ4Ju(2պy#O>iAy5ze*iNkN*5>ȟj[ߠ"]G!,@@hyvMQib !-eܡNLf;pJN^KXYwiH.@` Ȕ96y訷.Rc2=MP0|KC' .[.z0lyƴÒFu2ng^/OpоTW81n.)9eR|9y-ol%倄ef#Fe5^Ib{|޻ռX  @÷s^QlLF̸7s3]_Hi $?'Gz4l*WnZJV1f=[bUq89=.&CYo2s0:p׌:Bs>ji VZ*(ڑ)>9fcY._/epWN56FWJc- ~HߡoK@:@I@ _&isjcƫ,0Er@Ư$`]ua\H7|-9)NyN2zVv,1\䛫SnKNoRqZph>.@U+RUw~ߗ" 1S: (܁tu^܉i%9ƜQlgS;f& ^l'2]0^˸lAAj@ե:0 mihoe,`R쑤n$~ǤLllW4ښ(4ˤ{:Na5q7jOJzړR 6$}fi9n۽w;7*V{\nE< ůI VnK\~z 2ܓ*6 (4Xmzưݜu6vGLyMnWQ_YUsn~.[z.yvd:'TL-+oK+&'߸*P}6IL #OyuVPW}F>g-'}6iZgO쿣SHݙ"E :n߱iX'[ɥD4o89>Ÿ([uur'L| v:L5^ɐ.DZ {Nu8bpAKjܴA퍼L+N%}pv]ҧg'@@;h ?T貾Y:hGnLԖGZN]!.l}Ms\!&( КZY>nEJ7=UFPҋFJ+mKn^Sa," cAq8pa+Άke;MiɿfImS=h[PZ{v  φ U2?xKu\#Uî'ku}mz*˖骣 ǵ"/8O[ Il#ZIf#uN#ӆLy6S^ŧ%הseN8\pʟ{Vzy]GH֙+}:WW[3^j؅Զ<4X&ZryDe[Sx{9_zk/I=@ :vt*j-ĝ"ގTz1H?@'{_QHņf4)QڸF ۴^oH9o@Ο;c4<98Q;Mn#\uMרffy4^l42_\oo6SIʛ| lRwMVi'jL :au\YuɭEH_u սҟ iD68>w'd6ЫqL6SgU6+MRqK>%Ir[dXzmJ< _a;C=mpyvWi/{IƿC#͙Z/g;z[_!}  '0kfwy⧤ifyN|N7zԳE_҇#@d~ TIm.oF:SH톦4)l7`W|*~R*SjK=k4QղM)x_6_xV:jqpo 7sl1EOpNa50:x?Y7q@Z@'H}@Vu+r">J}@t*x!t,Iԧw*08WWeZŠMƲ V$aek^q HoΛ Ignm^F펷?k ?QGSQ.\/6w)WF? @-Hᅯ'_:ųYBzV+@&7B 'I';pZƢ XFUeԍ{` (]y? qz Frj;#~p7uj_W2hzfe"OQ>U8˫),k]TsWZ7r@Z@' PEܩUw^Rrݧg'y@Xjvac*l>J[ATuZ5tA87 ǻKnZUC!(n$DuF4;^nir~K$'Q \4`|xjU$f1zFOW5JR:>@뚀B^_~wKrfnQoۭ)+rjW dqLy)Ys:UcyaGIUIKAr8_% KvWDz2UgpQxT4XhTMju? @AVaU_>Z'@`GY])2>Ql{2lw(w_._-VAjհ+P؅ӵ"=qV88w+M_nf (n*")R/ZVQ / @WMhdWgvj_z?@3 035BukՆ<0` sd5V>Kp7I?~iY9./e|=I㯪qk÷=9Q6ǽU#@ bډJ%g- m#B*#3 my*OOoh64a^up4Y\ٍ\Mm:G3&Uwȱ3 @h5 艸ev靡 4%F!@ mJ?6AhekU"-و̐~ᴴtw=y ?;O/ l< _ռQۧ/dAe $烌^yٿg?#eVcnN@0z4 ذUdebxw1m5Ft:܊HKQ6}\t:XfV~/"8z;ꆥ @-B=w{C $Ib$p%H/.8 T+q򯂡_  @J`Vmv\n̝9W/HG/ }/)O>!c+ |xB5U76إi&,W{r(VzҀkkr?tKpÅ @} t g8PF;;Վ%~XY [R'k}_'ZW(n\|V>I۴lŠ6#?[U]Jr@nk:+@@?yTV'=*o83ᨂ_j:3[G@{XD)_^ϋ(Ylt@\ey-y 7vYK2oD[(o,QNk&5:uY! @H8`~TM>!ץ_>/@X=K"zs g{R֭2E,+QG.}t]feog Jc5ǹrTreW1pr!@88iX܏Kߝ7V '=Jϩ=Ro+ۤsهA{}oQ؃A5:by @˺TP%  =KJ'Ts@Ev{z@"&0"oy}A>y^l'2)}@=r.=0 @2*aj ?:C+@hf3J},yR1O֌YjWdV$^i ?Dž @ -: @MwA,|TY$A7'd˵-[J)uЈe HB:zp{Qs!w@m@?w*cR #yA5^[5`#? 2JB оԢ:VHi9 gAMUti ^SELrj^!h_̓ " Z@d AijҦgz_[M {E@HcSQ_5sEn\@:T'@hWSZC_I.(%o0Vt-/ @@Nx t IHb~H-3 dk#|u@IMi"!@hK<0#4MNӣ \$^$-9i,a_P=\V`L$C :y*j>'  ?h -{\NHi|$HHOJ Т:ysbi_Ӌ-,h @`9<(R^4{J6̽Du X?x|E+O1D @hMh;|U " N&mOUnKAzJ\ÞoW}Q^/@@u}Q@U%W\  y R?&|=E8 lVژ^%0*1}bg w] @X:Ό v!`2oIgP8ɓW23?U GTeX  Za@ ߕֿ"= O># -hv_8xy92}@_ @0B@ֈW^V_ۤiKP_M  @ך p}@'.^pgR^Jo^(swH$@ @#a]gzbJWU @ p@O >@ Q.Jf" 9 k@9]-"xgd& @WJF~k" @kI*[>!ňOWJr1@ @@kj1yBI@ZG@ ЌPKid@XY%!@אg\C\ N}dyyNiǥ^?9O> @CZg;JoJ %@>@hvIkmr?!g/B bثb@Z@|VQzZ5~@ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ tnX!e? $ZZѶE p۴B @`QT 6jǥGeG%~R̲k  @: 7o^C܈ܗzeW$lH-KiJ]#h&hF8@ #@=Rn|36KPV6OJ[`  @OagX PH3齽S==SSSM[nCCC02<|81i_WWW1<<\;v8 x^6Ů`" @O$3/4?u]GyKqŖ-[966V?^,}]?wl199*ftŬ` " @OAgk3ۻo> [߻?3L7vG1ĸjlٱc[S|Pww *XJV4H @@`m ps{mz~L:Kpś @I߼yk144X zmλ.nv4%̿WXy4;K F @hq yOLw`^[~-lwwOaFŮxw&n6#  @c5+A`Y iu/?x.[#oz4lᄊ=^_ Ff(\RO̻R੧:\B%uRVM  @@`@<nTguJ<]hig+v=g╗_@A/39192::V\֍VR*x gP-V USu>k7ОK|3_!űg.Og 3^j_zE˜  @`6ČO=(@@18rr OB`ll8\1:2|?=I5"T_Rqgm{M7ߚftҿ[A}&@n.; yonzE@IDAT  @ $Ut'ol񉢻8wlC_8`9S @t'-YW:cߧp?g߇!Xk^ sxJeEs?'\A|.Wܓ J  g33g;jި?>H࠿ H*nYQ{tRS'Ԍ&-QkR @```gء-36=o3q~k_n*]ZN}-n9[Y6Ka @```=pnwAoWߘzĸ? 0 72\C^S}ݞٳ՜Mҭ#^)@ 08;'4}ΏMMN?2r%ɋ"XWZRtww?wg||3rS|2ee@  @ p`?aoV߸|!G!=^o?V&008Pyi%⯾xH= g @@`@>Xnk_4*2:X 0?PLثlݻ]>^ I/JH9#@@ i',@e_*:*W[=W+]|F_xFcפ @@`(h/ۍ@+q6-j%oyLcRV@:D`|%+`L߁^CY  @D tS#|tHHq6Wl> r6;x+J}PR  @hw|ݟ _*N_*1w .nEwWWqB[S/؝o҃ҏK|%@@ h'HK3wo߱cȕy?ϺkWA|h=(Sh%@1888$_2&^ /lKjyA:| @h+lhEcW@=+G$0k{_tԩ Й @```XϞu-ojjjV րk < @-G{$4h 0@s oI័~Dz1)@ 8[6/+0aCصسjz}C v#@=1ڻXXR@@kɩ<+c'sqV @  M\/ !0"ʥ>- R!AA@ @@`՞Y) !P#l6IHLۤߑ&E @Z-@hβ 0lt+޾b||=\g/J= pHcRy+ @BVyc_)AC`Օ./^z Z^雥7JuV@Z$hr ̘׌d;;v7m*)v]}) Ȇ {'''^` NI9@@  Vh mrON"j+#ūgN_}75ԃ [zBOJ" @׈F x;v~KFF$ pp({ւ@wwO1aCU|Ši͡_2{9j> WΝ=[:r6>?\U3[nc濅MYX ~=w@@k`Mu/wqӅ w@g^٬5!JkB  0 "2՞x)2No'Ds ,a%* @֎?τ@ xN7鍣#VwC:|OWXqkȕB&Rw G i=ing/)?v '#M  @kGcKͫH@FU}(7|k&p lq񢻫;trj2 }.v­_M(b닯>BIx ; @WW2X;U˽##'&& ?x0ߪmJ@JW Z@ ЁaY-_K޼ۇ!냀=q"M ػwߞGj1gcu t:!v- p2{9ß2o+N-)kRD̈́4rub%;lrHW, @mtrߟz{*nNoxO~sIk`?\}jiB`Rx|tg|BSҧ @*``@RВ!p83gNw_|)]```0),W^yyQȵ%ۓc{9 > @:!:yv2=yH_ xVwvy>W:R۷  ݆SmwddX%mx 4gG4@ WJj}8lY!(@csj  @`0 bMlP/ׄ5B088C^n" @@-*քsRhAk @\ tm;|l׬^OC?Oz Һ8 u - @0Yϳ^?>%W:O?y̢? xUf,Sҧf" @`X4*2^%@we<}viճ~'N^2Z @@` :ktxy_X/VBos3A֮ @:|zӫ-u6No'6 ~S/b T HXԟyhv@ Юh'a펽vy`tt/~[@@6HƼN:Y|?Sګiܾ}g?\w}wHk@T "W  @+ QtU [GLvCŮ]WbT|+ ʾbVxEVA-Ҡmz @Z"  h/4Ci^_X^)⦛nM+JPZ,k'| @@ \ ,VOp|1:2uS_^8N{=hOG6$%X ]0z+Δpݻ$"?䤷{~>5#r-^}'O. B *0^}w=oK}Pd,^YlW8ݫ$ۓ𶷿kcNp˂Zy,ݧ(JňyG@ e``Y(Ze?N+"gN3 $088Xuב4} V~`1C整eߐ\o @ @ 0lt\%;UϽ##'&Dë߉Wx5h_c֧6l(04/w  ۽kw2{3gxl=gRHqDLAX_$)Av?}{ ВhDz}z݊@ѳA\ZP=NݳعӯBQ. n_ʓ+Wr*s|[_~J8R \w i;5~Yz4+/@K`%K7|"ߟ Ľ>6l߾s=}36,V31^7mt|Ŧ͛ݐ={} ŋGs* | I:3m/KU [  R,[ꗤqU[vF @E 0Тӛ{w{;< \7]?}&-9]W==O+}529߯k536=KYw?c-KO8p`w?˪B-O:oߣ|ۊߛ+f|OK(}׮+t@`zigg8מlN ]xOTkhW@nѣO;ZxfЃ!]Hj{䖭[G ՙf Z('q ;qw=g_.ҫ93Z5!j:ýV׍_-iiwmܸ钶y&ܐ^zq+_8R;h!q^~]o~scJ.\+@:%Ndc,U>p2|ӧ=qt{ۻrvz' ӲjRc&~Mj0M/~g?V`jIo}K嗥j͌}{ B-Ou{׿ZR>'wVc[({?KA"]ԃ]^ /Lߵ3p~V@`5 04k)= ##i v]ʍwTnH $voY>_H+bSm81/l׈ʿ$ 'y+d1+컍Yz+^X EW{f36J~WZَKC6Wn7|߭Tb}Nj[ny~߁]wxYKR/>m̧7nv:+PI__[X-hp/ e``(B49Q?V=^F f=QUgcf f8z7)nsřW_-oOx"22'[.^8ψޗ[A 2dNspY?bE40/_Ŀi:bi\ ri=Ib̓eywQG?]ȼ; L&W>Ӻѳ)yڨSލe_8gd6/[fںa~ @c'ȯA2ҁP&:.XA5,lsm NfvkkɁwT\P¾} x{MM-cJ}s.O~2}Iwj}ߓ_3GVrbgn=@(`S -ߪ|~Ü`$@ciA,gJ-w繈d%Y`xч q`mvvɌFP5hzgf Enǟ{'.!q!}si`N J|8nJd<{wϯshtņ@xp~a>j:tIh:dL@~6"9v&xqDNHq1?AoB6d?WC_3?!moB_qDD@D F@ ^@Fgpc}>~p}cj LFd"ҳJKղ~=ٞ94r,q} &v_xn ls,/Lo'Ev#p䄜PzV>vAɑQ0ߗ?٫*;C;CQ>N|.A x?+q; W_|> |?}sӉ')#uY?nfwx Wa+p/.QL^Ceh6x?KP:w>%_+T/\A08<;Jz Z^UL$(\Jv{ =?Kr'gAH_cC(SxSrɆ3$%ck53{6lE>W~O(k)/1@S$\$HGx'v2%#_x͌<1s֭{Ӊu(dh#Jn2l=sde$wxvp|'Qh7^z9ydlD27?~q 9'X7ˡi]΃(KL>zo rD;_@x-Ͼy{v>uP?gy95'6:{}ۈ;+8Ϡ7.C%" "@uwunnnn}[˘k&?01@°`zƑmFدt L=Ln膹Q=5hI\9& N 3/yI:/'NoemiI\j\oH f.!O8\5=ms;0}sZDZ޸LvFyy'|ᇚkOZַ-&a2֭&r~A&o\?O=/zkGb1kex$L>Ww떭/ߙ#Gqo+FGG8).b;9ţ'L{<;#ήOw;߳c)㛹!9!`vg?VI2>a2_8ϊU('?u.A28gIҰ<&\isch`dBIFv4ø,qviǏ?F486}ĉ?qB>w9':⮛}u+gooIfP'mB ,W""Pd(sXUeK`]sN4dEyln ވ\Qe[.7V2ƍ]O?{#=gϞ6wm(;xF)x[غ޷t>Whgz>vפ;Ǔzp].u>rCRևs"@O9C2ČcQ ir8.9 t j_c/Rz`"=Z_ZaR:8]4pwF5$^jH`n޼Q5E(s?7Oy Y8$͸ ` dOD"4=%l=,=w+b+_hE-K?&b֯`47MG.'u4("`錃,!8U F!Hf k.7,xgJ$pĚ۷n1ϸZdORLC.k5|9O;۶ؐIFGFDvqPƶLv2k׮^v1F"Pel.#&;sP.䓀 #?_|?Buy_djXzk PQC//yD73(n>ᵞH85fv/SFU 7OԐݻ&_bI\2U9&vN؝OzY w \FBGD x2X5Hkܸѵ!4l{)ނ[O(;Ͽ֡j$Un#^"⅓WuE@rttt"i6!-!w=}@4bb{5 1TZ̩0:6jp홀6#O.I\ס|d$u߇rEy.# \z Vboc]]x=0uu tSB?B`zJ \Dt~Q) І + `m?'@йXgW;F~KW,_ 闹H&5 P.QLZ 2ϝ6io^'m(@IDAT,ǵ L0Iq"(OssQ֬YkٴI7EpMރ<(W KEHlѹȀ56`eZD@DLϘqBƾCG.}z~Db]v[.~6N/W`=@Qsf 0+7|V^r]o1e$0)H]]}8pNR.'ap2(a}ȃ\dwE亞R-/F5<8"CK%" {N…-(q.'  3WU%{XRmw4ܼiq <6>&ٝ;޴}F0W?yiÉ? ."@ 2#l$u?hQU./$=)$fp:Lưl2Nm42{_CFa@i,zM8IrP¥428a?'AM?b.0"`s\{H}$y9?^@jkΝ|FFQE ddU9O;{{1{2'?Y kx(bYIz)d_SS1ɘjI 0dw!\IjDqaGӿpz὞tWeSOϜ(R7⪶n5)Q X4GTJ7$"  @C3ku^mv `KLD?$ Y.k7mj$! Gk P;f*~01DD@D snۀ*|=^U$@DPd(үZYYzKNd3v?3h8mSSscf#YU8b sO.˲IzNbwp %4: P 駟e.s{LdwP$IHDd( .7j~is2=-A:q-א2LPA6ކޞ[zWQ.MkTG ;'йLs)ε]h "7RJm =(rn K$ l@s[%*TwwH coV 1y!* "u@ ,* `*^D \M*屠$-61]$h7ب!/76"P䄀"rQ@NT"" ! 51rL},;YY.`+ڝ59 H|333ʕHozzzmO)$^W" " Ap;j|M`;Z\\""EVŊ@ p24$u$"&c1h8{VWWW.R^Lш䉏Ǟ aEoLT@yP$@yz2c  1BOLpzK3tdCq[P~̬߰'Ufhh9!lc'??9u!zGD@D \$-[Yo1EHx *!rSE@X s\]]mUUŗ)ޭ{`Y(?y]vwXE Gݏ* X*]D@$@_d|czX"P@1Xrr U m+S{3}fyC8ʕK{_I ZQӸ~Hkp?xk" =@ c*NH l+4uu%Wĸq&%"I$O'[\F\D 6bI#`(3UUkPQAʖFGW@D"ӌ)k{ޏ40rDJ@A~UP]́?E*nmbfZ96mjNiX,]Ϩ6Ȗ#a~}NS%2)3:"" CSF[ѕ+k*zT""2,. g;+;{E -1l74n#~|ӻ ~wJD@D@ HC<07;ŗVh#[8`1tM>0v(׀qO(TH ShRNOO7{T!S%`@.g!?ȃք P_,:*" "733L6ğږF"(Q2Pz}XDŜ sY+_d[?0Y0Z3@!@"" " H3gN;{ZbDhP4CU -۞qzr?Q I] <5'u&!bs,wb1:R"" " Eynqcɿ<5jm̛_˄0edݯ3hdׇB?5>w2'%Jݻg/6}s98)߃/wsKCDD@D@<8jjsGڿ]~ &Qn@T*++ =Sm%ij<ݧP1^l`f.OjO_k\=zt^>aNo7H4jV\*ZD@Ia?U @3}Q(^JD /枞}Ni¤QsIH%ZLfǭ)lF|vݒs|Պ+mM]]}zD@D o}7805y#D` we$eLpNMDSTTaTHubH.1Xl~[kzikde65{?!32_߇2{%hBko|~n UnW<?c$ c&k*Ȅ@+?x:G& @U|v*F]W_oVaX]/(0(^林'У?$WW詧1vb5ɿ+ӕv0"[!zL$ح ?^@+*G# @plU`:D \^AQv{)4]a*Le Ͱs>V\eW37bcX_\W>~z= (_ y2j& @j6z\.'>Tw"W-֜rzsp?MLqqkKu\G,M隫B}~~9 Ѐ>а###+f7Ape =p"I9=4z->=3իs`@XT@LZ,)2p^g<K '-]E_&Sp@Y!bsg_i?䟆s}>כp- Nb$Y-Y6fff\CP3?y?3-+XW@L^.)2png;v*ìװN  \@O.z2t wg0}?nCb9^fxh(Y5^;wm>Ws, Iswʢ|9щ{. KX ix9|*JXjx`!s/̡Co8zX,F,PFT]9%" E@@E0Hjbj%ƗP]uicnq˲nw=sE7Ilo{\n̐wvۈfoyz;ωy9._hxTa˒Tm"b2xpԴ $%i4ƞ_bd̵#Z׉ײzhoMӵͭ`)Yu\{_ +nBp9#{ߵ7tn>'1Dq9햍V*_" ")tt [N 矿 (22ـ x=|]潕!֟?/d@z)|a L/׹N%ޤćr_Hk=ѝ[RwJ:{ a}Jj"mN*`3г=\Ou5 p<&ɌĿLMMȎJY"!DZ{ MDFE"Q-Ygj-)IIz٥7I]ʢ?@=<<|iJ.Krω?PT-X BO׆۷o}Ozal^qxN] p:4W_x>g?r79)ދd'󼻉xMmYqÉ? ]]ص`߼veYH&1tKl+]$Mc͖-lrgK;fph0s@4bnn44$Dˉ$9/tʡ"NChO^omT_| TY8y1g>'Q_jY5rrі|Q1MOɘ)& j dP" Y X: x=~p" իW45 ]5UPy 'usyf..ZN)5'" "X9sʜ?{'o5'ZXNBH@QsLz̵Wlx&,\=Q 6̶둡xCeUeC/_N[ZO?[k$K{o,Z^?KqNʕK'd1Ck3SD@D@Mynq򏥑?'TyMY@8 qQD5 amf'rҒ~db@+l+LӰ ay;0ȚL{&/E\,%}d?RеCq355m%eNc'tX.]0&HyF3D$ PêN-?2`)q^Z]$K)Uג5k^x &z 9rLFSrw\ c8h=tOY(Iʛ[64<[f!FXlݶ!L"$2$A֚"Pd(ӁWH [Ƹ,b;,0)`4-ǟIJiTjkda\$ܾ4_R]]hQvI mdxxI[,:(ƛ0^S$"Pd(-lcy)6M='z&K_?N9gpaDw 8HN[: "؇Wuظ><`ONdll̴_c+N8Љ.8 ØYȞa\ (ZhymlE;jdO@ 㴓5SQ㺩A;'3tVp׭ck4Hu~ğ[.8ɧ]`y$Ak9Ww@cB{ф/W 9OeHuy 3$@4(vgxN(2 s}F^Ky,8bjS. I=?Uu"R]I ٚkJL3'?Z:@XRM0S9%_|2Ɏ<uPD@E@|.zDibv/⩩)s-D*o^wE=gG5. L5ЌP@N*$Ln|?nc5rCD@=+OduA0!矯cɪiYQZlkj1ljv\L4b(4 $" " "  *5SSvb(HK${Þ0+N,X'D6 ܝj]cHL/b|$rN? s+t*.fhqsА)٬EQ$Kӻ~ `2sHD@D@D@D 02VX֍fÆM2/݃[/c#Iy <4]Y<]ъz%H#_u=\)si|~cv[;8z~ʉ?' w.Rcv|輜4b9sʜ?l;PfOU>ޒ4~:s̝y}.RjY8Ѧ}2I˃}}tz9yg9"s7g+,q}|o$ۭc1Y\ظ|9uD}v~u@@2"YdvM֬Y[r0쟞Nt;F9'DD@D@D@! @ XUv7^" lC13{qMMI3,Va$Πs??44`گ_eseA|qR|o}x9'"窱\je8a }Wa@?i -nkw@/n>o0E=<֯XfĄd5_ו)0mDXفP;~NmPF@ЪxU3 BoID n kWAD2\o`W ΟQuR~^P=҉sκ] r0b ]!ۏ%" " " @@rpMNڌ5MM$bѳ)p '.B YoupY󇇇hB$3Mb8@@H;~l; d (2(.@gg 4k.:48`mG6DЃ ?'l;jNMWW9}G,"ߧ#]dHE@6۶}gC͛jUEH;夞ץٵ?/<ܛ[z_E++mx˘@BBR{TD@D@D@D@ )ΎEuUUUMȖ\y^U0:}A?#%dnngMSS}^<ʸ\[O :l-+" " " %F@b{ X@z{_yld 4 ):߉!TE@D@D@ʛ =r }IU*IuRIF ,MD@D@D@D dДMn=[ha^6cҋO>e[oޤex3a j׉B}H0f5<5ND@D@D@d=Ph=jjFԔ}Ff&wJD 3NEu #s;֎j lQmmy]-˻aW5[~2/1 (dU v eS@&dȄ DTWW˖k#G6pE_7l?tp vl0w]?$y$" " " " Y X:5GkW̌ihXk'º {9;]%I`||ܜ9}ʜ=qO,c'f} dA@,`@l7;롛?up+7ԥW(׆ޜױT睨&055m:̩h- WD@D@D@D *C.5L`v'z\;*ޥ^&M(i&w2:'" " " AP@PdUnF֟=z{xkdtt\75YjvȈfl ;0oWhDb^. `DxX1680؇sGn3j@ A)&^2#vv>c.ޯj72)\9߉l{_yny$:AussY |rLm-tT3yJ6UVS]]]NKkzZ$ MĞ32$۶4P8ojj,-&xn|AD@D@D@J ?ECč;ܼi*)o:v8xsfM}AB#Ps*+ @j j&e\wjj"[r׭Uo 'H 2ZH"" " " "2,. ꮮNsqD~z]P9p_'HB0=5DD@D@DTP*#Ybp'е('s-ު;%MMr>BpW" " " G@bm4a|lL&TA gYʳ9\)ss=g~ PA=E$ݽ_Gz+/]9"qzd*;ƍ.H>'qsEGW[Z_éV !5Kۉ2c'ϙ: %J ?%I`dxt_e7AQo@Ci䀀 9"#r#nEpMww9{X{\{3TR`F_o/ zgb3C:8A%" " " " 9"PrTMɉ o'AWE@rO7+=B$" " " "K%M$~N ЂHj}W^yj n ݃qx{sc?z4EbSMu\q *K-(2 YgF}"$eك}׭cqIܛםUV~47{:L__oµ,eJ K 1T2N9z"" " " %Z҂'HAjkk鍙pN `Qw8ɟ]̶m;|xey86Ӭe~"" " "PpI"EGyfW6# À!~YM O `V%" " " " y @ p-P$@A59۷1XiA;g_@>ʪ PH LL7ͅ b.Aypzd< OUMa (U{yԩ3co@ 7.A"" " " " @HBP$@G@ ?{ǘ5B۠DD@D@D@I@|V]'HPn貞O{9j_(" " ">2oLԢ` ( X*X~IDAT LNN;wŋ͉H7>^= &O 'ЪpO1*Y @ QQA u||+#hhihh0u&bO%:.俿6' ?B߇*$" " " "PH.8x$I4UƦD/+x[+aqϿkj;ʭ$" " " " & @@܋Kcc3SF ` PQBL 1{l: =1@ PP#-zyff@#5($[bw)o]PDD@D@D@ MX+t;T@ 9 !Q;F |kF~A[A5 a!4P`rL)'@hG 4N߀TY1\j`%`lll9^+k׮3f`ங0v нS&''mf}-s¹)' N/[B(REn5[E=aFGFpjjf͚#yUn]cڣzD n33DlŒL|"pO? 3F"" " " "2!k#a#p;@Khmݻwjl;v}jjSSå( \c\l.(x܍Ή>'Sit`ԬD\jfzja, vtvu[ZM}5\ pkOKCE@D@D@D RBC !jLOO5W**%dHЌ%G5\t!Y_Ҧ;P~(P 6 } P Noe^Uӈ-`?=?0 j? HD@D@D@D N""9 ?rzN9ywPNiPrhbȎrdKg#2'@r8Fz,Z_$f Dl 00"^ $Ii+ s  X,f"?cBqF#qe>…sSόWq?BoA?Pz"$E8hjr0'߆@MeeF>l1{^yUGRpZ_!PD@D@D@D  Ui `Nנۡ/Aff\$^ɘvL"`zfFZzG>"S~ikhuW.^/((T7 N- Pn8' _FԪ9:z4QsIsE~ ܽk&&& qaQD@D@D@J"JpPե`N-?m. @%îpGC&ܹ='O|xum2d:ɉPwDD@D@D@D(FT)4F4CƕmΉ"PI<ׯC155 PNzz;x!K"" " " "PPn'PF| h IN,߄JxϜГA EH"67k" =.@5kD@D@D@DXod G]̬NVh-ңǽGmpp  !cYla Z[kf8zlV,k_ ONNFfffV BrHޛ2"2lu3Iee% Mo}LsK¦ׁ"<]]H480~vzh4N!o@CZ(Wr+ȫ&,7hcPzb@(F{k=ݝُ]یY|VR;`U6OMMʊ sO>9scJ+:h;tw_kA"" " " N@~""4pA\Ef͚5uٹÏz*))<? Ғ Pz_rO PyA"" " " N?%" '"\ͣx"1{r,$ƍ7obHdD٤8+.H#` cψF('31(T@$P@"BFp688A2{HtceUe77L$~o~K9Eb=]D@D@D@K@#\ BGpF*w?NߛL#S| XJÏUsf;AO Cϩ12ĭ,b.5{wVQB@lYeX<x#bQ T*A"G!Qq25!Lody;C1 U޹@srnfV03-+-/\a-IogsLJ667?x7܊=95 @A@J` *Kߌ;oDA|p5"'TZg-(PP8v;._:&ߞs_ɝ،ȖD @a?<{ prnrZY)2`2~9vogpޮF|]DnW&noU @%Pl"P*J[k CsQמʀQA9" .<^;?}ΝoֿVfYrD^OD~~yXGh @&*P~xNNF@5 1 #ܶ3^^K\R6V&r #nE?  @$`@%Ue tw^VWnVVnboK.7a9Lρ|WϒDkV<Y @T?L^ʀDZ@ ]99_ZѼ{͕+/C>\o/2E- @TTLۋN`\ʀuN \A(oxw][l]Yn^v-ߩwhgccWD~vΓ# @O::* fsM^P|wjm vqdCv?ȉ @T!A'T'+U D&B !o ,,\i\/N'v@O;A3vx<Ӽ?2 @%[W䭈 +^}|,"8֓[ſ\}́ND@NF P >!pVn0͈,ϖCKy|_ی#GL/_طW @ni[C@_@NAD)INE7_瀿L^ h @C KV5LZ`;]0>wNP2V' @Pp>/%p*jO2BG @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @Y_P ' |IENDB`xca-RELEASE.2.5.0/img/xca-icons.iconset/icon_64x64.png000066400000000000000000000320041450407711300217650ustar00rootroot00000000000000PNG  IHDR@@iqzTXtRaw profile type exifxYv%9rD -!0xv5GURLf<ƀ3s?9rmza=WJKy}!p*ru|:xO@_ !jE? ~{O)sYrLLJ|~\vkpDWxus۟ymÖyMCd/ãnoIZםRϝUsu YO ;S3L#)d\h|~\9d ޳>@2J1یw'$mӷUH'`?yv<@-dR`cnstXqH[Mm+4s Xk|<|v=8wŪm=k9k]wp-熥̳>܍9 8;˂[ub,@2v'( x6_3x~b uUb \}̦!IS!UVtr Ԙu.3 ] ?>"fscJLGh,5Hz!ڀ\\@G%Ԋ {#abFF~!2{!W%%CFƳÉΗُmH㏄qv8X`; ?D [q<+G7;T$ٷbBO+ 0Ihfr-<7Щ"ɢěwqc0OZ&dv96v] c[VshK&LohϛOcu$8Cb-7 &=YܧS*:*61X0ݴ\S_Z|7V;J{-1_lGϴ*n3h)Tr>Lcqs?V0vR{{VKm vpC;G7鶀Kty)6Ȁ>:3c? Q@H$eюɫstY;V2֖582iG P*"Tqx?y<9E,qXB#'@ ĺ@! ]XqJvA?a"bEpzCD?eM j٥m k<>V i$EP!}!ڣsA+XBX/jN:N[@B9W/I*,r%[X$ie" _:8^CzqI[\F &:%$]IKppQA0Ep(S`1>T\ zJk[CzׅWSގJCK1omd ƀ!-^&I}CuP@;]05d6j+#MH}z.ݚc%,[ Pa/G:ujEQ 5;L s psY#ZF&'|W3GQ'Cs= ķ4 >T5_z m+(|zb%+ЯًSAe[FtȎC2WUVe2j[)t 9?5.hV9"JX8xKUt+͑V .Tg@0"I}b{NSpS-ʘe05kbvDq D $YXIVՑII@Fu,V*V(;I Su&*R8 LiK@dOEd;L|gHRl !MhZ;sDalsiȓ (L߫}q`fDžp) ,~\f&)`]+4!'SӪmTIo =!f ӰAD*ζ)C{2 Vܿef<30i4`F'vb-`J<#,U P$"dQy$=~ڥ4j'ch#QA"D (,ltIRv7bH¾pTm-*ʖ[%)1':JXT;'Q #Bd][1Tlg/#ffu}|E,2j#S *5]/(|t9nJG (U^4<Ԫ~ UgjIB|~n69 hT$0t.kͷXUJ( ﯔ2 k&TC'6*Z;*=D5y>fO{AH(@Xz> jZuUB'EHAsY%|6x~JJǁTLJn>Rv\&Gzr'((p"d2j' {٥Pc7< +sz8^E2V@YBK Ʒ*bP(?&Q 5ΰi@.vV+!UlqF_(=U˶_GQbGTD%]qtK:k7^AH7sTĜ&Yk#v;-FpS|~@DU?L[Yӕ* *k)!*.]lSjJTޯD+G5#'vB/!_SSemdR?T,AT50llt*pb o [)Û#:)5X &FD+)zd t Րr@"Xj?=>Pz㠄~7EZWrMMo=D3# S %5߁;²x(#]EzEnHBB 17P{k?:Nbe,!U1 FTa{CRk(ҵHԇUVqiV n1h|D~Ϋz ft ;. ` -XYkHIE)X aO$C7}?rk/ C4T KIVRH3 kgk^WT45oI-5@<.D7 *E'8cj9U_HwT ~a} ElF4`r|f3JZ= #,&RTN?1ټ`ն>+FpT8HH_r-&W[ 9 ZyuXvf+5UYMP9~П Du6Cq^VukZQ.|qE`h`~Uw^okb|hkK^_&$;.^N w .V!Gd#sh 04;kN:Q\#W#ˇ5_#Fw=IiTXtXML:com.adobe.xmp VbKGD pHYs  tIME)-MIDATxY\y9w-3ZidY,, ĦclYl'媸B!e;UlL RHVA f$4{zrΗ H%Ė2O{ηA 4hРA 4hР/7-W_?CR5mY^[ֵuFLy~^rC_4r̼ਚ\MW٭-M[l߾}7g3Ғ&cջ Ɠ\Ўk9^;~>o&0~m X(6wyrϧEa#лsz;6f[Z a8Ґ`as`ƒ㟸=Wu _*l;vֵ"riR>rTxR 筠ZSic4P~J)(-h̎͛v|VM &+N//]zG ,'Ɖ&G|?:p{oع떛~ӟq0v̌Gi9'X2ۮtunn>F#~:AZ`HiW^vuzZ'ΆdrN% J5~⬜?{Q0)bRζq;o]z}x䑧vk` S+n2eYv|,|Gʹ)Az*տSl抁Rj%maqDR~Hpl5M %t|_4b'G`46MII@ knRq/#?W,>%__>xӖ|pdž-AիiPB߇_7_jݰi}VHD[V`"R ̬5BBuXETZ7Z# B^/OeA@c(u͆+W7ܰ|~}X 1%~4>=hGW{Ҡ\OG0/Y!CŠ%T^ ,lFp, UҚٲL3Q: J4$ցg3N1SY3 N}ׯᱷ;4 6-s_ 7Dlݷ{RyeӬ˨;JutyrcNARcf@O|2AaP9 C,D<D@Jpzl), ,@F5!L7ް ٜSJɥFGge eD78oiⶫ״&gWGkSƴ,ʹY3IݳgfVirrVˡVСW| 99?(:jUq9cz JVD>(ɔ6M nV:cZ#EQ"g-Rp+ffZnX%sdOw$YG%A}[FWls %D e]-j~؄` !Ak3fsd#˄k BAc]z5 ' D"Ѩ)QKJ)EB@Ԫ١᱿yy%R~7aJedS㋛&WN,v{;s4{ ``{+:&n"ͦd&L:ЎD,ێ #.XD`kf" fJŝrZY1$rA2 FT.cg̟?fdB4gg:Q<g[>Xٓ#CJte @5@ / 9㋦x|5n*ٔyD"޺jUlS*mH#*$JBkbfrzD$DJ}?32]!egѣy]vtPP@9GRW,z_.7"n⻦eumH)3?3 Pskvvė/omu"VIDVhlɺn:jf:)2L$;bba/,y^pĉs_}+GK'&)lkزeM-,.bad\RzyY`RjmKG*"UU&tf?????PNG  IHDR\rft IDATxwUY{B Lj *EEǮQQzBMBH{m~sνC+96gά^mbX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,7ۿ<_byp4`;{+_b@+&9{C&k͸^Yu!X- M&8 1=;D4=Mu>CVx`blg8xl94T6) "H)P_ ^еě**@ `8aC.8νRA$"W3p0GRo,i8ps87;l&Hcf#\s @f"]˽Qpp9y6#&'1@@"@ c @L~`z_7UgL0Y܃& s{.ɉ!N'cɊiZ#3<@ o6W1b”i7 `*eS6F310 L(o?xܺ?rQT1B: FDDDK4 ,xCxx2R W_}>`uk#0C.|Qⲏ|N}JJcun韻}r+0H`!@9D: A>F56hu,@n_0f`~=ȃzIٺT1MD23pd`0'ׯ\O$ic?$8Ӄp( H!HHIB!T OW\qaϓO^weh:NoΏ_wtM~]0xN*AHTBP(wa @`53]Ƣ3$ |SG|zK~S2S3Iz!7/Y0 5|W\qM3ppKl>ͳ?zv uih3FG)I#ܳ mRsf+`։ߟ_ك:|;|X F k}CoR(xj6ӈD[,D*X&X2 (vuAJ`|"@ NcKI7`4v$&L]̺I`&:M0@k+RUͷ<|漏|:r >3uEx\w8;8#l}f]sF+4"st!К} ~?0Z~Mfw 8ŏ>5tȀ} PXd59|ףH 'C ݻ3CR Rp2x$d`J|ܩBJ1b㎞2d!n.퀈#46;^)Z֚Y)f( w$}~G%%XC@N tAfF`ƦLc2#q }쬠)KC7rn۶9s>饍; }QDP_>sެ쏿wɘaCz vqH"f$22v_(@+U.K%߇Ժ"f1{l'i?0z+LHLq9YǗ?pޱ 7e%I !R`37~pZhH)5VJ3֬fկo꡻]E&"B#KA(jFZF\khD5m\()( ܹ3?2WV'~fK/m\0IO26|ot:vgLmiAS~ "Q_*B)Ax?&Q?J) p'a&xL&ް٦}d,+Kms؁ӳl]]Ю‘$ Eqycփ61zI+ŬṪAR=9/$}FHHH% R( 0BFkdf  2$3<F>Q$/^s?s/oZ]8f:~߮ hn\|o^\4$6R)wFA V T5Vf_q{ "PyG093Ta¤Ǝj!"}s[׿gݓup%XfADFV颔1ZkhfS+VoR痺gX.4:mB33+R<(AH0} @0aC0ChF{]?֕-[gB"?K.aW6b? ` +3At쑓^/>a-{#ou3te?bLS(tu!nA`& Ef<ŒD|wSS?(KR)0s@7qg_az?s3J * Ŭ=G憗s,(&tB&B H#րZJ1D{dJ{^kRgy~9_ME!Y &`vƭ$HL p%PJ^F, ~ٓʕc~B{_+p00t41c>̚>vmf1;6~w_} #F }tڅRw7R a灃~{;Z#1)!Slo ۷ս%{̜Q+aDvÂBU15K$Qt{oJdoej}jnKsnք}d1#gz`u-u]LdMf5 AJ3 kbTaW{y#(f@28lZ9rBDW嶸B&!/bfHaBɎe0D3#a$`#(E@X50[$B͉ZAjxJuww__ݲ&4»)HX,\Ёa`"yO>!U~Mkfhe_GO<7ɵ7x"J!} MRM&fPH1#q_\.p;; /mMwjuuu|?(ڽ=}Tww>A.T*!tbXL8Dᇟb}?h[:DGc}=0 g-z9{ "PWXrƻO./"p jkN0hpR3t4*tO:"_@!QWV ݛ6A a҆,}A%U(T)uwI]]]. efvɄHd]]VR:\`ZZfGB@dB>OI~r0f2!aV%b)Yߋؘo|Nuogc7}!w';'tu+Vnub65`_AL%ʾb"mmƻpM,HJh@N"/V ~Δ0Jsc1D:tt3$XC:D&FCC=P__l6l6KtT8q1c)]&rHhff4KSǁRM+Y1 ŚҬb @(@67ɾ/P.J%F(4EB!@ww B||\BBϾ!< X)ž}JpQ*(ʶ|*g w$/uX1" ,pTpUAx\):H <4 tIJ׍(=@cc9h?;x]/ך(Op1u[Ν1m\|`k?T$8 RYs_8+@u<ݝ4$F,Rؘ!]P(j xԜ EE sXytݵw.zERJ-{g[wIƗ&}Uʾb}W\\\ T T2S*|…Ç_uE :=JS[?-5j𠡡Ur6xpz❻婎DViJ E-2Ax73*qH!KB +i+F*ERf*10()RR": iXGKqRq؂E2D5'ÆvmذEVƚ]n |s QsiZK/u[9]@"yTX YCi s9LTq]YˇH @A8uVkR!~ܣmbFä@0㉗B  ٞ9#8x 7/s3`\JSA4Dek%yQ͕5֬YmMͣFrb18 lǕa` 6`VuL_6 03HHE9(Q*AhZ(7l,={z餓,f^nmNn&gƭ2MG>t:6ņkZ' 'pT~s{pJE[RST>1~c}˒`x >2$3(i~q `4@Z3Z AxJ)/%@ ,P2cI&Ri **M ap4#Z,z'aS֊)D"V g {v60E㈼ff, X`KV7lhKjР~ͦIC2&-@@)eϺ]4'(6Iǁ_( (@̐2F$ƌ  4x@UWaqܤ?|FiƌK2vsN75՛MEkKXhkn A3fxP_=G7Վ#̏qB6$OC@JFR&TÿQ@X)M<*%T0qZJmBM$A(xF)ʠiRA%pHHx”/КNiM`$3I)pO1c*r{̈c,Y0nxxo9 Hx@Xo[u~GuJ1HQzK qu]"P8F[!{g\W/"B; |ߧz(/z-sk_y6y& /ҢEw |JL@TW:J' Kc=7 '.[{}wvv5k68/=z)¤n¤S3U.ӟ%]/e3;(aFZkjS] QBb B'9CA&uD$ ȃ4`@A`Ɵ>^KA@(ZI8W\Ȍ :+T` 7#N+ ujgg7m۶S}ys>t=Ğzj7bĐ`ذ l.g\ {o# ˼^}#X_mo yJ\^gό9$F+:9ˆa4iy6g„1֭;ޜܲeڬ:;<4EOSN*.u\o79zp֬CW^/͞=P.}$I;vD%3{H\s?R9=u6u>_bD~niiuGЁH|xP_p/v`==h];;?9ŖP0QG.GU#I}fF,O?֦wܹG3J1{nE^Po'y'b[vT*̀z>6zH|ާkGqnjj^,Λ77xku]RIJ ?x\:9Ɔ}(ì3#@ |V' Mu]}J)85~[e/E霅^%8Ny!AkkϮȖJeڶm<9CZh!p'tLI%K^rn.?rl+)h&/^蹮48pڰa$"̛w|\`җK.9_n.?K;q?L="nbi%LRկwхRIUW9}i]w}ټo)yi'篾GQ{Z3{SO,"Î@= 0֕Dhe[_胹o}u3>$%?LW(* O3 (d0Z|50C0Gp1RV̌RX'g|^zy 9f]A" 4*1H 4yf60Lm)\t!1%cGygx|Bc7ڔIBWRN$\\LJ%XXDPN=bO^OƏϛ7P__ 3!]ag~Bt1͊5ܿ#|" : 6$sj>Ni"g>siuܸQ|sMMM:d8`\yAܰa'/ d,D/#]T[H>>#?fhv!n瞝cfZ~YfZm:S#CJ: Am/.YG< LQHDWjǕ4OJ $bOD"@;!*0pV@X0YBu$hvܨ?T!CZXJIA8J4$i➎^J@(c֌ c4׿W20? T\]!h6\\s)WEWѓO-a3`s&)qYGnqCԫ@1RKes@勁4g|*  xM@Wߜ:]zwI$2|a$){7cѹ=s֪xIEDN> UCi'DTv* ǝN*,X-I6rkkR*'y'~<>CX+z4& %!RemNG1^sqSg7ݶu_}{ae!(pRք;yƧ{͗<7~}tI/fUx{ЄL:^3nƏ|g/zQS6uѨ pIۻ8#W(!q8KB b.eAb)2o !HkH*?_36Q`HK^@;%R3D"W߷w~BmQO!gط۳ /^{ 6Jh)0?K6;݂MM*UMM~B!O˗ƍ-, 2=_*#O3>zܤ4+ڛS+ING" &qB!jՒ;vq]fĎ7$I'^wA6\Z>jGxQwQ2DčI1ฒ a#t@ˆ2/}CaA,y3Q>=_UUaw  yھ} hmmQT>dz*Z_6VUvCkk%O?1<],NI&95J0aI&--~3=J q&֙es'R2JJ-Ǝ#UϬYU֚s81QyӇ5w䩧j'6v @4J > dIX^xSJѣU/}Jg4IMgb)%56f;AA.VmZN<5RFP;;su66xJ&\*i 2mw-A$̌cU{]"j)eHG;G?̬^=zT@Dl}v]z* T ;3㚫<;_KqW*&W0c0v sY;K HYHqM4.R#Ӽk-ʵm΅.Dfh`&"IZ ݗOӌz `:`߯n' o}-.nle>9(osή] E -X k ]d2I>WI5t =zf+vnU8-ꤓ^z'Džܿ?}YL9\;j.Y_OuYfR3k׮ӝd{Z{W\qSlnn7|kb޳>͛wrv:gI˞[ 9 X-@I_:vX WJ-{jNzC$HGR)`)%b =}݁n7>;杘˗^y8ޓ[x8Oy/ʍ3*(/_ B |ƌz>&MB_3-괥:W(bFy[u&LJfՒ )Z!jO(,!`UcǴ!k~b#7~D)کz/.q$gX)˘0a|>UT{_k~43y--Smp/^^qU}#C]~MJn>=R_=ĉ|jkSk"JNkS-^MkS)dǑp)97/%-QyzzYK)K *X؎|oBbFS 0E@3' C6w.jmi<츣OԽyVyşyؐm3<5̸\^oHϢeJzNkk3fd,*+3h .3Ä /ӰaCT255NZZ%w}_|ǎ] /ȷPit?tKKv /|{5#N%y̘N>0nܘ7=%=GD T3nj>>q$0Fht A` ֦5@ 4s>϶:諡[`_+ ; )J?nؐB|5;;/nbm1ep1nqd0^U{2{5 8d2pG<ӧX,q.~7~8?NU|Q6m ~ v]2N>pn_~:tG9 p7kc+!\ fzd:)?sϕ%{sW>GkvF^B4s3CkhN=uجIAGx41~h"K+k۶[nC8 J&" ;vrDDB&븽C455莎!uegk~=ܳ Dgy;vLP_e"2>]x;ؒd;w֖J-UX,i֭ d2inl45 7t['q0x`B~;|{̉轏60zM^QЧ6vyAeI4o2K̲Leqwpw= [G+^udJ=rgg@J!GR:oذb-M3_j3u;wu1bİ`ժ5K]o+Vte?[o+ߚxg?庯|[)S&sZO~Ue^v$oOΝO~OiNGG'w߃+c3bݒ%K\@D zoUo|{e^zM+7y}O ގ2ݢEY{<48, wGEtÎQ(bX^j(Jݏ< M`_OfDJ tr@E$g?qVUA+.ĬH"".\y%yb_<7AEWwJVfh._~ީ_w^6f~S}f\DA0uA7ߙ;v_(æ`l6>{^g =sСC aݺ X,Ҳ/R .n& 'W|N&^X;*Xj?_,ԯ_nh׃SN9c9,SWWn.,Y~K:/\ݚ5d.('RJ>z4wUWV:r tuuzا>Jv,;OvWT*ӛM {}Mv#1Rn@O@#p#!BFMq&Y/|wu^xsgb,+wo~ _%bn/n*Jtk0[ntpI3D"Jkox?z Ֆ7uq 56fx`KެjStuM Zi@G@B#"h[\~Źl6?xOk2WcON8ᘒYKrBk_n](9rڸi\zsめ[jZyǏ!8=7FiBB9 @{< #{37H5װrssO7꟏/0؃鼳gy6F(HlGgiRvHTLc`&qԗu@2cbOGߴMƿM 4Њ_h>Pxd|) 斴xg͛bD[lWv'L_zmmf`޼ fM+=gΡ!CTH]]/xT[o;exAq]̌'|[fslѫVD/4w!?w/tr|»>x}~ٲ 0jHuᇖxT %#Z:.ڳcWxʫSKeZJAӣKʣ`o_ > "H 8Jy`R),D$@B`"S3l 薒 o:R D{,NZ+Ael޺Kt*x1+Uƀ/Ϸw2g{2&(rAP5a b&,H0U ]ٸa3v%)A:ʂ:@"y;{ o/U2Z3gXd6 u|K1b'/B~MZBX$f .8;#;w'|BYy罱 6#; :|mw_oy smm:Z Z'{V^+\yM꒭2[SI2d6 UZSx3+E>=c K)8|=O )L< {1AZл+J>HP~KKpF#04o!&g`kk~B/?=rxk}C}zrXAQ+ " pcF+@flܬZI02_oZk-I 46a?#y:ڤHp)b ՍTf.>ɋ2_;nd Si o+y'!OyiRi@KK'/Kc(^VNvHnqG/^nڴInڴY^tG5;Rk}+#]9kS/|m"ЙvYIX* 5^M.^yT :QOO *?ďD,V `"u "")!"ff2͈L !'^\Kxw g -=01ŭou/{];Nŏ.-74d0#!a2ێ0W_&EX/?_Hج2&-|΋Q1ws04J #ScJĢtL(a8X0˄Ra 8`lQ9VԩW_qD0fO_JrbZ?Ezp0K簩oj*-r{[GQqEB;}XJ1poA_5mP?c%%kws=Oݯ_ .X(?$Bk}1 Ç VףF ,[AwS%V }/=dT B1UBD8!`R1AA5}kYPkGBl:5-t(x=F57TF7,'=CTJarۖU{N_Uгn@oLg2'sF_B 5:Eu FX{FIx~wO`do+BfHc/[vDϿPu- {Qܯ)nfyt)T8if+H9xT n.>^(%BHب5bh0?n)}w$ R9=%{ iM,`njo-:&j:ZLJ>W ct?W϶w?֬6kG Z)ޒ_~M? Ѕc9=?׸n&M:\VX󫛾` okZ0]S"]ۓn``uxaȅg05ט]2kc2vT0)e-^V_cꦻu|{-2D#)ū~pw 2 %뎮?)479pfXxGN3fr]B8RTd*Bs@Ѓ H1Ls c֛n*>s-rvj&kbk\}BZؽ]5fԗWy =ֻxEĝ[}3 F@j[6?6Ѿ4()D4ka'T(c%19%\v^~W:]S&4fSI2֎wIM{zfb "`fq}WZ~[b򦭻kl<ҁz `q]4鰉?7e2IHOds)y+:1)# !䘎QfJBѥkX  _=|[&@uHʵPX\G^yg#n`j!5aVl2kyMjs>>̾}=\13l{VC}$0y k). `{w3*s1'`za 56\ H)(6J5QRZә'Awl-VU\.WG g4|V`.xlՍMT<ż\&LԔտnjʢ1Kl*LƼT*yIsRd)2B 8ҭP+.%"$1 DaC]sό0G$”^ aV 5Ykw۴, sLnQ#o,#}O%ۆ}ƍUWݱk_ G0p 6͔h2. &B.LD6k(9)yS;lXw!cNB o(5bXH 6_,mS׸)8d3+#yeW#BD/r\^qUWCp1XaVTdoz#V{zΎ]W^yx^ *O8_!It: JaJPJ!( @>Gp*+=U+fOX\\`,RX`)0ɖ`TaP2+rx](: '3@&8 8 @m X n"eT~f57 ۛ8y8ǙD=/@e]WK0"fs;3 0FÛ`QpD`¯. ٦7!"@:-6e}l];S;w_~u_rUS/*aSĂCS~g`E*9WG`hZ{dk\*}Nc_|+bku_@ a9L 4%iRzE9b)%\6p\Zk @Xr oe~q0g?s\+jmH􈣱Dfi16뇈<;le6 *F1,a8S`,'ӎzq1Ic洶6;MJazi fY06sjVb6:VAT2"z*J;VC05ѕFCSWQv" ּ7i*/͵v\*ݝ׏<;ʷ|?H;6ӃYK鉰ٍ'V J)Hǁy0=Ҍk* V Re|BP0̷.F 2Ps&2Jg>j`im2!kB{S;`s}0 a^O1LL0ӱcPmXӦ0mL2qrY, JNT[0 f"w;P[Ws֭W}Ֆ&O<ȤIL<>>h:ڹl@죫+O=w>r{XG g%Hd@&g B (2|ZeR pB69 7J%zB簆VMERasHTJ"hrux+%0!tn35h0B @cq oE,m>rAcǍ_ܿ~k69Iɕ@)>Z0A&P6XNH@!'EE؍oOT@řY23iϫ%KV{l\xRoTmqk qDH \8b,uup]^2AnVU.WP"(!|Bkɼ{30FKpU+0Pl_+5>@ 'YZJQgJB)85ˑ2X5Ƈ2aFw4v 3ônP`60ʡƿ`meǕe)&6~Ou@6jB`CƚO)6Mw/~f<W%)`8 D ͑s-KZ3G3DlDsgv{aƍcA@kǑh0ۼ|o*z cIG"yBuQ۽~TBP(Thc8&g_70Pq Z 6~T:# *!}X N| @<c=uPϭ0`n=_WyLnּ}G߸/oxKK+s)k>lӷVe:L6w(/4_8+ ЀD&ufK>vD \A>_Ԙ5138z_{NtpVZϫuVhZ`P;̕ P].ef,Iߝ}L_][݄t]8@H tW~ŴEdm 0A8md]L'pJ3q׭>9$N';Pm̗py>!D(wL509K-$/ OFaB$ @h~X*H@Djf5o]H|}&'dX uf-$8 yMyN8eTAdB{+Y@M&+XOpA((2 G8PfC"Pp8X8 ̷u:S n"k 8zDGB.:% W梎~D&g1wW(1`r㊵6mk@erAXYIh]1/c3}E;Zk}x8XZ_{N}%]0 -Z ꈐR0ԏc? ?Y^%X,*"GOO?EsR!P.QCG Zӿ`>s LZh*P8ծo@00 < 8 &hBs#}_ X,dd8BAhb\ 4J,d޶8Nz_Qp{۬ \աRZ5$wATrPgPa#F < $p"6Q_P #2W_ޕ}H Lݢ$Y7^W")ĠVB<"%\۵J ( Rfv1p@`"<=A`JJB`$9:3/ewXԌ. +~(c0hn 0a͇{\Y;`[=Wr= j"`~Es91cqHy#Q&o?h B }*Qh5 FIǞ,Mr&ea@M@D_1YCyh`[8y Q[ehY3o$J /x|m^_b&zbn"l' [m3Xxn"7f"0_#4bR &?m]oYD' ʚ2i$jzCS HYl0MHG"8A0<($2kG}#%P7σp#EY35.ӣqnGu}}>,72 oNF0&aIM0}:|+q<#I 59 Ë%RIx$xd,ž s$T sۯYAސ&RWjZlJeX& ARbN2j "]81Ìʴ YfQVX5CڴWOAސ 8'CZPLu>7# ޥ|RJ$Jn]DٖQ8Bl] D6aywyCk[tg_'F?cL3]nb^Te3wcGPz$٘2khMAXT>O Yt[2-sylX0ppv3s2VA$ĕQ?8}c)DDdCjj pw3`:;6,Sك2瘋_OX^?[ @ z_SbMTb0e+H 1"trM˶f:xzQsF%Y]ߜG&Sf6b )Kxpj820T0͜-!FʷT7NؠGI} [{ڞ *5]k>j#xd_;ϛYGcSf`xMAF.Ш94N3p:0IzEm⺭){0dȦJ~B>7e[wٷ9N4*ye{oִA'rg bKGD pHYs  tIME !XT IDATx}wWu;M+iWKU,#ٖ6ĕbb 6c/I @0Cl Ņbld#Vյ]iwڔ{1V8ش7o̜={νKI5NP _'?>?]x-fܩή#ٙs?>[i>޵ ϏٮMp`[G#E8ugk/|܊j'Y:D:T9; Ropg?{M glmR6k̀̀#>o>76gtd|G@g/uQ/)IpG{{/3u$36`$E0X^E,Gkq9n:PLסqpOw&'`J#B0>`=G k͟~olъtb0Ka)+ e О=bҿA.\@6pŲS} yo3Tx@]{~[nQ̻HT6D&оRiz {({a֜xE˔Iͭ$l,6lcٹkrC@,1Lxb%3s4,KH"K&)!v_}?.bfw=k"YU:AGkC"1?렋kWk+M1YZM,fَP,_~M]].~g[U~ 7lh2!{(yXZ`#`ٯ]WRtNmW𢋖7,Z4=JU8l4a2JIBP(gw6Swe PJYa"x>c8ض0XػrYz mk(Jm:^]pw\s%[\_I'/ n܇ 8: 0y3')PJ#E UVh(=WN_locP*]m`423+eL=zk|BV3d-rBOHPQTh*  Ǐk+1_?j.lذa˾e)WZo>wzӮMR9'ksp-V<Ѿ>iY0P(`1hcd;:;dG9^ P@/<x+ 5X66TK$SH}Cui`#FiAVY) !1FHtw;IjNűז** wٵmH1#P!m`4( ~?>~ 5|[@%D(-矒]Lض%&&0Pưٲ}ᚯ31r( ## !&ww#,x{c|POlpp\6Ҏ#zz4s$%!ga+C!Er1ňy^J%SϨ7g211i;hC:PØHJhCM 놉`Ro'+ daP#Hcc_@gTf8 agDd{ ߳h_l;`j_.oOb*'O~RoZ"6PCC1Z_JFJV ЀlO0:2q3w媪1(<'4lC-G6,e1II "&kqd62Dưa6la6̚a!R֌ `xFjѨVJs0flR}̬^-% Z3i:?JK+3qHK &%t(WehJ'Kf͟w KZr!9)m̅s(BQ(h12RGpFyt4Ţg 9A"P! 5 8XEC1(b-+'Om0-:uffPD,1 <=Ef0Mt udֵ60Ɯ4֚pGݱcWlFm  @B `n"?Y4!˖%, DR89L$АI񺞣t~u%Zqt`}3۶t:|mkyd@ZZj<|}AgqOt;7m=]s S鄐^P e]^SfV Ҷፌh^˅fl,Xcc 衇JsWak]nEE&Ji6D*En)A0QY1>E`<"Oh~:J 6 BjMxWH3)>X(fH6 TC+Pn{|85p1~-S6R=gW)kz ۀ6M~`WYKOR__CVʰCv}[u qƀ7: 92D/8$k19mZO$qaמ7oŌ1Q~ҍmkB2)uvrԚNqpQ :HH PXS L͢]0,] !3wTh^-ΙYUI z?='X֕/HC0,L (e8_D/7XT  dR)QtR N醆:Xʪ ׶-tuv=\A*MJdYm[m  ')4 Wn XOfb 믿`xc/r&~eݺ XtdLȸ+DkK^:|T*CDD#ض% h0gy!>̘wvv690ݽάY|uYk.ZM$y؞9]InٓK& JźuW\-}{;siU>-㿊)eɵD\zhmm &}}Π3c1h (8R[k㬪 <|HkfIR {Բʰxgc }oipk(or[V\hکfe҉GdwtmML %ymfdGdcyR/rYZL}}}V={Z8bwwC$P(iV߾X|iZ4iRXYyd*<44"͝=#N]Rܹs}y! dԩ**̾.ܹsb1ݙ3yeWAD ҂ruҥŧoDwM?W,ґ5R$B`y:s.!E<,pw^ϻ::d9@@6~g5vMZ*5yGLDI${*823kc\c9OWVbQƃ Jӌ(Q… JmMfuѲm0~| @QkkK01RҥKpg6Ы GFƬIڋ.(f*jUmmilsƬS]QWנۂ Ys}ȩcccbSшF"J"! ŋ}_TWh538T8P(b@n̅rhۋEHMLQ3)ܯ v?9xuM'qcBb]&"l_n7?~կ >DW<μ׫K/8約eK:j뎇}-VeEj>YX6G0)G _p~M4DY )?:e7}$|wΤS&Jcǝ?3IYrc !xboL4< kn ھ}GСƱH {ظqsbϸghɤ4J.''G X*W.1wPy҂ذmc ۖҶmYBA$Jӟ֡>uWm &U<~zflM?o(k?zK7۶\hi}#аECuu0C +A$'.F%c)ұ4J*}$RZ}FsGmR#Rz{#GXrVxL׿0X,\'v ߘq.؝LĖhGD@Hq c~`"= 2/;~P=wlÆ)S&N;`6{/v={纮ٹsw|ΜY'͊={8K,&On @h"DJ/@kMRJ޹s}Ĕb4\xy~eRV~EklU ʲ,KBJQz%˖Irb9d!'M.|@@c՞X]f}+24 aTbq)V_56UMɍl16eTƞ={cMM a"71Oo)Y33mKQ]]eNNWW3goh|'3XQX~*s"se,fD厎B B!'ϟhyRuwߏ%#%8}|?̜}ߙ|-ZJ%;C;w>/Un޼)ht{ئM=='Gex͉ܗ1ۂUȍFRJEiJ1 1̆BW XkJ绷p6xa6<[y/͆w_1F6DEKKh~5h!+-b ȑ~;9SqakxxX<[5zyJB:h2;--tc_գ5ft4'?ܹCEMMwu555zǎ]NOOXrY岖eEAEĭX,V̩}Xc+/~_=j/\87uA.!=GK]ESU"JI㌓<$X()Bnۦ1t6D_k*6A;}>f3{{{>F:̱ΠciW ``@DRi]!_BT@B"*iMMa<O3˻u2s'><}>n|iQ:8XB"aq,D$BI !%L hq}=<׵sځO4Nm;//2.s IƐc42Xtf E>.6Zs228R+ #-f!1W1f/aL\ĸ mmS1Z5\uHi==G?;c欕||&.|>.4ٶ(|liYBP))eNmCG/䝿n56 Cɿ}\PHlx~77WU:1H2KֆXH&o= ؋4n,]:Dc}4PRVA,ZԌ G#_@K#Vq[4{'7]8IK0A8>4#- Ǒ亶eYRo=&DJ` ~ WO!Z c ` sK[rn)E29w.m9Z__H~"d{,ODFDZ%p;mSЙ_11'\>MK*`,KnO(FFeQTXnשgdjX-&lidb6) ð|d ๙D0.h«B }Gm k0ΥHJQ<]z8EA{{PSS], Ha4R&A ͔#F&01Zȉ,K%cذa)RQGF)/q_On*-'Xip/Y!ѢUU2!RPAiaDe:-=ϻmutD01#q(こU'%::,21n.Z~m֝Jt]ꇞI),DDy@6 Kkd#?rxfw0c`z 'ܨfLmR-Hfa%8rҖp(g4?zQM%D Lj=w:$+F(]6%B7.N|\)e vDd+ۘcb"Z$/^=Z?W ]@9(GY9 x"^um^Gud# "c+iIENDB`xca-RELEASE.2.5.0/lang/000077500000000000000000000000001450407711300142735ustar00rootroot00000000000000xca-RELEASE.2.5.0/lang/.gitignore000066400000000000000000000000051450407711300162560ustar00rootroot00000000000000*.qm xca-RELEASE.2.5.0/lang/CMakeLists.txt000066400000000000000000000040401450407711300170310ustar00rootroot00000000000000 set(S "${PROJECT_SOURCE_DIR}/lang") set(D "${PROJECT_BINARY_DIR}") list(APPEND XCA_QT_LANGUAGES de fr ja pl ru tr es it sk bg) list(APPEND XCA_LANGUAGES id hr nl pt_BR zh_CN fa ${XCA_QT_LANGUAGES}) foreach(lang ${XCA_LANGUAGES}) guid(${lang}) list(APPEND TS_FILES ${S}/xca_${lang}.ts) list(APPEND LANG_COMPREFS " \n") set(LANG_COMPS " \n") if(EXISTS ${_qt_bin_dir}/../translations/qt_${lang}.qm) list(APPEND QM_FILES ${_qt_bin_dir}/../translations/qt_${lang}.qm) string(APPEND LANG_COMPS " \n") endif() string(APPEND LANG_COMPS " \n") list(APPEND LANG_ALLCOMPS ${LANG_COMPS}) endforeach() string(APPEND WIX_LANG_CONTENT "\n" ${LANG_ALLCOMPS} "\n" "\n" ${LANG_COMPREFS} "" ) WixFile(${D}/language.wxs ${WIX_LANG_CONTENT}) if (${QT_VERSION} VERSION_LESS 6.0.0 ) qt5_add_translation(QM_FILES ${TS_FILES} OPTIONS -silent) message(STATUS "Updating translations from source with 'lupdate' only supprted with QT6") target_sources(${CMAKE_PROJECT_NAME} PRIVATE ${QM_FILES}) else() qt_add_translations(xca TS_FILES ${TS_FILES} ${S}/xca.ts LRELEASE_OPTIONS -silent QM_FILES_OUTPUT_VARIABLE QM_FILES ) add_custom_target(trans DEPENDS xca_lupdate "${S}/xca.pot") endif() list(APPEND APP_RESOURCES ${QM_FILES}) target_sources(${CMAKE_PROJECT_NAME} PRIVATE ${QM_FILES}) if (UNIX AND NOT APPLE) install(FILES ${QM_FILES} DESTINATION ${CMAKE_INSTALL_DATADIR}/${CMAKE_PROJECT_NAME}/i18n ) elseif(WIN32) install(FILES ${QM_FILES} DESTINATION ${RUNTIME_DEST}/i18n ) endif() find_program(LCONVERT lconvert) add_custom_command( OUTPUT "${S}/xca.pot" COMMAND ${LCONVERT} -if ts -of po -i "${S}/xca.ts" -o "${S}/xca.pot" DEPENDS "${S}/xca.ts" COMMENT "Update POT file" ) xca-RELEASE.2.5.0/lang/fr.po000066400000000000000000003363461450407711300152610ustar00rootroot00000000000000# # demonipuch , 2012, 2014, 2015. # Patrick Monnerat <.>, 2011-2021. # msgid "" msgstr "" "Project-Id-Version: xca 1.3.3\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2018-03-16 18:14+0200\n" "PO-Revision-Date: 2021-05-15 11:49+0200\n" "Last-Translator: Patrick Monnerat <.>\n" "Language-Team: French <>\n" "Language: fr\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "X-Generator: Gtranslator 3.38.0\n" "Plural-Forms: nplurals=2; plural=(n > 1);\n" "X-Qt-Contexts: true\n" #: ../ui/CaProperties.ui:30 msgctxt "CaProperties|" msgid "CA Properties" msgstr "Propriétés du CA" #: ../ui/CaProperties.ui:92 msgctxt "CaProperties|" msgid "Days until next CRL issuing" msgstr "" "Nombre de jours avant la génération de la prochaine liste de révocation" #: ../ui/CaProperties.ui:102 msgctxt "CaProperties|" msgid "Default template" msgstr "Modèle par défaut" #: ../ui/CertDetail.ui:30 ../widgets/CertDetail.cpp:112 msgctxt "CertDetail|" msgid "Details of the Certificate" msgstr "Détails du Certificat" #: ../ui/CertDetail.ui:165 msgctxt "CertDetail|" msgid "Serial" msgstr "Numéro de série" #: ../ui/CertDetail.ui:178 msgctxt "CertDetail|" msgid "The serial number of the certificate" msgstr "Le numéro de série du certificat" #: ../ui/CertDetail.ui:113 msgctxt "CertDetail|" msgid "The internal name of the certificate in the database" msgstr "Le nom interne du certificat dans la base de données" #: ../ui/CertDetail.ui:78 msgctxt "CertDetail|" msgid "Status" msgstr "Etat" #: ../ui/CertDetail.ui:106 msgctxt "CertDetail|" msgid "Internal name" msgstr "Nom interne" #: ../ui/CertDetail.ui:120 msgctxt "CertDetail|" msgid "Signature" msgstr "Signature" #: ../ui/CertDetail.ui:145 msgctxt "CertDetail|" msgid "Key" msgstr "Clé" #: ../ui/CertDetail.ui:191 msgctxt "CertDetail|" msgid "Fingerprints" msgstr "Empreinte" #: ../ui/CertDetail.ui:203 msgctxt "CertDetail|" msgid "MD5" msgstr "MD5" #: ../ui/CertDetail.ui:216 msgctxt "CertDetail|" msgid "An md5 hashsum of the certificate" msgstr "La somme de hachage MD5 du certificat" #: ../ui/CertDetail.ui:229 msgctxt "CertDetail|" msgid "SHA1" msgstr "SHA1" #: ../ui/CertDetail.ui:242 msgctxt "CertDetail|" msgid "A SHA-1 hashsum of the certificate" msgstr "La somme de hachage SHA-1 du certificat" #: ../ui/CertDetail.ui:255 msgctxt "CertDetail|" msgid "SHA256" msgstr "SHA256" #: ../ui/CertDetail.ui:268 msgctxt "CertDetail|" msgid "A SHA-256 hashsum of the certificate" msgstr "La somme de hachage SHA-256 du certificat" #: ../ui/CertDetail.ui:278 msgctxt "CertDetail|" msgid "Validity" msgstr "Validité" #: ../ui/CertDetail.ui:287 msgctxt "CertDetail|" msgid "The time since the certificate is valid" msgstr "Le moment depuis lequel le certificat est valide" #: ../ui/CertDetail.ui:294 msgctxt "CertDetail|" msgid "The time until the certificate is valid" msgstr "Le moment auquel le certificat échoit" #: ../ui/CertDetail.ui:328 msgctxt "CertDetail|" msgid "Subject" msgstr "Sujet" #: ../ui/CertDetail.ui:341 msgctxt "CertDetail|" msgid "Issuer" msgstr "Emetteur" #: ../ui/CertDetail.ui:364 msgctxt "CertDetail|" msgid "Extensions" msgstr "Extensions" #: ../ui/CertDetail.ui:385 msgctxt "CertDetail|" msgid "Comment" msgstr "Commentaire" #: ../ui/CertDetail.ui:354 msgctxt "CertDetail|" msgid "Attributes" msgstr "Attributs" #: ../ui/CertDetail.ui:377 ../widgets/CertDetail.cpp:40 msgctxt "CertDetail|" msgid "Show config" msgstr "Afficher la configuration" #: ../widgets/CertDetail.cpp:44 msgctxt "CertDetail|" msgid "Show extensions" msgstr "Afficher les extensions" #: ../widgets/CertDetail.cpp:66 msgctxt "CertDetail|" msgid "Show public key" msgstr "Afficher la clé publique" #: ../widgets/CertDetail.cpp:69 msgctxt "CertDetail|" msgid "This key is not in the database." msgstr "Cette clé ne figure pas dans la base de données" #: ../widgets/CertDetail.cpp:73 msgctxt "CertDetail|" msgid "Not available" msgstr "Non disponible" #: ../widgets/CertDetail.cpp:120 msgctxt "CertDetail|" msgid "Signer unknown" msgstr "Signataire inconnu" #: ../widgets/CertDetail.cpp:124 msgctxt "CertDetail|" msgid "Self signed" msgstr "Auto-signé" #: ../widgets/CertDetail.cpp:154 #, qt-format msgctxt "CertDetail|" msgid "Revoked at %1" msgstr "Révoqué le %1" #: ../widgets/CertDetail.cpp:159 msgctxt "CertDetail|" msgid "Not valid" msgstr "Invalide" #: ../widgets/CertDetail.cpp:163 msgctxt "CertDetail|" msgid "Valid" msgstr "Valide" #: ../widgets/CertDetail.cpp:184 msgctxt "CertDetail|" msgid "Details of the certificate signing request" msgstr "Détails de la requête de signature" #: ../ui/CertExtend.ui:30 msgctxt "CertExtend|" msgid "Certificate renewal" msgstr "Renouvellement du certificat" #: ../ui/CertExtend.ui:74 msgctxt "CertExtend|" msgid "" "This will create a new certificate as a copy of the old one with a new " "serial number and adjusted validity values." msgstr "" "Créer un nouveau certificat conforme à l'ancien, mais avec un nouveau numéro " "de série et les limites de validité ajustées." #: ../ui/CertExtend.ui:100 msgctxt "CertExtend|" msgid "Validity" msgstr "Validité" #: ../ui/CertExtend.ui:111 msgctxt "CertExtend|" msgid "Not before" msgstr "Pas avant" #: ../ui/CertExtend.ui:118 msgctxt "CertExtend|" msgid "Not after" msgstr "Pas après" #: ../ui/CertExtend.ui:144 msgctxt "CertExtend|" msgid "Time range" msgstr "Intervalle de temps" #: ../ui/CertExtend.ui:150 msgctxt "CertExtend|" msgid "Local time" msgstr "Heure locale" #: ../ui/CertExtend.ui:158 msgctxt "CertExtend|" msgid "Days" msgstr "Jours" #: ../ui/CertExtend.ui:163 msgctxt "CertExtend|" msgid "Months" msgstr "Mois" #: ../ui/CertExtend.ui:168 msgctxt "CertExtend|" msgid "Years" msgstr "Années" #: ../ui/CertExtend.ui:176 msgctxt "CertExtend|" msgid "No well-defined expiration" msgstr "Pas de date d'expiration précise" #: ../ui/CertExtend.ui:183 msgctxt "CertExtend|" msgid "Midnight" msgstr "Minuit" #: ../ui/CertExtend.ui:190 msgctxt "CertExtend|" msgid "Apply" msgstr "Appliquer" #: ../ui/CertExtend.ui:216 msgctxt "CertExtend|" msgid "Revoke old certificate" msgstr "Révoquer l'ancien certificat" #: ../ui/CertExtend.ui:226 msgctxt "CertExtend|" msgid "Keep serial number" msgstr "Conserver le numéro de série" #: ../widgets/CertExtend.cpp:43 msgctxt "CertExtend|" msgid "" "The certificate will be earlier valid than the signer. This is probably not " "what you want." msgstr "" "Le certificat serait valide avant son signataire. Ce n'est probablement pas " "ce qui est désiré." #: ../widgets/CertExtend.cpp:45 ../widgets/CertExtend.cpp:67 msgctxt "CertExtend|" msgid "Edit dates" msgstr "Modifier les limites de validité" #: ../widgets/CertExtend.cpp:46 ../widgets/CertExtend.cpp:68 msgctxt "CertExtend|" msgid "Abort rollout" msgstr "Interrompre le déploiement" #: ../widgets/CertExtend.cpp:47 ../widgets/CertExtend.cpp:69 msgctxt "CertExtend|" msgid "Continue rollout" msgstr "Continuer le déploiement" #: ../widgets/CertExtend.cpp:48 ../widgets/CertExtend.cpp:70 msgctxt "CertExtend|" msgid "Adjust date and continue" msgstr "Ajuster la date et continuer" #: ../widgets/CertExtend.cpp:65 msgctxt "CertExtend|" msgid "" "The certificate will be longer valid than the signer. This is probably not " "what you want." msgstr "" "Le certificat serait valide plus longtemps que son signataire. Ce n'est " "probablement pas ce qui est désiré." #: ../widgets/CertTreeView.cpp:30 msgctxt "CertTreeView|" msgid "Import PKCS#12" msgstr "Importer en PKCS#12" #: ../widgets/CertTreeView.cpp:31 msgctxt "CertTreeView|" msgid "Import from PKCS#7" msgstr "Importer en PKCS#7" #: ../widgets/CertTreeView.cpp:60 msgctxt "CertTreeView|" msgid "Request" msgstr "Requête" #: ../widgets/CertTreeView.cpp:62 msgctxt "CertTreeView|" msgid "Security token" msgstr "Jeton de sécurité" #: ../widgets/CertTreeView.cpp:64 msgctxt "CertTreeView|" msgid "Other token" msgstr "Autre jeton" #: ../widgets/CertTreeView.cpp:68 msgctxt "CertTreeView|" msgid "Similar Certificate" msgstr "Certificat similaire" #: ../widgets/CertTreeView.cpp:71 msgctxt "CertTreeView|" msgid "Delete from Security token" msgstr "Détruire sur le jeton de sécurité" #: ../widgets/CertTreeView.cpp:74 msgctxt "CertTreeView|" msgid "CA" msgstr "CA" #: ../widgets/CertTreeView.cpp:75 msgctxt "CertTreeView|" msgid "Properties" msgstr "Propriétés" #: ../widgets/CertTreeView.cpp:76 msgctxt "CertTreeView|" msgid "Generate CRL" msgstr "Générer la liste de révocation" #: ../widgets/CertTreeView.cpp:77 msgctxt "CertTreeView|" msgid "Manage revocations" msgstr "Gérer les révocations" #: ../widgets/CertTreeView.cpp:82 ../widgets/CertTreeView.cpp:85 msgctxt "CertTreeView|" msgid "Renewal" msgstr "Renouvellement" #: ../widgets/CertTreeView.cpp:87 msgctxt "CertTreeView|" msgid "Revoke" msgstr "Révoquer" #: ../widgets/CertTreeView.cpp:89 msgctxt "CertTreeView|" msgid "Unrevoke" msgstr "Dé-révoquer" #: ../widgets/CertTreeView.cpp:157 msgctxt "CertTreeView|" msgid "Plain View" msgstr "Vue à plat" #: ../widgets/CertTreeView.cpp:157 msgctxt "CertTreeView|" msgid "Tree View" msgstr "Vue arborescente" #: ../widgets/clicklabel.cpp:37 msgctxt "ClickLabel|" msgid "Double click for details" msgstr "Double-cliquer pour afficher les détails" #: ../ui/CrlDetail.ui:30 msgctxt "CrlDetail|" msgid "Details of the Revocation list" msgstr "Détails de la liste de révocation" #: ../ui/CrlDetail.ui:78 msgctxt "CrlDetail|" msgid "&Status" msgstr "&Etat" #: ../ui/CrlDetail.ui:144 msgctxt "CrlDetail|" msgid "Version" msgstr "Version" #: ../ui/CrlDetail.ui:163 msgctxt "CrlDetail|" msgid "Signature" msgstr "Signature" #: ../ui/CrlDetail.ui:170 msgctxt "CrlDetail|" msgid "Signed by" msgstr "Signée par" #: ../ui/CrlDetail.ui:177 msgctxt "CrlDetail|" msgid "Name" msgstr "Nom" #: ../ui/CrlDetail.ui:184 msgctxt "CrlDetail|" msgid "The internal name of the CRL in the database" msgstr "Le nom interne de la liste de révocation dans la base de données" #: ../ui/CrlDetail.ui:197 msgctxt "CrlDetail|" msgid "issuing dates" msgstr "dates d'émission" #: ../ui/CrlDetail.ui:215 msgctxt "CrlDetail|" msgid "Next update" msgstr "Prochaine mise-à-jour" #: ../ui/CrlDetail.ui:222 msgctxt "CrlDetail|" msgid "Last update" msgstr "Dernière mise-à-jour" #: ../ui/CrlDetail.ui:255 msgctxt "CrlDetail|" msgid "&Issuer" msgstr "&Emetteur" #: ../ui/CrlDetail.ui:277 msgctxt "CrlDetail|" msgid "&Extensions" msgstr "&Extensions" #: ../ui/CrlDetail.ui:306 msgctxt "CrlDetail|" msgid "&Revocation list" msgstr "Liste de &révocation" #: ../ui/CrlDetail.ui:340 msgctxt "CrlDetail|" msgid "Comment" msgstr "Commentaire" #: ../widgets/CrlDetail.cpp:52 msgctxt "CrlDetail|" msgid "Failed" msgstr "Echoué" #: ../widgets/CrlDetail.cpp:57 msgctxt "CrlDetail|" msgid "Unknown signer" msgstr "Signataire inconnu" #: ../widgets/CrlDetail.cpp:60 msgctxt "CrlDetail|" msgid "Verification not possible" msgstr "Vérification impossible" #: ../widgets/CrlTreeView.cpp:37 msgctxt "CrlTreeView|" msgid "There are no CA certificates for CRL generation" msgstr "Il n'y a pas de certificat CA pour la génération de la CRL" #: ../widgets/CrlTreeView.cpp:45 msgctxt "CrlTreeView|" msgid "Select CA certificate" msgstr "Sélectionner un certificat d'autorité" #: ../ui/ExportDialog.ui:79 msgctxt "ExportDialog|" msgid "Name" msgstr "Nom" #: ../ui/ExportDialog.ui:86 msgctxt "ExportDialog|" msgid "The internal name of the CRL in the database" msgstr "Le nom interne de la liste de révocation dans la base de données" #: ../ui/ExportDialog.ui:115 msgctxt "ExportDialog|" msgid "..." msgstr "..." #: ../ui/ExportDialog.ui:99 msgctxt "ExportDialog|" msgid "Filename" msgstr "Nom du fichier" #: ../ui/ExportDialog.ui:151 msgctxt "ExportDialog|" msgid "Export comment into PEM file" msgstr "Exporter le commentaire dans le fichier PEM" #: ../ui/ExportDialog.ui:171 msgctxt "ExportDialog|" msgid "Export Format" msgstr "Format d'exportation" #: ../widgets/ExportDialog.cpp:41 msgctxt "ExportDialog|" msgid "All files ( * )" msgstr "Tous les fichiers ( * )" #: ../widgets/ExportDialog.cpp:56 msgctxt "ExportDialog|" msgid "PEM Text format with headers" msgstr "Format textuel PEM avec des en-têtes" #: ../widgets/ExportDialog.cpp:58 msgctxt "ExportDialog|" msgid "Concatenated list of all selected items in one PEM text file" msgstr "" "Concaténation de tous les éléments sélectionnés dans un seul fichier texte " "en format PEM" #: ../widgets/ExportDialog.cpp:59 msgctxt "ExportDialog|" msgid "" "Concatenated text format of the complete certificate chain in one PEM file" msgstr "" "Fichier PEM contenant la concaténation de tous les certificats de la chaîne" #: ../widgets/ExportDialog.cpp:63 msgctxt "ExportDialog|" msgid "Concatenated text format of all certificates in one PEM file" msgstr "Fichier PEM contenant la concaténation de tous les certificats" #: ../widgets/ExportDialog.cpp:64 msgctxt "ExportDialog|" msgid "Binary DER encoded file" msgstr "Fichier binaire en format DER" #: ../widgets/ExportDialog.cpp:65 msgctxt "ExportDialog|" msgid "PKCS#7 encoded single certificate" msgstr "Un seul certificat en format PKCS#7" #: ../widgets/ExportDialog.cpp:67 msgctxt "ExportDialog|" msgid "PKCS#7 encoded complete certificate chain" msgstr "" "La chaîne complète de certificats en format PKCS#7 dans un seul fichier" #: ../widgets/ExportDialog.cpp:61 msgctxt "ExportDialog|" msgid "Concatenated text format of all unrevoked certificates in one PEM file" msgstr "" "Fichier PEM contenant la concaténation de tous les certificats non-révoqués" #: ../widgets/ExportDialog.cpp:69 msgctxt "ExportDialog|" msgid "All unrevoked certificates encoded in one PKCS#7 file" msgstr "" "Tous les certificats non-révoqués dans un seul fichier en format PKCS#7" #: ../widgets/ExportDialog.cpp:71 msgctxt "ExportDialog|" msgid "All selected certificates encoded in one PKCS#7 file" msgstr "" "Tous les certificats sélectionnés dans un seul fichier en format PKCS#7" #: ../widgets/ExportDialog.cpp:73 msgctxt "ExportDialog|" msgid "All certificates encoded in one PKCS#7 file" msgstr "Tous les certificats dans un seul fichier en format PKCS#7" #: ../widgets/ExportDialog.cpp:75 msgctxt "ExportDialog|" msgid "The certificate and the private key as encrypted PKCS#12 file" msgstr "Le certificat et sa clé privée dans un fichier en format PKCS#12" #: ../widgets/ExportDialog.cpp:76 msgctxt "ExportDialog|" msgid "" "The complete certificate chain and the private key as encrypted PKCS#12 file" msgstr "" "La chaîne complète des certificats et la clé privée en un seul fichier " "chiffré en format PKCS#12" #: ../widgets/ExportDialog.cpp:77 msgctxt "ExportDialog|" msgid "" "Concatenation of the certificate and the unencrypted private key in one PEM " "file" msgstr "" "La concaténation du certificat et de sa clé privée non-chiffrée dans un seul " "fichier PEM" #: ../widgets/ExportDialog.cpp:78 msgctxt "ExportDialog|" msgid "" "Concatenation of the certificate and the encrypted private key in PKCS#8 " "format in one file" msgstr "" "La concaténation du certificat et de sa clé privée chiffrée en format PKCS#8 " "dans un seul fichier" #: ../widgets/ExportDialog.cpp:79 msgctxt "ExportDialog|" msgid "Text format of the public key in one PEM file" msgstr "Formattage textuel de la clé publique dans un fichier PEM" #: ../widgets/ExportDialog.cpp:80 msgctxt "ExportDialog|" msgid "Binary DER format of the public key" msgstr "Format binaire DER de la clé publique" #: ../widgets/ExportDialog.cpp:82 msgctxt "ExportDialog|" msgid "Unencrypted private key in text format" msgstr "Clé privée non-chiffrée en format texte" #: ../widgets/ExportDialog.cpp:84 msgctxt "ExportDialog|" msgid "OpenSSL specific encrypted private key in text format" msgstr "Clé privée chiffrée spécifiquement par OpenSSL en format texte" #: ../widgets/ExportDialog.cpp:86 msgctxt "ExportDialog|" msgid "Unencrypted private key in binary DER format" msgstr "Clé privée non-chiffrée en format binaire DER" #: ../widgets/ExportDialog.cpp:88 msgctxt "ExportDialog|" msgid "Unencrypted private key in PKCS#8 text format" msgstr "Clé privée non-chiffrée en format texte PKCS#8" #: ../widgets/ExportDialog.cpp:90 msgctxt "ExportDialog|" msgid "Encrypted private key in PKCS#8 text format" msgstr "Clé privée chiffrée en format texte PKCS#8" #: ../widgets/ExportDialog.cpp:91 msgctxt "ExportDialog|" msgid "The public key encoded in SSH2 format" msgstr "La clé publique en format SSH2" #: ../widgets/ExportDialog.cpp:92 msgctxt "ExportDialog|" msgid "" "OpenSSL specific Certificate Index file as created by the 'ca' command and " "required by the OCSP tool" msgstr "" "Fichier d'index des certificats spécifique à OpenSSL, tel que créé par la " "commande 'ca' et nécessaire à l'outil OCSP" #: ../widgets/ExportDialog.cpp:93 msgctxt "ExportDialog|" msgid "vCalendar expiry reminder for the selected items" msgstr "message vCalendar de rappel d'expiration des éléments sélectionnés" #: ../widgets/ExportDialog.cpp:94 msgctxt "ExportDialog|" msgid "" "vCalendar expiry reminder containing all issued, valid certificates, the CA " "itself and the latest CRL" msgstr "" "message vCalendar de rappel d'expiration contenant tous les certificats " "valides émis, le CA lui-même et la liste de révocation la plus récente" #: ../widgets/ExportDialog.cpp:95 msgctxt "ExportDialog|" msgid "Private key in Microsoft PVK format not encrypted" msgstr "La clé privée en format Microsoft PVK n'est pas chiffrée" #: ../widgets/ExportDialog.cpp:96 msgctxt "ExportDialog|" msgid "Encrypted private key in Microsoft PVK format" msgstr "Clé privée chiffrée en format Microsoft PVK" #: ../widgets/ExportDialog.cpp:133 #, qt-format msgctxt "ExportDialog|" msgid "The file: '%1' already exists!" msgstr "Le fichier '%1' existe déjà!" #: ../widgets/ExportDialog.cpp:134 msgctxt "ExportDialog|" msgid "Overwrite" msgstr "Ecraser" #: ../widgets/ExportDialog.cpp:135 msgctxt "ExportDialog|" msgid "Do not overwrite" msgstr "Ne pas écraser" #: ../ui/Help.ui:36 msgctxt "Help|" msgid "<<" msgstr "<<" #: ../ui/Help.ui:46 msgctxt "Help|" msgid ">>" msgstr "<<" #: ../ui/Help.ui:72 msgctxt "Help|" msgid "&Done" msgstr "&OK" #: ../ui/ImportMulti.ui:36 msgctxt "ImportMulti|" msgid "Import PKI Items" msgstr "Importer des objets PKI" #: ../ui/ImportMulti.ui:94 msgctxt "ImportMulti|" msgid "Import &All" msgstr "Importer &tout" #: ../ui/ImportMulti.ui:101 msgctxt "ImportMulti|" msgid "&Import" msgstr "&Importer" #: ../ui/ImportMulti.ui:108 msgctxt "ImportMulti|" msgid "&Done" msgstr "&OK" #: ../ui/ImportMulti.ui:115 msgctxt "ImportMulti|" msgid "&Remove from list" msgstr "&Retirer de la liste" #: ../ui/ImportMulti.ui:122 msgctxt "ImportMulti|" msgid "Details" msgstr "Détails" #: ../ui/ImportMulti.ui:129 msgctxt "ImportMulti|" msgid "Delete from token" msgstr "Enlever du jeton" #: ../ui/ImportMulti.ui:136 msgctxt "ImportMulti|" msgid "Rename on token" msgstr "Renommer dans le jeton" #: ../widgets/ImportMulti.cpp:64 #, qt-format msgctxt "ImportMulti|" msgid "" "\n" "Name: %1\n" "Model: %2\n" "Serial: %3" msgstr "" "\n" "Nom: %1\n" "Modèle: %2\n" "Numéro de série: %3" #: ../widgets/ImportMulti.cpp:69 msgctxt "ImportMulti|" msgid "Manage security token" msgstr "Gérer les jetons de sécurité" #: ../widgets/ImportMulti.cpp:281 #, qt-format msgctxt "ImportMulti|" msgid "Details of the item '%1' cannot be shown" msgstr "Les détails de l'objet '%1' ne peuvent pas être affichés" #: ../widgets/ImportMulti.cpp:103 ../widgets/ImportMulti.cpp:285 #, qt-format msgctxt "ImportMulti|" msgid "The type of the item '%1' is not recognized" msgstr "Le type de l'objet '%1' n'est pas reconnu" #: ../widgets/ImportMulti.cpp:313 #, qt-format msgctxt "ImportMulti|" msgid "The file '%1' did not contain PKI data" msgstr "Le fichier '%1' ne contient pas de données PKI" #: ../widgets/ImportMulti.cpp:316 #, qt-format msgctxt "ImportMulti|" msgid "The %1 files: '%2' did not contain PKI data" msgstr "Les %1 fichiers: '%2' ne contiennent pas de données PKI" #: ../ui/ItemProperties.ui:22 msgctxt "ItemProperties|" msgid "Name" msgstr "Nom" #: ../ui/ItemProperties.ui:32 msgctxt "ItemProperties|" msgid "Source" msgstr "Source" #: ../ui/ItemProperties.ui:42 msgctxt "ItemProperties|" msgid "Insertion date" msgstr "Date d'insertion" #: ../ui/ItemProperties.ui:54 msgctxt "ItemProperties|" msgid "Comment" msgstr "Commentaire" #: ../ui/KeyDetail.ui:82 msgctxt "KeyDetail|" msgid "Name" msgstr "Nom" #: ../ui/KeyDetail.ui:89 msgctxt "KeyDetail|" msgid "The internal name of the key used by xca" msgstr "Le nom interne de la clé utilisé par xca" #: ../widgets/KeyDetail.cpp:106 msgctxt "KeyDetail|" msgid "Security token" msgstr "Jeton de sécurité" #: ../ui/KeyDetail.ui:286 msgctxt "KeyDetail|" msgid "Manufacturer" msgstr "Fabricant" #: ../ui/KeyDetail.ui:296 msgctxt "KeyDetail|" msgid "Serial" msgstr "Numéro de série" #: ../ui/KeyDetail.ui:102 ../ui/KeyDetail.ui:182 msgctxt "KeyDetail|" msgid "Key" msgstr "Clé" #: ../ui/KeyDetail.ui:110 msgctxt "KeyDetail|" msgid "Public Exponent" msgstr "Exposant public" #: ../ui/KeyDetail.ui:136 msgctxt "KeyDetail|" msgid "Keysize" msgstr "Taille de la clé" #: ../ui/KeyDetail.ui:163 msgctxt "KeyDetail|" msgid "Private Exponent" msgstr "Exposant privé" #: ../ui/KeyDetail.ui:214 msgctxt "KeyDetail|" msgid "Security Token" msgstr "Jeton de sécurité" #: ../ui/KeyDetail.ui:235 ../ui/KeyDetail.ui:306 msgctxt "KeyDetail|" msgid "Label" msgstr "Etiquette" #: ../ui/KeyDetail.ui:245 msgctxt "KeyDetail|" msgid "PKCS#11 ID" msgstr "ID PKCS#11" #: ../ui/KeyDetail.ui:270 msgctxt "KeyDetail|" msgid "Token information" msgstr "Information du jeton" #: ../ui/KeyDetail.ui:276 msgctxt "KeyDetail|" msgid "Model" msgstr "Modèle" #: ../ui/KeyDetail.ui:324 msgctxt "KeyDetail|" msgid "Fingerprint" msgstr "Empreinte" #: ../ui/KeyDetail.ui:329 msgctxt "KeyDetail|" msgid "Comment" msgstr "Commentaire" #: ../widgets/KeyDetail.cpp:89 #, qt-format msgctxt "KeyDetail|" msgid "Details of the %1 key" msgstr "Détails de la clé %1" #: ../widgets/KeyDetail.cpp:95 msgctxt "KeyDetail|" msgid "Not available" msgstr "Non disponible" #: ../widgets/KeyDetail.cpp:108 msgctxt "KeyDetail|" msgid "Available" msgstr "Disponible" #: ../widgets/KeyDetail.cpp:117 msgctxt "KeyDetail|" msgid "Sub prime" msgstr "Sous-premier" #: ../widgets/KeyDetail.cpp:118 ../widgets/KeyDetail.cpp:127 #: ../widgets/KeyDetail.cpp:139 msgctxt "KeyDetail|" msgid "Public key" msgstr "Clé publique" #: ../widgets/KeyDetail.cpp:119 ../widgets/KeyDetail.cpp:128 #: ../widgets/KeyDetail.cpp:140 msgctxt "KeyDetail|" msgid "Private key" msgstr "Clé privée" #: ../widgets/KeyDetail.cpp:129 ../widgets/KeyDetail.cpp:141 msgctxt "KeyDetail|" msgid "Curve name" msgstr "Nom de la courbe" #: ../widgets/KeyDetail.cpp:148 msgctxt "KeyDetail|" msgid "Unknown key" msgstr "Clé inconnue" #: ../widgets/KeyTreeView.cpp:30 msgctxt "KeyTreeView|" msgid "Change password" msgstr "Changer le mot de passe" #: ../widgets/KeyTreeView.cpp:34 msgctxt "KeyTreeView|" msgid "Reset password" msgstr "Effacer le mot de passe" #: ../widgets/KeyTreeView.cpp:46 msgctxt "KeyTreeView|" msgid "Change PIN" msgstr "Changer le NIP" #: ../widgets/KeyTreeView.cpp:48 msgctxt "KeyTreeView|" msgid "Init PIN with SO PIN (PUK)" msgstr "Initialiser le NIP avec le PUK" #: ../widgets/KeyTreeView.cpp:50 msgctxt "KeyTreeView|" msgid "Change SO PIN (PUK)" msgstr "Changer le PUK" #: ../widgets/KeyTreeView.cpp:53 msgctxt "KeyTreeView|" msgid "Security token" msgstr "Jeton de sécurité" #: ../widgets/KeyTreeView.cpp:90 ../widgets/KeyTreeView.cpp:108 #: ../widgets/KeyTreeView.cpp:126 msgctxt "KeyTreeView|" msgid "This is not a token" msgstr "Ce n'est pas un jeton" #: ../widgets/KeyTreeView.cpp:155 #, qt-format msgctxt "KeyTreeView|" msgid "" "Shall the original key '%1' be replaced by the key on the token?\n" "This will delete the key '%1' and make it unexportable" msgstr "" "La clé originale '%1' doit-elle être remplacée par la clé en provenance du " "jeton ?\n" "Cela détruirait la clé '%1' et la rendrait non-exportable." #: ../ui/MainWindow.ui:22 msgctxt "MainWindow|" msgid "Private Keys" msgstr "Clés privées" #: ../ui/MainWindow.ui:49 msgctxt "MainWindow|" msgid "&New Key" msgstr "&Nouvelle clé" #: ../ui/MainWindow.ui:56 ../ui/MainWindow.ui:161 ../ui/MainWindow.ui:253 #: ../ui/MainWindow.ui:391 ../ui/MainWindow.ui:456 msgctxt "MainWindow|" msgid "&Export" msgstr "&Exporter" #: ../ui/MainWindow.ui:63 ../ui/MainWindow.ui:168 ../ui/MainWindow.ui:260 #: ../ui/MainWindow.ui:384 ../ui/MainWindow.ui:463 msgctxt "MainWindow|" msgid "&Import" msgstr "&Importer" #: ../ui/MainWindow.ui:70 msgctxt "MainWindow|" msgid "Import PFX (PKCS#12)" msgstr "Importer en PFX (PKCS#12)" #: ../ui/MainWindow.ui:77 ../ui/MainWindow.ui:175 ../ui/MainWindow.ui:267 #: ../ui/MainWindow.ui:470 msgctxt "MainWindow|" msgid "&Show Details" msgstr "&Afficher les Détails" #: ../ui/MainWindow.ui:84 ../ui/MainWindow.ui:182 ../ui/MainWindow.ui:274 #: ../ui/MainWindow.ui:377 ../ui/MainWindow.ui:477 msgctxt "MainWindow|" msgid "&Delete" msgstr "&Détruire" #: ../ui/MainWindow.ui:124 msgctxt "MainWindow|" msgid "Certificate signing requests" msgstr "Requêtes de signature de certificat" #: ../ui/MainWindow.ui:154 msgctxt "MainWindow|" msgid "&New Request" msgstr "&Nouvelle requête" #: ../ui/MainWindow.ui:222 ../widgets/MW_menu.cpp:132 msgctxt "MainWindow|" msgid "Certificates" msgstr "Certificats" #: ../ui/MainWindow.ui:246 msgctxt "MainWindow|" msgid "&New Certificate" msgstr "&Nouveau Certificat" #: ../ui/MainWindow.ui:281 msgctxt "MainWindow|" msgid "Import &PKCS#12" msgstr "Importer en &PKCS#12" #: ../ui/MainWindow.ui:288 msgctxt "MainWindow|" msgid "Import P&KCS#7" msgstr "Importer en P&KCS#7" #: ../ui/MainWindow.ui:295 msgctxt "MainWindow|" msgid "Plain View" msgstr "Vue à plat" #: ../ui/MainWindow.ui:335 msgctxt "MainWindow|" msgid "Templates" msgstr "Modèles" #: ../ui/MainWindow.ui:363 msgctxt "MainWindow|" msgid "&New Template" msgstr "&Nouveau modèle" #: ../ui/MainWindow.ui:449 msgctxt "MainWindow|" msgid "&New CRL" msgstr "&Nouvelle liste de révocation" #: ../ui/MainWindow.ui:370 msgctxt "MainWindow|" msgid "Ch&ange Template" msgstr "&Modifier le Modèle" #: ../ui/MainWindow.ui:431 msgctxt "MainWindow|" msgid "Revocation lists" msgstr "Listes de révocation" #: ../widgets/MainWindow.cpp:584 msgctxt "MainWindow|" msgid "" "Using or exporting private keys will not be possible without providing the " "correct password" msgstr "" "Il sera impossible d'utiliser ou d'exporter des clés privées sans fournir le " "mot de passe correct." #: ../widgets/MainWindow.cpp:579 ../widgets/MainWindow.cpp:729 msgctxt "MainWindow|" msgid "Database" msgstr "Base de données" #: ../widgets/MainWindow.cpp:590 #, qt-format msgctxt "MainWindow|" msgid "" "The currently used default hash '%1' is insecure. Please select at least " "'SHA 224' for security reasons." msgstr "" "L'algorithme de hachage '%1' sélectionné n'est pas sûr. SVP choisissez au " "moins 'SHA 224' pour raisons de sécurité." #: ../widgets/MW_menu.cpp:83 msgctxt "MainWindow|" msgid "Recent DataBases" msgstr "Bases de données utilisées recemment" #: ../widgets/MW_help.cpp:25 ../widgets/MW_menu.cpp:39 msgctxt "MainWindow|" msgid "System" msgstr "Système" #: ../widgets/MW_help.cpp:28 msgctxt "MainWindow|" msgid "Croatian" msgstr "Croate" #: ../widgets/MW_help.cpp:31 msgctxt "MainWindow|" msgid "English" msgstr "Anglais" #: ../widgets/MW_help.cpp:32 msgctxt "MainWindow|" msgid "French" msgstr "Français" #: ../widgets/MW_help.cpp:34 msgctxt "MainWindow|" msgid "German" msgstr "Allemand" #: ../widgets/MW_help.cpp:38 msgctxt "MainWindow|" msgid "Japanese" msgstr "Japonais" #: ../widgets/MW_help.cpp:44 msgctxt "MainWindow|" msgid "Russian" msgstr "Russe" #: ../widgets/MW_help.cpp:45 msgctxt "MainWindow|" msgid "Slovak" msgstr "Slovaque" #: ../widgets/MW_help.cpp:47 msgctxt "MainWindow|" msgid "Spanish" msgstr "Espagnol" #: ../widgets/MW_help.cpp:40 msgctxt "MainWindow|" msgid "Polish" msgstr "Polonais" #: ../widgets/MW_help.cpp:36 msgctxt "MainWindow|" msgid "Italian" msgstr "Italien" #: ../widgets/MW_help.cpp:26 msgctxt "MainWindow|" msgid "Chinese" msgstr "Chinois" #: ../widgets/MW_help.cpp:30 msgctxt "MainWindow|" msgid "Dutch" msgstr "Néerlandais" #: ../widgets/MW_help.cpp:42 msgctxt "MainWindow|" msgid "Portuguese in Brazil" msgstr "Portugais du Brésil" #: ../widgets/MW_help.cpp:49 msgctxt "MainWindow|" msgid "Turkish" msgstr "Turc" #: ../widgets/MW_menu.cpp:89 msgctxt "MainWindow|" msgid "Language" msgstr "Langue" #: ../widgets/MW_menu.cpp:98 msgctxt "MainWindow|" msgid "&File" msgstr "&Fichier" #: ../widgets/MW_menu.cpp:105 msgctxt "MainWindow|" msgid "Open Remote DataBase" msgstr "Ouvrir une base de données externe" #: ../widgets/MW_menu.cpp:109 msgctxt "MainWindow|" msgid "Set as default DataBase" msgstr "Définir comme base de données par défaut" #: ../widgets/MW_menu.cpp:99 msgctxt "MainWindow|" msgid "New DataBase" msgstr "Nouvelle base de données" #: ../widgets/MW_menu.cpp:102 msgctxt "MainWindow|" msgid "Open DataBase" msgstr "Ouvrir une base de données" #: ../widgets/MW_menu.cpp:111 msgctxt "MainWindow|" msgid "Close DataBase" msgstr "Fermer la base de données" #: ../widgets/MW_menu.cpp:114 msgctxt "MainWindow|" msgid "Options" msgstr "Options" #: ../widgets/MW_menu.cpp:122 msgctxt "MainWindow|" msgid "Exit" msgstr "Quitter" #: ../widgets/MW_menu.cpp:129 msgctxt "MainWindow|" msgid "I&mport" msgstr "I&mporter" #: ../widgets/MW_menu.cpp:130 msgctxt "MainWindow|" msgid "Keys" msgstr "Clés" #: ../widgets/MW_menu.cpp:131 msgctxt "MainWindow|" msgid "Requests" msgstr "Requêtes" #: ../widgets/MW_menu.cpp:133 msgctxt "MainWindow|" msgid "PKCS#12" msgstr "PKCS#12" #: ../widgets/MW_menu.cpp:134 msgctxt "MainWindow|" msgid "PKCS#7" msgstr "PKCS#7" #: ../widgets/MW_menu.cpp:135 msgctxt "MainWindow|" msgid "Template" msgstr "Modèle" #: ../widgets/MW_menu.cpp:136 msgctxt "MainWindow|" msgid "Revocation list" msgstr "Liste de révocation" #: ../widgets/MW_menu.cpp:137 msgctxt "MainWindow|" msgid "PEM file" msgstr "Fichier PEM" #: ../widgets/MW_menu.cpp:138 msgctxt "MainWindow|" msgid "Paste PEM file" msgstr "Coller un fichier PEM" #: ../widgets/MW_menu.cpp:141 msgctxt "MainWindow|" msgid "Token" msgstr "Jeton" #: ../widgets/MW_menu.cpp:158 msgctxt "MainWindow|" msgid "Export Certificate &Index hierarchy" msgstr "Exporter la hiérarchie de l'index des certificats" #: ../widgets/MW_menu.cpp:171 msgctxt "MainWindow|" msgid "Content" msgstr "Contenu" #: ../widgets/MW_menu.cpp:142 msgctxt "MainWindow|" msgid "&Manage Security token" msgstr "&Gérer le jeton de sécurité" #: ../widgets/MW_menu.cpp:144 msgctxt "MainWindow|" msgid "&Init Security token" msgstr "&Initialiser le jeton de sécurité" #: ../widgets/MW_menu.cpp:146 msgctxt "MainWindow|" msgid "&Change PIN" msgstr "&Changer le NIP" #: ../widgets/MW_menu.cpp:148 msgctxt "MainWindow|" msgid "Change &SO PIN" msgstr "Changer le P&UK" #: ../widgets/MW_menu.cpp:150 msgctxt "MainWindow|" msgid "Init PIN" msgstr "Initialiser le NIP" #: ../widgets/MW_menu.cpp:153 msgctxt "MainWindow|" msgid "Extra" msgstr "Extra" #: ../widgets/MW_menu.cpp:154 msgctxt "MainWindow|" msgid "&Dump DataBase" msgstr "C&licher la base de données" #: ../widgets/MW_menu.cpp:156 msgctxt "MainWindow|" msgid "&Export Certificate Index" msgstr "Exporter l'index des certificats" #: ../widgets/MW_menu.cpp:160 msgctxt "MainWindow|" msgid "C&hange DataBase password" msgstr "C&hanger le mot de passe de la base de données" #: ../widgets/MW_menu.cpp:163 msgctxt "MainWindow|" msgid "&Undelete items" msgstr "&Récupérer des objets détruits" #: ../widgets/MW_menu.cpp:166 msgctxt "MainWindow|" msgid "Generate DH parameter" msgstr "Générer le paramètre DH" #: ../widgets/MW_menu.cpp:168 msgctxt "MainWindow|" msgid "OID Resolver" msgstr "Convertisseur d'OID" #: ../widgets/MW_menu.cpp:170 msgctxt "MainWindow|" msgid "&Help" msgstr "&Aide" #: ../widgets/MW_menu.cpp:173 msgctxt "MainWindow|" msgid "About" msgstr "A propos" #: ../widgets/MainWindow.cpp:254 msgctxt "MainWindow|" msgid "Import PEM data" msgstr "Importer les données PEM" #: ../widgets/MainWindow.cpp:283 #, qt-format msgctxt "MainWindow|" msgid "Please enter the original SO PIN (PUK) of the token '%1'" msgstr "SVP saisir le PUK original du jeton '%1'" #: ../widgets/MainWindow.cpp:118 ../widgets/MainWindow.cpp:731 msgctxt "MainWindow|" msgid "Search" msgstr "Rechercher" #: ../widgets/MainWindow.cpp:289 #, qt-format msgctxt "MainWindow|" msgid "Please enter the new SO PIN (PUK) for the token '%1'" msgstr "SVP saisir le nouveau NIP SO (PUK) pour le jeton: '%1'" #: ../widgets/MainWindow.cpp:296 #, qt-format msgctxt "MainWindow|" msgid "The new label of the token '%1'" msgstr "La nouvelle étiquette du jeton '%1'" #: ../widgets/MainWindow.cpp:404 #, qt-format msgctxt "MainWindow|" msgid "The token '%1' did not contain any keys or certificates" msgstr "Le jeton '%1' ne contient aucune clé ni aucun certificat" #: ../widgets/MainWindow.cpp:450 msgctxt "MainWindow|" msgid "Current Password" msgstr "Mot de passe actuel" #: ../widgets/MainWindow.cpp:451 msgctxt "MainWindow|" msgid "Please enter the current database password" msgstr "SVP saisir le mot de passe de la base de données" #: ../widgets/MainWindow.cpp:461 msgctxt "MainWindow|" msgid "The entered password is wrong" msgstr "Le mot de passe renseigné est inexact" #: ../widgets/MainWindow.cpp:466 msgctxt "MainWindow|" msgid "New Password" msgstr "Nouveau mot de passe" #: ../widgets/MainWindow.cpp:466 msgctxt "MainWindow|" msgid "" "Please enter the new password to encrypt your private keys in the database-" "file" msgstr "" "SVP saisir le nouveau mot de passe pour chiffrer les clés privées dans le " "fichier de base de données" #: ../widgets/MainWindow.cpp:490 msgctxt "MainWindow|" msgid "Transaction start failed" msgstr "Le démarrage de la transaction a échoué" #: ../widgets/MainWindow.cpp:648 msgctxt "MainWindow|" msgid "Certificate Index ( index.txt )" msgstr "Index des certificats ( index.txt )" #: ../widgets/MainWindow.cpp:649 ../widgets/MainWindow.cpp:704 msgctxt "MainWindow|" msgid "All files ( * )" msgstr "Tous les fichiers ( * )" #: ../widgets/MainWindow.cpp:673 #, qt-format msgctxt "MainWindow|" msgid "Diffie-Hellman parameters saved as: %1" msgstr "Les paramètres Diffie-Hellman on été sauvegardés dans: %1" #: ../widgets/MainWindow.cpp:689 msgctxt "MainWindow|" msgid "" "Diffie-Hellman parameters are needed for different applications, but not " "handled by XCA.\n" "Please enter the DH parameter bits" msgstr "" "Les paramètres de Diffie-Hellman sont nécessaires à certaines applications " "mais ne sont pas gérés par XCA.\n" "Saisir le nombre de bits du paramètre de Diffie-Hellman SVP" #: ../ui/NewCrl.ui:32 msgctxt "NewCrl|" msgid "Last update" msgstr "Dernière mise-à-jour" #: ../ui/NewCrl.ui:46 msgctxt "NewCrl|" msgid "Next update" msgstr "Prochaine mise-à-jour" #: ../ui/NewCrl.ui:70 msgctxt "NewCrl|" msgid "Days" msgstr "Jours" #: ../ui/NewCrl.ui:75 msgctxt "NewCrl|" msgid "Months" msgstr "Mois" #: ../ui/NewCrl.ui:80 msgctxt "NewCrl|" msgid "Years" msgstr "Années" #: ../ui/NewCrl.ui:88 msgctxt "NewCrl|" msgid "Midnight" msgstr "Minuit" #: ../ui/NewCrl.ui:95 msgctxt "NewCrl|" msgid "Local time" msgstr "Heure locale" #: ../ui/NewCrl.ui:102 msgctxt "NewCrl|" msgid "Apply" msgstr "Appliquer" #: ../ui/NewCrl.ui:128 msgctxt "NewCrl|" msgid "Options" msgstr "Options" #: ../ui/NewCrl.ui:172 msgctxt "NewCrl|" msgid "CRL number" msgstr "Numéro de la liste de révocation" #: ../ui/NewCrl.ui:144 msgctxt "NewCrl|" msgid "Subject alternative name" msgstr "Nom alternatif du sujet" #: ../ui/NewCrl.ui:199 msgctxt "NewCrl|" msgid "Revocation reasons" msgstr "Raisons de la révocation" #: ../ui/NewCrl.ui:158 msgctxt "NewCrl|" msgid "Authority key identifier" msgstr "Identifiant de clé de l'autorité" #: ../ui/NewCrl.ui:134 msgctxt "NewCrl|" msgid "Hash algorithm" msgstr "Algorithme de hachage" #: ../widgets/NewCrl.cpp:77 msgctxt "NewCrl|" msgid "Create CRL" msgstr "Créer une liste de révocation" #: ../ui/NewKey.ui:86 msgctxt "NewKey|" msgid "Please give a name to the new key and select the desired keysize" msgstr "" "SVP donner un nom à la nouvelle clé et sélectionner la taille de clé désirée" #: ../ui/NewKey.ui:96 msgctxt "NewKey|" msgid "Key properties" msgstr "Propriétés de la clé" #: ../ui/NewKey.ui:102 msgctxt "NewKey|" msgid "Name" msgstr "Nom" #: ../ui/NewKey.ui:121 msgctxt "NewKey|" msgid "The internal name of the new key" msgstr "Le nom interne de la nouvelle clé" #: ../ui/NewKey.ui:151 msgctxt "NewKey|" msgid "Curve name" msgstr "Nom de la courbe" #: ../ui/NewKey.ui:171 msgctxt "NewKey|" msgid "Usually at least 2048 bit keys are recommended" msgstr "Généralement une clé de 2048 bits est recommandée" #: ../ui/NewKey.ui:39 ../ui/NewKey.ui:124 msgctxt "NewKey|" msgid "New Key" msgstr "Nouvelle Clé" #: ../ui/NewKey.ui:158 msgctxt "NewKey|" msgid "Keysize" msgstr "Taille de la clé" #: ../ui/NewKey.ui:178 msgctxt "NewKey|" msgid "Keytype" msgstr "Type de clé" #: ../ui/NewKey.ui:188 msgctxt "NewKey|" msgid "Remember as default" msgstr "Enregistrer comme valeur par défaut" #: ../widgets/NewKey.cpp:137 msgctxt "NewKey|" msgid "Create" msgstr "Créer" #: ../ui/NewX509.ui:75 msgctxt "NewX509|" msgid "Source" msgstr "Source" #: ../ui/NewX509.ui:97 msgctxt "NewX509|" msgid "Signing request" msgstr "Requête de signature" #: ../ui/NewX509.ui:112 msgctxt "NewX509|" msgid "Show request" msgstr "Afficher la requête" #: ../ui/NewX509.ui:119 msgctxt "NewX509|" msgid "Sign this Certificate signing &request" msgstr "Signer cette &requête" #: ../ui/NewX509.ui:126 msgctxt "NewX509|" msgid "Copy extensions from the request" msgstr "Copier les extensions de la requête" #: ../ui/NewX509.ui:136 msgctxt "NewX509|" msgid "Modify subject of the request" msgstr "Modifier le sujet de la requête" #: ../ui/NewX509.ui:169 msgctxt "NewX509|" msgid "Signing" msgstr "Signer" #: ../ui/NewX509.ui:177 msgctxt "NewX509|" msgid "Create a &self signed certificate" msgstr "Créer un certificat auto-&signé" #: ../ui/NewX509.ui:191 msgctxt "NewX509|" msgid "Use &this Certificate for signing" msgstr "Utiliser &ce certificat pour signer" #: ../ui/NewX509.ui:198 msgctxt "NewX509|" msgid "All certificates in your database that can create valid signatures" msgstr "" "Tous les certificats dans la base de données qui peuvent produire des " "signatures valables" #: ../ui/NewX509.ui:225 msgctxt "NewX509|" msgid "Signature algorithm" msgstr "Algorithme de signature" #: ../ui/NewX509.ui:253 msgctxt "NewX509|" msgid "Template for the new certificate" msgstr "Modèle pour le nouveau certificat" #: ../ui/NewX509.ui:265 msgctxt "NewX509|" msgid "All available templates" msgstr "Tous les modèles disponibles" #: ../ui/NewX509.ui:287 msgctxt "NewX509|" msgid "Apply extensions" msgstr "Appliquer les extensions" #: ../ui/NewX509.ui:294 msgctxt "NewX509|" msgid "Apply subject" msgstr "Appliquer le sujet" #: ../ui/NewX509.ui:307 msgctxt "NewX509|" msgid "Apply all" msgstr "Appliquer tout" #: ../ui/NewX509.ui:336 ../widgets/NewX509.cpp:592 msgctxt "NewX509|" msgid "Subject" msgstr "Sujet" #: ../ui/NewX509.ui:344 msgctxt "NewX509|" msgid "Internal Name" msgstr "Nom interne" #: ../ui/NewX509.ui:360 msgctxt "NewX509|" msgid "Distinguished name" msgstr "Nom distinctif" #: ../ui/NewX509.ui:386 msgctxt "NewX509|" msgid "Add" msgstr "Ajouter" #: ../ui/NewX509.ui:393 msgctxt "NewX509|" msgid "Delete" msgstr "Enlever" #: ../ui/NewX509.ui:430 msgctxt "NewX509|" msgid "Private key" msgstr "Clé privée" #: ../ui/NewX509.ui:442 msgctxt "NewX509|" msgid "This list only contains unused keys" msgstr "Cette liste ne contient que les clés inutilisées" #: ../ui/NewX509.ui:449 msgctxt "NewX509|" msgid "Used keys too" msgstr "Inclure les clés utilisées" #: ../ui/NewX509.ui:456 msgctxt "NewX509|" msgid "&Generate a new key" msgstr "&Générer une nouvelle clé" #: ../ui/NewX509.ui:467 msgctxt "NewX509|" msgid "Extensions" msgstr "Extensions" #: ../ui/NewX509.ui:478 msgctxt "NewX509|" msgid "Type" msgstr "Type" #: ../ui/NewX509.ui:485 msgctxt "NewX509|" msgid "If this will become a CA certificate or not" msgstr "Si un certificat d'autorité (CA) est en train d'être créé ou non" #: ../ui/NewX509.ui:489 msgctxt "NewX509|" msgid "Not defined" msgstr "Non défini" #: ../ui/NewX509.ui:494 msgctxt "NewX509|" msgid "Certification Authority" msgstr "Autorité de Certification" #: ../ui/NewX509.ui:499 msgctxt "NewX509|" msgid "End Entity" msgstr "Entité Finale" #: ../ui/NewX509.ui:507 msgctxt "NewX509|" msgid "Path length" msgstr "Distance aux entités finales" #: ../ui/NewX509.ui:514 msgctxt "NewX509|" msgid "How much CAs may be below this." msgstr "" "Combien de niveau de sous-CA peuvent apparaître jusqu'à une entité finale." #: ../ui/NewX509.ui:521 msgctxt "NewX509|" msgid "The basic constraints should always be critical" msgstr "Les contraintes basiques doivent toujours être critiques" #: ../ui/NewX509.ui:534 msgctxt "NewX509|" msgid "Key identifier" msgstr "Identifiant de clé" #: ../ui/NewX509.ui:546 msgctxt "NewX509|" msgid "Creates a hash of the key following the PKIX guidelines" msgstr "Crée un hachage de la clé conformément aux directives PKIX" #: ../ui/NewX509.ui:556 msgctxt "NewX509|" msgid "Copy the Subject Key Identifier from the issuer" msgstr "Copie l'identifiant de clé du sujet du signataire" #: ../ui/NewX509.ui:593 msgctxt "NewX509|" msgid "Validity" msgstr "Validité" #: ../ui/NewX509.ui:599 msgctxt "NewX509|" msgid "Not before" msgstr "Pas avant" #: ../ui/NewX509.ui:613 msgctxt "NewX509|" msgid "Not after" msgstr "Pas après" #: ../ui/NewX509.ui:630 msgctxt "NewX509|" msgid "Time range" msgstr "Intervalle de temps" #: ../ui/NewX509.ui:640 msgctxt "NewX509|" msgid "Days" msgstr "Jours" #: ../ui/NewX509.ui:645 msgctxt "NewX509|" msgid "Months" msgstr "Mois" #: ../ui/NewX509.ui:650 msgctxt "NewX509|" msgid "Years" msgstr "Années" #: ../ui/NewX509.ui:664 msgctxt "NewX509|" msgid "Apply" msgstr "Appliquer" #: ../ui/NewX509.ui:671 msgctxt "NewX509|" msgid "Set the time to 00:00:00 and 23:59:59 respectively" msgstr "Définir les heures à 00:00:00 et 23:59:59 respectivement" #: ../ui/NewX509.ui:674 msgctxt "NewX509|" msgid "Midnight" msgstr "Minuit" #: ../ui/NewX509.ui:681 msgctxt "NewX509|" msgid "Local time" msgstr "Heure locale" #: ../ui/NewX509.ui:688 msgctxt "NewX509|" msgid "No well-defined expiration" msgstr "Pas de date d'expiration précise" #: ../ui/NewX509.ui:738 ../ui/NewX509.ui:755 ../ui/NewX509.ui:824 msgctxt "NewX509|" msgid "DNS: IP: URI: email: RID:" msgstr "DNS: IP: URI: email: RID:" #: ../ui/NewX509.ui:745 ../ui/NewX509.ui:762 ../ui/NewX509.ui:795 #: ../ui/NewX509.ui:831 ../widgets/NewX509.cpp:992 msgctxt "NewX509|" msgid "Edit" msgstr "Modifier" #: ../ui/NewX509.ui:788 msgctxt "NewX509|" msgid "URI:" msgstr "URI:" #: ../ui/NewX509.ui:870 msgctxt "NewX509|" msgid "Key usage" msgstr "Usage de la clé" #: ../ui/NewX509.ui:981 msgctxt "NewX509|" msgid "Netscape" msgstr "Netscape" #: ../ui/NewX509.ui:1139 msgctxt "NewX509|" msgid "Advanced" msgstr "Avancé" #: ../ui/NewX509.ui:1163 ../widgets/NewX509.cpp:1002 msgctxt "NewX509|" msgid "Validate" msgstr "Valider" #: ../ui/NewX509.ui:1186 msgctxt "NewX509|" msgid "Comment" msgstr "Commentaire" #: ../ui/NewX509.ui:351 msgctxt "NewX509|" msgid "" "This name is only used internally and does not appear in the resulting " "certificate" msgstr "" "Ce nom est seulement utilisé par xca et n'apparaît pas dans le certificat " "exporté" #: ../widgets/NewX509.cpp:270 msgctxt "NewX509|" msgid "Critical" msgstr "Critique" #: ../widgets/NewX509.cpp:310 msgctxt "NewX509|" msgid "Create Certificate signing request" msgstr "Créer une requête de signature de certificat" #: ../widgets/NewX509.cpp:336 #, qt-format msgctxt "NewX509|" msgid "minimum size: %1" msgstr "taille minimale: %1" #: ../widgets/NewX509.cpp:338 #, qt-format msgctxt "NewX509|" msgid "maximum size: %1" msgstr "taille maximale: %1" #: ../widgets/NewX509.cpp:340 msgctxt "NewX509|" msgid "only a-z A-Z 0-9 '()+,-./:=?" msgstr "seulement a-z A-Z 0-9 '()+,-./:=?" #: ../widgets/NewX509.cpp:344 msgctxt "NewX509|" msgid "only 7-bit clean characters" msgstr "seulement des caractères 7-bit ASCII imprimables" #: ../widgets/NewX509.cpp:369 msgctxt "NewX509|" msgid "Edit XCA template" msgstr "Editer un modèle XCA" #: ../widgets/NewX509.cpp:382 msgctxt "NewX509|" msgid "Create x509 Certificate" msgstr "Créer un certificat x509" #: ../widgets/NewX509.cpp:750 #, qt-format msgctxt "NewX509|" msgid "Template '%1' applied" msgstr "Le modèle '%1' a été appliqué" #: ../widgets/NewX509.cpp:757 #, qt-format msgctxt "NewX509|" msgid "Subject applied from template '%1'" msgstr "Sujet extrait du modèle '%1'" #: ../widgets/NewX509.cpp:765 #, qt-format msgctxt "NewX509|" msgid "Extensions applied from template '%1'" msgstr "Les extensions du modéle '%1' ont été appliquées" #: ../widgets/NewX509.cpp:780 #, qt-format msgctxt "NewX509|" msgid "New key '%1' created" msgstr "La nouvelle clé '%1' a été créée" #: ../widgets/NewX509.cpp:1025 msgctxt "NewX509|" msgid "Other Tabs" msgstr "Autres Onglets" #: ../widgets/NewX509.cpp:1039 msgctxt "NewX509|" msgid "Advanced Tab" msgstr "Onglet Avancé" #: ../widgets/NewX509.cpp:1046 msgctxt "NewX509|" msgid "Errors" msgstr "Erreurs" #: ../widgets/NewX509.cpp:1064 msgctxt "NewX509|" msgid "From PKCS#10 request" msgstr "A partir d'une requête en PKCS#10" #: ../widgets/NewX509.cpp:1172 ../widgets/NewX509.cpp:1185 #: ../widgets/NewX509.cpp:1204 ../widgets/NewX509.cpp:1216 #: ../widgets/NewX509.cpp:1232 ../widgets/NewX509.cpp:1246 #: ../widgets/NewX509.cpp:1280 ../widgets/NewX509.cpp:1299 #: ../widgets/NewX509.cpp:1322 ../widgets/NewX509.cpp:1345 #: ../widgets/NewX509.cpp:1371 ../widgets/NewX509.cpp:1391 msgctxt "NewX509|" msgid "Abort rollout" msgstr "Interrompre le déploiement" #: ../widgets/NewX509.cpp:1181 msgctxt "NewX509|" msgid "The following length restrictions of RFC3280 are violated:" msgstr "" "Pour être en conformité avec la RFC3280, les règles de restriction de " "longueur suivantes ne sont pas respectées:" #: ../widgets/NewX509.cpp:1184 ../widgets/NewX509.cpp:1245 msgctxt "NewX509|" msgid "Edit subject" msgstr "Modifier le sujet" #: ../widgets/NewX509.cpp:1186 ../widgets/NewX509.cpp:1247 #: ../widgets/NewX509.cpp:1300 ../widgets/NewX509.cpp:1323 #: ../widgets/NewX509.cpp:1346 ../widgets/NewX509.cpp:1372 #: ../widgets/NewX509.cpp:1392 msgctxt "NewX509|" msgid "Continue rollout" msgstr "Continuer le déploiement" #: ../widgets/NewX509.cpp:1202 msgctxt "NewX509|" msgid "" "The verification of the Certificate request failed.\n" "The rollout should be aborted." msgstr "" "La vérification de la requête de signature à échoué.\n" "Le déploiement devrait être interrompu." #: ../widgets/NewX509.cpp:1203 msgctxt "NewX509|" msgid "Continue anyway" msgstr "Continuer quand-même" #: ../widgets/NewX509.cpp:1214 msgctxt "NewX509|" msgid "" "The internal name and the common name are empty.\n" "Please set at least the internal name." msgstr "" "Le nom interne et le nom commun sont vides.\n" "SVP saisir au moins le nom interne." #: ../widgets/NewX509.cpp:1215 msgctxt "NewX509|" msgid "Edit name" msgstr "Modifier le nom" #: ../widgets/NewX509.cpp:1230 msgctxt "NewX509|" msgid "There is no Key selected for signing." msgstr "Aucune clé n'est sélectionnée pour la signature." #: ../widgets/NewX509.cpp:1231 msgctxt "NewX509|" msgid "Select key" msgstr "Sélectionner la clé" #: ../widgets/NewX509.cpp:1243 #, qt-format msgctxt "NewX509|" msgid "" "The following distinguished name entries are empty:\n" "%1\n" "though you have declared them as mandatory in the options menu." msgstr "" "Les indications de nom distinctif suivantes sont vides:\n" "%1\n" "bien que vous les avez déclarées comme obligatoires dans le menu des options." #: ../widgets/NewX509.cpp:1277 msgctxt "NewX509|" msgid "The key you selected for signing is not a private one." msgstr "La clé sélectionnée pour la signature n'est pas une clé privée." #: ../widgets/NewX509.cpp:1278 msgctxt "NewX509|" msgid "Select other signer" msgstr "Sélectionner un autre signataire" #: ../widgets/NewX509.cpp:1278 msgctxt "NewX509|" msgid "Select other key" msgstr "Sélectionner une autre clé" #: ../widgets/NewX509.cpp:1288 #, qt-format msgctxt "NewX509|" msgid "" "The currently selected hash algorithm '%1' is insecure and should not be " "used." msgstr "" "L'algorithme de hachage sélectionné '%1' est peu sûr et ne devrait pas être " "utilisé." #: ../widgets/NewX509.cpp:1289 msgctxt "NewX509|" msgid "Select other algorithm" msgstr "Sélectionner un autre algorithme" #: ../widgets/NewX509.cpp:1290 msgctxt "NewX509|" msgid "Use algorithm anyway" msgstr "Utiliser quand même cet algorithme" #: ../widgets/NewX509.cpp:1296 msgctxt "NewX509|" msgid "" "The certificate will be earlier valid than the signer. This is probably not " "what you want." msgstr "" "Le certificat serait valide avant son signataire. Ce n'est probablement pas " "ce qui est désiré." #: ../widgets/NewX509.cpp:1298 ../widgets/NewX509.cpp:1321 #: ../widgets/NewX509.cpp:1344 msgctxt "NewX509|" msgid "Edit dates" msgstr "Modifier les limites de validité" #: ../widgets/NewX509.cpp:1301 ../widgets/NewX509.cpp:1324 msgctxt "NewX509|" msgid "Adjust date and continue" msgstr "Ajuster la date et continuer" #: ../widgets/NewX509.cpp:1319 msgctxt "NewX509|" msgid "" "The certificate will be longer valid than the signer. This is probably not " "what you want." msgstr "" "Le certificat serait valide plus longtemps que son signataire. Ce n'est " "probablement pas ce qui est désiré." #: ../widgets/NewX509.cpp:1342 msgctxt "NewX509|" msgid "" "The certificate will be out of date before it becomes valid. You most " "probably mixed up both dates." msgstr "" "Le certificat serait échu avant de devenir actif. Vous avez probablement " "interverti les deux dates." #: ../widgets/NewX509.cpp:1363 msgctxt "NewX509|" msgid "" "The certificate contains invalid or duplicate extensions. Check the " "validation on the advanced tab." msgstr "" "Le certificat contient des extensions dupliquées ou invalides. Vérifier la " "validité sur l'onglet \"Avancé\"." #: ../widgets/NewX509.cpp:1366 msgctxt "NewX509|" msgid "" "The certificate contains no extensions. You may apply the extensions of one " "of the templates to define the purpose of the certificate." msgstr "" "Le certificat ne contient aucune extension. Vous pouvez appliquer des " "extensions à partir de l'un des modèles pour définir l'usage du certificat" #: ../widgets/NewX509.cpp:1370 ../widgets/NewX509.cpp:1390 msgctxt "NewX509|" msgid "Edit extensions" msgstr "Modifier les extensions" #: ../widgets/NewX509.cpp:1389 msgctxt "NewX509|" msgid "" "The subject alternative name shall contain a copy of the common name. " "However, the common name is empty." msgstr "" "Le nom alternatif du sujet devrait contenir une copie du nom commun. " "Cependant ce dernier est vide." #: ../widgets/NewX509_ext.cpp:189 #, qt-format msgctxt "NewX509|" msgid "Configfile error on line %1\n" msgstr "Erreur dans le fichier de configuration à la ligne %1\n" #: ../ui/OidResolver.ui:28 msgctxt "OidResolver|" msgid "OID Resolver" msgstr "Convertisseur d'OID" #: ../ui/OidResolver.ui:38 msgctxt "OidResolver|" msgid "Enter the OID, the Nid, or one of the textual representations" msgstr "Saisir l'OID, le Nid ou une des représentations symboliques" #: ../ui/OidResolver.ui:47 msgctxt "OidResolver|" msgid "Search" msgstr "Rechercher" #: ../ui/OidResolver.ui:74 msgctxt "OidResolver|" msgid "OID" msgstr "OID" #: ../ui/OidResolver.ui:119 msgctxt "OidResolver|" msgid "Long name" msgstr "Nom complet" #: ../ui/OidResolver.ui:145 ../ui/OidResolver.ui:167 msgctxt "OidResolver|" msgid "OpenSSL internal ID" msgstr "Identification interne à OpenSSL" #: ../ui/OidResolver.ui:148 msgctxt "OidResolver|" msgid "Nid" msgstr "Nid" #: ../ui/OidResolver.ui:177 msgctxt "OidResolver|" msgid "Short name" msgstr "Nom abrégé" #: ../ui/OpenDb.ui:36 msgctxt "OpenDb|" msgid "Open remote database" msgstr "Ouvrir une base de données externe" #: ../ui/OpenDb.ui:98 msgctxt "OpenDb|" msgid "Database type" msgstr "Type de base de données" #: ../ui/OpenDb.ui:108 msgctxt "OpenDb|" msgid "Hostname" msgstr "Nom du serveur" #: ../ui/OpenDb.ui:118 msgctxt "OpenDb|" msgid "Username" msgstr "Nom de l'utilisateur" #: ../ui/OpenDb.ui:128 msgctxt "OpenDb|" msgid "Password" msgstr "Mot de passe" #: ../ui/OpenDb.ui:142 ../widgets/OpenDb.cpp:50 msgctxt "OpenDb|" msgid "Database name" msgstr "Nom de la base de données" #: ../ui/OpenDb.ui:152 msgctxt "OpenDb|" msgid "Table prefix" msgstr "Préfixe du nom des tables" #: ../widgets/OpenDb.cpp:121 msgctxt "OpenDb|" msgid "" "No SqLite3 driver available. Please install the qt-sqlite package of your " "distribution" msgstr "" "Le pilote SqLite3 n'est pas disponible. SVP installez le paquetage qt-sqlite " "de votre distribution" #: ../ui/Options.ui:28 msgctxt "Options|" msgid "XCA Options" msgstr "Options de XCA" #: ../ui/Options.ui:42 msgctxt "Options|" msgid "Settings" msgstr "Réglages" #: ../ui/Options.ui:50 msgctxt "Options|" msgid "Default hash algorithm" msgstr "Algorithme de hachage par défaut" #: ../ui/Options.ui:64 msgctxt "Options|" msgid "String types" msgstr "Types de chaînes" #: ../ui/Options.ui:76 msgctxt "Options|" msgid "Suppress success messages" msgstr "Supprimer les messages en cas de succès" #: ../ui/Options.ui:109 msgctxt "Options|" msgid "Don't colorize expired certificates" msgstr "Ne pas coloriser les certificats expirés" #: ../ui/Options.ui:90 #, qt-format msgctxt "Options|" msgid "Translate established x509 terms (%1 -> %2)" msgstr "Traduire les termes standards définis par x509 (%1 -> %2)" #: ../ui/Options.ui:97 msgctxt "Options|" msgid "" "The hashing functionality of the token is not used by XCA.\n" "It may however honor a restricted hash-set propagated by the token.\n" "Especially EC and DSA are only defined with SHA1 in the PKCS#11 " "specification." msgstr "" "La fonctionalité de hachage du jeton n'est pas utilisée par XCA.\n" "Ce dernier peut néanmoins se limiter à un jeu restreint de fonctions de " "hachage reconnus par le jeton.\n" "En particulier, EC et DSA ne sont définis qu'avec SHA1 dans la spécification " "PKCS#11." #: ../ui/Options.ui:102 msgctxt "Options|" msgid "Only use hashes supported by the token when signing with a token key" msgstr "" "N'utiliser que des fonction de hachage supportées par le jeton lors d'une " "signature avec une clé du jeton" #: ../ui/Options.ui:83 msgctxt "Options|" msgid "Disable legacy Netscape extensions" msgstr "Désactiver les extensions Netscape désuètes" #: ../ui/Options.ui:127 msgctxt "Options|" msgid "Certificate expiry warning threshold" msgstr "Seuil d'avertissement de l'expiration d'un certificat" #: ../ui/Options.ui:146 msgctxt "Options|" msgid "Send vCalendar expiry reminder" msgstr "Envoyer un message vCalendar de rappel d'expiration" #: ../ui/Options.ui:157 msgctxt "Options|" msgid "Serial number length" msgstr "Longueur du numéro de série" #: ../ui/Options.ui:164 msgctxt "Options|" msgid " bit" msgstr " bits" #: ../ui/Options.ui:199 msgctxt "Options|" msgid "Distinguished name" msgstr "Nom distinctif" #: ../ui/Options.ui:205 msgctxt "Options|" msgid "Mandatory subject entries" msgstr "Inscriptions du sujet obligatoires" #: ../ui/Options.ui:223 ../ui/Options.ui:284 ../ui/Options.ui:366 msgctxt "Options|" msgid "Add" msgstr "Ajouter" #: ../ui/Options.ui:230 ../ui/Options.ui:291 msgctxt "Options|" msgid "Delete" msgstr "Enlever" #: ../ui/Options.ui:255 msgctxt "Options|" msgid "Explicit subject entries" msgstr "Inscriptions explicites du sujet" #: ../ui/Options.ui:273 msgctxt "Options|" msgid "Dynamically arrange explicit subject entries" msgstr "Arranger dynamiquement les éléments explicites du sujet" #: ../ui/Options.ui:298 msgctxt "Options|" msgid "Default" msgstr "Défaut" #: ../ui/Options.ui:324 msgctxt "Options|" msgid "PKCS#11 provider" msgstr "Fournisseur PKCS#11" #: ../ui/Options.ui:379 msgctxt "Options|" msgid "Remove" msgstr "Enlever" #: ../ui/Options.ui:386 msgctxt "Options|" msgid "Search" msgstr "Rechercher" #: ../widgets/Options.cpp:34 msgctxt "Options|" msgid "Printable string or UTF8 (default)" msgstr "Chaîne imprimable ou UTF8 (défaut)" #: ../widgets/Options.cpp:35 msgctxt "Options|" msgid "PKIX recommendation in RFC2459" msgstr "La recommandation PKIX est dans la RFC2459" #: ../widgets/Options.cpp:36 msgctxt "Options|" msgid "No BMP strings, only printable and T61" msgstr "Pas de chaîne BMP, seulement imprimable et T61" #: ../widgets/Options.cpp:37 msgctxt "Options|" msgid "UTF8 strings only (RFC2459)" msgstr "Chaînes UTF8 uniquement (RFC2459)" #: ../widgets/Options.cpp:38 msgctxt "Options|" msgid "All strings" msgstr "Toutes les chaînes" #: ../widgets/Options.cpp:60 msgctxt "Options|" msgid "Days" msgstr "Jours" #: ../widgets/Options.cpp:60 msgctxt "Options|" msgid "Weeks" msgstr "Semaines" #: ../ui/PwDialog.ui:118 msgctxt "PwDialog|" msgid "" "The password is parsed as 2-digit hex code. It must have an even number of " "digits (0-9 and a-f)" msgstr "" "Le mot de passe doit être exprimé sous forme d'une suite de chiffres " "hexadécimaux. Il doit contenir un nombre pair de chiffres (0-9 et a-f)" #: ../ui/PwDialog.ui:121 msgctxt "PwDialog|" msgid "Take as HEX string" msgstr "Exprimé en hexadécimal" #: ../widgets/PwDialog.cpp:44 msgctxt "PwDialog|" msgid "Password" msgstr "Mot de passe" #: ../widgets/PwDialog.cpp:96 #, qt-format msgctxt "PwDialog|" msgid "Repeat %1" msgstr "Répéter %1" #: ../widgets/PwDialog.cpp:109 #, qt-format msgctxt "PwDialog|" msgid "%1 mismatch" msgstr "%1 ne correspond pas" #: ../widgets/PwDialog.cpp:116 msgctxt "PwDialog|" msgid "" "Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it " "must consist of an even number of characters" msgstr "" "Un mot de passe hexadécimal peut seulement contenir les caractères '0' à '9' " "et 'a' à 'f' et il doit consister en un nombre pair de caractères" #: ../widgets/PwDialog.cpp:145 msgctxt "PwDialog|" msgid "Exit" msgstr "Quitter" #: ../widgets/XcaWarning.cpp:28 msgctxt "QMessageBox|" msgid "Ok" msgstr "OK" #: ../widgets/XcaWarning.cpp:29 msgctxt "QMessageBox|" msgid "Close" msgstr "Fermer" #: ../widgets/XcaWarning.cpp:30 msgctxt "QMessageBox|" msgid "Cancel" msgstr "Annuler" #: ../widgets/XcaWarning.cpp:31 msgctxt "QMessageBox|" msgid "Apply" msgstr "Appliquer" #: ../widgets/XcaWarning.cpp:32 msgctxt "QMessageBox|" msgid "Yes" msgstr "Oui" #: ../widgets/XcaWarning.cpp:33 msgctxt "QMessageBox|" msgid "No" msgstr "Non" #: ../lib/asn1time.cpp:157 msgctxt "QObject|" msgid "Undefined" msgstr "Indéfini" #: ../lib/asn1time.cpp:159 msgctxt "QObject|" msgid "Broken / Invalid" msgstr "Invalide" #: ../lib/asn1time.cpp:205 #, qt-format msgctxt "QObject|" msgid "in %1 seconds" msgstr "dans %1 secondes" #: ../lib/asn1time.cpp:206 #, qt-format msgctxt "QObject|" msgid "%1 seconds ago" msgstr "il y a %1 secondes" #: ../lib/asn1time.cpp:209 #, qt-format msgctxt "QObject|" msgid "in %1 minutes" msgstr "dans %1 minutes" #: ../lib/asn1time.cpp:210 #, qt-format msgctxt "QObject|" msgid "%1 minutes ago" msgstr "il y a %1 minutes" #: ../lib/asn1time.cpp:212 msgctxt "QObject|" msgid "Yesterday" msgstr "Hier" #: ../lib/asn1time.cpp:214 msgctxt "QObject|" msgid "Tomorrow" msgstr "Demain" #: ../lib/asn1time.cpp:217 #, qt-format msgctxt "QObject|" msgid "in %1 hours" msgstr "dans %1 heures" #: ../lib/asn1time.cpp:218 #, qt-format msgctxt "QObject|" msgid "%1 hours ago" msgstr "il y a %1 heures" #: ../lib/db.cpp:280 ../lib/db.cpp:297 msgctxt "QObject|" msgid "Out of data" msgstr "A court de données" #: ../lib/db.cpp:320 msgctxt "QObject|" msgid "Error finding endmarker of string" msgstr "Erreur: une marque de fin de chaîne n'a pas été trouvée" #: ../lib/exception.h:60 #, qt-format msgctxt "QObject|" msgid "Out of Memory at %1:%2" msgstr "A court de mémoire à %1:%2" #: ../lib/load_obj.cpp:20 msgctxt "QObject|" msgid "All files ( * )" msgstr "Tous les fichiers ( * )" #: ../lib/load_obj.cpp:56 msgctxt "QObject|" msgid "" "PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK " "Keys ( *.pvk );; SSH Public Keys ( *.pub );;" msgstr "" "Clés PKI ( *.pem *.der *.key );; Clés PKCS#8 ( *.p8 *.pk8 );; Clés Microsoft " "PVK ( *.pvk );; Clés publiques SSH ( *.pub );;" #: ../lib/load_obj.cpp:60 msgctxt "QObject|" msgid "Import RSA key" msgstr "Importer une clé RSA" #: ../lib/load_obj.cpp:72 msgctxt "QObject|" msgid "PKCS#10 CSR ( *.pem *.der *.csr );; " msgstr "PKCS#10 CSR ( *.pem *.der *.csr );;" #: ../lib/load_obj.cpp:73 msgctxt "QObject|" msgid "Import Request" msgstr "Importer une requête" #: ../lib/load_obj.cpp:85 msgctxt "QObject|" msgid "Certificates ( *.pem *.der *.crt *.cer );;" msgstr "Certificats ( *.pem *.der *.crt *.cer );;" #: ../lib/load_obj.cpp:86 msgctxt "QObject|" msgid "Import X.509 Certificate" msgstr "Importer un certificat X.509" #: ../lib/load_obj.cpp:98 msgctxt "QObject|" msgid "PKCS#7 data ( *.p7s *.p7m *.p7b );;" msgstr "Données PKCS#7 ( *.p7s *.p7m *.p7b );;" #: ../lib/load_obj.cpp:99 msgctxt "QObject|" msgid "Import PKCS#7 Certificates" msgstr "Importer un certificat PKCS#7" #: ../lib/load_obj.cpp:111 msgctxt "QObject|" msgid "PKCS#12 Certificates ( *.p12 *.pfx );;" msgstr "Certificats PKCS#12 ( *.p12 *.pfx );;" #: ../lib/load_obj.cpp:112 msgctxt "QObject|" msgid "Import PKCS#12 Private Certificate" msgstr "Importer un certificat privé PKCS#12" #: ../lib/load_obj.cpp:125 msgctxt "QObject|" msgid "XCA templates ( *.xca );;" msgstr "Modèles XCA ( *.xca );;" #: ../lib/load_obj.cpp:126 msgctxt "QObject|" msgid "Import XCA Templates" msgstr "Importer des modèles XCA" #: ../lib/load_obj.cpp:138 msgctxt "QObject|" msgid "Revocation lists ( *.pem *.der *.crl );;" msgstr "Listes de révocation ( *.pem *.der *.crl );;" #: ../lib/load_obj.cpp:139 msgctxt "QObject|" msgid "Import Certificate Revocation List" msgstr "Importer une liste de révocation de certificats" #: ../lib/load_obj.cpp:151 msgctxt "QObject|" msgid "XCA Databases ( *.xdb );;" msgstr "Bases de données XCA ( *.xdb );;" #: ../lib/load_obj.cpp:152 msgctxt "QObject|" msgid "Open XCA Database" msgstr "Ouvrir une Base de Données XCA" #: ../lib/load_obj.cpp:160 msgctxt "QObject|" msgid "PKCS#11 library ( *.dll );;" msgstr "Bibliothèque PKCS#11 ( *.dll );;" #: ../lib/load_obj.cpp:162 msgctxt "QObject|" msgid "PKCS#11 library ( *.dylib *.so );;" msgstr "Bibliothèque PKCS#11 ( *.dylib *.so );;" #: ../lib/load_obj.cpp:164 msgctxt "QObject|" msgid "PKCS#11 library ( *.so );;" msgstr "Bibliothèque PKCS#11 ( *.so );;" #: ../lib/load_obj.cpp:166 msgctxt "QObject|" msgid "Open PKCS#11 shared library" msgstr "Ouvrir une bibliothèque partagée PKCS#11" #: ../lib/load_obj.cpp:173 msgctxt "QObject|" msgid "PEM files ( *.pem );;" msgstr "Fichiers PEM ( *.pem );;" #: ../lib/load_obj.cpp:174 msgctxt "QObject|" msgid "Load PEM encoded file" msgstr "Charger un fichier en format PEM" #: ../lib/pkcs11.cpp:214 msgctxt "QObject|" msgid "Please enter the PIN on the PinPad" msgstr "Saisir le NIP sur le pavé prévu à cet effet SVP" #: ../lib/pkcs11.cpp:225 #, qt-format msgctxt "QObject|" msgid "Please enter the SO PIN (PUK) of the token %1" msgstr "SVP saisir le PUK du jeton '%1'" #: ../lib/pkcs11.cpp:226 #, qt-format msgctxt "QObject|" msgid "Please enter the PIN of the token %1" msgstr "SVP saisir le NIP du jeton '%1'" #: ../lib/pkcs11.cpp:280 msgctxt "QObject|" msgid "No Security token found" msgstr "Aucun jeton de sécurité trouvé" #: ../lib/pkcs11.cpp:291 msgctxt "QObject|" msgid "Select" msgstr "Sélectionner" #: ../lib/pkcs11.cpp:314 #, qt-format msgctxt "QObject|" msgid "Please enter the new SO PIN (PUK) for the token: '%1'" msgstr "SVP saisir le nouveau PUK pour le jeton: '%1'" #: ../lib/pkcs11.cpp:316 #, qt-format msgctxt "QObject|" msgid "Please enter the new PIN for the token: '%1'" msgstr "SVP saisir le nouveau NIP pour le jeton: '%1'" #: ../lib/pkcs11.h:101 #, qt-format msgctxt "QObject|" msgid "Required PIN size: %1 - %2" msgstr "Taille du NIP requise: %1 - %2" #: ../lib/pkcs11_lib.cpp:69 #, qt-format msgctxt "QObject|" msgid "Invalid filename: %1" msgstr "Nom de fichier invalide: %1" #: ../lib/pkcs11_lib.cpp:72 #, qt-format msgctxt "QObject|" msgid "Failed to open PKCS11 library: %1: %2" msgstr "L'ouverture de la bibliothèque PKCS#11 '%1' a échoué: %2" #: ../lib/pkcs11_lib.cpp:78 msgctxt "QObject|" msgid "" "This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not " "found." msgstr "" "Cela n'a pas l'air d'une bibliothèque PKCS#11. Le symbole " "'C_GetFunctionList' n'a pas été trouvé." #: ../lib/pkcs11_lib.cpp:157 msgctxt "QObject|" msgid "Disabled" msgstr "Désactivé" #: ../lib/pkcs11_lib.cpp:161 msgctxt "QObject|" msgid "Library loading failed" msgstr "Le chargement de la bibliothèque a échoué" #: ../lib/pkcs11_lib.cpp:518 #, qt-format msgctxt "QObject|" msgid "PKCS#11 function '%1' failed: %2" msgstr "La fonction PKCS#11 '%1' a échoué: %2" #: ../lib/pkcs11_lib.cpp:526 #, qt-format msgctxt "QObject|" msgid "" "PKCS#11 function '%1' failed: %2\n" "In library %3\n" "%4" msgstr "" "La fonction PKCS#11 '%1' a échoué: %2\n" "Dans la bibliothèque %3\n" "%4" #: ../lib/x509name.cpp:111 msgctxt "QObject|" msgid "Invalid" msgstr "Invalide" #: ../lib/x509name.cpp:235 #, qt-format msgctxt "QObject|" msgid "%1 is shorter than %2 bytes: '%3'" msgstr "%1 est plus court que %2 octets: '%3'" #: ../lib/x509name.cpp:240 #, qt-format msgctxt "QObject|" msgid "%1 is longer than %2 bytes: '%3'" msgstr "%1 est plus long que %2 octets: '%3'" #: ../lib/x509v3ext.cpp:86 #, qt-format msgctxt "QObject|" msgid "String '%1' for '%2' contains invalid characters" msgstr "La chaîne '%1' pour '%2' contient des caractères invalides" #: ../lib/oid.cpp:56 #, qt-format msgctxt "QObject|" msgid "Error reading config file %1 at line %2" msgstr "Erreur de lecture du ficher de configuration %1 à la ligne %2" #: ../lib/oid.cpp:91 #, qt-format msgctxt "QObject|" msgid "" "The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and " "should be removed." msgstr "" "L'objet '%1' du fichier %2, ligne %3 est déjà connu comme '%4:%5:%6' et " "devrait être détruit." #: ../lib/oid.cpp:100 #, qt-format msgctxt "QObject|" msgid "" "The identifier '%1' for OID %2 from file %3 line %4 is already used for a " "different OID as '%5:%6:%7' and should be changed to avoid conflicts." msgstr "" "L'identificateur '%1' de l'OID %2 du ficher %3, ligne %4 est déjà utilisé " "pour un OID différent connu comme '%5:%6:%7' et devrait être changé pour " "éviter les conflits." #: ../lib/oid.cpp:163 #, qt-format msgctxt "QObject|" msgid "Unknown object '%1' in file %2 line %3" msgstr "Objet inconnu '%1' dans le ficher %2, ligne %3" #: ../lib/sql.h:55 msgctxt "QObject|" msgid "Failed to start a database transaction" msgstr "Impossible de démarrer la transaction BDD" #: ../lib/func.cpp:634 msgctxt "QObject|" msgid "Country code" msgstr "Code de pays" #: ../lib/func.cpp:635 msgctxt "QObject|" msgid "State or Province" msgstr "Etat ou province" #: ../lib/func.cpp:636 msgctxt "QObject|" msgid "Locality" msgstr "Localité" #: ../lib/func.cpp:637 msgctxt "QObject|" msgid "Organisation" msgstr "Organisation" #: ../lib/func.cpp:638 msgctxt "QObject|" msgid "Organisational unit" msgstr "Unité d'organisation" #: ../lib/func.cpp:639 msgctxt "QObject|" msgid "Common name" msgstr "Nom commun" #: ../lib/func.cpp:640 msgctxt "QObject|" msgid "E-Mail address" msgstr "Adresse de courriel" #: ../lib/func.cpp:641 msgctxt "QObject|" msgid "Serial number" msgstr "Numéro de série" #: ../lib/func.cpp:642 msgctxt "QObject|" msgid "Given name" msgstr "Prénom" #: ../lib/func.cpp:643 msgctxt "QObject|" msgid "Surname" msgstr "Nom de famille" #: ../lib/func.cpp:644 msgctxt "QObject|" msgid "Title" msgstr "Titre" #: ../lib/func.cpp:645 msgctxt "QObject|" msgid "Initials" msgstr "Initiales" #: ../lib/func.cpp:646 msgctxt "QObject|" msgid "Description" msgstr "Description" #: ../lib/func.cpp:647 msgctxt "QObject|" msgid "Role" msgstr "Rôle" #: ../lib/func.cpp:648 msgctxt "QObject|" msgid "Pseudonym" msgstr "Pseudonyme" #: ../lib/func.cpp:649 msgctxt "QObject|" msgid "Generation Qualifier" msgstr "Qualifiant de génération" #: ../lib/func.cpp:650 msgctxt "QObject|" msgid "x500 Unique Identifier" msgstr "Identifiant Unique X500" #: ../lib/func.cpp:651 msgctxt "QObject|" msgid "Name" msgstr "Nom" #: ../lib/func.cpp:652 msgctxt "QObject|" msgid "DN Qualifier" msgstr "Qualifiant de DN" #: ../lib/func.cpp:653 msgctxt "QObject|" msgid "Unstructured name" msgstr "Nom non-structuré" #: ../lib/func.cpp:654 msgctxt "QObject|" msgid "Challenge password" msgstr "Mot de passe challenge" #: ../lib/func.cpp:656 msgctxt "QObject|" msgid "Basic Constraints" msgstr "Contraintes de base" #: ../lib/func.cpp:657 msgctxt "QObject|" msgid "Subject alternative name" msgstr "Nom alternatif du sujet" #: ../lib/func.cpp:658 msgctxt "QObject|" msgid "issuer alternative name" msgstr "Nom alternatif de l'émetteur" #: ../lib/func.cpp:659 msgctxt "QObject|" msgid "Subject key identifier" msgstr "Clé d'identification du sujet" #: ../lib/func.cpp:660 msgctxt "QObject|" msgid "Authority key identifier" msgstr "Clé d'identification de l'autorité" #: ../lib/func.cpp:661 msgctxt "QObject|" msgid "Key usage" msgstr "Usage de la clé" #: ../lib/func.cpp:662 msgctxt "QObject|" msgid "Extended key usage" msgstr "Usage étendu de la clé" #: ../lib/func.cpp:663 msgctxt "QObject|" msgid "CRL distribution points" msgstr "Points de distribution de la CRL" #: ../lib/func.cpp:664 msgctxt "QObject|" msgid "Authority information access" msgstr "Accès à l'information de l'autorité" #: ../lib/func.cpp:665 msgctxt "QObject|" msgid "Certificate type" msgstr "Type de certificat" #: ../lib/func.cpp:666 msgctxt "QObject|" msgid "Base URL" msgstr "URL de base" #: ../lib/func.cpp:667 msgctxt "QObject|" msgid "Revocation URL" msgstr "URL de révocation" #: ../lib/func.cpp:668 msgctxt "QObject|" msgid "CA Revocation URL" msgstr "URL de révocation du CA" #: ../lib/func.cpp:669 msgctxt "QObject|" msgid "Certificate renewal URL" msgstr "URL de renouvellement du certificat" #: ../lib/func.cpp:670 msgctxt "QObject|" msgid "CA policy URL" msgstr "URL de la politique du CA" #: ../lib/func.cpp:671 msgctxt "QObject|" msgid "SSL server name" msgstr "Nom du serveur SSL" #: ../lib/func.cpp:672 msgctxt "QObject|" msgid "Comment" msgstr "Commentaire" #: ../lib/main.cpp:210 #, qt-format msgctxt "QObject|" msgid "Index file written to '%1'" msgstr "Fichier d'index écrit dans '%1'" #: ../lib/main.cpp:217 #, qt-format msgctxt "QObject|" msgid "Index hierarchy written to '%1'" msgstr "Hiérarchie d'index écrite dans '%1'" #: ../lib/main.cpp:230 #, qt-format msgctxt "QObject|" msgid "Unknown key type %1" msgstr "Type de clé inconnu %1" #: ../widgets/XcaWarning.h:23 msgctxt "QObject|" msgid "Password verify error, please try again" msgstr "La vérification du mot de passe a échoué. SVP essayez encore" #: ../widgets/ReqTreeView.cpp:25 msgctxt "ReqTreeView|" msgid "Sign" msgstr "Signer" #: ../widgets/ReqTreeView.cpp:27 msgctxt "ReqTreeView|" msgid "Unmark signed" msgstr "Marquer comme non-signée" #: ../widgets/ReqTreeView.cpp:30 msgctxt "ReqTreeView|" msgid "Mark signed" msgstr "Marquer comme signée" #: ../widgets/ReqTreeView.cpp:33 msgctxt "ReqTreeView|" msgid "Similar Request" msgstr "Requête similaire" #: ../ui/RevocationList.ui:30 msgctxt "RevocationList|" msgid "Manage revocations" msgstr "Gérer les révocations" #: ../ui/RevocationList.ui:96 msgctxt "RevocationList|" msgid "Add" msgstr "Ajouter" #: ../ui/RevocationList.ui:103 msgctxt "RevocationList|" msgid "Delete" msgstr "Enlever" #: ../ui/RevocationList.ui:110 msgctxt "RevocationList|" msgid "Edit" msgstr "Modifier" #: ../widgets/RevocationList.cpp:75 msgctxt "RevocationList|" msgid "No." msgstr "No." #: ../widgets/RevocationList.cpp:75 msgctxt "RevocationList|" msgid "Serial" msgstr "Numéro de série" #: ../widgets/RevocationList.cpp:75 msgctxt "RevocationList|" msgid "Revocation" msgstr "Révocation" #: ../widgets/RevocationList.cpp:75 msgctxt "RevocationList|" msgid "Reason" msgstr "Raison" #: ../widgets/RevocationList.cpp:76 msgctxt "RevocationList|" msgid "Invalidation" msgstr "Invalidation" #: ../widgets/RevocationList.cpp:104 msgctxt "RevocationList|" msgid "Generate CRL" msgstr "Générer la liste de révocation" #: ../ui/Revoke.ui:30 msgctxt "Revoke|" msgid "Certificate revocation" msgstr "Révocation du certificat" #: ../ui/Revoke.ui:87 msgctxt "Revoke|" msgid "Revocation details" msgstr "Détails de la révocation" #: ../ui/Revoke.ui:96 msgctxt "Revoke|" msgid "Revocation reason" msgstr "Raison de la révocation" #: ../ui/Revoke.ui:110 msgctxt "Revoke|" msgid "Local time" msgstr "Heure locale" #: ../ui/Revoke.ui:117 msgctxt "Revoke|" msgid "Invalid since" msgstr "Non-valide depuis" #: ../ui/Revoke.ui:124 msgctxt "Revoke|" msgid "Serial" msgstr "Numéro de série" #: ../ui/SearchPkcs11.ui:41 msgctxt "SearchPkcs11|" msgid "Directory" msgstr "Dossier" #: ../ui/SearchPkcs11.ui:57 msgctxt "SearchPkcs11|" msgid "..." msgstr "..." #: ../ui/SearchPkcs11.ui:64 msgctxt "SearchPkcs11|" msgid "Include subdirectories" msgstr "include les sous-dossiers" #: ../ui/SearchPkcs11.ui:71 msgctxt "SearchPkcs11|" msgid "Search" msgstr "Rechercher" #: ../widgets/SearchPkcs11.cpp:75 msgctxt "SearchPkcs11|" msgid "The following files are possible PKCS#11 libraries" msgstr "" "Les fichiers suivants sont susceptibles d'être des bibliothèques PKCS#11" #: ../ui/SelectToken.ui:39 msgctxt "SelectToken|" msgid "Security token" msgstr "Jeton de sécurité" #: ../ui/SelectToken.ui:86 msgctxt "SelectToken|" msgid "Please select the security token" msgstr "SVP sélectionner le jeton de sécurité" #: ../widgets/TempTreeView.cpp:23 msgctxt "TempTreeView|" msgid "Duplicate" msgstr "Dupliquer" #: ../widgets/TempTreeView.cpp:24 msgctxt "TempTreeView|" msgid "Create certificate" msgstr "Créer un certificat" #: ../widgets/TempTreeView.cpp:25 msgctxt "TempTreeView|" msgid "Create request" msgstr "Créer une requête" #: ../widgets/TempTreeView.cpp:34 msgctxt "TempTreeView|" msgid "copy" msgstr "copier" #: ../widgets/TempTreeView.cpp:82 msgctxt "TempTreeView|" msgid "Preset Template values" msgstr "Initialiser les valeurs du modèle" #: ../widgets/validity.cpp:94 msgctxt "Validity|" msgid "yyyy-MM-dd hh:mm" msgstr "yyyy-MM-dd hh:mm" #: ../widgets/X509SuperTreeView.cpp:28 msgctxt "X509SuperTreeView|" msgid "OpenSSL config" msgstr "Configuration OpenSSL" #: ../widgets/X509SuperTreeView.cpp:29 msgctxt "X509SuperTreeView|" msgid "Transform" msgstr "Transformer" #: ../widgets/X509SuperTreeView.cpp:30 msgctxt "X509SuperTreeView|" msgid "Template" msgstr "Modèle" #: ../widgets/X509SuperTreeView.cpp:31 msgctxt "X509SuperTreeView|" msgid "Public key" msgstr "Clé publique" #: ../widgets/XcaTreeView.cpp:343 msgctxt "XcaTreeView|" msgid "Subject entries" msgstr "Inscriptions du sujet" #: ../widgets/XcaTreeView.cpp:344 msgctxt "XcaTreeView|" msgid "X509v3 Extensions" msgstr "Extensions X509v3" #: ../widgets/XcaTreeView.cpp:345 msgctxt "XcaTreeView|" msgid "Netscape extensions" msgstr "Extensions Netscape" #: ../widgets/XcaTreeView.cpp:346 msgctxt "XcaTreeView|" msgid "Key properties" msgstr "Propriétés de la clé" #: ../widgets/XcaTreeView.cpp:347 msgctxt "XcaTreeView|" msgid "Reset" msgstr "Réinitialisation" #: ../widgets/XcaTreeView.cpp:350 msgctxt "XcaTreeView|" msgid "Hide Column" msgstr "Cacher la colonne" #: ../widgets/XcaTreeView.cpp:352 msgctxt "XcaTreeView|" msgid "Details" msgstr "Détails" #: ../widgets/XcaTreeView.cpp:395 msgctxt "XcaTreeView|" msgid "Columns" msgstr "Colonnes" #: ../widgets/XcaTreeView.cpp:431 msgctxt "XcaTreeView|" msgid "New" msgstr "Créer" #: ../widgets/XcaTreeView.cpp:432 msgctxt "XcaTreeView|" msgid "Import" msgstr "Importer" #: ../widgets/XcaTreeView.cpp:433 msgctxt "XcaTreeView|" msgid "Paste PEM data" msgstr "Coller les données en format PEM" #: ../widgets/XcaTreeView.cpp:437 msgctxt "XcaTreeView|" msgid "Rename" msgstr "Renommer" #: ../widgets/XcaTreeView.cpp:438 msgctxt "XcaTreeView|" msgid "Properties" msgstr "Propriétés" #: ../widgets/XcaTreeView.cpp:441 msgctxt "XcaTreeView|" msgid "Delete" msgstr "Enlever" #: ../widgets/XcaTreeView.cpp:443 msgctxt "XcaTreeView|" msgid "Export" msgstr "Exporter" #: ../widgets/XcaTreeView.cpp:444 msgctxt "XcaTreeView|" msgid "Clipboard" msgstr "Presse-papier" #: ../widgets/XcaTreeView.cpp:446 msgctxt "XcaTreeView|" msgid "File" msgstr "Fichier" #: ../lib/database_model.cpp:125 #, qt-format msgctxt "database_model|" msgid "" "Legacy database format detected. Creating a backup copy called: '%1' and " "converting the database to the new format" msgstr "" "Format historique de base de données détecté. Une copie de sauvegarde " "appelée '%1' est créée et la base de données est convertie au nouveau format" #: ../lib/database_model.cpp:134 msgctxt "database_model|" msgid "Failed to rename the database file, because the target already exists" msgstr "" "Le changement de nom du fichier de base de données a échoué parce qu'un " "autre fichier du même nom existe déjà" #: ../lib/database_model.cpp:269 #, qt-format msgctxt "database_model|" msgid "" "Please enter the password to access the database server %2 as user '%1'." msgstr "" "SVP saisir le mot de passe de l'utilisateur '%1' sur le serveur de base de " "données %2." #: ../lib/database_model.cpp:386 #, qt-format msgctxt "database_model|" msgid "Unable to create '%1': %2" msgstr "Impossible de créer '%1': %2" #: ../lib/database_model.cpp:557 #, qt-format msgctxt "database_model|" msgid "The file '%1' is not an XCA database" msgstr "Le fichier '%1' n'est pas une base de données XCA" #: ../lib/database_model.cpp:585 msgctxt "database_model|" msgid "" "No SqLite3 driver available. Please install the qt-sqlite package of your " "distribution" msgstr "" "Le pilote SqLite3 n'est pas disponible. SVP installez le paquetage qt-sqlite " "de votre distribution" #: ../lib/database_model.cpp:626 msgctxt "database_model|" msgid "New Password" msgstr "Nouveau mot de passe" #: ../lib/database_model.cpp:626 #, qt-format msgctxt "database_model|" msgid "" "Please enter a password, that will be used to encrypt your private keys in " "the database:\n" "%1" msgstr "" "Veuillez saisir un mot de passe, qui sera utilisé pour chiffrer vos clés " "privées dans la base de données:\n" "%1" #: ../lib/database_model.cpp:646 msgctxt "database_model|" msgid "Password" msgstr "Mot de passe" #: ../lib/database_model.cpp:647 #, qt-format msgctxt "database_model|" msgid "" "Please enter the password for unlocking the database:\n" "%1" msgstr "" "Veuillez entrer le mot passe pour déverrouiller la base de données:\n" "%1" #: ../lib/db_base.cpp:170 msgctxt "db_base|" msgid "Internal name" msgstr "Nom interne" #: ../lib/db_base.cpp:171 msgctxt "db_base|" msgid "No." msgstr "No." #: ../lib/db_base.cpp:172 msgctxt "db_base|" msgid "Primary key" msgstr "Clé primaire" #: ../lib/db_base.cpp:173 msgctxt "db_base|" msgid "Database unique number" msgstr "Numéro unique de la base de données" #: ../lib/db_base.cpp:174 msgctxt "db_base|" msgid "Date" msgstr "Date" #: ../lib/db_base.cpp:175 msgctxt "db_base|" msgid "Date of creation or insertion" msgstr "Date de création ou d'importation" #: ../lib/db_base.cpp:176 msgctxt "db_base|" msgid "Source" msgstr "Source" #: ../lib/db_base.cpp:177 msgctxt "db_base|" msgid "Generated, Imported, Transformed" msgstr "Généré, Importé, Transformé" #: ../lib/db_base.cpp:178 msgctxt "db_base|" msgid "Comment" msgstr "Commentaire" #: ../lib/db_base.cpp:179 msgctxt "db_base|" msgid "First line of the comment field" msgstr "Première ligne du champ de commentaire" #: ../lib/db_base.cpp:241 #, qt-format msgctxt "db_base|" msgid "Import from: %1" msgstr "Importer à partir de: %1" #: ../lib/db_base.cpp:392 #, qt-format msgctxt "db_base|" msgid "Could not create directory %1" msgstr "Impossible de créer le répertoire %1" #: ../lib/db_base.cpp:643 msgctxt "db_base|" msgid "Item properties" msgstr "Propriétés de l'élement" #: ../lib/db_base.cpp:680 #, qt-format msgctxt "db_base|" msgid "How to export the %1 selected items" msgstr "Comment exporter les %1 éléments sélectionnés" #: ../lib/db_base.cpp:682 msgctxt "db_base|" msgid "All in one PEM file" msgstr "Tout dans un seul fichier PEM" #: ../lib/db_base.cpp:683 msgctxt "db_base|" msgid "Each item in one file" msgstr "Chaque élément dans un fichier" #: ../lib/db_base.cpp:695 #, qt-format msgctxt "db_base|" msgid "Save %1 items in one file as" msgstr "Sauvegarder %1 éléments dans un seul fichier comme" #: ../lib/db_base.cpp:697 msgctxt "db_base|" msgid "PEM files ( *.pem );; All files ( * )" msgstr "Fichiers PEM ( *.pem );; Tous les fichiers ( * )" #: ../lib/db_crl.cpp:30 msgctxt "db_crl|" msgid "Signer" msgstr "Signataire" #: ../lib/db_crl.cpp:31 msgctxt "db_crl|" msgid "Internal name of the signer" msgstr "Nom interne du signataire" #: ../lib/db_crl.cpp:32 msgctxt "db_crl|" msgid "No. revoked" msgstr "Numéro révoqué" #: ../lib/db_crl.cpp:33 msgctxt "db_crl|" msgid "Number of revoked certificates" msgstr "Nombre de certificats révoqués" #: ../lib/db_crl.cpp:34 msgctxt "db_crl|" msgid "Last update" msgstr "Dernière mise-à-jour" #: ../lib/db_crl.cpp:35 msgctxt "db_crl|" msgid "Next update" msgstr "Prochaine mise-à-jour" #: ../lib/db_crl.cpp:36 msgctxt "db_crl|" msgid "CRL number" msgstr "Numéro de la liste de révocation" #: ../lib/db_crl.cpp:105 #, qt-format msgctxt "db_crl|" msgid "" "The revocation list already exists in the database as:\n" "'%1'\n" "and so it was not imported" msgstr "" "Cette liste de révocation figure déjà dans la base de données sous le nom:\n" "'%1'\n" "En conséquence, elle n'a pas été importée" #: ../lib/db_crl.cpp:130 msgctxt "db_crl|" msgid "Revocation list export" msgstr "Exportation d'une liste de révocation" #: ../lib/db_crl.cpp:131 msgctxt "db_crl|" msgid "CRL ( *.pem *.der *.crl )" msgstr "Listes de révocation ( *.pem *.der *.crl )" #: ../lib/db_crl.cpp:194 msgctxt "db_crl|" msgid "Failed to initiate DB transaction" msgstr "Impossible de démarrer la transaction BDD" #: ../lib/db_crl.cpp:204 ../lib/db_crl.cpp:212 ../lib/db_crl.cpp:216 #, qt-format msgctxt "db_crl|" msgid "Database error: %1" msgstr "Erreur de la base de données: %1" #: ../lib/db_key.cpp:58 msgctxt "db_key|" msgid "Type" msgstr "Type" #: ../lib/db_key.cpp:59 msgctxt "db_key|" msgid "Size" msgstr "Taille" #: ../lib/db_key.cpp:61 msgctxt "db_key|" msgid "EC Group" msgstr "Groupe EC" #: ../lib/db_key.cpp:63 msgctxt "db_key|" msgid "Use" msgstr "Usage" #: ../lib/db_key.cpp:64 msgctxt "db_key|" msgid "Password" msgstr "Mot de passe" #: ../lib/db_key.cpp:138 #, qt-format msgctxt "db_key|" msgid "" "The key is already in the database as:\n" "'%1'\n" "and is not going to be imported" msgstr "" "Cette clé figure déjà dans la base de données sous le nom:\n" "'%1'\n" "En conséquence, elle ne va pas être importée" #: ../lib/db_key.cpp:143 #, qt-format msgctxt "db_key|" msgid "" "The database already contains the public part of the imported key as\n" "'%1\n" "and will be completed by the new, private part of the key" msgstr "" "La base de données connait déjà la partie publique de la clé importée sous " "le nom\n" "'%1'\n" "En conséquence, cette dernière sera complétée par la partie privée de la clé " "importée" #: ../lib/db_key.cpp:145 #, qt-format msgctxt "db_key|" msgid "Extending public key from %1 by imported key '%2'" msgstr "Extension de la clé publique de %1 par la clé importée '%2'" #: ../lib/db_key.cpp:163 msgctxt "db_key|" msgid "Key size too small !" msgstr "Taille de clé trop petite !" #: ../lib/db_key.cpp:167 #, qt-format msgctxt "db_key|" msgid "You are sure to create a key of the size: %1 ?" msgstr "Etes-vous sûr de vouloir créer une clé de taille %1 ?" #: ../lib/db_key.cpp:217 ../lib/db_key.cpp:268 msgctxt "db_key|" msgid "PEM public" msgstr "clé publique PEM" #: ../lib/db_key.cpp:220 ../lib/db_key.cpp:273 msgctxt "db_key|" msgid "SSH2 public" msgstr "Clé publique SSH2" #: ../lib/db_key.cpp:223 ../lib/db_key.cpp:293 msgctxt "db_key|" msgid "PEM private" msgstr "Clé privée PEM" #: ../lib/db_key.cpp:228 ../lib/db_key.cpp:298 msgctxt "db_key|" msgid "SSH2 private" msgstr "Clé privée SSH2" #: ../lib/db_key.cpp:231 msgctxt "db_key|" msgid "Export keys to Clipboard" msgstr "Exporter les clés vers le presse-papier" #: ../lib/db_key.cpp:234 msgctxt "db_key|" msgid "Clipboard" msgstr "Presse-papier" #: ../lib/db_key.cpp:247 #, qt-format msgctxt "db_key|" msgid "Export public key [%1]" msgstr "Exporter la clé publique [%1]" #: ../lib/db_key.cpp:269 msgctxt "db_key|" msgid "DER public" msgstr "Clé publique DER" #: ../lib/db_key.cpp:281 msgctxt "db_key|" msgid "DER private" msgstr "Clé privée DER" #: ../lib/db_key.cpp:278 msgctxt "db_key|" msgid "PEM encryped" msgstr "Chiffrée en PEM" #: ../lib/db_key.cpp:287 msgctxt "db_key|" msgid "PVK private" msgstr "Clé privée PVK" #: ../lib/db_key.cpp:289 msgctxt "db_key|" msgid "PVK encrypted" msgstr "Chiffrée en PVK" #: ../lib/db_key.cpp:295 msgctxt "db_key|" msgid "PKCS#8 encrypted" msgstr "Chiffrée en PKCS#8" #: ../lib/db_key.cpp:299 #, qt-format msgctxt "db_key|" msgid "Export private key [%1]" msgstr "Exporter la clé privée [%1]" #: ../lib/db_key.cpp:304 msgctxt "db_key|" msgid "Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub )" msgstr "Clés privées ( *.pem *.der *.pk8 );; Clé publiques SSH ( *.pub )" #: ../lib/db_key.cpp:364 msgctxt "db_key|" msgid "Internal error" msgstr "Erreur interne" #: ../lib/db_key.cpp:382 msgctxt "db_key|" msgid "Tried to change password of a token" msgstr "Tentative de changement de mot de passe d'un jeton de sécurité" #: ../lib/db_temp.cpp:50 #, qt-format msgctxt "db_temp|" msgid "Bad template: %1" msgstr "Mauvais modèle: %1" #: ../lib/db_temp.cpp:34 msgctxt "db_temp|" msgid "Empty template" msgstr "Modèle vide" #: ../lib/db_temp.cpp:112 msgctxt "db_temp|" msgid "Save template as" msgstr "Enregistrer le modèle sous" #: ../lib/db_temp.cpp:113 msgctxt "db_temp|" msgid "XCA templates ( *.xca );; All files ( * )" msgstr "Modèles XCA ( *.xca);; Tous les fichiers ( * )" #: ../lib/db_x509.cpp:71 msgctxt "db_x509|" msgid "CA" msgstr "CA" #: ../lib/db_x509.cpp:72 msgctxt "db_x509|" msgid "reflects the basic Constraints extension" msgstr "reflète l'extension des contraintes basiques" #: ../lib/db_x509.cpp:73 msgctxt "db_x509|" msgid "Serial" msgstr "Numéro de série" #: ../lib/db_x509.cpp:77 msgctxt "db_x509|" msgid "Start date" msgstr "Date de début" #: ../lib/db_x509.cpp:79 msgctxt "db_x509|" msgid "Expiry date" msgstr "Date d'expiration" #: ../lib/db_x509.cpp:74 msgctxt "db_x509|" msgid "MD5 fingerprint" msgstr "Empreinte MD5" #: ../lib/db_x509.cpp:75 msgctxt "db_x509|" msgid "SHA1 fingerprint" msgstr "Empreinte SHA1" #: ../lib/db_x509.cpp:76 msgctxt "db_x509|" msgid "SHA256 fingerprint" msgstr "Empreinte SHA256" #: ../lib/db_x509.cpp:78 msgctxt "db_x509|" msgid "Not before" msgstr "Pas avant" #: ../lib/db_x509.cpp:80 msgctxt "db_x509|" msgid "Not after" msgstr "Pas après" #: ../lib/db_x509.cpp:81 msgctxt "db_x509|" msgid "Revocation" msgstr "Révocation" #: ../lib/db_x509.cpp:82 msgctxt "db_x509|" msgid "CRL Expiration" msgstr "Expiration de la CRL" #: ../lib/db_x509.cpp:301 msgctxt "db_x509|" msgid "Failed to retrieve unique random serial" msgstr "L'extraction d'un numéro de série aléatoire a échoué" #: ../lib/db_x509.cpp:324 #, qt-format msgctxt "db_x509|" msgid "" "The certificate already exists in the database as:\n" "'%1'\n" "and so it was not imported" msgstr "" "Ce certificat figure déjà dans la base de données sous le nom:\n" "'%1'\n" "En conséquence, il n'a pas été importé" #: ../lib/db_x509.cpp:366 #, qt-format msgctxt "db_x509|" msgid "Signed on %1 by '%2'" msgstr "Signé le %1 par '%2'" #: ../lib/db_x509.cpp:367 msgctxt "db_x509|" msgid "Unknown" msgstr "Inconnu" #: ../lib/db_x509.cpp:455 msgctxt "db_x509|" msgid "Invalid public key" msgstr "Clé publique invalide" #: ../lib/db_x509.cpp:611 msgctxt "db_x509|" msgid "PKCS#7 unrevoked" msgstr "PKCS#7 non-révoqué" #: ../lib/db_x509.cpp:615 msgctxt "db_x509|" msgid "PEM unrevoked" msgstr "PEM non-révoqué" #: ../lib/db_x509.cpp:622 msgctxt "db_x509|" msgid "vCalendar" msgstr "message vCalendar" #: ../lib/db_x509.cpp:626 msgctxt "db_x509|" msgid "CA vCalendar" msgstr "message vCalendar pour le CA" #: ../lib/db_x509.cpp:630 msgctxt "db_x509|" msgid "X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b )" msgstr "Certificats X509 ( *.pem *.cer *.crt *.p12 *.pfx *.p7b)" #: ../lib/db_x509.cpp:1045 msgctxt "db_x509|" msgid "days" msgstr " jours" #: ../lib/db_x509.cpp:1054 msgctxt "db_x509|" msgid "No template" msgstr "Pas de modèle" #: ../lib/db_x509.cpp:481 msgctxt "db_x509|" msgid "The key you selected for signing is not a private one." msgstr "La clé sélectionnée pour la signature n'est pas une clé privée." #: ../lib/db_x509.cpp:253 #, qt-format msgctxt "db_x509|" msgid "Failed to create directory '%1'" msgstr "Impossible de créer le répertoire %1" #: ../lib/db_x509.cpp:523 #, qt-format msgctxt "db_x509|" msgid "Store the certificate to the key on the token '%1 (#%2)' ?" msgstr "Enregistrer le certificate avec la clé sur le jeton '%1 (#%2)' ?" #: ../lib/db_x509.cpp:588 msgctxt "db_x509|" msgid "PEM chain" msgstr "Chaîne en PEM" #: ../lib/db_x509.cpp:590 msgctxt "db_x509|" msgid "PKCS#7 chain" msgstr "Chaîne PKCS#7" #: ../lib/db_x509.cpp:596 msgctxt "db_x509|" msgid "PKCS#12 chain" msgstr "Chaîne PKCS#12" #: ../lib/db_x509.cpp:613 msgctxt "db_x509|" msgid "PKCS#7 all" msgstr "Tous les certificats en PKCS#7" #: ../lib/db_x509.cpp:605 msgctxt "db_x509|" msgid "PEM + key" msgstr "PEM + clé" #: ../lib/db_x509.cpp:617 msgctxt "db_x509|" msgid "PEM all" msgstr "Tous les certificats en PEM" #: ../lib/db_x509.cpp:619 msgctxt "db_x509|" msgid "Certificate Index file" msgstr "Ficher d'index des certificats" #: ../lib/db_x509.cpp:629 msgctxt "db_x509|" msgid "Certificate export" msgstr "Exportation de certificat" #: ../lib/db_x509.cpp:694 ../lib/db_x509.cpp:764 #, qt-format msgctxt "db_x509|" msgid "There was no key found for the Certificate: '%1'" msgstr "Aucune clé n'a été trouvée pour le Certificat. '%1'" #: ../lib/db_x509.cpp:699 #, qt-format msgctxt "db_x509|" msgid "Not possible for a token key: '%1'" msgstr "Impossible pour une clé d'un jeton de sécurité: '%1'" #: ../lib/db_x509.cpp:768 #, qt-format msgctxt "db_x509|" msgid "Not possible for the token-key Certificate '%1'" msgstr "Impossible pour le certificat d'une clé d'un jeton de sécurité: '%1'" #: ../lib/db_x509super.cpp:30 msgctxt "db_x509name|" msgid "Subject" msgstr "Sujet" #: ../lib/db_x509super.cpp:31 msgctxt "db_x509name|" msgid "Complete distinguished name" msgstr "Nom distinctif complet" #: ../lib/db_x509super.cpp:32 msgctxt "db_x509name|" msgid "Subject hash" msgstr "Hachage du sujet" #: ../lib/db_x509super.cpp:33 msgctxt "db_x509name|" msgid "Hash to lookup certs in directories" msgstr "Hachage de recherche dans un dossier" #: ../lib/db_x509req.cpp:28 msgctxt "db_x509req|" msgid "Signed" msgstr "Signée" #: ../lib/db_x509req.cpp:29 msgctxt "db_x509req|" msgid "whether the request is already signed or not" msgstr "si la requête a déjà été signée ou non" #: ../lib/db_x509req.cpp:30 msgctxt "db_x509req|" msgid "Unstructured name" msgstr "Nom non-structuré" #: ../lib/db_x509req.cpp:32 msgctxt "db_x509req|" msgid "Challenge password" msgstr "Mot de passe challenge" #: ../lib/db_x509req.cpp:34 msgctxt "db_x509req|" msgid "Certificate count" msgstr "Nombre de certificats" #: ../lib/db_x509req.cpp:35 msgctxt "db_x509req|" msgid "Number of certificates in the database with the same public key" msgstr "Nombre de certificats dans la base de données avec la même clé" #: ../lib/db_x509req.cpp:52 #, qt-format msgctxt "db_x509req|" msgid "" "The certificate signing request already exists in the database as\n" "'%1'\n" "and thus was not stored" msgstr "" "Cette requête de signature figure déjà dans la base de données sous le nom\n" "'%1'\n" "En conséquence, elle n'a pas été chargée" #: ../lib/db_x509req.cpp:119 msgctxt "db_x509req|" msgid "Certificate request export" msgstr "Exporter la requête de signature" #: ../lib/db_x509req.cpp:120 msgctxt "db_x509req|" msgid "Certificate request ( *.pem *.der *.csr )" msgstr "Requête de signature de certificat ( *.pem *.der *.csr )" #: ../lib/db_x509super.cpp:81 msgctxt "db_x509super|" msgid "Key name" msgstr "Nom de la clé" #: ../lib/db_x509super.cpp:82 msgctxt "db_x509super|" msgid "Internal name of the key" msgstr "Nom interne de la clé" #: ../lib/db_x509super.cpp:84 msgctxt "db_x509super|" msgid "Signature algorithm" msgstr "Algorithme de signature" #: ../lib/db_x509super.cpp:85 msgctxt "db_x509super|" msgid "Key type" msgstr "Type de clé" #: ../lib/db_x509super.cpp:86 msgctxt "db_x509super|" msgid "Key size" msgstr "Taille de la clé" #: ../lib/db_x509super.cpp:88 msgctxt "db_x509super|" msgid "EC Group" msgstr "Groupe EC" #: ../lib/db_x509super.cpp:142 #, qt-format msgctxt "db_x509super|" msgid "Extracted from %1 '%2'" msgstr "Extrait de %1 '%2'" #: ../lib/db_x509super.cpp:144 ../lib/db_x509super.cpp:196 msgctxt "db_x509super|" msgid "Certificate" msgstr "Certificat" #: ../lib/db_x509super.cpp:144 ../lib/db_x509super.cpp:196 msgctxt "db_x509super|" msgid "Certificate request" msgstr "Requête de certificat" #: ../lib/db_x509super.cpp:159 msgctxt "db_x509super|" msgid "Save as OpenSSL config" msgstr "Enregistrer en format de configuration OpenSSL" #: ../lib/db_x509super.cpp:160 msgctxt "db_x509super|" msgid "Config files ( *.conf *.cnf);; All files ( * )" msgstr "Fichiers de configuration (*.conf *.cnf);; Tous les fichiers ( * )" #: ../lib/db_x509super.cpp:183 msgctxt "db_x509super|" msgid "The following extensions were not ported into the template" msgstr "Les extensions suivantes n'ont pas été enregistrées dans le modèle" #: ../lib/db_x509super.cpp:194 #, qt-format msgctxt "db_x509super|" msgid "Transformed from %1 '%2'" msgstr "Transformé à partir de %1 '%2'" #: ../widgets/kvView.cpp:164 msgctxt "kvView|" msgid "Type" msgstr "Type" #: ../widgets/kvView.cpp:164 msgctxt "kvView|" msgid "Content" msgstr "Contenu" #: ../lib/pass_info.cpp:15 msgctxt "pass_info|" msgid "Password" msgstr "Mot de passe" #: ../lib/pass_info.cpp:22 msgctxt "pass_info|" msgid "PIN" msgstr "NIP" #: ../lib/pki_base.cpp:289 msgctxt "pki_base|" msgid "Unknown" msgstr "Inconnu" #: ../lib/pki_base.cpp:290 msgctxt "pki_base|" msgid "Imported" msgstr "Importé" #: ../lib/pki_base.cpp:291 msgctxt "pki_base|" msgid "Generated" msgstr "Généré" #: ../lib/pki_base.cpp:292 msgctxt "pki_base|" msgid "Transformed" msgstr "Transformé" #: ../lib/pki_base.cpp:293 msgctxt "pki_base|" msgid "Token" msgstr "Jeton" #: ../lib/pki_base.cpp:294 msgctxt "pki_base|" msgid "Legacy Database" msgstr "Base de données antérieure" #: ../lib/pki_base.cpp:295 msgctxt "pki_base|" msgid "Renewed" msgstr "Renouvelé" #: ../lib/pki_base.cpp:430 #, qt-format msgctxt "pki_base|" msgid "Property '%1' not listed in 'pki_base::print'" msgstr "Propriété '%1' non listée dans 'pki_base::print'" #: ../lib/pki_base.cpp:125 #, qt-format msgctxt "pki_base|" msgid "Internal error: Unexpected message: %1 %2" msgstr "Erreur interne: message inattendu: %1 %2" #: ../lib/pki_crl.cpp:59 #, qt-format msgctxt "pki_crl|" msgid "Successfully imported the revocation list '%1'" msgstr "La liste de révocation '%1' a été importée avec succès" #: ../lib/pki_crl.cpp:60 #, qt-format msgctxt "pki_crl|" msgid "Delete the revocation list '%1'?" msgstr "Détruire la liste de révocation '%1' ?" #: ../lib/pki_crl.cpp:61 #, qt-format msgctxt "pki_crl|" msgid "Successfully created the revocation list '%1'" msgstr "La liste de révocation '%1' a été créée avec succès" #: ../lib/pki_crl.cpp:63 #, qt-format msgctxt "pki_crl|" msgid "Delete the %1 revocation lists: %2?" msgstr "Détruire les %1 listes de révocation: %2 ?" #: ../lib/pki_crl.cpp:146 #, qt-format msgctxt "pki_crl|" msgid "" "Unable to load the revocation list in file %1. Tried PEM and DER formatted " "CRL." msgstr "" "Impossible de charger le liste de révocation du fichier %1. Les formats PEM " "et DER ont été essayés." #: ../lib/pki_crl.cpp:161 msgctxt "pki_crl|" msgid "No issuer given" msgstr "Aucun signataire spécifié" #: ../lib/pki_crl.cpp:219 #, qt-format msgctxt "pki_crl|" msgid "Wrong Size %1" msgstr "Taille fausse %1" #: ../lib/pki_crl.cpp:434 #, qt-format msgctxt "pki_crl|" msgid "CRL Renewal of CA '%1' due" msgstr "Le renouvellement de la liste de révocation du CA '%1' est nécessaire" #: ../lib/pki_crl.cpp:435 #, qt-format msgctxt "pki_crl|" msgid "" "The latest CRL issued by the CA '%1' will expire on %2.\n" "It is stored in the XCA database '%3'" msgstr "" "La dernière liste de révocation générée par le CA '%1' expirera le %2.\n" "Elle est stockée dans la base de données XCA '%3'" #: ../lib/pki_crl.cpp:443 #, qt-format msgctxt "pki_crl|" msgid "Renew CRL: %1" msgstr "Renouvellement de CRL: %1" #: ../lib/pki_crl.cpp:444 #, qt-format msgctxt "pki_crl|" msgid "" "The XCA CRL '%1', issued on %3 will expire on %4.\n" "It is stored in the XCA database '%5'" msgstr "" "La liste de révocation XCA '%1', émise le %3 expirera le %4.\n" "Elle est stockée dans la base de données XCA '%5'" #: ../lib/pki_evp.cpp:260 #, qt-format msgctxt "pki_evp|" msgid "Please enter the password to decrypt the private key %1." msgstr "SVP saisir le mot de passe pour déchiffrer la clé privée %1," #: ../lib/pki_evp.cpp:327 #, qt-format msgctxt "pki_evp|" msgid "The key from file '%1' is incomplete or inconsistent." msgstr "La clé dans le fichier '%1' est incomplète ou incorrecte." #: ../lib/pki_evp.cpp:416 #, qt-format msgctxt "pki_evp|" msgid "" "Please enter the password to decrypt the private key from file:\n" "%1" msgstr "" "SVP saisir le mot de passe pour déchiffrer la clé privée du fichier:\n" "%1" #: ../lib/pki_evp.cpp:493 #, qt-format msgctxt "pki_evp|" msgid "" "Unable to load the private key in file %1. Tried PEM and DER private, " "public, PKCS#8 key types and SSH2 format." msgstr "" "Impossible de charger la clé privée du fichier %1. Les formats PEM et DER " "ainsi que les types de clés privé, public, PKCS#8 et le format SSH2 ont été " "essayés." #: ../lib/pki_evp.cpp:524 msgctxt "pki_evp|" msgid "Ignoring unsupported private key" msgstr "Clé privée non-supportée: ignorée" #: ../lib/pki_evp.cpp:541 #, qt-format msgctxt "pki_evp|" msgid "Please enter the password to decrypt the private key: '%1'" msgstr "SVP saisir le mot de passe pour déchiffrer la clé privée: '%1'" #: ../lib/pki_evp.cpp:544 ../lib/pki_evp.cpp:558 msgctxt "pki_evp|" msgid "Password input aborted" msgstr "Saisie du mot de passe abandonnée" #: ../lib/pki_evp.cpp:554 #, qt-format msgctxt "pki_evp|" msgid "Please enter the database password for decrypting the key '%1'" msgstr "" "SVP saisir le mot de passe de la base de données pour déchiffrer la clé '%1'" #: ../lib/pki_evp.cpp:659 #, qt-format msgctxt "pki_evp|" msgid "Please enter the password to protect the private key: '%1'" msgstr "SVP saisir le mot de passe pour protéger la clé privée: '%1'" #: ../lib/pki_evp.cpp:677 msgctxt "pki_evp|" msgid "Please enter the database password for encrypting the key" msgstr "SVP saisir le mot de passe de la base de données pour chiffrer la clé" #: ../lib/pki_evp.cpp:789 #, qt-format msgctxt "pki_evp|" msgid "Please enter the password protecting the PKCS#8 key '%1'" msgstr "SVP saisir le mot de passe protégeant la clé en PKCS#8 '%1'" #: ../lib/pki_evp.cpp:808 #, qt-format msgctxt "pki_evp|" msgid "Please enter the password protecting the Microsoft PVK key '%1'" msgstr "" "SVP saisir le mot de passe protégeant la clé en format Microsoft PVK '%1'" #: ../lib/pki_evp.cpp:863 #, qt-format msgctxt "pki_evp|" msgid "Please enter the export password for the private key '%1'" msgstr "SVP saisir le mot de passe d'exportation pour la clé privée '%1'" #: ../lib/pki_key.cpp:238 #, qt-format msgctxt "pki_key|" msgid "Successfully imported the %1 public key '%2'" msgstr "La clé publique %1 '%2' a été importée avec succès" #: ../lib/pki_key.cpp:239 #, qt-format msgctxt "pki_key|" msgid "Delete the %1 public key '%2'?" msgstr "Détruire la clé publique %1 '%2' ?" #: ../lib/pki_key.cpp:244 #, qt-format msgctxt "pki_key|" msgid "Successfully imported the %1 private key '%2'" msgstr "La clé privée %1 '%2' a été importée avec succès" #: ../lib/pki_key.cpp:245 #, qt-format msgctxt "pki_key|" msgid "Delete the %1 private key '%2'?" msgstr "Détruire la clé privée %1 '%2' ?" #: ../lib/pki_key.cpp:246 #, qt-format msgctxt "pki_key|" msgid "Successfully created the %1 private key '%2'" msgstr "La clé privée %1 '%2' a été créée avec succès" #: ../lib/pki_key.cpp:252 #, qt-format msgctxt "pki_key|" msgid "Delete the %1 keys: %2?" msgstr "Détruire les %1 clés: %2?" #: ../lib/pki_key.cpp:60 ../lib/pki_key.cpp:261 ../lib/pki_key.cpp:938 msgctxt "pki_key|" msgid "Public key" msgstr "Clé publique" #: ../lib/pki_key.cpp:499 msgctxt "pki_key|" msgid "Common" msgstr "Global" #: ../lib/pki_key.cpp:499 msgctxt "pki_key|" msgid "Private" msgstr "Privé" #: ../lib/pki_key.cpp:499 msgctxt "pki_key|" msgid "Bogus" msgstr "Erroné" #: ../lib/pki_key.cpp:499 msgctxt "pki_key|" msgid "PIN" msgstr "NIP" #: ../lib/pki_key.cpp:509 msgctxt "pki_key|" msgid "No password" msgstr "Pas de mot de passe" #: ../lib/pki_key.cpp:606 ../lib/pki_key.cpp:712 #, qt-format msgctxt "pki_key|" msgid "Unexpected SSH2 content: '%1'" msgstr "Contenu SSH2 inattendu: '%1'" #: ../lib/pki_key.cpp:626 ../lib/pki_key.cpp:632 msgctxt "pki_key|" msgid "Invalid SSH2 public key" msgstr "Clé publique SSH2 invalide" #: ../lib/pki_key.cpp:830 #, qt-format msgctxt "pki_key|" msgid "Failed writing to %1" msgstr "Echec d'écriture sur %1" #: ../lib/pki_multi.cpp:131 msgctxt "pki_multi|" msgid "No known PEM encoded items found" msgstr "Aucun objet PEM connu n'a été trouvé" #: ../lib/pki_pkcs12.cpp:40 #, qt-format msgctxt "pki_pkcs12|" msgid "" "Please enter the password to decrypt the PKCS#12 file:\n" "%1" msgstr "" "SVP saisir le mot de passe pour déchiffrer le fichier en PKCS#12:\n" "%1" #: ../lib/pki_pkcs12.cpp:49 #, qt-format msgctxt "pki_pkcs12|" msgid "Unable to load the PKCS#12 (pfx) file %1." msgstr "Impossible de charger le fichier en PKCS#12 (pfx) %1." #: ../lib/pki_pkcs12.cpp:73 #, qt-format msgctxt "pki_pkcs12|" msgid "The supplied password was wrong (%1)" msgstr "Le mot de passe renseigné était faux (%1)" #: ../lib/pki_pkcs12.cpp:127 msgctxt "pki_pkcs12|" msgid "Please enter the password to encrypt the PKCS#12 file" msgstr "SVP saisir le mot de passe pour chiffrer le fichier en PKCS#12" #: ../lib/pki_pkcs12.cpp:130 msgctxt "pki_pkcs12|" msgid "No key or no Cert and no pkcs12" msgstr "Pas de clé ou pas de certificat et pas en PKCS#12" #: ../lib/pki_pkcs7.cpp:173 #, qt-format msgctxt "pki_pkcs7|" msgid "Unable to load the PKCS#7 file %1. Tried PEM and DER format." msgstr "" "Impossible de charger le fichier en PKCS#7 %1. Les formats PEM et DER ont " "été essayés." #: ../lib/pki_scard.cpp:52 #, qt-format msgctxt "pki_scard|" msgid "Successfully imported the token key '%1'" msgstr "La clé du jeton '%1' a été importée avec succès" #: ../lib/pki_scard.cpp:53 #, qt-format msgctxt "pki_scard|" msgid "Delete the token key '%1'?" msgstr "Détruire la clé du jeton '%1' ?" #: ../lib/pki_scard.cpp:54 #, qt-format msgctxt "pki_scard|" msgid "Successfully created the token key '%1'" msgstr "La clé du jeton '%1' a été créée avec succès" #: ../lib/pki_scard.cpp:56 #, qt-format msgctxt "pki_scard|" msgid "Delete the %1 keys: %2?" msgstr "Détruire les %1 clés: %2?" #: ../lib/pki_scard.cpp:358 #, qt-format msgctxt "pki_scard|" msgid "Delete the private key '%1' from the token '%2 (#%3)' ?" msgstr "Détruire la clé privée '%1' sur le jeton '%2 (#%3)' ?" #: ../lib/pki_scard.cpp:431 msgctxt "pki_scard|" msgid "This Key is already on the token" msgstr "Cette clé est déjà sur le jeton" #: ../lib/pki_scard.cpp:517 msgctxt "pki_scard|" msgid "PIN input aborted" msgstr "Saisie du NIP abandonnée" #: ../lib/pki_scard.cpp:529 msgctxt "pki_scard|" msgid "Unable to find copied key on the token" msgstr "Impossible de trouver la clé copiée sur le jeton" #: ../lib/pki_scard.cpp:616 #, qt-format msgctxt "pki_scard|" msgid "Please insert card: %1 %2 [%3] with Serial: %4" msgstr "SVP insérer la carte %1 %2 [%3] avec le numéro de série: %4" #: ../lib/pki_scard.cpp:682 msgctxt "pki_scard|" msgid "Unable to find generated key on card" msgstr "Impossible de trouver la clé générée sur la carte" #: ../lib/pki_scard.cpp:720 msgctxt "pki_scard|" msgid "Ignoring unsupported token key" msgstr "La clé non-supportée sur le jeton est ignorée" #: ../lib/pki_scard.cpp:723 #, qt-format msgctxt "pki_scard|" msgid "Wrong Size %1" msgstr "Taille fausse %1" #: ../lib/pki_scard.cpp:729 #, qt-format msgctxt "pki_scard|" msgid "Token %1" msgstr "Jeton %1" #: ../lib/pki_scard.cpp:738 ../lib/pki_scard.cpp:751 msgctxt "pki_scard|" msgid "Failed to find the key on the token" msgstr "Impossible de trouver la clé sur le jeton" #: ../lib/pki_scard.cpp:745 msgctxt "pki_scard|" msgid "Invalid Pin for the token" msgstr "NIP invalide pour le jeton" #: ../lib/pki_scard.cpp:757 msgctxt "pki_scard|" msgid "Failed to initialize the key on the token" msgstr "Impossible d'initialiser la clé sur le jeton" #: ../lib/pki_temp.cpp:123 #, qt-format msgctxt "pki_temp|" msgid "Successfully imported the XCA template '%1'" msgstr "Le modèle XCA '%1' a été importé avec succès" #: ../lib/pki_temp.cpp:124 #, qt-format msgctxt "pki_temp|" msgid "Delete the XCA template '%1'?" msgstr "Détruire le modèle XCA '%1' ?" #: ../lib/pki_temp.cpp:125 #, qt-format msgctxt "pki_temp|" msgid "Successfully created the XCA template '%1'" msgstr "Le modèle XCA '%1' a été créé avec succès" #: ../lib/pki_temp.cpp:127 #, qt-format msgctxt "pki_temp|" msgid "Delete the %1 XCA templates: %2?" msgstr "Détruire les %1 modèles XCA: %2 ?" #: ../lib/pki_temp.cpp:335 #, qt-format msgctxt "pki_temp|" msgid "Wrong Size %1" msgstr "Taille fausse %1" #: ../lib/pki_temp.cpp:420 msgctxt "pki_temp|" msgid "Template file content error (too small)" msgstr "Erreur de contenu du fichier de modèle (trop petit)" #: ../lib/pki_temp.cpp:469 msgctxt "pki_temp|" msgid "Not a PEM encoded XCA Template" msgstr "Ce n'est pas un modèle XCA en format PEM" #: ../lib/pki_temp.cpp:477 #, qt-format msgctxt "pki_temp|" msgid "Not an XCA Template, but '%1'" msgstr "Ce n'est pas un modèle XCA, mais '%1'" #: ../lib/pki_x509.cpp:64 #, qt-format msgctxt "pki_x509|" msgid "Successfully imported the certificate '%1'" msgstr "Le certificat '%1' a été importé avec succès" #: ../lib/pki_x509.cpp:65 #, qt-format msgctxt "pki_x509|" msgid "Delete the certificate '%1'?" msgstr "Détruire le certificat '%1' ?" #: ../lib/pki_x509.cpp:66 #, qt-format msgctxt "pki_x509|" msgid "Successfully created the certificate '%1'" msgstr "Le certificat '%1' a été créé avec succès" #: ../lib/pki_x509.cpp:68 #, qt-format msgctxt "pki_x509|" msgid "Delete the %1 certificates: %2?" msgstr "Détruire les %1 certificats: '%2' ?" #: ../lib/pki_x509.cpp:229 #, qt-format msgctxt "pki_x509|" msgid "" "Unable to load the certificate in file %1. Tried PEM and DER certificate." msgstr "" "Impossible de charger le certificat du fichier %1. Les formats PEM et DER " "ont été essayés." #: ../lib/pki_x509.cpp:374 msgctxt "pki_x509|" msgid "This certificate is already on the security token" msgstr "Ce certificat est déjà dans le jeton de sécurité" #: ../lib/pki_x509.cpp:437 #, qt-format msgctxt "pki_x509|" msgid "Delete the certificate '%1' from the token '%2 (#%3)'?" msgstr "Détruire le certificat '%1' sur le jeton '%2 (#%3)' ?" #: ../lib/pki_x509.cpp:570 msgctxt "pki_x509|" msgid "There is no key for signing !" msgstr "Il n'y a pas de clé pour signer !" #: ../lib/pki_x509.cpp:631 #, qt-format msgctxt "pki_x509|" msgid "Wrong Size %1" msgstr "Taille fausse %1" #: ../lib/pki_x509.cpp:919 msgctxt "pki_x509|" msgid "No" msgstr "Non" #: ../lib/pki_x509.cpp:921 msgctxt "pki_x509|" msgid "Yes" msgstr "Oui" #: ../lib/pki_x509.cpp:951 #, qt-format msgctxt "pki_x509|" msgid "Renew certificate: %1" msgstr "Renouvellement du certificat: %1" #: ../lib/pki_x509.cpp:952 #, qt-format msgctxt "pki_x509|" msgid "" "The XCA certificate '%1', issued on %2 will expire on %3.\n" "It is stored in the XCA database '%4'" msgstr "" "Le certificat XCA '%1' émis le %2 expirera le %3.\n" "Il est stocké dans la base de données XCA '%4'" #: ../lib/pki_x509req.cpp:110 msgctxt "pki_x509req|" msgid "Signing key not valid (public key)" msgstr "La clé de signature n'est pas valide (c'est une clé publique)" #: ../lib/pki_x509req.cpp:152 #, qt-format msgctxt "pki_x509req|" msgid "Successfully imported the %1 certificate request '%2'" msgstr "La requête %1 de signature '%2' a été importée avec succès" #: ../lib/pki_x509req.cpp:153 #, qt-format msgctxt "pki_x509req|" msgid "Delete the %1 certificate request '%2'?" msgstr "Détruire la requête %1 de signature '%2' ?" #: ../lib/pki_x509req.cpp:154 #, qt-format msgctxt "pki_x509req|" msgid "Successfully created the %1 certificate request '%2'" msgstr "La requête %1 de signature '%2' a été créée avec succès" #: ../lib/pki_x509req.cpp:156 #, qt-format msgctxt "pki_x509req|" msgid "Delete the %1 certificate requests: %2?" msgstr "Détruire la requête %1 de signature '%2' ?" #: ../lib/pki_x509req.cpp:184 #, qt-format msgctxt "pki_x509req|" msgid "" "Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC " "format." msgstr "" "Impossible de charger la requête de signature du fichier %1. Les formats " "PEM, DER et SPKAC ont été essayés." #: ../lib/pki_x509req.cpp:216 #, qt-format msgctxt "pki_x509req|" msgid "Wrong Size %1" msgstr "Taille fausse %1" #: ../lib/pki_x509req.cpp:383 msgctxt "pki_x509req|" msgid "Signed" msgstr "Signée" #: ../lib/pki_x509req.cpp:383 msgctxt "pki_x509req|" msgid "Unhandled" msgstr "Non-géré" #: ../ui/v3ext.ui:26 msgctxt "v3ext|" msgid "Copy Common Name" msgstr "Copier le nom commun" #: ../ui/v3ext.ui:56 msgctxt "v3ext|" msgid "Add" msgstr "Ajouter" #: ../ui/v3ext.ui:63 msgctxt "v3ext|" msgid "Delete" msgstr "Enlever" #: ../ui/v3ext.ui:89 msgctxt "v3ext|" msgid "Apply" msgstr "Appliquer" #: ../ui/v3ext.ui:96 msgctxt "v3ext|" msgid "Validate" msgstr "Valider" #: ../ui/v3ext.ui:125 msgctxt "v3ext|" msgid "Cancel" msgstr "Annuler" #: ../widgets/v3ext.cpp:75 msgctxt "v3ext|" msgid "An email address or 'copy'" msgstr "Une adresse de courriel ou 'copy'" #: ../widgets/v3ext.cpp:77 msgctxt "v3ext|" msgid "An email address" msgstr "Une adresse de courriel" #: ../widgets/v3ext.cpp:79 msgctxt "v3ext|" msgid "A registered ID: OBJECT IDENTIFIER" msgstr "un IDentifiant enregistré: IDENTIFICATEUR.OBJET" #: ../widgets/v3ext.cpp:83 msgctxt "v3ext|" msgid "A uniform resource indicator" msgstr "un indicateur uniforme de ressource" #: ../widgets/v3ext.cpp:88 msgctxt "v3ext|" msgid "A DNS domain name or 'copycn'" msgstr "un nom de domaine DNS ou 'copycn'" #: ../widgets/v3ext.cpp:90 msgctxt "v3ext|" msgid "A DNS domain name" msgstr "un nom de domaine DNS" #: ../widgets/v3ext.cpp:92 msgctxt "v3ext|" msgid "An IP address" msgstr "Une adresse IP" #: ../widgets/v3ext.cpp:95 msgctxt "v3ext|" msgid "Syntax: ;TYPE:text like '1.2.3.4:UTF8:name'" msgstr "Syntaxe: ;TYPE:texte sous la forme '1.2.3.4:UTF8:nom'" #: ../widgets/v3ext.cpp:99 msgctxt "v3ext|" msgid "No editing. Only 'copy' allowed here" msgstr "Pas de modification possible. Seul 'copy' est permis ici" #: ../widgets/v3ext.cpp:168 #, qt-format msgctxt "v3ext|" msgid "" "Validation failed:\n" "'%1'\n" "%2" msgstr "" "La validation a échoué:\n" "'%1'\n" "%2" #: ../widgets/v3ext.cpp:173 #, qt-format msgctxt "v3ext|" msgid "" "Validation successful:\n" "'%1'" msgstr "" "La validation a été effectuée avec succès:\n" "'%1'" #: ../widgets/XcaWarning.cpp:121 msgctxt "xcaWarning|" msgid "The following error occurred:" msgstr "L'erreur suivante s'est produite:" #: ../widgets/XcaWarning.cpp:124 msgctxt "xcaWarning|" msgid "Copy to Clipboard" msgstr "Copier dans le presse-papier" xca-RELEASE.2.5.0/lang/po2ts.sh000077500000000000000000000002141450407711300156760ustar00rootroot00000000000000#!/bin/sh ALL="$@" test -n "$ALL" || ALL="tr fr sk" for lang in $ALL; do lconvert -if po -of ts -i "${lang}.po" -o "xca_${lang}.ts" done xca-RELEASE.2.5.0/lang/sk.po000066400000000000000000003351251450407711300152610ustar00rootroot00000000000000# This file is distributed under the same license as the XCA package. # Slavko , 2016-2021. # msgid "" msgstr "" "Project-Id-Version: X Certificate and Key management 2.0\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2018-03-16 18:14+0200\n" "PO-Revision-Date: 2021-04-29 12:25+0200\n" "Last-Translator: Slavko \n" "Language-Team: slovenčina \n" "Language: sk\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "X-Generator: Gtranslator 3.38.0\n" "Plural-Forms: nplurals=3; plural=(n==1) ? 0 : (n>=2 && n<=4) ? 1 : 2;\n" "X-Qt-Contexts: true\n" #: ../ui/CaProperties.ui:30 msgctxt "CaProperties|" msgid "CA Properties" msgstr "Vlastnosti CA" #: ../ui/CaProperties.ui:92 msgctxt "CaProperties|" msgid "Days until next CRL issuing" msgstr "Dní do nasledujúceho vydania CRL" #: ../ui/CaProperties.ui:102 msgctxt "CaProperties|" msgid "Default template" msgstr "Predvolená šablóna" #: ../ui/CertDetail.ui:30 ../widgets/CertDetail.cpp:112 msgctxt "CertDetail|" msgid "Details of the Certificate" msgstr "Podrobnosti certifikátu" #: ../ui/CertDetail.ui:165 msgctxt "CertDetail|" msgid "Serial" msgstr "Sériové číslo" #: ../ui/CertDetail.ui:178 msgctxt "CertDetail|" msgid "The serial number of the certificate" msgstr "Sériové číslo certifikátu" #: ../ui/CertDetail.ui:113 msgctxt "CertDetail|" msgid "The internal name of the certificate in the database" msgstr "Interný názov certifikátu v databáze" #: ../ui/CertDetail.ui:78 msgctxt "CertDetail|" msgid "Status" msgstr "Stav" #: ../ui/CertDetail.ui:106 msgctxt "CertDetail|" msgid "Internal name" msgstr "Interný názov" #: ../ui/CertDetail.ui:120 msgctxt "CertDetail|" msgid "Signature" msgstr "Podpis" #: ../ui/CertDetail.ui:145 msgctxt "CertDetail|" msgid "Key" msgstr "Kľúč" #: ../ui/CertDetail.ui:191 msgctxt "CertDetail|" msgid "Fingerprints" msgstr "Odtlačky" #: ../ui/CertDetail.ui:203 msgctxt "CertDetail|" msgid "MD5" msgstr "MD5" #: ../ui/CertDetail.ui:216 msgctxt "CertDetail|" msgid "An md5 hashsum of the certificate" msgstr "Odtlačok certifikátu MD5" #: ../ui/CertDetail.ui:229 msgctxt "CertDetail|" msgid "SHA1" msgstr "SHA1" #: ../ui/CertDetail.ui:242 msgctxt "CertDetail|" msgid "A SHA-1 hashsum of the certificate" msgstr "Odtlačok certifikátu SHA-1" #: ../ui/CertDetail.ui:255 msgctxt "CertDetail|" msgid "SHA256" msgstr "SHA256" #: ../ui/CertDetail.ui:268 msgctxt "CertDetail|" msgid "A SHA-256 hashsum of the certificate" msgstr "Odtlačok certifikátu SHA-256" #: ../ui/CertDetail.ui:278 msgctxt "CertDetail|" msgid "Validity" msgstr "Platnosť" #: ../ui/CertDetail.ui:287 msgctxt "CertDetail|" msgid "The time since the certificate is valid" msgstr "Čas odkedy je certifikát platný" #: ../ui/CertDetail.ui:294 msgctxt "CertDetail|" msgid "The time until the certificate is valid" msgstr "Čas dokedy je certifikát platný" #: ../ui/CertDetail.ui:328 msgctxt "CertDetail|" msgid "Subject" msgstr "Predmet" #: ../ui/CertDetail.ui:341 msgctxt "CertDetail|" msgid "Issuer" msgstr "Vydavateľ" #: ../ui/CertDetail.ui:364 msgctxt "CertDetail|" msgid "Extensions" msgstr "Rozšírenia" #: ../ui/CertDetail.ui:385 msgctxt "CertDetail|" msgid "Comment" msgstr "Komentár" #: ../ui/CertDetail.ui:354 msgctxt "CertDetail|" msgid "Attributes" msgstr "Atribúty" #: ../ui/CertDetail.ui:377 ../widgets/CertDetail.cpp:40 msgctxt "CertDetail|" msgid "Show config" msgstr "Zobraziť konfiguráciu" #: ../widgets/CertDetail.cpp:44 msgctxt "CertDetail|" msgid "Show extensions" msgstr "Zobraziť rozšírenia" #: ../widgets/CertDetail.cpp:66 msgctxt "CertDetail|" msgid "Show public key" msgstr "Zobraziť verejný kľúč" #: ../widgets/CertDetail.cpp:69 msgctxt "CertDetail|" msgid "This key is not in the database." msgstr "Tento kľúč nie je v databáze." #: ../widgets/CertDetail.cpp:73 msgctxt "CertDetail|" msgid "Not available" msgstr "Nedostupné" #: ../widgets/CertDetail.cpp:120 msgctxt "CertDetail|" msgid "Signer unknown" msgstr "Neznámy podpis" #: ../widgets/CertDetail.cpp:124 msgctxt "CertDetail|" msgid "Self signed" msgstr "Sebou podpísaný" #: ../widgets/CertDetail.cpp:154 #, qt-format msgctxt "CertDetail|" msgid "Revoked at %1" msgstr "Odvolaný %1: " #: ../widgets/CertDetail.cpp:159 msgctxt "CertDetail|" msgid "Not valid" msgstr "Neplatný" #: ../widgets/CertDetail.cpp:163 msgctxt "CertDetail|" msgid "Valid" msgstr "Platný" #: ../widgets/CertDetail.cpp:184 msgctxt "CertDetail|" msgid "Details of the certificate signing request" msgstr "Podrobnosti žiadosti o podpísanie certifikátu" #: ../ui/CertExtend.ui:30 msgctxt "CertExtend|" msgid "Certificate renewal" msgstr "Obnovenie certifikátu" #: ../ui/CertExtend.ui:74 msgctxt "CertExtend|" msgid "" "This will create a new certificate as a copy of the old one with a new " "serial number and adjusted validity values." msgstr "" "Týmto vytvoríte nový certifikát ako kópiu starého s novým sériovým číslom a " "novými hodnotami platnosti." #: ../ui/CertExtend.ui:100 msgctxt "CertExtend|" msgid "Validity" msgstr "Platnosť" #: ../ui/CertExtend.ui:111 msgctxt "CertExtend|" msgid "Not before" msgstr "Nie pred" #: ../ui/CertExtend.ui:118 msgctxt "CertExtend|" msgid "Not after" msgstr "Nie po" #: ../ui/CertExtend.ui:144 msgctxt "CertExtend|" msgid "Time range" msgstr "Časový rozsah" #: ../ui/CertExtend.ui:150 msgctxt "CertExtend|" msgid "Local time" msgstr "Lokálny čas" #: ../ui/CertExtend.ui:158 msgctxt "CertExtend|" msgid "Days" msgstr "Dni" #: ../ui/CertExtend.ui:163 msgctxt "CertExtend|" msgid "Months" msgstr "Mesiace" #: ../ui/CertExtend.ui:168 msgctxt "CertExtend|" msgid "Years" msgstr "Roky" #: ../ui/CertExtend.ui:176 msgctxt "CertExtend|" msgid "No well-defined expiration" msgstr "Bez vypršania" #: ../ui/CertExtend.ui:183 msgctxt "CertExtend|" msgid "Midnight" msgstr "Polnoc" #: ../ui/CertExtend.ui:190 msgctxt "CertExtend|" msgid "Apply" msgstr "Použiť" #: ../ui/CertExtend.ui:216 msgctxt "CertExtend|" msgid "Revoke old certificate" msgstr "Odvolať starý certifikát" #: ../ui/CertExtend.ui:226 msgctxt "CertExtend|" msgid "Keep serial number" msgstr "Zachovať sériové číslo" #: ../widgets/CertExtend.cpp:43 msgctxt "CertExtend|" msgid "" "The certificate will be earlier valid than the signer. This is probably not " "what you want." msgstr "" "Certifikát bude platný skôr ako jeho vydavateľ. To asi nie je to, čo chcete." #: ../widgets/CertExtend.cpp:45 ../widgets/CertExtend.cpp:67 msgctxt "CertExtend|" msgid "Edit dates" msgstr "Upraviť dátumy" #: ../widgets/CertExtend.cpp:46 ../widgets/CertExtend.cpp:68 msgctxt "CertExtend|" msgid "Abort rollout" msgstr "Prerušiť operáciu" #: ../widgets/CertExtend.cpp:47 ../widgets/CertExtend.cpp:69 msgctxt "CertExtend|" msgid "Continue rollout" msgstr "Pokračovať v operácii" #: ../widgets/CertExtend.cpp:48 ../widgets/CertExtend.cpp:70 msgctxt "CertExtend|" msgid "Adjust date and continue" msgstr "Opraviť dátum a pokračovať" #: ../widgets/CertExtend.cpp:65 msgctxt "CertExtend|" msgid "" "The certificate will be longer valid than the signer. This is probably not " "what you want." msgstr "" "Certifikát bude platný dlhšie ako jeho vydavateľ. To asi nie je to, čo " "chcete." #: ../widgets/CertTreeView.cpp:30 msgctxt "CertTreeView|" msgid "Import PKCS#12" msgstr "Import PKCS#12" #: ../widgets/CertTreeView.cpp:31 msgctxt "CertTreeView|" msgid "Import from PKCS#7" msgstr "Importovať z PKCS#7" #: ../widgets/CertTreeView.cpp:60 msgctxt "CertTreeView|" msgid "Request" msgstr "Žiadosť" #: ../widgets/CertTreeView.cpp:62 msgctxt "CertTreeView|" msgid "Security token" msgstr "Bezpečnostný token" #: ../widgets/CertTreeView.cpp:64 msgctxt "CertTreeView|" msgid "Other token" msgstr "Iný token" #: ../widgets/CertTreeView.cpp:68 msgctxt "CertTreeView|" msgid "Similar Certificate" msgstr "Podobný certifikát" #: ../widgets/CertTreeView.cpp:71 msgctxt "CertTreeView|" msgid "Delete from Security token" msgstr "Odstrániť z Bezpečnostného tokenu" #: ../widgets/CertTreeView.cpp:74 msgctxt "CertTreeView|" msgid "CA" msgstr "CA" #: ../widgets/CertTreeView.cpp:75 msgctxt "CertTreeView|" msgid "Properties" msgstr "Vlastnosti" #: ../widgets/CertTreeView.cpp:76 msgctxt "CertTreeView|" msgid "Generate CRL" msgstr "Generovať CRL" #: ../widgets/CertTreeView.cpp:77 msgctxt "CertTreeView|" msgid "Manage revocations" msgstr "Spravovať odvolania" #: ../widgets/CertTreeView.cpp:82 ../widgets/CertTreeView.cpp:85 msgctxt "CertTreeView|" msgid "Renewal" msgstr "Obnoviť" #: ../widgets/CertTreeView.cpp:87 msgctxt "CertTreeView|" msgid "Revoke" msgstr "Odvolať" #: ../widgets/CertTreeView.cpp:89 msgctxt "CertTreeView|" msgid "Unrevoke" msgstr "Zrušiť odvolanie" #: ../widgets/CertTreeView.cpp:157 msgctxt "CertTreeView|" msgid "Plain View" msgstr "Prosté zobrazenie" #: ../widgets/CertTreeView.cpp:157 msgctxt "CertTreeView|" msgid "Tree View" msgstr "Stromové zobrazenie" #: ../widgets/clicklabel.cpp:37 msgctxt "ClickLabel|" msgid "Double click for details" msgstr "Dvojklikom podrobnosti" #: ../ui/CrlDetail.ui:30 msgctxt "CrlDetail|" msgid "Details of the Revocation list" msgstr "Podrobnosti CRL" #: ../ui/CrlDetail.ui:78 msgctxt "CrlDetail|" msgid "&Status" msgstr "&Stav" #: ../ui/CrlDetail.ui:144 msgctxt "CrlDetail|" msgid "Version" msgstr "Verzia" #: ../ui/CrlDetail.ui:163 msgctxt "CrlDetail|" msgid "Signature" msgstr "Podpis" #: ../ui/CrlDetail.ui:170 msgctxt "CrlDetail|" msgid "Signed by" msgstr "Podpísal" #: ../ui/CrlDetail.ui:177 msgctxt "CrlDetail|" msgid "Name" msgstr "Názov" #: ../ui/CrlDetail.ui:184 msgctxt "CrlDetail|" msgid "The internal name of the CRL in the database" msgstr "Interný názov CRL v databáze" #: ../ui/CrlDetail.ui:197 msgctxt "CrlDetail|" msgid "issuing dates" msgstr "Dátumy vydania" #: ../ui/CrlDetail.ui:215 msgctxt "CrlDetail|" msgid "Next update" msgstr "Nasled. aktualizácia" #: ../ui/CrlDetail.ui:222 msgctxt "CrlDetail|" msgid "Last update" msgstr "Posledná aktualizácia" #: ../ui/CrlDetail.ui:255 msgctxt "CrlDetail|" msgid "&Issuer" msgstr "&Vydavateľ" #: ../ui/CrlDetail.ui:277 msgctxt "CrlDetail|" msgid "&Extensions" msgstr "&Rozšírenia" #: ../ui/CrlDetail.ui:306 msgctxt "CrlDetail|" msgid "&Revocation list" msgstr "Zoznam &odvolaných" #: ../ui/CrlDetail.ui:340 msgctxt "CrlDetail|" msgid "Comment" msgstr "Komentár" #: ../widgets/CrlDetail.cpp:52 msgctxt "CrlDetail|" msgid "Failed" msgstr "Zlyhalo" #: ../widgets/CrlDetail.cpp:57 msgctxt "CrlDetail|" msgid "Unknown signer" msgstr "Neznámy podpis" #: ../widgets/CrlDetail.cpp:60 msgctxt "CrlDetail|" msgid "Verification not possible" msgstr "Overenie nemožné" #: ../widgets/CrlTreeView.cpp:37 msgctxt "CrlTreeView|" msgid "There are no CA certificates for CRL generation" msgstr "Neexistujú certifikáty CA na generovanie CRL" #: ../widgets/CrlTreeView.cpp:45 msgctxt "CrlTreeView|" msgid "Select CA certificate" msgstr "Vyberte certifikát CA" #: ../ui/ExportDialog.ui:79 msgctxt "ExportDialog|" msgid "Name" msgstr "Názov" #: ../ui/ExportDialog.ui:86 msgctxt "ExportDialog|" msgid "The internal name of the CRL in the database" msgstr "Interný názov CRL v databáze" #: ../ui/ExportDialog.ui:115 msgctxt "ExportDialog|" msgid "..." msgstr "…" #: ../ui/ExportDialog.ui:99 msgctxt "ExportDialog|" msgid "Filename" msgstr "Meno súboru" #: ../ui/ExportDialog.ui:151 msgctxt "ExportDialog|" msgid "Export comment into PEM file" msgstr "Exportovať komentáre do súboru PEM" #: ../ui/ExportDialog.ui:171 msgctxt "ExportDialog|" msgid "Export Format" msgstr "Formát exportu" #: ../widgets/ExportDialog.cpp:41 msgctxt "ExportDialog|" msgid "All files ( * )" msgstr "Všetky súbory (*)" #: ../widgets/ExportDialog.cpp:56 msgctxt "ExportDialog|" msgid "PEM Text format with headers" msgstr "Textový formát PEM s hlavičkami" #: ../widgets/ExportDialog.cpp:58 msgctxt "ExportDialog|" msgid "Concatenated list of all selected items in one PEM text file" msgstr "Zlúčený zoznam zvolených položiek v jednom textovom súbore PEM" #: ../widgets/ExportDialog.cpp:59 msgctxt "ExportDialog|" msgid "" "Concatenated text format of the complete certificate chain in one PEM file" msgstr "Zlúčený textový formát úplnej reťaze certifikátu v jednom súbore PEM" #: ../widgets/ExportDialog.cpp:63 msgctxt "ExportDialog|" msgid "Concatenated text format of all certificates in one PEM file" msgstr "Zlúčený textový formát všetkých certifikátov v jednom súbore PEM" #: ../widgets/ExportDialog.cpp:64 msgctxt "ExportDialog|" msgid "Binary DER encoded file" msgstr "Binárne kódovaný súbor DER" #: ../widgets/ExportDialog.cpp:65 msgctxt "ExportDialog|" msgid "PKCS#7 encoded single certificate" msgstr "PKCS#7 kódovaný jeden certifikát" #: ../widgets/ExportDialog.cpp:67 msgctxt "ExportDialog|" msgid "PKCS#7 encoded complete certificate chain" msgstr "PKCS#7 kódovaná úplná reťaz certifikátov" #: ../widgets/ExportDialog.cpp:61 msgctxt "ExportDialog|" msgid "Concatenated text format of all unrevoked certificates in one PEM file" msgstr "" "Zlúčený textový formát všetkých dôveryhodných certifikátov v jednom súbore " "PEM" #: ../widgets/ExportDialog.cpp:69 msgctxt "ExportDialog|" msgid "All unrevoked certificates encoded in one PKCS#7 file" msgstr "Všetky neodvolané certifikáty kódované v jednom súbore PKCS#7" #: ../widgets/ExportDialog.cpp:71 msgctxt "ExportDialog|" msgid "All selected certificates encoded in one PKCS#7 file" msgstr "Všetky zvolené certifikáty kódované v jednom súbore PKCS#7" #: ../widgets/ExportDialog.cpp:73 msgctxt "ExportDialog|" msgid "All certificates encoded in one PKCS#7 file" msgstr "Všetky certifikáty kódované v jednom súbore PKCS#7" #: ../widgets/ExportDialog.cpp:75 msgctxt "ExportDialog|" msgid "The certificate and the private key as encrypted PKCS#12 file" msgstr "Certifikát a súkromný kľúč ako šifrovaný súbor PKCS#12" #: ../widgets/ExportDialog.cpp:76 msgctxt "ExportDialog|" msgid "" "The complete certificate chain and the private key as encrypted PKCS#12 file" msgstr "Úplná reťaz certifikátu a súkromný kľúč ako šifrovaný súbor PKCS#12" #: ../widgets/ExportDialog.cpp:77 msgctxt "ExportDialog|" msgid "" "Concatenation of the certificate and the unencrypted private key in one PEM " "file" msgstr "" "Spojenie certifikátu a nešifrovaného súkromného kľúča v jednom súbore PEM" #: ../widgets/ExportDialog.cpp:78 msgctxt "ExportDialog|" msgid "" "Concatenation of the certificate and the encrypted private key in PKCS#8 " "format in one file" msgstr "" "Spojenie certifikátu a šifrovaného súkromného kľúča v jednom súbore PKCS#8" #: ../widgets/ExportDialog.cpp:79 msgctxt "ExportDialog|" msgid "Text format of the public key in one PEM file" msgstr "Textový formát verejného kľúča v súbore PEM" #: ../widgets/ExportDialog.cpp:80 msgctxt "ExportDialog|" msgid "Binary DER format of the public key" msgstr "Binárny formát DER verejného kľúča" #: ../widgets/ExportDialog.cpp:82 msgctxt "ExportDialog|" msgid "Unencrypted private key in text format" msgstr "Nešifrovaný súkromný kľúč v textovom formáte" #: ../widgets/ExportDialog.cpp:84 msgctxt "ExportDialog|" msgid "OpenSSL specific encrypted private key in text format" msgstr "Šifrovaný súkromný kľúč v textovom formáte (špecifický pre OpenSSL)" #: ../widgets/ExportDialog.cpp:86 msgctxt "ExportDialog|" msgid "Unencrypted private key in binary DER format" msgstr "Nešifrovaný súkromný kľúč v binárnom formáte DER" #: ../widgets/ExportDialog.cpp:88 msgctxt "ExportDialog|" msgid "Unencrypted private key in PKCS#8 text format" msgstr "Nešifrovaný súkromný kľúč v textovom formáte PKCS#8" #: ../widgets/ExportDialog.cpp:90 msgctxt "ExportDialog|" msgid "Encrypted private key in PKCS#8 text format" msgstr "Šifrovaný súkromný kľúč v textovom formáte PKCS#8" #: ../widgets/ExportDialog.cpp:91 msgctxt "ExportDialog|" msgid "The public key encoded in SSH2 format" msgstr "Verejný kľúč kódovaný vo formáte SSH2" #: ../widgets/ExportDialog.cpp:92 msgctxt "ExportDialog|" msgid "" "OpenSSL specific Certificate Index file as created by the 'ca' command and " "required by the OCSP tool" msgstr "" "Súbor indexu certifikátov, špecifický pre OpenSSL, vytvorený ako príkazom " "„ca” a vyžadovaný nástrojom OCSP" #: ../widgets/ExportDialog.cpp:93 msgctxt "ExportDialog|" msgid "vCalendar expiry reminder for the selected items" msgstr "Pripomienka vCalendar vypršania platnosti zvolených položiek" #: ../widgets/ExportDialog.cpp:94 msgctxt "ExportDialog|" msgid "" "vCalendar expiry reminder containing all issued, valid certificates, the CA " "itself and the latest CRL" msgstr "" "Pripomienka vCalendar vypršania platnosti všetkých vydaných, platných " "certifikátov, samotnej CA i posledného CRL" #: ../widgets/ExportDialog.cpp:95 msgctxt "ExportDialog|" msgid "Private key in Microsoft PVK format not encrypted" msgstr "Súkromný kľúč vo formáte Microsoft PVK, nešifrovaný" #: ../widgets/ExportDialog.cpp:96 msgctxt "ExportDialog|" msgid "Encrypted private key in Microsoft PVK format" msgstr "Šifrovaný súkromný kľúč vo formáte Microsoft PVK" #: ../widgets/ExportDialog.cpp:133 #, qt-format msgctxt "ExportDialog|" msgid "The file: '%1' already exists!" msgstr "Súbor: „%1” už existuje!" #: ../widgets/ExportDialog.cpp:134 msgctxt "ExportDialog|" msgid "Overwrite" msgstr "Prepísať" #: ../widgets/ExportDialog.cpp:135 msgctxt "ExportDialog|" msgid "Do not overwrite" msgstr "Neprepísať" #: ../ui/Help.ui:36 msgctxt "Help|" msgid "<<" msgstr "<<" #: ../ui/Help.ui:46 msgctxt "Help|" msgid ">>" msgstr ">>" #: ../ui/Help.ui:72 msgctxt "Help|" msgid "&Done" msgstr "&Hotovo" #: ../ui/ImportMulti.ui:36 msgctxt "ImportMulti|" msgid "Import PKI Items" msgstr "Importovať položky PKI" #: ../ui/ImportMulti.ui:94 msgctxt "ImportMulti|" msgid "Import &All" msgstr "Importovať &všetky" #: ../ui/ImportMulti.ui:101 msgctxt "ImportMulti|" msgid "&Import" msgstr "&Importovať" #: ../ui/ImportMulti.ui:108 msgctxt "ImportMulti|" msgid "&Done" msgstr "&Hotovo" #: ../ui/ImportMulti.ui:115 msgctxt "ImportMulti|" msgid "&Remove from list" msgstr "Odstrániť zo zoznamu" #: ../ui/ImportMulti.ui:122 msgctxt "ImportMulti|" msgid "Details" msgstr "Podrobnosti" #: ../ui/ImportMulti.ui:129 msgctxt "ImportMulti|" msgid "Delete from token" msgstr "Odstrániť z tokenu" #: ../ui/ImportMulti.ui:136 msgctxt "ImportMulti|" msgid "Rename on token" msgstr "Premenovať token" #: ../widgets/ImportMulti.cpp:64 #, qt-format msgctxt "ImportMulti|" msgid "" "\n" "Name: %1\n" "Model: %2\n" "Serial: %3" msgstr "" "\n" "Názov: %1\n" "Model: %2\n" "Sér. č.: %3" #: ../widgets/ImportMulti.cpp:69 msgctxt "ImportMulti|" msgid "Manage security token" msgstr "Spravovať bezpečnostný token" #: ../widgets/ImportMulti.cpp:281 #, qt-format msgctxt "ImportMulti|" msgid "Details of the item '%1' cannot be shown" msgstr "Podrobnosti položky „%1” nemožno zobraziť" #: ../widgets/ImportMulti.cpp:103 ../widgets/ImportMulti.cpp:285 #, qt-format msgctxt "ImportMulti|" msgid "The type of the item '%1' is not recognized" msgstr "Typ položky „%1” nie je rozpoznaný" #: ../widgets/ImportMulti.cpp:313 #, qt-format msgctxt "ImportMulti|" msgid "The file '%1' did not contain PKI data" msgstr "Súbor „%1” neobsahuje dáta PKI" #: ../widgets/ImportMulti.cpp:316 #, qt-format msgctxt "ImportMulti|" msgid "The %1 files: '%2' did not contain PKI data" msgstr "%1 súbory: „%2” neobsahuje dáta PKI" #: ../ui/ItemProperties.ui:22 msgctxt "ItemProperties|" msgid "Name" msgstr "Názov" #: ../ui/ItemProperties.ui:32 msgctxt "ItemProperties|" msgid "Source" msgstr "Zdroj" #: ../ui/ItemProperties.ui:42 msgctxt "ItemProperties|" msgid "Insertion date" msgstr "Dátum vloženia" #: ../ui/ItemProperties.ui:54 msgctxt "ItemProperties|" msgid "Comment" msgstr "Komentár" #: ../ui/KeyDetail.ui:82 msgctxt "KeyDetail|" msgid "Name" msgstr "Názov" #: ../ui/KeyDetail.ui:89 msgctxt "KeyDetail|" msgid "The internal name of the key used by xca" msgstr "Interný názov kľúča používaný v xca" #: ../widgets/KeyDetail.cpp:106 msgctxt "KeyDetail|" msgid "Security token" msgstr "Bezpečnostný token" #: ../ui/KeyDetail.ui:286 msgctxt "KeyDetail|" msgid "Manufacturer" msgstr "Výrobca" #: ../ui/KeyDetail.ui:296 msgctxt "KeyDetail|" msgid "Serial" msgstr "Sériové číslo" #: ../ui/KeyDetail.ui:102 ../ui/KeyDetail.ui:182 msgctxt "KeyDetail|" msgid "Key" msgstr "Kľúč" #: ../ui/KeyDetail.ui:110 msgctxt "KeyDetail|" msgid "Public Exponent" msgstr "Verejný exponent" #: ../ui/KeyDetail.ui:136 msgctxt "KeyDetail|" msgid "Keysize" msgstr "Veľkosť kľúča" #: ../ui/KeyDetail.ui:163 msgctxt "KeyDetail|" msgid "Private Exponent" msgstr "Súkromný exponent" #: ../ui/KeyDetail.ui:214 msgctxt "KeyDetail|" msgid "Security Token" msgstr "Bezpečnostný token" #: ../ui/KeyDetail.ui:235 ../ui/KeyDetail.ui:306 msgctxt "KeyDetail|" msgid "Label" msgstr "Menovka" #: ../ui/KeyDetail.ui:245 msgctxt "KeyDetail|" msgid "PKCS#11 ID" msgstr "ID PKCS#11" #: ../ui/KeyDetail.ui:270 msgctxt "KeyDetail|" msgid "Token information" msgstr "Informácie tokenu" #: ../ui/KeyDetail.ui:276 msgctxt "KeyDetail|" msgid "Model" msgstr "Model" #: ../ui/KeyDetail.ui:324 msgctxt "KeyDetail|" msgid "Fingerprint" msgstr "Odtlačok" #: ../ui/KeyDetail.ui:329 msgctxt "KeyDetail|" msgid "Comment" msgstr "Komentár" #: ../widgets/KeyDetail.cpp:89 #, qt-format msgctxt "KeyDetail|" msgid "Details of the %1 key" msgstr "Podrobnosti kľúča %1" #: ../widgets/KeyDetail.cpp:95 msgctxt "KeyDetail|" msgid "Not available" msgstr "Nedostupné" #: ../widgets/KeyDetail.cpp:108 msgctxt "KeyDetail|" msgid "Available" msgstr "Dostupný" #: ../widgets/KeyDetail.cpp:117 msgctxt "KeyDetail|" msgid "Sub prime" msgstr "Sub prime" #: ../widgets/KeyDetail.cpp:118 ../widgets/KeyDetail.cpp:127 #: ../widgets/KeyDetail.cpp:139 msgctxt "KeyDetail|" msgid "Public key" msgstr "Verejný kľúč" #: ../widgets/KeyDetail.cpp:119 ../widgets/KeyDetail.cpp:128 #: ../widgets/KeyDetail.cpp:140 msgctxt "KeyDetail|" msgid "Private key" msgstr "Súkromný kľúč" #: ../widgets/KeyDetail.cpp:129 ../widgets/KeyDetail.cpp:141 msgctxt "KeyDetail|" msgid "Curve name" msgstr "Názov krivky" #: ../widgets/KeyDetail.cpp:148 msgctxt "KeyDetail|" msgid "Unknown key" msgstr "Neznámy kľúč" #: ../widgets/KeyTreeView.cpp:30 msgctxt "KeyTreeView|" msgid "Change password" msgstr "Zmeniť heslo" #: ../widgets/KeyTreeView.cpp:34 msgctxt "KeyTreeView|" msgid "Reset password" msgstr "Odstrániť heslo" #: ../widgets/KeyTreeView.cpp:46 msgctxt "KeyTreeView|" msgid "Change PIN" msgstr "Zmeniť PIN" #: ../widgets/KeyTreeView.cpp:48 msgctxt "KeyTreeView|" msgid "Init PIN with SO PIN (PUK)" msgstr "Inicializovať PIN pomocou SO PIN (PUK)" #: ../widgets/KeyTreeView.cpp:50 msgctxt "KeyTreeView|" msgid "Change SO PIN (PUK)" msgstr "Zmeniť SO PIN (PUK)" #: ../widgets/KeyTreeView.cpp:53 msgctxt "KeyTreeView|" msgid "Security token" msgstr "Bezpečnostný token" #: ../widgets/KeyTreeView.cpp:90 ../widgets/KeyTreeView.cpp:108 #: ../widgets/KeyTreeView.cpp:126 msgctxt "KeyTreeView|" msgid "This is not a token" msgstr "Toto nie je token" #: ../widgets/KeyTreeView.cpp:155 #, qt-format msgctxt "KeyTreeView|" msgid "" "Shall the original key '%1' be replaced by the key on the token?\n" "This will delete the key '%1' and make it unexportable" msgstr "" "Má byť pôvodný kľúč „%1” nahradený kľúčom z tokenu?\n" "Týmto bude kľúč „%1” odstránený a nebude ho možné exportovať" #: ../ui/MainWindow.ui:22 msgctxt "MainWindow|" msgid "Private Keys" msgstr "Súkromné kľúče" #: ../ui/MainWindow.ui:49 msgctxt "MainWindow|" msgid "&New Key" msgstr "&Nový kľúč" #: ../ui/MainWindow.ui:56 ../ui/MainWindow.ui:161 ../ui/MainWindow.ui:253 #: ../ui/MainWindow.ui:391 ../ui/MainWindow.ui:456 msgctxt "MainWindow|" msgid "&Export" msgstr "&Exportovať" #: ../ui/MainWindow.ui:63 ../ui/MainWindow.ui:168 ../ui/MainWindow.ui:260 #: ../ui/MainWindow.ui:384 ../ui/MainWindow.ui:463 msgctxt "MainWindow|" msgid "&Import" msgstr "&Importovať" #: ../ui/MainWindow.ui:70 msgctxt "MainWindow|" msgid "Import PFX (PKCS#12)" msgstr "Importovať PFX (PKCS#12)" #: ../ui/MainWindow.ui:77 ../ui/MainWindow.ui:175 ../ui/MainWindow.ui:267 #: ../ui/MainWindow.ui:470 msgctxt "MainWindow|" msgid "&Show Details" msgstr "&Zobraziť podrobnosti" #: ../ui/MainWindow.ui:84 ../ui/MainWindow.ui:182 ../ui/MainWindow.ui:274 #: ../ui/MainWindow.ui:377 ../ui/MainWindow.ui:477 msgctxt "MainWindow|" msgid "&Delete" msgstr "&Odstrániť" #: ../ui/MainWindow.ui:124 msgctxt "MainWindow|" msgid "Certificate signing requests" msgstr "Žiadosti o podpísanie" #: ../ui/MainWindow.ui:154 msgctxt "MainWindow|" msgid "&New Request" msgstr "&Nová žiadosť" #: ../ui/MainWindow.ui:222 ../widgets/MW_menu.cpp:132 msgctxt "MainWindow|" msgid "Certificates" msgstr "Certifikáty" #: ../ui/MainWindow.ui:246 msgctxt "MainWindow|" msgid "&New Certificate" msgstr "&Nový certifikát" #: ../ui/MainWindow.ui:281 msgctxt "MainWindow|" msgid "Import &PKCS#12" msgstr "Importovať &PKCS#12" #: ../ui/MainWindow.ui:288 msgctxt "MainWindow|" msgid "Import P&KCS#7" msgstr "Importovať P&KCS#7" #: ../ui/MainWindow.ui:295 msgctxt "MainWindow|" msgid "Plain View" msgstr "Prosté zobrazenie" #: ../ui/MainWindow.ui:335 msgctxt "MainWindow|" msgid "Templates" msgstr "Šablóny" #: ../ui/MainWindow.ui:363 msgctxt "MainWindow|" msgid "&New Template" msgstr "&Nová šablóna" #: ../ui/MainWindow.ui:449 msgctxt "MainWindow|" msgid "&New CRL" msgstr "&Nový CRL" #: ../ui/MainWindow.ui:370 msgctxt "MainWindow|" msgid "Ch&ange Template" msgstr "&Zmeniť šablónu" #: ../ui/MainWindow.ui:431 msgctxt "MainWindow|" msgid "Revocation lists" msgstr "Zoznamy odvolaných" #: ../widgets/MainWindow.cpp:584 msgctxt "MainWindow|" msgid "" "Using or exporting private keys will not be possible without providing the " "correct password" msgstr "" "Použitie alebo exportovanie súkromných kľúčov nebude možné bez zadania " "správneho hesla" #: ../widgets/MainWindow.cpp:579 ../widgets/MainWindow.cpp:729 msgctxt "MainWindow|" msgid "Database" msgstr "Databáza" #: ../widgets/MainWindow.cpp:590 #, qt-format msgctxt "MainWindow|" msgid "" "The currently used default hash '%1' is insecure. Please select at least " "'SHA 224' for security reasons." msgstr "" "Aktuálne použitý predvolený odtlačok „%1” nie je bezpečný. Prosím, kvôli " "bezpečnosti, zvoľte aspoň „SHA 224”." #: ../widgets/MW_menu.cpp:83 msgctxt "MainWindow|" msgid "Recent DataBases" msgstr "Nedávne databázy" #: ../widgets/MW_help.cpp:25 ../widgets/MW_menu.cpp:39 msgctxt "MainWindow|" msgid "System" msgstr "systémový" #: ../widgets/MW_help.cpp:28 msgctxt "MainWindow|" msgid "Croatian" msgstr "chorvátsky" #: ../widgets/MW_help.cpp:31 msgctxt "MainWindow|" msgid "English" msgstr "anglicky" #: ../widgets/MW_help.cpp:32 msgctxt "MainWindow|" msgid "French" msgstr "francúzsky" #: ../widgets/MW_help.cpp:34 msgctxt "MainWindow|" msgid "German" msgstr "nemecky" #: ../widgets/MW_help.cpp:38 msgctxt "MainWindow|" msgid "Japanese" msgstr "japonsky" #: ../widgets/MW_help.cpp:44 msgctxt "MainWindow|" msgid "Russian" msgstr "rusky" #: ../widgets/MW_help.cpp:45 msgctxt "MainWindow|" msgid "Slovak" msgstr "slovensky" #: ../widgets/MW_help.cpp:47 msgctxt "MainWindow|" msgid "Spanish" msgstr "španielsky" #: ../widgets/MW_help.cpp:40 msgctxt "MainWindow|" msgid "Polish" msgstr "poľsky" #: ../widgets/MW_help.cpp:36 msgctxt "MainWindow|" msgid "Italian" msgstr "taliansky" #: ../widgets/MW_help.cpp:26 msgctxt "MainWindow|" msgid "Chinese" msgstr "čínsky" #: ../widgets/MW_help.cpp:30 msgctxt "MainWindow|" msgid "Dutch" msgstr "holandsky" #: ../widgets/MW_help.cpp:42 msgctxt "MainWindow|" msgid "Portuguese in Brazil" msgstr "brazílska portugalčina" #: ../widgets/MW_help.cpp:49 msgctxt "MainWindow|" msgid "Turkish" msgstr "turecky" #: ../widgets/MW_menu.cpp:89 msgctxt "MainWindow|" msgid "Language" msgstr "Jazyk" #: ../widgets/MW_menu.cpp:98 msgctxt "MainWindow|" msgid "&File" msgstr "&Súbor" #: ../widgets/MW_menu.cpp:105 msgctxt "MainWindow|" msgid "Open Remote DataBase" msgstr "Otvoriť vzdialenú databázu" #: ../widgets/MW_menu.cpp:109 msgctxt "MainWindow|" msgid "Set as default DataBase" msgstr "Predvolená databáza" #: ../widgets/MW_menu.cpp:99 msgctxt "MainWindow|" msgid "New DataBase" msgstr "Nová databáza" #: ../widgets/MW_menu.cpp:102 msgctxt "MainWindow|" msgid "Open DataBase" msgstr "Otvoriť databázu" #: ../widgets/MW_menu.cpp:111 msgctxt "MainWindow|" msgid "Close DataBase" msgstr "Zatvoriť databázu" #: ../widgets/MW_menu.cpp:114 msgctxt "MainWindow|" msgid "Options" msgstr "Voľby" #: ../widgets/MW_menu.cpp:122 msgctxt "MainWindow|" msgid "Exit" msgstr "Skončiť" #: ../widgets/MW_menu.cpp:129 msgctxt "MainWindow|" msgid "I&mport" msgstr "&Importovať" #: ../widgets/MW_menu.cpp:130 msgctxt "MainWindow|" msgid "Keys" msgstr "Kľúče" #: ../widgets/MW_menu.cpp:131 msgctxt "MainWindow|" msgid "Requests" msgstr "Žiadosti" #: ../widgets/MW_menu.cpp:133 msgctxt "MainWindow|" msgid "PKCS#12" msgstr "PKCS#12" #: ../widgets/MW_menu.cpp:134 msgctxt "MainWindow|" msgid "PKCS#7" msgstr "PKCS#7" #: ../widgets/MW_menu.cpp:135 msgctxt "MainWindow|" msgid "Template" msgstr "Šablóna" #: ../widgets/MW_menu.cpp:136 msgctxt "MainWindow|" msgid "Revocation list" msgstr "Zoznam odvolaných" #: ../widgets/MW_menu.cpp:137 msgctxt "MainWindow|" msgid "PEM file" msgstr "Ssúbor PEM" #: ../widgets/MW_menu.cpp:138 msgctxt "MainWindow|" msgid "Paste PEM file" msgstr "Vložte súbor PEM" #: ../widgets/MW_menu.cpp:141 msgctxt "MainWindow|" msgid "Token" msgstr "Token" #: ../widgets/MW_menu.cpp:158 msgctxt "MainWindow|" msgid "Export Certificate &Index hierarchy" msgstr "Exportovať hierarchiu &indexu certifikátov" #: ../widgets/MW_menu.cpp:171 msgctxt "MainWindow|" msgid "Content" msgstr "Obsah" #: ../widgets/MW_menu.cpp:142 msgctxt "MainWindow|" msgid "&Manage Security token" msgstr "&Spravovať Bezpečnostný token" #: ../widgets/MW_menu.cpp:144 msgctxt "MainWindow|" msgid "&Init Security token" msgstr "&Inicializovať Bezpečnostný token" #: ../widgets/MW_menu.cpp:146 msgctxt "MainWindow|" msgid "&Change PIN" msgstr "Zmeniť @PIN" #: ../widgets/MW_menu.cpp:148 msgctxt "MainWindow|" msgid "Change &SO PIN" msgstr "Zmeniť &SO PIN" #: ../widgets/MW_menu.cpp:150 msgctxt "MainWindow|" msgid "Init PIN" msgstr "Inicializovať PIN" #: ../widgets/MW_menu.cpp:153 msgctxt "MainWindow|" msgid "Extra" msgstr "Extra" #: ../widgets/MW_menu.cpp:154 msgctxt "MainWindow|" msgid "&Dump DataBase" msgstr "Vypísať &databázu" #: ../widgets/MW_menu.cpp:156 msgctxt "MainWindow|" msgid "&Export Certificate Index" msgstr "&Exportovať index certifikátov" #: ../widgets/MW_menu.cpp:160 msgctxt "MainWindow|" msgid "C&hange DataBase password" msgstr "Z&meniť heslo databázy" #: ../widgets/MW_menu.cpp:163 msgctxt "MainWindow|" msgid "&Undelete items" msgstr "O&bnoviť zmazané" #: ../widgets/MW_menu.cpp:166 msgctxt "MainWindow|" msgid "Generate DH parameter" msgstr "Generovať parametre DH" #: ../widgets/MW_menu.cpp:168 msgctxt "MainWindow|" msgid "OID Resolver" msgstr "Prekladač OID" #: ../widgets/MW_menu.cpp:170 msgctxt "MainWindow|" msgid "&Help" msgstr "&Pomocník" #: ../widgets/MW_menu.cpp:173 msgctxt "MainWindow|" msgid "About" msgstr "O programe" #: ../widgets/MainWindow.cpp:254 msgctxt "MainWindow|" msgid "Import PEM data" msgstr "Importovať dáta PEM" #: ../widgets/MainWindow.cpp:283 #, qt-format msgctxt "MainWindow|" msgid "Please enter the original SO PIN (PUK) of the token '%1'" msgstr "Prosím, zadajte pôvodný SO PIN (PUK) tokenu „%1”" #: ../widgets/MainWindow.cpp:118 ../widgets/MainWindow.cpp:731 msgctxt "MainWindow|" msgid "Search" msgstr "Hľadať" #: ../widgets/MainWindow.cpp:289 #, qt-format msgctxt "MainWindow|" msgid "Please enter the new SO PIN (PUK) for the token '%1'" msgstr "Prosím, zadajte nový SO PIN (PUK) tokenu „%1”" #: ../widgets/MainWindow.cpp:296 #, qt-format msgctxt "MainWindow|" msgid "The new label of the token '%1'" msgstr "Nová menovka tokenu „%1”" #: ../widgets/MainWindow.cpp:404 #, qt-format msgctxt "MainWindow|" msgid "The token '%1' did not contain any keys or certificates" msgstr "Token „%1” neobsahuje žiadne kľúče ani certifikáty" #: ../widgets/MainWindow.cpp:450 msgctxt "MainWindow|" msgid "Current Password" msgstr "Aktuálne heslo" #: ../widgets/MainWindow.cpp:451 msgctxt "MainWindow|" msgid "Please enter the current database password" msgstr "Prosím, zadajte heslo aktuálnej databázy" #: ../widgets/MainWindow.cpp:461 msgctxt "MainWindow|" msgid "The entered password is wrong" msgstr "Zadané heslo je zlé" #: ../widgets/MainWindow.cpp:466 msgctxt "MainWindow|" msgid "New Password" msgstr "Nové heslo" #: ../widgets/MainWindow.cpp:466 msgctxt "MainWindow|" msgid "" "Please enter the new password to encrypt your private keys in the database-" "file" msgstr "" "Prosím, zadajte nové heslo na šifrovanie svojich súkromných kľúčov v súbore " "databázy" #: ../widgets/MainWindow.cpp:490 msgctxt "MainWindow|" msgid "Transaction start failed" msgstr "Spustenie transakcie zlyhalo" #: ../widgets/MainWindow.cpp:648 msgctxt "MainWindow|" msgid "Certificate Index ( index.txt )" msgstr "Index certifikátov (index.txt)" #: ../widgets/MainWindow.cpp:649 ../widgets/MainWindow.cpp:704 msgctxt "MainWindow|" msgid "All files ( * )" msgstr "Všetky súbory ( * )" #: ../widgets/MainWindow.cpp:673 #, qt-format msgctxt "MainWindow|" msgid "Diffie-Hellman parameters saved as: %1" msgstr "Parametre Diffie-Hellman uložené do: %1" #: ../widgets/MainWindow.cpp:689 msgctxt "MainWindow|" msgid "" "Diffie-Hellman parameters are needed for different applications, but not " "handled by XCA.\n" "Please enter the DH parameter bits" msgstr "" "Parametre Diffie-Hellman sú potrebné pre rôzne aplikácie, ale nie sú " "používané v XCA.\n" "Prosím, zadajte bity parametra DH" #: ../ui/NewCrl.ui:32 msgctxt "NewCrl|" msgid "Last update" msgstr "Posledná aktualizácia" #: ../ui/NewCrl.ui:46 msgctxt "NewCrl|" msgid "Next update" msgstr "Nasled. aktualizácia" #: ../ui/NewCrl.ui:70 msgctxt "NewCrl|" msgid "Days" msgstr "Dni" #: ../ui/NewCrl.ui:75 msgctxt "NewCrl|" msgid "Months" msgstr "Mesiace" #: ../ui/NewCrl.ui:80 msgctxt "NewCrl|" msgid "Years" msgstr "Roky" #: ../ui/NewCrl.ui:88 msgctxt "NewCrl|" msgid "Midnight" msgstr "Polnoc" #: ../ui/NewCrl.ui:95 msgctxt "NewCrl|" msgid "Local time" msgstr "Lokálny čas" #: ../ui/NewCrl.ui:102 msgctxt "NewCrl|" msgid "Apply" msgstr "Použiť" #: ../ui/NewCrl.ui:128 msgctxt "NewCrl|" msgid "Options" msgstr "Voľby" #: ../ui/NewCrl.ui:172 msgctxt "NewCrl|" msgid "CRL number" msgstr "Číslo CRL" #: ../ui/NewCrl.ui:144 msgctxt "NewCrl|" msgid "Subject alternative name" msgstr "Alternatívne meno predmetu" #: ../ui/NewCrl.ui:199 msgctxt "NewCrl|" msgid "Revocation reasons" msgstr "Dôvody odvolania" #: ../ui/NewCrl.ui:158 msgctxt "NewCrl|" msgid "Authority key identifier" msgstr "Identifikátor kľúča autority" #: ../ui/NewCrl.ui:134 msgctxt "NewCrl|" msgid "Hash algorithm" msgstr "Algoritmus odtlačku" #: ../widgets/NewCrl.cpp:77 msgctxt "NewCrl|" msgid "Create CRL" msgstr "Vytvoriť CRL" #: ../ui/NewKey.ui:86 msgctxt "NewKey|" msgid "Please give a name to the new key and select the desired keysize" msgstr "Prosím, zadajte meno nového kľúča a zvoľte jeho požadovanú veľkosť" #: ../ui/NewKey.ui:96 msgctxt "NewKey|" msgid "Key properties" msgstr "Vlastnosti kľúča" #: ../ui/NewKey.ui:102 msgctxt "NewKey|" msgid "Name" msgstr "Názov" #: ../ui/NewKey.ui:121 msgctxt "NewKey|" msgid "The internal name of the new key" msgstr "Interný názov nového kľúča" #: ../ui/NewKey.ui:151 msgctxt "NewKey|" msgid "Curve name" msgstr "Názov krivky" #: ../ui/NewKey.ui:171 msgctxt "NewKey|" msgid "Usually at least 2048 bit keys are recommended" msgstr "Zvyčajne sú odporúčané kľúče aspoň 2048 bitov" #: ../ui/NewKey.ui:39 ../ui/NewKey.ui:124 msgctxt "NewKey|" msgid "New Key" msgstr "Nový kľúč" #: ../ui/NewKey.ui:158 msgctxt "NewKey|" msgid "Keysize" msgstr "Veľkosť kľúča" #: ../ui/NewKey.ui:178 msgctxt "NewKey|" msgid "Keytype" msgstr "Typ kľúča" #: ../ui/NewKey.ui:188 msgctxt "NewKey|" msgid "Remember as default" msgstr "Zapamätať ako predvolené" #: ../widgets/NewKey.cpp:137 msgctxt "NewKey|" msgid "Create" msgstr "Vytvoriť" #: ../ui/NewX509.ui:75 msgctxt "NewX509|" msgid "Source" msgstr "Zdroj" #: ../ui/NewX509.ui:97 msgctxt "NewX509|" msgid "Signing request" msgstr "Žiadosť o podpísanie" #: ../ui/NewX509.ui:112 msgctxt "NewX509|" msgid "Show request" msgstr "Zobraziť žiadosť" #: ../ui/NewX509.ui:119 msgctxt "NewX509|" msgid "Sign this Certificate signing &request" msgstr "Podpísať túto Žiadosť o certifikát" #: ../ui/NewX509.ui:126 msgctxt "NewX509|" msgid "Copy extensions from the request" msgstr "Kopírovať rozšírenia zo žiadosti" #: ../ui/NewX509.ui:136 msgctxt "NewX509|" msgid "Modify subject of the request" msgstr "Zmeniť predmet žiadosti" #: ../ui/NewX509.ui:169 msgctxt "NewX509|" msgid "Signing" msgstr "Podpísanie" #: ../ui/NewX509.ui:177 msgctxt "NewX509|" msgid "Create a &self signed certificate" msgstr "Vytvoriť &sebou podpísaný certifikát" #: ../ui/NewX509.ui:191 msgctxt "NewX509|" msgid "Use &this Certificate for signing" msgstr "Podpísať &týmto certifikátom" #: ../ui/NewX509.ui:198 msgctxt "NewX509|" msgid "All certificates in your database that can create valid signatures" msgstr "Všetky certifikáty v databáze, ktoré môžu vytvoriť platný podpis" #: ../ui/NewX509.ui:225 msgctxt "NewX509|" msgid "Signature algorithm" msgstr "Algoritmus podpisu" #: ../ui/NewX509.ui:253 msgctxt "NewX509|" msgid "Template for the new certificate" msgstr "Šablóna nového certifikátu" #: ../ui/NewX509.ui:265 msgctxt "NewX509|" msgid "All available templates" msgstr "Všetky dostupné šablóny" #: ../ui/NewX509.ui:287 msgctxt "NewX509|" msgid "Apply extensions" msgstr "Pridať rozšírenia" #: ../ui/NewX509.ui:294 msgctxt "NewX509|" msgid "Apply subject" msgstr "Pridať predmet" #: ../ui/NewX509.ui:307 msgctxt "NewX509|" msgid "Apply all" msgstr "Pridať všetko" #: ../ui/NewX509.ui:336 ../widgets/NewX509.cpp:592 msgctxt "NewX509|" msgid "Subject" msgstr "Predmet" #: ../ui/NewX509.ui:344 msgctxt "NewX509|" msgid "Internal Name" msgstr "Interný názov" #: ../ui/NewX509.ui:360 msgctxt "NewX509|" msgid "Distinguished name" msgstr "Rozlišovací názov" #: ../ui/NewX509.ui:386 msgctxt "NewX509|" msgid "Add" msgstr "Pridať" #: ../ui/NewX509.ui:393 msgctxt "NewX509|" msgid "Delete" msgstr "Odstrániť" #: ../ui/NewX509.ui:430 msgctxt "NewX509|" msgid "Private key" msgstr "Súkromný kľúč" #: ../ui/NewX509.ui:442 msgctxt "NewX509|" msgid "This list only contains unused keys" msgstr "Tento zoznam obsahuje len nepoužité kľúče" #: ../ui/NewX509.ui:449 msgctxt "NewX509|" msgid "Used keys too" msgstr "Aj použité kľúče" #: ../ui/NewX509.ui:456 msgctxt "NewX509|" msgid "&Generate a new key" msgstr "&Generovať nový kľúč" #: ../ui/NewX509.ui:467 msgctxt "NewX509|" msgid "Extensions" msgstr "Rozšírenia" #: ../ui/NewX509.ui:478 msgctxt "NewX509|" msgid "Type" msgstr "Typ" #: ../ui/NewX509.ui:485 msgctxt "NewX509|" msgid "If this will become a CA certificate or not" msgstr "Či to bude certifikát CA alebo nie" #: ../ui/NewX509.ui:489 msgctxt "NewX509|" msgid "Not defined" msgstr "Nedefinované" #: ../ui/NewX509.ui:494 msgctxt "NewX509|" msgid "Certification Authority" msgstr "Certifikačná autorita" #: ../ui/NewX509.ui:499 msgctxt "NewX509|" msgid "End Entity" msgstr "Koncový certifikát" #: ../ui/NewX509.ui:507 msgctxt "NewX509|" msgid "Path length" msgstr "Dĺžka cesty" #: ../ui/NewX509.ui:514 msgctxt "NewX509|" msgid "How much CAs may be below this." msgstr "Koľko CA môže byť pod týmto." #: ../ui/NewX509.ui:521 msgctxt "NewX509|" msgid "The basic constraints should always be critical" msgstr "Základné obmedzenia by mali byť vždy kritické" #: ../ui/NewX509.ui:534 msgctxt "NewX509|" msgid "Key identifier" msgstr "Identifikátor kľúča" #: ../ui/NewX509.ui:546 msgctxt "NewX509|" msgid "Creates a hash of the key following the PKIX guidelines" msgstr "Vytvorí odtlačok kľúča v súlade s odporúčaním PKIX" #: ../ui/NewX509.ui:556 msgctxt "NewX509|" msgid "Copy the Subject Key Identifier from the issuer" msgstr "Kopírovať Identifikátor kľúča predmetu vydavateľa" #: ../ui/NewX509.ui:593 msgctxt "NewX509|" msgid "Validity" msgstr "Platnosť" #: ../ui/NewX509.ui:599 msgctxt "NewX509|" msgid "Not before" msgstr "Nie pred" #: ../ui/NewX509.ui:613 msgctxt "NewX509|" msgid "Not after" msgstr "Nie po" #: ../ui/NewX509.ui:630 msgctxt "NewX509|" msgid "Time range" msgstr "Časový rozsah" #: ../ui/NewX509.ui:640 msgctxt "NewX509|" msgid "Days" msgstr "Dni" #: ../ui/NewX509.ui:645 msgctxt "NewX509|" msgid "Months" msgstr "Mesiace" #: ../ui/NewX509.ui:650 msgctxt "NewX509|" msgid "Years" msgstr "Roky" #: ../ui/NewX509.ui:664 msgctxt "NewX509|" msgid "Apply" msgstr "Použiť" #: ../ui/NewX509.ui:671 msgctxt "NewX509|" msgid "Set the time to 00:00:00 and 23:59:59 respectively" msgstr "Nastavuje čas na 00:00:00 a 23:59:59" #: ../ui/NewX509.ui:674 msgctxt "NewX509|" msgid "Midnight" msgstr "Polnoc" #: ../ui/NewX509.ui:681 msgctxt "NewX509|" msgid "Local time" msgstr "Lokálny čas" #: ../ui/NewX509.ui:688 msgctxt "NewX509|" msgid "No well-defined expiration" msgstr "Bez vypršania" #: ../ui/NewX509.ui:738 ../ui/NewX509.ui:755 ../ui/NewX509.ui:824 msgctxt "NewX509|" msgid "DNS: IP: URI: email: RID:" msgstr "DNS:, IP:, URI:, email:, RID:" #: ../ui/NewX509.ui:745 ../ui/NewX509.ui:762 ../ui/NewX509.ui:795 #: ../ui/NewX509.ui:831 ../widgets/NewX509.cpp:992 msgctxt "NewX509|" msgid "Edit" msgstr "Upraviť" #: ../ui/NewX509.ui:788 msgctxt "NewX509|" msgid "URI:" msgstr "URI:" #: ../ui/NewX509.ui:870 msgctxt "NewX509|" msgid "Key usage" msgstr "Použitie kľúča" #: ../ui/NewX509.ui:981 msgctxt "NewX509|" msgid "Netscape" msgstr "Netscape" #: ../ui/NewX509.ui:1139 msgctxt "NewX509|" msgid "Advanced" msgstr "Pokročilé" #: ../ui/NewX509.ui:1163 ../widgets/NewX509.cpp:1002 msgctxt "NewX509|" msgid "Validate" msgstr "Overiť" #: ../ui/NewX509.ui:1186 msgctxt "NewX509|" msgid "Comment" msgstr "Komentár" #: ../ui/NewX509.ui:351 msgctxt "NewX509|" msgid "" "This name is only used internally and does not appear in the resulting " "certificate" msgstr "" "Tento názov je použitý len interne a neobjaví sa vo výslednom certifikáte" #: ../widgets/NewX509.cpp:270 msgctxt "NewX509|" msgid "Critical" msgstr "Kritické" #: ../widgets/NewX509.cpp:310 msgctxt "NewX509|" msgid "Create Certificate signing request" msgstr "Vytvoriť Žiadosť o podpísanie certifikátu" #: ../widgets/NewX509.cpp:336 #, qt-format msgctxt "NewX509|" msgid "minimum size: %1" msgstr "minimálna veľkosť: %1" #: ../widgets/NewX509.cpp:338 #, qt-format msgctxt "NewX509|" msgid "maximum size: %1" msgstr "maximálna veľkosť: %1" #: ../widgets/NewX509.cpp:340 msgctxt "NewX509|" msgid "only a-z A-Z 0-9 '()+,-./:=?" msgstr "len a-z A-Z 0-9 '()+,-./:=?" #: ../widgets/NewX509.cpp:344 msgctxt "NewX509|" msgid "only 7-bit clean characters" msgstr "len prosté 7-b znaky" #: ../widgets/NewX509.cpp:369 msgctxt "NewX509|" msgid "Edit XCA template" msgstr "Upraviť šablónu XCA" #: ../widgets/NewX509.cpp:382 msgctxt "NewX509|" msgid "Create x509 Certificate" msgstr "Vytvoriť certifikát x509" #: ../widgets/NewX509.cpp:750 #, qt-format msgctxt "NewX509|" msgid "Template '%1' applied" msgstr "Šablóna „%1” aplikovaná" #: ../widgets/NewX509.cpp:757 #, qt-format msgctxt "NewX509|" msgid "Subject applied from template '%1'" msgstr "Predmet nastavený zo šablóny „%1”" #: ../widgets/NewX509.cpp:765 #, qt-format msgctxt "NewX509|" msgid "Extensions applied from template '%1'" msgstr "Rozšírenia nastavené zo šablóny „%1”" #: ../widgets/NewX509.cpp:780 #, qt-format msgctxt "NewX509|" msgid "New key '%1' created" msgstr "Vytvorený nový kľúč „%1”" #: ../widgets/NewX509.cpp:1025 msgctxt "NewX509|" msgid "Other Tabs" msgstr "Záložka Iné" #: ../widgets/NewX509.cpp:1039 msgctxt "NewX509|" msgid "Advanced Tab" msgstr "Záložka Pokročilé" #: ../widgets/NewX509.cpp:1046 msgctxt "NewX509|" msgid "Errors" msgstr "Chyby" #: ../widgets/NewX509.cpp:1064 msgctxt "NewX509|" msgid "From PKCS#10 request" msgstr "Zo žiadosti PKCS#10" #: ../widgets/NewX509.cpp:1172 ../widgets/NewX509.cpp:1185 #: ../widgets/NewX509.cpp:1204 ../widgets/NewX509.cpp:1216 #: ../widgets/NewX509.cpp:1232 ../widgets/NewX509.cpp:1246 #: ../widgets/NewX509.cpp:1280 ../widgets/NewX509.cpp:1299 #: ../widgets/NewX509.cpp:1322 ../widgets/NewX509.cpp:1345 #: ../widgets/NewX509.cpp:1371 ../widgets/NewX509.cpp:1391 msgctxt "NewX509|" msgid "Abort rollout" msgstr "Prerušiť operáciu" #: ../widgets/NewX509.cpp:1181 msgctxt "NewX509|" msgid "The following length restrictions of RFC3280 are violated:" msgstr "Nie sú splnené Nasledujúce obmedzenia veľkosti z RFC3280:" #: ../widgets/NewX509.cpp:1184 ../widgets/NewX509.cpp:1245 msgctxt "NewX509|" msgid "Edit subject" msgstr "Upraviť predmet" #: ../widgets/NewX509.cpp:1186 ../widgets/NewX509.cpp:1247 #: ../widgets/NewX509.cpp:1300 ../widgets/NewX509.cpp:1323 #: ../widgets/NewX509.cpp:1346 ../widgets/NewX509.cpp:1372 #: ../widgets/NewX509.cpp:1392 msgctxt "NewX509|" msgid "Continue rollout" msgstr "Pokračovať v operácii" #: ../widgets/NewX509.cpp:1202 msgctxt "NewX509|" msgid "" "The verification of the Certificate request failed.\n" "The rollout should be aborted." msgstr "" "Overenie žiadosti o certifikát zlyhalo.\n" "Operácia by mala byť prerušená." #: ../widgets/NewX509.cpp:1203 msgctxt "NewX509|" msgid "Continue anyway" msgstr "Pokračovať i tak" #: ../widgets/NewX509.cpp:1214 msgctxt "NewX509|" msgid "" "The internal name and the common name are empty.\n" "Please set at least the internal name." msgstr "" "Interný názov a bežný názov sú prázdne.\n" "Prosím, zadajte aspoň interný názov." #: ../widgets/NewX509.cpp:1215 msgctxt "NewX509|" msgid "Edit name" msgstr "Upraviť názov" #: ../widgets/NewX509.cpp:1230 msgctxt "NewX509|" msgid "There is no Key selected for signing." msgstr "Nebol zvolený kľúč na podpísanie." #: ../widgets/NewX509.cpp:1231 msgctxt "NewX509|" msgid "Select key" msgstr "Vybrať kľúč" #: ../widgets/NewX509.cpp:1243 #, qt-format msgctxt "NewX509|" msgid "" "The following distinguished name entries are empty:\n" "%1\n" "though you have declared them as mandatory in the options menu." msgstr "" "Nasledujúce položky rozlišovacieho názvu sú prázdne:\n" "%1\n" "hoci ste ich v nastavení definovali ako povinné." #: ../widgets/NewX509.cpp:1277 msgctxt "NewX509|" msgid "The key you selected for signing is not a private one." msgstr "Kľúč, zvolený na podpísanie, nie je súkromný." #: ../widgets/NewX509.cpp:1278 msgctxt "NewX509|" msgid "Select other signer" msgstr "Zvoliť iného vydavateľa" #: ../widgets/NewX509.cpp:1278 msgctxt "NewX509|" msgid "Select other key" msgstr "Zvoliť iný kľúč" #: ../widgets/NewX509.cpp:1288 #, qt-format msgctxt "NewX509|" msgid "" "The currently selected hash algorithm '%1' is insecure and should not be " "used." msgstr "" "Aktuálne zvolený algoritmus odtlačku „%1” nie je bezpečný a nemá byť " "používaný." #: ../widgets/NewX509.cpp:1289 msgctxt "NewX509|" msgid "Select other algorithm" msgstr "Zvoľte iný algoritmus" #: ../widgets/NewX509.cpp:1290 msgctxt "NewX509|" msgid "Use algorithm anyway" msgstr "Použiť algoritmus aj tak" #: ../widgets/NewX509.cpp:1296 msgctxt "NewX509|" msgid "" "The certificate will be earlier valid than the signer. This is probably not " "what you want." msgstr "" "Certifikát bude platný skôr ako jeho vydavateľ. To asi nie je to, čo chcete." #: ../widgets/NewX509.cpp:1298 ../widgets/NewX509.cpp:1321 #: ../widgets/NewX509.cpp:1344 msgctxt "NewX509|" msgid "Edit dates" msgstr "Upraviť dátumy" #: ../widgets/NewX509.cpp:1301 ../widgets/NewX509.cpp:1324 msgctxt "NewX509|" msgid "Adjust date and continue" msgstr "Opraviť dátum a pokračovať" #: ../widgets/NewX509.cpp:1319 msgctxt "NewX509|" msgid "" "The certificate will be longer valid than the signer. This is probably not " "what you want." msgstr "" "Certifikát bude platný dlhšie ako jeho vydavateľ. To asi nie je to, čo " "chcete." #: ../widgets/NewX509.cpp:1342 msgctxt "NewX509|" msgid "" "The certificate will be out of date before it becomes valid. You most " "probably mixed up both dates." msgstr "" "Certifikát vyprší ešte pred nadobudnutím platnosti. Pravdepodobne ste " "zamenili oba dátumy." #: ../widgets/NewX509.cpp:1363 msgctxt "NewX509|" msgid "" "The certificate contains invalid or duplicate extensions. Check the " "validation on the advanced tab." msgstr "" "Certifikát obsahuje neplatné alebo duplicitné rozšírenia. Skontrolujte " "platnosť na záložke Pokročilé." #: ../widgets/NewX509.cpp:1366 msgctxt "NewX509|" msgid "" "The certificate contains no extensions. You may apply the extensions of one " "of the templates to define the purpose of the certificate." msgstr "" "Certifikát neobsahuje rozšírenia. Na definovanie určenia certifikátu môžete " "pridať rozšírenia jednej zo šablón." #: ../widgets/NewX509.cpp:1370 ../widgets/NewX509.cpp:1390 msgctxt "NewX509|" msgid "Edit extensions" msgstr "Upraviť rozšírenia" #: ../widgets/NewX509.cpp:1389 msgctxt "NewX509|" msgid "" "The subject alternative name shall contain a copy of the common name. " "However, the common name is empty." msgstr "" "Alternatívne meno predmetu má obsahovať kópiu bežného mena. Avšak, bežné " "meno je prázdne." #: ../widgets/NewX509_ext.cpp:189 #, qt-format msgctxt "NewX509|" msgid "Configfile error on line %1\n" msgstr "Chyba konfiguračného súboru v riadku %1\n" #: ../ui/OidResolver.ui:28 msgctxt "OidResolver|" msgid "OID Resolver" msgstr "Prekladač OID" #: ../ui/OidResolver.ui:38 msgctxt "OidResolver|" msgid "Enter the OID, the Nid, or one of the textual representations" msgstr "Zadajte OID, Nid alebo jednu z textových reprezentácií" #: ../ui/OidResolver.ui:47 msgctxt "OidResolver|" msgid "Search" msgstr "Hľadať" #: ../ui/OidResolver.ui:74 msgctxt "OidResolver|" msgid "OID" msgstr "OID" #: ../ui/OidResolver.ui:119 msgctxt "OidResolver|" msgid "Long name" msgstr "Dlhý názov" #: ../ui/OidResolver.ui:145 ../ui/OidResolver.ui:167 msgctxt "OidResolver|" msgid "OpenSSL internal ID" msgstr "Interné ID OpenSSL" #: ../ui/OidResolver.ui:148 msgctxt "OidResolver|" msgid "Nid" msgstr "Nid" #: ../ui/OidResolver.ui:177 msgctxt "OidResolver|" msgid "Short name" msgstr "Krátky názov" #: ../ui/OpenDb.ui:36 msgctxt "OpenDb|" msgid "Open remote database" msgstr "Otvoriť vzdialené databázu" #: ../ui/OpenDb.ui:98 msgctxt "OpenDb|" msgid "Database type" msgstr "Typ databázy" #: ../ui/OpenDb.ui:108 msgctxt "OpenDb|" msgid "Hostname" msgstr "Názov stroja" #: ../ui/OpenDb.ui:118 msgctxt "OpenDb|" msgid "Username" msgstr "Meno používateľa" #: ../ui/OpenDb.ui:128 msgctxt "OpenDb|" msgid "Password" msgstr "Heslo" #: ../ui/OpenDb.ui:142 ../widgets/OpenDb.cpp:50 msgctxt "OpenDb|" msgid "Database name" msgstr "Názov databázy" #: ../ui/OpenDb.ui:152 msgctxt "OpenDb|" msgid "Table prefix" msgstr "Predpona tabuľky" #: ../widgets/OpenDb.cpp:121 msgctxt "OpenDb|" msgid "" "No SqLite3 driver available. Please install the qt-sqlite package of your " "distribution" msgstr "" "Nie je dostupný ovládač SQLite3. Prosím, nainštalujte balík qt-sqlite svojej " "distribúcie" #: ../ui/Options.ui:28 msgctxt "Options|" msgid "XCA Options" msgstr "Nastavenia XCA" #: ../ui/Options.ui:42 msgctxt "Options|" msgid "Settings" msgstr "Nastavenia" #: ../ui/Options.ui:50 msgctxt "Options|" msgid "Default hash algorithm" msgstr "Predvolený algoritmus odtlačku" #: ../ui/Options.ui:64 msgctxt "Options|" msgid "String types" msgstr "Typy reťazcov" #: ../ui/Options.ui:76 msgctxt "Options|" msgid "Suppress success messages" msgstr "Potlačiť správy o úspechu" #: ../ui/Options.ui:109 msgctxt "Options|" msgid "Don't colorize expired certificates" msgstr "Nezvýrazňovať vypršané certifikáty" #: ../ui/Options.ui:90 #, qt-format msgctxt "Options|" msgid "Translate established x509 terms (%1 -> %2)" msgstr "Preložiť platné položky x509 (%1 -> %2)" #: ../ui/Options.ui:97 msgctxt "Options|" msgid "" "The hashing functionality of the token is not used by XCA.\n" "It may however honor a restricted hash-set propagated by the token.\n" "Especially EC and DSA are only defined with SHA1 in the PKCS#11 " "specification." msgstr "" "Hašovacia funkčnosť tokenu nie je v XCA použitá.\n" "Môže však rešpektovať obmedzenú sadu hašovacích algoritmov zverejnených " "tokenom.\n" "Najmä EC a DSA sú v špecifikácii PKCS#11 definované len s SHA1." #: ../ui/Options.ui:102 msgctxt "Options|" msgid "Only use hashes supported by the token when signing with a token key" msgstr "" "Použiť len odtlačky podporované tokenom pri podpisovaní kľúčom z tokenu" #: ../ui/Options.ui:83 msgctxt "Options|" msgid "Disable legacy Netscape extensions" msgstr "Vypnúť staré rozšírenia Netscape" #: ../ui/Options.ui:127 msgctxt "Options|" msgid "Certificate expiry warning threshold" msgstr "Hranica upozornenia vypršania platnosti certifikátu" #: ../ui/Options.ui:146 msgctxt "Options|" msgid "Send vCalendar expiry reminder" msgstr "Poslať pripomienku vCalendar o vypršaní platnosti" #: ../ui/Options.ui:157 msgctxt "Options|" msgid "Serial number length" msgstr "Dĺžka sériového čísla" #: ../ui/Options.ui:164 msgctxt "Options|" msgid " bit" msgstr " bit" #: ../ui/Options.ui:199 msgctxt "Options|" msgid "Distinguished name" msgstr "Rozlišovací názov" #: ../ui/Options.ui:205 msgctxt "Options|" msgid "Mandatory subject entries" msgstr "Povinné položky predmetu" #: ../ui/Options.ui:223 ../ui/Options.ui:284 ../ui/Options.ui:366 msgctxt "Options|" msgid "Add" msgstr "Pridať" #: ../ui/Options.ui:230 ../ui/Options.ui:291 msgctxt "Options|" msgid "Delete" msgstr "Odstrániť" #: ../ui/Options.ui:255 msgctxt "Options|" msgid "Explicit subject entries" msgstr "Explicitné položky predmetu" #: ../ui/Options.ui:273 msgctxt "Options|" msgid "Dynamically arrange explicit subject entries" msgstr "Dynamicky rozložiť explicitné položky predmetu" #: ../ui/Options.ui:298 msgctxt "Options|" msgid "Default" msgstr "Predvolené" #: ../ui/Options.ui:324 msgctxt "Options|" msgid "PKCS#11 provider" msgstr "Poskytovateľ PKCS#11" #: ../ui/Options.ui:379 msgctxt "Options|" msgid "Remove" msgstr "Odstrániť" #: ../ui/Options.ui:386 msgctxt "Options|" msgid "Search" msgstr "Hľadať" #: ../widgets/Options.cpp:34 msgctxt "Options|" msgid "Printable string or UTF8 (default)" msgstr "Tlačiteľné znaky alebo UTF-8 (predvolené)" #: ../widgets/Options.cpp:35 msgctxt "Options|" msgid "PKIX recommendation in RFC2459" msgstr "Odporúčania PKIX v RFC2459" #: ../widgets/Options.cpp:36 msgctxt "Options|" msgid "No BMP strings, only printable and T61" msgstr "Nie reťazce BMP, len tlačiteľné a T61" #: ../widgets/Options.cpp:37 msgctxt "Options|" msgid "UTF8 strings only (RFC2459)" msgstr "Len reťazce UTF-8 (RFC2459)" #: ../widgets/Options.cpp:38 msgctxt "Options|" msgid "All strings" msgstr "Všetky reťazce" #: ../widgets/Options.cpp:60 msgctxt "Options|" msgid "Days" msgstr "Dni" #: ../widgets/Options.cpp:60 msgctxt "Options|" msgid "Weeks" msgstr "Týždne" #: ../ui/PwDialog.ui:118 msgctxt "PwDialog|" msgid "" "The password is parsed as 2-digit hex code. It must have an even number of " "digits (0-9 and a-f)" msgstr "" "Heslo je spracované ako 2-ciferný šestnástkový kód. Musí mať párny počet " "číslic (0-9 a a-f)" #: ../ui/PwDialog.ui:121 msgctxt "PwDialog|" msgid "Take as HEX string" msgstr "Zadajte šestnástkový reťazec" #: ../widgets/PwDialog.cpp:44 msgctxt "PwDialog|" msgid "Password" msgstr "Heslo" #: ../widgets/PwDialog.cpp:96 #, qt-format msgctxt "PwDialog|" msgid "Repeat %1" msgstr "Opakovať %1" #: ../widgets/PwDialog.cpp:109 #, qt-format msgctxt "PwDialog|" msgid "%1 mismatch" msgstr "%1 nezhoda" #: ../widgets/PwDialog.cpp:116 msgctxt "PwDialog|" msgid "" "Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it " "must consist of an even number of characters" msgstr "" "Šestnástkové heslo môže obsahovať len znaky „0” – „9” a „a” – „f” a musí mať " "párny počet znakov" #: ../widgets/PwDialog.cpp:145 msgctxt "PwDialog|" msgid "Exit" msgstr "Skončiť" #: ../widgets/XcaWarning.cpp:28 msgctxt "QMessageBox|" msgid "Ok" msgstr "OK" #: ../widgets/XcaWarning.cpp:29 msgctxt "QMessageBox|" msgid "Close" msgstr "Zatvoriť" #: ../widgets/XcaWarning.cpp:30 msgctxt "QMessageBox|" msgid "Cancel" msgstr "Zrušiť" #: ../widgets/XcaWarning.cpp:31 msgctxt "QMessageBox|" msgid "Apply" msgstr "Použiť" #: ../widgets/XcaWarning.cpp:32 msgctxt "QMessageBox|" msgid "Yes" msgstr "Áno" #: ../widgets/XcaWarning.cpp:33 msgctxt "QMessageBox|" msgid "No" msgstr "Nie" #: ../lib/asn1time.cpp:157 msgctxt "QObject|" msgid "Undefined" msgstr "Nedefinované" #: ../lib/asn1time.cpp:159 msgctxt "QObject|" msgid "Broken / Invalid" msgstr "Poškodený/Neplatný" #: ../lib/asn1time.cpp:205 #, qt-format msgctxt "QObject|" msgid "in %1 seconds" msgstr "za %1 sekúnd" #: ../lib/asn1time.cpp:206 #, qt-format msgctxt "QObject|" msgid "%1 seconds ago" msgstr "pred %1 sekundami" #: ../lib/asn1time.cpp:209 #, qt-format msgctxt "QObject|" msgid "in %1 minutes" msgstr "za %1 minút" #: ../lib/asn1time.cpp:210 #, qt-format msgctxt "QObject|" msgid "%1 minutes ago" msgstr "pred %1 minútami" #: ../lib/asn1time.cpp:212 msgctxt "QObject|" msgid "Yesterday" msgstr "Včera" #: ../lib/asn1time.cpp:214 msgctxt "QObject|" msgid "Tomorrow" msgstr "Zajtra" #: ../lib/asn1time.cpp:217 #, qt-format msgctxt "QObject|" msgid "in %1 hours" msgstr "za %1 hodiny" #: ../lib/asn1time.cpp:218 #, qt-format msgctxt "QObject|" msgid "%1 hours ago" msgstr "pred %1 hodinami" #: ../lib/db.cpp:280 ../lib/db.cpp:297 msgctxt "QObject|" msgid "Out of data" msgstr "Nedostatok dát" #: ../lib/db.cpp:320 msgctxt "QObject|" msgid "Error finding endmarker of string" msgstr "Chyba nájdenia koncovej značky reťazca" #: ../lib/exception.h:60 #, qt-format msgctxt "QObject|" msgid "Out of Memory at %1:%2" msgstr "Nedostatok pamäte na %1:%2" #: ../lib/load_obj.cpp:20 msgctxt "QObject|" msgid "All files ( * )" msgstr "Všetky súbory ( * )" #: ../lib/load_obj.cpp:56 msgctxt "QObject|" msgid "" "PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK " "Keys ( *.pvk );; SSH Public Keys ( *.pub );;" msgstr "" "Kľúče PKI ( *.pem *.der *.key );; Kľúče PKCS#8 ( *.p8 *.pk8 );; Kľúče " "Microsoft PVK ( *.pvk );; Verejné kľúče SSH ( *.pub );;" #: ../lib/load_obj.cpp:60 msgctxt "QObject|" msgid "Import RSA key" msgstr "Importovať kľúč RSA" #: ../lib/load_obj.cpp:72 msgctxt "QObject|" msgid "PKCS#10 CSR ( *.pem *.der *.csr );; " msgstr "Žiadosť PKCS#10 ( *.pem *.der *.csr );; " #: ../lib/load_obj.cpp:73 msgctxt "QObject|" msgid "Import Request" msgstr "Importovať Žiadosť" #: ../lib/load_obj.cpp:85 msgctxt "QObject|" msgid "Certificates ( *.pem *.der *.crt *.cer );;" msgstr "Certifikáty ( *.pem *.der *.crt *.cer );;" #: ../lib/load_obj.cpp:86 msgctxt "QObject|" msgid "Import X.509 Certificate" msgstr "Importovať Certifikát X.509" #: ../lib/load_obj.cpp:98 msgctxt "QObject|" msgid "PKCS#7 data ( *.p7s *.p7m *.p7b );;" msgstr "Dáta PKCS#7 ( *.p7s *.p7m *.p7b );;" #: ../lib/load_obj.cpp:99 msgctxt "QObject|" msgid "Import PKCS#7 Certificates" msgstr "Importovať Certifikáty PKCS#7" #: ../lib/load_obj.cpp:111 msgctxt "QObject|" msgid "PKCS#12 Certificates ( *.p12 *.pfx );;" msgstr "Certifikáty PKCS#12 ( *.p12 *.pfx );;" #: ../lib/load_obj.cpp:112 msgctxt "QObject|" msgid "Import PKCS#12 Private Certificate" msgstr "Importovať Súkromný certifikát PKCS#12" #: ../lib/load_obj.cpp:125 msgctxt "QObject|" msgid "XCA templates ( *.xca );;" msgstr "Šablóny XCA ( *.xca );;" #: ../lib/load_obj.cpp:126 msgctxt "QObject|" msgid "Import XCA Templates" msgstr "Importovať Šablóny XCA" #: ../lib/load_obj.cpp:138 msgctxt "QObject|" msgid "Revocation lists ( *.pem *.der *.crl );;" msgstr "Zoznamy odvolaných ( *.pem *.der *.crl );;" #: ../lib/load_obj.cpp:139 msgctxt "QObject|" msgid "Import Certificate Revocation List" msgstr "Importovať Zoznam odvolaných certifikátov" #: ../lib/load_obj.cpp:151 msgctxt "QObject|" msgid "XCA Databases ( *.xdb );;" msgstr "Databázy XCA ( *.xdb );;" #: ../lib/load_obj.cpp:152 msgctxt "QObject|" msgid "Open XCA Database" msgstr "Otvoriť databázu XCA" #: ../lib/load_obj.cpp:160 msgctxt "QObject|" msgid "PKCS#11 library ( *.dll );;" msgstr "Knižnica PKCS#11 ( *.dll );;" #: ../lib/load_obj.cpp:162 msgctxt "QObject|" msgid "PKCS#11 library ( *.dylib *.so );;" msgstr "Knižnica PKCS#11 ( *.dylib *.so );;" #: ../lib/load_obj.cpp:164 msgctxt "QObject|" msgid "PKCS#11 library ( *.so );;" msgstr "Knižnica PKCS#11 ( *.so );;" #: ../lib/load_obj.cpp:166 msgctxt "QObject|" msgid "Open PKCS#11 shared library" msgstr "Otvoriť zdieľanú knižnicu PKCS#11" #: ../lib/load_obj.cpp:173 msgctxt "QObject|" msgid "PEM files ( *.pem );;" msgstr "Súbory PEM ( *.pem );;" #: ../lib/load_obj.cpp:174 msgctxt "QObject|" msgid "Load PEM encoded file" msgstr "Načítať súbor kódovaný PEM" #: ../lib/pkcs11.cpp:214 msgctxt "QObject|" msgid "Please enter the PIN on the PinPad" msgstr "Prosím, zadajte PIN na PinPad-e" #: ../lib/pkcs11.cpp:225 #, qt-format msgctxt "QObject|" msgid "Please enter the SO PIN (PUK) of the token %1" msgstr "Prosím, zadajte SO PIN (PUK) tokenu %1" #: ../lib/pkcs11.cpp:226 #, qt-format msgctxt "QObject|" msgid "Please enter the PIN of the token %1" msgstr "Prosím, zadajte PIN tokenu %1" #: ../lib/pkcs11.cpp:280 msgctxt "QObject|" msgid "No Security token found" msgstr "Nebol nájdený bezpečnostný token" #: ../lib/pkcs11.cpp:291 msgctxt "QObject|" msgid "Select" msgstr "Zvoliť" #: ../lib/pkcs11.cpp:314 #, qt-format msgctxt "QObject|" msgid "Please enter the new SO PIN (PUK) for the token: '%1'" msgstr "Prosím, zadajte nový SO PIN (PUK) tokenu: „%1”" #: ../lib/pkcs11.cpp:316 #, qt-format msgctxt "QObject|" msgid "Please enter the new PIN for the token: '%1'" msgstr "Prosím, zadajte nový PIN tokenu: '%1'" #: ../lib/pkcs11.h:101 #, qt-format msgctxt "QObject|" msgid "Required PIN size: %1 - %2" msgstr "Požadovaná veľkosť PIN: %1 - %2" #: ../lib/pkcs11_lib.cpp:69 #, qt-format msgctxt "QObject|" msgid "Invalid filename: %1" msgstr "Neplatné meno súboru: %1" #: ../lib/pkcs11_lib.cpp:72 #, qt-format msgctxt "QObject|" msgid "Failed to open PKCS11 library: %1: %2" msgstr "Zlyhalo otvorenie knižnice PKCS#11: %1: %2" #: ../lib/pkcs11_lib.cpp:78 msgctxt "QObject|" msgid "" "This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not " "found." msgstr "" "Toto nevyzerá ako knižnica PKCS#11. Symbol 'C_GetFunctionList' nenájdený." #: ../lib/pkcs11_lib.cpp:157 msgctxt "QObject|" msgid "Disabled" msgstr "Vypnuté" #: ../lib/pkcs11_lib.cpp:161 msgctxt "QObject|" msgid "Library loading failed" msgstr "Načítanie knižnice zlyhalo" #: ../lib/pkcs11_lib.cpp:518 #, qt-format msgctxt "QObject|" msgid "PKCS#11 function '%1' failed: %2" msgstr "Funkcia PKCS#11 „%1” zlyhala: %2" #: ../lib/pkcs11_lib.cpp:526 #, qt-format msgctxt "QObject|" msgid "" "PKCS#11 function '%1' failed: %2\n" "In library %3\n" "%4" msgstr "" "Funkcia PKCS#11 „%1” zlyhala: %2\n" "V knižnici %3\n" "%4" #: ../lib/x509name.cpp:111 msgctxt "QObject|" msgid "Invalid" msgstr "Neplatné" #: ../lib/x509name.cpp:235 #, qt-format msgctxt "QObject|" msgid "%1 is shorter than %2 bytes: '%3'" msgstr "%1 je kratšie ako %2 B: „%3”" #: ../lib/x509name.cpp:240 #, qt-format msgctxt "QObject|" msgid "%1 is longer than %2 bytes: '%3'" msgstr "%1 je dlhšie ako %2 B: „%3”" #: ../lib/x509v3ext.cpp:86 #, qt-format msgctxt "QObject|" msgid "String '%1' for '%2' contains invalid characters" msgstr "Reťazec „%1” pre „%2” obsahuje neplatné znaky" #: ../lib/oid.cpp:56 #, qt-format msgctxt "QObject|" msgid "Error reading config file %1 at line %2" msgstr "Chyba čítania konfiguračného súboru %1 na riadku %2" #: ../lib/oid.cpp:91 #, qt-format msgctxt "QObject|" msgid "" "The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and " "should be removed." msgstr "" "Objekt „%1” zo súboru %2 riadok %3 je už známy ako „%4:%5:%6” a mal by byť " "odstránený." #: ../lib/oid.cpp:100 #, qt-format msgctxt "QObject|" msgid "" "The identifier '%1' for OID %2 from file %3 line %4 is already used for a " "different OID as '%5:%6:%7' and should be changed to avoid conflicts." msgstr "" "Identifikátor „%1” pre OID %2 zo súboru %3 riadok %4 je už použitý pre iné " "OID ako „%5:%6:%7” a treba ho zmeniť, aby ste predišli konfliktom." #: ../lib/oid.cpp:163 #, qt-format msgctxt "QObject|" msgid "Unknown object '%1' in file %2 line %3" msgstr "Neznámy objekt „%1” v súbore %2 riadok %3" #: ../lib/sql.h:55 msgctxt "QObject|" msgid "Failed to start a database transaction" msgstr "Zlyhala inicializácia DB transakcie" #: ../lib/func.cpp:634 msgctxt "QObject|" msgid "Country code" msgstr "Kód krajiny" #: ../lib/func.cpp:635 msgctxt "QObject|" msgid "State or Province" msgstr "Štát alebo provincia" #: ../lib/func.cpp:636 msgctxt "QObject|" msgid "Locality" msgstr "Lokalita" #: ../lib/func.cpp:637 msgctxt "QObject|" msgid "Organisation" msgstr "Organizácia" #: ../lib/func.cpp:638 msgctxt "QObject|" msgid "Organisational unit" msgstr "Organizačná jednotka" #: ../lib/func.cpp:639 msgctxt "QObject|" msgid "Common name" msgstr "Bežný názov" #: ../lib/func.cpp:640 msgctxt "QObject|" msgid "E-Mail address" msgstr "Emailová adresa" #: ../lib/func.cpp:641 msgctxt "QObject|" msgid "Serial number" msgstr "Sériové číslo" #: ../lib/func.cpp:642 msgctxt "QObject|" msgid "Given name" msgstr "Rodné meno" #: ../lib/func.cpp:643 msgctxt "QObject|" msgid "Surname" msgstr "Priezvisko" #: ../lib/func.cpp:644 msgctxt "QObject|" msgid "Title" msgstr "Titul" #: ../lib/func.cpp:645 msgctxt "QObject|" msgid "Initials" msgstr "Iniciály" #: ../lib/func.cpp:646 msgctxt "QObject|" msgid "Description" msgstr "Popis" #: ../lib/func.cpp:647 msgctxt "QObject|" msgid "Role" msgstr "Rola" #: ../lib/func.cpp:648 msgctxt "QObject|" msgid "Pseudonym" msgstr "Pseudonym" #: ../lib/func.cpp:649 msgctxt "QObject|" msgid "Generation Qualifier" msgstr "Prívlastok generácie" #: ../lib/func.cpp:650 msgctxt "QObject|" msgid "x500 Unique Identifier" msgstr "Jedinečný identifikátor x500" #: ../lib/func.cpp:651 msgctxt "QObject|" msgid "Name" msgstr "Názov" #: ../lib/func.cpp:652 msgctxt "QObject|" msgid "DN Qualifier" msgstr "Prívlastok DN" #: ../lib/func.cpp:653 msgctxt "QObject|" msgid "Unstructured name" msgstr "Neštruktúrovaný názov" #: ../lib/func.cpp:654 msgctxt "QObject|" msgid "Challenge password" msgstr "Heslo výzvy" #: ../lib/func.cpp:656 msgctxt "QObject|" msgid "Basic Constraints" msgstr "Základné obmedzenia" #: ../lib/func.cpp:657 msgctxt "QObject|" msgid "Subject alternative name" msgstr "Alternatívne meno predmetu" #: ../lib/func.cpp:658 msgctxt "QObject|" msgid "issuer alternative name" msgstr "Alternatívny názov vydavateľa" #: ../lib/func.cpp:659 msgctxt "QObject|" msgid "Subject key identifier" msgstr "Identifikátor kľúča predmetu" #: ../lib/func.cpp:660 msgctxt "QObject|" msgid "Authority key identifier" msgstr "Identifikátor kľúča autority" #: ../lib/func.cpp:661 msgctxt "QObject|" msgid "Key usage" msgstr "Použitie kľúča" #: ../lib/func.cpp:662 msgctxt "QObject|" msgid "Extended key usage" msgstr "Rozšírené použitie kľúča" #: ../lib/func.cpp:663 msgctxt "QObject|" msgid "CRL distribution points" msgstr "Distribučné body CRL" #: ../lib/func.cpp:664 msgctxt "QObject|" msgid "Authority information access" msgstr "Prístup k informácii CA (AIA)" #: ../lib/func.cpp:665 msgctxt "QObject|" msgid "Certificate type" msgstr "Typ certifikátu" #: ../lib/func.cpp:666 msgctxt "QObject|" msgid "Base URL" msgstr "Základná URL" #: ../lib/func.cpp:667 msgctxt "QObject|" msgid "Revocation URL" msgstr "URL odvolaní" #: ../lib/func.cpp:668 msgctxt "QObject|" msgid "CA Revocation URL" msgstr "URL odvolaní CA" #: ../lib/func.cpp:669 msgctxt "QObject|" msgid "Certificate renewal URL" msgstr "URL obnovenia CRL" #: ../lib/func.cpp:670 msgctxt "QObject|" msgid "CA policy URL" msgstr "URL politiky CA" #: ../lib/func.cpp:671 msgctxt "QObject|" msgid "SSL server name" msgstr "Meno servera SSL" #: ../lib/func.cpp:672 msgctxt "QObject|" msgid "Comment" msgstr "Komentár" #: ../lib/main.cpp:210 #, qt-format msgctxt "QObject|" msgid "Index file written to '%1'" msgstr "Súbor index zapísaný do „%1”" #: ../lib/main.cpp:217 #, qt-format msgctxt "QObject|" msgid "Index hierarchy written to '%1'" msgstr "Hierarchia indexu zapísaná do „%1”" #: ../lib/main.cpp:230 #, qt-format msgctxt "QObject|" msgid "Unknown key type %1" msgstr "Neznámy typ kľúča %1" #: ../widgets/XcaWarning.h:23 msgctxt "QObject|" msgid "Password verify error, please try again" msgstr "Chyba overenia hesla, prosím, skúste znova" #: ../widgets/ReqTreeView.cpp:25 msgctxt "ReqTreeView|" msgid "Sign" msgstr "Podpísať" #: ../widgets/ReqTreeView.cpp:27 msgctxt "ReqTreeView|" msgid "Unmark signed" msgstr "Zrušiť označenie podpísané" #: ../widgets/ReqTreeView.cpp:30 msgctxt "ReqTreeView|" msgid "Mark signed" msgstr "Označiť podpísané" #: ../widgets/ReqTreeView.cpp:33 msgctxt "ReqTreeView|" msgid "Similar Request" msgstr "Podobné žiadosti" #: ../ui/RevocationList.ui:30 msgctxt "RevocationList|" msgid "Manage revocations" msgstr "Spravovať odvolania" #: ../ui/RevocationList.ui:96 msgctxt "RevocationList|" msgid "Add" msgstr "Pridať" #: ../ui/RevocationList.ui:103 msgctxt "RevocationList|" msgid "Delete" msgstr "Odstrániť" #: ../ui/RevocationList.ui:110 msgctxt "RevocationList|" msgid "Edit" msgstr "Upraviť" #: ../widgets/RevocationList.cpp:75 msgctxt "RevocationList|" msgid "No." msgstr "Č." #: ../widgets/RevocationList.cpp:75 msgctxt "RevocationList|" msgid "Serial" msgstr "Sériové číslo" #: ../widgets/RevocationList.cpp:75 msgctxt "RevocationList|" msgid "Revocation" msgstr "Odvolanie" #: ../widgets/RevocationList.cpp:75 msgctxt "RevocationList|" msgid "Reason" msgstr "Dôvod" #: ../widgets/RevocationList.cpp:76 msgctxt "RevocationList|" msgid "Invalidation" msgstr "Zneplatnenie" #: ../widgets/RevocationList.cpp:104 msgctxt "RevocationList|" msgid "Generate CRL" msgstr "Generovať CRL" #: ../ui/Revoke.ui:30 msgctxt "Revoke|" msgid "Certificate revocation" msgstr "Odvolanie certifikátu" #: ../ui/Revoke.ui:87 msgctxt "Revoke|" msgid "Revocation details" msgstr "Podrobnosti odvolania" #: ../ui/Revoke.ui:96 msgctxt "Revoke|" msgid "Revocation reason" msgstr "Dôvod odvolania" #: ../ui/Revoke.ui:110 msgctxt "Revoke|" msgid "Local time" msgstr "Lokálny čas" #: ../ui/Revoke.ui:117 msgctxt "Revoke|" msgid "Invalid since" msgstr "Neplatný od" #: ../ui/Revoke.ui:124 msgctxt "Revoke|" msgid "Serial" msgstr "Sériové číslo" #: ../ui/SearchPkcs11.ui:41 msgctxt "SearchPkcs11|" msgid "Directory" msgstr "Adresár" #: ../ui/SearchPkcs11.ui:57 msgctxt "SearchPkcs11|" msgid "..." msgstr "..." #: ../ui/SearchPkcs11.ui:64 msgctxt "SearchPkcs11|" msgid "Include subdirectories" msgstr "Zahrnúť podadresáre" #: ../ui/SearchPkcs11.ui:71 msgctxt "SearchPkcs11|" msgid "Search" msgstr "Hľadať" #: ../widgets/SearchPkcs11.cpp:75 msgctxt "SearchPkcs11|" msgid "The following files are possible PKCS#11 libraries" msgstr "nasledujúce súbory sú možné knižnice PKCS#11" #: ../ui/SelectToken.ui:39 msgctxt "SelectToken|" msgid "Security token" msgstr "Bezpečnostný token" #: ../ui/SelectToken.ui:86 msgctxt "SelectToken|" msgid "Please select the security token" msgstr "Prosím, vyberte bezpečnostný token" #: ../widgets/TempTreeView.cpp:23 msgctxt "TempTreeView|" msgid "Duplicate" msgstr "Duplikát" #: ../widgets/TempTreeView.cpp:24 msgctxt "TempTreeView|" msgid "Create certificate" msgstr "Vytvoriť certifikát" #: ../widgets/TempTreeView.cpp:25 msgctxt "TempTreeView|" msgid "Create request" msgstr "Vytvoriť žiadosť" #: ../widgets/TempTreeView.cpp:34 msgctxt "TempTreeView|" msgid "copy" msgstr "kopírovať" #: ../widgets/TempTreeView.cpp:82 msgctxt "TempTreeView|" msgid "Preset Template values" msgstr "Predvoľby hodnôt šablóny" #: ../widgets/validity.cpp:94 msgctxt "Validity|" msgid "yyyy-MM-dd hh:mm" msgstr "d. MMM yyyy hh:mm" #: ../widgets/X509SuperTreeView.cpp:28 msgctxt "X509SuperTreeView|" msgid "OpenSSL config" msgstr "Konfigurácia OpenSSL" #: ../widgets/X509SuperTreeView.cpp:29 msgctxt "X509SuperTreeView|" msgid "Transform" msgstr "Transformovať" #: ../widgets/X509SuperTreeView.cpp:30 msgctxt "X509SuperTreeView|" msgid "Template" msgstr "Šablóna" #: ../widgets/X509SuperTreeView.cpp:31 msgctxt "X509SuperTreeView|" msgid "Public key" msgstr "Verejný kľúč" #: ../widgets/XcaTreeView.cpp:343 msgctxt "XcaTreeView|" msgid "Subject entries" msgstr "Položky predmetu" #: ../widgets/XcaTreeView.cpp:344 msgctxt "XcaTreeView|" msgid "X509v3 Extensions" msgstr "Rozšírenia X509v3" #: ../widgets/XcaTreeView.cpp:345 msgctxt "XcaTreeView|" msgid "Netscape extensions" msgstr "Rozšírenia Netscape" #: ../widgets/XcaTreeView.cpp:346 msgctxt "XcaTreeView|" msgid "Key properties" msgstr "Vlastnosti kľúča" #: ../widgets/XcaTreeView.cpp:347 msgctxt "XcaTreeView|" msgid "Reset" msgstr "Vymazať" #: ../widgets/XcaTreeView.cpp:350 msgctxt "XcaTreeView|" msgid "Hide Column" msgstr "Odstrániť stĺpec" #: ../widgets/XcaTreeView.cpp:352 msgctxt "XcaTreeView|" msgid "Details" msgstr "Podrobnosti" #: ../widgets/XcaTreeView.cpp:395 msgctxt "XcaTreeView|" msgid "Columns" msgstr "Stĺpce" #: ../widgets/XcaTreeView.cpp:431 msgctxt "XcaTreeView|" msgid "New" msgstr "Nový" #: ../widgets/XcaTreeView.cpp:432 msgctxt "XcaTreeView|" msgid "Import" msgstr "Importovať" #: ../widgets/XcaTreeView.cpp:433 msgctxt "XcaTreeView|" msgid "Paste PEM data" msgstr "Vložiť dáta PEM" #: ../widgets/XcaTreeView.cpp:437 msgctxt "XcaTreeView|" msgid "Rename" msgstr "Premenovať" #: ../widgets/XcaTreeView.cpp:438 msgctxt "XcaTreeView|" msgid "Properties" msgstr "Vlastnosti" #: ../widgets/XcaTreeView.cpp:441 msgctxt "XcaTreeView|" msgid "Delete" msgstr "Odstrániť" #: ../widgets/XcaTreeView.cpp:443 msgctxt "XcaTreeView|" msgid "Export" msgstr "Exportovať" #: ../widgets/XcaTreeView.cpp:444 msgctxt "XcaTreeView|" msgid "Clipboard" msgstr "Schránka" #: ../widgets/XcaTreeView.cpp:446 msgctxt "XcaTreeView|" msgid "File" msgstr "Súbor" #: ../lib/database_model.cpp:125 #, qt-format msgctxt "database_model|" msgid "" "Legacy database format detected. Creating a backup copy called: '%1' and " "converting the database to the new format" msgstr "" "Detegovaný starý formát databázy. Vytvorená záložná kópia, nazvaná: „%1” a " "databáza konvertovaná do nového formátu" #: ../lib/database_model.cpp:134 msgctxt "database_model|" msgid "Failed to rename the database file, because the target already exists" msgstr "Premenovanie súboru databázy zlyhalo, pretože cieľ už existuje" #: ../lib/database_model.cpp:269 #, qt-format msgctxt "database_model|" msgid "" "Please enter the password to access the database server %2 as user '%1'." msgstr "" "Prosím, zadajte heslo na prístup k databázovému serveru %2 ako používateľ " "„%1”." #: ../lib/database_model.cpp:386 #, qt-format msgctxt "database_model|" msgid "Unable to create '%1': %2" msgstr "Nemožno vytvoriť „%1”: %2" #: ../lib/database_model.cpp:557 #, qt-format msgctxt "database_model|" msgid "The file '%1' is not an XCA database" msgstr "Súbor „%1” nie je databáza XCA" #: ../lib/database_model.cpp:585 msgctxt "database_model|" msgid "" "No SqLite3 driver available. Please install the qt-sqlite package of your " "distribution" msgstr "" "Nie je dostupný ovládač SQLite3. Prosím, nainštalujte balík qt-sqlite svojej " "distribúcie" #: ../lib/database_model.cpp:626 msgctxt "database_model|" msgid "New Password" msgstr "Nové heslo" #: ../lib/database_model.cpp:626 #, qt-format msgctxt "database_model|" msgid "" "Please enter a password, that will be used to encrypt your private keys in " "the database:\n" "%1" msgstr "" "Prosím, zadajte heslo, ktoré bude slúžiť na šifrovanie súkromných kľúčov v " "databáze:\n" "%1" #: ../lib/database_model.cpp:646 msgctxt "database_model|" msgid "Password" msgstr "Heslo" #: ../lib/database_model.cpp:647 #, qt-format msgctxt "database_model|" msgid "" "Please enter the password for unlocking the database:\n" "%1" msgstr "" "Prosím, zadajte heslo na odomknutie databázy:\n" "%1" #: ../lib/db_base.cpp:170 msgctxt "db_base|" msgid "Internal name" msgstr "Interný názov" #: ../lib/db_base.cpp:171 msgctxt "db_base|" msgid "No." msgstr "Č." #: ../lib/db_base.cpp:172 msgctxt "db_base|" msgid "Primary key" msgstr "Primárny kľúč" #: ../lib/db_base.cpp:173 msgctxt "db_base|" msgid "Database unique number" msgstr "Jedinečné číslo databázy" #: ../lib/db_base.cpp:174 msgctxt "db_base|" msgid "Date" msgstr "Dátum" #: ../lib/db_base.cpp:175 msgctxt "db_base|" msgid "Date of creation or insertion" msgstr "Dátum vytvorenia alebo vloženia" #: ../lib/db_base.cpp:176 msgctxt "db_base|" msgid "Source" msgstr "Zdroj" #: ../lib/db_base.cpp:177 msgctxt "db_base|" msgid "Generated, Imported, Transformed" msgstr "Generovaný, Importovaný, Transformovaný" #: ../lib/db_base.cpp:178 msgctxt "db_base|" msgid "Comment" msgstr "Komentár" #: ../lib/db_base.cpp:179 msgctxt "db_base|" msgid "First line of the comment field" msgstr "Prvý riadok poľa komentára" #: ../lib/db_base.cpp:241 #, qt-format msgctxt "db_base|" msgid "Import from: %1" msgstr "Importovať z: %1" #: ../lib/db_base.cpp:392 #, qt-format msgctxt "db_base|" msgid "Could not create directory %1" msgstr "Nemožno vytvoriť zložku %1" #: ../lib/db_base.cpp:643 msgctxt "db_base|" msgid "Item properties" msgstr "Vlastnosti položky" #: ../lib/db_base.cpp:680 #, qt-format msgctxt "db_base|" msgid "How to export the %1 selected items" msgstr "Ako exportovať %1 zvolených položiek" #: ../lib/db_base.cpp:682 msgctxt "db_base|" msgid "All in one PEM file" msgstr "Všetky v jednom súbore PEM" #: ../lib/db_base.cpp:683 msgctxt "db_base|" msgid "Each item in one file" msgstr "Každá položka v samostatnom súbore" #: ../lib/db_base.cpp:695 #, qt-format msgctxt "db_base|" msgid "Save %1 items in one file as" msgstr "Uložiť %1 položiek v jednom súbore ako" #: ../lib/db_base.cpp:697 msgctxt "db_base|" msgid "PEM files ( *.pem );; All files ( * )" msgstr "Súbory PEM ( *.pem );; Všetky súbory ( * )" #: ../lib/db_crl.cpp:30 msgctxt "db_crl|" msgid "Signer" msgstr "Vydavateľ" #: ../lib/db_crl.cpp:31 msgctxt "db_crl|" msgid "Internal name of the signer" msgstr "Interný názov vydavateľa" #: ../lib/db_crl.cpp:32 msgctxt "db_crl|" msgid "No. revoked" msgstr "Počet odvolaných" #: ../lib/db_crl.cpp:33 msgctxt "db_crl|" msgid "Number of revoked certificates" msgstr "Počet odvolaných certifikátov" #: ../lib/db_crl.cpp:34 msgctxt "db_crl|" msgid "Last update" msgstr "Posledná aktualizácia" #: ../lib/db_crl.cpp:35 msgctxt "db_crl|" msgid "Next update" msgstr "Nasled. aktualizácia" #: ../lib/db_crl.cpp:36 msgctxt "db_crl|" msgid "CRL number" msgstr "Číslo CRL" #: ../lib/db_crl.cpp:105 #, qt-format msgctxt "db_crl|" msgid "" "The revocation list already exists in the database as:\n" "'%1'\n" "and so it was not imported" msgstr "" "Zoznam odvolaní už v databáze existuje ako:\n" "„%1”,\n" "a tak nebol importovaný" #: ../lib/db_crl.cpp:130 msgctxt "db_crl|" msgid "Revocation list export" msgstr "Export Zoznamu odvolaných" #: ../lib/db_crl.cpp:131 msgctxt "db_crl|" msgid "CRL ( *.pem *.der *.crl )" msgstr "CRL ( *.pem *.der *.crl )" #: ../lib/db_crl.cpp:194 msgctxt "db_crl|" msgid "Failed to initiate DB transaction" msgstr "Zlyhala inicializácia DB transakcie" #: ../lib/db_crl.cpp:204 ../lib/db_crl.cpp:212 ../lib/db_crl.cpp:216 #, qt-format msgctxt "db_crl|" msgid "Database error: %1" msgstr "Chyba databázy: %1" #: ../lib/db_key.cpp:58 msgctxt "db_key|" msgid "Type" msgstr "Typ" #: ../lib/db_key.cpp:59 msgctxt "db_key|" msgid "Size" msgstr "Veľkosť" #: ../lib/db_key.cpp:61 msgctxt "db_key|" msgid "EC Group" msgstr "Skupina EC" #: ../lib/db_key.cpp:63 msgctxt "db_key|" msgid "Use" msgstr "Použiť" #: ../lib/db_key.cpp:64 msgctxt "db_key|" msgid "Password" msgstr "Heslo" #: ../lib/db_key.cpp:138 #, qt-format msgctxt "db_key|" msgid "" "The key is already in the database as:\n" "'%1'\n" "and is not going to be imported" msgstr "" "Kľúč už je v databáze ako:\n" "„%1”,\n" "a tak nebude importovaný" #: ../lib/db_key.cpp:143 #, qt-format msgctxt "db_key|" msgid "" "The database already contains the public part of the imported key as\n" "'%1\n" "and will be completed by the new, private part of the key" msgstr "" "Databáza už obsahuje verejnú časť importovaného kľúča ako\n" "„%1”\n" "a bude doplnená novou, súkromnou, časťou kľúča" #: ../lib/db_key.cpp:145 #, qt-format msgctxt "db_key|" msgid "Extending public key from %1 by imported key '%2'" msgstr "Rozšírenie verejného kľúča z %1 importovaním kľúča „%2”" #: ../lib/db_key.cpp:163 msgctxt "db_key|" msgid "Key size too small !" msgstr "Dĺžka kľúča je príliš malá!" #: ../lib/db_key.cpp:167 #, qt-format msgctxt "db_key|" msgid "You are sure to create a key of the size: %1 ?" msgstr "Naozaj chcete vytvoriť kľúč s veľkosťou: %1?" #: ../lib/db_key.cpp:217 ../lib/db_key.cpp:268 msgctxt "db_key|" msgid "PEM public" msgstr "PEM verejný" #: ../lib/db_key.cpp:220 ../lib/db_key.cpp:273 msgctxt "db_key|" msgid "SSH2 public" msgstr "SSH2 verejný" #: ../lib/db_key.cpp:223 ../lib/db_key.cpp:293 msgctxt "db_key|" msgid "PEM private" msgstr "PEM súkromný" #: ../lib/db_key.cpp:228 ../lib/db_key.cpp:298 msgctxt "db_key|" msgid "SSH2 private" msgstr "SSH2 súkromný" #: ../lib/db_key.cpp:231 msgctxt "db_key|" msgid "Export keys to Clipboard" msgstr "Exportovať kľúče do schránky" #: ../lib/db_key.cpp:234 msgctxt "db_key|" msgid "Clipboard" msgstr "Schránka" #: ../lib/db_key.cpp:247 #, qt-format msgctxt "db_key|" msgid "Export public key [%1]" msgstr "Exportovať verejný kľúč [%1]" #: ../lib/db_key.cpp:269 msgctxt "db_key|" msgid "DER public" msgstr "DER verejný" #: ../lib/db_key.cpp:281 msgctxt "db_key|" msgid "DER private" msgstr "DER súkromný" #: ../lib/db_key.cpp:278 msgctxt "db_key|" msgid "PEM encryped" msgstr "PEM šifrovaný" #: ../lib/db_key.cpp:287 msgctxt "db_key|" msgid "PVK private" msgstr "PVK súkromný" #: ../lib/db_key.cpp:289 msgctxt "db_key|" msgid "PVK encrypted" msgstr "PVK šifrovaný" #: ../lib/db_key.cpp:295 msgctxt "db_key|" msgid "PKCS#8 encrypted" msgstr "PKCS#8 šifrovaný" #: ../lib/db_key.cpp:299 #, qt-format msgctxt "db_key|" msgid "Export private key [%1]" msgstr "Exportovať súkromný kľúč [%1]" #: ../lib/db_key.cpp:304 msgctxt "db_key|" msgid "Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub )" msgstr "Súkromné kľúče ( *.pem *.der *.pk8 );; Verejné kľúče SSH ( *.pub )" #: ../lib/db_key.cpp:364 msgctxt "db_key|" msgid "Internal error" msgstr "Interná chyba" #: ../lib/db_key.cpp:382 msgctxt "db_key|" msgid "Tried to change password of a token" msgstr "Vyskúšaná zmena hesla tokenu" #: ../lib/db_temp.cpp:50 #, qt-format msgctxt "db_temp|" msgid "Bad template: %1" msgstr "Zlá šablóna: %1" #: ../lib/db_temp.cpp:34 msgctxt "db_temp|" msgid "Empty template" msgstr "Prázdna šablóna" #: ../lib/db_temp.cpp:112 msgctxt "db_temp|" msgid "Save template as" msgstr "Uložiť šablónu ako" #: ../lib/db_temp.cpp:113 msgctxt "db_temp|" msgid "XCA templates ( *.xca );; All files ( * )" msgstr "Šablóny XCA ( *.xca );; Všetky súbory ( * )" #: ../lib/db_x509.cpp:71 msgctxt "db_x509|" msgid "CA" msgstr "CA" #: ../lib/db_x509.cpp:72 msgctxt "db_x509|" msgid "reflects the basic Constraints extension" msgstr "Odráža rozšírenie Základné obmedzenia" #: ../lib/db_x509.cpp:73 msgctxt "db_x509|" msgid "Serial" msgstr "Sériové číslo" #: ../lib/db_x509.cpp:77 msgctxt "db_x509|" msgid "Start date" msgstr "Dátum začiatku" #: ../lib/db_x509.cpp:79 msgctxt "db_x509|" msgid "Expiry date" msgstr "Dátum vypršania" #: ../lib/db_x509.cpp:74 msgctxt "db_x509|" msgid "MD5 fingerprint" msgstr "Odtlačok MD5" #: ../lib/db_x509.cpp:75 msgctxt "db_x509|" msgid "SHA1 fingerprint" msgstr "Odtlačok SHA1" #: ../lib/db_x509.cpp:76 msgctxt "db_x509|" msgid "SHA256 fingerprint" msgstr "Odtlačok SHA256" #: ../lib/db_x509.cpp:78 msgctxt "db_x509|" msgid "Not before" msgstr "Nie pred" #: ../lib/db_x509.cpp:80 msgctxt "db_x509|" msgid "Not after" msgstr "Nie po" #: ../lib/db_x509.cpp:81 msgctxt "db_x509|" msgid "Revocation" msgstr "Odvolanie" #: ../lib/db_x509.cpp:82 msgctxt "db_x509|" msgid "CRL Expiration" msgstr "CRL vypršania" #: ../lib/db_x509.cpp:301 msgctxt "db_x509|" msgid "Failed to retrieve unique random serial" msgstr "Zlyhalo získanie jedinečného náhodného sériového čísla" #: ../lib/db_x509.cpp:324 #, qt-format msgctxt "db_x509|" msgid "" "The certificate already exists in the database as:\n" "'%1'\n" "and so it was not imported" msgstr "" "Certifikát v databáze už existuje ako:\n" "„%1”,\n" "a tak nebol importovaný" #: ../lib/db_x509.cpp:366 #, qt-format msgctxt "db_x509|" msgid "Signed on %1 by '%2'" msgstr "%1 podpísané „%2”" #: ../lib/db_x509.cpp:367 msgctxt "db_x509|" msgid "Unknown" msgstr "Neznáme" #: ../lib/db_x509.cpp:455 msgctxt "db_x509|" msgid "Invalid public key" msgstr "Neplatný verejný kľúč" #: ../lib/db_x509.cpp:611 msgctxt "db_x509|" msgid "PKCS#7 unrevoked" msgstr "Neodvolané PKCS#7" #: ../lib/db_x509.cpp:615 msgctxt "db_x509|" msgid "PEM unrevoked" msgstr "Neodvolané PEM" #: ../lib/db_x509.cpp:622 msgctxt "db_x509|" msgid "vCalendar" msgstr "vCalendar" #: ../lib/db_x509.cpp:626 msgctxt "db_x509|" msgid "CA vCalendar" msgstr "CA vCalendar" #: ../lib/db_x509.cpp:630 msgctxt "db_x509|" msgid "X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b )" msgstr "Certifikáty X509 ( *.pem *.cer *.crt *.p12 *.pfx *.p7b )" #: ../lib/db_x509.cpp:1045 msgctxt "db_x509|" msgid "days" msgstr "dní" #: ../lib/db_x509.cpp:1054 msgctxt "db_x509|" msgid "No template" msgstr "Bez šablóny" #: ../lib/db_x509.cpp:481 msgctxt "db_x509|" msgid "The key you selected for signing is not a private one." msgstr "Kľúč, zvolený na podpísanie, nie je súkromný." #: ../lib/db_x509.cpp:253 #, qt-format msgctxt "db_x509|" msgid "Failed to create directory '%1'" msgstr "Nemožno vytvoriť zložku „%1”" #: ../lib/db_x509.cpp:523 #, qt-format msgctxt "db_x509|" msgid "Store the certificate to the key on the token '%1 (#%2)' ?" msgstr "Uložiť certifikát do kľúča na tokene „%1 (#%2)”?" #: ../lib/db_x509.cpp:588 msgctxt "db_x509|" msgid "PEM chain" msgstr "Reťaz PEM" #: ../lib/db_x509.cpp:590 msgctxt "db_x509|" msgid "PKCS#7 chain" msgstr "Reťaz PKCS #7" #: ../lib/db_x509.cpp:596 msgctxt "db_x509|" msgid "PKCS#12 chain" msgstr "Reťaz PKCS#12" #: ../lib/db_x509.cpp:613 msgctxt "db_x509|" msgid "PKCS#7 all" msgstr "PKCS#7 všetky" #: ../lib/db_x509.cpp:605 msgctxt "db_x509|" msgid "PEM + key" msgstr "PEM + kľúč" #: ../lib/db_x509.cpp:617 msgctxt "db_x509|" msgid "PEM all" msgstr "PEM všetky" #: ../lib/db_x509.cpp:619 msgctxt "db_x509|" msgid "Certificate Index file" msgstr "Súbor indexu certifikátov" #: ../lib/db_x509.cpp:629 msgctxt "db_x509|" msgid "Certificate export" msgstr "Export certifikátu" #: ../lib/db_x509.cpp:694 ../lib/db_x509.cpp:764 #, qt-format msgctxt "db_x509|" msgid "There was no key found for the Certificate: '%1'" msgstr "Nebol nájdený kľúč certifikátu: „%1”" #: ../lib/db_x509.cpp:699 #, qt-format msgctxt "db_x509|" msgid "Not possible for a token key: '%1'" msgstr "Nie je možné pre kľúč tokenu: „%1”" #: ../lib/db_x509.cpp:768 #, qt-format msgctxt "db_x509|" msgid "Not possible for the token-key Certificate '%1'" msgstr "Nie je možné pre Certifikát kľúča tokenu „%1”" #: ../lib/db_x509super.cpp:30 msgctxt "db_x509name|" msgid "Subject" msgstr "Predmet" #: ../lib/db_x509super.cpp:31 msgctxt "db_x509name|" msgid "Complete distinguished name" msgstr "Úplný rozlišovací názov" #: ../lib/db_x509super.cpp:32 msgctxt "db_x509name|" msgid "Subject hash" msgstr "Odtlačok predmetu" #: ../lib/db_x509super.cpp:33 msgctxt "db_x509name|" msgid "Hash to lookup certs in directories" msgstr "Odtlačok na hľadanie certifikátov v adresároch" #: ../lib/db_x509req.cpp:28 msgctxt "db_x509req|" msgid "Signed" msgstr "Podpísaný" #: ../lib/db_x509req.cpp:29 msgctxt "db_x509req|" msgid "whether the request is already signed or not" msgstr "Či už bola žiadosť podpísaná alebo nie" #: ../lib/db_x509req.cpp:30 msgctxt "db_x509req|" msgid "Unstructured name" msgstr "Neštruktúrovaný názov" #: ../lib/db_x509req.cpp:32 msgctxt "db_x509req|" msgid "Challenge password" msgstr "Heslo výzvy" #: ../lib/db_x509req.cpp:34 msgctxt "db_x509req|" msgid "Certificate count" msgstr "Počet certifikátov" #: ../lib/db_x509req.cpp:35 msgctxt "db_x509req|" msgid "Number of certificates in the database with the same public key" msgstr "Počet certifikátov s rovnakým verejným kľúčom v databáze" #: ../lib/db_x509req.cpp:52 #, qt-format msgctxt "db_x509req|" msgid "" "The certificate signing request already exists in the database as\n" "'%1'\n" "and thus was not stored" msgstr "" "Žiadosť o podpísanie certifikátu už v databáze existuje ako\n" "„%1”,\n" "a tak nebola uložená" #: ../lib/db_x509req.cpp:119 msgctxt "db_x509req|" msgid "Certificate request export" msgstr "Export Žiadosti o certifikát" #: ../lib/db_x509req.cpp:120 msgctxt "db_x509req|" msgid "Certificate request ( *.pem *.der *.csr )" msgstr "Žiadosť o certifikát ( *.pem *.der *.csr )" #: ../lib/db_x509super.cpp:81 msgctxt "db_x509super|" msgid "Key name" msgstr "Názov kľúča" #: ../lib/db_x509super.cpp:82 msgctxt "db_x509super|" msgid "Internal name of the key" msgstr "Interný názov kľúča" #: ../lib/db_x509super.cpp:84 msgctxt "db_x509super|" msgid "Signature algorithm" msgstr "Algoritmus podpisu" #: ../lib/db_x509super.cpp:85 msgctxt "db_x509super|" msgid "Key type" msgstr "Typ kľúča" #: ../lib/db_x509super.cpp:86 msgctxt "db_x509super|" msgid "Key size" msgstr "Veľkosť kľúča" #: ../lib/db_x509super.cpp:88 msgctxt "db_x509super|" msgid "EC Group" msgstr "Skupina EC" #: ../lib/db_x509super.cpp:142 #, qt-format msgctxt "db_x509super|" msgid "Extracted from %1 '%2'" msgstr "Vyňaté z %1 „%2”" #: ../lib/db_x509super.cpp:144 ../lib/db_x509super.cpp:196 msgctxt "db_x509super|" msgid "Certificate" msgstr "Certifikát" #: ../lib/db_x509super.cpp:144 ../lib/db_x509super.cpp:196 msgctxt "db_x509super|" msgid "Certificate request" msgstr "Žiadosť o certifikát" #: ../lib/db_x509super.cpp:159 msgctxt "db_x509super|" msgid "Save as OpenSSL config" msgstr "Uložiť ako konfiguráciu OpenSSL" #: ../lib/db_x509super.cpp:160 msgctxt "db_x509super|" msgid "Config files ( *.conf *.cnf);; All files ( * )" msgstr "Konfiguračné súbory ( *.conf *.cnf );; Všetky súbory ( * )" #: ../lib/db_x509super.cpp:183 msgctxt "db_x509super|" msgid "The following extensions were not ported into the template" msgstr "Do šablóny neboli prenesené nasledujúce rozšírenia" #: ../lib/db_x509super.cpp:194 #, qt-format msgctxt "db_x509super|" msgid "Transformed from %1 '%2'" msgstr "Transformované z %1 „%2”" #: ../widgets/kvView.cpp:164 msgctxt "kvView|" msgid "Type" msgstr "Typ" #: ../widgets/kvView.cpp:164 msgctxt "kvView|" msgid "Content" msgstr "Obsah" #: ../lib/pass_info.cpp:15 msgctxt "pass_info|" msgid "Password" msgstr "Heslo" #: ../lib/pass_info.cpp:22 msgctxt "pass_info|" msgid "PIN" msgstr "PIN" #: ../lib/pki_base.cpp:289 msgctxt "pki_base|" msgid "Unknown" msgstr "Neznáme" #: ../lib/pki_base.cpp:290 msgctxt "pki_base|" msgid "Imported" msgstr "Importovaný" #: ../lib/pki_base.cpp:291 msgctxt "pki_base|" msgid "Generated" msgstr "Generovaný" #: ../lib/pki_base.cpp:292 msgctxt "pki_base|" msgid "Transformed" msgstr "Transformovaný" #: ../lib/pki_base.cpp:293 msgctxt "pki_base|" msgid "Token" msgstr "Token" #: ../lib/pki_base.cpp:294 msgctxt "pki_base|" msgid "Legacy Database" msgstr "Stará databáza" #: ../lib/pki_base.cpp:295 msgctxt "pki_base|" msgid "Renewed" msgstr "Obnovené" #: ../lib/pki_base.cpp:430 #, qt-format msgctxt "pki_base|" msgid "Property '%1' not listed in 'pki_base::print'" msgstr "Vlastnosť „%1” nie je zahrnutá v „pki_base::print”" #: ../lib/pki_base.cpp:125 #, qt-format msgctxt "pki_base|" msgid "Internal error: Unexpected message: %1 %2" msgstr "Interná chyba: Neočakávaná správa: %1 %2" #: ../lib/pki_crl.cpp:59 #, qt-format msgctxt "pki_crl|" msgid "Successfully imported the revocation list '%1'" msgstr "Úspešne importovaný Zoznam odvolaní „%1”" #: ../lib/pki_crl.cpp:60 #, qt-format msgctxt "pki_crl|" msgid "Delete the revocation list '%1'?" msgstr "Odstrániť Zoznam odvolaní „%1”?" #: ../lib/pki_crl.cpp:61 #, qt-format msgctxt "pki_crl|" msgid "Successfully created the revocation list '%1'" msgstr "Úspešne vytvorený Zoznam odvolaní „%1”" #: ../lib/pki_crl.cpp:63 #, qt-format msgctxt "pki_crl|" msgid "Delete the %1 revocation lists: %2?" msgstr "Odstrániť %1 uoznamov odvolaní: %2?" #: ../lib/pki_crl.cpp:146 #, qt-format msgctxt "pki_crl|" msgid "" "Unable to load the revocation list in file %1. Tried PEM and DER formatted " "CRL." msgstr "" "Nemožno načítať zoznam odvolaní zo súboru %1. Vyskúšaný formát CRL PEM a DER." #: ../lib/pki_crl.cpp:161 msgctxt "pki_crl|" msgid "No issuer given" msgstr "Nebol zadaný vydavateľ" #: ../lib/pki_crl.cpp:219 #, qt-format msgctxt "pki_crl|" msgid "Wrong Size %1" msgstr "Zlá veľkosť %1" #: ../lib/pki_crl.cpp:434 #, qt-format msgctxt "pki_crl|" msgid "CRL Renewal of CA '%1' due" msgstr "Termín obnovenia CRL CA „%1”" #: ../lib/pki_crl.cpp:435 #, qt-format msgctxt "pki_crl|" msgid "" "The latest CRL issued by the CA '%1' will expire on %2.\n" "It is stored in the XCA database '%3'" msgstr "" "Posledné CRL vydané CA „%1” vyprší %2.\n" "Je uložené v databáze XCA „%3”" #: ../lib/pki_crl.cpp:443 #, qt-format msgctxt "pki_crl|" msgid "Renew CRL: %1" msgstr "Obnoviť CRL: %1" #: ../lib/pki_crl.cpp:444 #, qt-format msgctxt "pki_crl|" msgid "" "The XCA CRL '%1', issued on %3 will expire on %4.\n" "It is stored in the XCA database '%5'" msgstr "" "XCA CRL „%1”, vydané %3 vyprší %4.\n" "Je uložené v databáze XCA „%5”" #: ../lib/pki_evp.cpp:260 #, qt-format msgctxt "pki_evp|" msgid "Please enter the password to decrypt the private key %1." msgstr "Prosím, zadajte heslo na dešifrovanie súkromného kľúča %1." #: ../lib/pki_evp.cpp:327 #, qt-format msgctxt "pki_evp|" msgid "The key from file '%1' is incomplete or inconsistent." msgstr "Kľúč zo súboru „%1” je nekompletný ale nekonzistentný." #: ../lib/pki_evp.cpp:416 #, qt-format msgctxt "pki_evp|" msgid "" "Please enter the password to decrypt the private key from file:\n" "%1" msgstr "" "Prosím, zadajte heslo na dešifrovanie súkromného kľúča zo súboru:\n" "%1" #: ../lib/pki_evp.cpp:493 #, qt-format msgctxt "pki_evp|" msgid "" "Unable to load the private key in file %1. Tried PEM and DER private, " "public, PKCS#8 key types and SSH2 format." msgstr "" "Nemožno načítať súkromný kľúč zo súboru %1. Vyskúšaný PEM a DER súkromný, " "verejný, typy kľúčov PKCS#8 a formát SSH2." #: ../lib/pki_evp.cpp:524 msgctxt "pki_evp|" msgid "Ignoring unsupported private key" msgstr "Ignorujem nepodporovaný súkromný kľúč" #: ../lib/pki_evp.cpp:541 #, qt-format msgctxt "pki_evp|" msgid "Please enter the password to decrypt the private key: '%1'" msgstr "Prosím, zadajte heslo na dešifrovanie súkromného kľúča: „%1”" #: ../lib/pki_evp.cpp:544 ../lib/pki_evp.cpp:558 msgctxt "pki_evp|" msgid "Password input aborted" msgstr "Zadávanie hesla zrušené" #: ../lib/pki_evp.cpp:554 #, qt-format msgctxt "pki_evp|" msgid "Please enter the database password for decrypting the key '%1'" msgstr "Prosím, zadajte heslo databázy na dešifrovanie kľúča „%1”" #: ../lib/pki_evp.cpp:659 #, qt-format msgctxt "pki_evp|" msgid "Please enter the password to protect the private key: '%1'" msgstr "Prosím, zadajte heslo na ochranu súkromného kľúča: „%1”" #: ../lib/pki_evp.cpp:677 msgctxt "pki_evp|" msgid "Please enter the database password for encrypting the key" msgstr "Prosím, zadajte heslo databázy na zašifrovanie kľúča" #: ../lib/pki_evp.cpp:789 #, qt-format msgctxt "pki_evp|" msgid "Please enter the password protecting the PKCS#8 key '%1'" msgstr "Prosím, zadajte heslo na ochranu kľúča PKCS#8 „%1”" #: ../lib/pki_evp.cpp:808 #, qt-format msgctxt "pki_evp|" msgid "Please enter the password protecting the Microsoft PVK key '%1'" msgstr "Prosím, zadajte heslo na ochranu kľúča Microsoft PVK „%1”" #: ../lib/pki_evp.cpp:863 #, qt-format msgctxt "pki_evp|" msgid "Please enter the export password for the private key '%1'" msgstr "Prosím, zadajte heslo exportu súkromného kľúča „%1”" #: ../lib/pki_key.cpp:238 #, qt-format msgctxt "pki_key|" msgid "Successfully imported the %1 public key '%2'" msgstr "Úspešne importovaný %1 verejný kľúč „%2”" #: ../lib/pki_key.cpp:239 #, qt-format msgctxt "pki_key|" msgid "Delete the %1 public key '%2'?" msgstr "Odstrániť %1 verejný kľúč „%2”?" #: ../lib/pki_key.cpp:244 #, qt-format msgctxt "pki_key|" msgid "Successfully imported the %1 private key '%2'" msgstr "Úspešne importovaný %1 súkromný kľúč „%2”" #: ../lib/pki_key.cpp:245 #, qt-format msgctxt "pki_key|" msgid "Delete the %1 private key '%2'?" msgstr "Odstrániť %1 súkromný kľúč „%2”?" #: ../lib/pki_key.cpp:246 #, qt-format msgctxt "pki_key|" msgid "Successfully created the %1 private key '%2'" msgstr "Úspešne vytvorený %1 súkromný kľúč „%2”" #: ../lib/pki_key.cpp:252 #, qt-format msgctxt "pki_key|" msgid "Delete the %1 keys: %2?" msgstr "Odstrániť %1 kľúčov: %2?" #: ../lib/pki_key.cpp:60 ../lib/pki_key.cpp:261 ../lib/pki_key.cpp:938 msgctxt "pki_key|" msgid "Public key" msgstr "Verejný kľúč" #: ../lib/pki_key.cpp:499 msgctxt "pki_key|" msgid "Common" msgstr "Spoločný" #: ../lib/pki_key.cpp:499 msgctxt "pki_key|" msgid "Private" msgstr "Súkromný" #: ../lib/pki_key.cpp:499 msgctxt "pki_key|" msgid "Bogus" msgstr "Pododný" #: ../lib/pki_key.cpp:499 msgctxt "pki_key|" msgid "PIN" msgstr "PIN" #: ../lib/pki_key.cpp:509 msgctxt "pki_key|" msgid "No password" msgstr "Bez hesla" #: ../lib/pki_key.cpp:606 ../lib/pki_key.cpp:712 #, qt-format msgctxt "pki_key|" msgid "Unexpected SSH2 content: '%1'" msgstr "Neočakávaný obsah SSH2: „%1”" #: ../lib/pki_key.cpp:626 ../lib/pki_key.cpp:632 msgctxt "pki_key|" msgid "Invalid SSH2 public key" msgstr "Neplatný verejný kľúč SSH2" #: ../lib/pki_key.cpp:830 #, qt-format msgctxt "pki_key|" msgid "Failed writing to %1" msgstr "Zlyhal zápis do %1" #: ../lib/pki_multi.cpp:131 msgctxt "pki_multi|" msgid "No known PEM encoded items found" msgstr "Nájdené neznáme kódované položky PEM" #: ../lib/pki_pkcs12.cpp:40 #, qt-format msgctxt "pki_pkcs12|" msgid "" "Please enter the password to decrypt the PKCS#12 file:\n" "%1" msgstr "" "Prosím, zadajte heslo na dešifrovanie súboru PKCS#12:\n" "%1" #: ../lib/pki_pkcs12.cpp:49 #, qt-format msgctxt "pki_pkcs12|" msgid "Unable to load the PKCS#12 (pfx) file %1." msgstr "Nemožno načítať súbor PKCS#12 (pfx) %1." #: ../lib/pki_pkcs12.cpp:73 #, qt-format msgctxt "pki_pkcs12|" msgid "The supplied password was wrong (%1)" msgstr "Zadané heslo je zlé (%1)" #: ../lib/pki_pkcs12.cpp:127 msgctxt "pki_pkcs12|" msgid "Please enter the password to encrypt the PKCS#12 file" msgstr "Prosím, zadajte heslo na zašifrovanie súboru PKCS#12" #: ../lib/pki_pkcs12.cpp:130 msgctxt "pki_pkcs12|" msgid "No key or no Cert and no pkcs12" msgstr "Nie je to kľúč, ani Certifikát a ani PKCS#12" #: ../lib/pki_pkcs7.cpp:173 #, qt-format msgctxt "pki_pkcs7|" msgid "Unable to load the PKCS#7 file %1. Tried PEM and DER format." msgstr "Nemožno načítať súbor PKCS#7 %1. Vyskúšaný formát PEM a DER." #: ../lib/pki_scard.cpp:52 #, qt-format msgctxt "pki_scard|" msgid "Successfully imported the token key '%1'" msgstr "Úspešne importovaný kľúč tokenu „%1”" #: ../lib/pki_scard.cpp:53 #, qt-format msgctxt "pki_scard|" msgid "Delete the token key '%1'?" msgstr "Odstrániť kľúč tokenu „%1”?" #: ../lib/pki_scard.cpp:54 #, qt-format msgctxt "pki_scard|" msgid "Successfully created the token key '%1'" msgstr "úspešne vytvorený kľúč tokenu „%1”" #: ../lib/pki_scard.cpp:56 #, qt-format msgctxt "pki_scard|" msgid "Delete the %1 keys: %2?" msgstr "Odstrániť %1 kľúčov: %2?" #: ../lib/pki_scard.cpp:358 #, qt-format msgctxt "pki_scard|" msgid "Delete the private key '%1' from the token '%2 (#%3)' ?" msgstr "Odstrániť súkromný kľúč „%1” z tokenu „%2 (#%3)”?" #: ../lib/pki_scard.cpp:431 msgctxt "pki_scard|" msgid "This Key is already on the token" msgstr "Tento kľúč už je na tokene" #: ../lib/pki_scard.cpp:517 msgctxt "pki_scard|" msgid "PIN input aborted" msgstr "Zadanie PIN zrušené" #: ../lib/pki_scard.cpp:529 msgctxt "pki_scard|" msgid "Unable to find copied key on the token" msgstr "Nemožno nájsť kópiu kľúča na tokene" #: ../lib/pki_scard.cpp:616 #, qt-format msgctxt "pki_scard|" msgid "Please insert card: %1 %2 [%3] with Serial: %4" msgstr "Prosím, vložte kartu: %1 %2 [%3] so sér. číslom: %4" #: ../lib/pki_scard.cpp:682 msgctxt "pki_scard|" msgid "Unable to find generated key on card" msgstr "Nemožno nájsť vygenerovaný kľúč na karte" #: ../lib/pki_scard.cpp:720 msgctxt "pki_scard|" msgid "Ignoring unsupported token key" msgstr "Ignorovanie nepodporovaného kľúča tokenu" #: ../lib/pki_scard.cpp:723 #, qt-format msgctxt "pki_scard|" msgid "Wrong Size %1" msgstr "Zlá veľkosť %1" #: ../lib/pki_scard.cpp:729 #, qt-format msgctxt "pki_scard|" msgid "Token %1" msgstr "Token %1" #: ../lib/pki_scard.cpp:738 ../lib/pki_scard.cpp:751 msgctxt "pki_scard|" msgid "Failed to find the key on the token" msgstr "Zlyhalo nájdenie kľúča na tokene" #: ../lib/pki_scard.cpp:745 msgctxt "pki_scard|" msgid "Invalid Pin for the token" msgstr "Neplatný PIN tokenu" #: ../lib/pki_scard.cpp:757 msgctxt "pki_scard|" msgid "Failed to initialize the key on the token" msgstr "Zlyhal inicializácia kľúča na tokene" #: ../lib/pki_temp.cpp:123 #, qt-format msgctxt "pki_temp|" msgid "Successfully imported the XCA template '%1'" msgstr "Úspešne importovaná šablóna XCA „%1”" #: ../lib/pki_temp.cpp:124 #, qt-format msgctxt "pki_temp|" msgid "Delete the XCA template '%1'?" msgstr "Odstrániť šablónu XCA „%1”?" #: ../lib/pki_temp.cpp:125 #, qt-format msgctxt "pki_temp|" msgid "Successfully created the XCA template '%1'" msgstr "Úspešne vytvorená šablóna XCA „%1”" #: ../lib/pki_temp.cpp:127 #, qt-format msgctxt "pki_temp|" msgid "Delete the %1 XCA templates: %2?" msgstr "Odstrániť %1 šablón XCA: %2?" #: ../lib/pki_temp.cpp:335 #, qt-format msgctxt "pki_temp|" msgid "Wrong Size %1" msgstr "Zlá veľkosť %1" #: ../lib/pki_temp.cpp:420 msgctxt "pki_temp|" msgid "Template file content error (too small)" msgstr "Chyba obsahu súboru šablóny (príliš malá)" #: ../lib/pki_temp.cpp:469 msgctxt "pki_temp|" msgid "Not a PEM encoded XCA Template" msgstr "Šablóna XCA nie je vo formáte PEM" #: ../lib/pki_temp.cpp:477 #, qt-format msgctxt "pki_temp|" msgid "Not an XCA Template, but '%1'" msgstr "Nie je šablóna XCA, ale „%1”" #: ../lib/pki_x509.cpp:64 #, qt-format msgctxt "pki_x509|" msgid "Successfully imported the certificate '%1'" msgstr "Úspešne importovaný certifikát „%1”" #: ../lib/pki_x509.cpp:65 #, qt-format msgctxt "pki_x509|" msgid "Delete the certificate '%1'?" msgstr "Odstrániť certifikát „%1”?" #: ../lib/pki_x509.cpp:66 #, qt-format msgctxt "pki_x509|" msgid "Successfully created the certificate '%1'" msgstr "Úspešne vytvorený certifikát „%1”" #: ../lib/pki_x509.cpp:68 #, qt-format msgctxt "pki_x509|" msgid "Delete the %1 certificates: %2?" msgstr "Odstrániť %1 certifikátov: %2?" #: ../lib/pki_x509.cpp:229 #, qt-format msgctxt "pki_x509|" msgid "" "Unable to load the certificate in file %1. Tried PEM and DER certificate." msgstr "" "Nemožno načítať certifikát zo súboru %1. Vyskúšaný certifikát PEM a DER." #: ../lib/pki_x509.cpp:374 msgctxt "pki_x509|" msgid "This certificate is already on the security token" msgstr "Tento certifikát už je na bezpečnostnom tokene" #: ../lib/pki_x509.cpp:437 #, qt-format msgctxt "pki_x509|" msgid "Delete the certificate '%1' from the token '%2 (#%3)'?" msgstr "Odstrániť certifikát „%1” z tokenu „%2 (#%3)”?" #: ../lib/pki_x509.cpp:570 msgctxt "pki_x509|" msgid "There is no key for signing !" msgstr "Chýba kľúč na podpísanie!" #: ../lib/pki_x509.cpp:631 #, qt-format msgctxt "pki_x509|" msgid "Wrong Size %1" msgstr "Zlá veľkosť %1" #: ../lib/pki_x509.cpp:919 msgctxt "pki_x509|" msgid "No" msgstr "Nie" #: ../lib/pki_x509.cpp:921 msgctxt "pki_x509|" msgid "Yes" msgstr "Áno" #: ../lib/pki_x509.cpp:951 #, qt-format msgctxt "pki_x509|" msgid "Renew certificate: %1" msgstr "Obnoviť certifikát: %1" #: ../lib/pki_x509.cpp:952 #, qt-format msgctxt "pki_x509|" msgid "" "The XCA certificate '%1', issued on %2 will expire on %3.\n" "It is stored in the XCA database '%4'" msgstr "" "Certifikát XCA „%1”, vydaný %2 vyprší %3.\n" "Je uložený v databáze XCA „%4”" #: ../lib/pki_x509req.cpp:110 msgctxt "pki_x509req|" msgid "Signing key not valid (public key)" msgstr "Podpisujúci kľúč neplatný (verejný kľúč)" #: ../lib/pki_x509req.cpp:152 #, qt-format msgctxt "pki_x509req|" msgid "Successfully imported the %1 certificate request '%2'" msgstr "úspešne importovaná %1 žiadosť o certifikát „%2”" #: ../lib/pki_x509req.cpp:153 #, qt-format msgctxt "pki_x509req|" msgid "Delete the %1 certificate request '%2'?" msgstr "Odstrániť %1 žiadosť o certifikát „%2”?" #: ../lib/pki_x509req.cpp:154 #, qt-format msgctxt "pki_x509req|" msgid "Successfully created the %1 certificate request '%2'" msgstr "Úspešne vytvorená %1 žiadosť o certifikát „%2”" #: ../lib/pki_x509req.cpp:156 #, qt-format msgctxt "pki_x509req|" msgid "Delete the %1 certificate requests: %2?" msgstr "Odstrániť %1 žiadosť o certifikát: %2?" #: ../lib/pki_x509req.cpp:184 #, qt-format msgctxt "pki_x509req|" msgid "" "Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC " "format." msgstr "" "Nemožno načítať žiadosť o certifikát zo súboru %1. Vyskúšané formáty PEM, " "DER a SPKAC." #: ../lib/pki_x509req.cpp:216 #, qt-format msgctxt "pki_x509req|" msgid "Wrong Size %1" msgstr "Zlá veľkosť %1" #: ../lib/pki_x509req.cpp:383 msgctxt "pki_x509req|" msgid "Signed" msgstr "Podpísaný" #: ../lib/pki_x509req.cpp:383 msgctxt "pki_x509req|" msgid "Unhandled" msgstr "Nespracované" #: ../ui/v3ext.ui:26 msgctxt "v3ext|" msgid "Copy Common Name" msgstr "Kopírovať bežný názov" #: ../ui/v3ext.ui:56 msgctxt "v3ext|" msgid "Add" msgstr "Pridať" #: ../ui/v3ext.ui:63 msgctxt "v3ext|" msgid "Delete" msgstr "Odstrániť" #: ../ui/v3ext.ui:89 msgctxt "v3ext|" msgid "Apply" msgstr "Použiť" #: ../ui/v3ext.ui:96 msgctxt "v3ext|" msgid "Validate" msgstr "Overiť" #: ../ui/v3ext.ui:125 msgctxt "v3ext|" msgid "Cancel" msgstr "Zrušiť" #: ../widgets/v3ext.cpp:75 msgctxt "v3ext|" msgid "An email address or 'copy'" msgstr "Emailová adresa alebo „copy”" #: ../widgets/v3ext.cpp:77 msgctxt "v3ext|" msgid "An email address" msgstr "Emailová adresa" #: ../widgets/v3ext.cpp:79 msgctxt "v3ext|" msgid "A registered ID: OBJECT IDENTIFIER" msgstr "Registrované ID: IDENTIFIKÁTOR OBJEKTU" #: ../widgets/v3ext.cpp:83 msgctxt "v3ext|" msgid "A uniform resource indicator" msgstr "Jednotný indikátor zdroja" #: ../widgets/v3ext.cpp:88 msgctxt "v3ext|" msgid "A DNS domain name or 'copycn'" msgstr "Doménové meno DNS alebo „copycn”" #: ../widgets/v3ext.cpp:90 msgctxt "v3ext|" msgid "A DNS domain name" msgstr "Doménové meno DNS" #: ../widgets/v3ext.cpp:92 msgctxt "v3ext|" msgid "An IP address" msgstr "Adresa IP" #: ../widgets/v3ext.cpp:95 msgctxt "v3ext|" msgid "Syntax: ;TYPE:text like '1.2.3.4:UTF8:name'" msgstr "Syntax: ;TYP:text ako '1.2.3.4:UTF8:názov'" #: ../widgets/v3ext.cpp:99 msgctxt "v3ext|" msgid "No editing. Only 'copy' allowed here" msgstr "Neupravovať. Je tu dovolené len „copy”" #: ../widgets/v3ext.cpp:168 #, qt-format msgctxt "v3ext|" msgid "" "Validation failed:\n" "'%1'\n" "%2" msgstr "" "Overenie zlyhalo:\n" "„%1”\n" "%2" #: ../widgets/v3ext.cpp:173 #, qt-format msgctxt "v3ext|" msgid "" "Validation successful:\n" "'%1'" msgstr "" "Overenie úspešné:\n" "„%1”" #: ../widgets/XcaWarning.cpp:121 msgctxt "xcaWarning|" msgid "The following error occurred:" msgstr "Nastala nasledujúca chyba:" #: ../widgets/XcaWarning.cpp:124 msgctxt "xcaWarning|" msgid "Copy to Clipboard" msgstr "Kopírovať do schránky" #~ msgctxt "MainWindow|" #~ msgid "No deleted items found" #~ msgstr "Nenájdené žiadne zmazané položky" #, qt-format #~ msgctxt "MainWindow|" #~ msgid "no such option: %1" #~ msgstr "neznáma voľba: %1" #~ msgctxt "OpenDb|" #~ msgid "" #~ "The database driver does not support transactions. This may happen if the " #~ "client and server have different versions. Continue with care." #~ msgstr "" #~ "Ovládač databázy nepodporuje transakcie. Toto môže nastať, ak majú kleint " #~ "a server rôzne verzie. Pokračujte s opatrnosťou." #~ msgctxt "PwDialog|" #~ msgid "E&xit" #~ msgstr "S&končiť" #~ msgctxt "db_x509|" #~ msgid "Plain View" #~ msgstr "Prosté zobrazenie" #, qt-format #~ msgctxt "pki_evp|" #~ msgid "Failed to decrypt the key (bad password) %1" #~ msgstr "Zlyhalo dešifrovanie kľúča (zlé heslo) %1" #~ msgctxt "pki_scard|" #~ msgid "Illegal Key generation method" #~ msgstr "Neprípustná metóda generovania kľúča" #~ msgctxt "QObject|" #~ msgid "DB: Rename: '%1' already in use" #~ msgstr "Premenovanie DB: „%1” už je použité" #~ msgctxt "QObject|" #~ msgid "DB: Entry to rename not found: %1" #~ msgstr "DB: Položka na premenovanie nenájdená: %1" #~ msgctxt "QObject|" #~ msgid "DB: Write error %1 - %2" #~ msgstr "DB: Chyba zápisu %1 – %2" #~ msgctxt "pki_base|" #~ msgid "Error opening file: '%1': %2" #~ msgstr "Chyba otvorenia súboru: „%1”: %2" #~ msgctxt "MainWindow|" #~ msgid "&Token" #~ msgstr "&Token" #~ msgctxt "MainWindow|" #~ msgid "&Content" #~ msgstr "&Obsah" #~ msgctxt "MainWindow|" #~ msgid "Error opening file: '%1': %2" #~ msgstr "Chyba otvorenia súboru: „%1”: %2" #~ msgctxt "db_base|" #~ msgid "Error opening file: '%1': %2" #~ msgstr "Chyba otvorenia súboru: „%1”: %2" #~ msgctxt "db_x509|" #~ msgid "Error opening file: '%1': %2" #~ msgstr "Chyba otvorenia súboru: „%1”: %2" #~ msgctxt "pki_base|" #~ msgid "Error writing to file: '%1': %2" #~ msgstr "Chyba zápisu do súboru „%1”: %2" #~ msgctxt "pki_crl|" #~ msgid "unknown" #~ msgstr "neznáme" #~ msgctxt "pki_scard|" #~ msgid "Public Key mismatch. Please re-import card" #~ msgstr "Nezhoda verejného kľúča. Prosím, znova importujte kartu" #~ msgctxt "pki_temp|" #~ msgid "Template file content error (too small): %1" #~ msgstr "Chyba obsahu súboru šablóny (príliš malá): %1" xca-RELEASE.2.5.0/lang/tr.po000066400000000000000000001444021450407711300152650ustar00rootroot00000000000000# Turkish translation for xca # Copyright (c) 2010 Rosetta Contributors and Canonical Ltd 2010 # This file is distributed under the same license as the xca package. # FIRST AUTHOR , 2010. # msgid "" msgstr "" "Project-Id-Version: xca\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2011-04-30 08:24+0200\n" "PO-Revision-Date: 2011-04-28 09:11+0000\n" "Last-Translator: Mesut YETER \n" "Language-Team: Turkish \n" "Language: tr\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "X-Launchpad-Export-Date: 2011-04-30 05:52+0000\n" "X-Generator: Launchpad (build 12915)\n" #: About#1 msgid "Done" msgstr "Bitti" #: CaProperties#1 msgid "CA Properties" msgstr "CA Özellikleri" #: CaProperties#2 msgid "Use random Serial numbers" msgstr "Değişken Seri numaralar kullan" #: CaProperties#3 msgid "Days until next CRL issuing" msgstr "" #: CaProperties#4 msgid "Default template" msgstr "Varsayılan şablon" #: CaProperties#5 msgid "Next serial for signing" msgstr "İmza için sonraki seri" #: CertDetail#1 msgid "Details of the Certificate" msgstr "Sertifika bilgileri" #: CertDetail#2 msgid "S&tatus" msgstr "&Durum" #: CertDetail#3 msgctxt "CertDetail#3" msgid "Serial" msgstr "Seri" #: CertDetail#4 msgid "The serial number of the certificate" msgstr "Sertifika seri numarası" #: CertDetail#5 msgid "The internal name of the certificate in the database" msgstr "Sertifika veritabanındaki isim" #: CertDetail#6 msgctxt "CertDetail#6" msgid "Internal name" msgstr "Dahili adı" #: CertDetail#7 msgctxt "CertDetail#7" msgid "Signature algorithm" msgstr "İmza algoritması" #: CertDetail#8 msgctxt "CertDetail#8" msgid "Signature" msgstr "İmza" #: CertDetail#9 msgctxt "CertDetail#9" msgid "Key" msgstr "Anahtar" #: CertDetail#10 msgid "Fingerprints" msgstr "Parmak izleri" #: CertDetail#11 msgid "SHA1" msgstr "SHA1" #: CertDetail#12 msgid "MD5" msgstr "MD5" #: CertDetail#13 msgid "A SHA-1 hashsum of the certificate" msgstr "A SHA-1 hashsum sertifikası" #: CertDetail#14 msgid "An md5 hashsum of the certificate" msgstr "An md5 hassum sertifikası" #: CertDetail#15 msgctxt "CertDetail#15" msgid "Validity" msgstr "Geçerlilik" #: CertDetail#16 msgid "The time since the certificate is valid" msgstr "Zamana kadar geçerli sertifika" #: CertDetail#17 msgid "The time until the certificate is valid" msgstr "Bu zaman kadar sertifika geçerli" #: CertDetail#18 msgid "&Subject" msgstr "&Konu" #: CertDetail#19 msgctxt "CertDetail#19" msgid "&Issuer" msgstr "&veren" #: CertDetail#20 msgid "Attributes" msgstr "Nitelikler" #: CertDetail#21 msgctxt "CertDetail#21" msgid "&Extensions" msgstr "&Uzantıları" #: CertDetail#22 msgid "Show config" msgstr "Yapılandırmayı göster" #: CertDetail#23 msgid "Show extensions" msgstr "Uzantıları göster" #: CertDetail#24 msgctxt "CertDetail#24" msgid "Not available" msgstr "Kullanılamaz" #: CertDetail#25 msgid "Details of the certificate" msgstr "Sertifika detayları" #: CertDetail#26 msgid "Signer unknown" msgstr "Bilinmeyen imzalayan makam" #: CertDetail#27 msgid "Self signed" msgstr "Kendinden imzalı" #: CertDetail#28 msgctxt "CertDetail#28" msgid "Not trusted" msgstr "Güvenilmeyen" #: CertDetail#29 msgid "Trusted" msgstr "Güvenilir" #: CertDetail#30 msgid "Revoked: " msgstr "İptaledilmiş " #: CertDetail#31 msgid "Not valid" msgstr "Geçersiz" #: CertDetail#32 msgid "Valid" msgstr "Geçerli" #: CertDetail#33 msgid "Details of the certificate signing request" msgstr "sertifika imzalama isteği detayları" #: CertExtend#1 msgid "Certificate renewal" msgstr "Sertifika yenileme" #: CertExtend#2 msgid "" "This will create a new certificate as a copy of the old one with a new " "serial number and adjusted validity values." msgstr "" "Bu yeni bir seri numarası ve düzeltilmiş geçerlilik değerleri ile eski bir " "kopyası olarak yeni bir sertifika oluşturur." #: CertExtend#3 msgctxt "CertExtend#3" msgid "Validity" msgstr "Geçerlilik" #: CertExtend#4 msgctxt "CertExtend#4" msgid "Not before" msgstr "Öncedeğil" #: CertExtend#5 msgctxt "CertExtend#5" msgid "Not after" msgstr "Sonradeğil" #: CertExtend#6 msgctxt "CertExtend#6" msgid "Time range" msgstr "Zaman aralığı" #: CertExtend#7 msgctxt "CertExtend#7" msgid "No well-defined expiration" msgstr "Tanımlanmamış son" #: CertExtend#8 msgctxt "CertExtend#8" msgid "Apply" msgstr "Uygula" #: CertExtend#9 msgctxt "CertExtend#9" msgid "Days" msgstr "Gün" #: CertExtend#10 msgctxt "CertExtend#10" msgid "Months" msgstr "Ay" #: CertExtend#11 msgctxt "CertExtend#11" msgid "Years" msgstr "Yıl" #: CertExtend#12 msgctxt "CertExtend#12" msgid "Midnight" msgstr "Gece Yarısı" #: CertExtend#13 msgctxt "CertExtend#13" msgid "" "The certificate will be earlier valid than the signer. This is probably not " "what you want." msgstr "" "Sertifika önceki imzalayandan daha geçerli olacaktır. Muhtemelen istediğiniz " "bu değildir." #: CertExtend#14 msgid "Edit times" msgstr "Zamanı düzenle" #: CertExtend#15 msgctxt "CertExtend#15" msgid "Abort rollout" msgstr "" #: CertExtend#16 msgctxt "CertExtend#16" msgid "Continue rollout" msgstr "" #: CertExtend#17 msgctxt "CertExtend#17" msgid "Adjust date and continue" msgstr "Tarihi düzenler ve devam eder" #: CertExtend#18 msgctxt "CertExtend#18" msgid "" "The certificate will be longer valid than the signer. This is probably not " "what you want." msgstr "" "Sertifika önceki imzalayandan daha geçerli olacaktır. Muhtemelen istediğiniz " "bu değildir." #: CertView#1 msgctxt "CertView#1" msgid "There was no key found for the Certificate: " msgstr "Sertifikadaki anahtar bulunamıyor. " #: CertView#2 msgctxt "CertView#2" msgid "Import Certificate signing request" msgstr "Sertifika imzalama isteği" #: ClickLabel#1 msgid "Double click for details" msgstr "Detaylariçin çift tıklayın" #: CrlDetail#1 msgid "Details of the Revocation list" msgstr "İptal listesi için çift tıklayın" #: CrlDetail#2 msgid "&Status" msgstr "&Durum" #: CrlDetail#3 msgid "Version" msgstr "Sürüm" #: CrlDetail#4 msgctxt "CrlDetail#4" msgid "Signature" msgstr "İmza" #: CrlDetail#5 msgid "Signed by" msgstr "İmzalayan:" #: CrlDetail#6 msgctxt "CrlDetail#6" msgid "Name" msgstr "İsim" #: CrlDetail#7 msgid "The internal name of the CRL in the database" msgstr "CRL veritabanındaki isim" #: CrlDetail#8 msgid "issuing dates" msgstr "Verilen tarih" #: CrlDetail#9 msgid "Next Update" msgstr "Sonraki Güncelleme" #: CrlDetail#10 msgid "Last Update" msgstr "Son Güncelleme" #: CrlDetail#11 msgctxt "CrlDetail#11" msgid "&Issuer" msgstr "&veren" #: CrlDetail#12 msgctxt "CrlDetail#12" msgid "&Extensions" msgstr "&Uzantıları" #: CrlDetail#13 msgid "&Revocation list" msgstr "&İptal listesi" #: CrlDetail#14 msgid "0" msgstr "0" #: CrlDetail#15 msgctxt "CrlDetail#15" msgid "Serial" msgstr "Seri" #: CrlDetail#16 msgctxt "CrlDetail#16" msgid "Revocation" msgstr "İptal" #: CrlDetail#17 msgid "Reason" msgstr "Neden" #: CrlDetail#18 msgid "Invalidation" msgstr "İptal" #: CrlDetail#19 msgid "Failed" msgstr "Başarısız" #: CrlDetail#20 msgid "Unknown signer" msgstr "Bilinmeyen imzalayan" #: CrlDetail#21 msgid "Verification not possible" msgstr "Doğrulama mümkün değil" #: CrlDetail#22 msgid "Unknown certificate" msgstr "Bilinmeyen sertifika" #: ExportCert#1 msgid "X509 Certificates ( *.cer *.crt *.p12 *.p7b);;All files ( * )" msgstr "X509 sertifikası (*cer *.crt *.p12 *.p7b);;Tüm dosyalar (*)" #: ExportCert#2 msgid "" "DER is a binary format of the Certificate\n" "PEM is a base64 encoded Certificate\n" "PKCS#7 is an official Certificate exchange format\n" "PKCS#12 is an encrypted official Key-Certificate exchange format\n" msgstr "" "DER ikili sertifika formatı\n" "PEM base64 kodlu sertifika\n" "PKCS#7 resmi değişim sertifikası\n" "PKCS#12 kriptolu anahtar sertifikası\n" #: ExportCert#3 msgid "Please enter the filename for the certificate." msgstr "Lütfen sertifika ismini giriniz." #: ExportCert#4 msgid "Certificate export" msgstr "Sertifika dışa aktar" #: ExportDer#1 msgctxt "ExportDer#1" msgid "All files ( * )" msgstr "Bütün dosyalar ( * )" #: ExportDer#2 msgid "" "DER is a binary format\n" "PEM is a base64 encoded DER file\n" msgstr "" "DER ikili biçimdir\n" "PEM base64 kodlanmış DER dosyası\n" #: ExportDialog#1 msgid "..." msgstr "..." #: ExportDialog#2 msgid "Filename" msgstr "Dosya adı" #: ExportDialog#3 msgid "Please enter the filename" msgstr "Lütfen dosya adını giriniz" #: ExportDialog#4 msgid "Export Format" msgstr "Verme biçimi" #: ExportDialog#5 msgid "The file: '%1' already exists!" msgstr "Dosya: 2%1' zaten var" #: ExportDialog#6 msgid "Overwrite" msgstr "Üzerine yaz" #: ExportDialog#7 msgid "Do not overwrite" msgstr "Üzerine yazmayın" #: ExportKey#1 msgid "When exporting the private key it should be encrypted." msgstr "Özel anahtar dışa aktarılırken şifreli olmalıdır." #: ExportKey#2 msgid "When exporting the private part, it should be encrypted." msgstr "Özel bölüm aktarılırken şifreli olmalıdır." #: ExportKey#3 msgid "E&xport the private part of the Key too" msgstr "Dışa aktarılan özel bölüm anahtarı çok" #: ExportKey#4 msgid "Export as PKCS#8" msgstr "PKCS#8 olarak aktar" #: ExportKey#5 msgid "&Encrypt the Key with a password" msgstr "" #: ExportKey#6 msgid "Private keys ( *.pem *.der *.pk8 );;All files ( * )" msgstr "Özel anatarlar (*.pem *.der *.pk8);;Tüm dosyalar ( * )" #: ExportKey#7 msgid "" "DER is a binary format of the key without encryption\n" "PEM is a base64 encoded key with optional encryption\n" "PKCS#8 is an encrypted official Key-exchange format" msgstr "" #: ExportKey#8 msgid "Please enter the filename for the key." msgstr "" #: ExportKey#9 msgid "Public key export" msgstr "" #: ExportKey#10 msgid "Key export" msgstr "" #: Help#1 msgid "<<" msgstr "<<" #: Help#2 msgid ">>" msgstr ">>" #: Help#3 msgctxt "Help#3" msgid "&Done" msgstr "&Bitti" #: ImportMulti#1 msgid "Import PKI Items" msgstr "" #: ImportMulti#2 msgid "Import &All" msgstr "" #: ImportMulti#3 msgctxt "ImportMulti#3" msgid "&Import" msgstr "&İçe Aktar" #: ImportMulti#4 msgctxt "ImportMulti#4" msgid "&Done" msgstr "&Bitti" #: ImportMulti#5 #, fuzzy msgid "&Remove from list" msgstr "&İptal listesi" #: ImportMulti#6 msgid "Details" msgstr "Detaylar" #: ImportMulti#7 msgid "Delete from token" msgstr "" #: ImportMulti#8 msgid "Rename on token" msgstr "" #: ImportMulti#9 msgid "" "\n" "Name: %1\n" "Model: %2\n" "Serial: %3" msgstr "" #: ImportMulti#10 msgid "Manage security token" msgstr "" #: ImportMulti#11 msgid "The type of the Item '%1' is not recognized" msgstr "" #: ImportMulti#12 msgid "Details of the item '%1' cannot be shown" msgstr "" #: ImportMulti#13 msgid "The type of the item '%1' is not recognized" msgstr "" #: ImportMulti#14 msgid "The file '%1' did not contain PKI data" msgstr "" #: ImportMulti#15 msgid "The %1 files: '%2' did not contain PKI data" msgstr "" #: KeyDetail#1 msgctxt "KeyDetail#1" msgid "Name" msgstr "İsim" #: KeyDetail#2 msgid "The internal name of the key used by xca" msgstr "" #: KeyDetail#3 msgctxt "KeyDetail#3" msgid "Security token" msgstr "" #: KeyDetail#4 msgid "Manufacturer" msgstr "" #: KeyDetail#5 msgctxt "KeyDetail#5" msgid "Serial" msgstr "Seri" #: KeyDetail#6 msgctxt "KeyDetail#6" msgid "Key" msgstr "" #: KeyDetail#7 msgid "Public Exponent" msgstr "" #: KeyDetail#8 msgctxt "KeyDetail#8" msgid "Keysize" msgstr "" #: KeyDetail#9 msgid "Private Exponent" msgstr "" #: KeyDetail#10 msgid "Modulus" msgstr "" #: KeyDetail#11 msgid "Details of the %1 key" msgstr "" #: KeyDetail#12 msgctxt "KeyDetail#12" msgid "Not available" msgstr "" #: KeyDetail#13 msgid "Token" msgstr "" #: KeyDetail#14 msgid "Security token ID:%1" msgstr "" #: KeyDetail#15 msgid "Available" msgstr "" #: KeyDetail#16 msgid "Sub prime" msgstr "" #: KeyDetail#17 msgid "Public key" msgstr "" #: KeyDetail#18 msgctxt "KeyDetail#18" msgid "Private key" msgstr "" #: KeyDetail#19 msgid "Curve name" msgstr "" #: KeyDetail#20 msgid "Unknown key" msgstr "" #: MainWindow#1 msgid "Private Keys" msgstr "" #: MainWindow#2 msgid "&New Key" msgstr "" #: MainWindow#3 msgid "&Export" msgstr "" #: MainWindow#4 msgctxt "MainWindow#4" msgid "&Import" msgstr "" #: MainWindow#5 msgid "Import PFX (PKCS#12)" msgstr "" #: MainWindow#6 msgid "&Show Details" msgstr "" #: MainWindow#7 msgid "&Delete" msgstr "&Sil" #: MainWindow#8 msgid "Certificate signing requests" msgstr "" #: MainWindow#9 msgid "&New Request" msgstr "" #: MainWindow#10 msgid "Certificates" msgstr "Sertifikalar" #: MainWindow#11 msgid "&New Certificate" msgstr "" #: MainWindow#12 msgid "Import &PKCS#12" msgstr "" #: MainWindow#13 msgid "Import P&KCS#7" msgstr "" #: MainWindow#14 msgctxt "MainWindow#14" msgid "Plain View" msgstr "" #: MainWindow#15 msgid "Templates" msgstr "" #: MainWindow#16 msgid "&New template" msgstr "" #: MainWindow#17 msgid "Ch&ange Template" msgstr "" #: MainWindow#18 msgid "Revocation lists" msgstr "" #: MainWindow#19 msgid "" "Using or exporting private keys will not be possible without providing the " "correct password" msgstr "" #: MainWindow#20 msgid "Database" msgstr "Veri Tabanı" #: MainWindow#21 msgid "No deleted items found" msgstr "" #: MainWindow#22 msgid "&File" msgstr "&Dosya" #: MainWindow#23 msgid "&New DataBase" msgstr "" #: MainWindow#24 msgid "&Open DataBase" msgstr "" #: MainWindow#25 msgid "Generate DH parameter" msgstr "" #: MainWindow#26 msgid "Set as default DataBase" msgstr "" #: MainWindow#27 msgid "&Close DataBase" msgstr "" #: MainWindow#28 msgid "&Dump DataBase" msgstr "" #: MainWindow#29 msgid "C&hange DataBase password" msgstr "" #: MainWindow#30 msgid "&Import old db_dump" msgstr "" #: MainWindow#31 msgid "&Undelete items" msgstr "" #: MainWindow#32 msgid "Options" msgstr "" #: MainWindow#33 msgid "Exit" msgstr "Çıkış" #: MainWindow#34 msgid "I&mport" msgstr "" #: MainWindow#35 msgid "Keys" msgstr "" #: MainWindow#36 msgid "Requests" msgstr "" #: MainWindow#37 msgid "PKCS#12" msgstr "" #: MainWindow#38 msgctxt "MainWindow#38" msgid "PKCS#7" msgstr "" #: MainWindow#39 msgctxt "MainWindow#39" msgid "Template" msgstr "" #: MainWindow#40 msgid "Revocation list" msgstr "" #: MainWindow#41 msgid "PEM file" msgstr "" #: MainWindow#42 msgid "&Token" msgstr "" #: MainWindow#43 msgid "&Manage Security token" msgstr "" #: MainWindow#44 msgid "&Init Security token" msgstr "" #: MainWindow#45 msgid "&Change PIN" msgstr "" #: MainWindow#46 msgid "Change &SO PIN" msgstr "" #: MainWindow#47 msgid "Init PIN" msgstr "" #: MainWindow#48 msgid "&Help" msgstr "&Yardım" #: MainWindow#49 msgid "&Content" msgstr "" #: MainWindow#50 msgid "&About" msgstr "&Hakkında" #: MainWindow#51 msgid "Donations" msgstr "" #: MainWindow#52 msgid "Database dump ( *.dump );;All files ( * )" msgstr "" #: MainWindow#53 msgid "Import password" msgstr "" #: MainWindow#54 msgid "Please enter the password of the old database" msgstr "" #: MainWindow#55 msgid "Password verification error. Ignore keys ?" msgstr "" #: MainWindow#56 msgid "Import anyway" msgstr "" #: MainWindow#57 #, fuzzy msgctxt "MainWindow#57" msgid "Cancel" msgstr "İptal" #: MainWindow#58 msgid "no such option: %1" msgstr "" #: MainWindow#59 msgid "Import PEM data" msgstr "" #: MainWindow#60 msgid "Please enter the original SO PIN (PUK) of the token '%1'" msgstr "" #: MainWindow#61 msgid "Please enter the new SO PIN (PUK) of the token '%1'" msgstr "" #: MainWindow#62 msgid "The new label of the token '%1'" msgstr "" #: MainWindow#63 msgid "The token '%1' did not contain any keys or certificates" msgstr "" #: MainWindow#64 msgid "New Password" msgstr "Yeni Parola" #: MainWindow#65 msgid "" "Please enter the new password to encrypt your private keys in the database-" "file" msgstr "" #: MainWindow#66 msgid "" "Please enter a password, that will be used to encrypt your private keys in " "the database file:\n" "%1" msgstr "" #: MainWindow#67 msgid "Password verify error, please try again" msgstr "" #: MainWindow#68 #, fuzzy msgctxt "MainWindow#68" msgid "Password" msgstr "Parola" #: MainWindow#69 msgid "" "Please enter the password for unlocking the database:\n" "%1" msgstr "" #: MainWindow#70 msgid "The following error occurred:" msgstr "" #: MainWindow#71 msgid "Copy to Clipboard" msgstr "" #: MainWindow#72 msgid "" "Diffie-Hellman paramters are needed for different applications. They are " "neither used by XCA nor stored in the database. After generating them, XCA " "will ask for a filename to store the DH parameters\n" "Please enter the DH parameter bits" msgstr "" #: MainWindow#73 msgctxt "MainWindow#73" msgid "Error opening file: '%1': %2" msgstr "" #: NewCrl#1 msgid "Create CRL" msgstr "" #: NewCrl#2 msgid "Dates" msgstr "" #: NewCrl#3 msgid "last update" msgstr "" #: NewCrl#4 msgid "next update" msgstr "" #: NewCrl#5 msgctxt "NewCrl#5" msgid "Days" msgstr "Gün" #: NewCrl#6 msgctxt "NewCrl#6" msgid "Months" msgstr "Ay" #: NewCrl#7 msgctxt "NewCrl#7" msgid "Years" msgstr "Yıl" #: NewCrl#8 msgctxt "NewCrl#8" msgid "Midnight" msgstr "" #: NewCrl#9 msgctxt "NewCrl#9" msgid "Apply" msgstr "Uygula" #: NewCrl#10 msgid "Hashing algorithm" msgstr "" #: NewCrl#11 msgctxt "NewCrl#11" msgid "Extensions" msgstr "" #: NewCrl#12 msgid "Authority key identifier" msgstr "" #: NewCrl#13 msgid "Subject alternative name" msgstr "" #: NewCrl#14 msgid "CRL Number" msgstr "" #: NewCrl#15 msgid "Revocation reasons" msgstr "" #: NewKey#1 msgid "New key" msgstr "" #: NewKey#2 msgid "Please give a name to the new key and select the desired keysize" msgstr "" #: NewKey#3 msgid "Key properties" msgstr "" #: NewKey#4 msgctxt "NewKey#4" msgid "Name" msgstr "İsim" #: NewKey#5 msgid "The internal name of the new key" msgstr "" #: NewKey#6 msgctxt "NewKey#6" msgid "New Key" msgstr "" #: NewKey#7 msgid "Curve" msgstr "" #: NewKey#8 msgctxt "NewKey#8" msgid "Keysize" msgstr "" #: NewKey#9 msgid "Usually 1024 or 2048 bit keys are used" msgstr "" #: NewKey#10 msgid "Keytype" msgstr "" #: NewKey#11 msgctxt "NewKey#11" msgid "Create" msgstr "Oluştur" #: NewX509#1 msgctxt "NewX509#1" msgid "Create" msgstr "Oluştur" #: NewX509#2 msgid "Source" msgstr "Kaynak" #: NewX509#3 msgid "Signing request" msgstr "" #: NewX509#4 msgid "" "A certificate signing request can be signed, even if the private key of the " "request is not available. This is the intention of a CSR:\n" "Getting signed by a CA certificate, whoes certificate of course must be in " "the database\n" "Of course you need the private key of the CSR if you want to create a self-" "signed cert from it." msgstr "" #: NewX509#5 msgid "Show request" msgstr "" #: NewX509#6 msgid "Sign this Certificate signing &request" msgstr "" #: NewX509#7 msgid "Copy extensions from the request" msgstr "" #: NewX509#8 msgid "Modify subject of the request" msgstr "" #: NewX509#9 msgid "Signing" msgstr "" #: NewX509#10 msgid "Create a &self signed certificate with the serial" msgstr "" #: NewX509#11 msgid "If you leave this blank the serial 00 will be used" msgstr "" #: NewX509#12 msgid "1" msgstr "1" #: NewX509#13 msgid "Use &this Certificate for signing" msgstr "" #: NewX509#14 msgid "All certificates in your database that can create valid signatures" msgstr "" #: NewX509#15 msgid "" "This list contains all certificates with the CA-flag set to true and whoes " "private key is present in the key-database.\n" "If this list is disabled, you only can create a self-signed certificate." msgstr "" #: NewX509#16 msgctxt "NewX509#16" msgid "Signature algorithm" msgstr "" #: NewX509#17 msgid "Template for the new certificate" msgstr "" #: NewX509#18 msgid "All available templates" msgstr "" #: NewX509#19 msgid "This list contains all templates from the toplevel template Tab" msgstr "" #: NewX509#20 msgid "Apply extensions" msgstr "" #: NewX509#21 msgid "Apply subject" msgstr "" #: NewX509#22 msgid "Apply all" msgstr "" #: NewX509#23 msgctxt "NewX509#23" msgid "Subject" msgstr "Konu" #: NewX509#24 msgid "Organisation" msgstr "Organizasyon" #: NewX509#25 msgid "" "This name is only used internally and does not appear in the resulting " "certificate" msgstr "" #: NewX509#26 msgid "Must be exactly 2 letter of size (DE, UK)" msgstr "" #: NewX509#27 msgid "Country code" msgstr "Ülke kodu" #: NewX509#28 msgid "State or Province" msgstr "" #: NewX509#29 msgid "Locality" msgstr "" #: NewX509#30 msgid "Organisational unit" msgstr "" #: NewX509#31 msgid "E-Mail address" msgstr "E-posta adresi" #: NewX509#32 msgctxt "NewX509#32" msgid "Internal name" msgstr "Dahili adı" #: NewX509#33 msgid "Common name" msgstr "" #: NewX509#34 msgctxt "NewX509#34" msgid "Add" msgstr "Ekle" #: NewX509#35 msgctxt "NewX509#35" msgid "Delete" msgstr "Sil" #: NewX509#36 msgctxt "NewX509#36" msgid "Private key" msgstr "" #: NewX509#37 msgid "This list only contains unused keys" msgstr "" #: NewX509#38 msgid "Used keys too" msgstr "" #: NewX509#39 msgid "&Generate a new key" msgstr "" #: NewX509#40 msgctxt "NewX509#40" msgid "Extensions" msgstr "" #: NewX509#41 msgid "Basic constraints" msgstr "" #: NewX509#42 msgctxt "NewX509#42" msgid "Type" msgstr "Tür" #: NewX509#43 msgid "If this will become a CA certificate or not" msgstr "" #: NewX509#44 msgid "" "Set this to TRUE if you want to create a CA certificate that signs other " "certificates.\n" "This is always set to FALSE for client or server certificates. In most cases " "self-signed certificates are CA certificates.\n" "Self-signed non-CA certificates are unusual although they are possible." msgstr "" #: NewX509#45 msgid "Not defined" msgstr "" #: NewX509#46 msgid "Certification Authority" msgstr "" #: NewX509#47 msgid "End Entity" msgstr "" #: NewX509#48 msgid "Path length" msgstr "" #: NewX509#49 msgid "How much CAs may be below this." msgstr "" #: NewX509#50 msgid "" "If this is left empty the pathlen is not included in the certificate. " "Otherwise it distinguishes the count of chained CA certificates below this " "one.\n" "A pathlen of 0 means, that this certificate may not issue other sub-CA " "certificates. Although it can do it, all chain-checking algorithms in e.g. " "your browser or openssl will (should) fail." msgstr "" #: NewX509#51 msgid "The basic constraints should always be critical" msgstr "" #: NewX509#52 msgid "Key identifier" msgstr "" #: NewX509#53 msgid "Creates a hash of the key following the PKIX guidelines" msgstr "" #: NewX509#54 msgid "Copy the Subject Key Identifier from the issuer" msgstr "" #: NewX509#55 msgid "" "If this box is checked an attempt is made to copy the subject key identifier " "from the signing certificate.\n" "It also copies the issuer and serial number from the issuer certificate. " "Normally this will only be done if the keyid option fails." msgstr "" #: NewX509#56 msgctxt "NewX509#56" msgid "Validity" msgstr "" #: NewX509#57 msgctxt "NewX509#57" msgid "Not before" msgstr "" #: NewX509#58 msgctxt "NewX509#58" msgid "Not after" msgstr "" #: NewX509#59 msgctxt "NewX509#59" msgid "Time range" msgstr "" #: NewX509#60 msgctxt "NewX509#60" msgid "Days" msgstr "Gün" #: NewX509#61 msgctxt "NewX509#61" msgid "Months" msgstr "Ay" #: NewX509#62 msgctxt "NewX509#62" msgid "Years" msgstr "Yıl" #: NewX509#63 msgctxt "NewX509#63" msgid "Apply" msgstr "Uygula" #: NewX509#64 msgid "Set the time to 00:00:00 and 23:59:59 respectively" msgstr "" #: NewX509#65 msgctxt "NewX509#65" msgid "Midnight" msgstr "" #: NewX509#66 msgctxt "NewX509#66" msgid "No well-defined expiration" msgstr "" #: NewX509#67 msgid "Authority Info Access" msgstr "" #: NewX509#68 msgid "CRL distribution point" msgstr "" #: NewX509#69 msgid "issuer alternative name" msgstr "" #: NewX509#70 msgid "URI:" msgstr "" #: NewX509#71 msgid "" "This is a multi-valued extension that supports all the literal options of " "subject alternative name. Of the few software packages that currentlyi " "nterpret this extension most only interpret the URI option.\n" "Currently each option will set a new DistributionPoint with the fullName " "field set to the given value.\n" "Other fields like cRLissuer and reasons cannot currently be set or " "displayed: at this time no examples were available that used these fields.\n" "If you see this extension with when you attempt to print it " "out or it doesn't appear to display correctly then let steve know, including " "the certificate (mail steve at openssl dot org) .\n" "Examples:\n" "URI:http://www.myhost.com/myca.crl\n" "URI:http://www.my.com/my.crl, URI:http://www.oth.com/my.crl" msgstr "" #: NewX509#72 msgid "can be altered by the file \"aia.txt\"" msgstr "" #: NewX509#73 msgid "Edit" msgstr "Düzenle" #: NewX509#74 msgid "DNS: IP: URI: email: RID:" msgstr "" #: NewX509#75 msgid "" "The authority information access extension gives details about how to access " "certain information relating to the CA. Its syntax is accessOID;location " "where 'location' has the same syntax as subject alternative name (except " "that email:copy is not supported). accessOID can be any valid OID but only " "certain values are meaningful for example OCSP and caIssuers. OCSP gives the " "location of an OCSP responder: this is used by Netscape PSM and other " "software.\n" "\n" "Example:\n" "\n" "OCSP;URI:http://ocsp.my.host/\n" "caIssuers;URI:http://my.ca/ca.html" msgstr "" #: NewX509#76 msgid "" "The subject alternative name extension allows various literal values to be " "used. These include \"email\" (an email address) , \"URI\" a uniform " "resource indicator, \"DNS\" (a DNS domain name) , RID (a registered ID: " "OBJECT IDENTIFIER) and IP (an IP address).\n" "Examples:\n" "email:my@other.address, IP: 1.1.1.1 , URI:http://my.url.here/\n" "email:my@other.address, RID:1.2.3.4, DNS: ns.server.tld" msgstr "" #: NewX509#77 msgid "subject alternative name" msgstr "" #: NewX509#78 msgid "" "The issuer alternative name extension allows various literal values to be " "used. These include \"email\" (an email address) , \"URI\" a uniform " "resource indicator, \"DNS\" (a DNS domain name), RID (a registered ID: " "OBJECT IDENTIFIER) and IP (an IP address).\n" "Examples:\n" "email:my@other.address, IP: 1.1.1.1 , URI:http://my.url.here/\n" "email:my@other.address, RID:1.2.3.4, DNS: ns.server.tld" msgstr "" #: NewX509#79 msgid "Key usage" msgstr "" #: NewX509#80 msgid "Extended key usage" msgstr "" #: NewX509#81 msgid "Netscape" msgstr "" #: NewX509#82 msgid "CA Revocation URL" msgstr "" #: NewX509#83 msgid "Revocation URL" msgstr "" #: NewX509#84 msgid "SSL server name" msgstr "" #: NewX509#85 msgid "Certificate renewal URL" msgstr "" #: NewX509#86 msgid "Comment" msgstr "" #: NewX509#87 msgid "CA policy URL" msgstr "" #: NewX509#88 msgid "Base URL" msgstr "" #: NewX509#89 msgid "If you know a more pretty one tell me" msgstr "" #: NewX509#90 msgid "Advanced" msgstr "Gelişmiş" #: NewX509#91 msgctxt "NewX509#91" msgid "Validate" msgstr "" #: NewX509#92 msgid "Create a &self signed certificate with a MD5-hashed QA serial" msgstr "" #: NewX509#93 msgid "Create Certificate signing request" msgstr "" #: NewX509#94 msgid "minimum size: %1" msgstr "" #: NewX509#95 msgid "maximum size: %1" msgstr "" #: NewX509#96 msgid "only a-z A-Z 0-9 '()+,-./:=?" msgstr "" #: NewX509#97 msgid "only 7-bit clean characters" msgstr "" #: NewX509#98 msgid "XCA template" msgstr "" #: NewX509#99 msgid "Create x509 Certificate" msgstr "" #: NewX509#100 msgid "From PKCS#10 request" msgstr "" #: NewX509#101 msgid "Other Tabs" msgstr "" #: NewX509#102 msgid "Advanced Tab" msgstr "" #: NewX509#103 msgid "Errors" msgstr "Hatalar" #: NewX509#104 msgctxt "NewX509#104" msgid "Abort rollout" msgstr "" #: NewX509#105 msgid "The following length restrictions of RFC3280 are violated:" msgstr "" #: NewX509#106 msgid "Edit subject" msgstr "" #: NewX509#107 msgctxt "NewX509#107" msgid "Continue rollout" msgstr "" #: NewX509#108 msgid "" "The verification of the Certificate request failed.\n" "The rollout should be aborted." msgstr "" #: NewX509#109 msgid "Continue anyway" msgstr "" #: NewX509#110 msgid "" "The internal name and the common name are empty.\n" "Please set at least the internal name." msgstr "" #: NewX509#111 msgid "Edit name" msgstr "İsmi Düzenle" #: NewX509#112 msgid "There is no Key selected for signing." msgstr "" #: NewX509#113 msgid "Select key" msgstr "" #: NewX509#114 msgid "" "The following distinguished name entries are empty:\n" "%1\n" "though you have declared them as mandatory in the options menu." msgstr "" #: NewX509#115 msgctxt "NewX509#115" msgid "The key you selected for signing is not a private one." msgstr "" #: NewX509#116 msgid "Select other signer" msgstr "" #: NewX509#117 msgid "Select other key" msgstr "" #: NewX509#118 msgctxt "NewX509#118" msgid "" "The certificate will be earlier valid than the signer. This is probably not " "what you want." msgstr "" #: NewX509#119 msgid "Edit dates" msgstr "" #: NewX509#120 msgctxt "NewX509#120" msgid "Adjust date and continue" msgstr "" #: NewX509#121 msgctxt "NewX509#121" msgid "" "The certificate will be longer valid than the signer. This is probably not " "what you want." msgstr "" #: NewX509#122 msgid "" "The certificate will be out of date before it becomes valid. You most " "probably mixed up both dates." msgstr "" #: NewX509#123 msgid "" "The certificate contains duplicated extensions. Check the validation on the " "advanced tab." msgstr "" #: NewX509#124 msgid "Edit extensions" msgstr "" #: NewX509#125 msgid "Configfile error on line %1\n" msgstr "" #: Options#1 msgid "XCA Options" msgstr "" #: Options#2 msgid "Mandatory subject entries" msgstr "" #: Options#3 msgctxt "Options#3" msgid "Add" msgstr "" #: Options#4 msgctxt "Options#4" msgid "Delete" msgstr "" #: Options#5 msgid "Default hash algorithm" msgstr "" #: Options#6 msgid "String types" msgstr "" #: Options#7 msgid "Suppress success messages" msgstr "" #: Options#8 msgid "PKCS#11 provider" msgstr "" #: Options#9 msgid "Remove" msgstr "" #: Options#10 msgid "Printable string or UTF8 (default)" msgstr "" #: Options#11 msgid "PKIX recommendation in RFC2459" msgstr "" #: Options#12 msgid "No BMP strings, only printable and T61" msgstr "" #: Options#13 msgid "UTF8 strings only (RFC2459)" msgstr "" #: Options#14 msgid "All strings" msgstr "" #: Options#15 msgid "Load failed" msgstr "" #: PwDialog#1 #, fuzzy msgctxt "PwDialog#1" msgid "Password" msgstr "Parola" #: PwDialog#2 msgid "" "The password is parsed as 2-digit hex code. It must have an equal number of " "digits (0-9 and a-f)" msgstr "" #: PwDialog#3 msgid "Take as HEX string" msgstr "" #: PwDialog#4 msgid "Repeat %1" msgstr "" #: PwDialog#5 msgid "%1 mismatch" msgstr "" #: PwDialog#6 msgid "" "Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it " "must consist of an even number of characters" msgstr "" #: PwDialog#7 msgid "E&xit" msgstr "" #: QObject#1 msgid "Undefined" msgstr "" #: QObject#2 msgid "DB: Rename: '%1' already in use" msgstr "" #: QObject#3 msgid "DB: Entry to rename not found: %1" msgstr "" #: QObject#4 msgid "DB: Write error %1 - %2" msgstr "" #: QObject#5 msgid "Out of data" msgstr "" #: QObject#6 msgid "Error finding endmarker of string" msgstr "" #: QObject#7 msgid "Out of Memory at %1:%2" msgstr "" #: QObject#8 msgctxt "QObject#8" msgid "All files ( * )" msgstr "" #: QObject#9 msgid "PKI Keys ( *.pem *.der *.key );;PKCS#8 Keys ( *.p8 *.pk8 );;" msgstr "" #: QObject#10 msgid "Import RSA key" msgstr "" #: QObject#11 msgid "PKCS#10 CSR ( *.pem *.der *.csr );;Netscape Request ( *.spkac *.spc );;" msgstr "" #: QObject#12 msgid "Import Request" msgstr "" #: QObject#13 msgid "Certificates ( *.pem *.der *.crt *.cer );;" msgstr "" #: QObject#14 msgid "Import X.509 Certificate" msgstr "" #: QObject#15 msgid "PKCS#7 data ( *.p7s *.p7m *.p7b );;" msgstr "" #: QObject#16 msgid "Import PKCS#7 Certificates" msgstr "" #: QObject#17 msgid "PKCS#12 Certificates ( *.p12 *.pfx );;" msgstr "" #: QObject#18 msgid "Import PKCS#12 Private Certificate" msgstr "" #: QObject#19 msgid "XCA templates ( *.xca );;" msgstr "" #: QObject#20 msgid "Import XCA Templates" msgstr "" #: QObject#21 msgid "Revocation lists ( *.pem *.der *.crl );;" msgstr "" #: QObject#22 msgid "Import Certificate Revocation List" msgstr "" #: QObject#23 msgid "XCA Databases ( *.xdb );;" msgstr "" #: QObject#24 msgid "Open XCA Database" msgstr "" #: QObject#25 msgid "PKCS#11 library ( *.dll );;" msgstr "" #: QObject#26 msgid "PKCS#11 library ( *.dylib *.so );;" msgstr "" #: QObject#27 msgid "PKCS#11 library ( *.so );;" msgstr "" #: QObject#28 msgid "Open PKCS#11 shared library" msgstr "" #: QObject#29 msgid "PEM files ( *.pem );;" msgstr "" #: QObject#30 msgid "Load PEM encoded file" msgstr "" #: QObject#31 msgid "Please enter the PIN on the PinPad" msgstr "" #: QObject#32 msgid "Please enter the SO PIN (PUK) of the token %1" msgstr "" #: QObject#33 msgid "Please enter the PIN of the token %1" msgstr "" #: QObject#34 msgid "No Security token found" msgstr "" #: QObject#35 msgid "Select" msgstr "" #: QObject#36 msgid "Please enter the new SO PIN (PUK) for the token: '%1'" msgstr "" #: QObject#37 msgid "Please enter the new PIN for the token: '%1'" msgstr "" #: QObject#38 msgid "Required PIN size: %1 - %2" msgstr "" #: QObject#39 msgid "Failed to open PKCS11 library: %1" msgstr "" #: QObject#40 msgid "PKCS#11 function '%1' failed: %2" msgstr "" #: QObject#41 msgid "" "PKCS#11 function '%1' failed: %2\n" "In library %3\n" "%4" msgstr "" #: QObject#42 msgid "Invalid" msgstr "" #: QObject#43 msgid "%1 is shorter than %2 bytes: '%3'" msgstr "" #: QObject#44 msgid "%1 is longer than %2 bytes: '%3'" msgstr "" #: Revoke#1 msgid "Revocation details" msgstr "" #: Revoke#2 msgid "Invalid since" msgstr "" #: Revoke#3 msgid "Revocation reason" msgstr "" #: SelectToken#1 msgid "Select Token" msgstr "" #: SelectToken#2 msgctxt "SelectToken#2" msgid "Security token" msgstr "" #: SelectToken#3 msgid "Please select the security token" msgstr "" #: TrustState#1 msgid "Set trustment of the Certificate" msgstr "" #: TrustState#2 msgid "Trustment" msgstr "" #: TrustState#3 msgid "&Never trust this certificate" msgstr "" #: TrustState#4 msgid "Only &trust this certificate, if we trust the signer" msgstr "" #: TrustState#5 msgid "&Always trust this certificate" msgstr "" #: Validity#1 msgid "yyyy-MM-dd hh:mm" msgstr "" #: db_base#1 msgctxt "db_base#1" msgid "Internal name" msgstr "" #: db_base#2 msgid "Reset" msgstr "" #: db_base#3 msgid "Subject entries" msgstr "" #: db_base#4 msgid "Paste PEM data" msgstr "" #: db_base#5 msgid "Columns" msgstr "" #: db_crl#1 msgid "Signer" msgstr "" #: db_crl#2 msgid "Internal name of the signer" msgstr "" #: db_crl#3 msgid "No. revoked" msgstr "" #: db_crl#4 msgid "Number of revoked certificates" msgstr "" #: db_crl#5 msgid "Last update" msgstr "" #: db_crl#6 msgid "Next update" msgstr "" #: db_crl#7 msgid "CRL number" msgstr "" #: db_crl#8 msgid "" "The revocation list already exists in the database as:\n" "'%1'\n" "and so it was not imported" msgstr "" #: db_crl#9 msgid "CRL ( *.pem *.der *.crl )" msgstr "" #: db_crl#10 msgid "Revocation list export" msgstr "" #: db_crl#11 msgctxt "db_crl#11" msgid "Import" msgstr "" #: db_crl#12 msgctxt "db_crl#12" msgid "Rename" msgstr "" #: db_crl#13 msgctxt "db_crl#13" msgid "Export" msgstr "" #: db_crl#14 msgctxt "db_crl#14" msgid "Clipboard" msgstr "" #: db_crl#15 msgctxt "db_crl#15" msgid "File" msgstr "" #: db_crl#16 msgctxt "db_crl#16" msgid "Delete" msgstr "" #: db_key#1 msgctxt "db_key#1" msgid "Type" msgstr "" #: db_key#2 msgid "Size" msgstr "" #: db_key#3 msgid "Use" msgstr "" #: db_key#4 msgctxt "db_key#4" msgid "Password" msgstr "" #: db_key#5 msgid "" "The key is already in the database as:\n" "'%1'\n" "and is not going to be imported" msgstr "" #: db_key#6 msgid "" "The database already contains the public part of the imported key as\n" "'%1\n" "and will be completed by the new, private part of the key" msgstr "" #: db_key#7 msgid "Key size too small !" msgstr "" #: db_key#8 msgid "You are sure to create a key of the size: %1 ?" msgstr "" #: db_key#9 msgid "" "Shall the original key '%1' be replaced by the key on the token?\n" "This will delete the key '%1' and make it unexportable" msgstr "" #: db_key#10 msgctxt "db_key#10" msgid "New Key" msgstr "" #: db_key#11 msgctxt "db_key#11" msgid "Import" msgstr "" #: db_key#12 msgctxt "db_key#12" msgid "Rename" msgstr "" #: db_key#13 msgctxt "db_key#13" msgid "Show Details" msgstr "" #: db_key#14 msgctxt "db_key#14" msgid "Delete" msgstr "" #: db_key#15 msgctxt "db_key#15" msgid "Export" msgstr "" #: db_key#16 msgid "Change password" msgstr "" #: db_key#17 msgid "Reset password" msgstr "" #: db_key#18 msgid "Change PIN" msgstr "" #: db_key#19 msgid "Init PIN with SO PIN (PUK)" msgstr "" #: db_key#20 msgid "Change SO PIN (PUK)" msgstr "" #: db_key#21 msgid "Store on Security token" msgstr "" #: db_key#22 msgid "Tried to change password of a token" msgstr "" #: db_key#23 msgid "Tried to change PIN of a key" msgstr "" #: db_key#24 msgid "Tried to init PIN of a key" msgstr "" #: db_key#25 msgid "Tried to change SO PIN of a key" msgstr "" #: db_temp#1 msgctxt "db_temp#1" msgid "Type" msgstr "" #: db_temp#2 msgid "Bad template: %1" msgstr "" #: db_temp#3 msgid "Nothing" msgstr "" #: db_temp#4 msgid "Preset Template values" msgstr "" #: db_temp#5 msgid "copy" msgstr "" #: db_temp#6 msgid "Save template as" msgstr "" #: db_temp#7 msgid "XCA templates ( *.xca);; All files ( * )" msgstr "" #: db_temp#8 msgid "New Template" msgstr "" #: db_temp#9 msgctxt "db_temp#9" msgid "Import" msgstr "" #: db_temp#10 msgctxt "db_temp#10" msgid "Rename" msgstr "" #: db_temp#11 msgctxt "db_temp#11" msgid "Export" msgstr "" #: db_temp#12 msgid "Change" msgstr "" #: db_temp#13 msgctxt "db_temp#13" msgid "Delete" msgstr "" #: db_temp#14 msgid "Duplicate" msgstr "" #: db_temp#15 msgid "Create certificate" msgstr "" #: db_temp#16 msgid "Create request" msgstr "" #: db_x509#1 msgid "CA" msgstr "" #: db_x509#2 msgid "reflects the basic Constraints extension" msgstr "" #: db_x509#3 msgctxt "db_x509#3" msgid "Serial" msgstr "" #: db_x509#4 msgid "md5 fingerprint" msgstr "" #: db_x509#5 msgid "sha1 fingerprint" msgstr "" #: db_x509#6 msgid "Start date" msgstr "" #: db_x509#7 msgid "not Before" msgstr "" #: db_x509#8 msgid "Expiry date" msgstr "" #: db_x509#9 msgid "not After" msgstr "" #: db_x509#10 msgid "Trust state" msgstr "" #: db_x509#11 msgctxt "db_x509#11" msgid "Revocation" msgstr "" #: db_x509#12 msgctxt "db_x509#12" msgid "Plain View" msgstr "" #: db_x509#13 msgid "Tree View" msgstr "" #: db_x509#14 msgid "" "The certificate already exists in the database as:\n" "'%1'\n" "and so it was not imported" msgstr "" #: db_x509#15 msgid "Invalid public key" msgstr "" #: db_x509#16 msgid "Please enter the new hexadecimal secret number for the QA process." msgstr "" #: db_x509#17 msgid "The QA process has been terminated by the user." msgstr "" #: db_x509#18 msgctxt "db_x509#18" msgid "The key you selected for signing is not a private one." msgstr "" #: db_x509#19 msgid "Store the certificate to the key on the token '%1 (#%2)' ?" msgstr "" #: db_x509#20 msgid "New Certificate" msgstr "" #: db_x509#21 #, fuzzy msgctxt "db_x509#21" msgid "Import" msgstr "&İçe Aktar" #: db_x509#22 msgid "Import PKCS#12" msgstr "" #: db_x509#23 msgid "Import from PKCS#7" msgstr "" #: db_x509#24 #, fuzzy msgctxt "db_x509#24" msgid "Rename" msgstr "Dosya adı" #: db_x509#25 #, fuzzy msgctxt "db_x509#25" msgid "Show Details" msgstr "Detaylar" #: db_x509#26 msgctxt "db_x509#26" msgid "Extract public Key" msgstr "" #: db_x509#27 #, fuzzy msgctxt "db_x509#27" msgid "Export" msgstr "Verme biçimi" #: db_x509#28 msgctxt "db_x509#28" msgid "Clipboard" msgstr "" #: db_x509#29 #, fuzzy msgctxt "db_x509#29" msgid "File" msgstr "&Dosya" #: db_x509#30 msgid "Request" msgstr "" #: db_x509#31 msgctxt "db_x509#31" msgid "Security token" msgstr "" #: db_x509#32 msgid "Other token" msgstr "" #: db_x509#33 msgctxt "db_x509#33" msgid "Template" msgstr "" #: db_x509#34 #, fuzzy msgctxt "db_x509#34" msgid "OpenSSL config" msgstr "Yapılandırmayı göster" #: db_x509#35 #, fuzzy msgctxt "db_x509#35" msgid "Delete" msgstr "Sil" #: db_x509#36 msgid "Delete from Security token" msgstr "" #: db_x509#37 msgid "Trust" msgstr "" #: db_x509#38 msgid "Properties" msgstr "" #: db_x509#39 msgid "Generate CRL" msgstr "" #: db_x509#40 msgctxt "db_x509#40" msgid "PKCS#7" msgstr "" #: db_x509#41 #, fuzzy msgctxt "db_x509#41" msgid "Sign" msgstr "İmzalayan:" #: db_x509#42 msgid "Encrypt" msgstr "" #: db_x509#43 msgid "Renewal" msgstr "" #: db_x509#44 msgid "Unrevoke" msgstr "" #: db_x509#45 msgid "Revoke" msgstr "" #: db_x509#46 msgid "There was no key found for the Certificate: '%1'" msgstr "" #: db_x509#47 msgid "Not possible for a token key: '%1'" msgstr "" #: db_x509#48 msgid "Not possible for the token-key Certificate '%1'" msgstr "" #: db_x509#49 msgid " days" msgstr "" #: db_x509name#1 msgctxt "db_x509name#1" msgid "Subject" msgstr "" #: db_x509name#2 msgid "Complete distinguished name" msgstr "" #: db_x509name#3 msgid "Subject hash" msgstr "" #: db_x509name#4 msgid "Hash to lookup certs in directories" msgstr "" #: db_x509req#1 msgctxt "db_x509req#1" msgid "Signed" msgstr "" #: db_x509req#2 msgid "whether the request is already signed or not" msgstr "" #: db_x509req#3 msgid "Unstructured name" msgstr "" #: db_x509req#4 #, fuzzy msgid "Challenge password" msgstr "Yeni Parola" #: db_x509req#5 msgid "" "The certificate signing request already exists in the database as\n" "'%1'\n" "and thus was not stored" msgstr "" #: db_x509req#6 msgid "Certificate request ( *.pem *.der *.crl )" msgstr "" #: db_x509req#7 msgid "Certificate request export" msgstr "" #: db_x509req#8 msgid "New Request" msgstr "" #: db_x509req#9 msgctxt "db_x509req#9" msgid "Import" msgstr "" #: db_x509req#10 msgctxt "db_x509req#10" msgid "Extract public Key" msgstr "" #: db_x509req#11 msgctxt "db_x509req#11" msgid "Rename" msgstr "" #: db_x509req#12 msgctxt "db_x509req#12" msgid "Show Details" msgstr "" #: db_x509req#13 msgctxt "db_x509req#13" msgid "Sign" msgstr "" #: db_x509req#14 msgctxt "db_x509req#14" msgid "Export" msgstr "" #: db_x509req#15 msgctxt "db_x509req#15" msgid "Clipboard" msgstr "" #: db_x509req#16 msgctxt "db_x509req#16" msgid "File" msgstr "" #: db_x509req#17 msgctxt "db_x509req#17" msgid "Template" msgstr "" #: db_x509req#18 #, fuzzy msgctxt "db_x509req#18" msgid "OpenSSL config" msgstr "Yapılandırmayı göster" #: db_x509req#19 #, fuzzy msgctxt "db_x509req#19" msgid "Delete" msgstr "Sil" #: db_x509super#1 msgid "Key name" msgstr "" #: db_x509super#2 msgid "Internal name of the key" msgstr "" #: db_x509super#3 msgid "Save as OpenSSL config" msgstr "" #: db_x509super#4 #, fuzzy msgid "Config files ( *.conf *.cnf);; All files ( * )" msgstr "X509 sertifikası (*cer *.crt *.p12 *.p7b);;Tüm dosyalar (*)" #: db_x509super#5 msgid "The following extensions were not ported into the template" msgstr "" #: kvView#1 msgctxt "kvView#1" msgid "Type" msgstr "" #: kvView#2 msgid "Content" msgstr "" #: pass_info#1 msgctxt "pass_info#1" msgid "Password" msgstr "" #: pass_info#2 msgctxt "pass_info#2" msgid "PIN" msgstr "" #: pki_base#1 msgctxt "pki_base#1" msgid "Error opening file: '%1': %2" msgstr "" #: pki_base#2 msgid "Error writing to file: '%1': %2" msgstr "" #: pki_base#3 msgid "Error: " msgstr "" #: pki_base#4 msgid "Internal error: Unexpected message: %1 %2" msgstr "" #: pki_crl#1 msgid "Successfully imported the revocation list '%1'" msgstr "" #: pki_crl#2 msgid "Delete the revocation list '%1'?" msgstr "" #: pki_crl#3 msgid "Successfully created the revocation list '%1'" msgstr "" #: pki_crl#4 msgid "Delete the %1 revocation lists: %2?" msgstr "" #: pki_crl#5 msgid "" "Unable to load the revocation list in file %1. Tried PEM and DER formatted " "CRL." msgstr "" #: pki_crl#6 msgid "No issuer given" msgstr "" #: pki_crl#7 msgctxt "pki_crl#7" msgid "Wrong Size %1" msgstr "" #: pki_crl#8 msgid "unknown" msgstr "" #: pki_evp#1 msgid "Failed to decrypt the key (bad password) " msgstr "" #: pki_evp#2 msgid "Please enter the password to decrypt the private key." msgstr "" #: pki_evp#3 msgid "" "Please enter the password to decrypt the private key from file:\n" "%1" msgstr "" #: pki_evp#4 msgid "" "Unable to load the private key in file %1. Tried PEM and DER private, public " "and PKCS#8 key types." msgstr "" #: pki_evp#5 msgid "Please enter the password to decrypt the private key: '%1'" msgstr "" #: pki_evp#6 msgid "Password input aborted" msgstr "" #: pki_evp#7 msgid "Please enter the database password for decrypting the key '%1'" msgstr "" #: pki_evp#8 msgid "Please enter the password to protect the private key: '%1'" msgstr "" #: pki_evp#9 msgid "Please enter the database password for encrypting the key" msgstr "" #: pki_evp#10 msgid "Please enter the password protecting the PKCS#8 key '%1'" msgstr "" #: pki_evp#11 msgid "Please enter the export password for the private key '%1'" msgstr "" #: pki_key#1 msgid "Successfully imported the %1 public key '%2'" msgstr "" #: pki_key#2 msgid "Delete the %1 public key '%2'?" msgstr "" #: pki_key#3 msgid "Successfully imported the %1 private key '%2'" msgstr "" #: pki_key#4 msgid "Delete the %1 private key '%2'?" msgstr "" #: pki_key#5 msgid "Successfully created the %1 private key '%2'" msgstr "" #: pki_key#6 msgctxt "pki_key#6" msgid "Delete the %1 keys: %2?" msgstr "" #: pki_key#7 msgid "public key" msgstr "" #: pki_key#8 msgid "Common" msgstr "" #: pki_key#9 msgid "Private" msgstr "" #: pki_key#10 msgid "Bogus" msgstr "" #: pki_key#11 msgctxt "pki_key#11" msgid "PIN" msgstr "" #: pki_key#12 msgid "No password" msgstr "" #: pki_multi#1 msgid "Seek failed" msgstr "" #: pki_pkcs12#1 msgid "" "Please enter the password to decrypt the PKCS#12 file:\n" "%1" msgstr "" #: pki_pkcs12#2 msgid "Unable to load the PKCS#12 (pfx) file %1." msgstr "" #: pki_pkcs12#3 msgid "The supplied password was wrong (%1)" msgstr "" #: pki_pkcs12#4 msgid "Please enter the password to encrypt the PKCS#12 file" msgstr "" #: pki_pkcs12#5 msgid "No key or no Cert and no pkcs12" msgstr "" #: pki_pkcs7#1 msgid "Unable to load the PKCS#7 file %1. Tried PEM and DER format." msgstr "" #: pki_scard#1 msgid "Successfully imported the token key '%1'" msgstr "" #: pki_scard#2 msgid "Delete the token key '%1'?" msgstr "" #: pki_scard#3 msgid "Successfully created the token key '%1'" msgstr "" #: pki_scard#4 msgctxt "pki_scard#4" msgid "Delete the %1 keys: %2?" msgstr "" #: pki_scard#5 msgid "Delete the private key '%1' from the token '%2 (#%3)' ?" msgstr "" #: pki_scard#6 msgid "only RSA keys can be stored on tokens" msgstr "" #: pki_scard#7 msgid "This Key is already on the token" msgstr "" #: pki_scard#8 msgid "PIN input aborted" msgstr "" #: pki_scard#9 msgid "Unable to find copied key on the token" msgstr "" #: pki_scard#10 msgid "Please insert card: %1 %2 [%3] with Serial: %4" msgstr "" #: pki_scard#11 msgid "Public Key mismatch. Please re-import card" msgstr "" #: pki_scard#12 msgid "Unable to find generated key on card" msgstr "" #: pki_scard#13 msgctxt "pki_scard#13" msgid "Wrong Size %1" msgstr "" #: pki_scard#14 msgid "Token %1" msgstr "" #: pki_scard#15 msgid "Failed to find the key on the token" msgstr "" #: pki_scard#16 msgid "Invalid Pin for the token" msgstr "" #: pki_temp#1 msgid "Successfully imported the XCA template '%1'" msgstr "" #: pki_temp#2 msgid "Delete the XCA template '%1'?" msgstr "" #: pki_temp#3 msgid "Successfully created the XCA template '%1'" msgstr "" #: pki_temp#4 msgid "Delete the %1 XCA templates: %2?" msgstr "" #: pki_temp#5 msgctxt "pki_temp#5" msgid "Wrong Size %1" msgstr "" #: pki_temp#6 msgid "Template file content error (too small): %1" msgstr "" #: pki_temp#7 msgid "Template file content error (bad size): %1 " msgstr "" #: pki_temp#8 msgid "Template file content error (bad length) :%1" msgstr "" #: pki_x509#1 msgid "Successfully imported the certificate '%1'" msgstr "" #: pki_x509#2 msgid "Delete the certificate '%1'?" msgstr "" #: pki_x509#3 msgid "Successfully created the certificate '%1'" msgstr "" #: pki_x509#4 msgid "Delete the %1 certificates: %2?" msgstr "" #: pki_x509#5 msgid "" "Unable to load the certificate in file %1. Tried PEM and DER certificate." msgstr "" #: pki_x509#6 msgid "This certificate is already on the security token" msgstr "" #: pki_x509#7 msgid "Delete the certificate '%1' from the token '%2 (#%3)'?" msgstr "" #: pki_x509#8 msgid "There is no key for signing !" msgstr "" #: pki_x509#9 msgctxt "pki_x509#9" msgid "Wrong Size %1" msgstr "" #: pki_x509#10 msgctxt "pki_x509#10" msgid "Not trusted" msgstr "" #: pki_x509#11 msgid "Trust inherited" msgstr "" #: pki_x509#12 msgid "Always Trusted" msgstr "" #: pki_x509#13 msgid "CRL expires: %1" msgstr "" #: pki_x509#14 msgid "No" msgstr "" #: pki_x509#15 msgid "Yes" msgstr "" #: pki_x509req#1 msgid "Signing key not valid (public key)" msgstr "" #: pki_x509req#2 msgid "Successfully imported the %1 certificate request '%2'" msgstr "" #: pki_x509req#3 msgid "Delete the %1 certificate request '%2'?" msgstr "" #: pki_x509req#4 msgid "Successfully created the %1 certificate request '%2'" msgstr "" #: pki_x509req#5 msgid "Delete the %1 certificate requests: %2?" msgstr "" #: pki_x509req#6 msgid "" "Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC " "format." msgstr "" #: pki_x509req#7 msgctxt "pki_x509req#7" msgid "Signed" msgstr "" #: pki_x509req#8 msgid "Unhandled" msgstr "" #: pki_x509req#9 msgctxt "pki_x509req#9" msgid "Wrong Size %1" msgstr "" #: v3ext#1 msgctxt "v3ext#1" msgid "Add" msgstr "" #: v3ext#2 msgctxt "v3ext#2" msgid "Delete" msgstr "" #: v3ext#3 msgctxt "v3ext#3" msgid "Apply" msgstr "" #: v3ext#4 msgctxt "v3ext#4" msgid "Validate" msgstr "" #: v3ext#5 msgctxt "v3ext#5" msgid "Cancel" msgstr "" #: v3ext#6 msgid "An email address or 'copy'" msgstr "" #: v3ext#7 msgid "An email address" msgstr "" #: v3ext#8 msgid "a registered ID: OBJECT IDENTIFIER" msgstr "" #: v3ext#9 msgid "a uniform resource indicator" msgstr "" #: v3ext#10 msgid "a DNS domain name" msgstr "" #: v3ext#11 msgid "an IP address" msgstr "" #: v3ext#12 msgid "Syntax: ;TYPE:text like '1.2.3.4:UTF8:name'" msgstr "" #: v3ext#13 msgid "No editing. Only 'copy' allowed here" msgstr "" #: v3ext#14 msgid "" "Validation failed:\n" "'%1'\n" "%2" msgstr "" #: v3ext#15 msgid "" "Validation successful:\n" "'%1'" msgstr "" #: void#1 msgctxt "void#1" msgid "There was no key found for the Certificate: " msgstr "" #: void#2 msgctxt "void#2" msgid "Import Certificate signing request" msgstr "" #, fuzzy #~ msgctxt "db_x509#36" #~ msgid "Delete" #~ msgstr "Sil" #~ msgid "&Remove" #~ msgstr "&Kaldır" xca-RELEASE.2.5.0/lang/xca.pot000066400000000000000000002471451450407711300156070ustar00rootroot00000000000000msgid "" msgstr "" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "X-Qt-Contexts: true\n" #: ../ui/CaProperties.ui:14 msgctxt "CaProperties|" msgid "Form" msgstr "" #: ../ui/CaProperties.ui:20 msgctxt "CaProperties|" msgid "Days until next CRL issuing" msgstr "" #: ../ui/CaProperties.ui:30 msgctxt "CaProperties|" msgid "Default template" msgstr "" #: ../ui/CertDetail.ui:30 ../widgets/CertDetail.cpp:112 msgctxt "CertDetail|" msgid "Details of the Certificate" msgstr "" #: ../ui/CertDetail.ui:165 msgctxt "CertDetail|" msgid "Serial" msgstr "" #: ../ui/CertDetail.ui:178 msgctxt "CertDetail|" msgid "The serial number of the certificate" msgstr "" #: ../ui/CertDetail.ui:113 msgctxt "CertDetail|" msgid "The internal name of the certificate in the database" msgstr "" #: ../ui/CertDetail.ui:78 msgctxt "CertDetail|" msgid "Status" msgstr "" #: ../ui/CertDetail.ui:106 msgctxt "CertDetail|" msgid "Internal name" msgstr "" #: ../ui/CertDetail.ui:120 msgctxt "CertDetail|" msgid "Signature" msgstr "" #: ../ui/CertDetail.ui:145 msgctxt "CertDetail|" msgid "Key" msgstr "" #: ../ui/CertDetail.ui:191 msgctxt "CertDetail|" msgid "Fingerprints" msgstr "" #: ../ui/CertDetail.ui:203 msgctxt "CertDetail|" msgid "MD5" msgstr "" #: ../ui/CertDetail.ui:216 msgctxt "CertDetail|" msgid "An md5 hashsum of the certificate" msgstr "" #: ../ui/CertDetail.ui:229 msgctxt "CertDetail|" msgid "SHA1" msgstr "" #: ../ui/CertDetail.ui:242 msgctxt "CertDetail|" msgid "A SHA-1 hashsum of the certificate" msgstr "" #: ../ui/CertDetail.ui:255 msgctxt "CertDetail|" msgid "SHA256" msgstr "" #: ../ui/CertDetail.ui:268 msgctxt "CertDetail|" msgid "A SHA-256 hashsum of the certificate" msgstr "" #: ../ui/CertDetail.ui:278 msgctxt "CertDetail|" msgid "Validity" msgstr "" #: ../ui/CertDetail.ui:287 msgctxt "CertDetail|" msgid "The time since the certificate is valid" msgstr "" #: ../ui/CertDetail.ui:294 msgctxt "CertDetail|" msgid "The time until the certificate is valid" msgstr "" #: ../ui/CertDetail.ui:328 msgctxt "CertDetail|" msgid "Subject" msgstr "" #: ../ui/CertDetail.ui:341 msgctxt "CertDetail|" msgid "Issuer" msgstr "" #: ../ui/CertDetail.ui:364 msgctxt "CertDetail|" msgid "Extensions" msgstr "" #: ../ui/CertDetail.ui:385 msgctxt "CertDetail|" msgid "Comment" msgstr "" #: ../ui/CertDetail.ui:354 msgctxt "CertDetail|" msgid "Attributes" msgstr "" #: ../ui/CertDetail.ui:377 ../widgets/CertDetail.cpp:40 msgctxt "CertDetail|" msgid "Show config" msgstr "" #: ../widgets/CertDetail.cpp:44 msgctxt "CertDetail|" msgid "Show extensions" msgstr "" #: ../widgets/CertDetail.cpp:66 msgctxt "CertDetail|" msgid "Show public key" msgstr "" #: ../widgets/CertDetail.cpp:69 msgctxt "CertDetail|" msgid "This key is not in the database." msgstr "" #: ../widgets/CertDetail.cpp:73 msgctxt "CertDetail|" msgid "Not available" msgstr "" #: ../widgets/CertDetail.cpp:120 msgctxt "CertDetail|" msgid "Signer unknown" msgstr "" #: ../widgets/CertDetail.cpp:124 msgctxt "CertDetail|" msgid "Self signed" msgstr "" #: ../widgets/CertDetail.cpp:154 #, qt-format msgctxt "CertDetail|" msgid "Revoked at %1" msgstr "" #: ../widgets/CertDetail.cpp:159 msgctxt "CertDetail|" msgid "Not valid" msgstr "" #: ../widgets/CertDetail.cpp:163 msgctxt "CertDetail|" msgid "Valid" msgstr "" #: ../widgets/CertDetail.cpp:184 msgctxt "CertDetail|" msgid "Details of the certificate signing request" msgstr "" #: ../ui/CertExtend.ui:30 msgctxt "CertExtend|" msgid "Certificate renewal" msgstr "" #: ../ui/CertExtend.ui:74 msgctxt "CertExtend|" msgid "" "This will create a new certificate as a copy of the old one with a new " "serial number and adjusted validity values." msgstr "" #: ../ui/CertExtend.ui:100 msgctxt "CertExtend|" msgid "Validity" msgstr "" #: ../ui/CertExtend.ui:111 msgctxt "CertExtend|" msgid "Not before" msgstr "" #: ../ui/CertExtend.ui:118 msgctxt "CertExtend|" msgid "Not after" msgstr "" #: ../ui/CertExtend.ui:144 msgctxt "CertExtend|" msgid "Time range" msgstr "" #: ../ui/CertExtend.ui:150 msgctxt "CertExtend|" msgid "Local time" msgstr "" #: ../ui/CertExtend.ui:158 msgctxt "CertExtend|" msgid "Days" msgstr "" #: ../ui/CertExtend.ui:163 msgctxt "CertExtend|" msgid "Months" msgstr "" #: ../ui/CertExtend.ui:168 msgctxt "CertExtend|" msgid "Years" msgstr "" #: ../ui/CertExtend.ui:176 msgctxt "CertExtend|" msgid "No well-defined expiration" msgstr "" #: ../ui/CertExtend.ui:183 msgctxt "CertExtend|" msgid "Midnight" msgstr "" #: ../ui/CertExtend.ui:190 msgctxt "CertExtend|" msgid "Apply" msgstr "" #: ../ui/CertExtend.ui:216 msgctxt "CertExtend|" msgid "Revoke old certificate" msgstr "" #: ../ui/CertExtend.ui:226 msgctxt "CertExtend|" msgid "Replace old certificate" msgstr "" #: ../ui/CertExtend.ui:236 msgctxt "CertExtend|" msgid "Keep serial number" msgstr "" #: ../widgets/CertExtend.cpp:43 msgctxt "CertExtend|" msgid "" "The certificate will be earlier valid than the signer. This is probably not " "what you want." msgstr "" #: ../widgets/CertExtend.cpp:45 ../widgets/CertExtend.cpp:67 msgctxt "CertExtend|" msgid "Edit dates" msgstr "" #: ../widgets/CertExtend.cpp:46 ../widgets/CertExtend.cpp:68 msgctxt "CertExtend|" msgid "Abort rollout" msgstr "" #: ../widgets/CertExtend.cpp:47 ../widgets/CertExtend.cpp:69 msgctxt "CertExtend|" msgid "Continue rollout" msgstr "" #: ../widgets/CertExtend.cpp:48 ../widgets/CertExtend.cpp:70 msgctxt "CertExtend|" msgid "Adjust date and continue" msgstr "" #: ../widgets/CertExtend.cpp:65 msgctxt "CertExtend|" msgid "" "The certificate will be longer valid than the signer. This is probably not " "what you want." msgstr "" #: ../widgets/CertTreeView.cpp:34 msgctxt "CertTreeView|" msgid "Import PKCS#12" msgstr "" #: ../widgets/CertTreeView.cpp:35 msgctxt "CertTreeView|" msgid "Import from PKCS#7" msgstr "" #: ../widgets/CertTreeView.cpp:64 msgctxt "CertTreeView|" msgid "Request" msgstr "" #: ../widgets/CertTreeView.cpp:66 msgctxt "CertTreeView|" msgid "Security token" msgstr "" #: ../widgets/CertTreeView.cpp:68 msgctxt "CertTreeView|" msgid "Other token" msgstr "" #: ../widgets/CertTreeView.cpp:72 msgctxt "CertTreeView|" msgid "Similar Certificate" msgstr "" #: ../widgets/CertTreeView.cpp:75 msgctxt "CertTreeView|" msgid "Delete from Security token" msgstr "" #: ../widgets/CertTreeView.cpp:78 msgctxt "CertTreeView|" msgid "CA" msgstr "" #: ../widgets/CertTreeView.cpp:79 msgctxt "CertTreeView|" msgid "Properties" msgstr "" #: ../widgets/CertTreeView.cpp:80 msgctxt "CertTreeView|" msgid "Generate CRL" msgstr "" #: ../widgets/CertTreeView.cpp:81 msgctxt "CertTreeView|" msgid "Manage revocations" msgstr "" #: ../widgets/CertTreeView.cpp:86 ../widgets/CertTreeView.cpp:89 msgctxt "CertTreeView|" msgid "Renewal" msgstr "" #: ../widgets/CertTreeView.cpp:91 msgctxt "CertTreeView|" msgid "Revoke" msgstr "" #: ../widgets/CertTreeView.cpp:93 msgctxt "CertTreeView|" msgid "Unrevoke" msgstr "" #: ../widgets/CertTreeView.cpp:157 msgctxt "CertTreeView|" msgid "Plain View" msgstr "" #: ../widgets/CertTreeView.cpp:157 msgctxt "CertTreeView|" msgid "Tree View" msgstr "" #: ../widgets/CertTreeView.cpp:186 msgctxt "CertTreeView|" msgid "days" msgstr "" #: ../widgets/CertTreeView.cpp:194 msgctxt "CertTreeView|" msgid "No template" msgstr "" #: ../widgets/CertTreeView.cpp:199 msgctxt "CertTreeView|" msgid "CA Properties" msgstr "" #: ../widgets/CertTreeView.cpp:241 msgctxt "CertTreeView|" msgid "Certificate export" msgstr "" #: ../widgets/CertTreeView.cpp:242 msgctxt "CertTreeView|" msgid "X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b )" msgstr "" #: ../widgets/clicklabel.cpp:37 msgctxt "ClickLabel|" msgid "Double click for details" msgstr "" #: ../ui/CrlDetail.ui:30 msgctxt "CrlDetail|" msgid "Details of the Revocation list" msgstr "" #: ../ui/CrlDetail.ui:78 msgctxt "CrlDetail|" msgid "&Status" msgstr "" #: ../ui/CrlDetail.ui:144 msgctxt "CrlDetail|" msgid "Version" msgstr "" #: ../ui/CrlDetail.ui:163 msgctxt "CrlDetail|" msgid "Signature" msgstr "" #: ../ui/CrlDetail.ui:170 msgctxt "CrlDetail|" msgid "Signed by" msgstr "" #: ../ui/CrlDetail.ui:177 msgctxt "CrlDetail|" msgid "Name" msgstr "" #: ../ui/CrlDetail.ui:184 msgctxt "CrlDetail|" msgid "The internal name of the CRL in the database" msgstr "" #: ../ui/CrlDetail.ui:197 msgctxt "CrlDetail|" msgid "issuing dates" msgstr "" #: ../ui/CrlDetail.ui:215 msgctxt "CrlDetail|" msgid "Next update" msgstr "" #: ../ui/CrlDetail.ui:222 msgctxt "CrlDetail|" msgid "Last update" msgstr "" #: ../ui/CrlDetail.ui:255 msgctxt "CrlDetail|" msgid "&Issuer" msgstr "" #: ../ui/CrlDetail.ui:277 msgctxt "CrlDetail|" msgid "&Extensions" msgstr "" #: ../ui/CrlDetail.ui:306 msgctxt "CrlDetail|" msgid "&Revocation list" msgstr "" #: ../ui/CrlDetail.ui:340 msgctxt "CrlDetail|" msgid "Comment" msgstr "" #: ../widgets/CrlDetail.cpp:52 msgctxt "CrlDetail|" msgid "Failed" msgstr "" #: ../widgets/CrlDetail.cpp:57 msgctxt "CrlDetail|" msgid "Unknown signer" msgstr "" #: ../widgets/CrlDetail.cpp:60 msgctxt "CrlDetail|" msgid "Verification not possible" msgstr "" #: ../widgets/CrlTreeView.cpp:39 msgctxt "CrlTreeView|" msgid "There are no CA certificates for CRL generation" msgstr "" #: ../widgets/CrlTreeView.cpp:47 msgctxt "CrlTreeView|" msgid "Select CA certificate" msgstr "" #: ../widgets/CrlTreeView.cpp:69 msgctxt "CrlTreeView|" msgid "Revocation list export" msgstr "" #: ../widgets/CrlTreeView.cpp:70 msgctxt "CrlTreeView|" msgid "CRL ( *.pem *.der *.crl )" msgstr "" #: ../ui/ExportDialog.ui:79 msgctxt "ExportDialog|" msgid "Name" msgstr "" #: ../ui/ExportDialog.ui:86 msgctxt "ExportDialog|" msgid "The internal name of the CRL in the database" msgstr "" #: ../ui/ExportDialog.ui:115 msgctxt "ExportDialog|" msgid "..." msgstr "" #: ../ui/ExportDialog.ui:99 msgctxt "ExportDialog|" msgid "Filename" msgstr "" #: ../ui/ExportDialog.ui:151 msgctxt "ExportDialog|" msgid "Export comment into PEM file" msgstr "" #: ../ui/ExportDialog.ui:171 msgctxt "ExportDialog|" msgid "Export Format" msgstr "" #: ../widgets/ExportDialog.cpp:48 msgctxt "ExportDialog|" msgid "All files ( * )" msgstr "" #: ../widgets/ExportDialog.cpp:104 #, qt-format msgctxt "ExportDialog|" msgid "The file: '%1' already exists!" msgstr "" #: ../widgets/ExportDialog.cpp:105 msgctxt "ExportDialog|" msgid "Overwrite" msgstr "" #: ../widgets/ExportDialog.cpp:106 msgctxt "ExportDialog|" msgid "Do not overwrite" msgstr "" #: ../ui/TimeInput.ui:32 msgctxt "Form|" msgid "last update" msgstr "" #: ../ui/TimeInput.ui:46 msgctxt "Form|" msgid "next update" msgstr "" #: ../ui/TimeInput.ui:70 msgctxt "Form|" msgid "Days" msgstr "" #: ../ui/TimeInput.ui:75 msgctxt "Form|" msgid "Months" msgstr "" #: ../ui/TimeInput.ui:80 msgctxt "Form|" msgid "Years" msgstr "" #: ../ui/TimeInput.ui:88 msgctxt "Form|" msgid "Apply" msgstr "" #: ../ui/TimeInput.ui:95 msgctxt "Form|" msgid "Midnight" msgstr "" #: ../ui/TimeInput.ui:102 msgctxt "Form|" msgid "Local time" msgstr "" #: ../ui/TimeInput.ui:109 msgctxt "Form|" msgid "No well-defined expiration" msgstr "" #: ../ui/Help.ui:36 msgctxt "Help|" msgid "<<" msgstr "" #: ../ui/Help.ui:46 msgctxt "Help|" msgid ">>" msgstr "" #: ../ui/Help.ui:72 msgctxt "Help|" msgid "&Done" msgstr "" #: ../ui/ImportMulti.ui:36 msgctxt "ImportMulti|" msgid "Import PKI Items" msgstr "" #: ../ui/ImportMulti.ui:94 msgctxt "ImportMulti|" msgid "Import &All" msgstr "" #: ../ui/ImportMulti.ui:101 msgctxt "ImportMulti|" msgid "&Import" msgstr "" #: ../ui/ImportMulti.ui:108 msgctxt "ImportMulti|" msgid "&Done" msgstr "" #: ../ui/ImportMulti.ui:115 msgctxt "ImportMulti|" msgid "&Remove from list" msgstr "" #: ../ui/ImportMulti.ui:122 msgctxt "ImportMulti|" msgid "Details" msgstr "" #: ../ui/ImportMulti.ui:129 msgctxt "ImportMulti|" msgid "Delete from token" msgstr "" #: ../ui/ImportMulti.ui:136 msgctxt "ImportMulti|" msgid "Rename on token" msgstr "" #: ../widgets/ImportMulti.cpp:65 #, qt-format msgctxt "ImportMulti|" msgid "" "\n" "Name: %1\n" "Model: %2\n" "Serial: %3" msgstr "" #: ../widgets/ImportMulti.cpp:70 msgctxt "ImportMulti|" msgid "Manage security token" msgstr "" #: ../widgets/ImportMulti.cpp:287 #, qt-format msgctxt "ImportMulti|" msgid "Details of the item '%1' cannot be shown" msgstr "" #: ../widgets/ImportMulti.cpp:104 ../widgets/ImportMulti.cpp:291 #, qt-format msgctxt "ImportMulti|" msgid "The type of the item '%1' is not recognized" msgstr "" #: ../widgets/ImportMulti.cpp:319 #, qt-format msgctxt "ImportMulti|" msgid "The file '%1' did not contain PKI data" msgstr "" #: ../widgets/ImportMulti.cpp:322 #, qt-format msgctxt "ImportMulti|" msgid "The %1 files: '%2' did not contain PKI data" msgstr "" #: ../ui/ItemProperties.ui:22 msgctxt "ItemProperties|" msgid "Name" msgstr "" #: ../ui/ItemProperties.ui:32 msgctxt "ItemProperties|" msgid "Source" msgstr "" #: ../ui/ItemProperties.ui:42 msgctxt "ItemProperties|" msgid "Insertion date" msgstr "" #: ../ui/ItemProperties.ui:54 msgctxt "ItemProperties|" msgid "Comment" msgstr "" #: ../ui/KeyDetail.ui:82 msgctxt "KeyDetail|" msgid "Name" msgstr "" #: ../ui/KeyDetail.ui:89 msgctxt "KeyDetail|" msgid "The internal name of the key used by xca" msgstr "" #: ../widgets/KeyDetail.cpp:106 msgctxt "KeyDetail|" msgid "Security token" msgstr "" #: ../ui/KeyDetail.ui:286 msgctxt "KeyDetail|" msgid "Manufacturer" msgstr "" #: ../ui/KeyDetail.ui:296 msgctxt "KeyDetail|" msgid "Serial" msgstr "" #: ../ui/KeyDetail.ui:102 ../ui/KeyDetail.ui:182 msgctxt "KeyDetail|" msgid "Key" msgstr "" #: ../ui/KeyDetail.ui:110 msgctxt "KeyDetail|" msgid "Public Exponent" msgstr "" #: ../ui/KeyDetail.ui:136 msgctxt "KeyDetail|" msgid "Keysize" msgstr "" #: ../ui/KeyDetail.ui:163 msgctxt "KeyDetail|" msgid "Private Exponent" msgstr "" #: ../ui/KeyDetail.ui:214 msgctxt "KeyDetail|" msgid "Security Token" msgstr "" #: ../ui/KeyDetail.ui:235 ../ui/KeyDetail.ui:306 msgctxt "KeyDetail|" msgid "Label" msgstr "" #: ../ui/KeyDetail.ui:245 msgctxt "KeyDetail|" msgid "PKCS#11 ID" msgstr "" #: ../ui/KeyDetail.ui:270 msgctxt "KeyDetail|" msgid "Token information" msgstr "" #: ../ui/KeyDetail.ui:276 msgctxt "KeyDetail|" msgid "Model" msgstr "" #: ../ui/KeyDetail.ui:324 msgctxt "KeyDetail|" msgid "Fingerprint" msgstr "" #: ../ui/KeyDetail.ui:329 msgctxt "KeyDetail|" msgid "Comment" msgstr "" #: ../widgets/KeyDetail.cpp:89 #, qt-format msgctxt "KeyDetail|" msgid "Details of the %1 key" msgstr "" #: ../widgets/KeyDetail.cpp:95 msgctxt "KeyDetail|" msgid "Not available" msgstr "" #: ../widgets/KeyDetail.cpp:108 msgctxt "KeyDetail|" msgid "Available" msgstr "" #: ../widgets/KeyDetail.cpp:117 msgctxt "KeyDetail|" msgid "Sub prime" msgstr "" #: ../widgets/KeyDetail.cpp:118 ../widgets/KeyDetail.cpp:127 #: ../widgets/KeyDetail.cpp:139 msgctxt "KeyDetail|" msgid "Public key" msgstr "" #: ../widgets/KeyDetail.cpp:119 ../widgets/KeyDetail.cpp:128 #: ../widgets/KeyDetail.cpp:140 msgctxt "KeyDetail|" msgid "Private key" msgstr "" #: ../widgets/KeyDetail.cpp:129 ../widgets/KeyDetail.cpp:141 msgctxt "KeyDetail|" msgid "Curve name" msgstr "" #: ../widgets/KeyDetail.cpp:148 msgctxt "KeyDetail|" msgid "Unknown key" msgstr "" #: ../widgets/KeyTreeView.cpp:32 msgctxt "KeyTreeView|" msgid "Clipboard format" msgstr "" #: ../widgets/KeyTreeView.cpp:52 msgctxt "KeyTreeView|" msgid "Change password" msgstr "" #: ../widgets/KeyTreeView.cpp:56 msgctxt "KeyTreeView|" msgid "Reset password" msgstr "" #: ../widgets/KeyTreeView.cpp:68 msgctxt "KeyTreeView|" msgid "Change PIN" msgstr "" #: ../widgets/KeyTreeView.cpp:70 msgctxt "KeyTreeView|" msgid "Init PIN with SO PIN (PUK)" msgstr "" #: ../widgets/KeyTreeView.cpp:72 msgctxt "KeyTreeView|" msgid "Change SO PIN (PUK)" msgstr "" #: ../widgets/KeyTreeView.cpp:75 msgctxt "KeyTreeView|" msgid "Security token" msgstr "" #: ../widgets/KeyTreeView.cpp:112 ../widgets/KeyTreeView.cpp:130 #: ../widgets/KeyTreeView.cpp:148 msgctxt "KeyTreeView|" msgid "This is not a token" msgstr "" #: ../widgets/KeyTreeView.cpp:177 #, qt-format msgctxt "KeyTreeView|" msgid "" "Shall the original key '%1' be replaced by the key on the token?\n" "This will delete the key '%1' and make it unexportable" msgstr "" #: ../widgets/KeyTreeView.cpp:229 #, qt-format msgctxt "KeyTreeView|" msgid "Export public key [%1]" msgstr "" #: ../widgets/KeyTreeView.cpp:230 msgctxt "KeyTreeView|" msgid "Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub )" msgstr "" #: ../ui/MainWindow.ui:25 msgctxt "MainWindow|" msgid "Private Keys" msgstr "" #: ../ui/MainWindow.ui:49 msgctxt "MainWindow|" msgid "&New Key" msgstr "" #: ../ui/MainWindow.ui:56 ../ui/MainWindow.ui:155 ../ui/MainWindow.ui:241 #: ../ui/MainWindow.ui:369 ../ui/MainWindow.ui:434 msgctxt "MainWindow|" msgid "&Export" msgstr "" #: ../ui/MainWindow.ui:63 ../ui/MainWindow.ui:162 ../ui/MainWindow.ui:248 #: ../ui/MainWindow.ui:362 ../ui/MainWindow.ui:441 msgctxt "MainWindow|" msgid "&Import" msgstr "" #: ../ui/MainWindow.ui:70 msgctxt "MainWindow|" msgid "Import PFX (PKCS#12)" msgstr "" #: ../ui/MainWindow.ui:77 ../ui/MainWindow.ui:169 ../ui/MainWindow.ui:255 #: ../ui/MainWindow.ui:448 msgctxt "MainWindow|" msgid "&Show Details" msgstr "" #: ../ui/MainWindow.ui:84 ../ui/MainWindow.ui:176 ../ui/MainWindow.ui:262 #: ../ui/MainWindow.ui:355 ../ui/MainWindow.ui:455 msgctxt "MainWindow|" msgid "&Delete" msgstr "" #: ../ui/MainWindow.ui:124 msgctxt "MainWindow|" msgid "Certificate signing requests" msgstr "" #: ../ui/MainWindow.ui:148 msgctxt "MainWindow|" msgid "&New Request" msgstr "" #: ../ui/MainWindow.ui:216 ../widgets/MW_menu.cpp:138 msgctxt "MainWindow|" msgid "Certificates" msgstr "" #: ../ui/MainWindow.ui:234 msgctxt "MainWindow|" msgid "&New Certificate" msgstr "" #: ../ui/MainWindow.ui:269 msgctxt "MainWindow|" msgid "Import &PKCS#12" msgstr "" #: ../ui/MainWindow.ui:276 msgctxt "MainWindow|" msgid "Import P&KCS#7" msgstr "" #: ../ui/MainWindow.ui:283 msgctxt "MainWindow|" msgid "Plain View" msgstr "" #: ../ui/MainWindow.ui:323 msgctxt "MainWindow|" msgid "Templates" msgstr "" #: ../ui/MainWindow.ui:341 msgctxt "MainWindow|" msgid "&New Template" msgstr "" #: ../ui/MainWindow.ui:427 msgctxt "MainWindow|" msgid "&New CRL" msgstr "" #: ../ui/MainWindow.ui:348 msgctxt "MainWindow|" msgid "Ch&ange Template" msgstr "" #: ../ui/MainWindow.ui:409 msgctxt "MainWindow|" msgid "Revocation lists" msgstr "" #: ../widgets/MainWindow.cpp:592 msgctxt "MainWindow|" msgid "" "Using or exporting private keys will not be possible without providing the " "correct password" msgstr "" #: ../widgets/MainWindow.cpp:598 #, qt-format msgctxt "MainWindow|" msgid "" "The currently used default hash '%1' is insecure. Please select at least " "'SHA 224' for security reasons." msgstr "" #: ../widgets/MW_menu.cpp:85 msgctxt "MainWindow|" msgid "Recent DataBases" msgstr "" #: ../widgets/MW_help.cpp:25 ../widgets/MW_menu.cpp:40 msgctxt "MainWindow|" msgid "System" msgstr "" #: ../widgets/MW_help.cpp:28 msgctxt "MainWindow|" msgid "Croatian" msgstr "" #: ../widgets/MW_help.cpp:31 msgctxt "MainWindow|" msgid "English" msgstr "" #: ../widgets/MW_help.cpp:32 msgctxt "MainWindow|" msgid "French" msgstr "" #: ../widgets/MW_help.cpp:34 msgctxt "MainWindow|" msgid "German" msgstr "" #: ../widgets/MW_help.cpp:38 msgctxt "MainWindow|" msgid "Japanese" msgstr "" #: ../widgets/MW_help.cpp:44 msgctxt "MainWindow|" msgid "Russian" msgstr "" #: ../widgets/MW_help.cpp:45 msgctxt "MainWindow|" msgid "Slovak" msgstr "" #: ../widgets/MW_help.cpp:47 msgctxt "MainWindow|" msgid "Spanish" msgstr "" #: ../widgets/MW_help.cpp:52 msgctxt "MainWindow|" msgid "Persian" msgstr "" #: ../widgets/MW_help.cpp:54 msgctxt "MainWindow|" msgid "Bulgarian" msgstr "" #: ../widgets/MW_help.cpp:40 msgctxt "MainWindow|" msgid "Polish" msgstr "" #: ../widgets/MW_help.cpp:36 msgctxt "MainWindow|" msgid "Italian" msgstr "" #: ../widgets/MW_help.cpp:26 msgctxt "MainWindow|" msgid "Chinese" msgstr "" #: ../widgets/MW_help.cpp:30 msgctxt "MainWindow|" msgid "Dutch" msgstr "" #: ../widgets/MW_help.cpp:42 msgctxt "MainWindow|" msgid "Portuguese in Brazil" msgstr "" #: ../widgets/MW_help.cpp:49 msgctxt "MainWindow|" msgid "Indonesian" msgstr "" #: ../widgets/MW_help.cpp:51 msgctxt "MainWindow|" msgid "Turkish" msgstr "" #: ../widgets/MW_menu.cpp:91 msgctxt "MainWindow|" msgid "Language" msgstr "" #: ../widgets/MW_menu.cpp:100 msgctxt "MainWindow|" msgid "&File" msgstr "" #: ../widgets/MW_menu.cpp:110 msgctxt "MainWindow|" msgid "Open Remote DataBase" msgstr "" #: ../widgets/MW_menu.cpp:114 msgctxt "MainWindow|" msgid "Set as default DataBase" msgstr "" #: ../widgets/MW_menu.cpp:102 msgctxt "MainWindow|" msgid "New DataBase" msgstr "" #: ../widgets/MW_menu.cpp:106 msgctxt "MainWindow|" msgid "Open DataBase" msgstr "" #: ../widgets/MW_menu.cpp:116 msgctxt "MainWindow|" msgid "Close DataBase" msgstr "" #: ../widgets/MW_menu.cpp:120 msgctxt "MainWindow|" msgid "Options" msgstr "" #: ../widgets/MW_menu.cpp:128 msgctxt "MainWindow|" msgid "Exit" msgstr "" #: ../widgets/MW_menu.cpp:135 msgctxt "MainWindow|" msgid "I&mport" msgstr "" #: ../widgets/MW_menu.cpp:136 msgctxt "MainWindow|" msgid "Keys" msgstr "" #: ../widgets/MW_menu.cpp:137 msgctxt "MainWindow|" msgid "Requests" msgstr "" #: ../widgets/MW_menu.cpp:139 msgctxt "MainWindow|" msgid "PKCS#12" msgstr "" #: ../widgets/MW_menu.cpp:140 msgctxt "MainWindow|" msgid "PKCS#7" msgstr "" #: ../widgets/MW_menu.cpp:141 msgctxt "MainWindow|" msgid "Template" msgstr "" #: ../widgets/MW_menu.cpp:142 msgctxt "MainWindow|" msgid "Revocation list" msgstr "" #: ../widgets/MW_menu.cpp:143 msgctxt "MainWindow|" msgid "PEM file" msgstr "" #: ../widgets/MW_menu.cpp:144 msgctxt "MainWindow|" msgid "Paste PEM file" msgstr "" #: ../widgets/MW_menu.cpp:147 msgctxt "MainWindow|" msgid "Token" msgstr "" #: ../widgets/MW_menu.cpp:164 msgctxt "MainWindow|" msgid "Export Certificate &Index hierarchy" msgstr "" #: ../widgets/MW_menu.cpp:177 msgctxt "MainWindow|" msgid "Content" msgstr "" #: ../widgets/MW_menu.cpp:148 msgctxt "MainWindow|" msgid "&Manage Security token" msgstr "" #: ../widgets/MW_menu.cpp:150 msgctxt "MainWindow|" msgid "&Init Security token" msgstr "" #: ../widgets/MW_menu.cpp:152 msgctxt "MainWindow|" msgid "&Change PIN" msgstr "" #: ../widgets/MW_menu.cpp:154 msgctxt "MainWindow|" msgid "Change &SO PIN" msgstr "" #: ../widgets/MW_menu.cpp:156 msgctxt "MainWindow|" msgid "Init PIN" msgstr "" #: ../widgets/MW_menu.cpp:159 msgctxt "MainWindow|" msgid "Extra" msgstr "" #: ../widgets/MW_menu.cpp:160 msgctxt "MainWindow|" msgid "&Dump DataBase" msgstr "" #: ../widgets/MW_menu.cpp:162 msgctxt "MainWindow|" msgid "&Export Certificate Index" msgstr "" #: ../widgets/MW_menu.cpp:166 msgctxt "MainWindow|" msgid "C&hange DataBase password" msgstr "" #: ../widgets/MW_menu.cpp:169 msgctxt "MainWindow|" msgid "&Undelete items" msgstr "" #: ../widgets/MW_menu.cpp:172 msgctxt "MainWindow|" msgid "Generate DH parameter" msgstr "" #: ../widgets/MW_menu.cpp:174 msgctxt "MainWindow|" msgid "OID Resolver" msgstr "" #: ../widgets/MW_menu.cpp:176 msgctxt "MainWindow|" msgid "&Help" msgstr "" #: ../widgets/MW_menu.cpp:179 msgctxt "MainWindow|" msgid "About" msgstr "" #: ../widgets/MainWindow.cpp:254 msgctxt "MainWindow|" msgid "Import PEM data" msgstr "" #: ../widgets/MainWindow.cpp:283 #, qt-format msgctxt "MainWindow|" msgid "Please enter the original SO PIN (PUK) of the token '%1'" msgstr "" #: ../widgets/MainWindow.cpp:113 ../widgets/MainWindow.cpp:736 msgctxt "MainWindow|" msgid "Search" msgstr "" #: ../widgets/MainWindow.cpp:289 #, qt-format msgctxt "MainWindow|" msgid "Please enter the new SO PIN (PUK) for the token '%1'" msgstr "" #: ../widgets/MainWindow.cpp:296 #, qt-format msgctxt "MainWindow|" msgid "The new label of the token '%1'" msgstr "" #: ../widgets/MainWindow.cpp:404 #, qt-format msgctxt "MainWindow|" msgid "The token '%1' did not contain any keys or certificates" msgstr "" #: ../widgets/MainWindow.cpp:448 msgctxt "MainWindow|" msgid "Current Password" msgstr "" #: ../widgets/MainWindow.cpp:449 msgctxt "MainWindow|" msgid "Please enter the current database password" msgstr "" #: ../widgets/MainWindow.cpp:459 msgctxt "MainWindow|" msgid "The entered password is wrong" msgstr "" #: ../widgets/MainWindow.cpp:464 msgctxt "MainWindow|" msgid "New Password" msgstr "" #: ../widgets/MainWindow.cpp:464 msgctxt "MainWindow|" msgid "" "Please enter the new password to encrypt your private keys in the " "database-file" msgstr "" #: ../widgets/MainWindow.cpp:488 msgctxt "MainWindow|" msgid "Transaction start failed" msgstr "" #: ../widgets/MainWindow.cpp:575 #, qt-format msgctxt "MainWindow|" msgid "Database: %1" msgstr "" #: ../widgets/MainWindow.cpp:656 msgctxt "MainWindow|" msgid "Certificate Index ( index.txt )" msgstr "" #: ../widgets/MainWindow.cpp:657 ../widgets/MainWindow.cpp:713 msgctxt "MainWindow|" msgid "All files ( * )" msgstr "" #: ../widgets/MainWindow.cpp:680 #, qt-format msgctxt "MainWindow|" msgid "Diffie-Hellman parameters saved as: %1" msgstr "" #: ../widgets/MainWindow.cpp:698 msgctxt "MainWindow|" msgid "" "Diffie-Hellman parameters are needed for different applications, but not " "handled by XCA.\n" "Please enter the DH parameter bits" msgstr "" #: ../ui/NewCrl.ui:32 msgctxt "NewCrl|" msgid "Last update" msgstr "" #: ../ui/NewCrl.ui:46 msgctxt "NewCrl|" msgid "Next update" msgstr "" #: ../ui/NewCrl.ui:70 msgctxt "NewCrl|" msgid "Days" msgstr "" #: ../ui/NewCrl.ui:75 msgctxt "NewCrl|" msgid "Months" msgstr "" #: ../ui/NewCrl.ui:80 msgctxt "NewCrl|" msgid "Years" msgstr "" #: ../ui/NewCrl.ui:88 msgctxt "NewCrl|" msgid "Midnight" msgstr "" #: ../ui/NewCrl.ui:95 msgctxt "NewCrl|" msgid "Local time" msgstr "" #: ../ui/NewCrl.ui:102 msgctxt "NewCrl|" msgid "Apply" msgstr "" #: ../ui/NewCrl.ui:128 msgctxt "NewCrl|" msgid "Options" msgstr "" #: ../ui/NewCrl.ui:172 msgctxt "NewCrl|" msgid "CRL number" msgstr "" #: ../ui/NewCrl.ui:144 msgctxt "NewCrl|" msgid "Subject alternative name" msgstr "" #: ../ui/NewCrl.ui:199 msgctxt "NewCrl|" msgid "Revocation reasons" msgstr "" #: ../ui/NewCrl.ui:158 msgctxt "NewCrl|" msgid "Authority key identifier" msgstr "" #: ../ui/NewCrl.ui:134 msgctxt "NewCrl|" msgid "Hash algorithm" msgstr "" #: ../widgets/NewCrl.cpp:78 msgctxt "NewCrl|" msgid "Create CRL" msgstr "" #: ../ui/NewKey.ui:86 msgctxt "NewKey|" msgid "Please give a name to the new key and select the desired keysize" msgstr "" #: ../ui/NewKey.ui:96 msgctxt "NewKey|" msgid "Key properties" msgstr "" #: ../ui/NewKey.ui:102 msgctxt "NewKey|" msgid "Name" msgstr "" #: ../ui/NewKey.ui:121 msgctxt "NewKey|" msgid "The internal name of the new key" msgstr "" #: ../ui/NewKey.ui:151 msgctxt "NewKey|" msgid "Curve name" msgstr "" #: ../ui/NewKey.ui:171 msgctxt "NewKey|" msgid "Usually at least 2048 bit keys are recommended" msgstr "" #: ../ui/NewKey.ui:39 ../ui/NewKey.ui:124 msgctxt "NewKey|" msgid "New Key" msgstr "" #: ../ui/NewKey.ui:158 msgctxt "NewKey|" msgid "Keysize" msgstr "" #: ../ui/NewKey.ui:178 msgctxt "NewKey|" msgid "Keytype" msgstr "" #: ../ui/NewKey.ui:188 msgctxt "NewKey|" msgid "Remember as default" msgstr "" #: ../widgets/NewKey.cpp:135 msgctxt "NewKey|" msgid "Create" msgstr "" #: ../ui/NewX509.ui:75 msgctxt "NewX509|" msgid "Source" msgstr "" #: ../ui/NewX509.ui:97 msgctxt "NewX509|" msgid "Signing request" msgstr "" #: ../ui/NewX509.ui:112 msgctxt "NewX509|" msgid "Show request" msgstr "" #: ../ui/NewX509.ui:119 msgctxt "NewX509|" msgid "Sign this Certificate signing &request" msgstr "" #: ../ui/NewX509.ui:126 msgctxt "NewX509|" msgid "Copy extensions from the request" msgstr "" #: ../ui/NewX509.ui:136 msgctxt "NewX509|" msgid "Modify subject of the request" msgstr "" #: ../ui/NewX509.ui:169 msgctxt "NewX509|" msgid "Signing" msgstr "" #: ../ui/NewX509.ui:177 msgctxt "NewX509|" msgid "Create a &self signed certificate" msgstr "" #: ../ui/NewX509.ui:191 msgctxt "NewX509|" msgid "Use &this Certificate for signing" msgstr "" #: ../ui/NewX509.ui:198 msgctxt "NewX509|" msgid "All certificates in your database that can create valid signatures" msgstr "" #: ../ui/NewX509.ui:225 msgctxt "NewX509|" msgid "Signature algorithm" msgstr "" #: ../ui/NewX509.ui:253 msgctxt "NewX509|" msgid "Template for the new certificate" msgstr "" #: ../ui/NewX509.ui:265 msgctxt "NewX509|" msgid "All available templates" msgstr "" #: ../ui/NewX509.ui:287 msgctxt "NewX509|" msgid "Apply extensions" msgstr "" #: ../ui/NewX509.ui:294 msgctxt "NewX509|" msgid "Apply subject" msgstr "" #: ../ui/NewX509.ui:307 msgctxt "NewX509|" msgid "Apply all" msgstr "" #: ../ui/NewX509.ui:336 ../widgets/NewX509.cpp:596 msgctxt "NewX509|" msgid "Subject" msgstr "" #: ../ui/NewX509.ui:344 msgctxt "NewX509|" msgid "Internal Name" msgstr "" #: ../ui/NewX509.ui:360 msgctxt "NewX509|" msgid "Distinguished name" msgstr "" #: ../ui/NewX509.ui:386 msgctxt "NewX509|" msgid "Add" msgstr "" #: ../ui/NewX509.ui:393 msgctxt "NewX509|" msgid "Delete" msgstr "" #: ../ui/NewX509.ui:430 msgctxt "NewX509|" msgid "Private key" msgstr "" #: ../ui/NewX509.ui:442 msgctxt "NewX509|" msgid "This list only contains unused keys" msgstr "" #: ../ui/NewX509.ui:449 msgctxt "NewX509|" msgid "Used keys too" msgstr "" #: ../ui/NewX509.ui:456 msgctxt "NewX509|" msgid "&Generate a new key" msgstr "" #: ../ui/NewX509.ui:467 msgctxt "NewX509|" msgid "Extensions" msgstr "" #: ../ui/NewX509.ui:478 msgctxt "NewX509|" msgid "Type" msgstr "" #: ../ui/NewX509.ui:485 msgctxt "NewX509|" msgid "If this will become a CA certificate or not" msgstr "" #: ../ui/NewX509.ui:489 msgctxt "NewX509|" msgid "Not defined" msgstr "" #: ../ui/NewX509.ui:494 msgctxt "NewX509|" msgid "Certification Authority" msgstr "" #: ../ui/NewX509.ui:499 msgctxt "NewX509|" msgid "End Entity" msgstr "" #: ../ui/NewX509.ui:507 msgctxt "NewX509|" msgid "Path length" msgstr "" #: ../ui/NewX509.ui:514 msgctxt "NewX509|" msgid "How much CAs may be below this." msgstr "" #: ../ui/NewX509.ui:521 msgctxt "NewX509|" msgid "The basic constraints should always be critical" msgstr "" #: ../ui/NewX509.ui:534 msgctxt "NewX509|" msgid "Key identifier" msgstr "" #: ../ui/NewX509.ui:546 msgctxt "NewX509|" msgid "Creates a hash of the key following the PKIX guidelines" msgstr "" #: ../ui/NewX509.ui:556 msgctxt "NewX509|" msgid "Copy the Subject Key Identifier from the issuer" msgstr "" #: ../ui/NewX509.ui:593 msgctxt "NewX509|" msgid "Validity" msgstr "" #: ../ui/NewX509.ui:599 msgctxt "NewX509|" msgid "Not before" msgstr "" #: ../ui/NewX509.ui:613 msgctxt "NewX509|" msgid "Not after" msgstr "" #: ../ui/NewX509.ui:630 msgctxt "NewX509|" msgid "Time range" msgstr "" #: ../ui/NewX509.ui:640 msgctxt "NewX509|" msgid "Days" msgstr "" #: ../ui/NewX509.ui:645 msgctxt "NewX509|" msgid "Months" msgstr "" #: ../ui/NewX509.ui:650 msgctxt "NewX509|" msgid "Years" msgstr "" #: ../ui/NewX509.ui:664 msgctxt "NewX509|" msgid "Apply" msgstr "" #: ../ui/NewX509.ui:671 msgctxt "NewX509|" msgid "Set the time to 00:00:00 and 23:59:59 respectively" msgstr "" #: ../ui/NewX509.ui:674 msgctxt "NewX509|" msgid "Midnight" msgstr "" #: ../ui/NewX509.ui:681 msgctxt "NewX509|" msgid "Local time" msgstr "" #: ../ui/NewX509.ui:688 msgctxt "NewX509|" msgid "No well-defined expiration" msgstr "" #: ../ui/NewX509.ui:738 ../ui/NewX509.ui:755 ../ui/NewX509.ui:824 msgctxt "NewX509|" msgid "DNS: IP: URI: email: RID:" msgstr "" #: ../ui/NewX509.ui:745 ../ui/NewX509.ui:762 ../ui/NewX509.ui:795 #: ../ui/NewX509.ui:831 ../widgets/NewX509.cpp:996 msgctxt "NewX509|" msgid "Edit" msgstr "" #: ../ui/NewX509.ui:788 msgctxt "NewX509|" msgid "URI:" msgstr "" #: ../ui/NewX509.ui:870 msgctxt "NewX509|" msgid "Key usage" msgstr "" #: ../ui/NewX509.ui:981 msgctxt "NewX509|" msgid "Netscape" msgstr "" #: ../ui/NewX509.ui:1139 msgctxt "NewX509|" msgid "Advanced" msgstr "" #: ../ui/NewX509.ui:1163 ../widgets/NewX509.cpp:1006 msgctxt "NewX509|" msgid "Validate" msgstr "" #: ../ui/NewX509.ui:1186 msgctxt "NewX509|" msgid "Comment" msgstr "" #: ../ui/NewX509.ui:351 msgctxt "NewX509|" msgid "" "This name is only used internally and does not appear in the resulting " "certificate" msgstr "" #: ../widgets/NewX509.cpp:274 msgctxt "NewX509|" msgid "Critical" msgstr "" #: ../widgets/NewX509.cpp:314 msgctxt "NewX509|" msgid "Create Certificate signing request" msgstr "" #: ../widgets/NewX509.cpp:340 #, qt-format msgctxt "NewX509|" msgid "minimum size: %1" msgstr "" #: ../widgets/NewX509.cpp:342 #, qt-format msgctxt "NewX509|" msgid "maximum size: %1" msgstr "" #: ../widgets/NewX509.cpp:344 msgctxt "NewX509|" msgid "only a-z A-Z 0-9 '()+,-./:=?" msgstr "" #: ../widgets/NewX509.cpp:348 msgctxt "NewX509|" msgid "only 7-bit clean characters" msgstr "" #: ../widgets/NewX509.cpp:373 msgctxt "NewX509|" msgid "Edit XCA template" msgstr "" #: ../widgets/NewX509.cpp:386 msgctxt "NewX509|" msgid "Create x509 Certificate" msgstr "" #: ../widgets/NewX509.cpp:757 #, qt-format msgctxt "NewX509|" msgid "Template '%1' applied" msgstr "" #: ../widgets/NewX509.cpp:764 #, qt-format msgctxt "NewX509|" msgid "Subject applied from template '%1'" msgstr "" #: ../widgets/NewX509.cpp:772 #, qt-format msgctxt "NewX509|" msgid "Extensions applied from template '%1'" msgstr "" #: ../widgets/NewX509.cpp:787 #, qt-format msgctxt "NewX509|" msgid "New key '%1' created" msgstr "" #: ../widgets/NewX509.cpp:1029 msgctxt "NewX509|" msgid "Other Tabs" msgstr "" #: ../widgets/NewX509.cpp:1043 msgctxt "NewX509|" msgid "Advanced Tab" msgstr "" #: ../widgets/NewX509.cpp:1050 msgctxt "NewX509|" msgid "Errors" msgstr "" #: ../widgets/NewX509.cpp:1068 msgctxt "NewX509|" msgid "From PKCS#10 request" msgstr "" #: ../widgets/NewX509.cpp:1191 ../widgets/NewX509.cpp:1204 #: ../widgets/NewX509.cpp:1223 ../widgets/NewX509.cpp:1235 #: ../widgets/NewX509.cpp:1251 ../widgets/NewX509.cpp:1265 #: ../widgets/NewX509.cpp:1299 ../widgets/NewX509.cpp:1318 #: ../widgets/NewX509.cpp:1341 ../widgets/NewX509.cpp:1364 #: ../widgets/NewX509.cpp:1397 ../widgets/NewX509.cpp:1417 msgctxt "NewX509|" msgid "Abort rollout" msgstr "" #: ../widgets/NewX509.cpp:1200 msgctxt "NewX509|" msgid "The following length restrictions of RFC3280 are violated:" msgstr "" #: ../widgets/NewX509.cpp:1203 ../widgets/NewX509.cpp:1264 msgctxt "NewX509|" msgid "Edit subject" msgstr "" #: ../widgets/NewX509.cpp:1205 ../widgets/NewX509.cpp:1266 #: ../widgets/NewX509.cpp:1319 ../widgets/NewX509.cpp:1342 #: ../widgets/NewX509.cpp:1365 ../widgets/NewX509.cpp:1398 #: ../widgets/NewX509.cpp:1418 msgctxt "NewX509|" msgid "Continue rollout" msgstr "" #: ../widgets/NewX509.cpp:1221 msgctxt "NewX509|" msgid "" "The verification of the Certificate request failed.\n" "The rollout should be aborted." msgstr "" #: ../widgets/NewX509.cpp:1222 msgctxt "NewX509|" msgid "Continue anyway" msgstr "" #: ../widgets/NewX509.cpp:1233 msgctxt "NewX509|" msgid "" "The internal name and the common name are empty.\n" "Please set at least the internal name." msgstr "" #: ../widgets/NewX509.cpp:1234 msgctxt "NewX509|" msgid "Edit name" msgstr "" #: ../widgets/NewX509.cpp:1249 msgctxt "NewX509|" msgid "There is no Key selected for signing." msgstr "" #: ../widgets/NewX509.cpp:1250 msgctxt "NewX509|" msgid "Select key" msgstr "" #: ../widgets/NewX509.cpp:1262 #, qt-format msgctxt "NewX509|" msgid "" "The following distinguished name entries are empty:\n" "%1\n" "though you have declared them as mandatory in the options menu." msgstr "" #: ../widgets/NewX509.cpp:1296 msgctxt "NewX509|" msgid "The key you selected for signing is not a private one." msgstr "" #: ../widgets/NewX509.cpp:1297 msgctxt "NewX509|" msgid "Select other signer" msgstr "" #: ../widgets/NewX509.cpp:1297 msgctxt "NewX509|" msgid "Select other key" msgstr "" #: ../widgets/NewX509.cpp:1307 #, qt-format msgctxt "NewX509|" msgid "" "The currently selected hash algorithm '%1' is insecure and should not be " "used." msgstr "" #: ../widgets/NewX509.cpp:1308 msgctxt "NewX509|" msgid "Select other algorithm" msgstr "" #: ../widgets/NewX509.cpp:1309 msgctxt "NewX509|" msgid "Use algorithm anyway" msgstr "" #: ../widgets/NewX509.cpp:1315 msgctxt "NewX509|" msgid "" "The certificate will be earlier valid than the signer. This is probably not " "what you want." msgstr "" #: ../widgets/NewX509.cpp:1317 ../widgets/NewX509.cpp:1340 #: ../widgets/NewX509.cpp:1363 msgctxt "NewX509|" msgid "Edit dates" msgstr "" #: ../widgets/NewX509.cpp:1320 ../widgets/NewX509.cpp:1343 msgctxt "NewX509|" msgid "Adjust date and continue" msgstr "" #: ../widgets/NewX509.cpp:1338 msgctxt "NewX509|" msgid "" "The certificate will be longer valid than the signer. This is probably not " "what you want." msgstr "" #: ../widgets/NewX509.cpp:1361 msgctxt "NewX509|" msgid "" "The certificate will be out of date before it becomes valid. You most " "probably mixed up both dates." msgstr "" #: ../widgets/NewX509.cpp:1383 msgctxt "NewX509|" msgid "" "The certificate contains invalid or duplicate extensions. Check the " "validation on the advanced tab." msgstr "" #: ../widgets/NewX509.cpp:1387 msgctxt "NewX509|" msgid "" "The certificate contains no extensions. You may apply the extensions of one " "of the templates to define the purpose of the certificate." msgstr "" #: ../widgets/NewX509.cpp:1391 msgctxt "NewX509|" msgid "The certificate contains invalid extensions." msgstr "" #: ../widgets/NewX509.cpp:1396 ../widgets/NewX509.cpp:1416 msgctxt "NewX509|" msgid "Edit extensions" msgstr "" #: ../widgets/NewX509.cpp:1415 msgctxt "NewX509|" msgid "" "The subject alternative name shall contain a copy of the common name. " "However, the common name is empty." msgstr "" #: ../widgets/NewX509_ext.cpp:169 #, qt-format msgctxt "NewX509|" msgid "Configfile error on line %1\n" msgstr "" #: ../ui/OidResolver.ui:28 msgctxt "OidResolver|" msgid "OID Resolver" msgstr "" #: ../ui/OidResolver.ui:38 msgctxt "OidResolver|" msgid "Enter the OID, the Nid, or one of the textual representations" msgstr "" #: ../ui/OidResolver.ui:47 msgctxt "OidResolver|" msgid "Search" msgstr "" #: ../ui/OidResolver.ui:74 msgctxt "OidResolver|" msgid "OID" msgstr "" #: ../ui/OidResolver.ui:119 msgctxt "OidResolver|" msgid "Long name" msgstr "" #: ../ui/OidResolver.ui:145 ../ui/OidResolver.ui:167 msgctxt "OidResolver|" msgid "OpenSSL internal ID" msgstr "" #: ../ui/OidResolver.ui:148 msgctxt "OidResolver|" msgid "Nid" msgstr "" #: ../ui/OidResolver.ui:177 msgctxt "OidResolver|" msgid "Short name" msgstr "" #: ../ui/OpenDb.ui:36 msgctxt "OpenDb|" msgid "Open remote database" msgstr "" #: ../ui/OpenDb.ui:98 msgctxt "OpenDb|" msgid "Database type" msgstr "" #: ../ui/OpenDb.ui:108 msgctxt "OpenDb|" msgid "Hostname" msgstr "" #: ../ui/OpenDb.ui:118 msgctxt "OpenDb|" msgid "Username" msgstr "" #: ../ui/OpenDb.ui:128 msgctxt "OpenDb|" msgid "Password" msgstr "" #: ../ui/OpenDb.ui:142 ../widgets/OpenDb.cpp:56 msgctxt "OpenDb|" msgid "Database name" msgstr "" #: ../ui/OpenDb.ui:152 msgctxt "OpenDb|" msgid "Table prefix" msgstr "" #: ../widgets/OpenDb.cpp:125 msgctxt "OpenDb|" msgid "" "No SqLite3 driver available. Please install the qt-sqlite package of your " "distribution" msgstr "" #: ../ui/Options.ui:28 msgctxt "Options|" msgid "XCA Options" msgstr "" #: ../ui/Options.ui:42 msgctxt "Options|" msgid "Settings" msgstr "" #: ../ui/Options.ui:50 msgctxt "Options|" msgid "Default hash algorithm" msgstr "" #: ../ui/Options.ui:78 msgctxt "Options|" msgid "String types" msgstr "" #: ../ui/Options.ui:90 msgctxt "Options|" msgid "Suppress success messages" msgstr "" #: ../ui/Options.ui:123 msgctxt "Options|" msgid "Don't colorize expired certificates" msgstr "" #: ../ui/Options.ui:104 #, qt-format msgctxt "Options|" msgid "Translate established x509 terms (%1 -> %2)" msgstr "" #: ../ui/Options.ui:111 msgctxt "Options|" msgid "" "The hashing functionality of the token is not used by XCA.\n" "It may however honor a restricted hash-set propagated by the token.\n" "Especially EC and DSA are only defined with SHA1 in the PKCS#11 " "specification." msgstr "" #: ../ui/Options.ui:116 msgctxt "Options|" msgid "Only use hashes supported by the token when signing with a token key" msgstr "" #: ../ui/Options.ui:97 msgctxt "Options|" msgid "Disable legacy Netscape extensions" msgstr "" #: ../ui/Options.ui:64 msgctxt "Options|" msgid "PKCS12 encryption algorithm" msgstr "" #: ../ui/Options.ui:141 msgctxt "Options|" msgid "Certificate expiry warning threshold" msgstr "" #: ../ui/Options.ui:160 msgctxt "Options|" msgid "Send vCalendar expiry reminder" msgstr "" #: ../ui/Options.ui:171 msgctxt "Options|" msgid "Serial number length" msgstr "" #: ../ui/Options.ui:178 msgctxt "Options|" msgid " bit" msgstr "" #: ../ui/Options.ui:213 msgctxt "Options|" msgid "Distinguished name" msgstr "" #: ../ui/Options.ui:219 msgctxt "Options|" msgid "Mandatory subject entries" msgstr "" #: ../ui/Options.ui:237 ../ui/Options.ui:298 ../ui/Options.ui:380 msgctxt "Options|" msgid "Add" msgstr "" #: ../ui/Options.ui:244 ../ui/Options.ui:305 msgctxt "Options|" msgid "Delete" msgstr "" #: ../ui/Options.ui:269 msgctxt "Options|" msgid "Explicit subject entries" msgstr "" #: ../ui/Options.ui:287 msgctxt "Options|" msgid "Dynamically arrange explicit subject entries" msgstr "" #: ../ui/Options.ui:312 msgctxt "Options|" msgid "Default" msgstr "" #: ../ui/Options.ui:338 msgctxt "Options|" msgid "PKCS#11 provider" msgstr "" #: ../ui/Options.ui:393 msgctxt "Options|" msgid "Remove" msgstr "" #: ../ui/Options.ui:400 msgctxt "Options|" msgid "Search" msgstr "" #: ../widgets/Options.cpp:35 msgctxt "Options|" msgid "Printable string or UTF8 (default)" msgstr "" #: ../widgets/Options.cpp:36 msgctxt "Options|" msgid "PKIX recommendation in RFC2459" msgstr "" #: ../widgets/Options.cpp:37 msgctxt "Options|" msgid "No BMP strings, only printable and T61" msgstr "" #: ../widgets/Options.cpp:38 msgctxt "Options|" msgid "UTF8 strings only (RFC2459)" msgstr "" #: ../widgets/Options.cpp:39 msgctxt "Options|" msgid "All strings" msgstr "" #: ../widgets/Options.cpp:62 msgctxt "Options|" msgid "Days" msgstr "" #: ../widgets/Options.cpp:62 msgctxt "Options|" msgid "Weeks" msgstr "" #: ../ui/PwDialog.ui:118 msgctxt "PwDialog|" msgid "" "The password is parsed as 2-digit hex code. It must have an even number of " "digits (0-9 and a-f)" msgstr "" #: ../ui/PwDialog.ui:121 msgctxt "PwDialog|" msgid "Take as HEX string" msgstr "" #: ../widgets/PwDialog.cpp:72 #, qt-format msgctxt "PwDialog|" msgid "Repeat %1" msgstr "" #: ../widgets/PwDialog.cpp:85 #, qt-format msgctxt "PwDialog|" msgid "%1 mismatch" msgstr "" #: ../widgets/PwDialog.cpp:92 msgctxt "PwDialog|" msgid "" "Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it " "must consist of an even number of characters" msgstr "" #: ../widgets/PwDialog.cpp:121 msgctxt "PwDialog|" msgid "Exit" msgstr "" #: ../lib/asn1time.cpp:157 msgctxt "QObject|" msgid "Undefined" msgstr "" #: ../lib/asn1time.cpp:159 msgctxt "QObject|" msgid "Broken / Invalid" msgstr "" #: ../lib/asn1time.cpp:205 #, qt-format msgctxt "QObject|" msgid "in %1 seconds" msgstr "" #: ../lib/asn1time.cpp:206 #, qt-format msgctxt "QObject|" msgid "%1 seconds ago" msgstr "" #: ../lib/asn1time.cpp:209 #, qt-format msgctxt "QObject|" msgid "in %1 minutes" msgstr "" #: ../lib/asn1time.cpp:210 #, qt-format msgctxt "QObject|" msgid "%1 minutes ago" msgstr "" #: ../lib/asn1time.cpp:212 msgctxt "QObject|" msgid "Yesterday" msgstr "" #: ../lib/asn1time.cpp:214 msgctxt "QObject|" msgid "Tomorrow" msgstr "" #: ../lib/asn1time.cpp:217 #, qt-format msgctxt "QObject|" msgid "in %1 hours" msgstr "" #: ../lib/asn1time.cpp:218 #, qt-format msgctxt "QObject|" msgid "%1 hours ago" msgstr "" #: ../lib/pki_temp.cpp:31 ../lib/pki_temp.cpp:41 msgctxt "QObject|" msgid "Out of data" msgstr "" #: ../lib/pki_temp.cpp:52 msgctxt "QObject|" msgid "Error finding endmarker of string" msgstr "" #: ../lib/load_obj.cpp:20 msgctxt "QObject|" msgid "All files ( * )" msgstr "" #: ../lib/load_obj.cpp:56 msgctxt "QObject|" msgid "" "PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK " "Keys ( *.pvk );; SSH Public Keys ( *.pub );;" msgstr "" #: ../lib/load_obj.cpp:60 msgctxt "QObject|" msgid "Import RSA key" msgstr "" #: ../lib/load_obj.cpp:72 msgctxt "QObject|" msgid "PKCS#10 CSR ( *.pem *.der *.csr );; " msgstr "" #: ../lib/load_obj.cpp:73 msgctxt "QObject|" msgid "Import Request" msgstr "" #: ../lib/load_obj.cpp:85 msgctxt "QObject|" msgid "Certificates ( *.pem *.der *.crt *.cer );;" msgstr "" #: ../lib/load_obj.cpp:86 msgctxt "QObject|" msgid "Import X.509 Certificate" msgstr "" #: ../lib/load_obj.cpp:98 msgctxt "QObject|" msgid "PKCS#7 data ( *.p7s *.p7m *.p7b );;" msgstr "" #: ../lib/load_obj.cpp:99 msgctxt "QObject|" msgid "Import PKCS#7 Certificates" msgstr "" #: ../lib/load_obj.cpp:111 msgctxt "QObject|" msgid "PKCS#12 Certificates ( *.p12 *.pfx );;" msgstr "" #: ../lib/load_obj.cpp:112 msgctxt "QObject|" msgid "Import PKCS#12 Private Certificate" msgstr "" #: ../lib/load_obj.cpp:125 msgctxt "QObject|" msgid "XCA templates ( *.xca );;" msgstr "" #: ../lib/load_obj.cpp:126 msgctxt "QObject|" msgid "Import XCA Templates" msgstr "" #: ../lib/load_obj.cpp:138 msgctxt "QObject|" msgid "Revocation lists ( *.pem *.der *.crl );;" msgstr "" #: ../lib/load_obj.cpp:139 msgctxt "QObject|" msgid "Import Certificate Revocation List" msgstr "" #: ../lib/load_obj.cpp:151 msgctxt "QObject|" msgid "XCA Databases ( *.xdb );;" msgstr "" #: ../lib/load_obj.cpp:152 msgctxt "QObject|" msgid "Open XCA Database" msgstr "" #: ../lib/load_obj.cpp:160 msgctxt "QObject|" msgid "PKCS#11 library ( *.dll );;" msgstr "" #: ../lib/load_obj.cpp:162 msgctxt "QObject|" msgid "PKCS#11 library ( *.dylib *.so );;" msgstr "" #: ../lib/load_obj.cpp:164 msgctxt "QObject|" msgid "PKCS#11 library ( *.so );;" msgstr "" #: ../lib/load_obj.cpp:166 msgctxt "QObject|" msgid "Open PKCS#11 shared library" msgstr "" #: ../lib/load_obj.cpp:173 msgctxt "QObject|" msgid "PEM files ( *.pem );;" msgstr "" #: ../lib/load_obj.cpp:174 msgctxt "QObject|" msgid "Load PEM encoded file" msgstr "" #: ../lib/pkcs11.cpp:213 msgctxt "QObject|" msgid "Please enter the PIN on the PinPad" msgstr "" #: ../lib/pkcs11.cpp:224 #, qt-format msgctxt "QObject|" msgid "Please enter the SO PIN (PUK) of the token %1" msgstr "" #: ../lib/pkcs11.cpp:225 #, qt-format msgctxt "QObject|" msgid "Please enter the PIN of the token %1" msgstr "" #: ../lib/pkcs11.cpp:279 msgctxt "QObject|" msgid "No Security token found" msgstr "" #: ../lib/pkcs11.cpp:290 msgctxt "QObject|" msgid "Select" msgstr "" #: ../lib/pkcs11.cpp:313 #, qt-format msgctxt "QObject|" msgid "Please enter the new SO PIN (PUK) for the token: '%1'" msgstr "" #: ../lib/pkcs11.cpp:315 #, qt-format msgctxt "QObject|" msgid "Please enter the new PIN for the token: '%1'" msgstr "" #: ../lib/pkcs11.h:99 #, qt-format msgctxt "QObject|" msgid "Required PIN size: %1 - %2" msgstr "" #: ../lib/pkcs11_lib.cpp:119 msgctxt "QObject|" msgid "Disabled" msgstr "" #: ../lib/pkcs11_lib.cpp:123 msgctxt "QObject|" msgid "Library loading failed" msgstr "" #: ../lib/pkcs11_lib.cpp:480 #, qt-format msgctxt "QObject|" msgid "PKCS#11 function '%1' failed: %2" msgstr "" #: ../lib/pkcs11_lib.cpp:488 #, qt-format msgctxt "QObject|" msgid "" "PKCS#11 function '%1' failed: %2\n" "In library %3\n" "%4" msgstr "" #: ../lib/x509name.cpp:111 msgctxt "QObject|" msgid "Invalid" msgstr "" #: ../lib/x509name.cpp:235 #, qt-format msgctxt "QObject|" msgid "%1 is shorter than %2 bytes: '%3'" msgstr "" #: ../lib/x509name.cpp:240 #, qt-format msgctxt "QObject|" msgid "%1 is longer than %2 bytes: '%3'" msgstr "" #: ../lib/x509v3ext.cpp:99 #, qt-format msgctxt "QObject|" msgid "String '%1' for '%2' contains invalid characters" msgstr "" #: ../lib/oid.cpp:48 #, qt-format msgctxt "QObject|" msgid "Error reading config file %1 at line %2" msgstr "" #: ../lib/oid.cpp:86 #, qt-format msgctxt "QObject|" msgid "" "The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and " "should be removed." msgstr "" #: ../lib/oid.cpp:95 #, qt-format msgctxt "QObject|" msgid "" "The identifier '%1' for OID %2 from file %3 line %4 is already used for a " "different OID as '%5:%6:%7' and should be changed to avoid conflicts." msgstr "" #: ../lib/oid.cpp:160 #, qt-format msgctxt "QObject|" msgid "Unknown object '%1' in file %2 line %3" msgstr "" #: ../lib/sql.h:55 msgctxt "QObject|" msgid "Failed to start a database transaction" msgstr "" #: ../lib/func.cpp:575 msgctxt "QObject|" msgid "Country code" msgstr "" #: ../lib/func.cpp:576 msgctxt "QObject|" msgid "State or Province" msgstr "" #: ../lib/func.cpp:577 msgctxt "QObject|" msgid "Locality" msgstr "" #: ../lib/func.cpp:578 msgctxt "QObject|" msgid "Organisation" msgstr "" #: ../lib/func.cpp:579 msgctxt "QObject|" msgid "Organisational unit" msgstr "" #: ../lib/func.cpp:580 msgctxt "QObject|" msgid "Common name" msgstr "" #: ../lib/func.cpp:581 msgctxt "QObject|" msgid "E-Mail address" msgstr "" #: ../lib/func.cpp:582 msgctxt "QObject|" msgid "Serial number" msgstr "" #: ../lib/func.cpp:583 msgctxt "QObject|" msgid "Given name" msgstr "" #: ../lib/func.cpp:584 msgctxt "QObject|" msgid "Surname" msgstr "" #: ../lib/func.cpp:585 msgctxt "QObject|" msgid "Title" msgstr "" #: ../lib/func.cpp:586 msgctxt "QObject|" msgid "Initials" msgstr "" #: ../lib/func.cpp:587 msgctxt "QObject|" msgid "Description" msgstr "" #: ../lib/func.cpp:588 msgctxt "QObject|" msgid "Role" msgstr "" #: ../lib/func.cpp:589 msgctxt "QObject|" msgid "Pseudonym" msgstr "" #: ../lib/func.cpp:590 msgctxt "QObject|" msgid "Generation Qualifier" msgstr "" #: ../lib/func.cpp:591 msgctxt "QObject|" msgid "x500 Unique Identifier" msgstr "" #: ../lib/func.cpp:592 msgctxt "QObject|" msgid "Name" msgstr "" #: ../lib/func.cpp:593 msgctxt "QObject|" msgid "DN Qualifier" msgstr "" #: ../lib/func.cpp:594 msgctxt "QObject|" msgid "Unstructured name" msgstr "" #: ../lib/func.cpp:595 msgctxt "QObject|" msgid "Challenge password" msgstr "" #: ../lib/func.cpp:597 msgctxt "QObject|" msgid "Basic Constraints" msgstr "" #: ../lib/func.cpp:598 msgctxt "QObject|" msgid "Subject alternative name" msgstr "" #: ../lib/func.cpp:599 msgctxt "QObject|" msgid "issuer alternative name" msgstr "" #: ../lib/func.cpp:600 msgctxt "QObject|" msgid "Subject key identifier" msgstr "" #: ../lib/func.cpp:601 msgctxt "QObject|" msgid "Authority key identifier" msgstr "" #: ../lib/func.cpp:602 msgctxt "QObject|" msgid "Key usage" msgstr "" #: ../lib/func.cpp:603 msgctxt "QObject|" msgid "Extended key usage" msgstr "" #: ../lib/func.cpp:604 msgctxt "QObject|" msgid "CRL distribution points" msgstr "" #: ../lib/func.cpp:605 msgctxt "QObject|" msgid "Authority information access" msgstr "" #: ../lib/func.cpp:606 msgctxt "QObject|" msgid "Certificate type" msgstr "" #: ../lib/func.cpp:607 msgctxt "QObject|" msgid "Base URL" msgstr "" #: ../lib/func.cpp:608 msgctxt "QObject|" msgid "Revocation URL" msgstr "" #: ../lib/func.cpp:609 msgctxt "QObject|" msgid "CA Revocation URL" msgstr "" #: ../lib/func.cpp:610 msgctxt "QObject|" msgid "Certificate renewal URL" msgstr "" #: ../lib/func.cpp:611 msgctxt "QObject|" msgid "CA policy URL" msgstr "" #: ../lib/func.cpp:612 msgctxt "QObject|" msgid "SSL server name" msgstr "" #: ../lib/func.cpp:613 msgctxt "QObject|" msgid "Comment" msgstr "" #: ../lib/main.cpp:357 #, qt-format msgctxt "QObject|" msgid "Index file written to '%1'" msgstr "" #: ../lib/main.cpp:364 #, qt-format msgctxt "QObject|" msgid "Index hierarchy written to '%1'" msgstr "" #: ../lib/main.cpp:377 #, qt-format msgctxt "QObject|" msgid "Unknown key type %1" msgstr "" #: ../lib/XcaWarningCore.h:23 msgctxt "QObject|" msgid "Password verify error, please try again" msgstr "" #: ../lib/XcaWarningCore.h:92 msgctxt "QObject|" msgid "The following error occurred:" msgstr "" #: ../lib/database_model.cpp:74 msgctxt "QObject|" msgid "Failed to update the database schema to the current version" msgstr "" #: ../lib/PwDialogCore.cpp:27 msgctxt "QObject|" msgid "Password" msgstr "" #: ../widgets/ReqTreeView.cpp:27 msgctxt "ReqTreeView|" msgid "Sign" msgstr "" #: ../widgets/ReqTreeView.cpp:29 msgctxt "ReqTreeView|" msgid "Unmark signed" msgstr "" #: ../widgets/ReqTreeView.cpp:32 msgctxt "ReqTreeView|" msgid "Mark signed" msgstr "" #: ../widgets/ReqTreeView.cpp:35 msgctxt "ReqTreeView|" msgid "Similar Request" msgstr "" #: ../widgets/ReqTreeView.cpp:75 msgctxt "ReqTreeView|" msgid "Certificate request export" msgstr "" #: ../widgets/ReqTreeView.cpp:76 msgctxt "ReqTreeView|" msgid "Certificate request ( *.pem *.der *.csr )" msgstr "" #: ../ui/RevocationList.ui:30 msgctxt "RevocationList|" msgid "Manage revocations" msgstr "" #: ../ui/RevocationList.ui:96 msgctxt "RevocationList|" msgid "Add" msgstr "" #: ../ui/RevocationList.ui:103 msgctxt "RevocationList|" msgid "Delete" msgstr "" #: ../ui/RevocationList.ui:110 msgctxt "RevocationList|" msgid "Edit" msgstr "" #: ../widgets/RevocationList.cpp:77 msgctxt "RevocationList|" msgid "No." msgstr "" #: ../widgets/RevocationList.cpp:77 msgctxt "RevocationList|" msgid "Serial" msgstr "" #: ../widgets/RevocationList.cpp:77 msgctxt "RevocationList|" msgid "Revocation" msgstr "" #: ../widgets/RevocationList.cpp:77 msgctxt "RevocationList|" msgid "Reason" msgstr "" #: ../widgets/RevocationList.cpp:78 msgctxt "RevocationList|" msgid "Invalidation" msgstr "" #: ../widgets/RevocationList.cpp:106 msgctxt "RevocationList|" msgid "Generate CRL" msgstr "" #: ../ui/Revoke.ui:30 msgctxt "Revoke|" msgid "Certificate revocation" msgstr "" #: ../ui/Revoke.ui:87 msgctxt "Revoke|" msgid "Revocation details" msgstr "" #: ../ui/Revoke.ui:96 msgctxt "Revoke|" msgid "Revocation reason" msgstr "" #: ../ui/Revoke.ui:110 msgctxt "Revoke|" msgid "Local time" msgstr "" #: ../ui/Revoke.ui:117 msgctxt "Revoke|" msgid "Invalid since" msgstr "" #: ../ui/Revoke.ui:124 msgctxt "Revoke|" msgid "Serial" msgstr "" #: ../ui/SearchPkcs11.ui:41 msgctxt "SearchPkcs11|" msgid "Directory" msgstr "" #: ../ui/SearchPkcs11.ui:57 msgctxt "SearchPkcs11|" msgid "..." msgstr "" #: ../ui/SearchPkcs11.ui:64 msgctxt "SearchPkcs11|" msgid "Include subdirectories" msgstr "" #: ../ui/SearchPkcs11.ui:71 msgctxt "SearchPkcs11|" msgid "Search" msgstr "" #: ../widgets/SearchPkcs11.cpp:75 msgctxt "SearchPkcs11|" msgid "The following files are possible PKCS#11 libraries" msgstr "" #: ../ui/SelectToken.ui:39 msgctxt "SelectToken|" msgid "Security token" msgstr "" #: ../ui/SelectToken.ui:86 msgctxt "SelectToken|" msgid "Please select the security token" msgstr "" #: ../widgets/TempTreeView.cpp:25 msgctxt "TempTreeView|" msgid "Duplicate" msgstr "" #: ../widgets/TempTreeView.cpp:26 msgctxt "TempTreeView|" msgid "Create certificate" msgstr "" #: ../widgets/TempTreeView.cpp:27 msgctxt "TempTreeView|" msgid "Create request" msgstr "" #: ../widgets/TempTreeView.cpp:38 msgctxt "TempTreeView|" msgid "copy" msgstr "" #: ../widgets/TempTreeView.cpp:86 msgctxt "TempTreeView|" msgid "Preset Template values" msgstr "" #: ../widgets/TempTreeView.cpp:124 msgctxt "TempTreeView|" msgid "Template export" msgstr "" #: ../widgets/TempTreeView.cpp:125 msgctxt "TempTreeView|" msgid "XCA Templates ( *.xca )" msgstr "" #: ../ui/TrustState.ui:33 msgctxt "TrustState|" msgid "Certificate trust" msgstr "" #: ../ui/TrustState.ui:93 msgctxt "TrustState|" msgid "Trustment" msgstr "" #: ../ui/TrustState.ui:102 msgctxt "TrustState|" msgid "&Never trust this certificate" msgstr "" #: ../ui/TrustState.ui:109 msgctxt "TrustState|" msgid "Only &trust this certificate, if we trust the signer" msgstr "" #: ../ui/TrustState.ui:116 msgctxt "TrustState|" msgid "&Always trust this certificate" msgstr "" #: ../widgets/validity.cpp:94 msgctxt "Validity|" msgid "yyyy-MM-dd hh:mm" msgstr "" #: ../widgets/X509SuperTreeView.cpp:29 msgctxt "X509SuperTreeView|" msgid "OpenSSL config" msgstr "" #: ../widgets/X509SuperTreeView.cpp:30 msgctxt "X509SuperTreeView|" msgid "Transform" msgstr "" #: ../widgets/X509SuperTreeView.cpp:31 msgctxt "X509SuperTreeView|" msgid "Template" msgstr "" #: ../widgets/X509SuperTreeView.cpp:32 msgctxt "X509SuperTreeView|" msgid "Public key" msgstr "" #: ../widgets/X509SuperTreeView.cpp:62 msgctxt "X509SuperTreeView|" msgid "Save as OpenSSL config" msgstr "" #: ../widgets/X509SuperTreeView.cpp:63 msgctxt "X509SuperTreeView|" msgid "Config files ( *.conf *.cnf);; All files ( * )" msgstr "" #: ../lib/xfile.h:28 #, qt-format msgctxt "XFile|" msgid "Error opening file: '%1': %2" msgstr "" #: ../lib/xfile.h:41 #, qt-format msgctxt "XFile|" msgid "Error rewinding file: '%1': %2" msgstr "" #: ../widgets/XcaTreeView.cpp:314 msgctxt "XcaTreeView|" msgid "Item properties" msgstr "" #: ../widgets/XcaTreeView.cpp:381 msgctxt "XcaTreeView|" msgid "Subject entries" msgstr "" #: ../widgets/XcaTreeView.cpp:382 msgctxt "XcaTreeView|" msgid "X509v3 Extensions" msgstr "" #: ../widgets/XcaTreeView.cpp:383 msgctxt "XcaTreeView|" msgid "Netscape extensions" msgstr "" #: ../widgets/XcaTreeView.cpp:384 msgctxt "XcaTreeView|" msgid "Key properties" msgstr "" #: ../widgets/XcaTreeView.cpp:385 msgctxt "XcaTreeView|" msgid "Reset" msgstr "" #: ../widgets/XcaTreeView.cpp:388 msgctxt "XcaTreeView|" msgid "Hide Column" msgstr "" #: ../widgets/XcaTreeView.cpp:390 msgctxt "XcaTreeView|" msgid "Details" msgstr "" #: ../widgets/XcaTreeView.cpp:433 msgctxt "XcaTreeView|" msgid "Columns" msgstr "" #: ../widgets/XcaTreeView.cpp:499 msgctxt "XcaTreeView|" msgid "New" msgstr "" #: ../widgets/XcaTreeView.cpp:500 msgctxt "XcaTreeView|" msgid "Import" msgstr "" #: ../widgets/XcaTreeView.cpp:501 msgctxt "XcaTreeView|" msgid "Paste PEM data" msgstr "" #: ../widgets/XcaTreeView.cpp:505 msgctxt "XcaTreeView|" msgid "Rename" msgstr "" #: ../widgets/XcaTreeView.cpp:506 msgctxt "XcaTreeView|" msgid "Properties" msgstr "" #: ../widgets/XcaTreeView.cpp:509 msgctxt "XcaTreeView|" msgid "Delete" msgstr "" #: ../widgets/XcaTreeView.cpp:511 msgctxt "XcaTreeView|" msgid "Export" msgstr "" #: ../widgets/XcaTreeView.cpp:512 msgctxt "XcaTreeView|" msgid "Clipboard" msgstr "" #: ../widgets/XcaTreeView.cpp:514 msgctxt "XcaTreeView|" msgid "File" msgstr "" #: ../lib/database_model.cpp:121 #, qt-format msgctxt "database_model|" msgid "" "Please enter the password to access the database server %2 as user '%1'." msgstr "" #: ../lib/database_model.cpp:235 #, qt-format msgctxt "database_model|" msgid "Unable to create '%1': %2" msgstr "" #: ../lib/database_model.cpp:406 #, qt-format msgctxt "database_model|" msgid "The file '%1' is not an XCA database" msgstr "" #: ../lib/database_model.cpp:433 msgctxt "database_model|" msgid "" "No SqLite3 driver available. Please install the qt-sqlite package of your " "distribution" msgstr "" #: ../lib/database_model.cpp:474 msgctxt "database_model|" msgid "New Password" msgstr "" #: ../lib/database_model.cpp:474 #, qt-format msgctxt "database_model|" msgid "" "Please enter a password, that will be used to encrypt your private keys in " "the database:\n" "%1" msgstr "" #: ../lib/database_model.cpp:494 msgctxt "database_model|" msgid "Password" msgstr "" #: ../lib/database_model.cpp:495 #, qt-format msgctxt "database_model|" msgid "" "Please enter the password for unlocking the database:\n" "%1" msgstr "" #: ../lib/db_base.cpp:163 msgctxt "db_base|" msgid "Internal name" msgstr "" #: ../lib/db_base.cpp:164 msgctxt "db_base|" msgid "No." msgstr "" #: ../lib/db_base.cpp:165 msgctxt "db_base|" msgid "Primary key" msgstr "" #: ../lib/db_base.cpp:166 msgctxt "db_base|" msgid "Database unique number" msgstr "" #: ../lib/db_base.cpp:167 msgctxt "db_base|" msgid "Date" msgstr "" #: ../lib/db_base.cpp:168 msgctxt "db_base|" msgid "Date of creation or insertion" msgstr "" #: ../lib/db_base.cpp:169 msgctxt "db_base|" msgid "Source" msgstr "" #: ../lib/db_base.cpp:170 msgctxt "db_base|" msgid "Generated, Imported, Transformed" msgstr "" #: ../lib/db_base.cpp:171 msgctxt "db_base|" msgid "Comment" msgstr "" #: ../lib/db_base.cpp:172 msgctxt "db_base|" msgid "First line of the comment field" msgstr "" #: ../lib/db_base.cpp:234 #, qt-format msgctxt "db_base|" msgid "Import from: %1" msgstr "" #: ../lib/db_base.cpp:369 #, qt-format msgctxt "db_base|" msgid "Could not create directory %1" msgstr "" #: ../lib/db_crl.cpp:27 msgctxt "db_crl|" msgid "Signer" msgstr "" #: ../lib/db_crl.cpp:28 msgctxt "db_crl|" msgid "Internal name of the signer" msgstr "" #: ../lib/db_crl.cpp:29 msgctxt "db_crl|" msgid "No. revoked" msgstr "" #: ../lib/db_crl.cpp:30 msgctxt "db_crl|" msgid "Number of revoked certificates" msgstr "" #: ../lib/db_crl.cpp:31 msgctxt "db_crl|" msgid "Last update" msgstr "" #: ../lib/db_crl.cpp:32 msgctxt "db_crl|" msgid "Next update" msgstr "" #: ../lib/db_crl.cpp:33 msgctxt "db_crl|" msgid "CRL number" msgstr "" #: ../lib/db_crl.cpp:96 #, qt-format msgctxt "db_crl|" msgid "" "The revocation list already exists in the database as:\n" "'%1'\n" "and so it was not imported" msgstr "" #: ../lib/db_crl.cpp:168 msgctxt "db_crl|" msgid "Failed to initiate DB transaction" msgstr "" #: ../lib/db_crl.cpp:178 ../lib/db_crl.cpp:186 ../lib/db_crl.cpp:190 #, qt-format msgctxt "db_crl|" msgid "Database error: %1" msgstr "" #: ../lib/db_key.cpp:54 msgctxt "db_key|" msgid "Type" msgstr "" #: ../lib/db_key.cpp:55 msgctxt "db_key|" msgid "Size" msgstr "" #: ../lib/db_key.cpp:57 msgctxt "db_key|" msgid "EC Group" msgstr "" #: ../lib/db_key.cpp:59 msgctxt "db_key|" msgid "Use" msgstr "" #: ../lib/db_key.cpp:60 msgctxt "db_key|" msgid "Password" msgstr "" #: ../lib/db_key.cpp:134 #, qt-format msgctxt "db_key|" msgid "" "The key is already in the database as:\n" "'%1'\n" "and is not going to be imported" msgstr "" #: ../lib/db_key.cpp:139 #, qt-format msgctxt "db_key|" msgid "" "The database already contains the public part of the imported key as\n" "'%1\n" "and will be completed by the new, private part of the key" msgstr "" #: ../lib/db_key.cpp:141 #, qt-format msgctxt "db_key|" msgid "Extending public key from %1 by imported key '%2'" msgstr "" #: ../lib/db_key.cpp:157 msgctxt "db_key|" msgid "Key size too small !" msgstr "" #: ../lib/db_key.cpp:161 #, qt-format msgctxt "db_key|" msgid "You are sure to create a key of the size: %1 ?" msgstr "" #: ../lib/db_key.cpp:243 msgctxt "db_key|" msgid "Internal error" msgstr "" #: ../lib/db_key.cpp:254 msgctxt "db_key|" msgid "Tried to change password of a token" msgstr "" #: ../lib/db_temp.cpp:59 #, qt-format msgctxt "db_temp|" msgid "Bad template: %1" msgstr "" #: ../lib/db_temp.cpp:32 msgctxt "db_temp|" msgid "Empty template" msgstr "" #: ../lib/db_x509.cpp:76 msgctxt "db_x509|" msgid "CA" msgstr "" #: ../lib/db_x509.cpp:77 msgctxt "db_x509|" msgid "reflects the basic Constraints extension" msgstr "" #: ../lib/db_x509.cpp:78 msgctxt "db_x509|" msgid "Serial" msgstr "" #: ../lib/db_x509.cpp:82 msgctxt "db_x509|" msgid "Start date" msgstr "" #: ../lib/db_x509.cpp:84 msgctxt "db_x509|" msgid "Expiry date" msgstr "" #: ../lib/db_x509.cpp:79 msgctxt "db_x509|" msgid "MD5 fingerprint" msgstr "" #: ../lib/db_x509.cpp:80 msgctxt "db_x509|" msgid "SHA1 fingerprint" msgstr "" #: ../lib/db_x509.cpp:81 msgctxt "db_x509|" msgid "SHA256 fingerprint" msgstr "" #: ../lib/db_x509.cpp:83 msgctxt "db_x509|" msgid "Not before" msgstr "" #: ../lib/db_x509.cpp:85 msgctxt "db_x509|" msgid "Not after" msgstr "" #: ../lib/db_x509.cpp:86 msgctxt "db_x509|" msgid "Revocation" msgstr "" #: ../lib/db_x509.cpp:87 msgctxt "db_x509|" msgid "CRL Expiration" msgstr "" #: ../lib/db_x509.cpp:306 msgctxt "db_x509|" msgid "Failed to retrieve unique random serial" msgstr "" #: ../lib/db_x509.cpp:329 #, qt-format msgctxt "db_x509|" msgid "" "The certificate already exists in the database as:\n" "'%1'\n" "and so it was not imported" msgstr "" #: ../lib/db_x509.cpp:364 #, qt-format msgctxt "db_x509|" msgid "Signed on %1 by '%2'" msgstr "" #: ../lib/db_x509.cpp:365 msgctxt "db_x509|" msgid "Unknown" msgstr "" #: ../lib/db_x509.cpp:453 msgctxt "db_x509|" msgid "Invalid public key" msgstr "" #: ../lib/db_x509.cpp:479 msgctxt "db_x509|" msgid "The key you selected for signing is not a private one." msgstr "" #: ../lib/db_x509.cpp:258 #, qt-format msgctxt "db_x509|" msgid "Failed to create directory '%1'" msgstr "" #: ../lib/db_x509.cpp:520 #, qt-format msgctxt "db_x509|" msgid "Store the certificate to the key on the token '%1 (#%2)' ?" msgstr "" #: ../lib/db_x509.cpp:602 ../lib/db_x509.cpp:651 #, qt-format msgctxt "db_x509|" msgid "There was no key found for the Certificate: '%1'" msgstr "" #: ../lib/db_x509.cpp:605 #, qt-format msgctxt "db_x509|" msgid "Not possible for a token key: '%1'" msgstr "" #: ../lib/db_x509.cpp:655 #, qt-format msgctxt "db_x509|" msgid "Not possible for the token-key Certificate '%1'" msgstr "" #: ../lib/db_x509super.cpp:27 msgctxt "db_x509name|" msgid "Subject" msgstr "" #: ../lib/db_x509super.cpp:28 msgctxt "db_x509name|" msgid "Complete distinguished name" msgstr "" #: ../lib/db_x509super.cpp:29 msgctxt "db_x509name|" msgid "Subject hash" msgstr "" #: ../lib/db_x509super.cpp:30 msgctxt "db_x509name|" msgid "Hash to lookup certs in directories" msgstr "" #: ../lib/db_x509req.cpp:29 msgctxt "db_x509req|" msgid "Signed" msgstr "" #: ../lib/db_x509req.cpp:30 msgctxt "db_x509req|" msgid "whether the request is already signed or not" msgstr "" #: ../lib/db_x509req.cpp:31 msgctxt "db_x509req|" msgid "Unstructured name" msgstr "" #: ../lib/db_x509req.cpp:33 msgctxt "db_x509req|" msgid "Challenge password" msgstr "" #: ../lib/db_x509req.cpp:35 msgctxt "db_x509req|" msgid "Certificate count" msgstr "" #: ../lib/db_x509req.cpp:36 msgctxt "db_x509req|" msgid "Number of certificates in the database with the same public key" msgstr "" #: ../lib/db_x509req.cpp:53 #, qt-format msgctxt "db_x509req|" msgid "" "The certificate signing request already exists in the database as\n" "'%1'\n" "and thus was not stored" msgstr "" #: ../lib/db_x509super.cpp:77 msgctxt "db_x509super|" msgid "Key name" msgstr "" #: ../lib/db_x509super.cpp:78 msgctxt "db_x509super|" msgid "Internal name of the key" msgstr "" #: ../lib/db_x509super.cpp:80 msgctxt "db_x509super|" msgid "Signature algorithm" msgstr "" #: ../lib/db_x509super.cpp:81 msgctxt "db_x509super|" msgid "Key type" msgstr "" #: ../lib/db_x509super.cpp:82 msgctxt "db_x509super|" msgid "Key size" msgstr "" #: ../lib/db_x509super.cpp:84 msgctxt "db_x509super|" msgid "EC Group" msgstr "" #: ../lib/db_x509super.cpp:138 #, qt-format msgctxt "db_x509super|" msgid "Extracted from %1 '%2'" msgstr "" #: ../lib/db_x509super.cpp:140 ../lib/db_x509super.cpp:168 msgctxt "db_x509super|" msgid "Certificate" msgstr "" #: ../lib/db_x509super.cpp:140 ../lib/db_x509super.cpp:168 msgctxt "db_x509super|" msgid "Certificate request" msgstr "" #: ../lib/db_x509super.cpp:163 msgctxt "db_x509super|" msgid "The following extensions were not ported into the template" msgstr "" #: ../lib/db_x509super.cpp:166 #, qt-format msgctxt "db_x509super|" msgid "Transformed from %1 '%2'" msgstr "" #: ../widgets/kvView.cpp:164 msgctxt "kvView|" msgid "Type" msgstr "" #: ../widgets/kvView.cpp:164 msgctxt "kvView|" msgid "Content" msgstr "" #: ../lib/pass_info.cpp:15 msgctxt "pass_info|" msgid "Password" msgstr "" #: ../lib/pass_info.cpp:22 msgctxt "pass_info|" msgid "PIN" msgstr "" #: ../lib/pkcs11_lib.cpp:37 #, qt-format msgctxt "pkcs11_lib|" msgid "Failed to open PKCS11 library: %1: %2" msgstr "" #: ../lib/pkcs11_lib.cpp:43 msgctxt "pkcs11_lib|" msgid "" "This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not " "found." msgstr "" #: ../lib/pki_base.cpp:287 msgctxt "pki_base|" msgid "Unknown" msgstr "" #: ../lib/pki_base.cpp:288 msgctxt "pki_base|" msgid "Imported" msgstr "" #: ../lib/pki_base.cpp:289 msgctxt "pki_base|" msgid "Generated" msgstr "" #: ../lib/pki_base.cpp:290 msgctxt "pki_base|" msgid "Transformed" msgstr "" #: ../lib/pki_base.cpp:291 msgctxt "pki_base|" msgid "Token" msgstr "" #: ../lib/pki_base.cpp:292 msgctxt "pki_base|" msgid "Legacy Database" msgstr "" #: ../lib/pki_base.cpp:293 msgctxt "pki_base|" msgid "Renewed" msgstr "" #: ../lib/pki_base.cpp:436 #, qt-format msgctxt "pki_base|" msgid "Property '%1' not listed in 'pki_base::print'" msgstr "" #: ../lib/pki_base.cpp:123 #, qt-format msgctxt "pki_base|" msgid "Internal error: Unexpected message: %1 %2" msgstr "" #: ../lib/pki_crl.cpp:57 #, qt-format msgctxt "pki_crl|" msgid "Successfully imported the revocation list '%1'" msgstr "" #: ../lib/pki_crl.cpp:58 #, qt-format msgctxt "pki_crl|" msgid "Delete the revocation list '%1'?" msgstr "" #: ../lib/pki_crl.cpp:59 #, qt-format msgctxt "pki_crl|" msgid "Successfully created the revocation list '%1'" msgstr "" #: ../lib/pki_crl.cpp:61 #, qt-format msgctxt "pki_crl|" msgid "Delete the %1 revocation lists: %2?" msgstr "" #: ../lib/pki_crl.cpp:145 #, qt-format msgctxt "pki_crl|" msgid "" "Unable to load the revocation list in file %1. Tried PEM and DER formatted " "CRL." msgstr "" #: ../lib/pki_crl.cpp:160 msgctxt "pki_crl|" msgid "No issuer given" msgstr "" #: ../lib/pki_crl.cpp:421 #, qt-format msgctxt "pki_crl|" msgid "CRL Renewal of CA '%1' due" msgstr "" #: ../lib/pki_crl.cpp:422 #, qt-format msgctxt "pki_crl|" msgid "" "The latest CRL issued by the CA '%1' will expire on %2.\n" "It is stored in the XCA database '%3'" msgstr "" #: ../lib/pki_crl.cpp:430 #, qt-format msgctxt "pki_crl|" msgid "Renew CRL: %1" msgstr "" #: ../lib/pki_crl.cpp:431 #, qt-format msgctxt "pki_crl|" msgid "" "The XCA CRL '%1', issued on %3 will expire on %4.\n" "It is stored in the XCA database '%5'" msgstr "" #: ../lib/pki_evp.cpp:230 #, qt-format msgctxt "pki_evp|" msgid "Please enter the password to decrypt the private key %1." msgstr "" #: ../lib/pki_evp.cpp:297 #, qt-format msgctxt "pki_evp|" msgid "The key from file '%1' is incomplete or inconsistent." msgstr "" #: ../lib/pki_evp.cpp:386 #, qt-format msgctxt "pki_evp|" msgid "" "Please enter the password to decrypt the private key from file:\n" "%1" msgstr "" #: ../lib/pki_evp.cpp:453 #, qt-format msgctxt "pki_evp|" msgid "" "Unable to load the private key in file %1. Tried PEM and DER private, " "public, PKCS#8 key types and SSH2 format." msgstr "" #: ../lib/pki_evp.cpp:469 #, qt-format msgctxt "pki_evp|" msgid "Please enter the password to decrypt the private key: '%1'" msgstr "" #: ../lib/pki_evp.cpp:472 ../lib/pki_evp.cpp:486 msgctxt "pki_evp|" msgid "Password input aborted" msgstr "" #: ../lib/pki_evp.cpp:482 #, qt-format msgctxt "pki_evp|" msgid "Please enter the database password for decrypting the key '%1'" msgstr "" #: ../lib/pki_evp.cpp:537 #, qt-format msgctxt "pki_evp|" msgid "Please enter the password to protect the private key: '%1'" msgstr "" #: ../lib/pki_evp.cpp:555 msgctxt "pki_evp|" msgid "Please enter the database password for encrypting the key" msgstr "" #: ../lib/pki_evp.cpp:716 #, qt-format msgctxt "pki_evp|" msgid "Please enter the password protecting the PKCS#8 key '%1'" msgstr "" #: ../lib/pki_evp.cpp:736 #, qt-format msgctxt "pki_evp|" msgid "Please enter the password protecting the Microsoft PVK key '%1'" msgstr "" #: ../lib/pki_evp.cpp:789 #, qt-format msgctxt "pki_evp|" msgid "Please enter the export password for the private key '%1'" msgstr "" #: ../lib/pki_export.cpp:43 ../lib/pki_export.cpp:70 ../lib/pki_export.cpp:73 msgctxt "pki_export|" msgid "PEM Text format with headers" msgstr "" #: ../lib/pki_export.cpp:44 msgctxt "pki_export|" msgid "Concatenated list of all selected items in one PEM text file" msgstr "" #: ../lib/pki_export.cpp:45 msgctxt "pki_export|" msgid "PEM chain" msgstr "" #: ../lib/pki_export.cpp:45 msgctxt "pki_export|" msgid "" "Concatenated text format of the complete certificate chain in one PEM file" msgstr "" #: ../lib/pki_export.cpp:46 msgctxt "pki_export|" msgid "PEM + key" msgstr "" #: ../lib/pki_export.cpp:46 msgctxt "pki_export|" msgid "" "Concatenation of the certificate and the unencrypted private key in one PEM " "file" msgstr "" #: ../lib/pki_export.cpp:47 msgctxt "pki_export|" msgid "" "Concatenation of the certificate and the encrypted private key in PKCS#8 " "format in one file" msgstr "" #: ../lib/pki_export.cpp:48 msgctxt "pki_export|" msgid "PKCS#7 encoded single certificate" msgstr "" #: ../lib/pki_export.cpp:49 msgctxt "pki_export|" msgid "All selected certificates encoded in one PKCS#7 file" msgstr "" #: ../lib/pki_export.cpp:50 msgctxt "pki_export|" msgid "PKCS #7 chain" msgstr "" #: ../lib/pki_export.cpp:50 msgctxt "pki_export|" msgid "PKCS#7 encoded complete certificate chain" msgstr "" #: ../lib/pki_export.cpp:51 msgctxt "pki_export|" msgid "Binary DER encoded certificate" msgstr "" #: ../lib/pki_export.cpp:52 msgctxt "pki_export|" msgid "PKCS #12 chain" msgstr "" #: ../lib/pki_export.cpp:52 msgctxt "pki_export|" msgid "" "The complete certificate chain and the private key as encrypted PKCS#12 file" msgstr "" #: ../lib/pki_export.cpp:53 msgctxt "pki_export|" msgid "PKCS #12" msgstr "" #: ../lib/pki_export.cpp:53 msgctxt "pki_export|" msgid "The certificate and the private key as encrypted PKCS#12 file" msgstr "" #: ../lib/pki_export.cpp:54 msgctxt "pki_export|" msgid "Certificate Index file" msgstr "" #: ../lib/pki_export.cpp:54 msgctxt "pki_export|" msgid "" "OpenSSL specific Certificate Index file as created by the 'ca' command and " "required by the OCSP tool" msgstr "" #: ../lib/pki_export.cpp:55 ../lib/pki_export.cpp:75 msgctxt "pki_export|" msgid "vCalendar" msgstr "" #: ../lib/pki_export.cpp:55 msgctxt "pki_export|" msgid "vCalendar expiry reminder for the selected items" msgstr "" #: ../lib/pki_export.cpp:56 msgctxt "pki_export|" msgid "CA vCalendar" msgstr "" #: ../lib/pki_export.cpp:56 msgctxt "pki_export|" msgid "" "vCalendar expiry reminder containing all issued, valid certificates, the CA " "itself and the latest CRL" msgstr "" #: ../lib/pki_export.cpp:58 msgctxt "pki_export|" msgid "PEM public" msgstr "" #: ../lib/pki_export.cpp:58 msgctxt "pki_export|" msgid "Text format of the public key in one PEM file" msgstr "" #: ../lib/pki_export.cpp:59 msgctxt "pki_export|" msgid "PEM private" msgstr "" #: ../lib/pki_export.cpp:59 ../lib/pki_export.cpp:61 msgctxt "pki_export|" msgid "Unencrypted private key in text format" msgstr "" #: ../lib/pki_export.cpp:60 msgctxt "pki_export|" msgid "PEM encrypted" msgstr "" #: ../lib/pki_export.cpp:60 msgctxt "pki_export|" msgid "OpenSSL specific encrypted private key in text format" msgstr "" #: ../lib/pki_export.cpp:61 msgctxt "pki_export|" msgid "SSH2 private" msgstr "" #: ../lib/pki_export.cpp:62 msgctxt "pki_export|" msgid "SSH2 public" msgstr "" #: ../lib/pki_export.cpp:62 msgctxt "pki_export|" msgid "The public key encoded in SSH2 format" msgstr "" #: ../lib/pki_export.cpp:63 msgctxt "pki_export|" msgid "DER public" msgstr "" #: ../lib/pki_export.cpp:63 msgctxt "pki_export|" msgid "Binary DER format of the public key" msgstr "" #: ../lib/pki_export.cpp:64 msgctxt "pki_export|" msgid "DER private" msgstr "" #: ../lib/pki_export.cpp:64 msgctxt "pki_export|" msgid "Unencrypted private key in binary DER format" msgstr "" #: ../lib/pki_export.cpp:65 msgctxt "pki_export|" msgid "PVK private" msgstr "" #: ../lib/pki_export.cpp:65 msgctxt "pki_export|" msgid "Private key in Microsoft PVK format not encrypted" msgstr "" #: ../lib/pki_export.cpp:66 msgctxt "pki_export|" msgid "PVK encrypted" msgstr "" #: ../lib/pki_export.cpp:66 msgctxt "pki_export|" msgid "Encrypted private key in Microsoft PVK format" msgstr "" #: ../lib/pki_export.cpp:67 msgctxt "pki_export|" msgid "PKCS #8 encrypted" msgstr "" #: ../lib/pki_export.cpp:67 msgctxt "pki_export|" msgid "Encrypted private key in PKCS#8 text format" msgstr "" #: ../lib/pki_export.cpp:68 msgctxt "pki_export|" msgid "PKCS #8" msgstr "" #: ../lib/pki_export.cpp:68 msgctxt "pki_export|" msgid "Unencrypted private key in PKCS#8 text format" msgstr "" #: ../lib/pki_export.cpp:71 msgctxt "pki_export|" msgid "Binary DER format of the certificate request" msgstr "" #: ../lib/pki_export.cpp:74 msgctxt "pki_export|" msgid "Binary DER format of the revocation list" msgstr "" #: ../lib/pki_export.cpp:75 msgctxt "pki_export|" msgid "vCalendar reminder for the CRL expiry date" msgstr "" #: ../lib/pki_export.cpp:77 msgctxt "pki_export|" msgid "XCA template in PEM-like format" msgstr "" #: ../lib/pki_export.cpp:78 msgctxt "pki_export|" msgid "All selected XCA templates in PEM-like format" msgstr "" #: ../lib/pki_key.cpp:199 #, qt-format msgctxt "pki_key|" msgid "Successfully imported the %1 public key '%2'" msgstr "" #: ../lib/pki_key.cpp:200 #, qt-format msgctxt "pki_key|" msgid "Delete the %1 public key '%2'?" msgstr "" #: ../lib/pki_key.cpp:205 #, qt-format msgctxt "pki_key|" msgid "Successfully imported the %1 private key '%2'" msgstr "" #: ../lib/pki_key.cpp:206 #, qt-format msgctxt "pki_key|" msgid "Delete the %1 private key '%2'?" msgstr "" #: ../lib/pki_key.cpp:207 #, qt-format msgctxt "pki_key|" msgid "Successfully created the %1 private key '%2'" msgstr "" #: ../lib/pki_key.cpp:213 #, qt-format msgctxt "pki_key|" msgid "Delete the %1 keys: %2?" msgstr "" #: ../lib/pki_key.cpp:58 ../lib/pki_key.cpp:222 ../lib/pki_key.cpp:857 msgctxt "pki_key|" msgid "Public key" msgstr "" #: ../lib/pki_key.cpp:457 msgctxt "pki_key|" msgid "Common" msgstr "" #: ../lib/pki_key.cpp:457 msgctxt "pki_key|" msgid "Private" msgstr "" #: ../lib/pki_key.cpp:457 msgctxt "pki_key|" msgid "Bogus" msgstr "" #: ../lib/pki_key.cpp:457 msgctxt "pki_key|" msgid "PIN" msgstr "" #: ../lib/pki_key.cpp:467 msgctxt "pki_key|" msgid "No password" msgstr "" #: ../lib/pki_key.cpp:564 ../lib/pki_key.cpp:669 #, qt-format msgctxt "pki_key|" msgid "Unexpected SSH2 content: '%1'" msgstr "" #: ../lib/pki_key.cpp:584 ../lib/pki_key.cpp:590 msgctxt "pki_key|" msgid "Invalid SSH2 public key" msgstr "" #: ../lib/pki_key.cpp:787 #, qt-format msgctxt "pki_key|" msgid "Failed writing to %1" msgstr "" #: ../lib/pki_multi.cpp:131 msgctxt "pki_multi|" msgid "No known PEM encoded items found" msgstr "" #: ../lib/pki_pkcs12.cpp:38 #, qt-format msgctxt "pki_pkcs12|" msgid "" "Please enter the password to decrypt the PKCS#12 file:\n" "%1" msgstr "" #: ../lib/pki_pkcs12.cpp:52 #, qt-format msgctxt "pki_pkcs12|" msgid "Unable to load the PKCS#12 (pfx) file %1." msgstr "" #: ../lib/pki_pkcs12.cpp:84 #, qt-format msgctxt "pki_pkcs12|" msgid "The supplied password was wrong (%1)" msgstr "" #: ../lib/pki_pkcs12.cpp:138 msgctxt "pki_pkcs12|" msgid "Please enter the password to encrypt the PKCS#12 file" msgstr "" #: ../lib/pki_pkcs12.cpp:141 msgctxt "pki_pkcs12|" msgid "No key or no Cert and no pkcs12" msgstr "" #: ../lib/pki_pkcs7.cpp:186 #, qt-format msgctxt "pki_pkcs7|" msgid "Unable to load the PKCS#7 file %1. Tried PEM and DER format." msgstr "" #: ../lib/pki_scard.cpp:48 #, qt-format msgctxt "pki_scard|" msgid "Successfully imported the token key '%1'" msgstr "" #: ../lib/pki_scard.cpp:49 #, qt-format msgctxt "pki_scard|" msgid "Delete the token key '%1'?" msgstr "" #: ../lib/pki_scard.cpp:50 #, qt-format msgctxt "pki_scard|" msgid "Successfully created the token key '%1'" msgstr "" #: ../lib/pki_scard.cpp:52 #, qt-format msgctxt "pki_scard|" msgid "Delete the %1 keys: %2?" msgstr "" #: ../lib/pki_scard.cpp:379 #, qt-format msgctxt "pki_scard|" msgid "Delete the private key '%1' from the token '%2 (#%3)' ?" msgstr "" #: ../lib/pki_scard.cpp:452 msgctxt "pki_scard|" msgid "This Key is already on the token" msgstr "" #: ../lib/pki_scard.cpp:538 msgctxt "pki_scard|" msgid "PIN input aborted" msgstr "" #: ../lib/pki_scard.cpp:550 msgctxt "pki_scard|" msgid "Unable to find copied key on the token" msgstr "" #: ../lib/pki_scard.cpp:638 #, qt-format msgctxt "pki_scard|" msgid "Please insert card: %1 %2 [%3] with Serial: %4" msgstr "" #: ../lib/pki_scard.cpp:704 msgctxt "pki_scard|" msgid "Unable to find generated key on card" msgstr "" #: ../lib/pki_scard.cpp:715 #, qt-format msgctxt "pki_scard|" msgid "Token %1" msgstr "" #: ../lib/pki_scard.cpp:724 ../lib/pki_scard.cpp:737 msgctxt "pki_scard|" msgid "Failed to find the key on the token" msgstr "" #: ../lib/pki_scard.cpp:731 msgctxt "pki_scard|" msgid "Invalid Pin for the token" msgstr "" #: ../lib/pki_scard.cpp:743 msgctxt "pki_scard|" msgid "Failed to initialize the key on the token" msgstr "" #: ../lib/pki_temp.cpp:163 #, qt-format msgctxt "pki_temp|" msgid "Successfully imported the XCA template '%1'" msgstr "" #: ../lib/pki_temp.cpp:164 #, qt-format msgctxt "pki_temp|" msgid "Delete the XCA template '%1'?" msgstr "" #: ../lib/pki_temp.cpp:165 #, qt-format msgctxt "pki_temp|" msgid "Successfully created the XCA template '%1'" msgstr "" #: ../lib/pki_temp.cpp:167 #, qt-format msgctxt "pki_temp|" msgid "Delete the %1 XCA templates: %2?" msgstr "" #: ../lib/pki_temp.cpp:367 #, qt-format msgctxt "pki_temp|" msgid "Wrong Size %1" msgstr "" #: ../lib/pki_temp.cpp:454 msgctxt "pki_temp|" msgid "Template file content error (too small)" msgstr "" #: ../lib/pki_temp.cpp:504 msgctxt "pki_temp|" msgid "Not a PEM encoded XCA Template" msgstr "" #: ../lib/pki_temp.cpp:512 #, qt-format msgctxt "pki_temp|" msgid "Not an XCA Template, but '%1'" msgstr "" #: ../lib/pki_x509.cpp:62 #, qt-format msgctxt "pki_x509|" msgid "Successfully imported the certificate '%1'" msgstr "" #: ../lib/pki_x509.cpp:63 #, qt-format msgctxt "pki_x509|" msgid "Delete the certificate '%1'?" msgstr "" #: ../lib/pki_x509.cpp:64 #, qt-format msgctxt "pki_x509|" msgid "Successfully created the certificate '%1'" msgstr "" #: ../lib/pki_x509.cpp:66 #, qt-format msgctxt "pki_x509|" msgid "Delete the %1 certificates: %2?" msgstr "" #: ../lib/pki_x509.cpp:228 #, qt-format msgctxt "pki_x509|" msgid "" "Unable to load the certificate in file %1. Tried PEM and DER certificate." msgstr "" #: ../lib/pki_x509.cpp:373 msgctxt "pki_x509|" msgid "This certificate is already on the security token" msgstr "" #: ../lib/pki_x509.cpp:436 #, qt-format msgctxt "pki_x509|" msgid "Delete the certificate '%1' from the token '%2 (#%3)'?" msgstr "" #: ../lib/pki_x509.cpp:569 msgctxt "pki_x509|" msgid "There is no key for signing !" msgstr "" #: ../lib/pki_x509.cpp:855 msgctxt "pki_x509|" msgid "No" msgstr "" #: ../lib/pki_x509.cpp:857 msgctxt "pki_x509|" msgid "Yes" msgstr "" #: ../lib/pki_x509.cpp:887 #, qt-format msgctxt "pki_x509|" msgid "Renew certificate: %1" msgstr "" #: ../lib/pki_x509.cpp:888 #, qt-format msgctxt "pki_x509|" msgid "" "The XCA certificate '%1', issued on %2 will expire on %3.\n" "It is stored in the XCA database '%4'" msgstr "" #: ../lib/pki_x509req.cpp:109 msgctxt "pki_x509req|" msgid "Signing key not valid (public key)" msgstr "" #: ../lib/pki_x509req.cpp:151 #, qt-format msgctxt "pki_x509req|" msgid "Successfully imported the %1 certificate request '%2'" msgstr "" #: ../lib/pki_x509req.cpp:152 #, qt-format msgctxt "pki_x509req|" msgid "Delete the %1 certificate request '%2'?" msgstr "" #: ../lib/pki_x509req.cpp:153 #, qt-format msgctxt "pki_x509req|" msgid "Successfully created the %1 certificate request '%2'" msgstr "" #: ../lib/pki_x509req.cpp:155 #, qt-format msgctxt "pki_x509req|" msgid "Delete the %1 certificate requests: %2?" msgstr "" #: ../lib/pki_x509req.cpp:184 #, qt-format msgctxt "pki_x509req|" msgid "" "Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC " "format." msgstr "" #: ../lib/pki_x509req.cpp:370 msgctxt "pki_x509req|" msgid "Signed" msgstr "" #: ../lib/pki_x509req.cpp:370 msgctxt "pki_x509req|" msgid "Unhandled" msgstr "" #: ../ui/v3ext.ui:26 msgctxt "v3ext|" msgid "Copy Common Name" msgstr "" #: ../ui/v3ext.ui:56 msgctxt "v3ext|" msgid "Add" msgstr "" #: ../ui/v3ext.ui:63 msgctxt "v3ext|" msgid "Delete" msgstr "" #: ../ui/v3ext.ui:89 msgctxt "v3ext|" msgid "Apply" msgstr "" #: ../ui/v3ext.ui:96 msgctxt "v3ext|" msgid "Validate" msgstr "" #: ../ui/v3ext.ui:125 msgctxt "v3ext|" msgid "Cancel" msgstr "" #: ../widgets/v3ext.cpp:75 msgctxt "v3ext|" msgid "An email address or 'copy'" msgstr "" #: ../widgets/v3ext.cpp:77 msgctxt "v3ext|" msgid "An email address" msgstr "" #: ../widgets/v3ext.cpp:79 msgctxt "v3ext|" msgid "A registered ID: OBJECT IDENTIFIER" msgstr "" #: ../widgets/v3ext.cpp:83 msgctxt "v3ext|" msgid "A uniform resource indicator" msgstr "" #: ../widgets/v3ext.cpp:88 msgctxt "v3ext|" msgid "A DNS domain name or 'copycn'" msgstr "" #: ../widgets/v3ext.cpp:90 msgctxt "v3ext|" msgid "A DNS domain name" msgstr "" #: ../widgets/v3ext.cpp:92 msgctxt "v3ext|" msgid "An IP address" msgstr "" #: ../widgets/v3ext.cpp:95 msgctxt "v3ext|" msgid "Syntax: ;TYPE:text like '1.2.3.4:UTF8:name'" msgstr "" #: ../widgets/v3ext.cpp:99 msgctxt "v3ext|" msgid "No editing. Only 'copy' allowed here" msgstr "" #: ../widgets/v3ext.cpp:168 #, qt-format msgctxt "v3ext|" msgid "" "Validation failed:\n" "'%1'\n" "%2" msgstr "" #: ../widgets/v3ext.cpp:173 #, qt-format msgctxt "v3ext|" msgid "" "Validation successful:\n" "'%1'" msgstr "" #: ../widgets/XcaWarning.cpp:72 msgctxt "xcaWarningGui|" msgid "Copy to Clipboard" msgstr "" xca-RELEASE.2.5.0/lang/xca.ts000066400000000000000000004540741450407711300154340ustar00rootroot00000000000000 CaProperties Form Days until next CRL issuing Default template CertDetail Details of the Certificate Serial The serial number of the certificate The internal name of the certificate in the database Status Internal name Signature Key Fingerprints MD5 An md5 hashsum of the certificate SHA1 A SHA-1 hashsum of the certificate SHA256 A SHA-256 hashsum of the certificate Validity The time since the certificate is valid The time until the certificate is valid Subject Issuer Extensions Comment Attributes Show config Show extensions Show public key This key is not in the database. Not available Signer unknown Self signed Revoked at %1 Not valid Valid Details of the certificate signing request CertExtend Certificate renewal This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. Validity Not before Not after Time range Local time Days Months Years No well-defined expiration Midnight Apply Revoke old certificate Replace old certificate Keep serial number The certificate will be earlier valid than the signer. This is probably not what you want. Edit dates Abort rollout Continue rollout Adjust date and continue The certificate will be longer valid than the signer. This is probably not what you want. CertTreeView Import PKCS#12 Import from PKCS#7 Request Security token Other token Similar Certificate Delete from Security token CA Properties Generate CRL Manage revocations Renewal Revoke Unrevoke Plain View Tree View days No template CA Properties Certificate export X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) ClickLabel Double click for details CrlDetail Details of the Revocation list &Status Version Signature Signed by Name The internal name of the CRL in the database issuing dates Next update Last update &Issuer &Extensions &Revocation list Comment Failed Unknown signer Verification not possible CrlTreeView There are no CA certificates for CRL generation Select CA certificate Revocation list export CRL ( *.pem *.der *.crl ) ExportDialog Name The internal name of the CRL in the database ... Filename Export comment into PEM file Export Format All files ( * ) The file: '%1' already exists! Overwrite Do not overwrite Form last update next update Days Months Years Apply Midnight Local time No well-defined expiration Help << >> &Done ImportMulti Import PKI Items Import &All &Import &Done &Remove from list Details Delete from token Rename on token Name: %1 Model: %2 Serial: %3 Manage security token Details of the item '%1' cannot be shown The type of the item '%1' is not recognized The file '%1' did not contain PKI data The %1 files: '%2' did not contain PKI data ItemProperties Name Source Insertion date Comment KeyDetail Name The internal name of the key used by xca Security token Manufacturer Serial Key Public Exponent Keysize Private Exponent Security Token Label PKCS#11 ID Token information Model Fingerprint Comment Details of the %1 key Not available Available Sub prime Public key Private key Curve name Unknown key KeyTreeView Clipboard format Change password Reset password Change PIN Init PIN with SO PIN (PUK) Change SO PIN (PUK) Security token This is not a token Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable Export public key [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) MainWindow Private Keys &New Key &Export &Import Import PFX (PKCS#12) &Show Details &Delete Certificate signing requests &New Request Certificates &New Certificate Import &PKCS#12 Import P&KCS#7 Plain View Templates &New Template &New CRL Ch&ange Template Revocation lists Using or exporting private keys will not be possible without providing the correct password The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. Recent DataBases System Croatian English French German Japanese Russian Slovak Spanish Persian Bulgarian Polish Italian Chinese Dutch Portuguese in Brazil Indonesian Turkish Language &File Open Remote DataBase Set as default DataBase New DataBase Open DataBase Close DataBase Options Exit I&mport Keys Requests PKCS#12 PKCS#7 Template Revocation list PEM file Paste PEM file Token Export Certificate &Index hierarchy Content &Manage Security token &Init Security token &Change PIN Change &SO PIN Init PIN Extra &Dump DataBase &Export Certificate Index C&hange DataBase password &Undelete items Generate DH parameter OID Resolver &Help About Import PEM data Please enter the original SO PIN (PUK) of the token '%1' Search Please enter the new SO PIN (PUK) for the token '%1' The new label of the token '%1' The token '%1' did not contain any keys or certificates Current Password Please enter the current database password The entered password is wrong New Password Please enter the new password to encrypt your private keys in the database-file Transaction start failed Database: %1 Certificate Index ( index.txt ) All files ( * ) Diffie-Hellman parameters saved as: %1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits NewCrl Last update Next update Days Months Years Midnight Local time Apply Options CRL number Subject alternative name Revocation reasons Authority key identifier Hash algorithm Create CRL NewKey Please give a name to the new key and select the desired keysize Key properties Name The internal name of the new key Curve name Usually at least 2048 bit keys are recommended New Key Keysize Keytype Remember as default Create NewX509 Source Signing request Show request Sign this Certificate signing &request Copy extensions from the request Modify subject of the request Signing Create a &self signed certificate Use &this Certificate for signing All certificates in your database that can create valid signatures Signature algorithm Template for the new certificate All available templates Apply extensions Apply subject Apply all Subject Internal Name Distinguished name Add Delete Private key This list only contains unused keys Used keys too &Generate a new key Extensions Type If this will become a CA certificate or not Not defined Certification Authority End Entity Path length How much CAs may be below this. The basic constraints should always be critical Key identifier Creates a hash of the key following the PKIX guidelines Copy the Subject Key Identifier from the issuer Validity Not before Not after Time range Days Months Years Apply Set the time to 00:00:00 and 23:59:59 respectively Midnight Local time No well-defined expiration DNS: IP: URI: email: RID: Edit URI: Key usage Netscape Advanced Validate Comment This name is only used internally and does not appear in the resulting certificate Critical Create Certificate signing request minimum size: %1 maximum size: %1 only a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters Edit XCA template Create x509 Certificate Template '%1' applied Subject applied from template '%1' Extensions applied from template '%1' New key '%1' created Other Tabs Advanced Tab Errors From PKCS#10 request Abort rollout The following length restrictions of RFC3280 are violated: Edit subject Continue rollout The verification of the Certificate request failed. The rollout should be aborted. Continue anyway The internal name and the common name are empty. Please set at least the internal name. Edit name There is no Key selected for signing. Select key The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. The key you selected for signing is not a private one. Select other signer Select other key The currently selected hash algorithm '%1' is insecure and should not be used. Select other algorithm Use algorithm anyway The certificate will be earlier valid than the signer. This is probably not what you want. Edit dates Adjust date and continue The certificate will be longer valid than the signer. This is probably not what you want. The certificate will be out of date before it becomes valid. You most probably mixed up both dates. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. The certificate contains invalid extensions. Edit extensions The subject alternative name shall contain a copy of the common name. However, the common name is empty. Configfile error on line %1 OidResolver OID Resolver Enter the OID, the Nid, or one of the textual representations Search OID Long name OpenSSL internal ID Nid Short name OpenDb Open remote database Database type Hostname Username Password Database name Table prefix No SqLite3 driver available. Please install the qt-sqlite package of your distribution Options XCA Options Settings Default hash algorithm String types Suppress success messages Don't colorize expired certificates Translate established x509 terms (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. Only use hashes supported by the token when signing with a token key Disable legacy Netscape extensions PKCS12 encryption algorithm Certificate expiry warning threshold Send vCalendar expiry reminder Serial number length bit Distinguished name Mandatory subject entries Add Delete Explicit subject entries Dynamically arrange explicit subject entries Default PKCS#11 provider Remove Search Printable string or UTF8 (default) PKIX recommendation in RFC2459 No BMP strings, only printable and T61 UTF8 strings only (RFC2459) All strings Days Weeks PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) Take as HEX string Repeat %1 %1 mismatch Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters Exit QObject Undefined Broken / Invalid in %1 seconds %1 seconds ago in %1 minutes %1 minutes ago Yesterday Tomorrow in %1 hours %1 hours ago Out of data Error finding endmarker of string All files ( * ) PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK Keys ( *.pvk );; SSH Public Keys ( *.pub );; Import RSA key PKCS#10 CSR ( *.pem *.der *.csr );; Import Request Certificates ( *.pem *.der *.crt *.cer );; Import X.509 Certificate PKCS#7 data ( *.p7s *.p7m *.p7b );; Import PKCS#7 Certificates PKCS#12 Certificates ( *.p12 *.pfx );; Import PKCS#12 Private Certificate XCA templates ( *.xca );; Import XCA Templates Revocation lists ( *.pem *.der *.crl );; Import Certificate Revocation List XCA Databases ( *.xdb );; Open XCA Database PKCS#11 library ( *.dll );; PKCS#11 library ( *.dylib *.so );; PKCS#11 library ( *.so );; Open PKCS#11 shared library PEM files ( *.pem );; Load PEM encoded file Please enter the PIN on the PinPad Please enter the SO PIN (PUK) of the token %1 Please enter the PIN of the token %1 No Security token found Select Please enter the new SO PIN (PUK) for the token: '%1' Please enter the new PIN for the token: '%1' Required PIN size: %1 - %2 Disabled Library loading failed PKCS#11 function '%1' failed: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 Invalid %1 is shorter than %2 bytes: '%3' %1 is longer than %2 bytes: '%3' String '%1' for '%2' contains invalid characters Error reading config file %1 at line %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. Unknown object '%1' in file %2 line %3 Failed to start a database transaction Country code State or Province Locality Organisation Organisational unit Common name E-Mail address Serial number Given name Surname Title Initials Description Role Pseudonym Generation Qualifier x500 Unique Identifier Name DN Qualifier Unstructured name Challenge password Basic Constraints Subject alternative name issuer alternative name Subject key identifier Authority key identifier Key usage Extended key usage CRL distribution points Authority information access Certificate type Base URL Revocation URL CA Revocation URL Certificate renewal URL CA policy URL SSL server name Comment Index file written to '%1' Index hierarchy written to '%1' Unknown key type %1 Password verify error, please try again The following error occurred: Failed to update the database schema to the current version Password ReqTreeView Sign Unmark signed Mark signed Similar Request Certificate request export Certificate request ( *.pem *.der *.csr ) RevocationList Manage revocations Add Delete Edit No. Serial Revocation Reason Invalidation Generate CRL Revoke Certificate revocation Revocation details Revocation reason Local time Invalid since Serial SearchPkcs11 Directory ... Include subdirectories Search The following files are possible PKCS#11 libraries SelectToken Security token Please select the security token TempTreeView Duplicate Create certificate Create request copy Preset Template values Template export XCA Templates ( *.xca ) TrustState Certificate trust Trustment &Never trust this certificate Only &trust this certificate, if we trust the signer &Always trust this certificate Validity yyyy-MM-dd hh:mm X509SuperTreeView OpenSSL config Transform Template Public key Save as OpenSSL config Config files ( *.conf *.cnf);; All files ( * ) XFile Error opening file: '%1': %2 Error rewinding file: '%1': %2 XcaTreeView Item properties Subject entries X509v3 Extensions Netscape extensions Key properties Reset Hide Column Details Columns New Import Paste PEM data Rename Properties Delete Export Clipboard File database_model Please enter the password to access the database server %2 as user '%1'. Unable to create '%1': %2 The file '%1' is not an XCA database No SqLite3 driver available. Please install the qt-sqlite package of your distribution New Password Please enter a password, that will be used to encrypt your private keys in the database: %1 Password Please enter the password for unlocking the database: %1 db_base Internal name No. Primary key Database unique number Date Date of creation or insertion Source Generated, Imported, Transformed Comment First line of the comment field Import from: %1 Could not create directory %1 db_crl Signer Internal name of the signer No. revoked Number of revoked certificates Last update Next update CRL number The revocation list already exists in the database as: '%1' and so it was not imported Failed to initiate DB transaction Database error: %1 db_key Type Size EC Group Use Password The key is already in the database as: '%1' and is not going to be imported The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key Extending public key from %1 by imported key '%2' Key size too small ! You are sure to create a key of the size: %1 ? Internal error Tried to change password of a token db_temp Bad template: %1 Empty template db_x509 CA reflects the basic Constraints extension Serial Start date Expiry date MD5 fingerprint SHA1 fingerprint SHA256 fingerprint Not before Not after Revocation CRL Expiration Failed to retrieve unique random serial The certificate already exists in the database as: '%1' and so it was not imported Signed on %1 by '%2' Unknown Invalid public key The key you selected for signing is not a private one. Failed to create directory '%1' Store the certificate to the key on the token '%1 (#%2)' ? There was no key found for the Certificate: '%1' Not possible for a token key: '%1' Not possible for the token-key Certificate '%1' db_x509name Subject Complete distinguished name Subject hash Hash to lookup certs in directories db_x509req Signed whether the request is already signed or not Unstructured name Challenge password Certificate count Number of certificates in the database with the same public key The certificate signing request already exists in the database as '%1' and thus was not stored db_x509super Key name Internal name of the key Signature algorithm Key type Key size EC Group Extracted from %1 '%2' Certificate Certificate request The following extensions were not ported into the template Transformed from %1 '%2' kvView Type Content pass_info Password PIN pkcs11_lib Failed to open PKCS11 library: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. pki_base Unknown Imported Generated Transformed Token Legacy Database Renewed Property '%1' not listed in 'pki_base::print' Internal error: Unexpected message: %1 %2 pki_crl Successfully imported the revocation list '%1' Delete the revocation list '%1'? Successfully created the revocation list '%1' Delete the %1 revocation lists: %2? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. No issuer given CRL Renewal of CA '%1' due The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' Renew CRL: %1 The XCA CRL '%1', issued on %3 will expire on %4. It is stored in the XCA database '%5' pki_evp Please enter the password to decrypt the private key %1. The key from file '%1' is incomplete or inconsistent. Please enter the password to decrypt the private key from file: %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. Please enter the password to decrypt the private key: '%1' Password input aborted Please enter the database password for decrypting the key '%1' Please enter the password to protect the private key: '%1' Please enter the database password for encrypting the key Please enter the password protecting the PKCS#8 key '%1' Please enter the password protecting the Microsoft PVK key '%1' Please enter the export password for the private key '%1' pki_export PEM Text format with headers Concatenated list of all selected items in one PEM text file PEM chain Concatenated text format of the complete certificate chain in one PEM file PEM + key Concatenation of the certificate and the unencrypted private key in one PEM file Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file PKCS#7 encoded single certificate All selected certificates encoded in one PKCS#7 file PKCS #7 chain PKCS#7 encoded complete certificate chain Binary DER encoded certificate PKCS #12 chain The complete certificate chain and the private key as encrypted PKCS#12 file PKCS #12 The certificate and the private key as encrypted PKCS#12 file Certificate Index file OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool vCalendar vCalendar expiry reminder for the selected items CA vCalendar vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL PEM public Text format of the public key in one PEM file PEM private Unencrypted private key in text format PEM encrypted OpenSSL specific encrypted private key in text format SSH2 private SSH2 public The public key encoded in SSH2 format DER public Binary DER format of the public key DER private Unencrypted private key in binary DER format PVK private Private key in Microsoft PVK format not encrypted PVK encrypted Encrypted private key in Microsoft PVK format PKCS #8 encrypted Encrypted private key in PKCS#8 text format PKCS #8 Unencrypted private key in PKCS#8 text format Binary DER format of the certificate request Binary DER format of the revocation list vCalendar reminder for the CRL expiry date XCA template in PEM-like format All selected XCA templates in PEM-like format pki_key Successfully imported the %1 public key '%2' Delete the %1 public key '%2'? Successfully imported the %1 private key '%2' Delete the %1 private key '%2'? Successfully created the %1 private key '%2' Delete the %1 keys: %2? Public key Common Private Bogus PIN No password Unexpected SSH2 content: '%1' Invalid SSH2 public key Failed writing to %1 pki_multi No known PEM encoded items found pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 Unable to load the PKCS#12 (pfx) file %1. The supplied password was wrong (%1) Please enter the password to encrypt the PKCS#12 file No key or no Cert and no pkcs12 pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. pki_scard Successfully imported the token key '%1' Delete the token key '%1'? Successfully created the token key '%1' Delete the %1 keys: %2? Delete the private key '%1' from the token '%2 (#%3)' ? This Key is already on the token PIN input aborted Unable to find copied key on the token Please insert card: %1 %2 [%3] with Serial: %4 Unable to find generated key on card Token %1 Failed to find the key on the token Invalid Pin for the token Failed to initialize the key on the token pki_temp Successfully imported the XCA template '%1' Delete the XCA template '%1'? Successfully created the XCA template '%1' Delete the %1 XCA templates: %2? Wrong Size %1 Template file content error (too small) Not a PEM encoded XCA Template Not an XCA Template, but '%1' pki_x509 Successfully imported the certificate '%1' Delete the certificate '%1'? Successfully created the certificate '%1' Delete the %1 certificates: %2? Unable to load the certificate in file %1. Tried PEM and DER certificate. This certificate is already on the security token Delete the certificate '%1' from the token '%2 (#%3)'? There is no key for signing ! No Yes Renew certificate: %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' pki_x509req Signing key not valid (public key) Successfully imported the %1 certificate request '%2' Delete the %1 certificate request '%2'? Successfully created the %1 certificate request '%2' Delete the %1 certificate requests: %2? Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. Signed Unhandled v3ext Copy Common Name Add Delete Apply Validate Cancel An email address or 'copy' An email address A registered ID: OBJECT IDENTIFIER A uniform resource indicator A DNS domain name or 'copycn' A DNS domain name An IP address Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' No editing. Only 'copy' allowed here Validation failed: '%1' %2 Validation successful: '%1' xcaWarningGui Copy to Clipboard xca-RELEASE.2.5.0/lang/xca_bg.ts000066400000000000000000006373371450407711300161110ustar00rootroot00000000000000 CaProperties Form Форма Days until next CRL issuing Дни до следващото издаване на CRL Default template Шаблон по подразбиране CertDetail Details of the Certificate Детайли на сертификата Serial Сериен номер The serial number of the certificate Серийният номер на сертификата The internal name of the certificate in the database Вътрешното име на сертификата в базата данни Status Статус Internal name Вътрешно име Signature Подпис Key Ключ Fingerprints Пръстови отпечатъци MD5 MD5 An md5 hashsum of the certificate Хеш сума md5 на сертификата SHA1 SHA1 A SHA-1 hashsum of the certificate Хеш сума SHA-1 на сертификата SHA256 SHA256 A SHA-256 hashsum of the certificate Хеш сума SHA-256 на сертификата Validity Валидност The time since the certificate is valid Времето, откакто сертификатът е валиден The time until the certificate is valid Времето до кога е валиден сертификата Subject Тема Issuer Издател Extensions Разширения Comment Коментар Attributes Атрибути Show config Покажи конфигурацията Show extensions Покажи разширенията Show public key Покажи публичния ключ This key is not in the database. Ключът не е в базата данни. Not available Не е достъпно Signer unknown Неизвестен подписващ Self signed Самоподписано Revoked at %1 Анулиран на %1 Not valid Невалиден Valid Валиден Details of the certificate signing request Подробности за заявката за подписване на сертификат CertExtend Certificate renewal Подновяване на сертификат This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. Това ще създаде нов сертификат като копие на стария с нов сериен номер и коригирани стойности за валидност. Validity Валидност Not before Не преди Not after Не след Time range Времеви интервал Local time Местно време Days Дни Months Месеци Years Години No well-defined expiration Няма ясно дефиниран срок на валидност Midnight Полунощ Apply Приложи Revoke old certificate Анулирайте стария сертификат Replace old certificate Заменете стария сертификат Keep serial number Запазете серийния номер The certificate will be earlier valid than the signer. This is probably not what you want. Сертификатът ще бъде валиден по-рано от подписващия. Това вероятно не е това, което искате. Edit dates Редактиране на дати Abort rollout Прекъсване на внедряването Continue rollout Продължаване на внедряването Adjust date and continue Коригирайте датата и продължете The certificate will be longer valid than the signer. This is probably not what you want. Сертификатът ще бъде по-дълъг от този на подписващия. Това вероятно не е това, което искате. CertTreeView Import PKCS#12 Импортиране на PKCS#12 Import from PKCS#7 Импортиране от PKCS#7 Request Заявка Security token Токен за сигурност Other token Друг токен Similar Certificate Подобен сертификат Delete from Security token Изтриване от токена за сигурност CA CA Properties Свойства Generate CRL Създаване на CRL Manage revocations Управление на анулираните Renewal Подновяване Revoke Анулиране Unrevoke Премахване от анулиране Plain View Обикновен изглед Tree View В дървовиден изглед days дни No template Без шаблон CA Properties CA Свойства Certificate export Експортиране на сертификат X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) X509 Сертификати ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) ClickLabel Double click for details Щракнете два пъти за детайли CrlDetail Details of the Revocation list Детайли на списъка с анулирани &Status &Статус Version Версия Signature Подпис Signed by Подписан от Name Име The internal name of the CRL in the database Вътрешното име на CRL в базата данни issuing dates дати на издаване Next update Следваща актуализация Last update Последна актуализация &Issuer &Издател &Extensions &Разширения &Revocation list &Анулиран списък Comment Коментар Failed Провали се Unknown signer Неизвестен подписващ Verification not possible Проверката не е възможна CrlTreeView There are no CA certificates for CRL generation Няма CA сертификати за създаването на CRL Select CA certificate Изберете CA сертификат Revocation list export Експортиране на списък с анулирани CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) ExportDialog Name Име The internal name of the CRL in the database Вътрешното име на CRL в базата данни ... ... Filename Име на файл Export comment into PEM file Експортиране на коментар в PEM файл Export Format Формат за експортирането All files ( * ) Всички файлове ( * ) PEM Text format with headers PEM Текстов формат с хедери Concatenated list of all selected items in one PEM text file Конкатениран списък на всички избрани елементи в един PEM текстов файл Concatenated text format of the complete certificate chain in one PEM file Конкатениран текстов формат на пълната верига от сертификати в един PEM файл Concatenated text format of all certificates in one PEM file Конкатениран текстов формат на всички сертификати в един PEM файл Binary DER encoded file Двоичен DER кодиран файл PKCS#7 encoded single certificate PKCS#7 кодиран единичен сертификат PKCS#7 encoded complete certificate chain PKCS#7 кодирана пълна верига от сертификати Concatenated text format of all unrevoked certificates in one PEM file Конкатениран текстов формат на всички премахнати от анулиране сертификати в един PEM файл All unrevoked certificates encoded in one PKCS#7 file Всички премахнати от анулиране сертификати криптирани в един PKCS#7 файл All selected certificates encoded in one PKCS#7 file Всички избрани сертификати кодирани в един PKCS#7 файл All certificates encoded in one PKCS#7 file Всички сертификати крипирарни в един PKCS#7 файл The certificate and the private key as encrypted PKCS#12 file Сертификатът и частния ключ като криптиран PKCS#12 файл The complete certificate chain and the private key as encrypted PKCS#12 file Пълната верига от сертификати и частния ключ като криптиран PKCS#12 файл Concatenation of the certificate and the unencrypted private key in one PEM file Конкатенация на сертификата и некриптирания частен ключ в един PEM файл Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Конкатенация на сертификата и криптирания частен ключ във формат PKCS#8 в един файл Text format of the public key in one PEM file Текстов формат на публичния ключ в един PEM файл Binary DER format of the public key Двоичен DER формат на публичния ключ Unencrypted private key in text format Некриптиран частен ключ в текстов формат OpenSSL specific encrypted private key in text format Специфичен за OpenSSL криптиран частен ключ в текстов формат Unencrypted private key in binary DER format Некриптиран частен ключ в двоичен DER формат Unencrypted private key in PKCS#8 text format Некриптиран частен ключ в текстов формат PKCS#8 Encrypted private key in PKCS#8 text format Криптиран частен ключ в текстов формат PKCS#8 The public key encoded in SSH2 format Публичният ключ, кодиран във формат SSH2 OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool Специфичен за OpenSSL файл с индекс на сертификат, създаден от командата 'ca' и изискван от OCSP инструмента vCalendar expiry reminder for the selected items vCalendar напомняне за изтичане на избраните елементи vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL Напомняне за изтичане чрез vCalendar, съдържащо всички издадени валидни сертификати, самия CA и последния CRL Private key in Microsoft PVK format not encrypted или шифър Частният ключ във формат Microsoft PVK не е криптиран Encrypted private key in Microsoft PVK format Криптиран частен ключ във формат Microsoft PVK The file: '%1' already exists! Файлът:'%1' вече съществува! Overwrite Презаписане Do not overwrite Не презаписвайте Form last update next update Days Months Месеци Years Години Apply Midnight Полунощ Local time Местно време No well-defined expiration Help << << >> >> &Done &Готово ImportMulti Import PKI Items Импортиране на PKI елементи Import &All Импортирай &Всички &Import &Импортиране &Done &Готово &Remove from list &Премахване от списък Details Детайли Delete from token Изтриване от токен Rename on token Преименуване на токен Name: %1 Model: %2 Serial: %3 Име: %1 Модел: %2 Сериен номер: %3 Manage security token Управление на токена за сигурност Details of the item '%1' cannot be shown Подробностите за елемента '%1' не могат да бъдат показани The type of the item '%1' is not recognized Типът на елемента '%1' не е разпознат The file '%1' did not contain PKI data Файлът '%1' не съдържа PKI данни The %1 files: '%2' did not contain PKI data Файловете %1: '%2' не съдържаха PKI данни ItemProperties Name Име Source Източник Insertion date Дата на вмъкване Comment Коментар KeyDetail Name Име The internal name of the key used by xca Вътрешното име на ключа, използван от xca Security token Токен за сигурност Manufacturer Производител Serial Сериен Key Ключ Public Exponent Публична експонента Keysize Размер на ключа Private Exponent Частна експонента Security Token Токен за сигурност Label Етикет PKCS#11 ID PKCS#11 ID Token information Информация за токена Model Модел Fingerprint Пръстов отпечатък Comment Коментар Details of the %1 key Подробности за ключа %1 Not available Недостъпно Available или достъпен? Достъпно Sub prime или Второстепенен Подпрайм Public key Публичен ключ Private key Частен ключ Curve name Име на кривата Unknown key Неизвестен ключ KeyTreeView Clipboard format Change password Промени парола Reset password Нулиране на паролата Change PIN Промяна на ПИН Init PIN with SO PIN (PUK) Инициализиране на PIN със SO PIN (PUK) Change SO PIN (PUK) Промяна на SO PIN (PUK) Security token Токен за сигурност This is not a token Това не е токен Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable Трябва ли оригиналният ключ '%1' да бъде заменен с ключа на токена? Това ще изтрие ключа '%1' и ще го направи неекспортируем Export public key [%1] Експортиране на публичния ключ [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Частни ключове ( *.pem *.der *.pk8 );; SSH Публични ключове ( *.pub ) MainWindow Private Keys Частни ключове &New Key &Нов ключ &Export &Експортиране &Import &Импортиране Import PFX (PKCS#12) Импортиране на PFX (PKCS#12) &Show Details &Покажи детайлите &Delete &Изтрий Certificate signing requests Заявки за подписване на сертификати &New Request &Нова заявка Certificates Сертификати &New Certificate &Нов сертификат Import &PKCS#12 Импортиране на &PKCS#12 Import P&KCS#7 Импортиране на P&KCS#7 Plain View Обикновен изглед Templates Шаблони &New Template &Нов Шаблон &New CRL &Нов CRL Ch&ange Template Про&мени Шаблони Revocation lists Списъци с анулирани сертификати Using or exporting private keys will not be possible without providing the correct password Използването или експортирането на лични ключове няма да е възможно без предоставяне на правилната парола Database База данни The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. Използваният в момента хеш по подразбиране '%1' е несигурен. Моля, изберете поне 'SHA 224' от съображения за сигурност. Recent DataBases Текущи бази данни System Системен Croatian хърватски English английски French френски German немски Japanese японски Russian руски Slovak словашки Spanish испански Persian Bulgarian Polish полски Italian италиански Chinese китайски Dutch холандски Portuguese in Brazil португалски в Бразилия Indonesian Turkish турски Language Език &File &Файл Open Remote DataBase Отваряне на отдалечена базата данни Set as default DataBase Задаване като базата данни по подразбиране New DataBase Нова база данни Open DataBase Отваряне на базата данни Close DataBase Затваряне на базата данни Options Опции Exit Изход I&mport И&мпортиране Keys Ключове Requests Заявки PKCS#12 PKCS#12 PKCS#7 PKCS#7 Template Шаблон Revocation list Списък с анулирани сертификати PEM file PEM файл Paste PEM file Поставяне на данни в PEM файл Token Токен Export Certificate &Index hierarchy Експортиране на &индекс йерархия на сертификат Content Съдържание &Manage Security token &Управление на токена за сигурност &Init Security token &Инициализация на токен за сигурност &Change PIN &Промяна на ПИН Change &SO PIN Промяна на &SO PIN Init PIN Инициализация на ПИН Extra Екстра &Dump DataBase или помисли за дъмпване? &Създаване на копие на базата данни &Export Certificate Index &Експортиране на сертификат индекса C&hange DataBase password П&ромяна на паролата за базата данни &Undelete items &Отмяна на изтритите елементи Generate DH parameter Създаване на DH параметър OID Resolver OID Резолвер &Help &Помощ About За програмата Import PEM data Импортиране на PEM данни Please enter the original SO PIN (PUK) of the token '%1' Моля, въведете оригиналния SO PIN (PUK) на токена '%1' Search или е търси/тестване на превода и виж/оптимизирай Търсене Please enter the new SO PIN (PUK) for the token '%1' Моля, въведете новия SO PIN (PUK) за токена '%1' The new label of the token '%1' Новият етикет на токена '%1' The token '%1' did not contain any keys or certificates Токенът '%1' не съдържа никакви ключове или сертификати Current Password Текуща парола Please enter the current database password Моля, въведете текущата парола за базата данни The entered password is wrong Въведената парола е грешна New Password Нова парола Please enter the new password to encrypt your private keys in the database-file Моля, въведете новата парола, за да шифровате личните си ключове във файла с база данни Transaction start failed Стартирането на транзакцията бе неуспешно Database: %1 Certificate Index ( index.txt ) Индекс на сертификата ( index.txt ) All files ( * ) Всички файлове ( * ) Diffie-Hellman parameters saved as: %1 Параметрите на Diffie-Hellman са запазени като: %1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits Параметрите на Diffie-Hellman са необходими за различни приложения, но не се обработват от XCA. Моля, въведете битовете на DH параметъра NewCrl Last update Последна актуализация Next update Следваща актуализация Days Дни Months Месеци Years Години Midnight Полунощ Local time Местно време Apply Приложи Options Опции CRL number CRL номер Subject alternative name Алтернативно име на тема Revocation reasons Причини за анулиране Authority key identifier Орган идентификатор на ключ Hash algorithm Хеш алгоритъм Create CRL Създай CRL NewKey Please give a name to the new key and select the desired keysize Моля, дайте име на новия ключ и изберете желания размер на ключа Key properties Свойства на ключа Name Име The internal name of the new key Вътрешното име на новия ключ Curve name Име на крива Usually at least 2048 bit keys are recommended Обикновено се препоръчват поне 2048 битови ключове New Key Нов ключ Keysize Размер на ключа Keytype Тип ключ Remember as default Запомни като по подразбиране Create Създавай NewX509 Source Източник Signing request Искане за подписване Show request Покажи заявката Sign this Certificate signing &request Подпишете тази &заявка за подписване на сертификат Copy extensions from the request Копирайте разширенията от заявката Modify subject of the request Промяна на предмета на заявката Signing Подписване Create a &self signed certificate Създаване на &самоподписан сертификат Use &this Certificate for signing Използвайте &този сертификат за подписване All certificates in your database that can create valid signatures Всички сертификати във вашата база данни, които могат да създават валидни подписи Signature algorithm Алгоритъм за подписване Template for the new certificate Шаблон за новия сертификат All available templates Всички налични шаблони Apply extensions Прилагане на разширения Apply subject Прилагане на тема Apply all Приложи навсякъде Subject Тема Internal Name Вътрешно име Distinguished name Отличително име Add Добавяне Delete Изтриване Private key Частен ключ This list only contains unused keys Този списък съдържа само неизползвани ключове Used keys too Както и използваните ключове &Generate a new key &Създаване на нов ключ Extensions Разширения Type Тип If this will become a CA certificate or not Дали това ще стане CA сертификат или не Not defined Не е посочено Certification Authority Помисли дали да остане СА/или Сертифициращ Орган Certification Authority - Сертифициращ Орган End Entity Краен обект - сертификат Path length Помисли за оптимизация на превода Дължина на пътя How much CAs may be below this. Колко CA може да са под това. The basic constraints should always be critical Основните ограничения винаги трябва да бъдат критични Key identifier Идентификатор на ключа Creates a hash of the key following the PKIX guidelines Създава хеш на ключа, следвайки указанията на PKIX Copy the Subject Key Identifier from the issuer Помисли за оптимизация на превода Копирайте идентификатора на ключ на темата от издателя Validity Валидност Not before Не преди това Not after Не след това Time range Времеви период Days Дни Months Месеци Years Години Apply Прилагане Set the time to 00:00:00 and 23:59:59 respectively Задайте часа съответно на 00:00:00 и 23:59:59 Midnight Полунощ Local time Местно време No well-defined expiration Няма ясно дефиниран срок на годност DNS: IP: URI: email: RID: DNS: IP: URI: имейл: RID: Edit Редактиране URI: URI: Key usage Използване на ключ Netscape Netscape Advanced Разширено Validate Валидирайте Comment Коментар This name is only used internally and does not appear in the resulting certificate Това име се използва само вътрешно и не се появява в сертификата, който получавате Critical Критичен Create Certificate signing request Създаване на заявка за подписване на сертификат minimum size: %1 минимален размер: %1 maximum size: %1 максимален размер: %1 only a-z A-Z 0-9 '()+,-./:=? само a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters само 7-битови чисти символи Edit XCA template Редактиране на XCA шаблон Create x509 Certificate Създаване на x509 сертификат Template '%1' applied Шаблонът '%1' е приложен Subject applied from template '%1' Приложена тема от шаблона '%1' Extensions applied from template '%1' Приложени разширения от шаблон '%1' New key '%1' created Новият ключ '%1' е създаден Other Tabs Други раздели Advanced Tab Раздел Разширени Errors Грешки From PKCS#10 request От PKCS#10 заявката Abort rollout Прекъсване на внедряването The following length restrictions of RFC3280 are violated: Следните ограничения за дължина на RFC3280 са нарушени: Edit subject Редактиране на темата Continue rollout Продължи с внедряването The verification of the Certificate request failed. The rollout should be aborted. Проверката на заявката за сертификат е неуспешна. Внедрряването трябва да бъде прекратено. Continue anyway Продължете все пак The internal name and the common name are empty. Please set at least the internal name. Вътрешното така и общото име са празни. Моля, задайте поне вътрешното име. Edit name Редактиране на име There is no Key selected for signing. Няма избран ключ за подписване. Select key Изберете ключ The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. Следните записи за отличителни имена са празни: %1 въпреки че сте ги декларирали като задължителни в менюто с опции. The key you selected for signing is not a private one. Ключът, който сте избрали за подписване, не е частен. Select other signer Изберете друг подписващ Select other key Изберете друг ключ The currently selected hash algorithm '%1' is insecure and should not be used. Избраният хеш алгоритъм '%1' е несигурен и не трябва да се използва. Select other algorithm Изберете друг алгоритъм Use algorithm anyway Все пак използвайте алгоритъма The certificate will be earlier valid than the signer. This is probably not what you want. Сертификатът ще бъде валиден по-рано от подписващия. Това вероятно не е това, което искате. Edit dates Редактиране на датите Adjust date and continue Коригирайте датата и продължете The certificate will be longer valid than the signer. This is probably not what you want. Сертификатът ще бъде по-дълъг от този на подписващия. Това вероятно не е това, което искате. The certificate will be out of date before it becomes valid. You most probably mixed up both dates. Сертификатът ще бъде изтекъл, преди да стане валиден. Най-вероятно сте сбъркали и двете дати. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. Сертификатът съдържа невалидни или дублирани разширения. Проверете валидирането в разширения раздел. The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. Сертификатът не съдържа разширения. Можете да приложите разширенията на един от шаблоните, за да определите целта на сертификата. The certificate contains invalid extensions. Edit extensions Редактиране на разширенията The subject alternative name shall contain a copy of the common name. However, the common name is empty. Алтернативното име на темата съдържа копие на общоприетото име. Въпреки това, общото име е празно. Configfile error on line %1 Грешка в конфигурационния файл на ред %1 OidResolver OID Resolver Резолвер на OID Enter the OID, the Nid, or one of the textual representations Въведете OID, Nid или едно от текстовите представяния Search Търсене OID OID Long name Дълго име OpenSSL internal ID OpenSSL вътрешен ID Nid Nid Short name Кратко име OpenDb Open remote database Отваряне на отдалечена база данни Database type Тип база данни Hostname Име на хост Username Потребителско име Password Парола Database name Име на база данни Table prefix Префикс на таблицата No SqLite3 driver available. Please install the qt-sqlite package of your distribution Няма наличен SqLite3 драйвер. Моля, инсталирайте пакета qt-sqlite на вашата дистрибуция Options XCA Options XCA Опции Settings Настройки Default hash algorithm Алгоритъм за хеширане по подразбиране String types Типове низове Suppress success messages Потискане на съобщенията за успех Don't colorize expired certificates Не оцветявай изтекли сертификати Translate established x509 terms (%1 -> %2) Превод на установени x509 термини (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. Функцията за хеширане на токена не се използва от XCA. Въпреки това може да се вземе предвид ограничен хеш-набор, разпространяван от токена. По-специално EC и DSA се дефинират само с SHA1 в спецификацията PKCS#11. Only use hashes supported by the token when signing with a token key Използвайте само хешове, поддържани от токена, когато подписвате с ключ за токен Disable legacy Netscape extensions Деактивирайте наследените разширения на Netscape PKCS12 encryption algorithm Certificate expiry warning threshold Предупредителен праг за изтичане на сертификата Send vCalendar expiry reminder Изпратете vCalendar за напомняне при изтичане Serial number length Дължина на серийния номер bit бита Distinguished name Отличително име Mandatory subject entries Задължителни записи с теми Add или добави/провери при тестване Добавяне Delete или изтрий/провери при тестване Изтриване Explicit subject entries Изрични теми със записи Dynamically arrange explicit subject entries Динамично подреждане на изрични теми Default По подразбиране PKCS#11 provider PKCS#11 доставчик Remove Премахване Search или търси/тествай Търсене Printable string or UTF8 (default) Низ за печат или UTF8 (по подразбиране) PKIX recommendation in RFC2459 По PKIX препоръка в RFC2459 No BMP strings, only printable and T61 Без BMP низове, само за печат и T61 UTF8 strings only (RFC2459) Само UTF8 (RFC2459) низове All strings Всички низове Days дни Weeks седмици PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) Паролата се анализира като двуцифрен шестнадесетичен код. Трябва да има четен брой цифри (0-9 и a-f) Take as HEX string Взимане като HEX низ Password Парола Repeat %1 Повтаряне на %1 %1 mismatch %1 несъответствие Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters Шестнадесетичната парола трябва да съдържа само знаците '0' - '9' и 'a' - 'f' и трябва да се състои от четен брой знаци Exit Изход QMessageBox Ok Ок Close Затвори Cancel Отказ Apply Приложи Yes Да No Не QObject Undefined Недефиниран Broken / Invalid Повреден / Невалиден in %1 seconds в %1 секунди %1 seconds ago преди %1 секунди in %1 minutes в %1 минути %1 minutes ago преди %1 минути Yesterday вчера Tomorrow утре in %1 hours в %1 часове %1 hours ago преди %1 часа Out of data Няма данни Error finding endmarker of string Грешка при намиране на крайния маркер на низ Out of Memory at %1:%2 Няма памет в %1:%2 All files ( * ) Всички файлове ( * ) PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK Keys ( *.pvk );; SSH Public Keys ( *.pub );; PKI Ключове ( *.pem *.der *.key );; PKCS#8 Ключове ( *.p8 *.pk8 );; Microsoft PVK Ключове ( *.pvk );; SSH Публични Ключове ( *.pub );; Import RSA key Импортиране на RSA ключ PKCS#10 CSR ( *.pem *.der *.csr );; PKCS#10 CSR ( *.pem *.der *.csr );; Import Request Заявка за импортиране Certificates ( *.pem *.der *.crt *.cer );; Сертификати ( *.pem *.der *.crt *.cer );; Import X.509 Certificate Импортиране на X.509 Сертификат PKCS#7 data ( *.p7s *.p7m *.p7b );; PKCS#7 данни ( *.p7s *.p7m *.p7b );; Import PKCS#7 Certificates Импортиране на PKCS#7 Сертификати PKCS#12 Certificates ( *.p12 *.pfx );; PKCS#12 Сертификати ( *.p12 *.pfx );; Import PKCS#12 Private Certificate Импортиране PKCS#12 Частен сертификат XCA templates ( *.xca );; XCA шаблони ( *.xca );; Import XCA Templates Импортиране на XCA Шаблони Revocation lists ( *.pem *.der *.crl );; Списъци за анулирани сертификати ( *.pem *.der *.crl );; Import Certificate Revocation List Импортиране на списък с анулирани сертификати XCA Databases ( *.xdb );; XCA База данни ( *.xdb );; Open XCA Database Отваряне на XCA База данни PKCS#11 library ( *.dll );; PKCS#11 библиотека ( *.dll );; PKCS#11 library ( *.dylib *.so );; PKCS#11 бибилиотека ( *.dylib *.so );; PKCS#11 library ( *.so );; PKCS#11 библиотека ( *.so );; Open PKCS#11 shared library Отваряне на PKCS#11 споделена библиотека PEM files ( *.pem );; PEM файлове ( *.pem );; Load PEM encoded file Зареждане на PEM кодиран файл Please enter the PIN on the PinPad Тествай/провери дали трябва да се преведе към пин пад? Моля, въведете PIN на PinPad Please enter the SO PIN (PUK) of the token %1 Моля, въведете SO PIN (PUK) на токена %1 Please enter the PIN of the token %1 Моля, въведете ПИН кода на токена %1 No Security token found Няма намерен токен за сигурност Select Изберете Please enter the new SO PIN (PUK) for the token: '%1' Моля, въведете новия SO PIN (PUK) за токена: '%1' Please enter the new PIN for the token: '%1' Моля, въведете новия ПИН за токена: '%1' Required PIN size: %1 - %2 Необходим размер на ПИН: %1 - %2 Invalid filename: %1 Невалидно име на файл: %1 Failed to open PKCS11 library: %1: %2 Възникна грешка при отваряне на PKCS11 библиотеката: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Това не изглежда като a PKCS#11 библиотека. Символът 'C_GetFunctionList' не е намерен. Disabled Деактивирано Library loading failed Зареждането на библиотеката бе неуспешно PKCS#11 function '%1' failed: %2 PKCS#11 функцията '%1' бе неуспешно: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 PKCS#11 функцията '%1' бе неуспешно: %2 В библиотеката %3 %4 Invalid Невалиден %1 is shorter than %2 bytes: '%3' Провери тук променливити като подредба/тестване %1 е по-къс от %2 байта: '%3' %1 is longer than %2 bytes: '%3' Провери тук променливити като подредба/тестване %1 е по-дълъг от %2 байта:'%3' String '%1' for '%2' contains invalid characters Низът '%1' за '%2' съдържа невалидни символи Error reading config file %1 at line %2 Грешка при четене на конфигурационен файл %1 на ред %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. Обектът '%1' от файла %2 на ред %3 вече е познат като '%4:%5:%6' и трябва да се премахне. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. Идентификаторъ '%1' за OID %2 от файла %3 на ред %4 се използва от различен OID като '%5:%6:%7' и трябва да се промени, за да се избегнат конфликти. Unknown object '%1' in file %2 line %3 Неизвестен обект '%1' във файл %2 ред %3 Failed to start a database transaction Неуспешно стартиране на транзакция в база данни Country code Код на държава State or Province Област или Провинция Locality Местност Organisation Организация Organisational unit Организационна единица Common name Общо име E-Mail address Имейл адрес Serial number Сериен номер Given name Собствено име Surname Фамилия Title Заглавие Initials Инициали Description Описание Role Роля Pseudonym Псевдоним Generation Qualifier Квалификатор на генерацията x500 Unique Identifier x500 уникален идентификатор Name Име DN Qualifier DN Квалификатор Unstructured name Неструктурирано име Challenge password Парола за предизвикателство Basic Constraints Основни ограничения Subject alternative name Алтернативно име на тема issuer alternative name алтернативно име на издателя Subject key identifier Ключ идентификатор на темата Authority key identifier Идентификатор на ключ на орган Key usage Използване на ключ Extended key usage Разширено използване на ключ CRL distribution points CRL разпределителни точки Authority information access Достъп до информация на органа Certificate type Тип сертификат Base URL Базов URL Revocation URL URL отмяна CA Revocation URL CA URL за отмяна Certificate renewal URL URL за подновяване на сертификата CA policy URL Политика на CA URL SSL server name SSL име на сървър Comment Коментар Index file written to '%1' Индексният файл е написан '%1' Index hierarchy written to '%1' Йерархията на индекса е записана на '%1' Unknown key type %1 Неизвестен тип ключ %1 Password verify error, please try again Грешка при проверка на паролата, моля, опитайте отново The following error occurred: Възникна следната грешка: Failed to update the database schema to the current version Password Парола ReqTreeView Sign Подписване Unmark signed Премахване на подписване Mark signed Подпиши маркираните Similar Request Подобна заявка Certificate request export Експортиране на заявка за сертификат Certificate request ( *.pem *.der *.csr ) Заявка за сертификат ( *.pem *.der *.csr ) RevocationList Manage revocations Управление на анулирани сертификати Add Добавяне Delete Изтриване Edit Редактиране No. Номер. Serial Сериен номер Revocation Отмяна Reason Причина Invalidation Връщане на валидация Generate CRL Създаване на CRL Revoke Certificate revocation Отмяна на сертфиката Revocation details Детайли за отмяната Revocation reason Причина за отмяна Local time Местно време Invalid since Невалиден от Serial Сериен номер SearchPkcs11 Directory Директория ... ... Include subdirectories Включване на поддиректории Search Търсене The following files are possible PKCS#11 libraries Следните файлове са възможни PKCS#11 библиотеки SelectToken Security token Токен за сигурност Please select the security token Моля изберете тоукън за сигурност TempTreeView Duplicate Дубликат Create certificate Създай сертификат Create request Създай заявка copy копирай Preset Template values Шаблон с предварителна настройка Template export XCA Templates ( *.xca ) TrustState Certificate trust Trustment &Never trust this certificate Only &trust this certificate, if we trust the signer &Always trust this certificate Validity yyyy-MM-dd hh:mm гггг-MM-дд чч:мм X509SuperTreeView OpenSSL config OpenSSL конфигурация Transform Преобразуване Template Шаблон Public key Публичен ключ Save as OpenSSL config Съхрани като OpenSSL конфигурация Config files ( *.conf *.cnf);; All files ( * ) Конфигурационни файлове ( *.conf *.cnf);; Всички файлове ( * ) XFile Error opening file: '%1': %2 Error rewinding file: '%1': %2 XcaTreeView Item properties Свойства на елемент Subject entries Предмет записи X509v3 Extensions X509v3 Разширения Netscape extensions Netscape разширения Key properties Свойства на ключа Reset Нулирай Hide Column Скрий колона Details Детайли Columns Колони New Нов Import Импортиране Paste PEM data Поставане на PEM данни Rename Преименувай Properties Свойства Delete Изтриване Export Експортиране Clipboard Клипбоарда File Файл database_model Please enter the password to access the database server %2 as user '%1'. Моля, въведете паролата за достъп до сървъра на база данни %2 като потребител '%1'. Unable to create '%1': %2 Не може да се създаде '%1': %2 The file '%1' is not an XCA database Файлът '%1' не е XCA база данни No SqLite3 driver available. Please install the qt-sqlite package of your distribution Няма наличен SqLite3 драйвер. Моля, инсталирайте пакета qt-sqlite на вашата дистрибуция New Password Нова парола Please enter a password, that will be used to encrypt your private keys in the database: %1 Моля, въведете парола, която ще се използва за криптиране на личните ви ключове в базата данни: %1 Password Парола Please enter the password for unlocking the database: %1 Моля, въведете паролата за отключване на базата данни: %1 db_base Internal name Вътрешно име No. Номер. Primary key Първичен ключ Database unique number Уникален номер на базата данни Date Дата Date of creation or insertion Дата на създаване или добавяне Source Източник Generated, Imported, Transformed Генериран, импортиран, трансформиран Comment Коментар First line of the comment field Първи ред на полето за коментар Import from: %1 Импортирай от: %1 Could not create directory %1 Не можа да се създаде директория %1 Item properties Свойства на елемент How to export the %1 selected items Как да експортирате %1 избраните елементи All in one PEM file Всички в един PEM файл Each item in one file Всеки елемент в един файл Save %1 items in one file as Съхрани %1 елементи в един файл като PEM files ( *.pem );; All files ( * ) PEM файлове ( *.pem );; Всички файлове ( * ) db_crl Signer Подписващ Internal name of the signer Вътрешно име на подписващия No. revoked Номер. на анулираните Number of revoked certificates Брой анулирани сертификати Last update Последна актуализация Next update Следваща актуализация CRL number CRL номер The revocation list already exists in the database as: '%1' and so it was not imported Списъкът за анулиране вече съществува в базата данни като: '%1' и затова не е импортиран Revocation list export Експортиране на списък с анулирани CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) Failed to initiate DB transaction Неуспешно стартиране на DB транзакция Database error: %1 Грешка в базата данни: %1 db_key Type Тип Size Размер EC Group EC Група Use Използвай Password Парола The key is already in the database as: '%1' and is not going to be imported Ключът вече е в базата данни като: '%1' и няма да се импортира The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key Базата данни вече съдържа публичната част на импортирания ключ като '%1 и ще бъде завършен от новата частна част на ключа Extending public key from %1 by imported key '%2' Разширяване на публичния ключ от %1 чрез импортиран ключ '%2' Key size too small ! Размерът на ключа е твърде малък! You are sure to create a key of the size: %1 ? Сигурни ли сте, че създавате ключ с размер: %1? PEM public публичен PEM SSH2 public публичен SSH2 PEM private частен PEM SSH2 private частен SSH2 Export keys to Clipboard Експортиране на ключовете в клипбоарда Clipboard Клипбоарда Export public key [%1] Експортиране на публичния ключ [%1] DER public публичен DER DER private частен DER PEM encryped PEM криптиран PVK private частен PVK PVK encrypted криптиран PVK PKCS#8 encrypted PKCS#8 криптиран Export private key [%1] Експортиране на частния ключ [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Частни ключове ( *.pem *.der *.pk8 );; SSH Публични ключове ( *.pub ) Internal error Вътрешна грешка Tried to change password of a token Опитах да променя паролата на токен db_temp Bad template: %1 Лош шаблон: %1 Empty template Празен шаблон Save template as Съхраняване на шаблон като XCA templates ( *.xca );; All files ( * ) XCA шаблони ( *.xca );; Всички файлове ( * ) db_x509 CA CA reflects the basic Constraints extension отразява основното разширение на ограниченията Serial Сериен номер Start date Стартова дата Expiry date Дата на изтичане MD5 fingerprint MD5 отпечатък SHA1 fingerprint SHA1 отпечатък SHA256 fingerprint SHA256 отпечатък Not before Не преди Not after Не след Revocation Анулиране CRL Expiration CRL Изтичане Failed to retrieve unique random serial Неуспешно извличане на уникален произволен сериен номер The certificate already exists in the database as: '%1' and so it was not imported Сертификатът вече съществува в базата данни като: '%1' и затова не е импортиран Signed on %1 by '%2' Подписан на %1 от '%2' Unknown Неизвестен Invalid public key Невалиден публичен ключ PKCS#7 unrevoked PKCS#7 не е отменен PEM unrevoked PEM не е отменен vCalendar vCalendar CA vCalendar CA vCalendar X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) X509 Сертификати ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) The key you selected for signing is not a private one. Ключът, който сте избрали за подписване, не е частен. Failed to create directory '%1' Неуспешно създаване на директория '%1' Store the certificate to the key on the token '%1 (#%2)' ? Съхранявайте сертификата в ключа на токена '%1 (#%2)'? PEM chain PEM верига PKCS#7 chain PKCS#7 верига PKCS#12 chain PKCS#12 верига PKCS#7 all Всички PKCS#7 PEM + key PEM + ключ PEM all Всички PEM Certificate Index file Файл с индекс на сертификата Certificate export Експортиране на сертификат There was no key found for the Certificate: '%1' Не беше намерен ключ за сертификата: '%1' Not possible for a token key: '%1' Невъзможно за токен ключ: '%1' Not possible for the token-key Certificate '%1' Невъзможно за сертификата за токен-ключ '%1' db_x509name Subject Заглавие Complete distinguished name Пълно отличително име Subject hash Хеш на заглавието Hash to lookup certs in directories Хеш за търсене на сертификати в директории db_x509req Signed Подписано whether the request is already signed or not дали заявката вече е подписана или не Unstructured name Неструктурирано име Challenge password Парола за предизвикателство Certificate count Брой сертификати Number of certificates in the database with the same public key Брой сертификати в базата данни с един и същ публичен ключ The certificate signing request already exists in the database as '%1' and thus was not stored Заявката за подписване на сертификат вече съществува в базата данни като '%1' и следователно не е бил съхраняван Certificate request export Експортиране на заявка за сертификат Certificate request ( *.pem *.der *.csr ) Заявка за сертификат ( *.pem *.der *.csr ) db_x509super Key name Име на ключ Internal name of the key Вътрешно име на ключа Signature algorithm Алгоритъм за подписване Key type Тип ключ Key size Размер на ключ EC Group EC Група Extracted from %1 '%2' Извлечено от %1 '„%2' Certificate Сертификат Certificate request Заявка на сертификат Save as OpenSSL config Съхрани като OpenSSL конфигурация Config files ( *.conf *.cnf);; All files ( * ) Конфигурационни файлове ( *.conf *.cnf);; Всички файлове ( * ) The following extensions were not ported into the template Следните разширения не бяха пренесени в шаблона Transformed from %1 '%2' Трансформирано от %1 '%2' kvView Type Тип Content Съдържание pass_info Password Парола PIN ПИН pkcs11_lib Failed to open PKCS11 library: %1: %2 Възникна грешка при отваряне на PKCS11 библиотеката: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Това не изглежда като a PKCS#11 библиотека. Символът 'C_GetFunctionList' не е намерен. pki_base Unknown Непознат Imported Импортиран Generated Създаден Transformed Преобразен Token Токен Legacy Database Наследена база данни Renewed Обновен Property '%1' not listed in 'pki_base::print' Свойството '%1' не е посочено в 'pki_base::print' Internal error: Unexpected message: %1 %2 Вътрешна грешка: Неочаквано съобщение: %1 %2 pki_crl Successfully imported the revocation list '%1' Успешно импортиране на списъка за анулиране '%1' Delete the revocation list '%1'? Да се изтрие ли списъкът за анулиране '%1'? Successfully created the revocation list '%1' Успешно е създаден списъкът за отмяна '%1' Delete the %1 revocation lists: %2? Изтриване на списъците с анулирани %1: %2? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. Не може да се зареди списъкът за анулиране във файл %1. Опитах PEM и DER форматиран CRL. No issuer given Не е предоставен издател CRL Renewal of CA '%1' due Предстои подновяване на CRL на CA '%1' The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' Последният CRL, издаден от CA '%1', ще изтече на %2. Той се съхранява в XCA базата данни '%3' Renew CRL: %1 Преиздаване на CRL: %1 The XCA CRL '%1', issued on %3 will expire on %4. It is stored in the XCA database '%5' XCA CRL '%1', издаден на %3, ще изтече на %4. Той се съхранява в XCA базата данни '%5' pki_evp Please enter the password to decrypt the private key %1. Моля, въведете паролата, за да декриптирате частния ключ %1. The key from file '%1' is incomplete or inconsistent. Ключът от файл '%1' е непълен или противоречив. Please enter the password to decrypt the private key from file: %1 Моля, въведете паролата, за да декриптирате частния ключ от файла: %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. Не може да се зареди частният ключ във файл %1. Опитах PEM и DER частни, публични, PKCS#8 типове ключове и SSH2 формат. Please enter the password to decrypt the private key: '%1' Моля, въведете паролата, за да декриптирате частния ключ: '%1' Password input aborted Въвеждането на парола е прекратено Please enter the database password for decrypting the key '%1' Моля, въведете паролата на базата данни за декодиране на ключа '%1' Please enter the password to protect the private key: '%1' Моля, въведете паролата, за да защитите частния ключ: '%1' Please enter the database password for encrypting the key Моля, въведете паролата на базата данни за криптиране на ключа Please enter the password protecting the PKCS#8 key '%1' Моля, въведете паролата, защитаваща PKCS#8 ключа '%1' Please enter the password protecting the Microsoft PVK key '%1' Моля, въведете паролата, защитаваща Microsoft PVK ключа '%1' Please enter the export password for the private key '%1' Моля, въведете паролата за експортиране на частния ключ '%1' pki_export PEM Text format with headers PEM Текстов формат с хедери Concatenated list of all selected items in one PEM text file Конкатениран списък на всички избрани елементи в един PEM текстов файл PEM chain PEM верига Concatenated text format of the complete certificate chain in one PEM file Конкатениран текстов формат на пълната верига от сертификати в един PEM файл PEM + key PEM + ключ Concatenation of the certificate and the unencrypted private key in one PEM file Конкатенация на сертификата и некриптирания частен ключ в един PEM файл Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Конкатенация на сертификата и криптирания частен ключ във формат PKCS#8 в един файл PKCS#7 encoded single certificate PKCS#7 кодиран единичен сертификат All selected certificates encoded in one PKCS#7 file Всички избрани сертификати кодирани в един PKCS#7 файл PKCS #7 chain PKCS#7 encoded complete certificate chain PKCS#7 кодирана пълна верига от сертификати Binary DER encoded certificate PKCS #12 chain The complete certificate chain and the private key as encrypted PKCS#12 file Пълната верига от сертификати и частния ключ като криптиран PKCS#12 файл PKCS #12 The certificate and the private key as encrypted PKCS#12 file Сертификатът и частния ключ като криптиран PKCS#12 файл Certificate Index file Файл с индекс на сертификата OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool Специфичен за OpenSSL файл с индекс на сертификат, създаден от командата 'ca' и изискван от OCSP инструмента vCalendar vCalendar vCalendar expiry reminder for the selected items vCalendar напомняне за изтичане на избраните елементи CA vCalendar CA vCalendar vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL Напомняне за изтичане чрез vCalendar, съдържащо всички издадени валидни сертификати, самия CA и последния CRL PEM public публичен PEM Text format of the public key in one PEM file Текстов формат на публичния ключ в един PEM файл PEM private частен PEM Unencrypted private key in text format Некриптиран частен ключ в текстов формат PEM encrypted OpenSSL specific encrypted private key in text format Специфичен за OpenSSL криптиран частен ключ в текстов формат SSH2 private частен SSH2 SSH2 public публичен SSH2 The public key encoded in SSH2 format Публичният ключ, кодиран във формат SSH2 DER public публичен DER Binary DER format of the public key Двоичен DER формат на публичния ключ DER private частен DER Unencrypted private key in binary DER format Некриптиран частен ключ в двоичен DER формат PVK private частен PVK Private key in Microsoft PVK format not encrypted Частният ключ във формат Microsoft PVK не е криптиран PVK encrypted криптиран PVK Encrypted private key in Microsoft PVK format Криптиран частен ключ във формат Microsoft PVK PKCS #8 encrypted Encrypted private key in PKCS#8 text format Криптиран частен ключ в текстов формат PKCS#8 PKCS #8 Unencrypted private key in PKCS#8 text format Некриптиран частен ключ в текстов формат PKCS#8 Binary DER format of the certificate request Binary DER format of the revocation list vCalendar reminder for the CRL expiry date XCA template in PEM-like format All selected XCA templates in PEM-like format pki_key Successfully imported the %1 public key '%2' Успешно импортиран публичен ключ %1 '%2' Delete the %1 public key '%2'? Изтриване на публичния ключ %1 '%2'? Successfully imported the %1 private key '%2' Успешно импортиран частен ключ %1 '%2' Delete the %1 private key '%2'? Изтриване на %1 частен ключ '%2'? Successfully created the %1 private key '%2' Успешно създаден %1 частен ключ '%2' Delete the %1 keys: %2? Изтриване на ключовете %1: %2? Public key Публичен ключ Common Общо Private Частно Bogus Фалшиви PIN ПИН No password Няма парола Unexpected SSH2 content: '%1' Неочаквано SSH2 съдържание:'%1' Invalid SSH2 public key Невалиден SSH2 публичен ключ Failed writing to %1 Възникна грешка при писането в %1 pki_multi No known PEM encoded items found Не са открити познати PEM кодирани елементи pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 Моля, въведете паролата, за да декодирате на файла PKCS#12: %1 Unable to load the PKCS#12 (pfx) file %1. Не може да се зареди файлът PKCS#12 (pfx) %1. The supplied password was wrong (%1) Предоставената парола е грешна (%1) Please enter the password to encrypt the PKCS#12 file Моля, въведете паролата, за да кодирате файла PKCS#12 No key or no Cert and no pkcs12 Без ключ или без сертификат и без pkcs12 pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. Не успях да заредя PKCS#7 %1 файла. Опитах с PEM и DER формат. pki_scard Successfully imported the token key '%1' Успешно импортиран ключ за токен '%1' Delete the token key '%1'? Да се изтрие ли токен ключа '%1'? Successfully created the token key '%1' Успешно е създаден ключът на токена '%1' Delete the %1 keys: %2? Изтриване на ключовете %1: %2? Delete the private key '%1' from the token '%2 (#%3)' ? Изтриване на частния ключ '%1' от токена '%2 (#%3)'? This Key is already on the token Този ключ вече е на токена PIN input aborted Въвеждането на PIN е прекратено Unable to find copied key on the token Не може да се намери копиран ключ на токена Please insert card: %1 %2 [%3] with Serial: %4 Моля, поставете карта: %1 %2 [%3] със сериен номер: %4 Unable to find generated key on card Не може да се намери генериран ключ на картата Token %1 Токен %1 Failed to find the key on the token Неуспешно намиране на ключа на токена Invalid Pin for the token Невалиден ПИН за токена Failed to initialize the key on the token Неуспешно инициализиране на ключа на токена pki_temp Successfully imported the XCA template '%1' Успешно импортиран XCA шаблон '%1' Delete the XCA template '%1'? Изтриване на XCA шаблона '%1'? Successfully created the XCA template '%1' Успешно създаден XCA шаблон '%1' Delete the %1 XCA templates: %2? Желаете ли изтриване на %1 XCA шаблони: %2? Wrong Size %1 Неправилен размер %1 Template file content error (too small) Грешка в съдържанието на файла на шаблона (твърде малък) Not a PEM encoded XCA Template Не е PEM кодиран XCA шаблон Not an XCA Template, but '%1' Не е XCA шаблон, а '%1' pki_x509 Successfully imported the certificate '%1' Успешно импортиран сертификат '%1' Delete the certificate '%1'? Изтриване на сертификата '%1? Successfully created the certificate '%1' Сертификатът '%1 бе създаден успешно Delete the %1 certificates: %2? Изтриване на сертификатите %1: %2? Unable to load the certificate in file %1. Tried PEM and DER certificate. Не може да се зареди сертификатът във файл %1. Опитах PEM и DER сертификат. This certificate is already on the security token Този сертификат вече е на токена за сигурност Delete the certificate '%1' from the token '%2 (#%3)'? Изтриване на сертификата '%1' от токена '%2 (#%3)'? There is no key for signing ! Няма ключ за подписване! No Не Yes Да Renew certificate: %1 Подновяване на сертификат: %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' XCA сертификатът '%1', издаден на %2, ще изтече на %3. Той се съхранява в XCA базата данни '%4' pki_x509req Signing key not valid (public key) Ключът за подписване не е валиден (публичен ключ) Successfully imported the %1 certificate request '%2' Успешно импортирах %1 сертификат заявката '%2' Delete the %1 certificate request '%2'? Изтриване на %1 заявката за сертификат '%2'? Successfully created the %1 certificate request '%2' Успешно създаде %1 заявка за сертификат '%2' Delete the %1 certificate requests: %2? Изтрийте %1 заявките за сертификат: %2? Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. Не може да се зареди заявката за сертификат във файл %1. Опитах PEM, DER и SPKAC формат. Signed Подписано Unhandled Необработено v3ext Copy Common Name Копиране на общото име Add Добавяне Delete Изтриване Apply Приложи Validate Валидност Cancel Отказ An email address or 'copy' Имейл адрес или 'копие' An email address Имейл адрес A registered ID: OBJECT IDENTIFIER Регистриран ID: ИДЕНТИФИКАТОР НА ОБЕКТ A uniform resource indicator Единен индикатор за ресурс A DNS domain name or 'copycn' DNS име на домейн или 'copycn' A DNS domain name DNS име на домейн An IP address IP адрес Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' Синтаксис: <OID>;ВЪВЕДЕТЕ:текстов файл като '1.2.3.4:UTF8:name' No editing. Only 'copy' allowed here Без редакция. Тук е разрешено само 'копиране' Validation failed: '%1' %2 Неуспешна проверка: '%1' %2 Validation successful: '%1' Валидирането е успешно: '%1' xcaWarning The following error occurred: Възникна следната грешка: Copy to Clipboard Копиране в клипбоарда xcaWarningGui Copy to Clipboard Копиране в клипбоарда xca-RELEASE.2.5.0/lang/xca_de.ts000066400000000000000000007115611450407711300161010ustar00rootroot00000000000000 About Done Schliessen CaProperties Next serial for signing Nächste Seriennummer beim signieren Form Days until next CRL issuing Tage bis zur nächsten CRL Default template Standard Template CA Properties CA Einstellungen Use random Serial numbers Verwende zufällige Seriennummern CertDetail Show extensions Erweiterungen anzeigen Show public key Öffentlichen Schlüssel anzeigen This key is not in the database. Dieser Schlüssel ist nicht in der Datenbank. Not available Nicht verfügbar Revoked at %1 Zurückgezogen am %1 Details of the certificate Details des Zertifikates Signer unknown Unterzeichner unbekannt Self signed Selbstsigniert Not trusted Nicht vertrauenswürdig Trusted Vertrauenswürdig Revoked: Zurückgezogen: Not valid Nicht gültig Valid Gültig Details of the certificate signing request Details des Zertifikatsantrags Details of the Certificate Details des Zertifikates S&tatus S&tatus Serial Seriennummer The serial number of the certificate Die Seriennummer des Zertifikats The internal name of the certificate in the database Der interne Name des Zerifikats in der Datenbank Internal name Interner Name Signature algorithm Signatur algorithmus Signature Unterschrift Key Schlüssel Fingerprints Fingerprints SHA1 SHA1 MD5 MD5 A SHA-1 hashsum of the certificate Eine SHA-1 Summe des Zertifikats An md5 hashsum of the certificate Eine md5 Summe des Zertifikats Status Status SHA256 SHA256 A SHA-256 hashsum of the certificate Eine SHA-256 Summe des Zertifikats Validity Gültigkeit The time since the certificate is valid Beginn der Zertifikatsgültigkeit The time until the certificate is valid Ablaufdatum des Zertifikats Subject Inhaber Issuer Aussteller Extensions Erweiterungen Comment Kommentar &Subject Inha&ber &Issuer &Aussteller Attributes Attribute &Extensions &Erweiterungen Show config Konfiguration anzeigen CertExtend This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. Hiermit wird ein neues Zertifikat als Kopie des alten Zertifikats erstellt, mit neuer Seriennummer und aktueller Gültigkeit. Validity Gültigkeit Not before Nicht vor dem Not after Nicht nach dem Time range Zeitspanne Days Tage Months Monate Years Jahre Midnight Mitternacht Apply Übernehmen Revoke old certificate Altes Zertifikat zurückziehen Replace old certificate Altes Zertifikat ersetzen Keep serial number Seriennummer übernehmen Certificate renewal Zertifikatsverlängerung Local time Ortszeit No well-defined expiration Undefiniertes Ablaufdatum The certificate will be earlier valid than the signer. This is probably not what you want. Das Zertifikat is früher gültig als der Aussteller. Dies ist wahrscheinlich ungewollt. Edit times Zeiten einstellen Edit dates Zeiten einstellen Abort rollout Ausstellung abbrechen Continue rollout Ausstellung fortführen Adjust date and continue Datum anpassen und fortführen The certificate will be longer valid than the signer. This is probably not what you want. Das Zertifikat ist länger gültig als der Aussteller. Dies ist wahrscheinlich nicht gewollt. CertTreeView Import PKCS#12 Import PKCS#12 Import from PKCS#7 Import aus PKCS #7 Request Zertifikatsantrag Security token Chipkarte Other token Andere Chipkarte Similar Certificate Ähnliches Zertifikat Delete from Security token Von der Chipkarte löschen CA CA Properties Eigenschaften Generate CRL CRL erstellen Manage revocations Sperrlisteneinträge bearbeiten Plain View Einfache Ansicht Tree View Baumansicht days Tage No template Keine Vorlage CA Properties CA Einstellungen Certificate export Zertifikatsexport X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) X509 Zertifikate ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) Trust Vertrauen Renewal Verlängerung Revoke Sperren Unrevoke Sperrung aufheben CertView There was no key found for the Certificate: Es wurde kein Schlüssel gefunden für das Zertifikat: Import Certificate signing request Zertifikatsantrag importieren ClickLabel Double click for details Doppelklick für Details CrlDetail Name Name Serial Seriennummer Revocation Sperrung Reason Grund Invalidation Ungültig seit Failed Fehlgeschlagen Verification not possible Überprüfung nicht möglich Unknown signer Unterzeichner unbekannt Unknown certificate Unbekanntes Zertifikat Details of the Revocation list Details der Sperrliste &Status &Status Version Version Signature Unterschrift Signed by Unterschrieben von The internal name of the CRL in the database Der interne Name der CRL in der Datenbank issuing dates Ausstellungszeiten Next update Nächstes Update Last update Letztes update Comment Kommentar Next Update Nächstes Update Last Update Letztes Update &Issuer &Aussteller &Extensions &Erweiterungen &Revocation list &Sperrliste 0 0 CrlTreeView There are no CA certificates for CRL generation Es existieren keine CA Zertifikate für eine CRL generierung Select CA certificate CA Zertifikat wählen Revocation list export Sperrliste exportieren CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) ExportCert X509 Certificates ( *.cer *.crt *.p12 *.p7b);;All files ( * ) X509 Zertifikate ( *.cer *.crt *.p12 *.p7b);;Alle Dateien ( * ) DER is a binary format of the Certificate PEM is a base64 encoded Certificate PKCS#7 is an official Certificate exchange format PKCS#12 is an encrypted official Key-Certificate exchange format DER ist das Binärformat des Zertifikats PEM ist ein base64 kodiertes Zertifikat PKCS#7 ist ein offizielles Zertifikatsaustauschformat PKCS#12 ist ein verschlüsseltes, offizielles Austauschformat für Zertifikats/Schlüssel paare Please enter the filename for the certificate. Bitte geben sie den Dateinamen des Zertifikats ein. Certificate export Zertifikatsexport ExportDer All files ( * ) Alle Dateien ( * ) DER is a binary format PEM is a base64 encoded DER file DER ist ein Binärformat PEM ist eine base64 kodierte PEM Datei im Textformat ExportDialog Name Name The internal name of the CRL in the database Der interne Name der CRL in der Datenbank ... ... Filename Dateiname Export comment into PEM file Kommentar in die PEM Datei übernehmen Please enter the filename Bitte den Dateinamen eingeben Export Format Exportformat All files ( * ) Alle Dateien ( * ) PEM Text format with headers PEM Textformat mit Kopf- und Fußzeilen Concatenated list of all selected items in one PEM text file Aneinandergereihte Liste aller ausgewählter Einträge in eine PEM Text Datei Concatenated text format of the complete certificate chain in one PEM file Aneinandergehängte Zertifikatskette in einer PEM Datei Concatenated text format of all trusted certificates in one PEM file Alle vertrauenswürdigen Zertifikate aneinandergehängt in einer PEM Datei Concatenated text format of all certificates in one PEM file Alle Zertifikate aneinandergehängt in einer PEM Datei Binary DER encoded file Binäre DER formatierte Datei PKCS#7 encoded single certificate Einzelnes Zertifikat im PKCS#7 format PKCS#7 encoded complete certificate chain Vollständige Zertifikatskette in einer PKCS#7 Datei All trusted certificates encoded in one PKCS#7 file Alle vertrauenswürdigen Zertifikate in einer PKCS#7 Datei Concatenated text format of all unrevoked certificates in one PEM file Alle ungesperrten Zertifikate hintereinander in einer PEM Textdatei All unrevoked certificates encoded in one PKCS#7 file Alle nicht zurückgezogenen Zertifikate in einer PKCS#7 Datei All selected certificates encoded in one PKCS#7 file Alle ausgewählten Zertifikate in einer PKCS#7 Datei All certificates encoded in one PKCS#7 file Alle Zertifikate in einer PKCS#7 Datei The certificate and the private key as encrypted PKCS#12 file Das Zertifikat und der zugehörige private Schlüssel als verschlüsselte PKCS#12 Datei The complete certificate chain and the private key as encrypted PKCS#12 file Die vollständige Zertifikatskette und der private Schlüssel als verschlüsselte PKCS#12 Datei Concatenation of the certificate and the unencrypted private key in one PEM file Das PEM Zertifikat und der unverschlüsselte private PEM Schlüssel in einer Textdatei Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Das PEM Zertifikat und der unverschlüsselte private PKCS#8 Schlüssel in einer Textdatei Text format of the public key in one PEM file Eine PEM Textdatei mit dem öffentlichen Schlüssel Binary DER format of the public key Der öffentliche Schlüssel in einer binären DER Datei Unencrypted private key in text format Der unverschlüsselte private Schlüssel in einer PEM Textdatei OpenSSL specific encrypted private key in text format OpenSSL spezifischer privater Schlüssel im Textformat Unencrypted private key in binary DER format Unverschlüsselter privater Schlüssel in einer binären DER Datei Unencrypted private key in PKCS#8 text format Unverschlüsselter privater Schlüssel in einer PKCS#8 Textdatei Encrypted private key in PKCS#8 text format Verschlüsselter privater Schlüssel in einer PKCS#8 Textdatei The public key encoded in SSH2 format Der öffentliche Schlüssel im SSH2 Format OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool OpenSSL spezifische Zertifikatsindexdatei in dem Format wie sie von dem OpenSSL 'ca' kommando erzeugt und von der OCSP Funktion benötigt wird vCalendar expiry reminder for the selected items Fälligkeitserinnerung für alle ausgewählten Elemente im vCalendar Format vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL Fälligkeitserinnerung für alle ausgestellten Zertifikate, der CA und der letzten CRL im vCalendar Format Private key in Microsoft PVK format not encrypted Nicht verschlüsselter privater Schlüssel im Microsoft PVK Format Encrypted private key in Microsoft PVK format Verschlüsselter privater Schlüssel in einer Microsoft PVK-Datei Certificate Index file Zertifikatsindexdatei The file: '%1' already exists! Die Datei '%1' existiert bereits! Overwrite Überschreiben Do not overwrite Nicht überschreiben ExportKey Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub );; All files ( * ) Private Schlüssel ( *.pem *.der *.pk8 );; Öffentliche SSH Schlüssel ( *.pub );; Alle Dateien ( * ) Please enter the filename for the key. Bitte geben Sie den Dateinamen für den Schlüssel ein. Export public %1 key Öffentlichen %1 Schlüssel exportieren Export %1 key %1 Schlüssel exportieren DER is a binary format of the key without encryption PEM is a base64 encoded key with optional encryption PKCS#8 is an encrypted official Key-exchange format DER ist ein binärformat ohne Passwort sicherung PEM ist ein base64 codierter Schlüssel mit optionaler Passwort sicherung PKCS#8 ist ein offizielles Austauschformat für Passwort gesicherte Schlüssel When exporting the private key it should be encrypted. Der Private Schlüssel sollte beim Export durch ein Passwort geschützt werden. When exporting the private part, it should be encrypted. Wenn der private Teil mit exportiert wird, sollte er verschlüsselt werden. E&xport the private part of the Key too Den privaten Teil des Schlüssels mit e&xportieren Export as PKCS#8 Exportieren als PKCS#8 &Encrypt the Key with a password D&en Schlüssel mit einem Passwort sichern Private keys ( *.pem *.der *.pk8 );;All files ( * ) Private Schlüssel ( *.pem *.der *.pk8 );;Alle Dateien ( * ) Form last update Letztes Update next update Nächstes Update Days Tage Months Monate Years Jahre Apply Übernehmen Midnight Mitternacht Local time Ortszeit No well-defined expiration Undefiniertes Ablaufdatum Help << << >> >> &Done &Fertig ImportMulti Details Details Import &All &Alle importieren &Import &Import &Done &Fertig The type of the Item '%1' is not recognized Unbekannter Typ bei '%1' Details of the item '%1' cannot be shown Details von '%1' können nicht angezeigt werden The type of the item '%1' is not recognized Unbekannter Typ bei '%1' The file '%1' did not contain PKI data Die Datei '%1' enthielt keine verwendbaren Daten The %1 files: '%2' did not contain PKI data Die %1 Dateien: '%2' enthielten keine verwendbaren Daten Import PKI Items Importieren &Remove from list &Aus Liste entfernen Delete from token Von der Chipkarte löschen Rename on token Auf der Chipkarte umbenennen Name: %1 Model: %2 Serial: %3 Name: %1 Modell: %2 Seriennummer: %3 Manage security token Chipkarte verwalten ItemProperties Name Name Source Herkunft Insertion date Einfügezeitpunkt Comment Kommentar KeyDetail Not available Nicht verfügbar Available Verfügbar Name Name The internal name of the key used by xca Der interne Name in der Datenbank Keysize Schlüssellänge Private Exponent Privater Exponent Security Token Chipkarte Label Bezeichnung PKCS#11 ID PKCS#11 ID Token information Chipkarteninformation Model Modell Fingerprint Fingerabdruck Comment Kommentar Public Exponent Öffentlicher Exponent Modulus Modulus Sub prime Sub prime Public key Öffentlicher Schlüssel Private key Privater Schlüssel Security token Chipkarte Manufacturer Hersteller Serial Seriennummer Key Schlüssel Token Chipkarte Curve name Kurvenname Details of the %1 key Details des %1 Schlüssels Security token ID:%1 Chipkarte ID:%1 Unknown key Unbekannter Schlüssel KeyTreeView Clipboard format Change password Passwort ändern Reset password Passwort zurücksetzen Change PIN PIN ändern Init PIN with SO PIN (PUK) PIN mithilfe der SO PIN (PUK) initialisieren Change SO PIN (PUK) SO PIN (PUK) ändern Security token Chipkarte This is not a token Dies ist keine Smartcard Export public key [%1] Export des öffentlichen Schlüssels [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Private Schlüssel ( *.pem *.der *.pk8 );; Öffentliche SSH Schlüssel ( *.pub ) Tried to change PIN of a key Die PIN eines Schlüssels ohne Chipkarte kann nicht geändert werden Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable Soll der Originalschlüssel '%1' durch den Chipkartenschlüssel ersetzt werden? Dies löscht den Schlüssel '%1' und macht ihn nicht-exportierbar MainWindow Password Passwort Password verify error, please try again Die Passwort überprüfung ist fehlgeschlagen Search Suchen Please enter the new SO PIN (PUK) for the token '%1' Bitte die neue SO PIN (PUK) für '%1' eingeben Current Password Aktuelles Passwort Please enter the current database password Bitte das aktuelle Passwort eingeben The entered password is wrong Das angegebene Passwort war falsch New Password Neues Passwort Transaction start failed Transaktionsstart fehlgeschlagen Please enter a password, that will be used to encrypt your private keys in the database: %1 Bitte das Passwort zur Verschlüsselung der privaten Schlüssel in der Datenbank %1 eingeben The following error occurred: Der folgende Fehler ist aufgetreten: Copy to Clipboard In die Zwischenablage &Close DataBase Datenbank s&chliessen &Content &Inhalt &About Ü&ber &File D&atei Recent DataBases Zuletzt geöffnet System System Croatian Kroatisch English Englisch French Französisch German Deutsch Japanese Japanisch Russian Russisch Slovak Slowakisch Spanish Spanisch Persian Bulgarian Polish Polnisch Italian Italienisch Chinese Chinesisch Dutch Niederländisch Portuguese in Brazil Brasilianisches Portugiesisch Indonesian Turkish Türkisch Language Sprache Open Remote DataBase Netzwerkdatenbank öffnen Paste PEM file PEM Datei Einfügen Token Chipkarte Extra Extra &Export Certificate Index Zertifikatsindex &exportieren &Export Certificate Index hierarchy Zertifikatsindexhierarchie &exportieren OID Resolver OID Resolver &Help &Hilfe Database dump ( *.dump );; All files ( * ) Datenbankausgabe ( *.dump );; Alle Dateien ( * ) Private Keys Private Schlüssel &New Key &Neuer Schlüssel &Export &Export &Import &Import Import PFX (PKCS#12) Import PFX (PKCS#12) &Show Details Detail&s anzeigen &Delete &Löschen Certificate signing requests Zertifikatsanträge &New Request &Neuer Zertifikatsantrag Certificates Zertifikate &New Certificate &Neues Zertifikat Import &PKCS#12 Import &PKCS#12 Import P&KCS#7 Import P&KCS#7 Plain View Einfache Ansicht Templates Vorlagen &New Template &Neue Vorlage &New CRL &Neue Sperrliste &New template &Neue Vorlage Ch&ange Template Vorl&age Ändern Revocation lists Sperrlisten Database: %1 Datenbank: %1 The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. Das aktuell verwendete Standard-Hash-Verfahren '%1' gilt als unsicher. Aus Sicherheitsgründen sollte mindestens SHA-224 gewählt werden. Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Veraltetes Datenbankformat entdeckt. Eine Sicherheitskopie mit dem Namen: '%1' wird erstellt und die Datenbank in das neue Format umgewandelt Failed to rename the database file, because the target already exists Datenbank konnte nicht umbenannt werden, da die Zieldatei bereits existiert No deleted items found Keine gelöschten Einträge gefunden Errors detected and repaired while deleting outdated items from the database. A backup file was created Beim Löschen veralteter Datenbankeinträge wurden Fehler erkannt und repariert. Eine Backup-datei wurde erstellt Removing deleted or outdated items from the database failed. Das Entfernen gelöschter oder veralteter Elemente aus der Datenbank ist Fehlgeschlagen. &Dump DataBase &Datenbank ausgeben &Import old db_dump Alten db_dump &Importieren &Undelete items &Gelöschte Einträge wiederherstellen Options Optionen New DataBase Neue Datenbank Open DataBase Datenbank Öffnen Close DataBase Datenbank schliessen Keys Schlüssel Requests Zertifikatsanträge PKCS#12 PKCS#12 PKCS#7 PKCS#7 Template Vorlage Revocation list Sperrliste PEM file PEM Datei Content Inhalt Donations Spenden Import password Import Passwort Please enter the password of the old database Bitte das Passwort der alten Datenbank eingeben Password verification error. Ignore keys ? Falsches Passwort. Schlüssel ignorieren ? Import anyway Trotzdem importieren I&mport I&mport paste PEM file PEM datei (copy+paste) About Über Database dump ( *.dump );;All files ( * ) Database dump ( *.dump );;All files ( * ) Import PEM data PEM daten importieren The new label of the token '%1' Die neue Bezeichnung der Chipkarte '%1' Please enter the new password to encrypt your private keys in the database-file Bitte das neue Passwort zur Verschlüsselung der privaten Schlüssel in der Datenbank eingeben Please enter a password, that will be used to encrypt your private keys in the database file: %1 Bitte geben Sie ein Passwort an um die privaten Schlüssel in der Datenbank %1 zu verschlüsseln Please enter the password for unlocking the database: %1 Bitte geben Sie das Passwort ein um die Datenbank %1 zu öffnen Certificate Index ( index.txt ) Zertifikatsindex ( index.txt ) All files ( * ) Alle Dateien ( * ) Diffie-Hellman parameters saved as: %1 Diffie-Hellmann Parameter gespeichert als: %1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits Diffie-Hellman Parameter werden von anderen Applikationen benötigt. XCA verwendet oder speichert sie aber nicht. Bitte die DH Parameter bits angeben &New DataBase &Neue Datenbank &Open DataBase Datenbank &Öffnen &Init Security token Chipkarte &initialisieren Export Certificate &Index hierarchy Zertifikats&indexhierarchie exportieren C&hange DataBase password Da&tenbankpasswort ändern Exit Beenden no such option: %1 unbekannte option: %1 Using or exporting private keys will not be possible without providing the correct password Die Benutzung oder der Export privater Schlüssel ist nur mit dem richtigen Datenbankpasswort möglich Please enter the original SO PIN (PUK) of the token '%1' Die alte SO PIN (PUK) für die Chipkarte '%1' eingeben Please enter the new SO PIN (PUK) of the token '%1' Die neue SO PIN (PUK) für die Chipkarte '%1' eingeben The token '%1' did not contain any keys or certificates Die Chipkarte '%1' enthält keine Schlüssel oder Zertifikate Error opening file: '%1': %2 Öffnen der Datei '%1' fehlgeschlagen: %2 Generate DH parameter DH Parameter erstellen Set as default DataBase Als Standard datenbank &Token &Chipkarte &Manage Security token Chipkarte &verwalten &Change PIN &PIN ändern Change &SO PIN &SO PIN ändern Init PIN PIN initialisieren NewCrl Create CRL CRL erstellen Dates Zeiten next update Nächstes Update last update Letztes Update Days Tage Months Monate Years Jahre Midnight Mitternacht Local time Ortszeit Apply Übernehmen CRL number CRL Nummer Hash algorithm Hash algorithmus Hashing algorithm Hash algorithmus Extensions Erweiterungen Authority key identifier Authority key identifier Subject alternative name Subject alternative name Last update Letztes update Next update Nächstes Update Options Optionen CRL Number CRL Nummer Revocation reasons Sperrungsgrund NewKey New key Neuer Schlüssel Please give a name to the new key and select the desired keysize Bitte geben Sie dem Schlüssel einen Namen und wählen Sie die gewünschte Schlüssellänge Key properties Schlüsseleigenschaften Name Name Curve name Kurvenname Keysize Schlüssellänge Usually 1024 or 2048 bit keys are used Normalerweise werden 1024 oder 2048 bit Schlüssel verwendet Remember as default Als Standard speichern The internal name of the new key Interner Name des neuen Schlüssels New Key Neuer Schlüssel Usually at least 2048 bit keys are recommended Heutzutage wird eine Mindestlänge von 2048 bit empfohlen Keytype Schlüsseltyp Curve Kurve Create Erstellen NewX509 Create Erstellen Source Herkunft Signing request Zertifikatsantrag Show request Request anzeigen Country code Länder code State or Province Bundesland, Kreis Locality Ort Organisation Firma Organisational unit Firmenabteilung Common name Üblicher Name E-Mail address E-Mail Adresse Sign this Certificate signing &request Diesen Zertifikatsant&rag unterschreiben Copy extensions from the request Erweiterungen aus dem Zertifikatsantrag kopieren Signing Unterschreiben Create a &self signed certificate with the serial Erstelle ein &Selbst signiertes Zertifikat mit der Serien nummer If you leave this blank the serial 00 will be used Wenn Sie dieses Feld frei lassen wird die Seriennummer 00 verwendet 1 1 All certificates in your database that can create valid signatures Alle Zertifikate aus der Datenbank, die gültige Unterschriften leisten können Signature algorithm Signatur algorithmus Template for the new certificate Vorlage für das neue Zertifikat All available templates Alle verfügbaren Vorlagen Internal Name Interner Name Apply Übernehmen Subject Inhaber Create a &self signed certificate Selbst&signiertes Zertifikat erstellen Use &this Certificate for signing Verwende dieses Zertifika&t zum Unterschreiben Distinguished name Eindeutiger Name This name is only used internally and does not appear in the resulting certificate Dieser Name wird nur intern verwendet und erscheint nicht im Zertifikat Must be exactly 2 letter of size (DE, UK) Muss exakt 2 Zeichen lang sein (DE,UK) Internal name Interner Name Add Hinzufügen Delete Löschen Private key Privater Schlüssel This list only contains unused keys Diese Liste enthält nur unbenutzte Schlüssel Used keys too auch verwendete Schlüssel &Generate a new key &Erstelle einen neuen Schlüssel Extensions Erweiterungen Basic constraints Grundsätzliche Einschränkungen Type Typ If this will become a CA certificate or not Ob dies ein CA Zertifikat wird oder nicht Not defined Nicht definiert Certification Authority Zertifikats Authorität End Entity End Instanz Path length Pfadlänge How much CAs may be below this. Wieviele CAs in der Kette unter diesem sein dürfen. The basic constraints should always be critical Die "basic constraints" sollten immer "critical" sein Key identifier Schlüsselkennung Creates a hash of the key following the PKIX guidelines Erstellt eine hashsumme nach PKIX Vorgaben Copy the Subject Key Identifier from the issuer Kopiere den "Subject key identifier" vom Aussteller Validity Gültigkeit Not before Nicht vor dem Not after Nicht nach dem Time range Zeitspanne Days Tage Months Monate Years Jahre Set the time to 00:00:00 and 23:59:59 respectively Stell die Zeiten auf 00:00:00 und 23:59:59 Midnight Mitternacht Local time Ortszeit Authority Info Access Ausstellerinformationszugang CRL distribution point CRL Verteilungsstelle issuer alternative name Alternativer Ausstellername URI: URI: can be altered by the file "aia.txt" Kann in der Datei "aia.txt" angepasst werden Edit Bearbeiten DNS: IP: URI: email: RID: DNS: IP: URI: email: RID: subject alternative name Alternativer Eigentümername Key usage Schlüsselverwendung Extended key usage Erweiterte Schlüsselverwendung Netscape Netscape CA Revocation URL CA Sperrlisten URL Revocation URL Sperrlisten URL SSL server name SSL Servername Certificate renewal URL Zertifikatsverlängerungs URL Comment Kommentar CA policy URL CA Richtlinien URL Base URL Basis URL Create a &self signed certificate with a MD5-hashed QA serial Erstelle ein &Selbst signiertes Zertifikat mit eine MD5-gehashten Serien nummer Create Certificate signing request Erstelle einen Zertifikatsantrag XCA template XCA Vorlage Create x509 Certificate Erstelle x509 Zertifikat Abort rollout Ausstellung abbrechen The following length restrictions of RFC3280 are violated: Die folgenden Längenbeschränkungen aus RFC3280 werden verletzt: The internal name and the common name are empty. Please set at least the internal name. Der interne Name und der commonName sind leer. Bitte mindestens den internen Namen setzen. There is no Key selected for signing. Es ist kein Schlüssel zum Signieren ausgewählt. Continue rollout Ausstellung fortführen The certificate will be out of date before it becomes valid. You most probably mixed up both dates. Das Zertifikat wird abgelaufen sein, bevor es gültig wurde. Wahrscheinlich sind die Zeiten vertauscht. Modify subject of the request Inhaberinformation "subject" des Zertifikatsantrags ändern Advanced Erweitert Validate Überprüfen The verification of the Certificate request failed. The rollout should be aborted. Die Validierung des Requests ist fehlgeschlagen. Die Zertifikatserstellung sollte abgebrochen werden. Continue anyway Trotzdem fortfahren No well-defined expiration Undefiniertes Ablaufdatum Edit name Namen editieren Select key Schlüssel auswählen The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. Die folgenden Subject-name Einträge sind leer: %1, obwohl sie im Optionen-menu als notwendig deklariert wurden. Edit subject Subject editieren Edit dates Zeiten einstellen The key you selected for signing is not a private one. Der ausgewählte Schlüssel zum signieren ist nicht vollständig. Critical Wichtig Create XCA template XCA Vorlage erstellen Edit XCA template XCA Vorlage ändern Template '%1' applied Vorlage '%1' angewendet Subject applied from template '%1' Eigentümerinformation aus Vorlage '%1' angewendet Extensions applied from template '%1' Erweiterungen aus Vorlage '%1' angewendet New key '%1' created Der Schlüssel '%1' wurde neu erstellt Select other signer Andere CA wählen Select other key Anderen Schlüssel wählen The currently selected hash algorithm '%1' is insecure and should not be used. Der aktuell gewählte Hash-algorithmus '%1' ist nicht sicher und sollte nicht verwendet werden. Select other algorithm Anderen Algorithmus wählen Use algorithm anyway Algirithmus trotzdem verwenden The certificate will be earlier valid than the signer. This is probably not what you want. Das Zertifikat is früher gültig als der Aussteller. Dies ist wahrscheinlich ungewollt. Adjust date and continue Datum anpassen und fortführen The certificate will be longer valid than the signer. This is probably not what you want. Das Zertifikat ist länger gültig als der Aussteller. Dies ist wahrscheinlich nicht gewollt. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. Das Zertifikat enthält ungültige oder duplizierte Extensions. Bitte prüfen Sie die Validierung auf dem Erweitert Reiter. The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. Das Zertifikat enthält keine Erweiterungen. Sie sollten die Erweiterungen aus einer der Vorlagen anwenden, um den Zweck des Zertifikats zu definieren. The certificate contains invalid extensions. Edit extensions Extensions editieren The subject alternative name shall contain a copy of the common name. However, the common name is empty. Der 'subject alternative name' (SAN) soll vom 'common name' kopiert werden. Dieser ist allerdings leer. Apply extensions Erweiterungen übernehmen Apply subject Subject übernehmen Apply all Alles übernehmen minimum size: %1 Mindestlänge: %1 maximum size: %1 Maximallänge: %1 only a-z A-Z 0-9 '()+,-./:=? nur die Zeichen a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters Keine Sonderzeichen oder Umlaute From PKCS#10 request Aus dem PKCS#10 Zertifikatsantrag Other Tabs Andere Tabs Advanced Tab Erweiterter Tab Errors Fehler Configfile error on line %1 Fehler in der Konfigurationsdatei in Zeile %1 OidResolver OID Resolver OID Resolver Enter the OID, the Nid, or one of the textual representations Die OID, die Nid oder den Text eingeben Search Suchen OID OID Long name Kurzbezeichner Ausführliche Bezeichnung OpenSSL internal ID Interne OpenSSL ID Nid Nid Short name Kurzbezeichnung OpenDb Open remote database Netzwerkdatenbank öffnen Database type Datenbanktyp Hostname Rechnername Username Benutzername Password Passwort Database name Datenbankname Table prefix Tabellen Prefix No SqLite3 driver available. Please install the qt-sqlite package of your distribution Kein SQLite3 Treiber verfügbar. Bitte das qt-sqlite Paket der Paketdistribution installieren Please enter the password to access the database server %2 as user '%1'. Bitte das Datenbankpasswort des Benutzers '%1' für die Datenbank auf '%2' eingeben. The database driver does not support transactions. This may happen if the client and server have different versions. Continue with care. Der Datenbanktreiber unterstützt keine Transaktionen. Dies kann vorkommen, wenn client und server unterschiedliche Versionen haben. Options Mandatory subject entries Pflichtfelder im subject-name Add Hinzufügen Delete Löschen Default hash algorithm Standard Hash Algorithmus Settings Einstellungen String types Zeichenkettentyp Suppress success messages Erstellungs- und Importnachrichten unterdrücken Don't colorize expired certificates Abgelaufene Zertifikate nicht farblich markieren Translate established x509 terms (%1 -> %2) Feststehende x509 Begriffe übersetzen (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. Die Hash funktionen der Smartcard werden von XCA nicht verwendet. Die Smartcard kann einen eingeschränkten Satz an Hash-funktionen anbieten. Insbesondere sind in der PKCS#11 Spezifikation EC und DSA signaturen nur mit SHA1 definiert. Only use hashes supported by the token when signing with a token key Verwende nur von der Smartcard angebotene Hash-funktionen Disable legacy Netscape extensions Veraltete Netscape Erweiterungen abschalten PKCS12 encryption algorithm Certificate expiry warning threshold Zeitpunkt der Zertifikatsablauferinnerung Send vCalendar expiry reminder Zertifikatsablauferinnerung in vCalendar Serial number length Länge der Seriennummer bit bit Distinguished name Eindeutiger Name Explicit subject entries Besondere Namensteile Dynamically arrange explicit subject entries Besondere Namensteile dynamisch anordnen Default Standard PKCS#11 provider PKCS#11 anbieter Remove Entfernen Search Suchen UTF8 strings only (RFC2459) Nur UTF8 Zeichenketten (RFC2459) Printable string or UTF8 (default) PKIX recommendation in RFC2459 No BMP strings, only printable and T61 All strings Days Tage Weeks Wochen Load failed Laden fehlgeschlagen XCA Options XCA Optionen PwDialog Password Passwort Repeat %1 %1 wiederholen %1 mismatch Keine %1 übereinstimmung Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters Das Passwort wird als 2stelliger hex-code interpretiert. Er muss eine gradstellige Anzahl der Zeichen 0-9 und a-f enthalten Exit Beenden E&xit B&eenden The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) Das Passwort wird als 2 stelliger hex-code interpretiert. Er muss eine grade Anzahl an Ziffern enthalten (0-9 und a-f) Take as HEX string Als HEX Zeichenkette interpretieren QMessageBox Close Schliessen Cancel Abbrechen Apply Übernehmen Yes Ja No Nein QObject Import RSA key Import von RSA Schlüssel PKCS#10 CSR ( *.pem *.der *.csr );; PKCS#10 Zertifikatsantrag ( *.pem *.der *.csr );; Import Request Import von Zertifikatsanträgen Import X.509 Certificate Import von X.509 Zertifikaten Import PKCS#7 Certificates Import von PKCS#7 Zertifikaten Import PKCS#12 Private Certificate Import von PKCS#12 Privaten Zertifikaten Import XCA Templates Import von XCA Vorlagen Open XCA Database Öffnen einer XCA Datenbank Import Certificate Revocation List Importiere Zertifikatsrücknahmeliste PKI Keys ( *.pem *.der *.key );;PKCS#8 Keys ( *.p8 *.pk8 );; PKI Schlüssel ( *.pem *.der *.key );;PKCS#8 Schlüssel ( *.p8 *.pk8 );; PKI Keys ( *.pem *.der *.key );;PKCS#8 Keys ( *.p8 *.pk8 );;SSH Public Keys ( *.pub );; PKI Schlüssel ( *.pem *.der *.key );;PKCS#8 Schlüssel ( *.p8 *.pk8 );; Öffentliche SSH2 Schlüssel ( *.pub );; PKCS#10 CSR ( *.pem *.der *.csr );;Netscape Request ( *.spkac *.spc );; PKCS#10 CSR ( *.pem *.der *.csr );;Netscape Request ( *.spkac *.spc );; PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; SSH Public Keys ( *.pub );; PKI Schlüssel ( *.pem *.der *.key );; PKCS#8 Schlüssel ( *.p8 *.pk8 );; Öffentliche SSH Schlüssel ( *.pub );; PKCS#10 CSR ( *.pem *.der *.csr );; Netscape Request ( *.spkac *.spc );; PKCS#10 CSR ( *.pem *.der *.csr );; Netscape Request ( *.spkac *.spc );; PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK Keys ( *.pvk );; SSH Public Keys ( *.pub );; PKI Schlüssel ( *.pem *.der *.key );; PKCS#8 Schlüssel ( *.p8 *.pk8 );; Microsoft PVK Schlüssel ( *.pvk );; Öffentliche SSH Schlüssel ( *.pub );; Certificates ( *.pem *.der *.crt *.cer );; Zertifikate ( *.pem *.der *.crt *.cer );; PKCS#7 data ( *.p7s *.p7m *.p7b );; PKCS#7 Daten ( *.p7s *.p7m *.p7b );; PKCS#12 Certificates ( *.p12 *.pfx );; PKCS#12 Zertifikate ( *.p12 *.pfx );; XCA templates ( *.xca );; XCA Vorlagen ( *.xca);; Revocation lists ( *.pem *.der *.crl );; Sperrliste ( *.pem *.der *.crl );; XCA Databases ( *.xdb );; XCA Datenbanken ( *.xdb );; PKCS#11 library ( *.dylib *.so );; PKCS#11 Bibliothek ( *.dylib *.so );; PEM files ( *.pem );; PEM Dateien ( *.pem );; Load PEM encoded file Lade PEM codierte Datei Invalid Ungültig %1 is shorter than %2 bytes: '%3' %1 ist kürzer als %2 bytes: '%3' %1 is longer than %2 bytes: '%3' %1 ist länger als %2 bytes: '%3' All files ( * ) Alle Dateien ( * ) Undefined Undefiniert Broken / Invalid Ungültig in %1 seconds In %1 Sekunden %1 seconds ago Vor %1 Sekunden in %1 minutes In %1 Minuten %1 minutes ago Vor %1 Minuten Yesterday Gestern Tomorrow Morgen in %1 hours In %1 Stunden %1 hours ago Vor %1 Stunden DB: Rename: '%1' already in use DB: Rename: '%1' wird bereits verwendet DB: Entry to rename not found: %1 DB: Eintrag zur Umbenennung nicht gefunden: %1 PKCS#11 library ( *.dll );; PKCS#11 library ( *.so );; Open PKCS#11 shared library PKCS#11 library öffnen DB: Write error %1 - %2 Datenbank: Schreibfehler %1 - %2 Please enter the PIN on the PinPad Bitte die PIN am Lesegerät eingeben Please enter the SO PIN (PUK) of the token %1 Bitte die SO PIN (PUK) der Chipkarte %1 eingeben Please enter the PIN of the token %1 Bitte die PIN der Chipkarte %1 eingeben No Security token found Keine Chipkarte gefunden Out of Memory at %1:%2 Kein Speicher verfügbar %1: %2 Out of data zuwenig Daten Error finding endmarker of string Fehlerhafter String Select Auswählen Please enter the new SO PIN (PUK) for the token: '%1' Bitte die neue SO PIN (PUK) für die Chipkarte '%1' eingeben Please enter the new PIN for the token: '%1' Bitte die neue PIN der Chipkarte %1 eingeben Failed to open PKCS11 library: %1 Die PKCS#11 Bibliothek %1 konnte nicht geöffnet werden Invalid filename: %1 Ungültiger Dateiname: %1 Failed to open PKCS11 library: %1: %2 PKCS11 Bibliothek %1 konnte nicht geöffnet werden: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Dies scheint keine PKCS#11 Bibliothek zu sein. Sie enthält nicht das Symbol 'C_GetFunctionList'. Disabled Deaktiviert Library loading failed Laden der Bibliothek fehlgeschlagen PKCS#11 function '%1' failed: %2 PKCS#11 Funktion '%1' fehlgeschlagen: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 PKCS#11 Funktion '%1' fehlgeschlagen: %2 in Bibliothek %3 %4 Required PIN size: %1 - %2 Benötigte PIN länge: %1 - %2 Country code Länder code State or Province Bundesland, Kreis Locality Ort Organisation Firma Organisational unit Firmenabteilung Common name Allgemeine Bezeichnung E-Mail address E-Mail Adresse Serial number Seriennummer Given name Vorname Surname Nachname Title Titel Initials Initialien Description Beschreibung Role Rolle Pseudonym Pseudonym Generation Qualifier Generierungskennzeichnung x500 Unique Identifier Eindeutige x500 Identifizierung Name Name DN Qualifier DN Kennzeichnung Unstructured name Unstrukturierter Name Challenge password Passwort nach Aufforderung Basic Constraints Basiseinschränkungen Subject alternative name Alternativer Eigentümername OCSP Must Staple OCSP Stapeling erforderlich subject alternative name Alternativer Eigentümername issuer alternative name Alternativer Ausstellername Subject key identifier Inhaberschlüssel identifizierung Authority key identifier Ausstellerschlüssel identifizierung Key usage Schlüsselverwendung Extended key usage Erweiterte Schlüsselverwendung CRL distribution points CRL Verteilungspunkte Authority information access Aussteller informations zugriff Certificate type Zertifikatstyp Base URL Basis URL Revocation URL Sperrlisten URL CA Revocation URL CA Sperrlisten URL Certificate renewal URL Zertifikatsverlängerungs URL CA policy URL CA Richtlinien URL SSL server name SSL Servername Comment Kommentar String '%1' for '%2' contains invalid characters Der Text '%1' für '%2' enthält ungültige Zeichen Error reading config file %1 at line %2 Fehler beim Einlesen der Konfigurationsdatei %1 in Zeile %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. Das Objekt '%1' aus der Datei %2 in Zeile %3 ist bereits bekannt als '%4:%5:%6' und sollte entfernt werden. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. Der Bezeichner '%1' für die OID %2 aus der Datei %3 in Zeile %4 wird bereits für die OID '%5:%6:%7' verwendet und sollte entfernt werden. Unknown object '%1' in file %2 line %3 Unbekanntes Objekt '%1' in Datei %2 in Zeile %3 Failed to start a database transaction Datenbanktransaktionsinitialisierung fehlgeschlagen Index file written to '%1' Index Datei gespeichert als '%1' Index hierarchy written to '%1' Index Hierarchie gespeichert als '%1' Unknown key type %1 Unbekannter Schlüsseltyp %1 Password verify error, please try again Die Passwort überprüfung ist fehlgeschlagen The following error occurred: Der folgende Fehler ist aufgetreten: Failed to update the database schema to the current version Password Passwort ReqTreeView Sign Unterschreiben Unmark signed Markiere als unsigniert Mark signed Markiere als signiert Similar Request Ähnlicher Zertifikatsantrag Certificate request export Zertifikatsantrag exportieren Certificate request ( *.pem *.der *.csr ) Zertifikatsantrag ( *.pem *.der *.csr ) RevocationList Manage revocations Sperrlisteneinträge bearbeiten Add Hinzufügen Delete Löschen Edit Bearbeiten No. Nr. Serial Seriennummer Revocation Sperrung Reason Grund Invalidation Ungültig seit Generate CRL CRL erstellen Revoke Revocation details Details der Sperrliste Invalid since Ungültig seit Local time Ortszeit Certificate revocation Zertifikatsrückzug Revocation reason Sperrgrund Serial Seriennummer SearchPkcs11 Directory Verzeichnis ... ... Include subdirectories Unterverzeichnisse einschliessen Search Suchen The following files are possible PKCS#11 libraries Die folgenden Dateien sind mögliche PKCS#11 Bibliotheken SelectToken Select Token Chipkarte auswählen Security token Chipkarte Please select the security token Bitte wählen Sie die Chipkarte TempTreeView Duplicate Duplizieren Create certificate Zertifikat erstellen Create request Zertifikatsantrag erstellen copy kopie Preset Template values Vorlagenwerte voreinstellen Template export XCA Templates ( *.xca ) TrustState Certificate trust Zertifikatsvertrauensstatus Trustment Vertrauen &Never trust this certificate &Niemals diesem Zertifikat vertrauen Only &trust this certificate, if we trust the signer Nur dann ver&trauen, wenn wir dem Aussteller vertrauen &Always trust this certificate Diesem Zertifikat immer vertr&auen Set trustment of the Certificate Vertrauenseinstellung des Zertifikats Validity yyyy-MM-dd hh:mm dd.MM.yyyy hh:mm X509SuperTreeView OpenSSL config OpenSSL Konfiguration Transform Umwandeln Template Vorlage Public key Öffentlicher Schlüssel Save as OpenSSL config OpenSSL Konfiguration speichern Config files ( *.conf *.cnf);; All files ( * ) Konfigurations dateien ( *.conf *.cnf);; Alle Dateien ( * ) Public Key Öffentlicher Schlüssel XFile Error opening file: '%1': %2 Error rewinding file: '%1': %2 XcaTreeView Subject entries Namensteile X509v3 Extensions X509v3 Erweiterungen Netscape extensions Netscape Erweiterungen Key properties Schlüsseleigenschaften Reset Zurücksetzen Remove Column Spalte ausblenden Item properties Eigenschaften Hide Column Spalte ausblenden Details Details Columns Spalten New Neu Import Import Paste PEM data Einfügen (PEM) Rename Umbenennen Properties Eigenschaften Delete Löschen Export Export Clipboard Zwischenablage File Datei database_model Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Veraltetes Datenbankformat entdeckt. Eine Sicherheitskopie mit dem Namen: '%1' wird erstellt und die Datenbank in das neue Format umgewandelt Failed to rename the database file, because the target already exists Datenbank konnte nicht umbenannt werden, da die Zieldatei bereits existiert Please enter the password to access the database server %2 as user '%1'. Bitte das Datenbankpasswort des Benutzers '%1' für die Datenbank auf '%2' eingeben. Unable to create '%1': %2 Kann '%1' nicht erstellen: %2 The file '%1' is not an XCA database Die Datei '%1' ist keine XCA Datenbank No SqLite3 driver available. Please install the qt-sqlite package of your distribution Kein SQLite3 Treiber verfügbar. Bitte das qt-sqlite Paket der Paketdistribution installieren New Password Neues Passwort Please enter a password, that will be used to encrypt your private keys in the database: %1 Bitte das Passwort zur Verschlüsselung der privaten Schlüssel in der Datenbank %1 eingeben Password Passwort Please enter the password for unlocking the database: %1 Bitte geben Sie das Passwort ein um die Datenbank %1 zu öffnen db_base Internal name Interner Name Reset Zurücksetzen Subject entries Namensteile Bad database item Name: %1 Type: %2 Size: %3 %4 Problematischer Datenbankeintrag Name: %1 Typ: %2 Grösse %3 %4 Do you want to delete the item from the database? The bad item may be extracted into a separate file. Soll der Eintrag aus der Datenbank gelöscht werden? Der problematische Eintrag kann in eine separate Datei extrahiert werden. Delete Löschen Delete and extract Löschen und extrahieren Continue Weiter Error opening file: '%1': %2 Fehler beim Öffnen der Datei %1: %2 No. Nr. Primary key Primärschlüssel Database unique number Eindeutige Nummer des Eintrags in der Datenbank Date Datum Date of creation or insertion Datum der Erstellung oder des Einfügens Source Herkunft Generated, Imported, Transformed Generiert, Importiert, Umgewandelt Comment Kommentar First line of the comment field Erste Zeile des Kommentarfelds Import from: %1 Importiert aus: %1 Could not create directory %1 Verzeichnis %1 konnte nicht erstellt werden Item properties Eigenschaften How to export the %1 selected items Wie sollen die %1 ausgewählten Einträge exportiert werden All in one PEM file Alles in eine PEM Datei Each item in one file Jeder Eintrag in eine separate Datei Save %1 items in one file as %1 Einträge in einer Datei speichern PEM files ( *.pem );; All files ( * ) PEM Dateien ( *.pem );; All files ( * ) PEM Files( *.pem );; All files ( * ) PEM Dateien ( *.pem );; Alle Dateien ( * ) X509v3 Extensions X509v3 Erweiterungen Netscape extensions Netscape Erweiterungen Paste PEM data Einfügen (PEM) Columns Spalten db_crl Signer Aussteller Internal name of the signer Interner Name des Ausstellers No. revoked Anzahl Number of revoked certificates Anzahl zurückgezogener Zertifikate Last update Letztes update Next update Nächstes Update CRL number CRL Nummer CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) There are no CA certificates for CRL generation Es existieren keine CA Zertifikate für eine CRL generierung Select CA certificate CA Zertifikat wählen Create CRL CRL erstellen Failed to initiate DB transaction Datenbanktransaktion konte nicht gestartet werden Database error: %1 Datenbankfehler: %1 Database error: Datenbankfehler: Revocation list export Sperrliste exportieren Import Import Rename Umbenennen Export Export Clipboard Zwischenablage File Datei Delete Löschen The revocation list already exists in the database as: '%1' and so it was not imported Die Sperrliste existiert bereits in der Datenbank als: '%1' daher wurde sie nicht importiert db_key Key size too small ! Schlüsselgrösse zu klein ! New Key Neuer Schlüssel Import Import Rename Umbenennen Show Details Details anzeigen Export Export Delete Löschen Change password Passwort ändern Reset password Passwort zurücksetzen Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable Soll der Originalschlüssel '%1' durch den Chipkartenschlüssel ersetzt werden? Dies löscht den Schlüssel '%1' und macht ihn nicht-exportierbar Type Typ Size Länge EC Group EC Gruppe Use Benutzt Password Passwort Extending public key from %1 by imported key '%2' Öffentlicher Schlüssel vom %1 durch dem importierten Schlüssel '%2' erweitert Clipboard Zwischenablage File Datei Change PIN PIN ändern Init PIN with SO PIN (PUK) PIN mithilfe der SO PIN (PUK) initialisieren Change SO PIN (PUK) SO PIN (PUK) ändern Store on Security token Auf der Chipkarte speichern Export public key [%1] Export des öffentlichen Schlüssels [%1] PEM public PEM öffentlich DER public DER öffentlich SSH2 public SSH2 öffentlich DER private DER privat PEM encryped PEM verschlüsselt PKCS#8 PKCS#8 PEM private PEM privat SSH2 private SSH2 Privat Export keys to Clipboard Schlüssel In die Zwischenablage exportieren PVK private PVK privat PVK encrypted PVK verschlüsselt PKCS#8 encrypted PKCS#8 verschlüsselt Export private key [%1] Privaten Schlüssel exportieren [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Private Schlüssel ( *.pem *.der *.pk8 );; Öffentliche SSH Schlüssel ( *.pub ) Internal error Interner Fehler Tried to change password of a token The key is already in the database as: '%1' and is not going to be imported Der Schlüssel ist bereits in der Datenbank als: '%1' und wird daher nicht importiert The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key Die Datenbank enthält schon den öffentlichen Schlüssel '%1' und wird duch den importierten, privaten Teil vervollständigt You are sure to create a key of the size: %1 ? Soll wirklich ein Schlüssel der Grösse %1 erstellt werden ? db_temp Type Typ Nothing Nichts Empty template Leere Vorlage Preset Template values Vorlagenwerte voreinstellen XCA templates ( *.xca );; All files ( * ) XCA Vorlagen ( *.xca );; All files ( * ) copy kopie Save template as Vorlage speichern als New Template Neue Vorlage Import Import Rename Umbenennen Export Export Change Ändern Delete Löschen Duplicate Duplizieren Create certificate Zertifikat erstellen Create request Zertifikatsantrag erstellen XCA templates ( *.xca);; All files ( * ) XCA Vorlagen ( *.xca);; All files ( * ) Bad template: %1 Ungültige Vorlage %1 db_x509 Serial Seriennummer md5 fingerprint md5 Fingerprint sha1 fingerprint sha1 Fingerprint sha256 fingerprint sha256 Fingerprint Start date Gültigkeitsbeginn not Before not Before Expiry date Ablaufdatum not After not After MD5 fingerprint MD5 Kennung SHA1 fingerprint SHA1 Kennung SHA256 fingerprint SHA256 Kennung Not before Nicht vor dem Not after Nicht nach dem Trust state Vertrauensstatus Revocation Sperrung CRL Expiration CRL Ablauf Plain View Einfache Ansicht Tree View Baumansicht Failed to retrieve unique random serial Fehler beim Generieren einer eindeutigen zufälligen Seriennummer Signed on %1 by '%2' Am %1 ausgestellt durch '%2' Unknown Unbekannt Invalid public key Ungültiger öffentlicher Schlüssel PKCS#7 unrevoked PKCS#7 nicht gesperrt PEM unrevoked PEM nicht gesperrt vCalendar vCalendar CA vCalendar CA vCalendar X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) X509 Zertifikate ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) days Tage No template Keine Vorlage The key you selected for signing is not a private one. Der ausgewählte Schlüssel zum signieren ist nicht vollständig. Failed to create directory '%1' Verzeichnis '%1' konnte nicht angelegt werden PKCS#7 chain PKCS#7 Zertifikatskette PKCS#12 chain PKCS#12 Zertifikatskette PKCS#7 trusted PKCS#7 vertrauenswürdig PKCS#7 all Alle PKCS#7 New Certificate Neues Zertifikat Import Import Import PKCS#12 Import PKCS#12 Import from PKCS#7 Import von PKCS #7 Rename Umbenennen Show Details Details anzeigen Extract public Key Öffentlichen Schlüssel extrahieren Export Export Clipboard Zwischenablage File Datei Request Zertifikatsantrag OpenSSL config OpenSSL Konfiguration Delete Löschen Trust Vertrauen CA CA reflects the basic Constraints extension Zeigt den Inhalt der basic constraints erweiterung Transform Umwandeln Public Key Öffentlicher Schlüssel Similar Certificate Ähnliches Zertifikat Properties Eigenschaften Generate CRL CRL erstellen PKCS#7 PKCS#7 Sign Unterschreiben Encrypt Verschlüsseln Renewal Verlängerung Unrevoke Sperrung aufheben Revoke Sperrung Certificate export Zertifikatsexport X509 Certificates ( *.pem *.cer *.crt *.p12 *.p7b ) X509 Zertifikate ( *.cer *.crt *.p12 *.p7b ) Not possible for a token key: '%1' Nicht möglich für einen Chipkartenschlüssel '%1' There was no key found for the Certificate: Es wurde kein Schlüssel gefunden für das Zertifikat: File to be signed Zu signierende Datei All Files ( * ) Alle Dateien ( * ) File to be encrypted Zu verschlüsselnde Datei days Tage Security token Chipkarte Template Vorlage Delete from Security token Von der Chipkarte löschen The certificate already exists in the database as: '%1' and so it was not imported Das Zertifikat existiert bereits in der Datenbank als: '%1' und wurde daher nicht importiert PEM chain PEM Kette PKCS #7 chain PKCS #7 Kette PKCS #12 chain PKCS #12 Kette PEM + key PEM + Schlüssel PKCS #7 trusted PKCS #7 vertrauenswürdig PKCS #7 all PKCS #7 alle PEM trusted PEM vertrauenswürdig PEM all PEM alle Certificate Index file Zertifikatsindexdatei There was no key found for the Certificate: '%1' Es wurde kein Schlüssel für das Zertifikat: '%1' gefunden Error opening file: '%1': %2 Fehler '%2' beim öffnen det Datei '%1' Not possible for the token-key Certificate '%1' Nicht möglich für das Chipkartenzertifikat '%1' Store the certificate to the key on the token '%1 (#%2)' ? Soll das Zertifikat zum privaten Schlüssel auf der Chipkarte '%1' mit der Seriennummer %2 abgelegt werden ? Other token Andere Chipkarte db_x509name Subject Inhaber Complete distinguished name Vollständiger name Subject hash Namenshash Hash to lookup certs in directories OpenSSL Prüfsumme zum Auffinden von Zertifikaten in Verzeichnissen Country code Länder code State or Province Bundesland, Kreis Locality Ort Organisation Firma Organisational unit Firmenabteilung Common name Allgemeine Bezeichnung E-Mail address E-Mail Adresse Serial number Seriennummer Given name Vorname Surname Nachname Title Titel Initials Initialien Description Beschreibung Role Rolle Pseudonym Pseudonym Generation Qualifier Generierungskennzeichnung x500 Unique Identifier Eindeutige x500 Identifizierung Name Name DN Qualifier DN Kennzeichnung Unstructured name Unstrukturierter Name Challenge password Passwort nach Aufforderung Basic Constraints Basiseinschränkungen subject alternative name Alternativer Eigentümername issuer alternative name Alternativer Ausstellername Subject key identifier Inhaberschlüssel identifizierung Authority key identifier Ausstellerschlüssel identifizierung Key usage Schlüsselverwendung Extended key usage Erweiterte Schlüsselverwendung CRL distribution points CRL Verteilungspunkte Authority information access Aussteller informations zugriff Certificate type Zertifikatstyp Base URL Basis URL Revocation URL Sperrlisten URL CA Revocation URL CA Sperrlisten URL Certificate renewal URL Zertifikatsverlängerungs URL CA policy URL CA Richtlinien URL SSL server name SSL Servername Comment Kommentar db_x509req Certificate request ( *.pem *.der *.crl ) Zertifikatsantrag ( *.pem *.der *.crl ) Certificate request export Zertifikatsantrag exportieren New Request Neuer Zertifikatsantrag Import Import Extract public Key Öffentlichen Schlüssel extrahieren Rename Umbenennen Show Details Details anzeigen Sign Unterschreiben Export Export Clipboard Zwischenablage OpenSSL config OpenSSL Konfiguration Transform Umwandeln Public Key Öffentlicher Schlüssel Similar Request Ähnlicher Zertifikatsantrag Delete Löschen Signed Signiert whether the request is already signed or not Ob der Zertifikatsantrag bearbeitet wurde oder nicht Unstructured name unstrukturierter Name Challenge password Challenge-Passwort Certificate count Zertifikatszähler Number of certificates in the database with the same public key Anzahl an Zertifikaten in der Datenbank mit dem gleichen öffentlichen Schlüssel Certificate request ( *.pem *.der *.csr ) Zertifikatsantrag ( *.pem *.der *.csr ) File Datei Template Vorlage The certificate signing request already exists in the database as '%1' and thus was not stored Der Request existiert bereits in der Datenbank als '%1' und wurde daher nicht importiert db_x509super Key name Schlüsselname Internal name of the key Interner name des Schlüssels Signature Algorithm Signatur algorithmus Signature algorithm Signatur algorithmus Key type Schlüsseltyp Key size Schlüsselgröße EC Group EC Gruppe Extracted from %1 '%2' Extrahiert aus %1 '%2' Certificate Zertifikat Certificate request Zertifikatsantrag Save as OpenSSL config OpenSSL Konfiguration speichern Config files ( *.conf *.cnf);; All files ( * ) Konfigurations dateien ( *.conf *.cnf);; Alle Dateien ( * ) The following extensions were not ported into the template Die folgenden Extensions wurden nicht ins Template übertragen Transformed from %1 '%2' Umgewandelt von %1 '%2' kvView Type Typ Content Inhalt pass_info Password Passwort PIN PIN pkcs11_lib Failed to open PKCS11 library: %1: %2 PKCS11 Bibliothek %1 konnte nicht geöffnet werden: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Dies scheint keine PKCS#11 Bibliothek zu sein. Sie enthält nicht das Symbol 'C_GetFunctionList'. pki_base Error opening file: '%1': %2 Öffnen der Datei %1 fehlgeschlagen: %2 Error writing to file: '%1': %2 Fehler beim Schreiben der Datei: '%1': %2 Unknown Unbekannt Imported Importiert Generated Erstellt Transformed Umgewandelt Token Chipkarte Legacy Database Alte Datenbank Renewed Erneuert Property '%1' not listed in 'pki_base::print' Eigenschaft '%1' in 'pki_base::print' nicht aufgeführt Error: Fehler: Internal error: Unexpected message: %1 %2 Interner Fehler: Unerwartete Nachricht: %1 %2 pki_crl Delete the revocation list '%1'? Die Sperrliste '%1' löschen? Successfully created the revocation list '%1' Die Sperrliste '%1' wurde erfolgreich erstellt Delete the %1 revocation lists: %2? Die %1 Sperrlisten: %2 löschen? No issuer given Keine Austeller angegeben CRL Renewal of CA '%1' due CRL erneuerung der CA '%1' fällig The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' Die neueste von CA '%1' ausgestellte CRL wird am %2 ablaufen. Sie ist in der XCA Datenbank '%3' gespeichert The XCA CRL '%1', issued on %3 will expire on %4. It is stored in the XCA database '%5' Die am %3 ausgestellte XCA CRL '%1' wird am %4 ablaufen. Diese ist in der XCA Datenbank '%5' gespeichert unknown unbekannt Renew CRL: %1 CRL %1 erneuern The XCA CRL '%1', issued by the CA '%2' on %3 will expire on %4. It is stored in the XCA database '%5' Die XCA CRL '%1', ausgestellt von der CA '%2' am %3 wird am %4 ablaufen. Diese ist in der XCA Datenbank '%5' gespeichert Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. Konnte die Sperrliste %1 nicht laden. Ist weder eine PEM noch eine DER formatierte CRL. Successfully imported the revocation list '%1' Die Sperrliste '%1' wurde erfolgreich importiert Wrong Size %1 Ungültige Größe %1 pki_evp Failed to decrypt the key (bad password) Konnte den Schlüssel nicht entschlüsseln. (Falsches Passwort) Password input aborted Passworteingabe abgebrochen Please enter the password to protect the private key: '%1' Bitte geben sie das Passwort zur Verschlüsselung des privaten Schlüssels: '%1' ein Unable to load the private key in file %1. Tried PEM and DER private, public and PKCS#8 key types. Der Schlüssel aus der Datei %1 konnte nicht geladen werden. Private und öffentliche, sowie PKCS#8 Schlüssel im PEM und DER format wurden versucht. Failed to decrypt the key (bad password) %1 Konnte den Schlüssel nicht entschlüsseln. (Falsches Passwort) %1 Please enter the password to decrypt the private key. Bitte geben sie das Passwort zur Entschlüsselung des privaten Schlüssels ein. Please enter the password to decrypt the private key %1. Bitte das Passwort zur Entschlüsselung des privaten Schlüssels '%1' eingeben. The key from file '%1' is incomplete or inconsistent. Der Schlüssel aus der Datei '%1' ist unvollständig oder inkonsistent. Please enter the password to decrypt the private key from file: %1 Bitte das Passwort zur Entschlüsselung der Schlüsseldatei %1 eingeben Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. Der Schlüssel aus der Datei %1 konnte nicht geladen werden. Private und öffentliche, sowie SSH2 und PKCS#8 Schlüssel im PEM und DER format wurden versucht. Ignoring unsupported private key Ignoriere nicht unterstützen privaten Schlüssel Please enter the password to decrypt the private key: '%1' Bitte das Passwort zur Entschlüsselung des privaten Schlüssels: '%1' eingeben Please enter the database password for encrypting the key Bitte geben sie das Datenbankpasswort zur Verschlüsselung des Schlüssels ein Please enter the password protecting the PKCS#8 key '%1' Bitte das Passwort zum Schutz des PKCS#8 Schlüssels '%1' eingeben Please enter the password protecting the Microsoft PVK key '%1' Bitte das Passwort zum Schutz des Microsoft PVK Schlüssels '%1' eingeben Please enter the export password for the private key '%1' Bitte das Passwort zum Schutz des privaten Schlüssels '%1' eingeben Please enter the database password for decrypting the key '%1' Bitte das Datenbankpasswort zur Entschlüsselung des Schlüssels '%1' eingeben pki_export PEM Text format with headers PEM Textformat mit Kopf- und Fußzeilen Concatenated list of all selected items in one PEM text file Aneinandergereihte Liste aller ausgewählter Einträge in eine PEM Text Datei PEM chain PEM Kette Concatenated text format of the complete certificate chain in one PEM file Aneinandergehängte Zertifikatskette in einer PEM Datei PEM + key PEM + Schlüssel Concatenation of the certificate and the unencrypted private key in one PEM file Das PEM Zertifikat und der unverschlüsselte private PEM Schlüssel in einer Textdatei Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Das PEM Zertifikat und der unverschlüsselte private PKCS#8 Schlüssel in einer Textdatei PKCS#7 encoded single certificate Einzelnes Zertifikat im PKCS#7 format All selected certificates encoded in one PKCS#7 file Alle ausgewählten Zertifikate in einer PKCS#7 Datei PKCS #7 chain PKCS #7 Kette PKCS#7 encoded complete certificate chain Vollständige Zertifikatskette in einer PKCS#7 Datei Binary DER encoded certificate PKCS #12 chain PKCS #12 Kette The complete certificate chain and the private key as encrypted PKCS#12 file Die vollständige Zertifikatskette und der private Schlüssel als verschlüsselte PKCS#12 Datei PKCS #12 The certificate and the private key as encrypted PKCS#12 file Das Zertifikat und der zugehörige private Schlüssel als verschlüsselte PKCS#12 Datei Certificate Index file Zertifikatsindexdatei OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool OpenSSL spezifische Zertifikatsindexdatei in dem Format wie sie von dem OpenSSL 'ca' kommando erzeugt und von der OCSP Funktion benötigt wird vCalendar vCalendar vCalendar expiry reminder for the selected items Fälligkeitserinnerung für alle ausgewählten Elemente im vCalendar Format CA vCalendar CA vCalendar vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL Fälligkeitserinnerung für alle ausgestellten Zertifikate, der CA und der letzten CRL im vCalendar Format PEM public PEM öffentlich Text format of the public key in one PEM file Eine PEM Textdatei mit dem öffentlichen Schlüssel PEM private PEM privat Unencrypted private key in text format Der unverschlüsselte private Schlüssel in einer PEM Textdatei PEM encrypted OpenSSL specific encrypted private key in text format OpenSSL spezifischer privater Schlüssel im Textformat SSH2 private SSH2 Privat SSH2 public SSH2 öffentlich The public key encoded in SSH2 format Der öffentliche Schlüssel im SSH2 Format DER public DER öffentlich Binary DER format of the public key Der öffentliche Schlüssel in einer binären DER Datei DER private DER privat Unencrypted private key in binary DER format Unverschlüsselter privater Schlüssel in einer binären DER Datei PVK private PVK privat Private key in Microsoft PVK format not encrypted Nicht verschlüsselter privater Schlüssel im Microsoft PVK Format PVK encrypted PVK verschlüsselt Encrypted private key in Microsoft PVK format Verschlüsselter privater Schlüssel in einer Microsoft PVK-Datei PKCS #8 encrypted Encrypted private key in PKCS#8 text format Verschlüsselter privater Schlüssel in einer PKCS#8 Textdatei PKCS #8 Unencrypted private key in PKCS#8 text format Unverschlüsselter privater Schlüssel in einer PKCS#8 Textdatei Binary DER format of the certificate request Binary DER format of the revocation list vCalendar reminder for the CRL expiry date XCA template in PEM-like format All selected XCA templates in PEM-like format pki_key Do you really want to export the private key unencrypted to the clipboard ? Soll der private Schlüssel wirklich unverschlüsselt in die Zwischenablage kopiert werden ? Only export the public key Nur den öffentlichen Schlüssel exportieren Export the private key unencrypted Privaten Schlüssel unverschlüsselt exportieren Successfully imported the %1 public key '%2' Der öffentliche %1 Schlüssel '%2' wurde erfolgreich importiert Delete the %1 public key '%2'? Den öffentlichen %1 Schlüssel '%2' löschen? Successfully imported the %1 private key '%2' Der private %1 Schlüssel '%2' wurde erfolgreich importiert Delete the %1 private key '%2'? Den privaten %1 Schlüssel '%2' löschen? Successfully created the %1 private key '%2' Der private %1 Schlüssel '%2' wurde erfolgreich erstellt Delete the %1 keys: %2? Die %1 Schlüssel: %2 löschen? Public key Öffentlicher Schlüssel public key öffentlicher Schlüssel Common Standard Private Privat Bogus Nichts No password Kein Passwort Unexpected SSH2 content: '%1' Unerwarteter SSH2 inhalt: '%1' Invalid SSH2 public key Üngültiger öffentlicher SSH2 Schlüssel Failed writing to %1 Fehler beim Schreiben von %1 PIN PIN pki_multi No known PEM encoded items found Keine bekanntes PEM Format gefunden pki_pkcs12 Please enter the password to encrypt the PKCS#12 file Bitte geben Sie das Passwort zur Verschlüsselung der PKCS#12 Datei an No key or no Cert and no pkcs12 Kein Schlüssel oder kein Zertifikat und kein PKCS#12 Unable to load the PKCS#12 (pfx) file %1. Die PKCS#12 (pfx) Datei %1 konnte nicht geladen werden. Please enter the password to decrypt the PKCS#12 file: %1 Bitte geben Sie das Passwort zur Entschlüsselung der PKCS#12 Datei: %1 ein The supplied password was wrong (%1) Das eingegebene Passwort war falsch (%1) pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. Konnte die PKCS#7 Datei %1 nicht laden. Ist weder im PEM noch im DER Format. pki_scard This Key is already on the token Der Schlüssel ist bereits auf der SmartCard Only RSA and EC keys can be stored on tokens Auf der Chipkarte können nur RSA oder EC Schlüssel gespeichert werden Unable to find copied key on the token Kann den eben kopierten Schlüssel auf der Chipkarte nicht finden Public Key mismatch. Please re-import card Öffentlicher Schlüssel passt nicht. Bitte Chipkarte neu importieren Unable to find generated key on card Kann den erstellten Schlüssel auf der Karte nicht finden Failed to find the key on the token Konnte den Schlüssel auf der Chipkarte nicht finden Invalid Pin for the token Ungültige Pin für die Chipkarte Delete the private key '%1' from the token '%2 (#%3)' ? Soll der private Schlüssel '%1' von der Chipkarte '%2' mit der Seriennummer %3 gelöscht werden ? Successfully imported the token key '%1' Der Chipkartenschlüssel '%1' wurde erfolgreich importiert Delete the token key '%1'? Den Chipkartenschlüssel '%1' löschen? Successfully created the token key '%1' Der Chipkartenschlüssel '%1' wurde erfolgreich erstellt Delete the %1 keys: %2? Die %1 Schlüssel: %2 löschen? PIN input aborted PIN Eingabe abgebrochen Please insert card: %1 %2 [%3] with Serial: %4 Bitte die Chipkarte: %1 %2 [%3] mit Seriennummer: %4 einlegen Illegal Key generation method Ungültige Schlüsselgenerierungsmethode Ignoring unsupported token key Ignoriere nicht unterstützten Chipkartenschlüssel Wrong Size %1 Falsche Größe %1 Token %1 %1 Chipkarte Failed to initialize the key on the token Der Schlüssel auf der Chipkarte konnte nicht initialisiert werden pki_temp Delete the XCA template '%1'? Die XCA Vorlage '%1' löschen? Template file content error (too small) Fehler bei Vorlagendatei (zu klein) Template file content error (bad size) Fehler bei Vorlagendatei (zu klein) Template file content error (too small): %1 Template zu klein: %1 Not a PEM encoded XCA Template Dies ist keine PEM formatierte XCA Vorlage Not an XCA Template, but '%1' Dies ist keine XCA Vorlage, sondern: %1 Template file content error (bad length) :%1 Templatefile ungültig (länge): %1 Wrong Size %1 Ungültige Größe %1 Successfully imported the XCA template '%1' Die XCA Vorlage '%1' wurde erfolgreich importiert Successfully created the XCA template '%1' Die XCA Vorlage '%1' wurde erfolgreich erstellt Delete the %1 XCA templates: %2? Die %1 XCA Vorlagen: %2 löschen? Template file content error (bad size): %1 Templatefile ungültig (Größe): %1 pki_x509 Not trusted Nicht vertrauenswürdig Trust inherited Vertrauensstellung geerbt Always Trusted Immer Vertraut There is no key for signing ! Kein Schlüssel zum Unterschreiben! Delete the certificate '%1'? Das Zertifikat '%1' löschen? Successfully created the certificate '%1' Das Zertifikat '%1' wurde erfolgreich erstellt Delete the %1 certificates: %2? Die %1 Zertifikate: %2 löschen? Unable to load the certificate in file %1. Tried PEM and DER certificate. Das Zertifikat aus der Datei %1 konnte nicht geladen werden. Ist weder PEM noch DER. This certificate is already on the security token Dieses Zertifikat ist bereits auf der Chipkarte Delete the certificate '%1' from the token '%2 (#%3)'? Das Zertifikat '%1' von der Chipkarte '%2 (#%3)' löschen? Renew certificate: %1 Zertifikat %1 erneuern The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' Das XCA Zertifikat '%1', ausgestellt am %2 wird am %3 ablaufen. Es ist in der XCA Datenbank '%4' gespeichert CRL Renewal of CA '%1' due CRL erneuerung der CA '%1' fällig The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' Die neueste von CA '%1' ausgestellte CRL wird am %2 ablaufen. Sie ist in der XCA Datenbank '%3' gespeichert CRL expires: %1 CRL ungültig ab: %1 No Nein Yes Ja Successfully imported the certificate '%1' Das Zertifikat '%1' wurde erfolgreich importiert Wrong Size %1 Ungültige Größe %1 pki_x509req Signing key not valid (public key) Signaturschlüssel ungültig (public key) Delete the %1 certificate request '%2'? Den %1 Zertifikatsantrag '%2' löschen? Successfully imported the %1 certificate request '%2' Der %1 Zertifikatsantrag '%2' wurde erfolgreich importiert Successfully created the %1 certificate request '%2' Der %1 Zertifikatsantrag '%2' wurde erfolgreich erstellt Delete the %1 certificate requests: %2? Die %1 Zertifikatsanträge: %2 löschen? Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. Konnte den Zertifikatsantrag aus der Datei %1 nicht laden. Versuchte Formate PEM, DER und SPKAC. Signed Signiert Unhandled Unbehandelt Wrong Size %1 Ungültige Größe %1 v3ext Copy Common Name Den allgemeinen Bezeichner (common Name) kopieren Add Hinzufügen Delete Löschen Apply Übernehmen Validate Überprüfen Cancel Abbrechen Validation successful: '%1' Überprüfung erfolgreich: '%1' An email address or 'copy' Eine E-Mail adresse oder 'copy' An email address Eine email Adresse a registered ID: OBJECT IDENTIFIER Eine OID numerisch oder als Text a uniform resource indicator Ein Uniform Resource Identifier a DNS domain name Ein DNS domain Name an IP address Eine IP Adresse No editing. Only 'copy' allowed here Kein Editieren. Nur 'copy' möglich, um Subject alternative name vom Aussteller zu kopieren Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' Format:<OID>;TYPE Beispiel: '1.2.3.4:UTF8:name' A registered ID: OBJECT IDENTIFIER Eine OID numerisch oder als Text A uniform resource indicator Ein Uniform Resource Identifier A DNS domain name or 'copycn' Ein DNS domain Name oder 'copycn' A DNS domain name Ein DNS domain Name An IP address Eine IP Adresse Validation failed: '%1' %2 Überprüfung fehlgeschlagen: '%1' %2 void There was no key found for the Certificate: Es wurde kein Schlüssel gefunden für das Zertifikat: Import Certificate signing request Zertifikatsantrag importieren xcaWarning The following error occurred: Der folgende Fehler ist aufgetreten: Copy to Clipboard In die Zwischenablage xcaWarningGui Copy to Clipboard In die Zwischenablage xca-RELEASE.2.5.0/lang/xca_es.ts000066400000000000000000006317421450407711300161220ustar00rootroot00000000000000 Done Hecho About#1 CA Properties Propiedades de la CA CaProperties#1 Use random Serial numbers Usar números de Serie aleatorios CaProperties#2 Default template Plantilla predeterminada CaProperties#4 Details of the Certificate Detalles del Certificado CertDetail#1 S&tatus Estado CertDetail#2 Serial CertDetail#3 Número de serie CertDetail#3 The serial number of the certificate El número de serie del certificado CertDetail#4 The internal name of the certificate in the database El nombre interno del certificado en la base de datos CertDetail#5 Internal name CertDetail#6 Nombre interno CertDetail#6 Signature algorithm CertDetail#7 Firma CertDetail#7 Signature CertDetail#8 Firma CertDetail#8 Key CertDetail#9 Clave CertDetail#9 Fingerprints Huellas digitales CertDetail#10 SHA1 SHA1 CertDetail#11 MD5 MD5 CertDetail#12 Validity CertDetail#15 Validez CertDetail#15 The time since the certificate is valid El momento desde el que el certificado es válido CertDetail#16 The time until the certificate is valid El momento hasta el que el certificado es válido CertDetail#17 &Subject As&unto CertDetail#18 Attributes Atributos CertDetail#20 &Extensions CertDetail#21 &Extensiones CertDetail#21 Show config Mostrar configuración CertDetail#22 Show extensions Mostrar extensiones CertDetail#23 Not available CertDetail#24 No disponible CertDetail#24 Details of the certificate Detalles del certificado CertDetail#25 Not trusted CertDetail#28 No fiable CertDetail#28 Trusted Fiable CertDetail#29 Revoked: Revocado: CertDetail#30 Not valid No válido CertDetail#31 Valid Válido CertDetail#32 Details of the certificate signing request Detalles de la solicitud CertDetail#33 Certificate renewal Renovación de certificado CertExtend#1 Validity CertExtend#3 Validez CertExtend#3 Not before CertExtend#4 No antes de CertExtend#4 Not after CertExtend#5 No después de CertExtend#5 Time range CertExtend#6 Rango de tiempo CertExtend#6 Apply CertExtend#8 Aplicar CertExtend#8 Days CertExtend#9 Días CertExtend#9 Months CertExtend#10 Meses CertExtend#10 Years CertExtend#11 Años CertExtend#11 Midnight CertExtend#12 Medianoche CertExtend#12 Double click for details Haga doble click para obtener detalles ClickLabel#1 Signature CrlDetail#4 Firma CrlDetail#4 Name CrlDetail#6 Nombre CrlDetail#6 ... ... ExportDialog#1 DER is a binary format of the key without encryption PEM is a base64 encoded key with optional encryption PKCS#8 is an encrypted official Key-exchange format DER es un formato binario sin cifrado PEM es un formato texto bas64 con cifrado opcional PKCS#8 es un formato estandar de intercambio de claves ExportKey#7 Please enter the filename for the key. Introduzca nombre de fichero que contendrá la clave. ExportKey#8 Key export Exportar clave ExportKey#10 Name KeyDetail#1 Nombre KeyDetail#1 Public Exponent Exponente público KeyDetail#7 Keysize KeyDetail#8 Tamaño de clave KeyDetail#8 Private Exponent Exponente secreto KeyDetail#9 Modulus Módulo KeyDetail#10 Not available KeyDetail#12 Disponible KeyDetail#12 Available Disponible KeyDetail#15 Private key KeyDetail#18 Exponente secreto KeyDetail#18 &Import MainWindow#4 Importar MainWindow#4 Cancel MainWindow#58 Cancelar MainWindow#58 Password verify error, please try again Contraeña incorrecta, inténtelo de nuevo MainWindow#68 Password MainWindow#69 Contraseña MainWindow#69 Name NewKey#4 Nombre NewKey#4 New Key NewKey#6 Nueva clave NewKey#6 Keysize NewKey#8 Tamaño de clave NewKey#8 Signature algorithm NewX509#16 Firma NewX509#16 Subject NewX509#23 Sujeto NewX509#23 Private key NewX509#36 Exponente secreto NewX509#36 Validity NewX509#56 Validez NewX509#56 Import db_crl#11 Importar db_crl#11 Password db_key#4 Contraseña db_key#4 New Key db_key#10 Nueva clave db_key#10 Import db_key#11 Importar db_key#11 Export db_key#15 Exportar db_key#15 Change password Cambiar contraseña db_key#16 Reset password Restablecer la contraseña db_key#17 Change PIN Cambiar PIN db_key#18 Import db_temp#9 Importar db_temp#9 Export db_temp#11 Importar db_temp#11 Import db_x509#21 Importar db_x509#21 Export db_x509#27 Exportar db_x509#27 Clipboard db_x509#28 Portapapeles db_x509#28 File db_x509#29 Archivo db_x509#29 Request Solicitud db_x509#30 Template db_x509#33 Plantilla db_x509#33 Delete db_x509#35 Eliminar db_x509#35 Subject db_x509name#1 Sujeto db_x509name#1 Signed db_x509req#1 Firma db_x509req#1 Import db_x509req#9 Importar db_x509req#9 Rename db_x509req#11 Renombrar db_x509req#11 Show Details db_x509req#12 Mostrar detalles db_x509req#12 Sign db_x509req#13 Firma db_x509req#13 Export db_x509req#14 Importar db_x509req#14 Password pass_info#1 Contraseña pass_info#1 Cancel v3ext#5 Cancelar v3ext#5 CaProperties CA Properties Propiedades de la CA Form Days until next CRL issuing Días hasta la emisión de CRL Default template Plantilla predeterminada CertDetail Details of the Certificate Detalles del Certificado Status Estado Internal name Nombre interno The internal name of the certificate in the database El nombre interno del certificado en la base de datos Signature Firma Key Clave Serial Número de serie The serial number of the certificate El número de serie del certificado Fingerprints Huellas digitales MD5 MD5 An md5 hashsum of the certificate Un hash MD5 del certificado SHA1 SHA1 A SHA-1 hashsum of the certificate Un hash SHA-1 del certificado SHA256 SHA256 A SHA-256 hashsum of the certificate Un hash SHA-256 del certificado Validity Validez The time since the certificate is valid El momento desde el que el certificado es válido The time until the certificate is valid El momento hasta el que el certificado es válido Subject Sujeto Issuer Emisor Attributes Atributos Extensions Extensiones Show config Mostrar configuración Comment Comentarios Show extensions Mostrar extensiones Show public key Mostrar clave pública This key is not in the database. La clave no existe en la base de datos. Not available No disponible Signer unknown Firmante desconocido Self signed Autofirmado Revoked at %1 Revocado el %1 Revoked: Revocado: Not valid No válido Valid Válido Details of the certificate signing request Detalles de la solicitud de certificado CertExtend Certificate renewal Renovación de certificado This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. Esto creará un nuevo certificado como copia del antiguo con un nuevo número de serie y las fechas de validez modificadas. Validity Validez Not before No antes de Not after No después de Time range Rango de tiempo Local time Hora local Days Días Months Meses Years Años No well-defined expiration Caducidad sin definir Midnight Medianoche Apply Aplicar Revoke old certificate Revocar el certificado antiguo Replace old certificate Keep serial number Mantener el número de serie The certificate will be earlier valid than the signer. This is probably not what you want. El certificado entrará en vigor antes que el certificado firmante. Probablemente no es lo que pretendes. Edit dates Modificar fechas Abort rollout Cancelar la emisión Continue rollout Continuar la emisión Adjust date and continue Ajustar fecha y continuar The certificate will be longer valid than the signer. This is probably not what you want. El certificado caducará después que el certificado firmante. Probablemente no es lo que pretendes. CertTreeView Import PKCS#12 Importar PKCS#12 Import from PKCS#7 Importar desde PKCS#7 Request Solicitud Security token Token de seguridad Other token Otro token Similar Certificate Certificado similar Delete from Security token Eliminar del Token de seguridad CA CA Properties Propiedades Generate CRL Generar CRL Manage revocations Gestionar revocaciones Renewal Renovación Revoke Revocar Unrevoke Deshacer revocación Plain View Vista Plana Tree View Vista de árbol days Días No template Sin plantilla CA Properties Propiedades de la CA Certificate export Exportar certificado X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) ClickLabel Double click for details Haga doble click para obtener detalles CrlDetail Details of the Revocation list Detalles de la lista de revocación &Status E&stado Version Versión Signature Firma Signed by Firmante Name Nombre The internal name of the CRL in the database El nombre interno de la CRL en la base de datos issuing dates Fechas de emisión Next update Siguiente actualización Last update Última actualización &Issuer Em&isor &Extensions &Extensiones &Revocation list Lista de &Revocación Comment Comentarios Failed Error Unknown signer Firmante desconocido Verification not possible Verificación imposible CrlTreeView There are no CA certificates for CRL generation No hay certificados de CA para generar la CRL Select CA certificate Seleccione certificado de CA Revocation list export Exportar lista de revocación CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) ExportDialog Name Nombre The internal name of the CRL in the database El nombre interno de la CRL en la base de datos ... ... Filename Archivo Export comment into PEM file Exportar comentarios al archivo Export Format Formato All files ( * ) Todos los archivos ( * ) PEM Text format with headers Formato de Texto PEM con cabeceras Concatenated list of all selected items in one PEM text file Lista concatenada de todos los elementos seleccionados en un archivo PEM Concatenated text format of the complete certificate chain in one PEM file Cadena de certificados completa, concatenados en formato de texto en un archivo PEM Concatenated text format of all unrevoked certificates in one PEM file Todos los certificados no revocados concatenados en formato de texto en un archivo PEM Concatenated text format of all certificates in one PEM file Todos los certificados concatenados en formato de texto en un archivo PEM Binary DER encoded file Archivo codificado DER binario PKCS#7 encoded single certificate Certificado individual codificado en PKCS#7 PKCS#7 encoded complete certificate chain Cadena de certificados completa codificada en PKCS#7 All unrevoked certificates encoded in one PKCS#7 file Todos los certificados no revocados en un fichero con formato PKCS#7 All selected certificates encoded in one PKCS#7 file Todos los certificados seleccionados en un fichero codificado en PKCS#7 All certificates encoded in one PKCS#7 file Todos los certificados codificados en un fichero PKCS#7 The certificate and the private key as encrypted PKCS#12 file Certificado y su clave privada encriptados en fichero PKCS#11 The complete certificate chain and the private key as encrypted PKCS#12 file La cadena completa de certificados y la clave privada encriptados en fichero PKCS#12 Concatenation of the certificate and the unencrypted private key in one PEM file Certificado y la clave privada sin encriptar concatenados en un único fichero PEM Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Certificado y la clave privada encriptada concatenados en un único fichero con formato PKCS#8 Text format of the public key in one PEM file Clave pública en formato texto en un único archivo PEM Binary DER format of the public key Clave pública en formato DER Binario Unencrypted private key in text format Clave privada desencriptada en un fichero de texto OpenSSL specific encrypted private key in text format Clave privada encriptada en formato de texto específico de OpenSSL Unencrypted private key in binary DER format Clave privada desencriptada en formato DER Binario Unencrypted private key in PKCS#8 text format Clave privada desencriptada en formato PKCS#8 Encrypted private key in PKCS#8 text format Clave privada encriptada en formato de texto PKCS#8 The public key encoded in SSH2 format Clave pública codificada en fomrato SSH2 OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool Fichero de índice de certificados específico de OpenSSL como el comando created by the 'ca' y requerido por la herramienta OCSP vCalendar expiry reminder for the selected items vCalendar con el recordatorio de caducidad de los elementos seleccionados vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL vCalendar con la caducidad de todos los certificados emitidos y válidos; de la propia CA y de la última CRL The file: '%1' already exists! ¡El archivo '%1' ya existe! Overwrite Sobrescribir Do not overwrite No sobrescribir Form last update next update Days Días Months Meses Years Años Apply Aplicar Midnight Medianoche Local time Hora local No well-defined expiration Help << << >> >> &Done &Hecho ImportMulti Import PKI Items Importar elementos PKI Import &All Importar &Todos &Import &Importar &Done &Hecho &Remove from list &Eliminar de la lista Details Detalles Delete from token Eliminar del token Rename on token Renombrar en el token Name: %1 Model: %2 Serial: %3 Nombre: %1 Modelo: %2 Nº serie: %3 Manage security token Gestionar token de seguridad The type of the item '%1' is not recognized El tipo del elemento '%1' no ha sido reconocido Details of the item '%1' cannot be shown Los detalles del elemento '%1' no se pueden mostrar The file '%1' did not contain PKI data El archivo '%1' no contiene datos de PKI The %1 files: '%2' did not contain PKI data Los %1 archivos: '%2' no contienen datos de PKI ItemProperties Name Nombre Source Origen Insertion date Fecha de inserción Comment Comentarios KeyDetail Name Nombre The internal name of the key used by xca El nombre interno de la clave usado por xca Key Clave Public Exponent Exponente público Keysize Tamaño de clave Private Exponent Exponente privado Security Token Token de Seguridad Label Etiqueta PKCS#11 ID ID PKCS#11 Token information Información del token Model Modelo Manufacturer Fabricante Serial Número de serie Fingerprint Huella Comment Comentarios Details of the %1 key Detalles de la clave %1 Not available No disponible Security token Token de seguridad Available Disponible Sub prime Sub prime Public key Clave pública Private key Clave privada Curve name Nombre de curva Unknown key Clave desconocida KeyTreeView Clipboard format Change password Cambiar contraseña Reset password Restablecer la contraseña Change PIN Cambiar PIN Init PIN with SO PIN (PUK) Inicializar PIN con el PIN SO (PUK) Change SO PIN (PUK) Cambiar PIN SO (PUK) Security token Token de seguridad This is not a token Esto no es un token Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable ¿Debe la clave original '%1' ser reemplazada por la clave del token? Esto borrará la clave '%1' y imposibilitará su exportación Export public key [%1] Exportar la clave pública [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Claves privadas ( *.pem *.der *.pk8 );; Claves públicas SSH ( *.pub ) MainWindow Private Keys Claves Privadas &New Key &Nueva Clave &Export &Exportar &Import &Importar Import PFX (PKCS#12) Importar PFX (PKCS#12) &Show Details &Mostrar Detalles &Delete &Borrar Certificate signing requests Solicitudes de certificado &New Request &Nueva Solicitud Certificates Certificados &New Certificate &Nuevo Certificado Import &PKCS#12 Importar &PKCS#12 Import P&KCS#7 Importar P&KCS#7 Plain View Vista Plana Templates Plantillas &New Template &Nueva Plantilla Ch&ange Template C&ambiar Plantilla Revocation lists Listas de Revocación &New CRL &Nueva CRL Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Formato antiguo de base de datos detectado. Creando una copia de seguridad llamada: '%1' y convirtiendo la base de datos al nuevo formato Failed to rename the database file, because the target already exists Error al renombrar el archivo de base de datos, porque el destino ya existe Using or exporting private keys will not be possible without providing the correct password Usar o exportar las claves privadas no será posible sin proporcionar la contraseña correcta The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. El algoritmo de hash '%1' utilizado actualmente no es seguro. Por favor seleccione al menos 'SHA-224' por razones de seguridad. Database Base de datos No deleted items found No se han encontrado elementos eliminados Recent DataBases Bases de datos recientes System Sistema Croatian Croatian English English French French German German Japanese Russian Russian Slovak Slovak Spanish Spanish Persian Bulgarian Polish Polaco Italian Italiano Chinese Chino Dutch Holandés Portuguese in Brazil Portugués de Brasil Indonesian Turkish Turkish Language Idioma &File &Archivo &New DataBase &Nueva base de datos &Open DataBase &Abrir base de datos Open Remote DataBase Abrir base de datos remota Set as default DataBase Establecer Base de datos por defecto &Close DataBase &Cerrar Base de datos New DataBase Nueva Base de datos Open DataBase Abrir Base de datos Close DataBase Cerrar Base de datos Options Opciones Exit Salir I&mport I&mportar Keys Claves Requests Solicitudes PKCS#12 PKCS#12 PKCS#7 PKCS#7 Template Plantilla Revocation list Lista de revocación PEM file Archivo PEM Paste PEM file Pegar archivo PEM Token Token Export Certificate &Index hierarchy Exportar jerarquía del &Indice de Certificados Content Contenido &Token &Token &Manage Security token &Gestionar Token de Seguridad &Init Security token &Iniciar Token de Seguridad &Change PIN &Cambiar PIN Change &SO PIN Cambiar PIN &SO Init PIN Iniciar PIN Extra Extra &Dump DataBase Exportar Base de &Datos &Export Certificate Index &Exportar Índice de Certificados &Export Certificate Index hierarchy &Exportar Jerarquía de Índice de Certificados C&hange DataBase password Ca&mbiar contraseñas de Base de datos &Undelete items Rec&uperar elementos Generate DH parameter Generar parámetro DH OID Resolver Resolución de OID &Help A&yuda &Content &Contenido About Acerca de Search Buscar no such option: %1 No existe la opción: %1 Import PEM data Importar datos PEM Please enter the original SO PIN (PUK) of the token '%1' Por favor, introduzca el PIN SO (PUK) original del token '%1' Please enter the new SO PIN (PUK) for the token '%1' Por favor, introduzca el nuevo PIN SO (PUK) del token '%1' The new label of the token '%1' La nueva etiqueta del token '%1' The token '%1' did not contain any keys or certificates El token '%1' no contiene claves ni certificados Current Password Contraseña actual Please enter the current database password Por favor, introduzca la contraseña actual de la base de datos The entered password is wrong La contraseña introducida es incorrecta New Password Nueva Contraseña Please enter the new password to encrypt your private keys in the database-file Por favor introduzca la nueva contraseña para encriptar las claves privadas en el archivo de base de datos Transaction start failed Inicio de la transacción fallido Database: %1 Please enter a password, that will be used to encrypt your private keys in the database: %1 Por favor, introduzca una contraseña, que será utilizada para encriptar las claves privadas de la base de datos: %1 Password verify error, please try again Contraseña incorrecta, inténtelo de nuevo Password Contraseña Please enter the password for unlocking the database: %1 Por favor, introduzca la contraseña para desbloquear la base de datos: %1 The following error occurred: El siguiente error ha ocurrido: Copy to Clipboard Copiar al Portapapeles Certificate Index ( index.txt ) Índice de Certificados ( index.txt ) All files ( * ) Todos los archivos ( * ) Diffie-Hellman parameters saved as: %1 Parámetros Diffie-Hellman guardados como: %1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits Los parámetros Diffie-Hellman son necesitados por diferentes aplicaciones, pero no son gestionados por XCA. Por favor, introduzca los bits de parámetros DH Error opening file: '%1': %2 Error abriendo el archivo: '%1': %2 NewCrl Last update Última actualización Next update Siguiente actualización Days Días Months Meses Years Años Midnight Medianoche Local time Hora local Apply Aplicar Options Opciones Hash algorithm Algoritmo hash Subject alternative name Nombre alternativo del sujeto Authority key identifier Indentificador de clave de la autoridad CRL number Número de CRL Revocation reasons Razones de revocación Create CRL Crear CRL NewKey New Key Nueva clave Please give a name to the new key and select the desired keysize Por favor, asigne un nombre a la nueva clave y seleccione el tamaño deseado Key properties Propiedades de la clave Name Nombre The internal name of the new key El nombre interno de la nueva clave Curve name Nombre de curva Keysize Tamaño de clave Usually at least 2048 bit keys are recommended Normalmente se recomiendan claves de al menos 2048 bits Keytype Tipo de clave Remember as default Recordar como valores por defecto Create Crear NewX509 Source Origen Signing request Solicitud de firma Show request Mostrar solicitud Sign this Certificate signing &request &Firmar esta solicitud de firma Copy extensions from the request Copiar extensiones de la solicitud Modify subject of the request Modificar sujeto de la solicitud Signing Firma Create a &self signed certificate Crear un certificado &autofirmado Use &this Certificate for signing Usar &este Certificado para firmar All certificates in your database that can create valid signatures Todos los certificados de la base de datos que pueden crear firmas válidas Signature algorithm Algoritmo de Firma Template for the new certificate Plantilla para el nuevo certificado All available templates Todas las plantillas disponibles Apply extensions Aplicar extensiones Apply subject Aplicar sujeto Apply all Aplicar todo Subject Sujeto Internal Name Nombre interno Distinguished name Nombre distinguido Add Añadir Delete Eliminar Private key Clave privada This list only contains unused keys Esta lista contiene únicamente claves sin utilizar Used keys too También claves utilizadas &Generate a new key &Generar una nueva clave Extensions Extensiones Type Tipo If this will become a CA certificate or not Si este será un certificado de CA o no Not defined No definido Certification Authority Autoridad certificadora End Entity Entidad final Path length Longitud de la ruta How much CAs may be below this. Cuantas CAs puede haber dependiendo de esta. The basic constraints should always be critical Las restricciones básicas deben ser siempre críticas Key identifier Identificador de clave Creates a hash of the key following the PKIX guidelines Crea un hash de la clave siguiendo las sugerencias PKIX Copy the Subject Key Identifier from the issuer Copia la clave del identificador del sujeto del emisor Validity Validez Not before No antes de Not after No después de Time range Rango de tiempo Days Días Months Meses Years Años Apply Aplicar Set the time to 00:00:00 and 23:59:59 respectively Establece la hora a 00:00:00 y 23:59:59 respectivamente Midnight Medianoche Local time Hora local No well-defined expiration Caducidad no definida DNS: IP: URI: email: RID: DNS: IP: URI: email: RID: Edit Editar URI: URI: Key usage Uso de la clave Netscape Netscape Advanced Avanzadas Validate Validar Comment Comentarios This name is only used internally and does not appear in the resulting certificate Este nombre sólo se usa internamente y no aparece en el certificado resultante Internal name Nombre interno Critical Crítica Create Certificate signing request Crear solicitud de firma de certificado minimum size: %1 tamaño mínimo: %1 maximum size: %1 tamaño máximo: %1 only a-z A-Z 0-9 '()+,-./:=? únicamente a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters únicamente caracteres 7-bit Edit XCA template Editar plantilla XCA Create x509 Certificate Crear certificado x509 Template '%1' applied Plantilla '%1' aplicada Subject applied from template '%1' Sujeto aplicado de la plantilla '%1' Extensions applied from template '%1' Extensiones aplicadas de la plantilla '%1' New key '%1' created Nueva clave '%1' creada Other Tabs Otras pestañas Advanced Tab Pestaña avanzadas Errors Errores From PKCS#10 request De la solicitud PKCS#10 Abort rollout Cancelar emisión The following length restrictions of RFC3280 are violated: Se violan las siguientes restricciones de longitud de RFC3280: Edit subject Editar sujeto Continue rollout Continuar emisión The verification of the Certificate request failed. The rollout should be aborted. La verificación de la solicitud de certificado ha fallado. La emisión debería ser cancelada. Continue anyway Continuar de todas formas The internal name and the common name are empty. Please set at least the internal name. El nombre interno y el nombre común están vacíos. Por favor, especifique al menos el nombre interno. Edit name Editar nombre There is no Key selected for signing. No se ha seleccionado Clave para la firma. Select key Clave seleccionada The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. Las siguientes entradas del nombre distinguido están vacías: %1 aunque las has declarado como obligatorias en el menú de opciones. The key you selected for signing is not a private one. La clave seleccionada para la firma no es una clave privada. Select other signer Seleccione otro firmante Select other key Seleccione otra clave The currently selected hash algorithm '%1' is insecure and should not be used. Select other algorithm Use algorithm anyway The certificate will be earlier valid than the signer. This is probably not what you want. El certificado entrará en vigor antes que el certificado firmante. Probablemente no es lo que pretendes. Edit dates Modificar fechas Adjust date and continue Ajustar fecha y continuar The certificate will be longer valid than the signer. This is probably not what you want. El certificado caducará después que el certificado firmante. Probablemente no es lo que pretendes. The certificate will be out of date before it becomes valid. You most probably mixed up both dates. El certificado caducará antes de entrar en vigor. Probablemente has cruzado ambas fechas. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. El certificado contiene extensiones no válidas o duplicadas. Compruebe la validación en la pestaña avanzadas. The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. El certificado no contiene extensiones. Debes aplicar las extensiones de una de las plantillas para definir el propósito del certificado. The certificate contains invalid extensions. Edit extensions Modificar extensiones The subject alternative name shall contain a copy of the common name. However, the common name is empty. El nombre alternativo del sujeto debe contener una copia del nombre común. Sin embargo el nombre común está vacío. Configfile error on line %1 Error en la línea %1 del fichero de configuración OidResolver OID Resolver Resolución de OID Enter the OID, the Nid, or one of the textual representations Introduzca el OID, el Nid, o alguna de las representaciones textuales Search Buscar OID OID Long name Nombre largo OpenSSL internal ID ID interno OpenSSL Nid Nid Short name Nombre corto OpenDb Open remote database Abrir base de datos remota Database type Tipo de base de datos Hostname Servidor Username Usuario Password Contraseña Database name Nombre de la base de datos Table prefix Prefijo de tabla No SqLite3 driver available. Please install the qt-sqlite package of your distribution No hay disponible un driver de SqLite3. Por favor instale el paquete 'qt-sqlite' de la distribución Please enter the password to access the database server %2 as user '%1'. Por favor, introduzca la contraseña de acceso del usuario '%1' al servidor de base de datos %2. The database driver does not support transactions. This may happen if the client and server have different versions. Continue with care. El driver de base de datos no soporta transacciones. Esto puede deberse a que el cliente y el servidor sean de versiones diferentes. Continue con cuidado. Options XCA Options Opciones de XCA Settings Ajustes Default hash algorithm Algoritmo de Hash por defecto String types Tipos de cadenas Suppress success messages Suprimir mensajes de éxito Don't colorize expired certificates No colorear los certificados caducados Translate established x509 terms (%1 -> %2) Traducir los términos de x509 (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. La funcionalidad de hash del token no es utilizada por XCA. Sin embargo, puede respetar un conjunto restringido de algoritmos de hash proporcionados por el token. Especialmente EC y DSA están definidos únicamente con SHA.1 en la especificación de PKCS#11. Only use hashes supported by the token when signing with a token key Utilizar sólo los algoritmos hash soportados por el token cuando se firme con una clave de token Disable legacy Netscape extensions Deshabilitar las antiguas extensiones Netscape PKCS12 encryption algorithm Certificate expiry warning threshold Rango de aviso de caducidad de certificado Send vCalendar expiry reminder Enviar recordatorio de caducidad vCalendar Serial number length Longitud del número de serie bit bits Distinguished name Nombre distinguido Mandatory subject entries Entradas obligatorias en el sujeto Add Añadir Delete Eliminar Explicit subject entries Entradas explícitas en el sujeto Dynamically arrange explicit subject entries Agrupar dinámicamente las entradas explícitas del sujeto Default Por defecto PKCS#11 provider Proveedor PKCS#11 Remove Eliminar Search Buscar Printable string or UTF8 (default) Cadena imprimible o UTF8 (por defecto) PKIX recommendation in RFC2459 Recomendación PKIX de la RFC2459 No BMP strings, only printable and T61 Sin cadenas BMP, sólo imprimible y T61 UTF8 strings only (RFC2459) Sólo cadenas UTF8 (RFC2459) All strings Todas las cadenas Days Días Weeks Semanas Load failed Error en la carga PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) La contraseña se convierte a código de hex de 2 dígitos. Debe contener un número par de dígitos (0-9; a-f) Take as HEX string Considerar cadena HEX Password Contraseña Repeat %1 Repita %1 %1 mismatch %1 no coincide Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters La contraseña HEX debe contener sólo los caracteres '0'-'9' y 'a'-'f' y debe consistir en un número par de caracteres Exit Salir E&xit &Salir QMessageBox Cancel Cancelar Apply Aplicar Yes No No QObject Undefined Sin definir Broken / Invalid Erroneo / Inválido in %1 seconds en %1 segundos %1 seconds ago hace %1 segundos in %1 minutes en %1 minutos %1 minutes ago Hace %1 minutos Yesterday Ayer Tomorrow Mañana in %1 hours en %1 horas %1 hours ago Hace %1 horas DB: Rename: '%1' already in use DB: Renombrar: '%1' ya utilizado DB: Entry to rename not found: %1 DB: Entrada a renombrar no encontrada: %1 DB: Write error %1 - %2 DB: Error de escritura %1 -%2 Out of data Faltan datos Error finding endmarker of string Error encontrando el final de la cadena Out of Memory at %1:%2 Error de memoria en %1:%2 Country code Código de país State or Province Estado o Provincia Locality Localidad Organisation Organización Organisational unit Unidad de organización Common name Nombre común E-Mail address Dirección E-Mail Serial number Número de serie Given name Nombre Surname Apellido Title Título Initials Iniciales Description Descripción Role Rol Pseudonym Pseudónimo Generation Qualifier Calificador de Generación x500 Unique Identifier Identificador único x500 Name Nombre DN Qualifier Calificador DN Unstructured name Nombre estructurado Challenge password Contraseña Basic Constraints Restricciones básicas Subject alternative name Nombre alternativo del sujeto issuer alternative name nombre alternativo del emisor Subject key identifier Indentificador de clave de sujeto Authority key identifier Identificador de clave de autoridad Key usage Uso de la clave Extended key usage Uso extendido de la clave CRL distribution points Puntos de distribución de CRL Authority information access Acceso a la información de Autoridad Certificate type Tipo de Certificado Base URL URL Base Revocation URL URL de revocación CA Revocation URL URL de revocación de CA Certificate renewal URL URL de renovación de certificado CA policy URL URL de políticas de CA SSL server name Nombre de servidor SSL Comment Comentarios All files ( * ) Todos los archivos ( * ) PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; SSH Public Keys ( *.pub );; Claves PKI ( *.pem *.der *.key );; Claves PKCS#8 ( *.p8 *.pk8 );; Claves Públicas SSH ( *.pub );; PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK Keys ( *.pvk );; SSH Public Keys ( *.pub );; Import RSA key Importar clave RSA PKCS#10 CSR ( *.pem *.der *.csr );; PKCS#10 CSR ( *.pem *.der *.csr );; Import Request Importar Solicitud Certificates ( *.pem *.der *.crt *.cer );; Certificados ( *.pem *.der *.crt *.cer );; Import X.509 Certificate Importar certificado X.509 PKCS#7 data ( *.p7s *.p7m *.p7b );; Datos PKCS#7 ( *.p7s *.p7m *.p7b );; Import PKCS#7 Certificates Importar Certificados PKCS#7 PKCS#12 Certificates ( *.p12 *.pfx );; Certificados PKCS#12 ( *.p12 *.pfx );; Import PKCS#12 Private Certificate Importar Certificado Privado PKCS#12 XCA templates ( *.xca );; Plantillas XCA (*.xca);; Import XCA Templates Importar Plantillas XCA Revocation lists ( *.pem *.der *.crl );; Listas de Revocación ( *.pem *.der *.crl );; Import Certificate Revocation List Importar Lista de Revocación (CRL) XCA Databases ( *.xdb );; Base de datos XCA (*xdb);; Open XCA Database Abrir Base de datos XCA PKCS#11 library ( *.dll );; Librería PKCS#11 ( *.dll );; PKCS#11 library ( *.dylib *.so );; Librería PKCS#11 ( *.dylib *.so );; PKCS#11 library ( *.so );; Librería PKCS#11 ( *.so );; Open PKCS#11 shared library Abrir librería compartida PKCS#11 PEM files ( *.pem );; Archivos PEM ( *.pem );; Load PEM encoded file Abrir archivo codificado PEM Error reading config file %1 at line %2 Error leyendo fichero de configuración %1 en la línea %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. El Objeto'%1' del archivo %2 línea %3 ya existe como '%4:%5:%6' y debería ser eliminado. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. El identificador '%1' del OID %2 del archivo %3 línea %4 ya está usado par un OID diferente como '%5:%6:%7' y debería ser modificado para evitar conflictos. Unknown object '%1' in file %2 line %3 Objeto desconocido '%1' en archivo %2 línea %3 Please enter the PIN on the PinPad Por favor, introduzca el PIN en el PinPad Please enter the SO PIN (PUK) of the token %1 Por favor, introduzca el PIN SO (PUK) del token %1 Please enter the PIN of the token %1 Por favor, introduzca el PIN del token %1 No Security token found No se ha encontrado Token de seguridad Select Seleccionar Please enter the new SO PIN (PUK) for the token: '%1' Por favor, introduzca el nuevo PIN SO (PUK) para el token: '%1' Please enter the new PIN for the token: '%1' Por favor, introduzca el nuevo PIN para el token: '%1' Required PIN size: %1 - %2 Tamaño de PIN requerido: %1 - %2 Failed to open PKCS11 library: %1 Error al abrir la librería PKCS11: %1 Failed to open PKCS11 library: %1: %2 Error al abrir la librería PKCS11: %1 %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. No parece una librería PKCS#11. Símbolo 'C_GetFunctionList' no encontrado. Disabled Deshabilitado Library loading failed Error cargando librería PKCS#11 function '%1' failed: %2 La función PKCS#11 '%1' falló: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 La función PKCS#11 '%1' falló: %2 en la librería %3 %4 Failed to start a database transaction Error al iniciar transacción de base de datos Invalid No válido %1 is shorter than %2 bytes: '%3' %1 tiene menos de %2 bytes: '%3' %1 is longer than %2 bytes: '%3' %1 tiene más de %2 bytes: '%3' String '%1' for '%2' contains invalid characters La cadena '%1' para '%2' contiene caracteres no válidos Index file written to '%1' Index hierarchy written to '%1' Unknown key type %1 Password verify error, please try again The following error occurred: El siguiente error ha ocurrido: Failed to update the database schema to the current version Password Contraseña ReqTreeView Sign Firma Unmark signed Desmarcar firmado Mark signed Marcar firmado Similar Request Solicitud similar Certificate request export Exportación de solicitud Certificate request ( *.pem *.der *.csr ) Solicitud de firma de certificado ( *.pem *.der *.csr ) RevocationList Manage revocations Gestionar Revocaciones Add Añadir Delete Eliminar Edit Editar No. I understand it as 'Number', right? MRM: Right: that's the spanish 'Number' abbreviation Serial Número de serie Revocation Revocación Reason Razón Invalidation Invalidación Generate CRL Generar CRL Revoke Certificate revocation Revocación de certificados Revocation details Detalles de la revocación Revocation reason Razones de la revocación Local time Hora local Invalid since No válido desde Serial Número de serie SearchPkcs11 Directory Directorio ... ... Include subdirectories Incluir subdirectorios Search Buscar The following files are possible PKCS#11 libraries Los siguientes archivos son posibles librerías PKCS#11 SelectToken Security token Token de seguridad Please select the security token Por favor, seleccione el token de seguridad TempTreeView Duplicate Duplicar Create certificate Crear certificado Create request Solicitud de certificado copy copy Preset Template values Establecer valores de la plantilla Template export XCA Templates ( *.xca ) TrustState Certificate trust Trustment &Never trust this certificate Only &trust this certificate, if we trust the signer &Always trust this certificate Validity yyyy-MM-dd hh:mm yyyy-MM-dd hh:mm X509SuperTreeView OpenSSL config Configuración OpenSSL Transform Transformar Template Plantilla Public key Clave pública Save as OpenSSL config Almacenar como configuración OpenSSL Config files ( *.conf *.cnf);; All files ( * ) Archivo de configuración ( *.conf *.cnf);; Todos los archivos ( * ) XFile Error opening file: '%1': %2 Error rewinding file: '%1': %2 XcaTreeView Item properties Propiedades del elemento Subject entries Entradas del Sujeto X509v3 Extensions Extensiones X509v3 Netscape extensions Extensiones Netscape Key properties Propiedades de la clave Reset Restablecer Hide Column Ocultar columna Details Detalles Columns Columnas New Nuevo Import Importar Paste PEM data Pegar datos PEM Rename Renombrar Properties Propiedades Delete Eliminar Export Exportar Clipboard Portapapeles File Archivo database_model Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Formato antiguo de base de datos detectado. Creando una copia de seguridad llamada: '%1' y convirtiendo la base de datos al nuevo formato Failed to rename the database file, because the target already exists Error al renombrar el archivo de base de datos, porque el destino ya existe Please enter the password to access the database server %2 as user '%1'. Por favor, introduzca la contraseña de acceso del usuario '%1' al servidor de base de datos %2. Unable to create '%1': %2 The file '%1' is not an XCA database No SqLite3 driver available. Please install the qt-sqlite package of your distribution No hay disponible un driver de SqLite3. Por favor instale el paquete 'qt-sqlite' de la distribución New Password Nueva Contraseña Please enter a password, that will be used to encrypt your private keys in the database: %1 Por favor, introduzca una contraseña, que será utilizada para encriptar las claves privadas de la base de datos: %1 Password Contraseña Please enter the password for unlocking the database: %1 Por favor, introduzca la contraseña para desbloquear la base de datos: %1 db_base Internal name Nombre interno No. I understand it as 'Number', right? MRM: Right: that's the spanish 'Number' abbreviation Primary key Clave primaria Database unique number Número único de base de datos Date Fecha Date of creation or insertion Fecha de creación o inserción Source Origen Generated, Imported, Transformed Gemerado, Importado, Transformado Comment Comentarios First line of the comment field Primera línea del campo de comentarios Import from: %1 Could not create directory %1 No se pudo crear el directorio %1 Item properties Propiedades del elemento How to export the %1 selected items Como exportar los %1 elementos seleccionados All in one PEM file Todos en un único archivo PEM Each item in one file Cada elemento en un archivo Save %1 items in one file as Guardar %1 elementos en un archivo como PEM files ( *.pem );; All files ( * ) Archivos PEM ( *.pem );; Todos los archivos ( * ) Error opening file: '%1': %2 Error abriendo archivo: '%1': %2 db_crl Signer Firmante Internal name of the signer Nombre interno del firmante No. revoked Nº revocados Number of revoked certificates Número de certificados revocados Last update Última actualización Next update Siguiente actualización CRL number Número de CRL The revocation list already exists in the database as: '%1' and so it was not imported La lista de revocación ya existe en base de datos como: '%1' Y por lo tanto no será importada Revocation list export Exportar lista de revocación CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) There are no CA certificates for CRL generation No hay certificados de CA para generar la CRL Select CA certificate Seleccione certificado de CA Create CRL Crear CRL Failed to initiate DB transaction Error al iniciar la transacción de DB Database error: %1 Error de base de datos: %1 Database error: Error de base de datos: db_key Type Tipo Size Tamaño EC Group Grupo EC Use Uso Password Contraseña The key is already in the database as: '%1' and is not going to be imported La clave ya existe en base de datos como: '%1' Y por lo tanto no será importada The database already contains the public part of the imported key as '%1' and will be completed by the new, private part of the key La base de datos ya contiene la parte pública de la clave importada como: '%1' Y será completada con la nueva parte privada de la clave The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key La base de datos ya contiene la parte pública de la clave importada como '%1' y será completada con la nueva parte privada de la clave Extending public key from %1 by imported key '%2' Extendiendo la clave pública de %1 con la clave importada '%2' Key size too small ! ¡Tamaño de clave demasiado pequeño! You are sure to create a key of the size: %1 ? ¿Está seguro de crear una nueva clave de tamaño: %1? PEM public PEM publico SSH2 public SSH2 publico PEM private PEM privado Export keys to Clipboard Exportar claves al portapapeles Clipboard Portapapeles Export public key [%1] Exportar la clave pública [%1] DER public DER publico DER private DER privado PEM encryped PEM encriptado PKCS#8 encrypted PKCS#8 encriptado Export private key [%1] Exportar clave privada [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Claves privadas ( *.pem *.der *.pk8 );; Claves públicas SSH ( *.pub ) Internal error Tried to change password of a token Intentó cambiar la contraseña de un token db_temp Empty template Plantilla vacía Bad template: %1 Plantilla incorrecta: %1 Preset Template values Establecer valores de la plantilla Save template as Guardar plantilla como XCA templates ( *.xca );; All files ( * ) Plantillas XCA( *.xca );;Todos los archivos( * ) db_x509 CA CA reflects the basic Constraints extension refleja las extensiones de restricciones básicas Serial Número de serie MD5 fingerprint Huella digital MD5 SHA1 fingerprint Huella digital SHA1 SHA256 fingerprint Huella digital SHA256 Start date Fecha de inicio Not before No antes de Expiry date Fecha de caducidad Not after No después de Revocation Revocación CRL Expiration Caducidad de CRL Plain View Vista Plana Tree View Vista de árbol Failed to create directory '%1' Failed to retrieve unique random serial Error al obtener un número de serie aleatorio único The certificate already exists in the database as: '%1' and so it was not imported El certificado ya existe en base de datos como: '%1' Y por lo tanto no será importado Signed on %1 by '%2' Firmado el %1 por '%2' Unknown Desconocido Invalid public key Clave pública no válida The key you selected for signing is not a private one. La clave seleccionada para la firma no es una clave privada. Store the certificate to the key on the token '%1 (#%2)' ? ¿Guardar el certificado a la clave en el token '%1 (#%2)'? PEM chain Cadena PEM PKCS#7 chain Cadena PKCS#7 PKCS#12 chain Cadena PKCS#12 PEM + key PEM + clave PKCS#7 unrevoked PKCS#7 no revocados PKCS#7 all PKCS#7 todos PEM unrevoked PEM no revocados PEM all PEM Todos Certificate Index file Fichero de índice de certificados vCalendar vCalendar CA vCalendar vCalendar CA Certificate export Exportar certificado X509 Certificates ( *.pem *.cer *.crt *.p12 *.p7b ) Certificados X509 ( *.pem *.cer *.crt *.p12 *.p7b ) There was no key found for the Certificate: '%1' No se ha encontrado clave asociada al Certificado '%1' Not possible for a token key: '%1' No es posible para una clave de token '%1' days Días Error opening file: '%1': %2 Error abriendo archivo: '%1': %2 Not possible for the token-key Certificate '%1' No es posible para un certificado con clave de token '%1' days días No template Sin plantilla db_x509name Subject Sujeto Complete distinguished name Nombre completo Subject hash Hash del sujeto Hash to lookup certs in directories Hash para buscar certificados en directorios db_x509req Signed Firmado whether the request is already signed or not Si el certificado está firmado o no Unstructured name Nombre sin estructurar Challenge password Contraseña Certificate count Número de certificados Number of certificates in the database with the same public key Número de certificados en base de datos con la misma clave pública The certificate signing request already exists in the database as '%1' and thus was not stored La solicitud de firma de certificado ya existe en la base de datos como '%1' y por lo tanto no será almacenada Certificate request export Exportación de solicitud Certificate request ( *.pem *.der *.csr ) Solicitud de firma de certificado ( *.pem *.der *.csr ) db_x509super Key name Nombre de clave Internal name of the key Nombre interno de la clave Signature algorithm Algoritmo de firma Key type Key size EC Group Grupo EC Extracted from %1 '%2' Extraído de %1: '%2' Certificate Certificado Certificate request Solicitud de certificado Save as OpenSSL config Almacenar como configuración OpenSSL Config files ( *.conf *.cnf);; All files ( * ) Archivo de configuración ( *.conf *.cnf);; Todos los archivos ( * ) The following extensions were not ported into the template Las siguientes extensiones no fueron importadas en la plantilla Transformed from %1 '%2' Transformado de %1 '%2' kvView Type Tipo Content Contenido pass_info Password Contraseña PIN PIN pkcs11_lib Failed to open PKCS11 library: %1: %2 Error al abrir la librería PKCS11: %1 %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. No parece una librería PKCS#11. Símbolo 'C_GetFunctionList' no encontrado. pki_base Internal error: Unexpected message: %1 %2 Error interno: Mensaje inesperado: %1 %2 Error opening file: '%1': %2 Error abriendo archivo: '%1': %2 Error writing to file: '%1': %2 Error escribiendo en archivo: '%1': %2 Unknown Desconocido Imported Importado Generated Generado Transformed Transformado Token Token Legacy Database Antigua base de datos Renewed Renovado Property '%1' not listed in 'pki_base::print' pki_crl Successfully imported the revocation list '%1' La lista de revocación '%1' se importó con éxito Delete the revocation list '%1'? ¿Eliminar la lista de revocación '%1'? Successfully created the revocation list '%1' Creada con éxito la lista de revocación '%1' Delete the %1 revocation lists: %2? ¿Eliminar las %1 listas de revocación: %2? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. Imposible cargar la lista de revocación del archivo %1. Se intentó con los formatos de PEM y DER de CRL. No issuer given No se proporcionó emisor Wrong Size %1 Tamaño erroneo: %1 CRL Renewal of CA '%1' due Renovación de CRL de CA '%1' debido a The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' La última CRL emitida por la CA '%1' caducará el %2. Está almacenada en la base de datos de XCA '%3' The XCA CRL '%1', issued on %3 will expire on %4. It is stored in the XCA database '%5' unknown desconocido Renew CRL: %1 Renovar CRL: %1 The XCA CRL '%1', issued by the CA '%2' on %3 will expire on %4. It is stored in the XCA database '%5' La CRL de XCA '%1', emitida por la CA '%2' el %3 caducará el %4. Está almacenada en la base de datos de XCA '%5' pki_evp Failed to decrypt the key (bad password) Error al desencriptar la clave (contraseña incorrecta) Failed to decrypt the key (bad password) %1 Error al desencriptar la clave (contraseña erronea) %1 Please enter the password to decrypt the private key. Por favor, introduzca la contraseña para desencriptar la clave privada. Please enter the password to decrypt the private key %1. The key from file '%1' is incomplete or inconsistent. La clave del fichero '%1' está incompleta o es inconsistente. Please enter the password to decrypt the private key from file: %1 Por favor, introduzca la contraseña para desencriptar la clave privada del archivo: %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. Imposible cargar la clave privada del archivo %1. Se intentó con los formatos de PEM y DER privada, pública, tipos de clave PKCS#8 y formato SSH2. Ignoring unsupported private key Ignorar clave privada no soportada Please enter the password to decrypt the private key: '%1' Por favor, introduzca la contraseña para desencriptar la clave privada: '%1' Password input aborted Introducción de la contraseña abortada Please enter the database password for decrypting the key '%1' Por favor, introduzca la contraseña de base de datos para desencriptar la clave: '%1' Please enter the password to protect the private key: '%1' Por favor, introduzca la contraseña para proteger la clave privada: '%1' Please enter the database password for encrypting the key Por favor, introduzca la contraseña de base de datos para encriptar la clave Please enter the password protecting the PKCS#8 key '%1' Por favor, introduzca la contraseña que protege la clave PKCS#8 '%1' Please enter the password protecting the Microsoft PVK key '%1' Please enter the export password for the private key '%1' Por favor, introduzca la clave de exportación para la clave privada '%1' pki_export PEM Text format with headers Formato de Texto PEM con cabeceras Concatenated list of all selected items in one PEM text file Lista concatenada de todos los elementos seleccionados en un archivo PEM PEM chain Cadena PEM Concatenated text format of the complete certificate chain in one PEM file Cadena de certificados completa, concatenados en formato de texto en un archivo PEM PEM + key PEM + clave Concatenation of the certificate and the unencrypted private key in one PEM file Certificado y la clave privada sin encriptar concatenados en un único fichero PEM Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Certificado y la clave privada encriptada concatenados en un único fichero con formato PKCS#8 PKCS#7 encoded single certificate Certificado individual codificado en PKCS#7 All selected certificates encoded in one PKCS#7 file Todos los certificados seleccionados en un fichero codificado en PKCS#7 PKCS #7 chain PKCS#7 encoded complete certificate chain Cadena de certificados completa codificada en PKCS#7 Binary DER encoded certificate PKCS #12 chain The complete certificate chain and the private key as encrypted PKCS#12 file La cadena completa de certificados y la clave privada encriptados en fichero PKCS#12 PKCS #12 The certificate and the private key as encrypted PKCS#12 file Certificado y su clave privada encriptados en fichero PKCS#11 Certificate Index file Fichero de índice de certificados OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool Fichero de índice de certificados específico de OpenSSL como el comando created by the 'ca' y requerido por la herramienta OCSP vCalendar vCalendar vCalendar expiry reminder for the selected items vCalendar con el recordatorio de caducidad de los elementos seleccionados CA vCalendar vCalendar CA vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL vCalendar con la caducidad de todos los certificados emitidos y válidos; de la propia CA y de la última CRL PEM public PEM publico Text format of the public key in one PEM file Clave pública en formato texto en un único archivo PEM PEM private PEM privado Unencrypted private key in text format Clave privada desencriptada en un fichero de texto PEM encrypted OpenSSL specific encrypted private key in text format Clave privada encriptada en formato de texto específico de OpenSSL SSH2 private SSH2 public SSH2 publico The public key encoded in SSH2 format Clave pública codificada en fomrato SSH2 DER public DER publico Binary DER format of the public key Clave pública en formato DER Binario DER private DER privado Unencrypted private key in binary DER format Clave privada desencriptada en formato DER Binario PVK private Private key in Microsoft PVK format not encrypted PVK encrypted Encrypted private key in Microsoft PVK format PKCS #8 encrypted Encrypted private key in PKCS#8 text format Clave privada encriptada en formato de texto PKCS#8 PKCS #8 Unencrypted private key in PKCS#8 text format Clave privada desencriptada en formato PKCS#8 Binary DER format of the certificate request Binary DER format of the revocation list vCalendar reminder for the CRL expiry date XCA template in PEM-like format All selected XCA templates in PEM-like format pki_key Successfully imported the %1 public key '%2' Importada con éxito la %1 clave pública '%2' Delete the %1 public key '%2'? ¿Eliminar la %1 clave pública '%2'? Successfully imported the %1 private key '%2' Importada con éxito la %1 clave privada '%2' Delete the %1 private key '%2'? ¿Eliminar la %1 clave privada '%2'? Successfully created the %1 private key '%2' Creada con éxito la %1 clave privada '%2' Delete the %1 keys: %2? ¿Eliminar las %1 claves: %2? Public key Clave pública Common Común Private Privada Bogus Falso PIN PIN No password Sin contraseña Unexpected SSH2 content: '%1' Contenido SSH2 inesperado: '%1' Invalid SSH2 public key Clave pública SSH2 no válida Failed writing to %1 Error escribiendo a %1 pki_multi No known PEM encoded items found No se han encontrado elementos PEM codifiicados pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 Por favor, introduzca la contraseña para desencriptar el archvo PKCS#12: %1 Unable to load the PKCS#12 (pfx) file %1. No se puede cargar el archivo PKCS#12 (pfx) %1. The supplied password was wrong (%1) La contraseña introducida es incorrecta (%1) Please enter the password to encrypt the PKCS#12 file Por favor, introduzca la contraseña para encriptar el archvo PKCS#12 No key or no Cert and no pkcs12 No existe clave o no existe certifcado y no existe pkcs12 pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. No se puede cargar el archivo PKCS#7 %1. Se he probado con los formatos PEM y DER. pki_scard Successfully imported the token key '%1' Importada con éxito la clave del token '%1' Delete the token key '%1'? ¿Eliminar la clave del token '%1'? Successfully created the token key '%1' Creada con éxito la clave del token '%1' Delete the %1 keys: %2? ¿Eliminar las %1 claves: %2? Delete the private key '%1' from the token '%2 (#%3)' ? ¿Eliminar la clave privada '%1' del token '%2 (#%3)'? This Key is already on the token Esta Clave ya existe en el token PIN input aborted Introducción de PIN abortada Unable to find copied key on the token No se puede encontrar la clave copiada en el token Please insert card: %1 %2 [%3] with Serial: %4 Por favor, inserte tarjeta: %1 %2 [%3] con Nº de Serie: %4 Public Key mismatch. Please re-import card Error de comprobación de Clave Pública. Por favor, reimporte la tarjeta Illegal Key generation method Método de generación de claves ilegal Unable to find generated key on card No se puede encontrar la clave generada en la tarjeta Ignoring unsupported token key Ignorando clave de token no soportada Wrong Size %1 Tamaño erroneo: %1 Token %1 Token %1 Failed to find the key on the token No se puede encontrar la clave en el token Invalid Pin for the token Pin del token no válido Failed to initialize the key on the token No se puede inicializar la clave en el token pki_temp Successfully imported the XCA template '%1' Importada con éxito la plantilla XCA '%1' Delete the XCA template '%1'? ¿Eliminar la plantilla XCA '%1'? Successfully created the XCA template '%1' Creada con éxito la plantilla XCA '%1' Delete the %1 XCA templates: %2? ¿Eliminar las %1 plantillas XCA: %2? Wrong Size %1 Tamaño erroneo: %1 Template file content error (too small) Error en el contenido del fichero de plantilla (demasiado pequeño) Template file content error (too small): %1 Error en el contenido del fichero de plantilla (demasiado pequeño): %1 Not a PEM encoded XCA Template No es una plantilla XCA codificada en PEM Not an XCA Template, but '%1' No es una Plantilla XCA, sino '%1' pki_x509 Successfully imported the certificate '%1' Importado con éxito el certificado '%1' Delete the certificate '%1'? ¿Eliminar el certificado '%1'? Successfully created the certificate '%1' Creada con éxito el certificado '%1' Delete the %1 certificates: %2? ¿Eliminar los %1 certificados: %2? Unable to load the certificate in file %1. Tried PEM and DER certificate. Imposible cargar el certificado del archivo %1. Se intentó con los formatos de PEM y DER de certificado. This certificate is already on the security token Este certificado ya existe en el token de seguridad Delete the certificate '%1' from the token '%2 (#%3)'? ¿Eliminar el certificado '%1' del token '%2 (#%3)'? There is no key for signing ! ¡No existe clave para la firma! Wrong Size %1 Tamaño erroneo: %1 No No Yes Renew certificate: %1 Renovar certificado: %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' El certificado de XCA '%1', emitido el %2 caducará el %3. Está almacenado en la base de datos de XCA '%4' CRL Renewal of CA '%1' due Renovación de CRL de CA '%1' debido a The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' La última CRL emitida por la CA '%1' caducará el %2. Está almacenada en la base de datos de XCA '%3' pki_x509req Signing key not valid (public key) Clave de firma no válida (clave pública) Successfully imported the %1 certificate request '%2' Importada con éxito la %1 solicitud de certificado '%2' Delete the %1 certificate request '%2'? ¿Eliminar las %1 solicitudes de certificado: '%2'? Successfully created the %1 certificate request '%2' Creada con éxito la %1 solicitud de certificado '%2' Delete the %1 certificate requests: %2? ¿Eliminar las %1 solicitudes de certificado: %2? Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. Imposible cargar la solicitud de certificado del archivo %1. Se intentó con los formatos de PEM, DER y SPKAC. Wrong Size %1 Tamaño erroneo: %1 Signed Firmado Unhandled No manejado v3ext Copy Common Name Copiar Nombre Común Add Añadir Delete Eliminar Apply Aplicar Validate Validar Cancel Cancelar An email address or 'copy' Una dirección de correo o 'copiar' An email address Una dirección de correo A registered ID: OBJECT IDENTIFIER Un ID registrado: OBJECT IDENTIFIER A uniform resource indicator Un indicador de recurso uniforme (URI) A DNS domain name or 'copycn' Un nombre de dominio DNS o 'copycn' A DNS domain name Un nombre de dominio DNS An IP address Una dirección IP Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' Sintaxis: <OID>;TYPE:text por ejemplo '1.2.3.4:UTF8:name' No editing. Only 'copy' allowed here No editar. Sólo 'copiar' está permitido aquí Validation failed: '%1' %2 Error de validación: '%1' %2 Validation successful: '%1' Validado con éxito: '%1' xcaWarning The following error occurred: El siguiente error ha ocurrido: Copy to Clipboard Copiar al Portapapeles xcaWarningGui Copy to Clipboard Copiar al Portapapeles xca-RELEASE.2.5.0/lang/xca_fa.ts000066400000000000000000006136041450407711300160760ustar00rootroot00000000000000 CaProperties Form برگه Days until next CRL issuing تعداد روزهایی که تا صدور فهرست‌ابطال بعدی مانده Default template قالب پیش‌فرض CA Properties ویژگی‌های مرکز صدور گواهی CertDetail Details of the Certificate جزئیات گواهی Serial شماره‌ی دنباله The serial number of the certificate شماره‌ی دنباله‌ی گواهی The internal name of the certificate in the database نام داخلی گواهی در پایگاه‌داده Status وضعیت Internal name نام درونی Signature امضا Key کلید Fingerprints درهم‌ساز‌شده اثر انگشت MD5 MD5 An md5 hashsum of the certificate چکیده‌ی MD5 از گواهی SHA1 SHA1 A SHA-1 hashsum of the certificate چکیده‌ی SHA1 از گواهی SHA256 SHA256 A SHA-256 hashsum of the certificate چکیده‌ی SHA256 از گواهی Validity اعتبار The time since the certificate is valid زمانی که گواهی معتبر می‌شود The time until the certificate is valid زمانی که گواهی منقضی می‌شود Subject پذیرنده Issuer صادرکننده Extensions افزونه‌ها Comment دیدگاه‌ها Attributes مشخصه‌ها Show config نمایش پیکربندی‌ Show extensions نمایش افزونه‌ها Show public key نمایش کلید عمومی This key is not in the database. این کلید در پایگاه داده یافت نشد. Not available غیر قابل دسترسی Signer unknown امضاکننده‌ی ناشناس Self signed خودامضا Revoked at %1 باطل‌شده در %1 Not valid نامعتبر Valid معتبر Details of the certificate signing request جزئیات درخواست امضای گواهی CertExtend Certificate renewal تمدید گواهی This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. این گزینه یک گواهی جدید همانند گواهی پیشین با شماره‌ی دنباله و دوره‌ی اعتبار جدید می‌سازد. Validity محدوده‌‌ی زمانی اعتبار Not before از Not after تا Time range محدوده‌ی زمانی Local time زمان محلی Days روز Months ماه Years سال No well-defined expiration انقضای نامشخص Midnight نیمه‌شب Apply اعمال Revoke old certificate ابطال گواهی پیشین Replace old certificate جایگزینی گواهی پیشین Keep serial number استفاده‌ی مجدد از شماره‌ی دنباله The certificate will be earlier valid than the signer. This is probably not what you want. گواهی پیش ازمحدوده‌ی زمانی اعتبار صادرکننده‌ی خود معتبر می‌باشد. شاید این مورد یک خطا باشد. Edit dates ویرایش تاریخ‌ها Abort rollout لغو صدور مجدد Continue rollout ادامه‌ی صدور دوباره Adjust date and continue پیکربندی تاریخ و ادامه The certificate will be longer valid than the signer. This is probably not what you want. گواهی پس از محدوده‌‌ی زمانی اعتبار صادرکننده‌ی خود معتبر می‌باشد. شاید این مورد یک خطا باشد. CertTreeView Import PKCS#12 درون داد PKCS#12 Import from PKCS#7 معادل import واژه ی import در نظر گرفته شد. درون‌داد از PKCS#7 Request درخواست Security token توکن امنیتی Other token دیگر توکن‌ها Similar Certificate گواهی مشابه Delete from Security token متأسفانه معادل توکن در فارسی یافت نشد. حذف از توکن امنیتی CA مرکز صدور گواهی Properties مشخصه‌ها Generate CRL صدور فهرست ابطال (CRL) Manage revocations مدیریت ابطال Renewal تمدید Revoke ابطال Unrevoke لغو ابطال Plain View نمایش بدون قالب Tree View نمایش درختی days روز No template بدون قالب CA Properties ویژگی‌های مرکز صدور گواهی Certificate export برون‌داد گواهی X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) گواهی x509 (با قالب‌های pem, cer, crt, p12, pfx, p7b) ClickLabel Double click for details برای نمایش جزئیات ، انتخاب کنید CrlDetail Details of the Revocation list جزئیات فهرست ابطال &Status &وضعیت Version نگارش Signature امضا Signed by امضا‌شده با Name نام The internal name of the CRL in the database نام درونی فهرست ابطال در پایگاه داده issuing dates زمان صدور Next update به‌روزرسانی بعدی Last update آخرین به‌روزرسانی &Issuer &صادرکننده &Extensions &افزونه‌ها &Revocation list &فهرست ابطال Comment دیدگاه Failed ناموفق Unknown signer امضا‌کننده‌ی نامشخص Verification not possible اعتبارسنجی امکان‌پذیر نیست CrlTreeView There are no CA certificates for CRL generation هیچ گواهی مرکز صدوری برای صدور فهرست ابطال (CRL) وجود ندارد Select CA certificate انتخاب گواهی مرکز صدور Revocation list export برون‌داد فهرست ابطال CRL ( *.pem *.der *.crl ) فهرست ابطال (CRL) (*.pem *der *.crl) ExportDialog Name نام The internal name of the CRL in the database نام درونی فهرست ابطال در پایگاه داده ... ... Filename معادل واژه‌ی file پرونده در نظر گرفته شده است. نام پرونده نام فایل Export comment into PEM file برون‌داد دیدگاه در پرونده PEM Export Format قالب برون‌داد All files ( * ) همه‌ی پرونده‌ها (*) The file: '%1' already exists! پرونده‌ی %1 در حال حاضر موجود می‌باشد! Overwrite بازنویسی Do not overwrite بدون بازنویسی PEM Text format with headers قالب متنی PEM با سرآیند Concatenated list of all selected items in one PEM text file فهرست همه‌ی موارد در یک پرونده‌ی متنی PEM الحاق‌شده Concatenated text format of the complete certificate chain in one PEM file قالب متنی الحاق‌شده از زنجیره‌ی کامل گواهی در یک پرونده‌ی PEM Concatenated text format of all certificates in one PEM file قالب متنی الحاق‌شده از همه‌ی گواهی‌ها در یک پرونده‌ی PEM Binary DER encoded file پرونده‌ی دودویی در قالب DER PKCS#7 encoded single certificate واژه‌ی encode به جهت استفاده در کنار نام PKCS#7 تک‌‌گواهی در قالب PKCS#7 PKCS#7 encoded complete certificate chain زنجیره‌ی کامل گواهی در قالب PKCS#7 Concatenated text format of all unrevoked certificates in one PEM file قالب متنی الحاق‌شده از همه‌ی گواهی‌های رفع تعلیق‌شده در یک پرونده‌ی متنی PEM All unrevoked certificates encoded in one PKCS#7 file همه‌ی گواهی‌های رفع‌تعلیق‌شده در پرونده با قالب PKCS#7 All selected certificates encoded in one PKCS#7 file همه‌ی گواهی‌های انتخاب‌شده در یک پرونده‌ی در قالب PKCS#7 All certificates encoded in one PKCS#7 file همه‌ی گواهی‌ها در یک پرونده با قالب PKCS#7 The certificate and the private key as encrypted PKCS#12 file گواهی و کلید خصوصی در قالب یک پرونده‌ی PKCS#12 رمزنگاری‌شده The complete certificate chain and the private key as encrypted PKCS#12 file زنچیره‌ی کامل گواهی و کلید خصوصی در قالب یک پرونده‌ی PKCS#12 رمزنگاری‌شده Concatenation of the certificate and the unencrypted private key in one PEM file الحاق کواهی با کلید خصوصی رمزنگاری‌نشده در یک فایل با قالب PEM Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file الحاق گواهی و کلید خصوصی رمزنگاری‌شده در یک فایل با قالب PKCS#8 Text format of the public key in one PEM file قالب متنی کلید عمومی در یک فایل PEM Binary DER format of the public key کلید خصوصی در قالب دودویی DER Unencrypted private key in text format کلید خصوصی رمزنگاری‌نشده در قالب متن OpenSSL specific encrypted private key in text format کلید خصوصی رمزنگاری‌شده مخصوص OpenSSl در قالب متن Unencrypted private key in binary DER format کلید خصوصی رمزنگاری‌نشده در قالب دودویی DER Unencrypted private key in PKCS#8 text format کلید خصوصی رمزنگاری‌نشده در قالب متنی PKCS#8 Encrypted private key in PKCS#8 text format کلید خصوصی رمزنگاری‌شده در قالب متنی PKCS#8 The public key encoded in SSH2 format کلید عمومی در قالب SSH2 OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool پرونده‌ی متنی نمایه‌ی گواهی مختص OpenSSL که با دستور 'ca' ساخته شده و توسط ابزار OCSP مورد نیاز است vCalendar expiry reminder for the selected items یاآوری انقضای vCalander برای موارد انتخاب‌شده vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL یادآوری انقضای vCalander شامل همه‌ی گواهی‌های معتبر صادرشده، خود مرکز صدور و آخرین فهرست ابطال Private key in Microsoft PVK format not encrypted کلید خصوصی در قالب Microsoft PVK به صورت رمزنگاری‌نشده Encrypted private key in Microsoft PVK format کلید خصوصی رمزنگاری‌شده در قالب Microsoft PVK Form last update آخرین به‌رورزرسانی next update به‌روزرسانی بعدی Days روز(ها) Months ماه Years سال Apply اعمال Midnight نیمه‌شب Local time زمان محلی No well-defined expiration انقضای نامشخص Help << << >> >> &Done &انجام‌شده ImportMulti Import PKI Items درون‌داد اشیای زیرساخت کلید عمومی Import &All برون‌داد &همه &Import &درون‌داد &Done &انجام‌شده &Remove from list &حذف از فهرست Details جزئیات Delete from token حذف از توکن Rename on token نام‌جدید بر روی توکن Name: %1 Model: %2 Serial: %3 نام: %1 الگو: %2 شماره‌ی دنباله: %3 Manage security token مدیریت توکن امنیتی Details of the item '%1' cannot be shown جزئیات مورد '%1' قابل نمایش نیست The type of the item '%1' is not recognized نوع مورد %1 شناخته‌شده نیست The file '%1' did not contain PKI data پرونده‌ی '%1' دارای هیچ شئ زیرساخت کلید عمومی نیست The %1 files: '%2' did not contain PKI data %1 قایل: %2 حاوی هیچ داده‌ی زیرساخت کلید عمومی نیست ItemProperties Name نام Source منبع Insertion date تاریخ درج Comment دیدگاه KeyDetail Name نام The internal name of the key used by xca نام درونی کلید که در xca استفاده می شود Security token توکن امنیتی Manufacturer سازنده Serial شماره ی دنباله Key کلید Public Exponent بخش عمومی توان Keysize اندازه ی کلید Private Exponent بخش خصوصی توان Security Token توکن امنیتی Label برچسب PKCS#11 ID شناسه ی PKCS#11 Token information اطلاعات توکن Model الگو Fingerprint اثرانگشت Comment دیدگاه Details of the %1 key جزئیات کلید %1 Not available غیرقابل دسترس Available در دسترس Sub prime زیرمجموعه‌ی اصلی Public key کلید عمومی Private key کلید خصوصی Curve name نام منحنی Unknown key کلید نامشخص KeyTreeView Clipboard format قالب حافظه‌ی رونوشت Change password تغییر گذرواژه Reset password بازنشانی گذرواژه Change PIN تغییر گذرواژه‌ی عدد (PIN) Init PIN with SO PIN (PUK) مقداردهی اولیه PIN با گذرواژه‌ی عددی مدیر (PUK) Change SO PIN (PUK) تغییر گذرواژه‌ی عددی مدیر (PUK) Security token توکن امنیتی This is not a token این توکن شناخته نشد Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable آیا کلید اصلی '%1' باید با کلید روی توکن جابه‌جا شود؟ این گزینه کلید '%1' را پاک خواهد کرد و آن را غیرقابل استخراج می‌کند Export public key [%1] برون‌داد کلید مومی [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) کلید‌های خصوصی ( با قالب‌های pem، der و pk8);; کلیدهای عمومی SSH (با قالب pub) MainWindow Private Keys کلید خصوصی &New Key &کلید جدید &Export &برون‌داد &Import &درون‌داد Import PFX (PKCS#12) درون‌داد با قالب PFX (PKCS#12) &Show Details &نمایش جزئیات &Delete &حذف Certificate signing requests درخواست گواهی امضاشده &New Request &درخواست جدید Certificates گواهی &New Certificate &گواهی جدید Import &PKCS#12 درون‌داد &PKCS#12 Import P&KCS#7 درون‌داد &PKCS#7 Plain View نمایش بدون قالب Templates قالب‌ها &New Template &قالب جدید &New CRL &فهرست ابطال جدید Ch&ange Template &تغییر قالب Revocation lists فهرست های ابطال Using or exporting private keys will not be possible without providing the correct password استفاده و یا برون‌داد کلید‌های خصوصی بدون گذرواژه‌ی درست امکان‌پذیر نیست The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. چکیده‌ساز پیش‌فرض '%1' ناامن است. خواهشمند است به دلایل امنیتی حداقل از SHA 224 استفاده نمائید. Recent DataBases پایگاه‌داده‌های اخیر System سامانه Croatian کرواسی English انگلیسی French فرانسوی German آلمانی Japanese ژاپنی Russian روسی Slovak اسلواکیایی Spanish اسپانیایی Persian فارسی Bulgarian Polish لهستانی Italian ایتالیایی Chinese چینی Dutch هلندی Portuguese in Brazil پرتقالی در برزیل Indonesian اندونزیایی Turkish ترکی Language زبان &File &پرونده Open Remote DataBase بازکزدن پایگاه‌داده‌ی غیرمحلی Set as default DataBase انتخاب به عنوان پایگاه‌داده‌ی پیش‌فرض New DataBase پایگاه‌داده‌ی جدید Open DataBase بازکردن پایگاه‌داده Close DataBase بستن پایگاه‌داده Options گزینه‌ها Exit خروج I&mport &درونداد Keys کلیدها Requests درخواست‌ها PKCS#12 PKCS#12 PKCS#7 PKCS#7 Template قالب Revocation list فهرست ابطال PEM file پرونده ی PEM Paste PEM file چسباندن پرونده‌ی PEM Token توکن Export Certificate &Index hierarchy برون‌داد گواهی &سلسه‌مراتب نمایه Content محتوا &Manage Security token &مدیریت توکن امنیتی &Init Security token &مقداردهی اولیه توکن امنیتی &Change PIN &تغییر گذرواژه ی عددی Change &SO PIN تغییر گذرواژه‌ی عددی &SO Init PIN مقداردهی اولیه‌ی گذرواژه‌ی عددی Extra اضافه &Dump DataBase &خروجی پایگاه‌داده &Export Certificate Index &برون‌داد نمایه‌ی گواهی C&hange DataBase password &تغییر گذرواژه‌ی پایگاه‌داده &Undelete items &عدم حذف موارد Generate DH parameter of fbh صدور مقادیر DH OID Resolver تعیین‌کننده ‌ی مقدار OID &Help &راهنمایی About درباره‌ی نرم‌افزار Import PEM data درون‌داد داده‌های PEM Please enter the original SO PIN (PUK) of the token '%1' خواهشمند است گذرواژه‌ی عددی مدیر (PUK) توکن '%1' را وارد نمایید Search جست‌وجو Please enter the new SO PIN (PUK) for the token '%1' خواهشمند است گذرواژه‌ی عددی مدیر (PUK) برای توکن '%1' را وارد نمایید The new label of the token '%1' برچسب جدید برای توکن '%1' The token '%1' did not contain any keys or certificates توکن '%1'دارای هیچ کلید و یا گواهی نیست Current Password گذرواژه‌ی کنونی Please enter the current database password خواهشمند است گذرواژه‌ی پایگاه‌داده‌ی کنونی را وارد نمایید The entered password is wrong گذرواژه‌ی واردشده نادرست است New Password گذرواژه‌ی جدید Please enter the new password to encrypt your private keys in the database-file خواهشمند است جهت رمزنگاری کلید خصوصی در پرونده‌ی پایگاه‌داده، گذرواژه‌ی جدید را وارد نمایید Transaction start failed آغاز تراکنش با شکست روبه‌رو شد Database: %1 پایگاه‌داده: %1 Certificate Index ( index.txt ) نمایه‌ی گواهی ( index.txt ) All files ( * ) همه‌ی پرونده‌ها ( * ) Diffie-Hellman parameters saved as: %1 مقادیر مورد نیاز برای الگوریتم Diffie-Hellman تحت عنوان %1 ذخیره شدند Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits مقادیر مورد نیاز برای الگورتیم Diffie-Hellman برای کاربردهای دیگری است، اما در XCA پشتیبانی نمی‌شود. خواهشمند است مقادیر مورد نیاز برای الگوریتم DH به صورت بیت وارد نمایید Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format پایگاه داده با قالب قدیمی تشخیص داده شد. ساخت یک رونوشت پشتیبان با نام: '%1' و تبدیل پایگاه‌داده به قالب جدید Failed to rename the database file, because the target already exists به دلیل وجود یک پایگاه‌داده‌ی هم‌نام، نام‌گذاری پرونده‌ی پایگاه داده امکان‌پذیر نیست Database پایگاه داده No deleted items found هیچ مورد پاک‌شده ای یافت نشد no such option: %1 چنین گزینه‌ای موجود نیست: %1 Please enter a password, that will be used to encrypt your private keys in the database: %1 خواهشمند است گذرواژه‌‌ای که برای رمزنگاری کلیدهای خصوصی در پایگاه داده‌ی زیر استفاده می‌شود، وارد نمایید: %1 Password verify error, please try again اعتبارسنجی گذرواژه با خطا مواجه شد، خواهشمند است دوباره تلاش کنید Password گذرواژه Please enter the password for unlocking the database: %1 خواهشمند است برای قفل‌گشایی پایگاه‌داده‌: %1 گذرواژه را وارد نمایید The following error occurred: خطای زیر ایجاد شد: Copy to Clipboard ایجاد رونوشت در حافظه‌رونوشت NewCrl Last update آخرین به‌روزرسانی Next update به‌روزرسانی بعدی Days روز Months ماه Years سال Midnight نیمه‌شب Local time زمانی محلی Apply اعمال Options گزینه‌ها CRL number شماره‌ی فهرست ابطال (CRL) Subject alternative name می‌توان ترجمه‌ی موضوع را هم اضافه کرد. نام جایگزین صاحب گواهی Revocation reasons دلیل ابطال Authority key identifier شناسه‌ی کلید مرکز صدور Hash algorithm الگوریتم چکیده‌ساز Create CRL ساخت فهرست ابطال NewKey Please give a name to the new key and select the desired keysize خواهشمند است نام و طول کلید جدید را انتخاب کنید Key properties ویژگی‌های کلید Name نام The internal name of the new key نام درونی کلید جدید Curve name نام منحنی Usually at least 2048 bit keys are recommended به طول معمول کلید با طول ۲۰۴۸ بیت پیشنهاد می‌شود New Key کلید جدید Keysize طول کلید Keytype نوع کلید Remember as default یادآوری به عنوان پیش‌فرض Create ساختن NewX509 Source منبع Signing request درخواست امضای گواهی Show request نمایش درخواست Sign this Certificate signing &request امضای &درخواست صدور گواهی Copy extensions from the request استفاده از افزونه‌های درخواست Modify subject of the request ویرایش اطلاعات صاحب گواهی Signing امضا Create a &self signed certificate ساخت گواهی &خودامضا Use &this Certificate for signing استفاده از &گواهی برای امضا All certificates in your database that can create valid signatures همه‌ی گواهی‌های موجود در پایگاه‌داده‌ی شما که امکان ساخت امضای معتبر دارند Signature algorithm الگوریتم امضا Template for the new certificate قالب برای گواهی جدید All available templates همه‌ی قالب‌های دردسترس Apply extensions اعمال افزونه Apply subject اعمال صاحب‌گواهی Apply all اعمال همه Subject صاحب گواهی Internal Name نام درونی Distinguished name نام متمایزشده Add افزودن Delete پاک‌کردن Private key کلید خصوصی This list only contains unused keys این فهرست فقط شامل کلید‌های استفاده‌نشده است Used keys too همچنین کلید‌های استفاده‌شده &Generate a new key &تولید یک کلید جدید Extensions افزونه‌ها Type نوع If this will become a CA certificate or not واژه‌ی این به این مورد ترجمه شده است. آیا این مورد به یک گواهی مرکز صدور تبدیل خواهد شد یا خیر Not defined تعریف نشده Certification Authority مرکز صدور گواهی End Entity کاربر نهایی Path length طول مسیر How much CAs may be below this. چه تعداد مرکز صدور گواهی ممکن است زیر مجموعه‌ی این مورد قرار گیرند. The basic constraints should always be critical مشخصه‌ی محدودیت پایه می‌بایست همیشه به صورت بحرانی مقداردهی شود Key identifier واژه‌ی Identifier به مشخصه‌ی یکتا ترجمه شده است مشخصه‌ی یکتای کلید Creates a hash of the key following the PKIX guidelines این مورد یک چکیده از کلید مطابق شیوه‌های PKIX ایجاد می‌کند Copy the Subject Key Identifier from the issuer رونوشت از مشخصه‌ی کلید صاحب گواهی صادرکننده Validity اعتبار Not before از Not after تا Time range محدوده‌ی زمانی Days روز Months ماه Years سال Apply اعمال Set the time to 00:00:00 and 23:59:59 respectively پیکربندی زمان به ترتیب به ۰۰:۰۰:۰۰ و ۲۳:۵۹:۵۹ Midnight نیمه‌شب Local time زمان محلی No well-defined expiration انقضای نامشخص DNS: IP: URI: email: RID: در این مورد ترجمه‌ای صورت نگرفت. DNS: IP: URI: email: RID: Edit ویرایش URI: URI: Key usage کاربرد کلید Netscape نت‌اسکیپ Advanced پیشرفته Validate اعتبارسنجی Comment دیدگاه This name is only used internally and does not appear in the resulting certificate این نام تنها به صورت درونی استفاده شده است و در گواهی نهایی ظاهر نمی‌شود Critical بحرانی Create Certificate signing request ساخت درخواست گواهی امضا‌شده minimum size: %1 کمینه‌ی اندازه: %1 maximum size: %1 بیشینه‌ی اندازه: %1 only a-z A-Z 0-9 '()+,-./:=? تنها نویسه‌های a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters تنها نویسه‌ی خالی ۷ بیتی قابل قبول است Edit XCA template ویرایش قالب XCA Create x509 Certificate صدور گواهی X509 Template '%1' applied قالب %1 اعمال شد Subject applied from template '%1' صاحب گواهی از قالب %1 اعمال شد Extensions applied from template '%1' افزونه‌هایی که از قالب '%1' اعمال شده است New key '%1' created کلید جدید '%1 ساخته شد Other Tabs زبانه‌های دیگر Advanced Tab زبانه‌ی پیشرفته Errors خطاها From PKCS#10 request از درخواست PKCS#10 Abort rollout در مورد تجدید The following length restrictions of RFC3280 are violated: محدودیت‌های طول در RFC3280 نقض شده است: Edit subject ویرایش دارنده Continue rollout ادامه‌ی تجدید The verification of the Certificate request failed. The rollout should be aborted. اعتبارسنجی درخواست گواهی با شکست مواجه شد. فرایند تجدید باید لغو شود. Continue anyway ادامه در هر صورت The internal name and the common name are empty. Please set at least the internal name. نام درونی و نام عمومی خالی هستند. خواهشمند است حداقل نام درونی پر کنید. Edit name ویرایش نام There is no Key selected for signing. هیچ کلید انتخاب‌شده‌ای برای امضا موجود نیست. Select key انتخاب کلید The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. نام‌های مدخل متمایزکننده‌ی زیر خالی هستند: %1 بنابراین شما آن‌ها را در فهرست گزینه‌ها الزامی کردید. The key you selected for signing is not a private one. کلیدی که شما برای امضا انتخاب کرده‌اید، کلید خصوصی نیست. Select other signer امضاکننده‌ی دیگری را انتخاب کنید Select other key کلید دیگری را انتخاب کنید The currently selected hash algorithm '%1' is insecure and should not be used. الگوریتم انتخاب‌شده‌ی کنونی '%1' ناامن است و توصیه می‌شود از آن استفاده نشود. Select other algorithm انتخاب دیگر الگوریتم‌ها Use algorithm anyway استفاده از الگوریتم به هر صورت The certificate will be earlier valid than the signer. This is probably not what you want. گواهی پیش از امضاکننده معتبر است. احتمالا این چیزی نیست که شما می‌خواهید. Edit dates ویرایش تاریخ‌ها Adjust date and continue تنظیم تاریخ و ادامه The certificate will be longer valid than the signer. This is probably not what you want. گواهی بیشتر از دوره‌ی اعتبار امضا‌کننده معتبر است. احتمالا این چیزی است که شما نمی‌خواهید. The certificate will be out of date before it becomes valid. You most probably mixed up both dates. گواهی پیش از آن‌که معتبر شود، به روز نیست. شما احتمالا چند تاریخ را با هم اشتباه گرفته‌اید. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. گواهی دارای افزونه‌های غیرمعتبر یا تکراری است. اعتبار آن‌ها را در زبانه‌ی پیشرفته بررسی کنید. The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. گواهی هیچ افزونه‌ای ندارد. شما باید یکی از افزونه‌های مورد نیاز برای استفاده گواهی که در قالب تعریف شده است اعمال کنید. The certificate contains invalid extensions. Edit extensions ویرایش افزونه‌ها The subject alternative name shall contain a copy of the common name. However, the common name is empty. نام جایگزین دارنده باید شامل یک رونوشت از نام عمومی باشد. در هر حال، نام عمومی خالی است. Configfile error on line %1 خطای پرونده‌ی پیکربندی در خط %1 OidResolver OID Resolver تعیین‌کننده ‌ی مقدار OID Enter the OID, the Nid, or one of the textual representations مقدارهای OID، Nid، و یا یکی از نمایش‌های متنی را وارد کنید Search جست‌وجو OID OID Long name نام بلند OpenSSL internal ID شناسه‌ی درونی OpenSSL Nid Nid Short name نام کوتاه OpenDb Open remote database بازکردن پایگاه‌داده‌ی غیرمحلی Database type نوع پایگاه‌داده Hostname نام میزبان Username نام کاربری Password گذرواژه Database name نام پایگاه‌داده Table prefix پیشوند جدول No SqLite3 driver available. Please install the qt-sqlite package of your distribution راه‌اندازی Sqlite3 در دسترس نیست. خواهشمند است بسته‌ی qt-sqlite را برای توزیع خود نصب کنید Please enter the password to access the database server %2 as user '%1'. خواهشمند است گذرواژه ی دستیابی به خدمت‌گزار پایگاه‌‌داده '%2' به عنوان کاربر '%1' وارد کنید. The database driver does not support transactions. This may happen if the client and server have different versions. Continue with care. راه‌انداز پایگاه‌داده از تراکنش‌ها پشتیبانی نمی‌کند. ممکن است دلیل آن نگارش‌های مختلف مشتری و خدمت‌گزار باشد. با توجه به این ادامه دهید. Options XCA Options گزینه‌های XCA Settings پیکربندی‌ها Default hash algorithm الگوریتم چکیده‌ساز پیش‌فرض String types انواع رشته‌ها Suppress success messages توقف پیام‌های موفقیت Don't colorize expired certificates گواهی‌های منقضی‌شده را رنگی نکن Translate established x509 terms (%1 -> %2) ترجمه‌ی موارد تعیین‌شده در x509 (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. کارکرد چکیده‌سازی توکن در XCA استفاده نمی‌شود. ممکن است از مجموعه‌ی توابع چکیده‌ساز محدود‌شده توسط توکن استفاده شود. به طور ویژه، EC و DSA تنها در SHA1 از مشخصات فنی PKCS#11 تعریف شده است. Only use hashes supported by the token when signing with a token key تنها از چکیده‌سازهایی که در توکن پشتیبانی می‌شود، هنگام امضای با کلید توکن استفاده شود Disable legacy Netscape extensions غیرفعال‌سازی افزونه‌های Netscape قدیمی PKCS12 encryption algorithm الگورتیم رمزنگاری PKCS12 Certificate expiry warning threshold آستانه‌ی هشدار انقضای گواهی Send vCalendar expiry reminder فرستادن شماره‌ی انقضای vCalander Serial number length طول شماره‌ی ردیف bit بیت Distinguished name نام متمازه‌شده Mandatory subject entries ورودی‌های الزامی صاحب‌گواهی Add افزودن Delete برخی موارد پاک‌کردن استفاده شده که باید تصحیح شود. پاک‌کردن Explicit subject entries ورودی‌های صریح صاحب‌گواهی Dynamically arrange explicit subject entries به طور پویا ورودی‌های صریح صاحب گواهی را بچین Default پیش‌فرض PKCS#11 provider فراهم‌کننده‌ی PKCS#11 Remove پاک کردن Search جست‌وجو Printable string or UTF8 (default) رشته‌ی قابل چاپ یا UTF8 (پیش‌فرض) PKIX recommendation in RFC2459 توصیه‌ی PKIX در RFC2459 No BMP strings, only printable and T61 رشته‌های BMP قابل قبول نیست، تنها قابل چاپ و T61 UTF8 strings only (RFC2459) تنها رشته‌های UTF8(RFC2459( All strings همه‌ی رشته‌ها Days روزها Weeks هفته‌ها PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) گذرواژه با عدد ۲ رقمی در مبنای ۱۶ تجزیه شد. باید تعداد زوج از رقم‌ها (0-9 و a-f) داشته باشد Take as HEX string گرفتن به عنوان رشته بر اساس رقم‌های مبنای ۱۶ Repeat %1 تکرار %1 %1 mismatch %1 نامنطبق Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters گذرواژه‌ی با ارقام مبنای ۱۶ باید شامل نویسه‌های '0' تا '9' و 'a' تا'f' باشد و باید شامل تعداد زوج از نویسه‌ها باشد Exit خروج Password گذرواژه E&xit خ&روج QMessageBox Ok تأیید Close بستن Cancel لغو Apply اعمال Yes بله No خیر QObject Undefined تعریف‌نشده Broken / Invalid معیوب / نامعتبر in %1 seconds در %1 ثانیه %1 seconds ago %1 ثانیه پیش in %1 minutes در %1 دقیقه %1 minutes ago %1 دقیقه پیش Yesterday دیروز Tomorrow فردا in %1 hours در %1 ساعت %1 hours ago %1 ساعت پیش Out of data خارج از داده Error finding endmarker of string نشانه‌ی پایانی یافتن خطا در رشته All files ( * ) همه‌ی پرونده‌ها (*) PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK Keys ( *.pvk );; SSH Public Keys ( *.pub );; کلید زیرساخت کلید عمومی (در قالب pem، der ، key);; کلیدهای PKCS#8 (در قالب p8، pk8);; کلیدهای Microsoft PVK (در قالب pvk);; کلیدهای عمومی SSH (در قالب pub) Import RSA key درون‌داد کلید RSA PKCS#10 CSR ( *.pem *.der *.csr );; Import Request درون‌داد درخواست Certificates ( *.pem *.der *.crt *.cer );; گواهی‌های دیجیتال (با پسوند pem، der، crt، cer) Import X.509 Certificate درون‌داد گواهی‌های ‌X509 PKCS#7 data ( *.p7s *.p7m *.p7b );; داده‌های PKCS#7 (با پسوند p7s، p7m، p7b) Import PKCS#7 Certificates درون‌داد گواهی‌های PKCS#7 PKCS#12 Certificates ( *.p12 *.pfx );; گواهی‌های PKCS#12 (با پسوند p12، pfx) Import PKCS#12 Private Certificate درون‌داد گواهی خصوصی PKCS#12 XCA templates ( *.xca );; قالب‌های XCA (با پسوند xca) Import XCA Templates درون‌داد قالب‌های XCA Revocation lists ( *.pem *.der *.crl );; فهرست‌های ابطال (با پسوند pem, der , crl) Import Certificate Revocation List درون‌داد فهرست ابطال گواهی XCA Databases ( *.xdb );; پایگاه‌‌داده های (با پسوند xdb) Open XCA Database باز کردن پایگاه‌داده‌ی XCA PKCS#11 library ( *.dll );; کتاب‌خانه‌ی PKCS#11 (با پسوند dll) PKCS#11 library ( *.dylib *.so );; کتابخانه‌ی PKCS#11 (با پسوند dylib, so) PKCS#11 library ( *.so );; کتابخانه‌ی PKCS#11 (با پسوند so) Open PKCS#11 shared library باز کردن کتابخانه‌‌ی اشتراکی PKCS#11 PEM files ( *.pem );; پرونده‌های PEM (با پسوند pem) Load PEM encoded file بارگذاری پرونده‌های رمزنگاری شده‌ی PEM Please enter the PIN on the PinPad خواهشمند است گذرواژه‌ی عددی (PIN) را بر روی دستگاه رمزخوان (PinPad) وارد کنید Please enter the SO PIN (PUK) of the token %1 خواهشمند است گذرواژه‌ی عددی مدیریتی (PUK) توکن %1 را وارد نمایید Please enter the PIN of the token %1 خواهشمند است گذرواژه‌ی عددی (PIN) %1 را وارد نمائید No Security token found هیچ توکن امنیتی یافت نشد Select انتخاب کنید Please enter the new SO PIN (PUK) for the token: '%1' خواهشمند است گذرواژه‌ی عددی مدیر (PUK) برای توکن '%1' را وارد نمایید Please enter the new PIN for the token: '%1' خواهشمند است گذرواژه‌ی عددی (PIN) جدید برای توکن '%1' را وارد نمایید Required PIN size: %1 - %2 گذرواژه‌ی عدد (PIN) با اندازه‌ی: %1 - %2 مورد نیاز است Disabled غیرفعال‌شده Library loading failed بارگذاری کتابخانه با شکست مواجه شد PKCS#11 function '%1' failed: %2 تابع PKCS#11 در '%1' با شکست مواجه شد: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 تابغ PKCS#11 در '%1' با شکست مواجه شد: %2 در کتابخانه‌ی %3 %4 Invalid نامعتبر %1 is shorter than %2 bytes: '%3' %1 کوتاه‌تر از %2 بایت است: '%3' %1 is longer than %2 bytes: '%3' %1 بلندتر از %2 بایت است: '%3' String '%1' for '%2' contains invalid characters رشته‌ی '%1' برای '%2' دارای نویسه‌های نادرست است Error reading config file %1 at line %2 خطا در خوانش پرونده‌ی پیکربندی %1 در خط %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. شئ '%1' از پرونده‌ی %2 خط %3 در حال حاضر به عنوان %4:%5:%6 شناخته می‌شود و باید حذف شود. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. شناسه‌ی '%1' برای OID با مشخصات %2 از پرونده‌ی %3 خط %4 در حال حاضر برای OID متفاوتی به عنوان '%5:%6:%7 استفاده می شود و باید جهت جلوگیری از ناسازگاری، تغییر یابد. Unknown object '%1' in file %2 line %3 شي ناشناخته '%1' در پرونده‌ی %2 خط %3 Failed to start a database transaction آغاز تراکنش پایگاه داده با شکست مواجه شد Country code کد کشور State or Province ایالت یا استان Locality محلیت Organisation سازمان Organisational unit واحد سازمان Common name نام عمومی گواهی E-Mail address نشانی رایانامه Serial number شماره‌ی ردیف Given name نام مشخص‌شده Surname نام خانوادگی Title عنوان Initials مقادیر اولیه Description توضیحات Role نقش Pseudonym نام مستعار Generation Qualifier شرایط صدور x500 Unique Identifier شناسه‌ی متمایزکننده‌ی X500 Name نام DN Qualifier DN متمایزکننده واجد شرایط Unstructured name نام غیر ساخت‌یافته Challenge password گذرواژه‌ی چالش Basic Constraints محدودکننده‌های پایه (Basic Constraints) Subject alternative name نام جایگزین صاحب گواهی issuer alternative name نام جایگزین صادرکننده گواهی Subject key identifier شناسه‌ی کلید صاحب گواهی Authority key identifier شناسه‌ی کلید صادرکننده گواهی Key usage مورد استفاده کلید Extended key usage مورد استفاده‌ی بسط‌یافته CRL distribution points نشانی توزیع فهرست ابطال (CRL) Authority information access دستیابی به اطلاعات صدور Certificate type نوع گواهی Base URL URL پایه Revocation URL URL ابطال CA Revocation URL URL ابطال مرکز صدور Certificate renewal URL URL تمدید گواهی CA policy URL URL سیاست‌های مرکز صدور SSL server name نام خدمت‌گزار SSL Comment دیدگاه Index file written to '%1' پرونده‌ی نمایه‌ها نوشته شده بر روی '%1' Index hierarchy written to '%1' سلسله‌مراتب نمایه نوشته‌شده بر روی '%1' Unknown key type %1 نوع کلید ناشناخته %1 Password verify error, please try again خطا در اعتبارسنجی گذرواژه، خواهشمند است دوباره تلاش کنید The following error occurred: خطای زیر ایجاد شد: Failed to update the database schema to the current version به‌روزرسانی شمای پایگاه‌داده به نگارش کنونی امکان‌پذیر نیست Password گذرواژه Out of Memory at %1:%2 کمبود حافظه در %1:%2 Invalid filename: %1 نام پرونده‌ی نامعتبر: %1 Failed to open PKCS11 library: %1: %2 بازکردن کتابخانه‌ی PKCS#11 با شکست مواجه شد: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. به نظر نمی‌رسد که این کتابخانه‌ی PKCS#11 معتبر باشد. نماد تابع 'C_GetFunctionList' یافت نشد. ReqTreeView Sign امضا Unmark signed عدم انتخاب امضا Mark signed انتخاب امضا Similar Request درخواست مشابه Certificate request export برون‌داد درخواست صدور گواهی Certificate request ( *.pem *.der *.csr ) درخواست صدور گواهی (با قالب‌های pem، der, csr) RevocationList Manage revocations مدیریت ابطال‌ها Add افزودن Delete حذف کردن Edit ویرایش No. شماره‌‌ی. Serial شماره‌ی ردیف Revocation ابطال Reason دلیل Invalidation غیرمعتبرسازی Generate CRL تولید CRL Revoke Certificate revocation ابطال گواهی Revocation details جزئیات ابطال Revocation reason دلیل ابطال Local time زمان محلی Invalid since نامعتبر از Serial شماره ی ردیف SearchPkcs11 Directory مسیر پوشه ... ... Include subdirectories دربرگشتن زیرپوشه‌ها Search جست‌وجو The following files are possible PKCS#11 libraries پرونده‌های زیر کتابخانه‌های مورد استفاده‌ی PKCS#7 هستند SelectToken Security token توکن امنیتی Please select the security token خواهشمند است توکن امنیتی را برگزینید TempTreeView Duplicate تکثیر Create certificate صدور گواهی Create request صدور درخواست copy رونوشت Preset Template values مقادیر قالب از پیش تعیین‌شده Template export برون‌داد قالب XCA Templates ( *.xca ) قالب‌های XCA (با پسوند xca) TrustState Certificate trust گواهی اعتماد Trustment اعتماد &Never trust this certificate &هرگز به این گواهی اعتماد نکن Only &trust this certificate, if we trust the signer فقط به این گواهی &اعتماد کن، اگر ما به امضا کننده اعتماد کردیم &Always trust this certificate &همیشه به این گواهی اعتماد کن Validity yyyy-MM-dd hh:mm yyyy-MM-dd hh:mm X509SuperTreeView OpenSSL config پیکربندی OpenSSL Transform تبدیل Template قالب Public key کلید عمومی Save as OpenSSL config ذخیره به عنوان پیکربندی Open SSL Config files ( *.conf *.cnf);; All files ( * ) پرونده‌های پیکربندی (با قالب conf, cnf) ;; همه‌ی پرونده‌ها (با همه‌ی قالب‌ها) XFile Error opening file: '%1': %2 خطا در بازکردن پرونده: '%1': %2 Error rewinding file: '%1': %2 خطا در بازنویسی پرونده: '%1': %2 XcaTreeView Item properties مشخصه‌های موارد Subject entries ورودی‌های صاحب گواهی X509v3 Extensions افزونه‌های X509v3 Netscape extensions افزونه‌های Netscape Key properties مشخصات کلید Reset بازیابی Hide Column پنهان‌کردن ستون Details جزئیات Columns ستون‌ها New جدید Import درون‌داد Paste PEM data چسباندن داده‌ی PEM Rename تغییرنام Properties مشخصات Delete پاک کردن Export برون‌داد Clipboard حافظه‌ی رونوشت File پرونده database_model Please enter the password to access the database server %2 as user '%1'. خواهشمند است گذرواژه ی دستیابی به خدمت‌گزار پایگاه‌‌داده '%2' به عنوان کاربر '%1' وارد کنید. Unable to create '%1': %2 امکان ساخت '%1' نیست: %2 The file '%1' is not an XCA database پرونده‌ی '%1' یک پایگاه داده‌ی XCA نیست No SqLite3 driver available. Please install the qt-sqlite package of your distribution راه‌اندازی Sqlite3 در دسترس نیست. خواهشمند است بسته‌ی qt-sqlite را برای توزیع خود نصب کنید New Password گذرواژه‌ی جدید Please enter a password, that will be used to encrypt your private keys in the database: %1 خواهشمند است گذرواژه‌‌ای که برای رمزنگاری کلیدهای خصوصی در پایگاه داده‌ی زیر استفاده می‌شود، وارد نمایید: %1 Password گذرواژه Please enter the password for unlocking the database: %1 خواهشمند است برای قفل‌گشایی پایگاه‌داده‌: %1 گذرواژه را وارد نمایید db_base Internal name نام درونی No. شماره. Primary key کلید اصلی Database unique number شماره‌ی یکتای پایگاه داده Date تاریخ Date of creation or insertion تاریخ ساخت یا درج Source منبع Generated, Imported, Transformed صادر‌شده، درون‌داده‌شده، تبدیل‌شده Comment دیدگاه First line of the comment field نخستین خط از مشخصه‌ی دیدگاه Import from: %1 درون‌داد از: %1 Could not create directory %1 ساخت مسیر %1 امکان پذیر نیست Item properties مشخصه‌های موارد How to export the %1 selected items چگونه %1 مورد انتخاب‌شده را برون‌داد کرد All in one PEM file همه‌چیز یک‌جا در یک پرونده‌ی PEM Each item in one file هر مورد در یک پرونده Save %1 items in one file as ذخیره‌ی %1 مورد از یک فایل به عنوان PEM files ( *.pem );; All files ( * ) پرونده‌های با قالب PEM (*.pem);; همه‌ی پرونده‌ها (*) db_crl Signer امضا‌کننده Internal name of the signer نام درونی امضا‌کننده No. revoked شماره‌‌ی . ابطال‌شده Number of revoked certificates شماره‌ی گواهی‌های ابطال‌شده Last update آخرین به‌روزرسانی Next update به‌روزرسانی بعدی CRL number شماره‌ی فهرست ابطال (CRL) The revocation list already exists in the database as: '%1' and so it was not imported فهرست ابطال در حال حاضر در پایگاه داده به عنوان '%1' وجود دارد و بنابراین فهرست ابطال انتخابی درون‌داد نشد Failed to initiate DB transaction مقداردهی اولیه ناموفق در پایگاه داده‌ی تراکنش‌ها Database error: %1 خطای پایگاه داده: %1 Revocation list export برون‌داد فهرست ابطال CRL ( *.pem *.der *.crl ) فهرست ابطال (CRL) (*.pem *der *.crl) There are no CA certificates for CRL generation هیچ گواهی مرکز صدوری برای صدور فهرست ابطال (CRL) وجود ندارد Select CA certificate انتخاب گواهی مرکز صدور Create CRL ساخت فهرست ابطال db_key Type نوع Size اندازه EC Group گروه EC Use استفاده Password گذرواژه The key is already in the database as: '%1' and is not going to be imported کلید در حال حاضر در پایگاه‌داده به عنوان '%1' قرار دارد و بنا نیست که درو‌ن‌داد شود The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key پایگاه داده هم‌اکنون دارای بخش عمومی کلید درون‌داد‌شده به عنوان %1 می‌باشد و با بخش خصوصی جدید کلید تکمیل خواهد شد Extending public key from %1 by imported key '%2' گسترش کلید عمومی از %1 با کلید درون‌داده‌شده‌ی %2 Key size too small ! طول کلید بسیار کوچک است ! You are sure to create a key of the size: %1 ? آیا از ساخت کلید با اندازه‌ی %1 اطمینان دارید ؟ Internal error خطای درونی Tried to change password of a token برای تغییر گذرواژه‌ی توکن تلاش شد PEM public PEM عمومی SSH2 public SSH2 عمومی PEM private PEM خصوصی SSH2 private SSH2 خصوصی Export keys to Clipboard برون‌داد کلید‌ها در حافظه‌ی رونوشت Clipboard حافظه‌ی رونوشت Export public key [%1] برون‌داد کلید مومی [%1] DER public DER عمومی DER private DER خصوصی PEM encryped PEM رمزنگاری‌شده PVK private PVK خصوصی PVK encrypted PVK رمزنگاری‌شده PKCS#8 encrypted PKCS#8 رمزنگاری‌شده Export private key [%1] برون‌داد کلید خصوصی [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) کلید‌های خصوصی ( با قالب‌های pem، der و pk8);; کلیدهای عمومی SSH (با قالب pub) db_temp Bad template: %1 قالب نامناسب: %1 Empty template قالب تهی Preset Template values مقادیر قالب از پیش تعیین‌شده Save template as ذخیره‌ی قالب به عنوان XCA templates ( *.xca );; All files ( * ) قالب XCA.(*.xca);; همه‌ی پرونده‌ها (*) db_x509 CA مسیر پوشه reflects the basic Constraints extension افزونه‌ی basic Constraints را منعکس کن Serial شماره‌ی ردیف Start date تاریخ آغز Expiry date تاریخ انقضا MD5 fingerprint اثز انگشت MD5 SHA1 fingerprint اثز انگشت SHA1 SHA256 fingerprint اثزانگشت SHA256 Not before از Not after تا Revocation ابطال CRL Expiration انقضای CRL Failed to retrieve unique random serial تولید شماره‌ی ردیف تصادفی با شکست مواجه شد The certificate already exists in the database as: '%1' and so it was not imported گواهی در حال حاضر در پایگاه داده با نام '%1' وجود دارد و بنابراین درون‌داد نشد Signed on %1 by '%2' امضا‌شده روی %1 با '%2' Unknown ناشناخته Invalid public key کلید عمومی نامعتبر The key you selected for signing is not a private one. کلیدی که شما برای امضا انتخاب کرده‌اید، کلید خصوصی نیست. Failed to create directory '%1' ساخت پوشه‌ی '%1' با خطا مواجه شد Store the certificate to the key on the token '%1 (#%2)' ? ذخیره گواهی برای کلید موجود روی توکن '%1 (#%2)' ؟ There was no key found for the Certificate: '%1' کلیدی برای گواهی'%1' یافت نشد Not possible for a token key: '%1' برای کلید توکن امکان پذیر نیست '%1' Not possible for the token-key Certificate '%1' برای کلید توکنی امکان‌پذیر نیست '%1' Plain View نمایش بدون‌قالب Tree View نمایش درختی PKCS#7 unrevoked PKCS#7 عدم‌تعلیق‌شده PEM unrevoked PEM عدم‌ تعلیق‌شده vCalendar vCalendar CA vCalendar vCalander مرکز صدور X509 Certificates ( *.pem *.cer *.crt *.p12 *.p7b ) گواهی x509 (با قالب‌های pem, cer, crt, p12, p7b) days روزها No template بدون قالب X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) گواهی x509 (با قالب‌های pem, cer, crt, p12, pfx, p7b) PEM chain زنجیره‌ی PEM PKCS#7 chain زنجیره‌ی PKCS#7 PKCS#12 chain زنجیره‌ی PKCS#12 PKCS#7 all همه‌ PKCS#7 PEM + key PEM + کلید PEM all همه PEM Certificate Index file پرونده‌ی نمایه‌ی گواهی Certificate export برون‌داد گواهی db_x509name Subject پذیرنده Complete distinguished name نام کامل متمایز‌شده (dn) Subject hash چکیده‌ی نام پذیرنده Hash to lookup certs in directories چکیده ی گواهی جهت جست‌وجو در پوشه‌ها db_x509req Signed امضا‌شده whether the request is already signed or not آیا درخواست در حال حاضر امضا شده است یا خیر Unstructured name نام غیر ساخت‌یافته Challenge password گذرواژه‌ی چالش Certificate count تعداد گواهی‌ها Number of certificates in the database with the same public key تعداد گواهی‌های موجود در پایگاه داده با کلید عمومی یکسان The certificate signing request already exists in the database as '%1' and thus was not stored درخواست صدور گواهی در حال حاضر در پایگاه داده به عنوان '%1' موجود می‌باشد و بنابراین ذخیره نخواهد شد Certificate request export برون‌داد درخواست صدور گواهی Certificate request ( *.pem *.der *.csr ) درخواست صدور گواهی (با قالب‌های pem، der, csr) db_x509super Key name نام کلید Internal name of the key نام درونی کلید Signature algorithm الگوریتم امضا Key type نوع کلید Key size طول کلید EC Group گروه EC (خم‌های بیضوی) Extracted from %1 '%2' استخراج‌شده از %1 '%2' Certificate گواهی Certificate request درخواست صدور گواهی The following extensions were not ported into the template افزونه‌های زیر به قالب اضافه نشده است Transformed from %1 '%2' تغییر شکل‌داده‌شده از %1 '%2' Save as OpenSSL config ذخیره به عنوان پیکربندی Open SSL Config files ( *.conf *.cnf);; All files ( * ) پرونده‌های پیکربندی (با قالب conf, cnf) ;; همه‌ی پرونده‌ها (با همه‌ی قالب‌ها) kvView Type نوع Content محتوا pass_info Password گذرواژه PIN گذرشماره pkcs11_lib Failed to open PKCS11 library: %1: %2 بازکردن کتابخانه‌ی PKCS#11 با شکست مواجه شد: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. به نظر نمی‌رسد که این کتابخانه‌ی PKCS#11 معتبر باشد. نماد تابع 'C_GetFunctionList' یافت نشد. pki_base Unknown ناشناخته Imported درون‌داد‌شده Generated صادر‌شده Transformed تغییرشکل‌داده‌شده Token توکن Legacy Database پایگاه داده‌ی قدیمی Renewed تمدید‌شده Property '%1' not listed in 'pki_base::print' مشخصه‌ی '%1' در 'pki_base::print' فهرست نشده است Internal error: Unexpected message: %1 %2 خطای درونی: پیام نامنتظره: %1 %2 pki_crl Successfully imported the revocation list '%1' فهرست ابطال '%1' با موفقیت درون‌داد شد Delete the revocation list '%1'? حذف کردن فهرست ابطال '%1'؟ Successfully created the revocation list '%1' فهرست ابطال '%1' با موفقیت ساخته شد Delete the %1 revocation lists: %2? حذف %1 فهرست ابطال‌ها: %2؟ Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. بارگذاری فهرست ابطال در پرونده‌ی %1 امکان‌پذیر نیست قالب‌های فهرست ابطال PEM و DER مورد آزمایش قرار گرفت. No issuer given هیچ صادر‌کننده‌ای دریافت نشد CRL Renewal of CA '%1' due تمدید گواهی از مرکز صدور '%1' به دلیل The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' جدیدترین فهرست ابطال صادرشده با مرکز صدور '%1' در تاریخ %2 انقضا می‌یابد. این فهرست ابطال در پایگاه‌داده‌ی XCA با نام '%3' ذخیره شده است Renew CRL: %1 تمدید فهرست ابطال (CRL): %1 The XCA CRL '%1', issued on %3 will expire on %4. It is stored in the XCA database '%5' فهرست ابطال XCA با نام '%1'، صادرضده در %3 در تاریخ %4 انقضا می‌یابد. این فهرست ابطال در پایگاه‌داده‌ی XCA با نام '%5' ذخیره شده است Wrong Size %1 %1 اندازه‌ی نادرست pki_evp Please enter the password to decrypt the private key %1. خواهشمند است برای رمزگشایی کلید خصوصی گذرواژه را وارد نمائید: %1. The key from file '%1' is incomplete or inconsistent. کلید از پرونده‌ی '%1' ناکامل یا نادرست است. Please enter the password to decrypt the private key from file: %1 خواهشمند است برای رمزگشایی کلید از فایل: '%1'، گذرواژه را وارد کنید Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. بارگذاری کلید خصوصی در پرونده‌ی %1 امکان‌پذیر نیست. قالب‌های PEM و DER خصوصی، عمومی، کلید نوع PKCS#8 و قالب SSH2 مورد آزمایش قرار گرفت. Please enter the password to decrypt the private key: '%1' خواهشمند است برای رمزگشایی کلید خصوصی گذرواژه را وارد نمائید: '%1' Password input aborted ورود گذرواژه متوقف شد Please enter the database password for decrypting the key '%1' خواهشمند است برای رمزگشایی کلید گذرواژه‌ی پایگاه‌داده را وارد نمائید: '%1' Please enter the password to protect the private key: '%1' خواهشمند است برای محافظت از کلید خصوصی، گذرواژه را وارد نمائید: %1 Please enter the database password for encrypting the key خواهشمند است برای رمزگشایی کلید، گذرواژه‌ی پایگاه‌داده را وارد نمائید Please enter the password protecting the PKCS#8 key '%1' خواهشمند است گذرواژه‌ی محافظت از کلید PKCS#8 را وارد نمائید: '%1' Please enter the password protecting the Microsoft PVK key '%1' خواهشمند است گذرواژه‌ی محافظت از کلید Microsoft PVK را وارد نمائید: '%1' Please enter the export password for the private key '%1' خواهشمند است گذرواژه‌ی برون‌داد کلید خصوصی را وارد نمائید: '%1' Failed to decrypt the key (bad password) %1 رمزگشایی کلید با شکست مواجه شد (گذرواژه‌ی نادرست) %1 Please enter the password to decrypt the private key. خواهشمند است برای رمزگشایی کلید، گذرواژه را وارد کنید. Ignoring unsupported private key کلید خصوصی به دلیل پشتیبانی‌نشدن، در نظر گرفته نشد pki_export PEM Text format with headers قالب متنی PEM با سرآیند Concatenated list of all selected items in one PEM text file فهرست همه‌ی موارد در یک پرونده‌ی متنی PEM الحاق‌شده PEM chain زنجیره‌ی PEM Concatenated text format of the complete certificate chain in one PEM file قالب متنی الحاق‌شده از زنجیره‌ی کامل گواهی در یک پرونده‌ی PEM PEM + key PEM + کلید Concatenation of the certificate and the unencrypted private key in one PEM file الحاق کواهی با کلید خصوصی رمزنگاری‌نشده در یک فایل با قالب PEM Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file الحاق گواهی و کلید خصوصی رمزنگاری‌شده در یک فایل با قالب PKCS#8 PKCS#7 encoded single certificate تک‌‌گواهی در قالب PKCS#7 All selected certificates encoded in one PKCS#7 file همه‌ی گواهی‌های انتخاب‌شده در یک پرونده‌ی در قالب PKCS#7 PKCS #7 chain زنجیره‌ی PKCS#7 PKCS#7 encoded complete certificate chain زنجیره‌ی کامل گواهی در قالب PKCS#7 Binary DER encoded certificate گواهی دودویی در قالب DER PKCS #12 chain زنجیره‌ی PKCS#12 The complete certificate chain and the private key as encrypted PKCS#12 file زنچیره‌ی کامل گواهی و کلید خصوصی در قالب یک پرونده‌ی PKCS#12 رمزنگاری‌شده PKCS #12 PKCS#12 The certificate and the private key as encrypted PKCS#12 file گواهی و کلید خصوصی در قالب یک پرونده‌ی PKCS#12 رمزنگاری‌شده Certificate Index file پرونده‌ی نمایه‌ی گواهی OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool پرونده‌ی متنی نمایه‌ی گواهی مختص OpenSSL که با دستور 'ca' ساخته شده و توسط ابزار OCSP مورد نیاز است vCalendar vCalendar vCalendar expiry reminder for the selected items یاآوری انقضای vCalander برای موارد انتخاب‌شده CA vCalendar vCalander مرکز صدور vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL یادآوری انقضای vCalander شامل همه‌ی گواهی‌های معتبر صادرشده، خود مرکز صدور و آخرین فهرست ابطال PEM public PEM عمومی Text format of the public key in one PEM file قالب متنی کلید عمومی در یک فایل PEM PEM private PEM خصوصی Unencrypted private key in text format کلید خصوصی رمزنگاری‌نشده در قالب متن PEM encrypted PEM رمزنگاری‌شده OpenSSL specific encrypted private key in text format کلید خصوصی رمزنگاری‌شده مخصوص OpenSSl در قالب متن SSH2 private SSH2 خصوصی SSH2 public SSH2 عمومی The public key encoded in SSH2 format کلید عمومی در قالب SSH2 DER public DER عمومی Binary DER format of the public key کلید خصوصی در قالب دودویی DER DER private DER خصوصی Unencrypted private key in binary DER format کلید خصوصی رمزنگاری‌نشده در قالب دودویی DER PVK private PVK خصوصی Private key in Microsoft PVK format not encrypted کلید خصوصی در قالب Microsoft PVK به صورت رمزنگاری‌نشده PVK encrypted PVK رمزنگاری‌شده Encrypted private key in Microsoft PVK format کلید خصوصی رمزنگاری‌شده در قالب Microsoft PVK PKCS #8 encrypted PKCS#8 رمزنگاری‌شده Encrypted private key in PKCS#8 text format کلید خصوصی رمزنگاری‌شده در قالب متنی PKCS#8 PKCS #8 PKCS #8 Unencrypted private key in PKCS#8 text format کلید خصوصی رمزنگاری‌نشده در قالب متنی PKCS#8 Binary DER format of the certificate request قالب دودویی DER درخواست گواهی Binary DER format of the revocation list قالب دودویی DER فهرست ابطال vCalendar reminder for the CRL expiry date یاآوری انقضای vCalander برای تاریخ انقضا XCA template in PEM-like format قالب XCA در قالب مشابه PEM All selected XCA templates in PEM-like format همه ی قالب‌های XCA انتخاب‌شده در قالب مشابه PEM pki_key Successfully imported the %1 public key '%2' %1 کلید عمومی '%2' با موفقیت درون‌داد شد Delete the %1 public key '%2'? آیا %1 با کلید عمومی '%2' حذف شود؟ Successfully imported the %1 private key '%2' شئ %1 با موفقیت کلید خصوصی درون‌داد شد '%2' Delete the %1 private key '%2'? آیا %1 کلید خصوصی '%2' حذف شود؟ Successfully created the %1 private key '%2' %1 کلید خصوصی '%2' با موفقیت ساخته شد Delete the %1 keys: %2? آیا %1 کلید (ها) حدف شوند: %2؟ Public key کلید عمومی Common عمومی Private خصوصی Bogus دارای اشکال PIN گذرشماره No password بدون گذرواژه Unexpected SSH2 content: '%1' محتوای SSH2 غیرقابل قبول: '%1' Invalid SSH2 public key کلید عمومی SSH2 نامعتبر Failed writing to %1 عملیات نوشتن روی %1 با شکست مواجه شد pki_multi No known PEM encoded items found هیچ مورد شناخته‌شده‌ای با قالب PEM یافت نشد pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 خواهشمند است گذرواژه برای رمزگشایی پرونده‌ی PKCS#12 را وارد نمایید: %1 Unable to load the PKCS#12 (pfx) file %1. بارگذاری پرونده‌ی PKCS#12 (pfx) %1 امکان پذیر نیست. The supplied password was wrong (%1) گذرواژه‌ی وارد‌شده اشتباه بود (%1) Please enter the password to encrypt the PKCS#12 file خواهشمند است گذرواژه برای رمزنگاری پرونده‌ی PKCS#12 را وارد نمایید No key or no Cert and no pkcs12 کلید یا گواهی و pkcs12 امکان‌پذیر نیست pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. بارگذاری پرونده‌ی %1 با قالب PKCS#7 امکان پذیر نیست. تلاش برای بارگذاری در قالب‌های PEM و DER صورت پذیرفت. pki_scard Successfully imported the token key '%1' کلید توکن '%1' با موفقیت درون‌داد شد Delete the token key '%1'? آیا کلید توکن '%1' حذف شود؟ Successfully created the token key '%1' کلید توکن '%1' با موفقیت صادر شد Delete the %1 keys: %2? آیا %1 کلید (ها) حدف شوند: %2؟ Delete the private key '%1' from the token '%2 (#%3)' ? آیا کلید خصوصی '%1' از توکن '%2(#%3)' حذف شود؟ This Key is already on the token کلید در حال حاضر بر روی توکن موجود است PIN input aborted ورود گذرشماره متوقف شد Unable to find copied key on the token یافتن کلید روگرفته‌شده بر روی توکن امکان‌پذیر نیست Please insert card: %1 %2 [%3] with Serial: %4 خواهشمند است کارت: %1 %2 [%3] با ردیف: %4 را وارد نمائید Unable to find generated key on card یافتن کلید تولید‌شده بر روی کارت امکان‌پذیر نیست Token %1 توکن %1 Failed to find the key on the token یافتن کلید بر روی توکن با شکست مواجه شد Invalid Pin for the token گذرشماره‌ی نامعتبر برای توکن Failed to initialize the key on the token مقداردهی اولیه کلید بر روی توکن با شکست مواجه شد Ignoring unsupported token key کلید توکن به دلیل پشتیبانی‌نشدن، در نظر گرفته نشد Wrong Size %1 %1 اندازه‌ی نادرست Illegal Key generation method روش تولید کلید نامعتبر است pki_temp Successfully imported the XCA template '%1' قالب XCA با نام '%1' با موفقیت درون‌داد شد Delete the XCA template '%1'? قالب XCA با نام '%1' حذف شود؟ Successfully created the XCA template '%1' قالب XCA با نام '%1' با موفقیت ساخته شد Delete the %1 XCA templates: %2? آیا قالب XCA با نام %1 از '%2' حذف شود؟ Wrong Size %1 %1 اندازه‌ی نادرست Template file content error (too small) پرونده‌ی قالب دارای خطا (بسیار کوچک) Not a PEM encoded XCA Template قالب رمزنگاری‌شده PEM برای XCA شناخته نشد Not an XCA Template, but '%1' به جز '%1'، قالب XCA شناخته نشد pki_x509 Successfully imported the certificate '%1' گواهی '%1' با موفقیت درون‌داد شد Delete the certificate '%1'? آیا گواهی '%1' حذف شود؟ Successfully created the certificate '%1' گواهی '%1' با موفقیت صادر شد Delete the %1 certificates: %2? آیا گواهی‌های %1 حذف شوند:‌ %2؟ Unable to load the certificate in file %1. Tried PEM and DER certificate. بارگذاری گواهی از پرونده‌ی %1 امکان‌پذیر نیست. قالب‌های PEM و DER آزمایش شد. This certificate is already on the security token گواهی در حال حاضر بر روی توکن امنیتی موجود است Delete the certificate '%1' from the token '%2 (#%3)'? آیا گواهی '%1' از توکن '%2(#%3)' حذف شود؟ There is no key for signing ! هیچ کلیدی برای امضا وجود ندارد! No خیر Yes بله Renew certificate: %1 تمدید گواهی: %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' گواهی XCA با نام '%1'، صادرشده بر روی %2 در تاریخ %3 منقضی می‌شود. این گواهی در پایگاه داده‌ی XCA '%4' ذخیره شده است Wrong Size %1 اندازه‌ی نادرست %1 pki_x509req Signing key not valid (public key) کلید امضا معتبر نیست (کلید عمومی) Successfully imported the %1 certificate request '%2' با موفقیت '%1' از درخواست گواهی '%2' درون‌داد شد Delete the %1 certificate request '%2'? آیا %1 از درخواست گواهی '%2' حذف شود؟ Successfully created the %1 certificate request '%2' با موفقیت %1 از درخواست گواهی '%2' ساخته شد Delete the %1 certificate requests: %2? حذف %1 از درخواست‌های گواهی:%2؟ Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. بارگذاری درخواست گواهی در پرونده‌ی %1 امکان‌پذیر نیست قالب‌های PEM، DER و SPKAC مورد آزمایش قرار گرفت. Signed امضا‌شده Unhandled مورد‌بررسی قرارگرفته Wrong Size %1 اندازه‌ی نامعتبر %1 v3ext Copy Common Name رونوشت از نام عمومی گواهی Add افزودن Delete حذف Apply اعمال Validate اعتبارسنجی Cancel لغو An email address or 'copy' یک نشانی رایانامه یا 'رونوشت' An email address یک نشانی رایانامه A registered ID: OBJECT IDENTIFIER یک شناسه‌ی ثبت‌شده: OBJECT IDENTIFIER A uniform resource indicator یک نشان‌گر یکتای منبع A DNS domain name or 'copycn' یک نام دامنه‌ی DNS یا 'copycn' A DNS domain name یک نام دامنه‌ی DNS An IP address یک نشانی IP Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' روش نوشتار: <OID>; Type: متن مانند '1.2.3.4' UTF8: نام No editing. Only 'copy' allowed here ویرایش نشود. تنها 'رونوشت' در این قسمت دارای مجوز است Validation failed: '%1' %2 اعتبارسنجی با شکست مواجه شد:'%1' %2 Validation successful: '%1' اعتبارسنجی با موفقیت انجام شد: '%1' xcaWarning The following error occurred: خطای زیر ایجاد شد: Copy to Clipboard ایجاد رونوشت در حافظه‌رونوشت xcaWarningGui Copy to Clipboard ایجاد رونوشت در حافظه‌رونوشت xca-RELEASE.2.5.0/lang/xca_fr.ts000066400000000000000000006341651450407711300161240ustar00rootroot00000000000000 CaProperties CA Properties Propriétés du CA Form Days until next CRL issuing Nombre de jours avant la génération de la prochaine liste de révocation Default template Modèle par défaut CertDetail Details of the Certificate Détails du Certificat Serial Numéro de série The serial number of the certificate Le numéro de série du certificat The internal name of the certificate in the database Le nom interne du certificat dans la base de données Status Etat Internal name Nom interne Signature Signature Key Clé Fingerprints Empreinte MD5 MD5 An md5 hashsum of the certificate La somme de hachage MD5 du certificat SHA1 SHA1 A SHA-1 hashsum of the certificate La somme de hachage SHA-1 du certificat SHA256 SHA256 A SHA-256 hashsum of the certificate La somme de hachage SHA-256 du certificat Validity Validité The time since the certificate is valid Le moment depuis lequel le certificat est valide The time until the certificate is valid Le moment auquel le certificat échoit Subject Sujet Issuer Emetteur Extensions Extensions Comment Commentaire Attributes Attributs Show config Afficher la configuration Show extensions Afficher les extensions Show public key Afficher la clé publique This key is not in the database. Cette clé ne figure pas dans la base de données Not available Non disponible Signer unknown Signataire inconnu Self signed Auto-signé Revoked at %1 Révoqué le %1 Not valid Invalide Valid Valide Details of the certificate signing request Détails de la requête de signature CertExtend Certificate renewal Renouvellement du certificat This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. Créer un nouveau certificat conforme à l'ancien, mais avec un nouveau numéro de série et les limites de validité ajustées. Validity Validité Not before Pas avant Not after Pas après Time range Intervalle de temps Local time Heure locale Days Jours Months Mois Years Années No well-defined expiration Pas de date d'expiration précise Midnight Minuit Apply Appliquer Revoke old certificate Révoquer l'ancien certificat Replace old certificate Keep serial number Conserver le numéro de série The certificate will be earlier valid than the signer. This is probably not what you want. Le certificat serait valide avant son signataire. Ce n'est probablement pas ce qui est désiré. Edit dates Modifier les limites de validité Abort rollout Interrompre le déploiement Continue rollout Continuer le déploiement Adjust date and continue Ajuster la date et continuer The certificate will be longer valid than the signer. This is probably not what you want. Le certificat serait valide plus longtemps que son signataire. Ce n'est probablement pas ce qui est désiré. CertTreeView Import PKCS#12 Importer en PKCS#12 Import from PKCS#7 Importer en PKCS#7 Request Requête Security token Jeton de sécurité Other token Autre jeton Similar Certificate Certificat similaire Delete from Security token Détruire sur le jeton de sécurité CA CA Properties Propriétés Generate CRL Générer la liste de révocation Manage revocations Gérer les révocations Renewal Renouvellement Revoke Révoquer Unrevoke Dé-révoquer Plain View Vue à plat Tree View Vue arborescente days jours No template Pas de modèle CA Properties Propriétés du CA Certificate export Exportation de certificat X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) Certificats X509 ( *.pem *.cer *.crt *.p12 *.pfx *.p7b) ClickLabel Double click for details Double-cliquer pour afficher les détails CrlDetail Details of the Revocation list Détails de la liste de révocation &Status &Etat Version Version Signature Signature Signed by Signée par Name Nom The internal name of the CRL in the database Le nom interne de la liste de révocation dans la base de données issuing dates dates d'émission Next update Prochaine mise-à-jour Last update Dernière mise-à-jour &Issuer &Emetteur &Extensions &Extensions &Revocation list Liste de &révocation Comment Commentaire Failed Echoué Unknown signer Signataire inconnu Verification not possible Vérification impossible CrlTreeView There are no CA certificates for CRL generation Il n'y a pas de certificat CA pour la génération de la CRL Select CA certificate Sélectionner un certificat d'autorité Revocation list export Exportation d'une liste de révocation CRL ( *.pem *.der *.crl ) Listes de révocation ( *.pem *.der *.crl ) ExportDialog Name Nom The internal name of the CRL in the database Le nom interne de la liste de révocation dans la base de données ... ... Filename Nom du fichier Export comment into PEM file Exporter le commentaire dans le fichier PEM Export Format Format d'exportation All files ( * ) Tous les fichiers ( * ) PEM Text format with headers Format textuel PEM avec des en-têtes Concatenated list of all selected items in one PEM text file Concaténation de tous les éléments sélectionnés dans un seul fichier texte en format PEM Concatenated text format of the complete certificate chain in one PEM file Fichier PEM contenant la concaténation de tous les certificats de la chaîne Concatenated text format of all certificates in one PEM file Fichier PEM contenant la concaténation de tous les certificats Binary DER encoded file Fichier binaire en format DER PKCS#7 encoded single certificate Un seul certificat en format PKCS#7 PKCS#7 encoded complete certificate chain La chaîne complète de certificats en format PKCS#7 dans un seul fichier Concatenated text format of all unrevoked certificates in one PEM file Fichier PEM contenant la concaténation de tous les certificats non-révoqués All unrevoked certificates encoded in one PKCS#7 file Tous les certificats non-révoqués dans un seul fichier en format PKCS#7 All selected certificates encoded in one PKCS#7 file Tous les certificats sélectionnés dans un seul fichier en format PKCS#7 All certificates encoded in one PKCS#7 file Tous les certificats dans un seul fichier en format PKCS#7 The certificate and the private key as encrypted PKCS#12 file Le certificat et sa clé privée dans un fichier en format PKCS#12 The complete certificate chain and the private key as encrypted PKCS#12 file La chaîne complète des certificats et la clé privée en un seul fichier chiffré en format PKCS#12 Concatenation of the certificate and the unencrypted private key in one PEM file La concaténation du certificat et de sa clé privée non-chiffrée dans un seul fichier PEM Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file La concaténation du certificat et de sa clé privée chiffrée en format PKCS#8 dans un seul fichier Text format of the public key in one PEM file Formattage textuel de la clé publique dans un fichier PEM Binary DER format of the public key Format binaire DER de la clé publique Unencrypted private key in text format Clé privée non-chiffrée en format texte OpenSSL specific encrypted private key in text format Clé privée chiffrée spécifiquement par OpenSSL en format texte Unencrypted private key in binary DER format Clé privée non-chiffrée en format binaire DER Unencrypted private key in PKCS#8 text format Clé privée non-chiffrée en format texte PKCS#8 Encrypted private key in PKCS#8 text format Clé privée chiffrée en format texte PKCS#8 The public key encoded in SSH2 format La clé publique en format SSH2 OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool Fichier d'index des certificats spécifique à OpenSSL, tel que créé par la commande 'ca' et nécessaire à l'outil OCSP vCalendar expiry reminder for the selected items message vCalendar de rappel d'expiration des éléments sélectionnés vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL message vCalendar de rappel d'expiration contenant tous les certificats valides émis, le CA lui-même et la liste de révocation la plus récente Private key in Microsoft PVK format not encrypted La clé privée en format Microsoft PVK n'est pas chiffrée Encrypted private key in Microsoft PVK format Clé privée chiffrée en format Microsoft PVK The file: '%1' already exists! Le fichier '%1' existe déjà! Overwrite Ecraser Do not overwrite Ne pas écraser Form last update next update Days Jours Months Mois Years Années Apply Appliquer Midnight Minuit Local time Heure locale No well-defined expiration Pas de date d'expiration précise Help << << >> << &Done &OK ImportMulti Import PKI Items Importer des objets PKI Import &All Importer &tout &Import &Importer &Done &OK &Remove from list &Retirer de la liste Details Détails Delete from token Enlever du jeton Rename on token Renommer dans le jeton Name: %1 Model: %2 Serial: %3 Nom: %1 Modèle: %2 Numéro de série: %3 Manage security token Gérer les jetons de sécurité Details of the item '%1' cannot be shown Les détails de l'objet '%1' ne peuvent pas être affichés The type of the item '%1' is not recognized Le type de l'objet '%1' n'est pas reconnu The file '%1' did not contain PKI data Le fichier '%1' ne contient pas de données PKI The %1 files: '%2' did not contain PKI data Les %1 fichiers: '%2' ne contiennent pas de données PKI ItemProperties Name Nom Source Source Insertion date Date d'insertion Comment Commentaire KeyDetail Name Nom The internal name of the key used by xca Le nom interne de la clé utilisé par xca Security token Jeton de sécurité Manufacturer Fabricant Serial Numéro de série Key Clé Public Exponent Exposant public Keysize Taille de la clé Private Exponent Exposant privé Security Token Jeton de sécurité Label Etiquette PKCS#11 ID ID PKCS#11 Token information Information du jeton Model Modèle Fingerprint Empreinte Comment Commentaire Details of the %1 key Détails de la clé %1 Not available Non disponible Available Disponible Sub prime Sous-premier Public key Clé publique Private key Clé privée Curve name Nom de la courbe Unknown key Clé inconnue KeyTreeView Clipboard format Change password Changer le mot de passe Reset password Effacer le mot de passe Change PIN Changer le NIP Init PIN with SO PIN (PUK) Initialiser le NIP avec le PUK Change SO PIN (PUK) Changer le PUK Security token Jeton de sécurité This is not a token Ce n'est pas un jeton Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable La clé originale '%1' doit-elle être remplacée par la clé en provenance du jeton ? Cela détruirait la clé '%1' et la rendrait non-exportable. Export public key [%1] Exporter la clé publique [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Clés privées ( *.pem *.der *.pk8 );; Clé publiques SSH ( *.pub ) MainWindow Private Keys Clés privées &New Key &Nouvelle clé &Export &Exporter &Import &Importer Import PFX (PKCS#12) Importer en PFX (PKCS#12) &Show Details &Afficher les Détails &Delete &Détruire Certificate signing requests Requêtes de signature de certificat &New Request &Nouvelle requête Certificates Certificats &New Certificate &Nouveau Certificat Import &PKCS#12 Importer en &PKCS#12 Import P&KCS#7 Importer en P&KCS#7 Plain View Vue à plat Templates Modèles &New Template &Nouveau modèle &New CRL &Nouvelle liste de révocation Ch&ange Template &Modifier le Modèle Revocation lists Listes de révocation Using or exporting private keys will not be possible without providing the correct password Il sera impossible d'utiliser ou d'exporter des clés privées sans fournir le mot de passe correct. Database Base de données The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. L'algorithme de hachage '%1' sélectionné n'est pas sûr. SVP choisissez au moins 'SHA 224' pour raisons de sécurité. Recent DataBases Bases de données utilisées recemment System Système Croatian Croate English Anglais French Français German Allemand Japanese Japonais Russian Russe Slovak Slovaque Spanish Espagnol Persian Bulgarian Polish Polonais Italian Italien Chinese Chinois Dutch Néerlandais Portuguese in Brazil Portugais du Brésil Indonesian Turkish Turc Language Langue &File &Fichier Open Remote DataBase Ouvrir une base de données externe Set as default DataBase Définir comme base de données par défaut New DataBase Nouvelle base de données Open DataBase Ouvrir une base de données Close DataBase Fermer la base de données Options Options Exit Quitter I&mport I&mporter Keys Clés Requests Requêtes PKCS#12 PKCS#12 PKCS#7 PKCS#7 Template Modèle Revocation list Liste de révocation PEM file Fichier PEM Paste PEM file Coller un fichier PEM Token Jeton Export Certificate &Index hierarchy Exporter la hiérarchie de l'index des certificats Content Contenu &Manage Security token &Gérer le jeton de sécurité &Init Security token &Initialiser le jeton de sécurité &Change PIN &Changer le NIP Change &SO PIN Changer le P&UK Init PIN Initialiser le NIP Extra Extra &Dump DataBase C&licher la base de données &Export Certificate Index Exporter l'index des certificats C&hange DataBase password C&hanger le mot de passe de la base de données &Undelete items &Récupérer des objets détruits Generate DH parameter Générer le paramètre DH OID Resolver Convertisseur d'OID &Help &Aide About A propos Import PEM data Importer les données PEM Please enter the original SO PIN (PUK) of the token '%1' SVP saisir le PUK original du jeton '%1' Search Rechercher Please enter the new SO PIN (PUK) for the token '%1' SVP saisir le nouveau NIP SO (PUK) pour le jeton: '%1' The new label of the token '%1' La nouvelle étiquette du jeton '%1' The token '%1' did not contain any keys or certificates Le jeton '%1' ne contient aucune clé ni aucun certificat Current Password Mot de passe actuel Please enter the current database password SVP saisir le mot de passe de la base de données The entered password is wrong Le mot de passe renseigné est inexact New Password Nouveau mot de passe Please enter the new password to encrypt your private keys in the database-file SVP saisir le nouveau mot de passe pour chiffrer les clés privées dans le fichier de base de données Transaction start failed Le démarrage de la transaction a échoué Database: %1 Certificate Index ( index.txt ) Index des certificats ( index.txt ) All files ( * ) Tous les fichiers ( * ) Diffie-Hellman parameters saved as: %1 Les paramètres Diffie-Hellman on été sauvegardés dans: %1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits Les paramètres de Diffie-Hellman sont nécessaires à certaines applications mais ne sont pas gérés par XCA. Saisir le nombre de bits du paramètre de Diffie-Hellman SVP NewCrl Last update Dernière mise-à-jour Next update Prochaine mise-à-jour Days Jours Months Mois Years Années Midnight Minuit Local time Heure locale Apply Appliquer Options Options CRL number Numéro de la liste de révocation Subject alternative name Nom alternatif du sujet Revocation reasons Raisons de la révocation Authority key identifier Identifiant de clé de l'autorité Hash algorithm Algorithme de hachage Create CRL Créer une liste de révocation NewKey Please give a name to the new key and select the desired keysize SVP donner un nom à la nouvelle clé et sélectionner la taille de clé désirée Key properties Propriétés de la clé Name Nom The internal name of the new key Le nom interne de la nouvelle clé Curve name Nom de la courbe Usually at least 2048 bit keys are recommended Généralement une clé de 2048 bits est recommandée New Key Nouvelle Clé Keysize Taille de la clé Keytype Type de clé Remember as default Enregistrer comme valeur par défaut Create Créer NewX509 Source Source Signing request Requête de signature Show request Afficher la requête Sign this Certificate signing &request Signer cette &requête Copy extensions from the request Copier les extensions de la requête Modify subject of the request Modifier le sujet de la requête Signing Signer Create a &self signed certificate Créer un certificat auto-&signé Use &this Certificate for signing Utiliser &ce certificat pour signer All certificates in your database that can create valid signatures Tous les certificats dans la base de données qui peuvent produire des signatures valables Signature algorithm Algorithme de signature Template for the new certificate Modèle pour le nouveau certificat All available templates Tous les modèles disponibles Apply extensions Appliquer les extensions Apply subject Appliquer le sujet Apply all Appliquer tout Subject Sujet Internal Name Nom interne Distinguished name Nom distinctif Add Ajouter Delete Enlever Private key Clé privée This list only contains unused keys Cette liste ne contient que les clés inutilisées Used keys too Inclure les clés utilisées &Generate a new key &Générer une nouvelle clé Extensions Extensions Type Type If this will become a CA certificate or not Si un certificat d'autorité (CA) est en train d'être créé ou non Not defined Non défini Certification Authority Autorité de Certification End Entity Entité Finale Path length Distance aux entités finales How much CAs may be below this. Combien de niveau de sous-CA peuvent apparaître jusqu'à une entité finale. The basic constraints should always be critical Les contraintes basiques doivent toujours être critiques Key identifier Identifiant de clé Creates a hash of the key following the PKIX guidelines Crée un hachage de la clé conformément aux directives PKIX Copy the Subject Key Identifier from the issuer Copie l'identifiant de clé du sujet du signataire Validity Validité Not before Pas avant Not after Pas après Time range Intervalle de temps Days Jours Months Mois Years Années Apply Appliquer Set the time to 00:00:00 and 23:59:59 respectively Définir les heures à 00:00:00 et 23:59:59 respectivement Midnight Minuit Local time Heure locale No well-defined expiration Pas de date d'expiration précise DNS: IP: URI: email: RID: DNS: IP: URI: email: RID: Edit Modifier URI: URI: Key usage Usage de la clé Netscape Netscape Advanced Avancé Validate Valider Comment Commentaire This name is only used internally and does not appear in the resulting certificate Ce nom est seulement utilisé par xca et n'apparaît pas dans le certificat exporté Critical Critique Create Certificate signing request Créer une requête de signature de certificat minimum size: %1 taille minimale: %1 maximum size: %1 taille maximale: %1 only a-z A-Z 0-9 '()+,-./:=? seulement a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters seulement des caractères 7-bit ASCII imprimables Edit XCA template Editer un modèle XCA Create x509 Certificate Créer un certificat x509 Template '%1' applied Le modèle '%1' a été appliqué Subject applied from template '%1' Sujet extrait du modèle '%1' Extensions applied from template '%1' Les extensions du modéle '%1' ont été appliquées New key '%1' created La nouvelle clé '%1' a été créée Other Tabs Autres Onglets Advanced Tab Onglet Avancé Errors Erreurs From PKCS#10 request A partir d'une requête en PKCS#10 Abort rollout Interrompre le déploiement The following length restrictions of RFC3280 are violated: Pour être en conformité avec la RFC3280, les règles de restriction de longueur suivantes ne sont pas respectées: Edit subject Modifier le sujet Continue rollout Continuer le déploiement The verification of the Certificate request failed. The rollout should be aborted. La vérification de la requête de signature à échoué. Le déploiement devrait être interrompu. Continue anyway Continuer quand-même The internal name and the common name are empty. Please set at least the internal name. Le nom interne et le nom commun sont vides. SVP saisir au moins le nom interne. Edit name Modifier le nom There is no Key selected for signing. Aucune clé n'est sélectionnée pour la signature. Select key Sélectionner la clé The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. Les indications de nom distinctif suivantes sont vides: %1 bien que vous les avez déclarées comme obligatoires dans le menu des options. The key you selected for signing is not a private one. La clé sélectionnée pour la signature n'est pas une clé privée. Select other signer Sélectionner un autre signataire Select other key Sélectionner une autre clé The currently selected hash algorithm '%1' is insecure and should not be used. L'algorithme de hachage sélectionné '%1' est peu sûr et ne devrait pas être utilisé. Select other algorithm Sélectionner un autre algorithme Use algorithm anyway Utiliser quand même cet algorithme The certificate will be earlier valid than the signer. This is probably not what you want. Le certificat serait valide avant son signataire. Ce n'est probablement pas ce qui est désiré. Edit dates Modifier les limites de validité Adjust date and continue Ajuster la date et continuer The certificate will be longer valid than the signer. This is probably not what you want. Le certificat serait valide plus longtemps que son signataire. Ce n'est probablement pas ce qui est désiré. The certificate will be out of date before it becomes valid. You most probably mixed up both dates. Le certificat serait échu avant de devenir actif. Vous avez probablement interverti les deux dates. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. Le certificat contient des extensions dupliquées ou invalides. Vérifier la validité sur l'onglet "Avancé". The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. Le certificat ne contient aucune extension. Vous pouvez appliquer des extensions à partir de l'un des modèles pour définir l'usage du certificat The certificate contains invalid extensions. Edit extensions Modifier les extensions The subject alternative name shall contain a copy of the common name. However, the common name is empty. Le nom alternatif du sujet devrait contenir une copie du nom commun. Cependant ce dernier est vide. Configfile error on line %1 Erreur dans le fichier de configuration à la ligne %1 OidResolver OID Resolver Convertisseur d'OID Enter the OID, the Nid, or one of the textual representations Saisir l'OID, le Nid ou une des représentations symboliques Search Rechercher OID OID Long name Nom complet OpenSSL internal ID Identification interne à OpenSSL Nid Nid Short name Nom abrégé OpenDb Open remote database Ouvrir une base de données externe Database type Type de base de données Hostname Nom du serveur Username Nom de l'utilisateur Password Mot de passe Database name Nom de la base de données Table prefix Préfixe du nom des tables No SqLite3 driver available. Please install the qt-sqlite package of your distribution Le pilote SqLite3 n'est pas disponible. SVP installez le paquetage qt-sqlite de votre distribution Options XCA Options Options de XCA Settings Réglages Default hash algorithm Algorithme de hachage par défaut String types Types de chaînes Suppress success messages Supprimer les messages en cas de succès Don't colorize expired certificates Ne pas coloriser les certificats expirés Translate established x509 terms (%1 -> %2) Traduire les termes standards définis par x509 (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. La fonctionalité de hachage du jeton n'est pas utilisée par XCA. Ce dernier peut néanmoins se limiter à un jeu restreint de fonctions de hachage reconnus par le jeton. En particulier, EC et DSA ne sont définis qu'avec SHA1 dans la spécification PKCS#11. Only use hashes supported by the token when signing with a token key N'utiliser que des fonction de hachage supportées par le jeton lors d'une signature avec une clé du jeton Disable legacy Netscape extensions Désactiver les extensions Netscape désuètes PKCS12 encryption algorithm Certificate expiry warning threshold Seuil d'avertissement de l'expiration d'un certificat Send vCalendar expiry reminder Envoyer un message vCalendar de rappel d'expiration Serial number length Longueur du numéro de série bit bits Distinguished name Nom distinctif Mandatory subject entries Inscriptions du sujet obligatoires Add Ajouter Delete Enlever Explicit subject entries Inscriptions explicites du sujet Dynamically arrange explicit subject entries Arranger dynamiquement les éléments explicites du sujet Default Défaut PKCS#11 provider Fournisseur PKCS#11 Remove Enlever Search Rechercher Printable string or UTF8 (default) Chaîne imprimable ou UTF8 (défaut) PKIX recommendation in RFC2459 La recommandation PKIX est dans la RFC2459 No BMP strings, only printable and T61 Pas de chaîne BMP, seulement imprimable et T61 UTF8 strings only (RFC2459) Chaînes UTF8 uniquement (RFC2459) All strings Toutes les chaînes Days Jours Weeks Semaines PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) Le mot de passe doit être exprimé sous forme d'une suite de chiffres hexadécimaux. Il doit contenir un nombre pair de chiffres (0-9 et a-f) Take as HEX string Exprimé en hexadécimal Password Mot de passe Repeat %1 Répéter %1 %1 mismatch %1 ne correspond pas Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters Un mot de passe hexadécimal peut seulement contenir les caractères '0' à '9' et 'a' à 'f' et il doit consister en un nombre pair de caractères Exit Quitter QMessageBox Ok OK Close Fermer Cancel Annuler Apply Appliquer Yes Oui No Non QObject Undefined Indéfini Broken / Invalid Invalide in %1 seconds dans %1 secondes %1 seconds ago il y a %1 secondes in %1 minutes dans %1 minutes %1 minutes ago il y a %1 minutes Yesterday Hier Tomorrow Demain in %1 hours dans %1 heures %1 hours ago il y a %1 heures Out of data A court de données Error finding endmarker of string Erreur: une marque de fin de chaîne n'a pas été trouvée Out of Memory at %1:%2 A court de mémoire à %1:%2 All files ( * ) Tous les fichiers ( * ) PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK Keys ( *.pvk );; SSH Public Keys ( *.pub );; Clés PKI ( *.pem *.der *.key );; Clés PKCS#8 ( *.p8 *.pk8 );; Clés Microsoft PVK ( *.pvk );; Clés publiques SSH ( *.pub );; Import RSA key Importer une clé RSA PKCS#10 CSR ( *.pem *.der *.csr );; PKCS#10 CSR ( *.pem *.der *.csr );; Import Request Importer une requête Certificates ( *.pem *.der *.crt *.cer );; Certificats ( *.pem *.der *.crt *.cer );; Import X.509 Certificate Importer un certificat X.509 PKCS#7 data ( *.p7s *.p7m *.p7b );; Données PKCS#7 ( *.p7s *.p7m *.p7b );; Import PKCS#7 Certificates Importer un certificat PKCS#7 PKCS#12 Certificates ( *.p12 *.pfx );; Certificats PKCS#12 ( *.p12 *.pfx );; Import PKCS#12 Private Certificate Importer un certificat privé PKCS#12 XCA templates ( *.xca );; Modèles XCA ( *.xca );; Import XCA Templates Importer des modèles XCA Revocation lists ( *.pem *.der *.crl );; Listes de révocation ( *.pem *.der *.crl );; Import Certificate Revocation List Importer une liste de révocation de certificats XCA Databases ( *.xdb );; Bases de données XCA ( *.xdb );; Open XCA Database Ouvrir une Base de Données XCA PKCS#11 library ( *.dll );; Bibliothèque PKCS#11 ( *.dll );; PKCS#11 library ( *.dylib *.so );; Bibliothèque PKCS#11 ( *.dylib *.so );; PKCS#11 library ( *.so );; Bibliothèque PKCS#11 ( *.so );; Open PKCS#11 shared library Ouvrir une bibliothèque partagée PKCS#11 PEM files ( *.pem );; Fichiers PEM ( *.pem );; Load PEM encoded file Charger un fichier en format PEM Please enter the PIN on the PinPad Saisir le NIP sur le pavé prévu à cet effet SVP Please enter the SO PIN (PUK) of the token %1 SVP saisir le PUK du jeton '%1' Please enter the PIN of the token %1 SVP saisir le NIP du jeton '%1' No Security token found Aucun jeton de sécurité trouvé Select Sélectionner Please enter the new SO PIN (PUK) for the token: '%1' SVP saisir le nouveau PUK pour le jeton: '%1' Please enter the new PIN for the token: '%1' SVP saisir le nouveau NIP pour le jeton: '%1' Required PIN size: %1 - %2 Taille du NIP requise: %1 - %2 Invalid filename: %1 Nom de fichier invalide: %1 Failed to open PKCS11 library: %1: %2 L'ouverture de la bibliothèque PKCS#11 '%1' a échoué: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Cela n'a pas l'air d'une bibliothèque PKCS#11. Le symbole 'C_GetFunctionList' n'a pas été trouvé. Disabled Désactivé Library loading failed Le chargement de la bibliothèque a échoué PKCS#11 function '%1' failed: %2 La fonction PKCS#11 '%1' a échoué: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 La fonction PKCS#11 '%1' a échoué: %2 Dans la bibliothèque %3 %4 Invalid Invalide %1 is shorter than %2 bytes: '%3' %1 est plus court que %2 octets: '%3' %1 is longer than %2 bytes: '%3' %1 est plus long que %2 octets: '%3' String '%1' for '%2' contains invalid characters La chaîne '%1' pour '%2' contient des caractères invalides Error reading config file %1 at line %2 Erreur de lecture du ficher de configuration %1 à la ligne %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. L'objet '%1' du fichier %2, ligne %3 est déjà connu comme '%4:%5:%6' et devrait être détruit. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. L'identificateur '%1' de l'OID %2 du ficher %3, ligne %4 est déjà utilisé pour un OID différent connu comme '%5:%6:%7' et devrait être changé pour éviter les conflits. Unknown object '%1' in file %2 line %3 Objet inconnu '%1' dans le ficher %2, ligne %3 Failed to start a database transaction Impossible de démarrer la transaction BDD Country code Code de pays State or Province Etat ou province Locality Localité Organisation Organisation Organisational unit Unité d'organisation Common name Nom commun E-Mail address Adresse de courriel Serial number Numéro de série Given name Prénom Surname Nom de famille Title Titre Initials Initiales Description Description Role Rôle Pseudonym Pseudonyme Generation Qualifier Qualifiant de génération x500 Unique Identifier Identifiant Unique X500 Name Nom DN Qualifier Qualifiant de DN Unstructured name Nom non-structuré Challenge password Mot de passe challenge Basic Constraints Contraintes de base Subject alternative name Nom alternatif du sujet issuer alternative name Nom alternatif de l'émetteur Subject key identifier Clé d'identification du sujet Authority key identifier Clé d'identification de l'autorité Key usage Usage de la clé Extended key usage Usage étendu de la clé CRL distribution points Points de distribution de la CRL Authority information access Accès à l'information de l'autorité Certificate type Type de certificat Base URL URL de base Revocation URL URL de révocation CA Revocation URL URL de révocation du CA Certificate renewal URL URL de renouvellement du certificat CA policy URL URL de la politique du CA SSL server name Nom du serveur SSL Comment Commentaire Index file written to '%1' Fichier d'index écrit dans '%1' Index hierarchy written to '%1' Hiérarchie d'index écrite dans '%1' Unknown key type %1 Type de clé inconnu %1 Password verify error, please try again La vérification du mot de passe a échoué. SVP essayez encore The following error occurred: L'erreur suivante s'est produite: Failed to update the database schema to the current version Password Mot de passe ReqTreeView Sign Signer Unmark signed Marquer comme non-signée Mark signed Marquer comme signée Similar Request Requête similaire Certificate request export Exporter la requête de signature Certificate request ( *.pem *.der *.csr ) Requête de signature de certificat ( *.pem *.der *.csr ) RevocationList Manage revocations Gérer les révocations Add Ajouter Delete Enlever Edit Modifier No. No. Serial Numéro de série Revocation Révocation Reason Raison Invalidation Invalidation Generate CRL Générer la liste de révocation Revoke Certificate revocation Révocation du certificat Revocation details Détails de la révocation Revocation reason Raison de la révocation Local time Heure locale Invalid since Non-valide depuis Serial Numéro de série SearchPkcs11 Directory Dossier ... ... Include subdirectories include les sous-dossiers Search Rechercher The following files are possible PKCS#11 libraries Les fichiers suivants sont susceptibles d'être des bibliothèques PKCS#11 SelectToken Security token Jeton de sécurité Please select the security token SVP sélectionner le jeton de sécurité TempTreeView Duplicate Dupliquer Create certificate Créer un certificat Create request Créer une requête copy copier Preset Template values Initialiser les valeurs du modèle Template export XCA Templates ( *.xca ) TrustState Certificate trust Trustment &Never trust this certificate Only &trust this certificate, if we trust the signer &Always trust this certificate Validity yyyy-MM-dd hh:mm yyyy-MM-dd hh:mm X509SuperTreeView OpenSSL config Configuration OpenSSL Transform Transformer Template Modèle Public key Clé publique Save as OpenSSL config Enregistrer en format de configuration OpenSSL Config files ( *.conf *.cnf);; All files ( * ) Fichiers de configuration (*.conf *.cnf);; Tous les fichiers ( * ) XFile Error opening file: '%1': %2 Error rewinding file: '%1': %2 XcaTreeView Item properties Propriétés de l'élement Subject entries Inscriptions du sujet X509v3 Extensions Extensions X509v3 Netscape extensions Extensions Netscape Key properties Propriétés de la clé Reset Réinitialisation Hide Column Cacher la colonne Details Détails Columns Colonnes New Créer Import Importer Paste PEM data Coller les données en format PEM Rename Renommer Properties Propriétés Delete Enlever Export Exporter Clipboard Presse-papier File Fichier database_model Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Format historique de base de données détecté. Une copie de sauvegarde appelée '%1' est créée et la base de données est convertie au nouveau format Failed to rename the database file, because the target already exists Le changement de nom du fichier de base de données a échoué parce qu'un autre fichier du même nom existe déjà Please enter the password to access the database server %2 as user '%1'. SVP saisir le mot de passe de l'utilisateur '%1' sur le serveur de base de données %2. Unable to create '%1': %2 Impossible de créer '%1': %2 The file '%1' is not an XCA database Le fichier '%1' n'est pas une base de données XCA No SqLite3 driver available. Please install the qt-sqlite package of your distribution Le pilote SqLite3 n'est pas disponible. SVP installez le paquetage qt-sqlite de votre distribution New Password Nouveau mot de passe Please enter a password, that will be used to encrypt your private keys in the database: %1 Veuillez saisir un mot de passe, qui sera utilisé pour chiffrer vos clés privées dans la base de données: %1 Password Mot de passe Please enter the password for unlocking the database: %1 Veuillez entrer le mot passe pour déverrouiller la base de données: %1 db_base Internal name Nom interne No. No. Primary key Clé primaire Database unique number Numéro unique de la base de données Date Date Date of creation or insertion Date de création ou d'importation Source Source Generated, Imported, Transformed Généré, Importé, Transformé Comment Commentaire First line of the comment field Première ligne du champ de commentaire Import from: %1 Importer à partir de: %1 Could not create directory %1 Impossible de créer le répertoire %1 Item properties Propriétés de l'élement How to export the %1 selected items Comment exporter les %1 éléments sélectionnés All in one PEM file Tout dans un seul fichier PEM Each item in one file Chaque élément dans un fichier Save %1 items in one file as Sauvegarder %1 éléments dans un seul fichier comme PEM files ( *.pem );; All files ( * ) Fichiers PEM ( *.pem );; Tous les fichiers ( * ) db_crl Signer Signataire Internal name of the signer Nom interne du signataire No. revoked Numéro révoqué Number of revoked certificates Nombre de certificats révoqués Last update Dernière mise-à-jour Next update Prochaine mise-à-jour CRL number Numéro de la liste de révocation The revocation list already exists in the database as: '%1' and so it was not imported Cette liste de révocation figure déjà dans la base de données sous le nom: '%1' En conséquence, elle n'a pas été importée Revocation list export Exportation d'une liste de révocation CRL ( *.pem *.der *.crl ) Listes de révocation ( *.pem *.der *.crl ) Failed to initiate DB transaction Impossible de démarrer la transaction BDD Database error: %1 Erreur de la base de données: %1 db_key Type Type Size Taille EC Group Groupe EC Use Usage Password Mot de passe The key is already in the database as: '%1' and is not going to be imported Cette clé figure déjà dans la base de données sous le nom: '%1' En conséquence, elle ne va pas être importée The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key La base de données connait déjà la partie publique de la clé importée sous le nom '%1' En conséquence, cette dernière sera complétée par la partie privée de la clé importée Extending public key from %1 by imported key '%2' Extension de la clé publique de %1 par la clé importée '%2' Key size too small ! Taille de clé trop petite ! You are sure to create a key of the size: %1 ? Etes-vous sûr de vouloir créer une clé de taille %1 ? PEM public clé publique PEM SSH2 public Clé publique SSH2 PEM private Clé privée PEM SSH2 private Clé privée SSH2 Export keys to Clipboard Exporter les clés vers le presse-papier Clipboard Presse-papier Export public key [%1] Exporter la clé publique [%1] DER public Clé publique DER DER private Clé privée DER PEM encryped Chiffrée en PEM PVK private Clé privée PVK PVK encrypted Chiffrée en PVK PKCS#8 encrypted Chiffrée en PKCS#8 Export private key [%1] Exporter la clé privée [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Clés privées ( *.pem *.der *.pk8 );; Clé publiques SSH ( *.pub ) Internal error Erreur interne Tried to change password of a token Tentative de changement de mot de passe d'un jeton de sécurité db_temp Bad template: %1 Mauvais modèle: %1 Empty template Modèle vide Save template as Enregistrer le modèle sous XCA templates ( *.xca );; All files ( * ) Modèles XCA ( *.xca);; Tous les fichiers ( * ) db_x509 CA CA reflects the basic Constraints extension reflète l'extension des contraintes basiques Serial Numéro de série Start date Date de début Expiry date Date d'expiration MD5 fingerprint Empreinte MD5 SHA1 fingerprint Empreinte SHA1 SHA256 fingerprint Empreinte SHA256 Not before Pas avant Not after Pas après Revocation Révocation CRL Expiration Expiration de la CRL Failed to retrieve unique random serial L'extraction d'un numéro de série aléatoire a échoué The certificate already exists in the database as: '%1' and so it was not imported Ce certificat figure déjà dans la base de données sous le nom: '%1' En conséquence, il n'a pas été importé Signed on %1 by '%2' Signé le %1 par '%2' Unknown Inconnu Invalid public key Clé publique invalide PKCS#7 unrevoked PKCS#7 non-révoqué PEM unrevoked PEM non-révoqué vCalendar message vCalendar CA vCalendar message vCalendar pour le CA X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) Certificats X509 ( *.pem *.cer *.crt *.p12 *.pfx *.p7b) days jours No template Pas de modèle The key you selected for signing is not a private one. La clé sélectionnée pour la signature n'est pas une clé privée. Failed to create directory '%1' Impossible de créer le répertoire %1 Store the certificate to the key on the token '%1 (#%2)' ? Enregistrer le certificate avec la clé sur le jeton '%1 (#%2)' ? PEM chain Chaîne en PEM PKCS#7 chain Chaîne PKCS#7 PKCS#12 chain Chaîne PKCS#12 PKCS#7 all Tous les certificats en PKCS#7 PEM + key PEM + clé PEM all Tous les certificats en PEM Certificate Index file Ficher d'index des certificats Certificate export Exportation de certificat There was no key found for the Certificate: '%1' Aucune clé n'a été trouvée pour le Certificat. '%1' Not possible for a token key: '%1' Impossible pour une clé d'un jeton de sécurité: '%1' Not possible for the token-key Certificate '%1' Impossible pour le certificat d'une clé d'un jeton de sécurité: '%1' db_x509name Subject Sujet Complete distinguished name Nom distinctif complet Subject hash Hachage du sujet Hash to lookup certs in directories Hachage de recherche dans un dossier db_x509req Signed Signée whether the request is already signed or not si la requête a déjà été signée ou non Unstructured name Nom non-structuré Challenge password Mot de passe challenge Certificate count Nombre de certificats Number of certificates in the database with the same public key Nombre de certificats dans la base de données avec la même clé The certificate signing request already exists in the database as '%1' and thus was not stored Cette requête de signature figure déjà dans la base de données sous le nom '%1' En conséquence, elle n'a pas été chargée Certificate request export Exporter la requête de signature Certificate request ( *.pem *.der *.csr ) Requête de signature de certificat ( *.pem *.der *.csr ) db_x509super Key name Nom de la clé Internal name of the key Nom interne de la clé Signature algorithm Algorithme de signature Key type Type de clé Key size Taille de la clé EC Group Groupe EC Extracted from %1 '%2' Extrait de %1 '%2' Certificate Certificat Certificate request Requête de certificat Save as OpenSSL config Enregistrer en format de configuration OpenSSL Config files ( *.conf *.cnf);; All files ( * ) Fichiers de configuration (*.conf *.cnf);; Tous les fichiers ( * ) The following extensions were not ported into the template Les extensions suivantes n'ont pas été enregistrées dans le modèle Transformed from %1 '%2' Transformé à partir de %1 '%2' kvView Type Type Content Contenu pass_info Password Mot de passe PIN NIP pkcs11_lib Failed to open PKCS11 library: %1: %2 L'ouverture de la bibliothèque PKCS#11 '%1' a échoué: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Cela n'a pas l'air d'une bibliothèque PKCS#11. Le symbole 'C_GetFunctionList' n'a pas été trouvé. pki_base Unknown Inconnu Imported Importé Generated Généré Transformed Transformé Token Jeton Legacy Database Base de données antérieure Renewed Renouvelé Property '%1' not listed in 'pki_base::print' Propriété '%1' non listée dans 'pki_base::print' Internal error: Unexpected message: %1 %2 Erreur interne: message inattendu: %1 %2 pki_crl Successfully imported the revocation list '%1' La liste de révocation '%1' a été importée avec succès Delete the revocation list '%1'? Détruire la liste de révocation '%1' ? Successfully created the revocation list '%1' La liste de révocation '%1' a été créée avec succès Delete the %1 revocation lists: %2? Détruire les %1 listes de révocation: %2 ? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. Impossible de charger le liste de révocation du fichier %1. Les formats PEM et DER ont été essayés. No issuer given Aucun signataire spécifié Wrong Size %1 Taille fausse %1 CRL Renewal of CA '%1' due Le renouvellement de la liste de révocation du CA '%1' est nécessaire The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' La dernière liste de révocation générée par le CA '%1' expirera le %2. Elle est stockée dans la base de données XCA '%3' Renew CRL: %1 Renouvellement de CRL: %1 The XCA CRL '%1', issued on %3 will expire on %4. It is stored in the XCA database '%5' La liste de révocation XCA '%1', émise le %3 expirera le %4. Elle est stockée dans la base de données XCA '%5' pki_evp Please enter the password to decrypt the private key %1. SVP saisir le mot de passe pour déchiffrer la clé privée %1, The key from file '%1' is incomplete or inconsistent. La clé dans le fichier '%1' est incomplète ou incorrecte. Please enter the password to decrypt the private key from file: %1 SVP saisir le mot de passe pour déchiffrer la clé privée du fichier: %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. Impossible de charger la clé privée du fichier %1. Les formats PEM et DER ainsi que les types de clés privé, public, PKCS#8 et le format SSH2 ont été essayés. Ignoring unsupported private key Clé privée non-supportée: ignorée Please enter the password to decrypt the private key: '%1' SVP saisir le mot de passe pour déchiffrer la clé privée: '%1' Password input aborted Saisie du mot de passe abandonnée Please enter the database password for decrypting the key '%1' SVP saisir le mot de passe de la base de données pour déchiffrer la clé '%1' Please enter the password to protect the private key: '%1' SVP saisir le mot de passe pour protéger la clé privée: '%1' Please enter the database password for encrypting the key SVP saisir le mot de passe de la base de données pour chiffrer la clé Please enter the password protecting the PKCS#8 key '%1' SVP saisir le mot de passe protégeant la clé en PKCS#8 '%1' Please enter the password protecting the Microsoft PVK key '%1' SVP saisir le mot de passe protégeant la clé en format Microsoft PVK '%1' Please enter the export password for the private key '%1' SVP saisir le mot de passe d'exportation pour la clé privée '%1' pki_export PEM Text format with headers Format textuel PEM avec des en-têtes Concatenated list of all selected items in one PEM text file Concaténation de tous les éléments sélectionnés dans un seul fichier texte en format PEM PEM chain Chaîne en PEM Concatenated text format of the complete certificate chain in one PEM file Fichier PEM contenant la concaténation de tous les certificats de la chaîne PEM + key PEM + clé Concatenation of the certificate and the unencrypted private key in one PEM file La concaténation du certificat et de sa clé privée non-chiffrée dans un seul fichier PEM Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file La concaténation du certificat et de sa clé privée chiffrée en format PKCS#8 dans un seul fichier PKCS#7 encoded single certificate Un seul certificat en format PKCS#7 All selected certificates encoded in one PKCS#7 file Tous les certificats sélectionnés dans un seul fichier en format PKCS#7 PKCS #7 chain PKCS#7 encoded complete certificate chain La chaîne complète de certificats en format PKCS#7 dans un seul fichier Binary DER encoded certificate PKCS #12 chain The complete certificate chain and the private key as encrypted PKCS#12 file La chaîne complète des certificats et la clé privée en un seul fichier chiffré en format PKCS#12 PKCS #12 The certificate and the private key as encrypted PKCS#12 file Le certificat et sa clé privée dans un fichier en format PKCS#12 Certificate Index file Ficher d'index des certificats OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool Fichier d'index des certificats spécifique à OpenSSL, tel que créé par la commande 'ca' et nécessaire à l'outil OCSP vCalendar message vCalendar vCalendar expiry reminder for the selected items message vCalendar de rappel d'expiration des éléments sélectionnés CA vCalendar message vCalendar pour le CA vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL message vCalendar de rappel d'expiration contenant tous les certificats valides émis, le CA lui-même et la liste de révocation la plus récente PEM public clé publique PEM Text format of the public key in one PEM file Formattage textuel de la clé publique dans un fichier PEM PEM private Clé privée PEM Unencrypted private key in text format Clé privée non-chiffrée en format texte PEM encrypted OpenSSL specific encrypted private key in text format Clé privée chiffrée spécifiquement par OpenSSL en format texte SSH2 private Clé privée SSH2 SSH2 public Clé publique SSH2 The public key encoded in SSH2 format La clé publique en format SSH2 DER public Clé publique DER Binary DER format of the public key Format binaire DER de la clé publique DER private Clé privée DER Unencrypted private key in binary DER format Clé privée non-chiffrée en format binaire DER PVK private Clé privée PVK Private key in Microsoft PVK format not encrypted La clé privée en format Microsoft PVK n'est pas chiffrée PVK encrypted Chiffrée en PVK Encrypted private key in Microsoft PVK format Clé privée chiffrée en format Microsoft PVK PKCS #8 encrypted Encrypted private key in PKCS#8 text format Clé privée chiffrée en format texte PKCS#8 PKCS #8 Unencrypted private key in PKCS#8 text format Clé privée non-chiffrée en format texte PKCS#8 Binary DER format of the certificate request Binary DER format of the revocation list vCalendar reminder for the CRL expiry date XCA template in PEM-like format All selected XCA templates in PEM-like format pki_key Successfully imported the %1 public key '%2' La clé publique %1 '%2' a été importée avec succès Delete the %1 public key '%2'? Détruire la clé publique %1 '%2' ? Successfully imported the %1 private key '%2' La clé privée %1 '%2' a été importée avec succès Delete the %1 private key '%2'? Détruire la clé privée %1 '%2' ? Successfully created the %1 private key '%2' La clé privée %1 '%2' a été créée avec succès Delete the %1 keys: %2? Détruire les %1 clés: %2? Public key Clé publique Common Global Private Privé Bogus Erroné PIN NIP No password Pas de mot de passe Unexpected SSH2 content: '%1' Contenu SSH2 inattendu: '%1' Invalid SSH2 public key Clé publique SSH2 invalide Failed writing to %1 Echec d'écriture sur %1 pki_multi No known PEM encoded items found Aucun objet PEM connu n'a été trouvé pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 SVP saisir le mot de passe pour déchiffrer le fichier en PKCS#12: %1 Unable to load the PKCS#12 (pfx) file %1. Impossible de charger le fichier en PKCS#12 (pfx) %1. The supplied password was wrong (%1) Le mot de passe renseigné était faux (%1) Please enter the password to encrypt the PKCS#12 file SVP saisir le mot de passe pour chiffrer le fichier en PKCS#12 No key or no Cert and no pkcs12 Pas de clé ou pas de certificat et pas en PKCS#12 pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. Impossible de charger le fichier en PKCS#7 %1. Les formats PEM et DER ont été essayés. pki_scard Successfully imported the token key '%1' La clé du jeton '%1' a été importée avec succès Delete the token key '%1'? Détruire la clé du jeton '%1' ? Successfully created the token key '%1' La clé du jeton '%1' a été créée avec succès Delete the %1 keys: %2? Détruire les %1 clés: %2? Delete the private key '%1' from the token '%2 (#%3)' ? Détruire la clé privée '%1' sur le jeton '%2 (#%3)' ? This Key is already on the token Cette clé est déjà sur le jeton PIN input aborted Saisie du NIP abandonnée Unable to find copied key on the token Impossible de trouver la clé copiée sur le jeton Please insert card: %1 %2 [%3] with Serial: %4 SVP insérer la carte %1 %2 [%3] avec le numéro de série: %4 Unable to find generated key on card Impossible de trouver la clé générée sur la carte Ignoring unsupported token key La clé non-supportée sur le jeton est ignorée Wrong Size %1 Taille fausse %1 Token %1 Jeton %1 Failed to find the key on the token Impossible de trouver la clé sur le jeton Invalid Pin for the token NIP invalide pour le jeton Failed to initialize the key on the token Impossible d'initialiser la clé sur le jeton pki_temp Successfully imported the XCA template '%1' Le modèle XCA '%1' a été importé avec succès Delete the XCA template '%1'? Détruire le modèle XCA '%1' ? Successfully created the XCA template '%1' Le modèle XCA '%1' a été créé avec succès Delete the %1 XCA templates: %2? Détruire les %1 modèles XCA: %2 ? Wrong Size %1 Taille fausse %1 Template file content error (too small) Erreur de contenu du fichier de modèle (trop petit) Not a PEM encoded XCA Template Ce n'est pas un modèle XCA en format PEM Not an XCA Template, but '%1' Ce n'est pas un modèle XCA, mais '%1' pki_x509 Successfully imported the certificate '%1' Le certificat '%1' a été importé avec succès Delete the certificate '%1'? Détruire le certificat '%1' ? Successfully created the certificate '%1' Le certificat '%1' a été créé avec succès Delete the %1 certificates: %2? Détruire les %1 certificats: '%2' ? Unable to load the certificate in file %1. Tried PEM and DER certificate. Impossible de charger le certificat du fichier %1. Les formats PEM et DER ont été essayés. This certificate is already on the security token Ce certificat est déjà dans le jeton de sécurité Delete the certificate '%1' from the token '%2 (#%3)'? Détruire le certificat '%1' sur le jeton '%2 (#%3)' ? There is no key for signing ! Il n'y a pas de clé pour signer ! Wrong Size %1 Taille fausse %1 No Non Yes Oui Renew certificate: %1 Renouvellement du certificat: %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' Le certificat XCA '%1' émis le %2 expirera le %3. Il est stocké dans la base de données XCA '%4' pki_x509req Signing key not valid (public key) La clé de signature n'est pas valide (c'est une clé publique) Successfully imported the %1 certificate request '%2' La requête %1 de signature '%2' a été importée avec succès Delete the %1 certificate request '%2'? Détruire la requête %1 de signature '%2' ? Successfully created the %1 certificate request '%2' La requête %1 de signature '%2' a été créée avec succès Delete the %1 certificate requests: %2? Détruire la requête %1 de signature '%2' ? Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. Impossible de charger la requête de signature du fichier %1. Les formats PEM, DER et SPKAC ont été essayés. Wrong Size %1 Taille fausse %1 Signed Signée Unhandled Non-géré v3ext Copy Common Name Copier le nom commun Add Ajouter Delete Enlever Apply Appliquer Validate Valider Cancel Annuler An email address or 'copy' Une adresse de courriel ou 'copy' An email address Une adresse de courriel A registered ID: OBJECT IDENTIFIER un IDentifiant enregistré: IDENTIFICATEUR.OBJET A uniform resource indicator un indicateur uniforme de ressource A DNS domain name or 'copycn' un nom de domaine DNS ou 'copycn' A DNS domain name un nom de domaine DNS An IP address Une adresse IP Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' Syntaxe: <OID>;TYPE:texte sous la forme '1.2.3.4:UTF8:nom' No editing. Only 'copy' allowed here Pas de modification possible. Seul 'copy' est permis ici Validation failed: '%1' %2 La validation a échoué: '%1' %2 Validation successful: '%1' La validation a été effectuée avec succès: '%1' xcaWarning The following error occurred: L'erreur suivante s'est produite: Copy to Clipboard Copier dans le presse-papier xcaWarningGui Copy to Clipboard Copier dans le presse-papier xca-RELEASE.2.5.0/lang/xca_hr.ts000066400000000000000000007107701450407711300161230ustar00rootroot00000000000000 About Done Završeno, Obavljeno Gotovo CaProperties CA Properties Svojstva CA Osobine CA Use random Serial numbers Koristi slučajne Serijske brojeve Form Obrazac Days until next CRL issuing Broj dana do izdavanja CRL Broj dana do sljedećeg CRL Default template Osnovni obrazac Osnovni predložak Next serial for signing Sljedeći Serijski broj za potpis CertDetail Details of the Certificate Detalji Potvrde S&tatus Status? S&tanje Serial Serijski broj The serial number of the certificate Serijski broj potvrde The internal name of the certificate in the database Interno ime potvrde (u bazi) Internal name Interno ime Signature algorithm Algoritam potpisa Signature Potpis Key Ključ Fingerprints Sažeci potvrde SHA1 SHA1 MD5 MD5 A SHA-1 hashsum of the certificate SHA-1 sažetak potvrde An md5 hashsum of the certificate MD5 sažetak potvrde Status Stanje SHA256 SHA256 A SHA-256 hashsum of the certificate SHA-256 sažetak potvrde Validity Valjanost The time since the certificate is valid Vrijeme od kada je potvrda valjana The time until the certificate is valid Vrijeme do kada je potvrda valjana Subject Subjekt Issuer Izdavač Extensions Proširenja Comment Napomena &Subject Nositelj? &Subjekt &Issuer &Izdavač Attributes Svojstva &Extensions Ekstenzije, Produžeci, Dodaci? &Proširenja Show config Prikaži konfiguraciju Show extensions Ekstenzije? Pokaži proširenja Show public key Prikaži javni ključ This key is not in the database. Ovaj ključ nije u bazi podataka. Not available Nije dostupno Revoked at %1 Opozvan od %1 Details of the certificate Detalji potvrde Signer unknown Potpisnik (izdavač) nepoznat Self signed Samopotpisan Not trusted kome se ne vjeruje Nepouzdan Trusted Pouzdan Revoked: Opozvan: Not valid Nevažeći Valid Važeći Details of the certificate signing request Detalji zahtjeva za izdavanje potvrde CertExtend Certificate renewal Obnova potvrde This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. trajanja, važenja Ovo će izraditi novu potvrdu kao kopiju postojeće s novim serijskim brojem i podešenim vrijednostima valjanosti potvrde. Validity Ispravnost, važenje, Valjanost Not before Ne prije Od Not after Ne nakon Do Time range Vremensko razdoblje Days Dana Months Mjeseci Years Godina Apply Primijeni Revoke old certificate Opozovi staru potvrdu Replace old certificate Keep serial number Sačuvaj serijski broj Midnight Ponoć Local time Dug naziv, ne stane Lok. vrijeme No well-defined expiration Neodređeno trajanje Nejasno definirano trajanje The certificate will be earlier valid than the signer. This is probably not what you want. Početak valjanosti potvrde je prije početka valjanosti potvrde potpisnika (ovjeritelja). To vjerojatno nije ono što ste htjeli. Edit times Uredi vremena Edit dates Uredi datume Abort rollout Izdavanju??? teško je reči O uvođenju Continue rollout Nastavi uvođenje Adjust date and continue Podesi datum i nastavi The certificate will be longer valid than the signer. This is probably not what you want. Kraj valjanosti potvrde je nakon isteka valjanosti potvrde potpisnika (ovjeritelja). To vjerojatno nije ono što ste htjeli. CertTreeView Import PKCS#12 Uvezi PKCS#12 Import from PKCS#7 Uvezi PKCS#7 Request Zahtjev Security token Pametni token Other token Drugi token Similar Certificate Slična Potvrda Delete from Security token Obriši s pametnog tokena CA CA Properties Osobine Generate CRL Izradi CRL Manage revocations Upravljaj opozivima Plain View Običan pregled Tree View Stablast pregled days dana No template Nema predloška CA Properties Osobine CA Certificate export Izvoz potvrde X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) X509 potvrde ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) Trust Povjerenje Renewal Obnovi Revoke Opozovi Unrevoke Nemoj opozvati CertView There was no key found for the Certificate: Nije pronađen ključ za Potvrdu: Import Certificate signing request Uvezi zahtjev za izdavanje Potvrde (CSR) ClickLabel Double click for details Dvaput kliknite za detalje CrlDetail Details of the Revocation list Detalji popisa opozvanih potvrda &Status &Stanje Version Inačica Signature Potpis Signed by Potpisao Name Ime The internal name of the CRL in the database Interno ime popisa povučenih potvrda (u bazi podataka) issuing dates datumi izdavanja Next update Sljedeća obnova Last update Posljednja obnova Comment Napomena Next Update Sljedeća obnova Last Update Posljednja obnova &Issuer &Izdavač &Extensions &Proširenja &Revocation list &Popis opoziva 0 0 Serial Serijski broj Revocation Opoziv Reason Razlog Invalidation Poništenje Failed Neuspješno Unknown signer Nepoznat potpisnik (izdavač) Verification not possible Nije moguće obaviti provjeru Unknown certificate Nepoznata potvrda CrlTreeView There are no CA certificates for CRL generation Nema CA potvrda za izradu liste opozvanih potvrda Select CA certificate Odaberi CA potvrdu Revocation list export Izvoz popisa opozvanih potvrda CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) ExportCert X509 Certificates ( *.cer *.crt *.p12 *.p7b);;All files ( * ) X509 Potvrda ( *.cer *.crt *.p12 *.p7b);;Sve datoteke ( * ) DER is a binary format of the Certificate PEM is a base64 encoded Certificate PKCS#7 is an official Certificate exchange format PKCS#12 is an encrypted official Key-Certificate exchange format DER je binarni format Potvrde PEM je base64 kodirana Potvrde PKCS#7 is službeni format za razmjenu Potvrda PKCS#12 je kriptirani format za razmjenu Ključa i Potvrde Please enter the filename for the certificate. Unesite ime datoteke za potvrdu. Certificate export Izvoz potvrde ExportDer All files ( * ) Sve datoteke ( * ) DER is a binary format PEM is a base64 encoded DER file DER je binarni format PEM je base64 kodirana DER datoteka ExportDialog Name Ime The internal name of the CRL in the database Interno ime popisa povučenih potvrda (u bazi podataka) ... ... Filename Datoteka Export comment into PEM file Izvezi komentar u PEM datoteku Please enter the filename Unesite ime datoteke Export Format Format izvoza All files ( * ) Sve datoteke ( * ) PEM Text format with headers PEM Tekst format sa zaglavljima Concatenated list of all selected items in one PEM text file Lista svih odabranih stavki spojena u jednu PEM datoteku Concatenated text format of the complete certificate chain in one PEM file Cjelokupni lanac potvrda spojen u jednu tekstualnu PEM datoteku Tekstualni format s cjelokupnim lancem potvrda spojenim u jednu PEM datoteku Concatenated text format of all trusted certificates in one PEM file Tekstualni format sa svim pouzdanim potvrdama u jednoj PEM datoteci Concatenated text format of all certificates in one PEM file Sve potvrde spojene u jednu tekstualnu PEM datoteku Tekstualni format sa svim potvrdama spojenim u jednu PEM datoteku Binary DER encoded file Binarna datoteka kodirana u DER formatu PKCS#7 encoded single certificate Pojedinačni certifikat kodiran u PKCS#7 formatu PKCS#7 encoded complete certificate chain Cjelokupni lanac potvrda kodiran u PKCS#7 formatu All trusted certificates encoded in one PKCS#7 file Sve pouzdane potvrde kodirane u jednoj PKCS#7 datoteci Concatenated text format of all unrevoked certificates in one PEM file Tekstualni format sa svim neopozvanim potvrdama spojenim u jednu PEM datoteku Tekstualni format sa svim neopozvanim potvrdama u jednoj PEM datoteku All unrevoked certificates encoded in one PKCS#7 file Sve neopozvane potvrde kodirane u jednoj PKCS#7 datoteci All selected certificates encoded in one PKCS#7 file Sve odabrane potvrde kodirane u jednoj PKCS#7 datoteci All certificates encoded in one PKCS#7 file Sve potvrde kodirane u jednoj PKCS#7 datoteci The certificate and the private key as encrypted PKCS#12 file Potvrda i privatni ključ u kriptiranoj PKCS#12 datoteci The complete certificate chain and the private key as encrypted PKCS#12 file Cjelokupni lanac potvrda i privatni ključ u kriptiranoj PKCS#12 datoteci Concatenation of the certificate and the unencrypted private key in one PEM file Spajanje potvrde i nekriptiranog privatnog ključa u jednu PEM datoteku Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Spajanje potvrde i kriptiranog privatnog ključa u PKCS#8 formatu u jednu datoteku Text format of the public key in one PEM file Tekstualni format javnog ključa u jednoj PEM datoteci Binary DER format of the public key Binarni DER format javnog ključa Unencrypted private key in text format Nekriptirani privatni ključ u tekstualnom formatu OpenSSL specific encrypted private key in text format Privatni ključ kriptiran na OpenSSL način u tekstualnom formatu Unencrypted private key in binary DER format Nekriptirani privatni ključ u binarnom DER formatu Unencrypted private key in PKCS#8 text format Nekriptirani privatni ključ u PKCS#8 tekst formatu Encrypted private key in PKCS#8 text format Kriptirani privatni ključ u PKCS#8 tekst formatu The public key encoded in SSH2 format Javni ključ kodiran u SSH2 formatu OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool Certificate Index datoteka na OpenSSL način, izrađena pomoću naredbe 'ca' kako zahtjeva OCSP alat vCalendar expiry reminder for the selected items vCalendar podsjetnik o prestanku važenja odabranih stavki vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL vCalendar podsjetnik o prestanku važenja sadrži sve izdane, važeće potvrde, sam CA certifikat i zadnji CRL Private key in Microsoft PVK format not encrypted Privatni ključ u Microsoft PVK formatu nije kriptiran Encrypted private key in Microsoft PVK format Kriptirani privatni ključ u Microsoft PVK formatu Certificate Index file Kazalo datoteka Potvrda The file: '%1' already exists! Datoteka: '%1' već postoji! Overwrite Prepiši Do not overwrite Nemoj prepisati ExportKey When exporting the private key it should be encrypted. Kod izvoza privatni ključ bi trebao biti kriptiran. When exporting the private part, it should be encrypted. Kod izvoza privatni dio bi trebao biti kriptiran. E&xport the private part of the Key too I&zvezi i privatni dio Ključa Export as PKCS#8 Izvezi kao PKCS#8 &Encrypt the Key with a password &Kriptiraj Ključ sa zaporkom Private keys ( *.pem *.der *.pk8 );;All files ( * ) Privatni ključevi ( *.pem *.der *.pk8 );;Sve datoteke ( * ) DER is a binary format of the key without encryption PEM is a base64 encoded key with optional encryption PKCS#8 is an encrypted official Key-exchange format DER je binarni format ključa bez kripcije PEM je base64 kodirani ključ s opcionalnom kripcijom PKCS#8 je službeni format za razmjenu ključeva Please enter the filename for the key. Unesite ime datoteke za ključ. Export public %1 key Izvezi javni %1 ključ Export %1 key Izvezi %1 ključ Form last update posljednja obnova next update sljedeća obnova Days Dana Months Mjeseci Years Godina Apply Midnight Ponoć Local time No well-defined expiration Help << << >> >> &Done Završeno, Obavljeno &Gotovo ImportMulti Import PKI Items Uvezi PKI stavke Import &All Uvezi &Sve &Import &Uvezi &Done &Gotovo &Remove from list &Obriši s popisa Details Detalji Delete from token Obriši s tokena Rename on token Preimenuj na tokenu Name: %1 Model: %2 Serial: %3 ime, naziv? Ime: %1 Model: %2 Serijski broj: %3 Manage security token Upravljaj pametnim tokenom The type of the Item '%1' is not recognized Vrsta stavke '%1' je nepoznata Details of the item '%1' cannot be shown Detalji stavke '%1' ne mogu se prikazati The type of the item '%1' is not recognized Vrsta stavke '%1' je nepoznata The file '%1' did not contain PKI data Datoteka '%1' ne sadrži PKI podatke The %1 files: '%2' did not contain PKI data Datoteke %1: '%2'ne sadrže PKI podatke ItemProperties Form Obrazac Name Ime Source Izvor Insertion date Datum unošenja Comment Napomena KeyDetail Name Ime The internal name of the key used by xca Interno ime ključa korišteno od strane xca Security token Pametni token Manufacturer Proizvođač Serial Serijski broj Key Ključ Public Exponent Javni Eksponent Keysize Dužina ključa Private Exponent Privatni Exponent Security Token Pametni token Label Oznaka PKCS#11 ID PKCS#11 ID Token information Podaci o tokenu Model Model Fingerprint Sažetak Comment Napomena Modulus Modul Details of the %1 key Detalji %1 ključa Not available Nije dostupno Token Token Security token ID:%1 Oznaka pametnog tokena:%1 Available Dostupno Sub prime Ostaviti u orginalu? Prosti broj - 1 Public key Javni ključ Private key Privatni ključ Curve name Ime krivulje Unknown key Nepoznati ključ KeyTreeView Clipboard format Change password Promjena zaporke Reset password Postavi početnu zaporku Change PIN Promijeni PIN Init PIN with SO PIN (PUK) Pripremi PIN pomoću SO PIN (PUK) Change SO PIN (PUK) Promijeni SO PIN (PUK) Security token Pametni token This is not a token Ovo nije token Export public key [%1] Izvezi javni ključ [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Privatni ključevi ( *.pem *.der *.pk8 );; SSH javni ključevi ( *.pub ) Tried to change PIN of a key Pokušaj promjene PIN ključa Tried to init PIN of a key Pokušaj inicijalizacije PIN ključa Tried to change SO PIN of a key Pokušaj inicijalizacije SO PIN ključa Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable Da li originalni ključ '%1' treba biti zamijenjen ključem iz tokena? To će obrisati ključ '%1' i onemogućiti njegov izvoz MainWindow Private Keys Privatni Ključevi &New Key &Novi Ključ &Export &Izvezi &Import &Uvezi Import PFX (PKCS#12) Uvezi PFX (PKCS#12) &Show Details &Prikaži Detalje &Delete &Obriši Certificate signing requests Zahtjev za izdavanje potvrde (CSR) &New Request &Novi Zahtjev Certificates Potvrde &New Certificate &Nova Potvrda Import &PKCS#12 Uvezi &PKCS#12 Import P&KCS#7 Uvezi &PKCS#7 Plain View Običan pregled Templates Predlošci &New Template &Novi predložak &New CRL &Novi CRL &New template &Novi predložak Ch&ange Template Pr&omijeni predložak Revocation lists Popis opozvanih potvrda Using or exporting private keys will not be possible without providing the correct password Korištenje ili izvoz privatnih ključeva neće biti moguće bez davanja ispravne zaporke Database Baza podataka The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. Trenutno korišteni osnovni sažetak '%1' je nesiguran. Iz sigurnosnih razloga odaberite barem 'SHA 224'. Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Detektiran stari format baze podataka. Izrađujem rezervnu kopiju s imenom: '%1' i pretvaram bazu podataka u novi format Failed to rename the database file, because the target already exists Nije moguće preimenovati datoteku baze podataka, ciljano ime već postoji No deleted items found Nisu pronađene obrisane stavke Errors detected and repaired while deleting outdated items from the database. A backup file was created Tijekom brisanja zastarjelih stavaka iz baze podataka otkrivene su i popravljene greške. Kreirana je rezervna kopija Removing deleted or outdated items from the database failed. Nije uspjelo uklanjanje obrisanih ili zastarjelih stavki iz baze podataka. Recent DataBases Nedavno korištena baza System Sustav Croatian Hrvatski English Engleski French Francuski German Njemački Japanese Japanski Russian Ruski Spanish Španjolski Persian Bulgarian Polish Poljski Italian Talijanski Chinese Kineski Dutch Nizozemski Portuguese in Brazil Brazilski portugalski Indonesian Turkish Turski Language Jezik &File &Datoteka &New DataBase &Nova baza podataka &Open DataBase &Otvori bazu podataka Open Remote DataBase Otvori udaljenu bazu podataka Paste PEM file Ubaci, zalijepi Zalijepi PEM datoteku Token Token &Export Certificate Index &Izvezi kazalo Potvrda &Export Certificate Index hierarchy &Izvezi hijerarhiju kazala Potvrda Generate DH parameter Generiraj DH parametar Database dump ( *.dump );; All files ( * ) Istovar baze podataka ( *dump );; Sve datoteke ( * ) Set as default DataBase Postavi kao osnovnu bazu podataka &Close DataBase &Zatvori bazu podataka &Dump DataBase I&stovari bazu podataka C&hange DataBase password P&romijeni zaporku baze podataka &Import old db_dump &Uvezi stari istovar baze podataka &Undelete items &Vrati obrisane stavke Options Opcije Slovak Slovački New DataBase Nova baza podataka Open DataBase Otvori bazu podataka Close DataBase Zatvori bazu podataka Exit Izlaz I&mport U&vezi Keys Ključevi Requests Zahtjevi PKCS#12 PKCS#12 PKCS#7 PKCS#7 Template Predložak Revocation list Popis opozvanih potvrda PEM file PEM datoteka Content Sadržaj paste PEM file zalijepi PEM datoteku &Token &Token &Manage Security token &Upravljaj pametnim tokenom &Init Security token &Inicijaliziraj pametni token &Change PIN &Promijeni PIN Change &SO PIN Promijeni &SO PIN Init PIN Inicijaliziraj PIN Extra Dodatno Export Certificate &Index hierarchy &Izvezi hijerarhiju kazala Potvrda OID Resolver Prevoditelj OID &Help &Pomoć &Content &Sadržaj About O programu &About &O programu Donations Donacije Database dump ( *.dump );;All files ( * ) Istovari baze podataka ( *.dump );;Sve datoteke ( * ) Import password Zaporka za uvoz Please enter the password of the old database Unesite zaporku stare baze podataka Password verification error. Ignore keys ? Greška provjere zaporke. Ignorirati ključeve? Import anyway Ipak uvezi no such option: %1 nema te opcije: %1 Import PEM data Uvezi PEM podatke Please enter the original SO PIN (PUK) of the token '%1' Unesi originalni SO PIN (PUK) pametnog tokena '%1' Please enter the new SO PIN (PUK) of the token '%1' Unesite novi SO PIN (PUK) pametnog tokena '%1' Search Traži Please enter the new SO PIN (PUK) for the token '%1' Unesite novi SO PIN (PUK) za pametni token '%1' The new label of the token '%1' Nova oznaka pametnog tokena '%1' The token '%1' did not contain any keys or certificates Token '%1' ne sadrži ni jedan ključ ili potvrdu Current Password Trenutna zaporka Please enter the current database password Unesite trenutnu zaporku baze podataka The entered password is wrong Unesena zaporka je neispravna New Password Nova Zaporka Please enter the new password to encrypt your private keys in the database-file Unesite novu zaporku za kripciju privatnih ključeva u bazi podataka Transaction start failed Neuspješan početak transakcije Database: %1 Please enter a password, that will be used to encrypt your private keys in the database: %1 Unesite zaporku za kripciju privatnih ključeva u bazi podataka: %1 Please enter a password, that will be used to encrypt your private keys in the database file: %1 Unesite novu zaporku, koja će se koristiti za kripciju Vaših privatnih ključeva u datoteci baze podataka: %1 Password verify error, please try again Greška provjere zaporke, pokušajte ponovo Password Zaporka Please enter the password for unlocking the database: %1 Unesite zaporku za otključavanje baze podataka: %1 The following error occurred: Dogodila se sljedeća greška: Copy to Clipboard Kopiraj u Clipboard Certificate Index ( index.txt ) Kazalo Potvrda ( index.txt ) All files ( * ) Sve datoteke ( * ) Diffie-Hellman parameters saved as: %1 Diffie-Hellman parametar spremljen kao: %1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits Diffie-Hellman parametri su potrebni za različite aplikacije, no XCA ih nije obradila. Unesite bitove za DH parametre Error opening file: '%1': %2 Greška u otvaranju datoteke: '%1': %2 NewCrl Create CRL Izradi CRL Dates Datumi last update posljednja obnova next update sljedeća obnova Days Dani? Dana Months Mjeseci Years Godina Midnight Ponoć Local time Lokal. vrijeme Apply Primjeni CRL number Broj CRL Hash algorithm Algoritam sažetka Hashing algorithm Algoritam sažetka Extensions Proširenja Authority key identifier Oznaka ključa Autoriteta Subject alternative name Alternativno ime subjekta Form Obrazac Last update Posljednja obnova Next update Sljedeća obnova Options Opcije CRL Number Broj CRL Revocation reasons Razlog za opoziv NewKey New key Novi ključ Please give a name to the new key and select the desired keysize Unesite ime novog ključa i odaberite njegovu dužinu Key properties Osobine ključa Name Ime The internal name of the new key Interno ime novog ključa Curve name Ime krivulje Usually at least 2048 bit keys are recommended Obično se savjetuje koristiti ključeve dužine najmanje 2048 bitova New Key Novi ključ Curve Krivulja Keysize Dužina ključa Usually 1024 or 2048 bit keys are used Uobičajene dužine ključa su 1024 i 2048 bita Keytype Vrsta ključa Remember as default Zapamti kao osnovnu vrijednost Create Izradi NewX509 Create Izradi Source Izvor, mislim da je Zahtjev više u duhu jezika Zahtjev Signing request Zahtjev za izdavanje Show request Pokaži Prikaži zahtjev Sign this Certificate signing &request ovaj - da li treba? Potpiši ovaj &zahtjev za izdavanje potvrde Copy extensions from the request Kopiraj proširenja iz zahtjeva Modify subject of the request Promijeni Subjekt iz zahtjeva Signing Potpisivanje Create a &self signed certificate with the serial Stvori ili napravi ili izradi? Izradi &samopotpisanu potvrdu s ovim serijskim brojem If you leave this blank the serial 00 will be used Ako ovo ne ispunite koristiti će se serijski broj 00 1 1 Use &this Certificate for signing Koristi &ovu Potvrdu za potpisivanje All certificates in your database that can create valid signatures Sve potvrde u vašoj bazi podataka koje mogu izraditi valjani potpis Signature algorithm Algoritam potpisivanja Template for the new certificate Predložak za novu potvrdu All available templates Svi raspoloživi predlošci Apply extensions Primijeni proširenja Apply subject Primijeni subjekt Apply all Primijeni sve Subject Subjekt Distinguished name Jedinstveno ime (DN) Organisation Organizacija This name is only used internally and does not appear in the resulting certificate Ovo ime se samo interno koristi i neće se pojaviti u izrađenoj potvrdi Must be exactly 2 letter of size (DE, UK) Mora biti točno 2 velika slova (HR, UK) Country code Kod države State or Province U smislu savezna država Država ili Pokrajina Locality Mjesto Organisational unit Organizacijska jedinica E-Mail address E-mail adresa Internal name Interno ime Common name Uobičajeno ime Add Dodaj Delete Obriši Private key Privatni ključ This list only contains unused keys Ovaj popis sadrži samo neiskorištene ključeve Used keys too Korišteni ključevi također &Generate a new key &Generiraj novi ključ Extensions Proširenja Basic constraints Osnovna ograničenja Create a &self signed certificate Izradi &samopotpisanu potvrdu Internal Name Interno ime Type Vrsta If this will become a CA certificate or not Da li će ovo postati CA potvrda ili ne Not defined Nije definirano Certification Authority Tijelo ovjeravanja (CA) End Entity Krajnji subjekt Path length Dužina puta How much CAs may be below this. Koliko CA može biti ispod ove CA. The basic constraints should always be critical Osnovna ograničenja bi uvijek trebala biti kritična osobina potvrde Key identifier Oznaka ključa Creates a hash of the key following the PKIX guidelines Izradi sažetak ključa sljedeći PKIX preporuke Copy the Subject Key Identifier from the issuer Kopiraj Oznaku ključa Subjekta iz izdavača Validity Nepobitnost, pravomoćnost, valjanost Valjanost Not before Od Not after Do Time range Vremensko razdoblje Days Dana Months Mjeseci Years Godina Apply Primjeni Set the time to 00:00:00 and 23:59:59 respectively Postavi vrijeme na 00:00:00 odnosno 23:59:59 Midnight Ponoć Local time Lokalno vrijeme No well-defined expiration Nejasno definiran istek roka subject alternative name Alternativno ime subjekta DNS: IP: URI: email: RID: DNS: IP: URI: email: RID: Edit Uredi issuer alternative name alternativno ime izdavača CRL distribution point Točka objave popisa opozvanih potvrda URI: URI: Authority Info Access Dohvat informacija Autoriteta (AIA) can be altered by the file "aia.txt" može biti promijenjeno pomoću datoteke "aia.txt" Key usage Namjena ključa Extended key usage Proširena upotreba ključa Netscape Netscape CA Revocation URL URL opoziva CA Revocation URL URL opoziva SSL server name SSL ime poslužitelja Certificate renewal URL URL za obnovu potvrde Comment Napomena CA policy URL URL politike CA Base URL Osnovni URL If you know a more pretty one tell me !!! Ovo vrijedi i za hrvatski prijevod Ako znate bolje, javite mi Advanced Napredno Validate Potvrditi Create a &self signed certificate with a MD5-hashed QA serial Izradi &samopotpisanu potvrdu s MD5 sažetkom CA serijskog broja Create Certificate signing request Izradi zahtjev za izdavanje potvrde (CSR) minimum size: %1 najmanja veličina: %1 maximum size: %1 najveća veličina: %1 only a-z A-Z 0-9 '()+,-./:=? samo a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters samo 7 bitni znaci XCA template XCA predložak Create x509 Certificate Izradi x509 Potvrdu From PKCS#10 request Iz PKCS#10 zahtjeva Other Tabs Druge Kartice Critical Ključan Create XCA template Izradi XCA predložak Edit XCA template Uredi XCA predložak Template '%1' applied Primijenjen obrazac '%1' Subject applied from template '%1' Subjekt primijenjen iz predloška '%1' Extensions applied from template '%1' Proširenja primijenjena iz predloška '%1' New key '%1' created Izrađen je novi ključ '%1' Advanced Tab Kartica Napredno Errors Greške Abort rollout O uvođenju The following length restrictions of RFC3280 are violated: Sljedeća ograničenja dužine iz RFC3280 su prekršena: Edit subject Uredi subjekt Continue rollout Nastavi uvođenje The verification of the Certificate request failed. The rollout should be aborted. Provjera zahtjeva za izdavanje Potvrde nije uspješna. Uvođenje će biti prekinuto. Continue anyway Nastavi bez obzira na sve The internal name and the common name are empty. Please set at least the internal name. Interno ime i uobičajeno ime (CN) nisu popunjeni. Popunite barem interno ime. Edit name Uredi ime There is no Key selected for signing. Nije odabran Ključ za potpisivanje. Select key Odaberi ključ The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. Sljedeća polja jedinstvenog imena su nepopunjena: %1 premda ste ih označili kao obavezno prisutnima u meniju s opcijama. The key you selected for signing is not a private one. Ključ kojeg ste odabrali za potpisivanje nije privatni ključ. Select other signer Odaberite drugog potpisnika Select other key Odaberite drugi ključ The currently selected hash algorithm '%1' is insecure and should not be used. Trenutno odabrani algoritam sažetka '%1' je nesiguran i ne bi ga trebalo koristiti. Select other algorithm Odaberite drugi algoritam Use algorithm anyway Koristi ipak taj algoritam The certificate will be earlier valid than the signer. This is probably not what you want. Početak valjanosti potvrde je prije početka valjanosti potvrde potpisnika (ovjeritelja). To vjerojatno nije ono što ste htjeli. Edit dates Uredi datume Adjust date and continue Podesi datum i nastavi The certificate will be longer valid than the signer. This is probably not what you want. Kraj valjanosti potvrde je nakon isteka valjanosti potvrde potpisnika (ovjeritelja). To vjerojatno nije ono što ste htjeli. The certificate will be out of date before it becomes valid. You most probably mixed up both dates. Potvrda će prestati važiti prije nego što je izdana. Vjerojatno ste zamijenili datume. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. Potvrda sadrži neispravna ili duplicirana proširenja. Provjerite valjanost na Kartici Napredno. The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. Potvrda ne sadrži proširenja. Možete primijeniti proširenja na neki od predložaka kako bi definirali svrhu potvrde. The certificate contains invalid extensions. Edit extensions Uredi proširenja The subject alternative name shall contain a copy of the common name. However, the common name is empty. Alternativno ime subjekta treba sadržavati kopiju uobičajenog imena. Međutim, uobičajeno ime nije definirano. Configfile error on line %1 Greška u konfiguracijskoj datoteci u liniji %1 OidResolver OID Resolver Prevoditelj OID Enter the OID, the Nid, or one of the textual representations Unesite OID, Nid ili neki oblik imena Search Traži OID OID Long name Puno ime OpenSSL internal ID Interni OpenSSL ID Nid Nid Short name Skraćeno ime OpenDb Dialog Dijalog Open remote database Otvori udaljenu bazu Database type Vrsta baze podataka Hostname Ime stroja Username Korisničko ime Password Zaporka Database name Ime baze podataka Table prefix Predmetak tablice No SqLite3 driver available. Please install the qt-sqlite package of your distribution Nedostaje upravljački program za SqLite3. Iz vaše distribucije instalirajte paket qt-sqlite Please enter the password to access the database server %2 as user '%1'. Unesite zaporku za pristup poslužitelju baze podatka %2 kao korisnik '%1'. The database driver does not support transactions. This may happen if the client and server have different versions. Continue with care. Upravljački program baze podataka ne podržava transakciju. Mogući uzrok je različita verzija na klijentu i poslužitelju. Nastavite oprezno. Options XCA Options XCA Opcije Mandatory subject entries Obavezne stavke subjekta Add Dodaj Delete Obriši Default hash algorithm Osnovni algoritam sažetka Settings Postavke String types Vrste nizova Suppress success messages Izostavi poruke o uspješnoj akciji Don't colorize expired certificates Nemoj obojiti istekle potvrde Translate established x509 terms (%1 -> %2) Prevedi uobičajene x509 pojmove (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. XCA ne koristi funkcionalnost sažetka tokena. XCA će možda prihvatiti ograničeni skup sažetka koje pruža token. Posebno EC i DSA su samo definirani sa SHA1 u PKCS#11 specifikaciji. Only use hashes supported by the token when signing with a token key Kod potpisivanja ključem iz tokena koristi samo sažetke koje podržava token Disable legacy Netscape extensions Deaktiviraj/isključi zastarjela Netscape proširenja Onemogući nasljeđena Netscape proširenja PKCS12 encryption algorithm Certificate expiry warning threshold Prag upozorenja o isteku potvrde Send vCalendar expiry reminder Pošalji vCalendar podsjetnik o isteku Serial number length Dužina serijskog broja bit bita Distinguished name Jedinstveno ime Explicit subject entries Izričite stavke subjekta Dynamically arrange explicit subject entries Dinamički posloži izričite stavke subjekta Default Osnovno Osnovni PKCS#11 provider PKCS#11 poslužitelj Remove Izbaci Search Traži Printable string or UTF8 (default) !!! Ispisljivi koja je alternativa za Čitljivi Čitljivi niz ili UTF8 (osnovni odabir) PKIX recommendation in RFC2459 PKIX preporuke iz RFC2459 No BMP strings, only printable and T61 Ne BMP nizovi, samo čitljivi i T61 UTF8 strings only (RFC2459) Samo UTF8 nizovi (RFC2459) All strings Svi nizovi Days Dana Weeks Tjedana Load failed Učitavanje nije uspjelo PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) Zaporka se rastavlja i tumači kao 2 znamenkasti heksadecimalni kod. Mora imati paran broj znamenki (0-9 and a-f) Take as HEX string Uzmi heksadekadni niz Password Zaporka Repeat %1 Ponovi %1 %1 mismatch %1 je neodgovarajući Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters Heksadecimalna zaporka smije sadržavati samo znakove '0' - '9' i 'a' - 'f' i mora se sastojati od parnog broja znakova Exit Izlaz E&xit I&zlaz QMessageBox Ok U redu Close Zatvori Cancel Odustani Apply Primijeni Yes Da No Ne QObject Undefined Nedefinirano Broken / Invalid Poništen / Neispravan in %1 seconds za %1 sekundi %1 seconds ago prije %1 sekundi in %1 minutes za %1 minuta %1 minutes ago prije %1 minuta Yesterday Jučer Tomorrow Sutra in %1 hours za %1 sati %1 hours ago prije %1 sati DB: Rename: '%1' already in use DB: Preimenuj: '%1' je već u upotrebi DB: Entry to rename not found: %1 DB: Stavka za preimenovati nije pronađena: %1 DB: Write error %1 - %2 DB: Greška u pisanju %1 - %2 Out of data Nema podatka Error finding endmarker of string Greška u traženju oznake kraja niza Out of Memory at %1:%2 Ponestalo slobodne memorije u %1:%2 All files ( * ) Sve datoteke ( * ) PKI Keys ( *.pem *.der *.key );;PKCS#8 Keys ( *.p8 *.pk8 );; PKI ključevi ( *.pem *.der *.key );;PKCS#8 ključevi ( *.p8 *.pk8 );; PKI Keys ( *.pem *.der *.key );;PKCS#8 Keys ( *.p8 *.pk8 );;SSH Public Keys ( *.pub );; PKI ključevi ( *.pem *.der *.key );;PKCS#8 ključevi ( *.p8 *.pk8 );;SSH javni ključevi ( *.pub );; Import RSA key Uvezi RSA ključ PKCS#10 CSR ( *.pem *.der *.csr );;Netscape Request ( *.spkac *.spc );; PKCS#10 CSR ( *.pem *.der *.csr );;Netscape zahtjev ( *.spkac *.spc );; PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; SSH Public Keys ( *.pub );; PKI ključevi ( *.pem *.der *.key );; PKCS#8 ključevi ( *.p8 *.pk8 );; SSH javni ključevi ( *.pub );; PKCS#10 CSR ( *.pem *.der *.csr );; Netscape Request ( *.spkac *.spc );; PKCS#10 CSR ( *.pem *.der *.csr );; Netscape zahtjev ( *.spkac *.spc );; PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK Keys ( *.pvk );; SSH Public Keys ( *.pub );; PKI ključevi ( *.pem *.der *.key );; PKCS#8 ključevi ( *.p8 *.pk8 );; Microsoft PVK ključevi ( *.pvk );; SSH javni ključevi ( *.pub );; PKCS#10 CSR ( *.pem *.der *.csr );; PKCS#10 CSR ( *.pem *.der *.csr );; Import Request Uvezi zahtjev Certificates ( *.pem *.der *.crt *.cer );; Potvrde ( *.pem *.der *.crt *.cer );; Import X.509 Certificate Uvezi x509 Potvrdu PKCS#7 data ( *.p7s *.p7m *.p7b );; PKCS#7 podaci ( *.p7s *.p7m *.p7b );; Import PKCS#7 Certificates Uvezi PKCS#7 Potvrde PKCS#12 Certificates ( *.p12 *.pfx );; PKCS#12 Potvrde ( *.p12 *.pfx );; Import PKCS#12 Private Certificate Uvezi PKCS#12 Privatne Potvrde XCA templates ( *.xca );; XCA predlošci ( *.xca );; Import XCA Templates Uvezi XCA Predloške Revocation lists ( *.pem *.der *.crl );; Popis opozvanih potvrda ( *.pem *.der *.crl );; Import Certificate Revocation List Uvezi Popis Opozvanih Potvrda XCA Databases ( *.xdb );; XCA Baze podataka ( *.xdb );; Open XCA Database Otvori XCA Bazu podataka PKCS#11 library ( *.dll );; PKCS#11 knjižnica ( *.dll );; PKCS#11 library ( *.dylib *.so );; PKCS#11 knjižnica ( *.dylib *.so );; PKCS#11 library ( *.so );; PKCS#11 knjižnica ( *.so );; Open PKCS#11 shared library Otvori PKCS#11 dijeljenu knjižnicu PEM files ( *.pem );; PEM datoteke ( *.pem );; Load PEM encoded file Učitaj PEM kodiranu datoteku Please enter the PIN on the PinPad Unesite PIN u PinPad Please enter the SO PIN (PUK) of the token %1 Unesite SO PIN (PUK) tokena %1 Please enter the PIN of the token %1 Unesite PIN tokena %1 No Security token found Nije pronađen pametni token Select Odaberi Please enter the new SO PIN (PUK) for the token: '%1' Unesite novi SO PIN (PUK) za token: '%1' Please enter the new PIN for the token: '%1' Unesite novi PIN za token: '%1' Required PIN size: %1 - %2 Obavezna dužina PIN: %1 - %2 Failed to open PKCS11 library: %1 Neuspješno otvaranje PKCS11 knjižnice: %1 Invalid filename: %1 ime / naziv Neispravno ime datoteke: %1 Failed to open PKCS11 library: %1: %2 Neuspješno otvaranje PKCS11 knjižnice: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Ovo ne izgleda kao PKCS#11 knjižnica. Simbol 'C_GetFunctionList' nije pronađen. Disabled Onemogućen Library loading failed Neuspješno učitavanje knjižnice PKCS#11 function '%1' failed: %2 PKSC#11 funkcija '%1'prijavila grešku: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 PKCS#11 function '%1' failed: %2 U knjižnici %3 %4 Invalid Neispravno %1 is shorter than %2 bytes: '%3' %1 je kraće od %2 okteta: '%3' %1 is longer than %2 bytes: '%3' %1 je duže od %2 okteta: '%3' Country code Kod države State or Province Država ili Pokrajina Locality Mjesto Organisation Organizacija Organisational unit Organizacijska jedinica Common name Uobičajeno ime E-Mail address E-mail adresa Serial number Serijski broj Given name Ime Surname Prezime Title Titula Initials Inicijali Description Opis Role Funkcija Pseudonym Pseudonim Generation Qualifier Oznaka Generacije x500 Unique Identifier x500 Jedinstveni Identifikator Name Ime DN Qualifier DN Oznaka Unstructured name Nestrukturirano ime Challenge password Zaporka za izazov Basic Constraints Osnovna Ograničenja Subject alternative name Alternativno ime subjekta subject alternative name alternativno ime subjekta issuer alternative name alternativno ime izdavača Subject key identifier Oznaka ključa Subjekta Authority key identifier Oznaka ključa Autoriteta Key usage Namjena ključa Extended key usage Proširena upotreba ključa CRL distribution points Mjesta objave popisa opozvanih potvrda Authority information access Dohvat informacija Autoriteta Certificate type Vrsta Potvrde Base URL Osnovni URL Revocation URL URL opoziva CA Revocation URL URL opoziva CA Certificate renewal URL URL za obnovu potvrde CA policy URL URL politike CA SSL server name SSL ime poslužitelja Comment Napomena String '%1' for '%2' contains invalid characters Niz'%1' za '%2' sadrži nevažeće znakove Error reading config file %1 at line %2 Greška u konfiguracijskoj datoteci %1 u liniji %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. Objekt '%1' iz datoteke %2 linija %3 je već poznat kao '%4:%5:%6' i potrebno ga je ukloniti. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. Identifikator '%1' za OID %2 iz datoteke %3 linija %4 je već iskorišten za drugi OID kao '%5:%6:%7' i potrebno ga je promijeniti da se izbjegne nesporazum. Unknown object '%1' in file %2 line %3 Nepoznati objekt '%1' u datoteci %2 linija %3 Failed to start a database transaction Neuspješno pokretanje transakcije na bazi podataka Index file written to '%1' Datoteka kazala upisana u '%1' Index hierarchy written to '%1' Hijerarhija kazala upisana u '%1/ Ljestvica kazala upisana u '%1' Unknown key type %1 Nepoznata vrsta ključa %1 Password verify error, please try again Greška provjere zaporke, pokušajte ponovo The following error occurred: Dogodila se sljedeća greška: Failed to update the database schema to the current version Password Zaporka ReqTreeView Sign Potpiši Unmark signed Skini oznaku s potpisanih Mark signed Označi potpisane Similar Request Sličan zahtjev Certificate request export Izvoz zahtjeva za izdavanje potvrde Certificate request ( *.pem *.der *.csr ) Zahtjev za izdavanje potvrde ( *.pem *.der *.csr ) RevocationList Manage revocations Upravljaj opozivima Add Dodaj Delete Obriši Edit Uredi No. Br. Serial Serijski broj Revocation Opoziv Reason Razlog Invalidation Poništenje Generate CRL Izradi CRL Revoke Revocation details Detalji opoziva Invalid since Nevažeće od Local time Lokalno vrijeme Certificate revocation Opoziv potvrde Revocation reason Razlog za opoziv Serial Serijski broj SearchPkcs11 Dialog Dijalog Directory Mape ... ... Include subdirectories Uključi podmape Search Traži The following files are possible PKCS#11 libraries Sljedeće datoteke su potencijalno PKCS#11 knjižnice SelectToken Select Token Odaberi token Security token Pametni token Please select the security token Odaberite pametni token TempTreeView Duplicate Dupliciraj Create certificate Izradi potvrdu Create request Izradi zahtjev copy kopiraj Preset Template values Postavljanje vrijednosti Predloška Template export XCA Templates ( *.xca ) TrustState Set trustment of the Certificate Podesi pouzdanost Potvrde Certificate trust Povjerenje u potvrdu Trustment Pouzdanost &Never trust this certificate &Nikad ne vjeruj ovoj potvrdi Only &trust this certificate, if we trust the signer &Vjeruj potvrdi, ali samo ako vjerujemo izdavaču &Always trust this certificate &Uvijek vjeruj ovoj potvrdi Validity yyyy-MM-dd hh:mm yyyy-MM-dd hh:mm X509SuperTreeView OpenSSL config OpenSSL konfiguracija Transform Preobrazi Template Predložak Public key Javni ključ Save as OpenSSL config Spremi kao OpenSSL konfiguraciju Config files ( *.conf *.cnf);; All files ( * ) Konfiguracijske datoteke ( *.conf *.cnf);; Sve datoteke ( * ) Public Key Javni ključ XFile Error opening file: '%1': %2 Greška u otvaranju datoteke: '%1': %2 Error rewinding file: '%1': %2 XcaTreeView Subject entries Stavke subjekta X509v3 Extensions X509v3 Proširenja Netscape extensions Netscape proširenja Key properties Osobine ključa Reset Vrati na početak Remove Column Izbaci Stupac Item properties Osobine stavke Hide Column Sakrij Stupac Details Detalji Columns Stupci New Novo Import Uvezi Paste PEM data Zalijepi PEM podatke Rename Preimenuj Properties Osobine Delete Obriši Export Izvezi Clipboard Međuspremnik File Datoteka database_model Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Detektiran stari format baze podataka. Izrađujem rezervnu kopiju s imenom: '%1' i pretvaram bazu podataka u novi format Failed to rename the database file, because the target already exists Nije moguće preimenovati datoteku baze podataka, ciljano ime već postoji Please enter the password to access the database server %2 as user '%1'. Unesite zaporku za pristup poslužitelju baze podatka %2 kao korisnik '%1'. Unable to create '%1': %2 Nije moguće stvoriti '%1': %2 The file '%1' is not an XCA database Datoteka '%1' nije XCA baza podataka No SqLite3 driver available. Please install the qt-sqlite package of your distribution Nedostaje upravljački program za SqLite3. Iz vaše distribucije instalirajte paket qt-sqlite New Password Nova Zaporka Please enter a password, that will be used to encrypt your private keys in the database: %1 Unesite zaporku za kripciju privatnih ključeva u bazi podataka: %1 Password Zaporka Please enter the password for unlocking the database: %1 Unesite zaporku za otključavanje baze podataka: %1 db_base Internal name Interno ime Bad database item Name: %1 Type: %2 Size: %3 %4 Loša stavka baze podatka Ime: %1 Vrsta: %2 Veličina: %3 %4 Do you want to delete the item from the database? The bad item may be extracted into a separate file. Da li želite izbrisati stavku iz baze podataka? Pogrešne stavke mogu biti izdvojene u zasebnu datoteku. Delete Brisanje Obriši Delete and extract Obriši i izdvoji Continue Nastavi Error opening file: '%1': %2 Greška u otvaranju datoteke: '%1': %2 No. Broj Br. Primary key Osnovni ključ Database unique number Jedinstven broj baze podataka Date Datum Date of creation or insertion Datum stvaranja ili umetanja Source Izvor Generated, Imported, Transformed Izrađen, Uvezen, Preinačen Comment Napomena First line of the comment field Prva linija polja za komentar Import from: %1 Uvoz iz: %1 Could not create directory %1 Ne može se kreirati mapa %1 Item properties Osobine stavke How to export the %1 selected items Kako da izvezemo %1 odabranih stavki All in one PEM file Sve u jednoj PEM datoteci Each item in one file Svaka stavka u zasebnoj datoteci Save %1 items in one file as Spremi %1 stavki u jednoj datoteci kao PEM files ( *.pem );; All files ( * ) PEM datoteke ( *.pem );; Sve datoteke ( * ) PEM Files( *.pem );; All files ( * ) PEM datoteke (*.pem);; Sve datoteke ( * ) Subject entries Stavke subjekta X509v3 Extensions X509v3 Proširenja Netscape extensions Netscape proširenja Reset Vrati na početak Paste PEM data Zalijepi PEM podatke Columns Stupci db_crl Signer Potpisnik Internal name of the signer Interno ime potpisnika No. revoked Broj opozvanih Number of revoked certificates Broj opozvanih potvrda Last update Zadnja obnova Next update Sljedeća obnova CRL number Broj CRL The revocation list already exists in the database as: '%1' and so it was not imported Popis opozvanih potvrda već postoji u bazi podataka kao: '%1' i zbog toga nije uvezen CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) There are no CA certificates for CRL generation Nema CA potvrda za izradu liste opozvanih potvrda Select CA certificate Odaberi CA potvrdu Create CRL Izradi CRL Failed to initiate DB transaction Neuspješno pokretanje promjene baze podataka Database error: %1 Greška u bazi podataka: %1 Database error: Greška u bazi podataka: Revocation list export Izvoz popisa opozvanih potvrda Import Uvezi Rename Preimenuj Export Izvoz Clipboard Clipboard File Datoteka Delete Obriši db_key Type Vrsta Size Dužina EC Group EC Grupa Use Namjena Password Zaporka The key is already in the database as: '%1' and is not going to be imported Ključ već postoji u bazi podataka kao: '%1' i zbog toga nije uvezen The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key Baza podataka već sadrži javni dio uvezenog ključa kao '%1 i biti će nadopunjena s novim, privatnim dijelom ključa Extending public key from %1 by imported key '%2' Proširivanje javnog ključa iz %1 uvezenim ključem '%2' Key size too small ! Prekratki ključ! You are sure to create a key of the size: %1 ? Da li stvarno želite izraditi ključ dužine: %1 ? Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable Da li da originalni ključ '%1' treba biti zamijenjen ključem s tokena? To će obrisati ključ '%1' i zabraniti njegov izvoz New Key Novi ključ Import Uvezi Rename Preimenuj Show Details Prikaži Detalje Delete Obriši Export Izvoz Clipboard Međuspremnik File Datoteka Change password Promjena zaporke Reset password Postavi početnu zaporku Change PIN Promijeni PIN Init PIN with SO PIN (PUK) Pripremi PIN pomoću SO PIN (PUK) Change SO PIN (PUK) Promijeni SO PIN (PUK) Store on Security token Spremi na Pametni token Export public key [%1] Izvezi javni ključ [%1] PEM public PEM javni DER public DER javni SSH2 public SSH2 javni Export keys to Clipboard Izvezi ključeve u Međuspremnik DER private DER privatni PEM encryped PEM kriptirani PKCS#8 PKCS#8 PEM private PEM privatni SSH2 private SSH2 privatni PVK private PVK privatni PVK encrypted PVK kriptirani PKCS#8 encrypted PKCS#8 kriptirani Export private key [%1] Izvezi privatni ključ [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Privatni ključevi ( *.pem *.der *.pk8 );; SSH javni ključevi ( *.pub ) Internal error Interna greška Tried to change password of a token Pokušaj promjene zaporke tokena Tried to change PIN of a key Pokušaj promjene PIN ključa Tried to init PIN of a key Pokušaj inicijalizacije PIN ključa Tried to change SO PIN of a key Pokušaj inicijalizacije SO PIN ključa db_temp Type Vrsta Bad template: %1 Loš predložak: %1 Nothing Ništa Empty template Prazan predložak Preset Template values Postavljanje vrijednosti Predloška XCA templates ( *.xca );; All files ( * ) XCA predlošci ( *.xca );; Sve datoteke ( * ) copy kopiraj Save template as Spremi predložak kao XCA templates ( *.xca);; All files ( * ) XCA predlošci ( *.xca );; Sve datoteke ( * ) New Template Novi Predložak Import Uvezi Rename Preimenuj Export Izvoz Change Promijeni Delete Brisanje Duplicate Podvostruči Create certificate Izradi potvrdu Create request Izradi zahtjev db_x509 CA CA reflects the basic Constraints extension odražava proširenja osnovna Ograničenja Serial Serijski broj md5 fingerprint md5 sažetak sha1 fingerprint sha1 sažetak sha256 fingerprint sha256 sažetak Start date Početni datum not Before Od Expiry date Datum isteka valjanosti not After Do MD5 fingerprint MD5 sažetak SHA1 fingerprint SHA1 sažetak SHA256 fingerprint SHA256 sažetak Not before Od Not after Do Trust state Stupanj pouzdanosti Revocation Opoziv CRL Expiration Rok trajanja CRL Plain View Običan pregled Tree View Stablast pregled Failed to create directory '%1' Neuspješno stvaranje '%1' Failed to retrieve unique random serial Nuspješno pronalaženje jedinstvenog slučajnog broja The certificate already exists in the database as: '%1' and so it was not imported Potvrda već postoji u bazi podataka kao: '%1' i zbog toga nije uvezena Signed on %1 by '%2' Potpisano %1 od '%2' Unknown Nepoznato Invalid public key Neispravan javni ključ PKCS#7 unrevoked PKCS#7 neopozvani vCalendar vCalendar CA vCalendar CA vCalendar X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) X509 potvrde ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) days dana No template Nema predloška Please enter the new hexadecimal secret number for the QA process. !!! Bolji rješenje za QA proces? Unesite novi heksadecimalni tajni broj za QA proces. The QA process has been terminated by the user. QA proces je prekinut od strane korisnika. The key you selected for signing is not a private one. Ključ kojeg ste odabrali za potpisivanje nije privatni ključ. Store the certificate to the key on the token '%1 (#%2)' ? Spremiti potvrdu k ključu na token '%1 (#%2)' ? PKCS#7 chain PKCS#7 lanac PKCS#12 chain PKCS#12 lanac PKCS#7 trusted PKCS#7 pouzdan PKCS#7 all PKCS#7 svi PEM unrevoked PEM nepozovani Certificate Index file Datoteka kazalo Potvrda New Certificate Nova Potvrda Import Uvezi Import PKCS#12 Uvezi PKCS#12 Import from PKCS#7 Uvezi PKCS#7 Rename Preimenuj Show Details Prikaži Detalje PEM chain PEM lanac PKCS #7 chain PKCS #7 lanac PKCS #12 chain PKCS #12 lanac PEM + key PEM + ključ PKCS #7 trusted PKCS #7 pouzdan PKCS #7 all PKCS #7 sve PEM trusted PEM pouzdan PEM all PEM sve Extract public Key Izdvoji javni ključ Export Izvoz Clipboard Clipboard File Datoteka Request Zahtjev Security token Pametni token Other token Drugi token Template Predložak OpenSSL config OpenSSL konfiguracija Transform Preobrazi Public Key Javni ključ Similar Certificate Slična potvrda Delete Brisanje Delete from Security token Obriši s pametnog tokena Trust Povjerenje Properties Osobine Generate CRL Izradi CRL PKCS#7 PKCS#7 Sign Potpiši Encrypt Kriptiraj Renewal Obnovi Unrevoke Nemoj opozvat Revoke Opozovi Certificate export Izvoz potvrde X509 Certificates ( *.pem *.cer *.crt *.p12 *.p7b ) X509 potvrde ( *.pem *.cer *.crt *.p12 *.p7b ) There was no key found for the Certificate: '%1' Nije pronađen ključ za Potvrdu: '%1' Not possible for a token key: '%1' Nije moguće za ključ s tokena: '%1' Error opening file: '%1': %2 Greška u otvaranju datoteke: '%1': %2 Not possible for the token-key Certificate '%1' Nije moguće za potvrdu s ključem na tokenu '%1' There was no key found for the Certificate: Nije pronađen ključ za Potvrdu: days dana db_x509name Subject Subjekt Complete distinguished name Potpuno jedinstveno ime (DN) Subject hash Sažetak subjekta Hash to lookup certs in directories Sažmi za pregledavanje potvrda u katalogu Country code Kod države State or Province Država ili Pokrajina Locality Mjesto Organisation Organizacija Organisational unit Organizacijska jedinica Common name Uobičajeno ime E-Mail address E-mail adresa Serial number Serijski broj Given name Ime Surname Prezime Title Titula Initials Inicijali Description Opis Role Uloga Funkcija Pseudonym Pseudonim Generation Qualifier OID: 2.5.4.44 Oznaka Generacije x500 Unique Identifier x500 Jedinstveni Identifikator Name Ime DN Qualifier DN Oznaka Unstructured name Nestrukturirano ime Challenge password Zaporka za izazov Basic Constraints Osnovna Ograničenja subject alternative name alternativno ime subjekta issuer alternative name alternativno ime izdavača Subject key identifier Oznaka ključa Subjekta Authority key identifier Oznaka ključa Autoriteta Key usage Namjena ključa Extended key usage Proširena upotreba ključa CRL distribution points Točka objave popisa opozvanih potvrda Authority information access Dohvat informacija Autoriteta Certificate type Vrsta Potvrde Base URL Osnovni URL Revocation URL URL opoziva CA Revocation URL URL opoziva CA Certificate renewal URL URL za obnovu potvrde CA policy URL URL politike CA SSL server name SSL ime poslužitelja Comment Napomena db_x509req Signed Potpisan whether the request is already signed or not da li je zahtjev već potpisan ili ne Unstructured name Nestrukturirano ime Challenge password Zaporka za izazov Certificate count Broj potvrda Number of certificates in the database with the same public key Broj potvrda s istim javnim ključem spremljenih u bazi podataka The certificate signing request already exists in the database as '%1' and thus was not stored Zahtjev za izdavanje potvrde već postoji u bazi podataka kao '%1' i zbog toga nije spremljen Certificate request ( *.pem *.der *.crl ) Zahtjev za izdavanje potvrde ( *.pem *.der *.crl ) Certificate request export Izvoz zahtjeva za izdavanje potvrde New Request Novi Zahtjev Import Uvezi Extract public Key Izdvoji javni ključ Rename Preimenuj Show Details Prikaži Detalje Sign Potpiši Export Izvoz Clipboard Clipboard File Datoteka Transform Preobrazi Template Predložak OpenSSL config OpenSSL konfiguracija Certificate request ( *.pem *.der *.csr ) Zahtjev za izdavanje potvrde ( *.pem *.der *.csr ) Public Key Javni ključ Similar Request Sličan zahtjev Delete Brisanje db_x509super Key name Ime ključa Internal name of the key Interno ime ključa Signature Algorithm Algoritam potpisa Signature algorithm Algoritam potpisa Key type Vrsta ključa Key size Dužina ključa EC Group EC Grupa Extracted from %1 '%2' Izdvojeno iz %1 '%2' Certificate Potvrda Certificate request Zahtjev za potvrdu Save as OpenSSL config Spremi kao OpenSSL konfiguraciju Config files ( *.conf *.cnf);; All files ( * ) Konfiguracijske datoteke ( *.conf *.cnf);; Sve datoteke ( * ) The following extensions were not ported into the template Sljedeća proširenja neće biti uključena u predložak Transformed from %1 '%2' Preobraženo iz %1 '%2' kvView Type Vrsta Content Sadržaj pass_info Password Zaporka PIN PIN pkcs11_lib Failed to open PKCS11 library: %1: %2 Neuspješno otvaranje PKCS11 knjižnice: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Ovo ne izgleda kao PKCS#11 knjižnica. Simbol 'C_GetFunctionList' nije pronađen. pki_base Error opening file: '%1': %2 Greška u otvaranju datoteke: '%1': %2 Error writing to file: '%1': %2 Greška u pisanju u datoteku: '%1': %2 Unknown Nepoznato Imported Uvezeno Generated Izrađeno Transformed Preobraženo Token Token Legacy Database Nasljeđena baza podataka Renewed Obnovljeno Property '%1' not listed in 'pki_base::print' Karakteristika '%1' nije navedena u 'pki_base::print' Error: Greška: Internal error: Unexpected message: %1 %2 Interna greška: Neočekivana poruka: %1 %2 pki_crl Successfully imported the revocation list '%1' Uspješno uvezen popis opozvanih potvrda '%1' Delete the revocation list '%1'? Obrisati listu opozvanih potvrda '%1'? Successfully created the revocation list '%1' Uspješno izrađen popis opozvanih potvrda '%1' Delete the %1 revocation lists: %2? Obriši %1 popis opozvanih potvrda '%2'? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. Nije moguće učitati popis opozvanih potvrda %1. Proban je PEM i DER format CRL. No issuer given Nije naveden izdavač Wrong Size %1 Pogrešna Dužina %1 CRL Renewal of CA '%1' due Krajnji rok za obnovu CRL od CA '%1' The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' Zadnji popis opozvanih potvrda izdan od CA '%1' ističe %2. Spremljen je u XCA bazi '%3' The XCA CRL '%1', issued on %3 will expire on %4. It is stored in the XCA database '%5' XCA CRL '%1', izdan %3 ističe %4. Spremljena je u XCA bazi '%5' unknown nepoznato Renew CRL: %1 Obnovi CRL: %1 The XCA CRL '%1', issued by the CA '%2' on %3 will expire on %4. It is stored in the XCA database '%5' XCA CRL '%1', izdan %3 od CA '%2' ističe %4. Spremljen je u XCA bazi '%5' pki_evp Failed to decrypt the key (bad password) Neuspješno dekriptiran ključ (pogrešna zaporka) Please enter the password to decrypt the private key. Unesite zaporku za dekripciju privatnog ključa. The key from file '%1' is incomplete or inconsistent. Ključ iz datoteke '%1' je nepotpun ili proturječan. Please enter the password to decrypt the private key from file: %1 Unesite zaporku za dekripciju privatnog ključa iz datoteke: %1 Unable to load the private key in file %1. Tried PEM and DER private, public and PKCS#8 key types. Nije moguće učitati privatni ključ u datoteci %1. Probani su PEM i DER privatni, javni i PKCS#8 tip ključeva. Failed to decrypt the key (bad password) %1 Neuspješno dekriptiran ključ (pogrešna zaporka) %1 Please enter the password to decrypt the private key %1. Unesite zaporku za dekripciju privatnog ključa: '%1'. Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. Nije moguće učitati privatni ključ u datoteci %1. Probani su PEM i DER privatni, javni, PKCS#8 tip ključeva i SSH2 format. Ignoring unsupported private key Ignoriram nepodržani privatni ključ Please enter the password to decrypt the private key: '%1' Unesite zaporku za dekripciju privatnog ključa: '%1' Password input aborted Prekinut unos zaporke Please enter the database password for decrypting the key '%1' Unesite zaporku baze podataka za dekripciju ključa '%1' Please enter the password to protect the private key: '%1' Unesite zaporku za zaštitu privatnog ključa: '%1' Please enter the database password for encrypting the key Unesite zaporku baze podataka za kripciju ključa Please enter the password protecting the PKCS#8 key '%1' Unesite zaporku za zaštitu PKCS#8 ključa '%1' Please enter the password protecting the Microsoft PVK key '%1' Unesite zaporku za zaštitu Microsoft PVK ključa '%1' Please enter the export password for the private key '%1' Unesite zaporku za izvoz privatnog ključa '%1' pki_export PEM Text format with headers PEM Tekst format sa zaglavljima Concatenated list of all selected items in one PEM text file Lista svih odabranih stavki spojena u jednu PEM datoteku PEM chain PEM lanac Concatenated text format of the complete certificate chain in one PEM file Tekstualni format s cjelokupnim lancem potvrda spojenim u jednu PEM datoteku PEM + key PEM + ključ Concatenation of the certificate and the unencrypted private key in one PEM file Spajanje potvrde i nekriptiranog privatnog ključa u jednu PEM datoteku Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Spajanje potvrde i kriptiranog privatnog ključa u PKCS#8 formatu u jednu datoteku PKCS#7 encoded single certificate Pojedinačni certifikat kodiran u PKCS#7 formatu All selected certificates encoded in one PKCS#7 file Sve odabrane potvrde kodirane u jednoj PKCS#7 datoteci PKCS #7 chain PKCS #7 lanac PKCS#7 encoded complete certificate chain Cjelokupni lanac potvrda kodiran u PKCS#7 formatu Binary DER encoded certificate PKCS #12 chain PKCS #12 lanac The complete certificate chain and the private key as encrypted PKCS#12 file Cjelokupni lanac potvrda i privatni ključ u kriptiranoj PKCS#12 datoteci PKCS #12 The certificate and the private key as encrypted PKCS#12 file Potvrda i privatni ključ u kriptiranoj PKCS#12 datoteci Certificate Index file OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool Certificate Index datoteka na OpenSSL način, izrađena pomoću naredbe 'ca' kako zahtjeva OCSP alat vCalendar vCalendar vCalendar expiry reminder for the selected items vCalendar podsjetnik o prestanku važenja odabranih stavki CA vCalendar CA vCalendar vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL vCalendar podsjetnik o prestanku važenja sadrži sve izdane, važeće potvrde, sam CA certifikat i zadnji CRL PEM public PEM javni Text format of the public key in one PEM file Tekstualni format javnog ključa u jednoj PEM datoteci PEM private PEM privatni Unencrypted private key in text format Nekriptirani privatni ključ u tekstualnom formatu PEM encrypted OpenSSL specific encrypted private key in text format Privatni ključ kriptiran na OpenSSL način u tekstualnom formatu SSH2 private SSH2 privatni SSH2 public SSH2 javni The public key encoded in SSH2 format Javni ključ kodiran u SSH2 formatu DER public DER javni Binary DER format of the public key Binarni DER format javnog ključa DER private DER privatni Unencrypted private key in binary DER format Nekriptirani privatni ključ u binarnom DER formatu PVK private PVK privatni Private key in Microsoft PVK format not encrypted Privatni ključ u Microsoft PVK formatu nije kriptiran PVK encrypted PVK kriptirani Encrypted private key in Microsoft PVK format Kriptirani privatni ključ u Microsoft PVK formatu PKCS #8 encrypted Encrypted private key in PKCS#8 text format Kriptirani privatni ključ u PKCS#8 tekst formatu PKCS #8 Unencrypted private key in PKCS#8 text format Nekriptirani privatni ključ u PKCS#8 tekst formatu Binary DER format of the certificate request Binary DER format of the revocation list vCalendar reminder for the CRL expiry date XCA template in PEM-like format All selected XCA templates in PEM-like format pki_key Do you really want to export the private key unencrypted to the clipboard ? Da li stvarno želite izvesti u clipboard nekriptirani privatni ključ? Only export the public key Izvezi samo javni ključ Export the private key unencrypted Izvezi nekriptirani privatni ključ Successfully imported the %1 public key '%2' Uspješno uvezen %1 javni ključ '%2' Delete the %1 public key '%2'? Obrisati %1 javni ključ '%2'? Successfully imported the %1 private key '%2' Uspješno uvezen %1 privatni ključ '%2' Delete the %1 private key '%2'? Obrisati %1 privatni ključ '%2'? Successfully created the %1 private key '%2' Uspješno izrađen %1 privatni ključ '%2' Delete the %1 keys: %2? Obrisati %1 ključeva: %2? public key javni ključ Public key Javni ključ Common Opće Private Privatno Bogus Lažno PIN PIN No password Bez zaporke Unexpected SSH2 content: '%1' Neočekivani SSH2 sadržaj: '%1' Invalid SSH2 public key Neispravan SSH2 javni ključ Failed writing to %1 Nije moguće pisati u %1 pki_multi Seek failed Neuspješno traženje No known PEM encoded items found Nije pronađena nijedna poznata PEM stavka pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 Unesite zaporku za dekripciju PKCS#12 datoteke: %1 Unable to load the PKCS#12 (pfx) file %1. Nije moguće učitati PKCS#12 (pfx) datoteku %1. The supplied password was wrong (%1) Unesena zaporka je neispravna (%1) Please enter the password to encrypt the PKCS#12 file Unesite zaporku za kripciju PKCS#12 datoteke No key or no Cert and no pkcs12 Nema ključa ili nema Potvrde i nema PKSCS#12 pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. Nije moguće učitati PKCS#7 datoteku %1. Proban je PEM i DER format. pki_scard Successfully imported the token key '%1' !!! Da li je ključ s tokena ili ključ za token??? Uspješno uvezen ključ za token '%1' Delete the token key '%1'? Obrisati ključ za token '%1'? Successfully created the token key '%1' Uspješno izrađen ključ za token '%1' Delete the %1 keys: %2? Obrisati %1 ključeva: %2? Delete the private key '%1' from the token '%2 (#%3)' ? Obrisati privatni ključ '%1' s tokena '%2 (#%3)' ? This Key is already on the token Ovaj ključ se već nalazi na tokenu Only RSA and EC keys can be stored on tokens Samo RSA i EC ključevi mogu biti spremljeni na tokenu PIN input aborted Prekinut unos PIN-a Unable to find copied key on the token Nije moguće naći kopirani ključ na tokenu Please insert card: %1 %2 [%3] with Serial: %4 Umetnite karticu: %1 %2 [%3] s sa serijskim brojem: %4 Public Key mismatch. Please re-import card Neodgovarajući javni ključ. Molimo ponovo umetnite karticu Illegal Key generation method Nedozvoljeni način generiranja Ključa Unable to find generated key on card Nemoguće je pronaći ključ generiran na kartici Ignoring unsupported token key Ignoriram nepodržani ključ za token Wrong Size %1 Pogrešna Dužina %1 Token %1 Token %1 Failed to find the key on the token Nije moguće naći ključ na tokenu Invalid Pin for the token Pogrešan PIN za token Failed to initialize the key on the token Nije moguće inicijalizirati ključ na tokenu pki_temp Successfully imported the XCA template '%1' Uspješno uvezen XCA predložak '%1' Delete the XCA template '%1'? Obrisati XCA predložak '%1'? Successfully created the XCA template '%1' Uspješno izrađen XCA predložak '%1' Delete the %1 XCA templates: %2? Obrisati %1 XCA predloške: %2? Wrong Size %1 Kriva Dužina %1 Template file content error (too small) Greška u sadržaju datoteke predloška (prekratka) Template file content error (bad size) Greška u sadržaju datoteke predloška (pogrešna dužina) Template file content error (too small): %1 Greška u sadržaju datoteke predloška (prekratka): %1 Not a PEM encoded XCA Template To nije PEM kodirani XCA Predložak Not an XCA Template, but '%1' To nije XCA Predložak, već '%1' Template file content error (bad size): %1 Greška u sadržaju datoteke predloška (pogrešna dužina): %1 Template file content error (bad length) :%1 Greška u sadržaju datoteke predloška (pogrešna veličina): %1 pki_x509 Successfully imported the certificate '%1' Uspješno uvezena potvrda '%1' Delete the certificate '%1'? Obrisati potvrdu '%1'? Successfully created the certificate '%1' Uspješno izrađena potvrda '%1' Delete the %1 certificates: %2? Obrisati %1 potvrdu: '%2'? Unable to load the certificate in file %1. Tried PEM and DER certificate. Nije moguće učitati potvrdu u datoteci %1. Proban je PEM i DER format. This certificate is already on the security token Ova potvrda se već nalazi na pametnom tokenu Delete the certificate '%1' from the token '%2 (#%3)'? Obrisati potvrdu %1 s tokena '%2 (#%3)'? There is no key for signing ! Nema ključa za potpisivanje ! Wrong Size %1 Pogrešna Dužina %1 Renew certificate: %1 Obnovi potvrdu: %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' XCA potvrda '%1', izdana %2 ističe %3. Spremljena je u XCA bazi '%4' CRL Renewal of CA '%1' due Krajnji rok za obnovu CRL od CA '%1' The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' Zadnji popis opozvanih potvrda izdan od CA '%1' ističe %2. Spremljen je u XCA bazi '%3' Not trusted Nepouzdan Trust inherited Povjerenje naslijeđeno Always Trusted Uvijek vjeruj CRL expires: %1 Popis opozvanih potvrda ističe: %1 No Ne Yes Da pki_x509req Signing key not valid (public key) Neispravan ključ za potpisivanje (javni ključ) Successfully imported the %1 certificate request '%2' Uspješno uvezen %1 zahtjev za izdavanje potvrde '%2' Delete the %1 certificate request '%2'? Obriši %1 zahtjev a izdavanje potvrde '%2'? Successfully created the %1 certificate request '%2' Uspješno izrađen %1 zahtjev za izdavanje potvrde '%2' Delete the %1 certificate requests: %2? Obriši %1 zahtjev za izdavanje potvrde %2? Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. Nije moguće učitati zahtjev za izdavanje potvrde u datoteci %1. Proban je PEM, DER SPKAC format. Signed Potpisan Unhandled Neobrađen Wrong Size %1 Kriva dužina %1 v3ext Copy Common Name Kopiraj uobičajeno ime Add Dodaj Delete Obriši Apply Primijeni Validate Potvrdi Cancel Odustani An email address or 'copy' Email adresa ili 'kopija' An email address Email adresa a registered ID: OBJECT IDENTIFIER registriran ID: OBJECT IDENTIFIER a uniform resource indicator jedinstveni identifikator resursa a DNS domain name DNS domensko ime an IP address IP adresa A registered ID: OBJECT IDENTIFIER Registriran ID: OBJECT IDENTIFIER A uniform resource indicator Jedinstveni identifikator resursa A DNS domain name or 'copycn' DNS domensko ime ili 'kopija cn' A DNS domain name DNS domensko ime An IP address IP adresa Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' Sintaksa: <OID>;TIP:tekst poput '1.2.3.4:UTF8:name' No editing. Only 'copy' allowed here Nema uređivanja. Ovdje je dozvoljeno samo 'kopija' Validation failed: '%1' %2 Neuspješna provjera: '%1' %2 Validation successful: '%1' Provjera uspješna: '%1' void There was no key found for the Certificate: Nije pronađen ključ za Potvrdu: Import Certificate signing request Uvezi zahtjev za izdavanje Potvrde (CSR) xcaWarning The following error occurred: Dogodila se sljedeća greška: Copy to Clipboard Kopiraj u Međuspremnik xcaWarningGui Copy to Clipboard xca-RELEASE.2.5.0/lang/xca_id.ts000066400000000000000000005327721450407711300161120ustar00rootroot00000000000000 CaProperties CA Properties Properti CA Form Days until next CRL issuing Berapa hari sampai penerbitan CRL selanjutnya Default template Templat baku CertDetail Details of the Certificate Rincian Sertifikat Serial Serial The serial number of the certificate Nomor seri sertifikat The internal name of the certificate in the database Nama internal sertifikat dalam basis data Status Status Internal name Nama internal Signature Tanda tangan Key Kunci Fingerprints Sidik jari MD5 MD5 An md5 hashsum of the certificate Hash md5 dari sertifikat SHA1 SHA1 A SHA-1 hashsum of the certificate Hash SHA-1 dari sertifikat SHA256 SHA256 A SHA-256 hashsum of the certificate Hash SHA-256 dari sertifikat Validity Validitas The time since the certificate is valid Sejak kapan sertifikat valid The time until the certificate is valid Sampai kapan sertifikat valid Subject Subjek Issuer Penerbit Extensions Ekstensi Comment Komentar Attributes Atribut Show config Tampilkan konfig Show extensions Tampilkan ekstensi Show public key Tampilkan kunci publik This key is not in the database. Kunci ini tidak ada dalam basis data. Not available Tidak tersedia Signer unknown Penandatangan tidak dikenal Self signed Tanda tangan mandiri Revoked at %1 Dicabut pada %1 Not valid Tidak valid Valid Valid Details of the certificate signing request Rincian dari certificate signing request CertExtend Certificate renewal Pembaruan sertifikat This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. Ini akan membuat suatu sertifikat baru sebagai salinan dari yang lama dengan nomor seri baru dan nilai validitas yang disesuaikan. Validity Validitas Not before Tidak sebelum Not after Tidak setelah Time range Rentang waktu Local time Waktu lokal Days Hari Months Bulan Years Tahun No well-defined expiration Tidak ada kedaluwarsa yang jelas Midnight Tengah malam Apply Terapkan Revoke old certificate Cabut sertifikat lama Replace old certificate Keep serial number Pertahankan nomor seri The certificate will be earlier valid than the signer. This is probably not what you want. Sertifikat akan valid lebih dini daripada penandatangan. Ini barangkali bukan yang Anda inginkan. Edit dates Sunting tanggal Abort rollout Gugurkan rollout Continue rollout Lanjutkan rollout Adjust date and continue Sesuaikan tanggal dan lanjutkan The certificate will be longer valid than the signer. This is probably not what you want. Sertifikat akan valid lebih lama daripada penandatangan. Ini barangkali bukan yang Anda inginkan. CertTreeView Import PKCS#12 Impor PKCS#12 Import from PKCS#7 Impor dari PKCS#7 Request Permintaan Security token Token keamanan Other token Token lain Similar Certificate Sertifikat Serupa Delete from Security token Hapus dari Token keamanan CA CA Properties Properti Generate CRL Buat CRL Manage revocations Kelola pencabutan Renewal Pembaruan Revoke Cabut Unrevoke Tak jadi cabut Plain View Tilikan Polos Tree View Tilikan Pohon days hari No template Tidak ada templat CA Properties Properti CA Certificate export Ekspor sertifikat X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) Sertifikat X509 ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) ClickLabel Double click for details Klik ganda untuk rincian CrlDetail Details of the Revocation list Rincian dari Daftar pencabutan &Status &Status Version Versi Signature Tanda tangan Signed by Ditandatangani oleh Name Nama The internal name of the CRL in the database Nama internal dari CRL dalam basis data issuing dates tanggal penerbitan Next update Pembaruan selanjutnya Last update Pembaruan terakhir &Issuer Penerb&it &Extensions &Ekstensi &Revocation list Dafta&r pencabutan Comment Komentar Failed Gagal Unknown signer Penandatangan yang tidak dikenal Verification not possible Verifikasi tidak mungkin CrlTreeView There are no CA certificates for CRL generation Tidak ada sertifikat CA untuk pembangkitan CRL Select CA certificate Pilih sertifikat CA Revocation list export Ekspor daftar pencabutan CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) ExportDialog Name Nama The internal name of the CRL in the database Nama internal CRL dalam basis data ... ... Filename Nama berkas Export comment into PEM file Ekspor komentar ke dalam berkas PEM Export Format Format Ekspor All files ( * ) Semua berkas ( * ) PEM Text format with headers Format Teks PEM dengan header Concatenated list of all selected items in one PEM text file Daftar tersambung dari semua butir yang dipilih dalam satu berkas teks PEM Concatenated text format of the complete certificate chain in one PEM file Format teks tersambung dari rantai sertifikat lengkap dalam satu berkas PEM Concatenated text format of all certificates in one PEM file Format teks tersambung dari semua sertifikat dalam satu berkas PEM Binary DER encoded file Berkas terenkode DER biner PKCS#7 encoded single certificate Sertifikat tunggal terenkode PKCS#7 PKCS#7 encoded complete certificate chain Rantai sertifikat lengkap terenkode PKCS#7 Concatenated text format of all unrevoked certificates in one PEM file Format teks tergabung dari semua sertifikat yang belum dicabut dalam satu berkas PEM All unrevoked certificates encoded in one PKCS#7 file Semua sertifikat yang belum dicabut dienkode dalam satu berkas PKCS#7 All selected certificates encoded in one PKCS#7 file Semua sertifikat yang dipilih dienkode dalam satu berkas PKCS#7 All certificates encoded in one PKCS#7 file Semua sertifikat dienkode dalam satu berkas PKCS#7 The certificate and the private key as encrypted PKCS#12 file Sertifikat dan kunci privat sebagai berkas PKCS#12 yang terenkripsi The complete certificate chain and the private key as encrypted PKCS#12 file Rantai sertifikat lengkap dan kunci privat sebagai berkas PKCS#12 terenkripsi Concatenation of the certificate and the unencrypted private key in one PEM file Gabungan dari sertifikat dan kunci privat tidak terenkripsi dalam satu berkas PEM Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Gabungan dari sertifikat dan kunci privat terenkripsi dalam format PKCS#8 di satu berkas Text format of the public key in one PEM file Format teks dari kunci publik dalam satu berkas PEM Binary DER format of the public key Format DER biner dari kunci publik Unencrypted private key in text format Kunci privat tak terenkripsi dalam format teks OpenSSL specific encrypted private key in text format Kunci privat terenkripsi spesifik OpenSSL dalam format teks Unencrypted private key in binary DER format Kunci privat tak terenkripsi dalam format DER biner Unencrypted private key in PKCS#8 text format Kunci privat tak terenkripsi dalam format teks PKCS#8 Encrypted private key in PKCS#8 text format Kunci privat terenkripsi dalam format teks PKCS#8 The public key encoded in SSH2 format Kunci publik terenkode dalam format SSH2 OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool Berkas Indeks Sertifikat spesifik OpenSSL yang dibuat oleh perintah 'ca' dan diperlukan oleh alat OCSP vCalendar expiry reminder for the selected items Pengingat kedaluwarsa vCalendar bagi butir-butir yang dipilih vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL Pengingat kedaluwarsa vCalendar yang memuat semua sertifikat yang diterbitkan dan valid, CA itu sendiri, dan CRL terakhir Private key in Microsoft PVK format not encrypted Kunci privat dalam format PVK Microsoft yang tidak terenkripsi Encrypted private key in Microsoft PVK format Kunci privat terenkripsi dalam format PVK Microsoft The file: '%1' already exists! Berkas '%1' sudah ada! Overwrite Timpa Do not overwrite Jangan timpa Form last update next update Days Hari Months Bulan Years Tahun Apply Terapkan Midnight Tengah malam Local time Waktu lokal No well-defined expiration Tidak ada kedaluwarsa yang jelas Help << << >> >> &Done &Selesai ImportMulti Import PKI Items Impor Butir PKI Import &All Impor Semu&a &Import &Impor &Done &Selesai &Remove from list Hapus da&ri daftar Details Rincian Delete from token Hapus dari token Rename on token Ubah nama pada token Name: %1 Model: %2 Serial: %3 Nama: %1 Model: %2 Serial: %3 Manage security token Kelola token keamanan Details of the item '%1' cannot be shown Rincian dari butir '%1' tidak bisa ditunjukkan The type of the item '%1' is not recognized Tipe dari butir '%1' tidak dikenal The file '%1' did not contain PKI data Berkas '%1' tidak mengandung data PKI The %1 files: '%2' did not contain PKI data Berkas %1: '%2' tidak mengandung data PKI ItemProperties Name Nama Source Sumber Insertion date Tanggal penyisipan Comment Komentar KeyDetail Name Nama The internal name of the key used by xca Nama internal dari kunci yang dipakai oleh xca Security token Token keamanan Manufacturer Pabrikan Serial Serial Key Kunci Public Exponent Eksponen Publik Keysize Ukuran kunci Private Exponent Eksponen Privat Security Token Token Keamanan Label Label PKCS#11 ID ID PKCS#11 Token information Informasi token Model Model Fingerprint Sidik jari Comment Komentar Details of the %1 key Rincian dari kunci %1 Not available Tidak tersedia Available Tersedia Sub prime Sub prima Public key Kunci publik Private key Kunci privat Curve name Nama kurva Unknown key Kunci tak dikenal KeyTreeView Clipboard format Change password Ubah kata sandi Reset password Reset kata sandi Change PIN Ubah PIN Init PIN with SO PIN (PUK) PIN init dengan PIN SO (PUK) Change SO PIN (PUK) Ubah PIN SO (PUK) Security token Token keamanan This is not a token Ini bukan sebuah token Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable Mestikan kunci asli '%1' digantikan oleh kunci pada token? Ini akan menghapus kunci '%1' dan membuatnya tidak dapat diekspor Export public key [%1] Ekspor kunci publik [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Kunci Privat ( *.pem *.der *.pk8 );; Kunci Publik SSH ( *.pub ) MainWindow Private Keys Kunci Privat &New Key Ku&nci Baru &Export &Ekspor &Import &Impor Import PFX (PKCS#12) Impor PFX (PKCS#12) &Show Details &Tampilkan Rincian &Delete &Hapus Certificate signing requests Certificate signing request &New Request Permi&ntaan Baru Certificates Sertifikat &New Certificate Sertifikat &Baru Import &PKCS#12 Impor &PKCS#12 Import P&KCS#7 Impor P&KCS#7 Plain View Tampilan Polos Templates Templat &New Template Templat &Baru &New CRL CRL &Baru Ch&ange Template Ub&ah Templat Revocation lists Daftar pencabutan Using or exporting private keys will not be possible without providing the correct password Memakai atau mengekspor kunci privat tidak akan mungkin tanpa memberikan kata sandi yang benar Database Basis Data The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. Hash baku '%1' yang kini dipakai tidak aman. Harap pilih paling tidak 'SHA 224' untuk alasan keamanan. Recent DataBases Basis Data Baru-baru Ini System Sistem Croatian Kroasia English Inggris French Perancis German Jerman Japanese Jepang Russian Rusia Slovak Slovakia Spanish Spanyol Persian Bulgarian Polish Polandia Italian Italia Chinese Cina Dutch Belanda Portuguese in Brazil Portugis di Brazil Indonesian Turkish Turki Language Bahasa &File &Berkas Open Remote DataBase Buka Basis Data Jarak Jauh Set as default DataBase Jadikan Basis Data baku New DataBase Basis Data Baru Open DataBase Buka Basis Data Close DataBase Tutup Basis Data Options Opsi Exit Keluar I&mport I&mpor Keys Kunci Requests Permintaan PKCS#12 PKCS#12 PKCS#7 PKCS#7 Template Templat Revocation list Daftar pencabutan PEM file Berkas PEM Paste PEM file Tempelkan berkas PEM Token Token Export Certificate &Index hierarchy Ekspor hirarki &Indeks Sertifikat Content Konten &Manage Security token Kelola Token kea&manan &Init Security token &Init Token keamanan &Change PIN &Ubah PIN Change &SO PIN Ubah PIN &SO Init PIN Init PIN Extra Ekstra &Dump DataBase Curahkan Basis &Data &Export Certificate Index &Ekspor Indeks Sertifikat C&hange DataBase password Uba&h kata sandi Basis Data &Undelete items Batal hap&us butir Generate DH parameter Bangkitkan parameter DH OID Resolver Pengurai OID &Help &Bantuan About Ihwal Import PEM data Impor data PEM Please enter the original SO PIN (PUK) of the token '%1' Harap masukkan PIN SO asli (PUK) dari token '%1' Search Cari Please enter the new SO PIN (PUK) for the token '%1' Harap masukkan PIN SO baru (PUK) bagi token '%1' The new label of the token '%1' Label baru dari token '%1' The token '%1' did not contain any keys or certificates Token '%1' tidak memuat kunci atau sertifikat apa pun Current Password Kata Sandi Saat Ini Please enter the current database password Harap masukkan kata sandi basis data saat ini The entered password is wrong Kata sandi yang dimasukkan salah New Password Kata Sandi Baru Please enter the new password to encrypt your private keys in the database-file Harap masukkan kata sandi baru untuk mengenkripsi kunci-kunci privat Anda dalam berkas basis data Transaction start failed Gagal memulai transaksi Database: %1 Certificate Index ( index.txt ) Indeks Sertifikat ( index.txt ) All files ( * ) Semua berkas ( * ) Diffie-Hellman parameters saved as: %1 Parameter Diffie-Hellman disimpan sebagai: %1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits Parameter Diffie-Hellman diperlukan bagi aplikasi-aplikasi berbeda, tapi tidak ditangani oelh XCA. Harap masukkan bit parameter DH NewCrl Last update Pembaruan terakhir Next update Pembaruan selanjutnya Days Hari Months Bulan Years Tahun Midnight Tengah malam Local time Waktu lokal Apply Terapkan Options Opsi CRL number Nomor CRL Subject alternative name Nama alternatif subjek Revocation reasons Alasan pencabutan Authority key identifier Identifier kunci Otoritas Hash algorithm Algoritma hash Create CRL Buat CRL NewKey Please give a name to the new key and select the desired keysize Harap berikan sebuah nama ke kunci baru dan pilih ukuran kunci yang diinginkan Key properties Properti kunci Name Nama The internal name of the new key Nama internal dari kunci baru Curve name Nama kurva Usually at least 2048 bit keys are recommended Biasanya disarankan paling tidak kunci 2048 bit New Key Kunci Baru Keysize Ukuran kunci Keytype Tipe kunci Remember as default Ingat sebagai baku Create Buat NewX509 Source Sumber Signing request Permintaan penandatanganan Show request Tunjukkan permintaan Sign this Certificate signing &request Tandatangani Certificate signing &request ini Copy extensions from the request Salin ekstensi dari permintaan Modify subject of the request Ubah subjek permintaan Signing Penandatanganan Create a &self signed certificate Buat sertifikat yang ditandatangani &sendiri Use &this Certificate for signing Gunakan Ser&tifikat ini untuk penandatanganan All certificates in your database that can create valid signatures Semua sertifikat dalam basis data Anda yang dapat membuat tanda tangan yang valid Signature algorithm Algoritma tanda tangan Template for the new certificate Templat bagi sertifikat baru All available templates Semua templat yang tersedia Apply extensions Terapkan ekstensi Apply subject Terapkan subjek Apply all Terapkan semua Subject Subjek Internal Name Nama Internal Distinguished name Distinguished name Add Tambah Delete Hapus Private key Kunci privat This list only contains unused keys Daftar ini hanya memuat kunci-kunci yang tidak dipakai Used keys too Kunci-kunci yang dipakai juga &Generate a new key Ban&gkitkan sebuah kunci baru Extensions Ekstensi Type Tipe If this will become a CA certificate or not Apakah ini akan menjadi sebuah sertifikat CA atau tidak Not defined Tidak didefinisikan Certification Authority Certification Authority End Entity Entitas Akhir Path length Panjang path How much CAs may be below this. Berapa banyak CA mungkin ada di bawah ini. The basic constraints should always be critical Basic constraints mesti selalu kritikal Key identifier Identifier kunci Creates a hash of the key following the PKIX guidelines Membuat sebuah hash dari kunci mengikuti panduan PKIX Copy the Subject Key Identifier from the issuer Salin Subject Key Identifier dari penerbit Validity Validitas Not before Tidak sebelum Not after Tidak setelah Time range Rentang waktu Days Hari Months Bulan Years Tahun Apply Terapkan Set the time to 00:00:00 and 23:59:59 respectively Atur waktu masing-masing ke 00:00:00 dan 23:59:59 Midnight Tengah malam Local time Waktu lokal No well-defined expiration Tidak ada kedaluwarsa yang jelas DNS: IP: URI: email: RID: DNS: IP: URI: email: RID: Edit Sunting URI: URI: Key usage Guna kunci Netscape Netscape Advanced Tingkat lanjut Validate Validasikan Comment Komentar This name is only used internally and does not appear in the resulting certificate Nama ini hanya dipakai secara internal dan tidak muncul dalam sertifikat yang dihasilkan Critical Kritikal Create Certificate signing request Buat Certificate signing request minimum size: %1 ukuran minimum: %1 maximum size: %1 ukuran maksimum: %1 only a-z A-Z 0-9 '()+,-./:=? hanya a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters hanya karakter yang bersih 7 bit Edit XCA template Sunting templat XCA Create x509 Certificate Buat Sertifikat x509 Template '%1' applied Templat '%1' diterapkan Subject applied from template '%1' Subjek diterapkan dari templat '%1' Extensions applied from template '%1' Ekstensi diterapkan dari templat '%1' New key '%1' created Kunci baru '%1' telah dibuat Other Tabs Tab Lain Advanced Tab Tab Tingkat Lanjut Errors Kesalahan From PKCS#10 request Dari permintaan PKCS#10 Abort rollout Tentang rollout The following length restrictions of RFC3280 are violated: Pembatasan panjang berikut dari RFC3280 dilanggar: Edit subject Sunting subjek Continue rollout Lanjutkan rollout The verification of the Certificate request failed. The rollout should be aborted. Verifikasi permintaan sertifikat gagal. Rollout mesti digugurkan. Continue anyway Lanjutkan saja The internal name and the common name are empty. Please set at least the internal name. Nama internal dan common name kosong. Harap atur paling tidak nama internal. Edit name Sunting nama There is no Key selected for signing. Tidak ada Kunci yang dipilih untuk penandatanganan. Select key Pilih kunci The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. Entri distinguised name berikut kosong: %1 walaupun Anda telah menyatakan mereka sebagai wajib dalam menu opsi. The key you selected for signing is not a private one. Kunci yang Anda pilih untuk menandatangani bukan kunci privat. Select other signer Pilih penandatangan lain Select other key Pilih kunci lain The currently selected hash algorithm '%1' is insecure and should not be used. Algoritma hash '%1' yang saat ini dipilih tidak aman dan mestinya tidak dipakai. Select other algorithm Pilih algoritma lain Use algorithm anyway Gunakan algoritma itu saja The certificate will be earlier valid than the signer. This is probably not what you want. Sertifikat akan valid lebih dini daripada penandatangan. Ini barangkali bukan yang Anda inginkan. Edit dates Sunting tanggal Adjust date and continue Sesuaikan tanggal dan lanjutkan The certificate will be longer valid than the signer. This is probably not what you want. Sertifikat akan valid lebih lama daripada penandatangan. Ini barangkali bukan yang Anda inginkan. The certificate will be out of date before it becomes valid. You most probably mixed up both dates. Sertifikat akan kedaluwarsa sebelum menjadi valid. Barangkali kedua tanggal tertukar. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. Sertifikat memuat ekstensi yang tidak valid atau duplikat. Periksa validasi pada tab tingkat lanjut. The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. Sertifikat tidak memuat ekstensi. Anda dapat menerapkan ekstensi dari salah satu templat untuk mendefinisikan tujuan sertifikat. The certificate contains invalid extensions. Edit extensions Suting ekstensi The subject alternative name shall contain a copy of the common name. However, the common name is empty. Subject alternative name akan memuat salinan dari common name. Namun common name kosong. Configfile error on line %1 Kesalahan berkas konfig pada baris %1 OidResolver OID Resolver Pengurai OID Enter the OID, the Nid, or one of the textual representations Masukkan OID, Nid, atau satu dari representasi tekstual Search Cari OID OID Long name Nama panjang OpenSSL internal ID ID internal OpenSSL Nid Nid Short name Nama pendek OpenDb Open remote database Buka basis data jarak jauh Database type Tipe basis data Hostname Nama host Username Nama pengguna Password Kata sandi Database name Nama basis data Table prefix Prefiks tabel No SqLite3 driver available. Please install the qt-sqlite package of your distribution Driver SqLite3 tidak tersedia. Harap pasang paket sq-sqlite dari distribusi Anda Options XCA Options Opsi XCA Settings Pengaturan Default hash algorithm Algoritma hash baku String types Tipe string Suppress success messages Sembunyikan pesan sukses Don't colorize expired certificates Jangan warnai sertifikat yang kedaluwarsa Translate established x509 terms (%1 -> %2) Terjemahkan istilah x509 yang sudah mapan (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. Fungsionalitas hash dari token tidak dipakai oleh XCA. Namun itu menghormati suatu set-hash terbatas yang dipropagasikan oleh token. Khususnya EC dan DSA hanya didefinisiakn dengan SHA1 dalam spesifikasi PKCS#1. Only use hashes supported by the token when signing with a token key Hanya pakai hash yang didukung oleh token ketika menandatangani dengan suatu kunci token Disable legacy Netscape extensions Nonaktifkan ekstensi Netscape warisan PKCS12 encryption algorithm Certificate expiry warning threshold Ambang peringatan kedaluwarsa sertifikat Send vCalendar expiry reminder Kirim pengingat kedaluwarsa vCalendar Serial number length Panjang nomor seri bit bit Distinguished name Distinguished name Mandatory subject entries Entri subjek yang wajib Add Tambah Delete Hapus Explicit subject entries Entri subjek eksplisit Dynamically arrange explicit subject entries Susun secara dinamis entri subjek yang eksplisit Default Baku PKCS#11 provider Penyedia PKCS#11 Remove Buang Search Cari Printable string or UTF8 (default) String yang dapat dicetak atau UTF8 (baku) PKIX recommendation in RFC2459 Rekomendasi PKIX dalam RFC2459 No BMP strings, only printable and T61 Tidak ada string BMP, hanya yang dapat dicetak dan T61 UTF8 strings only (RFC2459) Hanya string UTF8 (RFC2459) All strings Semua string Days Hari Weeks Minggu PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) Kata sandi diurai sebagai kode heksa 2 digit. Itu mesti memiliki sejumlah genap digit (0-9 dan a-f) Take as HEX string Ambil sebagai string HEKSA Password Kata sandi Repeat %1 Ulangi %1 %1 mismatch %1 tidak cocok Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters Kata sandi heksa hanya boleh memuat karakter '0' - '9' dan 'a' - 'f' dan itu mesti memuat sejumlah genap karakter Exit Keluar QMessageBox Ok Ok Close Tutup Cancel Batal Apply Terapkan Yes Ya No Tidak QObject Undefined Tidak didefinisikan Broken / Invalid Rusak / Tidak valid in %1 seconds dalam %1 detik %1 seconds ago %1 detik yang lalu in %1 minutes dalam %1 menit %1 minutes ago %1 menit yang lalu Yesterday Kemarin Tomorrow Besok in %1 hours dalam %1 jam %1 hours ago %1 jam yang lalu Out of data Kehabisan data Error finding endmarker of string Kesalahan saat mencari penanda akhir string Out of Memory at %1:%2 Habis Memori pada %1: %2 All files ( * ) Semua berkas ( * ) PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK Keys ( *.pvk );; SSH Public Keys ( *.pub );; Kunci PKI ( *.pem *.der *.key );; Kunci PKCS#8 ( *.p8 *.pk8 );; Kunci PVK Microsoft ( *.pvk );; Kunci Publik SSH ( *.pub );; Import RSA key Impor kunci RSA PKCS#10 CSR ( *.pem *.der *.csr );; CSR PKCS#10 ( *.pem *.der *.csr );; Import Request Impor Permintaan Certificates ( *.pem *.der *.crt *.cer );; Sertifikat ( *.pem *.der *.crt *.cer );; Import X.509 Certificate Impor Sertifikat X.509 PKCS#7 data ( *.p7s *.p7m *.p7b );; Data PKCS#7 ( *.p7s *.p7m *.p7b );; Import PKCS#7 Certificates Impor Sertifikat PKCS#7 PKCS#12 Certificates ( *.p12 *.pfx );; Sertifikat PKCS#12 ( *.p12 *.pfx );; Import PKCS#12 Private Certificate Impor Sertifikat Privat PKCS#12 XCA templates ( *.xca );; Templat XVA ( *.xca );; Import XCA Templates Impor Templat XCA Revocation lists ( *.pem *.der *.crl );; Daftar pencabutan ( *.pem *.der *.crl );; Import Certificate Revocation List Impor Certificate Revocation List XCA Databases ( *.xdb );; Basis Data XCA ( *.xdb );; Open XCA Database Buka Basis Data XCA PKCS#11 library ( *.dll );; Pustaka PKCS#11 ( *.dll );; PKCS#11 library ( *.dylib *.so );; Pustaka PKCS#11 ( *.dylib *.so );; PKCS#11 library ( *.so );; Pustaka PKCS#11 ( *.so );; Open PKCS#11 shared library Buka pustaka bersama PKCS#11 PEM files ( *.pem );; Berkas PEM ( *.pem );; Load PEM encoded file Muat berkas terenkode PEM Please enter the PIN on the PinPad Harap masukkan PIN pada PinPad Please enter the SO PIN (PUK) of the token %1 Harap masukkan PIN SO (PUK) dari token %1 Please enter the PIN of the token %1 Harap masukkan PIN dari token %1 No Security token found Tidak ditemukan token keamanan Select Pilih Please enter the new SO PIN (PUK) for the token: '%1' Harap masukkan SO PIN (PUK) baru bagi token: '%1' Please enter the new PIN for the token: '%1' Harap masukkan PIN baru bagi token: '%1' Required PIN size: %1 - %2 Ukuran PIN yang diperlukan: %1 - %2 Invalid filename: %1 Nama berkas tidak valid: %1 Failed to open PKCS11 library: %1: %2 Gagal membuka pustaka PKCS#11: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Ini tidak tampak seperti suatu pustaka PKCS#11. Simbol 'C_GetFunctionList' tidak ditemukan. Disabled Dinonaktifkan Library loading failed Pemuatan pustaka gagal PKCS#11 function '%1' failed: %2 Fungsi PKCS#11 '%1' gagal: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 Fungsi PKCS#11 '%1' gagal: %2 Dalam pustaka %3 %4 Invalid Tidak valid %1 is shorter than %2 bytes: '%3' %1 lebih pendek daripada %2 byte: '%3' %1 is longer than %2 bytes: '%3' %1 lebih panjang dari %2 byte: '%3' String '%1' for '%2' contains invalid characters String '%1' bagi '%2' memuat karakter yang tidak valid Error reading config file %1 at line %2 Kesalahan saat membaca berkas konfig %1 pada baris %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. Objek '%1' dari berkas %2 baris %3 sudah dikenal sebagai '%4:%5:%6' dan mesti dihapus. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. Identifier '%1' bagi OID %2 dari berkas %3 baris %4 sudah dipakai bagi OID lain sebagai '%5:%6:%7' dan mesti diubah untuk menghindari konflik. Unknown object '%1' in file %2 line %3 Objek tak dikenal '%1' dalam berkas %2 baris %3 Failed to start a database transaction Gagal memulai suatu transaksi basis data Country code Kode negara State or Province Negara Bagian atau Provinsi Locality Lokalitas Organisation Organisasi Organisational unit Unit organisasi Common name Common name E-Mail address Alamat surel Serial number Nomor seri Given name Nama depan Surname Nama belakang Title Gelar Initials Inisial Description Deskripsi Role Peran Pseudonym Pseudonim Generation Qualifier Pewatas Generasi x500 Unique Identifier Identifier Unik x500 Name Nama DN Qualifier Pewatas DN Unstructured name Nama tak terstruktur Challenge password Kata sandi tantangan Basic Constraints Konstrain Dasar Subject alternative name Nama alternatif subjek issuer alternative name nama alternatif penerbit Subject key identifier Identifier kunci subjek Authority key identifier Identifier kunci otoritas Key usage Key usage Extended key usage Extended key usage CRL distribution points Titik distribusi CRL Authority information access Akses informasi otoritas Certificate type Tipe sertifikat Base URL URL Basis Revocation URL URL Pencabutan CA Revocation URL URL Pencabutan CA Certificate renewal URL URL pembaruan Sertifikat CA policy URL URL kebijakan CA SSL server name Nama server SSL Comment Komentar Index file written to '%1' Berkas indeks ditulis ke '%1' Index hierarchy written to '%1' Hirarki indeks ditulis ke '%1' Unknown key type %1 Tipe kunci tak dikenal %1 Password verify error, please try again Kesalahan verifikasi kata sandi, harap coba lagi The following error occurred: Terjadi kesalahan berikut: Failed to update the database schema to the current version Password Kata sandi ReqTreeView Sign Tandatangani Unmark signed Hapus tanda yang ditandatangani Mark signed Tandai yang ditandatangani Similar Request Permintaan Serupa Certificate request export Ekspor permintaan sertifikat Certificate request ( *.pem *.der *.csr ) Permintaan sertifikat ( *.pem *.der *.csr ) RevocationList Manage revocations Kelola pencabutan Add Tambah Delete Hapus Edit Sunting No. No. Serial Serial Revocation Pencabutan Reason Alasan Invalidation Invalidasi Generate CRL Buat CRL Revoke Certificate revocation Pencabutan sertifikat Revocation details Rincian pencabutan Revocation reason Alasan pencabutan Local time Waktu lokal Invalid since Tidak valid sejak Serial Serial SearchPkcs11 Directory Direktori ... ... Include subdirectories Sertakan subdirektori Search Cari The following files are possible PKCS#11 libraries Berkas-berkas berikut adalah pustaka PKCS#11 yang mungkin SelectToken Security token Token keamanan Please select the security token Harap pilih token keamanan TempTreeView Duplicate Duplikatkan Create certificate Buat sertifikat Create request Buat permintaan copy salin Preset Template values Pratata nilai-nilai Templat Template export XCA Templates ( *.xca ) TrustState Certificate trust Trustment &Never trust this certificate Only &trust this certificate, if we trust the signer &Always trust this certificate Validity yyyy-MM-dd hh:mm yyyy-MM-dd hh:mm X509SuperTreeView OpenSSL config Konfig OpenSSL Transform Transformasikan Template Templat Public key Kunci publik Save as OpenSSL config Simpan sebagai konfig OpenSSL Config files ( *.conf *.cnf);; All files ( * ) Berkas konfig ( *.conf *.cnf);; Semua berkas ( * ) XFile Error opening file: '%1': %2 Error rewinding file: '%1': %2 XcaTreeView Item properties Properti butir Subject entries Entri subjek X509v3 Extensions Ekstensi X509v3 Netscape extensions Ekstensi Netscape Key properties Properti kunci Reset Reset Hide Column Sembunyikan Kolom Details Rincian Columns Kolom New Baru Import Impor Paste PEM data Tempelkan data PEM Rename Ubah nama Properties Properti Delete Hapus Export Ekspor Clipboard Papan klip File Berkas database_model Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Format basis data warisan terdeteksi. Membuat sebuah salinan cadangan bernama: '%1' dan mengonversi basis data ke format baru Failed to rename the database file, because the target already exists Gagal mengubah nama berkas basis data, karena target sudah ada Please enter the password to access the database server %2 as user '%1'. Harap masukkan kata sandi untuk mengakses server basis data %2 sebagai pengguna '%1'. Unable to create '%1': %2 Tidak bisa membuat '%1': %2 The file '%1' is not an XCA database Berkas '%1' bukan suatu basis data XCA No SqLite3 driver available. Please install the qt-sqlite package of your distribution Driver SqLite3 tidak tersedia. Harap pasang paket sq-sqlite dari distribusi Anda New Password Kata Sandi Baru Please enter a password, that will be used to encrypt your private keys in the database: %1 Harap masukkan suatu kata sandi, yang akan dipakai untuk mengenkripsi kunci privat Anda dalam basis data: %1 Password Kata sandi Please enter the password for unlocking the database: %1 Harap masukkan kata sandi untuk membuka kunci basis data: %1 db_base Internal name Nama internal No. No. Primary key Kunci primer Database unique number Angka unik basis data Date Tanggal Date of creation or insertion Tanggal pembuatan atau penyisipan Source Sumber Generated, Imported, Transformed Dibuat, Diimpor, Ditransformasi Comment Komentar First line of the comment field Baris pertama dari ruas komentar Import from: %1 Impor dari: %1 Could not create directory %1 Tidak bisa membuat direktori %1 Item properties Properti butir How to export the %1 selected items Bagaimana mengekspor %1 butir yang dipilih All in one PEM file Semua dalam sebuah berkas PEM Each item in one file Masing-masing butir dalam satu berkas Save %1 items in one file as Simpan %1 butir dalam satu berkas sebagai PEM files ( *.pem );; All files ( * ) Berkas PEM ( *.pem );; Semua berkas ( * ) db_crl Signer Penandatangan Internal name of the signer Nama internal dari penandatangan No. revoked Cacah dicabut Number of revoked certificates Banyaknya sertifikat yang dicabut Last update Pembaruan terakhir Next update Pembaruan selanjutnya CRL number Nomor CRL The revocation list already exists in the database as: '%1' and so it was not imported Daftar pencabutan sudah ada dalam basis data sebagai: '%1' sehingga tidak diimpor Revocation list export Ekspor daftar pencabutan CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) Failed to initiate DB transaction Gagal menginisiasi transaksi DB Database error: %1 Kesalahan basis data: %1 db_key Type Tipe Size Ukuran EC Group Grup EC Use Pakai Password Kata sandi The key is already in the database as: '%1' and is not going to be imported Kunci sudah ada dalam basis data sebagai: '%1' dan tidak akan diimpor The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key Basis data sudah memuat bagian publik dari kunci yang diimpor sebagai '%1' dan akan dilengkapi oleh bagian privat dari kunci yang baru Extending public key from %1 by imported key '%2' Memperluas kunci publik dari %1 dengan kunci yang diimpor '%2' Key size too small ! Ukuran kunci terlalu kecil! You are sure to create a key of the size: %1 ? Anda yakin akan membuat kunci dengan ukuran: %1? PEM public PEM publik SSH2 public SSH2 publik PEM private PEM privat SSH2 private SSH2 privat Export keys to Clipboard Ekspor kunci ke Papan Klip Clipboard Papan klip Export public key [%1] Ekspor kunci publik [%1] DER public DER publik DER private DER privat PEM encryped PEM terenkripsi PVK private PVK privat PVK encrypted PVK terenkripsi PKCS#8 encrypted PKCS#8 terenkripsi Export private key [%1] Ekspor kunci privat [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Kunci Privat ( *.pem *.der *.pk8 );; Kunci Publik SSH ( *.pub ) Internal error Kesalahan internal Tried to change password of a token Mencoba mengubah kata sandi dari suatu token db_temp Bad template: %1 Templat buruk: %1 Empty template Templat kosong Save template as Simpan templat sebagai XCA templates ( *.xca );; All files ( * ) Templat XCA ( *.xca );; Semua berkas ( * ) db_x509 CA CA reflects the basic Constraints extension mencerminkan ekstensi basic Constraints Serial Serial Start date Tanggal mulai Expiry date Tanggal kedaluwarsa MD5 fingerprint Sidik jari MD5 SHA1 fingerprint Sidik jari SHA1 SHA256 fingerprint Sidik jari SHA256 Not before Tidak sebelum Not after Tidak setelah Revocation Pencabutan CRL Expiration Kedaluwarsa CRL Failed to retrieve unique random serial Gagal mengambil serial acak unik The certificate already exists in the database as: '%1' and so it was not imported Sertifikat sudah ada dalam basis data sebagai: '%1' sehingga itu tidak diimpor Signed on %1 by '%2' Ditandatangani pada %1 oleh '%2' Unknown Tidak dikenal Invalid public key Kunci publik tidak valid PKCS#7 unrevoked PKCS#7 belum dicabut PEM unrevoked PEM belum dicabut CA vCalendar vCalendar CA X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) Sertifikat X509 ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) days hari No template Tidak ada templat The key you selected for signing is not a private one. Kunci yang Anda pilih untuk penandatanganan bukan privat. Failed to create directory '%1' Gagal membuat direktori '%1' Store the certificate to the key on the token '%1 (#%2)' ? Simpan sertifikat ke kunci pada token '%1 (#%2)' ? PEM chain Rantai PEM PKCS#7 chain Rantai PKCS#7 PKCS#12 chain Rantai PKCS#12 PKCS#7 all PKCS#7 semua PEM + key PEM + kunci PEM all PEM semua Certificate Index file Berkas Indeks Sertifikat Certificate export Ekspor sertifikat There was no key found for the Certificate: '%1' Tidak ditemukan kunci bagi Sertifikat: '%1' Not possible for a token key: '%1' Tidak mungkin bagi sebuah kunci token: '%1' Not possible for the token-key Certificate '%1' Tidak mungkin bagi Sertifikat kunci token '%1' db_x509name Subject Subjek Complete distinguished name Distinguished name lengkap Subject hash Hash subjek Hash to lookup certs in directories Hash untuk mencari sertifikat dalam direktori db_x509req Signed Ditandatangani whether the request is already signed or not apakah permintaan sudah ditandatangani atau belum Unstructured name Nama tak terstruktur Challenge password Kata sandi tantangan Certificate count Cacah sertifikat Number of certificates in the database with the same public key Cacah sertifikat dalam basis data dengan kunci publik yang sama The certificate signing request already exists in the database as '%1' and thus was not stored Certificate signing request sudah ada dalam basis data sebagai '%1' sehingga tidak disimpan Certificate request export Ekspor permintaan sertifikat Certificate request ( *.pem *.der *.csr ) Permintaan sertifikat ( *.pem *.der *.csr ) db_x509super Key name Nama kunci Internal name of the key Nama internal kunci Signature algorithm Algoritma tanda tangan Key type Tipe kunci Key size Ukuran kunci EC Group Grup EC Extracted from %1 '%2' Diekstrak dari %1 '%2' Certificate Sertifikat Certificate request Permintaan sertifikat Save as OpenSSL config Simpan sebagai konfig OpenSSL Config files ( *.conf *.cnf);; All files ( * ) Berkas konfig ( *.conf *.cnf);; Semua berkas ( * ) The following extensions were not ported into the template Ekstensi-ekstensi berikut tidak di-port ke dalam templat Transformed from %1 '%2' Ditransformasikan dari %1 '%2' kvView Type Tipe Content Konten pass_info Password Kata sandi PIN PIN pkcs11_lib Failed to open PKCS11 library: %1: %2 Gagal membuka pustaka PKCS#11: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Ini tidak tampak seperti suatu pustaka PKCS#11. Simbol 'C_GetFunctionList' tidak ditemukan. pki_base Unknown Tidak dikenal Imported Diimpor Generated Dibangkitkan Transformed Ditransformasi Token Token Legacy Database Basis Data Warisan Renewed Diperbarui Property '%1' not listed in 'pki_base::print' Properti '%1' tidak terdaftar dalam 'pki_base::print' Internal error: Unexpected message: %1 %2 Kesalahan internal: Pesan yang tidak diharapkan: %1 %2 pki_crl Successfully imported the revocation list '%1' Sukses mengimpor daftar pencabutan '%1' Delete the revocation list '%1'? Hapus daftar pencabutan '%1'? Successfully created the revocation list '%1' Sukses membuat daftar pencabutan '%1' Delete the %1 revocation lists: %2? Hapus daftar pencabutan %1: %2? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. Tidak bisa memuat daftar pencabutan dalam berkas %1. Dicoba CRL terformat PEM dan DER. No issuer given Tidak ada penerbit yang diberikan Wrong Size %1 Salah Ukuran %1 CRL Renewal of CA '%1' due Saatnya Pembaruan CRL dari CA '%1' The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' CRL terakhir yang diterbitkan oleh CA '%1' akan kedaluwarsa pada %2. Itu disimpan dalam basis data XCA '%3' Renew CRL: %1 Perbarui CRL: %1 The XCA CRL '%1', issued on %3 will expire on %4. It is stored in the XCA database '%5' CRL XCA '%1', diterbitkan pada %3 akan kedaluwarsa pada %4. Itu disimpan dalam basis data XCA '%5' pki_evp Please enter the password to decrypt the private key %1. Harap masukkan kata sandi untuk mendekripsi kunci privat %1. The key from file '%1' is incomplete or inconsistent. Kunci dari berkas '%1' tidak lengkap atau tidak konsisten. Please enter the password to decrypt the private key from file: %1 Harap masukkan kata sandi untuk mendekripsi kunci privat dari berkas: %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. Tidak bisa memuat kunci privat dalam berkas %1. Dicoba format tipe kunci PEM dan DER privat, publik, PKCS#8, dan SSH2. Ignoring unsupported private key Mengabaikan kunci privat yang tidak didukung Please enter the password to decrypt the private key: '%1' Harap masukkan kata sandi untuk mendekripsi kunci privat: '%1' Password input aborted Masukan kata sandi digugurkan Please enter the database password for decrypting the key '%1' Harap masukkan kata sandi basis data untuk mendekripsi kunci '%1' Please enter the password to protect the private key: '%1' Harap masukkan kata sandi untuk melindungi kunci privat: '%1' Please enter the database password for encrypting the key Harap masukkan kata sandi basis data untuk mengenkripsi kunci Please enter the password protecting the PKCS#8 key '%1' Harap masukkan kata sandi untuk melindungi kunci PKCS#8 '%1' Please enter the password protecting the Microsoft PVK key '%1' Harap masukkan kata sandi untuk melindungi kunci PVK Microsoft '%1' Please enter the export password for the private key '%1' Harap masukkan kata sandi ekspor untuk kunci privat '%1' pki_export PEM Text format with headers Format Teks PEM dengan header Concatenated list of all selected items in one PEM text file Daftar tersambung dari semua butir yang dipilih dalam satu berkas teks PEM PEM chain Rantai PEM Concatenated text format of the complete certificate chain in one PEM file Format teks tersambung dari rantai sertifikat lengkap dalam satu berkas PEM PEM + key PEM + kunci Concatenation of the certificate and the unencrypted private key in one PEM file Gabungan dari sertifikat dan kunci privat tidak terenkripsi dalam satu berkas PEM Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Gabungan dari sertifikat dan kunci privat terenkripsi dalam format PKCS#8 di satu berkas PKCS#7 encoded single certificate Sertifikat tunggal terenkode PKCS#7 All selected certificates encoded in one PKCS#7 file Semua sertifikat yang dipilih dienkode dalam satu berkas PKCS#7 PKCS #7 chain PKCS#7 encoded complete certificate chain Rantai sertifikat lengkap terenkode PKCS#7 Binary DER encoded certificate PKCS #12 chain The complete certificate chain and the private key as encrypted PKCS#12 file Rantai sertifikat lengkap dan kunci privat sebagai berkas PKCS#12 terenkripsi PKCS #12 The certificate and the private key as encrypted PKCS#12 file Sertifikat dan kunci privat sebagai berkas PKCS#12 yang terenkripsi Certificate Index file Berkas Indeks Sertifikat OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool Berkas Indeks Sertifikat spesifik OpenSSL yang dibuat oleh perintah 'ca' dan diperlukan oleh alat OCSP vCalendar vCalendar expiry reminder for the selected items Pengingat kedaluwarsa vCalendar bagi butir-butir yang dipilih CA vCalendar vCalendar CA vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL Pengingat kedaluwarsa vCalendar yang memuat semua sertifikat yang diterbitkan dan valid, CA itu sendiri, dan CRL terakhir PEM public PEM publik Text format of the public key in one PEM file Format teks dari kunci publik dalam satu berkas PEM PEM private PEM privat Unencrypted private key in text format Kunci privat tak terenkripsi dalam format teks PEM encrypted OpenSSL specific encrypted private key in text format Kunci privat terenkripsi spesifik OpenSSL dalam format teks SSH2 private SSH2 privat SSH2 public SSH2 publik The public key encoded in SSH2 format Kunci publik terenkode dalam format SSH2 DER public DER publik Binary DER format of the public key Format DER biner dari kunci publik DER private DER privat Unencrypted private key in binary DER format Kunci privat tak terenkripsi dalam format DER biner PVK private PVK privat Private key in Microsoft PVK format not encrypted Kunci privat dalam format PVK Microsoft yang tidak terenkripsi PVK encrypted PVK terenkripsi Encrypted private key in Microsoft PVK format Kunci privat terenkripsi dalam format PVK Microsoft PKCS #8 encrypted Encrypted private key in PKCS#8 text format Kunci privat terenkripsi dalam format teks PKCS#8 PKCS #8 Unencrypted private key in PKCS#8 text format Kunci privat tak terenkripsi dalam format teks PKCS#8 Binary DER format of the certificate request Binary DER format of the revocation list vCalendar reminder for the CRL expiry date XCA template in PEM-like format All selected XCA templates in PEM-like format pki_key Successfully imported the %1 public key '%2' Sukses mengimpor kunci publik %1 '%2' Delete the %1 public key '%2'? Hapus kunci publik %1 '%2'? Successfully imported the %1 private key '%2' Sukses mengimpor kunci privat %1 '%2' Delete the %1 private key '%2'? Hapus kunci privat %1 '%2'? Successfully created the %1 private key '%2' Sukses membuat kunci privat %1 '%2' Delete the %1 keys: %2? Hapus kunci %1 '%2'? Public key Kunci publik Common Umum Private Privat Bogus Palsu PIN PIN No password Tidak ada kata sandi Unexpected SSH2 content: '%1' Konten SSH2 yang tidak diharapkan: '%1' Invalid SSH2 public key Kunci publik SSH2 yang tidak valid Failed writing to %1 Gagal menulis ke %1 pki_multi No known PEM encoded items found Tidak ditemukan butir terenkode PEM yang dikenal pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 Harap masukkan kata sandi untuk mendekripsi berkas PKCS#12: %1 Unable to load the PKCS#12 (pfx) file %1. Tidak bisa memuat berkas PKCS#12 (pfx) %1. The supplied password was wrong (%1) Kata sandi yang diberikan salah (%1) Please enter the password to encrypt the PKCS#12 file Harap masukkan kata sandi untuk mengenkripsi berkas PKCS#12 No key or no Cert and no pkcs12 Tidak ada kunci atau tidak ada Sertifikat dan tidak ada pkcs12 pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. Tidak bisa memuat berkas PKCS#7 %1. Dicoba format PEM dan DER. pki_scard Successfully imported the token key '%1' Sukses mengimpor kunci token '%1' Delete the token key '%1'? Hapus kunci token '%1'? Successfully created the token key '%1' Sukses membuat kunci token '%1' Delete the %1 keys: %2? Hapus kunci %1 '%2'? Delete the private key '%1' from the token '%2 (#%3)' ? Hapus kunci privat '%1' dari token '%2 (#%3)'? This Key is already on the token Kunci ini sudah ada pada token PIN input aborted Masukan PIN digugurkan Unable to find copied key on the token Tidak bisa menemukan kunci yang disalin pada token Please insert card: %1 %2 [%3] with Serial: %4 Harap tancapkan kartu: %1 %2 [%3] dengan Serial: %4 Unable to find generated key on card Tidak bisa menemukan kunci yang dibangkitkan pada kartu Ignoring unsupported token key Mengabaikan kunci token yang tidak didukung Wrong Size %1 Salah Ukuran %1 Token %1 Token %1 Failed to find the key on the token Gagal menemukan kunci pada token Invalid Pin for the token Pin yang tidak valid bagi token Failed to initialize the key on the token Gagal menginisialisasi kunci pada token pki_temp Successfully imported the XCA template '%1' Sukses mengimpor templat XCA '%1' Delete the XCA template '%1'? Hapus templat XCA '%1'? Successfully created the XCA template '%1' Sukses membuat templat XCA '%1' Delete the %1 XCA templates: %2? Hapus templat XCA %1: %2? Wrong Size %1 Salah Ukuran %1 Template file content error (too small) Kesalahan konten berkas templat (terlalu kecil) Not a PEM encoded XCA Template Bukan suatu Templat XCA yang terenkode PEM Not an XCA Template, but '%1' Bukan suatu Templat XCA, tapi '%1' pki_x509 Successfully imported the certificate '%1' Sukses mengimpor sertifikat '%1' Delete the certificate '%1'? Hapus sertifikat '%1'? Successfully created the certificate '%1' Sukses membuat sertifikat '%1' Delete the %1 certificates: %2? Hapus sertifikat '%1': %2? Unable to load the certificate in file %1. Tried PEM and DER certificate. Tidak bisa memuat sertifikat dalam berkas %1. Dicoba sertifikat PEM dan DER. This certificate is already on the security token Sertifikat ini sudah ada dalam token keamanan Delete the certificate '%1' from the token '%2 (#%3)'? Hapus sertifikat '%1' dari token '%2 (#%3)'? There is no key for signing ! Tidak ada kunci untuk penandatanganan ! Wrong Size %1 Salah Ukuran %1 No Tidak Yes Ya Renew certificate: %1 Perbarui sertifikat: %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' Sertifikat XCA '%1', diterbitkan pada %2 akan kedaluwarsa pada %3. Itu disimpan dalam basis data XCA '%4' pki_x509req Signing key not valid (public key) Kunci penandatanganan tidak valid (kunci publik) Successfully imported the %1 certificate request '%2' Sukses mengimpor permintaan sertifikat %1 '%2' Delete the %1 certificate request '%2'? Hapus permintaan sertifikat %1 '%2'? Successfully created the %1 certificate request '%2' Sukses membuat permintaan sertifikat %1 '%2' Delete the %1 certificate requests: %2? Hapus permintaan sertifikat %1: %2? Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. Tidak bisa memuat permintaan sertifikat dalam berkas %1. Dicoba format PEM, DER, dan SPKAC. Wrong Size %1 Salah Ukuran %1 Signed Ditandatangani Unhandled Tidak tertangani v3ext Copy Common Name Salin Common Name Add Tambah Delete Hapus Apply Terapkan Validate Validasikan Cancel Batal An email address or 'copy' Suatu alamat surel atau 'copy' An email address Suatu alamat surel A registered ID: OBJECT IDENTIFIER A uniform resource indicator Suatu uniform resource indicator A DNS domain name or 'copycn' Suatu nama domain DNS atau 'copycn' A DNS domain name Suatu nama domain DNS An IP address Suatu alamat IP Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' Sintaks: <OID>;TYPE:teks seperti '1.2.3.4:UTF8:nama' No editing. Only 'copy' allowed here Tidak ada penyuntingan. Hanya 'copy' yang diizinkan di sini Validation failed: '%1' %2 Validasi gagal: '%1' %2 Validation successful: '%1' Validasi sukses: '%1' xcaWarning The following error occurred: Terjadi kesalahan berikut: Copy to Clipboard Salin ke Papan Klip xcaWarningGui Copy to Clipboard Salin ke Papan Klip xca-RELEASE.2.5.0/lang/xca_it.ts000066400000000000000000005573031450407711300161270ustar00rootroot00000000000000 CaProperties CA Properties Proprietà della CA Form Days until next CRL issuing Prossimo rilascio della CRL (giorni) Default template Modello predefinito CertDetail Details of the Certificate Dettagli del certificato Serial Seriale The serial number of the certificate Il numero di serie del certificato The internal name of the certificate in the database Nome interno del certificato nel database Status Stato Internal name Nome interno Signature Firma Key Chiave Fingerprints Fingerprints MD5 MD5 An md5 hashsum of the certificate Un hash MD5 del certificato SHA1 SHA1 A SHA-1 hashsum of the certificate Un hash SHA-1 del certificato SHA256 SHA256 A SHA-256 hashsum of the certificate Un hash SHA-256 del certificato Validity Validità The time since the certificate is valid Data/ora inizio validità The time until the certificate is valid Data/ora fine validità Subject Soggetto Issuer Emittente Extensions Estensioni Comment Commento Attributes Attributi Show config Visualizza configurazione Show extensions Visualizza estensioni Show public key Visualizza chiave pubblica This key is not in the database. Chiave assente nel database. Not available Non disponibile Signer unknown Firmatario sconosciuto Self signed Auto-firmato Revoked at %1 Revocato il %1 Revoked: Revocato: Not valid Non valido Valid Valido Details of the certificate signing request Dettagli della CSR (richiesta di firma certificato) CertExtend Certificate renewal Rinnovo certificato This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. Sarà creato un nuovo certificato come copia del precedente con un nuovo numero di serie e date di validità adattate. Validity Validità Not before Non prima Not after Non dopo Time range Intervallo di tempo Local time Ora locale Days Giorni Months Mesi Years Anni No well-defined expiration Scadenza non ben definita Midnight Mezzanotte Apply Applica Revoke old certificate Revoca vecchio certificato Replace old certificate Keep serial number Mantieni numero di serie The certificate will be earlier valid than the signer. This is probably not what you want. La validità del certificato sarebbe antecedente a quella del firmatario. Questo probabilmente non è ciò che si desidera. Edit dates Modifica date Abort rollout Interrompi rilascio Continue rollout Continua rilascio Adjust date and continue Adatta la data e continua The certificate will be longer valid than the signer. This is probably not what you want. La validità del certificato sarebbe posteriore a quella del firmatario. Questo probabilmente non è ciò che si desidera. CertTreeView Import PKCS#12 Importa da PKCS#12 Import from PKCS#7 Importa da PKCS#7 Request Richiesta Security token Token di sicurezza Other token Altro token Similar Certificate Certificato simile Delete from Security token CA CA Properties Proprietà Generate CRL Genera CRL Manage revocations Gestisci revoche Renewal Rinnovo Revoke Revoca Unrevoke Annulla revoca Plain View Visualizzazione semplice Tree View Visualizzazione ad albero days giorni No template Nessun modello CA Properties Proprietà della CA Certificate export Esportazione Certificato X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) Certificati x509 ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) ClickLabel Double click for details Doppio click per dettagli CrlDetail Details of the Revocation list Dettagli della lista di revoca (CRL) &Status &Stato Version Versione Signature Firma Signed by Firmato da Name Nome The internal name of the CRL in the database Nome interno della CRL nel database issuing dates Date di rilascio Next update Prossimo aggiornamento Last update Ultimo aggiornamento &Issuer &Emittente &Extensions &Estensioni &Revocation list &Lista di revoca Comment Commento Failed Fallito Unknown signer Firmatario sconosciuto Verification not possible Impossibile verificare CrlTreeView There are no CA certificates for CRL generation Non esistono certificati CA per generare la CRL Select CA certificate Seleziona un certificato CA Revocation list export Esportazione lista di revoca CRL ( *.pem *.der *.crl ) ExportDialog Name Nome The internal name of the CRL in the database Nome interno della CRL nel database ... ... Filename Nome File Export comment into PEM file Esporta commento nel file PEM Export Format Formato di esportazione All files ( * ) Tutti i file (*) PEM Text format with headers Formato testo PEM con intestazioni Concatenated list of all selected items in one PEM text file Lista concatenata di tutti gli oggetti selezionati in un file di testo PEM Concatenated text format of the complete certificate chain in one PEM file Formato testo concatenato della catena di certificazione completa in un file PEM Concatenated text format of all certificates in one PEM file Formato testo concatenato di tutti i certificati in un file PEM Binary DER encoded file File in codifica DER binaria PKCS#7 encoded single certificate Singolo certificato con codifica PKCS#7 PKCS#7 encoded complete certificate chain Catena di certificazione completa con codifica PKCS#7 Concatenated text format of all unrevoked certificates in one PEM file Formato testo concatenato di tutti i certificati non revocati in un file PEM All unrevoked certificates encoded in one PKCS#7 file Tutti i certificati non revocati codificati in un file PKCS#7 All selected certificates encoded in one PKCS#7 file Tutti i certificati selezionati codificati in un file PKCS#7 All certificates encoded in one PKCS#7 file Tutti i certificati codificati in un file PKCS#7 The certificate and the private key as encrypted PKCS#12 file Certificato e chiave privata in un file PKCS#12 crittato The complete certificate chain and the private key as encrypted PKCS#12 file Catena di certificazione completa e chiave privata in un file PKCS#12 crittato Concatenation of the certificate and the unencrypted private key in one PEM file Certificato e chiave privata concatenati in chiaro in unico file con codifica PEM Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Certificato e chiave privata concatenati e crittati in unico file con codifica PKCS#8 Text format of the public key in one PEM file Chiave pubblica formato testo in unico file PEM Binary DER format of the public key Chiave pubblica formato DER binario Unencrypted private key in text format Chiave privata in chiaro in formato testo OpenSSL specific encrypted private key in text format Chiave privata crittata OpenSSL in formato testo Unencrypted private key in binary DER format Chiave privata in chiaro in formato DER binario Unencrypted private key in PKCS#8 text format Chiave privata in chiaro in formato testo PKCS#8 Encrypted private key in PKCS#8 text format Chiave privata crittata in formato testo PKCS#8 The public key encoded in SSH2 format Chiave pubblica codificata in formato SSH2 OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool File indice dei certificati in formato specifico OpenSSL come creato dal comando 'ca' e richiesto dallo strumento OCSP vCalendar expiry reminder for the selected items Promemoria scadenza in formato vCalendar per gli oggetti selezionati vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL Promemoria scadenza in formato vCalendar contenente tutti i certificati rilasciati e validi, la CA stessa e l'ultima CRL Private key in Microsoft PVK format not encrypted Chiave privata non crittata in formato Microsoft PVK Encrypted private key in Microsoft PVK format Chiave privata crittata in formato Microsoft PVK The file: '%1' already exists! Il file: '%1' esiste già! Overwrite Sovrascrivi Do not overwrite Non sovrascrivere Form last update next update Days Giorni Months Mesi Years Anni Apply Applica Midnight Mezzanotte Local time Ora locale No well-defined expiration Scadenza non ben definita Help << << >> >> &Done &Eseguito ImportMulti Import PKI Items Importazione oggetti PKI Import &All Importa &Tutto &Import &Importa &Done &Eseguito &Remove from list &Rimuovi dalla lista Details Dettagli Delete from token Elimina dal token Rename on token Rinomina nel token Name: %1 Model: %2 Serial: %3 Nome: %1 Modello: %2 Seriale: %3 Manage security token Gestisci token di sicurezza Details of the item '%1' cannot be shown Dettagli dell'elemento '%1' non possono essere mostrati The type of the item '%1' is not recognized Il tipo dell'elemento '%1' non è riconosciuto The file '%1' did not contain PKI data Il file '%1' non contiene dati PKI The %1 files: '%2' did not contain PKI data I file %1: '%2' non contengono dati PKI ItemProperties Name Nome Source Sorgente Insertion date Data di inserimento Comment Commento KeyDetail Name Nome The internal name of the key used by xca Nome interno della chiave utilizzato da xca Security token Token di sicurezza Manufacturer Produttore Serial Seriale Key Chiave Public Exponent Esponente pubblico Keysize Dimensione della chiave Private Exponent Esponente privato Security Token Token di sicurezza Label Etichetta PKCS#11 ID ID PKCS#11 Token information Informazioni token Model Modello Fingerprint Fingerprint Comment Commento Details of the %1 key Dettagli della chiave %1 Not available Non disponibile Available Disponibile Sub prime Sub prime Public key Chiave pubblica Private key Chiave privata Curve name Nome della curva Unknown key Chiave sconosciuta KeyTreeView Clipboard format Change password Cambio passoword Reset password Reset della password Change PIN Cambio PIN Init PIN with SO PIN (PUK) Inizializza PIN con SO PIN (PUK) Change SO PIN (PUK) Modifica SO PIN (PUK) Security token Token di sicurezza This is not a token Questo non è un token Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable Si desidera che la chiave originale '%1' sia sostituita nel token? Ciò eliminerà la chiave '%1' e la renderà non esportabile Export public key [%1] Esporta chiave pubblica [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Chiavi private ( *.pem *.der *.pk8 );; Chiavi pubbliche SSH ( *.pub );; MainWindow Private Keys Chiavi private &New Key &Nuova chiave &Export &Esporta &Import &Importa Import PFX (PKCS#12) Importa PFX (PKCS#12) &Show Details &Mostra dettagli &Delete &Elimina Certificate signing requests Richieste di firma certificato (CSR) &New Request &Nuova richiesta Certificates Certificati &New Certificate &Nuovo certificato Import &PKCS#12 Importa &PKCS#12 Import P&KCS#7 Importa P&KCS#7 Plain View Visualizzazione semplice Templates Modelli &New Template &Nuovo modello &New CRL &Nuova CRL Ch&ange Template Modific&a modello Revocation lists Liste di revoca Using or exporting private keys will not be possible without providing the correct password Utilizzo ed esportazione di chiavi private non consentito senza fornire la password corretta Database Database The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. L'hash predefinito corrente '%1' non è sicuro. Prego selezionare almeno SHA 244. Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Rilevato formato database obsoleto. Creo un copia di backup chiamata: '%1' e converto il database nel nuovo formato Failed to rename the database file, because the target already exists Impossibile rinominare il file database: nome destinazione già esistente No deleted items found Non trovati elementi cancellati Recent DataBases Database recenti System Sistema Croatian Croato English Inglese French Francese German Tedesco Japanese Giapponese Russian Russo Slovak Slovacco Spanish Spagnolo Persian Bulgarian Polish Polacco Italian Italiano Chinese Cinese Dutch Olandese Portuguese in Brazil Portoghese brasiliano Indonesian Turkish Turco Language Lingua &File &File &New DataBase &Nuovo database &Open DataBase &Apri database Open Remote DataBase Apri database remoto Set as default DataBase Imposta come database predefinito &Close DataBase &Chiudi database New DataBase Nuovo database Open DataBase Apri database Close DataBase Chiudi database Options Opzioni Exit Esci I&mport I&mporta Keys Chiavi Requests Richieste PKCS#12 PKCS#12 PKCS#7 PKCS#7 Template Modello Revocation list Lista di revoca PEM file File PEM Paste PEM file Incolla file PEM Token Token Export Certificate &Index hierarchy &Esporta gerarchia degli indici certificati Content Contenuto &Token &Token &Manage Security token &Gestisci token di sicurezza &Init Security token &Inizializza token di sicurezza &Change PIN &Cambia PIN Change &SO PIN Cambia &SO PIN Init PIN Inizializza PIN Extra Extra &Dump DataBase &Database dump &Export Certificate Index &Esporta indice certificati &Export Certificate Index hierarchy &Esporta gerarchia degli indici certificati C&hange DataBase password C&ambia password del database &Undelete items Ann&ulla eliminazione elementi Generate DH parameter Genera parametro DH OID Resolver OID Resolver &Help &Help &Content &Contenuti About A proposito di no such option: %1 opzione inesistente: %1 Import PEM data Importa dati PEM Please enter the original SO PIN (PUK) of the token '%1' Prego inserire il SO PIN (PUK) originale del token '%1' Search Cerca Please enter the new SO PIN (PUK) for the token '%1' Prego inserire il nuovo SO PIN (PUK) del token '%1' The new label of the token '%1' La nuova etichetta del token '%1' The token '%1' did not contain any keys or certificates Il token '%1' non contiene nessuna chiave o certificato Current Password Password corrente Please enter the current database password Prego inserire la password corrente del database The entered password is wrong La password inserita non è corretta New Password Nuova password Please enter the new password to encrypt your private keys in the database-file Prego inserire la nuova password per crittare le chiavi private nel file di database Transaction start failed Fallito lo start della transazione Database: %1 Please enter a password, that will be used to encrypt your private keys in the database: %1 Prego inserire una password che verrà utilizzata per crittare le chiavi private nel database: %1 Password verify error, please try again Errore di verifica password, prego riprovare Password Password Please enter the password for unlocking the database: %1 Prego inserire la password per sbloccare il database: %1 The following error occurred: Incontrato l'errore seguente: Copy to Clipboard Copia negli appunti Certificate Index ( index.txt ) Indice dei certificati ( index.txt ) All files ( * ) Tutti i file ( * ) Diffie-Hellman parameters saved as: %1 Parametri Diffie-Hellman salvati come: %1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits I parametri Diffie-Hellman sono necessari per varie applicazioni ma non sono gestiti da XCA. Prego inserire i bit dei parametri DH Error opening file: '%1': %2 Errore in apertura file: '%1': %2 NewCrl Last update Ultimo aggiornamento Next update Prossimo aggiornamento Days Giorni Months Mesi Years Anni Midnight Mezzanotte Local time Ora locale Apply Applica Options Opzioni CRL number Numero CRL Subject alternative name Nome alternativo soggetto Revocation reasons Motivi di revoca Authority key identifier Identificatore della chiave dell'Authority Hash algorithm Algoritmo di hash Create CRL Crea CRL NewKey Please give a name to the new key and select the desired keysize Prego dare un nome alla nuova chiave e selezionare la dimensione desiderata Key properties Proprietà della chiave Name Nome The internal name of the new key Nome interno della nuova chiave Curve name Nome della curva Usually at least 2048 bit keys are recommended Sono raccomandate chiavi almeno 2048 bit New Key Nuova chiave Keysize Dimensione chiave Keytype Tipo di chiave Remember as default Ricorda come predefinito Create Crea NewX509 Source Sorgente Signing request Richiesta di firma Show request Mostra richiesta Sign this Certificate signing &request Firma questa &richiesta di firma certificato (CSR) Copy extensions from the request Copia le estensioni dalla richiesta Modify subject of the request Modifica il soggetto della richiesta Signing Firma Create a &self signed certificate &Crea un certificato auto-firmato Use &this Certificate for signing Utilizza ques&to certificato per la firma All certificates in your database that can create valid signatures Tutti i certificati nel database che possono creare firme valide Signature algorithm Algoritmo di firma Template for the new certificate Modello per il nuovo certificato All available templates Tutti i modelli disponibili Apply extensions Applica le estesnsioni Apply subject Applica il soggetto Apply all Applica tutto Subject Soggetto Internal Name Nome interno Distinguished name Nome distinto Add Aggiungi Delete Elimina Private key Chiave privata This list only contains unused keys Questa lista contiene solo chiavi inutilizzate Used keys too Anche chiavi utilizzate &Generate a new key &Genera una nuova chiave Extensions Estensioni Type Tipo If this will become a CA certificate or not Se questo diventerà un certificato CA o no Not defined Non definito Certification Authority Autorità di certificazione End Entity Entità finale Path length Lunghezza del path How much CAs may be below this. Quante CA possono esistere sotto a questa. The basic constraints should always be critical I vincoli di base dovrebbero sempre essere 'critical' Key identifier Identificatore chiave Creates a hash of the key following the PKIX guidelines Crea un hash della chiave secondo le direttive PKIX Copy the Subject Key Identifier from the issuer Copia il campo Identificatore Chiave Soggetto dall'emittente Validity Validità Not before Non prima Not after Non dopo Time range Intervallo di tempo Days Giorni Months Mesi Years Anni Apply Applica Set the time to 00:00:00 and 23:59:59 respectively Imposta orario a 00:00:00 e 23:59:59 rispettivamente Midnight Mezzanotte Local time Ora locale No well-defined expiration Scadenza non ben definita DNS: IP: URI: email: RID: DNS: IP: URI: email: RID: Edit Modifica URI: URI: Key usage Utilizzo chiave Netscape Netscape Advanced Avanzate Validate Validazione Comment Commento This name is only used internally and does not appear in the resulting certificate Questo nome è utilizzato solo internamente e non compare nel certificato risultante Critical Critico Create Certificate signing request Crea una richiesta di firma certificato (CSR) minimum size: %1 dimensione minima: %1 maximum size: %1 dimensione massima: %1 only a-z A-Z 0-9 '()+,-./:=? solamente a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters solamente caratteri a 7-bit Edit XCA template Modifica modello XCA Create x509 Certificate Crea certificato x509 Template '%1' applied Applicato modello '%1' Subject applied from template '%1' Applicato soggetto da modello '%1' Extensions applied from template '%1' Applicate estensioni da modello '%1' New key '%1' created Creata nuova chiave '%1' Other Tabs Altre Tab Advanced Tab Tab avanzate Errors Errori From PKCS#10 request Dalla richiesta PKCS#10 Abort rollout The following length restrictions of RFC3280 are violated: I seguenti vincoli di lunghezza dall'RFC3280 sono violati: Edit subject Modifica soggetto Continue rollout The verification of the Certificate request failed. The rollout should be aborted. La verifica della richiesta certificato è fallita. Il rollout dovrebbe essere abortito. Continue anyway Continua comunque The internal name and the common name are empty. Please set at least the internal name. I campi nome interno e nome comune sono vuoti. Prego definire almeno il nome interno. Edit name Modifica nome There is no Key selected for signing. Nessuna chiave selezionata per la firma. Select key selezione chiave The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. I seguenti campi "Distinguished name" sono vuoti: %1 nonostante siano stati dichiarati come obbligatori nel menu opzioni. The key you selected for signing is not a private one. La chiave selezionata per la firma non è una chiave privata. Select other signer Seleziona altro firmatario Select other key Seleziona altra chiave The currently selected hash algorithm '%1' is insecure and should not be used. L'algoritmo di hashing selezionato '%1' non è sicuro e non dovrebbe essere utilizzato. Select other algorithm Seleziona altro algoritmo Use algorithm anyway Utilizza comunque l'algoritmo The certificate will be earlier valid than the signer. This is probably not what you want. La validità del certificato sarebbe antecedente a quella del firmatario. Questo probabilmente non è ciò che si desidera. Edit dates Modifica date Adjust date and continue Aggiusta la data e continua The certificate will be longer valid than the signer. This is probably not what you want. La validità del certificato sarebbe posteriore a quella del firmatario. Questo probabilmente non è ciò che si desidera. The certificate will be out of date before it becomes valid. You most probably mixed up both dates. La data di scadenza del certificato è antecedente a quella di inizio validità. Probabilmente sono state scambiate. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. Il certificato contiene estensioni non valide o duplicate. Controllare la validazione nella linguetta "avanzate". The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. Il certificato non contiene estensioni. Puoi applicare le estensioni di uno dei modelli per definire lo scopo del certificato. The certificate contains invalid extensions. Edit extensions Modifica estensioni The subject alternative name shall contain a copy of the common name. However, the common name is empty. Il nome alternativo del soggetto sarà copiato dal nome comune. Tuttavia, il campo nome comune è vuoto. Configfile error on line %1 Errore nella linea %1 del file di configurazione OidResolver OID Resolver Enter the OID, the Nid, or one of the textual representations Inserire OID, Nid oppure una delle rappresentazioni testuali Search Ricerca OID OID Long name Nome completo OpenSSL internal ID ID interno OpenSSL Nid Nid Short name Nome breve OpenDb Open remote database Apri database remoto Database type Tipo di database Hostname Nome host Username Nome utente Password Database name Nome database Table prefix Prefisso tabelle No SqLite3 driver available. Please install the qt-sqlite package of your distribution Driver SqLite3 non disponibile. Prego installare il pacchetto qt-sqlite della distribuzione in uso Please enter the password to access the database server %2 as user '%1'. Prego inserire la password di accesso al database server %2 come utente: '%1'. The database driver does not support transactions. This may happen if the client and server have different versions. Continue with care. Il driver database non supporta le transazioni. Questo può succedere se il client e il server hanno versioni differenti. Continuare con attenzione. Options XCA Options Opzioni XCA Settings Impostazioni Default hash algorithm Algoritmo di hash predefinito String types Tipi di stringa Suppress success messages Sopprimi i messaggi di successo Don't colorize expired certificates Non colorare i certificati scaduti Translate established x509 terms (%1 -> %2) Traduci i termini x509 stabiliti (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. La funzionalità hash del token non è utilizzata da XCA. Può comunque onorare un ritretto insieme di hash propagati dal token. Nello specifico EC e DSA sono definiti solo con SHA1 nelle specifiche PKCS#11. Only use hashes supported by the token when signing with a token key Utilizzare solo hash supportati dal token quando si firma con una chiave del token Disable legacy Netscape extensions Disabilita estensioni Netscape obsolete PKCS12 encryption algorithm Certificate expiry warning threshold Limite di avviso scdenza certificato Send vCalendar expiry reminder Spedisci promemoria scadenza in formato vCalendar Serial number length Lunghezza del numero di serie bit Distinguished name Mandatory subject entries Elementi obbligatori del soggetto Add Aggiungi Delete Elimina Explicit subject entries Elementi espliciti del soggetto Dynamically arrange explicit subject entries Sistemazione dinamica degli elementi espliciti del soggetto Default Predefinito PKCS#11 provider Provider PKCS#11 Remove Rimuovi Search Ricerca Printable string or UTF8 (default) Stringa stampabile o UTF8 (predefinito) PKIX recommendation in RFC2459 Raccomandazioni PKIX da RFC2459 No BMP strings, only printable and T61 No stringhe BMP, solo stampabili e T61 UTF8 strings only (RFC2459) Solo stringhe UTF8 (RFC2459) All strings Tutte le stringhe Days Giorni Weeks Settimane Load failed Caricamento fallito PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) La password è processata come sequenza di codici esadecimali a 2 cifre. Deve avere un numero pari di caratteri (0-9 e a-f) Take as HEX string Considera come stringa HEX Password Password Repeat %1 Ripeti %1 %1 mismatch %1 mancata corrispondenza Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters La password di tipo hex può contenere solo caratteri '0' -'9' e 'a' - 'f' in numero pari Exit Esci E&xit E&sci QMessageBox Close Chiudi Cancel Annulla Apply Applica Yes No No QObject Undefined Indefinito Broken / Invalid Non valido in %1 seconds entro %1 secondi %1 seconds ago %1 secondi fa in %1 minutes entro %1 minuti %1 minutes ago %1 minuti fa Yesterday Ieri Tomorrow Domani in %1 hours entro %1 ore %1 hours ago %1 ore fa DB: Rename: '%1' already in use DB: Rinomina: '%1' già in uso DB: Entry to rename not found: %1 DB: Elemento da rinominare non trovato: %1 DB: Write error %1 - %2 DB: Errore di scrittura %1 - %2 Out of data Dati esauriti Error finding endmarker of string Errore: non trovato marcatore di fine stringa Out of Memory at %1:%2 Memoria esaurita a %1:%2 Country code Codice paese State or Province Stato o provincia Locality Località Organisation Organizzazione Organisational unit Unità organizzativa Common name Nome comune E-Mail address Indirizzo e-mail Serial number Numero di serie Given name Nome Surname Cognome Title Titolo Initials Iniziali Description Descrizione Role Ruolo Pseudonym Pseudonimo Generation Qualifier Qualificatore di generazione x500 Unique Identifier Identificativo univoco x500 Name Nome DN Qualifier Qualificatore DN Unstructured name Nome non strutturato Challenge password Challenge password Basic Constraints Vincoli base Subject alternative name Nome alternativo soggetto issuer alternative name Nome alternativo emittente Subject key identifier Identificativo chiave soggetto Authority key identifier Identificativo chiave authority Key usage Utilizzo della chiave Extended key usage Utilizzo esteso della chiave CRL distribution points Punti di distribuzione CRL Authority information access Informazioni di accesso all'authority Certificate type Tipo di certificato Base URL URL base Revocation URL URL di revoca CA Revocation URL URL di revoca della CA Certificate renewal URL URL per rinnovo certificato CA policy URL URL delle policy CA SSL server name Nome server SSL Comment Commento All files ( * ) Tutti i file (*) PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK Keys ( *.pvk );; SSH Public Keys ( *.pub );; Chiavi PKI ( *.pem *.der *.key );; Chiavi PKCS#8 ( *.p8 *.pk8 );; Chiavi Microsoft PVK ( *.pvk );; Chiavi pubbliche SSH ( *.pub );; Import RSA key Importa chiave RSA PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; SSH Public Keys ( *.pub );; Chiavi PKI ( *.pem *.der *.key );; Chiavi PKCS#8 ( *.p8 *.pk8 );; Chiavi pubbliche SSH ( *.pub );; PKCS#10 CSR ( *.pem *.der *.csr );; Import Request Importa richiesta Certificates ( *.pem *.der *.crt *.cer );; Certificati ( *.pem *.der *.crt *.cer );; Import X.509 Certificate Importa certificato x509 PKCS#7 data ( *.p7s *.p7m *.p7b );; Dati PKCS#7 ( *.p7s *.p7m *.p7b );; Import PKCS#7 Certificates Importa certificati PKCS#7 PKCS#12 Certificates ( *.p12 *.pfx );; Certificati PKCS#12 ( *.p12 *.pfx );; Import PKCS#12 Private Certificate Importa certificato privato PKCS#12 XCA templates ( *.xca );; Modelli XCA ( *.xca );; Import XCA Templates Importa modelli XCA Revocation lists ( *.pem *.der *.crl );; Liste di revocas ( *.pem *.der *.crl );; Import Certificate Revocation List Importa liste di revoca certificati (CRL) XCA Databases ( *.xdb );; Database XCA ( *.xdb );; Open XCA Database Apri database XCA PKCS#11 library ( *.dll );; Libreria PKCS#11 ( *.dll );; PKCS#11 library ( *.dylib *.so );; Libreria PKCS#11 ( *.dylib *.so );; PKCS#11 library ( *.so );; Libreria PKCS#11 ( *.so );; Open PKCS#11 shared library Apri libreria condivisa PKCS#11 PEM files ( *.pem );; File PEM ( *.pem );; Load PEM encoded file Carica file codificato PEM Please enter the PIN on the PinPad Prego inserire il PIN nella PinPad Please enter the SO PIN (PUK) of the token %1 Prego inserire il SO PIN (PUK) del token %1 Please enter the PIN of the token %1 Prego inserire il PIN del token %1 No Security token found Nessun token di sicurezza trovato Select Seleziona Please enter the new SO PIN (PUK) for the token: '%1' Prego inserire il nuovo SO PIN (PUK) del token: '%1' Please enter the new PIN for the token: '%1' Prego inserire il nuovo PIN del token: '%1' Required PIN size: %1 - %2 Dimensione PIN richiesta: %1 - %2 Failed to open PKCS11 library: %1 Impossibile aprire libreria PKCS#11: %1 Invalid filename: %1 Nome file non valido: %1 Failed to open PKCS11 library: %1: %2 Impossibile aprire libreria PKCS#11: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Questo non sembra essere una libreria PKCS#11. Simbolo 'C_GetFunctionList' non trovato. Disabled Disabilitato Library loading failed Impossibile caricare libreria PKCS#11 function '%1' failed: %2 Funzione PKCS#11 '%1' fallita: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 Funzione PKCS#11 '%1' fallita: %2 nella libreria %3 %4 Invalid Non valido %1 is shorter than %2 bytes: '%3' %1 è minore di %2 bytes: '%3' %1 is longer than %2 bytes: '%3' %1 è maggiore di %2 bytes: '%3' String '%1' for '%2' contains invalid characters La stringa '%1' per '%2' contiene caratteri non validi Error reading config file %1 at line %2 Errore nella lettura del file di configurazione %1 alla linea %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. L'oggetto '%1' nel file %2 alla linea %3 è già conosciuto come '%4:%5:%6' e dovrebbe essere rimosso. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. L'identificativo '%1' per l'OID %2 nel file %3 alla linea %4 è già utilizzato per un OID differente come '%5:%6:%7' e dovrebbe essere modificato per evitare conflitti. Unknown object '%1' in file %2 line %3 Oggetto sconosciuto '%1' nel file %2 linea %3 Failed to start a database transaction Impossibile iniziare una transazione database Index file written to '%1' File indice scritto in '%1' Index hierarchy written to '%1' Gerarchia indici scritta in '%1' Unknown key type %1 Tipo di chiave '%1' sconosciuto Password verify error, please try again Errore di verifica password, prego riprovare The following error occurred: Incontrato l'errore seguente: Failed to update the database schema to the current version Password Password ReqTreeView Sign Firma Unmark signed Marca non firmato Mark signed Marca firmato Similar Request Richiesta simile Certificate request export Esportazione richiesta certificato Certificate request ( *.pem *.der *.csr ) Richiesta certificato ( *.pem *.der *.csr ) RevocationList Manage revocations Gestisci revoche Add Aggiungi Delete Elimina Edit Modifica No. Num. Serial Seriale Revocation Revoca Reason Motivo Invalidation Annullamento Generate CRL Genera CRL Revoke Certificate revocation Revoca certificato Revocation details Dettagli della revoca Revocation reason Motivo della revoca Local time Ora locale Invalid since Non valido dal Serial Seriale SearchPkcs11 Directory ... Include subdirectories Includi le subdirectory Search Ricerca The following files are possible PKCS#11 libraries I seguenti file potrebbero essere librerie PKCS#11 SelectToken Security token Token di sicurezza Please select the security token Prego selezionare il token di sicurezza TempTreeView Duplicate Duplica Create certificate Crea certificato Create request Crea richiesta copy Copia Preset Template values Valori modello predefiniti Template export XCA Templates ( *.xca ) TrustState Certificate trust Trustment &Never trust this certificate Only &trust this certificate, if we trust the signer &Always trust this certificate Validity yyyy-MM-dd hh:mm aaaa-MM-gg hh:mm X509SuperTreeView OpenSSL config Configurazione OpenSSL Transform Trasforma Template Modello Public key Chiave pubblica Save as OpenSSL config Salva come configurazione OpenSSL Config files ( *.conf *.cnf);; All files ( * ) File di configurazione ( *.conf *.cnf);; Tutti i file ( * ) XFile Error opening file: '%1': %2 Errore in apertura file: '%1': %2 Error rewinding file: '%1': %2 XcaTreeView Item properties Proprietà elemento Subject entries Elementi del soggetto X509v3 Extensions Estensioni X509v3 Netscape extensions Estensioni Netscape Key properties Proprietà della chiave Reset Reimposta Hide Column Nascondi colonna Details DettagliDettagli Columns Colonne New Nuovo Import Importa Paste PEM data Incolla dati PEM Rename Rinomina Properties Proprietà Delete Elimina Export Esporta Clipboard Appunti File File database_model Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Rilevato formato database obsoleto. Creo un copia di backup chiamata: '%1' e converto il database nel nuovo formato Failed to rename the database file, because the target already exists Impossibile rinominare il file database: nome destinazione già esistente Please enter the password to access the database server %2 as user '%1'. Prego inserire la password di accesso al database server %2 come utente: '%1'. Unable to create '%1': %2 Impossibile creare '%1': %2 The file '%1' is not an XCA database Il file '%1' non è un database XCA No SqLite3 driver available. Please install the qt-sqlite package of your distribution Driver SqLite3 non disponibile. Prego installare il pacchetto qt-sqlite della distribuzione in uso New Password Nuova password Please enter a password, that will be used to encrypt your private keys in the database: %1 Prego inserire una password che verrà utilizzata per crittare le chiavi private nel database: %1 Password Password Please enter the password for unlocking the database: %1 Prego inserire la password per sbloccare il database: %1 db_base Error opening file: '%1': %2 Errore in apertura file: '%1': %2 Internal name Nome interno No. Primary key Chiave primaria Database unique number Numero univoco database Date Data Date of creation or insertion Data di creazione o inserimento Source Sorgente Generated, Imported, Transformed Generato, importato, trasformato Comment Commento First line of the comment field Prima linea del campo commento Import from: %1 Importa da: %1 Could not create directory %1 Impossibile creare la directory %1 Item properties Proprietà elemento How to export the %1 selected items Come esportare l'elemento selezionato %1 All in one PEM file Tutto in un unico file PEM Each item in one file Ciascun elemento in un singolo file Save %1 items in one file as Salva gli elementi %1 in un singolo file come PEM files ( *.pem );; All files ( * ) File PEM ( *.pem );; Tutti i file ( * ) db_crl Signer Firmatario Internal name of the signer Nome interno del firmatario No. revoked N. Revocati Number of revoked certificates Numero di certificati revocati Last update Ultimo aggiornamento Next update Prossimo aggiornamento CRL number Numero CRL The revocation list already exists in the database as: '%1' and so it was not imported La lista di revoca esiste già nel database come: '%1' quindi non è stata importata Revocation list export Esportazione lista di revoca There are no CA certificates for CRL generation Non esistono certificati CA per generare la CRL Select CA certificate Seleziona un certificato CA Create CRL Crea CRL Failed to initiate DB transaction Inizializzazione transazione DB fallita Database error: %1 Errore database: %1 Database error: Errore database: db_key Type Tipo Size Dimensione EC Group Gruppo EC Use Utilizzo Password Password The key is already in the database as: '%1' and is not going to be imported La chiave esiste già nel DB com: '%1' e non verrà importata The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key Il DB contiene già la parte pubblica della chiave importata come '%1 e sarà completata con la nuova parte privata della chiave Extending public key from %1 by imported key '%2' Estensione chiave pubblica da %1 per mezzo della chiave importata '%2' Key size too small ! Dimensione della chiave troppo piccola ! You are sure to create a key of the size: %1 ? Siete sicuri di voler creare una chiave di dimensione: %1 ? PEM public PEM pubblica SSH2 public SSH2 pubblica PEM private PEM privata SSH2 private SSH2 privata Export keys to Clipboard Esporta chiavi negli appunti Clipboard Appunti Export public key [%1] Esporta chiave pubblica [%1] DER public DER pubblica DER private DER privata PEM encryped PEM crittata PVK private PVK privata PVK encrypted PVK crittata PKCS#8 encrypted PKCS#8 crittata Export private key [%1] Esporta chiave privata [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Chiavi private ( *.pem *.der *.pk8 );; Chiavi pubbliche SSH ( *.pub );; Internal error Errore interno Tried to change password of a token Si è tentato di cambiare la password di un token db_temp Bad template: %1 Modello errato: %1 Empty template Modello vuoto Preset Template values Valori modello predefiniti Save template as Salva modello come XCA templates ( *.xca );; All files ( * ) Modelli XCA ( *.xca );; Tutti i file ( * ) db_x509 CA CA reflects the basic Constraints extension riflette le estensioni vincolo di base Serial Seriale Start date Data di inizio Expiry date Data di scadenza MD5 fingerprint SHA1 fingerprint SHA256 fingerprint Not before Non prima Not after Non dopo Revocation Revoca CRL Expiration Scadenza CRL Plain View Visualizzazione semplice Tree View Visualizzazione ad albero Failed to retrieve unique random serial Impossibile reperire un seriale univoco casuale The certificate already exists in the database as: '%1' and so it was not imported Il certificato esiste già nel database come: '%1' pertanto non è stato importato Signed on %1 by '%2' Firmato su %1 da '%2' Unknown Sconosciuto Invalid public key Chiave pubblica non valida PKCS#7 unrevoked PKCS#7 annullata revoca PEM unrevoked PEM annullata revoca vCalendar vCalendar CA vCalendar CA vCalendar X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) Certificati x509 ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) days giorni No template Nessun modello The key you selected for signing is not a private one. La chiave selezionata per la firma non è una chiave privata. Failed to create directory '%1' Impossibile creare la directory %1 Store the certificate to the key on the token '%1 (#%2)' ? Salvare il certificato nella chiave sul token '%1 (#%2)' ? PEM chain Catena PEM PKCS#7 chain Catena PKCS#7 PKCS#12 chain Catena PKCS#12 PKCS#7 all PKCS#7 tutto PEM + key PEM + chiave PEM all PEM tutto Certificate Index file File indice certificati Certificate export Esportazione Certificato X509 Certificates ( *.pem *.cer *.crt *.p12 *.p7b ) Certificati x509 ( *.pem *.cer *.crt *.p12 *.p7b ) There was no key found for the Certificate: '%1' Nessuna chiave trovata per il certificato: '%1' Not possible for a token key: '%1' Impossibile per una chiave token: '%1' Error opening file: '%1': %2 Errore in apertura file: '%1': %2 Not possible for the token-key Certificate '%1' Impossibile per il certificato chiave token: '%1' days giorni db_x509name Subject Soggetto Complete distinguished name Distinguished name completo Subject hash Hash del soggetto Hash to lookup certs in directories Hash per ricerca certificati nelle directory db_x509req Signed Firmato whether the request is already signed or not se la richiesta è già firmata o meno Unstructured name Nome non strutturato Challenge password Challenge password Certificate count Numero certificati Number of certificates in the database with the same public key Numero certificati nel database con la stessa chiave pubblica The certificate signing request already exists in the database as '%1' and thus was not stored La richiesta di firma certificato esiste già nel database come '%1' pertanto non è stata salvata Certificate request export Esportazione richiesta certificato Certificate request ( *.pem *.der *.csr ) Richiesta certificato ( *.pem *.der *.csr ) db_x509super Key name Nome chiave Internal name of the key Nome interno della chiave Signature algorithm Algoritmo di firma Key type Tipo di chiave Key size Dimensione della chiave EC Group Gruppo EC Extracted from %1 '%2' Estratto da %1 '%2' Certificate Certificato Certificate request Richiesta certificato Save as OpenSSL config Salva come configurazione OpenSSL Config files ( *.conf *.cnf);; All files ( * ) File di configurazione ( *.conf *.cnf);; Tutti i file ( * ) The following extensions were not ported into the template Le seguenti estensioni non erano state portate nel modello Transformed from %1 '%2' Trasformato da %1 '%2' kvView Type Tipo Content Contenuto pass_info Password Password PIN PIN pkcs11_lib Failed to open PKCS11 library: %1: %2 Impossibile aprire libreria PKCS#11: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Questo non sembra essere una libreria PKCS#11. Simbolo 'C_GetFunctionList' non trovato. pki_base Error opening file: '%1': %2 Errore in apertura file: '%1': %2 Error writing to file: '%1': %2 Errore scrittura file: '%1': %2 Unknown Sconosciuto Imported Importato Generated Generato Transformed Trasformato Token Token Legacy Database Database obsoleto Renewed Rinnovato Property '%1' not listed in 'pki_base::print' Proprieà '%1' non prevista in 'pki_base::print' Internal error: Unexpected message: %1 %2 Errore interno: Messaggio inaspettato: %1 %2 pki_crl Successfully imported the revocation list '%1' Lista di revoca '%1' importata correttamente Delete the revocation list '%1'? Elimino la lista di revoca '%1'? Successfully created the revocation list '%1' Lista di revoca '%1' creata correttamente Delete the %1 revocation lists: %2? Elimino la lista di revoca %1: '%2'? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. Impossibile caricare la lista di revoca dal file %1. Tentati i formati PEM e DER. No issuer given Non è stato fornito l'emittente Wrong Size %1 Dimensione non corretta %1 CRL Renewal of CA '%1' due Rinnovo CRL della CA '%1' scaduto The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' L'ultima CRL rilasciata dalla CA '%1' scadrà il %2. Si trova nel database XCA '%3' The XCA CRL '%1', issued on %3 will expire on %4. It is stored in the XCA database '%5' La CRL XCA '%1', rilasciata il %3 scadrà il %4. Si trova nel database XCA '%5' unknown Sconosciuto Renew CRL: %1 Rinnova CRL: %1 The XCA CRL '%1', issued by the CA '%2' on %3 will expire on %4. It is stored in the XCA database '%5' La CRL XCA '%1', rilasciata dalla CA '%2' il %3, scadrà il %4. E' mantenuta nel database XCA '%5' pki_evp Failed to decrypt the key (bad password) Impossibile decrittare la chiave (password errata) Failed to decrypt the key (bad password) %1 Impossibile decrittare la chiave (password errata) %1 Please enter the password to decrypt the private key. Prego inserire la password per decrittare la chiave privata. Please enter the password to decrypt the private key %1. Prego inserire la password per decrittare la chiave privata %1. The key from file '%1' is incomplete or inconsistent. La chiave nel file '%1' è incompleta o inconsistente. Please enter the password to decrypt the private key from file: %1 Prego inserire la password per decrittare la chiave privata dal file: %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. Impossibile caricare la chiave privata nel file %1. Tentativi con i formati PEM e DER privati, pubblici, tipi chiave PKCS#8 e formato SSH2. Ignoring unsupported private key Ignorata chiave privata non supportata Please enter the password to decrypt the private key: '%1' Prego inserire la password per decrittare la chiave privata: '%1' Password input aborted Inserimento password abortito Please enter the database password for decrypting the key '%1' Prego inserire la password del database per decrittare la chiave: '%1' Please enter the password to protect the private key: '%1' Prego inserire la password per proteggere la chiave privata: '%1' Please enter the database password for encrypting the key Prego inserire la password del database per crittare la chiave Please enter the password protecting the PKCS#8 key '%1' Prego inserire la password della chiave PKCS#8 '%1' Please enter the password protecting the Microsoft PVK key '%1' Prego inserire la password che protegge la chiave Microsoft PVK '%1' Please enter the export password for the private key '%1' Prego inserire la password per esportare la chiave privata: '%1' pki_export PEM Text format with headers Formato testo PEM con intestazioni Concatenated list of all selected items in one PEM text file Lista concatenata di tutti gli oggetti selezionati in un file di testo PEM PEM chain Catena PEM Concatenated text format of the complete certificate chain in one PEM file Formato testo concatenato della catena di certificazione completa in un file PEM PEM + key PEM + chiave Concatenation of the certificate and the unencrypted private key in one PEM file Certificato e chiave privata concatenati in chiaro in unico file con codifica PEM Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Certificato e chiave privata concatenati e crittati in unico file con codifica PKCS#8 PKCS#7 encoded single certificate Singolo certificato con codifica PKCS#7 All selected certificates encoded in one PKCS#7 file Tutti i certificati selezionati codificati in un file PKCS#7 PKCS #7 chain PKCS#7 encoded complete certificate chain Catena di certificazione completa con codifica PKCS#7 Binary DER encoded certificate PKCS #12 chain The complete certificate chain and the private key as encrypted PKCS#12 file Catena di certificazione completa e chiave privata in un file PKCS#12 crittato PKCS #12 The certificate and the private key as encrypted PKCS#12 file Certificato e chiave privata in un file PKCS#12 crittato Certificate Index file File indice certificati OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool File indice dei certificati in formato specifico OpenSSL come creato dal comando 'ca' e richiesto dallo strumento OCSP vCalendar vCalendar vCalendar expiry reminder for the selected items Promemoria scadenza in formato vCalendar per gli oggetti selezionati CA vCalendar CA vCalendar vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL Promemoria scadenza in formato vCalendar contenente tutti i certificati rilasciati e validi, la CA stessa e l'ultima CRL PEM public PEM pubblica Text format of the public key in one PEM file Chiave pubblica formato testo in unico file PEM PEM private PEM privata Unencrypted private key in text format Chiave privata in chiaro in formato testo PEM encrypted OpenSSL specific encrypted private key in text format Chiave privata crittata OpenSSL in formato testo SSH2 private SSH2 privata SSH2 public SSH2 pubblica The public key encoded in SSH2 format Chiave pubblica codificata in formato SSH2 DER public DER pubblica Binary DER format of the public key Chiave pubblica formato DER binario DER private DER privata Unencrypted private key in binary DER format Chiave privata in chiaro in formato DER binario PVK private PVK privata Private key in Microsoft PVK format not encrypted Chiave privata non crittata in formato Microsoft PVK PVK encrypted PVK crittata Encrypted private key in Microsoft PVK format Chiave privata crittata in formato Microsoft PVK PKCS #8 encrypted Encrypted private key in PKCS#8 text format Chiave privata crittata in formato testo PKCS#8 PKCS #8 Unencrypted private key in PKCS#8 text format Chiave privata in chiaro in formato testo PKCS#8 Binary DER format of the certificate request Binary DER format of the revocation list vCalendar reminder for the CRL expiry date XCA template in PEM-like format All selected XCA templates in PEM-like format pki_key Successfully imported the %1 public key '%2' Chiave pubblica '%2' di %1 importata correttamente Delete the %1 public key '%2'? Elimina chiave pubblica '%2' di %1? Successfully imported the %1 private key '%2' Chiave privata '%2' di %1 importata correttamente Delete the %1 private key '%2'? Elimina chiave privata '%2' di %1? Successfully created the %1 private key '%2' Chiave privata '%2' di %1 creata correttamente Delete the %1 keys: %2? Eliminare le chiavi di %1: %2? Public key Chiave pubblica Common Comune Private Privata Bogus Fasullo PIN PIN No password Nessuna password Unexpected SSH2 content: '%1' Contenuto SSH2 non previsto: '%1' Invalid SSH2 public key Chiave pubblica SSH2 non valida Failed writing to %1 Errore scrittura su %1 pki_multi No known PEM encoded items found Non trovato nessun elemento codificato PEM pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 Prego inserire la password per decrittare il file PKCS#12: %1 Unable to load the PKCS#12 (pfx) file %1. Impossibile caricare il file PKCS#12 (pfx) %1. The supplied password was wrong (%1) La password fornita non è corretta (%1) Please enter the password to encrypt the PKCS#12 file Prego inserire la password per crittare il file PKCS#12 No key or no Cert and no pkcs12 Nessuna chiave o nessun certificato e nessun pkcs12 pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. Impossibile caricare il file PKCS#7 %1. Tentati i formati PEM e DER. pki_scard Successfully imported the token key '%1' Chiave token '%1' importata correttamente Delete the token key '%1'? Elimina chiave token '%1'? Successfully created the token key '%1' Chiave token '%1' creata correttamente Delete the %1 keys: %2? Eliminare le chiavi di %1: %2? Delete the private key '%1' from the token '%2 (#%3)' ? Eliminare la chiave privata '%1' dal token '%2 (#%3)' ? This Key is already on the token Questa chiave è già sul token PIN input aborted Inserimento PIN abortito Unable to find copied key on the token Impossibile trovare la chiave copiata sul token Please insert card: %1 %2 [%3] with Serial: %4 Prego inserire la card: %1 %2 [%3] con Seriale: %4 Public Key mismatch. Please re-import card Differenza di chiave pubblica. Prego re-importare la card Illegal Key generation method Metodo non previsto per la generazione della chiave Unable to find generated key on card Impossibile trovare la chiave generata sulla card Ignoring unsupported token key Ignorata chiave token non supportata Wrong Size %1 Dimensione non corretta %1 Token %1 Token %1 Failed to find the key on the token Impossibile trovare la chiave sul token Invalid Pin for the token PIN per il token non valido Failed to initialize the key on the token Impossibile inizializzare la chiave sul token pki_temp Successfully imported the XCA template '%1' Modello XCA '%1' importato correttamente Delete the XCA template '%1'? Eliminare modello XCA '%1'? Successfully created the XCA template '%1' Modello XCA '%1' creato correttamente Delete the %1 XCA templates: %2? Eliminare il modello XCA %1: '%2'? Wrong Size %1 Dimensione non corretta %1 Template file content error (too small) Errore contenuto del file del modello (troppo piccolo) Template file content error (too small): %1 Errore contenuto del file del modello (troppo piccolo): %1 Not a PEM encoded XCA Template Non è un modello XCA con codifica PEM Not an XCA Template, but '%1' Non è un modello XCA, ma '%1' pki_x509 Successfully imported the certificate '%1' Certificato '%1' importato correttamente Delete the certificate '%1'? Eliminare certificato '%1'? Successfully created the certificate '%1' Certificato '%1' creato correttamente Delete the %1 certificates: %2? Eliminare i certificati %1: '%2'? Unable to load the certificate in file %1. Tried PEM and DER certificate. Impossibile caricare il certificato dal file %1. Tentati i formati PEM e DER. This certificate is already on the security token Questo certificato si trova già sul token Delete the certificate '%1' from the token '%2 (#%3)'? Eliminare il certificato '%1' dal token '%2 (#%3)'? There is no key for signing ! Nessuna chiave per la firma ! Wrong Size %1 Dimensione non corretta %1 No No Yes Renew certificate: %1 Rinnovo certificato: %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' Il certificato XCA '%1', rilasciato il %2, scadrà il %3. E' mantenuto nel database XCA '%4' CRL Renewal of CA '%1' due Rinnovo CRL della CA '%1' scaduto The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' L'ultima CRL rilasciata dalla CA '%1' scadrà il %2. E' mantenuta nel database XCA '%3' pki_x509req Signing key not valid (public key) Chiave per la firma non valida (chiave pubblica) Successfully imported the %1 certificate request '%2' Richiesta certificato %1 '%2' importata correttamente Delete the %1 certificate request '%2'? Eliminare la richiesta certificato %1 '%2'? Successfully created the %1 certificate request '%2' Richiesta certificato %1 '%2' creata correttamente Delete the %1 certificate requests: %2? Eliminare la richiesta certificato %1: %2? Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. Impossibile caricare la richiesta certificato dal file %1. Tentati i formati PEM, DER e SPKAC. Wrong Size %1 Dimensione non corretta %1 Signed Firmato Unhandled Non gestito v3ext Copy Common Name Copia nome comune Add Aggiungi Delete Elimina Apply Applica Validate Validazione Cancel Annulla An email address or 'copy' Un indirizzo e-mail oppure 'copy' An email address Un indirizzo e-mail A registered ID: OBJECT IDENTIFIER Un ID registrato: OBJECT IDENTIFIER A uniform resource indicator Una URI (uniform resource indicator) A DNS domain name or 'copycn' Un nome dominio DNS oppure 'copycn' A DNS domain name Un nome dominio DNS An IP address Un indirizzo IP Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' Sintassi: <OID>;TIPO:testo come '1.2.3.4:UTF8:nome' No editing. Only 'copy' allowed here Consentito solo 'copy' qui Validation failed: '%1' %2 Validazione fallita: '%1' %2 Validation successful: '%1' Validazione riuscita: '%1' xcaWarning The following error occurred: Incontrato l'errore seguente: Copy to Clipboard Copia negli appunti xcaWarningGui Copy to Clipboard Copia negli appunti xca-RELEASE.2.5.0/lang/xca_ja.ts000066400000000000000000005630641450407711300161060ustar00rootroot00000000000000 CaProperties CA Properties CAプロパティ Form CAのプロパティ Days until next CRL issuing 次のCRL発行までの日数 Default template デフォルトテンプレート CertDetail Details of the Certificate 証明書の詳細 Serial シリアル番号 The serial number of the certificate 証明書のシリアル番号 The internal name of the certificate in the database データベース内の証明書内部名 Status ステータス Internal name 内部名 Signature 署名アルゴリズム Key 秘密鍵 Fingerprints フィンガープリント MD5 MD5 An md5 hashsum of the certificate 証明書のMD5ハッシュ SHA1 SHA1 A SHA-1 hashsum of the certificate 証明書のSHA-1ハッシュ SHA256 SHA256 A SHA-256 hashsum of the certificate 証明書のSHA-256ハッシュ Validity 有効期限 The time since the certificate is valid 証明書が有効になってからの時間 The time until the certificate is valid 証明書が有効になるまでの時間 Subject サブジェクト Issuer 発行者 Extensions 拡張キー Comment コメント Attributes 属性 Show config コンフィグを表示 Show extensions 拡張キーを表示 Show public key 公開キーを表示 This key is not in the database. このキーはデータベースに存在しません。 Not available 使用不可 Signer unknown 署名者不明 Self signed 自己署名 Revoked at %1 %1で取り消し Not valid 無効 Valid 有効 Details of the certificate signing request 証明書署名要求の詳細 CertExtend Certificate renewal 証明書の更新 This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. これにより、新しいシリアル番号と修正された有効値を持つ古い証明書のコピーとして、新しい証明書が作成されます。 Validity 有効期限 Not before 前ではない Not after 以降でない Time range 時間の範囲 Local time ローカル時間 Days Months Years No well-defined expiration 有効期限が明確に定義されていない Midnight 深夜時間 Apply 適用 Revoke old certificate 古い証明書の失効 Replace old certificate 古い証明書を置き換える Keep serial number シリアル番号を保持 The certificate will be earlier valid than the signer. This is probably not what you want. 証明書は署名者よりも前に有効になります。これはおそらくあなたが望むものではありません。 Edit dates 日付の編集 Abort rollout 展開の中止 Continue rollout 展開を続ける Adjust date and continue 日付を調整して続行 The certificate will be longer valid than the signer. This is probably not what you want. 証明書は署名者よりも有効期間が長くなります。これはおそらくあなたが望むものではありません。 CertTreeView Import PKCS#12 PKCS#12形式でインポート Import from PKCS#7 PKCS#7形式でインポート Request リクエスト Security token セキュリティトークン Other token その他のトークン Similar Certificate 類似の証明書 Delete from Security token セキュリティトークンから削除 CA CA Properties プロパティ Generate CRL CRLを作成 Manage revocations 失効の管理 Renewal 更新 Revoke 失効 Unrevoke 失効の取消 Plain View 標準ビュー Tree View ツリービュー days No template テンプレートなし CA Properties CAプロパティ Certificate export 証明書のエクスポート X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) ClickLabel Double click for details ダブルクリックして詳細を表示 CrlDetail Details of the Revocation list 失効リストの詳細 &Status ステータス(&S) Version バージョン Signature 署名アルゴリズム Signed by 署名者 Name 名前 The internal name of the CRL in the database データベース内のCRL内部名 issuing dates 発行日 Next update 次回の更新 Last update 最終更新 &Issuer 発行者(&I) &Extensions 拡張キー(&E) &Revocation list 失効リスト(&R) Comment コメント Failed 失敗 Unknown signer 不明な署名者 Verification not possible 検証できません CrlTreeView There are no CA certificates for CRL generation CRL生成のためのCA証明書がありません Select CA certificate CA証明書の選択 Revocation list export 失効リストのエクスポート CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) ExportDialog Name 名前 The internal name of the CRL in the database データベース内のCRL内部名 ... ... Filename ファイル名 Export comment into PEM file コメントをPEMファイルにエクスポート Export Format エクスポートフォーマット All files ( * ) All files ( * ) PEM Text format with headers ヘッダ付きPEMテキスト形式 Concatenated list of all selected items in one PEM text file 1つのPEMテキストファイルで選択されたすべての項目を連結したリスト Concatenated text format of the complete certificate chain in one PEM file 1つのPEMファイル内の完全な証明書チェーンの連結テキスト形式 Concatenated text format of all certificates in one PEM file 1つのPEMファイルにすべての証明書を連結したテキスト形式 Binary DER encoded file バイナリDERエンコードファイル PKCS#7 encoded single certificate PKCS#7でエンコードされた単一の証明書 PKCS#7 encoded complete certificate chain PKCS#7エンコードされた完全な証明書チェーン Concatenated text format of all unrevoked certificates in one PEM file 1つのPEMファイル内の失効していないすべての証明書を連結したテキスト形式 All unrevoked certificates encoded in one PKCS#7 file 1つのPKCS#7ファイルにエンコードされた、失効していないすべての証明書 All selected certificates encoded in one PKCS#7 file 選択されたすべての証明書が1つのPKCS#7ファイルにエンコードされている All certificates encoded in one PKCS#7 file 1つのPKCS#7ファイルにエンコードされたすべての証明書 The certificate and the private key as encrypted PKCS#12 file 暗号化されたPKCS#12ファイルとしての証明書と秘密鍵 The complete certificate chain and the private key as encrypted PKCS#12 file 完全な証明書チェーンと暗号化されたPKCS#12ファイルとしての秘密鍵 Concatenation of the certificate and the unencrypted private key in one PEM file 1つのPEMファイルでの証明書と暗号化されていない秘密鍵の連結 Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file 証明書と暗号化された秘密鍵をPKCS#8形式で1つのファイルに連結したもの Text format of the public key in one PEM file 1つのPEMファイル内の公開キーのテキスト形式 Binary DER format of the public key 公開キーのバイナリDERフォーマット Unencrypted private key in text format テキスト形式の暗号化されていない秘密鍵 OpenSSL specific encrypted private key in text format OpenSSL固有の暗号化された秘密鍵 (テキスト形式) Unencrypted private key in binary DER format バイナリDER形式の暗号化されていない秘密鍵 Unencrypted private key in PKCS#8 text format PKCS#8テキスト形式の暗号化されていない非公開キー Encrypted private key in PKCS#8 text format 暗号化された秘密鍵 (PKCS#8テキスト形式) The public key encoded in SSH2 format SSH2形式でエンコードされた公開キー OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool 'CA'コマンドで作成され、OCSPツールで必要なOpenSSL固有の証明書インデックスファイル vCalendar expiry reminder for the selected items 選択したアイテムのvCalendar有効期限リマインダ vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL 発行されたすべての有効な証明書、CA自体、および最新のCRLを含むvCalendar有効期限リマインダ Private key in Microsoft PVK format not encrypted Microsoft PVK形式の秘密鍵は暗号化されていません Encrypted private key in Microsoft PVK format Microsoft PVK形式の暗号化された秘密鍵 The file: '%1' already exists! ファイル「%1 」はすでに存在します! Overwrite 上書き Do not overwrite 上書きしない Form last update next update Days Months Years Apply 適用 Midnight 深夜時間 Local time ローカル時間 No well-defined expiration 有効期限が明確に定義されていない Help << << >> >> &Done 完了(&D) ImportMulti Import PKI Items PKI項目のインポート Import &All すべてインポート(&A) &Import インポート(&I) &Done 完了(&D) &Remove from list リストから削除(&R) Details 詳細 Delete from token トークンから削除 Rename on token トークンの名前を変更 Name: %1 Model: %2 Serial: %3 製品名: %1 モデル名: %2 シリアル番号: %3 Manage security token セキュリティトークンを管理 Details of the item '%1' cannot be shown アイテム「%1 」の詳細を表示できません The type of the item '%1' is not recognized アイテムのタイプ「%1 」が認識されません The file '%1' did not contain PKI data ファイル「%1 」にPKIデータが含まれていませんでした The %1 files: '%2' did not contain PKI data %1ファイル:「%2 」にPKIデータが含まれていませんでした ItemProperties Name 名前 Source ソース Insertion date 挿入日 Comment コメント KeyDetail Name 名前 The internal name of the key used by xca xcaが使用するキーの内部名 Security token セキュリティトークン Manufacturer 製造元 Serial シリアル Key キー Public Exponent 公開指数 Keysize 鍵長 Private Exponent 秘密指数 Security Token セキュリティトークン Label ラベル PKCS#11 ID PKCS#11 ID Token information トークン情報 Model モデル Fingerprint フィンガープリント Comment コメント Details of the %1 key %1キーの詳細 Not available 使用不可 Available 使用可能 Sub prime サブプライム Public key 公開キー Private key 秘密鍵 Curve name カーブ名 Unknown key 不明なキー KeyTreeView Clipboard format Change password パスワードの変更 Reset password パスワードリセット Change PIN PINコード変更 Init PIN with SO PIN (PUK) SO PIN (PUK)でPINを初期化します Change SO PIN (PUK) SO PIN (PUK)を変更 Security token セキュリティトークン This is not a token これはトークンではありません Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable 元のキー「%1」をトークンのキーに置き換えますか? キー「%1」が削除され、エクスポートできなくなります Export public key [%1] 公開キーのエクスポート[%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) MainWindow Private Keys 秘密鍵 &New Key 新しい秘密鍵(&N) &Export エクスポート(&E) &Import インポート(&I) Import PFX (PKCS#12) PFX (PKCS#12)形式でインポート &Show Details 詳細を表示(&S) &Delete 削除(&D) Certificate signing requests 証明書署名要求 &New Request 署名リクエスト(&N) Certificates 署名済証明書 &New Certificate 新しい証明書を作成(&N) Import &PKCS#12 PKCS#12形式でインポート(&P) Import P&KCS#7 PKCS#7形式でインポート(&K) Plain View プレイン表示 Templates テンプレート &New Template 新しいテンプレート(&N) &New CRL 新しいCRLを作成(&N) Ch&ange Template テンプレートを変更(&a) Revocation lists 失効リスト Using or exporting private keys will not be possible without providing the correct password 正しいパスワードを入力しないと、秘密鍵の使用またはエクスポートはできません Database データベース The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. 現在使用されているデフォルトハッシュ「%1」は安全ではありません。セキュリティ上の理由から、少なくとも「SHA 224」を選択してください。 Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format 旧バージョンのデータベース形式が検出されました。「%1」という名前のバックアップコピーを作成し、データベースを新しい形式に変換しています Failed to rename the database file, because the target already exists ターゲットがすでに存在するため、データベースファイルの名前を変更できませんでした No deleted items found 削除されたアイテムは見つかりませんでした Recent DataBases 最近使用したデータベース System システム言語 Croatian クロアチア語 English 英語 French フランス語 German ドイツ語 Japanese 日本語 Russian ロシア語 Slovak スロバキア語 Spanish スペイン語 Persian Bulgarian Polish ポーランド語 Italian イタリア語 Chinese 中国語 Dutch オランダ語 Portuguese in Brazil ポルトガル語(ブラジル) Indonesian Turkish トルコ語 Language 言語 &File ファイル(&F) Open Remote DataBase リモートデータベースを開く Set as default DataBase デフォルトデータベースに指定する New DataBase 新しいデータベース Open DataBase データベースを開く Close DataBase データベースを閉じる Options オプション Exit 終了 I&mport インポート(&m) Keys 秘密鍵 Requests 証明書署名要求を作成 PKCS#12 PKCS#12 PKCS#7 PKCS#7 Template テンプレート Revocation list 失効リスト PEM file PEMファイル Paste PEM file PEMファイルを貼り付け Token トークン Export Certificate &Index hierarchy 証明書とインデックスの階層をエクスポート(&I) Content コンテンツ &Manage Security token セキュリティトークンを管理(&M) &Init Security token セキュリティトークンを初期化(&I) &Change PIN PINを変更(&C) Change &SO PIN SO PINを変更(&S) Init PIN PINを初期化 Extra 追加 &Dump DataBase データベースをダンプ(&D) &Export Certificate Index 証明書インデックスのエクスポート(&E) C&hange DataBase password データベースパスワードの変更(&h) &Undelete items 削除取り消し(&U) Generate DH parameter DH parameterを生成 OID Resolver OID 検索 &Help ヘルプ(&H) About XCAについて no such option: %1 そのようなオプションはありません:%1 Import PEM data PEMデータを読み込む Please enter the original SO PIN (PUK) of the token '%1' トークン'%1'の元のSO PIN(PUK)を入力してください Search 検索 Please enter the new SO PIN (PUK) for the token '%1' トークン'%1'の新しいSO PIN(PUK)を入力してください The new label of the token '%1' トークン'%1'の新しいラベル The token '%1' did not contain any keys or certificates トークン「%1」にキーまたは証明書が含まれていませんでした Current Password 現在のパスワード Please enter the current database password 現在のデータベースパスワードを入力してください The entered password is wrong 入力したパスワードが間違っています New Password 新しいパスワード Please enter the new password to encrypt your private keys in the database-file データベースファイルの秘密鍵を暗号化するための新しいパスワードを入力してください Transaction start failed トランザクションの開始に失敗しました Database: %1 Please enter a password, that will be used to encrypt your private keys in the database: %1 データベースの秘密鍵を暗号化するためのパスワードを入力してください: %1 Password verify error, please try again パスワード確認エラーです。再試行してください Password パスワード Please enter the password for unlocking the database: %1 データベースのロックを解除するためのパスワードを入力してください: %1 The following error occurred: 次のエラーが発生しました: Copy to Clipboard クリップボードにコピー Certificate Index ( index.txt ) 証明書インデックス(index。テキスト) All files ( * ) All files ( * ) Diffie-Hellman parameters saved as: %1 Diffie-Hellmanパラメータを%1として保存しました Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits Diffie-Hellmanパラメータはさまざまなアプリケーションに必要ですが、XCAでは処理されません。 DHパラメータビットを入力してください NewCrl Last update 最終更新 Next update 最終更新 Days Months Years Midnight 深夜時間 Local time ローカル時間 Apply 適用 Options オプション CRL number CRL番号 Subject alternative name サブジェクト代替名 Revocation reasons 失効理由 Authority key identifier 機関キー識別子 Hash algorithm ハッシュアルゴリズム Create CRL CRLの作成 NewKey Please give a name to the new key and select the desired keysize 新しい秘密鍵に名前を付けて、目的の秘密鍵サイズを選択してください Key properties 秘密鍵のプロパティ Name 名前 The internal name of the new key 新しい秘密鍵の内部名 Curve name カーブ名 Usually at least 2048 bit keys are recommended 通常は少なくとも2048ビットの秘密鍵を推奨します New Key 新しい秘密鍵 Keysize 鍵長 Keytype 暗号タイプ Remember as default デフォルトとして保存 Create 作成 NewX509 Source ソース Signing request 署名リクエスト Show request リクエストを表示 Sign this Certificate signing &request この証明書署名要求に署名する(&r) Copy extensions from the request 要求からの拡張キーのコピー Modify subject of the request 証明書署名要求のサブジェクトを変更する Signing 署名 Create a &self signed certificate 自己署名証明書を作成(&s) Use &this Certificate for signing 署名にこの証明書を使用(&t) All certificates in your database that can create valid signatures 有効な署名を作成できるデータベース内のすべての証明書 Signature algorithm 署名アルゴリズム Template for the new certificate 新しい証明書のテンプレート All available templates 使用可能なすべてのテンプレート Apply extensions 拡張キーの適用 Apply subject サブジェクトに適用 Apply all すべてに適用 Subject サブジェクト Internal Name 内部名 Distinguished name 識別名 Add 追加 Delete 削除 Private key 秘密鍵 This list only contains unused keys このリストには未使用のキーのみが含まれています Used keys too 使用しているキー &Generate a new key 新しい秘密鍵を生成(&G) Extensions 拡張キー Type サブジェクトタイプ If this will become a CA certificate or not これがCA証明書になるかどうか Not defined Not defined Certification Authority Certification Authority End Entity End Entity Path length Path length How much CAs may be below this. これより下にあるCAの数。 The basic constraints should always be critical 基本的な制約は常に重要でなければならない Key identifier 機関キー識別子 Creates a hash of the key following the PKIX guidelines PKIXガイドラインに従って、キーのハッシュを作成します Copy the Subject Key Identifier from the issuer 発行者から機関キー識別子をコピーする Validity 有効期間 Not before 有効開始日 Not after 有効終了日 Time range 範囲 Days Months Years Apply 適用 Set the time to 00:00:00 and 23:59:59 respectively 時刻をそれぞれ00:00:00と23:59:59に設定します Midnight 深夜時間 Local time ローカル時間 No well-defined expiration 有効期限が明確に定義されていない DNS: IP: URI: email: RID: DNS: IP: URI: email: RID: Edit 編集 URI: URI: Key usage キー使用法 Netscape Netscape Advanced 詳細設定 Validate 検証 Comment コメント This name is only used internally and does not appear in the resulting certificate この名前は内部でのみ使用され、結果の証明書には表示されません Critical 重要 Create Certificate signing request 証明書署名要求の作成 minimum size: %1 最小サイズ:%1 maximum size: %1 最大サイズ:%1 only a-z A-Z 0-9 '()+,-./:=? a-z A-Z0-9'()+、-./:=? only 7-bit clean characters 7ビットのみ Edit XCA template XCA テンプレートの編集 Create x509 Certificate x509証明書の作成 Template '%1' applied テンプレート「%1 」が適用されました Subject applied from template '%1' テンプレート'%1'から適用されたサブジェクト Extensions applied from template '%1' テンプレート'%1'から適用された拡張キー New key '%1' created 新しい秘密鍵「%1」が作成されました Other Tabs その他のタブ Advanced Tab 詳細設定 タブ Errors エラー From PKCS#10 request PKCS#10要求 Abort rollout 展開の注視 The following length restrictions of RFC3280 are violated: RFC3280の次の長さ制限に違反しています: Edit subject サブジェクトを編集 Continue rollout 展開を続ける The verification of the Certificate request failed. The rollout should be aborted. 証明書要求の検証に失敗しました。 展開を中止してください。 Continue anyway 続行 The internal name and the common name are empty. Please set at least the internal name. 内部名とコモンネームが空です。 少なくとも内部名を設定してください。 Edit name 名前を変更 There is no Key selected for signing. 署名する秘密鍵が選択されていません。 Select key 秘密鍵を選択 The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. 次の識別名エントリは空です: %1 ただし、オプションメニューで必須として宣言しています。 The key you selected for signing is not a private one. 署名用に選択したキーは秘密鍵ではありません。 Select other signer 他の署名者を選択 Select other key 他の秘密鍵を選択 The currently selected hash algorithm '%1' is insecure and should not be used. 現在選択されているハッシュ・アルゴリズム '%1' は安全ではないので、使用しないでください。 Select other algorithm 他のアルゴリズムを選択 Use algorithm anyway アルゴリズムをとにかく使う The certificate will be earlier valid than the signer. This is probably not what you want. 証明書は署名者よりも前に有効になります。これはおそらくあなたが望むものではありません。 Edit dates 日時を変更 Adjust date and continue 日付を調整して続行 The certificate will be longer valid than the signer. This is probably not what you want. 証明書は署名者よりも有効期間が長くなります。これはおそらくあなたが望むものではありません。 The certificate will be out of date before it becomes valid. You most probably mixed up both dates. 証明書は有効になる前に期限切れになります。おそらく、あなたは両方の日付を間違えているでしょう。 The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. 証明書に無効な拡張キーまたは重複した拡張キーが含まれています。詳細タブで検証を確認します。 The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. 証明書に拡張キーが含まれていません。いずれかのテンプレートの拡張キーを適用して、証明書の目的を定義できます。 The certificate contains invalid extensions. Edit extensions 拡張キーの編集 The subject alternative name shall contain a copy of the common name. However, the common name is empty. サブジェクト代替名は、コモンネームのコピーを含む。ただし、コモンネームは空です。 Configfile error on line %1 %1行目のコンフィグエラー OidResolver OID Resolver OID検索 Enter the OID, the Nid, or one of the textual representations OID、Nid、またはテキストのどれかを入力してください Search 検索 OID OID Long name 長い名前 OpenSSL internal ID OpenSSL内部ID Nid Nid Short name 短い名前 OpenDb Open remote database リモートデータベースを開く Database type データベースタイプ Hostname ホスト名 Username ユーザ名 Password パスワード Database name データベース名 Table prefix テーブルプレフィクス No SqLite3 driver available. Please install the qt-sqlite package of your distribution SQLite3ドライバがありません。お使いのディストリビューションのqt-sqliteパッケージをインストールしてください Please enter the password to access the database server %2 as user '%1'. ユーザ'%1'としてデータベースサーバ%2にアクセスするためのパスワードを入力してください。 The database driver does not support transactions. This may happen if the client and server have different versions. Continue with care. データベースドライバはトランザクションをサポートしていません。これは、クライアントとサーバーのバージョンが異なる場合に発生することがあります。注意して続けてください。 Options XCA Options XCA オプション Settings 設定 Default hash algorithm デフォルトハッシュアルゴリズム String types 文字列タイプ Suppress success messages 成功メッセージを表示しない Don't colorize expired certificates 期限切れの証明書に色を付けない Translate established x509 terms (%1 -> %2) x509用語を翻訳(%1->%2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. トークンのハッシュ機能は、XCAでは使用されません。 ただし、トークンによって伝搬される制限されたハッシュ・セットが優先される場合もあります。 特に、ECおよびDSAは、PKCS#11仕様ではSHA1でのみ定義されています。 Only use hashes supported by the token when signing with a token key トークン・キーによる署名時に、トークンがサポートするハッシュのみを使用する Disable legacy Netscape extensions Netscapeのレガシー拡張キーを無効にする PKCS12 encryption algorithm Certificate expiry warning threshold 証明書有効期限警告しきい値 Send vCalendar expiry reminder vCalendarの有効期限の通知を送信する Serial number length シリアル番号の長さ bit ビット Distinguished name 識別名 Mandatory subject entries 必須のサブジェクトエントリ Add 追加 Delete 削除 Explicit subject entries 明示的なサブジェクトエントリ Dynamically arrange explicit subject entries 明示的なサブジェクトエントリを動的に配置する Default デフォルト PKCS#11 provider PKCS#11 プロバイダ Remove 削除 Search 検索 Printable string or UTF8 (default) 印刷可能な文字列またはUTF8(デフォルト) PKIX recommendation in RFC2459 RFC2459のPKIX勧告 No BMP strings, only printable and T61 BMP文字列なし、印刷可能およびT61のみ UTF8 strings only (RFC2459) UTF8文字列のみ(RFC2459) All strings すべての文字列 Days Weeks PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) パスワードは2桁の16進コードとして解析されます。偶数桁である必要があります(0-9およびa-f) Take as HEX string 16進文字列とみなす Password パスワード Repeat %1 繰り返し%1 %1 mismatch %1の不一致 Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters 16進パスワードには、「0 」-「9 」および「a 」-「f 」の文字のみを使用し、偶数の文字で構成する必要があります Exit 終了 E&xit 終了(&x) QMessageBox Ok OK Close 閉じる Cancel キャンセル Apply 適用 Yes はい No いいえ QObject Undefined 未定義 Broken / Invalid 破損/無効 in %1 seconds %1秒以内 %1 seconds ago %1秒前 in %1 minutes %1分以内 %1 minutes ago %1分前 Yesterday 昨日 Tomorrow 明日 in %1 hours %1時間以内 %1 hours ago %1時間前 Out of data データがありません Error finding endmarker of string 文字列のエンドマーカーの検索中にエラーが発生しました Out of Memory at %1:%2 %1のメモリ不足:%2 All files ( * ) All files ( * ) PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK Keys ( *.pvk );; SSH Public Keys ( *.pub );; PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK Keys ( *.pvk );; SSH Public Keys ( *.pub );; Import RSA key キーをインポート PKCS#10 CSR ( *.pem *.der *.csr );; PKCS#10 CSR ( *.pem *.der *.csr );; Import Request 証明書署名要求のインポート Certificates ( *.pem *.der *.crt *.cer );; Certificates ( *.pem *.der *.crt *.cer );; Import X.509 Certificate X.509形式の証明書をインポート PKCS#7 data ( *.p7s *.p7m *.p7b );; PKCS#7 data ( *.p7s *.p7m *.p7b );; Import PKCS#7 Certificates PKCS#7形式の証明書のインポート PKCS#12 Certificates ( *.p12 *.pfx );; PKCS#12 Certificates ( *.p12 *.pfx );; Import PKCS#12 Private Certificate PKCS#12形式の秘密鍵・証明書をインポート XCA templates ( *.xca );; XCA テンプレート ( *.xca );; Import XCA Templates XCAテンプレートのインポート Revocation lists ( *.pem *.der *.crl );; Revocation lists ( *.pem *.der *.crl );; Import Certificate Revocation List 失効証明書のインポート XCA Databases ( *.xdb );; XCA Databases ( *.xdb );; Open XCA Database XCAデータベースを開く PKCS#11 library ( *.dll );; PKCS#11 library ( *.dll );; PKCS#11 library ( *.dylib *.so );; PKCS#11 library ( *.dylib *.so );; PKCS#11 library ( *.so );; PKCS#11 library ( *.so );; Open PKCS#11 shared library PKCS#11共有ライブラリを開く PEM files ( *.pem );; PEM files ( *.pem );; Load PEM encoded file PEMエンコードファイルを読み込み Please enter the PIN on the PinPad ピンパッドにPINを入力してください Please enter the SO PIN (PUK) of the token %1 トークン%1のSO PIN(PUK)を入力してください Please enter the PIN of the token %1 トークン%1のPINを入力してください No Security token found セキュリティトークンが見つかりません Select 選択 Please enter the new SO PIN (PUK) for the token: '%1' トークン'%1'の新しいSO PIN(PUK)を入力してください Please enter the new PIN for the token: '%1' トークンの新しいPINを入力してください:'%1' Required PIN size: %1 - %2 必要なPINのサイズ:%1-%2 Invalid filename: %1 無効なファイル名:%1 Failed to open PKCS11 library: %1: %2 PKCS11ライブラリ%1を開けませんでした:%2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. これはPKCS#11ライブラリとして認識できません。シンボル「C_GetFunctionList」が見つかりません。 Disabled 無効 Library loading failed ライブラリのロードに失敗しました PKCS#11 function '%1' failed: %2 PKCS#11関数「%1 」が失敗しました:%2 PKCS#11 function '%1' failed: %2 In library %3 %4 PKCS#11関数「%1 」が失敗しました:%2 ライブラリ%3内 %4 Invalid 無効 %1 is shorter than %2 bytes: '%3' %1は%2バイトより短い:'%3' %1 is longer than %2 bytes: '%3' %1は%2バイトを超えています:'%3 String '%1' for '%2' contains invalid characters 「%2 」の文字列「%1 」に無効な文字が含まれています Error reading config file %1 at line %2 %2行目の構成ファイル%1の読み取り中にエラーが発生しました The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. ファイル%2の行%3のオブジェクト「%1 」は既に「%4:%5:%6 」として知られているため、削除する必要があります。 The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. ファイル%3行%4のOID%2の識別子「%1 」は、別のOIDで「%5:%6:%7 」としてすでに使用されています。競合を避けるために変更する必要があります。 Unknown object '%1' in file %2 line %3 ファイル%2の%3行目に不明なオブジェクト「%1 」があります Failed to start a database transaction データベーストランザクションを開始できませんでした Country code Country code State or Province State or Province Locality Locality Organisation Organisation Organisational unit Organisational unit Common name Common name E-Mail address E-Mail address Serial number Serial number Given name Given name Surname Surname Title Title Initials Initials Description Description Role Role Pseudonym 偽名 Generation Qualifier x500 Unique Identifier x500 Unique Identifier Name Name DN Qualifier DN Qualifier Unstructured name Unstructured name Challenge password Challenge password Basic Constraints Basic Constraints Subject alternative name Subject alternative name issuer alternative name issuer alternative name Subject key identifier Subject key identifier Authority key identifier Authority key identifier Key usage Key usage Extended key usage Extended key usage CRL distribution points CRL distribution points Authority information access Authority information access Certificate type Certificate type Base URL Base URL Revocation URL Revocation URL CA Revocation URL CA Revocation URL Certificate renewal URL Certificate renewal URL CA policy URL CA policy URL SSL server name SSL server name Comment Comment Index file written to '%1' インデックス・ファイルを'%1'に書き込みました Index hierarchy written to '%1' インデックス階層が '%1' に書き込まれました Unknown key type %1 不明な鍵タイプ %1 Password verify error, please try again パスワード確認エラーです。再試行してください The following error occurred: 次のエラーが発生しました: Failed to update the database schema to the current version Password パスワード ReqTreeView Sign 署名 Unmark signed 署名済みのマークを解除 Mark signed 署名済みをマーク Similar Request 類似のリクエスト Certificate request export 証明書要求のエクスポート Certificate request ( *.pem *.der *.csr ) Certificate request ( *.pem *.der *.csr ) RevocationList Manage revocations 失効の管理 Add 追加 Delete 削除 Edit 編集 No. No. Serial シリアル Revocation 失効 Reason 理由 Invalidation 無効化 Generate CRL CRLの生成 Revoke Certificate revocation 証明書の失効 Revocation details 失効の詳細 Revocation reason 失効理由 Local time ローカル時間 Invalid since 無効な日付です Serial シリアル SearchPkcs11 Directory ディレクトリ ... ... Include subdirectories サブディレクトリを含める Search 検索 The following files are possible PKCS#11 libraries PKCS#11ライブラリには、次のファイルがあります SelectToken Security token セキュリティトークン Please select the security token セキュリティトークンを選択してください TempTreeView Duplicate 重複 Create certificate 証明書の作成 Create request リクエストの作成 copy コピー Preset Template values プリセットテンプレートの値 Template export XCA Templates ( *.xca ) TrustState Certificate trust Trustment &Never trust this certificate Only &trust this certificate, if we trust the signer &Always trust this certificate Validity yyyy-MM-dd hh:mm yyyy-MM-dd hh:mm X509SuperTreeView OpenSSL config OpenSSL コンフィグ Transform 変換 Template テンプレート Public key 公開キー Save as OpenSSL config OpenSSL設定として保存 Config files ( *.conf *.cnf);; All files ( * ) Config files ( *.conf *.cnf);; All files ( * ) XFile Error opening file: '%1': %2 Error rewinding file: '%1': %2 XcaTreeView Item properties アイテムのプロパティ Subject entries サブジェクトエンティティ X509v3 Extensions X509v3拡張キー Netscape extensions Netscape 拡張キー Key properties キーのプロパティ Reset リセット Hide Column 項目を非表示 Details 詳細 Columns 項目 New 新規 Import インポート Paste PEM data PEMデータを貼り付け Rename リネーム Properties プロパティ Delete 削除 Export エクスポート Clipboard クリップボード File ファイル database_model Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format 旧バージョンのデータベース形式が検出されました。「%1」という名前のバックアップコピーを作成し、データベースを新しい形式に変換しています Failed to rename the database file, because the target already exists ターゲットがすでに存在するため、データベースファイルの名前を変更できませんでした Please enter the password to access the database server %2 as user '%1'. ユーザ'%1'としてデータベースサーバ%2にアクセスするためのパスワードを入力してください。 Unable to create '%1': %2 '%1' を作成できません: %2 The file '%1' is not an XCA database ファイル '%1' は、XCA データベースではありません No SqLite3 driver available. Please install the qt-sqlite package of your distribution SQLite3ドライバがありません。お使いのディストリビューションのqt-sqliteパッケージをインストールしてください New Password 新しいパスワード Please enter a password, that will be used to encrypt your private keys in the database: %1 データベースの秘密鍵を暗号化するためのパスワードを入力してください: %1 Password パスワード Please enter the password for unlocking the database: %1 データベースのロックを解除するためのパスワードを入力してください: %1 db_base Internal name 内部名 No. No. Primary key プライマリキー Database unique number データベースユニーク番号 Date 日付 Date of creation or insertion 作成または挿入の日付 Source ソース Generated, Imported, Transformed 生成済み、インポート済み、変換済み Comment コメント First line of the comment field コメントフィールドの最初の行 Import from: %1 インポート元: %1 Could not create directory %1 ディレクトリ%1を作成できませんでした Item properties アイテムのプロパティ How to export the %1 selected items %1個の選択したアイテムをエクスポートする方法 All in one PEM file 1つのPEMファイル内のすべて Each item in one file 1つのファイル内の各アイテム Save %1 items in one file as %1アイテムを1つのファイルに次の名前で保存する PEM files ( *.pem );; All files ( * ) PEM files ( *.pem );; All files ( * ) db_crl Signer 署名者 Internal name of the signer 署名者の内部名 No. revoked 廃止 Number of revoked certificates 失効した証明書の数 Last update 最終更新 Next update 最終更新 CRL number CRL番号 The revocation list already exists in the database as: '%1' and so it was not imported 失効リストはすでに次のようにデータベースに存在します: '%1' インポートされませんでした Revocation list export 失効リストのエクスポート CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) There are no CA certificates for CRL generation CRL生成のためのCA証明書がありません Select CA certificate CA証明書の選択 Create CRL CRLの作成 Failed to initiate DB transaction DBトランザクションを開始できませんでした Database error: %1 データベースエラー:%1 db_key Type タイプ Size 鍵長 EC Group EC グループ Use 用途 Password パスワード The key is already in the database as: '%1' and is not going to be imported キーはすでに次のようにデータベースに存在します: '%1' インポートされません The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key データベースには、インポートされたキーの公開部分がすでに次のように含まれています。 '%1 キーの新しいプライベート部分によって完了します Extending public key from %1 by imported key '%2' インポートされたキー'%2'によって%1から公開キーを拡張しています Key size too small ! キーサイズが小さすぎます! You are sure to create a key of the size: %1 ? サイズ%1のキーを作成しますか? PEM public PEM public SSH2 public SSH2 public PEM private PEM private SSH2 private SSH2 private Export keys to Clipboard キーをクリップボードにエクスポート Clipboard クリップボード Export public key [%1] 公開キーのエクスポート[%1] DER public DER public DER private DER private PEM encryped PEM encryped PVK private PVKプライベート PVK encrypted PVK暗号化 PKCS#8 encrypted PKCS#8 encrypted Export private key [%1] 秘密鍵をエクスポートする[%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Internal error 内部エラー Tried to change password of a token トークンのパスワードを変更しようとしました db_temp Bad template: %1 不正なテンプレート:%1 Empty template 空のテンプレート Preset Template values プリセットテンプレートの値 Save template as テンプレートに名前を付けて保存 XCA templates ( *.xca );; All files ( * ) XCA templates ( *.xca );; All files ( * ) db_x509 CA CA reflects the basic Constraints extension 基本的なConstraints拡張機能を反映する Serial シリアル Start date 開始日 Expiry date 終了日 MD5 fingerprint MD5フィンガープリント SHA1 fingerprint SHA1フィンガープリント SHA256 fingerprint SHA256フィンガープリント Not before Not before Not after Not after Revocation 失効 CRL Expiration CRLの有効期限 Plain View プレインビュー Tree View ツリービュー Failed to retrieve unique random serial 一意のランダムシリアルの取得に失敗しました The certificate already exists in the database as: '%1' and so it was not imported 証明書はすでに次のようにデータベースに存在します: '%1' インポートはされませんでした Signed on %1 by '%2' %1に'%2'によって署名されました Unknown 不明 Invalid public key 公開キーが無効です PKCS#7 unrevoked PKCS#7の取り消し PEM unrevoked PEMの取り消し vCalendar vCalendar CA vCalendar CA vCalendar X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) days No template テンプレートなし The key you selected for signing is not a private one. 署名用に選択したキーはプライベートキーではありません。 Failed to create directory '%1' ディレクトリ '%1' の作成に失敗しました Store the certificate to the key on the token '%1 (#%2)' ? 証明書をトークン上のキーに格納する「%1(#%2) 」? PEM chain PEMチェーン PKCS#7 chain PKCS#7チェーン PKCS#12 chain PKCS#12チェーン PKCS#7 all PKCS#7 すべて PEM + key PEM + key PEM all PEM all Certificate Index file 証明書インデックスファイル Certificate export 証明書のエクスポート X509 Certificates ( *.pem *.cer *.crt *.p12 *.p7b ) X509 Certificates ( *.pem *.cer *.crt *.p12 *.p7b ) There was no key found for the Certificate: '%1' 証明書'%1'のキーが見つかりませんでした Not possible for a token key: '%1' トークンキー'%1'は使用できません Not possible for the token-key Certificate '%1' トークンキー証明書'%1'は使用できません db_x509name Subject サブジェクト Complete distinguished name 完全な識別名 Subject hash サブジェクトハッシュ Hash to lookup certs in directories ディレクトリ内の証明書を検索するためのハッシュ db_x509req Signed 署名済み whether the request is already signed or not 要求がすでに署名されているかどうか Unstructured name 構造化されていない名前 Challenge password チャレンジパスワード Certificate count 証明書の数 Number of certificates in the database with the same public key 同じ公開キーを持つデータベース内の証明書の数 The certificate signing request already exists in the database as '%1' and thus was not stored 証明書署名要求はすでに次のようにデータベースに存在しています: '%1' 保管されなかった Certificate request export 証明書要求のエクスポート Certificate request ( *.pem *.der *.csr ) Certificate request ( *.pem *.der *.csr ) db_x509super Key name 秘密鍵名 Internal name of the key 秘密鍵の内部名 Signature algorithm 署名アルゴリズム Key type キータイプ Key size 鍵長 EC Group EC グループ Extracted from %1 '%2' %1'%2'から抽出 Certificate 証明書 Certificate request 証明書リクエスト Save as OpenSSL config OpenSSL設定として保存 Config files ( *.conf *.cnf);; All files ( * ) Config files ( *.conf *.cnf);; All files ( * ) The following extensions were not ported into the template 次の拡張機能はテンプレートに移植されませんでした Transformed from %1 '%2' %1'%2'から変換されました kvView Type タイプ Content 内容 pass_info Password パスワード PIN PIN番号 pkcs11_lib Failed to open PKCS11 library: %1: %2 PKCS11ライブラリ%1を開けませんでした:%2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. これはPKCS#11ライブラリとして認識できません。シンボル「C_GetFunctionList」が見つかりません。 pki_base Unknown 不明 Imported インポート済み Generated 生成済 Transformed 変換済 Token トークン Legacy Database レガシーデータベース Renewed 更新 Property '%1' not listed in 'pki_base::print' プロパティ '%1' が 'pki_base::print' にリストされていません Internal error: Unexpected message: %1 %2 内部エラー:予期しないメッセージ:%1 %2 pki_crl Successfully imported the revocation list '%1' 失効リスト'%1'が正常にインポートされました Delete the revocation list '%1'? 失効リスト'%1'を削除しますか? Successfully created the revocation list '%1' 失効リスト'%1'が正常に作成されました Delete the %1 revocation lists: %2? %1失効リストを削除しますか:%2? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. ファイル%1の失効リストを読み込めません。PEMおよびDER形式のCRLを試しました。 No issuer given 発行者が指定されていません Wrong Size %1 サイズ%1が間違っています CRL Renewal of CA '%1' due CA「%1」のCRL更新期限 The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' CAによって発行された最新のCRL「%1」の有効期限は%2になります。 XCAデータベース'%3'に保存されています Renew CRL: %1 CRLの更新:%1 The XCA CRL '%1', issued on %3 will expire on %4. It is stored in the XCA database '%5' %3に発行されたXCA CRL「%1」の有効期限は%4になります。 XCAデータベース'%5'に保存されています pki_evp Failed to decrypt the key (bad password) %1 キー(パスワードが間違っています)%1の暗号化を解除できませんでした Please enter the password to decrypt the private key. 秘密鍵を解読するためのパスワードを入力してください。 Please enter the password to decrypt the private key %1. 秘密鍵 %1 を復号化するためのパスワードを入力してください。 The key from file '%1' is incomplete or inconsistent. ファイル「%1 」のキーが不完全または矛盾しています。 Please enter the password to decrypt the private key from file: %1 ファイルから秘密鍵を復号化するためのパスワードを入力してください: %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. ファイル%1の秘密鍵を読み込めません。PEMおよびDERの秘密鍵、公開キー、PKCS#8キーの種類、およびSSH2形式を試しました。 Ignoring unsupported private key サポートされていない秘密鍵を無視します Please enter the password to decrypt the private key: '%1' 秘密鍵を解読するためのパスワードを入力してください:'%1' Password input aborted パスワードの入力が中断されました Please enter the database password for decrypting the key '%1' キー'%1'を復号化するためのデータベースパスワードを入力してください Please enter the password to protect the private key: '%1' 秘密鍵を保護するためのパスワードを入力してください:'%1' Please enter the database password for encrypting the key キーを暗号化するためのデータベースパスワードを入力してください Please enter the password protecting the PKCS#8 key '%1' PKCS#8キー'%1'を保護するパスワードを入力してください Please enter the password protecting the Microsoft PVK key '%1' Microsoft PVKキー'%1'を保護するパスワードを入力してください Please enter the export password for the private key '%1' 秘密鍵'%1'のエクスポートパスワードを入力してください pki_export PEM Text format with headers ヘッダ付きPEMテキスト形式 Concatenated list of all selected items in one PEM text file 1つのPEMテキストファイルで選択されたすべての項目を連結したリスト PEM chain PEMチェーン Concatenated text format of the complete certificate chain in one PEM file 1つのPEMファイル内の完全な証明書チェーンの連結テキスト形式 PEM + key PEM + key Concatenation of the certificate and the unencrypted private key in one PEM file 1つのPEMファイルでの証明書と暗号化されていない秘密鍵の連結 Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file 証明書と暗号化された秘密鍵をPKCS#8形式で1つのファイルに連結したもの PKCS#7 encoded single certificate PKCS#7でエンコードされた単一の証明書 All selected certificates encoded in one PKCS#7 file 選択されたすべての証明書が1つのPKCS#7ファイルにエンコードされている PKCS #7 chain PKCS#7 encoded complete certificate chain PKCS#7エンコードされた完全な証明書チェーン Binary DER encoded certificate PKCS #12 chain The complete certificate chain and the private key as encrypted PKCS#12 file 完全な証明書チェーンと暗号化されたPKCS#12ファイルとしての秘密鍵 PKCS #12 The certificate and the private key as encrypted PKCS#12 file 暗号化されたPKCS#12ファイルとしての証明書と秘密鍵 Certificate Index file 証明書インデックスファイル OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool 'CA'コマンドで作成され、OCSPツールで必要なOpenSSL固有の証明書インデックスファイル vCalendar vCalendar vCalendar expiry reminder for the selected items 選択したアイテムのvCalendar有効期限リマインダ CA vCalendar CA vCalendar vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL 発行されたすべての有効な証明書、CA自体、および最新のCRLを含むvCalendar有効期限リマインダ PEM public PEM public Text format of the public key in one PEM file 1つのPEMファイル内の公開キーのテキスト形式 PEM private PEM private Unencrypted private key in text format テキスト形式の暗号化されていない秘密鍵 PEM encrypted OpenSSL specific encrypted private key in text format OpenSSL固有の暗号化された秘密鍵 (テキスト形式) SSH2 private SSH2 private SSH2 public SSH2 public The public key encoded in SSH2 format SSH2形式でエンコードされた公開キー DER public DER public Binary DER format of the public key 公開キーのバイナリDERフォーマット DER private DER private Unencrypted private key in binary DER format バイナリDER形式の暗号化されていない秘密鍵 PVK private PVKプライベート Private key in Microsoft PVK format not encrypted Microsoft PVK形式の秘密鍵は暗号化されていません PVK encrypted PVK暗号化 Encrypted private key in Microsoft PVK format Microsoft PVK形式の暗号化された秘密鍵 PKCS #8 encrypted Encrypted private key in PKCS#8 text format 暗号化された秘密鍵 (PKCS#8テキスト形式) PKCS #8 Unencrypted private key in PKCS#8 text format PKCS#8テキスト形式の暗号化されていない非公開キー Binary DER format of the certificate request Binary DER format of the revocation list vCalendar reminder for the CRL expiry date XCA template in PEM-like format All selected XCA templates in PEM-like format pki_key Successfully imported the %1 public key '%2' %1公開キー'%2'のインポートに成功しました Delete the %1 public key '%2'? %1公開キー'%2'を削除しますか? Successfully imported the %1 private key '%2' %1秘密鍵'%2'のインポートに成功しました Delete the %1 private key '%2'? %1形式の秘密鍵'%2'を削除しますか? Successfully created the %1 private key '%2' %1形式の秘密鍵'%2'の作成に成功しました Delete the %1 keys: %2? %1キーを削除しますか:%2? Public key 公開キー Common 共通 Private プライベート Bogus 偽物 PIN PIN No password パスワードなし Unexpected SSH2 content: '%1' 予期しないSSH2コンテンツ:'%1' Invalid SSH2 public key 無効なSSH2公開キーです Failed writing to %1 %1への書き込みに失敗しました pki_multi No known PEM encoded items found 既知のPEMエンコードされた項目が見つかりません pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 PKCS#12ファイルを復号化するためのパスワードを入力してください: %1 Unable to load the PKCS#12 (pfx) file %1. PKCS#12(pfx)ファイル%1を読み込めません。 The supplied password was wrong (%1) 指定されたパスワードが間違っています(%1) Please enter the password to encrypt the PKCS#12 file PKCS#12ファイルを暗号化するためのパスワードを入力してください No key or no Cert and no pkcs12 キーまたはCertがないか、pkcs12がありません pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. PKCS#7ファイル%1を読み込めません。PEMおよびDER形式を試しました。 pki_scard Successfully imported the token key '%1' トークンキー'%1'が正常にインポートされました Delete the token key '%1'? トークンキー'%1'を削除しますか? Successfully created the token key '%1' トークンキー'%1'が正常に作成されました Delete the %1 keys: %2? %1キーを削除しますか:%2? Delete the private key '%1' from the token '%2 (#%3)' ? トークン「%2(#%3) 」から秘密鍵「%1」を削除しますか? This Key is already on the token このキーはすでにトークン上にあります PIN input aborted PIN入力を中止しました Unable to find copied key on the token トークン上にコピーされたキーが見つかりません Please insert card: %1 %2 [%3] with Serial: %4 カードを挿入してください:%1 %2 [%3]シリアル番号:%4 Illegal Key generation method 不正なキー生成方法 Unable to find generated key on card カード上に生成されたキーが見つかりません Ignoring unsupported token key サポートされていないトークンキーを無視します Wrong Size %1 サイズ%1が間違っています Token %1 トークン%1 Failed to find the key on the token トークン上のキーが見つかりませんでした Invalid Pin for the token トークンのPINが無効です Failed to initialize the key on the token トークンのキーの初期化に失敗しました pki_temp Successfully imported the XCA template '%1' XCAテンプレート'%1'が正常にインポートされました Delete the XCA template '%1'? XCAテンプレート'%1'を削除しますか? Successfully created the XCA template '%1' XCAテンプレート'%1'が正常に作成されました Delete the %1 XCA templates: %2? %1XCAテンプレートを削除しますか:%2? Wrong Size %1 サイズ%1が間違っています Template file content error (too small) テンプレートファイルのコンテンツエラー(小さすぎる) Not a PEM encoded XCA Template PEMエンコードされたXCAテンプレートではありません Not an XCA Template, but '%1' XCAテンプレートではありませんが'%1' pki_x509 Successfully imported the certificate '%1' 証明書'%1'が正常にインポートされました Delete the certificate '%1'? 証明書'%1'を削除しますか? Successfully created the certificate '%1' 証明書'%1'が正常に作成されました Delete the %1 certificates: %2? %1証明書を削除しますか:%2? Unable to load the certificate in file %1. Tried PEM and DER certificate. ファイル%1の証明書を読み込めません。PEMおよびDER証明書を試しました。 This certificate is already on the security token この証明書は既にセキュリティトークンにあります Delete the certificate '%1' from the token '%2 (#%3)'? トークン'%2(#%3)'から証明書「%1 」を削除しますか? There is no key for signing ! 署名用のキーがありません! Wrong Size %1 サイズ%1が間違っています No いいえ Yes はい Renew certificate: %1 証明書を書き換える:%1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' %2で発行されたXCA証明書「%1 」は%3に有効期限が切れます。 これはXCAデータベース'%4'に保存されています pki_x509req Signing key not valid (public key) 署名キーが無効です(公開キー) Successfully imported the %1 certificate request '%2' %1証明書要求'%2'が正常にインポートされました Delete the %1 certificate request '%2'? %1証明書要求'%2'を削除しますか? Successfully created the %1 certificate request '%2' %1証明書要求'%2'が正常に作成されました Delete the %1 certificate requests: %2? %1証明書要求を削除しますか:%2? Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. ファイル%1の証明書要求を読み込めません。PEM、DER、およびSPKAC形式を試しました。 Wrong Size %1 サイズ%1が間違っています Signed 署名済み Unhandled 未処理 v3ext Copy Common Name コモンネームのコピー Add 追加 Delete 削除 Apply 適用 Validate 検証 Cancel キャンセル An email address or 'copy' 電子メールアドレスまたはコピー An email address 電子メールアドレス A registered ID: OBJECT IDENTIFIER 登録ID:オブジェクト識別子 A uniform resource indicator 統一資源指標 A DNS domain name or 'copycn' DNSドメイン名または'copycn' A DNS domain name DNSドメイン名 An IP address IPアドレス Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' 構文:<OID>;TYPE:text like'1.2.3.4:UTF8:name' No editing. Only 'copy' allowed here 編集なし。ここでは「コピー 」のみ指定してください Validation failed: '%1' %2 検証に失敗しました: '%1' %2 Validation successful: '%1' 検証に成功しました: '%1' xcaWarning The following error occurred: 次のエラーが発生しました: Copy to Clipboard クリップボードにコピー xcaWarningGui Copy to Clipboard クリップボードにコピー xca-RELEASE.2.5.0/lang/xca_nl.ts000066400000000000000000005507701450407711300161250ustar00rootroot00000000000000 CaProperties CA Properties CA Eigenschappen Form Days until next CRL issuing Dagen tot de volgende CRL uitgifte Default template Standaard sjabloon CertDetail Details of the Certificate Eigenschappen van het certificaat Serial Serienummer The serial number of the certificate Het serienummer van het certificaat The internal name of the certificate in the database De interne naam van het certificaat in de database Status Status Internal name Interne naam Signature Handtekening Key Sleutel Fingerprints Fingerprints MD5 MD5 An md5 hashsum of the certificate De MD5 hash van het certificaat SHA1 SHA1 A SHA-1 hashsum of the certificate De SHA-1 hash van het certificaat SHA256 SHA256 A SHA-256 hashsum of the certificate De SHA-256 hash van het certificaat Validity Geldigheid The time since the certificate is valid Het tijdstip sinds het certificaat geldig is The time until the certificate is valid Het tijdstip tot wanneer het certificaat geldig is Subject Onderwerp Issuer Uitgever Extensions Uitbreidingen Comment Commentaar Attributes Attributen Show config Toon configuratie Show extensions Toon uitbreidingen Show public key Toon openbare sleutel This key is not in the database. Deze sleutel is niet aanwezig in de database. Not available Niet beschikbaar Signer unknown Onbekende ondertekenaar Self signed Zelf ondertekend Revoked at %1 Ingetrokken op %1 Not valid Niet geldig Valid Geldig Details of the certificate signing request Gegevens van het certificaat onderteken verzoek (CSR) CertExtend Certificate renewal Certificaat vernieuwing This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. Een nieuw certificaat wordt aangemaakt, als kopie van het oude certificaat, met een nieuw serienummer en aangepaste geldigheidswaarden. Validity Geldigheid Not before Niet voor Not after Niet na Time range Tijdspanne Local time Lokale tijdstip Days Dagen Months Maanden Years Jaren No well-defined expiration Geen correct gedefinieerde expiratie Midnight Middernacht Apply Toepassen Revoke old certificate Oude certificaat intrekken Replace old certificate Keep serial number Gebruik het oude serienummer The certificate will be earlier valid than the signer. This is probably not what you want. De startdatum van het certificaat ligt voor de datum van ondertekening. Dit is waarschijnlijk niet gewenst. Edit dates Datums aanpassen Abort rollout Uitgave stopzetten Continue rollout Uitgave voortzetten Adjust date and continue Datum aanpassen en doorgaan The certificate will be longer valid than the signer. This is probably not what you want. De einddatum van het certificaat is later dan de einddatum van ondertekening. Dit is waarschijnlijk niet gewenst. CertTreeView Import PKCS#12 Importeren van PKCS#12 bestand Import from PKCS#7 Importeren van PKCS#7 bestand Request Verzoek Security token Beveiligingstoken Other token Ander token Similar Certificate Gelijksoortig certificaat Delete from Security token Verwijder van beveiligingstoken CA Certificaat Autoriteit (CA) Properties Eigenschappen Generate CRL Genereer CRL Manage revocations Beheer intrekkingen Renewal Vernieuwing Revoke Intrekken Unrevoke Intrekken ongedaan maken Plain View Tekst weergave Tree View Vertakkingen overzicht days dagen No template Geen sjabloon CA Properties CA Eigenschappen Certificate export Certificaat export X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) X.509 Certificaten ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) ClickLabel Double click for details Dubbel klik voor details CrlDetail Details of the Revocation list Details van de intrekkingslijst &Status &Status Version Versie Signature Handtekening Signed by Ondertekend door Name Naam The internal name of the CRL in the database De interne naam van de CRL in de database issuing dates datum van afgifte Next update Volgende update Last update Laatste update &Issuer U&itgever &Extensions Uitbr&eidingen &Revocation list Lijst van int&rekkingen Comment Commentaar Failed Mislukt Unknown signer Onbekende ondertekenaar Verification not possible Verificatie is niet mogelijk CrlTreeView There are no CA certificates for CRL generation Er zijn geen CA certificaten voor CRL-generatie Select CA certificate Selecteer CA certificaat Revocation list export Intrekkingslijst exporteren CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) ExportDialog Name Naam The internal name of the CRL in the database De interne naam van de CRL in de database ... ... Filename Bestandsnaam Export comment into PEM file Exporteer commentaar in het PEM bestand Export Format Exporteer formaat All files ( * ) Alle bestanden ( * ) PEM Text format with headers PEM Tekst formaat met koppen Concatenated list of all selected items in one PEM text file Samengevoegde lijst van alle geselecteerde items in één PEM tekstbestand Concatenated text format of the complete certificate chain in one PEM file Samengevoegd tekstformaat van de volledige certificaat reeks in één PEM bestand Concatenated text format of all certificates in one PEM file Samengevoegd tekstformaat van alle certificaten in één PEM bestand Binary DER encoded file Binair DER gecodeerd bestand PKCS#7 encoded single certificate PKCS#7 gecodeerd mono certificaat PKCS#7 encoded complete certificate chain PKCS#7 gecodeerde, complete certificaat reeks Concatenated text format of all unrevoked certificates in one PEM file Samengevoegd tekstformaat van alle niet-ingetrokken certificaten in één PEM bestand All unrevoked certificates encoded in one PKCS#7 file Alle niet-ingetrokken certificaten gecodeerd in één PKCS#7 bestand All selected certificates encoded in one PKCS#7 file Alle geselecteerde certificaten gecodeerd in één PKCS#7 bestand All certificates encoded in one PKCS#7 file Alle certificaten gecodeerd in een PKCS#7 bestand The certificate and the private key as encrypted PKCS#12 file Het certificaat en de privé-sleutel als versleuteld PKCS#12 bestand The complete certificate chain and the private key as encrypted PKCS#12 file De volledige certificaat reeks en de privé-sleutel als versleuteld PKCS#12 bestand Concatenation of the certificate and the unencrypted private key in one PEM file Samenvoeging van het certificaat en de niet-versleutelde privé-sleutel in één PEM bestand Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Samenvoeging van het certificaat en de versleutelde privé-sleutel in PKCS#8 bestand Text format of the public key in one PEM file Tekstformaat van de openbare sleutel in één PEM bestand Binary DER format of the public key Binair DER-formaat van de openbare sleutel Unencrypted private key in text format Niet-versleutelde privé-sleutel in tekst formaat OpenSSL specific encrypted private key in text format OpenSSL-specifieke versleutelde privé-sleutel in tekstformaat Unencrypted private key in binary DER format Niet-versleutelde privé-sleutel in binair DER formaat Unencrypted private key in PKCS#8 text format Niet-versleutelde privé-sleutel in PKCS#8 formaat Encrypted private key in PKCS#8 text format Versleutelde privé-sleutel in PKCS#8 formaat The public key encoded in SSH2 format De openbare sleutel gecodeerd in SSH2-indeling OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool OpenSSL-specifiek certificaat-indexbestand, gemaakt met de opdracht 'ca' en vereist voor de OCSP-tool vCalendar expiry reminder for the selected items vCalendar vervaldatum herinnering voor de geselecteerde items vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL vCalendar vervaldatum herinnering met daarin bevattend: alle uitgegeven, geldige certificaten, de CA zelf en de nieuwste CRL Private key in Microsoft PVK format not encrypted Niet-versleutelde privé-sleutel in Microsoft PVK formaat Encrypted private key in Microsoft PVK format Versleutelde privé-sleutel in Microsoft PVK formaat The file: '%1' already exists! Het bestand: '%1' bestaat al! Overwrite Overschrijven Do not overwrite Niet overschrijven Form last update next update Days Dagen Months Maanden Years Jaren Apply Toepassen Midnight Middernacht Local time Lokale tijdstip No well-defined expiration Geen correct gedefinieerde expiratie Help << << >> >> &Done Uitgevoer&d ImportMulti Import PKI Items Importeer PKI gegevens Import &All &Alles importeren &Import &Importeren &Done Uitgevoer&d &Remove from list Ve&rwijder van de lijst Details Details Delete from token Verwijderen uit token Rename on token Hernoem in token Name: %1 Model: %2 Serial: %3 Naam: %1 Model: %2 Serienummer: %3 Manage security token Beheer beveiligingstoken Details of the item '%1' cannot be shown Details van het item '%1' kunnen niet worden weergegeven The type of the item '%1' is not recognized Het type van het item '%1' wordt niet herkend The file '%1' did not contain PKI data Het bestand %1 bevatte geen PKI-gegevens The %1 files: '%2' did not contain PKI data De %1 bestanden: '%2' bevatten geen PKI-gegevens ItemProperties Name Naam Source Bron Insertion date Invoegdatum Comment Commentaar KeyDetail Name Naam The internal name of the key used by xca De interne naam van de sleutel die wordt gebruikt door XCA Security token Beveiligingstoken Manufacturer Fabrikant Serial Serienummer Key Sleutel Public Exponent Openbare Exponent Keysize Sleutelgrootte Private Exponent Privé Exponent Security Token Beveiligingstoken Label Label PKCS#11 ID PKCS#11 ID Token information Token informatie Model Model Fingerprint Fingerprint Comment Commentaar Details of the %1 key Details van de %1-sleutel Not available Niet beschikbaar Available Beschikbaar Sub prime Sub priemgetal Public key Openbare sleutel Private key Privé-sleutel Curve name Curve naam Unknown key Onbekende sleutel KeyTreeView Clipboard format Change password Verander het wachtwoord Reset password Reset het wachtwoord Change PIN Verander de PIN Init PIN with SO PIN (PUK) Initiele PIN met SO PIN (PUK) Change SO PIN (PUK) Verander het SO PIN (PUK) Security token Beveiligingstoken This is not a token Dit is geen token Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable Moet de oorspronkelijke sleutel '%1' worden vervangen door de sleutel van de token? Hiermee wordt de sleutel %1 verwijderd en wordt deze onbruikbaar gemaakt Export public key [%1] Openbare sleutel exporteren [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Privé-sleutels ( *.pem *.der *.pk8 );; SSH Openbare sleutels ( *.pub ) MainWindow Private Keys Privé-sleutels &New Key &Nieuwe Sleutel &Export &Exporteren &Import &Importeren Import PFX (PKCS#12) Importeer PFX (PKCS#12) &Show Details Toon Detail&s &Delete Verwij&deren Certificate signing requests Certificaat onderteken verzoeken &New Request &Nieuw Verzoek Certificates Certificaten &New Certificate &Nieuw certificaat Import &PKCS#12 Importeer &PKCS#12 Import P&KCS#7 Importeer P&KCS#7 Plain View Tekst weergave Templates Sjablonen &New Template &Nieuw Sjabloon &New CRL &Nieuwe CRL Ch&ange Template Bewerk Sj&abloon Revocation lists Intrekkingslijsten Using or exporting private keys will not be possible without providing the correct password Het gebruik of exporteren van privé-sleutels is niet mogelijk zonder het juiste wachtwoord op te geven Database Database The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. De momenteel gebruikte standaard hash '%1' is onveilig. Selecteer om veiligheidsredenen ten minste 'SHA 224'. Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Legacy database indeling gedetecteerd. Een reservekopie wordt gemaakt met de naam '%1' en de database wordt geconverteerd naar de nieuwe indeling Failed to rename the database file, because the target already exists Kan het database bestand niet hernoemen, omdat het bestand al bestaat No deleted items found Geen verwijderde gegevens gevonden Recent DataBases Recente databases System Systeem Croatian Kroatisch English Engels French Frans German Duits Japanese Japans Russian Russisch Slovak Slowaaks Spanish Spaans Persian Bulgarian Polish Pools Italian Italiaans Chinese Chinees Dutch Nederlands Portuguese in Brazil Braziliaans Portugees Indonesian Turkish Turks Language Taal &File Bestand Open Remote DataBase Open database (op netwerk) Set as default DataBase Stel in als standaard database New DataBase Nieuwe database Open DataBase Open database Close DataBase Sluit database Options Opties Exit Sluiten I&mport I&mport Keys Sleutels Requests Verzoeken PKCS#12 PKCS#12 bestanden PKCS#7 PKCS#7 bestanden Template Sjablonen Revocation list Intrekkingslijsten PEM file PEM bestanden Paste PEM file Plak het PEM bestand Token Token Export Certificate &Index hierarchy Exporteer certificaten &index hiërarchie Content Inhoud &Manage Security token Beheer beveiligingstoken &Init Security token &Initialiseer Beveiligingstoken &Change PIN Verander PIN Change &SO PIN Verander het &SO PIN Init PIN Initialiseer PIN Extra Extra &Dump DataBase &Dump database &Export Certificate Index &Exporteer certificaten index C&hange DataBase password V&erander database wachtwoord &Undelete items Herstel gegevens Generate DH parameter Genereer DH parameter OID Resolver OID Vertaler &Help &Help About Over no such option: %1 Onbekende keuze: %1 Import PEM data Importeer PEM gegevens Please enter the original SO PIN (PUK) of the token '%1' Voer de oorspronkelijke SO PIN (PUK) van het token '%1' in Search Zoeken Please enter the new SO PIN (PUK) for the token '%1' Voer de nieuwe SO PIN (PUK) van het token '%1' in The new label of the token '%1' Het nieuwe label van het token '%1' The token '%1' did not contain any keys or certificates Het token '%1' bevatte geen sleutels of certificaten Current Password Huidig wachtwoord Please enter the current database password Voer het huidige database wachtwoord in The entered password is wrong Het ingevoerde wachtwoord is niet correct New Password Nieuw wachtwoord Please enter the new password to encrypt your private keys in the database-file Voer het nieuwe wachtwoord in om uw privé-sleutels te versleutelen in het database bestand Transaction start failed Start van de transactie is mislukt Database: %1 Please enter a password, that will be used to encrypt your private keys in the database: %1 Voer een wachtwoord in, dat zal worden gebruikt om uw privé-sleutels in de database te versleutelen: %1 Password verify error, please try again Fout bij wachtwoordverificatie, probeer het opnieuw Password Wachtwoord Please enter the password for unlocking the database: %1 Voer het wachtwoord in om de database te ontgrendelen: %1 The following error occurred: De volgende fout is opgetreden: Copy to Clipboard Kopieer naar klembord Certificate Index ( index.txt ) Certificaat Index ( index.txt ) All files ( * ) Alle bestanden ( * ) Diffie-Hellman parameters saved as: %1 Diffie-Hellman parameters opgeslagen als: %1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits Diffie-Hellman parameters zijn nodig voor verschillende toepassingen (zoals b.v. OpenVPN). XCA heeft ze echter niet nodig en gebruikt de parameters zelf niet. Voer de Diffie-Hellman bit modulus in, voor later gebruik (Advies > 2048 bit) NewCrl Last update Laatste update Next update Volgende update Days Dagen Months Maanden Years Jaren Midnight Middernacht Local time Lokale tijdstip Apply Toepassen Options Opties CRL number CRL nummer Subject alternative name Alternatieve naam van het onderwerp Revocation reasons Redenen van intrekken Authority key identifier Autoriteit sleutel-ID Hash algorithm Hash algoritme Create CRL creëer een CRL NewKey Please give a name to the new key and select the desired keysize Geef een naam op voor de nieuwe sleutel en selecteer de gewenste sleutelgrootte Key properties Sleutel eigenschappen Name Naam The internal name of the new key De interne naam van de nieuwe sleutel Curve name Curve naam Usually at least 2048 bit keys are recommended Meestal worden ten minste 2048 bit sleutels aanbevolen New Key Nieuwe sleutel Keysize Sleutelgrootte Keytype Sleuteltype Remember as default Onthoud als standaard Create Creëren NewX509 Source Bron Signing request Ondertekeningsverzoek Show request Verzoek weergeven Sign this Certificate signing &request Onde&rteken dit certificaat ondertekeningsverzoek Copy extensions from the request Kopieer uitbreidingen van het verzoek Modify subject of the request Wijzig het onderwerp van het verzoek Signing Ondertekening Create a &self signed certificate Maak een zelf ondertekend certificaat Use &this Certificate for signing Gebruik di&t certificaat voor ondertekening All certificates in your database that can create valid signatures Alle certificaten in uw database voor het maken van geldige handtekeningen Signature algorithm Handtekening algoritme Template for the new certificate Sjabloon voor het nieuwe certificaat All available templates Alle beschikbare sjablonen Apply extensions Uitbreidingen toepassen Apply subject Onderwerp toepassen Apply all Alles toepassen Subject Onderwerp Internal Name Interne naam Distinguished name DistinguishedName (DN) Add Toevoegen Delete Verwijderen Private key Privé-sleutel This list only contains unused keys Deze lijst bevat alleen ongebruikte sleutels Used keys too Ook gebruikte sleutels &Generate a new key &Genereer een nieuwe sleutel Extensions Uitbreidingen Type Type If this will become a CA certificate or not Of dit een CA certificaat wordt of niet Not defined Niet gedefinieerd Certification Authority Certificaat Authoriteit End Entity Eindentiteit Path length Pad lengte How much CAs may be below this. Hoeveel CA's zitten hier mogelijk onder. The basic constraints should always be critical De basisbeperkingen behoren altijd kritisch te zijn Key identifier Sleutelidentificatie Creates a hash of the key following the PKIX guidelines Creëert een hash van de sleutel volgens de PKIX-richtlijnen Copy the Subject Key Identifier from the issuer Kopieer de Onderwerp Key Identifier van de uitgever Validity Geldigheid Not before Niet voor Not after Niet na Time range Tijdspanne Days Dagen Months Maanden Years Jaren Apply Toepassen Set the time to 00:00:00 and 23:59:59 respectively Stel de tijd in op respectievelijk 00:00:00 en 23:59:59 Midnight Middernacht Local time Lokale tijdstip No well-defined expiration Geen correct gedefinieerde expiratie DNS: IP: URI: email: RID: DNS: IP: URI: email: RID: Edit Bewerken URI: URI: Key usage Sleutelgebruik Netscape Netscape Advanced Gevorderd Validate Valideren Comment Commentaar This name is only used internally and does not appear in the resulting certificate Deze naam wordt alleen intern gebruikt en verschijnt niet in het resulterende certificaat Critical Kritisch Create Certificate signing request Maak een certificaat ondertekeningsverzoek minimum size: %1 minimale grootte: %1 maximum size: %1 maximale grootte: %1 only a-z A-Z 0-9 '()+,-./:=? enkel a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters alleen 7-bits ascii karakters Edit XCA template Bewerk XCA sjabloon Create x509 Certificate Maak een X.509 certificaat Template '%1' applied Sjabloon '%1' wordt toegepast Subject applied from template '%1' Onderwerp toegepast vanuit sjabloon '%1' Extensions applied from template '%1' Uitbreidingen toegepast van sjabloon '%1' New key '%1' created Nieuwe sleutel '%1' gemaakt Other Tabs Andere tabbladen Advanced Tab Geavanceerd tabblad Errors Fouten From PKCS#10 request Vanaf PKCS#10 verzoek Abort rollout Uitgave stopzetten The following length restrictions of RFC3280 are violated: De volgende lengtebeperkingen van RFC3280 worden overtreden: Edit subject Onderwerp bewerken Continue rollout Uitgave voortzetten The verification of the Certificate request failed. The rollout should be aborted. De verificatie van de certificaataanvraag is mislukt. De uitrol moet worden afgebroken. Continue anyway Ga toch verder The internal name and the common name are empty. Please set at least the internal name. De interne naam en de commonName (CN) zijn leeg. Stel ten minste de interne naam in. Edit name Bewerk naam There is no Key selected for signing. Er is geen sleutel geselecteerd voor ondertekening. Select key Selecteer sleutel The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. De volgende DistinguishedName (DN) gegevens zijn leeg: %1 hoewel ze als verplicht zijn aangegeven in het optiemenu. The key you selected for signing is not a private one. De sleutel die geselecteerd is voor ondertekening, is geen privésleutel. Select other signer Selecteer andere ondertekenaar Select other key Selecteer andere sleutel The currently selected hash algorithm '%1' is insecure and should not be used. Het huidig geselecteerde hash algoritme '%1' is niet veilig en wordt afgeraden om te gebruiken. Select other algorithm Selecteer een ander algoritme Use algorithm anyway Gebruik het algoritme toch The certificate will be earlier valid than the signer. This is probably not what you want. De startdatum van het certificaat ligt voor de datum van ondertekening. Dit is waarschijnlijk niet gewenst. Edit dates Datums aanpassen Adjust date and continue Datum aanpassen en doorgaan The certificate will be longer valid than the signer. This is probably not what you want. De einddatum van het certificaat is later dan de einddatum van ondertekening. Dit is waarschijnlijk niet gewenst. The certificate will be out of date before it becomes valid. You most probably mixed up both dates. Het certificaat is verouderd voordat het geldig is. Waarschijnlijk zijn beide datums verwisseld. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. Het certificaat bevat ongeldige of dubbele uitbreidingen. Controleer de validatie op het tabblad Geavanceerd. The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. Het certificaat bevat geen uitbreidingen. U kunt de uitbreidingen van een van de sjablonen toepassen om het doel van het certificaat te definiëren. The certificate contains invalid extensions. Edit extensions Bewerk uitbreidingen The subject alternative name shall contain a copy of the common name. However, the common name is empty. De alternatieve naam van het onderwerp moet een kopie van de commonName (CN) bevatten. De commonName is echter leeg. Configfile error on line %1 Config bestand fout op regel %1 OidResolver OID Resolver OID Vertaler Enter the OID, the Nid, or one of the textual representations Voer de OID, de NID of een van de tekstuele Engelse omschrijvingen in Search Zoeken OID OID (Object IDentifier) Long name Lange naam OpenSSL internal ID OpenSSL interne ID Nid NID (Numeric IDentifier) Short name Korte naam OpenDb Open remote database Open database (op netwerk) Database type Database type Hostname Hostnaam Username Gebruikersnaam Password Wachtwoord Database name Database naam Table prefix Tabel voorvoegsel No SqLite3 driver available. Please install the qt-sqlite package of your distribution Geen SqLite3-stuurprogramma beschikbaar. Installeer alstublieft het qt-sqlite-pakket van uw distributie Please enter the password to access the database server %2 as user '%1'. Voer het wachtwoord in om toegang te krijgen tot de database server %2 als gebruiker '%1'. The database driver does not support transactions. This may happen if the client and server have different versions. Continue with care. Het database stuurprogramma ondersteunt geen transacties. Dit kan gebeuren als de client en de server verschillende software versies hebben. Ga voorzichtig verder. Options XCA Options XCA Opties Settings Instellingen Default hash algorithm Standaard hash algoritme String types String types Suppress success messages Onderdruk succes berichten Don't colorize expired certificates Verlopen certificaten niet tonen in kleur Translate established x509 terms (%1 -> %2) Vertaal vastgestelde X.509 termen (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. De hash-functionaliteit van het token wordt niet gebruikt door XCA. Het kan echter een beperkte hash-set respecteren die door het token wordt gepropageerd. Vooral EC en DSA worden alleen gedefinieerd met SHA1 in de PKCS#11-specificatie. Only use hashes supported by the token when signing with a token key Gebruik alleen hashes die door het token worden ondersteund bij het ondertekenen met een token sleutel Disable legacy Netscape extensions Verouderde Netscape-uitbreidingen uitschakelen PKCS12 encryption algorithm Certificate expiry warning threshold Waarschuwingsdrempel voor vervallen van certificaat Send vCalendar expiry reminder Verstuur de vCalendar vervaldatum herinnering Serial number length Lengte van serienummer bit bit Distinguished name DistinguishedName (DN) Mandatory subject entries Verplichte onderwerp gegevens Add Toevoegen Delete Verwijderen Explicit subject entries Expliciete onderwerp gegevens Dynamically arrange explicit subject entries Dynamisch georganiseerde, expliciete, onderwerp gegevens Default Standaard PKCS#11 provider PKCS#11 provider Remove Verwijderen Search Zoeken Printable string or UTF8 (default) Afdrukbare reeks of UTF8 (standaard) PKIX recommendation in RFC2459 PKIX-aanbeveling uit RFC2459 No BMP strings, only printable and T61 Geen BMP-reeksen, alleen afdrukbaar en T61 UTF8 strings only (RFC2459) Alleen UTF8 reeksen (RFC2459) All strings Alle reeksen Days Dagen Weeks Weken PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) Het wachtwoord wordt ontbonden als tweecijferige hexadecimale code. Het moet een even aantal cijfers hebben (0-9 en A-F) Take as HEX string Neem als hexadecimale-string Password Wachtwoord Repeat %1 Herhaal %1 %1 mismatch %1 komt niet overeen Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters Hexadecimale-wachtwoord mag alleen de tekens '0' - '9' en 'a' - 'f' bevatten en het moet uit een even aantal tekens bestaan Exit Sluiten E&xit Sluiten QMessageBox Ok OK Close Sluiten Cancel Annuleren Apply Toepassen Yes Ja No Nee QObject Undefined Onbepaald Broken / Invalid Gebroken / Ongeldig in %1 seconds in %1 seconden %1 seconds ago %1 seconde(n) geleden in %1 minutes in %1 minuten %1 minutes ago %1 minuten geleden Yesterday Gisteren Tomorrow Morgen in %1 hours in %1 uur %1 hours ago %1 uur/uren geleden Out of data Geen gegevens meer Error finding endmarker of string Fout bij het vinden van einde markering van tekenreeks Out of Memory at %1:%2 Geheugen vol op %1:%2 All files ( * ) Alle bestanden ( * ) PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK Keys ( *.pvk );; SSH Public Keys ( *.pub );; PKI Sleutels ( *.pem *.der *.key );; PKCS#8 Sleutels ( *.p8 *.pk8 );; Microsoft PVK Sleutels ( *.pvk );; SSH Publieke Sleutels ( *.pub );; Import RSA key RSA-sleutel importeren PKCS#10 CSR ( *.pem *.der *.csr );; PKCS#10 CSR ( *.pem *.der *.csr );; Import Request Importeer verzoek Certificates ( *.pem *.der *.crt *.cer );; Certificaten ( *.pem *.der *.crt *.cer );; Import X.509 Certificate Importeer X.509 certificaat PKCS#7 data ( *.p7s *.p7m *.p7b );; PKCS#7 data ( *.p7s *.p7m *.p7b );; Import PKCS#7 Certificates Importeer PKCS#7 certificaten PKCS#12 Certificates ( *.p12 *.pfx );; PKCS#12 certificaten ( *.p12 *.pfx );; Import PKCS#12 Private Certificate Importeer PKCS#12 privé certificaat XCA templates ( *.xca );; XCA sjablonen ( *.xca );; Import XCA Templates XCA sjablonen importeren Revocation lists ( *.pem *.der *.crl );; Intrekkingslijsten ( *.pem *.der *.crl );; Import Certificate Revocation List Certificaatintrekkingslijst importeren XCA Databases ( *.xdb );; XCA databases ( *.xdb );; Open XCA Database Open XCA database PKCS#11 library ( *.dll );; PKCS#11 bibliotheek ( *.dll );; PKCS#11 library ( *.dylib *.so );; PKCS#11 bibliotheek ( *.dylib *.so );; PKCS#11 library ( *.so );; PKCS#11 bibliotheek ( *.so );; Open PKCS#11 shared library Open PKCS#11 gedeelde bibliotheek bestand PEM files ( *.pem );; PEM bestanden ( *.pem );; Load PEM encoded file PEM gecodeerd bestand laden Please enter the PIN on the PinPad Voer de PIN in op het PIN ingave apparaat Please enter the SO PIN (PUK) of the token %1 Voer de SO PIN (PUK) van het token %1 in Please enter the PIN of the token %1 Voer de PIN van het token %1 in No Security token found Geen beveiligingstoken gevonden Select Selecteer Please enter the new SO PIN (PUK) for the token: '%1' Voer de nieuwe SO PIN (PUK) voor het token: '%1' in Please enter the new PIN for the token: '%1' Voer de nieuwe PIN voor het token: '%1' in Required PIN size: %1 - %2 Vereiste PIN grootte: %1 - %2 Invalid filename: %1 Ongeldige bestandsnaam: %1 Failed to open PKCS11 library: %1: %2 Openen van PKCS#11-bibliotheek bestand is mislukt: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Dit lijkt geen PKCS#11 bibliotheek bestand. Teken: 'C_GetFunctionList' not found. Disabled Uitgeschakeld Library loading failed Laden van bibliotheek bestand is mislukt PKCS#11 function '%1' failed: %2 PKCS#11 functie '%1' is mislukt: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 PKCS#11 functie '%1' is mislukt: %2 In bibliotheek bestand %3 %4 Invalid Ongeldig %1 is shorter than %2 bytes: '%3' %1 is korter dan %2 bytes: '%3' %1 is longer than %2 bytes: '%3' %1 is langer dan %2 bytes: '%3' String '%1' for '%2' contains invalid characters Tekenreeks '%1' voor '%2' bevat ongeldige tekens Error reading config file %1 at line %2 Fout bij het lezen van configuratiebestand %1 op regel %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. Het object '%1' van bestand %2 op regel %3 staat al bekend als '%4:%5:%6' en moet worden verwijderd. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. De ID %1 voor OID %2 uit bestand %3 op regel %4 wordt al voor een andere OID gebruikt als %5:%6:%7 en moet worden gewijzigd om conflicten te voorkomen. Unknown object '%1' in file %2 line %3 Onbekend object '%1' in bestand %2 op regel %3 Failed to start a database transaction Starten van database transactie is mislukt Country code Landcode State or Province Staat of Provincie Locality Stad Organisation Organisatie Organisational unit Organisatie-eenheid Common name CommonName E-Mail address E-Mail adres Serial number Serienummer Given name Voornaam Surname Achternaam Title Titel Initials Initialen Description Omschrijving Role Rol Pseudonym Pseudoniem Generation Qualifier Generation Qualifier x500 Unique Identifier X.500 Unieke IDentificatie Name Naam DN Qualifier DN kwalificatie Unstructured name Ongestructureerde naam Challenge password Challenge wachtwoord Basic Constraints Basis beperkingen Subject alternative name Alternatieve naam van het onderwerp issuer alternative name Alternatieve naam van de uitgever Subject key identifier ID van onderwerp-sleutel Authority key identifier Autoriteit sleutel-ID Key usage Sleutelgebruik Extended key usage Uitgebreid sleutelgebruik CRL distribution points CRL-distributiepunten Authority information access Authoriteit Informatie toegang (AIA) Certificate type Certificaattype Base URL Basis URL Revocation URL Intrekkings URL CA Revocation URL CA-Intrekkings URL Certificate renewal URL URL voor certificaatvernieuwing CA policy URL CA-beleid URL SSL server name SSL server naam Comment Commentaar Index file written to '%1' Index bestand is opgeslagen in '%1' Index hierarchy written to '%1' Index hiërarchie is opgeslagen in '%1' Unknown key type %1 Onbekend sleuteltype %1 Password verify error, please try again Fout bij wachtwoordverificatie, probeer het opnieuw The following error occurred: De volgende fout is opgetreden: Failed to update the database schema to the current version Password Wachtwoord ReqTreeView Sign Ondertekenen Unmark signed Niet ondertekend Mark signed Ondertekend Similar Request Gelijksoortig verzoek Certificate request export Exporteren van certificaat verzoeken Certificate request ( *.pem *.der *.csr ) Certificaataanvraag (* .pem * .der * .csr) RevocationList Manage revocations Beheer intrekkingen Add Toevoegen Delete Verwijderen Edit Bewerken No. No. Serial Serienummer Revocation Intrekking Reason Reden Invalidation Ongeldigverklaring Generate CRL Genereer CRL Revoke Certificate revocation Intrekken van certificaat Revocation details Details voor intrekken Revocation reason Reden van intrekken Local time Lokale tijdstip Invalid since Niet geldig sinds Serial Serienummer SearchPkcs11 Directory Directory (X.500) ... ... Include subdirectories Subdirectories opnemen Search Zoeken The following files are possible PKCS#11 libraries De volgende bestanden zijn mogelijk PKCS#11 bibliotheken SelectToken Security token Beveiligingstoken Please select the security token Selecteer het beveiligingstoken TempTreeView Duplicate Dupliceren Create certificate Certificaat aanmaken Create request Verzoek creëren copy kopiëren Preset Template values Preset-sjabloonwaarden Template export XCA Templates ( *.xca ) TrustState Certificate trust Trustment &Never trust this certificate Only &trust this certificate, if we trust the signer &Always trust this certificate Validity yyyy-MM-dd hh:mm yyyy-MM-dd hh:mm X509SuperTreeView OpenSSL config OpenSSL configuratie Transform Transformeren Template Sjablonen Public key Openbare sleutel Save as OpenSSL config Opslaan als OpenSSL-configuratie Config files ( *.conf *.cnf);; All files ( * ) Configuratiebestanden ( *.conf *.cnf);; Alle bestanden ( * ) XFile Error opening file: '%1': %2 Error rewinding file: '%1': %2 XcaTreeView Item properties Item eigenschappen Subject entries Onderwerp gegevens X509v3 Extensions X.509v3 Uitbreidingen Netscape extensions Netscape uitbreidingen Key properties Sleutel eigenschappen Reset Reset Hide Column Kolom verbergen Details Details Columns Kolommen New Nieuw Import Import Paste PEM data Plak PEM gegevens Rename Hernoemen Properties Eigenschappen Delete Verwijderen Export Exporteren Clipboard Klembord File Bestand database_model Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Legacy database indeling gedetecteerd. Een reservekopie wordt gemaakt met de naam '%1' en de database wordt geconverteerd naar de nieuwe indeling Failed to rename the database file, because the target already exists Kan het database bestand niet hernoemen, omdat het bestand al bestaat Please enter the password to access the database server %2 as user '%1'. Voer het wachtwoord in om toegang te krijgen tot de database server %2 als gebruiker '%1'. Unable to create '%1': %2 Niet mogelijk om te maken '%1': %2 The file '%1' is not an XCA database Het bestand '%1' is geen XCA database No SqLite3 driver available. Please install the qt-sqlite package of your distribution Geen SqLite3-stuurprogramma beschikbaar. Installeer alstublieft het qt-sqlite-pakket van uw distributie New Password Nieuw wachtwoord Please enter a password, that will be used to encrypt your private keys in the database: %1 Voer een wachtwoord in, dat zal worden gebruikt om uw privé-sleutels in de database te versleutelen: %1 Password Wachtwoord Please enter the password for unlocking the database: %1 Voer het wachtwoord in om de database te ontgrendelen: %1 db_base Internal name Interne naam No. No. Primary key Hoofdsleutel Database unique number Database uniek nummer Date Datum Date of creation or insertion Datum van creatie of invoeging Source Bron Generated, Imported, Transformed Gegenereerd, Geïmporteerd, Getransformeerd Comment Commentaar First line of the comment field Eerste regel van het opmerkingenveld Import from: %1 Importeren van: %1 Could not create directory %1 Maken van folder is mislukt %1 Item properties Item eigenschappen How to export the %1 selected items Hoe moeten de %1 geselecteerde items geëxporteerd worden All in one PEM file Alles in één PEM bestand Each item in one file Elk item in één bestand Save %1 items in one file as Sla %1 items in één bestand op als PEM files ( *.pem );; All files ( * ) PEM bestanden ( *.pem );; Alle bestanden ( * ) db_crl Signer Ondertekenaar Internal name of the signer Interne naam van de ondertekenaar No. revoked No. ingetrokken Number of revoked certificates Aantal ingetrokken certificaten Last update Laatste update Next update Volgende update CRL number CRL nummer The revocation list already exists in the database as: '%1' and so it was not imported De intrekkingslijst bestaat al in de database als: '%1' en dus werd het niet geïmporteerd Revocation list export Intrekkingslijst exporteren CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) There are no CA certificates for CRL generation Er zijn geen CA certificaten voor CRL-generatie Select CA certificate Selecteer CA certificaat Create CRL creëer een CRL Failed to initiate DB transaction Kan DB-transactie niet starten Database error: %1 Database fout: %1 db_key Type Type Size Grootte EC Group EC Groep Use Gebruik Password Wachtwoord The key is already in the database as: '%1' and is not going to be imported De sleutel staat al in de database als: '%1' en wordt niet geïmporteerd The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key De database bevat al het openbare gedeelte van de geïmporteerde sleutel als '%1' en wordt voltooid door het nieuwe, privégedeelte van de sleutel Extending public key from %1 by imported key '%2' Openbare sleutel uitbreiden van %1 door geïmporteerde sleutel '%2' Key size too small ! Sleutellengte te klein ! You are sure to create a key of the size: %1 ? Bent u zeker om een sleutel van deze grootte te maken: %1 ? PEM public PEM openbaar SSH2 public SSH2 openbaar PEM private PEM privé SSH2 private SSH2 privé Export keys to Clipboard Exporteer sleutels naar het klembord Clipboard Klembord Export public key [%1] Openbare sleutel exporteren [%1] DER public DER openbaar DER private DER privé PEM encryped PEM versleuteld PVK private PVK privé PVK encrypted PVK versleuteld PKCS#8 encrypted PKCS#8 versleuteld Export private key [%1] privé-sleutel exporteren [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Privé-sleutels ( *.pem *.der *.pk8 );; SSH Openbare sleutels ( *.pub ) Internal error Interne fout Tried to change password of a token Het wachtwoord van een token is geprobeerd te wijzigen db_temp Bad template: %1 Incorrect sjabloon: %1 Empty template Lege sjabloon Preset Template values Preset-sjabloonwaarden Save template as Sla sjabloon op als XCA templates ( *.xca );; All files ( * ) XCA sjablonen ( *.xca );; Alle bestanden ( * ) db_x509 CA Certificaat Autoriteit (CA) reflects the basic Constraints extension weerspiegelt de basisbeperkingen uitbreiding Serial Serienummer Start date Startdatum Expiry date Vervaldatum MD5 fingerprint MD5 fingerprint SHA1 fingerprint SHA1 fingerprint SHA256 fingerprint SHA256 fingerprint Not before Niet voor Not after Niet na Revocation Intrekking CRL Expiration CRL Vervaldatum Plain View Tekst weergave Tree View Vertakkingen overzicht Failed to retrieve unique random serial Het ophalen van een uniek willekeurig getal is mislukt The certificate already exists in the database as: '%1' and so it was not imported Het certificaat bestaat al in de database als: '%1' en dus werd het niet geïmporteerd Signed on %1 by '%2' Ondertekend op %1 door '%2' Unknown Onbekend Invalid public key Ongeldige openbare sleutel PKCS#7 unrevoked PKCS#7 niet ingetrokken PEM unrevoked PEM niet ingetrokken vCalendar vCalendar CA vCalendar CA vCalendar X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) X.509 Certificaten ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) days dagen No template Geen sjabloon The key you selected for signing is not a private one. De sleutel die geselecteerd is voor ondertekening, is geen privésleutel. Failed to create directory '%1' Maken van directory is mislukt '%1' Store the certificate to the key on the token '%1 (#%2)' ? Sla het certificaat op de sleutel op, op token '%1 (#%2)' ? PEM chain PEM reeks PKCS#7 chain PKCS#7 reeks PKCS#12 chain PKCS#12 reeks PKCS#7 all PKCS#7-alles PEM + key PEM + sleutel PEM all PEM alles Certificate Index file Certificaat index bestand Certificate export Certificaat export X509 Certificates ( *.pem *.cer *.crt *.p12 *.p7b ) X.509 Certificaten ( *.pem *.cer *.crt *.p12 *.p7b ) There was no key found for the Certificate: '%1' Er is geen sleutel gevonden voor het certificaat: '%1' Not possible for a token key: '%1' Niet mogelijk voor een tokensleutel: '%1' Not possible for the token-key Certificate '%1' Niet mogelijk voor het tokensleutel-certificaat '%1' db_x509name Subject Onderwerp Complete distinguished name Volledige DistinguishedName (DN) invullen Subject hash Onderwerp hash Hash to lookup certs in directories Hash om certificaten op te zoeken in directories db_x509req Signed Ondertekend whether the request is already signed or not of het verzoek al ondertekend is of niet Unstructured name Ongestructureerde naam Challenge password Challenge wachtwoord Certificate count Certificaat aantal Number of certificates in the database with the same public key Certificaat aantal met de zelfde openbare sleutel in de database The certificate signing request already exists in the database as '%1' and thus was not stored Het ondertekenverzoek voor certificaten bestaat al in de database als '%1' en werd dus niet opgeslagen Certificate request export Exporteren van certificaat verzoeken Certificate request ( *.pem *.der *.csr ) Certificaataanvraag (* .pem * .der * .csr) db_x509super Key name Sleutelnaam Internal name of the key Interne naam van de sleutel Signature algorithm Handtekening algoritme Key type Sleutel type Key size Sleutel grootte EC Group EC Groep Extracted from %1 '%2' Geëxtraheerd van %1 '%2' Certificate Certificaat Certificate request Certificaat verzoek Save as OpenSSL config Opslaan als OpenSSL-configuratie Config files ( *.conf *.cnf);; All files ( * ) Configuratiebestanden ( *.conf *.cnf);; Alle bestanden ( * ) The following extensions were not ported into the template De volgende uitbreidingen zijn niet in het sjabloon opgenomen Transformed from %1 '%2' Getransformeerd van %1 '%2' kvView Type Type Content Inhoud pass_info Password Wachtwoord PIN PIN pkcs11_lib Failed to open PKCS11 library: %1: %2 Openen van PKCS#11-bibliotheek bestand is mislukt: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Dit lijkt geen PKCS#11 bibliotheek bestand. Teken: 'C_GetFunctionList' not found. pki_base Unknown Onbekend Imported geïmporteerd Generated Gegenereerd Transformed Getransformeerd Token Token Legacy Database Legacy database Renewed Vernieuwd Property '%1' not listed in 'pki_base::print' Eigenschap '%1' is niet opgevoerd in 'pki_base::print' Internal error: Unexpected message: %1 %2 Interne fout: Onverwacht bericht: %1 %2 pki_crl Successfully imported the revocation list '%1' De intrekkingslijst '%1' is succesvol geïmporteerd Delete the revocation list '%1'? Verwijder de intrekkingslijst '%1'? Successfully created the revocation list '%1' De intrekkingslijst '%1' is succesvol aangemaakt Delete the %1 revocation lists: %2? Verwijder de %1 intrekkingslijsten: %2? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. Kan de intrekkingslijst niet laden in bestand %1. Geprobeerd met PEM en DER geformatteerde CRL. No issuer given Geen uitgever genoemd Wrong Size %1 Verkeerde grootte %1 CRL Renewal of CA '%1' due CRL Vernieuwing van CA nodig op '%1' The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' De laatste CRL uitgegeven door CA '%1' vervalt op %2. Het is opgeslagen in de XCA database '%3' Renew CRL: %1 CRL vernieuwen: %1 The XCA CRL '%1', issued on %3 will expire on %4. It is stored in the XCA database '%5' De XCA CRL '%1' uitgegeven op %3 zal verlopen op %4. De CRL is opgeslagen in de XCA database '%5' pki_evp Failed to decrypt the key (bad password) %1 Decoderen van de sleutel niet gelukt (onjuist wachtwoord) %1 Please enter the password to decrypt the private key. Voer het wachtwoord in om de privé-sleutel te decoderen. Please enter the password to decrypt the private key %1. Geef het wachtwoord voor het decoderen van de privé sleutel %1. The key from file '%1' is incomplete or inconsistent. De sleutel van bestand '%1' is onvolledig of inconsistent. Please enter the password to decrypt the private key from file: %1 Voer het wachtwoord in om de privé-sleutel uit het bestand te decoderen: %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. Laden van de privé-sleutel in bestand %1 niet mogelijk. Gebruikte methoden PEM- en DER privé, openbaar, PKCS#8 sleuteltypen en SSH2 formaat. Ignoring unsupported private key Niet-ondersteunde privé-sleutel wordt genegeerd Please enter the password to decrypt the private key: '%1' Voer het wachtwoord in om de privé-sleutel te decoderen: '%1' Password input aborted Wachtwoordinvoer afgebroken Please enter the database password for decrypting the key '%1' Voer het database wachtwoord in voor het decoderen van de sleutel '%1' Please enter the password to protect the private key: '%1' Voer het wachtwoord in om de privé-sleutel te coderen: '%1' Please enter the database password for encrypting the key Voer het database wachtwoord in om de sleutel te versleutelen Please enter the password protecting the PKCS#8 key '%1' Voer het wachtwoord in dat de PKCS#8-sleutel '%1' beschermt Please enter the password protecting the Microsoft PVK key '%1' Voer het wachtwoord in dat de Microsoft PVK-sleutel '%1' beschermt Please enter the export password for the private key '%1' Voer het exportwachtwoord in voor de privé-sleutel '%1' pki_export PEM Text format with headers PEM Tekst formaat met koppen Concatenated list of all selected items in one PEM text file Samengevoegde lijst van alle geselecteerde items in één PEM tekstbestand PEM chain PEM reeks Concatenated text format of the complete certificate chain in one PEM file Samengevoegd tekstformaat van de volledige certificaat reeks in één PEM bestand PEM + key PEM + sleutel Concatenation of the certificate and the unencrypted private key in one PEM file Samenvoeging van het certificaat en de niet-versleutelde privé-sleutel in één PEM bestand Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Samenvoeging van het certificaat en de versleutelde privé-sleutel in PKCS#8 bestand PKCS#7 encoded single certificate PKCS#7 gecodeerd mono certificaat All selected certificates encoded in one PKCS#7 file Alle geselecteerde certificaten gecodeerd in één PKCS#7 bestand PKCS #7 chain PKCS#7 encoded complete certificate chain PKCS#7 gecodeerde, complete certificaat reeks Binary DER encoded certificate PKCS #12 chain The complete certificate chain and the private key as encrypted PKCS#12 file De volledige certificaat reeks en de privé-sleutel als versleuteld PKCS#12 bestand PKCS #12 The certificate and the private key as encrypted PKCS#12 file Het certificaat en de privé-sleutel als versleuteld PKCS#12 bestand Certificate Index file Certificaat index bestand OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool OpenSSL-specifiek certificaat-indexbestand, gemaakt met de opdracht 'ca' en vereist voor de OCSP-tool vCalendar vCalendar vCalendar expiry reminder for the selected items vCalendar vervaldatum herinnering voor de geselecteerde items CA vCalendar CA vCalendar vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL vCalendar vervaldatum herinnering met daarin bevattend: alle uitgegeven, geldige certificaten, de CA zelf en de nieuwste CRL PEM public PEM openbaar Text format of the public key in one PEM file Tekstformaat van de openbare sleutel in één PEM bestand PEM private PEM privé Unencrypted private key in text format Niet-versleutelde privé-sleutel in tekst formaat PEM encrypted OpenSSL specific encrypted private key in text format OpenSSL-specifieke versleutelde privé-sleutel in tekstformaat SSH2 private SSH2 privé SSH2 public SSH2 openbaar The public key encoded in SSH2 format De openbare sleutel gecodeerd in SSH2-indeling DER public DER openbaar Binary DER format of the public key Binair DER-formaat van de openbare sleutel DER private DER privé Unencrypted private key in binary DER format Niet-versleutelde privé-sleutel in binair DER formaat PVK private PVK privé Private key in Microsoft PVK format not encrypted Niet-versleutelde privé-sleutel in Microsoft PVK formaat PVK encrypted PVK versleuteld Encrypted private key in Microsoft PVK format Versleutelde privé-sleutel in Microsoft PVK formaat PKCS #8 encrypted Encrypted private key in PKCS#8 text format Versleutelde privé-sleutel in PKCS#8 formaat PKCS #8 Unencrypted private key in PKCS#8 text format Niet-versleutelde privé-sleutel in PKCS#8 formaat Binary DER format of the certificate request Binary DER format of the revocation list vCalendar reminder for the CRL expiry date XCA template in PEM-like format All selected XCA templates in PEM-like format pki_key Successfully imported the %1 public key '%2' De %1-openbare sleutel '%2' is succesvol geïmporteerd Delete the %1 public key '%2'? De %1 openbare sleutel '%2' verwijderen? Successfully imported the %1 private key '%2' De %1 privé-sleutel '%2' is geïmporteerd Delete the %1 private key '%2'? De %1 privé-sleutel '%2' verwijderen? Successfully created the %1 private key '%2' De %1 privé-sleutel '%2' is succesvol aangemaakt Delete the %1 keys: %2? Verwijder de %1-sleutels: %2? Public key Openbare sleutel Common Gemeenschappelijk Private Privé Bogus Onzin PIN PIN No password Geen wachtwoord Unexpected SSH2 content: '%1' Onverwachte SSH2 inhoud: '%1' Invalid SSH2 public key Ongeldige openbare SSH2-sleutel Failed writing to %1 Schrijven naar %1 is mislukt pki_multi No known PEM encoded items found Geen bekende PEM gecodeerde items gevonden pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 Voer het wachtwoord in om het PKCS#12 bestand te decoderen: %1 Unable to load the PKCS#12 (pfx) file %1. Laden van PKCS#12 (pfx) bestand %1 is mislukt. The supplied password was wrong (%1) Het opgegeven wachtwoord was fout (%1) Please enter the password to encrypt the PKCS#12 file Voer het wachtwoord in om het PKCS#12 bestand te versleutelen No key or no Cert and no pkcs12 Geen sleutel of Cert én geen PKCS#12 pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. Kon het PKCS#7 bestand %1 niet laden. Geprobeerd met PEM- en DER-formaat. pki_scard Successfully imported the token key '%1' De token-sleutel '%1' is succesvol geïmporteerd Delete the token key '%1'? De token-sleutel '%1' verwijderen? Successfully created the token key '%1' De token-sleutel '%1' is succesvol aangemaakt Delete the %1 keys: %2? Verwijder de %1-sleutels: %2? Delete the private key '%1' from the token '%2 (#%3)' ? Verwijder de privé-sleutel '%1' uit het token '%2 (#%3)' ? This Key is already on the token Deze sleutel bevindt zich al in het token PIN input aborted PIN-invoer afgebroken Unable to find copied key on the token De gekopieerde sleutel is niet gevonden op het token Please insert card: %1 %2 [%3] with Serial: %4 Voer de kaart in: %1 %2 [%3] met het serienummer: %4 Illegal Key generation method Illegale methode voor het genereren van sleutels Unable to find generated key on card Kan gegenereerde sleutel niet vinden op kaart Ignoring unsupported token key Niet-ondersteunde token-sleutel negeren Wrong Size %1 Verkeerde grootte %1 Token %1 Token %1 Failed to find the key on the token De sleutel op het token is niet gevonden Invalid Pin for the token Ongeldige PIN voor het token Failed to initialize the key on the token Initialiseren van de sleutel op het token is mislukt pki_temp Successfully imported the XCA template '%1' Het XCA sjabloon '%1' is succesvol geïmporteerd Delete the XCA template '%1'? Het XCA sjabloon '%1' verwijderen? Successfully created the XCA template '%1' Het XCA sjabloon '%1' is succesvol aangemaakt Delete the %1 XCA templates: %2? Verwijder de %1 XCA sjablonen: %2? Wrong Size %1 Verkeerde grootte %1 Template file content error (too small) Sjabloon bestand bevat inhoudsfout (te klein) Not a PEM encoded XCA Template Geen PEM gecodeerd XCA sjabloon Not an XCA Template, but '%1' Geen XCA sjabloon, maar '%1' pki_x509 Successfully imported the certificate '%1' Het certificaat '%1' is succesvol geïmporteerd Delete the certificate '%1'? Het certificaat '%1' verwijderen? Successfully created the certificate '%1' Het certificaat '%1' is succesvol aangemaakt Delete the %1 certificates: %2? Verwijder de '%1' certificaten : %2? Unable to load the certificate in file %1. Tried PEM and DER certificate. Kon het certificaat niet laden in bestand %1. Geprobeerd met PEM- en DER-certificaat. This certificate is already on the security token Dit certificaat bevindt zich al in het beveiligingstoken Delete the certificate '%1' from the token '%2 (#%3)'? Verwijder het certificaat '%1' van het token '%2 (#%3)'? There is no key for signing ! Er is geen sleutel voor ondertekening ! Wrong Size %1 Verkeerde grootte %1 No Nee Yes Ja Renew certificate: %1 Certificaat vernieuwen: %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' Het XCA certificaat '%1', uitgegeven op %2, vervalt op %3. Het certificaat is opgeslagen in de XCA database '%4' pki_x509req Signing key not valid (public key) Sleutel voor ondertekening is niet geldig (openbare sleutel) Successfully imported the %1 certificate request '%2' Het %1 certificaatverzoek '%2' is succesvol geïmporteerd Delete the %1 certificate request '%2'? Verwijder het %1 certificaatverzoek '%2'? Successfully created the %1 certificate request '%2' Het %1 certificaatverzoek '%2' is succesvol aangemaakt Delete the %1 certificate requests: %2? Verwijder de %1 certificaatverzoeken: %2? Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. Het certificaatverzoek is niet geladen in bestand %1. Geprobeerd met PEM-, DER- en SPKAC formaat. Wrong Size %1 Verkeerde grootte %1 Signed Ondertekend Unhandled Onverwerkt v3ext Copy Common Name CommonName (CN) kopiëren Add Toevoegen Delete Verwijderen Apply Toepassen Validate Valideren Cancel Annuleren An email address or 'copy' Een e-mailadres of 'kopie' An email address Een e-mailadres A registered ID: OBJECT IDENTIFIER Een geregistreerd ID: OBJECT IDENTIFIER A uniform resource indicator A uniform resource indicator A DNS domain name or 'copycn' Een DNS domeinnaam of 'copycn' A DNS domain name Een DNS domeinnaam An IP address Een IP adres Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' Syntaxis: <OID>;TYPE:tekst als '1.2.3.4:UTF8:naam' No editing. Only 'copy' allowed here Validation failed: '%1' %2 Validatie mislukt: '%1' %2 Validation successful: '%1' Validatie succesvol: '%1' xcaWarning The following error occurred: De volgende fout is opgetreden: Copy to Clipboard Kopieer naar klembord xcaWarningGui Copy to Clipboard Kopieer naar klembord xca-RELEASE.2.5.0/lang/xca_pl.ts000066400000000000000000005047431450407711300161260ustar00rootroot00000000000000 CaProperties Form Days until next CRL issuing Default template CertDetail Details of the Certificate Szczegóły certyfikatu Serial Numer seryjny The serial number of the certificate Numer seryjny certyfikatu The internal name of the certificate in the database Wewnętrzna nazwa certyfikatu w bazie danych Status Status Internal name Nazwa wewnętrzna Signature Podpis Key Klucz Fingerprints Odciski palców MD5 MD5 An md5 hashsum of the certificate Suma kontrolna certyfikatu w formacie MD5 SHA1 SHA1 A SHA-1 hashsum of the certificate Suma kontrolna certyfikatu w formacie SHA-1 SHA256 SHA256 A SHA-256 hashsum of the certificate Suma kontrola certyfikatu w formacie SHA-256 Validity Ważność The time since the certificate is valid Moment, od którego certyfikat jest ważny The time until the certificate is valid Moment, do którego certyfikat jest ważny Subject Podmiot Issuer Wystawca Extensions Rozszerzenia Comment Komentarz Attributes Atrybuty Show config Pokaż konfigurację Show extensions Pokaż rozszerzenia Show public key Pokaż klucz publiczny This key is not in the database. Tego klucza nie ma w bazie danych. Not available Niedostępne Signer unknown Podpis nieznany Self signed Samopodpisany Revoked at %1 Unieważniony o %1 Revoked: Unieważniony: Not valid Nieważny Valid Ważny Details of the certificate signing request Szczegóły żądania certyfikacyjnego CertExtend Certificate renewal Odnowienie certyfikatu This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. Zostanie wydany nowy certyfikat będący kopią starego z nadanym nowym numerem seryjnym i kolejnym okresem ważności. Validity Okres ważności Not before Nieważny przed Not after Nieważny po Time range Przedział czasu Local time Czas lokalny Days Dni Months Miesiące Years Lata No well-defined expiration Bezterminowo Midnight Północ Apply Zastosuj Revoke old certificate Unieważnij stary certyfikat Replace old certificate Keep serial number Zachowaj numer seryjny The certificate will be earlier valid than the signer. This is probably not what you want. Certyfikat będzie ważny wcześniej niż certyfikat wystawcy, to wygląda na błąd. Edit dates Popraw daty Abort rollout Przerwij operację Continue rollout Kontynuuj operację Adjust date and continue Popraw daty i kontynuuj The certificate will be longer valid than the signer. This is probably not what you want. Certyfikat będzie ważniejszy dłużej niż wystawca, to wygląda na błąd. CertTreeView Import PKCS#12 Importuj plik PKCS#12 Import from PKCS#7 Importuj plik PKCS#7 Request Żądanie certyfikacyjne Security token Bezpieczny token Other token Inny token Similar Certificate Podobny certyfikat Delete from Security token Usuń z bezpiecznego tokena CA Urząd Certyfikacji Properties Parametry Generate CRL Generuj listę unieważnień Manage revocations Zarządzaj unieważnieniami Renewal Odnów Revoke Unieważnij Unrevoke Uchyl unieważnienie Plain View Tree View Widok struktury days No template CA Properties Certificate export Eksport certyfikatu X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) ClickLabel Double click for details Kliknij dwukrotnie, aby wyświetlić szczegóły CrlDetail Details of the Revocation list Szczególy listy unieważnionych certyfikatów &Status &Status Version Wersja Signature Podpis Signed by Podpisane przez Name Nazwa The internal name of the CRL in the database Wewnętrzna nazwa listy CRL w bazie danych issuing dates Daty wydań Next update Następna aktualizacja Last update Ostatnia aktualizacja &Issuer &Wystawca &Extensions &Rozszerzenia &Revocation list &Lista unieważnień Comment Komentarz Failed Nieudane Unknown signer Nieznany Verification not possible Weryfikacja niemożliwa CrlTreeView There are no CA certificates for CRL generation Brakuje certyfikatów urzędów (CA) do wygenerowania listy CRL Select CA certificate Wybierz certyfikat Urzędu Certyfikacji Revocation list export Eksport listy unieważnień CRL ( *.pem *.der *.crl ) ExportDialog Name Nazwa The internal name of the CRL in the database Wewnętrzna nazwa w bazie danych ... ... Filename Plik Export comment into PEM file Export Format Format docelowy All files ( * ) Wszystkie pliki ( * ) The file: '%1' already exists! Overwrite Do not overwrite Form last update next update Days Dni Months Miesiące Years Lata Apply Zastosuj Midnight Północ Local time Czas lokalny No well-defined expiration Bezterminowo Help << Poprzedni >> Następny &Done &Zamknij ImportMulti Import PKI Items Import elementów PKI Import &All Importuj &wszystko &Import &Importuj &Done &Zakończ &Remove from list &Usuń z listy Details Szczegóły Delete from token Usuń z tokena Rename on token Zmień nazwę na tokenie Name: %1 Model: %2 Serial: %3 Nazwa: %1 Wersja: %2 Numer seryjny: %3 Manage security token Zarządzanie bezpiecznym tokenem Details of the item '%1' cannot be shown Nie można wyświetlić szczegółów elementu '%1' The type of the item '%1' is not recognized Nie rozpoznano typu elementu '%1' The file '%1' did not contain PKI data Plik '%1' nie zawiera danych PKI The %1 files: '%2' did not contain PKI data Pliki: '%2' elementu %1 nie zawierają danych PKI ItemProperties Name Nazwa Source Źródło Insertion date Data utworzenia Comment Komentarz KeyDetail Name Nazwa The internal name of the key used by xca Wewnętrzna nazwa klucza używana przez XCA Security token Token Manufacturer Producent Serial Numer seryjny Key Klucz Public Exponent Wykładnik publiczny Keysize Rozmiar klucza Private Exponent Wykładnik prywatny Security Token Token Label Nazwa PKCS#11 ID Identyfikator PKCS#11 Token information Informacja o tokenie Model Model Fingerprint Odcisk palca Comment Komentarz Details of the %1 key Szczegóły klucza %1 Not available Nie dostępny Available Dostępny Sub prime Public key Klucz publiczny Private key Klucz prywatny Curve name Rodzaj krzywej Unknown key Nieznany klucz KeyTreeView Clipboard format Change password Zmień hasło Reset password Usuń hasło Change PIN Zmień PIN Init PIN with SO PIN (PUK) Nadaj PIN używając PUK (SO PIN) Change SO PIN (PUK) Zmień PUK (SO PIN) Security token Bezpieczny token This is not a token To nie jest token Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable Czy nadpisać oryginalny klucz '%1' pobranym z tokena? Operacja usunie klucz '%1' i oznaczy go jako nieeksportowalny Export public key [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) MainWindow Private Keys Klucze prywatne &New Key &Dodaj klucz &Export &Eksportuj &Import &Importuj Import PFX (PKCS#12) Importuj PFX (PKCS#12) &Show Details Pokaż &szczegóły &Delete &Usuń Certificate signing requests Żądania certyfikacyjne &New Request &Dodaj żądanie Certificates Certyfikaty &New Certificate &Dodaj certyfikat Import &PKCS#12 Importuj &PKCS#12 Import P&KCS#7 Importuj P&KCS#7 Plain View Płaski widok Templates Szablony &New Template &Dodaj szablon &New CRL &Dodaj CRL Ch&ange Template &Zmień szablon Revocation lists Listy unieważnień Using or exporting private keys will not be possible without providing the correct password Używanie lub eksportowanie kluczy prywatnych będzie niemożliwe bez podania poprawnego hasła Database Baza danych The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. Używana funkcja skrótu '%1' nie jest bezpieczna. Proszę wybrać conajmniej 'SHA 224' z powodów bezpieczeństwa. Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Wykryto stary format bazy danych. Tworzę kopię pod nazwą: '%1' i konwertuję bazę do nowego formatu Failed to rename the database file, because the target already exists Nieudana zmiana nazwy ponieważ docelowy plik już istnieje No deleted items found Nie znaleziono usuniętych elementów Recent DataBases Ostatnio otwierane bazy System Systemowy Croatian Chorwacki English Angielski French Francuski German Niemiecki Japanese Japośnki Russian Rosyjski Slovak Słowacki Spanish Hiszpański Persian Bulgarian Polish Polski Italian Włoski Chinese Chiński Dutch Holenderski Portuguese in Brazil Brazylijski portugalski Indonesian Turkish Turecki Language Język &File &Plik &New DataBase &Dodaj bazę danych &Open DataBase &Otwórz bazę danych Open Remote DataBase Połącz z bazą danych Set as default DataBase Ustaw bazę jako domyślną &Close DataBase &Zamknij bazę danych New DataBase Nowa baza danych Open DataBase Otwórz bazę danych Close DataBase Zamknij bazę danych Options Ustawienia Exit Wyjście I&mport I&mport Keys Klucze Requests Żądania certyfikacyjne PKCS#12 PKCS#12 PKCS#7 PKCS#7 Template Szablon Revocation list Lista CRL PEM file Plik PEM Paste PEM file Wklej zawartość PEM Token Token Export Certificate &Index hierarchy Eksport indeksu certyfikatów wg h&ierarchii Content Zawartość &Token &Token &Manage Security token &Zarządzanie tokenem &Init Security token &Inicjalizacja tokenu &Change PIN &Zmień PIN Change &SO PIN Zmień &SO PIN Init PIN Nadaj PIN Extra Dodatki &Dump DataBase &Zrzut bazy danych &Export Certificate Index &Eksport indeksu certyfikatów &Export Certificate Index hierarchy Eksport indeksu certyfikatów z &hierarchią C&hange DataBase password &Zmień hasło bazy danych &Undelete items &Odzyskaj usunięte elementy Generate DH parameter Generuj parametr DH OID Resolver Rozpoznawanie OID &Help P&omoc &Content &Treść About O programie no such option: %1 brak opcji: %1 Import PEM data Wklej dane PEM Please enter the original SO PIN (PUK) of the token '%1' Wprowadź obecny SO PIN (PUK) dla tokenu '%1' Search Szukaj Please enter the new SO PIN (PUK) for the token '%1' Wprowadź nowy SO PIN (PUK) dla tokenu '%1' The new label of the token '%1' Nowa nazwa tokenu '%1' The token '%1' did not contain any keys or certificates Token '%1' nie zawiera żadnych kluczy ani certyfikatów Current Password Obecne hasło Please enter the current database password Podaj obecne hasło bazy danych The entered password is wrong Wprowadzone hasło jest błędne New Password Zmiana hasła Please enter the new password to encrypt your private keys in the database-file Podaj nowe hasło to szyfrowania twoich kluczy prywatnych w bazie danych Transaction start failed Nieudana transakcja Database: %1 Please enter a password, that will be used to encrypt your private keys in the database: %1 Podaj hasło, które będzie używane do szyfrowania twoich kluczy prywatnych w bazie danych: %1 Password verify error, please try again Błąd weryfikacji hasła, spróbuj ponownie Password Hasło Please enter the password for unlocking the database: %1 Proszę wprowadzić hasło do odblokowania bazy danych: %1 The following error occurred: Wystąpił błąd: Copy to Clipboard Kopiuj do schowka Certificate Index ( index.txt ) Indeks certyfkatów ( index.txt ) All files ( * ) Wszystkie pliki ( * ) Diffie-Hellman parameters saved as: %1 Parametry Diffie-Hellman zapisane jako: %1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits Parametry Diffie-Hellman są wymagane przez różne aplikacje, ale nie są obsługiwane przez XCA. Podaj liczbę bitów parametru DH Error opening file: '%1': %2 Nieudane otwarcie pliku: '%1': %2 NewCrl Last update Ostatnia aktualizacja Next update Następna aktualizacja Days Dni Months Miesiące Years Lata Midnight Północ Local time Czas lokalny Apply Zastosuj Options Parametry CRL number Numer listy CRL Subject alternative name Alternatywna nazwa podmiotu Revocation reasons Powody unieważnień Authority key identifier Identyfikator urzędu Hash algorithm Funkcja skrótu Create CRL Nowa lista CRL NewKey Please give a name to the new key and select the desired keysize Podaj nazwę dla nowego klucza i określ jego parametry Key properties Parametry klucza Name Nazwa The internal name of the new key Wewnętrzna nazwa nowego klucza Curve name Rodzaj krzywej Usually at least 2048 bit keys are recommended Zazwyczaj stosuje się klucze co najmniej 2048 bitowe New Key Nowy klucz Keysize Rozmiar klucza Keytype Rodzaj klucza Remember as default Ustaw jako domyślne Create Wygeneruj NewX509 Source Źródło Signing request Opcjonalne atrybuty dla wystawcy Show request Pokaż żądanie Sign this Certificate signing &request Podpisz to żądanie ce&rtyfikacyjne Copy extensions from the request Skopiuj rozszerzenia z żądania Modify subject of the request Zmień dane podmiotu z żądania Signing Podpisywanie Create a &self signed certificate Utwórz certyfikat &samopodpisany Use &this Certificate for signing Użyj &tego certyfikatu do podpisania All certificates in your database that can create valid signatures Lista wszystkich certyfikatów w bazie umożliwiających podpisanie Signature algorithm Funkcja skrótu Template for the new certificate Szablon nowego certyfikatu All available templates Dostępne szablony Apply extensions Zastosuj rozszerzenia Apply subject Zastosuj dane podmiotu Apply all Zastosuj wszystko Subject Podmiot Internal Name Nazwa wewnętrzna Distinguished name Nazwa wyróżniająca Add Dodaj Delete Usuń Private key Klucz prywatny This list only contains unused keys Lista zawiera tylko nieużywane klucze Used keys too Pokaż wszystkie &Generate a new key Wy&generuj nowy klucz Extensions Rozszerzenia Type Rodzaj If this will become a CA certificate or not Określa, czy podmiot będzie urzędem certyfikacji CA Not defined Nieokreślony Certification Authority Urząd Certyfikacji (CA) End Entity Odbiorca końcowy Path length Długość ścieżki How much CAs may be below this. Określa ile poziomów urzędów CA może być poniżej tworzonego. The basic constraints should always be critical Oznacza, że rozszerzenie zawsze powinno być traktowane jako krytyczne Key identifier Identyfikatory kluczy Creates a hash of the key following the PKIX guidelines Tworzy i zamieszcza skrót kulcza podmiotu zgodnie ze standardem PKIX Copy the Subject Key Identifier from the issuer Kopiuje i zamieszcza identyfiaktor klucza wystawcy Validity Okres ważności Not before Nieważny przed Not after Nieważny po Time range Przedział czasu Days Dni Months Miesiące Years Lata Apply Zastosuj Set the time to 00:00:00 and 23:59:59 respectively Ustaw czasy odpowiednio na 00:00:00 i 23:59:59 Midnight Północ Local time Czas lokalny No well-defined expiration Bezterminowo DNS: IP: URI: email: RID: DNS: IP: URI: email: RID: Edit Zmień URI: URI: Key usage Użycie klucza Netscape Rozszerzenia Netscape Advanced Zaawansowane Validate Weryfikuj Comment Komentarz This name is only used internally and does not appear in the resulting certificate Nazwa używana wewnętrznie, nie będzie widoczna w wynikowym certyfikacie Critical Krytyczne Create Certificate signing request Nowe żądanie certyfikacyjne minimum size: %1 minimalny rozmiar: %1 maximum size: %1 maksymalny rozmiar: %1 only a-z A-Z 0-9 '()+,-./:=? tylko: a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters tylko proste 7-bitowe znaki Edit XCA template Edycja szablonu XCA Create x509 Certificate Nowy certyfikat x509 Template '%1' applied Załadowany szablon '%1' Subject applied from template '%1' Załadowany podmiot z szablonu '%1' Extensions applied from template '%1' Załadowane rozszerzenia z szablonu '%1' New key '%1' created Utworzony nowy klucz '%1' Other Tabs Pozostałe ustawienia Advanced Tab Zaawansowane ustawienia Errors Błędy From PKCS#10 request Na podstawie żądania PKCS#10 Abort rollout Przerwij operację The following length restrictions of RFC3280 are violated: Następujące ograniczenia długości wg RFC3280 są naruszone: Edit subject Popraw dane podmiotu Continue rollout Kontynuuj operację The verification of the Certificate request failed. The rollout should be aborted. Błąd weryfikacji żądania certyfikacyjnego. Wystawianie powinno zostać przerwane. Continue anyway Kontynuuj mimo wszystko The internal name and the common name are empty. Please set at least the internal name. Nazwa wewnętrzna i kanoniczna są puste. Proszę podać przynajmniej nazwę wewnętrzną. Edit name Popraw nazwę There is no Key selected for signing. Nie wybrano klucza do podpisania. Select key Wybierz klucz The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. Następujące wpisy nazwy wyróżniającej są puste: %1 podczas, gdy ustawiono je jako obowiązkowe w menu opcji. The key you selected for signing is not a private one. Klucz wybrany do podpisu nie jest kluczem prywatnym. Select other signer Wybierz innego podpisującego Select other key Wybierz inny klucz The currently selected hash algorithm '%1' is insecure and should not be used. Select other algorithm Use algorithm anyway The certificate will be earlier valid than the signer. This is probably not what you want. Certyfikat będzie ważny wcześniej niż certyfikat wystawcy, to wygląda na błąd. Edit dates Popraw daty Adjust date and continue Popraw daty i kontynuuj The certificate will be longer valid than the signer. This is probably not what you want. Certyfikat będzie ważniejszy dłużej niż wystawca, to wygląda na błąd. The certificate will be out of date before it becomes valid. You most probably mixed up both dates. Certyfikat w momencie wystawienia będzie już przeterminowany, to wygląda na błąd. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. Certyfikat zawiera błędne lub powielone rozszerzenia. Zweryfikuj zakładkę Zaawansowane. The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. Certyfikat nie zawiera żadnych rozszerzeń. Możesz załadować rozszerzenia bazując na stosownym szablonie. The certificate contains invalid extensions. Edit extensions Popraw rozszerzenia The subject alternative name shall contain a copy of the common name. However, the common name is empty. Alternatywna nazwa podmiotu powinna zawierać kopię nazwy powszechnej. Jednak nazwa powszechna jest pusta. Configfile error on line %1 Błąd pliku konfiguracyjnego w linii %1 OidResolver OID Resolver Rozpoznawanie obiektów OID Enter the OID, the Nid, or one of the textual representations Podaj OID, Nid lub jeden z tekstowych opisów Search Szukaj OID Long name Nazwa pełna OpenSSL internal ID Wewnętrzny identyfikator OpenSSL Nid Short name Nazwa skrócona OpenDb Open remote database Połączenie z zewnętrzną bazą danych Database type Rodzaj bazy Hostname Serwer bazy Username Użytkownik Password Hasło Database name Nazwa bazy Table prefix Prefiks tabel No SqLite3 driver available. Please install the qt-sqlite package of your distribution Brak sterownika SqLite3. Zainstaluj pakiet qt-sqlite dla Twojej dystrybucji Please enter the password to access the database server %2 as user '%1'. Podaj hasło dostępu do serwera bazy %2 jako '%1'. The database driver does not support transactions. This may happen if the client and server have different versions. Continue with care. Sterownik bazy danych nie wspiera transakcji. Może to być spowodowane niezgodnością wersji. Zachowaj ostrożność. Options XCA Options Ustawienia XCA Settings Ustawienia Default hash algorithm Domyślna funkcja skrótu String types Rodzaje ciągów znaków Suppress success messages Ograniczaj komunikaty o sukcesie Don't colorize expired certificates Nie koloruj wygasłych certyfikatów Translate established x509 terms (%1 -> %2) Tłumacz standardowe pojęcia X509 (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. Funkcje mieszania z tokenu nie są używane przez XCA. Istnieje jednak możliwość uwzględniania ograniczonego zestawu funkcji zwracanych przez token. W szczególności EC i DSA są zdefiniowane tylko z funkcją SHA1 w specyfikacji PKCS#11. Only use hashes supported by the token when signing with a token key Używaj jedynie skrótów wspieranych przez token podczas podpisywania z użyciem tokenu Disable legacy Netscape extensions Wyłącz starsze rozszerzenia Netscape PKCS12 encryption algorithm Certificate expiry warning threshold Moment ostrzegania przed wygaśnięciem certyfikatu Send vCalendar expiry reminder Wyślij przypomnienie vCalendar o wygasaniu Serial number length Długość numeru seryjnego bit bity/bitów Distinguished name Nazwa wyróżniająca Mandatory subject entries Obowiązkowe wpisy dla podmiotu Add Dodaj Delete Usuń Explicit subject entries Jawne wpisy dla podmiotu Dynamically arrange explicit subject entries Dynamicznie układaj wpisy jawne Default Domyślnie PKCS#11 provider Dostawca PKCS#11 Remove Usuń Search Szukaj Printable string or UTF8 (default) Ciąg drukowalny lub UTF8 (domyślnie) PKIX recommendation in RFC2459 PKIX zgodnie z RFC2459 No BMP strings, only printable and T61 Bez ciągów BPM, tylko drukowalne i T61 UTF8 strings only (RFC2459) Tylko UTF8 zgodnie z RFC2459 All strings Wszystkie rodzaje Days Dni Weeks Tygodnie Load failed Błąd ładowania PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) Take as HEX string Password Hasło Repeat %1 %1 mismatch Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters Exit Wyjście E&xit &Wyjście QMessageBox Apply Zastosuj QObject Undefined Nieokreślono Broken / Invalid in %1 seconds %1 seconds ago in %1 minutes %1 minutes ago Yesterday Tomorrow in %1 hours %1 hours ago Out of data Error finding endmarker of string All files ( * ) Wszystkie pliki ( * ) PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK Keys ( *.pvk );; SSH Public Keys ( *.pub );; Klucze PKI ( *.pem *.der *.key );; Klucze PKCS#8 ( *.p8 *.pk8 );; Klucze Microsoft PVK ( *.pvk );; Klucze publiczne SSH ( *.pub );; Import RSA key Import klucza RSA PKCS#10 CSR ( *.pem *.der *.csr );; Żądania PKCS#10 ( *.pem *.der *.csr );; Import Request Import żądania certyfikacyjnego Certificates ( *.pem *.der *.crt *.cer );; Certyfikaty ( *.pem *.der *.crt *.cer );; Import X.509 Certificate Import certyfikatu X.509 PKCS#7 data ( *.p7s *.p7m *.p7b );; Certyfikaty PKCS#7 ( *.p7s *.p7m *.p7b );; Import PKCS#7 Certificates Import certyfikatów PKCS#7 PKCS#12 Certificates ( *.p12 *.pfx );; Kontenery PKCS#12 ( *.p12 *.pfx );; Import PKCS#12 Private Certificate Import kontenera PKCS#12 XCA templates ( *.xca );; Szablony XCA ( *.xca );; Import XCA Templates Import szablonów XCA Revocation lists ( *.pem *.der *.crl );; Listy unieważnień ( *.pem *.der *.crl );; Import Certificate Revocation List Import listy unieważnień XCA Databases ( *.xdb );; Bazy danych XCA ( *.xdb );; Open XCA Database Otwieranie bazy danych XCA PKCS#11 library ( *.dll );; PKCS#11 library ( *.dylib *.so );; PKCS#11 library ( *.so );; Open PKCS#11 shared library PEM files ( *.pem );; Load PEM encoded file Please enter the PIN on the PinPad Please enter the SO PIN (PUK) of the token %1 Please enter the PIN of the token %1 No Security token found Select Please enter the new SO PIN (PUK) for the token: '%1' Please enter the new PIN for the token: '%1' Required PIN size: %1 - %2 Disabled Library loading failed PKCS#11 function '%1' failed: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 Invalid %1 is shorter than %2 bytes: '%3' %1 is longer than %2 bytes: '%3' String '%1' for '%2' contains invalid characters Error reading config file %1 at line %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. Unknown object '%1' in file %2 line %3 Failed to start a database transaction Country code State or Province Locality Organisation Organisational unit Common name E-Mail address Serial number Given name Surname Title Initials Description Role Pseudonym Generation Qualifier x500 Unique Identifier Name Nazwa DN Qualifier Unstructured name Challenge password Basic Constraints Subject alternative name Alternatywna nazwa podmiotu issuer alternative name Subject key identifier Authority key identifier Identyfikator urzędu Key usage Użycie klucza Extended key usage CRL distribution points Authority information access Certificate type Base URL Revocation URL CA Revocation URL Certificate renewal URL CA policy URL SSL server name Comment Komentarz Index file written to '%1' Index hierarchy written to '%1' Unknown key type %1 Password verify error, please try again Błąd weryfikacji hasła, spróbuj ponownie The following error occurred: Wystąpił błąd: Failed to update the database schema to the current version Password Hasło ReqTreeView Sign Podpisz Unmark signed Oznacz jako niepodpisany Mark signed Oznacz jako podpisany Similar Request Podobne żądanie Certificate request export Eksport żądania certyfikacjnego Certificate request ( *.pem *.der *.csr ) Żądanie certyfikacyjne ( *.pem *.der *.csr ) RevocationList Manage revocations Zarządzaj unieważnieniami Add Dodaj Delete Usuń Edit Zmień No. L.p. Serial Numer seryjny Revocation Data wpisu Reason Przyczyna Invalidation Data unieważnienia Generate CRL Generuj listę unieważnień Revoke Certificate revocation Unieważnienie certyfikatu Revocation details Szczegóły unieważnienia Revocation reason Powód unieważnienia Local time Czas lokalny Invalid since Unieważnij od Serial Numer seryjny SearchPkcs11 Directory Folder ... ... Include subdirectories Dołącz podfoldery Search Szukaj The following files are possible PKCS#11 libraries Poniższe pliki to potencjalne biblioteki PKCS#11 SelectToken Security token Bezpieczny token Please select the security token Wybierz bezpieczny token TempTreeView Duplicate Powiel Create certificate Utwórz certyfikat Create request Utwórz żądanie copy Kopiuj Preset Template values Domyślna zawartość szablonu Template export XCA Templates ( *.xca ) TrustState Certificate trust Trustment &Never trust this certificate Only &trust this certificate, if we trust the signer &Always trust this certificate Validity yyyy-MM-dd hh:mm yyyy-MM-dd hh:mm X509SuperTreeView OpenSSL config Konfiguracja OpenSSL Transform Przekształć Template Szablon Public key Klucz publiczny Save as OpenSSL config Config files ( *.conf *.cnf);; All files ( * ) XFile Error opening file: '%1': %2 Nieudane otwarcie pliku: '%1': %2 Error rewinding file: '%1': %2 XcaTreeView Item properties Parametry obiektu Subject entries Atrybuty podmiotu X509v3 Extensions Rozszerzenia X509v3 Netscape extensions Rozszerzenia Netscape Key properties Parametry klucza Reset Przywróć domyślne Hide Column Ukryj kolumnę Details Szczegóły Columns Kolumny New Dodaj Import Importuj Paste PEM data Wklej dane PEM Rename Zmień nazwę Properties Parametry Delete Usuń Export Eksportuj Clipboard Schowek File Plik database_model Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Wykryto stary format bazy danych. Tworzę kopię pod nazwą: '%1' i konwertuję bazę do nowego formatu Failed to rename the database file, because the target already exists Nieudana zmiana nazwy ponieważ docelowy plik już istnieje Please enter the password to access the database server %2 as user '%1'. Podaj hasło dostępu do serwera bazy %2 jako '%1'. Unable to create '%1': %2 The file '%1' is not an XCA database No SqLite3 driver available. Please install the qt-sqlite package of your distribution Brak sterownika SqLite3. Zainstaluj pakiet qt-sqlite dla Twojej dystrybucji New Password Zmiana hasła Please enter a password, that will be used to encrypt your private keys in the database: %1 Podaj hasło, które będzie używane do szyfrowania twoich kluczy prywatnych w bazie danych: %1 Password Hasło Please enter the password for unlocking the database: %1 Proszę wprowadzić hasło do odblokowania bazy danych: %1 db_base Internal name Nazwa wewnętrzna No. Lp. Primary key Klucz główny Database unique number Unikalny numer w bazie danych Date Data Date of creation or insertion Data dodania Source Źródło Generated, Imported, Transformed Utworzony, zaimportowany lub zmodyfikowany Comment Komentarz First line of the comment field Pierwsza linia komentarza Import from: %1 Could not create directory %1 Nie można utworzyć folderu %1 Item properties Parametry obiektu db_crl Signer Wystawca Internal name of the signer Wewnętrzna nazwa wystawcy No. revoked Unieważnienia Number of revoked certificates Liczba unieważnionych certyfikatów Last update Ostatnia aktualizacja Next update Następna aktualizacja CRL number Numer CRL The revocation list already exists in the database as: '%1' and so it was not imported Lista unieważnień już istnieje w bazie danych jako: '%1' import został przerwany Revocation list export Eksport listy unieważnień There are no CA certificates for CRL generation Brakuje certyfikatów urzędów (CA) do wygenerowania listy CRL Select CA certificate Wybierz certyfikat Urzędu Certyfikacji Create CRL Nowa lista CRL Failed to initiate DB transaction Nieudane rozpoczęcie transakcji w bazie danych Database error: %1 Błąd bazy danych: %1 db_key Type Rodzaj Size Rozmiar EC Group Grupa EC Use Użycia Password Hasło The key is already in the database as: '%1' and is not going to be imported The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key Extending public key from %1 by imported key '%2' Key size too small ! Rozmiar klucza jest za mały ! You are sure to create a key of the size: %1 ? Export keys to Clipboard Eksport kluczy do schowka Clipboard Schowek Export private key [%1] Eksport klucza prywatnego [%1] Internal error Tried to change password of a token db_temp Bad template: %1 Błędny szablon: %1 Empty template Pusty szablon Preset Template values Domyślna zawartość szablonu Save template as Zapisz szablon jako XCA templates ( *.xca );; All files ( * ) Szablony XCA ( *.xca );; Wszystkie pliki ( * ) db_x509 CA Urząd certyfikacji reflects the basic Constraints extension Określa, czy jest to urząd certyfikacji bazując na podstawowych ograniczeniach Serial Numer seryjny Start date Data wydania Expiry date Data ważności MD5 fingerprint Odcisk palca MD5 SHA1 fingerprint Odcisk palca SHA1 SHA256 fingerprint Odcisk palca SHA256 Not before Nieważny przed Not after Nieważny po Revocation Unieważnienie CRL Expiration Ważność CRL Plain View Widok płaski Tree View Widok struktury Failed to retrieve unique random serial The certificate already exists in the database as: '%1' and so it was not imported Signed on %1 by '%2' Unknown Invalid public key The key you selected for signing is not a private one. Klucz wybrany do podpisu nie jest kluczem prywatnym. Failed to create directory '%1' Store the certificate to the key on the token '%1 (#%2)' ? Czy zapisać certyfikat do klucza na bezpiecznym tokenie '%1 (#%2)' ? Certificate export Eksport certyfikatu There was no key found for the Certificate: '%1' Not possible for a token key: '%1' Not possible for the token-key Certificate '%1' db_x509name Subject Podmiot Complete distinguished name Kompletna nazwa wyróżniająca Subject hash Skrót podmiotu Hash to lookup certs in directories Skrót do wyszukiwania certyfikatów w katalogach db_x509req Signed Podpisany whether the request is already signed or not Określa, czy żądanie zostało już podpisane Unstructured name Challenge password Certificate count Liczba certyfikatów Number of certificates in the database with the same public key Liczba certyfikatów w bazie danych z tym samym kluczem publicznym The certificate signing request already exists in the database as '%1' and thus was not stored Żądanie certyfikacyjne już istnieje w bazie danych jako '%1' i nie zostało ponowanie zapisane Certificate request export Eksport żądania certyfikacjnego Certificate request ( *.pem *.der *.csr ) Żądanie certyfikacyjne ( *.pem *.der *.csr ) db_x509super Key name Internal name of the key Signature algorithm Funkcja skrótu Key type Key size EC Group Grupa EC Extracted from %1 '%2' Certificate Certificate request The following extensions were not ported into the template Transformed from %1 '%2' kvView Type Rodzaj Content Zawartość pass_info Password Hasło PIN PIN pkcs11_lib Failed to open PKCS11 library: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. pki_base Error opening file: '%1': %2 Nieudane otwarcie pliku: '%1': %2 Unknown Imported Generated Transformed Token Token Legacy Database Renewed Property '%1' not listed in 'pki_base::print' Internal error: Unexpected message: %1 %2 pki_crl Successfully imported the revocation list '%1' Poprawnie zaimportowano listę unieważnień '%1' Delete the revocation list '%1'? Czy usunąć listę unieważnień '%1'? Successfully created the revocation list '%1' Poprawnie utworzono listę unieważnień '%1' Delete the %1 revocation lists: %2? Czy usunąć %1 listy unieważnień: %2? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. Nie można załadować listy unieważnień z pliku %1. Próbowano listy CRL w formacie PEM i DER. No issuer given CRL Renewal of CA '%1' due The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' Renew CRL: %1 The XCA CRL '%1', issued on %3 will expire on %4. It is stored in the XCA database '%5' pki_evp Failed to decrypt the key (bad password) Błąd deszyfracji klucza (błędne hasło) Please enter the password to decrypt the private key. Podaj hasło, aby odszyfrować klucz prywatny. Please enter the password to decrypt the private key %1. The key from file '%1' is incomplete or inconsistent. Please enter the password to decrypt the private key from file: %1 Podaj hasło, aby odszyfrować klucz prywatny z pliku: %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. Nie można załadować klucza prywatnego z pliku %1. Próbowano PEM i DER prywatny, publiczny, klucze w formacie PKCS#8 i SSH2. Please enter the password to decrypt the private key: '%1' Password input aborted Please enter the database password for decrypting the key '%1' Please enter the password to protect the private key: '%1' Please enter the database password for encrypting the key Please enter the password protecting the PKCS#8 key '%1' Please enter the password protecting the Microsoft PVK key '%1' Please enter the export password for the private key '%1' pki_export PEM Text format with headers Concatenated list of all selected items in one PEM text file PEM chain Concatenated text format of the complete certificate chain in one PEM file PEM + key Concatenation of the certificate and the unencrypted private key in one PEM file Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file PKCS#7 encoded single certificate All selected certificates encoded in one PKCS#7 file PKCS #7 chain PKCS#7 encoded complete certificate chain Binary DER encoded certificate PKCS #12 chain The complete certificate chain and the private key as encrypted PKCS#12 file PKCS #12 The certificate and the private key as encrypted PKCS#12 file Certificate Index file OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool vCalendar vCalendar expiry reminder for the selected items CA vCalendar vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL PEM public Text format of the public key in one PEM file PEM private Unencrypted private key in text format PEM encrypted OpenSSL specific encrypted private key in text format SSH2 private SSH2 public The public key encoded in SSH2 format DER public Binary DER format of the public key DER private Unencrypted private key in binary DER format PVK private Private key in Microsoft PVK format not encrypted PVK encrypted Encrypted private key in Microsoft PVK format PKCS #8 encrypted Encrypted private key in PKCS#8 text format PKCS #8 Unencrypted private key in PKCS#8 text format Binary DER format of the certificate request Binary DER format of the revocation list vCalendar reminder for the CRL expiry date XCA template in PEM-like format All selected XCA templates in PEM-like format pki_key Successfully imported the %1 public key '%2' Poprawnie zaimportowano klucz publiczny %1 jako '%2' Delete the %1 public key '%2'? Czy usunąć klucz publiczny '%2' typu %1? Successfully imported the %1 private key '%2' Poprawnie zaimportowano klucz prywatny %1 jako '%2' Delete the %1 private key '%2'? Czy usunąć klucz prywatny '%2' typu %1? Successfully created the %1 private key '%2' Poprawnie utworzono klucz prywatny %1 jako '%2' Delete the %1 keys: %2? Czy usunąć %1 klucze: %2? Public key Klucz publiczny Common Private Bogus PIN PIN No password Unexpected SSH2 content: '%1' Invalid SSH2 public key Failed writing to %1 pki_multi No known PEM encoded items found pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 Unable to load the PKCS#12 (pfx) file %1. Nie można załadować pliku PKCS#12 (pfx): %1. The supplied password was wrong (%1) Please enter the password to encrypt the PKCS#12 file No key or no Cert and no pkcs12 pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. Nie można załadować pliku PKCS#7: %1. Próbowano format PEM i DER. pki_scard Successfully imported the token key '%1' Delete the token key '%1'? Successfully created the token key '%1' Delete the %1 keys: %2? Czy usunąć %1 klucze: %2? Delete the private key '%1' from the token '%2 (#%3)' ? This Key is already on the token PIN input aborted Unable to find copied key on the token Please insert card: %1 %2 [%3] with Serial: %4 Unable to find generated key on card Token %1 Failed to find the key on the token Invalid Pin for the token Failed to initialize the key on the token pki_temp Successfully imported the XCA template '%1' Poprawnie zaimportowano szablon XCA '%1' Delete the XCA template '%1'? Czy usunąć szablon XCA '%1'? Successfully created the XCA template '%1' Poprawnie utworzono szablon XCA '%1' Delete the %1 XCA templates: %2? Czy usunąć %1 szablony XCA: %2? Wrong Size %1 Template file content error (too small) Not a PEM encoded XCA Template Not an XCA Template, but '%1' pki_x509 Successfully imported the certificate '%1' Poprawnie zaimportowano certyfikat '%1' Delete the certificate '%1'? Czy usunąć certyfikat '%1'? Successfully created the certificate '%1' Poprawnie utworzono certyfikat '%1' Delete the %1 certificates: %2? Czy usunąć %1 certyfikaty: %2? Unable to load the certificate in file %1. Tried PEM and DER certificate. Nie można załadować certyfikatu z pliku %1. Próbowano certyfikaty w formacie PEM i DER. This certificate is already on the security token Ten certyfikat już istnieje na bezpiecznym tokenie Delete the certificate '%1' from the token '%2 (#%3)'? There is no key for signing ! No Yes Renew certificate: %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' pki_x509req Signing key not valid (public key) Successfully imported the %1 certificate request '%2' Poprawnie zaimportowano żądanie certyfikacyjne %1 jako '%2' Delete the %1 certificate request '%2'? Czy usunąć żądanie certyfikacyjne '%2' typu %1? Successfully created the %1 certificate request '%2' Poprawnie utworzono żądanie certyfikacyjne %1 jako '%2' Delete the %1 certificate requests: %2? Czy usunąć %1 żądania certyfikacyjne: %2? Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. Nie można załadować żądania certyfikacyjnego z pliku %1. Próbowano format PEM, DER i SPKAC. Signed Podpisany Unhandled v3ext Copy Common Name Add Dodaj Delete Usuń Apply Zastosuj Validate Weryfikuj Cancel An email address or 'copy' An email address A registered ID: OBJECT IDENTIFIER A uniform resource indicator A DNS domain name or 'copycn' A DNS domain name An IP address Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' No editing. Only 'copy' allowed here Validation failed: '%1' %2 Validation successful: '%1' xcaWarning The following error occurred: Wystąpił błąd: Copy to Clipboard Kopiuj do schowka xcaWarningGui Copy to Clipboard Kopiuj do schowka xca-RELEASE.2.5.0/lang/xca_pt_BR.ts000066400000000000000000005370631450407711300165220ustar00rootroot00000000000000 CaProperties CA Properties Propriedades da AC Form Days until next CRL issuing Dias até a próxima emissão CRL Default template Modelo padrão CertDetail Details of the Certificate Detalhes do Certificado Serial N° de Série The serial number of the certificate No. de Série do Certificado The internal name of the certificate in the database Nome Interno do Certificado no Banco de Dados Status Situação Internal name Nome Interno Signature Assinatura Key Chave Fingerprints Digital Numérica MD5 MD5 An md5 hashsum of the certificate Um verificador MD5 do Certificado SHA1 SHA1 A SHA-1 hashsum of the certificate Um verificador SHA-1 do Certificado SHA256 SHA256 A SHA-256 hashsum of the certificate Um verificador SHA-256 do Certificado Validity Validade The time since the certificate is valid Desde quando o certificado é valido The time until the certificate is valid Até quando o certificado é valido Subject Finalidade Issuer Emissor Extensions Extensões Comment Comentários Attributes Atributos Show config Mostrar Configuração Show extensions Mostrar Extensões Show public key Mostrar Chave Pública This key is not in the database. Chave não está no Banco de Dados. Not available Indispoível Signer unknown Assinador Desconhecido Self signed Auto-assinado Revoked at %1 Revogado em %1 Not valid Inválido Valid Válido Details of the certificate signing request Detalhes da requisição de Assinatura do Certificado CertExtend Certificate renewal Renovação do Certificado This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. Será criado um novo certificado como cópia de um antigo com um novo número de série e valores de validade ajustados. Validity Validade Not before Não antes Not after Não após Time range Faixa de tempo Local time Tempo Local Days Dias Months Meses Years Anos No well-defined expiration Tempo de Expiração Indefinida Midnight Zero Hora Apply Aplicar Revoke old certificate Revogar certificado antigo Replace old certificate Substituir certificado antigo Keep serial number Manter o N° de Série The certificate will be earlier valid than the signer. This is probably not what you want. O certificado terá validade anterior a do Assinador. Provavelmente, não seja isto o que queira. Edit dates Editar Datas Abort rollout Abortar o procedimento Continue rollout Continuar o procedimento Adjust date and continue Ajustar data e Continuar The certificate will be longer valid than the signer. This is probably not what you want. O certificado terá período de validade superior ao do Assinador. Provavelmente, não seja isto o que queira. CertTreeView Import PKCS#12 Importar PKCS#12 Import from PKCS#7 Importar de PKCS#7 Request Requisição Security token Dispositivo de Segurança Other token Outro dispositivo Similar Certificate Certificado Similar Delete from Security token Apagar do Dispositivo de Segurança CA AC Properties Propriedades Generate CRL Gerar CRL Manage revocations Gerenciar revogações Renewal Renovar Revoke Revogar Unrevoke Desfazer Revogação Plain View Visualizar Tree View Visualização em Árvore days dias No template Sem Modelo CA Properties Propriedades da AC Certificate export Exportar Certificado X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) ClickLabel Double click for details Duplo clique para os detalhes CrlDetail Details of the Revocation list Detalhes da Lista de Revogação &Status &Situação Version Versão Signature Assinatura Signed by Assinado por Name Nome The internal name of the CRL in the database Nome Interno do CRL no Banco de Dados issuing dates datas de emissão Next update Próxima Atualização Last update Última Atualização &Issuer Em&issor &Extensions &Extensões &Revocation list Lista de &Revogação Comment Comentários Failed Falha Unknown signer Assinador Desconhecido Verification not possible Verificação Impossível CrlTreeView There are no CA certificates for CRL generation Não há certificados AC para geração de CRL Select CA certificate Selecionar Certificado do AC Revocation list export Exportação de lista de revogação CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) ExportDialog Name Nome The internal name of the CRL in the database Nome Interno do CRL no Banco de Dados ... ... Filename Nome do Arquivo Export comment into PEM file Exportar comentários para o arquivo PEM Export Format Formato da Exportação All files ( * ) Todos os Arquivos (*) PEM Text format with headers Formato Texto PEM com cabeçalhos Concatenated list of all selected items in one PEM text file Lista Concatenada de todos os ítens selecionados em 1 arquivo texto PEM Concatenated text format of the complete certificate chain in one PEM file Formato Texto Concatenado da cadeia completa de certificados em 1 arquivo PEM Concatenated text format of all certificates in one PEM file Formato Texto Concatenado de todos os certificados em 1 arquivo PEM Binary DER encoded file Arquivo Binário Codificado DER PKCS#7 encoded single certificate Único Certificado Codificado em PKCS#7 PKCS#7 encoded complete certificate chain Cadeia completa de Certificado Codificados em PKCS#7 Concatenated text format of all unrevoked certificates in one PEM file Formato Texto Concatenado de todos os cerificados com revogação desfeita em um arquivo PEM All unrevoked certificates encoded in one PKCS#7 file Todos certificados com revogação desfeita codificados em arquivo PKCS#7 All selected certificates encoded in one PKCS#7 file Todos certificados selecionados codificados em arquivo PKCS#7 All certificates encoded in one PKCS#7 file Todos certificados codificados em arquivo PKCS#7 The certificate and the private key as encrypted PKCS#12 file Todos certificados e Chaves Privadas codificados em arquivo PKCS#12 The complete certificate chain and the private key as encrypted PKCS#12 file Cadeia Completa de Certificados e Chaves Privadas codificados em arquivo PKCS#12 Concatenation of the certificate and the unencrypted private key in one PEM file Concatenação de um certificado e a chave privada não criptografada em arquivo PEM Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Concatenação de um certificado e a chave privada criptografada no formato PKCS#8 em arquivo Text format of the public key in one PEM file Formato texto da chave pública em arquivo PEM Binary DER format of the public key Chave Pública no Formato Binário DER Unencrypted private key in text format Chave Privada não criptografada no formato texto OpenSSL specific encrypted private key in text format Chave privada criptografada específica do OpenSSL no formato texto Unencrypted private key in binary DER format Chave privada não criptografada no formato binário DER Unencrypted private key in PKCS#8 text format Chave privada não criptografada no formato texto PKCS#8 Encrypted private key in PKCS#8 text format Chave privada criptografada no formato texto PKCS#8 The public key encoded in SSH2 format Chave Pública codificada no formato SSH2 OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool Arquivo de índice específico OpenSSL, requerido por ferramenta OCSP, foi criado pelo comando 'ca' vCalendar expiry reminder for the selected items agendamento de expiração por vCalendar para os ítens selecionados vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL agendamento de expiração por vCalendar contendo todos os certificados emitidos, válidos, além do próprio AC e do último CRL Private key in Microsoft PVK format not encrypted Chave Privada no formato Microsoft PVK não criptografada Encrypted private key in Microsoft PVK format Chave Privada criptografada no formato Microsoft PVK The file: '%1' already exists! O arquivo: '%1' já existe! Overwrite Sobrescrever Do not overwrite Não Sobrescrever Form last update next update Days Dias Months Meses Years Anos Apply Aplicar Midnight Zero Hora Local time Tempo Local No well-defined expiration Tempo de Expiração Indefinida Help << << >> >> &Done &Pronto ImportMulti Import PKI Items Importar Itens PKI Import &All Import&ar Tudo &Import &Importar &Done &Pronto &Remove from list &Remover da lista Details Detalhes Delete from token Apagar do Dispositivo Rename on token Renomear no dispositivo Name: %1 Model: %2 Serial: %3 Nome: %1 Modelo: %2 Série: %3 Manage security token Gerenciar o dispositivo de Segurança Details of the item '%1' cannot be shown Detalhes do ítem '%1' não podem ser mostrados The type of the item '%1' is not recognized O tipo do ítem '%1' é desconhecido The file '%1' did not contain PKI data O arquivo '%1' não contém dados PKI The %1 files: '%2' did not contain PKI data Os arquivos %1: '%2' não contém dados PKI ItemProperties Name Nome Source Origem Insertion date Data da Inserção Comment Comentário KeyDetail Name Nome The internal name of the key used by xca Nome Interno da chave usada pelo XCA Security token Dispositivo de Segurança Manufacturer Fabricante Serial No. de Série Key Chave Public Exponent Expoente Público Keysize Tamanho da Chave Private Exponent Expoente Privado Security Token Dispositivo de Segurança Label Etiqueta PKCS#11 ID ID PKCS#11 Token information Informação do Dispositivo Model Modelo Fingerprint Dados Digitais Comment Comentário Details of the %1 key Detalhes da chave %1 Not available Indisponível Available Disponível Sub prime Primo Inferior Public key Chave Pública Private key Chave Privada Curve name Método de Curva Unknown key Chave Desconhecida KeyTreeView Clipboard format Change password Alterar a Senha Reset password Ressetar a Senha Change PIN Alterar PIN Init PIN with SO PIN (PUK) Iniciar PIN com SO PIN (PUK) Change SO PIN (PUK) Alterar SO PIN (PUK) Security token Dispositivo de Segurança This is not a token Não é um dispositivo Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable Devo substituir a chave original '%1'pela chave do Dispositivo? Esta operação apagará a chave '%1' e a fará não exportável Export public key [%1] Exportar chave pública [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Chaves Privadas ( *.pem *.der *.pk8 );; Chaves Públicas SSH ( *.pub ) MainWindow Private Keys Chaves Privadas &New Key &Nova Chave &Export &Exportar &Import &Importar Import PFX (PKCS#12) Importar PFX (PKCS#12) &Show Details Mostrar Detalhe&s &Delete &Apagar Certificate signing requests Requisições de Assinatura de Certificado &New Request &Nova Requisição Certificates Certificados &New Certificate &Novo Certificado Import &PKCS#12 Importar &PKCS#12 Import P&KCS#7 Importar P&KCS#7 Plain View Visualizar Templates Modelos &New Template &Novo Modelo &New CRL &Novo CRL Ch&ange Template Alter&ar o Modelo Revocation lists Lista de Revogação Using or exporting private keys will not be possible without providing the correct password Não é possível Usar ou Exportar Chaves Privadas sem fornecer a senha correta Database Banco de Dados The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. O Verificador usado atualmente '%1' é inseguro. Favor selecionar um Verificador 'SHA 224' (ou superior) por motivos de segurança. Recent DataBases Banco de Dados Recentes System Sistema Croatian Croata English Inglês French Francês German Alemão Japanese Japones Russian Russo Slovak Eslovaco Spanish Espanhol Persian Bulgarian Polish Polonês Italian Italiano Chinese Chinês Dutch Holandês Portuguese in Brazil Português Brasil Indonesian Turkish Turco Language Idioma &File &Arquivo Open Remote DataBase Abrir Banco de Dados Remoto Set as default DataBase Definir como Banco de Dados Padrão New DataBase Novo Banco de Dados Open DataBase Abrir Banco de Dados Close DataBase Fechar Banco de Dados Options Opções Exit Sair I&mport I&mportar Keys Chaves Requests Requisições PKCS#12 PKCS#12 PKCS#7 PKCS#7 Template Modelo Revocation list Lista de Revogação PEM file Arquivo PEM Paste PEM file Colar Arquivo PEM Token Dispositivo Export Certificate &Index hierarchy Exportar hierarquicamente &Indice de Certificados Content Conteúdo &Manage Security token &Gerenciar Dispositivo de Segurança &Init Security token &Iniciar Dispositivo de Segurança &Change PIN &Alterar PIN Change &SO PIN Alterar &SO PIN Init PIN Iniciar PIN Extra Extras &Dump DataBase &Descarregar Banco de Dados &Export Certificate Index &Exportar Indexador de Certificado C&hange DataBase password Alterar Se&ha do Banco de Dados &Undelete items Resta&urar ítems removidos Generate DH parameter Gerar parâmetros DH OID Resolver Resolver OID &Help &Ajuda About Sobre Import PEM data Importar dados PEM Please enter the original SO PIN (PUK) of the token '%1' Favor entrar com o SO PIN (PUK) original do dispositivo '%1' Search Busca Please enter the new SO PIN (PUK) for the token '%1' Favor entrar com o novo SO PIN (PUK) para o dispositivo '%1' The new label of the token '%1' A nova etiqueta do dispositivo '%1' The token '%1' did not contain any keys or certificates O dispositivo '%1' não contém qualquer chave ou certificados Current Password Senha Corrente Please enter the current database password Favor entrar com a senha corrente do Banco de Dados The entered password is wrong Senha informada está errada New Password Nova Senha Please enter the new password to encrypt your private keys in the database-file Favor entrar a nova senha para criptografia da sua chave privada no Arquivo do Banco de Dados Transaction start failed Transação Inicial Falhou Database: %1 Certificate Index ( index.txt ) Índice de Certificado (Index.txt) All files ( * ) Todos os Arquivos (*) Diffie-Hellman parameters saved as: %1 Parâmetros Diffie-Hellman salvos como: %1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits Os parâmetros Diffie-Hellman são necessários para várias aplicações, mas não são tratados pelo XCA. Entrar com bits dos parâmetros DH NewCrl Last update Última Atualização Next update Próxima Atualização Days Dias Months Meses Years Anos Midnight Zero Hora Local time Tempo Local Apply Aplicar Options Opções CRL number N° CRL Subject alternative name Nome Alternativo da Finalidade Revocation reasons Razões da Revogação Authority key identifier Identificador da Chave da Autoridade Hash algorithm Algoritmo de Verificação Create CRL Criar CRL NewKey Please give a name to the new key and select the desired keysize Favor fornecer um nome para a nova chave e selecinoar o tamanho desejado Key properties Propriedades da Chave Name Nome The internal name of the new key Nome Interno da nova chave Curve name Método de Curva Usually at least 2048 bit keys are recommended Recomenda-se chaves de, pelo menos, 2048 bits New Key Nova Chave Keysize Tamanho da Chave Keytype Tipo da Chave Remember as default Lembrar como Padrão Create Criar NewX509 Source Origem Signing request Assinar a Requisição Show request Mostrar a Requisição Sign this Certificate signing &request Assinar este Certificado com &requisição de assinatura Copy extensions from the request Copiar as Extensões da Requisição Modify subject of the request Modificar a Finalidade da Requisição Signing Assinatura Create a &self signed certificate Criar Certificado Auto-Assinado Use &this Certificate for signing Usar es&te Certificado para assinar All certificates in your database that can create valid signatures Todos os Certificados do seu banco de dados que podem criar assinaturas válidas Signature algorithm Algoritmo de Assinatura Template for the new certificate Modelo para novo certificado All available templates Todos os Modelos disponíveis Apply extensions Aplicar extensões Apply subject Aplicar Finalidade Apply all Aplicar Tudo Subject Finalidade Internal Name Nome Interno Distinguished name Nome Indicativo Add Adicionar Delete Apagar Private key Chave Privada This list only contains unused keys A lista contém somente as chaves não usadas Used keys too Chaves usadas também &Generate a new key &Gerar uma nova Chave Extensions Extensões Type Tipo If this will become a CA certificate or not Se este Certificado sera para um AC ou não Not defined Indefinido Certification Authority Autoridade Certificadora End Entity Entidade Final Path length Quantidade de ACs após este How much CAs may be below this. Quantos ACs podem ser criados abaixo deste. The basic constraints should always be critical As restrições básicas devem ser sempre críticas Key identifier Identificador da Chave Creates a hash of the key following the PKIX guidelines Cria um Verificador da chave segundo as recomendações PKIX Copy the Subject Key Identifier from the issuer Copiar o Identificador da Chave de Finalidade do emissor Validity Validade Not before Não Antes Not after Não Após Time range Faixa de Tempo Days Dias Months Meses Years Anos Apply Aplicar Set the time to 00:00:00 and 23:59:59 respectively Define o tempo para 00:00:00 e 23:59:59, respectivamente Midnight Zero Hora Local time Tempo Local No well-defined expiration Tempo de Expiração Indefinida DNS: IP: URI: email: RID: DNS: IP: URI: email: RID: Edit Editar URI: URI: Key usage Aplicação da Chave Netscape Netscape Advanced Avançado Validate Validar Comment Comentário This name is only used internally and does not appear in the resulting certificate Este nome é usado somente internamente e não aparece no certificado Critical Crítico Create Certificate signing request Criar um Certificado com requisição de assinatura minimum size: %1 tamanho Mínimo: %1 maximum size: %1 tamanho Máximo: %1 only a-z A-Z 0-9 '()+,-./:=? somente a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters somente caracteres de 7-bits Edit XCA template Editar Modelo XCA Create x509 Certificate Criar Certificado x509 Template '%1' applied Modelo '%1' aplicado Subject applied from template '%1' Finalidade copiada do Modelo '%1' Extensions applied from template '%1' Extensões copiadas do Modelo '%1' New key '%1' created Nova Chave '%1' criada Other Tabs Outras abas Advanced Tab Abas Avançadas Errors Erros From PKCS#10 request De Requisição PKCS#10 Abort rollout Abortar o procedimento The following length restrictions of RFC3280 are violated: Foram violadas as seguintes restrições da RFC3280: Edit subject Editar Finalidade Continue rollout Continuar o procedimento The verification of the Certificate request failed. The rollout should be aborted. A verificação do Certificado Requisitado falhou. O procedimento poderá ser encerrado.. Continue anyway Continuar mesmo assim The internal name and the common name are empty. Please set at least the internal name. O nome Interno e o campo 'common name' estão vazios. Favor definir, pelo menos, o nome interno. Edit name Editar nome There is no Key selected for signing. Não há chave selecionada a ser assinada. Select key Selecionar Chave The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. Os seguintes nomes indicativos estão vazios: %1 entretanto foi configurado que aqueles indicadores são obrigatórios no menu de opções. The key you selected for signing is not a private one. A Chave selecionada para assinar não pe uma Chave Privada. Select other signer Selecionar outro Assinador Select other key Selecionar outra Chave The currently selected hash algorithm '%1' is insecure and should not be used. Select other algorithm Use algorithm anyway The certificate will be earlier valid than the signer. This is probably not what you want. O certificado terá validade anterior ao do Assinador. Provavelmente, não seja isto o que queira. Edit dates Editar Datas Adjust date and continue Ajustar data e Continuar The certificate will be longer valid than the signer. This is probably not what you want. O certificado terá período de validade superior ao do Assinador. Provavelmente, não seja isto o que queira. The certificate will be out of date before it becomes valid. You most probably mixed up both dates. O certificado está vencido antes de se tornar válido. Por algum motivo vc se confundiu as duas datas. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. O Certificado contém extensões inválidas ou duplicadas. Verifique a validação na Lapela Avançada. The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. O certificado não contém extensões. Você pode aplicar as extensões de um dos modelos para definir o propósito do certificado. The certificate contains invalid extensions. Edit extensions Editar extensões The subject alternative name shall contain a copy of the common name. However, the common name is empty. O Nome Alternativo da Finalidade (Subject Alternative Name) pode conter uma cópia do campo 'common name'. Entretanto, este último campo está vazio. Configfile error on line %1 Erro no Arquivo de Configuração, linha %1 OidResolver OID Resolver Resolver OID Enter the OID, the Nid, or one of the textual representations Digite o OID, o Nid ou uma representação de texto Search Busca OID OID Long name Nome Longo OpenSSL internal ID ID Interno OpenSSL Nid Nid Short name Nome Abreviado OpenDb Open remote database Abrir Banco de Dados Remoto Database type Tipo do Banco de Dados Hostname Nome do Host ou IP Username Nome de Usuário Password Senha Database name Nome do Banco de Dados Table prefix Prefixo da Tabela No SqLite3 driver available. Please install the qt-sqlite package of your distribution Não há driver SqLite3 disponível. Favor instalar o pacote qt-sqlite da sua distribuição Options XCA Options Opções XCA Settings Configuração Default hash algorithm Algoritmo Verificador padrão String types Tipos de Cadeia de Caracteres Suppress success messages Suprimir mensagens de sucesso Don't colorize expired certificates Não colorir certificados expirados Translate established x509 terms (%1 -> %2) Traduzir os termos X509 establecidos (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. A funcionalidade de erificação do dispositivo não é usada pelo XCA. Entretanto, o XCA podde honrar o conjunto de Verificadores restritos propagados pelo dispositivo. Especificamente, EC e DSA somente são definidos com SHA1 na especificação do PKCS#11. Only use hashes supported by the token when signing with a token key Somente use Verificadores suportados pelo dispositivo ao assinar com uma chave do dispositivo Disable legacy Netscape extensions Desabilitar as extensões Netscape PKCS12 encryption algorithm Certificate expiry warning threshold Aviso de Limite de Expiração do Certificado Send vCalendar expiry reminder Enviar aviso de Expiração pelo vCalendar Serial number length Tamaho do N° de Série bit bit Distinguished name Nome Indicativo Mandatory subject entries Entidades com entradas Obrigatórias Add Adicionar Delete Apagar Explicit subject entries Explicitar Entradas de Entidades Dynamically arrange explicit subject entries Arranjar dinamicamente as entradas das Entidades Explicitas Default Padrão PKCS#11 provider Fornecedor PKCS#11 Remove Remover Search Busca Printable string or UTF8 (default) Cadeia imprimível ou UTF8 (padrão) PKIX recommendation in RFC2459 Recomendações PKIX pevistas na RFC2459 No BMP strings, only printable and T61 Sem cadeia BMP, somente imprimíveis e T61 UTF8 strings only (RFC2459) Somente cadeias UTF8 (RFC2459) All strings Todas as cadeias Days Dias Weeks Semanas PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) A senha é analisada como um código hexadecimal de 2 dígitos. Ela deve ter um número par de dígitos (0-9 e a-f) Take as HEX string Considere como uma cadeia HEXadecimal Password Senha Repeat %1 Repetir %1 %1 mismatch %1 não coincide Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters A senha hexadecimal deve conter apenas os caracteres '0' - '9' e 'a' - 'f' e deve consistir em um número par de caracteres Exit Sair QMessageBox Cancel Cancelar Apply Aplicar Yes Sim No Não QObject Undefined Indefinido Broken / Invalid Com Defeito / Inválido in %1 seconds em %1 segundo(s) %1 seconds ago há %1 segundo(s) atrás in %1 minutes em %1 minuto(s) %1 minutes ago há %1 minuto(s) atrás Yesterday Ontem Tomorrow Amanhã in %1 hours em %1 hora(s) %1 hours ago há %1 hora(s) atrás Out of data Sem dados Error finding endmarker of string Erro ao localizar o marcador de final de cadeia Out of Memory at %1:%2 Fora da área de memória em %1:%2 All files ( * ) Todos os Arquivos (*) PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK Keys ( *.pvk );; SSH Public Keys ( *.pub );; Chaves PKI ( *.pem *.der *.key );; Chaves PKCS#8 ( *.p8 *.pk8 );; Chaves Microsoft PVK ( *.pvk );; Chaves Públicas SSH ( *.pub );; Import RSA key Importar Chave RSA PKCS#10 CSR ( *.pem *.der *.csr );; PKCS#10 CSR ( *.pem *.der *.csr );; Import Request Importar Requisição Certificates ( *.pem *.der *.crt *.cer );; Certificados ( *.pem *.der *.crt *.cer );; Import X.509 Certificate Importar Certificado X.509 PKCS#7 data ( *.p7s *.p7m *.p7b );; Dados PKCS#7 ( *.p7s *.p7m *.p7b );; Import PKCS#7 Certificates Importar Certificado PKCS#7 PKCS#12 Certificates ( *.p12 *.pfx );; Certificados PKCS#12 ( *.p12 *.pfx );; Import PKCS#12 Private Certificate Importar Certificado Privado PKCS#12 XCA templates ( *.xca );; Modelos XCA ( *.xca );; Import XCA Templates Importar Modelos XCA Revocation lists ( *.pem *.der *.crl );; Lista de Revogação ( *.pem *.der *.crl );; Import Certificate Revocation List Importar Lista de Revogação de Certificados XCA Databases ( *.xdb );; Banco de Dados XCA ( *.xdb );; Open XCA Database Abrir Banco de Dados XCA PKCS#11 library ( *.dll );; Biblioteca PKCS#11 ( *.dll );; PKCS#11 library ( *.dylib *.so );; Biblioteca PKCS#11 ( *.dylib *.so );; PKCS#11 library ( *.so );; Biblioteca PKCS#11 ( *.so );; Open PKCS#11 shared library Abrir Biblioteca Compartilhada/DInâmica PKCS#11 PEM files ( *.pem );; Arquivos PEM ( *.pem );; Load PEM encoded file Carregar Arquivo codificado PEM Please enter the PIN on the PinPad Favor entrar com o PIN no PinPad Please enter the SO PIN (PUK) of the token %1 Favor entrar o SO PIN (PUK) do dispositivo %1 Please enter the PIN of the token %1 Favor entrar o PIN do dispositivo %1 No Security token found Dispositivo de Segurança não encontrado Select Selecionar Please enter the new SO PIN (PUK) for the token: '%1' Favor entrar com o novo SO PIN (PUK) para o dispositivo '%1' Please enter the new PIN for the token: '%1' Favor entrar o PIN do dispositivo '%1' Required PIN size: %1 - %2 O Tamanho do requerido: %1 - %2 Invalid filename: %1 Nome de Arquivo Iválido: %1 Failed to open PKCS11 library: %1: %2 Falha ao abrir a biblioteca PKCS11: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Não parece ser uma biblioteca PKCS#11: Função 'C_GetFunctionList' não Encontrada. Disabled Desabilitado Library loading failed Carga da Biblioteca falhou PKCS#11 function '%1' failed: %2 Função PKCS#11 '%1' falhou: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 Função PKCS#11 '%1' falhou: %2 Na biblioteca %3 %4 Invalid Invaálido %1 is shorter than %2 bytes: '%3' %1 é menor que %2 bytes: '%3' %1 is longer than %2 bytes: '%3' %1 é maior que %2 bytes: '%3' String '%1' for '%2' contains invalid characters Cadeia '%1' para '%2' contém caracteres inválidos Error reading config file %1 at line %2 Erro de leitura do Arquivo de Configuração %1 na linha %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. O Objeto '%1' do arquivo %2 linha %3 já é conhecido como '%4:%5:%6' e deve ser removido. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. O Identificador '%1' para o OID %2 do arquivo %3 linha %4 já é usado para um OID diferente como '%5:%6:%7' e deve ser alteradopara evitar conflitos. Unknown object '%1' in file %2 line %3 Objeto desconhecido '%1' no arquivo %2 linha %3 Failed to start a database transaction Falha ao inciar uma transação de Banco de Dados Country code Sigla do País State or Province Nome ou Sigla Estado Locality Cidade Organisation Organização Organisational unit Unidade Organizacional Common name Nome Da Entidade E-Mail address Endereço de E-mail Serial number N° de Série Given name Primeiro Nome Surname Sobrenome Title Título/Designação Initials Inciiais Description Descrição Adicional Role Função Pseudonym Pseudônimo Generation Qualifier Qualificador de Geração x500 Unique Identifier identificação Única X500 Name Nome DN Qualifier Qualificador de Nome Distinto Unstructured name Nome não Estruturado Challenge password Senha Desafio Basic Constraints Restrições Básicas Subject alternative name Nome Alternativo da Finalidade issuer alternative name nome alternativo do emissor Subject key identifier Identificador da Chave da Finalidade Authority key identifier Identificador da Chave da Autoridade Key usage Aplicação da Chave Extended key usage Uso Estendido da Chave CRL distribution points Ponto de Distribuição CRL Authority information access Acesso à Informação sobre a Autoridade Certificate type Tipo de Certificado Base URL URL Base Revocation URL URL de Revogação CA Revocation URL URL de Revogação de AC Certificate renewal URL URL de Renovação de Certficado CA policy URL URL de Política do AC SSL server name Nome do Serviço SSL Comment Comentário Index file written to '%1' Index hierarchy written to '%1' Unknown key type %1 Password verify error, please try again Erro na Verificação da Senha, favor tentar novamente The following error occurred: Ocorreu o seguinte erro: Failed to update the database schema to the current version Password Senha ReqTreeView Sign Assinar Unmark signed Desmarcar assinado Mark signed Marcar assinado Similar Request Requisição Similar Certificate request export Exportar Requisição de Certificado Certificate request ( *.pem *.der *.csr ) Requisição de Certificados ( *.pem *.der *.csr ) RevocationList Manage revocations Gerenciar revogações Add Adicionar Delete Apagar Edit Editar No. Não. Serial N° de Série Revocation Revogação Reason Motivo Invalidation Invalidação Generate CRL Gerar CRL Revoke Certificate revocation Revogação de Certificado Revocation details Detalhes da Revogação Revocation reason Motivo da Revogação Local time Tempo Local Invalid since Inválido desde Serial N° de Série SearchPkcs11 Directory Diretório ... ... Include subdirectories Incluir Subdiretórios Search Busca The following files are possible PKCS#11 libraries Os seguintes arquivos são possíveis bibliotecas PKCS#11 SelectToken Security token Dispositivo de Segurança Please select the security token Favor Selecionar o Dispositivo de Segurança TempTreeView Duplicate Duplicar Create certificate Criar Certificado Create request Criar Requisição copy copiar Preset Template values Valores Pré-definidos do Modelo Template export XCA Templates ( *.xca ) TrustState Certificate trust Trustment &Never trust this certificate Only &trust this certificate, if we trust the signer &Always trust this certificate Validity yyyy-MM-dd hh:mm dd-MM-yyyy hh:mm X509SuperTreeView OpenSSL config Configuração OpenSSL Transform Transformar Template Modelo padrão Public key Chave Pública Save as OpenSSL config Salvar como Configuração OpenSSL Config files ( *.conf *.cnf);; All files ( * ) Arquivos de Configuração OpenSSL ( *.conf *.cnf);; Todos os Arquivos ( * ) XFile Error opening file: '%1': %2 Error rewinding file: '%1': %2 XcaTreeView Item properties Propriedades do ítem Subject entries Inscrições de Finalidade X509v3 Extensions Extensões X509v3 Netscape extensions Extensões Netscape Key properties Propriedades da Chave Privada Reset Zerar Tudo (Reset) Hide Column Ocultar Coluna Details Detalhes Columns Colunas New Novo Import Importar Paste PEM data Colar dados PEM Rename Renomear Properties Propriedades Delete Apagar Export Exportar Clipboard Área de Transferência File Arquivo database_model Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Detectado Banco de Dados no formato de versões antigas. Criando um backup denominado: '%1' e restaurando o Bando de Dados no formato desta versão Failed to rename the database file, because the target already exists A ação de renomear o Arquivo de Banco de Dados FALHOU, porque o arquivo final já existe Please enter the password to access the database server %2 as user '%1'. Favor entrar com a senha de acesso do Serviço de Banco de Dados %2 como usuário '%1'. Unable to create '%1': %2 The file '%1' is not an XCA database No SqLite3 driver available. Please install the qt-sqlite package of your distribution Não há driver SqLite3 disponível. Favor instalar o pacote qt-sqlite da sua distribuição New Password Nova Senha Please enter a password, that will be used to encrypt your private keys in the database: %1 Favor entrar uma senha, que será usada para encriptar sua chave privada no Banco de Dados: %1 Password Senha Please enter the password for unlocking the database: %1 Favor entrar a senha para desbloquear o Banco de Dados: %1 db_base Internal name Nome Interno No. N°. Primary key Chave Primária Database unique number N° único do Banco de Dados Date Data Date of creation or insertion Data da Criação ou Inserção Source Origem Generated, Imported, Transformed Gerado, Importado, Transformado Comment Comentário First line of the comment field Primeira Linha do Campo Comentário Import from: %1 Could not create directory %1 Impossibilidade de criar o diretório %1 Item properties Propriedades do ítem How to export the %1 selected items Como exportar os itens selecionados de %1 All in one PEM file Tudo em 1 arquivo PEM Each item in one file Cada Ítem em 1 arquivo Save %1 items in one file as Salvar %1 ítens em 1 arquivo como PEM files ( *.pem );; All files ( * ) Arquivo(s) PEM ( *.pem );; Todos os Arquivos ( * ) db_crl Signer Assinador Internal name of the signer Nome Interno do Assinador No. revoked N° de revogados Number of revoked certificates N° de Certificados Revogados Last update Última Atualização Next update Próxima Atualização CRL number N° do CRL The revocation list already exists in the database as: '%1' and so it was not imported A Lista de Revogação já existe no Banco de Dados como: '%1' e, assim, ela não será importada Revocation list export Exportação de lista de revogação CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) Failed to initiate DB transaction Falha ao inciar uma transação de Banco de Dados Database error: %1 Erro no Banco de Dados: %1 db_key Type Tipo Size Tamanho EC Group Grupo EC Use Usar Password Senha The key is already in the database as: '%1' and is not going to be imported A chave já está no Banco de Dados como: '%1' e não será importada The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key O Banco de Dados já contém a parte pública da chave importada como '%1 e será importado somente a parte privada da chave Extending public key from %1 by imported key '%2' Estendendo a chave pública de %1 ao ser importado a chave '%2' Key size too small ! O tamanho da Chave é muito pequeno ! You are sure to create a key of the size: %1 ? Tem certeza que quer criar uma chave com tamanho: %1 ? PEM public Pública PEM SSH2 public Pública SSH2 PEM private Privada PEM Export keys to Clipboard Exportar Chaves para a Área de Transferência Clipboard Área de Transferência Export public key [%1] Exportar chave pública [%1] DER public Pública DER DER private Privada DER PEM encryped Encriptada PEM PVK private Privada PVK PVK encrypted Encriptada PVK PKCS#8 encrypted Encriptada PKCS#8 Export private key [%1] Exportar chave privada [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Chaves Privadas ( *.pem *.der *.pk8 );; Chaves Públicas SSH ( *.pub ) Internal error Erro Interno Tried to change password of a token Tentei alterar a senha de um dispositivo db_temp Bad template: %1 Modelo com erros: %1 Empty template Modelo Vazio Save template as Salvar Modelo como XCA templates ( *.xca );; All files ( * ) Modelos XCA ( *.xca );; Todos os Arquivos ( * ) db_x509 CA AC reflects the basic Constraints extension reflete a extensão de restrições básicas Serial N° de Série Start date Data Inciial Expiry date Data de Expiração MD5 fingerprint Impressão Digital MD5 SHA1 fingerprint Impressão Digital SHA1 SHA256 fingerprint Impressão Digital SHA256 Not before Não Antes Not after Não após Revocation Revogação CRL Expiration Validade CRL Failed to retrieve unique random serial Falha ao recuperar uma Série Aleatória Única The certificate already exists in the database as: '%1' and so it was not imported O Certificado já existe no Banco de Dados como: '%1' e, assim, ela não será importada Signed on %1 by '%2' Assinado em %1 por '%2' Unknown Desconhecido Invalid public key Chave Pública Inválida PKCS#7 unrevoked PKCS#7 restaurada PEM unrevoked PEM restaurada vCalendar vCalendar CA vCalendar Calendário (vCalendar) do AC days dias No template Sem Modelo The key you selected for signing is not a private one. A Chave selecionada para assinar não é uma Chave Privada. Failed to create directory '%1' Store the certificate to the key on the token '%1 (#%2)' ? Armazenar o certificado da chave no dispositivo '%1 (#%2)' ? PEM chain Cadeia PEM PKCS#7 chain Cadeia PKCS#7 PKCS#12 chain Cadeia PKCS#12 PKCS#7 all Todas PKCS#7 PEM + key PEM + Chave PEM all Todas PEM Certificate Index file Arquivo de Índice de Certificado Certificate export Exportar Certificado There was no key found for the Certificate: '%1' Não foi encontrada chave para o Certificado: '%1' Not possible for a token key: '%1' Impossível para a chave de dispositivo: '%1' Not possible for the token-key Certificate '%1' Impossível para o Certificado com chave de dispositivo: '%1' db_x509name Subject Finalidade Complete distinguished name Completar o nome distinto Subject hash Verificador de Finalidade Hash to lookup certs in directories Veriificador para a identificar certificados nos diretórios db_x509req Signed Assinado whether the request is already signed or not se a requisição já foi, ou não, assinada Unstructured name Nome não Estruturado Challenge password Senha Desafio Certificate count Contagem de Certificados Number of certificates in the database with the same public key Número de certificados no Banco de Dados com a mesma chave pública The certificate signing request already exists in the database as '%1' and thus was not stored A requisição de assinatura de certificado já existe no Banco de Dados como '%1' e ela não será armazenada Certificate request export Exportar Requisição de Certificado Certificate request ( *.pem *.der *.csr ) Requisição de Certificados ( *.pem *.der *.csr ) db_x509super Key name Nome da Chave Internal name of the key Nome Interno da Chave Signature algorithm Algoritmo de Assinatura Key type Tipo da Chave Key size Tamanho da Chave EC Group Grupo EC Extracted from %1 '%2' Extraido de %1 '%2' Certificate Certificado Certificate request Requisição de Certificado Save as OpenSSL config Salvar como Configuração OpenSSL Config files ( *.conf *.cnf);; All files ( * ) Arquivos de Configuração OpenSSL ( *.conf *.cnf);; Todos os Arquivos ( * ) The following extensions were not ported into the template As seguintes extensões não foram portadas para o Modelo Transformed from %1 '%2' Transformado de %1 '%2' kvView Type Tipo Content Conteúdo pass_info Password Senha PIN PIN pkcs11_lib Failed to open PKCS11 library: %1: %2 Falha ao abrir a biblioteca PKCS11: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Não parece ser uma biblioteca PKCS#11: Função 'C_GetFunctionList' não Encontrada. pki_base Unknown Desconhcido Imported Importado Generated Gerado Transformed Transformado Token Dispositivo Legacy Database Banco de Dados de Versão Anterior Renewed Renovado Property '%1' not listed in 'pki_base::print' Internal error: Unexpected message: %1 %2 Erro Interno: Mensagem Inesperada: %1 %2 pki_crl Successfully imported the revocation list '%1' Lista de Revogação '%1' importada com sucesso Delete the revocation list '%1'? Apagar a lista de revogação '%1'? Successfully created the revocation list '%1' Lista de Revogação '%1' criada com sucesso Delete the %1 revocation lists: %2? Apagar %1 da lista de revogação: %2? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. Impossibilidade de carregar a lista de revogação do arquivo %1. Tentativas de formato de CRL em PEM e DER falharam. No issuer given Nenhum Emissor foi informado Wrong Size %1 Tamanho Errado %1 CRL Renewal of CA '%1' due Renovação CRL da AC '%1' devido a The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' A última CRL emitida pela AC '%1' expirará em %2. Ela está armazenada no Banco de Dados XCA '%3' Renew CRL: %1 Renovar CRL: %1 The XCA CRL '%1', issued on %3 will expire on %4. It is stored in the XCA database '%5' A CRL XCA '%1', emitida em %3, expirará em %4. Ela está armazenada no Banco de Dados XCA '%5' pki_evp Please enter the password to decrypt the private key %1. The key from file '%1' is incomplete or inconsistent. A chave do arquivo '%1' está incompleta ou inconsistente. Please enter the password to decrypt the private key from file: %1 Favor entrar a senha para decriptar a chave privada do arquivo: %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. Não foi possível carregar a Chave Privada do arquivo %1. As tentativas no formato PEM e DER privados, públicos, tipos de chaves PKCS#8 e formato SSH2 falharam. Ignoring unsupported private key Ignorando formatos de chaves privadas não previstas pelo XCA Please enter the password to decrypt the private key: '%1' Favoir entrar com a senha para decriptar a chave privada: '%1' Password input aborted Abortado a entrada da Senha Please enter the database password for decrypting the key '%1' Favor entrar com a senha do Banco de Dados para decriptar a chave '%1' Please enter the password to protect the private key: '%1' Favor entrar com a senha para proteger a chave privada: '%1' Please enter the database password for encrypting the key Favor entrar a senha do Banco de Dados para encriptar a chave Please enter the password protecting the PKCS#8 key '%1' Favor entrar com a senha para proteger a chave PKCS#8: '%1' Please enter the password protecting the Microsoft PVK key '%1' Favor entrar a senha dde proteção da chave Microsoft PVK '%1' Please enter the export password for the private key '%1' Favor entrar com a senha para exportar a chave privada: '%1' pki_export PEM Text format with headers Formato Texto PEM com cabeçalhos Concatenated list of all selected items in one PEM text file Lista Concatenada de todos os ítens selecionados em 1 arquivo texto PEM PEM chain Cadeia PEM Concatenated text format of the complete certificate chain in one PEM file Formato Texto Concatenado da cadeia completa de certificados em 1 arquivo PEM PEM + key PEM + Chave Concatenation of the certificate and the unencrypted private key in one PEM file Concatenação de um certificado e a chave privada não criptografada em arquivo PEM Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Concatenação de um certificado e a chave privada criptografada no formato PKCS#8 em arquivo PKCS#7 encoded single certificate Único Certificado Codificado em PKCS#7 All selected certificates encoded in one PKCS#7 file Todos certificados selecionados codificados em arquivo PKCS#7 PKCS #7 chain PKCS#7 encoded complete certificate chain Cadeia completa de Certificado Codificados em PKCS#7 Binary DER encoded certificate PKCS #12 chain The complete certificate chain and the private key as encrypted PKCS#12 file Cadeia Completa de Certificados e Chaves Privadas codificados em arquivo PKCS#12 PKCS #12 The certificate and the private key as encrypted PKCS#12 file Todos certificados e Chaves Privadas codificados em arquivo PKCS#12 Certificate Index file Arquivo de Índice de Certificado OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool Arquivo de índice específico OpenSSL, requerido por ferramenta OCSP, foi criado pelo comando 'ca' vCalendar vCalendar vCalendar expiry reminder for the selected items agendamento de expiração por vCalendar para os ítens selecionados CA vCalendar Calendário (vCalendar) do AC vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL agendamento de expiração por vCalendar contendo todos os certificados emitidos, válidos, além do próprio AC e do último CRL PEM public Pública PEM Text format of the public key in one PEM file Formato texto da chave pública em arquivo PEM PEM private Privada PEM Unencrypted private key in text format Chave Privada não criptografada no formato texto PEM encrypted OpenSSL specific encrypted private key in text format Chave privada criptografada específica do OpenSSL no formato texto SSH2 private SSH2 public Pública SSH2 The public key encoded in SSH2 format Chave Pública codificada no formato SSH2 DER public Pública DER Binary DER format of the public key Chave Pública no Formato Binário DER DER private Privada DER Unencrypted private key in binary DER format Chave privada não criptografada no formato binário DER PVK private Privada PVK Private key in Microsoft PVK format not encrypted Chave Privada no formato Microsoft PVK não criptografada PVK encrypted Encriptada PVK Encrypted private key in Microsoft PVK format Chave Privada criptografada no formato Microsoft PVK PKCS #8 encrypted Encrypted private key in PKCS#8 text format Chave privada criptografada no formato texto PKCS#8 PKCS #8 Unencrypted private key in PKCS#8 text format Chave privada não criptografada no formato texto PKCS#8 Binary DER format of the certificate request Binary DER format of the revocation list vCalendar reminder for the CRL expiry date XCA template in PEM-like format All selected XCA templates in PEM-like format pki_key Successfully imported the %1 public key '%2' A chave pública %1, '%2', foi importada com sucesso Delete the %1 public key '%2'? Apagar a chave pública tipo %1 de '%2'? Successfully imported the %1 private key '%2' A chave privada tipo %1, '%2', foi importada com sucesso Delete the %1 private key '%2'? Apagar a chave privada %1 de '%2'? Successfully created the %1 private key '%2' Chave privada %1, de '%2', foi criada com sucesso Delete the %1 keys: %2? Apagar a chave %1: %2? Public key Chave Pública Common This is a colum name. We suggest that this shoould not be translated. since: Common is thecommonName Common Private Privado Bogus Adulterado PIN PIN No password Sem Senha Unexpected SSH2 content: '%1' Coneúdo SSH2 inesperado: '%1' Invalid SSH2 public key Chave Pública SSH2 Inválida Failed writing to %1 Falha ao escrever em %1 pki_multi No known PEM encoded items found Encontrado itens codificados PEM desconhecidos pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 Favor entrar com a senha para decriptar o arquivoPKCS#12: %1 Unable to load the PKCS#12 (pfx) file %1. Impossibilidade de carregar o arquivo PKCS#12 (pfx) %1. The supplied password was wrong (%1) A senha informada está errada (%1) Please enter the password to encrypt the PKCS#12 file Foavor entrar com a senha para encriptar o arquivo PKCS#12 No key or no Cert and no pkcs12 Nehuma chave, nem certificado, nem pkcs12 pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. Impossibilidade de carregar o arquivo PKCS#7 %1. Formatos PEM e DER falharam. pki_scard Successfully imported the token key '%1' A chave do dispositivo '%1' foi importada com sucesso Delete the token key '%1'? Apagar a chave do dispositivo '%1'? Successfully created the token key '%1' Chave do dispositivo '%1' foi criada com sucesso Delete the %1 keys: %2? Apagar a chave %2 do dispositivo %1? Delete the private key '%1' from the token '%2 (#%3)' ? Apagar a chave privada '%1' do dispositivo '%2 (#%3)' ? This Key is already on the token Esta chave já está no dispositivo PIN input aborted Entrada de PIN cancelada Unable to find copied key on the token Impossibilitado de achar a chave copiada no dispositivo Please insert card: %1 %2 [%3] with Serial: %4 Favor inserir o cartão: %1 %2 [%3] n° de série: %4 Unable to find generated key on card Imossibibilidade de localizar a chave gerada no cartão Ignoring unsupported token key Ignorando chave de dispositivo não suportada pelo XCA Wrong Size %1 Tamanho Errado %1 Token %1 Dispositivo %1 Failed to find the key on the token A busca pela chave no dispositivo falhou Invalid Pin for the token O PIN para o dispositivo é inválido Failed to initialize the key on the token A inicialização da chave no dispositivo falhou pki_temp Successfully imported the XCA template '%1' O modelo XCA '%1' foi importado com sucesso Delete the XCA template '%1'? Apagar o Modelo XCA '%1'? Successfully created the XCA template '%1' O modelo XCA '%1' foi criado com sucesso Delete the %1 XCA templates: %2? Apagar o Modelo XCA n° %1 dos modelos: %2? Wrong Size %1 Tamanho Errado %1 Template file content error (too small) Conteúdo do Modelo com erro (muito pequeno) Not a PEM encoded XCA Template Não é Modelo XCA codificado em PEM Not an XCA Template, but '%1' Não é um modelo XCA, mas '%1' pki_x509 Successfully imported the certificate '%1' O certificado '%1' foi importado com sucesso Delete the certificate '%1'? Apagar o Certificado '%1'? Successfully created the certificate '%1' O certificado '%1' criado com sucesso Delete the %1 certificates: %2? Apagar %1 dos certificados: %2? Unable to load the certificate in file %1. Tried PEM and DER certificate. Impossibilidade de carregar certificado no arquivo %1. Tentativas de certificado PEM e DER falharam. This certificate is already on the security token Este certificado já existe no dispositivo de segurança Delete the certificate '%1' from the token '%2 (#%3)'? Apagar o certificado '%1' do dispositivo '%2 (#%3)' ? There is no key for signing ! Não há qualquer chave para assinar! Wrong Size %1 Tamanho Errado %1 No Não Yes Sim Renew certificate: %1 Renovar Certificado: %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' O certificado XCA '%1', emitido em %2, expirará em %3. Ela está armazenada no Banco de Dados XCA '%4' pki_x509req Signing key not valid (public key) Assinado chave inválida (chave pública) Successfully imported the %1 certificate request '%2' A requisição de certificado tipo %1, '%2', foi importada com sucesso Delete the %1 certificate request '%2'? Apagar a requisição de certificado do tipo %1, '%2'? Successfully created the %1 certificate request '%2' A requisição de certificado tipo %1, '%2', foi criada com sucesso Delete the %1 certificate requests: %2? Apagar a requisição de certificado do tipo %1, '%2'? Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. Impossibilidade de carregar a requisição de certificado no arquivo %1. Tentativas de formato PEM, DER e SPKAC falharam. Wrong Size %1 Tamanho Errado %1 Signed Assinado Unhandled Não processado v3ext Copy Common Name Copiar o Common Name (CN) Add Adicionar Delete Apagar Apply Aplicar Validate Validar Cancel Cancelar An email address or 'copy' Um e-mail ou 'copy' An email address Um e-mail A registered ID: OBJECT IDENTIFIER Um ID registrado: OBJECT IDENTIFIER A uniform resource indicator Um URI (uniform resource indicator) A DNS domain name or 'copycn' Um nome de domínio DNS ou 'copycn' A DNS domain name Um nome de domínio DNS An IP address Um Endereço IP Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' Sintaxe: <OID>;TYPE:texto similar a '1.2.3.4:UTF8:nome' No editing. Only 'copy' allowed here Edição não permitida. Somente 'copy' é permitido aqui Validation failed: '%1' %2 Falha de Validação: '%1' %2 Validation successful: '%1' Validação com sucesso: '%1' xcaWarning The following error occurred: Ocorreu o seguinte erro: Copy to Clipboard Copiar para a Área de Transferência xcaWarningGui Copy to Clipboard Copiar para a Área de Transferência xca-RELEASE.2.5.0/lang/xca_ru.ts000066400000000000000000006555151450407711300161450ustar00rootroot00000000000000 About Done Готово CaProperties Next serial for signing "подписи" благозвучнее, чем "подписания" / better wording Следующий серийный номер для подписи Form Days until next CRL issuing 'CRL' лучше не переводить, мне кажется Дней до следующего выпуска CRL Default template Шаблон по-умолчанию CA Properties Свойства ЦС Use random Serial numbers Использовать случайные cерийные номера CertDetail Show extensions there was a typo, sorry Показать расширения Show public key показать открытый ключ This key is not in the database. Этого ключа нет в базе данных. Not available Недоступен Signer unknown Издатель неизвестен Self signed Самозаверенный Revoked at %1 Отозван %1 Not trusted Не доверенный Trusted Доверенный Revoked: Отозванный: Not valid Недействительный Valid Действительный Details of the certificate signing request Сведения о запросе на получение сертификата Details of the Certificate Сведения о сертификате S&tatus С&татус Serial Серийный номер The serial number of the certificate Серийный номер сертификата The internal name of the certificate in the database Внутреннее имя сертификата Internal name Внутреннее имя Signature algorithm Алгоритм подписи Signature Подпись Key Ключ Fingerprints Отпечатки SHA1 SHA1 MD5 MD5 A SHA-1 hashsum of the certificate SHA-1 отпечаток сертификата An md5 hashsum of the certificate MD5 отпечаток сертификата Status Состояние SHA256 SHA256 A SHA-256 hashsum of the certificate SHA-256 отпечаток сертификата Validity Период действия The time since the certificate is valid Сертификат действителен с The time until the certificate is valid Сертификат действителен по Subject Субъект Issuer Издатель Extensions Расширения Comment Комментарий &Subject &Субъект &Issuer &Издатель Attributes Атрибуты &Extensions &Расширения Show config Показать конфигурацию CertExtend This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. Это позволит создать копию сертификата с новым серийным номером и скорректированным значением срока действия. Validity единообразия для Период действия Not before Сертификат действителен с Not after Сертификат действителен по Time range Выбор периода Days Дней Months Месяцев Years Лет Midnight Начинать с полуночи Apply Применить Revoke old certificate Отозвать старый сертификат Replace old certificate Заменить старый сертификат Keep serial number Сохранить серийный номер Certificate renewal Продление сертификата Local time По местному времени No well-defined expiration Конечный срок не определён The certificate will be earlier valid than the signer. This is probably not what you want. Срок действия сертификата начинается раньше срока действия издателя. Скорее всего, здесь ошибка. Edit dates Изменить период Abort rollout Прервать Continue rollout Продолжить всё равно Adjust date and continue Скорректировать дату и продолжить The certificate will be longer valid than the signer. This is probably not what you want. Срок действия сертификата больше срока действия издателя. Скорее всего, здесь ошибка. CertTreeView Import PKCS#12 Ипорт PKCS#12 Import from PKCS#7 Импорт из PKCS#7 Request Запрос Security token Модуль защиты Other token Другой модуль защиты Similar Certificate Похожий сертификат Delete from Security token Удалить из модуля защиты CA ЦС Properties Свойства Generate CRL Сгенерировать CRL Manage revocations Управление отзывами Plain View В виде списка Tree View В виде дерева days дней No template Нет шаблона CA Properties Свойства ЦС Certificate export Экспортировать сертификат X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) Сертификаты X509 ( *.pem *.cer *.crt *.p12 *.p7b ) Trust Доверять Renewal Продлить Revoke Отозвать Unrevoke Вернуть ClickLabel Double click for details Щёлкните дважды, чтобы просмотреть сведения CrlDetail Name Внутреннее имя Failed Ошибка Unknown signer Неизвестный издатель Verification not possible Проверка не возможна Details of the Revocation list Сведения о CRL &Status &Состояние Version Версия Signature Подпись Signed by Подписан The internal name of the CRL in the database 'CRL' лучше не переводить, мне кажется Внутреннее имя CRL issuing dates Даты публикации Next update Следующее обновление Last update Последнее обновление &Issuer &Издатель &Extensions &Расширения &Revocation list &Список отзыва Comment Комментарий CrlTreeView There are no CA certificates for CRL generation Нет ЦС для генерирования CRL Select CA certificate Выберите сертификат ЦС Revocation list export Экспорт списка отзывов CRL ( *.pem *.der *.crl ) Списки отзыва ( *.pem *.der *.crl );; ExportDialog Name Внутреннее имя The internal name of the CRL in the database Внутреннее имя CRL ... ... Filename Имя файла Export comment into PEM file Экспортировать комментарий в файл PEM Export Format Формат для экспорта All files ( * ) Все файлы ( * ) PEM Text format with headers Текстовый PEM формат с заголовками Concatenated list of all selected items in one PEM text file Все выбранные элементы в одном PEM файле Concatenated text format of the complete certificate chain in one PEM file Вся цепочка сертификации в одном PEM файле Concatenated text format of all trusted certificates in one PEM file Сцепленные вместе все доверенные сертификаты в одном PEM файле Concatenated text format of all certificates in one PEM file Все сертификаты в одном PEM файле Binary DER encoded file Двоичный DER формат PKCS#7 encoded single certificate Отдельный сертификат в формате PKCS#7 PKCS#7 encoded complete certificate chain Вся цепочка сертификации в формате PKCS#7 All trusted certificates encoded in one PKCS#7 file Все доверенные сертификаты в одном PKCS#7 файле Concatenated text format of all unrevoked certificates in one PEM file Все неотозванные сертификаты в одном PEM файле All unrevoked certificates encoded in one PKCS#7 file Все неотозванные сертификаты в одном PKCS#7 файле All selected certificates encoded in one PKCS#7 file Все выбранные сертификаты в одном PKCS#7 файле All certificates encoded in one PKCS#7 file Все сертификаты в одном PKCS#7 файле The certificate and the private key as encrypted PKCS#12 file Сертификат и закрытый ключ в зашифрованном PKCS#12 файле The complete certificate chain and the private key as encrypted PKCS#12 file Вся цепочка сертификатов и закртый ключ в зашифрованном PKCS#12 файле Concatenation of the certificate and the unencrypted private key in one PEM file Сертификат и нешифрованный закрытый ключ в одном PEM файле Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Сертификат и зашифрованный закрытый ключ в одном PKCS#8 файле Text format of the public key in one PEM file Открытый ключ в текстовом формате PEM Binary DER format of the public key Открытый ключ в двоичном формате DER Unencrypted private key in text format Закрытый ключ в тектовом формате без пароля OpenSSL specific encrypted private key in text format Закрытый ключ в тектовом формате OpenSSL без пароля Unencrypted private key in binary DER format Закрытый ключ в двоичном формате DER без пароля Unencrypted private key in PKCS#8 text format Закрытый ключ в текстовом формате PKCS#8 без пароля Encrypted private key in PKCS#8 text format Закрытый ключ в текстовом формате PKCS#8 с паролем The public key encoded in SSH2 format Открытый ключ в формате SSH2 OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool Список сертификатов в тектовом формате OpenSSL, который создаётся командой 'ca', необходимый для OCSP vCalendar expiry reminder for the selected items Напоминание об окончании срока для выбранных сертификатов в формате vCalendar vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL Напоминание об окончании срока для всех сертификатов ЦС и CRL в формате vCalendar Private key in Microsoft PVK format not encrypted Закрытый ключ в формате Microsoft PVK без пароля Encrypted private key in Microsoft PVK format Закрытый ключ в формате Microsoft PVK с паролем The file: '%1' already exists! Файл '%1' уже существует! Overwrite Перезаписать Do not overwrite Не перезаписывать Form last update next update Days Дней Months Месяцев Years Лет Apply Применить Midnight Начинать с полуночи Local time По местному времени No well-defined expiration Конечный срок не определён Help << << >> >> &Done &Готово ImportMulti Details Показать сведения Import &All Импортировать &всё &Import &Импортировать &Done &Готово Details of the item '%1' cannot be shown Невозможно отобразить сведения о '%1' The type of the item '%1' is not recognized Тип элемента '%1' невозможно определить The file '%1' did not contain PKI data В файле '%1' данных PKI не обнаружено The %1 files: '%2' did not contain PKI data %1 файла(ов) не содержали данных PKI: '%2' Import PKI Items Импортировать элементы PKI &Remove from list &Удалить из списка Delete from token Удалить из модуля защиты Rename on token Переименовать в модуле защиты Name: %1 Model: %2 Serial: %3 Название: %1 Модель: %2 Серийный номер: %3 Manage security token Управление модулями защиты ItemProperties Name Внутреннее имя Source Источник Insertion date Дата добавления Comment Комментарий KeyDetail Available Известна Not available Неизвестна Name Внутреннее имя The internal name of the key used by xca Внутреннее имя ключа Keysize Длина ключа Private Exponent Закрытая экспонента Security Token Модуль защиты Label Название PKCS#11 ID Идентификатор PKCS#11 Token information Сведения о модуле защиты Model Модель Fingerprint Отпечаток Comment Комментарий Public Exponent Открытая экспонента Modulus Модуль Sub prime Полупростое Public key Открытый ключ Private key Закрытый ключ Security token Модуль защиты Manufacturer Изготовитель Serial Серийный номер Key Ключ Token Модуль защиты Curve name Эллиптическая кривая Details of the %1 key Сведения о ключе %1 Security token ID:%1 ID модуля защиты:%1 Unknown key Неизвестный ключ KeyTreeView Clipboard format Change password Изменить пароль Reset password Сбросить пароль Change PIN Изменить PIN Init PIN with SO PIN (PUK) Инициализировать PIN при помощи SO PIN (PUK) Change SO PIN (PUK) Изменить SO PIN (PUK) Security token Модуль защиты This is not a token Это не модуль защиты Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable Заменить ли исходный ключ '%1' на ключ в модуле защиты? Ключ '%1' будет безвозвратно удалён Export public key [%1] Экспортировать открытый ключ [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Закрытые ключи ( *.pem *.der *.pk8 );; Открытые ключи SSH ( *.pub ) MainWindow Password Пароль Password verify error, please try again Неверный пароль, попробуйте еще раз &Close DataBase &Закрыть базу данных &Content &Справка &File &Файл Recent DataBases Недавно открытые базы данных System Язык системы Croatian Хорватский English Английский French Французский German Немецкий Japanese Японский Russian Русский Slovak Словацкий Spanish Испанский Persian Bulgarian Polish Польский Italian Итальянский Chinese Китайский Dutch Нидерландский Portuguese in Brazil Бразильский португальский Indonesian Turkish Турецкий Language Язык Open Remote DataBase Открыть сетевую базу данных Paste PEM file Вставить файл PEM Token Модуль защиты Extra Дополнительно &Export Certificate Index Экспортировать &список сертификатов &Export Certificate Index hierarchy Экспортировать &иерархию сертификатов OID Resolver Поиск OID &Help &Помощь New Password Новый Пароль The following error occurred: Произошла ошибка: Copy to Clipboard Копировать в буфер обмена Private Keys Закрытые ключи &New Key &Новый ключ &Export &Экспорт &Import &Импорт Import PFX (PKCS#12) Импорт PFX (PKCS#12) &Show Details &Показать сведения &Delete &Удалить Certificate signing requests Запросы на получение сертификата &New Request &Новый запрос Certificates Сертификаты &New Certificate &Новый сертификат Import &PKCS#12 Импорт &PKCS#12 Import P&KCS#7 Импорт P&KCS#7 Plain View В виде списка Templates Шаблоны &New Template &Новый шаблон Ch&ange Template Из&менить шаблон Revocation lists Списки отзыва сертификатов &New CRL &Новый CRL Database База данных The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. Выбранная в данный момент хэш-функция '%1' не надёжна. Пожалуйста, выберите хотя бы 'SHA 224' из соображений безопасности. Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Открываемая база данных сохранена в старом формате. Создаём запасную копию в файле '%1' и преобразуем базу данных в новый формат Failed to rename the database file, because the target already exists Не удалось переименовать файл базы данных, потому что файл с таким именем уже существует No deleted items found Нет удаленных записей Errors detected and repaired while deleting outdated items from the database. A backup file was created Во время удаления устаревших данных из базы данных были обнаружены и исправлены ошибки. Создана запасная копия базы данных Removing deleted or outdated items from the database failed. Во время удаления устаревших данных из базы данных произошла ошибка. &Dump DataBase &Сделать дамп базы данных &Import old db_dump &Импорт дампа базы данных &Undelete items &Восстановить удаленные элементы Options Настройки New DataBase Новая база данных Open DataBase Открыть базу данных Close DataBase Закрыть базу данных Keys Ключи Requests Запросы PKCS#12 PKCS#12 PKCS#7 PKCS#7 Template Шаблоны Revocation list Список отзыва сертификатов PEM file PEM файл Database dump ( *.dump );; All files ( * ) Дамп базы данных ( *.dump );; Все файлы ( * ) Import password Пароль при импорте Please enter the password of the old database Пожалуйста, введите пароль от старой базы данных Password verification error. Ignore keys ? Неверный пароль. Игнорировать ключи? Import anyway Импортировать всё равно I&mport И&мпорт Export Certificate &Index hierarchy Экспортировать &иерархию сертификатов Content Содержание About О программе Search Поиск Import PEM data Импортировать PEM данные Please enter the new SO PIN (PUK) for the token '%1' Пожалуйста, введите новый PIN SO (PUK) для модуля защиты '%1' The new label of the token '%1' Новое название модуля защиты '%1' Please enter the new password to encrypt your private keys in the database-file Пожалуйста, введите новый пароль для шифрования закрытых ключей в базе данных Please enter a password, that will be used to encrypt your private keys in the database file: %1 Пожалуйста, введите пароль для шифрования закрытых ключей в базе данных: %1 Please enter the password for unlocking the database: %1 Пожалуйста, введите пароль для разблокировки базы данных %1 Certificate Index ( index.txt ) Список сертификатов ( index.txt ) All files ( * ) Все файлы ( * ) Diffie-Hellman parameters saved as: %1 Параметры Диффи — Хеллмана сохранены в %1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits Параметры Диффи — Хеллмана нужны для других приложений, и не используются в XCA. Пожалуйста, введите желаемую длину параметров &New DataBase &Новая база данных &Open DataBase &Открыть базу данных &Init Security token &Инициализировать модуль защиты C&hange DataBase password Из&менить пароль базы данных Exit Выход no such option: %1 нет таких параметров: %1 Using or exporting private keys will not be possible without providing the correct password Использование или экспорт закрытых ключей будет невозможен без ввода правильного пароля Please enter the original SO PIN (PUK) of the token '%1' Пожалуйста, введите первоначальный PIN SO (PUK) для модуля защиты '%1' The token '%1' did not contain any keys or certificates Модуль защиты '%1' не содержит ни ключей, ни сертификатов Current Password Действующий пароль Please enter the current database password Пожалуйста, введите действующий пароль от базы данных The entered password is wrong Введённый пароль неверен Transaction start failed Не удалось начать транзакцию Database: %1 Please enter a password, that will be used to encrypt your private keys in the database: %1 Пожалуйста, введите пароль, который будет использован для зашифровки закрытых ключей в базе данных: %1 Error opening file: '%1': %2 Ошибка при открытии файла: '%1': %2 Generate DH parameter Сгенерировать параметры Диффи — Хеллмана Set as default DataBase Установить как базу данных по умолчанию &Token as translated in firefox for example &Модуль защиты &Manage Security token &Управление модулями защиты &Change PIN &Изменить PIN Change &SO PIN Изменить &SO PIN Init PIN Инициализировать PIN NewCrl Create CRL Новый CRL Days Дней Months Месяцев Years Лет Midnight Начинать с полуночи Local time По местному времени Apply Применить CRL number Порядковый номер CRL Hash algorithm Алгоритм подписи Authority key identifier Идентификатор ключа ЦС Subject alternative name Альтернативное имя субъекта Options Параметры Last update Последнее обновление Next update Следующее обновление Revocation reasons Указывать причину отзыва NewKey Please give a name to the new key and select the desired keysize Пожалуйста, введите название нового ключа и задайте длину ключа Key properties Параметры ключа Name Внутреннее имя Curve name Эллиптическая кривая Keysize Длина ключа Remember as default Использовать заданные здесь параметры по умолчанию The internal name of the new key Внутреннее имя нового ключа New Key Новый ключ Usually at least 2048 bit keys are recommended Обычно рекомендуется генерировать как минимум 2048-битные ключи Keytype Тип ключа Create Создать NewX509 Source Первоисточник Signing request Запрос на подпись Show request Показать запрос Sign this Certificate signing &request Подписать этот &запрос на подпись Copy extensions from the request Копировать расширения из запроса Signing Подписание Create a &self signed certificate with the serial Создать &самоподписанный сертификат с серийным номером If you leave this blank the serial 00 will be used Если оставить это поле пустым, будет использован серийный номер 00 1 1 All certificates in your database that can create valid signatures Все сертификаты в базе данных, которыми можно создать действительные подписи Signature algorithm Алгоритм подписи Template for the new certificate Шаблон для нового сертификата All available templates Все доступные шаблоны Internal Name Внутреннее имя Apply Применить Subject Субъект Create a &self signed certificate Создать &самозаверенный сертификат Use &this Certificate for signing вероятно, имеется в виду ЦС &Использовать этот сертификат для подписи Distinguished name Уникальное имя This name is only used internally and does not appear in the resulting certificate Это имя используется XCA и не оказывается в итоговом сертификате Internal name Внутреннее имя Add Добавить Delete Удалить Private key Закрытый ключ This list only contains unused keys Этот список содержит только неиспользованные ключи Used keys too Добавить в список использованные ключи &Generate a new key &Сгенерировать новый ключ Extensions Расширения Type Тип If this will become a CA certificate or not Это будет сертификат для ЦС или для конечного субъекта Not defined Не определен Certification Authority Центр Сертификации End Entity Конечный субъект Path length Длина цепочки How much CAs may be below this. Сколько ЦС может быть в цепочке. The basic constraints should always be critical Основные ограничения всегда должны быть отмечены критичными Key identifier Идентификотор ключа Creates a hash of the key following the PKIX guidelines Создаёт хэш ключа в соответствии с инструкциями PKIX Copy the Subject Key Identifier from the issuer Копировать идентификатор ключа субъекта у издателя Validity Период действия Not before Сертификат действителен с Not after Сертификат действителен по Time range Выбор периода Days Дней Months Месяцев Years Лет Set the time to 00:00:00 and 23:59:59 respectively Начало и конец - в полночь Midnight Начинать с полуночи Local time По местному времени URI: URI: Comment Комментарий can be altered by the file "aia.txt" может быть изменен в файле "aia.txt" Edit Редактировать DNS: IP: URI: email: RID: DNS: IP: URI: email: RID: Key usage Область применения ключа Netscape Netscape Create a &self signed certificate with a MD5-hashed QA serial Создать &самоподписанный сертификат с серийным номером хэшированным MD5 Create Certificate signing request Создать запрос на сертификат Create x509 Certificate Создать сертификат x509 Abort rollout Прервать The following length restrictions of RFC3280 are violated: Требования RFC3280 по длине нарушены: The internal name and the common name are empty. Please set at least the internal name. Поля "Внутреннее имя" и "Общее имя"пусты. Пожалуйста, укажите хотябы внутреннее имя. There is no Key selected for signing. Не выбран ключ для подписи. Continue rollout Продолжить The certificate will be out of date before it becomes valid. You most probably mixed up both dates. Срок действия сертификата истечёт до того, как он станет действительным. Скорее всего, даты перепутаны. Modify subject of the request Изменить субъекта в запросе Advanced Дополнительно Validate Проверить The verification of the Certificate request failed. The rollout should be aborted. Проверка запроса на подпись завершилась ошибкой. Необходимо отменить операцию. Continue anyway Продолжать всё равно No well-defined expiration Конечный срок не определён Edit name Изменить имя Select key Выберите ключ The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. Следующие уникальные имена пусты: %1 хотя они были объявлены обязательными в параметрах. Edit subject Изменить субъекта Edit dates Изменить даты The key you selected for signing is not a private one. Выбранный для подписи ключ не закрытый. Critical Критично Create XCA template Создать шаблон XCA Edit XCA template Редактировать шаблон XCA Template '%1' applied Применён шаблон %1 Subject applied from template '%1' Субъект подставлен из шаблона '%1' Extensions applied from template '%1' Расширения подставлены из шаблона '%1' New key '%1' created Создан новый ключ '%1' Select other signer Выберите другого издателя Select other key Выберите другой ключ The currently selected hash algorithm '%1' is insecure and should not be used. Выбранный алгоритм хэширования '%1' небезопасен и не должен использоваться. Select other algorithm Выбрать другой алгоритм Use algorithm anyway Всё равно использовать этот алгоритм The certificate will be earlier valid than the signer. This is probably not what you want. Срок действия сертификата начинается раньше срока действия издателя. Скорее всего, здесь ошибка. Adjust date and continue Скорректировать дату и продолжить The certificate will be longer valid than the signer. This is probably not what you want. Срок действия сертификата больше срока действия издателя. Скорее всего, здесь ошибка. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. Сертификат содержит недействительные либо дублированные расширения. Необходимо выполнить проверку во вкладке "Дополнительно". The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. У сертификата отсутствуют расширения. Вы можете подставить расширения из одного из шаблонов, чтобы определить назначение сертификата. The certificate contains invalid extensions. Edit extensions Редактировать расширения The subject alternative name shall contain a copy of the common name. However, the common name is empty. Поле "Альтернативное имя субъекта" должно быть скопировано из поля "Общее имя". Но поле "Общее имя" пусто. Apply extensions Применить расширения Apply subject Применить субъекта Apply all Применить всё minimum size: %1 минимальный размер: %1 maximum size: %1 максимальный размер: %1 only a-z A-Z 0-9 '()+,-./:=? только a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters только 7-битные символы From PKCS#10 request Из запроса PKCS#10 Other Tabs Другие вкладки Advanced Tab Вкладка "Дополнительно" Errors Ошибки Configfile error on line %1 Ошибкав кофигурационном файле в строке %1 OidResolver OID Resolver Поиск OID Enter the OID, the Nid, or one of the textual representations Введите OID, Nid, или одно из текстовых представлений Search Поиск OID OID Long name Полное название OpenSSL internal ID Внутренний ID OpenSSL Nid Nid Short name Краткое название OpenDb Dialog Поиск Open remote database Открыть сетевую базу данных Database type Тип базы данных Hostname Имя хоста Username Имя пользователя Password Пароль Database name Название базы данных Table prefix Префикс для таблиц No SqLite3 driver available. Please install the qt-sqlite package of your distribution Драйвер SqLite3 недоступен. Пожалуйста, установите пакет qt-sqlite вашего дистрибутива Please enter the password to access the database server %2 as user '%1'. Пожалуйста, введите пароль для доступа к серверу баз данных %2 от имени пользователя '%1'. The database driver does not support transactions. This may happen if the client and server have different versions. Continue with care. Драйвер сервера баз данных не поддерживает транзакции. Это может произойти, если сервер и клиент разных версий. Продолжайте с осторожностью. Options Mandatory subject entries Обязательные поля Add Добавить Delete Удалить Default hash algorithm Алгоритм подписи по-умолчанию Settings Настройки String types Типы строк Suppress success messages Не выводить сообщения об успешном выполнении Don't colorize expired certificates Не выделять цветом просроченные сертификаты Translate established x509 terms (%1 -> %2) Преобразовывать устоявшиеся поля x509 (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. Хэш-функции из модуля защиты не используются XCA. Однако можно ограничить используемые хэш-функции согласно модулю защиты. В-особенности с EC и DSA, которые в спецификации PKCS#11 определены с SHA1. Only use hashes supported by the token when signing with a token key При использовании модуля защиты применять только те хэш-функции, которые доступны в модуле Disable legacy Netscape extensions Отключить устаревшие расширения Netscape PKCS12 encryption algorithm Certificate expiry warning threshold Порог для уведомления об истечении срока действия Send vCalendar expiry reminder Отправить напоминание об окончании срока в формате vCalendar Serial number length Длина серийного номера bit бит Distinguished name Уникальное имя Explicit subject entries Явно заданные поля Dynamically arrange explicit subject entries Динамически отсортировать элементы Default По-умолчанию PKCS#11 provider Провайдер PKCS#11 Remove Удалить Search Поиск UTF8 strings only (RFC2459) Только строки UTF8 (RFC2459) Printable string or UTF8 (default) Печатаемые строки или UTF8 (по-умолчанию) PKIX recommendation in RFC2459 Рекоммендации PKIX из RFC2459 No BMP strings, only printable and T61 Без строк из BMP, только печатаемые и T61 All strings Все строки Days Дней Weeks Недель Load failed Ошибка при загрузке XCA Options Параметры XCA PwDialog Password Пароль Repeat %1 Повторите %1 %1 mismatch %1 не соответствуют Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters Шестнадцатеричный пароль должен содержать символы '0 '- '9' и 'a' - 'f' и должен состоять из четного числа символов Exit Выход E&xit &Выход The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) Пароль обрабатывается как 2-символьный шестнадцатеричный код, должен содержать символы '0 '- '9' и 'a' - 'f' и состоять из четного числа символов Take as HEX string Считать шестнадцатеричной строкой QMessageBox Close Закрыть Cancel Отменить Apply Применить Yes Да No Нет QObject PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK Keys ( *.pvk );; SSH Public Keys ( *.pub );; Ключи PKI ( *.pem *.der *.key );; Ключи PKCS#8 ( *.p8 *.pk8 );; Ключи Microsoft PVK ( *.pvk );; Открытые ключи SSH ( *.pub );; Import RSA key Импортировать RSA ключ PKCS#10 CSR ( *.pem *.der *.csr );; Запрос на сертификат PKCS#10 ( *.pem *.der *.csr );; Import Request Импортировать запрос Import X.509 Certificate Импортировать X.509 сертификат Import PKCS#7 Certificates Импортировать сертификат PKCS#7 Import PKCS#12 Private Certificate Импортировать закрытый сертификат PKCS#12 Import XCA Templates Импортировать шаблоны XCA Import Certificate Revocation List Импортировать CRL Open XCA Database Открыть базу данных XCA PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; SSH Public Keys ( *.pub );; Ключи PKI ( *.pem *.der *.key );; Ключи PKCS#8 ( *.p8 *.pk8 );; Открытые ключи SSH ( *.pub );; PKCS#10 CSR ( *.pem *.der *.csr );; Netscape Request ( *.spkac *.spc );; PKCS#10 CSR ( *.pem *.der *.csr );; Запрос Netscape ( *.spkac *.spc );; Certificates ( *.pem *.der *.crt *.cer );; Сертификаты ( *.pem *.der *.crt *.cer );; PKCS#7 data ( *.p7s *.p7m *.p7b );; Данные PKCS#7 ( *.p7s *.p7m *.p7b );; PKCS#12 Certificates ( *.p12 *.pfx );; Сертификаты PKCS#12 ( *.p12 *.pfx );; XCA templates ( *.xca );; Шаблоны XCA ( *.xca );; Revocation lists ( *.pem *.der *.crl );; Списки отзыва ( *.pem *.der *.crl );; XCA Databases ( *.xdb );; Базы данных XCA ( *.xdb );; PKCS#11 library ( *.dylib *.so );; Библиотека PKCS#11 ( *.dylib *.so );; PEM files ( *.pem );; Файлы PEM ( *.pem );; Load PEM encoded file Открыть файл PEM Invalid Неверный %1 is shorter than %2 bytes: '%3' %1 короче, чем %2 байт: '%3' %1 is longer than %2 bytes: '%3' %1 длиннее, чем %2 байт: '%3' All files ( * ) Все файлы ( * ) Undefined Неопределённый Broken / Invalid Испорчен / Недействителен in %1 seconds Через %1 секунд %1 seconds ago %1 секунд назад in %1 minutes Через %1 минут %1 minutes ago %1 минут назад Yesterday Вчера Tomorrow Завтра in %1 hours Через %1 часов %1 hours ago %1 часов назад DB: Rename: '%1' already in use DB: Rename: '%1' уже используется DB: Entry to rename not found: %1 DB: Не найдено значение для переименования: %1 PKCS#11 library ( *.dll );; Библиотека PKCS#11 ( *.dll );; PKCS#11 library ( *.so );; Библиотека PKCS#11 ( *.so );; Open PKCS#11 shared library Открыть библиотеку PKCS#11 DB: Write error %1 - %2 DB: Ошибка записи %1 - %2 Please enter the PIN on the PinPad Пожалуйста, введите PIN-код Please enter the SO PIN (PUK) of the token %1 Пожалуйста, введите SO PIN (PUK) модуля защиты %1 Please enter the PIN of the token %1 Пожалуйста, введите PIN-код модуля защиты %1 No Security token found Не найдено модулей защиты Out of Memory at %1:%2 Недостаточно памяти %1:%2 Out of data Нет данных Error finding endmarker of string Не найден символ конца строки Select Выберите Please enter the new SO PIN (PUK) for the token: '%1' Пожалуйста, введите новый PIN SO (PUK) для модуля защиты '%1' Please enter the new PIN for the token: '%1' Пожалуйста, введите новый PIN SO (PUK) для модуля защиты '%1' Required PIN size: %1 - %2 Требуемая длина PIN-кода: %1 - %2 Failed to open PKCS11 library: %1 Невозможно открыть библиотеку PKCS#11: %1 Invalid filename: %1 Недействительное имя файла: %1 Failed to open PKCS11 library: %1: %2 Невозможно открыть библиотеку PKCS#11 %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Это не похоже на библиотеку PKCS#11. Не найден символ 'C_GetFunctionList'. Disabled Отключено Library loading failed Загрузка библиотеки не удалась PKCS#11 function '%1' failed: %2 PKCS#11 функция '%1' завершилась ошибкой: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 PKCS#11 функция '%1' завершилась ошибкой: %2 в библиотеке %3 %4 Country code Код страны State or Province Республика, край, область Locality Город, поселок, село Organisation Организация Organisational unit Департамент, отдел Common name Общее имя E-Mail address Адрес электронной почты Serial number Серийный номер Given name Имя Surname Фамилия Title Звание Initials Инициалы Description Описание Role Должность Pseudonym Псевдоним Generation Qualifier трудно подобрать Именная приставка x500 Unique Identifier Уникальный идентификатор x500 Name Имя DN Qualifier трудно подобрать Информация для устранения неоднозначности Unstructured name трудно подобрать Произвольное имя Challenge password Пароль Basic Constraints Основные ограничения Subject alternative name Альтернативное название субъекта issuer alternative name Альтернативное название издателя Subject key identifier Идентификатор ключа субъекта Authority key identifier Идентификатор ключа ЦС Key usage Область применения ключа Extended key usage Расширенная область применения ключа CRL distribution points Адреса CRL Authority information access Доступ к информации о ЦС Certificate type Тип сертификата Base URL Основной URL Revocation URL URL отзывов CA Revocation URL URL отзывов ЦС Certificate renewal URL URL обновления сертификата CA policy URL URL на политики ЦС SSL server name Имя SSL сервера Comment Комментарий String '%1' for '%2' contains invalid characters Строка '%1' содержит неподходящие символы для '%2' Error reading config file %1 at line %2 Ошибка чтения файла настроек %1 в строке %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. Элемент '%1' из файла %2 на строке %3 уже известен как '%4:%5:%6' и должен быть удалён. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. Идентификатор '%1' OID %2 из файла %3 на строке %4 уже использован для другого OID '%5:%6:%7' и должен быть изменён во избежание конфликтов. Unknown object '%1' in file %2 line %3 Низвестный объект '%1' в файле %2 на строке %3 Failed to start a database transaction Не удалось начать транзакцию Index file written to '%1' Файл индекса сохранён как '%1' Index hierarchy written to '%1' Иерархия индекса сохранена как '%1' Unknown key type %1 Неизвестный тип ключа %1 Password verify error, please try again Неверный пароль, попробуйте еще раз The following error occurred: Произошла ошибка: Failed to update the database schema to the current version Password Пароль ReqTreeView Sign Подписать Unmark signed Отметить неподписанные Mark signed Отметить подписанные Similar Request Похожий запрос Certificate request export Экспорт запроса на сертификат Certificate request ( *.pem *.der *.csr ) Запрос на сертификат ( *.pem *.der *.csr ) RevocationList Manage revocations Управление отзывами Add Добавить Delete Удалить Edit Редактировать No. №. Serial Серийный номер Revocation Аннулирован Reason Причина Invalidation Недействительность Generate CRL Сгенерировать CRL Revoke Revocation details Сведения об отзыве Invalid since Недействителен с Local time По местному времени Certificate revocation Отзыв сертификата Revocation reason Причина отзыва Serial Серийный номер SearchPkcs11 Dialog Поиск Directory Папка ... ... Include subdirectories Включая подпапки Search Поиск The following files are possible PKCS#11 libraries Ниже приведён список файлов, которые могут быть библиотеками провайдеров PKCS#11 SelectToken Select Token Выберите Токен Security token Модуль защиты Please select the security token Пожалуйста, выберите модуль защиты TempTreeView Duplicate Дублировать Create certificate Создать сертификат Create request Создать запрос copy копировать Preset Template values Взять значения из шаблона Template export XCA Templates ( *.xca ) TrustState Certificate trust Доверие к сертификату Trustment Доверие &Never trust this certificate &Никогда не доверять этому сертификату Only &trust this certificate, if we trust the signer Доверять этому сертификату &только, если есть доверие к подписавшему &Always trust this certificate &Всегда доверять этому сертификату Validity yyyy-MM-dd hh:mm гггг-ММ-дд чч:мм X509SuperTreeView OpenSSL config Конфигурация OpenSSL Transform Преобразовать Template Шаблон Public key Открытый ключ Save as OpenSSL config Сохранить конфигурацию OpenSSL Config files ( *.conf *.cnf);; All files ( * ) Файлы настроек ( *.conf *.cnf );; Все файлы ( * ) XFile Error opening file: '%1': %2 Ошибка при открытии файла: '%1': %2 Error rewinding file: '%1': %2 XcaTreeView Subject entries Поля субъекта X509v3 Extensions Расширения X509v3 Netscape extensions Расширения Netscape Key properties Параметры ключа Reset Сбросить Remove Column Убрать колонку Item properties Свойства элемента Hide Column Спрятать колонку Details Сведения Columns Колонки New Новый Import Импорт Paste PEM data Вставить данные PEM Rename Переименовать Properties Свойства Delete Удалить Export Экспорт Clipboard Буфер обмена File Файл database_model Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Открываемая база данных сохранена в старом формате. Создаём запасную копию в файле '%1' и преобразуем базу данных в новый формат Failed to rename the database file, because the target already exists Не удалось переименовать файл базы данных, потому что файл с таким именем уже существует Please enter the password to access the database server %2 as user '%1'. Пожалуйста, введите пароль для доступа к серверу баз данных %2 от имени пользователя '%1'. Unable to create '%1': %2 Невозможно создать '%1': %2 The file '%1' is not an XCA database Файл '%1' не является базой данных XCA No SqLite3 driver available. Please install the qt-sqlite package of your distribution Драйвер SqLite3 недоступен. Пожалуйста, установите пакет qt-sqlite вашего дистрибутива New Password Новый Пароль Please enter a password, that will be used to encrypt your private keys in the database: %1 Пожалуйста, введите пароль, который будет использован для зашифровки закрытых ключей в базе данных: %1 Password Пароль Please enter the password for unlocking the database: %1 Пожалуйста, введите пароль для разблокировки базы данных %1 db_base Internal name Внутреннее имя Bad database item Name: %1 Type: %2 Size: %3 %4 Плохой элемент базы данных Имя: %1 Тип: %2 Размер: %3 %4 Do you want to delete the item from the database? The bad item may be extracted into a separate file. Удалить элемент из базы данных? Плохой элемент можно извлечь в отдельный файл. Delete Удалить Delete and extract Удалить и извлечь Continue Продолжить Error opening file: '%1': %2 Ошибка при открытии файла: '%1': %2 No. №. Primary key Первичный ключ Database unique number Уникальный номер в базе данных Date Дата Date of creation or insertion Дата создания или добавления Source Источник Generated, Imported, Transformed Сгенерировано, Импортировано, Преобразовано Comment Комментарий First line of the comment field Первая строчка поля комментария Import from: %1 Импортировать из %1 Could not create directory %1 Не удалось создать папку '%1' Item properties Свойства элемента How to export the %1 selected items Как экспортировать %1 выбранных элементов All in one PEM file Все в один PEM файл Each item in one file Каждый в свой файл Save %1 items in one file as Сохранить %1 элементов в одном файле как PEM files ( *.pem );; All files ( * ) Файлы PEM ( *.pem );; Все файлы ( * ) db_crl Signer Подписавший Internal name of the signer Внутреннее имя подписавего No. revoked Кол. отозванных Number of revoked certificates Количество отозванных сертификатов Last update Последнее обновление Next update Следующее обновление CRL number Кол. отозванных CRL ( *.pem *.der *.crl ) Списки отзыва ( *.pem *.der *.crl );; There are no CA certificates for CRL generation Нет ЦС для генерирования CRL Select CA certificate Выберите сертификат ЦС Create CRL Создать CRL Failed to initiate DB transaction Не удалось начать транзакцию в БД Database error: %1 Ошибка БД: %1 Database error: Ошибка БД: Revocation list export Экспорт списка отзывов The revocation list already exists in the database as: '%1' and so it was not imported Список отзывов уже существует в базе данных: '%1' и поэтому не был импортирован db_key Key size too small ! Слишком маленькая длина ключа! Type Тип Size Длина EC Group Группа EC Use Использован Password Пароль Extending public key from %1 by imported key '%2' Дополняем открытый ключ %1 импортированным ключом '%2' Clipboard Буфер обмена Export public key [%1] Экспортировать открытый ключ [%1] PEM public Открытый ключ PEM DER public Открытый ключ DER SSH2 public Открытый ключ SSH2 DER private Закрытый ключ DER PEM encryped Зашифрованный PEM PEM private Закрытый ключ PEM SSH2 private Закрытый ключ SSH2 Export keys to Clipboard Экспортировать ключи в буфер обмена PVK private Закрытый ключ PVK PVK encrypted Зашифрованный PVK PKCS#8 encrypted Зашифрованный PKCS#8 Export private key [%1] Экспортировать закрытый ключ [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Закрытые ключи ( *.pem *.der *.pk8 );; Открытые ключи SSH ( *.pub ) Internal error Внутренняя ошибка Tried to change password of a token Попытка изменить пароль модуля защиты The key is already in the database as: '%1' and is not going to be imported Ключ уже существует в базе данных: '%1' и поэтому не был импортирован The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key Открытый ключ уже существует в базе данных: '%1' и будет дополнен закрытой частью ключа You are sure to create a key of the size: %1 ? Вы уверены, что хотите создать ключ длиной %1 ? db_temp Type Тип Nothing Ничего Empty template Пустой шаблон Preset Template values Взять значения из шаблона Save template as Сохранить шаблон как XCA templates ( *.xca );; All files ( * ) XCA шаблоны ( *.xca );; Все файлы ( * ) Bad template: %1 Неправильный шаблон: %1 db_x509 Serial Серийный номер Trust state Состояние доверия Revocation Аннулирован Expiry date Действителен до reflects the basic Constraints extension отражает расширение основных настроек Start date Действителен с CRL Expiration CRL действителен до Plain View В виде списка Tree View В виде дерева Failed to retrieve unique random serial Не удалось получить уникальный случайный серийный номер Signed on %1 by '%2' Подписан %1 '%2' Unknown Неизвестный Invalid public key Недействительный открытый ключ PKCS#7 unrevoked Неотозванные PKCS#7 vCalendar vCalendar CA vCalendar ЦС vCalendar X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) Сертификаты X509 ( *.pem *.cer *.crt *.p12 *.p7b ) No template Нет шаблона Please enter the new hexadecimal secret number for the QA process. Пожалуйста, введите новое секретное шестнадцатеричное число для QA. The QA process has been terminated by the user. Процесс QA был прерван пользователем. The key you selected for signing is not a private one. Выбранный для подписи ключ не закрытый. CA ЦС MD5 fingerprint Отпечаток MD5 SHA1 fingerprint Отпечаток SHA1 SHA256 fingerprint Отпечаток SHA256 Failed to create directory '%1' Не удалось создать папку '%1' PKCS#7 chain Цепочка PKCS#7 PKCS#12 chain Цепочка PKCS#12 PKCS#7 trusted Доверенный PKCS#7 PKCS#7 all Всё PKCS#7 PEM unrevoked Неотозванные PEM Certificate Index file Файл списка сертификатов Certificate export Экспортировать сертификат X509 Certificates ( *.pem *.cer *.crt *.p12 *.p7b ) Сертификаты X509 ( *.pem *.cer *.crt *.p12 *.p7b ) Not possible for a token key: '%1' Невозможно для модуля защиты: '%1' Error opening file: '%1': %2 Ошибка при открытии файла: '%1': %2 days дней The certificate already exists in the database as: '%1' and so it was not imported Сертификат уже существует в базе данных: '%1' и поэтому не был импортирован Not before Сертификат действителен с Not after Сертификат действителен по PEM chain Цепочка PEM PEM + key PEM + ключ PEM trusted Доверенный PEM PEM all Всё PEM There was no key found for the Certificate: '%1' Для сертификата '%1' не был найден ключ Not possible for the token-key Certificate '%1' Невозможно для сертификата модуля защиты: '%1' Store the certificate to the key on the token '%1 (#%2)' ? Сохранить сертификат ключа в модуле защиты '%1 (#%2)'? db_x509name Subject Субъект Complete distinguished name Полное уникальное имя Subject hash Хэш субъекта Hash to lookup certs in directories Хэш для поиска сертификатов в директориях db_x509req Challenge password Пароль Certificate request export Экспорт запроса на сертификат Certificate request ( *.pem *.der *.csr ) Запрос на сертификат ( *.pem *.der *.csr ) Signed Подписанный whether the request is already signed or not запрос подписан или нет Unstructured name Произвольное имя Certificate count Количество сертификатов Number of certificates in the database with the same public key Количество сертификатов в базе данных с одинаковым открытым ключом The certificate signing request already exists in the database as '%1' and thus was not stored Запрос на подпись уже существует в базе данных: '%1' и поэтому не был импортирован db_x509super Key name Имя ключа Internal name of the key Внутреннее имя ключа Signature algorithm Алгоритм подписи Key type Тип ключа Key size Длина ключа EC Group Группа EC Extracted from %1 '%2' Извлечено из %1 '%2 Certificate Сертификат Certificate request Запрос на сертификат Save as OpenSSL config Сохранить конфигурацию OpenSSL Config files ( *.conf *.cnf);; All files ( * ) Файлы настроек ( *.conf *.cnf );; Все файлы ( * ) The following extensions were not ported into the template Следующие расширения не были перенесены в шаблон Transformed from %1 '%2' Преобразован из %1 '%2' kvView Type Тип Content Содержание pass_info Password Пароль PIN для единообразия PIN-код pkcs11_lib Failed to open PKCS11 library: %1: %2 Невозможно открыть библиотеку PKCS#11 %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Это не похоже на библиотеку PKCS#11. Не найден символ 'C_GetFunctionList'. pki_base Error opening file: '%1': %2 Ошибка при открытии файла: '%1': %2 Error writing to file: '%1': %2 Ошибка при записи в файл: '%1': %2 Unknown Неизвестный Imported Импортирован Generated Сгенерирован Transformed Преобразован Token Модуль защиты Legacy Database База данных в старом формате Renewed Продлён Property '%1' not listed in 'pki_base::print' Свойство '%1' не числится в 'pki_base::print' Error: Ошибка: Internal error: Unexpected message: %1 %2 Внутренняя ошибка: Неожиданное сообщение: %1 %2 pki_crl No issuer given Не указан издатель unknown неизвестный Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. Не удается загрузить список отзыва сертификатов из файла %1. Формат файла, содержащий CRL, должен быть PEM или DER. Successfully imported the revocation list '%1' Список отзыва '%1' импортирован успешно Delete the revocation list '%1'? Удалить список отзыва '%1'? Successfully created the revocation list '%1' Список отзыва '%1' создан успешно Delete the %1 revocation lists: %2? Удалить %1 списки отзыва: %2? Wrong Size %1 Неправильный размер %1 CRL Renewal of CA '%1' due Срок обновления CRL для ЦС '%1' The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' Срок действия новейшего CRL ЦС '%1' истечёт %2. Он сохранён в базе данных '%3' Renew CRL: %1 Продлить CRL %1 The XCA CRL '%1', issued on %3 will expire on %4. It is stored in the XCA database '%5' Срок действия выпущенного %3 XCA CRL '%1' истечёт %4. Он сохранён в базе данных '%5' pki_evp Failed to decrypt the key (bad password) Не удалось расшифровать ключ (неверный пароль) Password input aborted Ввод пароля прерван Please enter the password to protect the private key: '%1' Пожалуйста, введите пароль для защиты закрытого ключа '%1' Please enter the password to decrypt the private key. Пожалуйста, введите пароль для расшифровки закрытого ключа. Please enter the password to decrypt the private key %1. Пожалуйста, введите пароль для расшифровки закрытого ключа %1. The key from file '%1' is incomplete or inconsistent. Ключ из файла '%1' либо неполный, либо ошибочный. Please enter the password to decrypt the private key from file: %1 Пожалуйста, введите пароль для расшифровки закрытого ключа из файла: %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. Не удалось загрузить закрытый ключ из файла %1. Испробованные форматы: PEM, DER закрытый, открытый, ключи типа PKCS#8 и SSH2. Ignoring unsupported private key Неподдерживаемый закрытый ключ проигнорирован Please enter the password to decrypt the private key: '%1' Пожалуйста, введите пароль для расшифровки закрытого ключа: '%1' Please enter the database password for encrypting the key Пожалуйста, введите пароль к базе данных для шифрования ключа Please enter the password protecting the PKCS#8 key '%1' Пожалуйста, введите пароль для защиты PKCS#8 ключа '%1' Please enter the password protecting the Microsoft PVK key '%1' Пожалуйста, введите пароль для защиты ключа Microsoft PVK '%1' Please enter the export password for the private key '%1' Пожалуйста, введите пароль для экспорта закрытого ключа '%1' Please enter the database password for decrypting the key '%1' Пожалуйста, введите пароль к базе данных для расшифровки ключа '%1' pki_export PEM Text format with headers Текстовый PEM формат с заголовками Concatenated list of all selected items in one PEM text file Все выбранные элементы в одном PEM файле PEM chain Цепочка PEM Concatenated text format of the complete certificate chain in one PEM file Вся цепочка сертификации в одном PEM файле PEM + key PEM + ключ Concatenation of the certificate and the unencrypted private key in one PEM file Сертификат и нешифрованный закрытый ключ в одном PEM файле Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Сертификат и зашифрованный закрытый ключ в одном PKCS#8 файле PKCS#7 encoded single certificate Отдельный сертификат в формате PKCS#7 All selected certificates encoded in one PKCS#7 file Все выбранные сертификаты в одном PKCS#7 файле PKCS #7 chain PKCS#7 encoded complete certificate chain Вся цепочка сертификации в формате PKCS#7 Binary DER encoded certificate PKCS #12 chain The complete certificate chain and the private key as encrypted PKCS#12 file Вся цепочка сертификатов и закртый ключ в зашифрованном PKCS#12 файле PKCS #12 The certificate and the private key as encrypted PKCS#12 file Сертификат и закрытый ключ в зашифрованном PKCS#12 файле Certificate Index file Файл списка сертификатов OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool Список сертификатов в тектовом формате OpenSSL, который создаётся командой 'ca', необходимый для OCSP vCalendar vCalendar vCalendar expiry reminder for the selected items Напоминание об окончании срока для выбранных сертификатов в формате vCalendar CA vCalendar ЦС vCalendar vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL Напоминание об окончании срока для всех сертификатов ЦС и CRL в формате vCalendar PEM public Открытый ключ PEM Text format of the public key in one PEM file Открытый ключ в текстовом формате PEM PEM private Закрытый ключ PEM Unencrypted private key in text format Закрытый ключ в тектовом формате без пароля PEM encrypted OpenSSL specific encrypted private key in text format Закрытый ключ в тектовом формате OpenSSL без пароля SSH2 private Закрытый ключ SSH2 SSH2 public Открытый ключ SSH2 The public key encoded in SSH2 format Открытый ключ в формате SSH2 DER public Открытый ключ DER Binary DER format of the public key Открытый ключ в двоичном формате DER DER private Закрытый ключ DER Unencrypted private key in binary DER format Закрытый ключ в двоичном формате DER без пароля PVK private Закрытый ключ PVK Private key in Microsoft PVK format not encrypted Закрытый ключ в формате Microsoft PVK без пароля PVK encrypted Зашифрованный PVK Encrypted private key in Microsoft PVK format Закрытый ключ в формате Microsoft PVK с паролем PKCS #8 encrypted Encrypted private key in PKCS#8 text format Закрытый ключ в текстовом формате PKCS#8 с паролем PKCS #8 Unencrypted private key in PKCS#8 text format Закрытый ключ в текстовом формате PKCS#8 без пароля Binary DER format of the certificate request Binary DER format of the revocation list vCalendar reminder for the CRL expiry date XCA template in PEM-like format All selected XCA templates in PEM-like format pki_key Successfully imported the %1 public key '%2' Открытый ключ %1 '%2' импортирован успешно Delete the %1 public key '%2'? Удалить открытый ключ %1 '%2'? Successfully imported the %1 private key '%2' Закрытый ключ %1 '%2' импортирован успешно Delete the %1 private key '%2'? Удалить закрытый ключ %1 '%2'? Successfully created the %1 private key '%2' Закрытый ключ %1 '%2' создан успешно Delete the %1 keys: %2? Удалить ключ %1: %2? Public key Открытый ключ Common Общий Private Закрытый Bogus Поддельный No password Без пароля Unexpected SSH2 content: '%1' Неожиданное содержимое SSH2: '%1' Invalid SSH2 public key Недействительный открытый ключ SSH2 Failed writing to %1 Ошибка записи в %1 PIN PIN-код pki_multi Seek failed Ошибка позиционирования No known PEM encoded items found Не найдено PEM элементов pki_pkcs12 Please enter the password to encrypt the PKCS#12 file Пожалуйста, введите пароль для защиты файла PKCS#12 No key or no Cert and no pkcs12 Нет ключа, нет Сертификата, нет PKCS#12 Unable to load the PKCS#12 (pfx) file %1. Не удалось загрузить PKCS#12 (pfx) файл %1. Please enter the password to decrypt the PKCS#12 file: %1 Пожалуйста, введите пароль для расшифровки файла PKCS#12: %1 The supplied password was wrong (%1) Введённый пароль неверен (%1) pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. Не удалось загрузить PKCS#7 файл %1. Формат файла должен быть PEM или DER. pki_scard This Key is already on the token Этот ключ уже есть в модуле защиты Unable to find copied key on the token Не удалось найти ключ в модуле защиты Public Key mismatch. Please re-import card Ошибка открытого ключа. Пожалуйста, импортируйте карту снова Unable to find generated key on card Не удалось найти сгенерированный ключ на карте Failed to find the key on the token Не удалось найти ключ в модуле защиты Invalid Pin for the token Введён неверный PIN-код для модуля защиты Delete the private key '%1' from the token '%2 (#%3)' ? Удалить закрытый ключ '%1' из модуля защиты '%2 (#%3)'? Successfully imported the token key '%1' Ключ '%1' импортирован успешно из модуля защиты Delete the token key '%1'? Удалить ключ '%1' из модуля защиты? Successfully created the token key '%1' Ключ '%1' создан успешно в модуле защиты Delete the %1 keys: %2? Удалить ключи %1: %2? PIN input aborted Ввод PIN-кода прерван Please insert card: %1 %2 [%3] with Serial: %4 Пожалуйста, вставьте карту %1 %2 [%3] с серийным номером %4 Illegal Key generation method Недопустимый способ генерирования ключа Ignoring unsupported token key Неподдерживаемый ключ в модуле защиты проигнорирован Wrong Size %1 Неправильный размер %1 Token %1 Модуль защиты %1 Failed to initialize the key on the token Не удалось инициализировать ключ в модуле защиты pki_temp Template file content error (too small): %1 Содержимое файла шаблона ошибочно (слишком мал) :%1 Wrong Size %1 Неправильный размер %1 Successfully imported the XCA template '%1' Шаблон XCA '%1' ипортирован успешно Delete the XCA template '%1'? Удалить шаблон XCA '%1'? Successfully created the XCA template '%1' Шаблон XCA '%1' создан успешно Delete the %1 XCA templates: %2? Удалить %1 шаблоны XCA: %2? Template file content error (too small) Содержимое файла шаблона ошибочно (слишком мал) Template file content error (bad size) Содержимое файла шаблона ошибочно (неверный размер) Not a PEM encoded XCA Template Не шаблон XCA в формате PEM Not an XCA Template, but '%1' Не шаблон XCA, а '%1' pki_x509 Successfully imported the certificate '%1' Сертификат '%1' импортирован успешно Delete the certificate '%1'? Удалить сертификат '%1'? Successfully created the certificate '%1' Сертификат '%1' создан успешно Delete the %1 certificates: %2? Удалить %1 сертификатов: %2? Delete the certificate '%1' from the token '%2 (#%3)'? Удалить сертификат '%1' из модуля защиты '%2 (#%3)'? Renew certificate: %1 Продлить сертификат %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' Срок действия выпущенного %2 XCA сертификата '%1' истечёт %3. Он сохранён в базе данных '%4' Not trusted Не доверенный Trust inherited Доверие унаследовано Always Trusted Всегда доверять No Нет Yes Да There is no key for signing ! Не выбран ключ для подписи! Unable to load the certificate in file %1. Tried PEM and DER certificate. Не удалось загрузить сертификат из файла %1. Испробованные форматы: PEM и DER. This certificate is already on the security token Этот сертификат уже есть в модуле защиты Wrong Size %1 Неправильный размер %1 pki_x509req Signing key not valid (public key) Ключ для подписи не действителен (открытый ключ) Successfully imported the %1 certificate request '%2' Запрос %1 '%2' импортирован успешно Delete the %1 certificate request '%2'? Удалить запрос %1: %2? Successfully created the %1 certificate request '%2' Запрос на сертификат %1 '%2' создан успешно Delete the %1 certificate requests: %2? Удалить запрос %1: %2? Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. Не удлось загрузить запрос на подпись из файла %1. Испробованные форматы: PEM, DER и SPKAC. Signed Подписан Unhandled Не обработан Wrong Size %1 Неправильный размер %1 v3ext Copy Common Name Копировать общее имя Add Добавить Delete Удалить Apply Применить Validate Проверить Cancel Отменить Validation successful: '%1' Проверка успешна: '%1' An email address or 'copy' Адрес электронной почты или 'copy' An email address Адрес электронной почты a registered ID: OBJECT IDENTIFIER зарегистрированный ID: OBJECT IDENTIFIER a uniform resource indicator унифицированный идентификатор ресурса a DNS domain name DNS имя домена an IP address IP адрес No editing. Only 'copy' allowed here Редактирование запрещено. Разрешено только копирование Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' Синтаксис: <OID>;TYPE:text like '1.2.3.4:UTF8:name' A registered ID: OBJECT IDENTIFIER Зарегистрированный идентификатор A uniform resource indicator Унифицированный идентификатор ресурса A DNS domain name or 'copycn' DNS имя домена или 'copycn' A DNS domain name DNS имя домена An IP address IP адрес Validation failed: '%1' %2 Проверка завершилась ошибкой: '%1' %2 xcaWarning The following error occurred: Произошла ошибка: Copy to Clipboard Копировать в буфер обмена xcaWarningGui Copy to Clipboard Копировать в буфер обмена xca-RELEASE.2.5.0/lang/xca_sk.ts000066400000000000000000006313241450407711300161240ustar00rootroot00000000000000 CaProperties CA Properties Vlastnosti CA Form Days until next CRL issuing Dní do nasledujúceho vydania CRL Default template Predvolená šablóna CertDetail Details of the Certificate Podrobnosti certifikátu Serial Sériové číslo The serial number of the certificate Sériové číslo certifikátu The internal name of the certificate in the database Interný názov certifikátu v databáze Status Stav Internal name Interný názov Signature Podpis Key Kľúč Fingerprints Odtlačky MD5 MD5 An md5 hashsum of the certificate Odtlačok certifikátu MD5 SHA1 SHA1 A SHA-1 hashsum of the certificate Odtlačok certifikátu SHA-1 SHA256 SHA256 A SHA-256 hashsum of the certificate Odtlačok certifikátu SHA-256 Validity Platnosť The time since the certificate is valid Čas odkedy je certifikát platný The time until the certificate is valid Čas dokedy je certifikát platný Subject Predmet Issuer Vydavateľ Extensions Rozšírenia Comment Komentár Attributes Atribúty Show config Zobraziť konfiguráciu Show extensions Zobraziť rozšírenia Show public key Zobraziť verejný kľúč This key is not in the database. Tento kľúč nie je v databáze. Not available Nedostupné Signer unknown Neznámy podpis Self signed Sebou podpísaný Revoked at %1 Odvolaný %1: Not valid Neplatný Valid Platný Details of the certificate signing request Podrobnosti žiadosti o podpísanie certifikátu CertExtend Certificate renewal Obnovenie certifikátu This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. Týmto vytvoríte nový certifikát ako kópiu starého s novým sériovým číslom a novými hodnotami platnosti. Validity Platnosť Not before Nie pred Not after Nie po Time range Časový rozsah Local time Lokálny čas Days Dni Months Mesiace Years Roky No well-defined expiration Bez vypršania Midnight Polnoc Apply Použiť Revoke old certificate Odvolať starý certifikát Replace old certificate Keep serial number Zachovať sériové číslo The certificate will be earlier valid than the signer. This is probably not what you want. Certifikát bude platný skôr ako jeho vydavateľ. To asi nie je to, čo chcete. Edit dates Upraviť dátumy Abort rollout Prerušiť operáciu Continue rollout Pokračovať v operácii Adjust date and continue Opraviť dátum a pokračovať The certificate will be longer valid than the signer. This is probably not what you want. Certifikát bude platný dlhšie ako jeho vydavateľ. To asi nie je to, čo chcete. CertTreeView Import PKCS#12 Import PKCS#12 Import from PKCS#7 Importovať z PKCS#7 Request Žiadosť Security token Bezpečnostný token Other token Iný token Similar Certificate Podobný certifikát Delete from Security token Odstrániť z Bezpečnostného tokenu CA CA Properties Vlastnosti Generate CRL Generovať CRL Manage revocations Spravovať odvolania Renewal Obnoviť Revoke Odvolať Unrevoke Zrušiť odvolanie Plain View Prosté zobrazenie Tree View Stromové zobrazenie days dní No template Bez šablóny CA Properties Vlastnosti CA Certificate export Export certifikátu X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) Certifikáty X509 ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) ClickLabel Double click for details Dvojklikom podrobnosti CrlDetail Details of the Revocation list Podrobnosti CRL &Status &Stav Version Verzia Signature Podpis Signed by Podpísal Name Názov The internal name of the CRL in the database Interný názov CRL v databáze issuing dates Dátumy vydania Next update Nasled. aktualizácia Last update Posledná aktualizácia &Issuer &Vydavateľ &Extensions &Rozšírenia &Revocation list Zoznam &odvolaných Comment Komentár Failed Zlyhalo Unknown signer Neznámy podpis Verification not possible Overenie nemožné CrlTreeView There are no CA certificates for CRL generation Neexistujú certifikáty CA na generovanie CRL Select CA certificate Vyberte certifikát CA Revocation list export Export Zoznamu odvolaných CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) ExportDialog Name Názov The internal name of the CRL in the database Interný názov CRL v databáze ... Filename Meno súboru Export comment into PEM file Exportovať komentáre do súboru PEM Export Format Formát exportu All files ( * ) Všetky súbory (*) PEM Text format with headers Textový formát PEM s hlavičkami Concatenated list of all selected items in one PEM text file Zlúčený zoznam zvolených položiek v jednom textovom súbore PEM Concatenated text format of the complete certificate chain in one PEM file Zlúčený textový formát úplnej reťaze certifikátu v jednom súbore PEM Concatenated text format of all certificates in one PEM file Zlúčený textový formát všetkých certifikátov v jednom súbore PEM Binary DER encoded file Binárne kódovaný súbor DER PKCS#7 encoded single certificate PKCS#7 kódovaný jeden certifikát PKCS#7 encoded complete certificate chain PKCS#7 kódovaná úplná reťaz certifikátov Concatenated text format of all unrevoked certificates in one PEM file Zlúčený textový formát všetkých dôveryhodných certifikátov v jednom súbore PEM All unrevoked certificates encoded in one PKCS#7 file Všetky neodvolané certifikáty kódované v jednom súbore PKCS#7 All selected certificates encoded in one PKCS#7 file Všetky zvolené certifikáty kódované v jednom súbore PKCS#7 All certificates encoded in one PKCS#7 file Všetky certifikáty kódované v jednom súbore PKCS#7 The certificate and the private key as encrypted PKCS#12 file Certifikát a súkromný kľúč ako šifrovaný súbor PKCS#12 The complete certificate chain and the private key as encrypted PKCS#12 file Úplná reťaz certifikátu a súkromný kľúč ako šifrovaný súbor PKCS#12 Concatenation of the certificate and the unencrypted private key in one PEM file Spojenie certifikátu a nešifrovaného súkromného kľúča v jednom súbore PEM Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Spojenie certifikátu a šifrovaného súkromného kľúča v jednom súbore PKCS#8 Text format of the public key in one PEM file Textový formát verejného kľúča v súbore PEM Binary DER format of the public key Binárny formát DER verejného kľúča Unencrypted private key in text format Nešifrovaný súkromný kľúč v textovom formáte OpenSSL specific encrypted private key in text format Šifrovaný súkromný kľúč v textovom formáte (špecifický pre OpenSSL) Unencrypted private key in binary DER format Nešifrovaný súkromný kľúč v binárnom formáte DER Unencrypted private key in PKCS#8 text format Nešifrovaný súkromný kľúč v textovom formáte PKCS#8 Encrypted private key in PKCS#8 text format Šifrovaný súkromný kľúč v textovom formáte PKCS#8 The public key encoded in SSH2 format Verejný kľúč kódovaný vo formáte SSH2 OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool Súbor indexu certifikátov, špecifický pre OpenSSL, vytvorený ako príkazom „ca” a vyžadovaný nástrojom OCSP vCalendar expiry reminder for the selected items Pripomienka vCalendar vypršania platnosti zvolených položiek vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL Pripomienka vCalendar vypršania platnosti všetkých vydaných, platných certifikátov, samotnej CA i posledného CRL Private key in Microsoft PVK format not encrypted Súkromný kľúč vo formáte Microsoft PVK, nešifrovaný Encrypted private key in Microsoft PVK format Šifrovaný súkromný kľúč vo formáte Microsoft PVK The file: '%1' already exists! Súbor: „%1” už existuje! Overwrite Prepísať Do not overwrite Neprepísať Form last update next update Days Dni Months Mesiace Years Roky Apply Použiť Midnight Polnoc Local time Lokálny čas No well-defined expiration Bez vypršania Help << << >> >> &Done &Hotovo ImportMulti Import PKI Items Importovať položky PKI Import &All Importovať &všetky &Import &Importovať &Done &Hotovo &Remove from list Odstrániť zo zoznamu Details Podrobnosti Delete from token Odstrániť z tokenu Rename on token Premenovať token Name: %1 Model: %2 Serial: %3 Názov: %1 Model: %2 Sér. č.: %3 Manage security token Spravovať bezpečnostný token Details of the item '%1' cannot be shown Podrobnosti položky „%1” nemožno zobraziť The type of the item '%1' is not recognized Typ položky „%1” nie je rozpoznaný The file '%1' did not contain PKI data Súbor „%1” neobsahuje dáta PKI The %1 files: '%2' did not contain PKI data %1 súbory: „%2” neobsahuje dáta PKI ItemProperties Name Názov Source Zdroj Insertion date Dátum vloženia Comment Komentár KeyDetail Name Názov The internal name of the key used by xca Interný názov kľúča používaný v xca Security token Bezpečnostný token Manufacturer Výrobca Serial Sériové číslo Key Kľúč Public Exponent Verejný exponent Keysize Veľkosť kľúča Private Exponent Súkromný exponent Security Token Bezpečnostný token Label Menovka PKCS#11 ID ID PKCS#11 Token information Informácie tokenu Model Model Fingerprint Odtlačok Comment Komentár Details of the %1 key Podrobnosti kľúča %1 Not available Nedostupné Available Dostupný Sub prime Sub prime Public key Verejný kľúč Private key Súkromný kľúč Curve name Názov krivky Unknown key Neznámy kľúč KeyTreeView Clipboard format Change password Zmeniť heslo Reset password Odstrániť heslo Change PIN Zmeniť PIN Init PIN with SO PIN (PUK) Inicializovať PIN pomocou SO PIN (PUK) Change SO PIN (PUK) Zmeniť SO PIN (PUK) Security token Bezpečnostný token This is not a token Toto nie je token Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable Má byť pôvodný kľúč „%1” nahradený kľúčom z tokenu? Týmto bude kľúč „%1” odstránený a nebude ho možné exportovať Export public key [%1] Exportovať verejný kľúč [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Súkromné kľúče ( *.pem *.der *.pk8 );; Verejné kľúče SSH ( *.pub ) MainWindow Private Keys Súkromné kľúče &New Key &Nový kľúč &Export &Exportovať &Import &Importovať Import PFX (PKCS#12) Importovať PFX (PKCS#12) &Show Details &Zobraziť podrobnosti &Delete &Odstrániť Certificate signing requests Žiadosti o podpísanie &New Request &Nová žiadosť Certificates Certifikáty &New Certificate &Nový certifikát Import &PKCS#12 Importovať &PKCS#12 Import P&KCS#7 Importovať P&KCS#7 Plain View Prosté zobrazenie Templates Šablóny &New Template &Nová šablóna &New CRL &Nový CRL Ch&ange Template &Zmeniť šablónu Revocation lists Zoznamy odvolaných Using or exporting private keys will not be possible without providing the correct password Použitie alebo exportovanie súkromných kľúčov nebude možné bez zadania správneho hesla Database Databáza The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. Aktuálne použitý predvolený odtlačok „%1” nie je bezpečný. Prosím, kvôli bezpečnosti, zvoľte aspoň „SHA 224”. Recent DataBases Nedávne databázy System systémový Croatian chorvátsky English anglicky French francúzsky German nemecky Japanese japonsky Russian rusky Slovak slovensky Spanish španielsky Persian Bulgarian Polish poľsky Italian taliansky Chinese čínsky Dutch holandsky Portuguese in Brazil brazílska portugalčina Indonesian Turkish turecky Language Jazyk &File &Súbor Open Remote DataBase Otvoriť vzdialenú databázu Set as default DataBase Predvolená databáza New DataBase Nová databáza Open DataBase Otvoriť databázu Close DataBase Zatvoriť databázu Options Voľby Exit Skončiť I&mport &Importovať Keys Kľúče Requests Žiadosti PKCS#12 PKCS#12 PKCS#7 PKCS#7 Template Šablóna Revocation list Zoznam odvolaných PEM file Ssúbor PEM Paste PEM file Vložte súbor PEM Token Token Export Certificate &Index hierarchy Exportovať hierarchiu &indexu certifikátov Content Obsah &Manage Security token &Spravovať Bezpečnostný token &Init Security token &Inicializovať Bezpečnostný token &Change PIN Zmeniť @PIN Change &SO PIN Zmeniť &SO PIN Init PIN Inicializovať PIN Extra Extra &Dump DataBase Vypísať &databázu &Export Certificate Index &Exportovať index certifikátov C&hange DataBase password Z&meniť heslo databázy &Undelete items O&bnoviť zmazané Generate DH parameter Generovať parametre DH OID Resolver Prekladač OID &Help &Pomocník About O programe Import PEM data Importovať dáta PEM Please enter the original SO PIN (PUK) of the token '%1' Prosím, zadajte pôvodný SO PIN (PUK) tokenu „%1” Search Hľadať Please enter the new SO PIN (PUK) for the token '%1' Prosím, zadajte nový SO PIN (PUK) tokenu „%1” The new label of the token '%1' Nová menovka tokenu „%1” The token '%1' did not contain any keys or certificates Token „%1” neobsahuje žiadne kľúče ani certifikáty Current Password Aktuálne heslo Please enter the current database password Prosím, zadajte heslo aktuálnej databázy The entered password is wrong Zadané heslo je zlé New Password Nové heslo Please enter the new password to encrypt your private keys in the database-file Prosím, zadajte nové heslo na šifrovanie svojich súkromných kľúčov v súbore databázy Transaction start failed Spustenie transakcie zlyhalo Database: %1 Certificate Index ( index.txt ) Index certifikátov (index.txt) All files ( * ) Všetky súbory ( * ) Diffie-Hellman parameters saved as: %1 Parametre Diffie-Hellman uložené do: %1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits Parametre Diffie-Hellman sú potrebné pre rôzne aplikácie, ale nie sú používané v XCA. Prosím, zadajte bity parametra DH No deleted items found Nenájdené žiadne zmazané položky no such option: %1 neznáma voľba: %1 &Token &Token &Content &Obsah Error opening file: '%1': %2 Chyba otvorenia súboru: „%1”: %2 NewCrl Last update Posledná aktualizácia Next update Nasled. aktualizácia Days Dni Months Mesiace Years Roky Midnight Polnoc Local time Lokálny čas Apply Použiť Options Voľby CRL number Číslo CRL Subject alternative name Alternatívne meno predmetu Revocation reasons Dôvody odvolania Authority key identifier Identifikátor kľúča autority Hash algorithm Algoritmus odtlačku Create CRL Vytvoriť CRL NewKey Please give a name to the new key and select the desired keysize Prosím, zadajte meno nového kľúča a zvoľte jeho požadovanú veľkosť Key properties Vlastnosti kľúča Name Názov The internal name of the new key Interný názov nového kľúča Curve name Názov krivky Usually at least 2048 bit keys are recommended Zvyčajne sú odporúčané kľúče aspoň 2048 bitov New Key Nový kľúč Keysize Veľkosť kľúča Keytype Typ kľúča Remember as default Zapamätať ako predvolené Create Vytvoriť NewX509 Source Zdroj Signing request Žiadosť o podpísanie Show request Zobraziť žiadosť Sign this Certificate signing &request Podpísať túto Žiadosť o certifikát Copy extensions from the request Kopírovať rozšírenia zo žiadosti Modify subject of the request Zmeniť predmet žiadosti Signing Podpísanie Create a &self signed certificate Vytvoriť &sebou podpísaný certifikát Use &this Certificate for signing Podpísať &týmto certifikátom All certificates in your database that can create valid signatures Všetky certifikáty v databáze, ktoré môžu vytvoriť platný podpis Signature algorithm Algoritmus podpisu Template for the new certificate Šablóna nového certifikátu All available templates Všetky dostupné šablóny Apply extensions Pridať rozšírenia Apply subject Pridať predmet Apply all Pridať všetko Subject Predmet Internal Name Interný názov Distinguished name Rozlišovací názov Add Pridať Delete Odstrániť Private key Súkromný kľúč This list only contains unused keys Tento zoznam obsahuje len nepoužité kľúče Used keys too Aj použité kľúče &Generate a new key &Generovať nový kľúč Extensions Rozšírenia Type Typ If this will become a CA certificate or not Či to bude certifikát CA alebo nie Not defined Nedefinované Certification Authority Certifikačná autorita End Entity Koncový certifikát Path length Dĺžka cesty How much CAs may be below this. Koľko CA môže byť pod týmto. The basic constraints should always be critical Základné obmedzenia by mali byť vždy kritické Key identifier Identifikátor kľúča Creates a hash of the key following the PKIX guidelines Vytvorí odtlačok kľúča v súlade s odporúčaním PKIX Copy the Subject Key Identifier from the issuer Kopírovať Identifikátor kľúča predmetu vydavateľa Validity Platnosť Not before Nie pred Not after Nie po Time range Časový rozsah Days Dni Months Mesiace Years Roky Apply Použiť Set the time to 00:00:00 and 23:59:59 respectively Nastavuje čas na 00:00:00 a 23:59:59 Midnight Polnoc Local time Lokálny čas No well-defined expiration Bez vypršania DNS: IP: URI: email: RID: DNS:, IP:, URI:, email:, RID: Edit Upraviť URI: URI: Key usage Použitie kľúča Netscape Netscape Advanced Pokročilé Validate Overiť Comment Komentár This name is only used internally and does not appear in the resulting certificate Tento názov je použitý len interne a neobjaví sa vo výslednom certifikáte Critical Kritické Create Certificate signing request Vytvoriť Žiadosť o podpísanie certifikátu minimum size: %1 minimálna veľkosť: %1 maximum size: %1 maximálna veľkosť: %1 only a-z A-Z 0-9 '()+,-./:=? len a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters len prosté 7-b znaky Edit XCA template Upraviť šablónu XCA Create x509 Certificate Vytvoriť certifikát x509 Template '%1' applied Šablóna „%1” aplikovaná Subject applied from template '%1' Predmet nastavený zo šablóny „%1” Extensions applied from template '%1' Rozšírenia nastavené zo šablóny „%1” New key '%1' created Vytvorený nový kľúč „%1” Other Tabs Záložka Iné Advanced Tab Záložka Pokročilé Errors Chyby From PKCS#10 request Zo žiadosti PKCS#10 Abort rollout Prerušiť operáciu The following length restrictions of RFC3280 are violated: Nie sú splnené Nasledujúce obmedzenia veľkosti z RFC3280: Edit subject Upraviť predmet Continue rollout Pokračovať v operácii The verification of the Certificate request failed. The rollout should be aborted. Overenie žiadosti o certifikát zlyhalo. Operácia by mala byť prerušená. Continue anyway Pokračovať i tak The internal name and the common name are empty. Please set at least the internal name. Interný názov a bežný názov sú prázdne. Prosím, zadajte aspoň interný názov. Edit name Upraviť názov There is no Key selected for signing. Nebol zvolený kľúč na podpísanie. Select key Vybrať kľúč The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. Nasledujúce položky rozlišovacieho názvu sú prázdne: %1 hoci ste ich v nastavení definovali ako povinné. The key you selected for signing is not a private one. Kľúč, zvolený na podpísanie, nie je súkromný. Select other signer Zvoliť iného vydavateľa Select other key Zvoliť iný kľúč The currently selected hash algorithm '%1' is insecure and should not be used. Aktuálne zvolený algoritmus odtlačku „%1” nie je bezpečný a nemá byť používaný. Select other algorithm Zvoľte iný algoritmus Use algorithm anyway Použiť algoritmus aj tak The certificate will be earlier valid than the signer. This is probably not what you want. Certifikát bude platný skôr ako jeho vydavateľ. To asi nie je to, čo chcete. Edit dates Upraviť dátumy Adjust date and continue Opraviť dátum a pokračovať The certificate will be longer valid than the signer. This is probably not what you want. Certifikát bude platný dlhšie ako jeho vydavateľ. To asi nie je to, čo chcete. The certificate will be out of date before it becomes valid. You most probably mixed up both dates. Certifikát vyprší ešte pred nadobudnutím platnosti. Pravdepodobne ste zamenili oba dátumy. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. Certifikát obsahuje neplatné alebo duplicitné rozšírenia. Skontrolujte platnosť na záložke Pokročilé. The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. Certifikát neobsahuje rozšírenia. Na definovanie určenia certifikátu môžete pridať rozšírenia jednej zo šablón. The certificate contains invalid extensions. Edit extensions Upraviť rozšírenia The subject alternative name shall contain a copy of the common name. However, the common name is empty. Alternatívne meno predmetu má obsahovať kópiu bežného mena. Avšak, bežné meno je prázdne. Configfile error on line %1 Chyba konfiguračného súboru v riadku %1 OidResolver OID Resolver Prekladač OID Enter the OID, the Nid, or one of the textual representations Zadajte OID, Nid alebo jednu z textových reprezentácií Search Hľadať OID OID Long name Dlhý názov OpenSSL internal ID Interné ID OpenSSL Nid Nid Short name Krátky názov OpenDb Open remote database Otvoriť vzdialené databázu Database type Typ databázy Hostname Názov stroja Username Meno používateľa Password Heslo Database name Názov databázy Table prefix Predpona tabuľky No SqLite3 driver available. Please install the qt-sqlite package of your distribution Nie je dostupný ovládač SQLite3. Prosím, nainštalujte balík qt-sqlite svojej distribúcie The database driver does not support transactions. This may happen if the client and server have different versions. Continue with care. Ovládač databázy nepodporuje transakcie. Toto môže nastať, ak majú kleint a server rôzne verzie. Pokračujte s opatrnosťou. Options XCA Options Nastavenia XCA Settings Nastavenia Default hash algorithm Predvolený algoritmus odtlačku String types Typy reťazcov Suppress success messages Potlačiť správy o úspechu Don't colorize expired certificates Nezvýrazňovať vypršané certifikáty Translate established x509 terms (%1 -> %2) Preložiť platné položky x509 (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. Hašovacia funkčnosť tokenu nie je v XCA použitá. Môže však rešpektovať obmedzenú sadu hašovacích algoritmov zverejnených tokenom. Najmä EC a DSA sú v špecifikácii PKCS#11 definované len s SHA1. Only use hashes supported by the token when signing with a token key Použiť len odtlačky podporované tokenom pri podpisovaní kľúčom z tokenu Disable legacy Netscape extensions Vypnúť staré rozšírenia Netscape PKCS12 encryption algorithm Certificate expiry warning threshold Hranica upozornenia vypršania platnosti certifikátu Send vCalendar expiry reminder Poslať pripomienku vCalendar o vypršaní platnosti Serial number length Dĺžka sériového čísla bit bit Distinguished name Rozlišovací názov Mandatory subject entries Povinné položky predmetu Add Pridať Delete Odstrániť Explicit subject entries Explicitné položky predmetu Dynamically arrange explicit subject entries Dynamicky rozložiť explicitné položky predmetu Default Predvolené PKCS#11 provider Poskytovateľ PKCS#11 Remove Odstrániť Search Hľadať Printable string or UTF8 (default) Tlačiteľné znaky alebo UTF-8 (predvolené) PKIX recommendation in RFC2459 Odporúčania PKIX v RFC2459 No BMP strings, only printable and T61 Nie reťazce BMP, len tlačiteľné a T61 UTF8 strings only (RFC2459) Len reťazce UTF-8 (RFC2459) All strings Všetky reťazce Days Dni Weeks Týždne PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) Heslo je spracované ako 2-ciferný šestnástkový kód. Musí mať párny počet číslic (0-9 a a-f) Take as HEX string Zadajte šestnástkový reťazec Password Heslo Repeat %1 Opakovať %1 %1 mismatch %1 nezhoda Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters Šestnástkové heslo môže obsahovať len znaky „0” – „9” a „a” – „f” a musí mať párny počet znakov Exit Skončiť E&xit S&končiť QMessageBox Ok OK Close Zatvoriť Cancel Zrušiť Apply Použiť Yes Áno No Nie QObject Undefined Nedefinované Broken / Invalid Poškodený/Neplatný in %1 seconds za %1 sekúnd %1 seconds ago pred %1 sekundami in %1 minutes za %1 minút %1 minutes ago pred %1 minútami Yesterday Včera Tomorrow Zajtra in %1 hours za %1 hodiny %1 hours ago pred %1 hodinami Out of data Nedostatok dát Error finding endmarker of string Chyba nájdenia koncovej značky reťazca Out of Memory at %1:%2 Nedostatok pamäte na %1:%2 All files ( * ) Všetky súbory ( * ) PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK Keys ( *.pvk );; SSH Public Keys ( *.pub );; Kľúče PKI ( *.pem *.der *.key );; Kľúče PKCS#8 ( *.p8 *.pk8 );; Kľúče Microsoft PVK ( *.pvk );; Verejné kľúče SSH ( *.pub );; Import RSA key Importovať kľúč RSA PKCS#10 CSR ( *.pem *.der *.csr );; Žiadosť PKCS#10 ( *.pem *.der *.csr );; Import Request Importovať Žiadosť Certificates ( *.pem *.der *.crt *.cer );; Certifikáty ( *.pem *.der *.crt *.cer );; Import X.509 Certificate Importovať Certifikát X.509 PKCS#7 data ( *.p7s *.p7m *.p7b );; Dáta PKCS#7 ( *.p7s *.p7m *.p7b );; Import PKCS#7 Certificates Importovať Certifikáty PKCS#7 PKCS#12 Certificates ( *.p12 *.pfx );; Certifikáty PKCS#12 ( *.p12 *.pfx );; Import PKCS#12 Private Certificate Importovať Súkromný certifikát PKCS#12 XCA templates ( *.xca );; Šablóny XCA ( *.xca );; Import XCA Templates Importovať Šablóny XCA Revocation lists ( *.pem *.der *.crl );; Zoznamy odvolaných ( *.pem *.der *.crl );; Import Certificate Revocation List Importovať Zoznam odvolaných certifikátov XCA Databases ( *.xdb );; Databázy XCA ( *.xdb );; Open XCA Database Otvoriť databázu XCA PKCS#11 library ( *.dll );; Knižnica PKCS#11 ( *.dll );; PKCS#11 library ( *.dylib *.so );; Knižnica PKCS#11 ( *.dylib *.so );; PKCS#11 library ( *.so );; Knižnica PKCS#11 ( *.so );; Open PKCS#11 shared library Otvoriť zdieľanú knižnicu PKCS#11 PEM files ( *.pem );; Súbory PEM ( *.pem );; Load PEM encoded file Načítať súbor kódovaný PEM Please enter the PIN on the PinPad Prosím, zadajte PIN na PinPad-e Please enter the SO PIN (PUK) of the token %1 Prosím, zadajte SO PIN (PUK) tokenu %1 Please enter the PIN of the token %1 Prosím, zadajte PIN tokenu %1 No Security token found Nebol nájdený bezpečnostný token Select Zvoliť Please enter the new SO PIN (PUK) for the token: '%1' Prosím, zadajte nový SO PIN (PUK) tokenu: „%1” Please enter the new PIN for the token: '%1' Prosím, zadajte nový PIN tokenu: '%1' Required PIN size: %1 - %2 Požadovaná veľkosť PIN: %1 - %2 Invalid filename: %1 Neplatné meno súboru: %1 Failed to open PKCS11 library: %1: %2 Zlyhalo otvorenie knižnice PKCS#11: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Toto nevyzerá ako knižnica PKCS#11. Symbol 'C_GetFunctionList' nenájdený. Disabled Vypnuté Library loading failed Načítanie knižnice zlyhalo PKCS#11 function '%1' failed: %2 Funkcia PKCS#11 „%1” zlyhala: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 Funkcia PKCS#11 „%1” zlyhala: %2 V knižnici %3 %4 Invalid Neplatné %1 is shorter than %2 bytes: '%3' %1 je kratšie ako %2 B: „%3” %1 is longer than %2 bytes: '%3' %1 je dlhšie ako %2 B: „%3” String '%1' for '%2' contains invalid characters Reťazec „%1” pre „%2” obsahuje neplatné znaky Error reading config file %1 at line %2 Chyba čítania konfiguračného súboru %1 na riadku %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. Objekt „%1” zo súboru %2 riadok %3 je už známy ako „%4:%5:%6” a mal by byť odstránený. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. Identifikátor „%1” pre OID %2 zo súboru %3 riadok %4 je už použitý pre iné OID ako „%5:%6:%7” a treba ho zmeniť, aby ste predišli konfliktom. Unknown object '%1' in file %2 line %3 Neznámy objekt „%1” v súbore %2 riadok %3 Failed to start a database transaction Zlyhala inicializácia DB transakcie Country code Kód krajiny State or Province Štát alebo provincia Locality Lokalita Organisation Organizácia Organisational unit Organizačná jednotka Common name Bežný názov E-Mail address Emailová adresa Serial number Sériové číslo Given name Rodné meno Surname Priezvisko Title Titul Initials Iniciály Description Popis Role Rola Pseudonym Pseudonym Generation Qualifier Prívlastok generácie x500 Unique Identifier Jedinečný identifikátor x500 Name Názov DN Qualifier Prívlastok DN Unstructured name Neštruktúrovaný názov Challenge password Heslo výzvy Basic Constraints Základné obmedzenia Subject alternative name Alternatívne meno predmetu issuer alternative name Alternatívny názov vydavateľa Subject key identifier Identifikátor kľúča predmetu Authority key identifier Identifikátor kľúča autority Key usage Použitie kľúča Extended key usage Rozšírené použitie kľúča CRL distribution points Distribučné body CRL Authority information access Prístup k informácii CA (AIA) Certificate type Typ certifikátu Base URL Základná URL Revocation URL URL odvolaní CA Revocation URL URL odvolaní CA Certificate renewal URL URL obnovenia CRL CA policy URL URL politiky CA SSL server name Meno servera SSL Comment Komentár Index file written to '%1' Súbor index zapísaný do „%1” Index hierarchy written to '%1' Hierarchia indexu zapísaná do „%1” Unknown key type %1 Neznámy typ kľúča %1 Password verify error, please try again Chyba overenia hesla, prosím, skúste znova The following error occurred: Nastala nasledujúca chyba: DB: Rename: '%1' already in use Premenovanie DB: „%1” už je použité DB: Entry to rename not found: %1 DB: Položka na premenovanie nenájdená: %1 DB: Write error %1 - %2 DB: Chyba zápisu %1 – %2 Failed to update the database schema to the current version Password Heslo ReqTreeView Sign Podpísať Unmark signed Zrušiť označenie podpísané Mark signed Označiť podpísané Similar Request Podobné žiadosti Certificate request export Export Žiadosti o certifikát Certificate request ( *.pem *.der *.csr ) Žiadosť o certifikát ( *.pem *.der *.csr ) RevocationList Manage revocations Spravovať odvolania Add Pridať Delete Odstrániť Edit Upraviť No. Č. Serial Sériové číslo Revocation Odvolanie Reason Dôvod Invalidation Zneplatnenie Generate CRL Generovať CRL Revoke Certificate revocation Odvolanie certifikátu Revocation details Podrobnosti odvolania Revocation reason Dôvod odvolania Local time Lokálny čas Invalid since Neplatný od Serial Sériové číslo SearchPkcs11 Directory Adresár ... ... Include subdirectories Zahrnúť podadresáre Search Hľadať The following files are possible PKCS#11 libraries nasledujúce súbory sú možné knižnice PKCS#11 SelectToken Security token Bezpečnostný token Please select the security token Prosím, vyberte bezpečnostný token TempTreeView Duplicate Duplikát Create certificate Vytvoriť certifikát Create request Vytvoriť žiadosť copy kopírovať Preset Template values Predvoľby hodnôt šablóny Template export XCA Templates ( *.xca ) TrustState Certificate trust Trustment &Never trust this certificate Only &trust this certificate, if we trust the signer &Always trust this certificate Validity yyyy-MM-dd hh:mm d. MMM yyyy hh:mm X509SuperTreeView OpenSSL config Konfigurácia OpenSSL Transform Transformovať Template Šablóna Public key Verejný kľúč Save as OpenSSL config Uložiť ako konfiguráciu OpenSSL Config files ( *.conf *.cnf);; All files ( * ) Konfiguračné súbory ( *.conf *.cnf );; Všetky súbory ( * ) XFile Error opening file: '%1': %2 Chyba otvorenia súboru: „%1”: %2 Error rewinding file: '%1': %2 XcaTreeView Item properties Vlastnosti položky Subject entries Položky predmetu X509v3 Extensions Rozšírenia X509v3 Netscape extensions Rozšírenia Netscape Key properties Vlastnosti kľúča Reset Vymazať Hide Column Odstrániť stĺpec Details Podrobnosti Columns Stĺpce New Nový Import Importovať Paste PEM data Vložiť dáta PEM Rename Premenovať Properties Vlastnosti Delete Odstrániť Export Exportovať Clipboard Schránka File Súbor database_model Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Detegovaný starý formát databázy. Vytvorená záložná kópia, nazvaná: „%1” a databáza konvertovaná do nového formátu Failed to rename the database file, because the target already exists Premenovanie súboru databázy zlyhalo, pretože cieľ už existuje Please enter the password to access the database server %2 as user '%1'. Prosím, zadajte heslo na prístup k databázovému serveru %2 ako používateľ „%1”. Unable to create '%1': %2 Nemožno vytvoriť „%1”: %2 The file '%1' is not an XCA database Súbor „%1” nie je databáza XCA No SqLite3 driver available. Please install the qt-sqlite package of your distribution Nie je dostupný ovládač SQLite3. Prosím, nainštalujte balík qt-sqlite svojej distribúcie New Password Nové heslo Please enter a password, that will be used to encrypt your private keys in the database: %1 Prosím, zadajte heslo, ktoré bude slúžiť na šifrovanie súkromných kľúčov v databáze: %1 Password Heslo Please enter the password for unlocking the database: %1 Prosím, zadajte heslo na odomknutie databázy: %1 db_base Internal name Interný názov No. Č. Primary key Primárny kľúč Database unique number Jedinečné číslo databázy Date Dátum Date of creation or insertion Dátum vytvorenia alebo vloženia Source Zdroj Generated, Imported, Transformed Generovaný, Importovaný, Transformovaný Comment Komentár First line of the comment field Prvý riadok poľa komentára Import from: %1 Importovať z: %1 Could not create directory %1 Nemožno vytvoriť zložku %1 Item properties Vlastnosti položky How to export the %1 selected items Ako exportovať %1 zvolených položiek All in one PEM file Všetky v jednom súbore PEM Each item in one file Každá položka v samostatnom súbore Save %1 items in one file as Uložiť %1 položiek v jednom súbore ako PEM files ( *.pem );; All files ( * ) Súbory PEM ( *.pem );; Všetky súbory ( * ) Error opening file: '%1': %2 Chyba otvorenia súboru: „%1”: %2 db_crl Signer Vydavateľ Internal name of the signer Interný názov vydavateľa No. revoked Počet odvolaných Number of revoked certificates Počet odvolaných certifikátov Last update Posledná aktualizácia Next update Nasled. aktualizácia CRL number Číslo CRL The revocation list already exists in the database as: '%1' and so it was not imported Zoznam odvolaní už v databáze existuje ako: „%1”, a tak nebol importovaný Revocation list export Export Zoznamu odvolaných CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) Failed to initiate DB transaction Zlyhala inicializácia DB transakcie Database error: %1 Chyba databázy: %1 db_key Type Typ Size Veľkosť EC Group Skupina EC Use Použiť Password Heslo The key is already in the database as: '%1' and is not going to be imported Kľúč už je v databáze ako: „%1”, a tak nebude importovaný The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key Databáza už obsahuje verejnú časť importovaného kľúča ako „%1” a bude doplnená novou, súkromnou, časťou kľúča Extending public key from %1 by imported key '%2' Rozšírenie verejného kľúča z %1 importovaním kľúča „%2” Key size too small ! Dĺžka kľúča je príliš malá! You are sure to create a key of the size: %1 ? Naozaj chcete vytvoriť kľúč s veľkosťou: %1? PEM public PEM verejný SSH2 public SSH2 verejný PEM private PEM súkromný SSH2 private SSH2 súkromný Export keys to Clipboard Exportovať kľúče do schránky Clipboard Schránka Export public key [%1] Exportovať verejný kľúč [%1] DER public DER verejný DER private DER súkromný PEM encryped PEM šifrovaný PVK private PVK súkromný PVK encrypted PVK šifrovaný PKCS#8 encrypted PKCS#8 šifrovaný Export private key [%1] Exportovať súkromný kľúč [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Súkromné kľúče ( *.pem *.der *.pk8 );; Verejné kľúče SSH ( *.pub ) Internal error Interná chyba Tried to change password of a token Vyskúšaná zmena hesla tokenu db_temp Bad template: %1 Zlá šablóna: %1 Empty template Prázdna šablóna Save template as Uložiť šablónu ako XCA templates ( *.xca );; All files ( * ) Šablóny XCA ( *.xca );; Všetky súbory ( * ) db_x509 CA CA reflects the basic Constraints extension Odráža rozšírenie Základné obmedzenia Serial Sériové číslo Start date Dátum začiatku Expiry date Dátum vypršania MD5 fingerprint Odtlačok MD5 SHA1 fingerprint Odtlačok SHA1 SHA256 fingerprint Odtlačok SHA256 Not before Nie pred Not after Nie po Revocation Odvolanie CRL Expiration CRL vypršania Failed to retrieve unique random serial Zlyhalo získanie jedinečného náhodného sériového čísla The certificate already exists in the database as: '%1' and so it was not imported Certifikát v databáze už existuje ako: „%1”, a tak nebol importovaný Signed on %1 by '%2' %1 podpísané „%2” Unknown Neznáme Invalid public key Neplatný verejný kľúč PKCS#7 unrevoked Neodvolané PKCS#7 PEM unrevoked Neodvolané PEM vCalendar vCalendar CA vCalendar CA vCalendar X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) Certifikáty X509 ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) days dní No template Bez šablóny The key you selected for signing is not a private one. Kľúč, zvolený na podpísanie, nie je súkromný. Failed to create directory '%1' Nemožno vytvoriť zložku „%1” Store the certificate to the key on the token '%1 (#%2)' ? Uložiť certifikát do kľúča na tokene „%1 (#%2)”? PEM chain Reťaz PEM PKCS#7 chain Reťaz PKCS #7 PKCS#12 chain Reťaz PKCS#12 PKCS#7 all PKCS#7 všetky PEM + key PEM + kľúč PEM all PEM všetky Certificate Index file Súbor indexu certifikátov Certificate export Export certifikátu There was no key found for the Certificate: '%1' Nebol nájdený kľúč certifikátu: „%1” Not possible for a token key: '%1' Nie je možné pre kľúč tokenu: „%1” Not possible for the token-key Certificate '%1' Nie je možné pre Certifikát kľúča tokenu „%1” Plain View Prosté zobrazenie Error opening file: '%1': %2 Chyba otvorenia súboru: „%1”: %2 db_x509name Subject Predmet Complete distinguished name Úplný rozlišovací názov Subject hash Odtlačok predmetu Hash to lookup certs in directories Odtlačok na hľadanie certifikátov v adresároch db_x509req Signed Podpísaný whether the request is already signed or not Či už bola žiadosť podpísaná alebo nie Unstructured name Neštruktúrovaný názov Challenge password Heslo výzvy Certificate count Počet certifikátov Number of certificates in the database with the same public key Počet certifikátov s rovnakým verejným kľúčom v databáze The certificate signing request already exists in the database as '%1' and thus was not stored Žiadosť o podpísanie certifikátu už v databáze existuje ako „%1”, a tak nebola uložená Certificate request export Export Žiadosti o certifikát Certificate request ( *.pem *.der *.csr ) Žiadosť o certifikát ( *.pem *.der *.csr ) db_x509super Key name Názov kľúča Internal name of the key Interný názov kľúča Signature algorithm Algoritmus podpisu Key type Typ kľúča Key size Veľkosť kľúča EC Group Skupina EC Extracted from %1 '%2' Vyňaté z %1 „%2” Certificate Certifikát Certificate request Žiadosť o certifikát Save as OpenSSL config Uložiť ako konfiguráciu OpenSSL Config files ( *.conf *.cnf);; All files ( * ) Konfiguračné súbory ( *.conf *.cnf );; Všetky súbory ( * ) The following extensions were not ported into the template Do šablóny neboli prenesené nasledujúce rozšírenia Transformed from %1 '%2' Transformované z %1 „%2” kvView Type Typ Content Obsah pass_info Password Heslo PIN PIN pkcs11_lib Failed to open PKCS11 library: %1: %2 Zlyhalo otvorenie knižnice PKCS#11: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Toto nevyzerá ako knižnica PKCS#11. Symbol 'C_GetFunctionList' nenájdený. pki_base Unknown Neznáme Imported Importovaný Generated Generovaný Transformed Transformovaný Token Token Legacy Database Stará databáza Renewed Obnovené Property '%1' not listed in 'pki_base::print' Vlastnosť „%1” nie je zahrnutá v „pki_base::print” Internal error: Unexpected message: %1 %2 Interná chyba: Neočakávaná správa: %1 %2 Error opening file: '%1': %2 Chyba otvorenia súboru: „%1”: %2 Error writing to file: '%1': %2 Chyba zápisu do súboru „%1”: %2 pki_crl Successfully imported the revocation list '%1' Úspešne importovaný Zoznam odvolaní „%1” Delete the revocation list '%1'? Odstrániť Zoznam odvolaní „%1”? Successfully created the revocation list '%1' Úspešne vytvorený Zoznam odvolaní „%1” Delete the %1 revocation lists: %2? Odstrániť %1 uoznamov odvolaní: %2? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. Nemožno načítať zoznam odvolaní zo súboru %1. Vyskúšaný formát CRL PEM a DER. No issuer given Nebol zadaný vydavateľ Wrong Size %1 Zlá veľkosť %1 CRL Renewal of CA '%1' due Termín obnovenia CRL CA „%1” The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' Posledné CRL vydané CA „%1” vyprší %2. Je uložené v databáze XCA „%3” Renew CRL: %1 Obnoviť CRL: %1 The XCA CRL '%1', issued on %3 will expire on %4. It is stored in the XCA database '%5' XCA CRL „%1”, vydané %3 vyprší %4. Je uložené v databáze XCA „%5” unknown neznáme pki_evp Please enter the password to decrypt the private key %1. Prosím, zadajte heslo na dešifrovanie súkromného kľúča %1. The key from file '%1' is incomplete or inconsistent. Kľúč zo súboru „%1” je nekompletný ale nekonzistentný. Please enter the password to decrypt the private key from file: %1 Prosím, zadajte heslo na dešifrovanie súkromného kľúča zo súboru: %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. Nemožno načítať súkromný kľúč zo súboru %1. Vyskúšaný PEM a DER súkromný, verejný, typy kľúčov PKCS#8 a formát SSH2. Ignoring unsupported private key Ignorujem nepodporovaný súkromný kľúč Please enter the password to decrypt the private key: '%1' Prosím, zadajte heslo na dešifrovanie súkromného kľúča: „%1” Password input aborted Zadávanie hesla zrušené Please enter the database password for decrypting the key '%1' Prosím, zadajte heslo databázy na dešifrovanie kľúča „%1” Please enter the password to protect the private key: '%1' Prosím, zadajte heslo na ochranu súkromného kľúča: „%1” Please enter the database password for encrypting the key Prosím, zadajte heslo databázy na zašifrovanie kľúča Please enter the password protecting the PKCS#8 key '%1' Prosím, zadajte heslo na ochranu kľúča PKCS#8 „%1” Please enter the password protecting the Microsoft PVK key '%1' Prosím, zadajte heslo na ochranu kľúča Microsoft PVK „%1” Please enter the export password for the private key '%1' Prosím, zadajte heslo exportu súkromného kľúča „%1” Failed to decrypt the key (bad password) %1 Zlyhalo dešifrovanie kľúča (zlé heslo) %1 pki_export PEM Text format with headers Textový formát PEM s hlavičkami Concatenated list of all selected items in one PEM text file Zlúčený zoznam zvolených položiek v jednom textovom súbore PEM PEM chain Reťaz PEM Concatenated text format of the complete certificate chain in one PEM file Zlúčený textový formát úplnej reťaze certifikátu v jednom súbore PEM PEM + key PEM + kľúč Concatenation of the certificate and the unencrypted private key in one PEM file Spojenie certifikátu a nešifrovaného súkromného kľúča v jednom súbore PEM Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Spojenie certifikátu a šifrovaného súkromného kľúča v jednom súbore PKCS#8 PKCS#7 encoded single certificate PKCS#7 kódovaný jeden certifikát All selected certificates encoded in one PKCS#7 file Všetky zvolené certifikáty kódované v jednom súbore PKCS#7 PKCS #7 chain PKCS#7 encoded complete certificate chain PKCS#7 kódovaná úplná reťaz certifikátov Binary DER encoded certificate PKCS #12 chain The complete certificate chain and the private key as encrypted PKCS#12 file Úplná reťaz certifikátu a súkromný kľúč ako šifrovaný súbor PKCS#12 PKCS #12 The certificate and the private key as encrypted PKCS#12 file Certifikát a súkromný kľúč ako šifrovaný súbor PKCS#12 Certificate Index file Súbor indexu certifikátov OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool Súbor indexu certifikátov, špecifický pre OpenSSL, vytvorený ako príkazom „ca” a vyžadovaný nástrojom OCSP vCalendar vCalendar vCalendar expiry reminder for the selected items Pripomienka vCalendar vypršania platnosti zvolených položiek CA vCalendar CA vCalendar vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL Pripomienka vCalendar vypršania platnosti všetkých vydaných, platných certifikátov, samotnej CA i posledného CRL PEM public PEM verejný Text format of the public key in one PEM file Textový formát verejného kľúča v súbore PEM PEM private PEM súkromný Unencrypted private key in text format Nešifrovaný súkromný kľúč v textovom formáte PEM encrypted OpenSSL specific encrypted private key in text format Šifrovaný súkromný kľúč v textovom formáte (špecifický pre OpenSSL) SSH2 private SSH2 súkromný SSH2 public SSH2 verejný The public key encoded in SSH2 format Verejný kľúč kódovaný vo formáte SSH2 DER public DER verejný Binary DER format of the public key Binárny formát DER verejného kľúča DER private DER súkromný Unencrypted private key in binary DER format Nešifrovaný súkromný kľúč v binárnom formáte DER PVK private PVK súkromný Private key in Microsoft PVK format not encrypted Súkromný kľúč vo formáte Microsoft PVK, nešifrovaný PVK encrypted PVK šifrovaný Encrypted private key in Microsoft PVK format Šifrovaný súkromný kľúč vo formáte Microsoft PVK PKCS #8 encrypted Encrypted private key in PKCS#8 text format Šifrovaný súkromný kľúč v textovom formáte PKCS#8 PKCS #8 Unencrypted private key in PKCS#8 text format Nešifrovaný súkromný kľúč v textovom formáte PKCS#8 Binary DER format of the certificate request Binary DER format of the revocation list vCalendar reminder for the CRL expiry date XCA template in PEM-like format All selected XCA templates in PEM-like format pki_key Successfully imported the %1 public key '%2' Úspešne importovaný %1 verejný kľúč „%2” Delete the %1 public key '%2'? Odstrániť %1 verejný kľúč „%2”? Successfully imported the %1 private key '%2' Úspešne importovaný %1 súkromný kľúč „%2” Delete the %1 private key '%2'? Odstrániť %1 súkromný kľúč „%2”? Successfully created the %1 private key '%2' Úspešne vytvorený %1 súkromný kľúč „%2” Delete the %1 keys: %2? Odstrániť %1 kľúčov: %2? Public key Verejný kľúč Common Spoločný Private Súkromný Bogus Pododný PIN PIN No password Bez hesla Unexpected SSH2 content: '%1' Neočakávaný obsah SSH2: „%1” Invalid SSH2 public key Neplatný verejný kľúč SSH2 Failed writing to %1 Zlyhal zápis do %1 pki_multi No known PEM encoded items found Nájdené neznáme kódované položky PEM pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 Prosím, zadajte heslo na dešifrovanie súboru PKCS#12: %1 Unable to load the PKCS#12 (pfx) file %1. Nemožno načítať súbor PKCS#12 (pfx) %1. The supplied password was wrong (%1) Zadané heslo je zlé (%1) Please enter the password to encrypt the PKCS#12 file Prosím, zadajte heslo na zašifrovanie súboru PKCS#12 No key or no Cert and no pkcs12 Nie je to kľúč, ani Certifikát a ani PKCS#12 pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. Nemožno načítať súbor PKCS#7 %1. Vyskúšaný formát PEM a DER. pki_scard Successfully imported the token key '%1' Úspešne importovaný kľúč tokenu „%1” Delete the token key '%1'? Odstrániť kľúč tokenu „%1”? Successfully created the token key '%1' úspešne vytvorený kľúč tokenu „%1” Delete the %1 keys: %2? Odstrániť %1 kľúčov: %2? Delete the private key '%1' from the token '%2 (#%3)' ? Odstrániť súkromný kľúč „%1” z tokenu „%2 (#%3)”? This Key is already on the token Tento kľúč už je na tokene PIN input aborted Zadanie PIN zrušené Unable to find copied key on the token Nemožno nájsť kópiu kľúča na tokene Please insert card: %1 %2 [%3] with Serial: %4 Prosím, vložte kartu: %1 %2 [%3] so sér. číslom: %4 Unable to find generated key on card Nemožno nájsť vygenerovaný kľúč na karte Ignoring unsupported token key Ignorovanie nepodporovaného kľúča tokenu Wrong Size %1 Zlá veľkosť %1 Token %1 Token %1 Failed to find the key on the token Zlyhalo nájdenie kľúča na tokene Invalid Pin for the token Neplatný PIN tokenu Failed to initialize the key on the token Zlyhal inicializácia kľúča na tokene Illegal Key generation method Neprípustná metóda generovania kľúča Public Key mismatch. Please re-import card Nezhoda verejného kľúča. Prosím, znova importujte kartu pki_temp Successfully imported the XCA template '%1' Úspešne importovaná šablóna XCA „%1” Delete the XCA template '%1'? Odstrániť šablónu XCA „%1”? Successfully created the XCA template '%1' Úspešne vytvorená šablóna XCA „%1” Delete the %1 XCA templates: %2? Odstrániť %1 šablón XCA: %2? Wrong Size %1 Zlá veľkosť %1 Template file content error (too small) Chyba obsahu súboru šablóny (príliš malá) Not a PEM encoded XCA Template Šablóna XCA nie je vo formáte PEM Not an XCA Template, but '%1' Nie je šablóna XCA, ale „%1” Template file content error (too small): %1 Chyba obsahu súboru šablóny (príliš malá): %1 pki_x509 Successfully imported the certificate '%1' Úspešne importovaný certifikát „%1” Delete the certificate '%1'? Odstrániť certifikát „%1”? Successfully created the certificate '%1' Úspešne vytvorený certifikát „%1” Delete the %1 certificates: %2? Odstrániť %1 certifikátov: %2? Unable to load the certificate in file %1. Tried PEM and DER certificate. Nemožno načítať certifikát zo súboru %1. Vyskúšaný certifikát PEM a DER. This certificate is already on the security token Tento certifikát už je na bezpečnostnom tokene Delete the certificate '%1' from the token '%2 (#%3)'? Odstrániť certifikát „%1” z tokenu „%2 (#%3)”? There is no key for signing ! Chýba kľúč na podpísanie! Wrong Size %1 Zlá veľkosť %1 No Nie Yes Áno Renew certificate: %1 Obnoviť certifikát: %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' Certifikát XCA „%1”, vydaný %2 vyprší %3. Je uložený v databáze XCA „%4” pki_x509req Signing key not valid (public key) Podpisujúci kľúč neplatný (verejný kľúč) Successfully imported the %1 certificate request '%2' úspešne importovaná %1 žiadosť o certifikát „%2” Delete the %1 certificate request '%2'? Odstrániť %1 žiadosť o certifikát „%2”? Successfully created the %1 certificate request '%2' Úspešne vytvorená %1 žiadosť o certifikát „%2” Delete the %1 certificate requests: %2? Odstrániť %1 žiadosť o certifikát: %2? Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. Nemožno načítať žiadosť o certifikát zo súboru %1. Vyskúšané formáty PEM, DER a SPKAC. Wrong Size %1 Zlá veľkosť %1 Signed Podpísaný Unhandled Nespracované v3ext Copy Common Name Kopírovať bežný názov Add Pridať Delete Odstrániť Apply Použiť Validate Overiť Cancel Zrušiť An email address or 'copy' Emailová adresa alebo „copy” An email address Emailová adresa A registered ID: OBJECT IDENTIFIER Registrované ID: IDENTIFIKÁTOR OBJEKTU A uniform resource indicator Jednotný indikátor zdroja A DNS domain name or 'copycn' Doménové meno DNS alebo „copycn” A DNS domain name Doménové meno DNS An IP address Adresa IP Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' Syntax: <OID>;TYP:text ako '1.2.3.4:UTF8:názov' No editing. Only 'copy' allowed here Neupravovať. Je tu dovolené len „copy” Validation failed: '%1' %2 Overenie zlyhalo: „%1” %2 Validation successful: '%1' Overenie úspešné: „%1” xcaWarning The following error occurred: Nastala nasledujúca chyba: Copy to Clipboard Kopírovať do schránky xcaWarningGui Copy to Clipboard Kopírovať do schránky xca-RELEASE.2.5.0/lang/xca_tr.ts000066400000000000000000006442571450407711300161450ustar00rootroot00000000000000 Done Bitti About#1 CA Properties CA Özellikleri CaProperties#1 Use random Serial numbers Değişken Seri numaralar kullan CaProperties#2 Default template Varsayılan şablon CaProperties#4 Next serial for signing İmza için sonraki seri CaProperties#5 Details of the Certificate Sertifika bilgileri CertDetail#1 S&tatus &Durum CertDetail#2 Serial CertDetail#3 Seri CertDetail#3 The serial number of the certificate Sertifika seri numarası CertDetail#4 The internal name of the certificate in the database Sertifika veritabanındaki isim CertDetail#5 Internal name CertDetail#6 Dahili adı CertDetail#6 Signature algorithm CertDetail#7 İmza algoritması CertDetail#7 Signature CertDetail#8 İmza CertDetail#8 Key CertDetail#9 Anahtar CertDetail#9 Fingerprints Parmak izleri CertDetail#10 SHA1 SHA1 CertDetail#11 MD5 MD5 CertDetail#12 A SHA-1 hashsum of the certificate A SHA-1 hashsum sertifikası CertDetail#13 An md5 hashsum of the certificate An md5 hassum sertifikası CertDetail#14 Validity CertDetail#15 Geçerlilik CertDetail#15 The time since the certificate is valid Zamana kadar geçerli sertifika CertDetail#16 The time until the certificate is valid Bu zaman kadar sertifika geçerli CertDetail#17 &Subject &Konu CertDetail#18 &Issuer CertDetail#19 &veren CertDetail#19 Attributes Nitelikler CertDetail#20 &Extensions CertDetail#21 &Uzantıları CertDetail#21 Show config Yapılandırmayı göster CertDetail#22 Show extensions Uzantıları göster CertDetail#23 Not available CertDetail#24 Kullanılamaz CertDetail#24 Details of the certificate Sertifika detayları CertDetail#25 Signer unknown Bilinmeyen imzalayan makam CertDetail#26 Self signed Kendinden imzalı CertDetail#27 Not trusted CertDetail#28 Güvenilmeyen CertDetail#28 Trusted Güvenilir CertDetail#29 Revoked: İptaledilmiş CertDetail#30 Not valid Geçersiz CertDetail#31 Valid Geçerli CertDetail#32 Details of the certificate signing request sertifika imzalama isteği detayları CertDetail#33 Certificate renewal Sertifika yenileme CertExtend#1 This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. Bu yeni bir seri numarası ve düzeltilmiş geçerlilik değerleri ile eski bir kopyası olarak yeni bir sertifika oluşturur. CertExtend#2 Validity CertExtend#3 Geçerlilik CertExtend#3 Not before CertExtend#4 Öncedeğil CertExtend#4 Not after CertExtend#5 Sonradeğil CertExtend#5 Time range CertExtend#6 Zaman aralığı CertExtend#6 No well-defined expiration CertExtend#7 Tanımlanmamış son CertExtend#7 Apply CertExtend#8 Uygula CertExtend#8 Days CertExtend#9 Gün CertExtend#9 Months CertExtend#10 Ay CertExtend#10 Years CertExtend#11 Yıl CertExtend#11 Midnight CertExtend#12 Gece Yarısı CertExtend#12 The certificate will be earlier valid than the signer. This is probably not what you want. CertExtend#13 Sertifika önceki imzalayandan daha geçerli olacaktır. Muhtemelen istediğiniz bu değildir. CertExtend#13 Edit times Zamanı düzenle CertExtend#14 Adjust date and continue CertExtend#17 Tarihi düzenler ve devam eder CertExtend#17 The certificate will be longer valid than the signer. This is probably not what you want. CertExtend#18 Sertifika önceki imzalayandan daha geçerli olacaktır. Muhtemelen istediğiniz bu değildir. CertExtend#18 There was no key found for the Certificate: CertView#1 Sertifikadaki anahtar bulunamıyor. CertView#1 Import Certificate signing request CertView#2 Sertifika imzalama isteği CertView#2 Double click for details Detaylariçin çift tıklayın ClickLabel#1 Details of the Revocation list İptal listesi için çift tıklayın CrlDetail#1 &Status &Durum CrlDetail#2 Version Sürüm CrlDetail#3 Signature CrlDetail#4 İmza CrlDetail#4 Signed by İmzalayan: CrlDetail#5 Name CrlDetail#6 İsim CrlDetail#6 The internal name of the CRL in the database CRL veritabanındaki isim CrlDetail#7 issuing dates Verilen tarih CrlDetail#8 Next Update Sonraki Güncelleme CrlDetail#9 Last Update Son Güncelleme CrlDetail#10 &Issuer CrlDetail#11 &veren CrlDetail#11 &Extensions CrlDetail#12 &Uzantıları CrlDetail#12 &Revocation list &İptal listesi CrlDetail#13 0 0 CrlDetail#14 Serial CrlDetail#15 Seri CrlDetail#15 Revocation CrlDetail#16 İptal CrlDetail#16 Reason Neden CrlDetail#17 Invalidation İptal CrlDetail#18 Failed Başarısız CrlDetail#19 Unknown signer Bilinmeyen imzalayan CrlDetail#20 Verification not possible Doğrulama mümkün değil CrlDetail#21 Unknown certificate Bilinmeyen sertifika CrlDetail#22 X509 Certificates ( *.cer *.crt *.p12 *.p7b);;All files ( * ) X509 sertifikası (*cer *.crt *.p12 *.p7b);;Tüm dosyalar (*) ExportCert#1 DER is a binary format of the Certificate PEM is a base64 encoded Certificate PKCS#7 is an official Certificate exchange format PKCS#12 is an encrypted official Key-Certificate exchange format DER ikili sertifika formatı PEM base64 kodlu sertifika PKCS#7 resmi değişim sertifikası PKCS#12 kriptolu anahtar sertifikası ExportCert#2 Please enter the filename for the certificate. Lütfen sertifika ismini giriniz. ExportCert#3 Certificate export Sertifika dışa aktar ExportCert#4 All files ( * ) ExportDer#1 Bütün dosyalar ( * ) ExportDer#1 DER is a binary format PEM is a base64 encoded DER file DER ikili biçimdir PEM base64 kodlanmış DER dosyası ExportDer#2 ... ... ExportDialog#1 Filename Dosya adı ExportDialog#2 Please enter the filename Lütfen dosya adını giriniz ExportDialog#3 Export Format Verme biçimi ExportDialog#4 The file: '%1' already exists! Dosya: 2%1' zaten var ExportDialog#5 Overwrite Üzerine yaz ExportDialog#6 Do not overwrite Üzerine yazmayın ExportDialog#7 When exporting the private key it should be encrypted. Özel anahtar dışa aktarılırken şifreli olmalıdır. ExportKey#1 When exporting the private part, it should be encrypted. Özel bölüm aktarılırken şifreli olmalıdır. ExportKey#2 E&xport the private part of the Key too Dışa aktarılan özel bölüm anahtarı çok ExportKey#3 Export as PKCS#8 PKCS#8 olarak aktar ExportKey#4 Private keys ( *.pem *.der *.pk8 );;All files ( * ) Özel anatarlar (*.pem *.der *.pk8);;Tüm dosyalar ( * ) ExportKey#6 << << Help#1 >> >> Help#2 &Done Help#3 &Bitti Help#3 &Import ImportMulti#3 &İçe Aktar ImportMulti#3 &Done ImportMulti#4 &Bitti ImportMulti#4 &Remove from list &İptal listesi ImportMulti#5 Details Detaylar ImportMulti#6 Name KeyDetail#1 İsim KeyDetail#1 Serial KeyDetail#5 Seri KeyDetail#5 &Delete &Sil MainWindow#7 Certificates Sertifikalar MainWindow#10 Database Veri Tabanı MainWindow#20 &File &Dosya MainWindow#22 Exit Çıkış MainWindow#33 &Help &Yardım MainWindow#48 &About &Hakkında MainWindow#50 Cancel MainWindow#57 İptal MainWindow#57 New Password Yeni Parola MainWindow#64 Password MainWindow#68 Parola MainWindow#68 Days NewCrl#5 Gün NewCrl#5 Months NewCrl#6 Ay NewCrl#6 Years NewCrl#7 Yıl NewCrl#7 Apply NewCrl#9 Uygula NewCrl#9 Name NewKey#4 İsim NewKey#4 Create NewKey#11 Oluştur NewKey#11 Create NewX509#1 Oluştur NewX509#1 Source Kaynak NewX509#2 1 1 NewX509#12 Subject NewX509#23 Konu NewX509#23 Organisation Organizasyon NewX509#24 Country code Ülke kodu NewX509#27 E-Mail address E-posta adresi NewX509#31 Internal name NewX509#32 Dahili adı NewX509#32 Add NewX509#34 Ekle NewX509#34 Delete NewX509#35 Sil NewX509#35 Type NewX509#42 Tür NewX509#42 Days NewX509#60 Gün NewX509#60 Months NewX509#61 Ay NewX509#61 Years NewX509#62 Yıl NewX509#62 Apply NewX509#63 Uygula NewX509#63 Edit Düzenle NewX509#73 Advanced Gelişmiş NewX509#90 Errors Hatalar NewX509#103 Edit name İsmi Düzenle NewX509#111 Password PwDialog#1 Parola PwDialog#1 Import db_x509#21 &İçe Aktar db_x509#21 Rename db_x509#24 Dosya adı db_x509#24 Show Details db_x509#25 Detaylar db_x509#25 Export db_x509#27 Verme biçimi db_x509#27 File db_x509#29 &Dosya db_x509#29 OpenSSL config db_x509#34 Yapılandırmayı göster db_x509#34 Delete db_x509#35 Sil db_x509#35 Sign db_x509#41 İmzalayan: db_x509#41 Challenge password Yeni Parola db_x509req#4 OpenSSL config db_x509req#18 Yapılandırmayı göster db_x509req#18 Delete db_x509req#19 Sil db_x509req#19 Config files ( *.conf *.cnf);; All files ( * ) X509 sertifikası (*cer *.crt *.p12 *.p7b);;Tüm dosyalar (*) db_x509super#4 Delete db_x509#36 Sil &Remove &Kaldır CaProperties Form Days until next CRL issuing Default template Varsayılan şablon CertDetail Details of the Certificate Sertifika bilgileri Status Internal name Dahili adı The internal name of the certificate in the database Sertifika veritabanındaki isim Signature İmza Key Anahtar Serial Seri The serial number of the certificate Sertifika seri numarası Fingerprints Parmak izleri MD5 MD5 An md5 hashsum of the certificate An md5 hassum sertifikası SHA1 SHA1 A SHA-1 hashsum of the certificate A SHA-1 hashsum sertifikası SHA256 SHA256 A SHA-256 hashsum of the certificate A SHA-1 hashsum sertifikası {256 ?} Validity Geçerlilik The time since the certificate is valid Zamana kadar geçerli sertifika The time until the certificate is valid Bu zaman kadar sertifika geçerli Subject Konu Issuer Attributes Nitelikler Extensions Show config Yapılandırmayı göster Comment Show extensions Uzantıları göster Show public key This key is not in the database. Not available Kullanılamaz Signer unknown Bilinmeyen imzalayan makam Self signed Kendinden imzalı Revoked at %1 Not valid Geçersiz Valid Geçerli Details of the certificate signing request sertifika imzalama isteği detayları CertExtend Certificate renewal Sertifika yenileme This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. Bu yeni bir seri numarası ve düzeltilmiş geçerlilik değerleri ile eski bir kopyası olarak yeni bir sertifika oluşturur. Validity Geçerlilik Not before Öncedeğil Not after Sonradeğil Time range Zaman aralığı Local time Days Gün Months Ay Years Yıl No well-defined expiration Tanımlanmamış son Midnight Gece Yarısı Apply Uygula Revoke old certificate Replace old certificate Keep serial number The certificate will be earlier valid than the signer. This is probably not what you want. Sertifika önceki imzalayandan daha geçerli olacaktır. Muhtemelen istediğiniz bu değildir. Edit dates Abort rollout Continue rollout Adjust date and continue Tarihi düzenler ve devam eder The certificate will be longer valid than the signer. This is probably not what you want. Sertifika önceki imzalayandan daha geçerli olacaktır. Muhtemelen istediğiniz bu değildir. CertTreeView Import PKCS#12 Import from PKCS#7 Request Security token Other token Similar Certificate Delete from Security token CA Properties Generate CRL Manage revocations Renewal Revoke Unrevoke Plain View Tree View days No template CA Properties CA Özellikleri Certificate export Sertifika dışa aktar X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) ClickLabel Double click for details Detaylariçin çift tıklayın CrlDetail Details of the Revocation list İptal listesi için çift tıklayın &Status &Durum Version Sürüm Signature İmza Signed by İmzalayan: Name İsim The internal name of the CRL in the database CRL veritabanındaki isim issuing dates Verilen tarih Next update Last update &Issuer &veren &Extensions &Uzantıları &Revocation list &İptal listesi Comment Failed Başarısız Unknown signer Bilinmeyen imzalayan Verification not possible Doğrulama mümkün değil CrlTreeView There are no CA certificates for CRL generation Select CA certificate Revocation list export CRL ( *.pem *.der *.crl ) ExportDialog Name İsim The internal name of the CRL in the database CRL veritabanındaki isim Filename Dosya adı ... ... Export comment into PEM file Export Format Verme biçimi All files ( * ) Bütün dosyalar ( * ) The file: '%1' already exists! Dosya: 2%1' zaten var Overwrite Üzerine yaz Do not overwrite Üzerine yazmayın Form last update next update Days Gün Months Ay Years Yıl Apply Uygula Midnight Gece Yarısı Local time No well-defined expiration Tanımlanmamış son Help << << >> >> &Done &Bitti ImportMulti Import PKI Items Import &All &Import &İçe Aktar &Done &Bitti &Remove from list &İptal listesi Details Detaylar Delete from token Rename on token Name: %1 Model: %2 Serial: %3 Manage security token The type of the item '%1' is not recognized Details of the item '%1' cannot be shown The file '%1' did not contain PKI data The %1 files: '%2' did not contain PKI data ItemProperties Name İsim Source Kaynak Insertion date Comment KeyDetail Name İsim The internal name of the key used by xca Key Anahtar Public Exponent Keysize Private Exponent Security Token Label PKCS#11 ID Token information Model Manufacturer Serial Seri Fingerprint Comment Details of the %1 key Not available Kullanılamaz Security token Available Sub prime Public key Private key Curve name Unknown key KeyTreeView Clipboard format Change password Reset password Change PIN Init PIN with SO PIN (PUK) Change SO PIN (PUK) Security token This is not a token Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable Export public key [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) MainWindow Private Keys &New Key &Export &Import &İçe Aktar Import PFX (PKCS#12) &Show Details &Delete &Sil Certificate signing requests &New Request Certificates Sertifikalar &New Certificate Import &PKCS#12 Import P&KCS#7 Plain View Templates &New Template Ch&ange Template Revocation lists &New CRL Search Import PEM data Please enter the original SO PIN (PUK) of the token '%1' Please enter the new SO PIN (PUK) for the token '%1' The new label of the token '%1' The token '%1' did not contain any keys or certificates Current Password Please enter the current database password The entered password is wrong New Password Yeni Parola Please enter the new password to encrypt your private keys in the database-file Transaction start failed Database: %1 Using or exporting private keys will not be possible without providing the correct password The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. Certificate Index ( index.txt ) All files ( * ) Bütün dosyalar ( * ) Diffie-Hellman parameters saved as: %1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits System Chinese Croatian Dutch English French German Italian Japanese Polish Portuguese in Brazil Russian Slovak Spanish Indonesian Turkish Persian Bulgarian Recent DataBases Language &File &Dosya New DataBase Open DataBase Open Remote DataBase Set as default DataBase Close DataBase Options Exit Çıkış I&mport Keys Requests PKCS#12 PKCS#7 Template Revocation list PEM file Paste PEM file Token &Manage Security token &Init Security token &Change PIN Change &SO PIN Init PIN Extra &Dump DataBase &Export Certificate Index Export Certificate &Index hierarchy C&hange DataBase password &Undelete items Generate DH parameter OID Resolver &Help &Yardım Content About NewCrl Last update Next update Days Gün Months Ay Years Yıl Midnight Gece Yarısı Local time Apply Uygula Options Hash algorithm Subject alternative name Authority key identifier CRL number Revocation reasons Create CRL NewKey New Key Please give a name to the new key and select the desired keysize Key properties Name İsim The internal name of the new key Curve name Keysize Usually at least 2048 bit keys are recommended Keytype Remember as default Create Oluştur NewX509 Source Kaynak Signing request Show request Sign this Certificate signing &request Copy extensions from the request Modify subject of the request Signing Create a &self signed certificate Use &this Certificate for signing All certificates in your database that can create valid signatures Signature algorithm İmza algoritması Template for the new certificate All available templates Apply extensions Apply subject Apply all Subject Konu Internal Name This name is only used internally and does not appear in the resulting certificate Distinguished name Add Ekle Delete Sil Private key This list only contains unused keys Used keys too &Generate a new key Extensions Type Tür If this will become a CA certificate or not Not defined Certification Authority End Entity Path length How much CAs may be below this. The basic constraints should always be critical Key identifier Creates a hash of the key following the PKIX guidelines Copy the Subject Key Identifier from the issuer Validity Geçerlilik Not before Öncedeğil Not after Sonradeğil Time range Zaman aralığı Days Gün Months Ay Years Yıl Apply Uygula Set the time to 00:00:00 and 23:59:59 respectively Midnight Gece Yarısı Local time No well-defined expiration Tanımlanmamış son DNS: IP: URI: email: RID: Edit Düzenle URI: Key usage Netscape Advanced Gelişmiş Validate Comment Critical Create Certificate signing request minimum size: %1 maximum size: %1 only a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters Edit XCA template Create x509 Certificate Template '%1' applied Subject applied from template '%1' Extensions applied from template '%1' New key '%1' created Other Tabs Advanced Tab Errors Hatalar From PKCS#10 request Abort rollout The following length restrictions of RFC3280 are violated: Edit subject Continue rollout The verification of the Certificate request failed. The rollout should be aborted. Continue anyway The internal name and the common name are empty. Please set at least the internal name. Edit name İsmi Düzenle There is no Key selected for signing. Select key The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. The key you selected for signing is not a private one. Select other signer Select other key The currently selected hash algorithm '%1' is insecure and should not be used. Select other algorithm Use algorithm anyway The certificate will be earlier valid than the signer. This is probably not what you want. Sertifika önceki imzalayandan daha geçerli olacaktır. Muhtemelen istediğiniz bu değildir. Edit dates Adjust date and continue Tarihi düzenler ve devam eder The certificate will be longer valid than the signer. This is probably not what you want. Sertifika önceki imzalayandan daha geçerli olacaktır. Muhtemelen istediğiniz bu değildir. The certificate will be out of date before it becomes valid. You most probably mixed up both dates. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. The certificate contains invalid extensions. Edit extensions The subject alternative name shall contain a copy of the common name. However, the common name is empty. Configfile error on line %1 OidResolver OID Resolver Enter the OID, the Nid, or one of the textual representations Search OID Long name OpenSSL internal ID Nid Short name OpenDb Open remote database Database type Hostname Username Password Parola Database name Table prefix No SqLite3 driver available. Please install the qt-sqlite package of your distribution Options XCA Options Settings Default hash algorithm PKCS12 encryption algorithm String types Suppress success messages Disable legacy Netscape extensions Translate established x509 terms (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. Only use hashes supported by the token when signing with a token key Don't colorize expired certificates Certificate expiry warning threshold Send vCalendar expiry reminder Serial number length bit Distinguished name Mandatory subject entries Add Ekle Delete Sil Explicit subject entries Dynamically arrange explicit subject entries Default PKCS#11 provider Remove Search Printable string or UTF8 (default) PKIX recommendation in RFC2459 No BMP strings, only printable and T61 UTF8 strings only (RFC2459) All strings Days Gün Weeks PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) Take as HEX string Repeat %1 %1 mismatch Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters Exit Çıkış QObject Undefined Broken / Invalid in %1 seconds %1 seconds ago in %1 minutes %1 minutes ago Yesterday Tomorrow in %1 hours %1 hours ago Failed to update the database schema to the current version Country code Ülke kodu State or Province Locality Organisation Organizasyon Organisational unit Common name E-Mail address E-posta adresi Serial number Given name Surname Title Initials Description Role Pseudonym Generation Qualifier x500 Unique Identifier Name İsim DN Qualifier Unstructured name Challenge password Yeni Parola Basic Constraints Subject alternative name issuer alternative name Subject key identifier Authority key identifier Key usage Extended key usage CRL distribution points Authority information access Certificate type Base URL Revocation URL CA Revocation URL Certificate renewal URL CA policy URL SSL server name Comment All files ( * ) Bütün dosyalar ( * ) PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK Keys ( *.pvk );; SSH Public Keys ( *.pub );; Import RSA key PKCS#10 CSR ( *.pem *.der *.csr );; Import Request Certificates ( *.pem *.der *.crt *.cer );; Import X.509 Certificate PKCS#7 data ( *.p7s *.p7m *.p7b );; Import PKCS#7 Certificates PKCS#12 Certificates ( *.p12 *.pfx );; Import PKCS#12 Private Certificate XCA templates ( *.xca );; Import XCA Templates Revocation lists ( *.pem *.der *.crl );; Import Certificate Revocation List XCA Databases ( *.xdb );; Open XCA Database PKCS#11 library ( *.dll );; PKCS#11 library ( *.dylib *.so );; PKCS#11 library ( *.so );; Open PKCS#11 shared library PEM files ( *.pem );; Load PEM encoded file Index file written to '%1' Index hierarchy written to '%1' Unknown key type %1 Error reading config file %1 at line %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. Unknown object '%1' in file %2 line %3 Please enter the PIN on the PinPad Please enter the SO PIN (PUK) of the token %1 Please enter the PIN of the token %1 No Security token found Select Please enter the new SO PIN (PUK) for the token: '%1' Please enter the new PIN for the token: '%1' Required PIN size: %1 - %2 Disabled Library loading failed PKCS#11 function '%1' failed: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 Out of data Error finding endmarker of string Password Parola Failed to start a database transaction Invalid %1 is shorter than %2 bytes: '%3' %1 is longer than %2 bytes: '%3' String '%1' for '%2' contains invalid characters Password verify error, please try again The following error occurred: ReqTreeView Sign İmzalayan: Unmark signed Mark signed Similar Request Certificate request export Certificate request ( *.pem *.der *.csr ) RevocationList Manage revocations Add Ekle Delete Sil Edit Düzenle No. Serial Seri Revocation İptal Reason Neden Invalidation İptal Generate CRL Revoke Certificate revocation Revocation details Revocation reason Local time Invalid since Serial Seri SearchPkcs11 Directory ... ... Include subdirectories Search The following files are possible PKCS#11 libraries SelectToken Security token Please select the security token TempTreeView Duplicate Create certificate Create request copy Preset Template values Template export XCA Templates ( *.xca ) TrustState Certificate trust Trustment &Never trust this certificate Only &trust this certificate, if we trust the signer &Always trust this certificate Validity yyyy-MM-dd hh:mm X509SuperTreeView OpenSSL config Yapılandırmayı göster Transform Template Public key Save as OpenSSL config Config files ( *.conf *.cnf);; All files ( * ) X509 sertifikası (*cer *.crt *.p12 *.p7b);;Tüm dosyalar (*) XFile Error opening file: '%1': %2 Error rewinding file: '%1': %2 XcaTreeView Item properties Subject entries X509v3 Extensions Netscape extensions Key properties Reset Hide Column Details Detaylar Columns New Import &İçe Aktar Paste PEM data Rename Dosya adı Properties Delete Sil Export Verme biçimi Clipboard File &Dosya database_model Please enter the password to access the database server %2 as user '%1'. Unable to create '%1': %2 The file '%1' is not an XCA database No SqLite3 driver available. Please install the qt-sqlite package of your distribution New Password Yeni Parola Please enter a password, that will be used to encrypt your private keys in the database: %1 Password Parola Please enter the password for unlocking the database: %1 db_base Internal name Dahili adı No. Primary key Database unique number Date Date of creation or insertion Source Kaynak Generated, Imported, Transformed Comment First line of the comment field Import from: %1 Could not create directory %1 db_crl Signer Internal name of the signer No. revoked Number of revoked certificates Last update Next update CRL number The revocation list already exists in the database as: '%1' and so it was not imported Failed to initiate DB transaction Database error: %1 db_key Type Tür Size EC Group Use Password Parola The key is already in the database as: '%1' and is not going to be imported The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key Extending public key from %1 by imported key '%2' Key size too small ! You are sure to create a key of the size: %1 ? Internal error Tried to change password of a token db_temp Empty template Bad template: %1 db_x509 CA reflects the basic Constraints extension Serial Seri MD5 fingerprint SHA1 fingerprint SHA256 fingerprint Start date Not before Öncedeğil Expiry date Not after Sonradeğil Revocation İptal CRL Expiration Failed to create directory '%1' Failed to retrieve unique random serial The certificate already exists in the database as: '%1' and so it was not imported Signed on %1 by '%2' Unknown Invalid public key The key you selected for signing is not a private one. Store the certificate to the key on the token '%1 (#%2)' ? There was no key found for the Certificate: '%1' Not possible for a token key: '%1' Not possible for the token-key Certificate '%1' db_x509name Subject Konu Complete distinguished name Subject hash Hash to lookup certs in directories db_x509req Signed whether the request is already signed or not Unstructured name Challenge password Yeni Parola Certificate count Number of certificates in the database with the same public key The certificate signing request already exists in the database as '%1' and thus was not stored db_x509super Key name Internal name of the key Signature algorithm İmza algoritması Key type Key size EC Group Extracted from %1 '%2' Certificate Certificate request The following extensions were not ported into the template Transformed from %1 '%2' kvView Type Tür Content pass_info Password Parola PIN pkcs11_lib Failed to open PKCS11 library: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. pki_base Internal error: Unexpected message: %1 %2 Unknown Imported Generated Transformed Token Legacy Database Renewed Property '%1' not listed in 'pki_base::print' pki_crl Successfully imported the revocation list '%1' Delete the revocation list '%1'? Successfully created the revocation list '%1' Delete the %1 revocation lists: %2? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. No issuer given CRL Renewal of CA '%1' due The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' Renew CRL: %1 The XCA CRL '%1', issued on %3 will expire on %4. It is stored in the XCA database '%5' pki_evp Please enter the password to decrypt the private key %1. The key from file '%1' is incomplete or inconsistent. Please enter the password to decrypt the private key from file: %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. Please enter the password to decrypt the private key: '%1' Password input aborted Please enter the database password for decrypting the key '%1' Please enter the password to protect the private key: '%1' Please enter the database password for encrypting the key Please enter the password protecting the PKCS#8 key '%1' Please enter the password protecting the Microsoft PVK key '%1' Please enter the export password for the private key '%1' pki_export PEM Text format with headers Concatenated list of all selected items in one PEM text file PEM chain Concatenated text format of the complete certificate chain in one PEM file PEM + key Concatenation of the certificate and the unencrypted private key in one PEM file Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file PKCS#7 encoded single certificate All selected certificates encoded in one PKCS#7 file PKCS #7 chain PKCS#7 encoded complete certificate chain Binary DER encoded certificate PKCS #12 chain The complete certificate chain and the private key as encrypted PKCS#12 file PKCS #12 The certificate and the private key as encrypted PKCS#12 file Certificate Index file OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool vCalendar vCalendar expiry reminder for the selected items CA vCalendar vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL PEM public Text format of the public key in one PEM file PEM private Unencrypted private key in text format PEM encrypted OpenSSL specific encrypted private key in text format SSH2 private SSH2 public The public key encoded in SSH2 format DER public Binary DER format of the public key DER private Unencrypted private key in binary DER format PVK private Private key in Microsoft PVK format not encrypted PVK encrypted Encrypted private key in Microsoft PVK format PKCS #8 encrypted Encrypted private key in PKCS#8 text format PKCS #8 Unencrypted private key in PKCS#8 text format Binary DER format of the certificate request Binary DER format of the revocation list vCalendar reminder for the CRL expiry date XCA template in PEM-like format All selected XCA templates in PEM-like format pki_key Public key Successfully imported the %1 public key '%2' Delete the %1 public key '%2'? Successfully imported the %1 private key '%2' Delete the %1 private key '%2'? Successfully created the %1 private key '%2' Delete the %1 keys: %2? Common Private Bogus PIN No password Unexpected SSH2 content: '%1' Invalid SSH2 public key Failed writing to %1 pki_multi No known PEM encoded items found pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 Unable to load the PKCS#12 (pfx) file %1. The supplied password was wrong (%1) Please enter the password to encrypt the PKCS#12 file No key or no Cert and no pkcs12 pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. pki_scard Successfully imported the token key '%1' Delete the token key '%1'? Successfully created the token key '%1' Delete the %1 keys: %2? Delete the private key '%1' from the token '%2 (#%3)' ? This Key is already on the token PIN input aborted Unable to find copied key on the token Please insert card: %1 %2 [%3] with Serial: %4 Unable to find generated key on card Token %1 Failed to find the key on the token Invalid Pin for the token Failed to initialize the key on the token pki_temp Successfully imported the XCA template '%1' Delete the XCA template '%1'? Successfully created the XCA template '%1' Delete the %1 XCA templates: %2? Wrong Size %1 Template file content error (too small) Not a PEM encoded XCA Template Not an XCA Template, but '%1' pki_x509 Successfully imported the certificate '%1' Delete the certificate '%1'? Successfully created the certificate '%1' Delete the %1 certificates: %2? Unable to load the certificate in file %1. Tried PEM and DER certificate. This certificate is already on the security token Delete the certificate '%1' from the token '%2 (#%3)'? There is no key for signing ! No Yes Renew certificate: %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' pki_x509req Signing key not valid (public key) Successfully imported the %1 certificate request '%2' Delete the %1 certificate request '%2'? Successfully created the %1 certificate request '%2' Delete the %1 certificate requests: %2? Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. Signed Unhandled v3ext Copy Common Name Add Ekle Delete Sil Apply Uygula Validate Cancel İptal An email address or 'copy' An email address A registered ID: OBJECT IDENTIFIER A uniform resource indicator A DNS domain name or 'copycn' A DNS domain name An IP address Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' No editing. Only 'copy' allowed here Validation failed: '%1' %2 Validation successful: '%1' xcaWarningGui Copy to Clipboard xca-RELEASE.2.5.0/lang/xca_zh_CN.ts000066400000000000000000005326251450407711300165140ustar00rootroot00000000000000 CaProperties CA Properties CA属性 Form Days until next CRL issuing CRL发布间隔 Default template 默认模板 CertDetail Details of the Certificate 证书的详细信息 Serial 序列号 The serial number of the certificate 证书的序列号 The internal name of the certificate in the database XCA数据库中证书的内部名称 Status 状态 Internal name 内部名称 Signature 签名状态 Key 密钥 Fingerprints 指纹信息 MD5 MD5 An md5 hashsum of the certificate 证书的MD5哈希值 SHA1 SHA1 A SHA-1 hashsum of the certificate 证书的SHA-1哈希值 SHA256 SHA256 A SHA-256 hashsum of the certificate 证书的SHA-256哈希值 Validity 有效期 The time since the certificate is valid 生效时间 The time until the certificate is valid 失效时间 Subject 主体 Issuer 颁发者 Extensions 扩展 Comment 备注 Attributes 属性 Show config 显示配置文件 Show extensions 显示扩展 Show public key 显示公钥 This key is not in the database. 密钥不在数据库中。 Not available 不可用 Signer unknown 未知的签发人 Self signed 自签名 Revoked at %1 于%1吊销 Revoked: 已吊销: Not valid 无效 Valid 有效 Details of the certificate signing request 证书签名请求(CSR)的详细信息 CertExtend Certificate renewal 证书续签 This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. 这将创建一个新证书作为旧证书的副本,其中包含新的序列号和有效期。 Validity 有效期 Not before 不早于 Not after 不晚于 Time range 时间跨度 Local time 当地时间 Days Months Years No well-defined expiration 未明确定义到期日 Midnight UTC午夜时间 Apply 应用 Revoke old certificate 吊销旧证书 Replace old certificate Keep serial number 保持序列号不变 The certificate will be earlier valid than the signer. This is probably not what you want. 证书的生效时间早于签名者。这可能不是你想要的。 Edit dates 手动修改日期 Abort rollout 中止 Continue rollout 继续 Adjust date and continue 将证书的生效时间自动调整为签名者的生效时间,或将证书的失效时间自动调整为签名者的失效时间 自动调整日期并继续 The certificate will be longer valid than the signer. This is probably not what you want. 证书的失效日期晚于签名者。这可能不是你想要的。 CertTreeView Import PKCS#12 导入PKCS#12 Import from PKCS#7 从PKCS#7导入 Request 请求 Security token 安全令牌 Other token 其他令牌 Similar Certificate 证书副本 Delete from Security token 从安全令牌中删除 CA CA Properties 属性 Generate CRL 生成CRL Manage revocations 吊销管理 Renewal 续签 Revoke 吊销 Unrevoke 反吊销 Plain View 平铺视图 Tree View 层次视图 days No template 无模板 CA Properties CA属性 Certificate export 证书导出 X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) ClickLabel Double click for details 双击查看详细信息 CrlDetail Details of the Revocation list 吊销列表的详细信息 &Status 状态 Version 版本 Signature 签名算法 Signed by 签名CA Name 内部名称 The internal name of the CRL in the database CRL的内部名称 issuing dates 发布日期 Next update 下次更新时间 Last update 最近更新时间 &Issuer 签发人 &Extensions 扩展 &Revocation list 吊销列表 Comment 备注 Failed 失败 Unknown signer 未知的签发人 Verification not possible 无法验证 CrlTreeView There are no CA certificates for CRL generation 没有可用于生成CRL的CA证书 Select CA certificate 选择CA证书 Revocation list export 吊销列表导出 CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) ExportDialog Name 内部名称 The internal name of the CRL in the database CRL的内部名称 ... ... Filename 文件名 Export comment into PEM file 导出备注到PEM文件 Export Format 导出格式 All files ( * ) All files ( * ) PEM Text format with headers 带头部的PEM文本格式 Concatenated list of all selected items in one PEM text file 导出选定的条目到一个PEM文本文件中 Concatenated text format of the complete certificate chain in one PEM file 导出完整的证书链到一个PEM文件中 Concatenated text format of all certificates in one PEM file 导出所有的证书到一个PEM文件中 Binary DER encoded file 二进制DER编码文件 PKCS#7 encoded single certificate PKCS#7编码的单个证书 PKCS#7 encoded complete certificate chain PKCS#7编码的完整证书链 Concatenated text format of all unrevoked certificates in one PEM file 导出所有未吊销的证书到一个PEM文件中 All unrevoked certificates encoded in one PKCS#7 file 导出所有未吊销的证书到一个PKCS#7文件中 All selected certificates encoded in one PKCS#7 file 导出选定的证书到一个PKCS#7文件中 All certificates encoded in one PKCS#7 file 导出所有的证书到一个PKCS#7文件中 The certificate and the private key as encrypted PKCS#12 file 导出证书和加密私钥到PKCS#12文件中 The complete certificate chain and the private key as encrypted PKCS#12 file 导出完整证书链和加密私钥到PKCS#12文件中 Concatenation of the certificate and the unencrypted private key in one PEM file 导出证书和未加密私钥到一个PEM文件中 Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file 导出证书和加密私钥到PKCS#8文件中 Text format of the public key in one PEM file 导出公钥到PEM文本文件中 Binary DER format of the public key 导出公钥到DER二进制文件中 Unencrypted private key in text format 导出未加密私钥到文本文件中 OpenSSL specific encrypted private key in text format 导出OpenSSL风格的加密私钥到文本文件中 Unencrypted private key in binary DER format 导出未加密的私钥到DER二进制文件中 Unencrypted private key in PKCS#8 text format 导出未加密私钥到PKCS#8文本文件中 Encrypted private key in PKCS#8 text format 导出加密私钥到PKCS#8文本文件中 The public key encoded in SSH2 format 以SSH2格式编码的公钥 OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool 导出OpenSSL风格的证书索引文件(Index),该文件由'openssl ca'命令创建,通常OCSP工具需要使用它 vCalendar expiry reminder for the selected items 所选条目的vCalendar到期提醒 vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL 包含所有已颁发的有效证书,CA本身和最新的CRL的vCalendar到期提醒 The file: '%1' already exists! 文件: '%1'已存在! Overwrite 覆盖 Do not overwrite 不覆盖 Form last update next update Days Months Years Apply 应用 Midnight UTC午夜时间 Local time 当地时间 No well-defined expiration 未明确定义到期日 Help << 后退 >> 前进 &Done 关闭 ImportMulti Import PKI Items 导入PKI条目 Import &All 导入全部 &Import 导入 &Done 完成 &Remove from list 从列表中移除 Details 详细信息 Delete from token 从令牌中删除 Rename on token 重命名令牌 Name: %1 Model: %2 Serial: %3 名称: %1 型号: %2 序列号: %3 Manage security token 管理安全令牌 Details of the item '%1' cannot be shown 无法显示条目'%1'的详细信息 The type of the item '%1' is not recognized 条目'%1'的类型无法识别 The file '%1' did not contain PKI data 文件'%1'不包含PKI数据 The %1 files: '%2' did not contain PKI data 这%1个文件: '%2'不包含PKI数据 ItemProperties Name 内部名称 Source 来源 Insertion date 添加日期 Comment 备注 KeyDetail Name 内部名称 The internal name of the key used by xca 密钥的内部名称 Security token 安全令牌 Manufacturer 生产厂商 Serial 序列号 Key 密钥 Public Exponent Public Exponent Keysize 密钥长度 Private Exponent Private Exponent Security Token 安全令牌 Label 标签 PKCS#11 ID PKCS#11 ID Token information 令牌信息 Model 型号 Fingerprint 指纹 Comment 备注 Details of the %1 key %1密钥的详细信息 Not available 不可用 Available 可用 Sub prime Sub prime Public key 公钥 Private key 私钥 Curve name 曲线名称 Unknown key 未知的密钥 KeyTreeView Clipboard format Change password 修改密码 Reset password 重置密码 Change PIN 修改PIN Init PIN with SO PIN (PUK) 使用SO PIN (PUK)初始化PIN Change SO PIN (PUK) 修改SO PIN (PUK) Security token 安全令牌 This is not a token 这不是个令牌 Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable 旧密钥 '%1'是否应该被令牌上的密钥替换? 这将删除密钥 '%1'并使其无法导出 Export public key [%1] 导出公钥 [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) MainWindow Private Keys 私钥 &New Key 创建密钥 &Export 导出 &Import 导入 Import PFX (PKCS#12) 导入PFX(PKCS#12) &Show Details 显示详细信息 &Delete 删除 Certificate signing requests 证书签名请求 &New Request 创建请求 Certificates 证书 &New Certificate 创建证书 Import &PKCS#12 导入PKCS#12 Import P&KCS#7 导入PKCS#7 Plain View 平铺视图 Templates 模板 &New Template 创建模板 &New CRL 创建CRL Ch&ange Template 编辑模板 Revocation lists 吊销列表 Using or exporting private keys will not be possible without providing the correct password 如果没有提供正确的密码,将无法使用或导出私钥 Database 数据库 The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. 当前使用的默认哈希'%1'是不安全的。 出于安全原因,请至少选择'SHA 224'。 Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format 检测到旧版数据库格式。 创建名为'%1'的备份副本,并将数据库转换为新格式 Failed to rename the database file, because the target already exists 无法重命名数据库文件,因为目标已存在 No deleted items found 找不到已删除的项目 Recent DataBases 最近打开的数据库 System 使用系统语言 Croatian 克罗地亚语 English 英语 French 法语 German 德语 Japanese Russian 俄语 Slovak 斯洛伐克语 Spanish 西班牙语 Persian Bulgarian Polish 波兰语 Italian 意大利语 Chinese 简体中文 Dutch 荷兰语 Portuguese in Brazil 巴西葡萄牙语 Indonesian Turkish 土耳其语 Language 语言 &File 文件 &New DataBase 新建数据库 &Open DataBase 打开数据库 Open Remote DataBase 打开远程数据库 Set as default DataBase 设置为默认数据库 &Close DataBase 关闭数据库 New DataBase 新建数据库 Open DataBase 打开数据库 Close DataBase 关闭数据库 Options 选项 Exit 退出 I&mport 导入 Keys 密钥 Requests 请求 PKCS#12 PKCS#12 PKCS#7 PKCS#7 Template 模板 Revocation list 吊销列表 PEM file PEM文件 Paste PEM file 粘贴PEM文件 Token 令牌 Export Certificate &Index hierarchy 分CA导出证书索引 Content 内容 &Token 令牌 &Manage Security token 管理安全令牌 &Init Security token 初始化安全令牌 &Change PIN 修改PIN Change &SO PIN 修改SO PIN Init PIN 初始化PIN Extra 其他工具 &Dump DataBase 转储数据库 &Export Certificate Index 导出所有证书索引(Index) &Export Certificate Index hierarchy 分CA导出证书索引(Index) C&hange DataBase password 修改数据库密码 &Undelete items 取消删除项目 Generate DH parameter 生成DH参数 OID Resolver OID解析器 &Help 帮助 &Content 帮助 About 关于 no such option: %1 没有这个选项: %1 Import PEM data 导入PEM数据 Please enter the original SO PIN (PUK) of the token '%1' 请输入安全令牌'%1'的旧SO PIN(PUK) Search 搜索 Please enter the new SO PIN (PUK) for the token '%1' 请输入安全令牌'%1'的新SO PIN(PUK) The new label of the token '%1' 令牌的新标签 '%1' The token '%1' did not contain any keys or certificates 安全令牌'%1'不包含任何密钥和证书 Current Password 当前密码 Please enter the current database password 请输入数据库的当前密码 The entered password is wrong 输入的密码有误 New Password 新密码 Please enter the new password to encrypt your private keys in the database-file 请输入数据库的新密码,用于加密数据库中的私钥信息 Transaction start failed 数据库事务开始失败 Database: %1 Please enter a password, that will be used to encrypt your private keys in the database: %1 请输入数据库的密码,用于加密数据库中的私钥信息: %1 Password verify error, please try again 密码校验错误,请再试一次 Password 密码 Please enter the password for unlocking the database: %1 请输入数据库密码,用于解锁数据库: %1 The following error occurred: 下列错误发生: Copy to Clipboard 复制到剪贴板 Certificate Index ( index.txt ) Certificate Index ( index.txt ) All files ( * ) All files ( * ) Diffie-Hellman parameters saved as: %1 DH参数保存为:%1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits 有些应用程序需要Diffie-Hellman参数。 请输入DH参数的位数 Error opening file: '%1': %2 打开文件错误: '%1': %2 NewCrl Last update 最近更新时间 Next update 下次更新时间 Days Months Years Midnight UTC午夜时间 Local time 当地时间 Apply 应用 Options 选项 CRL number CRL编号 Subject alternative name 主体可选名称(SAN) Revocation reasons 吊销原因 Authority key identifier CA主体密钥标识符 Hash algorithm 哈希算法 Create CRL 创建CRL NewKey Please give a name to the new key and select the desired keysize 请为新密钥指定名称,然后选择所需的密钥长度 Key properties 密钥属性 Name 内部名称 The internal name of the new key 新密钥的内部名称 Curve name 曲线名称 Usually at least 2048 bit keys are recommended 通常建议至少使用2048位密钥 New Key 创建密钥 Keysize 密钥长度 Keytype 密钥类型 Remember as default 设置为默认 Create 创建 NewX509 Source 来源 Signing request 签名请求 Show request 显示签名请求 Sign this Certificate signing &request 签发证书签名请求(CSR) Copy extensions from the request 从签名请求复制扩展信息 Modify subject of the request 修改签名请求的主体信息 Signing 签名 Create a &self signed certificate 创建自签名证书 Use &this Certificate for signing 使用此CA证书进行签名 All certificates in your database that can create valid signatures 数据库中可以创建有效签名的所有CA证书 Signature algorithm 签名算法 Template for the new certificate 使用模板创建新证书 All available templates 所有可用的模板 Apply extensions 应用模板扩展信息 Apply subject 应用模板主体信息 Apply all 应用模板所有信息 Subject 主体 Internal Name 内部名称 Distinguished name 专有名称 Add 添加 Delete 删除 Private key 私钥 This list only contains unused keys 此列表仅包含未使用的密钥 Used keys too 包含已使用的密钥 &Generate a new key 生成新密钥 Extensions 扩展 Type 类型 If this will become a CA certificate or not 新证书是否为CA证书 Not defined 未定义 Certification Authority CA End Entity 最终实体 Path length CA路径长度 How much CAs may be below this. 若新证书为CA证书,此项目限制该CA证书下最多还能拥有几级CA。 The basic constraints should always be critical 该基本约束应当始终是关键的 Key identifier 密钥标识符 Creates a hash of the key following the PKIX guidelines 根据PKIX准则创建密钥的哈希值 Copy the Subject Key Identifier from the issuer 从颁发者复制其主体密钥标识符 Validity 有效期 Not before 不早于 Not after 不晚于 Time range 时间跨度 Days Months Years Apply 应用 Set the time to 00:00:00 and 23:59:59 respectively 将时间分别设置为00:00:00和23:59:59 Midnight UTC午夜时间 Local time 当地时间 No well-defined expiration 未明确定义到期日 DNS: IP: URI: email: RID: DNS: IP: URI: email: RID: Edit 编辑 URI: URI: Key usage 密钥用法 Netscape Netscape扩展 Advanced 高级 Validate 验证 Comment 备注 This name is only used internally and does not appear in the resulting certificate 此名称仅在内部使用,不会出现在生成的证书中 Critical 关键 Create Certificate signing request 创建证书签名请求(CSR) minimum size: %1 最小长度: %1 maximum size: %1 最大长度: %1 only a-z A-Z 0-9 '()+,-./:=? 只允许使用 a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters 只允许使用7-bit可打印字符 Edit XCA template 编辑XCA模板 Create x509 Certificate 创建x509证书 Template '%1' applied 模板'%1'已应用 Subject applied from template '%1' 模板'%1'的主体信息已应用 Extensions applied from template '%1' 模板'%1'的扩展信息已应用 New key '%1' created 新密钥'%1'已创建 Other Tabs 其他标签页 Advanced Tab 高级标签页 Errors 错误 From PKCS#10 request 来自PKCS#10请求 Abort rollout 中止 The following length restrictions of RFC3280 are violated: 违反了RFC3280的以下长度限制: Edit subject 编辑主体信息 Continue rollout 继续 The verification of the Certificate request failed. The rollout should be aborted. 证书请求的合法性验证失败。 本次操作应当中止。 Continue anyway 无论如何都继续 The internal name and the common name are empty. Please set at least the internal name. 内部名称和通用名称(CN)为空。 请至少设置内部名称。 Edit name 编辑名称 There is no Key selected for signing. 没有选择密钥进行签名。 Select key 选择密钥 The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. 以下专有名称条目为空: %1 尽管您已在选项菜单中将其声明为必需项。 The key you selected for signing is not a private one. 您选择的用于签名的密钥不是私钥。 Select other signer 选择其他签名CA Select other key 选择其他密钥 The currently selected hash algorithm '%1' is insecure and should not be used. Select other algorithm Use algorithm anyway The certificate will be earlier valid than the signer. This is probably not what you want. 证书的生效时间早于签名者。这可能不是你想要的。 Edit dates 手动修改日期 Adjust date and continue 自动调整日期并继续 The certificate will be longer valid than the signer. This is probably not what you want. 证书的失效日期晚于签名者。这可能不是你想要的。 The certificate will be out of date before it becomes valid. You most probably mixed up both dates. 证书的失效日期早于生效日期。你可能混淆了这两个日期。 The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. 证书包含无效或重复的扩展信息。检查高级标签页上的验证信息。 The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. 证书不包含扩展名。您可以应用模板的扩展信息来定义证书的用途。 The certificate contains invalid extensions. Edit extensions 编辑扩展信息 The subject alternative name shall contain a copy of the common name. However, the common name is empty. 主体可选名称应包含通用名称(CN)。但是,通用名称为空。 Configfile error on line %1 配置文件错误位于行%1 OidResolver OID Resolver OID解析器 Enter the OID, the Nid, or one of the textual representations 输入OID、Nid或者一个文本表示 Search 搜索 OID OID Long name 长名称 OpenSSL internal ID OpenSSL内部ID Nid Nid Short name 短名称 OpenDb Open remote database 打开远程数据库 Database type 数据库类型 Hostname 主机名 Username 用户名 Password 密码 Database name 数据库名 Table prefix 表前缀 No SqLite3 driver available. Please install the qt-sqlite package of your distribution SqLite3数据库驱动不可用。 请安装您的发行版的qt-sqlite包 Please enter the password to access the database server %2 as user '%1'. 请输入密码,用于以用户身份'%1'访问数据库服务器%2。 The database driver does not support transactions. This may happen if the client and server have different versions. Continue with care. 数据库驱动不支持事务。 这通常是客户端和服务器版本不一致导致的。请谨慎操作。 Options XCA Options XCA选项 Settings 设置 Default hash algorithm 默认哈希算法 String types 字符串类型 Suppress success messages 不显示操作成功提示 Don't colorize expired certificates 不使用彩色显示过期证书 Translate established x509 terms (%1 -> %2) 将x509术语翻译后显示(%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. XCA不使用令牌的哈希功能。 但是,XCA可以遵守令牌规定的受限制的哈希算法集合。 特别的,在PKCS#11规范中,EC和DSA仅仅使用SHA1定义。 Only use hashes supported by the token when signing with a token key 当使用安全令牌密钥签名时仅使用令牌支持的哈希算法 Disable legacy Netscape extensions 禁用传统的Netscape扩展信息 PKCS12 encryption algorithm Certificate expiry warning threshold 证书到期警告阈值 Send vCalendar expiry reminder 发送vCalendar到期提醒 Serial number length 序列号长度 bit bit Distinguished name 专有名称 Mandatory subject entries 必填的主体信息条目 Add 添加 Delete 删除 Explicit subject entries 明确的主体信息条目 Dynamically arrange explicit subject entries 动态安排明确的主题条目 Default 默认 PKCS#11 provider PKCS#11 provider Remove 移除 Search 搜索 Printable string or UTF8 (default) 可打印字符串或UTF8(默认) PKIX recommendation in RFC2459 RFC2459中的PKIX建议 No BMP strings, only printable and T61 无BMP字符串,仅可打印字符串和T61 UTF8 strings only (RFC2459) 仅限UTF8字符串(RFC2459) All strings 所有字符串 Days Weeks Load failed 加载失败 PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) 密码被解析为2位十六进制代码。 它必须具有偶数位数(0-9和a-f) Take as HEX string 作为HEX字符串 Password 密码 Repeat %1 重复%1 %1 mismatch %1不匹配 Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters 十六进制密码只能包含字符0-9和a-f,并且必须具有偶数个字符 Exit 退出 E&xit 退出 QMessageBox Cancel 取消 Apply 应用 Yes No QObject Undefined 未定义 Broken / Invalid 损坏的 / 不合法的 in %1 seconds %1秒内 %1 seconds ago %1秒之前 in %1 minutes %1分钟内 %1 minutes ago %1分钟之前 Yesterday 昨天 Tomorrow 明天 in %1 hours %1小时内 %1 hours ago %1小时之前 DB: Rename: '%1' already in use 数据库: 重命名: '%1'正在使用 DB: Entry to rename not found: %1 数据库: 找不到待重命名的条目: %1 DB: Write error %1 - %2 数据库: 写入错误 %1 - %2 Out of data 无数据 Error finding endmarker of string 查找字符串的结束标记出现错误 Out of Memory at %1:%2 内存不足 %1:%2 Country code 国家代码 State or Province 省份名称 Locality 城市名称 Organisation 组织名称 Organisational unit 内设机构名称 Common name 通用名称 E-Mail address 电子邮件地址 Serial number 序列号 Given name Surname Title Initials Description Role Pseudonym Generation Qualifier x500 Unique Identifier Name 内部名称 DN Qualifier Unstructured name 非结构化名称 Challenge password 质询密码 Basic Constraints 基本约束 Subject alternative name 主体可选名称(SAN) issuer alternative name 颁发者可选名称 Subject key identifier 主体密钥标识符 Authority key identifier CA密钥标识符 Key usage 密钥用法 Extended key usage 扩展密钥用法 CRL distribution points CRL发布点 Authority information access CA信息访问 Certificate type 证书类型 Base URL 基本URL Revocation URL 吊销URL CA Revocation URL CA吊销URL Certificate renewal URL 证书续签URL CA policy URL CA政策URL SSL server name SSL服务器名称 Comment 备注 All files ( * ) All files ( * ) PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK Keys ( *.pvk );; SSH Public Keys ( *.pub );; Import RSA key 导入RSA密钥 PKCS#10 CSR ( *.pem *.der *.csr );; Import Request 导入请求 Certificates ( *.pem *.der *.crt *.cer );; Import X.509 Certificate 导入X.509证书 PKCS#7 data ( *.p7s *.p7m *.p7b );; Import PKCS#7 Certificates 导入PKCS#7证书 PKCS#12 Certificates ( *.p12 *.pfx );; Import PKCS#12 Private Certificate 导入PKCS#12私有证书 XCA templates ( *.xca );; Import XCA Templates 导入XCA模板 Revocation lists ( *.pem *.der *.crl );; Import Certificate Revocation List 导入证书吊销列表 XCA Databases ( *.xdb );; Open XCA Database 打开XCA数据库 PKCS#11 library ( *.dll );; PKCS#11 library ( *.dylib *.so );; PKCS#11 library ( *.so );; Open PKCS#11 shared library 打开PKCS#11动态库 PEM files ( *.pem );; Load PEM encoded file 加载PEM文件 Please enter the PIN on the PinPad 请输入PIN Please enter the SO PIN (PUK) of the token %1 请输入令牌%1的SO PIN (PUK) Please enter the PIN of the token %1 请输入令牌%1的PIN No Security token found 未找到安全令牌 Select 选择 Please enter the new SO PIN (PUK) for the token: '%1' 请输入令牌 '%1'的新SO PIN (PUK): Please enter the new PIN for the token: '%1' 请输入令牌 '%1'的新PIN: Required PIN size: %1 - %2 合法的PIN长度: %1 - %2 Failed to open PKCS11 library: %1 打开PKCS11动态库失败: %1 Failed to open PKCS11 library: %1: %2 打开PKCS11动态库失败: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. 这好像不是PKCS#11动态库。找不到符号'C_GetFunctionList'。 Disabled 已禁用 Library loading failed 动态库加载失败 PKCS#11 function '%1' failed: %2 PKCS#11函数 '%1'失败: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 PKCS#11函数 '%1'失败: %2 位于动态库 %3 %4 Invalid 不合法 %1 is shorter than %2 bytes: '%3' %1小于%2 bytes: '%3' %1 is longer than %2 bytes: '%3' %1大于%2 bytes: '%3' String '%1' for '%2' contains invalid characters 字符串 '%2'中的 '%1'包含无效字符 Error reading config file %1 at line %2 读取配置文件%1(行%2)错误 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. 文件%2(行%3)中的对象 '%1'已经存在 '%4:%5:%6',应当被移除。 The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. 文件%3(行%4)中用于OID %2的标识符 '%1'已经用于另一个OID '%5:%6:%7',应当修改以避免冲突。 Unknown object '%1' in file %2 line %3 文件 %2(行%3)中的未知对象'%1' Failed to start a database transaction 数据库事务开始失败 Index file written to '%1' Index hierarchy written to '%1' Unknown key type %1 Password verify error, please try again 密码校验错误,请再试一次 The following error occurred: 下列错误发生: Failed to update the database schema to the current version Password 密码 ReqTreeView Sign 签发 Unmark signed 标记为未处理 Mark signed 标记为已签发 Similar Request 请求副本 Certificate request export 证书请求导出 Certificate request ( *.pem *.der *.csr ) RevocationList Manage revocations 吊销管理 Add 添加 Delete 删除 Edit 编辑 No. No. Serial 序列号 Revocation 吊销 Reason 原因 Invalidation 不合法 Generate CRL 生成CRL Revoke Certificate revocation 证书吊销 Revocation details 吊销详细信息 Revocation reason 吊销原因 Local time 当地时间 Invalid since 失效开始时间 Serial 序列号 SearchPkcs11 Directory 目录 ... Include subdirectories 包含子目录 Search 搜索 The following files are possible PKCS#11 libraries 下列文件是可能的PKCS#11动态库 SelectToken Security token 安全令牌 Please select the security token 请选择安全令牌 TempTreeView Duplicate 生成副本 Create certificate 创建证书 Create request 创建请求 copy 复制 Preset Template values 内置模板 Template export XCA Templates ( *.xca ) TrustState Certificate trust Trustment &Never trust this certificate Only &trust this certificate, if we trust the signer &Always trust this certificate Validity yyyy-MM-dd hh:mm X509SuperTreeView OpenSSL config OpenSSL配置 Transform 转换 Template 模板 Public key 公钥 Save as OpenSSL config 保存为OpenSSL配置 Config files ( *.conf *.cnf);; All files ( * ) XFile Error opening file: '%1': %2 打开文件错误: '%1': %2 Error rewinding file: '%1': %2 XcaTreeView Item properties 条目属性 Subject entries 主体条目 X509v3 Extensions X503v3扩展信息 Netscape extensions Netscape扩展信息 Key properties 密钥属性 Reset 恢复默认 Hide Column 隐藏该列 Details 详细信息 Columns New 创建 Import 导入 Paste PEM data 粘贴PEM数据 Rename 重命名 Properties 属性 Delete 删除 Export 导出 Clipboard 剪贴板 File 文件 database_model Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format 检测到旧版数据库格式。 创建名为'%1'的备份副本,并将数据库转换为新格式 Failed to rename the database file, because the target already exists 无法重命名数据库文件,因为目标已存在 Please enter the password to access the database server %2 as user '%1'. 请输入密码,用于以用户身份'%1'访问数据库服务器%2。 Unable to create '%1': %2 The file '%1' is not an XCA database No SqLite3 driver available. Please install the qt-sqlite package of your distribution SqLite3数据库驱动不可用。 请安装您的发行版的qt-sqlite包 New Password 新密码 Please enter a password, that will be used to encrypt your private keys in the database: %1 请输入数据库的密码,用于加密数据库中的私钥信息: %1 Password 密码 Please enter the password for unlocking the database: %1 请输入数据库密码,用于解锁数据库: %1 db_base Error opening file: '%1': %2 打开文件错误: '%1': %2 Internal name 内部名称 No. No. Primary key 主键 Database unique number 数据库唯一编号 Date 日期 Date of creation or insertion 创建日期 Source 来源 Generated, Imported, Transformed 生成,导入,转换 Comment 备注 First line of the comment field 备注栏首行 Import from: %1 Could not create directory %1 创建文件夹失败 %1 Item properties 条目属性 How to export the %1 selected items 如何导出选定的%1个条目 All in one PEM file 将全部条目导出到一个PEM文件 Each item in one file 每个条目导出到单个文件 Save %1 items in one file as 保存%1个条目到单个文件 db_crl Signer 签发人 Internal name of the signer 签发人的内部名称 No. revoked 数量 Number of revoked certificates 已吊销证书的数量 Last update 最近更新时间 Next update 下次更新时间 CRL number CRL编号 The revocation list already exists in the database as: '%1' and so it was not imported 吊销列表在数据库中已存在: '%1' 因此未被导入 Revocation list export 吊销列表导出 CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) There are no CA certificates for CRL generation 没有可用于生成CRL的CA证书 Select CA certificate 选择CA证书 Create CRL 创建CRL Failed to initiate DB transaction 初始化数据库事务失败 Database error: %1 数据库错误: %1 Database error: 数据库错误: db_key Type 类型 Size 长度 EC Group 椭圆曲线簇 Use 使用 Password 密码 The key is already in the database as: '%1' and is not going to be imported 密钥在数据库中已存在: '%1' 因此未被导入 The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key 数据库中已存在导入密钥的公钥部分: '%1' 和新导入的私钥部分组成完整密钥 Extending public key from %1 by imported key '%2' 通过导入的密钥'%2'从%1扩展公钥 Key size too small ! 密钥长度太小 ! You are sure to create a key of the size: %1 ? 确认创建长度为%1的密钥? Export keys to Clipboard 导出密钥到剪贴板 Clipboard 剪贴板 Export public key [%1] 导出公钥 [%1] Export private key [%1] 导出私钥 [%1] Internal error Tried to change password of a token 尝试修改令牌密码 db_temp Bad template: %1 损坏的模板: %1 Empty template 空模板 Preset Template values 内置模板 Save template as 将模板保存为 db_x509 CA reflects the basic Constraints extension 反映基本约束扩展 Serial 序列号 Start date 开始日期 Expiry date 过期时间 MD5 fingerprint MD5指纹 SHA1 fingerprint SHA1指纹 SHA256 fingerprint SHA256指纹 Not before 不早于 Not after 不晚于 Revocation 吊销 CRL Expiration CRL过期 Plain View 平铺视图 Tree View 层次视图 Failed to retrieve unique random serial 获取唯一随机序号失败 The certificate already exists in the database as: '%1' and so it was not imported 证书在数据库中已存在: '%1' 因此未被导入 Signed on %1 by '%2' 由'%2'在%1上签名 Unknown 未知 Invalid public key 不合法的公钥 PKCS#7 unrevoked PKCS#7反吊销 PEM unrevoked PEM反吊销 days No template 无模板 The key you selected for signing is not a private one. 您选择的用于签名的密钥不是私钥。 Failed to create directory '%1' Store the certificate to the key on the token '%1 (#%2)' ? 将证书保存到令牌'%1 (#%2)'? PEM chain PEM证书链 PKCS#7 chain PKCS#7证书链 PKCS#12 chain PKCS#12证书链 PKCS#7 all PKCS#7 全部 Certificate Index file 证书索引文件(Index) Certificate export 证书导出 There was no key found for the Certificate: '%1' 找不到证书'%1'的密钥 Not possible for a token key: '%1' 令牌密钥'%1'不可用 Error opening file: '%1': %2 打开文件错误: '%1': %2 Not possible for the token-key Certificate '%1' 令牌证书'%1'不可用 days db_x509name Subject 主体 Complete distinguished name 完整的专有名称 Subject hash 主体哈希 Hash to lookup certs in directories 在目录中查找证书的哈希值 db_x509req Signed 已签发 whether the request is already signed or not 请求是否已签发 Unstructured name 非结构化名称 Challenge password 质询密码 Certificate count 证书数量 Number of certificates in the database with the same public key 数据库中具有相同公钥的证书数量 The certificate signing request already exists in the database as '%1' and thus was not stored 证书签名请求(CSR)在数据库中已存在: '%1' 因此未被导入 Certificate request export 证书请求导出 db_x509super Key name 密钥名称 Internal name of the key 密钥的内部名称 Signature algorithm 签名算法 Key type Key size EC Group 椭圆曲线簇 Extracted from %1 '%2' 从%1中提取得到'%2' Certificate 证书 Certificate request 证书请求 Save as OpenSSL config 保存为OpenSSL配置 The following extensions were not ported into the template 以下扩展未进入到模板中 Transformed from %1 '%2' 从%1转换得到'%2' kvView Type 类型 Content 内容 pass_info Password 密码 PIN PIN pkcs11_lib Failed to open PKCS11 library: %1: %2 打开PKCS11动态库失败: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. 这好像不是PKCS#11动态库。找不到符号'C_GetFunctionList'。 pki_base Error opening file: '%1': %2 打开文件错误: '%1': %2 Error writing to file: '%1': %2 写入文件错误: '%1': %2 Unknown 未知 Imported 导入 Generated 生成 Transformed 转换 Token 令牌 Legacy Database 旧版的数据库 Renewed 已续签 Property '%1' not listed in 'pki_base::print' Internal error: Unexpected message: %1 %2 内部错误: 意料之外的消息: %1 %2 pki_crl Successfully imported the revocation list '%1' 成功导入CRL '%1' Delete the revocation list '%1'? 删除CRL '%1'? Successfully created the revocation list '%1' 成功创建CRL '%1' Delete the %1 revocation lists: %2? 删除这%1个CRL: %2? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. 无法从文件%1加载CRL。尝试使用PEM或DER格式的CRL。 No issuer given 未指定颁发者 Wrong Size %1 错误的大小%1 CRL Renewal of CA '%1' due CA '%1'的CRL更新时间到了 The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' 由CA '%1'签发的最新CRL将在%2到期。 它存储在XCA数据库'%3'中 The XCA CRL '%1', issued on %3 will expire on %4. It is stored in the XCA database '%5' unknown 未知 Renew CRL: %1 更新CRL: %1 The XCA CRL '%1', issued by the CA '%2' on %3 will expire on %4. It is stored in the XCA database '%5' 由%3上的CA '%2'发布的XCA CRL '%1'将在'%4'到期。 它存储在XCA数据库'%5'中 pki_evp Failed to decrypt the key (bad password) 无法解密密钥(密码错误) Failed to decrypt the key (bad password) %1 无法解密密钥(密码错误) %1 Please enter the password to decrypt the private key. 请输入密码,用于解锁私钥。 Please enter the password to decrypt the private key %1. The key from file '%1' is incomplete or inconsistent. 文件'%1'中的密钥不完整或不一致。 Please enter the password to decrypt the private key from file: %1 请输入密码,用于从文件中解密私钥: %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. 无法从文件%1中加载私钥。尝试使用PEM和DER私钥,公钥,PKCS#8密钥类型和SSH2格式。 Ignoring unsupported private key 忽略不支持的私钥 Please enter the password to decrypt the private key: '%1' 请输入密码,用于解密私钥: '%1' Password input aborted 密码输入中止 Please enter the database password for decrypting the key '%1' 请输入数据库密码,用于解密密钥 '%1' Please enter the password to protect the private key: '%1' 请输入密码,用于保护私钥: '%1' Please enter the database password for encrypting the key 请输入数据库密码,用于加密密钥 Please enter the password protecting the PKCS#8 key '%1' 请输入密码,用于保护PKCS#8密钥 '%1' Please enter the password protecting the Microsoft PVK key '%1' Please enter the export password for the private key '%1' 请输入私钥'%1'的导出密码 pki_export PEM Text format with headers 带头部的PEM文本格式 Concatenated list of all selected items in one PEM text file 导出选定的条目到一个PEM文本文件中 PEM chain PEM证书链 Concatenated text format of the complete certificate chain in one PEM file 导出完整的证书链到一个PEM文件中 PEM + key Concatenation of the certificate and the unencrypted private key in one PEM file 导出证书和未加密私钥到一个PEM文件中 Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file 导出证书和加密私钥到PKCS#8文件中 PKCS#7 encoded single certificate PKCS#7编码的单个证书 All selected certificates encoded in one PKCS#7 file 导出选定的证书到一个PKCS#7文件中 PKCS #7 chain PKCS#7 encoded complete certificate chain PKCS#7编码的完整证书链 Binary DER encoded certificate PKCS #12 chain The complete certificate chain and the private key as encrypted PKCS#12 file 导出完整证书链和加密私钥到PKCS#12文件中 PKCS #12 The certificate and the private key as encrypted PKCS#12 file 导出证书和加密私钥到PKCS#12文件中 Certificate Index file 证书索引文件(Index) OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool 导出OpenSSL风格的证书索引文件(Index),该文件由'openssl ca'命令创建,通常OCSP工具需要使用它 vCalendar vCalendar expiry reminder for the selected items 所选条目的vCalendar到期提醒 CA vCalendar vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL 包含所有已颁发的有效证书,CA本身和最新的CRL的vCalendar到期提醒 PEM public Text format of the public key in one PEM file 导出公钥到PEM文本文件中 PEM private Unencrypted private key in text format 导出未加密私钥到文本文件中 PEM encrypted OpenSSL specific encrypted private key in text format 导出OpenSSL风格的加密私钥到文本文件中 SSH2 private SSH2 public The public key encoded in SSH2 format 以SSH2格式编码的公钥 DER public Binary DER format of the public key 导出公钥到DER二进制文件中 DER private Unencrypted private key in binary DER format 导出未加密的私钥到DER二进制文件中 PVK private Private key in Microsoft PVK format not encrypted PVK encrypted Encrypted private key in Microsoft PVK format PKCS #8 encrypted Encrypted private key in PKCS#8 text format 导出加密私钥到PKCS#8文本文件中 PKCS #8 Unencrypted private key in PKCS#8 text format 导出未加密私钥到PKCS#8文本文件中 Binary DER format of the certificate request Binary DER format of the revocation list vCalendar reminder for the CRL expiry date XCA template in PEM-like format All selected XCA templates in PEM-like format pki_key Successfully imported the %1 public key '%2' 成功导入%1个公钥 '%2' Delete the %1 public key '%2'? 删除%1个公钥 '%2'? Successfully imported the %1 private key '%2' 成功导入%1个私钥 '%2' Delete the %1 private key '%2'? 删除%1个私钥 '%2'? Successfully created the %1 private key '%2' 成功创建%1个私钥 '%2' Delete the %1 keys: %2? 删除%1个密钥 '%2'? Public key 公钥 Common Private Bogus PIN PIN No password 无密码 Unexpected SSH2 content: '%1' 意料之外的SSH2内容:'%1' Invalid SSH2 public key 不合法的SSH2公钥 Failed writing to %1 写入到%1失败 pki_multi No known PEM encoded items found 找不到已知的PEM编码条目 pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 请输入密码,用于解密PKCS#12文件: %1 Unable to load the PKCS#12 (pfx) file %1. 无法加载PKCS#12 (pfx)文件 %1. The supplied password was wrong (%1) 提供的密码有误 (%1) Please enter the password to encrypt the PKCS#12 file 请输入密码,用于加密PKCS#12文件 No key or no Cert and no pkcs12 没有证书或没有密钥 pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. 无法加载PKCS#7文件 %1。尝试使用PEM或DER格式。 pki_scard Successfully imported the token key '%1' 成功导入令牌密钥 '%1' Delete the token key '%1'? 删除令牌密钥 '%1'? Successfully created the token key '%1' 成功创建令牌密钥 '%1' Delete the %1 keys: %2? 删除%1个密钥: %2? Delete the private key '%1' from the token '%2 (#%3)' ? 从令牌 '%2 (#%3)'中删除私钥 '%1'? This Key is already on the token 令牌中已存在该密钥 PIN input aborted PIN输入中止 Unable to find copied key on the token 无法在令牌上找到复制的密钥 Please insert card: %1 %2 [%3] with Serial: %4 请插入智能卡: %1 %2 [%3] 序列号: %4 Public Key mismatch. Please re-import card 公钥不匹配。请重新导入智能卡 Illegal Key generation method 不合法的密钥生成方法 Unable to find generated key on card 无法在智能卡上找到生成的密钥 Ignoring unsupported token key 忽略不支持的令牌密钥 Wrong Size %1 错误的大小%1 Token %1 令牌 %1 Failed to find the key on the token 无法在令牌上找到密钥 Invalid Pin for the token 不合法的令牌PIN Failed to initialize the key on the token 初始化令牌密钥失败 pki_temp Successfully imported the XCA template '%1' 成功导入XCA模板 '%1' Delete the XCA template '%1'? 删除XCA模板 '%1'? Successfully created the XCA template '%1' 成功创建XCA模板 '%1' Delete the %1 XCA templates: %2? 删除%1个XCA模板: %2? Wrong Size %1 错误的大小%1 Template file content error (too small) 模板文件内容错误 (太小) Template file content error (too small): %1 模板文件内容错误 (太小): %1 Not a PEM encoded XCA Template 不是PEM编码的XCA模板 Not an XCA Template, but '%1' 不是一个XCA模板,而是 '%1' pki_x509 Successfully imported the certificate '%1' 成功导入证书 '%1' Delete the certificate '%1'? 删除证书 '%1'? Successfully created the certificate '%1' 成功创建证书 '%1' Delete the %1 certificates: %2? 删除%1个证书: %2? Unable to load the certificate in file %1. Tried PEM and DER certificate. 无法从文件%1加载证书。尝试使用PEM或DER格式的证书。 This certificate is already on the security token 安全令牌上已存在该证书 Delete the certificate '%1' from the token '%2 (#%3)'? 从令牌 '%2 (#%3)'中删除证书 '%1'? There is no key for signing ! 没有可用于签名的密钥 ! Wrong Size %1 错误的大小%1 No Yes Renew certificate: %1 续签证书: %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' 由%2签发的XCA证书 '%1'将在'%3'到期。 它存储在XCA数据库'%4'中 CRL Renewal of CA '%1' due CA '%1'的CRL更新时间到了 The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' 由CA '%1'签发的最新CRL将在%2到期。 它存储在XCA数据库'%3'中 pki_x509req Signing key not valid (public key) 签名密钥不合法 (公钥) Successfully imported the %1 certificate request '%2' 成功导入%1个证书请求 '%2' Delete the %1 certificate request '%2'? 删除%1个证书请求: '%2'? Successfully created the %1 certificate request '%2' 成功创建%1个证书请求 '%2' Delete the %1 certificate requests: %2? 删除%1个证书请求: %2? Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. 无法从文件%1加载证书请求。尝试使用PEM、DER或SPKAC格式。 Wrong Size %1 错误的大小%1 Signed 已签发 Unhandled 未处理 v3ext Copy Common Name 复制通用名称(CN) Add 添加 Delete 删除 Apply 应用 Validate 验证 Cancel 取消 An email address or 'copy' 一个email地址或'copy' An email address 一个email地址 A registered ID: OBJECT IDENTIFIER 一个已注册ID: 对象标识符 A uniform resource indicator 统一资源定位符 A DNS domain name or 'copycn' 一个DNS域名或'copycn' A DNS domain name DNS域名 An IP address IP地址 Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' 语法: <OID>;TYPE:形如 '1.2.3.4:UTF8:name'的文本 No editing. Only 'copy' allowed here 不允许编辑,此处只允许填写'copy' Validation failed: '%1' %2 验证失败: '%1' %2 Validation successful: '%1' 验证成功: '%1' xcaWarning The following error occurred: 下列错误发生: Copy to Clipboard 复制到剪贴板 xcaWarningGui Copy to Clipboard 复制到剪贴板 xca-RELEASE.2.5.0/lib/000077500000000000000000000000001450407711300141205ustar00rootroot00000000000000xca-RELEASE.2.5.0/lib/BioByteArray.cpp000066400000000000000000000044761450407711300171730ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "BioByteArray.h" #include void BioByteArray::set(const QByteArray &qba) { if (read_write) { char buf[1024]; qWarning() << "BioByteArray already in use"; while (BIO_read(read_write, buf, sizeof buf) > 0) ; memset(buf, 0, sizeof buf); } add(qba); } void BioByteArray::add(const QByteArray &qba) { if (read_only) { qWarning() << "BioByteArray is read-only"; return; } if (read_write) biowrite(qba); else store += qba; } void BioByteArray::biowrite(const QByteArray &qba) { BIO_write(read_write, qba.data(), qba.size()); } void BioByteArray::cleanse_and_free(BIO *bio) { if (!bio) return; char *p; long l = BIO_get_mem_data(bio, &p); OPENSSL_cleanse(p, l); BIO_free(bio); } BioByteArray::~BioByteArray() { store.fill(0); store.clear(); cleanse_and_free(read_write); if (read_only) BIO_free(read_only); } BIO *BioByteArray::bio() { if (!read_write) { read_write = BIO_new(BIO_s_mem()); Q_CHECK_PTR(read_write); biowrite(store); store.fill(0); store.clear(); } return read_write; } BIO *BioByteArray::ro() { if (!read_only) read_only = BIO_new_mem_buf( (void*)store.constData(), store.length()); Q_CHECK_PTR(read_only); return read_only; } QByteArray BioByteArray::byteArray() const { if (read_only || !read_write) return store; /* "read_write" Bio may differ from "store" */ const char *p; int l = BIO_get_mem_data(read_write, &p); return QByteArray(p, l); } int BioByteArray::size() const { if (read_only || !read_write) return store.size(); /* "read_write" Bio may differ from "store" */ const char *p; return BIO_get_mem_data(read_write, &p); } QString BioByteArray::qstring() const { return QString::fromUtf8(byteArray().constData()); } BioByteArray::operator BIO*() { return bio(); } BioByteArray::operator QByteArray() { return byteArray(); } BioByteArray &BioByteArray::operator = (const BioByteArray &other) { set(other.byteArray()); return *this; } BioByteArray &BioByteArray::operator = (const QByteArray &qba) { set(qba); return *this; } BioByteArray &BioByteArray::operator += (const BioByteArray &other) { add(other.byteArray()); return *this; } BioByteArray &BioByteArray::operator += (const QByteArray &qba) { add(qba); return *this; } xca-RELEASE.2.5.0/lib/BioByteArray.h000066400000000000000000000021331450407711300166240ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __BIOBYTEARRAY_H #define __BIOBYTEARRAY_H #include #include #include class BioByteArray { protected: BIO *read_write; BIO *read_only; QByteArray store; void set(const QByteArray &qba); void add(const QByteArray &qba); void biowrite(const QByteArray &qba); void cleanse_and_free(BIO *bio); public: BioByteArray(const QByteArray &qba) : read_write(NULL), read_only(NULL), store(qba) { } BioByteArray(const BioByteArray &bba) : read_write(NULL), read_only(NULL), store(bba.byteArray()) { } BioByteArray() : read_write(NULL), read_only(NULL), store() { } ~BioByteArray(); int size() const; BIO *bio(); BIO *ro(); QByteArray byteArray() const; QString qstring() const; operator BIO*(); operator QByteArray(); BioByteArray &operator = (const BioByteArray &other); BioByteArray &operator = (const QByteArray &qba); BioByteArray &operator += (const BioByteArray &other); BioByteArray &operator += (const QByteArray &qba); }; #endif xca-RELEASE.2.5.0/lib/CMakeLists.txt000066400000000000000000000034171450407711300166650ustar00rootroot00000000000000 list(APPEND xcadoc_sources arguments.cpp arguments.h xcadoc.cpp) list(APPEND xca_sources BioByteArray.cpp dbhistory.cpp pki_key.cpp BioByteArray.h dbhistory.h pki_key.h Passwd.cpp entropy.cpp pki_lookup.h Passwd.h entropy.h pki_multi.cpp arguments.cpp exception.h pki_multi.h arguments.h func.cpp pki_pkcs12.cpp asn1int.cpp func.h pki_pkcs12.h asn1int.h headerlist.h pki_pkcs7.cpp asn1time.cpp ipvalidator.h pki_pkcs7.h asn1time.h load_obj.cpp pki_scard.cpp base.h load_obj.h pki_scard.h builtin_curves.cpp main.cpp pki_temp.cpp builtin_curves.h main.h pki_temp.h database_model.cpp oid.cpp pki_x509.cpp database_model.h oid.h pki_x509.h db_base.cpp opensc-pkcs11.h pki_x509req.cpp db_base.h openssl_compat.h pki_x509req.h db_crl.cpp pass_info.cpp pki_x509super.cpp db_crl.h pass_info.h pki_x509super.h db_key.cpp pk11_attribute.cpp settings.cpp db_key.h pk11_attribute.h settings.h db_temp.cpp pkcs11.cpp sql.cpp db_temp.h pkcs11.h sql.h db_token.cpp pkcs11_lib.cpp version.cpp db_token.h pkcs11_lib.h x509name.cpp db_x509.cpp pki_base.cpp x509name.h db_x509.h pki_base.h x509rev.cpp db_x509req.cpp pki_crl.cpp x509rev.h db_x509req.h pki_crl.h x509v3ext.cpp db_x509super.cpp pki_evp.cpp x509v3ext.h db_x509super.h pki_evp.h xfile.h dhgen.cpp dhgen.h XcaProgress.cpp XcaProgress.h XcaWarningCore.cpp XcaWarningCore.h PwDialogCore.cpp PwDialogCore.h digest.h digest.cpp pki_export.cpp ) list(TRANSFORM xca_sources PREPEND ${PROJECT_SOURCE_DIR}/lib/) list(TRANSFORM xcadoc_sources PREPEND ${PROJECT_SOURCE_DIR}/lib/) list(APPEND xca_sources ${PROJECT_BINARY_DIR}/local.h) list(APPEND xcadoc_sources ${PROJECT_BINARY_DIR}/local.h) target_sources(${CMAKE_PROJECT_NAME} PRIVATE ${xca_sources}) target_sources(xcadoc PRIVATE ${xcadoc_sources}) xca-RELEASE.2.5.0/lib/Passwd.cpp000066400000000000000000000005401450407711300160640ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2012 Christian Hohnstaedt. * * All rights reserved. */ #include #include "Passwd.h" void Passwd::cleanse() { memset(data(), 0, size()); clear(); } Passwd::~Passwd() { Passwd::cleanse(); } unsigned char *Passwd::constUchar() const { return (unsigned char *)(size() ? constData() : ""); } xca-RELEASE.2.5.0/lib/Passwd.h000066400000000000000000000007261450407711300155370ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2011 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PASSWD_H #define __PASSWD_H #include class Passwd: public QByteArray { public: void cleanse(); ~Passwd(); unsigned char *constUchar() const; Passwd & operator= (const char *p) { return (Passwd&)QByteArray::operator=(p); } Passwd & operator= (const QByteArray &other) { return (Passwd&)QByteArray::operator=(other); } }; #endif xca-RELEASE.2.5.0/lib/PwDialogCore.cpp000066400000000000000000000022341450407711300171440ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "lib/func.h" #include "lib/base.h" #include "lib/Passwd.h" #include "lib/exception.h" #include "XcaWarningCore.h" #include "PwDialogCore.h" #include #include PwDialogUI_i *PwDialogCore::pwdialog; enum open_result PwDialogCore::execute(pass_info *p, Passwd *passwd, bool write, bool abort) { if (pwdialog) return pwdialog->execute(p, passwd, write, abort); #if !defined(Q_OS_WIN32) console_write(stdout, QString(COL_CYAN "%1\n" COL_LRED "%2:" COL_RESET) .arg(p->getDescription()) .arg(QObject::tr("Password")).toUtf8()); *passwd = readPass(); return pw_ok; #else throw pw_exit; #endif } int PwDialogCore::pwCallback(char *buf, int size, int rwflag, void *userdata) { Passwd passwd; enum open_result result; pass_info *p = static_cast(userdata); result = execute(p, &passwd, rwflag, false); size = MIN(size, passwd.size()); memcpy(buf, passwd.constData(), size); p->setResult(result); return result == pw_ok ? size : 0; } void PwDialogCore::setGui(PwDialogUI_i *p) { delete pwdialog; pwdialog = p; } xca-RELEASE.2.5.0/lib/PwDialogCore.h000066400000000000000000000012761450407711300166160ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2011 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PWDIALOGCORE_H #define __PWDIALOGCORE_H #include #include "Passwd.h" #include "pass_info.h" class PwDialogUI_i { public: virtual enum open_result execute(pass_info *p, Passwd *passwd, bool write = false, bool abort = false) = 0; virtual ~PwDialogUI_i() { }; }; class PwDialogCore { private: static PwDialogUI_i *pwdialog; public: static enum open_result execute(pass_info *p, Passwd *passwd, bool write = false, bool abort = false); static int pwCallback(char *buf, int size, int rwflag, void *userdata); static void setGui(PwDialogUI_i *p); }; #endif xca-RELEASE.2.5.0/lib/XcaProgress.cpp000066400000000000000000000017201450407711300170640ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2018 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include #include #include "base.h" #include "XcaProgress.h" void XcaProgressCmd::stop() { puts(" finished."); } void XcaProgressCmd::start(const QString &what, int) { puts(""); puts(CCHAR(what)); } void XcaProgressCmd::increment() { static const char *spinner = "|/-\\"; printf("\rGenerating %c ...", spinner[i++%4]); fflush(stdout); } XcaProgress_i *XcaProgress::progress; XcaProgress::XcaProgress(const QString &what, int max) { if (!progress) progress = new XcaProgressCmd(); progress->start(what, max); } XcaProgress::~XcaProgress() { progress->stop(); } void XcaProgress::increment() { progress->increment(); } void XcaProgress::inc(int, int, void *p) { XcaProgress *prog = static_cast(p); if (prog) prog->increment(); } void XcaProgress::setGui(XcaProgress_i *p) { delete progress; progress = p; } xca-RELEASE.2.5.0/lib/XcaProgress.h000066400000000000000000000014601450407711300165320ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2018 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __XCAPROGRESS_H #define __XCAPROGRESS_H #include class XcaProgress_i { public: XcaProgress_i() = default; virtual void start(const QString &what, int max) = 0; virtual void stop() = 0; virtual void increment() = 0; virtual ~XcaProgress_i() = default; }; class XcaProgressCmd : public XcaProgress_i { private: int i; public: void start(const QString &what, int max); void stop(); void increment(); }; class XcaProgress { private: static XcaProgress_i *progress; public: XcaProgress(const QString &what = QString(), int max = 100); ~XcaProgress(); void increment(); static void inc(int, int, void *p); static void setGui(XcaProgress_i *p); }; #endif xca-RELEASE.2.5.0/lib/XcaWarningCore.cpp000066400000000000000000000021761450407711300175040ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2018 Christian Hohnstaedt. * * All rights reserved. */ #include "XcaWarningCore.h" #include "lib/func.h" #include #include class xcaWarning_i *xcaWarning::gui; static bool print_cmdline(const char *color, const QString &msg) { console_write(stdout, QString("%1:" COL_RESET " %2\n") .arg(color).arg(msg).toUtf8()); return true; } void xcaWarningCore::information(const QString &msg) { print_cmdline(COL_CYAN "Information", msg); } void xcaWarningCore::warning(const QString &msg) { print_cmdline(COL_RED "Warning", msg); } bool xcaWarningCore::yesno(const QString &msg) { return print_cmdline(COL_BLUE "Question", msg); } bool xcaWarningCore::okcancel(const QString &msg) { return print_cmdline(COL_BLUE "Question", msg); } void xcaWarningCore::sqlerror(QSqlError err) { warning(err.text()); } void xcaWarningCore::error(const QString &msg) { print_cmdline(COL_RED "Error", msg); } void xcaWarningCore::warningv3(const QString &msg, const extList &el) { warning(QString(" " COL_CYAN "%1" COL_RESET "\n%2") .arg(msg).arg(el.getConsole(QString(" ")))); } xca-RELEASE.2.5.0/lib/XcaWarningCore.h000066400000000000000000000045371450407711300171540ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2018 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __XCAWARNINGCORE_H #define __XCAWARNINGCORE_H #include "base.h" #include "exception.h" #include "x509v3ext.h" #include #include #define XCA_INFO(msg) xcaWarning::information(msg) #define XCA_WARN(msg) xcaWarning::warning(msg) #define XCA_YESNO(msg) xcaWarning::yesno(msg) #define XCA_OKCANCEL(msg) xcaWarning::okcancel(msg) #define XCA_ERROR(err) xcaWarning::error(err) #define XCA_SQLERROR(err) xcaWarning::sqlerror(err) #define XCA_PASSWD_ERROR() XCA_WARN(QObject::tr("Password verify error, please try again")) class xcaWarning_i { public: virtual void information(const QString &msg) = 0; virtual void warning(const QString &msg) = 0; virtual void warningv3(const QString &msg, const extList &el) = 0; virtual bool yesno(const QString &msg) = 0; virtual bool okcancel(const QString &msg) = 0; virtual void sqlerror(QSqlError err) = 0; virtual void error(const QString &msg) = 0; virtual ~xcaWarning_i() { }; }; class xcaWarningCore : public QObject, public xcaWarning_i { Q_OBJECT public: void information(const QString &msg); void warning(const QString &msg); bool yesno(const QString &msg); bool okcancel(const QString &msg); void sqlerror(QSqlError err); void warningv3(const QString &msg, const extList &el); void error(const QString &msg); }; class xcaWarning { static class xcaWarning_i *gui; public: xcaWarning() = delete; xcaWarning(const xcaWarningCore &) = delete; ~xcaWarning() = delete; static void information(const QString &msg) { gui->information(msg); } static void warning(const QString &msg) { gui->warning(msg); } static void warningv3(const QString &msg, const extList &el) { gui->warningv3(msg, el); } static bool yesno(const QString &msg) { return gui->yesno(msg); } static bool okcancel(const QString &msg) { return gui->okcancel(msg); } static void sqlerror(QSqlError err) { if (!err.isValid()) err = QSqlDatabase::database().lastError(); if (err.isValid()) gui->sqlerror(err); } static void error(const errorEx &err) { if (err.isEmpty()) return; QString msg = QObject::tr("The following error occurred:") + "\n" + err.getString(); gui->error(msg); } static void setGui(class xcaWarning_i *g) { delete gui; gui = g; } }; #endif xca-RELEASE.2.5.0/lib/arguments.cpp000066400000000000000000000242641450407711300166410ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2020 Christian Hohnstaedt. * * All rights reserved. */ #include #include #include "arguments.h" #include #include #include #if !defined(Q_OS_WIN32) #include #endif const QList arguments::opts = { arg_option("crlgen", "ca-identifier", required_argument, true, true, "Generate CRL for . Use the 'name' option to set the internal name of the new CRL."), arg_option("database", "database", file_argument, false, false, "File name (*.xdb) of the SQLite database or a remote database descriptor: [user@host/TYPE:dbname#prefix]."), arg_option("exit", NULL, no_argument, false, false, "Exit after importing items."), arg_option("help", NULL, no_argument, true, false, "Print this help and exit."), arg_option("hierarchy", "directory", file_argument, true, true, "Save OpenSSL index hierarchy in

."), arg_option("index", "file", file_argument, true, true, "Save OpenSSL index in ."), arg_option("import", NULL, no_argument, false, true, "Import all provided items into the database."), arg_option("import-names", NULL, required_argument, false, true, "A semicolon separated list of names applied to the imported items in the order found in the PEM file and on the commandline."), arg_option("issuers", NULL, no_argument, true, true, "Print all known issuer certificates that have an associated private key and the CA basic constraints set to 'true'."), arg_option("keygen", "type", required_argument, true, true, "Generate a new key and import it into the database. Use the 'name' option to set the internal name of the new key. The parameter has the format: '[RSA|DSA|EC]:[|]."), arg_option("list-curves", NULL, no_argument, true, false, "Prints all known Elliptic Curves."), arg_option("list-items", NULL, no_argument, true, true, "List all items in the database."), arg_option("name", "internal-name", required_argument, false, true, "Provides the name of new generated items. An automatic name will be generated if omitted."), arg_option("no-gui", NULL, no_argument, true, false, "Do not start the GUI. Alternatively set environment variable XCA_NO_GUI=1 or call xca as 'xca-console' symlink."), arg_option("password", "password", required_argument, false, false, "Database password for unlocking the database."), arg_option("pem", NULL, no_argument, true, false, "Print PEM representation of provided files. Prints only the public part of private keys."), arg_option("print", NULL, no_argument, true, false, "Print a synopsis of provided files."), arg_option("select", "id-list", required_argument, true, true, "Selects all items in the comma separated id-list to be shown with 'print', 'text' or 'pem'."), arg_option("sqlpass", "password", required_argument, false, false, "Password to access the remote SQL server."), arg_option("text", NULL, no_argument, true, false, "Print the content of provided files as OpenSSL does."), arg_option("verbose", NULL, no_argument, false, false, "Print debug log on stderr. Same as setting XCA_DEBUG=all. See XCA_DEBUG"), arg_option("version", NULL, no_argument, true, false, "Print version information and exit."), }; static QMap getPassDoc() { QMap passdoc; passdoc["pass:password"] = "The actual password is password. Since the password is visible to utilities (like 'ps' under Unix) this form should only be used where security is not important."; passdoc["env:var"] = "Obtain the password from the environment variable var. Since the environment of other processes is visible on certain platforms (e.g. ps under certain Unix OSes) this option should be used with caution."; passdoc["file:pathname"] = "The first line of pathname is the password. If the same pathname argument is supplied to password and sqlpassword arguments then the first line will be used for both passwords. pathname need not refer to a regular file: it could for example refer to a device or named pipe."; passdoc["fd:number"] = "Read the password from the file descriptor number. This can be used to send the data via a pipe for example."; passdoc["stdin"] = "Read the password from standard input."; return passdoc; } arg_option::arg_option(const char *l, const char *a, int has, bool n, bool nd, const char *h) : long_opt(l), arg(a), arg_type(has), no_gui(n), need_db(nd), help(h) { } QCommandLineOption arg_option::getCmdOption() const { switch (arg_type) { case no_argument: return QCommandLineOption(long_opt, help); default: return QCommandLineOption(long_opt, help, long_opt); } } static QString splitQstring(int offset, int width, const QString &text) { QStringList lines; QString line; foreach(const QString &word, text.split(" ")) { if (line.size() + word.size() < width - offset) { line += " " + word; continue; } lines += line; line = word; } lines += line; return lines.join(QString("\n") +QString().fill(' ', offset)); } QString arguments::man() { QString s; QMap passdoc = getPassDoc(); for (auto i = opts.begin(); i != opts.end(); ++i) { QString longopt = i->long_opt; if (i->arg) longopt += QString("=<%1>").arg(i->arg); s += QString(".TP\n.B \\-\\-%1%3\n%2\n") .arg(longopt) .arg(i->help) .arg(i->need_db ? " *" : ""); } s += ".br\n.TP\n" "Options marked with an asterisk need a database. Either from the commandline or as default database.\n" "\n.SH PASS PHRASE ARGUMENTS\n" "The password options accept the same syntax as openssl does:\n"; foreach(QString key, passdoc.keys()) s += QString(".TP\n.B %1\n%2\n").arg(key).arg(passdoc[key]); return s; } static QString esc(QString msg) { return msg.replace(QRegularExpression("([\\*@:'_])"), "\\\\1"); } QString arguments::rst() { QString s = "..\n" " Automatically created by\n" " XCA_ARGUMENTS=rst ./xca arguments.rst\n\n"; QMap passdoc = getPassDoc(); int space = (maxOptWidth() + 4) * -1; for (auto i = opts.begin(); i != opts.end(); ++i) { QString longopt = i->long_opt; if (i->arg) longopt += QString("=%1").arg(esc(i->arg)); s += QString("--%1 %2%3\n") .arg(esc(longopt), space) .arg(esc(i->help)) .arg(i->need_db ? " [#need-db]_" : ""); } s += "\n\n" ".. [#need-db] Requires a database. Either from the commandline or as default database.\n\n" "Passphrase arguments\n" ".....................\n" "The password options accept the same syntax as openssl does:\n\n"; foreach(QString key, passdoc.keys()) s += QString("%1\n %2\n").arg(esc(key)).arg(esc(passdoc[key])); return s; } QString arguments::completion() { QStringList sl; for (auto i = opts.begin(); i != opts.end(); ++i) sl << QString("--%1").arg(i->long_opt); return sl.join(" "); } QString arguments::doc(const QString &which) { if (which == "rst") return rst(); if (which == "man") return man(); if (which == "completion") return completion(); return QString(); } size_t arguments::maxOptWidth() { size_t len = 0; foreach(const arg_option &a, opts) { size_t l = strlen(a.long_opt); if (a.arg) l += strlen(a.arg); if (l > len) len = l; } return len; } QString arguments::help() { QString s; size_t len; int width = 80, offset; #if !defined(Q_OS_WIN32) struct winsize w; ioctl(0, TIOCGWINSZ, &w); if (w.ws_col > 20) width = w.ws_col; #endif QMap passdoc = getPassDoc(); len = maxOptWidth() +4; offset = len + 7; for (auto i = opts.begin(); i != opts.end(); ++i) { QString longopt = i->long_opt; if (i->arg) longopt += QString("=<%1>").arg(i->arg); QString help = splitQstring(offset, width, i->help); s += QString(" " COL_CYAN "%3 " COL_RESET COL_BOLD "--%1" COL_RESET " %2\n") .arg(longopt, len*-1) .arg(help) .arg(i->need_db ? "*" : " "); } s += "\n[" COL_CYAN "*" COL_RESET "]" + splitQstring(sizeof("[*] ") -1, width, QString("Needs a database. Either from the commandline or as default database")) + "\n"; s += "\n" + splitQstring(0, width, QString("The password options accept the same syntax as openssl does:\n")); foreach(QString key, passdoc.keys()) s += QString("\n " COL_BOLD "%1" COL_RESET).arg(key, -14) + splitQstring(18, width, passdoc[key]); return s; } int arguments::parse(int argc, char *argv[]) { files.clear(); need_db = false; QCommandLineParser parser; foreach(const arg_option &opt, opts) parser.addOption(opt.getCmdOption()); /* Parse cmdline options argv */ QStringList args; for (int i =0; i < argc; i++) args << QString::fromUtf8(argv[i]); parser.process(args); QStringList found = parser.optionNames(); foreach(const arg_option &opt, opts) { if (found.contains(opt.long_opt)) { found_options[opt.long_opt] = parser.value(opt.long_opt); if (opt.need_db) need_db = true; } } foreach(const QString &file, parser.positionalArguments()) { if (!has("database") && file.endsWith(".xdb")) { /* No database given, but here is an xdb file * Try to be clever. */ found_options["database"] = file; } else { files << file; } } return result; } arguments::arguments(int argc, char *argv[]) { need_db = false; parse(argc, argv); } arguments::arguments(const arguments &a) { *this = a; } arguments &arguments::operator = (const arguments &a) { files = a.files; found_options = a.found_options; return *this; } QString arguments::operator [] (const QString &key) const { return found_options[key]; } bool arguments::has(const QString &opt) const { return found_options.contains(opt); } QStringList arguments::getFiles() const { return files; } bool arguments::needDb() const { return need_db; } bool arguments::is_console(int argc, char *argv[]) { const char *nogui = getenv("XCA_NO_GUI"); if (nogui && *nogui) return true; if (argc > 0 && QString(argv[0]).endsWith("xca-console")) return true; /* Setup "no-gui" options */ QStringList console_opts; for (auto i = opts.begin(); i != opts.end(); ++i) { if (i->no_gui) console_opts << QString("-%1").arg(i->long_opt); } qDebug() << "NOGUI_OPTS" << console_opts; for (int i = 1; i < argc; i++) { QString arg = QString(argv[i]); if (arg.startsWith("--")) arg = arg.mid(1); foreach(QString opt, console_opts) { if (arg.startsWith(opt)) return true; } } return false; } xca-RELEASE.2.5.0/lib/arguments.h000066400000000000000000000023651450407711300163040ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __ARGUMENTS_H #define __ARGUMENTS_H #include "base.h" #include #include #include #include enum { file_argument, required_argument, no_argument, }; class arg_option { public: const char *long_opt; const char *arg; int arg_type; bool no_gui; bool need_db; QString help; arg_option(const char *l, const char *a, int has_arg, bool n, bool nd, const char *h); QCommandLineOption getCmdOption() const; }; class arguments { private: static const QList opts; int result; QMap found_options; QStringList files; bool need_db; public: static bool is_console(int argc, char *argv[]); static QString help(); static QString man(); static QString rst(); static QString completion(); static size_t maxOptWidth(); static QString doc(const QString &which); arguments(int argc, char *argv[]); arguments(const arguments &a); QString operator [] (const QString &) const; arguments &operator = (const arguments &); bool has(const QString &opt) const; int parse(int argc, char *argv[]); QStringList getFiles() const; bool needDb() const; }; #endif xca-RELEASE.2.5.0/lib/asn1int.cpp000066400000000000000000000066141450407711300162100ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #include "asn1int.h" #include "func.h" #include "exception.h" #include #include ASN1_INTEGER *a1int::dup(const ASN1_INTEGER *a) const { // this wrapper casts the const to work around the nonconst // declared ASN1_STRING_dup (actually it is const ASN1_INTEGER *r = ASN1_INTEGER_dup((ASN1_INTEGER *)a); openssl_error(); if (!r) r = ASN1_INTEGER_new(); Q_CHECK_PTR(r); return r; } a1int::a1int() { in = ASN1_INTEGER_new(); Q_CHECK_PTR(in); ASN1_INTEGER_set(in, 0); openssl_error(); } a1int::a1int(const ASN1_INTEGER *i) { in = dup(i); } a1int::a1int(const a1int &a) { in = dup(a.in); } a1int::a1int(const QString &hex) { in = ASN1_INTEGER_new(); Q_CHECK_PTR(in); setHex(hex); } a1int::a1int(long l) { in = ASN1_INTEGER_new(); Q_CHECK_PTR(in); set(l); } a1int::~a1int() { ASN1_INTEGER_free(in); } a1int &a1int::set(const ASN1_INTEGER *i) { ASN1_INTEGER_free(in); in = dup(i); return *this; } a1int &a1int::set(long l) { ASN1_INTEGER_set(in, l); openssl_error(); return *this; } QString a1int::toQString(int dec) const { QString r; if (in->length == 0) { return r; } BIGNUM *bn = ASN1_INTEGER_to_BN(in, NULL); openssl_error(); char *res = dec ? BN_bn2dec(bn) : BN_bn2hex(bn); openssl_error(); r = res; OPENSSL_free(res); BN_free(bn); return r; } QString a1int::toHex() const { return toQString(0); } QString a1int::toDec() const { return toQString(1); } a1int &a1int::setQString(const QString &s, int dec) { BIGNUM *bn = NULL; if (s.isEmpty()) { return *this; } if (dec) BN_dec2bn(&bn, s.toLatin1()); else BN_hex2bn(&bn, s.toLatin1()); openssl_error(); BN_to_ASN1_INTEGER(bn, in); openssl_error(); BN_free(bn); return *this; } a1int &a1int::setHex(const QString &s) { return setQString(s, 0); } a1int &a1int::setDec(const QString &s) { return setQString(s, 1); } a1int &a1int::setRaw(const unsigned char *data, unsigned len) { BIGNUM *bn = BN_bin2bn(data, len, NULL); if (!bn) openssl_error(); BN_to_ASN1_INTEGER(bn, in); openssl_error(); BN_free(bn); return *this; } ASN1_INTEGER *a1int::get() const { return dup(in); } const ASN1_INTEGER *a1int::get0() const { return in; } long a1int::getLong() const { long l = ASN1_INTEGER_get(in); openssl_error(); return l; } a1int &a1int::operator ++ (void) { BIGNUM *bn = ASN1_INTEGER_to_BN(in, NULL); openssl_error(); BN_add(bn, bn, BN_value_one()); openssl_error(); BN_to_ASN1_INTEGER(bn, in); openssl_error(); BN_free(bn); return *this; } a1int a1int::operator ++ (int) { a1int tmp = *this; operator ++ (); return tmp; } a1int &a1int::operator = (const a1int &a) { set(a.in); return *this; } a1int &a1int::operator = (long i) { ASN1_INTEGER_set(in, i); openssl_error(); return *this; } bool a1int::operator > (const a1int &a) const { return (ASN1_INTEGER_cmp(in, a.in) > 0); } bool a1int::operator < (const a1int &a) const { return (ASN1_INTEGER_cmp(in, a.in) < 0); } bool a1int::operator == (const a1int &a) const { return (ASN1_INTEGER_cmp(in, a.in) == 0); } bool a1int::operator != (const a1int &a) const { return (ASN1_INTEGER_cmp(in, a.in) != 0); } a1int::operator QString() const { return toHex(); } QByteArray a1int::i2d() { return i2d_bytearray(I2D_VOID(i2d_ASN1_INTEGER), in); } int a1int::derSize() const { return i2d_ASN1_INTEGER(in, NULL); } xca-RELEASE.2.5.0/lib/asn1int.h000066400000000000000000000022751450407711300156540ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __ASN1INTEGER_H #define __ASN1INTEGER_H #include #include class a1int { private: ASN1_INTEGER *in; ASN1_INTEGER *dup(const ASN1_INTEGER *a) const; a1int &setQString(const QString &s, int dec); QString toQString(int dec) const; public: a1int(); a1int(const ASN1_INTEGER *i); a1int(const a1int &a); a1int(long l); a1int(const QString &hex); ~a1int(); a1int &set(const ASN1_INTEGER *i); a1int &set(long l); QString toHex() const; QString toDec() const; a1int &setHex(const QString &s); a1int &setDec(const QString &s); a1int &setRaw(const unsigned char *data, unsigned len); long getLong() const; ASN1_INTEGER *get() const; const ASN1_INTEGER *get0() const; QByteArray i2d(); int derSize() const; a1int &operator ++ (void); a1int operator ++ (int); a1int &operator = (const a1int &a); a1int &operator = (long i); bool operator > (const a1int &a) const; bool operator < (const a1int &a) const; bool operator == (const a1int &a) const; bool operator != (const a1int &a) const; operator QString() const; }; #endif xca-RELEASE.2.5.0/lib/asn1time.cpp000066400000000000000000000111121450407711300163410ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2012 Christian Hohnstaedt. * * All rights reserved. */ #include #include "base.h" #include "func.h" #include "exception.h" #include "asn1time.h" #include #include #include #include #include /* As defined in rfc-5280 4.1.2.5 */ #define UNDEFINED_DATE "99991231235959Z" #define UTC_FORMAT "yyMMddHHmmss'Z'" #define GEN_FORMAT "yy" UTC_FORMAT bool a1time::isUndefined() const { return toSecsSinceEpoch() == 0; } a1time &a1time::setUndefined() { /* This way we handle "Jan 01, 1970 00:00:00" * like RFC-5280 undefined date. I dare it */ setTimeSpec(Qt::UTC); setSecsSinceEpoch(0); return *this; } int a1time::from_asn1(const ASN1_TIME *a) { ASN1_GENERALIZEDTIME *gt; QString t; *this = QDateTime(); if (!a) return -1; gt = ASN1_TIME_to_generalizedtime((ASN1_TIME*)a, NULL); if (!gt) return -1; t = QString::fromLatin1((char*)gt->data, gt->length); ASN1_GENERALIZEDTIME_free(gt); return fromPlain(t); } int a1time::fromPlain(const QString &plain) { setTimeSpec(Qt::LocalTime); if (plain == UNDEFINED_DATE) setUndefined(); else *this = fromString(plain, GEN_FORMAT); setTimeSpec(Qt::UTC); return isValid() ? 0 : -1; } int a1time::set_asn1(const QString &str, int type) { if (!atime) atime = ASN1_TIME_new(); if (!atime) return -1; atime->type = type; if (ASN1_STRING_set(atime, str.toLatin1(), str.length())) return -1; return 0; } a1time::a1time(const QDateTime &a) : QDateTime(a) { atime = NULL; } a1time::a1time(const a1time &a) : QDateTime(a) { atime = NULL; } a1time &a1time::operator = (const a1time &a) { if (atime) ASN1_TIME_free(atime); atime = NULL; QDateTime::operator=(a); return *this; } a1time::a1time() { atime = NULL; *this = now(); } a1time::a1time(const ASN1_TIME *a) { atime = NULL; from_asn1(a); } a1time::a1time(const QString &plain) { atime = NULL; fromPlain(plain); } a1time::~a1time() { if (atime) ASN1_TIME_free(atime); } ASN1_TIME *a1time::get_utc() { int year = date().year(); if (!isValid() || isUndefined() || year > 2049 || year < 1950) return get(); set_asn1(toUTC().toString(UTC_FORMAT), V_ASN1_UTCTIME); return atime; } ASN1_TIME *a1time::get() { if (isUndefined()) set_asn1(UNDEFINED_DATE, V_ASN1_GENERALIZEDTIME); else if (!isValid()) throw errorEx("Invalid Time"); else set_asn1(toUTC().toString(GEN_FORMAT), V_ASN1_GENERALIZEDTIME); return atime; } a1time &a1time::set(const ASN1_TIME *a) { from_asn1(a); return *this; } QString a1time::toString(QString fmt, Qt::TimeSpec spec) const { if (isUndefined()) return QObject::tr("Undefined"); if (!isValid()) return QObject::tr("Broken / Invalid"); return QLocale().toString( spec == Qt::UTC ? toUTC() : toLocalTime(), fmt); } QString a1time::toPretty() const { QString fmt = QLocale().dateTimeFormat(); return toString(fmt, Qt::LocalTime); } QString a1time::toPrettyGMT() const { return toString("yyyy-MM-dd'T'HH:mm:ss' GMT'"); } QString a1time::toSortable() const { return toString("yyyy-MM-dd"); } QString a1time::toPlain(const QString &fmt) const { if (isUndefined()) return QString(UNDEFINED_DATE); if (!isValid()) return QString("Broken-InvalidZ"); return toString(fmt.isEmpty() ? GEN_FORMAT : fmt); } qint64 a1time::age() const { return secsTo(now()); } QString a1time::toFancy() const { QString fmt("Dunno"); qint64 diff = age(); int dtn = toLocalTime().daysTo(now().toLocalTime()); bool future = false; if (diff < 0) { future = true; diff *= -1; } if (diff < 2 * SECS_PER_MINUTE) { fmt = future ? QObject::tr("in %1 seconds") : QObject::tr("%1 seconds ago"); } else if (diff < 2 *SECS_PER_HOUR) { diff /= SECS_PER_MINUTE; fmt = future ? QObject::tr("in %1 minutes") : QObject::tr("%1 minutes ago"); } else if (dtn == 1) { return QObject::tr("Yesterday"); } else if (dtn == -1) { return QObject::tr("Tomorrow"); } else if (diff < SECS_PER_DAY) { diff /= SECS_PER_HOUR; fmt = future ? QObject::tr("in %1 hours") : QObject::tr("%1 hours ago"); } else { return QLocale().toString(date(), QLocale::ShortFormat); } return fmt.arg(diff); } QString a1time::toPlainUTC() const { return toPlain(UTC_FORMAT); } QDateTime a1time::now(int delta) { return QDateTime::currentDateTime().toUTC().addSecs(delta); } void a1time::d2i(QByteArray &ba) { ASN1_TIME *n = (ASN1_TIME*)d2i_bytearray( D2I_VOID(d2i_ASN1_TIME), ba); openssl_error(); if (n) { from_asn1(n); ASN1_TIME_free(n); } } QByteArray a1time::i2d() { get(); return i2d_bytearray(I2D_VOID(i2d_ASN1_TIME), atime); } xca-RELEASE.2.5.0/lib/asn1time.h000066400000000000000000000024771450407711300160240ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2012, 2018 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __ASN1TIME_H #define __ASN1TIME_H #include #include #include #define SECS_PER_MINUTE (60) #define SECS_PER_HOUR (SECS_PER_MINUTE *60) #define SECS_PER_DAY (SECS_PER_HOUR*24) #define MSECS_PER_MINUTE (SECS_PER_MINUTE*1000) #define MSECS_PER_HOUR (SECS_PER_HOUR*1000) class a1time : public QDateTime { private: ASN1_TIME *atime; int from_asn1(const ASN1_TIME *a); int set_asn1(const QString &str, int type); public: a1time(); a1time(const QDateTime &a); a1time(const ASN1_TIME *a); a1time(const a1time &a); a1time(const QString &plain); a1time &operator = (const a1time &a); ~a1time(); a1time &set(const ASN1_TIME *a); int fromPlain(const QString &plain); a1time &setUndefined(); bool isUndefined() const; QString toString(QString fmt, Qt::TimeSpec spec = Qt::UTC) const; QString toPretty() const; QString toPrettyGMT() const; QString toPlain(const QString &fmt = QString()) const; QString toPlainUTC() const; QString toSortable() const; QString toFancy() const; QString isoLocalDate() const; ASN1_TIME *get(); ASN1_TIME *get_utc(); static QDateTime now(int delta = 0); QByteArray i2d(); void d2i(QByteArray &ba); qint64 age() const; }; #endif xca-RELEASE.2.5.0/lib/base.h000066400000000000000000000030601450407711300152020ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __BASE_H #define __BASE_H #define QT_NO_CAST_TO_ASCII #define OPENSSL_NO_STDIO // Disable advertisement for crappy, insecure, non-conformant MS BS _s functions #define _CRT_SECURE_NO_WARNINGS #pragma warning(disable:4996) #ifndef PACKAGE_NAME #define XCA_TITLE "X Certificate and Key management" #else #define XCA_TITLE PACKAGE_NAME #endif #include #include "local.h" #define CCHAR(x) qPrintable(x) #define C_FILE ((strrchr(__FILE__, '/') ? strrchr(__FILE__, '/') : __FILE__- 1) + 1) #define TRACE qDebug("File: %s Func: %s Line: %d", C_FILE, __func__, __LINE__); #define nativeSeparator(s) QDir::toNativeSeparators(s) #define ARRAY_SIZE(x) (sizeof(x)/sizeof((x)[0])) #define MIN(a,b) ((a)<(b)) ? (a) : (b) #if Q_BYTE_ORDER == Q_BIG_ENDIAN #define xhtonl(x) (x) #define xntohl(x) (x) #elif Q_BYTE_ORDER == Q_LITTLE_ENDIAN #if defined(Q_OS_WIN32) #include #define xhtonl(x) (_byteswap_ulong(x)) #define xntohl(x) (_byteswap_ulong(x)) #else #define xhtonl(x) (__builtin_bswap32(x)) #define xntohl(x) (__builtin_bswap32(x)) #endif #else # error "What kind of system is this?" #endif #define COL_CYAN "\x1b[36m" #define COL_BLUE "\x1b[94m" #define COL_GREEN "\x1b[92m" #define COL_LRED "\x1b[91m" #define COL_YELL "\x1b[33m" #define COL_RED "\x1b[31m" #define COL_DGREEN "\x1b[32m" #define COL_MAGENTA "\x1b[35m" #define COL_RESET "\x1b[0m" #define COL_BOLD "\x1b[1m" #define COL_DIM "\x1b[2m" #define COL_UNDER "\x1b[4m" #endif xca-RELEASE.2.5.0/lib/builtin_curves.cpp000066400000000000000000000071711450407711300176670ustar00rootroot00000000000000/* * Copyright (C) 2014 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include #include #include #include "builtin_curves.h" #include "exception.h" #include "func.h" #ifndef OPENSSL_NO_EC #include #include "opensc-pkcs11.h" static const QList rfc5480_curve_nids() { return QList { NID_X9_62_prime192v1, NID_secp224r1, NID_X9_62_prime256v1, NID_secp384r1, NID_secp521r1, }; }; static const QList x962_curve_nids() { return QList { NID_X9_62_prime192v1, NID_X9_62_prime192v2, NID_X9_62_prime192v3, NID_X9_62_prime239v1, NID_X9_62_prime239v2, NID_X9_62_prime239v3, NID_X9_62_prime256v1, NID_X9_62_c2pnb163v1, NID_X9_62_c2pnb163v2, NID_X9_62_c2pnb163v3, NID_X9_62_c2pnb176v1, NID_X9_62_c2tnb191v1, NID_X9_62_c2tnb191v2, NID_X9_62_c2tnb191v3, NID_X9_62_c2pnb208w1, NID_X9_62_c2tnb239v1, NID_X9_62_c2tnb239v2, NID_X9_62_c2tnb239v3, NID_X9_62_c2pnb272w1, NID_X9_62_c2pnb304w1, NID_X9_62_c2tnb359v1, NID_X9_62_c2pnb368w1, NID_X9_62_c2tnb431r1 }; }; static const QList other_curve_nids() { return QList { NID_sect113r1, NID_sect113r2, NID_sect131r1, NID_sect131r2, NID_sect163k1, NID_sect163r1, NID_sect163r2, NID_sect193r1, NID_sect193r2, NID_sect233k1, NID_sect233r1, NID_sect239k1, NID_sect283k1, NID_sect283r1, NID_sect409k1, NID_sect409r1, NID_sect571k1, NID_sect571r1, NID_secp112r1, NID_secp112r2, NID_secp128r1, NID_secp128r2, NID_secp160k1, NID_secp160r1, NID_secp160r2, NID_secp192k1, NID_secp224k1, NID_secp224r1, NID_secp256k1, NID_secp384r1, NID_secp521r1, NID_wap_wsg_idm_ecid_wtls1, NID_wap_wsg_idm_ecid_wtls3, NID_wap_wsg_idm_ecid_wtls4, NID_wap_wsg_idm_ecid_wtls5, NID_wap_wsg_idm_ecid_wtls6, NID_wap_wsg_idm_ecid_wtls7, NID_wap_wsg_idm_ecid_wtls8, NID_wap_wsg_idm_ecid_wtls9, NID_wap_wsg_idm_ecid_wtls10, NID_wap_wsg_idm_ecid_wtls11, NID_wap_wsg_idm_ecid_wtls12, #ifdef NID_brainpoolP160r1 NID_brainpoolP160r1, NID_brainpoolP160t1, NID_brainpoolP192r1, NID_brainpoolP192t1, NID_brainpoolP224r1, NID_brainpoolP224t1, NID_brainpoolP256r1, NID_brainpoolP256t1, NID_brainpoolP320r1, NID_brainpoolP320t1, NID_brainpoolP384r1, NID_brainpoolP384t1, NID_brainpoolP512r1, NID_brainpoolP512t1 #endif }; }; builtin_curves::builtin_curves() { int i, num_curves = EC_get_builtin_curves(NULL, 0); EC_builtin_curve *curves = new EC_builtin_curve[num_curves]; Q_CHECK_PTR(curves); BIGNUM *order = BN_new(); Q_CHECK_PTR(order); EC_get_builtin_curves(curves, num_curves); for (i=0; i < num_curves; i++) { int flag = 0, nid = curves[i].nid; unsigned long type = 0; if (rfc5480_curve_nids().contains(nid)) flag = CURVE_RFC5480; else if (x962_curve_nids().contains(nid)) flag = CURVE_X962; else if (other_curve_nids().contains(nid)) flag = CURVE_OTHER; else continue; EC_GROUP *group = EC_GROUP_new_by_curve_name(nid); EC_GROUP_get_order(group, order, NULL); switch (EC_METHOD_get_field_type(EC_GROUP_method_of(group))) { case NID_X9_62_prime_field: type = CKF_EC_F_P; break; case NID_X9_62_characteristic_two_field: type = CKF_EC_F_2M; break; default: continue; } #undef PRINT_KNOWN_CURVES #ifdef PRINT_KNOWN_CURVES qDebug() << QString(curves[i].comment).leftJustified(50) << QString(OBJ_nid2sn(nid)).leftJustified(27) << OBJ_obj2QString(OBJ_nid2obj(nid),1).leftJustified(20) << (type == CKF_EC_F_P ? "Fp" : "F2m"); #endif append(builtin_curve(nid, QString(curves[i].comment), BN_num_bits(order), flag, type)); EC_GROUP_free(group); } BN_free(order); delete[] curves; } #else builtin_curves::builtin_curves() { } #endif xca-RELEASE.2.5.0/lib/builtin_curves.h000066400000000000000000000014161450407711300173300ustar00rootroot00000000000000/* * Copyright (C) 2014 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __BUILTIN_EC_CURVES_H #define __BUILTIN_EC_CURVES_H #include #include #include "base.h" #define CURVE_X962 1 #define CURVE_OTHER 2 #define CURVE_RFC5480 3 class builtin_curve { public: int nid; QString comment; unsigned order_size; int flags; /* type: CKF_EC_F_P || CKF_EC_F_2M */ unsigned long type; builtin_curve(int n, QString c, int s, int f, int t) { nid = n; comment = c; order_size = s; flags = f; type = t; }; }; class builtin_curves: public QList { public: builtin_curves(); bool containNid(int nid) { foreach(const builtin_curve &c, *this) if (c.nid == nid) return true; return false; } }; #endif xca-RELEASE.2.5.0/lib/database_model.cpp000066400000000000000000000320561450407711300175560ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2020 Christian Hohnstaedt. * * All rights reserved. */ #include #include #include "XcaWarningCore.h" #include "PwDialogCore.h" #include "exception.h" #include "database_model.h" #include "pki_temp.h" #include "pki_x509req.h" #include "pki_evp.h" #include "pki_scard.h" #include "pki_multi.h" #include "entropy.h" #include "db_base.h" #include "sql.h" #include "func.h" #include "settings.h" #include "entropy.h" #include "pass_info.h" #include "db_key.h" #include "db_x509.h" #include "db_crl.h" #include "db_x509req.h" #include "db_temp.h" xca_db Database; bool database_model::open_without_password = false; const QString &database_model::detect_provider() { // Since we may access the database via ODBC, we need to ask // the backend engine directly. static const QList db_probes { { "SELECT sqlite_version()", "3", "SQLITE" }, { "SELECT version()", "postgresql", "POSTGRES" }, { "SELECT @@version", "mysql", "MARIADB" }, { "SELECT @@version", "mariadb", "MARIADB" }, { "SELECT @@version", "microsoft", "MICROSOFT" }, }; if (db_provider.isEmpty()) { QSqlDatabase db = QSqlDatabase::database(); if (!db.isOpen()) return db_provider; db_provider = "UNKNOWN"; XSqlQuery q; foreach(QStringList probe, db_probes) { qDebug() << probe[0]; if (q.exec(probe[0]) && !q.lastError().isValid() && q.next()) { QString id = q.value(0).toString().simplified(); qDebug() << probe[1] << id; if (id.contains(probe[1], Qt::CaseInsensitive)) { db_provider = probe[2]; break; } } } } qDebug() << "db_provider:" << db_provider; return db_provider; } QSqlError database_model::initSqlDB() { #define MAX_SCHEMAS 7 #define SCHEMA_VERSION "7" QStringList schemas[MAX_SCHEMAS]; #include "database_schema.cpp" XSqlQuery q; QSqlDatabase db = QSqlDatabase::database(); QStringList tables; unsigned int i; if (!db.isOpen()) return QSqlError(); QString b64_blob = "TEXT"; if (detect_provider() == "MARIADB") b64_blob = "LONGTEXT"; Transaction; if (!TransBegin()) return db.lastError(); for (;;) { i = XSqlQuery::schemaVersion(); if (i >= ARRAY_SIZE(schemas)) break; foreach(QString sql, schemas[i]) { sql = sql.arg(b64_blob); qDebug("EXEC[%d]: '%s'", i, CCHAR(sql)); if (!q.exec(sql) || q.lastError().isValid()) { TransRollback(); return q.lastError(); } } } if (i != MAX_SCHEMAS) throw errorEx(QObject::tr("Failed to update the database schema to the current version")); TransCommit(); return QSqlError(); } bool database_model::checkForOldDbFormat(const QString &dbfile) const { // 0x ca db 19 69 static const unsigned char magic[] = { 0xca, 0xdb, 0x19, 0x69 }; char head[4]; XFile file(dbfile); if (!file.exists()) return 0; if (!file.open(QIODevice::ReadOnly)) return 0; file.read(head, sizeof head); file.close(); return !memcmp(head, magic, sizeof head); } database_model::database_model(const QString &name, const Passwd &pass) { enum open_result result; QSqlError err; dbName = name; dbTimer = 0; if (dbName.isEmpty()) dbName = get_default_db(); if (dbName.isEmpty()) throw open_abort; Passwd passwd(pass); do { try { openDatabase(dbName, passwd); break; } catch (errorEx &err) { if (!isRemoteDB(dbName)) throw err; if (!passwd.isEmpty()) XCA_ERROR(err); DbMap params = splitRemoteDbName(dbName); pass_info p(XCA_TITLE, tr("Please enter the password to access the database server %2 as user '%1'.") .arg(params["user"]).arg(params["host"])); result = PwDialogCore::execute(&p, &passwd); if (result != pw_ok) throw result; } } while (1); Entropy::seed_rng(); initSqlDB(); result = initPass(dbName, Settings["pwhash"]); if (result == pw_exit) throw pw_exit; if (result != pw_ok && Settings["pwhash"].empty()) throw open_abort; /* Assure initialisation order: * keys first, followed by x509[req], and crls last. * Templates don't care. */ models << new db_key(); models << new db_x509req(); models << new db_x509(); models << new db_crl(); models << new db_temp(); foreach(db_base *m, models) { Q_CHECK_PTR(m); connect(m, SIGNAL(pkiChanged(pki_base*)), this, SLOT(pkiChangedSlot(pki_base*))); } pkcs11::libraries.load(Settings["pkcs11path"]); restart_timer(); } db_base *database_model::modelForPki(const pki_base *pki) const { if (dynamic_cast(pki)) return model(); if (dynamic_cast(pki)) return model(); if (dynamic_cast(pki)) return model(); if (dynamic_cast(pki)) return model(); if (dynamic_cast(pki)) return model(); return NULL; } pki_base *database_model::insert(pki_base *pki) { db_base *db = modelForPki(pki); if (db) return db->insert(pki); pki_multi *multi = dynamic_cast(pki); if (multi) { QList items = multi->pull(); foreach(pki_base *i, items) insert(i); } delete pki; return NULL; } void database_model::restart_timer() { if (!IS_GUI_APP) return; killTimer(dbTimer); dbTimer = startTimer(1500); foreach(db_base *m, models) m->restart_timer(); } void database_model::timerEvent(QTimerEvent *event) { quint64 stamp; if (event->timerId() != dbTimer) return; XSqlQuery q; SQL_PREPARE(q, "SELECT MAX(stamp) from items"); q.exec(); if (!q.first()) return; stamp = q.value(0).toULongLong(); q.finish(); if (stamp > DbTransaction::DatabaseStamp) { SQL_PREPARE(q, "SELECT DISTINCT type FROM items WHERE stamp=?"); q.bindValue(0, stamp); q.exec(); QList typelist; while (q.next()) typelist << (enum pki_type)q.value(0).toInt(); q.finish(); qDebug() << "CHANGED" << typelist; foreach(db_base *model, models) model->reloadContainer(typelist); } DbTransaction::DatabaseStamp = stamp; } void database_model::dump_database(const QString &dirname) const { if (dirname.isEmpty()) return; QDir d(dirname); if (!d.exists() && !d.mkdir(dirname)) { throw errorEx(tr("Unable to create '%1': %2").arg(dirname)); return; } qDebug() << "Dumping to" << dirname; foreach(db_base *model, models) model->dump(dirname); } static QString defaultdb() { return getUserSettingsDir() + "/defaultdb"; } QString database_model::get_default_db() const { if (QSqlDatabase::database().isOpen()) return QString(); QFile inputFile(defaultdb()); if (!inputFile.open(QIODevice::ReadOnly)) return QString(); char buf[2048]; int ret = inputFile.readLine(buf, sizeof buf); if (ret < 1) return 0; inputFile.close(); QString dbfile = QString::fromUtf8(QByteArray(buf, ret)).trimmed(); if (QFile::exists(dbfile) || isRemoteDB(dbfile)) return dbfile; return QString(); } void database_model::as_default_database(const QString &db) { QFile file(defaultdb()); if (db.isEmpty()) { file.remove(); return; } if (file.open(QIODevice::ReadWrite | QIODevice::Truncate)) { QByteArray ba = isRemoteDB(db) ? db.toUtf8() : relativePath(db).toUtf8(); file.write(ba + '\n'); /* write() failed? Harmless. Only inconvenient */ } file.close(); } database_model::~database_model() { QByteArray ba; QString connName; bool dbopen; { /* Destroy "db" at the end of the block */ QSqlDatabase db = QSqlDatabase::database(); connName= db.connectionName(); dbopen = db.isOpen(); } if (!dbopen) { QSqlDatabase::removeDatabase(connName); Settings.clear(); return; } killTimer(dbTimer); qDeleteAll(models); models.clear(); Store.flush(); XSqlQuery q("VACUUM"); QSqlDatabase::database().close(); pki_evp::passwd.cleanse(); pkcs11::libraries.remove_libs(); QSqlDatabase::removeDatabase(connName); Settings.clear(); XSqlQuery::clearTablePrefix(); } #define NUM_PARAM 6 #define NUM_PARAM_LEAST 5 DbMap database_model::splitRemoteDbName(const QString &db) { static const char * const names[NUM_PARAM] = { "all", "user", "host", "type", "dbname", "prefix" }; DbMap map; auto match = QRegularExpression("(.*)@(.*)/(.*):([^#]*)#?([^#]*)") .match(db); QStringList list = match.capturedTexts(); if (match.hasMatch() && list.size() >= NUM_PARAM_LEAST) { if (list.size() == NUM_PARAM_LEAST) list[NUM_PARAM_LEAST] = ""; list[NUM_PARAM_LEAST] = list[NUM_PARAM_LEAST].toLower(); for (int i=0; i < NUM_PARAM; i++) { map[names[i]] = list[i]; } qDebug() << "SPLIT DB:" << map; } return map; } bool database_model::isRemoteDB(const QString &db) { DbMap remote_param = splitRemoteDbName(db); return remote_param.size() == NUM_PARAM; } void database_model::openRemoteDatabase(const QString &connName, const DbMap ¶ms, const Passwd &pass) { QSqlDatabase db = QSqlDatabase::database(connName, false); db.setDatabaseName(params["dbname"]); QStringList hostport = params["host"].split(":"); if (hostport.size() > 0) db.setHostName(hostport[0]); if (hostport.size() > 1) db.setPort(hostport[1].toInt()); db.setUserName(params["user"]); db.setPassword(pass); QString envvar(QString("XCA_%1_OPTIONS").arg(db.driverName())); const char *opts = getenv(envvar.toLatin1()); if (opts) db.setConnectOptions(opts); XSqlQuery::setTablePrefix(params["prefix"]); db.open(); QSqlError e = db.lastError(); if (e.isValid() || !db.isOpen()) { XSqlQuery::clearTablePrefix(); db.close(); throw errorEx(e); } /* This is MySQL specific. Execute it always, because * dbType() could return "ODBC" but connect to MariaDB */ XSqlQuery q("SET SESSION SQL_MODE='ANSI'"); q.exec("PRAGMA secure_delete = 'true'"); } void database_model::openLocalDatabase(const QString &connName, const QString &descriptor) { QSqlDatabase db = QSqlDatabase::database(connName); XFile f(descriptor); qDebug() << connName << descriptor; if (!f.exists(descriptor)) { f.open(QIODevice::WriteOnly); f.setPermissions(QFile::WriteOwner | QFile::ReadOwner); } if (f.size() != 0) { f.open(QIODevice::ReadOnly); QByteArray ba = f.read(6); qDebug() << "FILE:" << f.fileName() << ba; if (ba != "SQLite") { throw errorEx(tr("The file '%1' is not an XCA database") .arg(f.fileName())); } } f.close(); db.setDatabaseName(descriptor); db.open(); QSqlError e = db.lastError(); if (e.isValid()) { db.close(); throw errorEx(e); } } void database_model::openDatabase(const QString &descriptor, const Passwd &pass) { DbMap params = splitRemoteDbName(descriptor); bool isRemote = params.size() == NUM_PARAM; QString connName, type = isRemote ? params["type"] : QString("QSQLITE"); qDebug() << "IS REMOTE?" << params.size() << NUM_PARAM << type << params; try { QSqlDatabase db = QSqlDatabase::addDatabase(type); connName = db.connectionName(); if (!isRemote) { if (!db.isDriverAvailable("QSQLITE")) throw errorEx(tr("No SqLite3 driver available. Please install the qt-sqlite package of your distribution")); openLocalDatabase(connName, descriptor); } else { openRemoteDatabase(connName, params, pass); } DbTransaction::setHasTransaction( db.driver()->hasFeature(QSqlDriver::Transactions)); } catch (errorEx &err) { QSqlDatabase::removeDatabase(connName); throw err; } } static void pwhash_upgrade() { /* Start automatic update from sha512 to sha512*8000 * if the password is correct. The old sha512 hash does * start with 'S', while the new hash starts with T. */ /* Start automatic update from md5 to salted sha512*8000 * if the password is correct. The md5 hash does not * start with 'S' or 'T, but with a hex-digit */ if (pki_evp::passHash.startsWith("T")) { /* Fine, current hash function used. */ return; } if (pki_evp::sha512passwd(pki_evp::passwd, pki_evp::passHash) == pki_evp::passHash || pki_evp::md5passwd(pki_evp::passwd) == pki_evp::passHash) { QString salt = Entropy::makeSalt(); pki_evp::passHash = pki_evp::sha512passwT( pki_evp::passwd, salt); } } enum open_result database_model::initPass(const QString &dbName, const QString &passhash) const { QString salt, pass; enum open_result result = pw_cancel; pass_info p(tr("New Password"), tr("Please enter a password, " "that will be used to encrypt your private keys " "in the database:\n%1"). arg(compressFilename(dbName))); pki_evp::passHash = passhash; if (pki_evp::passHash.isEmpty()) { result = PwDialogCore::execute(&p, &pki_evp::passwd,true,true); if (result != pw_ok) return result; salt = Entropy::makeSalt(); pki_evp::passHash =pki_evp::sha512passwT(pki_evp::passwd,salt); Settings["pwhash"] = pki_evp::passHash; } else if (!open_without_password) { pwhash_upgrade(); while (pki_evp::sha512passwT(pki_evp::passwd, pki_evp::passHash) != pki_evp::passHash) { if (result == pw_ok) XCA_PASSWD_ERROR(); p.setTitle(tr("Password")); p.setDescription(tr("Please enter the password for unlocking the database:\n%1").arg(compressFilename(dbName))); result = PwDialogCore::execute(&p, &pki_evp::passwd, false, true); if (result != pw_ok) { pki_evp::passwd = QByteArray(); return result; } pwhash_upgrade(); } } open_without_password = false; if (pki_evp::passwd.isNull()) pki_evp::passwd = ""; return pw_ok; } void database_model::pkiChangedSlot(pki_base *pki) { emit pkiChanged(pki); } xca-RELEASE.2.5.0/lib/database_model.h000066400000000000000000000064761450407711300172320ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __DATABASE_MODEL_H #define __DATABASE_MODEL_H #include #include #include #include #include #include "sql.h" #include "db_base.h" #include "lib/Passwd.h" typedef QMap DbMap; class database_model: public QObject { Q_OBJECT private: QList models; int dbTimer; void openSqlDB(); QSqlError initSqlDB(); QString dbName; QString db_provider; const QString &detect_provider(); bool checkForOldDbFormat(const QString &dbfile) const; enum open_result verifyOldDbPass(const QString &dbname) const; void importOldDatabase(const QString &dbfile); QString get_default_db() const; QString checkPre2Xdatabase() const; enum open_result initPass(const QString &dbName, const QString &passhash) const; void restart_timer(); static void openDatabase(const QString &descriptor, const Passwd &pass); static void openRemoteDatabase(const QString &connName, const DbMap ¶ms, const Passwd &pass); static void openLocalDatabase(const QString &connName, const QString &descriptor); private slots: void pkiChangedSlot(pki_base *pki); public: static bool open_without_password; database_model(const QString &dbName, const Passwd &pass = Passwd()); ~database_model(); void timerEvent(QTimerEvent *event); db_base *modelForPki(const pki_base *pki) const; QString dbname() const { return dbName; } void dump_database(const QString &dirname) const; QList getModels() const { return models; } template T *model() const { foreach(db_base *model, models) { T *m = dynamic_cast(model); if (m) return m; } return NULL; } pki_base *insert(pki_base *pki); static DbMap splitRemoteDbName(const QString &db); static bool isRemoteDB(const QString &db); static void as_default_database(const QString &db); signals: void pkiChanged(pki_base *pki) const; }; class xca_db { private: database_model *db; public: xca_db() : db(nullptr) { } ~xca_db() { close(); } void open(const QString &dbName, const Passwd &pass = Passwd()) { close(); db = new database_model(dbName, pass); qDebug() << "Opening database:" << name(); } void open_default() { open(QString()); } void close() { if (db) { qDebug() << "Closing database:" << name(); delete db; db = NULL; } } QString name() const { return db ? db->dbname() : QString(); } bool isOpen() { return db != NULL; } template T *model() const { return db ? db->model() : NULL; } void dump(const QString &dirname) const { if (db) db->dump_database(dirname); } void as_default() const { database_model::as_default_database(name()); } QList getModels() const { return db ? db->getModels() : QList(); } pki_base *insert(pki_base *pki) { return db ? db->insert(pki) : NULL; } db_base *modelForPki(const pki_base *pki) const { return db ? db->modelForPki(pki) : NULL; } void connectToDbChangeEvt(QObject *o, const char *slot) { if (db) QObject::connect( db, SIGNAL(pkiChanged(pki_base*)), o, slot); } }; extern xca_db Database; #endif xca-RELEASE.2.5.0/lib/database_schema.cpp000066400000000000000000000276441450407711300177250ustar00rootroot00000000000000/* The "32bit hash" in public_keys, x509super, requests, certs and crls * is used to quickly find items in the DB by reference. * It consists of the first 4 bytes of a SHA1 hash. * Collisions are of course possible. * * All binaries are stored Base64 encoded in a column of type * ' B64_BLOB ' It is defined here as 'TEXT' which is huge, except * on mysql where LONGTEXT is used. */ #define B64_BLOB "%1" /* * The B64(DER(something)) function means DER encode something * and then Base64 encode that. * So finally this is PEM without newlines, header and footer * * Dates are alway stored as 'CHAR(15)' in the * ASN.1 Generalized time 'yyyyMMddHHmmssZ' format */ #define DB_DATE "CHAR(15)" /* * Configuration settings from * the Options dialog, window size, last export directory, * default key type and size, * table column (position, sort order, visibility) */ schemas[0] << "CREATE TABLE settings (" "key_ CHAR(20) UNIQUE, " // mySql does not like 'key' or 'option" "value " B64_BLOB ")" << "INSERT INTO settings (key_, value) VALUES ('schema', '" SCHEMA_VERSION "')" /* * All items (keys, tokens, requests, certs, crls, templates) * are stored here with the primary key and some common data * The other tables containing the details reference the 'id' * as FOREIGN KEY. */ << "CREATE TABLE items(" "id INTEGER PRIMARY KEY, " "name VARCHAR(128), " // Internal name of the item "type INTEGER, " // enum pki_type "source INTEGER, " // enum pki_source "date " DB_DATE ", " // Time of insertion (creation/import) "comment VARCHAR(2048), " "stamp INTEGER NOT NULL DEFAULT 0, " // indicate concurrent access "del SMALLINT NOT NULL DEFAULT 0)" /* * Storage of public keys. Private keys and tokens also store * their public part here. */ << "CREATE TABLE public_keys (" "item INTEGER, " // reference to items(id) "type CHAR(4), " // RSA DSA EC (as text) "hash INTEGER, " // 32 bit hash "len INTEGER, " // key size in bits "\"public\" " B64_BLOB ", " // B64(DER(public key)) "FOREIGN KEY (item) REFERENCES items (id))" /* * The private part of RSA, DSA, EC keys. * references to 'items' and 'public_keys' */ << "CREATE TABLE private_keys (" "item INTEGER, " // reference to items(id) "ownPass INTEGER, " // Encrypted by DB pwd or own pwd "private " B64_BLOB ", " // B64(Encrypt(DER(private key))) "FOREIGN KEY (item) REFERENCES items (id))" /* * Smart cards or other PKCS#11 tokens * references to 'items' and 'public_keys' */ << "CREATE TABLE tokens (" "item INTEGER, " // reference to items(id) "card_manufacturer VARCHAR(64), " // Card location data "card_serial VARCHAR(64), " // as text "card_model VARCHAR(64), " "card_label VARCHAR(64), " "slot_label VARCHAR(64), " "object_id VARCHAR(64), " // Unique ID on the token "FOREIGN KEY (item) REFERENCES items (id))" /* * Encryption and hash mechanisms supported by a token */ << "CREATE TABLE token_mechanism (" "item INTEGER, " // reference to items(id) "mechanism INTEGER, " // PKCS#11: CK_MECHANISM_TYPE "FOREIGN KEY (item) REFERENCES items (id))" /* * An X509 Super class, consisting of a * - Distinguishd name hash * - Referenced key in the database * - hash of the public key, used for lookups if there * is no key to reference * used by Requests and certificates and the use-counter of keys: * 'SELECT from x509super WHERE pkey=?' */ << "CREATE TABLE x509super (" "item INTEGER, " // reference to items(id) "subj_hash INTEGER, " // 32 bit hash of the Distinguished name "pkey INTEGER, " // reference to the key items(id) "key_hash INTEGER, " // 32 bit hash of the public key "FOREIGN KEY (item) REFERENCES items (id), " "FOREIGN KEY (pkey) REFERENCES items (id)) " /* * PKCS#10 Certificate request details * also takes information from the 'x509super' table. */ << "CREATE TABLE requests (" "item INTEGER, " // reference to items(id) "hash INTEGER, " // 32 bit hash of the request "signed INTEGER, " // Whether it was once signed. "request " B64_BLOB ", " // B64(DER(PKCS#10 request)) "FOREIGN KEY (item) REFERENCES items (id)) " /* * X509 certificate details * also takes information from the 'x509super' table. * The content of the columns: hash, iss_hash, serial, ca * can also be retrieved directly from the certificate, but are good * to lurk around for faster lookup */ << "CREATE TABLE certs (" "item INTEGER, " // reference to items(id) "hash INTEGER, " // 32 bit hash of the cert "iss_hash INTEGER, " // 32 bit hash of the issuer DN "serial VARCHAR(64), " // Serial number of the certificate "issuer INTEGER, " // The items(id) of the issuer or NULL "ca INTEGER, " // CA: yes / no from BasicConstraints "cert " B64_BLOB ", " // B64(DER(certificate)) "FOREIGN KEY (item) REFERENCES items (id), " "FOREIGN KEY (issuer) REFERENCES items (id)) " /* * X509 cartificate Authority data */ << "CREATE TABLE authority (" "item INTEGER, " // reference to items(id) "template INTEGER, " // items(id) of the default template "crlExpire " DB_DATE ", " // CRL expiry date "crlNo INTEGER, " // Last CRL Number "crlDays INTEGER, " // CRL days until renewal "dnPolicy VARCHAR(1024), " // DistinguishedName policy (UNUSED) "FOREIGN KEY (item) REFERENCES items (id), " "FOREIGN KEY (template) REFERENCES items (id)) " /* * Storage of CRLs */ << "CREATE TABLE crls (" "item INTEGER, " // reference to items(id) "hash INTEGER, " // 32 bit hash of the CRL "num INTEGER, " // Number of revoked certificates "iss_hash INTEGER, " // 32 bit hash of the issuer DN "issuer INTEGER, " // The items(id) of the issuer or NULL "crl " B64_BLOB ", " // B64(DER(revocation list)) "FOREIGN KEY (item) REFERENCES items (id), " "FOREIGN KEY (issuer) REFERENCES items (id)) " /* * Revocations (serial, date, reason, issuer) used to create new * CRLs. 'Manage revocations' */ << "CREATE TABLE revocations (" "caId INTEGER, " // reference to certs(item) "serial VARCHAR(64), " // Serial of the revoked certificate "date " DB_DATE ", " // Time of creating the revocation "invaldate " DB_DATE ", " // Time of invalidation "crlNo INTEGER, " // Crl Number of CRL of first appearance "reasonBit INTEGER, " // Bit number of the revocation reason "FOREIGN KEY (caId) REFERENCES items (id))" /* * Templates */ << "CREATE TABLE templates (" "item INTEGER, " // reference to items(id) "version INTEGER, " // Version of the template format "template " B64_BLOB ", " // The base64 encoded template "FOREIGN KEY (item) REFERENCES items (id))" /* Views */ << "CREATE VIEW view_public_keys AS SELECT " "items.id, items.name, items.type AS item_type, items.date, " "items.source, items.comment, " "public_keys.type as key_type, public_keys.len, public_keys.\"public\", " "private_keys.ownPass, " "tokens.card_manufacturer, tokens.card_serial, tokens.card_model, " "tokens.card_label, tokens.slot_label, tokens.object_id " "FROM public_keys LEFT JOIN items ON public_keys.item = items.id " "LEFT JOIN private_keys ON private_keys.item = public_keys.item " "LEFT JOIN tokens ON public_keys.item = tokens.item" << "CREATE VIEW view_certs AS SELECT " "items.id, items.name, items.type, items.date AS item_date, " "items.source, items.comment, " "x509super.pkey, " "certs.serial AS certs_serial, certs.issuer, certs.ca, certs.cert, " "authority.template, authority.crlExpire, " "authority.crlNo AS auth_crlno, authority.crlDays, authority.dnPolicy, " "revocations.serial, revocations.date, revocations.invaldate, " "revocations.crlNo, revocations.reasonBit " "FROM certs LEFT JOIN items ON certs.item = items.id " "LEFT JOIN x509super ON x509super.item = certs.item " "LEFT JOIN authority ON authority.item = certs.item " "LEFT JOIN revocations ON revocations.caId = certs.issuer " "AND revocations.serial = certs.serial" << "CREATE VIEW view_requests AS SELECT " "items.id, items.name, items.type, items.date, " "items.source, items.comment, " "x509super.pkey, " "requests.request, requests.signed " "FROM requests LEFT JOIN items ON requests.item = items.id " "LEFT JOIN x509super ON x509super.item = requests.item" << "CREATE VIEW view_crls AS SELECT " "items.id, items.name, items.type, items.date, " "items.source, items.comment, " "crls.num, crls.issuer, crls.crl " "FROM crls LEFT JOIN items ON crls.item = items.id " << "CREATE VIEW view_templates AS SELECT " "items.id, items.name, items.type, items.date, " "items.source, items.comment, " "templates.version, templates.template " "FROM templates LEFT JOIN items ON templates.item = items.id" << "CREATE VIEW view_private AS SELECT " "name, private FROM private_keys JOIN items ON " "items.id = private_keys.item" << "CREATE INDEX i_settings_key_ ON settings (key_)" << "CREATE INDEX i_items_id ON items (id)" << "CREATE INDEX i_public_keys_item ON public_keys (item)" << "CREATE INDEX i_public_keys_hash ON public_keys (hash)" << "CREATE INDEX i_private_keys_item ON private_keys (item)" << "CREATE INDEX i_tokens_item ON tokens (item)" << "CREATE INDEX i_token_mechanism_item ON token_mechanism (item)" << "CREATE INDEX i_x509super_item ON x509super (item)" << "CREATE INDEX i_x509super_subj_hash ON x509super (subj_hash)" << "CREATE INDEX i_x509super_key_hash ON x509super (key_hash)" << "CREATE INDEX i_x509super_pkey ON x509super (pkey)" << "CREATE INDEX i_requests_item ON requests (item)" << "CREATE INDEX i_requests_hash ON requests (hash)" << "CREATE INDEX i_certs_item ON certs (item)" << "CREATE INDEX i_certs_hash ON certs (hash)" << "CREATE INDEX i_certs_iss_hash ON certs (iss_hash)" << "CREATE INDEX i_certs_serial ON certs (serial)" << "CREATE INDEX i_certs_issuer ON certs (issuer)" << "CREATE INDEX i_certs_ca ON certs (ca)" << "CREATE INDEX i_authority_item ON authority (item)" << "CREATE INDEX i_crls_item ON crls (item)" << "CREATE INDEX i_crls_hash ON crls (hash)" << "CREATE INDEX i_crls_iss_hash ON crls (iss_hash)" << "CREATE INDEX i_crls_issuer ON crls (issuer)" << "CREATE INDEX i_revocations_caId_serial ON revocations (caId, serial)" << "CREATE INDEX i_templates_item ON templates (item)" << "CREATE INDEX i_items_stamp ON items (stamp)" ; /* Schema Version 2: Views added to quickly load the data */ /* Schema Version 3: Add indexes over hashes and primary, foreign keys */ /* Schema Version 4: Add private key view to extract a private key with: mysql: mysql -sNp -u xca xca_msq -e or sqlite: sqlite3 ~/sqlxdb.xdb or psql: psql -t -h 192.168.140.7 -U xca -d xca_pg -c 'SELECT private FROM view_private WHERE name=\"pk8key\";' |\ base64 -d | openssl pkcs8 -inform DER * First mysql/psql will ask for a password and then OpenSSL will ask for * the database password. */ /* Schema Version 5: Extend settings value size from 1024 to B64_BLOB * SQLite does not support 'ALTER TABLE settings MODIFY ...' */ schemas[5] << "ALTER TABLE settings RENAME TO __settings" << "CREATE TABLE settings (" "key_ CHAR(20) UNIQUE, " // mySql does not like 'key' or 'option' "value " B64_BLOB ")" << "INSERT INTO settings(key_, value) " "SELECT key_, value " "FROM __settings" << "DROP TABLE __settings" << "UPDATE settings SET value='6' WHERE key_='schema'" ; schemas[6] << "ALTER TABLE items ADD del SMALLINT NOT NULL DEFAULT 0" << "CREATE INDEX i_items_del ON items (del)" << "UPDATE settings SET value='7' WHERE key_='schema'" ; /* When adding new tables or views, also add them to the list * in XSqlQuery::rewriteQuery(QString) in lib/sql.cpp */ xca-RELEASE.2.5.0/lib/db_base.cpp000066400000000000000000000361761450407711300162200ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #include "db_base.h" #include "func.h" #include "exception.h" #include "XcaWarningCore.h" #include #include #include #include void db_base::restart_timer() { if (!IS_GUI_APP) return; killTimer(secondsTimer); killTimer(minutesTimer); killTimer(hoursTimer); secondsTimer = startTimer(1000); minutesTimer = startTimer(MSECS_PER_MINUTE); hoursTimer = startTimer(MSECS_PER_HOUR); } db_base::db_base(const char *classname) :QAbstractItemModel() { rootItem = new pki_base(QString("ROOTitem(%1)").arg(classname)); treeItem = new pki_base(QString("TREEitem(%1)").arg(classname)); colResizing = 0; class_name = classname; secondsTimer = minutesTimer = hoursTimer = 0; treeview = true; restart_timer(); } db_base::~db_base() { saveHeaderState(); qDeleteAll(allHeaders); delete rootItem; delete treeItem; } pki_base *db_base::newPKI(enum pki_type type) { (void)type; return new pki_base(); } void db_base::createSuccess(const pki_base *pki) const { if (!pki) return; if (Settings["suppress_messages"]) return; XCA_INFO(pki->getMsg(pki_base::msg_create).arg(pki->getIntName())); } void db_base::remFromCont(const QModelIndex &idx) { if (!idx.isValid()) return; pki_base *pki = fromIndex(idx); pki_base *parent_pki = pki->getParent(); int row = rownumber(pki); beginRemoveRows(parent(idx), row, row); parent_pki->takeChild(pki); rootItem->takeChild(pki); endRemoveRows(); emit columnsContentChanged(); } QString db_base::sqlItemSelector() { QStringList sl; QString selector; foreach(enum pki_type pt, pkitype) sl << QString("type=%1").arg(pt); return sl.join(" OR "); } void db_base::loadContainer() { XSqlQuery q; QSqlError e; QString stmt; SQL_PREPARE(q, QString("SELECT * FROM view_") + sqlHashTable); q.exec(); e = q.lastError(); XCA_SQLERROR(e); while (q.next()) try { enum pki_type t; QSqlRecord rec = q.record(); t = (enum pki_type)q.value(VIEW_item_type).toInt(); pki_base *pki = newPKI(t); pki->restoreSql(rec); rootItem->insert(pki); treeItem->insert(pki); Store.add(q.value(VIEW_item_id), pki); } catch (errorEx &ex) { XCA_ERROR(ex); } QString view = Settings[class_name + "_hdView"]; if (view.isEmpty()) { for (int i=0; i< allHeaders.count(); i++) { allHeaders[i]->reset(); } } else { allHeaders.fromData(view); } restart_timer(); emit columnsContentChanged(); } void db_base::reloadContainer(const QList &typelist) { bool match = false; QList all_types = pkitype + pkitype_depends; foreach(enum pki_type t, typelist) { if (all_types.contains(t)) { match = true; break; } } if (!match) return; qDebug() << "RELOAD" << class_name << all_types << typelist; beginResetModel(); rootItem->clear(); treeItem->clear(); endResetModel(); loadContainer(); } void db_base::updateHeaders() { QString s = allHeaders.toData(); qDeleteAll(allHeaders); allHeaders = getHeaders(); allHeaders.fromData(s); } dbheaderList db_base::getHeaders() { dbheaderList h; /* "No." handled in XcaProxyModel */ h << new dbheader(HD_internal_name, true, tr("Internal name")) << new num_dbheader(HD_counter, false, tr("No.")) << new num_dbheader(HD_primary_key, false, tr("Primary key"), tr("Database unique number")) << new date_dbheader(HD_creation, false, tr("Date"), tr("Date of creation or insertion")) << new dbheader(HD_source, false, tr("Source"), tr("Generated, Imported, Transformed")) << new dbheader(HD_comment, false, tr("Comment"), tr("First line of the comment field")); return h; } void db_base::saveHeaderState() { if (QSqlDatabase::database().isOpen()) Settings[class_name + "_hdView"] = allHeaders.toData(); } void db_base::setVisualIndex(int i, int visualIndex) { if (colResizing) return; allHeaders[i]->visualIndex = visualIndex; } void db_base::sectionResized(int i, int, int newSize) { if (!allHeaders[i]->show || newSize <= 0 || colResizing) return; allHeaders[i]->size = newSize; } bool db_base::fixedHeaderSize(int sect) { return allHeaders[sect]->size != -1; } void db_base::initHeaderView(QHeaderView *hv) { int max = allHeaders.count(); colResizeStart(); for (int i=0; isetupHeaderView(i, hv); } for (int i=0; ivisualIndex == -1) continue; if (hv->visualIndex(i) != allHeaders[i]->visualIndex) { hv->moveSection(hv->visualIndex(i), allHeaders[i]->visualIndex); } } colResizeEnd(); } void db_base::sortIndicatorChanged(int logicalIndex, Qt::SortOrder order) { int max = allHeaders.count(); if (!isValidCol(logicalIndex)) return; for (int i=0; isortIndicator = -1; } allHeaders[logicalIndex]->sortIndicator = order; } pki_base *db_base::insertPKI(pki_base *pki) { QString filename = pki->getFilename(); if (!filename.isEmpty()) { pki->selfComment(tr("Import from: %1").arg(filename)); pki->setFilename(QString()); } Transaction; if (!TransBegin()) { delete pki; return NULL; } QSqlError e = pki->insertSql(); if (e.isValid()) { XCA_SQLERROR(e); TransRollback(); delete pki; return NULL; } Store.add(pki->getSqlItemId(), pki); inToCont(pki); TransCommit(); restart_timer(); emit columnsContentChanged(); return pki; } QString db_base::pem2QString(QModelIndexList indexes) const { BioByteArray bba; foreach(QModelIndex idx, indexes) { if (idx.column() != 0) continue; pki_base *pki = fromIndex(idx); pki->pem(bba); openssl_error(); } return bba.qstring(); } void db_base::deletePKI(QModelIndex idx) { pki_base *pki = fromIndex(idx); QSqlDatabase db = QSqlDatabase::database(); try { try { pki->deleteFromToken(); } catch (errorEx &err) { XCA_ERROR(err); } Transaction; if (TransBegin()) { QSqlError e = pki->deleteSql(); TransDone(e); if (!e.isValid()) remFromCont(idx); AffectedItems(pki->getSqlItemId()); XCA_SQLERROR(e); Store.remove(pki->getSqlItemId()); delete pki; } } catch (errorEx &err) { XCA_ERROR(err); } } void db_base::insertChild(pki_base *child, pki_base *parent) { QModelIndex idx = QModelIndex(); pki_base *curr_parent = child->getParent(); if (!parent || parent == child) parent = treeItem; if (parent != treeItem && treeview) idx = index(parent); if (curr_parent) { // && curr_parent != parent) int row = curr_parent->indexOf(child); beginMoveRows(index(curr_parent), row, row, idx, 0); curr_parent->takeChild(child); } else { beginInsertRows(idx, 0, 0); } rootItem->insert(child); parent->insert(child); if (curr_parent) endMoveRows(); else endInsertRows(); qDebug() << "insertChild" << *child << "To parent" << *parent << "From" << (curr_parent ? QString(*curr_parent) : "NEW") << "COUNT root" << rootItem->childCount() << "Count tree" << treeItem->childCount(); } int db_base::rownumber(const pki_base *child) const { pki_base *parent = treeview ? child->getParent() : rootItem; return parent ? parent->indexOf(child) : 0; } /* Does all the linking from existing keys, crls, certs * to the new imported or generated item * called before the new item will be inserted into the database */ void db_base::inToCont(pki_base *pki) { insertChild(pki); } pki_base *db_base::getByName(QString desc) { QList list = Store.sqlSELECTpki( QString("SELECT id FROM items WHERE name=? AND del=0 AND ") + sqlItemSelector(), QList() << QVariant(desc)); return list.isEmpty() ? NULL : list[0]; } pki_base *db_base::getByReference(pki_base *refpki) { if (refpki == NULL) return NULL; QList list = Store.sqlSELECTpki( QString("SELECT item FROM %1 WHERE hash=?").arg(sqlHashTable), QList() << QVariant(refpki->hash())); foreach(pki_base *pki, list) { if (refpki->compare(pki)) return pki; } return NULL; } pki_base *db_base::insert(pki_base *item) { return insertPKI(item); } void db_base::dump(const QString &dir) const { QString dirname = dir + "/" + class_name; QDir d(dirname); if (!d.exists() && !d.mkdir(dirname)) { throw errorEx(tr("Could not create directory %1") .arg(nativeSeparator(dirname))); } try { foreach(pki_base *pki, Store.getAll()) { if (pkitype.contains(pki->getType())) pki->writeDefault(dirname); } } catch (errorEx &err) { XCA_ERROR(err); } } QModelIndex db_base::index(int row, int column, const QModelIndex &parent) const { pki_base *parentItem = treeview ? treeItem : rootItem; if (parent.isValid() && treeview) parentItem = fromIndex(parent); pki_base *childItem = parentItem->child(row); return childItem ? createIndex(row, column, childItem) : QModelIndex(); } QModelIndex db_base::index(pki_base *pki) const { if (!pki || pki == treeItem) return QModelIndex(); return createIndex(rownumber(pki), 0, pki); } QModelIndex db_base::parent(const QModelIndex &idx) const { if (!idx.isValid()) return QModelIndex(); pki_base *childItem = fromIndex(idx); pki_base *parentItem = childItem->getParent(); if (parentItem == treeItem || !treeview) parentItem = NULL; return index(parentItem); } int db_base::rowCount(const QModelIndex &parent) const { pki_base *parentItem = treeview ? treeItem : rootItem; if (parent.isValid()) parentItem = treeview ? fromIndex(parent) : NULL; return parentItem ? parentItem->childCount() : 0; } int db_base::columnCount(const QModelIndex &) const { return allHeaders.count(); } QVariant db_base::data(const QModelIndex &index, int role) const { if (!index.isValid()) return QVariant(); dbheader *hd = allHeaders[index.column()]; pki_base *item = fromIndex(index); switch (role) { case Qt::EditRole: case Qt::DisplayRole: if (hd->id==HD_internal_name || item->isVisible()==1) return item->column_data(hd); break; case Qt::DecorationRole: return item->getIcon(hd); case Qt::TextAlignmentRole: return int((hd->isNumeric() ? Qt::AlignRight : Qt::AlignLeft) | Qt::AlignVCenter); case Qt::BackgroundRole: return item->bg_color(hd); case Qt::UserRole: return item->isVisible(); case Qt::ToolTipRole: if (hd->id==HD_internal_name || item->isVisible()==1) return item->column_tooltip(hd); break; } return QVariant(); } static QVariant getHeaderViewInfo(dbheader *h) { return QVariant( #if 0 QString("H[%1] Show:%2%3 Size:%4 VI:%5 Indi:%6"). arg(sect).arg(h->show).arg(h->showDefault).arg(h->size). arg(h->visualIndex).arg(h->sortIndicator) #else h->getTooltip() #endif ); } void db_base::changeView() { beginResetModel(); treeview = !treeview; endResetModel(); } QVariant db_base::headerData(int section, Qt::Orientation orientation, int role) const { if (!isValidCol(section)) return QVariant(); if (orientation == Qt::Horizontal) { switch (role) { case Qt::DisplayRole: return QVariant(allHeaders[section]->getName()); case Qt::ToolTipRole: return getHeaderViewInfo(allHeaders[section]); } } return QVariant(); } Qt::ItemFlags db_base::flags(const QModelIndex &index) const { if (!index.isValid()) return Qt::NoItemFlags; Qt::ItemFlags flags = QAbstractItemModel::flags(index) | Qt::ItemIsDragEnabled; pki_base *item = fromIndex(index); if (item->isVisible() == 2) flags &= ~Qt::ItemIsEnabled; else if (index.column() == 0) flags |= Qt::ItemIsEditable; return flags; } bool db_base::setData(const QModelIndex &index, const QVariant &value, int role) { QString on, nn; pki_base *item; if (index.isValid() && role == Qt::EditRole) { nn = value.toString(); item = fromIndex(index); on = item->getIntName(); if (nn == on) return true; updateItem(item, nn, item->getComment()); return true; } return false; } void db_base::updateItem(pki_base *pki, const QString &name, const QString &comment, bool force) { XSqlQuery q; QSqlError e; if (name == pki->getIntName() && comment == pki->getComment() && !force) return; Transaction; TransThrow(); SQL_PREPARE(q, "UPDATE items SET name=?, comment=? WHERE id=?"); q.bindValue(0, name); q.bindValue(1, comment); q.bindValue(2, pki->getSqlItemId()); q.exec(); e = q.lastError(); AffectedItems(pki->getSqlItemId()); XCA_SQLERROR(e); TransDone(e); pki->setIntName(name); pki->setComment(comment); pki->recheckVisibility(); QModelIndex i, j; i = index(pki); j = index(i.row(), allHeaders.size(), i.parent()); emit dataChanged(i, j); emit pkiChanged(pki); restart_timer(); } void db_base::timerEvent(QTimerEvent *event) { int youngest = SECS_PER_DAY; int id = event->timerId(); foreach(pki_base *pki, Store.getAll()) { for (int idx=0; idx < allHeaders.count(); idx++) { dbheader *hd = allHeaders[idx]; if (hd->type != dbheader::hd_asn1time) continue; a1time t = pki->column_a1time(hd); if (t.isUndefined()) continue; int age = t.age(); if (age < 0) age *= -1; bool do_emit = false; if (age < youngest) youngest = age; if (!hd->show) continue; if (id == secondsTimer && (age < SECS_PER_MINUTE *2 || age % SECS_PER_MINUTE < 2)) do_emit = true; if (id == minutesTimer && (age % SECS_PER_HOUR < 60)) do_emit = true; if (id == hoursTimer && (age % SECS_PER_DAY < SECS_PER_HOUR)) do_emit = true; if (do_emit) { qDebug() << "Date changed for" << pki->getIntName() << ":" << hd->getName() << "Col:" << idx << t.toSortable(); QModelIndex i; i = createIndex(rownumber(pki), idx, pki); #if (QT_VERSION >= QT_VERSION_CHECK(6, 0, 0)) emit dataChanged(i, i, QList{Qt::DisplayRole}); #else emit dataChanged(i, i, QVector{Qt::DisplayRole}); #endif } } } if (secondsTimer && youngest > SECS_PER_HOUR *2) { killTimer(secondsTimer); secondsTimer = 0; } if (minutesTimer && youngest > SECS_PER_DAY *2) { killTimer(minutesTimer); minutesTimer = 0; } } bool db_base::columnHidden(int col) const { if (!isValidCol(col)) return true; if (Settings["disable_netscape"] && allHeaders[col]->type == dbheader::hd_v3ext_ns) return true; return !allHeaders[col]->show; } void db_base::columnResetDefaults() { dbheader *hd; foreach(hd, allHeaders) { hd->reset(); } emit resetHeader(); } bool db_base::isValidCol(int col) const { return col >= allHeaders.size() || col < 0 ? false : true; } QMimeData *db_base::mimeData(const QModelIndexList &indexes) const { QString data = pem2QString(indexes); if (data.isEmpty()) return NULL; QMimeData *mimeData = new QMimeData(); mimeData->setText(data.toLatin1()); mimeData->setData(X_XCA_DRAG_DATA, QByteArray()); return mimeData; } void db_base::writeVcalendar(XFile &file, QStringList vcal) const { QStringList ics; ics << "BEGIN:VCALENDAR" << "VERSION:2.0" << "PRODID:-//" XCA_TITLE "//" XCA_VERSION "//" << vcal << "END:VCALENDAR"; file.write(ics.join("\r\n").toUtf8()); } void db_base::exportItems(const QModelIndexList &indexes, const pki_export *xport, XFile &file) const { foreach(QModelIndex idx, indexes) exportItem(idx, xport, file); } int db_base::exportFlags(const QModelIndexList &indexes) const { int disabled_flags = 0; foreach(const QModelIndex &idx, indexes) disabled_flags |= exportFlags(idx); if (indexes.size() > 1) disabled_flags |= F_SINGLE; else disabled_flags |= F_MULTI; return disabled_flags; } xca-RELEASE.2.5.0/lib/db_base.h000066400000000000000000000101751450407711300156540ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __DB_BASE_H #define __DB_BASE_H #include #include "base.h" #include "pki_base.h" #include "headerlist.h" #include #include #include #define X_XCA_DRAG_DATA "application/x-xca-drag-data" class QContextMenuEvent; class XcaTreeView; class NewX509; class db_base: public QAbstractItemModel { Q_OBJECT protected: int secondsTimer, minutesTimer, hoursTimer; void _writePKI(pki_base *pki, bool overwrite); QList pkitype; QList pkitype_depends; QString class_name; /* Sql table containing the 'hash' of this items */ QString sqlHashTable; dbheaderList allHeaders; virtual dbheaderList getHeaders(); int colResizing; QString sqlItemSelector(); bool isValidCol(int col) const; void timerEvent(QTimerEvent *event); bool treeview; pki_base *rootItem; pki_base *treeItem; public: void restart_timer(); void updateItem(pki_base *pki, const QString &name, const QString &comment, bool force = false); virtual pki_base *newPKI(enum pki_type type = none); db_base(const char *classname); virtual void updateHeaders(); virtual ~db_base(); virtual pki_base *insertPKI(pki_base *pki); pki_base *getByName(QString desc); pki_base *getByReference(pki_base *refpki); virtual void loadContainer(); void reloadContainer(const QList &typelist); virtual pki_base* insert(pki_base *item); virtual void inToCont(pki_base *pki); virtual void remFromCont(const QModelIndex &idx); void changeView(); int exportFlags(const QModelIndexList &indexes) const; virtual int exportFlags(const QModelIndex &index) const { return 0; } virtual void exportItem(const QModelIndex &index, const pki_export *xport, XFile &file) const { }; virtual void exportItems(const QModelIndexList &indexes, const pki_export *xport, XFile &file) const; void dump(const QString &dirname) const; QModelIndex index(int row, int column, const QModelIndex &parent = QModelIndex()) const; QModelIndex index(pki_base *pki) const; QModelIndex parent(const QModelIndex &index) const; int rowCount(const QModelIndex &parent = QModelIndex()) const; int allItemsCount() const { return rootItem->childCount(); } int columnCount(const QModelIndex &parent) const; QVariant data(const QModelIndex &index, int role) const; QVariant headerData(int section, Qt::Orientation orientation, int role) const; Qt::ItemFlags flags(const QModelIndex &index) const; bool setData(const QModelIndex &index, const QVariant &value, int role); void deleteSelectedItems(QModelIndexList indexes); static pki_base *fromIndex(const QModelIndex &index) { if (!index.isValid()) return NULL; return static_cast(index.internalPointer()); } template static T *fromIndex(const QModelIndex &index) { return dynamic_cast(fromIndex(index)); } void insertChild(pki_base *child, pki_base *parent = NULL); int rownumber(const pki_base *child) const; void createSuccess(const pki_base *pki) const; bool columnHidden(int col) const; virtual void saveHeaderState(); void initHeaderView(QHeaderView *hv); void setVisualIndex(int i, int visualIndex); bool fixedHeaderSize(int sect); bool treeViewMode() { return treeview; } void colResizeStart() { colResizing++; } void colResizeEnd() { colResizing--; } dbheaderList getAllHeaders() { return allHeaders; } QString pem2QString(QModelIndexList indexes) const; void deletePKI(QModelIndex idx); QMimeData *mimeData(const QModelIndexList &indexes) const; void emitDataChanged(pki_base *pki); bool containsType(enum pki_type t) const; void writeVcalendar(XFile &file, QStringList vcal) const; public slots: virtual void newItem() { } void columnResetDefaults(); void sectionResized(int i, int, int newSize); void sortIndicatorChanged(int, Qt::SortOrder); signals: void resetHeader() const; void updateHeader() const; void columnsContentChanged() const; void pkiChanged(pki_base *pki) const; }; #endif xca-RELEASE.2.5.0/lib/db_crl.cpp000066400000000000000000000117631450407711300160610ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "db_crl.h" #include "db_x509.h" #include "main.h" #include "exception.h" #include "database_model.h" db_crl::db_crl() : db_x509name("crls") { sqlHashTable = "crls"; pkitype << revocation; pkitype_depends << x509; updateHeaders(); loadContainer(); } dbheaderList db_crl::getHeaders() { dbheaderList h = db_x509name::getHeaders(); h << new dbheader(HD_crl_signer, true, tr("Signer"), tr("Internal name of the signer")) << new num_dbheader(HD_crl_revoked, true, tr("No. revoked"), tr("Number of revoked certificates")) << new date_dbheader(HD_crl_lastUpdate,false, tr("Last update")) << new date_dbheader(HD_crl_nextUpdate, true, tr("Next update")) << new num_dbheader(HD_crl_crlnumber, false, tr("CRL number")); return h; } pki_base *db_crl::newPKI(enum pki_type type) { (void)type; return new pki_crl(); } void db_crl::revokeCerts(pki_crl *crl) { db_x509 *certs = Database.model(); x509revList revlist; if (!certs || !crl) return; pki_x509 *signer = crl->getIssuer(); if (!signer) return; revlist = crl->getRevList(); signer->mergeRevList(revlist); foreach(x509rev revok, revlist) { pki_x509 *crt = signer->getBySerial(revok.getSerial()); if (crt) crt->setRevoked(revok); } } void db_crl::removeSigner(pki_base *signer) { foreach(pki_crl *crl, Store.getAll()) { if (crl->getIssuer() == signer) { crl->setIssuer(NULL); } } } void db_crl::inToCont(pki_base *pki) { pki_crl *crl = dynamic_cast(pki); unsigned hash = crl->getSubject().hashNum(); QList items; items = Store.sqlSELECTpki( "SELECT x509super.item FROM x509super " "JOIN certs ON certs.item = x509super.item " "WHERE x509super.subj_hash=? AND certs.ca=1", QList() << QVariant(hash)); foreach(pki_x509 *x, items) { qDebug() << "Possible Crl issuer:" << x->getIntName(); crl->verify(x); } db_base::inToCont(pki); } pki_base *db_crl::insert(pki_base *item) { pki_crl *crl = dynamic_cast(item); pki_crl *oldcrl = dynamic_cast(getByReference(crl)); if (oldcrl) { XCA_INFO(tr("The revocation list already exists in the database as:\n'%1'\nand so it was not imported").arg(oldcrl->getIntName())); delete(crl); return NULL; } Transaction; if (TransBegin()) { crl = dynamic_cast(insertPKI(crl)); if (crl) { revokeCerts(crl); TransCommit(); } } return crl; } void db_crl::exportItems(const QModelIndexList &indexes, const pki_export *xport, XFile &file) const { QStringList vcal; foreach(QModelIndex idx, indexes) { pki_crl *crl = fromIndex(idx); if (!crl) continue; if (xport->match_all(F_CAL)) vcal << crl->icsVEVENT(); else crl->writeCrl(file, xport->match_all(F_PEM)); } if (vcal.size() > 0) writeVcalendar(file, vcal); } pki_crl *db_crl::newCrl(const crljob &task, QString name) { pki_crl *crl = NULL; pki_x509 *cert = task.issuer; QSqlDatabase db = QSqlDatabase::database(); try { x509v3ext e; X509V3_CTX ext_ctx; X509V3_set_ctx(&ext_ctx, cert->getCert(), NULL, NULL, NULL, 0); X509V3_set_ctx_nodb(&ext_ctx); XSqlQuery q; if (name.isEmpty()) name = cert->getIntName(); crl = new pki_crl(); crl->createCrl(name, cert); crl->pkiSource = generated; foreach(x509rev rev, cert->getRevList()) crl->addRev(rev, task.withReason); if (task.authKeyId) { crl->addV3ext(e.create(NID_authority_key_identifier, "keyid,issuer", &ext_ctx)); } if (task.subAltName) { if (cert->hasExtension(NID_subject_alt_name)) { crl->addV3ext(e.create(NID_issuer_alt_name, "issuer:copy", &ext_ctx)); } } if (task.setCrlNumber) { crl->setCrlNumber(task.crlNumber); cert->setCrlNumber(task.crlNumber); } crl->setIssuer(cert); crl->setLastUpdate(task.lastUpdate); crl->setNextUpdate(task.nextUpdate); crl->sign(cert->getRefKey(), task.hashAlgo); Transaction; if (!TransBegin()) throw errorEx(tr("Failed to initiate DB transaction")); cert->setCrlExpire(task.nextUpdate); SQL_PREPARE(q, "UPDATE authority set crlNo=?, crlExpire=? WHERE item=?"); q.bindValue(0, (uint)cert->getCrlNumber().getLong()); q.bindValue(1, task.nextUpdate.toPlain()); q.bindValue(2, cert->getSqlItemId()); AffectedItems(cert->getSqlItemId()); q.exec(); QSqlError err = q.lastError(); if (err.isValid()) throw errorEx(tr("Database error: %1").arg(err.text())); SQL_PREPARE(q, "UPDATE revocations set crlNo=? " "WHERE crlNo IS NULL AND caId=?"); q.bindValue(0, (uint)crl->getCrlNumber().getLong()); q.bindValue(1, cert->getSqlItemId()); q.exec(); err = q.lastError(); if (err.isValid()) throw errorEx(tr("Database error: %1").arg(err.text())); crl = dynamic_cast(insertPKI(crl)); err = db.lastError(); if (err.isValid()) throw errorEx(tr("Database error: %1").arg(err.text())); TransCommit(); createSuccess(crl); } catch (errorEx &err) { XCA_ERROR(err); delete crl; crl = NULL; } return crl; } xca-RELEASE.2.5.0/lib/db_crl.h000066400000000000000000000012551450407711300155210ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2007 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __DB_CRL_H #define __DB_CRL_H #include "db_x509super.h" #include "pki_crl.h" class db_crl: public db_x509name { Q_OBJECT protected: dbheaderList getHeaders(); public: db_crl(); pki_base *newPKI(enum pki_type type); void revokeCerts(pki_crl *crl); void inToCont(pki_base *pki); pki_base *insert(pki_base *item); void removeSigner(pki_base *signer); void updateCertView(); pki_crl *newCrl(const crljob &crljob, QString name = QString()); void exportItems(const QModelIndexList &indexes, const pki_export *xport, XFile &file) const; }; #endif xca-RELEASE.2.5.0/lib/db_key.cpp000066400000000000000000000151411450407711300160630ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #include "db_key.h" #include "pki_evp.h" #include "pki_scard.h" #include "pki_x509super.h" #include "main.h" #include "exception.h" #include "pkcs11.h" #include "XcaWarningCore.h" #include "PwDialogCore.h" db_key::db_key() : db_base("keys") { sqlHashTable = "public_keys"; pkitype << asym_key << smartCard; updateHeaders(); loadContainer(); } void db_key::loadContainer() { XSqlQuery q; db_base::loadContainer(); foreach(pki_key *key, Store.getAll()) key->setUcount(0); SQL_PREPARE(q, "SELECT pkey, COUNT(*) FROM x509super WHERE pkey IS NOT NULL GROUP by pkey"); q.exec(); while (q.next()) { pki_key *key = Store.lookupPki(q.value(0)); if (!key) { qDebug() << "Unknown key" << q.value(0).toULongLong(); continue; } key->setUcount(q.value(1).toInt()); } XCA_SQLERROR(q.lastError()); } dbheaderList db_key::getHeaders() { dbheaderList h = db_base::getHeaders(); h << new dbheader(HD_key_type, true, tr("Type")) << new num_dbheader(HD_key_size, true, tr("Size")) << #ifndef OPENSSL_NO_EC new dbheader(HD_key_curve, false,tr("EC Group")) << #endif new num_dbheader(HD_key_use, true, tr("Use")) << new dbheader(HD_key_passwd, true, tr("Password")); return h; } pki_base *db_key::newPKI(enum pki_type type) { if (type == asym_key) return new pki_evp(""); return new pki_scard(""); } QList db_key::getAllKeys() { return Store.sqlSELECTpki("SELECT item from public_keys"); } QList db_key::getUnusedKeys() { return Store.sqlSELECTpki( "SELECT public_keys.item FROM public_keys " "LEFT OUTER JOIN x509super ON x509super.pkey= public_keys.item " "WHERE x509super.item IS NULL"); } void db_key::remFromCont(const QModelIndex &idx) { db_base::remFromCont(idx); XSqlQuery q; QList items = Store.sqlSELECTpki( "SELECT item FROM x509super WHERE pkey is NULL"); foreach(pki_x509super *x509s, items) { x509s->setRefKey(NULL); } /* "UPDATE x509super SET pkey=NULL WHERE pkey=?" done in * pki->deleteSqlData() */ } void db_key::inToCont(pki_base *pki) { db_base::inToCont(pki); pki_key *key = static_cast(pki); unsigned hash = key->hash(); QList items = Store.sqlSELECTpki( "SELECT item FROM x509super WHERE pkey IS NULL AND key_hash=?", QList() << QVariant(hash)); XSqlQuery q; SQL_PREPARE(q, "UPDATE x509super SET pkey=? WHERE item=?"); q.bindValue(0, key->getSqlItemId()); foreach(pki_x509super *x509s, items) { if (!x509s->compareRefKey(key)) continue; /* Found item matching this key */ x509s->setRefKey(key); q.bindValue(1, x509s->getSqlItemId()); AffectedItems(x509s->getSqlItemId()); q.exec(); XCA_SQLERROR(q.lastError()); } } pki_base* db_key::insert(pki_base *item) { pki_key *lkey = dynamic_cast(item); pki_key *oldkey; pki_evp *evp = dynamic_cast(lkey); if (evp) evp->setOwnPass(pki_evp::ptCommon); oldkey = static_cast(getByReference(lkey)); if (oldkey != NULL) { if ((oldkey->isPrivKey() && lkey->isPrivKey()) || lkey->isPubKey()){ XCA_INFO( tr("The key is already in the database as:\n'%1'\nand is not going to be imported").arg(oldkey->getIntName())); delete lkey; return NULL; } else { XCA_INFO( tr("The database already contains the public part of the imported key as\n'%1\nand will be completed by the new, private part of the key").arg(oldkey->getIntName())); lkey->setComment(oldkey->getComment()); lkey->selfComment(tr("Extending public key from %1 by imported key '%2'") .arg(oldkey->getInsertionDate().toPretty()) .arg(lkey->getIntName())); lkey->setIntName(oldkey->getIntName()); deletePKI(index(oldkey)); } } return insertPKI(lkey); } pki_key *db_key::newKey(const keyjob &task, const QString &name) { pki_key *key = NULL; if (!task.isEC() && !task.isED25519()) { if (task.size < 32) { XCA_WARN(tr("Key size too small !")); return NULL; } if (task.size < 1024 || task.size > 8192) if (!XCA_YESNO(tr("You are sure to create a key of the size: %1 ?").arg(task.size))) { return NULL; } } try { if (task.isToken()) { key = new pki_scard(name); } else { key = new pki_evp(name); } key->generate(task); key->pkiSource = generated; if (key->getIntName().isEmpty()) key->autoIntName(name); key = dynamic_cast(insert(key)); emit keyDone(key); createSuccess(key); } catch (errorEx &err) { delete key; key = NULL; XCA_ERROR(err); } return key; } int db_key::exportFlags(const QModelIndex &index) const { int disable_flags = 0; pki_key *key = fromIndex(index); if (!index.isValid() || !key) return 0; int keytype = key->getKeyType(); if (keytype != EVP_PKEY_RSA && keytype != EVP_PKEY_DSA) disable_flags |= F_PVK; #ifdef EVP_PKEY_ED25519 if (keytype == EVP_PKEY_ED25519) disable_flags |= F_CRYPT; #endif if (!key->SSH2_compatible()) disable_flags |= F_SSH2; if (key->isPubKey() || key->isToken()) disable_flags |= F_PRIVATE; return disable_flags; } void db_key::exportItem(const QModelIndex &index, const pki_export *xport, XFile &file) const { const EVP_CIPHER *algo = NULL; pki_key *key = fromIndex(index); pki_evp *privkey = dynamic_cast(key); int(*pwCallback)(char *, int, int, void *) = NULL; if (xport->match_all(F_CRYPT)) { algo = EVP_aes_256_cbc(); pwCallback = PwDialogCore::pwCallback; } if (privkey && xport->match_all(F_DER | F_PRIVATE)) privkey->writeKey(file, NULL, NULL, false); else if (privkey && xport->match_all(F_PEM | F_PRIVATE)) privkey->writeKey(file, algo, pwCallback, true); else if (xport->match_all(F_DER)) key->writePublic(file, false); else if (xport->match_all(F_PEM)) key->writePublic(file, true); else if (privkey && xport->match_all(F_PKCS8)) privkey->writePKCS8(file, algo, pwCallback, true); else if (xport->match_all(F_SSH2 | F_PRIVATE)) key->writeSSH2private(file, pwCallback); else if (xport->match_all(F_SSH2)) key->writeSSH2public(file); else if (privkey && xport->match_all(F_PVK)) privkey->writePVKprivate(file, pwCallback); else throw errorEx(tr("Internal error")); } void db_key::setOwnPass(QModelIndex idx, enum pki_key::passType x) { pki_evp *targetKey = fromIndex(idx); enum pki_key::passType old_type; if (!idx.isValid() || !targetKey) return; if (targetKey->isToken()) { throw errorEx(tr("Tried to change password of a token")); } old_type = targetKey->getOwnPass(); targetKey->setOwnPass(x); if (!targetKey->sqlUpdatePrivateKey()) targetKey->setOwnPass(old_type); } xca-RELEASE.2.5.0/lib/db_key.h000066400000000000000000000017741450407711300155370ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __DB_KEY_H #define __DB_KEY_H #include "pki_export.h" #include "db_base.h" #include "pki_key.h" #include "xfile.h" class QModelIndex; class QContextMenuEvent; class db_key: public db_base { Q_OBJECT protected: virtual dbheaderList getHeaders(); public: db_key(); QList getUnusedKeys(); QList getAllKeys(); pki_base *newPKI(enum pki_type type = none); void inToCont(pki_base *pki); void remFromCont(const QModelIndex &idx); pki_base* insert(pki_base *item); void setOwnPass(QModelIndex idx, enum pki_key::passType); void loadContainer(); pki_key *newKey(const keyjob &task, const QString &name); int exportFlags(const QModelIndex &index) const; void exportItem(const QModelIndex &index, const pki_export *xport, XFile &file) const; signals: void delKey(pki_key *delkey); void newKey(pki_key *newkey); void keyDone(pki_key *nkey); }; #endif xca-RELEASE.2.5.0/lib/db_temp.cpp000066400000000000000000000046301450407711300162410ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "db_temp.h" #include "pki_temp.h" #include "load_obj.h" #include "func.h" #include "XcaWarningCore.h" #include #include db_temp::db_temp() : db_x509name("templates") { /* XCA loads templates from private space ($HOME/.local/) * Host specific (/usr/local) and distribution (/usr) * The first .xca found avoids other .xca to be loaded */ QSet template_files; load_temp l; sqlHashTable = "templates"; pkitype << tmpl; updateHeaders(); loadContainer(); pki_temp *tmpl = new pki_temp(tr("Empty template")); tmpl->setAsPreDefined(); predefs << tmpl; foreach(QString d, QStandardPaths::standardLocations( QStandardPaths::AppDataLocation)) { QFileInfoList list = QDir(d).entryInfoList( QStringList("*.xca"), QDir::Files | QDir::NoSymLinks | QDir::NoDot | QDir::Readable); foreach(QFileInfo fileInfo, list) { if (template_files.contains(fileInfo.fileName())) continue; qDebug() << "Loading template" << fileInfo.fileName() << fileInfo.absoluteFilePath(); try { tmpl = dynamic_cast(l.loadItem( fileInfo.absoluteFilePath())); if (tmpl) { tmpl->setAsPreDefined(); predefs << tmpl; template_files << fileInfo.fileName(); } } catch(errorEx &) { XCA_WARN(tr("Bad template: %1") .arg(nativeSeparator( fileInfo.absoluteFilePath()))); } } } } db_temp::~db_temp() { qDeleteAll(predefs); } pki_base *db_temp::newPKI(enum pki_type type) { (void)type; return new pki_temp(""); } QList db_temp::getPredefs() const { return predefs; } bool db_temp::alterTemp(pki_temp *temp) { XSqlQuery q; QSqlError e; Transaction; if (!TransBegin()) return false; SQL_PREPARE(q, "UPDATE templates SET version=?, template=? WHERE item=?"); q.bindValue(0, TMPL_VERSION); q.bindValue(1, temp->toB64Data()); q.bindValue(2, temp->getSqlItemId()); q.exec(); e = q.lastError(); XCA_SQLERROR(e); if (e.isValid()) { TransRollback(); return false; } updateItem(temp, temp->getIntName(), temp->getComment(), true); TransCommit(); return true; } void db_temp::exportItem(const QModelIndex &index, const pki_export *, XFile &file) const { pki_temp *temp = fromIndex(index); if (temp) temp->writeTemp(file); } xca-RELEASE.2.5.0/lib/db_temp.h000066400000000000000000000011231450407711300157000ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2007 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __DB_TEMP_H #define __DB_TEMP_H #include "db_x509super.h" class pki_temp; class db_temp: public db_x509name { Q_OBJECT protected: QList predefs; public: db_temp(); ~db_temp(); pki_base *newPKI(enum pki_type type = none); void fillContextMenu(QMenu *menu, const QModelIndex &index); QList getPredefs() const; bool alterTemp(pki_temp *temp); void exportItem(const QModelIndex &index, const pki_export *, XFile &file) const; }; #endif xca-RELEASE.2.5.0/lib/db_token.cpp000066400000000000000000000024601450407711300164130ustar00rootroot00000000000000 #include "db_token.h" #include "exception.h" #include "pki_scard.h" #include "sql.h" #include "XcaWarningCore.h" db_token::db_token() : db_base("manageTokens") { updateHeaders(); } void db_token::saveHeaderState() { } void db_token::rename_token_in_database(pki_scard *token) { if (!token) return; Transaction; if (!TransBegin()) return; QList list = Store.sqlSELECTpki( QString("SELECT item FROM tokens " "WHERE card_serial=? AND card_model=? and object_id=?"), QList() << QVariant(token->getSerial()) << QVariant(token->getModel()) << QVariant(token->getId())); foreach(pki_scard *item, list) { if (token->compare(item)) item->updateLabel(token->getIntName()); } TransCommit(); } bool db_token::setData(const QModelIndex &index, const QVariant &value, int role) { QString on, nn; pki_base *item; if (index.isValid() && role == Qt::EditRole) { nn = value.toString(); item = fromIndex(index); on = item->getIntName(); if (on == nn) return true; try { if (item->renameOnToken(slot, nn)) { item->setIntName(nn); rename_token_in_database( dynamic_cast(item)); emit dataChanged(index, index); return true; } } catch (errorEx &err) { XCA_ERROR(err); } } return false; } xca-RELEASE.2.5.0/lib/db_token.h000066400000000000000000000010151450407711300160530ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __DB_TOKEN_H #define __DB_TOKEN_H #include "pkcs11_lib.h" #include "db_base.h" class pki_scard; class db_token: public db_base { Q_OBJECT private: slotid slot; public: db_token(); bool setData(const QModelIndex &index, const QVariant &value, int role); void setSlot(const slotid &s) { slot = s; } void saveHeaderState(); void rename_token_in_database(pki_scard *token); }; #endif xca-RELEASE.2.5.0/lib/db_x509.cpp000066400000000000000000000544221450407711300160050ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "db_x509.h" #include "db_x509req.h" #include "db_crl.h" #include "pki_x509.h" #include "pki_crl.h" #include "pki_temp.h" #include "pki_pkcs12.h" #include "pki_pkcs7.h" #include "pki_evp.h" #include "pki_scard.h" #include "pass_info.h" #include "database_model.h" #include "entropy.h" #include "XcaWarningCore.h" #include "PwDialogCore.h" #pragma message ("drop UI dependencies") #include "ui_NewX509.h" #include "widgets/CertExtend.h" #include "widgets/RevocationList.h" #include "widgets/NewX509.h" #include "widgets/MainWindow.h" #include "ui_RevocationList.h" #include "ui_MainWindow.h" #include "ui_CertExtend.h" #include "ui_Revoke.h" #include "ui_Help.h" #include db_x509::db_x509() : db_x509super("certificates") { sqlHashTable = "certs"; pkitype << x509; pkitype_depends << x509_req; updateHeaders(); loadContainer(); } void db_x509::loadContainer() { db_x509super::loadContainer(); XSqlQuery q("SELECT item, issuer FROM certs WHERE issuer is NOT NULL"); while (q.next()) { pki_base *root = treeItem; pki_x509 *cert = Store.lookupPki(q.value(0)); pki_x509 *issuer = Store.lookupPki(q.value(1)); if (cert && issuer) { cert->setSigner(issuer); if (cert != issuer) root = issuer; } if (cert && cert->getParent() != root) { qDebug() << "MOVE" << cert->getIntName() << "from" << cert->getParent()->getIntName() << "to" << root->getIntName(); treeItem->takeChild(cert); root->insert(cert); } } emit columnsContentChanged(); } dbheaderList db_x509::getHeaders() { dbheaderList h = db_x509super::getHeaders(); h << new dbheader(HD_cert_ca, true, tr("CA"), tr("reflects the basic Constraints extension")) << new num_dbheader(HD_cert_serial, true, tr("Serial")) << new num_dbheader(HD_cert_md5fp, false,tr("MD5 fingerprint")) << new num_dbheader(HD_cert_sha1fp,false,tr("SHA1 fingerprint")) << new num_dbheader(HD_cert_sha256fp,false,tr("SHA256 fingerprint")) << new date_dbheader(HD_cert_notBefore, false,tr("Start date"), tr("Not before")) << new date_dbheader(HD_cert_notAfter, true, tr("Expiry date"), tr("Not after")) << new date_dbheader(HD_cert_revocation,false, tr("Revocation")) << new date_dbheader(HD_cert_crl_expire,true, tr("CRL Expiration")); return h; } pki_base *db_x509::newPKI(enum pki_type type) { (void)type; return new pki_x509(); } QList db_x509::getAllIssuers() { /* Select X509 CA certificates with available private key */ return Store.sqlSELECTpki( "SELECT x509super.item FROM x509super " "JOIN private_keys ON x509super.pkey = private_keys.item " "JOIN certs ON certs.item = x509super.item " "WHERE certs.ca=1") + Store.sqlSELECTpki( "SELECT x509super.item FROM x509super " "JOIN tokens ON x509super.pkey = tokens.item " "JOIN certs ON certs.item = x509super.item " "WHERE certs.ca=1"); } void db_x509::remFromCont(const QModelIndex &idx) { db_crl *crls = Database.model(); db_x509super::remFromCont(idx); pki_base *pki = fromIndex(idx); pki_x509 *child; pki_base *new_parent; QList childs; while (pki->childCount()) { child = dynamic_cast(pki->takeFirst()); child->delSigner(dynamic_cast(pki)); new_parent = child->findIssuer(); insertChild(child, new_parent); if (new_parent) childs << child; } XSqlQuery q; SQL_PREPARE(q, "UPDATE certs SET issuer=? WHERE item=?"); foreach(pki_x509 *child, childs) { q.bindValue(0, child->getSigner()->getSqlItemId()); q.bindValue(1, child->getSqlItemId()); AffectedItems(child->getSqlItemId()); q.exec(); } crls->removeSigner(pki); } static bool recursiveSigning(pki_x509 *cert, pki_x509 *client) { /* recursive signing check */ for (pki_x509 *s = cert->getSigner(); s; s = s->getSigner()) { if (s == s->getSigner()) { return false; } if (s == client) { qWarning() << "Recursive signing:" << s->getIntName() << "<->" << cert->getIntName(); return true; } } return false; } void db_x509::inToCont(pki_base *pki) { pki_x509 *cert = dynamic_cast(pki); cert->setParent(nullptr); pki_base *root = cert->getSigner(); insertChild(cert, root); QList childs; QList items; unsigned pubhash = cert->pubHash(); unsigned namehash = cert->getSubject().hashNum(); x509revList revList; /* Search for another certificate (name and key) * and use its childs if we are newer */ items = Store.sqlSELECTpki( "SELECT x509super.item FROM x509super " "JOIN certs ON certs.item = x509super.item " "WHERE certs.ca=1 AND x509super.subj_hash=? " "AND x509super.key_hash=?", QList() << namehash << pubhash); foreach(pki_x509 *other, items) { if (other == cert) continue; if (!other->compareNameAndKey(cert)) continue; if (cert->getNotAfter() < other->getNotAfter()) continue; foreach(pki_base *b, other->getChildItems()) { pki_x509 *child = dynamic_cast(b); if (!child) continue; child->delSigner(other); childs << child; } revList.merge(other->getRevList()); } /* Search rootItem childs, whether they are ours */ foreach(pki_base *b, treeItem->getChildItems()) { pki_x509 *child = dynamic_cast(b); if (!child || child == cert || child->getSigner() == child) continue; if (child->verify_only(cert)) childs << child; } /* move collected childs to us */ XSqlQuery q; x509revList revokedChilds; SQL_PREPARE(q, "UPDATE certs SET issuer=? WHERE item=?"); q.bindValue(0, cert->getSqlItemId()); foreach(pki_x509 *child, childs) { if (recursiveSigning(cert, child)) continue; if (!child->verify(cert)) continue; insertChild(child, cert); q.bindValue(1, child->getSqlItemId()); AffectedItems(child->getSqlItemId()); q.exec(); XCA_SQLERROR(q.lastError()); if (child->isRevoked()) revokedChilds << child->getRevocation(); } q.finish(); revList.merge(revokedChilds); cert->setRevocations(revList); /* Update CRLs */ QList crls = Store.sqlSELECTpki( "SELECT item FROM crls WHERE iss_hash=?", QList() << namehash); SQL_PREPARE(q, "UPDATE crls SET issuer=? WHERE item=?"); foreach(pki_crl *crl, crls) { crl->verify(cert); if (cert != crl->getIssuer()) continue; q.bindValue(0, cert->getSqlItemId()); q.bindValue(1, crl->getSqlItemId()); AffectedItems(crl->getSqlItemId()); q.exec(); XCA_SQLERROR(q.lastError()); } } QList db_x509::getCerts(bool unrevoked) { QList c; c.clear(); foreach(pki_x509 *pki, Store.getAll()) { if (unrevoked && pki->isRevoked()) continue; c.append(pki); } return c; } void db_x509::writeIndex(const QString &fname, bool hierarchy) const { if (hierarchy) { QString dir = fname + "/"; if (!QDir().mkpath(fname)) { throw errorEx(tr("Failed to create directory '%1'") .arg(fname)); } QList issuers = Store.sqlSELECTpki( "SELECT DISTINCT issuer FROM certs WHERE issuer != item"); foreach(pki_x509 *ca, issuers) { XFile file(dir + ca->getUnderlinedName() + ".txt"); file.open_write(); writeIndex(file, Store.sqlSELECTpki( "SELECT item FROM certs WHERE issuer=?", QList()<getSqlItemId())) ); } } else { XFile file(fname); file.open_write(); writeIndex(file, Store.sqlSELECTpki( "SELECT item FROM certs")); } } static a1int randomSerial() { unsigned char buf[SHA512_DIGEST_LENGTH]; unsigned char md[SHA512_DIGEST_LENGTH]; Entropy::seed_rng(); RAND_bytes(buf, SHA512_DIGEST_LENGTH); SHA512(buf, SHA512_DIGEST_LENGTH, md); a1int serial; if (md[0] && md[0] < 0x80) serial.setRaw(md, (int)Settings["serial_len"] / 8); return serial; } a1int db_x509::getUniqueSerial(pki_x509 *signer) { // returns an unused unique serial a1int serial, signer_serial; x509rev rev; x509revList revList; if (signer) { signer_serial = signer->getSerial(); revList = signer->getRevList(); } for (int i=0; ; i++) { if (i > 100) throw errorEx(tr("Failed to retrieve unique random serial")); serial = randomSerial(); if (serial == a1int(0L)) continue; if (!signer) break; if (signer_serial == serial) continue; rev.setSerial(serial); if (revList.contains(rev)) continue; if (signer->getBySerial(serial)) continue; break; } return serial; } pki_base *db_x509::insert(pki_base *item) { pki_x509 *cert = dynamic_cast(item); pki_x509 *oldcert = dynamic_cast(getByReference(cert)); if (oldcert) { XCA_INFO(tr("The certificate already exists in the database as:\n'%1'\nand so it was not imported").arg(oldcert->getIntName())); delete cert; return NULL; } return insertPKI(cert); } pki_x509 *db_x509::get1SelectedCert() { QModelIndexList indexes = mainwin->certView->getSelectedIndexes(); QModelIndex index; if (indexes.count()) index = indexes[0]; return fromIndex(index); } void db_x509::markRequestSigned(pki_x509req *req, pki_x509 *cert) { if (!req || !cert) return; pki_x509 *issuer = cert->getSigner(); Transaction; if (!TransBegin()) return; XSqlQuery q; req->setDone(); SQL_PREPARE(q, "UPDATE requests SET signed=? WHERE item=?"); q.bindValue(0, 1); q.bindValue(1, req->getSqlItemId()); AffectedItems(req->getSqlItemId()); q.exec(); a1time a; req->selfComment(tr("Signed on %1 by '%2'").arg(a.toPretty()) .arg(issuer ? issuer->getIntName() : tr("Unknown"))); SQL_PREPARE(q, "UPDATE items SET comment=? WHERE id=?"); q.bindValue(0, req->getComment()); q.bindValue(1, req->getSqlItemId()); q.exec(); TransCommit(); } void db_x509::newItem() { NewX509 *dlg = new NewX509(); dlg->setCert(); pki_x509 *sigcert = get1SelectedCert(); dlg->defineSigner((pki_x509*)sigcert, true); if (dlg->exec()) { newCert(dlg); } delete dlg; } void db_x509::newCert(pki_x509req *req) { NewX509 *dlg = new NewX509(); pki_x509 *sigcert = get1SelectedCert(); dlg->setCert(); dlg->defineRequest(req); dlg->defineSigner(sigcert, true); if (dlg->exec()) { newCert(dlg); } delete dlg; } void db_x509::newCert(pki_temp *temp) { NewX509 *dlg = new NewX509(); dlg->setCert(); dlg->defineTemplate(temp); if (dlg->exec()) { newCert(dlg); } delete dlg; } void db_x509::newCert(pki_x509 *cert) { NewX509 *dlg = new NewX509(); dlg->setCert(); dlg->fromX509super(cert, false); if (dlg->exec()) { newCert(dlg); } delete dlg; } pki_x509 *db_x509::newCert(NewX509 *dlg) { pki_x509 *cert = NULL; pki_x509 *signcert = NULL; pki_x509req *req = NULL; pki_key *signkey = NULL, *clientkey = NULL, *tempkey = NULL; a1int serial; QString intname; try { Transaction; // Step 1 - Subject and key if (!dlg->fromReqCB->isChecked()) { clientkey = dlg->getSelectedKey(); if (!clientkey) return NULL; intname = dlg->description->text(); } else { // A PKCS#10 Request was selected req = dlg->getSelectedReq(); if (!req) return NULL; clientkey = req->getRefKey(); if (clientkey == NULL) { clientkey = req->getPubKey(); tempkey = clientkey; } intname = req->getIntName(); } TransThrow(); if (clientkey == NULL) throw errorEx(tr("Invalid public key")); // initially create cert cert = new pki_x509(); cert->setIntName(intname); cert->setSubject(dlg->getX509name()); cert->setPubKey(clientkey); // Step 2 - select Signing if (dlg->foreignSignRB->isChecked()) { signcert = dlg->getSelectedSigner(); if (!signcert) { delete cert; return NULL; } serial = getUniqueSerial(signcert); signkey = signcert->getRefKey(); } else { signcert = cert; signkey = clientkey; serial = getUniqueSerial(NULL); } dlg->initCtx(cert, signcert, NULL); // if we can not sign if (! signkey || signkey->isPubKey()) { delete cert; throw errorEx(tr("The key you selected for signing is not a private one.")); } // set the issuers name cert->setIssuer(signcert->getSubject()); cert->setSerial(serial); // Step 3 - Choose the Date // Date handling cert->setNotBefore(dlg->notBefore->getDate()); a1time a; if (dlg->noWellDefinedExpDate->isChecked()) a.setUndefined(); else a = dlg->notAfter->getDate(); cert->setNotAfter(a); // STEP 4 handle extensions // apply all extensions to the subject cert in the context dlg->getAllExt(); // apply extensions from CSR if requested if (dlg->copyReqExtCB->isChecked() && dlg->fromReqCB->isChecked()) { extList el = req->getV3ext(); int m = el.count(); for (int i=0; iaddV3ext(el[i], true); } // and finally sign the request cert->sign(signkey, dlg->hashAlgo->current()); // set the comment field cert->setComment(dlg->comment->toPlainText()); cert->pkiSource = dlg->getPkiSource(); cert = dynamic_cast(insert(cert)); createSuccess(cert); if (cert && clientkey->isToken()) { pki_scard *card = (pki_scard*)clientkey; if (XCA_YESNO(tr("Store the certificate to the key on the token '%1 (#%2)' ?"). arg(card->getCardLabel()).arg(card->getSerial()))) { try { cert->store_token(false); } catch (errorEx &err) { XCA_ERROR(err); } } } delete tempkey; markRequestSigned(req, cert); TransCommit(); } catch (errorEx &err) { XCA_ERROR(err); delete cert; if (tempkey != NULL) delete(tempkey); cert = NULL; } return cert; } int db_x509::exportFlags(const QModelIndex &idx) const { QStringList filt; int disable_flags = 0; pki_x509 *crt = fromIndex(idx); if (!crt) return 0; pki_key *privkey = crt->getRefKey(); if (!crt->getSigner() || crt->getSigner() == crt) disable_flags |= F_CHAIN; if (!privkey || !privkey->isPrivKey() || privkey->isToken()) disable_flags |= F_PRIVATE; if (!crt->isCA()) disable_flags |= F_CA; return disable_flags; } void db_x509::exportItems(const QModelIndexList &list, const pki_export *xport, XFile &file) const { if (list.empty()) return; pki_x509 *oldcrt = nullptr, *crt = fromIndex(list[0]); QList certs; foreach(QModelIndex idx, list) { pki_x509 *x = fromIndex(idx); if (x) certs << x; } if (xport->match_all(F_PEM | F_CHAIN)) { while (crt && crt != oldcrt) { crt->writeCert(file, true); oldcrt = crt; crt = crt->getSigner(); } } else if (xport->match_all(F_PEM)) { foreach(crt, certs) crt->writeCert(file, true); } else if (xport->match_all(F_PEM | F_UNREVOKED)) { foreach(pki_x509 *pki, Store.getAll()) if (!pki->isRevoked()) pki->writeCert(file, true); } else if (xport->match_all(F_PEM | F_ALL)) { foreach(pki_x509 *pki, Store.getAll()) pki->writeCert(file, true); } else if (xport->match_all(F_PEM | F_PRIVATE)) { pki_evp *pkey = (pki_evp *)crt->getRefKey(); if (!pkey || pkey->isPubKey()) throw errorEx(tr("There was no key found for the Certificate: '%1'"). arg(crt->getIntName())); if (pkey->isToken()) throw errorEx(tr("Not possible for a token key: '%1'"). arg(crt->getIntName())); if (xport->match_all(F_PKCS8)) { pkey->writePKCS8(file, EVP_des_ede3_cbc(), PwDialogCore::pwCallback, true); } else { pkey->writeKey(file, NULL, NULL, true); } crt->writeCert(file, true); } else if (xport->match_all(F_PEM)) { crt->writeCert(file, true); } else if (xport->match_all(F_DER)) { crt->writeCert(file, false); } else if (xport->match_all(F_PKCS7)) { writePKCS7(crt, file, xport->flags, list); } else if (xport->match_all(F_PKCS12)) { writePKCS12(crt, file, xport->match_all(F_CHAIN)); } else if (xport->match_all(F_INDEX)) { writeIndex(file, certs); } else if (xport->match_all(F_CAL)) { QStringList vcal; foreach(crt, certs) { vcal += xport->match_all(F_CHAIN) ? crt->icsVEVENT_ca() : crt->icsVEVENT(); } writeVcalendar(file, vcal); } } void db_x509::writeIndex(XFile &file, QList items) const { QString index; foreach(pki_x509 *cert, items) { if (cert) index += cert->getIndexEntry(); } file.write(index.toUtf8()); } void db_x509::writePKCS12(pki_x509 *cert, XFile &file, bool chain) const { QStringList filt; pki_pkcs12 *p12 = NULL; try { pki_evp *privkey = (pki_evp *)cert->getRefKey(); if (!privkey || privkey->isPubKey()) { XCA_WARN(tr("There was no key found for the Certificate: '%1'").arg(cert->getIntName())); return; } if (privkey->isToken()) { XCA_WARN(tr("Not possible for the token-key Certificate '%1'").arg(cert->getIntName())); return; } p12 = new pki_pkcs12(cert->getIntName(), cert, privkey); pki_x509 *signer = cert->getSigner(); while ((signer != NULL ) && (signer != cert) && chain) { p12->append_item(signer); cert = signer; signer = signer->getSigner(); } encAlgo encAlgo((QString) Settings["pkcs12_enc_algo"]); p12->writePKCS12(file, encAlgo); } catch (errorEx &err) { XCA_ERROR(err); } delete p12; } void db_x509::writePKCS7(pki_x509 *cert, XFile &file, int flags, const QModelIndexList &list) const { pki_pkcs7 *p7 = new pki_pkcs7(QString()); try { if (flags & F_CHAIN) { while (cert) { p7->append_item(cert); if (cert->getSigner() == cert) break; cert = cert->getSigner(); } } else if (flags & (F_UNREVOKED | F_ALL)) { foreach(pki_x509 *cer, Store.getAll()) { if ((flags & F_ALL) || !cer->isRevoked()) p7->append_item(cer); } } else if (flags) { foreach(QModelIndex idx, list) { cert = fromIndex(idx); if (cert) p7->append_item(cert); } } else { p7->append_item(cert); } p7->writeP7(file, false); } catch (errorEx &err) { XCA_ERROR(err); } delete p7; } void db_x509::certRenewal(QModelIndexList indexes) { pki_x509 *oldcert = NULL, *signer = NULL, *newcert =NULL; pki_key *signkey = NULL; a1time time; a1int serial; CertExtend *dlg = NULL; x509rev r; bool doRevoke = false; bool doReplace = false; if (indexes.size() == 0) return; QModelIndex idx = indexes[0]; try { oldcert = fromIndex(idx); if (!oldcert || !(signer = oldcert->getSigner()) || !(signkey = signer->getRefKey()) || signkey->isPubKey()) return; bool renew_myself = signer == oldcert; CertExtend *dlg = new CertExtend(NULL, renew_myself ? NULL : signer); dlg->revoke->setEnabled(!renew_myself); if (!dlg->exec()) { delete dlg; return; } if (dlg->revoke->isChecked() && !renew_myself) { Revocation *revoke = new Revocation(indexes); doRevoke = revoke->exec(); r = revoke->getRevocation(); delete revoke; } doReplace = dlg->replace->isChecked(); foreach(idx, indexes) { oldcert = fromIndex(idx); if (!oldcert) continue; newcert = new pki_x509(oldcert); newcert->pkiSource = renewed; serial = dlg->keepSerial->isChecked() ? oldcert->getSerial() : getUniqueSerial(signer); newcert->setRevoked(x509rev()); // change date and serial newcert->setSerial(serial); newcert->setNotBefore(dlg->notBefore->getDate()); a1time a; if (dlg->noWellDefinedExpDate->isChecked()) a.setUndefined(); else a = dlg->notAfter->getDate(); newcert->setNotAfter(a); // and finally sign the cert newcert->sign(signkey, oldcert->getDigest()); newcert = dynamic_cast(insert(newcert)); createSuccess(newcert); // delete old certificate if requested if (doReplace) deletePKI(idx); } if (doRevoke) do_revoke(indexes, r); } catch (errorEx &err) { XCA_ERROR(err); delete newcert; } delete dlg; emit columnsContentChanged(); } void db_x509::revoke(QModelIndexList indexes) { if (indexes.size() == 0) return; Revocation *revoke = new Revocation(indexes); if (revoke->exec()) { do_revoke(indexes, revoke->getRevocation()); } emit columnsContentChanged(); } void db_x509::do_revoke(QModelIndexList indexes, const x509rev &r) { pki_x509 *parent = NULL, *cert, *iss; x509revList revlist; foreach(QModelIndex idx, indexes) { cert = fromIndex(idx); if (!cert) continue; iss = cert->getSigner(); if (parent == NULL) { parent = iss; } else if (parent != iss) { parent = NULL; break; } } if (!parent) { qWarning("%s(%d): Certs have different/no signer", __func__, __LINE__); } foreach(QModelIndex idx, indexes) { cert = fromIndex(idx); if (!cert) continue; x509rev rev(r); rev.setSerial(cert->getSerial()); cert->setRevoked(rev); revlist << rev; } parent->mergeRevList(revlist); } void db_x509::unRevoke(QModelIndexList indexes) { pki_x509 *parent = NULL; x509revList revList; foreach(QModelIndex idx, indexes) { pki_x509 *cert = fromIndex(idx); if (!cert) continue; pki_x509 *iss = cert->getSigner(); if (parent == NULL) { parent = iss; } else if (parent != iss) { parent = NULL; break; } } if (!parent) { qWarning("%s(%d): Certs have different/no issuer\n", __func__, __LINE__); return; } revList = parent->getRevList(); foreach(QModelIndex idx, indexes) { int i; x509rev rev; pki_x509 *cert = fromIndex(idx); if (!cert) continue; cert->setRevoked(x509rev()); rev.setSerial(cert->getSerial()); i = revList.indexOf(rev); if (i != -1) revList.takeAt(i); } parent->setRevocations(revList); emit columnsContentChanged(); } void db_x509::toCertificate(QModelIndex index) { pki_x509 *cert = fromIndex(index); if (!cert) return; if (!cert->getRefKey() && cert->getSigner() != cert) extractPubkey(index); cert->pkiSource = transformed; newCert(cert); } void db_x509::toRequest(QModelIndex idx) { db_x509req *reqs = Database.model(); pki_x509 *cert = fromIndex(idx); if (!cert) return; try { pki_x509req *req = new pki_x509req(); Q_CHECK_PTR(req); req->pkiSource = transformed; req->setIntName(cert->getIntName()); req->createReq(cert->getRefKey(), cert->getSubject(), cert->getDigest(), cert->getV3ext()); createSuccess(reqs->insert(req)); } catch (errorEx &err) { XCA_ERROR(err); } } void db_x509::toToken(QModelIndex idx, bool alwaysSelect) { pki_x509 *cert = fromIndex(idx); if (!cert) return; try { cert->store_token(alwaysSelect); } catch (errorEx &err) { XCA_ERROR(err); } } void db_x509::updateCaProperties(pki_x509 *cert) { XSqlQuery q; Transaction; TransThrow(); SQL_PREPARE(q, "UPDATE authority SET crlDays=?, " "template=? WHERE item=?"); q.bindValue(0, cert->getCrlDays()); q.bindValue(1, cert->getTemplateSqlId()); q.bindValue(2, cert->getSqlItemId()); AffectedItems(cert->getSqlItemId()); q.exec(); TransDone(q.lastError()); XCA_SQLERROR(q.lastError()); } xca-RELEASE.2.5.0/lib/db_x509.h000066400000000000000000000037371450407711300154550ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __DB_X509_H #define __DB_X509_H #include "pki_export.h" #include "db_x509super.h" #include "asn1int.h" #include "x509rev.h" class pki_x509req; class pki_x509; class pki_temp; class pki_crl; class db_x509: public db_x509super { Q_OBJECT protected: pki_x509 *get1SelectedCert(); dbheaderList getHeaders(); void dereferenceIssuer(); public: db_x509(); pki_base *newPKI(enum pki_type type = none); pki_x509 *findIssuer(pki_x509 *client); virtual void loadContainer(); bool updateView(); void updateViewAll(); void updateViewPKI(pki_base *pki); void remFromCont(const QModelIndex &idx); QList getAllIssuers(); QList getCerts(bool unrevoked); void writeIndex(const QString &fname, bool hierarchy) const; void writeIndex(XFile &file, QList items) const; pki_base *insert(pki_base *item); void markRequestSigned(pki_x509req *req, pki_x509 *cert); pki_x509 *newCert(NewX509 *dlg); void newCert(pki_x509 *cert); void writePKCS12(pki_x509 *cert, XFile &file, bool chain) const; void writePKCS7(pki_x509 *cert, XFile &file, int flags, const QModelIndexList &list) const; void fillContextMenu(QMenu *menu, const QModelIndex &index); void inToCont(pki_base *pki); a1int getUniqueSerial(pki_x509 *signer); void toToken(QModelIndex idx, bool alwaysSelect); void toRequest(QModelIndex idx); void updateCaProperties(pki_x509 *cert); void toCertificate(QModelIndex index); void certRenewal(QModelIndexList indexes); void revoke(QModelIndexList indexes); void do_revoke(QModelIndexList indexes, const x509rev &r); void unRevoke(QModelIndexList indexes); int exportFlags(const QModelIndex &idx) const; void exportItems(const QModelIndexList &indexes, const pki_export *xport, XFile &file) const; public slots: void newItem(); void newCert(pki_temp *); void newCert(pki_x509req *); }; #endif xca-RELEASE.2.5.0/lib/db_x509req.cpp000066400000000000000000000056131450407711300165130ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "db_x509req.h" #include "pki_x509req.h" #include "pki_temp.h" #include "XcaWarningCore.h" #pragma message ("drop UI dependencies") #include "widgets/NewX509.h" db_x509req::db_x509req() : db_x509super("requests") { sqlHashTable = "requests"; pkitype << x509_req; pkitype_depends << x509; updateHeaders(); loadContainer(); } dbheaderList db_x509req::getHeaders() { dbheaderList h = db_x509super::getHeaders(); h << new dbheader(HD_req_signed, true, tr("Signed"), tr("whether the request is already signed or not")) << new dbheader(HD_req_unstr_name, false, tr("Unstructured name"), QString(OBJ_nid2ln(NID_pkcs9_unstructuredName))) << new dbheader(HD_req_chall_pass, false, tr("Challenge password"), QString(OBJ_nid2ln(NID_pkcs9_challengePassword))) << new num_dbheader(HD_req_certs, false, tr("Certificate count"), tr("Number of certificates in the database with the same public key")); return h; } pki_base *db_x509req::newPKI(enum pki_type type) { (void)type; return new pki_x509req(); } pki_base *db_x509req::insert(pki_base *item) { pki_x509req *oldreq, *req; req = (pki_x509req *)item; oldreq = (pki_x509req *)getByReference(req); if (oldreq) { XCA_INFO(tr("The certificate signing request already exists in the database as\n'%1'\nand thus was not stored").arg(oldreq->getIntName())); delete req; return NULL; } return insertPKI(req); } void db_x509req::newItem() { newItem(NULL, NULL); } void db_x509req::newItem(pki_temp *temp, pki_x509req *orig) { pki_x509req *req = NULL; NewX509 *dlg = new NewX509(); if (temp) { dlg->defineTemplate(temp); } else if (orig) { dlg->fromX509super(orig, true); } dlg->setRequest(); if (!dlg->exec()){ delete dlg; return; } try { pki_key *key = dlg->getSelectedKey(); x509name xn = dlg->getX509name(); req = new pki_x509req(); req->pkiSource = dlg->getPkiSource(); req->setIntName(dlg->description->text()); dlg->getReqAttributes(req); req->createReq(key, xn, dlg->hashAlgo->current(), dlg->getAllExt()); // set the comment field req->setComment(dlg->comment->toPlainText()); createSuccess(insert(req)); } catch (errorEx &err) { XCA_ERROR(err); delete req; } } void db_x509req::exportItem(const QModelIndex &index, const pki_export *xport, XFile &file) const { pki_x509req *req = fromIndex(index); if (req) req->writeReq(file, xport->match_all(F_PEM)); } void db_x509req::setSigned(QModelIndex index, bool signe) { pki_x509req *req = fromIndex(index); if (!req) return; req->markSigned(signe); emit columnsContentChanged(); } void db_x509req::resetX509count() { foreach(pki_x509req *r, getAllRequests()) r->resetX509count(); } QList db_x509req::getAllRequests() { return Store.sqlSELECTpki("SELECT item FROM requests"); } xca-RELEASE.2.5.0/lib/db_x509req.h000066400000000000000000000014301450407711300161510ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2007 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __DB_X509REQ_H #define __DB_X509REQ_H #include "db_x509super.h" class pki_temp; class pki_x509req; class db_x509req: public db_x509super { Q_OBJECT protected: dbheaderList getHeaders(); public: db_x509req(); pki_base* insert(pki_base *item); pki_base *newPKI(enum pki_type type = none); void fillContextMenu(QMenu *menu, const QModelIndex &index); QList getAllRequests(); void resetX509count(); void setSigned(QModelIndex index, bool signe); void exportItem(const QModelIndex &index, const pki_export *xport, XFile &file) const; public slots: void newItem(pki_temp *temp, pki_x509req *orig = NULL); void newItem(); }; #endif xca-RELEASE.2.5.0/lib/db_x509super.cpp000066400000000000000000000103621450407711300170570ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "pki_base.h" #include "pki_temp.h" #include "db_x509super.h" #include "db_temp.h" #include "database_model.h" #include "oid.h" #include "XcaWarningCore.h" #include db_x509name::db_x509name(const char *classname) :db_base(classname) { } dbheaderList db_x509name::getHeaders() { dbheaderList h = db_base::getHeaders(); h << new dbheader(HD_subject_name, false, tr("Subject"), tr("Complete distinguished name")) << new num_dbheader(HD_subject_hash, false, tr("Subject hash"), tr("Hash to lookup certs in directories")); foreach(int nid, distname_nid) h << new nid_dbheader(nid, dbheader::hd_x509name); return h; } db_x509super::db_x509super(const char *classname) :db_x509name(classname) { pkitype_depends << asym_key << smartCard; } void db_x509super::loadContainer() { db_x509name::loadContainer(); /* Resolve Key references */ foreach(pki_x509super *pki, Store.getAll()) { QVariant keySqlId = pki->getKeySqlId(); if (!keySqlId.isValid()) continue; pki->setRefKey(Store.lookupPki(keySqlId)); } } dbheaderList db_x509super::getHeaders() { dbheaderList h = db_x509name::getHeaders(); NIDlist v3nid, v3ns_nid; v3nid << NID_subject_alt_name << NID_issuer_alt_name << NID_subject_key_identifier << NID_authority_key_identifier << NID_key_usage << NID_ext_key_usage << NID_crl_distribution_points << NID_info_access; v3ns_nid << NID_netscape_cert_type << NID_netscape_base_url << NID_netscape_revocation_url << NID_netscape_ca_revocation_url << NID_netscape_renewal_url << NID_netscape_ca_policy_url << NID_netscape_ssl_server_name << NID_netscape_comment; h << new dbheader(HD_x509key_name, false, tr("Key name"), tr("Internal name of the key")) << new dbheader(HD_x509_sigalg, false, tr("Signature algorithm")) << new key_dbheader(HD_key_type, tr("Key type")) << new key_dbheader(HD_key_size, tr("Key size")) #ifndef OPENSSL_NO_EC << new key_dbheader(HD_key_curve, tr("EC Group")) #endif ; foreach(int nid, v3nid) h << new nid_dbheader(nid, dbheader::hd_v3ext); foreach(int nid, v3ns_nid) h << new nid_dbheader(nid, dbheader::hd_v3ext_ns); return h; } pki_key *db_x509super::findKey(pki_x509super *ref) { db_key *keys = Database.model(); pki_key *key, *refkey; if (!ref) return NULL; if ((key = ref->getRefKey()) != NULL ) return key; refkey = ref->getPubKey(); if (!refkey) return NULL; key = dynamic_cast(keys->getByReference(refkey)); ref->setRefKey(key); delete refkey; return key; } QList db_x509super::findByPubKey(pki_key *refkey) { QList list; foreach(pki_x509super *pki, Store.getAll()) { pki_key *key = pki->getPubKey(); if (!key) continue; if (refkey->compare(key)) list << pki; delete key; } return list; } void db_x509super::extractPubkey(QModelIndex index) { db_key *keys = Database.model(); pki_key *key; pki_x509super *pki = fromIndex(index); if (!pki) return; key = pki->getPubKey(); if (!key) return; key->setIntName(pki->getIntName()); key->pkiSource = transformed; key->selfComment(tr("Extracted from %1 '%2'") .arg(pki->getType() == x509 ? tr("Certificate") : tr("Certificate request")) .arg(pki->getIntName())); key = dynamic_cast(keys->insert(key)); if (!key) return; if (Settings["suppress_messages"]) return; XCA_INFO(key->getMsg(pki_base::msg_import).arg(pki->getIntName())); } void db_x509super::toTemplate(QModelIndex index) { db_temp *temps = Database.model(); pki_x509super *pki = fromIndex(index); if (!pki || !temps) return; try { pki_temp *temp = new pki_temp(); Q_CHECK_PTR(temp); temp->setIntName(pki->getIntName()); extList el = temp->fromCert(pki); if (el.size()) { xcaWarning::warningv3(tr("The following extensions were not ported into the template"), el); } temp->pkiSource = transformed; temp->selfComment(tr("Transformed from %1 '%2'") .arg(pki->getType() == x509 ? tr("Certificate") : tr("Certificate request")) .arg(pki->getIntName())); createSuccess(temps->insert(temp)); } catch (errorEx &err) { XCA_ERROR(err); } } xca-RELEASE.2.5.0/lib/db_x509super.h000066400000000000000000000013131450407711300165200ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2011 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __DB_X509SUPER_H #define __DB_X509SUPER_H #include "db_key.h" #include "pki_x509super.h" #include class db_x509name: public db_base { Q_OBJECT protected: dbheaderList getHeaders(); public: db_x509name(const char *classname); }; class db_x509super: public db_x509name { Q_OBJECT protected: dbheaderList getHeaders(); void loadContainer(); public: db_x509super(const char *classname); pki_key *findKey(pki_x509super *ref); QList findByPubKey(pki_key *refkey); void extractPubkey(QModelIndex index); void toTemplate(QModelIndex index); }; #endif xca-RELEASE.2.5.0/lib/dbhistory.cpp000066400000000000000000000031141450407711300166320ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2020 Christian Hohnstaedt. * * All rights reserved. */ #include #include #include "xfile.h" #include "func.h" #include "dbhistory.h" #include "database_model.h" static QString dbhistory_file() { return getUserSettingsDir() + "/dbhistory"; } QString dbhistory::lastRemote; dbhistory::dbhistory() { QString name; XFile file(dbhistory_file()); try { file.open_read(); } catch (...) { return; } history.clear(); while (!file.atEnd()) { QByteArray ba; ba = file.readLine(1024); if (ba.size() == 0) break; name = QString::fromUtf8(ba).trimmed(); if (name.size() == 0) continue; if (history.indexOf(name) == -1) history << name; } file.close(); foreach(name, history) { if (database_model::isRemoteDB(name)) { setLastRemote(name); break; } } } void dbhistory::addEntry(const QString &name) { int pos; QString fname = name; if (!database_model::isRemoteDB(fname)) fname = relativePath(fname); pos = history.indexOf(fname); if (pos == 0) return; /* no changes */ if (pos > 0) history.removeAt(pos); history.prepend(fname); while (history.size() > 10) history.removeLast(); XFile file(dbhistory_file()); if (!file.open_write()) return; QString all = history.join("\n"); if (file.write(all.toUtf8()) <= 0) qDebug() << "Error writing history" << file.fileName() << file.errorString(); file.close(); } void dbhistory::setLastRemote(const QString &db) { if (database_model::isRemoteDB(db)) lastRemote = db; } QString dbhistory::getLastRemote() { return lastRemote; } xca-RELEASE.2.5.0/lib/dbhistory.h000066400000000000000000000007341450407711300163040ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __DBHISTORY_H #define __DBHISTORY_H #include #include class dbhistory { private: QStringList history; static QString lastRemote; public: dbhistory(); void addEntry(const QString &name); QStringList get() const { return history; } static void setLastRemote(const QString &db); static QString getLastRemote(); }; #endif xca-RELEASE.2.5.0/lib/dhgen.cpp000066400000000000000000000011521450407711300157100ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 Christian Hohnstaedt. * * All rights reserved. */ #include "func.h" #include "dhgen.h" #include "entropy.h" #include "xfile.h" #include "BioByteArray.h" #include #include #include void DHgen::run() { DH *dh = NULL; BioByteArray b; try { dh = DH_new(); Q_CHECK_PTR(dh); DH_generate_parameters_ex(dh, bits, 2, NULL); openssl_error(); PEM_write_bio_DHparams(b, dh); openssl_error(); } catch (errorEx &e) { err = e; } XFile file(fname); file.open_write(); file.write(b); if (dh) DH_free(dh); } xca-RELEASE.2.5.0/lib/dhgen.h000066400000000000000000000007401450407711300153570ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2012 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __DHGEN_H #define __DHGEN_H #include "exception.h" #include #include class DHgen: public QThread { QString fname; int bits; errorEx err; public: DHgen(const QString &n, int b) : QThread(), fname(n), bits(b) {} QString filename() const { return fname; } errorEx error() const { return err; } protected: void run(); }; #endif xca-RELEASE.2.5.0/lib/digest.cpp000066400000000000000000000024251450407711300161060ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2021 Christian Hohnstaedt. * * All rights reserved. */ #include "func.h" #include "digest.h" #include "lib/base.h" #include #include const QList digest::all_digests( { NID_md5, NID_ripemd160, NID_sha1, NID_sha224, NID_sha256, NID_sha384, NID_sha512 }); int digest::default_md(NID_sha256); digest::digest(int nid) : md_nid(nid) { } digest::digest(const EVP_MD *md) : md_nid(default_md) { if (!md) return; if (!OBJ_find_sigid_algs(EVP_MD_type(md), &md_nid, NULL)) md_nid = EVP_MD_type(md); } digest::digest(const QString &name) : md_nid(default_md) { QString s(name); // Workaround for Ed25519 if (s.isEmpty()) { md_nid = NID_undef; return; } md_nid = OBJ_txt2nid(CCHAR(s.remove(QChar(' ')))); ign_openssl_error(); } bool digest::isInsecure() const { switch (md_nid) { case NID_md5: case NID_ripemd160: case NID_sha1: return true; } return false; } const EVP_MD *digest::MD() const { return md_nid == NID_undef ? NULL : EVP_get_digestbynid(md_nid); } QString digest::name() const { return QString(md_nid == NID_undef ? "" : OBJ_nid2sn(md_nid)); } const digest digest::getDefault() { return digest(default_md); } void digest::setDefault(const QString &def) { default_md = digest(def).md_nid; } xca-RELEASE.2.5.0/lib/digest.h000066400000000000000000000011731450407711300155520ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2021 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __DIGEST_H #define __DIGEST_H #include #include class digest { private: static int default_md; int md_nid; public: static const QList all_digests; digest(int nid); digest(const EVP_MD *md); digest(const QString &name); digest(const digest &d) = default; digest& operator=(const digest &d) = default; bool isInsecure() const; const EVP_MD *MD() const; QString name() const; static void setDefault(const QString &def); static const digest getDefault(); }; #endif xca-RELEASE.2.5.0/lib/entropy.cpp000066400000000000000000000104161450407711300163260ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2015 Christian Hohnstaedt. * * All rights reserved. */ #include #include #if !defined(Q_OS_WIN32) #include #include #include #include #include #include #endif #include #include #include #include "func.h" #include "xfile.h" #include "entropy.h" /* Entropy sources for XCA * * Entropy is a very important topic for key generation. * * XCA uses the following sources for entropy: * * 1) During startup * RAND_poll() * The OpenSSL seeding mechanism. * It uses /dev/urandom where possible and the * Screen content on Windows. * * If "/dev/random" exists, it will be used for additional * 256bit entropy. Same is true for "/dev/hwrng" * * 2) Before any key or parameter generation a "reseeding" * is done. Some say reseeding is not neccessary, but * all say it does not harm. * * Entropy by Mouse and keyboard events * main.cpp: bool XcaApplication::eventFilter() * 256bit from /dev/urandom (unix/Mac) * * 3) A .rnd state file in the XCA application directory * is written on exit and read on startup. * After reading it, the file will be erased to avoid replays. * * 4) When managing a token that supports C_GenerateRandom * and C_SeedRandom, XCA will seed the token and in return * seed himself from the token. */ #undef DEBUG_ENTROPY #define pool_siz (sizeof(pool)/sizeof(pool[0])) unsigned char Entropy::pool[512]; unsigned Entropy::pool_pos = 0; QElapsedTimer Entropy::timer; unsigned Entropy::seed_strength = 0; QString Entropy::makeSalt(void) { QString s = "T"; unsigned char rand[8]; Entropy::get(rand, sizeof rand); for (unsigned i=0; i< sizeof rand; i++) s += QString("%1").arg(rand[i]); return s; } void Entropy::add(int rand) { unsigned char entropy = (rand ^ timer.elapsed()) & 0xff; pool[pool_pos++ % pool_siz] = entropy; } void Entropy::add_buf(const unsigned char *buf, int buflen) { RAND_seed(buf, buflen); seed_strength += buflen; } int Entropy::get(unsigned char *buf, int num) { seed_rng(); return RAND_bytes(buf, num); } void Entropy::seed_rng() { if (pool_pos > pool_siz) pool_pos = pool_siz; RAND_seed(pool, pool_pos); seed_strength += pool_pos; random_from_file("/dev/urandom", 32); #ifdef DEBUG_ENTROPY { QDebug dbg = qDebug(); dbg << QString("Seeding %1 bytes:").arg(pool_pos); for (unsigned i=0; i 0;) { int len = read(fd, buf, amount > sizeof buf ? sizeof buf : amount); if (len > 0) { RAND_seed(buf, len); seed_strength += len / weakness; amount -= len; sum += len; } if (len == -1) { if (errno != EWOULDBLOCK) qWarning("Error '%s' while reading '%s'\n", strerror(errno), CCHAR(fname)); len = 0; } if (len == 0) break; } #ifdef DEBUG_ENTROPY qDebug("Entropy from file '%s' = %d bytes", CCHAR(fname), sum); #endif return sum; #else (void)fname; (void)amount; (void)weakness; return 0; #endif } unsigned Entropy::strength() { return seed_strength; } Entropy::Entropy() { timer.start(); rnd = getUserSettingsDir() + "/.rnd"; random_from_file(rnd, 1024, 128); QFile::remove(rnd); // don't use it again RAND_poll(); seed_strength += 8; random_from_file("/dev/random", 32); random_from_file("/dev/hwrng", 32); } Entropy::~Entropy() { unsigned char buf[1024]; if (RAND_bytes(buf, sizeof buf) == 1) { XFile file(rnd); try { file.open_key(); file.write((char*)buf, sizeof buf); } catch (errorEx &e) { qDebug() << "random_from_file" << rnd << e.getString(); } file.close(); } memset(buf, 0, sizeof buf); #ifdef DEBUG_ENTROPY qDebug("Seed strength: %d", seed_strength); #endif } xca-RELEASE.2.5.0/lib/entropy.h000066400000000000000000000013351450407711300157730ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2012 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __ENTROPY_H #define __ENTROPY_H #include #include #include class Entropy { protected: QString rnd; static QElapsedTimer timer; static unsigned char pool[512]; static unsigned pool_pos; static unsigned seed_strength; static int random_from_file(QString fname, unsigned amount, int weakness=1); public: Entropy(); ~Entropy(); static void add(int rand); static void add_buf(const unsigned char *buf, int buflen); static int get(unsigned char *buf, int num); static void seed_rng(); static unsigned strength(); static QString makeSalt(void); }; #endif xca-RELEASE.2.5.0/lib/exception.h000066400000000000000000000014401450407711300162660ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2012 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_EXCEPTION_H #define __PKI_EXCEPTION_H #include #include #include #include "base.h" enum open_result { pw_cancel, pw_ok, pw_exit, open_abort }; class errorEx { protected: QString msg; public: errorEx(QString txt = "", QString className = "") { msg = txt; if (!className.isEmpty()) msg += " (" + className + ")"; } errorEx(const QSqlError &e) { msg = e.text(); } void appendString(QString s) { msg = msg + " " + s; } QString getString() const { return msg; } const char *getCString() const { return msg.toLatin1(); } bool isEmpty() const { return msg.isEmpty(); } }; #endif xca-RELEASE.2.5.0/lib/func.cpp000066400000000000000000000357541450407711300155750ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "func.h" #include "exception.h" #include "asn1time.h" #include "settings.h" #include "XcaWarningCore.h" #include #include #include #include #include #include #include #ifdef Q_OS_MACOS #include #define I18N_DIR "" #else #define I18N_DIR "i18n/" #endif #include #include #include #include #include #include #include #include #if defined(Q_OS_WIN32) #include #include #ifndef ENABLE_VIRTUAL_TERMINAL_PROCESSING #define ENABLE_VIRTUAL_TERMINAL_PROCESSING 0x04 #endif #else #include #include #define getch() getchar() #endif bool is_gui_app = false; int console_write(FILE *fp, const QByteArray &ba) { if (ba.size() == 0) return 0; #if defined(Q_OS_WIN32) HANDLE con = GetStdHandle(fp == stderr ? STD_ERROR_HANDLE : STD_OUTPUT_HANDLE); if (con != INVALID_HANDLE_VALUE) { QString string = QString::fromUtf8(ba); WriteConsoleW(con, string.utf16(), string.size(), NULL, NULL); //return 0; } #endif fputs(ba.constData(), fp); fflush(fp); return 0; } Passwd readPass() { Passwd pw; #if !defined(Q_OS_WIN32) struct termios t, back; if (tcgetattr(0, &t)) throw errorEx(strerror(errno)); back = t; t.c_lflag &= ~(ECHO | ICANON); if (tcsetattr(0, TCSAFLUSH, &t)) throw errorEx(strerror(errno)); #else qFatal("Password input not supported"); #endif while(1) { char p = getch(); if (p == '\n' || p == '\r') break; if (p == 0x7f) pw.chop(1); else pw += p; } fputc('\n', stdout); #if !defined(Q_OS_WIN32) if (tcsetattr(0, TCSAFLUSH, &back)) throw errorEx(strerror(errno)); #endif return pw; } const QStringList getLibExtensions() { return QStringList { #if defined(Q_OS_WIN32) QString("*.dll"), QString("*.DLL"), #elif defined(Q_OS_MACOS) QString("*.dylib"), QString("*.so"), #else QString("*.so"), #endif }; } #if defined(Q_OS_WIN32) static QString registryInstallDir() { QString dir; wchar_t inst_dir[2048] = L""; ULONG len = sizeof inst_dir; if (RegGetValueW(HKEY_LOCAL_MACHINE, L"Software\\xca", L"Install_Dir64", RRF_RT_REG_SZ, NULL, inst_dir, &len) != ERROR_SUCCESS) return dir; /* "len" is in octets */ len /= sizeof inst_dir[0]; /* "len" includes the trailing \0\0 */ dir = QString::fromWCharArray(inst_dir, len -1); return QFileInfo(dir).canonicalFilePath(); } #endif int portable_app() { static int portable = -1; QString f1, f2; if (portable == -1) { #if defined(Q_OS_WIN32) f1 = registryInstallDir(); f2 = QCoreApplication::applicationDirPath(); /* f1 == f2 Registry entry of install dir exists and matches * path of this xca.exe -> Installed. Not the portable app */ portable = f1 == f2 ? 0 : 1; qDebug() << "Portable:" << f1 << " != " << f2; #else const char *p = getenv("XCA_PORTABLE"); portable = p && *p; #endif } return portable; } #if defined(Q_OS_WIN32) static QString specialFolder(int csidl) { LPITEMIDLIST pidl = NULL; wchar_t buf[MAX_PATH] = L""; if (SUCCEEDED(SHGetSpecialFolderLocation(NULL, csidl, &pidl))) SHGetPathFromIDListW(pidl, buf); QString f = QString::fromWCharArray(buf); qDebug() << "Special Folder" << csidl << f; return QFileInfo(f).canonicalFilePath(); } #endif const QString getHomeDir() { return portable_app() ? QCoreApplication::applicationDirPath() : QStandardPaths::writableLocation( QStandardPaths::DocumentsLocation); } /* For portable APP remove leading file name if it is * the app directory. */ QString relativePath(QString path) { QFileInfo fi_path(path); QFileInfo fi_home(getHomeDir()); QString prefix = fi_home.absoluteFilePath(); path = fi_path.absoluteFilePath(); if (portable_app()) { if (path.startsWith(prefix)) path = path.mid(prefix.length()+1); } return path; } const QString getLibDir() { #if defined(Q_OS_WIN32) return specialFolder(CSIDL_SYSTEM); #else QString ulib = "/usr/lib/"; QString lib = "/lib/"; QString multi; QString hd = ulib; QFile f(ulib + "pkg-config.multiarch"); if (f.open(QIODevice::ReadOnly)) { QTextStream in(&f); multi = in.readLine(); if (!multi.isEmpty()) multi += "/"; } QStringList dirs; dirs << ulib + multi + "pkcs11/" << lib + multi + "pkcs11/" << ulib + "pkcs11/" << lib + "pkcs11/" << ulib + multi << lib + multi << ulib << lib; foreach(QString dir, dirs) { if (QDir(dir).exists()) { hd = dir; break; } } return QFileInfo(hd).canonicalFilePath(); #endif } const QString getDocDir() { static QString docdir; if (!docdir.isEmpty()) return docdir; QStringList docs; #ifdef DOCDIR docs << QString(DOCDIR); #endif docs += QStandardPaths::standardLocations(QStandardPaths::AppDataLocation); foreach (docdir, docs) { #ifndef Q_OS_MACOS docdir += "/html"; #endif if (QFileInfo::exists(docdir + "/xca.qhc")) { qDebug() << "Detected" << docdir + "/xca.qhc"; return docdir; } } docdir = QString(); return docdir; } // The intent of this function is to return the proper location for // user-controlled settings on the current platform const QString getUserSettingsDir() { static QString dir; if (!dir.isEmpty()) return dir; dir = QStandardPaths::writableLocation(QStandardPaths::AppDataLocation); #if defined(Q_OS_WIN32) if (portable_app()) dir = QCoreApplication::applicationDirPath() + "/settings"; #endif if (!QDir().mkpath(dir)) qCritical("Failed to create Path: '%s'", CCHAR(dir)); return dir; } const QString getI18nDir() { QString qm = QStandardPaths::locate(QStandardPaths::AppDataLocation, I18N_DIR "xca_de.qm"); return QFileInfo(qm).path(); } void migrateOldPaths() { QString old; #if defined(Q_OS_UNIX) old = QDir::homePath() + "/.xca"; #elif defined(Q_OS_MACOS) old = QStandardPaths::writableLocation( QStandardPaths::GenericDataLocation) + "/data/" + QCoreApplication::applicationName(); #endif QDir old_dir(old); if (old.isEmpty() || !old_dir.exists()) return; qDebug() << "Old XCA directory exists" << old; QString new_dir = getUserSettingsDir() + "/"; foreach(QString n, QStringList({"dbhistory", "defaultdb", "defaultlang", ".rnd"})) { old_dir.rename(n, new_dir + n); qDebug() << "Move file" << old + "/" + n << new_dir + n; } old_dir.rmdir(old); } // Qt's open and save dialogs result in some undesirable quirks. // This function makes sure that a filename has the user-selected extension. QString getFullFilename(const QString & filename, const QString & selectedFilter) { QString rv = filename.trimmed(), ext; auto match = QRegularExpression(".* \\( ?\\*(.[a-z]{1,3}) ?\\)") .match(selectedFilter); ext = match.captured(1); if (ext.isEmpty() || rv.endsWith(ext)) return rv; return rv + ext; } QString hostId() { static QString id; unsigned char guid[100] = "", md[SHA_DIGEST_LENGTH]; if (!id.isEmpty()) return id; #if defined(Q_OS_WIN32) #define REG_CRYPTO "SOFTWARE\\Microsoft\\Cryptography" #define REG_GUID "MachineGuid" ULONG dwGuid = sizeof guid; HKEY hKey; if (RegOpenKeyExA(HKEY_LOCAL_MACHINE, REG_CRYPTO, 0, KEY_READ, &hKey) != ERROR_SUCCESS) { XCA_WARN("Registry Key: '" REG_CRYPTO "' not found"); } else { if (RegQueryValueExA(hKey, REG_GUID, NULL, NULL, guid, &dwGuid) != ERROR_SUCCESS) { XCA_WARN("Registry Key: '" REG_CRYPTO "\\" REG_GUID "' not found"); } } RegCloseKey(hKey); #elif defined(Q_OS_MACOS) io_registry_entry_t ioRegistryRoot = IORegistryEntryFromPath( kIOMasterPortDefault, "IOService:/"); CFStringRef uuidCf = (CFStringRef)IORegistryEntryCreateCFProperty( ioRegistryRoot, CFSTR(kIOPlatformUUIDKey), kCFAllocatorDefault, 0); CFStringGetCString(uuidCf, (char*)guid, sizeof guid, kCFStringEncodingMacRoman); qDebug() << QString::fromCFString(uuidCf) << (char*)guid; IOObjectRelease(ioRegistryRoot); CFRelease(uuidCf); #else QString mach_id; QStringList dirs; dirs << "/etc" << "/var/lib/dbus" << "/var/db/dbus"; foreach(QString dir, dirs) { QFile file(dir + "/machine-id"); if (file.open(QIODevice::ReadOnly)) { QTextStream in(&file); mach_id = in.readLine().trimmed(); file.close(); } qDebug() << "ID:" << mach_id; if (!mach_id.isEmpty()) { snprintf((char*)guid, sizeof guid, "%s", CCHAR(mach_id)); break; } } if (mach_id.isEmpty()) sprintf((char*)guid, "%ld", gethostid()); #endif guid[sizeof guid -1] = 0; SHA1(guid, strlen((char*)guid), md); id = QByteArray((char*)md, (int)sizeof md).toBase64().mid(0, 8); qDebug() << "GUID:" << guid << "ID:" << id; return id; } QString compressFilename(const QString &filename, int maxlen) { QString fn = filename; if (fn.length() >= maxlen) { fn.replace("\\", "/"); int len, lastslash = fn.lastIndexOf('/'); QString base = filename.mid(lastslash); len = maxlen - base.length() - 3; if (len < 0) { fn = "..." + base.right(maxlen -3); } else { fn = fn.left(len); lastslash = fn.lastIndexOf('/'); fn = filename.left(lastslash + 1) + "..." + base; } } return nativeSeparator(fn); } QString asn1ToQString(const ASN1_STRING *str, bool quote) { unsigned char *out = NULL; int len; QString utf8; len = ASN1_STRING_to_UTF8(&out, str); if (len != -1) { utf8 = QString::fromUtf8((const char*)out, len); OPENSSL_free(out); } if (quote) utf8.replace('\n', "\\n\\"); return utf8; } /* returns an encoded ASN1 string from QString for a special nid*/ ASN1_STRING *QStringToAsn1(const QString s, int nid) { QByteArray ba = s.toUtf8(); const unsigned char *utf8 = (const unsigned char *)ba.constData(); unsigned long global_mask = ASN1_STRING_get_default_mask(); unsigned long mask = DIRSTRING_TYPE & global_mask; ASN1_STRING *out = NULL; ASN1_STRING_TABLE *tbl; tbl = ASN1_STRING_TABLE_get(nid); if (tbl) { mask = tbl->mask; if (!(tbl->flags & STABLE_NO_MASK)) mask &= global_mask; } ASN1_mbstring_copy(&out, utf8, -1, MBSTRING_UTF8, mask); openssl_error_msg(QString("'%1' (%2)").arg(s).arg(OBJ_nid2ln(nid))); return out; } const char *OBJ_ln2sn(const char *ln) { return OBJ_nid2sn(OBJ_ln2nid(ln)); } const char *OBJ_sn2ln(const char *sn) { return OBJ_nid2ln(OBJ_sn2nid(sn)); } const char *OBJ_obj2sn(ASN1_OBJECT *a) { OBJ_obj2nid(a); openssl_error(); return OBJ_nid2sn(OBJ_obj2nid(a)); } QString OBJ_obj2QString(const ASN1_OBJECT *a, int no_name) { char buf[512]; int len; len = OBJ_obj2txt(buf, sizeof buf, a, no_name); openssl_error(); return QString::fromLatin1(buf, len); } QByteArray i2d_bytearray(int(*i2d)(const void*, unsigned char **), const void *data) { QByteArray ba; ba.resize(i2d(data, NULL)); unsigned char *p = (unsigned char*)ba.data(); i2d(data, &p); openssl_error(); return ba; } void *d2i_bytearray(void *(*d2i)(void *, unsigned char **, long), QByteArray &ba) { unsigned char *p, *p1; void *ret; p = p1 = (unsigned char *)ba.constData(); ret = d2i(NULL, &p1, ba.size()); ba = ba.mid(p1-p); openssl_error(); return ret; } void _openssl_error(const QString &txt, const char *file, int line) { QString error; while (int i = ERR_get_error() ) { error += QString(ERR_error_string(i, NULL)) + "\n"; fputs(CCHAR(QString("OpenSSL error (%1:%2) : %3\n"). arg(file).arg(line).arg(ERR_error_string(i, NULL))), stderr); } if (!error.isEmpty()) { if (!txt.isEmpty()) error = txt + "\n" + error + "\n" + QString("(%1:%2)").arg(file).arg(line); throw errorEx(error); } } #undef PRINT_IGNORED_ANYWAY bool _ign_openssl_error(const QString &txt, const char *file, int line) { // ignore openssl errors QString errtxt; #if PRINT_IGNORED_ANYWAY if (!txt.isEmpty() && ERR_peek_error()) qDebug() << txt; #else (void)txt; (void)file; (void)line; #endif while (int i = ERR_get_error() ) { errtxt = ERR_error_string(i, NULL); #if PRINT_IGNORED_ANYWAY qDebug() << QString("IGNORED (%1:%2) : %3\n") .arg(file).arg(line).arg(errtxt); #endif } return !errtxt.isEmpty(); } QString formatHash(const QByteArray &data, QString sep, int width) { return QString(data.toHex()).toUpper() .replace(QRegularExpression(QString("(.{%1})(?=.)").arg(width)), QString("\\1") + sep); } QByteArray Digest(const QByteArray &data, const EVP_MD *type) { unsigned int n; unsigned char m[EVP_MAX_MD_SIZE]; EVP_Digest(data.constData(), data.size(), m, &n, type, NULL); openssl_error(); return QByteArray((char*)m, (int)n); } QString fingerprint(const QByteArray &data, const EVP_MD *type) { return formatHash(Digest(data, type), Settings["fp_separator"], Settings["fp_digits"]); } void update_workingdir(const QString &file) { Settings["workingdir"] = QFileInfo(file).absolutePath(); } QMap dn_translations; void dn_translations_setup() { QMap D; D[NID_countryName] = QObject::tr("Country code"); D[NID_stateOrProvinceName] = QObject::tr("State or Province"); D[NID_localityName] = QObject::tr("Locality"); D[NID_organizationName] = QObject::tr("Organisation"); D[NID_organizationalUnitName] = QObject::tr("Organisational unit"); D[NID_commonName] = QObject::tr("Common name"); D[NID_pkcs9_emailAddress] = QObject::tr("E-Mail address"); D[NID_serialNumber] = QObject::tr("Serial number"); D[NID_givenName] = QObject::tr("Given name"); D[NID_surname] = QObject::tr("Surname"); D[NID_title] = QObject::tr("Title"); D[NID_initials] = QObject::tr("Initials"); D[NID_description] = QObject::tr("Description"); D[NID_role] = QObject::tr("Role"); D[NID_pseudonym] = QObject::tr("Pseudonym"); D[NID_generationQualifier] = QObject::tr("Generation Qualifier"); D[NID_x500UniqueIdentifier] = QObject::tr("x500 Unique Identifier"); D[NID_name] = QObject::tr("Name"); D[NID_dnQualifier] = QObject::tr("DN Qualifier"); D[NID_pkcs9_unstructuredName] = QObject::tr("Unstructured name"); D[NID_pkcs9_challengePassword] = QObject::tr("Challenge password"); D[NID_basic_constraints] = QObject::tr("Basic Constraints"); D[NID_subject_alt_name] = QObject::tr("Subject alternative name"); D[NID_issuer_alt_name] = QObject::tr("issuer alternative name"); D[NID_subject_key_identifier] = QObject::tr("Subject key identifier"); D[NID_authority_key_identifier] = QObject::tr("Authority key identifier"); D[NID_key_usage] = QObject::tr("Key usage"); D[NID_ext_key_usage] = QObject::tr("Extended key usage"); D[NID_crl_distribution_points] = QObject::tr("CRL distribution points"); D[NID_info_access] = QObject::tr("Authority information access"); D[NID_netscape_cert_type] = QObject::tr("Certificate type"); D[NID_netscape_base_url] = QObject::tr("Base URL"); D[NID_netscape_revocation_url] = QObject::tr("Revocation URL"); D[NID_netscape_ca_revocation_url] = QObject::tr("CA Revocation URL"); D[NID_netscape_renewal_url] = QObject::tr("Certificate renewal URL"); D[NID_netscape_ca_policy_url] = QObject::tr("CA policy URL"); D[NID_netscape_ssl_server_name] = QObject::tr("SSL server name"); D[NID_netscape_comment] = QObject::tr("Comment"); dn_translations = D; } QString appendXcaComment(QString current, QString msg) { if (!current.endsWith("\n") && !current.isEmpty()) current += "\n"; return current + QString("(%1)\n").arg(msg); } xca-RELEASE.2.5.0/lib/func.h000066400000000000000000000045511450407711300152310ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2012 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __FUNC_H #define __FUNC_H #include #include #include #include #include #include "base.h" #include "Passwd.h" #define IS_GUI_APP (is_gui_app) class Validity; class MainWindow; class QPixmap; extern MainWindow *mainwin; extern bool is_gui_app; typedef struct asn1_object_st ASN1_OBJECT; typedef struct asn1_string_st ASN1_STRING; typedef struct evp_md_st EVP_MD; int console_write(FILE *fp, const QByteArray &ba); Passwd readPass(); int portable_app(); const QString getHomeDir(); const QString getLibDir(); const QString getDocDir(); const QString getUserSettingsDir(); const QString getI18nDir(); QString relativePath(QString path); QString getFullFilename(const QString &filename, const QString &selectedFilter); const QStringList getLibExtensions(); QString hostId(); QString formatHash(const QByteArray &data, QString sep = ":", int width = 2); QString compressFilename(const QString &filename, int maxlen = 50); QString asn1ToQString(const ASN1_STRING *str, bool quote = false); ASN1_STRING *QStringToAsn1(QString s, int nid); QByteArray Digest(const QByteArray &data, const EVP_MD *type); QString fingerprint(const QByteArray &data, const EVP_MD *type); void update_workingdir(const QString &file); const char *OBJ_ln2sn(const char *ln); const char *OBJ_sn2ln(const char *sn); const char *OBJ_obj2sn(ASN1_OBJECT *a); QString OBJ_obj2QString(const ASN1_OBJECT *a, int no_name = 0); extern QMap dn_translations; void dn_translations_setup(); #define openssl_error_msg(x) _openssl_error(QString(x), C_FILE, __LINE__) #define openssl_error() openssl_error_msg("") #define ign_openssl_error() _ign_openssl_error(QString(), C_FILE, __LINE__) void _openssl_error(const QString &txt, const char *file, int line); bool _ign_openssl_error(const QString &txt, const char *file, int line); QByteArray i2d_bytearray(int(*i2d)(const void*, unsigned char**), const void*); void *d2i_bytearray(void *(*d2i)(void*, unsigned char**, long), QByteArray &ba); #define I2D_VOID(a) ((int (*)(const void *, unsigned char **))(a)) #define D2I_VOID(a) ((void *(*)(void *, unsigned char **, long))(a)) QString appendXcaComment(QString current, QString msg); /* from version.cpp */ const char *version_str(bool html); #endif xca-RELEASE.2.5.0/lib/headerlist.h000066400000000000000000000130101450407711300164100ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2010 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __HEADERLIST_H #define __HEADERLIST_H #include #include #include #include #include #include #include "settings.h" #include "pki_base.h" #include "func.h" #define HD_undef NID_undef #define HD_internal_name -2 #define HD_subject_name -3 #define HD_subject_hash -4 #define HD_x509key_name -5 #define HD_counter -6 #define HD_x509_sigalg -7 #define HD_creation -8 #define HD_comment -9 #define HD_source -100 #define HD_primary_key -101 #define HD_cert_serial -10 #define HD_cert_notBefore -11 #define HD_cert_notAfter -12 //#define HD_cert_trust -13 #define HD_cert_revocation -14 #define HD_cert_ca -15 #define HD_cert_md5fp -16 #define HD_cert_sha1fp -17 #define HD_cert_sha256fp -18 #define HD_cert_crl_expire -19 #define HD_req_signed -20 #define HD_req_unstr_name -21 #define HD_req_chall_pass -22 #define HD_req_certs -23 //#define HD_temp_type -30 #define HD_crl_signer -40 #define HD_crl_revoked -42 #define HD_crl_lastUpdate -43 #define HD_crl_nextUpdate -44 #define HD_crl_crlnumber -45 #define HD_key_type -50 #define HD_key_size -51 #define HD_key_use -52 #define HD_key_passwd -53 #define HD_key_curve -54 class dbheader { protected: void init() { id = HD_undef; action = NULL; show = showDefault = false; size = -1; visualIndex = -1; sortIndicator = -1; type = hd_default; } QString name, tooltip; public: enum hdr_type { hd_default, hd_x509name, hd_v3ext, hd_v3ext_ns, hd_number, hd_asn1time, hd_key, }; int id; bool show; bool showDefault; virtual QString getName() { return name; } virtual QString getTooltip() { return tooltip; } QAction *action; int size; int visualIndex; int sortIndicator; enum hdr_type type; dbheader(QString aname = QString()) { init(); name = aname; } dbheader(int aid, bool ashow = false, QString aname = QString(), QString atip = QString()) { init(); id = aid; name = aname; tooltip = atip; show = showDefault = ashow; } virtual ~dbheader() { } bool mustSave() { return size != -1 || visualIndex != -1 || sortIndicator != -1 || show != showDefault; } bool operator == (const dbheader *h) const { if (h->id == HD_undef) return name == h->name; return id == h->id; } bool isNumeric() { switch (id) { case NID_subject_key_identifier: case NID_authority_key_identifier: case HD_key_size: return true; } return type == hd_number; } QString toData() { QStringList sl; sl << QString::number(visualIndex) << QString::number(sortIndicator) << QString::number(size) << QString::number(show); return sl.join(" "); } void fromData(QString s) { QStringList sl = s.split(" "); if (sl.count() != 4) { qCritical() << "Invalid header data for" << id << name << s; return; } visualIndex = sl[0].toInt(); if (visualIndex < -1) visualIndex = -1; sortIndicator = sl[1].toInt(); if (sortIndicator != Qt::AscendingOrder && sortIndicator != Qt::DescendingOrder) sortIndicator = -1; size = sl[2].toInt(); if (size == 0) size = -1; show = sl[3].toInt(); } void setupHeaderView(int sect, QHeaderView *hv) { hv->setSectionHidden(sect, !show); if (size != -1) hv->resizeSection(sect, size); if (sortIndicator != -1) { hv->setSortIndicator(sect, sortIndicator ? Qt::DescendingOrder : Qt::AscendingOrder); } } void reset() { action = NULL; show = showDefault; size = -1; visualIndex = -1; sortIndicator = -1; } }; class nid_dbheader : public dbheader { private: QString sn; public: nid_dbheader(int aid, enum hdr_type atype) : dbheader(aid, aid == NID_commonName) { type = atype; tooltip = dn_translations[id]; name = OBJ_nid2ln(id); sn = OBJ_nid2sn(id); if (tooltip.isEmpty()) tooltip = name; } QString getName() { return Settings["translate_dn"] ? tooltip : name; } QString getTooltip() { return QString("[%1] %2").arg(sn) .arg(Settings["translate_dn"] ? name : tooltip); } }; class num_dbheader : public dbheader { public: num_dbheader(int aid, bool ashow = false, QString aname = QString(), QString atip = QString()) : dbheader(aid, ashow, aname, atip) { type = hd_number; } }; class date_dbheader : public dbheader { public: date_dbheader(int aid, bool ashow = false, QString aname = QString(), QString atip = QString()) : dbheader(aid, ashow, aname, atip) { type = hd_asn1time; } }; class key_dbheader : public dbheader { public: key_dbheader(int aid, QString aname) : dbheader(aid, false, aname) { type = hd_key; } }; class dbheaderList: public QList { public: dbheaderList(dbheader *h) :QList() { append(h); } dbheaderList() :QList() { } QString toData() { QStringList sl; for (int i=0; imustSave()) continue; seq << QString("%1").arg(h->id); if (h->id > 0) { seq << OBJ_obj2QString( OBJ_nid2obj(h->id), 1); } seq << h->toData(); sl << seq.join(":"); } return sl.join(","); } void fromData(QString s) { QStringList sl = s.split(","); foreach(QString hd, sl) { QStringList sl1 = hd.split(":"); int id = sl1.takeFirst().toInt(); if (id > 0) { id = OBJ_txt2nid(CCHAR(sl1.takeFirst())); } for (int i=0; iid == id) { h->fromData(sl1.takeFirst()); break; } } } } }; #endif xca-RELEASE.2.5.0/lib/ipvalidator.h000066400000000000000000000025011450407711300166050ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2018 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __IPVALIDATOR_H #define __IPVALIDATOR_H #include #include #include #include /* Validating IPv4/6 is not as trivial as thought. * - The QHostAddress class requires the network library * and i don't want to add many megabytes for this validator * - I failed to and actually don't want to write my own validator * as there are already thoroughly tested functions. * - inet_pton() does what I want, but * on Windows there is no inet_pton(). * - Openssl validates the result anyway. * So we reduce the validation on windows to the RegEx */ #if !defined(Q_OS_WIN32) #include #include #include #include unsigned char buf[sizeof(struct in6_addr)]; #else #define inet_pton(a,b,c) (1) #endif class ipValidator : public QValidator { public: QValidator::State validate(QString &input, int&) const { if (!QRegularExpression("^[0-9a-fA-F:\\.]*$").match(input).hasMatch()) return Invalid; return inet_pton(AF_INET, CCHAR(input), buf) == 1 || inet_pton(AF_INET6, CCHAR(input), buf) == 1 ? Acceptable : Intermediate; } void fixup(QString &input) const { input = input.toLower(); } }; #endif xca-RELEASE.2.5.0/lib/load_obj.cpp000066400000000000000000000065031450407711300164010ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "load_obj.h" #include "pki_x509.h" #include "pki_evp.h" #include "pki_x509req.h" #include "pki_pkcs7.h" #include "pki_pkcs12.h" #include "pki_multi.h" #include "pki_temp.h" #include "pki_crl.h" load_base::load_base() { filter = QObject::tr("All files ( * )"); caption = ""; } pki_base *load_base::loadItem(const QString &s) { pki_base *pki = newItem(); if (!pki) return NULL; try { pki->fload(s); openssl_error(); } catch (errorEx &err){ delete pki; throw err; } pki->pkiSource = imported; pki->autoIntName(s); pki->setFilename(s); return pki; } pki_base * load_base::newItem() { return NULL; } load_base::~load_base() { } /* Keys */ load_key::load_key() :load_base() { filter = QObject::tr("PKI Keys ( *.pem *.der *.key );; " "PKCS#8 Keys ( *.p8 *.pk8 );; " "Microsoft PVK Keys ( *.pvk );; " "SSH Public Keys ( *.pub );;") + filter; caption = QObject::tr("Import RSA key"); } pki_base * load_key::newItem() { return new pki_evp(); } /* Requests */ load_req::load_req() :load_base() { filter = QObject::tr("PKCS#10 CSR ( *.pem *.der *.csr );; ") + filter; caption = QObject::tr("Import Request"); } pki_base * load_req::newItem() { return new pki_x509req(); } /* Certificates */ load_cert::load_cert() :load_base() { filter = QObject::tr("Certificates ( *.pem *.der *.crt *.cer );;") + filter; caption = QObject::tr("Import X.509 Certificate"); } pki_base * load_cert::newItem() { return new pki_x509(); } /* PKCS#7 Certificates */ load_pkcs7::load_pkcs7() :load_base() { filter = QObject::tr("PKCS#7 data ( *.p7s *.p7m *.p7b );;") + filter; caption = QObject::tr("Import PKCS#7 Certificates"); } pki_base * load_pkcs7::newItem() { return new pki_pkcs7(); } /* PKCS#12 Certificates */ load_pkcs12::load_pkcs12() :load_base() { filter = QObject::tr("PKCS#12 Certificates ( *.p12 *.pfx );;") + filter; caption = QObject::tr("Import PKCS#12 Private Certificate"); } pki_base * load_pkcs12::loadItem(const QString &s) { pki_base *p12 = new pki_pkcs12(s); return p12; } /* Templates */ load_temp::load_temp() :load_base() { filter = QObject::tr("XCA templates ( *.xca );;") + filter; caption = QObject::tr("Import XCA Templates"); } pki_base * load_temp::newItem() { return new pki_temp(); } /* CRLs */ load_crl::load_crl() :load_base() { filter = QObject::tr("Revocation lists ( *.pem *.der *.crl );;") + filter; caption = QObject::tr("Import Certificate Revocation List"); } pki_base * load_crl::newItem() { return new pki_crl(); } /* Database */ load_db::load_db() :load_base() { filter = QObject::tr("XCA Databases ( *.xdb );;") + filter; caption = QObject::tr("Open XCA Database"); } /* Shared library */ load_pkcs11::load_pkcs11() :load_base() { #if defined(Q_OS_WIN32) filter = QObject::tr("PKCS#11 library ( *.dll );;") + filter; #elif defined(Q_OS_MACOS) filter = QObject::tr("PKCS#11 library ( *.dylib *.so );;") + filter; #else filter = QObject::tr("PKCS#11 library ( *.so );;") + filter; #endif caption = QObject::tr("Open PKCS#11 shared library"); } /* General PEM loader */ load_pem::load_pem() :load_base() { filter = QObject::tr("PEM files ( *.pem );;") + filter; caption = QObject::tr("Load PEM encoded file"); } pki_base *load_pem::newItem() { return new pki_multi(); } xca-RELEASE.2.5.0/lib/load_obj.h000066400000000000000000000023111450407711300160370ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __LOAD_OBJ_H #define __LOAD_OBJ_H #include class pki_base; class load_base { public: QString filter; QString caption; load_base(); virtual ~load_base(); virtual pki_base *loadItem(const QString &s); virtual pki_base *newItem(); }; class load_key: public load_base { public: load_key(); pki_base *newItem(); }; class load_req: public load_base { public: load_req(); pki_base *newItem(); }; class load_cert: public load_base { public: load_cert(); pki_base *newItem(); }; class load_pkcs7: public load_base { public: load_pkcs7(); pki_base *newItem(); }; class load_pkcs12: public load_base { public: load_pkcs12(); pki_base *loadItem(const QString &s); }; class load_temp: public load_base { public: load_temp(); pki_base *newItem(); }; class load_crl: public load_base { public: load_crl(); pki_base *newItem(); }; class load_db: public load_base { public: load_db(); }; class load_pkcs11: public load_base { public: load_pkcs11(); }; class load_pem: public load_base { public: load_pem(); pki_base *newItem(); }; #endif xca-RELEASE.2.5.0/lib/main.cpp000066400000000000000000000353761450407711300155660ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #include #include #include #include "widgets/MainWindow.h" #include "ui_MainWindow.h" #include "widgets/XcaApplication.h" #include "XcaWarningCore.h" #include "func.h" #include "xfile.h" #include "main.h" #include "entropy.h" #include "settings.h" #include "database_model.h" #include "pki_multi.h" #include "pki_evp.h" #include "pki_base.h" #include "arguments.h" #include "pki_export.h" #include "db_x509.h" #if defined(Q_OS_WIN32) //For the segfault handler #include #endif #include void migrateOldPaths(); char segv_data[1024]; MainWindow *mainwin = NULL; #if defined(Q_OS_WIN32) static LONG CALLBACK w32_segfault(LPEXCEPTION_POINTERS e) { if (e->ExceptionRecord->ExceptionCode == EXCEPTION_ACCESS_VIOLATION) { if (segv_data[0]) { XCA_WARN(QString(segv_data)); abort(); } return EXCEPTION_CONTINUE_EXECUTION; } else return EXCEPTION_CONTINUE_SEARCH; } #else static void segv_handler_gui(int) { if (segv_data[0]) XCA_WARN(QString(segv_data)); abort(); } #endif class dbg_pattern { QString file, func; unsigned first, last; bool inv; public: bool invert() const { return inv; } dbg_pattern(QString); bool match(const QString &curr_file, const QString &curr_func, int line) const; }; class debug_info { private: QString short_file; QString short_func; int line; static QList patternlist; public: static bool all; static void set_debug(const QString &dbg); debug_info(const QMessageLogContext &c); QString log_prefix() const; bool do_debug() const; static bool isEmpty() { return patternlist.size() == 0; } }; QList debug_info::patternlist; bool debug_info::all = false; dbg_pattern::dbg_pattern(QString part) : first(0), last(INT_MAX), inv(false) { bool ok; if (part[0] == '-') { inv = true; part.remove(0, 1); } file = func = part; QStringList file_num = part.split(":"); if (file_num.size() == 2) { file = file_num[0]; file_num = file_num[1].split("-"); if (file_num.size() == 1) { first = last = file_num[0].toUInt(); } else { if (!file_num[0].isEmpty()) { first = file_num[0].toUInt(&ok); Q_ASSERT(ok); } if (!file_num[1].isEmpty()) { last = file_num[1].toUInt(&ok); Q_ASSERT(ok); } } } qDebug() << "New debug match" << (inv ? "Not" : "") << file << func << first << last; } bool dbg_pattern::match(const QString &curr_file, const QString &curr_func, int line) const { // QTextStream out(stdout); // out << QString("MATCH %1:%2(%3)\n").arg(curr_file).arg(curr_func).arg(line); if (curr_func == func) return true; if (curr_func.endsWith(QString("::%1").arg(func))) return true; if (curr_file != file && !file.endsWith(QString("/%1").arg(curr_file))) return false; if (line >= first && line <= last) return true; return false; } void debug_info::set_debug(const QString &dbg) { bool local_all = false; all = true; if (isEmpty()) { foreach(QString part, dbg.split(",")) { if (part.toLower() == "all") { local_all = true; continue; } dbg_pattern d(part); patternlist.insert(d.invert() ? 0 : patternlist.size(), d); } } all = local_all; } debug_info::debug_info(const QMessageLogContext &ctx) : line(0) { line = ctx.line; if (ctx.file && ctx.line) { int pos; short_file = ctx.file, short_func = ctx.function; pos = short_file.lastIndexOf("/"); short_file.remove(0, pos +1); pos = short_func.indexOf("("); short_func.remove(pos, short_func.size()); pos = short_func.lastIndexOf(" "); short_func.remove(0, pos +1); } //std::cerr << "DBG '" << (ctx.function ?: "(NULL)" )<< "' '" << CCHAR(short_func) << "' " << std::endl; } QString debug_info::log_prefix() const { if (short_file == nullptr && line == 0) return QString(); return QString(" " COL_MAGENTA "%1" COL_GREEN COL_BOLD ":%2 " COL_BLUE "%3") .arg(short_file).arg(line).arg(short_func); } bool debug_info::do_debug() const { foreach(dbg_pattern pattern, patternlist) { if (pattern.match(short_file, short_func, line)) return !pattern.invert(); } return all; } void myMessageOutput(QtMsgType type, const QMessageLogContext &ctx, const QString &msg) { static QElapsedTimer *t; static int abort_on_warning = -1; const char *severity = "Unknown", *warn_msg = NULL; int el; if (!t) { t = new QElapsedTimer(); t->start(); } if (abort_on_warning == -1) { char *a = getenv("XCA_ABORT_ON_WARNING"); abort_on_warning = a && *a; } debug_info dinfo(ctx); el = t->elapsed(); switch (type) { case QtDebugMsg: if (!dinfo.do_debug()) return; severity = COL_CYAN "Debug"; break; case QtWarningMsg: warn_msg = "WARNING"; severity = COL_LRED "Warning"; break; case QtCriticalMsg: warn_msg = "CRITICAL"; severity = COL_RED "Critical"; break; case QtFatalMsg: warn_msg = "FATAL"; severity = COL_RED "Fatal"; break; case QtInfoMsg: severity = COL_CYAN "Info"; break; default: severity = COL_CYAN "Default"; break; } console_write(stderr, QString(COL_YELL "%1%2 %3:%5" COL_RESET " %4\n") .arg(el/1000, 4) .arg((el%1000)/100, 2, 10, QChar('0')) .arg(severity).arg(msg) .arg(dinfo.log_prefix()).toUtf8()); if (abort_on_warning == 1 && warn_msg) { qFatal("Abort on %s", warn_msg); } } static void cmd_version(FILE *fp) { console_write(fp, QString(XCA_TITLE "\nVersion %1\n") .arg(version_str(false)).toUtf8()); } const char *xca_name = "xca"; static void cmd_help(int exitcode = EXIT_SUCCESS, const char *msg = NULL) { FILE *fp = exitcode == EXIT_SUCCESS ? stdout : stderr; QString s; cmd_version(fp); s = QString("\nUsage %1 ...\n\n%2\n") .arg(xca_name).arg(arguments::help()); if (msg) s += QString("\nError: %1\n").arg(msg); console_write(fp, s.toUtf8()); exit(exitcode); } static Passwd acquire_password(QString source) { Passwd pass; pass.append(source.toUtf8()); if (source == "stdin") source = "fd:0"; if (source.startsWith("pass:")) { pass = source.mid(5).toLatin1(); } else if (source.startsWith("file:")) { XFile f(source.mid(5)); f.open_read(); pass = f.readLine(128).trimmed(); } else if (source.startsWith("env:")) { pass = getenv(source.mid(4).toLocal8Bit()); } else if (source.startsWith("fd:")) { int fd = source.mid(3).toInt(); QFile f; f.open(fd, QIODevice::ReadOnly); pass = f.readLine(128).trimmed(); } return pass; } static bool compare_pki_base(pki_base* a, pki_base* b) { return (a->getSqlItemId().toULongLong() < b->getSqlItemId().toULongLong()); } static pki_multi *cmdline_items; static void read_cmdline(int argc, char *argv[], bool console_only) { arguments cmd_opts(argc, argv); pki_evp::passwd = acquire_password(cmd_opts["password"]); Passwd sqlpw = acquire_password(cmd_opts["sqlpass"]); if (cmd_opts.has("verbose")) { QString all = cmd_opts["verbose"]; debug_info::set_debug(all.isEmpty() ? QString("all") : all); } if (!cmd_opts.has("password") && console_only) database_model::open_without_password = true; if (cmd_opts.has("database")) Database.open(cmd_opts["database"], sqlpw); cmdline_items = new pki_multi(); foreach(QString file, cmd_opts.getFiles()) { qDebug() << "Probe" << file; cmdline_items->probeAnything(file); } QStringList names = cmd_opts["import-names"].split(";"); foreach(pki_base *pki, cmdline_items->get()) { if (names.isEmpty()) break; QString name = names.takeFirst(); if (!name.isEmpty()) pki->setIntName(name); } if (cmdline_items->failed_files.size() > 0) { XCA_WARN(QString("Failed to import from '%1'") .arg(cmdline_items->failed_files.join("' '"))); } if (cmd_opts.needDb() && !Database.isOpen()) { /* We need a database for the following operations * but there is none, yet. Try the default database */ try { Database.open(QString()); } catch (errorEx &err) { cmd_help(EXIT_FAILURE, CCHAR(err.getString())); } catch (enum open_result opt) { static const char * const msg[] = { /* pw_cancel */ "Password input aborted", /* pw_ok */ "Password accepted??", /* pw_exit */ "Exit selected", /* open_abort*/ "No database given", }; cmd_help(EXIT_FAILURE, msg[opt]); } } database_model::open_without_password = false; if (cmd_opts.has("list-curves")) { QStringList list; foreach(const builtin_curve &c, builtinCurves) { list << QString(COL_YELL "%1" COL_RESET "%2") .arg(OBJ_nid2sn(c.nid), -26) .arg(c.comment); } console_write(stdout, list.join("\n").toUtf8() + '\n'); } if (cmd_opts.has("list-items")) { QStringList list; QList items = Store.getAll(); std::sort(items.begin(), items.end(), compare_pki_base); foreach(pki_base *pki, items) { list << QString(COL_YELL "%1 " COL_GREEN "%2 " COL_RESET "%3") .arg(pki->getSqlItemId().toString(), 7) .arg(pki->getTypeString(), -27) .arg(pki->getIntName()); } console_write(stdout, list.join("\n").toUtf8() + '\n'); } if (!cmd_opts["index"].isEmpty()) { qDebug() << cmd_opts["index"]; db_x509 *certs = Database.model(); certs->writeIndex(cmd_opts["index"], false); XCA_INFO(QObject::tr("Index file written to '%1'") .arg(cmd_opts["index"])); } if (!cmd_opts["hierarchy"].isEmpty()) { qDebug() << cmd_opts["hierarchy"]; db_x509 *certs = Database.model(); certs->writeIndex(cmd_opts["hierarchy"], true); XCA_INFO(QObject::tr("Index hierarchy written to '%1'") .arg(cmd_opts["hierarchy"])); } if (cmd_opts.has("help")) cmd_help(); if (cmd_opts.has("version")) cmd_version(stdout); if (cmd_opts.has("keygen")) { keyjob task(cmd_opts["keygen"]); if (!task.isValid()) { Database.close(); throw errorEx(QObject::tr("Unknown key type %1") .arg(cmd_opts["keygen"])); } db_key *keys = Database.model(); pki_key *pki = keys->newKey(task, cmd_opts["name"]); if (pki) cmdline_items->append_item(pki); } if (cmd_opts.has("issuers")) { QStringList out; db_x509 *certs = Database.model(); QListissuers = certs->getAllIssuers(); std::sort(issuers.begin(), issuers.end(), compare_pki_base); foreach(pki_x509 *iss, issuers) { pki_key *key = iss->getRefKey(); QString keytype = key ? key->getTypeString() : ""; out << QString(COL_YELL "%1 " COL_GREEN "%2 " COL_RESET "%3") .arg(iss->getSqlItemId().toULongLong(), 7) .arg(keytype, -13) .arg(iss->getIntName()); } console_write(stdout, out.join("\n").toUtf8() + '\n'); } if (cmd_opts.has("crlgen")) { db_crl *crls = Database.model(); db_x509 *certs = Database.model(); QListissuers = certs->getAllIssuers(); pki_x509 *issuer = NULL; QString ca = cmd_opts["crlgen"]; foreach(pki_x509 *iss, issuers) { if (iss->getIntName() == ca || iss->getSqlItemId().toString() == ca) { issuer = iss; break; } } if (!issuer) { XCA_ERROR(QString("Issuer '%1' not found") .arg(cmd_opts["crlgen"])); } else { crljob task(issuer); pki_crl *crl = crls->newCrl(task, cmd_opts["name"]); if (crl) cmdline_items->append_item(crl); } } if (!cmd_opts["select"].isEmpty()) { foreach(QString item, cmd_opts["select"].split(",")) { bool ok; qDebug() << "Select" << item; qulonglong id = item.toULongLong(&ok); pki_base *pki = Store.lookupPki(QVariant(id)); if (pki) cmdline_items->append_item(pki); } } BioByteArray bba; foreach(pki_base *pki, cmdline_items->get()) { QString filename = pki->getFilename(); if ((cmd_opts.has("text") || cmd_opts.has("print")) && filename.size() > 0) { bba += QString("\n" COL_GREEN COL_UNDER "File: %1" COL_RESET "\n").arg(filename).toUtf8(); } if (cmd_opts.has("print")) pki->print(bba, pki_base::print_coloured); if (cmd_opts.has("text")) pki->print(bba, pki_base::print_openssl_txt); if (cmd_opts.has("pem")) pki->print(bba, pki_base::print_pem); } if (bba.size() > 0) console_write(stdout, bba); if (cmd_opts.has("import")) { Database.insert(cmdline_items); cmdline_items = NULL; } } int main(int argc, char *argv[]) { const char *xca_special = getenv("XCA_ARGUMENTS"); if (xca_special && *xca_special) { puts(CCHAR(arguments::doc(xca_special))); return 0; } qInstallMessageHandler(myMessageOutput); { const char *d = getenv("XCA_DEBUG"); if (d && *d) debug_info::set_debug(QString(d)); } #if defined(Q_OS_WIN32) // If no style provided externally if (!QApplication::style()) QApplication::setStyle("Fusion"); AttachConsole(-1); int wargc; wchar_t **wargv = CommandLineToArgvW(GetCommandLineW(), &wargc); if (wargv && wargc) { int i; if (argc != wargc) qWarning() << "argc != wargc" << argc << wargc; if (argc > wargc) argc = wargc; qDebug() << "wargc" << wargc << argc; for (i = 0; i < argc; i++) { QString s = QString::fromWCharArray(wargv[i]); QByteArray ba = s.toUtf8(); argv[i] = strdup(ba.constData()); qDebug() << "wargv" << i << argv[i] << s; } argv[i] = NULL; LocalFree(wargv); } SetUnhandledExceptionFilter(w32_segfault); #else signal(SIGSEGV, segv_handler_gui); #endif if (argc > 0) xca_name = argv[0]; bool console_only = arguments::is_console(argc, argv); XcaApplication *gui = nullptr; QCoreApplication *coreApp = nullptr; #if !defined(Q_OS_WIN32) if (console_only) { coreApp = new QCoreApplication(argc, argv); } else #endif { /* On windows, always instantiate a GUI app */ coreApp = gui = new XcaApplication(argc, argv); is_gui_app = true; } coreApp->setApplicationName(PACKAGE_TARNAME); coreApp->setOrganizationDomain("de.hohnstaedt"); coreApp->setApplicationVersion(XCA_VERSION); xcaWarning::setGui(new xcaWarningCore()); migrateOldPaths(); Entropy entropy; Settings.clear(); try { initOIDs(); } catch (errorEx &e) { XCA_ERROR(e); } for (int i=0; i < argc; i++) qDebug() << "wargv" << argc << i << argv[i]; try { if (gui && !console_only) { mainwin = new MainWindow(); gui->setMainwin(mainwin); read_cmdline(argc, argv, console_only); mainwin->importMulti(cmdline_items, 1); cmdline_items = NULL; enum open_result r = open_abort; if (!Database.isOpen()) r = mainwin->init_database(QString()); else r = mainwin->setup_open_database(); qDebug() << "PWret" << r << pw_cancel << pw_ok; if (r != pw_exit) { mainwin->show(); gui->exec(); } } else { read_cmdline(argc, argv, console_only); delete cmdline_items; } } catch (errorEx &ex) { XCA_ERROR(ex); } catch (enum open_result r) { qDebug() << "DB open failed: " << r; } Database.close(); qDebug() << "pki_base::count" << pki_base::allitems.size(); foreach(pki_base *pki, pki_base::allitems) qDebug() << "Remaining" << pki->getClassName() << pki->getIntName(); delete mainwin; delete gui; pki_export::free_elements(); #if defined(Q_OS_WIN32) FreeConsole(); #endif return EXIT_SUCCESS; } xca-RELEASE.2.5.0/lib/main.h000066400000000000000000000006231450407711300152160ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __MAIN_H #define __MAIN_H #include class pki_multi; class MainWindow; extern MainWindow *mainwin; extern char segv_data[1024]; //extern bool exitApp; pki_multi *probeAnything(const QString &, int *ret = NULL); int exportIndex(const QString &fname, bool hierarchy); #endif xca-RELEASE.2.5.0/lib/oid.cpp000066400000000000000000000123521450407711300154020ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2014 Christian Hohnstaedt. * * All rights reserved. */ /* here we have the possibility to add our own OIDS */ #include #include #include #include #include #include #include "func.h" #include "oid.h" #include "XcaWarningCore.h" int first_additional_oid = 0; NIDlist extkeyuse_nid; NIDlist distname_nid; QMap oid_name_clash; QMap oid_lower_map; static void addToLowerMap(int nid) { QString n = OBJ_nid2sn(nid); QString l = n.toLower(); if (n != l) oid_lower_map[l] = nid; n = OBJ_nid2ln(nid); l = n.toLower(); if (n != l) oid_lower_map[l] = nid; } /* reads additional OIDs from a file: oid, sn, ln */ static void insert_new_oid(const QStringList &sl, QString fname, int line) { bool differs = false; QByteArray in_use, oid, sn, ln; if (sl.count() != 3) { XCA_WARN(QObject::tr("Error reading config file %1 at line %2") .arg(fname).arg(line)); return; } oid = sl[0].toLatin1(); sn = sl[1].toLatin1(); ln = sl[2].toLatin1(); int nid = OBJ_txt2nid(oid.constData()); if (nid != NID_undef) { /* OID already known by OpenSSL */ if (sn != OBJ_nid2sn(nid)) { /* ... but with a different ShortName */ qWarning() << "OID: " << oid << "SN differs: " << sn << " " << OBJ_nid2sn(nid); oid_name_clash[sn] = OBJ_nid2sn(nid); differs = true; } if (ln != OBJ_nid2ln(nid)) { /* ... but with a different LongName */ qWarning() << "OID: " << oid << "LN differs: " << ln << " " << OBJ_nid2ln(nid); oid_name_clash[ln] = OBJ_nid2ln(nid); differs = true; } } else { /* Check whether ShortName or LongName are already in use * for a different OID */ if (OBJ_txt2nid(sn.constData()) != NID_undef) in_use = sn; if (OBJ_txt2nid(ln.constData()) != NID_undef) in_use = ln; } ign_openssl_error(); if (differs) { /* OID exists with different SN or LN. The differing names * are added as "alias" in "oid_name_clash" used when loading * dn.txt and eku.txt */ XCA_WARN(QObject::tr("The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed.") .arg(sl.join(":")).arg(fname).arg(line) .arg(OBJ_obj2QString(OBJ_nid2obj(nid), 1)) .arg(OBJ_nid2sn(nid)).arg(OBJ_nid2ln(nid)) ); } else if (!in_use.isEmpty()) { /* OID does not exist, but SN or LN however do. * Do NOT create OID and tell the user about */ nid = OBJ_txt2nid(in_use.constData()); XCA_WARN(QObject::tr("The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts.") .arg(in_use.constData()) .arg(oid.constData()) .arg(fname).arg(line) .arg(OBJ_obj2QString(OBJ_nid2obj(nid), 1)) .arg(OBJ_nid2sn(nid)).arg(OBJ_nid2ln(nid)) ); } else if (nid == NID_undef) { nid=OBJ_create(oid.constData(), sn.constData(), ln.constData()); qDebug() << "Creating OID:" << fname << line << nid << oid << sn << ln; try { openssl_error(); addToLowerMap(nid); } catch (errorEx &e) { errorEx err(errorEx(e.getString() + QString("%1:%2 OID: %3") .arg(fname).arg(line).arg(oid.constData()))); XCA_ERROR(err); } } } static void readOIDs(const QString &fname) { int line = 0; QFile file(fname); if (!file.open(QIODevice::ReadOnly)) return; qDebug() << "Read additional OIDs from" << fname; QTextStream in(&file); while (!in.atEnd()) { QString entry = in.readLine().trimmed(); line++; if (entry.startsWith('#') || entry.isEmpty()) continue; insert_new_oid(entry.split(QRegularExpression("\\s*:\\s*")), fname, line); } } /* reads a list of OIDs/SNs from a file and turns them into a QValueList * of integers, representing the NIDs. Usually to be used by NewX509 for * the list of ExtendedKeyUsage and Distinguished Name */ static NIDlist readNIDlist(const QString &fname) { int line = 0, nid; NIDlist nl; QFile file(fname); if (!file.open(QIODevice::ReadOnly)) return nl; QTextStream in(&file); while (!in.atEnd()) { const char *userdefined; QString entry = in.readLine().trimmed(); line++; if (entry.startsWith('#') || entry.isEmpty()) continue; userdefined = oid_name_clash[entry]; if (userdefined) entry = userdefined; nid = OBJ_txt2nid(CCHAR(entry)); if (nid == NID_undef) XCA_WARN(QObject::tr("Unknown object '%1' in file %2 line %3") .arg(entry).arg(fname).arg(line)); else nl += nid; } openssl_error(); return nl; } /* creates a new nid list from the given filename */ static NIDlist read_nidlist(const QString &name) { NIDlist nl; foreach(QString d, QStandardPaths::standardLocations( QStandardPaths::AppDataLocation)) { nl = readNIDlist(d + "/" + name); qDebug() << "Read" << nl.count() << "NIDs from" << d + "/" + name; if (nl.count() > 0) break; } return nl; } void initOIDs() { first_additional_oid = OBJ_new_nid(0); openssl_error(); for (int i=0; i #include typedef QList NIDlist; extern NIDlist extkeyuse_nid; extern NIDlist distname_nid; extern int first_additional_oid; extern QMap oid_name_clash; extern QMap oid_lower_map; /* reads additional OIDs from a file: oid, sn, ln */ void initOIDs(); #endif xca-RELEASE.2.5.0/lib/opensc-pkcs11.h000066400000000000000000001236531450407711300166720ustar00rootroot00000000000000/* pkcs11.h Copyright 2006, 2007 g10 Code GmbH Copyright 2006 Andreas Jellinghaus This file is free software; as a special exception the author gives unlimited permission to copy and/or distribute it, with or without modifications, as long as this notice is preserved. This file is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY, to the extent permitted by law; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. */ /* Please submit changes back to the Scute project at http://www.scute.org/ (or send them to marcus@g10code.com), so that they can be picked up by other projects from there as well. */ /* This file is a modified implementation of the PKCS #11 standard by RSA Security Inc. It is mostly a drop-in replacement, with the following change: This header file does not require any macro definitions by the user (like CK_DEFINE_FUNCTION etc). In fact, it defines those macros for you (if useful, some are missing, let me know if you need more). There is an additional API available that does comply better to the GNU coding standard. It can be switched on by defining CRYPTOKI_GNU before including this header file. For this, the following changes are made to the specification: All structure types are changed to a "struct ck_foo" where CK_FOO is the type name in PKCS #11. All non-structure types are changed to ck_foo_t where CK_FOO is the lowercase version of the type name in PKCS #11. The basic types (CK_ULONG et al.) are removed without substitute. All members of structures are modified in the following way: Type indication prefixes are removed, and underscore characters are inserted before words. Then the result is lowercased. Note that function names are still in the original case, as they need for ABI compatibility. CK_FALSE, CK_TRUE and NULL_PTR are removed without substitute. Use . If CRYPTOKI_COMPAT is defined before including this header file, then none of the API changes above take place, and the API is the one defined by the PKCS #11 standard. */ #ifndef PKCS11_H #define PKCS11_H 1 #if defined(__cplusplus) extern "C" { #endif /* The version of cryptoki we implement. The revision is changed with each modification of this file. If you do not use the "official" version of this file, please consider deleting the revision macro (you may use a macro with a different name to keep track of your versions). */ #define CRYPTOKI_VERSION_MAJOR 2 #define CRYPTOKI_VERSION_MINOR 20 #define CRYPTOKI_VERSION_REVISION 6 /* Compatibility interface is default, unless CRYPTOKI_GNU is given. */ #ifndef CRYPTOKI_GNU #ifndef CRYPTOKI_COMPAT #define CRYPTOKI_COMPAT 1 #endif #endif /* System dependencies. */ #if defined(_WIN32) || defined(CRYPTOKI_FORCE_WIN32) /* There is a matching pop below. */ #pragma pack(push, cryptoki, 1) #ifdef CRYPTOKI_EXPORTS #define CK_SPEC __declspec(dllexport) #else #define CK_SPEC __declspec(dllimport) #endif #else #define CK_SPEC #endif #ifdef CRYPTOKI_COMPAT /* If we are in compatibility mode, switch all exposed names to the PKCS #11 variant. There are corresponding #undefs below. */ #define ck_flags_t CK_FLAGS #define ck_version _CK_VERSION #define ck_info _CK_INFO #define cryptoki_version cryptokiVersion #define manufacturer_id manufacturerID #define library_description libraryDescription #define library_version libraryVersion #define ck_notification_t CK_NOTIFICATION #define ck_slot_id_t CK_SLOT_ID #define ck_slot_info _CK_SLOT_INFO #define slot_description slotDescription #define hardware_version hardwareVersion #define firmware_version firmwareVersion #define ck_token_info _CK_TOKEN_INFO #define serial_number serialNumber #define max_session_count ulMaxSessionCount #define session_count ulSessionCount #define max_rw_session_count ulMaxRwSessionCount #define rw_session_count ulRwSessionCount #define max_pin_len ulMaxPinLen #define min_pin_len ulMinPinLen #define total_public_memory ulTotalPublicMemory #define free_public_memory ulFreePublicMemory #define total_private_memory ulTotalPrivateMemory #define free_private_memory ulFreePrivateMemory #define utc_time utcTime #define ck_session_handle_t CK_SESSION_HANDLE #define ck_user_type_t CK_USER_TYPE #define ck_state_t CK_STATE #define ck_session_info _CK_SESSION_INFO #define slot_id slotID #define device_error ulDeviceError #define ck_object_handle_t CK_OBJECT_HANDLE #define ck_object_class_t CK_OBJECT_CLASS #define ck_hw_feature_type_t CK_HW_FEATURE_TYPE #define ck_key_type_t CK_KEY_TYPE #define ck_certificate_type_t CK_CERTIFICATE_TYPE #define ck_attribute_type_t CK_ATTRIBUTE_TYPE #define ck_attribute _CK_ATTRIBUTE #define value pValue #define value_len ulValueLen #define ck_date _CK_DATE #define ck_mechanism_type_t CK_MECHANISM_TYPE #define ck_mechanism _CK_MECHANISM #define parameter pParameter #define parameter_len ulParameterLen #define ck_mechanism_info _CK_MECHANISM_INFO #define min_key_size ulMinKeySize #define max_key_size ulMaxKeySize #define ck_rv_t CK_RV #define ck_notify_t CK_NOTIFY #define ck_function_list _CK_FUNCTION_LIST #define ck_createmutex_t CK_CREATEMUTEX #define ck_destroymutex_t CK_DESTROYMUTEX #define ck_lockmutex_t CK_LOCKMUTEX #define ck_unlockmutex_t CK_UNLOCKMUTEX #define ck_c_initialize_args _CK_C_INITIALIZE_ARGS #define create_mutex CreateMutex #define destroy_mutex DestroyMutex #define lock_mutex LockMutex #define unlock_mutex UnlockMutex #define reserved pReserved #endif /* CRYPTOKI_COMPAT */ typedef unsigned long ck_flags_t; struct ck_version { unsigned char major; unsigned char minor; }; struct ck_info { struct ck_version cryptoki_version; unsigned char manufacturer_id[32]; ck_flags_t flags; unsigned char library_description[32]; struct ck_version library_version; }; typedef unsigned long ck_notification_t; #define CKN_SURRENDER (0) typedef unsigned long ck_slot_id_t; struct ck_slot_info { unsigned char slot_description[64]; unsigned char manufacturer_id[32]; ck_flags_t flags; struct ck_version hardware_version; struct ck_version firmware_version; }; #define CKF_TOKEN_PRESENT (1 << 0) #define CKF_REMOVABLE_DEVICE (1 << 1) #define CKF_HW_SLOT (1 << 2) #define CKF_ARRAY_ATTRIBUTE (1 << 30) struct ck_token_info { unsigned char label[32]; unsigned char manufacturer_id[32]; unsigned char model[16]; unsigned char serial_number[16]; ck_flags_t flags; unsigned long max_session_count; unsigned long session_count; unsigned long max_rw_session_count; unsigned long rw_session_count; unsigned long max_pin_len; unsigned long min_pin_len; unsigned long total_public_memory; unsigned long free_public_memory; unsigned long total_private_memory; unsigned long free_private_memory; struct ck_version hardware_version; struct ck_version firmware_version; unsigned char utc_time[16]; }; #define CKF_RNG (1 << 0) #define CKF_WRITE_PROTECTED (1 << 1) #define CKF_LOGIN_REQUIRED (1 << 2) #define CKF_USER_PIN_INITIALIZED (1 << 3) #define CKF_RESTORE_KEY_NOT_NEEDED (1 << 5) #define CKF_CLOCK_ON_TOKEN (1 << 6) #define CKF_PROTECTED_AUTHENTICATION_PATH (1 << 8) #define CKF_DUAL_CRYPTO_OPERATIONS (1 << 9) #define CKF_TOKEN_INITIALIZED (1 << 10) #define CKF_SECONDARY_AUTHENTICATION (1 << 11) #define CKF_USER_PIN_COUNT_LOW (1 << 16) #define CKF_USER_PIN_FINAL_TRY (1 << 17) #define CKF_USER_PIN_LOCKED (1 << 18) #define CKF_USER_PIN_TO_BE_CHANGED (1 << 19) #define CKF_SO_PIN_COUNT_LOW (1 << 20) #define CKF_SO_PIN_FINAL_TRY (1 << 21) #define CKF_SO_PIN_LOCKED (1 << 22) #define CKF_SO_PIN_TO_BE_CHANGED (1 << 23) #define CKF_EC_F_P (1 << 20) #define CKF_EC_F_2M (1 << 21) #define CKF_EC_ECPARAMETERS (1 << 22) #define CKF_EC_NAMEDCURVE (1 << 23) #define CKF_EC_UNCOMPRESS (1 << 24) #define CKF_EC_COMPRESS (1 << 25) #define CK_UNAVAILABLE_INFORMATION ((unsigned long) -1) #define CK_EFFECTIVELY_INFINITE (0) typedef unsigned long ck_session_handle_t; #define CK_INVALID_HANDLE (0) typedef unsigned long ck_user_type_t; #define CKU_SO (0) #define CKU_USER (1) #define CKU_CONTEXT_SPECIFIC (2) typedef unsigned long ck_state_t; #define CKS_RO_PUBLIC_SESSION (0) #define CKS_RO_USER_FUNCTIONS (1) #define CKS_RW_PUBLIC_SESSION (2) #define CKS_RW_USER_FUNCTIONS (3) #define CKS_RW_SO_FUNCTIONS (4) struct ck_session_info { ck_slot_id_t slot_id; ck_state_t state; ck_flags_t flags; unsigned long device_error; }; #define CKF_RW_SESSION (1 << 1) #define CKF_SERIAL_SESSION (1 << 2) typedef unsigned long ck_object_handle_t; typedef unsigned long ck_object_class_t; #define CKO_DATA (0) #define CKO_CERTIFICATE (1) #define CKO_PUBLIC_KEY (2) #define CKO_PRIVATE_KEY (3) #define CKO_SECRET_KEY (4) #define CKO_HW_FEATURE (5) #define CKO_DOMAIN_PARAMETERS (6) #define CKO_MECHANISM (7) #define CKO_VENDOR_DEFINED ((unsigned long) (1 << 31)) typedef unsigned long ck_hw_feature_type_t; #define CKH_MONOTONIC_COUNTER (1) #define CKH_CLOCK (2) #define CKH_USER_INTERFACE (3) #define CKH_VENDOR_DEFINED ((unsigned long) (1 << 31)) typedef unsigned long ck_key_type_t; #define CKK_RSA (0) #define CKK_DSA (1) #define CKK_DH (2) #define CKK_ECDSA (3) #define CKK_EC (3) #define CKK_X9_42_DH (4) #define CKK_KEA (5) #define CKK_GENERIC_SECRET (0x10) #define CKK_RC2 (0x11) #define CKK_RC4 (0x12) #define CKK_DES (0x13) #define CKK_DES2 (0x14) #define CKK_DES3 (0x15) #define CKK_CAST (0x16) #define CKK_CAST3 (0x17) #define CKK_CAST128 (0x18) #define CKK_RC5 (0x19) #define CKK_IDEA (0x1a) #define CKK_SKIPJACK (0x1b) #define CKK_BATON (0x1c) #define CKK_JUNIPER (0x1d) #define CKK_CDMF (0x1e) #define CKK_AES (0x1f) #define CKK_BLOWFISH (0x20) #define CKK_TWOFISH (0x21) #define CKK_EC_EDWARDS (0x40) #define CKK_EC_MONTGOMERY (0x41) #define CKK_VENDOR_DEFINED ((unsigned long) (1 << 31)) typedef unsigned long ck_certificate_type_t; #define CKC_X_509 (0) #define CKC_X_509_ATTR_CERT (1) #define CKC_WTLS (2) #define CKC_VENDOR_DEFINED ((unsigned long) (1 << 31)) typedef unsigned long ck_attribute_type_t; #define CKA_CLASS (0UL) #define CKA_TOKEN (1UL) #define CKA_PRIVATE (2UL) #define CKA_LABEL (3UL) #define CKA_APPLICATION (0x10UL) #define CKA_VALUE (0x11UL) #define CKA_OBJECT_ID (0x12UL) #define CKA_CERTIFICATE_TYPE (0x80UL) #define CKA_ISSUER (0x81UL) #define CKA_SERIAL_NUMBER (0x82UL) #define CKA_AC_ISSUER (0x83UL) #define CKA_OWNER (0x84UL) #define CKA_ATTR_TYPES (0x85UL) #define CKA_TRUSTED (0x86UL) #define CKA_CERTIFICATE_CATEGORY (0x87UL) #define CKA_JAVA_MIDP_SECURITY_DOMAIN (0x88UL) #define CKA_URL (0x89UL) #define CKA_HASH_OF_SUBJECT_PUBLIC_KEY (0x8aUL) #define CKA_HASH_OF_ISSUER_PUBLIC_KEY (0x8bUL) #define CKA_CHECK_VALUE (0x90UL) #define CKA_KEY_TYPE (0x100UL) #define CKA_SUBJECT (0x101UL) #define CKA_ID (0x102UL) #define CKA_SENSITIVE (0x103UL) #define CKA_ENCRYPT (0x104UL) #define CKA_DECRYPT (0x105UL) #define CKA_WRAP (0x106UL) #define CKA_UNWRAP (0x107UL) #define CKA_SIGN (0x108UL) #define CKA_SIGN_RECOVER (0x109UL) #define CKA_VERIFY (0x10aUL) #define CKA_VERIFY_RECOVER (0x10bUL) #define CKA_DERIVE (0x10cUL) #define CKA_START_DATE (0x110UL) #define CKA_END_DATE (0x111UL) #define CKA_MODULUS (0x120UL) #define CKA_MODULUS_BITS (0x121UL) #define CKA_PUBLIC_EXPONENT (0x122UL) #define CKA_PRIVATE_EXPONENT (0x123UL) #define CKA_PRIME_1 (0x124UL) #define CKA_PRIME_2 (0x125UL) #define CKA_EXPONENT_1 (0x126UL) #define CKA_EXPONENT_2 (0x127UL) #define CKA_COEFFICIENT (0x128UL) #define CKA_PRIME (0x130UL) #define CKA_SUBPRIME (0x131UL) #define CKA_BASE (0x132UL) #define CKA_PRIME_BITS (0x133UL) #define CKA_SUB_PRIME_BITS (0x134UL) #define CKA_VALUE_BITS (0x160UL) #define CKA_VALUE_LEN (0x161UL) #define CKA_EXTRACTABLE (0x162UL) #define CKA_LOCAL (0x163UL) #define CKA_NEVER_EXTRACTABLE (0x164UL) #define CKA_ALWAYS_SENSITIVE (0x165UL) #define CKA_KEY_GEN_MECHANISM (0x166UL) #define CKA_MODIFIABLE (0x170UL) #define CKA_ECDSA_PARAMS (0x180UL) #define CKA_EC_PARAMS (0x180UL) #define CKA_EC_POINT (0x181UL) #define CKA_SECONDARY_AUTH (0x200UL) #define CKA_AUTH_PIN_FLAGS (0x201UL) #define CKA_ALWAYS_AUTHENTICATE (0x202UL) #define CKA_WRAP_WITH_TRUSTED (0x210UL) #define CKA_HW_FEATURE_TYPE (0x300UL) #define CKA_RESET_ON_INIT (0x301UL) #define CKA_HAS_RESET (0x302UL) #define CKA_PIXEL_X (0x400UL) #define CKA_PIXEL_Y (0x401UL) #define CKA_RESOLUTION (0x402UL) #define CKA_CHAR_ROWS (0x403UL) #define CKA_CHAR_COLUMNS (0x404UL) #define CKA_COLOR (0x405UL) #define CKA_BITS_PER_PIXEL (0x406UL) #define CKA_CHAR_SETS (0x480UL) #define CKA_ENCODING_METHODS (0x481UL) #define CKA_MIME_TYPES (0x482UL) #define CKA_MECHANISM_TYPE (0x500UL) #define CKA_REQUIRED_CMS_ATTRIBUTES (0x501UL) #define CKA_DEFAULT_CMS_ATTRIBUTES (0x502UL) #define CKA_SUPPORTED_CMS_ATTRIBUTES (0x503UL) #define CKA_WRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x211UL) #define CKA_UNWRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x212UL) #define CKA_ALLOWED_MECHANISMS (CKF_ARRAY_ATTRIBUTE | 0x600UL) #define CKA_VENDOR_DEFINED ((unsigned long) (1 << 31)) struct ck_attribute { ck_attribute_type_t type; void *value; unsigned long value_len; }; struct ck_date { unsigned char year[4]; unsigned char month[2]; unsigned char day[2]; }; typedef unsigned long ck_mechanism_type_t; #define CKM_RSA_PKCS_KEY_PAIR_GEN (0) #define CKM_RSA_PKCS (1) #define CKM_RSA_9796 (2) #define CKM_RSA_X_509 (3) #define CKM_MD2_RSA_PKCS (4) #define CKM_MD5_RSA_PKCS (5) #define CKM_SHA1_RSA_PKCS (6) #define CKM_RIPEMD128_RSA_PKCS (7) #define CKM_RIPEMD160_RSA_PKCS (8) #define CKM_RSA_PKCS_OAEP (9) #define CKM_RSA_X9_31_KEY_PAIR_GEN (0xa) #define CKM_RSA_X9_31 (0xb) #define CKM_SHA1_RSA_X9_31 (0xc) #define CKM_RSA_PKCS_PSS (0xd) #define CKM_SHA1_RSA_PKCS_PSS (0xe) #define CKM_DSA_KEY_PAIR_GEN (0x10) #define CKM_DSA (0x11) #define CKM_DSA_SHA1 (0x12) #define CKM_DH_PKCS_KEY_PAIR_GEN (0x20) #define CKM_DH_PKCS_DERIVE (0x21) #define CKM_X9_42_DH_KEY_PAIR_GEN (0x30) #define CKM_X9_42_DH_DERIVE (0x31) #define CKM_X9_42_DH_HYBRID_DERIVE (0x32) #define CKM_X9_42_MQV_DERIVE (0x33) #define CKM_SHA256_RSA_PKCS (0x40) #define CKM_SHA384_RSA_PKCS (0x41) #define CKM_SHA512_RSA_PKCS (0x42) #define CKM_SHA256_RSA_PKCS_PSS (0x43) #define CKM_SHA384_RSA_PKCS_PSS (0x44) #define CKM_SHA512_RSA_PKCS_PSS (0x45) #define CKM_RC2_KEY_GEN (0x100) #define CKM_RC2_ECB (0x101) #define CKM_RC2_CBC (0x102) #define CKM_RC2_MAC (0x103) #define CKM_RC2_MAC_GENERAL (0x104) #define CKM_RC2_CBC_PAD (0x105) #define CKM_RC4_KEY_GEN (0x110) #define CKM_RC4 (0x111) #define CKM_DES_KEY_GEN (0x120) #define CKM_DES_ECB (0x121) #define CKM_DES_CBC (0x122) #define CKM_DES_MAC (0x123) #define CKM_DES_MAC_GENERAL (0x124) #define CKM_DES_CBC_PAD (0x125) #define CKM_DES2_KEY_GEN (0x130) #define CKM_DES3_KEY_GEN (0x131) #define CKM_DES3_ECB (0x132) #define CKM_DES3_CBC (0x133) #define CKM_DES3_MAC (0x134) #define CKM_DES3_MAC_GENERAL (0x135) #define CKM_DES3_CBC_PAD (0x136) #define CKM_CDMF_KEY_GEN (0x140) #define CKM_CDMF_ECB (0x141) #define CKM_CDMF_CBC (0x142) #define CKM_CDMF_MAC (0x143) #define CKM_CDMF_MAC_GENERAL (0x144) #define CKM_CDMF_CBC_PAD (0x145) #define CKM_MD2 (0x200) #define CKM_MD2_HMAC (0x201) #define CKM_MD2_HMAC_GENERAL (0x202) #define CKM_MD5 (0x210) #define CKM_MD5_HMAC (0x211) #define CKM_MD5_HMAC_GENERAL (0x212) #define CKM_SHA_1 (0x220) #define CKM_SHA_1_HMAC (0x221) #define CKM_SHA_1_HMAC_GENERAL (0x222) #define CKM_RIPEMD128 (0x230) #define CKM_RIPEMD128_HMAC (0x231) #define CKM_RIPEMD128_HMAC_GENERAL (0x232) #define CKM_RIPEMD160 (0x240) #define CKM_RIPEMD160_HMAC (0x241) #define CKM_RIPEMD160_HMAC_GENERAL (0x242) #define CKM_SHA256 (0x250) #define CKM_SHA256_HMAC (0x251) #define CKM_SHA256_HMAC_GENERAL (0x252) #define CKM_SHA384 (0x260) #define CKM_SHA384_HMAC (0x261) #define CKM_SHA384_HMAC_GENERAL (0x262) #define CKM_SHA512 (0x270) #define CKM_SHA512_HMAC (0x271) #define CKM_SHA512_HMAC_GENERAL (0x272) #define CKM_CAST_KEY_GEN (0x300) #define CKM_CAST_ECB (0x301) #define CKM_CAST_CBC (0x302) #define CKM_CAST_MAC (0x303) #define CKM_CAST_MAC_GENERAL (0x304) #define CKM_CAST_CBC_PAD (0x305) #define CKM_CAST3_KEY_GEN (0x310) #define CKM_CAST3_ECB (0x311) #define CKM_CAST3_CBC (0x312) #define CKM_CAST3_MAC (0x313) #define CKM_CAST3_MAC_GENERAL (0x314) #define CKM_CAST3_CBC_PAD (0x315) #define CKM_CAST5_KEY_GEN (0x320) #define CKM_CAST128_KEY_GEN (0x320) #define CKM_CAST5_ECB (0x321) #define CKM_CAST128_ECB (0x321) #define CKM_CAST5_CBC (0x322) #define CKM_CAST128_CBC (0x322) #define CKM_CAST5_MAC (0x323) #define CKM_CAST128_MAC (0x323) #define CKM_CAST5_MAC_GENERAL (0x324) #define CKM_CAST128_MAC_GENERAL (0x324) #define CKM_CAST5_CBC_PAD (0x325) #define CKM_CAST128_CBC_PAD (0x325) #define CKM_RC5_KEY_GEN (0x330) #define CKM_RC5_ECB (0x331) #define CKM_RC5_CBC (0x332) #define CKM_RC5_MAC (0x333) #define CKM_RC5_MAC_GENERAL (0x334) #define CKM_RC5_CBC_PAD (0x335) #define CKM_IDEA_KEY_GEN (0x340) #define CKM_IDEA_ECB (0x341) #define CKM_IDEA_CBC (0x342) #define CKM_IDEA_MAC (0x343) #define CKM_IDEA_MAC_GENERAL (0x344) #define CKM_IDEA_CBC_PAD (0x345) #define CKM_GENERIC_SECRET_KEY_GEN (0x350) #define CKM_CONCATENATE_BASE_AND_KEY (0x360) #define CKM_CONCATENATE_BASE_AND_DATA (0x362) #define CKM_CONCATENATE_DATA_AND_BASE (0x363) #define CKM_XOR_BASE_AND_DATA (0x364) #define CKM_EXTRACT_KEY_FROM_KEY (0x365) #define CKM_SSL3_PRE_MASTER_KEY_GEN (0x370) #define CKM_SSL3_MASTER_KEY_DERIVE (0x371) #define CKM_SSL3_KEY_AND_MAC_DERIVE (0x372) #define CKM_SSL3_MASTER_KEY_DERIVE_DH (0x373) #define CKM_TLS_PRE_MASTER_KEY_GEN (0x374) #define CKM_TLS_MASTER_KEY_DERIVE (0x375) #define CKM_TLS_KEY_AND_MAC_DERIVE (0x376) #define CKM_TLS_MASTER_KEY_DERIVE_DH (0x377) #define CKM_SSL3_MD5_MAC (0x380) #define CKM_SSL3_SHA1_MAC (0x381) #define CKM_MD5_KEY_DERIVATION (0x390) #define CKM_MD2_KEY_DERIVATION (0x391) #define CKM_SHA1_KEY_DERIVATION (0x392) #define CKM_PBE_MD2_DES_CBC (0x3a0) #define CKM_PBE_MD5_DES_CBC (0x3a1) #define CKM_PBE_MD5_CAST_CBC (0x3a2) #define CKM_PBE_MD5_CAST3_CBC (0x3a3) #define CKM_PBE_MD5_CAST5_CBC (0x3a4) #define CKM_PBE_MD5_CAST128_CBC (0x3a4) #define CKM_PBE_SHA1_CAST5_CBC (0x3a5) #define CKM_PBE_SHA1_CAST128_CBC (0x3a5) #define CKM_PBE_SHA1_RC4_128 (0x3a6) #define CKM_PBE_SHA1_RC4_40 (0x3a7) #define CKM_PBE_SHA1_DES3_EDE_CBC (0x3a8) #define CKM_PBE_SHA1_DES2_EDE_CBC (0x3a9) #define CKM_PBE_SHA1_RC2_128_CBC (0x3aa) #define CKM_PBE_SHA1_RC2_40_CBC (0x3ab) #define CKM_PKCS5_PBKD2 (0x3b0) #define CKM_PBA_SHA1_WITH_SHA1_HMAC (0x3c0) #define CKM_KEY_WRAP_LYNKS (0x400) #define CKM_KEY_WRAP_SET_OAEP (0x401) #define CKM_SKIPJACK_KEY_GEN (0x1000) #define CKM_SKIPJACK_ECB64 (0x1001) #define CKM_SKIPJACK_CBC64 (0x1002) #define CKM_SKIPJACK_OFB64 (0x1003) #define CKM_SKIPJACK_CFB64 (0x1004) #define CKM_SKIPJACK_CFB32 (0x1005) #define CKM_SKIPJACK_CFB16 (0x1006) #define CKM_SKIPJACK_CFB8 (0x1007) #define CKM_SKIPJACK_WRAP (0x1008) #define CKM_SKIPJACK_PRIVATE_WRAP (0x1009) #define CKM_SKIPJACK_RELAYX (0x100a) #define CKM_KEA_KEY_PAIR_GEN (0x1010) #define CKM_KEA_KEY_DERIVE (0x1011) #define CKM_FORTEZZA_TIMESTAMP (0x1020) #define CKM_BATON_KEY_GEN (0x1030) #define CKM_BATON_ECB128 (0x1031) #define CKM_BATON_ECB96 (0x1032) #define CKM_BATON_CBC128 (0x1033) #define CKM_BATON_COUNTER (0x1034) #define CKM_BATON_SHUFFLE (0x1035) #define CKM_BATON_WRAP (0x1036) #define CKM_ECDSA_KEY_PAIR_GEN (0x1040) #define CKM_EC_KEY_PAIR_GEN (0x1040) #define CKM_ECDSA (0x1041) #define CKM_ECDSA_SHA1 (0x1042) #define CKM_ECDH1_DERIVE (0x1050) #define CKM_ECDH1_COFACTOR_DERIVE (0x1051) #define CKM_ECMQV_DERIVE (0x1052) #define CKM_EDDSA (0x1057) #define CKM_JUNIPER_KEY_GEN (0x1060) #define CKM_JUNIPER_ECB128 (0x1061) #define CKM_JUNIPER_CBC128 (0x1062) #define CKM_JUNIPER_COUNTER (0x1063) #define CKM_JUNIPER_SHUFFLE (0x1064) #define CKM_JUNIPER_WRAP (0x1065) #define CKM_FASTHASH (0x1070) #define CKM_AES_KEY_GEN (0x1080) #define CKM_AES_ECB (0x1081) #define CKM_AES_CBC (0x1082) #define CKM_AES_MAC (0x1083) #define CKM_AES_MAC_GENERAL (0x1084) #define CKM_AES_CBC_PAD (0x1085) #define CKM_DSA_PARAMETER_GEN (0x2000) #define CKM_DH_PKCS_PARAMETER_GEN (0x2001) #define CKM_X9_42_DH_PARAMETER_GEN (0x2002) #define CKM_VENDOR_DEFINED ((unsigned long) (1 << 31)) struct ck_mechanism { ck_mechanism_type_t mechanism; void *parameter; unsigned long parameter_len; }; struct ck_mechanism_info { unsigned long min_key_size; unsigned long max_key_size; ck_flags_t flags; }; #define CKF_HW (1 << 0) #define CKF_ENCRYPT (1 << 8) #define CKF_DECRYPT (1 << 9) #define CKF_DIGEST (1 << 10) #define CKF_SIGN (1 << 11) #define CKF_SIGN_RECOVER (1 << 12) #define CKF_VERIFY (1 << 13) #define CKF_VERIFY_RECOVER (1 << 14) #define CKF_GENERATE (1 << 15) #define CKF_GENERATE_KEY_PAIR (1 << 16) #define CKF_WRAP (1 << 17) #define CKF_UNWRAP (1 << 18) #define CKF_DERIVE (1 << 19) #define CKF_EXTENSION ((unsigned long) (1 << 31)) /* Flags for C_WaitForSlotEvent. */ #define CKF_DONT_BLOCK (1) typedef unsigned long ck_rv_t; typedef ck_rv_t (*ck_notify_t) (ck_session_handle_t session, ck_notification_t event, void *application); /* Forward reference. */ struct ck_function_list; #define _CK_DECLARE_FUNCTION(name, args) \ typedef ck_rv_t (*CK_ ## name) args; \ ck_rv_t CK_SPEC name args _CK_DECLARE_FUNCTION (C_Initialize, (void *init_args)); _CK_DECLARE_FUNCTION (C_Finalize, (void *reserved)); _CK_DECLARE_FUNCTION (C_GetInfo, (struct ck_info *info)); _CK_DECLARE_FUNCTION (C_GetFunctionList, (struct ck_function_list **function_list)); _CK_DECLARE_FUNCTION (C_GetSlotList, (unsigned char token_present, ck_slot_id_t *slot_list, unsigned long *count)); _CK_DECLARE_FUNCTION (C_GetSlotInfo, (ck_slot_id_t slot_id, struct ck_slot_info *info)); _CK_DECLARE_FUNCTION (C_GetTokenInfo, (ck_slot_id_t slot_id, struct ck_token_info *info)); _CK_DECLARE_FUNCTION (C_WaitForSlotEvent, (ck_flags_t flags, ck_slot_id_t *slot, void *reserved)); _CK_DECLARE_FUNCTION (C_GetMechanismList, (ck_slot_id_t slot_id, ck_mechanism_type_t *mechanism_list, unsigned long *count)); _CK_DECLARE_FUNCTION (C_GetMechanismInfo, (ck_slot_id_t slot_id, ck_mechanism_type_t type, struct ck_mechanism_info *info)); _CK_DECLARE_FUNCTION (C_InitToken, (ck_slot_id_t slot_id, unsigned char *pin, unsigned long pin_len, unsigned char *label)); _CK_DECLARE_FUNCTION (C_InitPIN, (ck_session_handle_t session, unsigned char *pin, unsigned long pin_len)); _CK_DECLARE_FUNCTION (C_SetPIN, (ck_session_handle_t session, unsigned char *old_pin, unsigned long old_len, unsigned char *new_pin, unsigned long new_len)); _CK_DECLARE_FUNCTION (C_OpenSession, (ck_slot_id_t slot_id, ck_flags_t flags, void *application, ck_notify_t notify, ck_session_handle_t *session)); _CK_DECLARE_FUNCTION (C_CloseSession, (ck_session_handle_t session)); _CK_DECLARE_FUNCTION (C_CloseAllSessions, (ck_slot_id_t slot_id)); _CK_DECLARE_FUNCTION (C_GetSessionInfo, (ck_session_handle_t session, struct ck_session_info *info)); _CK_DECLARE_FUNCTION (C_GetOperationState, (ck_session_handle_t session, unsigned char *operation_state, unsigned long *operation_state_len)); _CK_DECLARE_FUNCTION (C_SetOperationState, (ck_session_handle_t session, unsigned char *operation_state, unsigned long operation_state_len, ck_object_handle_t encryption_key, ck_object_handle_t authentiation_key)); _CK_DECLARE_FUNCTION (C_Login, (ck_session_handle_t session, ck_user_type_t user_type, unsigned char *pin, unsigned long pin_len)); _CK_DECLARE_FUNCTION (C_Logout, (ck_session_handle_t session)); _CK_DECLARE_FUNCTION (C_CreateObject, (ck_session_handle_t session, struct ck_attribute *templ, unsigned long count, ck_object_handle_t *object)); _CK_DECLARE_FUNCTION (C_CopyObject, (ck_session_handle_t session, ck_object_handle_t object, struct ck_attribute *templ, unsigned long count, ck_object_handle_t *new_object)); _CK_DECLARE_FUNCTION (C_DestroyObject, (ck_session_handle_t session, ck_object_handle_t object)); _CK_DECLARE_FUNCTION (C_GetObjectSize, (ck_session_handle_t session, ck_object_handle_t object, unsigned long *size)); _CK_DECLARE_FUNCTION (C_GetAttributeValue, (ck_session_handle_t session, ck_object_handle_t object, struct ck_attribute *templ, unsigned long count)); _CK_DECLARE_FUNCTION (C_SetAttributeValue, (ck_session_handle_t session, ck_object_handle_t object, struct ck_attribute *templ, unsigned long count)); _CK_DECLARE_FUNCTION (C_FindObjectsInit, (ck_session_handle_t session, struct ck_attribute *templ, unsigned long count)); _CK_DECLARE_FUNCTION (C_FindObjects, (ck_session_handle_t session, ck_object_handle_t *object, unsigned long max_object_count, unsigned long *object_count)); _CK_DECLARE_FUNCTION (C_FindObjectsFinal, (ck_session_handle_t session)); _CK_DECLARE_FUNCTION (C_EncryptInit, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_Encrypt, (ck_session_handle_t session, unsigned char *data, unsigned long data_len, unsigned char *encrypted_data, unsigned long *encrypted_data_len)); _CK_DECLARE_FUNCTION (C_EncryptUpdate, (ck_session_handle_t session, unsigned char *part, unsigned long part_len, unsigned char *encrypted_part, unsigned long *encrypted_part_len)); _CK_DECLARE_FUNCTION (C_EncryptFinal, (ck_session_handle_t session, unsigned char *last_encrypted_part, unsigned long *last_encrypted_part_len)); _CK_DECLARE_FUNCTION (C_DecryptInit, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_Decrypt, (ck_session_handle_t session, unsigned char *encrypted_data, unsigned long encrypted_data_len, unsigned char *data, unsigned long *data_len)); _CK_DECLARE_FUNCTION (C_DecryptUpdate, (ck_session_handle_t session, unsigned char *encrypted_part, unsigned long encrypted_part_len, unsigned char *part, unsigned long *part_len)); _CK_DECLARE_FUNCTION (C_DecryptFinal, (ck_session_handle_t session, unsigned char *last_part, unsigned long *last_part_len)); _CK_DECLARE_FUNCTION (C_DigestInit, (ck_session_handle_t session, struct ck_mechanism *mechanism)); _CK_DECLARE_FUNCTION (C_Digest, (ck_session_handle_t session, unsigned char *data, unsigned long data_len, unsigned char *digest, unsigned long *digest_len)); _CK_DECLARE_FUNCTION (C_DigestUpdate, (ck_session_handle_t session, unsigned char *part, unsigned long part_len)); _CK_DECLARE_FUNCTION (C_DigestKey, (ck_session_handle_t session, ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_DigestFinal, (ck_session_handle_t session, unsigned char *digest, unsigned long *digest_len)); _CK_DECLARE_FUNCTION (C_SignInit, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_Sign, (ck_session_handle_t session, unsigned char *data, unsigned long data_len, unsigned char *signature, unsigned long *signature_len)); _CK_DECLARE_FUNCTION (C_SignUpdate, (ck_session_handle_t session, unsigned char *part, unsigned long part_len)); _CK_DECLARE_FUNCTION (C_SignFinal, (ck_session_handle_t session, unsigned char *signature, unsigned long *signature_len)); _CK_DECLARE_FUNCTION (C_SignRecoverInit, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_SignRecover, (ck_session_handle_t session, unsigned char *data, unsigned long data_len, unsigned char *signature, unsigned long *signature_len)); _CK_DECLARE_FUNCTION (C_VerifyInit, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_Verify, (ck_session_handle_t session, unsigned char *data, unsigned long data_len, unsigned char *signature, unsigned long signature_len)); _CK_DECLARE_FUNCTION (C_VerifyUpdate, (ck_session_handle_t session, unsigned char *part, unsigned long part_len)); _CK_DECLARE_FUNCTION (C_VerifyFinal, (ck_session_handle_t session, unsigned char *signature, unsigned long signature_len)); _CK_DECLARE_FUNCTION (C_VerifyRecoverInit, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_VerifyRecover, (ck_session_handle_t session, unsigned char *signature, unsigned long signature_len, unsigned char *data, unsigned long *data_len)); _CK_DECLARE_FUNCTION (C_DigestEncryptUpdate, (ck_session_handle_t session, unsigned char *part, unsigned long part_len, unsigned char *encrypted_part, unsigned long *encrypted_part_len)); _CK_DECLARE_FUNCTION (C_DecryptDigestUpdate, (ck_session_handle_t session, unsigned char *encrypted_part, unsigned long encrypted_part_len, unsigned char *part, unsigned long *part_len)); _CK_DECLARE_FUNCTION (C_SignEncryptUpdate, (ck_session_handle_t session, unsigned char *part, unsigned long part_len, unsigned char *encrypted_part, unsigned long *encrypted_part_len)); _CK_DECLARE_FUNCTION (C_DecryptVerifyUpdate, (ck_session_handle_t session, unsigned char *encrypted_part, unsigned long encrypted_part_len, unsigned char *part, unsigned long *part_len)); _CK_DECLARE_FUNCTION (C_GenerateKey, (ck_session_handle_t session, struct ck_mechanism *mechanism, struct ck_attribute *templ, unsigned long count, ck_object_handle_t *key)); _CK_DECLARE_FUNCTION (C_GenerateKeyPair, (ck_session_handle_t session, struct ck_mechanism *mechanism, struct ck_attribute *public_key_template, unsigned long public_key_attribute_count, struct ck_attribute *private_key_template, unsigned long private_key_attribute_count, ck_object_handle_t *public_key, ck_object_handle_t *private_key)); _CK_DECLARE_FUNCTION (C_WrapKey, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t wrapping_key, ck_object_handle_t key, unsigned char *wrapped_key, unsigned long *wrapped_key_len)); _CK_DECLARE_FUNCTION (C_UnwrapKey, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t unwrapping_key, unsigned char *wrapped_key, unsigned long wrapped_key_len, struct ck_attribute *templ, unsigned long attribute_count, ck_object_handle_t *key)); _CK_DECLARE_FUNCTION (C_DeriveKey, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t base_key, struct ck_attribute *templ, unsigned long attribute_count, ck_object_handle_t *key)); _CK_DECLARE_FUNCTION (C_SeedRandom, (ck_session_handle_t session, unsigned char *seed, unsigned long seed_len)); _CK_DECLARE_FUNCTION (C_GenerateRandom, (ck_session_handle_t session, unsigned char *random_data, unsigned long random_len)); _CK_DECLARE_FUNCTION (C_GetFunctionStatus, (ck_session_handle_t session)); _CK_DECLARE_FUNCTION (C_CancelFunction, (ck_session_handle_t session)); struct ck_function_list { struct ck_version version; CK_C_Initialize C_Initialize; CK_C_Finalize C_Finalize; CK_C_GetInfo C_GetInfo; CK_C_GetFunctionList C_GetFunctionList; CK_C_GetSlotList C_GetSlotList; CK_C_GetSlotInfo C_GetSlotInfo; CK_C_GetTokenInfo C_GetTokenInfo; CK_C_GetMechanismList C_GetMechanismList; CK_C_GetMechanismInfo C_GetMechanismInfo; CK_C_InitToken C_InitToken; CK_C_InitPIN C_InitPIN; CK_C_SetPIN C_SetPIN; CK_C_OpenSession C_OpenSession; CK_C_CloseSession C_CloseSession; CK_C_CloseAllSessions C_CloseAllSessions; CK_C_GetSessionInfo C_GetSessionInfo; CK_C_GetOperationState C_GetOperationState; CK_C_SetOperationState C_SetOperationState; CK_C_Login C_Login; CK_C_Logout C_Logout; CK_C_CreateObject C_CreateObject; CK_C_CopyObject C_CopyObject; CK_C_DestroyObject C_DestroyObject; CK_C_GetObjectSize C_GetObjectSize; CK_C_GetAttributeValue C_GetAttributeValue; CK_C_SetAttributeValue C_SetAttributeValue; CK_C_FindObjectsInit C_FindObjectsInit; CK_C_FindObjects C_FindObjects; CK_C_FindObjectsFinal C_FindObjectsFinal; CK_C_EncryptInit C_EncryptInit; CK_C_Encrypt C_Encrypt; CK_C_EncryptUpdate C_EncryptUpdate; CK_C_EncryptFinal C_EncryptFinal; CK_C_DecryptInit C_DecryptInit; CK_C_Decrypt C_Decrypt; CK_C_DecryptUpdate C_DecryptUpdate; CK_C_DecryptFinal C_DecryptFinal; CK_C_DigestInit C_DigestInit; CK_C_Digest C_Digest; CK_C_DigestUpdate C_DigestUpdate; CK_C_DigestKey C_DigestKey; CK_C_DigestFinal C_DigestFinal; CK_C_SignInit C_SignInit; CK_C_Sign C_Sign; CK_C_SignUpdate C_SignUpdate; CK_C_SignFinal C_SignFinal; CK_C_SignRecoverInit C_SignRecoverInit; CK_C_SignRecover C_SignRecover; CK_C_VerifyInit C_VerifyInit; CK_C_Verify C_Verify; CK_C_VerifyUpdate C_VerifyUpdate; CK_C_VerifyFinal C_VerifyFinal; CK_C_VerifyRecoverInit C_VerifyRecoverInit; CK_C_VerifyRecover C_VerifyRecover; CK_C_DigestEncryptUpdate C_DigestEncryptUpdate; CK_C_DecryptDigestUpdate C_DecryptDigestUpdate; CK_C_SignEncryptUpdate C_SignEncryptUpdate; CK_C_DecryptVerifyUpdate C_DecryptVerifyUpdate; CK_C_GenerateKey C_GenerateKey; CK_C_GenerateKeyPair C_GenerateKeyPair; CK_C_WrapKey C_WrapKey; CK_C_UnwrapKey C_UnwrapKey; CK_C_DeriveKey C_DeriveKey; CK_C_SeedRandom C_SeedRandom; CK_C_GenerateRandom C_GenerateRandom; CK_C_GetFunctionStatus C_GetFunctionStatus; CK_C_CancelFunction C_CancelFunction; CK_C_WaitForSlotEvent C_WaitForSlotEvent; }; typedef ck_rv_t (*ck_createmutex_t) (void **mutex); typedef ck_rv_t (*ck_destroymutex_t) (void *mutex); typedef ck_rv_t (*ck_lockmutex_t) (void *mutex); typedef ck_rv_t (*ck_unlockmutex_t) (void *mutex); struct ck_c_initialize_args { ck_createmutex_t create_mutex; ck_destroymutex_t destroy_mutex; ck_lockmutex_t lock_mutex; ck_unlockmutex_t unlock_mutex; ck_flags_t flags; void *reserved; }; #define CKF_LIBRARY_CANT_CREATE_OS_THREADS (1 << 0) #define CKF_OS_LOCKING_OK (1 << 1) #define CKR_OK (0) #define CKR_CANCEL (1) #define CKR_HOST_MEMORY (2) #define CKR_SLOT_ID_INVALID (3) #define CKR_GENERAL_ERROR (5) #define CKR_FUNCTION_FAILED (6) #define CKR_ARGUMENTS_BAD (7) #define CKR_NO_EVENT (8) #define CKR_NEED_TO_CREATE_THREADS (9) #define CKR_CANT_LOCK (0xa) #define CKR_ATTRIBUTE_READ_ONLY (0x10) #define CKR_ATTRIBUTE_SENSITIVE (0x11) #define CKR_ATTRIBUTE_TYPE_INVALID (0x12) #define CKR_ATTRIBUTE_VALUE_INVALID (0x13) #define CKR_DATA_INVALID (0x20) #define CKR_DATA_LEN_RANGE (0x21) #define CKR_DEVICE_ERROR (0x30) #define CKR_DEVICE_MEMORY (0x31) #define CKR_DEVICE_REMOVED (0x32) #define CKR_ENCRYPTED_DATA_INVALID (0x40) #define CKR_ENCRYPTED_DATA_LEN_RANGE (0x41) #define CKR_FUNCTION_CANCELED (0x50) #define CKR_FUNCTION_NOT_PARALLEL (0x51) #define CKR_FUNCTION_NOT_SUPPORTED (0x54) #define CKR_KEY_HANDLE_INVALID (0x60) #define CKR_KEY_SIZE_RANGE (0x62) #define CKR_KEY_TYPE_INCONSISTENT (0x63) #define CKR_KEY_NOT_NEEDED (0x64) #define CKR_KEY_CHANGED (0x65) #define CKR_KEY_NEEDED (0x66) #define CKR_KEY_INDIGESTIBLE (0x67) #define CKR_KEY_FUNCTION_NOT_PERMITTED (0x68) #define CKR_KEY_NOT_WRAPPABLE (0x69) #define CKR_KEY_UNEXTRACTABLE (0x6a) #define CKR_MECHANISM_INVALID (0x70) #define CKR_MECHANISM_PARAM_INVALID (0x71) #define CKR_OBJECT_HANDLE_INVALID (0x82) #define CKR_OPERATION_ACTIVE (0x90) #define CKR_OPERATION_NOT_INITIALIZED (0x91) #define CKR_PIN_INCORRECT (0xa0) #define CKR_PIN_INVALID (0xa1) #define CKR_PIN_LEN_RANGE (0xa2) #define CKR_PIN_EXPIRED (0xa3) #define CKR_PIN_LOCKED (0xa4) #define CKR_SESSION_CLOSED (0xb0) #define CKR_SESSION_COUNT (0xb1) #define CKR_SESSION_HANDLE_INVALID (0xb3) #define CKR_SESSION_PARALLEL_NOT_SUPPORTED (0xb4) #define CKR_SESSION_READ_ONLY (0xb5) #define CKR_SESSION_EXISTS (0xb6) #define CKR_SESSION_READ_ONLY_EXISTS (0xb7) #define CKR_SESSION_READ_WRITE_SO_EXISTS (0xb8) #define CKR_SIGNATURE_INVALID (0xc0) #define CKR_SIGNATURE_LEN_RANGE (0xc1) #define CKR_TEMPLATE_INCOMPLETE (0xd0) #define CKR_TEMPLATE_INCONSISTENT (0xd1) #define CKR_TOKEN_NOT_PRESENT (0xe0) #define CKR_TOKEN_NOT_RECOGNIZED (0xe1) #define CKR_TOKEN_WRITE_PROTECTED (0xe2) #define CKR_UNWRAPPING_KEY_HANDLE_INVALID (0xf0) #define CKR_UNWRAPPING_KEY_SIZE_RANGE (0xf1) #define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT (0xf2) #define CKR_USER_ALREADY_LOGGED_IN (0x100) #define CKR_USER_NOT_LOGGED_IN (0x101) #define CKR_USER_PIN_NOT_INITIALIZED (0x102) #define CKR_USER_TYPE_INVALID (0x103) #define CKR_USER_ANOTHER_ALREADY_LOGGED_IN (0x104) #define CKR_USER_TOO_MANY_TYPES (0x105) #define CKR_WRAPPED_KEY_INVALID (0x110) #define CKR_WRAPPED_KEY_LEN_RANGE (0x112) #define CKR_WRAPPING_KEY_HANDLE_INVALID (0x113) #define CKR_WRAPPING_KEY_SIZE_RANGE (0x114) #define CKR_WRAPPING_KEY_TYPE_INCONSISTENT (0x115) #define CKR_RANDOM_SEED_NOT_SUPPORTED (0x120) #define CKR_RANDOM_NO_RNG (0x121) #define CKR_DOMAIN_PARAMS_INVALID (0x130) #define CKR_BUFFER_TOO_SMALL (0x150) #define CKR_SAVED_STATE_INVALID (0x160) #define CKR_INFORMATION_SENSITIVE (0x170) #define CKR_STATE_UNSAVEABLE (0x180) #define CKR_CRYPTOKI_NOT_INITIALIZED (0x190) #define CKR_CRYPTOKI_ALREADY_INITIALIZED (0x191) #define CKR_MUTEX_BAD (0x1a0) #define CKR_MUTEX_NOT_LOCKED (0x1a1) #define CKR_FUNCTION_REJECTED (0x200) #define CKR_VENDOR_DEFINED ((unsigned long) (1 << 31)) /* Compatibility layer. */ #ifdef CRYPTOKI_COMPAT #undef CK_DEFINE_FUNCTION #define CK_DEFINE_FUNCTION(retval, name) retval CK_SPEC name /* For NULL. */ #include typedef unsigned char CK_BYTE; typedef unsigned char CK_CHAR; typedef unsigned char CK_UTF8CHAR; typedef unsigned char CK_BBOOL; typedef unsigned long int CK_ULONG; typedef long int CK_LONG; typedef CK_BYTE *CK_BYTE_PTR; typedef CK_CHAR *CK_CHAR_PTR; typedef CK_UTF8CHAR *CK_UTF8CHAR_PTR; typedef CK_ULONG *CK_ULONG_PTR; typedef void *CK_VOID_PTR; typedef void **CK_VOID_PTR_PTR; #define CK_FALSE 0 #define CK_TRUE 1 #ifndef CK_DISABLE_TRUE_FALSE #ifndef FALSE #define FALSE 0 #endif #ifndef TRUE #define TRUE 1 #endif #endif typedef struct ck_version CK_VERSION; typedef struct ck_version *CK_VERSION_PTR; typedef struct ck_info CK_INFO; typedef struct ck_info *CK_INFO_PTR; typedef ck_slot_id_t *CK_SLOT_ID_PTR; typedef struct ck_slot_info CK_SLOT_INFO; typedef struct ck_slot_info *CK_SLOT_INFO_PTR; typedef struct ck_token_info CK_TOKEN_INFO; typedef struct ck_token_info *CK_TOKEN_INFO_PTR; typedef ck_session_handle_t *CK_SESSION_HANDLE_PTR; typedef struct ck_session_info CK_SESSION_INFO; typedef struct ck_session_info *CK_SESSION_INFO_PTR; typedef ck_object_handle_t *CK_OBJECT_HANDLE_PTR; typedef ck_object_class_t *CK_OBJECT_CLASS_PTR; typedef struct ck_attribute CK_ATTRIBUTE; typedef struct ck_attribute *CK_ATTRIBUTE_PTR; typedef struct ck_date CK_DATE; typedef struct ck_date *CK_DATE_PTR; typedef ck_mechanism_type_t *CK_MECHANISM_TYPE_PTR; typedef struct ck_mechanism CK_MECHANISM; typedef struct ck_mechanism *CK_MECHANISM_PTR; typedef struct ck_mechanism_info CK_MECHANISM_INFO; typedef struct ck_mechanism_info *CK_MECHANISM_INFO_PTR; typedef struct ck_function_list CK_FUNCTION_LIST; typedef struct ck_function_list *CK_FUNCTION_LIST_PTR; typedef struct ck_function_list **CK_FUNCTION_LIST_PTR_PTR; typedef struct ck_c_initialize_args CK_C_INITIALIZE_ARGS; typedef struct ck_c_initialize_args *CK_C_INITIALIZE_ARGS_PTR; #define NULL_PTR NULL /* Delete the helper macros defined at the top of the file. */ #undef ck_flags_t #undef ck_version #undef ck_info #undef cryptoki_version #undef manufacturer_id #undef library_description #undef library_version #undef ck_notification_t #undef ck_slot_id_t #undef ck_slot_info #undef slot_description #undef hardware_version #undef firmware_version #undef ck_token_info #undef serial_number #undef max_session_count #undef session_count #undef max_rw_session_count #undef rw_session_count #undef max_pin_len #undef min_pin_len #undef total_public_memory #undef free_public_memory #undef total_private_memory #undef free_private_memory #undef utc_time #undef ck_session_handle_t #undef ck_user_type_t #undef ck_state_t #undef ck_session_info #undef slot_id #undef device_error #undef ck_object_handle_t #undef ck_object_class_t #undef ck_hw_feature_type_t #undef ck_key_type_t #undef ck_certificate_type_t #undef ck_attribute_type_t #undef ck_attribute #undef value #undef value_len #undef ck_date #undef ck_mechanism_type_t #undef ck_mechanism #undef parameter #undef parameter_len #undef ck_mechanism_info #undef min_key_size #undef max_key_size #undef ck_rv_t #undef ck_notify_t #undef ck_function_list #undef ck_createmutex_t #undef ck_destroymutex_t #undef ck_lockmutex_t #undef ck_unlockmutex_t #undef ck_c_initialize_args #undef create_mutex #undef destroy_mutex #undef lock_mutex #undef unlock_mutex #undef reserved #endif /* CRYPTOKI_COMPAT */ /* System dependencies. */ #if defined(_WIN32) || defined(CRYPTOKI_FORCE_WIN32) #pragma pack(pop, cryptoki) #endif #if defined(__cplusplus) } #endif #endif /* PKCS11_H */ xca-RELEASE.2.5.0/lib/openssl_compat.h000066400000000000000000000017261450407711300173250ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2017 Christian Hohnstaedt. * * All rights reserved. */ /* This header equalizes a lot of OpenSSL 1.1.0 vs. 1.1.1 API clashes by defining some macros if OpenSSL < 1.1.1 is used. This way the code is written with the new API and have much less #ifdefs */ #ifndef __OPENSS_COMPAT_XCA_H #define __OPENSS_COMPAT_XCA_H #include #if OPENSSL_VERSION_NUMBER < 0x10101000L || defined LIBRESSL_VERSION_NUMBER static inline int EVP_DigestSign(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen, const unsigned char *tbs, size_t tbslen) { return EVP_DigestSignUpdate(ctx, tbs, tbslen) && EVP_DigestSignFinal(ctx, sigret, siglen); } static inline int EVP_DigestVerify(EVP_MD_CTX *ctx, const unsigned char *sigret, size_t siglen, const unsigned char *tbs, size_t tbslen) { return EVP_DigestVerifyUpdate(ctx, tbs, tbslen) && EVP_DigestVerifyFinal(ctx, (unsigned char *)sigret, siglen); } #endif #endif xca-RELEASE.2.5.0/lib/pass_info.cpp000066400000000000000000000006201450407711300166030ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2007 Christian Hohnstaedt. * * All rights reserved. */ #include "pass_info.h" pass_info::pass_info(const QString &t, const QString &d, QWidget *w) { title = t; description = d; widget = w; type = tr("Password"); pixmap = QString(":keyImg"); result = pw_ok; } void pass_info::setPin() { type = tr("PIN"); pixmap = QString(":scardImg"); } xca-RELEASE.2.5.0/lib/pass_info.h000066400000000000000000000021131450407711300162470ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2007 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PASS_INFO_H #define __PASS_INFO_H #include #include #include #include "lib/exception.h" class QWidget; class pass_info: public QObject { Q_OBJECT private: QString title; QString description; QWidget *widget; QString type; QString pixmap; enum open_result result; public: pass_info(const QString &t, const QString &d, QWidget *w = NULL); QString getTitle() const { return title; } QString getDescription() const { return description; } QWidget *getWidget() { if (!widget) widget = qApp->activeWindow(); return widget; } QString getType() const { return type; } QString getImage() const { return pixmap; } enum open_result getResult() const { return result; } void setTitle(QString t) { title = t; } void setDescription(QString d) { description = d; } void setWidget(QWidget *w) { widget = w; } void setResult(enum open_result r) { result = r; } void setPin(); }; #endif xca-RELEASE.2.5.0/lib/pk11_attribute.cpp000066400000000000000000000064341450407711300174720ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2009 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #include "pkcs11.h" #include "pk11_attribute.h" #include "exception.h" #include void pk11_attribute::load(const slotid &slot, CK_SESSION_HANDLE sess, CK_OBJECT_HANDLE obj) { CK_RV rv; rv = slot.p11()->C_GetAttributeValue(sess, obj, &attr, 1); if (rv != CKR_OK) pk11error("C_GetAttribute()", rv); } void pk11_attr_data::load(const slotid &slot, CK_SESSION_HANDLE sess, CK_OBJECT_HANDLE obj) { CK_RV rv; if (attr.pValue) { free(attr.pValue); attr.pValue = NULL; } attr.ulValueLen = 0; rv = slot.p11()->C_GetAttributeValue(sess, obj, &attr, 1); if (rv == CKR_OK) { attr.pValue = malloc(attr.ulValueLen +1); Q_CHECK_PTR(attr.pValue); rv = slot.p11()->C_GetAttributeValue(sess, obj, &attr, 1); \ if (rv == CKR_OK) return; } pk11error("C_GetAttributeValue(data)", rv); \ } void pk11_attr_data::setValue(const unsigned char *ptr, unsigned long len) { if (attr.pValue) free(attr.pValue); if (!ptr || len == 0) { attr.ulValueLen = 0; attr.pValue = NULL; return; } attr.pValue = malloc(len+1); Q_CHECK_PTR(attr.pValue); memcpy(attr.pValue, ptr, len); attr.ulValueLen = len; ((char*)attr.pValue)[len] = 0; } void pk11_attr_data::setConstBignum(const BIGNUM *bn) { attr.ulValueLen = BN_num_bytes(bn); if (attr.pValue) free(attr.pValue); attr.pValue = malloc(attr.ulValueLen); Q_CHECK_PTR(attr.pValue); attr.ulValueLen = BN_bn2bin(bn, (unsigned char *)attr.pValue); } void pk11_attr_data::setBignum(BIGNUM *bn, bool consume) { setConstBignum(bn); if (consume) BN_free(bn); } void pk11_attribute::store(const slotid &slot, CK_SESSION_HANDLE sess, CK_OBJECT_HANDLE obj) { CK_RV rv; rv = slot.p11()->C_SetAttributeValue(sess, obj, &attr, 1); if (rv != CKR_OK) pk11error("C_SetAttributeValue", rv); } void pk11_attlist::copy(const pk11_attlist &a) { reset(); attlen = a.attlen; alloc_len = a.alloc_len; if (alloc_len) { attributes = (CK_ATTRIBUTE *)malloc(alloc_len *sizeof(*attributes)); Q_CHECK_PTR(attributes); memcpy(attributes, a.attributes, attlen *sizeof(*attributes)); } for (unsigned long i=0; itype = a.attr.type; attr->ulValueLen = a.attr.ulValueLen; attr->pValue = malloc(attr->ulValueLen +1); Q_CHECK_PTR(attr->pValue); memcpy(attr->pValue, a.attr.pValue, attr->ulValueLen); ((char*)attr->pValue)[attr->ulValueLen] = 0; } void pk11_attlist::reset() { for (unsigned long i=0; i #include #include #include "opensc-pkcs11.h" #include "exception.h" #define UTF8QSTRING(x,s) QString::fromUtf8((const char*)(x), s).trimmed() #define ASCIIQSTRING(x,s) QString::fromLatin1((const char*)(x), s).trimmed() class pk11_attlist; class pk11_attribute { friend class pk11_attlist; protected: CK_ATTRIBUTE attr; public: pk11_attribute(unsigned long type) { memset(&attr, 0, sizeof(attr)); attr.type = type; } virtual ~pk11_attribute() { } const CK_ATTRIBUTE *getAttribute() const { return &attr; } unsigned long type() const { return attr.type; } QByteArray getData() const { return QByteArray((char*)attr.pValue, attr.ulValueLen); } virtual void store(const slotid &slot, CK_SESSION_HANDLE sess, CK_OBJECT_HANDLE obj); virtual void load(const slotid &slot, CK_SESSION_HANDLE sess, CK_OBJECT_HANDLE obj); bool cmp(const pk11_attribute &other) const { return (attr.type == other.attr.type) && (attr.ulValueLen == other.attr.ulValueLen) && !memcmp(attr.pValue, other.attr.pValue, attr.ulValueLen); } bool operator == (const pk11_attribute &other) const { return cmp(other); } }; class pk11_attr_bool: public pk11_attribute { protected: unsigned char value; public: pk11_attr_bool(unsigned long type, bool v = false) :pk11_attribute(type) { attr.pValue = &value; attr.ulValueLen = sizeof(value); setValue(v); } pk11_attr_bool(const pk11_attr_bool &p) :pk11_attribute(p.type()) { attr.pValue = &value; attr.ulValueLen = sizeof(value); setValue(p.value); } bool getValue() const { return value ? true : false; } void setValue(unsigned long v) { value = v ? 1 : 0; } }; class pk11_attr_ulong: public pk11_attribute { protected: unsigned long value; public: pk11_attr_ulong(unsigned long type, unsigned long v = 0) :pk11_attribute(type) { attr.pValue = &value; attr.ulValueLen = sizeof(value); setValue(v); } pk11_attr_ulong(const pk11_attr_ulong &p) :pk11_attribute(p.type()) { attr.pValue = &value; attr.ulValueLen = sizeof(value); setValue(p.value); } unsigned long getValue() const { return value; } void setValue(unsigned long v) { value = v; } }; class pk11_attr_data: public pk11_attribute { public: pk11_attr_data() :pk11_attribute(0) { } pk11_attr_data(unsigned long type, const unsigned char *v = NULL, unsigned long len = 0) :pk11_attribute(type) { setValue(v, len); } pk11_attr_data(const pk11_attr_data &p) :pk11_attribute(p.type()) { const unsigned char *ptr; unsigned long size = p.getValue(&ptr); setValue(ptr, size); } pk11_attr_data(unsigned long type, QByteArray ba) :pk11_attribute(type) { setValue((const unsigned char *)ba.constData(), ba.size()); } pk11_attr_data(unsigned long type, BIGNUM *bn, bool consume=true) :pk11_attribute(type) { setBignum(bn, consume); } pk11_attr_data(unsigned long type, const BIGNUM *bn) :pk11_attribute(type) { setConstBignum(bn); } pk11_attr_data(unsigned long type, unsigned long value) :pk11_attribute(type) { setULong(value); } void setULong(unsigned long value) { BIGNUM *bn = BN_new(); Q_CHECK_PTR(bn); BN_set_word(bn, value); setBignum(bn, true); } unsigned long getValue(const unsigned char **ptr) const { *ptr = (const unsigned char*)attr.pValue; return attr.ulValueLen; } ~pk11_attr_data() { if (attr.pValue) { memset(attr.pValue, 0, attr.ulValueLen); free(attr.pValue); } } QString getText() const { unsigned long len = attr.ulValueLen; char *p = (char*)attr.pValue; /* Fixup 0 padded attributes, returned by some broken libs like OpenLimit */ while (p[len-1] == 0 && len > 0) len--; return UTF8QSTRING(attr.pValue, len); } BIGNUM *getBignum() const { return BN_bin2bn((unsigned char*)attr.pValue, attr.ulValueLen, NULL); } void setBignum(BIGNUM *bn, bool consume=true); void setConstBignum(const BIGNUM *bn); void load(const slotid &slot, CK_SESSION_HANDLE sess, CK_OBJECT_HANDLE obj); void setValue(const unsigned char *ptr, unsigned long len); pk11_attr_data &operator = (const pk11_attr_data &p) { const unsigned char *ptr; unsigned long size = p.getValue(&ptr); attr.type = p.attr.type; setValue(ptr, size); return *this; } }; class pk11_attlist { private: CK_ATTRIBUTE *attributes; unsigned long attlen; unsigned long alloc_len; void init() { attlen = 0; alloc_len = 0; attributes = NULL; } public: pk11_attlist() { init(); } pk11_attlist(const pk11_attlist &a); pk11_attlist(const pk11_attribute &a) { init(); addAttribute(a); } ~pk11_attlist(); unsigned long get(CK_ATTRIBUTE **attp) { *attp = attributes; return attlen; } void addAttribute(const pk11_attribute &a); pk11_attlist &operator << (const pk11_attribute &a) { addAttribute(a); return *this; } CK_ATTRIBUTE *getAttributes() { return attributes; } unsigned long length() { return attlen; } pk11_attlist &operator = (const pk11_attlist &a) { copy(a); return *this; } void copy(const pk11_attlist &a); void reset(); }; #endif xca-RELEASE.2.5.0/lib/pkcs11.cpp000066400000000000000000000757731450407711300157510ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2009 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "pkcs11_lib.h" #include "pkcs11.h" #include "pk11_attribute.h" #include "exception.h" #include "db_base.h" #include "func.h" #include "pass_info.h" #include "Passwd.h" #include "entropy.h" #include #include #include #include #include #include "PwDialogCore.h" #include "XcaWarningCore.h" #pragma message ("split PwDialog into console and GUI") #include "ui_SelectToken.h" #include void waitcursor(int start, int line) { qDebug() << "Waitcursor" << (start ? "start" : "end") << line; ign_openssl_error(); if (!IS_GUI_APP) return; if (start) QApplication::setOverrideCursor(QCursor(Qt::WaitCursor)); else QApplication::restoreOverrideCursor(); } pkcs11_lib_list pkcs11::libraries; pkcs11::pkcs11() { session = CK_INVALID_HANDLE; p11obj = CK_INVALID_HANDLE; } pkcs11::~pkcs11() { if (session != CK_INVALID_HANDLE && p11slot.p11()) { CK_RV rv; CALL_P11_C(p11slot.lib, C_CloseSession, session); (void)rv; } } void pkcs11::startSession(const slotid &slot, bool rw) { CK_RV rv; unsigned long flags = CKF_SERIAL_SESSION | (rw ? CKF_RW_SESSION : 0); if (session != CK_INVALID_HANDLE) { CALL_P11_C(slot.lib, C_CloseSession, session); session = CK_INVALID_HANDLE; if (rv != CKR_OK) pk11error(slot, "C_CloseSession", rv); } CALL_P11_C(slot.lib, C_OpenSession, slot.id, flags, NULL, NULL, &session); if (rv != CKR_OK) pk11error(slot, "C_OpenSession", rv); p11slot = slot; } void pkcs11::getRandom() { CK_BYTE buf[64]; CK_ULONG len = sizeof buf; CK_RV rv; if (Entropy::get(buf, len)) { CALL_P11_C(p11slot.lib, C_SeedRandom, session, buf, len); } CALL_P11_C(p11slot.lib, C_GenerateRandom, session, buf, len); if (rv == CKR_OK) Entropy::add_buf(buf, len); else qDebug("C_GenerateRandom: %s", pk11errorString(rv)); } QList pkcs11::mechanismList(const slotid &slot) { CK_RV rv; CK_MECHANISM_TYPE *m; QList ml; unsigned long count; CALL_P11_C(slot.lib, C_GetMechanismList, slot.id, NULL, &count); if (count != 0) { m = (CK_MECHANISM_TYPE *)malloc(count *sizeof(*m)); Q_CHECK_PTR(m); CALL_P11_C(slot.lib, C_GetMechanismList, slot.id, m, &count); if (rv != CKR_OK) { free(m); pk11error(slot, "C_GetMechanismList", rv); } for (unsigned i=0; ilogin(NULL, 0, so); } catch (errorEx &e) { err = e; } } }; static QDialog *newPinPadBox() { QDialog *box = new QDialog(NULL, Qt::WindowStaysOnTopHint); box->setWindowTitle(XCA_TITLE); QHBoxLayout *h = new QHBoxLayout(box); QLabel *l = new QLabel(); l->setPixmap(QPixmap(":scardImg")); l->setMaximumSize(QSize(95, 40)); l->setScaledContents(true); h->addWidget(l); l = new QLabel(QObject::tr("Please enter the PIN on the PinPad")); h->addWidget(l); return box; } QString pkcs11::tokenLogin(QString name, bool so, bool force) { Passwd pin; bool need_login; QString text = so ? QObject::tr("Please enter the SO PIN (PUK) of the token %1"): QObject::tr("Please enter the PIN of the token %1"); pass_info p(XCA_TITLE, text.arg(name)); p.setPin(); need_login = needsLogin(so); if (force || need_login) { if (!need_login) logout(); if (tokenInfo().protAuthPath()) { pin.clear(); QDialog *pinpadbox = newPinPadBox(); pinpadbox->show(); pinPadLoginThread ppt(this, so); ppt.start(); while(!ppt.wait(20)) { qApp->processEvents(); pinpadbox->raise(); } delete pinpadbox; if (!ppt.err.isEmpty()) throw errorEx(ppt.err); } else { if (PwDialogCore::execute(&p, &pin, false) != 1) return QString(); } login(pin.constUchar(), pin.size(), so); } else { return QString(""); } return QString(pin); } bool pkcs11::selectToken(slotid *slot, QWidget *w) { slotidList p11_slots = getSlotList(); QStringList slotnames; QList slotsWithToken; for (int i = 0; i < p11_slots.count(); i++) { try { tkInfo info; CK_RV rv = tokenInfo(p11_slots[i], &info); if (rv == CKR_TOKEN_NOT_PRESENT) continue; slotsWithToken.append(i); slotnames << QString("%1 (#%2)"). arg(info.label()).arg(info.serial()); } catch (errorEx &e) { XCA_WARN(QString("Error: %1").arg(e.getString())); } } switch (slotnames.count()) { case 0: XCA_WARN(QObject::tr("No Security token found")); return false; case 1: *slot = p11_slots[slotsWithToken[0]]; return true; } Ui::SelectToken ui; QDialog *select_slot = new QDialog(w); ui.setupUi(select_slot); ui.image->setPixmap(QPixmap(":scardImg")); ui.tokenBox->addItems(slotnames); ui.buttonBox->button(QDialogButtonBox::Ok)->setText(QObject::tr("Select")); select_slot->setWindowTitle(XCA_TITLE); if (select_slot->exec() == 0) { delete select_slot; return false; } int selected = ui.tokenBox->currentIndex(); *slot = p11_slots[slotsWithToken[selected]]; delete select_slot; return true; } void pkcs11::setPin(unsigned char *oldPin, unsigned long oldPinLen, unsigned char *pin, unsigned long pinLen) { CK_RV rv; p11slot.isValid(); CALL_P11_C(p11slot.lib, C_SetPIN, session, oldPin, oldPinLen, pin, pinLen); if (rv != CKR_OK) pk11error("C_SetPIN", rv); } static QString newSoPinTxt = QObject::tr( "Please enter the new SO PIN (PUK) for the token: '%1'"); static QString newPinTxt = QObject::tr( "Please enter the new PIN for the token: '%1'"); void pkcs11::changePin(const slotid &slot, bool so) { Passwd newPin, pinp; QString pin; startSession(slot, true); tkInfo ti = tokenInfo(); if (ti.protAuthPath()) { setPin(NULL, 0, NULL, 0); return; } pin = tokenLogin(ti.label(), so, true); if (pin.isNull()) return; QString msg = so ? newSoPinTxt : newPinTxt; pass_info p(XCA_TITLE, msg.arg(ti.label()) + "\n" + ti.pinInfo()); p.setPin(); if (PwDialogCore::execute(&p, &newPin, true) == 1) { pinp = pin.toLatin1(); setPin(pinp.constUchar(), pinp.size(), newPin.constUchar(), newPin.size()); } logout(); } void pkcs11::initPin(const slotid &slot) { Passwd newPin, pinp; int ret = 1; QString pin; startSession(slot, true); tkInfo ti = tokenInfo(); pin = tokenLogin(ti.label(), true, false); if (pin.isNull()) return; pass_info p(XCA_TITLE, newPinTxt.arg(ti.label()) + "\n" + ti.pinInfo()); p.setPin(); if (!ti.protAuthPath()) { ret = PwDialogCore::execute(&p, &newPin, true); pinp = newPin; } p11slot.isValid(); if (ret == 1) { CK_RV rv; CALL_P11_C(p11slot.lib, C_InitPIN, session, pinp.constUchar(), pinp.size()); if (rv != CKR_OK) pk11error("C_InitPIN", rv); } logout(); } void pkcs11::initToken(const slotid &slot, unsigned char *pin, int pinlen, QString label) { CK_RV rv; unsigned char clabel[32]; QByteArray ba = label.toUtf8().left(32); memset(clabel, ' ', 32); memcpy(clabel, ba.constData(), ba.size()); CALL_P11_C(slot.lib, C_InitToken, slot.id, pin, pinlen, clabel); if (rv != CKR_OK) pk11error(slot, "C_InitToken", rv); } tkInfo pkcs11::tokenInfo(const slotid &slot) { tkInfo ti; CK_RV rv = tokenInfo(slot, &ti); if (rv != CKR_OK) { pk11error(slot, "C_GetTokenInfo", rv); } return ti; } CK_RV pkcs11::tokenInfo(const slotid &slot, tkInfo *tkinfo) { CK_TOKEN_INFO token_info; CK_RV rv; CALL_P11_C(slot.lib, C_GetTokenInfo, slot.id, &token_info); if (rv == CKR_OK) tkinfo->set(&token_info); return rv; } void pkcs11::loadAttribute(pk11_attribute &attribute, CK_OBJECT_HANDLE object) { p11slot.isValid(); attribute.load(p11slot, session, object); } void pkcs11::storeAttribute(pk11_attribute &attribute, CK_OBJECT_HANDLE object) { p11slot.isValid(); attribute.store(p11slot, session, object); } CK_OBJECT_HANDLE pkcs11::createObject(pk11_attlist &attrs) { CK_RV rv; CK_OBJECT_HANDLE obj; p11slot.isValid(); CALL_P11_C(p11slot.lib, C_CreateObject, session, attrs.getAttributes(), attrs.length(), &obj); if (rv != CKR_OK) { pk11error("C_CreateObject", rv); } return obj; } int pkcs11::deleteObjects(QList objects) { CK_RV rv; p11slot.isValid(); for (int i=0; i< objects.count(); i++) { CALL_P11_C(p11slot.lib, C_DestroyObject, session, objects[i]); if (rv != CKR_OK) { pk11error("C_DestroyObject", rv); } } return objects.count(); } #define ID_LEN 8 pk11_attr_data pkcs11::findUniqueID(unsigned long oclass) { pk11_attr_data id(CKA_ID); pk11_attr_ulong class_att(CKA_CLASS, oclass); while (1) { unsigned char buf[ID_LEN]; pk11_attlist atts(class_att); RAND_bytes(buf, ID_LEN); id.setValue(buf, ID_LEN); atts << id; if (objectList(atts).count() == 0) break; } return id; } pk11_attr_data pkcs11::generateKey(QString name, unsigned long mech, unsigned long bits, int nid) { #ifdef OPENSSL_NO_EC (void)nid; #endif CK_RV rv; CK_OBJECT_HANDLE pubkey, privkey, dsa_param_obj; pk11_attlist priv_atts, pub_atts, dsa_param; CK_MECHANISM mechanism = {mech, NULL_PTR, 0}; pk11_attr_data label(CKA_LABEL, name.toUtf8()); pk11_attr_data new_id = findUniqueID(CKO_PUBLIC_KEY); pub_atts << label << new_id << pk11_attr_ulong(CKA_CLASS, CKO_PUBLIC_KEY) << pk11_attr_bool(CKA_TOKEN, true) << pk11_attr_bool(CKA_PRIVATE, false) << pk11_attr_bool(CKA_ENCRYPT, true) << pk11_attr_bool(CKA_VERIFY, true) << pk11_attr_bool(CKA_WRAP, true); priv_atts << label << new_id << pk11_attr_ulong(CKA_CLASS, CKO_PRIVATE_KEY) << pk11_attr_bool(CKA_TOKEN, true) << pk11_attr_bool(CKA_PRIVATE, true) << pk11_attr_bool(CKA_SENSITIVE, true) << pk11_attr_bool(CKA_DECRYPT, true) << pk11_attr_bool(CKA_SIGN, true) << pk11_attr_bool(CKA_UNWRAP, true); QString mID = tokenInfo().manufacturerID(); switch (mech) { case CKM_RSA_PKCS_KEY_PAIR_GEN: pub_atts << pk11_attr_ulong(CKA_MODULUS_BITS, bits) << pk11_attr_data(CKA_PUBLIC_EXPONENT, 0x10001); break; case CKM_DSA_KEY_PAIR_GEN: { //DSA: Spec Page 191 (175) C_GenerateKey CK_MECHANISM mechanism = {CKM_DSA_PARAMETER_GEN, NULL_PTR, 0}; // nCipher Attributes // as on 10/26/2015 - Thales' PKCS11 provider has // issue to generate Domain Parameters bool token = true; if (mID == "nCipher Corp. Ltd") token = false; dsa_param << label << pk11_attr_ulong(CKA_CLASS, CKO_DOMAIN_PARAMETERS) << pk11_attr_ulong(CKA_KEY_TYPE, CKK_DSA) << pk11_attr_bool(CKA_TOKEN, token) << pk11_attr_bool(CKA_PRIVATE, false) << pk11_attr_ulong(CKA_PRIME_BITS, bits); p11slot.isValid(); CALL_P11_C(p11slot.lib, C_GenerateKey, session, &mechanism, dsa_param.getAttributes(), dsa_param.length(), &dsa_param_obj); if (rv != CKR_OK) pk11error("C_GenerateKey(DSA_PARAMETER)", rv); pk11_attr_data p(CKA_PRIME), q(CKA_SUBPRIME), g(CKA_BASE); loadAttribute(p, dsa_param_obj); loadAttribute(q, dsa_param_obj); loadAttribute(g, dsa_param_obj); pub_atts << p << q << g; break; } #ifndef OPENSSL_NO_EC case CKM_EC_KEY_PAIR_GEN: { CK_MECHANISM_INFO info; mechanismInfo(p11slot, CKM_EC_KEY_PAIR_GEN, &info); EC_GROUP *group = EC_GROUP_new_by_curve_name(nid); EC_GROUP_set_asn1_flag(group, info.flags & CKF_EC_NAMEDCURVE ? OPENSSL_EC_NAMED_CURVE : 0); // Workaround for "www.CardContact.de" bug if (mID == "www.CardContact.de") { EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE); } priv_atts << pk11_attr_bool(CKA_DERIVE, false); pub_atts << pk11_attr_data(CKA_EC_PARAMS, i2d_bytearray(I2D_VOID(i2d_ECPKParameters), group)); EC_GROUP_free(group); break; } #endif default: throw errorEx(("Unsupported Key generation mechanism")); } p11slot.isValid(); CALL_P11_C(p11slot.lib, C_GenerateKeyPair, session, &mechanism, pub_atts.getAttributes(), pub_atts.length(), priv_atts.getAttributes(), priv_atts.length(), &pubkey, &privkey); if (rv != CKR_OK) { pk11error("C_GenerateKeyPair", rv); } return new_id; } QList pkcs11::objectList(pk11_attlist &atts) { CK_RV rv; CK_OBJECT_HANDLE objects[256]; QList list; unsigned long len, i, att_num; CK_ATTRIBUTE *attribute; att_num = atts.get(&attribute); p11slot.isValid(); CALL_P11_C(p11slot.lib, C_FindObjectsInit, session, attribute, att_num); if (rv != CKR_OK) pk11error("C_FindObjectsInit", rv); do { CALL_P11_C(p11slot.lib, C_FindObjects, session, objects, 256, &len); if (rv != CKR_OK) pk11error("C_FindObjects", rv); for (i=0; i= 0x30000000L) static int eng_pmeth_copy(EVP_PKEY_CTX *dst, const EVP_PKEY_CTX *src) #else static int eng_pmeth_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) #endif { void *p = EVP_PKEY_CTX_get_app_data((EVP_PKEY_CTX *)src); EVP_PKEY_CTX_set_app_data(dst, p); return 1; } #ifndef LIBRESSL_VERSION_NUMBER static int rsa_privdata_free(RSA *rsa) { pkcs11 *priv = (pkcs11*)RSA_get_app_data(rsa); delete priv; return 0; } static int rsa_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA * rsa, int padding) { pkcs11 *priv = (pkcs11*)RSA_get_app_data(rsa); const BIGNUM *n = NULL; if (padding != RSA_PKCS1_PADDING) { return -1; } RSA_get0_key(rsa, &n, NULL, NULL); return priv->encrypt(flen, from, to, BN_num_bytes(n), CKM_RSA_PKCS); } static int rsa_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA * rsa, int padding) { pkcs11 *priv = (pkcs11*)RSA_get_app_data(rsa); if (padding != RSA_PKCS1_PADDING) { return -1; } return priv->decrypt(flen, from, to, flen, CKM_RSA_PKCS); } static int dsa_privdata_free(DSA *dsa) { pkcs11 *p11 = (pkcs11*)DSA_get_ex_data(dsa, 0); delete p11; return 0; } static DSA_SIG *dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa) { int len, rs_len; unsigned char rs_buf[128]; pkcs11 *p11 = (pkcs11*)DSA_get_ex_data(dsa, 0); DSA_SIG *dsa_sig = DSA_SIG_new(); BIGNUM *r, *s; // siglen is unsigned and can't cope with -1 as return value len = p11->encrypt(dlen, dgst, rs_buf, sizeof rs_buf, CKM_DSA); if (len & 0x01) // Must be even goto out; rs_len = len / 2; r = BN_bin2bn(rs_buf, rs_len, NULL); s = BN_bin2bn(rs_buf + rs_len, rs_len, NULL); DSA_SIG_set0(dsa_sig, r, s); if (r && s) return dsa_sig; out: DSA_SIG_free(dsa_sig); ign_openssl_error(); return NULL; } #ifndef OPENSSL_NO_EC static void ec_privdata_free(EC_KEY *ec) { pkcs11 *p11 = (pkcs11*)EC_KEY_get_ex_data(ec, 0); delete p11; } static int ec_sign_setup(EC_KEY *ec, BN_CTX *ctx, BIGNUM **kinvp, BIGNUM **rp) { (void) ec; (void) ctx; (void) kinvp; (void) rp; return 1; } static ECDSA_SIG *ec_do_sign(const unsigned char *dgst, int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *ec) { int len, rs_len; unsigned char rs_buf[512]; ECDSA_SIG *ec_sig = ECDSA_SIG_new(); pkcs11 *p11 = (pkcs11 *) EC_KEY_get_ex_data(ec, 0); BIGNUM *r, *s; (void) in_kinv; (void) in_r; // siglen is unsigned and can' cope with -1 as return value len = p11->encrypt(dgst_len, dgst, rs_buf, sizeof rs_buf, CKM_ECDSA); if (len & 0x01) // Must be even goto out; /* The buffer contains r and s concatenated * Both of equal size * pkcs-11v2-20.pdf chapter 12.13.1, page 232 */ rs_len = len / 2; r = BN_bin2bn(rs_buf, rs_len, NULL); s = BN_bin2bn(rs_buf + rs_len, rs_len, NULL); ECDSA_SIG_set0(ec_sig, r, s); if (r && s) return ec_sig; out: ECDSA_SIG_free(ec_sig); ign_openssl_error(); return NULL; } static int ec_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig, unsigned int *siglen, const BIGNUM *kinv, const BIGNUM *r, EC_KEY *ec) { ECDSA_SIG *ec_sig; int ret = 0; int len; (void) type; ec_sig = ec_do_sign(dgst, dlen, kinv, r, ec); if (!ec_sig) return 0; len = i2d_ECDSA_SIG(ec_sig, &sig); if (len <= 0) goto out; *siglen = len; ret = 1; out: ECDSA_SIG_free(ec_sig); ign_openssl_error(); return ret; } static EC_KEY_METHOD *setup_ec_key_meth() { EC_KEY_METHOD *ec_key_meth; int (*ec_init_proc)(EC_KEY *key); void (*ec_finish_proc)(EC_KEY *key); int (*ec_copy_proc)(EC_KEY *dest, const EC_KEY *src); int (*ec_set_group_proc)(EC_KEY *key, const EC_GROUP *grp); int (*ec_set_private_proc)(EC_KEY *key, const BIGNUM *priv_key); int (*ec_set_public_proc)(EC_KEY *key, const EC_POINT *pub_key); ec_key_meth = EC_KEY_METHOD_new(EC_KEY_get_default_method()); EC_KEY_METHOD_set_sign(ec_key_meth, ec_sign, ec_sign_setup, ec_do_sign); EC_KEY_METHOD_get_init(ec_key_meth, &ec_init_proc, &ec_finish_proc, &ec_copy_proc, &ec_set_group_proc, &ec_set_private_proc, &ec_set_public_proc); EC_KEY_METHOD_set_init(ec_key_meth, ec_init_proc, ec_privdata_free, ec_copy_proc, ec_set_group_proc, ec_set_private_proc, ec_set_public_proc); return ec_key_meth; } #endif #ifdef EVP_PKEY_ED25519 static EVP_PKEY_METHOD *p11_eddsa_method; static int eddsa_eng_meths(ENGINE *e, EVP_PKEY_METHOD **m, const int **nids, int nid) { static const int my_nids[] = {EVP_PKEY_ED25519 }; (void)e; if (m) { switch (nid) { case EVP_PKEY_ED25519: *m = p11_eddsa_method; return 1; return 0; } } if (nids) { *nids = my_nids; return ARRAY_SIZE(my_nids); } return -1; } static int eng_pmeth_sign_eddsa(EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen, const unsigned char *tbs, size_t tbslen) { int len, ret = -1; unsigned char rs_buf[64]; EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(EVP_MD_CTX_pkey_ctx(ctx)); pkcs11 *p11 = (pkcs11 *)ENGINE_get_ex_data(EVP_PKEY_get0_engine(pkey), eng_idx); *siglen = EVP_PKEY_size(pkey); if (sig == NULL) { // caller needs only size ret = 1; goto out; } // siglen is unsigned and can' cope with -1 as return value len = p11->encrypt(tbslen, tbs, rs_buf, sizeof rs_buf, CKM_EDDSA); if ((len & 0x01) || (*siglen != len)) // Must be even goto out; memcpy(sig, rs_buf, len); *siglen = len; ret = 1; out: ign_openssl_error(); return ret; } static int eng_pmeth_ctrl_eddsa(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { (void)p1; switch (type) { case EVP_PKEY_CTRL_MD: if (p2 == NULL || (const EVP_MD *)p2 == EVP_md_null()) return 1; ECerr(EC_F_PKEY_ECD_CTRL, EC_R_INVALID_DIGEST_TYPE); return 0; } qWarning() << "EC Don't call me" << type; return -2; } #endif EVP_PKEY *pkcs11::getPrivateKey(EVP_PKEY *pub, CK_OBJECT_HANDLE obj) { static RSA_METHOD *rsa_meth = NULL; static DSA_METHOD *dsa_meth = NULL; #ifndef OPENSSL_NO_EC static EC_KEY_METHOD *ec_key_meth = NULL; EC_KEY *ec; #endif #ifdef EVP_PKEY_ED25519 static ENGINE *e = NULL; if (!e) { e = ENGINE_new(); Q_CHECK_PTR(e); ENGINE_set_pkey_meths(e, eddsa_eng_meths); ENGINE_set_finish_function(e, eng_finish); if (eng_idx == -1) eng_idx = ENGINE_get_ex_new_index(0, NULL, NULL, NULL, 0); ENGINE_set_ex_data(e, eng_idx, NULL); // Why is engine attached to pubkey? I'm commenting it, as I do // not want it to be attached to RSA/DSA/EC //CRYPTO_add(&pub->references, 1, CRYPTO_LOCK_EVP_PKEY); //pub->engine = e; if (!p11_eddsa_method) { p11_eddsa_method = EVP_PKEY_meth_new(EVP_PKEY_ED25519, EVP_PKEY_FLAG_SIGCTX_CUSTOM); EVP_PKEY_meth_set_digestsign(p11_eddsa_method, eng_pmeth_sign_eddsa); EVP_PKEY_meth_set_ctrl(p11_eddsa_method, eng_pmeth_ctrl_eddsa, NULL); EVP_PKEY_meth_set_copy(p11_eddsa_method, eng_pmeth_copy); } } #endif RSA *rsa; DSA *dsa; EVP_PKEY *evp = NULL; int keytype; p11slot.isValid(); keytype = EVP_PKEY_id(pub); switch (EVP_PKEY_type(keytype)) { case EVP_PKEY_RSA: rsa = RSAPublicKey_dup(EVP_PKEY_get0_RSA(pub)); openssl_error(); if (!rsa_meth) { rsa_meth = RSA_meth_dup(RSA_get_default_method()); RSA_meth_set_priv_enc(rsa_meth, rsa_encrypt); RSA_meth_set_priv_dec(rsa_meth, rsa_decrypt); RSA_meth_set_finish(rsa_meth, rsa_privdata_free); } p11obj = obj; RSA_set_method(rsa, rsa_meth); RSA_set_app_data(rsa, this); evp = EVP_PKEY_new(); openssl_error(); EVP_PKEY_assign_RSA(evp, rsa); break; case EVP_PKEY_DSA: dsa = DSAparams_dup(EVP_PKEY_get0_DSA(pub)); openssl_error(); if (!dsa_meth) { dsa_meth = DSA_meth_dup(DSA_get_default_method()); DSA_meth_set_sign(dsa_meth, dsa_sign); DSA_meth_set_finish(dsa_meth, dsa_privdata_free); } p11obj = obj; DSA_set_method(dsa, dsa_meth); DSA_set_ex_data(dsa, 0, this); evp = EVP_PKEY_new(); openssl_error(); EVP_PKEY_assign_DSA(evp, dsa); break; #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: ec = EC_KEY_dup(EVP_PKEY_get0_EC_KEY(pub)); openssl_error(); if (!ec_key_meth) { ec_key_meth = setup_ec_key_meth(); } p11obj = obj; EC_KEY_set_method(ec, ec_key_meth); EC_KEY_set_ex_data(ec, 0, this); evp = EVP_PKEY_new(); openssl_error(); EVP_PKEY_assign_EC_KEY(evp, ec); break; #endif #ifdef EVP_PKEY_ED25519 case EVP_PKEY_ED25519: size_t len; if (ENGINE_get_ex_data(e, eng_idx)) qWarning() << "We forgot to free the previous Card key."; ENGINE_set_ex_data(e, eng_idx, this); p11obj = obj; EVP_PKEY_get_raw_public_key(pub, NULL, &len); unsigned char *pubkey = (unsigned char *)OPENSSL_malloc(len); Q_CHECK_PTR(pubkey); EVP_PKEY_get_raw_public_key(pub, pubkey, &len); evp = EVP_PKEY_new_raw_public_key(EVP_PKEY_ED25519, e, pubkey, len); openssl_error(); OPENSSL_free(pubkey); //EVP_PKEY_set1_engine(evp, e); break; #endif } return evp; } #else static EVP_PKEY_METHOD *p11_rsa_method; static EVP_PKEY_METHOD *p11_dsa_method; #ifndef OPENSSL_NO_EC static EVP_PKEY_METHOD *p11_ec_method; #endif static int eng_pmeth_ctrl_rsa(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { switch (type) { case EVP_PKEY_CTRL_RSA_PADDING: return p1 == RSA_PKCS1_PADDING ? 1 : -2; #ifndef OPENSSL_NO_EC case EVP_PKEY_CTRL_GET_RSA_PADDING: *(int *)p2 = RSA_PKCS1_PADDING; return 1; #endif case EVP_PKEY_CTRL_MD: EVP_PKEY_CTX_set_data(ctx, p2); return 1; case EVP_PKEY_CTRL_DIGESTINIT: return 1; } return -2; } static int eng_pmeth_ctrl_dsa(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { (void)p1; switch (type) { case EVP_PKEY_CTRL_MD: EVP_PKEY_CTX_set_data(ctx, NULL); switch (EVP_MD_type((const EVP_MD *)p2)) { case NID_sha1: case NID_sha256: EVP_PKEY_CTX_set_data(ctx, p2); return 1; } EVP_PKEY_CTX_set_data(ctx, p2); return 0; case EVP_PKEY_CTRL_DIGESTINIT: return 1; } return -2; } #ifndef OPENSSL_NO_EC static int eng_pmeth_ctrl_ec(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { (void)p1; switch (type) { case EVP_PKEY_CTRL_MD: EVP_PKEY_CTX_set_data(ctx, NULL); switch (EVP_MD_type((const EVP_MD *)p2)) { case NID_ecdsa_with_SHA1: qDebug() << __func__ << "NID_ecdsa_with_SHA1 unexpected"; /* fallthrough */ case NID_sha1: case NID_sha224: case NID_sha256: case NID_sha384: case NID_sha512: EVP_PKEY_CTX_set_data(ctx, p2); return 1; } return 0; case EVP_PKEY_CTRL_DIGESTINIT: return 1; } qWarning() << "EC Don't call me" << type; return -2; } #endif static unsigned char *create_x509_sig(EVP_PKEY_CTX *ctx, const unsigned char *m, size_t m_len, unsigned int *x509_siglen) { X509_SIG sig; ASN1_TYPE parameter; X509_ALGOR algor; ASN1_OCTET_STRING digest; EVP_MD *md = (EVP_MD *)EVP_PKEY_CTX_get_data(ctx); int i; unsigned char *p, *tmps; *x509_siglen = 0; sig.algor = &algor; sig.algor->algorithm = OBJ_nid2obj(EVP_MD_type(md)); if (!sig.algor->algorithm) return NULL; if (sig.algor->algorithm->length == 0) return NULL; parameter.type=V_ASN1_NULL; parameter.value.ptr = NULL; sig.algor->parameter= ¶meter; sig.digest = &digest; sig.digest->data = (unsigned char *)m; sig.digest->length = (unsigned int)m_len; i = i2d_X509_SIG(&sig, NULL); if (i <= 0) return NULL; p = tmps = (unsigned char *)malloc(i); Q_CHECK_PTR(tmps); if (i2d_X509_SIG(&sig, &p) <= 0) { free(tmps); return NULL; } *x509_siglen = i; return tmps; } static int eng_pmeth_sign_rsa(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, const unsigned char *tbs, size_t tbslen) { EVP_PKEY *pkey; unsigned int x509_len; unsigned char *sigbuf; int len; sigbuf = create_x509_sig(ctx, tbs, tbslen, &x509_len); pkey = EVP_PKEY_CTX_get0_pkey(ctx); if (EVP_PKEY_type(pkey->type) != EVP_PKEY_RSA) return -1; if ((int)x509_len > (RSA_size(pkey->pkey.rsa) - RSA_PKCS1_PADDING_SIZE)) return -1; pkcs11 *p11 = (pkcs11 *)ENGINE_get_ex_data(pkey->engine, eng_idx); // siglen is unsigned and can't cope with -1 as return value len = p11->encrypt(x509_len, sigbuf, sig, *siglen, CKM_RSA_PKCS); *siglen = len; free(sigbuf); return (len < 0) ? -1 : 1; } static int eng_pmeth_sign_dsa(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, const unsigned char *tbs, size_t tbslen) { EVP_PKEY *pkey; int len, rs_len, ret = -1; unsigned char rs_buf[128]; DSA_SIG *dsa_sig = DSA_SIG_new(); pkey = EVP_PKEY_CTX_get0_pkey(ctx); if (EVP_PKEY_type(pkey->type) != EVP_PKEY_DSA) return -1; pkcs11 *p11 = (pkcs11 *)ENGINE_get_ex_data(pkey->engine, eng_idx); // siglen is unsigned and can't cope with -1 as return value len = p11->encrypt(tbslen, tbs, rs_buf, sizeof rs_buf, CKM_DSA); if (len & 0x01) // Must be even goto out; rs_len = len/2; dsa_sig->r = BN_bin2bn(rs_buf, rs_len, NULL); dsa_sig->s = BN_bin2bn(rs_buf + rs_len, rs_len, NULL); if (!dsa_sig->s || !dsa_sig->r) goto out; len = i2d_DSA_SIG(dsa_sig, &sig); openssl_error(); if (len <= 0) goto out; *siglen = len; ret = 1; out: DSA_SIG_free(dsa_sig); ign_openssl_error(); return ret; } #ifndef OPENSSL_NO_EC static int eng_pmeth_sign_ec(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, const unsigned char *tbs, size_t tbslen) { int len, rs_len, ret = -1; unsigned char rs_buf[512]; ECDSA_SIG *ec_sig = ECDSA_SIG_new(); EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx); pkcs11 *p11 = (pkcs11 *)ENGINE_get_ex_data(pkey->engine, eng_idx); // siglen is unsigned and can' cope with -1 as return value len = p11->encrypt(tbslen, tbs, rs_buf, sizeof rs_buf, CKM_ECDSA); if (len & 0x01) // Must be even goto out; /* The buffer contains r and s concatenated * Both of equal size * pkcs-11v2-20.pdf chapter 12.13.1, page 232 */ rs_len = len/2; if (!BN_bin2bn(rs_buf, rs_len, ec_sig->r)) goto out; if (!BN_bin2bn(rs_buf + rs_len, rs_len, ec_sig->s)) goto out; len = i2d_ECDSA_SIG(ec_sig, &sig); if (len <= 0) goto out; *siglen = len; ret = 1; out: ECDSA_SIG_free(ec_sig); ign_openssl_error(); return ret; } #endif static int eng_meths(ENGINE *e, EVP_PKEY_METHOD **m, const int **nids, int nid) { static const int my_nids[] = { EVP_PKEY_EC, EVP_PKEY_RSA }; (void)e; if (m) { switch (nid) { #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: *m = p11_ec_method; return 1; #endif case EVP_PKEY_RSA: *m = p11_rsa_method; return 1; case EVP_PKEY_DSA: *m = p11_dsa_method; return 1; } return 0; } if (nids) { *nids = my_nids; return ARRAY_SIZE(my_nids); } return -1; } EVP_PKEY *pkcs11::getPrivateKey(EVP_PKEY *pub, CK_OBJECT_HANDLE obj) { static ENGINE *e = NULL; if (!e) { e = ENGINE_new(); Q_CHECK_PTR(e); ENGINE_set_pkey_meths(e, eng_meths); ENGINE_set_finish_function(e, eng_finish); if (eng_idx == -1) eng_idx = ENGINE_get_ex_new_index(0, NULL, NULL, NULL, 0); ENGINE_set_ex_data(e, eng_idx, NULL); CRYPTO_add(&pub->references, 1, CRYPTO_LOCK_EVP_PKEY); pub->engine = e; if (!p11_rsa_method) { p11_rsa_method = EVP_PKEY_meth_new(EVP_PKEY_RSA, 0); EVP_PKEY_meth_set_sign(p11_rsa_method, NULL, eng_pmeth_sign_rsa); EVP_PKEY_meth_set_ctrl(p11_rsa_method, eng_pmeth_ctrl_rsa, NULL); EVP_PKEY_meth_set_copy(p11_rsa_method, eng_pmeth_copy); } if (!p11_dsa_method) { p11_dsa_method = EVP_PKEY_meth_new(EVP_PKEY_RSA, 0); EVP_PKEY_meth_set_sign(p11_dsa_method, NULL, eng_pmeth_sign_dsa); EVP_PKEY_meth_set_ctrl(p11_dsa_method, eng_pmeth_ctrl_dsa, NULL); EVP_PKEY_meth_set_copy(p11_dsa_method, eng_pmeth_copy); } #ifndef OPENSSL_NO_EC if (!p11_ec_method) { p11_ec_method = EVP_PKEY_meth_new(EVP_PKEY_EC, 0); EVP_PKEY_meth_set_sign(p11_ec_method, NULL, eng_pmeth_sign_ec); EVP_PKEY_meth_set_ctrl(p11_ec_method, eng_pmeth_ctrl_ec, NULL); EVP_PKEY_meth_set_copy(p11_ec_method, eng_pmeth_copy); } #endif } if (ENGINE_get_ex_data(e, eng_idx)) qWarning() << "Christian forgot to free the previous Card key. Blame him"; ENGINE_set_ex_data(e, eng_idx, this); p11obj = obj; switch (EVP_PKEY_type(pub->type)) { case EVP_PKEY_RSA: case EVP_PKEY_DSA: #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: #endif /* The private key is a copy of the public * key with an engine attached */ QByteArray ba = i2d_bytearray(I2D_VOID(i2d_PUBKEY), pub); EVP_PKEY *priv = (EVP_PKEY*)d2i_bytearray(D2I_VOID(d2i_PUBKEY), ba); ENGINE_init(e); priv->engine = e; return priv; } return NULL; } #endif xca-RELEASE.2.5.0/lib/pkcs11.h000066400000000000000000000105071450407711300153760ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2009 - 2011 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __XCA_PKCS11_H #define __XCA_PKCS11_H #include "pkcs11_lib.h" #include "opensc-pkcs11.h" #include #include #include #include "pk11_attribute.h" #include "func.h" void waitcursor(int start, int line); #define WAITCURSOR_START waitcursor(1, __LINE__); #define WAITCURSOR_END waitcursor(0, __LINE__); extern char segv_data[1024]; #define CALL_P11_C(l, func, ...) do { \ snprintf(segv_data, sizeof segv_data, "Crashed in %s in %s from %s:%d\n" \ "This looks like a bug in the PKC#11 library and not in XCA\n", \ #func, CCHAR((l)->filename()), __func__, __LINE__); \ if (IS_GUI_APP) \ QApplication::setOverrideCursor(QCursor(Qt::WaitCursor)); \ rv = l->ptr()->func(__VA_ARGS__); \ segv_data[0] = 0; \ if (IS_GUI_APP) \ QApplication::restoreOverrideCursor(); \ ign_openssl_error(); \ } while(0); class tkInfo { private: CK_TOKEN_INFO token_info; public: tkInfo() { memset(&token_info, 0, sizeof token_info); } tkInfo(const CK_TOKEN_INFO *ti) { set(ti); } tkInfo(const tkInfo &tk) { set(&tk.token_info); } void set(const CK_TOKEN_INFO *ti) { memcpy(&token_info, ti, sizeof(token_info)); // sanitize strings for (int i=0; i<32; i++) { if (token_info.label[i] == 0) token_info.label[i] = ' '; if (token_info.manufacturerID[i] == 0) token_info.manufacturerID[i] = ' '; } for (int i=0; i<16; i++) { if (token_info.model[i] == 0) token_info.model[i] = ' '; if (token_info.serialNumber[i] == 0) token_info.serialNumber[i] = ' '; } } QString label() const { return UTF8QSTRING(token_info.label, 32); } QString manufacturerID() const { return UTF8QSTRING(token_info.manufacturerID, 32); } QString model() const { return UTF8QSTRING(token_info.model, 16); } QString serial() const { return ASCIIQSTRING(token_info.serialNumber, 16); } bool protAuthPath() const { return !!(token_info.flags & CKF_PROTECTED_AUTHENTICATION_PATH); } bool tokenInitialized() const { return !!(token_info.flags & CKF_TOKEN_INITIALIZED); } QString pinInfo() const { return QObject::tr("Required PIN size: %1 - %2"). arg(token_info.ulMinPinLen). arg(token_info.ulMaxPinLen); } }; class pkcs11 { friend class pk11_attribute; friend class pk11_attr_ulong; friend class pk11_attr_data; private: slotid p11slot; CK_SESSION_HANDLE session; CK_OBJECT_HANDLE p11obj; public: static pkcs11_lib_list libraries; pkcs11(); ~pkcs11(); CK_RV tokenInfo(const slotid &slot, tkInfo *tkinfo); tkInfo tokenInfo(const slotid &slot); tkInfo tokenInfo() { return tokenInfo(p11slot); } QString driverInfo(const slotid &slot) const { return slot.lib->driverInfo(); } static slotidList getSlotList() { return libraries.getSlotList(); } bool selectToken(slotid *slot, QWidget *w); void changePin(const slotid &slot, bool so); void initPin(const slotid &slot); void initToken(const slotid &slot, unsigned char *pin, int pinlen, QString label); QList mechanismList(const slotid &slot); void mechanismInfo(const slotid &slot, CK_MECHANISM_TYPE m, CK_MECHANISM_INFO *info); void startSession(const slotid &slot, bool rw = false); /* Session based functions */ void loadAttribute(pk11_attribute &attribute, CK_OBJECT_HANDLE object); void storeAttribute(pk11_attribute &attribute, CK_OBJECT_HANDLE object); QList objectList(pk11_attlist &atts); QString tokenLogin(QString name, bool so, bool force=false); void getRandom(); void logout(); bool needsLogin(bool so); void login(unsigned char *pin, unsigned long pinlen, bool so); void setPin(unsigned char *oldPin, unsigned long oldPinLen, unsigned char *pin, unsigned long pinLen); CK_OBJECT_HANDLE createObject(pk11_attlist &attrs); pk11_attr_data findUniqueID(unsigned long oclass); pk11_attr_data generateKey(QString name, unsigned long ec_rsa_mech, unsigned long bits, int nid); int deleteObjects(QList objects); EVP_PKEY *getPrivateKey(EVP_PKEY *pub, CK_OBJECT_HANDLE obj); int encrypt(int flen, const unsigned char *from, unsigned char *to, int tolen, unsigned long m); int decrypt(int flen, const unsigned char *from, unsigned char *to, int tolen, unsigned long m); }; #endif xca-RELEASE.2.5.0/lib/pkcs11_lib.cpp000066400000000000000000000275321450407711300165650ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2009 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #include "pkcs11.h" #include "pk11_attribute.h" #include "exception.h" #include "db_base.h" #include "func.h" #include "pass_info.h" #include #include #include "ui_SelectToken.h" pkcs11_lib::pkcs11_lib(const QString &f) { CK_RV (*c_get_function_list)(CK_FUNCTION_LIST_PTR_PTR); CK_RV rv; file = name2File(f, &enabled); p11 = NULL; if (!enabled) return; try { /* PKCS11 libs without path should be looked up locally */ QString realfile = file; if (!realfile.contains("/") && !realfile.isEmpty()) realfile.prepend("./"); setFileName(realfile); if (!load()) throw errorEx(tr("Failed to open PKCS11 library: %1: %2").arg(file).arg(errorString())); /* Get the list of function pointers */ c_get_function_list = (CK_RV (*)(CK_FUNCTION_LIST_PTR_PTR)) resolve("C_GetFunctionList"); if (!c_get_function_list) throw errorEx(tr("This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found.")); qDebug() << "Trying to load PKCS#11 provider" << file; rv = c_get_function_list(&p11); if (rv != CKR_OK) pk11error("C_GetFunctionList", rv); CALL_P11_C(this, C_Initialize, NULL); if (rv != CKR_OK && rv != CKR_CRYPTOKI_ALREADY_INITIALIZED) pk11error("C_Initialize", rv); qDebug() << "Successfully loaded PKCS#11 provider" << file; } catch (errorEx &err) { load_error = err.getString(); WAITCURSOR_END; if (p11) p11 = NULL; unload(); qDebug() << "Failed to load PKCS#11 provider" << file; } } pkcs11_lib::~pkcs11_lib() { CK_RV rv; (void)rv; if (!isLoaded()) return; qDebug() << "Unloading PKCS#11 provider" << file; CALL_P11_C(this, C_Finalize, NULL); unload(); qDebug() << "Unloaded PKCS#11 provider" << file; } QList pkcs11_lib::getSlotList() { CK_RV rv; CK_SLOT_ID *p11_slots = NULL; QList sl; unsigned long i, num_slots = 0; if (!isLoaded()) return sl; /* This one helps to avoid errors. * Fist time it fails, 2nd time it works */ CALL_P11_C(this, C_GetSlotList, CK_TRUE, p11_slots, &num_slots); while (1) { CALL_P11_C(this, C_GetSlotList, CK_TRUE, p11_slots, &num_slots); if (rv != CKR_OK && rv != CKR_BUFFER_TOO_SMALL) pk11error("C_GetSlotList", rv); if (num_slots == 0) break; if ((rv == CKR_OK) && p11_slots) break; p11_slots = (CK_SLOT_ID *)realloc(p11_slots, num_slots *sizeof(CK_SLOT_ID)); Q_CHECK_PTR(p11_slots); } for (i=0; iisLib(fname)) continue; if (model_data.contains(i)) return l; idx = i; break; } if (idx == -1) { pkcs11_lib *l = new pkcs11_lib(fname); idx = libs.size(); libs << l; } beginInsertRows(QModelIndex(), model_data.size(), model_data.size()); model_data << idx; endInsertRows(); return l; } void pkcs11_lib_list::load(const QString &list) { beginResetModel(); QString orig = getPkcs11Provider(); QList newlist; foreach(QString name, list.split('\n')) { pkcs11_lib *newitem = NULL; name = name.trimmed(); if (name.isEmpty()) continue; for (int i = 0; i < libs.size(); i++) { if (name == libs[i]->toData()) { newitem = libs.takeAt(i); break; } } if (!newitem) { newitem = new pkcs11_lib(name); } newlist << newitem; } qDeleteAll(libs); libs = newlist; model_data.clear(); for (int i = 0; i < libs.size(); i++) model_data << i; endResetModel(); qDebug() << "Libs reloaded from" << orig << "to" << getPkcs11Provider(); } slotidList pkcs11_lib_list::getSlotList() const { slotidList list; QString ex; bool success = false; foreach(pkcs11_lib *l, libs) { if (!l->isLoaded()) continue; try { QList realids; realids = l->getSlotList(); foreach(int id, realids) list << slotid(l, id); success = true; } catch (errorEx &e) { ex = e.getString(); } } if (success || ex.isEmpty()) return list; throw errorEx(ex); } QString pkcs11_lib_list::getPkcs11Provider() const { QStringList prov; foreach(int i, model_data) prov << libs[i]->toData(); return prov.size() == 0 ? QString() : prov.join("\n"); } void pkcs11_lib_list::remove_libs() { if (libs.isEmpty() == 0) return; beginRemoveRows(QModelIndex(), 0, libs.size() -1); qDeleteAll(libs); libs.clear(); model_data.clear(); endRemoveRows(); } bool pkcs11_lib_list::loaded() const { foreach(pkcs11_lib *l, libs) if (l->isLoaded()) return true; return false; } int pkcs11_lib_list::rowCount(const QModelIndex &) const { return model_data.size(); } pkcs11_lib *pkcs11_lib_list::libByModelIndex(const QModelIndex &index) const { if (!index.isValid()) return NULL; int idx = model_data[index.row()]; return (idx >= 0 && idx < libs.size()) ? libs[idx] : NULL; } QVariant pkcs11_lib_list::data(const QModelIndex &index, int role) const { pkcs11_lib *l = libByModelIndex(index); if (!l) return QVariant(); QString pixmap; switch (role) { case Qt::DisplayRole: return QVariant(nativeSeparator(l->filename())); case Qt::DecorationRole: pixmap = l->pixmap(); if (pixmap.isEmpty()) { QPixmap p(QSize(20, 20)); p.fill(Qt::transparent); return QVariant(p); } return QVariant(QPixmap(pixmap)); case Qt::ToolTipRole: return QVariant(l->driverInfo().trimmed()); case Qt::CheckStateRole: return l->checked(); } return QVariant(); } QMap pkcs11_lib_list::itemData(const QModelIndex &index) const { QMap map; if (index.isValid()) map[Qt::UserRole] = QVariant(model_data[index.row()]); return map; } bool pkcs11_lib_list::setItemData(const QModelIndex &index, const QMap &roles) { if (index.isValid() && roles[Qt::UserRole].isValid()) { model_data[index.row()] = roles[Qt::UserRole].toInt(); return true; } return false; } bool pkcs11_lib_list::setData(const QModelIndex &index, const QVariant &value, int role) { pkcs11_lib *l = libByModelIndex(index); if (!l || role != Qt::CheckStateRole) return false; if (value == l->checked()) { /* No changes */ return true; } QString file = l->toData(value == Qt::Checked); delete l; int idx = model_data[index.row()]; libs[idx] = new pkcs11_lib(file); emit dataChanged(index, index); return true; } Qt::ItemFlags pkcs11_lib_list::flags(const QModelIndex & index) const { if (index.isValid()) return Qt::ItemIsEnabled | Qt::ItemIsSelectable | Qt::ItemIsDragEnabled | Qt::ItemIsUserCheckable; return QAbstractListModel::flags(index) | Qt::ItemIsDropEnabled; } Qt::DropActions pkcs11_lib_list::supportedDropActions() const { return Qt::MoveAction; } bool pkcs11_lib_list::removeRows(int row, int count, const QModelIndex &parent) { if (parent.isValid() || row < 0 || count == 0 || row + count > model_data.size()) return false; beginRemoveRows(parent, row, row + count - 1); while (count-- > 0 && row < model_data.size()) model_data.removeAt(row); endRemoveRows(); return true; } bool pkcs11_lib_list::insertRows(int row, int count, const QModelIndex &parent) { if (parent.isValid() || row < 0 || count == 0) return false; beginInsertRows(parent, row, row +count -1); for (int i = 0; i < count; i++) model_data.insert(row +i, 0); endInsertRows(); return true; } const char *pk11errorString(unsigned long rv) { #define PK11_ERR(x) case x : return #x; switch (rv) { PK11_ERR(CKR_OK) PK11_ERR(CKR_CANCEL) PK11_ERR(CKR_HOST_MEMORY) PK11_ERR(CKR_SLOT_ID_INVALID) PK11_ERR(CKR_GENERAL_ERROR) PK11_ERR(CKR_FUNCTION_FAILED) PK11_ERR(CKR_ARGUMENTS_BAD) PK11_ERR(CKR_NO_EVENT) PK11_ERR(CKR_NEED_TO_CREATE_THREADS) PK11_ERR(CKR_CANT_LOCK) PK11_ERR(CKR_ATTRIBUTE_READ_ONLY) PK11_ERR(CKR_ATTRIBUTE_SENSITIVE) PK11_ERR(CKR_ATTRIBUTE_TYPE_INVALID) PK11_ERR(CKR_ATTRIBUTE_VALUE_INVALID) PK11_ERR(CKR_DATA_INVALID) PK11_ERR(CKR_DATA_LEN_RANGE) PK11_ERR(CKR_DEVICE_ERROR) PK11_ERR(CKR_DEVICE_MEMORY) PK11_ERR(CKR_DEVICE_REMOVED) PK11_ERR(CKR_ENCRYPTED_DATA_INVALID) PK11_ERR(CKR_ENCRYPTED_DATA_LEN_RANGE) PK11_ERR(CKR_FUNCTION_CANCELED) PK11_ERR(CKR_FUNCTION_NOT_PARALLEL) PK11_ERR(CKR_FUNCTION_NOT_SUPPORTED) PK11_ERR(CKR_KEY_HANDLE_INVALID) PK11_ERR(CKR_KEY_SIZE_RANGE) PK11_ERR(CKR_KEY_TYPE_INCONSISTENT) PK11_ERR(CKR_KEY_NOT_NEEDED) PK11_ERR(CKR_KEY_CHANGED) PK11_ERR(CKR_KEY_NEEDED) PK11_ERR(CKR_KEY_INDIGESTIBLE) PK11_ERR(CKR_KEY_FUNCTION_NOT_PERMITTED) PK11_ERR(CKR_KEY_NOT_WRAPPABLE) PK11_ERR(CKR_KEY_UNEXTRACTABLE) PK11_ERR(CKR_MECHANISM_INVALID) PK11_ERR(CKR_MECHANISM_PARAM_INVALID) PK11_ERR(CKR_OBJECT_HANDLE_INVALID) PK11_ERR(CKR_OPERATION_ACTIVE) PK11_ERR(CKR_OPERATION_NOT_INITIALIZED) PK11_ERR(CKR_PIN_INCORRECT) PK11_ERR(CKR_PIN_INVALID) PK11_ERR(CKR_PIN_LEN_RANGE) PK11_ERR(CKR_PIN_EXPIRED) PK11_ERR(CKR_PIN_LOCKED) PK11_ERR(CKR_SESSION_CLOSED) PK11_ERR(CKR_SESSION_COUNT) PK11_ERR(CKR_SESSION_HANDLE_INVALID) PK11_ERR(CKR_SESSION_PARALLEL_NOT_SUPPORTED) PK11_ERR(CKR_SESSION_READ_ONLY) PK11_ERR(CKR_SESSION_EXISTS) PK11_ERR(CKR_SESSION_READ_ONLY_EXISTS) PK11_ERR(CKR_SESSION_READ_WRITE_SO_EXISTS) PK11_ERR(CKR_SIGNATURE_INVALID) PK11_ERR(CKR_SIGNATURE_LEN_RANGE) PK11_ERR(CKR_TEMPLATE_INCOMPLETE) PK11_ERR(CKR_TEMPLATE_INCONSISTENT) PK11_ERR(CKR_TOKEN_NOT_PRESENT) PK11_ERR(CKR_TOKEN_NOT_RECOGNIZED) PK11_ERR(CKR_TOKEN_WRITE_PROTECTED) PK11_ERR(CKR_UNWRAPPING_KEY_HANDLE_INVALID) PK11_ERR(CKR_UNWRAPPING_KEY_SIZE_RANGE) PK11_ERR(CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT) PK11_ERR(CKR_USER_ALREADY_LOGGED_IN) PK11_ERR(CKR_USER_NOT_LOGGED_IN) PK11_ERR(CKR_USER_PIN_NOT_INITIALIZED) PK11_ERR(CKR_USER_TYPE_INVALID) PK11_ERR(CKR_USER_ANOTHER_ALREADY_LOGGED_IN) PK11_ERR(CKR_USER_TOO_MANY_TYPES) PK11_ERR(CKR_WRAPPED_KEY_INVALID) PK11_ERR(CKR_WRAPPED_KEY_LEN_RANGE) PK11_ERR(CKR_WRAPPING_KEY_HANDLE_INVALID) PK11_ERR(CKR_WRAPPING_KEY_SIZE_RANGE) PK11_ERR(CKR_WRAPPING_KEY_TYPE_INCONSISTENT) PK11_ERR(CKR_RANDOM_SEED_NOT_SUPPORTED) PK11_ERR(CKR_RANDOM_NO_RNG) PK11_ERR(CKR_DOMAIN_PARAMS_INVALID) PK11_ERR(CKR_BUFFER_TOO_SMALL) PK11_ERR(CKR_SAVED_STATE_INVALID) PK11_ERR(CKR_INFORMATION_SENSITIVE) PK11_ERR(CKR_STATE_UNSAVEABLE) PK11_ERR(CKR_CRYPTOKI_NOT_INITIALIZED) PK11_ERR(CKR_CRYPTOKI_ALREADY_INITIALIZED) PK11_ERR(CKR_MUTEX_BAD) PK11_ERR(CKR_MUTEX_NOT_LOCKED) PK11_ERR(CKR_VENDOR_DEFINED) } return "unknown PKCS11 error"; } void pk11error(const QString &func, int rv) { WAITCURSOR_END errorEx err(QObject::tr("PKCS#11 function '%1' failed: %2").arg(func). arg(pk11errorString(rv))); throw err; } void pk11error(const slotid &slot, const QString &func, int rv) { WAITCURSOR_END errorEx err(QObject::tr("PKCS#11 function '%1' failed: %2\nIn library %3\n%4"). arg(func).arg(pk11errorString(rv)).arg(slot.lib->filename()). arg(slot.lib->driverInfo())); throw err; } xca-RELEASE.2.5.0/lib/pkcs11_lib.h000066400000000000000000000053761450407711300162340ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2009 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __XCA_PKCS11_LIB_H #define __XCA_PKCS11_LIB_H #include "lib/exception.h" #include "opensc-pkcs11.h" #include #include #include #include #include class pkcs11_lib : public QLibrary { Q_OBJECT private: CK_FUNCTION_LIST *p11; QString file, load_error; bool enabled; public: static QString name2File(const QString &name, bool *enabled = NULL); pkcs11_lib(const QString &file); ~pkcs11_lib(); QList getSlotList(); QString driverInfo() const; QString filename() const { return file; } CK_FUNCTION_LIST *ptr() const { return p11; } bool isLoaded() const { return p11 != NULL; } enum Qt::CheckState checked() const { return enabled ? Qt::Checked : Qt::Unchecked; } bool isLib(const QString &name) const { return name2File(name) == file; } QString toData(int enabled) const { return QString("%1:%2").arg(enabled).arg(file); } QString toData() const { return toData(enabled); } QString pixmap() const { if (!enabled) return QString(); return isLoaded() ? ":doneIco" : ":warnIco"; } }; class slotid { public: CK_ULONG id; pkcs11_lib *lib; slotid() = default; slotid(pkcs11_lib *l, CK_ULONG i) { lib = l; id = i; } void isValid() const { if (!lib) throw errorEx("InternalError: slotid is invalid"); } CK_FUNCTION_LIST *p11() const { return lib->ptr(); } }; typedef QList slotidList; class pkcs11_lib_list: public QAbstractListModel { QList libs; QList model_data; public: pkcs11_lib *add_lib(const QString &fname); void load(const QString &list); slotidList getSlotList() const; QString getPkcs11Provider() const; void remove_libs(); bool loaded() const; /* Helper for QAbstractListModel */ pkcs11_lib *libByModelIndex(const QModelIndex &index) const; /* Reimplementation from QAbstractListModel */ int rowCount(const QModelIndex &parent = QModelIndex()) const; QVariant data(const QModelIndex &index, int role = Qt::DisplayRole) const; bool setData(const QModelIndex &index, const QVariant &value, int role); QMap itemData(const QModelIndex &index) const; bool setItemData(const QModelIndex &index, const QMap &roles); Qt::ItemFlags flags(const QModelIndex& index) const; Qt::DropActions supportedDropActions() const; bool removeRows(int row, int count, const QModelIndex &p = QModelIndex()); bool insertRows(int row, int count, const QModelIndex &p = QModelIndex()); }; void pk11error(const QString &fmt, int r); void pk11error(const slotid &slot, const QString &func, int rv); const char *pk11errorString(unsigned long rv); #endif xca-RELEASE.2.5.0/lib/pki_base.cpp000066400000000000000000000264731450407711300164150ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "func.h" #include "xfile.h" #include "pki_base.h" #include "exception.h" #include "XcaWarningCore.h" #include #include #include #include pki_lookup Store; QRegularExpression pki_base::limitPattern; bool pki_base::pem_comment; QList pki_base::allitems; QBrush pki_base::red, pki_base::cyan, pki_base::yellow; pki_base::pki_base(const QString &name, pki_base *p) { desc = name; parent = nullptr; childItems.clear(); pkiType=none; pkiSource=unknown; allitems << this; iamvisible = 1; qDebug() << "NEW pki_base::count" << allitems.count(); } pki_base::pki_base(const pki_base *p) { desc = p->desc; parent = nullptr; childItems.clear(); pkiType = p->pkiType; pkiSource = p->pkiSource; allitems << this; iamvisible = 1; qDebug() << "COPY pki_base::count" << allitems.count(); p->inheritFilename(this); } pki_base::~pki_base(void) { if (!allitems.removeOne(this)) qDebug() << "DEL" << getIntName() << "NOT FOUND"; qDebug() << "DEL pki_base::count" << allitems.count(); } QString pki_base::comboText() const { return desc; } void pki_base::autoIntName(const QString &file) { setIntName(rmslashdot(file)); } void pki_base::deleteFromToken() { } void pki_base::deleteFromToken(const slotid &) { } void pki_base::writeDefault(const QString&) const { } void pki_base::fromPEM_BIO(BIO *, const QString &) { } void pki_base::fload(const QString &) { } int pki_base::renameOnToken(const slotid &, const QString &) { return 0; } QString pki_base::getUnderlinedName() const { QString name = getIntName(); QRegularExpression rx("^(CON|PRN|AUX|NUL|COM[1-9]|LPT[1-9])$"); if (rx.match(name).hasMatch()) name += "_"; return name.replace(QRegularExpression("[ $&;`/\\\\<>:\"/\\|?*]+"), "_"); } bool pki_base::visible() const { return getIntName().contains(limitPattern) || comment.contains(limitPattern); } QByteArray pki_base::PEM_comment() const { if (!pem_comment) return QByteArray(); return QString("XCA internal name: %1\n%2\n") .arg(getIntName()).arg(getComment()).toUtf8(); } void pki_base::clear() { childItems.clear(); } bool pki_base::childVisible() const { foreach(pki_base *child, childItems) if (child->isVisible()) return true; return false; } int pki_base::isVisible() { qDebug() << limitPattern << lastPattern; if (limitPattern.pattern().isEmpty()) iamvisible = 1; else if (limitPattern != lastPattern) { lastPattern = limitPattern; iamvisible = visible() ? 1 : childVisible() ? 2 : 0; } return iamvisible; } QString pki_base::getMsg(msg_type msg) const { return tr("Internal error: Unexpected message: %1 %2") .arg(getClassName()).arg(msg); } QByteArray pki_base::i2d() const { return QByteArray(); } bool pki_base::pem(BioByteArray &) { return false; } const char *pki_base::getClassName() const { return typeid(*this).name(); } void pki_base::my_error(const QString &error) const { if (!error.isEmpty()) { qCritical() << "Error:" << error; throw errorEx(error, getClassName()); } } void pki_base::fromPEMbyteArray(const QByteArray &ba, const QString &name) { fromPEM_BIO(BioByteArray(ba).ro(), name); autoIntName(name); setFilename(name); } QString pki_base::rmslashdot(const QString &s) { QByteArray a = s.toLatin1().replace("\\", "/"); int r = a.lastIndexOf('.'); int l = a.lastIndexOf('/'); return s.mid(l+1,r-l-1); } QSqlError pki_base::insertSql() { XSqlQuery q; QString insert; QSqlError e; insertion_date.now(); SQL_PREPARE(q, "SELECT MAX(id) +1 from items"); q.exec(); if (q.first()) sqlItemId = q.value(0); if (sqlItemId.toULongLong() == 0) sqlItemId = 1; SQL_PREPARE(q, "INSERT INTO items " "(id, name, type, date, source, comment) " "VALUES (?, ?, ?, ?, ?, ?)"); q.bindValue(0, sqlItemId); q.bindValue(1, getIntName()); q.bindValue(2, getType()); q.bindValue(3, insertion_date.toPlain()); q.bindValue(4, pkiSource); q.bindValue(5, getComment()); q.exec(); e = q.lastError(); if (!e.isValid()) { e = insertSqlData(); } return e; } void pki_base::restoreSql(const QSqlRecord &rec) { sqlItemId = rec.value(VIEW_item_id); desc = rec.value(VIEW_item_name).toString(); insertion_date.fromPlain(rec.value(VIEW_item_date).toString()); comment = rec.value(VIEW_item_comment).toString(); pkiSource = (enum pki_source)rec.value(VIEW_item_source).toInt(); } QSqlError pki_base::deleteSql() { XSqlQuery q; QString insert; QSqlError e; if (!sqlItemId.isValid()) { qDebug("INVALID sqlItemId (DELETE %s)", CCHAR(getIntName())); return sqlItemNotFound(QVariant()); } e = deleteSqlData(); if (e.isValid()) return e; SQL_PREPARE(q, "UPDATE items SET del=1 WHERE id=?"); q.bindValue(0, sqlItemId); q.exec(); return q.lastError(); } QSqlError pki_base::sqlItemNotFound(QVariant sqlId) const { return QSqlError(QString("XCA SQL database inconsistent"), QString("Item %2 not found %1") .arg(getClassName()) .arg(sqlId.toString()), QSqlError::UnknownError); } pki_base *pki_base::getParent() const { return parent; } void pki_base::setParent(pki_base *p) { parent = p; } pki_base *pki_base::child(int row) { return childItems.value(row); } void pki_base::insert(pki_base *item) { if (!childItems.contains(item)) { childItems.prepend(item); item->setParent(this); } } int pki_base::childCount() const { return childItems.size(); } int pki_base::indexOf(const pki_base *child) const { int ret = childItems.indexOf(const_cast(child)); return ret >= 0 ? ret : 0; } void pki_base::takeChild(pki_base *pki) { if (childItems.removeOne(pki)) pki->setParent(nullptr); } QList pki_base::getChildItems() const { //#warning need to collect all children below folders (later) return childItems; } pki_base *pki_base::takeFirst() { return childItems.takeFirst(); } QString pki_base::pki_source_name() const { switch (pkiSource) { default: case unknown: return tr("Unknown"); case imported: return tr("Imported"); case generated: return tr("Generated"); case transformed: return tr("Transformed"); case token: return tr("Token"); case legacy_db: return tr("Legacy Database"); case renewed: return tr("Renewed"); } return QString("???"); } QVariant pki_base::column_data(const dbheader *hd) const { switch (hd->id) { case HD_internal_name: return QVariant(getIntName()); case HD_comment: return QVariant(comment.section('\n', 0, 0)); case HD_source: return QVariant(pki_source_name()); case HD_primary_key: return sqlItemId; } if (hd->type == dbheader::hd_asn1time) { a1time t = column_a1time(hd); if (!t.isUndefined()) return QVariant(t.toFancy()); } return QVariant(); } a1time pki_base::column_a1time(const dbheader *hd) const { switch (hd->id) { case HD_creation: return insertion_date; } return a1time().setUndefined(); } QVariant pki_base::getIcon(const dbheader *hd) const { (void)hd; return QVariant(); } QVariant pki_base::column_tooltip(const dbheader *hd) const { switch (hd->id) { case HD_comment: return QVariant(comment); } if (hd->type == dbheader::hd_asn1time) { a1time t = column_a1time(hd); if (!t.isUndefined()) return QVariant(t.toPretty()); } return QVariant(); } bool pki_base::compare(const pki_base *ref) const { bool ret; ret = (i2d() == ref->i2d()); pki_openssl_error(); return ret; } /* Unsigned 32 bit integer */ unsigned pki_base::hash(const QByteArray &ba) { unsigned char md[EVP_MAX_MD_SIZE]; SHA1((const unsigned char *)ba.constData(), ba.length(), md); return (((unsigned)md[0] ) | ((unsigned)md[1]<<8L) | ((unsigned)md[2]<<16L) | ((unsigned)md[3]<<24L) ) & 0x7fffffffL; } unsigned pki_base::hash() const { return hash(i2d()); } QString pki_base::get_dump_filename(const QString &dir, const QString &ext) const { QString ctr = "", fn; int count = 0; while (count++ < 1000) { fn = dir + "/" + getUnderlinedName() + ctr + ext; if (!QFile::exists(fn)) return fn; ctr = QString("_%1").arg(count); } return fn; } void pki_base::selfComment(QString msg) { setComment(appendXcaComment(getComment(), msg)); } void pki_base::collect_properties(QMap &prp) const { QString t; prp["Descriptor"] = getIntName(); if (getComment().size() > 0) prp["Comment"] = "\n" + getComment().replace('\n', "\n "); prp["Type"] = getTypeString(); } QString pki_base::getTypeString() const { QString t; switch (pkiType) { case asym_key: t = "Asymetric Key"; break; case x509_req: t = "PKCS#10 Certificate request"; break; case x509: t = "x.509 Certificate"; break; case revocation: t = "Certificate revocation list"; break; case tmpl: t = "XCA Template"; break; case smartCard: t = "Token Key"; break; default: t = "Unknown"; break; } return t; } void pki_base::print(BioByteArray &bba, enum print_opt opt) const { static const QStringList order = { "Type", "Descriptor", "Subject", "Issuer", "Serial", "Not Before", "Not After", "Verify Ok", "Unstructured Name", "Challange Password", "Last Update", "Next Update", "CA", "Self signed", "Key", "Signature", "Extensions", "Comment", "Algorithm", "Friendly Name" }; if (opt == print_coloured) { QMap prp; QStringList keys; int w = 0; collect_properties(prp); keys = prp.keys(); foreach (const QString &key, keys) { if (key.size() > w) w = key.size(); if (!order.contains(key)) XCA_WARN(tr("Property '%1' not listed in 'pki_base::print'").arg(key)); } w = (w + 1) * -1; foreach (const QString &key, order) { if (!prp.contains(key)) continue; bba += QString(COL_YELL "%1" COL_RESET " %2\n") .arg(key + ":", w).arg(prp[key]).toUtf8(); } } } static QString icsValue(QString s) { int n = 60; QStringList lines; QString t = s.replace(QRegularExpression("([,;\\\\])"), "\\\\1") .replace("\n", "\\n") .replace("\r", "\\r"); qDebug() << "S:" << s; for (int j = n; !s.isEmpty(); j--) { QString sub = s.left(j); if (sub.endsWith("\\") || sub.toUtf8().length() > n) continue; s.remove(0, j); lines << sub; j = n = 74; } return lines.join("\r\n "); } QStringList pki_base::icsVEVENT(const a1time &expires, const QString &summary, const QString &description) const { QString uniqueid = formatHash(Digest(i2d(), EVP_sha1()), ""); QString desc = icsValue(description + "\n----------\n" + comment); QString alarm = Settings["ical_expiry"]; return QStringList() << "BEGIN:VEVENT" << QString("DTSTAMP:%1").arg(a1time().toString("yyyyMMdd'T'HHmmss'Z'")) << QString("UID:EXP-%1@xca.ovh").arg(uniqueid) << "STATUS:CONFIRMED" << QString("DTSTART:%1").arg(expires.toString("yyyyMMdd")) << "DURATION:P1D" << QString("SUMMARY:%1").arg(icsValue(summary)) << QString("DESCRIPTION:%1").arg(desc) << "BEGIN:VALARM" << "ACTION:DISPLAY" << QString("SUMMARY:%1").arg(icsValue(summary)) << QString("DESCRIPTION:%1").arg(desc) << QString("TRIGGER:-P%1").arg(alarm) << "END:VALARM" << "END:VEVENT"; } void pki_base::setupColors(const QPalette &pal) { int factor = 50; if (pal.window().color().value() > pal.windowText().color().value()) factor = 125; qDebug() << "WindowColor" << pal.window().color().value() << "TextColor" << pal.windowText().color().value() << "Factor" << factor; red = QBrush(QColor(255, 0, 0).lighter(factor)); yellow = QBrush(QColor(255, 255, 0).lighter(factor)); cyan = QBrush(QColor(127, 255, 212).lighter(factor)); } xca-RELEASE.2.5.0/lib/pki_base.h000066400000000000000000000122411450407711300160460ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_BASE_H #define __PKI_BASE_H #include #include #include #include #include #include #include "BioByteArray.h" #include "asn1time.h" #include "pkcs11_lib.h" #include "base.h" #include "pki_lookup.h" #include "headerlist.h" #include "sql.h" #include "xfile.h" #include "pki_export.h" #define pki_openssl_error() _openssl_error(*this, C_FILE, __LINE__) #define pki_ign_openssl_error() _ign_openssl_error(*this, C_FILE, __LINE__) enum pki_source { unknown, imported, generated, transformed, token, legacy_db, renewed }; #define VIEW_item_id 0 #define VIEW_item_name 1 #define VIEW_item_type 2 #define VIEW_item_date 3 #define VIEW_item_source 4 #define VIEW_item_comment 5 extern pki_lookup Store; class pki_base : public QObject { Q_OBJECT public: /* static */ static QRegularExpression limitPattern; static QString rmslashdot(const QString &fname); static unsigned hash(const QByteArray &ba); static bool pem_comment; static int count; static QList allitems; static void setupColors(const QPalette &pal); protected: QVariant sqlItemId; QString desc, comment; a1time insertion_date; enum pki_type pkiType; /* model data */ pki_base *parent; void my_error(const QString &error) const; QString filename; virtual QByteArray PEM_comment() const; virtual void collect_properties(QMap &) const; QList childItems; mutable QRegularExpression lastPattern; static QBrush red, yellow, cyan; int iamvisible; public: enum msg_type { msg_import, msg_delete, msg_delete_multi, msg_create, }; enum print_opt { print_openssl_txt, print_pem, print_coloured, }; enum pki_source pkiSource; pki_base(const QString &d = QString(), pki_base *p = NULL); pki_base(const pki_base *p); virtual ~pki_base(); QList getChildItems() const; void clear(); void recheckVisibility() { lastPattern = QRegularExpression(); } QString getIntName() const { return desc; } void setFilename(const QString &s) { recheckVisibility(); filename = s; } QString getFilename() const { return filename; } void inheritFilename(pki_base *pki) const { pki->setFilename(getFilename()); } virtual QString comboText() const; virtual void print(BioByteArray &b, enum print_opt opt) const; QString getUnderlinedName() const; void setIntName(const QString &d) { recheckVisibility(); desc = d; } virtual void autoIntName(const QString &file); QString getComment() const { return comment; } void setComment(const QString &c) { recheckVisibility(); comment = c; } QVariant getSqlItemId() const { return sqlItemId; } enum pki_type getType() const { return pkiType; } QString getTypeString() const; QString i2d_b64() const { return QString::fromLatin1(i2d().toBase64()); } a1time getInsertionDate() const { return insertion_date; } virtual QByteArray i2d() const; virtual bool compare(const pki_base *) const; virtual QString getMsg(msg_type msg) const; virtual const char *getClassName() const; /* Tree View management */ void setParent(pki_base *p); pki_base *getParent() const; pki_base *child(int row); void insert(pki_base *item); int childCount() const; void takeChild(pki_base *pki); pki_base *takeFirst(); int indexOf(const pki_base *child) const; /* Token handling */ virtual void deleteFromToken(); virtual void deleteFromToken(const slotid &); virtual int renameOnToken(const slotid &, const QString &); /* Import / Export management */ virtual bool pem(BioByteArray &b); virtual void fromPEM_BIO(BIO *, const QString &); virtual void fromPEMbyteArray(const QByteArray &, const QString &); virtual void fload(const QString &); virtual void writeDefault(const QString&) const; /* Qt Model-View methods */ virtual QVariant bg_color(const dbheader *hd) const { (void)hd; return QVariant(); } virtual QVariant column_data(const dbheader *hd) const; virtual QVariant getIcon(const dbheader *hd) const; virtual QVariant column_tooltip(const dbheader *hd) const; virtual a1time column_a1time(const dbheader *hd) const; virtual bool visible() const; int isVisible(); bool childVisible() const; /* SQL management methods */ QSqlError insertSql(); virtual QSqlError insertSqlData() { return QSqlError(); } QSqlError deleteSql(); virtual QSqlError deleteSqlData() { return QSqlError(); } virtual void restoreSql(const QSqlRecord &rec); QSqlError sqlItemNotFound(QVariant sqlId) const; unsigned hash() const; QString pki_source_name() const; QString get_dump_filename(const QString &dirname, const QString &ext) const; void selfComment(QString msg); QStringList icsVEVENT(const a1time &expires, const QString &summary, const QString &description) const; operator QString() const { return QString("(%1[%2]:%3)").arg(getClassName()) .arg(getSqlItemId().toString()).arg(getIntName()); } }; Q_DECLARE_METATYPE(pki_base *); #endif xca-RELEASE.2.5.0/lib/pki_crl.cpp000066400000000000000000000231011450407711300162440ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "pki_crl.h" #include "func.h" #include "exception.h" #include "database_model.h" #include pki_crl::pki_crl(const QString name ) :pki_x509name(name) { crl = X509_CRL_new(); pki_openssl_error(); pkiType=revocation; } pki_x509 *pki_crl::getIssuer() const { return Store.lookupPki(issuerSqlId); } QString pki_crl::getIssuerName() const { pki_x509 *issuer = getIssuer(); return issuer ? issuer->getIntName() : QString(); } void pki_crl::setIssuer(pki_x509 *iss) { issuerSqlId = iss ? iss->getSqlItemId() : QVariant(); } void pki_crl::fromPEM_BIO(BIO *bio, const QString &name) { X509_CRL *_crl; _crl = PEM_read_bio_X509_CRL(bio, NULL, NULL, NULL); openssl_error_msg(name); if (!_crl) throw errorEx(); X509_CRL_free(crl); crl = _crl; } QString pki_crl::getMsg(msg_type msg) const { /* * We do not construct english sentences from fragments * to allow proper translations. * * %1 will be replaced by the internal name of the CRL */ switch (msg) { case msg_import: return tr("Successfully imported the revocation list '%1'"); case msg_delete: return tr("Delete the revocation list '%1'?"); case msg_create: return tr("Successfully created the revocation list '%1'"); /* %1: Number of CRLs; %2: list of CRL names */ case msg_delete_multi: return tr("Delete the %1 revocation lists: %2?"); } return pki_base::getMsg(msg); } QSqlError pki_crl::lookupIssuer() { XSqlQuery q; unsigned name_hash = getSubject().hashNum(); SQL_PREPARE(q, "SELECT x509super.item FROM x509super " "JOIN certs ON certs.item = x509super.item " "WHERE x509super.subj_hash=? AND certs.ca=1"); q.bindValue(0, name_hash); q.exec(); if (q.lastError().isValid()) return q.lastError(); while (q.next()) { pki_x509 *x = Store.lookupPki(q.value(0)); if (!x) { qDebug("CA certificate with id %d not found", q.value(0).toInt()); continue; } verify(x); } return q.lastError(); } QSqlError pki_crl::insertSqlData() { QSqlError e = lookupIssuer(); if (e.isValid()) return e; XSqlQuery q; SQL_PREPARE(q, "INSERT INTO crls (item, hash, num, iss_hash, issuer, crl) " "VALUES (?, ?, ?, ?, ?, ?)"); q.bindValue(0, sqlItemId); q.bindValue(1, hash()); q.bindValue(2, numRev()); q.bindValue(3, (uint)getSubject().hashNum()); q.bindValue(4, issuerSqlId); q.bindValue(5, i2d_b64()); q.exec(); return q.lastError(); } void pki_crl::restoreSql(const QSqlRecord &rec) { pki_base::restoreSql(rec); QByteArray ba = QByteArray::fromBase64( rec.value(VIEW_crls_crl).toByteArray()); d2i(ba); setIssuer(Store.lookupPki(rec.value(VIEW_crls_issuer))); } QSqlError pki_crl::deleteSqlData() { XSqlQuery q; QSqlError e; SQL_PREPARE(q, "DELETE FROM crls WHERE item=?"); q.bindValue(0, sqlItemId); q.exec(); return q.lastError(); } void pki_crl::fload(const QString &fname) { X509_CRL *_crl; XFile file(fname); file.open_read(); QByteArray ba(file.readAll()); _crl = PEM_read_bio_X509_CRL(BioByteArray(ba).ro(), NULL, NULL, NULL); if (!_crl) { pki_ign_openssl_error(); _crl = d2i_X509_CRL_bio(BioByteArray(ba).ro(), NULL); } if (pki_ign_openssl_error() || !_crl) { if (_crl) X509_CRL_free(_crl); throw errorEx(tr("Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL.").arg(fname)); } X509_CRL_free(crl); crl = _crl; } QString pki_crl::getSigAlg() const { return QString(OBJ_nid2ln(X509_CRL_get_signature_nid(crl))); } void pki_crl::createCrl(const QString d, pki_x509 *iss) { setIntName(d); if (!iss) my_error(tr("No issuer given")); X509_CRL_set_version(crl, 1); /* version 2 CRL */ X509_CRL_set_issuer_name(crl, (X509_NAME*)iss->getSubject().get0()); setIssuer(iss); pki_openssl_error(); } a1int pki_crl::getVersion() { return a1int(X509_CRL_get_version(crl)); } void pki_crl::setLastUpdate(const a1time &a) { a1time t(a); X509_CRL_set_lastUpdate(crl, t.get_utc()); pki_openssl_error(); } void pki_crl::setNextUpdate(const a1time &a) { a1time t(a); X509_CRL_set_nextUpdate(crl, t.get_utc()); pki_openssl_error(); } pki_crl::~pki_crl() { X509_CRL_free(crl); pki_openssl_error(); } void pki_crl::d2i(QByteArray &ba) { X509_CRL *c = (X509_CRL*)d2i_bytearray(D2I_VOID(d2i_X509_CRL), ba); pki_openssl_error(); if (c) { X509_CRL_free(crl); crl = c; } pki_openssl_error(); } QByteArray pki_crl::i2d() const { return i2d_bytearray(I2D_VOID(i2d_X509_CRL), crl); } void pki_crl::addRev(const x509rev &xrev, bool withReason) { X509_CRL_add0_revoked(crl, xrev.get(withReason)); pki_openssl_error(); } void pki_crl::addV3ext(const x509v3ext &e) { X509_EXTENSION *ext = e.get(); X509_CRL_add_ext(crl, ext, -1); X509_EXTENSION_free(ext); pki_openssl_error(); } extList pki_crl::extensions() const { extList el; el.setStack(X509_CRL_get0_extensions(crl)); pki_openssl_error(); return el; } bool pki_crl::visible() const { if (pki_x509name::visible()) return true; if (getSigAlg().contains(limitPattern)) return true; return extensions().search(limitPattern); } void pki_crl::sign(pki_key *key, const digest &digest) { EVP_PKEY *pkey; if (!key || key->isPubKey()) return; X509_CRL_sort(crl); pkey = key->decryptKey(); X509_CRL_sign(crl, pkey, digest.MD()); EVP_PKEY_free(pkey); pki_openssl_error(); } void pki_crl::writeDefault(const QString &dirname) const { XFile file(get_dump_filename(dirname, ".crl")); file.open_write(); writeCrl(file, true); } void pki_crl::writeCrl(XFile &file, bool pem) const { BioByteArray b; if (pem) { b += PEM_comment(); PEM_write_bio_X509_CRL(b, crl); } else { i2d_X509_CRL_bio(b, crl); } pki_openssl_error(); file.write(b); } bool pki_crl::pem(BioByteArray &b) { return PEM_write_bio_X509_CRL(b, crl); } a1time pki_crl::getLastUpdate() const { return a1time(X509_CRL_get0_lastUpdate(crl)); } a1time pki_crl::getNextUpdate() const { return a1time(X509_CRL_get0_nextUpdate(crl)); } int pki_crl::numRev() const { STACK_OF(X509_REVOKED) *st = X509_CRL_get_REVOKED(crl); return st ? sk_X509_REVOKED_num(st) : 0; } x509revList pki_crl::getRevList() { x509revList ret; int i, num = numRev(); STACK_OF(X509_REVOKED) *st = X509_CRL_get_REVOKED(crl); for (i=0; igetSubject()) return false; pki_key *key = issuer->getPubKey(); if (!key) return false; int ret = X509_CRL_verify(crl, key->getPubKey()); pki_ign_openssl_error(); if (ret != 1) { delete key; return false; } delete key; pki_x509 *curr = getIssuer(); if (curr && curr->getNotAfter() > issuer->getNotAfter()) return true; setIssuer(issuer); return true; } void pki_crl::setCrlNumber(a1int num) { ASN1_INTEGER *tmpser = num.get(); pki_openssl_error(); X509_CRL_add1_ext_i2d(crl, NID_crl_number, tmpser, 0, 0); ASN1_INTEGER_free(tmpser); pki_openssl_error(); } a1int pki_crl::getCrlNumber() const { a1int num; if (!getCrlNumber(&num)) num.set(0L); return num; } bool pki_crl::getCrlNumber(a1int *num) const { int j; ASN1_INTEGER *i; i = (ASN1_INTEGER *)X509_CRL_get_ext_d2i(crl, NID_crl_number, &j, NULL); pki_openssl_error(); if (j == -1) return false; num->set(i); ASN1_INTEGER_free(i); return true; } x509v3ext pki_crl::getExtByNid(int nid) { extList el = extensions(); x509v3ext e; for (int i=0; i< el.count(); i++){ if (el[i].nid() == nid) return el[i]; } return e; } QString pki_crl::printV3ext() { QString text = extensions().getHtml("
"); pki_openssl_error(); return text; } QVariant pki_crl::column_data(const dbheader *hd) const { switch (hd->id) { case HD_crl_signer: return QVariant(getIssuerName()); case HD_crl_revoked: return QVariant(numRev()); case HD_crl_crlnumber: a1int a; if (getCrlNumber(&a)) return QVariant(a.toDec()); return QVariant(); } return pki_x509name::column_data(hd); } a1time pki_crl::column_a1time(const dbheader *hd) const { switch (hd->id) { case HD_crl_lastUpdate: return getLastUpdate(); case HD_crl_nextUpdate: return getNextUpdate(); } return pki_base::column_a1time(hd); } QVariant pki_crl::getIcon(const dbheader *hd) const { return hd->id == HD_internal_name ? QVariant(QPixmap(":crlIco")) : QVariant(); } QStringList pki_crl::icsVEVENT() const { pki_x509 *ca = getIssuer(); if (ca) { return pki_base::icsVEVENT(getNextUpdate(), tr("CRL Renewal of CA '%1' due").arg(ca->getIntName()), tr("The latest CRL issued by the CA '%1' will expire on %2.\n" "It is stored in the XCA database '%3'") .arg(ca->getIntName()) .arg(getNextUpdate().toPretty()) .arg(nativeSeparator(Database.name())) ); } return pki_base::icsVEVENT(getNextUpdate(), tr("Renew CRL: %1").arg(getIntName()), tr("The XCA CRL '%1', issued on %3 will expire on %4.\n" "It is stored in the XCA database '%5'") .arg(getIntName()) .arg(getLastUpdate().toPretty()) .arg(getNextUpdate().toPretty()) .arg(nativeSeparator(Database.name())) ); } void pki_crl::collect_properties(QMap &prp) const { prp["Last Update"] = getLastUpdate().toPretty(); prp["Next Update"] = getNextUpdate().toPretty(); pki_x509name::collect_properties(prp); } void pki_crl::print(BioByteArray &bba, enum print_opt opt) const { pki_x509name::print(bba, opt); switch (opt) { case print_openssl_txt: X509_CRL_print(bba, crl); break; case print_pem: PEM_write_bio_X509_CRL(bba, crl); break; case print_coloured: break; } } xca-RELEASE.2.5.0/lib/pki_crl.h000066400000000000000000000051311450407711300157140ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_CRL_H #define __PKI_CRL_H #include #include "pki_x509.h" #include "x509name.h" #define VIEW_crls_num 6 #define VIEW_crls_issuer 7 #define VIEW_crls_crl 8 #include "digest.h" class crljob { public: pki_x509 *issuer; bool withReason; bool authKeyId; bool subAltName; bool setCrlNumber; a1int crlNumber; int crlDays; digest hashAlgo; a1time lastUpdate; a1time nextUpdate; crljob(pki_x509 *x) : issuer(x), withReason(true), authKeyId(true), subAltName(true), setCrlNumber(issuer->getCrlNumber().getLong() > 0), crlNumber(issuer->getCrlNumber()), crlDays(issuer->getCrlDays()), hashAlgo(digest::getDefault()), nextUpdate(lastUpdate.addDays(crlDays)) { crlNumber++; } crljob() = delete; }; class pki_crl: public pki_x509name { Q_OBJECT friend class pki_x509; protected: QVariant issuerSqlId; X509_CRL *crl; extList extensions() const; void collect_properties(QMap &prp) const; public: pki_crl(const QString name = ""); ~pki_crl(); void fromPEM_BIO(BIO *bio, const QString &name); void fload(const QString &fname); QString getSigAlg() const; void writeDefault(const QString &dirname) const; void createCrl(const QString d, pki_x509 *iss); void addRev(const x509rev &rev, bool withReason=true); void addExt(int nid, QString value); void addV3ext(const x509v3ext &e); void sign(pki_key *key, const digest &digest); void writeCrl(XFile &file, bool pem = true) const; pki_x509 *getIssuer() const; QString getIssuerName() const; void setIssuer(pki_x509 *iss); x509name getSubject() const; void setLastUpdate(const a1time &t); void setNextUpdate(const a1time &t); a1time getNextUpdate() const; a1time getLastUpdate() const; bool verify(pki_x509 *issuer); int numRev() const; x509revList getRevList(); QString printV3ext(); x509v3ext getExtByNid(int nid); a1int getVersion(); QVariant column_data(const dbheader *hd) const; QVariant getIcon(const dbheader *hd) const; a1time column_a1time(const dbheader *hd) const; QString getMsg(msg_type msg) const; void d2i(QByteArray &ba); QByteArray i2d() const; void setCrlNumber(a1int num); bool getCrlNumber(a1int *num) const; a1int getCrlNumber() const; bool pem(BioByteArray &); bool visible() const; QSqlError lookupIssuer(); QSqlError insertSqlData(); QSqlError deleteSqlData(); void restoreSql(const QSqlRecord &rec); QStringList icsVEVENT() const; void print(BioByteArray &b, enum print_opt opt) const; }; #endif xca-RELEASE.2.5.0/lib/pki_evp.cpp000066400000000000000000000476751450407711300163040ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "pki_evp.h" #include "pass_info.h" #include "func.h" #include "entropy.h" #include "BioByteArray.h" #include "XcaProgress.h" #include "openssl_compat.h" #include "PwDialogCore.h" #include "XcaWarningCore.h" #include #include #include #include #include Passwd pki_evp::passwd; QString pki_evp::passHash = QString(); void pki_evp::init() { ownPass = ptCommon; pkiType = asym_key; } void pki_evp::setOwnPass(enum passType x) { EVP_PKEY *pk=NULL, *pk_back = key; enum passType oldOwnPass = ownPass; if (ownPass == x || isPubKey()) return; try { pk = decryptKey(); if (pk == NULL) return; key = pk; ownPass = x; encryptKey(); } catch (errorEx &err) { if (pk) EVP_PKEY_free(pk); key = pk_back; ownPass = oldOwnPass; throw(err); } } bool pki_evp::sqlUpdatePrivateKey() { Transaction; if (!TransBegin()) return false; XSqlQuery q; SQL_PREPARE(q, "UPDATE private_keys SET private=?, ownPass=? " "WHERE item=?"); q.bindValue(0, encKey_b64()); q.bindValue(1, ownPass); q.bindValue(2, sqlItemId); AffectedItems(sqlItemId); q.exec(); encKey.fill(0); encKey.clear(); if (!q.lastError().isValid() && q.numRowsAffected() == 1) { TransCommit(); return true; } return false; } void pki_evp::generate(const keyjob &task) { Entropy::seed_rng(); XcaProgress progress; BN_GENCB *bar = BN_GENCB_new(); BN_GENCB_set_old(bar, XcaProgress::inc, &progress); switch (task.ktype.type) { case EVP_PKEY_RSA: { RSA *rsakey = RSA_new(); BIGNUM *e = BN_new(); BN_set_word(e, 0x10001); if (RSA_generate_key_ex(rsakey, task.size, e, bar)) EVP_PKEY_assign_RSA(key, rsakey); else RSA_free(rsakey); BN_free(e); break; } case EVP_PKEY_DSA: { DSA *dsakey = DSA_new(); if (DSA_generate_parameters_ex(dsakey, task.size, NULL, 0, NULL, NULL, bar) && DSA_generate_key(dsakey)) EVP_PKEY_assign_DSA(key, dsakey); else DSA_free(dsakey); break; } #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: { EC_KEY *eckey; EC_GROUP *group = EC_GROUP_new_by_curve_name(task.ec_nid); if (!group) break; eckey = EC_KEY_new(); if (eckey == NULL) { EC_GROUP_free(group); break; } EC_GROUP_set_asn1_flag(group, 1); if (EC_KEY_set_group(eckey, group)) { if (EC_KEY_generate_key(eckey)) { EVP_PKEY_assign_EC_KEY(key, eckey); EC_GROUP_free(group); break; } } EC_KEY_free(eckey); EC_GROUP_free(group); break; } #ifdef EVP_PKEY_ED25519 case EVP_PKEY_ED25519: { EVP_PKEY *pkey = NULL; EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_ED25519, NULL); Q_CHECK_PTR(pctx); EVP_PKEY_keygen_init(pctx); EVP_PKEY_keygen(pctx, &pkey); EVP_PKEY_CTX_free(pctx); EVP_PKEY_free(key); key = pkey; } #endif #endif } BN_GENCB_free(bar); isPub = false; pkiSource = generated; pki_openssl_error(); encryptKey(); } pki_evp::pki_evp(const pki_evp *pk) :pki_key(pk) { init(); pki_openssl_error(); ownPass = pk->ownPass; isPub = pk->isPub; encKey = pk->getEncKey(); } pki_evp::pki_evp(const QString &n, int type) :pki_key(n) { init(); EVP_PKEY_set_type(key, type); pki_openssl_error(); } static bool EVP_PKEY_isPrivKey(EVP_PKEY *key) { const BIGNUM *b; int keytype = EVP_PKEY_id(key); switch (EVP_PKEY_type(keytype)) { case EVP_PKEY_RSA: RSA_get0_key(EVP_PKEY_get0_RSA(key), NULL, NULL, &b); return b ? true: false; case EVP_PKEY_DSA: DSA_get0_key(EVP_PKEY_get0_DSA(key), NULL, &b); return b ? true: false; #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: return EC_KEY_get0_private_key( EVP_PKEY_get0_EC_KEY(key)) ? true: false; #ifdef EVP_PKEY_ED25519 case EVP_PKEY_ED25519: { unsigned char buf[ED25519_KEYLEN]; size_t len = sizeof buf; int ret = EVP_PKEY_get_raw_private_key(key, buf, &len); ign_openssl_error(); return ret && len == ED25519_KEYLEN; } #endif #endif } return false; } pki_evp::pki_evp(EVP_PKEY *pkey) :pki_key() { init(); set_EVP_PKEY(pkey); } bool pki_evp::openssl_pw_error() const { switch (ERR_peek_error() & 0xff000fff) { case ERR_PACK(ERR_LIB_PEM, 0, PEM_R_BAD_DECRYPT): case ERR_PACK(ERR_LIB_PEM, 0, PEM_R_BAD_PASSWORD_READ): case ERR_PACK(ERR_LIB_EVP, 0, EVP_R_BAD_DECRYPT): pki_ign_openssl_error(); return true; } return false; } void pki_evp::fromPEMbyteArray(const QByteArray &ba, const QString &name) { EVP_PKEY *pkey; pass_info p(XCA_TITLE, tr("Please enter the password to decrypt the private key %1.") .arg(name)); pkey = load_ssh_ed25519_privatekey(ba, p); while (!pkey) { pkey = PEM_read_bio_PrivateKey(BioByteArray(ba).ro(), NULL, PwDialogCore::pwCallback, &p); if (openssl_pw_error()) XCA_PASSWD_ERROR(); if (p.getResult() != pw_ok) throw p.getResult(); if (pki_ign_openssl_error()) break; } if (!pkey) { pki_ign_openssl_error(); pkey = PEM_read_bio_PUBKEY(BioByteArray(ba).ro(), NULL, NULL,0); } pki_openssl_error(); set_EVP_PKEY(pkey, name); } static void search_ec_oid(EVP_PKEY *pkey) { #ifndef OPENSSL_NO_EC EC_GROUP *builtin; const EC_KEY *ec; const EC_GROUP *ec_group; int keytype = EVP_PKEY_id(pkey); if (keytype != EVP_PKEY_EC) return; ec = EVP_PKEY_get0_EC_KEY(pkey); if (!ec) return; ec_group = EC_KEY_get0_group(ec); if (!ec_group) return; if (EC_GROUP_get_curve_name(ec_group)) return; /* There is an EC_GROUP with a missing OID * because of explicit parameters */ foreach(builtin_curve curve, builtinCurves) { builtin = EC_GROUP_new_by_curve_name(curve.nid); if (EC_GROUP_cmp(builtin, ec_group, NULL) == 0) { EC_GROUP_set_curve_name((EC_GROUP *)ec_group, curve.nid); EC_GROUP_set_asn1_flag((EC_GROUP *)ec_group, 1); EC_GROUP_free(builtin); break; } EC_GROUP_free(builtin); } #else (void)pkey; #endif } void pki_evp::set_EVP_PKEY(EVP_PKEY *pkey, QString name) { if (!pkey) return; if (!verify(pkey)) { pki_ign_openssl_error(); EVP_PKEY_free(pkey); throw errorEx(tr("The key from file '%1' is incomplete or inconsistent.").arg(name)); } if (key) EVP_PKEY_free(key); key = pkey; isPub = !EVP_PKEY_isPrivKey(key); if (!isPub) bogusEncryptKey(); search_ec_oid(pkey); autoIntName(name); setFilename(name); pki_openssl_error(); } EVP_PKEY *pki_evp::load_ssh_ed25519_privatekey(const QByteArray &ba, const pass_info &p) { EVP_PKEY *pkey = NULL; unsigned char *pdata; long plen; QByteArray chunk, enc_algo, kdfname, kdf, pub, priv; (void)p; // Will be used later for decryption if (!PEM_bytes_read_bio(&pdata, &plen, NULL, PEM_STRING_OPENSSH_KEY, BioByteArray(ba).ro(), NULL, NULL)) return NULL; QByteArray content((const char*)pdata, plen); OPENSSL_free(pdata); if (!content.startsWith("openssh-key-v1") || // also check trailing \0 content.constData()[sizeof "openssh-key-v1" -1]) return NULL; content.remove(0, sizeof "openssh-key-v1"); // encryption: "none", "aes256-ctr" enc_algo = ssh_key_next_chunk(&content); // KDFName "bcrypt" kdfname = ssh_key_next_chunk(&content); kdf = ssh_key_next_chunk(&content); if (enc_algo != "none" || kdfname != "none") { qCritical("Encrypted SSH ED25519 keys not supported, yet"); return NULL; } // check bytes 00 00 00 01 const char *d = content.constData(); if (d[0] || d[1] || d[2] || d[3] != 1) return NULL; content.remove(0, 4); // Handle first occurance of the public key pub = ssh_key_next_chunk(&content); ssh_key_check_chunk(&pub, "ssh-ed25519"); pub = ssh_key_next_chunk(&pub); if (pub.size() != ED25519_KEYLEN) return NULL; // Followed by the private key priv = ssh_key_next_chunk(&content); // Drop 64bit random nonce priv.remove(0, 8); ssh_key_check_chunk(&priv, "ssh-ed25519"); // The first pubkey must match the second occurance // in front of the private one if (pub != ssh_key_next_chunk(&priv)) return NULL; priv = ssh_key_next_chunk(&priv); // The private key is concatenated by the public key in one chunk if (priv.size() != 2 * ED25519_KEYLEN) return NULL; // The last ED25519_KEYLEN bytes must match the public key if (pub != priv.mid(ED25519_KEYLEN)) return NULL; // The first ED25519_KEYLEN octets are the private key #ifndef OPENSSL_NO_EC #ifdef EVP_PKEY_ED25519 pkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_ED25519, NULL, (const unsigned char *)priv.constData(), ED25519_KEYLEN); #endif #endif pki_openssl_error(); return pkey; } void pki_evp::fload(const QString &fname) { pass_info p(XCA_TITLE, tr("Please enter the password to decrypt the private key from file:\n%1"). arg(compressFilename(fname))); pem_password_cb *cb = PwDialogCore::pwCallback; pki_ign_openssl_error(); XFile file(fname); file.open_read(); QByteArray ba = file.readAll(); EVP_PKEY *pkey; do { pkey = PEM_read_bio_PrivateKey(BioByteArray(ba).ro(), NULL, cb, &p); if (openssl_pw_error()) XCA_PASSWD_ERROR(); if (p.getResult() != pw_ok) throw p.getResult(); if (pki_ign_openssl_error()) break; } while (!pkey); if (!pkey) { pki_ign_openssl_error(); pkey = d2i_PrivateKey_bio(BioByteArray(ba).ro(), NULL); } if (!pkey) { pki_ign_openssl_error(); pkey = d2i_PKCS8PrivateKey_bio(BioByteArray(ba).ro(), NULL, cb, &p); } if (!pkey) { PKCS8_PRIV_KEY_INFO *p8inf; pki_ign_openssl_error(); p8inf = d2i_PKCS8_PRIV_KEY_INFO_bio(BioByteArray(ba).ro(), NULL); if (p8inf) { pkey = EVP_PKCS82PKEY(p8inf); PKCS8_PRIV_KEY_INFO_free(p8inf); } } if (!pkey) { pki_ign_openssl_error(); pkey = b2i_PVK_bio(BioByteArray(ba).ro(), cb, &p); } if (!pkey) { pki_ign_openssl_error(); pkey = load_ssh_ed25519_privatekey(ba, p); } if (!pkey) { pki_ign_openssl_error(); pkey = PEM_read_bio_PUBKEY(BioByteArray(ba).ro(), NULL, cb, &p); } if (!pkey) { pki_ign_openssl_error(); pkey = d2i_PUBKEY_bio(BioByteArray(ba).ro(), NULL); } if (!pkey) { pki_ign_openssl_error(); pkey = load_ssh2_key(ba); } if (!pkey) { pki_ign_openssl_error(); pkey = b2i_PublicKey_bio(BioByteArray(ba).ro()); } if (pki_ign_openssl_error() || !pkey) { if (pkey) EVP_PKEY_free(pkey); throw errorEx(tr("Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format.").arg(fname)); } set_EVP_PKEY(pkey, fname); } EVP_PKEY *pki_evp::decryptKey() const { Passwd ownPassBuf; int ret; if (isPubKey()) { QByteArray ba = i2d_bytearray(I2D_VOID(i2d_PUBKEY), key); return (EVP_PKEY*)d2i_bytearray(D2I_VOID(d2i_PUBKEY), ba); } /* This key has its own password */ if (ownPass == ptPrivate) { pass_info pi(XCA_TITLE, tr("Please enter the password to decrypt the private key: '%1'").arg(getIntName())); ret = PwDialogCore::execute(&pi, &ownPassBuf, false); if (ret != 1) throw errorEx(tr("Password input aborted"), getClassName()); } else if (ownPass == ptBogus) { // BOGUS pass ownPassBuf = "Bogus"; } else { ownPassBuf = passwd; while (passHash.isEmpty() || (sha512passwT(ownPassBuf, passHash) != passHash && sha512passwd(ownPassBuf, passHash) != passHash)) { pass_info p(XCA_TITLE, tr("Please enter the database password for decrypting the key '%1'").arg(getIntName())); ret = PwDialogCore::execute(&p, &ownPassBuf, passHash.isEmpty()); if (ret != 1) throw errorEx(tr("Password input aborted"), getClassName()); } } QByteArray myencKey = getEncKey(); qDebug() << "myencKey.size()"< 0 || !sqlItemId.isValid()) return encKey; SQL_PREPARE(q, "SELECT private FROM private_keys WHERE item=?"); q.bindValue(0, sqlItemId); q.exec(); e = q.lastError(); if (e.isValid() || !q.first()) return QByteArray(); return QByteArray::fromBase64(q.value(0).toByteArray().trimmed()); } QSqlError pki_evp::deleteSqlData() { XSqlQuery q; QSqlError e = pki_key::deleteSqlData(); if (e.isValid()) return e; SQL_PREPARE(q, "DELETE FROM private_keys WHERE item=?"); q.bindValue(0, sqlItemId); q.exec(); return q.lastError(); } bool pki_evp::pem(BioByteArray &b) { EVP_PKEY *pkey; int keytype; const pki_export *xport = pki_export::by_id(Settings["KeyFormat"]); if (xport->match_all(F_PEM | F_PRIVATE)) { pkey = decryptKey(); keytype = EVP_PKEY_id(pkey); switch (keytype) { case EVP_PKEY_RSA: PEM_write_bio_RSAPrivateKey(b, EVP_PKEY_get0_RSA(pkey), NULL, NULL, 0, NULL, NULL); break; case EVP_PKEY_DSA: PEM_write_bio_DSAPrivateKey(b, EVP_PKEY_get0_DSA(pkey), NULL, NULL, 0, NULL, NULL); break; #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: PEM_write_bio_ECPrivateKey(b, EVP_PKEY_get0_EC_KEY(pkey), NULL, NULL, 0, NULL, NULL); break; #ifdef EVP_PKEY_ED25519 case EVP_PKEY_ED25519: if (xport->match_all(F_PRIVATE)) return false; write_SSH2_ed25519_private(b, pkey, NULL); break; #endif #endif } EVP_PKEY_free(pkey); } else if (xport->match_all(F_PKCS8 | F_PRIVATE)) { const EVP_CIPHER *algo = xport->match_all(F_CRYPT) ? EVP_aes_256_cbc() : NULL; pkey = decryptKey(); PEM_write_bio_PrivateKey(b, pkey, algo, passwd.constUchar(), passwd.size(), NULL, NULL); EVP_PKEY_free(pkey); } else return pki_key::pem(b); return true; } void pki_evp::writePKCS8(XFile &file, const EVP_CIPHER *enc, pem_password_cb *cb, bool pem) const { pass_info p(XCA_TITLE, tr("Please enter the password protecting the PKCS#8 key '%1'") .arg(getIntName())); EVP_PKEY *pkey = decryptKey(); if (!pkey) { pki_openssl_error(); return; } BioByteArray b; if (pem) { b += PEM_comment(); PEM_write_bio_PKCS8PrivateKey(b, pkey, enc, NULL, 0, cb, &p); } else { i2d_PKCS8PrivateKey_bio(b, pkey, enc, NULL, 0, cb, &p); } EVP_PKEY_free(pkey); file.write(b); } void pki_evp::writePVKprivate(XFile &file, pem_password_cb *cb) const { pass_info p(XCA_TITLE, tr("Please enter the password protecting the Microsoft PVK key '%1'").arg(getIntName())); int enc = cb ? 2 /* pvk-strong */ : 0 /* pvk-none */; EVP_PKEY *pkey = decryptKey(); if (!pkey) { pki_openssl_error(); return; } /* In case of success! the error * PEMerr(PEM_F_I2B_PVK_BIO, PEM_R_BIO_WRITE_FAILURE) * is set. Workaround this behavior */ BioByteArray b; if (i2b_PVK_bio(b, pkey, enc, cb, &p) == -1) { pki_openssl_error(); PEMerr(PEM_F_I2B_PVK_BIO, PEM_R_BIO_WRITE_FAILURE); pki_openssl_error(); } ign_openssl_error(); EVP_PKEY_free(pkey); file.write(b); } static int mycb(char *buf, int size, int, void *) { strncpy(buf, pki_evp::passwd, size); return strlen(pki_evp::passwd); } void pki_evp::writeDefault(const QString &dirname) const { XFile file(get_dump_filename(dirname, ".pem")); file.open_key(); writeKey(file, pki_evp::passwd.isEmpty() ? NULL : EVP_des_ede3_cbc(), mycb, true); } #ifndef LIBRESSL_VERSION_NUMBER int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc, unsigned char *kstr, int klen, pem_password_cb *cb, void *u) { QString pem = keytype::byPKEY(x).traditionalPemName(); return PEM_ASN1_write_bio((i2d_of_void *)i2d_PrivateKey, pem.toLatin1(), bp, (char*)x, enc, kstr, klen, cb, u); } #endif void pki_evp::writeKey(XFile &file, const EVP_CIPHER *enc, pem_password_cb *cb, bool pem) const { pass_info p(XCA_TITLE, tr("Please enter the export password for the private key '%1'") .arg(getIntName())); if (isPubKey()) { writePublic(file, pem); return; } EVP_PKEY *pkey = key ? decryptKey() : NULL; if (!pkey) { pki_openssl_error(); return; } BioByteArray b; if (pem) { b += PEM_comment(); PEM_write_bio_PrivateKey_traditional(b, pkey, enc, NULL, 0, cb, &p); } else { i2d_PrivateKey_bio(b, pkey); } EVP_PKEY_free(pkey); pki_openssl_error(); file.write(b); } bool pki_evp::verify(EVP_PKEY *pkey) const { if (!EVP_PKEY_isPrivKey(pkey)) return pki_key::verify(pkey); EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new(pkey, NULL); Q_CHECK_PTR(ctx); int verify = EVP_PKEY_check(ctx); EVP_PKEY_CTX_free(ctx); if (verify == -2) { // Operation not supported assume true pki_ign_openssl_error(); } pki_openssl_error(); return verify; } QVariant pki_evp::getIcon(const dbheader *hd) const { if (hd->id != HD_internal_name) return QVariant(); return QVariant(QPixmap(isPubKey() ? ":pubkeyIco" : ":keyIco")); } QString pki_evp::md5passwd(QByteArray pass) { return formatHash(Digest(pass, EVP_md5())); } QString pki_evp::_sha512passwd(QByteArray pass, QString salt, int size, int repeat) { if (salt.length() < size) return QString(); salt = salt.left(size); pass = salt.toLatin1() + pass; while (repeat--) pass = Digest(pass, EVP_sha512()); return salt + formatHash(pass, ""); } QString pki_evp::sha512passwd(QByteArray pass, QString salt) { return _sha512passwd(pass, salt, 5, 1); } QString pki_evp::sha512passwT(QByteArray pass, QString salt) { return _sha512passwd(pass, salt, 17, 8000); } xca-RELEASE.2.5.0/lib/pki_evp.h000066400000000000000000000041531450407711300157310ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_EVP_H #define __PKI_EVP_H #include #include #include #include #include "pki_key.h" #include "Passwd.h" #define VIEW_private_ownpass 9 class pass_info; class pki_evp: public pki_key { Q_OBJECT QByteArray encKey; void init(); QByteArray getEncKey() const; QString encKey_b64() { return QString::fromLatin1(encKey.toBase64()); } static QString _sha512passwd(QByteArray pass, QString salt, int size, int repeat); void set_EVP_PKEY(EVP_PKEY *pkey, QString name = QString()); protected: bool openssl_pw_error() const; public: static QString passHash; static Passwd passwd; static QString md5passwd(QByteArray pass); static QString sha512passwd(QByteArray pass, QString salt); static QString sha512passwT(QByteArray pass, QString salt); pki_evp(const QString &n = QString(), int type = EVP_PKEY_RSA); pki_evp(const pki_evp *pkey); pki_evp(EVP_PKEY *pkey); virtual ~pki_evp(); void generate(const keyjob &task); void setOwnPass(enum passType); void set_evp_key(EVP_PKEY *pkey); void encryptKey(const char *password = NULL); void bogusEncryptKey(); EVP_PKEY *decryptKey() const; EVP_PKEY *priv2pub(EVP_PKEY* key); static QString removeTypeFromIntName(QString n); void fromPEMbyteArray(const QByteArray &ba, const QString &name); void fload(const QString &fname); bool pem(BioByteArray &); EVP_PKEY *load_ssh_ed25519_privatekey(const QByteArray &ba, const pass_info &p); void writeDefault(const QString &dirname) const; void writeKey(XFile &file, const EVP_CIPHER *enc, pem_password_cb *cb, bool pem) const; void writePKCS8(XFile &file, const EVP_CIPHER *enc, pem_password_cb *cb, bool pem) const; void writePVKprivate(XFile &file, pem_password_cb *cb) const; bool verify(EVP_PKEY *pkey) const; QVariant getIcon(const dbheader *hd) const; bool sqlUpdatePrivateKey(); QSqlError insertSqlData(); QSqlError deleteSqlData(); void restoreSql(const QSqlRecord &rec); }; #endif xca-RELEASE.2.5.0/lib/pki_export.cpp000066400000000000000000000133141450407711300170120ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2021 Christian Hohnstaedt. * * All rights reserved. */ #include "pki_export.h" pki_export::pki_export(int i, enum pki_type p, const QString &e, const QString &d, int f, const QString &h) : id(i), pki_type(p), extension(e), flags(f), desc(d), help(h) { } bool pki_export::match_all(int match_flags) const { return (flags & match_flags) == match_flags; } QList pki_export::select(enum pki_type pki_type, int disable) { QList ret; foreach(const pki_export *exp, elements) { if (exp->pki_type == pki_type && (disable & exp->flags) == 0) ret << exp; } return ret; } const pki_export *pki_export::by_id(int id) { foreach(const pki_export *exp, elements) { if (exp->id == id) return exp; } return NULL; } void pki_export::free_elements() { qDeleteAll(elements); } QList pki_export::elements { new pki_export( 1, x509, "crt", "PEM", F_PEM | F_USUAL | F_SINGLE, tr("PEM Text format with headers")), new pki_export( 3, x509, "pem", "PEM", F_PEM | F_MULTI, tr("Concatenated list of all selected items in one PEM text file")), new pki_export( 2, x509, "pem", tr("PEM chain"), F_PEM | F_USUAL | F_CHAIN | F_SINGLE, tr("Concatenated text format of the complete certificate chain in one PEM file")), new pki_export( 6, x509, "pem", tr("PEM + key"), F_PEM | F_PLUSKEY | F_PRIVATE| F_SINGLE,tr("Concatenation of the certificate and the unencrypted private key in one PEM file")), new pki_export( 7, x509, "pem", "PEM + PKCS#8", F_PEM | F_PKCS8 | F_PRIVATE | F_CRYPT, tr("Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file")), new pki_export( 8, x509, "p7b", "PKCS #7", F_PKCS7 | F_USUAL | F_SINGLE, tr("PKCS#7 encoded single certificate")), new pki_export(10, x509, "p7b", "PKCS #7", F_PKCS7 | F_USUAL | F_MULTI, tr("All selected certificates encoded in one PKCS#7 file")), new pki_export(12, x509, "p7b", tr("PKCS #7 chain"), F_PKCS7 | F_USUAL | F_CHAIN | F_SINGLE, tr("PKCS#7 encoded complete certificate chain")), new pki_export(13, x509, "cer", "DER", F_DER | F_SINGLE, tr("Binary DER encoded certificate")), new pki_export(14, x509, "pfx", tr("PKCS #12 chain"),F_PKCS12 | F_USUAL | F_CHAIN | F_CRYPT | F_PRIVATE | F_SINGLE, tr("The complete certificate chain and the private key as encrypted PKCS#12 file")), new pki_export(15, x509, "pfx", tr("PKCS #12"), F_PKCS12 | F_USUAL | F_CRYPT | F_PRIVATE | F_SINGLE, tr("The certificate and the private key as encrypted PKCS#12 file")), new pki_export(16, x509, "txt", tr("Certificate Index file"), F_INDEX | F_CA, tr("OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool")), new pki_export(17, x509, "ics", tr("vCalendar"), F_CAL, tr("vCalendar expiry reminder for the selected items")), new pki_export(18, x509, "ics", tr("CA vCalendar"), F_CAL | F_CA, tr("vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL")), new pki_export(19, asym_key, "pem", tr("PEM public"), F_PEM | F_CLIPBOARD, tr("Text format of the public key in one PEM file")), new pki_export(20, asym_key, "pem", tr("PEM private"), F_PEM | F_PRIVATE | F_USUAL | F_CLIPBOARD, tr("Unencrypted private key in text format")), new pki_export(21, asym_key, "pem", tr("PEM encrypted"), F_PEM | F_PRIVATE | F_CRYPT | F_SINGLE, tr("OpenSSL specific encrypted private key in text format")), new pki_export(22, asym_key, "priv",tr("SSH2 private"), F_PEM | F_PRIVATE | F_SSH2 | F_SINGLE, tr("Unencrypted private key in text format")), new pki_export(23, asym_key, "pub" ,tr("SSH2 public"), F_SSH2, tr("The public key encoded in SSH2 format")), new pki_export(24, asym_key, "der", tr("DER public"), F_DER | F_SINGLE, tr("Binary DER format of the public key")), new pki_export(25, asym_key, "der", tr("DER private"), F_DER | F_PRIVATE | F_SINGLE, tr("Unencrypted private key in binary DER format")), new pki_export(26, asym_key, "pvk", tr("PVK private"), F_PVK | F_PRIVATE | F_SINGLE, tr("Private key in Microsoft PVK format not encrypted")), new pki_export(27, asym_key, "pvk", tr("PVK encrypted"), F_PVK | F_PRIVATE | F_CRYPT | F_SINGLE, tr("Encrypted private key in Microsoft PVK format")), new pki_export(28, asym_key, "pk8", tr("PKCS #8 encrypted"), F_PKCS8 | F_PRIVATE | F_CRYPT | F_USUAL | F_SINGLE, tr("Encrypted private key in PKCS#8 text format")), new pki_export(29, asym_key, "pk8", tr("PKCS #8"), F_PKCS8 | F_PRIVATE | F_CLIPBOARD | F_SINGLE, tr("Unencrypted private key in PKCS#8 text format")), new pki_export(30, x509_req, "csr", "PEM", F_PEM, tr("PEM Text format with headers")), new pki_export(31, x509_req, "der", "DER", F_DER | F_SINGLE, tr("Binary DER format of the certificate request")), new pki_export(32, revocation, "crl", "PEM", F_PEM, tr("PEM Text format with headers")), new pki_export(33, revocation, "der", "DER", F_DER | F_SINGLE, tr("Binary DER format of the revocation list")), new pki_export(34, revocation, "ics", tr("vCalendar"), F_CAL, tr("vCalendar reminder for the CRL expiry date")), new pki_export(35, tmpl, "xca", "PEM", F_PEM | F_SINGLE, tr("XCA template in PEM-like format")), new pki_export(35, tmpl, "pem", "PEM", F_PEM | F_MULTI, tr("All selected XCA templates in PEM-like format")), }; xca-RELEASE.2.5.0/lib/pki_export.h000066400000000000000000000033661450407711300164650ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2021 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_EXPORT_H #define __PKI_EXPORT_H #include #include #include #include #define BIT(n) (1< select(enum pki_type, int); static const pki_export *by_id(int id); static void free_elements(); bool match_all(int match_flags) const; private: static QList elements; }; #endif xca-RELEASE.2.5.0/lib/pki_key.cpp000066400000000000000000000463061450407711300162700ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2009 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "pki_key.h" #include "pki_x509super.h" #include "func.h" #include "pkcs11.h" #include "pki_export.h" #include "XcaWarningCore.h" #include #include builtin_curves builtinCurves; keyjob keyjob::defaultjob; pki_key::pki_key(const QString &name) :pki_base(name) { key = EVP_PKEY_new(); key_size = 0; isPub = true; useCount = -1; } pki_key::pki_key(const pki_key *pk) :pki_base(pk) { if (pk->key) { QByteArray ba = i2d_bytearray(I2D_VOID(i2d_PUBKEY), pk->key); key = NULL; d2i(ba); sqlItemId = pk->sqlItemId; } else { key = EVP_PKEY_new(); } key_size = pk->key_size; useCount = -1; } pki_key::~pki_key() { if (key) EVP_PKEY_free(key); } void pki_key::autoIntName(const QString &file) { pki_base::autoIntName(file); if (!getIntName().isEmpty()) return; setIntName(QString("%1 %2%3").arg(length(), getTypeString(), isPubKey() ? QString(" ") + tr("Public key") : QString())); } void pki_key::d2i(QByteArray &ba) { EVP_PKEY *k = (EVP_PKEY*)d2i_bytearray(D2I_VOID(d2i_PUBKEY), ba); pki_openssl_error(); if (k) { if (key) EVP_PKEY_free(key); key = k; } } void pki_key::d2i_old(QByteArray &ba, int type) { const unsigned char *p, *p1; p = p1 = (const unsigned char *)ba.constData(); EVP_PKEY *k = d2i_PublicKey(type, NULL, &p1, ba.size()); pki_openssl_error(); if (k) { if (key) EVP_PKEY_free(key); key = k; } ba = ba.mid(p1-p); } QByteArray pki_key::i2d() const { return i2d_bytearray(I2D_VOID(i2d_PUBKEY), key); } void pki_key::write_SSH2_ed25519_private(BIO *b, const EVP_PKEY *pkey, const EVP_CIPHER *enc) const { (void)enc; #ifndef OPENSSL_NO_EC static const char data0001[] = { 0, 0, 0, 1}; char buf_nonce[8]; QByteArray data, priv, pubfull; pubfull = SSH2publicQByteArray(true); RAND_bytes((unsigned char*)buf_nonce, sizeof buf_nonce); priv.append(buf_nonce, sizeof buf_nonce); priv += pubfull; ssh_key_QBA2data(ed25519PrivKey(pkey) + ed25519PubKey(), &priv); data = "openssh-key-v1"; data.append('\0'); ssh_key_QBA2data("none", &data); // enc-alg ssh_key_QBA2data("none", &data); // KDF name ssh_key_QBA2data("", &data); // KDF data data.append(data0001, sizeof data0001); ssh_key_QBA2data(pubfull, &data); ssh_key_QBA2data(priv, &data); PEM_write_bio(b, PEM_STRING_OPENSSH_KEY, (char*)"", (unsigned char*)(data.data()), data.size()); pki_openssl_error(); #else (void)b; (void)pkey; #endif } bool pki_key::pem(BioByteArray &b) { const pki_export *xport = pki_export::by_id(Settings["KeyFormat"]); if (xport->match_all(F_PRIVATE)) return false; if (xport->match_all(F_SSH2)) b += SSH2publicQByteArray(); else if (xport->match_all(F_PEM)) PEM_write_bio_PUBKEY(b, key); return true; } void pki_key::writeSSH2private(XFile &file, pem_password_cb *cb) const { (void)cb; // pass_info p(XCA_TITLE, tr("Please enter the password protecting the SSH2 private key '%1'").arg(getIntName())); EVP_PKEY *pkey = decryptKey(); if (!pkey) { pki_openssl_error(); return; } BioByteArray b; write_SSH2_ed25519_private(b, pkey, NULL); file.write(b); } QString pki_key::length() const { bool dsa_unset = false; if (EVP_PKEY_id(key) == EVP_PKEY_DSA) { const BIGNUM *p = NULL; const DSA *dsa = EVP_PKEY_get0_DSA(key); if (dsa) DSA_get0_pqg(dsa, &p, NULL, NULL); dsa_unset = p == NULL; } if (dsa_unset) return QString("???"); return QString("%1 bit").arg(EVP_PKEY_bits(key)); } /* getKeyTypeString() returns RSA * getTypeString() returns RSA or "Token RSA" for tokens */ QString pki_key::getKeyTypeString() const { return keytype::byPKEY(key).name; } QString pki_key::getTypeString() const { return getKeyTypeString(); } QString pki_key::getMsg(msg_type msg) const { /* * We do not construct english sentences (just a little bit) * from fragments to allow proper translations. * The drawback are all the slightly different duplicated messages * * %1 will be replaced by "RSA", "DSA", "EC" * %2 is the internal name of the key */ QString ktype = getTypeString(); if (isPubKey()) { switch (msg) { case msg_import: return tr("Successfully imported the %1 public key '%2'").arg(ktype); case msg_delete: return tr("Delete the %1 public key '%2'?").arg(ktype); default: break; } } else { switch (msg) { case msg_import: return tr("Successfully imported the %1 private key '%2'").arg(ktype); case msg_delete: return tr("Delete the %1 private key '%2'?").arg(ktype); case msg_create: return tr("Successfully created the %1 private key '%2'").arg(ktype); default: break; } } if (msg == msg_delete_multi) { /* %1: Number of keys; %2: list of keynames */ return tr("Delete the %1 keys: %2?"); } return pki_base::getMsg(msg); } QString pki_key::comboText() const { return QString("%1 (%2:%3%4)").arg(getIntName()).arg(getTypeString()). arg(length()).arg(isPubKey() ? QString(" ") + tr("Public key") : QString("")); } bool pki_key::isToken() { return false; } bool pki_key::isPrivKey() const { return !isPubKey(); } int pki_key::getUcount() const { XSqlQuery q; if (useCount != -1) return useCount; int size = -1; SQL_PREPARE(q, "SELECT COUNT(*) FROM x509super WHERE pkey=?"); q.bindValue(0, sqlItemId); q.exec(); if (q.first()) size = q.value(0).toInt(); else qDebug("Failed to get key count for %s", CCHAR(getIntName())); XCA_SQLERROR(q.lastError()); useCount = size; return size; } int pki_key::getKeyType() const { return EVP_PKEY_id(key); } QString pki_key::modulus() const { if (getKeyType() == EVP_PKEY_RSA) { const BIGNUM *n = NULL; const RSA *rsa = EVP_PKEY_get0_RSA(key); RSA_get0_key(rsa, &n, NULL, NULL); return BN2QString(n); } return QString(); } QString pki_key::pubEx() const { if (getKeyType() == EVP_PKEY_RSA) { const BIGNUM *e = NULL; const RSA *rsa = EVP_PKEY_get0_RSA(key); RSA_get0_key(rsa, NULL, &e, NULL); return BN2QString(e); } return QString(); } QString pki_key::subprime() const { if (getKeyType() == EVP_PKEY_DSA) { const BIGNUM *q = NULL; const DSA *dsa = EVP_PKEY_get0_DSA(key); if (dsa) DSA_get0_pqg(dsa, NULL, &q, NULL); return BN2QString(q); } return QString(); } QString pki_key::pubkey() const { if (getKeyType() == EVP_PKEY_DSA) { const BIGNUM *pubkey = NULL; const DSA *dsa = EVP_PKEY_get0_DSA(key); if (dsa) DSA_get0_key(dsa, &pubkey, NULL); return BN2QString(pubkey); } return QString(); } #ifndef OPENSSL_NO_EC int pki_key::ecParamNid() const { const EC_KEY *ec; if (getKeyType() != EVP_PKEY_EC) return NID_undef; ec = EVP_PKEY_get0_EC_KEY(key); return EC_GROUP_get_curve_name(EC_KEY_get0_group(ec)); } BIGNUM *pki_key::ecPubKeyBN() const { if (getKeyType() != EVP_PKEY_EC) return NULL; const EC_KEY *ec = EVP_PKEY_get0_EC_KEY(key); return EC_POINT_point2bn(EC_KEY_get0_group(ec), EC_KEY_get0_public_key(ec), EC_KEY_get_conv_form(ec), NULL, NULL); } QString pki_key::ecPubKey() const { QString pub; BIGNUM *pub_key = ecPubKeyBN(); if (pub_key) { pub = BN2QString(pub_key); BN_free(pub_key); } return pub; } #ifdef EVP_PKEY_ED25519 static QByteArray ed25519Key(int(*EVP_PKEY_get_raw) (const EVP_PKEY*, unsigned char *, size_t *), const EVP_PKEY *pkey) { unsigned char k[ED25519_KEYLEN]; size_t len = sizeof k; if (EVP_PKEY_id(pkey) == EVP_PKEY_ED25519 && EVP_PKEY_get_raw(pkey, k, &len)) return QByteArray((char*)k, len); return QByteArray(); } QByteArray pki_key::ed25519PubKey() const { return ed25519Key(EVP_PKEY_get_raw_public_key, key); } QByteArray pki_key::ed25519PrivKey(const EVP_PKEY *pkey) const { return ed25519Key(EVP_PKEY_get_raw_private_key, pkey); } #else QByteArray pki_key::ed25519PubKey() const { return QByteArray(); } QByteArray pki_key::ed25519PrivKey(const EVP_PKEY *) const { return QByteArray(); } #endif #endif QList pki_key::possibleHashNids() { QList nids; switch (EVP_PKEY_type(getKeyType())) { case EVP_PKEY_RSA: nids << NID_md5 << NID_sha1 << NID_sha224 << NID_sha256 << NID_sha384 << NID_sha512 << NID_ripemd160; break; case EVP_PKEY_DSA: nids << NID_sha1 << NID_sha256; break; case EVP_PKEY_EC: nids << NID_sha1 << NID_sha224 << NID_sha256 << NID_sha384 << NID_sha512; break; } return nids; }; bool pki_key::compare(const pki_base *ref) const { const pki_key *kref = (pki_key *)ref; if (kref->getKeyType() != getKeyType()) return false; if (!kref || !kref->key || !key) return false; int r = EVP_PKEY_cmp(key, kref->key); pki_openssl_error(); return r == 1; } void pki_key::writePublic(XFile &file, bool pem) const { BioByteArray b; if (pem) { b += PEM_comment(); PEM_write_bio_PUBKEY(b, key); } else { i2d_PUBKEY_bio(b, key); } pki_openssl_error(); file.write(b); } QString pki_key::BNoneLine(BIGNUM *bn) const { QString x; if (bn) { char *hex = BN_bn2hex(bn); x = hex; OPENSSL_free(hex); pki_openssl_error(); } return x; } QString pki_key::BN2QString(const BIGNUM *bn) const { if (bn == NULL) return "--"; QString x=""; char zs[10]; int j, size = BN_num_bytes(bn); unsigned char *buf = (unsigned char *)OPENSSL_malloc(size); Q_CHECK_PTR(buf); BN_bn2bin(bn, buf); for (j = 0; j< size; j++) { snprintf(zs, sizeof zs, "%02X%c",buf[j], ((j+1)%16 == 0) ? '\n' : jid) { case HD_key_type: return QVariant(getTypeString()); case HD_key_size: return QVariant(length()); case HD_key_use: return QVariant(getUcount()); case HD_key_passwd: if (isPubKey()) return QVariant(tr("No password")); if (ownPass<0 || ownPass>3) return QVariant("Holla die Waldfee"); return QVariant(sl[ownPass]); case HD_key_curve: QString r; #ifndef OPENSSL_NO_EC if (getKeyType() == EVP_PKEY_EC) r = OBJ_nid2sn(ecParamNid()); #endif return QVariant(r); } return pki_base::column_data(hd); } QSqlError pki_key::insertSqlData() { unsigned myhash = hash(); XSqlQuery q; QList list; SQL_PREPARE(q, "SELECT item FROM x509super WHERE key_hash=? AND " "pkey IS NULL"); q.bindValue(0, myhash); q.exec(); if (q.lastError().isValid()) return q.lastError(); while (q.next()) { pki_x509super *x; x = Store.lookupPki(q.value(0)); if (!x) { qDebug("X509 Super class with id %d not found", q.value(0).toInt()); continue; } if (x->compareRefKey(this)) { x->setRefKey(this); list << x; } } q.finish(); SQL_PREPARE(q, "UPDATE x509super SET pkey=? WHERE item=?"); q.bindValue(0, sqlItemId); foreach(pki_x509super* x, list) { q.bindValue(1, x->getSqlItemId()); q.exec(); AffectedItems(x->getSqlItemId()); if (q.lastError().isValid()) return q.lastError(); } q.finish(); SQL_PREPARE(q, "INSERT INTO public_keys (item, type, hash, len, \"public\") " "VALUES (?, ?, ?, ?, ?)"); q.bindValue(0, sqlItemId); q.bindValue(1, getKeyTypeString().left(4)); q.bindValue(2, myhash); q.bindValue(3, EVP_PKEY_bits(key)); q.bindValue(4, i2d_b64()); q.exec(); return q.lastError(); } void pki_key::restoreSql(const QSqlRecord &rec) { pki_base::restoreSql(rec); QByteArray ba = QByteArray::fromBase64( rec.value(VIEW_public_keys_public).toByteArray()); d2i(ba); key_size = rec.value(VIEW_public_keys_len).toInt(); } QSqlError pki_key::deleteSqlData() { XSqlQuery q; QSqlError e; SQL_PREPARE(q, "DELETE FROM public_keys WHERE item=?"); q.bindValue(0, sqlItemId); q.exec(); e = q.lastError(); if (e.isValid()) return e; SQL_PREPARE(q, "UPDATE x509super SET pkey=NULL WHERE pkey=?"); q.bindValue(0, sqlItemId); AffectedItems(sqlItemId); q.exec(); return q.lastError(); } void pki_key::ssh_key_check_chunk(QByteArray *ba, const char *expect) const { QByteArray chunk = ssh_key_next_chunk(ba); if (chunk != expect) throw errorEx(tr("Unexpected SSH2 content: '%1'") .arg(QString(chunk))); } BIGNUM *pki_key::ssh_key_data2bn(QByteArray *ba) const { QByteArray chunk = ssh_key_next_chunk(ba); BIGNUM *bn = BN_bin2bn((const unsigned char *)chunk.constData(), chunk.size(), NULL); Q_CHECK_PTR(bn); return bn; } QByteArray pki_key::ssh_key_next_chunk(QByteArray *ba) const { QByteArray chunk; const char *d; int len; if (!ba || ba->size() < 4) throw errorEx(tr("Invalid SSH2 public key")); d = ba->constData(); len = (d[0] << 24) + (d[1] << 16) + (d[2] << 8) + d[3]; if (ba->size() < len + 4) throw errorEx(tr("Invalid SSH2 public key")); chunk = ba->mid(4, len); ba->remove(0, len +4); return chunk; } EVP_PKEY *pki_key::load_ssh2_key(const QByteArray &b) { /* See RFC 4253 Section 6.6 */ QStringList sl; EVP_PKEY *pk = NULL; QByteArray ba(b); #if (QT_VERSION >= QT_VERSION_CHECK(5, 14, 0)) sl = QString(ba).split(" ", Qt::SkipEmptyParts); #else sl = QString(ba).split(" ", QString::SkipEmptyParts); #endif if (sl.size() < 2) return NULL; ba = QByteArray::fromBase64(sl[1].toLatin1()); if (sl[0].startsWith("ssh-rsa")) { ssh_key_check_chunk(&ba, "ssh-rsa"); BIGNUM *e = ssh_key_data2bn(&ba); BIGNUM *n = ssh_key_data2bn(&ba); RSA *rsa = RSA_new(); Q_CHECK_PTR(rsa); RSA_set0_key(rsa, n, e, NULL); pk = EVP_PKEY_new(); Q_CHECK_PTR(pk); EVP_PKEY_assign_RSA(pk, rsa); } else if (sl[0].startsWith("ssh-dss")) { ssh_key_check_chunk(&ba, "ssh-dss"); BIGNUM *p = ssh_key_data2bn(&ba); BIGNUM *q = ssh_key_data2bn(&ba); BIGNUM *g = ssh_key_data2bn(&ba); BIGNUM *pubkey = ssh_key_data2bn(&ba); DSA *dsa = DSA_new(); Q_CHECK_PTR(dsa); DSA_set0_pqg(dsa, p, q, g); DSA_set0_key(dsa, pubkey, NULL); pk = EVP_PKEY_new(); Q_CHECK_PTR(pk); EVP_PKEY_assign_DSA(pk, dsa); #ifndef OPENSSL_NO_EC } else if (sl[0].startsWith("ecdsa-sha2-nistp256")) { EC_KEY *ec; /* Skip "ecdsa-sha2..." */ ssh_key_check_chunk(&ba, "ecdsa-sha2-nistp256"); ssh_key_check_chunk(&ba, "nistp256"); BIGNUM *bn = ssh_key_data2bn(&ba); ec = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); Q_CHECK_PTR(ec); EC_KEY_set_asn1_flag(ec, OPENSSL_EC_NAMED_CURVE); EC_KEY_set_public_key(ec, EC_POINT_bn2point( EC_KEY_get0_group(ec), bn, NULL, NULL)); BN_free(bn); pki_openssl_error(); pk = EVP_PKEY_new(); Q_CHECK_PTR(pk); EVP_PKEY_assign_EC_KEY(pk, ec); #ifdef EVP_PKEY_ED25519 } else if (sl[0].startsWith("ssh-ed25519")) { ssh_key_check_chunk(&ba, "ssh-ed25519"); QByteArray pub = ssh_key_next_chunk(&ba); pk = EVP_PKEY_new_raw_public_key(EVP_PKEY_ED25519, NULL, (const unsigned char *)pub.constData(), pub.size()); pki_openssl_error(); #endif #endif } else { throw errorEx(tr("Unexpected SSH2 content: '%1'").arg(sl[0])); } if (sl.size() > 2 && pk) setComment(sl[2].section('\n', 0, 0)); return pk; } void pki_key::ssh_key_QBA2data(const QByteArray &ba, QByteArray *data) const { int size = ba.size(); unsigned char p[4]; p[0] = (size >> 24) & 0xff; p[1] = (size >> 16) & 0xff; p[2] = (size >> 8) & 0xff; p[3] = size & 0xff; data->append((char*)p, sizeof p); data->append(ba); } void pki_key::ssh_key_bn2data(const BIGNUM *bn, QByteArray *data) const { QByteArray big; big.resize(BN_num_bytes(bn)); BN_bn2bin(bn, (unsigned char *)big.data()); pki_openssl_error(); if ((unsigned char)big[0] >= 0x80) big.prepend('\0'); ssh_key_QBA2data(big, data); } bool pki_key::SSH2_compatible() const { switch (getKeyType()) { #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: return ecParamNid() == NID_X9_62_prime256v1; #ifdef EVP_PKEY_ED25519 case EVP_PKEY_ED25519: #endif #endif case EVP_PKEY_RSA: case EVP_PKEY_DSA: return true; } return false; } QByteArray pki_key::SSH2publicQByteArray(bool raw) const { QByteArray txt, data; switch (getKeyType()) { case EVP_PKEY_RSA: txt = "ssh-rsa"; ssh_key_QBA2data(txt, &data); { const RSA *rsa = EVP_PKEY_get0_RSA(key); const BIGNUM *n, *e; RSA_get0_key(rsa, &n, &e, NULL); ssh_key_bn2data(e, &data); ssh_key_bn2data(n, &data); } break; case EVP_PKEY_DSA: txt = "ssh-dss"; ssh_key_QBA2data(txt, &data); { const DSA *dsa = EVP_PKEY_get0_DSA(key); const BIGNUM *p, *q, *g, *pubkey; DSA_get0_pqg(dsa, &p, &q, &g); DSA_get0_key(dsa, &pubkey, NULL); ssh_key_bn2data(p, &data); ssh_key_bn2data(q, &data); ssh_key_bn2data(g, &data); ssh_key_bn2data(pubkey, &data); } break; #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: if (ecParamNid() != NID_X9_62_prime256v1) return QByteArray(); txt = "ecdsa-sha2-nistp256"; ssh_key_QBA2data(txt, &data); ssh_key_QBA2data("nistp256", &data); { BIGNUM *bn = ecPubKeyBN(); ssh_key_bn2data(bn, &data); BN_free(bn); } pki_openssl_error(); break; #ifdef EVP_PKEY_ED25519 case EVP_PKEY_ED25519: txt = "ssh-ed25519"; ssh_key_QBA2data(txt, &data); ssh_key_QBA2data(ed25519PubKey(), &data); break; #endif #endif default: return QByteArray(); } if (raw) return data; txt += " " + data.toBase64(); QString comm = comment.section('\n', 0, 0).simplified(); if (comm.size() > 0) txt += " " + comm.toUtf8(); return txt + "\n"; } void pki_key::writeSSH2public(XFile &file) const { QByteArray txt = SSH2publicQByteArray(); if (file.write(txt) != txt.size()) throw errorEx(tr("Failed writing to %1").arg(file.fileName())); } bool pki_key::verify(EVP_PKEY *pkey) const { EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new(pkey, NULL); Q_CHECK_PTR(ctx); int verify = EVP_PKEY_public_check(ctx); EVP_PKEY_CTX_free(ctx); if (verify == -2) { // Operation not supported assume true pki_ign_openssl_error(); } pki_openssl_error(); return verify != 0; } QString pki_key::fingerprint(const QString &format) const { const EVP_MD *md; QByteArray data; QStringList sl = format.toLower().split(" "); if (sl.size() < 2) return QString("Invalid format: %1").arg(format); if (sl[0] == "ssh") data = SSH2publicQByteArray(true); else if (sl[0] == "x509") data = X509_PUBKEY_public_key(); else if (sl[0] == "der") data = i2d_bytearray(I2D_VOID(i2d_PUBKEY), key); else return QString("Invalid format: %1").arg(sl[0]); md = EVP_get_digestbyname(CCHAR(sl[1])); if (!md) return QString("Invalid hash: %1").arg(sl[1]); if (sl.size() > 2 && sl[2] == "b64") { QString s(Digest(data, md).toBase64()); s.chop(1); return s; } return ::fingerprint(data, md); } QByteArray pki_key::X509_PUBKEY_public_key() const { X509_PUBKEY *pk = NULL; const unsigned char *p; int len; X509_PUBKEY_set(&pk, key); X509_PUBKEY_get0_param(NULL, &p, &len, NULL, pk); QByteArray data((const char*)p, len); X509_PUBKEY_free(pk); return data; } QByteArray pki_key::PEM_comment() const { if (!pem_comment) return QByteArray(); return pki_base::PEM_comment() + QString("%1 %2\n").arg(length(), getTypeString()).toUtf8(); } void pki_key::collect_properties(QMap &prp) const { QStringList sl; sl << getTypeString() << length(); if (isPubKey()) sl << tr("Public key"); #ifndef OPENSSL_NO_EC if (getKeyType() == EVP_PKEY_EC) sl << QString(OBJ_nid2ln(ecParamNid())); #endif prp["Key"] = sl.join(" "); pki_base::collect_properties(prp); } void pki_key::print(BioByteArray &bba, enum print_opt opt) const { pki_base::print(bba, opt); switch (opt) { case print_openssl_txt: EVP_PKEY_print_public(bba, key, 0, NULL); break; case print_pem: PEM_write_bio_PUBKEY(bba, key); break; case print_coloured: break; } } xca-RELEASE.2.5.0/lib/pki_key.h000066400000000000000000000137531450407711300157350ustar00rootroot00000000000000/* * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_KEY_H #define __PKI_KEY_H #include #include #include #include #include #include "pki_base.h" //#include "pki_export.h" #include "builtin_curves.h" #define PEM_STRING_OPENSSH_KEY "OPENSSH PRIVATE KEY" #define DEFAULT_KEY_LENGTH 2048 #define ED25519_KEYLEN 32 #define VIEW_public_keys_type 6 #define VIEW_public_keys_len 7 #define VIEW_public_keys_public 8 extern builtin_curves builtinCurves; class keytype { public: static QList types() { return QList { keytype(EVP_PKEY_RSA, "RSA", CKM_RSA_PKCS_KEY_PAIR_GEN, false, true), keytype(EVP_PKEY_DSA, "DSA", CKM_DSA_KEY_PAIR_GEN, false, true), #ifndef OPENSSL_NO_EC keytype(EVP_PKEY_EC, "EC", CKM_EC_KEY_PAIR_GEN, true, false), #ifdef EVP_PKEY_ED25519 keytype(EVP_PKEY_ED25519, "ED25519", CKM_VENDOR_DEFINED, false, false), #endif #endif }; } int type; QString name; CK_MECHANISM_TYPE mech; bool curve, length; keytype(int t, const QString &n, CK_MECHANISM_TYPE m, bool c, bool l) : type(t), name(n), mech(m), curve(c), length(l) { } keytype() : type(-1), name(QString()), mech(0), curve(false), length(true) { } bool isValid() { return type != -1; } QString traditionalPemName() const { return name + " PRIVATE KEY"; } static const keytype byType(int type) { foreach(const keytype t, types()) { if (t.type == type) return t; } return keytype(); } static const keytype byMech(CK_MECHANISM_TYPE mech) { foreach(const keytype t, types()) { if (t.mech == mech) return t; } return keytype(); } static const keytype byName(const QString &name) { foreach(const keytype t, types()) { if (t.name == name.toUpper()) return t; } return keytype(); } static const keytype byPKEY(EVP_PKEY *pkey) { return byType(EVP_PKEY_type(EVP_PKEY_id(pkey))); } }; class keyjob { public: static keyjob defaultjob; keytype ktype; int size; int ec_nid; slotid slot; keyjob() { size = DEFAULT_KEY_LENGTH; ktype = keytype::byName("RSA"); ec_nid = NID_undef; slot = slotid(); } keyjob(const QString &desc) { QStringList sl = desc.split(':'); if (sl.size() == 1) sl += ""; if (sl.size() != 2) return; ktype = keytype::byName(sl[0]); size = DEFAULT_KEY_LENGTH; ec_nid = NID_undef; if (isEC()) ec_nid = OBJ_txt2nid(sl[1].toLatin1()); else if (!isED25519()) size = sl[1].toInt(); slot = slotid(); } QString toString() { if (isED25519()) return ktype.name; return QString("%1:%2").arg(ktype.name) .arg(isEC() ? OBJ_obj2QString(OBJ_nid2obj(ec_nid)) : QString::number(size)); } bool isToken() const { return slot.lib != NULL; } bool isEC() const { return ktype.type == EVP_PKEY_EC; } bool isED25519() const { #ifdef EVP_PKEY_ED25519 return ktype.type == EVP_PKEY_ED25519; #else return false; #endif } bool isValid() { if (!ktype.isValid()) return false; if (isED25519()) return true; if (isEC() && builtinCurves.containNid(ec_nid)) return true; if (!isEC() && size > 0) return true; return false; } }; class pki_key: public pki_base { Q_OBJECT friend class pki_x509super; public: enum passType { ptCommon, ptPrivate, ptBogus, ptPin }; protected: enum passType ownPass; int key_size; bool isPub; EVP_PKEY *key; QString BN2QString(const BIGNUM *bn) const; QString BNoneLine(BIGNUM *bn) const; QByteArray SSH2publicQByteArray(bool raw=false) const; QByteArray X509_PUBKEY_public_key() const; QByteArray PEM_comment() const; void collect_properties(QMap &prp) const; BIGNUM *ssh_key_data2bn(QByteArray *ba) const; void ssh_key_check_chunk(QByteArray *ba, const char *expect) const; QByteArray ssh_key_next_chunk(QByteArray *ba) const; void ssh_key_QBA2data(const QByteArray &ba, QByteArray *data) const; void ssh_key_bn2data(const BIGNUM *bn, QByteArray *data) const; private: mutable int useCount; // usage counter public: pki_key(const QString &name = QString()); pki_key(const pki_key *pk); virtual ~pki_key(); void autoIntName(const QString &file); QString length() const; QString comboText() const; QString getKeyTypeString(void) const; virtual EVP_PKEY *decryptKey() const = 0; virtual bool isToken(); virtual QString getTypeString(void) const; virtual QList possibleHashNids(); QString getMsg(msg_type msg) const; void writePublic(XFile &file, bool pem) const; bool compare(const pki_base *ref) const; int getKeyType() const; bool isPrivKey() const; virtual bool verify(EVP_PKEY *pkey) const; int getUcount() const; void setUcount(int c) { useCount = c; } enum passType getOwnPass(void) { return ownPass; } EVP_PKEY *getPubKey() { return key; } bool isPubKey() const { return isPub; } virtual void generate(const keyjob &) { qFatal("generate in pki_key"); } bool pem(BioByteArray &); QVariant column_data(const dbheader *hd) const; QString modulus() const; QString pubEx() const; QString subprime() const; QString pubkey() const; #ifndef OPENSSL_NO_EC int ecParamNid() const; QString ecPubKey() const; QByteArray ed25519PubKey() const; QByteArray ed25519PrivKey(const EVP_PKEY *pkey) const; BIGNUM *ecPubKeyBN() const; #endif void d2i(QByteArray &ba); void d2i_old(QByteArray &ba, int type); QByteArray i2d() const; EVP_PKEY *load_ssh2_key(const QByteArray &ba); void writeSSH2public(XFile &file) const; void writeSSH2private(XFile &file, pem_password_cb *cb) const; QString fingerprint(const QString &format) const; bool SSH2_compatible() const; void write_SSH2_ed25519_private(BIO *b, const EVP_PKEY *pkey, const EVP_CIPHER *enc) const; void print(BioByteArray &b, enum print_opt opt) const; void resetUcount() { useCount = -1; } QSqlError insertSqlData(); QSqlError deleteSqlData(); void restoreSql(const QSqlRecord &rec); }; Q_DECLARE_METATYPE(pki_key *); #endif xca-RELEASE.2.5.0/lib/pki_lookup.h000066400000000000000000000045321450407711300164510ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_LOOKUP_H #define __PKI_LOOKUP_H #include #include #include #include #include #include "XcaWarningCore.h" #include "base.h" #include "sql.h" class pki_base; class pki_lookup { private: QHash lookup; pki_base *get(quint64 id) const { if (id > 0 && !lookup.keys().contains(id)) qCritical("pki_lookup: ID %u not found", (unsigned)id); return lookup[id]; } public: ~pki_lookup() { flush(); } void add(QVariant id, pki_base *pki) { add(id.toULongLong(), pki); } void remove(QVariant id) { lookup.remove(id.toULongLong()); } void add(quint64 id, pki_base *pki) { if (id == 0) qCritical("pki_lookup: ID 0 not permitted"); if (!pki) qCritical("pki_lookup: Refusing to add NULL item " "with ID %u", (unsigned)id); if (lookup.keys().contains(id)) qCritical("pki_lookup: ID %u in use", (unsigned)id); lookup[id] = pki; } XSqlQuery sqlSELECTpki(QString query, QList values = QList()) { XSqlQuery q; int i, num_values = values.size(); SQL_PREPARE(q, query); for (i = 0; i < num_values; i++) q.bindValue(i, values[i]); q.exec(); XCA_SQLERROR(q.lastError()); return q; } template QList sqlSELECTpki(QString query, QList values = QList()) { XSqlQuery q = sqlSELECTpki(query, values); QList x; while (q.next()) { T *pki = lookupPki(q.value(0)); if (pki) x << pki; } return x; } template T *lookupPki(QVariant v) const { quint64 id = v.toULongLong(); if (id == 0) return NULL; T *pki = dynamic_cast(get(id)); if (pki) return pki; pki_base *p = get(id); qCritical() << QString("Invalid Type of ItemId(%1) %2 %3. Expected %4.") .arg(id).arg(typeid(p).name()) .arg("") //p ? p->getIntName() : "") .arg(typeid(T*).name()); return NULL; } template QList getAll() const { QList result; foreach(pki_base *pki, lookup.values()) { T *p = dynamic_cast(pki); if (p) result << p; } return result; } pki_base *operator[](quint64 id) const { return get(id); } void flush() { qDeleteAll(lookup); lookup.clear(); } }; #endif xca-RELEASE.2.5.0/lib/pki_multi.cpp000066400000000000000000000100041450407711300166140ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "pki_multi.h" #include "pki_x509.h" #include "pki_key.h" #include "pki_x509req.h" #include "pki_pkcs7.h" #include "pki_pkcs12.h" #include "pki_crl.h" #include "pki_temp.h" #include "pki_evp.h" #include "load_obj.h" #include "exception.h" #include "func.h" #include "xfile.h" #include "XcaWarningCore.h" #include pki_multi::pki_multi(const QString &name) :pki_base(name) { multi.clear(); failed_files.clear(); } pki_multi::~pki_multi() { foreach(pki_base *pki, multi) { if (pki->getSqlItemId().toInt() == 0) delete pki; } } void pki_multi::append_item(pki_base *pki) { pki_multi *m = dynamic_cast(pki); if (m) multi += m->multi; else multi << pki; } #define D5 "-----" #define BEGIN D5 "BEGIN " /* General PEM loader */ static pki_base *pkiByPEM(QString text, int *skip) { int pos = text.indexOf(BEGIN); if (skip) *skip = pos; if (pos < 0) return NULL; text = text.remove(0, pos + sizeof(BEGIN)-1); if (text.startsWith(PEM_STRING_X509_OLD D5) || text.startsWith(PEM_STRING_X509 D5) || text.startsWith(PEM_STRING_X509_TRUSTED D5)) return new pki_x509(); if (text.startsWith(PEM_STRING_PKCS7 D5)) return new pki_pkcs7(); if (text.startsWith(PEM_STRING_X509_REQ_OLD D5) || text.startsWith(PEM_STRING_X509_REQ D5)) return new pki_x509req(); if (text.startsWith(PEM_STRING_X509_CRL D5)) return new pki_crl(); if (text.startsWith(PEM_STRING_XCA_TEMPLATE D5)) return new pki_temp(); if (text.startsWith(PEM_STRING_EVP_PKEY D5) || text.startsWith(PEM_STRING_PUBLIC D5) || text.startsWith(PEM_STRING_RSA D5) || text.startsWith(PEM_STRING_RSA_PUBLIC D5) || text.startsWith(PEM_STRING_DSA D5) || text.startsWith(PEM_STRING_DSA_PUBLIC D5) || text.startsWith(PEM_STRING_ECDSA_PUBLIC D5) || text.startsWith(PEM_STRING_ECPRIVATEKEY D5) || text.startsWith(PEM_STRING_PKCS8 D5) || text.startsWith(PEM_STRING_PKCS8INF D5) || text.startsWith(PEM_STRING_OPENSSH_KEY D5)) return new pki_evp(); return NULL; } void pki_multi::fload(const QString &fname) { XFile file(fname); QByteArray ba; file.open_read(); ba = file.readAll(); fromPEMbyteArray(ba, fname); }; void pki_multi::fromPEMbyteArray(const QByteArray &_ba, const QString &name) { pki_base *item = NULL; int startpos, old_count = multi.size(); QByteArray ba = _ba; for (;;) { try { item = pkiByPEM(QString::fromLatin1(ba), &startpos); if (!item) break; ba.remove(0, startpos); item->fromPEMbyteArray(ba, name); item->pkiSource = imported; openssl_error(); append_item(item); } catch (errorEx &err) { XCA_ERROR(err); delete item; item = NULL; } ba.remove(0, sizeof BEGIN -1); } if (multi.size() == old_count) throw errorEx(tr("No known PEM encoded items found")); } void pki_multi::probeAnything(const QString &fname) { pki_base *item = NULL; load_base *lb; QList lbs; int old_count = multi.size(); /* Check for file accessibility to report * a reasonable error early thrown by file.open_read() */ XFile file(fname); file.open_read(); file.close(); lbs << new load_pem() << new load_cert() << new load_pkcs7() << new load_pkcs12() << new load_crl() << new load_req() << new load_key() << new load_temp(); foreach(lb, lbs) { try { item = lb->loadItem(fname); if (item) { append_item(item); break; } } catch (errorEx &) { continue; } catch (enum open_result r) { if (r == pw_cancel) break; } } if (multi.count() == old_count && !fname.isEmpty()) failed_files << fname; qDeleteAll(lbs); } void pki_multi::print(BioByteArray &bba, enum print_opt opt) const { pki_base::print(bba, opt); foreach(pki_base *pki, multi) pki->print(bba, opt); } void pki_multi::collect_properties(QMap &prp) const { } QList pki_multi::pull() { QList temp = multi; multi.clear(); return temp; } QList pki_multi::get() const { return multi; } xca-RELEASE.2.5.0/lib/pki_multi.h000066400000000000000000000013471450407711300162730ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_MULTI_H #define __PKI_MULTI_H #include #include "pki_base.h" class pki_multi: public pki_base { Q_OBJECT protected: QList multi; public: pki_multi(const QString &name = ""); ~pki_multi(); QStringList failed_files; void fromPEMbyteArray(const QByteArray &, const QString &); void fload(const QString &fname); void probeAnything(const QString &fname); void append_item(pki_base *pki); void print(BioByteArray &b, enum print_opt opt) const; void collect_properties(QMap &prp) const; QList pull(); QList get() const; }; #endif xca-RELEASE.2.5.0/lib/pki_pkcs12.cpp000066400000000000000000000121651450407711300165770ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "pki_pkcs12.h" #include "pki_evp.h" #include "pki_x509.h" #include "pass_info.h" #include "exception.h" #include "func.h" #include "PwDialogCore.h" #include "XcaWarningCore.h" #include #include #include #include pki_pkcs12::pki_pkcs12(const QString &d, pki_x509 *acert, pki_key *akey) :pki_multi(d), cert(acert), key(akey) { append_item(key); append_item(cert); } pki_pkcs12::pki_pkcs12(const QString &fname) :pki_multi(fname) { Passwd pass; EVP_PKEY *mykey = NULL; X509 *mycert = NULL; key = NULL; cert = NULL; pass_info p(XCA_TITLE, tr("Please enter the password to decrypt the PKCS#12 file:\n%1").arg(compressFilename(fname))); const X509_ALGOR *macalgid = NULL; const ASN1_INTEGER *maciter = NULL; const ASN1_OBJECT *macobj = NULL; setFilename(fname); XFile file(fname); file.open_read(); BioByteArray b(file.readAll()); PKCS12 *pkcs12 = d2i_PKCS12_bio(b.ro(), NULL); if (pki_ign_openssl_error()) { if (pkcs12) PKCS12_free(pkcs12); throw errorEx(tr("Unable to load the PKCS#12 (pfx) file %1.") .arg(fname)); } PKCS12_get0_mac(NULL, &macalgid, NULL, &maciter, pkcs12); if (macalgid) X509_ALGOR_get0(&macobj, NULL, NULL, macalgid); if (macobj) { algorithm = OBJ_obj2QString(macobj); if (maciter) algorithm += QString(", iteration %1").arg(a1int(maciter).toDec()); } while (!PKCS12_verify_mac(pkcs12, pass.constData(), pass.size())) { if (pass.size() > 0) XCA_PASSWD_ERROR(); enum open_result result = PwDialogCore::execute(&p, &pass); if (result != pw_ok) { /* cancel pressed */ PKCS12_free(pkcs12); failed_files << fname; throw result; } } STACK_OF(X509) *certstack = sk_X509_new_null(); PKCS12_parse(pkcs12, pass.constData(), &mykey, &mycert, &certstack); int error = ERR_peek_error(); if (ERR_GET_REASON(error) == PKCS12_R_MAC_VERIFY_FAILURE) { pki_ign_openssl_error(); PKCS12_free(pkcs12); sk_X509_free(certstack); failed_files << fname; throw errorEx(getClassName(), tr("The supplied password was wrong (%1)") .arg(ERR_reason_error_string(error))); } pki_ign_openssl_error(); if (mycert) { unsigned char *str = X509_alias_get0(mycert, NULL); if (str) alias = QString::fromUtf8((const char *)str); alias = QString::fromUtf8(alias.toLatin1()); cert = new pki_x509(mycert); Q_CHECK_PTR(cert); if (alias.isEmpty()) { cert->autoIntName(fname); alias = cert->getIntName(); } else { cert->setIntName(alias); } cert->pkiSource = imported; inheritFilename(cert); append_item(cert); } if (mykey) { key = new pki_evp(mykey); Q_CHECK_PTR(key); key->setIntName(alias + "_key"); key->pkiSource = imported; inheritFilename(key); append_item(key); } for (int i = 0; i < sk_X509_num(certstack); ++i) { X509 *crt = sk_X509_value(certstack, i); if (!crt) continue; pki_x509 *cacert = new pki_x509(crt); Q_CHECK_PTR(cacert); if (alias.isEmpty()) { cacert->autoIntName(QString()); } else { cacert->setIntName(QString(alias + "_ca_%1").arg(i)); } cacert->pkiSource = imported; inheritFilename(cacert); append_item(cacert); } sk_X509_free(certstack); PKCS12_free(pkcs12); pki_openssl_error(); } void pki_pkcs12::writePKCS12(XFile &file, encAlgo &encAlgo) const { Passwd pass; PKCS12 *pkcs12; pass_info p(XCA_TITLE, tr("Please enter the password to encrypt the PKCS#12 file")); if (cert == NULL || key == NULL) my_error(tr("No key or no Cert and no pkcs12")); if (PwDialogCore::execute(&p, &pass, true) != 1) return; STACK_OF(X509) *certstack = sk_X509_new_null(); foreach(pki_base *pki, multi) { pki_x509 *x = dynamic_cast(pki); if (x && x != cert) sk_X509_push(certstack, x->getCert()); } int encAlgoNid = encAlgo.getEncAlgoNid(); pkcs12 = PKCS12_create(pass.data(), getIntName().toUtf8().data(), key->decryptKey(), cert->getCert(), certstack, encAlgoNid, encAlgoNid, 0, 0, 0); BioByteArray b; i2d_PKCS12_bio(b, pkcs12); sk_X509_free(certstack); pki_openssl_error(); PKCS12_free(pkcs12); file.write(b); } void pki_pkcs12::collect_properties(QMap &prp) const { if (!algorithm.isEmpty()) prp["Algorithm"] = algorithm; if (!alias.isEmpty()) prp["Friendly Name"] = alias; } // see https://www.rfc-editor.org/rfc/rfc8018 Appendix B.2 for possible encryption schemes const QList encAlgo::all_encAlgos( { NID_pbe_WithSHA1And3_Key_TripleDES_CBC, NID_aes_256_cbc }); int encAlgo::default_encAlgo(NID_pbe_WithSHA1And3_Key_TripleDES_CBC); encAlgo::encAlgo(int nid) : encAlgo_nid(nid) { } encAlgo::encAlgo(const QString &name) : encAlgo_nid(default_encAlgo) { QString s(name); encAlgo_nid = OBJ_txt2nid(CCHAR(s.remove(QChar(' ')))); ign_openssl_error(); } QString encAlgo::name() const { return QString(encAlgo_nid == NID_undef ? "" : OBJ_nid2sn(encAlgo_nid)); } int encAlgo::getEncAlgoNid() const { return encAlgo_nid; } const encAlgo encAlgo::getDefault() { return encAlgo(default_encAlgo); } void encAlgo::setDefault(const QString &def) { default_encAlgo = encAlgo(def).encAlgo_nid; } xca-RELEASE.2.5.0/lib/pki_pkcs12.h000066400000000000000000000021371450407711300162420ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_PKCS12_H #define __PKI_PKCS12_H #include "pki_multi.h" class pki_key; class pki_x509; class encAlgo { private: static int default_encAlgo; int encAlgo_nid; public: static const QList all_encAlgos; encAlgo(int nid); encAlgo(const QString &name); encAlgo(const encAlgo &d) = default; encAlgo& operator=(const encAlgo &d) = default; QString name() const; int getEncAlgoNid() const; static void setDefault(const QString &def); static const encAlgo getDefault(); }; class pki_pkcs12: public pki_multi { Q_OBJECT friend class pki_x509; friend class pki_evp; protected: QString alias, algorithm; pki_x509 *cert; pki_key *key; public: pki_pkcs12(const QString &d, pki_x509 *acert, pki_key *akey); pki_pkcs12(const QString &fname); pki_key *getKey() const { return key; } pki_x509 *getCert() const { return cert; } void writePKCS12(XFile &file, encAlgo &encAlgo) const; void collect_properties(QMap &prp) const; }; #endif xca-RELEASE.2.5.0/lib/pki_pkcs7.cpp000066400000000000000000000077351450407711300165320ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "pki_pkcs7.h" #include "pki_x509.h" #include "pki_key.h" #include "func.h" #include "exception.h" #include pki_pkcs7::pki_pkcs7(const QString &name) :pki_multi(name) { p7 = NULL; } pki_pkcs7::~pki_pkcs7() { if (p7) PKCS7_free(p7); } void pki_pkcs7::encryptFile(pki_x509 *crt, const QString &filename) { XFile f(filename); encryptBio(crt, BioByteArray(f.readAll()).ro()); } void pki_pkcs7::encryptBio(pki_x509 *crt, BIO *bio) { STACK_OF(X509) *certstack; if (!crt) return; certstack = sk_X509_new_null(); sk_X509_push(certstack, crt->getCert()); openssl_error(); if (p7) PKCS7_free(p7); p7 = PKCS7_encrypt(certstack, bio, EVP_des_ede3_cbc(), PKCS7_BINARY); openssl_error(); sk_X509_free(certstack); } void pki_pkcs7::signBio(pki_x509 *crt, BIO *bio) { pki_key *privkey; EVP_PKEY *pk; STACK_OF(X509) *certstack; if (!crt) return; privkey = crt->getRefKey(); if (!privkey) throw errorEx("No private key for signing found", getClassName()); certstack = sk_X509_new_null(); pki_x509 *signer = crt->getSigner(); if (signer == crt) signer = NULL; while (signer != NULL ) { sk_X509_push(certstack, signer->getCert()); openssl_error(); if (signer == signer->getSigner() ) signer = NULL; else signer = signer->getSigner(); } if (p7) PKCS7_free(p7); pk = privkey->decryptKey(); p7 = PKCS7_sign(crt->getCert(), pk, certstack, bio, PKCS7_BINARY); EVP_PKEY_free(pk); openssl_error(); sk_X509_free(certstack); } void pki_pkcs7::signFile(pki_x509 *crt, const QString &filename) { XFile f(filename); f.open_read(); if (crt) signBio(crt, BioByteArray(f.readAll()).ro()); } void pki_pkcs7::signCert(pki_x509 *crt, pki_x509 *contCert) { BioByteArray bba; i2d_X509_bio(bba, contCert->getCert()); signBio(crt, bba); openssl_error(); } void pki_pkcs7::writeP7(XFile &file, bool PEM) { if (!p7) { p7 = PKCS7_new(); PKCS7_set_type(p7, NID_pkcs7_signed); PKCS7_content_new(p7, NID_pkcs7_data); pki_openssl_error(); } foreach(pki_base *pki, multi) { pki_x509 *x = dynamic_cast(pki); if (x) PKCS7_add_certificate(p7, X509_dup(x->getCert())); } BioByteArray b; if (PEM) PEM_write_bio_PKCS7(b, p7); else i2d_PKCS7_bio(b, p7); openssl_error(); file.write(b); } void pki_pkcs7::append_certs(PKCS7 *myp7, const QString &name) { STACK_OF(X509) *certstack = NULL; pki_openssl_error(); if (myp7 == NULL) return; setFilename(name); autoIntName(name); switch (OBJ_obj2nid(myp7->type)) { case NID_pkcs7_signed: certstack = myp7->d.sign->cert; myp7->d.sign->cert = NULL; break; case NID_pkcs7_signedAndEnveloped: certstack = myp7->d.signed_and_enveloped->cert; myp7->d.signed_and_enveloped->cert = NULL; break; } if (!certstack) return; for (int x = 0; x < sk_X509_num(certstack); x++) { X509 *c = X509_dup(sk_X509_value(certstack, x)); pki_x509 *cert = new pki_x509(c); openssl_error(); cert->autoIntName(getIntName()); cert->pkiSource = imported; inheritFilename(cert); append_item(cert); } sk_X509_free(certstack); PKCS7_free(myp7); } void pki_pkcs7::fromPEM_BIO(BIO *bio, const QString &name) { PKCS7 *myp7 = PEM_read_bio_PKCS7(bio, NULL, NULL, NULL); append_certs(myp7, name); } void pki_pkcs7::fromPEMbyteArray(const QByteArray &ba, const QString &name) { // Skip the pki_multi::fromPEMbyteArray(), // which would cause an endless loop pki_base::fromPEMbyteArray(ba, name); } void pki_pkcs7::fload(const QString &name) { PKCS7 *myp7; XFile file(name); file.open_read(); QByteArray ba(file.readAll()); myp7 = PEM_read_bio_PKCS7(BioByteArray(ba).ro(), NULL, NULL, NULL); if (!myp7) { ign_openssl_error(); myp7 = d2i_PKCS7_bio(BioByteArray(ba).ro(), NULL); } if (ign_openssl_error()) { if (myp7) PKCS7_free(myp7); throw errorEx(tr("Unable to load the PKCS#7 file %1. Tried PEM and DER format.").arg(name)); } append_certs(myp7, name); } xca-RELEASE.2.5.0/lib/pki_pkcs7.h000066400000000000000000000016361450407711300161710ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_PKCS7_H #define __PKI_PKCS7_H #include #include "pki_multi.h" #include class pki_x509; class pki_pkcs7: public pki_multi { Q_OBJECT friend class pki_x509; protected: PKCS7 *p7; void signBio(pki_x509 *crt, BIO *bio); void encryptBio(pki_x509 *crt, BIO *bio); void append_certs(PKCS7 *myp7, const QString &name); public: pki_pkcs7(const QString &name = QString()); virtual ~pki_pkcs7(); void signFile(pki_x509 *crt, const QString &filename); void signCert(pki_x509 *crt, pki_x509 *contCert); void encryptFile(pki_x509 *crt, const QString &filename); void writeP7(XFile &file, bool PEM); void fromPEM_BIO(BIO *bio, const QString &name); void fromPEMbyteArray(const QByteArray &, const QString &); void fload(const QString &name); }; #endif xca-RELEASE.2.5.0/lib/pki_scard.cpp000066400000000000000000000452461450407711300165760ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2009 -2014 Christian Hohnstaedt. * * All rights reserved. */ #include "pki_scard.h" #include "pass_info.h" #include "pk11_attribute.h" #include "exception.h" #include "db_base.h" #include "pkcs11.h" #include "x509name.h" #include "func.h" #include "XcaProgress.h" #include "XcaWarningCore.h" #include void pki_scard::init(void) { ownPass = ptPin; pkiType = smartCard; isPub = false; card_serial = card_manufacturer = card_label = ""; card_model = slot_label = ""; } pki_scard::pki_scard(const QString name) :pki_key(name) { init(); } QString pki_scard::getMsg(msg_type msg) const { /* * We do not construct english sentences from fragments * to allow proper translations. * * %1 will be replaced by the name of the smartcard */ switch (msg) { case msg_import: return tr("Successfully imported the token key '%1'"); case msg_delete: return tr("Delete the token key '%1'?"); case msg_create: return tr("Successfully created the token key '%1'"); /* %1: Number of ktemplates; %2: list of templatenames */ case msg_delete_multi: return tr("Delete the %1 keys: %2?"); } return pki_base::getMsg(msg); } QSqlError pki_scard::insertSqlData() { XSqlQuery q; QSqlError e = pki_key::insertSqlData(); if (e.isValid()) return e; SQL_PREPARE(q, "INSERT INTO tokens (item, card_manufacturer, card_serial, " "card_model, card_label, slot_label, " "object_id) " "VALUES (?, ?, ?, ?, ?, ?, ?)"); q.bindValue(0, sqlItemId); q.bindValue(1, card_manufacturer); q.bindValue(2, card_serial); q.bindValue(3, card_model); q.bindValue(4, card_label); q.bindValue(5, slot_label); q.bindValue(6, object_id); q.exec(); e = q.lastError(); if (e.isValid()) return e; SQL_PREPARE(q, "INSERT INTO token_mechanism (item, mechanism) " "VALUES (?, ?)"); q.bindValue(0, sqlItemId); foreach(CK_MECHANISM_TYPE m, mech_list) { q.bindValue(1, QVariant((uint)m)); q.exec(); } return q.lastError(); } void pki_scard::restoreSql(const QSqlRecord &rec) { pki_key::restoreSql(rec); card_manufacturer = rec.value(VIEW_tokens_card_manufacturer).toString(); card_serial = rec.value(VIEW_tokens_card_serial).toString(); card_model = rec.value(VIEW_tokens_card_model).toString(); card_label = rec.value(VIEW_tokens_card_label).toString(); slot_label = rec.value(VIEW_tokens_slot_label).toString(); object_id = rec.value(VIEW_tokens_object_id).toString(); card_manufacturer = rec.value(VIEW_tokens_card_manufacturer).toString(); isPub = false; qDebug() << card_manufacturer <data, os->length, NULL); pki_openssl_error(); EC_POINT *point = EC_POINT_bn2point(group, bn, NULL, NULL); BN_free(bn); ASN1_OCTET_STRING_free(os); pki_openssl_error(); EC_KEY_set_public_key(ec, point); pki_openssl_error(); pkey = EVP_PKEY_new(); EVP_PKEY_assign_EC_KEY(pkey, ec); break; } #endif #ifdef EVP_PKEY_ED25519 case CKK_EC_EDWARDS: { QByteArray ba; ASN1_OCTET_STRING *os; pk11_attr_data grp(CKA_EC_PARAMS); p11.loadAttribute(grp, object); pk11_attr_data pt(CKA_EC_POINT); p11.loadAttribute(pt, object); ba = pt.getData(); os = (ASN1_OCTET_STRING *) d2i_bytearray(D2I_VOID(d2i_ASN1_OCTET_STRING), ba); pki_openssl_error(); pkey = EVP_PKEY_new_raw_public_key(EVP_PKEY_ED25519, NULL, (const uint8_t *)os->data, os->length); pki_openssl_error(); ASN1_OCTET_STRING_free(os); pki_openssl_error(); break; } #endif default: throw errorEx(QString("Unsupported CKA_KEY_TYPE: %1\n").arg(keytype)); } pki_openssl_error(); return pkey; } void pki_scard::load_token(pkcs11 &p11, CK_OBJECT_HANDLE object) { tkInfo ti = p11.tokenInfo(); card_label = ti.label(); card_manufacturer = ti.manufacturerID(); card_serial = ti.serial(); card_model = ti.model(); pkiSource = token; isPub = false; pk11_attr_data id(CKA_ID); p11.loadAttribute(id, object); if (id.getAttribute()->ulValueLen > 0) { object_id = QString(id.getData().toHex()); } try { pk11_attr_data label(CKA_LABEL); p11.loadAttribute(label, object); slot_label = label.getText(); } catch (errorEx &err) { qDebug() << "No PubKey Label:" << err.getString(); // ignore } if (slot_label.isEmpty()) { try{ x509name xn; pk11_attr_data subj(CKA_SUBJECT); p11.loadAttribute(subj, object); QByteArray der = subj.getData(); xn.d2i(der); slot_label = xn.getMostPopular(); pki_openssl_error(); } catch (errorEx &err) { qDebug() << "No Pubkey Subject:" << err.getString(); // ignore } } EVP_PKEY *pkey = load_pubkey(p11, object); if (pkey) { if (key) EVP_PKEY_free(key); key = pkey; } setIntName(slot_label); pki_openssl_error(); } pk11_attr_data pki_scard::getIdAttr() const { pk11_attr_data id(CKA_ID); if (object_id.isEmpty()) return id; QByteArray val = QByteArray::fromHex(object_id.toLocal8Bit()); id.setValue(reinterpret_cast(val.constData()), val.length()); return id; } void pki_scard::deleteFromToken() { slotid slot; if (!prepare_card(&slot)) return; deleteFromToken(slot); } pk11_attlist pki_scard::objectAttributesNoId(EVP_PKEY *pk, bool priv) const { QByteArray ba; const RSA *rsa; const DSA *dsa; #ifndef OPENSSL_NO_EC const EC_KEY *ec; #endif const BIGNUM *n = NULL; const BIGNUM *e = NULL; const BIGNUM *p = NULL; const BIGNUM *q = NULL; const BIGNUM *g = NULL; pk11_attlist attrs(pk11_attr_ulong(CKA_CLASS, priv ? CKO_PRIVATE_KEY : CKO_PUBLIC_KEY)); switch (EVP_PKEY_type(EVP_PKEY_id(pk))) { case EVP_PKEY_RSA: rsa = EVP_PKEY_get0_RSA(pk); RSA_get0_key(rsa, &n, &e, NULL); attrs << pk11_attr_ulong(CKA_KEY_TYPE, CKK_RSA) << pk11_attr_data(CKA_MODULUS, n) << pk11_attr_data(CKA_PUBLIC_EXPONENT, e); break; case EVP_PKEY_DSA: dsa = EVP_PKEY_get0_DSA(pk); DSA_get0_pqg(dsa, &p, &q, &g); attrs << pk11_attr_ulong(CKA_KEY_TYPE, CKK_DSA) << pk11_attr_data(CKA_PRIME, p) << pk11_attr_data(CKA_SUBPRIME, q) << pk11_attr_data(CKA_BASE, g); break; #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: ec = EVP_PKEY_get0_EC_KEY(pk); ba = i2d_bytearray(I2D_VOID(i2d_ECPKParameters), EC_KEY_get0_group(ec)); attrs << pk11_attr_ulong(CKA_KEY_TYPE, CKK_EC) << pk11_attr_data(CKA_EC_PARAMS, ba); break; #endif #ifdef EVP_PKEY_ED25519 case EVP_PKEY_ED25519: attrs << pk11_attr_ulong(CKA_KEY_TYPE, CKK_EC_EDWARDS); // should it also return params, somehow? break; #endif default: throw errorEx(QString("Unknown Keytype %d") .arg(EVP_PKEY_type(EVP_PKEY_id(pk)))); } return attrs; } pk11_attlist pki_scard::objectAttributes(bool priv) const { pk11_attlist attrs = objectAttributesNoId(key, priv); attrs << getIdAttr(); return attrs; } void pki_scard::deleteFromToken(const slotid &slot) { pkcs11 p11; p11.startSession(slot, true); tkInfo ti = p11.tokenInfo(); if (!XCA_YESNO(tr("Delete the private key '%1' from the token '%2 (#%3)' ?"). arg(getIntName()).arg(ti.label()).arg(ti.serial()))) return; if (p11.tokenLogin(card_label, false).isNull()) return; pk11_attlist atts = objectAttributes(true); QList priv_objects = p11.objectList(atts); atts = objectAttributes(false); QList pub_objects = p11.objectList(atts); p11.deleteObjects(priv_objects); p11.deleteObjects(pub_objects); } int pki_scard::renameOnToken(const slotid &slot, const QString &name) { pkcs11 p11; p11.startSession(slot, true); QList objs; if (p11.tokenLogin(card_label, false).isNull()) return 0; pk11_attr_data label(CKA_LABEL, name.toUtf8()); /* Private key */ pk11_attlist attrs = objectAttributes(true); objs = p11.objectList(attrs); if (!objs.count()) return 0; p11.storeAttribute(label, objs[0]); /* Public key */ attrs = objectAttributes(false); objs = p11.objectList(attrs); if (objs.count()) p11.storeAttribute(label, objs[0]); return 1; } void pki_scard::store_token(const slotid &slot, EVP_PKEY *pkey) { QByteArray ba; const RSA *rsa; const DSA *dsa; #ifndef OPENSSL_NO_EC const EC_KEY *ec; #endif pk11_attlist pub_atts; pk11_attlist priv_atts; QList objects; const BIGNUM *d = NULL; const BIGNUM *p = NULL; const BIGNUM *q = NULL; const BIGNUM *dmp1 = NULL; const BIGNUM *dmq1 = NULL; const BIGNUM *iqmp = NULL; const BIGNUM *priv_key = NULL; const BIGNUM *pub_key = NULL; pub_atts = objectAttributesNoId(pkey, false); priv_atts = objectAttributesNoId(pkey, true); pkcs11 p11; p11.startSession(slot, true); QList objs = p11.objectList(pub_atts); if (objs.count() == 0) objs = p11.objectList(priv_atts); if (objs.count() != 0) { XCA_INFO(tr("This Key is already on the token")); load_token(p11, objs[0]); return; } pk11_attr_data new_id = p11.findUniqueID(CKO_PUBLIC_KEY); pub_atts << new_id << pk11_attr_bool(CKA_TOKEN, true) << pk11_attr_data(CKA_LABEL, getIntName().toUtf8()) << pk11_attr_bool(CKA_PRIVATE, false) << pk11_attr_bool(CKA_WRAP, true) << pk11_attr_bool(CKA_ENCRYPT, true) << pk11_attr_bool(CKA_VERIFY, true); priv_atts << new_id << pk11_attr_bool(CKA_TOKEN, true) << pk11_attr_data(CKA_LABEL, desc.toUtf8()) << pk11_attr_bool(CKA_PRIVATE, true) << pk11_attr_bool(CKA_UNWRAP, true) << pk11_attr_bool(CKA_DECRYPT, true) << pk11_attr_bool(CKA_SIGN, true); switch (EVP_PKEY_type(EVP_PKEY_id(pkey))) { case EVP_PKEY_RSA: rsa = EVP_PKEY_get0_RSA(pkey); RSA_get0_key(rsa, NULL, NULL, &d); RSA_get0_factors(rsa, &p, &q); RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp); priv_atts << pk11_attr_data(CKA_PRIVATE_EXPONENT, d) << pk11_attr_data(CKA_PRIME_1, p) << pk11_attr_data(CKA_PRIME_2, q) << pk11_attr_data(CKA_EXPONENT_1, dmp1) << pk11_attr_data(CKA_EXPONENT_2, dmq1) << pk11_attr_data(CKA_COEFFICIENT, iqmp); break; case EVP_PKEY_DSA: dsa = EVP_PKEY_get0_DSA(pkey); DSA_get0_key(dsa, &pub_key, &priv_key); priv_atts << pk11_attr_data(CKA_VALUE, priv_key); pub_atts << pk11_attr_data(CKA_VALUE, pub_key); break; #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: { /* Public Key */ BIGNUM *point; int size; unsigned char *buf; ASN1_OCTET_STRING *os; ec = EVP_PKEY_get0_EC_KEY(pkey); point = EC_POINT_point2bn(EC_KEY_get0_group(ec), EC_KEY_get0_public_key(ec), EC_KEY_get_conv_form(ec), NULL, NULL); pki_openssl_error(); size = BN_num_bytes(point); buf = (unsigned char *)OPENSSL_malloc(size); Q_CHECK_PTR(buf); BN_bn2bin(point, buf); os = ASN1_OCTET_STRING_new(); /* set0 -> ASN1_OCTET_STRING_free() also free()s buf */ ASN1_STRING_set0(os, buf, size); ba = i2d_bytearray(I2D_VOID(i2d_ASN1_OCTET_STRING), os); ASN1_OCTET_STRING_free(os); BN_free(point); pki_openssl_error(); pub_atts << pk11_attr_data(CKA_EC_POINT, ba); /* Private key */ priv_atts << pk11_attr_data(CKA_VALUE, EC_KEY_get0_private_key(ec)); break; } #endif default: throw errorEx(QString("Unknown Keytype %d") .arg(EVP_PKEY_id(pkey))); } tkInfo ti = p11.tokenInfo(); if (p11.tokenLogin(ti.label(), false).isNull()) throw errorEx(tr("PIN input aborted")); p11.createObject(pub_atts); p11.createObject(priv_atts); pub_atts.reset(); pub_atts = objectAttributesNoId(pkey, false); pub_atts << new_id; objs = p11.objectList(pub_atts); if (objs.count() == 0) throw errorEx(tr("Unable to find copied key on the token")); load_token(p11, objs[0]); } QList pki_scard::possibleHashNids() { QList nids; if (!Settings["only_token_hashes"]) return pki_key::possibleHashNids(); foreach(CK_MECHANISM_TYPE mechanism, mech_list) { switch (EVP_PKEY_type(getKeyType())) { case EVP_PKEY_RSA: switch (mechanism) { case CKM_MD5_RSA_PKCS: nids << NID_md5; break; case CKM_SHA1_RSA_PKCS: nids << NID_sha1; break; case CKM_SHA256_RSA_PKCS: nids << NID_sha256; break; case CKM_SHA384_RSA_PKCS: nids << NID_sha384; break; case CKM_SHA512_RSA_PKCS: nids << NID_sha512; break; case CKM_RIPEMD160_RSA_PKCS: nids << NID_ripemd160; break; } break; case EVP_PKEY_DSA: switch (mechanism) { case CKM_DSA_SHA1: nids << NID_sha1; break; } break; #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: switch (mechanism) { case CKM_ECDSA_SHA1: nids << NID_sha1; break; } break; #endif } } if (nids.count() == 0) { switch (EVP_PKEY_type(getKeyType())) { case EVP_PKEY_RSA: nids << NID_md5 << NID_sha1 << NID_sha256 << NID_sha384 << NID_sha512 << NID_ripemd160; break; case EVP_PKEY_DSA: #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: #endif nids << NID_sha1; break; } } return nids; } bool pki_scard::find_key_on_card(slotid *slot) const { pkcs11 p11; slotid sl; pk11_attlist cls(pk11_attr_ulong(CKA_CLASS, CKO_PUBLIC_KEY)); cls << getIdAttr(); foreach(sl, p11.getSlotList()) { pkcs11 p11sess; p11sess.startSession(sl); foreach(CK_OBJECT_HANDLE object, p11sess.objectList(cls)) { EVP_PKEY *pkey = load_pubkey(p11sess, object); bool match = EVP_PKEY_cmp(key, pkey) == 1; EVP_PKEY_free(pkey); if (match) { *slot = sl; return true; } } } return false; } /* Assures the correct card is inserted and * returns the slot ID in slot true on success */ bool pki_scard::prepare_card(slotid *slot) const { if (!pkcs11::libraries.loaded()) return false; QString msg = tr("Please insert card: %1 %2 [%3] with Serial: %4"). arg(card_manufacturer).arg(card_model). arg(card_label).arg(card_serial); do { try { if (find_key_on_card(slot)) return true; } catch (errorEx &err) { qDebug() << "find_key_on_card:" << err.getString(); } catch (...) { qDebug() << "find_key_on_card exception"; } } while (XCA_OKCANCEL(msg)); return false; } class keygenThread: public QThread { public: errorEx err; pk11_attr_data id; const keyjob task; QString name; pkcs11 *p11; keygenThread(const keyjob &t, const QString &n, pkcs11 *_p11) : QThread(), task(t), name(n), p11(_p11) { } void run() { try { id = p11->generateKey(name, task.ktype.mech, task.size, task.ec_nid); } catch (errorEx &e) { err = e; } } }; void pki_scard::generate(const keyjob &task) { pk11_attlist atts; pkcs11 p11; p11.startSession(task.slot, true); p11.getRandom(); tkInfo ti = p11.tokenInfo(); if (p11.tokenLogin(ti.label(), false).isNull()) return; XcaProgress progress; keygenThread kt(task, getIntName(), &p11); kt.start(); while (!kt.wait(20)) { progress.increment(); } if (!kt.err.isEmpty()) throw errorEx(kt.err); atts << pk11_attr_ulong(CKA_CLASS, CKO_PUBLIC_KEY) << kt.id; QList objects = p11.objectList(atts); if (objects.count() != 1) qCritical() << "OBJECTS found:" << objects.count(); if (objects.count() == 0) throw errorEx(tr("Unable to find generated key on card")); load_token(p11, objects[0]); } pki_scard::~pki_scard() { } QString pki_scard::getTypeString(void) const { return tr("Token %1").arg(pki_key::getTypeString()); } EVP_PKEY *pki_scard::decryptKey() const { slotid slot_id; QString pin, key_id; if (!prepare_card(&slot_id)) throw errorEx(tr("Failed to find the key on the token")); pkcs11 *p11 = new pkcs11(); p11->startSession(slot_id); pin = p11->tokenLogin(card_label, false); if (pin.isNull()) { delete p11; throw errorEx(tr("Invalid Pin for the token")); } pk11_attlist atts = objectAttributes(true); QList priv_objects = p11->objectList(atts); if (priv_objects.count() != 1) { delete p11; throw errorEx(tr("Failed to find the key on the token")); } EVP_PKEY *pkey = p11->getPrivateKey(key, priv_objects[0]); if (!pkey) { delete p11; throw errorEx(tr("Failed to initialize the key on the token")); } pki_openssl_error(); return pkey; } void pki_scard::changePin() { slotid slot; if (!prepare_card(&slot)) return; pkcs11 p11; p11.changePin(slot, false); } void pki_scard::changeSoPin() { slotid slot; if (!prepare_card(&slot)) return; pkcs11 p11; p11.changePin(slot, true); } void pki_scard::initPin() { slotid slot; if (!prepare_card(&slot)) return; pkcs11 p11; p11.initPin(slot); } int pki_scard::verify() { return true; } bool pki_scard::isToken() { return true; } QVariant pki_scard::getIcon(const dbheader *hd) const { return hd->id == HD_internal_name ? QVariant(QPixmap(":scardIco")) : QVariant(); } bool pki_scard::visible() const { QStringList sl; if (pki_base::visible()) return true; sl << card_serial << card_manufacturer << card_model << card_label << slot_label << object_id; foreach(QString s, sl) { if (s.contains(limitPattern)) return true; } return false; } void pki_scard::updateLabel(QString label) { XSqlQuery q; Transaction; if (slot_label == label) return; if (!TransBegin()) return; slot_label = label; SQL_PREPARE(q, "UPDATE tokens SET slot_label=? WHERE item=?"); q.bindValue(0, slot_label); q.bindValue(1, sqlItemId); q.exec(); AffectedItems(sqlItemId); TransCommit(); } xca-RELEASE.2.5.0/lib/pki_scard.h000066400000000000000000000045441450407711300162370ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2009 - 2011 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_SCARD_H #define __PKI_SCARD_H #include #include #include #include "pkcs11.h" #include "pki_key.h" #define VIEW_tokens_card_manufacturer 10 #define VIEW_tokens_card_serial 11 #define VIEW_tokens_card_model 12 #define VIEW_tokens_card_label 13 #define VIEW_tokens_slot_label 14 #define VIEW_tokens_object_id 15 class pki_scard: public pki_key { Q_OBJECT protected: QString card_serial; QString card_manufacturer; QString card_model; QString card_label; QString slot_label; QString object_id; QList mech_list; void init(void); public: pki_scard(const QString name); virtual ~pki_scard(); void load_token(pkcs11 &p11, CK_OBJECT_HANDLE object); bool prepare_card(slotid *slot) const; bool find_key_on_card(slotid *slot) const; QString getTypeString(void) const; QString getManufacturer() const { return card_manufacturer; } QString getSerial() const { return card_serial; } QString getModel() const { return card_model; } QString getLabel() const { return slot_label; } void updateLabel(QString label); QString getId() const { return object_id; } pk11_attr_data getIdAttr() const; QString getCardLabel() const { return card_label; } EVP_PKEY *decryptKey() const; QString scardLogin(pkcs11 &p11, bool so, bool force=false)const; void changePin(); void initPin(); void changeSoPin(); int verify(); bool isToken(); QVariant getIcon(const dbheader *hd) const; QList getMech_list() { return mech_list; } pk11_attlist objectAttributes(bool priv) const; pk11_attlist objectAttributesNoId(EVP_PKEY *pk, bool priv) const; void setMech_list(QList ml) { mech_list = ml; }; QList possibleHashNids(); EVP_PKEY *load_pubkey(pkcs11 &p11, CK_OBJECT_HANDLE object) const; void generate(const keyjob &task); void deleteFromToken(); void deleteFromToken(const slotid &slot); void store_token(const slotid &slot, EVP_PKEY *pkey); int renameOnToken(const slotid &slot, const QString &name); QString getMsg(msg_type msg) const; bool visible() const; QSqlError insertSqlData(); QSqlError deleteSqlData(); void restoreSql(const QSqlRecord &rec); }; #endif xca-RELEASE.2.5.0/lib/pki_temp.cpp000066400000000000000000000317351450407711300164450ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "pki_temp.h" #include "pki_x509.h" #include "func.h" #include "oid.h" #include "exception.h" #include #include #include #include #define TEMPLATE_DS_VERSION (QDataStream::Qt_4_2) namespace db { QByteArray intToData(uint32_t val) { uint32_t v = xhtonl(val); return QByteArray((char*)&v, sizeof(uint32_t)); } uint32_t intFromData(QByteArray &ba) { uint32_t ret; if ((unsigned)(ba.size()) < sizeof(uint32_t)) { throw errorEx(QObject::tr("Out of data")); } memcpy(&ret, ba.constData(), sizeof(uint32_t)); ba = ba.mid(sizeof(uint32_t)); return xntohl(ret); } bool boolFromData(QByteArray &ba) { unsigned char c; if (ba.size() < 1) throw errorEx(QObject::tr("Out of data")); c = ba.constData()[0]; ba = ba.mid(1); return c ? true : false; } QString stringFromData(QByteArray &ba) { int idx = ba.indexOf('\0'); if (idx == -1) throw errorEx(QObject::tr("Error finding endmarker of string")); QString ret = QString::fromUtf8(ba.constData(), idx); ba = ba.mid(idx+1); return ret; } }; const QList pki_temp::tmpl_keys = { "subAltName", "issAltName", "crlDist", "authInfAcc", "nsCertType", "nsComment", "nsBaseUrl", "nsRevocationUrl", "nsCARevocationUrl", "nsRenewalUrl", "nsCaPolicyUrl", "nsSslServerName", "ca", "bcCritical", "ekuCritical", "kuCritical", "subKey", "authKey", "basicPath", "validN", "validM", "validMidn", "keyUse", "eKeyUse", "adv_ext", "noWellDefinedExpDate", "OCSPstaple", }; pki_temp::pki_temp(const pki_temp *pk) :pki_x509name(pk->getIntName()) { pre_defined = false; xname = pk->xname; settings = pk->settings; } pki_temp::pki_temp(const QString &d) :pki_x509name(d) { pkiType = tmpl; pre_defined = false; foreach(QString key, tmpl_keys) { settings[key] = QString(); } settings["nsComment"] = "xca certificate"; settings["validN"] = "365"; } QString pki_temp::comboText() const { return pre_defined ? QString("[default] ") + pki_base::comboText() : pki_base::comboText(); } QSqlError pki_temp::insertSqlData() { XSqlQuery q; QSqlError e = pki_x509name::insertSqlData(); if (e.isValid()) return e; SQL_PREPARE(q, "INSERT INTO templates (item, version, template) " "VALUES (?, ?, ?)"); q.bindValue(0, sqlItemId); q.bindValue(1, TMPL_VERSION); q.bindValue(2, toB64Data()); q.exec(); return q.lastError(); } void pki_temp::restoreSql(const QSqlRecord &rec) { pki_base::restoreSql(rec); int version = rec.value(VIEW_temp_version).toInt(); QByteArray ba = QByteArray::fromBase64( rec.value(VIEW_temp_template).toByteArray()); fromData(ba, version); } QSqlError pki_temp::deleteSqlData() { XSqlQuery q; QSqlError e = pki_x509name::deleteSqlData(); if (e.isValid()) return e; SQL_PREPARE(q, "DELETE FROM templates WHERE item=?"); q.bindValue(0, sqlItemId); q.exec(); return q.lastError(); } QString pki_temp::getMsg(msg_type msg) const { /* * We do not construct english sentences from fragments * to allow proper translations. * * %1 will be replaced by the internal name of the template */ switch (msg) { case msg_import: return tr("Successfully imported the XCA template '%1'"); case msg_delete: return tr("Delete the XCA template '%1'?"); case msg_create: return tr("Successfully created the XCA template '%1'"); /* %1: Number of ktemplates; %2: list of templatenames */ case msg_delete_multi: return tr("Delete the %1 XCA templates: %2?"); } return pki_base::getMsg(msg); } x509name pki_temp::getSubject() const { return xname; } static int bitsToInt(extList &el, int nid, bool *crit) { int ret = 0, i = el.idxByNid(nid); if (i != -1) { if (crit) *crit = el[i].getCritical(); ASN1_BIT_STRING *bits; bits = (ASN1_BIT_STRING *)el[i].d2i(); for (int j=0; j<9; j++) { if (ASN1_BIT_STRING_get_bit(bits, j)) ret |= 1 << j; } el.removeAt(i); } return ret; } void pki_temp::fromExtList(extList *el, int nid, const char *item) { QString target; el->genConf(nid, &target, &adv_ext); settings[item] = target; } extList pki_temp::fromCert(pki_x509super *cert_or_req) { x509name n; extList el = cert_or_req->getV3ext(); adv_ext.clear(); settings["nsComment"] = ""; n = cert_or_req->getSubject(); foreach(QString sn, Settings["explicit_dn"].split(",")) { int nid = OBJ_sn2nid(CCHAR(sn)); QString ne = n.popEntryByNid(nid); if (!ne.isNull()) xname.addEntryByNid(nid, ne); } for (int i=0; i> 1)); bool kuCritical; settings["keyUse"] = QString::number( bitsToInt(el, NID_key_usage, &kuCritical)); settings["kuCritical"] = kuCritical ? "1" : "0"; fromExtList(&el, NID_ext_key_usage, "eKeyUse"); QStringList eKeyUse = settings["eKeyUse"] .split(QRegularExpression(",\\s*")); settings["ekuCritical"] = "0"; if (eKeyUse.contains("critical")) { eKeyUse.removeOne("critical"); settings["eKeyUse"] = eKeyUse.join(", "); settings["ekuCritical"] = "1"; } qDebug() << "eKeyUse" << settings["kuCritical"] << settings["eKeyUse"]; el.genGenericConf(&adv_ext); settings["adv_ext"] = adv_ext; if (cert_or_req->getType() == x509) { pki_x509 *cert = (pki_x509*)cert_or_req; if (cert->getNotAfter().isUndefined()) { settings["noWellDefinedExpDate"] = "1"; } else { a1time notBefore = cert->getNotBefore(); a1time notAfter = cert->getNotAfter(); if (notBefore.toPlain().endsWith("000000Z") && notAfter.toPlain().endsWith("235959Z")) { settings["validMidn"] = "1"; } int diff = notBefore.daysTo(notAfter); settings["validM"] = "0"; if (diff > 60) { settings["validM"] = "1"; diff /= 30; if (diff > 24) { settings["validM"] = "2"; diff /= 12; } } settings["validN"] = QString::number(diff); } } return el; } static QString old_eKeyUse2QString(int old) { QStringList sl; for (int i = 0; i < extkeyuse_nid.size(); i++) { if (old & (1< 5) { settings["basicPath"] = db::stringFromData(ba); } else { settings["basicPath"] = QString::number(db::intFromData(ba)); if (settings["basicPath"] == "0") settings["basicPath"] = ""; } settings["validN"] = QString::number(db::intFromData(ba)); settings["validM"] = QString::number(db::intFromData(ba)); settings["keyUse"] = QString::number(db::intFromData(ba)); if (version > 4) { settings["eKeyUse"] = db::stringFromData(ba); } else { int old = db::intFromData(ba); settings["eKeyUse"] = old_eKeyUse2QString(old); } settings["nsCertType"] = QString::number(db::intFromData(ba)); settings["subAltName"] = db::stringFromData(ba); settings["issAltName"] = db::stringFromData(ba); settings["crlDist"] = db::stringFromData(ba); settings["nsComment"] = db::stringFromData(ba); settings["nsBaseUrl"] = db::stringFromData(ba); settings["nsRevocationUrl"] = db::stringFromData(ba); settings["nsCARevocationUrl"] = db::stringFromData(ba); settings["nsRenewalUrl"] = db::stringFromData(ba); settings["nsCaPolicyUrl"] = db::stringFromData(ba); settings["nsSslServerName"] = db::stringFromData(ba); xname.d2i(ba); settings["authInfAcc"] = db::stringFromData(ba); /* certPol = */ db::stringFromData(ba); settings["validMidn"] = QString::number(db::boolFromData(ba)); if (version>2) settings["adv_ext"] = db::stringFromData(ba); if (version>3) settings["noWellDefinedExpDate"] = QString::number(db::boolFromData(ba)); if (ba.size() > 0) { my_error(tr("Wrong Size %1").arg(ba.size())); } } QByteArray pki_temp::toData() const { QByteArray ba; ba += xname.i2d(); QBuffer buf(&ba); buf.open(QIODevice::WriteOnly | QIODevice::Append); QDataStream out(&buf); out.setVersion(TEMPLATE_DS_VERSION); out << settings; buf.close(); return ba; } void pki_temp::fromData(QByteArray &ba, int version) { xname.d2i(ba); QBuffer buf(&ba); buf.open(QIODevice::ReadOnly); QDataStream in(&buf); in.setVersion(TEMPLATE_DS_VERSION); in >> settings; QMap translate; translate["eKyUseCritical"] = "ekuCritical"; translate["keyUseCritical"] ="kuCritical"; foreach(QString key, translate.keys()) { if (settings.contains(key)) settings[translate[key]] = settings.take(key); } buf.close(); (void)version; //if (version < 11) .... } void pki_temp::fromData(const unsigned char *p, int size, int version) { if (version < 10) { old_fromData(p, size, version); } else { QByteArray ba((const char*)p, size); fromData(ba, version); } } QByteArray pki_temp::toExportData() const { QByteArray data, header; BioByteArray b; data = toData(); header = db::intToData(data.size()); header += db::intToData(TMPL_VERSION); header += data; PEM_write_bio(b, PEM_STRING_XCA_TEMPLATE, (char*)"", (unsigned char*)(header.data()), header.size()); return b.byteArray(); } void pki_temp::writeTemp(XFile &file) const { file.write(PEM_comment() + toExportData()); } void pki_temp::writeDefault(const QString &dirname) const { XFile file(get_dump_filename(dirname, ".xca")); file.open_write(); writeTemp(file); } bool pki_temp::pem(BioByteArray &b) { b += toExportData(); return true; } void pki_temp::fromExportData(QByteArray data) { int version; if (data.size() < (int)sizeof(uint32_t)) my_error(tr("Template file content error (too small)")); db::intFromData(data); version = db::intFromData(data); fromData((const unsigned char*)data.constData(), data.size(), version); } void pki_temp::try_fload(XFile &file) { QByteArray ba = file.read(4096*1024); try { fromPEM_BIO(BioByteArray(ba).ro(), file.fileName()); } catch (errorEx &) { fromExportData(ba); } pki_openssl_error(); } void pki_temp::fload(const QString &fname) { try { XFile file(fname); file.open_read(); try_fload(file); #if defined(Q_OS_WIN32) } catch (errorEx &) { /* Try again in ascii mode on Windows * to support pre 1.1.0 template exports */ XFile file(fname); file.open(QIODevice::ReadOnly | QIODevice::QIODevice::Text); try_fload(file); #else } catch (errorEx &err) { throw err; #endif } } void pki_temp::fromPEM_BIO(BIO *bio, const QString &name) { QByteArray ba; QString msg; char *nm = NULL, *header = NULL; unsigned char *data = NULL; long len; PEM_read_bio(bio, &nm, &header, &data, &len); if (ign_openssl_error()) throw errorEx(tr("Not a PEM encoded XCA Template"), getClassName()); if (!strcmp(nm, PEM_STRING_XCA_TEMPLATE)) { ba = QByteArray::fromRawData((char*)data, len); fromExportData(ba); setIntName(rmslashdot(name)); } else { msg = tr("Not an XCA Template, but '%1'").arg(nm); } OPENSSL_free(nm); OPENSSL_free(header); OPENSSL_free(data); if (!msg.isEmpty()) my_error(msg); } pki_temp::~pki_temp() { } bool pki_temp::compare(const pki_base *) const { // we don't care if templates with identical contents // are stored in the database ... return false; } QVariant pki_temp::getIcon(const dbheader *hd) const { return hd->id == HD_internal_name ? QVariant(QPixmap(":templateIco")) : QVariant(); } xca-RELEASE.2.5.0/lib/pki_temp.h000066400000000000000000000044571450407711300161130ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_TEMP_H #define __PKI_TEMP_H #include "pki_base.h" #include "x509name.h" #include "asn1time.h" #include "pki_x509super.h" #define D5 "-----" #define PEM_STRING_XCA_TEMPLATE "XCA TEMPLATE" #define TMPL_VERSION 10 #define CHECK_TMPL_KEY if (!tmpl_keys.contains(key)) { qFatal("Unknown template key: %s(%s)", __func__, CCHAR(key)); } #define VIEW_temp_version 6 #define VIEW_temp_template 7 class pki_temp: public pki_x509name { Q_OBJECT protected: static const QList tmpl_keys; int dataSize(); void try_fload(XFile &file); bool pre_defined; x509name xname; QMap settings; QString adv_ext; void fromExtList(extList *el, int nid, const char *item); public: pki_temp(const pki_temp *pk); pki_temp(const QString &d = QString()); ~pki_temp(); QString getSetting(QString key) { CHECK_TMPL_KEY return settings[key]; } int getSettingInt(QString key) { CHECK_TMPL_KEY return settings[key].toInt(); } void setSetting(QString key, QString value) { CHECK_TMPL_KEY settings[key] = value; } void setSetting(QString key, int value) { CHECK_TMPL_KEY settings[key] = QString::number(value); } void fload(const QString &fname); void writeDefault(const QString &dirname) const ; void fromData(const unsigned char *p, int size, int version); void old_fromData(const unsigned char *p, int size, int version); void fromData(QByteArray &ba, int version); void setAsPreDefined() { pre_defined = true; } QString comboText() const; QByteArray toData() const; QString toB64Data() { return QString::fromLatin1(toData().toBase64()); } bool compare(const pki_base *ref) const; void writeTemp(XFile &file) const; QVariant getIcon(const dbheader *hd) const; QString getMsg(msg_type msg) const; x509name getSubject() const; void setSubject(x509name n) { xname = n; } bool pem(BioByteArray &); QByteArray toExportData() const; void fromPEM_BIO(BIO *, const QString &); void fromExportData(QByteArray data); extList fromCert(pki_x509super *cert_or_req); QSqlError insertSqlData(); QSqlError deleteSqlData(); void restoreSql(const QSqlRecord &rec); }; Q_DECLARE_METATYPE(pki_temp *); #endif xca-RELEASE.2.5.0/lib/pki_x509.cpp000066400000000000000000000557301450407711300162060ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "pki_x509.h" #include "pki_x509req.h" #include "pki_evp.h" #include "pki_scard.h" #include "pki_crl.h" #include "db_base.h" #include "func.h" #include "base.h" #include "exception.h" #include "pass_info.h" pki_x509::pki_x509(X509 *c) :pki_x509super() { init(); cert = c; pki_openssl_error(); } pki_x509::pki_x509(const pki_x509 *crt) :pki_x509super(crt) { init(); cert = X509_dup(crt->cert); pki_openssl_error(); issuerSqlId = crt->issuerSqlId; setRefKey(crt->getRefKey()); caTemplateSqlId = crt->caTemplateSqlId; revocation = crt->revocation; crlDays = crt->crlDays; crlExpire = crt->crlExpire; pki_openssl_error(); } pki_x509::pki_x509(const QString &name) :pki_x509super(name) { init(); cert = X509_new(); X509_set_version(cert, 2); pki_openssl_error(); } QString pki_x509::getMsg(msg_type msg) const { /* * We do not construct english sentences from fragments * to allow proper translations. * The drawback are all the slightly different duplicated messages * * %1 will be replaced by the internal name of the certificate */ switch (msg) { case msg_import: return tr("Successfully imported the certificate '%1'"); case msg_delete: return tr("Delete the certificate '%1'?"); case msg_create: return tr("Successfully created the certificate '%1'"); /* %1: Number of certs; %2: list of cert names */ case msg_delete_multi: return tr("Delete the %1 certificates: %2?"); } return pki_base::getMsg(msg); } void pki_x509::resetX509ReqCount() const { QList reqs = Store.sqlSELECTpki( "SELECT item FROM x509super LEFT JOIN items ON items.id = x509super.item " "WHERE key_hash=? AND items.type=?", QList() << QVariant(pubHash()) << QVariant(x509_req)); foreach(pki_x509req *req, reqs) req->resetX509count(); } QSqlError pki_x509::insertSqlData() { XSqlQuery q; a1time now; pki_x509 *signer = findIssuer(); QSqlError e = pki_x509super::insertSqlData(); if (e.isValid()) return e; SQL_PREPARE(q, "INSERT INTO certs (item, hash, iss_hash, serial, issuer, " "ca, cert) " "VALUES (?, ?, ?, ?, ?, ?, ?)"); q.bindValue(0, sqlItemId); q.bindValue(1, hash()); q.bindValue(2, getIssuerName().hashNum()); q.bindValue(3, getSerial().toHex()); q.bindValue(4, signer ? signer->getSqlItemId() : QVariant()); q.bindValue(5, (int)isCA()); q.bindValue(6, i2d_b64()); q.exec(); resetX509ReqCount(); if (!isCA()) return q.lastError(); SQL_PREPARE(q, "INSERT INTO authority (item, template, crlExpire, crlNo, crlDays) " "VALUES (?, ?, ?, 0, ?)"); q.bindValue(0, sqlItemId); q.bindValue(1, caTemplateSqlId); q.bindValue(2, crlExpire.toPlain()); q.bindValue(3, crlDays); q.exec(); if (fromDataRevList.size() > 0) fromDataRevList.sqlUpdate(sqlItemId); return q.lastError(); } void pki_x509::restoreSql(const QSqlRecord &rec) { pki_x509super::restoreSql(rec); QByteArray ba = QByteArray::fromBase64( rec.value(VIEW_x509_cert).toByteArray()); d2i(ba); issuerSqlId = rec.value(VIEW_x509_issuer); crlNumber.set(rec.value(VIEW_x509_auth_crlNo).toUInt()); crlExpire.fromPlain(rec.value(VIEW_x509_auth_crlExpire).toString()); caTemplateSqlId = rec.value(VIEW_x509_auth_template); if (!rec.isNull(VIEW_x509_auth_crlDays)) crlDays = rec.value(VIEW_x509_auth_crlDays).toInt(); else crlDays = 30; if (!rec.isNull(VIEW_x509_revocation)) revocation = x509rev(rec, VIEW_x509_revocation); } QSqlError pki_x509::deleteSqlData() { XSqlQuery q; QSqlError e = pki_x509super::deleteSqlData(); QStringList tasks; tasks << "DELETE FROM certs WHERE item=?" << "DELETE FROM authority WHERE item=?" << "UPDATE crls SET issuer=NULL WHERE issuer=?" << "UPDATE certs SET issuer=NULL WHERE issuer=?" << "DELETE FROM revocations WHERE caId=?" ; foreach(QString task, tasks) { SQL_PREPARE(q, task); q.bindValue(0, sqlItemId); q.exec(); e = q.lastError(); if (e.isValid()) return e; } // Select affected items q = Store.sqlSELECTpki( "SELECT DISTINCT items.id FROM items, certs, crls " "WHERE (items.id = certs.item OR items.id = crls.item) " "AND crls.issuer = ? AND certs.issuer = ?", QList() << QVariant(sqlItemId) << QVariant(sqlItemId)); while (q.next()) AffectedItems(q.value(0)); resetX509ReqCount(); return q.lastError(); } pki_x509 *pki_x509::findIssuer() { XSqlQuery q; pki_x509 *issuer = NULL; unsigned hash; if ((issuer = getSigner()) != NULL) return issuer; // first check for self-signed if (verify(this)) return this; hash = getIssuerName().hashNum(); /* Select X509 CA certificates with subject-hash == hash */ SQL_PREPARE(q, "SELECT x509super.item from x509super " "JOIN certs ON certs.item = x509super.item " "WHERE certs.ca=1 AND x509super.subj_hash=?"); q.bindValue(0, hash); q.exec(); while (q.next()) { pki_x509 *an_issuer = Store.lookupPki(q.value(0)); qDebug() << "Possibvle Issuer of" << *this << *an_issuer << an_issuer->getNotAfter(); if (!an_issuer) { qDebug("Certificate with id %d not found", q.value(0).toInt()); continue; } if (verify_only(an_issuer)) { if (!issuer || (issuer->getNotAfter() < an_issuer->getNotAfter())) { qDebug() << "New issuer of" << *this << *an_issuer << an_issuer->getNotAfter(); issuer = an_issuer; } } } verify(issuer); return issuer; } void pki_x509::fromPEM_BIO(BIO *bio, const QString &fname) { X509 *_cert; _cert = PEM_read_bio_X509(bio, NULL, NULL, NULL); openssl_error_msg(fname); if (!_cert) throw errorEx(); X509_free(cert); cert = _cert; } void pki_x509::fload(const QString &fname) { X509 *_cert; XFile file(fname); file.open_read(); QByteArray ba(file.readAll()); _cert = PEM_read_bio_X509(BioByteArray(ba).ro(), NULL, NULL, NULL); if (!_cert) { pki_ign_openssl_error(); _cert = d2i_X509_bio(BioByteArray(ba).ro(), NULL); } if (pki_ign_openssl_error() || !_cert) { if (_cert) X509_free(_cert); throw errorEx(tr("Unable to load the certificate in file %1. Tried PEM and DER certificate.").arg(fname)); } X509_free(cert); cert = _cert; } pki_x509::~pki_x509() { if (cert) { X509_free(cert); } pki_openssl_error(); } void pki_x509::init() { caTemplateSqlId = QVariant(); crlDays = 30; crlExpire.setUndefined(); cert = NULL; pkiType = x509; } void pki_x509::setSerial(const a1int &serial) { X509_set_serialNumber(cert, serial.get()); pki_openssl_error(); } a1int pki_x509::getSerial() const { a1int a(X509_get_serialNumber(cert)); pki_openssl_error(); return a; } pki_x509 *pki_x509::getBySerial(const a1int &a) const { foreach(pki_base *p, childItems) { pki_x509 *pki = static_cast(p); if (a == pki->getSerial()) return pki; } return NULL; } a1int pki_x509::hashInfo(const EVP_MD *md) const { unsigned char digest[EVP_MAX_MD_SIZE]; unsigned len = 0; if (!X509_digest(cert, md, digest, &len)) pki_openssl_error(); a1int a; a.setRaw(digest,len); return a; } void pki_x509::load_token(pkcs11 &p11, CK_OBJECT_HANDLE object) { QString desc; pk11_attr_ulong type(CKA_CERTIFICATE_TYPE); p11.loadAttribute(type, object); if (type.getValue() != CKC_X_509) throw errorEx(QString("Unsupported Certificate type %1" ).arg(type.getValue())); try { pk11_attr_data label(CKA_LABEL); p11.loadAttribute(label, object); desc = label.getText(); } catch(errorEx &err) { qDebug("No Cert Label: %s", err.getCString()); // IGNORE } pk11_attr_data x509(CKA_VALUE); p11.loadAttribute(x509, object); QByteArray der = x509.getData(); d2i(der); if (desc.isEmpty()) { try { x509name xn; pk11_attr_data subj(CKA_SUBJECT); p11.loadAttribute(subj, object); QByteArray der = subj.getData(); xn.d2i(der); desc = xn.getMostPopular(); pki_openssl_error(); } catch(errorEx &err) { qDebug("No Cert Subject: %s", err.getCString()); // IGNORE } } setIntName(desc); pkiSource = token; pki_openssl_error(); } void pki_x509::d2i(QByteArray &ba) { X509 *c = (X509*)d2i_bytearray(D2I_VOID(d2i_X509), ba); if (c) { X509_free(cert); cert = c; } pki_openssl_error(); } QByteArray pki_x509::i2d() const { return i2d_bytearray(I2D_VOID(i2d_X509), cert); } void pki_x509::store_token(bool alwaysSelect) { pki_scard *card = NULL; slotid slot; x509name xname; QList objects; pkcs11 p11; pki_key *privkey = getRefKey(); if (!privkey || !privkey->isToken() || alwaysSelect) { if (!p11.selectToken(&slot, NULL)) return; } else { card = dynamic_cast(privkey); if (!card || !card->prepare_card(&slot)) return; } pk11_attlist p11_atts; p11_atts << pk11_attr_ulong(CKA_CLASS, CKO_CERTIFICATE) << pk11_attr_ulong(CKA_CERTIFICATE_TYPE, CKC_X_509) << pk11_attr_data(CKA_VALUE, i2d()); p11.startSession(slot, true); QList objs = p11.objectList(p11_atts); if (objs.count() != 0) { XCA_WARN(tr("This certificate is already on the security token")); return; } p11_atts << pk11_attr_bool(CKA_TOKEN, true) << pk11_attr_bool(CKA_PRIVATE, false) << pk11_attr_data(CKA_SUBJECT, getSubject().i2d()) << pk11_attr_data(CKA_ISSUER, getIssuerName().i2d()) << pk11_attr_data(CKA_SERIAL_NUMBER, getSerial().i2d()) << pk11_attr_data(CKA_LABEL, desc.toUtf8()) << (card ? card->getIdAttr() : p11.findUniqueID(CKO_CERTIFICATE)); if (p11.tokenLogin(p11.tokenInfo().label(), false).isNull()) return; p11.createObject(p11_atts); } void pki_x509::deleteFromToken() { pki_key *privkey = getRefKey(); pki_scard *card = dynamic_cast(privkey); slotidList p11_slots; if (!card || !pkcs11::libraries.loaded()) return; if (privkey && privkey->isToken()) { slotid slot; if (!card->prepare_card(&slot)) return; p11_slots << slot; } else { pkcs11 p11; p11_slots = p11.getSlotList(); } for (int i=0; i objs = p11.objectList(atts); if (!objs.count()) return; tkInfo ti = p11.tokenInfo(); if (!XCA_YESNO(tr("Delete the certificate '%1' from the token '%2 (#%3)'?"). arg(getIntName()).arg(ti.label()).arg(ti.serial()))) { return; } if (p11.tokenLogin(ti.label(), false).isNull()) return; p11.deleteObjects(objs); } int pki_x509::renameOnToken(const slotid &slot, const QString &name) { pkcs11 p11; p11.startSession(slot, true); pk11_attlist attrs = objectAttributes(); QList objs = p11.objectList(attrs); if (!objs.count()) return 0; pk11_attr_data label(CKA_LABEL, name.toUtf8()); tkInfo ti = p11.tokenInfo(); if (p11.tokenLogin(ti.label(), false).isNull()) return 0; p11.storeAttribute(label, objs[0]); return 1; } void pki_x509::setNotBefore(const a1time &a) { a1time t(a); X509_set_notBefore(cert, t.get_utc()); pki_openssl_error(); } void pki_x509::setNotAfter(const a1time &a) { a1time t(a); X509_set_notAfter(cert, t.get_utc()); pki_openssl_error(); } a1time pki_x509::getNotBefore() const { a1time a(X509_get_notBefore(cert)); return a; } a1time pki_x509::getNotAfter() const { a1time a(X509_get_notAfter(cert)); return a; } x509name pki_x509::getSubject() const { x509name x(X509_get_subject_name(cert)); pki_openssl_error(); return x; } x509name pki_x509::getIssuerName() const { x509name x(X509_get_issuer_name(cert)); pki_openssl_error(); return x; } void pki_x509::setSubject(const x509name &n) { X509_set_subject_name(cert, n.get()); pki_openssl_error(); } void pki_x509::setIssuer(const x509name &n) { X509_set_issuer_name(cert, n.get()); pki_openssl_error(); } bool pki_x509::addV3ext(const x509v3ext &e, bool skip_existing) { if (!e.isValid()) return false; if (skip_existing && X509_get_ext_by_NID(cert, e.nid(), -1) != -1) return false; X509_EXTENSION *ext = e.get(); X509_add_ext(cert, ext, -1); X509_EXTENSION_free(ext); pki_openssl_error(); return true; } void pki_x509::delSigner(pki_base *s) { if (s && (s->getSqlItemId() == issuerSqlId)) issuerSqlId = QVariant(); } bool pki_x509::isCA() const { bool ca; int crit; BASIC_CONSTRAINTS *bc = (BASIC_CONSTRAINTS *) X509_get_ext_d2i(cert, NID_basic_constraints, &crit, NULL); pki_openssl_error(); ca = bc && bc->ca; if (bc) BASIC_CONSTRAINTS_free(bc); return ca; } bool pki_x509::canSign() const { pki_key *privkey = getRefKey(); if (!privkey || privkey->isPubKey()) return false; if (privkey->isToken() && !pkcs11::libraries.loaded()) return false; return isCA(); } bool pki_x509::hasExtension(int nid) const { return getV3ext().idxByNid(nid) != -1; } void pki_x509::sign(pki_key *signkey, const digest &digest) { EVP_PKEY *tkey; if (!signkey) { my_error(tr("There is no key for signing !")); } tkey = signkey->decryptKey(); pki_openssl_error(); X509_sign(cert, tkey, digest.MD()); pki_openssl_error(); EVP_PKEY_free(tkey); pki_openssl_error(); } void pki_x509::writeDefault(const QString &dirname) const { XFile file(get_dump_filename(dirname, ".crt")); file.open_write(); writeCert(file, true); } void pki_x509::writeCert(XFile &file, bool PEM) const { if (!cert) return; BioByteArray b; if (PEM) { b += PEM_comment(); PEM_write_bio_X509(b, cert); } else { i2d_X509_bio(b, cert); } pki_openssl_error(); file.write(b); } QString pki_x509::getIndexEntry() { QString flag = NULL; bool revoked = isRevoked(); if (revoked) flag = "R"; else if (checkDate()) flag = "V"; else flag = "E"; return QString("%1\t%2\t%3\t%4\tunknown\t%5\n").arg( flag, getNotAfter().toPlainUTC(), revoked ? revocation.getDate().toPlainUTC() : "", getSerial(), QString(X509_NAME_oneline(getSubject().get(), NULL, 0))); } bool pki_x509::pem(BioByteArray &b) { return PEM_write_bio_X509(b, cert); } bool pki_x509::cmpIssuerAndSerial(pki_x509 *refcert) { bool ret = X509_issuer_and_serial_cmp(cert, refcert->cert); pki_openssl_error(); return ret; } bool pki_x509::verify_only(const pki_x509 *signer) const { const X509_NAME *subject = X509_get_subject_name(signer->cert); const X509_NAME *issuer = X509_get_issuer_name(cert); pki_openssl_error(); if (X509_NAME_cmp(subject, issuer)) { return false; } EVP_PKEY *pub = X509_get_pubkey(signer->cert); if (!pub) { pki_ign_openssl_error(); return false; } int i = X509_verify(cert, pub); EVP_PKEY_free(pub); pki_ign_openssl_error(); return i>0; } bool pki_x509::verify(pki_x509 *signer) { if (getSigner() || !signer) return false; if (signer == this && issuerSqlId == sqlItemId && issuerSqlId != QVariant()) return true; if (signer && verify_only(signer)) { int idx; x509rev r; x509revList rl(revocation); r.setSerial(getSerial()); setSigner(signer); signer->mergeRevList(rl); rl = signer->getRevList(); idx = rl.indexOf(r); if (idx != -1) revocation = rl[idx]; return true; } return false; } x509revList pki_x509::getRevList() const { return isCA() ? x509revList::fromSql(sqlItemId) : x509revList(); } void pki_x509::mergeRevList(x509revList &l) { x509revList revList = getRevList(); revList.merge(l); if (revList.merged) revList.sqlUpdate(sqlItemId); } void pki_x509::setRevocations(const x509revList &rl) { x509rev rev; x509revList revList = rl; foreach(pki_base *p, childItems) { pki_x509 *pki = static_cast(p); rev.setSerial(pki->getSerial()); int idx = revList.indexOf(rev); if (idx != -1) pki->revocation = revList[idx]; else pki->revocation = x509rev(); } revList.sqlUpdate(sqlItemId); } pki_key *pki_x509::getPubKey() const { EVP_PKEY *pkey = X509_get_pubkey(cert); pki_ign_openssl_error(); if (pkey == NULL) return NULL; pki_evp *key = new pki_evp(pkey); pki_openssl_error(); return key; } bool pki_x509::compareNameAndKey(pki_x509 *other) { int r; X509_NAME *s1, *s2; EVP_PKEY *pub1, *pub2; if (!cert || !other->cert) return false; s1 = X509_get_subject_name(cert); s2 = X509_get_subject_name(other->cert); pki_openssl_error(); if (!s1 || !s2) return false; /* X509_NAME_cmp returns 0 if they match */ r = X509_NAME_cmp(s1, s2); pki_openssl_error(); if (r) return false; pub1 = X509_get_pubkey(cert); pub2 = X509_get_pubkey(other->cert); pki_ign_openssl_error(); if (!pub1 || !pub2) return false; /* EVP_PKEY_cmp() return 1 if the keys match */ r = EVP_PKEY_cmp(pub1, pub2); pki_openssl_error(); return r == 1; } void pki_x509::setPubKey(pki_key *key) { X509_set_pubkey(cert, key->getPubKey()); pki_openssl_error(); } QString pki_x509::fingerprint(const EVP_MD *digest) const { return ::fingerprint(i2d_bytearray(I2D_VOID(i2d_X509), cert), digest); } bool pki_x509::checkDate() { a1time n, b, a; n = a1time::now(), b = getNotBefore(); a = getNotAfter(); pki_openssl_error(); if (!a.isValid() || !b.isValid()) return false; if (!a.isUndefined() && (a < n)) return false; if (b > n) return false; pki_openssl_error(); return true; } extList pki_x509::getV3ext() const { extList el; el.setStack(X509_get0_extensions(cert)); return el; } x509v3ext pki_x509::getExtByNid(int nid) const { extList el = getV3ext(); int i = el.idxByNid(nid); try { pki_openssl_error(); } catch(errorEx &err) { XCA_WARN(err.getString()); } if (i == -1) return x509v3ext(); return el[i]; } int pki_x509::sigAlg() const { return X509_get_signature_nid(cert); } pki_x509 *pki_x509::getSigner() { return Store.lookupPki(issuerSqlId); } bool pki_x509::isRevoked() const { return revocation.isValid(); } void pki_x509::setRevoked(const x509rev &revok) { revocation = revok; } bool pki_x509::caAndPathLen(bool *ca, a1int *pathlen, bool *hasLen) const { x509v3ext e = getExtByNid(NID_basic_constraints); if (e.nid() != NID_basic_constraints) return false; BASIC_CONSTRAINTS *bc = (BASIC_CONSTRAINTS *)e.d2i(); if (hasLen) *hasLen = bc->pathlen ? true : false; if (pathlen && bc->pathlen) pathlen->set(bc->pathlen); if (ca) *ca = bc->ca; BASIC_CONSTRAINTS_free(bc); pki_openssl_error(); return true; } QVariant pki_x509::column_data(const dbheader *hd) const { switch (hd->id) { case HD_cert_serial: return QVariant(getSerial().toHex()); case HD_cert_md5fp: return QVariant(fingerprint(EVP_md5())); case HD_cert_sha1fp: return QVariant(fingerprint(EVP_sha1())); case HD_cert_sha256fp: return QVariant(fingerprint(EVP_sha256())); case HD_cert_ca: { a1int len; bool ca, haslen; if (caAndPathLen(&ca, &len, &haslen)) { if (ca && haslen) return QVariant(len.toDec()); if (!ca) return QVariant(tr("No")); else return QVariant(tr("Yes")); } break; } } return pki_x509super::column_data(hd); } a1time pki_x509::column_a1time(const dbheader *hd) const { switch (hd->id) { case HD_cert_notBefore: return getNotBefore(); case HD_cert_notAfter: return getNotAfter(); case HD_cert_revocation: if (isRevoked()) return revocation.getDate(); break; case HD_cert_crl_expire: if (canSign()) return crlExpire; break; } return pki_base::column_a1time(hd); } QStringList pki_x509::icsVEVENT() const { return pki_base::icsVEVENT(getNotAfter(), tr("Renew certificate: %1").arg(getIntName()), tr("The XCA certificate '%1', issued on %2 " "will expire on %3.\n" "It is stored in the XCA database '%4'") .arg(getIntName()) .arg(getNotBefore().toPretty()) .arg(getNotAfter().toPretty()) .arg(nativeSeparator(Database.name())) ); } void pki_x509::collect_properties(QMap &prp) const { prp["Issuer"] = getIssuerName().oneLine(XN_FLAG_RFC2253); prp["Serial"] = getSerial().toHex(); prp["CA"] = isCA() ? "Yes" : "No"; prp["Not Before"] = getNotBefore().toPretty(); prp["Not After"] = getNotAfter().toPretty(); prp["Self signed"] = verify_only(this) ? "Yes" : "No"; pki_x509super::collect_properties(prp); } void pki_x509::print(BioByteArray &bba, enum print_opt opt) const { pki_x509super::print(bba, opt); switch (opt) { case print_openssl_txt: X509_print(bba, cert); break; case print_pem: PEM_write_bio_X509(bba, cert); break; case print_coloured: break; } } QStringList pki_x509::icsVEVENT_ca() const { QStringList ics; pki_crl *crl = NULL; ics << icsVEVENT(); foreach(pki_base *p, childItems) { pki_x509 *pki = static_cast(p); if (pki->getNotAfter() > a1time() && !isRevoked()) ics << pki->icsVEVENT(); } QList list = Store.sqlSELECTpki( "SELECT item FROM crls WHERE issuer = ?", QList() << QVariant(sqlItemId)); /* Get latest CRL */ foreach(pki_crl *pki, list) { if (!crl || crl->getNextUpdate() < pki->getNextUpdate()) crl = pki; } if (crl) ics << crl->icsVEVENT(); return ics; } QVariant pki_x509::getIcon(const dbheader *hd) const { int pixnum = 0; bool ca; QStringList icon_names { ":validcertIco", ":validcertkeyIco", ":invalidcertIco", ":invalidcertkeyIco" }; switch (hd->id) { case HD_cert_ca: if (!caAndPathLen(&ca, NULL, NULL)) return QVariant(); if (!ca) return QVariant(); return QVariant(QPixmap(":doneIco")); case HD_internal_name: if (hasPrivKey()) pixnum += 1; if (isRevoked()) pixnum += 2; break; default: return pki_x509super::getIcon(hd); } return QVariant(QPixmap(icon_names[pixnum])); } bool pki_x509::visible() const { if (pki_x509super::visible()) return true; if (getIssuerName().search(limitPattern)) return true; if (fingerprint(EVP_md5()).contains(limitPattern)) return true; if (fingerprint(EVP_sha1()).contains(limitPattern)) return true; if (fingerprint(EVP_sha256()).contains(limitPattern)) return true; if (getSerial().toHex().contains(limitPattern)) return true; return false; } QVariant pki_x509::bg_color(const dbheader *hd) const { if (Settings["no_expire_colors"]) return QVariant(); QString unit, cert_expiry_num = Settings["cert_expiry"]; unit = cert_expiry_num.right(1); cert_expiry_num.chop(1); int n = cert_expiry_num.toInt(); a1time nb, na, now, certwarn; nb = getNotBefore(); na = getNotAfter(); now = a1time::now(); if (unit == "%") { quint64 lifetime = nb.secsTo(na); certwarn = nb.addSecs(lifetime *n /100); } else if (unit == "D") { certwarn = na.addDays(-n); } else if (unit == "W") { certwarn = na.addDays(-n*7); } switch (hd->id) { case HD_cert_notBefore: if (nb > now || !nb.isValid() || nb.isUndefined()) return QVariant(red); break; case HD_cert_notAfter: { if (na.isUndefined()) return QVariant(cyan); if (na < now) return QVariant(red); if (certwarn < now) return QVariant(yellow); break; } case HD_cert_crl_expire: if (canSign()) { QDateTime crlwarn, crlex; crlex = crlExpire; if (!crlExpire.isUndefined()) { crlwarn = crlex.addSecs(-2 *60*60*24); if (crlex < now) return QVariant(red); if (crlwarn < now || !crlex.isValid()) return QVariant(yellow); } } } return QVariant(); } xca-RELEASE.2.5.0/lib/pki_x509.h000066400000000000000000000103671450407711300156500ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_X509_H #define __PKI_X509_H #include #include #include #include "database_model.h" #include "pki_x509super.h" #include "x509rev.h" #include "x509v3ext.h" #include "pkcs11.h" #define VIEW_x509_serial 7 #define VIEW_x509_issuer 8 #define VIEW_x509_ca 9 #define VIEW_x509_cert 10 #define VIEW_x509_auth_template 11 #define VIEW_x509_auth_crlExpire 12 #define VIEW_x509_auth_crlNo 13 #define VIEW_x509_auth_crlDays 14 #define VIEW_x509_auth_dnPolicy_UNUSED 15 #define VIEW_x509_revocation 16 class pki_key; class pki_x509 : public pki_x509super { Q_OBJECT private: QVariant issuerSqlId; a1time crlExpire; a1int crlNumber; int crlDays; QVariant caTemplateSqlId; X509 *cert; void init(); x509rev revocation; x509revList fromDataRevList; void resetX509ReqCount() const; protected: int sigAlg() const; void collect_properties(QMap &prp) const; public: pki_x509(X509 *c); pki_x509(const pki_x509 *crt); pki_x509(const QString &name = QString()); ~pki_x509(); void setSigner(pki_x509 *s) { issuerSqlId = s ? s->getSqlItemId() : QVariant(); } void fload(const QString &fname); void load_token(pkcs11 &p11, CK_OBJECT_HANDLE object); void store_token(bool alwaysSelect); void fromPEM_BIO(BIO *bio, const QString &name); void writeDefault(const QString &dirname) const; a1int hashInfo(const EVP_MD *md) const; void setSerial(const a1int &serial); a1int getSerial() const; void setNotBefore(const a1time &a); void setNotAfter(const a1time &a); a1time getNotBefore() const; a1time getNotAfter() const; x509name getSubject() const; x509name getIssuerName() const; void setSubject(const x509name &n); void setIssuer(const x509name &n); bool caAndPathLen(bool *ca, a1int *pathlen, bool *hasLen) const; bool isCA() const; bool canSign() const; void writeCert(XFile &file, bool PEM) const; QString getIndexEntry(); bool verify(pki_x509 *signer); bool verify_only(const pki_x509 *signer) const; pki_key *getPubKey() const; void setPubKey(pki_key *key); pki_x509 *getSigner(); void delSigner(pki_base *s); QString fingerprint(const EVP_MD *digest) const; extList getV3ext() const; bool checkDate(); bool addV3ext(const x509v3ext &e, bool skip_existing = false); void sign(pki_key *signkey, const digest &digest); pki_x509 *findIssuer(); X509 *getCert() { return cert; } void setRevoked(bool rev, a1time inval = a1time(), QString reason = QString()); void setRevoked(const x509rev &revok); bool isRevoked() const; pki_x509 *getBySerial(const a1int &a) const; a1int getCrlNumber() const { return crlNumber; } void setCrlNumber(a1int n) { if (n > crlNumber) crlNumber = n; } void setTemplateSqlId(QVariant sqlId) { caTemplateSqlId = sqlId; } QVariant getTemplateSqlId() { return caTemplateSqlId; } void setCrlDays(int s) { if (s > 0) crlDays = s; } int getCrlDays() { return crlDays; } x509rev getRevocation() { return revocation; } pk11_attlist objectAttributes(); bool hasExtension(int nid) const; bool cmpIssuerAndSerial(pki_x509 *refcert); bool visible() const; void updateView(); void print(BioByteArray &b, enum print_opt opt) const; x509v3ext getExtByNid(int nid) const; QVariant column_data(const dbheader *hd) const; QVariant getIcon(const dbheader *hd) const; a1time column_a1time(const dbheader *hd) const; QByteArray i2d() const; void d2i(QByteArray &ba); void deleteFromToken(); void deleteFromToken(const slotid &slot); QString getMsg(msg_type msg) const; int renameOnToken(const slotid &slot, const QString &name); bool pem(BioByteArray &); QVariant bg_color(const dbheader *hd) const; void mergeRevList(x509revList &l); void setRevocations(const x509revList &rl); x509revList getRevList() const; bool compareNameAndKey(pki_x509 *other); void setCrlExpire(a1time a) { crlExpire = a; } QSqlError insertSqlData(); QSqlError deleteSqlData(); void restoreSql(const QSqlRecord &rec); QStringList icsVEVENT() const; QStringList icsVEVENT_ca() const; }; Q_DECLARE_METATYPE(pki_x509 *); #endif xca-RELEASE.2.5.0/lib/pki_x509req.cpp000066400000000000000000000216521450407711300167120ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include #include "pki_x509.h" #include "pki_x509req.h" #include "pki_evp.h" #include "func.h" #include "db_base.h" #include "x509name.h" #include "exception.h" #include pki_x509req::pki_x509req(const QString &name) : pki_x509super(name) { request = X509_REQ_new(); pki_openssl_error(); pkiType=x509_req; done = false; resetX509count(); } pki_x509req::pki_x509req(const pki_x509req *req) : pki_x509super(req) { request = X509_REQ_dup(request); done = req->done; resetX509count(); pki_openssl_error(); } pki_x509req::~pki_x509req() { if (request) X509_REQ_free(request); } QSqlError pki_x509req::insertSqlData() { XSqlQuery q; QSqlError e = pki_x509super::insertSqlData(); if (e.isValid()) return e; SQL_PREPARE(q, "INSERT INTO requests (item, hash, signed, request) " "VALUES (?, ?, ?, ?)"); q.bindValue(0, sqlItemId); q.bindValue(1, hash()); q.bindValue(2, done ? 1 : 0); q.bindValue(3, i2d_b64()); q.exec(); return q.lastError(); } void pki_x509req::markSigned(bool signe) { XSqlQuery q; Transaction; TransThrow(); SQL_PREPARE(q, "UPDATE requests SET signed=? WHERE item=?"); q.bindValue(0, signe ? 1 : 0); q.bindValue(1, sqlItemId); q.exec(); if (q.lastError().isValid()) return; done = signe; AffectedItems(sqlItemId); TransCommit(); } void pki_x509req::restoreSql(const QSqlRecord &rec) { pki_x509super::restoreSql(rec); QByteArray ba = QByteArray::fromBase64( rec.value(VIEW_x509req_request).toByteArray()); d2i(ba); done = rec.value(VIEW_x509req_signed).toBool(); } QSqlError pki_x509req::deleteSqlData() { XSqlQuery q; QSqlError e = pki_x509super::deleteSqlData(); if (e.isValid()) return e; SQL_PREPARE(q, "DELETE FROM requests WHERE item=?"); q.bindValue(0, sqlItemId); q.exec(); return q.lastError(); } void pki_x509req::createReq(pki_key *key, const x509name &dn, const digest &digest, extList el) { QList bad_nids; bad_nids << NID_authority_key_identifier << NID_issuer_alt_name << NID_undef; EVP_PKEY *privkey = NULL; if (key->isPubKey()) { my_error(tr("Signing key not valid (public key)")); return; } X509_REQ_set_version(request, 0L); X509_REQ_set_pubkey(request, key->getPubKey()); setSubject(dn); pki_openssl_error(); foreach(int nid , bad_nids) el.delByNid(nid); el.delInvalid(); if (el.count() > 0) { STACK_OF(X509_EXTENSION) *sk; sk = el.getStack(); X509_REQ_add_extensions(request, sk); sk_X509_EXTENSION_pop_free(sk, X509_EXTENSION_free); } pki_openssl_error(); privkey = key->decryptKey(); X509_REQ_sign(request, privkey, digest.MD()); pki_openssl_error(); EVP_PKEY_free(privkey); } QString pki_x509req::getMsg(msg_type msg) const { /* * We do not construct english sentences from fragments * to allow proper translations. * The drawback are all the slightly different duplicated messages * * %1 will be replaced by either "SPKAC" or "PKCS#10" * %2 will be replaced by the internal name of the request */ QString type = "PKCS#10"; switch (msg) { case msg_import: return tr("Successfully imported the %1 certificate request '%2'").arg(type); case msg_delete: return tr("Delete the %1 certificate request '%2'?").arg(type); case msg_create: return tr("Successfully created the %1 certificate request '%2'").arg(type); /* %1: Number of requests; %2: list of request names */ case msg_delete_multi: return tr("Delete the %1 certificate requests: %2?"); } return pki_base::getMsg(msg); } void pki_x509req::fromPEM_BIO(BIO *bio, const QString &name) { X509_REQ *req; req = PEM_read_bio_X509_REQ(bio, NULL, NULL, NULL); openssl_error_msg(name); if (!req) throw errorEx(); X509_REQ_free(request); request = req; } void pki_x509req::fload(const QString &fname) { X509_REQ *_req; XFile file(fname); file.open_read(); QByteArray ba(file.readAll()); _req = PEM_read_bio_X509_REQ(BioByteArray(ba).ro(), NULL, NULL, NULL); if (!_req) { pki_ign_openssl_error(); _req = d2i_X509_REQ_bio(BioByteArray(ba).ro(), NULL); } if (pki_ign_openssl_error() || !_req) { if (_req) X509_REQ_free(_req); throw errorEx(tr("Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format.").arg(fname)); } X509_REQ_free(request); request = _req; } void pki_x509req::d2i(QByteArray &ba) { X509_REQ *r= (X509_REQ*)d2i_bytearray(D2I_VOID(d2i_X509_REQ), ba); if (r) { X509_REQ_free(request); request = r; } } QByteArray pki_x509req::i2d() const { return i2d_bytearray(I2D_VOID(i2d_X509_REQ), request); } void pki_x509req::addAttribute(int nid, QString content) { if (content.isEmpty()) return; ASN1_STRING *a = QStringToAsn1(content, nid); X509_REQ_add1_attr_by_NID(request, nid, a->type, a->data, a->length); ASN1_STRING_free(a); openssl_error_msg(QString("'%1' (%2)").arg(content).arg(OBJ_nid2ln(nid))); } x509name pki_x509req::getSubject() const { x509name x(X509_REQ_get_subject_name(request)); pki_openssl_error(); return x; } int pki_x509req::sigAlg() const { return X509_REQ_get_signature_nid(request); } void pki_x509req::setSubject(const x509name &n) { X509_REQ_set_subject_name(request, n.get()); } void pki_x509req::writeDefault(const QString &dirname) const { XFile file(get_dump_filename(dirname, ".csr")); file.open_write(); writeReq(file, true); } void pki_x509req::writeReq(XFile &file, bool pem) const { BioByteArray b; if (!request) return; if (pem) { b += PEM_comment(); PEM_write_bio_X509_REQ(b, request); } else { i2d_X509_REQ_bio(b, request); } pki_openssl_error(); file.write(b); } bool pki_x509req::pem(BioByteArray &b) { return PEM_write_bio_X509_REQ(b, request); } bool pki_x509req::verify() const { EVP_PKEY *pkey = X509_REQ_get_pubkey(request); bool x = X509_REQ_verify(request,pkey) > 0; pki_ign_openssl_error(); EVP_PKEY_free(pkey); return x; } pki_key *pki_x509req::getPubKey() const { EVP_PKEY *pkey = X509_REQ_get_pubkey(request); pki_ign_openssl_error(); if (pkey == NULL) return NULL; pki_evp *key = new pki_evp(pkey); pki_openssl_error(); return key; } extList pki_x509req::getV3ext() const { extList el; STACK_OF(X509_EXTENSION) *sk; sk = X509_REQ_get_extensions(request); el.setStack(sk); sk_X509_EXTENSION_pop_free(sk, X509_EXTENSION_free); return el; } QString pki_x509req::getAttribute(int nid) const { int n; int count; QStringList ret; n = X509_REQ_get_attr_by_NID(request, nid, -1); if (n == -1) return QString(""); X509_ATTRIBUTE *att = X509_REQ_get_attr(request, n); if (!att) return QString(""); count = X509_ATTRIBUTE_count(att); for (int j = 0; j < count; j++) ret << asn1ToQString(X509_ATTRIBUTE_get0_type(att, j)-> value.asn1_string); return ret.join(", "); } int pki_x509req::issuedCerts() const { XSqlQuery q; int count = 0; if (x509count != -1) return x509count; pki_key *k = getPubKey(); if (!k) return 0; QList certs = Store.sqlSELECTpki( "SELECT item FROM x509super LEFT JOIN items ON items.id = x509super.item " "WHERE key_hash=? AND items.type=?", QList() << QVariant(pubHash()) << QVariant(x509)); foreach(pki_x509 *x, certs) { if (x->compareRefKey(k)) count++; qDebug() << "Req:" << getIntName() << "Cert with hash" << x->getIntName() << count; } delete k; x509count = count; return count; } void pki_x509req::collect_properties(QMap &prp) const { QString s = getAttribute(NID_pkcs9_unstructuredName); if (!s.isEmpty()) prp["Unstructured Name"] = s; s = getAttribute(NID_pkcs9_challengePassword); if (!s.isEmpty()) prp["Challange Password"] = s; pki_x509super::collect_properties(prp); prp["Verify Ok"] = verify() ? "Yes" : "No"; } void pki_x509req::print(BioByteArray &bba, enum print_opt opt) const { pki_x509super::print(bba, opt); switch (opt) { case print_openssl_txt: X509_REQ_print(bba, request); break; case print_pem: PEM_write_bio_X509_REQ(bba, request); break; case print_coloured: break; } } QVariant pki_x509req::column_data(const dbheader *hd) const { switch (hd->id) { case HD_req_signed: return QVariant(done ? tr("Signed") : tr("Unhandled")); case HD_req_unstr_name: return getAttribute(NID_pkcs9_unstructuredName); case HD_req_chall_pass: return getAttribute(NID_pkcs9_challengePassword); case HD_req_certs: return QVariant(issuedCerts()); } return pki_x509super::column_data(hd); } QVariant pki_x509req::getIcon(const dbheader *hd) const { switch (hd->id) { case HD_internal_name: return QVariant(QPixmap(hasPrivKey() ? ":reqkeyIco" : ":reqIco")); case HD_req_signed: if (done) return QVariant(QPixmap(":doneIco")); break; default: return pki_x509super::getIcon(hd); } return QVariant(); } bool pki_x509req::visible() const { if (pki_x509super::visible()) return true; if (getAttribute(NID_pkcs9_unstructuredName).contains(limitPattern)) return true; if (getAttribute(NID_pkcs9_challengePassword).contains(limitPattern)) return true; return false; } xca-RELEASE.2.5.0/lib/pki_x509req.h000066400000000000000000000036361450407711300163610ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_X509REQ_H #define __PKI_X509REQ_H #include #include #include "pki_key.h" #include "pki_x509super.h" #include "x509v3ext.h" #include "x509name.h" #include "digest.h" #define VIEW_x509req_request 7 #define VIEW_x509req_signed 8 class pki_x509; class pki_x509req : public pki_x509super { Q_OBJECT mutable int x509count; protected: X509_REQ *request; bool done; int sigAlg() const; void collect_properties(QMap &prp) const; public: pki_x509req(const QString &name = QString()); pki_x509req(const pki_x509req *req); ~pki_x509req(); extList getV3ext() const; void fromPEM_BIO(BIO *bio, const QString &name); void fload(const QString &fname); void writeDefault(const QString &dirname) const; x509name getSubject() const; void writeReq(XFile &file, bool pem) const; void markSigned(bool signe); void print(BioByteArray &b, enum print_opt opt) const; X509_REQ *getReq() { return request; } void addAttribute(int nid, QString content); QString getAttribute(int nid) const; int issuedCerts() const; bool verify() const; pki_key *getPubKey() const; void createReq(pki_key *key, const x509name &dn, const digest &digest, extList el); void setSubject(const x509name &n); QVariant column_data(const dbheader *hd) const; QVariant getIcon(const dbheader *hd) const; void setDone(bool d = true) { done = d; } bool getDone() const { return done; } void resetX509count() const { x509count = -1; } virtual QString getMsg(msg_type msg) const; void d2i(QByteArray &ba); QByteArray i2d() const; bool pem(BioByteArray &); bool visible() const; QSqlError insertSqlData(); QSqlError deleteSqlData(); void restoreSql(const QSqlRecord &rec); }; Q_DECLARE_METATYPE(pki_x509req *); #endif xca-RELEASE.2.5.0/lib/pki_x509super.cpp000066400000000000000000000143301450407711300172540ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "func.h" #include "oid.h" #include "pki_x509super.h" #include "db_base.h" pki_x509super::pki_x509super(const QString &name) : pki_x509name(name) { } pki_x509super::pki_x509super(const pki_x509super *x) : pki_x509name(x) { keySqlId = x->keySqlId; } pki_x509super::~pki_x509super() { } QSqlError pki_x509super::lookupKey() { XSqlQuery q; unsigned hash = pubHash(); SQL_PREPARE(q, "SELECT item FROM public_keys WHERE hash=?"); q.bindValue(0, hash); q.exec(); if (q.lastError().isValid()) return q.lastError(); while (q.next()) { pki_key *x = Store.lookupPki(q.value(0)); if (!x) { qDebug("Public key with id %d not found", q.value(0).toInt()); continue; } x->resetUcount(); if (compareRefKey(x)) { setRefKey(x); break; } } return q.lastError(); } QSqlError pki_x509super::insertSqlData() { QSqlError e = lookupKey(); if (e.isValid()) return e; XSqlQuery q; SQL_PREPARE(q, "INSERT INTO x509super (item, subj_hash, pkey, key_hash) " "VALUES (?, ?, ?, ?)"); q.bindValue(0, sqlItemId); q.bindValue(1, getSubject().hashNum()); q.bindValue(2, keySqlId); q.bindValue(3, pubHash()); q.exec(); return q.lastError(); } void pki_x509super::restoreSql(const QSqlRecord &rec) { pki_base::restoreSql(rec); keySqlId = rec.value(VIEW_x509super_keyid).toULongLong(); } QSqlError pki_x509super::deleteSqlData() { XSqlQuery q; pki_key *privkey = getRefKey(); if (privkey) privkey->resetUcount(); SQL_PREPARE(q, "DELETE FROM x509super WHERE item=?"); q.bindValue(0, sqlItemId); q.exec(); return q.lastError(); } pki_key *pki_x509super::getRefKey() const { return Store.lookupPki(keySqlId); } unsigned pki_x509super::pubHash() const { unsigned hash = 0; pki_key *privkey = getRefKey(); if (privkey) { hash = privkey->hash(); } else { pki_key *x = getPubKey(); if (x) { hash = x->hash(); delete x; } } return hash; } bool pki_x509super::compareRefKey(pki_key *ref) const { bool x; if (ref == NULL) return false; pki_key *mk = getPubKey(); if (mk == NULL) return false; x = ref->compare(mk); delete mk; return x; } void pki_x509super::setRefKey(pki_key *ref) { keySqlId = ref ? ref->sqlItemId : QVariant(); } QString pki_x509super::getSigAlg() const { return QString(OBJ_nid2ln(sigAlg())); } const digest pki_x509super::getDigest() const { return digest(sigAlg()); } bool pki_x509super::hasPrivKey() const { pki_key *k = getRefKey(); return k && k->isPrivKey(); } QVariant pki_x509super::getIcon(const dbheader *hd) const { if (hd->id == HD_x509key_name) return hasPrivKey() ? QVariant(QPixmap(":doneIco")) : QVariant(); return pki_base::getIcon(hd); } QVariant pki_x509super::column_data(const dbheader *hd) const { if (hd->id == HD_x509key_name) { pki_key *privkey = getRefKey(); if (!privkey) return QVariant(""); return QVariant(privkey->getIntName()); } if (hd->id == HD_x509_sigalg) { return QVariant(getSigAlg()); } if (hd->type == dbheader::hd_key) { QVariant v; pki_key *key = getRefKey(), *tmpkey = NULL; if (!key) tmpkey = key = getPubKey(); if (key) v = key->column_data(hd); delete tmpkey; return v; } if (hd->type == dbheader::hd_v3ext || hd->type == dbheader::hd_v3ext_ns) { extList el = getV3ext(); int idx = el.idxByNid(hd->id); if (idx == -1) return QVariant(""); return QVariant(el[idx].getConsoleValue("")); } return pki_x509name::column_data(hd); } static QString oid_sect() { QString ret; int i, max = OBJ_new_nid(0); for (i=first_additional_oid; i < max; i++) { const char *sn = OBJ_nid2sn(i); if (!sn) break; ret += QString("%1 = %2\n"). arg(OBJ_nid2sn(i)). arg(OBJ_obj2QString(OBJ_nid2obj(i), 1)); } if (!ret.isEmpty()) { ret = QString("oid_section = xca_oids\n\n" "[ xca_oids ]\n") + ret + "\n"; } return ret; } void pki_x509super::opensslConf(QString fname) { QString extensions; extList el = getV3ext(); x509name n = getSubject(); el.genGenericConf(&extensions); QString name = n.taggedValues(); QString final = oid_sect(); final += QString("[ req ]\n" "default_bits = 1024\n" "default_keyfile = privkey.pem\n" "distinguished_name = xca_dn\n" "x509_extensions = xca_extensions\n" "req_extensions = xca_extensions\n" "string_mask = MASK:0x%3\n" "utf8 = yes\n" "prompt = no\n\n" "[ xca_dn ]\n" "%1\n" "[ xca_extensions ]\n" "%2").arg(name).arg(extensions). arg(ASN1_STRING_get_default_mask(), 0, 16); XFile file(fname); file.open_write(); file.write(final.toUtf8()); } bool pki_x509super::visible() const { if (pki_x509name::visible()) return true; if (getSigAlg().contains(limitPattern)) return true; return getV3ext().search(limitPattern); } void pki_x509super::collect_properties(QMap &prp) const { pki_key *key = getPubKey(); if (key) key->collect_properties(prp); delete key; prp["Signature"] = getSigAlg(); prp["Extensions"] = getV3ext().getConsole(" "); pki_x509name::collect_properties(prp); } // Start class pki_x509name pki_x509name::pki_x509name(const QString &name) : pki_base(name) { } pki_x509name::pki_x509name(const pki_x509name *n) : pki_base(n) { } void pki_x509name::autoIntName(const QString &file) { QString name = getSubject().getMostPopular(); pki_base::autoIntName(file); if (!name.isEmpty()) setIntName(name); } QVariant pki_x509name::column_data(const dbheader *hd) const { switch (hd->id) { case HD_subject_name: return QVariant(getSubject().oneLine( XN_FLAG_ONELINE & ~ASN1_STRFLGS_ESC_MSB)); case HD_subject_hash: return QVariant(getSubject().hash()); default: if (hd->type == dbheader::hd_x509name) return QVariant(getSubject().getEntryByNid(hd->id)); } return pki_base::column_data(hd); } bool pki_x509name::visible() const { if (pki_base::visible()) return true; return getSubject().search(limitPattern); } QByteArray pki_x509name::PEM_comment() const { if (!pem_comment) return QByteArray(); return pki_base::PEM_comment() + getSubject().oneLine(XN_FLAG_RFC2253).toUtf8() + "\n"; } void pki_x509name::collect_properties(QMap &prp) const { prp["Subject"] = getSubject().oneLine(XN_FLAG_RFC2253); pki_base::collect_properties(prp); } xca-RELEASE.2.5.0/lib/pki_x509super.h000066400000000000000000000033201450407711300167160ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_X509SUPER_H #define __PKI_X509SUPER_H #include #include #include "pki_key.h" #include "x509name.h" #include "x509v3ext.h" #include "digest.h" #define VIEW_x509super_keyid 6 class pki_x509name : public pki_base { protected: QByteArray PEM_comment() const; public: pki_x509name(const QString &name = QString()); pki_x509name(const pki_x509name *n); virtual x509name getSubject() const = 0; void autoIntName(const QString &file); QVariant column_data(const dbheader *hd) const; bool visible() const; void collect_properties(QMap &prp) const; }; class pki_x509super : public pki_x509name { Q_OBJECT protected: QVariant keySqlId; virtual int sigAlg() const = 0; void collect_properties(QMap &prp) const; public: pki_x509super(const QString &name = QString()); pki_x509super(const pki_x509super *x); virtual ~pki_x509super(); unsigned pubHash() const; virtual pki_key *getPubKey() const = 0; virtual extList getV3ext() const = 0; virtual QString getSigAlg() const; virtual const digest getDigest() const; QVariant getKeySqlId() { return keySqlId; } pki_key *getRefKey() const; bool compareRefKey(pki_key* ref) const; void setRefKey(pki_key *ref); void delRefKey(pki_key *ref); QVariant column_data(const dbheader *hd) const; void opensslConf(QString fname); bool visible() const; bool hasPrivKey() const; QVariant getIcon(const dbheader *hd) const; QSqlError lookupKey(); QSqlError insertSqlData(); QSqlError deleteSqlData(); void restoreSql(const QSqlRecord &rec); }; #endif xca-RELEASE.2.5.0/lib/settings.cpp000066400000000000000000000073001450407711300164640ustar00rootroot00000000000000#include "settings.h" #include "func.h" #include "sql.h" #include "pki_key.h" #include "digest.h" #include "pki_pkcs12.h" #include "pki_export.h" #include #include #include settings Settings; svalue::svalue(settings *s, const QString &k) { setting = s; key = k; } QString svalue::get() const { return setting ? setting->get(key) : QString(); } void svalue::set(const QString &val) { if (setting) setting->set(key, val); } settings::settings() { defaul["mandatory_dn"] = ""; defaul["explicit_dn"] = "C,ST,L,O,OU,CN,emailAddress"; defaul["string_opt"] = "MASK:0x2002"; defaul["workingdir"] = ""; defaul["default_hash"] = digest::getDefault().name(); defaul["pkcs12_enc_algo"] = encAlgo::getDefault().name(); defaul["ical_expiry"] = "1W"; defaul["cert_expiry"] = "80%"; defaul["serial_len"] = "64"; defaul["fp_separator"] = ":"; defaul["fp_digits"] = "2"; defaul["KeyFormat"] = QString::number(DEFAULT_KEY_CLIPBOARD_TYPE); hostspecific << "pkcs11path" << "workingdir" << "mw_geometry"; } void settings::clear() { loaded = false; values.clear(); db_keys.clear(); foreach(QString key, defaul.keys()) setAction(key, defaul[key]); } void settings::setAction(const QString &key, const QString &value) { if (key == "string_opt") ASN1_STRING_set_default_mask_asc((char*)CCHAR(value)); else if (key == "default_hash") digest::setDefault(value); else if (key == "pkcs12_enc_algo") encAlgo::setDefault(value); else if (key == "defaultkey") keyjob::defaultjob = keyjob(value); else if (key == "optionflags") { XSqlQuery q; Transaction; if (!TransBegin()) return; SQL_PREPARE(q, "DELETE FROM settings where key_='optionflags'"); q.exec(); foreach(QString flag, value.split(",")) { if (flag == "dont_colorize_expiries") flag = "no_expire_colors"; setAction(flag, "yes"); } TransCommit(); return; } values[key] = value; } QString settings::defaults(const QString &key) { return defaul[key]; } void settings::load_settings() { if (loaded || !QSqlDatabase::database().isOpen()) return; XSqlQuery q("SELECT key_, value FROM settings"); while (q.next()) { QString key = q.value(0).toString().simplified(); QString value = q.value(1).toString(); QStringList l = key.split(":"); if (l.size() == 2 && l[1] != hostId()) continue; // Skip key with non-matching host ID if (l[0] == "workingdir") { if (!QDir(value).exists()) continue; // Skip non-existing working-dir if (!value.isEmpty() && !value.endsWith("/")) value += "/"; if (value.isEmpty()) value = getHomeDir() + "/"; } db_keys << key; // Key with host ID setAction(l[0], value); // Key without host ID } loaded = true; } QString settings::get(QString key) { load_settings(); if (key == "schema" && QSqlDatabase::database().isOpen()) { XSqlQuery q("SELECT value FROM settings WHERE key_='schema'"); if (q.first()) setAction("schema", q.value(0).toString()); } return values.contains(key) ? values[key] : QString(); } void settings::set(QString key, QString value) { XSqlQuery q; load_settings(); QString origkey = key; if (key == "workingdir") { if (!QDir(value).exists()) return; value = relativePath(value); if (!value.isEmpty() && !value.endsWith("/")) value += "/"; } if (hostspecific.contains(key)) key += QString(":%1").arg(hostId()); if (db_keys.contains(key) && values[origkey] == value) return; Transaction; if (!TransBegin()) return; if (db_keys.contains(key)) { SQL_PREPARE(q, "UPDATE settings SET value=? WHERE key_=?"); } else { SQL_PREPARE(q, "INSERT INTO settings (value, key_) VALUES (?,?)"); db_keys << key; } q.bindValue(0, value); q.bindValue(1, key); q.exec(); setAction(origkey, value); TransCommit(); } xca-RELEASE.2.5.0/lib/settings.h000066400000000000000000000035431450407711300161360ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2018 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __SETTINGS_H #define __SETTINGS_H #include #include #include #include class settings; class svalue { private: settings *setting; QString key; QString get() const; void set(const QString &val); public: svalue(settings *s, const QString &k); QStringList split(QString sep) { return get().split(sep); } bool empty() { return get().isEmpty(); } const QString &operator = (const QString &val) { set(val); return val; } int operator = (int val) { set(QString("%1").arg(val)); return val; } unsigned operator = (unsigned val) { set(QString("%1").arg(val)); return val; } bool operator = (bool val) { set(QString(val ? "yes" : "no")); return val; } enum Qt::CheckState operator = (enum Qt::CheckState val) { set(QString(val == Qt::Checked ? "yes" : "no")); return val; } operator QString() { return get(); } operator int() { return get().toInt(); } operator unsigned() { return get().toUInt(); } operator bool() { return get() == "yes"; } operator enum Qt::CheckState() { return get() == "yes" ? Qt::Checked : Qt::Unchecked; } QString operator +(const QString &other) { return get() + other; } QString operator +(const char *other) { return get() + other; } }; class settings { friend class svalue; private: bool loaded; QStringList db_keys, hostspecific; QMap values; QMap defaul; void load_settings(); QString get(QString key); void set(QString key, QString value); void setAction(const QString &key, const QString &value); public: settings(); void clear(); QString defaults(const QString &key); svalue operator[] (QString x) { return svalue(this, x); } }; extern settings Settings; #endif xca-RELEASE.2.5.0/lib/sql.cpp000066400000000000000000000114501450407711300154240ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2017 Christian Hohnstaedt. * * All rights reserved. */ #include #include #include #include "base.h" #include "sql.h" #include "settings.h" #include "XcaWarningCore.h" int DbTransaction::mutex; int DbTransaction::error; bool DbTransaction::hasTransaction; QList DbTransaction::items; quint64 DbTransaction::DatabaseStamp; void DbTransaction::debug(const char *func, const char *file, int line) { qDebug() << QString("%1(%2) Transaction: %3 Level %4, E:%5 ") .arg(file + QString(file).lastIndexOf("/") +1) .arg(line).arg(func).arg(mutex).arg(error); } DbTransaction::DbTransaction() { has_begun = false; } DbTransaction::~DbTransaction() { if (has_begun) rollback("Destructor", 0); } bool DbTransaction::begin(const char *file, int line) { mutex++; has_begun = true; debug("Begin", file, line); if (mutex > 1 || !hasTransaction) return true; QSqlDatabase db = QSqlDatabase::database(); bool ret = db.transaction(); if (!ret) XCA_SQLERROR(db.lastError()); return ret; } bool DbTransaction::finish(const char *oper, const char *file, int line) { if (!has_begun) return true; if (mutex > 0) mutex--; else qCritical() << "Unbalanced DB Transaction in " << oper; debug(oper, file, line); has_begun = false; if (mutex > 0) return true; QSqlDatabase db = QSqlDatabase::database(); if (error) { error = 0; items.clear(); return hasTransaction ? db.rollback() : true; } mutex++; XSqlQuery q; SQL_PREPARE(q, "SELECT MAX(stamp) +1 from items"); q.exec(); if (q.first()) DatabaseStamp = q.value(0).toULongLong(); SQL_PREPARE(q, "UPDATE items SET stamp=? WHERE stamp=0"); q.bindValue(0, DatabaseStamp); q.exec(); SQL_PREPARE(q, "UPDATE items SET stamp=? WHERE id=?"); q.bindValue(0, DatabaseStamp); foreach(quint64 id, DbTransaction::items) { q.bindValue(1, id); q.exec(); } mutex--; items.clear(); bool ret = hasTransaction ? db.commit() : true; if (!ret) XCA_SQLERROR(db.lastError()); return ret; } bool DbTransaction::commit(const char *file, int line) { return finish("Commit", file, line); } bool DbTransaction::rollback(const char *file, int line) { error++; return finish("Rollback", file, line); } bool DbTransaction::done(QSqlError e, const char *file, int line) { return e.isValid() ? rollback(file, line) : commit(file, line); } QString XSqlQuery::table_prefix; int XSqlQuery::schemaVersion() { qDebug() << "table_prefix:" << table_prefix;; return QSqlDatabase::database().tables() .contains(table_prefix + "settings") ? Settings["schema"] : 0; } QString XSqlQuery::rewriteQuery(QString _q) { static const QStringList tables { "items" , "crls" , "private_keys" , "public_keys" , "tokens" , "token_mechanism" , "templates" , "certs" , "authority" , "revocations" , "requests" , "x509super" , "settings" , "view_public_keys" , "view_certs" , "view_requests" , "view_crls" , "view_templates" , "view_private", }; lastq = query = _q; if (table_prefix.isEmpty()) return query; QString m = tables.join("|") + "|i_" + tables.join("|i_"); m = QString("\\b(%1)").arg(m); query = query.replace(QRegularExpression(m), table_prefix + "\\1"); return query; } QString XSqlQuery::query_details() { QString lq = lastq; #if (QT_VERSION >= QT_VERSION_CHECK(6, 0, 0)) QVariantList list = boundValues(); #else QVariantList list = boundValues().values(); #endif QStringList sl; if (query != lastq) { lq = QString("%1 (PREFIX[%2]: %3)").arg(lastq) .arg(table_prefix).arg(query); } for (int i = 0; i < list.size(); ++i) sl << list.at(i).toString(); if (sl.size()) lq += QString("[%1]").arg(sl.join(", ")); return QString("%1:%2 (%3)").arg(file).arg(line).arg(lq); } QSqlError XSqlQuery::lastError() { QSqlError e = QSqlQuery::lastError(); if (!e.isValid()) return e; return QSqlError(QString("%1 - %2").arg(e.driverText()) .arg(query_details()), e.databaseText(), e.type(), e.nativeErrorCode() ); } XSqlQuery::XSqlQuery() : QSqlQuery() { } XSqlQuery::XSqlQuery(QString q) : QSqlQuery() { exec(q); } bool XSqlQuery::exec(QString q) { q = rewriteQuery(q); file = ""; line = 0; return QSqlQuery::exec(q); } bool XSqlQuery::exec() { QString res; setForwardOnly(true); bool r = QSqlQuery::exec(); if (isSelect()) { res = QString("Rows selected: %1").arg(size()); } else { res = QString("Rows affected: %1").arg(numRowsAffected()); if (!DbTransaction::active()) { qCritical("########## MISSING Transaction in %s(%d)", file, line); } } qDebug() << QString("QUERY: %1 - %2").arg(query_details()).arg(res); return r; } bool XSqlQuery::prepare(QString q) { q = rewriteQuery(q); setForwardOnly(true); return QSqlQuery::prepare(q); } void XSqlQuery::location(const char *f, int l) { file = f + QString(f).lastIndexOf("/") +1; line = l; } xca-RELEASE.2.5.0/lib/sql.h000066400000000000000000000037661450407711300151040ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2017 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __SQL_H #define __SQL_H #include #include #define SQL_PREPARE(q,cmd) do { \ (q).prepare(cmd); \ (q).location(__FILE__,__LINE__); \ } while (0) class DbTransaction { private: static int mutex; static int error; static QList items; static bool hasTransaction; bool has_begun; void debug(const char *func, const char *file, int line); bool finish(const char *oper, const char *file, int line); public: DbTransaction(); ~DbTransaction(); bool begin(const char *file, int line); bool commit(const char *file, int line); bool rollback(const char *file, int line); bool done(QSqlError e, const char *file, int line); static quint64 DatabaseStamp; static bool active() { return mutex > 0; } static void addItems(QVariant v) { items << v.toULongLong(); } static void setHasTransaction(bool trans) { hasTransaction = trans; } }; #define Transaction DbTransaction __trans #define TransBegin() __trans.begin(__FILE__, __LINE__) #define TransThrow() if (!__trans.begin(__FILE__, __LINE__)) { \ throw errorEx(QObject::tr("Failed to start a database transaction")); } #define TransCommit() __trans.commit(__FILE__, __LINE__) #define TransRollback() __trans.rollback(__FILE__, __LINE__) #define TransDone(e) __trans.done(e, __FILE__, __LINE__); #define AffectedItems(v) (DbTransaction::addItems(v)) class XSqlQuery: public QSqlQuery { private: QString lastq, query; const char *file; int line; QString rewriteQuery(QString query); static QString table_prefix; public: XSqlQuery(); XSqlQuery(QString q); static int schemaVersion(); static void setTablePrefix(QString p) { table_prefix = p; } static void clearTablePrefix() { table_prefix.clear(); } QString query_details(); QSqlError lastError(); bool exec(QString q); bool exec(); bool prepare(QString q); void location(const char *f, int l); }; #endif xca-RELEASE.2.5.0/lib/version.cpp000066400000000000000000000011071450407711300163100ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2018 Christian Hohnstaedt. * * All rights reserved. * Compiles much faster than MW_help.cpp * and needs to get recompiled every time */ #include "local.h" #define VERSION XCA_VERSION #ifdef GIT_LOCAL_CHANGES #define COMMITHASH GIT_COMMIT_REV "+local-changes" #else #define COMMITHASH GIT_COMMIT_REV #endif const char *version_str(bool html) { if (!COMMITHASH[0]) return html ? "" VERSION "" : VERSION; return html ? "" VERSION "-dev
commit: " COMMITHASH "" : VERSION "-dev\ncommit: " COMMITHASH; } xca-RELEASE.2.5.0/lib/x509name.cpp000066400000000000000000000126061450407711300161770ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include #include "x509name.h" #include "base.h" #include "func.h" #include "BioByteArray.h" #include #include #include "exception.h" x509name::x509name() { xn = X509_NAME_new(); } x509name::x509name(const X509_NAME *n) { xn = X509_NAME_dup((X509_NAME *)n); } x509name::x509name(STACK_OF(X509_NAME_ENTRY) *entries) { xn = NULL; set(entries); } x509name::x509name(const x509name &n) { xn = NULL; set(n.xn); } x509name::~x509name() { X509_NAME_free(xn); } x509name &x509name::set(const X509_NAME *n) { if (xn != NULL) X509_NAME_free(xn); xn = X509_NAME_dup((X509_NAME *)n); return *this; } x509name &x509name::set(const STACK_OF(X509_NAME_ENTRY) *entries) { if (xn != NULL) X509_NAME_free(xn); xn = X509_NAME_new(); if (xn && entries) { int count = sk_X509_NAME_ENTRY_num(entries); for (int i = 0; i < count; i++) { X509_NAME_ENTRY *entry = sk_X509_NAME_ENTRY_value(entries, i); X509_NAME_add_entry(xn, entry, -1, 0); } } return *this; } QString x509name::oneLine(unsigned long flags) const { BioByteArray bba; X509_NAME_print_ex(bba, xn, 0, flags); return bba.qstring(); } QString x509name::getEntryByNid(int nid) const { int i = X509_NAME_get_index_by_NID(xn, nid, -1); if (i < 0) return QString(); return getEntry(i); } QString x509name::getMostPopular() const { static const int nids[] = { NID_commonName, NID_pkcs9_emailAddress, NID_organizationalUnitName, NID_organizationName }; int pos = -1; for (unsigned i = 0; i < ARRAY_SIZE(nids) && pos < 0; i++) { pos = X509_NAME_get_index_by_NID(xn, nids[i], -1); } if (pos < 0) pos = 0; return getEntry(pos); } QString x509name::getEntry(int i) const { QString ret; ASN1_STRING *d; if ( i<0 || i>entryCount() ) return ret; d = X509_NAME_ENTRY_get_data(X509_NAME_get_entry(xn,i)); return asn1ToQString(d); } QString x509name::getEntryTag(int i) const { QString s = QObject::tr("Invalid"); ASN1_STRING *d; if (i<0 || i>=entryCount()) i = entryCount() - 1; d = X509_NAME_ENTRY_get_data(X509_NAME_get_entry(xn,i)); if (!d) return s; s = ASN1_tag2str(d->type); return s; } QString x509name::popEntryByNid(int nid) { int i = X509_NAME_get_index_by_NID(xn, nid, -1); if (i < 0) return QString(); QString n = getEntry(i); X509_NAME_delete_entry(xn, i); return n; } QString x509name::hash() const { return QString("%1").arg(X509_NAME_hash(xn), 8, 16, QChar('0')); } /* 32 bit signed integer */ unsigned x509name::hashNum() const { return X509_NAME_hash(xn) & 0x7fffffffL; } QStringList x509name::entryList(int i) const { QStringList sl; int n = nid(i); if (n == NID_undef) { QString oid = getOid(i); sl << oid << oid; } else { sl << OBJ_nid2sn(n) << OBJ_nid2ln(n); } sl << getEntry(i) << getEntryTag(i); return sl; } int x509name::nid(int i) const { X509_NAME_ENTRY *ne; ne = X509_NAME_get_entry(xn, i); if (ne == NULL) return NID_undef; return OBJ_obj2nid(X509_NAME_ENTRY_get_object(ne)); } QString x509name::getOid(int i) const { X509_NAME_ENTRY *ne; ne = X509_NAME_get_entry(xn, i); if (ne == NULL) return QString(); return OBJ_obj2QString(X509_NAME_ENTRY_get_object(ne), 1); } void x509name::d2i(QByteArray &ba) { X509_NAME *n = (X509_NAME*)d2i_bytearray(D2I_VOID(d2i_X509_NAME), ba); if (n) { X509_NAME_free(xn); xn = n; } } QByteArray x509name::i2d() const { return i2d_bytearray(I2D_VOID(i2d_X509_NAME), xn); } bool x509name::operator == (const x509name &x) const { return (X509_NAME_cmp(xn, x.xn) == 0); } bool x509name::operator != (const x509name &x) const { return (X509_NAME_cmp(xn, x.xn) != 0); } x509name &x509name::operator = (const x509name &x) { set(x.xn); return *this; } int x509name::entryCount() const { return X509_NAME_entry_count(xn); } int x509name::getNidByName(const QString &nid_name) { return OBJ_txt2nid(nid_name.toLatin1()); } QString x509name::checkLength() const { ASN1_STRING_TABLE *tab; int i, max = entryCount(); QString warn; for (i=0; iminsize > entry.size()) { warn += QObject::tr("%1 is shorter than %2 bytes: '%3'"). arg(OBJ_nid2ln(n)).arg(tab->maxsize).arg(entry); warn += "\n"; } if ((tab->maxsize != -1) && (tab->maxsize < entry.size())) { warn += QObject::tr("%1 is longer than %2 bytes: '%3'"). arg(OBJ_nid2ln(n)).arg(tab->maxsize).arg(entry); warn += "\n"; } } return warn; } bool x509name::search(const QRegularExpression &pattern) const { int i, max = entryCount(); for (i=0; itype, a->data, a->length, -1, 0); ASN1_STRING_free(a); openssl_error_msg(QString("'%1' (%2)").arg(entry).arg(OBJ_nid2ln(nid))); } X509_NAME *x509name::get() const { return X509_NAME_dup(xn); } const X509_NAME *x509name::get0() const { return xn; } xca-RELEASE.2.5.0/lib/x509name.h000066400000000000000000000026321450407711300156420ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __X509NAME_H #define __X509NAME_H #include #include #include #include class x509name { private: X509_NAME *xn; public: x509name(); x509name(const X509_NAME *n); x509name(const x509name &n); x509name(STACK_OF(X509_NAME_ENTRY) *entries); ~x509name(); x509name &set(const X509_NAME *n); x509name &set(const STACK_OF(X509_NAME_ENTRY) *entries); QString oneLine(unsigned long flags = XN_FLAG_ONELINE) const; int nid(int i) const; QString getOid(int i) const; QByteArray i2d() const; void d2i(QByteArray &ba); QStringList entryList(int i) const; QString getEntryByNid(int nid) const; QString getEntry(int i) const; QString getEntryTag(int i) const; int entryCount() const; x509name &operator = (const x509name &x); bool operator == (const x509name &x) const; bool operator != (const x509name &x) const; static int getNidByName(const QString &nid_name); void addEntryByNid(int nid, const QString entry); QString checkLength() const; QString popEntryByNid(int nid); X509_NAME *get() const; const X509_NAME *get0() const; QString getMostPopular() const; QString taggedValues() const; QString hash() const; unsigned hashNum() const; bool search(const QRegularExpression &pattern) const; }; #endif xca-RELEASE.2.5.0/lib/x509rev.cpp000066400000000000000000000145441450407711300160560ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2012 Christian Hohnstaedt. * * All rights reserved. */ #include "x509rev.h" #include "pki_base.h" #include "func.h" #include "exception.h" #include #include #include #include #define CRL_REASON_UNSPECIFIED 0 #define CRL_REASON_KEY_COMPROMISE 1 #define CRL_REASON_CA_COMPROMISE 2 #define CRL_REASON_AFFILIATION_CHANGED 3 #define CRL_REASON_SUPERSEDED 4 #define CRL_REASON_CESSATION_OF_OPERATION 5 #define CRL_REASON_CERTIFICATE_HOLD 6 #define CRL_REASON_REMOVE_FROM_CRL 8 #define CRL_REASON_PRIVILEGE_WITHDRAWN 9 #define CRL_REASON_AA_COMPROMISE 10 static ENUMERATED_NAMES crl_reasons[] = { {CRL_REASON_UNSPECIFIED, "Unspecified", "unspecified"}, {CRL_REASON_KEY_COMPROMISE, "Key Compromise", "keyCompromise"}, {CRL_REASON_CA_COMPROMISE, "CA Compromise", "CACompromise"}, {CRL_REASON_AFFILIATION_CHANGED, "Affiliation Changed", "affiliationChanged"}, {CRL_REASON_SUPERSEDED, "Superseded", "superseded"}, {CRL_REASON_CESSATION_OF_OPERATION, "Cessation Of Operation", "cessationOfOperation"}, {CRL_REASON_CERTIFICATE_HOLD, "Certificate Hold", "certificateHold"}, {CRL_REASON_REMOVE_FROM_CRL, "Remove From CRL", "removeFromCRL"}, {CRL_REASON_PRIVILEGE_WITHDRAWN, "Privilege Withdrawn", "privilegeWithdrawn"}, {CRL_REASON_AA_COMPROMISE, "AA Compromise", "AACompromise"}, {-1, NULL, NULL} }; QStringList x509rev::crlreasons() { QStringList l; for (int i=0; crl_reasons[i].lname; i++) l << crl_reasons[i].lname; return l; } QString x509rev::getReason() const { return crl_reasons[reason_idx].lname; } static int reasonBit2Idx(int bit) { for (int i=0; crl_reasons[i].lname; i++) { if (bit == crl_reasons[i].bitnum) { return i; } } return 0; } void x509rev::fromREVOKED(const X509_REVOKED *rev) { ASN1_ENUMERATED *reason; ASN1_TIME *at; int j = -1, r; if (!rev) return; serial = a1int(X509_REVOKED_get0_serialNumber(rev)); date = a1time(X509_REVOKED_get0_revocationDate(rev)); reason = (ASN1_ENUMERATED *)X509_REVOKED_get_ext_d2i( (X509_REVOKED *)rev, NID_crl_reason, &j, NULL); openssl_error(); reason_idx = 0; if (reason) { r = ASN1_ENUMERATED_get(reason); openssl_error(); reason_idx = reasonBit2Idx(r); ASN1_ENUMERATED_free(reason); } ivalDate.setUndefined(); at = (ASN1_TIME *)X509_REVOKED_get_ext_d2i((X509_REVOKED *)rev, NID_invalidity_date, &j, NULL); openssl_error(); if (at) { ivalDate = a1time(at); ASN1_GENERALIZEDTIME_free(at); } qDebug() << *this; } X509_REVOKED *x509rev::toREVOKED(bool withReason) const { a1time i = ivalDate; a1time d = date; X509_REVOKED *rev = X509_REVOKED_new(); Q_CHECK_PTR(rev); X509_REVOKED_set_serialNumber(rev, serial.get()); X509_REVOKED_set_revocationDate(rev, d.get_utc()); X509_REVOKED_add1_ext_i2d(rev, NID_invalidity_date, i.get(), 0, 0); /* RFC says to not add the extension if it is "unspecified" */ if (reason_idx != 0 && withReason) { ASN1_ENUMERATED *a = ASN1_ENUMERATED_new(); ASN1_ENUMERATED_set(a, crl_reasons[reason_idx].bitnum); X509_REVOKED_add1_ext_i2d(rev, NID_crl_reason, a, 0, 0); ASN1_ENUMERATED_free(a); } openssl_error(); qDebug() << *this; return rev; } void x509rev::d2i(QByteArray &ba) { X509_REVOKED *r; r = (X509_REVOKED *)d2i_bytearray(D2I_VOID(d2i_X509_REVOKED), ba); if (!r) return; fromREVOKED(r); X509_REVOKED_free(r); } QByteArray x509rev::i2d() const { QByteArray ba; X509_REVOKED *r = toREVOKED(); ba = i2d_bytearray(I2D_VOID(i2d_X509_REVOKED), r); X509_REVOKED_free(r); return ba; } void x509rev::set(const x509rev &x) { serial = x.serial; date = x.date; ivalDate = x.ivalDate; reason_idx = x.reason_idx; crlNo = x.crlNo; } bool x509rev::identical(const x509rev &x) const { return serial == x.serial && date == x.date && ivalDate == x.ivalDate && reason_idx == x.reason_idx; } x509rev::operator QString() const { return QString("Rev: %1 D:%2 I:%3 Reason: %4 '%5'\n") .arg(serial.toHex(), date.toSortable(), ivalDate.toSortable()) .arg(reason_idx).arg(crl_reasons[reason_idx].lname); } x509rev::x509rev(QSqlRecord rec, int offset) { serial.setHex(rec.value(offset).toString()); date.fromPlain(rec.value(offset +1).toString()); ivalDate.fromPlain(rec.value(offset +2).toString()); crlNo = rec.value(offset +3).toInt(); reason_idx = reasonBit2Idx(rec.value(offset +4).toInt()); qDebug() << *this; } void x509rev::executeQuery(XSqlQuery &q) { // 0 is the caId q.bindValue(1, serial.toHex()); q.bindValue(2, date.toPlain()); q.bindValue(3, ivalDate.toPlain()); q.bindValue(4, crlNo ? QVariant(crlNo) : QVariant()); q.bindValue(5, crl_reasons[reason_idx].bitnum); q.exec(); } void x509revList::merge(const x509revList &other) { foreach(x509rev r, other) { if (r.isValid() && !contains(r)) { merged = true; append(r); } } } bool x509revList::identical(const x509revList &other) const { if (size() != other.size()) return false; for (int i=0; i #include #include #include #include #include "asn1time.h" #include "asn1int.h" #include "pki_base.h" class x509rev { private: a1int serial; a1time date, ivalDate; int reason_idx, crlNo; void set(const x509rev &x); X509_REVOKED *toREVOKED(bool withReason=true) const; void fromREVOKED(const X509_REVOKED *rev); public: operator QString() const; static QStringList crlreasons(); void d2i(QByteArray &ba); QByteArray i2d() const; QString getReason() const; bool identical(const x509rev &x) const; x509rev() { reason_idx = 0; date.setUndefined(); } x509rev(X509_REVOKED *n) { fromREVOKED(n); } x509rev(const x509rev &n) { set(n); } x509rev(QSqlRecord rec, int offset = 0); void executeQuery(XSqlQuery &q); bool isValid() const { return serial != a1int(0L) && !date.isUndefined(); } x509rev &set(const X509_REVOKED *r) { fromREVOKED(r); return *this; } bool operator == (const x509rev &x) const { return serial == x.serial; } x509rev &operator = (const x509rev &x) { set(x); return *this; } void setSerial(const a1int &i) { serial = i; } void setDate(const a1time &t) { date = t; } void setInvalDate(const a1time &t) { ivalDate = t; } void setReason(const QString &reason) { reason_idx = crlreasons().indexOf(reason); } void setCrlNo(int n) { crlNo = n; } a1int getSerial() const { return serial; } a1time getDate() const { return date; } a1time getInvalDate() const { return ivalDate; } int getCrlNo() const { return crlNo; } X509_REVOKED *get(bool withReason=true) const { return toREVOKED(withReason); } }; class x509revList : public QList { public: static x509revList fromSql(QVariant caId); bool merged; void merge(const x509revList &other); bool identical(const x509revList &other) const; x509revList() : QList() { merged = false; } x509revList(const x509revList &r) : QList(r) { merged = r.merged; } x509revList(const x509rev &r) : QList() { if (r.isValid()) { merged = false; append(r); } } x509revList &operator = (const x509revList &r) { QList::operator=(r); merged = r.merged; return *this; } bool sqlUpdate(QVariant caId); }; #endif xca-RELEASE.2.5.0/lib/x509v3ext.cpp000066400000000000000000000650221450407711300163300ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2011 Christian Hohnstaedt. * * All rights reserved. */ #include "x509v3ext.h" #include "x509name.h" #include "asn1int.h" #include "func.h" #include "exception.h" #include #include #include #include #include #include "base.h" #include "BioByteArray.h" x509v3ext::x509v3ext() { ext = nullptr; } x509v3ext::x509v3ext(const X509_EXTENSION *n) : ext(nullptr) { if (n) { ext = X509_EXTENSION_dup((X509_EXTENSION *)n); Q_CHECK_PTR(ext); } } x509v3ext::x509v3ext(const x509v3ext &n) : ext(nullptr) { set(n.ext); } x509v3ext::x509v3ext(int nid, const QString &et, X509V3_CTX *ctx) : ext(nullptr) { create(nid, et, ctx); } x509v3ext::~x509v3ext() { if (ext) X509_EXTENSION_free(ext); } x509v3ext &x509v3ext::set(const X509_EXTENSION *n) { if (n) { ASN1_OCTET_STRING *str = X509_EXTENSION_get_data((X509_EXTENSION *)n); if (!str || !str->length) n = nullptr; } if (ext != nullptr) X509_EXTENSION_free(ext); ext = n ? X509_EXTENSION_dup((X509_EXTENSION *)n) : nullptr; openssl_error(); return *this; } x509v3ext &x509v3ext::create(int nid, const QString &et, X509V3_CTX *ctx) { if (ext) { X509_EXTENSION_free(ext); ext = nullptr; } openssl_error(); if (!et.isEmpty()) { QString etext = et; if (et.contains("DNS:copycn") && ctx && ctx->subject_cert && nid == NID_subject_alt_name) { x509name xn(X509_get_subject_name(ctx->subject_cert)); QString cn = xn.getEntryByNid(NID_commonName); if (!cn.isEmpty()) etext.replace(QString("DNS:copycn"), QString("DNS:%1").arg(cn)); } QByteArray ba = etext.toLocal8Bit(); ext = X509V3_EXT_conf_nid(NULL, ctx, nid, ba.data()); } if (ext) { if (ctx && ctx->subject_cert) { X509_add_ext(ctx->subject_cert, ext, -1); } } ign_openssl_error(); return *this; } x509v3ext &x509v3ext::create_ia5(int nid, const QString &et, X509V3_CTX *ctx) { QByteArray ba = et.toLocal8Bit(); for (int i=0; i"), ">"); text.replace(QRegularExpression("\n"), "
\n"); return text; } QString x509v3ext::getConsoleValue(const QString &indent) const { QString text = getValue(); text.replace(QRegularExpression("\n"), QString("\n") + indent); return text; } static QString vlist2Section(QStringList vlist, QString tag, QString *sect) { /* Check for commas in the text */ if (!vlist.join("").contains(",")) return vlist.join(", "); *sect += QString("\n[%1_sect]\n").arg(tag); for (int i=0; itype) { case GEN_EMAIL: ret = "email:%1"; break; case GEN_DNS: ret = "DNS:%1"; break; case GEN_URI: ret = "URI:%1"; break; case GEN_DIRNAME: { tag += "_dirname"; x509name xn(gen->d.dirn); *sect += QString("\n[%1]\n"). arg(tag); *sect += xn.taggedValues(); *single = QString("dirName:") + tag; return true; } case GEN_IPADD: p = gen->d.ip->data; if (gen->d.ip->length == 4) { *single = QString("IP:%1.%2.%3.%4"). arg(p[0]).arg(p[1]).arg(p[2]).arg(p[3]); return true; } else if(gen->d.ip->length == 8) { *single = QString("IP:%1.%2.%3.%4/%5.%6.%7.%8"). arg(p[0]).arg(p[1]).arg(p[2]).arg(p[3]). arg(p[4]).arg(p[5]).arg(p[6]).arg(p[7]); return true; } else if(gen->d.ip->length == 16) { *single = "IP:" + ipv6_from_binary(gen->d.ip->data); return true; } else if(gen->d.ip->length == 32) { *single = "IP:" + ipv6_from_binary(gen->d.ip->data) + "/" + ipv6_from_binary(gen->d.ip->data +16); return true; } return false; case GEN_RID: *single = QString("RID:%1"). arg(obj2SnOid(gen->d.rid)); return true; case GEN_OTHERNAME: { int type = gen->d.otherName->value->type; ASN1_STRING *a; a = gen->d.otherName->value->value.asn1_string; if (asn1TypePrintable(type)) { *single = QString("otherName:%1;%2:%3"). arg(obj2SnOid(gen->d.otherName->type_id)). arg(asn1Type2Name(type)). arg(asn1ToQString(a, true)); } else { *single = QString("otherName:%1;FORMAT:HEX,%2"). arg(obj2SnOid(gen->d.otherName->type_id)). arg(asn1Type2Name(type)); for (int i=0; ilength; i++) { *single += QString(":%1"). arg((int)(a->data[i]), 2, 16, QChar('0')); } } return true; } default: return false; } if (!ret.isEmpty()) *single = ret.arg(asn1ToQString(gen->d.ia5, true)); return true; } static bool genNameStack2conf(STACK_OF(GENERAL_NAME) *gens, QString tag, QString *single, QString *sect) { int i; QStringList sl; for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) { QString one; if (!genName2conf(sk_GENERAL_NAME_value(gens, i), QString("%1_%2").arg(tag).arg(i), &one, sect)) { return false; } sl << one; } *single = vlist2Section(sl, tag, sect); return true; } QString x509v3ext::parse_critical() const { return QString(getCritical() ? "critical," : ""); } #define TEXTS (\ B_ASN1_TIME | B_ASN1_DIRECTORYSTRING | B_ASN1_DISPLAYTEXT | \ B_ASN1_NUMERICSTRING | B_ASN1_T61STRING | B_ASN1_UNIVERSALSTRING) bool x509v3ext::parse_ia5(QString *single, QString *adv) const { ASN1_STRING *str = (ASN1_STRING *)d2i(); QString ret; if (!isValid()) return false; if (!str) { const unsigned char *p = getData()->data; str = d2i_ASN1_OCTET_STRING(NULL, &p, getData()->length); if (ign_openssl_error() || !str) return false; ret = QString("%2"). arg(asn1Type2Name(str->type)). arg(QString(asn1ToQString(str))); } else { ret = QString(asn1ToQString(str)); } if (single) *single = ret; else if (adv) *adv = QString("%1=%2\n").arg(OBJ_nid2sn(nid())).arg(ret) +*adv; ASN1_STRING_free(str); return true; } bool x509v3ext::parse_generalName(QString *single, QString *adv) const { bool retval = true; QString sect, ret; STACK_OF(GENERAL_NAME) *gens = (STACK_OF(GENERAL_NAME) *)d2i(); if (!gens) return false; QString tag = OBJ_nid2sn(nid()); if (!genNameStack2conf(gens, tag, &ret, §)) retval = false; else if (sect.isEmpty() && single) { *single = parse_critical() + ret; } else if (adv) { *adv = QString("%1=%2\n").arg(tag). arg(parse_critical() +ret) + *adv + sect; } sk_GENERAL_NAME_free(gens); return retval; } bool x509v3ext::parse_eku(QString *single, QString *adv) const { EXTENDED_KEY_USAGE *eku = (EXTENDED_KEY_USAGE *)d2i(); QStringList sl; int i; if (!eku) return false; for (i = 0; i < sk_ASN1_OBJECT_num(eku); i++) { sl << QString(OBJ_obj2sn(sk_ASN1_OBJECT_value(eku, i))); } QString r = parse_critical() + sl.join(", "); if (single) *single = r; else if (adv) *adv = QString("%1=%2\n").arg(OBJ_nid2sn(nid())).arg(r) + *adv; EXTENDED_KEY_USAGE_free(eku); return true; } bool x509v3ext::parse_ainfo(QString *single, QString *adv) const { bool retval = true; QString sect, ret; QString tag = OBJ_nid2sn(nid()); QStringList sl; int i; AUTHORITY_INFO_ACCESS *ainfo = (AUTHORITY_INFO_ACCESS *)d2i(); if (!ainfo) return false; for (i = 0; i < sk_ACCESS_DESCRIPTION_num(ainfo); i++) { QString one; ACCESS_DESCRIPTION *desc = sk_ACCESS_DESCRIPTION_value(ainfo, i); if (!genName2conf(desc->location, QString("%1_%2").arg(tag).arg(i), &one, §)) { retval = false; break; } sl << QString("%1;%2").arg(OBJ_obj2sn(desc->method)).arg(one); } if (retval) { ret = vlist2Section(sl, tag, §); if (sect.isEmpty() && sk_ACCESS_DESCRIPTION_num(ainfo) == 1 && single) { *single = parse_critical() + ret; } else if (adv) { *adv = QString("%1=%2\n").arg(tag). arg(parse_critical() + ret) + *adv + sect; } } AUTHORITY_INFO_ACCESS_free(ainfo); return retval; } static const BIT_STRING_BITNAME reason_flags[] = { {0, "", "unused"}, {1, "", "keyCompromise"}, {2, "", "CACompromise"}, {3, "", "affiliationChanged"}, {4, "", "superseded"}, {5, "", "cessationOfOperation"}, {6, "", "certificateHold"}, {7, "", "privilegeWithdrawn"}, {8, "", "AACompromise"}, {-1, NULL, NULL} }; static QString parse_bits(const BIT_STRING_BITNAME *flags, ASN1_BIT_STRING *str) { const BIT_STRING_BITNAME *pbn; QStringList r; for (pbn = flags; pbn->sname; pbn++) { if (ASN1_BIT_STRING_get_bit(str, pbn->bitnum)) r << QString(pbn->sname); } return r.join(", "); } bool x509v3ext::parse_Crldp(QString *single, QString *adv) const { QString othersect; QStringList crldps; const char *sn = OBJ_nid2sn(nid()); STACK_OF(DIST_POINT) *crld = (STACK_OF(DIST_POINT)*)d2i(); if (!crld) return false; if (sk_DIST_POINT_num(crld) == 1 && single) { DIST_POINT *point = sk_DIST_POINT_value(crld, 0); if (point->distpoint && !point->reasons && !point->CRLissuer && !point->distpoint->type) { QString sect, ret; if (!genNameStack2conf(point->distpoint->name.fullname, "", &ret, §)) goto could_not_parse; if (sect.isEmpty()) { if (single) *single = parse_critical() +ret; else if (adv) *adv = QString("%1=%2\n").arg(sn). arg(parse_critical() +ret) +*adv; return true; } } } for(int i = 0; i < sk_DIST_POINT_num(crld); i++) { DIST_POINT *point = sk_DIST_POINT_value(crld, i); QString tag = QString("crlDistributionPoint%1_sect").arg(i); QString crldpsect = QString("\n[%1]\n").arg(tag); if (point->distpoint) { if (!point->distpoint->type) { QString ret; if (!genNameStack2conf(point->distpoint->name.fullname, tag + "_fullname", &ret, &othersect)) goto could_not_parse; crldpsect += "fullname=" + ret +"\n"; } else { QString mysect = tag + "_relativename"; x509name xn(point->distpoint->name.relativename); crldpsect += "relativename=" + mysect + "\n"; othersect += QString("\n[%1]\n").arg(mysect) + xn.taggedValues(); } } if (point->reasons) { crldpsect += QString("reasons=%1\n"). arg(parse_bits(reason_flags, point->reasons)); } if (point->CRLissuer) { QString ret; if (genNameStack2conf(point->CRLissuer, tag +"_crlissuer", &ret, &othersect)) goto could_not_parse; crldpsect += "CRLissuer=" + ret + "\n"; } crldps << tag; othersect = crldpsect + othersect; } sk_DIST_POINT_free(crld); if (crldps.size() == 0) return true; if (adv) { *adv = QString("%1=%2\n").arg(sn). arg(parse_critical() + crldps.join(", ")) + *adv + othersect; } return true; could_not_parse: sk_DIST_POINT_free(crld); return false; } static void gen_cpol_notice(QString tag, USERNOTICE *notice, QString *adv) { *adv += QString("\n[%1]\n").arg(tag); if (notice->exptext) { *adv += QString("explicitText=%1\n"). arg(asn1ToQString(notice->exptext, true)); } if (notice->noticeref) { NOTICEREF *ref = notice->noticeref; QStringList sl; int i; *adv += QString("organization=%1\n"). arg(asn1ToQString(ref->organization, true)); for (i = 0; i < sk_ASN1_INTEGER_num(ref->noticenos); i++) { a1int num(sk_ASN1_INTEGER_value(ref->noticenos, i)); sl << num.toDec(); } if (sl.size()) *adv += QString("noticeNumbers=%1\n"). arg(sl.join(", ")); } } static bool gen_cpol_qual_sect(QString tag, POLICYINFO *pinfo, QString *adv) { QString polsect = QString("\n[%1]\n").arg(tag); QString noticetag, _adv; STACK_OF(POLICYQUALINFO) *quals = pinfo->qualifiers; int i; if (!quals) return false; if (!adv) adv = &_adv; polsect += QString("policyIdentifier=%1\n"). arg(obj2SnOid(pinfo->policyid)); for (i = 0; i < sk_POLICYQUALINFO_num(quals); i++) { POLICYQUALINFO *qualinfo = sk_POLICYQUALINFO_value(quals, i); switch (OBJ_obj2nid(qualinfo->pqualid)) { case NID_id_qt_cps: polsect += QString("CPS.%1=%2\n").arg(i). arg(asn1ToQString(qualinfo->d.cpsuri, true)); break; case NID_id_qt_unotice: noticetag = QString("%1_notice%2_sect").arg(tag).arg(i); polsect += QString("userNotice.%1=@%2\n").arg(i). arg(noticetag); gen_cpol_notice(noticetag, qualinfo->d.usernotice, adv); break; default: return false; } } *adv = polsect + *adv; return true; } bool x509v3ext::parse_certpol(QString *, QString *adv) const { bool retval = true; QStringList pols; QString myadv; int i; STACK_OF(POLICYINFO) *pol = (STACK_OF(POLICYINFO) *)d2i(); if (!pol) return false; for (i = 0; i < sk_POLICYINFO_num(pol); i++) { POLICYINFO *pinfo = sk_POLICYINFO_value(pol, i); if (!pinfo->qualifiers) { pols << obj2SnOid(pinfo->policyid); continue; } QString tag = QString("certpol%1_sect").arg(i); pols << QString("@") + tag; if (!gen_cpol_qual_sect(tag, pinfo, &myadv)) { retval = false; break; } } if (retval && adv) *adv = QString("certificatePolicies=%1ia5org,%2\n"). arg(parse_critical()).arg(pols.join(", ")) + *adv + myadv; sk_POLICYINFO_free(pol); return retval; } bool x509v3ext::parse_bc(QString *single, QString *adv) const { BASIC_CONSTRAINTS *bc = (BASIC_CONSTRAINTS *)d2i(); if (!bc) return false; QString ret = a1int(bc->pathlen).toDec(); if (!ret.isEmpty()) ret = ",pathlen:" + ret; ret = parse_critical() + (bc->ca ? "CA:TRUE" : "CA:FALSE") + ret; if (single) *single = ret; else if (adv) *adv = QString("%1=%2\n").arg(OBJ_nid2sn(nid())).arg(ret) +*adv; BASIC_CONSTRAINTS_free(bc); return true; } static const BIT_STRING_BITNAME key_usage_type_table[] = { {0, "Digital Signature", "digitalSignature"}, {1, "Non Repudiation", "nonRepudiation"}, {2, "Key Encipherment", "keyEncipherment"}, {3, "Data Encipherment", "dataEncipherment"}, {4, "Key Agreement", "keyAgreement"}, {5, "Certificate Sign", "keyCertSign"}, {6, "CRL Sign", "cRLSign"}, {7, "Encipher Only", "encipherOnly"}, {8, "Decipher Only", "decipherOnly"}, {-1, NULL, NULL} }; static const BIT_STRING_BITNAME ns_cert_type_table[] = { {0, "SSL Client", "client"}, {1, "SSL Server", "server"}, {2, "S/MIME", "email"}, {3, "Object Signing", "objsign"}, {4, "Unused", "reserved"}, {5, "SSL CA", "sslCA"}, {6, "S/MIME CA", "emailCA"}, {7, "Object Signing CA", "objCA"}, {-1, NULL, NULL} }; bool x509v3ext::parse_bitstring(QString *single, QString *adv) const { ASN1_BIT_STRING *bs; const BIT_STRING_BITNAME *bnames; int n = nid(); switch (n) { case NID_key_usage: bnames = key_usage_type_table; break; case NID_netscape_cert_type: bnames = ns_cert_type_table; break; default: return false; } bs = (ASN1_BIT_STRING *)d2i(); if (!bs) return false; QString ret = parse_critical() + parse_bits(bnames, bs); if (single) *single = ret; else if (adv) *adv = QString("%1=%2\n").arg(OBJ_nid2sn(nid())).arg(ret) +*adv; ASN1_BIT_STRING_free(bs); return true; } bool x509v3ext::parse_sKeyId(QString *, QString *adv) const { if (adv) *adv = QString("%1=hash\n").arg(OBJ_nid2sn(nid())) + *adv; return true; } bool x509v3ext::parse_aKeyId(QString *, QString *adv) const { QStringList ret; AUTHORITY_KEYID *akeyid = (AUTHORITY_KEYID *)d2i(); ign_openssl_error(); if (!akeyid) return false; if (akeyid->keyid) ret << "keyid"; if (akeyid->issuer) ret << "issuer:always"; if (adv) *adv = QString("%1=%2\n").arg(OBJ_nid2sn(nid())). arg(ret.join(", ")) + *adv; AUTHORITY_KEYID_free(akeyid); return true; } bool x509v3ext::parse_generic(QString *, QString *adv) const { if (!isValid()) return false; const ASN1_OBJECT *o = object(); QString der, obj = o ? obj2SnOid(o) : QString("INVALID"); ASN1_OCTET_STRING *v = getData(); for (int i=0; v && i < v->length; i++) der += QString(":%1").arg((int)(v->data[i]), 2, 16, QChar('0')); if (adv) *adv = QString("%1=%2DER%3\n").arg(obj). arg(parse_critical()).arg(der) + *adv; return true; } bool x509v3ext::parse_inhibitAnyPolicy(QString *, QString *adv) const { ASN1_INTEGER *a = (ASN1_INTEGER *)d2i(); ign_openssl_error(); if (!a) return false; a1int val(a); if (adv) { *adv = QString("%1=%2%3\n").arg(OBJ_nid2sn(nid())). arg(parse_critical()).arg(val.toDec()) + *adv; } ASN1_INTEGER_free(a); return true; } bool x509v3ext::parse_policyConstraints(QString *, QString *adv) const { QStringList v; a1int a1null(0L), a; POLICY_CONSTRAINTS *pol = (POLICY_CONSTRAINTS *)d2i(); ign_openssl_error(); if (!pol) return false; a = a1int(pol->requireExplicitPolicy); if (a != a1null) v << QString("requireExplicitPolicy:%1").arg(a.toDec()); a = a1int(pol->inhibitPolicyMapping); if (a != a1null) v << QString("inhibitPolicyMapping:%1").arg(a.toDec()); if (adv) *adv = QString("%1=%2%3\n").arg(OBJ_nid2sn(nid())). arg(parse_critical()).arg(v.join(", ")) + *adv; POLICY_CONSTRAINTS_free(pol); return true; } bool x509v3ext::parse_policyMappings(QString *, QString *adv) const { bool retval = true; QStringList polMaps; QString myadv; POLICY_MAPPINGS *pmaps = (POLICY_MAPPINGS *)d2i(); ign_openssl_error(); if (!pmaps) return false; for (int i = 0; i < sk_POLICY_MAPPING_num(pmaps); i++) { POLICY_MAPPING *pmap = sk_POLICY_MAPPING_value(pmaps, i); polMaps << QString("%1 = %2"). arg(obj2SnOid(pmap->issuerDomainPolicy)). arg(obj2SnOid(pmap->subjectDomainPolicy)); } if (polMaps.size() > 0 && adv) { *adv = QString("policyMappings=%1@policyMappings_sect\n"). arg(parse_critical()) + *adv + QString("[policyMappings_sect]\n") + polMaps.join("\n"); } sk_POLICY_MAPPING_free(pmaps); return retval; } static bool nameConstraint(STACK_OF(GENERAL_SUBTREE) *trees, QString prefix, QString tag, QString *single, QString *sect) { QStringList sl; for (int i = 0; i < sk_GENERAL_SUBTREE_num(trees); i++) { QString one; GENERAL_SUBTREE *tree = sk_GENERAL_SUBTREE_value(trees, i); if (!genName2conf(tree->base, QString("%1_%2").arg(tag).arg(i), &one, sect)) { return false; } qDebug("%s: %d '%s'\n", __func__, i, CCHAR(one)); sl << prefix + ";" + one; } *single = vlist2Section(sl, tag+prefix, sect); qDebug("Single: '%s'\n", CCHAR(*single)); return true; } bool x509v3ext::parse_nameConstraints(QString *, QString *adv) const { bool retval = true; QString sect, ret; QStringList permEx; QString tag = OBJ_nid2sn(nid()); NAME_CONSTRAINTS *cons = (NAME_CONSTRAINTS *)d2i(); ign_openssl_error(); if (!cons) return false; if (!nameConstraint(cons->permittedSubtrees, "permitted", tag, &ret, §)) retval = false; if (ret.size() > 0) permEx << ret; if (!nameConstraint(cons->excludedSubtrees, "excluded", tag, &ret, §)) retval = false; if (ret.size() > 0) permEx << ret; if (adv && retval &&permEx.size() > 0) { ret = permEx.join(", "); qDebug("%s %d '%s'\n", __func__, retval, CCHAR(ret)); *adv = QString("%1=%2\n").arg(tag). arg(parse_critical() +ret) + *adv + sect; } NAME_CONSTRAINTS_free(cons); return retval; } bool x509v3ext::genConf(QString *single, QString *adv) const { int n = nid(); switch (n) { case NID_crl_distribution_points: return parse_Crldp(single, adv); case NID_subject_alt_name: case NID_issuer_alt_name: return parse_generalName(single, adv); case NID_info_access: return parse_ainfo(single, adv); case NID_ext_key_usage: return parse_eku(single, adv); case NID_certificate_policies: return parse_certpol(single, adv); case NID_netscape_comment: case NID_netscape_base_url: case NID_netscape_revocation_url: case NID_netscape_ca_revocation_url: case NID_netscape_renewal_url: case NID_netscape_ca_policy_url: case NID_netscape_ssl_server_name: return parse_ia5(single, adv); case NID_basic_constraints: return parse_bc(single, adv); case NID_key_usage: case NID_netscape_cert_type: return parse_bitstring(single, adv); case NID_subject_key_identifier: return parse_sKeyId(single, adv); case NID_authority_key_identifier: return parse_aKeyId(single, adv); case NID_inhibit_any_policy: return parse_inhibitAnyPolicy(single, adv); case NID_policy_constraints: return parse_policyConstraints(single, adv); case NID_policy_mappings: return parse_policyMappings(single, adv); case NID_name_constraints: return parse_nameConstraints(single, adv); case NID_id_pkix_OCSP_noCheck: if (adv) *adv = "noCheck = ignored\n" + *adv; return true; default: return parse_generic(single, adv); } return false; } QString x509v3ext::getHtml() const { QString html; html = "" + getObject(); if (getCritical() != 0) html += " critical"; html += ":
" + getHtmlValue() + ""; return html; } QString x509v3ext::getConsole(const QString &indent) const { QString text, twoind = indent + indent; text = indent + COL_BOLD COL_UNDER + getObject(); if (getCritical() != 0) text += " " COL_RED COL_UNDER "[critical]"; text += COL_RESET "\n" + twoind + getConsoleValue(twoind); return text; } X509_EXTENSION *x509v3ext::get() const { return ext ? X509_EXTENSION_dup(ext) : nullptr; } bool x509v3ext::isValid() const { return ext && getData() && getData()->length > 0 && OBJ_obj2nid(X509_EXTENSION_get_object(ext)) != NID_undef; } /*************************************************************/ bool extList::genConf(int nid, QString *single, QString *adv) { int i = idxByNid(nid); if (i != -1) { if (at(i).genConf(single, adv)) removeAt(i); ign_openssl_error(); return true; } return false; } void extList::genGenericConf(QString *adv) { for (int i=0; i< size();) { if (at(i).genConf(NULL, adv) || at(i).parse_generic(NULL, adv)) removeAt(i); else i++; ign_openssl_error(); } } void extList::setStack(const STACK_OF(X509_EXTENSION) *st, int start) { clear(); int cnt = sk_X509_EXTENSION_num(st); x509v3ext e; for (int i=start; i i(*this); while (i.hasNext()) { if (!i.next().isValid()) { i.remove(); removed=1; } } return removed; } xca-RELEASE.2.5.0/lib/x509v3ext.h000066400000000000000000000051371450407711300157760ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __X509V3EXT_H #define __X509V3EXT_H #include #include #include #include #include class QString; class x509v3ext { private: X509_EXTENSION *ext; const ASN1_OBJECT *object() const; public: x509v3ext(); x509v3ext(const X509_EXTENSION *n); x509v3ext(const x509v3ext &n); x509v3ext(int nid, const QString &et, X509V3_CTX *ctx); ~x509v3ext(); x509v3ext &set(const X509_EXTENSION *n); x509v3ext &create(int nid, const QString &et, X509V3_CTX *ctx = NULL); x509v3ext &create_ia5(int nid, const QString &et, X509V3_CTX *ctx = NULL); x509v3ext &operator = (const x509v3ext &x); // bool operator == (const x509v3ext &x) const; QString getObject() const; int getCritical() const; ASN1_OCTET_STRING *getData() const; QString getValue() const; QString getHtmlValue() const; QString getConsoleValue(const QString &indent) const; QString getHtml() const; QString getConsole(const QString &indent) const; X509_EXTENSION *get() const; bool isValid() const; int nid() const; void *d2i() const; bool genConf(QString *single, QString *adv) const; bool parse_generic(QString *single, QString *adv) const; protected: QString parse_critical() const; bool parse_certpol(QString *single, QString *adv) const; bool parse_ainfo(QString *single, QString *adv) const; bool parse_Crldp(QString *single, QString *adv) const; bool parse_eku(QString *single, QString *adv) const; bool parse_generalName(QString *single, QString *adv) const; bool parse_ia5(QString *single, QString *adv) const; bool parse_bc(QString *single, QString *adv) const; bool parse_bitstring(QString *single, QString *adv) const; bool parse_sKeyId(QString *single, QString *adv) const; bool parse_aKeyId(QString *single, QString *adv) const; bool parse_inhibitAnyPolicy(QString *, QString *adv) const; bool parse_policyConstraints(QString *, QString *adv) const; bool parse_policyMappings(QString *, QString *adv) const; bool parse_nameConstraints(QString *, QString *adv) const; }; class extList : public QList { public: void setStack(const STACK_OF(X509_EXTENSION) *st, int start=0); STACK_OF(X509_EXTENSION) *getStack(); QString getHtml(const QString &sep) const; QString getConsole(const QString &indent) const; bool delByNid(int nid); int delInvalid(); int idxByNid(int nid); bool genConf(int nid, QString *single, QString *adv = NULL); void genGenericConf(QString *adv); bool search(const QRegularExpression &pattern); }; #endif xca-RELEASE.2.5.0/lib/xcadoc.cpp000066400000000000000000000011021450407711300160570ustar00rootroot00000000000000#include #include #include #include #include "arguments.h" int main(int argc, char *argv[]) { if (argc < 2) { qWarning() << "Need type argument: "; return EXIT_FAILURE; } QByteArray doc = arguments::doc(argv[1]).toUtf8(); if (doc.isEmpty()) { qWarning() << QString("Doc was empty: %1").arg(argv[1]); return EXIT_FAILURE; } if (argc > 2) { QFile f(argv[2]); f.open(QIODevice::WriteOnly); f.write(doc); f.close(); } else { QTextStream out(stdout); out << doc; } return EXIT_SUCCESS; } xca-RELEASE.2.5.0/lib/xfile.h000066400000000000000000000017171450407711300154060ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2019 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __X_FILE_H #define __X_FILE_H #include #include #include #include "exception.h" #include class XFile : public QFile { Q_OBJECT public: bool open(OpenMode flags) { bool o = QFile::open(flags | Unbuffered); if (error()) { throw errorEx(tr("Error opening file: '%1': %2") .arg(fileName()).arg(strerror(errno))); } return o; } XFile(const QString &name) : QFile(name) { } void retry_read() { seek(0); if (error()) { throw errorEx( tr("Error rewinding file: '%1': %2") .arg(fileName()) .arg(strerror(errno))); } } bool open_key() { bool o = open_write(); setPermissions(ReadOwner | WriteOwner); return o; } bool open_write() { return open(ReadWrite | Truncate); } bool open_read() { return open(ReadOnly); } }; #endif xca-RELEASE.2.5.0/local.h.in000066400000000000000000000004101450407711300152150ustar00rootroot00000000000000#define XCA_VERSION "@PROJECT_VERSION@" /* usually "xca" */ #define PACKAGE_TARNAME "@PROJECT_NAME@" /* usually "X Certificate and Key management" */ #define PACKAGE_NAME "@PROJECT_DESCRIPTION@" #define GIT_COMMIT_REV "@GIT_REV@" #cmakedefine GIT_LOCAL_CHANGES xca-RELEASE.2.5.0/misc/000077500000000000000000000000001450407711300143055ustar00rootroot00000000000000xca-RELEASE.2.5.0/misc/.gitignore000066400000000000000000000000461450407711300162750ustar00rootroot00000000000000dn.txt eku.txt oids.txt variables.wxi xca-RELEASE.2.5.0/misc/CA.xca000066400000000000000000000015361450407711300152720ustar00rootroot00000000000000V 0 validN10validMidn0 validM2 subKey1subAltNamensSslServerNamensRevocationUrlnsRenewalUrlnsCommentxca certificatensCertType112nsCaPolicyUrl"nsCARevocationUrlnsBaseUrl(noWellDefinedExpDate0kuCriticalkeyUseCritical0 keyUse96issAltNameekuCriticaleKyUseCritical0eKeyUsecrlDistca1bcCritical1basicPathauthKey0authInfAccadv_extxca-RELEASE.2.5.0/misc/CMakeLists.txt000066400000000000000000000046051450407711300170520ustar00rootroot00000000000000 set(S "${PROJECT_SOURCE_DIR}/misc") set(D "${PROJECT_BINARY_DIR}/misc") file(MAKE_DIRECTORY ${D}) configure_file(${S}/Info.plist.in ${D}/Info.plist) configure_file(${S}/dynamic.wxs.in ${D}/dynamic.wxs) set(CPACK_RESOURCE_FILE_LICENSE "${S}/copyright.rtf") set(CPACK_BUNDLE_PLIST ${D}/Info.plist) set(CPACK_DMG_DS_STORE ${S}/dmg.DS_Store) set_property(TARGET ${PROJECT_NAME} PROPERTY MACOSX_BUNDLE_INFO_PLIST ${D}/Info.plist) ##### XCA Templates set(TEMPLATES CA.xca TLS_server.xca TLS_client.xca) foreach(templ ${TEMPLATES}) list(APPEND XCA_TEMPLATES ${S}/${templ}) endforeach() target_sources(${CMAKE_PROJECT_NAME} PRIVATE ${XCA_TEMPLATES}) list(APPEND APP_RESOURCES "${XCA_TEMPLATES}") ##### Text Files ids.txt eku.txt dn.txt macro(Text_header file) add_custom_command(OUTPUT "${D}/${file}.txt" COMMAND ${CMAKE_COMMAND} -DFILE=${file} -DSRC="${S}" -DDST="${D}" -P "${PROJECT_SOURCE_DIR}/cmake/text_header_file.cmake" DEPENDS "${S}/${file}.text" "${S}/preamble.txt" ) list(APPEND TEXT_FILES "${D}/${file}.txt") endmacro() Text_header(dn) Text_header(eku) Text_header(oids) foreach(misc_name ${TEXT_FILES} ${XCA_TEMPLATES}) string(REGEX REPLACE ".*/" "" misc_basename ${misc_name}) guid(${misc_basename}) list(APPEND MISC_COMPREFS " \n") list(APPEND MISC_COMPS " \n") endforeach() string(APPEND WIX_MISC_CONTENT "\n" ${MISC_COMPS} " \n" ${MISC_COMPREFS} "") WixFile(${D}/misc.wxs ${WIX_MISC_CONTENT}) target_sources(${CMAKE_PROJECT_NAME} PRIVATE ${TEXT_FILES}) list(APPEND APP_RESOURCES ${TEXT_FILES}) if (UNIX AND NOT APPLE) install(FILES ${TEXT_FILES} ${XCA_TEMPLATES} DESTINATION ${CMAKE_INSTALL_DATADIR}/${CMAKE_PROJECT_NAME} ) install(FILES misc/xca.desktop DESTINATION ${CMAKE_INSTALL_DATADIR}/applications ) install(FILES misc/xca.completion DESTINATION ${CMAKE_INSTALL_DATADIR}/bash-completion/completions RENAME xca ) install(FILES misc/xca.xml DESTINATION ${CMAKE_INSTALL_DATADIR}/mime/packages ) elseif(WIN32) install(FILES ${TEXT_FILES} ${XCA_TEMPLATES} DESTINATION ${RUNTIME_DEST} ) endif() xca-RELEASE.2.5.0/misc/ExportOptions.plist000066400000000000000000000006331450407711300202210ustar00rootroot00000000000000 destination export method developer-id signingCertificate Developer ID Application signingStyle manual xca-RELEASE.2.5.0/misc/Info.plist.in000066400000000000000000000041451450407711300166660ustar00rootroot00000000000000 CFBundleExecutable xca NSHumanReadableCopyright © 2022, Christian Hohnstädt NSHighResolutionCapable True CFBundleShortVersionString @PROJECT_VERSION@ CFBundleVersion @PROJECT_VERSION@ CFBundleIconFile xca-icons.icns CFBundleIdentifier de.hohnstaedt.xca CFBundleName @CMAKE_PROJECT_NAME@ CFBundleDisplayName @CMAKE_PROJECT_NAME@ CFBundlePackageType APPL CFBundleSupportedPlatforms MacOSX LSApplicationCategoryType public.app-category.utilities LSMinimumSystemVersion @CMAKE_OSX_DEPLOYMENT_TARGET@.0 ITSAppUsesNonExemptEncryption no CFBundleDocumentTypes CFBundleTypeExtensions xdb CFBundleTypeIconFile xca-mac-icon.icns CFBundleTypeMIMETypes application/x-xca-database CFBundleTypeName XCA Database CFBundleTypeRole Editor LSHandlerRank Owner CFBundleTypeExtensions xca CFBundleTypeIconFile xca-mac-icon.icns CFBundleTypeMIMETypes application/x-xca-template CFBundleTypeName XCA Template CFBundleTypeRole Editor LSHandlerRank Owner xca-RELEASE.2.5.0/misc/Makefile000066400000000000000000000026521450407711300157520ustar00rootroot00000000000000 SRCPATH=$(VPATH)/ ifeq ($(TOPDIR),) TOPDIR=.. BUILD=.. endif include $(TOPDIR)/Rules.mak CONFIG_OBJ = dn.txt oids.txt eku.txt INSTALLS = Info.plist xca.completion xca.desktop xca.xml .install-stamp all: $(CONFIG_OBJ) .install-stamp: $(INSTALLS) MSG := \# Do not edit this file, rather use %.txt: preamble.txt %.text @$(PRINT) " GEN [$(BASENAME)] $@" ifeq ($(HOST), WINDOWS) (echo "$(MSG) PROFILE\Application Data\xca\$@" && cat $^) | sed 's/$$/\r/' > $@ else ifeq ($(HOST), DARWIN) (echo "$(MSG) HOME/Library/Application Support/data/xca/$@" && cat $^) > $@ else (echo "$(MSG) /etc/xca/$@ or HOME/.xca/$@" && cat $^) > $@ endif install: install -m 755 -d $(DESTDIR)$(xca_prefix) \ $(DESTDIR)$(datarootdir)/applications \ $(DESTDIR)$(datarootdir)/mime/packages \ $(DESTDIR)$(datarootdir)/bash-completion/completions install -m 644 $(CONFIG_OBJ) $(SRCPATH)*.xca \ $(DESTDIR)$(xca_prefix) install -m 644 $(SRCPATH)xca.desktop $(DESTDIR)$(datarootdir)/applications install -m 644 $(SRCPATH)xca.xml $(DESTDIR)$(datarootdir)/mime/packages install -m 644 $(SRCPATH)xca.completion $(DESTDIR)$(datarootdir)/bash-completion/completions/xca if test -z "$(DESTDIR)"; then \ update-mime-database $(datarootdir)/mime || :; \ update-desktop-database || :; \ fi app: Info.plist PkgInfo | $(CONFIG_OBJ) mkdir -p $(APPDIR)/Resources install -m 644 $^ $(APPDIR) install -m 644 $(CONFIG_OBJ) $(SRCPATH)*.xca $(APPDIR)/Resources xca-RELEASE.2.5.0/misc/PkgInfo000066400000000000000000000000111450407711300155550ustar00rootroot00000000000000APPLcxca xca-RELEASE.2.5.0/misc/TLS_client.xca000066400000000000000000000014501450407711300170020ustar00rootroot00000000000000 0 validN365validMidn0 validM0 subKey1subAltNamensSslServerNamensRevocationUrlnsRenewalUrlnsCommentxca certificatensCertType5nsCaPolicyUrl"nsCARevocationUrlnsBaseUrl(noWellDefinedExpDate0kuCritical0 keyUse29issAltNameekuCritical0eKeyUseclientAuthcrlDistca2bcCritical1basicPathauthKey0authInfAccadv_extxca-RELEASE.2.5.0/misc/TLS_server.xca000066400000000000000000000014741450407711300170400ustar00rootroot000000000000004 0 validN365validMidn0 validM0 subKey1subAltNameDNS:copycnnsSslServerNamensRevocationUrlnsRenewalUrlnsCommentxca certificatensCertType2nsCaPolicyUrl"nsCARevocationUrlnsBaseUrl(noWellDefinedExpDate0kuCritical0 keyUse23issAltNameekuCritical0eKeyUseserverAuthcrlDistca2bcCritical1basicPathauthKey0authInfAccadv_extxca-RELEASE.2.5.0/misc/copyright.rtf000066400000000000000000000044141450407711300170350ustar00rootroot00000000000000{\rtf1\ansi\ansicpg1252\deff0\nouicompat{\fonttbl{\f0\fnil\fcharset0 Arial;}} {\colortbl ;\red0\green0\blue255;} {\*\generator Riched20 10.0.17134}\viewkind4\uc1 \pard\qc\ul\fs32\lang1031 XCA - X Certificate and Key management\par \pard\par \ulnone\fs16 Copyright (C) 2001 - 2023 Christian Hohnstaedt.\par \par All rights reserved.\par \par \par Redistribution and use in source and binary forms, with or without\par modification, are permitted provided that the following conditions are met:\par \par - Redistributions of source code must retain the above copyright notice,\par this list of conditions and the following disclaimer.\par \pard\ri-74 - Redistributions in binary form must reproduce the above copyright notice,\par \pard this list of conditions and the following disclaimer in the documentation\par and/or other materials provided with the distribution.\par - Neither the name of the author nor the names of its contributors may be\par used to endorse or promote products derived from this software without\par specific prior written permission.\par \par \par \pard\qj THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\par \pard\par \par This program links to software with different licenses from:\par \par - {{\field{\*\fldinst{HYPERLINK https://www.openssl.org }}{\fldrslt{https://www.openssl.org\ul0\cf0}}}}\f0\fs16 which includes cryptographic software\par written by Eric Young (eay@cryptsoft.com)"\par \par - {{\field{\*\fldinst{HYPERLINK https://www.qt.io }}{\fldrslt{https://www.qt.io\ul0\cf0}}}}\f0\fs16\par \par } xca-RELEASE.2.5.0/misc/dmg.DS_Store000066400000000000000000000240041450407711300164600ustar00rootroot00000000000000Bud1   trNon  @ @ @ @.GRP0ustrNone.bRsVbool.bwspblobbplist00 ]ShowStatusBar[ShowToolbar[ShowTabView_ContainerShowSidebar\WindowBounds[ShowSidebar_{{853, 501}, {646, 254}}#/;R_klmno .icvpblobbplist00 _backgroundColorBlue_showIconPreviewXtextSize_backgroundColorRed^backgroundType_backgroundColorGreen[gridOffsetX[gridOffsetY\showItemInfo_viewOptionsVersionYarrangeBy]labelOnBottomXiconSize[gridSpacing#?0#@0#?##?y`#Tgrid #@`#@Y%;MVkz ()./8A.vSrnlong.vstltypenone .backgroundbwspblobbplist00 ]ShowStatusBar[ShowToolbar[ShowTabView_ContainerShowSidebar\WindowBounds[ShowSidebar  _{{61, 566}, {732, 436}} #/;R_klmno .backgroundlsvCblobbplist00 UVWX_useRelativeDates_showIconPreviewWcolumns_calculateAllSizesXtextSizeZsortColumnXiconSize_viewOptionsVersion "&+05:>CGLP  ZidentifierUwidthYascendingWvisibleTname,  WvisibleUwidthYascending#Xubiquity  \dateModified #[dateCreated '( Tsizea ,- Tkinds 12 Ulabeld  67 WversionK  ; Xcomments  ?@^dateLastOpened FYdateAdded HIZshareOwner MI_shareLastEditor QI_invitationStatus#@(Tname#@0,>FZcnw $012;@BCDMRTUV_eghirz|}~ %.Y0 .backgroundlsvpblobYbplist00 EFG5_useRelativeDates_showIconPreviewWcolumns_calculateAllSizesXtextSizeZsortColumnXiconSize_viewOptionsVersion #(-26;?XcommentsUlabelWversion[dateCreatedTsize\dateModifiedTkindTname^dateLastOpened WvisibleUwidthYascendingUindex,  "d % 'K *, /1 a *5  8 : s   > AC#@(Tname#@0,>FZcnw&')*,5689;DEGHJSTVWYbcdfoprsu~H .backgroundvSrnlong.docIlocblob \.docvSrnlong ApplicationsIlocblobrR manual.htmlIlocblobRxca.appIlocblobUO E DSDB `(0@ @ @ '( Tsizea ,- Tkinds 12 Ulabeld  67 WversionK  ; Xcomments  ?@^dateLastOpened FYdateAdded HIZshareOwner MI_shareLastEditor QI_invitationStatus#@(Tname#@0,>FZcnw $012;@BCDMRTUV_eghirz|}~ %.Y0 .backgroundlsvpblobYbplist00 EFG5_useRelativeDates_showIconPreviewWcolumns_calculateAllSizesXtextSizeZsortColumnXiconSize_viewOptionsVersion #(-26;?XcommentsUlabelWversion[dateCreatedTsize\dateModifiedTkindTname^dateLastOpened WvisibleUwidthYascendxca-RELEASE.2.5.0/misc/dn.text000066400000000000000000000003261450407711300156150ustar00rootroot00000000000000C ST L O OU CN emailAddress serialNumber givenName surname title initials description role pseudonym name dnQualifier generationQualifier x500UniqueIdentifier businessCategory streetAddress localityName postalCode xca-RELEASE.2.5.0/misc/dynamic.wxs.in000066400000000000000000000054061450407711300171060ustar00rootroot00000000000000 xca-RELEASE.2.5.0/misc/eku.text000066400000000000000000000005321450407711300157770ustar00rootroot00000000000000serverAuth clientAuth codeSigning emailProtection timeStamping msCodeInd msCodeCom msCTLSign msSGC msEFS nsSGC msEFSFR ipsecEndSystem ipsecTunnel ipsecUser iKEIntermediate msSmartcardLogin OCSPSigning id-kp-eapOverPPP id-kp-eapOverLAN pkInitKDC pkInitClientAuth secureShellClient adobePDFSigning msofficeSigning driveEncryption dataRecoveryAgent xca-RELEASE.2.5.0/misc/entitlement.plist000066400000000000000000000006431450407711300177150ustar00rootroot00000000000000 com.apple.security.network.client com.apple.security.files.user-selected.read-write com.apple.security.cs.disable-library-validation com.apple.security.smartcard xca-RELEASE.2.5.0/misc/oids.text000066400000000000000000000017021450407711300161510ustar00rootroot00000000000000 # OID short name long name 1.3.6.1.4.1.311.20.2: dom: Domain Controller 1.3.6.1.4.1.311.21.1: MsCaV: Microsoft CA Version 1.3.6.1.4.1.311.10.3.4.1:msEFSFR: Microsoft EFS File Recovery 1.3.6.1.5.5.8.2.2: iKEIntermediate: IP security end entity 0.2.262.1.10.7.20: nameDistinguisher: Name distinguisher # RFC 4334 1.3.6.1.5.5.7.3.13: id-kp-eapOverPPP: EAP over PPP 1.3.6.1.5.5.7.3.14: id-kp-eapOverLAN: EAP over Lan 1.3.6.1.5.2.3.5: pkInitKDC: Signing KDC Response 1.3.6.1.5.5.7.3.21: secureShellClient: SSH Client 1.3.6.1.5.2.3.4: pkInitClientAuth: PKINIT Client Auth # document signing 1.2.840.113583.1.1.5: adobePDFSigning: Adobe PDF Signing 1.3.6.1.4.1.311.10.3.12: msofficeSigning: Microsoft Office Signing # Microsoft BitLocker 1.3.6.1.4.1.311.67.1.1: driveEncryption: Microsoft BitLocker Drive Encryption 1.3.6.1.4.1.311.67.1.2: dataRecoveryAgent: Microsoft BitLocker Data Recovery Agent xca-RELEASE.2.5.0/misc/preamble.txt000066400000000000000000000003511450407711300166340ustar00rootroot00000000000000# The path of the user settings directory depends on the # operating system and version. # The path where XCA looks for this file is shown in the # "About" dialog of XCA as "User settings path" # # Do not edit this file, rather use: xca-RELEASE.2.5.0/misc/xca.completion000066400000000000000000000002321450407711300171500ustar00rootroot00000000000000 _XCA_WORDS="$(XCA_ARGUMENTS=completion xca)" _xca() { COMPREPLY=($(compgen -f -W "$_XCA_WORDS" -- "${COMP_WORDS[COMP_CWORD]}")) } complete -F _xca xca xca-RELEASE.2.5.0/misc/xca.desktop000066400000000000000000000016711450407711300164600ustar00rootroot00000000000000[Desktop Entry] Encoding=UTF-8 Name=XCA Type=Application Comment=A graphical user interface for handling and issuing X.509 compliant Certificates Comment[de]=Eine graphische Oberfläche zur Erstellung von X.509 konformen Zertifikaten Comment[fi]=Graafinen X.509-varmenteiden hallintatyökalu Comment[fr]=Création et gestion de certificats conformes à la norme X.509 Comment[hr]=Grafičko korisničko sučelje za upravljanje životnim ciklusom X.509 sukladnih potvrda Comment[nl]=Een grafische gebruikers interface voor behandeling en uitgifte van X.509 conforme certificaten Comment[sk]=GUI na spracovanie a vydávanie Certifikátov X.509 Comment[pt_BR]=Interface gráfica para gerenciar e emitir Certificados X.509 Exec=xca %F Icon=xca Terminal=false Categories=Application;Utility;Qt; MimeType=application/x-xca-database;application/x-xca-template;application/x-x509-ca-cert;application/pkcs10;application/x-pkcs7-certificates;application/x-pkcs12; xca-RELEASE.2.5.0/misc/xca.rc000077500000000000000000000001011450407711300154010ustar00rootroot00000000000000IDI_APPICON ICON DISCARDABLE "img\key.ico" xca-RELEASE.2.5.0/misc/xca.wxs000066400000000000000000000255731450407711300156370ustar00rootroot00000000000000 WIXUI_EXITDIALOGOPTIONALCHECKBOX = 1 and NOT Installed xca-RELEASE.2.5.0/misc/xca.xml000066400000000000000000000006601450407711300156040ustar00rootroot00000000000000 XCA database XCA template xca-RELEASE.2.5.0/release/000077500000000000000000000000001450407711300147725ustar00rootroot00000000000000xca-RELEASE.2.5.0/release/binary-hashes.json000066400000000000000000000130471450407711300204270ustar00rootroot00000000000000{ "setup_xca-1.3.0.exe": "c8695943ec3a3066c867c2370bc99f79fd7ebba6b2f1ad37bf467d07649892a4", "xca-1.3.0.dmg": "4a3ce20b302c400d431613c17e27dcf9468b61c2eac936b87bc0ce3e34519cd4", "xca-1.3.0.tar.gz": "ef5b6e4ed93abb02eb53925edd222bfeb5c26a3b0698af90a416d8e92869414c", "setup_xca-1.3.1.exe": "84052c8f9832b176052d5d0f3ac74de7c3764385467d823d9577bff02858bd28", "xca-1.3.1.dmg": "d1abde80b27ade30a465ba063921cbd744aa83e0730c1a8e1d558e783b9cad6f", "xca-1.3.1.tar.gz": "c2dd8d79b37440126d9fe7281e8c6802b95537c50ad464f6f7799ffa81aa3d83", "setup_xca-1.3.2.exe":"99f68030520c64f52026f09a18a6fca8f6c7dfd570d174eba0aedb301f276080", "xca-1.3.2.dmg": "8117821eef637c3fb78ce6e583fe0a3e667c714525e992b37d4d977a279a967e", "xca-1.3.2.tar.gz": "04f11f2148c8369c1a1b4e109956ed8cc807ec266d0d936410624ba8ee4b5ce4", "setup_xca-1.4.0.exe":"676eaf24348a76bc311db959694c88be86386395686ba05fc1e63f985292aaf6", "xca-1.4.0.dmg": "21d3f6e8199918173a188987de093dc9f16a867ccefb8c348950bb7d843cb1d8", "xca-1.4.0.tar.gz": "ffd4bf247ef49b9977c3166bf9e3269fb96d869ef59877810f794849a791cfbf", "setup_xca-1.4.1-pre02.exe":"54152b8852108e2578b68c2fdeadb469855cf9d596076fd42ce33397120111fd", "xca-1.4.1-pre02.dmg":"a0ad3691ef722c53153ef0e2cb4907582c77548c1084c5771f964358d52b5f0f", "xca-1.4.1-pre02.tar.gz":"619fcd13267c3f4c194003d65c37a534cb1ee1068b5d877e7d17027447f19e4a", "setup_xca-1.4.1.exe":"f2caa3a7aa8c474d546531fbf03ca394069214ca63e8d980c7ea61085a73967f", "xca-1.4.1.dmg":"6d76ac92774d6bc336b1ac21a5bfeb6c83d2426421a39a9fd7b22ef16cd894cb", "xca-1.4.1.tar.gz":"7898ff900d7e1b9b176edc2ce0d16b7bbe593e29b06518ce9d5c7b52c58cd186", "setup_xca-2.0.0-pre01.exe":"c38a844297527e6154f6dc081622cb51251ee9d4f645cab35ed8817a5968d183", "xca-2.0.0-pre01.dmg":"7b84141e86275da53c710067320afa17665824b229766f65e9be52e3bf65f231", "xca-2.0.0-pre01.tar.gz":"6db93a73300cd1c717117223f992847755ab8cf98539baee9aa8c25ca1ea276f", "setup_xca-2.0.0-pre02.exe":"9bb3de4f4b1f4e6c1ba3cc424e25dbf0ea00745a8feb9718ae8bdeae21b10d5c", "xca-2.0.0-pre02.dmg":"c37ab9718a8d76dd5f3bf2d16db0d00059614476548949df2155374da30b1bb0", "xca-2.0.0-pre02.tar.gz":"38849ab27e69e4ed954361e2d3bf856ad3f23289957901b6105943d14743f144", "setup_xca-2.0.0-pre03.exe":"4ef1274b2112f16395bf26f36f15c06122dbcd483386fb228d7d07f7abc8acfe", "xca-2.0.0-pre03.dmg":"5bd77be6a5a25552c8cfda36441d87c2c5538fb107aa9359e919addb1708bfde", "xca-2.0.0-pre03.tar.gz":"42ba9eb3e884cd29188ea75face6e8c653f31459047afd478a1a088a628043d8", "setup_xca-2.0.0-pre04.exe":"5464c91e965d6c250b3e877ca443323ec7380760b4590affa23b90b93d834e83", "xca-2.0.0-pre04.dmg":"2d805e99ac47e6ede577c8e3794c867d5eb636a5afaa140287b7f3ea139fc40d", "xca-2.0.0-pre04.tar.gz":"211c85e9e25145c95fa03d5c80e0f5e15a312ad010c1595cc3a0770cd1a22975", "setup_xca-2.0.0.exe":"300bba922d4720df20ef412a0956cef2348f6f01eda161a9d65667fc0ad427f1", "xca-2.0.0.dmg":"2fa713dc2d4edc55fdde7714d32f953939b6a43597a20601c08614e5270f3d8d", "xca-2.0.0.tar.gz":"881438542d43ede935dace87b50e2a15eccf6ab63f2fe6f2908ced940e9d9a19", "setup_xca-2.0.1.exe":"aefd79221d8148f06a2d38a968fc1b22a025b0aea649db3c7bc7dc245516315b", "xca-2.0.1-High-Sierra.dmg":"6432f049855aadabf4c358f03f448ebc5722528c98cb50e0fa087908fcfe2763", "xca-2.0.1.tar.gz":"4aefcb113bc464af9bf72cea7b760b3e996bc745746e18f9934030595866de89", "setup_xca-2.1.0.exe":"b519aec836d9d4888a2606dc1f3b40077ed17f67caf73ce8b8b3b38f7ccb71db", "xca-2.1.0.dmg":"ad90848e29f199d5b9957e6f8c92bb0de38b8cc869c61ecb707b4199c68bee89", "xca-2.1.0.tar.gz":"9d6adf3f6ae8a471a6f5fa3b76b98bf1c09baddb60847ceeae597aab400e36c9", "setup_xca-2.1.1.exe":"42635b17c3a92b3aa4bc59307a80225cbfa7c553957c1dd59c1fd3aeee022df0", "xca-2.1.1.dmg":"d376bba09657477a20b89b324154c7a76bd3360df37488153727f5d0861a857f", "xca-2.1.1.tar.gz":"6c410e4f7e340681284059d2b7f46828e08dce6ff64e4a48baa02239c2f9d2de", "setup_xca-2.1.2.exe":"8dbdabde2df929019a8f3ce7bd7e1b5de180076edb4ccd5c76625d90fb97e3c0", "xca-2.1.2.dmg":"1cb7d23045ef64b2c30ce927a40d4bcae20b776aa0c94e067029b3b6be63bc49", "xca-2.1.2.tar.gz":"fc845470a02b0b4534b46590be307f784662071fc412fdcad605c3bce901fe05", "xca-portable-2.1.2.zip":"37d2e315dc36c7060a50dd7203339dfa8c8b43cea34f340d456a900a6e5232a6", "xca-2.2.0.dmg":"0f4539d4ce90dc7881afd58c09cc8d7480b341a66017d862ae19c1cbab21dc0a", "xca-2.2.0.msi":"44cdd4df0369d36e0063a86a3cb5713575a41627c92cd7412b39071e3b5794de", "xca-2.2.0.tar.gz":"b07ffbe5ca8e3fbb7c5ad2ef5a0f7c022b3c4a55f1dd41fab5b076992db07b61", "xca-portable-2.2.0.zip":"2bd5c3cc1b428014a038df09d0f6d11399316b3d8de09fe935b317f000b257fb", "xca-2.2.1.dmg":"329b71d8ab203317198cc502a61174db7c56f24caa8688947282bacf24cd3e9b", "xca-2.2.1.msi":"45c797871a611abd4a8f2bf353c56aabb4242f776b11aec7d2651a5bcb36a447", "xca-2.2.1.tar.gz":"82941071e35bc534a13056315341435b4e31226077c318c491c0f88da43bdf78", "xca-portable-2.2.1.zip":"4c033d11a0c21b2dd46df67a2a0e86bbadd757f17983c2982e32a468f33981aa", "xca-2.3.0.dmg":"798dcad616837b33ad7a92f6f62a7afba3d9eb049ad26ecccfc8747c8ac9d551", "xca-2.3.0.msi":"a3d2295af4720455f20c366bd5c2c5a50625abab97b0209618e8a1e3c3c71168", "xca-2.3.0.tar.gz":"3d168a225efaf9b2213e9ad2ba0abbccfcad139181dd2be668c2bbe21955a248", "xca-portable-2.3.0.zip":"4a70dc13a20d5f749f5519f0b0aa5d83698b2b6cd39d365940288e48f36fb260", "xca-2.4.0.dmg":"1fb5fa69759f9bfd15e0a8ddabc6b9e2cf52e9c41ad2346b2f4c293d950c6bc4", "xca-2.4.0.msi":"3479fe69feed931ce4e8a9945c6cc30b0f1a947980a2288fdbdd7faf1d78ec59", "xca-2.4.0.tar.gz":"66da8954fe9709ace965c6fcb1cfbb7b08ce75b7222988acb9e2b8b5fac7cf10", "xca-portable-2.4.0.zip":"35fa8e4c973a899bc360da3b313ba1172a36eabb1d82deed0cfafda244de65a3", "last":"" } xca-RELEASE.2.5.0/release/build-mac.sh000077500000000000000000000057261450407711300172000ustar00rootroot00000000000000#!/bin/sh -e set -x do_openssl() { test -x $INSTALL_DIR/lib/libcrypto.dylib && return test -f "$OSSL".tar.gz || curl -O https://www.openssl.org/source/"$OSSL".tar.gz test -d "$OSSL" || tar zxf "$OSSL".tar.gz mkdir -p ${INSTALL_DIR}/lib for arch in x86_64 arm64; do mkdir -p "${OSSL}-${arch}" (cd ${OSSL}-${arch} ../$OSSL/Configure darwin64-${arch}-cc shared \ --prefix="${INSTALL_DIR}" \ -mmacosx-version-min="$SDK" make -j $JOBS build_libs && make install_sw ) PARTS_crypto="$PARTS_crypto ${OSSL}-${arch}/libcrypto.${OSSL_MAJOR}.dylib" PARTS_ssl="$PARTS_ssl ${OSSL}-${arch}/libssl.${OSSL_MAJOR}.dylib" done rm -f "$INSTALL"/lib/libcrypto.3.dylib "$INSTALL"/lib/libssl.${OSSL_MAJOR}.dylib lipo -create -output "$INSTALL_DIR"/lib/libcrypto.${OSSL_MAJOR}.dylib $PARTS_crypto lipo -create -output "$INSTALL_DIR"/lib/libssl.${OSSL_MAJOR}.dylib $PARTS_ssl } # need to install ninja via "brew install ninja" do_mysql() { PLUGIN="$QT_DIR/plugins/sqldrivers/libqsqlmysql.dylib" #test -f "$PLUGIN" && return B="$TOP_DIR/mariadb-build" mkdir -p ${B} cmake -B ${B} -DCMAKE_C_FLAGS=-Wno-deprecated-non-prototype \ -DCMAKE_OSX_ARCHITECTURES="arm64;x86_64" \ -DCMAKE_PREFIX_PATH="$INSTALL_DIR" \ -DINSTALL_LIBDIR=lib \ $TOP_DIR/mariadb-connector-c-3.3.7-src cmake --build ${B} -j$JOBS cmake --install ${B} --prefix="$INSTALL_DIR" ############################# SQL_BUILD="$TOP_DIR/build-sqlplugins" mkdir -p "$SQL_BUILD" cmake -B $SQL_BUILD \ -DCMAKE_INSTALL_PREFIX="$QT_DIR" \ -DCMAKE_OSX_ARCHITECTURES="arm64;x86_64" \ -DMySQL_INCLUDE_DIR="$INSTALL_DIR/include/mariadb" \ -DMySQL_LIBRARY="$INSTALL_DIR/lib/libmariadb.dylib" \ -DFEATURE_sql_odbc=OFF -DFEATURE_sql_sqlite=OFF \ "$QT_DIR/../Src/qtbase/src/plugins/sqldrivers" cmake --build $SQL_BUILD -j$JOBS cmake --install $SQL_BUILD install_name_tool -change libmariadb.3.dylib "$INSTALL_DIR"/lib/libmariadb.3.dylib \ $QT_DIR/plugins/sqldrivers/libqsqlmysql.dylib file $QT_DIR/plugins/sqldrivers/libqsqlmysql.dylib file $SQL_BUILD/plugins/sqldrivers/libqsqlmysql.dylib } OSSL_MAJOR="3" OSSL="openssl-3.0.10" XCA_DIR="$(cd `dirname $0`/.. && pwd)" TOP_DIR="`dirname $XCA_DIR`" QT_DIR="$TOP_DIR/6.6.0/macos" BUILDDIR="$TOP_DIR/osx-release" INSTALL_DIR="$TOP_DIR/install" SDK="11" JOBS=7 cd $TOP_DIR do_openssl # Only builds x86_64 binaries, hell knows why... # do_mysql cmake -B "$BUILDDIR" "$XCA_DIR" \ -DCMAKE_OSX_ARCHITECTURES="arm64;x86_64" \ -DCMAKE_PREFIX_PATH="$QT_DIR/lib/cmake;$INSTALL_DIR" \ -DCMAKE_OSX_DEPLOYMENT_TARGET=$SDK cmake --build "$BUILDDIR" -j$JOBS if test -d /Applications/Postgres.app; then echo "###### Hey Christian, rename /Applications/Postgres.app when linking, to skip those drivers !!" # If the Postgres.app exists, macdeployqt will take that libpg.dylib and # install it inside XCA. This destroys other links to libssl-1.1 ... # Let the users install /Applications/Postgres.app fi cd "$BUILDDIR" && cpack xca-RELEASE.2.5.0/release/build-w64.bat000066400000000000000000000002411450407711300171740ustar00rootroot00000000000000REM Build xca on Windows set BUILD=build cmake -B %BUILD% -G "MinGW Makefiles" xca cmake --build %BUILD% -j5 cmake --build %BUILD% -t install cd %BUILD% cpack xca-RELEASE.2.5.0/release/gen-binary-hash000077500000000000000000000004521450407711300176750ustar00rootroot00000000000000#!/bin/sh set -ex hashes="$(dirname $0)/binary-hashes.json" export dir="$1" ( head -n -2 test -z "$dir" || cd $dir sha256sum *xca* | while read md file; do echo ' "'$file'":"'$md'",' done cat <<-EOF "last":"" } EOF ) < "$hashes" > "$hashes".tmp && mv "$hashes".tmp "$hashes" xca-RELEASE.2.5.0/release/git.publish000077500000000000000000000010221450407711300171430ustar00rootroot00000000000000#!/bin/sh set -e test -s VERSION && test -s changelog && test -s README.md test -d .git read TVERSION < VERSION export TVERSION releasedir="$HOME/xca-$TVERSION" ./release/gen-binary-hash "$releasedir" git commit -a -m "Release XCA $TVERSION done" ./release/github.release.py "$TVERSION" "${releasedir}/"*xca*"$TVERSION"* cat << EOF After verifying the commits, tags and github release, finally do: git push origin --tags master scp -r ${releasedir}/doc/html hohnstaedt.de:xca-doc/ Un-draft the release on github EOF xca-RELEASE.2.5.0/release/git.release000077500000000000000000000026541450407711300171310ustar00rootroot00000000000000#!/bin/sh set -e type git || exit 1 test -s VERSION.txt && test -s changelog && test -d ../qt export TVERSION="$1" commit=HEAD test -z "$2" || commit="$2" if test -z "$TVERSION"; then echo "usage: $0 [commit]" echo " if commit is ommitted, 'HEAD' is used" exit 1 fi TAG="RELEASE.$TVERSION" if git tag | grep "$TAG"; then echo Tag $TVERSION already exists exit 1 fi if ! git diff-index --quiet HEAD --; then echo "You have local changes, please commit, reset or stash them" exit 1 fi lasttag=$(git describe --abbrev=0 HEAD) unset unchanged for i in changelog README.md; do if git diff --quiet "$lasttag" -- $i; then echo "File $i untouched since $lasttag" unchanged="x" fi done if test -n "$unchanged"; then echo "Are you sure to not change the file(s) above?" read a fi x=$(git grep "^xca $TVERSION " changelog || git grep "^$TVERSION\$" VERSION.txt || :) if test -n "$x"; then echo "$x" echo Release $TVERSION already exists exit 1 fi echo "$TVERSION" > VERSION.txt ( LANG=C date +"xca $TVERSION %a %b %d %Y" echo cat changelog ) > changelog.new mv changelog.new changelog git commit VERSION.txt changelog -m "Prepare XCA $TVERSION" git tag -a "$TAG" -m "Release version $TVERSION" # Create the tar.gz git archive --format=tar.gz --prefix=xca-$TVERSION/ --output xca-$TVERSION.tar.gz "$TAG" releasedir="$HOME/xca-$TVERSION" mkdir -p "$releasedir" cp xca-$TVERSION.tar.gz "$releasedir" xca-RELEASE.2.5.0/release/git.release.something000077500000000000000000000013141450407711300211150ustar00rootroot00000000000000#!/bin/sh set -e type git || exit 1 export TVERSION="$1" commit=master test -z "$2" || commit="$2" if test -z "$TVERSION"; then echo "usage: $0 [commit]" echo " if commit is ommitted, 'master' is used" exit 1 fi if ! git diff-index --quiet HEAD --; then echo "You have local changes, please commit, reset or stash them" exit 1 fi branchname="build-$TVERSION" git checkout -b "$branchname" "$commit" echo "$TVERSION" > VERSION.txt git commit VERSION.txt -m "$TVERSION" git tag RELEASE.$TVERSION # Create the tar.gz make dist # Return to master git checkout master # Cleanup # Delete temporary branch git branch -D "$branchname" # Delete the temporary tag git tag -d RELEASE.$TVERSION xca-RELEASE.2.5.0/release/github.release.py000077500000000000000000000020521450407711300202470ustar00rootroot00000000000000#!/usr/bin/python3 import sys import requests import json import os import re readme = open("README.md", "r").read() #.replace('\n', '\\n').replace('"','\\"') user = "chris2511" if len(sys.argv) < 2: print("Usage: " + sys.argv[0] + " full-path-binaries ... ") exit(1) version = sys.argv[1] url = 'https://api.github.com/repos/' + user + '/xca/releases' data = { "tag_name" : "RELEASE." + version, "target_commitish": "master", "name": "XCA " + version, "body": readme, "draft": True, "prerelease": True } passwd = input("Github token for " + user + ": ") r = [] response = requests.post(url, json=data, auth=(user, passwd)) r.append(response.json()) upload_url = response.json().get('upload_url') print(upload_url) headers = {'Content-Type': 'text/plain'} for file in sys.argv[2:]: name = re.sub(".*/", "", file) url = upload_url.replace("{?name,label}", "?name=" + name) print("Upload", file) response = requests.post(url, headers=headers, data=open(file, 'rb'), auth=(user, passwd)) r.append(response.json()) print(r) xca-RELEASE.2.5.0/release/osslsign.sh000077500000000000000000000011331450407711300171700ustar00rootroot00000000000000#!/bin/sh if test -z "$1"; then echo "usage: $0 "; exit 1; fi set -x V="${1##xca-}" V="${V%%-*}" export PKCS11SPY=/opt/SimpleSign/libcrypto3PKCS.so /usr/bin/osslsigncode sign -askpass -certs ~/osdch.crt -askpass \ -key "pkcs11:object=Open%20Source%20Developer%2C%20Christian%20Hohnstaedt" \ -pkcs11engine /usr/lib/x86_64-linux-gnu/engines-1.1/libpkcs11.so \ -pkcs11module /usr/lib/x86_64-linux-gnu/pkcs11-spy.so \ -n "XCA ${V}" -i https://hohnstaedt.de/xca \ -t http://timestamp.comodoca.com -h sha2 \ -in "${1}" -out "${1}.signed" 2>/dev/null && exec mv "${1}.signed" "${1}" xca-RELEASE.2.5.0/release/release.txt000066400000000000000000000016001450407711300171500ustar00rootroot00000000000000Release schedule cheat sheet - Test, test, test - Test again - Check - ign_openssl_error() - for TRACE - update translation (cmake -B . && cmake --build . -t trans) - update changelog.txt and README.md - ./release/git.release VERSION - Create xca.dmg - Create (and sign) MSI Installer - update xca.hohnstaedt.de: scp changelog git.hohnstaedt.de:/var/cache/git/projects/changelog.txt - ./release/git.publish Apple Notarization ------------------------ https://developer.apple.com/documentation/xcode/notarizing_macos_software_before_distribution/customizing_the_notarization_workflow DMG=xca-2.4.0-High-Sierra.dmg xcrun notarytool submit "$DMG" --keychain-profile "AC_PASSWORD" --key-id HWR8GSJ73M --wait --webhook "https://example.com/notarization" xcrun stapler staple "$DMG" Microsoft Store ----------------- https://partner.microsoft.com ("Partner Center") MSIX Packaging Tool xca-RELEASE.2.5.0/test/000077500000000000000000000000001450407711300143315ustar00rootroot00000000000000xca-RELEASE.2.5.0/test/create_key.pl000077500000000000000000000017651450407711300170150ustar00rootroot00000000000000#!/usr/bin/perl use X11::GUITest qw/StartApp WaitWindowViewable SendKeys SetInputFocus WaitWindowClose GetInputFocus GetWindowName GetChildWindows/; my $xcaId; my $password = "ThisIsMyPassword"; my $db = "__x.xdb"; sub new_key { my $id; my ($name, $size, $type) = @_; print "name=$name, size=$size, Type=$type\n"; SendKeys("%(n)"); $id = WaitWindowViewable(); SendKeys($name ."{TAB}" .$size ."{TAB}". $type ."{ENT}"); WaitWindowClose($id, 100); } StartApp("./xca"); ($xcaId) = WaitWindowViewable("X Certificate and Key management"); printf "XCA id: $xcaId\n"; SendKeys("%(fo)"); WaitWindowViewable("Open XCA Database"); SendKeys($db . "{ENT}"); WaitWindowViewable("Password"); SendKeys($password ."{ENT}"); for ($i=0; $i<500; $i++) { my $len=int(rand(3200)) + 1024; new_key("rsa_key-$len", $len, "r"); $len=int(rand(1500)) + 1024; new_key("dsa_key-$len", $len, "d"); new_key("ec_key-$len", $len, "e"); } SendKeys("%({F4})"); WaitWindowClose($xcaId, 10); exec("lib/db_dump", $db); xca-RELEASE.2.5.0/test/im_export_key.pl000077500000000000000000000021361450407711300175510ustar00rootroot00000000000000#!/usr/bin/perl use strict; use warnings; use X11::GUITest qw/StartApp WaitWindowViewable SendKeys SetInputFocus WaitWindowClose GetInputFocus GetWindowName GetChildWindows ClickWindow/; my $xcaId; my $password = "ThisIsMyPassword"; my $db = "__x.xdb"; unlink $db; sub new_key { my $id; my ($name, $size, $type) = @_; print "name=$name, size=$size, Type=$type\n"; SendKeys("%(i)"); $id = WaitWindowViewable("New key"); SendKeys($name ."{TAB}" .$size ."{TAB}". $type ."{ENT}"); WaitWindowClose($id, 10); } StartApp("./xca $db"); ($xcaId) = WaitWindowViewable("X Certificate and Key management"); printf "XCA id: $xcaId\n"; WaitWindowViewable("Password"); SendKeys($password . "{TAB}" . $password . "{ENT}"); SendKeys("%(i)"); my $id = WaitWindowViewable("Import RSA key"); SendKeys("{BS 20}" . "test/key.pem" . "{ENT}"); WaitWindowClose($id, 10); system("xev -id $xcaId &"); ClickWindow($xcaId); SendKeys("{SPACE}"); #ClickWindow($xcaId, 100, 110); #ClickWindow($xcaId, 200, 110); #ClickWindow($xcaId, 300, 110); #SendKeys("%({F4})"); #WaitWindowClose($xcaId, 10); #exec("lib/db_dump", $db); xca-RELEASE.2.5.0/test/opendb.pl000077500000000000000000000012711450407711300161410ustar00rootroot00000000000000#!/usr/bin/perl use X11::GUITest qw/StartApp WaitWindowViewable SendKeys GetInputFocus GetWindowName WaitWindowClose/; my $password = "ThisIsMyPassword"; my $db = "__x.xdb"; unlink $db; StartApp("./xca"); my ($xcaId) = WaitWindowViewable("X Certificate and Key management"); SendKeys("%(fn)"); WaitWindowViewable("Open XCA Database"); SendKeys($db . "{ENT}"); WaitWindowViewable("New Password"); SendKeys($password . "{TAB}" . $password . "{ENT}"); SendKeys("%(fc)"); SendKeys("%(fo)"); WaitWindowViewable("Open XCA Database"); SendKeys($db . "{ENT}"); WaitWindowViewable("Password"); SendKeys($password ."{ENT}"); SendKeys("%({F4})"); WaitWindowClose($xcaId, 10); exec("lib/db_dump", $db); xca-RELEASE.2.5.0/ui/000077500000000000000000000000001450407711300137675ustar00rootroot00000000000000xca-RELEASE.2.5.0/ui/.gitignore000066400000000000000000000000041450407711300157510ustar00rootroot00000000000000*.h xca-RELEASE.2.5.0/ui/CaProperties.ui000066400000000000000000000022071450407711300167270ustar00rootroot00000000000000 CaProperties 0 0 405 97 Form Days until next CRL issuing Default template itemComboTemp QComboBox
widgets/ItemCombo.h
 xca-RELEASE.2.5.0/ui/CertDetail.ui000066400000000000000000000340271450407711300163540ustar00rootroot00000000000000 CertDetail 0 0 535 498 Arial 14 50 false false false false Details of the Certificate Qt::Horizontal QSizePolicy::Expanding 20 20 95 40 95 40 true 0 Status Qt::Vertical QSizePolicy::Expanding 20 20 QFrame::Sunken Internal name The internal name of the certificate in the database Signature Key 0 0 Serial 0 0 The serial number of the certificate Fingerprints 0 0 MD5 0 0 An md5 hashsum of the certificate 0 0 SHA1 0 0 A SHA-1 hashsum of the certificate 0 0 SHA256 0 0 A SHA-256 hashsum of the certificate Validity 8 The time since the certificate is valid The time until the certificate is valid Qt::Vertical QSizePolicy::Expanding 20 20 Subject 11 Issuer 11 Attributes Extensions true Show config Comment <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd"> <html><head><meta name="qrichtext" content="1" /><style type="text/css"> p, li { white-space: pre-wrap; } </style></head><body style=" font-family:'Ubuntu'; font-size:11pt; font-weight:400; font-style:normal;"> <p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; font-family:'Sans Serif'; font-size:9pt;"><br /></p></body></html> false QDialogButtonBox::Cancel|QDialogButtonBox::Ok ClickLabel QLabel
widgets/clicklabel.h
 DistName QWidget
widgets/distname.h
1 CopyLabel QLabel
widgets/clicklabel.h
 buttonBox accepted() CertDetail accept() 378 488 235 405 buttonBox rejected() CertDetail reject() 485 475 530 428 xca-RELEASE.2.5.0/ui/CertExtend.ui000066400000000000000000000236061450407711300164020ustar00rootroot00000000000000 CertExtend 0 0 411 416 Arial 14 50 false false false false Certificate renewal Qt::Horizontal QSizePolicy::Expanding 78 20 95 40 95 40 true This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. true Qt::Vertical QSizePolicy::Expanding 368 16 Validity 8 Not before Not after true true Time range Local time Days Months Years No well-defined expiration Midnight Apply Qt::Vertical 20 2 Revoke old certificate false Replace old certificate true Keep serial number Qt::Vertical QSizePolicy::Expanding 368 16 QDialogButtonBox::Cancel|QDialogButtonBox::Ok Validity QDateTimeEdit
widgets/validity.h
1 hideTimeCheck(int) localTime(int) validNumber validRange midnightCB applyTime midnightCB stateChanged(int) notAfter hideTimeCheck(int) 453 197 231 187 noWellDefinedExpDate clicked(bool) notAfter setDisabled(bool) 738 193 331 200 midnightCB stateChanged(int) notBefore hideTimeCheck(int) 453 197 239 157 buttonBox accepted() CertExtend accept() 124 253 28 255 buttonBox rejected() CertExtend reject() 217 257 74 220 midnightCB clicked(bool) checkBox setDisabled(bool) 421 182 544 197 checkBox stateChanged(int) notBefore localTime(int) 518 189 331 164 checkBox stateChanged(int) notAfter localTime(int) 505 190 331 200 xca-RELEASE.2.5.0/ui/CrlDetail.ui000066400000000000000000000301231450407711300161700ustar00rootroot00000000000000 CrlDetail 0 0 530 381 Arial 14 50 false false false false Details of the Revocation list Qt::Horizontal QSizePolicy::Expanding 20 20 95 40 95 40 true 0 &Status 8 8 8 8 Qt::Vertical QSizePolicy::Expanding 20 20 QFrame::Box QFrame::Sunken 8 8 8 8 0 0 Version 0 0 Signature Signed by Name The internal name of the CRL in the database issuing dates 8 8 8 8 Next update Last update Qt::Vertical QSizePolicy::Expanding 20 20 &Issuer 11 11 11 11 &Extensions 11 11 11 11 false true &Revocation list 11 11 11 11 true QAbstractItemView::NoSelection 1 Comment <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd"> <html><head><meta name="qrichtext" content="1" /><style type="text/css"> p, li { white-space: pre-wrap; } </style></head><body style=" font-family:'Cantarell'; font-size:11pt; font-weight:400; font-style:normal;"> <p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; font-family:'Sans Serif'; font-size:9pt;"><br /></p></body></html> false QDialogButtonBox::Cancel|QDialogButtonBox::Ok ClickLabel QLabel
widgets/clicklabel.h
 DistName QWidget
widgets/distname.h
1 CopyLabel QLabel
widgets/clicklabel.h
 buttonBox accepted() CrlDetail accept() 364 371 169 308 buttonBox rejected() CrlDetail reject() 387 353 529 345 xca-RELEASE.2.5.0/ui/ExportDialog.ui000066400000000000000000000135101450407711300167270ustar00rootroot00000000000000 ExportDialog 0 0 589 318 Arial 14 50 false false false false Qt::Horizontal QSizePolicy::Expanding 20 20 95 40 95 40 true QLayout::SetDefaultConstraint Name The internal name of the CRL in the database 0 0 Filename 0 0 ... 0 0 QFrame::Box QFrame::Sunken Qt::AlignLeading|Qt::AlignLeft|Qt::AlignTop true Export comment into PEM file Qt::Horizontal 11 20 Export Format QDialogButtonBox::Cancel|QDialogButtonBox::Ok focusCombo QComboBox
widgets/FocusCombo.h
 fileBut buttonBox accepted() ExportDialog accept() 358 304 232 274 buttonBox rejected() ExportDialog reject() 463 300 130 280 xca-RELEASE.2.5.0/ui/Help.ui000066400000000000000000000065201450407711300152210ustar00rootroot00000000000000 Help 0 0 737 619 8 6 0 6 << true >> true Qt::Horizontal QSizePolicy::Expanding 20 20 &Done true true buttonOk clicked() Help hide() 668 26 520 19 forward clicked() textbox forward() 128 33 189 161 back clicked() textbox backward() 57 25 61 254 textbox backwardAvailable(bool) back setEnabled(bool) textbox forwardAvailable(bool) forward setEnabled(bool) xca-RELEASE.2.5.0/ui/ImportMulti.ui000066400000000000000000000117351450407711300166220ustar00rootroot00000000000000 ImportMulti 0 0 516 477 6 0 Arial 14 50 false false false false Import PKI Items Qt::Horizontal QSizePolicy::Expanding 20 20 95 40 95 40 true QFrame::Box QFrame::Sunken Import &All &Import &Done &Remove from list Details Delete from token Rename on token Qt::Vertical QSizePolicy::Expanding 204 21 0 0 QFrame::Box butCancel clicked() ImportMulti accept() 373 131 287 358 xca-RELEASE.2.5.0/ui/ItemProperties.ui000066400000000000000000000036451450407711300173110ustar00rootroot00000000000000 ItemProperties 0 0 400 295 Name Source Insertion date Comment false CopyLabel QLabel
widgets/clicklabel.h
 xca-RELEASE.2.5.0/ui/KeyDetail.ui000066400000000000000000000274141450407711300162110ustar00rootroot00000000000000 KeyDetail 0 0 572 403 Arial 14 50 false false false false Qt::Horizontal QSizePolicy::Expanding 20 20 0 0 95 40 95 40 true Name The internal name of the key used by xca 0 Key Public Exponent Qt::Horizontal QSizePolicy::MinimumExpanding 20 20 Keysize 0 0 0 0 Private Exponent 0 0 Key QFrame::NoFrame QFrame::Sunken Qt::ScrollBarAlwaysOff false Qt::TextSelectableByKeyboard|Qt::TextSelectableByMouse false Security Token Qt::Vertical 20 33 Label PKCS#11 ID Qt::Vertical 20 32 Token information Model Manufacturer Serial Label Fingerprint Comment false <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd"> <html><head><meta name="qrichtext" content="1" /><style type="text/css"> p, li { white-space: pre-wrap; } </style></head><body style=" font-family:'Ubuntu'; font-size:11pt; font-weight:400; font-style:normal;"> <p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; font-family:'Sans Serif'; font-size:9pt;"><br /></p></body></html> QDialogButtonBox::Cancel|QDialogButtonBox::Ok ClickLabel QLabel
widgets/clicklabel.h
 CopyLabel QLabel
widgets/clicklabel.h
 buttonBox accepted() KeyDetail accept() 485 405 258 379 buttonBox rejected() KeyDetail reject() 485 475 530 428 xca-RELEASE.2.5.0/ui/MainWindow.ui000066400000000000000000000624041450407711300164100ustar00rootroot00000000000000 MainWindow 0 0 702 511 true 2 Private Keys 0 0 QFrame::Box QFrame::Sunken &New Key &Export &Import Import PFX (PKCS#12) &Show Details &Delete Qt::Vertical QSizePolicy::Expanding 20 20 200 94 true Certificate signing requests 0 0 QFrame::Box QFrame::Sunken &New Request &Export &Import &Show Details &Delete Qt::Vertical QSizePolicy::Expanding 20 20 200 94 true Certificates QFrame::Box QFrame::Sunken &New Certificate &Export &Import &Show Details &Delete Import &PKCS#12 Import P&KCS#7 Plain View Qt::Vertical QSizePolicy::Expanding 20 20 200 94 true Templates QFrame::Box QFrame::Sunken &New Template Ch&ange Template &Delete &Import &Export Qt::Vertical QSizePolicy::Expanding 20 20 200 94 true Revocation lists QFrame::Box QFrame::Sunken &New CRL &Export &Import &Show Details &Delete Qt::Vertical QSizePolicy::Expanding 20 20 200 94 true KeyTreeView QTreeView
widgets/KeyTreeView.h
 TempTreeView QTreeView
widgets/TempTreeView.h
 ReqTreeView QTreeView
widgets/ReqTreeView.h
 CertTreeView QTreeView
widgets/CertTreeView.h
loadPKCS12() loadPKCS7() changeView() CrlTreeView QTreeView
widgets/CrlTreeView.h
 BNimportKey clicked() keyView load() 505 129 382 135 BNnewKey clicked() keyView newItem() 488 67 392 67 BNexportKey clicked() keyView exportItems() 526 99 393 99 BNdetailsKey clicked() keyView showItems() 473 200 405 200 BNdeleteKey clicked() keyView deleteItems() 470 229 404 230 BNnewReq clicked() reqView newItem() 496 57 371 58 BNexportReq clicked() reqView exportItems() 489 91 400 95 BNimportReq clicked() reqView load() 500 123 412 130 BNdetailsReq clicked() reqView showItems() 497 157 419 166 BNdeleteReq clicked() reqView deleteItems() 475 196 399 196 BNnewCert clicked() certView newItem() 478 63 398 63 BNexportCert clicked() certView exportItems() 499 97 401 99 BNimportCert clicked() certView load() 475 127 401 128 BNdetailsCert clicked() certView showItems() 486 162 395 165 BNdeleteCert clicked() certView deleteItems() 482 203 357 207 BNnewTemp clicked() tempView newItem() 513 60 363 62 BNchangeTemp clicked() tempView showItems() 481 94 415 97 BNdeleteTemp clicked() tempView deleteItems() 482 126 428 126 BNimportTemp clicked() tempView load() 487 165 407 165 BNexportTemp clicked() tempView exportItems() 488 201 428 201 BNexportCrl clicked() crlView exportItems() 472 70 381 70 BNimportCrl clicked() crlView load() 496 99 382 99 BNdetailsCrl clicked() crlView showItems() 477 131 391 131 BNdeleteCrl clicked() crlView deleteItems() 471 173 386 172 BNimportPKCS12 clicked() certView loadPKCS12() 504 239 420 234 BNimportPKCS7 clicked() certView loadPKCS7() 544 265 406 260 BNimportPFX clicked() certView loadPKCS12() 483 170 230 263 BNviewState clicked() certView changeView() 472 304 402 301 BNnewCrl clicked() crlView newItem() 568 62 235 264 xca-RELEASE.2.5.0/ui/NewCrl.ui000066400000000000000000000207141450407711300155240ustar00rootroot00000000000000 NewCrl 0 0 354 428 QLayout::SetMinAndMaxSize Last update true Next update true Days Months Years Midnight Local time Apply Qt::Vertical 20 1 Options Hash algorithm Subject alternative name Authority key identifier CRL number QLayout::SetDefaultConstraint true Revocation reasons true hashBox QComboBox
widgets/hashBox.h
 Validity QDateTimeEdit
widgets/validity.h
1 hideTimeCheck(int) localTime(int) setCrlNumber clicked(bool) crlNumber setEnabled(bool) 204 369 325 370 midnightCB stateChanged(int) nextUpdate hideTimeCheck(int) 81 182 195 93 midnightCB stateChanged(int) lastUpdate hideTimeCheck(int) 53 178 161 51 midnightCB clicked(bool) checkBox setDisabled(bool) 106 176 146 183 checkBox stateChanged(int) nextUpdate localTime(int) 164 182 170 88 checkBox stateChanged(int) lastUpdate localTime(int) 197 175 189 60 xca-RELEASE.2.5.0/ui/NewKey.ui000066400000000000000000000150071450407711300155330ustar00rootroot00000000000000 NewKey 0 0 449 320 6 0 Arial 14 50 false false false false New Key Qt::Horizontal QSizePolicy::Expanding 20 20 95 40 95 40 true Please give a name to the new key and select the desired keysize true Key properties Name 0 0 32767 32767 The internal name of the new key New Key 0 0 0 0 Curve name Keysize 0 0 Usually at least 2048 bit keys are recommended Keytype Remember as default Qt::Vertical QSizePolicy::Expanding 351 16 QDialogButtonBox::Cancel|QDialogButtonBox::Ok keyDesc keyType keyLength curveBox buttonBox accepted() NewKey accept() 303 274 173 248 buttonBox rejected() NewKey reject() 408 270 56 236 xca-RELEASE.2.5.0/ui/NewX509.ui000066400000000000000000001306071450407711300154540ustar00rootroot00000000000000 NewX509 0 0 747 637 Arial 14 50 false false false false Qt::Horizontal QSizePolicy::Expanding 20 20 95 40 95 40 true 0 Source Qt::Vertical QSizePolicy::Expanding 20 16 Signing request 0 Show request Sign this Certificate signing &request Copy extensions from the request true Modify subject of the request Qt::Vertical QSizePolicy::Expanding 20 16 Signing Create a &self signed certificate true Use &this Certificate for signing All certificates in your database that can create valid signatures Qt::Vertical 20 16 Signature algorithm Qt::Vertical QSizePolicy::Expanding 20 16 Template for the new certificate 0 0 All available templates Qt::Horizontal 13 20 Apply extensions Apply subject 0 0 Apply all Qt::Vertical QSizePolicy::Expanding 20 16 Subject Internal Name This name is only used internally and does not appear in the resulting certificate Distinguished name Distinguished name 200 true Add Delete Qt::Vertical 20 40 QFrame::Panel QFrame::Sunken Private key 0 0 This list only contains unused keys Used keys too &Generate a new key Extensions Type If this will become a CA certificate or not Not defined Certification Authority End Entity Path length How much CAs may be below this. The basic constraints should always be critical Critical Key identifier Key identifier 8 Creates a hash of the key following the PKIX guidelines &Subject Key Identifier Copy the Subject Key Identifier from the issuer &Authority Key Identifier Qt::Vertical 20 40 true 0 Validity Not before true Not after true Time range Days Months Years 0 0 Apply Set the time to 00:00:00 and 23:59:59 respectively Midnight Local time No well-defined expiration Qt::Vertical 20 40 20 20 20 20 DNS: IP: URI: email: RID: Edit DNS: IP: URI: email: RID: Edit 20 20 20 20 URI: Edit 20 20 20 20 DNS: IP: URI: email: RID: Edit 20 20 20 20 OCSP Must Staple Key usage 8 8 Critical QAbstractItemView::MultiSelection QAbstractItemView::SelectRows Digital Signature Non Repudiation Key Encipherment Data Encipherment Key Agreement Certificate Sign CRL Sign Encipher Only Decipher Only 8 Critical QAbstractItemView::MultiSelection QAbstractItemView::SelectRows Netscape QAbstractItemView::MultiSelection SSL Client SSL Server S/MIME Object Signing SSL CA S/MIME CA Object Signing CA Qt::Horizontal QSizePolicy::Expanding 20 20 107 107 true Qt::Vertical QSizePolicy::Expanding 20 20 If you know a more pretty one tell me Advanced Qt::Horizontal 40 20 Validate Qt::Horizontal 40 20 Comment QDialogButtonBox::Cancel|QDialogButtonBox::Ok hashBox QComboBox
widgets/hashBox.h
 Validity QDateTimeEdit
widgets/validity.h
1 hideTimeCheck(int) localTime(int) kvView QTableView
widgets/kvView.h
addKvRow() deleteCurrentRow() DoubleClickLabel QLabel
widgets/clicklabel.h
 itemComboReq QComboBox
widgets/ItemCombo.h
 itemComboKey QComboBox
widgets/ItemCombo.h
 itemComboCert QComboBox
widgets/ItemCombo.h
 itemComboTemp QComboBox
widgets/ItemCombo.h
 fromReqCB reqList copyReqExtCB showReqBut reqSubChange selfSignRB foreignSignRB certList hashAlgo tempList applyExtensions applySubject applyTemplate extDNlist extDNadd extDNdel keyList usedKeysToo genKeyBut basicCA basicPath bcCritical subKey authKey notBefore notAfter validN validMidn checkBox noWellDefinedExpDate validRange applyTime subAltName editSubAlt issAltName editIssAlt crlDist editCrlDist authInfAcc editAuthInfAcc kuCritical keyUsage ekuCritical ekeyUsage nsCertType nsBaseUrl nsRevocationUrl nsCARevocationUrl nsRenewalUrl nsCaPolicyUrl nsSslServerName nsComment nconf_data adv_validate buttonBox tabWidget noWellDefinedExpDate clicked(bool) notAfter setDisabled(bool) 595 341 203 342 fromReqCB clicked(bool) reqList setEnabled(bool) 292 147 402 147 extDNdel clicked() extDNlist deleteCurrentRow() 713 199 57 251 extDNadd clicked() extDNlist addKvRow() 713 167 57 251 foreignSignRB toggled(bool) certList setEnabled(bool) 279 344 388 332 validMidn stateChanged(int) notBefore hideTimeCheck(int) 384 341 203 311 validMidn stateChanged(int) notAfter hideTimeCheck(int) 384 341 203 342 buttonBox accepted() NewX509 accept() 566 627 285 570 buttonBox rejected() NewX509 reject() 652 627 405 566 checkBox stateChanged(int) notAfter localTime(int) 451 329 290 328 checkBox stateChanged(int) notBefore localTime(int) 459 337 268 301 validMidn clicked(bool) checkBox setDisabled(bool) 431 348 447 337 xca-RELEASE.2.5.0/ui/OidResolver.ui000066400000000000000000000127221450407711300165670ustar00rootroot00000000000000 OidResolver 0 0 404 241 Arial 14 50 false false false false OID Resolver Qt::AlignCenter Enter the OID, the Nid, or one of the textual representations Search Qt::Horizontal QFormLayout::AllNonFixedFieldsGrow Qt::AlignLeading|Qt::AlignLeft|Qt::AlignVCenter OID 0 0 0 18 0 0 0 18 Long name 0 0 0 18 OpenSSL internal ID Nid 0 0 0 18 OpenSSL internal ID Short name CopyLabel QLabel
widgets/clicklabel.h
 input textChanged(QString) OidResolver searchOid(QString) 207 103 144 47 searchOid(QString) xca-RELEASE.2.5.0/ui/OpenDb.ui000066400000000000000000000127551450407711300155070ustar00rootroot00000000000000 OpenDb 0 0 441 292 6 0 Arial 14 50 false false false false Open remote database Qt::Horizontal QSizePolicy::Expanding 20 20 95 40 95 40 true Qt::Vertical 20 20 Database type Hostname Username Password QLineEdit::Password Database name Table prefix Qt::Vertical 20 21 Qt::Horizontal Qt::Horizontal QDialogButtonBox::Cancel|QDialogButtonBox::Ok buttonBox accepted() Dialog accept() 248 254 157 274 buttonBox rejected() Dialog reject() 316 260 286 274 xca-RELEASE.2.5.0/ui/Options.ui000066400000000000000000000360031450407711300157630ustar00rootroot00000000000000 Options 0 0 635 500 Arial 14 50 false false false false XCA Options Qt::AlignCenter 0 Settings Default hash algorithm PKCS12 encryption algorithm String types Suppress success messages Disable legacy Netscape extensions Translate established x509 terms (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. Only use hashes supported by the token when signing with a token key Don't colorize expired certificates QLayout::SetDefaultConstraint 0 0 Certificate expiry warning threshold Send vCalendar expiry reminder Serial number length bit 8 256 8 64 Qt::Vertical 20 241 Distinguished name Mandatory subject entries Add Delete Qt::Vertical 20 40 Explicit subject entries QAbstractItemView::InternalMove Dynamically arrange explicit subject entries Add Delete Default Qt::Vertical 20 18 PKCS#11 provider true true false QAbstractItemView::InternalMove QAbstractItemView::SelectRows QListView::Snap QListView::Adjust true 0 0 Add 0 0 Remove Search Qt::Vertical 77 17 Qt::Horizontal QDialogButtonBox::Cancel|QDialogButtonBox::Ok focusCombo QComboBox
widgets/FocusCombo.h
 hashBox QComboBox
widgets/hashBox.h
 pkcs12EncBox QComboBox
widgets/pkcs12EncBox.h
 hashAlgo buttonBox accepted() Options accept() 376 495 109 380 buttonBox rejected() Options reject() 453 495 194 374 noColorize toggled(bool) cert_expiry_num setDisabled(bool) 139 241 333 267 noColorize toggled(bool) cert_expiry_unit setDisabled(bool) 448 242 529 266 xca-RELEASE.2.5.0/ui/PwDialog.ui000066400000000000000000000101721450407711300160350ustar00rootroot00000000000000 PwDialog 0 0 400 264 6 0 Arial 14 50 false false false false Qt::Horizontal QSizePolicy::Expanding 20 20 95 40 95 40 true QFrame::NoFrame QFrame::Box QFrame::Sunken QLineEdit::Password QLineEdit::Password The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) Take as HEX string Qt::Horizontal QDialogButtonBox::Cancel|QDialogButtonBox::Ok buttonBox clicked(QAbstractButton*) PwDialog buttonPress(QAbstractButton*) 63 221 102 21 buttonPress(QAbstractButton*) xca-RELEASE.2.5.0/ui/RevocationList.ui000066400000000000000000000103541450407711300172760ustar00rootroot00000000000000 RevocationList 0 0 628 320 Arial 14 50 false false false false Manage revocations Qt::Horizontal QSizePolicy::Expanding 20 20 95 40 95 40 true true QAbstractItemView::MultiSelection QAbstractItemView::SelectRows 1 Add Delete Edit Qt::Vertical 20 40 QDialogButtonBox::Cancel|QDialogButtonBox::Ok buttonBox accepted() RevocationList accept() 341 291 292 254 buttonBox rejected() RevocationList reject() 445 292 445 237 xca-RELEASE.2.5.0/ui/Revoke.ui000066400000000000000000000117601450407711300155660ustar00rootroot00000000000000 Revoke 0 0 417 282 Arial 14 50 false false false false Certificate revocation Qt::Horizontal QSizePolicy::Expanding 78 20 95 40 95 40 true Qt::Vertical 20 10 Revocation details Revocation reason true Local time Invalid since Serial Qt::Horizontal QDialogButtonBox::Cancel|QDialogButtonBox::Ok Validity QDateTimeEdit
widgets/validity.h
1 hideTimeCheck(int) localTime(int) buttonBox accepted() Revoke accept() 242 277 157 164 checkBox stateChanged(int) invalid localTime(int) 398 194 389 167 buttonBox rejected() Revoke reject() 97 268 109 59 xca-RELEASE.2.5.0/ui/SearchPkcs11.ui000066400000000000000000000077371450407711300165340ustar00rootroot00000000000000 SearchPkcs11 0 0 480 378 0 0 QFrame::Box QFrame::Sunken 0 0 Directory 0 0 ... Include subdirectories Search Qt::PlainText false QAbstractItemView::NoEditTriggers false Qt::Horizontal QDialogButtonBox::Cancel|QDialogButtonBox::Ok|QDialogButtonBox::Open buttonBox clicked(QAbstractButton*) SearchPkcs11 buttonPress(QAbstractButton*) 229 362 368 104 liblist itemDoubleClicked(QListWidgetItem*) SearchPkcs11 loadItem(QListWidgetItem*) 339 279 368 225 buttonPress(QAbstractButton*) loadItem(QListWidgetItem*) xca-RELEASE.2.5.0/ui/SelectToken.ui000066400000000000000000000070671450407711300165600ustar00rootroot00000000000000 SelectToken 0 0 369 162 6 0 Arial 14 50 false false false false Security token Qt::Horizontal QSizePolicy::Expanding 20 20 95 40 95 40 true Please select the security token Qt::AlignCenter Qt::Vertical QSizePolicy::Expanding 351 16 QDialogButtonBox::Cancel|QDialogButtonBox::Ok buttonBox accepted() SelectToken accept() 222 138 90 114 buttonBox rejected() SelectToken reject() 331 129 144 103 xca-RELEASE.2.5.0/ui/TimeInput.ui000066400000000000000000000134741450407711300162550ustar00rootroot00000000000000 Form 0 0 491 224 QLayout::SetMinAndMaxSize last update true next update true Days Months Years Apply Midnight Local time No well-defined expiration Validity QDateTimeEdit
widgets/validity.h
1 hideTimeCheck(int) localTime(int) midnightCB clicked(bool) checkBox setDisabled(bool) 128 189 256 189 checkBox stateChanged(int) nextUpdate localTime(int) 187 187 360 100 checkBox stateChanged(int) lastUpdate localTime(int) 256 189 360 64 midnightCB stateChanged(int) lastUpdate hideTimeCheck(int) 131 189 360 64 midnightCB stateChanged(int) nextUpdate hideTimeCheck(int) 146 189 360 100 applyTime clicked() Form applyTimeRange() 310 195 297 228 applyTimeRange() xca-RELEASE.2.5.0/ui/TrustState.ui000066400000000000000000000100061450407711300164450ustar00rootroot00000000000000 TrustState 0 0 435 211 Arial 14 50 false false false false Certificate trust Qt::Horizontal QSizePolicy::Expanding 20 20 95 40 95 40 true Qt::Vertical 20 40 Trustment 8 &Never trust this certificate Only &trust this certificate, if we trust the signer &Always trust this certificate QDialogButtonBox::Cancel|QDialogButtonBox::Ok trust0 trust1 trust2 buttonBox accepted() TrustState accept() 286 264 83 245 buttonBox rejected() TrustState reject() 386 260 430 85 xca-RELEASE.2.5.0/ui/XcaDialog.ui000066400000000000000000000112301450407711300161560ustar00rootroot00000000000000 XcaDialog 0 0 435 177 QLayout::SetMinimumSize 0 0 95 40 16777215 40 Arial 14 50 false false false false true Qt::Horizontal QSizePolicy::Expanding 20 20 0 0 95 40 95 40 true Qt::Vertical 20 40 Qt::Vertical 20 1 0 0 QDialogButtonBox::Cancel|QDialogButtonBox::Ok buttonBox accepted() XcaDialog accept() 286 264 83 245 buttonBox rejected() XcaDialog reject() 386 260 430 85 xca-RELEASE.2.5.0/ui/v3ext.ui000066400000000000000000000107341450407711300154040ustar00rootroot00000000000000 v3ext 0 0 473 233 Critical Copy Common Name QFrame::Panel QFrame::Sunken Add Delete Qt::Vertical 20 40 Apply Validate Qt::Horizontal QSizePolicy::Expanding 20 20 0 0 Cancel kvView QTableView
widgets/kvView.h
addKvRow() deleteCurrentRow() cancel clicked() v3ext reject() 375 221 227 150 delEntry clicked() tab deleteCurrentRow() 323 51 222 52 addEntry clicked() tab addKvRow() 307 31 270 30 xca-RELEASE.2.5.0/widgets/000077500000000000000000000000001450407711300150205ustar00rootroot00000000000000xca-RELEASE.2.5.0/widgets/CMakeLists.txt000066400000000000000000000023451450407711300175640ustar00rootroot00000000000000list(APPEND xca_sources CertDetail.cpp NewCrl.cpp XcaApplication.h CertDetail.h NewCrl.h XcaDialog.cpp CertExtend.cpp NewKey.cpp XcaDialog.h CertExtend.h NewKey.h XcaHeaderView.cpp CertTreeView.cpp NewX509.cpp XcaHeaderView.h CertTreeView.h NewX509.h CrlDetail.cpp NewX509_ext.cpp XcaProxyModel.cpp CrlDetail.h OidResolver.cpp XcaProxyModel.h CrlTreeView.cpp OidResolver.h XcaTreeView.cpp CrlTreeView.h OpenDb.cpp XcaTreeView.h ExportDialog.cpp OpenDb.h XcaWarning.cpp ExportDialog.h Options.cpp XcaWarning.h FocusCombo.h Options.h clicklabel.cpp Help.cpp PwDialog.cpp clicklabel.h Help.h PwDialog.h ImportMulti.cpp ReqTreeView.cpp ImportMulti.h ReqTreeView.h distname.cpp ItemCombo.h RevocationList.cpp distname.h KeyDetail.cpp RevocationList.h hashBox.cpp KeyDetail.h SearchPkcs11.cpp hashBox.h KeyTreeView.cpp SearchPkcs11.h kvView.cpp KeyTreeView.h TempTreeView.cpp kvView.h MW_help.cpp TempTreeView.h v3ext.cpp MW_menu.cpp X509SuperTreeView.cpp v3ext.h MainWindow.cpp X509SuperTreeView.h validity.cpp MainWindow.h XcaApplication.cpp validity.h pkcs12EncBox.h pkcs12EncBox.cpp ) list(TRANSFORM xca_sources PREPEND ${PROJECT_SOURCE_DIR}/widgets/) target_sources(${CMAKE_PROJECT_NAME} PRIVATE ${xca_sources}) xca-RELEASE.2.5.0/widgets/CertDetail.cpp000066400000000000000000000167161450407711300175570ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "CertDetail.h" #include "KeyDetail.h" #include "MainWindow.h" #include "distname.h" #include "clicklabel.h" #include "Help.h" #include "OidResolver.h" #include "lib/func.h" #include "lib/XcaWarningCore.h" #include #include #include #include CertDetail::CertDetail(QWidget *w) : QDialog(w ? w : mainwin), keySqlId(), issuerSqlId(), thisSqlId() { setupUi(this); setWindowTitle(XCA_TITLE); showConf = false; myPubKey = NULL; tmpPubKey = NULL; Database.connectToDbChangeEvt(this, SLOT(itemChanged(pki_base*))); } void CertDetail::on_showExt_clicked() { if (showConf) { showConf = false; v3extensions->document()->setHtml(exts); showExt->setText(tr("Show config")); } else { showConf = true; v3extensions->document()->setPlainText(conf); showExt->setText(tr("Show extensions")); } } void CertDetail::setX509super(pki_x509super *x) { descr->setText(x->getIntName()); thisSqlId = x->getSqlItemId(); // examine the key myPubKey = x->getRefKey(); if (myPubKey) { privKey->setText(myPubKey->getIntName()); privKey->setClickText(myPubKey->getSqlItemId().toString()); if (myPubKey->isPrivKey()) { privKey->setGreen(); } else { privKey->setRed(); } } else { tmpPubKey = myPubKey = x->getPubKey(); privKey->setText(tr("Show public key")); privKey->setRed(); myPubKey->setIntName(x->getIntName()); myPubKey->setComment(tr("This key is not in the database.")); } if (!myPubKey) { privKey->setText(tr("Not available")); privKey->setDisabled(true); privKey->disableToolTip(); } else { keySqlId = myPubKey->getSqlItemId(); } connect(privKey, SIGNAL(doubleClicked(QString)), this, SLOT(showPubKey())); // details of the subject subject->setX509name(x->getSubject()); // V3 extensions extList el = x->getV3ext(); if (el.count() == 0) { tabwidget->removeTab(4); } else { exts = el.getHtml("
"); el.genGenericConf(&conf); v3extensions->document()->setHtml(exts); } // Algorithm sigAlgo->setText(x->getSigAlg()); connect(sigAlgo, SIGNAL(doubleClicked(QString)), MainWindow::getResolver(), SLOT(searchOid(QString))); // Comment comment->setPlainText(x->getComment()); setCert(dynamic_cast(x)); setReq(dynamic_cast(x)); } void CertDetail::setCert(pki_x509 *cert) { if (!cert) return; image->setPixmap(QPixmap(":certImg")); headerLabel->setText(tr("Details of the Certificate")); mainwin->helpdlg->register_ctxhelp_button(this, "certdetail"); try { // No attributes tabwidget->removeTab(3); // examine the signature if (cert->getSigner() == NULL) { signature->setText(tr("Signer unknown")); signature->setDisabled(true); signature->disableToolTip(); } else if (cert == cert->getSigner()) { signature->setText(tr("Self signed")); signature->setGreen(); signature->disableToolTip(); } else { pki_x509 *issuer = cert->getSigner(); signature->setText(issuer->getIntName()); signature->setClickText(issuer->getSqlItemId().toString()); signature->setGreen(); issuerSqlId = issuer->getSqlItemId(); connect(signature, SIGNAL(doubleClicked(QString)), this, SLOT(showIssuer())); } // the serial serialNr->setText(cert->getSerial()); // details of the issuer issuer->setX509name(cert->getIssuerName()); // The dates notBefore->setText(cert->getNotBefore().toPretty()); notBefore->setToolTip(cert->getNotBefore().toPrettyGMT()); notAfter->setText(cert->getNotAfter().toPretty()); notAfter->setToolTip(cert->getNotAfter().toPrettyGMT()); // validation of the Date dateValid->disableToolTip(); if (cert->isRevoked()) { x509rev rev = cert->getRevocation(); dateValid->setText(tr("Revoked at %1") .arg(rev.getDate().toPretty())); dateValid->setRed(); dateValid->setToolTip(rev.getDate().toPrettyGMT()); } else if (!cert->checkDate()) { dateValid->setText(tr("Not valid")); dateValid->setRed(); } else { dateValid->setGreen(); dateValid->setText(tr("Valid")); } // the fingerprints fpMD5->setText(cert->fingerprint(EVP_md5())); fpSHA1->setText(cert->fingerprint(EVP_sha1())); QString fp = cert->fingerprint(EVP_sha256()); int x = fp.size() / 2; fp = fp.mid(0,x) + "\n" + fp.mid(x+1, -1); fpSHA256->setText(fp); openssl_error(); } catch (errorEx &err) { XCA_WARN(err.getString()); } } void CertDetail::setReq(pki_x509req *req) { if (!req) return; image->setPixmap(QPixmap(":csrImg")); headerLabel->setText(tr("Details of the certificate signing request")); mainwin->helpdlg->register_ctxhelp_button(this, "csrdetail"); try { // No issuer tabwidget->removeTab(2); // verification if (!req->verify() ) { signature->setRed(); signature->setText("Failed"); } else { signature->setGreen(); signature->setText("PKCS#10"); } signature->disableToolTip(); fingerprints->hide(); validity->hide(); serialLabel->hide(); serialNr->hide(); // The non extension attributes int cnt = X509_REQ_get_attr_count(req->getReq()); int added = 0; QGridLayout *attrLayout = new QGridLayout(attributes); attrLayout->setAlignment(Qt::AlignTop); attrLayout->setSpacing(6); attrLayout->setContentsMargins(11, 11, 11, 11); for (int i = 0, ii = 0; igetReq(), i); nid = OBJ_obj2nid(X509_ATTRIBUTE_get0_object(att)); if (X509_REQ_extension_nid(nid)) { continue; } label = new QLabel(this); trans = dn_translations[nid]; if (Settings["translate_dn"] && !trans.isEmpty()) { label->setText(trans); label->setToolTip(QString(OBJ_nid2sn(nid))); } else { label->setText(QString(OBJ_nid2ln(nid))); label->setToolTip(trans); } label->setText(QString(OBJ_nid2ln(nid))); label->setToolTip(QString(OBJ_nid2sn(nid))); attrLayout->addWidget(label, ii, 0); added++; int count = X509_ATTRIBUTE_count(att); for (int j=0; jvalue.asn1_string); attrLayout->addWidget(label, ii, j +1); } ii++; } if (!added) { tabwidget->removeTab(2); } openssl_error(); } catch (errorEx &err) { XCA_WARN(err.getString()); } } QLabel *CertDetail::labelFromAsn1String(ASN1_STRING *s) { QLabel *label; label = new CopyLabel(this); label->setText(asn1ToQString(s)); label->setToolTip(QString(ASN1_tag2str(s->type))); return label; } void CertDetail::itemChanged(pki_base *pki) { QVariant pkiSqlId = pki->getSqlItemId(); if (pkiSqlId == keySqlId) privKey->setText(pki->getIntName()); if (pkiSqlId == issuerSqlId) signature->setText(pki->getIntName()); if (pkiSqlId == thisSqlId) descr->setText(pki->getIntName()); } void CertDetail::showPubKey() { KeyDetail::showKey(this, myPubKey, !keySqlId.isValid()); } void CertDetail::showIssuer() { showCert(this, Store.lookupPki(issuerSqlId)); } void CertDetail::showCert(QWidget *parent, pki_x509super *x) { if (!x) return; CertDetail *dlg = new CertDetail(parent); if (!dlg) return; dlg->setX509super(x); if (dlg->exec()) { db_base *db = Database.modelForPki(x); if (!db) { x->setIntName(dlg->descr->text()); x->setComment(dlg->comment->toPlainText()); } else { db->updateItem(x, dlg->descr->text(), dlg->comment->toPlainText()); } } delete dlg; } CertDetail::~CertDetail() { delete tmpPubKey; } xca-RELEASE.2.5.0/widgets/CertDetail.h000066400000000000000000000015211450407711300172100ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __CERTDETAIL_H #define __CERTDETAIL_H #include "ui_CertDetail.h" #include "lib/pki_x509req.h" #include "lib/pki_x509.h" class pki_x509; class CertDetail: public QDialog, public Ui::CertDetail { Q_OBJECT bool showConf; QVariant keySqlId, issuerSqlId, thisSqlId; QString conf, exts; QLabel *labelFromAsn1String(ASN1_STRING *s); pki_key *myPubKey, *tmpPubKey; void setCert(pki_x509 *cert); void setReq(pki_x509req *req); public: CertDetail(QWidget *w = nullptr); ~CertDetail(); void setX509super(pki_x509super *x); static void showCert(QWidget *parent, pki_x509super *x); private slots: void on_showExt_clicked(); void itemChanged(pki_base *pki); void showPubKey(); void showIssuer(); }; #endif xca-RELEASE.2.5.0/widgets/CertExtend.cpp000066400000000000000000000043661450407711300176020ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "CertExtend.h" #include "lib/base.h" #include "lib/func.h" #include "widgets/validity.h" #include "widgets/XcaWarning.h" #include #include #include #include #include CertExtend::CertExtend(QWidget *parent, pki_x509 *s) :QDialog(parent) { setupUi(this); setWindowTitle(XCA_TITLE); image->setPixmap(QPixmap(":certImg")); validNumber->setText("1"); validRange->setCurrentIndex(2); on_applyTime_clicked(); signer = s; notAfter->setEndDate(true); } void CertExtend::on_applyTime_clicked() { notAfter->setDiff(notBefore, validNumber->text().toInt(), validRange->currentIndex()); } void CertExtend::accept() { if (signer && notBefore->getDate() < signer->getNotBefore()) { QString text = tr("The certificate will be earlier valid than the signer. This is probably not what you want."); xcaWarningBox msg(this, text); msg.addButton(QMessageBox::Ok, tr("Edit dates")); msg.addButton(QMessageBox::Close, tr("Abort rollout")); msg.addButton(QMessageBox::Apply, tr("Continue rollout")); msg.addButton(QMessageBox::Yes, tr("Adjust date and continue")); switch (msg.exec()) { case QMessageBox::Ok: case QMessageBox::Cancel: return; case QMessageBox::Close: reject(); return; case QMessageBox::Apply: break; case QMessageBox::Yes: notBefore->setDate(signer->getNotBefore()); } } if (signer && notAfter->getDate() > signer->getNotAfter() && !noWellDefinedExpDate->isChecked()) { QString text = tr("The certificate will be longer valid than the signer. This is probably not what you want."); xcaWarningBox msg(this, text); msg.addButton(QMessageBox::Ok, tr("Edit dates")); msg.addButton(QMessageBox::Close, tr("Abort rollout")); msg.addButton(QMessageBox::Apply, tr("Continue rollout")); msg.addButton(QMessageBox::Yes, tr("Adjust date and continue")); switch (msg.exec()) { case QMessageBox::Ok: case QMessageBox::Cancel: return; case QMessageBox::Close: reject(); return; case QMessageBox::Apply: break; case QMessageBox::Yes: notAfter->setDate(signer->getNotAfter()); } } QDialog::accept(); } xca-RELEASE.2.5.0/widgets/CertExtend.h000066400000000000000000000006731450407711300172440ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __CERTEXTEND_H #define __CERTEXTEND_H #include "ui_CertExtend.h" #include "lib/pki_x509.h" class pki_key; class CertExtend: public QDialog, public Ui::CertExtend { Q_OBJECT pki_x509 *signer; public: CertExtend(QWidget *parent, pki_x509 *s); public slots: void on_applyTime_clicked(); void accept(); }; #endif xca-RELEASE.2.5.0/widgets/CertTreeView.cpp000066400000000000000000000132521450407711300200770ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2015 Christian Hohnstaedt. * * All rights reserved. */ #include "ui_CaProperties.h" #include "CertTreeView.h" #include "XcaWarning.h" #include "XcaDialog.h" #include "MainWindow.h" #include "RevocationList.h" #include "ExportDialog.h" #include "NewCrl.h" #include "lib/database_model.h" #include "lib/db_crl.h" #include "lib/load_obj.h" #include #include #include void CertTreeView::fillContextMenu(QMenu *menu, QMenu *subExport, const QModelIndex &index, QModelIndexList indexes) { QMenu *subCa; bool parentCanSign, multi, hasScard, sameParent, allRevoked, allUnrevoked; pki_key *privkey; X509SuperTreeView::fillContextMenu(menu, subExport, index, indexes); menu->addAction(tr("Import PKCS#12"), this, SLOT(loadPKCS12())); menu->addAction(tr("Import from PKCS#7"), this, SLOT(loadPKCS7())); pki_x509 *cert = db_base::fromIndex(index); pki_x509 *parent; if (indexes.size() == 0 || !cert) return; privkey = cert->getRefKey(); parent = cert->getSigner(); parentCanSign = parent && parent->canSign() && (parent != cert); hasScard = pkcs11::libraries.loaded(); multi = indexes.size() > 1; allUnrevoked = allRevoked = sameParent = true; foreach(QModelIndex i, indexes) { pki_x509 *c = db_base::fromIndex(i); if (!c) continue; if (c->getSigner() != parent) sameParent = false; if (c->isRevoked()) allUnrevoked = false; else allRevoked = false; } if (!multi) { transform->addAction(tr("Request"), this, SLOT(toRequest()))-> setEnabled(privkey && privkey->isPrivKey()); subExport->addAction(tr("Security token"), this, SLOT(toToken()))->setEnabled(hasScard); subExport->addAction(tr("Other token"), this, SLOT(toOtherToken()))->setEnabled( hasScard && privkey && privkey->isToken()); transform->addAction(tr("Similar Certificate"), this, SLOT(toCertificate())); menu->addAction(tr("Delete from Security token"), this, SLOT(deleteFromToken()))->setEnabled(hasScard); subCa = menu->addMenu(tr("CA")); subCa->addAction(tr("Properties"), this, SLOT(caProperties())); subCa->addAction(tr("Generate CRL"), this, SLOT(genCrl())); subCa->addAction(tr("Manage revocations"), this, SLOT(manageRevocations())); subCa->setEnabled(cert->canSign()); } if (parent == cert && parent->canSign()) menu->addAction(tr("Renewal"), this, SLOT(certRenewal())); if (sameParent && parentCanSign) { QString n = multi ? QString(" [%1]").arg(indexes.size()) : ""; menu->addAction(tr("Renewal") +n, this, SLOT(certRenewal())); if (allUnrevoked) menu->addAction(tr("Revoke") +n, this, SLOT(revoke())); if (allRevoked) menu->addAction(tr("Unrevoke") +n, this, SLOT(unRevoke())); } } void CertTreeView::toRequest() { if (basemodel) certs()->toRequest(currentIndex()); } void CertTreeView::toToken() { if (basemodel) certs()->toToken(currentIndex(), false); } void CertTreeView::toOtherToken() { if (basemodel) certs()->toToken(currentIndex(), true); } void CertTreeView::loadPKCS12() { load_pkcs12 l; load_default(&l); } void CertTreeView::loadPKCS7() { load_pkcs7 l; load_default(&l); } void CertTreeView::genCrl() { pki_x509 *ca = db_base::fromIndex(currentIndex()); NewCrl::newCrl(this, ca); } void CertTreeView::toCertificate() { if (basemodel) certs()->toCertificate(currentIndex()); } void CertTreeView::deleteFromToken() { pki_x509 *cert = db_base::fromIndex(currentIndex()); try { cert->deleteFromToken(); } catch (errorEx &err) { XCA_ERROR(err); } } void CertTreeView::changeView() { if (!basemodel) return; XcaTreeView::changeView(); mainwin->BNviewState->setText(basemodel->treeViewMode() ? tr("Plain View") : tr("Tree View")); } void CertTreeView::manageRevocations() { pki_x509 *cert = db_base::fromIndex(currentIndex()); if (!cert) return; RevocationList *dlg = new RevocationList(); dlg->setRevList(cert->getRevList(), cert); if (dlg->exec()) { cert->setRevocations(dlg->getRevList()); columnsChanged(); } } void CertTreeView::caProperties() { Ui::CaProperties ui; XcaDialog *dlg; QWidget *w; pki_x509 *cert = db_base::fromIndex(currentIndex()); if (!cert || !basemodel) return; w = new QWidget(); ui.setupUi(w); ui.days->setSuffix(QString(" ") + tr("days")); ui.days->setMaximum(1000000); ui.days->setValue(cert->getCrlDays()); QVariant tmplId = cert->getTemplateSqlId(); pki_temp *templ = Store.lookupPki(tmplId); ui.temp->insertPkiItems(Store.getAll()); ui.temp->setNullItem(tr("No template")); ui.temp->setCurrentIndex(0); if (templ) ui.temp->setCurrentPkiItem(templ); dlg = new XcaDialog(this, x509, w, tr("CA Properties"), cert->getIntName(), "ca_properties"); if (dlg->exec()) { templ = ui.temp->currentPkiItem(); tmplId = templ ? templ->getSqlItemId() : QVariant(); cert->setTemplateSqlId(tmplId); cert->setCrlDays(ui.days->value()); certs()->updateCaProperties(cert); columnsChanged(); } delete dlg; } void CertTreeView::certRenewal() { if (basemodel) certs()->certRenewal(getSelectedIndexes()); } void CertTreeView::revoke() { if (basemodel) certs()->revoke(getSelectedIndexes()); } void CertTreeView::unRevoke() { if (basemodel) certs()->unRevoke(getSelectedIndexes()); } void CertTreeView::load() { load_cert c; load_default(&c); } ExportDialog *CertTreeView::exportDialog(const QModelIndexList &indexes) { return new ExportDialog(this, tr("Certificate export"), tr("X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b )"), indexes, QPixmap(":certImg"), pki_export::select(x509, basemodel->exportFlags(indexes)), "certexport"); } xca-RELEASE.2.5.0/widgets/CertTreeView.h000066400000000000000000000016201450407711300175400ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2015 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __CERTTREEVIEW_H #define __CERTTREEVIEW_H #include "X509SuperTreeView.h" #include "lib/db_x509.h" class CertTreeView: public X509SuperTreeView { Q_OBJECT db_x509 *certs() const { return dynamic_cast(basemodel); } public: CertTreeView(QWidget *parent) : X509SuperTreeView(parent) { } void fillContextMenu(QMenu *menu, QMenu *subExport, const QModelIndex &index, QModelIndexList indexes); ExportDialog *exportDialog(const QModelIndexList &index); public slots: void changeView(); void toRequest(); void toCertificate(); void toToken(); void toOtherToken(); void genCrl(); void loadPKCS7(); void loadPKCS12(); void deleteFromToken(); void manageRevocations(); void certRenewal(); void caProperties(); void revoke(); void unRevoke(); void load(); }; #endif xca-RELEASE.2.5.0/widgets/CrlDetail.cpp000066400000000000000000000056271450407711300174010ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2012 Christian Hohnstaedt. * * All rights reserved. */ #include "CrlDetail.h" #include "CertDetail.h" #include "MainWindow.h" #include "Help.h" #include "distname.h" #include "clicklabel.h" #include "RevocationList.h" #include "OpenDb.h" #include "OidResolver.h" #include "lib/pki_crl.h" #include #include #include CrlDetail::CrlDetail(QWidget *w) : QDialog(w ? w : mainwin), issuerSqlId(), crlSqlId() { setupUi(this); setWindowTitle(XCA_TITLE); mainwin->helpdlg->register_ctxhelp_button(this, "crldetail"); image->setPixmap(QPixmap(":revImg")); Database.connectToDbChangeEvt(this, SLOT(itemChanged(pki_base*))); } void CrlDetail::setCrl(pki_crl *crl) { pki_x509 *iss; x509v3ext e1, e2; iss = crl->getIssuer(); crlSqlId = crl->getSqlItemId(); signCheck->disableToolTip(); signCheck->setClickText(crl->getSigAlg()); if (iss != NULL) { issuerIntName->setText(iss->getIntName()); issuerIntName->setClickText(iss->getSqlItemId().toString()); issuerIntName->setGreen(); if (crl->verify(iss)) { signCheck->setText(crl->getSigAlg()); signCheck->setGreen(); } else { signCheck->setText(tr("Failed")); signCheck->setRed(); } issuerSqlId = iss->getSqlItemId(); } else { issuerIntName->setText(tr("Unknown signer")); issuerIntName->setDisabled(true); issuerIntName->disableToolTip(); signCheck->setText(tr("Verification not possible")); signCheck->setDisabled(true); } connect(signCheck, SIGNAL(doubleClicked(QString)), MainWindow::getResolver(), SLOT(searchOid(QString))); connect(issuerIntName, SIGNAL(doubleClicked(QString)), this, SLOT(showIssuer())); descr->setText(crl->getIntName()); lUpdate->setText(crl->getLastUpdate().toPretty()); lUpdate->setToolTip(crl->getLastUpdate().toPrettyGMT()); nUpdate->setText(crl->getNextUpdate().toPretty()); nUpdate->setToolTip(crl->getNextUpdate().toPrettyGMT()); version->setText((++crl->getVersion())); issuer->setX509name(crl->getSubject()); RevocationList::setupRevocationView(certList, crl->getRevList(), iss); v3extensions->document()->setHtml(crl->printV3ext()); comment->setPlainText(crl->getComment()); } void CrlDetail::itemChanged(pki_base *pki) { QVariant pkiSqlId = pki->getSqlItemId(); if (pkiSqlId == issuerSqlId) issuerIntName->setText(pki->getIntName()); if (pkiSqlId == crlSqlId) descr->setText(pki->getIntName()); } void CrlDetail::showIssuer() { CertDetail::showCert(this, Store.lookupPki(issuerSqlId)); } void CrlDetail::showCrl(QWidget *parent, pki_crl *crl) { CrlDetail *dlg = new CrlDetail(parent); if (!dlg) return; dlg->setCrl(crl); if (dlg->exec()) { db_base *db = Database.modelForPki(crl); if (!db) { crl->setIntName(dlg->descr->text()); crl->setComment(dlg->comment->toPlainText()); } else { db->updateItem(crl, dlg->descr->text(), dlg->comment->toPlainText()); } } delete dlg; } xca-RELEASE.2.5.0/widgets/CrlDetail.h000066400000000000000000000010231450407711300170300ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2007 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __CRLDETAIL_H #define __CRLDETAIL_H #include "ui_CrlDetail.h" class pki_crl; class pki_base; class CrlDetail: public QDialog, public Ui::CrlDetail { Q_OBJECT private: QVariant issuerSqlId, crlSqlId; public: CrlDetail(QWidget *w = nullptr); void setCrl(pki_crl *crl); static void showCrl(QWidget *parent, pki_crl *crl); public slots: void itemChanged(pki_base *pki); void showIssuer(); }; #endif xca-RELEASE.2.5.0/widgets/CrlTreeView.cpp000066400000000000000000000027311450407711300177220ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2019 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "CrlTreeView.h" #include "CrlDetail.h" #include "NewCrl.h" #include "XcaDialog.h" #include "MainWindow.h" #include "ItemCombo.h" #include "XcaWarning.h" #include "ExportDialog.h" #include "lib/db_crl.h" #include "lib/pki_x509.h" #include "lib/database_model.h" #include "lib/load_obj.h" void CrlTreeView::showPki(pki_base *pki) { CrlDetail::showCrl(this, dynamic_cast(pki)); } void CrlTreeView::newItem(pki_x509 *cert) { NewCrl::newCrl(this, cert); } void CrlTreeView::newItem() { db_x509 *certs = Database.model(); QList cas = certs->getAllIssuers(); pki_x509 *ca = NULL; switch (cas.size()) { case 0: XCA_INFO(tr("There are no CA certificates for CRL generation")); return; case 1: ca = cas[0]; break; default: { itemComboCert *c = new itemComboCert(NULL); XcaDialog *d = new XcaDialog(this, revocation, c, tr("Select CA certificate"), QString()); c->insertPkiItems(cas); if (!d->exec()) { delete d; return; } ca = c->currentPkiItem(); delete d; } } newItem(ca); } void CrlTreeView::load() { load_crl l; load_default(&l); } ExportDialog *CrlTreeView::exportDialog(const QModelIndexList &indexes) { return new ExportDialog(this, tr("Revocation list export"), tr("CRL ( *.pem *.der *.crl )"), indexes, QPixmap(":revImg"), pki_export::select(revocation, basemodel->exportFlags(indexes))); } xca-RELEASE.2.5.0/widgets/CrlTreeView.h000066400000000000000000000011231450407711300173610ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2006 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __CRLTREEVIEW_H #define __CRLTREEVIEW_H #include "XcaTreeView.h" #include "lib/db_crl.h" class pki_x509; class CrlTreeView: public XcaTreeView { Q_OBJECT db_crl *crls() const { return dynamic_cast(basemodel); } public: CrlTreeView(QWidget *parent) : XcaTreeView(parent) { } void showPki(pki_base *pki); ExportDialog *exportDialog(const QModelIndexList &index); public slots: void newItem(pki_x509 *cert); void newItem(); void load(); }; #endif xca-RELEASE.2.5.0/widgets/ExportDialog.cpp000066400000000000000000000065521450407711300201350ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "ExportDialog.h" #include "MainWindow.h" #include "Help.h" #include "XcaWarning.h" #include "lib/base.h" #include #include #include #include #include #include ExportDialog::ExportDialog(QWidget *w, const QString &title, const QString &filt, const QModelIndexList &indexes, const QPixmap &img, QList types, const QString &help_ctx) : QDialog(w ? w : mainwin) { QList usual, normal; QString fname = "selected_items"; setupUi(this); setWindowTitle(XCA_TITLE); if (indexes.size() == 1) { pki_base *pki = db_base::fromIndex(indexes[0]); if (pki) { descr->setText(pki->getIntName()); fname = pki->getUnderlinedName(); } } descr->setReadOnly(true); image->setPixmap(img); label->setText(title); mainwin->helpdlg->register_ctxhelp_button(this, help_ctx); QString fn = Settings["workingdir"] + fname + "." + types[0]->extension; filename->setText(nativeSeparator(fn)); filter = filt + ";;" + tr("All files ( * )"); foreach(const pki_export *t, types) { if (t->flags & F_USUAL) usual << t; else normal << t; } foreach(const pki_export *t, usual + normal) { exportFormat->addItem(QString("%1 (*.%2)"). arg(t->desc).arg(t->extension), QVariant(t->id)); } if (usual.size() > 0 && normal.size() > 0) exportFormat->insertSeparator(usual.size()); exportFormat->setCurrentIndex(0); on_exportFormat_highlighted(0); } ExportDialog::~ExportDialog() { pki_base::pem_comment = 0; } void ExportDialog::on_fileBut_clicked() { QString s = QFileDialog::getSaveFileName(this, QString(), filename->text(), filter, NULL, QFileDialog::DontConfirmOverwrite); if (!s.isEmpty()) filename->setText(nativeSeparator(s)); } void ExportDialog::on_exportFormat_activated(int selected) { QString fn = filename->text(); const pki_export *t_sel = export_type(selected); for (int i=0; i< exportFormat->count(); i++) { const pki_export *t = export_type(i); if (t && fn.endsWith(QString(".") + t->extension)) { fn = fn.left(fn.length() - t->extension.length()) + t_sel->extension; break; } } if (filename->isEnabled()) filename->setText(fn); on_exportFormat_highlighted(selected); } bool ExportDialog::mayWriteFile(const QString &fname) { if (QFile::exists(fname)) { xcaWarningBox msg(NULL, tr("The file: '%1' already exists!").arg(fname)); msg.addButton(QMessageBox::Ok, tr("Overwrite")); msg.addButton(QMessageBox::Cancel, tr("Do not overwrite")); if (msg.exec() != QMessageBox::Ok) return false; } return true; } void ExportDialog::accept() { QString fn = filename->text(); pki_base::pem_comment = pemComment->isChecked(); if (!filename->isEnabled()) { QDialog::accept(); return; } if (fn.isEmpty()) { reject(); return; } if (mayWriteFile(fn)) { update_workingdir(fn); QDialog::accept(); } } const pki_export *ExportDialog::export_type(int idx) const { if (idx == -1) idx = exportFormat->currentIndex(); idx = exportFormat->itemData(idx).toInt(); return idx ? pki_export::by_id(idx) : NULL; } void ExportDialog::on_exportFormat_highlighted(int index) { const pki_export *x = export_type(index); if (!x) return; infoBox->setText(x->help); pemComment->setEnabled(x->flags & F_PEM); } xca-RELEASE.2.5.0/widgets/ExportDialog.h000066400000000000000000000015511450407711300175740ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2014 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __EXPORTDIALOG_H #define __EXPORTDIALOG_H #include "ui_ExportDialog.h" #include "lib/pki_export.h" #include class QPixmap; class pki_base; class ExportDialog: public QDialog, public Ui::ExportDialog { Q_OBJECT protected: QString filter; public: ExportDialog(QWidget *w, const QString &title, const QString &filt, const QModelIndexList &indexes, const QPixmap &img, QList types, const QString &help_ctx = QString()); ~ExportDialog(); static bool mayWriteFile(const QString &fname); const pki_export *export_type(int idx = -1) const; public slots: void on_fileBut_clicked(); void on_exportFormat_activated(int); void on_exportFormat_highlighted(int index); void accept(); }; #endif xca-RELEASE.2.5.0/widgets/FocusCombo.h000066400000000000000000000013421450407711300172300ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2014 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __FOCUSCOMBO_H #define __FOCUSCOMBO_H #include class focusCombo : public QComboBox { public: focusCombo(QWidget *parent) : QComboBox(parent) { } void hidePopup() { QComboBox::hidePopup(); emit highlighted(currentIndex()); } QVariant currentItemData() { return QComboBox::itemData(currentIndex()); } void addItemsData(const QStringList &textdata, const QString &selected) { int c = 0; Q_ASSERT(textdata.size() % 2 == 0); for (int i=0; i< textdata.size(); i+=2) { addItem(textdata[i], textdata[i+1]); if (textdata[i+1] == selected) c = i/2; } setCurrentIndex(c); } }; #endif xca-RELEASE.2.5.0/widgets/Help.cpp000066400000000000000000000042051450407711300164150ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2012 Christian Hohnstaedt. * * All rights reserved. */ #include "Help.h" #include "lib/func.h" #include #include #include #include #if (QT_VERSION >= QT_VERSION_CHECK(5, 15, 0)) #include #endif Help::Help() : QWidget(NULL), helpengine(nullptr) { setupUi(this); setWindowTitle(XCA_TITLE); textbox->setSearchPaths(QStringList(getDocDir())); textbox->setOpenExternalLinks(true); textbox->clearHistory(); if (!getDocDir().isEmpty()) helpengine = new QHelpEngineCore(getDocDir() + "/xca.qhc"); } Help::~Help() { delete helpengine; } void Help::display(const QUrl &url) { textbox->setSource(QUrl(url.fileName())); textbox->scrollToAnchor(url.fragment()); show(); raise(); } void Help::content() { display(QUrl("qthelp://org.sphinx.xca/doc/index.html")); } QList Help::url_by_ctx(const QString &ctx) const { if (!helpengine) return QList(); #if (QT_VERSION >= QT_VERSION_CHECK(5, 15, 0)) QList l; foreach(QHelpLink hl, helpengine->documentsForIdentifier(QString("%1.%1").arg(ctx))) { l << hl.url; } return l; #else return helpengine->linksForIdentifier(QString("%1.%1").arg(ctx)).values(); #endif } void Help::contexthelp(const QString &context) { QList helpctx = url_by_ctx(context); if (helpctx.count()) display(helpctx.at(0)); } void Help::contexthelp() { QObject *o = sender(); if (!o) return; QString ctx = o->property("help_ctx").toString(); if (ctx.isEmpty()) return; contexthelp(ctx); } void Help::register_ctxhelp_button(QDialog *dlg, const QString &help_ctx) const { QDialogButtonBox *buttonBox = dlg->findChild("buttonBox"); if (!buttonBox || help_ctx.isEmpty()) return; dlg->setWindowModality(Qt::WindowModal); buttonBox->addButton(QDialogButtonBox::Help); buttonBox->setProperty("help_ctx", QVariant(help_ctx)); connect(buttonBox, SIGNAL(helpRequested()), this, SLOT(contexthelp())); if (url_by_ctx(help_ctx).count() == 0) { qWarning() << "Unknown help context: " << help_ctx; buttonBox->button(QDialogButtonBox::Help)->setEnabled(false); } } xca-RELEASE.2.5.0/widgets/Help.h000066400000000000000000000011221450407711300160550ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2021 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __HELP_H #define __HELP_H #include "ui_Help.h" #include class QHelpEngineCore; class Help: public QWidget, public Ui::Help { Q_OBJECT QHelpEngineCore *helpengine; void display(const QUrl &url); public: Help(); ~Help(); void register_ctxhelp_button(QDialog *dlg, const QString &help_ctx) const; QList url_by_ctx(const QString &ctx) const; public slots: void contexthelp(); void contexthelp(const QString &context); void content(); }; #endif xca-RELEASE.2.5.0/widgets/ImportMulti.cpp000066400000000000000000000171311450407711300200140ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "ImportMulti.h" #include "XcaWarning.h" #include "MainWindow.h" #include "lib/pki_base.h" #include "lib/pki_pkcs7.h" #include "lib/pki_pkcs12.h" #include "lib/pki_crl.h" #include "lib/pki_multi.h" #include "lib/pki_scard.h" #include "lib/pki_evp.h" #include "lib/pki_temp.h" #include "CrlDetail.h" #include "CertDetail.h" #include "KeyDetail.h" #include #include #include #include #include #include #include ImportMulti::ImportMulti(QWidget *parent) : QDialog(parent ? parent : mainwin) { setupUi(this); setWindowTitle(XCA_TITLE); image->setPixmap(QPixmap(":certImg")); listView->setEditTriggers(QAbstractItemView::NoEditTriggers); mcont = new db_token(); listView->setModel(mcont); listView->setIconSize(QPixmap(":key").size()); listView->setSelectionMode(QAbstractItemView::ExtendedSelection); connect( listView, SIGNAL(doubleClicked(const QModelIndex &)), this, SLOT(on_butDetails_clicked())); deleteToken->hide(); renameToken->hide(); slotInfo->hide(); setAcceptDrops(true); setWindowModality(Qt::WindowModal); } void ImportMulti::tokenInfo(const slotid &s) { slot = s; mcont->setSlot(slot); deleteToken->show(); renameToken->show(); slotInfo->show(); listView->setEditTriggers(QAbstractItemView::EditKeyPressed); pkcs11 p11; QString info = p11.driverInfo(slot); tkInfo ti = p11.tokenInfo(slot); info += tr("\nName: %1\nModel: %2\nSerial: %3"). arg(ti.label()).arg(ti.model()).arg(ti.serial()); slotInfo->setText(info); image->setPixmap(QPixmap(":scardImg")); heading->setText(tr("Manage security token")); setAcceptDrops(false); } void ImportMulti::addItem(pki_base *pki) { if (!pki) return; if (pki->pkiSource == unknown) pki->pkiSource = imported; pki_multi *pm = dynamic_cast(pki); if (pm) { QList items = pm->pull(); foreach(pki_base *inner, items) addItem(inner); delete pm; return; } pki_x509 *cert = dynamic_cast(pki); pki_crl *crl = dynamic_cast(pki); pki_x509super *cert_or_req = dynamic_cast(pki); if (cert) cert->setSigner(cert->findIssuer()); if (cert_or_req) cert_or_req->lookupKey(); if (crl) crl->lookupIssuer(); if (!dynamic_cast(pki) && !dynamic_cast(pki)) { XCA_WARN(tr("The type of the item '%1' is not recognized"). arg(pki->getClassName())); delete pki; return; } mcont->inToCont(pki); mcont->rename_token_in_database(dynamic_cast(pki)); } bool ImportMulti::openDB() const { if (!Database.isOpen()) { if (mainwin->init_database(QString()) == 2) return false; if (!Database.isOpen()) mainwin->load_database(); } return Database.isOpen(); } void ImportMulti::dragEnterEvent(QDragEnterEvent *event) { if (event->mimeData()->hasUrls()) event->acceptProposedAction(); } void ImportMulti::dropEvent(QDropEvent *event) { QList urls = event->mimeData()->urls(); QUrl u; QStringList failed; pki_multi *pki = new pki_multi(); foreach(u, urls) pki->probeAnything(u.toLocalFile()); failed << pki->failed_files; importError(failed); addItem(pki); event->acceptProposedAction(); } void ImportMulti::on_butRemove_clicked() { QItemSelectionModel *selectionModel = listView->selectionModel(); QModelIndexList indexes = selectionModel->selectedIndexes(); QModelIndex index; QString items; foreach(index, indexes) { if (index.column() != 0) continue; mcont->remFromCont(index); pki_base *pki = db_base::fromIndex(index); delete pki; } if (mcont->rowCount(QModelIndex()) == 0) accept(); } void ImportMulti::on_butOk_clicked() { QModelIndexList indexes; for (int i = 0; i < mcont->rowCount(); i++) indexes << mcont->index(i, 0, QModelIndex()); importIndexes(indexes); accept(); } void ImportMulti::on_butImport_clicked() { QItemSelectionModel *selectionModel = listView->selectionModel(); importIndexes(selectionModel->selectedIndexes()); } void ImportMulti::importIndexes(const QModelIndexList &indexes) { if (!openDB()) return; Transaction; if (!TransBegin()) return; foreach(QModelIndex index, indexes) { import(index); } TransCommit(); if (mcont->rowCount(QModelIndex()) == 0) accept(); } void ImportMulti::on_deleteToken_clicked() { QItemSelectionModel *selectionModel = listView->selectionModel(); QModelIndexList indexes = selectionModel->selectedIndexes(); QModelIndex index; QString items; foreach(index, indexes) { if (index.column() != 0) continue; pki_base *pki = db_base::fromIndex(index); try { pki->deleteFromToken(slot); mcont->remFromCont(index); delete pki; } catch (errorEx &err) { XCA_ERROR(err); } } } void ImportMulti::on_renameToken_clicked() { QItemSelectionModel *selectionModel = listView->selectionModel(); QModelIndexList indexes = selectionModel->selectedIndexes(); QModelIndex index; QString items; foreach(index, indexes) { if (index.column() != 0) continue; listView->edit(index); break; } } pki_base *ImportMulti::import(const QModelIndex &idx) { pki_base *pki = mcont->fromIndex(idx); if (idx.column() != 0) return NULL; for (int i = 0; i < mcont->rowCount(idx); i++) import(mcont->index(i, 0, idx)); if (!pki) return NULL; mcont->remFromCont(idx); if (!Database.isOpen()) { delete pki; return NULL; } return Database.insert(pki); } void ImportMulti::on_butDetails_clicked() { QItemSelectionModel *selectionModel = listView->selectionModel(); QModelIndex index; if (!selectionModel->selectedIndexes().count()) return; index = selectionModel->selectedIndexes().first(); pki_base *pki = db_base::fromIndex(index); if (!pki) return; try { pki_x509super *pki_super = dynamic_cast(pki); if (pki_super) { CertDetail::showCert(this, pki_super); return; } pki_key *key = dynamic_cast(pki); if (key) { KeyDetail::showKey(this, key); return; } pki_crl *crl = dynamic_cast(pki); if (crl) { CrlDetail::showCrl(this, crl); return; } pki_temp *temp = dynamic_cast(pki); if (temp) { XCA_WARN(tr("Details of the item '%1' cannot be shown") .arg("XCA template")); return; } XCA_WARN(tr("The type of the item '%1' is not recognized"). arg(pki->getClassName())); } catch (errorEx &err) { XCA_ERROR(err); } } ImportMulti::~ImportMulti() { QModelIndex idx = listView->currentIndex(); while (idx != QModelIndex()) { mcont->remFromCont(idx); delete db_base::fromIndex(idx); idx = listView->currentIndex(); } listView->setModel(NULL); delete mcont; } int ImportMulti::entries() { return mcont->allItemsCount(); } void ImportMulti::importError(QStringList failed) { if (failed.count() == 1) { XCA_INFO(tr("The file '%1' did not contain PKI data"). arg(failed[0])); } else if (failed.count() > 1) { XCA_INFO(tr("The %1 files: '%2' did not contain PKI data"). arg(failed.count()). arg(failed.join("', '"))); } } void ImportMulti::execute(int force, QStringList failed) { importError(failed); /* if there is nothing to import don't pop up */ if (entries() == 0) { accept(); return; } /* if there is only 1 item and force is 0 import it silently */ if (entries() == 1 && force == 0 && openDB()) { QModelIndex idx = mcont->index(0, 0, QModelIndex()); pki_base *pki = import(idx); if (pki && !Settings["suppress_messages"]) XCA_INFO(pki->getMsg(pki_base::msg_import). arg(pki->getIntName())); accept(); return; } /* the behaviour for more than one item */ exec(); } xca-RELEASE.2.5.0/widgets/ImportMulti.h000066400000000000000000000021101450407711300174500ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __IMPORTMULTI_H #define __IMPORTMULTI_H #include "ui_ImportMulti.h" #include "lib/db_token.h" #include "lib/db_base.h" #include class pki_x509; class pki_key; class ImportMulti: public QDialog, private Ui::ImportMulti { Q_OBJECT private: slotid slot; db_token *mcont; void importError(QStringList failed); public: ImportMulti(QWidget *parent); ~ImportMulti(); void addItem(pki_base *pki); pki_base *getSelected(); pki_base *import(const QModelIndex &idx); void importIndexes(const QModelIndexList &indexes); void execute(int force=0, QStringList failed = QStringList()); int entries(); void tokenInfo(const slotid &s); void dragEnterEvent(QDragEnterEvent *event); void dropEvent(QDropEvent *event); bool openDB() const; public slots: void on_butRemove_clicked(); void on_butImport_clicked(); void on_butDetails_clicked(); void on_butOk_clicked(); void on_deleteToken_clicked(); void on_renameToken_clicked(); }; #endif xca-RELEASE.2.5.0/widgets/ItemCombo.h000066400000000000000000000021051450407711300170450ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2015 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __ITEMCOMBO_H #define __ITEMCOMBO_H #include #include #include "lib/pki_base.h" #include "lib/pki_x509.h" #include "lib/pki_x509req.h" #include "lib/pki_temp.h" template class itemCombo : public QComboBox { public: itemCombo(QWidget *parent) : QComboBox(parent) { } void insertPkiItems(QList items) { clear(); foreach(T *p, items) { addItem(p->comboText(), QVariant::fromValue(p)); } } T *currentPkiItem() { return itemData(currentIndex()).template value(); } void setNullItem(QString text) { if (itemData(0).template value() == NULL) removeItem(0); insertItem(0, text, QVariant()); } int setCurrentPkiItem(T *p) { int idx = findData(QVariant::fromValue(p)); setCurrentIndex(idx); return idx; } }; typedef class itemCombo itemComboTemp; typedef class itemCombo itemComboReq; typedef class itemCombo itemComboCert; typedef class itemCombo itemComboKey; #endif xca-RELEASE.2.5.0/widgets/KeyDetail.cpp000066400000000000000000000105251450407711300174020ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #include "lib/main.h" #include "lib/pki_evp.h" #include "lib/pki_scard.h" #include "KeyDetail.h" #include "MainWindow.h" #include "Help.h" #include "distname.h" #include "clicklabel.h" #include "XcaApplication.h" #include "OidResolver.h" #include #include #include KeyDetail::KeyDetail(QWidget *w) : QDialog(w ? w : mainwin) , keySqlId() { setupUi(this); setWindowTitle(XCA_TITLE); image->setPixmap(QPixmap(":keyImg")); mainwin->helpdlg->register_ctxhelp_button(this, "keydetail"); keyModulus->setFont(XcaApplication::tableFont); tabWidget->setCurrentIndex(0); Database.connectToDbChangeEvt(this, SLOT(itemChanged(pki_base*))); } #ifndef OPENSSL_NO_EC static QString CurveComment(int nid) { foreach(builtin_curve curve, builtinCurves) { if (curve.nid == nid) return curve.comment; } return QString(); } #endif void KeyDetail::setupFingerprints(pki_key *key) { int pos = 0; QWidget *widget = new QWidget(fingerprint); QVBoxLayout *v = new QVBoxLayout(fingerprint); QGridLayout *grid = new QGridLayout(widget); v->addStretch(); v->addWidget(widget); v->addStretch(); QStringList sl; sl << "ssh MD5" << "ssh SHA256 B64" << "x509 SHA1" << "DER SHA256"; foreach(QString type, sl) { qDebug() << type << key->fingerprint(type); QLabel *left = new QLabel(widget); CopyLabel *right = new CopyLabel(widget); left->setTextFormat(Qt::PlainText); left->setText(type); right->setText(key->fingerprint(type)); grid->addWidget(left, pos, 0); grid->addWidget(right, pos, 1); pos++; } } void KeyDetail::setKey(pki_key *key) { keySqlId = key->getSqlItemId(); keyDesc->setText(key->getIntName()); keyLength->setText(key->length()); keyPrivEx->disableToolTip(); if (!key->isToken()) tabWidget->removeTab(1); tlHeader->setText(tr("Details of the %1 key").arg(key->getTypeString())); comment->setPlainText(key->getComment()); setupFingerprints(key); if (key->isPubKey()) { keyPrivEx->setText(tr("Not available")); keyPrivEx->setRed(); } else if (key->isToken()) { image->setPixmap(QPixmap(":scardImg")); pki_scard *card = static_cast(key); cardLabel->setText(card->getCardLabel()); cardModel->setText(card->getModel()); cardManufacturer->setText(card->getManufacturer()); cardSerial->setText(card->getSerial()); slotLabel->setText(card->getLabel()); cardId->setText(card->getId()); keyPrivEx->setText(tr("Security token")); } else { keyPrivEx->setText(tr("Available")); keyPrivEx->setGreen(); } switch (key->getKeyType()) { case EVP_PKEY_RSA: keyPubEx->setText(key->pubEx()); keyModulus->setText(key->modulus()); break; case EVP_PKEY_DSA: tlPubEx->setText(tr("Sub prime")); tlModulus->setTitle(tr("Public key")); tlPrivEx->setText(tr("Private key")); keyPubEx->setText(key->subprime()); keyModulus->setText(key->pubkey()); break; #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: int nid; nid = key->ecParamNid(); tlModulus->setTitle(tr("Public key")); tlPrivEx->setText(tr("Private key")); tlPubEx->setText(tr("Curve name")); keyPubEx->setText(OBJ_nid2sn(nid)); connect(keyPubEx, SIGNAL(doubleClicked(QString)), MainWindow::getResolver(), SLOT(searchOid(QString))); keyPubEx->setToolTip(CurveComment(nid)); keyModulus->setText(key->ecPubKey()); break; #ifdef EVP_PKEY_ED25519 case EVP_PKEY_ED25519: tlModulus->setTitle(tr("Public key")); tlPrivEx->setText(tr("Private key")); tlPubEx->setText(tr("Curve name")); keyPubEx->setText("ed25519"); keyModulus->setText(key->ed25519PubKey().toHex()); break; #endif #endif default: tlHeader->setText(tr("Unknown key")); } } void KeyDetail::itemChanged(pki_base *pki) { if (pki->getSqlItemId() == keySqlId) keyDesc->setText(pki->getIntName()); } void KeyDetail::showKey(QWidget *parent, pki_key *key, bool ro) { if (!key) return; KeyDetail *dlg = new KeyDetail(parent); if (!dlg) return; dlg->setKey(key); dlg->keyDesc->setReadOnly(ro); dlg->comment->setReadOnly(ro); if (dlg->exec()) { db_base *db = Database.modelForPki(key); if (!db) { key->setIntName(dlg->keyDesc->text()); key->setComment(dlg->comment->toPlainText()); } else { db->updateItem(key, dlg->keyDesc->text(), dlg->comment->toPlainText()); } } delete dlg; } xca-RELEASE.2.5.0/widgets/KeyDetail.h000066400000000000000000000010431450407711300170420ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2009 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __KEYDETAIL_H #define __KEYDETAIL_H #include "ui_KeyDetail.h" class pki_key; class pki_base; class KeyDetail: public QDialog, public Ui::KeyDetail { Q_OBJECT QVariant keySqlId; public: KeyDetail(QWidget *w = nullptr); void setKey(pki_key *key); void setupFingerprints(pki_key *key); static void showKey(QWidget *parent, pki_key *keyi, bool ro = false); public slots: void itemChanged(pki_base *pki); }; #endif xca-RELEASE.2.5.0/widgets/KeyTreeView.cpp000066400000000000000000000117761450407711300177430ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "lib/pki_scard.h" #include "lib/load_obj.h" #include "KeyTreeView.h" #include "MainWindow.h" #include "KeyDetail.h" #include "NewKey.h" #include "ExportDialog.h" #include "XcaWarning.h" #include #include #include void KeyTreeView::fillContextMenu(QMenu *menu, QMenu *subExport, const QModelIndex &index, QModelIndexList indexes) { QMenu *clipboard; QAction *a; bool multi = indexes.size() > 1; QActionGroup *group = new QActionGroup(menu); pki_key *key = db_base::fromIndex(index); int exp_type = Settings["KeyFormat"]; const pki_export *x; clipboard = menu->addMenu(tr("Clipboard format")); foreach(x, pki_export::select(asym_key, 0)) { if (!(x->flags & F_CLIPBOARD)) continue; a = clipboard->addAction(x->desc); a->setData(x->id); a->setCheckable(true); a->setChecked(exp_type == x->id); group->addAction(a); } connect(group, SIGNAL(triggered(QAction*)), this, SLOT(clipboardFormat(QAction*))); if (indexes.size() == 0 || !key) return; if (!multi && key && key->isPrivKey() && !key->isToken()) { switch (key->getOwnPass()) { case pki_key::ptCommon: menu->addAction(tr("Change password"), this, SLOT(setOwnPass())); break; case pki_key::ptPrivate: menu->addAction(tr("Reset password"), this, SLOT(resetOwnPass())); break; default: break; } } if (!pkcs11::libraries.loaded() || multi) return; if (key->isToken()) { menu->addAction(tr("Change PIN"), this, SLOT(changePin())); menu->addAction(tr("Init PIN with SO PIN (PUK)"), this, SLOT(initPin())); menu->addAction(tr("Change SO PIN (PUK)"), this, SLOT(changeSoPin())); } else if (subExport) { subExport->addAction(tr("Security token"), this, SLOT(toToken())); } } void KeyTreeView::setOwnPass() { if (!basemodel) return; try { keys()->setOwnPass(currentIndex(), pki_key::ptPrivate); } catch (errorEx &err) { XCA_ERROR(err); } } void KeyTreeView::resetOwnPass() { if (!basemodel) return; try { keys()->setOwnPass(currentIndex(), pki_key::ptCommon); } catch (errorEx &err) { XCA_ERROR(err); } } void KeyTreeView::changePin() { pki_scard *scard; QModelIndex currentIdx = currentIndex(); if (!currentIdx.isValid()) return; scard = db_base::fromIndex(currentIdx); try { if (!scard->isToken()) { throw errorEx(tr("This is not a token")); } scard->changePin(); } catch (errorEx &err) { XCA_ERROR(err); } } void KeyTreeView::initPin() { pki_scard *scard; QModelIndex currentIdx = currentIndex(); if (!currentIdx.isValid()) return; scard = db_base::fromIndex(currentIdx); try { if (!scard->isToken()) { throw errorEx(tr("This is not a token")); } scard->initPin(); } catch (errorEx &err) { XCA_ERROR(err); } } void KeyTreeView::changeSoPin() { pki_scard *scard; QModelIndex currentIdx = currentIndex(); if (!currentIdx.isValid()) return; scard = db_base::fromIndex(currentIdx); try { if (!scard->isToken()) { throw errorEx(tr("This is not a token")); } scard->changeSoPin(); } catch (errorEx &err) { XCA_ERROR(err); } } void KeyTreeView::toToken() { QModelIndex currentIdx = currentIndex(); if (!currentIdx.isValid() || !basemodel) return; pki_key *key = db_base::fromIndex(currentIdx); if (!key || !pkcs11::libraries.loaded() || key->isToken()) return; pki_scard *card = NULL; try { pkcs11 p11; slotid slot; if (!p11.selectToken(&slot, mainwin)) return; card = new pki_scard(key->getIntName()); card->store_token(slot, key->decryptKey()); card->pkiSource = key->pkiSource; QString msg = tr("Shall the original key '%1' be replaced by the key on the token?\nThis will delete the key '%1' and make it unexportable"). arg(key->getIntName()); if (XCA_YESNO(msg)) { keys()->deletePKI(currentIdx); keys()->insertPKI(card); card = NULL; } } catch (errorEx &err) { XCA_ERROR(err); } delete card; } void KeyTreeView::showPki(pki_base *pki) { pki_key *key = dynamic_cast(pki); KeyDetail::showKey(this, key); } void KeyTreeView::newItem() { newItem(""); } void KeyTreeView::newItem(const QString &name) { if (!basemodel) return; NewKey *dlg = new NewKey(this, name); if (dlg->exec()) keys()->newKey(dlg->getKeyJob(), dlg->keyDesc->text()); delete dlg; } void KeyTreeView::clipboardFormat(QAction *a) { Settings["KeyFormat"] = a->data().toInt(); } void KeyTreeView::load(void) { load_key l; load_default(&l); } ExportDialog *KeyTreeView::exportDialog(const QModelIndexList &indexes) { if (indexes.size() == 0) return NULL; pki_key *key = db_base::fromIndex(indexes[0]); return new ExportDialog(this, tr("Export public key [%1]").arg(key->getTypeString()), tr("Private Keys ( *.pem *.der *.pk8 );; " "SSH Public Keys ( *.pub )"), indexes, QPixmap(key->isToken() ? ":scardImg" : ":keyImg"), pki_export::select(asym_key, basemodel->exportFlags(indexes)), "keyexport"); } xca-RELEASE.2.5.0/widgets/KeyTreeView.h000066400000000000000000000015301450407711300173730ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2006 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __KEYTREEVIEW_H #define __KEYTREEVIEW_H #include "XcaTreeView.h" #include "lib/db_key.h" class QAction; class KeyTreeView: public XcaTreeView { Q_OBJECT db_key *keys() const { return dynamic_cast(basemodel); } public: KeyTreeView(QWidget *parent) : XcaTreeView(parent) { } void fillContextMenu(QMenu *menu, QMenu *subExport, const QModelIndex &index, QModelIndexList indexes); void showPki(pki_base *pki); ExportDialog *exportDialog(const QModelIndexList &indexes); public slots: void resetOwnPass(); void setOwnPass(); void changePin(); void initPin(); void changeSoPin(); void toToken(); void newItem(); void load(); void newItem(const QString &name); void clipboardFormat(QAction*); }; #endif xca-RELEASE.2.5.0/widgets/MW_help.cpp000066400000000000000000000105731450407711300170650ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "MainWindow.h" #include #include #include #include #ifndef OPENSSL_NO_EC #include #endif #include "XcaDialog.h" #include "ui_Help.h" #include "lib/func.h" #include "lib/entropy.h" const QList MainWindow::getTranslators() const { return QList { QStringList{ "", tr("System") }, QStringList{ "zh_CN", tr("Chinese"), "Xczh", "xczh.me", "foxmail.com" }, QStringList{ "hr", tr("Croatian"), "Nevenko Bartolincic", "nevenko.bartolincic", "gmail.com" }, QStringList{ "nl", tr("Dutch"), "Guido Pennings" }, QStringList{ "en", tr("English") }, QStringList{ "fr", tr("French"), "Patrick Monnerat", "patrick", "monnerat.net" }, QStringList{ "de", tr("German"), "Christian Hohnstädt", "christian", "hohnstaedt.de" }, QStringList{ "it", tr("Italian"), "Paolo Basenghi", "paul69", "libero.it" }, QStringList{ "ja", tr("Japanese"), "ぶらすず", "burasuzu", "gmail.com" }, QStringList{ "pl", tr("Polish"), "Jacek Tyborowski", "jacek", "tyborowski.pl" }, QStringList{ "pt_BR", tr("Portuguese in Brazil"), "Ulisses Guedes", "uli1958", "hotmail.com" }, QStringList{ "ru", tr("Russian") }, QStringList{ "sk", tr("Slovak"), "Slavko", "linux", "slavino.sk" }, QStringList{ "es", tr("Spanish"), "Miguel Romera", "mrmsoftdonation", "gmail.com" }, QStringList{ "id", tr("Indonesian"), "Andika Triwidada", "andika", "gmail.com" }, QStringList{ "tr", tr("Turkish") }, QStringList{ "fa", tr("Persian"), "Erfan Esmayili Barzi", "erfankam", "gmail.com" }, QStringList{ "bg", tr("Bulgarian"), "Svetoslav Slavkov", "contact", "sslavkov.eu" }, }; }; void MainWindow::about() { QTextEdit *textbox = new QTextEdit(NULL); XcaDialog *about = new XcaDialog(this, x509, textbox, QString(), QString()); about->aboutDialog(QPixmap(":scardImg")); QString openssl, qt, cont, version, brainpool; #ifdef OPENSSL_NO_EC brainpool = "(Elliptic Curve Cryptography support disabled)"; #endif openssl = SSLeay_version(SSLEAY_VERSION); qt = qVersion(); if (openssl != OPENSSL_VERSION_TEXT || qt != QT_VERSION_STR) { version = QString("" "" "" "" "" "" "" "" "
Compile time:" OPENSSL_VERSION_TEXT "QT version: " QT_VERSION_STR "
Run time:%1QT version: %2
").arg(openssl).arg(qt); } else { version = QString("%1
QT version: %2").arg(openssl).arg(qt); } QStringList rows; foreach(QStringList sl, getTranslators()) { QString email; QStringList tag { "", "" }; if (sl.size() < 3) continue; if (sl.size() > 4) email = QString("<%1@%2>").arg(sl[3]).arg(sl[4]); QString lang(QLocale::languageToString(QLocale(sl[0]).language())); QStringList row { QString("%1").arg(lang), sl[2].toHtmlEscaped(), email.toHtmlEscaped(), }; rows << tag[0] + row.join(tag[0] + tag[1]) + tag[1]; } Entropy::seed_rng(); cont = QString( "

XCA%7

" "

Copyright 2001 - 2023 by Christian Hohnstädt\n" "

Version: %3

%1" /* commithash, OpenSSL & Qt Version */ "

https://hohnstaedt.de/xca" "

Entropy strength: %2" "

" "" "" "" "
Installation path:%4
User settings path:%5
Working directory:%6

" "

" "" "" "" "" "
Christian Hohnstädt<christian@hohnstaedt.de>
Programming, Translation and Testing
Kerstin Steinhauff<tine@kerstine.de>
Arts and Graphics
Maintained Translations
" "

%8
") .arg(version) .arg(Entropy::strength()) .arg(version_str(true)) .arg(nativeSeparator(QStandardPaths::writableLocation( QStandardPaths::AppDataLocation))) .arg(nativeSeparator(getUserSettingsDir())) .arg(nativeSeparator(QString(Settings["workingdir"]))) .arg(portable_app() ? " (Portable)" : "") .arg(rows.join("")); textbox->setHtml(cont); textbox->setReadOnly(true); about->exec(); delete about; } xca-RELEASE.2.5.0/widgets/MW_menu.cpp000066400000000000000000000156641450407711300171070ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "MainWindow.h" #include "XcaApplication.h" #include "PwDialog.h" #include "Options.h" #include "lib/load_obj.h" #include "lib/pass_info.h" #include "lib/pkcs11.h" #include "lib/pki_evp.h" #include "lib/pki_scard.h" #include "lib/func.h" #include "lib/db_x509super.h" #include "lib/database_model.h" #include "ui_Options.h" #include "hashBox.h" #include "OidResolver.h" #include "OpenDb.h" #include "Help.h" #include #include #include #include #include #include QAction *MainWindow::languageMenuEntry(const QStringList &sl) { QString lang, tooltip; QLocale locale; if (sl[0].isEmpty()) { locale = QLocale::system(); lang = MainWindow::tr("System"); } else { locale = QLocale(sl[0]); lang = QString("%1 (%2)").arg(sl[1]) .arg(QLocale::languageToString(locale.language())); } tooltip = locale.nativeLanguageName(); if (sl.length() > 2) tooltip += " - " + sl[2]; QAction *a = new QAction(lang, this); a->setToolTip(tooltip); a->setData(QVariant(locale)); a->setDisabled(!XcaApplication::languageAvailable(locale)); a->setCheckable(true); if (locale == QLocale()) a->setChecked(true); return a; } void MainWindow::init_menu() { static QMenu *file = NULL, *help = NULL, *import = NULL, *token = NULL, *languageMenu = NULL, *extra = NULL; static QActionGroup * langGroup = NULL; QAction *a; delete file; delete help; delete import; delete token; delete extra; delete languageMenu; delete historyMenu; delete langGroup; wdMenuList.clear(); scardList.clear(); acList.clear(); setMenuBar(new QMenuBar(nullptr)); langGroup = new QActionGroup(this); historyMenu = new tipMenu(tr("Recent DataBases") + " ...", this); update_history_menu(); connect(historyMenu, SIGNAL(triggered(QAction*)), this, SLOT(open_database(QAction*))); languageMenu = new tipMenu(tr("Language"), this); connect(languageMenu, SIGNAL(triggered(QAction*)), qApp, SLOT(switchLanguage(QAction*))); foreach(const QStringList &sl, getTranslators()) { QAction *a = languageMenuEntry(sl); langGroup->addAction(a); languageMenu->addAction(a); } file = menuBar()->addMenu(tr("&File")); a = file->addAction(tr("New DataBase"), this, SLOT(new_database())); a->setShortcut(QKeySequence::New); a->setEnabled(OpenDb::hasSqLite()); a = file->addAction(tr("Open DataBase"), this, SLOT(load_database())); a->setShortcut(QKeySequence::Open); a->setEnabled(OpenDb::hasSqLite()); file->addAction(tr("Open Remote DataBase"), this, SLOT(openRemoteSqlDB()))-> setEnabled(OpenDb::hasRemoteDrivers()); file->addMenu(historyMenu); file->addAction(tr("Set as default DataBase"), this, SLOT(default_database())); a = file->addAction(tr("Close DataBase"), this, SLOT(close_database())); a->setShortcut(QKeySequence::Close); acList += a; a = new QAction(tr("Options"), this); connect(a, SIGNAL(triggered()), this, SLOT(setOptions())); a->setMenuRole(QAction::PreferencesRole); file->addAction(a); acList += a; file->addMenu(languageMenu); file->addSeparator(); a = new QAction(tr("Exit"), this); connect(a, SIGNAL(triggered()), qApp, SLOT(quit()), Qt::QueuedConnection); a->setMenuRole(QAction::QuitRole); a->setShortcut(QKeySequence::Quit); file->addAction(a); import = menuBar()->addMenu(tr("I&mport")); import->addAction(tr("Keys"), keyView, SLOT(load()) ); import->addAction(tr("Requests"), reqView, SLOT(load()) ); import->addAction(tr("Certificates"), certView, SLOT(load()) ); import->addAction(tr("PKCS#12"), certView, SLOT(loadPKCS12()) ); import->addAction(tr("PKCS#7"), certView, SLOT(loadPKCS7()) ); import->addAction(tr("Template"), tempView, SLOT(load()) ); import->addAction(tr("Revocation list"), crlView, SLOT(load())); import->addAction(tr("PEM file"), this, SLOT(loadPem()) ); import->addAction(tr("Paste PEM file"), this, SLOT(pastePem()))-> setShortcut(QKeySequence::Paste); token = menuBar()->addMenu(tr("Token")); token->addAction(tr("&Manage Security token"), this, SLOT(manageToken())); token->addAction(tr("&Init Security token"), this, SLOT(initToken())); token->addAction(tr("&Change PIN"), this, SLOT(changePin()) ); token->addAction(tr("Change &SO PIN"), this, SLOT(changeSoPin()) ); token->addAction(tr("Init PIN"), this, SLOT(initPin()) ); extra = menuBar()->addMenu(tr("Extra")); acList += extra->addAction(tr("&Dump DataBase"), this, SLOT(dump_database())); acList += extra->addAction(tr("&Export Certificate Index"), this, SLOT(exportIndex())); acList += extra->addAction(tr("Export Certificate &Index hierarchy"), this, SLOT(exportIndexHierarchy())); acList += extra->addAction(tr("C&hange DataBase password"), this, SLOT(changeDbPass())); #if 0 acList += extra->addAction(tr("&Undelete items"), this, SLOT(undelete())); #endif extra->addAction(tr("Generate DH parameter"), this, SLOT(generateDHparam())); extra->addAction(tr("OID Resolver"), resolver, SLOT(show())); help = menuBar()->addMenu(tr("&Help") ); help->addAction(tr("Content"), helpdlg, SLOT(content()))-> setShortcut(QKeySequence::HelpContents); a = new QAction(tr("About"), this); connect(a, SIGNAL(triggered()), this, SLOT(about())); a->setMenuRole(QAction::AboutRole); a->setShortcut(QKeySequence::WhatsThis); help->addAction(a); wdMenuList += import; scardList += token; setItemEnabled(Database.isOpen()); } void MainWindow::update_history_menu() { QStringList hist = history.get(); if (!historyMenu) return; historyMenu->clear(); for (int i = 0, j = 0; i < hist.size(); i++) { QAction *a; QString txt = hist[i]; if (!QFile::exists(txt) && !database_model::isRemoteDB(txt)) continue; if (txt.size() > 33) txt = QString("...") + txt.mid(txt.size() - 30); a = historyMenu->addAction(QString("%1 %2").arg(j++).arg(txt)); a->setData(QVariant(hist[i])); a->setToolTip(hist[i]); } } void MainWindow::open_database(QAction* a) { init_database(a->data().toString()); } void MainWindow::new_database() { load_db l; QString selectedFilter; QString fname = QFileDialog::getSaveFileName(this, l.caption, homedir, l.filter, &selectedFilter, QFileDialog::DontConfirmOverwrite); // make sure that, if the 3 letter extension was left selected // in Qt's OS X file open dialog, // the filename actually ends with that extension. // Otherwise usability breaks in jarring ways. init_database(getFullFilename(fname, selectedFilter)); } void MainWindow::load_database() { load_db l; QString fname = QFileDialog::getOpenFileName(this, l.caption, homedir, l.filter); init_database(fname); } void MainWindow::setOptions() { if (!QSqlDatabase::database().isOpen()) return; Options *opt = new Options(this); if (opt->exec()) { reqView->showHideSections(); certView->showHideSections(); } delete opt; pkcs11::libraries.load(Settings["pkcs11path"]); enableTokenMenu(pkcs11::libraries.loaded()); } xca-RELEASE.2.5.0/widgets/MainWindow.cpp000066400000000000000000000415551450407711300176120ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #include "MainWindow.h" #include "XcaApplication.h" #include "ImportMulti.h" #include "hashBox.h" #include #include #include #include #include #include #include #include #include #include #include #include #include #include "lib/entropy.h" #include "lib/Passwd.h" #include "lib/database_model.h" #include "lib/exception.h" #include "lib/pki_evp.h" #include "lib/pki_multi.h" #include "lib/pki_scard.h" #include "lib/dhgen.h" #include "lib/load_obj.h" #include "XcaDialog.h" #include "XcaWarning.h" #include "XcaProgressGui.h" #include "PwDialog.h" #include "OpenDb.h" #include "Help.h" #include "OidResolver.h" OidResolver *MainWindow::resolver = NULL; void MainWindow::enableTokenMenu(bool enable) { foreach(QWidget *w, scardList) { w->setEnabled(enable); } } void MainWindow::initResolver() { bool shown = false; QString search; if (resolver) { shown = resolver->isVisible(); search = resolver->input->text(); delete resolver; } resolver = new OidResolver(NULL); resolver->setWindowTitle(XCA_TITLE); if (shown) resolver->searchOid(search); } MainWindow::MainWindow() : QMainWindow() { dbindex = new QLabel(); dbindex->setFrameStyle(QFrame::Plain | QFrame::NoFrame); dbindex->setMargin(6); dn_translations_setup(); statusBar()->addWidget(dbindex, 1); setupUi(this); setWindowTitle(XCA_TITLE); OpenDb::checkSqLite(); initResolver(); wdList << keyButtons << reqButtons << certButtons << tempButtons << crlButtons; OpenDb::initDatabases(); historyMenu = NULL; helpdlg = new Help(); init_menu(); setItemEnabled(false); init_images(); homedir = getHomeDir(); ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); EVP_add_digest_alias(SN_sha1,SN_ecdsa_with_SHA1); EVP_add_digest_alias(SN_sha224,SN_ecdsa_with_SHA224); EVP_add_digest_alias(SN_sha256,SN_ecdsa_with_SHA256); EVP_add_digest_alias(SN_sha256,SN_dsa_with_SHA256); EVP_add_digest_alias(SN_sha384,SN_ecdsa_with_SHA384); EVP_add_digest_alias(SN_sha512,SN_ecdsa_with_SHA512); setAcceptDrops(true); searchEdit = new QLineEdit(); searchEdit->setPlaceholderText(tr("Search")); keyView->setIconSize(QPixmap(":keyIco").size()); reqView->setIconSize(QPixmap(":reqIco").size()); certView->setIconSize(QPixmap(":validcertIco").size()); tempView->setIconSize(QPixmap(":templateIco").size()); crlView->setIconSize(QPixmap(":crlIco").size()); views << keyView << reqView << certView << crlView << tempView; pki_base::setupColors(palette()); foreach(XcaTreeView *v, views) v->setMainwin(this, searchEdit); XcaProgress::setGui(new XcaProgressGui(this)); xcaWarning::setGui(new xcaWarningGui()); PwDialogCore::setGui(new PwDialogUI()); dhgen = nullptr; dhgenProgress = nullptr; } void MainWindow::dropEvent(QDropEvent *event) { if (event->mimeData()->hasUrls()) { QList urls = event->mimeData()->urls(); QUrl u; QStringList files; foreach(u, urls) { QString s = u.toLocalFile(); files << s; } openURLs(files); event->acceptProposedAction(); } else if (event->mimeData()->hasText()) { event->acceptProposedAction(); pastePem(event->mimeData()->text()); } } void MainWindow::openURLs(QStringList &files) { urlsToOpen = files; QTimer::singleShot(100, this, SLOT(openURLs())); } void MainWindow::openURLs() { foreach(QString file, urlsToOpen) { if (file.endsWith(".xdb") || !database_model::splitRemoteDbName(file).isEmpty()) { init_database(file); if (Database.isOpen()) { urlsToOpen.removeAll(file); break; } } } importAnything(urlsToOpen); urlsToOpen.clear(); } void MainWindow::dragEnterEvent(QDragEnterEvent *event) { if (event->mimeData()->hasFormat(X_XCA_DRAG_DATA)) return; if (event->mimeData()->hasUrls() || event->mimeData()->hasText()) event->acceptProposedAction(); } void MainWindow::setItemEnabled(bool enable) { foreach(QWidget *w, wdList) { w->setEnabled(enable); } foreach(QWidget *w, wdMenuList) { w->setEnabled(enable); } foreach(QAction *a, acList) { a->setEnabled(enable); } enableTokenMenu(pkcs11::libraries.loaded()); } void MainWindow::init_images() { bigKey->setPixmap(QPixmap(":keyImg")); bigCsr->setPixmap(QPixmap(":csrImg")); bigCert->setPixmap(QPixmap(":certImg")); bigTemp->setPixmap(QPixmap(":tempImg")); bigRev->setPixmap(QPixmap(":revImg")); setWindowIcon(QPixmap(":appIco")); } void MainWindow::loadPem() { load_pem l; keyView->load_default(&l); } bool MainWindow::pastePem(QString text, bool silent) { bool success = false; QByteArray pemdata = text.toLatin1(); if (pemdata.size() == 0) return false; pki_multi *pem = NULL; try { pem = new pki_multi(); pem->fromPEMbyteArray(pemdata, QString()); success = pem->failed_files.count() == 0; importMulti(pem, 1); } catch (errorEx &err) { delete pem; if (!silent) XCA_ERROR(err); } return success; } void MainWindow::pastePem() { QClipboard *cb = QApplication::clipboard(); QString text; text = cb->text(QClipboard::Selection); if (text.isEmpty()) text = cb->text(QClipboard::Clipboard); if (!text.isEmpty()) if (pastePem(text, true)) return; QTextEdit *textbox = new QTextEdit(); textbox->setPlainText(text); XcaDialog *input = new XcaDialog(this, x509, textbox, tr("Import PEM data"), QString()); input->noSpacer(); if (input->exec()) { text = textbox->toPlainText(); if (!text.isEmpty()) pastePem(text); } delete input; } void MainWindow::initToken() { bool ok; if (!pkcs11::libraries.loaded()) return; try { pkcs11 p11; slotid slot; Passwd pin; int ret; if (!p11.selectToken(&slot, this)) return; tkInfo ti = p11.tokenInfo(slot); QString slotname = QString("%1 (#%2)"). arg(ti.label()).arg(ti.serial()); pass_info p(XCA_TITLE, tr("Please enter the original SO PIN (PUK) of the token '%1'"). arg(slotname) + "\n" + ti.pinInfo()); p.setPin(); if (ti.tokenInitialized()) { ret = PwDialogCore::execute(&p, &pin, false); } else { p.setDescription(tr("Please enter the new SO PIN (PUK) for the token '%1'"). arg(slotname) + "\n" + ti.pinInfo()); ret = PwDialogCore::execute(&p, &pin, true); } if (ret != 1) return; QString label = QInputDialog::getText(this, XCA_TITLE, tr("The new label of the token '%1'"). arg(slotname), QLineEdit::Normal, QString(), &ok); if (!ok) return; p11.initToken(slot, pin.constUchar(), pin.size(), label); } catch (errorEx &err) { XCA_ERROR(err); } } void MainWindow::changePin(bool so) { if (!pkcs11::libraries.loaded()) return; try { pkcs11 p11; slotid slot; if (!p11.selectToken(&slot, this)) return; p11.changePin(slot, so); } catch (errorEx &err) { XCA_ERROR(err); } } void MainWindow::changeSoPin() { changePin(true); } void MainWindow::initPin() { if (!pkcs11::libraries.loaded()) return; try { pkcs11 p11; slotid slot; if (!p11.selectToken(&slot, this)) return; p11.initPin(slot); } catch (errorEx &err) { XCA_ERROR(err); } } void MainWindow::manageToken() { pkcs11 p11; slotid slot; pki_scard *card = NULL; pki_x509 *cert = NULL; ImportMulti *dlgi = NULL; if (!pkcs11::libraries.loaded()) return; try { if (!p11.selectToken(&slot, this)) return; ImportMulti *dlgi = new ImportMulti(this); dlgi->tokenInfo(slot); QList objects; QList ml = p11.mechanismList(slot); if (ml.count() == 0) ml << CKM_SHA1_RSA_PKCS; pk11_attlist atts(pk11_attr_ulong(CKA_CLASS, CKO_PUBLIC_KEY)); p11.startSession(slot); p11.getRandom(); objects = p11.objectList(atts); for (int j=0; j< objects.count(); j++) { card = new pki_scard(""); try { card->load_token(p11, objects[j]); card->setMech_list(ml); dlgi->addItem(card); } catch (errorEx &err) { XCA_ERROR(err); delete card; } card = NULL; } atts.reset(); atts << pk11_attr_ulong(CKA_CLASS, CKO_CERTIFICATE) << pk11_attr_ulong(CKA_CERTIFICATE_TYPE,CKC_X_509); objects = p11.objectList(atts); for (int j=0; j< objects.count(); j++) { cert = new pki_x509(""); try { cert->load_token(p11, objects[j]); dlgi->addItem(cert); } catch (errorEx &err) { XCA_ERROR(err); delete cert; } cert = NULL; } if (dlgi->entries() == 0) { tkInfo ti = p11.tokenInfo(); XCA_INFO(tr("The token '%1' did not contain any keys or certificates").arg(ti.label())); } else { dlgi->execute(true); } } catch (errorEx &err) { XCA_ERROR(err); } delete card; delete cert; delete dlgi; } MainWindow::~MainWindow() { ERR_free_strings(); EVP_cleanup(); OBJ_cleanup(); delete dbindex; delete helpdlg; XcaProgress::setGui(nullptr); } void MainWindow::closeEvent(QCloseEvent *e) { if (dhgen) { if (!XCA_YESNO("Abort Diffie-Hellmann parameter generation?")){ e->ignore(); return; } dhgen->terminate(); } delete resolver; resolver = NULL; delete helpdlg; helpdlg = NULL; close_database(); QMainWindow::closeEvent(e); } int MainWindow::checkOldGetNewPass(Passwd &pass) { QString passHash = Settings["pwhash"]; if (!passHash.isEmpty()) { pass_info p(tr("Current Password"), tr("Please enter the current database password"), this); /* Try empty password */ if (pki_evp::sha512passwT(pass, passHash) != passHash) { /* Not the empty password, check it */ if (PwDialogCore::execute(&p, &pass, false) != 1) return 0; } if (pki_evp::sha512passwT(pass, passHash) != passHash) { XCA_WARN(tr("The entered password is wrong")); return 0; } } pass_info p(tr("New Password"), tr("Please enter the new password " "to encrypt your private keys in the database-file"), this); return PwDialogCore::execute(&p, &pass, true) != 1 ? 0 : 1; } void MainWindow::changeDbPass() { Passwd pass; XSqlQuery q; QSqlDatabase db = QSqlDatabase::database(); if (!checkOldGetNewPass(pass)) return; QString salt = Entropy::makeSalt(); QString passhash = pki_evp::sha512passwT(pass, salt); QList key_list = Store.sqlSELECTpki( "SELECT item FROM private_keys WHERE ownPass=0"); try { Transaction; if (!TransBegin()) { errorEx e(tr("Transaction start failed")); XCA_ERROR(e); return; } foreach(pki_evp *key, key_list) { EVP_PKEY *evp = key->decryptKey(); key->set_evp_key(evp); key->encryptKey(pass.constData()); key->sqlUpdatePrivateKey(); } Settings["pwhash"] = passhash; TransCommit(); pki_evp::passHash = passhash; pki_evp::passwd = pass; } catch (errorEx &e) { XCA_ERROR(e); } } void MainWindow::importAnything(QString file) { importAnything(QStringList(file)); } void MainWindow::importAnything(const QStringList &files) { pki_multi *multi = new pki_multi(); foreach(QString s, files) multi->probeAnything(s); importMulti(multi, 1); } void MainWindow::importMulti(pki_multi *multi, int force) { if (!multi) return; QStringList failed_files = multi->failed_files; ImportMulti *dlgi = new ImportMulti(this); // dlgi->addItem() deletes "multi" if appropriate dlgi->addItem(multi); dlgi->execute(force, failed_files); delete dlgi; } void MainWindow::openRemoteSqlDB() { OpenDb *opendb = new OpenDb(this, QString()); QString descriptor; Passwd pass; DbMap params; if (opendb->exec()) { descriptor = opendb->getDescriptor(); pass = opendb->dbPassword->text().toLatin1(); params = database_model::splitRemoteDbName(descriptor); } delete opendb; if (descriptor.isEmpty()) return; init_database(descriptor, pass); } enum open_result MainWindow::init_database(const QString &name, const Passwd &pass) { close_database(); try { Database.open(name, pass); return setup_open_database(); } catch (errorEx &err) { XCA_ERROR(err); return open_abort; } catch (enum open_result r) { return r; } return pw_ok; } void MainWindow::showDatabaseName() { if (Database.isOpen()) dbindex->setText(tr("Database: %1") .arg(compressFilename(Database.name()))); } enum open_result MainWindow::setup_open_database() { if (!Database.isOpen()) return open_abort; if (!database_model::isRemoteDB(Database.name())) homedir = QFileInfo(Database.name()).canonicalPath(); setItemEnabled(true); showDatabaseName(); set_geometry(Settings["mw_geometry"]); if (pki_evp::passwd.isNull()) XCA_INFO(tr("Using or exporting private keys will not be possible without providing the correct password")); enableTokenMenu(pkcs11::libraries.loaded()); digest defdig(digest::getDefault()); if (defdig.isInsecure()) { XCA_WARN(tr("The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons.").arg(defdig.name())); setOptions(); } keyView->setModel(Database.model()); reqView->setModel(Database.model()); certView->setModel(Database.model()); tempView->setModel(Database.model()); crlView->setModel(Database.model()); searchEdit->setText(""); searchEdit->show(); statusBar()->addWidget(searchEdit, 1); connect(tempView, SIGNAL(newCert(pki_temp *)), Database.model(), SLOT(newCert(pki_temp *))); connect(tempView, SIGNAL(newReq(pki_temp *)), Database.model(), SLOT(newItem(pki_temp *))); return pw_ok; } void MainWindow::set_geometry(QString geo) { QStringList sl = geo.split(","); if (sl.size() != 3) return; resize(sl[0].toInt(), sl[1].toInt()); int i = sl[2].toInt(); if (i != -1) tabView->setCurrentIndex(i); } void MainWindow::close_database() { if (!Database.isOpen()) return; Settings["mw_geometry"] = QString("%1,%2,%3") .arg(size().width()) .arg(size().height()) .arg(tabView->currentIndex()); history.addEntry(Database.name()); foreach(XcaTreeView *v, views) v->setModel(NULL); Database.close(); setItemEnabled(false); dbindex->clear(); update_history_menu(); enableTokenMenu(pkcs11::libraries.loaded()); } void MainWindow::exportIndex() { exportIndex(QFileDialog::getSaveFileName(this, XCA_TITLE, Settings["workingdir"], tr("Certificate Index ( index.txt )") + ";;" + tr("All files ( * )")), false); } void MainWindow::exportIndexHierarchy() { exportIndex(QFileDialog::getExistingDirectory( this, XCA_TITLE, Settings["workingdir"]), true); } void MainWindow::exportIndex(const QString &fname, bool hierarchy) const { qDebug() << fname << hierarchy; if (fname.isEmpty() || !Database.isOpen()) return; db_x509 *certs = Database.model(); certs->writeIndex(fname, hierarchy); } void MainWindow::generateDHparamDone() { errorEx e(dhgen->error()); if (e.isEmpty()) XCA_INFO(tr("Diffie-Hellman parameters saved as: %1") .arg(dhgen->filename())); else XCA_ERROR(e); dhgen->deleteLater(); dhgen = NULL; delete dhgenProgress; dhgenProgress = nullptr; } void MainWindow::generateDHparam() { bool ok; int bits; if (dhgen) return; bits = QInputDialog::getDouble(this, XCA_TITLE, tr("Diffie-Hellman parameters are needed for different applications, but not handled by XCA.\nPlease enter the DH parameter bits"), 1024, 1024, 4096, 0, &ok); if (!ok) return; /* * 1024: 6 sec * 2048: 38 sec * 4096: 864 sec */ Entropy::seed_rng(); try { QString fname = QString("%1/dh%2.pem").arg(homedir).arg(bits); fname = QFileDialog::getSaveFileName(this, QString(), fname, tr("All files ( * )"), NULL); if (fname == "") throw errorEx(""); dhgen = new DHgen(fname, bits); dhgenProgress = new XcaProgress(QString("Diffie-Hellman"), 0); dhgen->start(QThread::LowestPriority); connect(dhgen, SIGNAL(finished()), this, SLOT(generateDHparamDone())); } catch (errorEx &err) { XCA_ERROR(err); } } void MainWindow::changeEvent(QEvent *event) { if (event->type() == QEvent::LanguageChange) { retranslateUi(this); dn_translations_setup(); init_menu(); foreach(db_base *model, Database.getModels()) model->updateHeaders(); showDatabaseName(); searchEdit->setPlaceholderText(tr("Search")); } QMainWindow::changeEvent(event); } void MainWindow::keyPressEvent(QKeyEvent *e) { if (e->modifiers() != Qt::ControlModifier) { QMainWindow::keyPressEvent(e); return; } int siz = XcaApplication::tableFont.pointSize(); switch (e->key()) { case Qt::Key_Plus: XcaApplication::tableFont.setPointSize(siz +1); break; case Qt::Key_Minus: if (siz > 4) { XcaApplication::tableFont.setPointSize(siz -1); } break; case Qt::Key_V: if (e->modifiers() == Qt::ControlModifier) { pastePem(); break; } /* FALLTHROUGH */ default: QMainWindow::keyPressEvent(e); return; } foreach(XcaTreeView *v, views) { if (v) { v->header()->resizeSections( QHeaderView::ResizeToContents); v->reset(); } } update(); } void MainWindow::dump_database() { QString dirname = QFileDialog::getExistingDirectory( NULL, XCA_TITLE, Settings["workingdir"]); try { Database.dump(dirname); } catch (errorEx &err) { XCA_ERROR(err); } } void MainWindow::default_database() { Database.as_default(); } xca-RELEASE.2.5.0/widgets/MainWindow.h000066400000000000000000000065371450407711300172600ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __MAINWINDOW_H #define __MAINWINDOW_H #include "ui_MainWindow.h" #include "lib/oid.h" #include "lib/Passwd.h" #include "lib/main.h" #include "lib/database_model.h" #include "lib/dbhistory.h" #include "lib/dhgen.h" #include "lib/XcaProgress.h" #include #include #include #include class db_x509; class pki_multi; class NewX509; class OidResolver; class QProgressBar; class DHgen; class Help; class tipMenu : public QMenu { Q_OBJECT public: tipMenu(QString n, QWidget *w) : QMenu(n, w) {} bool event (QEvent * e) { if (e->type() == QEvent::ToolTip && activeAction() && activeAction()->toolTip() != activeAction()->text()) { const QHelpEvent *helpEvent = static_cast (e); QToolTip::showText(helpEvent->globalPos(), activeAction()->toolTip()); } else { QToolTip::hideText(); } return QMenu::event(e); } }; class MainWindow: public QMainWindow, public Ui::MainWindow { Q_OBJECT private: static OidResolver *resolver; QString string_opt; QList wdList; QList wdMenuList; QList scardList; QList acList; tipMenu *historyMenu; void set_geometry(QString geo); QLineEdit *searchEdit; QStringList urlsToOpen; int checkOldGetNewPass(Passwd &pass); void checkDB(); XcaProgress *dhgenProgress; DHgen *dhgen; const QList getTranslators() const; QList views; dbhistory history; void exportIndex(const QString &fname, bool hierarchy) const; QAction *languageMenuEntry(const QStringList &sl); protected: void init_images(); void init_menu(); int force_load; NIDlist *read_nidlist(QString name); QLabel *statusLabel; QString homedir; void keyPressEvent(QKeyEvent *e); void update_history_menu(); void showDatabaseName(); public: int exitApp; QLabel *dbindex; Help *helpdlg; MainWindow(); virtual ~MainWindow(); void loadSettings(); void saveSettings(); void load_engine(); static OidResolver *getResolver() { return resolver; } bool mkDir(QString dir); void setItemEnabled(bool enable); void enableTokenMenu(bool enable); void importAnything(QString file); void importAnything(const QStringList &files); void importMulti(pki_multi *multi, int force); void dropEvent(QDropEvent *event); void dragEnterEvent(QDragEnterEvent *event); void initResolver(); public slots: enum open_result init_database(const QString &dbName, const Passwd &pass = Passwd()); enum open_result setup_open_database(); void new_database(); void load_database(); void close_database(); void dump_database(); void default_database(); void about(); void loadPem(); bool pastePem(QString text, bool silent=false); void pastePem(); void changeDbPass(); void openURLs(QStringList &files); void openURLs(); void changeEvent(QEvent *event); void exportIndex(); void exportIndexHierarchy(); void openRemoteSqlDB(); void generateDHparamDone(); protected slots: void closeEvent(QCloseEvent * event); private slots: void setOptions(); void manageToken(); void initToken(); void changePin(bool so=false); void changeSoPin(); void initPin(); void generateDHparam(); void open_database(QAction* a); }; #endif xca-RELEASE.2.5.0/widgets/NewCrl.cpp000066400000000000000000000040101450407711300167110ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2010 - 2011 Christian Hohnstaedt. * * All rights reserved. */ #include "NewCrl.h" #include "XcaDialog.h" #include "validity.h" #include "MainWindow.h" #include "lib/base.h" #include "lib/func.h" #include #include #include #include #include NewCrl::NewCrl(const crljob &j, QWidget *w) : QWidget(w ? w : mainwin), task(j) { pki_x509 *issuer = task.issuer; pki_key *key = issuer->getRefKey(); setupUi(this); dateBox->setTitle(issuer->getIntName()); validNumber->setText(QString::number(task.crlDays)); validRange->setCurrentIndex(0); on_applyTime_clicked(); nextUpdate->setEndDate(true); hashAlgo->setupHashes(key->possibleHashNids()); hashAlgo->setCurrent(task.hashAlgo); crlNumber->setText(task.crlNumber.toDec()); if (issuer->hasExtension(NID_subject_alt_name)) { subAltName->setEnabled(true); subAltName->setChecked(task.subAltName); } else { subAltName->setEnabled(false); } revocationReasons->setChecked(task.withReason); authKeyId->setChecked(task.authKeyId); } crljob NewCrl::getCrlJob() const { crljob t = task; t.withReason = revocationReasons->isChecked(); t.authKeyId = authKeyId->isChecked(); t.subAltName = subAltName->isChecked(); t.setCrlNumber = setCrlNumber->isChecked(); t.lastUpdate = lastUpdate->getDate(); t.nextUpdate = nextUpdate->getDate(); t.hashAlgo = hashAlgo->current(); t.crlNumber = crlNumber->text().toLong(); return t; } void NewCrl::on_applyTime_clicked() { nextUpdate->setDiff(lastUpdate, validNumber->text().toInt(), validRange->currentIndex()); } NewCrl::~NewCrl() { qDebug() << "NewCrl::~NewCrl() -- DELETED"; } void NewCrl::newCrl(QWidget *parent, pki_x509 *issuer) { crljob task(issuer); NewCrl *widget = new NewCrl(task); XcaDialog *dlg = new XcaDialog(parent, revocation, widget, tr("Create CRL"), QString(), "crlgenerate"); if (dlg->exec()) { db_crl *db = Database.model(); if (db) db->newCrl(widget->getCrlJob()); } delete dlg; } xca-RELEASE.2.5.0/widgets/NewCrl.h000066400000000000000000000007571450407711300163740ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2010 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __NEWCRL_H #define __NEWCRL_H #include "ui_NewCrl.h" #include "lib/pki_crl.h" class pki_key; class NewCrl: public QWidget, public Ui::NewCrl { Q_OBJECT crljob task; public: NewCrl(const crljob &task, QWidget *w = nullptr); ~NewCrl(); crljob getCrlJob() const; static void newCrl(QWidget *parent, pki_x509 *issuer); public slots: void on_applyTime_clicked(); }; #endif xca-RELEASE.2.5.0/widgets/NewKey.cpp000066400000000000000000000126121450407711300167300ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "NewKey.h" #include "MainWindow.h" #include "Help.h" #include "lib/pki_evp.h" #include "lib/pkcs11.h" #include "distname.h" #include "clicklabel.h" #include "ItemCombo.h" #include #include #include #include class keyListItem { public: bool card; keytype ktype; QString printname; slotid slot; unsigned minKeySize; unsigned maxKeySize; unsigned long ec_flags; keyListItem(pkcs11 *p11, slotid nslot, CK_MECHANISM_TYPE m) { slot = nslot; CK_MECHANISM_INFO mechinfo; p11->mechanismInfo(slot, m, &mechinfo); minKeySize = mechinfo.ulMinKeySize; maxKeySize = mechinfo.ulMaxKeySize; if (maxKeySize == 0) { /* Fallback for libraries not * filling in the maxKeySize */ maxKeySize = INT_MAX; } ktype = keytype::byMech(m); tkInfo ti = p11->tokenInfo(slot); #ifndef OPENSSL_NO_EC if (m == CKM_EC_KEY_PAIR_GEN) { CK_MECHANISM_INFO info; p11->mechanismInfo(slot, m, &info); ec_flags = info.flags & (CKF_EC_F_P | CKF_EC_F_2M); if (!ec_flags) { /* Fallback: Assume to support both for * libraries leaving this flag empty */ ec_flags = CKF_EC_F_P | CKF_EC_F_2M; } } #endif printname = QString("%1 #%2 (%3 Key of %4 - %5 bits)"). arg(ti.label()).arg(ti.serial()). arg(ktype.name). arg(minKeySize). arg(maxKeySize); card = true; } keyListItem(const keytype &t = keytype()) : ktype(t) { printname = ktype.name; card = false; slot = slotid(); minKeySize = 0; maxKeySize = INT_MAX; ec_flags = 0; } int type() const { return ktype.type; } }; Q_DECLARE_METATYPE(keyListItem); NewKey::NewKey(QWidget *parent, const QString &name) :QDialog(parent ? parent : mainwin) { static const QList sizeList = { 1024, 2048, 4096, 8192 }; slotidList p11_slots; QList keytypes; setupUi(this); setWindowTitle(XCA_TITLE); image->setPixmap(QPixmap(":keyImg")); mainwin->helpdlg->register_ctxhelp_button(this, "keygen"); if (!name.isEmpty()) keyDesc->setText(name); keyLength->setEditable(true); foreach (int size, sizeList) keyLength->addItem(QString("%1 bit").arg(size)); foreach (const keytype t, keytype::types()) keytypes << keyListItem(t); updateCurves(); keyLength->setEditText(QString("%1 bit").arg(keyjob::defaultjob.size)); keyDesc->setFocus(); if (pkcs11::libraries.loaded()) try { pkcs11 p11; p11_slots = p11.getSlotList(); foreach(slotid slot, p11_slots) { QList ml = p11.mechanismList(slot); foreach(keytype t, keytype::types()) if (ml.contains(t.mech)) keytypes << keyListItem(&p11, slot, t.mech); } } catch (errorEx &) { p11_slots.clear(); } for (int i=0; iaddItem(keytypes[i].printname, q); if (!keytypes[i].card && keytypes[i].type() == keyjob::defaultjob.ktype.type) { keyType->setCurrentIndex(i); } } buttonBox->button(QDialogButtonBox::Ok)->setText(tr("Create")); } void NewKey::addCurveBoxCurves(const QList &curves) { foreach(builtin_curve curve, curves) { QString sn(OBJ_nid2sn(curve.nid)); QString p, comment = curve.comment; if (comment.isEmpty()) comment = "---"; p = sn + ": " + comment; curveBox->addItem(sn + ": " + comment, curve.nid); } } void NewKey::updateCurves(unsigned min, unsigned max, unsigned long ec_flags) { #ifndef OPENSSL_NO_EC QList curve_rfc5480, curve_x962, curve_other; foreach(builtin_curve curve, builtinCurves) { const char *sn = OBJ_nid2sn(curve.nid); if (!sn || curve.order_size < min || curve.order_size > max) continue; if (ec_flags && (curve.type & ec_flags) == 0) continue; switch (curve.flags) { case CURVE_RFC5480: curve_rfc5480 << curve; break; case CURVE_X962: curve_x962 << curve; break; case CURVE_OTHER: curve_other << curve; break; } } curveBox->clear(); addCurveBoxCurves(curve_rfc5480); curveBox->insertSeparator(curveBox->count()); addCurveBoxCurves(curve_x962); curveBox->insertSeparator(curveBox->count()); addCurveBoxCurves(curve_other); int default_index = curveBox->findData( QVariant(keyjob::defaultjob.ec_nid)); curveBox->setCurrentIndex(default_index == -1 ? 0 : default_index); #else (void)min; (void)max; (void)ec_flags; #endif } void NewKey::on_keyType_currentIndexChanged(int idx) { keyListItem ki = keyType->itemData(idx).value(); curveBox->setVisible(ki.ktype.curve); curveLabel->setVisible(ki.ktype.curve); keySizeLabel->setVisible(ki.ktype.length); keyLength->setVisible(ki.ktype.length); rememberDefault->setEnabled(!ki.card); if (ki.ktype.curve && ki.card) { updateCurves(ki.minKeySize, ki.maxKeySize, ki.ec_flags); } } keyjob NewKey::getKeyJob() const { keyjob job; keyListItem selected = keyType->itemData(keyType->currentIndex()) .value(); job.ktype = selected.ktype; if (job.isEC()) { int idx = curveBox->currentIndex(); job.ec_nid = curveBox->itemData(idx).toInt(); } else { QString size = keyLength->currentText(); size.replace(QRegularExpression("[^0-9]"), ""); job.size = size.toInt(); } job.slot = selected.slot; return job; } void NewKey::accept() { if (rememberDefault->isChecked()) { keyjob::defaultjob = getKeyJob(); Settings["defaultkey"] = keyjob::defaultjob.toString(); } QDialog::accept(); } xca-RELEASE.2.5.0/widgets/NewKey.h000066400000000000000000000012371450407711300163760ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __NEWKEY_H #define __NEWKEY_H #include "ui_NewKey.h" #include "lib/pkcs11_lib.h" #include "lib/pki_key.h" #include "lib/builtin_curves.h" #include class NewKey: public QDialog, public Ui::NewKey { Q_OBJECT private: void updateCurves(unsigned min=0, unsigned max=INT_MAX, unsigned long ec_flags=0); void addCurveBoxCurves(const QList &curves); public: NewKey(QWidget *parent, const QString &name); keyjob getKeyJob() const; public slots: void accept(); void on_keyType_currentIndexChanged(int); }; #endif xca-RELEASE.2.5.0/widgets/NewX509.cpp000066400000000000000000001065251450407711300166540ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "NewX509.h" #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "XcaWarning.h" #include "NewKey.h" #include "CertDetail.h" #include "OidResolver.h" #include "MainWindow.h" #include "Help.h" #include "v3ext.h" #include "lib/x509name.h" #include "lib/db_key.h" #include "lib/db_x509req.h" #include "lib/db_x509.h" #include "lib/db_temp.h" #include "lib/oid.h" #include "lib/func.h" void NewX509::setupExplicitDN(NIDlist my_dn_nid = NIDlist()) { NIDlist expl_dn_nid; /* Create configured explicit_dn list */ if (!Settings["explicit_dn"].empty()) { foreach(QString dn, Settings["explicit_dn"].split(",")) { int nid = OBJ_sn2nid(CCHAR(dn)); if (!my_dn_nid.contains(nid)) expl_dn_nid << nid; } } nameEdits = setupExplicitInputs(my_dn_nid + expl_dn_nid, dnWidget, description, 2); } QList NewX509::setupExplicitInputs(NIDlist nid_list, QWidget *parent, QWidget *old, int columns) { QList edits; QGridLayout *layout = dynamic_cast(parent->layout()); if (layout) { QLayoutItem *child; while ((child = layout->takeAt(0))) { delete child->widget(); delete child; } } else { layout = new QGridLayout(parent); layout->setAlignment(Qt::AlignTop); layout->setSpacing(6); layout->setContentsMargins(0, 0, 0, 0); layout->setContentsMargins(11, 11, 11, 11); } int n = 0, col = 0; foreach(int nid, nid_list) { DoubleClickLabel *label; QLineEdit *edit; QString trans = dn_translations[nid]; QString ln = OBJ_nid2ln(nid), sn = OBJ_nid2sn(nid); label = new DoubleClickLabel(parent); if (Settings["translate_dn"] && !trans.isEmpty()) { label->setText(trans); label->setToolTip(QString("[%1] %2").arg(sn, ln)); if (sn == ln) label->setToolTip(ln); } else { label->setText(ln); label->setToolTip(QString("[%1] %2").arg(sn, trans)); if (trans == sn) label->setToolTip(trans); } label->setClickText(OBJ_nid2sn(nid)); connect(label, SIGNAL(doubleClicked(QString)), MainWindow::getResolver(), SLOT(searchOid(QString))); edit = new QLineEdit(parent); setupLineEditByNid(nid, edit); edits << nameEdit(nid, edit, label); layout->addWidget(label, n, col); layout->addWidget(edit, n, col +1); n++; if (n > (nid_list.size()-1)/columns) { col += 2; n = 0; } QWidget::setTabOrder(old, edit); old = edit; } return edits; } NewX509::NewX509(QWidget *w) : QDialog(w ? w : mainwin) { int i; QStringList keys; db_key *keymodel = Database.model(); db_x509req *reqmodel = Database.model(); attr_nid << NID_pkcs9_unstructuredName << NID_pkcs9_challengePassword; setupUi(this); mainwin->helpdlg->register_ctxhelp_button(this, "wizard"); /* temporary storage for creating temporary X509V3_CTX */ ctx_cert = NULL; pkiSource = generated; foreach(int nid, distname_nid) keys << QString(OBJ_nid2ln(nid)); tabnames = QStringList({ "wizard_src", "wizard_subject", "wizard_extensions", "wizard_keyusage", "wizard_netscape", "wizard_advanced", "wizard_comment"}); extDNlist->setKeys(keys); extDNlist->setInfoLabel(extDNinfo); connect(extDNlist->itemDelegateForColumn(1), SIGNAL(setupLineEdit(const QString &, QLineEdit *)), this, SLOT(setupExtDNwidget(const QString &, QLineEdit *))); connect(subAltName, SIGNAL(textChanged(const QString &)), this, SLOT(checkSubAltName(const QString &))); connect(issAltName, SIGNAL(textChanged(const QString &)), this, SLOT(checkIssAltName(const QString &))); connect(crlDist, SIGNAL(textChanged(const QString &)), this, SLOT(checkCrlDist(const QString &))); connect(authInfAcc, SIGNAL(textChanged(const QString &)), this, SLOT(checkAuthInfAcc(const QString &))); connect(keymodel, SIGNAL(keyDone(pki_key*)), this, SLOT(newKeyDone(pki_key*))); connect(reqmodel, SIGNAL(pkiChanged(pki_base*)), this, SLOT(itemChanged(pki_base*))); setWindowTitle(XCA_TITLE); for (i=0; icount(); i++) { tabWidget->widget(i)->setObjectName(tabnames[i]); qDebug() << "TAB:" << i << tabWidget->tabText(i); } nsImg->setPixmap(QPixmap(":nsImg")); // are there any useable private keys ? newKeyDone(NULL); // any PKCS#10 requests to be used ? QList requests = getAllRequests(); if (requests.isEmpty()) { fromReqCB->setDisabled(true); fromReqCB->setChecked(false); } else { reqList->insertPkiItems(requests); } on_fromReqCB_clicked(); // How about signing certificates ? QList issuers = getAllIssuers(); if (issuers.isEmpty()) { foreignSignRB->setDisabled(true); } else { certList->insertPkiItems(issuers); } // set dates to now and now + 1 year validN->setText("1"); validRange->setCurrentIndex(2); on_applyTime_clicked(); // settings for the templates .... tempList->insertPkiItems(getAllTempsAndPredefs()); // setup Extended keyusage foreach(int nid, extkeyuse_nid) ekeyUsage->addItem(OBJ_nid2ln(nid)); // init the X509 v3 context X509V3_set_ctx(&ext_ctx, NULL , NULL, NULL, NULL, 0); X509V3_set_ctx_nodb(&ext_ctx); // Setup dnWidget setupExplicitDN(); // Setup Request Attributes attrEdits = setupExplicitInputs(attr_nid, attrWidget, reqSubChange, 1); // last polish on_certList_currentIndexChanged(0); certList->setDisabled(true); tabWidget->setCurrentIndex(0); attrWidget->hide(); pt = none; notAfter->setEndDate(true); basicPath->setValidator(new QIntValidator(0, 1000, this)); QMap nidWidget; nidWidget[NID_subject_alt_name] = sanLbl; nidWidget[NID_issuer_alt_name] = ianLbl; nidWidget[NID_crl_distribution_points] = crldpLbl; nidWidget[NID_info_access] = aiaLbl; nidWidget[NID_netscape_base_url] = nsBaseLbl; nidWidget[NID_netscape_revocation_url] = nsRevLbl; nidWidget[NID_netscape_ca_revocation_url] = nsCaRevLbl; nidWidget[NID_netscape_renewal_url] = nsRenewLbl; nidWidget[NID_netscape_ca_policy_url] = nsCaPolicyLbl; nidWidget[NID_netscape_ssl_server_name] = nsSslServerLbl; nidWidget[NID_netscape_comment] = nsCommentLbl; nidWidget[NID_basic_constraints] = bcBox; nidWidget[NID_key_usage] = kuBox; nidWidget[NID_ext_key_usage] = ekuBox; nidWidget[NID_netscape_cert_type] = nsCertTypeBox; nidWidget[NID_subject_key_identifier] = subKey; nidWidget[NID_authority_key_identifier] = authKey; foreach(int nid, nidWidget.keys()) { QString text = OBJ_nid2ln(nid); QString tooltip = dn_translations[nid]; QWidget *w = nidWidget[nid]; QString tt = w->toolTip(); if (Settings["translate_dn"]) text.swap(tooltip); if (!tt.isEmpty()) tooltip = QString("%1 (%2)").arg(tt).arg(tooltip); w->setToolTip(tooltip); DoubleClickLabel *l = dynamic_cast(w); QGroupBox *g = dynamic_cast(w); QCheckBox *c = dynamic_cast(w); if (l) { l->setText(text); l->setClickText(OBJ_nid2sn(nid)); connect(l, SIGNAL(doubleClicked(QString)), MainWindow::getResolver(), SLOT(searchOid(QString))); } else if (g) { g->setTitle(text); } else if (c) { c->setText(text); } } if (Settings["translate_dn"]) { QList gb { distNameBox, keyIdentBox }; foreach(QGroupBox *g, gb) { QString tt = g->toolTip(); g->setToolTip(g->title()); g->setTitle(tt); } QList cbList { bcCritical,kuCritical,ekuCritical }; foreach(QCheckBox* cb, cbList) { cb->setText(tr("Critical")); } } if (Settings["disable_netscape"]) tabWidget->removeTab(4); // Setup widget <-> Template mapping #define MAP_LE(name) templateLineEdits[#name] = name; MAP_LE(subAltName); MAP_LE(issAltName); MAP_LE(crlDist); MAP_LE(authInfAcc); MAP_LE(nsComment); MAP_LE(nsBaseUrl); MAP_LE(nsRevocationUrl); MAP_LE(nsCARevocationUrl); MAP_LE(nsRenewalUrl); MAP_LE(nsCaPolicyUrl); MAP_LE(nsSslServerName); MAP_LE(validN); MAP_LE(basicPath); #define MAP_CB(name) templateCheckBoxes[#name] = name; MAP_CB(bcCritical); MAP_CB(kuCritical); MAP_CB(ekuCritical); MAP_CB(subKey); MAP_CB(authKey); MAP_CB(OCSPstaple); MAP_CB(validMidn); MAP_CB(noWellDefinedExpDate); } void NewX509::setRequest() { reqWidget->hide(); attrWidget->show(); signerBox->setEnabled(false); timewidget->setEnabled(false); capt->setText(tr("Create Certificate signing request")); authKey->setEnabled(false); image->setPixmap(QPixmap(":csrImg")); pt = x509_req; } NewX509::~NewX509() { delete ctx_cert; } void NewX509::setupExtDNwidget(const QString &s, QLineEdit *l) { setupLineEditByNid(OBJ_txt2nid(CCHAR(s)), l); } void NewX509::setupLineEditByNid(int nid, QLineEdit *l) { ASN1_STRING_TABLE *tab = ASN1_STRING_TABLE_get(nid); QValidator *validator = NULL; QStringList info; info << QString("[%1]").arg(OBJ_nid2sn(nid)); if (tab) { if (tab->minsize > 1) info << tr("minimum size: %1").arg(tab->minsize); if (tab->maxsize != -1) info << tr("maximum size: %1").arg(tab->maxsize); if (tab->mask == B_ASN1_PRINTABLESTRING) { info << tr("only a-z A-Z 0-9 '()+,-./:=?"); QRegularExpression rx("[a-zA-Z0-9'()+,-./:=?]+"); validator = new QRegularExpressionValidator(rx, this); } else if (tab->mask == B_ASN1_IA5STRING) { info << tr("only 7-bit clean characters"); } } l->setToolTip(info.join(" ")); l->setValidator(validator); } void NewX509::getReqAttributes(pki_x509req *req) { foreach(nameEdit e, attrEdits) { req->addAttribute(e.nid, e.edit->text()); } } void NewX509::setReqAttributes(pki_x509req *req) { foreach(nameEdit e, attrEdits) { e.edit->setText(req->getAttribute(e.nid)); } } /* Initialize dialog for Template creation */ void NewX509::setTemp(pki_temp *temp) { description->setText(temp->getIntName()); capt->setText(tr("Edit XCA template")); tabWidget->removeTab(0); privKeyBox->setEnabled(false); validityBox->setEnabled(false); image->setPixmap(QPixmap(":tempImg")); pt = tmpl; fromTemplate(temp); comment->setPlainText(temp->getComment()); } /* Initialize dialog for Certificate creation */ void NewX509::setCert() { capt->setText(tr("Create x509 Certificate")); image->setPixmap(QPixmap(":certImg")); pt = x509; } /* Select a template and apply it */ void NewX509::defineTemplate(pki_temp *temp) { fromTemplate(temp); templateChanged(temp); pkiSource = transformed; } /* Select a Request for signing it */ void NewX509::defineRequest(pki_x509req *req) { fromReqCB->setEnabled(true); fromReqCB->setChecked(true); reqList->setCurrentPkiItem(req); pkiSource = transformed; on_fromReqCB_clicked(); } /* Preset all values from another request to create a similar one */ void NewX509::fromX509super(pki_x509super *cert_or_req, bool applyTemp) { pki_temp *temp = new pki_temp(""); temp->fromCert(cert_or_req); defineTemplate(temp); delete temp; description->setText(cert_or_req->getIntName()); pki_key *key = cert_or_req->getRefKey(); if (key) { usedKeysToo->setChecked(true); keyList->setCurrentPkiItem(key); } hashAlgo->setCurrent(cert_or_req->getDigest()); switch(cert_or_req->getType()) { case x509: { pki_x509 *cert = (pki_x509*)cert_or_req; pki_x509 *signer = cert->getSigner(); if (signer == cert) { foreignSignRB->setChecked(false); } else if (signer) { defineSigner(signer, applyTemp); } notBefore->setDate(cert->getNotBefore()); notAfter->setDate(cert->getNotAfter()); break; } case x509_req: { pki_x509req *req = (pki_x509req*)cert_or_req; setReqAttributes(req); break; } default: break; } } pki_temp *NewX509::caTemplate(pki_x509 *ca) const { QVariant sqlId = ca->getTemplateSqlId(); if (!sqlId.isValid()) return NULL; return Store.lookupPki(sqlId); } /* Preset the signing certificate */ void NewX509::defineSigner(pki_x509 *defcert, bool applyTemp) { // suggested from: Andrey Brindeew if (defcert && defcert->canSign() ) { if (certList->setCurrentPkiItem(defcert) != -1) { foreignSignRB->setChecked(true); certList->setEnabled(true); if (applyTemp && defcert->getTemplateSqlId().isValid()) { on_applyTemplate_clicked(); } } } } static int lb2int(QListWidget *lb) { int i, x=0, c=lb->count(); for (i=0; iitem(i)->isSelected()) x |= 1<count(); i++) lb->item(i)->setSelected((1< items; for (int i=0; ifindItems(lname, Qt::MatchExactly); if (items.size() > 0) items[0]->setSelected(true); } } static QString lb2QString(QListWidget *lb) { QStringList sl; for (int i=0; icount(); i++) { QListWidgetItem *item = lb->item(i); if (item->isSelected()) sl << QString(OBJ_ln2sn(CCHAR(item->text()))); } return sl.join(", "); } void NewX509::subjectFromTemplate(pki_temp *temp) { if (temp) setX509name(temp->getSubject()); } void NewX509::extensionsFromTemplate(pki_temp *temp) { if (!temp) return; QMapIterator l(templateLineEdits); while (l.hasNext()) { l.next(); l.value()->setText(temp->getSetting(l.key())); } QMapIterator i(templateCheckBoxes); while (i.hasNext()) { i.next(); i.value()->setChecked(temp->getSettingInt(i.key())); } int2lb(nsCertType, temp->getSettingInt("nsCertType")); basicCA->setCurrentIndex(temp->getSettingInt("ca")); int2lb(keyUsage, temp->getSettingInt("keyUse")); QString2lb(ekeyUsage, temp->getSetting("eKeyUse")); validRange->setCurrentIndex(temp->getSettingInt("validM")); nconf_data->document()->setPlainText(temp->getSetting("adv_ext")); on_applyTime_clicked(); } void NewX509::fromTemplate(pki_temp *temp) { subjectFromTemplate(temp); extensionsFromTemplate(temp); } void NewX509::toTemplate(pki_temp *temp) { temp->setIntName(description->text()); temp->setSubject(getX509name()); QMapIterator l(templateLineEdits); while (l.hasNext()) { l.next(); temp->setSetting(l.key(), l.value()->text()); } QMapIterator i(templateCheckBoxes); while (i.hasNext()) { i.next(); temp->setSetting(i.key(), i.value()->isChecked()); } temp->setSetting("nsCertType", lb2int(nsCertType)); temp->setSetting("ca", basicCA->currentIndex()); temp->setSetting("keyUse", lb2int(keyUsage)); temp->setSetting("eKeyUse", lb2QString(ekeyUsage)); temp->setSetting("validN", validN->text().toInt()); temp->setSetting("validM", validRange->currentIndex()); if (!temp->getSetting("basicPath").isEmpty()) temp->setSetting("basicPath", temp->getSettingInt("basicPath")); if (nconf_data->isReadOnly()) { temp->setSetting("adv_ext", v3ext_backup); } else { temp->setSetting("adv_ext", nconf_data->toPlainText()); } temp->setComment(comment->toPlainText()); } void NewX509::on_fromReqCB_clicked() { bool request = fromReqCB->isChecked(); bool subj_tab_present = tabWidget->widget(1) == tab_1; bool subChange = reqSubChange->isChecked(); if (request && subj_tab_present && !subChange) tabWidget->removeTab(1); else if ((!request || subChange) && !subj_tab_present) tabWidget->insertTab(1, tab_1, tr("Subject")); reqList->setEnabled(request); copyReqExtCB->setEnabled(request); showReqBut->setEnabled(request); reqSubChange->setEnabled(request); switchHashAlgo(); } void NewX509::on_reqSubChange_clicked() { if (reqSubChange->isChecked()) { pki_x509req *req = getSelectedReq(); description->setText(req->getIntName()); setX509name(req->getSubject()); usedKeysToo->setEnabled(false); keyList->setEnabled(false); genKeyBut->setEnabled(false); } on_fromReqCB_clicked(); } void NewX509::on_keyList_currentIndexChanged(int) { switchHashAlgo(); } void NewX509::on_reqList_currentIndexChanged(int) { switchHashAlgo(); } void NewX509::switchHashAlgo() { pki_key *key; pki_x509super *sig; if (foreignSignRB->isChecked()) sig = getSelectedSigner(); else if (fromReqCB->isChecked()) sig = getSelectedReq(); else sig = NULL; key = sig ? sig->getRefKey() : getSelectedKey(); if (key) hashAlgo->setupHashes(key->possibleHashNids()); else hashAlgo->setupAllHashes(); } void NewX509::on_showReqBut_clicked() { CertDetail::showCert(this, reqList->currentPkiItem()); } QList NewX509::getAllRequests() const { return Database.model()->getAllRequests(); } QList NewX509::getAllIssuers() const { return Database.model()->getAllIssuers(); } QList NewX509::getAllTempsAndPredefs() const { return Database.model()->getPredefs() + Store.getAll(); } QList NewX509::getAllKeys() const { return Database.model()->getAllKeys(); } QList NewX509::getUnusedKeys() const { return Database.model()->getUnusedKeys(); } void NewX509::itemChanged(pki_base* req) { reqList->insertPkiItems(getAllRequests()); reqList->setCurrentPkiItem(dynamic_cast(req)); } void NewX509::on_genKeyBut_clicked() { QString name = description->text(); if (name.isEmpty()) name = getX509name().getMostPopular(); NewKey *dlg = new NewKey(this, name); if (dlg->exec()) { db_key *keys = Database.model(); keys->newKey(dlg->getKeyJob(), dlg->keyDesc->text()); } delete dlg; } void NewX509::on_certList_currentIndexChanged(int) { a1time snb, sna; pki_x509 *cert = getSelectedSigner(); switchHashAlgo(); if (!cert) return; pki_temp *templ = caTemplate(cert); snb = cert->getNotBefore(); sna = cert->getNotAfter(); if (snb > notBefore->getDate()) notBefore->setDate(snb); if (sna < notAfter->getDate()) notAfter->setDate(sna); if (templ) templateChanged(templ); } void NewX509::templateChanged(QString tempname) { int index; if (!tempList->isEnabled()) return; if ((index = tempList->findText(tempname)) <0) return; tempList->setCurrentIndex(index); } void NewX509::templateChanged(pki_temp *templ) { tempList->setCurrentPkiItem(templ); } pki_temp *NewX509::currentTemplate() { if (!tempList->isEnabled()) return NULL; return tempList->currentPkiItem(); } void NewX509::selfComment(QString msg) { comment->setPlainText(appendXcaComment(comment->toPlainText(), msg)); } void NewX509::on_applyTemplate_clicked() { pki_temp *t = currentTemplate(); if (!t) return; fromTemplate(t); selfComment(tr("Template '%1' applied").arg(t->comboText())); } void NewX509::on_applySubject_clicked() { pki_temp *t = currentTemplate(); subjectFromTemplate(t); selfComment(tr("Subject applied from template '%1'") .arg(t->comboText())); } void NewX509::on_applyExtensions_clicked() { pki_temp *t = currentTemplate(); extensionsFromTemplate(t); selfComment(tr("Extensions applied from template '%1'") .arg(t->comboText())); } void NewX509::on_foreignSignRB_toggled(bool) { switchHashAlgo(); } void NewX509::newKeyDone(pki_key *nkey) { allKeys = getAllKeys(); unusedKeys = getUnusedKeys(); on_usedKeysToo_toggled(true); if (nkey) { selfComment(tr("New key '%1' created") .arg(nkey->comboText())); keyList->setCurrentPkiItem(nkey); } else { keyList->setCurrentIndex(0); } } void NewX509::on_usedKeysToo_toggled(bool) { pki_key *cur = keyList->currentPkiItem(); keyList->clear(); keyList->insertPkiItems(usedKeysToo->isChecked() ? allKeys : unusedKeys); keyList->setCurrentPkiItem(cur); } pki_key *NewX509::getSelectedKey() { return keyList->currentPkiItem(); } pki_x509 *NewX509::getSelectedSigner() { return certList->currentPkiItem(); } pki_x509req *NewX509::getSelectedReq() { return reqList->currentPkiItem(); } x509name NewX509::getX509name(int _throw) { x509name x; int j, row, nid; if (fromReqCB->isChecked() && !reqSubChange->isChecked()) return getSelectedReq()->getSubject(); try { foreach(nameEdit ne, nameEdits) { x.addEntryByNid(ne.nid, ne.edit->text()); } row = extDNlist->rowCount(); for (j=0; jgetRow(j); nid = OBJ_txt2nid(CCHAR(l[0])); x.addEntryByNid(nid, l[1]); } } catch (errorEx &err) { if (!err.isEmpty()) { if (_throw) throw err; else XCA_WARN(err.getString()); } } return x; } void NewX509::setX509name(const x509name &n) { extDNlist->deleteAllRows(); foreach(nameEdit ne, nameEdits) { ne.edit->setText(""); } if (Settings["adapt_explicit_subject"]) { NIDlist mydn; for (int i=0; i< n.entryCount(); i++) mydn << n.nid(i); setupExplicitDN(mydn); } for (int i=0, j=0; i< n.entryCount(); i++) { int nid = n.nid(i); bool done = false; QStringList sl = n.entryList(i); for ( ; j < nameEdits.size(); j++) { nameEdit ne(nameEdits[j]); if (nid == ne.nid && ne.edit->text().isEmpty()) { ne.edit->setText(sl[2]); done = true; break; } } if (!done) { extDNlist->addRow(sl.mid(1, 2)); } } } void NewX509::on_applyTime_clicked() { notAfter->setDiff(notBefore, validN->text().toInt(), validRange->currentIndex()); } void NewX509::setupTmpCtx() { pki_x509 *signcert; pki_x509req *req = NULL; pki_key *key = NULL; a1int serial(1); QString errtxt; // initially create temporary ctx cert delete ctx_cert; ctx_cert = new pki_x509(); ctx_cert->setSubject(getX509name()); if (fromReqCB->isChecked()) { req = getSelectedReq(); if (req) key = req->getRefKey(); } else { key = getSelectedKey(); } if (key) ctx_cert->setPubKey(key); // Step 2 - select Signing if (foreignSignRB->isChecked()) { signcert = getSelectedSigner(); ctx_cert->setIssuer(signcert->getSubject()); } else { signcert = ctx_cert; ctx_cert->setIssuer(ctx_cert->getSubject()); } ctx_cert->setSerial(serial); initCtx(ctx_cert, signcert, req); } void NewX509::editV3ext(QLineEdit *le, QString types, int n) { v3ext *dlg; dlg = new v3ext(this); setupTmpCtx(); dlg->addInfo(le, types.split(','), n, &ext_ctx); dlg->exec(); delete dlg; } void NewX509::on_adv_validate_clicked() { if (!nconf_data->isReadOnly()) { /* switch from edit to display mode */ do_validateExtensions(); } else { /* switch back to edit mode */ undo_validateExtensions(); } } void NewX509::checkIcon(const QString &text, int nid, QLabel *img) { x509v3ext ext; if (text.isEmpty()) { img->clear(); return; } ign_openssl_error(); switch (nid) { case NID_subject_alt_name: ext = getSubAltName(); break; case NID_issuer_alt_name: ext = getIssAltName(); break; case NID_crl_distribution_points: ext = getCrlDist(); break; case NID_info_access: ext = getAuthInfAcc(); break; } img->setPixmap(ext.isValid() ? QPixmap(":doneIco") : QPixmap(":warnIco")); } void NewX509::checkSubAltName(const QString & text) { checkIcon(text, NID_subject_alt_name, subAltIco); } void NewX509::checkIssAltName(const QString & text) { checkIcon(text, NID_issuer_alt_name, issAltIco); } void NewX509::checkCrlDist(const QString & text) { checkIcon(text, NID_crl_distribution_points, crlDistIco); } void NewX509::checkAuthInfAcc(const QString & text) { checkIcon(text, NID_info_access, authInfAccIco); } int NewX509::do_validateExtensions() { QString result; int ret = 0; if (!nconf_data->isReadOnly()) { v3ext_backup = nconf_data->toPlainText(); } ret = validateExtensions(v3ext_backup, result); nconf_data->document()->setHtml(result); nconf_data->setReadOnly(true); adv_validate->setText(tr("Edit")); return ret; } void NewX509::undo_validateExtensions() { if (nconf_data->isReadOnly()) { nconf_data->document()->setPlainText(v3ext_backup); } nconf_data->setReadOnly(false); adv_validate->setText(tr("Validate")); } int NewX509::validateExtensions(QString nconf, QString &result) { int ret = 0, ext_count = 0; QStringList errors; extList el, req_el; ign_openssl_error(); setupTmpCtx(); (void)nconf; try { el = getGuiExt(); if (!Settings["disable_netscape"]) el += getNetscapeExt(); el.delInvalid(); } catch (errorEx &err) { errors += err.getString(); el.clear(); } ext_count += el.size(); if (el.size() > 0) { result += "

"; result += tr("Other Tabs") + "

\n"; result += el.getHtml("
"); } try { el = getAdvanced(); } catch (errorEx &err) { errors += err.getString(); el.clear(); } ext_count += el.size(); if (el.size() > 0) { if (!result.isEmpty()) result += "\n

\n"; result += "

"; result += tr("Advanced Tab") + "

\n"; result += el.getHtml("
"); } if (errors.size()) { if (!result.isEmpty()) result += "\n

\n"; result += "

"; result += tr("Errors") + "

  • \n"; result += errors.join("
  • \n"); result += "
"; ret = 1; } el.clear(); if (fromReqCB->isChecked() && copyReqExtCB->isChecked()) { req_el = getSelectedReq()->getV3ext(); for (int i=0; iaddV3ext(req_el[i], true)) el += req_el[i]; } } ext_count += el.size(); if (el.size() > 0) { if (!result.isEmpty()) result += "\n
\n"; result += "

"; result += tr("From PKCS#10 request") +"

\n"; result += el.getHtml("
"); } el = getExtDuplicates(); if (el.size() > 0) { QString errtxt; ret = 1; errtxt = "

Error:" "duplicate extensions:

    \n"; for(int i = 0; i< el.size(); i++) { errtxt += "
  • " +el[i].getObject() +"
    • \n"; } errtxt += "
\n
\n"; result = errtxt + result; } QString lineext; if (!subAltName->text().isEmpty() && !getSubAltName().isValid()) lineext += "The Subject Alternative Name is invalid
\n"; if (!issAltName->text().isEmpty() && !getIssAltName().isValid()) lineext += "The Issuer Alternative Name is invalid
\n"; if (!crlDist->text().isEmpty() && !getCrlDist().isValid()) lineext += "The CRL Distribution Point is invalid
\n"; if (!authInfAcc->text().isEmpty() && !getAuthInfAcc().isValid()) lineext += "The Authority Information Access is invalid
\n"; if (!lineext.isEmpty()) { if (!result.isEmpty()) result += "\n
\n"; result += lineext; ret = 3; } if (ret == 0 && ext_count == 0 && pt == x509) ret = 2; ign_openssl_error(); return ret; } void NewX509::on_editSubAlt_clicked() { QString s = "URI,email,RID,DNS,IP,otherName"; editV3ext(subAltName, s, NID_subject_alt_name); } void NewX509::on_editIssAlt_clicked() { QString s = "URI,email,RID,DNS,IP,otherName,issuer"; editV3ext(issAltName, s, NID_issuer_alt_name); } void NewX509::on_editCrlDist_clicked() { editV3ext(crlDist, "URI", NID_crl_distribution_points); } void NewX509::on_editAuthInfAcc_clicked() { QStringList permut, groups { "OCSP", "caIssuers" }, types{ "URI", "email", "RID", "DNS", "IP" }; foreach(QString group, groups) { foreach(QString type, types) { permut << QString("%1;%2").arg(group).arg(type); } } editV3ext(authInfAcc, permut.join(","), NID_info_access); } void NewX509::on_tabWidget_currentChanged(int tab) { QString tab_name = tabWidget->widget(tab)->objectName(); if (tab_name == tabnames[5]) do_validateExtensions(); buttonBox->setProperty("help_ctx", QVariant(tab_name)); } QString NewX509::mandatoryDnRemain() { QStringList remain, dnl = QString(Settings["mandatory_dn"]).split(","); x509name n; int i; if (QString(Settings["mandatory_dn"]).isEmpty()) return QString(); n = getX509name(); for (i=0; i< n.entryCount(); i++) { int j = dnl.indexOf(QString(OBJ_nid2sn(n.nid(i)))); if (j>=0) dnl.removeAt(j); } if (dnl.size() == 0) return QString(); foreach(QString x, dnl) remain << QString(OBJ_sn2ln(x.toLatin1())); return QString("'%1'").arg(remain.join("','")); } void NewX509::gotoTab(int tab) { for (int i=0; icount(); i++) { if (tabWidget->widget(i)->objectName() == tabnames[tab]) { tabWidget->setCurrentIndex(i); break; } } } enum pki_source NewX509::getPkiSource() const { return pkiSource; } void NewX509::accept() { x509name xn; on_tabWidget_currentChanged(0); try { xn = getX509name(1); } catch (errorEx &err) { gotoTab(1); xcaWarningBox msg(this, err.getString()); msg.addButton(QMessageBox::Ok); msg.addButton(QMessageBox::Close, tr("Abort rollout")); if (msg.exec() == QMessageBox::Close) { reject(); } return; } QString lenErr = xn.checkLength(); if (!lenErr.isEmpty()) { gotoTab(1); lenErr = tr("The following length restrictions of RFC3280 are violated:") + "\n" + lenErr; xcaWarningBox msg(this, lenErr); msg.addButton(QMessageBox::Ok, tr("Edit subject")); msg.addButton(QMessageBox::Close, tr("Abort rollout")); msg.addButton(QMessageBox::Apply, tr("Continue rollout")); switch (msg.exec()) { case QMessageBox::Ok: case QMessageBox::Cancel: return; case QMessageBox::Close: reject(); return; case QMessageBox::Apply: break; } } if (fromReqCB->isChecked() && !getSelectedReq()->verify()) { gotoTab(0); xcaWarningBox msg(this, tr("The verification of the Certificate request failed.\nThe rollout should be aborted.")); msg.addButton(QMessageBox::Ok, tr("Continue anyway")); msg.addButton(QMessageBox::Close, tr("Abort rollout")); if (msg.exec() == QMessageBox::Close) { reject(); } } if (description->text().isEmpty() && !fromReqCB->isChecked()) { QString cn = getX509name().getMostPopular(); if (cn.isEmpty()) { gotoTab(1); xcaWarningBox msg(this, tr("The internal name and the common name are empty.\nPlease set at least the internal name.")); msg.addButton(QMessageBox::Ok, tr("Edit name")); msg.addButton(QMessageBox::Close, tr("Abort rollout")); if (msg.exec() == QMessageBox::Close) { reject(); } return; } else { description->setText(cn); } } if (keyList->count() == 0 && keyList->isEnabled() && !fromReqCB->isChecked()) { gotoTab(1); xcaWarningBox msg(this, tr("There is no Key selected for signing.")); msg.addButton(QMessageBox::Ok, tr("Select key")); msg.addButton(QMessageBox::Close, tr("Abort rollout")); if (msg.exec() == QMessageBox::Close) { reject(); } return; } QString unsetDN; if (pt != tmpl) unsetDN = mandatoryDnRemain(); if (!unsetDN.isEmpty()) { gotoTab(1); QString text = tr("The following distinguished name entries are empty:\n%1\nthough you have declared them as mandatory in the options menu.").arg(unsetDN); xcaWarningBox msg(this, text); msg.addButton(QMessageBox::Ok, tr("Edit subject")); msg.addButton(QMessageBox::Close, tr("Abort rollout")); msg.addButton(QMessageBox::Apply, tr("Continue rollout")); switch (msg.exec()) { case QMessageBox::Ok: case QMessageBox::Cancel: return; case QMessageBox::Close: reject(); return; case QMessageBox::Apply: break; } } pki_key *signkey = NULL; pki_x509 *signer = NULL; if (foreignSignRB->isChecked()) { signer = getSelectedSigner(); if (signer) signkey = signer->getRefKey(); } else if (fromReqCB->isChecked()) { pki_x509req *req = getSelectedReq(); if (req) signkey = req->getRefKey(); } else { signkey = getSelectedKey(); } if ((!signkey || signkey->isPubKey()) && pt != tmpl) { QString txt; gotoTab(signer ? 0 : 1); xcaWarningBox msg(this, tr("The key you selected for signing is not a private one.")); txt = signer ? tr("Select other signer"):tr("Select other key"); msg.addButton(QMessageBox::Ok, txt); msg.addButton(QMessageBox::Close, tr("Abort rollout")); if (msg.exec() == QMessageBox::Close) { reject(); } return; } if (hashAlgo->count() > 0 && hashAlgo->current().isInsecure()) { gotoTab(0); xcaWarningBox msg(this, tr("The currently selected hash algorithm '%1' is insecure and should not be used.").arg(hashAlgo->current().name())); msg.addButton(QMessageBox::Ok, tr("Select other algorithm")); msg.addButton(QMessageBox::Yes, tr("Use algorithm anyway")); if (msg.exec() == QMessageBox::Ok) return; } if (signer && notBefore->getDate() < signer->getNotBefore()) { gotoTab(2); QString text = tr("The certificate will be earlier valid than the signer. This is probably not what you want."); xcaWarningBox msg(this, text); msg.addButton(QMessageBox::Ok, tr("Edit dates")); msg.addButton(QMessageBox::Close, tr("Abort rollout")); msg.addButton(QMessageBox::Apply, tr("Continue rollout")); msg.addButton(QMessageBox::Yes, tr("Adjust date and continue")); switch (msg.exec()) { case QMessageBox::Ok: case QMessageBox::Cancel: return; case QMessageBox::Close: reject(); return; case QMessageBox::Apply: break; case QMessageBox::Yes: notBefore->setDate(signer->getNotBefore()); } } if (signer && notAfter->getDate() > signer->getNotAfter() && !noWellDefinedExpDate->isChecked()) { gotoTab(2); QString text = tr("The certificate will be longer valid than the signer. This is probably not what you want."); xcaWarningBox msg(this, text); msg.addButton(QMessageBox::Ok, tr("Edit dates")); msg.addButton(QMessageBox::Close, tr("Abort rollout")); msg.addButton(QMessageBox::Apply, tr("Continue rollout")); msg.addButton(QMessageBox::Yes, tr("Adjust date and continue")); switch (msg.exec()) { case QMessageBox::Ok: case QMessageBox::Cancel: return; case QMessageBox::Close: reject(); return; case QMessageBox::Apply: break; case QMessageBox::Yes: notAfter->setDate(signer->getNotAfter()); } } if (validityBox->isEnabled() && notBefore->getDate() > notAfter->getDate()) { gotoTab(2); QString text = tr("The certificate will be out of date before it becomes valid. You most probably mixed up both dates."); xcaWarningBox msg(this, text); msg.addButton(QMessageBox::Ok, tr("Edit dates")); msg.addButton(QMessageBox::Close, tr("Abort rollout")); msg.addButton(QMessageBox::Apply, tr("Continue rollout")); switch (msg.exec()) { case QMessageBox::Ok: case QMessageBox::Cancel: return; case QMessageBox::Close: reject(); return; case QMessageBox::Apply: break; } } int r = do_validateExtensions(); if (r) { QString text; switch (r) { case 1: text = tr("The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab."); gotoTab(5); break; case 2: text = tr("The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate."); gotoTab(0); break; case 3: text = tr("The certificate contains invalid extensions."); gotoTab(2); break; } xcaWarningBox msg(this, text); msg.addButton(QMessageBox::Ok, tr("Edit extensions")); msg.addButton(QMessageBox::Close, tr("Abort rollout")); msg.addButton(QMessageBox::Apply, tr("Continue rollout")); switch (msg.exec()) { case QMessageBox::Ok: case QMessageBox::Cancel: return; case QMessageBox::Close: reject(); return; case QMessageBox::Apply: break; } } QString cn = xn.getEntryByNid(NID_commonName); QStringList san = subAltName->text().split(QRegularExpression(" *, *")); if (cn.isEmpty() && san.contains("DNS:copycn") && pt != tmpl) { gotoTab(2); xcaWarningBox msg(this, tr("The subject alternative name shall contain a copy of the common name. However, the common name is empty.")); msg.addButton(QMessageBox::Ok, tr("Edit extensions")); msg.addButton(QMessageBox::Close, tr("Abort rollout")); msg.addButton(QMessageBox::Apply, tr("Continue rollout")); switch (msg.exec()) { case QMessageBox::Ok: case QMessageBox::Cancel: return; case QMessageBox::Close: reject(); return; case QMessageBox::Apply: break; } } QDialog::accept(); } xca-RELEASE.2.5.0/widgets/NewX509.h000066400000000000000000000106651450407711300163200ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2012 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __NEWX509_H #define __NEWX509_H #include "ui_NewX509.h" #include "lib/oid.h" #include "kvView.h" #include #include class MainWindow; class extList; class pki_temp; class pki_x509req; class pki_x509super; class pki_x509; class pki_key; class QPixmap; class QListbox; class x509name; class x509v3ext; class extList; class nameEdit { public: int nid; QLineEdit *edit; QLabel *label; nameEdit(int n, QLineEdit *e, QLabel *l) { nid = n; edit = e; label = l; } }; class NewX509: public QDialog, public Ui::NewX509 { Q_OBJECT private: NIDlist aia_nid; NIDlist attr_nid; QList attrEdits; QList nameEdits; X509V3_CTX ext_ctx; void editV3ext(QLineEdit *le, QString types, int n); enum pki_type pt; enum pki_source pkiSource; void templateChanged(QString templatename); QString mandatoryDnRemain(); QStringList tabnames; QList unusedKeys, allKeys; pki_x509 *ctx_cert; QString v3ext_backup; kvmodel *extDNmodel; extList getExtDuplicates(); void checkIcon(const QString &text, int nid, QLabel*img); void selfComment(QString msg); QMap templateLineEdits; QMap templateCheckBoxes; pki_temp *caTemplate(pki_x509 *ca) const; void setupExplicitDN(NIDlist my_dn_nid); QList setupExplicitInputs(NIDlist nid_list, QWidget *parent, QWidget *old, int columns); public: NewX509(QWidget *w = nullptr); virtual ~NewX509(); void initCtx(); void setRequest(); // reduce to request form void setTemp(pki_temp *temp); // reduce to template form void setCert(); // reduce to certificate form void toTemplate(pki_temp *temp); void fromTemplate(pki_temp *temp); void defineTemplate(pki_temp *temp); void defineRequest(pki_x509req *req); void defineSigner(pki_x509 *defcert, bool applyTemp); void fromX509super(pki_x509super *cert_or_req, bool applyTemp); void templateChanged(pki_temp *templ); pki_key *getSelectedKey(); pki_x509 *getSelectedSigner(); pki_x509req *getSelectedReq(); x509name getX509name(int _throw = 0); void setX509name(const x509name &n); x509v3ext getBasicConstraints(); x509v3ext getSubKeyIdent(); x509v3ext getAuthKeyIdent(); x509v3ext getOCSPstaple(); x509v3ext getKeyUsage(); x509v3ext getEkeyUsage(); x509v3ext getSubAltName(); x509v3ext getIssAltName(); x509v3ext getCrlDist(); x509v3ext getAuthInfAcc(); extList getGuiExt(); extList getNetscapeExt(); extList getAdvanced(); extList getAllExt(); void setupTmpCtx(); void initCtx(pki_x509 *subj, pki_x509 *iss, pki_x509req *req); void switchHashAlgo(); void setReqAttributes(pki_x509req *req); void getReqAttributes(pki_x509req *req); int checkExtDuplicates(); void subjectFromTemplate(pki_temp *temp); void extensionsFromTemplate(pki_temp *temp); pki_temp *currentTemplate(); void gotoTab(int tab); void setupLineEditByNid(int nid, QLineEdit *l); int validateExtensions(QString nconf, QString &result); int do_validateExtensions(); void undo_validateExtensions(); enum pki_source getPkiSource() const; QList getAllRequests() const; QList getAllIssuers() const; QList getAllTempsAndPredefs() const; QList getUnusedKeys() const; QList getAllKeys() const; public slots: void on_fromReqCB_clicked(); void on_keyList_currentIndexChanged(int); void on_reqList_currentIndexChanged(int); void newKeyDone(pki_key *nkey); void on_applyTime_clicked(); void on_editSubAlt_clicked(); void on_editIssAlt_clicked(); void on_editCrlDist_clicked(); void on_editAuthInfAcc_clicked(); void on_foreignSignRB_toggled(bool checked); void on_genKeyBut_clicked(); void on_showReqBut_clicked(); void on_certList_currentIndexChanged(int index); void on_applyTemplate_clicked(); void on_applySubject_clicked(); void on_applyExtensions_clicked(); void on_adv_validate_clicked(); void on_usedKeysToo_toggled(bool checked); void on_tabWidget_currentChanged(int idx); void on_reqSubChange_clicked(); void accept(); void itemChanged(pki_base*); void setupExtDNwidget(const QString &s, QLineEdit *w); void checkSubAltName(const QString & text); void checkIssAltName(const QString & text); void checkCrlDist(const QString & text); void checkAuthInfAcc(const QString & text); }; #endif xca-RELEASE.2.5.0/widgets/NewX509_ext.cpp000066400000000000000000000150751450407711300175330ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "NewX509.h" #include #include #include #include #include #include #include "MainWindow.h" #include "lib/x509v3ext.h" #include "lib/BioByteArray.h" #include "lib/func.h" x509v3ext NewX509::getBasicConstraints() { QStringList cont; x509v3ext ext; QString ca[] = { "", "CA:TRUE", "CA:FALSE" }; if (basicCA->currentIndex() > 0) { if (bcCritical->isChecked()) cont << "critical"; cont << ca[basicCA->currentIndex()]; if (basicCA->currentIndex() == 1 && !basicPath->text().isEmpty()) { cont << QString("pathlen:") + QString::number(basicPath->text().toInt()); } ext.create(NID_basic_constraints, cont.join(", "), &ext_ctx); } return ext; } x509v3ext NewX509::getSubKeyIdent() { x509v3ext ext; if (subKey->isChecked()) ext.create(NID_subject_key_identifier, "hash", &ext_ctx); return ext; } x509v3ext NewX509::getOCSPstaple() { x509v3ext ext; if (OCSPstaple->isChecked()) ext.create(NID_tlsfeature, "status_request", &ext_ctx); return ext; } x509v3ext NewX509::getAuthKeyIdent() { x509v3ext ext; if (!authKey->isChecked() || !authKey->isEnabled()) return ext; QString x = "keyid,issuer"; ext.create(NID_authority_key_identifier, x, &ext_ctx); return ext; } x509v3ext NewX509::getKeyUsage() { QString keyusage[] = { "digitalSignature", "nonRepudiation", "keyEncipherment", "dataEncipherment", "keyAgreement", "keyCertSign", "cRLSign", "encipherOnly", "decipherOnly" }; QStringList cont; int rows = keyUsage->count(); for (int i=0; iitem(i)->isSelected()) cont << keyusage[i]; } if (kuCritical->isChecked() && cont.count() > 0) cont.prepend("critical"); return x509v3ext(NID_key_usage, cont.join(", "), &ext_ctx); } x509v3ext NewX509::getEkeyUsage() { QStringList cont; int rows = ekeyUsage->count(); for (int i=0; iitem(i)->isSelected()) cont << QString(OBJ_nid2sn(extkeyuse_nid[i])); } if (ekuCritical->isChecked() && cont.count() > 0) cont.prepend("critical"); return x509v3ext(NID_ext_key_usage, cont.join(", "), &ext_ctx); } x509v3ext NewX509::getSubAltName() { QString s = subAltName->text(); if (pt == x509_req) { QStringList sn, sl = s.split(','); foreach (QString str, sl) { if (str != "email:copy") sn += str; } s = sn.join(","); } return x509v3ext(NID_subject_alt_name, s, &ext_ctx); } x509v3ext NewX509::getIssAltName() { QString s = issAltName->text(); if (pt == x509_req) { QStringList sn, sl = s.split(','); foreach (QString str, sl) { if (str != "issuer:copy") sn += str; } s = sn.join(","); } return x509v3ext(NID_issuer_alt_name, s, &ext_ctx); } x509v3ext NewX509::getCrlDist() { return x509v3ext(NID_crl_distribution_points, crlDist->text(), &ext_ctx); } x509v3ext NewX509::getAuthInfAcc() { return x509v3ext(NID_info_access, authInfAcc->text(), &ext_ctx); } extList NewX509::getAdvanced() { QString conf_str; CONF *conf; extList elist; long err_line=0; STACK_OF(X509_EXTENSION) **sk, *sk_tmp = NULL; const STACK_OF(X509_EXTENSION) *csk; const char *ext_name = "default"; int ret, start; if (nconf_data->isReadOnly()) { conf_str = v3ext_backup; } else { conf_str = nconf_data->toPlainText(); } if (conf_str.isEmpty()) return elist; conf = NCONF_new(NULL); ret = NCONF_load_bio(conf, BioByteArray(conf_str.toLatin1()).ro(), &err_line); if (ret != 1) { openssl_error_msg(tr("Configfile error on line %1\n"). arg(err_line)); return elist; } if (ext_ctx.subject_cert) { csk = X509_get0_extensions(ext_ctx.subject_cert); start = csk? sk_X509_EXTENSION_num(csk): 0; } else { sk = &sk_tmp; start = 0; } X509V3_set_nconf(&ext_ctx, conf); if (ext_ctx.subject_cert) { if (X509V3_EXT_add_nconf(conf, &ext_ctx, (char *) ext_name, ext_ctx.subject_cert)) openssl_error(); csk = X509_get0_extensions(ext_ctx.subject_cert); } else { if (X509V3_EXT_add_nconf_sk(conf, &ext_ctx, (char *)ext_name, sk)) openssl_error(); csk = *sk; } elist.setStack(csk, start); if (!ext_ctx.subject_cert) sk_X509_EXTENSION_pop_free(sk_tmp, X509_EXTENSION_free); X509V3_set_nconf(&ext_ctx, NULL); NCONF_free(conf); openssl_error(); return elist; } extList NewX509::getGuiExt() { extList ne; ne << getBasicConstraints(); ne << getSubKeyIdent(); ne << getAuthKeyIdent(); ne << getKeyUsage(); ne << getEkeyUsage(); ne << getSubAltName(); ne << getIssAltName(); ne << getCrlDist(); ne << getAuthInfAcc(); ne << getOCSPstaple(); openssl_error(); return ne; } extList NewX509::getAllExt() { extList ne; ne = getGuiExt(); ne += getAdvanced(); if (!Settings["disable_netscape"]) ne += getNetscapeExt(); ne.delInvalid(); return ne; } extList NewX509::getNetscapeExt() { QString certTypeList[] = { "client", "server", "email", "objsign", "sslCA", "emailCA", "objCA" }; QStringList cont; x509v3ext ext; extList el; int rows = nsCertType->count(); for (int i=0; iitem(i)->isSelected()) cont << certTypeList[i]; } el << x509v3ext(NID_netscape_cert_type, cont.join(", "), &ext_ctx); el << ext.create_ia5(NID_netscape_base_url, nsBaseUrl->text(), &ext_ctx); el << ext.create_ia5(NID_netscape_revocation_url, nsRevocationUrl->text(), &ext_ctx); el << ext.create_ia5(NID_netscape_ca_revocation_url, nsCARevocationUrl->text(), &ext_ctx); el << ext.create_ia5(NID_netscape_renewal_url, nsRenewalUrl->text(), &ext_ctx); el << ext.create_ia5(NID_netscape_ca_policy_url, nsCaPolicyUrl->text(), &ext_ctx); el << ext.create_ia5(NID_netscape_ssl_server_name, nsSslServerName->text(), &ext_ctx); el << ext.create_ia5(NID_netscape_comment, nsComment->text(), &ext_ctx); return el; } void NewX509::initCtx(pki_x509 *subj, pki_x509 *iss, pki_x509req *req) { X509 *s = NULL, *s1 = NULL; X509_REQ *r = NULL; if (subj) s1 = subj->getCert(); if (iss) s = iss->getCert(); if (req) r = req->getReq(); X509V3_set_ctx(&ext_ctx, s, s1, r, NULL, 0); } extList NewX509::getExtDuplicates() { int i, start, cnt, n1, n; x509v3ext e; const STACK_OF(X509_EXTENSION) *sk; extList el_dup, el; QString olist; if (ext_ctx.subject_cert) { sk = X509_get0_extensions(ext_ctx.subject_cert); } else return el_dup; el.setStack(sk, 0); cnt = el.size(); for (start=0; start < cnt; start++) { n1 = el[start].nid(); for (i = start+1; i #include "OidResolver.h" #include "lib/oid.h" #include "lib/base.h" #include "lib/func.h" #include "lib/exception.h" OidResolver::OidResolver(QWidget *parent) :QWidget(parent) { setupUi(this); setWindowTitle(XCA_TITLE); } void OidResolver::searchOid(QString s) { bool ok; int n; if (input->text() != s) // Avoid moving the cursor at end if unchanged. input->setText(s); s = s.trimmed(); n = s.toUInt(&ok); if (!ok) n = OBJ_txt2nid(CCHAR(s)); if (n == NID_undef) { const char *clash = oid_name_clash[s]; if (clash) n = OBJ_txt2nid(clash); } QString lo = s.toLower(); if (n == NID_undef && s != lo) n = OBJ_txt2nid(CCHAR(lo)); if (n == NID_undef && oid_lower_map.contains(lo)) n = oid_lower_map[lo]; ign_openssl_error(); if (n == NID_undef) { ln->clear(); sn->clear(); oid->clear(); nid->clear(); } else { const ASN1_OBJECT *a = OBJ_nid2obj(n); ln->setText(OBJ_nid2ln(n)); sn->setText(OBJ_nid2sn(n)); nid->setText(QString("%1").arg(n)); if (a) { try { oid->setText(OBJ_obj2QString(a, 1)); } catch (errorEx &) { oid->clear(); } } else { oid->clear(); } } ign_openssl_error(); show(); raise(); } xca-RELEASE.2.5.0/widgets/OidResolver.h000066400000000000000000000005321450407711300174260ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2015 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __OID_RESOLVER_H #define __OID_RESOLVER_H #include "ui_OidResolver.h" class OidResolver: public QWidget, public Ui::OidResolver { Q_OBJECT public: OidResolver(QWidget *w); public slots: void searchOid(QString s); }; #endif xca-RELEASE.2.5.0/widgets/OpenDb.cpp000066400000000000000000000066101450407711300166760ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2017 Christian Hohnstaedt. * * All rights reserved. */ #include #include #include #include #include "MainWindow.h" #include "OpenDb.h" #include "XcaWarning.h" #include "lib/base.h" #include "lib/dbhistory.h" DbMap OpenDb::databases { { "QPSQL", "PostgreSQL" }, { "QMYSQL", "MySQL / MariaDB" }, { "QODBC", "Open Database Connectivity (ODBC)" } }; void OpenDb::initDatabases() { QStringList list = QSqlDatabase::drivers(); qDebug() << "SQL Plugins:" << list.join(",");; foreach (QString driver, databases.keys()) { if (!list.contains(driver)) databases.take(driver); { QSqlDatabase db = QSqlDatabase::addDatabase(driver, driver + "_C"); if (!db.isValid()) { qDebug() << "Database" << driver << "is Invalid"; databases.take(driver); } } QSqlDatabase::removeDatabase(driver + "_C"); } qDebug() << "Valid Remote DB Drivers: " << databases.size() << "[" << databases.keys().join(",") << "]"; } bool OpenDb::hasSqLite() { return QSqlDatabase::isDriverAvailable("QSQLITE"); } void OpenDb::driver_selected() { if (getDbType() == "QODBC") dbName_label->setText("DSN"); else dbName_label->setText(tr("Database name")); } bool OpenDb::hasRemoteDrivers() { return databases.size() > 0; } void OpenDb::fillDbDropDown(const QString ¤t) { dbType->clear(); foreach(QString driver, databases.keys()) { dbType->insertItem(0, databases[driver], driver); if (driver == current) dbType->setCurrentIndex(0); } if (dbType->count() == 1) { dbType->setCurrentIndex(0); } } void OpenDb::setupDatabaseName(const QString &db) { if (!database_model::isRemoteDB(db)) return; DbMap remote_param = database_model::splitRemoteDbName(db); userName->setText(remote_param["user"]); hostName->setText(remote_param["host"]); dbName->setText(remote_param["dbname"]); prefix->setText(remote_param["prefix"]); fillDbDropDown(remote_param["type"]); } OpenDb::OpenDb(QWidget *parent, const QString &db) :QDialog(parent) { setupUi(this); setWindowTitle(XCA_TITLE); fillDbDropDown(QString()); if (database_model::isRemoteDB(db)) { setupDatabaseName(db); sqlite = false; show_connection_settings = true; } else if (hasSqLite() && !db.isEmpty()) { dbName->setText(db); sqlite = true; show_connection_settings = false; } else { sqlite = false; show_connection_settings = true; } driver_selected(); connect(dbType, SIGNAL(currentIndexChanged(int)), this, SLOT(driver_selected())); } QString OpenDb::getDbType() const { return sqlite ? hasSqLite() ? QString("QSQLITE") : QString("") : dbType->itemData(dbType->currentIndex()).toString(); } void OpenDb::checkSqLite() { if (hasSqLite()) return; XCA_WARN(tr("No SqLite3 driver available. Please install the qt-sqlite package of your distribution")); } QString OpenDb::getDescriptor() const { QString pref = prefix->text(); if (!pref.isEmpty()) pref = QString("#%1").arg(pref.toLower()); return sqlite ? dbName->text() : QString("%1@%2/%3:%4%5") .arg(userName->text()) .arg(hostName->text()) .arg(getDbType()) .arg(dbName->text()) .arg(pref); } int OpenDb::exec() { if (!hasSqLite() && !hasRemoteDrivers()) return 0; if (!show_connection_settings) return 1; setupDatabaseName(dbhistory::getLastRemote()); bool ret = QDialog::exec(); if (ret && !sqlite) dbhistory::setLastRemote(getDescriptor()); return ret; } xca-RELEASE.2.5.0/widgets/OpenDb.h000066400000000000000000000015101450407711300163350ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2017 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __OPENDB_H #define __OPENDB_H #include "lib/database_model.h" #include "ui_OpenDb.h" #include #include class OpenDb: public QDialog, public Ui::OpenDb { Q_OBJECT private: static DbMap databases; static QString lastRemote; bool sqlite, show_connection_settings; void setupDatabaseName(const QString &db); QString getDbType() const; void fillDbDropDown(const QString ¤t); public: static void initDatabases(); OpenDb(QWidget *parent, const QString &db); QString getDescriptor() const; static bool hasSqLite(); static void checkSqLite(); static bool hasRemoteDrivers(); static void setLastRemote(const QString &db); public slots: int exec(); void driver_selected(); }; #endif xca-RELEASE.2.5.0/widgets/Options.cpp000066400000000000000000000124221450407711300171600ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2012 Christian Hohnstaedt. * * All rights reserved. */ #include "lib/func.h" #include "lib/load_obj.h" #include "Options.h" #include "SearchPkcs11.h" #include "XcaWarning.h" #include "Help.h" #include "lib/pki_scard.h" #include "lib/oid.h" #include #include #include Options::Options(QWidget *parent) :QDialog(parent) { setWindowTitle(XCA_TITLE); setupUi(this); mainwin->helpdlg->register_ctxhelp_button(this, "options"); foreach(int nid, distname_nid) { QString n = OBJ_nid2ln(nid); extDNobj->addItem(n); expDNobj->addItem(n); } string_opts << "MASK:0x2002" << "pkix" << "nombstr" << "utf8only" << "default"; QStringList s; s << tr("Printable string or UTF8 (default)") << tr("PKIX recommendation in RFC2459") << tr("No BMP strings, only printable and T61") << tr("UTF8 strings only (RFC2459)") << tr("All strings"); mbstring->addItems(s); mbstring->setCurrentIndex(string_opts.indexOf( QString(Settings["string_opt"]))); searchP11 = NULL; transDnEntries->setText(transDnEntries->text() .arg(OBJ_nid2ln(NID_commonName)) .arg(dn_translations[NID_commonName])); setDnString(Settings["mandatory_dn"], extDNlist); setDnString(Settings["explicit_dn"], expDNlist); suppress->setCheckState(Settings["suppress_messages"]); noColorize->setCheckState(Settings["no_expire_colors"]); transDnEntries->setCheckState(Settings["translate_dn"]); onlyTokenHashes->setCheckState(Settings["only_token_hashes"]); disableNetscape->setCheckState(Settings["disable_netscape"]); adapt_explicit_subj->setCheckState(Settings["adapt_explicit_subj"]); QStringList units; QString x = Settings["ical_expiry"]; units << tr("Days") << "D" << tr("Weeks") << "W"; ical_expiry_unit->addItemsData(units, x.right(1)); x.chop(1); ical_expiry_num->setText(x); units << "%" << "%"; x = QString(Settings["cert_expiry"]); cert_expiry_unit->addItemsData(units, x.right(1)); x.chop(1); cert_expiry_num->setText(x); serial_len->setValue(Settings["serial_len"]); pkcs11List->setModel(&pkcs11::libraries); pkcs11List->showDropIndicator(); pkcs11List->setSelectionMode(QAbstractItemView::ExtendedSelection); } Options::~Options() { delete searchP11; } void Options::on_extDNadd_clicked() { extDNlist->addItem(extDNobj->currentText()); } void Options::on_extDNdel_clicked() { extDNlist->takeItem(extDNlist->currentRow()); } void Options::on_expDNadd_clicked() { expDNlist->addItem(expDNobj->currentText()); } void Options::on_expDNdel_clicked() { expDNlist->takeItem(expDNlist->currentRow()); } void Options::on_expDNdefault_clicked() { setDnString(Settings.defaults("explicit_dn"), expDNlist); } void Options::setDnString(QString dn, QListWidget *w) { QStringList dnl; if (!dn.isEmpty()) dnl = dn.split(","); w->clear(); for (int i=0; i < dnl.count(); i++) { int nid = OBJ_sn2nid(CCHAR(dnl[i])); w->addItem(OBJ_nid2ln(nid)); } } QString Options::getDnString(QListWidget *w) { QStringList dn; for (int j=0; jcount(); j++) { int nid = OBJ_ln2nid(CCHAR(w->item(j)->text())); dn << QString(OBJ_nid2sn(nid)); } return dn.join(","); } int Options::exec() { if (QDialog::exec() == QDialog::Rejected) return QDialog::Rejected; Transaction; if (!TransBegin()) return QDialog::Rejected; Settings["suppress_messages"] = suppress->checkState(); Settings["no_expire_colors"] = noColorize->checkState(); Settings["translate_dn"] = transDnEntries->checkState(); Settings["only_token_hashes"] = onlyTokenHashes->checkState(); Settings["disable_netscape"] = disableNetscape->checkState(); Settings["default_hash"] = hashAlgo->current().name(); Settings["pkcs12_enc_algo"] = pkcs12EncAlgo->current().name(); Settings["mandatory_dn"] = getDnString(extDNlist); Settings["explicit_dn"] = getDnString(expDNlist); Settings["string_opt"] = string_opts[mbstring->currentIndex()]; Settings["pkcs11path"] = pkcs11::libraries.getPkcs11Provider(); Settings["cert_expiry"] = cert_expiry_num->text() + cert_expiry_unit->currentItemData().toString(); Settings["ical_expiry"] = ical_expiry_num->text() + ical_expiry_unit->currentItemData().toString(); Settings["serial_len"] = serial_len->value(); Settings["adapt_explicit_subj"] = adapt_explicit_subj->checkState(); return TransCommit() ? QDialog::Accepted : QDialog::Rejected; } void Options::on_addButton_clicked(void) { load_pkcs11 l; QString fname; fname = QFileDialog::getOpenFileName(this, l.caption, getLibDir(), l.filter); addLib(fname); } void Options::addLib(QString fname) { fname = QFileInfo(fname).canonicalFilePath(); pkcs11_lib *l = pkcs11::libraries.add_lib(fname); if (searchP11 && l) QToolTip::showText(searchP11->mapToGlobal( QPoint(0,0)), l->driverInfo().trimmed()); } void Options::on_removeButton_clicked(void) { QList indexes; foreach(QModelIndex i, pkcs11List->selectionModel()->selectedIndexes()) indexes << i.row(); /* Delete from highest to lowest index */ std::sort(indexes.begin(), indexes.end(), std::greater()); foreach(int i, indexes) pkcs11List->model()->removeRow(i); } void Options::on_searchPkcs11_clicked(void) { if (!searchP11) { searchP11 = new SearchPkcs11(this, getLibDir()); connect(searchP11, SIGNAL(addLib(QString)), this, SLOT(addLib(QString))); } searchP11->show(); } xca-RELEASE.2.5.0/widgets/Options.h000066400000000000000000000015361450407711300166310ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 20012 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __OPTIONS_H #define __OPTIONS_H #include "ui_Options.h" #include #include "lib/base.h" #include "SearchPkcs11.h" #include "MainWindow.h" class Options: public QDialog, public Ui::Options { Q_OBJECT private: SearchPkcs11 *searchP11; QStringList string_opts; QString getDnString(QListWidget *w); void setDnString(QString dn, QListWidget *w); public: Options(QWidget *parent); ~Options(); int exec(); public slots: void on_extDNadd_clicked(); void on_extDNdel_clicked(); void on_expDNadd_clicked(); void on_expDNdel_clicked(); void on_expDNdefault_clicked(); void on_addButton_clicked(void); void on_removeButton_clicked(void); void on_searchPkcs11_clicked(void); void addLib(QString); }; #endif xca-RELEASE.2.5.0/widgets/PwDialog.cpp000066400000000000000000000047241450407711300172410ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "lib/func.h" #include "lib/base.h" #include "lib/Passwd.h" #include "lib/exception.h" #include "XcaWarning.h" #include "PwDialog.h" #include static int hex2bin(QString &x, Passwd *final) { bool ok = false; int len = x.length(); if (len % 2) return -1; len /= 2; final->clear(); for (int i=0; iappend((x.mid(i*2, 2).toInt(&ok, 16)) & 0xff); if (!ok) return -1; } return len; } enum open_result PwDialogUI::execute(pass_info *p, Passwd *passwd, bool write, bool abort) { PwDialog *dlg = new PwDialog(p, write); if (abort) dlg->addAbortButton(); enum open_result result = (enum open_result)dlg->exec(); *passwd = dlg->getPass(); delete dlg; if (result == pw_exit) throw pw_exit; return result; } PwDialog::PwDialog(pass_info *p, bool write) :QDialog(p->getWidget()) { pi = p; setupUi(this); image->setPixmap(QPixmap(pi->getImage())); description->setText(pi->getDescription()); title->setText(pi->getType()); if (!pi->getTitle().isEmpty()) setWindowTitle(pi->getTitle()); else setWindowTitle(XCA_TITLE); if (pi->getType() != "PIN") takeHex->hide(); setRW(write); } void PwDialog::setRW(bool write) { wrDialog = write; if (write) { label->setText(pi->getType()); repeatLabel->setText(tr("Repeat %1").arg(pi->getType())); label->show(); passA->show(); } else { repeatLabel->setText(pi->getType()); label->hide(); passA->hide(); } } void PwDialog::accept() { if (wrDialog && (passA->text() != passB->text())) { XCA_WARN(tr("%1 mismatch").arg(pi->getType())); return; } QString pw = passB->text(); if (takeHex->isChecked()) { int ret = hex2bin(pw, &final); if (ret == -1) { XCA_WARN(tr("Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters")); return; } } else { final = pw.toLatin1(); } QDialog::accept(); } void PwDialog::buttonPress(QAbstractButton *but) { qDebug() << "buttonBox->standardButton(but)" << buttonBox->buttonRole(but) << QDialogButtonBox::DestructiveRole; switch (buttonBox->buttonRole(but)) { case QDialogButtonBox::AcceptRole: accept(); break; case QDialogButtonBox::RejectRole: reject(); break; case QDialogButtonBox::ResetRole: done(pw_exit); break; default: break; } } void PwDialog::addAbortButton() { buttonBox->addButton(tr("Exit"), QDialogButtonBox::ResetRole); } xca-RELEASE.2.5.0/widgets/PwDialog.h000066400000000000000000000015171450407711300167030ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2011 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PWDIALOG_H #define __PWDIALOG_H #include "ui_PwDialog.h" #include "lib/PwDialogCore.h" #include "lib/pass_info.h" class PwDialog: public QDialog, public Ui::PwDialog { Q_OBJECT private: bool wrDialog; Passwd final; pass_info *pi; public: PwDialog(pass_info *p, bool write = false); Passwd getPass() { return final; } void addAbortButton(); void setRW(bool write); enum open_result execute(pass_info *p, Passwd *passwd, bool write = false, bool abort = false); public slots: void accept(); void buttonPress(QAbstractButton *but); }; class PwDialogUI: public PwDialogUI_i { enum open_result execute(pass_info *p, Passwd *passwd, bool write = false, bool abort = false); }; #endif xca-RELEASE.2.5.0/widgets/ReqTreeView.cpp000066400000000000000000000034211450407711300177260ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2015 Christian Hohnstaedt. * * All rights reserved. */ #include "lib/pki_x509req.h" #include "lib/load_obj.h" #include "ReqTreeView.h" #include "MainWindow.h" #include "ExportDialog.h" #include #include #include void ReqTreeView::fillContextMenu(QMenu *menu, QMenu *subExport, const QModelIndex &index, QModelIndexList indexes) { X509SuperTreeView::fillContextMenu(menu, subExport, index, indexes); pki_x509req *req = db_base::fromIndex(index); if (indexes.size() != 1 || !req) return; menu->addAction(tr("Sign"), this, SLOT(signReq())); if (req->getDone()) menu->addAction(tr("Unmark signed"), this, SLOT(unmarkSigned())); else menu->addAction(tr("Mark signed"), this, SLOT(markSigned())); if (transform) { transform->addAction(tr("Similar Request"), this, SLOT(toRequest())); } } void ReqTreeView::signReq() { pki_x509req *req = db_base::fromIndex(currentIndex()); db_x509 *certs = Database.model(); certs->newCert(req); } void ReqTreeView::toRequest() { pki_x509req *req = db_base::fromIndex(currentIndex()); if (basemodel) reqs()->newItem(NULL, req); } void ReqTreeView::markSigned() { if (basemodel) reqs()->setSigned(currentIndex(), true); } void ReqTreeView::unmarkSigned() { if (basemodel) reqs()->setSigned(currentIndex(), false); } void ReqTreeView::load(void) { load_req l; load_default(&l); } ExportDialog *ReqTreeView::exportDialog(const QModelIndexList &indexes) { return new ExportDialog(this, tr("Certificate request export"), tr("Certificate request ( *.pem *.der *.csr )"), indexes, QPixmap(":csrImg"), pki_export::select(x509_req, basemodel->exportFlags(indexes)), "csrexport"); } xca-RELEASE.2.5.0/widgets/ReqTreeView.h000066400000000000000000000013071450407711300173740ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2015 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __REQTREEVIEW_H #define __REQTREEVIEW_H #include "X509SuperTreeView.h" #include "lib/db_x509req.h" class ReqTreeView: public X509SuperTreeView { Q_OBJECT db_x509req *reqs() const { return dynamic_cast(basemodel); } public: ReqTreeView(QWidget *parent) : X509SuperTreeView(parent) { } void fillContextMenu(QMenu *menu, QMenu *subExport, const QModelIndex &index, QModelIndexList indexes); ExportDialog *exportDialog(const QModelIndexList &indexes); public slots: void toRequest(); void signReq(); void markSigned(); void unmarkSigned(); void load(); }; #endif xca-RELEASE.2.5.0/widgets/RevocationList.cpp000066400000000000000000000134651450407711300205020ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2015 Christian Hohnstaedt. * * All rights reserved. */ #include #include #include "RevocationList.h" #include "MainWindow.h" #include "NewCrl.h" #include "Help.h" #include "lib/asn1int.h" #include "lib/pki_x509.h" enum revCol { Cnumber, Cserial, Cdate, Creason, CiDate, Cmax }; class revListItem : public QTreeWidgetItem { public: revListItem(QTreeWidget *w) : QTreeWidgetItem(w) { }; bool operator < (const QTreeWidgetItem &other) const { int col = treeWidget()->sortColumn(); switch (col) { case Cserial: { return a1int(text(Cserial)) < a1int(other.text(Cserial)); } case Cnumber: return text(Cnumber).toLong() < other.text(Cnumber).toLong(); default: return QTreeWidgetItem::operator < (other); } } }; static void setup_revRevItem(QTreeWidgetItem *item, const x509rev &revit, const pki_x509 *iss) { pki_x509 *rev = iss ? iss->getBySerial(revit.getSerial()) : NULL; if (rev != NULL) { for (int i = 0; i < Cmax; i++) item->setToolTip(i, rev->getIntName()); } item->setText(Cserial, revit.getSerial()); item->setText(Cdate, revit.getDate().toSortable()); item->setText(Creason, revit.getReason()); item->setTextAlignment(Cnumber, Qt::AlignRight); item->setTextAlignment(Cserial, Qt::AlignRight); a1time a = revit.getInvalDate(); if (!a.isUndefined()) item->setText(CiDate, a.toSortable()); } static void addRevItem(QTreeWidget *certList, const x509rev &revit, int no, const pki_x509 *iss) { revListItem *current; current = new revListItem(certList); current->setText(Cnumber, QString("%1").arg(no)); setup_revRevItem(current, revit, iss); } void RevocationList::setupRevocationView(QTreeWidget *certList, const x509revList &revList, const pki_x509 *iss) { QStringList sl; int cols, i; certList->clear(); sl << tr("No.") << tr("Serial") << tr("Revocation") << tr("Reason") << tr("Invalidation"); cols = sl.size(); certList->setColumnCount(cols); certList->setHeaderLabels(sl); certList->setItemsExpandable(false); certList->setRootIsDecorated(false); certList->sortItems(Cnumber, Qt::AscendingOrder); i=1; foreach(x509rev revit, revList) { addRevItem(certList, revit, i++, iss); } for (i=0; iresizeColumnToContents(i); certList->setSortingEnabled(true); certList->setSelectionBehavior(QAbstractItemView::SelectRows); certList->setSelectionMode(QAbstractItemView::ExtendedSelection); } RevocationList::RevocationList(QWidget *w) : QDialog(w ? w : mainwin) { QPushButton *genCrl; setupUi(this); setWindowTitle(XCA_TITLE); image->setPixmap(QPixmap(":revImg")); mainwin->helpdlg->register_ctxhelp_button(this, "crlmanage"); genCrl = buttonBox->addButton(tr("Generate CRL"), QDialogButtonBox::ActionRole); connect(genCrl, SIGNAL(clicked()), this, SLOT(gencrl())); } void RevocationList::gencrl() { issuer->setRevocations(getRevList()); NewCrl::newCrl(this, issuer); } void RevocationList::setRevList(const x509revList &rl, pki_x509 *iss) { issuer = iss; revList = rl; setupRevocationView(certList, revList, issuer); } const x509revList &RevocationList::getRevList() { return revList; } void RevocationList::on_addRev_clicked() { Revocation *revoke = new Revocation(QModelIndexList(), this); if (revoke->exec()) { x509rev revit = revoke->getRevocation(); revList << revit; addRevItem(certList, revit, revList.size(), issuer); } } void RevocationList::on_delRev_clicked() { QTreeWidgetItem *current = certList->currentItem(); x509rev rev; int idx; if (!current) return; idx = certList->indexOfTopLevelItem(current); certList->takeTopLevelItem(idx); rev.setSerial(a1int(current->text(Cserial))); idx = revList.indexOf(rev); if (idx != -1) revList.takeAt(idx); } void RevocationList::on_editRev_clicked() { on_certList_itemDoubleClicked(certList->currentItem()); } void RevocationList::on_certList_itemDoubleClicked(QTreeWidgetItem *current) { x509rev rev; int idx; if (!current) return; rev.setSerial(a1int(current->text(Cserial))); idx = revList.indexOf(rev); if (idx == -1) return; rev = revList[idx]; Revocation *revoke = new Revocation(QModelIndexList(), this); revoke->setRevocation(rev); if (revoke->exec()) { a1time a1 = rev.getDate(); rev = revoke->getRevocation(); rev.setDate(a1); revList[idx] = rev; setup_revRevItem(current, rev, issuer); } delete revoke; } Revocation::Revocation(QModelIndexList indexes, QWidget *w) : QDialog(w ? w : mainwin) { setupUi(this); setWindowTitle(XCA_TITLE); mainwin->helpdlg->register_ctxhelp_button(this, "crlrevocation"); reason->addItems(x509rev::crlreasons()); invalid->setNow(); if (indexes.size() > 1) { QList serials; QStringList sl; serial->setText(QString("Batch revocation of %1 Certificates"). arg(indexes.size())); foreach(QModelIndex idx, indexes) { pki_x509 *cert = db_base::fromIndex(idx); if (cert) serials << cert->getSerial(); } std::sort(serials.begin(), serials.end()); foreach(a1int a, serials) sl << a; serial->setToolTip(sl.join("\n")); serial->setEnabled(false); } else if (indexes.size() == 1) { pki_x509 *cert = db_base::fromIndex(indexes[0]); serial->setText(cert->getSerial()); serial->setEnabled(false); } else { serial->setValidator( new QRegularExpressionValidator( QRegularExpression("[A-Fa-f0-9]+"), serial)); } } x509rev Revocation::getRevocation() { x509rev r; r.setSerial(a1int(serial->text())); r.setInvalDate(invalid->getDate()); r.setDate(a1time()); r.setCrlNo(0); r.setReason(reason->currentText()); return r; } void Revocation::setRevocation(x509rev r) { serial->setText(r.getSerial()); invalid->setDate(r.getInvalDate()); int i = reason->findText(r.getReason()); if (i == -1) i = 0; reason->setCurrentIndex(i); } xca-RELEASE.2.5.0/widgets/RevocationList.h000066400000000000000000000020241450407711300201340ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2015 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __REVOCATIONLIST_H #define __REVOCATIONLIST_H #include "ui_RevocationList.h" #include "ui_Revoke.h" #include "lib/x509rev.h" #include class pki_x509; class RevocationList: public QDialog, public Ui::RevocationList { Q_OBJECT private: x509revList revList; pki_x509 *issuer; public: static void setupRevocationView(QTreeWidget *certList, const x509revList &revList, const pki_x509 *iss); RevocationList(QWidget *w = nullptr); void setRevList(const x509revList &rl, pki_x509 *issuer); const x509revList &getRevList(); public slots: void on_addRev_clicked(); void on_delRev_clicked(); void on_editRev_clicked(); void gencrl(); void on_certList_itemDoubleClicked(QTreeWidgetItem *); }; class Revocation: public QDialog, public Ui::Revoke { Q_OBJECT public: Revocation(QModelIndexList indexes, QWidget *w = nullptr); x509rev getRevocation(); void setRevocation(x509rev r); }; #endif xca-RELEASE.2.5.0/widgets/SearchPkcs11.cpp000066400000000000000000000077001450407711300177200ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2011 Christian Hohnstaedt. * * All rights reserved. */ #include "SearchPkcs11.h" #include "lib/base.h" #include "lib/func.h" #include "lib/pkcs11_lib.h" #include #include #include #include #include #include #include SearchPkcs11::SearchPkcs11(QWidget *parent, const QString &fname) :QDialog(parent) { setupUi(this); filename->setText(nativeSeparator(fname)); setWindowTitle(XCA_TITLE); liblist->setSelectionMode(QAbstractItemView::ExtendedSelection); searching = NULL; } SearchPkcs11::~SearchPkcs11() { if (searching) search->click(); } void SearchPkcs11::on_fileBut_clicked() { QString s = QFileDialog::getExistingDirectory(this, QString(XCA_TITLE), filename->text()); if (!s.isEmpty()) filename->setText(nativeSeparator(s)); } void SearchPkcs11::on_search_clicked() { if (searching) { return; } searching = new searchThread(filename->text(), getLibExtensions(), subdirs->isChecked()); liblist->clear(); connect(searching, SIGNAL(updateLibs(QString)), this, SLOT(updateLibs(QString))); connect(searching, SIGNAL(updateCurrFile(QString)), this, SLOT(updateCurrFile(QString))); connect(searching, SIGNAL(finished()), this, SLOT(finishSearch())); connect(search, SIGNAL(clicked()), searching, SLOT(cancelSearch())); search->setText("Cancel"); searching->start(); } void SearchPkcs11::finishSearch() { search->setText("Start"); currFile->setText(tr("The following files are possible PKCS#11 libraries")); if (!searching) return; searching->wait(1000); delete searching; searching = NULL; } void SearchPkcs11::buttonPress(QAbstractButton *but) { QList libitems; QListWidgetItem *lib; switch (buttonBox->standardButton(but)) { case QDialogButtonBox::Ok: accept(); break; default: case QDialogButtonBox::Cancel: reject(); break; case QDialogButtonBox::Open: libitems = liblist->selectedItems(); foreach(lib, libitems) loadItem(lib); break; } } void SearchPkcs11::loadItem(QListWidgetItem *lib) { emit addLib(lib->whatsThis()); delete lib; } void SearchPkcs11::updateCurrFile(QString f) { f = nativeSeparator(f); int len = f.length(); QString reduced = f; QFontMetrics fm(currFile->font()); currFile->setToolTip(f); #if (QT_VERSION >= QT_VERSION_CHECK(5, 11, 0)) while ((currFile->width() < (fm.horizontalAdvance(reduced) -10)) && #else while ((currFile->width() < (fm.width(reduced) -10)) && #endif (len > 0)) { len -= 10; reduced = compressFilename(f, len); } currFile->setText(reduced); currFile->update(); } void SearchPkcs11::updateLibs(QString f) { QListWidgetItem *i = new QListWidgetItem(nativeSeparator(f)); i->setWhatsThis(f); liblist->addItem(i); liblist->update(); } searchThread::searchThread(QString _dir, const QStringList _ext, bool _recursive) { dirname = _dir; ext = _ext; recursive = _recursive; keepOnRunning = true; } void searchThread::cancelSearch() { keepOnRunning = false; } bool searchThread::checkLib(QString file) { qint64 siz; int r = -1; QFile qf(file); siz = qf.size(); if (qf.open(QIODevice::ReadOnly)) { uchar *p = qf.map(0, siz); r = QByteArray::fromRawData((char*)p, siz) .indexOf("C_GetFunctionList"); qf.unmap(p); qf.close(); } return r != -1; } void searchThread::search(QString mydir) { QDir dir = QDir(mydir); QStringList files = dir.entryList( QStringList(ext), QDir::Files | QDir::Readable); while (!files.isEmpty() && keepOnRunning) { QString file = files.takeFirst(); if (file.isEmpty()) continue; file = mydir + "/" + file; emit updateCurrFile(file); if (checkLib(file)) emit updateLibs(file); } if (recursive && keepOnRunning) { QString d; QStringList dirs = dir.entryList(QStringList(), QDir::AllDirs | QDir::NoDotAndDotDot); foreach(d, dirs) { if (!keepOnRunning) break; QString s = mydir + "/" + d; emit updateCurrFile(s); search(s); } } } xca-RELEASE.2.5.0/widgets/SearchPkcs11.h000066400000000000000000000022531450407711300173630ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2011 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __SEARCHPKCS11DIALOG_H #define __SEARCHPKCS11DIALOG_H #include #include "ui_SearchPkcs11.h" class SearchPkcs11; class searchThread: public QThread { Q_OBJECT protected: QString dirname; QStringList ext; bool recursive; bool keepOnRunning; bool checkLib(QString file); public: searchThread(QString _dir, const QStringList _ext, bool _recursive); void search(QString mydir); void run() { search(dirname); } public slots: void cancelSearch(); signals: void updateCurrFile(QString f); void updateLibs(QString f); }; class SearchPkcs11: public QDialog, public Ui::SearchPkcs11 { Q_OBJECT protected: void searchDir(QString dirname, bool subdirs); searchThread *searching; public: SearchPkcs11(QWidget *parent, const QString &fname); ~SearchPkcs11(); public slots: void on_search_clicked(); void on_fileBut_clicked(); void buttonPress(QAbstractButton *but); void loadItem(QListWidgetItem *lib); void updateLibs(QString f); void updateCurrFile(QString f); void finishSearch(); signals: void addLib(QString); }; #endif xca-RELEASE.2.5.0/widgets/TempTreeView.cpp000066400000000000000000000052411450407711300201060ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2015 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "lib/pki_temp.h" #include "lib/load_obj.h" #include "TempTreeView.h" #include "ExportDialog.h" #include "NewX509.h" #include "XcaDialog.h" #include "MainWindow.h" #include #include #include void TempTreeView::fillContextMenu(QMenu *menu, QMenu *, const QModelIndex &, QModelIndexList indexes) { if (indexes.size() != 1) return; menu->addAction(tr("Duplicate"), this, SLOT(duplicateTemp())); menu->addAction(tr("Create certificate"), this, SLOT(certFromTemp())); menu->addAction(tr("Create request"), this, SLOT(reqFromTemp())); } void TempTreeView::duplicateTemp() { pki_temp *temp = db_base::fromIndex(currentIndex()); db_temp* db_temp = temps(); if (!temp || !basemodel || !db_temp) return; pki_temp *newtemp = new pki_temp(temp); newtemp->setIntName(newtemp->getIntName() + " " + tr("copy")); db_temp->insertPKI(newtemp); } void TempTreeView::certFromTemp() { pki_temp *temp = db_base::fromIndex(currentIndex()); if (temp) emit newCert(temp); } void TempTreeView::reqFromTemp() { pki_temp *temp = db_base::fromIndex(currentIndex()); if (temp) emit newReq(temp); } void TempTreeView::showPki(pki_base *pki) { alterTemp(dynamic_cast(pki)); } bool TempTreeView::runTempDlg(pki_temp *temp) { NewX509 *dlg = new NewX509(this); dlg->setTemp(temp); if (!dlg->exec()) { delete dlg; return false; } dlg->toTemplate(temp); delete dlg; return true; } void TempTreeView::newItem() { pki_temp *temp = NULL; QString type; if (!basemodel) return; itemComboTemp *ic = new itemComboTemp(NULL); ic->insertPkiItems(temps()->getPredefs()); XcaDialog *dlg = new XcaDialog(this, tmpl, ic, tr("Preset Template values"), QString()); if (dlg->exec()) { temp = new pki_temp(ic->currentPkiItem()); if (temp) { temp->pkiSource = generated; if (runTempDlg(temp)) { temp = dynamic_cast( temps()->insertPKI(temp)); temps()->createSuccess(temp); } else { delete temp; } } } delete dlg; } bool TempTreeView::alterTemp(pki_temp *temp) { if (!basemodel || !temp) return false; if (!runTempDlg(temp)) return false; temps()->alterTemp(temp); return true; } void TempTreeView::load() { load_temp l; load_default(&l); } ExportDialog *TempTreeView::exportDialog(const QModelIndexList &indexes) { return new ExportDialog(this, tr("Template export"), tr("XCA Templates ( *.xca )"), indexes, QPixmap(":tempImg"), pki_export::select(tmpl, basemodel->exportFlags(indexes)), "templateexport"); } xca-RELEASE.2.5.0/widgets/TempTreeView.h000066400000000000000000000015371450407711300175570ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2006 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __TEMPTREEVIEW_H #define __TEMPTREEVIEW_H #include "XcaTreeView.h" #include "lib/db_temp.h" class TempTreeView: public XcaTreeView { Q_OBJECT db_temp *temps() const { return dynamic_cast(basemodel); } bool runTempDlg(pki_temp *temp); public: TempTreeView(QWidget *parent) : XcaTreeView(parent) { } void fillContextMenu(QMenu *menu, QMenu *subExport, const QModelIndex &index, QModelIndexList indexes); void showPki(pki_base *pki); bool alterTemp(pki_temp *temp); ExportDialog *exportDialog(const QModelIndexList &index); public slots: void certFromTemp(); void reqFromTemp(); void duplicateTemp(); void newItem(); void load(); signals: void newReq(pki_temp *); void newCert(pki_temp *); }; #endif xca-RELEASE.2.5.0/widgets/X509SuperTreeView.cpp000066400000000000000000000034401450407711300206640ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2015 Christian Hohnstaedt. * * All rights reserved. */ #include "lib/db_x509super.h" #include "lib/database_model.h" #include "X509SuperTreeView.h" #include "CertDetail.h" #include "MainWindow.h" #include #include #include #include void X509SuperTreeView::fillContextMenu(QMenu *menu, QMenu *subExport, const QModelIndex &index, QModelIndexList indexes) { pki_x509super *x = dynamic_cast( db_base::fromIndex(index)); transform = NULL; if (indexes.size() != 1 || !x) return; subExport->addAction(tr("OpenSSL config"), this, SLOT(toOpenssl())); transform = menu->addMenu(tr("Transform")); transform->addAction(tr("Template"), this, SLOT(toTemplate())); transform->addAction(tr("Public key"), this, SLOT(extractPubkey()))->setEnabled(!x->getRefKey()); } void X509SuperTreeView::extractPubkey() { QModelIndex idx = currentIndex(); if (idx.isValid() && basemodel) x509super()->extractPubkey(idx); } void X509SuperTreeView::toTemplate() { QModelIndex idx = currentIndex(); if (idx.isValid() && basemodel) x509super()->toTemplate(idx); } void X509SuperTreeView::toOpenssl() { QModelIndex idx = currentIndex(); if (!idx.isValid() || !basemodel) return; pki_x509super *pki = db_base::fromIndex(idx); QString fn = Settings["workingdir"] + pki->getUnderlinedName() + ".conf"; QString fname = QFileDialog::getSaveFileName(NULL, tr("Save as OpenSSL config"), fn, tr("Config files ( *.conf *.cnf);; All files ( * )")); if (fname.isEmpty()) return; update_workingdir(fname); pki->opensslConf(fname); } void X509SuperTreeView::showPki(pki_base *pki) { pki_x509super *x = dynamic_cast(pki); CertDetail::showCert(this, x); } xca-RELEASE.2.5.0/widgets/X509SuperTreeView.h000066400000000000000000000013311450407711300203260ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2006 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __X509SUPERTREEVIEW_H #define __X509SUPERTREEVIEW_H #include "XcaTreeView.h" #include "lib/db_x509req.h" class X509SuperTreeView: public XcaTreeView { Q_OBJECT db_x509super *x509super() const { return dynamic_cast(basemodel); } protected: QMenu *transform; public: X509SuperTreeView(QWidget *parent) : XcaTreeView(parent) { transform = NULL; } void fillContextMenu(QMenu *menu, QMenu *subExport, const QModelIndex &index, QModelIndexList indexes); public slots: void showPki(pki_base *pki); void extractPubkey(); void toTemplate(); void toOpenssl(); }; #endif xca-RELEASE.2.5.0/widgets/XcaApplication.cpp000066400000000000000000000100301450407711300204150ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #include "XcaApplication.h" #include "MainWindow.h" #include "XcaWarning.h" #include "lib/entropy.h" #include #include #include #include QFont XcaApplication::tableFont; QList XcaApplication::langAvail; void XcaApplication::setMainwin(MainWindow *m) { mainw = m; } bool XcaApplication::languageAvailable(const QLocale &l) { return langAvail.contains(l); } static QString defaultlang() { return getUserSettingsDir() + "/defaultlang"; } XcaApplication::XcaApplication(int &argc, char *argv[]) :QApplication(argc, argv), mainw(nullptr), qtTr(nullptr), xcaTr(nullptr) { QLocale lang; QFile file(defaultlang()); if (file.open(QIODevice::ReadOnly)) { lang = QLocale(QString(file.read(128))); } langAvail << QLocale::system(); langAvail << QLocale("en"); QDirIterator qmIt(getI18nDir(), QStringList() << "*.qm", QDir::Files); while (qmIt.hasNext()) { XcaTranslator t; qmIt.next(); QString language = qmIt.fileInfo().baseName().mid(4, -1); if (t.load(QLocale(language), "xca", getI18nDir())) langAvail << QLocale(language); } setupLanguage(lang); #ifdef Q_OS_MACOS QStringList libp = libraryPaths(); libp.prepend(applicationDirPath() + "/../Plugins"); setLibraryPaths(libp); #endif tableFont = QFont("Courier New", QApplication::font().pointSize() #if defined (Q_OS_WIN32) +1 #else +2 #endif ); installEventFilter(this); } void XcaApplication::setupLanguage(const QLocale &lang) { QStringList dirs; if (qtTr) { removeTranslator(qtTr); delete qtTr; } qtTr = new XcaTranslator(); if (xcaTr) { removeTranslator(xcaTr); delete xcaTr; } xcaTr = new XcaTranslator(); dirs #ifdef XCA_DEFAULT_QT_TRANSLATE << XCA_DEFAULT_QT_TRANSLATE #endif << getI18nDir() #ifndef WIN32 << "/usr/local/share/qt5/translations/" << "/usr/share/qt5/translations/" << "/usr/share/qt/translations/" #endif ; qDebug() << "Setup language: " << lang; foreach(QString dir, dirs) { if (qtTr->load(lang, "qt", dir)) { break; } } xcaTr->load(lang, "xca", getI18nDir()); QLocale::setDefault(lang); installTranslator(qtTr); installTranslator(xcaTr); if (mainw) mainw->initResolver(); } void XcaApplication::quit() { if (mainw) mainw->close(); } void XcaApplication::switchLanguage(QAction* a) { QLocale lang = a->data().toLocale(); setupLanguage(lang); QFile file(defaultlang()); if (lang == QLocale::system()) { file.remove(); return; } if (file.open(QIODevice::WriteOnly)) { file.write(lang.name().toUtf8()); } } bool XcaApplication::eventFilter(QObject *watched, QEvent *ev) { static int mctr; QMouseEvent *me; QStringList l; XcaTreeView *treeview; int key; switch (ev->type()) { case QEvent::FileOpen: l << static_cast(ev)->file(); mainw->openURLs(l); return true; case QEvent::MouseMove: case QEvent::NonClientAreaMouseMove: if (mctr++ > 8) { me = static_cast(ev); #if (QT_VERSION >= QT_VERSION_CHECK(6, 0, 0)) QPoint p = me->globalPosition().toPoint(); #else QPoint p = me->globalPos(); #endif Entropy::add(p.x()); Entropy::add(p.y()); mctr = 0; } break; case QEvent::KeyPress: key = static_cast(ev)->key(); if (key < 0x100) { Entropy::add(key); } break; case QEvent::MouseButtonPress: me = static_cast(ev); treeview = watched ? dynamic_cast(watched->parent()) : NULL; if ((watched == mainw || treeview) && me->button() == Qt::MiddleButton && QApplication::clipboard()->supportsSelection()) { mainw->pastePem(); return true; } break; default: break; } return false; } bool XcaApplication::notify(QObject* receiver, QEvent* event) { try { return QApplication::notify(receiver, event); } catch (errorEx &err) { XCA_ERROR(err); } catch (...) { qWarning() << QString("Event exception: ") << receiver << event; } return false; } XcaApplication::~XcaApplication() { delete xcaTr; delete qtTr; } xca-RELEASE.2.5.0/widgets/XcaApplication.h000066400000000000000000000021451450407711300200720ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __XCAAPPLICATION_H #define __XCAAPPLICATION_H #include #include #include class MainWindow; class QAction; class XcaTranslator : public QTranslator { Q_OBJECT public: XcaTranslator(QObject *p = NULL) : QTranslator(p) { } bool load(const QLocale &locale, const QString &filename, const QString &dir) { return QTranslator::load(QString("%1_%2").arg(filename) .arg(locale.name()), dir); } }; class XcaApplication : public QApplication { Q_OBJECT private: MainWindow *mainw; XcaTranslator *qtTr; XcaTranslator *xcaTr; static QList langAvail; public: XcaApplication(int &argc, char *argv[]); virtual ~XcaApplication(); void setMainwin(MainWindow *m); void setupLanguage(const QLocale &lang); static QFont tableFont; static bool languageAvailable(const QLocale &l); bool eventFilter(QObject *watched, QEvent *ev); bool notify(QObject* receiver, QEvent* event); public slots: void switchLanguage(QAction* a); void quit(); }; #endif xca-RELEASE.2.5.0/widgets/XcaDialog.cpp000066400000000000000000000024611450407711300173620ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2015 Christian Hohnstaedt. * * All rights reserved. */ #include #include "XcaDialog.h" #include "MainWindow.h" #include "Help.h" // index = enum pki_type static const char * const PixmapMap[] = { "", ":keyImg", ":csrImg", ":certImg", ":revImg", ":tempImg", "", ":scardImg", }; XcaDialog::XcaDialog(QWidget *parent, enum pki_type type, QWidget *w, const QString &t, const QString &desc, const QString &help_ctx) : QDialog(parent ? parent : mainwin) { setupUi(this); setWindowTitle(XCA_TITLE); image->setPixmap(QPixmap(PixmapMap[type])); content->addWidget(w); mainwin->helpdlg->register_ctxhelp_button(this, help_ctx); widg = w; title->setText(t); if (desc.isEmpty()) { verticalLayout->removeWidget(description); delete description; } else { description->setText(desc); } } void XcaDialog::noSpacer() { verticalLayout->removeItem(topSpacer); verticalLayout->removeItem(bottomSpacer); delete topSpacer; delete bottomSpacer; if (widg) widg->setSizePolicy(QSizePolicy::Expanding, QSizePolicy::Expanding); } void XcaDialog::aboutDialog(const QPixmap &left) { title->setPixmap(left.scaledToHeight(title->height())); noSpacer(); resize(560, 400); buttonBox->setStandardButtons(QDialogButtonBox::Ok); buttonBox->centerButtons(); } xca-RELEASE.2.5.0/widgets/XcaDialog.h000066400000000000000000000010051450407711300170200ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2015 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __XCADIALOG_H__ #define __XCADIALOG_H__ #include #include "ui_XcaDialog.h" #include "lib/pki_base.h" class XcaDialog : public QDialog, public Ui::XcaDialog { QWidget *widg; public: XcaDialog(QWidget *parent, enum pki_type type, QWidget *w, const QString &t, const QString &desc, const QString &help_ctx = QString()); void noSpacer(); void aboutDialog(const QPixmap &left); }; #endif xca-RELEASE.2.5.0/widgets/XcaHeaderView.cpp000066400000000000000000000012221450407711300202000ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2015 Christian Hohnstaedt. * * All rights reserved. */ #include "XcaHeaderView.h" #include "XcaTreeView.h" #include XcaHeaderView::XcaHeaderView() :QHeaderView(Qt::Horizontal) { setSectionsMovable(true); } void XcaHeaderView::contextMenuEvent(QContextMenuEvent *e) { XcaTreeView *tv = static_cast(parentWidget()); if (tv) tv->headerEvent(e, logicalIndexAt(e->pos())); } void XcaHeaderView::resetMoves() { for (int i=0; i class XcaHeaderView: public QHeaderView { Q_OBJECT public: XcaHeaderView(); void contextMenuEvent(QContextMenuEvent *e); public slots: void resetMoves(); }; #endif xca-RELEASE.2.5.0/widgets/XcaProgressGui.h000066400000000000000000000020321450407711300200730ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2018 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __XCAPROGRESSGUI_H #define __XCAPROGRESSGUI_H #include "lib/base.h" #include "lib/main.h" #include "lib/XcaProgress.h" #include #include #include class XcaProgressGui : public XcaProgress_i { private: QMainWindow *mwin; QProgressBar *bar; public: XcaProgressGui() = delete; XcaProgressGui(QMainWindow *m) : XcaProgress_i(), mwin(m), bar() { bar = new QProgressBar(); bar->setMinimum(0); bar->setTextVisible(true); } void start(const QString &what, int max) { bar->setValue(0); bar->setMaximum(max); bar->setFormat(what); mwin->statusBar()->addPermanentWidget(bar, 1); bar->show(); mwin->repaint(); } void stop() { mwin->statusBar()->removeWidget(bar); } ~XcaProgressGui() { delete bar; } void increment() { int value = bar->value(); if (value == bar->maximum()) { bar->reset(); } else { bar->setValue(value +1); } } }; #endif xca-RELEASE.2.5.0/widgets/XcaProxyModel.cpp000066400000000000000000000040371450407711300202660ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2006 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #include "XcaProxyModel.h" #include "lib/db_base.h" bool XcaProxyModel::lessThan(const QModelIndex &left, const QModelIndex &right) const { db_base *db = dynamic_cast(sourceModel()); if (!db) return QSortFilterProxyModel::lessThan(left, right); dbheaderList headers = db->getAllHeaders(); if (left.column() < 0 || left.column() >= headers.size() || right.column() < 0 || right.column() >= headers.size()) { qDebug("BAD COLUMN: %d %d\n", left.column(), right.column()); return true; } dbheader *hd_left = headers[left.column()]; dbheader *hd_right = headers[right.column()]; if (hd_left->isNumeric() && hd_right->isNumeric()) { int diff; QString l = sourceModel()->data(left).toString(); QString r = sourceModel()->data(right).toString(); diff = l.size() - r.size(); if (diff<0) return true; else if (diff>0) return false; else return l < r; } if (hd_left->type == dbheader::hd_asn1time && hd_right->type == dbheader::hd_asn1time) { pki_base *l = db_base::fromIndex(left); pki_base *r = db_base::fromIndex(right); if (l && r) return l->column_a1time(hd_left) < r->column_a1time(hd_right); } return QSortFilterProxyModel::lessThan(left, right); } bool XcaProxyModel::filterAcceptsRow(int sourceRow, const QModelIndex &sourceParent) const { if (!sourceModel()) return false; QModelIndex idx = sourceModel()->index(sourceRow, 0, sourceParent); return sourceModel()->data(idx, Qt::UserRole).toBool(); } QVariant XcaProxyModel::data(const QModelIndex &index, int role) const { QModelIndex i; QString number; if (index.column() != 1) return QSortFilterProxyModel::data(index, role); /* Row number */ switch (role) { case Qt::EditRole: case Qt::DisplayRole: for (i = index; i.isValid(); i = i.parent()) number += QString(" %1").arg(i.row()+1); return QVariant(number); default: return QSortFilterProxyModel::data(index, role); } return QVariant(); } xca-RELEASE.2.5.0/widgets/XcaProxyModel.h000066400000000000000000000011461450407711300177310ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2006 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __XCAPROXYMODEL_H #define __XCAPROXYMODEL_H #include #include #include class XcaProxyModel: public QSortFilterProxyModel { Q_OBJECT public: XcaProxyModel(QWidget *parent = 0) :QSortFilterProxyModel(parent) { } bool lessThan(const QModelIndex &left, const QModelIndex &right) const; bool filterAcceptsRow(int sourceRow, const QModelIndex &sourceParent) const; QVariant data(const QModelIndex &index, int role) const; }; #endif xca-RELEASE.2.5.0/widgets/XcaTreeView.cpp000066400000000000000000000310351450407711300177140ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2006 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #include #include #include #include #include #include #include #include #include "OidResolver.h" #include "XcaHeaderView.h" #include "XcaTreeView.h" #include "XcaProxyModel.h" #include "MainWindow.h" #include "XcaWarning.h" #include "XcaDialog.h" #include "XcaApplication.h" #include "ExportDialog.h" #include "ImportMulti.h" #include "lib/load_obj.h" #include "ui_ItemProperties.h" XcaTreeView::XcaTreeView(QWidget *parent) :QTreeView(parent) { mainwin = NULL; setHeader(new XcaHeaderView()); setAlternatingRowColors(true); setSelectionMode(QAbstractItemView::ExtendedSelection); setEditTriggers(QAbstractItemView::EditKeyPressed); setRootIsDecorated(false); setUniformRowHeights(true); setDragEnabled(true); //setAnimated(true); proxy = new XcaProxyModel(this); setSortingEnabled(true); proxy->setDynamicSortFilter(true); sortByColumn(0, Qt::AscendingOrder); basemodel = NULL; connect(header(), SIGNAL(sectionHandleDoubleClicked(int)), this, SLOT(resizeColumnToContents(int))); connect(this, SIGNAL(doubleClicked(const QModelIndex &)), this, SLOT(doubleClick(const QModelIndex &))); header()->setSectionsClickable(true); throttle.setSingleShot(true); connect(&throttle, SIGNAL(timeout()), this, SLOT(columnsResize())); connect(&throttle, SIGNAL(timeout()), proxy, SLOT(invalidate())); setFocusPolicy(Qt::StrongFocus); setExpandsOnDoubleClick(false); setFont(XcaApplication::tableFont); } XcaTreeView::~XcaTreeView() { delete proxy; } void XcaTreeView::contextMenuEvent(QContextMenuEvent * e) { QModelIndex index; if (!basemodel) return; index = indexAt(e->pos()); showContextMenu(e, getIndex(index)); } void XcaTreeView::showHideSections() { if (!basemodel) return; int i, max = basemodel->columnCount(QModelIndex()); basemodel->colResizeStart(); for (i=0; icolumnHidden(i)) header()->hideSection(i); else header()->showSection(i); } basemodel->colResizeEnd(); columnsResize(); } void XcaTreeView::setMainwin(MainWindow *mw, QLineEdit *filter) { mainwin = mw; connect(filter, SIGNAL(textChanged(const QString &)), this, SLOT(setFilter(const QString&))); } void XcaTreeView::setModel(QAbstractItemModel *model) { QByteArray ba; basemodel = dynamic_cast(model); proxy->setSourceModel(model); QTreeView::setModel(model ? proxy : NULL); if (basemodel) { setRootIsDecorated(basemodel->treeViewMode()); connect(basemodel, SIGNAL(resetHeader()), header(), SLOT(resetMoves())); connect(basemodel, SIGNAL(resetHeader()), this, SLOT(columnsResize())); connect(header(), SIGNAL(sectionMoved(int,int,int)), this, SLOT(sectionMoved(int,int,int))); connect(header(), SIGNAL(sectionResized(int,int,int)), basemodel, SLOT(sectionResized(int,int,int))); connect(header(), SIGNAL(sortIndicatorChanged(int,Qt::SortOrder)), basemodel, SLOT(sortIndicatorChanged(int,Qt::SortOrder))); connect(basemodel, SIGNAL(columnsContentChanged()), this, SLOT(columnsChanged())); basemodel->initHeaderView(header()); } showHideSections(); } void XcaTreeView::headerEvent(QContextMenuEvent *e, int col) { contextMenu(e, NULL, col); } QModelIndex XcaTreeView::getIndex(const QModelIndex &index) { return proxy->mapToSource(index); } QModelIndex XcaTreeView::getProxyIndex(const QModelIndex &index) { return proxy->mapFromSource(index); } QModelIndexList XcaTreeView::getSelectedIndexes() { QModelIndexList list; QItemSelection indexes = selectionModel()->selection(); list = proxy->mapSelectionToSource(indexes).indexes(); /* Reduce list to column 0 items */ QModelIndexList::iterator it = list.begin(); while (it != list.end()) { if ((*it).column() != 0) it = list.erase(it); else ++it; } return list; } void XcaTreeView::columnsChanged() { throttle.start(200); } void XcaTreeView::columnsResize() { int cnt, i; if (!basemodel) return; cnt = basemodel->columnCount(QModelIndex()); basemodel->colResizeStart(); for (i=0; ifixedHeaderSize(i)) { resizeColumnToContents(i); } } basemodel->colResizeEnd(); } void XcaTreeView::sectionMoved(int, int, int) { int cnt = header()->count(); for (int i=0; isetVisualIndex(i, header()->visualIndex(i)); } } QModelIndex XcaTreeView::currentIndex() { QModelIndex idx = QTreeView::currentIndex(); idx = getIndex(idx); idx = basemodel->index(idx.row(), 0, idx.parent()); if (!idx.isValid()) { QModelIndexList l = getSelectedIndexes(); if (l.size() > 0) idx = l[0]; } return idx; } void XcaTreeView::editIdx() { edit(getProxyIndex(currentIndex())); } void XcaTreeView::setFilter(const QString &pattern) { pki_base::limitPattern = QRegularExpression(pattern, QRegularExpression::CaseInsensitiveOption); // Only to tell the model about the changed filter proxy->setFilterFixedString(pattern); } void XcaTreeView::deleteItems() { QModelIndex index; QModelIndexList indexes = getSelectedIndexes(); QString items, msg; int count = 0; pki_base *pki = NULL; if (indexes.count() == 0 || !basemodel) return; foreach(index, indexes) { pki = db_base::fromIndex(index); items += "'" + pki->getIntName() + "' "; count++; } Transaction; if (!TransBegin()) return; if (count == 1) msg = pki->getMsg(pki_base::msg_delete).arg(pki->getIntName()); else msg = pki->getMsg(pki_base::msg_delete_multi).arg(count). arg(items); if (!XCA_OKCANCEL(msg)) return; foreach(index, indexes) { basemodel->deletePKI(index); } TransCommit(); } void XcaTreeView::exportItems() { exportItems(getSelectedIndexes()); } void XcaTreeView::showItems() { QModelIndexList indexes = getSelectedIndexes(); foreach(QModelIndex index, indexes) showItem(index); } void XcaTreeView::newItem() { if (basemodel) basemodel->newItem(); } void XcaTreeView::load_default(load_base *load) { QString s; QStringList slist = QFileDialog::getOpenFileNames(NULL, load->caption, Settings["workingdir"], load->filter); if (!slist.count()) return; update_workingdir(slist[0]); ImportMulti *dlgi = new ImportMulti(NULL); foreach(s, slist) { pki_base *item = NULL; try { item = load->loadItem(s); dlgi->addItem(item); } catch (errorEx &err) { XCA_ERROR(err); delete item; } } dlgi->execute(); delete dlgi; } void XcaTreeView::doubleClick(const QModelIndex &m) { showItem(getIndex(m)); } void XcaTreeView::editComment() { pki_base *item = db_base::fromIndex(currentIndex()); if (!basemodel || !item) return; QWidget *w = new QWidget(nullptr); Ui::ItemProperties *prop = new Ui::ItemProperties(); prop->setupUi(w); prop->comment->setPlainText(item->getComment()); prop->name->setText(item->getIntName()); prop->source->setText(item->pki_source_name()); prop->insertionDate->setText(item->getInsertionDate().toPretty()); XcaDialog *d = new XcaDialog(this, item->getType(), w, tr("Item properties"), QString(), "itemproperties"); if (d->exec()) basemodel->updateItem(item, prop->name->text(), prop->comment->toPlainText()); delete d; } void XcaTreeView::pem2clipboard() { if (!basemodel) return; QString msg = basemodel->pem2QString(getSelectedIndexes()); QClipboard *cb = QApplication::clipboard(); if (cb->supportsSelection()) cb->setText(msg, QClipboard::Selection); cb->setText(msg); } void XcaTreeView::headerDetails() { if (curr_hd && curr_hd->id > 0 && mainwin) mainwin->getResolver()->searchOid(QString::number(curr_hd->id)); } void XcaTreeView::columnRemove(void) { if (curr_hd->action) curr_hd->action->setChecked(false); } void XcaTreeView::showItem(const QModelIndex &index) { pki_base *pki = db_base::fromIndex(index); showItem(pki); } void XcaTreeView::showItem(const QString &name) { pki_base *pki = Store.lookupPki(name.toULongLong()); showItem(pki); } void XcaTreeView::showItem(pki_base *pki) { if (pki && pki->isVisible() == 1) showPki(pki); } static void addSubmenu(tipMenu *menu, tipMenu *sub) { if (sub->isEmpty()) delete sub; else menu->addMenu(sub); } void XcaTreeView::contextMenu(QContextMenuEvent *e, QMenu *parent, int col) { int shown = 0; tipMenu *menu, *dn, *v3ext, *current, *v3ns, *keyprop; QAction *a; dbheader *hd; dbheaderList allHeaders = basemodel->getAllHeaders(); menu = new tipMenu(QString(), mainwin); dn = new tipMenu(tr("Subject entries"), mainwin); v3ext = new tipMenu(tr("X509v3 Extensions"), mainwin); v3ns = new tipMenu(tr("Netscape extensions"), mainwin); keyprop = new tipMenu(tr("Key properties"), mainwin); menu->addAction(tr("Reset"), basemodel, SLOT(columnResetDefaults())); if (col >= 0 && col < allHeaders.size()) { curr_hd = allHeaders[col]; menu->addAction(tr("Hide Column"), this,SLOT(columnRemove())); if (curr_hd->id > 0) menu->addAction(tr("Details"), this, SLOT(headerDetails())); } else { curr_hd = NULL; } menu->addSeparator(); foreach(hd, allHeaders) { switch (hd->type) { case dbheader::hd_x509name: current = dn; break; case dbheader::hd_v3ext: current = v3ext; break; case dbheader::hd_v3ext_ns: if (Settings["disable_netscape"]) continue; current = v3ns; break; case dbheader::hd_key: current = keyprop; break; default: current = menu; break; } a = current->addAction(hd->getName()); a->setCheckable(true); a->setChecked(hd->show); a->setToolTip(hd->getTooltip()); hd->action = a; } menu->addSeparator(); addSubmenu(menu, dn); addSubmenu(v3ext, v3ns); addSubmenu(menu, v3ext); addSubmenu(menu, keyprop); if (parent) { parent->addSeparator(); parent->addMenu(menu)->setText(tr("Columns")); parent->exec(e->globalPos()); } else { menu->exec(e->globalPos()); } foreach(hd, allHeaders) { if (hd->action) hd->show = hd->action->isChecked(); shown += hd->show ? 1 : 0; hd->action = NULL; } if (!shown) allHeaders[0]->show = true; delete menu; delete parent; showHideSections(); } void XcaTreeView::changeView() { if (!basemodel) return; hide(); basemodel->changeView(); show(); } void XcaTreeView::exportItems(const QModelIndexList &indexes) { if (!basemodel || indexes.empty()) return; ExportDialog *dlg = exportDialog(indexes); if (dlg && dlg->exec()) { try { const pki_export *xport = dlg->export_type(); XFile file(dlg->filename->text()); if (xport->match_all(F_PRIVATE)) file.open_key(); else file.open_write(); basemodel->exportItems(indexes, xport, file); } catch (errorEx &err) { XCA_ERROR(err); } } delete dlg; } ExportDialog *XcaTreeView::exportDialog(const QModelIndexList &indexes) { return NULL; } void XcaTreeView::showContextMenu(QContextMenuEvent *e, const QModelIndex &idx) { QMenu *menu = new QMenu(mainwin); QMenu *subExport = NULL; QModelIndexList indexes = getSelectedIndexes(); QModelIndex index; index = idx.isValid() ? idx : currentIndex(); menu->addAction(tr("New"), this, SLOT(newItem())); menu->addAction(tr("Import"), this, SLOT(load())); menu->addAction(tr("Paste PEM data"), mainwin, SLOT(pastePem()))-> setShortcut(QKeySequence::Paste); if (indexes.size() == 1) { menu->addAction(tr("Rename"), this, SLOT(editIdx())); menu->addAction(tr("Properties"), this, SLOT(editComment())); } if (indexes.size() > 0) { menu->addAction(tr("Delete"), this, SLOT(deleteItems()))-> setShortcut(QKeySequence::Delete); subExport = menu->addMenu(tr("Export")); subExport->addAction(tr("Clipboard"), this, SLOT(pem2clipboard()))->setShortcut(QKeySequence::Copy); subExport->addAction(tr("File"), this, SLOT(exportItems()))-> setShortcut(QKeySequence::Save); } fillContextMenu(menu, subExport, index, indexes); contextMenu(e, menu, -1); } void XcaTreeView::keyPressEvent(QKeyEvent *event) { switch (event->key()) { case Qt::Key_Backspace: case Qt::Key_Delete: deleteItems(); return; case Qt::Key_Enter: case Qt::Key_Return: if (state() != QAbstractItemView::EditingState) showItems(); return; case Qt::Key_F2: editIdx(); return; case Qt::Key_Escape: clearSelection(); return; } if (event->matches(QKeySequence::Save)) { exportItems(); return; } if (event->matches(QKeySequence::Copy)) { pem2clipboard(); return; } QTreeView::keyPressEvent(event); } void XcaTreeView::changeEvent(QEvent *event) { switch (event->type()) { case QEvent::StyleChange: case QEvent::PaletteChange: qDebug() << "Style change event" << event->type(); pki_base::setupColors(palette()); break; } QTreeView::changeEvent(event); } xca-RELEASE.2.5.0/widgets/XcaTreeView.h000066400000000000000000000042761450407711300173700ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2006 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __XCATREEVIEW_H #define __XCATREEVIEW_H #include #include #include #include #include class database_model; class MainWindow; class db_base; class dbheader; class pki_base; class QKeyEvent; class QContextMenuEvent; class QMenu; class load_base; class ExportDialog; class XcaTreeView: public QTreeView { Q_OBJECT dbheader *curr_hd; QTimer throttle; protected: db_base *basemodel; QSortFilterProxyModel *proxy; MainWindow *mainwin; public: XcaTreeView(QWidget *parent = 0); virtual ~XcaTreeView(); void contextMenuEvent(QContextMenuEvent *e); void setModel(QAbstractItemModel *model); void setMainwin(MainWindow *mw, QLineEdit *filter); QModelIndex getIndex(const QModelIndex &index); QModelIndex getProxyIndex(const QModelIndex &index); QModelIndexList getSelectedIndexes(); void headerEvent(QContextMenuEvent *e, int col); QModelIndex currentIndex(); void showContextMenu(QContextMenuEvent *e, const QModelIndex &index); virtual void fillContextMenu(QMenu *menu, QMenu *subExport, const QModelIndex &index, QModelIndexList indexes) { (void)menu; (void)subExport; (void)index; (void)indexes; } void contextMenu(QContextMenuEvent *e, QMenu *parent = NULL, int sect = -1); void keyPressEvent(QKeyEvent *event); void changeEvent(QEvent *event); virtual void showPki(pki_base *) {}; virtual void exportItems(const QModelIndexList &indexes); virtual void load_default(load_base *load); virtual ExportDialog *exportDialog(const QModelIndexList &indexes); public slots: void changeView(); void showHideSections(); void sectionMoved(int idx, int oldI, int newI); void columnsResize(); void editIdx(); void setFilter(const QString &pattern); void deleteItems(); void exportItems(); void showItems(); void newItem(); void doubleClick(const QModelIndex &m); void pem2clipboard(); void headerDetails(); void columnRemove(); void columnsChanged(); void editComment(); void showItem(pki_base *); void showItem(const QModelIndex &index); void showItem(const QString &name); }; #endif xca-RELEASE.2.5.0/widgets/XcaWarning.cpp000066400000000000000000000042171450407711300175710ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2018 Christian Hohnstaedt. * * All rights reserved. */ #include "XcaWarning.h" #include "XcaDialog.h" #include "lib/func.h" #include #include #include #include #include #include xcaWarningBox::xcaWarningBox(QWidget *w, const QString &txt, QMessageBox::Icon icn) : QMessageBox(icn, XCA_TITLE, txt, QMessageBox::NoButton, w) { setTextFormat(Qt::PlainText); } void xcaWarningBox::addButton(QMessageBox::StandardButton button, const QString &text) { QPushButton *b = QMessageBox::addButton(button); if (b && !text.isEmpty()) b->setText(text); } int xcaWarningGui::showBox(const QString &txt, QMessageBox::Icon icn, QMessageBox::StandardButtons b) { QMessageBox w(icn, XCA_TITLE, txt, b, nullptr); return w.exec(); } void xcaWarningGui::information(const QString &msg) { showBox(msg, QMessageBox::Information, QMessageBox::Ok); } void xcaWarningGui::warning(const QString &msg) { showBox(msg, QMessageBox::Warning, QMessageBox::Ok); } bool xcaWarningGui::yesno(const QString &msg) { return showBox(msg, QMessageBox::Question, QMessageBox::Yes | QMessageBox::No) == QMessageBox::Yes; } bool xcaWarningGui::okcancel(const QString &msg) { return showBox(msg, QMessageBox::Warning, QMessageBox::Ok | QMessageBox::Cancel) == QMessageBox::Ok; } void xcaWarningGui::sqlerror(QSqlError err) { qCritical() << "SQL ERROR:" << err.text(); } void xcaWarningGui::error(const QString &msg) { xcaWarningBox box(NULL, msg); box.addButton(QMessageBox::Apply, tr("Copy to Clipboard")); box.addButton(QMessageBox::Ok); if (box.exec() == QMessageBox::Apply) { QClipboard *cb = QApplication::clipboard(); cb->setText(msg); if (cb->supportsSelection()) cb->setText(msg, QClipboard::Selection); } } void xcaWarningGui::warningv3(const QString &msg, const extList &el) { QString etext = QString("

") + msg + QString("

") + el.getHtml("
"); QTextEdit *textbox = new QTextEdit(etext); XcaDialog *d = new XcaDialog(NULL, x509, textbox, QString(), QString()); d->aboutDialog(QPixmap(":certImg")); d->exec(); delete d; } xca-RELEASE.2.5.0/widgets/XcaWarning.h000066400000000000000000000016211450407711300172320ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2018 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __XCAWARNING_H #define __XCAWARNING_H #include "lib/XcaWarningCore.h" #include class xcaWarningBox: public QMessageBox { Q_OBJECT public: xcaWarningBox(QWidget *w, const QString &txt, QMessageBox::Icon icn = QMessageBox::Warning); void addButton(QMessageBox::StandardButton button, const QString &text = QString()); }; class xcaWarningGui : public QObject, public xcaWarning_i { Q_OBJECT int showBox(const QString &txt, QMessageBox::Icon icn, QMessageBox::StandardButtons b); public: void information(const QString &msg); void warning(const QString &msg); void warningv3(const QString &msg, const extList &el); bool yesno(const QString &msg); bool okcancel(const QString &msg); void sqlerror(QSqlError err); void error(const QString &msg); }; #endif xca-RELEASE.2.5.0/widgets/clicklabel.cpp000066400000000000000000000031611450407711300176120ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2007 Christian Hohnstaedt. * * All rights reserved. */ #include "clicklabel.h" #include #include #include void DoubleClickLabel::mouseDoubleClickEvent(QMouseEvent * e) { QWidget::mouseDoubleClickEvent(e); if (clicktext.isEmpty()) emit doubleClicked(text()); else emit doubleClicked(clicktext); } void DoubleClickLabel::setClickText(QString s) { clicktext = s; } ClickLabel::ClickLabel(QWidget *parent) :DoubleClickLabel(parent) { QFont fnt( font() ); fnt.setBold(true); setFont( fnt ); setFrameShape( QLabel::Panel ); setFrameShadow( QLabel::Sunken ); setAlignment( Qt::AlignCenter ); setToolTip( tr("Double click for details") ); setAutoFillBackground(true); QPalette pal = palette(); QColor col = QColor(0xff, 0xff, 0xff); pal.setColor(QPalette::Normal, QPalette::Window, col ); pal.setColor(QPalette::Inactive, QPalette::Window, col ); setPalette( pal ); setTextFormat(Qt::PlainText); } void ClickLabel::setColor(const QColor &col) { QPalette pal = palette(); pal.setColor(QPalette::Normal, QPalette::WindowText, col ); pal.setColor(QPalette::Inactive, QPalette::WindowText, col ); setPalette( pal ); } void ClickLabel::setRed() { setColor( QColor( 192, 32, 32) ); } void ClickLabel::setGreen() { setColor( QColor( 32, 192, 32) ); } void ClickLabel::disableToolTip() { setToolTip(QString()); } CopyLabel::CopyLabel(QWidget *parent) :DoubleClickLabel(parent) { setFrameStyle(QFrame::StyledPanel); setTextFormat(Qt::PlainText); setTextInteractionFlags( Qt::TextSelectableByMouse | Qt::TextSelectableByKeyboard ); } xca-RELEASE.2.5.0/widgets/clicklabel.h000066400000000000000000000014301450407711300172540ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2007 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __CLICKLABEL_H #define __CLICKLABEL_H #include class QMouseEvent; class DoubleClickLabel : public QLabel { Q_OBJECT QString clicktext; public: DoubleClickLabel(QWidget *parent) : QLabel(parent) { } void setClickText(QString s); protected: void mouseDoubleClickEvent ( QMouseEvent * e ); signals: void doubleClicked(QString text); }; class ClickLabel : public DoubleClickLabel { Q_OBJECT public: ClickLabel(QWidget *parent); void setRed(); void setGreen(); void disableToolTip(); protected: void setColor(const QColor &col); }; class CopyLabel : public DoubleClickLabel { Q_OBJECT public: CopyLabel(QWidget *parent); }; #endif xca-RELEASE.2.5.0/widgets/distname.cpp000066400000000000000000000042161450407711300173330ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #include "distname.h" #include #include #include #include "lib/x509name.h" #include "lib/db_x509super.h" #include "lib/base.h" #include "clicklabel.h" #include "OidResolver.h" #include "MainWindow.h" DistName::DistName(QWidget* parent) : QWidget(parent) { DistNameLayout = new QGridLayout(); DistNameLayout->setAlignment(Qt::AlignTop); DistNameLayout->setSpacing(6); DistNameLayout->setContentsMargins(11, 11, 11, 11); QGridLayout *g = new QGridLayout(); g->setAlignment(Qt::AlignTop); g->setSpacing(6); g->setContentsMargins(11, 11, 11, 11); QVBoxLayout *v = new QVBoxLayout(this); v->setSpacing(6); v->setContentsMargins(11, 11, 11, 11); v->addLayout(DistNameLayout); v->addStretch(); v->addLayout(g); rfc2253 = new QLineEdit(this); rfc2253->setReadOnly(true); g->addWidget(new QLabel(QString("RFC 2253:"), this), 0, 0); g->addWidget(rfc2253, 0, 1); namehash = new QLineEdit(this); namehash->setReadOnly(true); g->addWidget(new QLabel(QString("Hash:"), this), 1, 0); g->addWidget(namehash, 1, 1); } void DistName::setX509name(const x509name &n) { DoubleClickLabel *l1; QLabel *l2; QStringList sl; for (int i=0; isetTextFormat(Qt::PlainText); l1->setText(label); l1->setClickText(sl[1]); if (l1->text().isEmpty()) l1->setText(sl[0]); l2->setText(sl[2]); l1->setToolTip(QString("[%1] %2").arg(sl[0]).arg(toolt)); l2->setToolTip(sl[3]); connect(l1, SIGNAL(doubleClicked(QString)), MainWindow::getResolver(), SLOT(searchOid(QString))); DistNameLayout->addWidget(l1, i, 0); DistNameLayout->addWidget(l2, i, 1); } rfc2253->setText(n.oneLine(XN_FLAG_RFC2253)); rfc2253->setCursorPosition(0); namehash->setText(n.hash()); updateGeometry(); } xca-RELEASE.2.5.0/widgets/distname.h000066400000000000000000000007641450407711300170040ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2007 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __DISTNAME_H #define __DISTNAME_H #include #include class x509name; class QLabel; class QComboBox; class QLineEdit; class myGridlayout; class DistName : public QWidget { Q_OBJECT public: DistName(QWidget *parent); void setX509name(const x509name &n); protected: QGridLayout* DistNameLayout; QLineEdit *rfc2253; QLineEdit *namehash; }; #endif xca-RELEASE.2.5.0/widgets/hashBox.cpp000066400000000000000000000017411450407711300171230ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2007 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #include "hashBox.h" #include "lib/base.h" #include hashBox::hashBox(QWidget *parent) :QComboBox(parent) { setupAllHashes(); } const digest hashBox::current() const { return digest(currentText()); } void hashBox::setCurrent(const digest &md) { int idx = findText(md.name()); if (idx != -1) { setCurrentIndex(idx); wanted_md = ""; } else { wanted_md = md.name(); } } void hashBox::setupHashes(QList nids) { QString md = currentText(); if (!wanted_md.isEmpty()) md = wanted_md; clear(); foreach(int nid, digest::all_digests) { if (nids.contains(nid)) addItem(digest(nid).name()); } setEnabled(count() > 0); setDefaultHash(); if (!md.isEmpty()) setCurrent(digest(md)); else setDefaultHash(); } void hashBox::setupAllHashes() { setupHashes(digest::all_digests); } void hashBox::setDefaultHash() { setCurrent(digest::getDefault()); } xca-RELEASE.2.5.0/widgets/hashBox.h000066400000000000000000000007671450407711300165770ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2007 - 2011 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __HASH_BOX_H #define __HASH_BOX_H #include #include "lib/digest.h" class hashBox: public QComboBox { Q_OBJECT private: QString wanted_md; int backup; int key_type; public: hashBox(QWidget *parent); const digest current() const; void setCurrent(const digest &md); void setupHashes(QList nids); void setupAllHashes(); void setDefaultHash(); }; #endif xca-RELEASE.2.5.0/widgets/kvView.cpp000066400000000000000000000131101450407711300167730ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2010 Christian Hohnstaedt. * * All rights reserved. */ #include "lib/func.h" #include "widgets/kvView.h" #include #include QWidget *comboDelegate::createEditor(QWidget *parent, const QStyleOptionViewItem &, const QModelIndex &) const { QComboBox *editor = new QComboBox(parent); editor->addItems(keys); return editor; } void comboDelegate::setEditorData(QWidget *editor, const QModelIndex &index) const { QString v = index.model()->data(index, Qt::EditRole).toString(); QComboBox *c = static_cast(editor); c->setCurrentIndex(c->findText(v)); } void comboDelegate::setModelData(QWidget *editor, QAbstractItemModel *model, const QModelIndex &index) const { QComboBox *c = static_cast(editor); model->setData(index, c->currentText(), Qt::EditRole); } QWidget *lineDelegate::createEditor(QWidget *parent, const QStyleOptionViewItem &, const QModelIndex &) const { return new QLineEdit(parent); } void lineDelegate::setEditorData(QWidget *editor, const QModelIndex &index) const { QString v, k; v = index.model()->data(index, Qt::EditRole).toString(); QModelIndex key = index.sibling(index.row(), 0); QLineEdit *l = static_cast(editor); l->setText(v); if (key.isValid()) { k = key.model()->data(key, Qt::DisplayRole).toString(); emit setupLineEdit(k, l); } if (infoLabel) infoLabel->setText(k + ": " + l->toolTip()); } void lineDelegate::setModelData(QWidget *editor, QAbstractItemModel *model, const QModelIndex &index) const { QLineEdit *l = static_cast(editor); model->setData(index, l->text(), Qt::EditRole); } kvmodel::kvmodel(QStringList &heads) { header = heads; myCols = heads.size(); } QStringList kvmodel::getRow(int i) { QStringList sl; sl << items[i*myCols] << items[i *myCols +1]; return sl; } void kvmodel::addRow(const QStringList &newrow) { int row = rowCount(QModelIndex()); beginInsertRows(QModelIndex(), row, row); for (int i = 0; i= newrow.size()) items << QString(); else items << newrow[i].trimmed(); } endInsertRows(); } QVariant kvmodel::data(const QModelIndex &index, int role) const { int id = index.internalId(); QString s = items[id]; switch (role) { case Qt::EditRole: case Qt::DisplayRole: return QVariant(s); } return QVariant(); } QVariant kvmodel::headerData(int section, Qt::Orientation orientation, int role) const { if (role == Qt::DisplayRole) { if (orientation == Qt::Horizontal) return QVariant(header[section]); if (orientation == Qt::Vertical) return QVariant(section); } return QVariant(); } bool kvmodel::insertRows(int row, int count, const QModelIndex &) { beginInsertRows(QModelIndex(), row, row+count-1); for (int i=0; i< count *myCols; i++) { items.insert(row*myCols, QString()); } endInsertRows(); return true; } bool kvmodel::removeRows(int row, int count, const QModelIndex &) { beginRemoveRows(QModelIndex(), row, row+count-1); for (int i=0; i< count*myCols; i++) { items.removeAt(row*myCols); } endRemoveRows(); return true; } bool kvmodel::setData(const QModelIndex &index, const QVariant &value, int role) { if (index.isValid() && role == Qt::EditRole) { items[index.internalId()] = value.toString().trimmed(); emit dataChanged(index, index); return true; } return false; } void kvmodel::moveRow(int oldi, int newi) { QStringList line = items.mid(oldi*myCols, myCols); removeRows(oldi, 1); insertRows(newi, 1); for (int i=0; isetDefaultSectionSize(200); horizontalHeader()->setStretchLastSection(true); verticalHeader()->setSectionsMovable(true); verticalHeader()->setDefaultSectionSize(24); setEditTriggers(QAbstractItemView::AllEditTriggers); connect(verticalHeader(), SIGNAL(sectionMoved(int,int,int)), this, SLOT(moveRow(int,int,int))); infoLabel = NULL; initLineDelegate(); } void kvView::initCols(QStringList &heads) { QAbstractItemModel *m = model(); setModel(new kvmodel(heads)); delete m; } kvView::~kvView() { delete model(); } void kvView::initLineDelegate(int col) { lineDelegate *d = new lineDelegate(infoLabel, this); setItemDelegateForColumn(col, d); connect(static_cast(d), SIGNAL(closeEditor(QWidget *, QAbstractItemDelegate::EndEditHint)), this, SLOT(editorExited())); } void kvView::setKeys(const QStringList &k, int col) { if (!col) keys0 = k; comboDelegate *d = new comboDelegate(k, this); setItemDelegateForColumn(col, d); } void kvView::moveRow(int, int oldi, int newi) { static int moving = 0; if (moving) return; moving = 1; verticalHeader()->moveSection(newi, oldi); static_cast(model())->moveRow(oldi, newi); repaint(); moving = 0; } void kvView::addRow(const QStringList &newrow) { int max = MIN(model()->columnCount(QModelIndex()), newrow.size()); for (int i = 0; i(itemDelegateForColumn(i))->addKey(key); } static_cast(model())->addRow(newrow); } void kvView::addKvRow() { QString k; if (keys0.count() > 0) k = keys0[rowCount() % keys0.count()]; addRow(QStringList(k)); } void kvView::deleteCurrentRow() { model()->removeRows(currentIndex().row(), 1, QModelIndex()); } void kvView::editorExited() { if (infoLabel) infoLabel->clear(); } xca-RELEASE.2.5.0/widgets/kvView.h000066400000000000000000000073251450407711300164530ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2010 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __KVVIEW_H #define __KVVIEW_H #include #include #include #include #include #include "lib/base.h" class kvView; class kvDelegate : public QItemDelegate { public: kvDelegate(QObject *parent) :QItemDelegate(parent) { } virtual void addKey(QString &) {}; }; class comboDelegate : public kvDelegate { QStringList keys; public: comboDelegate(QStringList k, QObject *parent = 0) :kvDelegate(parent) { keys = k; } void addKey(QString &key) { if (!key.isEmpty() && (keys.count() == 0 || !keys.contains(key))) keys << key; } QWidget *createEditor(QWidget *parent, const QStyleOptionViewItem &option, const QModelIndex &index) const; void setEditorData(QWidget *editor, const QModelIndex &index) const; void setModelData(QWidget *editor, QAbstractItemModel *model, const QModelIndex &index) const; void updateEditorGeometry(QWidget *editor, const QStyleOptionViewItem &option, const QModelIndex &index) const { (void)index; editor->setGeometry(option.rect); } }; class lineDelegate : public kvDelegate { Q_OBJECT QLabel *infoLabel; public: lineDelegate(QLabel *lbl = 0, QObject *parent = 0) :kvDelegate(parent) { infoLabel = lbl; } QWidget *createEditor(QWidget *parent, const QStyleOptionViewItem &option, const QModelIndex &index) const; void setEditorData(QWidget *editor, const QModelIndex &index) const; void setModelData(QWidget *editor, QAbstractItemModel *model, const QModelIndex &index) const; void updateEditorGeometry(QWidget *editor, const QStyleOptionViewItem &option, const QModelIndex &index) const { (void)index; editor->setGeometry(option.rect); } signals: void setupLineEdit(const QString &s, QLineEdit *l) const; }; class kvmodel: public QAbstractTableModel { QStringList items; QStringList header; int myCols; public: kvmodel(QStringList &heads); QStringList getRow(int i); void addRow(const QStringList &newrow); Qt::ItemFlags flags(const QModelIndex &index) const { return QAbstractTableModel::flags(index) | Qt::ItemIsEditable; } QModelIndex index(int row, int column, const QModelIndex &parent = QModelIndex()) const { (void)parent; return createIndex(row, column, row*myCols +column); } QVariant data(const QModelIndex &index, int role) const; QVariant headerData(int section, Qt::Orientation orientation, int role) const; bool insertRows(int row, int count, const QModelIndex &parent = QModelIndex()); bool removeRows(int row, int count, const QModelIndex & parent = QModelIndex()); int rowCount(const QModelIndex &parent) const { (void)parent; return items.count()/myCols; } int columnCount(const QModelIndex &parent) const { (void)parent; return myCols; } bool setData(const QModelIndex &index, const QVariant &value, int role); void moveRow(int oldi, int newi); }; class kvView: public QTableView { Q_OBJECT QStringList keys0; QLabel *infoLabel; public: kvView(QWidget *parent = 0); ~kvView(); int rowCount() { return model()->rowCount(QModelIndex()); } QStringList getRow(int i) { return static_cast(model())->getRow(i); } void addRow(const QStringList &newrow); void deleteAllRows() { model()->removeRows(0, rowCount(), QModelIndex()); } void setInfoLabel(QLabel *lbl, int col = 1) { infoLabel = lbl; initLineDelegate(col); } void initLineDelegate(int col = 1); void setKeys(const QStringList &k, int col = 0); void initCols(QStringList &heads); private slots: void moveRow(int logical, int oldi, int newi); void editorExited(); public slots: void addKvRow(); void deleteCurrentRow(); }; #endif xca-RELEASE.2.5.0/widgets/pkcs12EncBox.cpp000066400000000000000000000020421450407711300177240ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2007 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #include "pkcs12EncBox.h" #include pkcs12EncBox::pkcs12EncBox(QWidget *parent) :QComboBox(parent) { setupAllEncAlgos(); } const encAlgo pkcs12EncBox::current() const { return encAlgo(currentText()); } void pkcs12EncBox::setCurrent(const encAlgo &md) { int idx = findText(md.name()); if (idx != -1) { setCurrentIndex(idx); wanted_encAlgo = ""; } else { wanted_encAlgo = md.name(); } } void pkcs12EncBox::setupEncAlgos(QList nids) { QString md = currentText(); if (!wanted_encAlgo.isEmpty()) md = wanted_encAlgo; clear(); foreach(int nid, encAlgo::all_encAlgos) { if (nids.contains(nid)) addItem(encAlgo(nid).name()); } setEnabled(count() > 0); setDefaultEncAlgo(); if (!md.isEmpty()) setCurrent(encAlgo(md)); else setDefaultEncAlgo(); } void pkcs12EncBox::setupAllEncAlgos() { setupEncAlgos(encAlgo::all_encAlgos); } void pkcs12EncBox::setDefaultEncAlgo() { setCurrent(encAlgo::getDefault()); } xca-RELEASE.2.5.0/widgets/pkcs12EncBox.h000066400000000000000000000010041450407711300173660ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2007 - 2011 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKCS12_ENC_BOX_H #define __PKCS12_ENC_BOX_H #include #include "lib/pki_pkcs12.h" class pkcs12EncBox: public QComboBox { Q_OBJECT private: QString wanted_encAlgo; public: pkcs12EncBox(QWidget *parent); const encAlgo current() const; void setCurrent(const encAlgo &md); void setupEncAlgos(QList nids); void setupAllEncAlgos(); void setDefaultEncAlgo(); }; #endif xca-RELEASE.2.5.0/widgets/v3ext.cpp000066400000000000000000000076051450407711300166050ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2005 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "v3ext.h" #include #include #include #include #include #include #include #include #include "XcaWarning.h" #include "lib/exception.h" #include "lib/ipvalidator.h" #include "lib/x509v3ext.h" #include v3ext::v3ext(QWidget *parent) :QDialog(parent) { setupUi(this); setWindowTitle(XCA_TITLE); tab->horizontalHeader()->setDefaultSectionSize(80); } void v3ext::addInfo(QLineEdit *myle, const QStringList &sl, int n, X509V3_CTX *ctx) { nid = n; le = myle; ext_ctx = ctx; tab->setKeys(sl); keys = sl; tab->setInfoLabel(infoLabel); connect(tab->itemDelegateForColumn(1), SIGNAL(setupLineEdit(const QString &, QLineEdit *)), this, SLOT(setupLineEdit(const QString &, QLineEdit *))); if (le && !le->text().trimmed().isEmpty()) addItem(le->text()); if (n != NID_subject_alt_name) copy_cn->hide(); } void v3ext::addItem(QString list) { int i; QStringList sl; sl = list.split(','); if (sl[0] == "critical") { sl.takeFirst(); critical->setChecked(true); } for (i=0; i< sl.count(); i++) { if (sl[i] == "DNS:copycn" && nid == NID_subject_alt_name) copy_cn->setChecked(true); else addEntry(sl[i]); } } void v3ext::setupLineEdit(const QString &s, QLineEdit *l) { QString tt; QValidator *v = NULL; if (s == "email") { if (nid == NID_subject_alt_name) tt = tr("An email address or 'copy'"); else tt = tr("An email address"); } else if (s == "RID") { tt = tr("A registered ID: OBJECT IDENTIFIER"); QRegularExpression rx("[a-zA-Z0-9.]+"); v = new QRegularExpressionValidator(rx, this); } else if (s == "URI") { tt = tr("A uniform resource indicator"); QRegularExpression rx("[a-z][a-z0-9\\.\\+\\-]*://.*"); v = new QRegularExpressionValidator(rx, this); } else if (s == "DNS") { if (nid == NID_subject_alt_name) tt = tr("A DNS domain name or 'copycn'"); else tt = tr("A DNS domain name"); } else if (s == "IP") { tt = tr("An IP address"); v = new ipValidator(); } else if (s == "otherName") { tt = tr("Syntax: ;TYPE:text like '1.2.3.4:UTF8:name'"); QRegularExpression rx("[a-zA-Z0-9.]+;.*"); v = new QRegularExpressionValidator(rx, this); } else if (s == "issuer") { tt = tr("No editing. Only 'copy' allowed here"); l->setText(QString("copy")); l->setReadOnly(true); QRegularExpression rx("copy"); v = new QRegularExpressionValidator(rx, this); } l->setToolTip(tt); l->setValidator(v); } /* for one TYPE:Content String */ void v3ext::addEntry(QString line) { int idx; QString type, value; line = line.trimmed(); idx = line.indexOf(':'); if (idx == -1) { value = line; } else { type = line.left(idx); value = line.mid(idx+1); } if (!keys.contains(type)) { type = keys[0]; value = line; } tab->addRow(QStringList(type) << value); } QString v3ext::toString() { QStringList str; int i, row = tab->rowCount(); if (critical->isChecked()) str << "critical"; if (copy_cn->isChecked()) str << "DNS:copycn"; for (i=0; igetRow(i); str += s[0] + ":" +s[1]; } return str.join(", "); } void v3ext::on_apply_clicked() { __validate(false); if (le) le->setText(toString()); accept(); } bool v3ext::__validate(bool showSuccess) { x509v3ext ext; QString str, error; validate->setFocus(Qt::OtherFocusReason); str = prefix + toString(); ext.create(nid, str, ext_ctx); while (int i = ERR_get_error() ) { error += ERR_error_string(i ,NULL); error += "\n"; } if (!error.isEmpty()) { XCA_WARN(tr("Validation failed:\n'%1'\n%2"). arg(str).arg(error)); return false; } if (showSuccess) { XCA_INFO(tr("Validation successful:\n'%1'"). arg(ext.getValue())); } return true; } void v3ext::on_validate_clicked() { __validate(true); } xca-RELEASE.2.5.0/widgets/v3ext.h000066400000000000000000000016161450407711300162460ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2005 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __V3EXT_H #define __V3EXT_H #include "ui_v3ext.h" #include "lib/pki_base.h" #include #include #include #include "widgets/kvView.h" class pki_x509; class pki_key; class v3ext: public QDialog, public Ui::v3ext { Q_OBJECT private: QLineEdit *le; int nid; X509V3_CTX *ext_ctx; bool __validate(bool showSuccess); QStringList keys; QString prefix; public: v3ext( QWidget *parent); void addItem(QString list); void addEntry(QString list); QString toString(); void addInfo(QLineEdit *myle, const QStringList &sl, int n, X509V3_CTX *ctx); void setPrefix(QString p) { prefix = p; } public slots: void on_apply_clicked(); void on_validate_clicked(); void setupLineEdit(const QString &s, QLineEdit *l); }; #endif xca-RELEASE.2.5.0/widgets/validity.cpp000066400000000000000000000050431450407711300173530ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2003 - 2012 Christian Hohnstaedt. * * All rights reserved. */ #include "validity.h" #include #include "lib/asn1time.h" #include "lib/func.h" Validity::Validity( QWidget* parent ) : QDateTimeEdit( parent ) { endDate = false; setTimeSpec(Qt::UTC); setNow(); hideTime(false); connect(this, SIGNAL(timeChanged(const QTime &)), this, SLOT(setMyTime(const QTime &))); updateFormatString(); } Validity::~Validity() { } a1time Validity::getDate() const { a1time date(dateTime()); QTime time; if (midnight) { time = endDate ? QTime(23,59,59) : QTime(0,0,0); date.setTimeSpec(Qt::UTC); } else { time = date.time(); time.setHMS(time.hour(), time.minute(), 0); } date.setTime(time); return date; } void Validity::localTime(int state) { if (midnight) return; switch (state) { case Qt::Checked: setTimeSpec(Qt::LocalTime); setDateTime(dateTime().toLocalTime()); break; case Qt::Unchecked: setTimeSpec(Qt::UTC); setDateTime(dateTime().toUTC()); break; } updateFormatString(); setMyTime(time()); } void Validity::hideTimeCheck(int state) { switch (state) { case Qt::Checked: hideTime(true); break; case Qt::Unchecked: hideTime(false); break; } } void Validity::hideTime(bool hide) { if (hide) { if (!midnight && endDate) setDateTime(dateTime().addDays(-1)); midnight = true; } else { if (midnight && endDate) setDateTime(dateTime().addDays(1)); midnight = false; setTime(mytime); } updateFormatString(); } void Validity::updateFormatString() { QString formatDate = tr("yyyy-MM-dd hh:mm"); QString format; if (midnight) { if (!endDate) format = QTime(0,0,0).toString(formatDate); else format = QTime(23,59,59).toString(formatDate); } else { format = formatDate; } if (timeSpec() == Qt::UTC || midnight) { format += " 'GMT'"; } else { format += QString(" '%1'") .arg(QTime::currentTime().toString("t")); } setDisplayFormat(format); } void Validity::setDate(const a1time &a) { setDateTime(a); } void Validity::setDiff(const Validity *start, int number, int range) { QDateTime dt = start->dateTime(); switch (range) { case 0: dt = dt.addDays(number); break; case 1: dt = dt.addMonths(number); break; case 2: dt = dt.addYears(number); break; } // one day less if we go from 0:00:00 to 23:59:59 if (midnight) dt = dt.addDays(-1); setDateTime(dt); setMyTime(start->mytime); } void Validity::setNow() { setDateTime(a1time::now()); setMyTime(time()); } void Validity::setMyTime(const QTime &time) { mytime = time; } xca-RELEASE.2.5.0/widgets/validity.h000066400000000000000000000013441450407711300170200ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2003 - 2012 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __VALIDITY_H #define __VALIDITY_H #include #include class Validity : public QDateTimeEdit { Q_OBJECT bool midnight, endDate; void updateFormatString(); protected: QTime mytime; public: Validity( QWidget* parent); ~Validity(); a1time getDate() const; void setDate(const a1time &a); void setDiff(const Validity *start, int number, int range); void hideTime(bool hide); void setEndDate(bool ed) { endDate = ed; } protected slots: void setMyTime(const QTime & time); public slots: void setNow(); void hideTimeCheck(int state); void localTime(int); }; #endif xca-RELEASE.2.5.0/xcf/000077500000000000000000000000001450407711300141325ustar00rootroot00000000000000xca-RELEASE.2.5.0/xcf/cert.xcf000066400000000000000000011536001450407711300155770ustar00rootroot00000000000000gimp xcf file BBj/ gimp-commentCreated with The GIMPݐp1  E#revoked     jT x $4DTdt&6IdH   1|T vq 2BRbrԂԒԢԲ=<=<<<=<<===<===<==<===<=<=<==<=<==<<<=<<<<<<=<===<<<<=<======<=<<=<<<<<<=<=<=<<=====<<==<<=<<=<<<<<<==<===<<=<<<==<<<<<======<<=====<========<===<<<<<==<<<<<=<<===<<<<<=<ϒte_cfv[* 2PY 9|݌. 5n. )% f I   )+#Z#,Pp_C1($  x-.2A˜Q& kov  'ܫ    l #z  =  :Y 4    | ![ N  F %{\    "q  C%:    LN  !V)  )",$ w.  ,8*/! ]/ 'A<(  0y( B E)  1#Sދ E!2  ^"WsN4  ^$_[h.7  Mlݿ.=   < o1   / w$    )~G   lހ     }U X   yT ^1@   vOo  pL"^"   da"d8'  fX rv*  gln #A 4z#   _wh!ڈ/|  \t U)dѧ #"  Vs&&dwg#    [t ;e;   da6 5|x h  "sN |m3{By $:C= D   0& %A8 U"    /yT[]^?  g3  08   ίvQ  20 6  ̘Z  j! -    ݘN  Y '   t cI  ? W޿݃  t Gc -˨o %&5g 5L ?elS Mmާt  KnzZN  Qjtu   jW߇  }EB '  2ɼŨ ϓvheejtZ(!5Q_9|؎&  !%>k7 ! &b O  "*6! !!T! $'0On`A30$  !  #uڻ3!"-*?F !"$ ip{  . k !'٘~  A  !EZ 9!~ #[)L I)y`!  &t = :  OU " R$  (-- v+  / <-2'     \3!A5&     2w- C A)(   3/ Sڋ G8  _.TuQ8 \# a\n3?  H"nܿ#/= =' m.  1&w  *O  p!}     }W"X   vV_+> vP!!i  kK 'N  hc!ۼj;,iZ$j 'x4    gp#j=7x!bxd*ߋ3~" YrS.\Ϊ  Vt //c{`؀"   [t :f# >  c` 3 ;~u  g#   "lRvl7}  ?w!  ':E8D   1&   %@< W( 1xyKS^\>  k,  ,8 ̪vS :*    0  ˓a  l$   $  ڛP   Y#   *! s aM(   ;  Ձ    V  ڂ    qʃ N e     ,˨o% ڀ,     7h 4M       Df k  X   Mkz Gkw\ ހO   Zlr s   n^    "~IF *    %:ǽǧ ا}vy|p;#!%Afk &$%!(KޓB !'$  !#2P|42B@2#&"# !"'#!)8xL "$(*(@L&&5&#'&*!n'   (t%kZA_!<;}  H/T"ed$%lE@7 #L#/ N) :#N6I8  /j8.KQC"  B6 J# [DE >5 aޒd>Xk. cxj6R6 j0%kc5K[[/$x@P_J-!"|M# <+%2 3&,*[ /t)) *`$-k,  )_#+w =N-+`0*+z4*W =2k9,|hlZJ *xc #u 9K)2w{%q0U#JF!+t~j(@ 8=',l|h.@tײ1 '=* )iz9 @tǁ  m@. -ox  3Mv+  A62"3ri6 +N !jހ231;Vzo&D G-5?UJD"R%?19 D\@ c- $ISXdbA !w/< 6I?   ԳZB-: 2=:   ўc"t-A 1<5 ߡ[ h0B  -D%   |  t`=9  4X#    ݾۇ ';@  9l   ގ 5   #9υ [  l. &  -IϪw 1"  :!;   -Um7d  /   ,Yl r  b     *Yx ,    *[tf Z      cx y  }   0u_  '  8M E>    4D˿ʭ ?J5 .9   .`?   DZ O   #   J )J . DO   p &&k&D'%9D#O!` p     D  J  O D p ? #{ `kpv   UZ  k 9 #  #  O pU pv U  ǭȵĽԹӹȱęЩ໛»ֺݽ֭׷پˠӻ@ܸϲۀַpЭֿ´ҾǬȴҾƼ &ؿƴ1AɺͲߵ kͿ׺ϸ.ݱʸȸؾYָԾӯڿ϶ɰCȳ݀ؿзwŨʳҲϩݺغRغٿtڿեĨ ͣު˺W<.Ԩ޾ֺ2'ǕܑⲤًܿ) h۬㽞îӸ-Wݽßȶɭ+*w˚Ďնӹm  '׹޳ޜǶQ B㮟մ93ނ注غ"'`ե ]Ե޺ #nȶjz!/ݢ8J]ĹDzcŰζ }߾ٵ# ʤݷ   2ὣހ߃  SrȥN  aYӭڍ# v=FظK  #f?߿݀׋"  6hŬt; 4   T!wϳA0O  _ ߲ 'K l ' / ! DϰO4  2 ߡ G' m 61R  _f Q  t <ȧ G 8 'ᬡ)  Qʀ w Y攓O  cݨ qɕp vѿS fɵ v̘ |J a  I縝 }F iDZŵľޙ澖лϸƱŲ́޻ٺҺ߀ؼհ׹ֿǣѻ6¬׷ɲҹ rͯԽ܀ƭŵѿ¾!/Ƶ; F˻ϵ !nܖӽι!0ʹȺ ]ۓջӾϯ ֻ˸Ű ! IǶԿϹܺ  y©ʴϲέٸԺ UѺܙؿ oؿϫ¨̤ݪ˺[!@:ӫܲػ޿4&ĖಧՍ- !lڭ἟įθ) V۽¢˶ǭ“* )xʛÏ۪Գλq,ӺݠƸM !$Aݶ߯Ѻ?$6ڌⶩӶ,%+\ͨ_Թ#*sʺo{6ª3K¿#WŻIJ ců˶ !~յ(ϥٷ   3ݽ   QqǦJ   _[ùϭڋ#  x>FָJ -f Bݿ۳Ԍ* ! :eĭr? 2 T'wͲ?.P]"޵ ,M p1ê 4 %D̯R   5  8ܦ  A+iۣ6ؿ0 N  _ۿf  E t!Bŭ L   >ـ@ '⨥) U˄  u \ߓQ eޣ u"Șo  z;^ f˶ u˙s־I c Qⷞ tG k˸˼ĘտټʶȞijѯ«սíֱ׻ͤıӼIůغϳ¨sѰԿŸôɱθ®-2°ɸ+ Iξй" qҿ!$#9ͻ˽£   _ټ׶%$!!ĶҺɵ' # I˹Լ "#zįθڷ!#%г޿ٿ %aؿƩƬ  tĦڪǬ#Ψ㯚о\"H;װŘݾ6&ɛ๬īڏ, m߲çDzԿ0  `è˧Ϲϲ,#+BРɖٺԻv" Aپ塮ʺ\1<\簤ؽO&3(C껪ԳB .Dlīѫ !+j׸ƾ!)@ιo~2L9c& cŻȸ!qƲҹ,ܺ5"ժݼ! , @߁ * Z}˪O   ij¾ֱ-   TWغW   ;yS°ٓ) ,  G}!uȱwA 8  d7շI!  2X $i9㶦   /M  )~Eĭ   0  2!Xҳ^   0  ?+ð   C0 k!Lƹ< R&  1oíq  P#  u*Vɫ   J  @  .H泪%  Sϋ  xޣ"1f㗕`  eŤݬ(  2Зu  v` /xϺǿ Р  uR4m[侜 uQ#s@=<D;<;9:9986764 5 4 337J688889v!Uv)!"74 J2 2 /D e     `     4        9 `   { k e ٲ៍ݾ±ҿƳ߫βïзĽͿøIJʷ̶Ѳ۴ڳѮ˭ѹŰȹս__݀úm ֽ׽q rǯʺr  ֿٻ  +ҽߏŭ ŦͰ  hܲ߻׺ɬ B͗£: ]۴ȵ  mӮ۷  iݳc  Mګϝ  9ݹ޽  gϚЏ|ɤ   M˓])ݾ 5і  "߀ϱ fֵ&  &  )ͦG &ϲ   E<  ճc   Z9  $͖N . R  ݀⾚w  ^زJ 4h|ٱg   ๯) @Z I۶H S kǭ.( ڛ9   * +  5  N Ű j8 ,Y  Ǜ/b  S°lՓ 8hˮ+:`n֧[X  z mg    l  쥣ֶߞؾߘµ˵˳óʷƽøIJ̷˶ҳ׵ܳѬͯзijƹҼc%"ażp տ޺ؿl nȰɹr ϼվ  1ϽŰ Ƨ߂˭ eٶ׽Ĭ A͛ħ6 ^ڲʶ mϨڷ jٰ]  Qڮ۶ˠ $:ܹ  "iΞђɥ Rʗ_)ށ۾ 8͙ %ί fԱ& .  ,̥K *γ   IA  Ҷf  ];  +ڀ͚T 5 ĪR  ῜z   ]ֲM 1h xױi  ݺ) 8]  HַK  U  mDz5 #*  ܀ݝ@     .   6  H &Ǯn  < 5Z  ʠ<  `   U dҖ  8 bǫ ̾) =e gթ ^ S  mh  h  򥩥ởūƸ÷θϹɶκ»ùƽȷμл׸߹߹ִϳűԻȷɺh"*'^Ǿp vqʶξv ݿ 2DZ! ȫմ nἤ²Ȯ SҢƩ; mܷκ .}խ߽  (v⸖ħp#,_ⱟר"1K⿒ƞ  $2qԣӕΪ  !*ZЙd<«   )>֛7϶  %)nڼ,BĴ    ;ѧU >Ը#    OI   "׻p   cD 2ҟZ < "ĬW Ġ|    eճX=n  y۵m   +޽6 O` BںO a tͱ44, ޤC   .*++  .     V:ƲƑ n  J  $" Af     (ͨ/ ]  !Y±  bݗ  #F  aϳ 3  $Cke׫ c $e    5up    $r    7644577565434 )2 D       k k            9  ?9          D    ܸٺȽܮ;ܽοجͱëͮԶӺ¨̮݀ѽҼᾩ˶ճ˷ķ䴕ɳ_fүnEѿ彡̫+¾Z y³ٹŢƍɭl˾͢˻U  ®/AÓģZ  4ǯژ   ι޲Dz@ H#  cس˰G Sż۳(  Ƴά bǾHoּ ܾ} oj ߱  j VΨa  D  Ʒ䶤  : AѨL   ճ  'ƸD hȶ ʻ<  л  -Ÿ  kk Į  ǵ   ҾǸ) ֻƹU  ռǶݩ  ѷȻɺ3 9Ҵů  AǮΰO̶Ʃه  Q' [ӻ   rߔ2 _ĵ   e7 kù 1U qøzp  k yδ* pp x׳  ds c }xS% t T ţxb^  UuN X rB ףh /mD  [Z~  4T\uH QBʯr  h ?x ޲js ѫP䤡DԼA,ؼ˾yγ5 pУ עⰡdڻ׷ƾڱͿھ׭Ͷ¯ɯӶڀԽͱѻѼܽǰش̴Ķ޶˴imԱxM̿ݿȬ۶4ds¶ԺŦď ǰt̥݀0˼X  1 @ǽå] 4˳ך   λڲŰE  Iʾ*   dùڳDzI NȻ״,  ŴЪ¶ dO jԸڽƈ  kk  ౭ q QͦbC   Ź㶥  ;   AΩM     Թݓ   %ùE   fǹ   ɺ ݡB    λ  -ȷ  iݳl ǯ    ƶ  $ Ѻ+   ʽ߽Z ڿȷ  ηȺ  !˽ȹ)  .ӷ  =DZ˱ !ھ J˹ƪ׎ [- Vҽ    !s9 Zõ   d@   h¹    1[ l¸yr  ݙo t͵/ lxuյ*   cy `  {xR7  !v S%  ĦeYSyL  Wx @  ϡi  2n G ` Z 5؁ U_ oI J;ϯ|   e    A u~pu   ЪV   ڪJֿJ  %} δ9   fͤԦ$  }ݵ_߻߻߶ñìòߴθŲѰ׻¿Ǫѯh¾ò˶ۺͺǺ滘̷txٶT´ϲ 7j !{ɺܽɪȖ ҳy#÷Щ[  Ų<9Ɯƪj *ʶÿ٢$ Ӽ⸧ιRK5   fú߸ϸPQ۹7     ɷұŻ fQ f׿Ǩʎ jq ³渰  {  ZҬj#J( ȼ꺫&C  @ҪY غ!  ,ɼP    i˺    ;J         .ɼ  lƴv   IJ    ɹ   ǻ1   ̿]   ¼ʺ  ҽȽ   ˽)   .۷²    Bʹϴ  #  Iҷʭޒ  [5  P     qD  ]Ǹ   ]I iƼ  (^  oƼr    w  wԹ9     k  p۷1     e|  _' Z9     V+ ˩~i_ P I  ^ } B  اn(  1t  D  d Y  2 Sj nP K 9ϴ (   h    GÝq  x w  ح ^  ܫQĭK 7ȇ Ӹ?   nץܧ-  ߺh#!k " $ $ ' &  )v ) ++---/00 / 2 2 2 2 2 3          Z k  Up  p OU ` J D  k   )  O k 9#   4 # _ƺ߫ҶƱݥȶѼб͜ƻ¸Ȥʬû֩ݿӴÛƹƵϳöȼھ͘ɾ߿ǫϪɰʚ׶ɵҲͽùҵۖİӷ¹Ѽܔ׸ż±ӷľ̻Ͱ´Ĺ̠۬ƴQƼɿۼŸξIõϴ0ڀ ³"ȶռ˵Įǻͺ¼ϸóɵȵ禲̸ʪրǷgٰͳĶɶɸT ة׿νǴL ͟ѳ׼Ź\ΦƲѸխбڹ׺ŷĬ߉ĭϽԽƫ۽֠Ϳо֊ּʭؾ߹ظ\ģ HgX|vH+< Fޒ> ʥ~A QҸ#)   9ٻ_'  )Կc!  #¡1c ?ȫ ͳCX ¬ Y 4~ xȥ8&  ƺ h ^3 7ǵ݀ź۬ѹů٥ǵӼҴ߸¸̠ûÀ˥ǯŻ٭IJɨϵƖ¹˶ôζŸǿ׿͝Ǭ̥ͱʛԾ׹ȵҳ˽¹ն³Ӷ¹ϻٹŽո˻ͱޙú̢õZŻƾ£̻Oĵʹ:׾-ɷ¨սʵƻ6ͻ¥̹ƾأɸĸʶƫǸlձ˵ɷ˸[֬ξƵ] ˟׀̳Ҹųý`̧ŰͷӪ̳ٻ¸ĬоҽǮӀ׻ǾϾ½Իɪ޹¾ֶ^ Fm^ zOx(C ?E ̬KVи ,- <պ\)  &݄о ^!  1c   FǮ   y˶7W  ] 3~  rǤ 4&   ƻa^7;ŵĸ᯶ǰ־Ͷ߫˺պùСȲƿþѭ˶ɿݲŹغǡſŨλĸԺͽưҞ°ʮӲ̸ӣúܻʹظƽؼĺȵپż©߾Ķ۽ƵýշƹȿƲҧǺaþȨ¬PǺɹƲҹ>ƴ߇ĭƸ.νôϺȲԿêſѽۀŸƷީνȻͽѰ˼wݶѸɻͺ̽e߬ހȨIJλdԨѲӽʸĹpѫʷսúӴԷʼȹȯɳéȳè¿ĩ˯忨ۼ_ǩ Co` vS w 'H" HM ҪT XӾ '9  0׿\0 Ĩ [0  ʧ+o  >޵̳ + ~Ӿ :h  !Ķe  :ܝ   wʬ /7   ` a= A˹?========<<==>?==OpJO    J   )p꡸歳쫴ƿѾͷ̽õнuT^̾Ķ 6  Q   ] 5  Y  D  O B R  ]  ?    6  `o  В< /мe  zӿƬ`  nIJէO  JĬΘ@  Yศ¨ϋ@   7TӿǑI  `̳ȃ+ (t7 ?ȢРG   %uӷѼn( 4⽨ĐA  *ҵQ  ֤߉ qR( (V   Eֱh   a2x  sU JJ   t61   8W2  -z r$   21 4   /n O   ܾ.  l   󣸱⟞֕殮箱ݮž°ɷʼĴ̼wS`ƽ$ø9 N ^  4 X  ?  J  A H X  7      D   _ہ  ЙF  ̹i   uѿƧ_   nòѣS%   IıЛF  P۴ѕJ    1SǘZ"   ^εȇ1  &o6  <ţТH   %pϸѺs,   4ȓI  +ؠӸY   ֨  h֩ ֪T+'+a  Fֲj  W5  m[ JT   u=8   <Q3   'w  m/   ,?-   1pW  5i   롺ܦ֚ꫨⱸﲸź÷ôлȺ~_bĻ%ƻ6  R  ]6 Z  ;  I =  F  Q   A $    ^    J    ԠL   տm    |òũf   pɷڬY!    Iɴ֨T    Pܸŭ٣S   -MöΟ^(   f  Ի·4   *p?  8˫֨M    &qսx4   7ªϚN   )֪f    g  [/!0g ;n   X8   q[IT  z9B  AE@    ! mE .C/ -y{f! =i)  `9e8987J4 4 3 2 10/.--,v,,+,..$&p D'*.) 1 04 2 , * )4{ & J$ % # " k  =<==<<<=====<<==<<<=r<6=`<<========<==<=<=<<=<?=<====<<<<====<<<=<=p<4=]<=<==<<<<====<=<<<=<<?=<<<====<==<<=<==<<=~<?=a<<<===<============<<@<> H  -%&щ   ?1̶Gތ   [Fռ-   uj Lŵ7   cHѲB    W]޼Q*Tq̮~ 7Q س   6E ɧ I  2: ϲ˩vW ( #7 ڼ}dR@% uɮ-ɴuS; 3O%ΰ~-  (ղb#  ԫ@2    Q_    !)99  (]zoe^SA5)   6n z QoW-  &: ` 6~G$   ! g ] $ލ€6   WE٣_  nܾp,   Ŝ\   -ކ!  ފ'  ً6ю7  jдӛBԽЪkT´¼пƸ?P   2&#׿Ҋ}   C&/˹R&  \GҾ'    skJ<   "i GҮ?    ([ \ڿQ  0W rʱ|    8Vش܀  # =G ɩ#  I )B³ŽvhV>%    ˱>͹ĆpZ) !   4Gc3ϵ@       52ڵr/  #%دFO   gހ+s        6DX@ ;nwphWK?,#  4:@V   j̿rM  2@H_q "" %QΎbA =7{ l 9ɐO0   OVs4  sńS/  ϭp  # 1( <!ܛK$Ԛ?oչ֥L ´Ҳr^˼ôƼ? O 4&v&&%%` 9&&U# O)k9UJ#%* ,  O#k`vv)#*`J. 2 5799<   ٩ u/ &˷   wͧ  m$ ?;   hʜ"  Z 3p XÒA  2 3۶ .Ṗh G/  %߲ Føt ݭ QŨ¨  ٨ N֮%  ˤ,  :Ƴƽ1  qؿT +Yͬȱʼ% Xֽk ˮζ'   Xγu ݹ̳"  _Ŵk פмr  V߶q ӯگл  UۮB| 챙 TŸ.w ՟ۀ]437 I FO  2\s@{  $  j  6aԄ- ޺ @. { ή (KI    2Э0 9J  Od  LהO    L Nڿs ((AP!   87oڈܽ  Ph  9 "x̨ܼm  w'    C쥎b  D`Sتݚn   *Tֻ6 Tˢדւ>(7Tζ   vѵۨ݇­ >ܸжʺN PǤϸx`Yɨ̴͵ܵаֺ̹׸ǸƝĪôހֶ̭íȫһͯƹͷ̴ȵյĮŴػҳɯıèޥ˵ͳЮε? ݯ y, *Ƕ/ |ϡ  r& <ƻjɟ& U ;oT“C  2  <ٵ/ܹk   N½4$۵  L¹r$۰   Mի Mѿ"Ǩ/ @Ƴļ3t׿P 4\ʭŲļ$Yָf ʱͶ''Uα׀q ٷ˴ ]ȸk  ֤̼q Tٷu  ϯϻ  $Q֯D~ 뱜  %Tģ/u ֣`856  M =R 5[t   ?}    l} 9c֌ ) ĭ ۻ K( z{  ΰ ,EJ  4Ѯ, !4J  _k IԘR      M Oq  'AR)    <5p܉ھ*    Qj  ;*zڼ˥h  tٲ+   ;־餔`Ka X֪ܚk 0SکԻ: YɢՐӃD5>V͸$  $wڀ϶٥±  A۹̷˻HJǥ˹s`Z˩˴̶ϳ˸ոַǹȞªõҴʰɮެϾʲŷϹ͸ƸѶìŷ׼Ӹdzòǫʶʶϭ˸? -߭  y8 Cͻ "~ԫ   p/"P,tС*  ]L{7bʔN   1I!F侟m   _E?幥   XȽz@ߴ  bʰҫ9ܬ  Xų.2Ϭ4 H˹ǿ<+~ƥY  :fαͷ1.k׼p $Ҳн63oϷx  !⾤ѹ8.uʹw ٭ޅv #mܶx شѾ  ,qܱC 񹞨݀Ľ ,lȤ=   ؤf>;7  a  Fc  " 5i|  _  .  ! l XsՍ  '  ¯⿦4M !   '*ҳ&  -MX  ,Pհ8    JX bt/a֝Z   " T 1`ĩ {  +Ѫo4 1 (   $Uŝo#4$&0dg- *k߭⟛}3*FqުվD  -lϪܙܔT>KoѺ)/ֺƴŴ Jһ;L^ͨһĺzdcѮͻѷ׵ѻݿܼ˺ͣȮȶڻϴȵγôϷŮߺʻԼѶʼٺʰʸۿؼεȶʯӸԼյԺ?  {     O          J  `   D U#  Z e      O e   Z58:#   M +  T ' a { l 7 a q M  E ve-/ ~.   & + ~ 5  x" H¿ {, W  y d  b ſٺ  Խ1 {  ~ x  ʤG  0 A eͿ   v xi  J_  F  =2  ~w    |:U d !i͖<o 7$P .  ~}    }7V   e bЖ:s'     2# R          }    ʨ _   $     F  $e    r | [j   X   B:  {   @ ^ g  +i؟C u%    G+[     J0$  'XgY  Y4 p   %ؼ+ Q0  LX [}?wҕ? J       e       ` 9 ? 9  J  k  Z  e  ? 9    D  e         v   !`D!k  Z4 # 4 D J 3 68;?*Ҭ  ͍Zֽ ԹT׻y ѸY ѱl,d ǰ3A ?] r\ 5idxݭFL WȼIe EŽJD , .*  UP>ߠ y޶E(0l|GH񭬬K C!Ƈ yׁt ߵj~m> ۯթF5iyk⺐![* ᠡӉ G~ 9֢;LG8 L翦!I; Zجͥs4(aH wȵW f Y ɔ[ # {G _  .:U}'wz n΅  :F  mŢ\ Lk YʼnI   2IJ   X^%  < $ ݾ E -; c  LW  ^  I0 Ƒ t߁ۇ  q ޾v oJ ۀ񰚟TAs pc' g;⫣Ӑ  V # DৱK  NQ -Në  %U :Tկɬv?+h {P  nʹZ   s T ϛk  -   B i ,@T -{ hӌ(  5P   wͱm,   My  ^ˌO E, J߾d "jV   $/ I|   i3  /O4-  Wq5Gx #ϣH1"k믖ųʠܭ˙ٮʬͩŮ?        U p k   #  Z  )    4 k 4   4   e          ?v  O 4p.   k 9 .9 ߗ X\¸Ї g rɭԔ .`  ܶL -qNTȦJX #k  xbu! Z x \  } ( L  l 6 <  =<  NV ۚa 5ڨU < Gǜbހ6  >  nն{) Ӳ  M MÝ fc  aӳ؜   ˶ɦ y  ·ͫ   dٿ3  0Ӷ̻nUc ؽn   e  5ȧn VЍ Ͼe| ݹ â  eGvէ ؏  xt  jA g [  *?F "- ,3 4  o6" L V޾  Dȱǥ`LFE?1  ; 1y  + 0خɱǛX    Qc514  c\ಟѴЎ?  tٺt< 2ע­̩D 3۬rJ~1(aŚ̷׹= XȢЯߴJ &ԮǨݭHΛطd ހغĪNϰڣ۽ƴ˧жѷĜ?ٚ Z ]̈́ h  qɰ͓ -g  , ڴH/yU^  ƦJ^  q   ݶ!j  u,Wz W! ڀ   %'M u > F   @G J]   b 9ة] !  D  Dǝb۴= ! z@nԷ &t0 дN Q`m  dҵ  !̳Ǧs  ͯ     eĪԽ<    6ϳμrGh 󶟤ؽҀq  ijhݪ  5ɩsTА  ˾eݺ  ! cLxѭ  ֑  qunG  j  _ 0   7ۯF(鿑3$ 4 { 8%  gɃ3"  N U۾ BŵĩaSHF;*    ;  0w 0,ޮƱŗX    Lg11<  h \ݵʹόA  qն|81Ԧ˾ͯN *ٯvHׅ;.eşɵֿL  ]ȤҬݸV   !ڀׯʥخ#AΟҹj ׻ŮQϱ٤޿ɵȫ̴͸ٽ׿?   c_ƽב n,  rβљ @x2  ߻Q 4|Tb   ͫMl %v  (u   x3\   ])    &5 K  z N P#"  DƮSG߸j #  q@஗* f#%  NNͥ bF!* |I& tڽ ! y>ֹ    X Wɦ bފx    kػ     #ϽϬ!!t   þձ  1   hŮĭD   ,վڀzTn  -ðs     Ʒs   <ѰPџ  Ɨ]  Ǧ%kP|ظ   ޛ o~ hI   n e   +   ?L09 - 6 ڃE.   fЍ0.     Q"^#  F̵˭dQBAB/     : O  A n G    J   N  & X > ^ ^ qq r ~V   5   " + < 3 p Hy  "  CP  @ 92    F  @,  @ A   K I  N J   \ R  R.K  L   Mq  <=  (<   Uiײy   f[ Blކ   bޤ*  k1  NC  Ƀ6   eۨ5  ӟ> k. 7I(}V :#      ]f   6 +  -  @  8!  P  6  i B    E   L   W  @ \  Zmu  m wX   x C  (    + 6  8   l  9~   ;\   K >5   >  ?7  I =&  B  E K  F S Q  M .U   M &  F  h 9 >   ' =    V    g  ι  t   ]]   Bp#  (fߪ1   iݩ5  DJ   |dž8  cܫA  اDl9 4R&{V5       ]r# $  H  0  3&  >  4   N <#l E    H    N # R  > ]   Y  l %  n  vf' y R %   $0  * @  -  f  B  % G[ 8 =I  H ;A  8  ?5  F  D  G C   U  T   O  /] M '  Lk < ? -A   Z   e    s  Xl   "Mz/      ,j: t;  LR    ѓF  lܵI  %کJ wB =U"V  4       U       vO .    ! ! ! ! ! ! !9 ! ! ! !  ! # !    #&(*k-` 2 46:q@D " E#rev     Yդ `lx݄ dtքִ֤֔z 0@ۧ'ܐܠܰ 0@P"85 20 6' + * ) !  ''* 7<<<., * 79:r+ )       4 5;8++         ;:99/*  , $  ,:4 / ' """ -9t#5 3   "  #*/3 (:) %" ###<<<3   $&*9+ * * * * % %**/0 <<;;   4   I;::;;51 - @D "  E#sealsign     7 [ '7GW +;K[~.>N^n~ / '  =======                                         #)=>=============<=@D " E#seal      pppp AQFw   $''49>GGH<HLH\HlR)RuRip{ppp ? <#;+::4I:=R:#>S:":3E:4E:3>:3;:7;:'=A:UD;._=, ?<;$1:,>:3E:4E:3>:3;:7;:'=A:UD;._=,  7&(,(%!6ENNF>4,( 3Z]WME?944, 1[Y`]VOG?;?D8,!.VcbdfaYOF@IMH>/ ,U`cmprlbVKFMRMH9'*R[dqzypeZPLMRTOJ=,(PTdryyrg\PMSUSPC:, &Raoy~vj^RPUVQJ@4' $RT_mw|obWRTXQMC9-" "\V]jwznaXWXSNG=4*! !ug\gvse^[[UOJC:3+#  'jjfsxjc_]WRMGA<5.% !fkq}tld^YUPLGC?:2,(  Cfsy}tjd^YUQLJHGC@7*  Nhxzof_[WUSOONF8* Pm{tld^YVTSPRUWSH9*  4Suzph`[WTURRVYZWK7%  @atld_XVUTQSX]_WD/$ !Dozpia[VTTRRW]cbU@-%  7Nttlf`YVUTSX`gkeR<,&# *R{|rkd^XUUSW`jqqeM7+'! ,_xnha[WUTU\gqwsaG3,' 7 !%!69AA92*%! 3LNHA:4.+)$ 1LJOMHA;4057.$.HRSSUPIA95<@;3' ,HPR[]]YQF=9?C@;/*FLS^fe\SJB>?BDA=1# (DGS_dfd^UKA?BDD@5/#'DEQ]djkhbXMCADEA:3( $DGOZdkqof\PFCCE@<4," "NGNXblpomeZOGFFA=7/(! !bWMVblosqj^SLIHC>94-'"  !ZYU`jpssncWPLJEA<73/*% !TZ_horsph_XQLGC>;863/)%! !9U^enrtsog^WPJFB?<<:97/# !BWdjqttrndZSLGDBA?@ACD<0# DZgpttqh^WPJFBA@?BGLI?1#  +DaosstsncZTMGDAC?AGLONB/  6Pjpsutqh^WPJEBAA?CJQVO;( 8]lrtusncZTMGDAC@AHPXZM8& .A`osutqh^WQKFBBAAIR[b]J3$ !Dfrttsne\VPJEBB@ER^gh\E." $OksutrlaXSMGDBABLZgnjX>*"  7 !%!69AA92*%! 3LNHA:4.+)$ 1LJOMHA;4057.$.HRSSUPIA95<@;3' ,HPR[]]YQF=9?C@;/*FLS^fe\SJB>?BDA=1# (DGS_dfd^UKA?BDD@5/#'DEQ]djkhbXMCADEA:3( $DGOZdkqof\PFCCE@<4," "NGNXblpomeZOGFFA=7/(! !bWMVblosqj^SLIHC>94-'"  !ZYU`jpssncWPLJEA<73/*% !TZ_horsph_XQLGC>;863/)%! !9U^enrtsog^WPJFB?<<:97/# !BWdjqttrndZSLGDBA?@ACD<0# DZgpttqh^WPJFBA@?BGLI?1#  +DaosstsncZTMGDAC?AGLONB/  6Pjpsutqh^WPJEBAA?CJQVO;( 8]lrtusncZTMGDAC@AHPXZM8& .A`osutqh^WQKFBBAAIR[b]J3$ !Dfrttsne\VPJEBB@ER^gh\E." $OksutrlaXSMGDBABLZgnjX>*"  ; : 8 |5 2r1  <:9863/ -  .--3/HZdheT;-,- ʶ~yqdXWM&.* ƶtcYV>K( s_[Z= 'ĽytP2!!rüwP@?- ù|7  ZĻ} ɿݻu! Ǿr |ɻt˿Ȼ ɺ… ǹ|´׺ɿޣ굶|  + ( %$"       @=======8q~rjd^XVURXdoz|oV7.#6fzphc^XW]s~bE9>@2"H{~tkea[WZl~dG;=D8## *ixohc^YYf~~hM=%5c~xrmiecerybJ@=Y1<%#Uv{vpkfdgpzdK@>X,;%Dl}wqmiggnzvaJ@>W*7& 7d|~ysnigjqzxaK@>U%. & .[vxroljjmxw_J@>T''&(Om{~ytqmkkowx_JA?Q+'Cbv}zvrponpv}z_J@?N5'3Wo{zwsrpprw}zaJA?J; ( 'Mgwzwtsrqrw}zdI@?I@ (C`qwvutsqrv{zfJ@?GD):Whtvvtuttw{ziL@?GK)0O`nuvuuttw{zkN@?FN%()FTgsuuvvuwzymP@?FP*(!8I^puvwwvwyyoS@>EZ-(+?VlsuwxwxzypW@>FVC(#9LfqvxyxxyxoYA>FVO)1B_nuxzxyzxn[C>EWB),9VjtxzyywmZD=D[/)%1OgtxzzyzvlYC=B`0*)*GcrxzyywmZB;@a=) 'A_owxzzxvm]E;>]8*%;Zktxyyxul\H:=ZJ$) 3RgrwxxvsiZG;5Cdc5+ .Pcklmmh]M>2Gk^)+ (K`ijlleZI:2OlG+,$H]egihcVH90VvB- BXadgf_TE60_F$-?T^`ba[OA3.L@/9OY^a`XL>2../4JVY\ZSH;.(0/EPUYWOD7+%1*?LQTRK?3(#2%8CILJB90$2 0:@C@91) 2 %07:70("2$)+)# 2 !#! 3  3  447-_quutpg\UOJEBB@FUcpsfM2%"!FhsuuslaXTOJEBACSamur\=*%" !-WpuvtogaXQLHDBAP_mxxeC+('!"=dsuurnf[TOJEBBN_lwziJ2)*&!#Nltvtpi`WPLHDBH]kx|tZ<,+)!"4]pvtrmdZSNJEBEZiw~zdC/+.("Fgsttoh_VPLGDCRht~}nR6,/+$#,UortqkbYRNJECLguuV7,02(";epssnf]UPLGDG_t~uZ;-/5,# "Vkqspi`XRNJEEWsu\@/.75#Bbmrqld\TOJGFOj~zfI2-76,"+Siprof]UOKGGPg|~jK3.8+'*F[cca_`_`cjrpS;10<0 ( =Taba`aacjroV:00:4 (6O[``abgnoX;0097)/GT]``addeino\=008<)(@MY_abddejnn^?008@ ( !8CS]`befgimn_B008B# ( .:KZ`cfggimlcC0/7K$ (#2DW^cfhijmmdI1/7F8 ) -=R\bgiijllbL1/7HB )'4MYafjkkmlaM3/7G6)"-EVagjjklk`L4/5L')&?R`fkllj_J4-3P(#)  8P_gjkkj_K3-2P3) 3M]dhkmliaO6,0M.* .HXbhjkkh^M8,0I>)'CTagikjf]L9,.HJ"* ;P_eijidZI8+.IT%* 5N]dfhgbWF5+0KX** -JZadee_UD4(2P[,+ (FX^acb]Q@0)5SS-+#AS\`aa[O>/':YO$,=QY]`_XL;,%@[<$-:OVZ\[VI:,%Hd9-5JSXZZRF7)&Q:.2FOSUTNB4'%@7/-BKRTTL>1&%'/)>HLOMG;-# 0$9CJMKC7+!1 4?EHF?3(2 .8>@>7.%2&0585.&2'-0-' 2 !#! 2 3  3 458-_quutpg\UOJEBB@FUcpsfM2%"!FhsuuslaXTOJEBACSamur\=*%" !-WpuvtogaXQLHDBAP_mxxeC+('!"=dsuurnf[TOJEBBN_lwziJ2)*&!#Nltvtpi`WPLHDBH]kx|tZ<,+)!"4]pvtrmdZSNJEBEZiw~zdC/+.("Fgsttoh_VPLGDCRht~}nR6,/+$#,UortqkbYRNJECLguuV7,02(";epssnf]UPLGDG_t~uZ;-/5,# "Vkqspi`XRNJEEWsu\@/.75#Bbmrqld\TOJGFOj~zfI2-76,"+Siprof]UOKGGPg|~jK3.8+'*F[cca_`_`cjrpS;10<0 ( =Taba`aacjroV:00:4 (6O[``abgnoX;0097)/GT]``addeino\=008<)(@MY_abddejnn^?008@ ( !8CS]`befgimn_B008B# ( .:KZ`cfggimlcC0/7K$ (#2DW^cfhijmmdI1/7F8 ) -=R\bgiijllbL1/7HB )'4MYafjkkmlaM3/7G6)"-EVagjjklk`L4/5L')&?R`fkllj_J4-3P(#)  8P_gjkkj_K3-2P3) 3M]dhkmliaO6,0M.* .HXbhjkkh^M8,0I>)'CTagikjf]L9,.HJ"* ;P_eijidZI8+.IT%* 5N]dfhgbWF5+0KX** -JZadee_UD4(2P[,+ (FX^acb]Q@0)5SS-+#AS\`aa[O>/':YO$,=QY]`_XL;,%@[<$-:OVZ\[VI:,%Hd9-5JSXZZRF7)&Q:.2FOSUTNB4'%@7/-BKRTTL>1&%'/)>HLOMG;-# 0$9CJMKC7+!1 4?EHF?3(2 .8>@>7.%2&0585.&2'-0-' 2 !#! 2 3  3 4581 . |+J*6v) B(O'/' '¾'þ'վ'ջ' ֺ'(ÿ(?( (0½)ÿ*w*+ ¾,, »- .ƻ/ ÷0 3 ͻ4 5 6r:<<W<=2 8 W7+W3+ 0 /r 0| 1=3"3^ 3 7q h, *((''''&&&&&&$$$%'''())) * + ,. 0 055689;<===>;:9863 .- , ,+,-,-.//0 'ȿ䪫 ¸ɾڜźۚ÷ڕ󿲬ޏ۹}‰~Ύ¨ܘݧݖݧזΨ􈉈ߍ̦݌ǣ􆇆⋍Ģ򅄅߈á񄈋߆Ġ߆£󌉈å냂ᅈ¤¡ق숆́Ѐ¨ڂ®ŀςǻɁºȁż၃ž󰬪ށ貭ǂ¿κþݛ. J݁Ź݌ E ¼ Z ü $ q !u&20j 0W 2 º e %!#$&%'()* ++ * )447             v  % % %-0 =7<0;ӻr8}8"7+6oW 3۬ 2ݯ1}1ݼ112222 132 24r33 4ܯ 5r6r8ȸr========<<;:9776532110/////{/e///001112 2 3 57<~< <<%=5050E:4''$$@TG3 HLNMKP\S1'4LXcdb`^]Y0-4D[ellmlhc`\/455Ifonnmlie`,+DO\_hnooponlgb+)*5Qcidgoqoopmid*$@::;\ekoolopopoomid*DNLQ\msqroprqpoonkhd !$>ASctms{zvvsrsrppnmjhd#!!#-;ObjXAk}z|zwuvusrssrplh$XNNLOSVdr|~}|zyxxvtpmi )W]OF4Qkxss{}|{{xwsplh !+2?M[blv{~}||{zvsplh '/6D[m{}}zxtpnjf$,5AN_q}}{wuqlieb(/9DQ_mz~{wspljhfb`%09BMXgt~ztqnkifbb^Z"-6?HUamz~yuromiec`[\V (4BLD1 !+@JQRRONMJ0&+8LTZYZYVROL/+,,=U\[[ZYVSN,$8ALOU[\[\[ZXUP+##,CRWRT\\[Z[[ZXUQ*6102LSY\\X[[ZYXUQ*9AADK[_\][\]\[ZYXVTP 47FSjaZ`ed``_\^\ZZXWVSQ'2CT[I7Zn{xieeda``_][]\[YVSJBB@BEIT`hnnxzyvqkggeecc`b``]ZXT #JPC<,EZkktqkf`agntwxxvtqnkjigedcca`\YVS$*5AMS\dij~~|yupopqwwutsponmkjhffddb`]ZWT '-:N]itwwz~{xyxwvtrpqnmkhgffca^[WTR%+6AQanv|z{{}{xvurspnkiggfa^ZVTQO!&/8DQ^ku{{|{y|{xxuupokiea]ZVUSRNL'/6@JXepx~|y|{vuqoje_[XVTRNNKG $+4;GS_ku|}~{vtpid_\YXUQOLHID *08CMYdox~zuqkea_\YVROKJHEC%+4=HR^ju}~wsmfda_\XURNKHGDE &/8BLXdoz}uoieb_\ZWUQNJFFBD *3<84-< <<<,(5(914!!5E;3<@A@>BLD1 !+@JQRRONMJ0&+8LTZYZYVROL/+,,=U\[[ZYVSN,$8ALOU[\[\[ZXUP+##,CRWRT\\[Z[[ZXUQ*6102LSY\\X[[ZYXUQ*9AADK[_\][\]\[ZYXVTP 47FSjaZ`ed``_\^\ZZXWVSQ'2CT[I7Zn{xieeda``_][]\[YVSJBB@BEIT`hnnxzyvqkggeecc`b``]ZXT #JPC<,EZkktqkf`agntwxxvtqnkjigedcca`\YVS$*5AMS\dij~~|yupopqwwutsponmkjhffddb`]ZWT '-:N]itwwz~{xyxwvtrpqnmkhgffca^[WTR%+6AQanv|z{{}{xvurspnkiggfa^ZVTQO!&/8DQ^ku{{|{y|{xxuupokiea]ZVUSRNL'/6@JXepx~|y|{vuqoje_[XVTRNNKG $+4;GS_ku|}~{vtpid_\YXUQOLHID *08CMYdox~zuqkea_\YVROKJHEC%+4=HR^ju}~wsmfda_\XURNKHGDE &/8BLXdoz}uoieb_\ZWUQNJFFBD *3<84-< : : 87*75% 6;*! 5J5$ 4UE0 3YP>*4[RH5!  4]TI9%4^UK:( 4^WL<' 4_XN=' 4b[O?* 3e]SC/!3c]SF5& 3d]TH;+!!3b\SH>/&# 2_[SG@2)# 2ZUQG@/- 2WPNG>2( 2TPLFB) 2QOJJ2% 2NPI?1 3NKB84GC7#8>6)88+ 8. 8* 9<: : 9 7# 7, 60! 5<, 4F9(3HB3! 4JC;+ 4KD8+@K9 0G: 0 r0.. - -   .  . / / 0  "!1  $&%%2 #'*+3  !%++3# !(.4 %&!!$-5 *)%#(6 %*,'(7'.-+7,718"4<9'::' r0.. - -   .  . / / 0  "!1  $&%%2 #'*+3  !%++3# !(.4 %&!!$-5 *)%#(6 %*,'(7'.-+7,718"4<9'::' @=; : 7 7 0 (! .*,'# *$21/-'%  (#.44630.*'$# %$%(-488641/,*(# .)'&+087651.,))'&%$$&'*)+'(%$"/.-.6>ET^de`\TOLGEA>><;996511)+)873368>EMTX[\[XWUSOLKHFCA?=<77/10><::;=@CFHIJJIHIGGEEDCA@@=?:;574=@C@@ABA@?>==>==>?@?AG;+  :BGGFECA?=;9:88776656678::8CJ<-% "!7@HMMLJIFC@=;997755421//../-18<84.**&,6;;976542/.,,*+*++,/0033220-3.<;CFORRQOMJGDA>>;988521100/..--,,+,+,..2.0(*.E@DBLSUUTRPMKHHECAACDCBA?=<:76320.,+**,//2.!$LKJFIPUXYXVWVXWUTTVSSQPMLIHDC?=:7420,+)(()+,21 FSTQLMQW\]__^__^[YWVSRONKHEC@=<952/-*)'&&'),  @=;: 8  7  0 .!" *'%$" ("((*'%#! &"'+*)(%"!   $ !%+*)(%#!!!" $#)06CLQRNJC?<96200..-,**&'!#",+(')+06><;9630.++*)(&&$"!  ! "%%')*))'%*% 0/58?@@?=;8530..+*))&%$$##"!!"$%(&'!$&7264<:865310//1211//,,*('&$#"  "'&)%>;<7:>CDDCBBCAA@@A??=<:96510-,*(%$"  "#))  9DCA==?EHIJJIJIHECB@?=;97420/,,*'%" !$  @=;: 8  7  0 .!" *'%$" ("((*'%#! &"'+*)(%"!   $ !%+*)(%#!!!" $#)06CLQRNJC?<96200..-,**&'!#",+(')+06><;9630.++*)(&&$"!  ! "%%')*))'%*% 0/58?@@?=;8530..+*))&%$$##"!!"$%(&'!$&7264<:865310//1211//,,*('&$#"  "'&)%>;<7:>CDDCBBCAA@@A??=<:96510-,*(%$"  "#))  9DCA==?EHIJJIJIHECB@?=;97420/,,*'%" !$ # WW 9 W9WW9jԗ 8 ݀8 ݘ8|5++5l 6|7q 7Wݼ 8 j  6<;;::98886654 4 4344 45{677" $)5?LWep|znkje^ZVTRQNHC:1"%,7CQ\goz}ojid\VRPNKFA:3*"((/5@N[gr||rjge\TOMJD=8-")+-2;FR^lzzqhheYMIGC?8,! (+-09ER_juzqhfaSHEB=73, '*,.4?LXdpz~vmea]QE?=;7.'%(+.09FS^it}|vma[YQE:82.( &'+/3?KWbkuzx}|xph^TUPF3/.$&  ""'+2;EPZdnqkwzwvrmeYOPQF0/&$$-8@IS\cd`o~zurpmf^SLKOD.*#%28AIRXZYcrwvuqnke_YOGHL?+%,2:CKQSRYekmmkifaYPGCGB5&  %-4=DJLLPY`dfgfaYPIFD>7( )/7>CFFHPX\]^[\VPE>61'! #,38BEFHKOMGA5(" ! "+059;>??@BAB>3  " "#(-/159:<<61-& !"#'09EQ_lxwncXWRH>;964-$ "#&-8ER\hs{}undXUOB:751-*% !#$)4@KWbnw|{sk`VPLA8320-%  "$&-;FR\gquw{zwqj_SJHB8/,(%! !%)3?JU^inmw{usrme[OEEB8(%&")0:CMWbfam~|vpmlhaXK?AA9'&$-5>GPWXVdtwupkhfb[QF>>@8%!  (.6>GMONYhmlkgda[SLC:8=2"  "(08@EHGO[bdcb_\VND;8:6+%*2:?ABFOWZ]^\WOE>:82*    &-38;<61-& !"#'09EQ_lxwncXWRH>;964-$ "#&-8ER\hs{}undXUOB:751-*% !#$)4@KWbnw|{sk`VPLA8320-%  "$&-;FR\gquw{zwqj_SJHB8/,(%! !%)3?JU^inmw{usrme[OEEB8(%&")0:CMWbfam~|vpmlhaXK?AA9'&$-5>GPWXVdtwupkhfb[QF>>@8%!  (.6>GMONYhmlkgda[SLC:8=2"  "(08@EHGO[bdcb_\VND;8:6+%*2:?ABFOWZ]^\WOE>:82*    &-38;;752.,(%#"#$%'-*4$!  2NcbYV\``baa``_^\ZYXVVSROMKIFEC@>971/)%#"!!$&)-'4!$3Oac]_b`aa_`__\ZZYWVTRPNKJHFEB@:5.(%#" !! $#')'.' 1O__]aZ`^a]__^[ZXVUSQPMLKIHFC>61/.,+)('&%#" !!'(/ 1KXS]U]\_^^__][ZXVTSPPNNMKHDB=<763300.-+*(&# #$- -FIVTV\\_]_`__]\\YXUUSQNKIEB?<9663210/.-+)'$"$&%5BIVOY[]_]__`^]]ZVOKHED@><:86543210..,+)(%# +& )7AQTQY[^_^_^^_ZUOKFDBA>=;988766543210.-,*'%!(-# ")CFRVVX[]__]YTOLIGEDAA>=;;9::9976655421//.,)%$"&+"'  0GNUZ]^]\YVRONIHHFFCD@A>><==<;:9987554432//-,(%')&,&6@OZ]\\[\ZVTPMLKLIJGGEDCBABBA??>>=::997554432.+'**'1! .GQVX[]^][[XVSRQPNNMLLJKIJIJHEEB@@?>;;:850,(+)'+/9GMRWZ]]^]\[YWUVUTTRSRRQPMMHEBCBCBB@=60*)-)"$6:FITX[\]^]\[YXYXYXXYXVTUTUQQMLLMKF<4*)%6$ #)4:HMTTZ\^_]]\]]^\]\]\]_`aa`_a\\]YXXZ[\\WQF?5-)5!"  +1 %*039AFNOV\abcgjpquxz}~~}~}}xtoe\NB !"'+07@HKQV\_`diopy{􅄃zukaTG $.289@GJPXYZ_cjox{|ul_Q  !047;BGJOSUW\blswyx|{~~{ti[ 8JHGJMNQXfkpoqsswvy{}{~|~|~|~}}|~|~~|vn` -CH>@BGJL\`edghjmmptwuwvwvwvxvwwvwvwxytnb 5?76:@EHSW[[]_`dcgknnonooppqrstusrokd"--,06IVZ[[\]]^^`abbcbcegfeffghhjijjii !',37@INQSWWXWZ]__^^_bddbcdcdcdc #(-7CHJKPRRQTVYYZ\]^]^]]^]^]^]^ #)-0349?GJKMPQRUUWVW W  &-38;?CEKNNONONONONON #(-8>@AACBDCDD #)+--.132455778  $#'')0 6 89 :);GJD?>DGKLKKJIIEDBB??<;96521.-+)'$" $"'(?MOF@BHKKJHEDBB??<<975310/-*(&$"!%#,)@QOGDHKKMKLJJHHEDCB@@=<:864210-,('%!!$ +*@NPJKMKLKKIJIHFCCBA?><;965432/-)& ! &  (AMMJLGKJKHIHHGECBA?><;9865430,%#! & (=GAJBHHIIHIIGEDBA?><;:98641.+)'%$"" $ %8:CBCHHJHIIHFCB@A><9652/-*''%$#"! *5:D=EFHIHJJIHHEA:7521.-+)(&%$##!" !!  ,3@B?FGJJKJEA:7310.-+*)(''%%$#"" % 57ACCGIILJHD@;86421..++))''(''&&%%$$#"!!$  &8=DHJIIGEB>;965523/1-/,,++)(('&%$$#"!!$ +3@GIJHIHFB@<998:6856332110.--,))((&%%$$#"  ! ( $9AEGHIKIIGEC@?>><<;;:99885410//-+**)&# "!#%.8>BFJKJKIIGECBBA@A@A@A@A??>;<;<8774221.($ # */8;CGKKLIIGEEFFGFGFGFGGECDCD?@?@=;<;<<60( + !*/;?EEJLLMJKILJMJLJKKLOOQPPQMLLMHGHHJKMMID:4+$ * "(17<@FIMNNPOQNPOPQQRTVWVUWXWWXZXWWZ\``\UPG;,%"" $)24<@FKMPQSTSVUVUWVWXYZZYYZZ\^__abfhjjid^VI;2'# %..8:CGLNQUVXXZ[Z]\^]_`bcb``__`abegijjif`VK?3* ")+35>BIJOSVXY[_`baddghkmnonmnjigfeefhjkmllf`WL?4#(+07@FMNPTX_enputxyy|{}{}{}{}|}|{|{{zyvrkbUF '*-08<>DHJKQWahlnnqqttvwxxyxywxvqj^Q-;;=ABELZ_ddfhhlloqsqtrtrtrtstsstsutsldV %69246;>@PTZX[\^aaejlkllmllmlmnojdW +2+*/59;FJNNQRSWW[`ccdeffhijjhgd`X$""&+/7AKPORQSSTTVYZZ[[\^`bdefgfdc_\$(1;FJKKMNNPORSTTUTVWYYZ[]]_^__^^"'+09?ABFFGGJMPOOPTVVTUVUVU #*389;>AA@CFIJIKLNONONNOO "$&'+17::=>>=?=?=?=?=?= "+01211323233 !""#$&%&'')(*- 0 6 89 :);GJD?>DGKLKKJIIEDBB??<;96521.-+)'$" $"'(?MOF@BHKKJHEDBB??<<975310/-*(&$"!%#,)@QOGDHKKMKLJJHHEDCB@@=<:864210-,('%!!$ +*@NPJKMKLKKIJIHFCCBA?><;965432/-)& ! &  (AMMJLGKJKHIHHGECBA?><;9865430,%#! & (=GAJBHHIIHIIGEDBA?><;:98641.+)'%$"" $ %8:CBCHHJHIIHFCB@A><9652/-*''%$#"! *5:D=EFHIHJJIHHEA:7521.-+)(&%$##!" !!  ,3@B?FGJJKJEA:7310.-+*)(''%%$#"" % 57ACCGIILJHD@;86421..++))''(''&&%%$$#"!!$  &8=DHJIIGEB>;965523/1-/,,++)(('&%$$#"!!$ +3@GIJHIHFB@<998:6856332110.--,))((&%%$$#"  ! ( $9AEGHIKIIGEC@?>><<;;:99885410//-+**)&# "!#%.8>BFJKJKIIGECBBA@A@A@A@A??>;<;<8774221.($ # */8;CGKKLIIGEEFFGFGFGFGGECDCD?@?@=;<;<<60( + !*/;?EEJLLMJKILJMJLJKKLOOQPPQMLLMHGHHJKMMID:4+$ * "(17<@FIMNNPOQNPOPQQRTVWVUWXWWXZXWWZ\``\UPG;,%"" $)24<@FKMPQSTSVUVUWVWXYZZYYZZ\^__abfhjjid^VI;2'# %..8:CGLNQUVXXZ[Z]\^]_`bcb``__`abegijjif`VK?3* ")+35>BIJOSVXY[_`baddghkmnonmnjigfeefhjkmllf`WL?4#(+07@FMNPTX_enputxyy|{}{}{}{}|}|{|{{zyvrkbUF '*-08<>DHJKQWahlnnqqttvwxxyxywxvqj^Q-;;=ABELZ_ddfhhlloqsqtrtrtrtstsstsutsldV %69246;>@PTZX[\^aaejlkllmllmlmnojdW +2+*/59;FJNNQRSWW[`ccdeffhijjhgd`X$""&+/7AKPORQSSTTVYZZ[[\^`bdefgfdc_\$(1;FJKKMNNPORSTTUTVWYYZ[]]_^__^^"'+09?ABFFGGJMPOOPTVVTUVUVU #*389;>AA@CFIJIKLNONONNOO "$&'+17::=>>=?=?=?=?=?= "+01211323233 !""#$&%&'')(*- 0 6 89 :;'! :)% 9.+)%96.0*9:12,&9<332-9D944B8L>;-;:7SB9:$;7VF8A%3#6XN;69< 6a\QJ>5,4gfb^VNB6-!/dcdca^WOA7.$ -]^^_]YOG?3( -WXYY[ZYUOF<.# ,OPRSTVVTOG?3) +EGHLLOPQPMHB8/  +:=>ACFHJJGC=6(  *,02695+!-GHIJLLMLID;3' ,?@BDDFFGGB<5*"+568;;5-& +*-.03589::850*  *!#%'*,/135531,%*#%)*.0110,(! )!$&)+-..+'! )!$&')++)$! )"$'((&  )  %((&! - !%$ .  /  0 0  2 55 ;  : !9# 9,&'#90(($92*)(%9:.*+6 8B41$117H9/117K;.6)6MB2-/16UPF@4,%4\[WSKC8-& /VWURKD7.& -OPQRRPMD>5+!-GHIJLLMLID;3' ,?@BDDFFGGB<5*"+568;;5-& +*-.03589::850*  *!#%'*,/135531,%*#%)*.0110,(! )!$&)+-..+'! )!$&')++)$! )"$'((&  )  %((&! - !%$ .  /  0 0  2 55@D " E#text     Fq q % rVrfrvrrrrrrrrssvQy,zWzgzwzzzz|$AQaq<, +++ +* <<<            <<=<@   P<<;;=/:(95443,+*(<<<<<<<<<<<89:2//0......-./78:9:8   E'' ' & & &           &1 <=z@D " E#band       ,(8HXhxHXhx9IYiyƉM-peu ^[Z7^\ZZ7^]ZY[:]XX[:]XWY:\XWX;YY; [< <=^;^9^6 ^" 7 7: : : ; ; < <;96 " 7 7: : : ; ; < <;96 " 2 0001 3 5 689:;<>=765 2/, @8ZYZ[]^3]\ZYXXZ]]^0]\^][ZYXXWX[]^^-[__`^\ZYXYYXX[]^^*[^_cdeb_[YXYZYXXZ\^^)Z]`eiid`\ZYYZ[YYXY[\^^'Z[`fiiea]ZYZ[ZZXWXZ\]^^%[Z_dimnlhb^ZZ[[ZXWWXZ\]^^$[^diosqkd_[Z[\ZYWWY[\]^^"\]biosrpjd_\[\ZYXWWXY[\]^^!]`horvtnf`^]][YXWWXY[\]]^! `fmsvuqib_^][ZYXWWXY[[\\]^^ dkruvsmgc`^\[YYXWWXXYZ[\\]]^^ $iptwvrlgb`^\[ZYXXYY[\]^^ +msxxuqjea^][[ZYYZZYZ[\]]^^jrwwxtmgc`^\[ZZYZ[\[ZYYZ[\]]^ (puvxvrkea^][Z[ZZ[\\ZYZZ[\]^!7rvxxungc`^\[[ZZ\]^\ZYYZ[[]^ !otwyvrkeb_][ZZ[]__\YYZ\^^ eqvxyungca^\[[ZZ\^ab_[YYZ]^^ \iswxvrlfc`^\[[Z[^bdd_ZYXXY\^^ mvxyupida_\[[Z[]aege^ZXXZ]^ @8 4 1  -  *!##  )%,*# '(+,+% %&,120*! $$-4:7.$ "!+6:95-# !*5:?;3( ! %2;?>7,"  ".9>?:1)#  )6=@>91)"  $0;AA>8.%  +9@AA<2)# !!6=?A?9.&  ".8=BA=3*# !1;@B@9.& !!5=BA=3*$!! (:@A@90(#"&# "/=BA>7-%  '*$  @8 4 1  -  *!##  )%,*# '(+,+% %&,120*! $$-4:7.$ "!+6:95-# !*5:?;3( ! %2;?>7,"  ".9>?:1)#  )6=@>91)"  $0;AA>8.%  +9@AA<2)# !!6=?A?9.&  ".8=BA=3*# !1;@B@9.& !!5=BA=3*$!! (:@A@90(#"&# "/=BA>7-%  '*$  4/,*'$#! !" $%$$##"#"# ^1^/^.^-^.^-^-^,^-^.^.^/^0 ^1 ^1 ^1 ^1 ^1 ^2 ^1 ^1 ^1 ^1 ^2 ^2 ^1 ^2 ^2 ^2 ^2 ^3 ^3 ^3 ^3 ^3 ^3 ^4 ^4 ^4 ^4 ^4 ^4 ^4 ^4 ^4 ^4 ^4 ^4 ^4 ^4 ^5 ^5 ^5 ^5 ^5 ^5 ^5 ^5^6^6^6^6^6^/ 1/.-.--,-../0 1 1 1 1 1 2 1 1 1 1 2 2 1 2 2 2 2 3 3 3 3 3 3 4 4 4 4 4 4 4 4 4 4 4 4 4 4 5 5 5 5 5 5 5 566666/ 1/.-.--,-../0 1 1 1 1 1 2 1 1 1 1 2 2 1 2 2 2 2 3 3 3 3 3 3 4 4 4 4 4 4 4 4 4 4 4 4 4 4 5 5 5 5 5 5 5 566666/(''&''((***+*++,++,+,,,-,,,------.......///////000000000 1 1 1 1 1 1 1 -&rwyxtmfb`^\[[Z\`diic\XXY[^"kuxyvpieb`^\[Z[_chkh_YXWXZ]^!qwyxtnida_][[Z_chmkbZWWX]^^! gtxyvsmfb`^\[[^bhmld[XWWX[^^!mwywuoida_][[\bgmni_YWWZ]^"dsywwrlfb_^\[\bgmplcZXWWY\^^!jwwtoic`_\[[_flpog]XWWX\^^"`ruwvqkeb_^\[]flqqj_XWWZ^^#Zjrwwsmhc`_\[\clqqj_YWWXX]^^"Zaotwuojea_^\\`lrqkaZWWXXY]^"\[hqwvqlfb`^\\^hprnd[WVXX[]#Z`otvtngc`^\]_gpspf\XWXYWY\#]Ziqutnhca_^]^eospf\WVWZWX[^"^Zbnttojfb`^]_dnsof\XWW[WV[^$[hqtqkgca_^^blsof^XWW[WVZ^^#Yantrnhda_^_bksrk`YWW\WV[^^#[issnhdb`_^bjsqj_YWW\WW[^^$Yepsnifca__biqrj`YWW\WW\^^$_mrojfdb`_`fppi_XWW\XW\^^$[hpolieca`aempi`YWW\WW]^^%Ycnpmifdbaadjog^XWW[XX]^^%Y`lonjgdbabejnh^YWW[YX]^^%]hnnjfecbbdinh^XWVZYY]^^%Zckmjgfdccdhlh^XWWZYZ^^%X_hmkhfeddehki^XWWYY\^^&X\dkkigfeefhkj_XWWXY\^^&YZaikiggfefhkj`XWWXX\^^&[X^eiihgfefhjj`XWWXX\^^'X[aghhgghjjbYWWXY[^^'XZ^dhhghjjbYWWXYY^^'X[aghhghjicZWWXZY]^^'XY^ehhidZWVW\Y]^^(X[cghiihijie[WVX[X\^^(YWY`fhiid\WWX[Z]^^(ZXX^dhijiijid]WVW[Y[^^([XW[bgijiihc\WVW]W\^^)YWZagijjijhc\WVW^Z]^^)YXX_fijiihc\WVW^[^^)ZXX^ehijjihc]XVV]Z^^)ZXW\cgiigc]XVV\Z^^)ZXWZafhiihfb\XWV[\]^^*ZXY_eghhea\XVV\_\^^*[YW^dggfd_[WVW]a[^^*\ZW]beec_ZWVW^bZ^^*][W[addedb^YVVW__Z^^+\WZ_bcca]YWVXb^Z^^+]XY^bbcc`\XVVZbZ\^^+^XX]`aba_[XVV[fZ\^^+^YW\_`a`^[WVV^YY]^^+^ZW[^^__]YWVVYY[^^+^ZWY\^_^\YWVVW[]^^+^[WX[\]\ZXWVWY]^^*\WXZ[\[YWVWY]^^+\WWYZ[ZYWVWZ^^+]XVWXYXWVVX[^^+]YWWVWY[^^+]ZWWVWXZ\^^+^[YWWVVWXY[\^^+^\[YXXY[\]^^+^]\ZZYYZ[\]]^^+^]]\[[\]^)^]\] ^ )^] ^*^( 8ABA<2("&-, " ,=BB@7-&"%-0) !6ACA<3-% $-40" &@A<5,$+3:7(  "8=A>8/'!*4<;. # *9?@;3*#%4;;/ #3<@=6-&! 3=<0  ")7>>91)"-<>5$  #2;?<3*#+;?9(  # ,7=<4+%!(9?9( "2;=5.'"'8?8( $*7<70*$ #4?9* #2;93+$ #1@>2  $,9:3*%""/?=0  % $694-(# ".==0  $185/)%"):;.  $*761,'#  &5;.  % "462-(%" !&08, %053/*%" "(07- %*33.)'$#"&.6- %#/2/+(%##&-4. & +1/,)'&%',30 &%//-*)'').30 &,.-+*)()-30  & &,,+*)((,10  ' ),+*+**-11" '%+,++**-00$ ' )++,,-00$ '&+,--,-//' ( #),-.-.0/(  ((+..-.//' ( %+-//0.&  ("*././/.% ))-/0//-$ )(.//-% ) &,./0/-& ) #*-./.,%  ) )-./-*# *'+--)" * %)+,+' *#'())%  *!%'('#  +#%&&" +!#%%   +!#" $+  !! +  + + ,  +  +  + + ++ ++++, 8ABA<2("&-, " ,=BB@7-&"%-0) !6ACA<3-% $-40" &@A<5,$+3:7(  "8=A>8/'!*4<;. # *9?@;3*#%4;;/ #3<@=6-&! 3=<0  ")7>>91)"-<>5$  #2;?<3*#+;?9(  # ,7=<4+%!(9?9( "2;=5.'"'8?8( $*7<70*$ #4?9* #2;93+$ #1@>2  $,9:3*%""/?=0  % $694-(# ".==0  $185/)%"):;.  $*761,'#  &5;.  % "462-(%" !&08, %053/*%" "(07- %*33.)'$#"&.6- %#/2/+(%##&-4. & +1/,)'&%',30 &%//-*)'').30 &,.-+*)()-30  & &,,+*)((,10  ' ),+*+**-11" '%+,++**-00$ ' )++,,-00$ '&+,--,-//' ( #),-.-.0/(  ((+..-.//' ( %+-//0.&  ("*././/.% ))-/0//-$ )(.//-% ) &,./0/-& ) #*-./.,%  ) )-./-*# *'+--)" * %)+,+' *#'())%  *!%'('#  +#%&&" +!#%%   +!#" $+  !! +  + + ,  +  +  + + ++ ++++,"!"!"!            !!! !!!!"""#####$$$$$$$%%%%%&&&&&&''''''(?^=^<^<^;^\9^][8^[Y7^ZX6\[ZZ[\ZX5[XXWZ[Y4ZWZZYZ][3XZ\__^]\1[Z]`bbcba_^]0YXY`ccba`^/Z[]^accddca_,YY[_a_`cdccdca`+YXX]_accbccdcdca`*[Z[]beddccddccba`']^dcbehgffeddcba_!\ZZ\^_]\`gophghgfefeddcba]\\[[\\_bdffkprqnkiihhgffedcba &,,' beiigdcceimpqrqpoljjiihggfedcba 8JTYYU]^_``binsqqpmkjklopponnllkjihggfedcb` ,MZ[[Z[]`dhiiloquwustutrpqpoonmllkjjihggfedcba` ,R\[[^bgknnoprsswyyvusrqpnnllkjihggfedcba__ ^^]\\[[\^aejnoppopty~{wurqoommjjhhfedcaa``_^ ^\[]_chloqqpps{~yvtrpomljihfdcba``__^\ ^]\[[\^aejnqturqyyutrpolkjhedcbb`__^]]\ ^]\[[\]_cglqtvwuxzvtrpmkiheddcba`_^^]\[ -\^^]]\\[[\^aejnsvyx{~wtroljheeddcba`^^]\[[ -\^^]]\[[\]_cglquxzzytrokhfeddcba`_^]\\[[ 'V^^]\[[\^aejotxzz~}urpkgeedbba``_^]\\Z[ K^^]\[]_chmrvyz|~vqolfddbaa``_^^][[ZZ 9^^]\[\^aejptwy{wqokfdcaa`__^^]\ZYY ^ W^^]\[]_chlqtwy}{snjecca__^^]]\[ZYY^9]^^]]\[[\^aeinqtx||tnkebba_^]]\[[ZZY?=<<;:976 5 4  3 1  0   /   ! , !! +   *  '  ##!! ! )-%##!  #,0/,($$#"!! !!"(,//..,)%$$#!  $--,+)&%&',--,*('&%$"!!  "'*/421243/-/.--*)((&%$"!!  &)')),./599;;74310-,+))'%#"!   &+,,)*19AGNMF>:730--**&&#!  ").10-*/ITZXUOE;751,(# "+38=?>GQWZYUL?851*%  '/7?BKTXYUQG;41,"  (07:730--**&&#!  ").10-*/ITZXUOE;751,(# "+38=?>GQWZYUL?851*%  '/7?BKTXYUQG;41,"  (079^M^^]\]]\[[\_bginruz~~}wplgba`_^]\\[[ZYO^^]\]\[[\]_bfjnsy}~zzwplhb``_]\\[[ZZYZJ]^^]]\\[]_cglrwz}{yxuplhc``_]\[[ZZ[\M]^^]\\[\^afkotw{}~zvusokgc``_][[ZZYYZ[\]Y^^]\\[\^`dhmqsw{|xsrqnjgc`_^\[ZZYZ]^H^^]\\[]_bfjmosxzvqpomieb_^]\ZZYZZ[]^/\^]\\[\^`dgijovwtolljheb^]]\ZZ[]^^T^^\\[\^adffjstqliihfc`^\\[ZZ[Z\]^^B^^]]\[[\]_bcaenomjgfedb_][[\ZZ[Z[\]^^)[^]]\[[\]__^bhjigedcb`^\[[Z[\]]^^ O^]]^]]\[[\]_cfeecba_^\[Z[[ZZ[\]]^^5\^]][Z[\[\_abbaa`^\[ZZ[\]]^^U^^]^\[ZZ[\^_``^\[ZZ[Z]]^^A]^^]^\[ZZ[\]]^]]\[ZYY[\^^#[^^][ZYYZ[\[ZYY[Y]^^Q^^][ZZYYZYZ[\^^D^^][YXXYXYYZ[[\[Z\]^^<^^]\ZYXXYZ[[]\\^^;]^^]WXWWXWXXY[ZZ[\]]^^ <]^^\YXWWYZ[\]]\\]]^!8]^ ^\[[\[\^^"/]^^#'X^^%K^^&^9\^^&^ N^^( ,R^^* ,N^^, ^^.^ ^1 ^1 ^2 ^3 ^4^6^7^9^9^;^ "&.5;AGMOLIIG?3-$    (08?EIMLHDC>4-&   ",5;92,$  &-48>DEA:861*$  ").18@C>754/)"  $(*2<>;3/.,'!  "")7:6.*)($  "030+&$#    (+)&#!   $##                !"  #$%'&&+-./ 1 1 2 3 46799; "&.5;AGMOLIIG?3-$    (08?EIMLHDC>4-&   ",5;92,$  &-48>DEA:861*$  ").18@C>754/)"  $(*2<>;3/.,'!  "")7:6.*)($  "030+&$#    (+)&#!   $##                !"  #$%'&&+-./ 1 1 2 3 46799;'-..-,,,+***))(('&%$#  !!"%' ()*,-/0 1 2 3 4689:;<<<`Z[\]^^6[\]^^7]^^7^8^9^9^:^;^<^=^ ~677899:;<= ~677899:;<= ~ 4 4 4 566799:;;<= ~>X=\>=>=:;<=>VW[][YYZ\^__^]\[[ZZYYXXWWVVUVWXZX]^^XVY^_[YZ\^__^_^^]\[[ZZYYXXWWVVUVWVWVVWWXYZ]^^XVY`_\[]^^__^]\\[[ZYXXWWVVUVWXWXZ\^^YVY_`]^_^__^]\\[ZYYXWWVUVWXWZ[^^VY^^]_\^^_]^^\[ZYXWVUUVWXW\^^VX[Z]Z]]^^]\\[[ZZYYXXWVVU UVW[]^^VWX[Z[]]^]^^]\[ZZYXXWVV UVWXYZ[]]^^VWW[Y\\]^]^^]\[YXWVV UTUTUUVWVY[]]^VWZZY\\^^\ZYXWVVUVWXZ]]^^XWZ[[\]^^]\ZYXWWVVUVWXY\]^^XY[\]^]]\[YYXWWVUVUUVWWXWY]^^ Y\]]\]\[ZYXXWXWW V UVWWXWY]^[[\]^]\\[[ZZYYXXWXWXWWVUVWWXW\^5[\]]^]]\\[Z[ZZYXWVWVWVVWXYZ^ FZ\\]]^]]\\[\[\[[\[[Z[Z[YYXYXWVVWX\^  +XYZZ\]^^]]^]]^_^_]]\[[\][ZXWWYZ FWXYZ[]^^_^_^__`aa``aa`acdca^]ZXWWX TWWYZ\]^^_`_``a`aabbabbcdefghhgeb_[XWW 9VWWYZ\\^_`aabacbccddeedcdefghhgfc_[XWV  EWVXY[[]^_``acddfghijjkjjiggfghiihfc_[XW LWWXYY[]__abefhijlmopqqrqrqrppnnmmlmlligd`]YW !"MWWXYZ[]^^`bdejknpprrsttsrqponmjgc_[X $NWWXYZ\\^_bdikmmnppqqrqrqrqrrqponkgc^Z  YWWXXYZ[[]_cfijikkmmnoopopoonomkgb]]ZWXXYZ\`cedeffhhjklkmkmkmlmllmlmmkhd^]ZWWXVWWXXY]^``aabddegihihihihihiihihiijgd_]\XVWVVWXZ[\]]^^`_acddedeefghgfec`]ZXWVVWY\^]^^_abcdeeffedca\[YWWVVX[\\]^_`aa`aab][ZXWWVVWXYZZ[[\]^^_``_`_`_`_^]\ZYXWWVWWXXYZZYZ[\\]^]^]]^]^]^]^]\\ZYYXWWVVWXXYYZ[[^]]\\[[ZYXWVVWXY Y^]]\]\\[ZZYWWVVWVVWVWW^][XWW V^][[ZYXWV^]\[ZYY* ^]\[ZZ3^\[[ZY4^]\[Z<]\     !    !                                         "#"!"#""#$""$%(('#    ! "!"!#"##$$#$$%&&'')),-//-)$   !"#$%$&%'&((**)((''()+-.//.+&    !"$'')(++-.02332/.-,,+,-//10/+&   #&*+/1368:<>=>=>=>=;:87656551,)!  !$)*348;>=<;973.&    %)1377:;;>=?=?=?=?>?>=>==<;84.'  ',01244778::;:9:84-$"%))+,-/024647575757676676775/(  "!##%''*.0/001002.)   #'))*)*+-.-,)'!  "#"##$#%'(**+,,*)&#  !""#$$&%&&%%                  "+45 =     !    !                                         "#"!"#""#$""$%(('#    ! "!"!#"##$$#$$%&&'')),-//-)$   !"#$%$&%'&((**)((''()+-.//.+&    !"$'')(++-.02332/.-,,+,-//10/+&   #&*+/1368:<>=>=>=>=;:87656551,)!  !$)*348;>=<;973.&    %)1377:;;>=?=?=?=?>?>=>==<;84.'  ',01244778::;:9:84-$"%))+,-/024647575757676676775/(  "!##%''*.0/001002.)   #'))*)*+-.-,)'!  "#"##$#%'(**+,,*)&#  !""#$$&%&&%%                  "+45 = l==;;:88/4. 2 2 1 0  /  . .--,,,!**)((!%&&&% 8<@^=^=^<^:^9^8^7^7 ^5 ^4 ^4[]^^3YZ\]^^2WXY[^^2WY\^^1WXZ^^0WVVY^^0WVVW^ ^/WVVWX\^ ^.YWVWWX]^ ^-ZWVWXWZ^ ^-[XVWXVW\^ ^,\YWVW\W]^ ^,_]ZXWWYY]^ ^+a_^[YWWYZ\]]^^+`_`__^[YWWXY[\]^^*]^^]\YXWWXZ\]^^*[\[YWWVXZ\]^^)YZ[ZYXWVWXZ]]^^'WXYXWVVWY[]^^'VWXWVWZ[]^^&VWVWYZ]^^&XW VXY]]^^%YXXWWV VWY\]^^%YXXWWVWY\\^^%YZYXWVVWXY[\]^^%\][YWWVVWXY[\]^^&^][YXWVVWWXYY[\]^^-\ZXWWXYZ[]]^^/[YXWXXYZ]]^^1YXYZ\]]^1[ZY[\\]]^^2[\\]]^^4 ^4 ^6^9^:^'==<:9877 5 4 4 3 2210 0  /   .   -   -  ,   ,  +#  + ! * * ) ' '  &  &  % % %%&-/1 1 2 4 4 69:'==<:9877 5 4 4 3 2210 0  /   .   -   -  ,   ,  +#  + ! * * ) ' '  &  &  % % %%&-/1 1 2 4 4 69:'==<:988766 4 4 3 2 110/.-,,++*)(('&%%$$$##""""""$(+-./02 5 68::@D " E#Paper     y P\ht 9IO(.222A@o$ɆI<[~8Lְ 0@ G= 3.-)*&## #  $&%$#"   !"" G= 3.-)*&## #  $&%$#"!!"#" G= 3.-)*&## #  $&%$#"! !!""\Wgd6.𨚒adoQ%f̿$ !T T4ԡi6xY/)گG!ީD w#ľx% G$ 5(!u)C%'$A#e" 8!nQٮVP< ; 5 Nd."%5    ෇bR% МgUV7& սd_Q?/)$  Ǵmi]I81+! ʵvrfZWSI>1# ɺqXF?9.& ؽyoc[[VG0* ; 5 Nd."%5    ෇bR% МgUV7& սd_Q?/)$  Ǵmi]I81+! ʵvrfZWSI>1# ɺqXF?9.& ؽyoc[[VG0* ; 5 ;M$)골kNA ڷ~SDF/! tSPE7*$   役x]ZQ?2+& ⽾|gcZOLI@7+ ݼ{dM>72)  ⺻xkcWPPLJ?*$ <s:~# 6ƜsS2 1ؾV7.i7* ь8  !ýnS6.)%  ƿs[? ϶sV4թzX5ɡ]@$  Ѡb=1-18EOI- ij~Ê{fɩʿ<<<9/# 6‰mn^2-(  -گƈ{1)  ƹ{1)   ɾӾ{1)  򭠗񸷷 >7"L2@.3Ty#Rɳ帓K =fݿ-آ  7[|   (E  М ѕҷ  9641-*     f 8641,)   a 8640,) 븺⸻䶸뻼  I󷶶峲뵴㻼㹸󰯯䰯״갯:75l켌2 _ݿA!0 eӸ/ (-[*X% V" 9!F $F  H  D  > OŖ`5ߪíИ`V   82 /-+)&# !#      򿼽ɾ𹺼Ӱ籰82/-+)&#           ֜վ𹺼Ӱ籰82/-+)&# 𸻹      ¾    꽾 综ݺ۷´񯰯ï𺼽ȭᯰ̪⯰˧宯ʤ۞ˠ笭̜ȗΚΖϘ픓⟡91^)1wſO+ (D~U)QȯU$ Hj!8j  P kC8q 'CjF{- CmG !~F# ̥y#T Ϧ. &+ͫ  A¹; ʞzo`Ɍf(㼌pVյC nO3       !"#$%&''' ====<;;;:9987654 3 2 1 1 0 //. ====<;;;:9987654 3 2 1 1 0 //. ====<;;;:998654432110 // .== <<<9;2;?;:1: 998U8[7E6!5f4 .3U3#2r2]1O1t0Ǘ/8.- -- , + * * <)"('$$$%&'') * * ,,-...//0112222*2ľ3_43}4 f}5$r68z63889;;<<- ''' )6== 6 )            $$$%&'')**, , - . ..//011ܲ2222)23[41y4 by5"n66t61889;;<<- ''' '3:: 4 '            $%%%&'()**, , . . .. //󪫪0󫳭1򶞢1򶥅2󜓠2󢤑2223E4%[5IZ5R7)W6%889;;<<- ''' ',, '              !!+"$ #T $0֋0%o%t%&Y'=(ސ?)ݢ*++--../0022233345567 .EH;. /&E~#4P`t Se 9Ii*|Lg@ = 9ف . %u: z B % 9b x   3׼ x 0$% ^  żz򾼻禥ݤþ ¾ ½¾ÿ򨦧  ſ¼þþ ¾ ¾ݝþ驧Ŀ ¿|uȿgļ ݟT6Ľ۟JýڞĿſĿ¼ żz 踹߷¿񽾼򯮮ÿ½ 󪩪Ŀÿ 赳¿밮¾󷴴 ľþþ ſſ𬩨Ŀȝ񟞟 þvǾoĽc ݟQĽ4û۟G۞¾ÿĿÿ¼ſٹ|~ulpﱲ𷸹ľ鷸˴鷹鯰Ѵ󳴴δ먧ⲳƳᱲ󱰰쭬ߧ𹶲乸궴ﲰ결 ஬쟜ⶴḶﹸ𗔔繸긷ḷܷⷶﵴ蛚 괵 𵳯 봰 㴳ⲯ󏐐򰭫񲯪񱭨󯳲赴讉ݑY䑒T ┕K=ԑ' 5갮巶񣢣񶴲ﷸ󡟟丷践 巺ⷺƿ   !499988777, & ! !!    ""&%%('&()'%%      pY\PBKRavD:0$$⛐|!彼ٸ㻺ޯ 񭬬 =y񡠠  靜  %"坜ߞ󞝝  죤pY\PBKRavD:0$$⛐|   ߦ 顢%?0⠟  %)  '%"坜ߞ󞝝  죤bMOD:BJWfly:0($܊||pupou}밯üɾƿ̷Ϭ̣򫬬š⠣۟험 . '4>1    鎏돐ꑒ向   䑐񖕕Ւ󔒒ܔ┕陘򘙚񚛝񚙙  瞝󜞝񔕖󝞝󕔖"  ?;;  *Nn¿¿ڣĽ֡򷶴󯮭!(|<92/)   򞝝       䝞  띞  󣢢 硢򣢢᪩  )Ml¿¿Ľ֡󯮭"851("             䝞  띞  󣢢 硢򣢢᪩ 9R츹ſﺸ ߽򹸸𻺹¿𴲰Ӿגג      󓒒ߔ󒓔򏐐Ў 폎6.,"  򒑑񑒒󙘘옙왘왚虘𚛜𙚘 團򛜜𜞝ݡ뜞 㜞眝鞝𞝜 뢎  &+60, % ٺٳ񽼻ﵴ ⧦$*.l8501-*%""    򡣤񠣤񞝜  򟞞  󢡢󪩪 򧨨 &* - .32ٺٳ񽼻ﵴ ⧦$*.-9621-*'#"        񠣤񞜜  򟞞  󢡢󪩪 򧨨 &* - .32򶵵鮭㨦𠞞䤥 얕!)/<52.&!򏐐 򎐐􏐐鏐 񐏎򐏎򐎎 򓒒򓒒 򔕖 𖘙씖 񝞟ᖗ󨥘򨧧򔕕󧦧򗖗薗 򧦦 殮𚛛랟 #󥣢%'+9s366 $'* .2469 𧩪޵䯱줢Чݨ֡뢣١렟ܡ柠埡⟠硣론㠡ޝ렠ڭ쟟֞ۥꞞѠ鞞ͣ睞Π坞ɠ睞ؠ랟㟞⟟򠡣៟桢򡢥ݡ꺼ڧ軾ة׫֭֮й֯춷د𵳳ٱ紵ۭ쳲߫簯߫仼ެ笭ذت浶֪񬭭㴵ת𴶵ת۰תԫ֪ګت̫۪૬ݪѬު Ԯު ѭݪ ܪ Ѯڪ𭮯ڪ׮٪նڪӫϫ𧩪޵䯱줢񧨩᪫ݨ֡񥧥١렟ڞ柠 埡ݝ졡 硣㠡ޝܭ쟟̥֞ꞞѠ鞞ͣ睞Π坞ɠ睞ؠ랟㟞⟟򠡣៟桢򡢥ݡ꺼ڧ軾ة׫֭֮й֯춷د𵳳ٱ紵ۭ쳲߫簯߫仼ެ笭ذت浶֪񬭭괵֪𴶵֪װתث֪ޫت櫬۪㫬ݪѬު Ԯު ѭݪ ԰ܪ Ѯڪ𭮯ڪ׮٪Ȭ٪تӫϫ䚙ȓӘÒΔ’Ԓ¾ ޑ  ޏ򵷶󏑓提ۏ⏐向둓񸹺 ޑ 呓㒔蔕򖘘갱咓哔벳𓔕𓔕簱训鱰믛񩪪橪񪨨󩪫󪩪𥦧򨧨ꦧ릥礣򧦦饧碣ۢ 뢣#颣&(񤥧(򫪪&飥%$頻#!𫬬 ꩫ妧復뮭񭮮󨩪(())** ( ( ( ' )+,*//01122287786;;<==>~<::;B,+* ( ' ' & & % $ # " "!!                 ,+* ( ' ' & & % $ # " "!!                     , +* ( ' ' & & % $ # " "񽿾! !]   󼽿     󽻼 󹺻    򴵷 ﱲ    챲 밲 뱳 ﱳ붷 ﻺ򹺻굴鳲챳 Ǹ챳 ÿ 𳴵 봵 ﵶ쵷񶸺󸹻  鼽  ﻼ  궷 羿   򾼽 󴶸  󭮯 /&%$ $ # " ! T! ,    m~U+a;& M5~)     H     I r m    ?            & A               *  ++*(&%$"!  "  %                *  ++*(&%$"!" %                *  ++*(&%$"!" %   {   1 D  S ;  s 4 & 0  VǶ8   %* /* ) +'F %3 $P #! Ҳ㲂ݓX)   Ǹ%ÿ ň)i I20ü ſ¼Ŀ񥤣ÿÿʰ氯׮¸۽yvWVUYISS^epo|ǢbP;:*&!*2DNPRcmq}}qjkkljhgc_`hmpx֧pUB494*  !"$/;GWji[TRLFIMLLSYTMN! #$(./-.0.--,(%""( -  ¼  ľý¿ÿ¿乶   ¾¿¶~ĩxrmkNMLPCJKV^fht}ƻ|XG54&!&-@IKM[fluukegfgedb_\\ejmtydL:/3.%   !,8CRccVPNHCEJIIOTQKJ!  "',,+,-,**+*'#!!(  - ż Ḽ廼𢟝貱⯮豰򝛚򥤣𥤢󳲲쮭 鯰찯 򳰭     󵴳  렙ѪҨ{roba`b]__b_cfjkorvy|~||{{}|~Ҫ~|trYTPO:98<267@ELMU]`ajmlnrrprtiba_`dhkᨠle_\B4'&".679DKPVWOKKIHFCDJOQVܧpZK8+"%"  *2;78!   ( -    #(&%#$&%&&&'(&&#"  ¿ſ͹ù{ήιylTOLKG@9./228HPT]hmou /Rje_kʙoaUHIL]gk  #'1$01$󣢢󟠠窱䪫𫬭잟񫬫񠟟󟡟򮯮ퟠ󡢠򥧦𧨧거񯮮乺붷󻼼ߵ[!괹򁉉OG>@B957956AJP[kor   '**3@946855AJPZkor~   '**3Z!a^`6:ήkj_hfVZ E_^b'CmbghW^*N^^bGv ldefW];WK)AcT^`AߍȬ*bgeeW^;ad_Y^b#ι=WhgfW^=6qt@HY^_dRDeigW]=9}UU@MY^W ׋B`jgW^=;gS^DCR[Y_G".K\]9z+^igX_=;"4@=k)wY_H[>-޿`edX_=8}GuM&[_8~@Lb_W_=7D1]^0 u'0H_\V_?70]\Jqߍh.\YX_V60]ZM=֖%[WZ^^5aO0]VG#^7#_[]^^68+'w`U)\S_B8)[^^`8tJ-Tuo(]T~?d*"63N^^a5.Aa)+J'^VeCzH^^_K{v?a5R,`>C0i4_^^PRZ7^*9a;!;sTw [^^[>Hq KveL`:uW5X^^_;|ßJfa`6oFV^^]%L``71tH_^^_^?`^`8shE`^^_IM+[^^`7.ғW*[^^_;` 'ZY[^`6#(*OhfodD-b^^`M Ap a^\X]^US^^]+ :`cd_X[^U-]^^]]\]^b]9. 4EWieecaYZ^V\`\ZZ[YZ^^`]O58IBKqlnpmigeaYY^X D]XWWVXY[]]`RJ^^isu{rlhc`]YY[BYVVYXWVVX^bW][`oyrida][Y_2 DZUWWVUUVVWXH^\\hvtf`_[Y[a>WVYZXWVVUVV@X][`m|vf^[ZZ^P'U]]^^[ZXVUU$a\\drype]ZZ]^(J_^^]ZYWUUR][^enga[Z[_=!I\^^ZXUU.`][[a`\Z[\7#N][YWWU^YXY[YZ^-%W]]\^]P^\YXZ\_!&%Z]`bdgIR^^_T(7X[ajo:[^^_]#&VVY_aQ^_X,1ZWXZX^N.E`]]%`:/,**S<9kizYI7[+ =  +$k%*$,Fw (8 %OQ<1 (T[$>&"9/#R%:6>w]N70MXB ~!A++ ο% 38 2$s <'/" V7ί..-' &2!)- Dv1&') WK)Ac߈Ƭ'+(( ed_"͸.,+* 9qt@H `U'-, =}UU@M Ԏ /, ?gS^DCR[ ,HWY6t /+ ="4@=k(vW:+׼ )& <}GtMx=;! ;D p%4;Glԇj:+:ԗ:aO5![5;8+'w`UT?6.tJ-Tuo{<ޱ`( 3,.Aa)+J`?~p~v?a5Q@.~dQZ7^* 8nPrHr KvepSwŸIen9/qncC+vSɼѻR%%G]\dZ<Eo     "! )'*.($  !/3K>2)!  /   7A6    2' " # %'"%)-*#2:(   #/06S <*PN\B7 7 D`+񷶓- +Q򹾬n*$,4򷶣Y (8 %;=<1 (?D&>&1) #=:63jTE0*BK5|洳a A++  Ǻᵳ38 2s賮[<'/" C*..-'  2!)- yyq3`1&') oLC$9Wf'+(( X}YT%,+* 3􏎎cg8?~ H·E'-, 5nJK8uD s/, 6[IS<T+65PfW6 ,{5]L(`D(65)&s[R?f`/_(*x|nF*Ppj\-H&#*=\')FrH/_Xqk<\3Mq0f"`^K`qGS3Yyy)r *R`?YR+fr#}USJ 2 Yte=>5FEKsfC- 4Tcs     "! )'*.($  !/3K>2)!  /   7A6    2' " # %'"%)-*#2:(   #/06R*67еZ6 *֖5ۿ=( l'T8'"'&vRL746(   ο9[%y-wƸ V!" Jw ^tAZ@>>sSޢ& *z _ 2- k ] 6[ b Y@ !Pm"AB $k' N( 1*\n,W-7y,2 ]0 L.  )8e+JE(/ !SC1Ykd[Ad3տizCOfֿg9<Bvնdn~5i BUMnӿ<˫FKZz+6`,|  #^˯@p܁eSfW6^6i6:=d?uYg5] ƻܳOſRzQFDuk3ǻDü_SyubD^I%#`EfdĺϢ0úoSwOONM[wA m^ࣆ Żt|fdL}F?#}Dbf^էX@ż<Oy\K;g |"yFT{{ L }ɭA6"^G1}L__ZWVVZa>0y*~؀2 X0 I.  )8e+HE(- !P?/~?fIAY=;k ?QIiÓ |   "\˱H$ƻCǻ(nĺ n󬫪^飆  zDbf^զY v L#.S4]"[l}P<,?;$?W+J7S $o90tB6Z2:w󞝠c+VLy?.ih*gb2M( uJLV0Z&of<  7usF`P3Vw^=[;f.i_`+_PBcP+NZM`fVDT2K3Gƫpx;O]ȫ%rS+KU):{wxq~`]ɬiW63JL0]-r\=bMS*I)$kW(.p|ʒytxU%nM{U axD LD6[ʮ*ݺuk- dgM?#hOHDY~wo9-jsƬʽtpclݷ0E1xgKjnj}#eZH@Q ޹5m1~5-j|KBogVҘlrZY9J7F^թ 6Dzb/X\]q~mWXa':887 65.,+.. 4=>=<9.4(++-// 22 4 1y^`5 B·h0 6hºi.eþļ) *M+6p3(!rͽŤ !;0#^kf0T;tyyx|õ 0kI0ǣh1VȠ /=7Oeſ} ^F{Ӻ>¾ : ؙ$V¨WĕrUxc>Zʓ]UO_Cz %Jv.RP_nG4{)247L&A0I c2|*f:/}Q,~}4m[(ECvk7(\\&\W,D$iCEN,U#h`8}1ih?XI~/NlV7S6]+bZ[*[M?_L*?SFz{W]zRA~R1H1D9 3Cz ;wÓ˗x+VÔN9=)++(  HÙ򜞠3w먚{k957C~o#񟠡Q> ⢥*#wvAZ2" ᢥt9_ga W;𤫫|ks9L񱬤Y}"iJ}३(GQ'7tqz{sky\YcQ2/DG,ݢX*kW9\H|N{(D'"dR&+hv񋧣qmoդP{#hHtP\q@ H@2UǢ'|md* ^`H*4Ge﵏ +w3\깺J#CEFUivmaa__^`dkquiz}RBCJ:887 65.,+.. 4=>=<9.4(++-// 22 4 1; .SN6V2 *`0H-}D*M⪼'e;R%nC/TP 8rԿB  YG}   ,aﳷ             ݺ  B;vqtӵ)6H6Kɻ ^ 7l¬ǽq, -EEDDC@AAD0!7+6J54 3|3r2 '1 0 ~0 / y/vNm1B3   M    o        0  :  sNHvNm1B3   M    o     v 1  7  rKHv;`S©%Ň2a& Ġ e Ĺ: o Ŭ  T æ í ² ¸ ò { b Y ô% j ) q c V}j8HJzk' #  [  H  m   O     =  > }  % < T$'2./n?@"< >6 8WXXWY_G9,U\`G:Oa[;(%>:<2:<2@N5Z7k90r;;pK#%< dialog.jpg     P<Q !<Q~,DZ$b@@@@@@\(mm! 󚛝孮쯰㫩שׂ㙘䦥ۦ馥ۦ棢󮱱䒐礣ޝ眛󛚘০󦥤옔٨󢠝ک ֬٫ }񱰰ݕ||~퓒}~ΰ~~|}󭬬咑{{z}笪{{z~񬪦吖|zyyڬ}vwxx߬~ruxuyݴyuoqwx젡޳}wootu߰xomqrޱ~zplmo󚛜ޯ}|~}smkm󖗗߱}z{}~xpkk}ywy{}~~skj~zwuxz}~vkj}xtsrvwy{ynjŕ~~}yurqquwy|}qkŖ}{yuqoopuvy|vmȓ~~|yuqnnoptvy|{oΎ}{{xrnmmoprtx{qю~zyzvpllmopprvz~vؒ{wvwsnjjlmnnquz~|ƒ~yusuqliikllmpty}~~~͓}xutqmifghjjloruy~~~~ˆ{vsrmjgfgijklnqux}~~~}~ytpnigffgijjkmqtw|~~|}~}wrnkfedeghhkmprvz~}}~~|{{|}~~ݎzupkhedcdfgfejlnqty~~}}{yzz{||}|vqmiecbbdeedikmpsw|~}}|zxzyyxyz{|}~~vpmjeba`_`ceehjmorv{~~}}|ywyyxxyz{{|}zrmjgc__^]_begghjloquz}zzyxxzxvvwxx|{{z{}{uoje_]_]^__``aacfjmpswyxxyyxxwwxwvuvwwzyyz{}~xrlgb]\^]]^_`aacfjmpsvxuvvwwvvuvvuvwvvwxyz{{~~~{tngc^YY\\^_abdgjmoruw}sstuuvwvutvwtuvwxxyz{~{vnhb^ZVVY[ZZ[\_acdgikmpsv{}pqrsttvwwutuwstuuvvyz}~}yrlga\ZWTUXZYY[]`bdehjlorux{lmnpqqrrstuuttsrsyzyvqjd``[XWVTTWYYZ\^_bcegjmquvzghjkmnnqrsrqprqponnotspia[YZZWUVVTUXXYZ[\]`acehlqttx~deghjkklonnoqqomqpnljjklmkf^VRUYVTTVVUUXXYZZ[[^`bdgkqttx~Ŀ¿¿Ľ佻¿ÿĿ¿ü½º ǿ ĹķǼö˽ŷ˾ĸȿľó½Ǹ̿ķƼ̾ľȺՠ¼̿ûȺ¹బʽµǿȻƿ뼽ļǷ蹸º̾񶷸²Ʒ˺ſǻIJü蟡Ǵﱲ½ʳﯰꘙʲװɲѰư²Ů백┕ī欭蔕éү¦ߑﯰ搒索Đ𔖘 þÿĿûﲰ򜛛 홚𘚛¾¾񷹺ƹ򷹺Ǽǽ»񽾿ý⮯򭮮Ŀﷹ¾މ񥦨½ÿ죦²㡢õ֞ûþ~»}|︺ù|ż|ˬ|zxz쟡﻽º|zyryý|zzpqw{yyootżzxwlonlqɷ{xvijlkkrůþ~ywjefkmmw歯{xedcbdjorѾ~eecbcgkoeddbabfjvĻdcbb`_bgnƾeb`a_]_dhy~hb_`_\^beq»nd^__[\`ej󵷸ÁĿrf^__[Z]ffrf[XYYXY]aqwj]YYXX\ao~~p`ZXWWXZ`lsbYWVVWX^iubYUTUWV\e{wdYUTTUT[avü|h\WSRSSZ^s½k^XSQQRY]q¿o`UNMQOSZk~raUNMONRYi|ᴵxbTOMLNQVfy}~eTOMJLOSbu|{ԨhTOLHJMQ_ryy}~kVMJGIKO^qxx{|~nWKHHGJO^qwvz{|}~oXJGHFIN^qwvy{{}~        ¿ ¾ ÿ ¿½ľƿþüĿ»żȾ¹Ǿǿżɿ¸Ļɾ¾Ŀʽꐕÿ˾ùżŴƵŸļ򺼾¿}̙ο|ν~}}ν~}}|񳴶     ɫĿ¿ľƾɾýżżǼ˿ùĹŸȸ˸κѻҼ箫񴵶𦤥宱$姬$堦$䜡#䙚#噗$䔙#㔗"㕔"陠"񔐐󟝞!蒕!񑒑󞝞!␓!ꋌ 荌 򜛛䊉㇆߅߄򂃃怂~}~끂}|}~~툍z{|}~~큈xz{|}}yxwvvwxyyxy|~yxwvuuvwwxz{x|wutssrsuvuvvwxyz}vtsrqqpqsttvyvusrqppqssrsttwvusqpoopoopqqpqrsu|vusqponnomllnonmoqrrwvusqponnmkiikllknqqos}sqommlkhiijjijpomrxuromlkjhiihhijilkkqu|vsolkihfjhgffghjhhgioouvsokjhgfhgfeefghfchmkp}vrnjihhgeedchebfkilxvsnjihhgddcbaafeachgis|yuokhggfdccbaa``dd``efgmx~{wpkhfedeca`__`aad`]bdeiv}~yrkfdcca`_^^\[\_cgqy~}}~{tlhedca`_^^]]\[]admu{|{|}}~vnigeca`_^]\\[Z[^`fox{zz{{wojgdb`_^]\[[Z[ZYXXZ\_itzzyyzwojfb__^][ZYYZYWWXZdpxzyyzꌃxojfa]]\[YXWVVWXYYWVVW^juyxxy~ꏆzqlhb]\[YXVUTTUWYYWUUSXdqxwwx|ے|smic^[ZXWUTSSTVXYWVUUQU_nvvuv|㚎sia^^ZXUTSSQPQRSRPOPQTP\nssp{ۜtjb^_ZXUTSRQPQRRQPOPPRO[lqqrp|xlc__YWUSSRPOQPPO[joopp~۞ynfaaYWTSRQPOPONNPPOMLP]jnllm۠|qga`XVTRRQONOMLMOONMKTakmjik}rhbbXVSRQPONLLMNMMO[eklgfk~shaaWUSQQPOMJKLLMWciihefnܢ~shaaWURQPPNMIKLLKKLN\hkhfcfp$$$####""!⿻!!!񻾽!깺 黺!ู丷߶㵴߲߳򲳳𲳲氲뱲娩½ꩫ¾䣤者줥롢ܧܧ뜝띜ܩꙚ떛薕ܬܮ򵯨𑕘򸲪򻴫뎏򽵫򌎘󋒞ú󇌘ƼƽǾȿ·¹ù􍙟ù%$$$####""!!!!!! 뽾Ǿ½ý𲳲ļƼ????????????????33 g 33 fgfeefhkkllmnoppnmljihggiaWSUWVTUUWXZ[\\_behlorptz~bbccbcfhjjklmmnnligfdcba[USTVUTSSUVWXYZ\^bdfilnorx|]^_``bcfghijkllmjfdb`^\VTRRSUTSQQSTUVXY\^acdfikmpvy}~\]__^^_`ccdefhhijgdba^ZVPPRSSRQRSTVWX[]`bcfhkloux{}]^__^]]^__`bceffedcb`\WSNPRSSQPPQRSTVXYY\_acfiklntvz|\]][\]\\]_abcdbcca]XSQNPQQPNNPPQRSUWXX[^`cehkkmruxz~WXXWXZ\YZ[]_abbcb^XROONNM NOPRTVWXZ]_acehikprux|RSTSTVY\XYZ\^`abcdb[SMLMNLKKLMML LMNPRTUXZ\^_`bdginpsvz}RQPPQRSTSWYWY^^\^a^SKIIKLMKIIJLIIJKKJKLLMOQSTVXZ\^_bdfiloqswyOOPQSTUTVWWY[\[_^XPJHJJKLLKIIJLHIJJKLMOPRSUWZ\]_bdfhknpsvxLMNOPQRSSRSVWWXZ_WOJIHIKKJIIJKGHIIJIIJKLNPQRTVY[\^acegjmoruwJKLLKKLMMKLQTSUZZPGGIHHJJIHIFGGHHGIIJKMOPQSUXZ[]_aceikmpsvHIIGEDDFFDFLOPSXSICEHHGHIHGGEFGGFHIJLNOPRTVXY[^`adgjlnrtEFEB??ACDCEHKMQTKFBCGGFEGFEDEFEECDEEFEEGHIKMNOPRUWXZ]_`behjmpr@AA?=>CGHIHGHKMMEECACFGEFDCBDDCBCDDEDDFGHJLMNOQTVWY\^_adgiloq;=>=<@FLMOMHFJJHCED@@EGFECAACCABBCDDCFFGHIKMNOQTUWY[]^`dfhknq=:;BEGIPRWWNIJHD@ABBCCBA@ACDEFHJKKOPQRSVZ]^`dfgjln<?@@AA?>?@AABBCDEGHJJLMPRSUXZ\^bdehjlCDA=BTgrpk`MB?AB>??@@?=<=>?@AABCDFGIIJLOQRTVX[]`bcfik??@K]inqi[I>;=?=>>?>>==;;:;<=>>?@@BCEFGHHKMPQRUWY[_abegi8;BLXcdcf\OA;:;==<;::9:;<==>??ABDEFGHJLNOQTVXZ]_`cfh?BLW^_\[ULA::;=><<;::98:;<>?@ACEFFHIKLMPSVVX\^_begMNU]\XUXMC:68;;:<<;:998:;>?ACDEFHIJKLOSVVX[]^adfTUUTUWRKH>679988;;::9876779::466=79FBFBNiwss|upup}{~bX_ccfgPRSTVUNEC;569877998237655697:0BE0NrpeSGDDCEILSRM_Tbk\^dOPPQTRI@<73588776/2443259937H;Rq7CE<;EHADHAPJVrkS`xhSPOOQNF?64358876654102236:9?7Gug8C::99=A@=CI@J@RoX\nZgSQPRQKA92345788755461/24245:Dsl67G9=748=@BF;DCHIb\LXSevhaPPRTQF91035567544340/44225FqO3=54438<<;<>?BDCAHmRQMQY^ex}ONOPI<1,.35313432210/1322>Mx61618159=?=BGDMFlPLEONNUZZ^JOL>0-03221102100-3+30Wi3013322358;==>@AAFGpKLJKMQTVWXKH@5-,/110100//0.-//Oa6:0122112357:<<=?EFoIKIJLQSUVWH=1+*+-.00//.0/..-..,29p913/0110012368::;<==CDmGIHIKOQTUU=1('*+,..-.--,,+4.gA)4/./0/..01246889:;<?hCDCDEIJLL$''$%)'#(('('&&'4j,).3&++*)*,./1233468677<=fABCCEHIKK)**+*)(('')($%,-.Y51)$*&*,,-,++,.0(.7+:883=Ai<@=HBHKHTS'(()('&&%%&$!% )$(`3(%'.(+*++*))+,(24,;4*:77D96nFF=;JJGMIF%%&%$#&!$ &"3W-#%)+%*())()+-+0-)9<65>&E=b>>?8;@DEEI#$$%$#")! #$*O;%&(&$!''(('()+%/(;06=iio}lt^G8J>@GCIK##$#(#%%#,c&#*'##%&'(('(*+0),.9ko4@,A6AZ:;CA?DDA""##$##"&$ %d#%'""'(&%&''(*+'-68iC9857;8;>K=AE]DB6+  ! !%!  &"^#"!"# ""#$$%')).$s1-3317/~G5=vjZRAC  ""##X$# "$$%&&'(($4JC42g9/.556v5<7_.H  %$ S #$$%%&''(3].(+_7(>&44c3+R    !V$!#!"# !!"#$$3L,03S3+0614^&R "Y!!%&''())*&=L62[L2*053]G"# W$'!"!# !!"#$$%,%/ta)A.0)sI6 !"Y #NIJLR\QQRRSTUUVZQsTlA&\VOSW&#\ S*"!!""#$$%*"-)rQr9&  k*X)"[$"!!"##$%%'%+**c^ Bb)^%^ & !!""&$#'&&ErhDKQO1_&0Z  !%&!!'%[$ L>e!!   !$$*(M +`9L ""$%!PY5c &!!# S "Z!:M # H S?R= !  D b!o"   H   ߛݍ𡞜狌嗘ω̈臈둒膇 ʄ Ԃ~~􀁂~~~~}~~}~ҁ~}~~~|}~~~~Ҁ||~}}~}~{||}}|~~}~~|zyy{{y{~xz}}|}~}||z{||{}~z{zwttvxyxz}{wx||{z|{zyz{zzxyzz{zz|}~uvvtrsx|}~}|}zzxvx{|z{yxwyyxwxyyzyy{|}prsrqu{}{}xzyuuz|{zxvvxxvwwxyyx{{|}~nmnuz||}{uuvwwxxwvuvxyz{}morvzyvsmuuvwwvutuvwxxy{}~quvtwwsrotuuvvtstuvvwwxyz|}twtpwurtssttuutrqrstuvvwxy{|~~prrs~qnpprsstssrrppopqrsstuuwxz{|}}inuvnmnnrrqpoonopqrrsttvwyz{|}puvomnpoqqpoonmopqstuvxz{{}~~{okknnkqqponnmopstvxyz{}~~{qijllkknnmmlonmllmlnlqjhuprnzxvnhilkjjllkijkkjhhimkmaqs^yurrqswz~x|sojfhkkjjifhifegkjdfvi}iuwnmwzsvzsz{yrigfhkkjiihedeehldjbrbmnnmmqutqw}u}s~tlefghjkkjhhgjebeedcddnabrdqkhlqtvzrxw||}yldcfhhijhggfgcbeeaadpzakdeefkoonoqrvxvty|od_afhfdfgfeedcbbdaam|d_ebkeijnpnmpstlqquw{z}~zrf__`egdbdeddcbcbba]d}_iadjeggjfgnrolmqvszt{w{}oa^adccbbacbaa_e\c^Zabddccdfilnnorqtwyx{|~|yqf^]`bbabaa``a`^a_}_cabccbbcdfhkmmnqposvwwz{}ynb\[\^_aa``_a`__^__^]agd\\`abbaabcdgikklmonmqtuuyz|~nbYX[\]__^_^^]]Yc\oWa\_`a`__abcegiijkmmlostsxy{}^YW[]\\^]]\]\\[[UKbXb^__^]^`abcfggijmmkortsvwy{|}}TUY\][[\[[Z[ZYYZW^V^\V_]^^]\\^`abdeefhilljnqsruvxy{z{{SVYYZZYXZZYXZYXXRjV_YY\]][Z[^``bcddegijjhloqptuvxyyUXXUVZXTYYXYXWWX[VW^KeX\\[Z[]_`bcddegihhgjmonttvwxxWXXYXWVVUUWWVXQ\VVa\VQXTWZZ[ZYYZ\bY_hYieelkenojnowostoyxUVVWVUTTSSTSSXRWMP^SRT\VYXYYXWWYZYceZiaWgffshcqqnlxwrvrnSSTSRQSPPVRTLZXNRVYSXVWWVWY^\a[Xfic_iQnffgohlnqsptQRRSRQPSOQUORRvfPQUSROUUVVUVWYV]Vj]chƒlhwlnvrwyQQRQRPSUOPUPMTTPQQSTUVVUVXY^W[[f_gSh[gȬdhpnlqqpPPQQRQQMNTTNMNLNPNOUVTSTUUVXYVZcenba^`d`cdqƭcinem]fOOPOPKQPNMIONKLOSTSQSSTSTVX[S^{YYjpabfgf[RC>MNNONOMJLJNQJLKJNOLNQPQRRSUWV[Q\V\a_e]q]e{scfB*@p]=;@@>?JJIGKKLIGIJMxstv|}}~~|xzeJx|:B:A~M:8>A=CJJHCGHJHGJHG{RJBDGJJKKLMMNPHROv[OC5A0G>Q9=>A;<@IIHEIIFDF~QJFFGLJHHIJJKLLMIPPOD1;>EgO:9=;@9CDGG}DEMFIKHHIIJJKKNLKONNmeqzz\>7<<=>FE~GTBCLGHHIJMNIIOMDBzF><>77?::;;<<==DDl_>IICGGHHIIJFLLRP@0k636869:99:;=:;6899::;;C>}ZBGDDEEFGHMHHJB513r:6445:799:;CCDDEEFF@GH:,173e9638778778899::??=D?F@@CCDEIGC90580i@9374376678Ⱦݿ¼罾ýϻ̺þ蹺Ŀ踹㾿ſ ʶṺÿº Դ߻Ǽ泴๺ҵᵶҴ೴ṵ̀߱IJݮͱ۩ͰڤҬڦԮӥǹӭөʹЫѬǶЭШ²٭ΡŶէͨľש̶ſתþǧڿμɡIJȼĻ˞͞¬¿ȞŔֿű追ͣʔŵɻǠϭֹлȜ֘ӯҽ͜ϓ̮¾󞠔Ƒ祭ͭ뜟夫̫윗З姨ʩ앛ǡ奦Ȩ팶}񤥠ȨΕɈǧ喕ťLj喕ãܓӨԑҨ䓕􍊌㑒ﭖ͌єӠ퉋䒔ˣޔΈ|ؤ陋{䏑Ցߒ૘аώɝ֓xϑŔutz~{{xꌆ煔Ë}k{|z~w~Ꮠ}xyz~ώɶڟ|iz|zxόʩ|s{s{xy{~~}ㄅģĉpyg{sĈt{{z{ϊ|Ӯrxy|~st{~{zyױun||}~}y}苆vstzsrxzz{{||}}t}~nkmtxvwyyz{|y{鉈~yzqw~yxyyzz{{zw~vrttuyyz|yyz{|}~򇄈{yyuquy~~{xyyzz{{mp{}otzvpsr{zxxwwxxyyzz~w{uz|sx{sutpxurwvvwxĉtZJGECCI[osrwvwy{{|~óv[JECBCI[nrqvuvxzz{}~w]JDAABIZmqotsuwxxy{}|~z_JC@@BHZlomrqrtvvwy{z||aKBA?AHZjljpnprssuwxy{~ą}cLDC=AHYijhnlnpqqrtvxy|}}Ă~eNEE<@HYhhfljlnooqstuwz{{}~Ɂ~fNGG<@HYghekikmnnprssuxyy{}~|lTDB;;FYcbcihiklmnprpqtuwyz{æ}mTBA;;FYcbbhfgikklnpnorsuwxy~pU@?;:DXbaagceghijlmlloqstuw||}~}~~rV?=;9CU``ebcegghjljknoqstuzz{~|{||sY@:;8@S^^babdffgikijmnprstyyz}yzyr\C8:6=P\\`_acddegihhklopqswxy|~vyxuq`F794;NZZ^]^`bbcegefijlnopvvwz|}tyxsobH783:LYYX\[\^``acecdghklmntuvyz{}~rw|u`G8445BTWUYZZ[]_`abbcdfgijkqrsuvyzz}~qrw{u`H8233>PVUVXXY[]^_`bbceghijqqrtuxyy{|~ppuys`H80119JTUSUVWYZ\]^`abceghhooprsvwwyy{~noswraI8004CQTQTTUWYZ[\^_`acdfflmnpqtuuwwy|lmqtqbJ80/.2=LRPSSTVXYZ[\\^_abcdjjkmnqrsuvx{~jloqobK71-,/6CNNQRSTVXYYZZ[]_`abhhikloppttvy|hjmpncL71**-0:HMOOPRTUVWXYZ[]_``ffgijmnnqqswy|}gjmnncL70'(,,4CKMMNPRSTUWXY[\^_`eefhilmnooquwz{}~~`imkifP40&')*/;QOPRRSVWWXY[\]^bbcefijjnnpqtuvxzz{}}~hhaeqdG<0&()),5HLNPQQRSUUVWYZ[\``acdghhllnorstuyyz{|~z^gmkd_Q:/&(('(-=IKNOOPQRSTUVWXY]^^`beefijklopqswwxzz|}}~{wpedlm`I5,%(('&(5FILNNOPQRSTVWW[\]_`cddggijmnoqtuuwxzz|}~xtxbfbI@)$(('((3EGKLMLMMOOPRSTUVZZ[]^abcefhilmnorrtuwwxy|}~|tplxk[G.'"&&')*3DFIJJKLMNOPQRSTXYY[]``acdfgjkkmooprrtuuwx{||wrmvz\A1&!$#%)*3BDFGGIKJKLMOPQQVVWYZ]^^aacdghijmmnpqrssuuwyxtnig{ks:,% #!#(*2@BCDDEGIHIJKMNOOTTUWX[\\^_abefghllmooqrrsuwuqjfVbb`-&"% .)5BBCDEFGGIIJKLMNNRRSUVYZ[^^`adefgllnpnquuprcBV__BqG""$%*'/8@@ABCDEFGGHIJKLLQQRTUXYZ[\^_bcdejjlnptqpr_@1[Wa]~o2u7"!+(3;>>?@ABCCDEFGHIIJOPPRTWWXYY[\_`abggiklolmdC'$PL_[Wx;&Z( !(24<<=>?@ABCCDEFGHHMMNPQTUVWWYZ]^_`eegigdjbC,&$VZR[NH~#NM'(+678;;<=>?@ABBCDEFGGJKLNORSSUUWX[\]^ccdefghhge_G)$)&QXTQR67\Z2(/.>59:;<=>??@AABCDEFHIIKMPPQSSUVYZ[\aabcdeffjeG(!$#%[TLS?4$o>?@ABCCFGHJKNOOPPRSVWXZ^^_`abcceQ/! $RSQEF)),Zs*3962556789:;<<=>?@AAEFGIJMNNPQTUVW\\]^_`aa[5#&LNSP@( a0>[<7276789:;<<=>?@ABBDEEHIKLMNNPPSTUV[ZXY\`]V&$"!!"$%POOI9$5W/k865.556789::;;<=>?@@BCCFHIJKLLNNQRSTZ[YVZ^L3 "&*,EHKF2k,a?45.234567889:;<=>>@@ADEFHHIIKLOOPQZTVZWC+ #'+-DIL@+#PCBY4-2122345677889:;<=>??BDEFGGHIJMNNOUSWT@$ "%(,.LH>0!(3[3k8(.012345566789:;;<=>>ACDEFFHILLMNRYP7"#',024,"&3_3a5--//01234556789:;<<=@ABDDFGJJKLSI4  !#%),/1(3\2[-/,--./0122334567889::=?@ABBCDGHHJ@)$%&(*,./$)&`0h))'++,-./011234567788<=>?@@ABEFFH#!"%(,024LNQSTUWX[][4X--'+,,-.//0223344557::<>B>BA0!"%&'*-/13 "#$&'#'2$U*,**+,-..00112233588:;<BDEGIKLMNQRUXZ[ZZBDGHIIKLTNRQMNRSSTTUVWWYYZ[\]]^^_^b^N@?@@DFHJLNNQSVYZYXWEGIKKLMNKGJH~KQQRRSTUUVVXXYYZZ[[\\]]^a[N@=AEDEFIKMNOOQSVXYWUSCEHIIJKLKLNMMRMQQRSTTUUWWXY[Z[\[\\]aN>>AABFFGHKLNOORSVWWURPACEFFHIHILOJQMOOPQRRSSTUUVVWWXYZOA;?DA@EGGHIKMOPRSUVUSPN@ADEEFGIHJOEMMNOPQQRSSTUVWXWXX9<=>ADDBGGHIKMOQSSTTSQOM@ABCDEFGGEDCMIKLLMNNOQQRTSUZXJ9<<=?@ABCEFGIKMNNQPRQOKOT@@ABDEFF?MBIGONLLMNPQRSQSVVNB9<<=?@ABCEFGIKMNOPOONLQX?@@ACDDEFBcmKEIJKKLLMMNNOOPQPSUNA::<=>?@BCCDFHJLNOOMKKLMV^>??@ABCCM9MGJBGJJKLMNPQSOC86;<=>?ABCCDFHKMNNOMJHJKPZc=>>?@@AAW~@DJEIHHIIJJKKLMQPD858;==>?ABCDEFIKMMLIGJOU^g==>?@JHDBIDFFGGHHIIJKMH<46;;==>@ABCDEGIKLLKJKHJNTY`g<<=>eu7KC>E>EEFGHID=768;;=>?@ACDDFGIKKJIHJILSZ]ag<<=:F@CGBADDEFGHIG<4599;=>?@ACDDFGIKKIGFIJNV\_cfòŲdzɴ˶̶ѼҼս׾ĬȯʱòóóĴ⟮ŵŶƷ˛Ʒȹʿư¼̾²Ỽäʴ»㷸ԺоѣɬԺíϔͧϼĎӝ緸ӗ~괵vw󤥦xЌѳĔ䊌{LJ͊řࠪଣ~|~阙Ӡ~ˆܞ¡y|~~ɝ|~˝~z~~򗛙}{~~ҐϜ}yޗ{z~膇~w}~}~탄~vxy|~yѐv||}|ϒv||}Ϗxx|}~~rƈʏvty|}~}~~v}뎒yvy|}}~}}~sߌ}uw||}}~||}~oߌzy{~~}~||}l~~wx||~}~ܦyidb]VSQOONMKIHJKIGMTlnjea]dr|kdb]TRPNMLKJJIIHKT]jmha][fw򥘊|lec^RQPNKIIJIHGIO\hjmf]Y[jܧ|leb]QRQNJHHIIHGGKTblikd[V[o蓮}mgc^RRQNJHHIGGHNYcjhiaXW]tݦ}mgb]SRPNJHGHFFGKT^efed^VXb{ݦ~ofd\SQNLJHFEFFGLYegdc`YRXgݦ~ogd\RPLJIGECFFGN\ijd`^UOWlݢ~pd[VRMIIHECEFFJT`gfb\VNKXtݠ~pe\WSNJIGCBBDEKVbfdaZTNN]zݞ|oe]XSNIHFB@@BCLZdd`^YPKPcޝ{nd[WQLHGEA?@@CO^ea\[VOJTkޜylaXSNIEED@?@>ER_c^XWSLMZuޚwj_VQLGDDC@>?>IV__[VSOLPcޗuh^UQLGCCA><=?MZ][YTOLKUnޔtg^UQMHDCA=:;?P\[XXTMJKXs{ocYSNGEEA;89DSZWXULF>PeߎzmbXRMHECB>98;ESYVVSKFCVoߌxk_VPLGDA?;78LUVRPIDETk}qdYPKHA?=;759@RVTPKDAG^uzn`VNIF@=:855711..8GOMNG@?DTl ibYOH>5.,+,2@LOKKB=?L`y gaWH<3-,+(-:GLKIE?Lax]P=-((+.,1;EKIC?>>EVmTD2'(++*,7BGIIC;<>I_v')**))*,2=DCCF@60EZo'())()-08@EC@?:38Kat&'(''*17<@DB=857CXm|&''&'-6=>?@@958>Odx&'((*09@?==<73:G\o~&'),05;@@=:946@Mfw'(+059<==:643;IVp}(),29<<:86404@Q`t+18<<;;<4.-4@N`m.27::99:0-.9GWfr24788765,,3AQanw~4567752/-0;J[jtx~356752.+/8CSdouw~~34553/,+6AP[hruv}||}|}~~3442.,,.=JYdkswvzyxyz{zytvvuuy{343/+*-1BQ_hovyxxvuvwxvupqqoonptx-.,)(,7AX^hmpqruqqonmkjhgfghiox,+)')1>H\aimoopsoonmljihfeccdeis)(&&-8GQaejlnmmpllkjhgedba`^^_ai%&%*4CPZdfjjkkmiigfdb`_]\[ZZdz#%*2?KW]deghihijfeda_]\[YYXWWVVWaq#(0;HSZ^bbddfeeba_][YXXUUTSQ\j&,6CLV[]`abbcb`_^]ZXVUUTRRQPPOMWd(0;FPVZ^``aab_\[[YWUSRRPONMMIT^/8EPUZ`c]]\ZYXWVSSRQONMMKJJIIJDMU6=HRWY]^ZZYXVUTSPPONMKKJIHHGGCKT?DNRVVXZVVUTRQPPLLKJIHGGFEEDDEAIREJPSUTUVSRQPOMLLHHGGFEDDCB?FOILOSRRQSPONMKJIIEEDCCBBA@@A=BLLMOONLKJIHGFECBBAA@@?>>?:?IMLKJHHGEDCBA??>=<;<9==<;:99:8;Fǿ~}~|ǿ~~}ƾ~~~}|~ž}}~~}||ļ}}~||}ü}|}{{|ü}{z{{|ü~|zx{{|~~}zxz{{޿~|xwwyzݽ~}{wuuwx޼}|zvtuux޻~zzyutusz޹|yyxusts~߶|xxvsqrt~~޳}yxvropt|~|zzvpmny{y߰}zxwsnmpz{|߭|yvtplmq|}zદ}zwtrnkms~yzৢ~{vtrpljnuyv|ट|yuromjjqz}uw࢝ywuqmifit~zuz࡜~xvvqkfciw|yu}|xtrjbbely|wsx᜕|vrlhbagr}}zvt| ᖑyqiddaakzztsw |rh__^_es~|upr{|pg`]^[`mz~|vpmu{nb^]__^et~}yxpmo{{la[\]__dnx~|vrllt|o`[[_][_juz||vnjlxXZ[[ZZ[]fqxvvwqgfvXYZZYZ^altyvspkdl|WXYXX[bhptwunifftWXXWX^gnpqsqjdgm}WXYY[ajqqonmebitWXZ]aflqqnkgbcmzXY\afjmnnkgbahvYZ]cjmmkigb^am~Y_fjjiijhb]`hv\`ehhgghd_^eo|`beffedc^]akxbcdeec`][^eqacdec`\Y[blyabcca]ZY_juabb`\ZZ\eq}aba]YX[_hva`]WRT]etz񈇆^]ZTSXblx}~||}~TSU_kt}󈄄}|{zywwx}~UTRT[hs{~|zxwutsrrwyQT[dox}~}|ywutsqqpoonntu~OQXbktz}~}}{zywusqppmmlkprwOU^hpvz|}~}}{zxuvurpnmmljjihhgklqQXbkqvy{}}|zwtqsqomkjjgfeddgilX`jqtuwxxwutsrqmmlkihggeddccdeca^elrstsuutsqponjjihgeedcbbaada`diorrqppqqpomlkkffedcbaa`__^^_b_^ikpqqnmnmlkjigffbbaa`_^^]\`\[ilmonlkjjihgedcc__^]]\\[ZZ[^XXhikkihhfedcba`_]\\[[ZZYXXY[UUgfdcbba_^]\[XXWVUTUZRSihfeebba__^\[ZYXVVUTSRRSYQRĽĻ𯲻ù챰¸ƿ¹þĻ¼ǿľýĿ½Ļ묦ú¿Ž¼ÿĿĿƿ½¿ะ߰ߒߑޑޑݑݒݓĽ¾ݕܘܜ񞟠ܝ㝞ܝ񘓎񱰯𙘕䖔򓐍⏎菓䎔ꢡ䙝非    6g($} H 9N0%w!  F    BM##u!   G    CU0g0#  H      Ec+`E   F    0o%Qc%  C      !cV PS5%  E         *WM 0RFP6 I   A^      .OT &DSPVR  O\1       POB'  #G[I%        :MQLI=GEJNIKL4                                                                                                       !    "    "    #                          _    Ԏ  #sn   {u 6È$  m:    &        7e        =>        1)x糘 P VJEEDGHGNQHTVPEQP=DEE Y&t  þĶǿк x         $̦ O   7C    & vĸ>4   p uxlJ    C   _& + D& ! zmλ ^F   "*s  1   >ܻʸɼݩc TP  0  3  %t     ~$ .  } AK < d& "W nn   89<>?>=<==>?@>>?>D3ZHB>C?A;DBFBEB6531;4l554456468877:<569;<==@=G9\oPC?>?F>GCD@3278952j445754456623468:<<==<=<<;<>5@cnCGE3DCD=@=3530943k3433534678987112468:;;<=<<;9<4A@>fx?TT7E7HF7,-+.4/4l44211246752246211346889:;<<=<>;rqeJ1(+0/9#)7/31Fj~lH-+:220/001221210.1A\ptol`jhmqlnoV>0/.261221012132-/42062,,24//2001.+,058+/942402210 140391).)-23.*-31.31/3346.,--02213425:4.23/++/31-.,//..*(-23133122 102430/0.+-*,/21/.-/1/02011/--/121/22 10 231/-*2.,/.,.2)2-/2.1370372032../01101-./0,-..//00-./0)**++,,./01//.,-./0)*+,-..//--,-./0*+))**+,,-++,-./0++()*+))+,-./+*+,-./*)+*+,-./)*+*+,-,-)*+*+,-,,-)*+*+,+,,-)*+*+,+,-))*)*++,+,)*)*+,++,)*)*+*++,)*)*+*+,*)*'())*-.*,'..%,.**)*,)%(-+(,0.- *)1|))* )*'/3.(*-,1#,45))*)())*0%',&$**()Bц!,))*)()*+3.',.)*$ِ,%1#))*)()&+"'4+.Rם;#/#*/((*) ()+$.0.W/.&#-&/((*) ()+&.?5%)")-),)((-2"&%'!*$.$)((),''(.+,,$*(*"!I}&,))(,#2) $7-"-0''+''$)$'%,,$"LJ )())(')),0,"-2"( -))+,'++)*+/XF8&-*,,'!(/&..'+*$*'%$i,".%$/f_[[Z^aa]cf[hmdWcfT_[['&'o:Շ,$('Ƕžý'"򦈒1-)2)%%&'*+$0'&/$- "'&&'$/'6Ԯ:!$)&((,+'&)i+%!+(+.**'+%#/SU**&,(%,%+''%)+(,>''!&/)V#F/$)-#'+"&''$-&+"'' 1.,/凃n]$''*$%&$''*&&^.#'', !* !KTJZ&)*"*#.%''$#(`%"&''&$+(!3!9s,,% '(&)''%V,&%&& 0 (#'-ب$%K2&"*"+''/_%-'&&/ ,%%&/"3l#Hw>$*#)(''(C!$()"&&'()$%%$$(U0!=;0.#''&}#, .&&)$!+"}a#")*()'('$&(0*(+$"%%&!(8* %="&+ &%#.#!@-)#$%)(($&#"#R&(*r& bO')& .&9 !# ##!&"'+)<'+"6ޡ.2%*5 #((&&*($&&%*%*'+"((#&8*#A )(%(+(##&%$%-%)-(&'%`l#, ]$*)'($))%+&&#*!"u8&&"7l'+##'!%%&yz}~}~~p{ts}|somhrnpsruwxy{zzwwz|vwz|}~~ς}uuv|~qputtplorruwyzyvvuvvtstuwy{}}~~}~}}{}|pzvws~tvtpytmnrqtuwvwyxywvurrsuwy{||}~}}|z}s|xlu{xppnqytnorprstwyxvsprtsrrtuwyyz{|}}~}}Հz||yxhx~{zmuwuzvwlnqpstvttsqrtvytsrrstuuvxyz{|{{|}~~|{{r|{h{whilottyilpquwysstuwuqlttssrrssqrstuvvwxxyyz{||xq|uwtl`~`fqntmkmqquvyssusooquttsspqruvwyz{{yy{xuq{yxe|bgiuqoprprstmsupnssqpqrsstsswrtpqinnotfodljfk_pfssqpqrs swvwphnuoi`cfis]cqimk~ecrssqpqqrssrussqmjjgmn~{mlkosnssrqrsrtslnrmkqqkkqqlilmmnkhimrxkoytrtpssrq rusorxpglimrqlhioolqomqqrxpnoorttssrsqtyuosuqmkoqoknloonnjhotusuustss rqsronqooqnpssrnmlprpqsqrrnllnpqpnss rqsprtrsqpvrppokmqjsnpsortunqupnqppqrssrsopqrnoppqqrropqrkllmmnnpqrsqqpnopqrklmnoppqqoonopqrlmkkllmnnommnopqrmmjklmkkmnopqmlmnopqlkmlmnopqljmkmklmopljmkmklmoopljmkmklnoopljmkmklnoplljmjljkklnoljmjljklnnoljmjljkmnnoljmjljkmnojijbgjkkjgfhjbkmepvjjijekpkgiinvlqd\iij ij_issonolvisvmiijihiijg`fpmknlxkqPdiijihijcqmkpnie\NTssiijihidjdgtdbe[qjpthhji hioiqpT_yZimovfhhji hirlr_uOmmbhjdjgiiepfrrqgkflblqrkgjjk}fqlk`hfucTqaolligarmej}eg\iqnciihhfde^_\eekc~ZlqjjifdaRenbvXgo[ceYdeeijeikijkVnaSa`hhfe`RYRopjapd`𶹽ؿɳhmbcc{ti`zhqgU[gkylKhrbTɢ`\xmMZ\ooV\ch]_jirfnchmpphnpZ\jff[UmbbeijihCkdjabghjddhkhgmRblcfb_fb`qqhhl^wdhlyhhclv^]xfքtchlcgmhlhhct`hѪWthhdygsfZĕpmejmghhfhhft_c\shhrgjqaVtylopksi`nbhhbgrUtfhhgitpepCY]^]olipkfchhd[`zbgg_pfng_ceMlleHamkmaehh\Ospeggi]lfhiobyq{j\miehbhhbqbc}c^gg^`fdfhhcahenXvem]hhfWm`fgg`Jc|ichgbierg\[fyFlja_^bkkgi\q]YehhinTdqmk[b_g_mm`]bmbbgyeigtogeea`pf[Smpi^nftkohhmffgjeuheKnmYelKYYhu^]WfhccdfeefiYn]P`[ctqYJ]\\dkOfib`fijjfdZpZ_gXgkk\e[Zl]Rhqjejkggfr`fc[ft^hky]i`dY]bgpidmnbb m "$" %).6;?CD Y6!! '+07@@A X9 !&.15<>>=\7 %)028:;<:9e&   !'-14679887Hb   #*.3354(    !&+.2232233   $(+-110//. !$(+,/..--,, "&(),++*)( #%))('& "&''&%$   "$%%$#   !#$$##"!   !"#$!!                                                                                                    (RsmD     ,`yH  >_̉8    ص6   D@    &        Ya        gd 3P      GGʊ 2:       w}*K        -oy2       F  oT Dg    n_ '          L   s;        -     B:m     I~*J    I  &۩v      <  Hyė坴    \{ E r~cܷRߊD   ~M nms5A c   %  pd'Se 44  D:) ju .   QBƋ !go TǖD       % B  #'ȾiſƷéd¼(  xpϵ  -yC$ TrЮʎ    8 [ V޶# fL   Bƒ  Pdv _ '׷X     Z4>Xw|FA* + ܌  o >V= ƾnKC<i/    ^ .( zϒz^  %   m=S?  9=957>6A@??@BCAABBCCDDCFECDHJH>9326:;;==>?@BCDJKKIFEDHLRY_cefA58B4>|W??>>?@ABAABCECDGGD96457:;:==>?ACDEJJIGFEFJOTZ`cde.<@1:{Z9==>?@@ABCBCCDEA=34579::<=>@BDEFIIHEEGJNRV\_aba?41>]6:<<=>?@AB@ABCCA<6247889:<=?ACDEFHGDBBEIMPSX\__^]*7:_5?9::;<<=>?@A@@ABA=734687668:<=?ACDEEDCABEKPSUXZ\[YYA@J1D3=99:;<<=>?@??@A>8326787668:<>@BCCBCGMQTTVXXWUUi56<1E689:;<<;;<<==>>??>?@;42467789;=>@BBA@BDEINRTTRQJ/<32=6;89:;<<;;<<=>?>??921545789:;;=>@BBA@?=?CDGJORSSRQQPP56789:;;<=<>=9402434689::>?AA@?@A>?ADHKNPPONNM455667789;<=;8312445679::;>@A@?>?@>?BEHKNONMMLLKK456789:;<=;85323455678:;<>??>=<<==?BFHKLLJJIHG4455667789::;=9522344668:<=>>=;:;<=?CEGIIHGFE456789:72013446678:<==>=;:9:;>@ADFGGEFFEDC34455667897410134366789:<=<<:88:;=?@BDCCBA3456789421012335679:;<<::98679;>>?@AABBAA@?>33445566566782112334679;;987679;>>?@AA??>=234565567752001233445689::998779:<:;==>>=23456556764200123344567998987789;::<==>><123456531001123445789987765678:89;;<==;12345431001233445688776654456878::;;901234310//00123345677655443234575688998012323441/..//01223344566544321123544677887/01213430.--//00123345655332100124235567 7/01213430-,-//00123345543210//01323556 6/0//01/021/0483343/01-..//00232210/.--.//0234 4.,.032/,/./11//121//*'+-../0210/.--,,-../0234434431.-.//+)*,-++.,,.)$*--.//0110/.-,,-.0123433(+-../10/.0014.*-,,6,--..//0/.-,,++,--./113322100//0//22101233,22/2/+/,,-./.-,++*+,,-.01221-+(*./,(-/0.-.00,-,++--++,,-..-,+**)*+,-/01 1*+-,++.2$*.,))**0*,*&+-$++,,--.--,+*))*+-./0100+..).HsɧZ2++,-.--,+))()*++,./0 0%AwȐa?5--/.--0//b֙O20)+4..+(,/)'*))(())*,,-./ /ǗN%,2'4.*,//./++%)&),BkҜP%/"20++%#'))(),-.//.//@0%))&(0,**-/..)(04#& (*10un,*))&(*#))(()+,-. .*''+.,)),,-,++.),,('zy5!,Pg.$&*":))(()+,-. .)22'$-0,-..-++,++)('&_[֙4.-CU+-)((''(()*+,- -#05/+/,--++-.-'**(-#+,,(1Տ:#(dמ(('(*+,--,),-)(+..*,,)*-.+,++,*&F+2,1&*|ϑ2&%H"((''()*+, ,%(('*.-(*,,)*-+',''/"(],#()(.-+l'T}((''()*+,,+&0'%##{**))("Eɩ1.ġ/ ' ..'**+,++('(##)-c))(,(,R-#*&& "/** +,)6*0!0,++* %Nސ&%+$,$**+*Ǟ*%&,))*)^VccdYi]\\[[Z\_`Wb0&.($))*(ɻה$"{&w$!(()('*'-({}0&&%%$1 a #B{$3K)(()'(#)!(&g))($"\$=;::99878872:EDCBA@@>=<;:987767619A@?>=<;:99865545443509=<;:988766543223323/8;::9766544332112 1-78765433221100//00/0/,6543210//.-.-/.+632210..--,+,+/-*5.-,++*))+*(-,+*))((*)'-)('&')'&,'& %(&$+%$'$#+$"%"*"#!$ ) ! $ ) !% %%$$##"                                                                  /B  dcba`_^\\[ZYWVVUUTSRRSRMa`_^]\\ZYXWVUTSSRQRQL\[ZYXWVUTTSQPPOPOO NQPLXWVUTSSRQQPONMMNNMLOKVUUTRQQPOONNMLLMLJMJSRQPONNMMLLKKJJKKJIKLIONMLKJIIHGHGHJKIMLLKJHHGGFEFEHIJHKJIHHGFFEFHIAIHGFFEEDEGHAFEDCDCEG@DCBDE?BABD?A?@C>?@>A==>=>A=<=>9<=>9;<=9:;<8 9;8 8:778797676965674578145454560434324.324322100/2,232100/..-0,1321/.-0+10210//-0,0100/..--,,-0,/10-,0(/100/-,0(.0/.-,0( .-,0( -, +,0( ,+*+,0(,+*)++,0(+*)*+,0()*+/()*+/()*+*/')*.')*)-&()*(-&()*(,%()*',%('+$('+$('+$ '+$ '+$ '+$ '+$ '+$$("( *&&%)#.$!'#!(*&&%)#3)$&"(&&%)#5"*$!-%&&%)#%$'%&'#+&&%)#1"'&))(&&%)#B1$!-#&&%)#W**(&&%)#񕔓 򒑐 𐏎񌋊 򍌌~񉈇 }|~~{~~}~|~~}}|}|~}|{|{|{~}|z{z|yz|xyz}wxzvxy{|vwytvxyzuwytvxxywvttxvuttwxvtstvwusrsusqstrprstrorrsqnoqsrstzvprspqsxtorosrqurmqptsrrqpprpkpqprqpponnpnkosrqonmpnjonrqpoonpnknqpponnmmnpnkonmnmongonmmlnmongnmlknmong nmlmong mlklmong lkjlong lkjllong kjklongjknmgjknmgjkmfjkjmlfjlkeijkeijkjdijdijicijicijichjichjichjichjichjicdef]ag_hgghgbpebgc`ghgghgb^wlhibecgghgbuebogbkagghgb_`iikjagghgb^Tciml^dgghgbjRoifncgghgbTmnbhgghgb   e8 $zM  9<)zB       6Q  I >    !b ,%   x xc:     -ɋ@     >     b#Z` ^|r   b/{ _r -AEIHFHJFRj    8ӫ B        : E~    ݷֵ   >      5A      0?b    R6M  þ u{ ,з/   þ V&/~  ¾ GdZ3¾ M + n* ½ :K  ½EI T zP(& ߻A {,  }H ]     : +A H A f H XU D  b b zD  hq EM  F2  G   ;@  Z?$xx& C    |J  J2:@ 4  7G  xK `B?D о¼û漳ǩە   kG  > yO3f  eEӰ}ѥK   xK  # !#?B>+   zH Z   ^      zD    g / F  )P ;  {B   ^ D  M   }H        wE   d  qd tG   +   wN   ]   貮׮⼫񶺰ҰĮ0  xT   '5+   |> UA?9ACA?M   ~G      x: f iu  {J  e  $  I  h%    w?f 1   wN w   <'    a      %      eԸH     \ˁI     + }B  ĒL +cg vG  BF   5`|űt+ H   (SǾĻwT  wN  2C?=D;( ~I  z     L         oC?A>BC@@BB@QHHFIV    wt}{AJ    zJ"D_   D} +/   H  L{6#   LE  E  H  DJ*vJ E C  P3~<  EA*f D  E  DQA uG  E  G  m" ~;  E Fe   {@ E Da zD E  D ]  |D  E 4   e! |D  E 7 U   |D  E?M7   |D  EH !A  |D  EMm   |D  EI  W    |D  EC ?   |D  E  @ )##!Q*&#!6"'!3+#+Y%$$ $&($$[%$'?Y%!)*%!%&'*%$%"'%)!-$/,'$k(*,&"*,Z!)*#B$(!$& ($$[%$'1HY"%&)2a.1%%-!%%O #(@ ##F)#%^+&W$$''($$[%$'-4r$#$+'[%*,)'.":+&q/&#($)*#)(#$"o)&&!$($$[%$'+)3}"!,+ X (&% -4''j* ''(+""%1" (e%!,#)*($$[%$'!','("*'P/#%&$.)5$/Q(##!) $&"'5*$!*r %$*&($$[%$')#--/%V*(16l#$*>$!&)~ '-%/"")F&+$*'($$[%$'-$0'}:#5+#*#^Me[YZ+)#'>R#*"%#[2))0'$%(&"($$[%$')! &"#,*w* ,!,OO##!&/O|00Q-+'"/ '!*$&#"%]'$((Q('!QP%$*%&)p\",%7~4&$ J+%$#"_!$&NM$NP&%#&&!")I, (.$$#'++NT"&.'%)%'%!$_$'&&$/cRIU/"*ҽϿ㞴""&'# !c_,(!#(S̸+)*"##*)#')(!b#*&&$+>o&&.'/'%%*pQժS!+$" !!(a' $$')6Ú1'+*."!2)&&B[[VE#-+.4+(&&*+$ * !`"+((#m'"ё#*&% !+w!%)#(!'&"!&#+#&&#%%($.&%'b!+'$$*8'&ѐ$ | $('$C#""! ]!$' *#&*'"C$-ɖ'*!b,(+!M&*&&#)'\&*&$)3%(3${-,č(%5Q(9%^$)++(##d!#*"'#+"!(+.+#К$!$%%$/-&'!!$(+b)(&/$(*+)"~ "/&Ə%#-"&")~#%&&%_'##$% "D%(˒/0$+.'%0-&#''% 'd%'$%!'&j$/!(!*##,!0"/% (##"$b!# '0="%'%Ó @,(& %%$'\'%'."(m$%&*$"̐R_`_[]^'j+(#'%%#'d!*3#!'$%&*$"̐%)&&!$%/')+"&&%%))T)%/&}("&$%&*$"̐%#$%!$&#('&&%%!%&a2""}-#))$%&*$"̐ "(*$&)@$&$#"(%%#(`);*!)$%&*$"̐#&+(#'&)%%&#%%-&U$-|8'"*%$%&*$"̐"%)"#'G"")&*+ %%$%(c&6!%'*$$%&*$"̐"'*%!++$)#%''&%%"0Q:.2&$ $%&*$"̐!&*&$(#(&#"!!%,'))'-&)*)'%%&' #$&*$!!*v*%%$%&*$"̐"&($!'%&++&"!$"& !'$$##&('%%.$"# "'(259*%%$%&*$"̐"&($!'%*% $'))"$"$$!$"##%(%!"'$#.0$'*}Z%&%%$%&*$"̐"&($!'%!$$#$(-#$$((&''+&$%%"$*%.*+r*^'%)%%$%&*$"̐"&($!'%'&&')($ +((&$%&('! '.,&"!$<ʜ0!&X'.%%$%&*$"̐"&($!'%߬c.&* !&##'$#$')'$#%("+%%(##(,+@ '&'!&($$[%$'%%(&%#['&$Q2$%%0)"0!r7# &"&)!)($$[%$'%%(&%#[&'#Y%"%%1!%jT"())$*#'($$[%$'%%(&%#[#'"b!&%%+ '&?^)%%!$#$'$"($$[%$'%%(&%#[ "'"g!*%%$!#-)%$(""&&($$[%$'%%(&%#["$'#c")%%(&+v=$)%*%&(# &)($$[%$'%%(&%#[ &&$]%%#)<^&"%$"&($""($$[%$'%%(&%#[%%Z)$h`s^XΈ_dXiцRfqgزfahYIekkcdhfjbcjewrhqdldlVoVcg^fegkinl`qj]hbh]]sdcld[WleindohgfbfjbcjeWts]phu\lkYlm[fcchm^_x_\[jenbdf`kgaTjr^ă\keggifjbcjeVay\knmXvbh^momq[Xjesf[opeXr_td^see^]}[immd^ffjbcjekh]qedjfp]didej]b_]vYk`k_bgbse]lang\yaehsfilfjbcjejfl`]^T^tl_kkek_aTgi^in`Hcjcahfcm`cmj`lkZjhfjbcjeejZpSDp^ho^mMbMi^r`]mbלUpebiiGXedarfrk^jifjbcjeYtgYpi`\hrlaqcSpӍfck\~sZauWz_nW|SdflkfdfjbcjerXWmkY_lk]alhilPĴT|df|`Xpyae^Qm^e_hbdcjc]odfftqLucc]kcc^eglgpZ_غseok`sWgmflfgjngdpkkuL}kjqrhYha_aaQtpPkaqbggjl[_ztX\d][_[]^bYY``X\Leep[mWrkz_f`iwkF^\pomMQ~chnabbihbfhke_a`meeq^X]_jolfcbalhX¨KyМЁVjegiged`bfb]ebac_ddrgVfbޠgo`aeieudRjsdea{vUdelXvoommqrkgmkc`mnkkfasd`_^k|cZaeNlk]^ZjkumjhlehZZgdffie^oeha[nfeeWb[cQݭiZfch]qfrxiggfl`ĉ`mindlcfjcnefOlkdn[ܐthb`]{Ogii\j_}^k_bdUl]`m`RSXvޝeiyM~jmof̣[nccilcalkinhpgdknfXekllkrq][qWQib]iiZf`^f\lcg[jf_WYZrkژ`W`ZbInyhbsg``njcajplotvojeTykersrVnptdd^gj[p[iibd`^cd^ddm^aQOaqah֨pjVXmlZliRacT^``bcb_bcT``e[ga^XrY]`޹cw[\qm`ffsgYgh\o`rt^aeeh[liۯ舘_ߔ^iihcffmnTaidazUUZgeeh[liۯ`fUfdV\XS`qkjbffoc^st\rbXhobeeh[liۯccWig[cRennhaffbg[mjrbXYmq_eeh[liۯegarn`jhZgifbffbhRÖjuXVtirZ]eeh[liۯhmfqj_j\_nedfgffk]]i^Z_c~c[aeeh[liۯflakf_jflpbaliffbf^Z]g]i^bjmeeh[liۯdk`lkdjijzj_\gtff`pQ~rXemeL`rveeh[liۯ`h^kk_aabfjkidbdjedd`d]dedb``abgf``c`_entPcffeh[liۯbi_lkcftqk`Y[fojneffdjgjiilnmkkhflupg`VkSbkn`ffeh[liۯbi_lkcffimsqj^Thjhjjdgeffhkhdejjcfc\j{{B~dlnffeh[liۯbi_lkcfbdc`]bir\]]adbccd_]^^[]cal`alTa\jokffeh[liۯbi_lkcf]\X[bhlmgddehjc]\cjhb^mhi_p_]bf]bffeh[liۯbi_lkcfљqbba^cdkjlrqpilnlihjmYjjgchcdiZffeh[liۯbi_lkcfclZ[`XZfddUYYT_ܳ}ilpn]l^ȍ_mbffeh[liۯbi_lkcfUY^^iڻ̣lig`Z]d`fed`xkffeh[liۯbi_lkcffc\jpddggdffnjgcrmioqmknoljb^`hSdfaim_effe^^cf_[\jeabfigdff`aa\f_cVUacXWbibaafedgbnmZ`ffmkgccdecefhihggf`fV_kW_fXhffehfdcfgdghgeddfiffiP¼¾ꎩffklnmlgffccdeffdcffgrgUYUSR\y{_]]dm]gObhXYffjefjifeijhghihfcffqkl‚]m[ecc[hhddlk\f\ja\cffgdcddaadfedcdehiffhmdqxkccdcfnk][[a^^d\ifffecdcb`ehjiecegffVdPŔl\`ddbadc`uhoqldgk_lrffbg`najfTt^njffhebekeag\lieffgcgbciWmwf]rffhebekedi\jf_ffhohbj\ui^}dp_ffhebekedi[id]ffkiglZ[_\[aigffhebekebg[jgaffen_]R\`r^`alffhebekeag\lidffi\f{`_jeea~^n_ffhebekedi]lhbffXphhdk]iqd]idffhebekedi\kf`ffd]aecfshm]^hbffhebekebg[jf`ffcekgpY[Yqbicfeffjbcjeffhebekeigag~mffedfnYha_ahghbgfjbcjeffhebekemhcerffp\jdp]kdagcgjbjfjbcjeffhebekeogddedffYq_acZijj`ekdhfjbcjeffhebekeoddcahffk`db{hdfbedehecfjbcjeffhebekepcdcalffd^^fUjbf_eiccggfjbcjeffhebekereddbkfficdt`llkfgidagjfjbcjeffhebekepgceegffdfrVbalfecgieccfjbcjeffhebekelfbfifi !jH cX gd q               )      eB<@F5                         0   ,=PK,    !MS4      ]>  KLL7 JU ZN SX    #KX $VC    UM 3`   ZL \/   `R FN    N[ (c    k o   j n e i   l" j   V/W  i 4N  l H"   X f   A0T   ] F |("$%%&#+{^#'"%%&#sm %&%%&#yy,* &0%%&#-2) %%&#+($'&%%&##&$+)#%%&#%")#+!*%%&# %&# %&# %&# %&# %&# %&# %&# %&#*)*!/(&&%)#%,*!'0$&&%)#4#.(-!)&&%)#<&$*.!&&%)#0"((#$&&%)#%&&#%%)#'&!%%)#y"*%%)#`Z]cR1!%%&#$"%)% (%%&##%&##%((%%&#!$&##$!%%&#'%$%&''(%%&#*&$&&""%%&#%$%&&#"$%%&#('%#$'(%%&# %&# %&# %&# %&# %&# %&# %&# %&#%#"%&! $&$&&"(+%%&#*(&%$$&)"'$!$&%&%%&##&'$&*&%))%$%&(%%&#M-&%,(#'#&%%%&#IZmhH0& #)*$!&)%%&#()'%>joP'+# '"%%&#&",#!/:{[:(##$"%%&#fgfQ, &%#2gr8(%%&#.#n['#+%"%%&#'$(#.+um3."$J}.-%1&%%&#%+%!)$ )&5yj"*%%vL"3(*%%&#!')!"%!-!;~p$'&&`k3&%%&#,%(($'* %*%7mz6 $B,%%&#!+*#$" %*#')!&'5%72(%%&#+&'&$*,!%$/!"+&%!0%%&#%'2&#(%,!!&!%&#%+=& 1,2*"'"%&#%(,&pI'6q$)$(.%&#%#/"%0'!Nk"&-%&#%$'!'+%&&e?)%,%&#%*)!)9v&%&%# %&#%+&* . $_K*$3q-(&%&#%&$ -'")x,*#c;'$%&#TpliffhdbDjmbffhdbМ`lg_ffhdbƦfpdfhffhdbɲOqYsfZffhdbQmbjaddffhdbXbpc_agjffhdbaillY__tffhdbfhdbfhdbfhdbfhdbfhdbfhdbfhdbfhdbs`fcZofugghgbkoj`f]pdgghgbi\`tnmZ^gghgbd^ku_jWgghgbX_rsjgghgbVdninffhgbMaiiffhgbKZkffhgbk[affhdb^\_ea]_gffhdbbdeddhkkffhdbafheghgcffhdbigfijmmnffhdbjfegieekffhdbbabffdceffhdbcb`dghffhdbfhdbfhdbfhdbfhdbfhdbfhdbfhdbfhdbecdgjedjlgigchkbffhdbjhfgfhjmejebefeffhdbadgdflh]fjjfdefhffhdbi]ef[`of]cgcfgZffhdboea\_ehdchkffhdb`aa_z_e]\he_jffhdb_S[g^^lwtdbfigffhdbg[abWhwameffhdb`navbRhtfh_Xffg_gjjgffhdbn_dh_viZ_bU{]fakec^ffhdbmahj\_kfgTibfjlc^qffhdbkqkekgajYhZYe``^qQejffhdbfejlefjdmaXtVW_aSod]ffhdblehiekndgkkcTknY]{fXaffhdb^hgcddbgmf]gg_bcm\Wplbffhdbb^acajlc_aobfqdpYk]^Yjffhdbfhji[[db\\mdcjghdbfl_gr]\oiqTkdkfhdbfnYk`Weq`hejarhdbfgqbaXkb\ag]o_hdbfehcgjW^_a{he^nhdbfj[lcchs_^Xeecbhdbfhgpfr`^c\mkhfhdbfcefucg\]eb]ygdhdb      {B  F   ˿    J       M  Ǯvk }L  !ňY   H    }C    }  E    `Ȇ    E   <ь   E    >Ԓ; E    *;  E      e E     d E     uƅ E 0cϟE .=ϴI  6̽@   )@9 !ۛS   ~˸_þ     % ,#(*&$"$($!$$Z$*)(&*$$%"*Ƶ*&#.1-0'&(([$%##$&((%"+!!*!#$!!$'!$$Z!"#'#$$%*$!-'%'#*$&&[$! &'%&&%-!$&%3+ӈ}4(,#6,)&&[(&"##$&&%,&&7֓p5( &"Y"&%"%$'!&'*.((W")($"#((%' ($*2˺$"*%)"%$''"$)[#%&(% %(#&!+&2tݙ3*$&#$$ %*"[#%&(% %(&&$/&+R.#&#*'"#)%[#%&(% %"$(("#+*$,SI!&%)'**&[#%&(% %(&#)(!$#9ϤK&.''%'![#%&(% %()"#(&&(#&/-v''*#"[#%&(% % #)&$&# "*+%3p3)(($[#%&(% %' (("(('''/( *|˖1%&"#[#%&(%0%sݪ#+,\"),/&%.%(P-+$Y&!%!%""%+F*!W#"&!&)%.%6"9EW!!,(%&&%$-!/e* %$ !"" %".%%/%2!"#|%!,("-%.!'&$#(""" %f\ah`Vne`__f]kjeecmg_cmeefh^pjgnfop^mrikkjnfcgokkfhkrgecicjeddg`dd`eba_`ddfdodM\oogqj\i^eefhbcgleefdQebfSam][F]g^kZS``be[X[b``fm_ir\j[rgiiakk‘biilnkkfqmwzXM_^t^eaffenh`bhffh`hdg[m]bp`adgdgfcfmekebehffidfahcRmeNsqjege`fmdekebehffigg_dlc[\db{khmjedjfekebehffeibchgp\afgmbkmjeekebehffkifji_adpoJtl^ZnkkhhaekebehffnlefigfhqjfboآXWgnafbekebehffiliegd`dtjkXidTkmjgekebehffmfnkeiihfTfhdS`iekfeekebehf.f޼YuoWbgmghaeef\xXfgmqndffhhfTkUpeji]cieefsfmj}dkoedjhhfbqja`їkdb[\e``fd^ndfafoT`ukgUfckc^kepd[]kh_aekee f   x  {H  E E8" B E  D    \    J E  D5/  |? E  D[ڵH  E E  &A     E F   M      E E S  E  D :   F}3  G    F9  N   HNrJ>G6a6  ?  "XDC 5^Y 5"  9G I8q G   E> Jz   H  8E  I     J  U  K}]K = b nCf    I  C  \J~ V  C 3 +NF} K ;IEN@=>yBB% VJ1/N`   C (E;F?>% W  3$   SM  :   E# [  > p F5  A $< T  A  ]T  A ^ ;: A  ); _  A H0 c  A  \b  A   g f A i  j     Asq    G  gZB  H v 0b     ? PG a$    3%^  RT,   %+P7 3BS   =  CZ! \?  C& WM  PKLD"   B& WO AQ?ON:N& Jc >QHB&   $6rfOLk|:'*(%%$"$$*`-#+GdZe^][b`]]^``[abR:(&+#(-+2n:)$ "*"B>%&+.(%%#$"+%IF#) K  7 \     PPh   R(=n}  ?V ~Z   !.T  =R@y       A O vAIQ>=@FA=?EFC>CCH?<=:L M N       K B     KB      MA  N P    O  V  L $>T^ Y J0  P5D *96 C   N  P  @#   X  S  @)   T  34 I G `  K+W f F%  )Y  Z  j     r   p  s   ,b EO    \3    ^  HH   MW   OW  "cJ  #TZ8  %'*+($$"%$K) _%24#,%(%%&'&$*&Z!,]!,Y(*&'(!&'"!!("%#'%]#%]' 5XbnZd[L:-%##*'%&)*(%"!'#'(,U$$\'#"l(* "4LZZY\d_[]cda\aaf]Z[Yk$#['(%g'**+$$+,&$')&#%()'$" (%%*(-$#Y)%&[#($%$#$')'%##$$#$*"&'%$"#$#Y%#+\#+$('(&""'(&#%'&#"$''!"&&$#%$#[&![$%"!%'%%'&$%%&&%%&#"!$&$#&$$\&)&j)))&&'&%$%'(&%&()'%$*&$(&$%#%]&%)t)'"'%%#'Y&*A\$ %$%%&!a/{%'&'%%&f&gL(,*$%%#+]Q`)$'!%%#DFR$,)$ &%%']-&0&+"%%(h!'#!!$*"&%%&j%&%'$,VF(%$))!#(n4$%$(!%&%$)i'"%("**%]>'%%(!+!&"+q *#%$&#(!PR$% %$)* -g/)#%&'$%%=e("*%$%&(!.0z#"%&#%$#*hE*%&#%$%%$#'!>t)'%&#%$%%$##*$'!.%&#%$!/cA$"$(%&#%$%&'$Cs"$*"%&#%&%$#$&)*7s++!(%&#%&%##$'*,$' $#')%&#%($$!'&)&$%%&" %%&#%$!&#%)#%%,(%!.%%&#%#"&! '$'!&";.&%%&#%$&$ #&%$+#J+$#%%&#%#(##,&#, bm * %%&#%"'!$( *&vM+*$)%%&#%#!&!%;?w3)$* *%%&#%$ $*#'xca-RELEASE.2.5.0/xcf/icons.xcf000066400000000000000000000404111450407711300157470ustar00rootroot00000000000000gimp xcf file@@BBrK gimp-commentCreated with The GIMPgimp-image-grid(style solid) (fgcolor (color-rgba 0.000000 0.000000 0.000000 1.000000)) (bgcolor (color-rgba 1.000000 1.000000 1.000000 1.000000)) (xspacing 10.000000) (yspacing 10.000000) (spacing-unit inches) (xoffset 0.000000) (yoffset 0.000000) (offset-unit inches)  z@S+K2@@ Pasted Layer     n{@@@@;BZ35NlqvvpskD1 G/r .,:s T *8e~ )@qx?({n%p[^90##>hxtxG<,^WKk@Q~y5UA( g|oU{Ꮛjjk^nrlonl]`iko8p*lUfC6QF 9o7MZFnTbt 8 po;zPag >oyNJlcceccf >(mq^#qm9 >K[wy23aM @e,+4Nl yk:vxuoNNMNNB9BNNIMNN4 pwz0H_kho3#1{{$couT).mt3*-t+1 o-SP0GF6(1GGF$*~wSRRSF=FRRMRRS7 x3Nfsqx8#5 $jw~Z)1u}7*0} +5 x-!ZU0MK6+6MML(*_] E4Դ0)H.++ K) F)(JR& aȣ`Y}4DD9BH T9;5.   /0&ef)#'' + $!') , #0 ^N !)-% ( &% `& (L  & r! %   " #e 50 'Z   d.71?      +$E&F O  E  68'      .$      %m1>%( >#)5$8#8k SE9B4 ! 0*#B2/#lm.' )*&&&"./+-)*'! !5*-7  ^V 3"71+ .) F+R"#* 0  ) #  # 'n&! B 3 6\   $U7M#$<Y  * $   ,%I' $/)J U    N"7@2#      7'))'      & !.#4Y-0A#/L#3>%8!v  <];K !3KI5KA[#em%o>Xt>LxK:`C%xexy?Ck\2cټQT,OōjOFwJy7ż$WVEΔhr@Gj W҇{/Vs“EaߎS~U Y>UC,ތaa7' [AуMЖqT /r w6+<ܹ\q0C6hp)^ /IYOG0<*,"ڏ@}_jsSK%34 _ : @@E#rev     Y@@0@@@A:4Nqd >7! *=,LJ'Zou5cljg,_)c?]ؙwW3k<-2 cte-Ke0 3J6F,$=d&o\8-s\A,/P)86:~v7,M54 4t&.`pj Sj;ko{B @@ E#sealsign     @@@@"$%38gDpF1U;6]aWh#:'5I8rg] 5ck%j_KU5a*|?7Z7 8GUW5 8 @@E#seal     @@@@9o=*2tzmV3gjf35›ƚ3yɢh0g}91}ťn2ZIӬ91aĽ[_ . H@K&&+_'>,z}P{'2;<f_;QD@:NE .&:/ǫRH@4 G3<2E2A1>2o0"3-Tq GNo} /4(0$<?R:\;9( T@@E#text     Fd@@x@@V8N -4^$/ZI/  IL-NFM^jRbrz`gt +6#'Q' ;BYZCUQ+,)DWC4{  J:-`MgYG%aU:--Wg\rw~iQ1  87 ";H& @@ New Layer     o@@@@%Mxµ}~vnӾ}zwu{ȵ}zxuqnki_Ĭzw¾xµ}~vnӾ}zwu{ȵ}zxuqnki_Ĭzw¾Txtµ}~vnӾ}zwu{ȵ}zxuqnki_Ĭzw¾{Mį}zuqlgbWK7ǹ{wrmjea]WTaKFBb]YTOIC5+!¿{wsnie`\XSOKFB>95TNHB;9.)/ÿ{wrnjea\XSOKFB=941,'$>820{wr|uplgT>9YTOJD?80{w~}zupfc^[SKį}zuqlgbWK7ǹ{wrmjea]WTaKFBb]YTOIC5+!¿{wsnie`\XSOKFB>95TNHB;9.)/ÿ{wrnjea\XSOKFB=941,'$>820{wr|uplgT>9YTOJD?80{w~}zupfc^[SKTį}zuqlgbWK71ǹ{wrmjea]WTaKFBb]YTOIC5+!¿{wsnie`\XSOKFB>95TNHB;9.)/ÿ{wrnjea\XSOKFB=941,'$>820{wr|uplgT>9YTOJD?80{w~}zupfc^[SK8M¿}zvspmhda\WOD1zwtomiea^[WTQMJFU?<8YUQNJC?2(!տ~zwsolheb^ZWTPMJFB?<951.LHD?68.)/ɴzwsplieb^[XTQMIGC?<851.+'$ ;620źolifb^}zvsogd`\K52QNIE@<50¾fbl{zwspmid[XURKE¿}zvspmhda\WOD1zwtomiea^[WTQMJFU?<8YUQNJC?2(!տ~zwsolheb^ZWTPMJFB?<951.LHD?68.)/ɴzwsplieb^[XTQMIGC?<851.+'$ ;620źolifb^}zvsogd`\K52QNIE@<50¾fbl{zwspmid[XURKETտ¿}zvspmhda\WOD1,zwtomiea^[WTQMJFU?<8YUQNJC?2(!տ~zwsolheb^ZWTPMJFB?<951.LHD?68.)/ɴzwsplieb^[XTQMIGC?<851.+'$ ;620źolifb^}zvsogd`\K52QNIE@<50չ¾fbl{zwspmid[XURKE4M.?QdwȺwdQ?.4d(՛d4N2NN2N4d(՛d4.?QdwȺwdQ?..?QdwȺwdQ?.4d(՛d4N2NN2N4d(՛d4.?QdwȺwdQ?.T '@WlǻlW@' >s(Ǡs>22>s(Ǡs> '@WlǻlW@' @@E#band     +@@,@@,-D8&1*%JI@*29 BkZK 3>BYc^A21SQ#"/lcT1?T;ReY;1DN: 9hX;1GI2+*fW61IJ+_V70PCMV=0Q?2GYE/BA6>_R.;=%2`U,.@;_ZE*AR8'M`U6+"@ZT<#2^_U<8 $!E=DNb`TE!MY[ZP?6($T]}td_J7*HUXY[RE8 )Uexr^Z?%%AS\XVYTB';]cfZI+;V[WUVYG-"*@_#" +<  ;3+ 3, 2.# 3"%3)3&32 11=/1 - +  =2 $?4   ! ##((! '-)  5  ;3+ 3, 2.# 3"%3)3&32 11=/1 - +  =2 $?4   ! ##((! '-)  5  'EA;#8bm3I*2| 61Y_g1 80R0#<0".l0"#>0"ũ0+щ />| Z/sy}-Kw.)MxE!$*Nwo;ĀD!NM9!J" BQ!Q 8= )] 6G\-^ ]"%.X/ˀ< @@E#Paper     3y@@3@@345:v 'gM`k!Vg>N}6o%ໟ{$b~ nռN I^ *sûmƺbjý񝠬OȵnȷtP .fIJ󯴹 Lħ򭳾M +}h׻䢣 佮kջ ir𬭭l ߯¿S 8ޒ ;.PK4argjtԦ"@YدTq&Lm|ŵǶC' 43:p 'dK\f!RVg=Jx-}o$ճt"`~ i̶N D^ (nžûmǻbf¼񝠬Kȴn Ƶ栟tN -b󯴹 H򭳾M (wcзغ䢣 ٴgտҹ 融dmʿ𬭭k ߧ¿K 6ସݑ 8(Gz}C.[lbhrԦ"@YٮRq&JhyǶC& 4&:Rm'L8o EL!;ANˬ-8jjaY!\hVpžqqdW E^Ŀ³`N}tzhE 2fitqƩG R|œR`JK됏ɻq8ˣRm햜ɌW: "J{i 6~; Y|J񡠤ȉc a|fM򡢣Ȏi euiJRĂP }c8 (nĿm *5[]f1"BOIMVi{}" -Ag=V&4KXlsvswuy3 p 7$r=Wd7 <6NnC* %7XpN0#  +HReu~b"H3%r  %N3 i ! 32 _0 \ +   E C IkUhyd;';fz _%):ZotK- Mxca-RELEASE.2.5.0/xcf/key.xcf000066400000000000000000001725141450407711300154360ustar00rootroot00000000000000gimp xcf fileBBS gimp-commentCreated with The GIMPgimp-image-grid(style intersections) (fgcolor (color-rgba 0.000000 0.000000 0.000000 1.000000)) (bgcolor (color-rgba 1.000000 1.000000 1.000000 1.000000)) (xspacing 32.000000) (yspacing 32.000000) (spacing-unit inches) (xoffset 0.000000) (yoffset 0.000000) (offset-unit inches) ³$ Schatten      s4aqX 7Xcccf]#3CScs===  *#m}gys@CWz[!# oƙl: Aݼ:zl<  vٵ]/",-RݲTQ:PĿлU31;ȪpL pasяv4 CLzЩ7$^{¹ƚr8eƺuF6_¿qiD\]Z "ǻ{B 'vϼq(bûqPlnlX@ b軄n:  *#m}gys@CWz[!# oƙl: Aݼ:zl<  vٵ]/",-RݲTQ:PĿлU31;ȪpL pasяv4 CLzЩ7$^{¹ƚr8eƺuF6_¿qiD\]Z "ǻ{B 'vϼq(bûqPlnlX@ b軄n:  *#m}gys@CWz[!# oƙl: Aݼ:zl<  vٵ]/",-RݲTQ:PĿлU31;ȪpL pasяv4 CLzЩ7$^{¹ƚr8eƺuF6_¿qiD\]Z "ǻ{B 'vϼq(bûqPlnlX@ b軄n: Z(!& #$$)(+9IKA<9:;4&!95! %,7?8EVfgaUNIJKH=17LK$  %5DFO_mwxulaZY]^bd`d]; "!#.:IR`o|upkdd`[\ipdG-#! %,,5HT[iw~{tnpxxfP?+ '14?M[epy~obK>, +:IWemwhJ=?4" %8Ocqw}jF/# $9Qhw}xvt}znZE2  &;Uky}tsnjq|p`K<.  *=Vjuyywqqkfwmj`V@2)% ,AVcotw~{xzul`f|f\LI8/#  -CS`ls{~riqusddpvqbNC>0+&"  .@N\ht}n_[egkwplhXF;4,'&$#  -8407:<65/6*+><;;: Q: : w9*|p9 28lp8 "-78'$8<9 ;<= ><;;: Q: : w9*|p9 28lp8 "-78'$8<9 ;<= ><;;: Q: : w9*|p9 28lp8 "-78'$8<9 ;<= ?<<<== *ߡdF%bثkN6ⰁY;ֺn;,vItC㘷κd$𚣾ԻǦ Л̲Ƨxҙ厉k\pļ[jFQ ?ˏ^G+$ fzuvqz z"PXs2'\WRFMJi\W5E_;; 9hiZ+f! @JMt9靈ଜ)$Qy+ F!vob,g[icGM]~-0>E> $=N??2 *ߡdF%bثkN6ⰁY;ֺn;,vItC㘷κd$𚣾ԻǦ Л̲Ƨxҙ厉k\pļ[jFQ ?ˏ^G+$ fzuvqz z"PXs2'\WRFMJi\W5E_;; 9hiZ+f! @JMt9靈ଜ)$Qy+ F!vob,g[icGM]~-0>E> $=N??2 *ߡdF%bثkN6ⰁY;ֺn;,vItC㘷κd$𚣾ԻǦ Л̲Ƨxҙ厉k\pļ[jFQ ?ˏ^G+$ fzuvqz z"PXs2'\WRFMJi\W5E_;; 9hiZ+f! @JMt9靈ଜ)$Qy+ F!vob,g[icGM]~-0>E> $=N??2 #-E]xumi^cgf`WLE?;6<@DB@7&1I4%%:Ros^jk`_\WLKID9=@88+" 4J\oxynXcneWVSNJF@96EQRJGDLRK:13*  ->P_bcuaJJMPIE;315,1AIBFFMQUOD=3+  (6GI|v\q_\gnD?EDC2%- &.3748DHPKHE>5%!  ,9Je|RA0%+/56799?D7,   ;KO3  ,=44564=ELPZ<%2A53/2>KSXKO#, &-:50-/?MTQ50A+ -7*+7.3@P=8N,!1*#A4)4;J5 .G!+2*0K8  &2--.  , 1 3$&/($##/BL`>jf]QWk\P'Y"9KT_js|~q [ B>i`x& fntrvûN%O̳ƻԕd% )Ľ5&sƿC>rͿ[>uŮ`^Ҿ0%,f{ϻmF-/2 IZyͫ}fp^  )Yk~۾TC(RhؽR +Mvص\.^۵BF@t̡a#H 2Xg˷Q&7$?`_r¥V#$67d{ͼoX0  Vwy͓K))IbuݸK&)DDjضoC)Upץv3$(AuЌbE($|ܻ\W*Nڼ}(+%zŨ *F޸>*xjf* A}skr̿L)dtaXiŮ)0SG6E`ϻ) &"@{{) *_yrvhrt~{M(ATi`eMOeX`]Zij9(*DLJF(cSDH;7I]L,!4!3(OTJ.5408B?," 5E93,B:<3$&/($##/BL`>jf]QWk\P'Y"9KT_js|~q [ B>i`x& fntrvûN%O̳ƻԕd% )Ľ5&sƿC>rͿ[>uŮ`^Ҿ0%,f{ϻmF-/2 IZyͫ}fp^  )Yk~۾TC(RhؽR +Mvص\.^۵BF@t̡a#H 2Xg˷Q&7$?`_r¥V#$67d{ͼoX0  Vwy͓K))IbuݸK&)DDjضoC)Upץv3$(AuЌbE($|ܻ\W*Nڼ}(+%zŨ *F޸>*xjf* A}skr̿L)dtaXiŮ)0SG6E`ϻ) &"@{{) *_yrvhrt~{M(ATi`eMOeX`]Zij9(*DLJF(cSDH;7I]L,!4!3(OTJ.5408B?," 5E93,B:<3$&/($##/BL`>jf]QWk\P'Y"9KT_js|~q [ B>i`x& fntrvûN%O̳ƻԕd% )Ľ5&sƿC>rͿ[>uŮ`^Ҿ0%,f{ϻmF-/2 IZyͫ}fp^  )Yk~۾TC(RhؽR +Mvص\.^۵BF@t̡a#H 2Xg˷Q&7$?`_r¥V#$67d{ͼoX0  Vwy͓K))IbuݸK&)DDjضoC)Upץv3$(AuЌbE($|ܻ\W*Nڼ}(+%zŨ *F޸>*xjf* A}skr̿L)dtaXiŮ)0SG6E`ϻ) &"@{{) *_yrvhrt~{M(ATi`eMOeX`]Zij9(*DLJF(cSDH;7I]L,!4!3(OTJ.5408B?," 5E93,B:<*)$   -  )  "$$!!!)  &%'(%!!( #+*+--*#(  !%..01231-   %*12258641.'  #*45779:9620,  $ !*3887;<<;970)&  " #-587:<>><;74.+-  &-359;660)  &-36:@BAA>97996&  #)28>ACECA>99:<3." ".5=@DHEC?=;9=:50.%"(.+ %/8753/(  '26:MTKCA==:;::>@>=6." &'T_WIB=;:78:;:BE>3+   AcdOG?:8678<;>ED<2( !  'Mn^OC><96779/& (1853:CB+. "4458BJC- $'+58@JM:.-*-3# / !%)~">r"t"!z髩Io",T?a_mOdH`/ZBR",l$DG*fgzfcC(&dɹ}jA. !K~ľl^[G! >jǹj?.)'iľ~kD0G`(8BD!][sWRRZ^]PH( (tпǽP|Sw Zu QN:Νz\H) 1Vh+-+>YO?"RbCku~S_*)& `rX-"$C0 M<ĄlnlhT,&*[Jly}y~s#X׿yZR ld9F55XL Q}α̻ƻ½-h%`(hý<ɻP 1ʬǥ棛 (_|>W?p{ - 54&m8 )\;3}r+0~2LZ~/ s滺. ,s("XhKu"s}pSI9gw!䭚!{#|#">~">r"t"!z髩Io",T?a_mOdH`/ZBR",l$DG*fgzfcC(&dɹ}jA. !K~ľl^[G! >jǹj?.)'iľ~kD0G`(8BD!][sWRRZ^]PH( (tпǽP|Sw Zu QN:Νz\H) 1Vh+-+>YO?"RbCku~S_*)& `rX-"$C0 M<ĄlnlhT,&*[Jly}y~s#X׿yZR ld9F55XL Q}α̻ƻ½-h%`(hý<ɻP 1ʬǥ棛 (_|>W?p{ - 54&m8 )\;3}r+0~2LZ~/ s滺. ,s("XhKu"s}pSI9gw!䭚!{#|#">~">r"t"!z髩Io",T?a_mOdH`/ZBR",l$DG*fgzfcC(&dɹ}jA. !K~ľl^[G! >jǹj?.)'iľ~kD0G`(8BD!][sWRRZ^]PH( (tпǽP|Sw Zu QN:Νz\H) 1Vh+-+>YO?"RbCku~S_*)& `rX-"$C0 M<ĄlnlhT,&*[Jly}y~s#X׿yZR ld9F55XL Q}α̻ƻ½-h%`(hý<ɻP 1ʬǥ棛 (_|>W?p{ - 555  4"!  0 0=A4""*>@//0O__XMU\MI5- ,%&Gdet||wphu&),#6RQfvL"  /GL_s| !12%(;GRZirG%2!;c^J=48EMZgmpzbV #ZtlmqqrxY #j}tnlsȳh#,h|zqe]am}Żj5"-c{sjdkvla("  Y|umpwjJ[%"GrxcI[ki`_YLUTYldNL11DX8%3!)\_A! B[`U+ 5=3"$4#%A1o1+%1!18,*1! ,!(=@9@@:79;%)?PZKw~Wyw|]]XnjSRHM[X>(%%BM1BM1@f]@Z]5 04  %%%%6    -#  !']J533/68*"     BofRHKKDC=6-"  !!"" "K{kaWYWSTNF?AFED>2,-7<72)',(&$$" "$" !%,.-)')+*)(&&('' Huxsicedge`^dlib\YYZRRQK>5:DDA;940*'%(--/533650.++-/.-.,. 'Gsyqrvwz|zy|{zyzwpkmnga_XQIED=6-'" ")372+)-540))+,./++-)e|xuuxyyvtvzwtsocTIMNI9!B# .~}zv3   < ʷ£}qY)0Ȣm /ӶR/țmO:.ɞTK@0.Α//|4縄oliZJ'*˪fzhV (ɮY]`K'ܳڹ( 411KA FC>9!B# .~}zv3   < ʷ£}qY)0Ȣm /ӶR/țmO:.ɞTK@0.Α//|4縄oliZJ'*˪fzhV (ɮY]`K'ܳڹ( 411KA FC>9!B# .~}zv3   < 3#!  1:960-($ /KHGEB<2*(/SRROH>8*0VUUWWN=% 3WUSY^V?$4MKQRNI0 1:9?@;899<&/&$#.  4     )**,-,,*'$! "$#"02469::840-*'$#"##"##&,/1010--*# /136677530-)&&$$#"##'*.//-143* 24699761.*'%$$%$##&',.0029:% 8:<>ACDC@=94/++**()*-/257:<3/;/,*-7<930473.+,& $*'&,'1F3 $<%$7@1(9:1  21 /7/3"1 %$9 29 -W9 6Kx9U9wy9#mr9h9"w: c9 G9N:]:U:V: 0r::j:#G=<<-<9 9 29 -W9 6Kx9U9wy9#mr9h9"w: c9 G9N:]:U:V: 0r::j:#G=<<-<9 9 29 -W9 6Kx9U9wy9#mr9h9"w: c9 G9N:]:U:V: 0r::j:#G=<<-<9 <;;=;;; << < ; ; <<= :%:8>6:bG:.|TGJ(慎vpn& ݨ^Z3IF  /RN;9  "*7<Ϯǔq]R8lwvDEb=9j\bpn ׹ø<$()֙ƿĹxuF/,2 ӾҼo_n]*ѿy{i@" տtS,x~_îɷq ıqч:e::^:IR&vq}+Ta@IcoGK^4  LjLL0 M~dbwKSwa7 B]tʾq]= =uʷM! Ryλt  (@kԹqbJ =`ִ) ?hĤS& ,HuϹ{>^ǿftA[I"CJmù#/]l+3qzY+99S|%]l Db ;^a5pZ^5>p/i_*Hr𭻨ɾ$ehWtMmyxtaP+4"T>>,)Yrdcq`+-7# 6:%:8>6:bG:.|TGJ(慎vpn& ݨ^Z3IF  /RN;9  "*7<Ϯǔq]R8lwvDEb=9j\bpn ׹ø<$()֙ƿĹxuF/,2 ӾҼo_n]*ѿy{i@" տtS,x~_îɷq ıqч:e::^:IR&vq}+Ta@IcoGK^4  LjLL0 M~dbwKSwa7 B]tʾq]= =uʷM! Ryλt  (@kԹqbJ =`ִ) ?hĤS& ,HuϹ{>^ǿftA[I"CJmù#/]l+3qzY+99S|%]l Db ;^a5pZ^5>p/i_*Hr𭻨ɾ$ehWtMmyxtaP+4"T>>,)Yrdcq`+-7# 6:%:8>6:bG:.|TGJ(慎vpn& ݨ^Z3IF  /RN;9  "*7<Ϯǔq]R8lwvDEb=9j\bpn ׹ø<$()֙ƿĹxuF/,2 ӾҼo_n]*ѿy{i@" տtS,x~_îɷq ıqч:e::^:IR&vq}+Ta@IcoGK^4  LjLL0 M~dbwKSwa7 B]tʾq]= =uʷM! Ryλt  (@kԹqbJ =`ִ) ?hĤS& ,HuϹ{>^ǿftA[I"CJmù#/]l+3qzY+99S|%]l Db ;^a5pZ^5>p/i_*Hr𭻨ɾ$ehWtMmyxtaP+4"T>>,)Yrdcq`+-7# 6=<; :  # 0&&   (7.-0'     -6?<6/+*( (..'&$&&(" "# ;HHA?=60*%""/8>DBACBBAE@:1*! &$+IMLKDA7/,-/6=HOUY[Z_^ZUI<4/(" .8,7MPKG@;5//13>GV`chpqmh`VNF==4&.6:3BMHC=84059=ASZcjtwutolgb^VK>1+  &0EHPZ`ekrvxvutqojcQ@4)& ,:>C;HLKHKHNNZbfiorvxwwtsoh]N=/#!!' //6@G@OY]V[Xakpqtrrqmmoqplg^VG8((.0""/,5@P_ed`ovomhd``^]\\`gjhec_[`fa]]bbW, 2>GNRZcgonlhgffdcafjnpmkgbdhgcaa^\C0  %+09>EP]djkmnnjiimqssplkbY\b\YWVJ@/  &.5?LZcjptsrstwxutrmge^UPQPNKHA4'"  "/:@KYcovz~{xrkif\]TMCGDC=5.+&! !+6=CO\ju}yrh_ZVTTKE>>:43.,( %0=MV_gq{zqe[UTPKIC@<83.-(#  #-7DOU[jwpf[SQMHDA>><5/)&$!  ",7@FO^kzsg^UNMJE@<:@<0-(%    '4FN\kx{uj`UOONIE=;BSH@5-%    (:2jlnhc^g`VUSY`eZVPFQfXM@31,"!LJR8:MTV^\WZ]clpedkspi[[REA620-+& ##"'*3 1(BHNY[^_`gnzx}wlcTJJGA:635:::;<<;<;<<:=:::<:::<::::;:::99::<;::::::=:::9:::<<:<<<<: !.-----,555"!!!#- -:%$!! # ""!       !!$" # $ %  ! ! ##! ! ! $ & ===============================================================1 ===============================================================1 ===============================================================1:::<;::<<<;<;:::99::=:::99::= ') % !" # " ! <;::<:::<:===:::<< =======1 =======1 =======1dd22Text 1     ^tawM *:Jz6FVfv?????? 5<977779996 5 4444??? (&%% ' ) +  5 ,?????????====================================================================================================================================================================================4:::;<=>>>>>>6976 5 43::::::;<=<:;=?<54=<;;<=> 8:<<<==<;99 !#%&*,)>>>>>=<;. // + ) ('&%$$$"" "  " %%% &)(''%$#$ % 3 * ) ) ( ================================================================================================================================================================================================:>==97555569;;;<==>>>> (     !#'+ .:::::2 2 2 1.- 210/ . . . . . <;;::;<=>a========================dd22Rand     [{›§#+AWmq+E%j/?O_o???<<<=??? % !478989999:;;;;;;;;;;<>??? >>>:><>?=>?>?=?=>>>>>=>>>>> ?????????====================================================================================================================================================================================;=<<<=<<=<<=<<<<=<====<====2333233445445555555555544332211 1 0==== )% $" ====>================<<;<;!#& )%4>=>=>=>=>==>===<>  21 0 "       ( ) <.9<<======>>>9+9=<=====?=?8        -?@??@???;!%$,"33232 1>=>=>>>>>>=;><<<<7<<<<<<<<<<,<<================================================================================================================================================================================================1====>>==>===>=>>===>=>=>=>?>=>>>>>>>>>>>====<<;;<>==><:<; ><<<====<==<==<=<<<=<=<=<=<<<<;;::9:9:::;::9778:71 $<;<& 069 * 3&'<<&========================dd22 Schlüssel     Zz s yԹ֮ہ})6<;;:<;;:<;;:<<<; e #&)+- / 0 2 3456789:;<~ e #&)+- / 0 2 3456789:;<~ e #&)+- / 0 2 3456789:;<~ e #&),-0 1 2 4 56789:;<= @=95 2 -*(&$#!  "#%'(*+,-/ 0 1  @=95 2 -*(&$#!  "#%'(*+,-/ 0 1  @=95 2 -*(&$#!  "#%'(*+,-/ 0 1  @=9 5 2-*(&$#! !#$&')*,-./1 2 3 ;::99888776665544443 3 3 3 2 2 2 2 223334566766666666445666666533210 0 / 0 0 ;::99888776665544443 3 3 3 2 2 2 2 223334566766666666445666666533210 0 / 0 0 ;::99888776665544443 3 3 3 2 2 2 2 223334566766666666445666666533210 0 / 0 0 ;::99888776665 5 4 4 4 4 3 3 3 3 2 2 2 2 2 2 4 4 4 566687777777744 566666663 3 2 100000Ð-($#!                   !#&)'Ò-($#!                   !#&)'Û-($#!                   !#&)'.*%#"!!                     !""$(*-)2 3 455667788889999;>=== 2 3 455667788889999;>=== 2 3 455667788889999;>=== 4 5 5 667788999::::< Q52 0 .         <;;=Ɛ989:;;;;;;;:989Ő:9:;;;;;;;:989?Q52 0 .         <;;=ƒ989:;;;;;;;:989Œ:9:;;;;;;;:989?Q52 0 .         <;;=ƛ989:;;;;;;;:989ś:9:;;;;;;;:989?Q5 2 1/     % ' *  K     ,??@????     ,??@????     ,??@????        !- <! ! !!##/ / 0 0 1 2 3 45678:876643 2 1 0 / .-,+*))'<! ! !!##/ / 0 0 1 2 3 45678:876643 2 1 0 / .-,+*))'<! ! !!##/ / 0 0 1 2 3 45678:876643 2 1 0 / .-,+*))'<!  !""##/001 1 2 3 4 5 6789:98765 4 3 2 1 0/.-,+*)(0 0 0 0 1 1 1 2 2 2 3 3 4455556677899:;<<>0 0 0 0 1 1 1 2 2 2 3 3 4455556677899:;<<>0 0 0 0 1 1 1 2 2 2 3 3 4455556677899:;<<>00001 1 1 2 2 2 3 3 4 4 5 5 5 5 6677899:;<=>2 =<;;:98755 3 2 1 0 /-,*(%#$'*/ 3 2 =<;;:98755 3 2 1 0 /-,*(%#$'*/ 3 2 =<;;:98755 3 2 1 0 /-,*(%#$'*/ 3  m===<;:977 5 4 3 2 1/.,+(&#$'*/3 <:;;:::::998887766555443 3 2 1 0 0 .-,+)(&%"  "$&* / 13<:;;:::::998887766555443 3 2 1 0 0 .-,+)(&%"  "$&* / 13<:;;:::::998887766555443 3 2 1 0 0 .-,+)(&%"  "$&* / 13>=<<<;;;;::99988776665 5 4 4 3 2 1 1 0.-,+)(&%"  "$&*/ 1 3%$%&' 27: k%$%&' 27: k%$%&' 27: k$&&(3 8; k?@?@?@@&%%Z&%%Z&%%Z'&%Zdd22 Hintergrund     (4@hx(8HXhxdd22xca-RELEASE.2.5.0/xcf/smartcard.xcf000066400000000000000000000622411450407711300166210ustar00rootroot00000000000000gimp xcf file^BBEHjpeg-settings Ugimp-image-grid(style intersections) (fgcolor (color-rgba 0.000000 0.000000 0.000000 1.000000)) (bgcolor (color-rgba 1.000000 1.000000 1.000000 1.000000)) (xspacing 32.000000) (yspacing 32.000000) (spacing-unit inches) (xoffset 0.000000) (yoffset 0.000000) (offset-unit inches) 'l+Xy Serial     N #gimp-text-layer(text "982845235693219567941432") (font "Sans") (font-size 8.000000) (font-size-unit pixels) (hinting yes) (antialias yes) (language "en-us") (base-direction ltr) (color (color-rgb 0.000000 0.000000 0.000000)) (justify left) (box-mode dynamic) (box-unit pixels) y y dy=iikii%kZy=Z4444?44?@㰲 44@?44A44+QA<Q6<A8TRJ+TRuPJ+UP8UJ 44m-44Km-EK44 Em-T}T>|}:::qky=y=%%Zk44 t44@?Q6C++<A+8P$8uuUJ+ K44| Em-T>|?}p<@@ Pasted Layer     Q@@@@1~yX1-+p)`ؾd(v'lq'm&n&p&p&p"e  {͈͊߼͈v͆W޳˅?ܲ˄ڰ̃ ˨ٯ̃Ԁح˂ ۇj֮Ƀ @؏ǾԬȂ ٫Ɂ ڒȀ ʲ~ ٘ «| { yxְv݂`bestϕiiYANmtte/׷r˯w>pM CѸZflQk\Fܨ_mMކ}ǐIuܕwܙ#ȝ7ﶡEĦ+dضq  p¾z("PZ$ $?F, (*/ $1~yX1-+p)`ؾd(v'lq'm&n&p&p&p"e  {͈͈͊v͆W߳˅?ݳ˄۱̃ ˨ٰ̃Ԁخ˂ ۈk׮Ƀ @ؐȿլȂ ٫Ɂ ړȀ ʳ~ ٘ «| { yxְv݂`bestϕiiYANmtte/׷r˯w>pM CѸZflQk\Fܨ_mMކ}ǐIuܕwܙ#ȝ7ﶡEĦ+dضq  p¾z("PZ$ $?F, (*/ $1~yX1-+p)`ؾd(v'lq'm&n&p&p&p"e  {͈͊߼͈v͆W޳˅?ܲ˄ڰ̃ ˨ٯ̃Ԁح˂ ۆi֮Ƀ @؏ǾԬȂ ٪Ɂ ڑȀ ɱ~ ٗ | { yxְv݂`bestϕiiYANmtte/׷r˯w>pM CѸZflQk\Fܨ_mMކ}ǐIuܕwܙ#ȝ7ﶡEĦ+dضq  p¾z("PZ$ $?F, (*/ $2 0\a.Z, ) *M`{ B )e(l' p'q& r& 't&wt$hj!dy}= 5O)wb; fD%<fF)MiF*VkF** #lF*-L|nF*Syrkd> 2pF* UޤsF) w#vF) -$xF) e${F) $F)  y$E) N$E) $E) $E)  !#E)#E) "E).ةE)rWGDJYE) !H0"&8RE( *. :[F)1G )P|.6 #! 9j :|F 8 ! 5\ /W (OCD.7_# )N;\txyxutvw _WYBex}|zyy{ bjYT dl\W fndW eniU cmiT cljS ajkS _fiQ ]8|􋌋rgA ^9qrkjjkijibUCg1ESSVTQMKJ bhiJ ckhL eohO docN di a/9 aMBCCBBFHGJMLMMk _`0 bfJ _fM agH `CsIϻ _&QOOPPOOLJGGHD3Gf443.24224 ae٢NM bhPM ahQN _eNG _eOI _fMJ `fMJ ahNJ _^ԠLJ a97557;BEGJ6F;]rpoqpqrq _U깳K9_nolnnoo `gKJ ahOJ agVI `fZH `fYH afYH bhXG ceZG a8w}e\< `8ke_^^_]]VK3X)AKDFHGEB? beٙXC bfWH ahWI _gUI `a/HONKHIHIKKIW\ZZP5 aU틌}~}}h7 * * * * * * * * * * 4 4 4 4 4 4 4 4   : ) ; )FNPMIEHHJYP=JFHIIJ= ' ;w||~}y{z~(,q|}zyyz|wwt ) U{pfbeiihgkns!x{noigffgffdbfgghfiji ] FogfddejyOcmeiodeffeffdcefiijihf ,nffiUxh_beZaggfggfegifghh ~a~khhfbi v|mefi^gllklkklnmlghfefhi ]{lfggfkk|ywy||}}zwljfccehk ]*}cbeddedfow  crjdbbehl ]1|`_baadcbcluOUUVYYU[_\XXYXXVMnlkdcbehk _5}`cffefdjqptomnmhpssrsstrpmgeefhj _8iillkjjkls}!mhdbcb^dffeffgjihihgghh `>rpqqrqwzggdcgheeffecadejiihgf e*PDEFFGJSSOON mddfklhghhghffhjqp\Xcfefddi i%#""#! #pecfjhaceghedchmy8 `>ysttwutv~hcbgkibceghedbioqYt{~vuvql Z.spgcdegghhilxr`]aglicdegheddhoq\pztihgfi Z*nhfeffhgikjjmc_cdhkicdegheddgoohtpj`cb]b ].qiighiijldbgghigabeghedchqikunh^adch ^2ulgeffghnikmihhf`beghedchojilgb\bgfh ^/rjgghiol!qqiffaceghedchojhiebahmii ]-qhdbbcdnm"qogdegedeghedchokkmhghoqjg ]1xqjggfggmiljcafjjfeghedchojjkfflja^ `9zywvvtwz{wofjf__ekkfeghfddholqwtutywnm j"'(%#ke\^dhgeeghfeejpp.22324301 b6nkb__^XPNPTY!nf__ehedeghfeejqr:47757765 ]7|soonopr|nfbcghddeghfeejpnr~ywuz|yz [-skiggihgfhsi!mhggiicdeghfeejql`ijc]bhfh \,mefgghgflY$kijijhcdeghfeejpnjoib]chhj ^/qidcciS$kjkkhcdeghfdejoolnhb\agej _3umgeejT$jiijkhcdeghfdekqmopke_cgfj ^1unjhhnW$khghjicdeghfdfjpgklie^bebe \,qlgffgr\%kgefhhcdeghfdfiqckkhbeeac [1}ytrrsrrvh$ghgdfieedcefedhre!uvxwruvqr ]==@@?AJ^D"bolccjihc^aghcdokSOSRNS^ae \.(()&(&nsnfejkic`bhhcdom#"$%"#! ];{yyz|{vu^%kjjeeinmgbejicdol#wwyutywop [3sfdccdcedcdgP&ohca__fnkfhmlefpjkjpminnhi \0yfbbcdgY.ujib]enkfhmlefpiiikhcggcf ]/uafhhiijkkjlW.~}uorxvns|shife`cdad ^/ydabbdepe "(%'$!/..79qmliejkhh `-{idccdeeiyMGG@GLHGHFCFK?: 7ɽ 7&7%7&7%7 7[< n:d#S9z: j8eos+8hypT8kfm97kdfrX 7qfXfj 7ofZak7lf_fl7igell7ghkrp7jlnqn7 7ihnrr7ignww7cbgqt7lsu7mnlrv7da]fn 7a\X`j 7fe_en7~|7656:A 71010,7yuz{7filtx7fbcnr7gfdkq7lkflr7lkeip7hg_fo7tpkpu7f`a`_ 7 7popp7a`fpo 7dglvv7los|7[Ybov7[\dpn 7=:9998888888888888888888888888888888888888 ( ( ( ( ( ( ( ( ( (((((((((((((((((((((((((((((((((((((((((((((((((((( ( ( ( ( ( ( ( ( ( (((((((((((((((((((((((((((((((((((((((((((((((((((( ( ( ( ( ( ( ( ( ( (((((((((((((((((((((((((((((((((((((((((((((((((((( f:V ~m ] P X݉\ %%E ݣ# lvF 4,Oy r;cuJ Ӏ-      4 4 4 4 4 4 4 4 * * * * * * * * * * c4M |b YF T ԁS #! ܅< ݣ"ai9 / &Kuh/[~lD ւ.     4 4 4 4 4 4 4 4 * * * * * * * * * * dtphffhingemziowogmkgkstrr~a"tfdb]cfdg |Z|jfhhijihfgoibgtehnhafdafnmfj{D!ufb_]aece ӽ)ofhlonkgcbhhghjhhihgjfdjnibjyAunggdcfgd LUvgde`abdfhkllkjkc\\qyD srokhgiijl  S~wkd]^chlgddbim`YgN]qgfbaab`dl  =|~urv|xttsvvz}v:o|wstqruwwm 1 '@FCDHJIIHHIHD>;E>DWNHJIGIGIH8 })   4 4 4 4 4 4 4 4 * * * * * * * * * *+++**D(('D f̪̪f?7s$7+S7`8q`8O R9!d:Q<7o!7'P7[8j\8KM9`:N<fgn~X7dgv87YazvM8fu1 8|<Y8['O9 ^:P<88898:;=~((((((((((((((((( ( ( ( ( ( ( ( ( ( ((((((((((((((((( ( ( ( ( ( ( ( ( ( ((((((((((((((((( ( ( ( ( ( ( ( ( ( d/2^Card     X^Xdd^X\\``bbdy.R0R 1R 2R 3R 3R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R.Z0Z 1Z 2Z 3Z 3Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z.y0y 1y 2y 3y 3y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y.0 1 2 3 3 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4@R@Z@y@R.R,R+R*R)R)R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(Z.Z,Z+Z*Z)Z)Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(y.y,y+y*y)y)y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(.,+*))((((((((((((((((((((((((((((((((((((((((((((((((((((((( 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 3R 3R 2R 1R0R.R 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 3Z 3Z 2Z 1Z0Z.Z 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 3y 3y 2y 1y0y.y 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 3 3 2 10.RZyR(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R)R)R*R+R,RZ(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z)Z)Z*Z+Z,Zy(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y)y)y*y+y,y((((((((((((((((((((())*+,d/2