pax_global_header00006660000000000000000000000064147715650770014535gustar00rootroot0000000000000052 comment=a2baa17f7995746b4706708e1101f02528d55399 xca-RELEASE.2.9.0/000077500000000000000000000000001477156507700133775ustar00rootroot00000000000000xca-RELEASE.2.9.0/.github/000077500000000000000000000000001477156507700147375ustar00rootroot00000000000000xca-RELEASE.2.9.0/.github/workflows/000077500000000000000000000000001477156507700167745ustar00rootroot00000000000000xca-RELEASE.2.9.0/.github/workflows/cmake.yaml000066400000000000000000000065431477156507700207500ustar00rootroot00000000000000name: CMake on: [ push, pull_request ] env: BUILD_TYPE: Release MSYS: D:\msys2 jobs: build: strategy: matrix: os: [ ubuntu, macos, windows ] qt: [ "5.15.2", "6.6.2" ] include: - os: ubuntu generator: Unix Makefiles openssl_root: /usr artifact: build/xca-*-Linux.tar.gz host: linux runs: ubuntu-latest - os: macos generator: Unix Makefiles openssl_root: /opt/homebrew/opt/openssl artifact: build/xca-*.dmg host: mac runs: macos-latest - os: windows generator: MinGW Makefiles openssl_root: D:\msys2\msys64\mingw64 artifact: | build/xca-*.msi build/xca-portable-*.zip host: windows - os: windows qt: "5.15.2" winarch: win64_mingw81 runs: windows-2019 exclude: - os: windows qt: "6.6.2" - os: macos qt: "5.15.2" runs-on: ${{matrix.runs}} steps: - name: Install Python 3.10 uses: actions/setup-python@v5 with: python-version: "3.10" - name: Install Sphinx run: | python -m pip install --upgrade pip pip install sphinx - name: Install Qt uses: jurplel/install-qt-action@v3 with: arch: ${{matrix.winarch}} version: ${{matrix.qt}} - name: Install MSYS2 and OpenSSL on Windows uses: msys2/setup-msys2@v2 if: matrix.os == 'windows' with: location: ${{env.MSYS}} msystem: mingw64 install: mingw-w64-x86_64-openssl openssl-devel base-devel mingw-w64-x86_64-gcc - name: Brew install OpenSSL if: matrix.os == 'macos' run: brew install openssl - name: Checkout XCA uses: actions/checkout@v4 with: fetch-depth: 0 - name: Configure # No YAML Multiline mechanism (>, |, \, >-, >+2 whatever) works as expected # Give up. Live with the long line run: cmake -B ${{github.workspace}}/build -G "${{matrix.generator}}" -DCMAKE_BUILD_TYPE=${{env.BUILD_TYPE}} -DOPENSSL_ROOT_DIR=${{matrix.openssl_root}} --warn-uninitialized -DCMAKE_OSX_ARCHITECTURES=arm64 -DCMAKE_OSX_DEPLOYMENT_TARGET="10.15" - name: Build run: cmake --build ${{github.workspace}}/build -j 5 -v - name: Fixup after WindeployQT and Install if: matrix.os == 'windows' run: | cd ${{env.MSYS}}\msys64\mingw64\bin cmake -E copy libgcc_s_seh-1.dll libstdc++-6.dll libwinpthread-1.dll ${{github.workspace}}\build cmake --build ${{github.workspace}}/build -t install - name: Test # Execute tests defined by the CMake configuration. # See https://cmake.org/cmake/help/latest/manual/ctest.1.html for more detail run: | cmake --build ${{github.workspace}}/build -t tests ctest --test-dir ${{github.workspace}}/build -L console - name: Install if: matrix.os != 'windows' run: DESTDIR=${{github.workspace}}/build/INSTALL cmake --build ${{github.workspace}}/build --config ${{env.BUILD_TYPE}} -t install - name: Pack run: | cd ${{github.workspace}}/build cpack -C ${{env.BUILD_TYPE}} - name: Deploy uses: actions/upload-artifact@v4 with: path: ${{matrix.artifact}} name: ${{matrix.os}}-${{matrix.qt}} xca-RELEASE.2.9.0/.gitignore000066400000000000000000000001111477156507700153600ustar00rootroot00000000000000*.o *.obj *.rej *.orig *.dll *.h.gch ui_*.h moc_* xca misc/variables.wxi xca-RELEASE.2.9.0/AUTHORS000066400000000000000000000002111477156507700144410ustar00rootroot00000000000000Christian Hohnstädt Programming, translation, testing Kerstin Steinhauff Arts, Graphics xca-RELEASE.2.9.0/CMakeLists.txt000066400000000000000000000247571477156507700161560ustar00rootroot00000000000000cmake_minimum_required(VERSION 3.13.0) project(xca DESCRIPTION "X Certificate and Key management" HOMEPAGE_URL http://xca.hohnstaedt.de LANGUAGES CXX ) file(READ VERSION.txt ver) string(REGEX MATCH "([0-9\.]*)" _ ${ver}) set(PROJECT_VERSION ${CMAKE_MATCH_1}) cmake_host_system_information(RESULT OS_DATA_LIST QUERY OS_NAME OS_RELEASE OS_VERSION OS_PLATFORM) list(JOIN OS_DATA_LIST " -- " OS_DATA) message(STATUS ${OS_DATA}) string(REGEX MATCH "([0-9]+\.[0-9]+\.[0-9]+)" OSX_SDK_MINIMUM ${CMAKE_OSX_DEPLOYMENT_TARGET} ".0.0.0") include(GNUInstallDirs) include(CTest) ##### Git command to tweak the version and commit hash include(cmake/git_version.cmake) file(WRITE ${PROJECT_BINARY_DIR}/PKGVERSION.txt ${PROJECT_VERSION}\n) ##### Build specifications find_program(CCACHE_EXECUTABLE ccache) mark_as_advanced(CCACHE_EXECUTABLE) if(CCACHE_EXECUTABLE) if(NOT DEFINED CMAKE_CXX_COMPILER_LAUNCHER AND NOT CMAKE_CXX_COMPILER MATCHES ".*/ccache") message(STATUS "Enabling ccache") set(CMAKE_CXX_COMPILER_LAUNCHER ${CCACHE_EXECUTABLE} CACHE STRING "") endif() endif() set(ADDRESS_SANITIZER OFF CACHE BOOL "Enable Address sanitizing") set(APPSTORE_COMPLIANT OFF CACHE BOOL "Create an Appstore compliant, sandboxed app") set(PROVISIONPROFILE "" CACHE STRING "Location of the embedded.provisionprofile") if (APPSTORE_COMPLIANT) set(APPLE_DEVELOPER_CERT "3rd Party Mac Developer Application") set(APPSTORE -appstore-compliant) else() set(APPLE_DEVELOPER_CERT "Developer ID Application") endif() if(APPLE) execute_process(COMMAND security find-identity -v ERROR_QUIET OUTPUT_VARIABLE IDCHECK) string(FIND "${IDCHECK}" "${APPLE_DEVELOPER_CERT}" matchres) if(matchres EQUAL -1) unset(APPLE_DEVELOPER_CERT) endif() endif() set(CMAKE_POSITION_INDEPENDENT_CODE ON) set(CMAKE_CXX_STANDARD 17) set(CMAKE_CXX_STANDARD_REQUIRED ON) set(CMAKE_AUTOMOC ON) set(CMAKE_AUTORCC ON) set(CMAKE_AUTOUIC_SEARCH_PATHS "${PROJECT_SOURCE_DIR}/ui") set(CMAKE_AUTOUIC ON) add_compile_definitions(OPENSSL_SUPPRESS_DEPRECATED QT_MESSAGELOGCONTEXT) add_compile_options(-Wall -Wextra -Wno-unknown-pragmas) if (ADDRESS_SANITIZER) add_compile_options(-fsanitize=address -O1 -fno-omit-frame-pointer -g) set(ASAN_LIB -fsanitize=address) endif() if (CMAKE_CXX_COMPILER_ID MATCHES Clang|GNU) add_compile_options(-fmacro-prefix-map=${PROJECT_SOURCE_DIR}=.) endif() file(GLOB UI_FILES ${CMAKE_AUTOUIC_SEARCH_PATHS}/*.ui) configure_file(local.h.in local.h) ##### Libraries and executables add_library(xcalib STATIC) add_executable(${CMAKE_PROJECT_NAME} img/imgres.qrc lib/main.cpp ${UI_FILES} ${PROJECT_BINARY_DIR}/local.h) add_executable(xcadoc ${PROJECT_BINARY_DIR}/local.h) add_executable(xcaexport ${PROJECT_BINARY_DIR}/local.h) include_directories(${PROJECT_BINARY_DIR} ${PROJECT_SOURCE_DIR}) if (NOT OPENSSL_VERSION) # Educated guess set(OPENSSL_VERSION 3.0.0) endif() if (APPLE) execute_process(COMMAND brew --prefix OUTPUT_STRIP_TRAILING_WHITESPACE OUTPUT_VARIABLE BREW_PREFIX ERROR_QUIET) # Preset the default brew paths.... if (NOT CMAKE_PREFIX_PATH) set(CMAKE_PREFIX_PATH ${BREW_PREFIX}/opt/qt@6/ ${BREW_PREFIX}/opt/openssl@3) endif() elseif(WIN32) if (NOT CMAKE_PREFIX_PATH) set(CMAKE_PREFIX_PATH $ENV{UserProfile} $ENV{PROGRAMFILES}/OpenSSL-Win64) endif() if (OPENSSL_VERSION VERSION_GREATER_EQUAL 3.0.0) set(OPENSSL_LIBRARY_MAJOR "3") else() set(OPENSSL_LIBRARY_MAJOR "1_1") endif() file(TO_CMAKE_PATH $ENV{WINDIR}/system32 SYSTEM32) endif() set(QTFIXEDVERSION Qt6 Qt5 CACHE STRING "Force a specific QT version 'Qt5' or 'Qt6'") find_package(OpenSSL REQUIRED) find_package(QT NAMES ${QTFIXEDVERSION} REQUIRED COMPONENTS Core) set(QT Qt${QT_VERSION_MAJOR}) find_package(${QT} REQUIRED COMPONENTS Core Widgets Sql Help LinguistTools) find_package(${QT} QUIET COMPONENTS Test) include(cmake/openssl_v_err.cmake) if (${QT_VERSION} VERSION_LESS 5.10.0) message(FATAL_ERROR "Qt-${QT_VERSION} not supported, please use at least Qt-5.10.1") endif() message(STATUS "Using ${QT} with version ${QT_VERSION}") get_target_property(qmake_executable ${QT}::qmake IMPORTED_LOCATION) get_filename_component(_qt_bin_dir "${qmake_executable}" DIRECTORY) if (NOT OPENSSL_ROOT_DIR) get_filename_component(OPENSSL_ROOT_DIR ${OPENSSL_INCLUDE_DIR} DIRECTORY) endif() file(TO_CMAKE_PATH ${OPENSSL_ROOT_DIR} OPENSSL_ROOT_DIR) target_link_libraries(xcalib OpenSSL::Crypto ${QT}::Widgets ${QT}::Core ${QT}::Sql ${QT}::Help ${ASAN_LIB} ) target_link_libraries(xcadoc OpenSSL::Crypto ${QT}::Core ${ASAN_LIB} ) target_link_libraries(xcaexport ${QT}::Core ${ASAN_LIB}) target_link_libraries(${CMAKE_PROJECT_NAME} ${ASAN_LIB} xcalib) if (APPLE) find_library(IOKIT_LIBRARY IOKit) find_library(COREFOUNDATION_LIBRARY CoreFoundation) target_link_libraries(${CMAKE_PROJECT_NAME} ${IOKIT_LIBRARY} ${COREFOUNDATION_LIBRARY} ) set(CMAKE_MACOSX_BUNDLE ON) # Avoid bin/ sub-directory in DMG set(RUNTIME_DEST .) set(CMAKE_CXX_VISIBILITY_PRESET hidden) elseif(WIN32) set(RUNTIME_DEST ${CMAKE_PROJECT_NAME}-portable-${PROJECT_VERSION}) if (${QT_VERSION} VERSION_LESS 6.7.0) set(WINDOWSSTYLE "windowsvistastyle") else() set(WINDOWSSTYLE "modernwindowsstyle") endif() else() set(RUNTIME_DEST ${CMAKE_INSTALL_BINDIR}) endif() macro(guid content) string( UUID GUID NAMESPACE f243d4ea-d51d-42fc-a3c0-4eb186c55d34 NAME ${content} TYPE SHA1 ) endmacro() macro(WixFile filename content) file(WRITE ${filename} "\n" "\n\n" ${content} "\n\n") endmacro() add_custom_target(tests) ##### Sub directories add_subdirectory(lib) add_subdirectory(widgets) include(lang/CMakeLists.txt) include(misc/CMakeLists.txt) include(doc/CMakeLists.txt) include(img/CMakeLists.txt) include(test/CMakeLists.txt) install(TARGETS ${CMAKE_PROJECT_NAME} RESOURCE DESTINATION Resources BUNDLE DESTINATION . RUNTIME DESTINATION ${RUNTIME_DEST} ) set(CPACK_PACKAGE_VERSION "${PROJECT_VERSION}") ############################################### ##### Host specific settings if(APPLE) set_target_properties(${CMAKE_PROJECT_NAME} PROPERTIES MACOSX_BUNDLE TRUE XCODE_ATTRIBUTE_INSTALL_PATH /Applications XCODE_ATTRIBUTE_SKIP_INSTALL No RESOURCE "${APP_RESOURCES}" ) find_program(MACDEPLOYQT_EXECUTABLE macdeployqt HINTS ${_qt_bin_dir}) find_program(INSTALL_NAME_TOOL install_name_tool HINTS ${_qt_bin_dir}) add_custom_command(TARGET ${PROJECT_NAME} POST_BUILD COMMAND ${MACDEPLOYQT_EXECUTABLE} $/../.. -always-overwrite ${APPSTORE} COMMENT "Running macdeployqt..." ) foreach(installdir ${CMAKE_PREFIX_PATH}) add_custom_command(TARGET ${PROJECT_NAME} POST_BUILD COMMAND test ! -e $/../PlugIns/sqldrivers/libqsqlmysql.dylib || ${INSTALL_NAME_TOOL} -change ${installdir}/lib/libmariadb.3.dylib @rpath/libmariadb.3.dylib $/../PlugIns/sqldrivers/libqsqlmysql.dylib ) endforeach() if (PROVISIONPROFILE) add_custom_command(TARGET ${PROJECT_NAME} POST_BUILD COMMAND cmake -E copy ${PROVISIONPROFILE} $/../embedded.provisionprofile) endif() if (DEFINED APPLE_DEVELOPER_CERT) add_custom_command(TARGET ${PROJECT_NAME} POST_BUILD COMMAND codesign --deep --signature-size=96000 --options=runtime --timestamp --entitlements ${PROJECT_SOURCE_DIR}/misc/entitlement${APPSTORE}.plist --force -s ${APPLE_DEVELOPER_CERT} $/../.. COMMENT "Running codesign for ${APPLE_DEVELOPER_CERT} ..." ) endif() set(CPACK_BUNDLE_NAME ${PROJECT_NAME}) set(CPACK_GENERATOR "DragNDrop") #;productbuild") elseif(WIN32) find_program(WINDEPLOYQT_EXECUTABLE windeployqt HINTS ${_qt_bin_dir}) add_custom_command(TARGET ${CMAKE_PROJECT_NAME} POST_BUILD COMMAND ${WINDEPLOYQT_EXECUTABLE} $ --dir ${CMAKE_BINARY_DIR} --compiler-runtime --no-translations COMMENT "Running windeployqt on ${CMAKE_PROJECT_NAME} ..." ) add_custom_command(TARGET xcadoc POST_BUILD COMMAND ${WINDEPLOYQT_EXECUTABLE} $ --dir ${CMAKE_BINARY_DIR} --no-translations COMMENT "Running windeployqt on xcadoc ..." ) add_custom_command(TARGET xcaexport POST_BUILD COMMAND ${WINDEPLOYQT_EXECUTABLE} $ --dir ${CMAKE_BINARY_DIR} --no-translations COMMENT "Running windeployqt on xcaexport ..." ) set(QT_USE_QTMAIN TRUE) set(CPACK_GENERATOR WIX) set(CPACK_PACKAGE_VENDOR "Christian Hohnstädt") set(CPACK_WIX_TEMPLATE "${PROJECT_SOURCE_DIR}/misc/xca.wxs") set(CPACK_WIX_UPGRADE_GUID "23fdacfe-3ef8-45b4-81e8-b0c90244c217") set(CPACK_WIX_UI_BANNER "${PROJECT_SOURCE_DIR}/img/banner.bmp") set(CPACK_WIX_UI_DIALOG "${PROJECT_SOURCE_DIR}/img/dialog.bmp") set(CPACK_WIX_LICENSE_RTF "${PROJECT_SOURCE_DIR}/misc/copyright.rtf") set(CPACK_WIX_EXTRA_SOURCES ${CMAKE_BINARY_DIR}/language.wxs ${CMAKE_BINARY_DIR}/doc/documentation.wxs ${CMAKE_BINARY_DIR}/misc/misc.wxs ${CMAKE_BINARY_DIR}/misc/dynamic.wxs ) target_link_options(${CMAKE_PROJECT_NAME} PRIVATE -mwindows -MD) install(DIRECTORY ${CMAKE_BINARY_DIR}/platforms ${CMAKE_BINARY_DIR}/sqldrivers ${CMAKE_BINARY_DIR}/styles DESTINATION ${RUNTIME_DEST} ) install(FILES ${CMAKE_BINARY_DIR}/${QT}Core.dll ${CMAKE_BINARY_DIR}/${QT}Gui.dll ${CMAKE_BINARY_DIR}/${QT}Help.dll ${CMAKE_BINARY_DIR}/${QT}Sql.dll ${CMAKE_BINARY_DIR}/${QT}Widgets.dll ${CMAKE_BINARY_DIR}/libgcc_s_seh-1.dll ${CMAKE_BINARY_DIR}/libstdc++-6.dll ${CMAKE_BINARY_DIR}/libwinpthread-1.dll ${SYSTEM32}/vcruntime140.dll ${OPENSSL_ROOT_DIR}/bin/libcrypto-${OPENSSL_LIBRARY_MAJOR}-x64.dll DESTINATION ${RUNTIME_DEST} ) install(CODE "execute_process(COMMAND cmake -E chdir \${CMAKE_INSTALL_PREFIX} tar cvf ${RUNTIME_DEST}.zip --format=zip -- ${RUNTIME_DEST})") set(CMAKE_INSTALL_PREFIX ${CMAKE_BINARY_DIR}) else() if(CMAKE_INSTALL_PREFIX_INITIALIZED_TO_DEFAULT) set(CMAKE_INSTALL_PREFIX /usr/local CACHE PATH "Default installation directory" FORCE) endif() message(STATUS "PREFIX: " ${CMAKE_INSTALL_PREFIX}) set(CPACK_SOURCE_GENERATOR "TGZ") set(CPACK_SOURCE_IGNORE_FILES \\.git/ build/ ".*~$") set(CPACK_VERBATIM_VARIABLES YES) endif() include(CPack) xca-RELEASE.2.9.0/COPYRIGHT000066400000000000000000000032511477156507700146730ustar00rootroot00000000000000 Copyright (C) 2001 - 2024 Christian Hohnstaedt. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. - Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - Neither the name of the author nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. This program links to software with different licenses from: - https://www.openssl.org which includes cryptographic software written by Eric Young (eay@cryptsoft.com)" - https://www.qt.io xca-RELEASE.2.9.0/Dockerfile000066400000000000000000000012661477156507700153760ustar00rootroot00000000000000ARG REGISTRY_PREFIX='' ARG CODENAME=noble FROM ${REGISTRY_PREFIX}ubuntu:${CODENAME} as builder ENV DEBIAN_FRONTEND noninteractive RUN set -x \ && apt update \ && apt upgrade -y \ && apt install --yes --no-install-recommends \ build-essential libssl-dev pkg-config ninja-build \ python3-sphinxcontrib.qthelp git cmake locales \ qt6-base-dev qt6-tools-dev ARG BUILD_DIR=/tmp/build COPY . ${BUILD_DIR} RUN set -x \ && cd ${BUILD_DIR} \ && cmake -B BUILD -G Ninja \ && cmake --build BUILD \ && cmake --install BUILD \ && cd \ && mv ${BUILD_DIR}/misc/docker_start.sh / \ && rm -rf ${BUILD_DIR} RUN mkdir -p /home/user && chmod 0777 /home/user ENTRYPOINT ["/docker_start.sh"] xca-RELEASE.2.9.0/INSTALL.docker000066400000000000000000000035111477156507700156760ustar00rootroot00000000000000 This is a short overview of how to build and run XCA using docker. Install docker ============== To install docker, follow the instructions provided at https://docs.docker.com/install/ Build XCA container =================== Use the following command to build XCA container: docker build --rm --tag xca . This will build a container named "xca" using default configuration. Build options ------------- There are some options to customize build. Use dockers "--build-arg" option to add options. CODENAME : code name of ubuntu version example: --build-arg CODENAME=jammy PARALLELMFLAGS : make flags for parallel build example: --build-arg PARALLELMFLAGS=-j2 Run XCA ======= Once the container is built, run it using the following command: docker run --rm -it -e USER_ID=`id -u` --network=host \ -e DISPLAY=$DISPLAY -e "QT_X11_NO_MITSHM=1" \ xca Share local directory --------------------- Use docker volumes to share a local directory. This might be useful to store data base files. mkdir -p ./some_local_directory docker run --rm -it -e USER_ID=`id -u` --network=host \ -e DISPLAY=$DISPLAY -e "QT_X11_NO_MITSHM=1" \ -v ./some_local_directory:/backup \ xca This makes ./some_local_directory accessible in the container as /backup. Run over X-Forwarding with SSH ------------------------------ To run with X-Forwarding over an SSH connection, you can mount .Xauthority. If the application windows doesn't show up, likely you also want to switch to OpenGL done in software: docker run --rm -it --network=host \ -e DISPLAY=$DISPLAY -e "QT_X11_NO_MITSHM=1" -e LIBGL_ALWAYS_SOFTWARE=1 \ -v $HOME/.Xauthority:/home/user/.Xauthority \ xca Note: the environment variable USER_ID doesn't need to be set, since USER_ID is derived from ownership of .Xauthority file. xca-RELEASE.2.9.0/README.md000066400000000000000000000122451477156507700146620ustar00rootroot00000000000000# XCA - X Certificate and Key Management [![CMake](https://github.com/chris2511/xca/actions/workflows/cmake.yaml/badge.svg)](https://github.com/chris2511/xca/actions/workflows/cmake.yaml) ## __Release Notes__ * The latest release is *2.9.0* * This release fixes some minor issues: * Improve remote database support on macosx * Do not revoke renewed certificate with same serial * Fix default template finding on linux * Use latest OpenSSL and Qt releases for the precompiled releases. * Please report issues on github ## __Changelog:__ A detailed changelog can be found here: ## __Documentation__ This application is documented in the *Help* menu and here: ## __Build from Source__ ### Dependencies To build XCA you need: - a toolchain - cmake: https://cmake.org - Qt5 or Qt6: https://www.qt.io (5.10.1 or higher) - OpenSSL: https://www.openssl.org (1.1.1 or higher) or libressl-3.6.x - Sphinx-Build: https://www.sphinx-doc.org ### Linux / Unix - Install the dependencies ``` # Bookworm sudo apt install build-essential libssl-dev pkg-config cmake qttools5-dev python3-sphinxcontrib.qthelp # Bullseye sudo apt install build-essential libssl-dev pkg-config cmake qttools5-dev python3-sphinx # Either Qt5 sudo apt install qtbase5-dev qttools5-dev-tools libqt5sql5 libqt5help5 qttools5-dev # Or Qt6 sudo apt install qt6-base-dev qt6-tools-dev ``` - Clone: `git clone https://github.com/chris2511/xca.git` - Configure: `cmake -B build xca` - Make: `cmake --build build -j5` - Install: `sudo cmake --install build` - Or install local and copy later as root: `DESTDIR=DEST cmake --install build --prefix /usr` ### Apple macos - Install the dependencies ``` xcode-select --install brew install openssl@3 qt6 python3 cmake pip3 install sphinx ``` - Clone: `git clone https://github.com/chris2511/xca.git` - Configure: `cmake -B build xca` - Make: `cmake --build build -j5` - Build the DMG: `cd build && cpack` - Build the PKG: `cd build && cpack -G productbuild` XCA can be used with Xcode after initializing the directory with: `cmake -G Xcode -B .` ### Windows - Install the dependencies - Install Python 3.11 for windows from the store or https://www.python.org/downloads/windows/ - Install OpenSSL from here: https://slproweb.com/download/Win64OpenSSL-3_1_5.msi and verify the sha256 from https://github.com/slproweb/opensslhashes/blob/master/win32_openssl_hashes.json - To install the Qt libraries, cmake and the MinGW compiler [aqtinstall](https://github.com/miurahr/aqtinstall) is used. Sphinx is used to generate the documentation ``` pip3 install sphinx aqtinstall ``` - Add the PATH shown by pip to your PATH - Install Qt, cmake and the MinGW toolchain ``` aqt install-qt windows desktop 6.6.3 win64_mingw aqt install-tool windows desktop tools_mingw90 qt.tools.win64_mingw900 aqt install-tool windows desktop tools_vcredist qt.tools.vcredist_64 ``` - If 7z is missing, install it from the store. `7-Zip File Manager (unofficial)` or from 7-zip.org - Install the "vcredist\\vcredist_64.exe" - Add cmake, MinGW, OpenSSL and Qt6 to your Path ``` %USERPROFILE%\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.10_qbz5n2kfra8p0\LocalCache\local-packages\Python310\Scripts; %USERPROFILE%\AppData\Local\Microsoft\WindowsApps; %USERPROFILE%\Tools\CMake_64\bin; %USERPROFILE%\Tools\mingw_64\bin; %USERPROFILE%\6.6.3\mingw_64\bin; ``` - Create `CMAKE_PREFIX_PATH` environment variable: ``` %USERPROFILE%\6.6.3\mingw_64\lib\cmake ``` - Install `https://wixtoolset.org/releases/` if you want to create the MSI installer - Clone: `git clone https://github.com/chris2511/xca.git` - Configure: `cmake -B build -G "MinGW Makefiles" xca` - Make: `cmake --build build -j5` - Create the Portable App: `cmake --build build -t install` - Build the MSI installer (and the Portable App): `cd build ; cpack` ## __SQL Remote Database Drivers__ MySQL plugins are not shipped with QT anymore because of license issues. ### Linux - Debian: `libqt6sql6-psql` `libqt6sql6-mysql` or `libqt6sql6-odbc`. - RPM: `libqt6-database-plugin-pgsql` `libqt6-database-plugin-mysql` `libqt6-database-plugin-odbc` They should pull in all necessary dependencies. ### Apple macos - **PostgreSQL**: Install the https://postgresapp.com/ - **ODBC**: It requires the `/usr/local/opt/libiodbc/lib/libiodbc.2.dylib`. When installing unixodbc via `brew` the library must be symlinked from `/opt/homebrew/Cellar/libiodbc/3.52.16/lib/libiodbc.2.dylib` - **MariaDB**: Driver included since XCA 2.8.0 ### Windows - **PostgreSQL**: https://www.enterprisedb.com/downloads/postgres-postgresql-downloads (Commandline tools). Add the `bin` directory of the Postgres installation directory to your PATH (C:\\Program Files\\PostgreSQL\\16) - **ODBC**: Use the `ODBC Datasources 64bit app` to configure the SQL Server - **MariaDB (MySQL)**: Install the Plugin from here: https://github.com/thecodemonkey86/qt_mysql_driver. Select the MinGW variant and install it as documented. xca-RELEASE.2.9.0/VERSION.txt000066400000000000000000000000061477156507700152610ustar00rootroot000000000000002.9.0 xca-RELEASE.2.9.0/changelog000066400000000000000000001103721477156507700152550ustar00rootroot00000000000000xca 2.9.0 Fri Mar 28 2025 ------------------------- * Add PostgreSQL driver to Mac OSX * Update libraies: OpenSSL 3.4.1, QT 6.8.3 * Close #603: xca.exe(portable) without signature * Close #643: secp521r1 ssh fingerprints incorrect * Close #641: Keep serial number & revoke old certificate * Close #642: macOS MariaDB plugin requires SSL * Close #640: Fix mysql on Mac OSX * Close #602: Linux/Flatpak: default template TLS_server is missing xca 2.8.0 Sun Oct 13 2024 ------------------------- * Add SHA3 algorithms to the select box * Close #593: App freezes/crashes when trying to export certain keys * Close #306 #537: Allow Database-driver options in config file * Close #537: macos: Compile mariadb-connector and qsqlmysql * Close #152: How can we specify the Cryptographic Service Provider * Close #590: MacOS OpenSSL legacy provider not loaded * Close #199: Templates and Key Identifiers * Close #239: Check existing Name Constraints * Add OpenSSL PURPOSE and validation results * Close #587: Incomplete refactoring of adapt_explicit_subj * Combine #90 and #315 and support UPN in name constraints * Close #90, #361: Name Constraints (RFC5280 section 4.2.1.10) * Close #296: Proper plurals * Close #88: Export to multiple files with common or individual password * Close #313: Support JWK export format of certificates * Close #359: Symlink to PKCS#11 lib resolved * Close #552: issues with icons in gnome dock * Close #315 Support UPN type for EAP/802.1X certificate * Add korean translation * Close #287: template don't save/restore correctly * Close #351: a1int::getLong() doesn't handle all error cases * Close #401: Write PEM data to a file especially for crlgen * Close #548: export certificate: error using child folder * Close #391: hide expired and revoked certificates xca 2.7.0 Tue Aug 27 2024 ------------------------- * Close #311: Install QT translation files again * Close #304: oids.txt not found etc if prefix non-standard * Add cmdline option to disable native dialogs * Close #364: Export ED25519 private key with password * Switch encryption in "Cert+PKCS#8" and "Database dump mode from DES3-EDE to AES-256 * Drop support of encrypted PVK files. * Windows/Mac build: switch to QT 6.6.3 * Close #554: Missing option to disable file association in Windows setup * Close #395: Flexible Clipboard Export * Close #550: Fix compiling tests issue by providing -pthread link flag. * Fix calendar export for CAs * Support importing existing OpenVPN TLS Auth keys * Fix "Copy extensions from request" function * Fix login via PinPad on e.g ReinerSCT * Extend #383: tag insecure PFX/PKCS#12 algorithms * Close #536: macos include OpenSSL legacy provider * Close #532: XCA not in English on macos * Close #89: ta.key for OpenVPN tls-auth * Close #496: PKCS11 access to AWS CloudHSM failed * Yubikey improvements xca 2.6.0 Mon Feb 26 2024 ------------------------- * Update documentation of certificate export and remote databases * Close #520: Fix permanent processor load * Close #518: Export certificates for ovpn file * Close #512 #474 #481 #506 #509: SHA1 based MAC for PKCS12 * Close #458 #511 #503 #500 #494 #484 #482 #475: Support legacy keys and automatically transform them if possible. * Close #493: Renew Certificate freeze XCA * Close #477: paste an encrypted private key results in a crash * Fix crash when deleting CA certificates * Close #480: add flatpak build information and github action * Close #402: Subject Alternative Name not filled by all CN * Improve import: Finish multi import when empty * Add File extensions in Info.plist supported by XCA * Close #384: Quick view of certificates without trying to open XCA * Close #459: pass private key password * Close #465: Export PEM + Key in one File * Close #460: Impossible to import PKCS#12 (RC40_CBC) * Make XCA AppStore compliant with -DAPPSTORE_COMPLIANT=ON xca 2.5.0 Sun Sep 24 2023 ------------------------- * Close #423: parameter --name is not respected when running with CLI * Close #457: Support Qt5 < 5.12 / python3-sphinxcontrib.qthelp * Close #440: yellow background makes date text hard to read in dark themes * Close #437: loading CRL at startup generates an error * Close #444 cannot update template internal name * Close #442: asan checks failed * Close #446: show more information in Recent Databases * Improve/Fix database loading * Document vCalendar/ics feature #456 * Fix possible segfault caused by wrong free() * Add Bulgarian translation * Close #368: error while creating CRL with CA using EC key (ed25519) * Treat CKA_ID as byte array, not Bignum * Fix #321 - decryptKey shows OpenSSL error * Merge #325 Update entitlement.plist * Close #366: Not Responding after upgrade * Add Persian translation .ts file to XCA. * Close #327: "Dump database" dumps everything to everywhere * Close #317: "Please insert card: ..." message * Add Indonesian translation * Close #283 Nitrokey HSM2 can't create EC keys on 2.4.0 * Switch from autotools/qmake to cmake * Close #278: Miss components to connect remote database * Commandline: Add "--list-items" to print a list of database items * Close #67: possibility to ignore password prompt from CLI * Close #259: Follow the XDG base directory specification * Add support for Qt6 and OpenSSL 3.x * Drop support for Qt4 * Drop support for old XCA < 2.0.0 databases * Drop support for OpenSSL < 1.1.0 xca 2.4.0 Fri May 07 2021 ------------------------- * Unify XCA icon (certificate) on all platforms * Close #247: Apple silicon (M1) configure fixes * Add Microsoft BitLocker extended key usage * Disregard OpenSSL 0.9.8 compatibility * Add bash completion script * Add context sensitive help * Convert documentation from linuxdoc/SGML to sphinxdoc * Close #258: xca aborts on exit and on access to own templates * Close #142: Support Ed25519 Import / Export private SSH2 key * Close #142: Support Ed25519: Key-generation, import, export * Close #251: AuthorityKeyIdentifier: use issuer:always * Change language maintainer of brazilian portuguese * Close #230: Change PKCS12 export extension from .p12 to .pfx * Close #208: XCA hung when importing EC keys. For example prime256v1 * Close #210: Make dialog to edit SAN less strict * Close #224: Store original path/filename on import * Close #213: configure.ac: add description to AC_DEFINE_UNQUOTED * Close #172 #46: Multiple OCSP Responders * Store default database and recently opened file as UTF8 * Close #157 Generate and export CRLs from commandline * Add command line support for creating CRLs, keys and analyzing items xca 2.3.0 Wed Apr 29 2020 ------------------------- * Close #191 OID LN differs warning popups at startup * Close #189 Database compaction #189 * Improve PKCS11 library loading for portable app * Refactor native separators / and \ on windows. * Support TLS encrypted MariaDB and PostgreSQL connection * Close #182: UI not using Windows native theme in 2.2.1 portable * Close #70: cant open ics file in ical on macos mojave * Close #72: Add checkbox for OCSP staple feature * Use DESTDIR instead of destdir when installing. Follows autotools convention. * Close #172 #46: Multiple OCSP Responders * Close #170 xca-portable-2.2.1 cannot change language * Fix certificate assignment when importing a CA certificate * Close #163: Show key type/size on column of Certificates tab xca 2.2.1 Thu Jan 30 2020 ------------------------- * Close #159 Opening existing database xca 2.2.0 Wed Jan 29 2020 ------------------------- * Switch to MSI installer * Close #129 Unattended Installation * Rename HTTPS templates to TLS and support KU/EKU extensions needed by OpenVPN * Close #93 Default output folder / Improve Portable App usability * Improve EC Curve selection for key generation. * Close #21 Support for ODBC (MSSQL) * Close #136 Provide 64bit version of xca * Close #156 secp256k1, secp256r1 and NIST-P256 * Transfer Key Usage and Extended Key Usage critical flags * Improve item loading. Inspired by #153 * Add japanese translation * Close #138: Portable Version does not remember paths * Close #83: Token selection should not insist on name or serial of the token * Close #95: Copy mysql and psql windows dll files into portable app * Close #144: Database export has issues with wildcards in internal names * Close #143: Hotkey for import * Close #140: Certificate renewal with option to preserved serial number * Fix possible XCA crash * Add Dutch translation * Add Chinese translation * Add Italian language * CLose #120: Mark signed a request doesn't work * Close #119: Rename "PostgreSQL 6 and 7" to just "PostgreSQL" * Close #116: Duplicate extensions erroneously shown * Close #114: SAN - IPv6 address input not working * Close #68 Generating large DH params freezes UI * Support concurrent database access. * Close #91: Change order of "PKCS#11 provider" * Extend PEM files by human readable information about the item * Support ecdsa SSH public keys * Close #98 Add comment at import/export RSA keys from/to SSH public key * Close #101: Finish Rename with Enter shows Property Dialog * Close #104: Also show sha256 digests of public keys * Close #82: Renew CA ROOT Cert * Verify imported keys thoroughly xca 2.1.2 Wed Nov 07 2018 ------------------------- * Close #40 macOS: Crash after xca v2.0.1 quit * Close #37: XCA 2: EVP_DecryptFinal_ex:bad decrypt * Close #74: Exiting XCA 2.1.1 corrupts database * Make PKCS11 libs, working dir and main-window size host-dependent * Support for XCA as portable App * Close #69 Library not loaded: @rpath/ contains local directory * Close #60: Fix MacOSX 2.1.1 binary * Add new maintained languages: Polish, Spanish, Portuguese xca 2.1.1 Thu Sep 13 2018 ------------------------- * Allow manual override of the CSR signed flag * Close #56: Duplicate Serials after Upgrade 2.1.0 * Close #57: SAN IP not working in 2.1.0 * Close #55: Calculate "CSR signed" information from legacy database * Close #55: Add Certificate counter column for CSR * Fix slovak translation * Close #50: Hang while importing 1.4.1 database into 2.1.0 xca 2.1.0 Tue Jul 24 2018 ------------------------- * Close #48: The SKI tickbox isn't generating an SKI extension for CSRs * Fix translation of dates * Add private key icon to the key name * Inspired by #42: display dates relative (seconds ago, yesterday, ...) while column ordering is still strict by age. The ToolTip shows date and time. * Related to #39: Dynamically adjust explicit DN entries * Close #39: Subject entries shuffled * Close #36: Support adding CN to X509v3 SAN automatically * Close #35: Configurable size of serial number. * Close #34: Improve Mac OSX installation * Close #27: Configurable certificate expiry warning threshold * Generate calender (.ics) files for certificate and CRL expiries xca 2.0.1 Tue May 08 2018 ------------------------- * Close #32: Version field contains "Created by Qt/QMake" on MacOSX * Review and update russian ltranslation * Close #31: Closing certificate details window toggles tree folding * Close #25: Certificates are no longer coloured * Close #24: Add LibreSSL support. Tested with LibreSSL 2.7.2 * Close #23: Improve limiting to pattern in certificate tree view * Close #20: Unable to chose remote database type (dropdown empty) * Close #19: Replace 3DES encryption by AES-256 during key export xca 2.0.0 Tue Apr 10 2018 ------------------------- * Open database before starting a transaction * Fix default hash during startup * Fix Importing PKCS#12 and PKCS#7 files * Improve automatic setting of the certificate internal name * Don't use remote DB descriptor as local database filename proposal * Usability: Preset remote database input values with previous ones * Add another missing windows postgres library xca 2.0.0-pre04 Thu Mar 22 2018 ------------------------------- * Accept drivers that don't support transactions * Install MySQL and PostgreSQL drivers on windows * Closes #10: Warn if certificate without any extension is created * Add table prefix to be prepended to each table for remote SQL DB * Update translations xca 2.0.0-pre03 Thu Mar 15 2018 ------------------------------- * Fix installation of sql plugins in the Windows installer * Fix opening, importing and dropping databases xca 2.0.0-pre02 Tue Mar 13 2018 ------------------------------- * Fix crash during PKCS#12 export * Update HTTPS_server template and add example SAN * Acceppt empty password for private key decryption * Fix legacy database-without-password import xca 2.0.0-pre01 Sun Mar 11 2018 ------------------------------- * Close GitHub Bug #5: Exporting a private key results in too-permissive permissions * Close GitHub Bug #4: Workaround QT bug of editing in QDateTimeEdit * Fix display of dates in the Certificate details (local time displayed a GMT) * The internal name is not neccessarily unique anymore and can be edited in the details dialog as well as the comment. * CSR signing is now statically stored in the database and the comment of the issued certificate. * Private keys in the database are PKCS#8 encrypted and can be exported and decrypted without XCA. * No more incrementing serials. Only unique random serial numbers. * "xca_db_stat" application removed. Use the SQLite3 browser "sqlitebrowser". * "xca extract" functionality removed. SQL views may be used instead. * Each item may be commented. XCA itself comments important events in the item. * Each item knows its time and origin of appearance. * Change database format to SQL(ite) and support MySQL and PostgreSQL. xca 1.4.1 Sat Mar 3 2018 ------------------------ * Replace links to XCA on Sourceforge in the software and documentation by links to my Site. xca 1.4.1-pre02 Thu Mar 1 2018 ------------------------------- * SF Bug #122 isValid() tried to convert the serial to 64 bit * Beautify mandatory distinguished name entry errors * Support dragging certificates and other items as PEM text * Show User settings and installation path in the about dialog xca 1.4.1-pre01 Sun Feb 18 2018 ------------------------------- * Remove SPKAC support. Netscape is not of this world anymore. * SF bug #124 Wrong assumptions about slots returned by PKCS11 library * Cleanup and improve the OID text files, remove senseless aia.txt * Update HTML documentation * Refine and document Entropy gathering * Indicate development and release version by git commit hash * Fix dumping private keys during "Dump database" * Fix Null pointer exception when importing PKCS#12 with OpenSSL 1.1.0 * SF Bug #110 Exported private key from 4096 bit SSH key is wrong * SF Bug #109 Revoked.png isn't a valid image * SF Bug #121 CA serial number is ignored in hierarchical view * Improve speed of Bulk import. * Fix starting xca with a database as first arg xca 1.4.0 Thu Jan 4 2018 ------------------------- * Update OpenSSL version for MacOSX and W32 to 1.1.0g * Change default hash to SHA-256 and add a warning if the default hash algorithm is SHA1 or less * Switch to Qt5 for Windows build and installation * Do not apply the default template when creating a similar cert * Close SF #120 Crash when importing CA certificate * Close SF #116 db_x509.cpp:521: Mismatching allocation and deallocation * Add support for OpenSSL 1.1 (by Patrick Monnerat) * Support generating an OpenSSL "index.txt" (by Adam Dawidowski) * Thales nCipher key generation changes for EC and DSA keys * Add Slovak translation xca 1.3.2 Sat Oct 10 2015 ------------------------- * Gentoo Bug #562288 linking fails * Add OID resolver, move some Menu items to "Extra" * SF. Bug. #81 Make xca qt5 compatible * SF. Bug. #107 error:0D0680A8:asn1 encoding * Don't validate notBefore and notAfter if they are disabled. xca 1.3.1 Fri Aug 21 2015 ------------------------- * Fix endless loop while searching for a signer of a CRL xca 1.3.0 Thu Aug 11 2015 ------------------------- * Update to OpenSSL 1.0.2d for Windows and MAC * SF Bug #105 1.2.0 OS X Retina Display Support * Digitaly sign Windows and MAC binaries with a valid certificate * Refactor the context menu. Exporting many selected items to the clipboard or a PEM file now works. Certificate renewal and revocation may now be performed on a batch of certificates. * Feat. Reg. #83 Option to revoke old certificate when renewing * Refactor revocation handling. All revocation information is stored with the CA and may be modified. Revoked certificates may now be deleted from the database * Support nameConstraints, policyMappings, InhibitAnyPolicy, PolicyConstraint and (OSCP)noCheck when transforming certificates to templates or OpenSSL configs * Fix SF Bug #104 Export to template introduces spaces * Add option for disabling legacy Netscape extensions * Support exporting SSH2 public key to the clipboard * SF Bug #102 Weak entropy source used for key generation: Use /dev/random, mouse/kbd entropy, token RNG * SF Feat. Req. #80 Create new certificate, based on existing certificate, same for requests * Add Cert/Req Column for Signature Algorithm * SF Feat. Req. #81 Show key size in New Certificate dialog * Distinguish export from transform: - Export writes to an external file, - Transform generates another XCA item xca 1.2.0 Sat Mar 21 2015 ------------------------- * Update to OpenSSL 1.0.2a for Windows and MAC drop brainpool extra builds * Use CTRL +/- to change the font size in the view * Add Row numbering for easy item counting * Support SSH2 public key format for import and export * Add support for SHA-224 * add "xca extract" to export items from the database on the commandline xca 1.1.0 Sat Nov 22 2014 ------------------------- * SF Bug #79 Template export from WinXP cannot be imported in Linux and Mac OS X * Support for Brainpool windows and MacOSX binaries * SF Feat. Req. #70 ability to search certificates * SF Feat. Req. #75 show SHA-256 digest * RedHat Bug #1164340 - segfault when viewing a RHEL entitlement certificate * Database hardening - Delete invalid items (on demand) - Be more tolerant against database errors - Gracefully handle and repair corrupt databases - Add "xca_db_stat(.exe)" binary to all installations * Translation updates * Optionally allow hash algos not supported by the token * Select whether to translate established x509 terms * Finish Token EC and DSA support - generate, import, export, sign * SF Feat. Req. #57 More options for Distinguished Name * Switch to autoconf for the configure script * SF Feature Req. #76 Export private keys to clipboard * EC Keys: show Curve name in table * Support EC key generation on PKCS#11 token * PKCS#11: Make EC and RSA signatures work * PKCS#11: Fix reading EC keys from card * SF Bug #82 Certificate Creation out of Spec * SF Bug #95 XCA 1.0 only runs in French on a UK English Mac xca 1.0.0 Wed Oct 22 2014 ------------------------- * SF Bug #89 Validating CRL distribution point results in error * SF Feature Req. #69 Create "Recent databases..." file menu item * SF Bug #75 authorityInfoAccess set error * SF Bug #88 Minor spelling error * SF Bug #87 Unable to set default key length The Key generation dialog now allows to remember the current settings * Do not interpret HTML tags in message boxes * Overwite extensions from the PKCS#10 request by local extensions This avoids duplication errors and allows to overwrite some extensions from the request * SF Bug #78 replace path separators in export filenames * SF Feature Req. #71 Add KDC Authentication OIDs to default files * SF Bug #82 Certificate Creation out of Spec * Add Croatian translation * SF Bug #83 Inappropriate gcc argument order in configure script xca 0.9.3 Sat May 12 2012 ------------------------- * Fix double free in a1time resulting in random crashes xca 0.9.2 Sun May 6 2012 ------------------------- * Support for Local timezone dates. Differentiate between invalid and undefined dates. * Fix Bug #3461403 Error when create certificate with CRL distribution point User error -> Improve user-friendlyness * Fix Bug #3485139 Exception when creating certificates in passwordless db * Avoid very long names resulting in duplicate names in the database. * Add warning colors for expired dates. xca 0.9.1 Fri Oct 21 2011 ------------------------- * Close bug [ 3372449 ] All numeric names cannot be used * add search functionality for PKCS#11 libraries * fix ASN.1 encoding of PKCS#10 request * Close bug [ 3318203 ] Build failure with GNU gold linker * Add x509v3 extensions to the list of selectable columns * Close bug [ 3314262 ] Incorrect "Path length" template parameter handling * Close bug [ 3314263 ] Unrevoking a certificate does not make it "Trusted" * Feature Request [3286442] Make success/import messges optional * improve Password entry * Improve SPKAC import * add french translation by Patrick Monnerat * Export requests or certificates as openssl config file * Support building with EC disabled * Close bug [3091576] Private key export is always PKCS#8 encoded * Feature Request [3058196] Autoload database * Feature Request [3058195] Export directly to the clipboard * Close bug [3062711] Additional OIDs * Close bug [3062708] Invalid user configuration file path name * Fix PKCS#11 library handling xca 0.9.0 Sun Aug 29 2010 ------------------------- * support loading more than one PKCS#11 library * remove the need for engine_pkcs11 now more than one PKCS#11 library can be loaded and used in parallel * Add de/selection of columns and add a lot of new possible columns All Subject entries, the subject hash and whole name, Certificate fingerprints, dates, CA info, CRL number, corresponding key of certs and requests * Improve CRL generation [3035294] CRLNumber, CRLReason * improve creating templates from cert - enhance parsing of CRL-DP, SAN, IAN and AuthInfoAcc - add support for CertificatePolicies - unknown extension are written as generic DER * improve date handling. "notBefore" is not reset to now anymore when applying a time range * Support dropping files onto the application * russian translation by Pavel Belly * support loading DER formatted PKCS#8 keys * ease commandline use * add DH param generation menu entry * improve token handling and PIN changing dialogs * improve key-value table input for "additional DN entries" * PIN and PUK changing implemented * apply partial template-contents - applying the subject only or the extensions only is possible now * add informational messageboxes - whenever an item was successfully created or imported * add support for random serial numbers * improve messages, usability and german translation * improve token support - token initializing - creating keys on a token - store existing keys on a token - delete keys and certs from a token xca 0.8.1 Tue Jan 5 2010 ------------------------- * fix string conversion from QString to ASN1 xca 0.8.0 Thu Dec 10 2009 ------------------------- * improve documentation * improve file-dialog handling * Generate Template from certificate or PKCS#10 request -> Feature request [2213094] and [1108304] * add hash algos "ripemd160" and "SHA384" * add the "no well-defined date" from RFC 5280 as checkbox * Feature request [1996192] Include "OCSPSigning" in misc/eku.txt * Support for EC keys * Update Step-by-step documentation Thanks Devin Reade * Support for Smart Cards * set proper file-extension .xdb on opening databases xca 0.7.0 Fri Sep 11 2009 ------------------------- * support modifying the CSR subject during signing * update key images * fix date settings in Certificate renewal dialog * fix certificate request verification * check for duplicate x509 v3 extensions Bug [ 1881482 ] and [ 1998815 ] * make sha1 the default hash to avoid problems with other software Bug [ 1751397 ] * add validation button to see all extensions before creating the cert * change the hashing for the default password. this makes it incompatible to older versions * Major changes for MAC OS X * extend template format for nconf settings * add nconf input field for arbitrary OpenSSL extensions and a "validate" button to check the settings before applying * fix xca.desktop Bug [ 1837956 ] * fix item-export error handling * add PEM paste import feature * extend PEM import to import all items from a PEM file xca 0.6.4 Mon Aug 13 2007 ------------------------- * Bug "tree view loose track" fixed * check for certificate errors and display them instead of crashing * move used-keys-button form options to NewX509 dialog * Set string options in options dialog * remove extension and attribute tab in details dialog if no extensions or attributes available * documentation updated * X509 request attributes (like challange password) can be set and viewed. xca 0.6.3 Thu May 17 2007 ------------------------- * show CRL signature algorithm information * Add options dialog to set the default hash algo, mandatory distinguished name entries and allow duplicate key use as requested by some users * make cert, crl and key details copy&paste able * fix background color of clicklabels Bug [ 1704699 ] * remove missleading tooltips Bug [ 1704700 ] * fix segfault * switch string handling to UTF8 xca 0.6.2 Mon Apr 9 2007 ------------------------- * break endless loop in chain building Bug [ 1696878 ] xca 0.6.1 Thu Apr 5 2007 ------------------------- * minor documentation updates * Fix openssl-cross patch * recognize certificates with circular references [ xca-Bugs-1693027 ] * be compatibile to QT-4.1 (thanks Tamas TEVESZ) * remove all usages of QT3 backward lib [ xca-Feature Requests-1692800 ] xca 0.6.0 Fri Mar 16 2007 ------------------------- * set initial sorting to ascending order * add RFC2253 representation of subject and issuer to copy & paste * fix dialog sizes for long DNs * move hash algo into signer box [ 1656260 ] * make QA serial a compile time option * fix date generation and warn if generalized time is used * autodetect and load any type of PEM files * fix version number in exported .xca template * fix import of older XCA templates * add support for predefined templates as there was in 0.5.1 * fix cmdline import of crypto items * add undelete feature for deleted items * fix database shrinking of curent db during opening of new db xca 0.6.0-beta02 Fri Feb 2 2007 ------------------------------- * correct and fixate the order of x509name entries * Add CRL properties dialog to select the dates and the signing algo * Add SHA256 and SHA512 * Certificate export for apache and OpenSSH+X509 * Default templates for client, server, CA removed * template duplication added * sort serial numbers numerically and not lexicographically Bug [1166075] * add build support for cygwin and mingw-cross * delete rpm/ and debian/ subdirs * Port to QT4 and openssl 0.9.8 remove the need of Berkeley DB importing of old database dump possible * finish support for Mac OS X * add X509 V3 extensions to PKCS#10 requests * add "validation" function for editable extensions below * add "edit" buttons for subject/issuer alt. name, crl dist. point and cert. auth. info access * add DB-dump function into subdirs * Support for DSA keys * Fix error in template changing * change storage-format of keys: store the public unencrypted and the private additionally encrypted. * Allow different passwords for keys xca 0.5.1 Tue Jul 13 2004 ------------------------- * support for different languages on WIN platform (Thanks Ilya) * better installation and deinstallation on WIN platform * documentation updated xca 0.5.0 Sun Jun 13 2004 ------------------------- * orthographical changes * more translations * segfault in CRL import removed * manpage and documentation updated * store "midnight" in template xca 0.4.7-RC2 Fri Apr 16 2004 ----------------------------- * open db if explicit mentioned, otherwise do not. * Errormessage on a wrong pkcs12 password more comprehensive * postinst and postrm do update-menu * search more intensive for the CRL signer * add /etc/xca/nid.txt to OID search path * debian build enhanced, lintian satisfied, manpage added. * AuthorityInfoAccess enhanced "aia.txt" as oid list added * allow empty passwords on PKCS#12 import xca 0.4.7-RC1 Thu Feb 5 2004 ---------------------------- * debian menu-entry added * Open and closing of different databases * Menu added * German translation * CRLs will revoke existing certs * memory leaks removed * support for other compiled in basedir on unix * Authority info access added Certificate policies still pending :-( * additional (private) oids can be registered in oids.txt * OIDs for extended key usage and Distinguished name are now read from eku.txt and dn.txt respectively. * About dialog and help window added. * Requestdetail is now tabdialog xca 0.4.6 Tue Nov 25 2003 -------------------------- * Country is State or Province * xca.dsp: WIN32 changes from Ilya * New configure added, Makefile.in's purged and one configuration: "Local.mak" for flags and compilers. supports parallel builds (make -j) * SmartCard Logon OID added * Fixed bugs: * [ 846052 ] Tab order in Certificate Netscape extensions is wrong * [ 845800 ] CRL Generation problem for Netscape * [ 836967 ] Unable to specify alternate database * [ 843725 ] xca dies when opened with a pem key as argument * [ 789374 ] Bad encoding in misc/xca.desktop * by Wolfgang Glas : - Support for UTF8 in x509name - Netscape SPKAC support added xca 0.4.5 Wed Aug 13 2003 -------------------------- * more german translations * [ 737036 ] make error texts copiable from pop-up-windows to clipboard by adding a button doing this * [ 767603 ] Key sizes Implemented by making the Key-size ComboBox editable to enter arbitrary key sizes. * [ 765774 ] change password for database xca 0.4.4 Wed Aug 6 2003 -------------------------- * [ 783853 ] renewal uses 'notBefore' as 'notAfter' date * [ 783830 ] GeneralizedTime-format breaks browsers xca 0.4.3 Tue Aug 5 2003 -------------------------- * remove Certificate creation bug (AuthKeyId) * always take the right cert for signing * critical flag in key usage and extended key usage works now * Import of Multiple items is done and works [ 739726 ] extend description of -p option [ 775529 ] Import of PKCS#7 item not shown * made the details dialogs internal name read only * some segmentation faults removed * VPN OIDs added to Ext. Keyusage xca 0.4.2 Sun Jul 20 2003 -------------------------- * Memory leak removed * Template import and export added * fix bug [ 773056 ] Duplicate 'All files (*.*)' selection on import menus * import of PKCS#12 keys repaired * crl icon added to W32 installation * /usr/local/include removed from CPP flags * Buttons "Export Cert" and "Change Template" reconnected. * Authority Key identifier repaired xca 0.4.1 Tue Jul 15 2003 -------------------------- * some compiling issues removed * Import via commandline repaired, * signing of requests without key fixed * Changes for WIN32 version from Ilya added * solved bug: [ 770120 ] Attempting to export private key results in no file exported * implemented feature request: [ 755599 ] add PFX import button to Keytab xca 0.4.0 Tue Jul 8 2003 -------------------------- * Solved bugs: * [ 752111 ] Cannot handle dates past 32-bit boundary (2038) * [ 744227 ] Bug in handling of 3rd. party CRLs * The following Feature requests were implemented: * [ 743152 ] Attributes in subject name * [ 755853 ] select the hash algorithm for signing. * The code was completely rewritten to remove many unpretty codefragements and get a more stable codebase * The names of certs and keys in the detailsview of Certs, CRLs and Requests are clickable. * xca desktopfile added and will be installed in applications, key.xpm will be installed as xca.xpm in pixmaps ([ 763954 ] xca.desktop file) Thanks to Enrico Scholz xca 0.3.2 Thu May 15 2003 -------------------------- * Optimizations, icon for WIN32 platform * MS Registry and %USERPROFILE% support * Support for PKCS#7 certs (im/export) * small UI changes xca 0.3.1 Thu Apr 24 2003 -------------------------- * Tool Tips added * CRL handling (import, export, details) added xca 0.3.0 Fri Apr 25 2003 -------------------------- * several bugfixes and memoryleaks removed * export to TinyCA and "openssl ca" added * switch between tree/plain view in certificate list * notAfter dates in certificate view can be sorted reasonably * libdb-4.1.24 and higher is supported * The certificate details dialog was redesigned to be a smaller tab-dialog * Mainwindow dialog shrinked * Item viewing and import via the commandline is possible * documentation littlebit updated * changes in configure * The wizard invokes the key generation process only if really needed xca 0.2.12 Mon Jan 6 2003 -------------------------- * PKCS#7 encryption and signing of files added * First attempt of documentation added * Several export targets added * Certificate renewal repaired xca 0.2.11 Wed Dec 4 2002 -------------------------- * Certificate export enhanced, increase signer-serial on certimport. * interpretation of serial as hex and not as dezimal. * configure continues even if qt lib is absent. * $HOME/xca is created if it does not exist. xca 0.2.10 Tue Oct 29 2002 -------------------------- * shows not After time and serial in listview * some segfaults removed * Certificate renewal implemented * extension-bug removed * request-kontextmenu contains signing * create request from certificate * FreeBSD paths and libs recognized by configure xca 0.2.9 Mon Oct 21 2002 ------------------------- * several segfaults eliminated * key-use counter corrected * initial truststate fixed * remembers Im/Export directories * import of mutiple certs/keys/requests/pkcs12 * database transactions activated * exception-handling completed xca 0.2.8 Sun Oct 13 2002 ------------------------- * consistency checks for Iss-alt-name and Sub-alt-name * Check for certificate dates to not exceed those of the signer * defines for libdb >4.1.x * default templates added * package-builder do build without printf-debugging * key-use counter works now well xca 0.2.7 Tue Oct 8 2002 ------------------------- * segfaults removed * minor wizard changes xca 0.2.6 Mon Sep 30 2002 ------------------------- * show common name in request list and certificate list * CRL generation added * Key-export fixed * signing-template, CRL date and CRL time interval adjustable * Fix for windows filenames xca 0.2.5 Tue Sep 24 2002 ------------------------- * Certificate and Template Wizard completed * CA-serial can be changed and is stored with the cert * Passwordboxes set focus right (Andrey Brindeew ) * configure enhanced with error and success messages * x509 v3 extensions completed inc. Netscape extensions * Templates implemented * Files for MS Visual C++ added (yes, it compiles on MS Windows) * Windows Installer added (Nullsoft) xca 0.2.4 Tue Sep 10 2002 ------------------------- * PKCS#12 import added * bugfixes fileview, requestgeneration xca 0.2.3 Wed Sep 4 2002 ------------------------ * icons changed * context menu on right mousebutton * trust state settings added * dialogboxes are resizeable * extended keyusage added to v3 extensions when creating new cert * all dialogs translated to english * no more images in .ui files xca 0.2.2 Thu Jul 18 2002 ------------------------- * basic constraints, key usage and subject/authority key identifier * signing wizard... * Signatures can be done with requests and from scratch * Certificate for signing can be self or foreign, * password is saved as md5sum xca 0.1.12 Thu Jul 11 2002 -------------------------- * icons added * treeview for Certificates * private keys are triple DES encrypted in db * program asks for initial password on startup * some segfaulting bugs removed xca 0.1.11 Wed Jul 3 2002 ------------------------- * RSA Keys are generated and stored to or loaded from a file in either DER or PEM format. * They get stored in a local Berkeley DB. * Changing their description and viewing their contents, as well as deleting them from local DB is possible. xca-RELEASE.2.9.0/cmake/000077500000000000000000000000001477156507700144575ustar00rootroot00000000000000xca-RELEASE.2.9.0/cmake/database_schema.cmake000066400000000000000000000007501477156507700205470ustar00rootroot00000000000000 if (SRC AND DST) file(READ ${SRC} DB_SCHEMA) string(REPLACE "<<" "" DB_SCHEMA "${DB_SCHEMA}") string(REPLACE "\\\"" "'" DB_SCHEMA "${DB_SCHEMA}") string(REPLACE "//" "--" DB_SCHEMA "${DB_SCHEMA}") string(REPLACE "\"" " " DB_SCHEMA "${DB_SCHEMA}") string(REGEX REPLACE "^[ \t\r\n]+schemas\\[(.*)\\].*" " -- Schema Version \\1" DB_SCHEMA "${DB_SCHEMA}") file(WRITE ${DST} "${DB_SCHEMA}") else() message(FATAL_ERROR "Mandatory FILE or SRC variable not defined") endif() xca-RELEASE.2.9.0/cmake/git_version.cmake000066400000000000000000000037471477156507700200240ustar00rootroot00000000000000find_package(Git) string(REPLACE "." ";" VERSION_LIST ${PROJECT_VERSION}) list(GET VERSION_LIST 0 PROJECT_VERSION_MAJOR) list(GET VERSION_LIST 1 PROJECT_VERSION_MINOR) list(GET VERSION_LIST 2 PROJECT_VERSION_PATCH) if(Git_FOUND AND EXISTS "${PROJECT_SOURCE_DIR}/.git") message(STATUS "Git found: ${GIT_EXECUTABLE}") execute_process(COMMAND git rev-parse HEAD WORKING_DIRECTORY "${PROJECT_SOURCE_DIR}" OUTPUT_VARIABLE GIT_REV OUTPUT_STRIP_TRAILING_WHITESPACE ERROR_QUIET ) execute_process(COMMAND git diff-index --quiet HEAD -- WORKING_DIRECTORY "${PROJECT_SOURCE_DIR}" OUTPUT_QUIET ERROR_QUIET RESULT_VARIABLE GIT_LOCAL_CHANGES OUTPUT_STRIP_TRAILING_WHITESPACE ) execute_process(COMMAND git rev-list --count RELEASE.${PROJECT_VERSION}..HEAD WORKING_DIRECTORY "${PROJECT_SOURCE_DIR}" OUTPUT_VARIABLE GIT_COMMIT_COUNTER RESULT_VARIABLE GIT_COMMIT_COUNTER_RESULT OUTPUT_STRIP_TRAILING_WHITESPACE ERROR_QUIET ) if(NOT GIT_COMMIT_COUNTER_RESULT) math(EXPR PROJECT_VERSION_PATCH "${PROJECT_VERSION_PATCH} + ${GIT_COMMIT_COUNTER}") set(PROJECT_VERSION "${PROJECT_VERSION_MAJOR}.${PROJECT_VERSION_MINOR}.${PROJECT_VERSION_PATCH}") message(STATUS "Commit counter: ${GIT_COMMIT_COUNTER} - ${GIT_REV} - ${PROJECT_VERSION}") endif() set(RELEASE_TAG "RELEASE.${PROJECT_VERSION}" CACHE STRING "Release TAG for the release") if (DEFINED ENV{RELEASE_TAG}) set(RELEASE_TAG "$ENV{RELEASE_TAG}") endif() set(RELEASE_NAME "${PROJECT_NAME}-${PROJECT_VERSION}") add_custom_command( OUTPUT "${RELEASE_NAME}.tar.gz" WORKING_DIRECTORY "${PROJECT_SOURCE_DIR}" COMMAND git archive --format=tar.gz --prefix=${RELEASE_NAME}/ ${RELEASE_TAG} > ${CMAKE_BINARY_DIR}/${RELEASE_NAME}.tar.gz COMMENT "Create ${RELEASE_NAME}.tar.gz from tag ${RELEASE_TAG}" ) add_custom_target(release DEPENDS ${RELEASE_NAME}.tar.gz) endif() message(STATUS "XCA Version: ${PROJECT_VERSION}") xca-RELEASE.2.9.0/cmake/openssl_v_err.cmake000066400000000000000000000013261477156507700203430ustar00rootroot00000000000000# CMake function to find the headerfile x509_vfy.h and search for all occurrences # of X509_V_ERR_ and replace them by #ifdef x V_ERR(x) #endif if (OPENSSL_INCLUDE_DIR) set(OPENSSL_V_ERR_H "${OPENSSL_INCLUDE_DIR}/openssl/x509_vfy.h") if (EXISTS "${OPENSSL_V_ERR_H}") message(STATUS "Parsing ${OPENSSL_V_ERR_H} for X509_V_ERR_") file(READ "${OPENSSL_V_ERR_H}" X509_VFY_H) string(REGEX MATCHALL "X509_V_ERR_[A-Z_0-9]+" X509_VFY_ERRORS ${X509_VFY_H}) foreach(ERR ${X509_VFY_ERRORS}) string(APPEND X509_VFY_ERRORS_C "#ifdef ${ERR}\n V_ERR(${ERR})\n#endif\n") endforeach() file(WRITE ${CMAKE_BINARY_DIR}/openssl_v_err.c ${X509_VFY_ERRORS_C}) endif() endif() xca-RELEASE.2.9.0/doc/000077500000000000000000000000001477156507700141445ustar00rootroot00000000000000xca-RELEASE.2.9.0/doc/.gitignore000066400000000000000000000001041477156507700161270ustar00rootroot00000000000000*.html xca.1 xca.1.gz xca_db_stat.1 xca_db_stat.1.gz sphinx conf.py xca-RELEASE.2.9.0/doc/CMakeLists.txt000066400000000000000000000141051477156507700167050ustar00rootroot00000000000000 set(S ${PROJECT_SOURCE_DIR}/doc) set(D ${PROJECT_BINARY_DIR}/doc) set(RST ${D}/rst-build) file(MAKE_DIRECTORY ${RST}) find_program(SPHINX sphinx-build) find_package(Qt6 QUIET OPTIONAL_COMPONENTS ToolsTools) set(FILENAMES index commandline requests object-ids common-actions database options certificates revocationlist changelog introduction privatekey step-by-step certificate-input template smartcard miscellaneous ) foreach(file ${FILENAMES}) list(APPEND RST_SOURCE ${S}/rst/${file}.rst) list(APPEND RST_DEST ${RST}/${file}.rst) list(APPEND HTML_DEST ${D}/html/${file}.html) list(APPEND HTML_FILE ${file}.html) list(APPEND QTHELP_DEST ${D}/qthelp/${file}.html) endforeach() foreach(doc ${HTML_FILE} xca.qhc) string(REPLACE "-" "" id ${doc}) guid(${doc}) list(APPEND DOC_COMPREFS " \n") list(APPEND DOC_COMPS " \n") endforeach() string(APPEND WIX_DOC_CONTENT "\n" ${DOC_COMPS} "\n" "\n" ${DOC_COMPREFS} "" ) WixFile(${D}/documentation.wxs ${WIX_DOC_CONTENT}) if(SPHINX) add_custom_command( OUTPUT ${RST}/database_schema.sql COMMAND ${CMAKE_COMMAND} -E make_directory ${RST}/_static COMMAND ${CMAKE_COMMAND} -D SRC=${PROJECT_SOURCE_DIR}/lib/database_schema.cpp -D DST=${RST}/database_schema.sql -P ${PROJECT_SOURCE_DIR}/cmake/database_schema.cmake DEPENDS ${PROJECT_SOURCE_DIR}/lib/database_schema.cpp COMMENT "Generating database schema SQL documentation" ) add_custom_command( OUTPUT ${D}/rst.stamp BYPRODUCTS ${RST}/COPYRIGHT ${RST}/changelog ${RST_DEST} COMMAND ${CMAKE_COMMAND} -E make_directory ${RST}/_static COMMAND ${CMAKE_COMMAND} -E copy_if_different ${PROJECT_SOURCE_DIR}/img/bigcert.png ${RST}/_static COMMAND ${CMAKE_COMMAND} -E copy_if_different ${PROJECT_SOURCE_DIR}/COPYRIGHT ${PROJECT_SOURCE_DIR}/changelog ${RST_SOURCE} ${RST} COMMAND ${CMAKE_COMMAND} -E touch ${D}/rst.stamp DEPENDS ${PROJECT_SOURCE_DIR}/COPYRIGHT ${PROJECT_SOURCE_DIR}/changelog ${RST_SOURCE} COMMENT "Prepare Sphinx source directory" ) add_custom_command( OUTPUT ${RST}/arguments.rst DEPENDS xcadoc COMMAND xcadoc rst ${RST}/arguments.rst COMMENT "Generate 'rst' commandline documentation" ) target_sources(${CMAKE_PROJECT_NAME} PRIVATE ${HTML_DEST}) foreach(EXPORT_TOPIC x509 x509-clp key key-clp request revocation) set(EXPORT_DEST ${RST}/export-${EXPORT_TOPIC}.rst) add_custom_command( OUTPUT ${EXPORT_DEST} DEPENDS xcaexport COMMAND xcaexport ${EXPORT_TOPIC} ${EXPORT_DEST} COMMENT "Generate '${EXPORT_TOPIC}' export documentation" ) list(APPEND EXPORT_TOPICS ${EXPORT_DEST}) endforeach() configure_file(${S}/conf.py.in ${RST}/conf.py) set(SPHINX_SRC ${D}/rst.stamp ${RST}/database_schema.sql ${RST}/arguments.rst ${RST}/conf.py ${EXPORT_TOPICS} ) add_custom_target(sphinx-src DEPENDS ${SPHINX_SRC}) add_custom_command( OUTPUT ${HTML_DEST} COMMAND ${SPHINX} -q -b html ${RST} ${D}/html DEPENDS sphinx-src ${SPHINX_SRC} COMMENT "Create HTML documentation" ) add_custom_target(sphinx-html DEPENDS ${HTML_DEST}) add_dependencies(${CMAKE_PROJECT_NAME} sphinx-html) add_custom_command( OUTPUT ${D}/qthelp/xca.qhcp ${D}/qthelp/xca.qhp ${QTHELP_DEST} COMMAND ${SPHINX} -q -b qthelp ${RST} ${D}/qthelp DEPENDS sphinx-src ${SPHINX_SRC} COMMENT "Create context sensitive help" ) if (UNIX) if (APPLE) execute_process(COMMAND ln -fs .doc/html/index.html ${D}/manual.html) install(FILES ${D}/manual.html DESTINATION .) set(HTML_INSTALL_DEST .doc/html) install(DIRECTORY ${D}/html DESTINATION .doc PATTERN ".*" EXCLUDE) else() install(DIRECTORY ${D}/html/ DESTINATION ${CMAKE_INSTALL_DOCDIR} PATTERN ".*" EXCLUDE ) endif() endif() if (QT_VERSION VERSION_LESS 5.12.0) if (TARGET ${QT}::qcollectiongenerator) set(QHELPGEN $) endif() else() if(TARGET ${QT}::qhelpgenerator) set(QHELPGEN $) endif() endif() if(QHELPGEN) set(QTHELP_IDX ${D}/qthelp/xca.qhc) add_custom_command( OUTPUT ${QTHELP_IDX} COMMAND ${QHELPGEN} -s ${D}/qthelp/xca.qhcp DEPENDS ${D}/qthelp/xca.qhcp ${D}/qthelp/xca.qhp ${QTHELP_DEST} COMMENT "Create context sensitive help index" ) add_custom_target(sphinx-qtcollgen DEPENDS ${QTHELP_IDX}) target_sources(${CMAKE_PROJECT_NAME} PRIVATE ${QTHELP_DEST} ${QTHELP_IDX}) add_dependencies(${CMAKE_PROJECT_NAME} sphinx-qtcollgen) list(APPEND APP_RESOURCES ${QTHELP_DEST} ${QTHELP_IDX}) if (UNIX AND NOT APPLE) install(FILES ${QTHELP_DEST} ${QTHELP_IDX} DESTINATION ${CMAKE_INSTALL_DATADIR}/${CMAKE_PROJECT_NAME}/html ) elseif (WIN32) install(FILES ${QTHELP_DEST} ${QTHELP_IDX} DESTINATION ${RUNTIME_DEST}/html ) endif() else() message(WARNING "Application 'qhelpgenerator' not found. In-app documentation disabled.") endif() else(SPHINX) message(WARNING "sphinx-build binary not found. Documentation generation disabled") endif(SPHINX) if (NOT WIN32) add_custom_command( OUTPUT "${D}/xca.1.gz" COMMAND cat "${S}/xca.1.head" "${D}/xca.1.options" "${S}/xca.1.tail" | gzip -n9 > "${D}/xca.1.gz" DEPENDS "${S}/xca.1.head" "${S}/xca.1.tail" "${D}/xca.1.options" COMMENT "Compiling man page" ) add_custom_command( OUTPUT "${D}/xca.1.options" COMMAND xcadoc man "${D}/xca.1.options" COMMENT "Generate 'man' commandline documentation" ) add_custom_target(manpage ALL DEPENDS ${D}/xca.1.gz) if (NOT APPLE) install(FILES "${D}/xca.1.gz" DESTINATION ${CMAKE_INSTALL_MANDIR}/man1) endif() add_dependencies(${CMAKE_PROJECT_NAME} manpage) endif() xca-RELEASE.2.9.0/doc/conf.py.in000066400000000000000000000041051477156507700160500ustar00rootroot00000000000000# Configuration file for the Sphinx documentation builder. # # This file only contains a selection of the most common options. For a full # list see the documentation: # https://www.sphinx-doc.org/en/master/usage/configuration.html # -- Path setup -------------------------------------------------------------- # If extensions (or modules to document with autodoc) are in another directory, # add these directories to sys.path here. If the directory is relative to the # documentation root, use os.path.abspath to make it absolute, like shown here. # # import os # import sys # sys.path.insert(0, os.path.abspath('.')) # -- Project information ----------------------------------------------------- project = '@PROJECT_NAME@' copyright = '2024, Christian Hohnstädt' author = 'Christian Hohnstädt' master_doc = 'index' # The full version, including alpha/beta/rc tags release = '@PROJECT_VERSION@' # -- General configuration --------------------------------------------------- # Add any Sphinx extension module names here, as strings. They can be # extensions coming with Sphinx (named 'sphinx.ext.*') or your custom # ones. extensions = [ ] # Add any paths that contain templates here, relative to this directory. templates_path = ['_templates'] # List of patterns, relative to source directory, that match files and # directories to ignore when looking for source files. # This pattern also affects html_static_path and html_extra_path. exclude_patterns = ['_build', 'Thumbs.db', '.DS_Store'] # -- Options for HTML output ------------------------------------------------- # The theme to use for HTML and HTML Help pages. See the documentation for # a list of builtin themes. # html_theme = 'alabaster' html_theme_options = { 'logo': 'bigcert.png', 'logo_name': 'true', 'fixed_sidebar': 'pinned', 'page_width': '1150px', } # Add any paths that contain custom static files (such as style sheets) here, # relative to this directory. They are copied after the builtin static files, # so a file named "default.css" will overwrite the builtin "default.css". html_static_path = ['_static'] xca-RELEASE.2.9.0/doc/rst/000077500000000000000000000000001477156507700147545ustar00rootroot00000000000000xca-RELEASE.2.9.0/doc/rst/certificate-input.rst000066400000000000000000000155541477156507700211370ustar00rootroot00000000000000 .. index:: wizard (wizard) .. _wizard: Certificate Input Dialog ======================== This input dialog is the central part for collecting all data regarding certificates, requests and templates. It will be invoked whenever such an item is going to be created or, in case of a template, is altered. .. index:: wizard_src (wizard_src) Source ------ This page is not shown when creating or changing templates. Signing Request ............... If it is desired to either enroll a certificate from a PKCS#10 request by a local CA, or to create a certificate from a request by self-signing it, the request can be selected here. In the later case the private key of the request must be available. Signing ....... Either self-signing or the CA certificate for signing may be selected here. Additionally, the desired signing algorithm can be adjusted. The drop-down list contains all :ref:`ca_cert` with an available private key. Signature Algorithm ................... Usually SHA256 or higher should be used, but since older windows versions including XP can not handle them, you may opt to use SHA1. The default signing algorithm may be selected by the *Options* menu. Templates ......... The fields of the certificate can be preset by the values of a template by selecting it and clicking *Apply all*. Templates can be mixed by applying the subject of one template and then applying the extensions of an other by using the buttons *Apply subject* and *Apply extensions* .. index:: wizard_subject (wizard_subject) Personal Settings ----------------- Subject ....... On this Page all personal data like country, name and email address can be filled in. The *Country code* field must either be empty or exactly contain two letters representing your country code; e.g. *DE* for Germany. If you want to create an SSL-server certificate the *Common name* must contain the DNS name of the server. The subject-alternative-name extension must be used to define additional DNS names, even wildcards. In this case the CommonName must be repeated here, because TLS clients disregard the CommonName in case the subject-alternative-name extension exists. If the *internal name* is empty, the common name will be used as internal name. It will also be used as default internal name, if a new key is created here. Other rarely used *name-entries* can be selected in the dialog below. By using this table instead of the explicit entries above, the order of the entries can be adjusted. A new line can be added via the *Add* button. The current line can be deleted via the *Delete* button. Existing lines can be exchanged and reordered by moving the row-header (containing the row-number) around. All items can be added more than once, even those from above. This is not very usual but allowed. The list of the 7 explicit distinguished name entries may be adjusted in the options dialog at :ref:`options` Private Key ............ Keys can be generated here "on the fly" by pressing the button. The name of the new key will be preset by the common name of the certificate. The newly generated key will be stored in the database and stay there, even if the input dialog is canceled. The drop-down list of the keys only contains keys that were not used by any other certificate or request. The key-list is not available for creating or changing templates. By checking *Used keys too* the list contains all available keys. Use this with care. You're likely doing something wrong when using this option. This tab does not appear when signing a request, because the request contains all needed data from this tab. Select "Modify subject of the request", if you want to modify it anyway. The content of the subject Tab will then be preset with the content of the request. .. index:: wizard_extensions (wizard_extensions) .. index:: wizard_keyusage (wizard_keyusage) .. index:: wizard_netcape (wizard_netcape) X509v3 Extensions ----------------- The next three tabs contain all fields for adjusting the certificate extensions. It is not in the focus of this document to explain them all in detail. The most important are the *Basic Constraints* and the *Validity* range. More details can be found in `RFC5280 `_. Basic Constraints ................. If the type is set to *Certification Authority*, the certificate is recognized by XCA and other instances as issuer for other certificates. Server-certificates or E-Mail certificates should set this extension to *End entity* (strongly recommended) or disable it completely by setting it to *Not defined* Validity Range .............. The *Not before* field is set to the current date and time of the operating system and the *Not after* field is set to the current date and time plus the specified time range. When applying time ranges, the expiry date (not after) is calculated by taking the currently configured start date (not before) and adding the time range. For templates the specified times are not saved, because it does not make much sense. Rather the time range is stored and automatically applied when selecting this template. Applying the time range means to set notBefore to "now" and notAfter to "now + time range". If the *midnight* button is set both dates will be rounded down and up to midnight. Subject Alternative Name ........................ The subject alternative name accepts a special entry *DNS:copycn*. This will copy all *commonName* entries from the subject as DNS entries. Together with the issuer alternative name it accepts the special entry *UPN:* as short form of *otherName:msUPN;UTF8:* .. index:: wizard_advanced (wizard_advanced) Advanced ........ Any extension, not covered on the other tabs can be added here as defined in OpenSSL nconf. The validity can be checked by clicking *Validate*. All extensions from all tabs will be shown here to see them all in their final form. Click on *Edit* to continue editing the extensions here. Refer to the OpenSSL X509v3 configuration for more details: https://www.openssl.org/docs/manmaster/man5/x509v3_config.html Certificate Policies '''''''''''''''''''' The following example of *openssl.txt* also works in the advanced tab to define certificate policies .. code-block:: ini certificatePolicies=ia5org,1.2.3.4,1.5.6.7.8,@polsect [polsect] policyIdentifier = 1.3.5.8 CPS.1="http://my.host.name/" CPS.2="http://my.your.name/" userNotice.1=@notice [notice] explicitText="Explicit Text Here" organization="Organisation Name" noticeNumbers=1,2,3,4 Adding more than one AuthorityInfoAccess entry is also possible here: .. code-block:: ini authorityInfoAccess=@aia_sect [aia_sect] OCSP;URI.1=http://www.some.responder.org/ OCSP;URI.2=http://www.some.other-responder.org/ caIssuers;URI.3=http://server.whatever.org/cert-path caIssuers;URI.4=ldap://server.whatever.org/xxx,yyy When exporting existing Certificates to templates, the extensions will be translated to OpenSSL config file format. xca-RELEASE.2.9.0/doc/rst/certificates.rst000066400000000000000000000154151477156507700201610ustar00rootroot00000000000000 .. _certificates: X.509 Certificates ================== All certificates from the database are displayed in a tree view reflecting the chain dependencies. If there is a CA certificate and several client certificates signed by this CA, the client certificates can be shown by clicking on the plus sign of the CA certificate. .. _ca_cert: CA Certificates --------------- XCA will recognize CA certificates if the CA flag in the *Basic Constraints* is set to true. If there is a corresponding private key, the *CA* sub-menu in the context-menu will be enabled. For building the chains the CA flag is disregarded, because there are some CAs without this flag. Instead it considers the issuer name and the signature to decide which certificate is the issuer. If there is more than one CA certificate with the same subject and private key, it is undeterminable which one was selected during the signing process. This is not an issue. This usually happens if a CA certificate got renewed. In this case XCA selects the certificate with the later expiry date as anchor for the issued certificates. .. index:: ca_properties (ca_properties) .. _ca_properties: CA Properties ------------- For every CA a default template can be configured that will be automatically applied when creating a new certificate. The CRL days define the preset expiry time to the next CRL release when issuing a new CRL. .. index:: certgen (certgen) Generating certificates ----------------------- After clicking on the *New Certificate* button the Certificate input dialog will be started to ask all needed information for generating a new Certificate. See: :ref:`wizard`. Certificate creation can also be invoked by the context menu of the certificate list background or by the context menu of the request. In this case the Certificate input dialog is preset with the request to be signed. If a *CA certificate* is selected in the certificate list, this certificate will be preselected as issuing certificate. .. index:: certdetail (certdetail) Certificate details ------------------- The signer is the internal name of the issuers certificate in the database. Or *SELF SIGNED* if it is self signed or *SIGNER UNKNOWN* if the issuer's certificate is not available. The validity is set to *valid* if the certificate's dates are valid or to *Not valid* if they are not, compared to the internal time and date of the Operating System. If the certificate is revoked, the revocation date will be shown instead. On the *Subject* and *Issuer* tab the distinguished name is also displayed in a format defined in RFC2253 for copy&paste. Certificate validation ^^^^^^^^^^^^^^^^^^^^^^ For end entity certificates an OpenSSL certificate validation and purpose checking is executed and the result is shown in the *Validation* tab. The Error codes and their meaning can be found in the `OpenSSL documentation `_ or explained in more detail at https://x509errors.org/. XCA also displays the internal OpenSSL error keyword for a better lookup. The certificate purpose is described here: https://docs.openssl.org/master/man3/X509_check_purpose .. index:: certexport (certexport) Certificate Export ------------------ - **Clipboard:** Export certificates to the clipboard - **Clipboard format:** The format for the clipboard can be selected as follows: .. include:: export-x509-clp.rst - **File:** Export to external file. The filename can be selected in the export dialog and the Export format: .. include:: export-x509.rst - **Token:** Store certificate on the Security token containing the private key. - **Other token:** Store certificate on any Security token. When exporting PKCS#12 structures XCA asks later for an encryption password. Microsoft Cryptographic Service Provider (CSP) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ The PKCS#12/PFX export function will include the CSP from the comment section of the corresponding private key. The first line containing "CSP: " like **CSP: Microsoft Tatooine Sand Provider** will put the CSP Name into the PKCS#12 file. Certificate Transformation -------------------------- A certificate transformation creates a new database entry based on the selected certificate. - **Public Key:** Extract the public key from the certificate and store it in the Private Keys Tab. - **Request:** Create a PKCS#10 request by using the data from the certificate. The private key of the certificate must be available for this option. - **Similar Certificate:** Starts the Certificate input dialog preset with all values from the current certificate to create a new certificate. - **Template:** Create a XCA template with the values of the request. Certificate revocation ---------------------- Certificates can only be revoked, if the private key of the issuer's certificate is available. The certificate will be marked as revoked and the revocation date and reason will be stored with the CA certificate. If more than one unrevoked certificate of the same issuer is selected, all of them will be revoked at once with the same revocation date and reason. The context menu shows this by adding the number of selected certificates in squared brackets. To generate a CRL, revoke the appropriate certificates and select *CA->Generate CRL* in the context-menu of the signing certificate. Certificate renewal ------------------- Certificates can only be renewed, if the private key of the issuer's certificate is available. Renewal is done by creating a new certificate as a copy of the original one with adjusted validity dates. Use the *Revoke old certificate* check-box to automatically revoke the old certificate. Be careful with the "Keep serial number" option. A revocation will revoke both certificates, because they have the same serial number. It is recommended to either replace the old certificate or not use this option at all. If more than one certificate of the same issuer is selected, all of them will be renewed at once with the same validity dates. The context menu shows this by adding the number of selected certificates in squared brackets. CA special functions -------------------- The context menu of CA certificates contains the *CA* sub-menu, which makes the following functions available: - **Properties:** - **CRL days:** The days until the next CRL release. - **Signing Template:** The default template for issuing certificates. - **Generate CRL:** Generate the CRL by collecting all revoked certificates and their revocation date. - **Manage revocations:** Displays all revocations and allows to manipulate them. Non existing certificates may be revoked by adding the serial number of the certificate. It is not required anymore to keep revoked certificates in the database, because the revocation information is stored together with the CA certificate. xca-RELEASE.2.9.0/doc/rst/changelog.rst000066400000000000000000000000551477156507700174350ustar00rootroot00000000000000 Changelog ========= .. include:: changelog xca-RELEASE.2.9.0/doc/rst/commandline.rst000066400000000000000000000003241477156507700177730ustar00rootroot00000000000000 Commandline =========== XCA can be used without GUI to analyze PKI items and to generate CRLs and keys. In this case no X-Server connection is required (Linux) Arguments --------- .. include:: arguments.rst xca-RELEASE.2.9.0/doc/rst/common-actions.rst000066400000000000000000000170701477156507700204410ustar00rootroot00000000000000 Common Actions ============== Many actions are common to all cryptographic parts and are mentioned here once for all. The goal of this application is to provide an easy to use signing-tool and also a common place for all selected PKI items like requests or certificates. .. _columns: .. index:: columns (columns) Column Handling --------------- Column visibility can be changed by the context menu of the table header or the "columns" sub menu of the table context menu. It shows all available columns with check-boxes to show or hide them. - Column actions - **Reset** Reset column order and visibility to the default. - **Hide Column** Hide the current column. Only shown in the context menu of the column header. - Common columns - **Internal name** Name of the item in the database. - **No.** A simple counter to easily count the items. - **Primary key** Unique number to identify an item in the database. See :ref:`primary_key`. - **Date** Date of the appearance in this XCA database. See :ref:`date_and_source` - **Source** Origin of this item, See :ref:`date_and_source`. - **Comment** A multi-line free text input, see :ref:`comment`. - Certificate and request columns - **Subject** The complete subject name. - **Subject hash** Subject hash used by OpenSSL to lookup certificates. See https://www.openssl.org/docs/man1.0.2/apps/c_rehash.html - **Subject entries** Displays single entries of the subject. The list represents the content of the :ref:`objectids` file. - **X509v3 Extensions** Displays a textual representation of the selected extension. - **Key name** Internal name of the key in the private keys tab. - **Signature algorithm** Signature algorithm used to sign the certificate or request. - Request columns - **Signed** Whether the request is already signed or not. - **Unstructured name** CSR specific attribute. - **Challenge password** CSR specific attribute. - **Certificate count** Number of certificates in the database with the same public key. - Certificate columns - **CA** CA Basic Constraints flag - **Serial** Serial number - **MD5 / SHA1 / SHA256 fingerprint** Certificate fingerprint Columns can be resized and rearranged. This configuration is stored in the database and will be reassigned next time this database is opened. .. index:: import (import) Importing items --------------- The import of an item can be done by either clicking the import button on the right or via the context menu available by right clicking into the list. The import function is smart enough to probe all known formats independent of the file extension: Keys PEM private key, PEM public key, DER private key, DER public key, PKCS#8 private key, SSH public key. Requests DER request, PEM request Certificates DER certificate, PEM certificate (PKCS#12 and PKCS#7 certificates must be imported with an extra button, because they may contain more than one certificate and key) After selecting the filename XCA will probe for the known formats of that item and in case of an error it prompts the *last* OpenSSL error message. It is possible to select more than one file by selecting them with SHIFT click. Also the *Import* menu may be used to load items. Next to the file-types above, it also supports *PEM* import. PEM describes the encoding instead of the file-type. So a PEM file can be any type of private key, CRL certificate or CSR. This import facility discovers the type and loads it. When importing more than one Key, CRL, Certificate or Request all items are shown in a Multi-import dialog. When importing a PKCS#7 or PKCS#12 item, the contained keys and certificates are shown in the Multi-import dialog. By using the Multi-import dialog the items can be examined, imported or dropped. After reading the item it searches for this item in the database and if it is unique, the item is stored in the database. Otherwise it shows a message containing the internal name of this item in the database. Details of an Item ------------------ The details dialog can be accessed by double clicking the item, by the context menu or by the button on the right. The names of the issuers certificate and the corresponding key are click-able and their content will be shown on "double-click" Renaming an Item ---------------- An Item can be renamed via the context menu by right-clicking on the item, by pressing or by the *Rename* button on the right border. Deleting Items -------------- Items can be deleted by the button on the right or via the context menu. Certificate signing requests can be deleted when they got signed, because they are not needed anymore. The request can be recovered from the resulting certificate by transforming the certificate to a request. This is however only possible if you own the private key of the certificate. Multiple items may be selected to delete them all at once. Searching Items --------------- The displayed list of items can be reduced by the search-input at the bottom right. It affects all tabs. It does not only search inside the displayed columns but the whole content of the items. It searches the internal name, issuer, subject, extensions, PKCS#10 attributes and token provider. .. _internal_name: Internal name ------------- The internal name is only used inside the database and is intended to uniquely identify the items. In earlier versions of XCA this name had to be unique. This is not a requirement anymore. .. _date_and_source: Date and source of appearance ----------------------------- XCA tracks the time and source of any newly appeared item. Both can be seen when selecting *Properties* in the context menu of an item, or by enabling the *Source* or *Date* columns. The source may be one of the following - Imported: From a file or by pasting PEM data - Generated Created by XCA - Transformed Converted from an other item by the "transform" context menu - Token The device has been initially read from a hardware token - Legacy Database The item was already present in a legacy XCA database that did not track the Source information. The content of the date and source fields will never be part of an exported item. .. index:: comment (comment) .. _comment: Comment ------- XCA allows to insert multi-line comments for all items. They can be edited by the properties dialog. When showing the *Comment* column, it will display the first line of the comment field. XCA itself uses the comment field of certificates and requests to leave a note during important operations: - Applied templates during certificate or request generation - Generated keys during certificate or request generation - Signing date, time and internal name of the issuing CA when a request gets signed. - File name when the item got imported from a file. The content of the comment field will never be part of an exported item, except when explicitly selected during PEM export. .. _primary_key: Database primary key -------------------- When inserting an item into the database a new, unique id will be generated and used as primary key in the database. If the item shall be found in the database by external tools, the *items.id* can be used to uniquely identify the item. The internal name cannot be used, since it is not necessarily unique anymore. This ID will never be used outside the database. .. index:: itemproperties (itemproperties) Item properties --------------- Common properties can be displayed and edited for all items: - Internal name :ref:`internal_name` - Comment :ref:`comment` - Date and source :ref:`date_and_source` xca-RELEASE.2.9.0/doc/rst/database.rst000066400000000000000000000104751477156507700172610ustar00rootroot00000000000000 Database ======== .. index:: remote_db (remote_db) .. _remote_database: Remote Databases ---------------- XCA supports connections to network databases. Tested engines are: - MariaDB / mySQL - PostgreSQL - Microsoft SQLserver Table prefix '''''''''''' The table prefix can be used to store more than one XCA database in the same remote database. Database Drivers '''''''''''''''' The SQL backend drivers provided by the manufacturer of the database must be installed additionally to the Database support in XCA. Linux ..... The backend drivers are provided by your distribution: - **Debian**: *libqt6sql6-psql*, *libqt6sql6-mysql* or *libqt6sql6-odbc*. - **RPM**: *libqt6-database-plugin-pgsql*, *libqt6-database-plugin-mysql*, *libqt6-database-plugin-odbc* They should pull in all necessary dependencies. Apple macos ........... - **PostgreSQL**: Install the https://postgresapp.com/ - **ODBC**: It requires the /usr/local/opt/libiodbc/lib/libiodbc.2.dylib. When installing unixodbc via brew the library must be symlinked from /opt/homebrew/Cellar/libiodbc/3.52.16/lib/libiodbc.2.dylib - **MariaDB**: Since XCA-2.8.0 the MariaDB plugin is included in the xca.app bundle. No additional installation is required. Windows ....... - **PostgreSQL**: https://www.enterprisedb.com/downloads/postgres-postgresql-downloads (Commandline tools are sufficient). Add the *bin* directory of the Postgres installation directory to your PATH (C:\\Program Files\\PostgreSQL\\16) - **ODBC**: Use the *ODBC Datasources 64bit* app to configure the SQL Server. If the data source is configured completel, only the matching DSN is required in the XCA connection settings. - **MariaDB (MySQL)**: Install the Plugin from here: https://github.com/thecodemonkey86/qt_mysql_driver. Select the MinGW variant and install it as documented. Driver specific configurations .............................. Additional options for the database connection can be set in configuration files. They must be put in the XCA configuration directory, which is displayed in the about dialog. If there is already a file called *dbhistory* then you know you are in the right place. The options-file must be named after the database driver, e.g. *QPSQL*, *QMYSQL* or *QODBC* optionally followed by a dash and the database-hostname (exactly as used in the connection settings including an optional port number) and a *.options* extension. Examples: - QMYSQL-192.168.12.13.options - QPSQL.options Also the environment variable XCA__OPTIONS may be used to set the options. The file must contain the options as ; separated key=value pairs. The recognized options depend on the database driver. See: - https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-PARAMKEYWORDS for PostgreSQL and - https://doc.qt.io/qt-6/sql-driver.html#connection-options for MySQL and - https://doc.qt.io/qt-6/sql-driver.html#odbc-unicode-support for ODBC. .. _extracting-items: Extracting items ---------------- .. highlight:: bash The sqlitebrowser may be used to examine the elements of the database. The database schema is documented :ref:`database-schema` All cryptographic items are stored as base64 DER format and must be decoded before feeding them to OpenSSL:: | base64 -d | openssl -inform DER ... Extract the private key with internal name 'pk8key' from the database:: sqlite3 ~/xca.xdb "SELECT private FROM view_private WHERE name='pk8key'" | base64 -d | openssl pkcs8 -inform DER Extract the certificate with internal name 'rootca' from the database:: sqlite3 ~/xca.xdb "SELECT cert FROM view_certs WHERE name='rootca'" | base64 -d | openssl x509 -inform DER Extract the public part of a key by database primary key:: sqlite3 ~/xca.xdb "SELECT public from view_public_keys WHERE id=3" | base64 -d | openssl pkey -inform DER -pubin Extract a CRL:: sqlite3 ~/xca.xdb "SELECT crl FROM view_crls WHERE name='ca'" | base64 -d | openssl crl -inform DER Modify the comment of an item with id 3:: sqlite3 ~/xca.xdb "UPDATE items SET comment='My notes' WHERE id=3" The item names are not required to be unique anymore. Each table view in XCA has an optional column "Primary key" that may be shown to get the ID of the item in the database. .. _database-schema: Schema ------ .. literalinclude:: database_schema.sql :language: sql xca-RELEASE.2.9.0/doc/rst/index.rst000066400000000000000000000011651477156507700166200ustar00rootroot00000000000000.. XCA documentation master file, created by sphinx-quickstart on Fri Apr 2 10:32:00 2021. You can adapt this file completely to your liking, but it should at least contain the root `toctree` directive. ======================================== XCA - X Certificate and Key management ======================================== .. toctree:: :maxdepth: 2 :caption: Contents: introduction miscellaneous commandline common-actions certificate-input smartcard privatekey requests certificates template revocationlist options object-ids step-by-step database changelog xca-RELEASE.2.9.0/doc/rst/introduction.rst000066400000000000000000000052401477156507700202300ustar00rootroot00000000000000 .. admonition:: Abstract This application is intended for creating and managing X.509 certificates, certificate requests, RSA, DSA and EC private keys, Smart-cards and CRLs. Everything that is needed for a CA is implemented. All CAs can sign sub-CAs recursively. These certificate chains are shown clearly. For an easy company-wide use there are customisable templates that can be used for certificate or request generation. All cryptographic data is stored in a SQL database. SQLite, MySQL (MariaDB), PostgreSQL and MicrosoftSQL (ODBC) databases are supported. Introduction ============ This application is intended as certificate- and key-store and as signing application issuing certificates. All data structures (Keys, Certificate signing requests, Certificates and Templates) can be imported and exported in several formats like DER or PEM. Import means reading a file from the filesystem and storing the data structure into the database file, while exporting means to write the data structure from the database file to the filesystem to be imported into an other application. When opening a new database the first time, it needs a password to encrypt the private keys in the database. This is the default password. Every time this database is opened the application asks for the password. This input dialog may be canceled and the database is still opened successfully. However, the access to the keys is not possible without supplying the correct database password every time a key is used. When setting an empty password, XCA will never ask again for a password when opening this database. This can be useful when playing around with test certificates or if all private keys are on security tokens. The database password can be changed by the Menu item *Extra->Change DataBase password* The different cryptographic parts are divided over 5 Tabs: Keys, Requests, Certificates, Templates and Revocation lists. All items can be manipulated either by a context menu available by right-clicking on the item, or by using the buttons at the right border. Every item is identified by an internal name which is always shown in the first column as long as the columns are not reordered by the user. File Formats ------------ There are several default file formats to exchange cryptographic data with other applications. DER : Distinguished Encoding Rules is the binary ASN.1 encoding of the data. PEM : Privacy Enhanced Mail is the base64 encoded version of the DER formatted data with additional header and footer lines to be transported via e.g. E-mail. PKCS#X : Public Key Cryptography Standards published by https://www.rsa.com Copyright --------- .. include:: COPYRIGHT xca-RELEASE.2.9.0/doc/rst/miscellaneous.rst000066400000000000000000000060271477156507700203560ustar00rootroot00000000000000 Miscellaneous ============= Updating -------- Usually XCA knows database formats used in previous versions and does an automatic upgrade of the database if necessary when opened the first time. *Updating from versions earlier than 2.0.0* Older versions of XCA used a simple serial proprietary database for storing the cryptographic items. Starting with version 2.0.0 this has changed to SQL. The main disadvantage of the old format leading to the switch to SQL was the inaccessibility by external tools. Since years users ask for command-line access to the database. The new database can be queried by external tools like `sqlite3` or `sqlitebrowser` to extract, verify or modify content. Please see :ref:`extracting-items` .. Note:: To convert legacy XCA databases, XCA <= 2.4.x is needed. Newer versions of XCA cannot read the old format anymore. .. Danger:: Please be careful with older XCA versions. XCA before 1.4.0 will overwrite the new SQLite database during database open. For file based databases, the SQLite database format is used. Since XCA uses SQL, it can also be connected to a network database. The databases *MariaDB (mySQL)* *PostgreSQL* and *Microsoft SqlServer* are tested. Please use the *Open Remote DataBase* menu item to connect to a remote host. Download -------- The most recent stable version of XCA can be downloaded from http://hohnstaedt.de/xca/index.php/download The current (unstable) HEAD of development can be downloaded and tested via https://github.com/chris2511/xca/ Please do not hesitate to contact me for information about branches. DH Parameters -------------- Diffie Hellman parameters can be created by XCA. It does neither need nor use the parameters. Applications like OpenVPN however need them and so XCA provides this functionality for users convenience. Entropy sources for XCA ----------------------- Entropy is a very important topic for key generation. OpenSSL comes with a good pseudo random number generator. XCA seeds it very thoroughly. 1) During startup - The OpenSSL seeding mechanism `RAND_poll()`. It uses */dev/urandom* where possible and the screen content on Windows. - XCA also tries to pull at most 256bit from */dev/random* and */dev/hwrng* each. - A *.rnd* state file in the XCA application directory is read on startup and erased afterwards to avoid replays. 2) Before any key or parameter generation, a "re-seeding" is done. Some say re-seeding is not necessary, but all say it does not harm. - XCA collects entropy by mouse and keyboard events and its timing. `XcaApplication.cpp: bool XcaApplication::eventFilter()` We are on a desktop host after all. - 256bit from */dev/urandom* (unix/Mac) 3) A *.rnd* state file in the XCA application directory is written whenever XCA finishes. 4) When managing a token or generating a key on a token that supports `C_GenerateRandom` and `C_SeedRandom`, XCA will: - Seed the token with own random data. - Seed the OpenSSL CSPRNG by random bytes from the token. xca-RELEASE.2.9.0/doc/rst/object-ids.rst000066400000000000000000000056241477156507700175400ustar00rootroot00000000000000 .. _objectids: Object IDs ========== Private Object IDs and OID lists for the distinguished name or extended key usage can be added in files listed below. The files are: - **oids.txt:** additional Object IDs - **eku.txt:** Content of *ExtendedKeyUsage* - **dn.txt:** Content of *DistinguishedName* The search path for all the files is listed below. All files except *oids.txt* are searched in the order listed below and search stops at the first file found. The *oids.txt* file is searched in reversed order and all *oids.txt* files found are loaded. - Unix - $HOME/.xca/ - /etc/xca/ - PREFIX/share/xca/ (PREFIX is usually /usr or /usr/local) - Windows - CSIDL_APPDATA\xca, which is something like C:\\Documents and Settings\\username\\Application Data\\xca or C:\\Users\\username\\AppData\\Roaming\\xca - Installation directory e.g.: `C:\\Program Files\\xca` - MacOSX - $HOME/Library/Application Support/data/xca - /Applications/xca.app/Resources The path of the user settings directory depends on the operating system and version. The path where XCA looks for this file is shown in the *About* dialog of XCA as *User settings path*. .. _new_oids: New OIDs -------- All Object IDs that are not official, but belong to your company or organisation can be added in the file *oids.txt*. All possible locations for this file are searched and all *oids.txt* files found are loaded. This way the application-installer adds some in */usr/share/xca*, the Administrator in */etc/xca* and the user in *$HOME/.xca*. The format of this file is: *OID*:*shortname*:*longname* Leading and trailing spaces between the colons and the text are ignored. Lines starting with a *#* are ignored. OID lists --------- The files containing OID lists (*eku.txt, dn.txt*) are handled in a different way, only the first one found is used. The format of this files is one entry per line. The entry can be either the numerical OID like *1.3.6.1.5.5.8.2.2*, the short name like *iKEIntermediate* or the long name *IP security end entity*. Lines starting with a *#* are ignored. If this files shall contain new in-official OIDs, they must be also mentioned in one of the *oids.txt* files. Configure Subject entries ------------------------- If you want to / need to add your own company specific subject entry to your certificate it can be done without recompiling XCA. 1) Add its OID with short name and long name to one of the *oids.txt* file listed in :ref:`new_oids` like: *1.3.6.1.4.1.12345.1: zodiacSign: Zodiac Sign* 2) Add the OID, short name or long name to the first read *dn.txt* On Linux: `cp /usr/share/xca/dn.txt ~/.xca/dn.txt && echo "zodiacSign" >> ~/.xca/dn.txt` 3) Start XCA, open your database and goto *Options->Distinguished name*. In the *Explicit subject entries* select *Zodiac Sign*, click *Add*, move it by dragging it in the list and click OK when satisfied. 4) Create a new certificate and see. xca-RELEASE.2.9.0/doc/rst/options.rst000066400000000000000000000101041477156507700171750ustar00rootroot00000000000000 .. index:: options (options) .. _options: Options ======= The options dialog can be found in the file menu. All options are saved in the database and do not depend on the operating systems registry or configuration files. - String settings This option applies to all strings converted to ASN1 strings. The selected string type is automatically set to the smallest possible and allowed type, covering all contained characters. The list of allowed string types can be selected: - **PKIX in RFC2459 (default):** All string types are set as described in RFC2459 - **No BMP strings:** All strings containing non printable characters are regarded as errors. - **PKIX UTF8 only:** All string types are selected according to RFC2459 for entities issued after 2004, which means that almost all distinguished name entry types are set to UTF8. - **All strings:** All string types are allowed. - Default hash algorithm Older Windows versions and OpenSSL versions can not handle SHA256 and SHA512. This option allows to set the hash algorithm to SHA1 for instance. - Suppress success messages After importing and generating new items a success message is shown. This switch disables the messages. - Don't colorize expired certificates Since version 0.9.2 the expiration dates of certificates will be colorized. Red means expired or not yet valid. Yellow indicates certificates that only have 4/5 of their lifetime until expiration. The CRL expiration date will be marked red 2 days before expiration. With this option, the colorization can be disabled. - Translate established x509 terms It is usually more clear to read "commonName" instead of e.g (german) "Allgemeine Bezeichnung". Same is true for "Extended key usage" or "Basic constraints". With this setting the translated terms are shown and the Tool-Tip of the entry shows the established term. If not set, the established term will be displayed and the Tool-Tip contains the translation. - Only use hashes supported by the token when signing with a token key The PKCS#11 token does probably not support all possible hashes for a signature operation. I.e. the EC and DSA signing algorithms are currently only defined with SHA1 in the PKCS#11 specification. XCA does the hashing part of the digital signature in software outside the token and uses the token to sign the hash. That's why XCA may use additional hashing algorithms like ecdsaWithSha256. If other applications that probably use the token hashing algorithms shall use the token, this option should be set. - Disable legacy Netscape extensions With this option set the input and use of the legacy Netscape extensions will be suppressed. The certificate input dialog has no Netscape tab, the request and certificate columns don't show the Netscape extensions and when applying a template or converting certificates, the Netscape extensions are removed. However, the details of certificates and requests still show the Netscape extensions if they exist. - Mandatory subject entries A list of mandatory distinguished name entries may be specified to get a warning, whenever issuing a certificate that lacks one or more listed entries. This requirement is not checked when editing templates, because templates may have empty entries that will be filled during the rollout of the certificate. - Explicit subject entries This list may be used to change the list of the usual 7 distinguished name entries shown in the subject tab of the Certificate / Request / Template generation dialog to better fit ones needs. When activating the *Dynamically arrange explicit subject entries* option, the explicit entries are rearranged by the name to be edited. If the name is empty, the entries are unchanged. Otherwise, the entries of the name to be edited are displayed first, followed by the entries of the list above not mentioned in the name to be edited. - PKCS#11 provider Here you can select the path to one or more PKCS#11 libraries on your system. If the list is empty, the *Token* menu will be unavailable. xca-RELEASE.2.9.0/doc/rst/privatekey.rst000066400000000000000000000074751477156507700177060ustar00rootroot00000000000000 .. index:: keydetail (keydetail) .. _keys: RSA, DSA and EC Keys ==================== For creating certificates, keys are needed. All keys are stored encrypted in the database using the PKCS#8 AES algorithm. The password can be changed for each key. .. index:: keytab (keytab) The password type means: common: The database password provided during database load. private: The key is encrypted with an individual passphrase, which is not stored by XCA. This can be set and reset via the context menu of the key. PIN: Security tokens are usually protected by a PIN. No password: Public keys don't need a password. All keys carry a use counter which counts the times it is used in requests or certificates. When creating new requests or certificates the list of available keys is reduced to the keys with a use counter of 0. This can be overridden by the check-box next to the key list. Keys should *never* be used multiple times. When importing an EC key with explicit curve parameters, the corresponding curve OID is searched and set if found. - Private Key columns - **Type** One of *RSA*, *DSA*, *EC*, *ED25519*. - **Size** Key size in bits. - **EC Group** Curve name of the EC key. - **Use** Number of certificates and requests in the database using this key. For new certificates and requests only unused or newly generated keys should be used. - **Password** Protection of the key. See :ref:`keys` .. index:: keygen (keygen) Generating Keys --------------- The dialog asks for the internal name of the key and the key-size in bits. For EC keys, a list of curves is shown. It contains all X9.62 curves and many others. For ED25519 keys no further information is required. Even if the size drop-down list only shows the most usual key sizes, any other size may be set here by editing this box. While searching for random prime numbers a progress bar is shown in the bottom of the base application. After the key generation is done the key will be stored in the database. When checking the *Remember as default* box, the settings (Key-type, key-size or EC curve) will be remembered and preset for the next key generation dialog. This option is not available when generating keys on 'ref'`token`. For every connected token providing the Key-Generate facility, an entry in the drop-down menu of the key-types will be shown. It contains the name of the token and the valid key-sizes. In case of EC keys generated on a token, the list of possible curves is restricted based on information provided by the token (Key size and FP/F2M). The token may support even less ECParameters / OIDs. When selecting an unsupported EC curve an error will occur. Please consult the documentation of the provider of the PKCS#11 library. .. index:: keyexport (keyexport) Key Export ---------- Keys can be exported by either selecting the key and pressing *Export* or by using the context-menu. - **Clipboard:** Export the private or public key to the clipboard - **Clipboard format:** The format for the clipboard-export can be selected as follows: .. include:: export-key-clp.rst - **File:** Export to external file. The filename can be selected in the export dialog and the Export format: .. include:: export-key.rst The filename is the internal name plus a *pem*, *der*, *pk8*, *pub* or *priv* suffix. When changing the file-format, the suffix of the filename changes accordingly. Only PKCS#8 or PEM files can be encrypted, because the DER format (although it could be encrypted) does not support a way to supply the encryption algorithm like e.g. *DES*. Of course, encryption does not make sense if the private part is not exported. When exporting the key via SQL from the database, see :ref:`extracting-items` openssl asks for the password, which is either the database password or its own password in case the password type is *private*. xca-RELEASE.2.9.0/doc/rst/requests.rst000066400000000000000000000055551477156507700173730ustar00rootroot00000000000000 .. index:: csrdetail (csrdetail) .. _csr: Certificate Signing Requests ============================ Certificate signing requests are described in PKCS#10 standard. They are used to supply a Certification Authority with the needed information to issue a valid certificate without knowing the private key. This includes personal information, the public key and additional extensions. It is not necessary to generate a request prior to signing it by your CA or before self-signing it. Simply start generating the certificate directly. People using the OpenSSL command line tools are used to generate a request with `"openssl req -new ...` and then signing it. This is not necessary with XCA. Tracking signed CSR with XCA can be done by the *Signed* and *Certificate count* columns of the certificate signing request tab. The *Signed* column is an information stored in the database whenever a CSR was used to issue a certificate. Also an automatic comment is left in the comment of the CSR in this case. It does not depend on the certificate remaining in the XCA database. The *Certificate count* column on the other hand displays the number of currently available certificates with the same public key in the database. .. index:: csrgen (csrgen) Generating a new Request ------------------------ After clicking on the *New Request* button, the Certificate dialog will be started to ask all needed information for generating a new Request. See: :ref:`wizard` The request generation can also be invoked by the context menu of a certificate *Transform->Request*. This menu point is only available if the private key of the certificate is available. In this case all needed data is copied from the certificate and the Certificate dialog is not invoked. .. index:: csrexport (csrexport) Request Export -------------- Requests can be exported by the context-menu or by the button on the right. - **Clipboard** Writes all selected requests in PEM format to the Clipboard. - **File:** Write the request into a file. The filename can be selected in the export dialog and the Export format: .. include:: export-request.rst The OpenSSL config file format can be used to generate a similar request with openssl `openssl req -new -config ` Request Transformation ---------------------- A request transformation creates a new database entry based on the selected request - **Template** Create an XCA template with the values of the request. - **Public Key** Extract the public key from the request and store it in the Private Keys Tab. - **Similar Request** Starts the Certificate input dialog preset with all values from the current request to create a new request. Request Details --------------- All information contained in the request are shown. If the key-store contains the private key corresponding to the request the keys internal name is shown in the *Key* field, which can be clicked to show it. xca-RELEASE.2.9.0/doc/rst/revocationlist.rst000066400000000000000000000051021477156507700205510ustar00rootroot00000000000000.. index:: crldetail (crldetail) Certificate Revocation Lists ============================ All certificates are issued for a restricted period of time. However it may happen that a certificate should not be used or becomes invalid before the *not after* time in the certificate is reached. In this case the issuing CA should revoke this certificate by putting it on the list of revoked certificates, signing the list and publishing it. .. index:: crlgenerate (crlgenerate) Generation of CRLs ------------------ In XCA this can be done by the context-menu of the CA and the *revoke* entry in the context-menu of the issued certificate. First all invalid certificates must be marked as revoked and then a Certificate Revocation List should be created and will be stored in the database. The validity times define start and expiry date of the CRL. The default interval can be configured in the :ref:`ca_properties` dialog. The options section allows to select, whether the Subject Alternative Name and the Authority Key Identifier of the issuing CA should be placed into the CRL. The CRL Number (https://tools.ietf.org/html/rfc5280#section-5.2.3) will be tracked by XCA and updated on every use. There is also a commandline option to issue a CRL: .. code-block:: bash xca --crlgen="My Ca" --pem --print .. index:: crlexport (crlexport) CRL Export ---------- Certificate Revocation Lists can be exported by the context-menu or by the button on the right. - **Clipboard** Writes all selected requests in PEM format to the Clipboard. - **File:** Write the request into a file. The filename can be selected in the export dialog and the Export format: .. include:: export-revocation.rst .. index:: crlmanage (crlmanage) Manage revocations ------------------ Revoked certificates may be managed without the revoked certificate in the database. The revocations are stored inside the database for each CA with revocation date, revocation reason and invalidation date. They get automatically updated when importing a CRL of this CA or by manually revoking an issued certificate. The Manage revocations dialog is accessible by the CA submenu of the context menu of the CA. Entries can be added, deleted and modified. .. index:: crlrevocation (crlrevocation) Revocation properties --------------------- The certificate revocation happens by the CA at the *revocation date* which is the time when the revocation is performed. The *invalidity date* can be set to an earlier time in this dialog. The *revocation reason* is explains why the certificate has been revoked. https://tools.ietf.org/html/rfc5280#section-5.3 xca-RELEASE.2.9.0/doc/rst/smartcard.rst000066400000000000000000000202431477156507700174670ustar00rootroot00000000000000 .. _token: Smart-cards =========== Since XCA 0.8.0 the use of Smart-cards (Security tokens) is supported. It is based on the PKCS#11 standard. The Options dialog contains a list to add one or more PKCS#11 providers (libraries). This is not restricted to Smart-cards but includes all type of security tokens like USB tokens. Up to version 1.0.0 only RSA keys on security tokens were supported. Since version 1.1.0 XCA also supports EC and DSA private keys on security tokens. Once again: This software comes with no warranty at all! If XCA transforms your security token into a fridge, don't blame me. For me everything worked fine and I tested it thoroughly. On Linux the package *opensc* should be installed. Please read the opensc documentation for more details. Generally: if the opensc command-line-tool *pkcs11-tool -L* shows reasonable output, XCA will work. Otherwise fix the opensc setup. I had a functional setup with a "Reiner SCT" and a DELL keyboard with integrated card reader and TCOS Netkey E4 cards. I also used Aladdin Etoken very successfully (Thanks for support!). The Aladdin PKCS#11 library supports all needed features very well. The ECC token support was tested with the https://www.cardcontact.de ECC tokens. The OpenDNSSEC SoftHSMv2 was used as PKCS#11 reference implementation to test all the token algorithms and certificate and key download functionality to the token. Before the keys of a token can be used, they must be imported into XCA. This means that XCA reads the token and shows the keys and certificates on the token. They can then be imported partially or completely via the Multi-import dialog to be used by XCA. It is not unusual that a token contains more than one key or certificate. It is of course possible to create your own keys on the token. When selecting a token-key for signing, XCA verifies that the corresponding token is available. If the Card reader supports a secure PIN input by a built-in keyboard, it will be used by XCA and it will not ask for the PIN but waits for the Pin-pad input. The following actions with smart-cards are supported: - Import keys and certificates from the token. (Token->Manage Security token) - Everything you can do with other keys can be done with tokens, too. - On export, only the Public key is exported. - Change the PIN and SO PIN of a token. - Create a key on the token. (Button New Key) - Store an existing key or certificate on the token. (Context menu of the item) - Delete certificates and keys from the token. (Context menu of the item) - Initialize cards and the user PIN via SO PIN Existing, non-deletable, built-in certificates of Smart-cards may be ignored. A new CA certificate can be created and self-signed by the Smart-card key. It can then be used to issue end-entity certificates, containing other RSA, DSA or EC keys, sign imported certificate requests or generate CRLs. Key Management on the Token --------------------------- XCA assumes for every private key on the card a corresponding public key. When managing cards, XCA only searches for public keys. There is thus no need to enter a PIN. When using the key for signing the corresponding private key on the card is selected and a PIN must be entered. Accordingly, every time a key is generated on the card, a public/private key-pair is generated. Every time a key is stored on the card, XCA creates a public and a private key object. Firefox always only looks for private keys on the card. If XCA does not show a key, which is however recognized by Firefox a missing public-key object is the cause. The Token Menu --------------- The menu item: *Token* is accessible if a PKCS#11 library was loaded and initialized. Managing Smart-cards .................... Security token specific operations are collected below the menu-item *Token* Manage Security Token ''''''''''''''''''''' This is the Multi import dialog, which allows to view and select the items to be imported. When started it reads the content of the selected token. Additionally, it shows token information in the bottom-right corner and allows to delete and rename items directly on the token. Initializing Tokens ''''''''''''''''''' Initializing tokens is done via the menu item *Initialize token*. During this process either a new SO PIN must be supplied or the old SO PIN must be given. Additionally XCA asks for the label of this token. After this operation succeeded, the User PIN is uninitialized and must be initialized via *Init PIN* Deleting Items from the Token ''''''''''''''''''''''''''''' Just delete the item as usual. XCA will then ask whether the item shall also be removed from the token. Items on the token that were not yet imported can be deleted via the "Manage security token" menu. Changing PINs ''''''''''''' The User PIN and SO PIN can be changed via the *Token* menu and also via the key context-menu. In this case the correct token containing the key will be enforced. Tested Providers ................ The following providers were used for testing: 1) OpenSC: default provider for a lot of different cards and readers. Deleting keys or certificates is currently not supported. - The support of Netkey 4E cards is currently restricted. Only import and using the keys and certificates is possible. - Feitian PKI cards work with the following restrictions: - The cards must be initialized outside XCA with *pkcs15-init* - Storing keys onto the card crashes because of *assert(0)* in card-entersafe.c in opensc-0.11.13 - Deleting items does not work, because it is not implemented in opensc-0.11.13/card-entersafe.c. 2) Aladdin eToken PKIclient-5.1: Works perfectly. Read public keys from the token, write private keys to the token, generate keys on the token, write certificates to the token and delete them from the token. - Linux only: OpenCryptoki (IBM): may be used as a pure software token, but also supports TPMs and other IBM crypto processors - https://www.cardcontact.de OpenSC branch supports RSA and EC Keys. Downloading keys to the token is not supported. - OpenDNSSEC SoftHSMv2 supports all mechanisms in software. A great reference to test the PKCS#11 library interface. Tested compatibility with other applications ............................................ For interoperability tests I used the Aladdin eToken together with the Aladdin PKIclient 5.1 software and OpenSC with the Feitian PKI-card. - Aladdin: /usr/lib/libeTPkcs11.so - Feitian: /usr/lib/opensc-pkcs11.so (default) I initialized the token as follows: - Generate CA certificate with software key - Generate server certificate with software key - Generate client certificate with a key generated on the token - Generate 2nd client certificate with software key - Copy the software-key of the 2nd client certificate onto the token - Copy the 2 client certificates onto the token - Export CA certificate as PEM (ca.crt) - Export server cert as PKCS12 without password (server.p12) - Export server cert as "PEM Cert + key" without password (server.pem) for Apache2 Firefox / Mozilla -> Apache ........................... - Enable PKCS#11 token in Firefox: - *Edit->Preferences->Advanced:* (Security Devices): (Load) Load PKCS#11 Device: /usr/lib/libeTPkcs11.so - Import CA certificate: *Edit->Preferences->Advanced:* (View Certificates) (Authorities): (Import) - Prepare apache config with: .. code-block:: apache SSLEngine on SSLCertificateFile /etc/apache2/ssl/server.pem SSLCertificateKeyFile /etc/apache2/ssl/server.pem SSLCertificateChainFile /etc/apache2/ssl/ca.crt SSLCACertificateFile /etc/apache2/ssl/ca.crt SSLVerifyClient require SSLVerifyDepth 10 - Connect with Firefox to the server. Firefox will prompt you to select one of the 2 client certificates. Both work. OpenVPN ....... The relevant server config is as follows: .. code-block:: apache pkcs12 server.p12 The client config is: .. code-block:: output ca ca.crt pkcs11-providers /usr/lib/libeTPkcs11.so pkcs11-id 'Aladdin\x20Knowledge\x20Systems\x20Ltd\x2E/eToken/002882d2/F\xC3\xBCr\x20den\x20Firefox/D1A7BFF94B86C061' The pkcs11-id can be obtained with the command: .. code-block:: bash $ openvpn --show-pkcs11-ids /usr/lib/libeTPkcs11.so xca-RELEASE.2.9.0/doc/rst/step-by-step.rst000066400000000000000000000153751477156507700200550ustar00rootroot00000000000000 Step by Step guides =================== Beginners may follow these steps to easily create their first certificates. This guide shows the minimal requirements for various tasks. For more advanced use of XCA, users are encouraged to familiarize themselves with the applicable standards. Create a new Database --------------------- If the New Certificate button is greyed out you first need to create a new database. If you have a database already you may need to open it instead. 1) Click the File menu. 2) Click New Database. 3) Type the name of the new database into the file selector box. 4) Enter a password into the New Password dialog. 5) Click the *OK* button at the bottom. Setting up a Root CA Certificate -------------------------------- 1) Click the *Certificates* tab. 2) Click the *New Certificate* button. 3) Make sure the *Source* tab is showing, clicking it if necessary. - At the bottom of the panel, ensure that the *default CA* template is showing, and click the *Apply all* button. This will fill in appropriate values under the *Extensions*, *Key Usage*, and *Netscape* tabs. 4) Click the *Subject* tab. - Type in the internal name; this is for display purposes in the tool, only. - Fill in the required fields in the upper Distinguished Name section (Country name, State/Province, Locality, Organization, Common name, E-Mail address). The common name can be something like "ACME Certificate Authority". - If you want to add in any additional parts to the distinguished name, use the *Add* button. - Select the desired private key or generate a new one. 5) Click the *Extensions* tab. - The Time Range is probably fine (10 years). If you want to change the duration, then change it and click *Apply*. 6) The CRL distribution point will be part of the issued certificates. It should however be thought about a common URL for all of them like *http://www.example.com/crl/crl.der* 7) Click the *OK* button at the bottom. You may wish to now issue an (initially) empty CRL. Follow the instructions given for issuing CRLs below, except that you do not actually revoke any certificate. Creating a CA-Signed Host Certificate ------------------------------------- 1) Click the *Certificates* tab. 2) Click the *New Certificate* button. 3) Make sure the *Source* tab is showing, clicking it if necessary. - At the bottom of the panel, select the template "(default) TLS_server" (or another suitable template, if you have created your own) and click the *Apply* button. This will fill in appropriate values under the *Extensions*, *Key Usage*, and *Netscape* tabs. - In the Signing section, select the certificate that will be used to sign the new certificate. 4) Click the *Subject* tab. - Type in the internal name; this is for display purposes in the tool, only. For host certificates, the host FQDN (fully qualified domain name) is not a bad choice. - Fill in the required fields in the upper "Distinguished Name" section (Country code, State/Province, Locality, Organization, Common name, E-Mail address). For host certificates, the common name must be the FQDN to which you wish users to connect. This need not be the canonical name of the host, but can also be an alias. For example, if *pluto.example.com* is your web server and it has a DNS CNAME entry of *www.example.com*, then you probably want the Common Name value in the certificate to be *www.example.com*. - If you want to add in any additional parts to the distinguished name, use the drop-down box and *Add* button. - Select the desired private key or generate a new one. 5) Click the *Extensions* tab. - Change the Time Range if desired and click *Apply*. - In the event that you need to revoke any certificates in the future, you should designate a certificate revocation list location. The location must be unique for this root certificate. XCA exports CRLs in either PEM or DER format with appropriate suffixes, so this should be considered when selecting the URL. Selecting a URI something like *http://www.example.com/crl/crl.der* is probably suitable. On the "CRL distribution point" line, click the *Edit* button. Type in the desired URI, then click *Add*. Add in any additional desired URIs in the same fashion. Click *Validate* and *Apply*. (Alternate mechanisms such as OCSP are beyond the scope of this guide.) - Click the OK button at the bottom Creating a Self-Signed Host Certificate --------------------------------------- This procedure is almost identical to that of creating a CA-Signed certificate with the following exceptions: 1) When creating certificate, select "Create a self signed certificate" under the *Source* tab. 2) Self-signed certificates cannot be revoked, so the CRL URI should be blank. Setting Up A Template --------------------- If you have, or expect to have, multiple hosts under one domain and signed by the same root certificate, then setting up a template for your hosts can simplify host certificate creation and improve consistency. The values of templates can be applied on the first tab of the certificate-generation dialog. It can be selected, whether the subject, the extensions or both parts of the template will be applied. This way a subject-only template may be defined and later applied together with the TLS_client or TLS_server template. 1) Click on the *Templates* tab. 2) Click on the *New Template* button 3) Select an appropriate value for the Preset Template Values, then click *OK* 4) Under the *Subject* tab, specify an internal name for the template. 5) Fill in (or modify) any values that you wish to be populated when using the template. Leave the rest blank (notably the "Common Name" field). 6) When all desired fields are filled in, click the *OK* button at the bottom of the window. Your template is now ready for use when creating new certificates. Alternatively, you may export an existing Certificate or Certificate signing request to a template by the Export-context menu of the item. Revoking a Certificate issued by a CA ------------------------------------- 1) Click the *Certificates* tab. 2) Right-click on the certificate that you want to revoke and select *Revoke* 3) Right-click the CA certificate that was used to sign the certificate being revoked. Select *CA* --> *Generate CRL* 4) Click the *OK* button in the *Create CRL* dialog. 5) Click on the *Revocation lists* tab in the main window. 6) Right-click on the CRL you just generated and select *Export*. Select the desired format (probably DER) and click *OK* 7) Copy the exported CRL to the location published in the issued certificate's CRL Distribution Points. 8) Optionally, delete older CRLs for the same CA certificate. xca-RELEASE.2.9.0/doc/rst/template.rst000066400000000000000000000020251477156507700173200ustar00rootroot00000000000000 Templates ========= Templates are special to XCA and not interchangeable with other applications. They store all information to create certificates or requests. To use templates, just create a new certificate or request and apply one of the templates (or parts of it) in the *Source* Tab. Usually you have the distinguished name parts, that never change and properties (extensions) that define the use of the certificate. You may apply the whole template or only the subject or only the extensions. Next to the 3 default templates for CA, TLS server and client certificates, customized templates may be created. Templates are not signed, they are just a collection of common values for different certificates. Therefore XCA does not care if any duplicates exist in the list of templates. An easy way to create templates is to export an existing certificate or PKCS#10 request to a template. Just select *Transform->Template* in the context-menu of the item. The private key of the Certificate or Request is not required for this operation. xca-RELEASE.2.9.0/doc/xca.1.head000066400000000000000000000015531477156507700157050ustar00rootroot00000000000000.TH XCA 1 .SH NAME .B xca \- X Certificate and key management .br A GUI for handling X509 certificates, RSA/DSA/EC keys, PKCS#10 Requests and CRLs in Software and on Smartcards. .SH SYNOPSIS .B xca .RI [ OPTIONS ] .br .SH "DESCRIPTION" This application is intended as CA, certificate- and Key store. It uses a SQL database to store the items. By default this is SQLite3, but MySQL and PostrgreSQL are also tested and supported. Known types are Certificate signing requests (PKCS#10), Certificates (X509v3), RSA, DSA and EC keys and Certificate revocation lists. The signing of requests, and the creation of self-signed certificates is supported. Both can use templates for simplicity. The PKI structures can be imported and exported in several formats like PKCS#12, PEM, DER, PKCS#8, PKCS#7. .br XCA enables users to manage smartcards via the PKCS#11 interface .SH OPTIONS xca-RELEASE.2.9.0/doc/xca.1.tail000066400000000000000000000037431477156507700157400ustar00rootroot00000000000000.SH ENVIRONMENT VARIABLES Some more or less useful environment variables are evaluated by xca .TP .B XCA_NO_GUI=1 Do not start the graphical user interface forcefully. Same as \fB--no-gui\fP argument. If both were not given, XCA tries to be smart and looks at the other arguments to judge whether to start the GUI or not. .TP .B XCA_DEBUG= The environment variable .B XCA_DEBUG controls the dynamic debugging. The format is a comma separate list of pattern. Each pattern is: \fBall|[-]|[-]:[-]\fP A leading dash skips the match. The \fIfirstline\fR and \fIlastline\fR may be empty and will be replaced by the first and last line of the file. If \fI-\fR is omitted then only the exact line number of \fIlastline\fR is matched. .br Example: \fIXCA_DEBUG=all,-timerEvent\fR Log everything but skip the annoying timerEvent messages. .br Example: \fIXCA_DEBUG=pki_base.cpp:100-,-pki_base.cpp:340\fR Log pki_base Messages from line 100 up to the last line, except line 340. .TP .B XCA_ABORT_ON_WARNING=1 Developer option to crash into debugger in case of a warning-level log message. Documented for completeness. Not useful for non-developers .TP .B XCA_PORTABLE=1 Force the windows portable mode. Documented for completeness. Not useful for non-developers .TP .B XCA_ARGUMENTS= Outputs the commandline arguments in man-page nroff, sphinx rst or as oneline list for command-completion to automatically update the documentation if new arguments are added. .TP .B XCA_QPSQL_OPTIONS XCA_QMYSQL_OPTIONS XCA_QODBC_OPTIONS Additional connection options for the SQL database drivers as described in https://doc.qt.io/qt-5/qsqldatabase.html#setConnectOptions like \fIQPSQL_OPTIONS=requiressl=1\fR .SH SEE ALSO A more detailed HTML documentation can be found in the doc directory, in the "Help" menu of the application or on https://hohnstaedt.de/documentation .SH AUTHOR This manual page was written by Christian Hohnstaedt xca-RELEASE.2.9.0/img/000077500000000000000000000000001477156507700141535ustar00rootroot00000000000000xca-RELEASE.2.9.0/img/.gitignore000066400000000000000000000000221477156507700161350ustar00rootroot00000000000000img.rc imgres.cpp xca-RELEASE.2.9.0/img/CMakeLists.txt000066400000000000000000000027011477156507700167130ustar00rootroot00000000000000 set(S "${PROJECT_SOURCE_DIR}/img") set(D "${PROJECT_BINARY_DIR}/img") file(MAKE_DIRECTORY ${D}) macro(Install_PNG size) install(FILES ${S}/xca-icons.iconset/icon_${size}.png DESTINATION ${ICONDIR}/${size}/apps RENAME de.hohnstaedt.xca.png ) install(FILES ${S}/xca-icons.iconset/icon_${size}.png DESTINATION ${ICONDIR}/${size}/mimetypes RENAME x-xca-database.png ) install(FILES ${S}/xca-icons.iconset/icon_${size}.png DESTINATION ${ICONDIR}/${size}/mimetypes RENAME x-xca-template.png ) endmacro() if(APPLE) ###### MAC ICONS find_program(ICONUTIL iconutil) if(ICONUTIL) set(ICONS "${D}/xca-icons.icns") file(GLOB ICON_SRC ${S}/xca-icons.iconset/*.png) add_custom_command(OUTPUT ${ICONS} COMMAND iconutil --convert icns -o ${ICONS} ${S}/xca-icons.iconset DEPENDS ${ICON_SRC} ) set_source_files_properties(${ICONS} PROPERTIES GENERATED TRUE) add_custom_target(mac-icons DEPENDS ${ICONS}) add_dependencies(${CMAKE_PROJECT_NAME} mac-icons) target_sources(${CMAKE_PROJECT_NAME} PRIVATE ${ICONS}) list(APPEND APP_RESOURCES ${ICONS}) endif() set(CPACK_BUNDLE_ICON ${ICONS}) elseif(WIN32) ENABLE_LANGUAGE(RC) target_sources(${CMAKE_PROJECT_NAME} PRIVATE ${S}/w32res.rc) endif() if (UNIX AND NOT APPLE) set(ICONDIR ${CMAKE_INSTALL_DATADIR}/icons/hicolor) Install_PNG(16x16) Install_PNG(32x32) Install_PNG(48x48) Install_PNG(64x64) Install_PNG(128x128) Install_PNG(256x256) endif() xca-RELEASE.2.9.0/img/banner.bmp000066400000000000000000002477121477156507700161350ustar00rootroot00000000000000BMOzl:PO  BGRs)\_@Y^G- /CCXYWW]I7_!$fcba_[XW VV VX^'^_AKX WY[\]]]][X]GO^]_G4 YX""`&&b,,g--g//h00i))eXY^` A_]]]^@ V[$$a44k<^ZXWWV U UUV[^Y Y[ \""f22n""e \Y[W 9\^]X U TTUUVZ^Zrrr?^[b<]`++p//sII88w,,n##hc_[W\&YUUUWY W WVX^b/OjpRnpUpoqz̑ˑ~mmkjlrytʚ̚̚zLddH__Mff 76*S^!!m**n$$ifc]X]Irrs1\YWXVWY[^\I4""EVVڰF\\ Pbcc[Y]< _][\[[^]^C$$o!c^YZ]>J]^^^]aKIbbYvvh}յrc$[Y]`$ %* ',(->R[JcoJcnqh?U_!.3b^^^^`5.=9Wttj~¦۳EUUӷh)`^`%.=B#/2oT^^^]]ģܦݨֽ߬^jj4;9ʴгбббаЭP__!((h}}Ҕ""""v8^`&}m ,9[^^^b&ݨبש֩ժիխԯԱԴչпϼ͹ʶȵDz6GGwfmm]cc599qxx@CCZ``>CC^f{t~uKTTU__>FF$))~Wffϲ׷).rrra 0e?TXOio*8;=RU9LPUknQ^^^2-//hppmtt 699aff.11{JNN\bbMRRiooHMM|GKKQUUMRR y')%MRShoo}¬˳ַ_ :PkpYw}d)5Ha]^]!;AAaii:>>CFF%''~>MRRTXXy/22.11ǯ϶ں]<L] V^:WZS:=; @"$!ntmbh_bi`bi`GNL %F =8:E>ʷڻZb Plq(+ݚ T$$b W _4~luulrr ϷܼzV`.)+a޴ b++gY ^4~donq~~GOO*./Xaa{q|}6;;NUV,./!""X]]$&&v{{%&&VYYORR799nrrbff!!Y^{}p=`jSe| V_5  "-/ꗿ4 d//hY ^4LVVVaa.55ISSyNXXt=DD_kkbmmZdd&**|~-22doo"&&?FF:AA399juu266"$$|GLL)++VZ[Y_^hnl3u,hUbc|}pV^O ߬ՇD((f--hY ]4}annbppz&,,.55ess-33DMMU``t.33XddS]]*00U``;CC\ggZddjvw]hh T\\BGO=e+J7j|ZV^Y=QT֧BQVX++g,,gY]3|WbbNXX6==Zff\gg-33MXX,22Q]]uZff{jxx}yMWWVbbRXUKcv}")5{Nd(55O]\ Ϲأ̡++f''d++gY]8uiww7??R\\z.44\fc08(MzK?l4" 5X?_^jԠt 11m `00jY\ @',,7AAdttfuu5::dnnYbbs zAWF k  sgART+`^?٢8$13d%>>v$$dZYZ\  &'޳ܵ׍<`m6CE!,,/?Ba'++j..k\ W[W!"E]`o瞿;TJJCNcbCUUu!"[$$e[ZW?AW\ ~+6dXv|*, 8:9: &(5GI썫ξrrr hirMfk**iQll'45#.0^}$24uxca-RELEASE.2.9.0/img/bigcert.png000066400000000000000000000440261477156507700163060ustar00rootroot00000000000000PNG  IHDR^fg[GIDATxdim ڶm;ݱm3۶Y誱m۸9Uߛ<]N‚((((( %C.$E|P 7>`+^&٧ˎ~+F ip@Ome@QQ8C}Xu_;nQwa3S3ҜC[@QlB7ejM[V55g`L??,t(GOa&l1NJ[3y&h7,ׅ0wzJv(M `3O?EoZw sگZ^ ΡWk0c[8RPB `Ȁa@=|K6͚m˖8k\(RJWx~!"(r۞z|7 'o튏>/9)nZjJBg_DJؑ3_O\[~R.1{>ysȘqš ϥXj߾,W1*A0L-oKC90%%ƞz4!"ԝ+^!!!~]˗\*5Kk{QHAxc2Mi>4ܦeͷ, 1MÃ-ڜ0#SKGDc>{&xc,*0syܝFmq*Ԁ"R5- n1,nOݙu⭄R7Jy;{>ޙӶ,xZcAR=_`^עYt|$SÀ!<=8R@o TR xoU1O3kǝWO܋QEިHʕX^4*^U#J#&I$i8r_{U>V$j Ao}Ԯq`KXH7tEcv>Ӷ " ,MMR!Z;%~^) .%@#L?uٲU6un7m[rfl~ܤxoDPL.'$/|ᗇ5'EdۯwjV/\ְsCHz+`xB? | @3КmzʘzqN=t-QE^>f l0>ΧsN+n欯4}ڌQt끍 hwW疬lSN9>s|bMy$dG?bu1 Q-BÎg^倱ci#fH| !!JŨUu12{]&5u[cc 4m.Iznd5by20@U"k{9OC4y~#DScXX]-*k{L5B/UcJTyxjc8/+F6n\qXz÷Ͼ Kۯo; 97v!G~Ƥvʎ#GֲՔ::(v"$J{ݥBA(M]H@7{8 `2=B>|ssmY:;/4iT?QoW!\i*bFH{ hcͶQ^#5G@^x%{機h>dFsZ8#VWcyyy50\D `z+3E+p5S{%bﱖ9dzo~Jrߘ|+\6AUyµ[/AXmߝ?f(BHG"ݨ*I>8Ge:$MRΦ)X]׭XyUkV\ m[X ;1vD6[Azg}Z2h`o B-=]\-x1<ԺU{j5zz,Y}; -D(\$ѥPחsϽ`r9]n{ՕX:WT1۷WB͇lzPMڔJX21Ү" XS4iS3IF&5X7\bl΢*EX+3HS%U5b D*dH-F¢̝{m՗P{c9+#W4D@VctWN0(z `PJ^{{IFx4 \tce&IP.W: ?'7H vd;Fzݦ+?zo>7F\^ѲzTz?g3&VÆhU#_?|D/#irذM7]!sh0F&&uޫl$lϤ.g(&XbDژ"JN0E^TU]:"^գQ^3^#Γq38zqBȬQxs>MS9'ϽOY+}z)ϐ-F^fZX 0T+(y ypNҿ` ?a٫fk hm_k`K|r/_ &3D\ebU/r}LhwJPVNQ'P,hE b㺻ajU^y^vMM1XT=@FDa.F0Hx@A^*R[^Qlk8:!Q**KZMsQ"곦RRkpnEsώW@RSN6#sVѩB5fU`WkHs`b1l/ywdCUR~킱HDH|<%dooM;_$ǿU/Ÿ g~b{oA,)A i,6r鮻̬~_cnj!_WG%_b )47AαjJ)Q  jm!8Bc@`9jj}U%gQZz +3{j=T*jp%+a]&cIbCq,BUxr3E)BTE@*+E&A<"@Z*MeoJ 5CjUy{9oL굒*6SK?6p I!\&B!ʱ{;Wߓe*HX4ı1 I9-!ZMAvXLA\TlB!T*j'Ze3Q\vB~H/DN'f݊_.>Ubt 1ku1zJU#)79TZb]v6( 9xkvd*C5F^F*F"|Wx"0X& %lUI9̯_ziUяËX У^9p ^y:F*^v]˯vyE%>]a1iF F^ZePZ|a D1"0ظyL-ZT-G]Ӌ֩Դ @Yt6̣>8j w^ٶ5G@*UR/_i^X,%]*% /Bs(2V9GQ5xx KT9T2=k)~U8y>ً~()s@u+q{#  ,|Roa߄MxG>̜`oIkK=&t[vV{; MM\=q!Ł!>s:|PEQ^~yﮭٳ[+C rO=|=t (MhtQ7Kh^U`O=_|E劜Cֈ0*Z!jj8ǝI:xEo,TDD9z]dcV8jJQ*ޫ45WV8[wN~n21p}_N~,~32שvemMۿk*z`/I5M5 6O>Ź!r $AU7ٌKvjzF{vkzT}K>dnٲIVmi='ۥ5k֙:t^5 "8dPwtz S(;;ެsJ.跍>2^zm}[[U`2K8mKG@x/'L:Xku1: =%Sa1l$ƒsq*WUrI;/[r^!SøH2Hrw^An`?7 6Uh<_]~w%o(DPRP4L{9:i1莶oW\`S${%9DmJT~Ӌn鮺x|շďK^|{y?i`OЭ|Ay vashʺuL>E2=/.~7yQӪUkltxf]$$6(I>K*91j? ? E[c"^9FY˜A%BpU5*;$V-0Z-=/%F4Ulܼdyn3H <7n0si>o:@6WYHb`%jr&V"3S-浫\^ zEj!;u]zn|NW-ưs\dpɨQë=$wIGu{;FK2s6k.>J.sJbҗyGM/j~FUO^ӟVy~@~ ͙g}ڴ˖o|MW\qC]%`20E$`%>}3NG7E/b<=  G{%V_Res 0& m-se,*+Hbg9VN?PAl&| V`7= ]Y-W}F'^vwxuGhҘ\Kzk,S_s***b{Jb-֘`A$zŸhU:,}zz.U _|U}{{(&@c!9oolRxwTiPFҭJ>U@2&*U& [Wzvs$Zs`bt̘HkeDhn7lyi#G ôq {jq~7 Hުm*hzBfkiI>{\춱8۫AńZaIr%W+k-;EcorggL5,dѢP ű[1L%3fduԨQbL6[U\WV9c,,7nL, 6؁KK :ŏ>۸וJUk ;k-üyWϜ9ܤ= 0<\|HPbv;yR#Z0KDvN{2)XG%eN7oF# @{92u2E킥ʲn8@^z'JV>MSMS2%Aޚq8&$ӵYgP|>ꢳ/\=|auGpdx>p-W4פiyWMRNu Z%{JZUi\-msm<(7eʄxiS[TGC}8E;4.K o}ͥRI֮]oMR9;5zQu֊|%f޻KܪM8@JA% O7*cV]RZ8i3HXpѻ&b7A/9m÷YKG/ݵlpwޗ;{Wfp:Bڻ*j kk.zO.CE o8F^c{=7.s Gu:ʇ>tfšQ#c9luM߰Qӷ̚55m$;qLg>}p@M :̽'vL@j64{V ("?^͞="bWko˯wҺm B/U 29h!*e/p=^7 za,ɝ22z0okrknzA{~P 5uK9CG}ksy3<˽DNHT=%8ƙfT5'\Jx%e3+|.N$Нn쨤NN9s3B

JRP~rkx#b_K!hvA<犇2<_ ZYSHPG:!EŲ\ ٹb!9W_5 9`cffA2 ƭ~SnÏ1:Y%Htodʄ+>6~Y`e>}wM2k"Q\B]afѫ;4>np07,`$3-r2i<؈5n}mƜoφab;zQrbA&Yj"ε”]z3'oц- j.2tIFӧӵ?4A02jmئaʝPܑsZW&Zn鿴ij$]&܏zV4ҹHGԶ $KnnoC|{ok~jL(Gzvoc\o ~76ŹNb!dee^d|u)jA t=!HHww06ºZ5MՂ2!b81dp~2()Ps> x" Dw}Zw^^@|jT ͛7=XP\+y^^8zaf'vptlڴb..9_~iBBm`{Z# 1JrLjO}e$dfeb<<:F+t xic3^ rC xo M}3i̭/uy!};uC F:2 bxw*U˺U+;&XI1f/=W?~܈Md_ S6rK΁gyޏ'_zM_O@۷π@ o~uBьb&uf{> 9bHM_~7cv폮KWC> ^&"U um^x5*Vb:HgR5c۞U6Z#QTHb`2 b; 2nԂL2SWaBz/i%*Ա][e?QỵO|64Id&Qύ}`N',[j֨`/foH+:":29n庼1cǶ??رѣGByi7nvB/ժU#\|[;?hԭ['ԱcAta )=V+FTjgй>qWX5jh?3@bxfꁻ=?78g3YXp(D%[nI)0e:Ww.r9P2dU۫ S=L)nA}~Z}h-~ x&)Jf2)؀դK"^ Z5È\/^wbe4gZ0gԳ%$'d~ŵsg1r'_GA"믿ssyF'xGw6/]`{$ӹy{S bm߾1`C9jUJ>e˞"hDUu\dK0,VfjLlٲI`s95f%SڨͅǢͪK"+ MWUdx^isa,Z4,UsCәz3rʚ]qi0M6;nTTO(M1l]HW6mЇ+2c&^O1R`PKv.AHp ĉҚ`RRJP/KD0Njq|(Icݺ-݋Վʔ*CZt5 >xׂE3 ^Yqo#g~3uO_sˌtYJ}?;pY~3<`1m3$]%*.wf&:gʨ1}0Ѱa}+nܸKo[h`.O?bA"&U_If뗒biȓѐܵkPȴ5z=РAPjUM!F3v^SJIeP"}mwff-Zn>u~qwߝyo?=15uѦM WZ9QliۼɱC;L:PSIM@W,2ͨ , 9N6B{}-u  : K^"Qv6, |ɮ+ΣwU9ǼѶ8K)%/ Abp͛^n#uQn3~dyf#r)mczFP2é]_m$ԋo۾G;vիV)$MwO.]:3` :wn;vhN͂,eɣA6Ɛ!PɅ gf]zf}>uQ띰Yr8ϿvCy+U*0M4$3 2*CzH76 :Q5(*6FdFIحwӵ >ޭ8`.3ili<0\K]sfg24RhtAb6eWW~E@pyEdl֠?UZ%Qyl+ީwd;.ۿ9rܠ#EF:kBԙ/z3WsU,c~fbne#H@HEXVba 1KbġcܣiR(JaĸFaop@MZ`EcrCAFf3zjŒZ΅Gʉ$㎵eLs,vV>1 1`ĔW]եpg(C6^yei٫(Qv~Q6lV–-HoxitR%ɄEEgL!dٵ@$/Oi ^TJ580E?e{Ro!m 2E^櫾dCmŽ%4Ogj<6kraP 6)cĂH-29sbo."#D[m^]u2: "@"g!4vAP͞=9GI IfL?ۺ=^u•sXG5M"qM{,c^xZzT>7LtLDw:Qh޼EPp3i &!k7ni.{!6xx3 ,~>U2/Z # :gz Ξ/<ͻk6WlaST"qy @"z*CrE$`IYJ.S *y2&{XACp>$ VLym4A?߹}xdoʪU/zo|_~{ٲɴ=Xh'nUꫵ[oW۟^YBK_{cOꬖ'9FM*4HCo|:֠ F,H%R",lsP e~v9wk_>*3QDŏ Y9sæ}5:I,8ym~O bÂrA.1E7&U0N|n䜃[0nAkBрP0J5 nzʣRxfhiĈf 6ȀQv ғgĬ9xSg/ {Fp߹'lM&A4p]ze7{]AIu:[nE4ٝɓ2m6dfxhZDjz[0_׶933{,e @s aT>q>>fgĖ#8}cpwcos PK {&2 EM'p|$%ŔK}IL<۬YrHh#tnJG:__/d ðU;u_4H#M ZY0 Ζ;Hı _f ,ۧK{6"T֬y6㏿uWq\3bl-ˑ_|qvV I#'>}:F'#h:ujj^!}'U0|F勳w4AHBYW=)p6f*H^X HAz\\B\ jW+wךkPwGÏL`;8+oD_"֩`M;:pTp _p/o^Wמݳu~|+Ss~ &bBw+1@$_ne4lPD4$0}LNR0 GmscR\VE/z;wnh۶q-J ]}˘Cg@H/[619gϞm8: "L*m>AUN/Rj!>fx p ѱt)ǀMľpDSݑm5uxP=P PgPUˋKW0fh\]7WR6бG +7#3+ĩ}僡ˮ] H`dZvWZ!'ZX] w Iy=D 7Uu!yJfEEGH2@JLiÙ.1V/T RǪT%:Q)@Q,)Or's<"G {[Vb}.RdL|{FXO9\:qI^pv6k1b0ް_H:9WRTùQ ,"E(h|AnAg#^ >c$L>Ԥe-m]^Zqta3j.8 gv-d/333Qcff\af9U[&iwjJsl'WNΆȿN>)JLK$?xV<-"1B7"*'BX%u+1>>Lc1Zh7lSUc'|6{)e禽遝w 'rd4"f3"K(_RО{9"%§?Β%-n Luʴ.G4q68}UD#CXR#&?߸! Rp*hmu ͝lzI?5a=gtZ);6b:B!Q,k֚aqJCpNU^xG>O{wg]? هMNM2#Q2 /LBAKlDTڣ#Y\3a#PHD%?YHQ@CTmh# )]#˗O\V?"<#-88G8ev*Zcf#g @#z{ lԵSI^l1GxzIP#QH Dh.btXU#O0e\C QS~yA{r6;$fGH:i5@+M>eI$h>\% ):RE"B+ 4E&cP۴(P2뮹}KoDZ~߃fw:nלQ-\(E IfQIML[YuSI)q5e2{!_:8ԝ0@i&>^9G]rDJj7q_g'c80yŒ<=[}lN?-lѢyOWU1ӡ$R]J^k Q'OK{FʞO(tYc-O;-r/|.Q\?9Z*;YGtzbdr4wrod0U,gA׌0EkLNRr]8Jy?1bNyMu9rf#:#9fV]v],W"JSSPo]f{wc.YyʴC?M)Ux|p?R$y 2ˎdƾ*'j;{9FSaM˖Y^,TH2H9aZd}_O;8̓fOGC~ۥQVԵ"LN6c WQ>Gl0 "P[mQp[>捹RyGNeCWb$7p)nLDNWz]k2z=3s]Zb9sv*O=浩V5W|U5rY %͋]􄈗m_UrG"Ez0o(RPh9:9ʔx[q&3d <kD<Ř6r7Yʂ+.51>nrcP#릤4x3q͏ъ>&wv#FGAH6̡嵍A[F KRr)w!=Og|#̥-+-;##8(\mXARi+G,6OLH#@Dt(ylztyYR2*u "lՃJ͝Ր-NX~/{/r/A^7 :y4s+m\K3Ƚ#=L I<+DP0YKp![ >[(gѥdݚ5eX${'%7mŖekx~If̠\$ G3U,YDPH)1 uC,APOf'EDJ˴J)y%|зpnx`0ca5}WJH;7Tfa .ŽlQbiWm1cھl]7Hd#~UN<\s2&ly܎ N3g! 2LE (")S,PY"%vY|K ٬@t^43B \f$U'J%IYU4r[l^?:s5k={ti"J9fCD3BHIs|9SrJJCriܰ8 겉( >7%f~זO5C:u}ɽ^ZEӭB>kf:re#JTxHFC6fӸqPʗzCRr'gUkּs۪1##ݙ$MD)hęv7R][Y;>9]0uBvn ~(.0߇ \{͝={ܳf|'|zAYn'4̜5ؘn#픫6&sYl3'')d9A"\yfG_㞽̭)UuYݮ*nj,Ȍdm#J+VXM“ZJ8dPaCj\%ڳKn)ZTA)7!B]^$Yn~- /5d_NJJ\Ks ;_-ʩ(' t:JE%F~%ʚ8R].! xvRSZsq[##KEUEfZqAժkHIq|3֐MBˇ}ܕX3q.>O(qZEFR*$t "%wpte(ȵ)s\c a#V%`0)&G{8͐zWO*0Xq:xBG,jg,@i_U褤jYAwQՆ$Ww`W[UJI8A?7E`gof/Gxisr1dȐ_XoA^P!C ǒ'ᣆ 2I"͐!C6yU!C 2d|BDIENDB`xca-RELEASE.2.9.0/img/bigcrl.png000066400000000000000000000337621477156507700161360ustar00rootroot00000000000000PNG  IHDR^fg[7IDATx+dc۶ym۶m۶m[:mil%ӽm*Vu|\.r\.rR>Ԗrδܐz<$pR,&4nCw/91~]V}֥߫s<\)R5(++cwY> QՐPHwmS`'\?4NW}[ӹSwtҚOh;Ն5N"*HN,').ϰ}ZK3.ZFH'Ӭ_L~uA `u3i"=Diݿ[K|h{GU;CmC_Q8>uKHS:ePR[Yԟɴobi[t챻۱cfeWBP1@aX=qKO_Wۑ*HsN?bV*}[d()*Д2ZD ׊t/d.;=cߣ{b~YUXePߎ@ Pw_(&k]1T{n=ezUu |Â&/( `i&)\ k1;u._rDр#9~9cgQkŪ*h@ 1#kGd>da"21##I?pQ%1;&Y5gj׭߁xf6j]:t葽w?=pžU(@ը _ ʱa6ދBU=j5DmFf 0aD'Qrז|5m0t מyUV^vu]y`U弟J&٧W6{isʚCuzc-޽oWaXUޯO{}mX2 Kx:{]r\rCv *}1}^IM}}bc.GK8TX.[䌱`kmROg> i%}L(oͣv4& OLDjEF᫵ahms3: a *EU3M)`G5h4 {Pb1`_[!мTȯG׋N?|~gNPAa9q ě&-J'iͦ$F])Pc`ι[6I,9Љ=d|CjUZCQXY;?!vw-)4Jcr9WƱgV1b'>f&ffh;fLbnjg8iwgH{z=3HZv̬ZcX|XNv-Q۶q"Dl٪ސ Bїv|^"vӏ\V; Sɳy߮ pV4ap0/3o麊];0UTt-)*+rqh)F"0q= BhZs"hQOƍA;J3#IKU JϱLo!\.,O>ԥ=zX|eN.@ E/>uq>{lV4 L9z9yZ6, C|͚墳pcZ ,Jj9#*+- +6Nc^XX_#B12#M&cg v aFÐ3D!SO_jJX@3c֦ ђACPV Oc@VHE7ࣺz͌^o[YYu넼!A oNc|ލI>` Xes`V<@MA1Vզ&N͎3ׅKWUWWLORĢηJ/-{"ah2o9*w b1fuzvl ۴)O۵+Ŗe[u&06 0Hޑ4 \(s ']Yߪ*uR",:ml1XZ D*˖1- 8B)JPKq1r jUL@$as'|C3CkZ c  ' X`,,@" $- jS_~YS,XNkTK\rvUUMcCCc.5҆$@>K+"-곣V]d4ImSz]Ӧ^''b m21eJCȰ]r&m 9kK1KFuccl"tbFPlq1Ue0J) "g1c@|i: eʸGW|fmhqh#|WVvth: a?4Ƹ=VifB41DIVE ߷UUV" IJD W^c,Yn4q4(..2ZYeXpXP w ?۴)&3Z)VP$|oġ\‘9 RAh:u" AʡfcBי(Q[[dQ5448q^^B UAA>ɵ *??bfhMBc)IԦl0&lٸ^) R;4L^3,Yу9s$b'{7ą\k,"lFQ[㬥 8t'3}Vl,B*BG"h<΄WClɵ_i йD mڔX ZkVB~TyoA ?b眾ou$3eqe @(rTi%Q $#!k9c4&%X>Ep#CP8qAF,MZ$4#R!dhTڭ%HEc212F6㏿LKEj 9O͔A1CA=)у[C#Q̤B ē\:`Yif> 8bs&5N)sHc6YLv~:r=J -8ĄȐe޲Z: -dSS9sZ9sZcL!Bf[EErk"((c"BĨh(g6((C"Qp4씑GJ9Dmn6""e5 , R% H&S^ӑZBQHGN$"#?Qtϓ!`)|3tk\tlKjDb]Cf-mdK˘12Zd@<zY \ yZ[TUaZ5y}|!E@xxǽ.k3ҩ[4E"&ǵe"dc2_3Sd Oӽ|>ѢkvHURcHE޸6O{Q0`AƠfBnresY8Cڦ"p`C2-nrs|T06J]]"^kk `F (i]FGR u!E8C` h>ǔ,`rOa``p꩷.\^z( =sQVV .8QGͅ7E{kOل|D X]g[<&6iiXr,{_kxAm~Hj83B.w(2@A|DÆ 'o $3.1ЭZzEŅpGz lL&2Ʋe[R:aݷƔOzAɾ#wJn͚QepNVD,þO#"uc-l />Iu$C濭s33dY[Yvxm 6|H'&"BM Lb"t!ְtkI Na\894o-)Zm?4&0T5s  WO.}[?Lώ^k&rGDKxC2Uo5"_pA_XVeCkb`L1li%-\LA0obգG' TXEg{ .!>[m5<{b,ʕksϽY8e8Wnm莑KC1<OiRNH35[o?k֜\f 02C%}46oqf…Kާ~wh\oؼy=)yGC_%Wf8c$k1P؆RJSRK%F#vCC\k2[TL[!f)k#ÁRfK~n<)XYzZkU~Q RKqڤ)iL!7B_Cz5uۿur |ϱ{}ur[)ȑ4ngyp̘o/?fFu ̙Ap≇mհpqUUZbԏ 1bPj)WX5b W-\avq.]:vM6 m&h9uE{$o^uapVнQM9&xZ> CX\f#H)n-*tN(b IN m-n4Ã^#%4hdYd;.{nhq?ym;֦|Ɇu|)ݨO4G|@Fhe[NtB{Q7L:+:!XäI3b.i%fz1y}7>:z(2[QQЩS{;\0aZPRRd]}d*-_R5I'Vb^1( pT7|q_坞l] HҍL))AH{ڢRm- BKaߩ]*WH[G",aF?i+$ -/OF(QشAnāZ5o-d9_9fK\vgy`~cH 0.zI|hdMMHfɝ7B(KW^yGY˖fץe/ҳgϏ!riKacp(g߁rE}zju ]]6V `LP1NwD h麵̸WLQF$)IaE[ޮȷVLԗ#(K`<ᬳ7~YE}+8B& `]e7֥Yb H45FhDC+iӜqƵ\Q3Z/cR>}6k 7_“O޾MDσ( wFpp}YqͥEutS<ξOKXĜ.[(3=ATNd ^3iJk<%f5S G+b0N'B֬ ٞ=;BQSӀj'tW7"] KO3q)X<ȂE˜\;.e}[l1,u6Ha Ν~_pd$I6޸{ҭ8;am\3D.cD&JuVXs_6~RQ1s$K)̓,Cu8 Q ӕŧbщ6"EHvÌb=*!Ox }o=ztwSk!T2%k-'Z"b")0~aosķ%d +?;g_ y=G#wO>tz끻|+8<& CS!%26 E|Z1Es]uX&ڵmkƎ:oĩsxC_zY54oBo͚*{3b:'6o֏9sy~86ovhٳGNѣD%r"40`^_G3( 4DN(gQW؈ʲ l?-֣dCRY"xlQ`>oS|a QΌT"+@4Z &|_c.jOJ "t$$(a [_T^/i=FZ4|&obaF7ԮmF3wݾZJyWU%:$e ܫ#XkWId#6ȈRV#6}GnkrvS e(IhJ;n(gacªH/:ԓ't(36%V 5 c>0% ! "Π"Qji,ןUZ/f av@$5HvuW/MnsNf~‡N:Ľ*"BjfYlO0tiV >fŒ,_Lꏪuý!^Ca,W>*uԐ+p{ ,lUh5a(Eʑʱ)~1asϨz}kbpro^…5C dp1.b0Cc[R'xkN9rG_kg 9d[T;UZ# VA/uXZ{y}#PAyYd]t>wfG`]ݑ]:%涶6TbޢEK}+m[D9r:M5Z)m }շ 7/2y8\~WV;s+$׎8_~M~H{/smn5H19FóQ]aqqsi[d>/my;7|m{ BJezZ xeyVvq*6|G' j"3"gHI9uVc^;7'|Z*=0J#؁< fdhAHϩ[ZRf aEE ϬqvO=bQEر_s1>s(O]f ݻn0ݚw޾17}j>{%}\p^[? w=CvO▹mu/Xl2c`"&(٨[x?jQC4jω:20k c9rN4<DHZXzn8e)lGM2+#X_~ᡏ_EhQ9+|KnzTEXSov25ܲ5~sٻ y/Ɏ:fefffffffffffffuL8䫫?yovR_Nw:8޹&ň*qM_P^5έQ Fo (EX*Ԍv{]3f}LoV c ߘc@8 >mkJG]s ;=`^='7S 09iɇm`AȍLZ.ez{y)9VKyE:t r= ./'54*źpq {b>w72 _ =DUWwpP3'&-`Qt1։l뭷hٳG@ߏ 1巑.*XN?1}oe>3%)9";1D2I>kvp) \Ê'9!ٟ ,AJOJJEUO?_3j Z/BWmŪVd#)!` /*^ dJHuy7p@ )UWݒƋ[x8m\r;YBT__O8ጪK/=o>AhQn*)cxТ$D)qf^{KD0Aamo8f02$ < IByLZl=mɅ (AvD*lSĺLMYf'ۻK?3"#6xEI*ݯ90 ŏ?fp:Z]) _gu:kZ0ƔnXf >}ؖ=uf8?(Lq`:k׎Oij+cGDԴ;U{tK]T2`{RF?mE\q#=PRKryõSFyRJf/`ڷ˕'g O="^=7X;qƪ`?]`\$XkPb5pQ˵g`T4+7={>C|^aɢ 1Q}$\pԜ=zt/\zrڜ\tM@~C꣏>Ү]}(G毾*t͛Zx=6]h賔~qO:EHRUOũ5 [vOiҮ䣏>ۮ+M+K PLBͪ Aƿ`y&l2s_SΕ谸< {Cuց3"\vmw9igߣ=r Z"; o׭v>w#KqƱ^.9B)"(Tp( _Z+}? q\E؁Фg]n`8Bj.C:`1b}/Ԥ RCߥKg1\[ZC|' /"Ygº٬~YV6>8 @0}// rǑ+ 1DEBBI9U'd+'A0N_&XgkfqT?HWʥG-;` T_ߤ/G5QuTC,–/wPuЃ ̶*P$R@Ho42F61Fwsj+aBR$LGvŸ2ewWUwl]N7ͧq.®h{HCI̶+h̢͠x,4s36X5Xلm]5;) %Q`fvEF:{m]yw7+ ?xpnTI߈OrFuǪ}\~`Dgة궻_nJڰ|eG̢_OoSWɤ0JcA E2  t_3keeR{  lmS,j $q $f_Q1oiɈ6Ath.6 yxP O_ <: P&n'8Z$^Q,VLFK<.(ʅ12luɷ+o~v9 |٧~9',]t{wwHZzV*n^뾯;|eo1$-pN%$H`4NoRcXkU5 =gc ! v>ijsM漋_Xd9"Uby*tHZ p5%I1-prd?Wc.n}B|tÕGﶁxvʉD$j[#W"XmTY RJE4g FŘ4(4G:ڰVa^ ~2{T\ uNڔ48Ipp"pp ɉZѳZRqg9Kcg hzmuH4HjFu\[6G@0X@CipH EH)uThL;T\ɖH#ض&e` k^Y4 olGõ^|9N8Uv [)f("`pP-4l_yܹ Cd+pu/u_|=EDnyڴ+MvITlj<7.x1C̙޶ ᭻$rGŔq׌cA ,p-N" p00y+}Hs. pqmblQI`d<.{  ]NeWJ#ۃc 8 ybA,(nH]7:'}i pLwShQ}{ _;]XJMuz*ojgvf}Ƃ毜q!\K`$b8P*|eE4Sd\Ud/%.b"(`͙SC9=vߦ)V`8L`J^dhi3%j~p䊇h%I&nc>b`xWNijM"Pn2;m׹mSJu&M]0e?g"x6pqsHV)ϕB6UEe/+ϲl63ٴ@bQxɑv(HFc! Xg+m=vH6P*-DCt8%ibRwK#(6`4 \Whdpǿd8}h{(68}a4s\˟AH+b$x/kuHp \+|pxSR)/OuVZ޽K;^;yf_&5M>~܅ ]@JPY\y*WT]Ull Hٞ s s~(s_Ӏ!+ұcUly.@Yf2]6_dDbv)W/c0=C;?=NhcDYKf 85f@6s0:I㭆4yqULsAGQuq7~ KXm^9 O߫@…C<4O/Zh)iF\QJe}? ߈0y=( qd9\,gl^O@} uk=_n >WNCXĨ(K8w<)h#7/eI:= ݏKZu l5mQpeL$P:kѡG^;W>U lR YZVz9iթ@ܠ%Ԁީ+4lʖ[5p:nhYY:k+I NE$';=yc+8$SL! g"‡I ɤg!N~ĥ G|ܩU?pN`s[Jz/ ތ+{Q^{Ql 7\y{tw]5?%uft 4 BIeИQ=) }1[17Ukœ3m6P?R_>qէ;R"vpJ]܆صٰjür9|%% Lfkf^:*H35/VY$L /kܮJ%B C,$.I8(עϧ~0,FKl5ˁSvnxA+Ι>;m׮| r<ì2oSElN+]bfigHqcIPӕWTd9Ҕ7P ˔ӂliu3f0lݮ3Ӝwz=W_gQr)@c.x #[#F𬱨6 ulkAnE7NT  2E4g`(|1y SfW`O.IENDB`xca-RELEASE.2.9.0/img/bigcsr.png000066400000000000000000000411601477156507700161340ustar00rootroot00000000000000PNG  IHDR^fg[B7IDATx$km mv|mk6ӽmM2 ?((((B 1@Q>_{-CGs%s =hO?z؄Q͎鋳#8C14a[VJZK4[Iqa \ P}[<yi:eǮ mj͡t8[6 yi 0a>o`E=2&h'G9 WDG_?5'1!'7^ <@}[DGO^g(c )Rt͘qڃ|ͽ\ [92Yej/ӵo_qb:%aq*>#9< PZ(|r€y0= w߽q`5hm/, TB81.X c4 aNӲZLpڲm͹CR$~Je dVWwڜk۶m۶m۶m۶؍ʈUg쳴?ȎȬ:7 3:FK7³[%1'=Eq㍷/& :en8!pgU (ER>[SF* +.nꃶnuV06"Ztͤk*,L "PA81c'i n~WL ϼA睾kϾ{7KXu}N<낻7` ;e ]RCzv9ug "Hk#ĉ?8mᶎ^a҆.U s7ae+)4α8B!X $rk-Y"Bĉ[S `k% ()'qҎ,9R~y~2.aJÁbP5`6s[.c E0 ʝ=6)*- /?}v5 Jf1, ""#H@ꆗD`H4D1/Md2  9k8唛6J;R2ʱDs޴²_c CMXC A,GfBX`|"2p0$LRwb݈ڪM7^~l?āef2X}A9'Qk!""(k EZH2 blP(&L)S[lD̢fCFoѲ2=+ăo`%dĈp:1:MCbD"X1,3oʻ"lV̡,,!A`clvde3s9f@5B/$\}`a'%b@Bzi @$ i1!T 2(|6qFSN2u&'υ[zݡUt-ʴuaMO_uPWUx ZIE1" vch"e,t)) q ۠O#=S\psLU;j{ 7e19!kB INH~*SW%tCJ"1FeED٬XcB%$?gum8qfJXIA&?</⯈[6MˍLF:QK<(V]"IofW;eVe}e>:e|6mUz#u,]5@{HΟ!BE(BWq"1T YqC5iյ|>cT (7hVϿV:=} HrX`e.'E 0_<-w끽[HW@Ũ Rǟŋ!̮JH>DI$g %r$"fKbtzd( 3(& "nCਣn>[9} p IXEְ*Kf}l+b^'rcpuOf6w^XMM(p$AT9#CݭΛ깾_}$pXZZZoMŔ)}E5ѠA+PoLDAkggW^'"/ 0xD*-3FN! D`kÇ l]xbs k8M Xa!v1^kA|Ok* {Di*$xI*d`i^@0LdJhb3L,Jb)"hbXt8EbԽ>fW|Cߞk&if̳"Y|߭DŽRt(q\\zZ3U9:ubzz# ?E&;gwO>yuQ@m(ѩ?N}H.ʓnAE1aȰVZ R*{mr@䀸ɂE"4dկ@$+G+JQ`L>RHTFİ6!pHƙhO'G*G,M>S $/ =2֊UVFK.ϝv-Lܼ 2'ʝ"Мze{Hob!2s9r'uUզs̉\6N~T a.テӭk!K/P1Rl_H@6$yk3LA$I&rkXɯB>ToFR)tUnRؓP(DWY9^J=>ʡIDUkR8oO?= U!jj*Hj4JU5%aK}Fm=mɗwj[s3ֲ'p6/-E2 H$ŒV\|;ݯb&NDϣ2(OnJ1MJB'"hkJZUcH^Y+kF*k_}3k 4}z@a8 OXR"6P1ELpaNoҖV_HWǒ(6+ CҠT*#ƐɯI! 2CHB_&XrɹxO_W ep`Z̘Dr$y\_}}3[+O12K))4lfn=lAg4L c|?~sx街3+` [-gg6&@ blFa5R+PD#ҷ 2Tҭ o ^Et#fx ЯHA_JPBzֈW&]|W;7+4X($Sm?TRww'x$IVf;gv{\zzgNfgg?3,#1 BfLg }6ckjwYz;jgRkCECT.Dv ۾惊$OXeNsօq k; 0/(BHlXCًժZӊH5)6m8)Gw,Y)Il!1)0~ x ‚cm͸'C6M"6 =?\,Wg/q)"It3==wtX "3X[rSqfwF߆`8V5˩ ~ Ckk:L&c-,ѽ5{ C@71# SPee&1 cW}41a6PJ#lԨ)˗o>]□rGW}:63O)il x%>V.+}%U 1iYЯ\hd*Gw@?~|^^}}`Nv=mƭʒ%k]v<eױYym„ovvWϦ Xp|NH'? bQzSQ`$WFY0TՎ:XWM/DpR$mc\CPLݼp#K5*&pOGtBmr 'qGN|9" aStdyK2c"qMl={ }TJY&.fVYkbF!<.\mիsݑ#S*, r`_RR4JQѼyPD1c}wr/\qU8\E1ڶ*'46 v1 -Z99)SX*N zk(#0G1H("#`\UGD$h:S>rN(^8x FaQr$h\/ޔyޒ[~ɧm5.'1Ռt~Qc琸s5eSݒuJ!c<!ݧC6o}%`bdH(uUuZ>G֭T{pD_?K}m,$aO r9mۥBׂ Mمԫ 1idx^R<˙h$[o}E_XGNu(]uU`sz ( M'55E߰aㄛ8wuu-3|5,$N  Ŏh5Etkh8Ñp0b E(ӯDQ 1u8hn܄Ag{iA7QЅiI)LxWHϽ<]welIvvx^\6RC>YRl,.ĕ쩴6j:ɸi*bM&H6mڮL4ͽVaTGVM+ש%%Y~vn߾KݻK 9 Z@~ Xm͚MaY[jDS^~X.++ 9/7; !tQ9fCqiνJYY`{)y UV4:/CԱV8S|.-mLLLʜ"dD$^aM7 t 6 I0r1lr)t* v/EA(LF ~q+VlbԨ_b j, P3g=mټHͮug? ͚,.NN M!MB ¼[֡9O@k$OpFɐ0#2&zwmٲY'j۳ZQ qyL'}iJ?y @"N">ۊC<VC+VU؏:r&<\rn-Fg6¨{^i߹֯ߢ\Cڵ ;/Z }Ou 9r ŧ(0BO3=@cP"+B\ ܥ=Ą0|. qqy{*o+4 3@jLP\쌼}9X]'0w|1P?+{Qo~mzw< i5A6$aN-@,u]Y1.7Gew+㫪k+=mUՊJ (Kɸ57r=Pe8Uh! A@x2o߁c $#e]ogf$Ix +owŕ/%w[o8Z:f~֫gkhyML-E!{Me%s/`1H.8#@lD MBA? F:ɑ+mܶg^ȑ#kjD\5|߄XydZZu*`pX1@Ĉ":L@ 7,Gs`/od- r8@-eÃwzNIfp]@h:In FdvF7_wQϠ㗯jC=NLXlSB/.n @a|N"_8 ۷/ W./^ѪU`&Ӫײ )//'BVVVh7WkFN[n5n(l l !H\9ubL`(_ h @779&ąeLK~GG֒i}:ڣ|Ŷ VVs[H\n,4/rCff']n0.{],xD&gK! HicرK>}+??ry޼΂S{ Pƌy+a%Ezz^CgLv?CUIB5it2pD_G_] %%-C- ƘD&\+8`$8,-MG6|| TunӶY:=@:'Qyʓ/mO.7C{7}zyyueGDřY/Y~3;;ՙ.\2A"DMvŹSg:wxZjY|agxrȐ>5އ^z>t{~K/[xRm=Y&DM&ev=":FM."K@g={snX͝c7A~DcuͰM=BADPe = c +peY,(*[PQ Zﴪ[ @99aB:G)?Z1cR3~#OX 2F{㡿z0ailwIy~^6я,$gY(` Jr=.1&~ԩ,0`5&}^~ڻwҊ3g~lԨa OKOO[f}N3;uj#,D Xvv}^ A\"WS}tPƛޤ \ jtb؀f?':| ߇Q q `L}:Sf*tA)I&f |Fm+8q{ԗ0y^6L h1UE ÍD…Rb`ՂLO##lj~j]%bxStb|ΥgzŲe+W]5mۖl صkܬa<p <6e8R euulr{eiܸqR^~@K|w`]qť;,Xs"tN TH{iݺ1)lI!{ËuL>jûdl C qM E7DEq 7Ͻg&khZ`b:Q`ԋ.:&ѡh c24drvT>:rO> u=Fq$nٲM6J^yexp #P#}njyϛ_rGVu-Cr*D4Л;oZ?J}2͸x};Ou@K_СoxxЦSfY%'C 5Wȸlȩ66oj?~(LQ]-1kxpKc~:!KW]]S`;hGd10BsEzaϡ׹&7Π]zqȧq'HZwB:qTXQ+"H欸ޫW:?i2LЁ MQYpGБrEE>99Ioڴqx-*CA>q.rr/ή5 pÝY{~ꬬ 'O\l]`jYаaIعs=sO' |%zE3 rHMNv-v5~1[E$ p4fB 3Ʉgږ-{zO|}9Ʉ<n>$xȨB7';-Ի{k5֤mnD-FQl9r,am{$'O3w֠ iY?!VۧNŒ9 {+쓷o߭@Vm׮hEp > aVV6V+׺u /<' <ٳpy5P ԥKp*9W 2'9v/ZyدW{칤M*mBBN~ ~Ri:%rMPJUm]eaU b;\\ } t?NXv;ҥEŌ^L/;lpP܁`'*A9S f>ꍶ1 Dya{8V mڲW.GVہВ%3= 5<r7Ϲh}eF@3%&wvYn<:ulw/-Ϸ߰UήIPGP#GPu!Op#ڵkTٯzꩇqہw}6mڬ BUQQֺu:'w J2;,~2c'wgek`˖aI5Oq˄2k׽.!IB狀|jX.uз^y*hh1huT锠DbOfH\2*18K0bp5X9L8ey- ~*] i͟IO]y7ؾ鰣a)D f(aC>rt͎׎LǼ^98uGra˘x%Gcz%8.hzǭQPAB^g0[o BT1j+q1+"r*%v?~GxRކ> v%]pAϺx|/4 )zb՛[yjUEA+$(KF*Fgy*q=܃Am #`,h:fa۩$z+Ø"[ꓙRnUτ/@s("Dv܄Hbb.,2B?4oXdHJ,uCd~饧|֠Cꋮn`c5#vVl,WlL{T1>!q N~D7nw&4g\h5c- N 5VaUk,MlMP0  אτΌE| s(%XJ;sӵk Oj ; pkHVXh%l|vmTww<?(޵r&>e! Gc@,x BDf15fsk5z ΡYBD#Y[1>/^m2z/E=b쟜F=e7umڴM/4i:_zFF^T-ʘ- ϧQ< TH rs/PmcjʫcO|T`]㤤C&>îwBO=< E)`ք+ot1g?u@5|%kq]2ճm *9gH =bƟ0MSRD.Y9FtD07= Dz͢D=(>vlƝi?:^Z2,s.Gz@D#µ^Rϛޮ]qb,B ,n0&H}6 hѓjs\Sum~e"@z\˜R9·3f¼a/\Ӷ*Z:8c%ʨ)GMg6 :U8AܮU#~@!#=ɟ=Qٺu0e3MOak3领L!ߑI /j#tu=CHVCXA@Plj9~cҤN"7jc`f0㗪22={)CԠ6M.tLUMlZʟLߑGbr uգnڂS Sipۂ 9U^(?r?-{e%ztj=qNOw='[øۿoG{=䉱Pg:zB=Bc>mquZ/8Oڄ$֙U_RS@QF!1UI`@$q\lʐ YAÉ, >IHߠp n a'H ps,@X06cw׮gZn _܉1T3SSO}ip 1|&FYg W+oϜN@ dcRf@B;) *P؜6w33wo;m s3sb`]h6NxC$H𽉡$9GP(-=rff$iN]$SUUbN#kTdM||mMRH 84ڦ r!X @bU:r3852Hp2n4Ed#2ηu>~cVM"=Q8Ū\녀2X C[/ @֊JhaK ' s|f4UZJ V XE l٠?3ngƎeg>n4'NXB }s>q-FxBxy J}O]vy8PmD}/h4G$0((fai!A@ۺyֳ;|6n8^4*SrmHr"Q/>Eir eW]9Tse$Jn:}P{Dse[*>][e6q=))mFaLe%A#\ z!PVL2[޶m7{Ñ@Ǝ(:c Y 0@vg^potH@Cȝ()c09C!Qa sƺDe#NoCb#xqBM@N3ڤI!$WXd{ 1 S։)DXb@!Q(ŁHb9+zn3DBiElqH~+DVb!?n>\p9, &@?.׭.=ZQl@r0q2B>iVG1 I̚ גTmOƺDNȅ6*mΘm,I6Nm|׶mm۶mږ^s[_FdTyG:*LcB0x汐W 0w}w~3)&d0PnC96ֶ:|4MʀDmA)4.n]T jQOfMU!AEJ:C"՞f=/> ]ϞCFf&Tr տ xm;c#TW`jyYNox<ܜ$5U3 '$M#e5 Jk+Y^5)݈Z6qFLF% S SI9_,czT5콷\7sؕC-/$yUZbEl 5%O/Bˋ~󂈯ٿ4D$ڦa43E'~DVՅxn zVyGmMѶp(r­i:Ɋn@&bu3s8yW 4B߶XmOa"$m=u߯Ȋ.TU$.lD8p >Oϊƞ,5_0ZcEpezrR~jJUIAJxhDVݶK ,wg-OFٶ{GTӫV )uV~ʆYaw#YQ1ϵ a X9$]3&iJxOJ .+w;GOm %ƫX0$t7RJAZ2U peCvU uJRllUskBǣϏF=hQogi!j"U8:˜el@V+D*%-#.6+ᙗ٪85ED)Bt$1>j 5!`cp<-RJ˹MAphj[ގ9>g'ba>AUP׺YJ^ɖ*\۔uyR״-t_@Ƒk!mz Q|!BBJGf@֖]53sOմ)u>tt0=g$/4mx$%>|ի罶|G˯GT71FdZA9#"tJXjwssJ~u.W`s|HQYy\_z߆y]V%UuUVxD~JNb>.l-:mQ3hR{gמO&·Gq=sGKhңmw1YpA2۶lA~KRz _g i/PYb+H v-J׳(*ٙ}ll(9 ߔږYY}d[ m!>z7>_/CqlUY*%Xq rߩcA` +ύ]D7zz>wsI_:˳ =? ?MOO8_Wp<==={%erIENDB`xca-RELEASE.2.9.0/img/bigkey.png000066400000000000000000000027701477156507700161410ustar00rootroot00000000000000PNG  IHDR^QPLTE,-/!!#  HINkmtGHM$$&#$&56:lntbcg013$%&$$'569IILPRV##&124abfPQVIJMnns559 '(+ 668 tRNS@ߠpЁxr 'IDATxڅv@$l\60)[ 5={sqjZVժA45iW_+~*%9g"8 hNHѧ %fd\O%LZ0T U5MSɛSd"M9zc>jw/V#%%o)J`uFƥ ĆChڌD5d$glb)Bd`(Br||`ɂ"MGѫHѵ怍-4⼗zr2eS~3QvKVt^2N|x4Low|{,Sy~(3*X oK2സ ˿@Ʉs3OEVO0K+'{bas6x6)y~ya$Ng=tT0~:T93%EWRd֥~ J[gXE _IGv^.US jo[`=Nf#$la?5q$ ľ!+8c2k~hJ2mHߐg?)1O^WZ㻽*|=SQ9w3ws֓)w%1Ο0#DI qxtJTuCIdy7PȇI|Cq\8%:Z v__[H_moᄑ{GD>B%??Z`~*2v-[a'jB^>o@ƣ 0=4aCZ_xd'ZNR>kC`~C4^eR&rxBSl.G^ynh->`M98cV!pdvQS(;RPdT d2ڰ$a&#Ob[3T@Gݮŭ®*(+ni8 B:8;biVZ!Vikvׯ)c-;v0p.pWG?_wX8PL@t#U-HKAYc)B$D9Cj"ClhsVBg:`5JLjEFJ"i|ߐ旔{`^k:?ލm.elqpV_"*i-ӄOϺ=5Ҵ;[_).X ߻͌c9k 3w;V2/Vj_,U&IENDB`xca-RELEASE.2.9.0/img/bigscard.png000066400000000000000000000216751477156507700164520ustar00rootroot00000000000000PNG  IHDR^̗tRNSS.!#rIDATxp,Yۃk۶m۶m۶s6'y}Nz3kk}_5!( ,C`mI X`DU?*X`k   TXXX+X+X13!&@E흈R+so|BElA~y/ *_JU*/ X w__zɦr2Cz3$]3{f⺫** {ŅFt$BA7!Qf 0 " ]ma+,UW{4cG}p6B^~JUD+ SZ8ӓIwP:ȭ6YWzU#i|.eҨ7\kȡʳI ȍ 7%b|/lS"6ZfJ#$eambȐv_o̸k/O̴r͑(uWkѨB`fO_t"G=g }g /ds]ČYS̟ؒ&(–˽ C9[H5 B֊0ayk4a?$CTأfk_f]7xEoB@UooEG613b}C_2(EJ cͅMfEPBlE8lQwo!+Zlʝo*,C P$]u'|'UrSIRk]آYk㉸--ޭr3r4)/qU^z1h"vBR@GCyG|_NwVRdrJU @B:Wd7G?gfILff>f&=ffffffff23|gb`y2_Tc>6TM/ՋTg 3PVUo,DyN ӓHSTUw`uiu=5=eNǞSp:spMh `).k-#htꑵ2eH6-K335_JH%CCN5WA$*:m.?mG_]4`KueYTƧ6^pA*S78UEQ4:f&ʵ30jXc,R5@dҪֺ JCRŏ54ˇ#j5%BJJ ^ 5H0`DS˅oF.n/Jٳg'6 4k"z#kذᮻܼ>`CUj;vVd")"+sT R@ʨ|,B<5 LZsZVLLQfFWo͝u_SSvj}3.|mf/dOٟ9Vkbr"HzMEKVAձDI MUh%V sëDKJ(JBP+a2oI}w}oqr)I"944trb*g###Z>b׮;w<\3믿kZt\Th Mf &a 40< !bn R Hdմ^wr:%K8"<<ʑ{O:dYu59]^;#\^|ToykX9:V` JЈ" ( B`+E ,P `#,@ X0KN-$uD[ (vtZuI+ >sᑓ91>pᔟʇ5̅-'q_Xh]l$3UUrխKc& S]{6PdSHC8s`|Qɴ=0IZ=-5%(*1-/QCb]C} ?T}}޽{|+qrz)y?+SN9u"[I6x5T]wWc_ q۳/PT6D,j!z{u*$B!`ehN 37^FK&F&e+jh%rޝg~ۻi~8Ot15{:>~!5~0;7zkn_ԹZP7̯7;/&ƄžJņ1 MY|a^ehP{-M0S`ÔU, ށɱ-W/ߟ?H䛽>ZwۚZK©(cP_$0MQ B b(D#WP!NT&$&ɴ,iPZ1F6*uVz ՜˝*[JQ*g猚ߐQsL17;~c5:,>*;(f'h5Uw@̔MUgN2&Q jhֿDPL͌G;֬^tl>nh;^ݶs^UܷoɌ#dG @ݷfSM~̇΢W4%\VBaH`zdxȜ&cJxCKF /ڭWߚgr=7;p՞5! AVzP kR,pF(XU>MECܦ)!,<7K ;C`5 ?\33$|g.'>=yDs_ NеlwEՂ+TJX(;iǦif$몆Ob,VQ(VY}Sch ej,ɷerz< Cʹ漻³Ϲ[ZT"ʨhf$DE)k,65 ($AQD`*`TPH`[J3?o{l6[گ"Ʀɳ\jlhi"X̛T>qC%v0}A@gShmlHd L"* JB*Hm GFG!EլE3蹡Xze 'lzF1tCu|w?'7Isӻq8:9ᙫԍ,5T9mlbcvH-E388x=%4G_@'G>V!Z5J n&F)i$|p#JJ:KNB @8x0>M;^xiˣ?iSO^>wޝKj?>|t[e00[+ /)`5h/skr*]w05@f@` cq>jT3s5#` kGy8%XK+/yU?lbNfAUS `Ts.5_#4p8!e(C#j>Y 6D`b)FX>K V1Z2ZY%ܲuwhfn9xgD)2UY2@M^^j֭Lj;t'2ǧ p&(3qc=U"'I#6,K''iPE: @h*@ D02fۚNtꩪ'*)*XVJ0 0L`M4 -uG*qJ(!>&yX֞[)Zty$fZeA,hM^4]~&&a"D LAP J&+{[wv֠Ԩ2ށ5NLt-$d/݅[b` H=+O:G2P|y~-7TrUސ7l5McxGxYtߣj=.]alzPYH CPEIX!t fFTL!*QP`1H  EmzϿSKDkCBZA%"&y񍣧v]!%ˣ=׭?TU/:k9oo5髬IfքpCElQW|{;uwrꉝ)iAFXI .Xc#O$ {M^=_y%@Y:V) 1@Nؽ{ _~hܯ}g|Bښү_~~FWBsϚt4T5Hw{'&'oNjF70__G\ryk$FXIoi[njHHm݇}=\>6!L5"Rʾs T5P5`f3_w}g|;]7o5[oYr$mo HǛ/$43E,&l rt7}g~Gi$! ]}=KV\/3t.jNOl޼wVj]?Ć':>Xj,ٿp[|egtо}fݓdoCr5qKط.9sIOYs].R$_?[oO.]sM@>G}_PY~]ǰ8}MS]ս7,>;UVY0۷7m;V?yQP{kY8RUQW=_֪nV^&07;>_QSֱ ])Ugg3m'% ogAWqj۶m۶9g3sγ8:8nو@D/:_0!AjzI( v?~$x S V`#"Fܤ[8BРkyJqX`xb[lHM:xlcRj]<ѨTW-Gȉ8נs$RO^\{lܒX삸4o[co0k`p̜rWk\'iESK4*UfMu u}5{.Aq$ROX孜.U6:&эXѱI*?+g)ޜ5\eAu kTb gxh 8r,)GR^AVYw[8nl=#J*5*U2;:sUWtmz|b^YDml}^0IJ>0~@Tw_gյMCG*Ftp\|Yfr!*U.;*/W]MH=A0begqRrث[TB]@QY˅ͬ<'jè&+6յ.=.3|e6kT4##ȞFJк"eK V+p+ zxbnVݞX^R'V@&V@ V@?tIENDB`xca-RELEASE.2.9.0/img/bigtemp.png000066400000000000000000000327641477156507700163240ustar00rootroot00000000000000PNG  IHDR^fg[5IDATx`dS6L2ۙyڶm۶m۶mۙ[lfgͩtV]_G%TRI%TRI%TRI%TRI%>BJd*VU6L `g"!rpb4ڲ\{Hvߧݒ>m%N}2"dڔ1 TC{SxSRGS)ם x4JO9GZtK6} (kڗ/۰>u tmG ݈ITIɒ6RB%k! L8mYycFXU8P PB9qAI"JAгJs ~9gfMA{ޛmݡ([]&ɣ dp]ml`MӶ"?]"ᏞS bVa5A>IX+ U5Iccow  s'Ւ|u3>;s+K< סjBd::AUz{ᳫ4x~s4xq#^HkçT ( pr8)| HR;Qʡ "|$J8V#9D$}z7sUkX:P)gyrz[f8ԁq n9%ىL{$ ,[Z2 eIɣlR"C^s̙ ^%ڢa(B1R PذOq@5( H嚂„rbP/ ɾ7m:]g5؁(SEJ'7\uZ*ףݤuJ.$U|N'mZ/dYQɂ>h Cהf3̓%R͠.v̐c(Q@FH B\ jC!ŀSbp ιD@Lz!8rRpVplHG-ߏ>׹F77w (Ejr6ي {_Dd~rԒdnUFZn= F 7jZ1VA n?{ n\ ͵1* ܺڸ:88~"Т½8JL9D҂\w/5ҼV<~fUwv^_ُ>Z),nn4|ACtĈt:LLh @j<\Kj wȍ=cE6[қd6M^xdŰk ,(D5}Gk$ Xׁܽ":6:Qu GD":IB1,3F rf{6>boϥˉl5sQU| ,SCRUh>@ %aPvv5 LXݭ(f2ݥo\>б<^+ZI)X63L&0NyTWW 6txd_L SVhbaBj8FDOP>P '$B)Я+DWbQY8IpF}ฌݤL1"DBຎ C9P] i#3k*j8s[pq׼h YB?Nܨ 'lc5 " U^${GtQ3f"J#HHrd\K7qZr-z"ki$Z V ZyYqG }" XbVe 6t>_B.W@ED)D2D0ňHڒ" ~w]'aIaР* ;M?#bPf# \w#7><_?k!?ler'y#8l+/:h1/,:oOdUUrxZ\cF{@~B(DBFgDq]X SDU)w |sHTF»eI%a\@_ڭkUE~'OLݣ.lC_Y=qhw 1ƭytCŝw>E"_Zh*Nߧ 0jR'ro."}]9P*(KQ'p,D6gȹNaUR*\Wa2Ȝe].>x`M@zؒ -&)n`Ү w?knx_&}h0?9""ٜ?/W9([ \3,GK,+j6WarSN>)Qyl*ȍ/u,51113 xl5qgU)=):&?=3]RI߮/ l0Ą:ai"|U(0F#i>QfV!)ԩ8j@ל 4[ jwIۛ =4XO%DHJ~(90YE-9쏞 `oS#] $BO0#kK Wů~u\ZfA;[adVj[kLg;fOndx@4[M83O48Ò|Wߏ_shc(E"b!tzr|"(CzI,6wO&N l`󘽵yr9 kˈ-QPC3<_L.p)M|%O|c5|/{ɸiGg;\Zi E۹.KN'b},Ǵi3fP2ls" )%ܳAی?9Y,rD $)01N$ΫGOL-JaLc2#,սq;eĉG@&̔ՁKN)nYֿF䔷dnmo2Y֚N:nk?+R8]BIN<88qR;Fu$ $db&ECH+YҒV0]EpI 6I(D̤wTHΥZOŴi[Wp?}ދ|_Ht_ ?:w֎12/^&Slewm;.MvN :=C7L֪$ 6㸞!r' A"a$1 Kpb! bha%..Fl_I |/s-^.viY0y<7 6e'ܴ+m]_l|!02!`S?ofvMe°DbsCQG/–vX)H^༸"A1JAzlu&AjDVc$!5%HE&`&$QTCL"/ۿpI%uʬ_]~^{RZ'% "#?vϭ@# & MagVdc@^c|Qt2Sߟ{B)e!iob|#/'vnX#Z fΧ[Ǿo5{1չ,e6g-E DnI0"[8+!3L.z,EkRaba8AD  ʼngUQp #Y,psƤDd\@&{ʂ8 JDWWL)9a d AO&l=nlw/LD'/79³pRNtk]&uIb+W~!ֻMr ZBhHJ*l7 0V; BSDyr.Au$ H:j"0 [šVKpbBBe( ԐKW]] `ID$i}V܍endQO~~"_X(~EL!foaIci. ZkWae \Y -,jH@hr Y^鳛ߠȿ% ~9 Zh1L$Tl* kBbp׬lx;<B~[#wqE~SZHPB 1DI'va1H B*}+],*ʶ3u'zsw~;ےN[cx|9\;2`]-X5v_2 A(\#/, }Q, 8PR1&;>+bH"av,Fv:׋!M6QQm-"D6,e&=N28te I OcvhO\s *}ǂQ2'@"xƐ+ج ÇH* eAE* Dgw-ޫ{1dED""tNyO(<Ō}?[yuU>%-_tG'zemȟƏ>I; ;@%⤣@wϬ2>g!F0'g 9d7/(k|llc'.bs{ Jȋ%^(XDQ#ەp4q T"v_wZ렞.\;pkx<$t;7SW:O?r/uMpZFsO;kʆrIl%;gM7ޓG\Ƨ&ji0szqGRk &=Ʊ6t3gnX"Bsr-u= aP#a6B_ѱJP%[;b IU N-GB bڔp}ݍl-XϯM p"鬕5=_V+@* -gZƺ"S=Na0ׯ7@x)V`,=F3/cL@GC]ҿBG-ozp3˰LEÖ0rp&.U=Q1Tli{vN s0^0F,\H@D-X$&쎒hKctƏ `2ieHBC%;l?'c]#b fUař%}C4Q'0&'VGp Ji H-DD `,yRQx +g ҄K(V \' p޼zw'# c@M˜̇nZi)g>V#[c~MAV+ǖ݉և1~[^?q87T W CEQD"=^iɅ$&*kÎ{X4A ATX$c7F\p?( C'!#Hρ86t3qD)9zppHg}H kkIJGRsK|wnqQ\o8CCx|?S~Q3㰆vz!,1g[;Ytc'67rOz!{bh. 6JJL_JD  4 ƞLn{p6 DG-emLj* 核$@8مHDY@@Lyqu?qIn.=CЅB,yoy ^ůB=o;CLaFP`TψCɵ"dyѵ?-hw~M6p,񢅻}?ԈUA !&face $͖ C[~$sǵݺjڷ$D[o 12_;r/K(;:*SLbM8WWT?.g/>PzTm[TMvף[vWX!%1ҏ߽ffשPS 5rbPT&$Hġ8Fyτ0]؉Y"`CD-Z mC|Ӄ\'(@G8!b"ﮇ+; 3%n@X !3P=alwmNe_\f}@& \vK`f:}'=A7UyٓKVdOه!BE};3V#JbjD @"e6:!ì]8bmI};(VN3N]'ѵ6pKo9<F8m1Tfw(ɢ+:,Bal7-嵇.&B;[[iQ]f"9lm 0" -B b\ ܶ!Y 'zp/a>n:0l'̚5ycӷڶ,HU牊zRڶMc{{kd AO /HBDf,[|+_+r, z>@v։#< 06M#+lWׯċEr zsfpFHK/ˀ-+=Llaiu jOoWϷX- hC_{SG}ܹs=<}me3y3z P,Uf Ov}8>OdHs`A^6*D?'ibaTG $At\}-|)\zCx76?VYDRdv[8pzNi$nslA,ZwҬu,Nq>9U,l9tO~hDWFw1h,5}^zcsŐWDGqwtMݳ`w܁k>xsNy"b 0)P/=q]]o!FtP&ݥQ:0 cFTqʩc)mBe[n|w=[~@8o fa ns$Ag[fK'pNccm)^!) g~ز#"ف@I2*XK gAY)ӹ~్gۄ vҌ_z8` ]y⸮Glmخcvn6ƴ bUvG T/ v_ Z2&6}x'yQ-]w=o{+U _>Hv} \Fx$i Vi;qlMe"'gkXꮽi'a-{=-p=<HNZ{*JB/=tIU<UʃM>Vi+f**L PTv7$ XeTd(U΃4*嵤3Z (߇hd")84HiP\WI´Z ;66Ho` :Ks8݇kL؊G[kM'w>4)]w}%A+W@N&ܨB_,b A]D`eT*h9~5 QJ|$tA Ν@\6gpD{q!ad*ƺV_?_CHgv/ t#E [6MUg&:v$({@ؘ/ MA\k Øt-׏-阆Q+uV|w4D sq"C|bD 5=y01C,AH{g6}:<+|ikoMOfQVbFqlLxxiDɣUE1!Ŋ f)<%ś  aCtow4|@½ % 1zh6q 0&EpoWlI++ 6lvd*Q ?~tJK˅U7i+c>g‰ĥp"PPAȦ+ HJ=᳻xmt'Du[񰯱:c@mJiŪU_eKq܈OyKYDY`U"/Gu6ZEދ`5\c['/!z?g^4DY`­ċ@G%k'r/$;QlT*_vM8R/GA= \5. }P8mpޮ"AXG!cByJMM"X]HV9D$\pYpAcS{+ީT݉EP!F,tsk.ڤ/&Zy{k7$ ܽTD1DžG`GR,lWXHl ;S]ӬV߄Ql23ё}ƥ_7~xw"jGzD$щ*p+u̸8| ff E߆o -EL]LC(.Őeai2!lwV9-ƐJ_c?iRpe`X`4"`$qbsJBHnQ Dq}=0gÅ/ӅAQc(QKe_QlϾ$\ *Q"`oZ+ބ'Qb2VьbTݯ0Qb(F߳n3IENDB`xca-RELEASE.2.9.0/img/crl.png000066400000000000000000000024161477156507700154440ustar00rootroot00000000000000PNG  IHDR(COIDATxJ[X϶m۶mm۶m#uI=aιGʟK*˼jzoi=yÃ=t PT-h֬_6VR5m6kO tvOmZݳQN};JINkݶMo45 >[ [KGA8:d\0;ZRW UTz<͛Nr S5q !-f]!w"qXUNcZX@@ "*$ɈD"8Ѵ0*JvYˈc iY`ͦ#)oS}fdWFbwO8gJl {NgB(d&GGcANu8233,f9D5da+F'"B5-$Οv/~pϞb1qQfH`Bf%f%f%f%f%f%f%f%k%cf$m,c' Z d+t="}cdJs7Zh) g) ]l* f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f"i) ]&h4uWmO^!b e(`%Z!_( _' W[AkQa?pOoNX:c-[!j*gNf%f%f%f%f%f%f%f%i&l, k+ e$c#d$e%g' b ^!mOuWh4]&i) f"f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h"e' wWlMT( W%a& e# k'b"pPkKjL]Dt8"^ k"n% g!l)_b& \!\Bf%f%f%f%f%f%f%f%b"h(e%d!j'n)i#j$e# a& W%T( lMwWe' h"f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%d"f"hq' k%f&W!], \CsZr:!U_& `( e+j0{\^?s:c%d$k' l& i h( f%i&g#m+_ [!aCf%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%m$f h$j* a#u<gHgHW%Z" [p+k%d!i*]#f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f"g!v0\e#l.j3oPP7[# f/Xk2P3_BpSe.c* a%b$f&j& l& k%g'd#g$e!h& a"j0[=f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i#i#e!f&_!a%t;v? w^l3f)^f$k* ` i*f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%t+i%]n2Y }D%|^j.Z" a(]$ lRqTI,f* a%W_#d( g) g%g#h$l& g'd#g$g#e#c$|B%I+f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h"k' e!f$f( [\ c* f& v\M3Wg+ h* e$l) f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%aj' b& TnPdGc' [_& l1{a{A$`$`$Vh* f( e' c%c#c!d"h$j& e%d#j'm) e#e& P3f0f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%g#l( e#e#l,d&a#j,da bEmOR\ l* f f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i$ h' Z"Ȕvk7Wb& m*J0|bc' [a#b$j- ` d$c#c!d"f$h& h& i%e%d#k( l( d"e& \?Z$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h$h& f$b e#h& e%d$q+e#XJ,be+e$h#f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%c' h.gk5Si1_#vZ_B^"j+b$m-e%a!h'h$j& l( k) i' g%f$f$g'c"j'f"b d% eH\&f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e#d"h& c!b k' h$bj'b!d&^"u;ȍsk.f& f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%b0Îsb)\!e(Yċqk2a"m.Rk+ g'a j) c"g!i#i%h$e#d"e#f&h( c"k( cd"b#dG^( f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%d$c!h& e#i%m) i#k%d%l, i( g%\^!‰pf.f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%iY' Y c# f$ ji2Y$ d% ]q1a!b!n-f%j'm$k%k%i%j& h& f&e%h( d#n+ e!h& `!^AZ$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h( d$f$e!k' l& dr) `&c$h%k%k& b" X rf%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%c!h$n% k!m( `$\*g|2f# b% f0fh2_&c%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i&g$f%d$e' a%^A`& f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%g&f%d#d#e$h'k* m, jZ$ d' e j$i#g'f)h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%q-_r.cd#b( w\h6^h(]"bh2c, c%`f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i&g$f%d$e' a%^A`& f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%g&f%e$d#e$g&j) k* h7sZ[n+cn+ b!e(h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%du/]j.X eHJ0]$ d)c(ch0l3Vj( m' f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i&g$f%d$e' a%^A`& f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e$e$e$f%g&h'Y$ |C)sYXd"f$j* b"h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%s) _i-W!{G)Y;f+b" Q}_k3c* c%g&j$l$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i&g$f%d$e' a%^A`& f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e$e$e$Y!i/cFA%e$b"d$h( h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h"b f-Y%|^b,a$ `Y;X:["b$c"q.\m(f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i&g$f%d$e' a%^A`& f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e$f%f%f%f%e$d#d#h* b$Zfc' `!o.`h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%l,h* Y z]s;]%Tl/sTc, e' j) g$c g'i*f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i&g$f%d$e' a%^A`& f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e$f%f%f%f%e$e$d#d#g']!w>tWf)Xi'h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%X"d-~B$Y<]!g+`' oTo6\_q+ g!j*`&`(f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i&g$f%d$e' a%^A`& f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i$d#e* VhKE+j*ah%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%Z) W!ʎpf% m*Y`FP5`"k) h"h n)`!]%[*f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i&g$f%d$e' a%^A`& f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e$e$f%f%g&g&o(d!i.Uf0z`c# g"h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%c* \o.m' f p)f!d!Q!`Ez=#k)e" h(u[X#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%o) an-d"` h) [>g+d#g&h'h%g$k%j$g!f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%g&h'g$g%e%w= eGW( a"fq*f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%`'c&f%h"k%j% f#k*\*nSg*]c!fMn3_( f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%g$l) `c#k-^W:`& c#e$d#b!d!g$j$j$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%d$j) bn* ` i-gIa/h)fj#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%`%g* b!e!l& i$ g& a"\>yC%]#i*h' sWb( Tf%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e"p-_c#e' P3}A$a' e%e%h'i( k( j'h%j$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%d$g&f#l( a]!P3R4a$j%e f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%c&e%g&j& h$g$ d% YoRa) [!b& aEA%a%b& f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%k( h'i( a!_!cF]#[!a!a!c#h'i( i&h%i&f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e(a!l+ e!h& a"e+qTY j*f#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e(c#k* i%g%a"]#}E(S6b& ^$n4pS\b!n-f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h'd#h( f( h,V9^$^& f) e(e%d$e$d#e$g$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e(b"k* cn* h% X]@s>)f'f% f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h( f%j'd j( [_' wYp0[c* cDo6c%j( d f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%d#f&^h* ZqTY!\$^!a$c&e%e%h'g&d#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_$e(b!i%l& j% e$h) iSa'a"f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f&g&i&d e%`$m7qS\g) `'mNW i-c!h"f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%g'f&^!]!f-pS^& `* _$g* g* `#c#i) k* e$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%]$f) `o) g!h#k( [nXl4`$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%d#e$k( h& ^f,{G)wH)h$h( _&gHc, Xn* m$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h( ^m0_#yZzB%]@[=`@\[!a%i& fu+Ym.b( b& gJL0f( _l, k* e$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h#f+]Pf%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%k( f#g&]g) jM]!`& Yb&g+ _#d( ^"a%f* d% c$a"a"b#b#c$c$e) [Zn2Q3dF`BU7\>lN]@Z=Y>ɔy^BS"[Bv>%[ d$ w6rVfJO1L/kN|`{:j' k*i( Y[k/{^c%e' f&g'e%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%k&ZfYf%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%k( g$h'_d&dG_#`& f&g' g' e%h( f&f&g' g&g&g&g&f%f%g&g&b"f&i) h( c#a!d$h( g& Zb& ]$ c.w[kpC(u]_# d+d+ge& l)bd,]%\&jLV9Yh' g$ b& f* }A$\>b$] e%d$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%k&\!aTf%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%g$j) g' c%\?e) ]#f$d"d"d"e#i' f$c!f#h%i&i&h%g$h%i&g%f$d"e#g%h& h& f$i( f' [!^' sA%|M2V)lg$ c% W pZ$d( i$ m$Z ^( P\-qSs;c"g"`& a%e) tVg) d'b"g'f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h#b' YLf%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%c!k,c(^"k- e%p. d![']k& h$_#a(e" k e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"j' d!e$e$l-\@h) _#e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"e"m# j" h% k+_Ef& bi# d b&ZAD*j$ o$ dd( B)gl$n'[$oRhd-j&j) f&jPf)]j) m)g&g&h'g&f%e$f%h'a(_&^%_&a(b) `'^%a$g* a&_$c(_&]$^%f#g% ]Of%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%o/T`%u2k!g"U#|_ȶƳɺȼ̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾ɻ̾̾´õɻ̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾̾ɼŸɻǹͿǺʾʽȻǵƴr)j#p(_( cHu,^'i&b!][Aa$ d% c"`b!f%h'f%f%h'g&e$h%h%i&i&h%h%h%i&i#h"d!g$i&e$d#g&g$f$ \Nf%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%d%^"n.dfa%~ƺƾ¹ĻŽżǾǿ¼оl&j&n'WmRr' [!e%c#g+\B^# g+d$h(g'h( f&b"b"g'h( f&l#n%p' o&l#k"m$p' s' j!k"o&n&l$i#k%g$e# [Mf%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%b$q-j!a `/!˫ѭeSk*d b% [$ \ e!`" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" a# a# Zd(d(S:a(^% `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" `" i$e$^" a'WA`&Yc$``&t^](^! `! dQ{ƴ]k(cg/iNjd*i)c%b& [B\# d( b$e%d$c#d$g' i) g' e%c#g#h$h$h$g#g#h$h$p* h"j& k' g%f$d"e#g$e# YKf%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%s6fm" j9)̾}E@W9d!k!o,e(d%j&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h$g%m+m+f&^;c%d&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&h&l%j%b"g*kIi*^j'v)[hEVq1_[Z>Y=\@dF_A[=]?cEdFaC\>aCaCfH]?Z<[=Y:kLg$e# [Mf%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%\(xP=̾X-f+g$YIm&q!n%d!f%f"h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" l$ h dh" e" bIg% f$ h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" h" m" h" d! d$ j,[Ch%h$ ri"_$ r\h+d(ZJ~Rf) s0qVa0r$ c#c' Z m5ÍvXAbInQZ!K.n)L _Tf%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%n( l) e"f#i( g&f&h( q#j& fb/o-ε˻пveX'Wg'n*af#b" [Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%c"g&a!i+ ^"dG_%_' f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%g$h& g%a!f* Yg,_E[>i2W!d+ g& f'_Jzɻ]# l"k'h( g f i.n̖}a*\"c' e%i)h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%a h'e%b$b&a' \?h0l'O#aVf%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%k( i&f#j) i( _a!d$p#oJt9*ϾΤlK;^& Zn. k'k'h%h' a! [Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h'i( ^d&\ R5y?"]%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%l+ d#f%e%j,c' [j.W9gG[, \%l-R^Iijd-l&j,Sa!K8qhj1[!a%d&f&a k+ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%`j) e%d&c' _%oRX l'qE(H=f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e"e$i( i( b"c#h+ g* p$\,S>I;a!f&g%m)bk'm* j* e& [Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%d#j) h( b$[l2\?^& f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h(e$e%g'b"e%f' ]\&sB"xXcDy:j+XC˹Kk0 Y&T5r^ʛsYd+ Wg+ Zg'd$k* c"f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h'k* b"a#]!b( mP\$n)mP_!f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i( g&g&_d$l/c&[\+RoGW6ya|N6K, ^!r2e%c#g'h'k) g%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h'h'c#c%^"w= T7^& dy\T f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i( d#f&a!h+ c&Rm2t`e3Ns* q$j& e#g$ e$` f%m* d"[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h'f%a!b$e) a' dGb* f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e&j+ a"k* i( g%f"j& s,Ye) ^d!f'[FƾSq0`&X9h,WX+ h(a!f&t3c"d"`o-f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%d#c"f&f( d( [>l2\$o* hK^ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h'` h( d$g* [m2؝}˻ʺͭ]$b" p* `%a)d" g% d$ g'f' c"f$m)[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h'b"f( ^"_%W:t<f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%`$e&f'i)b!k( e!l& n!m' j( e#n)[[F}^ il(}<M3p* _%k)b k(c#b!j( i' b f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%g&c"f&`"c' oRX^& O.S6]f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%q$m' wz! X&M'ժϹַʣ_*^t.^e(a(f(f(f(f(f(f(f(f(}WCe" n)h( `$b"h#f(f(f(f(f(f(f(f(f(f(f(f(f(f(f(f(f(f(f(f(f(f(f(f(e!h$g&`"f+Y"c/{Sc'a%f+a$i,f(m/i+f(f(f(f(f(f(f(f(n'm&o+a l*af!j$ f%f%f%f%f%f%f%f%h%e%b(e&k%e# [Eʻc h%g"^& _Dk!b&f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e%h( d$f' @$R6n1[z_i0 \ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%m, _&ir&\7!pYj5 [r(gi i&a"k k k k k k k k ™YHbii"i& l% n" k k k k k k k k k k k k k k k k k k k k k k k k ppo!h o'f!i'_Mp(k!h p'm!l! jr&k k k k k k k k c#e%c&b%c&f&k) j% f%f%f%f%f%f%f%f%h%e%b(e&k%e# [E˼e!i&h#_' `El"c'f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h( a!e%^qUk/Pi,aGe,a#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%Sa3m+]ӽv}k[4F](g,^#k6 Z,S)`&`&`&`&`&`&`&`&}[Lb(e&["X#[# b$ `&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&c# `" _# X_'\& W$ s@&WA]$Y Z!]$ c(Y^# `&`&`&`&`&`&`&`&]']'S f4W!`'h( c f%f%f%f%f%f%f%f%h%e%b(e&k%e# [E˼e!j'i$`( aFm#d(f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%a!d$g) B&Z=d( `# W=tA'b'g' f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%d-Q!e$b&μĴȰú˿ɹȷŮֹԴұвϲȼǻɽŸȻ̿ƹμʿϽ̹Կ`H[%^q- f%f%f%f%f%f%f%f%h%e%b(e&k%e# [E˼e!j'i$_' `Em#d(f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%j,b$Z}`b& \ ^# qW_)d%i' f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f% d*o$d! ³M \-o'o% gq'j#\i*^$e&e&e&e&e&e&e&e&[Mf$h! b c& g'l%e&e&e&e&e&e&e&e&e&e&e&e&e&e&e&e&e&e&e&e&e&e&e&e&g(i*l-e'd&i+e'd&U5O/ZZg*a#n0 `"e&e&e&e&e&e&e&e&T! P T)|T?c.c#l&f%f%f%f%f%f%f%f%h%e%b(e&k%e# [Eʻd h%g"^& _Dl"b&f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%`"c%t8iL]!b( ~C)Z@Z!g&j& f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h" k+ r!g! ƿe*c!i# cj$ e! d! d$ g'`! d$ d$ d$ d$ d$ d$ d$ d$ ZJ`! e" b#a' _#`d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ d$ ` c# g% c!ad" c!b c(p\_# h,d%Xf&a! d$ d$ d$ d$ d$ d$ d$ d$ a& SQ" Ę\J^(a l%f%f%f%f%f%f%f%f%h%e%b(e&k%e# [Eɺc h%g"^& _Dk!b&f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_!i-tVg+b( c) qWa(^" j&j$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%^"p"j*ƾ˵g*n&f#o.p1^m-r0i'k&k(k(k(k(k(k(k(k([Fj$ n% f#c#g$o& k(k(k(k(k(k(k(k(k(k(k(k(k(k(k(k(k(k(k(k(k(k(k(k(h'l(j&j&n(l&m&n'e)\8F"a#f'i+m,h'k(k(k(k(k(k(k(k(n(e%Z$ ÓTBUg#s)f%f%f%f%f%f%f%f%h%e%b(e&k%e# [Eʻd i&h#^& _Dl"c'f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%`$x<X:Wa' yA$Z@`' d$ m&k"f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%\ a,h#`(Vn*e& `$_"_$ f(]k$j! e$e$e$e$e$e$e$e${ZBc$m* g)_(c&m* e$e$e$e$e$e$e$e$e$e$e$e$e$e$e$e$e$e$e$e$e$e$e$e$c# e" ae! j&g! h k" \ f*̐xc& c& b#a"c$e$e$e$e$e$e$e$e$r#m'`# ď{YH_%n* n!f%f%f%f%f%f%f%f%h%e%b(e&k%e# [E˼e!j'i$`( `Em#d(f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%c' gc* e+YkXa(d$ k$k"f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%d#f) r<^?Vb& al"f%e$c"g&i( e$c"c"f(j$b$ |[Dc% j$e'f%f%f%f%f%f%f%f%h%e%b(e&k%e# [Eɹl f%b%f% Z@i) f$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%c&e$f u-cg' \"]) x]e,b* ]#cFy;g' d$h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i( c&d+ vWt=`$l)l% k* f%g&i( d#a g&j) f(j$b$ |[Dc% j$e'f%f%f%f%f%f%f%f%h%e%b(e&k%e# [Eͽp g&c&e$]Ce%g%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h+ g&p* f r.` ^$_AK0c*\$m3qTk-h( f&h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%d$^!^#f-ŌmUj) bf%_e$i( c"c"g&g&f(j$b$ |[Dc% j$e'f%f%f%f%f%f%f%f%h%e%b(e&k%e# [Eͽr"e$d'd#cIb"k)f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%j* [l) cc!h) s9vX_& ^% Xfe& e%c#b h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%k+ ` d'b&{?!^Ah) d% f%b!e$d#e$h'e$c"f(j$b$ |[Dc% j$e'f%f%f%f%f%f%f%f%h%e%b(e&k%e# [Eʺp c"d'c"gMa!l*f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e$h'c!g' j+Wl^% _& a& eH{?"h) e%^n,h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%Yq1_a!c%jMT7Z"i( j) j) `e$k* d#h'f(j$b$ |[Dc% j$e'f%f%f%f%f%f%f%f%h%e%b(e&k%e# [Eɹod#d'c"bHa!h&f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%g#q/b"a%Xik0b' \!N4kNa"g& ]o-_h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%p0\j) d"p0]!rUk7d#a g&c"g&j) b!j) f(j$b$ |[Dc% j$e'f%f%f%f%f%f%f%f%h%e%b(e&k%e# [E˻og&d'd#Y?e%d"f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%n( Yk,`& pVI/We'q6qW`$h) e$j( ar.h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e(d#f#n( Yh,a+ e@!_a h'g&h'b!g&f(j$b$ |[Dc% j$e'f%f%f%f%f%f%f%f%h%e%b(e&k%e# [E˻m h'c&e$Q7r2f$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%l% _g+lr="]& \ o1ji,q2Tk*d"k' f"h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%c&e$k%g!p,Y[' Y+ |]q0b!i( c"f%e$f%f(j$b$ |[Dc% j$e'f%f%f%f%f%f%f%f%h%e%b(e&k%e# [Eʺig&a$g& N4~> m+f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%hj' ei2[& [# d(ib% \\m,d!c!j& g!h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%d6a]) a) e& c fs)h%m"]zaD^$h%b&f%f%f%f%f%f%f%f%h%e%b(e&k%e# [Eɼb g%['j$f _D`$b+^&a'c&a$j* l,c!_%a$o/b!f"q+dp& Y# jk3]& ^% Y!ŋnj0f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%X$p<eh.h) d#k( ]i%q' d$ {^@]#i&d(f%f%f%f%f%f%f%f%h%e%b(e&k%e# [E˾d"i'\(k%f _D`$^!h+ g*c#d$d"b g%m* f#]g'g) _!b& c' km5\% Wp7ƌol2b( f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%i-\ f* Ɗm{?"`$_#j.e%ea# ~~W;^$n+ _ f%f%f%f%f%f%f%f%h%e%b(e&k%e# [E˾d"i'])l&h" aFb&l, e%h(i( e$k' n* d gk%k* c%Tk7mNz[n6Y ]$ {B(cf,Xa%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e!n,_]oQ`AR\%`"r,^" ucG`% al- f%f%f%f%f%f%f%f%h%e%b(e&k%e# [EȻa g%\(l&i# bGd( f!ej'l) e!f"j% d!m-a!Xt;~`pRV$W' _& a& `FkNSo3d&]f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%k%i#g#l,ZI*f[%_%\[" ]Da$ i#g&f%f%f%f%f%f%f%f%h%e%b(e&k%e# [Eɼb g%['j$g! _Da%k%q+ k%e!k) g$ a j) Y&h5yZjLZ"Ye*`% `% v\L/^"q3Qe(j* f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h"o, h'b"j- \!u<qPP3i)^%~}U$nV[C]f' a#k+ e%c"^f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f) b%g'` n.a j) f%Tt8 cLª]E^ n$ j& f%f%f%f%f%f%f%f%h%e%b(e&k%e# [EȻa g%\(l&i# cHe) `n.a#v<wZiNb0R"ht*f!h& mSqX_)X% f' f' g' _g&j) j) g$f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e%e%e%c&d'c(b'`%e$h'j) i( e$c"e$g&f%f%f%f%f%f%f%f%V"d( PŢ]Hl*\#`$d(d(b&a%d(c'`$u!ho) q) l!d `L{Ƚg%k&_(l$r(S6B#fKgLfLQ7g,[ a& b% W#h2gJrUw8am( ef%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%g&d#c"d$d$a$a$d'f%e$d#c"d#e$h'i( f%f%f%f%f%f%f%f%h*m' d(z]Jq6"]D_x8k+ c#c#d$c#f&n.k, ]&['[&a'^( ^D}Ƚ^ d!\(i#f H+O/_& S["g,^# ^!l/w: {][>t:d( b#f#i$ g"f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%j$e"f#j'i( f%e%i) j) h'g&h'i( h'f%c"f%f%f%f%f%f%f%f%q)kl'”XE]"m+["ZBlTgOC+e'c% c% [h&h*d+d%l%k' X>\!f'\+j) a\( c(`( a) a' _%z>!jMoSP4_' e+]#\ h' e"_j% f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%k%l& n( m) l( g%f$f$c"c"d#e$f%f%d#c"f%f%f%f%f%f%f%f%g r% g&w\HU# Y"U'S R \)yF2dPlX[G{H4_#]&]']dm(\Kvĸ]#g*O!b"h(X&Y#I,Z=mPhKH,o0e& a \ _#e) h* d$c!h& k) f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%eh"f"d c!f$g%d$g&h'g&e$d#d#f%i( f%f%f%f%f%f%f%f%f*i' PȰ“wt}›{̥Գ̲ӺնخͦTAlJe<`AgNbDbAM0i-]e& f% [`o,f( ]c#g' c#f&g%Zf%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%m*k( g$ c"c"d% e& c$e$f%h'i( h'g&g&g&f%f%f%f%f%f%f%f%`)f( V$ oZC[?dAZ>^B_C\@\@^B^B\@bQZH\HYFZIaV_$k, W&_f# X$h- a#d&g' d$f&l* h& ]f%j) j) f%d$e%f&h( f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%e& ^^c' f* _%[!\"j) e$a b!f%i( g&d#f%f%f%f%f%f%f%f%`$aa'`L\#f$ _&c, VUa* c, X!W b+ i ba$ a! f! e$Ƹd$g$b.n( m'Z"`#j* h( f&g%f$h$j& m) e"j'e$b!e$f&e%f&f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%c' \"j0O2`C\?[=bDZ;G(p/d#d#g&g&d#f%f%f%f%f%f%f%f%n, j g$~[Ic r" m%i"o(q*m&k$n'o(l%j$b%^'`&h+ SԺzɾd"f!a*i!m# _%e$e%c#d"g%j& e!d j$l&g$i&g&c"h( k+ b%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%l"h"h& d'`&c)`&`&^ g'l)cd#i)j(h$UY# ^%^(i8(bSƸξڽ̯ʻʻ̯wcTl i g% `'Z%])d-`(f/e&d+ weN`x)k$f%f%f%f%f%f%f%f%e$e%h&[*l$i"̹ɾb"i&_(l$k! c' f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%j$s-f$c#g'b#b#f'p'`g&j,a%`# [ a& c$YB̠͵ǰWFl.Z&['`*X Zf'd#d! UY# Y# T_)L5w`ɓ|DZt}A+ilp#n% ]"l'^ș^H_m' b'f%f%f%f%f%f%f%f%e$e%h&[*l$i"̹ɾb"i&_(l$k! c' f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%d"l* e"j'm* e"l&k%j%h*c&ekj"qA/ѬcLq.bba& ^* c d!k&j#l#r'q$p#i$l'n)l'i$h#j%m(Y"j<+uc޽ƴwgj-gc* h" c" v]Gd( i+Z)f%f%f%f%f%f%f%f%e$e%h&[*l$i"̹ɾb"i&_(l$k! c' f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%d'a!d!k%k"i j$eY)l) r#e" cGҹįvg]'\& X& [' b) h(l$m g+d(d(d&d$e%h&j(c']!\ c'j. h,b&^"m!h i$_ p<+œʸ_0]! b&}XBf' ]b.f%f%f%f%f%f%f%f%e$e%h&[*l$i"̹ɾb"i&_(l$k! c' f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%d*a!h%k"n% n' c g'u WhOɬʲR7` o% bd!c$`$]#b$i(r-\#]$]$a( d( b&c' c' d+ _&]$^%^%["]$c* a%l. `al*Ta+r\ȗ\*^Ij'o%k)f%f%f%f%f%f%f%f%e$e%h&[*l$i"̹ɾb"i&_(l$k! c' f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%^$j+ k( j!p)c!Pa.m1%լ׾|ZCSb" |G,@f* i%m s q$j'^)T)h" j$ h" j$ j$ d!g$ e" f# f# h% k(h% d!e" j'j$c#f.c0\$j'{*{B}eɸ~ZHd%ln&f%f%f%f%f%f%f%f%e$e%h&[*l$i"̹ɾb"i&_(l$k! c' f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%]#k, g!j$aUnB*[Cxck jvcɲ[)tq&k+ `+ Y&["f!o$ j"n&ef f d!j'g$j$i#i#l&n( m' k%k%h. f$l"u#p g"`'V(k2Sb5 ñIJk9%n*`f%f%f%f%f%f%f%f%e$e%h&[*l$i"̹ɾb"i&_(l$k! c' f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%[Ee# k%e&b(e%h%c)e&`t._p=#ͩƬ.TrUiD6ɚpja(b&f#j"k!i! d! b! d%j,e'd)d)`'d-]&d)e*d)b'`%`%a&b'g f#`$`& c* `$_e!n!t*Pvac*f%f%f%f%f%f%f%f%e$e%h&[*l$i"̹ɾb"i&_(l$k! c' f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%^'l#d#e%̽g&j#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%XGd" l, ]%]*c+c#e)h( p#i) wO<ǿks'Kęǫo<b"` p=-ɼi$jz)j#_%\'g't& f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%`"p0QȠ~Qg' h%\'o.`"r(t^ȵmUae$e%h&[*l$i"̹RA_?`9_A[C]A^?`BZ<]@cFR5k1[!a%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(l#d#e%̽g&j#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%ƕ~OAO) t/Q!{f,h#|B,ij^#fnh c" `# `# `# `# `# `# `# `# i"R/0a%c T(^ `# `# `# `# `# `# `# `# `# `# `# `# `# `# `# `# `# `# `# `# `# `# `# `# b"cb$xbT_!b c#T `'` e[g0'a=5^X"r%Y]'`%õyeKZ"k*f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%g)b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(l#d#e%̽g&j#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%zfPu(LE(q9&h#1) βԻ̶Ϸ̰аӵ˴˲ЮͮҷʮӹŮռ«ӹ˯ӳϲδӻϹʷнɶӺʰήаǰ˰˱кμɶĮѭMa' i&i!f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%g)b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(l#d#f&̽g&j#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%^Ede(̲fI]$ w!cTѯMk2U]( V* i'i'i'i'i'i'i'i'd^'g%j0[-p& [# i'i'i'i'i'i'i'i'i'i'i'i'i'i'i'i'i'i'i'i'i'i'i'i'b% d `'wdN^%cd' ^$d% d!m'^a&Q 軦j]O$aq/a! h(ֿp!j* V#X#m, l!Zl0ŧV% d&n&in# f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%g)b#g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&_(l#e$f&̽g&k$ g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&V:\$[K[%Z!i˾^)h' aq* e#f* `&`&`&`&`&`&`&`&n"y)hq~db#sg%`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&`&n% jct_Gajp' l#o#t$v% oj e" D+οT%y(ker˽sr/Vn0p$t+ d.ǨϼX0_"r(s(j#g$ g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&h%g)b#g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&_(l#e$f&;g&k$ g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&iMa' o;+^. l& vnf;*Uj* d$j,b(\#i!i!i!i!i!i!i!i![%q%W$Q/i-b& ]'i!i!i!i!i!i!i!i!i!i!i!i!i!i!i!i!i!i!i!i!i!i!i!i!Z$f( `+wbE^)f( \&l/ c$g([j* f+ _)W"~dY Z"r/k&Ƶ`% W#`- Z"b&Id<)^& k$u*_j.W! g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&h%g)b#g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&`)m$e$f&;h'k$ g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&[GxdѰ\']&rZ~F3`lz)m"h!:l!c+c+c+c+c+c+c+c+j( mo9f% ̱^M[$ n)c+c+c+c+c+c+c+c+c+c+c+c+c+c+c+c+c+c+c+c+c+c+c+c+i( l#c# }dHa!l#k* i"n'h#p+ g"d!k(n+ f.Xe+k# l l$ kr! q$] 乪i4\# `t. n(m- Z!^)g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&h%g)b#g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&`)m$e$g' ;h'k$ g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&_V|7&S0yJ/~[&g) p)dd* `- Vi)i&i&i&i&i&i&i&i&h,b(`+]!{M;述O& g* i&i&i&i&i&i&i&i&i&i&i&i&i&i&i&i&i&i&i&i&i&i&i&i&\#j) _'{}\B^& k*_&b$d) Ul3]%`(m3`$R {^S- Xv,ije(i%y5Mи~QDk%o, j*`!f']p0d$g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&h%g)b#g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&`)m$f%g' ;h'k$ g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&u{^" Q,ȷWD/f(m&r#i# ]$ U#g- l&g"g"g"g"g"g"g"g"h](q'f$ rķxC/i#g"g"g"g"g"g"g"g"g"g"g"g"g"g"g"g"g"g"g"g"g"g"g"g"f!l ` Ę]F` m! i$ n' d l* c#f&j*cn'e"fC)ԸO$l-kɺd'n*[!ɯǮbPt s*`f)c* Z!o/fu(g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&h%g)b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%er/Wq4`#e%i& dmRpN6[Mb!ae" f# b" b" c% b$ _! p+ g"g"k&i$i$l'k&|%c Z a!e+w^šN!l%k)]#^( Z!j'k um& j"h!l&e#h+ Z#Z&g&d#f%f%i( e$^o.e&h%a' zbD[!n+ f'e$e$e$e$e$e$e$e$W* b Ű[8c' Q&ѵi$ Z ʼ|gf c$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%l)`t4[]l+ g#i! pG0xL?mby/o+o+l+j)g(i*j+g*h%e"j'm* i&i&l)j'ei+e*u.d"R!j2!s)de&a&{B#[?[BV>vE+U#d-e+l.Xv4 o+o(m&m&m&q*r+ k$g m* k c!z`H`m"n+ k(k(k(k(k(k(k(k(f#amZΧs'd" ѻ`#ҶҰ_ ^* k&f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%b"d$b"i*r0 i$f n' ƴuG5R(ͤuTA]g! g! f" h$ g$ e" d! b" [#\$`( `( Z"Z"\$Z"c'b/a'l%h% X*—peKyQEͫ}ӲЪSKV!j+egi$g"e d` b f!b ]e! b(xaKa'c_ d$ d$ d$ d$ d$ d$ d$ d$ r'g)V6#Ͻf b õϩóÜͪg1o`'af%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%d'f(m.f%p,]j' g% N>Z!GM u)n$ k$ l% m& j% g"bc e)f*f*c'a%c'd(d(f# ` i w k!FckȰ_G^,\p(o! mM# Q(~S>̷긡c+h)n*a"b#b#i*h)b#f'h)k(e _!ybOa#`m*e&e&e&e&e&e&e&e&q$^X+ù>3]ofͻ_&jo& lf. f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%`#k- `k'^n0Z" e1ʷɯѹ͵̭ȾǽǽǽȾʿ̰γҽ޽ƺ¾ƾǼտ¼λн˸̹ϼ̹ʷ˸ɬپɱּ˳Թ̯թٻȴW r" k"z& _'f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%e%i( k&m* c%Y& yP:^e$Y" yXE~g(_#_'c+b,`*])^*\(W%d(c'b&d(h,d(`$c'a&_&a! a"Q)tI4p,P k(aq.bg$ g$ g#j'l+ [_+ zN7tTGX"\&d. ]'[%_)[%]'^% b! Y$x_KY$` `'`&`&`&`&`&`&`&`&X$\/Lc`RBI?eUDЩЭe/p["m* f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%g"f"p* d!^& wN8˻Ĵix(g! WBll'j" o'm'f d!j'j'd" h(g'd$g'h(a!b"o/ c* ^% e&g)pZ\?l"gp,Z%_7$xμνƵ~xs4&e o& k$ ` JCs+Wg m%f l$f g j#n g"|_Jd p! k$ k k k k k k k k u& L }NJkM2jq$N:rP@Ƶãh&Y%h#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%_(j! f%d$οe$k$ f%f%f%f%f%f%f%f%dm% i"b ybO?/{}+fg) y_rk b'^ c% a# Zf*E-ZA^EZIYHWFYH[JWFcR{jē||T# |! d&f/ |O*|_`0X p0}ӾyQ.a-e+^'Q"ΐrm/^ e' _!h* b$d&c#j" c% |]F]o'd$f(f(f(f(f(f(f(f(tqQ>L( u' c!cQ;]P@̲ɪk% c$f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%^'l#d#e%̽g&j#p"p$j!i$d$j- \$_'\o)[ vbb1#kZy``" ^c-z^ɯͷʹʺ˻ξϿóǭ|reB[?YCZHf+c) k#\' >-~R;s#Z*a"u%W#[?z2!_) n)W)|0S'd$fl% k(f&d"f(j$b$ |[Dc% j$e'r) X!W m&k" Y#_,l*wqk*] al,h!i, O7lOAЮЩP#a%i%l"l) Y#_+_!t*f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%^'l#d#e%̽g&j#d$a k( l&q+ ak+ f) Y(Oܬߵd2X$ٴ˾Z>]#o+` W#X+MUW! V W! [%[%X" W! Y# ^" ^" ]! ]! `$ b&^" XM#i$ ^*r>-Ѽ`$]!m&b)ע~kU p' e-b%ii/ G}ŠwX"e"d) aҵrF/f&r+ k$ ^j* i'f(j$b$ |[Dc% j$e'Yt-g$Yp0i`' }^ŭ\:"h#r5'l+a#q* c#S^IñpM?ԯӬX#b#p& c_$a+g)j#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%^'l#d#e%̽g&j#\, ]'b"i#m$o) f$\J! ڹѭa+ a# tA-_@a( l&j#i&g& h u#q(n%n%o&o&o&p's* m%m%l$k#n&q)q)n&T$gi/Q@^ i( n#`# H c!j) c a$h& f"c'm5$˴`* c$m!j*{r[` l%k$ Zj* h&f(j$b$ |[Dc% j$e'e)ej#j-Zp-ֱS/Dp%VF^h*o( ^m1Mb6λl^άӪQm+bj( a$d'd&f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%^'l#d#e%̽g&j#V"i0d#i#i"`_$ j5ɷxK&c#l( xqc[:b) i$l$l(g$m#v! i'i'i'j(i'f$c!b g'g'f&e%e%f&g'f&]'v' YpjRk*`k _پb'g b's(e+]"l"an%Ժg1\"y a(eWze%h!s,f# i) l*f(j$b$ |[Dc% j$e'j!f'l, `]'Ʈ^( T"^*t' }P@l/_#k%k& e$k._) a5˹qɪqOq-Ys2f)Z f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%^'l#d#e%̽g&j#o/ Xf"n)a!Qg9!ubR' ]- g#f&ڽY=,»sD%Y h#k'e*[&a&ae%e%d$d$d$f&g' g' b& b& b& b& a%_#_#`$e+sf&q_{[o/p&e# ֻXr(_$t)d*^# s)ee^( ]#}$ ["oami) m&m& d! ^f$f(j$b$ |[Dc% j$e'k+h)]q3+ƿ}me"d!j,f+p XG] d(i& dej%] b-_4ͻygƦydf,p*d f&h0 f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%^'l#d#e%̽g&j#iy0m) ]#c0|N6gQe! s4^j* iIӵA" X>f* i#d"](Y,\, \%k# l$ k# i! i! k# k# j" g! f h" j$ j$ g! g! h" _%x% _O;ɰ\[ j#e(ʲn@/b d#f#`#k)g#a% ^MٷTj+ r& ^ħW@\k$eg$ g' i'f(j$b$ |[Dc% j$e'V-ay4*rf\$ k#n$m+Xv' |[Gb% h*^m, o) m' q.[X" j:"scаmX` l% g&_%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%h%d&b#f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%f%^'l#d#e%̽g&j#u(f \#K}Q9NkVQ=e' g$q$u#o"h&ܨϾ׾¨}n{ZKRC|.TsUxXҗw|ɱ͸̨WFVA~B*X d.Z!c# Zj*l0y4+Ƕm2g&`%\*i(l" _!ġ^1T"c' i&m)l)^d( g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&h%g)b#g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&j"e'u+h) Ųȿe<3潮Kn' m+Ye" l6%tK.Y2Y%h*u5 ^ ]#W(f(h& c&c* d( f$e&e&e&e&e&e&e&e&e%e%e%e%e%e%e%e%f.e-c/Qc3 Q#[0 fbLL" U% ]*a) ^"i+ en+SXBǧf*a# _! __i&k'ar% eZ&ʨr\PydvŦӳۻ˯ҸѢ_) Ql_—a"k&g'p)e' d8'iXb _%`$i'i%k&j'a#g+g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&h%g)b#g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&to(ge*ͻrcea&` p f bTOP[' Sm) p& i ^n. f&㷰t90k o!h h#h mf#f#f#f#f#f#f#f#f!f!f!f!f!f!f!f!i"h#k(j) c#h) ]!^$a6-ثySCw8$e" n)[T{rϹH+c. X#^'h1 b+W \%l2e) ` V"ɰΣb&`'w%p!`j$ k(d#`%G8׶V* S$l[e"p)h% e gVĿ`4#d&u.u5 e"bo* g$b!k-a%g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&h%g)b#g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&y# e"i#R>Ķƻм÷ƶϺŬʸ˽κ͹Ѹӹ̵˵ʽʽʽʽʽʽʽʽζζζζζζζζƿľӽϾϽλDzʴӺ˱Ⱦƿĩ¼ǢӴѺgB(^h#fk$ o-k) g$ ]! T"xpL^/o*e(d$d+àk-u+h'Y'^w3l)h$i& b"e(c&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&h%g)b#g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&i! \( q8"Ϳ]*Ye h%h=*si"n&T+ d q&mk% [#b._#g!_@1左m-m)`# ]$ b% m)b(b(b(b(b(b(b(b(b$ b$ b$ b$ b$ b$ b$ b$ f$ j*a!Yl/b% Zb' f! h#c d! l)j'e" k)d$ _%S g7%V$Uj,_f&e']X\ _# \# i' s%XĝXBV# q* g%b"d o&^V'](i) |C#δq)S!nD'ľzin.p#p%^d/p. e$b!g'c# `!g(h*g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&h%g)b#g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&`)J$ˠúc!|+ i"}^ܾaFc# h"g)b*i( er) g'\(['f$y&F(l0j*a(_+^$b"k%k%k%k%k%k%k%k%k&k&k&k&k&k&k&k&e&f'c&p3^!h+ b(b(k'd"l, f'^$a+['Z(s.i(d(]&γ\$d'h)t*p&j#k%p*o+k'f%_)`k's]QlKBő_&['\(i+o* ^# [9!m%s#͈gog rTyRDf)g#b%a)j(k d$e$f(] a" g( _ h*g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&h%g)b#g&g&g&g&g&g&g&g&^'`(f) d$f%h%h$h$c(UDa0&h!e= Ӹ׳n;!Xv0em. ]#h'h'h'h'h'h'h'h'f&z}mW#m,` f.g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&\&v f/ ^+ ۿh"i'k%g&g&g&g&g&g&g&g&o'b+`#JDd@:R%¤˾k;)_%h$k"`% yj}uc(_) _<.Žï˾n-k* g&f%f%g&g&g&h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'j'i+c$g&g&g&g&g&g&g&g&i/ ] l, f%h%i&o/ b"y3,lKq#{H>ۺw_j>&\$ m*i#eh)b(h'h'h'h'h'h'h'h'b(qC+b!c$}(c)^"g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&_' u"b(W$νy7%d$ l(g&g&g&g&g&g&g&g&s* Y"h( pkdةfD'~XSyeg'a/[& ιmH4f)|J4ɶ˼;ÞN l+ j) g&f%g&h'h'g&h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'j'i+c$g&g&g&g&g&g&g&g&_ p0f n( g#_c' e-ШM$l% lK8e2Ham& k"m* a"e+h'h'h'h'h'h'h'h'h/\«_KO%sp-e' g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&d( t$b&X"~`M_"m)g&g&g&g&g&g&g&g&j#_%k+ ntm޿sԷm;5ܺҹ]*YAῢ`' SҪоxc_&l! i( h'g&h'h'i( h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'j'i+c$g&g&g&g&g&g&g&g&g$i$t+ p( e!p3CxY!]9sp^,]o,l% i p' k( f&c)h'h'h'h'h'h'h'h'd'd% VAα[,`& z% b&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&g&f% o&h(_( s\{["j)g&g&g&g&g&g&g&g&m' e+\]ET! ], r~mcȷfRQ+xYDQ"i%u%g&g&h'i( i( i( i( h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'j'i+c$h'h'h'h'h'h'h'h'r,g j!q* a V! tKf#ŸF4t/c$h)l- c#g'm+h"l& h'h'h'h'h'h'h'h'c$t- `&hѲpW+t"h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'r" ])o'_#m#͵_0e*g&g&g&g&g&g&g&g&p.Zi cI~ȵb)j i.]`)™Y7*aJQ m4aq)z5d$`$f%h'i( i( h'h'h'i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( j'i+c$h'h'h'h'h'h'h'h'k+ h%g#m/ S7UCR*b*ѽlc&f,b(_%f, b%`q+q' h'h'h'h'h'h'h'h'l% ^)w+d( h,l>&y'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h'h't" [)u+ c' q!Ӻb6e*g&g&g&g&g&g&g&g&`n.m$}\Bʴ]"t&\"b,R:տY'S)mi%k+ g(d(p3 ^j' k&g&h'j) i( h'g&h'i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( j'i+c$h'h'h'h'h'h'h'h'n$p/Z' \6$Ʊj:f!f$[)һUm&b(b(b(b(b(b(b(b(b(b(b(b(b(b(b(b(e,i+j'i&h) iOϵC+k%d!j+ a(b+g.h*j*d*d*d*d*d*d*d*d*e(e(e(e(e(e(e(e(e(e(e(e(e(e(e(e(u#i)\!k( f&ĒtgK]c)c)c)b(b(b(b(b(b$i$ f" \Eͳ`$ ~ ][<#ոT>y$pD-p.h'i( i( i( i( j) j) j) h'h'h'h'h'h'h'h'i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( j) j) j) j) j) j) j) j) j* j* j* j* j* j* j* j* j'j,d%h'h'h'h'h'h'h'h'r'b"T" ɦxȭ̬`1\x- m) MZ2\) o% o% o% o% o% o% o% o% o% o% o% o% o% o% o% o% V&\'c* h+]$ _0j'i& r/f$n-c h"m' p& p& p& p& p& p& p& p& j' j' j' j' j' j' j' j' j' j' j' j' j' j' j' j' ga* [' j-a({b}dg0p& p& o% o% o% o% n$ n$ c1^g aM|ѷR y#tB,Ӻ{e]$W3K7`)i( i( i( i( i( j) j) j) h'h'h'h'h'h'h'h'i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( j) j) j) j) j) j) j) j) j* j* j* j* j* j* j* j* k( j,d%h'h'h'h'h'h'h'h'q& g'oYdzU:&t[,g$ ky(l' K dzǬȾ¾Ҷſξƿý׽źĽỹΫӴѷ~κQ$d"Ī{fk R&ŧw\u$W!i( i( i( j) j) j) j) j) i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( i( j) j) j) j) j) j) j) j) j* j* j* j* j* j* j* j* k( k- e&h'h'h'h'h'h'h'h'm% b$ 嶠ҼζiPc,c"c{.t%i$ `/·fVz_J[E[E[E[E[E[E[E[EZDZDZDZDZDZDZDZD^DaGaH]GcNfQ[HhTmVdPWEcQfPT=_D[E[E[E[E[E[E[E[E^F^F^F^F^F^F^F^F^F^F^F^F^F^F^F^FV?cIcKdNYDiT}]J\F\F[E[E[E[EZDZD\G_I`M~WHbUʼU0ͳjei&ñѱn.i( e$j) j) j) j) j) k* k* k* i( i( i( i( i( i( i( i( j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j* j* j* j* j* j* j* j* l) k- e&h'h'h'h'h'h'h'h'f!e(`/R&Y.Ro.p'j+ap*d$`*Õxؽɟ|y}yâdzǞMi*ǟؾXn% a&l, j) j) j) k* k* k* k* k* j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) k* k* k* k* k* k* k* k* j* j* j* j* j* j* j* j* m* l. f'i( i( i( i( i( i( i( i( f'd) a) Re,n0bv, X"g- o2 [c" e(Y d-e)e)e)e)e)e)e)e)e)e)e)e)e)e)e)e)i+j,e'i+k+i)j*k+V/X1nF)a8S&a-`*h,h,h,h,h,h,h,h,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,_,h)k6 e*y0 g!_0 ̦Y,g+g+g+f*f*f*f*f*c % qtNZ l)q(j) j) j) j) j) j) j) j) o( o( o( o( o( o( o( o( o( o( o( o( o( o( o( o( `'Z( [#m# o)[-cLj) j) j) i( i( i( i( i( R, Z( f,sqR;Y-a# 峝Y*v& i&_ h"h/k* k* k* l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) k* k* k* k* k* k* k* k* k+ k+ k+ k+ k+ k+ k+ k+ n+ m/ g(i( i( i( i( i( i( i( i( e-p2 f"r& r% q' g!k* f$ l. b$l)q( r(k)g,j'j'j'j'j'j'j'j'k(k(k(k(k(k(k(k(}.fq+ l, k, `$h*f(u* c"T! qI7}ea&o,l)l)l)l)l)l)l)l)k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ i&j0 h'y% u# [#n{_m* m* l)l)l)l)k(k(s"wE'ɪĩj1f f.Ħf/d n' p j. _.r'k* k* k* l+ l+ l+ l+ m, l+ l+ l+ l+ l+ l+ l+ l+ j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) j) k* k* k* k* k* k* k* k* k+ k+ k+ k+ k+ k+ k+ k+ n+ m/ g(h(h(h(h(h(h(h(h(j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*i)i)i)h(h(h(h(h(h(h(h(h(h(h(h(h(i)i)i)i)i)i)i)i)r+ l&r._u?&ඟݽO5m%m)b"h)j- d) j,g) o% q( p( o' o* q. o- j(j*l, l, i)j*m- k+ g'k, f'i'y/ t"r(]Fd, _#e(c)^(d. n-w+olTf'b TD}gh(h(g'g'g'g'h(h(j) k* l+ m, m, m, m, m, k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k* k* k* k* k* j) j) j) k* k* k* k* k* k* k* k* l+ l+ l+ l+ l+ l+ l+ l+ o, n0 g(h(h(h(h(h(h(h(h(j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*i)i)i)i)h(h(h(h(h(h(h(h(h(h(h(h(i)i)i)i)i)i)i)i)o+i$q.p0T_.myW:Z/i.m& o#v- f&h/l) o, m- i)f(i+l. i.j*l, l, i)j*m- n. k+ l, j+ i+p, q* e& nF-īt+p2c,o1o&p*|oyh2]&O%zH2n"h(h(g'g'g'g'h(h(j) k* l+ m, m, m, m, m, l,l,l,l,l,l,l,l,l,l,l,l,l,l,l,l,l+ l+ l+ k* k* k* k* j) l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ o, n0 g(i)i)i)i)i)i)i)i)j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*i)i)i)i)h(h(h(h(i)i)i)i)i)i)i)i)i)i)i)i)i)i)i)i)d&j+d"g't4d+ b.R6e;$[# q/j#p*t/j- `#`#l0 q5j/f+j/l, m- m- k+ k+ m- n. m- j'g*f*h(m- [#N+h,s,t( q1w}m:*i#](dK׻Mk( x(h(h(h(g'g'h(h(h(k* k* l+ m, n-n-n-m, l,l,l,l,l,l,l,l,l,l,l,l,l,l,l,l,l, l, k+ k+ k+ k+ j* j* l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ l+ o, n0 g(i)i)i)i)i)i)i)i)j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*i)i)i)i)h(h(h(i)i)i)i)i)i)i)i)j*j*j*j*j*j*j*j*c+q3 m.k'p, n. i) e* \${uN,T%s1s#h)r2r2g'd$l-q0 m,m- n. n. m- k+ k+ k+ k+ o, h+ g+i)o(j' X&ʳ_G[Gęf4b. ^-wC2ܳU:\t+l- Mi)h(h(g'g'h(h(i)k* l+ m, n-n-n-n-n-m-m-m-m-m-m-m-m-m-m-m-m-m-m-m-m-m-m-l, l, l, l, k+ k+ l+ l+ l+ l+ l+ l+ l+ l+ m, m, m, m, m, m, m, m, o, n0 g(i)i)i)i)i)i)i)i)j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*i)i)i)i)h(i)i)i)i)i)i)i)i)j*j*j*j*j*j*j*j*g0 `%f'p,m&k$n*l*x( k) qB#sѶnP! d,n* j'j'q+ u. s, q)q)l, l, l, m- m- l, k+ k+ q. h)j,s, oz(n'zgydh5[!e, |P3ͫgPw.w$l& b*Y"u:i)i)h(h(h(h(i)i)l+ l+ m, n-o.o.o.o.n.n.n.n.n.n.n.n.n.n.n.n.n.n.n.n.n.n.m-m-m-m-l, l, m, m, m, m, m, m, m, m, m, m, m, m, m, m, m, m, o, n0 g(i)i)i)i)i)i)i)i)j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*i)i)i)i)i)i)i)i)i)i)i)i)j*j*j*j*j*j*j*j*_'i/ s3s. o(n*o- l, v1 i#s, v4m5}@&m0e% j) l)j& n( v0l, j*j*m- o/ n. n. n. p)h(n0 x4s#x& i h(N* e1]i0uYªųna\,a*h) k) g&g(j*e#i)i)h(h(h(h(i)i)l+ m, n-o.o.o.o.o.n.n.n.n.n.n.n.n.n.n.n.n.n.n.n.n.m0m0l/l/l/l/k.k.n-n-n-n-n-n-n-n-m, m, m, m, m, m, m, m, o, n0 g(j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*i)i)i)i)j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*e, e) e%k( p-k+ g(i, i0 n. v- l q*d)\1|_̵ǰƗ~N6Y%b,j2`'t4n. j*l, o/ o/ n. o/ x+ n+ e+_%h)e& ])U,BkDӻɜP@^% _/ u"q2\0 X+l+ s%k#d'i)i)i)h(h(i)i)i)m, m, n-o.p/p/p/o.o/o/o/o/o/o/o/o/o/o/o/o/o/o/o/o/n1m0m0m0m0l/l/l/n-n-n-n-n-n-n-n-m, m, m, m, m, m, m, m, o, n0 g(j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*i)i)i)j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*b' g( j) k) k) j* g- f. h* j,b'k.m. e%p, v. @%^A,w`ӳ־ȰyaH?u5m- m- o/ n. m- m- -u0d/ ^/ b>_ĩٿxO8e2d0a)l+|4l.t. u+ l(f, e/i) q' j*i)i)h(h(i)i)j*m, m, n-o.p/p/p/p/o/o/o/o/o/o/o/o/o/o/o/o/o/o/o/o/n1n1n1m0m0m0m0m0n-n-n-n-n-n-n-n-m, m, m, m, m, m, m, m, o, n0 g(l)l)l)l)l)l)l)l)j*j*j*j*j*j*j*j*m* m* m* m* m* m* m* m* j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*l)l)l)l)l)l)l)l)j*j*j*j*k+ k+ k+ k+ m* m* n+ n+ n+ n+ o, o, s+ t.q.i) k.H(sRɔsó̼ͽ̼̼˻˾ȼɸ̧mZDb2k+k+k+l, l, m- m- n. o- o- o- o- n, m+k)k)i)i)h(h(i)i)j*k+ k+ l, m. o/p0n0n0n0n0n0n0n0n0n0n0n0n0n0n0n0n0n0n0n0n0n0n0n0n0n0n0n0q1p0p0o/n.n.m-m-m, m, m, m, m, m, n-n-p-n0 k,l)l)l)l)l)l)l)l)j*j*j*j*j*j*j*j*m* m* m* m* m* m* m* m* j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*l)l)l)l)l)l)l)l)j*j*j*k+ k+ k+ k+ k+ m* n+ n+ n+ n+ o, o, o, p* q+ p-l, h+ f+ g.h2c$i*m.k,h)h)i*i*c0_*b,c*b& k+ n-g$k+k+l, l, m- m- m- n. o- o- o- o- n, m+l*k)i)i)i)i)i)j*j*k+ k+ m- m. o/p0o1n0n0n0n0n0n0n0n0n0n0o1o1o1o1o1o1o1o1n0n0n0n0n0n0n0n0r2r2q1q1p0o/o/o/n-n-n-n-n-n-n-n-p-n0 k,l)l)l)l)l)l)l)l)j*j*j*j*j*j*j*j*m* m* m* m* m* m* m* m* j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*l)l)l)l)l)l)l)l)j*j*j*k+ k+ k+ k+ l, n+ n+ n+ n+ n+ o, o, o, s-n+ k( k* k.j/g, a(n-p/ q0 o.n-o.q0 q0 t,t- u, s+ t+u-u-u+k+l, l, l, m- n. n. n. p. p. p. p. o- n, m+l*j*j*i)i)j*j*k+ k+ l, m- n/ p0q1o1o1o1o1o1o1o1o1o1o1o1o1o1o1o1o1o1o1o1o1o1o1o1o1o1o1o1s3s3s3r2r2q1q1q1o/o/o/n.n.n.m-m-p-n0 j+l)l)l)l)l)l)l)l)j*j*j*j*j*j*j*j*m* m* m* m* m* m* m* m* j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*j*l)l)l)l)l)l)l)l)j*k+ k+ k+ k+ l, l, l, n+ n+ n+ n+ o, o, o, o, t1s0p0o/ n/ m0l/ l/ g2g2f1e0f1g2h3h3p, v2s2 p/ p2 k/g+h/l, l, l, m- m- n. n. o/ q/ q/ q/ q/ p. o- n, m+k+ k+ j*j*j*k+ l, l, m- n. o0q1r2p2p2o1o1o1o1o1o1o1o1o1p2p2p2p2p2p2p2p2p2p2p2p2p2p2p2p2q3q3q3q3p2p2p2p2r2r2q1p0p0o/n.n.p-n0 k,l)l)l)l)l)l)l)l)j*j*j*j*j*j*j*j*m* m* m* m* m* m* m* m* k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ m* m* m* m* m* m* m* m* k+ k+ k+ k+ l, l, l, l, n+ n+ n+ o, o, o, o, p- k(k+ m- n. n. n. n/ p1w0v/ u. w0w0w0w0w0r1u4n.g* g- d, b, j6l, m- m- n. n. o/ o/ o/ r0 r0 r0 r0 q/ p. o- n, l, k+ k+ k+ k+ l, m- m- n. o/ p1q1s3q3p2p2p2p2p2p2p2p2p2p2q3q3q3q3q3q3q3q3q3q3q3q3q3q3q3q3q3q3q3q3p2p2p2p2t4t4s3r2r2q1p0p0r/p2k,l)l)l)l)l)l)l)l)j*j*j*j*j*j*j*j*m* m* m* m* m* m* m* m* k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ m* m* m* m* m* m* m* m* k+ k+ k+ l, l, l, l, l, n+ o, o, o, o, p- p- p- s3q1n. m- n. q/ q/ q/ t+r) s*u,v-t+t+t+t+w.u,r,r.k) g$ m*m- m- m- n. o/ o/ o/ p0 s1s1s1s1r0 q/ p. o- l, l, l, l, l, m- m- n. n. p0p1r2s3r4q3q3q3q3q3q3q3q3q3q3r4r4r4r4r4r4r4r4r4r4r4r4r4r4r4r4o3o3o3o3o3o3o3o3s4s4r3r3r3q2q2q2u2r4m.l)l)l)l)l)l)l)l)j*j*j*j*j*j*j*j*m* m* m* m* m* m* m* m* k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ m* m* m* m* m* m* m* m* k+ k+ k+ l, l, l, l, m- o, o, o, o, o, p- p- p- l. l, n. p0 u3t2s/ p, j/i.j/l1l1j/j/l1v2 u1v/ v/ v/q* o' s+ m- n. n. n. o/ o/ p0 p0 t2t2t2t2s1r0 q/ p. m- m- l, l, l, m- n. n. o/ p0q2s3t4r4r4q3r4r4r4r4r4r4r4r4r4r4r4r4r4r4r4r4s5s5s5s5s5s5s5s5p4p4p4q5q5q5q5q5s4s4s4s4s4s4s4s4x5t6o0l)l)l)l)l)l)l)l)j*j*j*j*j*j*j*j*m* m* m* m* m* m* m* m* k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ k+ m* m* m* m* m* m* m* m* k+ k+ l, l, l, l, m- m- o, o, o, o, p- p- p- p- m/ n0 o/ q/ q/ s/ t0 w0q1o/ p0 r2q1o/ p0 t4n8 j3l3n4 o3 m/n0r1 m- n. n. o/ o/ p0 p0 p0 t2u3t2t2s1r0 q/ p. m- m- m- m- m- m- n. o/ o/ p0q2s3t4r4r4r4r4r4r4r4r4r4r4r4s5s5s5s5s5s5s5s5s5s5s5s5s5s5s5s5r6r6r6r6r6r6s7s7s4s4t5t5t5t5t5t5z7v8p1l*l*l*l*k)k)k)k)m+m+m+m+m+m+l*l*m+m+m+m+m+m+m+m+m+m+m+m+m+m+m+m+m+m+m+m+m+m+m+m+n, n, n, n, n, n, n, n, o- o- o- o- o- o- o- o- p. p. p. p. p. q/ q/ q/ q/ q/ q/ r0 r0 r0 r0 s1s1s1s1s1t2t2t2t2s1u3v4u3r0 o- n, o- p/ p/ q0 q0 r1 s2 t3 t3 t3 u4v5v5v5u4t3 s2 r1 q0 n/ n/ m/ n0 o1 n3 r2s3s5t5u6s6s6s6t6t6t6t6t6t6t6t6r6r6r6r6r6r6r6r6r6r6r6r6r6r6r6r6s7s7s7s7s7s7s7s7q7q7q7q7q7q7q7q7n6o9q6"m+m+l*l*l*l*l*l*l*l*l*l*l*l*l*l*l*l*l*l*l*l*l*l*m+m+m+m+m+m+m+m+m+m+m+m+m+m+m+m+n, n, n, n, n, n, n, n, o- o- o- o- o- o- o- o- p. p. p. p. q/ q/ q/ q/ q/ q/ r0 r0 r0 r0 s1s1s1s1s1s1t2t2t2t2s1u3v4u3r0 p. o- o- p/ p/ q0 q0 r1 s2 t3 t3 t3 u4v5w6v5v5t3 t3 s2 r1 o0 o0 n0 o1 p2 o4 r2s3s5t5u6t7t7t7u7u7u7u7u7u7u7u7s7s7s7s7s7s7s7s7s7s7s7s7s7s7s7s7t8t8t8t8t8t8t8t8r8r8r8r8r8r8r8r8o7o9r7#m+m+m+m+m+m+m+m+j(j(k)k)l*l*l*m+k)k)k)k)k)k)k)k)m+m+m+m+m+m+m+m+n, n, n, n, n, n, n, n, n, n, n, n, n, n, n, n, o- o- o- o- o- o- o- o- p. p. p. p. q/ q/ q/ q/ r0 r0 r0 r0 s1s1s1s1s1s1t2t2t2t2u3u3t2u3v4v4s1q/ p. p. p/ p/ q0 r1 s2 s2 t3 t3 u4u4v5w6w6v5u4u4t3 s2 p1 p1 o1 p2 q3 p5t4t4t6v7v7u8u8u8u7u7u7u7u7u7u7u7t8t8t8t8t8t8t8t8t8t8t8t8t8t8t8t8t8t8t8t8t8t8t8t8r8r8r8r8r8r8r8r8p8p:r7#l*l*l*l*l*l*l*m+k)k)l*l*m+n, n, o- m+m+m+m+m+m+m+m+m+m+m+m+m+m+m+m+n, n, n, n, n, n, n, n, o- o- o- o- o- o- o- o- o- o- o- o- o- o- o- o- p. p. p. q/ q/ q/ q/ r0 r0 r0 s1s1s1s1t2t2t2t2t2t2u3u3u3u3u3v4v4v4u3s1r0 q/ p/ q0 q0 r1 s2 t3 t3 t3 u4v5w6x7x7w6v5v5u4u4r3 q2 q3 r4s5r7u5v6v8w8x9v9v9v9v8v8v8v8v8v8v8v8u9u9u9u9u9u9u9u9u9u9u9u9u9u9u9u9u9u9u9u9u9u9u9u9s9s9s9s9s9s9s9s9q9q;s8$k)k)k)l*l*l*m+m+n, n, n, o- p. p. q/ q/ o- o- o- o- o- o- o- o- n, n, n, n, n, n, n, n, n, n, n, n, n, n, n, n, o- o- o- o- o- o- o- o- p. p. p. p. p. p. p. p. p. q/ q/ q/ q/ r0 r0 r0 s1s1s1s1t2t2t2t2t2t2u3u3u3u3v4v4v4v4w5w5v4u3s1r0 q0 q0 q0 r1 s2 t3 t3 u4u4v5w6y8y8x7x7w6w6v5s4s4r4s5t6s8w7x8x:y:z;x;x;x;w9w9w9w9w9w9w9w9v:v:v:v:v:v:v:v:v:v:v:v:v:v:v:v:w;w;w;w;w;w;w;w;u;u;u;u;u;u;u;u;s;r<s8$k)l*l*m+m+n, n, n, p. p. q/ q/ r0 r0 r0 s1q/ q/ q/ q/ q/ q/ q/ q/ p. p. p. p. p. p. p. p. n, n, n, n, n, n, n, n, o- o- o- o- o- o- o- o- p. p. p. p. p. p. p. p. q/ q/ q/ q/ r0 r0 r0 r0 s1s1t2t2t2t2u3u3u3u3u3u3v4v4v4v4w5w5w5w5x6w5u3s1q0 q0 r1 r1 s2 t3 u4u4u4v5x7y8z9z9y8x7x7x7u6t5t6u7v8u:x8y9y;z;{<z=z=z=y;y;y;y;y;y;y;y;w;w;w;w;w;w;w;w;w;w;w;w;w;w;w;w;x<x<x<x<x<x<x<x<v<v<v<v<v<v<v<v<t<s=t9%n, n, n, o- p. p. q/ q/ r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 o- o- o- o- o- o- o- o- o- o- o- o- o- o- o- o- p. p. p. p. p. p. p. p. q/ q/ q/ q/ r0 r0 r0 r0 t2t2t2t2u3u3u3u3u3u3v4v4v4v4w5w5x6w5w5x6y7x6v4t2q0 q0 r1 s2 t3 t3 u4u4v5w6x7z9z9z9z9y8z9y8v7v7u7v8w9v;z:z:z<|=|={>{>{>z<z<z<z<z<z<z<z<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<v<v<v<v<v<v<v<v<u= t>t9%p. p. p. q/ r0 s1s1s1r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 r0 s1s1s1s1s1s1s1s1o- o- o- o- o- o- o- o- o- o- o- o- o- o- o- o- p. p. p. p. p. p. p. p. q/ q/ q/ r0 r0 r0 r0 r0 t2t2t2t2u3u3u3u3u3v4v4v4v4w5w5w5x6w5w5x6y7y7w5t2q0 q0 r1 s2 t3 t3 u4u4v5w6y8z9{:{:z9z9z9z9w8v7u7w9x:w<z:{;{=|=}>{>{>{>{={={={={={={={=x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<x<y= y= y= y= y= y= y= y= w= w= w= w= w= w= w= w= v>!t>t9%s2 s2 s2 s2 s2 s2 s2 s2 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 q0 q0 q0 s2 s2 s2 s2 s2 s2 s2 s2 p2 p2 r3 t3 r1 s/ q-p*v2 r. p,p/ o.k,m.q2 j)s2 n-p/ s2 o.r1 t3 u7n0 q3 u7p2 n0 q3 p2 t3 t3 u4u4v5v5w6w6v5w6w6w6w6x7x7x7x7x7x7y8y8y8y8y8s2 r1 r1 r1 r1 s2 t3 t3 u4w6x7z9|;|;|;|;{9{9z8y7x6y7{9};}>}>~>|?}?!|@"}A#}A${?!{?!{?!z> z> y=y=y=y= y= z>!z>!z>!z>!z>!z>!u= u= u= u= u= u= u= u= w>$w>$w>$w>$w>$w>$w>$w>$y>$y>$y>$y>$y>$y>$y>$y>$t> vA x=)s2 s2 s2 s2 s2 s2 s2 s2 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 q0 q0 s2 s2 s2 s2 s2 s2 s2 s2 r4r3 o0 n/ q0 o.o+q-n*p,s/ s2 r1 n/ m.l-p/ r1 p/ q0 s2 q0 r1 r1 n/ l-l-n/ p1 q2 p1 n/ t3 t3 u4u4v5v5w6w6w6w6w6w6w6x7x7x7x7x7y8y8y8y8z9z9u4s2 r1 q0 r1 s2 t3 t3 v5w6x7z9{:|;}<}<|:|:{9z8x6y7{9};}>}>~?}@ ~A!}A#~B$~B$}A#}A#}A#|@"|@"{?!{?!z> {?"{?"{?"{?"{?"|@#|@#|@#v>!v>!v>!v>!v>!v>!v>!v>!w>$w>$w>$w>$w>$w>$w>$w>$y>$y>$y>$y>$y>$y>$y>$y>$t> vA x=)s2 s2 s2 s2 s2 s2 s2 s2 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r3 s4q2 t5y:u4o.s2 u3q/ m+k+o/ q3o1 k- n. l, o/ o/ n. n. j*h(o- t2u3s1u3u3s1t2t3 u4u4v5v5w6w6w6w6w6w6x7x7x7x7x7y8y8y8y8z9z9z9z9x7u4r1 q0 r1 t3 u4t3 w6w6x7y8z9{:}<~=}<}<}<{:y8y8{:|;|=~?@B"D$C%C%C%C%C%C%~B$~B$}A#}A#}A#}A$}A$}A$}A$}A$}A$}A$}A$w?"w?"w?"w?"w?"w?"w?"w?"x?%x?%x?%x?%x?%x?%x?%x?%z?%z?%z?%z?%z?%z?%z?%z?%v@"xC"y>*s2 s2 s2 s2 s2 s2 s2 s2 r1 r1 r1 r1 r1 r1 r1 r1 q0 q0 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 r1 u4s4o0 r3 x9p1 g)l.i)m- r2q3l. h*i- o3o1 l. q3o1 m/ q3q3r4x6p. n, o- o- r0 t2t2u4u4u4v5v5w6w6x7x7x7x7x7x7y8y8y8z9z9z9z9z9{:{:{:{:x7s2 q0 r1 t3 u4u4w6w6w6x7y8{:}<~=~=>~=|;{:z9{:|;|>~@AD"F&G'G'E'F'F'F'~E&~E&}D%}D%|C$|B%|B%|B%|B%|B%|B%|B%|B%yA$yA$yA$yA$yA$yA$yA$yA$zA'zA'zA'zA'zA'zA'zA'zA'|A'|A'|A'|A'|A'|A'|A'|A'xB$yD#z?+s2 s2 s2 s2 s2 s2 s2 s2 r1 r1 r1 r1 r1 r1 r1 r1 q0 q0 q0 r1 r1 r1 s2 s2 r1 r1 r1 r1 r1 r1 r1 r1 t3 s2 l-n/ r4m2 k0 q6q2k, k, q2q4l/ i/ l2m0m0n1k. h+ i, m0r5x8k+ o/ y9t4r2t4p0u4u4v5v5w6w6x7x7x7x7x7y8y8y8y8y8z9{:{:{:{:|;|;|;~=z9v5s2 s2 t3 u4u4w6w6w6w6y8{:}<~=>>>~=|;{:|;}<{=}?CE#G%I)I)I)H)H)G(G(F'F'~E&~E&~D'~D'}C&}C&}C&|B%|B%|B%zB%zB%zB%zB%zB%zB%zB%zB%{B({B({B({B({B({B({B({B({B({B({B({B({B({B({B({B(zD&zE$z?+s2 s2 s2 s2 s2 s2 s2 s2 q0 q0 q0 q0 q0 q0 q0 q0 p/ q0 q0 q0 r1 s2 s2 s2 r1 r1 r1 r1 r1 r1 r1 r1 u1 s2 s2 q2 m2 j1 j1 g0 m. n1~A\:pMtQoLlI`=jGhEmJqNlInKoLV4{>m0l/ k. o2s6n1u4u4v5v5w6w6x7x7y8y8y8y8y8z9z9z9{:{:|;|;|;|;}<}<~=|;y8v5t3 s2 t3 u4v5v5w6x7y8{:|;}<>??>~=}<}<~={=}?BF"H&K(L)L,J+J+J+I*I*H)H)~G(~F)~F)}E(}E(|D'|D'{C&{C&|D'|D'|D'|D'|D'|D'|D'|D'|C)|C)|C)|C)|C)|C)|C)|C)|C)|C)|C)|C)|C)|C)|C)|C){E'|G&{@,s2 s2 s2 s2 s2 s2 s2 s2 q0 q0 q0 q0 q0 q0 q0 q0 p/ p/ q0 q0 r1 s2 s2 s2 s2 s2 s2 s2 s2 s2 s2 s2 w3v2 w6p2 h-n5u>o;rPqOeBJ'i1`(c+f0 i/ s9]#c)q7i/ m3k1~F#jG~[lIH%e- c+r:u4v5v5w6w6x7x7x7y8y8y8z9z9z9z9z9|;|;|;|;}<}<}<}<~=~=|;y8t3 r1 s2 u4u4v5w6x7z9{:{:|;~>@A@?~>?@|>}?BE!H$K(N+O,N/M.M.L-L-K,K,K,I,I,H+H+G*~F)~F)}E(}E(}E(}E(}E(}E(}E(}E(}E(}D*}D*}D*}D*}D*}D*}D*}D*|E*|E*|E*|E*|E*|E*|E*|E*}G)}H'|A-s2 s2 s2 s2 s2 s2 s2 s2 q0 q0 q0 q0 q0 q0 q0 q0 p/ p/ q0 q0 r1 s2 s2 t3 s2 s2 s2 s2 s2 s2 s2 s2 w1 r. t3 p2 q6U.wO|Ti, n4n4o5I&gDvSsPyVuRt<f. o7d, l4j2f2k7_+p<sO\U1f2v5v5v5w6w6x7x7x7y8y8y8z9z9z9z9{:|;|;|;}<}<}<}<~=}<>~=z9u4q0 s2 u4t3 u4w6y8z9{:{:{:~>?AA@?@A|>}?AD H$K(N+P-P1P1P1O0N/N/N/M.K.K.J-J-I,H+H+G*~F)~F)~F)~F)~F)~F)~F)~F)~E+~E+~E+~E+~E+~E+~E+~E+}F+}F+}F+}F+}F+}F+}F+}F+~H*~I(|A-t3 t3 s2 s2 s2 s2 s2 s2 p/ p/ p/ q0 q0 r1 r1 r1 u4u4v5w6y8z9{:{:y7y7{:x7u4 ?q/{:y0x5e, |L*|WrMb3 g6T0vRkFuP]6i+u6q2 o5mIp5r4p2 r1 s1t2 m- s3u5p0 n0 BeA^zJ(e/{<w3x2 =t6 t;y8z9{:|;}<}<|;|;}<}<}<~=~=>>>?>??z9s2 r1 v5u4 v5x7y8z9{:|;|;}=~>@BBA@?~=?CDG!J&O+R.S2S2R3Q2Q2P3P3P3M3L2L2K1J0H.H.G-G-G-G-F,F,F,~E+~E+F,F,F,~E+~E+~E+~E+~E+H/H/H/H/H/H/H/H/{I-{J*H5t3 t3 s2 s2 r1 r1 s2 s2 q0 r1 s2 t3 u4v5v5w6x7x7y8y8z9{:|;|;x6Bq0 @|;u4 ?w7t1@!cxVl?`0 uPxSY5~H%`)f,q6n/ t3 m,k1 iEm2 q3 q3 u4 v4 y7s1s3u5s3o1 o1 q5u9iHbr5v6}<r1 Et6 y8z9{:|;}<}<|;|;}<}<~=~=>>???>?@|;u4s2 u4w6x7x7x7x7y8z9|;}=~>@BBBAA@@BDEI#N*R.T3T3T3T5T5R5R5Q4O5O5N4M3L2K1J0I/I/I/I/H.H.G-G-G-H.H.H.G-G-G-G-G-H/H/H/H/H/H/H/H/|J.|K+I6t3 s2 r1 r1 r1 r1 s2 t3 u4u4v5x7y8z9{:|;{:{:{:|;|;}<}<}<~=?~=|={<{=r5 |?P0ȏo{F%h6uQcI%{=w=h. i- l.o0 t3 t1 y4 i/ gCl1 p2 q3 u4 w5 y7s2 s2 t3 u6w8u7q3 l.A}@ÉeJ&l1 Dt3 =z9z9{:|;}<}<}<}<~=~=~=>>??@??@A>y8t3 s2 w6x7y8x7w6w6y8{:|<~>@BCCCCBBBBCG!M'Q-T1T4V6X7X9W8U8U7S8S8R7Q6P5O4N3N3M2M2L1L1K0K0J/J/K0K0K0K0K0J/J/J/I0I0I0I0I0I0I0I0}K/}L,I6s2 r1 r1 r1 r1 t3 u4w6y8y8z9{:|;}<}<~=}<}<}<}<}<}<}<}<?z9A|=|>y>x<iEch5O+`iEx:~?{7z:m- u6w6u1 z5v1 w2 l2jFn3 q3 p2 s2 t2 v4 t3 t3 s2 q2 r3 t5v8y;n*w7t:\_7p5?9{:{:|;}<}<}<~=~=>>>??@@A@@ABA~=x7t3 u4 w6y8x7w6w6y8{:|<}=?ACDEEEDCABEK%P)S0U2X8Z:\;[fCxUl?T0gT0u7E{7H#F x7p,p-n+q.y4 t/n4lHo4 r4p2 r1 s1t2 w4 y6x7v5s2 p2 r4 t6?u4l1 r>X]9v6~:}<}<}<}<~=~=>>??@@AAAB@ABCCA}<w6s2 u4 x7y8y8y8z9{:|<}=?ACDEFHGDBBEI!M&P.S1X5\<_>_>^>]=X=X=Wp5z@cBnMvC#wG#͙uE!s3DCD~=@=t3 v5t3 p0y9t4 m3kGn3 r4q3 t3 u3 w5 v3 w4 y6x7y8w9v8u7q.}<}@l1 t:{WZ8x9~=~=~=~=>?@@@@AABBBCBCCCDEA~=t3 u4 v5x7z9{:{:{:|<}=~>@BDEFIIHEEEGJ"N*R.V4\9_>a@b@aA\A\A[@Z?Y>X=W?F!>G~CD@q3 p2 u7t8t9 p5l2jFo4 r4r4 u4 w5 y7z5 y4 v4 v4 u5 v6 v6 t6 As5 y8Bt4{>|YW6??>>?@ABAAABBCCCCEECDG!G!Dz9w6u4 v5x7{:|;{:}=}=~>?ACDEJJJIGFEFJ'O+T0Z7`Y=X?>~=}<~=~=~=>>??@>>>>>???>Dp3 Z6g{H(tB$ə}s>C?A;D}B|FBEBs6o5 m3 h1r;n4lHp5s5r4 u4 w5 x6 y4 {6z8z8w7w7z:|<v=w9x5}7>u6wA m@????@BCAABBCCDDCF ECDH"J$H">z9t3 s2 w6{:|;|;}=}=~>?@BCDJKKKIFEDH%L)R.Y6_;c?eCfDdHdHcGbFaE`D_C^B\@\@[?Z>Y=W;V:V:U9U9U9T8T8T8T8S7R8R8R8R8R8R8R8R8S7R2M:????????????????????????~=Dw?b{F!u@ʒoz@CCCDDEEEI"G C|9s0 x5{8s0 iHu@t9p3x7 u4r3w7v6 v6 v6 w7w7x8x8x8|<|<|<|<}=}=}=}=ml:~F~@CGBADDDEEFFFGGHHHHHI G <w4 x5|9|9|9~;}=~>?@ACDDFGI K"K"I GFIJN$V.\8_V=V=V=UCCDDEEFF@G H!}:o,t1 z7v3 eDp9s6r3{8 z7 x7 x8w7w7x8x8y9y9z:z:|<|<|<}=}=~>~>~>eEuQo7KC>E >EEEFFGGGHHHHI I I I I"D=z7y6{8~;~;}=~>?@ACDDFGI K"K"J!I HJIL"S+Z3]:aAgFgMgMgMgMgMfLdKcJbHbHaG_E^D]C\B[AX?X?X?X?W>W>V=V=V=V=U~>???s@`J!HDBI"DFFGGHHI I I I J!J!J!J!K"K"K$M&H!}<u4 w6|;|;}=}=~>@ABCDEGI K"L#L#K"J!KHJ N&T-Y5`=gDhLiMkOkOkOiOhNhNfLeKdJcIbHaG`F_E]C\B\B[A[AZ@Z@Z@Z@Z@Y?X>X>X>Y?Y?[:U?UICCCCCCCCCCCCCCCCCCCCCCCCz>}YZ5wBc~G DDEEEFFGGHM&H!H!J#Bv5r1 t3 rSt:u6y4 y4 z5 :|7y9y9y9z:z:{;{;|<}=~>~>?@@AAvAW2~W}@DJ#EI"HHI I J!J!K"K"K"K"K"L#L#L#L#L#M&Q*P)Dy8v5y8|;}=}=~>?ABCDEFI K"M$M$M$M$L IGJ"O'U.^7gBiIlLmOoSnRlRkQjSjPiOhNgMeKdJcIcI_E_E_E^D]C]C\B\B\B\B[AZ@Z@Z@[A[A^=XBXLCCCCCCCCCCCCCCCCCCCCCCCCN+`yD^9tL{CGBFFGGHHHI J"J"L$M%I!~@y;z<oPq8w9>=~:;y6x8y9y9z:z:{;{;{;~>??@ABCCM&r9ƍfM&G J"BGJ!J!J!K"K"L#L#M$M$M$M$N%N%N%N%N%P(Q)S+O'Cv8t6y;|<}=~>?ABCCDFHK"M$N%N%O&M$J!HJ K#P(Z1c:iEkJpPqSqUnTmUnVmSlRkQjPiOgMfLfLbHbHaGaG`F_E^D^D^D]C]C\B\B\B\B\B`?\F[ODDDDDDDDDDDDDDDDDDDDDDDDlL_>t>e}I!I!I CGGHHI I I J!FL$L$L$R*P(~@n0kMk6m3t6x8v6 w9y:y9y9y9z:z:{;{;|<?@@ACDDEFBc?mJK'EI JK"K"L#L#M$M$N%N%O&O&O&O&P'P'P'P'Q)P(S+U-N&Ax:x:|<}=~>?@BCCDFHJ!L#N%O&O&O&M$K"K"L"M#V+^3d?iDoNrRrVqVpXpZqVqVpUoTmRlQkPkPfLfLeKdJcIbHaGaG`F_E_E^D^D^D^D_EbA_I^RFFFFFFFFEEEEEEEEEEEEEEEE~_}G&T0ZyB}CL GHHHI I J!J!J!M%N&I!I!O'M%DBz[vF$s>t<z>s7 r7x?z:z:{;{;|<|<}=}=@@ABDEFF?M%|BbI&G O#NL#L#L#M$M$N%N%N%P'P'P'Q(Q(Q(Q(R)S+Q)S+V.V.N&Bv9|<|<}=?@ABCEFGI K"M$N%O&P)O(O&O&N!LQ$X)^6e=lHrRsWtYs]u^uZuZtYsXqVpUoTnSjPjPiOhNgMeKeKdJcIbHbHaGaGaGaGaGdCaK`TGGGGGGGGGGGGGGGGGGGGGGGG}^zD%^yE M&FIKHHI I J!J!K"K"N&L$K#O'N&N&mEךrheDqKzQzO\1u>n7|<|<|<}=}=~>~>~>@ABCDEFGGED"fyC"M&IKL#L#L#M$N%N%N%O&Q(Q(Q(Q(R)R)R)R)T,T,S+U-Z2X0J"v9|<|<}=?@ABCEFGI K"M$N%N%Q*P)R)Q(O"KO T%X/`8jEqPtUuZw`xcx]x]w\uZtYsXrWqVmSmSlRkQiOhNgMgMeKdJdJcIcIcIcIdJeDcMaUIIIIIIIIHHHHHHHHEIIIFDF~XQ)J"[FFGL$J"H!H!I"J#J#K$L%L%M'I%P+P*|O*cӦ^Dr1 x;y>|EgBb~O)s:t9{=~;@{9CD}@~ADEEEFGIH J$O+^~EM#M M!N"N"O#P$Q%Q%R&S'S'S'T(T(U)U)U)V*V-W-X.W/X0X1X1v9x<y=|>~ADDBGGHIKM!O#Q%S'S'T(T(S'Q%O#M!Q(X0b;kFqPvVyZ{^}`}`}a|azbw_t\q[s[qYoWmUkSjRjRjRgPgPgPgPfOeNdMdMgIiTl^JJJJJJJJHHHHHHHHCG~HJHGJ#\H G{SR*J"}BDGJ!J!K"K"L#M$M$N%P*H"R-O)ėrvQėr[9O&Cp5 yAg0 {Gs>ĐkQ*t9{=>A{;z<{@ACEFFFHI HI!L&O+_J#Q'M O#O#P$Q%R&R&S'S'T(U)U)V*V*W+W+W+X,X/Y/Y/Y1Z2Z3Z3O'~Aw;}?D~A@EGGHIKM!O#P$R&S'U)V*U)S'P$N"O&U,^6hCpLvVz[|]}`~a}b}b{czbx`u_v^u]rZpXnVmUmUlTjRjRjRjRiQhPhPgOkMlWqdJJJJJJJJIIIIIIIIG K!KLIGI"YJ M#xNsItJvL|R\}Q}Q~R~RSTUU|VZxQʙszTleA|J&\VxO|Ss:{Bs:{A~WM&x:y8>A{=~CCEHIIJKLK L#N(M)^M&R(M!Q%Q%R&S'T(T(U)U)W+W+W+X,X,Y-Y-Y-[/Z1[1\2[3\4\5]6a9N&{>z>A~ABFFGHKL N"O#O#R&S'V*W+W+U)R&P$O#Q(X0b;kHtSzZ}^bbdd~f}e}e{ezbyaw_u]s[qYpXpXmUmUmUlTlTkSkSkSpQr\wjJJJJJJJJJJJJJJJJI"M#LLJGG }WHCN$Q'K!L"K!M#K L!L!M"N#O$O$P%T,L%V/㲊ɚtaM)ڦlAY.[0R)֛s|>i*@pI]6z=|;@@z>x?EGIKKLMNKGJ#H$~ZK$Q'Q%R&R&S'T(U)U)V*V*X,X,Y-Y-Z.Z.[/[/\0\3]3]3]5^6^7^7a:[3N&}@y=AEDEFIKM!N"O#O#Q%S'V*X,Y-W+U)S'Q#Q%T*[2d?oKxW}]deghihij~f}e|dyaw_u]t\s[qYqYpXoWoWnVnVnVtWua~qKKKKKKKKJJJJJJJJEI~HKKI I"YIGCICK!K!K!N%N%O&P'P'Q(R)R)R*N&f=tL^6W2[qL`2X*[0_5[3Å]}?x7yEnGFDDz<D~E~BDGHIIKLT(N$R+Q,`M&N%R&S'S'T(T(U)V*W+W+Y-Y-Y-Z.Z.[/[/\0]1]4^4^4^6_7_8_8^7b;^7N&}@{?~@~@DFHJL N"N"N"Q%S'V*Y-Z.Y-X,W+U%T&R%T*[4hCsP{Zdfjjkkkmiig~f|dzbx`w_u]t\s[rZrZrZrZrZwZydzL L L L L L L L KKKKKKKKG J ILKI H!|VLQ$N!P#HN!O"P#K L!L!M"N#O$O$O$I\3uLV,X0[3xSW3X+]0c6[1^4Æ^N&}@k7yR{@|>Bz<~Dw@|B~DGIJ K!L"N$N!J T-Q,_P)P'T(T(T(U)U)V*W+X,X,Z.Z.[/[/\0\0]1]1_3^5`6`6`8`8a:a:`~BDEGIKL M!N"Q%R&U)X,Z.[/Z.Z.[)Y(T&S&U-_8kGtQ}aejlnmmpllkjhg}e|d{bzay`w^w^w^x_x_}a~iL L L L L L L L L L L L L L L L L%N$LNLI FySGJL L JJKO#P$P$Q%Q%R&S'S'T(]3I]X.P(S+_[7U(j>R&a4^4Ŏc\3T+uByRt9z<~@{?{AxAyB|E~G I"J#K$M&N'P#R'Z2~I$zUQ*U,V*V*V*W+W+X,Y-Z.Z.\0\0]1]1^2^2_3_3a5a8b8b8b:c;clHx\}aimoopsooonmljihf~e|c|c|c}d~eisL L L L L L L L L L L L L L L L I"L"KNO"L#J#~XP$HKJO#L JN"R$R$S%T&T&U'V(V(N$_4uJmC^4Y2Ɏg_9\/[.a5a5`6֡v`5f<_7_FBx:CX.uHqLsNvQxSyTzU|W}X[][Y4}XT-V-R'W+X,X,Y-Z.[/[/\0^2^2_3_3`4`4a5a5c7c:d:d:de>c>fBfBe>iBiAX0CDDEFHJM!N"Q%R&S'V*Y-[/]1_3a-`.],W)R(T,]7eAtXz^hmpqruqqqqqonmkjhgfghioxMN N N N O!O!O!N N N N N N O!O!M%J!L JN Q&{J"^L#K"J!N"O#LN Q"P"Q#R$R$R$S%U'W)V)[.Q$՞s\1V-\3߫a3_1e7]/~qG]5e=vбj{ZsRcAfC<~=BHHGJPW$R)N&`U0hR)V)X'Y+Y+Z,[-\.]/^0_1_1_1`2a3b4c5d6e7d7e8e8fh?i@i@i@hAjBjEkFkFlHMHFFHHKP#O!P"S%V(Z,^0`2b4a3b4a3]/Y+X*[-_1hBvQ_hovyxxvuvwxvupqqoonptxO!O!O!O!P"P"P"P"O!O!O!O!O!O!P"P"K#K"Q#P"N M"|I!_O&N%K"L O#S%T&S%Q#S%S%T&S%T&V(X*[.S&^1V{PY0Y0jAɖkΛpđfؤ{pGa8b:f>ʨ]gDfB[6R+C>@~?|?~BFKLKR([3\W2[V-\/],[-[-\.]/^0_1`2`2a3a3b4c5d6e7f8f8f9g:g:g=i?k@jAkBkBkBjClDlGmHmHnJm@V)FHKGGMR$S%T&V(X*Z,\.]/a3b4b4`2\.Z,Z,\.e=qJ}Ydkswvzyxyz{zytvvuuuy{óP"P"Q#Q#Q#Q#Q#R$Q#Q#Q#Q#Q#Q#Q#Q#M#N"T&T$N M N%dL#N%P'N"O"U'V(T&S%T&U'U'U'V(X*Y+V'Z-c6e8˔inCb9a8^5`7d;`8c;d>qKƠޭc=iAnEe]0MEHR!S(\3[X3Őka8U(^.^0_1`2a3b4c5c5d6d6e7f8g9h:i;i;jk>kAmCoDnEoFoFoFoHqIqLqLrMrNqRyYtP^7L"KLIJKMQ#U'Z,^0`2a3c5d6e7c5`2\.Y+[/b8lCySdouw~~Ʃ˵ǿQ#R$R$R$R$R$S%S%R$R$R$Q#Q#Q#P"P"S)O!Q U#OR$R*vOf;P%Q&U(S&R$O!U'U'V(V(V(U'V(W)Y+V%]/V(j;]0c6h=˔ȋiИoۤ}ǔlɚtœ^lGh8wJl>n@vGrCwIyKoDtIwLm@X+GEMN#yPkCgB~Y\4Y-b2_1`2`2a3b4c5d6e7e7f8f8g9h:i;jl?l?lBnDpEoFpGpGqHpIrJrMsNsNsOrUrSwWyTi@Q$GLMMN P"S%V(Z,\.b4c5d6e7e7c5`2]/[-^0e;qJ[jtx~ á£Ĩū̲S%S%S%S%T&T&T&T&T&T&S%S%R$R$Q#Q#S&P!PV$R T&L"Z3WX-N#R%V)Y+S%X*V(W)W)W)V(V(W)Y+^-\+a0[-X)f9iQ&nEf=bf>g>o?h8l;n@qDsEpEtInEqHvKqF_2KEJ{HǕkT,ad?\4a5^.`2a3b4c5d6e7f8f8f8g9h:i;jl>m@m@nAnDoEqFqHqHrIrIrKtLtOtOuPuQvZsTvV~Z|WlCV+HLLMN Q#U'Y+[-`2b4e7f8f8e7d6c5^,],a3kAxQanw~ßáţǥŧĩŪƪƬȮ˲εҼU'V(V(V(V(V(W)W)V(V(V(U'T&T&S%S%T&S$S!X%R W)M$P(`^3S(R%T'\.V(Y+X*Y+Y+X*W)W)Y+Z,Y(c2e4Z,i;a4W*g:f7f7sDh9c6қnqFqFn=l;xJwJrGvMrInFzPxOxOtIc9P$HKa5WW/Đk]8^6a5].c5c5d6e7f8g9h:h:i;i;jm?n@n@oBpCpCpFrHtIsJtKuLuLuNvNvQwRxSxTzZ}[zYwV~Z^pLW3MMMN P"T&X*Z,\.`2e7h:h:g9g9h:d0_-^.e9oG|WfrĠáţɧ˩ūǭʰ̲εҸվƾW)X*X*X*X*Y+Y+Y+Y+X*X*W)V(V(U'U'W)W(V$X%Q\,V-V.Ya5\1V)Q$X*T&W*Z,Z,[-Z,Y+Y+Z,\.b0Y(_.h7Y+i:e8e8l8k8e3n=oAӗij[a<_7^2f7d6e7f8g9h:i;jm?n@oApBpBqDrErErHsIvKuLvMwNwNwPxPxSyTzUzV[~Z|XzY~\`}]vVT&R$P"O!O!P"R$S%Y+_1f8jp?q@rArAsEtFuGvIwJxMyNyNwNwNwPxQyTzU{V{W}\}\~]~^_`aa|[[5KRSSW#W&Y(Z)],c2j9mo?ŗhqCpDtCuDvExIyJyLyLyL[|TyLSp?a4L$œowJh<{OT&_2]/jo>p?q@rAsBtCtCtFuGvHwJxKyNzOzOyPyPyRzS{V|W}X~Z^^_`abcceuQZ/LUW!R U$X'Y(\+a0f5j9me5j9k:l;mp?p?q@rArAsBtCuDvEwFvHwIwIxKzM{P{P|Q|S|S|U~V~YZ[\aabcdeffjepGW(T!V$U#V%W&X'Z)],a0f5l;q@q@n=k:g9b4c6m@zMfØwƟáƧɪͭӴֺؾŵʾ^-Y(W&[*],\+\+^-],],],\+\+\+\+\+],\+\+[*[*[*[*[*[.U(T[}Kb4X)b4^-_._.^-],^-`/a0b1c2f5g6g6g6i8j9m;mp?q@rAsBsBtCuDvEwFxGxGxJyKzL{N|O}R~S~S~U~UWX[\]^ccdefghhge_pGV)S$Z)W&W&X'Y(Y([*a0j9q@q?o=n=mp?q@rAsBtCtCuDvEwFxGyHyH{M{M|N}P~QTUVWWYZ]^_`eeeggiiigdjbkCW,U&U$W&X'X'W&X'^-g6n=p>q?s@q@j9d5g8m>}OdǚxȢ̩ЮѲٸֽó̽yHn=b1\+[*\+^-_.a0a0`/`/`/`/_._.a0`/_._.^-_._._.^.],a2g9Оpd9\1\3`/a0b1b1a0a0b1c2d3g6i8k:k:k:l;mo>p?q@rAsBtCtCuDvEwFxGyHzIzI{J}O~P~PRTWWXYY[\_`abgggiikkllolmdkCT'U$W&X'Y(X'X'[*b1h7pa0^-a0d3c2c2b1b1b1b1b1a0c2b1a0a0a0a0a0a0_-e3\+c3^0WƒiZ3a0b1d3d3c2c2c2d3f5i8l;n=n=n=o>o>r@rAqAtFwG͟pyKxL{J|K~MQTVWXVbجɠbԨ`[-T&P"MV%Q a.\)h5sBsBtCuDvEwFxGxGzIzI{J|K}L~MNNRRSUVYZ[^^`adefglllnnpppnquupƖrÎcsBX'Z)[*[*Z)Z)[*],f2q=xDvCvCwFq@g6f0vEZoȢϭѰֵӾŶQM~KzGr?f3_,_,`-e2g4d1b/d1e2d1d1d1c0c0c0c0b/b/c0b/b1a0].d5}NϘk_1i:a2d1j6e/g/g/j;f7g8n?rCo@l=m>qBvGsDzMtF̗l{PwLE‡ONNUZZ^gҪ{kڭўsk:b,X%S V#T!V#[(]*e2s@uBvCwDwDxEzG|I{H|I}J~KMNOOTTUWX[\\^_abefghllmooqrrrsuwuqjf|ToD`2['[(_+]+[*_,j7uBzG|I|IvCn;jxI_˜vѨҰնռôONOP|Io|M֣xd6_1e6b1k8e1i5j9n=p?n=ml>tEVƕṃѮյջ²;PPRTQyFl9d1c0f3h5h5h5i6j7h5g4g4g4g4g4f3f3f3g4c0b/e4e4a2a2d5pFϜqzOa3k=d5e4e4f3k8or?vBxDvCtAyH֞mRQMQY^eѠxۭУ}lęxӨУk[xGb.Z'U"Y&Y&Z'\)]*f3wDyF|I}J}J}J~KLMNOPQRSTXYY[]``acdfgj‘kkmooprrtuuØwx{||wrme\{Ln:b.^*]+_._,^+e2tA~K}JyFxEp?m{LaǚxЪմֻ˻SQPRQ~KtAl9e2f3g4h5j7k8k8j7h5h5h5h5h5g4g4g4j6e1b/e2e4d2c4d5d:nDўsʗla6b7rGd9q=k7h4l8q=t@vBzFr;xDwC|H|I̕bō\}LXSe٩ڬɜvhaోⵐʝxbfbzIt@\)W$[([(Z'[([(f3xEzG~KLMLMMOOPRSTU‰VZZ[]^abcefÐh‘iÒl“mÔnÓo”rrr•tu–wwxŚy|}~|Öt•pgaW|Hph5_._,^+_,e2s@LO~K|KuBp=r?{L`ȞyԮعʶOPPQTR|Is@oi7d1d1a.a.k8zGOMNzGt@s?wDT—lѨֵܽȳPRST‰VUNxEvCn;h5i6l9k8j7j7l9l9l9k8k8k8k8k8i2j3k7k6j5h5h5i6m9k7m:a0qBsE^0yNѠrϞpēeSuGrDrDqCsEwIzLS~RxM_Tbڪ௃ȗk\^Ēd͗hʖhaeϜqƒdxGpi6j7l9l9k8k8n;n;m:m:m:m:l9l9o8n7m6l7l7l9m:m:l4n6l6q=j7h9uFpBrFnBzN•iУw̟s̟sը|Сu˜p͠uțpҦ}Ф{׫޳ڨ~bX_őcƒc͘fΙgɑ`ΘiϛmɖkǔiȔfPh4c0Y&Z'\)]*b/n;QOPRRRS‰VÊWÊWÊWċXŌYǎ[ȏ\ɐ]ʑ^őbőbƒcœeƔfƕiǖjǖjȘnƙnǙpȚqǚtțuȝvɝxǝzǝzȞ{Ǟ}Ǟ}ƟǠǠɡȡǢƢǣʣʡʟ~ʜsɘlĐaTN|HxEtBr?j7b/b/e2l9yFSMK|Ew@ss>t?vAxCyDzE{F}H~IJKLOSVVÍXŎ[Ő]Ƒ^Ɠaɖd˘fȗgɘjșmȘn˚nƒcLo7e0\'](a,a,i4xCKMMNPRSTUŒWÍXĎYƐ[Ǒ\ɓ^ʔ_˕`ʔeʔeɕfʖhɗiʗl˘m˚nǚoǚoȚqțuɜwʜzʝ{˞}ʟ~ʟ~ɠɠȡȡɡɡʣˤˤ̥ˤʣɢȡ̡ɜwǓjČ]R~JxFvCvAqqt?u@vAxCzE{F{F}H~IKLMPSVVÍXƏ\Ƒ^ǒ_ǔbʗe̙gɘhɘjșmʚp˚nƒcLo7f1_*_*b-e0o:}HMOOPRTUVŒWÍXĎYŏZƐ[Ȓ]ʔ_˕`˕`˕fɕfʖg˗iʘj˘m˚n˚nɜqɜqʜsʝw˞y˞|̟}̡̡͠ˢˢʣʣˣʤ̥̥ͦΧ̥ͦˤʣ͢ʝxǕkÍ^SLyGwDu@qt?t?vAwByDzE{F|G}HJLNOQTVÍXŏZǐ]ǒ_ȓ`ȕc˘f͚h˚j˚lʛo˛q̛oőbKo7f1b-a,d/k6xCNNQRSTVÍXĎYĎYŏZŏZƐ[Ȓ]ʔ_˕`̖a͗b˗h˗h̘i˙k̚l̛o͜p͜p̟t̟t˟v̟y͡|ΡϢ̧̥̥̦̦̦ͤͤͤͨ͢ΩΩΩ̧ͨ˦Ϥ̟zʘnŏ`‰VN|IyFu@r=o:m8j5j5qn;p=p?r=s>s>t?s>s>r=r=p;p;p;p;p;o:o:o:p;p;qs>t?u@u@u@wBxCzE{F|G}H}HKMPQRUŒWĎYƐ[ɒ_ɔaʕbʗe̙gΛi͜l̛m̝qΞtΝqőbJp8e0d/c.g2r=LRPSSTVÍXĎYŏZƐ[Ǒ\Ǒ\ɓ^ʔ_̖a͗bΘcϙd͙j͙j̛k͛m͜nΝqϞrΟsˠu̡v͡x͢{ϣ~УϥϤΥϦͧΧΧΨΨΨΩΩϪЫЫϪΩͨҧϢ}͛qɓdŌYP~K{HvAt?r=p;l7j5n9u@RVTPKyDvA|G^ɟuױ͹tCwDtAp=wBTПg۪r٨pԣkǕ`MuBr?tAsBs>t?t?u@u@u@t?t?r=r=r=r=qt?u@vAvAvAwBxCyD{F|G~I~IJLOQRTVÍXƐ[Ȓ]ʓ`ʕb˖c˘fΛiНkϞnΝoΟsѡwϞrĐa~Ip8e0e0e0i4xCQTQTTUŒWĎYŏZƐ[Ǒ\ɓ^ʔ_˕`̖aΘcϙdћfћf͜lΝmϞnϞpПqϠtСuСu͢w͢wͣyΣ|ФϥЦѦΨΨΨΨΨϩͩΪΩϪЫѬѬѬЫϪӪҦΞtʖgƏ\SN}JzEwBt?r=n9k6m8s>LUVRP~IyDzETƗkլ߽θq@uBvCtAwBOȗ_ԣk֥mդlʘcPwDs@r?o>t?u@u@vAvAvAvAvAt?t?t?s>s>s>s>s>s>s>t?t?u@vAvAwBwBxCyDzE|G}HJJLMPRSUÍXŏZǑ\ɓ^̕b̗d͘e͚hϜjўlѠpϞpСuӣyПsÏ`}Hp8e0f1f1n9JTUSUVŒWĎYŏZǑ\Ȓ]ɓ^˕`̖a͗bΘcКeҜgӝhӝhПoПoРpѠrТsѢvңwУwϤyΤyϥ{Х~ЦѧШЧЪЪЪЪЪϬϫϫάϭЮѯѯѯЮϭ֭թҢxΚkɒ_VPL|GyDvAt?p;l7m8q<|GSWUTO}HzEJ^Хz۸ʲmPVUVÍXÍXĎYƐ[WRʔ_˕`͗b͗bΘcКeҜgӝhԞi՟jҡqѡqҢrӢtҤuӤxҥyҥyЦ{ѧ|Ҩ~ѨҨҪӫӪҬѬҭҬѮѮЮЮЮѯҰӱԲӱӱҰְիҥzΝmʕbÍXRM}HzExCwBs>n9m8p;zESŽYVVSK{F|CVțoկĪпn=m:n;uBzE|GIPRWWN|I}J{HuDu@vAwBwBxCxCxCxCwBwBvAvAvAvAu@u@vAvAvAvAvAvAvAvAxCyDzE{F}HJKKOPQRSVŏZȒ]ɓ^˕`ΗdΙfϚgϜjўlӠnӢrѠrңw֦|ҡuÏ`|Gp8i4i4j5wBTŒWUĎYŏZŏZƐ[Ȓ]V?( Z͗b͗bΘcϙdћfҜgԞi՟j֠kѡqҢrӣsҤuӥvҥyӦzӦzҨ}ө~ҪӪԪԬխլӮӮԯԮӰӰҰҰҰӱԲճִִճԲױ֬Ӧ{Пo˖cĎYSN|GzEzEzEvAp;m8n9yDSÏZWXUL{Fy>P”eΩ۾̻p;r=s>r=qxC|G}H~I}H|G}HKM{I\4zExCvAxC{F|GzE{FyDxCwByDyDyDxCwBxCyDyDzEyDyDyD{F{F|G}HJLMNOQTVWŽYő\Ǔ^Ȕ_ʖa͙dМgҞiաlؤoڦqѢv֨yצx֥u֣qȓ`{Fl7n9i4p;NÏZÏZÏZǓ^SsU6Oa[?/МgНeўfҞiӟjԟl֡nעoעp֤v֤v֥wզzը|Ԫ}ժԪ֫׬׬جخٯׯذױװױױز׳سسմֵֵ׶׶׶׶׶նֱԬҤuΜhɓ^UQL|GxCxCvAs>qt?s>~IVȔ_Ȕ_Đ[VSOLPƕcԪܽμ}H~I~I|GzEyDyD{F{FyD{FLOPSsK<*wBzE}H}H|G}H~I}H|G|G|G|G|G|GzEzE{F|G|G|G{F{F}H}H~IJLNOPRTVXŽYĐ[Ǔ^ɕ`ʖa͙dМgӟjաlףnۧrݩtר|ت{۪|ݬ|\F1mO2X0{S+zS,xQ,uQ.F3'3&.8WXXWY_GD3"Ԡkԡiբj֢mףnأpڥrۦsۦt٧y٧y٨zة}ث׭حخگ۰ٰڰڳ۳ٳڴٴڴڴٶڶٷٷٷ׹غغٻٻٻٻٻڻ۶ذ֨yҠl̖aÍXSN~IzEzEyDu@t?u@s>zERȔ_̘cǓ^XWSLMZ̢uٶ˵JKLLKKLMMKLQTSU^G_:3#p@~I}H}HJJJ~I~I}H}H~I~I{F|G|G}H}H}H}H|G~I~IJKMOPQSUXÏZĐ[ƒ]Ȕ_ʖa̘cΚeҞiԠk֢m٥pܨs߫v٪~ڬ}ݬ~b,**+=>L__ZW V VVZa>nS7աlբj֣kףnؤo٤qۦsܧtܧuڨzڨzک{٪~٬خٮٯٰڱڱٲ۴ڴڴ۵ܷܶڷ۸ڸ۹ٹںغٻٻڼڼڼڼڼۼܷڲت{ԢnϙdƐ[WQL}H|GzEvAt?u@u@xCOǓ^Κeʖaő\Đ[VOJTɛkձȭLMNOPQRSSRSVWWXoQ@X^NwD}H~IKKKKJ~I~IJK|G}H~I~IJ~I~I~IJJKLNPQRTVŽYĐ[ő\Ǔ^ʖa̘cΚeМgӟj֢mؤoۧrުuwګݯு5)E`]][Z ZYXXXYYWW]\ҟj֢mפlפlؤoڦqۦsܧtݨuީwܪ|ܪ|ܫ}۬ۮڰ۰۱۲۲ڳ۴ڵ۵ܶ۷ܹܹܹۺܺۼۻܼټټڽ۾۾۾ڽڽܽݸ۳٫|գoКeȒ]‹XSN~I}H{FwBu@u@wBxCLÏZ͙d͙dɕ`Ǔ^YPKPŖcҬĥԼOOOPQSTUTVWWŽYĐ[ő\X@)Q^_Xd:JJKLLK~I~IJL}H~IJJJJJJKKLMOPRSUWÏZő\ƒ]Ȕ_˗b͙dϛfѝhԠkףn٥pܨs߫vxګ߱qS2ZWXZ[\^^__^^[X\]"kQ6ףn٥p٦nڧoۧrܨsݨuߪwxy߭߭߮ޯޱݳ޳ݳ۴ܵܵ۶ݸ޸ݹ޺ݺݺܻݼܽܽݽݽ۾ܿܿ޿໙ݵۭ~֤pКeǑ\WSNJ~I|GxCwBwByDzEKV˗bϛf͙dʖaZTNN]ͦzܾϳRQPPQRSTSWŽYWŽYǓ^[:+D[^^_] &{W2~IKLMK~I~IJL~I~IJKKKKJKLLMOQSTVXÏZő\Ǔ^Ȕ_˗b͙dϛfҞiաlؤoڦqܨswyګթ}.$0V VY _##a((e++f++f--g//h//h ` XZ^_RA1$ԡl٥pۧrۨpܩqݩtުuߪwyz{ᯁᯁᰂᲆೇߵൊඋݶ޷޷ݸ޹߻߻༘޻޻ݼ޽ܽݾ޾ܾ§§§§Ἒ޶ۭ~֤pϙdƐ[VRM~I~I}HzExCzE{F{FJTɕ`Мgϛf˗bÑ\VNKXʡtٹɫRSTSTVYÑ\XYZÑ\œ^Ǖ`_ S^^^^_TV>%NLKKLMMLLLLLLLLLLLMNPRTUXZÑ\œ^Ɣ_Ǖ`ɗb˙dПgҡiգnզpקsڪvݮz߰}ᴁiT>7X[##a22j::o==q>>r==q<>v f^ [ ZZ^P1#VUTSSSSSSSSUUUVWXYZÑ\œ^ɗb˙d͛fОiӡlգnاo۪r߭xqN )U]]^^[ZXV UUVVX[aI(bܪuݫv߭xzz{}~嶀緃縄縄蹆纇鼉罎罐罐迒鿔–œĞĠĠĢǤȥǦǦȩɪɬʬʯʯ̰ͱͱββββͱǦ俙⺊|եkОd˗bď]TRPNMLKJJ~I~I~I}HKTĒ]ʝjѡmѠhϚa˖]ē[ʚfתwğ͛fΜg͛f̚e̚e͛fϝhҠkҠkӡlӡl[ I^\ \##h;;vMMSS99t!!f`_[ Y[asGVTUUUUUUUUWWWWXZ[Ñ\Ñ\Ɣ_ɗb̚eϝhӡl֤o٧r٨pݬtaL5> WVYZXW V V VUVVV[^`A/$cެwݫvެwy{{|~絀嶀縂鹅麆麆軈鼉뾋鿐辑羑迒–Ę˜œÝşƢšţȥɦȧȧɪɪɬ˭˰˰ββϳддддϳǦ俙⺊߲yզiОd˗bď]VSQOONMK~I}HJK~I|GMTʜlѢnӢjӞeϚaȕ]ȘdԥrԽɚdʛe̝g͞hϠjСkСkѢlԥoӤnfEW][`//o<>{22r))l!!hc`]YY["#WZZWUVVTUXXXYYZ[\“]Ŗ`Ɨașcʛe͞hѢl֧q٪t7*BYVVV VYYX W VVX^bP#+ {];Уnܭw۬v߰z{|}~嶀淁縂縂踄鹅渄klNpZCq[DSD2\L97."L?0meWnsmqwnsymoxivmaa__^~`dkquiz}izselbek`oreVL;oQ6wPUUSQQPOMJKLLLLMMWǙc͟i͟i̞hɛeʜfҤnᵐвѢlңmӤnզp֧q֧qרrרrةs٪t٪tϢobM<8I BK))q''l**n..p((m$$i geaYY^ YSŖ`Ŗ`[XWVTTWYYYYZ\Ô^ĕ_ǘbșcʛe̝gϠjңm֧qP?2D]XWWWVVXY[]]`R*e;N“]֧qݮxݮx{|~嶀縂蹃麄ۮ{\qZA& 2(cdVSeb ?/tFRQPONLLLLMNMMO[ɛeϡkТl˝gʜfϡk߲̭զp֧qרrةs٪t٪t٪t٪t٪t۬vܭwܭwګu٪tXx^A1') 8EW""i!!eecaYZ^VqLѢl̝gƗa\ZWTUXZYYY[“]Ŗ`ǘbɚdʛe͞hϠjѢlѣm_J>\`\ZZ[YZ^^`]O6@/j=JMQ“^ӥpݮxޯy|Өuje]iT,-) ,-)ZWJj8KN5(tFQONOMLMOONMKTŗaϡkѣmΠj͟iϡkݰɧةsةs٪tګuګuګuګuګuګu۬vܭw۬vګu٪t۬vܭwԦqc\kI :` c d_ X[^UnL۬vӤn͞hǘbÔ^ZVVY[ZZ[\ĕ_Ɨașcɚd̝gΟiСkңm}U-]^^]]\]^b]94)@mS>e>sT3b9`8`8fzGJIotq JMKrwtcfdTWU&'&mqoMPNz~{UXVÿ adbw|yDGF !"!NPNEHF698[_]*-,blDYXXZ\“_̝iרtݮzݮzܭyܭyݮz㳃ʤ䵁㴀~~~}~䵁嶂嶂淃淃縄蹅麆껇뼈q,`>q7DEo*33c`~Qfhat4_^^^PKTSY^\8:9]`^}~||++*\_]-/.qur\_]=@?bfcMPOSVU+-,ILK*,+%&%jom W[Y)*).10ntr|~x~|sywu|{¾1%ZZ[^Ô`ɚfңo۬xޯ{ݮzݮzޯ{ޯ{涆ͧ嶂㴀~~㴀㴀~䵁嶂淃縄縄縄麆껇뼈콉ÐÐѬ'^VrUhhIPJa~[qyH^^^_Kv{rzx@B@aca675 QSR*,+JMKVXV*+*;==QSQ_a`%''pwuOWV8*[\“_Ɨcʛgԥqܭy~}}㴀~鸊Эᴁⵂⵂⵂ㶃䷄䷄䷄㶃䷄帅纇軈꽊뾋쿌ŽÏĐĐĎĎ߷$8\S?T_r k8DDe-99)[^^^`.1:txuKMK-/.TVTtvsnpmz{x>>=fignrohjh ]a].I@BE0%]•bėdŘeɜi֩v߲ೀݰ}߲ೀ߲ⵂ廌ѭ㶃㶃㶃䷄帅帅帅湆帅帅湆軈鼉꽊뾋쿌ÏĐĐőƑƑḇ#>]V(5G>=6 #"aG\^ )67#_[]^^;?8:<:-.-))(wxu_a_VWU--,'&%~|}|FHG`b`669}%&)¿(`Řeƙfǚg͠mثxೀᴁޱ~ೀᴁ߲ᴁ漍Ү帅帅帅湆湆纇纇軈軈軈鼉꽊뾋쿌쿌ÎďŐƑǒǒȓɔ⺋#>]Z +M8,-;=%[WZ^^:>7cebPQOvvs''& WYWfCGF¿þ;-ÖcțhǚgɜiӦsܯ|ⵂᴁ߲ⵂⵂ߲ᴁ迒԰湆湆纇纇軈軈鼉鼉뾋쿌쿌쿌ÐÐđŒƓǔȕȕɖ˗⼏$?]\QXRixrg[lh.\YX_V;>8781 )W8}~rw>Ff:Bt;D`GQJToofCƙf˞kɜi̟lثxᴁ䷄ⵂೀ㶃㶃ೀⵂ•״纇纇軈軈鼉鼉꽊꽊ÐÐŒŒƓǔȕɖʗ˘˚˚⽐#@]^0^uu,1./61H_\V_?;?9STe>?>BE=-0$/1&/1&,/% K Z LYT),'Vțh͠m˞kУpݰ}䷄湆㶃ⵂ帅㶃ᴁ䷄ƚڷ鼉鼉꽊꽊뾋뾋쿌쿌ÐđđđđŒŒŒǖȗȗɘʙ˚̛̜͜͝⾔#7[_8E;0`{b/>@z!L!!b _ W _=:?9CGE.123Zhf%& cɜiϢoϢoըuⵂ帅纇䷄䷄湆㶃ⵂ纇ɝܻ쿌쿌쿌ŒŒŒƓƓǔǔȕɘɘʙ˚̛͜ΝΝΡΡ",Y_HsέubNdnh6AB +-t  `))e&&dX _=:@;w|DJHpusx}KPNY]\LQO^ebdkhXZYGHGYYX554NON565JLJ>@?###777ILJM dOY[C9O]I?Kq{oyaD˞k˞kѤqըuܯ|湆湆纇湆湆纇㶃㶃뾋ˡ޽ÐÐđđŒŒƓǔǔȕɖɖʙʙ˚̛͜ΝϞϞУѤ™"-Y_GVJAӭҨ⾕u{_OMCBPOFY]H\^6?>Zuz +^//i++gX _=dmj'**nxv5:9pyvowtEJH^dbOTR475U[Ys{y]cb=A@Z`^;?>dki/10inladbbeb./.bdbSUSEGF figRUT..6cRflgT\AOG]`TĚiϢo͠mҥrثxೀ鼉帅軈湆纇纇㶃䷄̢ÐЏÐÐđŒƓʔʔ˖˖ʗ˘̘˚ϞϞϞРРУУѤѩҪĞ#.Y^WG<:ծӫΡɘ伈޶ԯڱ`UCw B`//j,,gW ^=;C=_igNVSX`^@FE@EDMTSU^\IPN}r}z=CA,10cnkclj*-,clj^ge054JQP(+* ""pzxJOMLQPU[Y033\_]')(otsgkj=@>DVpv &C^  L}krNˢqˢqɠoͤs׮}ḇ潌輇齈细庇缉⺆今ÒѮŒŒŒŒƓƓǔȕʕ˖˖˘˘̛̛͜ϞПРѡУѤҤѥҪӫş#.Y^_װԬУ˚đ澊จܶqRH`dHWSD''e--i,,g W]=:A;s~{NWUOWU="&%5T^`A~֮ҥ͜Ɠ伌vbIi*''b++g((e((e W^;_ic^gdYb_JQP$&#}A6"^G1|<%.Va7,̣rͤsΥtΥtѨwٰ㺉羍羍轊꿌缉㺉今⺉澎əغ̛̛̛̛̛͜ΝϞΝΝϟРУҥӦӧԨԨԨժժխխխ֯װԭfXIN^^bH>3խҥ͜ƓŢyAMLdxv 11l&&d''e))f W];wQZWGNL'+*=DB]fdCHGagedki[caV^\@<Oy\K;g {"y  FT{_v{.*"dΥtЧvЧvЧvӪy۲弋羍龋潌今伋㻋͝͝͝͝͝ΞϟϟРРѡУѤӥӧԨԨժ֫֫խ֮װװװ׳׳شwH_^b׹Ѥ͜ƓI@3!'(C22m!!b))g--h W^*}wy\cb t|fdL}F   ?#cz|;HERB.ˣsѨwҩxӪyԫz׮}߶迎羍翋羍伋彍㽍ėѤϟϟϟϟРѡҢҢҥҥӦӧԨԩժժ׬֮֮ׯװر׳شششٵβ*a^`6r\ҥ͜Ñ4+^\Q..k..j_--h''f VZ 1oSwOONM[ wA Xnm/&ҩxԫzլ{ҩx֭|ڱ߶弋‘‘羍羍迎彍澎濒ǚ֩ѡѡѡѡѡҢӣԤӦԧԨԨժժժԬ֮ׯׯررششششٵٵٵG>;_^^^#HմΝiNKI>_uo G<GX[(+F_SyubD^I%#`EfWndEG>şpӪy֭|د~Ӫyٰ߶弋Ŕ‘潌羍翏澎忏ɜڬҢӣҥӦӧԨԨԨժ֫֫׬׬׬׬׬ٲٲٲڳڳڳڳڳڷڵٵٵ©;b^^\ g9<7!"33l88r a]22k^Y)w@HRRzQFDuk3 _rnhԬ|խ}խ}խ}խ}ܴ彍ÓÓ澎羍Ž•ϤݶӣӣӦӦԨԨթժ֫֫׬ححح׬׬ٲٲٲڳڳڳڳڳڵٵٵٵڳLB>O^^b%}e~ !@AAz++h]]++g YV , i6:=d?uYg5] c~{dIԬ|խ}֮~֮~֮~ٱจĔĔ’Ö迎Óřѩ߻ԧԧԧթթ֫֫֫׬׬حٮٮٮححٲٲٲڳڳڳڳڳٵٵٵڳٲ̦.'0D`8L\[%4::n66p`[_aYP5?;v}whiaZ[THHA>90IB6g_Pupbxvivp`\QAE<0?8.>8-?8-?9.?8-?7->7.=7->8.>7/OF:LD8F?4F?5JIAJ^_{CLD"&qeSfW6^6;NNnY@խ}֮~֮~ׯׯׯจ彍ÓƖƖĔ’’ė‘Öɞ԰ըը֪֪׫׬ححححٮٮگگٮٮٲٲٲڳڳڳڳڳٵٵٲٲذذǟK@8oulE[^&$J>>w&&e[Z][^KF9|bb|Z`acrֲĖÔɚɚǙǙțɛʜʜʟˠˡ̢ͣөѪѪΨγnXOC;:4OWTTaa9JNOineſ <FKZz+6`,^||^L7֮~ذذذذٱڲ澎ŕǗƖĔӒ֒řͤٶ֪֪׫׬ححذذحٮٮگگگگٮٲٲٲڳڳڳڳڳٲٲٲذذح׬֫]P?DUW=QU"<Dvdn~5Wki4*ʤwذڲڲٱڲݵ߷’ĔƖǗŕĔӒ••ǜϫܽ׫׫׫ححذذٰحٮٮگگگگگٲٲٲڳڳڳڳڳٲٲذׯح׬ܽp_L@OOYw| !((g88qa\ WZ^B ˩޶֮~֮~Ԭ|խ}۳翏Ș̜ʚΞϟРѡѡҢԤ֦ըը֪׫׬حٮذٲڳڳڶ۷۸ܹܹ޻޻޼߽޿Զî{jocUQH>PG=T]ZrO]Rfg 91><6, ^ذڲ۳ڲڲܴจ伌ƖƖǗƖŕĔÓӒ’’ėʢԲ׫׬ححذذٲٲحٮٮگگگگٮٲٲٲڳڳڳڳڳڱٱذح׬r;=9Qkpn((V**h$$d[[^U)2)$u伌ׯխ}ׯ֮~ڲ伌Ǘ͝͝͝РРѡҢҢӣեبש֪׫׫حٮٱٱڳڳ۴۷ݸܹݺݺ޼߽߽޿ټϳͷ|oROH;HHYie3i=Jzw||{yXٱڲ۳۳ڲڲݵ伌əəȘǗƖŕŕŕÓÓŕȜϨٺ׬׬ححذٰٲٲححٮگگگگٮٲٲٲڳڳڳڳڳٱذذΥvfQ /?A Q^_ Z [P8!vZǗĔ߷Ԭ|Ԭ|֮~ׯ߷Ó̜ΞϟРРѡҢҢҢӣ֦ب֪׫׫حٮذٱٱڳ۴ڶ۷ܹݺݺ޼߽߽߽ѵʼJOKcmYkd[s7-!ڲڲڲ۳۳ڲڲ޶澎Ĕ˛ʚəȘǗǗǗƖÓŕƙ˟ҫܽذذذذذذذذٱٱٱٱٱٱٱٱٱٱذذذذذׯججɠ1.(D[`k43-aR?xWI8 "/"?'"<% :!<:16MA2u˝ʜĖݹձӯ԰ϫ}ڶĖ̞Π͟ΠТѡѡѤҥԨթ֪֪٭٭٭گگ۲۲ܳݴܵݶݶ޹޹޻޻ʬlMQJs.*"u׳شٵֲֲٵ۷޺”̞țțǚƙŘŘėėÐđȘ΢״ٱٱٱٱٱٱٱٱٱٱٱٱٱٱٱٱذذذذذׯׯׯججŨ4AAPkqPjnxw|rfkbnaMfzӳȚƘ߽ӲӳԴӳӳӲȚ˝ʜʜǙ㿑ڶ԰ӯձش༎Ƙ͟ϡϡѣӥҢҢҥӦԨ֪֪׬٭٭گگ۰۲ܳܳݶݶݶ޹޹޻޻޻̨k/-'MXT7HFyZ׳شٵڶششڶݹ⾐Ƙ͟țțǚƙƙŘėėőƕʚѦٶگگگگگگگگٮٮٮٮٮٮٮٮٮٮٮحححح׬׫׫ʠѲۻ̡Σ̟̟̞ʜɛȚƘĖÕĖŗƘƘȚʜ̞˝Ǚݹֲ԰ձ׳ĖʜΠТҤԦէӦӦԧթ֪׬ححڮگگ۰۲ܳ۴۴ݶݶ޷޹ߺ޻߼߼۲جØn=5)geUĸiul-%׳شٵڶ۷۷ڶ۷༎ŗ˝͟ɜțțǚƙŘŘėƖȘ͠Ԭ޼گگگگگگگگٮٮٮٮٮٮٮٮحححح׬׬׬׬֪֪֪թԨӧӧҦѣΠ˝ʜɛȚƘŗÕĖƘǙȚɛʜ˝Ț”޺׳ձֲڶݹʜ˝͟ТҤԦէէըը֪׫׫حٮٮگ۰۰ܳܳܵܵܵ޷޹ߺߺ߼߼ݶ׬Ӧ̞ʜƘˬs`I>4'@8, eڶڶ۷ܸܸݹܸݹʜΠ̞ɜɜțǚǚƙŘŘƙʝѦرڮڮڮڮڮڮڮڮجججججججج׫׫׫׫֪֪֪֪֪թթԨӧҦҦҦТΠ˝ɛɛȚƘŗĖŗƘȚɛɛɛȚ”὏ڶձֲܸ⾐”ΠΠТҤԦէԦԦ׫׫׫حٮٮٱٱ۰۰ܳܳܵܵݸݸߺߺߺ߼߼۲ըУɛȚĖ὏ݹem[EKC5=NNqi1* صܸ۷ܸݹ۷ݹ޺༎Ė͟ϡ˝ʝɜɜțǚƙƙŘǛ̡ӫ۸٭٭٭٭٭٭٭٭جججججججج׫֪֪֪֪թթթթթԨӧҦҦѥѥϡ͟ʜɛȚȚƘŗƘƘǙȚɛȚƘÕ༎ܸش׳۷⾐Ƙ˝ϡТѣӥԦէէԦجججٮگٱٱ۲ܳܳݴܵݶݸ޹޹߼߼ܵ׬Ҥ͟ȚƘ”㿑὏὏༎ݹղt]N;EY]huX޺ݹܸݹ޺ܸ޺὏”ɛϡΠ˝ʝʝɜțțǚƙƙɡϧر٫٫٫٫٫٫٫٫تتتتتتتتששש֨֨֨֨֨ԨԨӧӧҦѥФФϡ̞ʜɛȚȚƘŗǙǙǙȚȚƘ”㿑۷۷ڶ۷߻Õ˝ТѣҤӥӥԦէ֨ש٭ٮٮٮٱٱڳڳݴݴܵݶݸ޹޹޹߼߼߽ݸٰըТ̜Țŗ⾐㿑㿑⾐὏߻޺޺ϭz\<2&EF?s{Ѱ޺ݹݹݹ߻޺߻ɛТТΠ̞˞ʝʝɜțǚǚƙ̥Ӭܷ٫٫٫٫٫٫٫٫תתתתתתתת֩ըըըըըԧԧԨԨӧҦѥѥФФΠ̞ʜɛȚȚƘŗȚȚǙȚǙĖ㿑߻ڶ۷ܸ޺㿑ŗ͟ҤҤӥӥӥӥէتڬٮٮٮگٱڱڳڳݴݴݶݶ޹޹ߺ޻߼޻۴׬ӧϟ˛ȚĖ⾐㿑㿑὏༎߻޺ݹݹݹѯq|]aٶ޺ݹݹ޺߻༎༎ÕΠԦѣΠΠ˞ʝʝɜțǚǚǚϨձ߼ححح׬׬֫֫֫֫֫֫ժժժժժժԩԩԩԩӨӨӨҤҤҤҤҤѣТϡ͢ˠɞȝƛƛƛƛŚŚƛŚØ⿔ݺٶܹܹ޻ɞϤҧҧԧԧ֨թ֪׬׬حگگ۰ڲ۳۴ܵܵ޵ݶ޷޷޺޺߼߼߽ܺٵׯԩТ˛Ȗ——⿔ᾓᾓདྷ޻ݺݺܹݺ޻߼དྷݺདྷདྷݺ޻ᾓᾓ޻߼Ę͡ѥѥ΢̡̠̠ʟɝɞɜə˛РҨٵحح׬׬֫֫ժժ֫ժժժժԩԩԩԩԩԩӨӨӨӨӨҤҤҤҤѣѣТϡ̡ˠʟȝǜƛƛƛǜƛŚØདྷݺ۸ٶܹ⿔ƛ̡ѦӨӨԧԧթ֪׬׬حׯگ۰۰۳۳ܵܵܵݶݶ޷ݹ޺޻߼߼޼ܸزԬѦΠəƖ——⿔ᾓᾓདྷ޻޻ݺݺ޻޻དྷདྷ߼དྷ߼޻޻དྷདྷ߼–ȜϣӧҦϣ̡͡͡˞ɝɞɜț̜Ѡխܹ׬׬׬֫֫ժժժժժժԩԩԩԩӨӨӨӨӨҧҧҧҧѥѥѥѥФϣ΢΢̡ˠʟȝȝǜǜǜȝƛęᾓ޻ݺݺڷ߼Ś̡ѦӨӨԩ֨թ֪׫׬حذذ۰۰ڲ۳۴ܸܵܵ޷޷޷޺ߺ߼߼߼ݹڶԮШΣʞǙŗ——⿔⿔ᾓᾓ߼߼߼޻߼߼དྷᾓདྷ߼޻߼߼߼དྷʞ΢ӧԨҦФ΢΢ΡʞɝɞȝȜ͟Ҥڳ׬׬֫֫ժժԩԩԩԩԩԩӨӨӨӨӨӨҧҧҧҧѦѦФѥѥѥФϣ΢΢ˠˠʟɞȝȝǜǜŚę—⿔޻ݺݺ޻߼Ø̡ҧԩԩԩժ֪֪׫ححذٱٱڲ۳۳۴ܸܸܸܵ޷ݹ޺ߺ߼߼ܵرҪ̤ʟǛřח—⿔⿔⿔ᾓདྷདྷདྷདྷᾓᾓᾓ⿔޻޻དྷདྷ߼⿔ŚѥӧթԨҦϣ΢΢Ϣ˟ɝɞȝȞΣӨܹ׬׬֫֫ժժԩԩԩԩԩӨӨӨӨӨҧҧҧҧҧѦѦѦХХХХХϤΣ͢ˠˠʟɞȝǜƛƛདྷ޻ݺ޻དྷƛˠҧժԩӨժ֫׫׬حٮذٱڳڳ۳۳۴ܸܸܵݸݺ޺޺ߺ߼߼޻ڱ֭ϧʢǜŚÙ———⿔⿔⿔⿔⿔⿔⿔ᾓ⿔߼߼⿔⿔⿔ęˠթ֪թӧѥ΢΢͡ϡ̞ɝɞɟˣѨװ׬׬׬֫֫ժժժԩԩԩӨӨӨӨӨӨҧҧҧҧѦѦѦХХХХϤϤΣ͢ˠˠʟɞȝƛęęདྷᾓᾓདྷ޻߼⿔—Σҧժ֫ԩԩ֫حححٮٱٱڳ۴۴۴ܸܸܵܵݺݺݺ޺޻߼߼޹ڶ֫Ө͢ɞǜĜ›ØØؗ———⿔⿔⿔—Ś̡ҧ׫֪թҦФ΢΢͡П̞ɝɟʣ̦ԯܷحح׬׬֫֫ժժԩԩԩԩԩӨӨӨӨӨӨҧҧҧҧѦϧϧϧϧΦ̤̤ͥˠˠʟɞǜŚØདྷᾓᾓདྷ߼⿔ƛˠӨժ׬׬ժժ׬گٮٮٱٱڳ۴ܵ۷ܸܵܵܵݸݺݺ޻߼߼߼ߺ۴װԧѤ̡ɞƞŝܜęęØØØØØؗ———⿔⿔—Ø—ęʟӨحج֪թӧѥФϣ΢ϟ̜ɜʠˤϫ״ححح׬׬֫֫֫ժժԩԩԩԩӨӨӨӨӨӨҧҧҧҧϧϧϧϧΦ̤̤ͥˠˠʟɞǜę⿔⿔ᾓདྷདྷ—ˠҧԩժ׬׬׬׬ٮ۰ٮٱٱڲ۴۴۷۷ܸܸܵܵݺݺ޻޼߼߼߼ݹٲխӦУ̟ɞǟƞĞÝęęęęęęęꗗØØؗ⿔⿔ęŚØŚΣ׬۰ج׫թӧҦѥФϣϟ˛ɜʠ̦Ьٶٮٮٮحح׬׬׬խխխԬԬӫӫӫӨҧѦХХХѦѦѦҧҧҧѦϤΣ͢ˠˠʟȝƛ—῔߽—῔޼ȝϤӨժ׬׬ححٮٮگگٱٱڲڳ۴۴۷۷޵ݶ޷޷ߺߺ߼߼߼޷ܱ׫ӦϤ͢ʟȝƛŚƛƛęęęęęęęęØŚƛŚØ——ØꗗȝХح۰۰֪թԨӧҦФϣϣ˥ȡɝ͠Ҥת޵ٮٮٮححح׬׬֮֮խխԬԬӫӫԩӨҧѦХѦѦҧХѦѦѦѦХϤΣ͢ˠȝŚØ———῔Ś̡ҧժժحححٮٮگگگڲڲڲ۴۴۷۷۷ݶݶ޷޹ߺ޻߼߼޻ݶگթҥΣ̡ʟȝƛƛƛǜƛƛƛƛƛƛƛƛęŚƛƛŚęŚƛęŚȝϤ֫گ۰گ׫֪թԨҦѥФϣͥʠʞ͡ҧװ޺ٱذذذذׯׯׯׯׯ֮֮խխԬԬԩԩӨҧҧѦҧҧХХХѦХХϤϤˠɞƛę—Øęę῔—ǜ͢ҧժ֫׬ׯׯذذٱٱڲڲڲڲ۴۴۷۷ܸܹ޷޷޷ߺߺ߼߼߼޼ܹڳ֮ӧФ̡ˠɞǜƛƛǜǜǜǜǜǜǜǜǜǜŚƛǜǜƛƛǜȝĜɡШׯ۳ܴڲذح׬֫ԩҧѦϤϤͣʠ˟Х֯ܺٱٱٱٱٱذذذذذذׯׯ֮֮խ֫ժԩԩӨҧҧҧѦѦѦХϤΣ͢͢ƛƛƛŚŚęؗęɞϤӨ֫׬׬حذذٱٱڲڲ۳۳۴۴ܵ۷ܸݸݺݺ޷޹ߺߺ߼߼߽ܹٵװӫХ΢ʟɞȝǜǜǜǜȝǜǜǜǜǜǜǜǜƛǜȝǜƛƛȝɞȠΦܴ֮޶ܴڲذح׬֫ԩҧХϤΣ΢˟˟ϦӰٺزززززٳٳٳڲٱٱذذׯׯׯ׬֫֫ժԩӨҧҧӨҧѦϤ͢ˠʟʟŚŚŚŚŚęęę̡Хժ׬׬׬حٮٲٲٲڳڳ۴۴ܵܵܵ۷ܸݸݺݺ޻ߺߺߺ߼߼޹ٵ֯ԭѩΣ̡ɞɞȝȝȝȝȝȝǜǜǜǜǜǜǜǜȝȝȝǜƛƛȝɞΧӬڳݶݶ۴ٲر֮խԬҪѩϧΦͥΡ˟Ρԫڷزٳٳٳٳڴڴڴ۳۳ڲڲٱٱذذحح׬׬֫ԩӨҧԩҧХ͢ˠɞȝǜɞǜęØęǜʟ͢Ө֫حٮححٮگڳڳڳ۴۴ܵܵܵݶܸܸ޹ݺ޻޼޼ߺ޻߼߼߸ܵװӬѩΦ̤ʢʟʟɞɞɞȝȝȝǜǜǜǜǜǜǜǜɞɞɞȝǜȝʟ̡ծر۴ݶ۴ڳٲٲ֮խԬӫҪѩШϧϣ̡У֫ܵٳٳٳڴڴڴ۵۵ܴܴ۳۳ڲڲٱٱحٮٮح׬ժӨҧҧѦΣ̡ɞȝǜǜɞǜƛƛȝ͢ҧժ֫׬ٮٮٮٮگ۰ڳڳ۴۴ܵܵݶݶܸܸݹݺ޻޼߽߽߼߼߼ݵٱԬѩΦͥˣʢˠˠˠʟʟɞȝȝɞɞɞɞɞɞɞɞɞɞʟʟʟ̡Ϥҧ۴ܵݶݶ۴ڳٲٲدد׮֭֭լԫԫիҦѤѥѦΨЭұ׽ٳٳٳڴڴ۵۵۵ܴܴܴ۳۳ڲڲڲٮٮٮٮ׬ժԩҧХϤ͢ʟȝǜǜǜŚƛȝˠϤӨ׬ٮ֫׬ٮگ۰۰۰۰ڳ۴۴ܵܵݶݶݶܸݹݺ޻޻߽߽߽߼߼߼ݲذӫϧ̤ͥˣˢ̡̡ˠˠʟɞȝȝʟʟʟʟʟʟʟʟȝɞʟˠ͢ϤӨ׬߸߸޷޷ܵ۴ڳٲررررװװ֮֯֯ԫԧ֨ըӧҫկܵxca-RELEASE.2.9.0/img/done.png000066400000000000000000000007621477156507700156130ustar00rootroot00000000000000PNG  IHDR IDATxQY m۶m۶m۶m}a=}VxUB2l1C#c6,NX(kHdn3\L!Wg`5q'}θ'Mڏ+m9*Õ -Ѓ DQ7aְh{ID9>HidR'}l5{n;;IL4'.zh|'.\GVo %T}Iw&%b2Ѝ4& j)ioeF9g_"x6" p ;k(FmY!W]R]Q= Q҅FGxU˪]  o *>r4#DY)HF+ֱj)L,"i-V$q%&UJs^Q˔ !B=)OLY,ʠsfIENDB`xca-RELEASE.2.9.0/img/halfkey.png000066400000000000000000000032751477156507700163130ustar00rootroot00000000000000PNG  IHDR(FIDATxV m۶mmm۶mF[PZsQʔU.2MGG홙畕pU4NiLL񍍍mmm===)uuu[mb>|*Z^^ Ԡ--- ɊλyzJlE7Օ r;_y7H_qq1222P %@5AeL>11֢"#HoMW_} IIIʚ/{1_b 1 YV^\9<O>ALI~WWjj_D^^d{tϞ=EEEB\ t4/ʅ"H$R^zm5Vv~AT/ȿQ8C .PJ?%%%w`nPmO?4a#*QYチTH*#iH%%}1Rc~ڿ_#<}矝lͼ^]_[;~[jT:L_ZZ*Q 凇{M ouuaJADޙgACc<_#:p'N^ݷg>;񵩩)LOOcvvv}~~ ϛFFF%A-[<]R9A-ETlSS*χNy-I1د G.Grtuŀ&41hf%#q#-->}-͠WtwO7z1M-'wgZfsᠻNNNHLsρr$Z+-y+I8I8q(l184abll ~PÌ*bqqD{zzMK.y - Ɋs5 p <2V {.Eji:=-h#-%68a``CCC1J4m۶=ʝ!!BN $hk Փ`fm0|n[aw UO('WOr ۷k(UTTn *.@b"'N3/`0EGrr pvqD D$(RwN'vp{饗~Lv _~y]wHNRrJkFkEjZ+xOyU't-Vb%hO}>lR(P/IENDB`xca-RELEASE.2.9.0/img/imgres.qrc000066400000000000000000000020551477156507700161520ustar00rootroot00000000000000 xca-icons.iconset/icon_128x128.png done.png warn.png bigcert.png bigcrl.png bigcsr.png bigkey.png bigtemp.png bigscard.png netscape.png crl.png halfkey.png invalidcertkey.png invalidcert.png key.png scard.png reqkey.png req.png template.png validcertkey.png validcert.png xca-RELEASE.2.9.0/img/invalidcert.png000066400000000000000000000032331477156507700171660ustar00rootroot00000000000000PNG  IHDR(CObIDATx͖t4iE׈5M~۶m۶m۶m۶mLQ69WPBC?~|'WZ KD_lٲi3'W\-͝:mOAv-+4l֨tIM7M.3'_-fzalՊζnM7oD:uԛ;f~7Fڿʍ,y_U*9On-M޾r}Joos6`lVJY[ݡm5jF.h^ܯyf zr9s1{^|ƲOlK51hPYt[@,nVί;|亼~*'On4Ӌ8=\7lDɌޚfͧoFVc2sr7}T :f(JKk`9~+~>@-Kc:]i|.)P~mn!N'DB`4k^x(¥g<~H{?qH$B&HfTZP y|?T|U;ϮU1CH)%>.~ /~Z:omwO;xpDVX2}h9Zywm.ٷo }LMKM߃W`ֹw#cG"a {vC1}@롨 c&pHUG\rg|UKe?]k7ń͛+]T,kg<_8;"ozƃ% qS3Sp>I`P z82p!22D5Xbo_21C*NR$5<~c D9f_x@b̜Lwtr O =y0>Ukš7/^zyP(8cPdh%>ǛyIrO>_|!+t^(rݻϦ8a~ExxiIIicCsXSK  :~݁A+k%YLrap,3x|/>rLe_caFHSa"1wN‘×vM! _|l%aSp q.%Ldx9#ƌp+ԡq bEB pH\ݙ;y{S2x==3Ct4uJ"W2 Oܾs 6M[#ӼysQ˟M1tAnnjNBŊ:^Lwvsy;wѣrG;ܫ1fX?Rqc-)LǏѓ'j͚5/IPNJ} uXl kyOF>7IENDB`xca-RELEASE.2.9.0/img/invalidcertkey.png000066400000000000000000000035101477156507700176750ustar00rootroot00000000000000PNG  IHDR(COIDATx͖x#[F;36mۨ_7k۶m۶m#iJyy3[ѣGf:ujO`׭[p/HOOoߺ _FQh7\0cRD ^]ۖUpU~4-DO7[b/OVw)eɮº{#G7un1]I9N±$֪n?޽~߻QawiKr )x>YQ:[w{<}|%@+ x$X3-[xq>~(!e ,^ "ƤIQ/[w2@`%_/R-odJ`V+,!Hf:ir߸l8崢F,BD !8"Aeeժ+h~O=Lm%Q\Iju4PBi>@Xɓ;x0>nsw(u=82٬J#[a$Aa.(FiZ'L=Ln3PڜmVVmRvHH>4"J)^[bb"E ǀAxt1R{[+oLFz:F*푚mj]Onr .B@˕+ V]ٴySgnIiib*tEWe$K@7dE@ )ZIIRy©RBU oQ`JRR2hZZK19_ t%ʓ+Ȧǧ/BG'Oób(<=k采˗lhhfC2$w8^* 'OH%IINܾ}FN$RIpQ_ ,9'NߺרN)P`pBS1<~ :A||ج9ˇT l.ooe ޑHshBg@Vtݻw[yi^O:RAX i V;SЦmǖݱJ:[#o99gHBܱkٌy)N$Xbq"Bydd kq[`  R-XZ"21&NƏ9Bx՞=| q˥l%$|Giq^3G ؏w b2i=Rɼy;O8wwQt" $|enr[/JIAݑD$ rswo裇ϟG @8X͒?ljFKsTjt8V ߁AӠr%gk=!=hPnnnQt̸itettђU?u*ڤiˆ9rƄ8K`B6X<>y>}=vDj֬(ˎ!Cw=,N2N6?o!;{Xҳ߷FE[ /%2("bN6/a܄_}kYP_ӤiC>|Ą=,;j:NdIENDB`xca-RELEASE.2.9.0/img/key.png000066400000000000000000000023431477156507700154530ustar00rootroot00000000000000PNG  IHDR(FIDATxV@m۶m۶T:۶m۶m~[W6{FWQz=78UlsMxt׮]K޾yf5Ϧ+Yd={ty~|qijg"^x͛7GslSNE۴i3l6ji4 02V M{ Ja3wN:n'AAXNg Z*gZ=dz>dao)C3 ~*zA9sܫ3Ƨ%FQرcPFkFNb(;,aL!"F<#_5X"U `B58&H+{w8l23䱒|$KPණDA rAВQaTddJxKՑ żrΝ3A/,Y2 Ici.TrpRQL, իWW̜93}F{*UPJWBJ6Iۋz%wСcƌz(IPp@arЃN0$U_$|F&444uw8Lȿ$&R-/Ty)#]r%ȑ#P$lyX^I}O,Ydxe}C 7o0 g!ݻw~ Baz8^&. ܭZoHYlZm۶()#B)oqƾWME~䏈H&ː!C5UV8poBgϞu_>dK(Q҃cTJ+רQ={o|4nx`\J!a8@ lATWPR )/&IENDB`xca-RELEASE.2.9.0/img/key.xpm000066400000000000000000000274231477156507700155010ustar00rootroot00000000000000/* XPM */ static char * key_xpm[] = { "64 64 222 2", " c None", ". c #F5F5F5", "+ c #F7F7F7", "@ c #FBFBFB", "# c #CBCBCB", "$ c #ECECEC", "% c #DADBDA", "& c #D5D6D5", "* c #F0F0F0", "= c #FAFAFA", "- c #C8C8C8", "; c #EBEBEB", "> c #F9F9F9", ", c #FDFDFD", "' c #D1D2D1", ") c #F6F6F6", "! c #FAFBFA", "~ c #C7C7C7", "{ c #E9E9E9", "] c #F4F4F4", "^ c #F8F8F8", "/ c #FCFCFC", "( c #E2E2E2", "_ c #BBBBBB", ": c #F1F1F1", "< c #F9FAF9", "[ c #F7F8F7", "} c #C5C5C5", "| c #E1E1E1", "1 c #DADADA", "2 c #DDDDDD", "3 c #D0D0D0", "4 c #CFCFCF", "5 c #F2F2F2", "6 c #F5F6F5", "7 c #C4C4C4", "8 c #F3F3F3", "9 c #DFDFDF", "0 c #DBDBDB", "a c #CCCCCC", "b c #CACACA", "c c #C2C3C2", "d c #DEDEDE", "e c #DCDCDC", "f c #C9C9C9", "g c #C1C1C1", "h c #E8E8E8", "i c #DCDDDC", "j c #D9D9D9", "k c #C0C0C0", "l c #E7E7E7", "m c #CDCDCD", "n c #EFEFEF", "o c #BFBFBF", "p c #E6E6E6", "q c #D8D8D8", "r c #EEEEEE", "s c #BEBEBE", "t c #E5E5E5", "u c #E0E0E0", "v c #E4E4E4", "w c #EAEAEA", "x c #EDEDED", "y c #D7D7D7", "z c #ECEDEC", "A c #BABABA", "B c #E3E3E3", "C c #D5D5D5", "D c #D6D6D6", "E c #AAAAAA", "F c #E4E5E4", "G c #C5C6C5", "H c #C8C9C8", "I c #E8E9E8", "J c #B9B9B9", "K c #EBECEB", "L c #EDEEED", "M c #D4D4D4", "N c #7B7B7B", "O c #D2D2D2", "P c #C2C2C2", "Q c #E6E7E6", "R c #E5E6E5", "S c #B8B9B8", "T c #EAEBEA", "U c #D2D3D2", "V c #8A8A8A", "W c #CCCDCC", "X c #D3D3D3", "Y c #E3E4E3", "Z c #B6B6B6", "` c #888888", " . c #DFE0DF", ".. c #BCBCBC", "+. c #C3C3C3", "@. c #F0F1F0", "#. c #E2E3E2", "$. c #E1E2E1", "%. c #B5B6B5", "&. c #D1D1D1", "*. c #D4D5D4", "=. c #C0C1C0", "-. c #E0E1E0", ";. c #B3B4B3", ">. c #868686", ",. c #C6C7C6", "'. c #DEDFDE", "). c #B3B3B3", "!. c #CECECE", "~. c #858585", "{. c #DDDEDD", "]. c #B2B3B2", "^. c #848484", "/. c #9B9B9B", "(. c #B0B1B0", "_. c #CACBCA", ":. c #838383", "<. c #D7D8D7", "[. c #AFB0AF", "}. c #C9CAC9", "|. c #ACAEAB", "1. c #9C9C9B", "2. c #9B9C9B", "3. c #BFC0BF", "4. c #ADAEAD", "5. c #828282", "6. c #878886", "7. c #6A6B69", "8. c #A0A09F", "9. c #D6D7D6", "0. c #AEAEAE", "a. c #8F908F", "b. c #DBDCDB", "c. c #C7C8C7", "d. c #BEBFBE", "e. c #ACACAC", "f. c #C6C6C6", "g. c #ABABAA", "h. c #888987", "i. c #9FA09E", "j. c #9C9C9C", "k. c #818181", "l. c #929391", "m. c #838382", "n. c #C4C5C4", "o. c #808080", "p. c #CACAC9", "q. c #B2B3B1", "r. c #CDCECD", "s. c #7E7E7E", "t. c #040404", "u. c #989897", "v. c #9B9C9A", "w. c #A9AAA9", "x. c #7F7F7F", "y. c #020202", "z. c #C2C2C1", "A. c #ABABAB", "B. c #7C7C7C", "C. c #797979", "D. c #787878", "E. c #B0B0B0", "F. c #8E8E8E", "G. c #979797", "H. c #BDBDBD", "I. c #767676", "J. c #606060", "K. c #626262", "L. c #656565", "M. c #737373", "N. c #747474", "O. c #959595", "P. c #696969", "Q. c #595959", "R. c #414141", "S. c #4E4E4E", "T. c #6D6D6D", "U. c #949494", "V. c #2F2F2F", "W. c #9A9A9A", "X. c #B7B7B7", "Y. c #727272", "Z. c #AFAFAF", "`. c #777777", " + c #3E3E3E", ".+ c #707070", "++ c #B4B4B4", "@+ c #4D4D4D", "#+ c #101010", "$+ c #939393", "%+ c #B8B8B8", "&+ c #5A5A5A", "*+ c #8D8D8D", "=+ c #666666", "-+ c #6C6C6C", ";+ c #515151", ">+ c #6B6B6B", ",+ c #5C5C5C", "'+ c #999999", ")+ c #464646", "!+ c #A8A8A8", "~+ c #5F5F5F", "{+ c #B5B5B5", "]+ c #7D7D7D", "^+ c #909090", "/+ c #494949", "(+ c #757575", "_+ c #9D9D9D", ":+ c #B1B1B1", "<+ c #A1A1A1", "[+ c #454545", "}+ c #8F8F8F", "|+ c #A6A6A6", "1+ c #A4A4A4", "2+ c #646464", "3+ c #A9A9A9", "4+ c #A3A3A3", "5+ c #717171", "6+ c #7A7A7A", "7+ c #505050", "8+ c #3F3F3F", "9+ c #2C2C2C", " ", " . + @ # $ . . ", " % & * . = @ - ; . > , , ", " ' ) ! > > ~ { ] ^ / , ( _ ", " : < [ [ } { ] ) = @ | 1 2 ", " $ 3 4 5 > ) 6 7 { 8 ) > = 9 0 ) 2 ", " $ a b ] > ] . c { 5 ] [ ^ 2 1 . ) d ", " e # f ] + 5 8 g h : 8 6 [ i j . . . d ", " 4 b 8 ) 5 : k l * 5 ] ) 0 j ] ] . . 9 ", " m 5 . * n o p * 5 8 . 1 q 8 ] ] . ) 9 ", " 1 8 r r s t n * : 8 j q 8 8 ] ] . . u ", " $ $ $ _ v r n * 5 j q 5 5 8 8 ] . 8 u ", " $ { w _ v x r r * y y : 5 5 8 ] ] 5 ) m ", " 0 z h h A B $ z x n C D : : 5 5 8 ] 5 ] : E ", " F G H 5 r I l J B $ K K L M D * : : : 8 8 : ] . # N ", " O P 5 n Q R S ( ; T w $ U D n * * : 5 5 : . ] m V ", " 2 W X 5 r F Y Z u w w { T ' C n n * * : 5 : ] . m ` ", " ...+.@.L #.$.%.9 { h l { &.*.r n n * : 5 : 8 ] m ` ", " =.=.: z -.u ;.9 h l p h 4 X x r r n * * * 5 8 m >. ", " ,.: K .'.).9 h Q F p !.X x x r n * * n 5 5 # ~. ", " n w {.i ].d l F B R W X $ x x r n n n : 5 # ^. ", " 1 /.h e % (.2 p Y #.Y _.O ; $ x r r * n * 5 a :. ", " a <.# t 0 j [.e t ( -.#.}.O ; ; $ x r r x * : a :. ", " |.1.2.3.r l 1 q 4.0 v | .-.H ' w ; ; x x r x n : # 5. ", " t w $ h t t t t p ( C 0 6.7.8.{ p <.9.0.0 v u d .,.&.{ w ; $ x r $ r * f :. ", " w ; | e y q q q q j j e u 2 q a.b.c.d.*.e.1 B 9 2 d f.&.{ { w ; $ x $ r * - 5. ", " $ ; 2 D D D y y y q q q q q j 1 1 j g.h.i.j.1 ( d b.2 } 3 h { { ; ; x ; x * f k. ", " n d M C C C 1 9 d l { | t v B 0 1 0 e 1 l.m.C | 9.1 b.n.3 l h { w ; $ ; x n - o. ", " d n q M M M 2 d w ( B ( { t | t v { | ( e 2 9 j e p.q.r.c 4 l l h { w ; ; x n ~ s.t. ", " $ M O X M t u ( d x u ( | p t u t l h ( { u 9 9 j u.v.w.4 p l l { w w $ x n } x.y. ", " x O O O 0 9 9 ; 2 | u { 9 B | l v ( { p l t $ ( u | z.A.q t p l h { w $ $ n } B.y. ", " $ M 3 &.C t 9 9 ( h 2 ( d w d | v t t ( { p h t n | | ( D 1 ( p h h { ; $ r } N y. ", " m 1 3 3 O M M X O y 0 l 2 | u t 2 t v p t B x t { l x | B u O 0 t h { w $ r +.C.y. ", " ( 4 4 4 4 X D q y C &.M v e | u l 9 v l v p t $ l { p { B v 1 M d h w $ n P D.y. ", " f.D !.!.4 D E.F.o.G.H.q &.M v e ( B v u p h v l l l B ; { B v p 4 q B $ n s I.y. ", " 4 m m m m 5.J.K.L.M.5.A.M &.D B d t B t ( l w p B 9 | t ; l t p D &.d r s N.y. ", " C a a 4 O.P.P.Q.R.S.T.U.P O X 9 v 9 t v p B w ( 9 u | ( p w p p B !.v _ N.y. ", " 4 # a P N.L. V.W.X X e ( v u h B p | d 9 u ( B w h p l h y X.Y.y. ", " W.b # # Z.`. +a X y t u v ( { u 2 9 u | ( t $ r l h { !..+y. ", " G.b b b ++@+ } M 2 v t | t u e d 9 u ( l ; w x h h { q #+ ", " W.f f b b X M d u v l 2 e 2 d u | B x ; $ x h { w | ", " $+- f f &.%+ s D C u | ( | 0 2 d 9 | v ; ; $ $ x h w ; w &+ ", " *+- - - - ( A | M y h | e 0 2 2 d u v ; h x $ x ; { w ; r =+ ", " ^.~ ~ ~ - a n l 1 v ; C C 9 d | 1 9 9 u 9 B h w $ { x r ; w ; $ l -+ ", " ;+b f.~ a - # 9 $ : ; 9 O X | 9 2 j d 2 9 9 t h h ; $ $ ; * w w $ x | >+ ", " a f.f.D M &.4 m 4 3 &.0 e 9 d j 2 d u 9 | l ; w { x $ r $ w $ x n !.,+ ", " b } f.b j C e j e y 9 ( d 1 q 0 d u 2 t v h w ; ; ; r r ; ; $ x : '+)+ ", " !+4 ~ - 3 1 q 2 0 9 1 B 1 y 0 d e 2 u p w p ; w $ $ x * ; $ x r p >. ", " ~+0 - f # q 1 j u 0 9 j y 0 d e 2 B v h h $ h $ x $ x ; ; x r 8 {+T. ", " M q f # X y e e u j D 0 e d 2 d p { p h w $ w x r w ; $ r * h V @+ ", " >.( C a m D j 2 e | y 2 d 0 u t t h { h ; ; x ; $ ; $ r n + !+]+ ", " 3 v O 4 3 D 1 d u 9 q 1 2 l t l l h ; w x $ w ; $ x r + ~ ^+/+ ", " (+( h y 3 O C q d u ( d v t l p { { w ; { { w ; x r + e O.`. ", " j.( w 2 X M D q 2 u t ( l p h h h { l h w ; x n > e '+` ", " {+9 { { j y q j 0 2 9 u ( B v t p h { ; $ 8 > - _+U. ", " :+0 ( 5 ; 2 1 e d 9 u ( B t p h { w : = n Z <+$+[+ ", " }+D D B ] . $ p v B B v h ; : + / 5 7 |+1+` ", " 2+H.3 !.C v : + @ / / = + r q Z A.3+4+5+ ", " .+A f f.+.P s s A {+).).E.Z.E 6+ ", " 7+5.!+.._ %+Z {+).4+5.&+ ", " 8+)+9+ ", " ", " ", " "}; xca-RELEASE.2.9.0/img/netscape.png000066400000000000000000000424231477156507700164700ustar00rootroot00000000000000PNG  IHDRkkp| DIDATxl6iƳTc*afTr03¬I|[-կ?I}߫jJuiRQ*RxEYnޫ*r<5dZcMuxY5ĜshU(OI/^_nz詧_}.V6@VdAᄺ~AMUKe)%Ue'oYFdj{CF!g=6sr={;Z}ik9u*J9g~iW]swߩ^jlώ_a\U)8|βiX[줲gYIs$ ۶%fA?n{;r'l+ {&vrc,ͲǗ5#å2x 7rߪ^Ԫ5X ;ddwVY(h"#q-x '^;|bi^yyF <4c-vF؉>2vI,HƢì]GgPxVߍZKetrXnVw_k?f{F 週6.2i˅2Uʦ|; yOi_gܡ4cGYEpmeddž=(NS?[½ܼt"|ݫ.56u">c!Q.T7R䪉[wg}G $4bQE$C{gg6@;8hEDL#(T sӶsd0l﷝SAe9{s̺xjvǟ S-Z;U d g;)M)@X%s2aܙ3p;ʙش 8(R"3)QYIeZ;ud?"zz|Ǣ]` LCg:Lb<;(| |?O;器dJ& r$ 0]vikr!u%ӣ(\"p)dFv g"q$@h彇ƨBV6D{^I]`/rHV%a볎}Iܣ@bf^1MRUYuAo{n`L7lYeB)<{M*>bHBdv3g"s>nJ5m#K{g&z>ΌHg>`|JgggBjޫхl 3+.m~3TVI9[o{ns'qȦe-LM2ܴS|ن2 sdzDGei N4I#uEHy tgQ E@vK @asIp_(\f }s@d2J@A9y-~]ϊq2L@ie)o̒+2gԵ/e( Eijtf4m㴜 Ob6rl}ow:38[M 2=vJ`|aiA"ޥ<QaiYcDg>:±9&l?aY EfT]r~I0RW#T/) .wX&2ц4a@ WY9GX>dJl1--WC[7kѡVl#2S}9*p|i1wg/e\ JDFb:!/@ byÞ0<ӽ?9|\EyXHQDeKV k8f |t#kD晳 Y}URd,48 Ǚf|>/>SQP%=qnbAE>N^*CKM $%#[N\"{f'y+7PCgj,JVغViD!R*J"~ " O7@,Տ 8w*qO`sHASPgu6,@gZOKǞz^PDfik Ǧ0 E#F,,a~ 7=V➹G}XhəM;qjfmΞpnZkIP#Gtޯ~eHFZUUF6O͂9pL|[OyE.Wt.Nw^܀uן"g!/<)Rj0u7Ԕ04U8bPU65G'6 Gk\wAYv@>}yRd9i2{W{,(*egrWCQú(9&V]*_Anb"OW-t?zٗUTOD+)c#9%hlEݐq=[(*SRlcASH /2ן"ëEcM_`D_^J}8>>%BjlKkע;1|m۶mK3߳m۶m76 앳z~ժʽgFdFyjz61Ҭ(MvPP @{MEz..sii]6gfQg lkw?"ԎN9Oz5or=nɵSH u}&& g^- hWUp^Lg8'R@$W1(y7pi'y4+Φa_#zH6F40*!֑\.uLG] ^5:1p(ľ p{>& 7Du%9cl;71e"LVfoyVN`e249!֊8P'sBx׳蓡?d4e† ׼5 "G:Rex3NBmt&,q_ sȯXŕl<.j[00nX)Pe8BGR|.rd'$c4/7Ux.{VB6b Om+]rd1¼򱒇Ϙg!Lk!YȚdsc,I9$9V@>Lr<]wfl/CdzU-Ӫh{7iXa:)bQ=v;&9*ec:M  |&կJm9rbt23@݅ r׵fI#K(fmBw2%b2 S=LgcTMaD2VWLDNcH+dqeNW-ZAXt6 :5+{a$ㆁ̬͞eGḣU.`@а$9ٳ{S3tJױmiOzq[?ORwd9 znfo2Py#X;!Mf^˯{^]OcpE` d͏%= {0^ |-Q Yƴe3I-q%AaV56< gd2BeJ!QhZ]C]HH9|?x?=鉸/z̓(Գ:Iŷ^{cɏa,h4x(6#F ǵ@齀,BUsρR 9xZ\ 7Y^xFG3*UoZ>-(J$f:^c17\iekK};g0E{Q,J HS=TlxH6h?zP K4)N2-NŤ~Ez=7-&mM5KicEYg|8>ZEZG'DU\G>71#cae9kjU~+A22p6>xD h'sV@ /`2g!MCsHc -ɣلUH?K 5Yt#… !(kx=$lZi~eΫ|.d:IQEB!,bq>Rh5@E/G?A.SGOd,˚_{pm۶mKڶ| kۺ33#b"6"2==Hk/U=T3=㜕gѤ H4X+#i`O@@|8%m؋J]#yc[]+gis_9 `6q|U^tsSX>eU@e;\^]R0jZ+wu=nØ GqYE`e{m4cDV=vÎ -+Ӣʧ5rگa0~J05*weW7`Wžo6SO 8 BwAMg==??Ӟ/6$~8E;;(WҎ!bN;D-e$==ޛe. (CuOq{M^rlw(lE^,Vٓi-74!=t8(R -i3[l}GōW,V%9OaF؞M^ݭku$zW9z4,x ӿ-Tf^pv2 X$#ih㒹T7ѿ9OL͎aTTEʦ7MFJqpŤ> MԳ?曾? Q.b$lG<Ɲ2'|G'bݰp@^C^FEH0c.U'^rQ8w>*4ʠYf_JgbPtZo .8}~iW0C:.QvH\0(|onfq3RnpaY@#q`>Q~J<+!mXe2n٤AxmF ~OoO#y`\ܰQG,:y/g+\NpXi+gkN4o?岒Fn]:: ,GQ;'Po=Ew?ݦwJ{U N@M!ko&J!$%G%䏚#[%dT&a;뽊k{6l^>zo?ü$x 5.x;?w{O& i&rEIV:X+1G .D!I=xS룶3;zVP]: 0@n- _'tZ9dq }Q\')h8pf6p'JYpR)X5Ƴ3;HHGs70~>~7%Ç"FXNG]^Z}fV>x# \*.DG`\)Hs3pO#HfB&kP/Vw-ݍYk_@kZǻs qՓ1ZSC<7'ƶez5c!ئוivV'Qty }O\퐘g]_<~g'xZcvOV; &!Fvbx 9nG5ʔz۪" |5(U̖ܽ}X]ߨ>QMh ƎzFS>cPbUӎ2a(!V G3 ̨\RPLo5hw&/,_9 7 Y|`h)3e~?ͼq;+,{+şY%ˣ+\C)"Xh+QK4G1xLl8 1 ϋ_bZ(i>>jTI6VX)Ei7*7 ڍ-VUnNYeQ>S"cwRĸ_Ԣ~:J=P=w_WHF*gn3uߓQcpg8O j<ןu M=Cn-x|׮qx ^>_9Ǜ2__jxsf;a$Saq7hRܽfW J]Q>"Wq0UTh] 3%{hJT\*S48p*/#p,ZFK`QP(펾pҕDUks X$gj:ëMx|8Rlj}|͏=?%|ڨOqܼp-/OM_x_%+]0T9q$kny:aTicjcb,aać$67xaiTs*[،#.7ʐO!ΩKQ< UwKɌKPVj䖎pHx!ǔҔNY 腹|U|"I2&7Pc_ax_+ԳšU4uz.ҫ6||<£7(-k*UQ=y<+Lci0nNٴP9-\mfRiIA)$zI1%T k{$b˪%Js#*R(\8#3V\v-ruE) L$^㟮#|/|Q=رЍRI,g>z|~<|OB.:iuTUe4V3m@IdjMq N3K_ZLb7#_+`ô=UE6Wq@k߲()Fi^"Մ/BOJ!%K07"!,їt(_4!Dzoy/]=\AFE{\^˪r3<%*&GHH{ n?$@+:O[WeXkjwNJAn̊5S `$m ,g ?V0,J osW'JUyk݌[QU7gZw!٦I%tR~~'4>'D訖Bx?d0pˢ!_C5$ܨ44c3>z>ZhDL uc(P 5yP3E{IpWHYU.qq0a).:zo֨&`b)Cr}B֑aMs-0w]q$watj0Ҙ{Eb97g$*Ѓ2Uhھi(Z:}zW%،4Z?7! ņ={'~ЇHcC[&%/(Dn?Er>D}dbIݲ^UсX"n rWZ`؀sYo VNq/."˦3$M  gA($#WEa1A :.7NQ3R**0Qfe6*}`,]$~:DЌpqm&}KAWr|G,Vo)_?'ke]QBN c#$y:;,ཨU&ұ8ͽުVU9_Ȝfjl7Jp 8?Q~|΂[\`~@΢#,Jv=>$ 7vNRj9WDi%f.\ܻF!#3~מ=999'2Tr3p-|~oF~͍H 7$[aZO aծ/bANPUgUEץc1((_jXE\pE 1Ά1 jFq/(Zj aFWsf PRJ?ju]i;A4CP vPiڭ{΄/4V+1 @qѪu[Xg1)ד>Pf8#ysQmZ(3O+oS"_8v.@euުjE6BBOF>q:Men0xܽy82IC2ߑ{uu꼢.kS~t~GW{~}p\ͫM?[+뿾rLкYalZ(mECp\\m0]L)Q3TH.9yp\0 E=",r-2^o<1lJjz#&(iE"fܦ!6phGn\.8;?gNM;G顽CJUsc|Oxg-K۱MTRpP gxG?g.oW$! x-{mF !02sb>CV[Kg$GJ'+qj键vm¨*X/[:Aŷj1KPA4@YnGlq Ԇw^6x;r[/qjq귬^MzDF2zEJ~Ŗq1ūʫPnn?\ge oE{\TG]e%}>Vx}0PD 7W7!8BA\ЂNOg]CZ ^NjԒܤ!*v7ySa`9C>UMhpa}#T ~iT*Fs<)y}@;[vihGSXuMNz EӴ"*2e|A&9d۽2Mh㉿2%)y5t@o<> ڕE֠f2IEbRRn#BKVKBD%̪zZ9"|dr לDTVp}"ۦbcs*u 3Yt2 X۶mvim(im۶m|(Lc9ecRZW2)ZSrٔR.cp]J٧k\4C@*=j^Iُ~2*.֖WQ炣tF̜j]S$E=C?Q t~;qաglfj\^(1Z5C3. ȃM&U T[U&nCgnfeBM5%xbQ/RZ6Idc03K^, #₃pNBť,4@,6ll:ZIL 8K8ţ("i$.4hhuX[ayM55UkV@iEOr'=*2r7M@dk$\Wb3+vѲaF s;q=Hh Xv;l{.=ll.ckkruu+@7lf G| :7a:KD¸vʗdb"N&aiS.k2PumT %(G1̦qtr# NسFȅbxOͭso9{! 0*!uKlaL(8u֔XBmNR>fkQid>i(*?CQ,p R~H24i͒? CsaCf}+"HMB FIQyoqhc!#iwms [CABppᰏi81Axg=!Pׯzo:JX^FE˨EA$g2p9CHpW'>ņP!t>U Ɯַ OSᏆI=x?(WL"\R7T5)!B?>Ͱ I'ȿ@I.ca}c$ 8 v"Y6 E) CDe 7ͭ-,mE&`>EXZS}|C`&7Sad!#4F251Y֪""o~Q,2~_̨N"la& ڼq[ǡJthl8 qF+kTjFŘɬ0;Ҵm0f.)Oq`4']Woo uaI<2ҘN}tj .#hq|["9%b@ .ZjSۃA°yy-D.RٓA:`*H/'&Ę:S˲$ WPWոV3hps!ω>dAJ\IXLH$""ř\#1Lv%5SAe@g.r&.R$ɷIlg\>:]pAB*A%O7#! NJ* 4vEzի^uN@ cba4;'9a"`)ռG@QtQR/^;:y"I_g#_E$2BMH=Tc*%# y 5`XgCG֌bO$1 m Ur@38LP:e {=u{]p\{YfbxBEueư=1[f[IHZH xݼT0(ZZ+0- h+ʢtBQgsKOlNG-a8bZrBcL*I)8봴~&*9z}}[=,P? pYoK)ف/dqG#n33G]+Kh ZgD.L`n[5z;ug5[ݺUpo?}>O2E&yl|YXیYk]c ]uעrWk? 7`XTyme:|Bjq.*ORmtvsHٓ`8`W hK:IϘ@omJ/Sgea*j6k}oպS6ሤܻ٘{hJn ]JFp%xTK+zr{Juֱ{uDnDa[oC1/WDH9.?RT6!Th:RQ=fga6f&&yi{Y)S#ꀗb5͔`DF,ëFxn^{%a+y#u60za/n>5+g# vN?ߚQɪD ҂`.sm-:Ĩ)Õ9B0p7nuzENB=./bI_ `pߩa ;UGpl.};a`956 UPuQ iϝ<:%kA+AWo-r3O]`u60_X z]^w-nزXa-J۩H"t#!{S–pu!g3ԛfZgNjh =H~K^"ɅӞg7p" 1xh1=(lDi "׾ ͩ%Xs"%;Fyj06An9 DM6~'+ᘩjAؕ(Ϫ4 {ZdcAx۶b8@`/32~/*Q~z:=eЛh oVv¿OC[ R)zFE}aT"-u]us8Y/ka1ڢ̀nF~37]wma9{v,% Q++9E=j)S/V+JA`ZbSD\^@ OMLU}HrW 2qw!Ed9h6W%-{VvO{(WW2ڇm:Ņg{RhHd֨A^ylafzҪϬ!`=Zԩ⨸\>Y1'2bZ0فKj}o/qjXoQ"2֓[0n$ 竍r}wUЪco!م}OǾ4Yۨ]/ygIENDB`xca-RELEASE.2.9.0/img/req.png000066400000000000000000000027741477156507700154620ustar00rootroot00000000000000PNG  IHDR(COIDATxHJ6Gk[g۶m۶m۶m^ zӳFRrV/f}TO]1z'^qY{_.ko㶫  @7wv>wu>U37̧8U/au7.wCᠽ6xgH8Ϸh8P46tH;gc&驙3\l.|qq{ ] Rp)B(Ļi'vܨ [*w}Zike_l* ӻws!iw$z#F 5zh,4TL+-\˲rihj *xHue{{Q]KƲO.).>{K90iu7 R2*%8#/2eIR`` hxܣ#.*%f}em/=DmxØț.#\p\gGRݛM[t*\hҤakB 0Dd˹ 9j·~a&7@ _*Koʊìj~W*Yd@`ҤZ&ӥưqlӖ=#/]gdMs@t*Aʚ/.KEgtl꠳s7);4 \XROXj5xji-ELDfs̒>&RZ, fo:*UYTbM~%M8X}L*8.JVScБZq&O<!TUGUU% @R*5Gx H0͙lK\ٮXRմݽV]`lꅌgp3ёٙg!J niIȏߙℙj`xoQp:`YbH" S^{ڦl%1I( 7o"έb} G#uaGEJ'N_y!&Oxȧ4%;OvJ$bLB8YQ<`XJBX&R0*,[p5+%t]E@AmeCҟS/ROzri 1Gia,W[mTWD&oM:&"9%E{rC.0W,  Ţ}yA-50 $i܅bN[dۥ+5>ܻ}%6 WRɦ0H9SGDnò|`6k׻W(kަ˞l$9]. hmMg{'xe&mD={ƣ#"f0ڮzy+{;C+3V릪ϛS++?b> d>Q7!4 fWzyI=6$*/ItH]VL򎍍݃?$~9_hxy-(^`|$Q:-%IENDB`xca-RELEASE.2.9.0/img/reqkey.png000066400000000000000000000032741477156507700161670ustar00rootroot00000000000000PNG  IHDR(COIDATx`'jCw߶m۶m۶m۶mۜnk%9yWڳ!Oe{%su[-7.WQ߈f4rxǎz;&ᙡ,XPF-y`o7+8jQ:eM]j֌n#?\w1_ ;yf! H ~¥KJdo@YWyP`IKڣuD]~Ih2q{O=khL!| El_)}v+P%wPZ!iz%@l*ǯ8#&Qv޽' jU󊢞/N%#1QIId^կ_%ǔ);X:i԰3.>zgMuy=Q24JzYmT+fZ<PL~xEUE'`Y#Ij'Ȳ%Js<6.r+¨iR97o8k ZSd#"YO<Ξ=+!CZ T0 t_ hU>kx;=ySbl} !hQ\Svۖ .GP @8" RʃR^O[gTQ!/O۷XAgPZ$;v3S'_1(v&)ۭB^_z΂3~s֋* g(5dp|_J#ڂYVbqʕS/Q~pBAvOԩTm QDUǯ>}s3 o9۝*{<_(-)z>_;,G)w`M1OHHxs֍c_4*2ϷƟ&c)jdyr|<\PZ@JF|;cQseȘV hoG8 L>!axBϧa~aleqq,>dt3[yzH0'[_ELo(>IENDB`xca-RELEASE.2.9.0/img/scard.png000066400000000000000000000016371477156507700157640ustar00rootroot00000000000000PNG  IHDR(COfIDATxSW~{fakڶm۶m۶m`A}LkBQ R] F#@7@<]XZBtB1?XG%}pwUS/<ܔpsQB$8M-aB|R0=jeyySasojjp6hv!;h"oA[j{Hٹlmm>0>> Kp 5F BK ڀc!5HMzmDf";b#g` 908#s8 šV+13jVt-38>>%QX\ SOݨi?栊VM`m)V(1|t ҃ˆOc}*0&̆Ag:p,lO DT&' w ku7t nt(R8KIE' B̆PAja(5۶mvIcY~y+ck9G~BDRI笙Z6q`Bb1Pki?ȍǻMXug1cOVĪgbd-ƓuIENDB`xca-RELEASE.2.9.0/img/template.png000066400000000000000000000025751477156507700165050ustar00rootroot00000000000000PNG  IHDR(CODIDATx͕$Y|%xm۶m۶m۶-m۶=Vn|_A)^4oGn޶a¿=|Pn6o T0m<_D7:{=mW64~to=Sz<$.QQU6ʝ+Ń}OZ\ZaLH^huIr89q6{{V>ޠcU+oŗ,Y(%!3CBeW)^6ȫV4?994U-rt3f6gT`cqKru+vha^^9g֤xM /LOJN篾JAjj:y<3> CE(g(5&FdmO? lFw۱+Bs__R"iAl%ʑ#Ҍ2o6mfT$[T ) [Ti_}ڶ] wtR)fkhQ=z5>p]Se^p™X* }YQP!x+@ȸ,0 $'gBš0L'g !ʗ-Ii'{K{tA3j/[t=brXfr0\ .bSS}eP Y^3㒈GII)BJA_ܓ{xhPrq3Jm{y9ܑlV#Y8oٲNƷ+Uݻ53JESF8S0E{:l٦X#!!qSՊPUUIU9,I$mVزP+L&44jwXS7A$"MK†'3IιB VBŶa*A0M0 \ΝԥK238Vak',]aN7(=zq|N+l69>Fp 0W۩]:;Cmg!xybGLRo/Y2fPQQE.бc|Mޱy͡CG)瀠n2H7oun.5#]U//.._J_FEe5}6 $C WnW+<o[Dv ,~+)QQ.$ CJ]B$瓀A&EcaJ7w{wha|4(23άSGNeo65 <{*GrT#z3H)u7=%Ͽ5o\r߹q[^3wn5g}׬yb;xS߾P $zdy'1*)Dz\FGQQr~DI@S:])ʧoD4&z'U5Ǔ51!ANIM|>9XU :7r\d'36d&'BrBLcvDc*!kM4zoE;4нIENDB`xca-RELEASE.2.9.0/img/validcertkey.png000066400000000000000000000033641477156507700173550ustar00rootroot00000000000000PNG  IHDR(COIDATx`+IfdTJm۶m۶m۶m۶U#IٝlKrlIyr+}3&u_vj[I``@yxX lȡ84M?5P;~U siAij;zv~Wl55,!aG2eL^lڔNC]u󝎓[n˕Iָry㮞[0thK#GFBO6\-AAV)z;]^ O>eb(#b6Λ+]&bXQ,)m `n7|ؼ_p0p$ERnנA;X'c^$]GrQ}u('sz-2$I 2Bj呑шX"٦9zָ"sl"3RpWYX6duxfJᢒok/C/ Vc߾ڶmGmێ^N?zZϝ"">^EdTZ0(M'Vc$A0ڵ&|({yp(Gc3Fҕ7Oj tR&N*2glVxhhd;w5UV)>CBTiMu #RQʽ?fv Y&Lx||T%(=u|%lvGLTVbm&=gRD\\1 B3XVI>{&].l(VQCQx\J ܃u +<=MFELO_~ Ǐ.q$+VySgĽ' 4ܼyG޵r-9$$L$n1HDŔzJ"B|8p$dWSougbT3GGǩZ"UI[lo #WrBFGsQdB(K̦߾!N=m>d2q]hHH8#^^ɓB4)LE /}u/C@épwW`6K(C 0#ٿ'#}M#^T.'ӽGoxN.46Oi@D"CLs.s0'dF _^|#Ȳ7o NiJe_cs$!K2epw?g2P@a9TK,r!B4@q1W j!Ӄ_GGG~! _CJIʥ(IB‚W?-m1墏b$ gxS\aOp_QliҦ4-fÇ_CIqW7ɴhS n۸ o`$Jr8v!cfP*}8 K[ Q ( /BHp!QHԮC\S 7a2m>=wyg(3{FmL?v.ŘgWRR ,~^O{ګ О a@42c8zm'5p> DkWL5ѤJ Q) |UЃѯ_S@cZI#KŖ׼Re4PRIX)AA^&Rfj0J-Gzj S_aBrh8))2%b6m5)Hj\PbBAbp0)$Jn34$NIc@7;j%@!,IOzAV FKX&@͆͢@V  HJT$I;Rl 7P71|S uZl%dۂv"<3(3z~Iz%~~d z$հ[~;R}Ib?eN~r, 'I˒-b&\%[ !qmATź|O E\|K?fMc^A'֫Ϭ-dr-؎bQ5["T-|26}j~=hŻ(w JDܜA+沸ͻ =j|yoQm욛Ӹ 'ji==U—MyczyZaiCCPICC Profile(}KQ?GC EA-Z d46-S Z4(8# ڴZZi][m(h?k2LhE=s?TeER?Yp`^ĪN&?6olrUS+x_w&1ΚhդSQ[b^,_,hec}RY"6Ya\`;\֞27 !8f,j( )U>VukZQ.|qE`h`~Uw^okb|hkK^_&$;.^N w .V!Gd#sh 04;kN:Q\#W#ˇ5_#Fwb(8eXIfMM*ikF&M,;IDATx|\řgЯsOwOI( ! 1{罟vgnv >1^[`dHFQiFs鑄E T߫W5cf100000000000000000000000000000000000000000000000000000000000000000000000!|Fdhb[Uq ]VHתcՅˮ> bY'_Ֆ{hL6ˇI+-YPQǂyne5)G;P.jZ dk[I׊s]ݼe7,YdQ57'mΗ^ƏEZ0݌O^2S1"*qh O̿Sp̖ei55W7,Ɋ"1LppJ RV֤a:4Uu>@7rw:l9ymm#%UKI*! h4N_`q^F oAu}޺>ghi_\^^Ps\$Y*3o;~Z q9[zZu aXUUV4MUx4_gUqe }YwvuqƥUŚ 7u#?Г,07 2>9ɌXC L|k7c{Ć<>=s9Kf.ڭUkV֔] %{+F<􉉐oq{]( alIuk%yyT4Ee7,6))j{{_W?s$q!^'[V巾ry5v E3~ϲY &c}}, C!8:8/.Hҟyȇ L#y,?+ȟv'Gܪ9řNf, l KThaDc:`Mɳ ~b=,!\&n\L";oEYzUT7+۶..Sh42!iE7>_ԭ)9 `xr'.)fCC,0<`4B,E MH{< w(Ċ`"?"㲎USr>0<:|٩m A ([mN.+QnH)hu0Ï޽M? 3 æ?.Ɗ{TnG?Eqgoș3m##ccؤ32R{UMO8$x* 1UX%9d4F17-(+Y2wvaJ"KaAEhhr%dǹ &#, KE#+*cȷ3r{u{wP!\|Yـf.K Њ\:謘l17~#j,+VxlY`ѣm3i ]<+o}twGAN%-' apN߾l[@QdN XVQ7!#a6<<a[e CVU5@? <K VK00` cmKjl*Y- ql*sɡ%b SՉ(85"K?~ڑ֕Ŭ1n{'0[Az&10/ݴ\?;t*UJ w>3<;^ES}rt=j\#?ܺ Ct&F HLnXmvuX~t(A#vf H +UD(LrKJr b"VBLQ 2j\LB):hK%/apJ$:tsfC@0 "I=@E'tVQo`LB0FЉB_K` :R!kW9:&۶T~L,|ztB64.;4!/ 3d‚g;AIq%WH*|q0PA\bibEsI|ݏèCmBST9\Ih%zl\^pt鴥LL8a(+ }nP\0 t\%K n~__g~ro\rۿ_${*3%t&#hC55Tz̹pX 6o@i]Ps]nåA(4(I5ᘮ" ra^ {e|<8rLz0T";j:Ds!{<8$ҝ >AKJwwrKaa b#6 I:vRBDA,Ɖ p)?9Z֎Epbpq;݊QjB$ա}<zI۹s/S7x`"`>b& -h>2ST K--CJN<.9I *AL?g+Ŏ1ApH 7T`p.B;bn{#:"%--% pg'/߲̔,?+I4p~_" O}}UwT.H6K~[T_z7.8pDN2,QXQY4н G4YʊuREl].oh8bdb^h;vegg/-%mttGК" WmHX5֮]ٽzhV BCo&mxzUegVQ1b<c'JA2uC#~6sA.0ZڃqĒL?[OpLSڞ ]1?=a ֆ"[6.,+^q•Us}j-XFwTJʊaϥ_d"9$OBzUHm@&(--"Hii~zvᰕ,]L_3 lߐb#J~c˗D[:adV[[{[II1ih+`0:>&ɩZm,=7װͯ12&gwt6<f /VE̲t0쿐:h :O`ݐ݆9Ѯ}7n^a E z&n)H;544!LQ߱`W@lzB'70rWY2TcRk[/CY(|b$+ױD$fx 2x*V) Rh="b{>lh>nQj1 7.BB0pf\;kuȗb-o|=dĉ܎C[3{>pn}2c HD"vD004gYY"D())ϛ77pPdeӦX,i!D1^i;wc1T`<ȗFhn$@$AĿZ5+~}(PYYl6fӠ7Ű> K``ZM%z2c@B1}/{Sރeguo`y0Q#\N?A:Lr3s ȴ0$i&6YU6+NRIߩ,:;ot&,>6:* iS1sa2A'ʋw~",S&Dc3R ͋'@.R}/;_(+3f#XK/ݻyt\q7,6~K}&}:6gc!q?rt%GN1c0jZɛXl"C'/^J(yL~ڥ3<2J(x`O:14}&N>xe65<+:-K5"ڹ8+A Mɓcc4V 4\7/uK ##MY`NhB}0JNm]|ӧ=$gHӾnU8c;< O%C9/̠;ҫL*2@OeeF7&, ŀjBÈ `[1G+EҌQHTkkZUU^ooBE`ܹѣGN ɧq b %?<"D[H6,l†">Z4n\xjK̊Ȅ_K!w $b0TQQ 6CfX~⾮nbC[ϝbŢێ@TN^>7 $T'H05iEtQ "|۶SgO:l<U=wU HE}*މu۷ﴑvQLw ʇ3xJ% tC#ضiCh0o]hBT!"J-oZ'21hFώi 0&ZI5F>j[Z#;fṹ9[ G{-W_6!sQVV'A{m6;_6jղ(E]N| x)筷n Lb"35%I_;9=)H4B]BՓɀF CZ H">U8rs՚I.vƊE0Nfuu/|#?cϒO +^"a&!ED` +A2k#Νׯdee@I &ZҞ|ƹ#33ՀI%E O#hh`ij?ӂ\2ņ( DHVt0X$^)<;qEci펞" elPq"s: Lm<7Mq;ӂ7:*0T{.6,xi[Ni1D8tF:Y<Q""eDRxa$k4xҴhs{r1P|,QfϮ#|Abb˄#I\x0Dsgr/{vHYN¡ÁN="J3&37RzӑŨɒL*A:24e}HYND V ((vؼ~JlnvkkE 2MksMͭ'.,x4k;~^}4獦ʥs,CAT0QP"R`2$#ԞFr1>7'?tNa̭6l2%OU#3) +e*BSEM^#9PtL|F^^g 6hqMdb SFjvkTI_z$.Uö3t"].h&CA-rA=C5}ϼGxrI9,GgSłsز⡴cU+~+JsA.{׺5Yp*3-Xc2"{=p*~ަH~%Y7.nZX1MWΩB8P{  Z)΄Bp 8W),JQR)hU#} @WVD,i2gI9גGjG5QHơHI1C#3 @y#ڕbmm/<mhrөp܊X .v%:Ӝ/?/u|5Ɗ$)gGX>(~aqIP@zX03+yRvQ 37@sd֖[ͫp,\X/)&4M` )#y41 I>H ifBAd FgĽ(tD DNjܱc_َ؟Ebmy$QsY> $U+) FKp*Z=I0g hs`ԕұi""dyyqZ[45,`Ey^fWڭ܌TlCN9 R|2l"TTjR džYu&遼_;8:=P?HSӭ=544{Dt}E}*t/O¢t95ixWJo@ 6=(R&]U`R@E~4Bl.1CDF Io2Y&~/4Z!c+%D:+ P +AB J l3xD["N3bSS%i=. @ ` \iV$"$`r]`m3߯~8.l%uOA3bZ" tP` 8 &(C >ǻ\^T}=9{1=/'Dm "V ޞqpp{`)b0`OB| ȅo lbƃ !)6)~ af8yW#c_7`W)y D FbRhUzD٢ 0I<_Q}a2V,$B`3.V$Ùj4> H "*.`ȿވlYF>TW$$%w40 N"iJ+fQ |Ï_"@FAUHPP43G(}yWobv}QJ/ЛFTI)g@+m(L Im%(W"@%tK*|ď7I?r~I0 $l/8`li *%I1||̇qWd!u pF;c#Yt𬛱Ol9zk!تG(9ې3Kk p] lǦ$S4aH;V'cϣ0Xϰr5rd7e?X^a/M,YEZHZa3\zY?ioUm(I͑ 6'č7ü# pL?Av V-`%mRX`_/I=`m|/ˑdlBI+Q}&nDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD#VJwIENDB`xca-RELEASE.2.9.0/img/xca-icons.iconset/icon_16x16.png000066400000000000000000000010211477156507700217770ustar00rootroot00000000000000PNG  IHDRasRGBDeXIfMM*i4Uq{IDAT8c`#Ȅ ##78 b M@5ρ4 jd3˳7KVr5Lb2@d٪ rIb@O ح,?&~gaO&_W&~m̀PR-+2VukZQ.|qE`h`~Uw^okb|hkK^_&$;.^N w .V!Gd#sh 04;kN:Q\#W#ˇ5_#Fwb(8eXIfMM*iD"8s@IDATxWŵ{W@  "PcXŒ}I11=3vWPQ)H{g?ߙ[D|;0;sϙ9gΜ93?>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C>|!C?x?Q;C@-þ݃Au7>| M]݆ ֩WT*1a#'7>~G=34w[*(?0#Z5!v⋵=Y32쳎6n p'LNe N[o daă'c{i0u9dž?{d~:C4/O:N:$L=;O~P7[@etm޷wFq~uܜ̨ H^ xA|XmbwaP'? D={-Ӈ&ǝ0zffhvV|`c*K_Nmc[ݏX S f~ Hw?TlmJ9ۗxLFVeF3Y{8)\l+Ԁh:ĭ C)]6e躱!r ELho|_:a'`@)ӟ|cV]A 1X5SRZ.**5)sSH>”Jዷn/w'j,ޯm8H*jU:0Ry֭]Q>n& R!VzfB@jH(M]Vx!+֜Ai1Z-jXW~E0Br7m^v_7ޘ%'Xzc{5S3|1d]fX$A8{ 7H?Oرw歅O$v= `mUGSVͨi HKcVp`5Uv'74|Bz-zľuC:rQ18/lvٔ O(LPk*L"Na;Op;O%|<=跬7FW^5c9n0I 5C, KxP"ɔ/7PfR[/;='x\"7/[?B(֮@,x}e4qWb\`"(q;on|C{۶ikW7ee `lj申nIlڼ;pD8L' P^T$!:I'%N"A1UŅ (v"o4k6 +)_x1yw̜,q,Mjd<7ٵ׊!Ld"|ɡ]ykֈxyvFQQW8h|wɸ+Nj<{İGs! DC B"4iB( A6-Eg߷۟ħ P`3ڋi2\=n{֭kuL.8(vzgd8 P{7IC !q;2Ap@7Lis"=Bnjո^=tv6{tV: e_{ g.]]鹗;sx'$$ > ;f?n/II $V #Af8<q)bwSNvz*ǯm%|q?ɩ\uH $ܶm!C-[QS &ݞ<-S%qroNmZ56T4 @ "_Pd@NюN@4 wd2!{ k,x$ *ժ.(l{(VއзkghвUhܠ BEwV\RYhE؛'N:_ޟQG f&E^9 )'JEMs.k ڄmh7e,1?3NdDN wye U67z5] :%v!3jl4VC=~d#~Uі-iB}-tNj4q64Խd`&y?v@aD`roF|EL`oi87GEcH* eeŖo2{zYyy9@‘P82R553ZsYKZ/7.èiNJN'rYAw#rtU{A] s(4xָFKN.g-atl>]Z#"$)xvoLǣQ4m㕫WycԨk[|*t n4:x`6?+qA}_L2/}9t[ed;[p T2&Sp.\A@T*Nt:Apm&ae<h_ת~v,v;v'MMڂyH>!͚6Xn{ahyc,~H U]N H& /򳷷AzRo߳b.̝ixr~Bm !~p։QҬ~@1Cub/i2\p:^$" !fٓ --g~mPӕD$Ss%Xb/{P4MRkV1bX^4!a w>q/:2 '`.J` hu naFlw~~*+3! TJ&h̐=X'7ĶŞ՜O9,"`{gwځ}R#z+<"y8`i}F0 ob~ I ">@J5(b]QQ|m7ܑ3zo{Gfbzw3 ^ĩyg3Al\([iTw+Pgu( ϨVMw~Pzhem|bU|CPQVӗ=K ;m~&[2mv7GvcJz?<:];'KX]  @L !݁t]\@{ǏZ3~`0TgOQiYYy1wn***RRRa?K9VD >ǮTa7Vܧfռ=Fb/˦l![ 7 jR׾]ӌH$24 =Z6Ѧt8NefFM!BEG.7uWj"Rz*j]HnWoŁD қp}sn/dט(_%'=Us|=17rhY+(s^ng|d‹ƌ!^7zf0Fȋ?&QzGrpnGNQH8PTD! wKKJ lvnv))***3(,ݽ{O.Daxqqih4R-++#D1)S+QJ fS)5+oۋ+yDpbag1 ucp]%0ߡɞ=ڧPr ʆ23h$ G_(Jax`߱U]ɕ^ /Eh}(r.1 x^+Oc/9IY*+\X~kQpS0}T{*HQ~´9ۛFRZm3_ `Wa@W2o*(YHQRt6lvثθY`3ËN0u/#?}lW)ʱL[7K2"YaYy!zk,+imըA"O/B󝌼7'{wvvfF %A~t )xx :-tfkw!3 "El!k%'tj 924P!Ƥ۵ksoe{!%eXoL3^mVlVﭔ!'By=NZo+h]es)!ϕ |kF!J-I3Bw|WСCp%W": Gũ]]^d=}} wނMnߤu5+&OJjJ =ݿsV rsv9: b)`@W.t}vb/NFhfdOa ܔH 1']@EEE&TJ:,AܐD4@&- A~p"I<24Di!1bBMP<#ҝujV #$kcbihUar D/+d ljVu) LDjo5kn\5k[ɾʑ8r_y#1hG154/)E/ǖQIdZ*t'\g?át_+ iG]SH] o#;@KKƮЛ . E+^tE 2xNo_l2a7s0%nmfبW~!Lth49fc\ߩ[mѢ „Dʭ˯_K#l@ct(g1"V md^Bp8;NNN6`=l}^zN.al'9i;Nz;`¥ iR$p5DS-ŎkqO>u@Al gM>Apeј$5E<BB4n h=yBn%ʔVĩTGxj\4ƉWNi);Qm.]ZܛW y @ e%\Rks<ĵ)BC4٧Aakߔ1G=pˈ2A̶ B\h\׸$ 0X ܤI?)72 ,q>Bd"БȝK8TD$~D"d]8}!v S䲕 ~ }ae)7M #ŧ!Zo (FH֦g~-CCFP뭐UrZBPr73> kBurKXrZ@##IybE++aKuH)q}蛷>t>{T$8cT;$7U̙ nڴk*Da}f/"R?Y$I#;ȁݲT<թhъ4Ka|'($ QslZy05y]P *˘e KhD|_ kfp#WVh'`]$ e5h`T= 3H#A6F'@5aL83TgB0^҈ `͐f$ng ߴMo}(Jv0v A/~\+Xt!bӅ"XJ?*UN˜pӔ~N:UW ;OM3uEM[Ґet Y!_2/-[}sɷ掅k{Bg" CFijCG ٥3P^UFbN^bE?Ɗޙ<-W9L'>rdtFFS9_e4f8mگ'LZI#ރhICQL:!4f#]ObMYGtұ}smkȼ9fORk6dqF VTޟ6/\S&b5m(P|s{bs$8{1Ct$H#khUjrakɣs YN*KYaTZ \deɭ /i[RZRXn6qjQ+\,e-ˮ=;(DraKg51,@-R|Ue/<4}ŁF Y!)K x߽=4>[7;wY[Q{X (6^nI?z)"c~XUV~ێeypzSDF1.[W5E?ቷl5H;ܔRO+Wodɺ"?fpVT :9uM%с [`aCC*Qk'V*VH_ d"]\'NK|jղY2 '&F)E(Fe8Ml$)bLL^.l9t9[N TMeOWژU%سgoPEfpBSe,TWq88bV81dhu`w8+zZDm@|"yKAdb.Sз(eG޹j 4nY?̤@߾=R6fRV" ~K/}$![spg$e^5ثpƚA׈Qvݖ3Pj5k0ăi+2)&|R=%!K"y9Sh?n[~Mrm `K&mt!}yDjtyyR[~\ŭ߰}bfee)e9Cޙѣk%s}}"N:8 V%pߦMV$(kSAMψΛ$ܶmk }5Zښ4B{>CIk5e˦+V>۹;B-F<ҭOTǮ&9&7@wct(A6qKɵ Bc $@ d\^}!!)*5 G siӂ]9ɔ2![]ӦMӢ N?ՑĈ]S7wu0tfXxeV'x%2STRZY~c q6j2Ipo8?3Ri @O>YZak=.`7%3@8D@Bog. 116:R%lt}]~睏lݲ\,{7f} d*Gt֪UB; ABLZkWqD3Ұ>u@}* ŶȾ}׎Ӣ-1e|oGoϵmԇϏsY%lܐO~i fj9ٲv2R@q'i2 }YҽP(x]ͷTAjMXҜA rNecoTMQD"QG SҏFX7u0 ~%_M`Yfݶ[/о9o~D1T`?.R RjSfMo;3DkVyC".=G1ATiߞ4h63vc7ldUvI\ *^>[{H^!8y`oRz*5 ' D ҙ;)WABJC ؐ.?4ͅӐ&aO”g1PHHw@OJcD'DY,M kF;wziѢ)_jDJjډ?i +YN@: x1r ŎkPpEmӺIV ]  RxBR !g(@\~ A)(@Fm[})" J ͒܅G (?5th~ի[ڵB~B) Bj_ NsψhYR>ȪXxԩm^oVѐ9cǮ̌|25:AKFD?E3Bڽ3оmbڬ9հ( ^kȢgPAmgZH a`>Ȯׄ4[l4e ;A2-x~d28I~xϾeuԀ uwPNފkCs .i}\T겎;vsrLҠCZr3Μ9E~,Du8 w>ѢEاkEW\fB*{q"H^Oka_.bk,K[OЎ>\_,GT yỹN ֐7 ErBEph:Yg(V0Q`Gc ѧp:wnC ϨVOQߴiǶɓ"}wfjF;_< ͔z'Pzйݻ GdAlr]Y`^ u 8kIŷG2y Ʉݤ!^\zB\ ߄hsQ)꫓2zLNCo۶erz%"jڴ Ś7o1 "oB}w2;vl0W>pᲈ/^"zN;wng."dH'^*,, x/?G܊QB>ڻle*Ֆ$t|3ƕK۵k]p N1QNFPH+!f"kVYYnݺ^تyb%i91 n;2=k O9"{En=HMXN N _LXw|L=|z3/"TyQds$\]{w򳟝F$d)%c=1TQ^";X`;)j<{"W_~νD`yx}~U&)p7c !P鄱91B(꫚3E5kܹ=:B wMfm /)3eqRVd3[x7@W_㢛n?UWixFB-[V+KۂIƄ^?_f !s#x<3fv#iCv˙>h 9g͏@յ[<^}- Kof.Z42c82 ֠~j) sRK ViQe?)poiP?umz3.`u+u\Nh \MW!b[2H7`[7*L~;XŮɤ=唣]dϨvfȨQ} |?0;@XwM;IE,Nsbn8+"0'8gy\U1@1d‰ԃfk*Mb]j]hÆ-rhE~SF {͛w6OkhӦURzZHGO?}liE]=v)XFi"cxʼner^ %bU믿q3Ӧ ql#27k${[׫C+LʀC{Ω%Q1fMINʔn̘HFz#xmNddd!pus{p1QZdwߝ[t%ˠE|\t-<Reޛ)~waQ`5 {Af 06+KOYM:*? x ,%(ic' "PY+ig{yGWZ@ aC<jsPN*/HEg{`_,IϿ<}˯OCcvnN Bs"9XA^( 7옻F=?#G1&S8LT&,$[e a>l]q}$=Xa=W^~;ǔDٺeeFyYF;vle{CÑ dq^bN"- eJ@ČGXA/-մG!ޤP71:H턨Ұ(((H?+v'@{H*8]~ZzN Bz"YPץU7K'J@0VCm#ذT꿍ۤ= VYB "Y ^wݏ]rWwb wRW,T=?a KPhb`3R)-h0/:n@68(cHt很עSRF#G] Z;-i%ьqG\qo7}` y}{tEh. jn`Ѻ[DS14ƾtγ/L l޲ˁd)C't?4ZVHbW}e1֘-!QjX;2iTNFg:UoFa몋Lڵc|ܸQe8yТESR\"O|qeߟ=~1eM`u}gK?vFQ:E~mP[,ҀӸak.-jִ+KCS3D$s]*;vZiUW]VZ|OFK.tqqofN256~ɥ:u4r;v^xUdKȇlck֬ n-)LvW ,b[w1Ɋ K7̶p# - IZ~Ap(}| AAק#Qi[FoI?@O%^ϩ![M"HY︶$ޘ(<\Ȋ?13VoS-)k"VW:1K|?<DZycs0 J[ sz@?<*wƬ%Π6f?SCb_*.HYy PQL&$Rr ߜ3|$RP4@: ~w(Ȍ)mժ5x / ԿBtm\T,o`+*vM'ʑKˠ?.2Ah$7 33٧4H{6lH,6nއWulY;|Qe6mioٲۑr[n<\C׃(:hi=߶m[`!\#zUX+JXZpm=7'1g-5l0=-vN.7FB.. &皓>Q]QI pPld<\cxmAg.mCw 0,޽cyƜne?AQCks@#N{k׬1L5 Ј B6[\ޡCu wֱN0eS7Ԝ+RW^:SH~FD`=]C3< @r}s* G;u-4cr_h jºT&m)v8OVVai{1f:ifJ]1U [%ye>!c\1y/1j*G#;3JVkO=$nIoO_|:Jꪫ,BYDӺ⊋ڣ7|AUHAyF{!䇣_֡CR{FmYW|[?pMF[Jz D'^p?Rw;%XXIHr0Z}0}M R6rxj Fc~cP)"f@@b1"P~y.:F Z]cNoqPV3ĶGt_ΰK/> {0`ulON?tapj=,Cl HbnZt'VS=7ݻϘϏ A| `dphg5/0}!oj"hB ڗX)Q5Fuj}+\eOEro3mJ_;G^VdUvݔl>ŽexQG `ٸqcމ}䤆?B]m53UT^ 7\S4un#f';wviK܊w6ct_DW[f5O>zC3_#%Ư"gaP<]׷ 4m/,1bP3"]XKB $먁9jS }yS.jAdaU\Wu9h X2Oz󅇠Ϋ/5]:lpy;i=bx ܑ ڙ7۽(.h݆gX kZ0j.o z摗RE 9TVsoUVM,g7 cL>vY$$հ<\x\uX=T6&m:3xM>GUt"Zz O=l  D@ #bd qL%;\ʞtRM,7z% $yˣ?IDAT 8O'I/u28ꓨ h'D:F=cuڀ19;Ő";ͼ]Ze_BI' js^tŝM{ Sg>smN >opes(t30kf"H #N@B%y{FVפzVMȠj"*S=SS-GU rkۦQKo}&:M$UgzV!5y-r۶nIe*a{.䗿vY}(| E?= 6:a&|*F-+ YFNN4ݴiK@Y r>uzO4lX7%]#hi`G[%U ʴDBJ_B*3yر ^{mm¿7-TRzi{@ʌ9v0QȌ6<~doi`q'Oye $T o~ 0rg6幦s)SPBۙk'G,[nݲ-آedoJr.ɺ1ӇF5q4tfvm#p)ߖ2id%rPǎ O|9g4k.6I6xuXb٬mp3Rԭ|??3#憬f2!DAfqd4v]{v?omۄ mv4f- 3a;Ey J' ;˫ ` {Y'/3+s |źV|n%#~fNj'K9z^ş5\i3J|B^7T¢EO>lC+ W6k}BO[@>cu4+e̝;/2{ȸqct u-2Xc˩AnXdT%NH ѱb㛷 : 9߇]{%:~Sj+5~(mmƯzֶHpܖ}_R 0wMЫ{-cʄjWDiہ'"o `h9 6g=}!~.ITe%J^~̉'e<;߳~ώ\zE{u}wrǟn߾ަM&!>^ڱ/"%#W3 .eLq_+W~RީIV^^\<5&O>Q۷wuoa{A?"D.|6C˻u;ֱJ횾v{lk"BzC~[l KWq6Vg4clPvˠDjUrNn IՌ 9tAh)TeH&AAP5*ͩ+{6i0o6R9}uS;w sv4k݂T^ G CjnM+񯳗/2-.h.(h[i6Ns'.bw}?D[lQz)c@MsCx2>â \xBtTB˾DŽ2"$pSVN;YW krRж,6_g~-elzhDž?ߋ; iѥ:3nvIjofa`g%N<{050n^WFxP`{xʇq.<ܧڮ Szvد}AΩ~ss(m6U;?\D*3 `18eVL5`tIqM)d,e@jtvm']MplbO9l`(G`-t eQ={vO49f MCÜkG9 ~èkRtLXVw!dD=S6JOet%vIlAxZbPΝ |K" tйQ*,l6rC X"t1S;Ϳjcm\2}ۮ|bՅF+;c^gk<׊oeI+&No2g#@Suc8e:J!)kԭy/毕H|¾F~]:jZgdDK/S[IJ ̛n87!]q Ŝ=sѶY:zB5vu7F0ATV,4{05aFr3#SߛFUjՐ|39J;̊I)I d7cNQOZmSl #Y]v$938LO> w܉G?sM^)u߲r2RNF@%>As!jN ĵGە[ u̕ .1mG%oklR.~B>@v`Y_CjYF+sU[36&Q *nߔĖdϺ$B( =DF6ji4$ULiM3huk` |X֬K+qJ3Z@"a~^3h֍MΊ`~YSx"{@߮rz."\ BO?M8sFLq% E!"} gPzͥI{^=xauK-&3؆i#({$oI+[/{q?g$rgWVڷ>|5o5dvoNN:,Y*//qZlio}7hP5Gϟӟsw3"6nذ!ĪZV^PjA"X~ #$8YtdWV_m-WK>Z_+\&[@钌bcq faA$/qݻtUr4nMk4hоYgMp/}[wvԢ1mM*M[X"?CǏnF*5/ XUvFU Vxׇ°zp`UĆK6O}I*ő;sJΖ\/J$IuMX{ak5Zי}9rΝ?N H¹Ino Rr_rhs?)~ /ZƜ9"^{cޯ~޽{ƅwwޙxd-Y<,:1vމNwܲW[!^wٮD[F52oѢEpKd%e8"XbeP?[s,Y/}s{X {*j$&(EʈDX+oeu܁(w k3g~-Ǖ:O [iݺ5bAnK8Bʯ5RC,Ѳe+^`?l̘ m޼iC?~~Xrn+'///C  "au_yuyJPOi~x8 *jY+VW?fl̈ؽ _r4h빵YD!@~/zM?* ʊ`G)(Z )W%6ŋWK1f[37Gogߞr ko?>{ފhdw$ޤ|lCYYG{?=@P%C &ǼԠANz+/͔KL ]0PT;Ѐ}: „E%2]tNmݓ90RW^\rSxǞԉ~uK= >}VV\0SeW?,+}r-A.GBo vV NnLG<10(o=qq#*'mwҙiWeJ^O9fXń b߿JEL4]_q7*xN|g@o9 UAߊ}ګ# kE>=t/p75p24ЦU`EJsaCA]@ 4iuYOD5ݯ[bJKz~S H@t [7p9OXFq&_8Q`3}[X+\^W93KWQ O{.㜪C$YGzG5&8sw?4L2]жAxƌ#ѣGC@Rb5Ғ^zyL]ӕPG~8݄ K'c8:O:'#Vj!7h\A8v x񬾴}.Dž_ús~Fg]fs:Ί`,!{ KrNw@ڃ|SJ@n IlL';uO {+WΞ4S(I$S㙝`G!JxPܰq+ۄIHq,շoWp rp(pᆫڵkkV~.g j6 i)Eq2BzCLH/]vW;Ѡd5$a0N .1^8oXTphFMLٟ<߬/݄ `^]&F|om_{rie9`l+JtpcKNz94y559#?BfQ*3Jm@pk0 (\IDyB խ*`*0ﺴt{"#9;w CMZlWymjm!&4˄Ym~ڷ[& ږ=Ei-7FeG^3: PƖD){/YMji:[ZQM>byLoDv.p9?.joGD`lP* ,8mFIV]*@u,Y!8iҬ%h1.~)_ B8%SGF2B.AR `$2𙞛 = WuyZ3P2YaVcZ~/Lq1P7H8nc,!rfzw=QU-Pn{zF]T?>W5O=ײVgp!VhXJԸqje:kdkUm>D{^z/rM˭AB7J뺆$*FMh(ﶍۊ|rv/Toh]ޙ|< g'mhy²zf|U2@`%~ߛK\~+;xC"ܤo eXP><ɋ@z,Vkp:ƫBA  `q 1y#tM4i'bZ ($..+ VdF~[f"h2yHET(\.ѤF@'V>B-Phĥal%OW,dokƔ%XeJYW~*Ps׮˯׺yQ Yݩ][YYt_ݭKu>uRJ[+Ӟ(xo`CY&爵*e,\v&k:?y [^\|Yuv4_$t+~۳/\&+۳c~&B`E6V-X_4?2x`Ј£zI!d{A!KV?dI~n*ܪ ]mh |/.#oPتEyqb4MQaOaEzwڹes֫ys !((>2 BQkhgt>cuƎ:mgX[Q >J !&q__Ks]gs{^{}NXI{Q߭wl`侇k>vO]xTvaygk^޳gGv=/]33xpup^=o|kvYrXKѻ2ëh0Zav j}H*|ːMS6nYhVpHwXa@n,a&ϳu7\Ox24S|A9-׵M"ln)ЦKjx󦭃_qNۘ"I)[}?o~!O՟h-1E&ZflB&Gjy9}S{6nY,c_`Ngg\f,]`9gAj]s0R[9G^iࡇR lۏ>ophx6Nu}-o}<8#lf͞9e|il 6$p8Ɛ rC[N4D^DK$t B2(B ŗY +.BA!}E"q51b dB_[(2qHՍ[˯Gvկ9 _ L5`xW E[C0{W\8uVn\~U׽2} Q4FK!Y-@mzkY4{Mézϼ{ǵ(-7@ [j@/΁BD[^hxyO 7lں}߻_g^>^no5s/^`  qv@aҽK,?x¬[з`֝3s4YB9"(8wc2u#N% [֊B)jԧH3/׉+Əs<a0DIf%cŕ{<M5弚8wX-7i=+kK)ZzOXJt(6&nԧ37@㻰EǑpں. E5SYZZ|2mi|垞 #$l[Iˠm/)H~ B~E7i\0Ł+k-8SdwzBsA{<#c>d 7 b}<ᄕ.e:bj| .Z\ɥʯ8B !4/C@p" KP8o=e6''޴fJ~Ű7kޚ_Xį/oKhccN^os=1郈Doآ /_zlsO$^(^9kՔ)s,hϦi}P3fûv} q{3~콫h Mޖ1q6S,O-OVlQ>>V\i9"4Si0Eb{YP|pË-qժ3N?}G~l)|1]`ފOf)*4*Nk#p[)MHac. :rKDי/q,___W-Nn1W{x2玖[B\Y7H̍|Goe|ﳒ'+ݶ.#߹o\y;I:Tۛٞ2# W* lϏ2e婬c7fs]Zmx0naF$aDiLt˸¬x/M>#A+;̣ja⽝ή|OC:mr zR(m4x A'Ch?]^-]|'e8od1U85z-9]ޮ施l Bȷ l~0Q*HA0ud֮X2 MrQ͡Zng̸Ycqyϓ^-6~ ǵ;_l=߽>ˏ_WJyúBr ς瞎^E,x {s}HwmVB<:?n߾cpq{2fPǒ4M6Jfbn+MWxQ֕ O@w/#{ DF[;r_eqH#yd9` 7}ܹk M"rHGU[COno f&bX2{UevԜ Hcc3>LJ_b`s;6#Amfdw}}Ҵ :t} ]n|Z[m˃c+raǓe9ihQ3 2,c(*2ǪKXޛ! )N ¿{z%QO&xHUuHAd>G%{ECVF%]Wݝ Z"@@V6eb|U:w@g}3N~Yj˭gN߼rsx"7T?sb(YByx1":?D\<,5eD,O'](0!YMˉl\+걸T QR g X;axߺ>߸ɡ?@@{!r7.P'27 7C, zlL?6|.Z>ׇ0a| ~TX?Gv;TƴO0G50 PV/h-6`vpBM*6/>.M |fW`v).g{`ah}{Iu(CBBk /^߃n+7e{+޲libo#hO~,x^8cڄK8L^!2f+g); B5uȲ Ex-: 8ݙfqTU隫mݻko窫ny߄nBjVO^"_vOE?Gbs3,)eȃmfޱًe?,0r(@#WKsE pl xK%࿦eg~ !p>B`M߆.6P|m&عt!;%!Mz+jWPlw}t ,T9˥\0e=(% 1r; i CXdWuEOY׺~OЦm+HB+vu2C -2쟆R2et.3n鶑n[)%6}]yqCmWz 3ae;DK|a*z)aQMyc cOְ.ײΝof;0,_k0|*9_D+Jm oHXAω ?~gگ@,ˤ%!@8]A`VTg\7ܦiFf;=#gW"ys§[A;pOCM}RHXC}$q|RLPOue;>oٺ.l ?ҥ|e/=|Bw|6GBo޼促dHπv;ZB "ucvKul^~j aK5-Snü|#v;v3yi:0q94&nxP 5 &f1 xGVH%!pP` +4!&0z=XmK_c.fkS?|AU6Cw >Bs8xP##'-F8)oZ |bt}&1EOy,3݇.)17mͪx[cR|C ]jF:o!xsQ|;}_2c㓰S2OZتTc^{OUJkӇl 8V p/ӇhR2?i. x ԶzBi*'m9fLǪ l-a-),@ljlXV1[8b8i/}Zס{O^W áwRƔx۶mh[I  ZB6HzZ^GdźُgYi&c;#pJӭβ}qļ[qm JJ7Y8\~.8oEUdh^>8_ Z=*0= ԓ?ww6|⑑_@og[Wu |),6w>1+L&`MV[vᨲV!`/Sz}Ua`FC's p%ޡ|7K&$5׏U)H414\H݊cН6 (cN`V$~\47fb ?46&M^! >.j F߾IO/+ -Pl@2yMX,Y敨7M"%2ki IW2.9F} XNJ7o``xywö`B }e`v] !"9,v8VG}Yb!>KDɄ?_ol0o ~(g5U9Tz={|Q޶N5s0=AQwwXU 0u>"ؕ5r u8Y"#ym7n!Кi(Pn`{ o(%7&u!na+X(U# ^fڿȞx)B#@sp8F1Z EBc&DT[ɂ4[<v?qڌ϶^7h2a&f0~_3 Vjo1U(@`hUXn}}Ӌzp1A,H78iDş g/( 8xxoY&sY{We7/`x4,1WT!}G23p Q\Sլy `ZA]n$-^NA2a]KIC鴫4U&hl~ R&:dMV6X*8rݼo_z"ꭄҍ'O=e:>LTkLûf7:t]dBP.-_B8s36WC&82Xt¡\6%^~ Jt~` ^ ]qYMaZfM^ߊm ^v8]5,`- -7FWmz:z-3qM?nf.csc$Za6XDϭ]6KuE47K$@2j}+/C\P Hq;Z_]'M7 ZLC@ ˎjT?z|~ÓCݙZƏ!S&ﯤ ѩ7A8R 0`_^}knB5' tpszV͚@ > CstPd{O@/Aȗ;i @)bR9U91b6d̰3zq;Dh 3 ɯ1> ?zi^G}C"I3AyD`"Rh3Ι1e X@"pAwi9y2)H&0xAC.GN$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$@"$.)H')IENDB`xca-RELEASE.2.9.0/img/xca-icons.iconset/icon_32x32.png000066400000000000000000000024461477156507700220070ustar00rootroot00000000000000PNG  IHDR szzsRGBDeXIfMM*i  bIDATX Umh[U~Wd7muYvUQE넉cLYc˚( [AβZc lce*1 St.sik{ZՖU)yɹ9yP"E /_VJCE7Œ`FdY }@lES5\7.VsT; TV{>yŚy+ry{)c*Ӡ^?M %kB P#L:ڴٳk[˴uOU! mbhcXf3rwkSoOx Gc\ge R.rZ':6t-7Ǧ|hA+p{~Au˩0>>eh4?bk/!t5;7΅d1/5'+#{Wo ߁w&yMJeYs(JvmU~SޑZ,;:McstOW #-.|ɴ+ Vc㵜tׄBW;.o(dW'4 $v( &'Db)H2!#\ ΄`ǎD`081U!%4>٠$5H4n~{p6,2}y8~Ə1; &ߪ{l+U(ʹ>fM&ScdH` aCؗ&'XdV@xpK ݱl_ }se%Et6 KkM80,8Kϣ0S}۬ 7918J.t=nu9]Dv|3/J"EAݵYIENDB`xca-RELEASE.2.9.0/img/xca-icons.iconset/icon_48x48.png000066400000000000000000000053471477156507700220300ustar00rootroot00000000000000PNG  IHDR00WiCCPICC Profile(}KQ?GC EA-Z d46-S Z4(8# ڴZZi][m(h?k2LhE=s?TeER?Yp`^ĪN&?6olrUS+x_w&1ΚhդSQ[b^,_,hec}RY"6Ya\`;\֞27 !8f,j( )U>VukZQ.|qE`h`~Uw^okb|hkK^_&$;.^N w .V!Gd#sh 04;kN:Q\#W#ˇ5_#Fwb(bKGD pHYs  tIME 'IDAThkUysݙٝk^uk[~P* A)Q A)TQӀ $Ri)r+voٙݙy罞P P~ ߗ7oޜА%"UEXݢ#E&3o(;ЛPKK$$\0Ir].\:#@@-E㙦ób=G*11.ZϣgcU6mYs:DD dt}ZB.{1dUSXpyk@ XWDx(b5,FƸqݜ= {cc|<sDġ ` ,h%s\\vGh!zDg~kW[C#Ʈ}ژt:s(v Exv3yPi|>OJNVW(Q5*&Z PjEhn=ﭷO(qKݶ"А:2v: sX`"#000,)"D*x~9Jxpg29k$YihhtB+΃do{2pKB>CȪ oJJpIGMMr˖bt BxSϟoVm}mcqN=4ɐ$]tvvڦiS&eh_L8m ""۶i i *#j>uZ!(cUy.dEkP1 6]EP(3Uv(V/ YraUihNaY)TYFd,9)/X0a>ȳqm n֟c ., \ I $AV$ $n#ːY\fCBW/YQ\+Xp$Mb<ӯF1kV+f;4{v388  $Qk/Ho#2( @p]y/Ө`P%McDEQSU}M~: |zn]3)UdD|Y%$0&A*'ɏdI@R`@Qb~I01?Xt.iKSF]ʅ/'g39} f]/UΘ/(~18 p-@\ "3%L&{{.iN}@+m";L΋_ᅂ4 ùwX9]x _|]L (ro|}28F 1!:`{Z<7Ejt\8 g m|CV)+ @a0žYm+Yh0 \~cM Z|Vş !q*Qݗ6afBL2eʔ)S-DIENDB`xca-RELEASE.2.9.0/img/xca-icons.iconset/icon_512x512.png000066400000000000000000002734001477156507700221550ustar00rootroot00000000000000PNG  IHDRxiCCPICC Profile(}KQ?GC EA-Z d46-S Z4(8# ڴZZi][m(h?k2LhE=s?TeER?Yp`^ĪN&?6olrUS+x_w&1ΚhդSQ[b^,_,hec}RY"6Ya\`;\֞27 !8f,j( )U>VukZQ.|qE`h`~Uw^okb|hkK^_&$;.^N w .V!Gd#sh 04;kN:Q\#W#ˇ5_#Fwb(8eXIfMM*i(0@IDATx nSsg3kI$C"C%4PS3TJE)4T*iP T* ȗdH;g~߳:u]\9ϻggwQT@Ł*T8Pq@Ł*T8Pq@Ł*T8Pq@Ł*T8Pq@Ł*T8Pq@Ł*T8Pq@Ł*T8Pq@Ł*T8Pq@Ł*T8Pq@Ł*T8Pq@Ł*T8Pq@Ł*T8Pq@Ł*T8Pq@Ł*Txd=2 @Ł*<"(g$9.*@ŁP<x: /\*DrRHnWeU8PqWB7:eU U+f݀@`T 𪸊*W[ }&ykwn{L[o _S\6\u"8׊f2+Jr K='U*Tq@=w4+{@_ދWHNA@jh7_ce~ـ1ŪSm Xύ["r*YѪ8Pq(O +}NX^%"KJ&.4tZ1 frbR`*nE@Ł/ (YS軂Sf]zMkqN/P.+yTBU48(Dq% 6X};|[>c $Zlj++*T88/rwwـS׭1m=kV+?!}O~O 5V+3*MW P XʹC;8Ƣz6!;~ y`PY`8Pq@Ł9UPT ?gx瞷Ͷ3wZz4\#~zQ5EF# Z- 4Muls. |h8/LTF=$!\z9=3lxm]WP6Pw߬bu_Wwv@ʭb(r0 ƳfϯOP<]&N2eOӛ-@mŵ>? p$0^SZr*<}8^t }yȁ}mxfgnpx[[니WZ}n9.cpj<܍'٥"P aޮNdieKQeqtɭta>@'08M5FR?,:Uy}O/?= rMjS~Uu@n}`vxm>ϙqɷ1Ƞz\:pG W:ʗ\)L)޻8492;8=uԢ7[@Qt=D$"9 ?vP S"_~n{D3xs`@`7O+kxR}ݵk֔Uʧuҥ}WשT2uu9+ yG\ 4 _ ~GfCkLqƸ'&T@ŁcƱ= X xV |Ԗbva\I3n뭬³Y=F3\rIK<+7^ߙ! ~dO1ZaNM rKlQtd 9 "士(Wik.%h< կ8x<1]=N*871Qxjd>f'gDN6ھ6lz (g7V=08K/{I-p#p+p( g_H%5>QkKfa>#?FF8y#F<8 9[y*T*]r{``u^S׆ۋ^-"piu>"|Y,>J<|O=y^wW;oQ\{2#D:0x;oiB2K4rn!jՉA[6I]o寮'V⸘f"N ďokfxxZD3jrMD"9:\ՔW_뽧3>_aչ50L4%.wtpvUӻ=X9 G 0pIqWMrNxG@ {Zr10 pXд)s>alҪ\s[mIc"#6$e~ O\9/`ĔDb;{3?/׃f\kQVay`7~;h|wKKeO PP ˜"?ht;nD>}9D/y緿/Ÿ;{(ocʮ)^P@EB~~:]Na9 )/^@㷿Kз|²ӯ&`d0Qe>꿫haFcQ' 5ZF,'B hyX5e%@*%,~o5/Vj)*ȂɟH@A.3VD)6 5շ2?DqSFG_u'FD@`;+I]r] ,ԥ\2~\cv玃O?YT͎J`D9w`ŏ}Ÿ)HpNG|d I0|沞9 `+8w1f/J?yMm|Ow혣_gۉz|…Kq򕋮(N:s k0TX\M(*Rp_C`__(8^U ["h* lk] lt8s27b`|yJm,>U#Zq&㍔u^= L~F|#!i[H6sGByVCp%/9kxQ\wMf!8 eOiYnCr)yY38T{*/f/ʬ' rA}r+z7ְoJ,4\Slp[*[,wbdNG7Ҍ`,9V?ǵff#&~[<|h]2uBpk1+琊~2t$<954Ή!no`# a-s  qE{wwViìҥq&As:RuU  Qo-;COUl+?fb0rVG~Zk]Xȫˡ5W{x1TL*]"pwߋ57!EL.4FWcAR*tRB6jB~" v>鮻PlᄓQz+F/}]+B;o>U|WC htPvҺȿF,)/Zj`6@b{6"ӲSgY<*-W9j}xX_Ep`. v9 ߜP\p18oh=}ohsr?wžo8E^t߁LEw_tNPGXhQ\!YJ@ngLS &'UeVxk94k[8P݌]1 ;T]>Ug˹;qX.](aB2Ťhʃ~dd %( 9WByse*o v_}lgِ'͍N?zT#0)2iַ(F yFǺ{k3 4A5;^ҵ:Ye=q7~7k~ BL`yփ7^?~u}NzmlҲ ˳o_ו[I;r9=v]gyX7Upss/+{)'O.vCS((# s*avdUˍ&8 };0,ZP0\k_ XP{0W d_mm:w5&Zj-ǽlZ,35֜9oUw!Zo(it`z5&fq\ZP'\?CCn=a⨠N%=l˙̤̋Gm/͏X峢G /Q EB>]0A :[7o:@2g t~]s ?V&~.Poy7/1VKQKl^[Hhx34 [q suE8Uڊ9pNJi9=j~wUI'Ļ̝[lbO5X+c@Q6❵C `d9C/qxl |XEbQg]mϥ p\3|_x:5ryg~nO尗NIkK 2{„ |;^dcpmmkz'c`e\OW޷UľFyA(쇆Jn-yHcCD 2_aOZ(f0,G-͞я~ZώgQ_q4Ÿg]@gʧYE'*V%9]?LAp2!y +n ՕA7KVR#L;'Rp=*w/+\e>u׿4]w |fgWqi5<| Gv Kx>WԒlVޗ=v qur" `-3>tvuuU OW3gEd-ĩS'M*`ÀQ:߭}I'pb+;ńۡ2R ~iX6Yv N.!~*`\Q3IN8urAf9J(!d KEDhkA^굈m71ٴ(nQ,u' ,(2sax[6p SG\3}!<ӿqP5+3iK6ruQ>W9ֹXp p/DL'"3 ,O*#.m˱j=ۿIz,qͬp< V2pL<ȳ{k=vgGxPPi=Sϼ+~zv;Es!rB<^D\ w Z|L0O xi&@VX,ݢڧ)CȍrEL*]Tt}۾zเ8 Nj-ea Jq{~;vk5'_ӎ[ӓdVl)Ccvjvd-a 󘋧P ƥ̐-D\#U }CZLB1HD~Hӓs.x-m\,Xk^)dU 8Ǡ4JC>Hmæ y3KV/F`O.5mW_#5+oK4# ?DBUW{rWN{97x9:FΌrsy[el\("==8Yy ,'W|CKv~:;^|*qw hìß/Ϝ9S{N1mʔxн9}< ~ Ł_G;bOYēQj*VL8 HL" 윋̮36C{ÁwTx$Ӽ? Lc`}`C`=~>فQnOcx6Ġυa5~?_79#aNs.6)"vRc}jQ+9@ +s*ȚZ 2j2 V Xpqz7qye2#£K2 |/YxtMР7WM2_`.@8SV~BDrLm4nxm\UVW_5ܲ8 ~x[Ζz#@V|/VR%"/&m!pp|*s0c18/ҏj' 'b?m\,c:"QpyQYO}pU,k)l /fܪa;ܲ a ,׸!l5ހ,“A:3Ӹ6+ yGyQ8Ò v> .8QeFuO%7nOA3@>?DbBd%0/ɹ*r *toqglqq!薖"Mcl9s9R v0 V-Δ 41K35y` [ 4Ö:iv9Ux7~N5Ozgq]mb,}E7+ٜB1Zv"b>D%Bp WX[sT8'z5!#i䪂NsT`K`-` `"#<ŏ?}N(ojm?cZN(9,8҂?#qXAK{k+; \UlP hb؛B>ٯV|u&|;{t!W /GamAh?ԄQ W ob p}׏#i9:˴x`؍txn(3*@Bt0~d[<*X%,qַN'[M89r@CIVȁSHUY\n̯#4tGn#Y R@; ø.? 36m Mqtx_c^6H1 TS[C@ D#|Zn >[o]vy6 -Y j,Y-&EKfaPw0(N*StS[ "g -s~Y>]塷=:N>y ܂F63\Gr .GbC1լ+Mi79cK)!KȯG&H9' ǥ,9=]SM @Ԃ&Bp((zH##9 fko\s4VcGܹ֜I.D AcߟOf^16PqzvcjC:%Uةн>(7޷Jv<<:ܡz 3|'xQml+trRuܹ:{Y PFB1su%K"]BnpB(5n适*<|*;@M`jz p`s] hz (s+2 3,/9ٿ<\FnV [[:yv1Y~GԷvF}ΜË57dήCha^›rCnWP>Ų/tj2:710IcGn5y%4!g'J46Hi'F4.|⧸DQ]wq}P]}}P> xR!nܐw!P4o ~byu{>OAM9xڦ"CKKA֍>@ot-7"hw8j 9䌁xQl)ꇵ3 ti<&d'β\` &\&&/ySvws@(x3j ȵr%ו[9ڮ@V{XTW pfD388,veII%LiTFb4~9mPQx?T g2/K~(sml W E^^5xZ b$M Ol\}[?4%K ΡFk_Э1x}̟QSL^h&\)bϖ7PX>QܹfΝ;b0wE>n\wm!owu!ZFy}-ui}^̙ܵ߁r i6iٟ6v/]]Nw³5;N4a2^kWN3guW뮿kvY]l1˽|/ߵ%ÑFWwz#jCXEwq.ݎ==Q%Kx'HZ#輚f,0 {T?HwY2ia2S ?KgMen|HǽM8?\îYֵnY~7\%Q[| }K7h[ï1 p3V o#$ 4?yO1 j!qo3z.m"iNϤ?| |y$ܓn,W⡋.<p~|8kum\@d#|MvrTu_zV#fq(RmEG}_<=F?6cD>np|HC!瓣Ûn<_Xv,f!O+C[5D4 :z4x?O N*yuWmҺgqLmm?\_s܊B0QK9EN l`P h_ximҥ(M>]%~X9iyYbn )u"P(pa(OkNo6[N?=GPԘ a( Mh Jũ"+qu>d[tuЀ,H .1)LRLv0Rq^]$6XoܹoE0DOhtV#ǷF=;J!&ժpxƯp6NW au,4$k!o:ĕPR*1FRoD_r၅QquшԴe֬$⪫~Ωq3+݀#gk mLTwG0qJ$lx&hP?o>q^Kԇk|┫*5C<kL4X~L!l12bGZmC?|}c2lu%?SFa*,$ jM;\bOuweءw]j_YL^o^6 @3ӛcptFvp63IiqLƔ=~G ؎?h~6~!@9Ifha5-< n':3f=w\DWYy+~e_ [,9)]i9)~R؛MD[ F^`-K*ȁh m&OZ?#'3䗍F ёOrbA/>h-E@7ZR9g9)7U ok '5AE5^8Rbm* ANqWJI,'~\ی.ʾ1ƾYq@zRΏو"`q/e|jN,љjgx[;bosne@ lp2`_aĝ<ؒajes #4Ǐ,Mtu9?dc5\j (akayoRF˰ay L1LrТy LNJ9LS XQu*md9|)׈?ǭqWw+&N+ϜKL>VD7THJ<)z {YrL$*eJVӈVI/eMIOf,@82c?}VV-#(嘧s7]} 3 =!jm#iP@} ߷}mOAVe g/G0Č`DgxEx!O\}^ċHz+cK7 "1a.0C]M>E1hT<-8/y&ۀuH>075—wU?$:uteQW.( 1c02h\1 '#+x6ÕL\=( !>Vv+XWJӦ{~ Ud)2snfE9Z(dr l) 8?$ i8h ׅ|- Eo8'_ D+oԭ-/MdabSLWP*uf6.epAp藎M6oNO=Ѳƒ Ys"MR )tٙ%|sHwG'ڷ7vW"xهўE0݈~ ֨CV:iUL@IDATٽYR` ?cŸ^vZb?|^ߍ2! n+ٓ/V/ӸX _@`n8P:FA2(bbO7Z~3+rHqS!v$Lm9lJV*|8{H"10 :|qo-?+x1/!h]L1F'Nι',iV%^ۛ.Z6o,@j%mF$MIS"y%u|Aʂj[m%qxzLGs ()-ML Z6NTB9RP@&1Ƣ'FH)A~mQF4yy; @r׷ۘgD ˆqd8.˨e8E̻ F) 0'BuS=5NCA [_vkWy–sZ*/*" _ƓIǯك.z|f}Х(\7.{>98Tj`:a潙j(}XH6(ӉP+|GV(4۱`N1?O;*cxhtix88_3,>w>1̚M C_X;jeb5dM~:qbO3Hj [ݭz*\-SjbO`xÝȧ,} >4#Mm ;]6gdyX+1iIbvT|‡*"e QƯ܂w8|­<ߣqgѰk@b.'AP:(' x&AKz9,zrBK]\'Aó,1vSoL&khOfFYEBP4~vٿ3B);(S4PY(拲4e=MD=yܯXL[P1ɣL\uP:q5`LC9tq8,#}_ԡc7 e*@-E?= ;|DR]1r>r_Lӻi*`qjB|t/qE nr5s42&rK)=C$ڙ$$yL Ey9U^%Û?6),hrlB! 2_r 'HmWϺȭNTC>Ьu|Rƞh*qxoA?W#sCً_p?GK!NT{չϷVOb8V5{##)VmxBؽq`W+F5g>rp/g@o{愣JkB|`-VZ,x(zmb;7S3bv]ڔ){ ztjMZ.Z^I@yO*ߞZmK%=M%:~y9ttn|=?rg| >Nx.o ;f mk N1t+$*|."F\Y~_Zp4iE p7: WWi]Iy ezbv&DT x yn/AڃݲR sϿkӦI(el6Ts-ݝCo}9fpLJ¨Oc#~z e+LX{Cv|[?y v6Ѵ92Ayj $30$'?N p::mE7u+0Z 4~FeLnaFm< 9!Z1wTjZfpSvv"P1KSP<dP•ފ(qN'0KKC M f^T< W4ISrؒ\R[dIJ}`8ն2)9YXה/eNyS5MH. zRVP;'dٮ6/^:g~LtMi(d%| 4 r^YR5/ߑ#|⢼g ^q߻po͵I% |  q&gYBw5x6Bx6V*g@uw9\7;BqYώ D)w.'%X%`?=X`rdϳr[KtN:_*ij=#roy>vAghxp#"$GD6?1M_ˁ?l8ʗ{๡;e-ohoی &! d1j}>h JQL2q=LbB~@4WRL5 hYQL ;+qwn{+vX UUp"`BCu̬ NjpWS{' ~8U*-5)qQiF./`W@V2?-)J?r;nMӟ_<L`LyŕgVWWAI (AW+B`*ߺ[AGWUkրщ5ōTH34,";8rڪZ&ju޲2&9eM+jSdg⸱iw//b]u^qu1=I#?H܀"aY#p˪|5x#}PSU#;b!>~,ELai*`QF|{'oShLqnJ{ j#PA܈f̟ `(j휎7>ןoxm 7Qӊ/1 >WtDOS8r66^묊s?Gڈ#[9tүϏ|ssb^XґD9d,B̨ KӢ1j)ehwM3xp^R%MIVY0-)H;5oz.&g9z[\\OQGޯQþx;;鬹SR07<g.pnH 9^}N?G7A/X{%텻3"?XQЧl/|?pa>J@vgI'q\|X+q}'t?x?ouz!ptNe90A6po?9R38nIltv@ `9ġP24G}$@ "<J{h:ti!1(Yǂ("{Nz9X\fг 9*c Di79R*M)#%G> gTht݄~ <Mz-qISD²ۡ~ "2o ')p #_W'xsBc\c3.q$X!#f|J6_8_k3|S :&$y5loUnQƳ mI03^J]+; @$gwaAAu B~w"+eyVDO~F3+re,cܸ v#^y v>2 PCW:)z1W^|?U/)>C== X姴͉$#qv&;{$K\%ozܹ '5+1s&' iŽIڬq),qZML_gh}wwq;/`/}'oTH[|ERt @ JPY(R fZ<}FL6H ETP"+n"$]Fzm2Z\ʙ.XѺa^LDߠW'5놻yMy*..Fۨ)Á39}[4¿$#Eé kv8b>u쭍Mei^2h2yվ+.YsQ-]o@m.X qa!Pł|MAX 3TAWn(&M9 PJQmv^}GXFFT.6`|?3elYxh86'Q&YYzrc^qJ]XƂmQհhTঞ$!L0ߖ|@2 ٟLĕ(G{b X|o+ HCnѾ`E/Jes ~jB,ϸQY`^͜)Lېi _ңۮ |F8k`ъg?N~[ne"^6݀D<%]VmlIX<Amg}::i|Wfa* 㻕 d j^ycO6v>xTOTSJr2=AVT@+|h8+sH.ϙJCh0o 9@ 2 LJ:7Ar^Y%L$e8e4aKT%gq뮻-&/n82\8(D;&hZkUHFigp ޞtW{kΜxo3oJ/w=?^Ѷ'Qǥjé^0m$6/P6 T?j6>'!&Q~EtJTiI>L'9K$,'O/S Z)<|s2,{tAgoS9kjwC.l92?=\GɇOyv>Qqd7%n\ʣcNJ=Pk陎 勯 QӑA]㖠_7c w5чo:36!w1+z߿叏N(eY< KȗtՈK/q 2ݼ 'Bx_?Y:,׺KOp Q'16W;6[ *>:3S'5]PDo27|[MN>Cއqc3fw(6Is£: QOW)rdЌxFw(=oh1[*svu&/hmUОm~I8˂Y2q+A,> h\l3xЦ)aL4~ s;H Z ҃@ * ;3QW0O7/T[tM7DIuO4H]ⳟs{?-.Cs8y'x8qgV(_e\s]yO8믿["(10ۛF*dg=Ki9ch=R rXDRlx'ϟ2瞛\TpolVۜGu;߸4ibSX^Ѷ/:~f\un{V[mHp#}q"xu* {4aw x>b{=W׶'f8;(N8s^?|IY| %|fٝX83*e`_\ǜOۺq?M~`G\^S[o$--}`)iϪE{˝fX4),էj/8zz'-`剁dp1<*8mZ&JcuX,n3W-\tЃ,mAF 7׷[ kE+Ih1v HeH+/q>iH JC$/K2mɒ"uZ+ mB8 Mc ΰ~Kw;Ywއ'O^v)!|3=S<%Fq?]= ~3pu#\%Z3\ ^kh_Я8 _)?JLrNjh[{cz֨وWOz2aP?3/:gr[\xrA+pp!'u$?߇ʊ@s 6y;5W߼ PF04exE>kZ6<ǩXn)L 2Lz -!ŧ8DOzȫ@$B } b[I(ɗ~kʙ$(3j3,f3~UW]i}?mf sd>,S5)hxK.8 o y~)-Èfg\@Kr*qRh-5ͦ85sQ qZq?8it9o_/J87E2qi+s5X &*jCȘ.WV)OzjYEke<ۡ=! 4kHf"17Mx!#,1 \Gmk !itbh.fQݡCoh,ze;opNd^'NM!j:>eVez)̰kxTzW_8믿x,u"u2t",K',ڎ-|c:|l-*?DmQ 7MɚSbN"?QJ^ 5xTxvf2ʀFZ蠭Gߟe?pg[k4hF9PylV4ZRA#D76ݴo'^'{H(f|ddG`<J< :a#Kb2ͮ:tgN[j|D+iXɣ#JhYKGx ʗf{CPj d fȬUF#3VdDh4~^T4d藱|We_O6ʞGz᧫۵oڳl| F#G~9Wikft)+^Z&* 5xw밶@/pf6,k'=vDn ߨAq%a:h`yoVy#,}y/Pw_h#wV~Yt$߬«9-<[駟 tmɓ7߭:?b ףJ[{QSƴbH w؀pjϊa謳8#(#HP:7|?[ :b!MђL{dinT |nW}v?1#;3z5~Á " FQQg%6-;T >{)_だD0f ^jhg.~n8y`UsRXtҁF7QJ)p-;wlaͧ~vŕWުmBNTjŢ]!UL|R~ wN0 kUzt޵iw }4ߨ|ݏ/jNϡ<۾\knݻg2~G˺tܜ,oY{.n/z⋯|sгmTd>EʺeeA: ?V[mk nG}RΣKW+d&ҋ,`v#{;͎xG 8PO *V֑Q೴+b) '2[zOB*Z_yKgG#n]BW⦃dβAfip:ixC!WH\gm\nQXk+(VYHTl ;VVzZNwۄ˯+y*>5"Ir&uYT2% h Եr=R/SzfSEruX m럄a m@2LAojʔiyo6K⋯3?tΰ[nvֿgj?0pnVU ;27|Pm{ f`ᇟqkG\̚@v:I,[Zzk韽jQS#%)YDsB/׿+p#b=;`C՚τZ5).s悚Oum~81exuhDƊ\2bhgTɣB٠wذES;i]eia4iJw^yeh:6crhxn4/SnqhM:slR-"9H_U4ng̢*kwO7rf + C W!zkw>cWV8p-4이2-Ѻ|ʗt0Ÿ0BavYLJ˨F%{-ڳlPBKG 4DzG#w>8GSQ+ Ƈi'ߞ{.M"hjD!뮻r!tg^d`+鏥HlU gghu?pڄvz+;usi;%uOFʅW+NG4F-!9R^.4kPHiRMK |c`-i6ld_"䅹 U&V4z3C,B s+*'V_0}_s:nE^(NsųGpkaGy- Cj+t~Mӕj_.wMke*?/[Re@vqilIvռb]s^6kikf5W-<܋õ[uҳt*^FM*+OD8OMB-Ŗ'Z`ZXkzmݬ.Cw~6K: ՅEjsci}N~b@nZfZnF2Ġ&]،;rg`#XJLrھL©ᇛo,\ Z7:/Pj>pE0P2`P`g]D5 M9cGuRʾL?%K~/D_~5|ȯ;pbVD_`Q}d2aja5Wjgf:l1`% fc=a c RDg}xD:S P'G=w2FU3 y2OCgzIP¿[봺PzX+`AW.c/pnozϞ 6ASLX|ά>O Dp//LϾ8ە4m&u<@tw PgN|!spncL7_yyhe<:O핲tge~_)O?YYkfTI[NcСn >X7Ό- b[)A{[}AL76[W.ƍ/+WK\O aר:‡D45g xR^y{ o^QZ! !?;A;ozAK x vuh` |pS1@FoiLp~Q_EE[])k %:ܟ2k ٍN "~{ M#4ky%|0R+Qo*֊E}ZhiI⇢=+:hT&>e[ȗ4jJ怎Lu IK `be2 ~6MAV7tRHŸ@iLbB:Au 3X)/\ y]پZ69&/R6g|lU@}6z/Y;3oVw} .-IE_I$K73 ,{k[Ÿ`K6V5cvO Iؚ?6k|} $?+gh/ʳ_gJsmXW]⊛_1!1gCfE<͋wzQ Zt&_OV;ğu!C]yprVR9{ |1";EA1]hGa2". $BL{I9gEcƖ|t]T"XEY5Ѐ@~d uzyȋm֊UM sN' hBVn|,Pnz'+gi2gro8_Q\&[FWhh,TxJP;r˙;ONtgfAh@?”Yj<:Y>oyΡXg־NYc_KS#c_-k#5YYN @IDAT@Rz{'l%;մu7xl°ّ k m^>Uq{m7q=~lZQcoh*inT;i*8": ᮻ|}o :hX'GiC| O_T+v2Zd6pnW8y*}L:KX4 HmY txݳA,vj[m&;Ck:W a|'uP\Z_>]3W &LNa\70rȤp~Xc狼pSN0Q2` w Ut.JλC^ T['x 9u<5zK/:i^t[? jh( 1;ЗKjRisM 04l_j%XBO]vٵv9V^Ppu'EKvFZ)?Uy\$:̣䩔Eeq*;N54t`hq2yfIy?&@ $- @ΗNvy 0z\Iŏj|8"ؐ =*O*wҬBNEJv swЖ7v\E Mp6Jo31۱kɞUIc@MJ4`Ш#j l5=} r&(4jN_XJf4D5/a45nc(S8 )@`3@.SCyfzL|VZO<_u&eg܅vWvc۩ִS%5C!KН;whQۣ5G}]suN:b"g ,B_$š$Pc3;2Xx/m,8?aB}--ɓ9M߹s']&/Hc~чN~7+Xv+믿Sy R}T)x3>2hTE o_KEnZ߀AU"&Hc=U~3WYYnz(&ɓ'vڟ;Hޣ'XqnJpUQq1]_|^O 6 5<$~G281z:a*n<}7C (bw/y{m$R}S1< Ԧ^jHߥ%$ }-iG0Z衹N exR=IP _,aagn0}U"1ݧ>X.Ѳ-L6t#7qr 8/! Z4dLTMMUnذ$@ORybF)tqgKZx?=KGn(6NH#KsaRVBjcVGͶ;ۚe>{n n oDl7WiI4j_Z6#ߨ~J]JtneyZm[BHynJ 8[3E䜢{LJ-SMfon~j^ӮoΟu֥> ;\t"4=$BZ}g.SY 4c]cYINHtHAO+[Vs̀I,TGҹa1TYY]@g`xa[].4pW{^zc:GY<"_X |`))8tQV'玓&SG%.o߮sN~:{㍷0|6_"V]G}r]4nS  P3%ƣpzW_2je=q=_w |A\Wy0t#n#<)_ZA^ f[b]4_(,5X=AkPҶݬz=[gX&a |L`Lq~:w#3W T.x\t;.L:KS/Q#ND*eN>7]Tvd}ZpQ_u` ]h.Wg&m!} , (a %5pɼ\Joy_Mǎ5NZBN>3y~4DZJ4~A5fPto6ei[5Hvxd,AfKcB ֻkc]@cs^+6rJ7hhS0d|NWZ)2-Rh?JȚ3쐃 TfI ׿~Ԩ6]1G4h{~XQ݂:0r ais9~|9WW`,G"HTn,a7ٯ5K0{gD.J>v;0˔^^,QwN>=w_oݹWLM7cGDd2 2tKo'Oxa& I}^yq|BKF/)aW;T^ov4t6/-[@֗%lŨJR9 d8ieTҶ픅2?39fWG {I"G*jʿZD5j_~Htg]qԨBu􁚃S]eOWNSg0pvVnЅU/>W/UIY YgV@IB򨣎ƒR}:eP=X[[Z%a0 +q8~[@' &\|,fxfA޾Q퀡~j8U5jW}^JЭZ;+D& T)fH7o!IRuhjXgF>P;2=F|S%9~O6x1⑉VZWW<7e9UӬRi} E!&IEE~KEK*4l,/VLT&;32K!]?3kt O^vpU;/_8qja=No~n{< ߶M*d)Ftϸ_ML:BǢ:u0M>$Z1@4 'D SaUTOEEdv_0(y*|[G-uL}҉ P <(q~LEY |X{k^>Z :Lvqi<h#4\QdP "oA.;/N%eB5'yHRvE6]zXFۄ?c5w(oS*{غ$tp ^{{nmm&Q) 0^8K.0E)[ y uB_~E\S֒,Q"̙1!@LgdjkpHoRkbS&SIwڷDVQ*]T` й 8eo)r gN&"4v!j4|  ` Ykc_RbcKG+|t0oU;Xp)2y&v$.StdaotxIvXm) 4sxV (÷c†=0|iI4㷧΀/?HI乿u/!p nMwB7˷ ~;hy(SCoĵ^z4}u"7-bֿy|"NMIJ }!:=?= (cDtRA鼸cC(>=d~KͺOPYC'&p:j$'({ Jkf󣕆qn VT{(5@2HbPeH K z zܲ9ᖻc[w[JTAQ;X\[,A6ޭt-F&x_xl: UȢ9w%v>O;hz[+!W+j 0;le*%|!; ;.M([(t_O;F-(An^˳ FlRD\%<#'bJ:ouj_=6L׋.H㩧t^3쬝Fm8?ԗƗ}X[ F픍6`;nE͢J(sA^z6Ot$ 8u>bG1YJZBN'.L'0+x){/val׻w]vP?_|FV:^`p(``M6g4`h<:s?wIꎬ=^_GbI?*$¹o߾80DL49@ ݆ / @'R^"fޤ=|vc@v1;gYml ]O'&1KM,-E)ԥp:oVj kXMiNa=#O6?yNI+C"nP&x\;Dyi/|=&UO28=KN;Jv~BEZ2Hk\kK>[I0vq:k { u;Ϩ׌P xjh'^;=;ujЫGs31Ʊ&tnxQ =הfCr\ q3ǮqkNۣ'Qȱ @xсHoēz\]U f'oH ِ}2žK4=y3[X>&'p)`\25E̸ui U60ɺS*oY봜7+8`[h}}UŃ*H&'K*-VXk cK,!zd~}!ŨD*<. Xcݦu19 ڵkz-LZt>TV ]p&BiB*,F_~&NhHs:N|\(#N"yyr|el L(yV_-'OU;hf@nMP-dɬ/pN8Ô5{ڹ$  NLKVΪӏ:j=irϖJ+jvcjEY0@ˤ]éSIΨUj-[Ko&o閉~$^As"^Z 8G #w* {湋ۯ[sn]nҁߢ>3y+Xn5/@CI̓4# %,:l/̻R{ءNoZ^NP.tPk~ݾIFON]v޴OT1OLWÏm3ARD./VY? N`Zow*8Mcٻ tE\r7 %;؝&Q0_}u= }g NKnnExrIY5;4igHe֌_WLbuH)ti ޒ& &KʂC=S|qCW(z/XXiޒ.pmA;UXw\_lhGW)APݴڥ)b>[)ja?@m1R]ꠏ;V1hCJFKo^V_ʄUũ=ԠQK'g? m>9׊hMVkgdۓF\rËJ8qyctdsyEUvxj4nA1F6YBJ˴Y Y%7{#׽ N;\tѳxd@V|˃x?wfZϞzDa$>QIC& A88J*:7p9 dZ;`q#J\.toN7CTO&V@ْl.Dバtx|`7/ "J$TCLhhي!fk?')yDQПout S/Wr4F3o[oӯ|ŀٱCm({ n5B8J^*T;j6UcAVQ+3OmDV& "ij<9WYI?k UO[&3.ƞ^,*)5‚ !;:`I?/[ _),ݕY fME4a\(GW-n CƯxxkRà$QQw™K+xj 6q.yiJ.0vxjg=e?/mjuֹd+CFz[7믿 P:؛8/>8,oa's/8CY:IҳUc*s[O7mP\p6[ǾL D'b}h&(oa۰ֽu?v(Xe`5g[.\n}puҌK5r/o25U5|.p߃通ʅiYA@g=ny>%@iNr fP~k4>Dy;7+7DG;=Ͻ=/ :mb ^r} 6P>C9ƉDP2T:.;9ɋ,ҳWZJ9 +OG/씛 AiS%.R1I=?\ϳ*htTfس8D"eiygC[٫۷+?ʂKH-=__^ W~^q ?4(]W7pXz?Wh`V樨O]Ԙ:wjхE,@ WU]/nUU4ke6+D` s)-G .j000D@'UYg N-&ͰLn & o÷ \Ec\N(1M#aO &(hwXL!aAt||o".P)h;>󁋗ns7aExb5Jq?hF:#ENYz1ia=JD-h&/4o?"4m&4Pn^zqx6޸ ?0/[|#QvH5)g"Y%"LA~YuMHZ[sy%#?@oUW~ԅء@+romRKvf(y]ZV3\YPf   0Z^̕0 }U ~@ѴұB#Lqb=y_m?0Y{_k.ÙMTQǙ iT@O.tzYWIQSޗQҭi OaOW`D Z20G[{T4A"{CU0yt0",( b^E<.'^ЂOxNe`<&4RsrWE:ZAɢ)n=w#+e:f34y%:PO3DqB+( C&mƣ+ڽٙ/\n _#V~c=|>xd/WS |e7;|%߂ŀ`M=Y3&mP.=mo+ՂҬ{m!ZSl9RF"~P=,ɓvE1h0dK&#FC&lnL>g@MF[l4;sjСw`@\e0JIn{K/#[:E3ԇg>9#/oK[t\5>@/(옵h@mCSU9 @۲"\ ] ֙nH3(O1vSK}iޮx'@PWF.ab昪!p q,irNޡh;4`{|; `r_׬ ytOǎ'-Mc@8)q.nhXtfO˳wO3kvȐU,\nq:W7~qj1M]Lβ8Pg=_0$duct=sm}(8D\f4|=B{ZA)PYI6+n(=*N껊-GabL%PΜ隠y*LХ@XYH4 a.~DH01\Be=o+-oҳXG1@/~C/wqW.|];'f7憾򧛻b,n "us $ijv@39@L4Z*YgE~<+*Hi_K4RrFx'eM : 9GazM=x.Nʄ:Ǝ ub%&1p"a_ͺov׋ +t *=_ Lč`]4pӑF|SKhE p҄7-^O:ƒIқU2?%E*08&rgB<<CZt0<BxRPlRF^&y٥e-PGy/3#m状 40壨v%3vDI R0ˁlv7$S'(F@:]fk77jeQ=>{s' 3O }ǁ>]z+zs&q`kۆ֛]4՝dxtzuNEI sc"K[`|_7|H${nz8 Z+՚u%Aiew=p,A|JV|;/btc\qF YϠ<<;?FaMкjƥJ /PgMcbhkf]wS;Q㎚[7nl1ǜX<\r4 xh27RJJ c=m4c\KtI?vګK+ gNa1Cv99x}5??W:'vڟ:Kqx㵬&Vo 8͟( |֪uG<3t r>L-={?!?I1ߕsڎEy> < ^?f*9'ݔ_azb0𠅝:9΁,d? $`""6W,bb΋+=ԝ/y(504%׀Di!׬c N`aO+&L4u5˳15yL Ͽ#駟8Z2[0?8>`XF4-_CY_xІ}/^mW{=iܚp#"Pc|Gn}a]gYcuםmՖܹ^aT}An&wxS9Oo3I)"ypGʏu{=UO=-YܢJ%OFǞXGnoU6)0Zg?pw71@.'74PY// qFЇ;=¢|,>h ŔS,a}˧`}3A<[PN'C<RTQ$&t&ݳHCsU7s._}7v"V- ,27Z3+R{3 $ WֲNr>PѤOuFaZQXl-\6+p[§z'|/qxkT駟S}z/ϽUbo]W[[DGWʽЊSoзtvn;l[gEUsU4=D$ 9*Ę1n=K^; .jUPs.#CX@0ݎ;ᛚ端*њ<# [lQ;dcwdK$y¤|mYMب兽vio0_ 4y,)9vt4O5o+'(pQP{F8np)gnGt3^^cǜy`|Hc$3 _.m2bxp #.:3byEL|iS4X@HU^d\}n~I0 |~$*Ͽ^^Dz1iȤB4r؝t܃J|[|3QXGzJMhfR 6m:ԖkS/()ijGtXF[_ jY^U5Aĝ 8lyHc6.0ߵki?Ϸֻ|N3",$bWu}iӹL49W_OC &הlr-V=cv+|v"+se/KÛnAZYYYᤓr f|hKF`h'xZ·i&vÏGfd#k.?= #Fz#G~^l?$enmtYJ;?B7n#ml͖uzg &L(Y{5Q6zw&PoL٢3cC$wLH@IDAT/7hqGU }J*'OAkXH}ڶtp&gF1{, 谝c?5yO]Y>즛n6#||?/8bd}*ڎ7գj¤>C=uu{2RK-b0 IIwz| 7fQ^ |(yFy턴"ʖ:F7N T`x5b/ƖI&I>?.َ@ p,&Ack|(vKui*]<"m6B@vxz˶o :b74sELׇuebo~՞ycJ2­;oz%W-<ڳST9qI;;2}špð]UVT6} jZЎ |Zgs|ؠhػqǭ!dsJ+а޻M[h5gVQzՑ,̒{_?XאOᄈ `E'Û8x~35Nt8[NNj ;G._h`Vt= IJ0tf<>^]CܽAiK..A]v{v-tK/GX[epÍ n?鞿eq0ʌ0+. X6%6Wٲ'£ܤ>rF69/iE9٬Z!-@0^9#$V _"DGZ(aGt*0@Z噘u {_7l@qsE?8{%=}9EIIf ȃoEQ|amyžo c*>ciV7lezV\pA :k=EyQw2jk/>b6UYy)%m&EAT4b54I)]iaٮDOhVKIϰ"X qhz-`2!k߾]aa%gfWeUVVz:x5_{[-[Ecen}yg˕07<KWFZz,H=AdipTNӅ+Cve APT@7xZ} E/4|`A! fTM7ZA}s.ӸR;ΣTWUU*V/]3W}WmyߊO59o"nZn 3V̀iI]ԗoฝ2,Oit(PgT9{p i=şzI$V a<)d`$5$4y\}^TF#_.p1mHv ,69c&C׶L;Ie SOUʖ(3XaKCe05;G=?þ^l]hw-)L( %Y'x* 0>;a4Iw.Lo *zRq3ULxJn:6-r%*QP4T٩Ʒ+/ fWiUtʣk9@=[BZ|6;w؛vZ~:77id&~$JI1*3c  3`vg_/ի;= ]qġ{a>.|aqB_qŵbx)09C4CXɡ@sLޜ`=#VU!Rk" zFfזxϰ>@y@i"(P@iTBfwsoo6BHٝ;3g93͏7 h{[rM7Rk|{E.@8Kٱ0#_Mlz}q>^(K໤>ʄӥs,[h0 ctU%'b۩ ϣ | r:Z0X ʎQ \L`Q.:Sg:&VQ&_ԫHsM'zuY;Ry+dNhbKK[!?[ۣ 0Ii@)R\FN jFG)'Gw4҈=G g#0K2pFˆ)$p++E k>fB*p&?]4]wDO= ^QFi.w4i9 ђL2qJ>30rFmС;}_a@멧:neoeyA̙M3\%Ql Յ}^p0^ K٬.A' e:aW {!9+$x޴Ӂ.4|,:ޞ_͇([ķ)-K~ TD2M˧)AEFێf* Q+LAV8iS鼅?u;r&v3*D36=7STQ:@ y݌>|@ꦷn\^^Xf'O?mua@ןX["Vx q2{?EҸ- Y;f$/ӿ歷=ޯJ%_^̨zvm cƜ~a~0P]~hIp@|R \+A&E)ǛG?9J0C@h.24DɯTx'k+mm{챫0'|ЉӤ$j,W[m n׫s nn\z%?-l2ϣZV&/\g.eϧNua7VZiLqBxO ;usx*:t@yv!OɁtAM:+c`1IasŷrB<S<}`07E&#^aR(t26,HT9\Pnz4B6uǦR6⑅a~5t@]w!Cn,~<РC)A-ȿLSS QAհ;+?cF*? EfbBa iGOH `J+,| 0F.;3[T&(n5kyr&,j`$ CAN.L yxh- +*:2#_yeӘݗћ ]]vُ6,!ųk:O躀pvez OǟO KDShha ; aI :^Љ4\&I7FЄF#h?(wME؜;È#cH)d0ҔG)y](\i NS)b#"V~-t>b~rJ+OSw/֦,wA_J@oucCKV 2}%'Z8kQnl*c6/ ft .= dΣZ5 uYnP%FU6,%GȊ`kVuc<3XEEYAx r'6NT΢o6!0D}㍷C97 m/ Yj`|y}㌌a^Q|jt?BCaf3po]y'[^J:CSں_ 祐Ǟ4t9U7pmj^<㌳w+yYR@eKngg{C6\$sfW-| eOz*J*Oϥ!G)&3 0nrVsq֗Íp?yZFymwIϛ{4P픿Q1sV!6?Y8pj$$~(3锳`C8JUQ`tOJHEGIﺏN3/D_SԁTLѲ {Wu@#][ q|zcab!4o-a![Эqb`-o˾dkm/~8  XTV5_QhR*LٸB`xwMԷ}J/! I&]0d~ G7w¹P?m;D. y SL:易[lڡ UmmmŻk9#OSJ;7([Y[n.:_(tnGU?ey䲂$/]|Og{, ʋ Ѩݤž{8\E<8eͲLx8'uq e+_9ªy9n0 yaO˧0pnˇcHQ Ĺ}cdާ2n(!{?E%ìc.PfDSK YFFa~ԯ7WpQFϻ$%wHϫWC+}.82zb#A*0Lje6ETUZYAWfr]"/>U-BaȐ=YC⯻ .{]lA'|'|kҤ@ 9%tkqW]uٴjɶ>hçvbKq_Agyvk$~aC{.bݢSmczxw8y: 7pkÝwa^ٿPW[UQs-d$Ñ5U5յUvؖWpp+b&,y r㓽L21@ BW N<&0CxxY2ġ?,F00Car'lxTj'甥&N ;.!۵*?^?rGj]ޑҰ.Ͳ R۟Mg2jIzW^FnH̆~9H0`r2}Wp5tL 94$ܒ#opY%WIi(je/WW>g?f/R;ut6]pwt`fw[񗿜4P ?∯6Zbµ~4HBC.V^epxoSܻ͆߫>Ӈ^S{ַh/n{ |#?/ujey*Õxx]E#?oχSa7g|s4cG>⏛OMohKo HwxW0[Y93&&t:X2EL DzA-w3"a%arCd~0{rWu熌Zy*ԧ>U'. . -Ko3qvQg\K[1٬3LXKls10JE4%aKP)qbE-ʥ<# lp!9PHw+jJ CQ覸v4&M!۶RK+5,P+o,+T~fqk>$!#!tᅗI|x;r˯~7cW㌓uv =OP_3EN#֥ң>Ɏ*Qp㰔34q}\F6e_ o++ BjO\0)DN~] d  Z tGV>79+_ L+ ?F~[=񪪇}~;YVco2[C_X&@z^>`d.ఁ (6$n Od{M(Lx mJ,3+-uuT4^V~,۬(28l`;Ie:`c1٣B듎3;_p @(lZk.mm07է\vԀ-#s1d=|ܡ^3M$w}o z-JVО^{M#/zVѻCz|*8!" /AǯOlMeIV=.mڶ?  NrS(>|ر+uo'۷JNT8dd6HBonCPZ ӟ]w^Q ibG }8UM  z x! 5OkLjm>)Cyz@]s?7~&/5_iRB Eh&Cbʨ:Tc^{ᅗjVXa^˕&BA_MCPo~v4 g[7ߜs@:pWǑ6h΃__dD+W1V^hQW.#uz%k/K ꣡rIe\7p;>B.٠q)eQs~[n<8̏<N]>M{W \Geze>#>pvD|.9a!|6Fꞎ8b?~*h8uT$hvu(ڿLC8S 34Z8S}PmXg% 7K@,? w1s1:t}wK{>`B~{O$F_nH:|+vܻ9K,ҷMF娟4`5|AYY;]RjjZ'i?9T_:}[w/|k#@a:`@N,! Pټfw::LU?3 %dފA: {ڪO)4+'q`Agt#i9rVk=∃[C^d۟݊g}fml?찯1"805'N^V=,=}n7|GNWs j_Ql@K~ڈ6_,iN+  (Ȳ^!>LQ־3'~DZxp T ZLbx/Lƚm?-Bu@5ay0ih:*ər ~b᠃k]g] ꔡt'4ۨ^RW_&9k?.(Cu Wo{{3(z@K.)|ɄQ fxznڨ!#Q&|3 x -X[t%B97AhEd3ijQi1i򠍨pSa$R0X~SMp tx}ମSZWXatѣN%*>Uw£M7X%"wD~#-"_4BojNnqE֞z.T`3O2O2^^[BiΫ^Nzs Jw"?;S:-}{20a&Vgp3X+E_z?Քȵ,IS[_è8)*A' 5xS*N8xuITSry9^bO]ob Îdk51Jk#/!Jx‹ƯV{F#qA+;@NY{N` G7M_xz]N~{8QYٝeth|Y D] {zexoWzs<18nϐq%8oVf +"KG֏-3M<3Uj9⨫WxeBqǔE] #?Nmg~9 O!G_LHnrt%Ux:5~bl+mO_Ve MPƇ㲝ټ{UL8jYGJ4󚇭? n g3`7A8ݯ_ã<'ń 5jۈn$3,ttK$O Eo(Y). 8*WM$\s B '  <$ΏՋ~B)ut*0<6+*U&?FlQQ~ S^_Ϋƅ-v'ކ@ 1"zE:w3J%v u{hȞ}ė|g-{^VT~A v=]?m}$>^U[ʜ :r׊G@ٖ3$M )͂Q t*@!>dS'j܁[Xa`e8C.*_a+94+6&drTL%P|laE3˗?&Id଎,~\:0ぃ,=Pu* 4&* )XLZ<ƺa^?t ў陟n譖q2~x x_͒XХLC+]፱짨wӭ*^tUSuC!2G_%\4\deQ,!|f0˗{O (XA`\*}} C$7ႏ1n+Rka6J7?yVtWUU=.ZO/ +OJ"o>I;<x굞eWg֛#U4[u(ۿAmc VB6AIO((4 -5 -/5ur>E? uޥjFh.hh28APtpe @xZ#=l6\&T,29σD|`Lv<}VwK^t h߉W㴣<xQϡPǔ]U ˟tok7wX/%/2=Ä!O{4p}8.х>. )"gY[<`0ͥhU(Ad3~MWGB^,?ewhƷIgc4/?u:Ga4Q}y# ҩ'sq{Q*2YCC!iB=*D%բegSVH4Yծ$-&hZq=ٲHDȶ[5яC,;s$t Qq 8 pOY7􈣱BIp!qZy@۷`E(k RuYj]Ɨ3톋ǟOSvzfvL6 .a. ,ZcvjX=Er_{cjiϟ_-wzPB2dpir{|qzkb9*Ebѧ Rg4X&=*+iBu}FOAd,SbaWg'wgy[9{.9`@x^>&#ĴրWZ$8?05AF4anJ3jSa*w#a95y&O`l-{@dI՜NJat'#M( w{0QRS:|AK$E]Ώ:&VoX eaq?g'yĮ5}kWjKvvғ 2]35 J~ԍOiuu~`]kׇ:<#_ \g3~2Y}Jsw2{I P|@YHkMϑ=*zU}>Qv#.֏ܹCoG,7m?T p~xmlv#J7qؾy^aftvL^)W]SZc}mQ7:gph,rY//OYn#G uI1%`$ *(}V^+-4>5ի[MFPB@*aiuxɄଖS4A!~c+,7rɜ"L~+\yH+<MZ+X*ڀ_rh{ZrJ42=sqZM N@8^^PٓVZk wMG-Ȟ[n4u!;\`ɏ>FV/B:ireqZcEyb Xx,{,ZpeWQ3bؠqܞk\^V3Ӧa]O>pX\Pa2 Ff'4e~@icxzؿk' SuR7dFjlk Vā?ѣۻkpt祵S~6 xy6Y!!!ZށEI=Ť&fxDM{τ0(!V AM"TrZMQw8JJ&j'sQLcExĥHB%?ŕҤv^]x4e$V4*4lޘpwWo`/{,xbJ fY /9sWN. ;Lxם!*|. Gzye<ߌV>qiG/?GuE}%MG 0ּ&4Ƅ2z3;[o}UkG|)53 :V]Y1^@Ŋz_HmW]nI_-0!)bސ:heO>FQ^΀+tx~ag5 to㌿jx`ר:*- 2Ej1( 9z']vJ0]vq2M0Ƃ0h'GGtS^n{&h7.hUŠy՗yGßRN!aA0bg,Yo(PaJ$TL~,`D(܏2<"`'@ M$D+*ۯ]H鄒"v~Ly1PDP<4p|;mGӶ"l؆;ӈ<*3*7pS)_X&:~28+-nHǍ[{mLl޲̥486K\5qY^HuK8k3b3%5كIM DZ3̈(x5~Jc*!:a DȾFƼ@9E1oA ҃ˌ8PZ P|&X{6ksiqRa )ѕ V%3 Nǭ!0%ב~ئl7J6?a;<aXPJu?ΛSp|2 zG? ;Х 8^ q%ˇ3o_ps >tUaa^"@( "_)ջS}+B,gW 1t% R=|q&'^QY~K(੄*GSePKgxN!~nf> <{~Qv=YVdF- (y:^,+B~Xy][Xjk.i2]v٥G~@ГdUjjnik,ui3tP¬^ܣm5ls, |+~؎3?nJy6Re) ~Gv"x94iIbpRFu 7p0C}+s2Q#^.{13P(SkoN磔vlt`;cq7ì!i,!;]4T|~Y`dއ) ,Y岴`b 7\lA݄,pX1V[Ԯ %ď<8O^-aOպN b 51(-BV5p=N]͛,|8xdpp 6R  lS 2`ClX)]d22H Y6@-2xtGFu>ocLZz \sk\VIfM۫;Ƌk4TDs# OC'nAZ՘ΰl^~kF̆R0 ~T{{H@q)%_A~ Cn8g~YǏy 'O+]t +el OpyXeメ~xv@ ٣ݴ9@<6:NWSȓYM{?lذ~>B%Rv,j,jhm),ȝ0:^]n'֊(F; 54RbW3:d襠i˯5eZK/{3f4tiuΖvM-Sg,ˌjiaSÇzwm6zpРg :nmP5ruujazrРfa PYB7 |ܑB5Xp@.! @~SyRȀI0#C&tf3Aal3ev}#?H}O躟XV*0)␥AKhL"i2Xb,S"NBf~ kGd:1lyN{Y_` AT)i,x GdK-ctS̡ȘqX8?E#$Ap4ExY&W~ 9F8`f}$tyNu*G5 ac?_ @ӱ\"+1&ʯP)'>,[8 By?N&kyո݋+EbX-Y;uU̾U ók)nY/1@Et\H:Es.һ"B?,c,avHgF `eȒ7uJ t*QRDZb_uխҲ5$% E2uf_z];զ=zծ#|k~EуӀU[,,Cq&)Ci!C<.A%ۢZ+I3hlV\w]]mG]]M.G YjU6v/Đa z}}qDM7@ gf=V(VB&VuGn;ӏM? і+:䆰%Æ#?'Cm0j[PdfН`nK&+l($ȑFH\ci ?vfTH$2б] imd\ xbY>'r&|גF`(h 4ay-@ͅ FaTAS\/XF"FA:yd0Ar1x=ZЧLtE-@Ly3S8*Ut {r6<3]>d;=|nQborm, ryS8gZӻDg4ZjӺPJ <B GqO@jl3MvKQds{+ʞ*,*$f7ٗd1Ў(7yxA<޴h`x\m\/3īr/6ſGҦICN%K@{RfX?~!C[Fҥ:+>z%G 2g #ⱄi҃V^yCh бΎzeT uLʇl+>ltg-ի_Bzi19,9E4fSrj3fIC'O$-QP(+C|Clk X"=>ASƉO|ȓA?faXto g 8n,^`ȓ jk\l {=ĵVz7~ʹY]^>=zKpQ8/||sԂ sP!VK헗][e%@gx0ЈDYPEI aa{ԖdG;'|9` a&N}WP-k(\>U) zvPU6lp]? I5x\pԶ |a&k'!c'0} P|`3Ci%\O Zp>.0 5~P$Px~~ZɟI\ a e[t `Ti4OSPS΄SQ^W \ZC)z1Dq#,YPÂsET~zrV-2_ѳ_Two(H25b"Wc~tȄ^ǟ8唟tyX-ؘ9~.{Z?ղ=uuBO;P-N69DߔB{&o̧PxZ¥HQ!;P$9]=zhљ1cFMW+)?P7)P8Be3BQ t:,͆q?/N?f 1 Aq#k:Nzn#z2a{8O7*ЊL^ ʌ0~ I[{HCr6JUa;^V9+D(oa b;+%Ԗ$w1(ۮeK!XaEi⟗/ʅrthWf<|Pe&z˂>ꅺ 媲sm}G>,+dOجY D̢^'ָ@J=\b@ Hw(@J.KQRUY1O?}}U?nڨ=vc[Y3\e):lcOeⱔ%X?SyC::n[SdC!M7]c =FhsPзkfןuȑCluAr;I7H᧘La]cP9@z`VE;# X'QA|_e4W\ ^um<eސ*A(Weq7~p*~(3xr@ m 9|CQ>e+Æb?B`3r CQ,!Ë \p 妕|.Osl߄򛡽R_}YңiTwI?6/:-Feg􉷘G]K3qH#^ĩU>mB-u zHr",ukM(]PwU#;_5pm` OB1Db἟p.I;gʤ*/.X޺"ÍtvPbLCsp] -Bs 0 *Ə۴&k`ڴz<1keG5jhUFy[ C :(@A8A;ׇW}"@0v,͋nB c |"*(Ka ҡM9x~~|<7=^$;4?(hԼ YIed4{!)U1|J|(Odx  S5V ɵ?*a.G@+=xWYu?堣J鳹,hiO~yc,%CSeiy?^\ߋPbwJ?MVZVo4gg;ʭ%( 06HcK@)^ /TS.JFjKu+V #~8dy.+ À°@ͩDЦBYӿ[> HD(r< lȯ:cudN-Nxjή%w=_o.3?~MJؚr%dӳ0jA*_QY;*edct; O|\ Cn"[O#vn8:ԓu2y+#%b ϸWwW 3L"[& GmX&$e]|crC9 {o>,1KدYYk1rI&m2kh)}Pl_c^հM&w`˕M $Vj[ͲVF7Bbd|{VE3;pgQhJY,G(A/-1KyLWxz+ē< +ywDȇ\G}:Q¨@U?U =] `HBю|c~jIx7:@ WG8%~ǿ]ZwF6th3M~MRbIG)/2!ifԪъNvv@`됄-d {i`%M0pQѩ @qϨ̈́@[K% 8:[\P~xKH E ($ϖl#<Cyke): %.l&I򏲯NmykjJz7ch<\y#=-h8i2C:_*dagʲ+|5oPx 6`xӅ, >|]9?ÊRY1IXd<O&hGW#}2}-=BޓEꚝQ)S9Re_%S0Mal@8TKcq x-)yA,'y;d_{ӭaV[7ߞ'ݲ_kˈ>'1Tm+^% ah}k}Q+]Vnk_i+f7~I]PPcbr >u] dq|7E⧏%,>^[LB}+ $>!zHB̳TR/ˢ+,&xT6!Q<6 6MGOxQ>ه^y͖Yfa.kFcb80G&L:ԣGI43V{ lZMS@BVLHi#&D&%ʱDwJ MP\”X/L2:BfZFʡHF'9*Va[|ZP$$7)aIh_܅8ȫr|/%|!D2Q"a.w&HJPDdD >'$JN^Ё38a -z Urމ;IVR9.82g 8'!X5k0'x1͌ ֲ:J/&uoWr>bQ|BG"Z!_%K v,:%d.-P6U-T~mmyTS  Z ;'ןMy-!`Q ,c E@ǙC'0=q hڟW7Q?.V+ q*:/~dKkΜ>(,sOM*@+K8ZhK%`<+zcbUGC1}V[e۞?7E?q VeM28lGhEꟲ+I_'!Y5ʒ-gm/҃%,mhOsV;aLG-I.ej"Pg0Y eD̅yz.nqRM`Ye7]U8,&eE1@A28%0)Jmw|q;KAҝ!)V ῍S `3; eICc1B@\js| J?aL)wp#})`2+' R,e.8R0:r,p9ayxԩM'U]w=]¿3]IY}GY> d?5}=?@#;:WAcrfo XVꀱ_:Jۭ~R jG; 鱲00kDzKu ڈl@E/E{)a 5Β=vrI+ Z~xhay_^H7|<o,sˏ0 .lPX\YQyd,zC ocfݹz Bc6vHD$G$?P0 (!$"B QH,Aa /`c x6lpY<~o[~t:{=ysjiYvmec^}=>DcƂ_Mr씉_p]FY[,mk.#&ͽWo '?.Mo?B#%Ǿf*]9T+7v$~<]Nke}c'n}zB.ܸUQ0D\Jcyt>-Tf@Ugb#`d+ǐW&fZq왅٩ΓyߥdxQ;zWlr?,攀qZ`|7j@u?/јkxXz,mϠdz 96& c6e.o7]RR5fVn Â3eߐ6!y<ֲлa|m4z4 rc >'7Mq]'P UMQMw\ۆbo J&cn6)LM+eo~\}[lgNX:ǓǀmqzwA>.]?yg+ʤ_+[],T&r'*wdܰߓ}  d%*G뙩6+W`'c _ :zW^~Ń~N24Y\A:]nm*aͤ[LJrQMT$BZnvOOsUo~շVlFVqcSBa^Fy(?صt׷#,^R8(o2ƦʉҺV ?{SEM? yeem.}<;>t-VMw.@}M\mYP{Ӣ'S+@J{Qj#b2ήt,-VҜ E?eW}Wŝխ];^]@+)M/>OhE$VO[ xOk|<ik4VjXce'7VIW֊CLdm}lȴ'\ D:f|/-V V}Q-˗pJ e@JBx@iU s?R:=ޚ? ҵ_B=wWa+yܥXؕ꾪F ڡ')eQxqޭC h8@1LW| 7KJv 0NOKD[ 4ڹ+ )>$VC\nk(.kP0Vg~\ݑxڿT5}?"v$K蔿*U)J1dAeԜ&FǙfz :,^qcjjn@"+)._Goɾ p! !¿ڵE4ӕ1΂\۴q @+r+Xx[{&%kNMY'PakeO:+(oWf#6Y L5kMN>cʢʫ)s^]^q#R,?./Ü.0Yw"󚊄g _ |(+Z/Vf=Q7"α j% 4kI1Wc VZc'L/  9Ze,1lwVmCnu OͳP1_1q E(o%1)`\vfm3dY:ÜnA@_K{wa% d,@/zL1t oҁ'X鱞آZˆ,&5Pi,c_ { wb_LQ=E# Gο!{@@[='(DOBZ TӣH)zil]ט;V4_aM:Qz3]].ɛewT\*"JӸ_$g4z㖂bz­ o= M\q;c hAw^/0T4IDAT8~랏pI;g7GR@%5Ji?Zwp#{7E0KGI^ j`1 6ZC{ӱ'PO>x([0bgr^P<\wΜʠ{TWz?S*Q 4<ؽ%E@#Rv} e&ƮqW)aH&eU^a"Wq^I17q1# |N h-Qۑ^fT&ߤS'h P4[VpOWa9k"??J/KC nUǪ?cͻ's+9&?]ŅQY!=ފu2Q"&Yʩ PiL}(OP{w0Jc)ަsRJƿ9Y5[QOJ43uYM{Lbc7XNalJVd,{]~+@`X;YڐGO!rsJ7&QOf1N6Ib2k(]So]TgL#uC"pNI}P^SqM~KBV!Z1ǔl %yc7ck{W%qDO(jMp`uk\_ͽ[e낀4 5i-/#dZ+IO²kA^oZ@PP|1P+r"v|(uhҎ Yy;7)?&イ%o7~+返}[2Yuqƾ҇`fY:| P6*oM"M9 w>R5w|P5'? lyVƝw<&-xc߅(OmySqXv{-Ž#iV}6n;a]yB~Oe},.PIc-**OXQLl ]XL z o'Pt/7VWO48| ~aah/^tE0[$oy>qZs5gXh=)>c:jYitxTxƭ.e7>kD̥ z}[USԁ8JK'uhZaߨB<䖮br<Ī:~wIO@ ~ŝxb|}O4v2̅xQo ?M_@9n/_{wAyHRCxgRZUǓcXsW[KiTǮ _Yg=e#ǻغ nE:w"]ʼ[o p J _WSd??-)<'fUf7=VГ'=[M"(' .|bWpҥG>ovtE;O8+Wżxc4Y8fqEߖYPx AI)<xgs R^a@ǽ-_rg+W[ֻ!d1(e$|/@/IJ<+yeU~rĩ41Y WQv%}4eyY] -/Cs|_+<'|{{x|,Xm8mJ] g+qc0q0HV;_ﴲ W5 +쒩|!e.*Q*s.ۧ R6~W5ٴ'>Ov!iq 8(&A;k2tƓBt~d*9n%4zo=DS}wIksCw|V1~g >4!u?;boe霧v]_K6%NYWE+]q_'{, x@ ;Bqᱏ~}}'~H ոmS Ėºq-Sc8:V ®?}[i#Zb G6ή˻~s{m?^iy{|_-G/A~!p<z'ܨēR| q5eco;^F{i4 ߥɀxϟ}O;^2y?ߢݪg߄ܨdalF9qq0*9JB_$+WN.='u|ٮ^r&![ v]W(EjTF8Li|Q]qJgKΗso@GB` =7#zz@,RgV .{LP}u< .-~ݯ^r?~JeSc9 Z.an!oo%>t/i2P+*,wg60jXSx((nwJ9JU $BL` 3z>BIV K/]yNyAg2m~<‡GG`'B8պzܭ(Upp]O}d2m]%B텲M lBx_/k~ lP|B;n1OE)יִa+s/\:jѫF[%})g\S^_~?hڍ[j[/kFڪ%wYxiמYKҪީOOF'`y#~%}Ʈ~Ю6 q~S@󼎯-CO(NeUXp땾.VA-}R|fVb2Y{b #,^c\G{UzRX$qC$Vyo h[ a,ut ` d,fAqU wZWTX_XFtrc7@5?`嫝Vu3Iy\@0L/wOO}mX;'/EW<+U_yO^:[X+, ^;L֮zl|U_q}P 6xS.5^gk% 8M]}苔WF<{rz`K/+T ";O$$G,1 .W-pRjVBއ-oɧvo  d/× BȼQ2PF\2ʵTo\}헪y,89mt*1UK}WaOb Kwr(?:HAΚj,W;Q~veMc|-dSC]Nʄ30okl*V :dW $m'(:LQ@ R 7ϑϏ_vh~WBe^"`Š-wΆ+i۴9.F4s$E>V~[>X0G|N> E ^+JJow _(@ A '# `9VY/W6+{~wbqؕ)KھJo*I¾m#t|bޛؘkTEh4ۥ8JL9C@`v0o*Ie:7j@\_o?_g@@:S ҾEQ~Z>ַa@E w8@<oT?4-@`CLK&;o].*H @` &%p(j6 A ʁu )Wcr0DŽNYA`<=#Uu @! '0S% `! mNt(u@8hL۽sE@DCGM`A;% 1q@دG_(k# pPk?;%`uf ~-~B&EA{K`?QXa-Eka<&w}R\yS4 0Lv鋮 ֡d \I88LpR}ӣpLTLCmΫւ_HQFI1 ̯3tMJ`xW.2fPf!0Mz@5vC p3vv FIl44[4ة&-]X v9\C"2!GC9]A(ӱ&@`{PCi03C pC]  e V@Ekj lLK _l2vaͦ4@V+PxvvA:!M =B&NC7LcG/WBsBmx-0H@`ÑRh Ǔ"f<{Bx LXﴦӶP9 >""׮]cdŏ[ 0L (}dvF`B '=tMz @/"Xul Ǯg:ssv vS9h+:i-O'ow4)2*ΗtvLw1UoAX3,L hl> !枝WU(c!݇S :YܟK&`xKx~Кo$-#lN4_'?Vc hxöu:0X eh&-5dvw/966BYy40v5J Aީ(A[ Cl]*v[(m+I";63nwf2Vus5UxZQ>쨯iK/vJ`J-x':qqo[M|NU'WOd캆Y֦e8:¬ 'IUi6 wwQgW; C.Ah@L2 -91fh Ux ܊rΛC"ۘ^!*V]hkaQk 5uYvxF̈́Q)d$,l)gДeM8#Z9O5By.k k 1>.ϳl+\&ŗiC`c<1nL%R,C+؊iŠtM=EX<Oۊj4ECgJ)DZ.YYv` n-TA@`z6,bkxsl # e=D},VoYޞ8-jה݊h|Hsڑ5fnM}:/.4fi8nxu-89pqw Bpn-*.k ӥq چ0X-u.n3 ЗeB ]*R]PYv]Vv9>..i[TukS=Ba9Wd^8"hڪi}.ɪ|΋ypK!PT2Ѳ첌2}W]oKW)&Ν/D̛eȁrdnߑO7VOK|aj;:<NGt&5Y0jҺq]e.u,}]FGALo]i`P_ "Oor] YF_un޴C`C杜Oݠ)d;SPgE5uLSGK/z3@ WY'lUIǤ9 T, [I<%?]`-+|ݶ,+!Gpϫڐx=PR6usgQ\O4iG)B ߕ"PǕ#LY¶6#jvܮ);?ۂ"$pFtu02>Aʄ \+g2kgY5hPl3r'dTn[QjiǪyzaHU)XlNV?A` Bk~i_Eo:W>'Y'<\G?u#vLԋl ~3 *#$..{`Q6G(Pk0>:v 95NJ@2A X YLf;̬C9~*x,Rn6I9X Xڶ-@̈́)@.˶aszns=uwPf4$QgkSvIheX&Z[ȋy>rb(@` ?ԑ@ǃ0 %nAkb9sܗ7çqȺqN geSPJ'# =&T4 4ת`-lg.NʵZ!n>V<7URޡ ^]EoDsy`@)z[*WM["J-ȭ@ot%Bg'+֝,aI[[s8C_j--X@K^2V3\@ MbI{[*v 9@ϱW `8mܕԻUAjmu6BP 'Q&Ù FOtTat&L؏VzV)xm&3ߕbҮqv9 .ccO<8%qZUbM}cDh-瑛_Ҏ+`e!+yR.Ҕݚ`w@'؜b!0ǕK)'V3wK_Ayr=)Ɇ3|nyvͦmGB5&t8{ڴ~kv=e閝mZV沶[߲2NJ[ƪr pMs'z*t8VkS P:lL:)9`?4b>>αSk>B؀@YߺjeV-gʙ3-#xlDum!79(업օcv^ D@kh][(? hA؃jb[YiM814}kwn 9iq:'>Հ3]R):ϸP2s}=?}k>zl+[|7}0QR e'ۗ/սqo׼UrfW[s:vw fJoC 0@``}d‘x!y@P彳 ῳ^b@`v,h N+}c~-E;fUxL/~]ucXѧM?ϱ 8nLPHpo(S; |@PLź[K0* +f pv4a4& j);ܨFhd @#ONɑo^aqMm 0YMy*Pր,]^@`(n^t()@_PN&H^Ƶ4s#CjI-aպ(|@0qͬC4%pBOI m@s:ԖwAH̑{eyPJ,+X)!ߠj ୒ -BD`zk(c@ L!P: OrߕǘOQ`2<_8N`9'_f T }f#}J8 %CaNe 3NK#`d ʀS10K! $9ɖ8W)X{Hz@ 02&Me:voQ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @8BIENDB`xca-RELEASE.2.9.0/img/xca-icons.iconset/icon_512x512@2x.png000066400000000000000000011145611477156507700225320ustar00rootroot00000000000000PNG  IHDR+iCCPICC Profile(}KQ?GC EA-Z d46-S Z4(8# ڴZZi][m(h?k2LhE=s?TeER?Yp`^ĪN&?6olrUS+x_w&1ΚhդSQ[b^,_,hec}RY"6Ya\`;\֞27 !8f,j( )U>VukZQ.|qE`h`~Uw^okb|hkK^_&$;.^N w .V!Gd#sh 04;kN:Q\#W#ˇ5_#Fwb(8eXIfMM*i'@IDATx]Wug47[l˽{ /H!ԔG ?yK#H(l 6ݖjKg߹3lˑdҺ9k9(LLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLL)'Py{ 'MJZ$uɠd@2Tk`&`&`&`&`&`&`c@MGH&I$%8r)Cҟ#5#(&`&`&`&`&`&009Q2Y+Y,/-i'uJnI:t0M}}}v&`&`&`&`&0`#/m0ۿR2W280 0?MrddNAp8rp\k 5,g)9FL!ό?a琟qG$J'&p>Q00008`ϖ{^ >2A?Crdqyܣ-e0)0y @V`G;40000É78F>s$s$,Y e(`# m'/cxe`G;50000;aQϖ>[!#e~ x-_s[UwU+RVվ٦+8 X]l "`u}&`&`&`&`&p `xc3\T $A@^gc?*z+-ikkm\~ Pr?+j:'`>C00008xG01yƾK >>/;VZrci6ukJw1dd@gV+%g/1};|_W+L``]R 4MOW|rͳg#o}YY쮶XKdVjII==m֚bUA*V @V"ϖrYE}꓎j՝2)p/)>viZKA7[^*`G;40000'M~f'XT)8l $qs)^+ ڵjq CLkeogU"UM?e}b\"Y)Y#1&0 0/OLLLL,n  #,??>5z g-:Z6zYǵM9Z4dh?8D(g>^G@$ϒ<$&"᥃&0 0/OLLLLL?3,_"a|* +*fϡst/_:cpppgbOUyL㞙gslc  V4_r@P8-ΐ<,GCKL`\`\_^ <&lIVu<$" O͢د>qI1cDMWv͙1oi+.KjͧTs~k4@{B BSG Y/Y+iv`;٘ bFҭ} %HT3yf =ioxs+}?3s@Yl .<%s0ۆ't1O z,vHw|y?>ՕpURѨ\{9 @ ӃU$J.Apge&`&`&`&`ef~%LK{@¹;":= KLgǘgf8VKz%n>lc0q~vU?GPWg{[}n[?G>@ TRQϲ~G/DdBYK8DXUIWH<-9!`>0000#+;*ɉ fI)Yʞ-lV8F{61svj2KOLw#pfU Dnr+f0)Ds9}v6uPSx$?V4 `;"&px. &+$3" 3A88J|N.}Ʊ֖fIT8jjG㑷EZM](m| @s%-lm%_X٫O>=ڡ+=fU }QO~d'@$@s2dßn 9 }:h<0N N̋xӗϝ70008`^"a֟7ճez[lL/{Yz{:{w][[;ۊẐl:VDJ> e52P9]D0A6l8~kџlӻ.xu1s_~htFVO%I``ccb&`&`&`&`Gb-3$~HYiaU%I֜}qSsi˻'ȢExnC0000M|ubIde,b Tcb19u$d۹g]{9sgO=VmS p!f@'.&nt(ӣ(B},r9?uԦ 9n-E^Bk?+x)aG~q'b N%Ԏ8 _ '0ڸ½@rYSW1Hϖ0,F+ ֵ3|k7|K/lS/h8>IJմ x!;i6*#,ʱAy# #VJʥhh\F: /&oΛ*;5sMLLL> _̐X:&Y}~ceX3u5O;oeնֶZG1񲾘6J=VՏz1?s-p¾'ݹvŊPx77⏗T  z:&p& "w7$8rȎ ~ N ~gt,iٵhԾ2mm+]|1,ZwQ v}WZ[_K1c_%H@KfY^?]E0 ɀ+ -G ]V"jJ[/]yS^u: KJIX}*4XCC]5000sX &$`HΕL`2Ꮠ CU3㵒;𭿺sOx֤gO{NW*UU?aH_F_`zclGȦH*F|pžNltp-bMu9ϟ޾u뎉_dy+%[$D`cc&`&`&`&`%~79K$x-1~6yc?y֟mCs|)ZKm ݛOҧ1cYs*--j!WV>olz4qzƞ2UJi90lb_ +F9pD̿e\/T|pa@sF*?Fu]K vSdQ -vޚ 0($֠GKV+<Ï1ʋfl>;/{+1s֔+3[[۶&Vj-)A1 h>(Sc|_,Nd=ʟw)NʒBT$̩R$rU-$>hwT4秜r~W)hBAVpJ8 ,;sMLLL"ZJoo`/TEM}il1b2>3,_mxǯΙ7oLt߶ٳ/Y:oFWO'Ϧ+`WÞW2Y߼ ?Klډ* ?o@vJ'VA 7{]]}oz+6[ׯtr_] 8 pvT`c*&`&`&`&`&p 03璥 z)/́"1[f_#;Gaڴ[o{z:_#g2Z6R+ ? @vi@ ٺбM2K'cT6i姊!St@,9#\6*͉yG-* EPvus 2LLL`,`\Ll?cۓ%KfIF=H6+-¬?3k$m/o_złS{S'hoҤ Wկb'}0 MpbAMR=dRĨ\Ϟ۔gC2\0 eَatm#hޞ[̙3X{w6*ZTO(ca8#q0D/ÑGg^*-d$9!,y.,6%6$(@9BPI|sn 8 _% cv cu#/L0Ny~I<缅 g}G2:!F rxa7l)o.O!EPei J-M/Tx`"Sy""5t@JsF.82~&?~+zz:w#1&f|LL1e 9vKv@:̍ ŵL1󏑏`+(:GfK֕v f8Iy冊peOB;J6LLL  KF@gK4!`E"I2qy˸ %H0oK/=ϙ{GƦ?̧H5' H|Jm$?_ȣqgsѢY;7U|C.$AW+ "V:f_$ydG70(;7</my-(B\?+%o A lFʃIڧI~.@ݾ 'qɛ%oO1AϓlXN/-$vsg͝;okJimN՟mɸOCQzCO99$[EJ'@-CHQgJ{My3I@SqB8@B9X)CCC^X|?,w4;?HFrG~8NÑGʉhs%x1Qtk;cUwʏnebPNhO1ß٠?YQK$(Cn!hfNN<,a@ HX r%9X2;000LH AN\$a<;U؅qH^8Ðc&=l^>z߱ݝ[;Zwuh\RUub+]i3g?h}fõ|_Y"LL@ɮNmDFAŖE= =;@*HWoTLj#2=#Ejb3yWq _V'a ƹu0ß5:=DmPVPt*rt TaWD 3́%攑4(QBDO,3,xH# u;LLL `lxcɫ%Kc =%g\»Diqi+gLtR8Lv+S_b6d溢9,.(FDFY(/9.ͦs"ĤzR+E#ԮgQ$ļMXY>V.Wff"0t R̫rmϏFbɒ9EGsZ @j"}W36&0&0&.$ J yBK[\8? qrlUso5+_xmEϏ PcGc([p pO:ycI"ƩA'H/%̓"_j=b#sH׃BAAZy~coW = pIÖ+7o: # fI(adq3@p0yV/_tɜEz~wwǦM/tĬh2&U:ˡ !}0*y(U0$*I*lGiY{2fK7Hy 0Fޯex* HMET)uM9sM'kΦdϧzIdRUO]^MUndAԨTq/)/x{?5:ߛI&Nb 8 vtz%{( />6}s,Z8+q J`E2jp׮3ԅ .M۶0qh;]rGq#8{k 'cד K\ TaflKI2U_ !]`!fMиcAD^t^Gϟ=gT'"haoC =5Z~f{Y6yı2Xj8"1Qjd&OI\{ƑeF5U5T{h'vQdNvq>mpMèM!&ռVJ QbrWC "sU)(N[ 5?FybѢŖ-$;SBW0t01A`cLtם<OR3m gE-'ीu|]py7ַ<ǾFb@HGH rߓ8D']!_ݯ <}گ 8CiIROQGܬ 't.NGX(9G q<'6>rT,b֬)::(Pl "@etILlʎ$RNQG^eS(_:'Y)_6x8yi R6bۆ1?21UQnӁr'IYoB36{Y>mtk!S5TM ^[\qw|sYr䃒oJFO()?^p]C#?+xp:ږ~OzV>K gNJرx%'g[=SB\h-C#[MqAatsfrsQ7oF1} 'ZJ :aMÑK`Nݒ$M҃ _GY;)S&~ڹ&Mڛ eg9 N9$BkW^?o;4!k{s?$K\+Fy>po]%m'4hn;:ۤW9$w/$wN B? g,+'Aa5[(Sy-^_8lԩCr|@BX2+Ҳ1`g8HEqˆr1]!_#a'{4e+gs|>SP]2!T_̈́k[fFF⊢8b"lՃfg@pmd jR1+SUwJ*tLM_VPSR7q̹}Rd:灣$S'-p0×9=ۦF~(AqN#_&;%ڭ_homŅܢ%UǸ-jx,{܀rY~sۅݻo;;obK ;i\ S#SZ*V&QGK:hhQ:$Ȑʤԅ9ʏZ See>!;QtS{iQ0Qw(/C^`}%+W.*ohv8rL cK{?06t0Î_XA Í6a 7.$kֻ 7~vcէLڪޮtg"LH/Sgyl]oX[7C;}o?aP|P. 2H~$y@jfIPU `^PTJ P3(peҖ3dY"S /1 LR:"@۱Ç=}G*c: <t!oB9tJ :J|80_{ i]x&љܹ3eG-L`H pu,U!d>՞N%Ғme|ҼWĺt*HQSXfC~F&aS>HMg?h2:DzA*8 iS'̛*5 UU!FUERz4ܴۈ/$WHcٴښxN,}&&OP[yeqfN2NY`O;2UÿPo^/Ar-[%|?X@<}v?2mjWg{8O7M1ە z}@i笚vǢb V_ׯ۶' 3 O((*[c fN/Ѣ.JVF*?W:8rwk&-M:uݡ&@} E|RBW)KA`&`&`"@1bI5;F?id$K%3N*/|9v"kURmE[S~/)@w1l_СF2+9{GwC_((2>CjpC\S{/|Տ~-͏Y\T {9&W1hv}8E 5,_UoiQIqWʙ:KG|{Ew)f1HyUi;"veipp`E 1Η;oSsG28a&Hq p AaSBچ5 4ql" h)=kTW * U*hh%wk~I.ߢ8V 8 yn >3 t$IXQѿr.q&!Hӫd+V&҂tb4tQсQi@nN*O 0f6C-&h>N`j@14lu/n['\}ջ^\hD`tzF$Jm-; NnuXSZzM*:;KsCF1(9vMz}JE+-W*c¯InvL&'TwF0^QX%ϑ\yˠB͚: LCӒW[AЧK[N9ppsB7@5ߔ(Gzk&`&pD@R?Yd1*0Iɸֹ-_:E/ L!ZV:Iz>S =n.Yet0i)TMP/>Ub]V=@ ހ+Ɋn7@ԓCNV,ƫWymj*WNS=U'cDlJ˟#Xȭ>9H.P62#=}FmJD骲Q4G?;Iܿ=̣ib?pꩯ]JM[%|UjQ:SN &K$Y(/ߟ|FEt RtXY2/!`@` >%NajhVm)-kBfCRX}f>F z8x9`v tT ?R.$i رN6|~#K$K%;Nɵ/022*c !nY~&fJ0r9ʒm 7:,28(1.YV0~ = 9e:&g6uo 予!ppˤ$ |{.POR6!XeyrQ[0OԯQ-;.;[n7g6I @zhL=c}%ϒ,fȍ7o- *i 'A>tܪN8n i-0@.>#Arq kT9:Qj4* M1<[a_HkhZ֦ELkM* ЇґYp̽R_V"J1ڡu)dgKg@. yc;ղD!TnYWJ_T?m{m4=$=K2Gꓖ΀X UKu4; /fitܙU>mÉâ4Vɷ%vLLܿ]HcLD/`3V.Ï.ߵOߚjjh kPjDFiln'j͖<궖T9B;v뤚Y{::[Dbi$HAxq,`;+t<@#ݰ~ G\w֟^km9CgLdx94=Nc ԍcv\F\g1<6i%@PkY&ϝD99*7cgIx[^O~g)۹e^p.Y/ x |nd8M ȋ=TH[duӍ>Ϗsoҹ7)f1(VCJq#G[Ojӆ-CZ-( Mh )OhRJ2*Qws} Z '>V4|ı?Me.Ԗ)"{ d?C' R7$ߗ8 \܃U#؏l^$a9zM-A:GΟ\^#;q fa) )Cf1tgR5ų/S>򤚨#c? Vi*銌xRGxN1OIG}:CQ^CQśb oVwu֧?2cJo~]E::re_<k t"JRap9mbvńWڮC;cY\sŰ".$dԤ:8fRʓ)ON!3=KS*X| iD}6M] յF48L٧,_"Y*Y,iIbQg8D8DY3ܴp$[r䵒K$(|nz䉛Rs1h 0cKhX(vh0&`(=4"IUlC 8j/,URw֚i?8O4ocTCzxxTOBt'H8~ #A1.dBazd,)+}9ס]dOz)ZU+ڤˈW@ WFٰ"93h(]_T(1k ȧTWe_!ҕ]ۥҴ,ct'C^1~I &ӿtk%NCz9?Hpd1j8RK:,4=]2t ݮm{KXmGq՗nݤ.贁vREE+]/aD(MquGdNW~Eb!EHy>{|cs洘')F2Oq>)YL>ظq+}C'G8p)K`O ;Q ]-A_'a( ;v.7l/5.t`ތmm3;}֙G?4 F:'K,p-J!b'@\[;qh=jt` PC-kNd/g?;hO(E mL>&\23m*s#t/fɧ%?8 |f[(Y&XA.8fKec66TI'}8D( \c F?q1Vk:6wh81#v$Q{F~٨ǫVQ[^:MbxR 'ڧJˋ zTc)\%o]s͏Z6ncDx_ͥ'?χވڢX#8fi.U/s.2 e9:Ĭ}ʑʔ\dW,u):Wc,<ÏL^:9\VOiR4P^cUeYo u-[Ps6؎\J'^?grPuݦ N:qbE2[JtmS1Azr3 {<<ӭt-L =8f` o*:z8 ]Z5PېDCqS |X lN b9?N6/A?uQ6G—0a˥؟PcŊW\vٯtw\ph=n@e74 x Nd&*9nHn䧯*8bou"`T>4 ? щ18Y a3'p/k\ U-9(mj}-ʢY1󱗀3?>M$9Y 0nY2yڲ?qϑ̖̐mHnLxxNץ4_9qVWj:.C7 m df͒8 =-Gdj:G#%d_R2wt?򓺤2㱨!=:4Jk:=UΣRW*Wگڶ_7)!xsX-O Oԓпzo2qh7Y1A;sV ƌ=h )"c#{B @:?38Qq=Eɝ|1}PeT79>sg>BeJD}ݨJjb?m>޾Y'\.Ò]z҈>7"_Hn>Ȩc8;"I䗒$IIXJpf W\[ zoGi%@WWG3982c/x +5+:_n7-D[oSS?7VtW"LWMmÐW4a͒_0y_4~@p G8ZG/˺حFvڧ=)׹UJ[S#.5plը o~N?C>2$d._U u_s&~җ}Q7,ߕ|E L^C֠:"pEc$< @_j—P ߲3<,&gfO22,Z8+)~q8 $wyۥu̝:Vm׶d0q>-!LN[0:Fh$^YGrveP}o4*0qr7%?``&`cF+PH<}fx %ϽtS*"#,:~I Î[5slSOETk5{ֺ '.vv1I2,E@~-EM|nFu#-5,QRXv}q"\I,g?EWb`i,5XQ3ǧܑN$'&1m6mRٸ5>b[,9WrdF6 ~KtzធɝK;he 'EZS!+&_X%wt]m*E7C'V/(b|!y2iN;=({U*/rԩZ% DLS̞=GPA.=0s洭۶}c#_]pāz̸$ N5:^WӦ >$=r#7^sJY-znd N미_gݓz^S ^GdXaKvşg}; [5TL fY+XWh\ԓ,pYr%@MY̠eEJ X e<%ʰO7y?3h}V2+e{$S0#-]0Om=c]-zæ˜yq`[oy?[l!#]=A<ưldtFKeՖj_Z뫵Ԫ]2Z*J1A:"'xepTp֙Xf̟e4$WK~(Ap84P &pp熆:@ۻ$xDr$ p>V?W$]9'vzְY)3gL*/8Žm(6l"[ V9Fv ζIS1jՖAD-9b s`!h*~czoy!AO]"Ri'_7"T[h˵32E/PrNIL"v-3EY3؆Hb(,B>IC0̶y ;{RK^p^YS:t_M2ߥ|܅3+2|8w5tU۲*u)bI(vT0YŠxTdFĖR2B˸eʪ:R9QujJIo7li4ͤUh/22Gt+4Y񩂜4 {Y+~;z?Zu'9Wr; 1WfʂnX|1  ~L,ZԒp"_\#1Rf:qǼ$/q 6QқT$m8b{ C:r .xfVoܬG+Yf9sZ_+[p57{{4v *.[W;GAѮ]qX4 & ;QX:t0O`?qx{`1S##cw\LZl2 $0xcaϐ\,aпV0aǐ<؇؅c0 uL~B1sVn_xŋf.s*fpjΩEz{=[0A1@zCnL˼̻#tG?\AYU /B s%Ywg@`mzvʹʆSb[4EzyNu]~ǺDmQپ}gdB,0a1X+4_E g=hy<5E _Ǫlvqr\ANNI/% jC9qҧ #r8KZĦ/sЮ*?Pk3WdbG'ڸrrŧ'::ڋɓ{ZբK?oCPxb1>$c~`˺u\>{ K.eі;%HZr*L`7;4j@X)P2Y7oe[>] 0Qn)g^zjx[[kSQl}tG*)!m^(uF<MB`% @Xty8!?ʫ <\q CȬ:lvrQGV9>/=gWWcݣќe`=Kx 06(ӭ*;#p贉$$3>GE'8(]}3W.KvBۊwL騵TmM'GpRhjR++-zZ>ɍ>dT@"蜛8-u.c{(N$œVG~4O(M\T& D7meO Ol.IәRnݺ~/+$g\[#7B ,Ǭ{/SK~ _89< c/$iT'hϛx/}o2\|Kh:&FyH:U/rW0P,9Z@ޢ_N" ձE [tFu2мKrcvk  fVW\\u~8uވ,[n5͛S}eH}{&8Jp0B`7JM`JN̗pcͱ gU=hP#3k}X0.ū^'7kf;?QPS\Mi>`G=RgwA8 \b< 8ҵ7LoPZ^ ǣЊ5s7ht&`&F ڙD1!y2?r8 p` []űN4"tG0=,}E]r90?S/ev%KwwgX]+ 0469 Sm'C,-JTO"Pe:a?W4))ɴKq)0bTʤRXħJ!ч )BЈKeS|$7_~eg/< %II˧ :_M.v[1|HyZ2u_(E9 ;Qp'!<5R _~}@% ^G^ čC0#s"-#&VDޒ!VGt|oH3`{+{׽Ո:g3́A|`W}[2u~OHΐKI$/i :SEA/$ч WӛY񍷇7wzmBϑN^Nx/"@`p2(#}]V42aeҀ兮Lw?_*k41m}S~Jr/ƅ*NsP\IE_֕I=ɉ81_/@[ߑ\+n8{&`& [M-*LT skfL< $ⱊ "nXlk>a$a-hQuo%-mik=qƩ+t|}rŋ̞?MvMtxkl߱ow^͔qOmZ e/RP ޸8F/D|#IF/AFJ+ԑ\GBlYse\ C}12->eX̳9!MT&Fg3b7Tog-\sC əfIR&p $ W M =͏o?>~VYץ7sϹcOnnͭYH$$1X1c`༐g //NKxccb'66` a!fM Z#hzpU}on ,ԽTժV]Vڵ~bESnt Y c_H$N^a̓>_ k Ƽ AF I5:gP~,WxjQA댩WkWc7q k@t;s~иw|uݙV7;ve}'ؽhhVn] SS~oϓ;x>WW~ש^rVaW~bj+0x-VOF?2af|Xi LZl>ݳAЍh tCڌ;Mv~ÛciY<9$[ lfH :l k N=֧sO R^Mv_;gkf8}4ƕܔ60ϡc;c U;b."2vxj 'MXиX ku*aMw̝l\p1݅h{7e _cۘ;]{ӻ{֮^z׮]$ яcĬ<x.a!p-"t & Ԗ7|u(`xA6k<rѧmy(O(:k`\5'zS8Ϟ4M+0xqjy/z__}Q )ΞvD =J +0ںJvB%QYm/Z~ ZT%oÛ/] 2ɠnj/943:ŅHnJf&x/<2dFœiCw|un- Ӏg6'*S2.;0M2-zXTzɔN~< N槰muyꦩ KXAQ+O<5/(]S-l$3)˳8IWFާQdărEV:Jŕ[n ~9o^.[7 6vxRj`IH ;5;=W;NiG؝0;G>w3~gxwd[>̓>yUo~Q>pr0{bՈ7.|: 8BI"w)F5P9f3b!AF_=rs<_rw%t|tPSayӁm 6_cN~y|@{2}⯭Vvy v;HsecL_qK޲i_w?u9gl\yB3QJk0xdI8iۈKM5?փy^{A̬oݺbcAb[~ 4qbÃed8MNM+Ji.T sDGGd.NL4pV`_~PC6>x6p: S]32#FϻMD"O '-4%OzgZ@嗃fu~| s!2-.]ِ&&sҶDtJ[Q /F'}DET%ZI؜s.i78z?G'}⾚yLЇM5/¯Ї>'QUs^w8> ?YQ㮁-f0csr$Jg(މ~ ͉W{}8*luqm;+??x'mE迏Wnrv_^ pS5+pI8&L?pʓ&.~,.|#>HQ|PX Hc> VX@؟Cm*DI,Ic7q <j{ }ڒas$;nTXqw'>u-7rUǡa5͛sldO3yn{]XY3m'wS7nXwq ]k.Y@PuG q+C'EJhA]}F pI#qTh0$GK̗I! yô1'J]KqW^#rhHÙ# ;;z畳KvqFFic}L4N-ns|Hp ]۸A[t!OلG~ߛ_݃&Гf7\dujg $GtU9 ~o˵̺h>$J+/ɑ-?zfjp֖G}xW Pdm VDݏan3W wCsŁEqSN흴|@A~ NN\J&#iL]&YlQ7o"vlsn~|M^Q)ô@J ULVQ!y>6}zaw0]\aV:qmu蟦` հ ~Oo!*hғoF|'4GW?% )1Lyܔ>#| R7饛q3PfWK2?H7C|eD|i^@p)6HyePiPL~s }Y^N4z߱_ޅy8aKYWظ?Gc{/[_zLpPo{cW͘PvnC{K u$]g'㻁~7m[7jWSIN\޳ ">p1YШ}0g`yH.5x:wh g^107?x--,GHwP5+~mE)IAO+H4}kx1O9u}oY0Z%9@d/>$tzmq#~307,'O ixo8o" >%w$eTgA &yj$㝽({[6ŏJ P]l *;:#}>ɡJInocXPZY9C<{$}K>w$ZfoJVW;c7_1g NN~B'\g|Ӏ>쓯;~˱wDWMŏo/CF_vt]p5ԯj޹Uƹ6䱽X)K[|o߮$XL/2w|qp?_c󥗲5+d1xN*'x |h`g k(kÐ&L3VQrB<|u{/"W^y; y,`}< p!gR1l  .oAv*$iE#kg@e~MV<\9VJ/Pv|$z1iҽgR!0rUCN,]BƯ9P,_;;bqݚm9p|:َ}8rtg-(TN8/_{M7~x_"y`@%Wc7ov 8:It A 8{W'}3?ܱkr: }\GQb x>/< LE,|s,,)b`uW^22:0C. kuJ twq@%+-8[e0+%"2Z>;y! }46{w#pN0*w#[\fq_+Kv*Ptn\OV*g[n^NL8-/שhZ3}}~7V`kKlϹi3sZ;~nrB{ҩi*]>հc=_BBҌ>"7 o(ˆZ( , _4YsHL4#UPE H|Qˆ.`t֤| 4CEʓ/2 Y]Nݻs5|a>䁄by'JJ"K+z7 > iiCc\MAuS:cՌ[ [s%V'+Vxi zI@|)~EttViBA}sHEzAV U1oAЅp#o~vrW.̤cHXəTWcw֭ s_h|^LIe|z|0vTc^N/e'cѳ=l3Vw9'}9GX?~3o<_GG&y`,9;ۛIWO4q1}io>3-g_5p' 9~_@yǣB@IDATwrlN5au[9YXXXnڝ 8#l>=,w>}v v" ݍj!)] ;9};:s:Z'~5۳ ; 8/@v>lع)vϦ+d|Lӽ?M4}yk^/:wտ\qo5xz<{Sӓl=񏀴h\MçCF6D=h߅?YҩE?TYL:A/2 4 -}ZHy 2 Ҕ[/\)>dȈ'4TCW9+ eerH˵u!Sfȩ\sm)j-./^PtP/2L^q~C.\&׿2"oR;P{dɉB|T[6^8p73y; '0L~BKv,:d7pNˎ^: >dF@9%肴BCv믥nD: t FUќZJx\R+6?i͇ky5ͪDž \ g >Clv_[P2 pgf6_czj8a~˺6tF cQxrtn۶Mᆛn罵Pw=o_+>ƛlʚyUEipNw P'gWCX@'hReN]?Ȍщodld֜35lc<GX \vHBtgw0+?Ppec e0KX5Tgsv ^+vtuǡ*0M8;Zڑx C۱s|}hz6OZ5Dm9G/ K.\0[@ْΡ:ѽ~rb+y{N; zs$xQD3ģ4^34CNT}D4 Y7O}\4˓䥧$ReʻGGWrp OV~Kmr( (pE)myKg}b{rp_9 ";t.\9V# D_q{TNӛxOܧ@>F 9k 5~ 卪&: guuo.5L<(Q7 ܬV'o M+,}i=Xuu໗|wv-ej#,B*x0uƚkZԺF C7;6'v;rDuh|saJP߰a-ww4 n8y5`n|}"`jA5ͪ'`pCCo`u㮰`gXO;H'{sտ{KWy3M/-,PЉw Fe\~&gp],alDŽ@Sz2c31OD>沎z@U=j! &fhW@Zq_ВO Y7 ןFg؁BduM8p`q߾qP0I|ga+'st"8n=, Nsvk.[%Z[UM؂V4}e۽ }Ώe༪}A|wx B> ..ݝ庠WWS_P^nvi^z9oZeF:Sa`#v5Bk[d?k<|{V $svo}Ӱ=P1iavP;)()D6ȡ|U !2[/gSn$WL'XD#\.v騣0d fD*.k QfP֕uPHV_wü ry , [Cӧ/.Nmq6$.rh8/ڿy 㮻&S9xɿ7Hj<ɚ.,Zd|loon`}r&3O@)Ɔz7L/';˨K}JJSu 3xi&y q&teel\U[l /l? |z"xսt ةgE絰,A;drُґ=<Q,eKOϼ^cqŵ^w?ݸW wݸ5`a~|T`\ +@%MAǭtw7aD*YE|o> ϸyͳ3'tȧXJ`7L4Û6w1U- ޽ws0_4$x`pY@.K^Z&Z0M51(OU&& r"" ?L6@'¦8knl[ܻ@;b-ϓ8=mxH?(q1 ʀƓ`ܶZ~US:8 iZEkE@U%%_JCWt!Jo8>H8׵+ x9n81,vgc>n]q8}6|D}B:?y48Q.>ePθ/$˟-v4tdt FqCUi0g<3)<dKN\]Y,w<.׽t5Cɯ/Yx):3cL⺲ѤL|Cdyncjמ}3 +a.8awKwlP𽖄u>fȿ),"󦑾N]x?>gΤdAJ}jtX{?ŅFWu i2h|iu^:C7\;I| ׍BLt/8sr$~ lʟ͐iҕ^#tuyrG9}}nvv'6n]qI Cd\ WN ·.ho#Ә翸;~ի^rqmؿk) x/jƷEV?o%,B0EqCJ0 ~ YX ۜUm>HrK_]:p "w!G]nr*"[sK *WUZና4vߢ5`X^Wۀm ~mQ?muۆa۝Nv׾|%l޻ q' x̱ÝR~F\q߁z)s'/blMPrǑ1vqYAW7F9o1|fSSC6d?W_“˨\f<.'Jqw0^ hM7fcf\W*n8LE{,of]cz}.e܉c۵y?Gp"yMB|Yj3L:G]Gr2|$NJ?Sz~U*N8n\ ƄO.8:S;L{}w9ow|b/骗|%7rJs*S9O E4HzF9Ρ'ss}[wuECpA]C:,8h4c'0DK=Ca53mDY䛇n `|ʆ/aی0.Ozgy{'tq}gvGL9k}d r$< Y$ 4HpXp+A })}em@SYWv{A·ʒt!+ΪW+wk~.F8-Zu B9ÖCp*8ynޠ-ϻ5r <ֵ;<{ 5QRۅ8#Ьwp Zcj^9ta;@3?Wg1GთxJah!^p$Wu6K9Yi~>Vփ{o"|pmߥ^7?9+ _(% A\gT{4aَBLCvL0<$vމ'n)@=p.2~c؍k1@wDx5rxm$!0>fc>3݁m|gm1sÛ~wƟxϯYꩼ:;[TtV+@d?/?_v@|$9Ak8kk{R* v@@#W_\s5Fg̼ǰV0q+ Ya<˃Sz-Y= ;-;)vFL-W#;xhhqlC>_[wh0k {f!'sZ?bz!~0 C!|/0.z$`>4#pe]%o a<ʼn=ơiu!Z*v95Mp&o>g5v#E`'Py*Ɉr[21/4BM(^|ɕ^躼]̷kp pW6l'.SLZ/Ou 8W>o-wpp,gi;oܸG{xqjrrvM̮/#N0Ifϡ~XB8Nw@E}XhOPcd3,&@7͋>Լ!<۪ +\OˍۗDB!jʗCOGNWFHQ#?t%,vr}L̖1`IZ#+ԥK йYp`ܧ_{}g# y<֓[픪󲴣8E cmĥU4Wضjib{1ʆ8d[/aL|fQ`+oiuq;R{i 0wS۸*ielN>vGr-7o-~LYkŊ/X</lQ??MY;:JiאYH4]_@ֿ.tAQKbfK(:ԢMl^Bn,(v~<>/~y55p{QXBƩ!d4f:u:bHIl$VAkrYep'>y󮓶mZ7_,ᩐ@і\DEdZY"=F(fgJ秃W2h;zut}8xN2xx8}5+׍^crNNIo*/iVn+u<_⊋7n([{\`a#ݭnaZ|mh5wG|.U@YD8J]BXA ^ xuLQeȚw<_,X\8X~>̔UQC9Jk`%|TzeYƥ1^y<ആ&wprWCWyuq"k|nT~Wӹ~ud^W^kT$h~p׿ENc'ѡM7 XZܳ}Ջ=џ/Z5ϣM-/rC;+ &>1aٝQKNh<(ǭE0Mǰ$4#9g >BPxG6*[#vFe>W\ysWFvq)Fy5.(),b"ҡCʧtRD;ct;qq~vL ӧ.)7EeӁm7p48Q+ܐm"F<C Hziu7Sn`2̉v k;rVQyUʴC; AۑsKx7,SfofGוݡP}!V:|Ч,nk"<>dG"2v ;G)8"}MStK0``u|]KTId쬊. ;s8~6b9^llT6 ݸ'bc7'\Xn9k;>Qgp|]c|h<:VWDADgP)LWNs $} S Rɔct(B|辇[ `:19 h0w@,0Xkĺe?&8 hʙyGAfD,Am#-B;Oy~[3Oݸgs褓33 o{APZv*vObP5|Npy<̱s`ރ'}oOKYG<33ԦyZ#rz]Ӽ~Ev,L o޽N>"./Z%/}*P_z ezBtN, 4YG SKS.ȿ._ͫY 'JxqJҬa[7^i []J?0v?==1? x3.8C>hW<`U'zrjz7cmSSU.zvdInuiyߟd{Z^Eڏ"\ do.xS]IGb "#iwDuD")tueY<SM)S?0g?UxzkɁf^I+.]>TwKVP9υϴQ<:Uޘ;_õ{MǍt2 H ~s=OG4X1nP^3L:?CPaXșV~"7NMD(3jp#TKx3Owt%|]`TS=B.jQ$c|z1PG65 z?<8#79˼ !>_g9FD[IbHb҉nޕ_},DY.;ѮD佋7!n"a<.~J QULm_r_z 3#w=tc7k؍kɬ1qPp6s_>;os>8/e2l8>F$D(zM \ C SO6xk^0ӻ}S kWꝀ-P0HU8xL*Q-I[HV{/5/ ` Vp-?[S<4>3**p@|!z 9_8_?hSUi,kb@N&W.<v׋-<|Z^<;ۊMSnMĚ5wĺu0NijN___zՀ "k ,`x<,$??5HNc%>>"8-j?THX. IGDuQ cJ]ܑi&wbNr klذճs7o8/lNjbp҉kV/nz \'`OV +zzv ;lh6b"?P n2}V;1!xƒ"|QH^!{d-Sn Ci:@BmH}@̴1%q ^  _JCW3LY%GE]~d,BklSVJMS2/X^GD7ܤ#\/9]̻JO}|;w#|M.`&w x)@ 搹|¹ PF~ri] Ɍ?A`Y #7jW +Gm;I*`F-r -][nOc įfn+BW!9zTyʗq5 +vb$DԈO,g " KVN;:bD)r. Obե9aӠ橃͎/wlfe ԡv `GKbGSϟ<?û',|H^VjyFN/.ʏݸVWL#58khؿ+Y[D ؃<\UD +Wrq zex3?E5,cHs03ilϤqz`N$7>y7Xzuc7l8k rzo2 .$4x6f>ix`~νqǽ0nkX Y9`q4O]ǨTkW.O M[věu4 j?MKܑe b9m/C-tka.(xhkEڹbp%mBe{y]|6gBlشe-۶m:pY'zs߲yP7pxgaLbس4ni;-KqTOÌ754!}ɿ[n?VNXn[a#Q12 K7_49^_qGu`}<·)3KEY_GWwc7u elaj,.˟%S?:En\FLL/ P0Nt\!|x 5O}iߙ۷{yPoKv}b'6~r\A{БX (*dG&dVۯ:tyM]WM#1Ժ8Sޱ?z Mt p)^,8%E 2jED!8p!ta#@5:ysvV8ȯu%%]?uƼGFnMQUCۇSai|>0 E8v`G2YOb,4Yq( bt gr$}~F ƺa,`x{h! T}7nmk4Tט5m3;܆ ?|jrz#۱R8yq1; Eۼ _|s=3$|m"2 䟼 u)y^Pe2zE5^\A7ݫ*<{ nIܼ cVLڹ@mZ9 Rr!K\W%C&c]|T kuaqhիh/_ZUX D?}hO!0o?";acn`I#7a'=C0=k$JPHNQHh?q]l 3ĕOd{޸7]O|IcZ%~o=ӖEv4#r ex]ROi) eke3t fx`Gh(?-/yӕnYW3,md>9ojӟn^af ~`;pp"0-R1vCbI_KQ\jkyn CW,tc]gu93(,%5a <@^F/ㅋ/&Ss1V946^?ovna*=oC?~p\5F@RxbnM ׈o:euew[?/L1a~<cojrDck}3"ݑqEgm 嶺( uZ|o\p#| "/kn=]901x;x6&֮{hi2'/z t." 2W |m ^!9\X}sɇ 1x׏s,Cb{A$ܩ`cONcxε|n`!03%ў>;Vnb!fHO<3#Ţd7<^ _=Ke$-?ZTH:+!úa%mŒ~;jv‹m)/òޘ}@Vo+?ٲλlUh"Q'.8͹‹ ȝ +}TRv6'4C:QxYI5kRJ6|p͸ ѷb dpK+Mh3oGinm4-.Z+hgO}r2ϖ5r|r>VB ZKוYD:hp-pjfz;wCW^wݗU0[ >|SDۃύ C,7/Djہr1`6ʓ<_s 6yb] X3ݕY0p }6MQoz;rUʥ,aDa]PF,7͌R gx$,o`^;uܷ!<sOLRFivn^2Ua~u R53UeC$2mqĸAUdi9&:J;O|y9Iceܝo<ી3vSj6|(w+W 9,>p 9Gm-==w\$‰6 #QNc .W`g56 `A]_@@Nafzc zZsQ_1bꋙqheh5WdLD| &;vAN1ߎlcヌ˿1^c?C6'ICMj*ẌECf:"M'VxL vO޼tZ '"B9}xy˓v%b@7X?챬8 q2@?SR8 twuX fT ۝W\$P8:nϘpgBJdU?(xf0RvdideZ~e$μQGz5X@/֤pF0Lo1K%)xwf.7dX޲ًTPn<H&* <ܷZjiK v. XyF-"6k~G^.v-#+pzR$ĭM(4!dQĐ?>jHLKaM&dN^'H2]*s.-WfF^w:ؿ{{/~o]W _ҾÀFѬF-Nh]Xrę55XkjJ:}uqT:鏶inb}͌lah+>JyLށ]*IQv}JnT8iiK 2'ӌ>V.Ev1~?t%7zty> `SOr 570NB 7>>C.(V[&Sp ]uC"#8>TsJ>gPr_,e5O,>L=d= J}| #b1W-;RLbo߾-.;oOwmn37m0vx=_op\mSKtxS('u.׷w]0zۚ 4~,c qŐsY` cO 0>&|;a'-$[~/>٩wܹ}A<;O\Bߧ8A Ѕ!ŤQuӍKc%~ ıd+_BG:e86.\`Ж%iB#$_4kUz]\W]]N=U]#_މeW$h. :{ @+!_303'V`N(Òy5_]9R)@nD斧= l)\x )WQ R%7OtD%?yҕ%s4*ut7b7;o%4 7$dUy+I|K3.4GyI7I> 3tIO+Ma(N̫MKs@?UNz@")Pw-+^zTd /ŋ+n8:-Tֵu 71wºsK?2^O5ã 9Tqz C"L7DDK_>zD{޵"njޞt[~с* ;2Rх!t:۟K`@* i^8RAIo+›7;z`p}֭v>9='osu=32 4)=sb,tl6JXxYkcښ5xƙ ['8xgjߘ@2VIaCk_y #/G8ygmA\G HWwx[hG4%lp&WtM&AG׈'ʚ{/u\1t_ĦWvE[quiEtE\Vr.]k}([l%e r:J$ ,$TPJTY,df93SBB ?Ul}nE+|.}\s.\%Kߴ§P W#.=}eT<)/ӓo$s$e)nĈƐ@IDATo(E3;u沂=di4\ZMrm5{?kiHk=Gt:-\ND< q(+jm(QY wbަ!l3RS18GZt)#~$cʲ0|r݇B|˥LK̃fwFrx^ ֟8]ӀL;܇U7]$ X;]46JܗƥT7HW|%`xhk_&sIKp7BFKRїfGvxq-zS[y/ZSJ捸M_Bi˵4{* [{rP>xӛ~h۾@7@^x\1q <p^l9|?[¾#uې8nTuO0?μgif$)51pØH$plPMtbk:ƗtpܜeڧwI@3;EЂ~j;#NR[' 7WƮ.'rj@&ai|oZ?X%5hEZ-J5rKO寣>}y%y$T+KǨΡw|,z%%oI'me' ԕLc);Az֕ߏ~jXupkKdۉť.wz~>=WY*7/]WaH?/b@-4]וQ.M7,Jne)򷃜esNuDwŁ]o$}W~sGj7ҧ|>_YiwF>/Mlݶi֭VT4oF+\*m%bDQFBc>n͚Yvxlhq> w7؋?v5`q <p_{#v5hf:;;}+g< 8ζƂ}?ś锓uӦ'C&PF}b06z!MDrU4G%=sM"O6lX7xs/\k|F-ou;Sd7x 1[Ȍ2=Y)p vZaKFthF訞RWE\s9m/bePh)]|+w+9mƳ(Y7UG-!ӂ'#1QTVVCx?9=* 1Q!3c&p A Z]uŏo)M|~y)oK[iК.O>q蚼)s}Ke}siMAOYp`:ޱ_&vo׊$"@`l`-q {N:?$؝g>θ{8nlx b6UbZA $v-w~=zBޫSUέԩ˟XlIc;ڌvQNb3ID-,NFD|ܪUH"ۜPWw-\xhϕDx:~yk9AR<.ZٽL ̦q彫jknMj>˭ ,ָKdMcHÏ3@ح Y0t \c |&[u d7`cijS<X:mXyb2*s,"60E {S:V)~[z%oAGՐcV'BF!t[*hs<IT!? .E)J&!6@CEa@]4^M=ah.#Bի|+VKfHS[r +ImR`H82q=98'QH`3wuSX'HY6papE]L~>H,) o%Fy84-3dΐKòhمwsu=m9LRBex$ZY8 { w9bwz!]qK'NK yrYN'PƤ*:\E$Sɳ%3QEga_O:%S`]Y}E@L݈}6(p~dHKG'2r٧qݍ=_/ӇkO鳀۴pv*OٺbEc!'H, X':,#nV+9q`ζ.tmC4.+RcKT㵽۵ zxtAhCRϥx0L -^d:x/ +;pN>ϛOLTkb"u- _OZ^%rWJq[ ] J(>rC[hvsf~Ǝsn:I)X=4"t: 5X ktC<<dEv/.ϨUr^R+m -i./!0-H8adGWu0IgΘȳ}GB,T\'X7 X.\T)J[oӄ2D崤C*w@u U[;tw]|pw 9v|TOyݱ.6沙HOEI RyU]t9bcIܮԯwuuQ s&7q}Oi}T,@A vWϕ717 乚\B/?G Eoa4d,^vi:kZ lNg v(?Bx+b<0q,mMiQvGelb!E'e @Xǘ Nqʔ&:e@1qj0~(m*.:/,XTރ z .NZlVߊ:%S,=ĆӰI0{;vۉ_E;"8zRYQ3Ȯ ϡpЁs65RDA.p^FP ќ^Y;Ep*4e'j6xG-t"'{>*iB.-ZymAbz]E@ZЛ9]Mry7Cl7ݖ`7VySod^4QTEZLI< nƅ g5i&BŅ$ERb垤ΝN/qG{~W+;mTӉzer!is|+;!#O8xcnn"S$hKd21)%d/Ȫmza®RO (C5*>rU=}ݳgh[[ yPLƘp2rE[ 8iϵd)p[M8xhU t:_ix*SyzD>W6 ɨnEf~c&8ÖQ.DdU a,Y[:忶P}W+ʐAO*Zāyːg$ys!a<@I8߳#WڹE"8~dSAQ#XlLN*[/;c31y&_9GaMᐩʞ,xK4jQ{Xj7X*~A F^;Ԏ1Mz."yƾcϸ{@ye<#Ո-V~y^ !|cʳP,y,p66w8l(1rE"Nط5710XZOڵ- ;xd&` h<92Q~I-p$8 9N±xW8# I}Q^MN:xuM2R(TXfJ{Uw:B  ;k_]]p맮_|[#t81v4O)먘xRS & t$6,#Υ%Z\mP'`C,U:UPMey'2)NxSƑ>/ z#x%m0 O b!"+JC|w0R{ /qLmo=ET#W+p, =egz 桓$WMTiK~# .bo¤ Z(cd |M]"[W$ mvR_(mEH.dk'a_g :tDV3+ f+OM^3@9}"IxhK8<L'Oy)ɂp_Wxhl=ཌbw>%p$4H2J]a ȳ.pJAG_LXcuoĻ-Uڇl?vr݆'ː`,aGk%\z/yKXǝȠy:h&hf?=-\9s=N­<ڬ"ikƣũYT*g>[}G5'ouJsH=4]s NMZOy],+hEnS}v$cf]=xtwk2]_ '@lbįɼAڦғPF.,vwJf\,{ߧEzI?[⌎.*4 G2UNiۻ>U Gl۶~u?K.7}:/V4ۏ7 Be$ʝ~'XNo(g^klr o0{Bey慌-]c׉s948C'x itؑ^ ::z&ݒw` %Gl{΢?˻Wt{cFUkZL5`٥N]JY f[,Sir""ĉ| Vp[8(PWq,~j}/?W/U+SQ1֜Ecw4h`ԛQ!"H.v2x4gP1x5,տ3ƽ;p#s]N4)nD7L%Oh87ٯ+3$@EI)?'8[\3b%ClT:,Uy3)<U >Ø`QM:.ގbI xb@m,O6 f9/R^_ u_4QCo )])<߯/AE}e(~9=tl4m./ ?j1Kվ30a}xv x5ib>>3~AY:pEqvq-Ʈtv$ ,呿ʟ:"CFВYc 1]E v?0-MAtmr}=&T݃Nd닂'ot2#/A?q,l&tS*7"ǩG;(hhyULYu֋%[n߾cמiSN$hGc4L` GcI Š/-\Ǒ,8]aH'yCܴ.ރyuEcҏG\11P<3NȜINhd uق%Ciisw  ֮jEl$`N` 9k+p0OfXmN:yV){Prъ[F9d.t8hAhi n ĥPovz^K|PHDZyj#If1Jr|G8pJu\d;.w8x]ۣ:9.#^[Bf!;0D;>l-2xiVJx9n|Q pD9D'ȅ=sAGJ[71xf?.y8i=Ԇe6y򄏫Q+A9a~'Z碾y&>ad LOzOOE\K] (RZ7:~pDvp@Woo3 `O0ּ::Bs#S\ⷁx vYE6&=/!,,M[TVeb$3G>Z0&J([g .(iađE;'8q 5qgLMDV\.ХPJ2v&Ew{aw(- \Gă Oʠ:Gnȋrw8T8x<ڌC8h`|:Tl!9Y%/.4Yӡӹi#4X>M(]AQ/$&^s}$?M1ir_> ,]rҾĝ.ES^h&ݹ ;|8˩Zؑs{U!+nQ7TFP߮IIci&O}1ywtl9vSJLUH8cę5E qJ *lBi> |5Oi~pBZW5yvөG˵Eyo.lROw_uղO|&1l[RҔeM \);^{zkȥgqu7ۿ0C4YF;K@#q7^YLyɩiR˦qF,Kٮ6˧Z~uMp<|Zwhͺ{>ixw^џ1whkO=S驌So@DޔrCЅhĉ} Vk:+t(lE{L6?7 ,jlU{;O   + I5|K:YV#g|X xQ̕3CcBu^ NYP9^ڎ#p =_ {FԸ':Q@Jfrt<HeeD[(#%"E&^K)+(YeDte11ysh2vz" |vN>J\s^¤&[VX{&BSnrq>v0./\LA1e~{C wY?d^;Đ'rπ曞([%"+C6L #RxÃ0]Ж2r7zmm$$rZHZZ ’[d7~SyBdett<4/o~l 6ZW-ʃtRl?1WXA'lYwJµ 4t.1GVq9w?m˻JO h=Y ZL u6Q-'L=):38*MළxOVEHBx-Ry.%](X&hvvAucyI[)Ժ!û5 6blRB|>C{B9@GV`Ɠ\ #;4L a1H|ś4" ݤSIîH!Q 0dV\/0'U+ |*3BkCv`숇,҅5i>B"}Nxv2c J9؃#bXW啡 QsLeY@}^zصP+A X fk.ASHwa,.QHU ٹ ]2qlUWim6wuh-UsB{fhbv'>ߋ@jQ@OMC#3&H}POYlUuoa:Q-'8eB@mrKEY \M QJOڽՑY4!؁ &Qm]҅Lv2us>-U`rbx@q،wW'>s}-.7kִM4$&iH4Z1sǫVT&9ҊqRy-qqw1Vcb6ڭ1RN,ר$ աYLyFsϹw/:u~gxuL,@?Sa &hfdPԟ X6닰+6ǧT'G tDҴkt`a-;j&4B l޻̳^00hJ 02Oe GR8+w"-u:TW1 /b6xє%&$>cA a-nK塠ߢ2Y6 4^d#x0<>vsX/)% T&|3Vx &9T,'Â4#nG-9y D/S؟3(.xoe>d.E>,.CյL;Ip&@5Ȣuz))k^xN7dU!gkſdˈ‘&o\b]j oϹ!mZ^:KZ0[b-#?ITn=M*^j p9 g h]~<(CSd$ (w^HU2nO*I Ks G3\*]7p|^s{8(/Xw. f) +J\Pxhħ% M,ԇJPx=,. ,.q'(e{UbN8djqQz8= +គ)xT~Ouy:*:ש'u&Br3I~2:ȇ.BE_>qт6wb"J U(,2Vl?~u_|^ ;"C+OWO9*CjHƫjo{Nߒ~O5_9]Y$}_l[q^nsx:Eݬ1y꬟uON'<ШSzrH䑶D}J^Ehp ,BE?:gwޢ6ЇqZ[~yvzh/~?}lUJgm?ӊ _-u E~OG?h?p_C~*Ơ9nVP"+ g]n7'ũC0 +0HxHܟB\Au0yn_ '5lm7f ; ٤#Iv.d*U=٢qp)sa榘iPKqI c\4 r]E UD5Z w2(gyKZ-e@RX2.%t%aPK"AyRM&Y19s_K =KYoT"-V&*%^ꚋ߇ 8td'up5pWxE"ty[T@nh!LɟB/GbS&M{ʹd;e ԎPz2epG2*̂DmD@("}Rˆ|t@܍ z(x%IVv<L2@  h3S&;WJ 6E8'mq` ^bFºdK!\"LnR&ȃi \KWzF0~[Bz4YppGɫ zxJApth3x‡-8zmuBY`&|; uėQDv8%}Q>.%} [K<lX=NHC; ;m{Um+קڢum :߯>`*VY`gJ0N4La)q`eFGMDZ$ x s;9OS;}GЗF{4?%G\/_'I?Oqʎo ɢD86=n+@mC䡒Q.B>hԢ#*իđO9cO/>e𥗶֟yf}M[:8$!0EE-0yA3At2\B[FB`5$L ^avE}!JpsXoTj8qOBA 0UPoi#qWx|0" ުol^vr>tČ7fӖ$JRH& QCK."'7ȋ&h`:18Dp'8 ^d ,7rC*!q1h>iuH9qu&!DC;rBHA$ІO a:,RIBdH2{UL9(MrE̓wtܹ+o~(yh'SeŒ~13y ;=v.j* !iM^uLBbJF8OUHs9vյ T8X̆Gm|w4Ǹn]N*?R<htS2]5B+`ᜂ١J+9w!(kH<@P %C?;3-Dy^KT+,<-GёgE3wfK5E+9/i:r☱Θ1Gtm}Ŋ5}{7|slX(ZydA65x#=g`r <Vυ _W% g򘈧O)7tv#Zj|X}QvMm>2M6RG:o1 xIjT:1uAjbbN,M+/sϯ@ExBaZ5.M30$9V%Zc'yKCx򤟉2کp(rFD&HHaOUr0 5'&؊v L=HET'3[4ƀ$Xh/knXp(_䖺 ͖\`"&! J$+h=9)X *_!s!'# ),^@ƛVB:>3xK!2=VܷH`Le/V'~cMˋ+lj$"S:(4:9I2uaCq&V5)%H"z>[HeR@,aW5NϨ H#B=%~ZnԇRVd՗/P;ʮCK`_ 38d!0(tIjw1A՜w8` {IHpxpLowoXwW_9aC l (ؔS'"|P ZVyC}Ư]?ghɒ^G ˀ_PNoFv 5rǘOZ7jq3Ж :OyXd4axdOz!|pWI _{zjLL ]K= gk@1WK&tj-W; 8ч}23Cu}P6rFAVBNA0P(EzC#/Qc=ּW]F϶X&{f 7]6(-?m `MD- kz -L=g nd$cnV(ayg]Sw._9[qwėmǸ/JDwഌo< ޿/?KPӗOc[i >D YsvT[ߛ~P_!{x ~_PZzo 6gX- *( HGX^mwyMDb}pX~WN@Z}Рό'J| N<EF!)PnB23Da6{%H!dx4*% KhbްQF"/ D G-s\#r< [ngq϶sy.\IWm2*2G&Jrア~U4$DccC\Li+H[k7۹2%`!pi/]LJ"3#0t:, >XxHmt]wċ/^B1i ޳o֏`I}S'w[205Dk౿i(3ݟf/@p}t T/˾\s-zEA265vޜ>p`vy/wD`^yv C 0fv(_Bk 8 XL>?0_3*;0h ' _AL䟗ghO0 `ζ7tp~5[ ,wrۀRQ 4C~Fyg ͇;<.?<-㊟-ߥbz^ݾOOYpoq~^dݭzbzm/cy"aЯ>9_D`Ú$&%!g`fڬ=p"`˱'Sk;@i^*'7]a锝rCmK,M%.%QGH#l1*JLL УJvܾcյ•J(lhKKW\P..#4ՖtOP8I}p#Ovw=Nn5 3d|]d*nFQsN^Q7&] +"",m%m)/M'iʮv8y)H- 211r@~9M1>FK+Hq޻zxs;.ߧΤrK| $B69@+.>%..XVa0k#nmXW`0-Ok_SGeé 2"Hn`߈).N}zBri&iܧ34%;&l'@w n@HuRx5RasnWI,؄@;݇zr ςoG]@+c+ dH$@Cd.;l]Taݘ@3{=.s.BM#UUqtێ'ȳJقLOˣb*g '4C5% { 5LȒ.&<4TjpVI~%xv8oaP.ߝ"(UHK܁1@nkf ag$27uHY_ Th RI."u8 J4뵭[oξɓ' %===%Q+"InPSu`U#1}x _|qs| 2)먌XGN>~/;m+ܩֶ/|o^X>W!5Gm@ţqkJV?;?G$a1%]P:?\٘!e'o{>Bp>G\.i,q9 8er9^|_.͒ØKuߝr~^#5}"b4߆Q {ӯՓ Ke[݊BuyZa=Kct@^PVVxY̜_1G()w} ߔ4q¼Ikju^LGЮK~dԉ?Po_s>ԓOdNNcuwOϮ!}RI}ݥZ}>MْUm|.?/rcQcluUF*! XO]{޳l`wP z-N͞c͙z%D1< ;s[ĶAa;@Gc}n 0{"z ߌ+1 1-| GTW+kEx^ca /|پӏʅ2KD9 8^+xtU_ѳjsz@R-]z?kC醂QI^Nϥ3 `L )©v,e|@ 7!ă |X/P ]Ya|/WmyptL2E%Swsσ={&USLV3Q޿eˎj:ov5o|NгrSzX7 .8gg!\GԞi2"|u?ۿ]+Vyǵ^bnW[2z8¤)X46kH nXITNxVŁKkLI$!ᠫS|=7/SԶCNF;v0xP[ &^ӄ>C/k͒c 6F&絁 ?XlyVg<ƒTg '/`t=Q-t5pei >AbX~{4n Ae!˼ ܧquoٻ>NxhϾw_"z=_R|oO6;,E(r=-p"S<(^[Wze%0pUرl.{Pe"aygO2X<j_oIcIsz`-&HzI>Ŷv42wvusԉ't&z.N=IXQ;rVz)sDK$- vU%BɅ,Ko^z/?{&]A|z&4\S{j7ZU_Y~87.Wbb+Ԥzs{BFcׇ]dxBʈzt#8E.Z1\FU,iΩطڂgNo,߱~v s^A1[>5\Qԧ>dw j N KKCSv>xeϽy%{<81fJ70h%v96%+豝pџр؂TR{l)Ovo>Q l%ݻ{>}N6eZ^.Sݠh1BD; ͽAo4yËN"%SHCϜdth[LPF*:`riqnk MM4ͫô'B-j0'8\O1̂p$gqdF8 Xܹs?qZpj+T Vur [%e1xp^QXk}=k@)pí/}.Dsb}/&|t|mn gu}ַ'M83.Jeu/&Š <*M5]a$l_Q0 El'Tד|'`F%ިcCV^!RV- v @>xHWh\)1C{D:4, \s &U<';)c<^ sxES|r H;$CWgAat&AC H2G~shrqY+0\7i݂*g#|*]$rQ$*/o8o,'WfwO͛[S2A޳OɯrZnS ?s'?A)r{Dir@NCIY,=XZ/oyݮ0?g̎((1耎\8R ,s=?ns$5 ?}5">(' k&Զ쬽+z:Ԙ3O^]LW5qzcy#鑻?wJ3*+Id"͡!W# 0؄Dځ-MZzssɭ=RH֟TARg y{_(MޱO>:<"8\OR:1,[/npOFpN^=]G0i97Zjqfr[O)vWIⒽ-==ߵmFMN߮84{>?OsΎ믿O.u0%KNwն^{5),it`'HfA.Jqn6,+"Wz(T~(9<hŐ~a9 <G]((la"˓±;HJi<;~%Oa2ۤ6oyUܥ:LFm7OLEvj}F/Oŵ@Gҡz9I n= [@AQ)bUInh0{g5m.R:iD(y@RTn8kxomǗ}MH "i6"d iVy(2a[6@phVƒ?`# Wu=?s]O'Lkp;EN34iҤ5mb֭vs(. 9sKj6mX|eB:qҿN3n,^|[ AD5-/cKӬ$GU(7ץ6#xX,|֠[NuRL;2.xQ \UV;;ᑮ ^vePfAjYӰb'`S ':YΎ RAr9'Mk\[W;3Է~Ë  tnp̯FЇ pL!y:A_4aFDO" ` sޗ^d:=Ϸ.YhrO^f,q}}?nTo:q}q:7 drI\sYf`Ty# ZyTG^9)1 a! HNh;rgϞ9}hI'Q?఍ ;C <#A3 '7\6#ɦF9ڲN5t5sIsU]Nf;XU4 <pxW#x\.y^!:tk*Ϥjʌov-xbSq:`Y4ӟceVe@Хe9?rWp8:!`ȼOл| 4{DpήƩ;€= VEdxr ;=pWcqKp1A^vE_JX=Q{nF%Oj\0S_zW~ t;E~N.x67YD'-!}.e{ 氇mKI󤈽o >ُRuaM,okYuNˎz&2#Fw"& 9ԹZ)3\v X&i?1XPnx\ Q~Ek U8f,+kppT;&|. l;֬ŮS'"k0{;!EfxN.-[;ʮ|3r$s$$RDSH`Kc=g̙cٝٙgfd[hV =DIQ 29sw]~KUlK,]sX'Su\4[1k={z'+E>& ͩ,K[zx]Vqp ɓ'x͛ݡ#B4ZsMt_&4FTiqYt ?PJU?~ȁiMMYu,OKVMb6;BXN8*ŇoX8֫( kJYut¹s[~Cv)˺UdVQ1Oà0#* qQQ9\3&\ y߮:32='zVw4c?B$d]B"R0̿_jjMODF>7qa#``S_F ?4tr^øL ,,+#ӕBc\:~py><ӄ!DAzOȲBԩ>:t=浺! K=s.$,G^]7qne).+eY %nмOs`p}`>jY~]ٿEw 5Thě=7:Nd/4u1kߢ~(+Ha t%rÝ,B1/j}P ղ?eaٙe&k50\H32HkT'kTW4Js`^BdoB~qFQx"oG1Y'~^:ܦt뙒uX&R'hW3!@KEC;e;wYVdK1p[&au[o]7;_|qS3lN!W $($2sʍd3H>z[THsIPpW.W?-^Tj/IC.\ʝ>s^guF^PNJ6KbԕKOUWhr|Ev=y A3,:znu@4ah4[Ɱ(:h;DȌ5կ<жeο4<stpگNkQ L5Y|袃2+橣8W>nj|2Q8=tп/͙3%au_nD@IDATrWz?%}a#{yzN)0ϳn D Pz`oraiY8}-*ZH!kasMaƙ?iWg8FFW 'Mp7"׊0;MnJiMo, 'MC8Mc4#eA[rhTDگ[񟆼{&Ƹ`H!8΂9W<oktC'*_ ~%cUჇ 7ݻҲAg ,Uܴt8fR=&9u 0HmM+5ἄ`B$Ld+ O6x Zt0u>Yu4H}%cܭ+gYHxV[nYT;gڳg/4 Se["{T]4볲JA^怽5?9@@ zȰaϫSRaIC/u@K3-wtO5zqzZͬ2nV[ŭh P9GOf0q(he,ttpŻ N+&EbA(i"504|Xۢ`2MO nvi r!.2dk |XE3 P "l]}2bf-O. ڵduxe͸ӰBtL,,k׾;hMPv'It//z<]8xl!NyOykpK.+ex^:lp0.5-' ! /gnVVhǢE:ChV[oWrM~>tq Dcȗ[ ɗ:i #A2`+uK/GOwԪ\)U/Fq"x]#f %2.J{v*=ŪŅfOC݊"]XM Y& _(N `*gHb%3Hsh`\JyU__˫ڹ ,%[ >OӾ^Ef*lZ[K5O+>U]w7nan~ =w*"UFOilGp( a9vU ؁dkx9Rܿb4B~`cbT!ށ\|CM1Z@:-(G<|G,ʀ)ՠp K6:_h#W3RSn%]hs yfQw׿^ZMY}/x1ׇø,20 ]7TB YrctBdQѲ[0tJycjY%`,(z60*ᤀtA_FA1$l,4 3\¸1_{5`V ?rz'ͫBk4W7B4aJ bFǎiEυ #ZfJ4siI8ߘm 4džpW4V2tܰt%p5d3%Vn,#Ͳ|\}Z ,n14u O!}|:)ez yPWW!u/4657dK9t+Y=_S O GD?b0 u.DL)KrA;6b\C(H|J[>.lFd7:8pF 0E8R xUsm]K}9SNJUY|&mqpn}=G(2̉ ж(a0PUTɎXLR@hԏ80geW5i g=g۷o(8!| ]#WcnHc<8S,RAGL4(o<0:VL#-H;wK^AKM"٬A.jh k߻~@jVUc`k鐷Z|*J8$plfxdVQg$ %SIsN s+*vhe@^YB9 k.i#.+M:V%7My4PӨ:l9ݏ4Z\V`LSs=r~Uzr<\g7X(Yn`O%}yI: (_r`쿓@`\xE\ߔF`FLu{=W5 iZڇmÇ@d|ÉՁm?AlX7N<u̮.^z?Ay=^4xWbM4H`ЭA44ވ8[%X<\|D:e/D˖u۷>08 ~*L]}̞=ZW\ ìJVL9,|Yj'f8 1a|8p-3_6.!xz~o{WYދtKf0•nqFgas2k5 p8s\ғTD4 G j@~ K@DAYj>f22PY3Efvވ'@gc64muN[q=tԶ-dLӹpBТ@<ˡ/i! Ԏا5Qp9X=ScsqMYYy^o&Ǝ ok8=PVAK=ЭDw8WW/_> ׬feYaY |eߖe R)6^"zPF`ك[j(]LPܢNԽ-#8۽p%#F )NvtaİBV^YWF~+T㸀r}G.rp x#u^6mr7^^㹰j붂~𭄺o56Q7G3.[y^X ۣH[ؾ5 #0q 6'B^ K#.-BZ¡\¡~R|H xZt8UƅQU#b ^ybEj0w:vخ͛֝=[~+dBP}*ܦ/ vFJPyKIG6j PR2+~hNdMmj[N(hMӥgjw`A="5+ŧ` :7@jG _ L,Ze)/9 #aLoąVԍ1s]{aE־ r®fo}o}IwXuH;$;Ke,4t}xXWsI=*v'idm1[&&`V޹Pӿڐ[dV[Ԩ)ԩgDTVSa)Q{$ =2P\AP@1;.N kPױŻn'%  ?!2 2@  Haa`dB"Mr`֝uͪxòEkxG.]jίZwy ؼn em w-;kufAȑ#{0~뿫t c1ouPW#ԨŘ[M|_=ˊ7=#x~17ςeg˂{{ϓx>XgÁQ p͊sRUVzމ\bn(`FcaÉiҞh* AB*P`\\bYS;<\sy h,L yԠΐ&Tn .UhXhƖ1C|*_P!B#48xLUI[. yMvd-Hl(6`BOcbdE)+Z`Cq:"0?Ax6uX6qI{o,GC݀Vm+(`'P+LTڞEE•_?GB +=Ī:9j,@>?V0gVxOzUb]I]-j)%-eﷴ/{<+>UNUcǍdo5$g!h w F}styEiH\)pGVcSNw0Fh$@!js*᫃b9[4k<ºZu|"4 \e-D_9GTO'eV$##z,xUܲmɒcǎW+B[^r+W׬| sǎ,ݻߪсZ3 nݺv;긾 V=X`woy\ku{\{JgϞ/hYxɓ8 PtyMmq!:p2Ł^-Z\%ځЄjW_}xeu۳Vtt$M(]=㡞?4>L RRiVX4z3=p$=V/xX#>eȈb1cDy"Pf+ Rx;k_}5 &^ ݒ;V̪۠0ȔdGCc*cjc0)O3BХ}G) F4JKU.N} 4:LoE2:fH絚 .x0lMT܋:4LbOS[Ը8CoU;启00X"+48A 8nT5:xpញ&MarPzm[m_~+$).0ZWX 7ٟ}t)"}vSN";8Lx?AA>9bȦomȐ=Q%/9z:gu;OйƹuS&ӀK1u,oX[Q*L?ws:sE~#3VHA;:4qc)z $[LF^5V+_p||G,|8 aw?,":{cYÎFN?s@p eڋ;7C\:D/7l\O<]%ܚ#⋯+޵* K G 4wSKkݪ{{~/F7>|hi\.r{؉ʕΜ)_PMSVB8qM4rG>rC;rzRy"> FO}~9|+A,ՓLy_{gϧ:lXSai Nw(0M(0[D8h\ \t9@vJ8P1)qyؙڑ#u(`̙ Z:&O]w\%ZӣV@ * U(8 /DJz(=!Q_@4/3p]r@f__KOtmvY&^U׭]z=3t܅Ot:ù6-n]oվnV6d:n=ظqkɓ mm3gNկV6ZA܅ .?g]٠_uޞ7v{+&C{zVr੟; 7N-q$,բ-(/i|pbZRD{eLWN=$X~~;H"~F/<7 oW53*ً3dH?_~z&=FaC*@KW>2TץQr(Z.<Rիq!)6_Fh Fu~W 3"6F Dӥ!8j]2rwQ}Z(CF)|k ImOi%T ީ5а`7 W=RTm:%~# V }jݕO16/BU4YPA w7Hzw69@{dΟZpbːg/P͌kNTTPJRW` x$: #h *U964ܦ*(38y,h  d!^4 @: TWjA)3р8>Cj8fKGZtaǒ% 5 ?{xcGݛo:MM ̦eG3;-} 4tuJV 4g ZhHgٍ_V7AѣNj7nӡ}Y] wuKЛ9"ҁCꆾЇ8l^}キ fuCkEAaK2;߂+:U(*0CȂgccV}83u㬜í^eD19p6CnLX-# TZؗIT7Uj --myxbϗ,otYz+i:rn \꒴^ۂ'j.64 t Ijq |FkV\"f706iBl|^"&pfaYϪfe3\|: ܬbck>RxS"aw o"\gҹw~0rzP6 ͥd$`Ж)Ю|AKAѲD5IkiccA3sdsZP} m'OwQ5Rk&N]]uBj5[WDQ]~0Pq@1ͪMnA\3ֽ-{5 OUpNΧ>uosSSS?)3 _jEpsZV02OnZz@ɮCg])z:pbIFx jaڸ 6xg5^>{#?_;z.ᐼcV ܢC L5@sLV*r {5pZ]LN~_-zQ@a|e=+0 ; DEO.ukq]̣KoBX ]~՜ ͒e D]Åbd4q (bߍF((aʲ'.iޣCkϞX:wbf5[W tEB kUi8nHYOGmŁ-Ob R *{t92~*3(^ӼZ@' Q%V ,0r-<`7,kzmvתX|umZ: ^4.Vu$0^VPL>㐥[7>UghݻpVB"i die+ A3``ԃT90tPeAPرsVwԙC|s߶hYGOUoL*ռPE@FP|$+µI ׺Jy}(o #;5["]Pk(wJ9>OӂR:JU,+shį!Af\d '7`'\xrgOLxrׯ9u:fFӻ:\ Wgo&:Q'WFlIx_5%+Q Atݚ5oO6q %Ɨ_^Yu`$,fku?!;/(a,~,=SR}{Ĝ]<m',M0kG41cF[G?oEik㎻Ws_ڧzQyU1}^;_l3=s\k 0?BCvYe'8 A˴e\$ TPQXSiDz(kPs?ZnsO+:kQo\ԹoߡCUyD9#;lIdYQ%6N($?qp3{ DG dDvH3>ikOlYx ̘r='s_hKgay@A'et#, `25C,.!mbW lS?,p!?~l"7FʯtpS>Iϓ̸eCoձY'uio?`gjvdgUaǎ5~d 眿6$׻"~yެw؞v13^X\Է{(ܩS'uՕ'ԿJhe\]MMcf̘00 %x,08Lx/{2uWRŎz5Nۚ[]Կ;$WX8ۛL T_& 2!6{@}L 'nđxC|O?zOTc eK  :jsm1#ðxy1 wKYa0L?y _rtVڵG,{Vhgh]=ί6o~VʇЉdxOi&w~kk~'x励h\骶֡:ӾNς+"wIkߕ5W\ص`Uo`)?J=3tRV ^3ED̡?|_K:oo4ߜ7|^ $b ;njӁ2bU! ?*pK ̽z77Eab%S%+ٮ|{9pU|˟4y2mڮd￷E6_x 'k %93p >l-ֳ5ILG+ENL8IAr7ݴ}EZmWcW'n]=6 {gEdN*&t%] L*'CQΰ&V8u %fol 8't\fgٿgx.MI{V?`ø*XDvtu>&oBrXs2['4FڐJ'sɗo.fс֬/JFaGzPj"S?&_৺hU[\ >^0޸.uJFƆ:VlPFD9$ÓQz?.w4剓紌A[L<Ć1~UFPЧq@-|p+< w%hې nz͆=B5G:DwgWƠ 1nIt@ȐZK~ CfAj1>y)S&TM2SSLb֙ڀtl}CБ7on'>n(f&t`uAnay6V':\6|x<5kivjy@_,t3`pGx'*r~嬈R0ݷ`MM e|{ƛo=Eόsvޯ<=f_}uSe d;ų jeHE<8AG%Q}ik˥f?HuJZ pYI&tiDܒ/o,I6I0d,butY84M:\"hE02B7hoωj3dٯ,;[ڹ<<̻Kͅ:pV24x.tSYnU{|PqH E{=< ÛIKuCpi$?Xq/ 0)-kfygHnX#l*)uaqqx#\B#E}waqō p2K v&#ИɇTf`1H-B&]0N%24"m?4,pᜎ,uݲ7'?e:{n$~?˚},җ>siҤk?~bi}s:}!|_;ƍ[|Ft yS8a:m(#\e:øj~:ZTïǬ7n {4%׊lnR :V# ' lѨ,ʗ\ uNgUkv}¹̞k7}gilҝf^b0++Ư&J!t;̙rq9O YYiA޽k97 ?0>YuO}uw~x;V 輈j5`cNJ@Dt=|xq}Fp}|:Kz;va~ =+WZjA U"$^!o= ee&ґ*"t^Ʃ,[|rf K&R&p:;wf)]:qN ||S+JQn'Ff2JR<w,ʬ)jf9[u" ߩ8"/-!18//0&c=ѝ- KU6jT-rI64JT?)J_?-{y'awCJgA5+ܣU RuϗދgqIT7LbbyAEW}uͼf6@:NկitC=:2s eߕ-.G7N5<^W9}-md 7lB _ a@ʗr!b2~V\?Ƶk7սbiitj^r]=t?}}ǝ(ۯs4 +>DAw|#'ƍ[~3PWP~_*y'zARŬSx% p@7y4ʲ"bgz,.3BȟKtC=вz}z~Vhv;wZ r`,m}}VDP'u+ˢ ehq@:OżfK+$z0pX !WZbXv;rCκqabO\9CS/oUHgG k`vR c=s< fӣHu&.7?鶴FHo,:Ä4C'Y7!m:ѳ9 V}8Yk*[ˌuahc_ʳ$4t jK ʼۃ(|r4hoopٳ'LVV[Ke`p@nw3eUʁ,}p܂w~Bvl~}k5w)(C]GFE~84:"fDs.K\qM_!e̿[N Ue8ud8~|Ҽy:[^۸׶ǍXaU1T9ҹ21^ ae"ژB|xEb|`\ѡK>LYO m,Mi IƬ42,{yei42uZy&Ԩt_v:گA#=_x<;Iv2 ey{-Ǝ*~w#O7Zܸqsݔɓ,]@|ay5K$c}0/̵XdRϧ.>}j?}KGG{2m]ZqAM ZM/f580xayHZ<~cF*,2UCEYkH_=^.AC:z7KXt+\fLG\ [Xژ.{ 4p1SucyydQzaą\9(''NUu8FӍ Z. ~7YCs8쏕f֒k\οލEbp(eD 7Dzp@QX`1 ;}n;@8Wy.@dGߙ!x0=|J]΁wYAq9"@IDATaˁJ;dr1%lj8jWT^;Z=KTe֟U4n6E4UAT§_/onXݨ/iyw6N{3$4jU1ۭNq((qՎԏlע%Fo~Jsu3G_]dq#3p<;긿!+د~Uj0#7mt8^!}a=ϝ;Q\/П&}}IwG+g4lx!?{P׾AWm'0F`ٞ?Ϙ!ghrk׾^|fb3r|f]G/C߸c'Zv[?2TǿV {]2Ks-(|ƨ1\WY:qˍv-ތS:x .NIL8q71އGkGuQ}VH@K_[nYΊ X3٦_ui7wpm67ХN 60B$Ŧm;wБϾL$/^qݷg,:jޯ|I}m7͛jK+ tPLqaxFP:U?5BFyA=ۥ+WDF=bW7]1Ú䍴x$ЄŁ$)?*U7o)=Rީ U3X Ns?[5A nnlP}Kt %ҟ"'*ӸLX~~Iz|E*>NtiN'ܫђ]ɵxkʝ*Ch-_}YY54/XAnedWHcu# &kҩSkeo].{QY x\9:ȯbU=Ei,fXLғH͂[9 dTsUp\M~ +@ =ξwgp@ ti$@{G]*.)$Tq׭7Q^i{XEcE̺p.-G3BK+:aid9 &(()ނZ֡Y6 3..F7:*=gD%A .}(r/i`9'ݏt,/: !_>qm(^oc6N)OY74҃LTYܻT;IM[ksQ`o})b w7߼LJxCVOt455i7{~m7F q4*.M6p}VCWNVԝ>}#8,OkW^YWJI~*'|xc!ٿcw [;2.BmtV^^SM}l_hў/Yz3uqǭ[nݰ!ٮmesz9Ƃիֳ$drm17߫fy=sNgՂO2#mUe&&4!E0d㡯c ,Gϧy>Iڀ&0ྮw"j'̗7tcѣ_~yŤbstnS2%uOH?u#qc`! ]SYjYW醀<NsWPtp1K#CVp ]$A2|g3=PZbQҾk=>'2 q ~{k”?*wu}iROB/?G:UQ?@s .`n0\cZ_ [<+p)0.oQL zL`33J,ƫxuRkC4lTA".j??gEJ3(?c7AN0U6ZVnNE3]Z7 Kltise mX[xc<#L"]й̟D<{gz52I(t3h1TG f48R `hU^g9>qNSIJ̙91{K4t؇n:-S!}tenmŲ 5@:-opPK`=Ϝ9^8=IyCَOfHՙ_y7O455n6,@λݔ`t&8ҥmWad졭e^p=I % $I_R[{%kkE9eV+ Bkj' DGGA y/@'r382 klpܳ1(c@]/]Z=_5j.>A<4j$Ҭy͚5y`z&Յ)#6$nii=vu@oAo5,Ĺ|+zRS׻'zItr< ~6oO3ly9sfv2sر[=x>$-2ZX{2^ba{DxwNQ]ЛE"b5s]jludu\% Mp]a(4xڅ'NX_CDMA"v,zo7H?)0$u.^2p]>Wr ;T6nQs8*3!N\!Q_)F$ ՏVò,1ת!=K_i X-?|̘11iu40 H]@ Jo){N{22 !@ ?.<\RG7WI GWw0ww}Hg:esYڿ04W9r/ρ,yʙ]ِFKgg5dj- 1|S>OG!;^vO>'?~)!OFJX5 !Pr7n,T:lޙn,u:oA!@+2E=C߱PRך{@1XTav ,\])J-V-!% %>i^) J791g(qXHpi):3O=|Z7`/?d~[ &qzS,'jIOHg!uncGE- /%@ wSOиmN@ȃx@ÿ@<2o}+)c#wCRA5P/i e,g܂s;V~@>kQ |#ȑ'|A|s|zOLu4?Ϛ``a֬QN~6)ۺul:uR׷U5QrjٓE}ahjeF| c=,:"$-a__n`x{7g&[UkYbts{(cܹ;gM'C7_)ˏ={~{0wIeCD[o]79dw⋫8 M,}w<=kJO? z7maAp Oʈr{Do匧WJP9s~fx{<2,\Oc e4)>j'|a]ۙ}dN6\tSF ?=%2..pݠ^5_ CIUT!S?Y&'IޫQ;^ߨNg'CqW xq= TfxLPAM-#X[Y'5krR †o.{[B`#z[wdy٦^'7ӠW11Kln!XV/efufOS-B3LPG&J~5Źo䦻] 6x֚ o9 Onͦ^9냒a ΄i ҙ=Nv\ىte0g6$j 0+00hܕ׿h[8ob k+b@= i(xBbMQkb9ZbHiEͼ$ n GY5Cs1ʊ.4EH ԰DK+2'^_7zюdẚ. :رSGǞ;h%?~L7cFf! msܹ= WK;Yw9[| iˁlqYGe3?u Љ'Hetkt eEl4ӮE#G!Hx_fp nX^jX V;vꅥK*ieQgGo4<7tZ:*p/hq=c'gezL6kܸݻvu_Pcľ^S7p_ H^(~/')tX<ȞOV T[UƯn=&waUG.:O^7I^chGIu;U꿼+"|2`ۀ+0Y~h ?4FsIS@Q xPP}Jpfm,?H6ٻevHؠ,qD[C2Ö-ˮ7 ѣG nH X_!I'ͩ à9.ׂtRDߜjfVou[fͶN?eě04W1`WQ x|t3?Gv,3|'X[(g%!fJI5\+ ޳bAMWH:NyPKF,'d4P*# Tm4TXbx,QJ &#Tqc,EX_WAkQ Nn9eC$%ȗ19"s2'.7fx{Zuwzw ^)|{ TK4 I=qbGd[y~q£>4u\V'NJH8dӻoF/޽ogO7J?]gs<44DڊНc>*W(b]9Ā?O5h(&c ҽ}%rCup*ڦ: FCj3g[TNCIJ'/E$I 'p9]Ojy1q$%,'a0u~-/xџuAFvVHM2T6BRNB1B`ݻK57:{@wi w]'PlNάP9"&W,k=O\.>5pxL1J~$wcguVs%"B1D ]3x??q؅5N@ `!PέVRǛ{zO޾}}nUW!\> >tE~mгa!HGb:J; r-AV) {}O9v_-{ JKOɲgD iW~?'J=Όң80L9<땷sY$ 8׭[>+vؠWFz"u76#!UP01CVX]XJ <;#x;_ӱ{cjWʯg3|"xҝ8saݤ8u~8GY>9ϤO+!AyHatM%7s;߼oFkGoD!m<\hO]o&YIֻ>ֻK/klMvOVNt Pz]7胕(f"bAu܂?У:IdCL~dBFc(SJwq|nav9㰇uV rGD hbca &}EMl6MYPF`bɤ}:щogMtQV,_:M+񖡭u]z5K,@j+rgx3>W=21Q_Lm^x'7#vc+, WoR~ rG9Ȯ%7{⋝R}:)D7"V\I^kpB4=>\2֭[;yo,"k\{uxEp>Kvyw\2EeE,bŋ$q;^=Un[|DQ>䳺@$5hVdD;4 f!=p:mC j7Ri,TGCnS`8~㯧u: :\Rv'ݯ&''M7Kɾϑέɟ#πh<C7Keyp kJ^C>0WTmJH KA XzvOa*H UL'A,O'9xfYKtG wɫ^x>Mi2fߦ&* yj`.شm`'J6MQ7육]; GӟrND0ILe260 B:| k#Nt@]f#4{"QH؟:n@JTE=iX М ?x8 f7>D׭]5mݥ;tǩk"Ƒ`w&'povu4{St-ЙW3}EVZ1P3z4}z*#~ەÖ#G4 mJ>ə]vqgUq,| _;we{V;ZTԳΚ5w(+^6Q*amGx_eo%Bw>5c ϛ;V4 W/18_0x;zt}R2{Uηs6}uⓟNF[]1e i xuD;︧tw#zV}%[\V/~<=TTOL磸T|--t_f:~s`VBd'Y߳gw3G8@eY|ߚJyH7\}l,Q6֤x9o۹:,ș)ClSߟ/ϸpg:2?;x'<2mY啝 *¡C+6гw A U.F!:S W{|)kZW@EɤWƻTާLNĻ5\#Y꾫EH3*҉E0l,I[&Z6YXȈ@L"2!nϏP'Z4 uҸ)L)|lk0K[ۡ/ȯTZ?-s8|5w]vٞA6f̘:2w(L͹<ɥ"P (IFQSM+%MU҆z]Ɠ k4EV'83erb~Bo%'*Ur&RtWu^I;_cbb~h_w7Odkg5D.Y2dγ]]>U??U4n{` 9zlP וU~R |&`RmH+{Gov-JğMy͜NmƔyZ9T=d2k@c`( tE|KD:F Xpao}Ue#FqYܥ+sy.%'+8]wYtbB Pe֦$-_TcjB&ԝ.\D{K,P.+VS_V~m˩ ^,}E2n1 4??v;-.D)>ښv=nvy˗/ڴi+c]Ք-"<.>}vl͚U}_t?C ϙ'vt":jpN+̙B?N ㈖l Y-~8Ŵ#GYxƥ,xQPΗӎKM}V&F1]sÃzߜF{rlBx 4!pT৊"j-3jB2 MQivB7w Ʈ?o;+* m1p9'9p1: =m(4PyЎKqC8Q:}-BE$ǀW*(f0C'y,[|2=CKY G}ڰ~N,V_1#眳ipٲQ!UaZL bPUpK$cDxw@hQb4Nr-\l E-*kҘذ{XqZJH(txcV&mOZy!RDb;x\YKªLXy)Jdxk2aQhC8óУt7'[eI00 D CT8̶2:#byC~[Rn0|;N?\V3]aʧG$Nb-&|[~LkZ!@WB l<.} =xN9j$E:7l暫qQ[d5 d;k' 7!+HK0-1[H2 2^XȧF?C9SvG ;a49xdySuY&]{a1 ݤW~u=+*wTo};Sx]@ o:#pFLTU,|_}Y-t OGM&2).ByFD/"cP.P|ra?y9?5)T2ntY x0%.%zHnGH\Xʈjm/y,&3VeI%?s  95 p `ާnqm4nTާ+~!,4+}辘ʃ"ʱ Q{Tc8F{؏'Y<$V1w7_>?}'[C"yRV+V"ˆ:=KXw)-[֗30NHhI˄Z U(+Zx[nDf/6ƱS22m~|zId7y#m;kR=a"ŤVZ̜9S;-2z'koߣs|(^bdnܸapڴc!4JIS,D6nX'>څV zZ|fgEo۶E?_O}ȎEcN$8p߸~ʽ׃z6k֬\vʁRSeJI>'U10cIFxEH2(Wuz!.ӄ c(xZUw霃>cb_N3!p ,#FGT;ED܊na3kjl!eF^U覊] ~<>ߙhI*}_(4m`-*>`6Oaءdsr`e0AS!Ǽl ^p+Q7N;tpB/sFzY"[o|uD`87cv/wxQn=sxG(H▴OHݻm^W~dU9-8\I`[-ǘKj*l8E I?D4Ot ,zc9lG??OS+K^xNQ>Y2&K`"%0F[ɯm?4 xN1=ߐ6P!YfIՋ;/hP;ҥvemkDV* ]}H 4R!nP}"ж0uq,D{+ZM  i\hJJ=JBov5H[1av֢R4nVUk:CH u0-ĆJB[<Jsz~8-w9}|8.vkI\-䂌|ƸV梭ٴiOxxexL=*Goa#Ji%u,~݇iBmXK71I+\I3˺D/ x鉤fQU țrձ ןh=3ro<ʢ.1ّ4UHS2sh]t|a>!!y2zy?L]đo?ÖK~G]&C=Oe? pԩw\Ý߽徣ǎw^hiSM#`m9Qou-hib)@~Dg}AiOۂ, pi`6H ɿ 7KC)وhyCFJW:RIBuc &8^:ۚ|Opԏ@wk tT $2Y Yz^ypǫ-:c71~7Lp:; 9m`aIOMnlC7v wx'VhBvl;@=uv QdغEe)}`[! M'XSV[uzu0dDLg?xm4 [c8gxӦ ۷o" i[uc ߞ&L/_f7o Md+Üі_:&/*z#pWE`]ws!~*zbѫFNmLQ.u.ϤlvY`8u@V яИĨ <> } =\viNt9z|H{Ov Lkg8C)%I4F7.Yhz?ZEE7@1]Mn&7yש@IDATxSt%3.n&K&'/o|3||Q)4x$nFQE$cLN'ֻwC=IH#<.{[>qx$8.3nao\w S>~wGYH9xzRJ غ\.޷W!jWU $1ps/ػGmR+I6 ,WU}{cDnY, #^KtӦMˏoۺIs? 8g'tѢk3fB^<C߇񎷩e;_%Xh9sؓO>W/ :HۖO8A3ܻ<}IE}R~Yg 9"@IGn5Yƛ蔂>WVʹn5o/ZxY8Uepix ZfsXd#tD3P;Xk:2?:<߀PEYFܹC.\zd`WD|@g  :'1)%œl틆?I:(CtѨgrS d⑦/?1BeE^°x8`WXaA0&-F:}CZ0^xͲbCY,!GZɳZ>W|Τ?Sekg|Co;v9`adh)x$2cMXB+EV䘐ȅv2?7s+>,|mvy-C.(X?s._1db턽(;a?R]za_îPU55bGuAn悳UwJO[d-r#W=:9U)V5㋅WiBxX2oXH~"s6nX7H;pv@Jm!/QwߪE-О&ИD #|]Q#*ӑb ;Ý{ {u}@8!{#_Q8a u;vP~ &1,kV`4Bsׂ0 Gο^%!4"g!GxH.^x^qᙹ|JM҆As} u2Gk,߅:m_<߲qr=75YD bqJ/G'~MhFg{Cٮٽ_ 'vU6VζˎKwJy&/~В8AzqWݸW_]>-ƌv8q*,Y}O%"V GM˟p(k U*)2Z@ 2K췐h͖tu;#,&6:3i<ݏjM l"Z/?W&:!o L.&~%5?(g=c鍮nzgl׎|xf?C.mt!??Ⱥ|G[sx;^OH 8$;3]B+s2Mma<[|:'4=>R(lSx '8=fHCuVf ìv0w4c7cT<ϖ=lR [SMwUp%l]Kl,{g\e5?z^gdpJ/Є"M#Yܝi?S#?RqμՐv *:Ǡ*]]WIӕeūNϞ={4pː|׮]oxgy_~i}t֋/hmʕ+οMR͞ow]ia6l v!rC6 /wy.5[ wP\zE};v_/\`?jCi.א v84b8pWeT53 [!6dC_)ZV?WA>kuQ rHZ",q}UeyY- pXDtdtXfϓ@v<%_V/:B?tf[v;5IWSB+CKd<&c~Cuo;$|zBDxo~AM;@ME3V`G'1fO~Q$Q(c]*9x֥wGRHN͙=ѧ^5/?_^ymy=n"%P MD$d b Ї͖_)T~^Y`& w]w\1wL"Xh5·u ]7"Vvo[N0D`Wd-"&{4t8|@Wi#&8kR36 = y[WF4d_6'BH%)6ߩO o)FdZYH@?IJEU8Iyȑ| <aMy6ǏݎXYW_|\vΛ78驄v yqLAi )cBʀ;e7՚_9&$`%没W흪,|)up/E&_N6>,^(eVMVW .?λ7tKO?űŋ y}6lЅz,eZk{MozñW^y%(Eei~մ=:f"BNE۹smڗ:N}:O_Ͽ( a'F!EzhH0 +nn$LmE폓 GI*tp4 \ı:<dHQSvH˖%VKU+̝;Nkk- BN~|}`Ϟێ~ gly+yxL \wus\ a47U:R(O?\A2[a,8m~֙Q__aywqC$C++TWppG8g͒.CH_wBkVJc0b ?pnq*ǯ_$Q&,/d>T;WǞ3wRچ}9ĄI  UE+'a*o 'M'DHHUZϵeELƤExƢ¯8el͠p/݁?tx"2cg#lҝB L.BsgMi&qS+V)-'fC~u+.d V*Aቓ\ﰺ0*:R)42&xPd9 K8fqRb"_iZ!!r77i;qQq;^A#i%e 96.}Yl&^VNG y$fon .8ŊeALZҾuz~y:|6×|,?G.qNjh_s,CbSD*4,Fyg4X2?AzDXs3?{*m0s<4#wx?ugSu9j)`x(άMDiLL/EeAPi~dCz4`3ma_E%%);BMؑRx1F?<JYnd`.Pu'm=i÷=q+;b9+ݛ6o^=HKIf F.R62>p/\e" Vsr7D́ 'yC- ]WKQg/:PSHcf`0%[#!$# $ ܤ;\80/sir/ ^0~|czY7^0uϙ=-]:|xtzE_>kFU{pȷogX'hl:Xh47uӲO~?N@~> x-=<;wZ R~-4}0Mav[%-UYBV[ Nѣ:y[nm O.J۴i},o4Y=Ac_+$O  uˡ?q@?ou21l`]d;wNqu,=pR) /s \3dӣuvϬMfO2FY5ELҫ!-َl#^HW(#ws\&x_xڣᆵo^[OC@QhhpgnWsnfLMik9?eW,<>GI(o ‹yE;`jW˳ѭL2W@ś 3B $Ar-+ p\לg/̆nkd 0v;5QET3GYDΈ.;Sz~Ph, %M1cȹnӽ9usltn`c&eJ^ʭLQQ bH2/enjd_,E:vSQ+BlUV3~ymQuЎ@pc!Ԥ;Q NsZӹM#=_*ATe/ھv#?ekW/yjԩz۵j"Ϗ|}х~#dBtC-EݍiS{t&9} pQ6-Is`"du`'H⑘\~b FV.dO5+>ٯNbl:oGh_Ňa3yÀ F8 rv_=-w46q@tAD* ɔ* \*m Y~Y.U5ǖ,^$抧YXIp&~,7z,2Oo7CGQ1*YWs@]+ ޱxLyiZeg mYbhrW:h ),'8*A5<]x1`XH1aeC̤ rx;ƍL#nK6dy{L4붹`眳]!}BJh {#L^uYNW'^ߕsyR./8}?/L t*` HLh&h$*Y13?~t*+l,Z`A߾r-(]j aΔSHDOcdtSpXrbQ}ѥx:=iz}lǀ͍"-14U6V%i)<²,Bll:BFCL^~N,7dh:P\kD(oH6wi6aaV/…u. \O:~%ʈLd̗ML>DOr,83</ 6VF8:NLϏT F) {۽WDw[KGGmz?G.l]`BG1a=Zr^8؆;&м ._"@sޡ~kԑ9~v}:%7Y3 ݊4f_ir %\m! =@=&hUP(E2(]~F[FX *'E&vXx(_]=<.T'~"86VJqn%00ђgW6g(b7k;LqI<jnZm+ӧMu" D…sz?7W^Wny/6>_j,]<_;^ؼq\z>W"ܩB~c\XxW}H1, /x&w@) Zٮҁ;ѫg5cv\θK0}Cҍ[4ĭNXk[Xz=ЋI^ɢS*tҳ$Țv#F;M)A![\g|Qm98 MuhC~7Q(a?n[]˖--CWd7T-`3l3щ)LuXpx݌i-TvU,P,ó Y9LԉU;]Oy⨱􃣕ths:r䈚]w+$|OluiBl͎rŊCz;6ΝsUdQ&'!/X*"pt)^|nG%zՌ?VrnΜɿY~lݧ]׾UӧOi;za~W5U5ͽZqY᭯;n\@iECV4^cfD|Dt\Qx!;?rHù+rK?eryق;E)Jf鐝.txu>NEf>ss:>ai=H7 ,H%aQs3h뎲 TI{͟it3<'Ϭ1cH[>lOӝlr"a mysӧ&u܁19WpԬc!n(OW8{ósW1IofL7]wݿpΑgqCt+?s?sA> ^(d맃ݪDb"쿡 ijwPQdn\vJ[ȫO;WH'6#*HN*y;ŋ/ȳ&jy#?;NNI^%Ȑ~|ߟN1G~?n]aݲSy|NH|'~ӆ3OÜ[o{73]{c7Z|];[왳ϚM34owux|oHcts5t4k -@HDCY);>H+ We9aaeX,>j%mH%'n5HUG f˙TV%:f5`ܱSZDM/<֞aI3GK FʋI ;p<<( H7@z*eͲc|^=T99,Gy`48W2p}.份^Jׂ,N($0llO9}peǶN )GAr :?3/G8b2Ldcr] R ÎmyLZȳmvP=pO>3u@+1r5k5# 㷥g{" weԭDFX6g 4M)Xrq?]==]#<\׾}3$, KT^ `a`ti`/4O7]Dpߘ"&eEMZ]aC ]3ҭI;E{w偧:oՅrkxÆUCgRu݉nK+`!'p'ZAB37vJ=@f\Cx,2>BD3Hҗ*sjt( $ɗ@մ8+?yo?wmLKטn߶tY?죡2NY7W|ku,ڬBs7Mȑ#}C߾^?x{)íniӫkxl+^Q4>q@.)KeV|39^z2Xxs9 g;'.L;,<(țV#l_a{FRI1@:Kw>6IAIȀyeDž̀ؽ1])}Z52?Nw ?D׿RC{~6-~׻=Fyo~ޏ/f?SO$B^>z^a(;ӉN䯔g2-XФqS|zn힞︿lwe)O}o;vPPoBokQ2^:-pmRw:Rt(G#]kQl0=[ҮlF\:zGoʼndd7(3*a801r,0II7\gAMM:_cp7گK^m_ , qRWos7g)|Wfȯeʿ]pZ8qLuW&~]鲿c #~}9pzd"(7%p {}ۼ*^M R Zio, uJ$?!*f+8#lR(ɎH*\6ҋ6~zzw2.;& l% [~֪}b1?Ib"5 qxKN }z&S^Cݴi%I1.J֕6?,#'II$ɕB_&`&OyבW\V*ur"-Μ]瞳q?2yn!>^ >v|p}<٨e͂{PH.Դܝ> S{uJBܦII@e" 4@c>Y_@kM+n޽;(ϔ'%ELJa# epGOR0Ç`ag vgm`jYMyGH[oy{ti[*Ug [f߾G]=`myz۲em֯_54d?۱"h_"N5kVo9(oC*t'Q 'QX4I=՟dq9;-'Ԯ5IG#zբK̟/>(#Yu\.4J+/JZ]SoS:Nc#ZW[N h/+x;6[\kC\nɍ 2U:l=)A:/=b`-sxEtP %3x~;i-BtHy:o"@>MB+c@\Q`yHYh&p,1R^pP O].Q_C6z*pl!cS/2=*y'9.I5p2Q|<2ߡ#:q9Yrt:؈ 9nG,Nu;(6 ;OS+!Mu,^cw | s`wȡ Dz<- tu-8Xק( %ls 7Eꓒnc؊)'YLaP'tY E. 4QyNh$8eO +\a%ٙ$*dX%AVs 6$?ʂ!ҕMFix`e9h/q/[| twtq2A|݆+y)ˠ\eڅ,w&/hJ~9o%]<鸺AYl )aey)$IЖހGUpcP2؄Gۖ_" y&nI8MK8eIqcםOt&~H>w ;+y=58f~OqT}93/H6OFۺu>t168&B~gs\Gė|eWo[Z;EaSn`!$-ml'bMxRcwK1Ռ\#e3ے^!IeŃ":џjͬmV<+#O=śy@֖&Tq':OD$d 4:g̚-tG= n?˯>[f?1būnn;6_W Ncȑ#mZ;^{oOWCe GC74֜C.{s$T)>]RP= p:oJds:CM4З tuthr4wtF`yP.И7"K|-;I hM4pxN NL4TPe mʉR)C)pЂɃstq`!҆]i3oyn*%F9vbC؝93S:K\R#]_N+i\F#4yaxA/e?pД.;_z! ͈ʶ7y.QΕe󊐲ɒv7e23oBKQNNyh~_)>lqe{|9'.P<2o7; P/> ؛Fd鲬SV .",Fq[ۘj9l#_ڍ7|g-Z4_ý% ߡƚ5ˇZo_9tSʼv!2:F567s_Ms[fQCFj(gϥ D!_V)YVFJX`ii׌}46Т"S3IQ8{v/} "/By*1NN89Uԓ%%ЭoB3+~X+]/1}L}j|91??<'^`l 4:juܟ S៶.1cJ^敀px? P&; em HO`o$VRN~BL ?j'B $'n^QPUNI hY r%m+]K'txv%F}Ls:/G i " NQ?Qi{!S/ϴV>l,m# ͼk xmW .:uM.L 0\J({%M.:M{q%儭`"GԟKWP [t0u +Cd6=]ͩ8R-ֲbݣܖfU0|ymg-ZܪU+|ʻb((2x"]ˆ~AEHUjucڕC֭zC U2[>*;M ;Oݰ?[t^Ȁ9%MBG@Y7&  GNܙd# \ &^oT@ą1|vL9칽 BFe'n4>hҝ&NTBhSjyg̘PO*$!A+_7\͝KLGF{}& vܾ&tţ'w!j>8o:Gɧ+;O?;6"/G_.=y,tv)U)p;_0Ċ3Vz +J<6x]Zಋ,g\)7+FyL[yDeo L'AU|\.6nRV؃n x} <#ʎ|WW}WQ+Eb,KdYq|3'33d$g2I&3q&>"%JbhIɦn⾁;@@;z{F7 !zo_UݭnݪM>CV*lys=x ֢|G:(Z޼K^~:"v{\.'4.nd:BK Cn=p/ 2YQbۓUKTU-8-llz&6lƿa=ԙ }ҷ?|]#r*SU/Χ'Kܗt )}&&Ie$ @:-~]@3H#t~#`'Һ \/`c%zfn'g<|IE.\`%ąG i!UcU=FZv,I ]R DSbOx{-:èH%NwXæz>74h(t!/mrPb/UW$̝%m_C`C_?\ R9.Ѻ I-:'&|ncT7U(' y>qֿH4C&tUjOwر;nd!&,cH^ѩ\Wetp.d$|:#AW2`TVa/ !0a ڵ;{'7I0}X-%4>Ф(HqEBC"Y>ؤ9s&XdQ@KDU ,H$mJ A y \5JLtqGq{+ "TiX12]G|2-'MZV9zޢz,&nё& NeXLKmM0Vd3OϖK:-T`qTMET:]?|N.OFCwPa#;G:]s ~h&$`]=ZcG,]?O2W ,8[uTzqAtj}K+W48v4=y.pˁyAS>.뀠VE.pI@p`~=}X;~θZq9E\K1xtqNŜe'E2&Sf~n] Fwt-嵒KJ֝v/z9zRA|!=) Vb@G̡`jtэkۦ&_0db_Ju~=Йد:fc?ve=^ _ݠ:wzCCF7tЧ7u3u& NE=:ܡXWȧҶڞ!t %!늛H{SBgdˤ Q^HL 'e"$ xn_\֭ ^❴ 5?Vx9ktyJfKB}C: .?Ν;t:cNf,ː:7qmi{@^\ʁ+08HJ\WB? wO_;(I ,CbO%"BO}`R+*FPYY+\ h1`3@4|)R77YR$!l/Ԙ@E8&D@)EQaɁC?$'%]OhGt2 3WaaOt牞-8Ν .-RH;.lI8RaC p:#9I~۶m]^yhy+lK/[?yQ_o^bEIW&>lD~Ss*7B_+0?|VF^gНtuu^`n较#xrz+?YY+u՚9m``|]]s`ρ/=/86(cֵ=Vruu{ $NXy\'c*9tHq?{^L XDrΛKuy[]84do}p[t!<ޤ+lX(Q.VlSrnrdL@!;7 ]f3C 23fC[E:tDd' y5 ܱ,oy+wg%Tixl(i;0ǟܰqhxd,N lwaLk!E]Vz-n#m_LRhJQ3Z%J*SWs>yl6n޹s{$9BM`qi5E0dV9a];kQ (bׯPl߾^R^_ɊމG1jJcSw1Ԏtąj1=S> >B tf3*#f< ̛8F4TXZdm1rD2ߨ~"r_R‹{/lΝ, ǎ8bO_|nVlj7@i6ʹ(BwyBg=|> 8&~v*8gӗkhvxS&q~*]4A[<sejUG~RlCV uEοd nqX)&#W͛7"q̈́ /#4U\Np (Z3L/ T7}GR]$ }u#_za:7Áo掌ĵi`~pO+.\X1nKf֔I2J yN_&6Jhȯ)ۧz8 Qn [!`*V vEtn-1JSkoX}f^ߣ%zŠj3NsNqAGG\Q-3D+'舁;Ι0p~mWyr nR.F9^ }uxJ$C}-deCy?>a aH# 㱥-ELf́-`TB CL n05 N]&9:,p{uf !xW-9߈tEs瞡ͯK!.* 4* PJt+Kz/[زR6okM}HyH瓇t? ]Ԋgm|n߿|'ccW&&/ FE5?)zwD(r ;ݮk *r$a-q"D@<&,\5w]g}w͚{oŮyAx^:W8l2^Yg$w{ďwElzj˖ũ:6LqL|p!_|㼲ݿ?Ɨ_}m%y5U0AUO fOn`v_4׿,P/jbq?ro8 ${]L2Ld2Ey]T{Sc^_ 0 t?]L8|ˀHFwǎ]_À6@pYkyZ.ݕDɞ3~㿝k}ZRy;W;Ȯv^pI\6> }?:]d%:N:.`ղNЮɖOQ><=Y+Ml:qr;"(rz* _ꕢYV}ow<;azhwZ'_9.Nw+4w׹.h諸-YYχNv]8U+hdYU6Ŝ+:At]~~㼨2V)g7lNgk"f7-6nUFɷU٥b FC.%Ib*yp&y!`4 VԟIy#8,Zu}^wM9p{}O]j شis{Z>^VHmB}?{{Yz Ȏq xYI'|ǟ*mλ*i22V@><\l,Vpfm~ < R|aBZ\sNIvrBˍ^RP A:2dFP2=Yg)I$Bke6xdNY f EEazՙXg9Ē?Pو%P'}J@Y!7])[5_m4`3xOE@k 4tTQsEOşMvG/U^(gO_)tJ@hp6I2Oh)c:j&g5=+Ú=,J]^otN4 Gָ PL%`i}Z„br@YU\[M0}š25qXFfwgp<)29fێU9jv[#˟g=ۣo=˘ e?@6+#@tZs鴟ohP^ӯ҄ xU\^;*Ls~}X9#_Kis[gj<簵TX=M>]KuN:ھִuN.u𭎭Vym(''7F&_}5||)D[ Ye |T}*đ8:L|/f> .~I1rÐ4Sߺ|ЕdTݑEKXيg*mWQ@XQ@Q&^@D|>bdsMD}$ W&$ -Z't\!bJs\ }8hsnp 6wh~u"ߛkϿ)Uc;hoټyu+Uvvg@> i*(6FG'qmgO[`~cu/)WBL}n ǯ<ˋs2L[ *@zkuM2y;(/w@AjgK`#aA2 !DDIyy`o]0'LC}|wyqE?|>ȁnSt D8 'nZb^y~ D E:@~p]DG)g‡~ʘO5NTk?ΤL< u)<9dKykE]8> k֬cGk>|8봵e o qs` tϯ\ ް`cV<𣺇'yllq G/]pӘ\KzUkTx"{K452ܡAk<;E̦6z'.s9sL'ޟڝKW<o"q:sX.3ip]J\~Yɦރ'8%88QVq=vu=Lo+Å2HT&삠[(!\0Pa(H*!j2]WND9P0)- P&Ҋ(T*a=A 2aP-|a@i׀zC:o.ߵc: {RHG~W.7*uM1h$WIh\1_uR9<2}?^Fx9~08m3fBBvJJww'Jj*{kۥj;րA](Hj9X򡽋/3ޯXfh'=~ۻH ]'dFILphM7izĠ|!|A_ =U?ܱ.4 ؛X)Ne +{+A J جq۶`d +"irK5IO]K8h -r9y:Lh L5 &i\pVtiөw{X%-ͯ<K߀l~hc/yTxfK4w]xyo>adY?|Ȋ8qO䰩!JýEnUZ|N]Y)jlsnGL{If+H;Zk{\Rnf@=ˆN>/|᳻9Δ пa҆V_ռ?wK.\=X]60Vy}M`t #< }zu,޿ݗ-xG=O坭"7˗/䒋yA껕ũIC ~V$o.fA5&.36?cg>rmr={c?Q 24xL-JogXZh;!{lͼj0ȗ!B%(Jؔ3W!>O}t"MRmEڨ3xTKu-JuFIN@ApUT 犲EL9VR6S& QtZJ;,8yrnI1Af¸Fw )1f"1fA>(Vб QI` 10N% ix`4;$U`0:kށM_F𰂛kw H3IZT;feN_h'< z'^:3_yeFQ>j"De:" C]n p\h~'51 BO ~cf ,~S0t/+t[%k>l]vG}G S^ԍVgy:6@˙m&)dqm8\,z} /uS|L@\}駟޵k xkD oFa-6".9F}`\)!y-ʹ܄vd`b&Z$[UHi#ڪ&F0-)aa.GY"ry/K.40`pQ%YfFx'S]b% ~=`„ !@ۙW3ՂI+]ИN~`)zDiMhJFͮZ 7mxP0B/Nz49=#Y$Z愼W^y>v_tJ^N 8SF=ϻӱݗh<~p`+pOv< O|K/b]}g\('? ߾}c=fϾիӀ83]C[ }'u/{{0W,Q"kJL6RQ?(Y*ZH8 '#xM }@.Z HsNE:d37)vo(Zy GwԓY6,Yd|Μ !;wh;y+|z즛n֓Oj.62'-Ptrԗ y9v\ ۊRRNviŸ[r:ҭ=ݵk] mBnuSNO xX#/s xz*ؒ eV1ɵơjKK{.j K>9bUFh[z?k;uo.]<`dѥ_hNsT9Y='xt౨VxzC V4j{yF\jh!k2ҟ<ݚ+ Fk+q,V>iܛNJvuUD&uYXiTQ KuVU`E* W=-(һ+_ (yiٜG&̕ mJ AZC)9/B"v"}`3U2ga& 4CYGq'L=;qStf:ū_~vē./g?w@YU Tv#cHW'czjM%2Ac]yj'?s|ȏ#>΃3?dM!KIv44*g$զ`Yr편odl&\.[␠‰NChJ~ʱ qJw|cHe$[~0ZvݭqohXt6]U 'DeZVMm/`t%- χ?|.**ښ y50B_X#y<^d_И4#{eS8Rf)QVq?e1Ć6n8QЂ"[| !/2CIbSs|QJX`=ҶgH1i|ia!rFф^ (anNt;Nx`=ȄQ龢v ygy|㒋NSwڱevv5;vewu#u8Y[m;[__jؤHYG[zdE_wz(Db13dEzP2'^\H,tFALѢM@IDAT܎94s5~4։zA9fUE) .7eSF)g}0OggY+q-=F8QF4n2橺68#FY1mkϮ_߳Ls~Yqn#0(a&|O={ J## ^x,G=i+xŦnMjl\u>lij0tӍr{]BtDJ:|%%<Ty䥗^^I'uZioP ?ʛ+`_G!۝`#8<^$'(&ӡ53WV6oq>, pyLbhd?1dVҰ/CqƂb1y$jnzc6Yg0WFIǑR}Γ# =>crAr]_. O:}P!t E@^?.`gU&CQ$ׯ܋.; 97 ;y.dJc⸰Sq $mAU[j,{:$N\ڟO N$,&be,VC*w|;ɾ(RѢJ&GEia&JR߼0QDR[!pqE r l7,{GG Noځ7>~4@ f ?}z}`{-4n}jKi:H)rZ`p=\`/ BOx?9|Հ 7lLYy}]U~W}YYA\ p)F:nn;IN燾J\vnonSt!|ǭ1D@RYbC&pǑv_:gM6LMzkR[wk^^Lo}~ω'0k,ʖ[<>_{Yg\{uJe:a";߹~ )u SO=is> /6kz:)Ob߹Cqo\cKH\FF'z%|2Cx v!>H',C{Rmꁗ~i#lze|>W H<,|OI>0У{0_@Gy4ɜ~4!dGw O<ג{tn+BGO;_;q7xrzΗ6itUgrQE%XMRȳM0 uk5 QEbc(崔ɘd"D]F&80{0ŝ0Xm]vU3,kY̐o} =vhT-Ukp4 kt DN>m7 ƢT :ix쭪 tzqKl_‹[z&VHF}z@dAuxO E'mGq Z Ab]ig0F PO#K˗JotfY[hU-#i;g}3N46wI^2ZZQ%9WqA]Jv5<߷AKG~?'6 nb˟j)V 8wӦ=l+[SEvԿ?sy2r,4P/~~]P_d^ ?׾9/V 藿d v1h_0y [o鼒2;˖-jz+ׯ陔yHso:!:OCԑN2~uKo{ɗ y!{9.k mH;zI'xQh,I=r! u.LdqD哪B7R] u߻L`؈O}?K6!Pu6 SvĨ}2*H0 ":̦ez82r) X a7 Q8$A"=hqȠs-:=tjL5`s*FVGQ]e ύσ⢂jmG-}S=x>:  !8p݁8x?Xe\_1`uCL b*D"Q4;|=6QؚkV%V̈́X#&7:[T9) ljuG]rІ2UF{plŻwm>ޫ'mj@=Zx,ߵkxЊF `绑`D [ m D1O1YB=~u3w,Yl40=cGٗO!ˡy71NZHyimU=>u9IKL4( EmIdw%.xE !;|TrxvF:tPHBBO W {)svm\K\g'zZ91V:}n[.AJx~^+ut-/bs8{xٲ%UI9x \r4?I$ '=B;)^/yΗ@ >ָ:ýk-M-JRmeǥ<0h p9mwq#:|#kv"+4Ma8d '$_^ǸLJu]66^])tPO${'?f K&PU#f$R[VAG!6v2yS+jmDYb]X,J :x @g`PԭO~Y|کybQG-[e/h{*,*B^Ttԍab'X8Le9Lk ]W˞Pi{k+3x:sίyZ;jw&'zwk[jE2ƾqTȩ˪C-xfƗHt.Q0nuK./h^'Υu\vPPO"!(CDm%?,'KReҐ@y>d:ṽL LuBQ.;v}ؑn x3FgP)nL`REKͣ|q2VpN*J!!#JBdUcgo~_~<үߤ#V( @g`zOVYc|xxW ꘧ZZT>V9u',7e;׌Ȟ\ r'B~ҬJ`reJA8sy'؟>k{}C;ބ&!Ah}Xz͘5F|W:'=Ws3[4µ*G4-JpIݡr'qpq|;6|Zp]k<ѻqF^ЎV:(_;9UD㩧ίr+WA>p C^O/_]_}[kߟy+ t1CU?羪u磕o>,߭ @]6UM05^1Ğ YsU:BMtDm7)s:q.btE:%' tCu]\!߯]:]%瓸)GF^G=KpEJיA?<8u_⠁>(;~_٫y v-3֟(1٪%6I#t^o`If=Z½zW:m=H 7 ,xy41ZBo (u:W4yyvƹs^]?q|#c"O#V ]f\΄mq xBNG .|u[jȋJ$l׵ەҭtqʘV 8pA%u_r2^wcE%e z ÂݟPQF@.R*`]QiHpڌ@&)DRA[M?^$PWtg3YRFј֐c? =+aBD! wYOefJu&Aq'A8g7>sﺐu GёvMԓ.9cOoxhROG*[Tl={ſ;v{pS j;xy^66%,*{a2HjԲ{Rzф$ ў9J`f;?6%]buɄ܂08 tX]xY;Hhs>xLf#4e"{k)ztMs5sJ& %xނ5P*^NR]\7;Я6%\<PO.}U\,d@ aaOCv!3ȣ4#C\Бvd1lq%k u†|5y2 h9 |~E2C@w n|&Q_#(n QMC.i Yà +tK//9ŋT5U!}CW^ypնY#a!/2=]}2śgYs y >a(SM] }<ऴCIsNI v yp9o>HעINGel ZWbWpyY =ǑzDD6e (m.;Wt"lI3z_RyR%[+PB~]H؋J7Sv\2F-XC\O5e 8@R pL&ܭ,F5cctz!4GMe4sGlWh1mNQ-]~/lPx6d¢gwqy'7WrA *tScrpeMCIך8NXh dp Y|_Gzn]f?\t,5##_},&t*s(_\R\VBhÃ) ".!.zwϞ=T(ơTʃv:t3b'_Ben ˚e<ɒ)ىcc;G'4_F*P 8O>eKoW^yвe=w u{իwdC'ϟ?/w_~s@ߤ/W]usd}p___b>1@gcDXȷm'+[]'9Tpu!s*yh4? .8O]psjԨ ])ϔ;7:u<x86enkum撾uGGwްy,ocBVs|8U{'9%uۼ|T4\/^:oͽ3iVP*"m_4[(TP,P1+'"0Fs3_pP1df1h C20:)Xzx{fK͗_ s*y tɂ~vuv9bG3TwkE..h,Y"$8˞=nZu8'YR[Fv҅ cTyG@)ڰZѴѹ eu8 s_KMi @[m[l8ܼucg}X,Π&`q5?NWcs=kDnR/o]z黆#1aylfs9s<#^auy 8;SN^GHd l#<ЗÃ6[9O||_Z!#oDF 9onK]^%l][U#W%RG }uBVs/#tO[ !'Q#-4F6W$HپY53!|6c=.^gCpDB pߐyůLq y\_}w/bओVY Yge>𞡳:c4||?Ҧ}9h_[7xΧUwйdi[]2>.NW^q\ud 2eh>Yߔ:qQqTpn neGl pBȏtؑÍ/h.z4<3O:/Ʒ66aQ@,J%0^ x:ńԬp|HdO!4S]?[]C&!fOPV+>tA+sӿmNP2섎~<М70-?裖oH=۷wxG5Oohx=KzyxbTNJnИlH7cWv]t)~!+DE,jrK8qnQMdD8}RJ̜pNUgƉ҉-SJиXCI6 oT=%>3EM>MyR<ۯF>T#G Uˆºz6ͬHgW 2GYֈk:Gz#OǞ|n>]fzI VMYH> &ZOJlm%@.賲A8zqxxΟ>1ټ6lبg5u[ݾ}eX6`6w ')ǍD:GwWjKrū"O^!<Kpp*0)1=8?8ASwCf9>`8y tдMi{Iu=yTO>}xq$RP X,Um:ˢ%՘p;ƌx6jOFmxF,* 3@g`&i)/yr\3}9w]x u-[`=xsoLd:feVR%t+>`VME1¤yoM j܌ym(8C L"qp>˘$3O87΅p2ywT uƞӴH___8w5pRMk!3eZ2|) ]@NnCJc:b1 .M//߼uJI|pӦ3^˻Q$zޟ*K"zoW_/h82_O\ٟ}c>ɏMfu;O*pÍs|/~=C{XtÂ͛_bg?{;9sH˻(pMhdb-& B5t-sT>]~6y!ۚ?0m۶kݺu=?ٸ]t#W]}G}EϹiCxeLvx~粂c/*@~`1z.7+x%*ZkDH!*CV5)0qOiC<^v1;yxwŊ_|T̯Z2?]H;a+ XcJf_9Ӵ`Iܭsؘ?޸Ϸ9k[+~≧zyM$ʯ QM['45;$>҆LRڬB9&ww+bUI:>]x~}yȃÑ|#<1m#^itAPQ戧+l~mJ2PhV)80j)mqĖd$'au _&ND@gsZx6LtiUV0 PkEV;Z;%gwϛ`tfop7z{gҮ\8NI&$8lD/~K mNg-aG`3jDA*bkʬ(k!5"$vpk_HOرns'~ZdQ굪pS(z("Dp $o˩v^ᘡFΩ[VHA?˖-{^e̐r@7Vf뭌=mT.o?a ?}yCfnVAd[lV Z>/+rG>p.v8yо38};l{_&%.< )~2w=|=_gsΙ6G7#A0OOO4A6o߾Sߙʮ]xݡOh<#G_v>7ܝ_s@[n~G%dM_vٻ?i̾p7{?r2;(7>ߝ'8'_~{>yǸt<`au=_{G_xbF>Q8HC7p9>V4H{uU I KF08l5hf@Pi]U\{ef()l)g$CG6#x^pa DZwO=g=:;M]%j."˽7b qZOMB%B/a!5lcqo&ْ-K<*d{ޙy<3gΙ9su:ukn[Y` 67@{ nΞx\<8zXoo퓽 ʉV%P}rLɸi&+ ‡Q%Kɜ.&2W!dza(Tx[velKȈ_|o+2wL+;SmcK솞okœoŕ48Kl+q;{:|Os8|GW}@U\YE{_Y9, ͩ؊6|%XKG_m_#tP`gB?ƍֱ=kd2QTၭ`tvD"Էr6uW@\* ղ&O)oiHHB5i! 0z`c_U,aH;5vMlx2Ugc1GDp[}̒ &oR&m0dԴX7W>5wRfh9Tq[{>vmW}ì:xWI*"ߴ[,kxg/]I`p6߭ sc7rG[vR,#MD~g_&xE%Vse}ǎfۯž8oZe/6NϽ8ՀRGy_I gې [ӅdK=\2;i:ke!'\8:bc0@LX[I{=18tILOLL͖jLl3ߝ{?g}=tN~{nHwtL F{lw8%O eMwbI哃zWkV pJsҿhC̣U 9"'Xl#dIbU@G b?o)b],}q>wew6~V~f߀Wp&M]pϮ UɅدKzj+Av_CHi;ז2QJIg2Ja) <#̊mm3A.! ^C9xx릾]j;VmB;(?RSjbFj|3o?2Oc5nV"P>uSxUn>1[QfF>o6,+\o!-l!>w^@u|Q@X<Fdꙹk׮UoLiM6mi_;='#\KJxECu2dA_C9t:zjI>.eHMHP/cc'\ ѩ F/m1h%NT2ctMVȨ 3*S1lB@&cА=@IDAT3O_sqx:{`z'Ӑfz^:뀕>Ko}©U)]ҿ]u>ĺ MW_sj#> sK7:&x[}%Bu^[''M6S$Cm ,Ctŗ\OǍ- ѧsh14'$ .-rjƪAS/a&S/;oڻIa;/G3'S|_ šiHq'024=Qꂬ vu\?j~3t{:t4%1-O1:hJTW Sgx?DZtܟ"cwި$W%M7)dϮhe3.)M}ry|mw>ݼ:}]%3sϽ;vO2k˷c{wtjkU'~)Kݗ;z>zX| srn)'>LG/cTQ`h'w֩_&QnɞvSWj[o|'Z?B^&tL{{`3ͨ7U~'+Fd2zQ2ÄMNp^f폰qzUi``I W J3c*3*ܬY'+`OЗTK&x.wm\S|;h'p;WQXSBٸmgJ-G=25=V[ck[3@W`ʝEw0 ^s4zy!lR3~Ӆ5ķF/L*K „-73K^Xo;ev01PlhUmfw61'?3#>ܞXe_WfZO].\(4߹{z>Oh{}=* AuxK<{" c\p^?wR^_S{["_l?i, C:| U]wcߟ?=.&>/e~Kw_8/l2sskAiηғMo*\ȍ8h#ύeS28[%pq95 {E?걍%Nu1/[%;n Y.y  4FT `]f"]6(I"<쌏)Um42u,"ei]vwϟ?j`30ؼ䩧2'{nntltlT-G:J1:X;=\r4 .Ƒ#JiK>pe Art~?Ra7|/jX_;a!`M+]jX%?fGy'A\p}˳['i8%=2ZtD=?;YÏ>3oVMTwX,Vqġ#o{Q|&L5 tm~z㨣ooY^IWJ*s%LZ`=l<1/}鋆xojhg7$c+KK+m <ݧܼܘ`ˆ/I{U=m\xԭӵtz9!]{pzPZ(=.峋_fOz->Fc&>>pfZeyLws<5d6N/ew_#!_sNZRoU7)38Mt94>n ct?`eŐ` N$hU4t$Ƽ/ F#NXG!Fv 3 8|ApQjzHO/uLeӜzH+g J^y8<͆}ؕk_zvj:lI>"V|ߜuG?a~H~%6?xr~Z1R+N%t-K+_5;cGcT_et{t]ǓVʫZIa2JNlrw}H1,*/z0R;9=6](͟ 6m :VMhk64/z þ ۪ǜ/~Ëj'<\e哒p>Dp&̛a*u8@^+ZyUil}ִ8$L&>nKxTTm2LGvN|s]9WY~:438 2 +Z2y$ 'C:$$@L nQ1h? 6֗Wz;=C`STL mt4ێ}CӽY?}|And3齞AIOϨ'>L*G9wF4= x#t5ϝ;(;w^W)ЦeC6 $s;:mPяpןBZ*r F0$nF)qéN>?̼5~by`sHW \hp|M%&Lle/[O|ⳳb)2N߳qާZt5kZjmkSi]{}駟O~:TtN;E=uZ?SO~$vEL 2}k1g M-MLظim^q}]wC{ՠ.L P#e?e3>hyMЎiUQ݋awb>ϿMsxy"XtʴC%o x2@ Bg+yd0w:׼敃?eI)}~Xn}q CPrx/%6ъ~xN:aUUC.=+6ASJaem9&Z]8:V_zm 2\~e ssڰ}s7~*['3UN0_ ^hCU!æ7EtEQDܴЍu6Ս|l+nY/ưY`j]t@ŦQ8k@&SJd"5.@~LpT*Ce$Z)/{ɶ;~G>/:GNى#]6c*9aQB]5`F.G5<-~F P$E'Ev=nUɫ%^'?}TlA/?c_xYhelO}4@`|)' Ͽ^%vO)/;wd)㪫ckGy&6,ӽ.ʾ{ʏ~{=~Ձ2[]~ %77dnåڍW@tވ,5W\R]FꚶЌ,?*1ebVvK#FD5βs SO}0:gJ JU)Z GII%zЪUҞ}t O3D(v۝GN:XU4͛7׿fn]@ eyBFxq{U$I3T~Q|.i8@f~q >8|?ҾlR8N1S¦ޜO)ĕLT|qȊ8#1tq8|q# FyC!xZm<θN2] ,4ݎLCed!Hk "wj8yޓ)=b3OJ.]BMaގ S]'^s}ARZtZl *sw[?8~±>=bB`zƖ,|\8G7S;ōV.npwp]|,v~?x$3`!πV&l .uîxѹ5ő~L銤f#pl H m$2fJE8zؑ&`Br7Y׵F|3gΘqA+?*h_%8DQK YЅٰM,Oe/jK6rr*<P"ɿ]pz%cr*7<<Ԝ17m* &N422Ѹᆛ{,ب%csƠΤER2d?o4qg+qs=<УzO;Q ybIVssc:tMZ(I\HږL{H $=ӆ 荴:,'˦Of . w2&0ƅC{>M=Q Niٳgڄց?SO_Ⓡ6^{}& |n&9N>e"yÓN:~xѢE\sC&&rQ!thmy C}=üN]O/ZY+6aJxpk%M Q~i#Sš ?m/tF<d;]6;.e'< VE[/S ISϕ< <,F>Lr;<Ü mtn'D9&+p`bIMF& ^d~>0avU/ʎ7&F?}/붓_K1SU?]x$cns|#Pu m;_uK :fssf65sPKQ,lw$,kHmbi)]\EĥpeQ|we7u*@{V,Ysw~rKO=n3OѰʍ9i,xvIESѩot<Ş l ;C^'925X)7h\(i8k(-> 7d_~T]wտPF?eWA@p ՟ʕ٤OD+NN/-+i®OdOy2ܱyeymmd.~e<sMP]:?$RHx 7 NE^FVE9&MqXz p %IpgU{&{QJĴ@x-t^mтGFWɶzyKڻk,LV 8vakuiP8qg usKRcev[4~dzqazzPW+j[l=h~< O>$}. 8O!rBeCgfvɿ_ЧotiozHW N8a|[8::PM9*ۉ>?~z3W*IK5版,T2[W DyKI"o*{L>jO.~B/xe !:Νmm_ l[BE22;7Of*SJٝy*)=ASRMdNt<56_=7Σf^]Q]B4 "x"mА@(xMK [x(/ }P6D;iM [Q9v01&4 j}=0=}HL饧Qs/;'J0vӎj㭯^<[\_ uxErlf?VB12dNtsp KT\)5ن uM:TdFR%P=_BAaF_'Ǹ+tYٝ.5Q/(ȳǚ`BQFb#puNUڛn6J4F))3~{[?au"TYzJӟ]sEW7Lڶ0 ISa8s{17{gPLoXA>f ʕAfs|-8}'`L4wrx9.$DX̝6@:ӆ/_f)x|*yդLKp9]|_.?rOYU ؃Q~&<9NAxst6o L,_T&bLϯ7/Y WA?̲qyf}wk;G 0˖->!ꚁkSƞ%,\6׻~o^M7.GId0Dq/ZbʴlsДulο^x]Gq.W o=+0EŌ.kt<56|/&{"ll&}o H= V؞k|ptjS;JYۭ2˨;ss:ia[n%oNwΩ-FghWsr{\yKq1>t8n4GǦ~$yoT uwx*iR5da%`j5lb|WL }nĩ&C ތiy`z`BKXc6@b>du;=vm\W6z4FZogIT"f:5:z)ͽܽz &iıGez't&%?1L>6U=N/<M>4xzW)=)O>dw_/~]= }Gt Oϣ _a37Sdxr#'Ohŗy>&ow=$VoNELQT*6ۍ=l)X j+䀛3E4?.‘5>p~WP4#[ o8xc;X${1}] _ .7v{hZc䱆ZEv%! ?hCD܎Ϳ5BJ$Wu,?FW#['08e59z-W#/$~Wb9 Js/eY+[j;Џs9s`:,vx?pڷas_!οS%/R|ؿpBתmBȗg>6&^ϊ}fFu~I*0GjCҿk!gTE}/iy)tCxH9:l3qNGB}ToK ǔ|B#:"hBFX}'b(J/qu|k9Cn+ܸV<ߪCOMcbq&1;W,[]/0;Нn~4?'+VCee.Lƫn }fgpEB$Oq8s d"\ӯ"O2:l;9< L ׎k G LcVD 2#A:V&$OuX͝5SZJ.Ad٠U0]bct)CnƁ8cYPUՙo^Z"UרˁexV)sG@'NxQ$P_V¤'Nٗtc=Hc˭ J4'M1(%  r c!7/`xWCN L|Gyfq?oEEyxA2_(@tx}%B%AOt4a7~"O \%`./;#Q(\z ʧ"Yn\s-bG9{,w M/ԋ BIeȈΣR VIc>Mx׉8 {|+Vo?v/ tJl14G- 0W`=&~9: NtpB/>iXOYnl|(q]=JW6L|UR ͆6c3aO\'p?i?'{{^M ڧ~\}R %ח kV96{./koM DYۇF¡ly. *^fA`oF`q^LJl$LFCbD~\sSƊQRq,E O*(k!Λ:>X#o~JJ|>G2o"Vu;K9^N6|费PsQfZ>'?V7*L L1/G8Lai~s/+. ͨ&,*'葓lU ԟ_H u3E/(p:ux:;8#5x_@Y݅xzCC,ãK=,Oz{zZn_YwDoS12 =,J.Nn̤3n\;vәr2$\v]k>R)Tf`L76) 2rLV VUd#UsPc"fYع7~IGRvX1^ǡq )*`Twb2;nZ _ =CYG %̚$(11?&ĵX$~fmv*2Ѝ*@>NC#d}zۗZ;_6Wdf;۸wIiVw;Q!2i߱5d4zջMIE#q&3w؉'?tұ\3"NPeOR%V19#.],lRrW>8j~^89O)GYB^།m#.TL其/z :/:'6맘:O%P/&{6GݿQgIm4QMu|+ml eq*j—87u;6IJmxseiugCȏ8//}p6q lË_lԇ>Mt끶әNі+ 4UYA#kpPI<򫣕Ě=j%*X.%xЯD tLHB/N[ƣ<1qCkuTo Mg gἝu[0>wp:x@#O'6*k:^'1pY,hiO%6xUpM%%gHpae]{啷}o[\+ tL7ɧO&HjgrcP~w:C^ jVm5A#(wb.E0A)_Omzf;)nahG50錃:!4{?I @F2꣔}|gʒ˟};¦:]mFx 'Fߢ6HMJyv!2lnr'4SɆ|'4Re.uⷜzDo6ԄG:luyJtY,7d8eIi2]}W@/'2b2y>w|FM`!#&;MڕMhdׁ0Ff'V$DT,q^Sʫ&&/)q-ʲEv}x&T2LH6ތU^$'/e'_LJu|KG,Tr:l?ilT|vWj\vk:Xذa5O<sz^.K~ڎV}CҏmL0f$茡q;g}p覛~s-~ !W+q3p.ONZuQ2>؀m+84#_LRTOuw-N/n[[` #6f ģ rKD~ u}m 6 KY> y>v^Ʋ驿VQcq"]neL<:/yDU])fѰ6` UEB}u b^Iij@껰=|8$tflŀbuL36D svQb_l\Î灇}WbSu5:C{6z:L-+-D.خPg Db'd-e6;^{ŕ7x{/tNWǪH-r*s^!R2I%=TxB*̶, Rrk,2iW<%|j;dSΛl@Uv>noBc+e*gj@ [p+ AW+~hK 9[b1)bHV,SJLlV0c֩|0;󹕮L&#Q@b(BPꀇ uؖq~-oy.)vOj/o*4i#YEѿ^˵9‰]/v!đ20JK9,˲OD?rځۓ(C2ͮ--AB'u@IDAT 54eᐧCΜh=pǵKC+Fx$Mp5200@{XBW/{ .asG24v24fAK ԆRwoxo{ e:[:~GN7Ok~͙3-xlq9i+Um\ҕ!1mo |tƹ U^v}ăSs'c,Zf(BǜU?*ň$qӒ0PEf DnxRDw5*daՂxW;ܖD9PS=E:6///l~^P6-^F~n6J{GGGYc W wu쫃Ms1.va}>|Fq/1;> lónjxjȅ~e 0|ЇT鲽 |>k!)x"'Y?EFyLY"A~Gd8` s* B*)pOe*.qF'@jPDw~g|ym ܖp)tP]:v@ (i;Δ]eO>͉;=vֹ7|b{^`~]8{][;g nY_: b~8;!!W).ֿ/̦ ];V}䫍rj.)(n$KQ;RV`y=ƻz ٲ5~sEΏĂS@a¦v06xJ}nqeZZ 'teb_|\xSև>E;:.t[K+q_oQO˳7mM`!n@U ᔄƅMIMĬ}gT?mW2~܂LiC)ԍ)ne2=<$98 v;-q!3s0iD\pX'.d9N\Azym 9EW[<_򈃷g#U^zPE߄S: Z#Bƴ?Y"ѓ"ivzlnZĊk!㈯lN>KLO/>%?v䐃Wt/[?/JGFzfcoy#e++'YMߨo3l!t[.޹ZO QA]uўn!ZrFR$b[ u%M.8K b~= W42;ೀg·=_]gqv%kI>1XrI峄ߖT+A2?*7+BOr7iRU`. AdV8x ",y,$p4K !H1Dy2R(Qΰʵùv{bh_ tQ&ׁU^ -@$ E L n̢X3 JɩA%j?%o Q^G>3s8mh-jٞR]TN u:JiJqawYv8})rwW::=FC}YťynDv]v}?w R` p_uTqCҮV|>tEuuRj`iVG=e%}Cm8-:\;mʺ{O;m!+d9|(]A+݀ a8DULDtg`)yCbu8q^CQRf3T F84BA0"#f:*8xq+ +ҔG7|O"BgN[ vN:YD?ohx#m.YjLg##~3o-:A5F{{Ɩ-ݵϕEK=)|Jjו/&{Wm z,CdJB-vƅ'ܹX PnW;'{#l p}6,+s@bԉDaRa6^CF>%_ĤR1Ih#&Jd25^ґw:ȬDKr%2*\Ek:)O)ہm93J2O+a}]y@sGА/y_%-}Oַ;k͚'FcVg4=W>6{\[{;G@sgތG:YfAs zt|0.._3T |+oF@sX7h{yձNZfaSP_?ē&?{JO0Z<>Wx:X}$wN8o-X}>3ϟ=CVonJ^"R^,X{wn}py %ib2$ XEhH!DzHH\Z'wI@gtd:eݺ ͏~3O<׽ey08uL7< [ MOMHCfҥ8c&KeSDmK%C +]HĤC93y[8{YND BɈtl=0=l=ğISu\P÷]#"liǬ؇/l뼮͌ҹN쁡ᑹOf +tz4ΓأNfX;RN2ti8 -[JD#2uo $."Ν;16d T$o<L͟]qsO`qȂ OBgEzKr 34T\$ߺ$|*0"JxV!ީqIb=x`sՁ#,سN=yO#0ypq& lJ0I)*+"8!c*#<8ȧQhШ}&Cr;:%͑MrZu9`aN%Pp1R+9[$pGw)uAۺ2m+.mta2l( \^ ,]o<χrKi#4AdzfcsxjGbs*[F;UO`Ι3'Ԓѭ>e)w{,!SpxkD QYUozp$q!/x1(J~?w\zLϣȯ8(ᔥU&^qQ1G9}@^惯w%vۖuܐ?r%O ۙ hS,L"Gq( `9MGeDKOrU+A&`u6:*/Њ*SB6JOL_Zt?>2'3wQ{t,ҹoI<_ci/9g[u*& g#m:,—~{{._n{{.l+.)'M\ XՅ[,pW&@XK\$x.y]mPГىH?bj:>$3vzXC4`%s b n;)}@A, R 3Fk`BePl3>ByU)U fO& W%*|jMx!+%,8X% pBC˘ 2#8}eyYRUBNH\%r[(SŠ/|iܙ'e,/_ɴ8dE ,~[3ޅir_qpĝ9P͞ag.,OѸF_W\1g~p^! (!xG{ps[,,< C,1aQj*,jd}(%K,6gQ'N$\$);/ZBF4(w&n6MB$-m~5U UPF\ j,M$t{$$p>/#Vp#Bn<.eg,~J^77zb`^\U?zV*z668COL-hF- AXDnJ,9WL]}6-|8`.!yYCG;yj1:<?O%Nc믷U4GϼzͣN4OyCO~⑓O\3oz#ڰaSŗ^sW>끇KK9'xl)l14хAuF{CIK[DjKJAeFo%٠K!cR- ZW/&./-Z Qq? [*{R2y9@? Ao DbQ ^o"pЕ<V$F"byH̀9~͎xdAp LKO`}Yi7E"?|T}БRf#kFMYvm7Q4g SPXMRI.!X6Ī|+ Teڠw2g_F׌(Wi+dDi$偊.{Ĭ#Nd OTfzmr]' V;ˊt.ku;izqnKET& ]E yV&>WBiA0xɸ*4woEJB q MI\..>f߿~-rbÆ!t񌇰UewK<%șy=~;u6PKGTs6Jo`vv#:O{ѥ ~mW O\|5ҏr_Uե z} E ru+EuE,nk 3'UdT݌Tr166#x"0<%>KyMLSWIz}2^>7|wϪ[lq{pUC;H8e'-B PS+n*x6y!w8,PfU@xpaYtv@Ta\R$~^nE>2|ZLxu}9!+sSeH\X DD"N:Go,'2JC/6SAno "f2c0`'^ -hPkWkz}߷~-W꽺UWuﭪ[ i 8vS+7傣m(G:oTCRЬɿ{ţk7Y&SJZJu}3Oj-9qGmuCM{*jy>ֳoLt+:9~.r;PѸ-*/zO8M_@œԟv)6$p 6U0CS<7 smX9,ξrp]<4_@5_ƴ)\G'R-?3ڢ=pd.WTLwp:2]|?9aElCɨ{ Q,$r6 ,0RИ k%7ZAO4LL-/ e&DŽ>}Rڞ"FQ8bV%vW#1@$%Ȋ X;Tȝ CtsNФЩ7k\ x$0FOUVldpp}aCY~((!d jU*Bm~(٩OHp"h?ZஜxY.rMHx!mAWꅨm_gY :3;06C'н|U}J?8 o~d?g?vWxkS}^5W\2e"N*+ೲo?OKkƗ *O(^RENj +\/S0 U_aqqiS{W硉{{~W]sW]<;6(>C r%Z#BIyt<GaOڤi`2^t"i(vkx {Ww>:IMydiLnힶy&3/^/{م+9G8>x -4B\&<7aPl0V<}1pQ!"ת7<+=rZntڈ .h22-yȌR"%Ae5xbNr%`TNxKOiEAg37 p_I3ᬤ5e=>Gɉ0 d 9E͒S`kZ.WՑWyi(-z۷2i:hZ9'4a&c] ?t)e:-6v`˶G=l"SN΄UZG'X?K ۶m]t˯|KjB-Y78%<ˤi+yվ/RFWakJB|)t\ubO޴- eIVM2g1 (UEJk\!o-WN\Zy$d:kZLz,|Cx< g/!\OUDx yy21S]y?ŻP\frq [y`'JEȗ<&~_SqEL ી2kG7zy;_afA/̰>O|֝ ?}ߺevvt/ȷPq~#̐(~]5  }&+Vԉ7-;a韼?nIʇbm77cᗴ1w T 5}󵸼cy/;;exѣkvc!I3PDl d[a%)ah?1/0H4؂A m'mC L5@CDCIr> |-#u޾a |#i7?%\O6`ԋ0`mA\}UOOPf#ߧ-*}F NT~2km2/ ehsr)[/4)vȆ4igRԓ)8z5j&D&%>y>Ai~)'UFuQJ:_D߲IǶx$ITkϷjEźIP[\W@* I#-?8m*|-nA.'殹_yr3$T^M;'FFPM*>q-Eѥ2Z BfN !iaƅxJkKqS'g 10nL[$ Q-+?BO%pd83JL b5m⢻e6妯m~|Oz7m,u 6Mʰw8]/ ɻGWEssohvhfz{>{ T l<ʗ-Zsnt9m}xkwBv$zS>"PnCtrG{tz/uݹczhR OyYęw՞ M@&!if O(4k;FZy[>CO=02)ᤫ۴hG>-:mh-her]>;~cv O) oP\Վ|JVdLVr3atWY?ymuϿ腸? >5O~Gf~)̷X ;ػdRs7= ?Zi{/1&k^ax|}.pSPRVN_'ZBGFFiD{Pd D޸SAb%p;^XETG"MdMsRِЈLVD%>˻apQژ<#́8r2to()zǶ{FCzR*Ȋ68k5Č6RB}S=Fv1\YX&Q׺c&oU|⥊csO:?,M背$'}왑Qҍwo0ҋt3N_|'f;5Wꎻf&gui+LE6Z|z/}#T<:Idn''/w[kZf4x۾qyvvzⳟ}zO=*3u&!LO9KFsB_zܢO_nٴqnuůnZ˕]SA^x'@"<p҄(<}d Gx $#ORҨnEKE* pALoI .#.D9X50`Y,XE sh7'-pW+9=R )YMBW^C ]6aK3 Sgbk R!: DGWIUrl\W]6>ں$m~sL36k~fWT3yxΎ}bN=6of5f^ѫnȐ\)IM9w̵Se~/k6l\s\fZf_F҆{xkIs uL2w]\ w0tNSZp 42`=F鿭goVֻaP^ڕ,[L$b.Ҥŗܱ׍@,Ӷ/zlSt='Wb]19:rOR«( 3 Og_;^ ~oo^_W#ms/^.˺fk(hwzS'gL#2 巽U+|<+JFwSr$mu9ٱQ>v>)ܵ\[g/W]}ɒ',I'zA2YH<K) IRt) bXZ8ZCu!_@^W!hJ&vDc$:_ mx|kqpx =o@E1S_Ϊ )]Ȱۓ~\*/OeKe!y) OkS.uJg 7*޴=;g< (?=_=ˇж-wͧo ع hUj\k[:;mPaȑi-鐶ŵyҷyhӞNz8-OvWDĕU.K?[L.4WYH3ø3يv=-Y#!4B1| uH96bFb@>I'*`jRƫ G{yjܼ'b”]9 9:e{ٺJ0NUO(~CW\u/,,,=M6L^u矷u-e|"S( jq!>yh~q;z뮜S/p$[ssGy*jtBO I k툹-ᖑw-,(htہ׷N܂9?y!ܭno6ղ[T}L)eW\ |[WV? jWsAq$|`Os_gX&sҚ` pRz ! \puB3#ί{-*<4yם.~}W)*>x⹊`$oN׏9(8[o{A77׷S\SNv+#6?зN~ۛ³ =r`? ' ZM E[XCR }[u'ͩ+`̇p?{}3o]DdRܬewqVbSf(C*U)e~ЖFh+}ihƄ[-n j> mTէ^heq)!ZV_??yXSKc"TnqGc%/&:_} +.Nj&1aL6 {ʪc3m֍49qu=Ե;BmRK"-vB:7m#/)J%^edxG/<˿3cEFz8X_8~h;5b(eT'}V)&WSP_}O*jŷ+X1GԤ6'ԗ|٥<0=59;~gjfܦNĽ訽ϧ oA]nuť) ft]cI1#LV&د㨭9,!A ZNVT?Ue1eю)qSeuo.| 7M8119\7?=ȓS~|EvKzZ%Nt~G-[J0p'oM7yrFi!:w\I1@IM(J Ow(,LeU BvLh""e*c<1 sLAF)qzU C=lصLRw|&e%֕iD=6eij'8D=C t'(To{]GF+*2-#6>yN$/)vpKrCO iP$d/FBDN m il+~>c VemX-pL!Lƈ~5}RKymo{\r2<ж\ZX?Z^䏣]K8x% Zms8G\J٫RJg|7j&~5.,dy]\yb\̰m_fcyH R`䔒TtL/ʩDt3>G%cDHՠToejڑdF0} |&l_l NKݺŤ8mR_N8a}D{v8V+=c^NS8S\tM xG|mCw(>OSm>sf\l2W_T059ucS<-01-cࢾ{d89"!(J#A?6M|`A wv ]軮hY8xlbRx8D;34i(jxh v#!8]; 0hTق܎ @@x3u!GzWYt:4^z_+2"tჯAuhA)$ћ"R&ue%d [ӠXejxk^T-{;%L_p«Zﴽ̋}i5;`*hL)iT6$e? #%*@IDAT6Kz82RV8Mg^U+7333]~} w~[l6'{ږLmglɓZ\B3~&IPo-OjH\X37j{>h}vئg;-e!$41yiU|X\_s yCIfxT@ƶҀ_?ۯzNKW_C׿ģ"p- JBu"Q@Y,_إe? QݣQv=H щ4kHnE_r -rAMųk3,0fm鼳?i6ozr ϜmN/;13Ӣ1 ;8羲'|n~r^+b3i4\Y}bI?f»&P̖1&ߐ瀏4{&F&$L,j1E?;+ܻvW[H:4΁i-:$xɋ?2oxg_`Zhe34յ[[ެejԩ.\'jYԇzg,E`7XgL2փxIzL'&v>=*L!+ ssW]2ʺ%޶~Z5,r,C}[n28x\6~iT+9m:j{&o*36Zvy8ܑGϋm'ÅJ]oAu";2}:34$LcԱ)92Ԩ͔bvAnjkר  *, A)% ^Ea88L'tw'cu@z8qX_8q~.drD34OU9 Oဉ\ 6+ޭȯ ] GE}Ǖ>OqG7of9aK.Nggg76p^X\/Ōt'}/]&qs>MgSDN@ 4Dv%lgOx7G,SԺŠ\hbneC]w(r˟!,ᤄķ6Hk>|EȑxRWK2Ztr eȨ,W\ g&xb ϳ+}檴6մSh+9jLu,/KAOHJf9wto#a >hĮ'<4koUl!4NN*^6dil?‡S5OWpY.g(S50-p"{p@ߡzx/?}GνߨOjț.:ͯl ̳*,#|oG_<=Ԟ}zޡ[yH| 眽}EOꯛ7\mÆ?8︆GLK0Wt_3$>&TL[}hZX4vh7U/9_,@wlA%GSv~_90?Ė|Me}sTҎ.1[jU\'NEx8e$CN,ȡH;*U̕)2&E00%Gٔ8Q d+6׀CY> ɞUQN'Zz%+CH6+[Y!3\,3^ zJ1 JmB_`|63I,ceTP!9AY!f=Nьl!qi3Qބf;$[ ,L5hLYN2.f&-B$m\c)$qRS, .M&-<"* Al\joBj[t r2'ph&e!>y=|mrNzבO bK||,k}- Ӗ|ϊ8kO˜39T ]8(E'LUYݘ RhC_-{3'2>:Up<p<9[Ҳ`< g|Ԭl8geӄ9qf<'TEC?wHj¿@ܻa}٣ſ}x6>RFX_"gpH@.(B‡F_?ƉO_b7whq~61 8𣃇F۶nfӷ׿(wy8;T=ؽ{ԫ_CxK眻}y>$qdW0Ftmm]k4CbnM/A(.)XvNe{x LY0|&]h 1 s5&r{hI8B!*'9ֆZx!𴫻93 b2M>&O0CN\nV(k8zPW_!4Hm9>,&*LR1`+JfV-׾2~O^RnZx[ē|-)#|j'CZ5e_}};}̶Ͳ/CǻW^l@AXm #.$/r 0Xj~ Yq ),5SrBm W{7~ܜ\\Ȉ`UHy .-D`q)s]_cE[t*s_xa}lYT-tV1x"U>FL7 -~;ʘ̷>ŃoP|+Y`B^[Y``~6-vk: ՜\sMphFʸO5[U6\ZK҄M0?fr<5mt~7m.;%ne3 @/O%>'j`ieb =x_OGK³yViO`ee}+=%~ڽN'za|,43^W{]{8c>E `R;ᗙj/ӊFn :F)!Ֆ:Z(4IS|ókB4M#-bTSR(x/I@Lo0T(IY[')Ja]Sf-Q)".2:htհFX0|녖z9q92a60-*`xE!8Zsa0>)~SA2T=ʓ јs Y9M̓5` OH[$2ʺ%!|p+EV'嗖ǜN%Ц§@SXdKyKI.p`ȭvvLĶ865ķ8QH^9e-~a>Zhm:C:%P?Ε^~ʙ͑u%鵰匭fCW%NX.: XRآ'80#VFdՈZo^X|=37|g?wgaXz,=okE+\Fa8l%Q'kG jر/8 7鑏a)1F!.[ g(ER<1'C)@eir;<up[ .L!Զ#DeU!LV1| ёUa:hʀIA\0BLLKZ\Rg[^*ѪzA .8f3ZŤkFkki'a2`'Uu)&+/Q.8%*j1c"r!>D{FX mO; Clcsxkj6r-Z%icR7c};ɤHC ;reT-,}Vqm3Ξ#}Yn>oՋo/Sgշ9 j]k}b:|]eW^:$r\WZjWC@(9AC6%[%s$K-e;,'\kAx#+~7A 7Z@x-;#CN|P|ȲG *! &K-} zx䱰Z"/,6HbA^sl;L#xE`-?8O]<6ŁaH-)+~rmqUE<ɗK8W:KJGAc9 ҏBnf( z |Od p "8_u8b;7 JI$~|Vf= w+4ׂrܫ#$LmѢO֬]LLu[c5Ѯ]O'ԧw*)${ ''ٌylO"OP^;q/W- i0ܼ|)[ 6/R3x HMU<泂خ"ޠ/UܪȨpMm`Yxp#mG/y9ۛR|H;3C'T&Ҽ)b7 ii#-Ȅ" aAaJ})~f9/uЅYE1zl& &tuܲi9;O h hriV[\>2:zBxW<Y/ ~43]^xe`qib;GÀ({#5g *Uv|Q {O/-Oi՝n"ls%@,5XHkE=yɍf5GYha`rM3޽)$@ fg6裙BjN{ C"S9]6h! LdاQ,e28t XI-TH=ƑxR|aUs5 :Im$秤5d P'rMzQdVd)$+v=(zg. 2 '1-rr :X0@k+-&Ų`5p/YMaD :Sp~mJC|ĮOԻ |EBRo$ u2Qd#Hʾ̬Д 7|*cN"p !JeY#>«W& 0ķhq+UB:Yu/R#_/>K^#N]O ."jKWyOA:|g;251&fDA"LIg͏C>*~Q_b|P"TbK91@w:uz3CW3}ʕzdP82(2h*; ;@r(Es1ΡIʓG' <G@ܽwrrgwh=g@;emgטfz'*,vÀ OӮy2s`T|2Z /D=Ӄ:>]sEs嗿19QX9dAg4anIf5gvLlݺiz&igQ n'lٸq߭Z<={~sm}oԂ$[ԅ&i`zæHf&^h%aV\[`NcV/}{"ՔL٥]8XI =n(D 04\$lS6vFSiU3Hz0˰pPi2|'%xRzhkLT'7 0U^CpH1mMY%~wӴOR]]9oV#'YDg@r+D!5&L}5|V]'_W\!@ }t2Bag҆ a)$M:_h+@g8x谥@ We/\aBtIGdu$`YLCo6 Jod}MQ<ʸ>oW$ U2ϑlM)CȄ2px!P_i[N&,rrUZE;Ĺ-kWS>_H $&O?osMs6^S}&S^n#`+?f2ϓڂ& @0#M L5i}pn۶sUx#K6lܲuӋd[Fqɑ5ZA`,*M@ .,>>0g~]T>dPy=EJ t&] (x!Ct.q6SMPksf)5|f 80CE>"p< L0A*ߌ@wg\h}5Ȫ`?A”](pB%%ΰT67tt7(ҡJ4HAN_f-a, O{9oaOp4F8M'2&2-Y@iḋ-LebPRV!S&x/찮B%i_+3 O8;Eu|}*ʸVetBm%[Pv-BZ9 #{oQ!ُ, Z<.8vdi4ꀼ۵zz@uZj ~lXu <%mUd6w-nMUHc6b%M[I;Re)-_=0GWS3n_Wuʌx.q"c;{qHÉ@(z:\^%&۔yBNF A^(Ґ'g5o1h~YdF; `+I-\ا|m}V>*=+%8$9h$Oy ,\(]]9k#Tv88#c7&C?'}3!r #B?yuI8[tΰBY98|Ey&ϨF%?[5׷#Qx"_"Ԃ&AA&GO,i)w$%05-(̬ x4͊[700]6v۷oٲymUk&U;ԛkFjV}AI?b&YzDq e$v!`"4Ni$+BL &[]z-'xӤM#7 bsʶ+] %.y)JHzѶYY(Jm=)@HKy+i'+caa3}|HMYcSۮZy۲Ayr[i |0@Xi]!oN2]`r:Ӧ_Ґ C)%Nb״b|]{%̬GdŹv\|)skVO$ObUTv8L eoEU#_[|c5j5G.ҷ6땾+\j- lh J) (2>R2{ ]w+)}'OFAd{ z8;ߪd7*9lMY6,CROu%gdE/Wwt(+6Q7H&O^y<;.jRfJ*4!GCx дu#«<ο[I.t7nlW-P_ML e+{&okh?)X GrwCG6qsa;# "`/@#rRz O53'=՟ܫ.˥!ڹy)Zk`rQSs^)XҬ_ jAVkBPf7&bv&,;Z6}Z; Qn^Y`q`㎳خ/lNia`V7;G`NeV-\." ^Fw#礏,jo2(8`PdeCrA-!aqmA|\ҡ–`NU>_#3~}6E'U-\ҝ2HXO!ߡuV!M-oQ&?Pt(($m)5ECZO2rn^a ZJQكK.CF+úTxÂQ,*Od ## YO+TCؽR˙S*q-Y+Uf_Ms' qoj$řf!Z3[]UZ!`Fd-6<̂6B Z 0S)EڠM- >ip@JW2. {= ѵ.Jk:r*T,o/wb4@l_/r2L,x`G =.t=+yn4X 9tjGrZ69[yю 釡qZTk#o8);ӎT.U ׍&YLJo(7?HZmNf2ƕm.5.{"y .w:p㶚rԀ )b3mȴ`޼ψYReWY^Kh=d#kM"]>$`I"K34ĘJSM6pUꜶ¿q_PN^ɿp*l=p~)2}⥊c 2я363qpL$<\wvąޗW4CʣRLbD+ *,(ܩAEVm_ d*P~x"J*2g7G`f-Yp@bEv k\L}%Ii,+AUa;ơk%H}( ? $Xx+ =0%S~EyRJy3BGO@#O/Z-Ln8a IvSyvRb105?Bp̞d+Y^KK,L?s^5"N\q; J+ l FFN؄3!(WSP[kzנp *MLbAܨZddmS5e;b< Zr'` r! Oyvq%&η,'tӝ-L#s{E.w9&ӥ'[Fҭ_ (d]J"$Dl<:ZpG0Ը7LޔeKO]w,t~Dm? k4PGA?87<= Rz_AWq8%w¬RZu]=¯L$=sK=)I 3¥Mdxuuȴ$LCxOtC߹^REF&o諑#K 5M7RV C\8Сm\ƻWq,ܢ~=`81}{Ʃ3'W+zq5M"Wy_ $zr:NL]!KP'/jqB]xt \?x\ERdd3qeî6 OJDvrR$O'f߮kiwDM"ιa3O0$k6y!.89?O@4_"⠚FxKT;c,\X8x )+R-%I<зy%p'KE(?ygjPRnn5 ]0FzEym0YTR^]\^78 ls֗mU1 :E} ˩u7v1gztdJׅ2preބilc,:$ |n섛u셗ɠ;c1$1|g:BoѠ$ mXMRKK>uyje-N EGR[_j *#V8Tzc@](_ y·B\O`[+ 8mcŸE0r;.%*%Ցg!)EY( nLM.~!KH!}[U|ß\_*3w)'S ǿqZ+v-U qH[4''c(W\su/y>-7 *9+⶘=8/kzxY/l&b] i9(גWQ<7&l9!mJF = _&Ŕ ڇ{`mSC[e#N鉁L3K_Vl~J^Bd0@[_ʗ|{ DeyپFY*G)m`TId}[N7l+rL}>v->.)C|OaIO]}z-ک0~)__^]#T-&N2\+܃2E"Z3<+9QN d61x"G L|LthGujD ׹v`^PU"VAPR3 M"pmPpcZy쉧 YD`+ip:y0'MLZUrȆ-y[.zNaJ}|=Gh{,uARSCZ*d×83Ϝq֝e`|lqbaaqϻ Nt*qshJ*@(>{@:x!6&T :Rܚes%DmDD\N~Xgxɟ_{VSP1.Jb=tpF)@ɛzܦmSxT[y"u2;& @%^ep/iJ 3 zd &<8hgkI'VoגLJ*"q~1r8 EV`]Tjp28Sǡ,T r`*U܁8CYCMq8Y-au-wȯdl&(U4|jڶOtSaS1>37k{ϼRO<v?,|O%/b;ߪ|}"\ys5)ߠ9K1ig^bE+}RL#_&qIw2ɝ:pI6O);Q,`ѝx"<!s<@8pPQC_Om`峊O*rI#1"$*~" ߮HuAl3k_㖳a )fԓOt3Z LIL^e",0bGG@`u⃊ӭcrCgo:#4zE!~QB`cKc7YElyLf "&#sr &2)/| !:_-eaGGEgW-4HSnM_- b's`O[ (d"p Y0C( z!SY84 :]A E?Ar-3tI.2،*OxdwuW+L+@ږʷGnǧ>^huZZ| ϴ/ӾKK7L.Srۡ2:9UY/Tݞ*45m=,p 'dJmKIeSev×儵)#A½<[K}* (IrITdN#SWʪxp%gj"Lߧ򄟳Xe>اZA j^@IDAT]%nI?w~tqGKg;9axVts_8 >ΏVXK\JZRhנ_,Nr"6Їi%O3݉<> 2'd9'ׁ'gЇ- nO3ˊ΅3Bϫ,<{n–-0phǎ3l߾mI_:Kߡŀg9pH?xP?:k5\M[.μ2NTUX0-D꒓5&FƹA̤-Z"jȸ5@ۖyie%O-.%ӔSHC$ ksWnۅ6 Hɪ&Rvˆ#v݄Tv~R[ `|?)תS K޴)goyoH -Uߤ̖<ӺI82iP5!\B. :!#2AQKV@y+u0p]&GT\%aХǠ$@JE HOAaqiI]A<lA,qR6IJ.^<8?^_wdžKP}Jڻz[;X Bb, 3p33`<m0^c 3,>BRhAB$RKʪNj}ߗWuǭ_D-"ލx^WYa3Gs+— 9z"^w1Eu2? }0&{F'P -wPAC0ۦ`*\37$_hר?qWmq[ne˳qt:SR?Uȁ>;fA࣊N="O!|T=޳rGy>>t߭ӽ ox_筏?ƇzlQ_Y^^z/ /E{\sQ n'VX$R@АQ8 C'AM362SԲrס4ShAfX^ۜBV޴3X[Έ7*% \!&Zv~4nyP=naE'{wc\Gɭݳr!Lb1+~Ggy bu8<>K9vDBe— %KKw w 43QO ?GGaAV̦4͙%i=x[Jq4쒜ݯځh꛵qe*7-"!LQvQV!bm!AL1[=Œ(k.1&l# $ . r{0i{.TI&~`^",6pp^敄cʀmz^ -3 t߾ۅ7vA*quZ p۠,f 9_Ф[&p`-o߶쳷?C[Y?*e6,_iNk;{\uoTON" }h,]b<7?LYlq&AF:AnN6b:1a:uy+mb*VZRw?M=R ^9YvfцM4#1՝/7kE=m:5M#nl,{zmRIZ`סv*[jk) [8l,`k.Fm]6{bGY]q\%WrC"\VCe7gyԡ|4!E(`TA ,hE>CtoO?[;~ ?%|&!p{/}^+#BG!e\(Kt+G;>yxڟ|)2.̚x!<Պ$y=7 ]mxT,sv5336qfu+@%kb6Jޣfb5 ~'74Oߨ}m1r.>)4&.!O \!~j!0slӑcvg,D;4`"Lݴ?mzzTxt͏ܹ .8疋.:oy\o׽ XDND&!4Cb=.wDoҰQ4˗z(x,nQ]. n#3*_ԅ'%. Y)I91=vxC#S访]TciO^xy>mRhXб3@~R%Ӽ|w uXwپSdRF~F g ڞeSuSR [xa,+M`QQbGEbRpS@1\o yqB2V Ԕ%U/W(=JzwHCS姱Z:qY mQ;sgi =U)cېbqH=?P)V{ۻ>?{o?bYxf(? Y/Ug =Z᳄=kyʲnyez0,0׶}uI#Z4:#G 2$lFq|SዄLpb% Ћ{+#>[v\I[74Qo1 <&Bx\ ` +dwTOLp+; vdBv\!dwOl/@._:9xRԗ_ꪛx,`+'`?sutc7ozT K+ġMTԷT.0p$4*^.<vd=q*WyAAbk BhEhia%l2+{OtA*?!.v*啭&_9 vKpm+69@ pY^My97雁7ˣs?&2בx:-Wt5tN_5I[Qk g8Ttьŀ ~&>U'X&Ki9uhM+'ejZMnR r:qQa#\7&tIt,h heۼ9\w޿z-w/~W8-y}Fy?,l33浟 p@Cg,8"У//3٧ cQ߰qcE 57%Y?ayJJf␲}L*ܯ(CҡC n?mvP!k2kW \+|ӗS Pf!gvp鱈Κ{,:0~'9]5|75M)wγ*ݯNpP;޽_ٰN٩EeU/ D UY1MW2{e u]%kkۈjä&bS+ǃGtj]\d&9EmJ8vB;y# 5g,8C6iȰǹs f_DA+cPFfRfz!]0b=$¦&y:՞CyжvBI\ġ /zo[Q*\Ya0Ϸ}__:^J"&/Y'=OHѠA=Yeo=$Y("1DОI*Zkr'DT蚚 h`itǴCnXYWxۦ;z# 3*E2 {hj!8 rLf~<'HaW . "i&4gI 1g!>iM: 1ɛ(kz:{7-~0;arD*vBqmA)u.ͪhmT\LbOuaBx_5E; uǓ5Q&Cv0SZB)l"R![?@俽ԬoslLo'cQ嘋hqPA>&,>4|0u1f\9Fc6 ,6uTJ֡1,zQPJESCj$źWj0bW_sⵟ'f݇2.wxzੰ:wܜebf ?a˖eT4_B6 L5-3|i.7 s3uyr[6?OgLCqCp>r:*J | M|isQ:o4RO ޘ UK{fͥ~8Sn:X4`Lx¹Kd,gqŀ^yX[vݩF4fBi*6)MJCF#6]ucz+/LLXB!~J|Y4 U[fNT$?fG`xhoo@c'3-3E4)t|˵i=I˛s4:2z1?#<99aڈV5MEAy%E0K5Eדrt*:@ (p]"PQCv%3[GpG êM[[OɢrYSp ߻%B;Qq]~}LF }_-tҐ̎u ~aqt13~Ј,m8O>hbhO+d>^& Ba=^6kKUJ~E:X]s!d˨ωy.K"6jɳ{SxHĎ믿>Og|Jjg}zo,Үm[ܧ(]eqZP B1 0Y'' sr A*Y)[MDu˘2 c[&MڅBG\ӼSZ U*ʞ4vJ}opHK>LQH2~1<^ET ˥hqdaJvdnMQ^HX`EA|p U8MFl[)Eįv J sT#Ɔ^CX|$- j(I*2EpRQOF,0^! Ks h!`?d=RwkmWUe *Dꡡ #g(z.ty,7H=޽/:xh¡-+9i!OpE{BOro֧/Զyy_4"ߨ ."f>lqI=[lgҟO7l޼!Y{8`adL'r$OJ3=L]-Oo||QN9R@r'L8"KRWߡ~1_t hg#(Zf8؁M@6IA m17;'⇗1ܫz@ q13<3{Fu1PF[y'$(}B}( (d񀅃?hufbxR! 7?#u']I *r[t*f.X$a&TzTx?m(tʃmFClFeY"An2=dCƩç+5]mqQ#d*l0ԸAmѩͤEκś_Gi8WmL%/4|\h!JOJJ_  'e ><krJ}z %M)y ~]6w~w <򶷽 _nܸM;k>}Xѳ-[kiiˆj-VR+XԼ_hTTAIHzhksI($EL ̪=hjň,>}>m( XP*3MB+AAD^A3::⢎jБCS8CEN .,&R,XE8^xPeR >[)h[aG3^LAH&~hmFkBLj(ɉH(U\2ʦ;CR˖?YO?O_wwH6z݋~/k0xt^em~LwCO8:ՇEI)3Lз+i ]{5E 8_=MW1$[X${''X`A|¿zp?"*+@H\%ł@36Z{(4?嶭<6Ft"K ߈tb]y>GQ=2.m~yKr6O_2фa%%aCkYT6},)̬klSwPc!0lGŠNƿ3eOw9Ihf{k6 @i{9qΠ)p~ s.d _wB e@@bw׿[nj/Dtt\R TAUpª.+>`W(hMzK 8nLsh Vx$J-b3=TPV,x11DP-ƅMFCO! 4)D `Qv)ψRu0]PtJ}вH}Q}`IAhi0+9ʜVa.6„x7 RLam 8 r<'4}C4 : YE(%w;HK;0YhZ`!N2YO*|PP d O)Jlj`,ŢnC:1,;N/:sCeت&moo`\`.K-r/-;PxSstW]Vʕz4PzQ rs%'*~&l_kL֕xF'"V "@N>y+G:CGGOIǐJ})`v)#k:!X>.=p=k_]i]gs7e#h =7MSV5}m7Fbt?GT2VXܴ|'eMaU%XI5bǔߨcZ]{x%dU{ 'EgBRL>C|!|Y95Ş]Yr{^"<0@E^)-~cWw}={vQ}E6ۼy矿=mٰaګMZ~Â!E!zW{qUFj[&9 Uv_vBRb \YDS! R˶2ZC)ӴUȔ(v͊r ǻ{/ж '˅L Z`$ (جEJHy ,Lрz,#vz},M7iE&BOCA7+*4vX6)fMSlu.F9!8ODVH$J2a'/&k"[=2x_ۡ2)/ٰX'd46t'tƊF*j>$d=iRy.l9Ȧ .2EF*p Q px?"n?ic/2O#ILV3Rr\ *ǵcpR>YL6;?ʌ_uԁjyg~Hd[Y?砾ؿXV'~'5;ER8RO|q)s ;tToq3g?~jΣWǻ:b 6*MyI%tj*a,lJI,pZeZV( _jm19nCXY'ZtvYڱsjWL5>,rb ,դbtؼ$ Ō"Y:Qz՘#&ie?a6ə2Z miFTID6Q*cX,ڈ~aGP#7yΚk">(d3ÿD^x1v\u!%$(⚢̵RfƟ z`̈́BDc C M&BtMM@zdƪX1D9cd+Q\@lr)u oW{qߎ.暛1x(_+-!ND 8 fn\ MW鋸z AxϤ?Et4;. ჌O_z-<`]AʨTl) w?H y#mf:!k^Dʱqt'|LoU@Ȗ倝|(q(Ƣ_ =&k%Y z7e{CƶΧpecekS?p-i]_)T;l }BN%OUr1pZJo:OJd8Pl 7& 2{4~,/-dLz \V,</U[xt&ĝtiiqEFW *e᠎\ttdଥ Ë-  ^!#a <`1 3lrm_< _yB qq|b*)3(C%?[ 7ܱ{u8 dbњqK`TwY/<;+{zdǏ\MsKXb=w|csUǶz Ljg܊r:: cY%g~/Pg yh| + zla+ t?~X9xw%iܓ728xb|y^uj$9 ޞ6a# `NL Vq{=Rf~M7mZZ$nAKGh vԇL[?4>9]QJiiy AJ5ǜCShNb/W&0(68<_CpHd<3Nʈ)boH@A@u _ PM݇OѦ>65yu8XW|}c"b{LuTiX8JR;O)m*~~5~-2圚vYHRtc lQZgٛUiaotR3("A@1ܭK"jBQM l_>L?O9}W  >)sHHqK'` ]YBإn 1pAٳoSqmǞXX x/ئ?^;' +د^?`Ⓘ:v΁ j=$ Q%V0cV n\(9hƐQhM5fjT MCry<b׺$dq*;01Jqej";<Lll A3l]̅ˮq6ha|R"C%`=p&zjPssuPk 􋶯4X\C.}QYj!f~uLԛ?Ws;]y6Wr5F'&xYkI k8/϶"_u _2#S?>.p=˃2!5Fc#(PxB1a еe+P/<6"og/2$mf'2 !Go7>-[6.n\^~P;8g׎[gmݻqֶ}۷nڿuƃgm۲yC.oRݿ_~fyUA h cUIs>9?: {%=4hQ;ba 9u7L-i%GO--㻎HHg@k(_ey߅(>óH"K4ݩH 8dꔛڛWߤ%kHŅ}/\sʹ : nU7y-#|qۄ.;t/@LKS>W~k yx:0X|C5wHlLb$$^7%=vV_ a+m0?Ճu򻐔?+ I~ 6?i;( b_26N6LX7k팉<= {Egx!<"E `k˅;{};50:)ȕ)?/`jBl?FBIFO`a醙CiTGXqŶbaBIvxq UuleOT:mCue&[7%`AMSt#O?j,AR'6-ADRRh%7m%5rYr6Ӕ|Rxo}/l>p`e(ݮV}Zv*Y9 8xَG^m}O];}B8~-z!m㉾C ƑKwY+=p -?eK3rTW2qȽP Oʸҍz^ߔ<ҋyFIEW7rb.xe@^- !M8pH_ p]qƅw}14!"Em* @6?]vXZF4&g ldtqQź\}VC@Kʑ2)ny#z9`+ߔo40^(vHbcVa׼)Ɖb.D>dcqI]ڂMZ֙Hy{6- .cjpA0i'ܞӚmDZ2O8݄<&$`. .LDnmd9ׇ?ȴr*V󢻈psE+s7_ogʮ7nݼv (ݸcC7m\ݼi%TGC:cPL*^XvR&'PG9^ל&)ѡG_Wʷ A RjK(ߌ7sg‹ciBfSG3X3_V=-`?ė,m}QUr|oj}jC=moО믿|i?'wv;CEoJo.K9Sf{}:qq!a3OW&^dt#ܠw8nB>Z`u‹P+7 @e,s%a] =+i 1>t݀,R@ , ꓾=Iz":Qʟ䅌lkѳ~#jMaz CN'ac@Н^RJF\xѡ{L,|9z:ݺw_7[)?@۷7H /E&;MO%eY{$\X,hƹ!:fо1fSӐimjCE[m[?>Mu|p4uhz,N4& 2< ˋ^ų!cSl C;pz}#LCD4-ꈂ .8gק+&!t241C+\'pҷqCӇ[U@@IDATӏs9H PH@&NUxt/(>ݡ{x¹RE˄\ʖKg AO:(#-O$% Tʧo4m^`_\ ;$:BB,&_R7g@7lKС𠁲/iѾmӬW˴60Q~xZQ:Vhb=d;u0|P<_| ɌL'+xpFelBow뱄rk alq"2#(s - m:-:S&,Z,£n 1`Թy|̘XlYxu8==.؇jn|9E& B& `p— 73syVj]0؎AE,\xzCji+5PF mt}` osYbO $0]-CdW^[9FkP%$&a)Rņ+6f- v4$-&eUBh ݤ=sgo=Q"4khڭ޾?/VD^ŕ ,t=.N7y~QwhÏ?J-l4-uP&~Rxv!},N#JDz@8s5{܋

pȷ?#Y>rǮ%[B@BzIs2\ti= G6viKxx(ع Y9+7/9ʷQ@ߏ /2)pzr/yx.'Ei,g]bxƗ-$~rX 1t\-z;=fwܲя^>W6VmŕXB<7+ͫ-Inh5|t$#YhCv?+~Bf&No\u stK<,+nsvX;)4 7|M>\dž&w yJLYCf\ E6/\Jk 7uIPCb?)*YJ$dFށ# $>R3qפ: 3 :ܸe¦mi,-,ze[270/2 ?tR&:>@F) 6&ȍ l$=tb6h 4(O>-#[2@vxz-$__o = Q2U w$}E_zm(RHr[jTҙ%7ҩZךll(͑ux{W $#]©HNxz6!^V|n,`I|{WCVO+w8d k%2H+$2&8lh,fۯ|,:'a#p v-=P@6aSOԉlGa~ClGRN6ӖlOLFd@|WyCS=B_,U'w(Cʦ|Io )[,mmr4ˬ,z.i@i?ш+WJY&Ǵ81qFW(EJ9ok A?'IȻQѡ{`-0iKB#&\Į.E.2nbQ0jNEd/<kxZv!O|A-:}=-[#v*RDz@|䕯*zø'G%ȍu'Pl5eR=1"i}'A';D䘌&:W> * *XA=#f t9 G ]!u۶8M>rUk!G{8 R.[Y=[W JÖnTw.L}cg-Er_}ǣ!NWe/Vy^vX^|ꎾ츞qv\ )Zvt1ˊ1jI2`Y ,ZY_Նͪ u>I5(.![<vhS\Nl8o: }H=p< xtRCB+UMpHE(1k0K~.XUzZxzϢ=RX<4^!0&&芇l|Ojagf=hSl;l[E@ SU?)~1"Nk0v<=|*x᏾G"}d4^QJ_BnWPȑw{̛ٷŜmʮ#oi'?wI+["\(cdE_)1VK.ґ,H$*kjayr3 D=0L@7!;J|͗(vke?=N!دmV|)d̛:`KS>fB6E&FMHBSy"6M 0;:ݭݾlnL[m=䍪sf7AeR-23"xC㥍B06$Oq7 '…`Pi;XR &3Ėz11~I:- ٖ-G|+rصۏۂ|xcKrخ#D?rٞ(gf_aCl1?DN;\=^(AC@@@@ 3bvO>/U?`,_2܂ʒOt) rv.l<'Ln C`4gR_ kɪ-AT[𱗄wA;qLEzB'AN ϝ$=B;ޓz#W#ܤ>ɢ>θx|qyMv,r~njNѧ*#g=7鬺rc9b Gf eщ28-nȅsiӕ~8#`7Y#nDzB >2F }<Շ'@ pmXд@ze%=EK!.BS5oN! Di؇R͏mvH^TۖrD3l&att>(d-B^ZQ.PgkL}-x1͉jB( 528T"5*G=]t?Vrט6CǾhc브h17mAv0+/.Kac@^"w 'l?G# (C@@@@@@i`| Ofķ xR^YGex*[,&R2qPrLp1&.`3߁Zؼ{4N&zoZ2oV_۬>ɀ+*NlWNT7(W[Q &[Z!?\RƁVݖFN06a|2asGM,|/Cru.T2.p>aSꁉǩ%,$|ԟaI7*[oO"HqO zRNj4?yŜS WH[b"h/2AR.P|fޔaI y)3Xpf?/'$e;t$L:"QBba 9KTf7n:ttܬrӅ/Ĥaa,haWnx_#iw ߘXW)y˥3Aڴ )\1ҙI4/01&vD].76g9^)(l0GU_*| _!aꁓp@OmeEB۴p6x 6#S` B>!zarXEL+4@i&Ar drL)uޯȒu$ci=臯1q <`3㇅k:tt0O '>Gg瞽CCO@ppza,JH!АegKLrxr44яWra um/f8㛑6G?;|E9ף4D'V`T)d{?=pp 't818% W)wށQҡG3D@&SiNE@sQNrPöZh3e U'1̓`I>e/TYhAlȦmNX,?e6Æ4&1Ӧ,;˗/Zjv0y==p`иY4/xFʇiJɵKQ?8Ӊ|;:#OĉYgјdMOL ~c1 frЀ5: H! c[h#BAC6a'`\Sx~گ5cd1=˶C`4?hW+|pF*jc"dU1b?Wd\d1`EŢƔc̓Lgct?%T~_[fLl4(5α35ɟe,qh3rZt&IU_muٟ1Ǎ1@9C[J|R `#^pQ?.3%X1ZimSt7O3 rਞ! 3牾'Ak3r*+;atRx6OGRdzJGgB^K==p<xpm5laBrvG^q,FixbџH3t#6Aj]])qv1~zlLqdI jSnySj)68vB sd,!¯^%]ء{{{{{{{=p,y뽀MA<`F)&H9 rsؐSԝe&hO ==pj HF&mOG%gDX7 4 v ˖"v‹ rw Y=======pXn <~ i 6a1@F*3qGٴ̣^-@ғDd7WMC ,HYC3?V۞r1/s~ղL?_ٟExs¡q*t8%^%o>S8Lo~C::9$4#m14g֘Dc:c ƸB6t8<@e+! )dX~k {=.ެd'Ţ1.3>qNEyN%b|+׶(Y176!cXgyNMvN:wcJ; ;LHʮ-6 t# e LTw*0)5DA%)*OGKr hZڀ)@lF-Hڦ‛rҦcu8yxzrtIQy&L(cz{ tϱvibW@Lc1q _z ?YJ1.y15Me`Qh囋UYyt8 yAʟ<%@-[##^|?% S!g@6bgD pk#XʵT[w" -cRٱCZ7Hѱ>qgP~@LYe"lϸG0=v ikhˣsę_lێ<c9Ȏm3iqI ϵv$W)/5:ب2y.6~P6 5d71.'[ ߤƽ薕 |g:.GHʉA- ؄Њ>  Ec:~-@Dh^#Kk?f8l#B Xxo:tA`UB>!Ɩ)|PA^oV5 Т gMc 8$c_R*f KXkl 1-kg4S5ұaeouZy) il8~M]6^^ /*{(ˮ<\F9H (%2)f$ŎIdBQ Ãl+N%Eq,)K,+bH$%)p )AF7Csuy}wԩ[sUo>>w{:ORdzK@fhԍ~oyӿs7|PE\\~% $>Gjs;:xD@43T 7YOtR;KIfw4Pqx2/O' ).r);V9=G*:{qOuUU{9w? L 0=Iy_68r s.KSxaRһ^;Ak\%嗛q)yݙcWw^E8rn$ՙ|KӴ<+_ G\-koDv7V-Tm, 4[U^Y:%uiPNAZy@4యf܁_Z넪L2Jdҵ?.뼕F27ZAՐGgn$@ r 7 eXQQyE*<U c>sSUq~V$ T:ʸ\Ԟ\U25u|)r4մT_#/ܤ>s=ؒV\{_qy\7NKզr!~ @HZ} Ӡ;Y>=q'f)tQ4;Jg0򧎙 T0rKlX;OZ|<32L`i @q/7'|FFpYSIv6NJ@oxoa OG{~{'odw^ԓGi.[5H\LNo"45?ze@:%N|EݫZ&Y~g;kzE3:ip2+$w/ח?uͧ@@Jsy5]í\s!{iUqqWs| P) qntQ-}屉 SSo{iWzwqYzV~6n^nH*S;1's^mW扼ey]sAkˍ:Ol\$/ *_j' My]onS7ʘmW^oſ{wq-ro)?'! c4UzB$h~h4$]6˝J,i͒)qD.:xvklch?k,eMڅSo|?Prc%@`)2zzFloGƾ22:8n w˿M%6viOsYܼ??z+>'|OE\qYǹ-sp52ޔ믖 m@u=uh_q wO.`ozr1aUu=(nV;^ ]swE}Xh0',A N ,SgU'VuT fKZBs,Kq84F$?ڢc8؏\w*;.SUG;l?%{qZ/&)RIi7E @@wٴսʫ5== O׈Y-OCV7(Bfx%)|gŻ5ȟf+qP)dTDU:pL71DO^/7GZvoho﴿RyW̦EY{|Z|f;(~"\sOhKofz\^&O@:#N+f</{"!3jq\wr-F\WÊsT-g 8]Z ӽ|岾 GV}?e+z?Α, ~YrwRmٴ|ܹ'GFnQ6ϒk4ֻזּlP- `@+Z2j3ޣ.7DE%pYvO wtԡU߫޹:}7CQNu9T)SZi!ȯSӼB=TOw!Ab]#ރa+|͒|:֋~^ҿ.1@:#ж6=#w!OR1:dʟD9wrUZtfuШƵݾz#Eϟ{#׳qmyC+ϟde?B`Ho"S60aQLJ;w'jKӃiv=)*IzW]hy$KE!Ŕxڛ6R\N/9_upJ>l+בN;9 Ο¾/٤x?VOր 8(oF;Ϟ$m:{[  tpZcqkD5:e)H 72:.SWϓMJn_z| ැ_~7 @IDAT=>MSS^~qеuF6Z)KS9Iz\R2y2K.8ujUޛ>W[ҵzO_nVj^z=Q Lz.Y=XΆk1;_/\尽~W^1okPd>"c7I2  @`Xr?ߺCRo^J .wR+W٤pZN(W2l%'2G8U(UH+wĄ)/t2m%)9wl=+<-|vSRFv"+˄?ꨆ#vuVeoE{.T\'Yk$^ҩn<)2+9}w{Y柛ҧs# !+fri1O'zOv=:^.o=5*<ã{9]41c㬖p߈{{UeV0+I=^@~xƿKc704-[ٳ/ݧ<\uZ{rB b.k:+%v#70t㽛y>pa_+v;!SmKVn*ղP;.F[^])qR[)6O&_ ?+<)NXu:Q90N9~Qd'! t0?iQo{K2ĥ\ޝVK[t;=i6T6T_BeJ8{K']3<-w\mzY<3)KT:@@Z0e7Lz=ɐ7IG8a `^zkDi~:'UatZRPG|#C*qrZF~T;=S#OOΧp'}p{J),ݐ(׸ Wʔes#rF Ksb_H7J" @S ,{Fq:Bve:W6%1b30NQ,t+o̊%aKmFSO|v guoT~',@/tGߒ"f`g [rrl|{ƍn˧OONNGvɀ#^BMe"  ;1tl\k^DMys8TO.wAS\ʺM>Wjz m]7s|Z)k;گqtp!{ Iv˟rEFʒF`H_Yڋ<~\K=|I@ Ёq-/qSݙÉN ;IV[27[^*눺*[Gu-w;f&U駥z.@)-!ja){ZMN^Q7U@coƧ PCމkèMpΗ*[{1걫6xEBL'Ft.uA9o-897\eRA͡JK*8>kVِTJ," \¯ FxH#ˋ@ )V<{~ @xt9NX8ӕYso=zoqZxdV9]1WėzE_"M@&tD}Z-GЩ񱱞-7ɓ/clrzހYA%`l[+.} Zx=K痗 R\yxNFsU~ߍ@2(o L aIjjv~KWQ)5a嶖|Λ*W7lW1rTUYdDB yq == ^fٝWq6D" ͔$?gƯʇamס0~Sq>ISZG9Ӑz8rÈ|TښrŸKF Mtc|:kOAyp}UK r?;ǤK@:@Se?7Ҙj{)sSR|BH2@&pҥ4< 0!1=st柌Zeփ{փA޵!+ɘlcXanʩ?a_'0p}{=u^( KD]p*4[P!ǪOi/EʀV٘]O\&ד6Km7jSa_oLEѵ}HuU\◯Inqm{uyE%W^:/*@3RmٺI}@@hu4cCoUC1ul7Y_/(KL5? #s il"C&2@:mWzXA+Mn6dcv,tGd^qV8_WiFgKC8_q8JQ4Ju(2պy#O>iAy5ze*iNkN*5>ȟj[ߠ"]G!,@@hyvMQib !-eܡNLf;pJN^KXYwiH.@` Ȕ96y訷.Rc2=MP0|KC' .[.z0lyƴÒFu2ng^/OpоTW81n.)9eR|9y-ol%倄ef#Fe5^Ib{|޻ռX  @÷s^QlLF̸7s3]_Hi $?'Gz4l*WnZJV1f=[bUq89=.&CYo2s0:p׌:Bs>ji VZ*(ڑ)>9fcY._/epWN56FWJc- ~HߡoK@:@I@ _&isjcƫ,0Er@Ư$`]ua\H7|-9)NyN2zVv,1\䛫SnKNoRqZph>.@U+RUw~ߗ" 1S: (܁tu^܉i%9ƜQlgS;f& ^l'2]0^˸lAAj@ե:0 mihoe,`R쑤n$~ǤLllW4ښ(4ˤ{:Na5q7jOJzړR 6$}fi9n۽w;7*V{\nE< ůI VnK\~z 2ܓ*6 (4Xmzưݜu6vGLyMnWQ_YUsn~.[z.yvd:'TL-+oK+&'߸*P}6IL #OyuVPW}F>g-'}6iZgO쿣SHݙ"E :n߱iX'[ɥD4o89>Ÿ([uur'L| v:L5^ɐ.DZ {Nu8bpAKjܴA퍼L+N%}pv]ҧg'@@;h ?T貾Y:hGnLԖGZN]!.l}Ms\!&( КZY>nEJ7=UFPҋFJ+mKn^Sa," cAq8pa+Άke;MiɿfImS=h[PZ{v  φ U2?xKu\#Uî'ku}mz*˖骣 ǵ"/8O[ Il#ZIf#uN#ӆLy6S^ŧ%הseN8\pʟ{Vzy]GH֙+}:WW[3^j؅Զ<4X&ZryDe[Sx{9_zk/I=@ :vt*j-ĝ"ގTz1H?@'{_QHņf4)QڸF ۴^oH9o@Ο;c4<98Q;Mn#\uMרffy4^l42_\oo6SIʛ| lRwMVi'jL :au\YuɭEH_u սҟ iD68>w'd6ЫqL6SgU6+MRqK>%Ir[dXzmJ< _a;C=mpyvWi/{IƿC#͙Z/g;z[_!}  '0kfwy⧤ifyN|N7zԳE_҇#@d~ TIm.oF:SH톦4)l7`W|*~R*SjK=k4QղM)x_6_xV:jqpo 7sl1EOpNa50:x?Y7q@Z@'H}@Vu+r">J}@t*x!t,Iԧw*08WWeZŠMƲ V$aek^q HoΛ Ignm^F펷?k ?QGSQ.\/6w)WF? @-Hᅯ'_:ųYBzV+@&7B 'I';pZƢ XFUeԍ{` (]y? qz Frj;#~p7uj_W2hzfe"OQ>U8˫),k]TsWZ7r@Z@' PEܩUw^Rrݧg'y@Xjvac*l>J[ATuZ5tA87 ǻKnZUC!(n$DuF4;^nir~K$'Q \4`|xjU$f1zFOW5JR:>@뚀B^_~wKrfnQoۭ)+rjW dqLy)Ys:UcyaGIUIKAr8_% KvWDz2UgpQxT4XhTMju? @AVaU_>Z'@`GY])2>Ql{2lw(w_._-VAjհ+P؅ӵ"=qV88w+M_nf (n*")R/ZVQ / @WMhdWgvj_z?@3 035BukՆ<0` sd5V>Kp7I?~iY9./e|=I㯪qk÷=9Q6ǽU#@ bډJ%g- m#B*#3 my*OOoh64a^up4Y\ٍ\Mm:G3&Uwȱ3 @h5 艸ev靡 4%F!@ mJ?6AhekU"-و̐~ᴴtw=y ?;O/ l< _ռQۧ/dAe $烌^yٿg?#eVcnN@0z4 ذUdebxw1m5Ft:܊HKQ6}\t:XfV~/"8z;ꆥ @-B=w{C $Ib$p%H/.8 T+q򯂡_  @J`Vmv\n̝9W/HG/ }/)O>!c+ |xB5U76إi&,W{r(VzҀkkr?tKpÅ @} t g8PF;;Վ%~XY [R'k}_'ZW(n\|V>I۴lŠ6#?[U]Jr@nk:+@@?yTV'=*o83ᨂ_j:3[G@{XD)_^ϋ(Ylt@\ey-y 7vYK2oD[(o,QNk&5:uY! @H8`~TM>!ץ_>/@X=K"zs g{R֭2E,+QG.}t]feog Jc5ǹrTreW1pr!@88iX܏Kߝ7V '=Jϩ=Ro+ۤsهA{}oQ؃A5:by @˺TP%  =KJ'Ts@Ev{z@"&0"oy}A>y^l'2)}@=r.=0 @2*aj ?:C+@hf3J},yR1O֌YjWdV$^i ?Dž @ -: @MwA,|TY$A7'd˵-[J)uЈe HB:zp{Qs!w@m@?w*cR #yA5^[5`#? 2JB оԢ:VHi9 gAMUti ^SELrj^!h_̓ " Z@d AijҦgz_[M {E@HcSQ_5sEn\@:T'@hWSZC_I.(%o0Vt-/ @@Nx t IHb~H-3 dk#|u@IMi"!@hK<0#4MNӣ \$^$-9i,a_P=\V`L$C :y*j>'  ?h -{\NHi|$HHOJ Т:ysbi_Ӌ-,h @`9<(R^4{J6̽Du X?x|E+O1D @hMh;|U " N&mOUnKAzJ\ÞoW}Q^/@@u}Q@U%W\  y R?&|=E8 lVژ^%0*1}bg w] @X:Ό v!`2oIgP8ɓW23?U GTeX  Za@ ߕֿ"= O># -hv_8xy92}@_ @0B@ֈW^V_ۤiKP_M  @ך p}@'.^pgR^Jo^(swH$@ @#a]gzbJWU @ p@O >@ Q.Jf" 9 k@9]-"xgd& @WJF~k" @kI*[>!ňOWJr1@ @@kj1yBI@ZG@ ЌPKid@XY%!@אg\C\ N}dyyNiǥ^?9O> @CZg;JoJ %@>@hvIkmr?!g/B bثb@Z@|VQzZ5~@ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ tnX!e? $ZZѶE p۴B @`QT 6jǥGeG%~R̲k  @: 7o^C܈ܗzeW$lH-KiJ]#h&hF8@ #@=Rn|36KPV6OJ[`  @OagX PH3齽S==SSSM[nCCC02<|81i_WWW1<<\;v8 x^6Ů`" @O$3/4?u]GyKqŖ-[966V?^,}]?wl199*ftŬ` " @OAgk3ۻo> [߻?3L7vG1ĸjlٱc[S|Pww *XJV4H @@`m ps{mz~L:Kpś @I߼yk144X zmλ.nv4%̿WXy4;K F @hq yOLw`^[~-lwwOaFŮxw&n6#  @c5+A`Y iu/?x.[#oz4lᄊ=^_ Ff(\RO̻R੧:\B%uRVM  @@`@<nTguJ<]hig+v=g╗_@A/39192::V\֍VR*x gP-V USu>k7ОK|3_!űg.Og 3^j_zE˜  @`6ČO=(@@18rr OB`ll8\1:2|?=I5"T_Rqgm{M7ߚftҿ[A}&@n.; yonzE@IDAT  @ $Ut'ol񉢻8wlC_8`9S @t'-YW:cߧp?g߇!Xk^ sxJeEs?'\A|.Wܓ J  g33g;jި?>H࠿ H*nYQ{tRS'Ԍ&-QkR @```gء-36=o3q~k_n*]ZN}-n9[Y6Ka @```=pnwAoWߘzĸ? 0 72\C^S}ݞٳ՜Mҭ#^)@ 08;'4}ΏMMN?2r%ɋ"XWZRtww?wg||3rS|2ee@  @ p`?aoV߸|!G!=^o?V&008Pyi%⯾xH= g @@`@>Xnk_4*2:X 0?PLثlݻ]>^ I/JH9#@@ i',@e_*:*W[=W+]|F_xFcפ @@`(h/ۍ@+q6-j%oyLcRV@:D`|%+`L߁^CY  @D tS#|tHHq6Wl> r6;x+J}PR  @hw|ݟ _*N_*1w .nEwWWqB[S/؝o҃ҏK|%@@ h'HK3wo߱cȕy?ϺkWA|h=(Sh%@1888$_2&^ /lKjyA:| @h+lhEcW@=+G$0k{_tԩ Й @```XϞu-ojjjV րk < @-G{$4h 0@s oI័~Dz1)@ 8[6/+0aCصسjz}C v#@=1ڻXXR@@kɩ<+c'sqV @  M\/ !0"ʥ>- R!AA@ @@`՞Y) !P#l6IHLۤߑ&E @Z-@hβ 0lt+޾b||=\g/J= pHcRy+ @BVyc_)AC`Օ./^z Z^雥7JuV@Z$hr ̘׌d;;v7m*)v]}) Ȇ {'''^` NI9@@  Vh mrON"j+#ūgN_}75ԃ [zBOJ" @׈F x;v~KFF$ pp({ւ@wwO1aCU|Ši͡_2{9j> WΝ=[:r6>?\U3[nc濅MYX ~=w@@k`Mu/wqӅ w@g^٬5!JkB  0 "2՞x)2No'Ds ,a%* @֎?τ@ xN7鍣#VwC:|OWXqkȕB&Rw G i=ing/)?v '#M  @kGcKͫH@FU}(7|k&p lq񢻫;trj2 }.v­_M(b닯>BIx ; @WW2X;U˽##'&& ?x0ߪmJ@JW Z@ ЁaY-_K޼ۇ!냀=q"M ػwߞGj1gcu t:!v- p2{9ß2o+N-)kRD̈́4rub%;lrHW, @mtrߟz{*nNoxO~sIk`?\}jiB`Rx|tg|BSҧ @*``@RВ!p83gNw_|)]```0),W^yyQȵ%ۓc{9 > @:!:yv2=yH_ xVwvy>W:R۷  ݆SmwddX%mx 4gG4@ WJj}8lY!(@csj  @`0 bMlP/ׄ5B088C^n" @@-*քsRhAk @\ tm;|l׬^OC?Oz Һ8 u - @0Yϳ^?>%W:O?y̢? xUf,Sҧf" @`X4*2^%@we<}viճ~'N^2Z @@` :ktxy_X/VBos3A֮ @:|zӫ-u6No'6 ~S/b T HXԟyhv@ Юh'a펽vy`tt/~[@@6HƼN:Y|?Sګiܾ}g?\w}wHk@T "W  @+ QtU [GLvCŮ]WbT|+ ʾbVxEVA-Ҡmz @Z"  h/4Ci^_X^)⦛nM+JPZ,k'| @@ \ ,VOp|1:2uS_^8N{=hOG6$%X ]0z+Δpݻ$"?䤷{~>5#r-^}'O. B *0^}w=oK}Pd,^YlW8ݫ$ۓ𶷿kcNp˂Zy,ݧ(JňyG@ e``Y(Ze?N+"gN3 $088Xuב4} V~`1C整eߐ\o @ @ 0lt\%;UϽ##'&Dë߉Wx5h_c֧6l(04/w  ۽kw2{3gxl=gRHqDLAX_$)Av?}{ ВhDz}z݊@ѳA\ZP=NݳعӯBQ. n_ʓ+Wr*s|[_~J8R \w i;5~Yz4+/@K`%K7|"ߟ Ľ>6l߾s=}36,V31^7mt|Ŧ͛ݐ={} ŋGs* | I:3m/KU [  R,[ꗤqU[vF @E 0Тӛ{w{;< \7]?}&-9]W==O+}529߯k536=KYw?c-KO8p`w?˪B-O:oߣ|ۊߛ+f|OK(}׮+t@`zigg8מlN ]xOTkhW@nѣO;ZxfЃ!]Hj{䖭[G ՙf Z('q ;qw=g_.ҫ93Z5!j:ýV׍_-iiwmܸ钶y&ܐ^zq+_8R;h!q^~]o~scJ.\+@:%Ndc,U>p2|ӧ=qt{ۻrvz' ӲjRc&~Mj0M/~g?V`jIo}K嗥j͌}{ B-Ou{׿ZR>'wVc[({?KA"]ԃ]^ /Lߵ3p~V@`5 04k)= ##i v]ʍwTnH $voY>_H+bSm81/l׈ʿ$ 'y+d1+컍Yz+^X EW{f36J~WZَKC6Wn7|߭Tb}Nj[ny~߁]wxYKR/>m̧7nv:+PI__[X-hp/ e``(B49Q?V=^F f=QUgcf f8z7)nsřW_-oOx"22'[.^8ψޗ[A 2dNspY?bE40/_Ŀi:bi\ ri=Ib̓eywQG?]ȼ; L&W>Ӻѳ)yڨSލe_8gd6/[fںa~ @c'ȯA2ҁP&:.XA5,lsm NfvkkɁwT\P¾} x{MM-cJ}s.O~2}Iwj}ߓ_3GVrbgn=@(`S -ߪ|~Ü`$@ciA,gJ-w繈d%Y`xч q`mvvɌFP5hzgf Enǟ{'.!q!}si`N J|8nJd<{wϯshtņ@xp~a>j:tIh:dL@~6"9v&xqDNHq1?AoB6d?WC_3?!moB_qDD@D F@ ^@Fgpc}>~p}cj LFd"ҳJKղ~=ٞ94r,q} &v_xn ls,/Lo'Ev#p䄜PzV>vAɑQ0ߗ?٫*;C;CQ>N|.A x?+q; W_|> |?}sӉ')#uY?nfwx Wa+p/.QL^Ceh6x?KP:w>%_+T/\A08<;Jz Z^UL$(\Jv{ =?Kr'gAH_cC(SxSrɆ3$%ck53{6lE>W~O(k)/1@S$\$HGx'v2%#_x͌<1s֭{Ӊu(dh#Jn2l=sde$wxvp|'Qh7^z9ydlD27?~q 9'X7ˡi]΃(KL>zo rD;_@x-Ͼy{v>uP?gy95'6:{}ۈ;+8Ϡ7.C%" "@uwunnnn}[˘k&?01@°`zƑmFدt L=Ln膹Q=5hI\9& N 3/yI:/'NoemiI\j\oH f.!O8\5=ms;0}sZDZ޸LvFyy'|ᇚkOZַ-&a2֭&r~A&o\?O=/zkGb1kex$L>Ww떭/ߙ#Gqo+FGG8).b;9ţ'L{<;#ήOw;߳c)㛹!9!`vg?VI2>a2_8ϊU('?u.A28gIҰ<&\isch`dBIFv4ø,qviǏ?F486}ĉ?qB>w9':⮛}u+gooIfP'mB ,W""Pd(sXUeK`]sN4dEyln ވ\Qe[.7V2ƍ]O?{#=gϞ6wm(;xF)x[غ޷t>Whgz>vפ;Ǔzp].u>rCRևs"@O9C2ČcQ ir8.9 t j_c/Rz`"=Z_ZaR:8]4pwF5$^jH`n޼Q5E(s?7Oy Y8$͸ ` dOD"4=%l=,=w+b+_hE-K?&b֯`47MG.'u4("`錃,!8U F!Hf k.7,xgJ$pĚ۷n1ϸZdORLC.k5|9O;۶ؐIFGFDvqPƶLv2k׮^v1F"Pel.#&;sP.䓀 #?_|?Buy_djXzk PQC//yD73(n>ᵞH85fv/SFU 7OԐݻ&_bI\2U9&vN؝OzY w \FBGD x2X5Hkܸѵ!4l{)ނ[O(;Ͽ֡j$Un#^"⅓WuE@rttt"i6!-!w=}@4bb{5 1TZ̩0:6jp홀6#O.I\ס|d$u߇rEy.# \z Vboc]]x=0uu tSB?B`zJ \Dt~Q) І + `m?'@йXgW;F~KW,_ 闹H&5 P.QLZ 2ϝ6io^'m(@IDAT,ǵ L0Iq"(OssQ֬YkٴI7EpMރ<(W KEHlѹȀ56`eZD@DLϘqBƾCG.}z~Db]v[.~6N/W`=@Qsf 0+7|V^r]o1e$0)H]]}8pNR.'ap2(a}ȃ\dwE亞R-/F5<8"CK%" {N…-(q.'  3WU%{XRmw4ܼiq <6>&ٝ;޴}F0W?yiÉ? ."@ 2#l$u?hQU./$=)$fp:Lưl2Nm42{_CFa@i,zM8IrP¥428a?'AM?b.0"`s\{H}$y9?^@jkΝ|FFQE ddU9O;{{1{2'?Y kx(bYIz)d_SS1ɘjI 0dw!\IjDqaGӿpz὞tWeSOϜ(R7⪶n5)Q X4GTJ7$"  @C3ku^mv `KLD?$ Y.k7mj$! Gk P;f*~01DD@D snۀ*|=^U$@DPd(үZYYzKNd3v?3h8mSSscf#YU8b sO.˲IzNbwp %4: P 駟e.s{LdwP$IHDd( .7j~is2=-A:q-א2LPA6ކޞ[zWQ.MkTG ;'йLs)ε]h "7RJm =(rn K$ l@s[%*TwwH coV 1y!* "u@ ,* `*^D \M*屠$-61]$h7ب!/76"P䄀"rQ@NT"" ! 51rL},;YY.`+ڝ59 H|333ʕHozzzmO)$^W" " Ap;j|M`;Z\\""EVŊ@ p24$u$"&c1h8{VWWW.R^Lш䉏Ǟ aEoLT@yP$@yz2c  1BOLpzK3tdCq[P~̬߰'Ufhh9!lc'??9u!zGD@D \$-[Yo1EHx *!rSE@X s\]]mUUŗ)ޭ{`Y(?y]vwXE Gݏ* X*]D@$@_d|czX"P@1Xrr U m+S{3}fyC8ʕK{_I ZQӸ~Hkp?xk" =@ c*NH l+4uu%Wĸq&%"I$O'[\F\D 6bI#`(3UUkPQAʖFGW@D"ӌ)k{ޏ40rDJ@A~UP]́?E*nmbfZ96mjNiX,]Ϩ6Ȗ#a~}NS%2)3:"" CSF[ѕ+k*zT""2,. g;+;{E -1l74n#~|ӻ ~wJD@D@ HC<07;ŗVh#[8`1tM>0v(׀qO(TH ShRNOO7{T!S%`@.g!?ȃք P_,:*" "733L6ğږF"(Q2Pz}XDŜ sY+_d[?0Y0Z3@!@"" " H3gN;{ZbDhP4CU -۞qzr?Q I] <5'u&!bs,wb1:R"" " Eynqcɿ<5jm̛_˄0edݯ3hdׇB?5>w2'%Jݻg/6}s98)߃/wsKCDD@D@<8jjsGڿ]~ &Qn@T*++ =Sm%ij<ݧP1^l`f.OjO_k\=zt^>aNo7H4jV\*ZD@Ia?U @3}Q(^JD /枞}Ni¤QsIH%ZLfǭ)lF|vݒs|Պ+mM]]}zD@D o}7805y#D` we$eLpNMDSTTaTHubH.1Xl~[kzikde65{?!32_߇2{%hBko|~n UnW<?c$ c&k*Ȅ@+?x:G& @U|v*F]W_oVaX]/(0(^林'У?$WW詧1vb5ɿ+ӕv0"[!zL$ح ?^@+*G# @plU`:D \^AQv{)4]a*Le Ͱs>V\eW37bcX_\W>~z= (_ y2j& @j6z\.'>Tw"W-֜rzsp?MLqqkKu\G,M隫B}~~9 Ѐ>а###+f7Ape =p"I9=4z->=3իs`@XT@LZ,)2p^g<K '-]E_&Sp@Y!bsg_i?䟆s}>כp- Nb$Y-Y6fff\CP3?y?3-+XW@L^.)2png;v*ìװN  \@O.z2t wg0}?nCb9^fxh(Y5^;wm>Ws, Iswʢ|9щ{. KX ix9|*JXjx`!s/̡Co8zX,F,PFT]9%" E@@E0Hjbj%ƗP]uicnq˲nw=sE7Ilo{\n̐wvۈfoyz;ωy9._hxTa˒Tm"b2xpԴ $%i4ƞ_bd̵#Z׉ײzhoMӵͭ`)Yu\{_ +nBp9#{ߵ7tn>'1Dq9햍V*_" ")tt [N 矿 (22ـ x=|]潕!֟?/d@z)|a L/׹N%ޤćr_Hk=ѝ[RwJ:{ a}Jj"mN*`3г=\Ou5 p<&ɌĿLMMȎJY"!DZ{ MDFE"Q-Ygj-)IIz٥7I]ʢ?@=<<|iJ.Krω?PT-X BO׆۷o}Ozal^qxN] p:4W_x>g?r79)ދd'󼻉xMmYqÉ? ]]ص`߼veYH&1tKl+]$Mc͖-lrgK;fph0s@4bnn44$Dˉ$9/tʡ"NChO^omT_| TY8y1g>'Q_jY5rrі|Q1MOɘ)& j dP" Y X: x=~p" իW45 ]5UPy 'usyf..ZN)5'" "X9sʜ?{'o5'ZXNBH@QsLz̵Wlx&,\=Q 6̶둡xCeUeC/_N[ZO?[k$K{o,Z^?KqNʕK'd1Ck3SD@D@Mynq򏥑?'TyMY@8 qQD5 amf'rҒ~db@+l+LӰ ay;0ȚL{&/E\,%}d?RеCq355m%eNc'tX.]0&HyF3D$ PêN-?2`)q^Z]$K)Uג5k^x &z 9rLFSrw\ c8h=tOY(Iʛ[64<[f!FXlݶ!L"$2$A֚"Pd(ӁWH [Ƹ,b;,0)`4-ǟIJiTjkda\$ܾ4_R]]hQvI mdxxI[,:(ƛ0^S$"Pd(-lcy)6M='z&K_?N9gpaDw 8HN[: "؇Wuظ><`ONdll̴_c+N8Љ.8 ØYȞa\ (ZhymlE;jdO@ 㴓5SQ㺩A;'3tVp׭ck4Hu~ğ[.8ɧ]`y$Ak9Ww@cB{ф/W 9OeHuy 3$@4(vgxN(2 s}F^Ky,8bjS. I=?Uu"R]I ٚkJL3'?Z:@XRM0S9%_|2Ɏ<uPD@E@|.zDibv/⩩)s-D*o^wE=gG5. L5ЌP@N*$Ln|?nc5rCD@=+OduA0!矯cɪiYQZlkj1ljv\L4b(4 $" " "  *5SSvb(HK${Þ0+N,X'D6 ܝj]cHL/b|$rN? s+t*.fhqsА)٬EQ$Kӻ~ `2sHD@D@D@D 02VX֍fÆM2/݃[/c#Iy <4]Y<]ъz%H#_u=\)si|~cv[;8z~ʉ?' w.Rcv|輜4b9sʜ?l;PfOU>ޒ4~:s̝y}.RjY8Ѧ}2I˃}}tz9yg9"s7g+,q}|o$ۭc1Y\ظ|9uD}v~u@@2"YdvM֬Y[r0쟞Nt;F9'DD@D@D@! @ XUv7^" lC13{qMMI3,Va$Πs??44`گ_eseA|qR|o}x9'"窱\je8a }Wa@?i -nkw@/n>o0E=<֯XfĄd5_ו)0mDXفP;~NmPF@ЪxU3 BoID n kWAD2\o`W ΟQuR~^P=҉sκ] r0b ]!ۏ%" " " @@rpMNڌ5MM$bѳ)p '.B YoupY󇇇hB$3Mb8@@H;~l; d (2(.@gg 4k.:48`mG6DЃ ?'l;jNMWW9}G,"ߧ#]dHE@6۶}gC͛jUEH;夞ץٵ?/<ܛ[z_E++mx˘@BBR{TD@D@D@D@ )ΎEuUUUMȖ\y^U0:}A?#%dnngMSS}^<ʸ\[O :l-+" " " %F@b{ X@z{_yld 4 ):߉!TE@D@D@ʛ =r }IU*IuRIF ,MD@D@D@D dДMn=[ha^6cҋO>e[oޤex3a j׉B}H0f5<5ND@D@D@d=Ph=jjFԔ}Ff&wJD 3NEu #s;֎j lQmmy]-˻aW5[~2/1 (dU v eS@&dȄ DTWW˖k#G6pE_7l?tp vl0w]?$y$" " " " Y X:5GkW̌ihXk'º {9;]%I`||ܜ9}ʜ=qO,c'f} dA@,`@l7;롛?up+7ԥW(׆ޜױT睨&055m:̩h- WD@D@D@D *C.5L`v'z\;*ޥ^&M(i&w2:'" " " AP@PdUnF֟=z{xkdtt\75YjvȈfl ;0oWhDb^. `DxX1680؇sGn3j@ A)&^2#vv>c.ޯj72)\9߉l{_yny$:AussY |rLm-tT3yJ6UVS]]]NKkzZ$ MĞ32$۶4P8ojj,-&xn|AD@D@D@J ?ECč;ܼi*)o:v8xsfM}AB#Ps*+ @j j&e\wjj"[r׭Uo 'H 2ZH"" " " "2,. ꮮNsqD~z]P9p_'HB0=5DD@D@DTP*#Ybp'е('s-ު;%MMr>BpW" " " G@bm4a|lL&TA gYʳ9\)ss=g~ PA=E$ݽ_Gz+/]9"qzd*;ƍ.H>'qsEGW[Z_éV !5Kۉ2c'ϙ: %J ?%I`dxt_e7AQo@Ci䀀 9"#r#nEpMww9{X{\{3TR`F_o/ zgb3C:8A%" " " " 9"PrTMɉ o'AWE@rO7+=B$" " " "K%M$~N ЂHj}W^yj n ݃qx{sc?z4EbSMu\q *K-(2 YgF}"$eك}׭cqIܛםUV~47{:L__oµ,eJ K 1T2N9z"" " " %Z҂'HAjkk鍙pN `Qw8ɟ]̶m;|xey86Ӭe~"" " "PpI"EGyfW6# À!~YM O `V%" " " " y @ p-P$@A59۷1XiA;g_@>ʪ PH LL7ͅ b.Aypzd< OUMa (U{yԩ3co@ 7.A"" " " " @HBP$@G@ ?{ǘ5B۠DD@D@D@I@|V]'HPn貞O{9j_(" " ">2oLԢ` ( X*X~IDAT LNN;wŋ͉H7>^= &O 'ЪpO1*Y @ QQA u||+#hhihh0u&bO%:.俿6' ?B߇*$" " " "PH.8x$I4UƦD/+x[+aqϿkj;ʭ$" " " " & @@܋Kcc3SF ` PQBL 1{l: =1@ PP#-zyff@#5($[bw)o]PDD@D@D@ MX+t;T@ 9 !Q;F |kF~A[A5 a!4P`rL)'@hG 4N߀TY1\j`%`lll9^+k׮3f`ங0v нS&''mf}-s¹)' N/[B(REn5[E=aFGFpjjf͚#yUn]cڣzD n33DlŒL|"pO? 3F"" " " "2!k#a#p;@Khmݻwjl;v}jjSSå( \c\l.(x܍Ή>'Sit`ԬD\jfzja, vtvu[ZM}5\ pkOKCE@D@D@D RBC !jLOO5W**%dHЌ%G5\t!Y_Ҧ;P~(P 6 } P Noe^Uӈ-`?=?0 j? HD@D@D@D N""9 ?rzN9ywPNiPrhbȎrdKg#2'@r8Fz,Z_$f Dl 00"^ $Ii+ s  X,f"?cBqF#qe>…sSόWq?BoA?Pz"$E8hjr0'߆@MeeF>l1{^yUGRpZ_!PD@D@D@D  Ui `Nנۡ/Aff\$^ɘvL"`zfFZzG>"S~ikhuW.^/((T7 N- Pn8' _FԪ9:z4QsIsE~ ܽk&&& qaQD@D@D@J"JpPե`N-?m. @%îpGC&ܹ='O|xum2d:ɉPwDD@D@D@D(FT)4F4CƕmΉ"PI<ׯC155 PNzz;x!K"" " " "PPn'PF| h IN,߄JxϜГA EH"67k" =.@5kD@D@D@DXod G]̬NVh-ңǽGmpp  !cYla Z[kf8zlV,k_ ONNFfffV BrHޛ2"2lu3Iee% Mo}LsK¦ׁ"<]]H480~vzh4N!o@CZ(Wr+ȫ&,7hcPzb@(F{k=ݝُ]یY|VR;`U6OMMʊ sO>9scJ+:h;tw_kA"" " " N@~""4pA\Ef͚5uٹÏz*))<? Ғ Pz_rO PyA"" " " N?%" '"\ͣx"1{r,$ƍ7obHdD٤8+.H#` cψF('31(T@$P@"BFp688A2{HtceUe77L$~o~K9Eb=]D@D@D@K@#\ BGpF*w?NߛL#S| XJÏUsf;AO Cϩ12ĭ,b.5{wVQB@lYeX<x#bQ T*A"G!Qq25!Lody;C1 U޹@srnfV03-+-/\a-IogsLJ667?x7܊=95 @A@J` *Kߌ;oDA|p5"'TZg-(PP8v;._:&ߞs_ɝ،ȖD @a?<{ prnrZY)2`2~9vogpޮF|]DnW&noU @%Pl"P*J[k CsQמʀQA9" .<^;?}ΝoֿVfYrD^OD~~yXGh @&*P~xNNF@5 1 #ܶ3^^K\R6V&r #nE?  @$`@%Ue tw^VWnVVnboK.7a9Lρ|WϒDkV<Y @T?L^ʀDZ@ ]99_ZѼ{͕+/C>\o/2E- @TTLۋN`\ʀuN \A(oxw][l]Yn^v-ߩwhgccWD~vΓ# @O::* fsM^P|wjm vqdCv?ȉ @T!A'T'+U D&B !o ,,\i\/N'v@O;A3vx<Ӽ?2 @%[W䭈 +^}|,"8֓[ſ\}́ND@NF P >!pVn0͈,ϖCKy|_ی#GL/_طW @ni[C@_@NAD)INE7_瀿L^ h @C KV5LZ`;]0>wNP2V' @Pp>/%p*jO2BG @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @Y_P ' |IENDB`xca-RELEASE.2.9.0/img/xca-icons.iconset/icon_64x64.png000066400000000000000000000320041477156507700220120ustar00rootroot00000000000000PNG  IHDR@@iqzTXtRaw profile type exifxYv%9rD -!0xv5GURLf<ƀ3s?9rmza=WJKy}!p*ru|:xO@_ !jE? ~{O)sYrLLJ|~\vkpDWxus۟ymÖyMCd/ãnoIZםRϝUsu YO ;S3L#)d\h|~\9d ޳>@2J1یw'$mӷUH'`?yv<@-dR`cnstXqH[Mm+4s Xk|<|v=8wŪm=k9k]wp-熥̳>܍9 8;˂[ub,@2v'( x6_3x~b uUb \}̦!IS!UVtr Ԙu.3 ] ?>"fscJLGh,5Hz!ڀ\\@G%Ԋ {#abFF~!2{!W%%CFƳÉΗُmH㏄qv8X`; ?D [q<+G7;T$ٷbBO+ 0Ihfr-<7Щ"ɢěwqc0OZ&dv96v] c[VshK&LohϛOcu$8Cb-7 &=YܧS*:*61X0ݴ\S_Z|7V;J{-1_lGϴ*n3h)Tr>Lcqs?V0vR{{VKm vpC;G7鶀Kty)6Ȁ>:3c? Q@H$eюɫstY;V2֖582iG P*"Tqx?y<9E,qXB#'@ ĺ@! ]XqJvA?a"bEpzCD?eM j٥m k<>V i$EP!}!ڣsA+XBX/jN:N[@B9W/I*,r%[X$ie" _:8^CzqI[\F &:%$]IKppQA0Ep(S`1>T\ zJk[CzׅWSގJCK1omd ƀ!-^&I}CuP@;]05d6j+#MH}z.ݚc%,[ Pa/G:ujEQ 5;L s psY#ZF&'|W3GQ'Cs= ķ4 >T5_z m+(|zb%+ЯًSAe[FtȎC2WUVe2j[)t 9?5.hV9"JX8xKUt+͑V .Tg@0"I}b{NSpS-ʘe05kbvDq D $YXIVՑII@Fu,V*V(;I Su&*R8 LiK@dOEd;L|gHRl !MhZ;sDalsiȓ (L߫}q`fDžp) ,~\f&)`]+4!'SӪmTIo =!f ӰAD*ζ)C{2 Vܿef<30i4`F'vb-`J<#,U P$"dQy$=~ڥ4j'ch#QA"D (,ltIRv7bH¾pTm-*ʖ[%)1':JXT;'Q #Bd][1Tlg/#ffu}|E,2j#S *5]/(|t9nJG (U^4<Ԫ~ UgjIB|~n69 hT$0t.kͷXUJ( ﯔ2 k&TC'6*Z;*=D5y>fO{AH(@Xz> jZuUB'EHAsY%|6x~JJǁTLJn>Rv\&Gzr'((p"d2j' {٥Pc7< +sz8^E2V@YBK Ʒ*bP(?&Q 5ΰi@.vV+!UlqF_(=U˶_GQbGTD%]qtK:k7^AH7sTĜ&Yk#v;-FpS|~@DU?L[Yӕ* *k)!*.]lSjJTޯD+G5#'vB/!_SSemdR?T,AT50llt*pb o [)Û#:)5X &FD+)zd t Րr@"Xj?=>Pz㠄~7EZWrMMo=D3# S %5߁;²x(#]EzEnHBB 17P{k?:Nbe,!U1 FTa{CRk(ҵHԇUVqiV n1h|D~Ϋz ft ;. ` -XYkHIE)X aO$C7}?rk/ C4T KIVRH3 kgk^WT45oI-5@<.D7 *E'8cj9U_HwT ~a} ElF4`r|f3JZ= #,&RTN?1ټ`ն>+FpT8HH_r-&W[ 9 ZyuXvf+5UYMP9~П Du6Cq^VukZQ.|qE`h`~Uw^okb|hkK^_&$;.^N w .V!Gd#sh 04;kN:Q\#W#ˇ5_#Fw=IiTXtXML:com.adobe.xmp VbKGD pHYs  tIME)-MIDATxY\y9w-3ZidY,, ĦclYl'媸B!e;UlL RHVA f$4{zrΗ H%Ė2O{ηA 4hРA 4hР/7-W_?CR5mY^[ֵuFLy~^rC_4r̼ਚ\MW٭-M[l߾}7g3Ғ&cջ Ɠ\Ўk9^;~>o&0~m X(6wyrϧEa#лsz;6f[Z a8Ґ`as`ƒ㟸=Wu _*l;vֵ"riR>rTxR 筠ZSic4P~J)(-h̎͛v|VM &+N//]zG ,'Ɖ&G|?:p{oع떛~ӟq0v̌Gi9'X2ۮtunn>F#~:AZ`HiW^vuzZ'ΆdrN% J5~⬜?{Q0)bRζq;o]z}x䑧vk` S+n2eYv|,|Gʹ)Az*տSl抁Rj%maqDR~Hpl5M %t|_4b'G`46MII@ knRq/#?W,>%__>xӖ|pdž-AիiPB߇_7_jݰi}VHD[V`"R ̬5BBuXETZ7Z# B^/OeA@c(u͆+W7ܰ|~}X 1%~4>=hGW{Ҡ\OG0/Y!CŠ%T^ ,lFp, UҚٲL3Q: J4$ցg3N1SY3 N}ׯᱷ;4 6-s_ 7Dlݷ{RyeӬ˨;JutyrcNARcf@O|2AaP9 C,D<D@Jpzl), ,@F5!L7ް ٜSJɥFGge eD78oiⶫ״&gWGkSƴ,ʹY3IݳgfVirrVˡVСW| 99?(:jUq9cz JVD>(ɔ6M nV:cZ#EQ"g-Rp+ffZnX%sdOw$YG%A}[FWls %D e]-j~؄` !Ak3fsd#˄k BAc]z5 ' D"Ѩ)QKJ)EB@Ԫ١᱿yy%R~7aJedS㋛&WN,v{;s4{ ``{+:&n"ͦd&L:ЎD,ێ #.XD`kf" fJŝrZY1$rA2 FT.cg̟?fdB4gg:Q<g[>Xٓ#CJte @5@ / 9㋦x|5n*ٔyD"޺jUlS*mH#*$JBkbfrzD$DJ}?32]!egѣy]vtPP@9GRW,z_.7"n⻦eumH)3?3 Pskvvė/omu"VIDVhlɺn:jf:)2L$;bba/,y^pĉs_}+GK'&)lkزeM-,.bad\RzyY`RjmKG*"UU&tf?????PNG  IHDR\rft IDATxwUY{B Lj *EEǮQQzBMBH{m~sνC+96gά^mbX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,bX,7ۿ<_byp4`;{+_b@+&9{C&k͸^Yu!X- M&8 1=;D4=Mu>CVx`blg8xl94T6) "H)P_ ^еě**@ `8aC.8νRA$"W3p0GRo,i8ps87;l&Hcf#\s @f"]˽Qpp9y6#&'1@@"@ c @L~`z_7UgL0Y܃& s{.ɉ!N'cɊiZ#3<@ o6W1b”i7 `*eS6F310 L(o?xܺ?rQT1B: FDDDK4 ,xCxx2R W_}>`uk#0C.|Qⲏ|N}JJcun韻}r+0H`!@9D: A>F56hu,@n_0f`~=ȃzIٺT1MD23pd`0'ׯ\O$ic?$8Ӄp( H!HHIB!T OW\qaϓO^weh:NoΏ_wtM~]0xN*AHTBP(wa @`53]Ƣ3$ |SG|zK~S2S3Iz!7/Y0 5|W\qM3ppKl>ͳ?zv uih3FG)I#ܳ mRsf+`։ߟ_ك:|;|X F k}CoR(xj6ӈD[,D*X&X2 (vuAJ`|"@ NcKI7`4v$&L]̺I`&:M0@k+RUͷ<|漏|:r >3uEx\w8;8#l}f]sF+4"st!К} ~?0Z~Mfw 8ŏ>5tȀ} PXd59|ףH 'C ݻ3CR Rp2x$d`J|ܩBJ1b㎞2d!n.퀈#46;^)Z֚Y)f( w$}~G%%XC@N tAfF`ƦLc2#q }쬠)KC7rn۶9s>饍; }QDP_>sެ쏿wɘaCz vqH"f$22v_(@+U.K%߇Ժ"f1{l'i?0z+LHLq9YǗ?pޱ 7e%I !R`37~pZhH)5VJ3֬fկo꡻]E&"B#KA(jFZF\khD5m\()( ܹ3?2WV'~fK/m\0IO26|ot:vgLmiAS~ "Q_*B)Ax?&Q?J) p'a&xL&ް٦}d,+Kms؁ӳl]]Ю‘$ Eqycփ61zI+ŬṪAR=9/$}FHHH% R( 0BFkdf  2$3<F>Q$/^s?s/oZ]8f:~߮ hn\|o^\4$6R)wFA V T5Vf_q{ "PyG093Ta¤Ǝj!"}s[׿gݓup%XfADFV颔1ZkhfS+VoR痺gX.4:mB33+R<(AH0} @0aC0ChF{]?֕-[gB"?K.aW6b? ` +3At쑓^/>a-{#ou3te?bLS(tu!nA`& Ef<ŒD|wSS?(KR)0s@7qg_az?s3J * Ŭ=G憗s,(&tB&B H#րZJ1D{dJ{^kRgy~9_ME!Y &`vƭ$HL p%PJ^F, ~ٓʕc~B{_+p00t41c>̚>vmf1;6~w_} #F }tڅRw7R a灃~{;Z#1)!Slo ۷ս%{̜Q+aDvÂBU15K$Qt{oJdoej}jnKsnք}d1#gz`u-u]LdMf5 AJ3 kbTaW{y#(f@28lZ9rBDW嶸B&!/bfHaBɎe0D3#a$`#(E@X50[$B͉ZAjxJuww__ݲ&4»)HX,\Ёa`"yO>!U~Mkfhe_GO<7ɵ7x"J!} MRM&fPH1#q_\.p;; /mMwjuuu|?(ڽ=}Tww>A.T*!tbXL8Dᇟb}?h[:DGc}=0 g-z9{ "PWXrƻO./"p jkN0hpR3t4*tO:"_@!QWV ݛ6A a҆,}A%U(T)uwI]]]. efvɄHd]]VR:\`ZZfGB@dB>OI~r0f2!aV%b)Yߋؘo|Nuogc7}!w';'tu+Vnub65`_AL%ʾb"mmƻpM,HJh@N"/V ~Δ0Jsc1D:tt3$XC:D&FCC=P__l6l6KtT8q1c)]&rHhff4KSǁRM+Y1 ŚҬb @(@67ɾ/P.J%F(4EB!@ww B||\BBϾ!< X)ž}JpQ*(ʶ|*g w$/uX1" ,pTpUAx\):H <4 tIJ׍(=@cc9h?;x]/ך(Op1u[Ν1m\|`k?T$8 RYs_8+@u<ݝ4$F,Rؘ!]P(j xԜ EE sXytݵw.zERJ-{g[wIƗ&}Uʾb}W\\\ T T2S*|…Ç_uE :=JS[?-5j𠡡Ur6xpz❻婎DViJ E-2Ax73*qH!KB +i+F*ERf*10()RR": iXGKqRq؂E2D5'ÆvmذEVƚ]n |s QsiZK/u[9]@"yTX YCi s9LTq]YˇH @A8uVkR!~ܣmbFä@0㉗B  ٞ9#8x 7/s3`\JSA4Dek%yQ͕5֬YmMͣFrb18 lǕa` 6`VuL_6 03HHE9(Q*AhZ(7l,={z餓,f^nmNn&gƭ2MG>t:6ņkZ' 'pT~s{pJE[RST>1~c}˒`x >2$3(i~q `4@Z3Z AxJ)/%@ ,P2cI&Ri **M ap4#Z,z'aS֊)D"V g {v60E㈼ff, X`KV7lhKjР~ͦIC2&-@@)eϺ]4'(6Iǁ_( (@̐2F$ƌ  4x@UWaqܤ?|FiƌK2vsN75՛MEkKXhkn A3fxP_=G7Վ#̏qB6$OC@JFR&TÿQ@X)M<*%T0qZJmBM$A(xF)ʠiRA%pHHx”/КNiM`$3I)pO1c*r{̈c,Y0nxxo9 Hx@Xo[u~GuJ1HQzK qu]"P8F[!{g\W/"B; |ߧz(/z-sk_y6y& /ҢEw |JL@TW:J' Kc=7 '.[{}wvv5k68/=z)¤n¤S3U.ӟ%]/e3;(aFZkjS] QBb B'9CA&uD$ ȃ4`@A`Ɵ>^KA@(ZI8W\Ȍ :+T` 7#N+ ujgg7m۶S}ys>t=Ğzj7bĐ`ذ l.g\ {o# ˼^}#X_mo yJ\^gό9$F+:9ˆa4iy6g„1֭;ޜܲeڬ:;<4EOSN*.u\o79zp֬CW^/͞=P.}$I;vD%3{H\s?R9=u6u>_bD~niiuGЁH|xP_p/v`==h];;?9ŖP0QG.GU#I}fF,O?֦wܹG3J1{nE^Po'y'b[vT*̀z>6zH|ާkGqnjj^,Λ77xku]RIJ ?x\:9Ɔ}(ì3#@ |V' Mu]}J)85~[e/E霅^%8Ny!AkkϮȖJeڶm<9CZh!p'tLI%K^rn.?rl+)h&/^蹮48pڰa$"̛w|\`җK.9_n.?K;q?L="nbi%LRկwхRIUW9}i]w}ټo)yi'篾GQ{Z3{SO,"Î@= 0֕Dhe[_胹o}u3>$%?LW(* O3 (d0Z|50C0Gp1RV̌RX'g|^zy 9f]A" 4*1H 4yf60Lm)\t!1%cGygx|Bc7ڔIBWRN$\\LJ%XXDPN=bO^OƏϛ7P__ 3!]ag~Bt1͊5ܿ#|" : 6$sj>Ni"g>siuܸQ|sMMM:d8`\yAܰa'/ d,D/#]T[H>>#?fhv!n瞝cfZ~YfZm:S#CJ: Am/.YG< LQHDWjǕ4OJ $bOD"@;!*0pV@X0YBu$hvܨ?T!CZXJIA8J4$i➎^J@(c֌ c4׿W20? T\]!h6\\s)WEWѓO-a3`s&)qYGnqCԫ@1RKes@勁4g|*  xM@Wߜ:]zwI$2|a$){7cѹ=s֪xIEDN> UCi'DTv* ǝN*,X-I6rkkR*'y'~<>CX+z4& %!RemNG1^sqSg7ݶu_}{ae!(pRք;yƧ{͗<7~}tI/fUx{ЄL:^3nƏ|g/zQS6uѨ pIۻ8#W(!q8KB b.eAb)2o !HkH*?_36Q`HK^@;%R3D"W߷w~BmQO!gط۳ /^{ 6Jh)0?K6;݂MM*UMM~B!O˗ƍ-, 2=_*#O3>zܤ4+ڛS+ING" &qB!jՒ;vq]fĎ7$I'^wA6\Z>jGxQwQ2DčI1ฒ a#t@ˆ2/}CaA,y3Q>=_UUaw  yھ} hmmQT>dz*Z_6VUvCkk%O?1<],NI&95J0aI&--~3=J q&֙es'R2JJ-Ǝ#UϬYU֚s81QyӇ5w䩧j'6v @4J > dIX^xSJѣU/}Jg4IMgb)%56f;AA.VmZN<5RFP;;su66xJ&\*i 2mw-A$̌cU{]"j)eHG;G?̬^=zT@Dl}v]z* T ;3㚫<;_KqW*&W0c0v sY;K HYHqM4.R#Ӽk-ʵm΅.Dfh`&"IZ ݗOӌz `:`߯n' o}-.nle>9(osή] E -X k ]d2I>WI5t =zf+vnU8-ꤓ^z'Džܿ?}YL9\;j.Y_OuYfR3k׮ӝd{Z{W\qSlnn7|kb޳>͛wrv:gI˞[ 9 X-@I_:vX WJ-{jNzC$HGR)`)%b =}݁n7>;杘˗^y8ޓ[x8Oy/ʍ3*(/_ B |ƌz>&MB_3-괥:W(bFy[u&LJfՒ )Z!jO(,!`UcǴ!k~b#7~D)کz/.q$gX)˘0a|>UT{_k~43y--Smp/^^qU}#C]~MJn>=R_=ĉ|jkSk"JNkS-^MkS)dǑp)97/%-QyzzYK)K *X؎|oBbFS 0E@3' C6w.jmi<츣OԽyVyşyؐm3<5̸\^oHϢeJzNkk3fd,*+3h .3Ä /ӰaCT255NZZ%w}_|ǎ] /ȷPit?tKKv /|{5#N%y̘N>0nܘ7=%=GD T3nj>>q$0Fht A` ֦5@ 4s>϶:諡[`_+ ; )J?nؐB|5;;/nbm1ep1nqd0^U{2{5 8d2pG<ӧX,q.~7~8?NU|Q6m ~ v]2N>pn_~:tG9 p7kc+!\ fzd:)?sϕ%{sW>GkvF^B4s3CkhN=uجIAGx41~h"K+k۶[nC8 J&" ;vrDDB&븽C455莎!uegk~=ܳ Dgy;vLP_e"2>]x;ؒd;w֖J-UX,i֭ d2inl45 7t['q0x`B~;|{̉轏60zM^QЧ6vyAeI4o2K̲Leqwpw= [G+^udJ=rgg@J!GR:oذb-M3_j3u;wu1bİ`ժ5K]o+Vte?[o+ߚxg?庯|[)S&sZO~Ue^v$oOΝO~OiNGG'w߃+c3bݒ%K\@D zoUo|{e^zM+7y}O ގ2ݢEY{<48, wGEtÎQ(bX^j(Jݏ< M`_OfDJ tr@E$g?qVUA+.ĬH"".\y%yb_<7AEWwJVfh._~ީ_w^6f~S}f\DA0uA7ߙ;v_(æ`l6>{^g =sСC aݺ X,Ҳ/R .n& 'W|N&^X;*Xj?_,ԯ_nh׃SN9c9,SWWn.,Y~K:/\ݚ5d.('RJ>z4wUWV:r tuuzا>Jv,;OvWT*ӛM {}Mv#1Rn@O@#p#!BFMq&Y/|wu^xsgb,+wo~ _%bn/n*Jtk0[ntpI3D"Jkox?z Ֆ7uq 56fx`KެjStuM Zi@G@B#"h[\~Źl6?xOk2WcON8ᘒYKrBk_n](9rڸi\zsめ[jZyǏ!8=7FiBB9 @{< #{37H5װrssO7꟏/0؃鼳gy6F(HlGgiRvHTLc`&qԗu@2cbOGߴMƿM 4Њ_h>Pxd|) 斴xg͛bD[lWv'L_zmmf`޼ fM+=gΡ!CTH]]/xT[o;exAq]̌'|[fslѫVD/4w!?w/tr|»>x}~ٲ 0jHuᇖxT %#Z:.ڳcWxʫSKeZJAӣKʣ`o_ > "H 8Jy`R),D$@B`"S3l 薒 o:R D{,NZ+Ael޺Kt*x1+Uƀ/Ϸw2g{2&(rAP5a b&,H0U ]ٸa3v%)A:ʂ:@"y;{ o/U2Z3gXd6 u|K1b'/B~MZBX$f .8;#;w'|BYy罱 6#; :|mw_oy smm:Z Z'{V^+\yM꒭2[SI2d6 UZSx3+E>=c K)8|=O )L< {1AZл+J>HP~KKpF#04o!&g`kk~B/?=rxk}C}zrXAQ+ " pcF+@flܬZI02_oZk-I 46a?#y:ڤHp)b ՍTf.>ɋ2_;nd Si o+y'!OyiRi@KK'/Kc(^VNvHnqG/^nڴInڴY^tG5;Rk}+#]9kS/|m"ЙvYIX* 5^M.^yT :QOO *?ďD,V `"u "")!"ff2͈L !'^\Kxw g -=01ŭou/{];Nŏ.-74d0#!a2ێ0W_&EX/?_Hج2&-|΋Q1ws04J #ScJĢtL(a8X0˄Ra 8`lQ9VԩW_qD0fO_JrbZ?Ezp0K簩oj*-r{[GQqEB;}XJ1poA_5mP?c%%kws=Oݯ_ .X(?$Bk}1 Ç VףF ,[AwS%V }/=dT B1UBD8!`R1AA5}kYPkGBl:5-t(x=F57TF7,'=CTJarۖU{N_Uгn@oLg2'sF_B 5:Eu FX{FIx~wO`do+BfHc/[vDϿPu- {Qܯ)nfyt)T8if+H9xT n.>^(%BHب5bh0?n)}w$ R9=%{ iM,`njo-:&j:ZLJ>W ct?W϶w?֬6kG Z)ޒ_~M? Ѕc9=?׸n&M:\VX󫛾` okZ0]S"]ۓn``uxaȅg05ט]2kc2vT0)e-^V_cꦻu|{-2D#)ū~pw 2 %뎮?)479pfXxGN3fr]B8RTd*Bs@Ѓ H1Ls c֛n*>s-rvj&kbk\}BZؽ]5fԗWy =ֻxEĝ[}3 F@j[6?6Ѿ4()D4ka'T(c%19%\v^~W:]S&4fSI2֎wIM{zfb "`fq}WZ~[b򦭻kl<ҁz `q]4鰉?7e2IHOds)y+:1)# !䘎QfJBѥkX  _=|[&@uHʵPX\G^yg#n`j!5aVl2kyMjs>>̾}=\13l{VC}$0y k). `{w3*s1'`za 56\ H)(6J5QRZә'Awl-VU\.WG g4|V`.xlՍMT<ż\&LԔտnjʢ1Kl*LƼT*yIsRd)2B 8ҭP+.%"$1 DaC]sό0G$”^ aV 5Ykw۴, sLnQ#o,#}O%ۆ}ƍUWݱk_ G0p 6͔h2. &B.LD6k(9)yS;lXw!cNB o(5bXH 6_,mS׸)8d3+#yeW#BD/r\^qUWCp1XaVTdoz#V{zΎ]W^yx^ *O8_!It: JaJPJ!( @>Gp*+=U+fOX\\`,RX`)0ɖ`TaP2+rx](: '3@&8 8 @m X n"eT~f57 ۛ8y8ǙD=/@e]WK0"fs;3 0FÛ`QpD`¯. ٦7!"@:-6e}l];S;w_~u_rUS/*aSĂCS~g`E*9WG`hZ{dk\*}Nc_|+bku_@ a9L 4%iRzE9b)%\6p\Zk @Xr oe~q0g?s\+jmH􈣱Dfi16뇈<;le6 *F1,a8S`,'ӎzq1Ic洶6;MJazi fY06sjVb6:VAT2"z*J;VC05ѕFCSWQv" ּ7i*/͵v\*ݝ׏<;ʷ|?H;6ӃYK鉰ٍ'V J)Hǁy0=Ҍk* V Re|BP0̷.F 2Ps&2Jg>j`im2!kB{S;`s}0 a^O1LL0ӱcPmXӦ0mL2qrY, JNT[0 f"w;P[Ws֭W}Ֆ&O<ȤIL<>>h:ڹl@죫+O=w>r{XG g%Hd@&g B (2|ZeR pB69 7J%zB簆VMERasHTJ"hrux+%0!tn35h0B @cq oE,m>rAcǍ_ܿ~k69Iɕ@)>Z0A&P6XNH@!'EE؍oOT@řY23iϫ%KV{l\xRoTmqk qDH \8b,uup]^2AnVU.WP"(!|Bkɼ{30FKpU+0Pl_+5>@ 'YZJQgJB)85ˑ2X5Ƈ2aFw4v 3ônP`60ʡƿ`meǕe)&6~Ou@6jB`CƚO)6Mw/~f<W%)`8 D ͑s-KZ3G3DlDsgv{aƍcA@kǑh0ۼ|o*z cIG"yBuQ۽~TBP(Thc8&g_70Pq Z 6~T:# *!}X N| @<c=uPϭ0`n=_WyLnּ}G߸/oxKK+s)k>lӷVe:L6w(/4_8+ ЀD&ufK>vD \A>_Ԙ5138z_{NtpVZϫuVhZ`P;̕ P].ef,Iߝ}L_][݄t]8@H tW~ŴEdm 0A8md]L'pJ3q׭>9$N';Pm̗py>!D(wL509K-$/ OFaB$ @h~X*H@Djf5o]H|}&'dX uf-$8 yMyN8eTAdB{+Y@M&+XOpA((2 G8PfC"Pp8X8 ̷u:S n"k 8zDGB.:% W梎~D&g1wW(1`r㊵6mk@erAXYIh]1/c3}E;Zk}x8XZ_{N}%]0 -Z ꈐR0ԏc? ?Y^%X,*"GOO?EsR!P.QCG Zӿ`>s LZh*P8ծo@00 < 8 &hBs#}_ X,dd8BAhb\ 4J,d޶8Nz_Qp{۬ \աRZ5$wATrPgPa#F < $p"6Q_P #2W_ޕ}H Lݢ$Y7^W")ĠVB<"%\۵J ( Rfv1p@`"<=A`JJB`$9:3/ewXԌ. +~(c0hn 0a͇{\Y;`[=Wr= j"`~Es91cqHy#Q&o?h B }*Qh5 FIǞ,Mr&ea@M@D_1YCyh`[8y Q[ehY3o$J /x|m^_b&zbn"l' [m3Xxn"7f"0_#4bR &?m]oYD' ʚ2i$jzCS HYl0MHG"8A0<($2kG}#%P7σp#EY35.ӣqnGu}}>,72 oNF0&aIM0}:|+q<#I 59 Ë%RIx$xd,ž s$T sۯYAސ&RWjZlJeX& ARbN2j "]81Ìʴ YfQVX5CڴWOAސ 8'CZPLu>7# ޥ|RJ$Jn]DٖQ8Bl] D6aywyCk[tg_'F?cL3]nb^Te3wcGPz$٘2khMAXT>O Yt[2-sylX0ppv3s2VA$ĕQ?8}c)DDdCjj pw3`:;6,Sك2瘋_OX^?[ @ z_SbMTb0e+H 1"trM˶f:xzQsF%Y]ߜG&Sf6b )Kxpj820T0͜-!FʷT7NؠGI} [{ڞ *5]k>j#xd_;ϛYGcSf`xMAF.Ш94N3p:0IzEm⺭){0dȦJ~B>7e[wٷ9N4*ye{oִA'rg bKGD pHYs  tIME !XT IDATx}wWu;M+iWKU,#ٖ6ĕbb 6c/I @0Cl Ņbld#Vյ]iwڔ{1V8ش7o̜={νKI5NP _'?>?]x-fܩή#ٙs?>[i>޵ ϏٮMp`[G#E8ugk/|܊j'Y:D:T9; Ropg?{M glmR6k̀̀#>o>76gtd|G@g/uQ/)IpG{{/3u$36`$E0X^E,Gkq9n:PLסqpOw&'`J#B0>`=G k͟~olъtb0Ka)+ e О=bҿA.\@6pŲS} yo3Tx@]{~[nQ̻HT6D&оRiz {({a֜xE˔Iͭ$l,6lcٹkrC@,1Lxb%3s4,KH"K&)!v_}?.bfw=k"YU:AGkC"1?렋kWk+M1YZM,fَP,_~M]].~g[U~ 7lh2!{(yXZ`#`ٯ]WRtNmW𢋖7,Z4=JU8l4a2JIBP(gw6Swe PJYa"x>c8ض0XػrYz mk(Jm:^]pw\s%[\_I'/ n܇ 8: 0y3')PJ#E UVh(=WN_locP*]m`423+eL=zk|BV3d-rBOHPQTh*  Ǐk+1_?j.lذa˾e)WZo>wzӮMR9'ksp-V<Ѿ>iY0P(`1hcd;:;dG9^ P@/<x+ 5X66TK$SH}Cui`#FiAVY) !1FHtw;IjNűז** wٵmH1#P!m`4( ~?>~ 5|[@%D(-矒]Lض%&&0Pưٲ}ᚯ31r( ## !&ww#,x{c|POlpp\6Ҏ#zz4s$%!ga+C!Er1ňy^J%SϨ7g211i;hC:PØHJhCM 놉`Ro'+ daP#Hcc_@gTf8 agDd{ ߳h_l;`j_.oOb*'O~RoZ"6PCC1Z_JFJV ЀlO0:2q3w媪1(<'4lC-G6,e1II "&kqd62Dưa6la6̚a!R֌ `xFjѨVJs0flR}̬^-% Z3i:?JK+3qHK &%t(WehJ'Kf͟w KZr!9)m̅s(BQ(h12RGpFyt4Ţg 9A"P! 5 8XEC1(b-+'Om0-:uffPD,1 <=Ef0Mt udֵ60Ɯ4֚pGݱcWlFm  @B `n"?Y4!˖%, DR89L$АI񺞣t~u%Zqt`}3۶t:|mkyd@ZZj<|}AgqOt;7m=]s S鄐^P e]^SfV Ҷፌh^˅fl,Xcc 衇JsWak]nEE&Ji6D*En)A0QY1>E`<"Oh~:J 6 BjMxWH3)>X(fH6 TC+Pn{|85p1~-S6R=gW)kz ۀ6M~`WYKOR__CVʰCv}[u qƀ7: 92D/8$k19mZO$qaמ7oŌ1Q~ҍmkB2)uvrԚNqpQ :HH PXS L͢]0,] !3wTh^-ΙYUI z?='X֕/HC0,L (e8_D/7XT  dR)QtR N醆:Xʪ ׶-tuv=\A*MJdYm[m  ')4 Wn XOfb 믿`xc/r&~eݺ XtdLȸ+DkK^:|T*CDD#ض% h0gy!>̘wvv690ݽάY|uYk.ZM$y؞9]InٓK& JźuW\-}{;siU>-㿊)eɵD\zhmm &}}Π3c1h (8R[k㬪 <|HkfIR {Բʰxgc }oipk(or[V\hکfe҉GdwtmML %ymfdGdcyR/rYZL}}}V={Z8bwwC$P(iV߾X|iZ4iRXYyd*<44"͝=#N]Rܹs}y! dԩ**̾.ܹsb1ݙ3yeWAD ҂ruҥŧoDwM?W,ґ5R$B`y:s.!E<,pw^ϻ::d9@@6~g5vMZ*5yGLDI${*823kc\c9OWVbQƃ Jӌ(Q… JmMfuѲm0~| @QkkK01RҥKpg6Ы GFƬIڋ.(f*jUmmilsƬS]QWנۂ Ys}ȩcccbSшF"J"! ŋ}_TWh538T8P(b@n̅rhۋEHMLQ3)ܯ v?9xuM'qcBb]&"l_n7?~կ >DW<μ׫K/8約eK:j뎇}-VeEj>YX6G0)G _p~M4DY )?:e7}$|wΤS&Jcǝ?3IYrc !xboL4< kn ھ}GСƱH {ظqsbϸghɤ4J.''G X*W.1wPy҂ذmc ۖҶmYBA$Jӟ֡>uWm &U<~zflM?o(k?zK7۶\hi}#аECuu0C +A$'.F%c)ұ4J*}$RZ}FsGmR#Rz{#GXrVxL׿0X,\'v ߘq.؝LĖhGD@Hq c~`"= 2/;~P=wlÆ)S&N;`6{/v={纮ٹsw|ΜY'͊={8K,&On @h"DJ/@kMRJ޹s}Ĕb4\xy~eRV~EklU ʲ,KBJQz%˖Irb9d!'M.|@@c՞X]f}+24 aTbq)V_56UMɍl16eTƞ={cMM a"71Oo)Y33mKQ]]eNNWW3goh|'3XQX~*s"se,fD厎B B!'ϟhyRuwߏ%#%8}|?̜}ߙ|-ZJ%;C;w>/Un޼)ht{ئM=='Gex͉ܗ1ۂUȍFRJEiJ1 1̆BW XkJ绷p6xa6<[y/͆w_1F6DEKKh~5h!+-b ȑ~;9SqakxxX<[5zyJB:h2;--tc_գ5ft4'?ܹCEMMwu555zǎ]NOOXrY岖eEAEĭX,V̩}Xc+/~_=j/\87uA.!=GK]ESU"JI㌓<$X()Bnۦ1t6D_k*6A;}>f3{{{>F:̱ΠciW ``@DRi]!_BT@B"*iMMa<O3˻u2s'><}>n|iQ:8XB"aq,D$BI !%L hq}=<׵sځO4Nm;//2.s IƐc42Xtf E>.6Zs228R+ #-f!1W1f/aL\ĸ mmS1Z5\uHi==G?;c欕||&.|>.4ٶ(|liYBP))eNmCG/䝿n56 Cɿ}\PHlx~77WU:1H2KֆXH&o= ؋4n,]:Dc}4PRVA,ZԌ G#_@K#Vq[4{'7]8IK0A8>4#- Ǒ亶eYRo=&DJ` ~ WO!Z c ` sK[rn)E29w.m9Z__H~"d{,ODFDZ%p;mSЙ_11'\>MK*`,KnO(FFeQTXnשgdjX-&lidb6) ð|d ๙D0.h«B }Gm k0ΥHJQ<]z8EA{{PSS], Ha4R&A ͔#F&01Zȉ,K%cذa)RQGF)/q_On*-'Xip/Y!ѢUU2!RPAiaDe:-=ϻmutD01#q(こU'%::,21n.Z~m֝Jt]ꇞI),DDy@6 Kkd#?rxfw0c`z 'ܨfLmR-Hfa%8rҖp(g4?zQM%D Lj=w:$+F(]6%B7.N|\)e vDd+ۘcb"Z$/^=Z?W ]@9(GY9 x"^um^Gud# "c+iIENDB`xca-RELEASE.2.9.0/lang/000077500000000000000000000000001477156507700143205ustar00rootroot00000000000000xca-RELEASE.2.9.0/lang/.gitignore000066400000000000000000000000051477156507700163030ustar00rootroot00000000000000*.qm xca-RELEASE.2.9.0/lang/CMakeLists.txt000066400000000000000000000060001477156507700170540ustar00rootroot00000000000000 set(S "${PROJECT_SOURCE_DIR}/lang") set(D "${PROJECT_BINARY_DIR}") # English (en) must be first for Info.plist list(APPEND XCA_LANGUAGES en bg de es fa fr hr id it ja ko nl pl pt_BR ru sk tr zh_CN) list(JOIN XCA_LANGUAGES "\n " LANGUAGES_PLIST) foreach(lang ${XCA_LANGUAGES}) guid(${lang}) list(APPEND TS_FILES ${S}/xca_${lang}.ts) list(APPEND LANG_COMPREFS " \n") set(LANG_COMPS " \n") if(EXISTS ${_qt_bin_dir}/../translations/qtbase_${lang}.qm) list(APPEND QT_QM_FILES ${_qt_bin_dir}/../translations/qtbase_${lang}.qm) string(APPEND LANG_COMPS " \n") endif() string(APPEND LANG_COMPS " \n") list(APPEND LANG_ALLCOMPS ${LANG_COMPS}) endforeach() string(APPEND WIX_LANG_CONTENT "\n" ${LANG_ALLCOMPS} "\n" "\n" ${LANG_COMPREFS} "" ) WixFile(${D}/language.wxs ${WIX_LANG_CONTENT}) if (${QT_VERSION} VERSION_LESS 6.0.0) if (${QT_VERSION} VERSION_LESS 5.12.0) qt5_add_translation(QM_FILES ${TS_FILES}) else() qt5_add_translation(QM_FILES ${TS_FILES} OPTIONS -silent) endif() message(STATUS "Updating translations from source with 'lupdate' only supported with QT6") target_sources(${CMAKE_PROJECT_NAME} PRIVATE ${QM_FILES}) else() get_target_property(LIBSRC xcalib SOURCES) get_target_property(XCASRC xca SOURCES) qt_add_translations(xca TS_FILES ${TS_FILES} ${S}/xca.ts LRELEASE_OPTIONS -silent QM_FILES_OUTPUT_VARIABLE QM_FILES PLURALS_TS_FILE ${S}/xca_en.ts SOURCES ${LIBSRC} ${XCASRC} ) if (${QT_VERSION} VERSION_LESS 6.7.0) message(STATUS "At least QT 6.7.0 required for PLURALS_TS_FILE") add_custom_target(trans COMMAND ${CMAKE_COMMAND} -E cmake_echo_color --cyan "At least QT 6.7.0 required for PLURALS_TS_FILE. It will explode the xca_en.ts" COMMENT "Target 'trans' does not work with QT ${QT_VERSION}" ) else() add_custom_target(trans DEPENDS xca_lupdate "${D}/xca.pot") endif() endif() list(APPEND APP_RESOURCES ${QM_FILES} ${QT_QM_FILES}) target_sources(${CMAKE_PROJECT_NAME} PRIVATE ${QM_FILES} ${QT_QM_FILES}) if (UNIX AND NOT APPLE) install(FILES ${QM_FILES} DESTINATION ${CMAKE_INSTALL_DATADIR}/${CMAKE_PROJECT_NAME}/i18n ) elseif(WIN32) install(FILES ${QM_FILES} ${QT_QM_FILES} DESTINATION ${RUNTIME_DEST}/i18n ) endif() find_program(LCONVERT lconvert HINTS ${_qt_bin_dir}) if (LCONVERT) add_custom_command( OUTPUT "${D}/xca.pot" COMMAND ${LCONVERT} -if ts -of po -i "${S}/xca.ts" -o "${D}/xca.pot" COMMAND ${CMAKE_COMMAND} -E copy "${D}/xca.pot" "${S}/xca.pot" DEPENDS "${S}/xca.ts" COMMENT "Update POT file" ) endif() xca-RELEASE.2.9.0/lang/fr.po000066400000000000000000003613371477156507700153040ustar00rootroot00000000000000# # demonipuch , 2012, 2014, 2015. # Patrick Monnerat <.>, 2011-2024. # msgid "" msgstr "" "Project-Id-Version: xca 1.3.3\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2018-03-16 18:14+0200\n" "PO-Revision-Date: 2024-10-01 15:58+0200\n" "Last-Translator: Patrick Monnerat <.>\n" "Language-Team: French <>\n" "Language: fr\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "X-Generator: Gtranslator 45.3\n" "Plural-Forms: nplurals=2; plural=(n > 1);\n" "X-Qt-Contexts: true\n" #: ../ui/CaProperties.ui:14 msgctxt "CaProperties|" msgid "Form" msgstr "Forme" #: ../ui/CaProperties.ui:20 msgctxt "CaProperties|" msgid "Days until next CRL issuing" msgstr "" "Nombre de jours avant la génération de la prochaine liste de révocation" #: ../ui/CaProperties.ui:30 msgctxt "CaProperties|" msgid "Default template" msgstr "Modèle par défaut" #: ../widgets/CertDetail.cpp:139 ../ui/CertDetail.ui:30 msgctxt "CertDetail|" msgid "Details of the Certificate" msgstr "Détails du Certificat" #: ../ui/CertDetail.ui:165 msgctxt "CertDetail|" msgid "Serial" msgstr "Numéro de série" #: ../ui/CertDetail.ui:178 msgctxt "CertDetail|" msgid "The serial number of the certificate" msgstr "Le numéro de série du certificat" #: ../ui/CertDetail.ui:113 msgctxt "CertDetail|" msgid "The internal name of the certificate in the database" msgstr "Le nom interne du certificat dans la base de données" #: ../ui/CertDetail.ui:78 msgctxt "CertDetail|" msgid "Status" msgstr "Etat" #: ../ui/CertDetail.ui:106 msgctxt "CertDetail|" msgid "Internal name" msgstr "Nom interne" #: ../ui/CertDetail.ui:120 msgctxt "CertDetail|" msgid "Signature" msgstr "Signature" #: ../ui/CertDetail.ui:145 msgctxt "CertDetail|" msgid "Key" msgstr "Clé" #: ../ui/CertDetail.ui:191 msgctxt "CertDetail|" msgid "Fingerprints" msgstr "Empreinte" #: ../ui/CertDetail.ui:203 msgctxt "CertDetail|" msgid "MD5" msgstr "MD5" #: ../ui/CertDetail.ui:216 msgctxt "CertDetail|" msgid "An md5 hashsum of the certificate" msgstr "La somme de hachage MD5 du certificat" #: ../ui/CertDetail.ui:229 msgctxt "CertDetail|" msgid "SHA1" msgstr "SHA1" #: ../ui/CertDetail.ui:242 msgctxt "CertDetail|" msgid "A SHA-1 hashsum of the certificate" msgstr "La somme de hachage SHA-1 du certificat" #: ../ui/CertDetail.ui:255 msgctxt "CertDetail|" msgid "SHA256" msgstr "SHA256" #: ../ui/CertDetail.ui:268 msgctxt "CertDetail|" msgid "A SHA-256 hashsum of the certificate" msgstr "La somme de hachage SHA-256 du certificat" #: ../ui/CertDetail.ui:278 msgctxt "CertDetail|" msgid "Validity" msgstr "Validité" #: ../ui/CertDetail.ui:296 msgctxt "CertDetail|" msgid "The time since the certificate is valid" msgstr "Le moment depuis lequel le certificat est valide" #: ../ui/CertDetail.ui:303 msgctxt "CertDetail|" msgid "The time until the certificate is valid" msgstr "Le moment auquel le certificat échoit" #: ../ui/CertDetail.ui:337 msgctxt "CertDetail|" msgid "Subject" msgstr "Sujet" #: ../ui/CertDetail.ui:359 msgctxt "CertDetail|" msgid "Issuer" msgstr "Emetteur" #: ../ui/CertDetail.ui:391 msgctxt "CertDetail|" msgid "Extensions" msgstr "Extensions" #: ../ui/CertDetail.ui:412 msgctxt "CertDetail|" msgid "Validation" msgstr "Validation" #: ../ui/CertDetail.ui:418 msgctxt "CertDetail|" msgid "Purposes" msgstr "Buts" #: ../ui/CertDetail.ui:430 msgctxt "CertDetail|" msgid "Strict RFC 5280 validation" msgstr "Validation RFC 5280 stricte" #: ../ui/CertDetail.ui:443 msgctxt "CertDetail|" msgid "Comment" msgstr "Commentaire" #: ../ui/CertDetail.ui:381 msgctxt "CertDetail|" msgid "Attributes" msgstr "Attributs" #: ../widgets/CertDetail.cpp:35 ../ui/CertDetail.ui:404 msgctxt "CertDetail|" msgid "Show config" msgstr "Afficher la configuration" #: ../widgets/CertDetail.cpp:39 msgctxt "CertDetail|" msgid "Show extensions" msgstr "Afficher les extensions" #: ../widgets/CertDetail.cpp:71 msgctxt "CertDetail|" msgid "Show public key" msgstr "Afficher la clé publique" #: ../widgets/CertDetail.cpp:74 msgctxt "CertDetail|" msgid "This key is not in the database." msgstr "Cette clé ne figure pas dans la base de données" #: ../widgets/CertDetail.cpp:78 msgctxt "CertDetail|" msgid "Not available" msgstr "Non disponible" #: ../widgets/CertDetail.cpp:127 msgctxt "CertDetail|" msgid "No verification errors found." msgstr "Aucune erreur de validation trouvée." #: ../widgets/CertDetail.cpp:152 msgctxt "CertDetail|" msgid "Signer unknown" msgstr "Signataire inconnu" #: ../widgets/CertDetail.cpp:156 msgctxt "CertDetail|" msgid "Self signed" msgstr "Auto-signé" #: ../widgets/CertDetail.cpp:186 #, qt-format msgctxt "CertDetail|" msgid "Revoked at %1" msgstr "Révoqué le %1" #: ../widgets/CertDetail.cpp:191 msgctxt "CertDetail|" msgid "Not valid" msgstr "Invalide" #: ../widgets/CertDetail.cpp:195 msgctxt "CertDetail|" msgid "Valid" msgstr "Valide" #: ../widgets/CertDetail.cpp:216 msgctxt "CertDetail|" msgid "Details of the certificate signing request" msgstr "Détails de la requête de signature" #: ../ui/CertExtend.ui:30 msgctxt "CertExtend|" msgid "Certificate renewal" msgstr "Renouvellement du certificat" #: ../ui/CertExtend.ui:74 msgctxt "CertExtend|" msgid "" "This will create a new certificate as a copy of the old one with a new " "serial number and adjusted validity values." msgstr "" "Créer un nouveau certificat conforme à l'ancien, mais avec un nouveau numéro " "de série et les limites de validité ajustées." #: ../ui/CertExtend.ui:100 msgctxt "CertExtend|" msgid "Validity" msgstr "Validité" #: ../ui/CertExtend.ui:111 msgctxt "CertExtend|" msgid "Not before" msgstr "Pas avant" #: ../ui/CertExtend.ui:118 msgctxt "CertExtend|" msgid "Not after" msgstr "Pas après" #: ../ui/CertExtend.ui:144 msgctxt "CertExtend|" msgid "Time range" msgstr "Intervalle de temps" #: ../ui/CertExtend.ui:150 msgctxt "CertExtend|" msgid "Local time" msgstr "Heure locale" #: ../ui/CertExtend.ui:158 msgctxt "CertExtend|" msgid "Days" msgstr "Jours" #: ../ui/CertExtend.ui:163 msgctxt "CertExtend|" msgid "Months" msgstr "Mois" #: ../ui/CertExtend.ui:168 msgctxt "CertExtend|" msgid "Years" msgstr "Années" #: ../ui/CertExtend.ui:176 msgctxt "CertExtend|" msgid "No well-defined expiration" msgstr "Pas de date d'expiration précise" #: ../ui/CertExtend.ui:183 msgctxt "CertExtend|" msgid "Midnight" msgstr "Minuit" #: ../ui/CertExtend.ui:190 msgctxt "CertExtend|" msgid "Apply" msgstr "Appliquer" #: ../ui/CertExtend.ui:216 msgctxt "CertExtend|" msgid "Revoke old certificate" msgstr "Révoquer l'ancien certificat" #: ../ui/CertExtend.ui:226 msgctxt "CertExtend|" msgid "Replace old certificate" msgstr "Remplacer l'ancien certificat" #: ../ui/CertExtend.ui:236 msgctxt "CertExtend|" msgid "Keep serial number" msgstr "Conserver le numéro de série" #: ../widgets/CertExtend.cpp:43 msgctxt "CertExtend|" msgid "" "The certificate will be earlier valid than the signer. This is probably not " "what you want." msgstr "" "Le certificat serait valide avant son signataire. Ce n'est probablement pas " "ce qui est désiré." #: ../widgets/CertExtend.cpp:45 ../widgets/CertExtend.cpp:67 msgctxt "CertExtend|" msgid "Edit dates" msgstr "Modifier les limites de validité" #: ../widgets/CertExtend.cpp:46 ../widgets/CertExtend.cpp:68 msgctxt "CertExtend|" msgid "Abort rollout" msgstr "Interrompre le déploiement" #: ../widgets/CertExtend.cpp:47 ../widgets/CertExtend.cpp:69 msgctxt "CertExtend|" msgid "Continue rollout" msgstr "Continuer le déploiement" #: ../widgets/CertExtend.cpp:48 ../widgets/CertExtend.cpp:70 msgctxt "CertExtend|" msgid "Adjust date and continue" msgstr "Ajuster la date et continuer" #: ../widgets/CertExtend.cpp:65 msgctxt "CertExtend|" msgid "" "The certificate will be longer valid than the signer. This is probably not " "what you want." msgstr "" "Le certificat serait valide plus longtemps que son signataire. Ce n'est " "probablement pas ce qui est désiré." #: ../widgets/CertTreeView.cpp:34 msgctxt "CertTreeView|" msgid "Hide unusable certificates" msgstr "Masquer les certificats inutilisables" #: ../widgets/CertTreeView.cpp:41 msgctxt "CertTreeView|" msgid "Import PKCS#12" msgstr "Importer en PKCS#12" #: ../widgets/CertTreeView.cpp:42 msgctxt "CertTreeView|" msgid "Import from PKCS#7" msgstr "Importer en PKCS#7" #: ../widgets/CertTreeView.cpp:70 msgctxt "CertTreeView|" msgid "Request" msgstr "Requête" #: ../widgets/CertTreeView.cpp:72 msgctxt "CertTreeView|" msgid "Security token" msgstr "Jeton de sécurité" #: ../widgets/CertTreeView.cpp:74 msgctxt "CertTreeView|" msgid "Other token" msgstr "Autre jeton" #: ../widgets/CertTreeView.cpp:78 msgctxt "CertTreeView|" msgid "Similar Certificate" msgstr "Certificat similaire" #: ../widgets/CertTreeView.cpp:81 msgctxt "CertTreeView|" msgid "Delete from Security token" msgstr "Détruire sur le jeton de sécurité" #: ../widgets/CertTreeView.cpp:84 msgctxt "CertTreeView|" msgid "CA" msgstr "CA" #: ../widgets/CertTreeView.cpp:85 msgctxt "CertTreeView|" msgid "Properties" msgstr "Propriétés" #: ../widgets/CertTreeView.cpp:86 msgctxt "CertTreeView|" msgid "Generate CRL" msgstr "Générer la liste de révocation" #: ../widgets/CertTreeView.cpp:87 msgctxt "CertTreeView|" msgid "Manage revocations" msgstr "Gérer les révocations" #: ../widgets/CertTreeView.cpp:91 msgctxt "CertTreeView|" msgid "Import OpenVPN tls-auth key" msgstr "Importer la clé tls-auth de OpenVPN" #: ../widgets/CertTreeView.cpp:95 ../widgets/CertTreeView.cpp:98 msgctxt "CertTreeView|" msgid "Renewal" msgstr "Renouvellement" #: ../widgets/CertTreeView.cpp:100 msgctxt "CertTreeView|" msgid "Revoke" msgstr "Révoquer" #: ../widgets/CertTreeView.cpp:102 msgctxt "CertTreeView|" msgid "Unrevoke" msgstr "Dé-révoquer" #: ../widgets/CertTreeView.cpp:182 msgctxt "CertTreeView|" msgid "Plain View" msgstr "Vue à plat" #: ../widgets/CertTreeView.cpp:182 msgctxt "CertTreeView|" msgid "Tree View" msgstr "Vue arborescente" #: ../widgets/CertTreeView.cpp:211 msgctxt "CertTreeView|" msgid "days" msgstr "jours" #: ../widgets/CertTreeView.cpp:219 msgctxt "CertTreeView|" msgid "No template" msgstr "Pas de modèle" #: ../widgets/CertTreeView.cpp:224 msgctxt "CertTreeView|" msgid "CA Properties" msgstr "Propriétés du CA" #: ../widgets/CertTreeView.cpp:266 msgctxt "CertTreeView|" msgid "Certificate export" msgstr "Exportation de certificat" #: ../widgets/CertTreeView.cpp:267 msgctxt "CertTreeView|" msgid "X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b )" msgstr "Certificats X509 ( *.pem *.cer *.crt *.p12 *.pfx *.p7b )" #: ../widgets/CertTreeView.cpp:268 msgctxt "CertTreeView|" msgid "vCalendar entry ( *.ics )" msgstr "inscription vCalendar ( *ics )" #: ../widgets/CertTreeView.cpp:269 msgctxt "CertTreeView|" msgid "OpenVPN file ( *.ovpn )" msgstr "Fichier OpenVPN ( *.ovpn )" #: ../widgets/CertTreeView.cpp:270 msgctxt "CertTreeView|" msgid "OpenVPN tls-auth key ( *.key )" msgstr "Clé tls-auth de OpenVPN ( *.key )" #: ../widgets/clicklabel.cpp:37 msgctxt "ClickLabel|" msgid "Double click for details" msgstr "Double-cliquer pour afficher les détails" #: ../ui/CrlDetail.ui:30 msgctxt "CrlDetail|" msgid "Details of the Revocation list" msgstr "Détails de la liste de révocation" #: ../ui/CrlDetail.ui:78 msgctxt "CrlDetail|" msgid "&Status" msgstr "&Etat" #: ../ui/CrlDetail.ui:144 msgctxt "CrlDetail|" msgid "Version" msgstr "Version" #: ../ui/CrlDetail.ui:163 msgctxt "CrlDetail|" msgid "Signature" msgstr "Signature" #: ../ui/CrlDetail.ui:170 msgctxt "CrlDetail|" msgid "Signed by" msgstr "Signée par" #: ../ui/CrlDetail.ui:177 msgctxt "CrlDetail|" msgid "Name" msgstr "Nom" #: ../ui/CrlDetail.ui:184 msgctxt "CrlDetail|" msgid "The internal name of the CRL in the database" msgstr "Le nom interne de la liste de révocation dans la base de données" #: ../ui/CrlDetail.ui:197 msgctxt "CrlDetail|" msgid "issuing dates" msgstr "dates d'émission" #: ../ui/CrlDetail.ui:215 msgctxt "CrlDetail|" msgid "Next update" msgstr "Prochaine mise-à-jour" #: ../ui/CrlDetail.ui:222 msgctxt "CrlDetail|" msgid "Last update" msgstr "Dernière mise-à-jour" #: ../ui/CrlDetail.ui:255 msgctxt "CrlDetail|" msgid "&Issuer" msgstr "&Emetteur" #: ../ui/CrlDetail.ui:277 msgctxt "CrlDetail|" msgid "&Extensions" msgstr "&Extensions" #: ../ui/CrlDetail.ui:306 msgctxt "CrlDetail|" msgid "&Revocation list" msgstr "Liste de &révocation" #: ../ui/CrlDetail.ui:340 msgctxt "CrlDetail|" msgid "Comment" msgstr "Commentaire" #: ../widgets/CrlDetail.cpp:48 msgctxt "CrlDetail|" msgid "Failed" msgstr "Echoué" #: ../widgets/CrlDetail.cpp:53 msgctxt "CrlDetail|" msgid "Unknown signer" msgstr "Signataire inconnu" #: ../widgets/CrlDetail.cpp:56 msgctxt "CrlDetail|" msgid "Verification not possible" msgstr "Vérification impossible" #: ../widgets/CrlTreeView.cpp:39 msgctxt "CrlTreeView|" msgid "There are no CA certificates for CRL generation" msgstr "Il n'y a pas de certificat CA pour la génération de la CRL" #: ../widgets/CrlTreeView.cpp:47 msgctxt "CrlTreeView|" msgid "Select CA certificate" msgstr "Sélectionner un certificat d'autorité" #: ../widgets/CrlTreeView.cpp:69 msgctxt "CrlTreeView|" msgid "Revocation list export" msgstr "Exportation d'une liste de révocation" #: ../widgets/CrlTreeView.cpp:70 msgctxt "CrlTreeView|" msgid "CRL ( *.pem *.der *.crl )" msgstr "CRL ( *.pem *.der *.crl )" #: ../widgets/CrlTreeView.cpp:71 msgctxt "CrlTreeView|" msgid "vCalendar entry ( *.ics )" msgstr "inscription vCalendar ( *.ics )" #: ../ui/ExportDialog.ui:76 msgctxt "ExportDialog|" msgid "Name" msgstr "Nom" #: ../ui/ExportDialog.ui:83 msgctxt "ExportDialog|" msgid "The internal name of the CRL in the database" msgstr "Le nom interne de la liste de révocation dans la base de données" #: ../ui/ExportDialog.ui:112 msgctxt "ExportDialog|" msgid "..." msgstr "..." #: ../ui/ExportDialog.ui:96 msgctxt "ExportDialog|" msgid "Filename" msgstr "Nom du fichier" #: ../ui/ExportDialog.ui:127 msgctxt "ExportDialog|" msgid "Each Item in a separate file" msgstr "Chaque objet dans un fichier séparé" #: ../ui/ExportDialog.ui:134 msgctxt "ExportDialog|" msgid "Same encryption password for all items" msgstr "Même mot de passe de chiffrement pour tous les objets" #: ../ui/ExportDialog.ui:141 msgctxt "ExportDialog|" msgid "Export comment into PEM file" msgstr "Exporter le commentaire dans le fichier PEM" #: ../ui/ExportDialog.ui:121 msgctxt "ExportDialog|" msgid "Export Format" msgstr "Format d'exportation" #: ../widgets/ExportDialog.cpp:43 #, qt-format msgctxt "ExportDialog|" msgid "%n selected item(s)" msgid_plural "%n selected item(s)" msgstr[0] "%n objet(s) sélectionné(s)" msgstr[1] "%n objet(s) sélectionné(s)" #: ../widgets/ExportDialog.cpp:53 msgctxt "ExportDialog|" msgid "All files ( * )" msgstr "Tous les fichiers ( * )" #: ../widgets/ExportDialog.cpp:126 #, qt-format msgctxt "ExportDialog|" msgid "The file: '%1' already exists!" msgstr "Le fichier '%1' existe déjà!" #: ../widgets/ExportDialog.cpp:127 msgctxt "ExportDialog|" msgid "Overwrite" msgstr "Ecraser" #: ../widgets/ExportDialog.cpp:128 msgctxt "ExportDialog|" msgid "Do not overwrite" msgstr "Ne pas écraser" #: ../widgets/ExportDialog.cpp:132 #, qt-format msgctxt "ExportDialog|" msgid "The path: '%1' exist, but is not a file" msgstr "Le chemin '%1' existe mais n'est pas un fichier" #: ../widgets/ExportDialog.cpp:145 #, qt-format msgctxt "ExportDialog|" msgid "The path: '%1' exist, but is not a directory" msgstr "Le chemin '%1' existe mais n'est pas un répertoire" #: ../widgets/ExportDialog.cpp:150 #, qt-format msgctxt "ExportDialog|" msgid "The directory: '%1' does not exist. Should it be created?" msgstr "Le répertoire '%1' n'existe pas. Faut-il le créer ?" #: ../widgets/ExportDialog.cpp:152 msgctxt "ExportDialog|" msgid "Create" msgstr "Créer" #: ../widgets/ExportDialog.cpp:158 #, qt-format msgctxt "ExportDialog|" msgid "Failed to create directory '%1'" msgstr "Impossible de créer le répertoire '%1'" #: ../widgets/ExportDialog.cpp:206 msgctxt "ExportDialog|" msgid "Directory" msgstr "Répertoire" #: ../ui/TimeInput.ui:32 msgctxt "Form|" msgid "last update" msgstr "Dernière mise-à-jour" #: ../ui/TimeInput.ui:46 msgctxt "Form|" msgid "next update" msgstr "Prochaine mise-à-jour" #: ../ui/TimeInput.ui:70 msgctxt "Form|" msgid "Days" msgstr "Jours" #: ../ui/TimeInput.ui:75 msgctxt "Form|" msgid "Months" msgstr "Mois" #: ../ui/TimeInput.ui:80 msgctxt "Form|" msgid "Years" msgstr "Années" #: ../ui/TimeInput.ui:88 msgctxt "Form|" msgid "Apply" msgstr "Appliquer" #: ../ui/TimeInput.ui:95 msgctxt "Form|" msgid "Midnight" msgstr "Minuit" #: ../ui/TimeInput.ui:102 msgctxt "Form|" msgid "Local time" msgstr "Heure locale" #: ../ui/TimeInput.ui:109 msgctxt "Form|" msgid "No well-defined expiration" msgstr "Pas de date d'expiration précise" #: ../ui/Help.ui:36 msgctxt "Help|" msgid "<<" msgstr "<<" #: ../ui/Help.ui:46 msgctxt "Help|" msgid ">>" msgstr "<<" #: ../ui/Help.ui:72 msgctxt "Help|" msgid "&Done" msgstr "&OK" #: ../ui/ImportMulti.ui:36 msgctxt "ImportMulti|" msgid "Import PKI Items" msgstr "Importer des objets PKI" #: ../ui/ImportMulti.ui:94 msgctxt "ImportMulti|" msgid "Import &All" msgstr "Importer &tout" #: ../ui/ImportMulti.ui:101 msgctxt "ImportMulti|" msgid "&Import" msgstr "&Importer" #: ../ui/ImportMulti.ui:108 msgctxt "ImportMulti|" msgid "&Done" msgstr "&OK" #: ../ui/ImportMulti.ui:115 msgctxt "ImportMulti|" msgid "&Remove from list" msgstr "&Retirer de la liste" #: ../ui/ImportMulti.ui:122 msgctxt "ImportMulti|" msgid "Details" msgstr "Détails" #: ../ui/ImportMulti.ui:129 msgctxt "ImportMulti|" msgid "Delete from token" msgstr "Enlever du jeton" #: ../ui/ImportMulti.ui:136 msgctxt "ImportMulti|" msgid "Rename on token" msgstr "Renommer dans le jeton" #: ../widgets/ImportMulti.cpp:66 #, qt-format msgctxt "ImportMulti|" msgid "" "\n" "Name: %1\n" "Model: %2\n" "Serial: %3" msgstr "" "\n" "Nom: %1\n" "Modèle: %2\n" "Numéro de série: %3" #: ../widgets/ImportMulti.cpp:71 msgctxt "ImportMulti|" msgid "Manage security token" msgstr "Gérer les jetons de sécurité" #: ../widgets/ImportMulti.cpp:106 ../widgets/ImportMulti.cpp:300 #, qt-format msgctxt "ImportMulti|" msgid "The type of the item '%1' is not recognized" msgstr "Le type de l'objet '%1' n'est pas reconnu" #: ../widgets/ImportMulti.cpp:252 msgctxt "ImportMulti|" msgid "Could not open the default database" msgstr "Impossible d'ouvrir la base de données par défaut" #: ../widgets/ImportMulti.cpp:328 #, qt-format msgctxt "ImportMulti|" msgid "The file '%1' did not contain PKI data" msgstr "Le fichier '%1' ne contient pas de données PKI" #: ../widgets/ImportMulti.cpp:331 #, qt-format msgctxt "ImportMulti|" msgid "The %1 files: '%2' did not contain PKI data" msgstr "Les %1 fichiers: '%2' ne contiennent pas de données PKI" #: ../ui/ItemProperties.ui:22 msgctxt "ItemProperties|" msgid "Name" msgstr "Nom" #: ../ui/ItemProperties.ui:32 msgctxt "ItemProperties|" msgid "Source" msgstr "Source" #: ../ui/ItemProperties.ui:42 msgctxt "ItemProperties|" msgid "Insertion date" msgstr "Date d'insertion" #: ../ui/ItemProperties.ui:54 msgctxt "ItemProperties|" msgid "Comment" msgstr "Commentaire" #: ../ui/KeyDetail.ui:82 msgctxt "KeyDetail|" msgid "Name" msgstr "Nom" #: ../ui/KeyDetail.ui:89 msgctxt "KeyDetail|" msgid "The internal name of the key used by xca" msgstr "Le nom interne de la clé utilisé par xca" #: ../widgets/KeyDetail.cpp:101 msgctxt "KeyDetail|" msgid "Security token" msgstr "Jeton de sécurité" #: ../ui/KeyDetail.ui:286 msgctxt "KeyDetail|" msgid "Manufacturer" msgstr "Fabricant" #: ../ui/KeyDetail.ui:296 msgctxt "KeyDetail|" msgid "Serial" msgstr "Numéro de série" #: ../ui/KeyDetail.ui:102 ../ui/KeyDetail.ui:182 msgctxt "KeyDetail|" msgid "Key" msgstr "Clé" #: ../ui/KeyDetail.ui:110 msgctxt "KeyDetail|" msgid "Public Exponent" msgstr "Exposant public" #: ../ui/KeyDetail.ui:136 msgctxt "KeyDetail|" msgid "Keysize" msgstr "Taille de la clé" #: ../ui/KeyDetail.ui:163 msgctxt "KeyDetail|" msgid "Private Exponent" msgstr "Exposant privé" #: ../ui/KeyDetail.ui:214 msgctxt "KeyDetail|" msgid "Security Token" msgstr "Jeton de sécurité" #: ../ui/KeyDetail.ui:235 ../ui/KeyDetail.ui:306 msgctxt "KeyDetail|" msgid "Label" msgstr "Etiquette" #: ../ui/KeyDetail.ui:245 msgctxt "KeyDetail|" msgid "PKCS#11 ID" msgstr "ID PKCS#11" #: ../ui/KeyDetail.ui:270 msgctxt "KeyDetail|" msgid "Token information" msgstr "Information du jeton" #: ../ui/KeyDetail.ui:276 msgctxt "KeyDetail|" msgid "Model" msgstr "Modèle" #: ../ui/KeyDetail.ui:324 msgctxt "KeyDetail|" msgid "Fingerprint" msgstr "Empreinte" #: ../ui/KeyDetail.ui:329 msgctxt "KeyDetail|" msgid "Comment" msgstr "Commentaire" #: ../widgets/KeyDetail.cpp:84 #, qt-format msgctxt "KeyDetail|" msgid "Details of the %1 key" msgstr "Détails de la clé %1" #: ../widgets/KeyDetail.cpp:90 msgctxt "KeyDetail|" msgid "Not available" msgstr "Non disponible" #: ../widgets/KeyDetail.cpp:103 msgctxt "KeyDetail|" msgid "Available" msgstr "Disponible" #: ../widgets/KeyDetail.cpp:112 msgctxt "KeyDetail|" msgid "Sub prime" msgstr "Sous-premier" #: ../widgets/KeyDetail.cpp:113 ../widgets/KeyDetail.cpp:122 #: ../widgets/KeyDetail.cpp:134 msgctxt "KeyDetail|" msgid "Public key" msgstr "Clé publique" #: ../widgets/KeyDetail.cpp:114 ../widgets/KeyDetail.cpp:123 #: ../widgets/KeyDetail.cpp:135 msgctxt "KeyDetail|" msgid "Private key" msgstr "Clé privée" #: ../widgets/KeyDetail.cpp:124 ../widgets/KeyDetail.cpp:136 msgctxt "KeyDetail|" msgid "Curve name" msgstr "Nom de la courbe" #: ../widgets/KeyDetail.cpp:143 msgctxt "KeyDetail|" msgid "Unknown key" msgstr "Clé inconnue" #: ../widgets/KeyTreeView.cpp:31 msgctxt "KeyTreeView|" msgid "Change password" msgstr "Changer le mot de passe" #: ../widgets/KeyTreeView.cpp:35 msgctxt "KeyTreeView|" msgid "Reset password" msgstr "Effacer le mot de passe" #: ../widgets/KeyTreeView.cpp:47 msgctxt "KeyTreeView|" msgid "Change PIN" msgstr "Changer le NIP" #: ../widgets/KeyTreeView.cpp:49 msgctxt "KeyTreeView|" msgid "Init PIN with SO PIN (PUK)" msgstr "Initialiser le NIP avec le PUK" #: ../widgets/KeyTreeView.cpp:51 msgctxt "KeyTreeView|" msgid "Change SO PIN (PUK)" msgstr "Changer le PUK" #: ../widgets/KeyTreeView.cpp:54 msgctxt "KeyTreeView|" msgid "Security token" msgstr "Jeton de sécurité" #: ../widgets/KeyTreeView.cpp:91 ../widgets/KeyTreeView.cpp:109 #: ../widgets/KeyTreeView.cpp:127 msgctxt "KeyTreeView|" msgid "This is not a token" msgstr "Ce n'est pas un jeton" #: ../widgets/KeyTreeView.cpp:156 #, qt-format msgctxt "KeyTreeView|" msgid "" "Shall the original key '%1' be replaced by the key on the token?\n" "This will delete the key '%1' and make it unexportable" msgstr "" "La clé originale '%1' doit-elle être remplacée par la clé en provenance du " "jeton ?\n" "Cela détruirait la clé '%1' et la rendrait non-exportable." #: ../widgets/KeyTreeView.cpp:203 msgctxt "KeyTreeView|" msgid "Key export" msgstr "Exporter la clé" #: ../widgets/KeyTreeView.cpp:204 msgctxt "KeyTreeView|" msgid "Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub )" msgstr "Clés privées ( *.pem *.der *.pk8 );; Clé publiques SSH ( *.pub )" #: ../widgets/KeyTreeView.cpp:206 msgctxt "KeyTreeView|" msgid "SSH Private Keys ( *.priv )" msgstr "Clés SSH privées ( *.priv )" #: ../widgets/KeyTreeView.cpp:207 msgctxt "KeyTreeView|" msgid "Microsoft PVK Keys ( *.pvk )" msgstr "Clés Microsoft PVK ( *.pvk )" #: ../ui/MainWindow.ui:25 msgctxt "MainWindow|" msgid "Private Keys" msgstr "Clés privées" #: ../ui/MainWindow.ui:49 msgctxt "MainWindow|" msgid "&New Key" msgstr "&Nouvelle clé" #: ../ui/MainWindow.ui:56 ../ui/MainWindow.ui:155 ../ui/MainWindow.ui:241 #: ../ui/MainWindow.ui:369 ../ui/MainWindow.ui:434 msgctxt "MainWindow|" msgid "&Export" msgstr "&Exporter" #: ../ui/MainWindow.ui:63 ../ui/MainWindow.ui:162 ../ui/MainWindow.ui:248 #: ../ui/MainWindow.ui:362 ../ui/MainWindow.ui:441 msgctxt "MainWindow|" msgid "&Import" msgstr "&Importer" #: ../ui/MainWindow.ui:70 msgctxt "MainWindow|" msgid "Import PFX (PKCS#12)" msgstr "Importer en PFX (PKCS#12)" #: ../ui/MainWindow.ui:77 ../ui/MainWindow.ui:169 ../ui/MainWindow.ui:255 #: ../ui/MainWindow.ui:448 msgctxt "MainWindow|" msgid "&Show Details" msgstr "&Afficher les Détails" #: ../ui/MainWindow.ui:84 ../ui/MainWindow.ui:176 ../ui/MainWindow.ui:262 #: ../ui/MainWindow.ui:355 ../ui/MainWindow.ui:455 msgctxt "MainWindow|" msgid "&Delete" msgstr "&Détruire" #: ../ui/MainWindow.ui:124 msgctxt "MainWindow|" msgid "Certificate signing requests" msgstr "Requêtes de signature de certificat" #: ../ui/MainWindow.ui:148 msgctxt "MainWindow|" msgid "&New Request" msgstr "&Nouvelle requête" #: ../widgets/MW_menu.cpp:146 ../ui/MainWindow.ui:216 msgctxt "MainWindow|" msgid "Certificates" msgstr "Certificats" #: ../ui/MainWindow.ui:234 msgctxt "MainWindow|" msgid "&New Certificate" msgstr "&Nouveau Certificat" #: ../ui/MainWindow.ui:269 msgctxt "MainWindow|" msgid "Import &PKCS#12" msgstr "Importer en &PKCS#12" #: ../ui/MainWindow.ui:276 msgctxt "MainWindow|" msgid "Import P&KCS#7" msgstr "Importer en P&KCS#7" #: ../ui/MainWindow.ui:283 msgctxt "MainWindow|" msgid "Plain View" msgstr "Vue à plat" #: ../ui/MainWindow.ui:323 msgctxt "MainWindow|" msgid "Templates" msgstr "Modèles" #: ../ui/MainWindow.ui:341 msgctxt "MainWindow|" msgid "&New Template" msgstr "&Nouveau modèle" #: ../ui/MainWindow.ui:427 msgctxt "MainWindow|" msgid "&New CRL" msgstr "&Nouvelle liste de révocation" #: ../ui/MainWindow.ui:348 msgctxt "MainWindow|" msgid "Ch&ange Template" msgstr "&Modifier le Modèle" #: ../ui/MainWindow.ui:409 msgctxt "MainWindow|" msgid "Revocation lists" msgstr "Listes de révocation" #: ../widgets/MainWindow.cpp:628 msgctxt "MainWindow|" msgid "" "Using or exporting private keys will not be possible without providing the " "correct password" msgstr "" "Il sera impossible d'utiliser ou d'exporter des clés privées sans fournir le " "mot de passe correct." #: ../widgets/MainWindow.cpp:634 #, qt-format msgctxt "MainWindow|" msgid "" "The currently used default hash '%1' is insecure. Please select at least " "'SHA 224' for security reasons." msgstr "" "L'algorithme de hachage '%1' sélectionné n'est pas sûr. SVP choisissez au " "moins 'SHA 224' pour raisons de sécurité." #: ../widgets/MW_menu.cpp:97 msgctxt "MainWindow|" msgid "Recent DataBases" msgstr "Bases de données utilisées recemment" #: ../widgets/MW_help.cpp:25 ../widgets/MW_menu.cpp:40 msgctxt "MainWindow|" msgid "System" msgstr "Système" #: ../widgets/MW_help.cpp:30 msgctxt "MainWindow|" msgid "Croatian" msgstr "Croate" #: ../widgets/MW_help.cpp:33 msgctxt "MainWindow|" msgid "English" msgstr "Anglais" #: ../widgets/MW_help.cpp:34 msgctxt "MainWindow|" msgid "French" msgstr "Français" #: ../widgets/MW_help.cpp:36 msgctxt "MainWindow|" msgid "German" msgstr "Allemand" #: ../widgets/MW_help.cpp:42 msgctxt "MainWindow|" msgid "Japanese" msgstr "Japonais" #: ../widgets/MW_help.cpp:46 msgctxt "MainWindow|" msgid "Korean" msgstr "Coréen" #: ../widgets/MW_help.cpp:52 msgctxt "MainWindow|" msgid "Russian" msgstr "Russe" #: ../widgets/MW_help.cpp:53 msgctxt "MainWindow|" msgid "Slovak" msgstr "Slovaque" #: ../widgets/MW_help.cpp:55 msgctxt "MainWindow|" msgid "Spanish" msgstr "Espagnol" #: ../widgets/MW_help.cpp:44 msgctxt "MainWindow|" msgid "Persian" msgstr "Persan" #: ../widgets/MW_help.cpp:26 msgctxt "MainWindow|" msgid "Bulgarian" msgstr "Bulgare" #: ../widgets/MW_help.cpp:48 msgctxt "MainWindow|" msgid "Polish" msgstr "Polonais" #: ../widgets/MW_help.cpp:40 msgctxt "MainWindow|" msgid "Italian" msgstr "Italien" #: ../widgets/MW_help.cpp:28 msgctxt "MainWindow|" msgid "Chinese" msgstr "Chinois" #: ../widgets/MW_help.cpp:32 msgctxt "MainWindow|" msgid "Dutch" msgstr "Néerlandais" #: ../widgets/MW_help.cpp:50 msgctxt "MainWindow|" msgid "Portuguese in Brazil" msgstr "Portugais du Brésil" #: ../widgets/MW_help.cpp:38 msgctxt "MainWindow|" msgid "Indonesian" msgstr "Indonésien" #: ../widgets/MW_help.cpp:57 msgctxt "MainWindow|" msgid "Turkish" msgstr "Turc" #: ../widgets/MW_menu.cpp:85 msgctxt "MainWindow|" msgid "Language" msgstr "Langue" #: ../widgets/MW_menu.cpp:103 msgctxt "MainWindow|" msgid "&File" msgstr "&Fichier" #: ../widgets/MW_menu.cpp:113 msgctxt "MainWindow|" msgid "Open Remote DataBase" msgstr "Ouvrir une base de données externe" #: ../widgets/MW_menu.cpp:117 msgctxt "MainWindow|" msgid "Set as default DataBase" msgstr "Définir comme base de données par défaut" #: ../widgets/MW_menu.cpp:105 msgctxt "MainWindow|" msgid "New DataBase" msgstr "Nouvelle base de données" #: ../widgets/MW_menu.cpp:109 msgctxt "MainWindow|" msgid "Open DataBase" msgstr "Ouvrir une base de données" #: ../widgets/MW_menu.cpp:119 msgctxt "MainWindow|" msgid "Close DataBase" msgstr "Fermer la base de données" #: ../widgets/MW_menu.cpp:124 msgctxt "MainWindow|" msgid "Options" msgstr "Options" #: ../widgets/MW_menu.cpp:132 msgctxt "MainWindow|" msgid "Exit" msgstr "Quitter" #: ../widgets/MW_menu.cpp:143 msgctxt "MainWindow|" msgid "I&mport" msgstr "I&mporter" #: ../widgets/MW_menu.cpp:144 msgctxt "MainWindow|" msgid "Keys" msgstr "Clés" #: ../widgets/MW_menu.cpp:145 msgctxt "MainWindow|" msgid "Requests" msgstr "Requêtes" #: ../widgets/MW_menu.cpp:147 msgctxt "MainWindow|" msgid "PKCS#12" msgstr "PKCS#12" #: ../widgets/MW_menu.cpp:148 msgctxt "MainWindow|" msgid "PKCS#7" msgstr "PKCS#7" #: ../widgets/MW_menu.cpp:149 msgctxt "MainWindow|" msgid "Template" msgstr "Modèle" #: ../widgets/MW_menu.cpp:150 msgctxt "MainWindow|" msgid "Revocation list" msgstr "Liste de révocation" #: ../widgets/MW_menu.cpp:151 msgctxt "MainWindow|" msgid "PEM file" msgstr "Fichier PEM" #: ../widgets/MW_menu.cpp:152 msgctxt "MainWindow|" msgid "Paste PEM file" msgstr "Coller un fichier PEM" #: ../widgets/MW_menu.cpp:156 msgctxt "MainWindow|" msgid "Token" msgstr "Jeton" #: ../widgets/MW_menu.cpp:173 msgctxt "MainWindow|" msgid "Export Certificate &Index hierarchy" msgstr "Exporter la hiérarchie de l'index des certificats" #: ../widgets/MW_menu.cpp:191 msgctxt "MainWindow|" msgid "Content" msgstr "Contenu" #: ../widgets/MW_menu.cpp:157 msgctxt "MainWindow|" msgid "&Manage Security token" msgstr "&Gérer le jeton de sécurité" #: ../widgets/MW_menu.cpp:159 msgctxt "MainWindow|" msgid "&Init Security token" msgstr "&Initialiser le jeton de sécurité" #: ../widgets/MW_menu.cpp:161 msgctxt "MainWindow|" msgid "&Change PIN" msgstr "&Changer le NIP" #: ../widgets/MW_menu.cpp:163 msgctxt "MainWindow|" msgid "Change &SO PIN" msgstr "Changer le P&UK" #: ../widgets/MW_menu.cpp:165 msgctxt "MainWindow|" msgid "Init PIN" msgstr "Initialiser le NIP" #: ../widgets/MW_menu.cpp:168 msgctxt "MainWindow|" msgid "Extra" msgstr "Extra" #: ../widgets/MW_menu.cpp:169 msgctxt "MainWindow|" msgid "&Dump DataBase" msgstr "C&licher la base de données" #: ../widgets/MW_menu.cpp:171 msgctxt "MainWindow|" msgid "&Export Certificate Index" msgstr "Exporter l'index des certificats" #: ../widgets/MW_menu.cpp:175 msgctxt "MainWindow|" msgid "C&hange DataBase password" msgstr "C&hanger le mot de passe de la base de données" #: ../widgets/MW_menu.cpp:178 msgctxt "MainWindow|" msgid "&Undelete items" msgstr "&Récupérer des objets détruits" #: ../widgets/MW_menu.cpp:181 msgctxt "MainWindow|" msgid "Generate DH parameter" msgstr "Générer le paramètre DH" #: ../widgets/MW_menu.cpp:183 msgctxt "MainWindow|" msgid "OID Resolver" msgstr "Convertisseur d'OID" #: ../widgets/MW_menu.cpp:190 msgctxt "MainWindow|" msgid "&Help" msgstr "&Aide" #: ../widgets/MW_menu.cpp:193 msgctxt "MainWindow|" msgid "About" msgstr "A propos" #: ../widgets/MainWindow.cpp:257 msgctxt "MainWindow|" msgid "Import PEM data" msgstr "Importer les données PEM" #: ../widgets/MainWindow.cpp:286 #, qt-format msgctxt "MainWindow|" msgid "Please enter the original SO PIN (PUK) of the token '%1'" msgstr "SVP saisir le PUK original du jeton '%1'" #: ../widgets/MainWindow.cpp:117 ../widgets/MainWindow.cpp:792 msgctxt "MainWindow|" msgid "Search" msgstr "Rechercher" #: ../widgets/MainWindow.cpp:292 #, qt-format msgctxt "MainWindow|" msgid "Please enter the new SO PIN (PUK) for the token '%1'" msgstr "SVP saisir le nouveau NIP SO (PUK) pour le jeton: '%1'" #: ../widgets/MainWindow.cpp:299 #, qt-format msgctxt "MainWindow|" msgid "The new label of the token '%1'" msgstr "La nouvelle étiquette du jeton '%1'" #: ../widgets/MainWindow.cpp:416 #, qt-format msgctxt "MainWindow|" msgid "The token '%1' did not contain any keys or certificates" msgstr "Le jeton '%1' ne contient aucune clé ni aucun certificat" #: ../widgets/MainWindow.cpp:420 msgctxt "MainWindow|" msgid "Retry with PIN" msgstr "Réessayer avec le NIP" #: ../widgets/MainWindow.cpp:421 msgctxt "MainWindow|" msgid "Retry with SO PIN" msgstr "Réessayer avec le NIP d'agende sécurité" #: ../widgets/MainWindow.cpp:484 msgctxt "MainWindow|" msgid "Current Password" msgstr "Mot de passe actuel" #: ../widgets/MainWindow.cpp:485 msgctxt "MainWindow|" msgid "Please enter the current database password" msgstr "SVP saisir le mot de passe de la base de données" #: ../widgets/MainWindow.cpp:495 msgctxt "MainWindow|" msgid "The entered password is wrong" msgstr "Le mot de passe renseigné est inexact" #: ../widgets/MainWindow.cpp:500 msgctxt "MainWindow|" msgid "New Password" msgstr "Nouveau mot de passe" #: ../widgets/MainWindow.cpp:500 msgctxt "MainWindow|" msgid "" "Please enter the new password to encrypt your private keys in the database-" "file" msgstr "" "SVP saisir le nouveau mot de passe pour chiffrer les clés privées dans le " "fichier de base de données" #: ../widgets/MainWindow.cpp:524 msgctxt "MainWindow|" msgid "Transaction start failed" msgstr "Le démarrage de la transaction a échoué" #: ../widgets/MainWindow.cpp:611 #, qt-format msgctxt "MainWindow|" msgid "Database: %1" msgstr "Base de données: %1" #: ../widgets/MainWindow.cpp:639 #, qt-format msgctxt "MainWindow|" msgid "The currently used PFX / PKCS#12 algorithm '%1' is insecure." msgstr "L'algorithme '%1' utilisé pour PFX / PKCS#12 est peu sûr." #: ../widgets/MainWindow.cpp:644 msgctxt "MainWindow|" msgid "Change" msgstr "Changer" #: ../widgets/MainWindow.cpp:711 msgctxt "MainWindow|" msgid "Certificate Index ( index.txt )" msgstr "Index des certificats ( index.txt )" #: ../widgets/MainWindow.cpp:712 ../widgets/MainWindow.cpp:768 msgctxt "MainWindow|" msgid "All files ( * )" msgstr "Tous les fichiers ( * )" #: ../widgets/MainWindow.cpp:735 #, qt-format msgctxt "MainWindow|" msgid "Diffie-Hellman parameters saved as: %1" msgstr "Les paramètres Diffie-Hellman on été sauvegardés dans: %1" #: ../widgets/MainWindow.cpp:753 msgctxt "MainWindow|" msgid "" "Diffie-Hellman parameters are needed for different applications, but not " "handled by XCA.\n" "Please enter the DH parameter bits" msgstr "" "Les paramètres de Diffie-Hellman sont nécessaires à certaines applications " "mais ne sont pas gérés par XCA.\n" "Saisir le nombre de bits du paramètre de Diffie-Hellman SVP" #: ../ui/NewCrl.ui:32 msgctxt "NewCrl|" msgid "Last update" msgstr "Dernière mise-à-jour" #: ../ui/NewCrl.ui:46 msgctxt "NewCrl|" msgid "Next update" msgstr "Prochaine mise-à-jour" #: ../ui/NewCrl.ui:70 msgctxt "NewCrl|" msgid "Days" msgstr "Jours" #: ../ui/NewCrl.ui:75 msgctxt "NewCrl|" msgid "Months" msgstr "Mois" #: ../ui/NewCrl.ui:80 msgctxt "NewCrl|" msgid "Years" msgstr "Années" #: ../ui/NewCrl.ui:88 msgctxt "NewCrl|" msgid "Midnight" msgstr "Minuit" #: ../ui/NewCrl.ui:95 msgctxt "NewCrl|" msgid "Local time" msgstr "Heure locale" #: ../ui/NewCrl.ui:102 msgctxt "NewCrl|" msgid "Apply" msgstr "Appliquer" #: ../ui/NewCrl.ui:128 msgctxt "NewCrl|" msgid "Options" msgstr "Options" #: ../ui/NewCrl.ui:172 msgctxt "NewCrl|" msgid "CRL number" msgstr "Numéro de la liste de révocation" #: ../ui/NewCrl.ui:144 msgctxt "NewCrl|" msgid "Subject alternative name" msgstr "Nom alternatif du sujet" #: ../ui/NewCrl.ui:199 msgctxt "NewCrl|" msgid "Revocation reasons" msgstr "Raisons de la révocation" #: ../ui/NewCrl.ui:158 msgctxt "NewCrl|" msgid "Authority key identifier" msgstr "Identifiant de clé de l'autorité" #: ../ui/NewCrl.ui:134 msgctxt "NewCrl|" msgid "Hash algorithm" msgstr "Algorithme de hachage" #: ../widgets/NewCrl.cpp:78 msgctxt "NewCrl|" msgid "Create CRL" msgstr "Créer une liste de révocation" #: ../ui/NewKey.ui:86 msgctxt "NewKey|" msgid "Please give a name to the new key and select the desired keysize" msgstr "" "SVP donner un nom à la nouvelle clé et sélectionner la taille de clé désirée" #: ../ui/NewKey.ui:96 msgctxt "NewKey|" msgid "Key properties" msgstr "Propriétés de la clé" #: ../ui/NewKey.ui:102 msgctxt "NewKey|" msgid "Name" msgstr "Nom" #: ../ui/NewKey.ui:121 msgctxt "NewKey|" msgid "The internal name of the new key" msgstr "Le nom interne de la nouvelle clé" #: ../ui/NewKey.ui:151 msgctxt "NewKey|" msgid "Curve name" msgstr "Nom de la courbe" #: ../ui/NewKey.ui:171 msgctxt "NewKey|" msgid "Usually at least 2048 bit keys are recommended" msgstr "Généralement une clé de 2048 bits est recommandée" #: ../ui/NewKey.ui:39 ../ui/NewKey.ui:124 msgctxt "NewKey|" msgid "New Key" msgstr "Nouvelle Clé" #: ../ui/NewKey.ui:158 msgctxt "NewKey|" msgid "Keysize" msgstr "Taille de la clé" #: ../ui/NewKey.ui:178 msgctxt "NewKey|" msgid "Keytype" msgstr "Type de clé" #: ../ui/NewKey.ui:188 msgctxt "NewKey|" msgid "Remember as default" msgstr "Enregistrer comme valeur par défaut" #: ../widgets/NewKey.cpp:135 msgctxt "NewKey|" msgid "Create" msgstr "Créer" #: ../ui/NewX509.ui:75 msgctxt "NewX509|" msgid "Source" msgstr "Source" #: ../ui/NewX509.ui:97 msgctxt "NewX509|" msgid "Signing request" msgstr "Requête de signature" #: ../ui/NewX509.ui:121 msgctxt "NewX509|" msgid "Show request" msgstr "Afficher la requête" #: ../ui/NewX509.ui:128 msgctxt "NewX509|" msgid "Sign this Certificate signing &request" msgstr "Signer cette &requête" #: ../ui/NewX509.ui:135 msgctxt "NewX509|" msgid "Copy extensions from the request" msgstr "Copier les extensions de la requête" #: ../ui/NewX509.ui:145 msgctxt "NewX509|" msgid "Modify subject of the request" msgstr "Modifier le sujet de la requête" #: ../ui/NewX509.ui:177 msgctxt "NewX509|" msgid "Signing" msgstr "Signer" #: ../ui/NewX509.ui:185 msgctxt "NewX509|" msgid "Create a &self signed certificate" msgstr "Créer un certificat auto-&signé" #: ../ui/NewX509.ui:199 msgctxt "NewX509|" msgid "Use &this Certificate for signing" msgstr "Utiliser &ce certificat pour signer" #: ../ui/NewX509.ui:206 msgctxt "NewX509|" msgid "All certificates in your database that can create valid signatures" msgstr "" "Tous les certificats dans la base de données qui peuvent produire des " "signatures valables" #: ../ui/NewX509.ui:233 msgctxt "NewX509|" msgid "Signature algorithm" msgstr "Algorithme de signature" #: ../ui/NewX509.ui:261 msgctxt "NewX509|" msgid "Template for the new certificate" msgstr "Modèle pour le nouveau certificat" #: ../ui/NewX509.ui:273 msgctxt "NewX509|" msgid "All available templates" msgstr "Tous les modèles disponibles" #: ../ui/NewX509.ui:295 msgctxt "NewX509|" msgid "Apply extensions" msgstr "Appliquer les extensions" #: ../ui/NewX509.ui:302 msgctxt "NewX509|" msgid "Apply subject" msgstr "Appliquer le sujet" #: ../ui/NewX509.ui:315 msgctxt "NewX509|" msgid "Apply all" msgstr "Appliquer tout" #: ../widgets/NewX509.cpp:611 ../ui/NewX509.ui:344 msgctxt "NewX509|" msgid "Subject" msgstr "Sujet" #: ../ui/NewX509.ui:352 msgctxt "NewX509|" msgid "Internal Name" msgstr "Nom interne" #: ../ui/NewX509.ui:368 msgctxt "NewX509|" msgid "Distinguished name" msgstr "Nom distinctif" #: ../ui/NewX509.ui:394 msgctxt "NewX509|" msgid "Add" msgstr "Ajouter" #: ../ui/NewX509.ui:401 msgctxt "NewX509|" msgid "Delete" msgstr "Enlever" #: ../ui/NewX509.ui:438 msgctxt "NewX509|" msgid "Private key" msgstr "Clé privée" #: ../ui/NewX509.ui:450 msgctxt "NewX509|" msgid "This list only contains unused keys" msgstr "Cette liste ne contient que les clés inutilisées" #: ../ui/NewX509.ui:457 msgctxt "NewX509|" msgid "Used keys too" msgstr "Inclure les clés utilisées" #: ../ui/NewX509.ui:464 msgctxt "NewX509|" msgid "&Generate a new key" msgstr "&Générer une nouvelle clé" #: ../ui/NewX509.ui:475 msgctxt "NewX509|" msgid "Extensions" msgstr "Extensions" #: ../ui/NewX509.ui:486 msgctxt "NewX509|" msgid "Type" msgstr "Type" #: ../ui/NewX509.ui:493 msgctxt "NewX509|" msgid "If this will become a CA certificate or not" msgstr "Si un certificat d'autorité (CA) est en train d'être créé ou non" #: ../ui/NewX509.ui:497 msgctxt "NewX509|" msgid "Not defined" msgstr "Non défini" #: ../ui/NewX509.ui:502 msgctxt "NewX509|" msgid "Certification Authority" msgstr "Autorité de Certification" #: ../ui/NewX509.ui:507 msgctxt "NewX509|" msgid "End Entity" msgstr "Entité Finale" #: ../ui/NewX509.ui:515 msgctxt "NewX509|" msgid "Path length" msgstr "Distance aux entités finales" #: ../ui/NewX509.ui:522 msgctxt "NewX509|" msgid "How much CAs may be below this." msgstr "" "Combien de niveau de sous-CA peuvent apparaître jusqu'à une entité finale." #: ../ui/NewX509.ui:529 msgctxt "NewX509|" msgid "The basic constraints should always be critical" msgstr "Les contraintes basiques doivent toujours être critiques" #: ../ui/NewX509.ui:542 msgctxt "NewX509|" msgid "Key identifier" msgstr "Identifiant de clé" #: ../ui/NewX509.ui:563 msgctxt "NewX509|" msgid "Creates a hash of the key following the PKIX guidelines" msgstr "Crée un hachage de la clé conformément aux directives PKIX" #: ../ui/NewX509.ui:573 msgctxt "NewX509|" msgid "Copy the Subject Key Identifier from the issuer" msgstr "Copie l'identifiant de clé du sujet du signataire" #: ../ui/NewX509.ui:619 msgctxt "NewX509|" msgid "Validity" msgstr "Validité" #: ../ui/NewX509.ui:625 msgctxt "NewX509|" msgid "Not before" msgstr "Pas avant" #: ../ui/NewX509.ui:639 msgctxt "NewX509|" msgid "Not after" msgstr "Pas après" #: ../ui/NewX509.ui:656 msgctxt "NewX509|" msgid "Time range" msgstr "Intervalle de temps" #: ../ui/NewX509.ui:666 msgctxt "NewX509|" msgid "Days" msgstr "Jours" #: ../ui/NewX509.ui:671 msgctxt "NewX509|" msgid "Months" msgstr "Mois" #: ../ui/NewX509.ui:676 msgctxt "NewX509|" msgid "Years" msgstr "Années" #: ../ui/NewX509.ui:704 msgctxt "NewX509|" msgid "Apply" msgstr "Appliquer" #: ../ui/NewX509.ui:711 msgctxt "NewX509|" msgid "Set the time to 00:00:00 and 23:59:59 respectively" msgstr "Définir les heures à 00:00:00 et 23:59:59 respectivement" #: ../ui/NewX509.ui:714 msgctxt "NewX509|" msgid "Midnight" msgstr "Minuit" #: ../ui/NewX509.ui:684 msgctxt "NewX509|" msgid "Local time" msgstr "Heure locale" #: ../ui/NewX509.ui:691 msgctxt "NewX509|" msgid "No well-defined expiration" msgstr "Pas de date d'expiration précise" #: ../ui/NewX509.ui:768 ../ui/NewX509.ui:811 ../ui/NewX509.ui:834 #: ../ui/NewX509.ui:863 msgctxt "NewX509|" msgid "DNS: IP: URI: email: RID:" msgstr "DNS: IP: URI: email: RID:" #: ../widgets/NewX509.cpp:1029 ../ui/NewX509.ui:775 ../ui/NewX509.ui:801 #: ../ui/NewX509.ui:827 ../ui/NewX509.ui:870 ../ui/NewX509.ui:896 msgctxt "NewX509|" msgid "Edit" msgstr "Modifier" #: ../ui/NewX509.ui:922 msgctxt "NewX509|" msgid "URI:" msgstr "URI:" #: ../ui/NewX509.ui:932 msgctxt "NewX509|" msgid "Key usage" msgstr "Usage de la clé" #: ../ui/NewX509.ui:1070 msgctxt "NewX509|" msgid "Netscape" msgstr "Netscape" #: ../ui/NewX509.ui:1228 msgctxt "NewX509|" msgid "Advanced" msgstr "Avancé" #: ../widgets/NewX509.cpp:1039 ../ui/NewX509.ui:1252 msgctxt "NewX509|" msgid "Validate" msgstr "Valider" #: ../ui/NewX509.ui:1275 msgctxt "NewX509|" msgid "Comment" msgstr "Commentaire" #: ../ui/NewX509.ui:359 msgctxt "NewX509|" msgid "" "This name is only used internally and does not appear in the resulting " "certificate" msgstr "" "Ce nom est seulement utilisé par xca et n'apparaît pas dans le certificat " "exporté" #: ../widgets/NewX509.cpp:276 msgctxt "NewX509|" msgid "Critical" msgstr "Critique" #: ../widgets/NewX509.cpp:317 msgctxt "NewX509|" msgid "Create Certificate signing request" msgstr "Créer une requête de signature de certificat" #: ../widgets/NewX509.cpp:343 #, qt-format msgctxt "NewX509|" msgid "minimum size: %1" msgstr "taille minimale: %1" #: ../widgets/NewX509.cpp:345 #, qt-format msgctxt "NewX509|" msgid "maximum size: %1" msgstr "taille maximale: %1" #: ../widgets/NewX509.cpp:347 msgctxt "NewX509|" msgid "only a-z A-Z 0-9 '()+,-./:=?" msgstr "seulement a-z A-Z 0-9 '()+,-./:=?" #: ../widgets/NewX509.cpp:351 msgctxt "NewX509|" msgid "only 7-bit clean characters" msgstr "seulement des caractères 7-bit ASCII imprimables" #: ../widgets/NewX509.cpp:376 msgctxt "NewX509|" msgid "Edit XCA template" msgstr "Editer un modèle XCA" #: ../widgets/NewX509.cpp:391 msgctxt "NewX509|" msgid "Create x509 Certificate" msgstr "Créer un certificat x509" #: ../widgets/NewX509.cpp:779 #, qt-format msgctxt "NewX509|" msgid "Template '%1' applied" msgstr "Le modèle '%1' a été appliqué" #: ../widgets/NewX509.cpp:786 #, qt-format msgctxt "NewX509|" msgid "Subject applied from template '%1'" msgstr "Sujet extrait du modèle '%1'" #: ../widgets/NewX509.cpp:794 #, qt-format msgctxt "NewX509|" msgid "Extensions applied from template '%1'" msgstr "Les extensions du modéle '%1' ont été appliquées" #: ../widgets/NewX509.cpp:809 #, qt-format msgctxt "NewX509|" msgid "New key '%1' created" msgstr "La nouvelle clé '%1' a été créée" #: ../widgets/NewX509.cpp:1061 msgctxt "NewX509|" msgid "Other Tabs" msgstr "Autres Onglets" #: ../widgets/NewX509.cpp:1077 msgctxt "NewX509|" msgid "Advanced Tab" msgstr "Onglet Avancé" #: ../widgets/NewX509.cpp:1084 msgctxt "NewX509|" msgid "Errors" msgstr "Erreurs" #: ../widgets/NewX509.cpp:1103 msgctxt "NewX509|" msgid "From PKCS#10 request" msgstr "A partir d'une requête en PKCS#10" #: ../widgets/NewX509.cpp:1113 msgctxt "NewX509|" msgid "Error" msgstr "Erreur" #: ../widgets/NewX509.cpp:1113 msgctxt "NewX509|" msgid "duplicate extensions" msgstr "Extensions à double" #: ../widgets/NewX509.cpp:1122 msgctxt "NewX509|" msgid "The Name Constraints are invalid" msgstr "Les contraintes sur le nom sont invalides" #: ../widgets/NewX509.cpp:1124 msgctxt "NewX509|" msgid "The Subject Alternative Name is invalid" msgstr "Le nom alternatif du sujet est invalide" #: ../widgets/NewX509.cpp:1126 msgctxt "NewX509|" msgid "The Issuer Alternative Name is invalid" msgstr "Le nom alternatif de l'émetteur est invalide" #: ../widgets/NewX509.cpp:1128 msgctxt "NewX509|" msgid "The CRL Distribution Point is invalid" msgstr "Le point de distribution de la CRL est invalide" #: ../widgets/NewX509.cpp:1130 msgctxt "NewX509|" msgid "The Authority Information Access is invalid" msgstr "L'accès à l'information de l'autorité est invalide" #: ../widgets/NewX509.cpp:1241 ../widgets/NewX509.cpp:1254 #: ../widgets/NewX509.cpp:1273 ../widgets/NewX509.cpp:1285 #: ../widgets/NewX509.cpp:1301 ../widgets/NewX509.cpp:1315 #: ../widgets/NewX509.cpp:1349 ../widgets/NewX509.cpp:1368 #: ../widgets/NewX509.cpp:1391 ../widgets/NewX509.cpp:1414 #: ../widgets/NewX509.cpp:1449 ../widgets/NewX509.cpp:1469 #: ../widgets/NewX509.cpp:1502 msgctxt "NewX509|" msgid "Abort rollout" msgstr "Interrompre le déploiement" #: ../widgets/NewX509.cpp:1250 msgctxt "NewX509|" msgid "The following length restrictions of RFC3280 are violated:" msgstr "" "Pour être en conformité avec la RFC3280, les règles de restriction de " "longueur suivantes ne sont pas respectées:" #: ../widgets/NewX509.cpp:1253 ../widgets/NewX509.cpp:1314 msgctxt "NewX509|" msgid "Edit subject" msgstr "Modifier le sujet" #: ../widgets/NewX509.cpp:1255 ../widgets/NewX509.cpp:1316 #: ../widgets/NewX509.cpp:1369 ../widgets/NewX509.cpp:1392 #: ../widgets/NewX509.cpp:1415 ../widgets/NewX509.cpp:1450 #: ../widgets/NewX509.cpp:1470 ../widgets/NewX509.cpp:1503 msgctxt "NewX509|" msgid "Continue rollout" msgstr "Continuer le déploiement" #: ../widgets/NewX509.cpp:1271 msgctxt "NewX509|" msgid "" "The verification of the Certificate request failed.\n" "The rollout should be aborted." msgstr "" "La vérification de la requête de signature à échoué.\n" "Le déploiement devrait être interrompu." #: ../widgets/NewX509.cpp:1272 msgctxt "NewX509|" msgid "Continue anyway" msgstr "Continuer quand-même" #: ../widgets/NewX509.cpp:1283 msgctxt "NewX509|" msgid "" "The internal name and the common name are empty.\n" "Please set at least the internal name." msgstr "" "Le nom interne et le nom commun sont vides.\n" "SVP saisir au moins le nom interne." #: ../widgets/NewX509.cpp:1284 msgctxt "NewX509|" msgid "Edit name" msgstr "Modifier le nom" #: ../widgets/NewX509.cpp:1299 msgctxt "NewX509|" msgid "There is no Key selected for signing." msgstr "Aucune clé n'est sélectionnée pour la signature." #: ../widgets/NewX509.cpp:1300 msgctxt "NewX509|" msgid "Select key" msgstr "Sélectionner la clé" #: ../widgets/NewX509.cpp:1312 #, qt-format msgctxt "NewX509|" msgid "" "The following distinguished name entries are empty:\n" "%1\n" "though you have declared them as mandatory in the options menu." msgstr "" "Les indications de nom distinctif suivantes sont vides:\n" "%1\n" "bien que vous les avez déclarées comme obligatoires dans le menu des options." #: ../widgets/NewX509.cpp:1346 msgctxt "NewX509|" msgid "The key you selected for signing is not a private one." msgstr "La clé sélectionnée pour la signature n'est pas une clé privée." #: ../widgets/NewX509.cpp:1347 msgctxt "NewX509|" msgid "Select other signer" msgstr "Sélectionner un autre signataire" #: ../widgets/NewX509.cpp:1347 msgctxt "NewX509|" msgid "Select other key" msgstr "Sélectionner une autre clé" #: ../widgets/NewX509.cpp:1357 #, qt-format msgctxt "NewX509|" msgid "" "The currently selected hash algorithm '%1' is insecure and should not be " "used." msgstr "" "L'algorithme de hachage sélectionné '%1' est peu sûr et ne devrait pas être " "utilisé." #: ../widgets/NewX509.cpp:1358 msgctxt "NewX509|" msgid "Select other algorithm" msgstr "Sélectionner un autre algorithme" #: ../widgets/NewX509.cpp:1359 msgctxt "NewX509|" msgid "Use algorithm anyway" msgstr "Utiliser quand même cet algorithme" #: ../widgets/NewX509.cpp:1365 msgctxt "NewX509|" msgid "" "The certificate will be earlier valid than the signer. This is probably not " "what you want." msgstr "" "Le certificat serait valide avant son signataire. Ce n'est probablement pas " "ce qui est désiré." #: ../widgets/NewX509.cpp:1367 ../widgets/NewX509.cpp:1390 #: ../widgets/NewX509.cpp:1413 msgctxt "NewX509|" msgid "Edit dates" msgstr "Modifier les limites de validité" #: ../widgets/NewX509.cpp:1370 ../widgets/NewX509.cpp:1393 msgctxt "NewX509|" msgid "Adjust date and continue" msgstr "Ajuster la date et continuer" #: ../widgets/NewX509.cpp:1388 msgctxt "NewX509|" msgid "" "The certificate will be longer valid than the signer. This is probably not " "what you want." msgstr "" "Le certificat serait valide plus longtemps que son signataire. Ce n'est " "probablement pas ce qui est désiré." #: ../widgets/NewX509.cpp:1411 msgctxt "NewX509|" msgid "" "The certificate will be out of date before it becomes valid. You most " "probably mixed up both dates." msgstr "" "Le certificat serait échu avant de devenir actif. Vous avez probablement " "interverti les deux dates." #: ../widgets/NewX509.cpp:1433 msgctxt "NewX509|" msgid "" "The certificate contains invalid or duplicate extensions. Check the " "validation on the advanced tab." msgstr "" "Le certificat contient des extensions dupliquées ou invalides. Vérifier la " "validité sur l'onglet \"Avancé\"." #: ../widgets/NewX509.cpp:1437 msgctxt "NewX509|" msgid "" "The certificate contains no extensions. You may apply the extensions of one " "of the templates to define the purpose of the certificate." msgstr "" "Le certificat ne contient aucune extension. Vous pouvez appliquer des " "extensions à partir de l'un des modèles pour définir l'usage du certificat" #: ../widgets/NewX509.cpp:1441 msgctxt "NewX509|" msgid "The certificate contains invalid extensions." msgstr "Le certificat contient des extensions invalides." #: ../widgets/NewX509.cpp:1448 ../widgets/NewX509.cpp:1468 #: ../widgets/NewX509.cpp:1501 msgctxt "NewX509|" msgid "Edit extensions" msgstr "Modifier les extensions" #: ../widgets/NewX509.cpp:1467 msgctxt "NewX509|" msgid "" "The subject alternative name shall contain a copy of the common name. " "However, the common name is empty." msgstr "" "Le nom alternatif du sujet devrait contenir une copie du nom commun. " "Cependant ce dernier est vide." #: ../widgets/NewX509.cpp:1498 #, qt-format msgctxt "NewX509|" msgid "A name constraint of the issuer '%1' is violated: %2" msgstr "Une contrainte du signataire '%1' sur le nom n'est pas respectée: %2" #: ../widgets/NewX509_ext.cpp:173 #, qt-format msgctxt "NewX509|" msgid "Configfile error on line %1\n" msgstr "Erreur dans le fichier de configuration à la ligne %1\n" #: ../ui/OidResolver.ui:28 msgctxt "OidResolver|" msgid "OID Resolver" msgstr "Convertisseur d'OID" #: ../ui/OidResolver.ui:38 msgctxt "OidResolver|" msgid "Enter the OID, the Nid, or one of the textual representations" msgstr "Saisir l'OID, le Nid ou une des représentations symboliques" #: ../ui/OidResolver.ui:47 msgctxt "OidResolver|" msgid "Search" msgstr "Rechercher" #: ../ui/OidResolver.ui:74 msgctxt "OidResolver|" msgid "OID" msgstr "OID" #: ../ui/OidResolver.ui:119 msgctxt "OidResolver|" msgid "Long name" msgstr "Nom complet" #: ../ui/OidResolver.ui:145 ../ui/OidResolver.ui:167 msgctxt "OidResolver|" msgid "OpenSSL internal ID" msgstr "Identification interne à OpenSSL" #: ../ui/OidResolver.ui:148 msgctxt "OidResolver|" msgid "Nid" msgstr "Nid" #: ../ui/OidResolver.ui:177 msgctxt "OidResolver|" msgid "Short name" msgstr "Nom abrégé" #: ../ui/OpenDb.ui:36 msgctxt "OpenDb|" msgid "Open remote database" msgstr "Ouvrir une base de données externe" #: ../ui/OpenDb.ui:98 msgctxt "OpenDb|" msgid "Database type" msgstr "Type de base de données" #: ../ui/OpenDb.ui:108 msgctxt "OpenDb|" msgid "Hostname" msgstr "Nom du serveur" #: ../ui/OpenDb.ui:118 msgctxt "OpenDb|" msgid "Username" msgstr "Nom de l'utilisateur" #: ../ui/OpenDb.ui:128 msgctxt "OpenDb|" msgid "Password" msgstr "Mot de passe" #: ../widgets/OpenDb.cpp:57 ../ui/OpenDb.ui:142 msgctxt "OpenDb|" msgid "Database name" msgstr "Nom de la base de données" #: ../ui/OpenDb.ui:152 msgctxt "OpenDb|" msgid "Table prefix" msgstr "Préfixe du nom des tables" #: ../widgets/OpenDb.cpp:128 msgctxt "OpenDb|" msgid "" "No SqLite3 driver available. Please install the qt-sqlite package of your " "distribution" msgstr "" "Le pilote SqLite3 n'est pas disponible. SVP installez le paquetage qt-sqlite " "de votre distribution" #: ../ui/Options.ui:28 msgctxt "Options|" msgid "XCA Options" msgstr "Options de XCA" #: ../ui/Options.ui:42 msgctxt "Options|" msgid "Settings" msgstr "Réglages" #: ../ui/Options.ui:50 msgctxt "Options|" msgid "Default hash algorithm" msgstr "Algorithme de hachage par défaut" #: ../ui/Options.ui:78 msgctxt "Options|" msgid "String types" msgstr "Types de chaînes" #: ../ui/Options.ui:90 msgctxt "Options|" msgid "Suppress success messages" msgstr "Supprimer les messages en cas de succès" #: ../ui/Options.ui:123 msgctxt "Options|" msgid "Don't colorize expired certificates" msgstr "Ne pas coloriser les certificats expirés" #: ../ui/Options.ui:104 #, qt-format msgctxt "Options|" msgid "Translate established x509 terms (%1 -> %2)" msgstr "Traduire les termes standards définis par x509 (%1 -> %2)" #: ../ui/Options.ui:111 msgctxt "Options|" msgid "" "The hashing functionality of the token is not used by XCA.\n" "It may however honor a restricted hash-set propagated by the token.\n" "Especially EC and DSA are only defined with SHA1 in the PKCS#11 " "specification." msgstr "" "La fonctionalité de hachage du jeton n'est pas utilisée par XCA.\n" "Ce dernier peut néanmoins se limiter à un jeu restreint de fonctions de " "hachage reconnus par le jeton.\n" "En particulier, EC et DSA ne sont définis qu'avec SHA1 dans la spécification " "PKCS#11." #: ../ui/Options.ui:116 msgctxt "Options|" msgid "Only use hashes supported by the token when signing with a token key" msgstr "" "N'utiliser que des fonction de hachage supportées par le jeton lors d'une " "signature avec une clé du jeton" #: ../ui/Options.ui:97 msgctxt "Options|" msgid "Disable legacy Netscape extensions" msgstr "Désactiver les extensions Netscape désuètes" #: ../ui/Options.ui:64 msgctxt "Options|" msgid "PKCS12 encryption algorithm" msgstr "Algorithme de chiffrement de PKCS12" #: ../ui/Options.ui:141 msgctxt "Options|" msgid "Certificate expiry warning threshold" msgstr "Seuil d'avertissement de l'expiration d'un certificat" #: ../ui/Options.ui:160 msgctxt "Options|" msgid "Send vCalendar expiry reminder" msgstr "Envoyer un message vCalendar de rappel d'expiration" #: ../ui/Options.ui:171 msgctxt "Options|" msgid "Serial number length" msgstr "Longueur du numéro de série" #: ../ui/Options.ui:178 msgctxt "Options|" msgid " bit" msgstr " bits" #: ../ui/Options.ui:213 msgctxt "Options|" msgid "Distinguished name" msgstr "Nom distinctif" #: ../ui/Options.ui:219 msgctxt "Options|" msgid "Mandatory subject entries" msgstr "Inscriptions du sujet obligatoires" #: ../ui/Options.ui:237 ../ui/Options.ui:298 ../ui/Options.ui:380 msgctxt "Options|" msgid "Add" msgstr "Ajouter" #: ../ui/Options.ui:244 ../ui/Options.ui:305 msgctxt "Options|" msgid "Delete" msgstr "Enlever" #: ../ui/Options.ui:269 msgctxt "Options|" msgid "Explicit subject entries" msgstr "Inscriptions explicites du sujet" #: ../ui/Options.ui:287 msgctxt "Options|" msgid "Dynamically arrange explicit subject entries" msgstr "Arranger dynamiquement les éléments explicites du sujet" #: ../ui/Options.ui:312 msgctxt "Options|" msgid "Default" msgstr "Défaut" #: ../ui/Options.ui:338 msgctxt "Options|" msgid "PKCS#11 provider" msgstr "Fournisseur PKCS#11" #: ../ui/Options.ui:393 msgctxt "Options|" msgid "Remove" msgstr "Enlever" #: ../ui/Options.ui:400 msgctxt "Options|" msgid "Search" msgstr "Rechercher" #: ../widgets/Options.cpp:36 msgctxt "Options|" msgid "Printable string or UTF8 (default)" msgstr "Chaîne imprimable ou UTF8 (défaut)" #: ../widgets/Options.cpp:37 msgctxt "Options|" msgid "PKIX recommendation in RFC2459" msgstr "La recommandation PKIX est dans la RFC2459" #: ../widgets/Options.cpp:38 msgctxt "Options|" msgid "No BMP strings, only printable and T61" msgstr "Pas de chaîne BMP, seulement imprimable et T61" #: ../widgets/Options.cpp:39 msgctxt "Options|" msgid "UTF8 strings only (RFC2459)" msgstr "Chaînes UTF8 uniquement (RFC2459)" #: ../widgets/Options.cpp:40 msgctxt "Options|" msgid "All strings" msgstr "Toutes les chaînes" #: ../widgets/Options.cpp:62 msgctxt "Options|" msgid "Days" msgstr "Jours" #: ../widgets/Options.cpp:62 msgctxt "Options|" msgid "Weeks" msgstr "Semaines" #: ../ui/PwDialog.ui:118 msgctxt "PwDialog|" msgid "" "The password is parsed as 2-digit hex code. It must have an even number of " "digits (0-9 and a-f)" msgstr "" "Le mot de passe doit être exprimé sous forme d'une suite de chiffres " "hexadécimaux. Il doit contenir un nombre pair de chiffres (0-9 et a-f)" #: ../ui/PwDialog.ui:121 msgctxt "PwDialog|" msgid "Take as HEX string" msgstr "Exprimé en hexadécimal" #: ../widgets/PwDialog.cpp:72 #, qt-format msgctxt "PwDialog|" msgid "Repeat %1" msgstr "Répéter %1" #: ../widgets/PwDialog.cpp:85 #, qt-format msgctxt "PwDialog|" msgid "%1 mismatch" msgstr "%1 ne correspond pas" #: ../widgets/PwDialog.cpp:92 msgctxt "PwDialog|" msgid "" "Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it " "must consist of an even number of characters" msgstr "" "Un mot de passe hexadécimal peut seulement contenir les caractères '0' à '9' " "et 'a' à 'f' et il doit consister en un nombre pair de caractères" #: ../widgets/PwDialog.cpp:121 msgctxt "PwDialog|" msgid "Exit" msgstr "Quitter" #: ../lib/asn1time.cpp:142 msgctxt "QObject|" msgid "Undefined" msgstr "Indéfini" #: ../lib/asn1time.cpp:144 msgctxt "QObject|" msgid "Broken / Invalid" msgstr "Invalide" #: ../lib/asn1time.cpp:190 #, qt-format msgctxt "QObject|" msgid "in %1 seconds" msgstr "dans %1 secondes" #: ../lib/asn1time.cpp:191 #, qt-format msgctxt "QObject|" msgid "%1 seconds ago" msgstr "il y a %1 secondes" #: ../lib/asn1time.cpp:194 #, qt-format msgctxt "QObject|" msgid "in %1 minutes" msgstr "dans %1 minutes" #: ../lib/asn1time.cpp:195 #, qt-format msgctxt "QObject|" msgid "%1 minutes ago" msgstr "il y a %1 minutes" #: ../lib/asn1time.cpp:197 msgctxt "QObject|" msgid "Yesterday" msgstr "Hier" #: ../lib/asn1time.cpp:199 msgctxt "QObject|" msgid "Tomorrow" msgstr "Demain" #: ../lib/asn1time.cpp:202 #, qt-format msgctxt "QObject|" msgid "in %1 hours" msgstr "dans %1 heures" #: ../lib/asn1time.cpp:203 #, qt-format msgctxt "QObject|" msgid "%1 hours ago" msgstr "il y a %1 heures" #: ../lib/pki_temp.cpp:31 ../lib/pki_temp.cpp:41 msgctxt "QObject|" msgid "Out of data" msgstr "A court de données" #: ../lib/pki_temp.cpp:52 msgctxt "QObject|" msgid "Error finding endmarker of string" msgstr "Erreur: une marque de fin de chaîne n'a pas été trouvée" #: ../lib/load_obj.cpp:20 msgctxt "QObject|" msgid "All files ( * )" msgstr "Tous les fichiers ( * )" #: ../lib/load_obj.cpp:56 msgctxt "QObject|" msgid "" "PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK " "Keys ( *.pvk );; SSH Public Keys ( *.pub );;" msgstr "" "Clés PKI ( *.pem *.der *.key );; Clés PKCS#8 ( *.p8 *.pk8 );; Clés Microsoft " "PVK ( *.pvk );; Clés publiques SSH ( *.pub );;" #: ../lib/load_obj.cpp:60 msgctxt "QObject|" msgid "Import RSA key" msgstr "Importer une clé RSA" #: ../lib/load_obj.cpp:72 msgctxt "QObject|" msgid "PKCS#10 CSR ( *.pem *.der *.csr );; " msgstr "PKCS#10 CSR ( *.pem *.der *.csr );;" #: ../lib/load_obj.cpp:73 msgctxt "QObject|" msgid "Import Request" msgstr "Importer une requête" #: ../lib/load_obj.cpp:85 msgctxt "QObject|" msgid "Certificates ( *.pem *.der *.crt *.cer );;" msgstr "Certificats ( *.pem *.der *.crt *.cer );;" #: ../lib/load_obj.cpp:86 msgctxt "QObject|" msgid "Import X.509 Certificate" msgstr "Importer un certificat X.509" #: ../lib/load_obj.cpp:98 msgctxt "QObject|" msgid "PKCS#7 data ( *.p7s *.p7m *.p7b );;" msgstr "Données PKCS#7 ( *.p7s *.p7m *.p7b );;" #: ../lib/load_obj.cpp:99 msgctxt "QObject|" msgid "Import PKCS#7 Certificates" msgstr "Importer un certificat PKCS#7" #: ../lib/load_obj.cpp:111 msgctxt "QObject|" msgid "PKCS#12 Certificates ( *.p12 *.pfx );;" msgstr "Certificats PKCS#12 ( *.p12 *.pfx );;" #: ../lib/load_obj.cpp:112 msgctxt "QObject|" msgid "Import PKCS#12 Private Certificate" msgstr "Importer un certificat privé PKCS#12" #: ../lib/load_obj.cpp:125 msgctxt "QObject|" msgid "XCA templates ( *.xca );;" msgstr "Modèles XCA ( *.xca );;" #: ../lib/load_obj.cpp:126 msgctxt "QObject|" msgid "Import XCA Templates" msgstr "Importer des modèles XCA" #: ../lib/load_obj.cpp:138 msgctxt "QObject|" msgid "Revocation lists ( *.pem *.der *.crl );;" msgstr "Listes de révocation ( *.pem *.der *.crl );;" #: ../lib/load_obj.cpp:139 msgctxt "QObject|" msgid "Import Certificate Revocation List" msgstr "Importer une liste de révocation de certificats" #: ../lib/load_obj.cpp:151 msgctxt "QObject|" msgid "XCA Databases ( *.xdb );;" msgstr "Bases de données XCA ( *.xdb );;" #: ../lib/load_obj.cpp:152 msgctxt "QObject|" msgid "Open XCA Database" msgstr "Ouvrir une Base de Données XCA" #: ../lib/load_obj.cpp:159 msgctxt "QObject|" msgid "OpenVPN tls-auth key ( *.key );;" msgstr "clé tls-auth de OpenVPN ( *.key );;" #: ../lib/load_obj.cpp:160 msgctxt "QObject|" msgid "Import OpenVPN tls-auth key" msgstr "Importer une clé tls-auth de OpenVPN" #: ../lib/load_obj.cpp:168 msgctxt "QObject|" msgid "PKCS#11 library ( *.dll );;" msgstr "Bibliothèque PKCS#11 ( *.dll );;" #: ../lib/load_obj.cpp:170 msgctxt "QObject|" msgid "PKCS#11 library ( *.dylib *.so );;" msgstr "Bibliothèque PKCS#11 ( *.dylib *.so );;" #: ../lib/load_obj.cpp:172 msgctxt "QObject|" msgid "PKCS#11 library ( *.so );;" msgstr "Bibliothèque PKCS#11 ( *.so );;" #: ../lib/load_obj.cpp:174 msgctxt "QObject|" msgid "Open PKCS#11 shared library" msgstr "Ouvrir une bibliothèque partagée PKCS#11" #: ../lib/load_obj.cpp:181 msgctxt "QObject|" msgid "PEM files ( *.pem );;" msgstr "Fichiers PEM ( *.pem );;" #: ../lib/load_obj.cpp:182 msgctxt "QObject|" msgid "Load PEM encoded file" msgstr "Charger un fichier en format PEM" #: ../lib/pkcs11.cpp:219 msgctxt "QObject|" msgid "Please enter the PIN on the PinPad" msgstr "Saisir le NIP sur le pavé prévu à cet effet SVP" #: ../lib/pkcs11.cpp:236 #, qt-format msgctxt "QObject|" msgid "Please enter the SO PIN (PUK) of the token %1" msgstr "SVP saisir le PUK du jeton '%1'" #: ../lib/pkcs11.cpp:237 #, qt-format msgctxt "QObject|" msgid "Please enter the PIN of the token %1" msgstr "SVP saisir le NIP du jeton '%1'" #: ../lib/pkcs11.cpp:291 msgctxt "QObject|" msgid "No Security token found" msgstr "Aucun jeton de sécurité trouvé" #: ../lib/pkcs11.cpp:302 msgctxt "QObject|" msgid "Select" msgstr "Sélectionner" #: ../lib/pkcs11.cpp:325 #, qt-format msgctxt "QObject|" msgid "Please enter the new SO PIN (PUK) for the token: '%1'" msgstr "SVP saisir le nouveau PUK pour le jeton: '%1'" #: ../lib/pkcs11.cpp:327 #, qt-format msgctxt "QObject|" msgid "Please enter the new PIN for the token: '%1'" msgstr "SVP saisir le nouveau NIP pour le jeton: '%1'" #: ../lib/pkcs11.h:96 #, qt-format msgctxt "QObject|" msgid "Required PIN size: %1 - %2" msgstr "Taille du NIP requise: %1 - %2" #: ../lib/pkcs11_lib.cpp:119 msgctxt "QObject|" msgid "Disabled" msgstr "Désactivé" #: ../lib/pkcs11_lib.cpp:123 msgctxt "QObject|" msgid "Library loading failed" msgstr "Le chargement de la bibliothèque a échoué" #: ../lib/pkcs11_lib.cpp:484 #, qt-format msgctxt "QObject|" msgid "PKCS#11 function '%1' failed: %2" msgstr "La fonction PKCS#11 '%1' a échoué: %2" #: ../lib/pkcs11_lib.cpp:492 #, qt-format msgctxt "QObject|" msgid "" "PKCS#11 function '%1' failed: %2\n" "In library %3\n" "%4" msgstr "" "La fonction PKCS#11 '%1' a échoué: %2\n" "Dans la bibliothèque %3\n" "%4" #: ../lib/x509name.cpp:104 msgctxt "QObject|" msgid "Invalid" msgstr "Invalide" #: ../lib/x509name.cpp:220 #, qt-format msgctxt "QObject|" msgid "%1 is shorter than %2 bytes: '%3'" msgstr "%1 est plus court que %2 octets: '%3'" #: ../lib/x509name.cpp:225 #, qt-format msgctxt "QObject|" msgid "%1 is longer than %2 bytes: '%3'" msgstr "%1 est plus long que %2 octets: '%3'" #: ../lib/x509v3ext.cpp:112 #, qt-format msgctxt "QObject|" msgid "String '%1' for '%2' contains invalid characters" msgstr "La chaîne '%1' pour '%2' contient des caractères invalides" #: ../lib/oid.cpp:58 #, qt-format msgctxt "QObject|" msgid "Error reading config file %1 at line %2" msgstr "Erreur de lecture du fichier de configuration %1 à la ligne %2" #: ../lib/oid.cpp:96 #, qt-format msgctxt "QObject|" msgid "" "The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and " "should be removed." msgstr "" "L'objet '%1' du fichier %2, ligne %3 est déjà connu comme '%4:%5:%6' et " "devrait être détruit." #: ../lib/oid.cpp:105 #, qt-format msgctxt "QObject|" msgid "" "The identifier '%1' for OID %2 from file %3 line %4 is already used for a " "different OID as '%5:%6:%7' and should be changed to avoid conflicts." msgstr "" "L'identificateur '%1' de l'OID %2 du fichier %3, ligne %4 est déjà utilisé " "pour un OID différent connu comme '%5:%6:%7' et devrait être changé pour " "éviter les conflits." #: ../lib/oid.cpp:170 #, qt-format msgctxt "QObject|" msgid "Unknown object '%1' in file %2 line %3" msgstr "Objet inconnu '%1' dans le fichier %2, ligne %3" #: ../lib/sql.h:55 msgctxt "QObject|" msgid "Failed to start a database transaction" msgstr "Impossible de démarrer la transaction BDD" #: ../lib/func_base.cpp:244 msgctxt "QObject|" msgid "Country code" msgstr "Code de pays" #: ../lib/func_base.cpp:245 msgctxt "QObject|" msgid "State or Province" msgstr "Etat ou province" #: ../lib/func_base.cpp:246 msgctxt "QObject|" msgid "Locality" msgstr "Localité" #: ../lib/func_base.cpp:247 msgctxt "QObject|" msgid "Organisation" msgstr "Organisation" #: ../lib/func_base.cpp:248 msgctxt "QObject|" msgid "Organisational unit" msgstr "Unité d'organisation" #: ../lib/func_base.cpp:249 msgctxt "QObject|" msgid "Common name" msgstr "Nom commun" #: ../lib/func_base.cpp:250 msgctxt "QObject|" msgid "E-Mail address" msgstr "Adresse de courriel" #: ../lib/func_base.cpp:251 msgctxt "QObject|" msgid "Serial number" msgstr "Numéro de série" #: ../lib/func_base.cpp:252 msgctxt "QObject|" msgid "Given name" msgstr "Prénom" #: ../lib/func_base.cpp:253 msgctxt "QObject|" msgid "Surname" msgstr "Nom de famille" #: ../lib/func_base.cpp:254 msgctxt "QObject|" msgid "Title" msgstr "Titre" #: ../lib/func_base.cpp:255 msgctxt "QObject|" msgid "Initials" msgstr "Initiales" #: ../lib/func_base.cpp:256 msgctxt "QObject|" msgid "Description" msgstr "Description" #: ../lib/func_base.cpp:257 msgctxt "QObject|" msgid "Role" msgstr "Rôle" #: ../lib/func_base.cpp:258 msgctxt "QObject|" msgid "Pseudonym" msgstr "Pseudonyme" #: ../lib/func_base.cpp:259 msgctxt "QObject|" msgid "Generation Qualifier" msgstr "Qualifiant de génération" #: ../lib/func_base.cpp:260 msgctxt "QObject|" msgid "x500 Unique Identifier" msgstr "Identifiant Unique X500" #: ../lib/func_base.cpp:261 msgctxt "QObject|" msgid "Name" msgstr "Nom" #: ../lib/func_base.cpp:262 msgctxt "QObject|" msgid "DN Qualifier" msgstr "Qualifiant de DN" #: ../lib/func_base.cpp:263 msgctxt "QObject|" msgid "Unstructured name" msgstr "Nom non-structuré" #: ../lib/func_base.cpp:264 msgctxt "QObject|" msgid "Challenge password" msgstr "Mot de passe challenge" #: ../lib/func_base.cpp:266 msgctxt "QObject|" msgid "Basic Constraints" msgstr "Contraintes de base" #: ../lib/func_base.cpp:267 msgctxt "QObject|" msgid "Name Constraints" msgstr "Contraintes sur le nom" #: ../lib/func_base.cpp:268 msgctxt "QObject|" msgid "Subject alternative name" msgstr "Nom alternatif du sujet" #: ../lib/func_base.cpp:269 msgctxt "QObject|" msgid "issuer alternative name" msgstr "Nom alternatif de l'émetteur" #: ../lib/func_base.cpp:270 msgctxt "QObject|" msgid "Subject key identifier" msgstr "Clé d'identification du sujet" #: ../lib/func_base.cpp:271 msgctxt "QObject|" msgid "Authority key identifier" msgstr "Clé d'identification de l'autorité" #: ../lib/func_base.cpp:272 msgctxt "QObject|" msgid "Key usage" msgstr "Usage de la clé" #: ../lib/func_base.cpp:273 msgctxt "QObject|" msgid "Extended key usage" msgstr "Usage étendu de la clé" #: ../lib/func_base.cpp:274 msgctxt "QObject|" msgid "CRL distribution points" msgstr "Points de distribution de la CRL" #: ../lib/func_base.cpp:275 msgctxt "QObject|" msgid "Authority information access" msgstr "Accès à l'information de l'autorité" #: ../lib/func_base.cpp:276 msgctxt "QObject|" msgid "Certificate type" msgstr "Type de certificat" #: ../lib/func_base.cpp:277 msgctxt "QObject|" msgid "Base URL" msgstr "URL de base" #: ../lib/func_base.cpp:278 msgctxt "QObject|" msgid "Revocation URL" msgstr "URL de révocation" #: ../lib/func_base.cpp:279 msgctxt "QObject|" msgid "CA Revocation URL" msgstr "URL de révocation du CA" #: ../lib/func_base.cpp:280 msgctxt "QObject|" msgid "Certificate renewal URL" msgstr "URL de renouvellement du certificat" #: ../lib/func_base.cpp:281 msgctxt "QObject|" msgid "CA policy URL" msgstr "URL de la politique du CA" #: ../lib/func_base.cpp:282 msgctxt "QObject|" msgid "SSL server name" msgstr "Nom du serveur SSL" #: ../lib/func_base.cpp:283 msgctxt "QObject|" msgid "Comment" msgstr "Commentaire" #: ../lib/cmdline.cpp:166 #, qt-format msgctxt "QObject|" msgid "Index file written to '%1'" msgstr "Fichier d'index écrit dans '%1'" #: ../lib/cmdline.cpp:173 #, qt-format msgctxt "QObject|" msgid "Index hierarchy written to '%1'" msgstr "Hiérarchie d'index écrite dans '%1'" #: ../lib/cmdline.cpp:186 #, qt-format msgctxt "QObject|" msgid "Unknown key type %1" msgstr "Type de clé inconnu %1" #: ../lib/cmdline.cpp:273 #, qt-format msgctxt "QObject|" msgid "Failed to write PEM data to '%1'" msgstr "Impossible d'écrire les données en PEM dans '%1'" #: ../lib/XcaWarningCore.h:23 msgctxt "QObject|" msgid "Password verify error, please try again" msgstr "La vérification du mot de passe a échoué. SVP essayez encore" #: ../lib/XcaWarningCore.h:95 msgctxt "QObject|" msgid "The following error occurred:" msgstr "L'erreur suivante s'est produite:" #: ../lib/database_model.cpp:117 msgctxt "QObject|" msgid "Failed to update the database schema to the current version" msgstr "" "Impossible de mettre à jour le schéma de la base de données vers la version " "courante" #: ../lib/PwDialogCore.cpp:33 msgctxt "QObject|" msgid "Password" msgstr "Mot de passe" #: ../lib/pki_pkcs12.cpp:217 msgctxt "QObject|" msgid "insecure" msgstr "précaire" #: ../widgets/ReqTreeView.cpp:27 msgctxt "ReqTreeView|" msgid "Sign" msgstr "Signer" #: ../widgets/ReqTreeView.cpp:29 msgctxt "ReqTreeView|" msgid "Unmark signed" msgstr "Marquer comme non-signée" #: ../widgets/ReqTreeView.cpp:32 msgctxt "ReqTreeView|" msgid "Mark signed" msgstr "Marquer comme signée" #: ../widgets/ReqTreeView.cpp:35 msgctxt "ReqTreeView|" msgid "Similar Request" msgstr "Requête similaire" #: ../widgets/ReqTreeView.cpp:75 msgctxt "ReqTreeView|" msgid "Certificate request export" msgstr "Exporter la requête de signature" #: ../widgets/ReqTreeView.cpp:76 msgctxt "ReqTreeView|" msgid "Certificate request ( *.pem *.der *.csr )" msgstr "Requête de signature de certificat ( *.pem *.der *.csr )" #: ../ui/RevocationList.ui:30 msgctxt "RevocationList|" msgid "Manage revocations" msgstr "Gérer les révocations" #: ../ui/RevocationList.ui:96 msgctxt "RevocationList|" msgid "Add" msgstr "Ajouter" #: ../ui/RevocationList.ui:103 msgctxt "RevocationList|" msgid "Delete" msgstr "Enlever" #: ../ui/RevocationList.ui:110 msgctxt "RevocationList|" msgid "Edit" msgstr "Modifier" #: ../widgets/RevocationList.cpp:77 msgctxt "RevocationList|" msgid "No." msgstr "No." #: ../widgets/RevocationList.cpp:77 msgctxt "RevocationList|" msgid "Serial" msgstr "Numéro de série" #: ../widgets/RevocationList.cpp:77 msgctxt "RevocationList|" msgid "Revocation" msgstr "Révocation" #: ../widgets/RevocationList.cpp:77 msgctxt "RevocationList|" msgid "Reason" msgstr "Raison" #: ../widgets/RevocationList.cpp:78 msgctxt "RevocationList|" msgid "Invalidation" msgstr "Invalidation" #: ../widgets/RevocationList.cpp:107 msgctxt "RevocationList|" msgid "Generate CRL" msgstr "Générer la liste de révocation" #: ../ui/Revoke.ui:30 msgctxt "Revoke|" msgid "Certificate revocation" msgstr "Révocation du certificat" #: ../ui/Revoke.ui:87 msgctxt "Revoke|" msgid "Revocation details" msgstr "Détails de la révocation" #: ../ui/Revoke.ui:96 msgctxt "Revoke|" msgid "Revocation reason" msgstr "Raison de la révocation" #: ../ui/Revoke.ui:110 msgctxt "Revoke|" msgid "Local time" msgstr "Heure locale" #: ../ui/Revoke.ui:117 msgctxt "Revoke|" msgid "Invalid since" msgstr "Non-valide depuis" #: ../ui/Revoke.ui:124 msgctxt "Revoke|" msgid "Serial" msgstr "Numéro de série" #: ../ui/SearchPkcs11.ui:41 msgctxt "SearchPkcs11|" msgid "Directory" msgstr "Dossier" #: ../ui/SearchPkcs11.ui:57 msgctxt "SearchPkcs11|" msgid "..." msgstr "..." #: ../ui/SearchPkcs11.ui:64 msgctxt "SearchPkcs11|" msgid "Include subdirectories" msgstr "include les sous-dossiers" #: ../ui/SearchPkcs11.ui:71 msgctxt "SearchPkcs11|" msgid "Search" msgstr "Rechercher" #: ../widgets/SearchPkcs11.cpp:76 msgctxt "SearchPkcs11|" msgid "The following files are possible PKCS#11 libraries" msgstr "" "Les fichiers suivants sont susceptibles d'être des bibliothèques PKCS#11" #: ../ui/SelectToken.ui:39 msgctxt "SelectToken|" msgid "Security token" msgstr "Jeton de sécurité" #: ../ui/SelectToken.ui:86 msgctxt "SelectToken|" msgid "Please select the security token" msgstr "SVP sélectionner le jeton de sécurité" #: ../widgets/TempTreeView.cpp:25 msgctxt "TempTreeView|" msgid "Duplicate" msgstr "Dupliquer" #: ../widgets/TempTreeView.cpp:26 msgctxt "TempTreeView|" msgid "Create certificate" msgstr "Créer un certificat" #: ../widgets/TempTreeView.cpp:27 msgctxt "TempTreeView|" msgid "Create request" msgstr "Créer une requête" #: ../widgets/TempTreeView.cpp:38 msgctxt "TempTreeView|" msgid "copy" msgstr "copier" #: ../widgets/TempTreeView.cpp:86 msgctxt "TempTreeView|" msgid "Preset Template values" msgstr "Initialiser les valeurs du modèle" #: ../widgets/TempTreeView.cpp:124 msgctxt "TempTreeView|" msgid "Template export" msgstr "Exporter le modèle" #: ../widgets/TempTreeView.cpp:125 msgctxt "TempTreeView|" msgid "XCA Templates ( *.xca )" msgstr "Modèles XCA ( *.xca )" #: ../widgets/validity.cpp:91 msgctxt "Validity|" msgid "yyyy-MM-dd hh:mm" msgstr "yyyy-MM-dd hh:mm" #: ../widgets/X509SuperTreeView.cpp:28 msgctxt "X509SuperTreeView|" msgid "Transform" msgstr "Transformer" #: ../widgets/X509SuperTreeView.cpp:29 msgctxt "X509SuperTreeView|" msgid "Template" msgstr "Modèle" #: ../widgets/X509SuperTreeView.cpp:30 msgctxt "X509SuperTreeView|" msgid "Public key" msgstr "Clé publique" #: ../lib/xfile.h:28 #, qt-format msgctxt "XFile|" msgid "Error opening file: '%1': %2" msgstr "Erreur d'ouverture du fichier: '%1': %2" #: ../lib/xfile.h:41 #, qt-format msgctxt "XFile|" msgid "Error rewinding file: '%1': %2" msgstr "Erreur de repositionnement du fichier: '%1' %2" #: ../widgets/XcaDetail.cpp:47 msgctxt "XcaDetail|" msgid "Import" msgstr "Importer" #: ../widgets/XcaTreeView.cpp:332 msgctxt "XcaTreeView|" msgid "Item properties" msgstr "Propriétés de l'élement" #: ../widgets/XcaTreeView.cpp:402 msgctxt "XcaTreeView|" msgid "Subject entries" msgstr "Inscriptions du sujet" #: ../widgets/XcaTreeView.cpp:403 msgctxt "XcaTreeView|" msgid "X509v3 Extensions" msgstr "Extensions X509v3" #: ../widgets/XcaTreeView.cpp:404 msgctxt "XcaTreeView|" msgid "Netscape extensions" msgstr "Extensions Netscape" #: ../widgets/XcaTreeView.cpp:405 msgctxt "XcaTreeView|" msgid "Key properties" msgstr "Propriétés de la clé" #: ../widgets/XcaTreeView.cpp:406 msgctxt "XcaTreeView|" msgid "Reset" msgstr "Réinitialisation" #: ../widgets/XcaTreeView.cpp:409 msgctxt "XcaTreeView|" msgid "Hide Column" msgstr "Cacher la colonne" #: ../widgets/XcaTreeView.cpp:411 msgctxt "XcaTreeView|" msgid "Details" msgstr "Détails" #: ../widgets/XcaTreeView.cpp:452 msgctxt "XcaTreeView|" msgid "Columns" msgstr "Colonnes" #: ../widgets/XcaTreeView.cpp:509 msgctxt "XcaTreeView|" msgid "Export Password" msgstr "Mot de passe d'exportation" #: ../widgets/XcaTreeView.cpp:510 #, qt-format msgctxt "" "XcaTreeView|Singular form for 0 or 1 item can be ignored. Will always be " "called with n >= 2" msgid "" "Please enter the password to encrypt all %n exported private key(s) in:\n" "%1" msgid_plural "" "Please enter the password to encrypt all %n exported private key(s) in:\n" "%1" msgstr[0] "" "SVP saisir le mot de passe pour chiffrer les %n clé(s) privée(s) exportée(s) " "vers:\n" "%1" msgstr[1] "" "SVP saisir le mot de passe pour chiffrer les %n clé(s) privée(s) exportée(s) " "vers:\n" "%1" #: ../widgets/XcaTreeView.cpp:553 msgctxt "XcaTreeView|" msgid "New" msgstr "Créer" #: ../widgets/XcaTreeView.cpp:554 msgctxt "XcaTreeView|" msgid "Import" msgstr "Importer" #: ../widgets/XcaTreeView.cpp:555 msgctxt "XcaTreeView|" msgid "Paste PEM data" msgstr "Coller les données en format PEM" #: ../widgets/XcaTreeView.cpp:559 msgctxt "XcaTreeView|" msgid "Rename" msgstr "Renommer" #: ../widgets/XcaTreeView.cpp:560 msgctxt "XcaTreeView|" msgid "Properties" msgstr "Propriétés" #: ../widgets/XcaTreeView.cpp:563 msgctxt "XcaTreeView|" msgid "Delete" msgstr "Enlever" #: ../widgets/XcaTreeView.cpp:565 msgctxt "XcaTreeView|" msgid "Export" msgstr "Exporter" #: ../widgets/XcaTreeView.cpp:567 msgctxt "XcaTreeView|" msgid "Clipboard" msgstr "Presse-papier" #: ../widgets/XcaTreeView.cpp:573 msgctxt "XcaTreeView|" msgid "File" msgstr "Fichier" #: ../widgets/XcaTreeView.cpp:635 msgctxt "XcaTreeView|" msgid "Clipboard format" msgstr "Format du presse-papier" #: ../lib/database_model.cpp:168 #, qt-format msgctxt "database_model|" msgid "" "Please enter the password to access the database server %2 as user '%1'." msgstr "" "SVP saisir le mot de passe de l'utilisateur '%1' sur le serveur de base de " "données %2." #: ../lib/database_model.cpp:286 #, qt-format msgctxt "database_model|" msgid "Unable to create '%1': %2" msgstr "Impossible de créer '%1': %2" #: ../lib/database_model.cpp:449 #, qt-format msgctxt "database_model|" msgid "The file '%1' is not an XCA database" msgstr "Le fichier '%1' n'est pas une base de données XCA" #: ../lib/database_model.cpp:476 msgctxt "database_model|" msgid "" "No SqLite3 driver available. Please install the qt-sqlite package of your " "distribution" msgstr "" "Le pilote SqLite3 n'est pas disponible. SVP installez le paquetage qt-sqlite " "de votre distribution" #: ../lib/database_model.cpp:517 msgctxt "database_model|" msgid "New Password" msgstr "Nouveau mot de passe" #: ../lib/database_model.cpp:517 #, qt-format msgctxt "database_model|" msgid "" "Please enter a password, that will be used to encrypt your private keys in " "the database:\n" "%1" msgstr "" "Veuillez saisir un mot de passe, qui sera utilisé pour chiffrer vos clés " "privées dans la base de données:\n" "%1" #: ../lib/database_model.cpp:537 msgctxt "database_model|" msgid "Password" msgstr "Mot de passe" #: ../lib/database_model.cpp:538 #, qt-format msgctxt "database_model|" msgid "" "Please enter the password for unlocking the database:\n" "%1" msgstr "" "Veuillez entrer le mot passe pour déverrouiller la base de données:\n" "%1" #: ../lib/db_base.cpp:160 msgctxt "db_base|" msgid "Internal name" msgstr "Nom interne" #: ../lib/db_base.cpp:161 msgctxt "db_base|" msgid "No." msgstr "No." #: ../lib/db_base.cpp:162 msgctxt "db_base|" msgid "Primary key" msgstr "Clé primaire" #: ../lib/db_base.cpp:163 msgctxt "db_base|" msgid "Database unique number" msgstr "Numéro unique de la base de données" #: ../lib/db_base.cpp:164 msgctxt "db_base|" msgid "Date" msgstr "Date" #: ../lib/db_base.cpp:165 msgctxt "db_base|" msgid "Date of creation or insertion" msgstr "Date de création ou d'importation" #: ../lib/db_base.cpp:166 msgctxt "db_base|" msgid "Source" msgstr "Source" #: ../lib/db_base.cpp:167 msgctxt "db_base|" msgid "Generated, Imported, Transformed" msgstr "Généré, Importé, Transformé" #: ../lib/db_base.cpp:168 msgctxt "db_base|" msgid "Comment" msgstr "Commentaire" #: ../lib/db_base.cpp:169 msgctxt "db_base|" msgid "First line of the comment field" msgstr "Première ligne du champ de commentaire" #: ../lib/db_base.cpp:231 #, qt-format msgctxt "db_base|" msgid "Import from: %1" msgstr "Importer à partir de: %1" #: ../lib/db_base.cpp:374 #, qt-format msgctxt "db_base|" msgid "Could not create directory %1" msgstr "Impossible de créer le répertoire %1" #: ../lib/db_crl.cpp:26 msgctxt "db_crl|" msgid "Signer" msgstr "Signataire" #: ../lib/db_crl.cpp:27 msgctxt "db_crl|" msgid "Internal name of the signer" msgstr "Nom interne du signataire" #: ../lib/db_crl.cpp:28 msgctxt "db_crl|" msgid "No. revoked" msgstr "Numéro révoqué" #: ../lib/db_crl.cpp:29 msgctxt "db_crl|" msgid "Number of revoked certificates" msgstr "Nombre de certificats révoqués" #: ../lib/db_crl.cpp:30 msgctxt "db_crl|" msgid "Last update" msgstr "Dernière mise-à-jour" #: ../lib/db_crl.cpp:31 msgctxt "db_crl|" msgid "Next update" msgstr "Prochaine mise-à-jour" #: ../lib/db_crl.cpp:32 msgctxt "db_crl|" msgid "CRL number" msgstr "Numéro de la liste de révocation" #: ../lib/db_crl.cpp:95 #, qt-format msgctxt "db_crl|" msgid "" "The revocation list already exists in the database as:\n" "'%1'\n" "and so it was not imported" msgstr "" "Cette liste de révocation figure déjà dans la base de données sous le nom:\n" "'%1'\n" "En conséquence, elle n'a pas été importée" #: ../lib/db_crl.cpp:169 msgctxt "db_crl|" msgid "Failed to initiate DB transaction" msgstr "Impossible de démarrer la transaction BDD" #: ../lib/db_crl.cpp:179 ../lib/db_crl.cpp:187 ../lib/db_crl.cpp:191 #, qt-format msgctxt "db_crl|" msgid "Database error: %1" msgstr "Erreur de la base de données: %1" #: ../lib/db_key.cpp:53 msgctxt "db_key|" msgid "Type" msgstr "Type" #: ../lib/db_key.cpp:54 msgctxt "db_key|" msgid "Size" msgstr "Taille" #: ../lib/db_key.cpp:56 msgctxt "db_key|" msgid "EC Group" msgstr "Groupe EC" #: ../lib/db_key.cpp:58 msgctxt "db_key|" msgid "Use" msgstr "Usage" #: ../lib/db_key.cpp:59 msgctxt "db_key|" msgid "Password" msgstr "Mot de passe" #: ../lib/db_key.cpp:133 #, qt-format msgctxt "db_key|" msgid "" "The key is already in the database as:\n" "'%1'\n" "and is not going to be imported" msgstr "" "Cette clé figure déjà dans la base de données sous le nom:\n" "'%1'\n" "En conséquence, elle ne va pas être importée" #: ../lib/db_key.cpp:138 #, qt-format msgctxt "db_key|" msgid "" "The database already contains the public part of the imported key as\n" "'%1\n" "and will be completed by the new, private part of the key" msgstr "" "La base de données connait déjà la partie publique de la clé importée sous " "le nom\n" "'%1'\n" "En conséquence, cette dernière sera complétée par la partie privée de la clé " "importée" #: ../lib/db_key.cpp:140 #, qt-format msgctxt "db_key|" msgid "Extending public key from %1 by imported key '%2'" msgstr "Extension de la clé publique de %1 par la clé importée '%2'" #: ../lib/db_key.cpp:156 msgctxt "db_key|" msgid "Key size too small !" msgstr "Taille de clé trop petite !" #: ../lib/db_key.cpp:160 #, qt-format msgctxt "db_key|" msgid "You are sure to create a key of the size: %1 ?" msgstr "Etes-vous sûr de vouloir créer une clé de taille %1 ?" #: ../lib/db_key.cpp:284 #, qt-format msgctxt "db_key|" msgid "" "Internal key update: The keys: %1 must be updated once by resetting and " "setting its private password" msgstr "" "Mise-à-jour interne des clés: Les clés: '%1' doivent être mises à jour une " "seule fois par réinitialisation du mot de passe privé" #: ../lib/db_key.cpp:298 msgctxt "db_key|" msgid "Tried to change password of a token" msgstr "Tentative de changement de mot de passe d'un jeton de sécurité" #: ../lib/db_temp.cpp:59 #, qt-format msgctxt "db_temp|" msgid "Bad template: %1" msgstr "Mauvais modèle: %1" #: ../lib/db_temp.cpp:32 msgctxt "db_temp|" msgid "Empty template" msgstr "Modèle vide" #: ../lib/db_x509.cpp:77 msgctxt "db_x509|" msgid "CA" msgstr "CA" #: ../lib/db_x509.cpp:78 msgctxt "db_x509|" msgid "reflects the basic Constraints extension" msgstr "reflète l'extension des contraintes basiques" #: ../lib/db_x509.cpp:79 msgctxt "db_x509|" msgid "Serial" msgstr "Numéro de série" #: ../lib/db_x509.cpp:83 msgctxt "db_x509|" msgid "Start date" msgstr "Date de début" #: ../lib/db_x509.cpp:85 msgctxt "db_x509|" msgid "Expiry date" msgstr "Date d'expiration" #: ../lib/db_x509.cpp:80 msgctxt "db_x509|" msgid "MD5 fingerprint" msgstr "Empreinte MD5" #: ../lib/db_x509.cpp:81 msgctxt "db_x509|" msgid "SHA1 fingerprint" msgstr "Empreinte SHA1" #: ../lib/db_x509.cpp:82 msgctxt "db_x509|" msgid "SHA256 fingerprint" msgstr "Empreinte SHA256" #: ../lib/db_x509.cpp:84 msgctxt "db_x509|" msgid "Not before" msgstr "Pas avant" #: ../lib/db_x509.cpp:86 msgctxt "db_x509|" msgid "Not after" msgstr "Pas après" #: ../lib/db_x509.cpp:87 msgctxt "db_x509|" msgid "Revocation" msgstr "Révocation" #: ../lib/db_x509.cpp:88 msgctxt "db_x509|" msgid "CRL Expiration" msgstr "Expiration de la CRL" #: ../lib/db_x509.cpp:314 msgctxt "db_x509|" msgid "Failed to retrieve unique random serial" msgstr "L'extraction d'un numéro de série aléatoire a échoué" #: ../lib/db_x509.cpp:337 #, qt-format msgctxt "db_x509|" msgid "" "The certificate already exists in the database as:\n" "'%1'\n" "and so it was not imported" msgstr "" "Ce certificat figure déjà dans la base de données sous le nom:\n" "'%1'\n" "En conséquence, il n'a pas été importé" #: ../lib/db_x509.cpp:363 #, qt-format msgctxt "db_x509|" msgid "Signed on %1 by '%2'" msgstr "Signé le %1 par '%2'" #: ../lib/db_x509.cpp:364 msgctxt "db_x509|" msgid "Unknown" msgstr "Inconnu" #: ../lib/db_x509.cpp:454 msgctxt "db_x509|" msgid "Invalid public key" msgstr "Clé publique invalide" #: ../lib/db_x509.cpp:480 msgctxt "db_x509|" msgid "The key you selected for signing is not a private one." msgstr "La clé sélectionnée pour la signature n'est pas une clé privée." #: ../lib/db_x509.cpp:266 #, qt-format msgctxt "db_x509|" msgid "Failed to create directory '%1'" msgstr "Impossible de créer le répertoire %1" #: ../lib/db_x509.cpp:521 #, qt-format msgctxt "db_x509|" msgid "Store the certificate to the key on the token '%1 (#%2)' ?" msgstr "Enregistrer le certificate avec la clé sur le jeton '%1 (#%2)' ?" #: ../lib/db_x509.cpp:617 ../lib/db_x509.cpp:703 #, qt-format msgctxt "db_x509|" msgid "There was no key found for the Certificate: '%1'" msgstr "Aucune clé n'a été trouvée pour le Certificat. '%1'" #: ../lib/db_x509.cpp:620 #, qt-format msgctxt "db_x509|" msgid "Not possible for a token key: '%1'" msgstr "Impossible pour une clé d'un jeton de sécurité: '%1'" #: ../lib/db_x509.cpp:707 #, qt-format msgctxt "db_x509|" msgid "Not possible for the token-key Certificate '%1'" msgstr "Impossible pour le certificat d'une clé d'un jeton de sécurité: '%1'" #: ../lib/db_x509super.cpp:27 msgctxt "db_x509name|" msgid "Subject" msgstr "Sujet" #: ../lib/db_x509super.cpp:28 msgctxt "db_x509name|" msgid "Complete distinguished name" msgstr "Nom distinctif complet" #: ../lib/db_x509super.cpp:29 msgctxt "db_x509name|" msgid "Subject hash" msgstr "Hachage du sujet" #: ../lib/db_x509super.cpp:30 msgctxt "db_x509name|" msgid "Hash to lookup certs in directories" msgstr "Hachage de recherche dans un dossier" #: ../lib/db_x509req.cpp:29 msgctxt "db_x509req|" msgid "Signed" msgstr "Signée" #: ../lib/db_x509req.cpp:30 msgctxt "db_x509req|" msgid "whether the request is already signed or not" msgstr "si la requête a déjà été signée ou non" #: ../lib/db_x509req.cpp:31 msgctxt "db_x509req|" msgid "Unstructured name" msgstr "Nom non-structuré" #: ../lib/db_x509req.cpp:33 msgctxt "db_x509req|" msgid "Challenge password" msgstr "Mot de passe challenge" #: ../lib/db_x509req.cpp:35 msgctxt "db_x509req|" msgid "Certificate count" msgstr "Nombre de certificats" #: ../lib/db_x509req.cpp:36 msgctxt "db_x509req|" msgid "Number of certificates in the database with the same public key" msgstr "Nombre de certificats dans la base de données avec la même clé" #: ../lib/db_x509req.cpp:53 #, qt-format msgctxt "db_x509req|" msgid "" "The certificate signing request already exists in the database as\n" "'%1'\n" "and thus was not stored" msgstr "" "Cette requête de signature figure déjà dans la base de données sous le nom\n" "'%1'\n" "En conséquence, elle n'a pas été chargée" #: ../lib/db_x509super.cpp:77 msgctxt "db_x509super|" msgid "Key name" msgstr "Nom de la clé" #: ../lib/db_x509super.cpp:78 msgctxt "db_x509super|" msgid "Internal name of the key" msgstr "Nom interne de la clé" #: ../lib/db_x509super.cpp:80 msgctxt "db_x509super|" msgid "Signature algorithm" msgstr "Algorithme de signature" #: ../lib/db_x509super.cpp:81 msgctxt "db_x509super|" msgid "Key type" msgstr "Type de clé" #: ../lib/db_x509super.cpp:82 msgctxt "db_x509super|" msgid "Key size" msgstr "Taille de la clé" #: ../lib/db_x509super.cpp:84 msgctxt "db_x509super|" msgid "EC Group" msgstr "Groupe EC" #: ../lib/db_x509super.cpp:138 #, qt-format msgctxt "db_x509super|" msgid "Extracted from %1 '%2'" msgstr "Extrait de %1 '%2'" #: ../lib/db_x509super.cpp:140 ../lib/db_x509super.cpp:168 msgctxt "db_x509super|" msgid "Certificate" msgstr "Certificat" #: ../lib/db_x509super.cpp:140 ../lib/db_x509super.cpp:168 msgctxt "db_x509super|" msgid "Certificate request" msgstr "Requête de certificat" #: ../lib/db_x509super.cpp:163 msgctxt "db_x509super|" msgid "The following extensions were not ported into the template" msgstr "Les extensions suivantes n'ont pas été enregistrées dans le modèle" #: ../lib/db_x509super.cpp:166 #, qt-format msgctxt "db_x509super|" msgid "Transformed from %1 '%2'" msgstr "Transformé à partir de %1 '%2'" #: ../widgets/kvView.cpp:164 msgctxt "kvView|" msgid "Type" msgstr "Type" #: ../widgets/kvView.cpp:164 msgctxt "kvView|" msgid "Content" msgstr "Contenu" #: ../lib/pass_info.cpp:12 msgctxt "pass_info|" msgid "Password" msgstr "Mot de passe" #: ../lib/pass_info.cpp:18 msgctxt "pass_info|" msgid "PIN" msgstr "NIP" #: ../lib/pkcs11_lib.cpp:36 #, qt-format msgctxt "pkcs11_lib|" msgid "Failed to open PKCS11 library: %1: %2" msgstr "L'ouverture de la bibliothèque PKCS11 a échoué: %1: %2" #: ../lib/pkcs11_lib.cpp:42 msgctxt "pkcs11_lib|" msgid "" "This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not " "found." msgstr "" "Cela n'a pas l'air d'une bibliothèque PKCS#11. Le symbole " "'C_GetFunctionList' n'a pas été trouvé." #: ../lib/pki_base.cpp:282 msgctxt "pki_base|" msgid "Unknown" msgstr "Inconnu" #: ../lib/pki_base.cpp:283 msgctxt "pki_base|" msgid "Imported" msgstr "Importé" #: ../lib/pki_base.cpp:284 msgctxt "pki_base|" msgid "Generated" msgstr "Généré" #: ../lib/pki_base.cpp:285 msgctxt "pki_base|" msgid "Transformed" msgstr "Transformé" #: ../lib/pki_base.cpp:286 msgctxt "pki_base|" msgid "Token" msgstr "Jeton" #: ../lib/pki_base.cpp:287 msgctxt "pki_base|" msgid "Legacy Database" msgstr "Base de données antérieure" #: ../lib/pki_base.cpp:288 msgctxt "pki_base|" msgid "Renewed" msgstr "Renouvelé" #: ../lib/pki_base.cpp:433 #, qt-format msgctxt "pki_base|" msgid "Property '%1' not listed in 'pki_base::print'" msgstr "Propriété '%1' non listée dans 'pki_base::print'" #: ../lib/pki_base.cpp:113 #, qt-format msgctxt "pki_base|" msgid "Internal error: Unexpected message: %1 %2" msgstr "Erreur interne: message inattendu: %1 %2" #: ../lib/pki_crl.cpp:59 #, qt-format msgctxt "pki_crl|" msgid "Successfully imported the revocation list '%1'" msgstr "La liste de révocation '%1' a été importée avec succès" #: ../lib/pki_crl.cpp:61 #, qt-format msgctxt "pki_crl|" msgid "Successfully created the revocation list '%1'" msgstr "La liste de révocation '%1' a été créée avec succès" #: ../lib/pki_crl.cpp:60 #, qt-format msgctxt "pki_crl|" msgid "Delete the %n revocation list(s): '%1'?" msgid_plural "Delete the %n revocation list(s): '%1'?" msgstr[0] "Détruire les %n liste(s) de révocation '%1' ?" msgstr[1] "Détruire les %n liste(s) de révocation '%1' ?" #: ../lib/pki_crl.cpp:145 #, qt-format msgctxt "pki_crl|" msgid "" "Unable to load the revocation list in file %1. Tried PEM and DER formatted " "CRL." msgstr "" "Impossible de charger le liste de révocation du fichier %1. Les formats PEM " "et DER ont été essayés." #: ../lib/pki_crl.cpp:160 msgctxt "pki_crl|" msgid "No issuer given" msgstr "Aucun signataire spécifié" #: ../lib/pki_crl.cpp:421 #, qt-format msgctxt "pki_crl|" msgid "CRL Renewal of CA '%1' due" msgstr "Le renouvellement de la liste de révocation du CA '%1' est nécessaire" #: ../lib/pki_crl.cpp:422 #, qt-format msgctxt "pki_crl|" msgid "" "The latest CRL issued by the CA '%1' will expire on %2.\n" "It is stored in the XCA database '%3'" msgstr "" "La dernière liste de révocation générée par le CA '%1' expirera le %2.\n" "Elle est stockée dans la base de données XCA '%3'" #: ../lib/pki_crl.cpp:430 #, qt-format msgctxt "pki_crl|" msgid "Renew CRL: %1" msgstr "Renouvellement de CRL: %1" #: ../lib/pki_crl.cpp:431 #, qt-format msgctxt "pki_crl|" msgid "" "The XCA CRL '%1', issued on %3 will expire on %4.\n" "It is stored in the XCA database '%5'" msgstr "" "La liste de révocation XCA '%1', émise le %3 expirera le %4.\n" "Elle est stockée dans la base de données XCA '%5'" #: ../lib/pki_evp.cpp:240 #, qt-format msgctxt "pki_evp|" msgid "Please enter the password to decrypt the private key %1." msgstr "SVP saisir le mot de passe pour déchiffrer la clé privée %1," #: ../lib/pki_evp.cpp:308 #, qt-format msgctxt "pki_evp|" msgid "The key from file '%1' is incomplete or inconsistent." msgstr "La clé dans le fichier '%1' est incomplète ou incorrecte." #: ../lib/pki_evp.cpp:397 #, qt-format msgctxt "pki_evp|" msgid "" "Please enter the password to decrypt the private key from file:\n" "%1" msgstr "" "SVP saisir le mot de passe pour déchiffrer la clé privée du fichier:\n" "%1" #: ../lib/pki_evp.cpp:464 #, qt-format msgctxt "pki_evp|" msgid "" "Unable to load the private key in file %1. Tried PEM and DER private, " "public, PKCS#8 key types and SSH2 format." msgstr "" "Impossible de charger la clé privée du fichier %1. Les formats PEM et DER " "ainsi que les types de clés privé, public, PKCS#8 et le format SSH2 ont été " "essayés." #: ../lib/pki_evp.cpp:487 #, qt-format msgctxt "pki_evp|" msgid "Please enter the password to decrypt the private key: '%1'" msgstr "SVP saisir le mot de passe pour déchiffrer la clé privée: '%1'" #: ../lib/pki_evp.cpp:490 ../lib/pki_evp.cpp:501 msgctxt "pki_evp|" msgid "Password input aborted" msgstr "Saisie du mot de passe abandonnée" #: ../lib/pki_evp.cpp:497 #, qt-format msgctxt "pki_evp|" msgid "Please enter the database password for decrypting the key '%1'" msgstr "" "SVP saisir le mot de passe de la base de données pour déchiffrer la clé '%1'" #: ../lib/pki_evp.cpp:521 #, qt-format msgctxt "pki_evp|" msgid "Decryption of private key '%1' failed" msgstr "Le déchiffrement de la clé privée '%1' a échoué" #: ../lib/pki_evp.cpp:649 #, qt-format msgctxt "pki_evp|" msgid "Please enter the password to protect the private key: '%1'" msgstr "SVP saisir le mot de passe pour protéger la clé privée: '%1'" #: ../lib/pki_evp.cpp:667 msgctxt "pki_evp|" msgid "Please enter the database password for encrypting the key" msgstr "SVP saisir le mot de passe de la base de données pour chiffrer la clé" #: ../lib/pki_evp.cpp:849 #, qt-format msgctxt "pki_evp|" msgid "" "Please enter the password to protect the PKCS#8 key '%1' in file:\n" "%2" msgstr "" "SVP saisir le mot de passe protégeant la clé en PKCS#8 '%1' dans le fichier\n" "%2" #: ../lib/pki_evp.cpp:906 #, qt-format msgctxt "pki_evp|" msgid "" "Please enter the password to protect the private key '%1' in file:\n" "%2" msgstr "" "SVP saisir le mot de passe pour protéger la clé privée '%1' dans le " "fichier:\n" "%2" #: ../lib/pki_export.cpp:64 ../lib/pki_export.cpp:99 ../lib/pki_export.cpp:103 msgctxt "pki_export|" msgid "PEM Text format with headers" msgstr "Format textuel PEM avec des en-têtes" #: ../lib/pki_export.cpp:65 msgctxt "pki_export|" msgid "PEM selected" msgstr "PEM sélectionné" #: ../lib/pki_export.cpp:65 msgctxt "pki_export|" msgid "Concatenated list of all selected certificates in one PEM text file" msgstr "" "Concaténation de tous les certificats sélectionnés dans un seul fichier " "texte en format PEM" #: ../lib/pki_export.cpp:66 msgctxt "pki_export|" msgid "PEM chain" msgstr "Chaîne en PEM" #: ../lib/pki_export.cpp:66 msgctxt "pki_export|" msgid "" "Concatenated text format of the complete certificate chain in one PEM file" msgstr "" "Fichier PEM contenant la concaténation de tous les certificats de la chaîne" #: ../lib/pki_export.cpp:67 msgctxt "pki_export|" msgid "" "The complete certificate chain and the private key of the selected " "certificate with tags usable in OpenVPN configuration files" msgstr "" "La chaîne complète des certificats et la clé privée du certificat " "sélectionné avec des balises utilisables dans les fichiers de configuration " "d'OpenVPN" #: ../lib/pki_export.cpp:68 msgctxt "pki_export|" msgid "PEM + key" msgstr "PEM + clé" #: ../lib/pki_export.cpp:68 msgctxt "pki_export|" msgid "" "Concatenation of the certificate and the unencrypted private key in one PEM " "file" msgstr "" "La concaténation du certificat et de sa clé privée non-chiffrée dans un seul " "fichier PEM" #: ../lib/pki_export.cpp:69 msgctxt "pki_export|" msgid "" "Concatenation of the certificate and the encrypted private key in PKCS#8 " "format in one file" msgstr "" "La concaténation du certificat et de sa clé privée chiffrée en format PKCS#8 " "dans un seul fichier" #: ../lib/pki_export.cpp:70 msgctxt "pki_export|" msgid "All unusable" msgstr "Tous les inutilisables" #: ../lib/pki_export.cpp:70 msgctxt "pki_export|" msgid "Concatenation of all expired or revoked certificates in one PEM file" msgstr "" "Concaténation de tous les certificats expirés ou révoqués dans un seul " "fichier texte en format PEM" #: ../lib/pki_export.cpp:71 msgctxt "pki_export|" msgid "PKCS#7 encoded single certificate" msgstr "Un seul certificat en format PKCS#7" #: ../lib/pki_export.cpp:72 msgctxt "pki_export|" msgid "All selected certificates encoded in one PKCS#7 file" msgstr "" "Tous les certificats sélectionnés dans un seul fichier en format PKCS#7" #: ../lib/pki_export.cpp:73 msgctxt "pki_export|" msgid "PKCS #7 chain" msgstr "Chaîne PKCS#7" #: ../lib/pki_export.cpp:73 msgctxt "pki_export|" msgid "PKCS#7 encoded complete certificate chain" msgstr "La chaîne complète de certificats en format PKCS#7" #: ../lib/pki_export.cpp:74 msgctxt "pki_export|" msgid "PKCS #7 unusable" msgstr "PKCS #7 inutilisable" #: ../lib/pki_export.cpp:74 msgctxt "pki_export|" msgid "PKCS#7 encoded collection of all expired or revoked certificates" msgstr "Collection PKCS#7 chiffrée de tous les certificats expirés ou révoqués" #: ../lib/pki_export.cpp:75 msgctxt "pki_export|" msgid "Binary DER encoded certificate" msgstr "Certificat codé en format binaire DER" #: ../lib/pki_export.cpp:76 msgctxt "pki_export|" msgid "PKCS #12 chain" msgstr "Chaîne PKCS #12" #: ../lib/pki_export.cpp:76 msgctxt "pki_export|" msgid "" "The complete certificate chain and the private key as encrypted PKCS#12 file" msgstr "" "La chaîne complète des certificats et la clé privée en un seul fichier " "chiffré en format PKCS#12" #: ../lib/pki_export.cpp:77 msgctxt "pki_export|" msgid "PKCS #12" msgstr "PKCS #12" #: ../lib/pki_export.cpp:77 msgctxt "pki_export|" msgid "The certificate and the private key as encrypted PKCS#12 file" msgstr "Le certificat et sa clé privée dans un fichier en format PKCS#12" #: ../lib/pki_export.cpp:78 msgctxt "pki_export|" msgid "Certificate Index file" msgstr "Fichier d'index des certificats" #: ../lib/pki_export.cpp:78 msgctxt "pki_export|" msgid "" "OpenSSL specific Certificate Index file as created by the 'ca' command and " "required by the OCSP tool" msgstr "" "Fichier d'index des certificats spécifique à OpenSSL, tel que créé par la " "commande 'ca' et nécessaire à l'outil OCSP" #: ../lib/pki_export.cpp:79 ../lib/pki_export.cpp:105 msgctxt "pki_export|" msgid "vCalendar" msgstr "Message vCalendar" #: ../lib/pki_export.cpp:79 msgctxt "pki_export|" msgid "vCalendar expiry reminder for the selected items" msgstr "message vCalendar de rappel d'expiration des éléments sélectionnés" #: ../lib/pki_export.cpp:80 msgctxt "pki_export|" msgid "CA vCalendar" msgstr "message vCalendar pour le CA" #: ../lib/pki_export.cpp:80 msgctxt "pki_export|" msgid "" "vCalendar expiry reminder containing all issued, valid certificates, the CA " "itself and the latest CRL" msgstr "" "message vCalendar de rappel d'expiration contenant tous les certificats " "valides émis, le CA lui-même et la liste de révocation la plus récente" #: ../lib/pki_export.cpp:81 ../lib/pki_export.cpp:101 msgctxt "pki_export|" msgid "OpenSSL config" msgstr "Configuration OpenSSL" #: ../lib/pki_export.cpp:81 ../lib/pki_export.cpp:101 msgctxt "pki_export|" msgid "" "OpenSSL configuration file to create a certificate or request with the " "openssl commandline tool" msgstr "" "Fichier de configuration OpenSSL pour créer un certificat ou une requête au " "moyen de l'outil openssl en ligne de commande" #: ../lib/pki_export.cpp:82 msgctxt "pki_export|" msgid "OpenVPN tls-auth key" msgstr "clé tls-auth de OpenVPN" #: ../lib/pki_export.cpp:82 msgctxt "pki_export|" msgid "The OpenVPN tls-auth key is a secret key shared between endpoints" msgstr "" "La clé tls-auth de OpenVPN est une clé secrète partagée entre les points " "d'accès" #: ../lib/pki_export.cpp:83 msgctxt "pki_export|" msgid "JSON Web Kit" msgstr "JSON Web Kit" #: ../lib/pki_export.cpp:83 msgctxt "pki_export|" msgid "" "The public key of the certificate in JSON Web Kit format with X.509 " "Certificate Thumbprint (x5t)" msgstr "" "La clé publique du certificat en format JSON Web Kit avec une empreinte " "lisible du certificat X.509 (x5t)" #: ../lib/pki_export.cpp:84 msgctxt "pki_export|" msgid "JSON Web Kit chain" msgstr "Chaîne JSON Web Kit" #: ../lib/pki_export.cpp:84 msgctxt "pki_export|" msgid "" "The public key of the certificate in JSON Web Kit format with X.509 " "Certificate Thumbprint (x5t) and certificate chain (x5c)" msgstr "" "La clé publique du certificat en format JSON Web Kit avec une empreinte du " "certificat X.509 et la chaîne des certificats signataires (x5c)" #: ../lib/pki_export.cpp:86 msgctxt "pki_export|" msgid "PEM public" msgstr "clé publique PEM" #: ../lib/pki_export.cpp:86 msgctxt "pki_export|" msgid "Text format of the public key in one PEM file" msgstr "Formattage textuel de la clé publique dans un fichier PEM" #: ../lib/pki_export.cpp:87 msgctxt "pki_export|" msgid "PEM private" msgstr "Clé privée PEM" #: ../lib/pki_export.cpp:87 ../lib/pki_export.cpp:89 msgctxt "pki_export|" msgid "Unencrypted private key in text format" msgstr "Clé privée non-chiffrée en format texte" #: ../lib/pki_export.cpp:88 msgctxt "pki_export|" msgid "PEM encrypted" msgstr "Chiffrée en PEM" #: ../lib/pki_export.cpp:88 msgctxt "pki_export|" msgid "OpenSSL specific encrypted private key in text format" msgstr "Clé privée chiffrée spécifiquement par OpenSSL en format texte" #: ../lib/pki_export.cpp:89 msgctxt "pki_export|" msgid "SSH2 private" msgstr "Clé privée SSH2" #: ../lib/pki_export.cpp:90 msgctxt "pki_export|" msgid "SSH2 public" msgstr "Clé publique SSH2" #: ../lib/pki_export.cpp:90 msgctxt "pki_export|" msgid "The public key encoded in SSH2 format" msgstr "La clé publique codée en format SSH2" #: ../lib/pki_export.cpp:91 msgctxt "pki_export|" msgid "DER public" msgstr "Clé publique DER" #: ../lib/pki_export.cpp:91 msgctxt "pki_export|" msgid "Binary DER format of the public key" msgstr "Format binaire DER de la clé publique" #: ../lib/pki_export.cpp:92 msgctxt "pki_export|" msgid "DER private" msgstr "Clé privée DER" #: ../lib/pki_export.cpp:92 msgctxt "pki_export|" msgid "Unencrypted private key in binary DER format" msgstr "Clé privée non-chiffrée en format binaire DER" #: ../lib/pki_export.cpp:93 msgctxt "pki_export|" msgid "PVK private" msgstr "Clé privée PVK" #: ../lib/pki_export.cpp:93 msgctxt "pki_export|" msgid "Private key in Microsoft PVK format not encrypted" msgstr "La clé privée en format Microsoft PVK n'est pas chiffrée" #: ../lib/pki_export.cpp:94 msgctxt "pki_export|" msgid "PKCS #8 encrypted" msgstr "Chiffrée en PKCS #8" #: ../lib/pki_export.cpp:94 msgctxt "pki_export|" msgid "Encrypted private key in PKCS#8 text format" msgstr "Clé privée chiffrée en format texte PKCS#8" #: ../lib/pki_export.cpp:95 msgctxt "pki_export|" msgid "PKCS #8" msgstr "PKCS #8" #: ../lib/pki_export.cpp:95 msgctxt "pki_export|" msgid "Unencrypted private key in PKCS#8 text format" msgstr "Clé privée non-chiffrée en format texte PKCS#8" #: ../lib/pki_export.cpp:96 msgctxt "pki_export|" msgid "JSON Web Key private" msgstr "Clé privée JSON Web Kit" #: ../lib/pki_export.cpp:96 msgctxt "pki_export|" msgid "Unencrypted private key in JSON Web Key format" msgstr "Clé privée non-chiffrée en format JSON Web Kit" #: ../lib/pki_export.cpp:97 msgctxt "pki_export|" msgid "JSON Web Key public" msgstr "Clé publique JSON Web Kit" #: ../lib/pki_export.cpp:97 msgctxt "pki_export|" msgid "Public key in JSON Web Key format" msgstr "La clé publique codée en format JSON Web Kit" #: ../lib/pki_export.cpp:100 msgctxt "pki_export|" msgid "Binary DER format of the certificate request" msgstr "Format binaire DER de la clé publique" #: ../lib/pki_export.cpp:104 msgctxt "pki_export|" msgid "Binary DER format of the revocation list" msgstr "Format binaire DER de la liste de révocation" #: ../lib/pki_export.cpp:105 msgctxt "pki_export|" msgid "vCalendar reminder for the CRL expiry date" msgstr "message vCalendar de rappel d'expiration de la liste de révocation" #: ../lib/pki_export.cpp:107 msgctxt "pki_export|" msgid "" "XCA template in PEM-like format. Templates include the internal name and " "comment" msgstr "" "Modèle XCA en format similaire à PEM. Les modèles contiennent leurs nom " "interne et commentaire" #: ../lib/pki_export.cpp:108 msgctxt "pki_export|" msgid "" "All selected XCA templates in PEM-like format. Templates include the " "internal name and comment" msgstr "" "Tous les modèles XCA sélectionnés en format similaire à PEM. Les modèles " "contiennent leurs nom interne et commentaire" #: ../lib/pki_key.cpp:59 ../lib/pki_key.cpp:236 ../lib/pki_key.cpp:856 msgctxt "pki_key|" msgid "Public key" msgstr "Clé publique" #: ../lib/pki_key.cpp:212 #, qt-format msgctxt "" "pki_key|%1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name " "of the key" msgid "Successfully imported the %1 public key '%2'" msgstr "La clé %1 publique '%2' a été importée avec succès" #: ../lib/pki_key.cpp:214 #, qt-format msgctxt "" "pki_key|%1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal " "name(s) of the key(s)" msgid "Delete the %n %1 public key(s) '%2'?" msgid_plural "Delete the %n %1 public key(s) '%2'?" msgstr[0] "Détruire les %n clé(s) %1 publique(s) '%2' ?" msgstr[1] "Détruire les %n clé(s) %1 publique(s) '%2' ?" #: ../lib/pki_key.cpp:220 #, qt-format msgctxt "" "pki_key|%1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name " "of the key" msgid "Successfully imported the %1 private key '%2'" msgstr "La clé %1 privée '%2' a été importée avec succès" #: ../lib/pki_key.cpp:222 #, qt-format msgctxt "" "pki_key|%1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal " "name(s) of the key(s)" msgid "Delete the %n %1 private key(s) '%2'?" msgid_plural "Delete the %n %1 private key(s) '%2'?" msgstr[0] "Détruire les %n clé(s) %1 privée(s) '%2' ?" msgstr[1] "Détruire les %n clé(s) %1 privée(s) '%2' ?" #: ../lib/pki_key.cpp:224 #, qt-format msgctxt "" "pki_key|%1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name " "of the key" msgid "Successfully created the %1 private key '%2'" msgstr "La clé %1 privée '%2' a été créée avec succès" #: ../lib/pki_key.cpp:454 msgctxt "pki_key|" msgid "Common" msgstr "Global" #: ../lib/pki_key.cpp:454 msgctxt "pki_key|" msgid "Private" msgstr "Privé" #: ../lib/pki_key.cpp:454 msgctxt "pki_key|" msgid "Bogus" msgstr "Erroné" #: ../lib/pki_key.cpp:454 msgctxt "pki_key|" msgid "PIN" msgstr "NIP" #: ../lib/pki_key.cpp:464 msgctxt "pki_key|" msgid "No password" msgstr "Pas de mot de passe" #: ../lib/pki_key.cpp:561 ../lib/pki_key.cpp:666 #, qt-format msgctxt "pki_key|" msgid "Unexpected SSH2 content: '%1'" msgstr "Contenu SSH2 inattendu: '%1'" #: ../lib/pki_key.cpp:581 ../lib/pki_key.cpp:587 msgctxt "pki_key|" msgid "Invalid SSH2 public key" msgstr "Clé publique SSH2 invalide" #: ../lib/pki_key.cpp:778 #, qt-format msgctxt "pki_key|" msgid "Failed writing to %1" msgstr "Echec d'écriture sur %1" #: ../lib/pki_multi.cpp:138 msgctxt "pki_multi|" msgid "No known PEM encoded items found" msgstr "Aucun objet PEM connu n'a été trouvé" #: ../lib/pki_pkcs12.cpp:37 #, qt-format msgctxt "pki_pkcs12|" msgid "" "Please enter the password to decrypt the PKCS#12 file:\n" "%1" msgstr "" "SVP saisir le mot de passe pour déchiffrer le fichier en PKCS#12:\n" "%1" #: ../lib/pki_pkcs12.cpp:51 #, qt-format msgctxt "pki_pkcs12|" msgid "Unable to load the PKCS#12 (pfx) file %1." msgstr "Impossible de charger le fichier en PKCS#12 (pfx) %1." #: ../lib/pki_pkcs12.cpp:83 #, qt-format msgctxt "pki_pkcs12|" msgid "The supplied password was wrong (%1)" msgstr "Le mot de passe renseigné était faux (%1)" #: ../lib/pki_pkcs12.cpp:141 #, qt-format msgctxt "pki_pkcs12|" msgid "" "Please enter the password to encrypt the key of certificate '%1' in the " "PKCS#12 file:\n" "%2" msgstr "" "SVP saisir le mot de passe pour chiffrer la clé du certificat '%1' dans le " "fichier en PKCS#12:\n" "%2" #: ../lib/pki_pkcs12.cpp:138 msgctxt "pki_pkcs12|" msgid "No key or no Cert and no pkcs12" msgstr "Pas de clé ou pas de certificat et pas en PKCS#12" #: ../lib/pki_pkcs7.cpp:185 #, qt-format msgctxt "pki_pkcs7|" msgid "Unable to load the PKCS#7 file %1. Tried PEM and DER format." msgstr "" "Impossible de charger le fichier en PKCS#7 %1. Les formats PEM et DER ont " "été essayés." #: ../lib/pki_scard.cpp:46 #, qt-format msgctxt "pki_scard|" msgid "Successfully imported the token key '%1'" msgstr "La clé du jeton '%1' a été importée avec succès" #: ../lib/pki_scard.cpp:48 #, qt-format msgctxt "pki_scard|" msgid "Successfully created the token key '%1'" msgstr "La clé du jeton '%1' a été créée avec succès" #: ../lib/pki_scard.cpp:47 #, qt-format msgctxt "pki_scard|" msgid "Delete the %n token key(s): '%1'?" msgid_plural "Delete the %n token key(s): '%1'?" msgstr[0] "Détruire les %n clé(s) du jeton '%1' ?" msgstr[1] "Détruire les %n clé(s) du jeton '%1' ?" #: ../lib/pki_scard.cpp:375 #, qt-format msgctxt "pki_scard|" msgid "Delete the private key '%1' from the token '%2 (#%3)' ?" msgstr "Détruire la clé privée '%1' sur le jeton '%2 (#%3)' ?" #: ../lib/pki_scard.cpp:448 msgctxt "pki_scard|" msgid "This Key is already on the token" msgstr "Cette clé est déjà sur le jeton" #: ../lib/pki_scard.cpp:532 msgctxt "pki_scard|" msgid "PIN input aborted" msgstr "Saisie du NIP abandonnée" #: ../lib/pki_scard.cpp:548 msgctxt "pki_scard|" msgid "Unable to find copied key on the token" msgstr "Impossible de trouver la clé copiée sur le jeton" #: ../lib/pki_scard.cpp:636 #, qt-format msgctxt "pki_scard|" msgid "Please insert card: %1 %2 [%3] with Serial: %4" msgstr "SVP insérer la carte %1 %2 [%3] avec le numéro de série: %4" #: ../lib/pki_scard.cpp:690 #, qt-format msgctxt "pki_scard|" msgid "Select Slot of %1" msgstr "Sélectionner le créneau de %1" #: ../lib/pki_scard.cpp:728 msgctxt "pki_scard|" msgid "Unable to find generated key on card" msgstr "Impossible de trouver la clé générée sur la carte" #: ../lib/pki_scard.cpp:739 #, qt-format msgctxt "pki_scard|" msgid "Token %1" msgstr "Jeton %1" #: ../lib/pki_scard.cpp:748 ../lib/pki_scard.cpp:760 msgctxt "pki_scard|" msgid "Failed to find the key on the token" msgstr "Impossible de trouver la clé sur le jeton" #: ../lib/pki_scard.cpp:754 msgctxt "pki_scard|" msgid "Invalid Pin for the token" msgstr "NIP invalide pour le jeton" #: ../lib/pki_scard.cpp:766 msgctxt "pki_scard|" msgid "Failed to initialize the key on the token" msgstr "Impossible d'initialiser la clé sur le jeton" #: ../lib/pki_temp.cpp:159 #, qt-format msgctxt "pki_temp|" msgid "Successfully imported the XCA template '%1'" msgstr "Le modèle XCA '%1' a été importé avec succès" #: ../lib/pki_temp.cpp:161 #, qt-format msgctxt "pki_temp|" msgid "Successfully created the XCA template '%1'" msgstr "Le modèle XCA '%1' a été créé avec succès" #: ../lib/pki_temp.cpp:160 #, qt-format msgctxt "pki_temp|" msgid "Delete the %n XCA template(s): '%1'?" msgid_plural "Delete the %n XCA template(s): '%1'?" msgstr[0] "Détruire les %n modèle(s) XCA: '%1' ?" msgstr[1] "Détruire les %n modèle(s) XCA: '%1' ?" #: ../lib/pki_temp.cpp:373 #, qt-format msgctxt "pki_temp|" msgid "Wrong Size %1" msgstr "Taille fausse %1" #: ../lib/pki_temp.cpp:471 msgctxt "pki_temp|" msgid "Template file content error (too small)" msgstr "Erreur de contenu du fichier de modèle (trop petit)" #: ../lib/pki_temp.cpp:521 msgctxt "pki_temp|" msgid "Not a PEM encoded XCA Template" msgstr "Ce n'est pas un modèle XCA en format PEM" #: ../lib/pki_temp.cpp:528 #, qt-format msgctxt "pki_temp|" msgid "Not an XCA Template, but '%1'" msgstr "Ce n'est pas un modèle XCA, mais '%1'" #: ../lib/pki_x509.cpp:65 #, qt-format msgctxt "pki_x509|" msgid "Successfully imported the certificate '%1'" msgstr "Le certificat '%1' a été importé avec succès" #: ../lib/pki_x509.cpp:67 #, qt-format msgctxt "pki_x509|" msgid "Successfully created the certificate '%1'" msgstr "Le certificat '%1' a été créé avec succès" #: ../lib/pki_x509.cpp:66 #, qt-format msgctxt "pki_x509|" msgid "Delete the %n certificate(s): '%1'?" msgid_plural "Delete the %n certificate(s): '%1'?" msgstr[0] "Détruire les %n certificat(s): '%1' ?" msgstr[1] "Détruire les %n certificat(s): '%1' ?" #: ../lib/pki_x509.cpp:237 #, qt-format msgctxt "pki_x509|" msgid "" "Unable to load the certificate in file %1. Tried PEM and DER certificate." msgstr "" "Impossible de charger le certificat du fichier %1. Les formats PEM et DER " "ont été essayés." #: ../lib/pki_x509.cpp:332 msgctxt "pki_x509|" msgid "Invalid OpenVPN tls-auth key" msgstr "Clé tls-auth de OpenVPN invalide" #: ../lib/pki_x509.cpp:362 msgctxt "pki_x509|" msgid "Failed to import tls-auth key" msgstr "Impossible d'importer la clé tls-auth" #: ../lib/pki_x509.cpp:365 msgctxt "pki_x509|" msgid "Same tls-auth key already stored for this CA" msgstr "La même clé tls-auth est déjà stockée pour ce CA" #: ../lib/pki_x509.cpp:367 msgctxt "pki_x509|" msgid "New tls-auth key successfully imported" msgstr "La nouvelle clé tls-auth a été importée" #: ../lib/pki_x509.cpp:369 msgctxt "pki_x509|" msgid "Existing tls-auth key successfully replaced" msgstr "La clé tls-auth existante a été remplacée" #: ../lib/pki_x509.cpp:473 msgctxt "pki_x509|" msgid "This certificate is already on the security token" msgstr "Ce certificat est déjà dans le jeton de sécurité" #: ../lib/pki_x509.cpp:536 #, qt-format msgctxt "pki_x509|" msgid "Delete the certificate '%1' from the token '%2 (#%3)'?" msgstr "Détruire le certificat '%1' sur le jeton '%2 (#%3)' ?" #: ../lib/pki_x509.cpp:660 msgctxt "pki_x509|" msgid "There is no key for signing !" msgstr "Il n'y a pas de clé pour signer !" #: ../lib/pki_x509.cpp:972 msgctxt "pki_x509|" msgid "No" msgstr "Non" #: ../lib/pki_x509.cpp:974 msgctxt "pki_x509|" msgid "Yes" msgstr "Oui" #: ../lib/pki_x509.cpp:1004 #, qt-format msgctxt "pki_x509|" msgid "Renew certificate: %1" msgstr "Renouvellement du certificat: %1" #: ../lib/pki_x509.cpp:1005 #, qt-format msgctxt "pki_x509|" msgid "" "The XCA certificate '%1', issued on %2 will expire on %3.\n" "It is stored in the XCA database '%4'" msgstr "" "Le certificat XCA '%1' émis le %2 expirera le %3.\n" "Il est stocké dans la base de données XCA '%4'" #: ../lib/pki_x509req.cpp:108 msgctxt "pki_x509req|" msgid "Signing key not valid (public key)" msgstr "La clé de signature n'est pas valide (c'est une clé publique)" #: ../lib/pki_x509req.cpp:147 #, qt-format msgctxt "pki_x509req|" msgid "Successfully imported the PKCS#10 certificate request '%1'" msgstr "La requête PKCS#10 de signature '%1' a été importée avec succès" #: ../lib/pki_x509req.cpp:148 #, qt-format msgctxt "pki_x509req|" msgid "Delete the %n PKCS#10 certificate request(s): '%1'?" msgid_plural "Delete the %n PKCS#10 certificate request(s): '%1'?" msgstr[0] "Détruire les requête(s) PKCS#10 de signature: '%1' ?" msgstr[1] "Détruire les requête(s) PKCS#10 de signature: '%1' ?" #: ../lib/pki_x509req.cpp:149 #, qt-format msgctxt "pki_x509req|" msgid "Successfully created the PKCS#10 certificate request '%1'" msgstr "La requête PKCS#10 de signature '%1' a été créée avec succès" #: ../lib/pki_x509req.cpp:180 #, qt-format msgctxt "pki_x509req|" msgid "" "Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC " "format." msgstr "" "Impossible de charger la requête de signature du fichier %1. Les formats " "PEM, DER et SPKAC ont été essayés." #: ../lib/pki_x509req.cpp:366 msgctxt "pki_x509req|" msgid "Signed" msgstr "Signée" #: ../lib/pki_x509req.cpp:366 msgctxt "pki_x509req|" msgid "Unhandled" msgstr "Non-géré" #: ../ui/v3ext.ui:26 msgctxt "v3ext|" msgid "Copy Common Name" msgstr "Copier le nom commun" #: ../ui/v3ext.ui:56 msgctxt "v3ext|" msgid "Add" msgstr "Ajouter" #: ../ui/v3ext.ui:63 msgctxt "v3ext|" msgid "Delete" msgstr "Enlever" #: ../ui/v3ext.ui:89 msgctxt "v3ext|" msgid "Apply" msgstr "Appliquer" #: ../ui/v3ext.ui:96 msgctxt "v3ext|" msgid "Validate" msgstr "Valider" #: ../ui/v3ext.ui:125 msgctxt "v3ext|" msgid "Cancel" msgstr "Annuler" #: ../widgets/v3ext.cpp:75 msgctxt "v3ext|" msgid "An email address or 'copy'" msgstr "Une adresse de courriel ou 'copy'" #: ../widgets/v3ext.cpp:77 msgctxt "v3ext|" msgid "An email address" msgstr "Une adresse de courriel" #: ../widgets/v3ext.cpp:79 msgctxt "v3ext|" msgid "A registered ID: OBJECT IDENTIFIER" msgstr "un IDentifiant enregistré: IDENTIFICATEUR.OBJET" #: ../widgets/v3ext.cpp:83 msgctxt "v3ext|" msgid "A uniform resource indicator" msgstr "un indicateur uniforme de ressource" #: ../widgets/v3ext.cpp:88 msgctxt "v3ext|" msgid "A DNS domain name or 'copycn'" msgstr "un nom de domaine DNS ou 'copycn'" #: ../widgets/v3ext.cpp:90 msgctxt "v3ext|" msgid "A DNS domain name" msgstr "un nom de domaine DNS" #: ../widgets/v3ext.cpp:92 msgctxt "v3ext|" msgid "An IP address" msgstr "Une adresse IP" #: ../widgets/v3ext.cpp:95 msgctxt "v3ext|" msgid "Syntax: ;TYPE:text like '1.2.3.4:UTF8:name'" msgstr "Syntaxe: ;TYPE:texte sous la forme '1.2.3.4:UTF8:nom'" #: ../widgets/v3ext.cpp:99 msgctxt "v3ext|" msgid "No editing. Only 'copy' allowed here" msgstr "Pas de modification possible. Seul 'copy' est permis ici" #: ../widgets/v3ext.cpp:168 #, qt-format msgctxt "v3ext|" msgid "" "Validation failed:\n" "'%1'\n" "%2" msgstr "" "La validation a échoué:\n" "'%1'\n" "%2" #: ../widgets/v3ext.cpp:173 #, qt-format msgctxt "v3ext|" msgid "" "Validation successful:\n" "'%1'" msgstr "" "La validation a été effectuée avec succès:\n" "'%1'" #: ../widgets/XcaWarning.cpp:71 msgctxt "xcaWarningGui|" msgid "Copy to Clipboard" msgstr "Copier dans le presse-papier" xca-RELEASE.2.9.0/lang/po2ts.sh000077500000000000000000000002141477156507700157230ustar00rootroot00000000000000#!/bin/sh ALL="$@" test -n "$ALL" || ALL="tr fr sk" for lang in $ALL; do lconvert -if po -of ts -i "${lang}.po" -o "xca_${lang}.ts" done xca-RELEASE.2.9.0/lang/sk.po000066400000000000000000003746761477156507700153240ustar00rootroot00000000000000# This file is distributed under the same license as the XCA package. # Slavko , 2016-2024. # msgid "" msgstr "" "Project-Id-Version: X Certificate and Key management 2..6.0\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2018-03-16 18:14+0200\n" "PO-Revision-Date: 2024-10-01 14:52+0200\n" "Last-Translator: Slavko \n" "Language-Team: slovenčina \n" "Language: sk\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "X-Generator: Gtranslator 46.1\n" "Plural-Forms: nplurals=3; plural=(n==1) ? 0 : (n>=2 && n<=4) ? 1 : 2;\n" "X-Qt-Contexts: true\n" #: ../ui/CaProperties.ui:14 msgctxt "CaProperties|" msgid "Form" msgstr "Forma" #: ../ui/CaProperties.ui:20 msgctxt "CaProperties|" msgid "Days until next CRL issuing" msgstr "Dní do nasledujúceho vydania CRL" #: ../ui/CaProperties.ui:30 msgctxt "CaProperties|" msgid "Default template" msgstr "Predvolená šablóna" #: ../widgets/CertDetail.cpp:139 ../ui/CertDetail.ui:30 msgctxt "CertDetail|" msgid "Details of the Certificate" msgstr "Podrobnosti certifikátu" #: ../ui/CertDetail.ui:165 msgctxt "CertDetail|" msgid "Serial" msgstr "Sériové číslo" #: ../ui/CertDetail.ui:178 msgctxt "CertDetail|" msgid "The serial number of the certificate" msgstr "Sériové číslo certifikátu" #: ../ui/CertDetail.ui:113 msgctxt "CertDetail|" msgid "The internal name of the certificate in the database" msgstr "Interný názov certifikátu v databáze" #: ../ui/CertDetail.ui:78 msgctxt "CertDetail|" msgid "Status" msgstr "Stav" #: ../ui/CertDetail.ui:106 msgctxt "CertDetail|" msgid "Internal name" msgstr "Interný názov" #: ../ui/CertDetail.ui:120 msgctxt "CertDetail|" msgid "Signature" msgstr "Podpis" #: ../ui/CertDetail.ui:145 msgctxt "CertDetail|" msgid "Key" msgstr "Kľúč" #: ../ui/CertDetail.ui:191 msgctxt "CertDetail|" msgid "Fingerprints" msgstr "Odtlačky" #: ../ui/CertDetail.ui:203 msgctxt "CertDetail|" msgid "MD5" msgstr "MD5" #: ../ui/CertDetail.ui:216 msgctxt "CertDetail|" msgid "An md5 hashsum of the certificate" msgstr "Odtlačok certifikátu MD5" #: ../ui/CertDetail.ui:229 msgctxt "CertDetail|" msgid "SHA1" msgstr "SHA1" #: ../ui/CertDetail.ui:242 msgctxt "CertDetail|" msgid "A SHA-1 hashsum of the certificate" msgstr "Odtlačok certifikátu SHA-1" #: ../ui/CertDetail.ui:255 msgctxt "CertDetail|" msgid "SHA256" msgstr "SHA256" #: ../ui/CertDetail.ui:268 msgctxt "CertDetail|" msgid "A SHA-256 hashsum of the certificate" msgstr "Odtlačok certifikátu SHA-256" #: ../ui/CertDetail.ui:278 msgctxt "CertDetail|" msgid "Validity" msgstr "Platnosť" #: ../ui/CertDetail.ui:296 msgctxt "CertDetail|" msgid "The time since the certificate is valid" msgstr "Čas odkedy je certifikát platný" #: ../ui/CertDetail.ui:303 msgctxt "CertDetail|" msgid "The time until the certificate is valid" msgstr "Čas dokedy je certifikát platný" #: ../ui/CertDetail.ui:337 msgctxt "CertDetail|" msgid "Subject" msgstr "Predmet" #: ../ui/CertDetail.ui:359 msgctxt "CertDetail|" msgid "Issuer" msgstr "Vydavateľ" #: ../ui/CertDetail.ui:391 msgctxt "CertDetail|" msgid "Extensions" msgstr "Rozšírenia" #: ../ui/CertDetail.ui:412 msgctxt "CertDetail|" msgid "Validation" msgstr "Overenie" #: ../ui/CertDetail.ui:418 msgctxt "CertDetail|" msgid "Purposes" msgstr "Účely" #: ../ui/CertDetail.ui:430 msgctxt "CertDetail|" msgid "Strict RFC 5280 validation" msgstr "Striktné overenie RFC 5280" #: ../ui/CertDetail.ui:443 msgctxt "CertDetail|" msgid "Comment" msgstr "Komentár" #: ../ui/CertDetail.ui:381 msgctxt "CertDetail|" msgid "Attributes" msgstr "Atribúty" #: ../widgets/CertDetail.cpp:35 ../ui/CertDetail.ui:404 msgctxt "CertDetail|" msgid "Show config" msgstr "Zobraziť konfiguráciu" #: ../widgets/CertDetail.cpp:39 msgctxt "CertDetail|" msgid "Show extensions" msgstr "Zobraziť rozšírenia" #: ../widgets/CertDetail.cpp:71 msgctxt "CertDetail|" msgid "Show public key" msgstr "Zobraziť verejný kľúč" #: ../widgets/CertDetail.cpp:74 msgctxt "CertDetail|" msgid "This key is not in the database." msgstr "Tento kľúč nie je v databáze." #: ../widgets/CertDetail.cpp:78 msgctxt "CertDetail|" msgid "Not available" msgstr "Nedostupné" #: ../widgets/CertDetail.cpp:127 msgctxt "CertDetail|" msgid "No verification errors found." msgstr "Neboli nájdené žiadne chyby overenia." #: ../widgets/CertDetail.cpp:152 msgctxt "CertDetail|" msgid "Signer unknown" msgstr "Neznámy podpis" #: ../widgets/CertDetail.cpp:156 msgctxt "CertDetail|" msgid "Self signed" msgstr "Sebou podpísaný" #: ../widgets/CertDetail.cpp:186 #, qt-format msgctxt "CertDetail|" msgid "Revoked at %1" msgstr "Odvolaný %1" #: ../widgets/CertDetail.cpp:191 msgctxt "CertDetail|" msgid "Not valid" msgstr "Neplatný" #: ../widgets/CertDetail.cpp:195 msgctxt "CertDetail|" msgid "Valid" msgstr "Platný" #: ../widgets/CertDetail.cpp:216 msgctxt "CertDetail|" msgid "Details of the certificate signing request" msgstr "Podrobnosti žiadosti o podpísanie certifikátu" #: ../ui/CertExtend.ui:30 msgctxt "CertExtend|" msgid "Certificate renewal" msgstr "Obnovenie certifikátu" #: ../ui/CertExtend.ui:74 msgctxt "CertExtend|" msgid "" "This will create a new certificate as a copy of the old one with a new " "serial number and adjusted validity values." msgstr "" "Týmto vytvoríte nový certifikát ako kópiu starého s novým sériovým číslom a " "novými hodnotami platnosti." #: ../ui/CertExtend.ui:100 msgctxt "CertExtend|" msgid "Validity" msgstr "Platnosť" #: ../ui/CertExtend.ui:111 msgctxt "CertExtend|" msgid "Not before" msgstr "Nie pred" #: ../ui/CertExtend.ui:118 msgctxt "CertExtend|" msgid "Not after" msgstr "Nie po" #: ../ui/CertExtend.ui:144 msgctxt "CertExtend|" msgid "Time range" msgstr "Časový rozsah" #: ../ui/CertExtend.ui:150 msgctxt "CertExtend|" msgid "Local time" msgstr "Lokálny čas" #: ../ui/CertExtend.ui:158 msgctxt "CertExtend|" msgid "Days" msgstr "Dni" #: ../ui/CertExtend.ui:163 msgctxt "CertExtend|" msgid "Months" msgstr "Mesiace" #: ../ui/CertExtend.ui:168 msgctxt "CertExtend|" msgid "Years" msgstr "Roky" #: ../ui/CertExtend.ui:176 msgctxt "CertExtend|" msgid "No well-defined expiration" msgstr "Bez vypršania" #: ../ui/CertExtend.ui:183 msgctxt "CertExtend|" msgid "Midnight" msgstr "Polnoc" #: ../ui/CertExtend.ui:190 msgctxt "CertExtend|" msgid "Apply" msgstr "Použiť" #: ../ui/CertExtend.ui:216 msgctxt "CertExtend|" msgid "Revoke old certificate" msgstr "Odvolať starý certifikát" #: ../ui/CertExtend.ui:226 msgctxt "CertExtend|" msgid "Replace old certificate" msgstr "Nahradiť starý certifikát" #: ../ui/CertExtend.ui:236 msgctxt "CertExtend|" msgid "Keep serial number" msgstr "Zachovať sériové číslo" #: ../widgets/CertExtend.cpp:43 msgctxt "CertExtend|" msgid "" "The certificate will be earlier valid than the signer. This is probably not " "what you want." msgstr "" "Certifikát bude platný skôr ako jeho vydavateľ. To asi nie je to, čo chcete." #: ../widgets/CertExtend.cpp:45 ../widgets/CertExtend.cpp:67 msgctxt "CertExtend|" msgid "Edit dates" msgstr "Upraviť dátumy" #: ../widgets/CertExtend.cpp:46 ../widgets/CertExtend.cpp:68 msgctxt "CertExtend|" msgid "Abort rollout" msgstr "Prerušiť operáciu" #: ../widgets/CertExtend.cpp:47 ../widgets/CertExtend.cpp:69 msgctxt "CertExtend|" msgid "Continue rollout" msgstr "Pokračovať v operácii" #: ../widgets/CertExtend.cpp:48 ../widgets/CertExtend.cpp:70 msgctxt "CertExtend|" msgid "Adjust date and continue" msgstr "Opraviť dátum a pokračovať" #: ../widgets/CertExtend.cpp:65 msgctxt "CertExtend|" msgid "" "The certificate will be longer valid than the signer. This is probably not " "what you want." msgstr "" "Certifikát bude platný dlhšie ako jeho vydavateľ. To asi nie je to, čo " "chcete." #: ../widgets/CertTreeView.cpp:34 msgctxt "CertTreeView|" msgid "Hide unusable certificates" msgstr "Skryť nepoužiteľné certifikáty" #: ../widgets/CertTreeView.cpp:41 msgctxt "CertTreeView|" msgid "Import PKCS#12" msgstr "Import PKCS#12" #: ../widgets/CertTreeView.cpp:42 msgctxt "CertTreeView|" msgid "Import from PKCS#7" msgstr "Importovať z PKCS#7" #: ../widgets/CertTreeView.cpp:70 msgctxt "CertTreeView|" msgid "Request" msgstr "Žiadosť" #: ../widgets/CertTreeView.cpp:72 msgctxt "CertTreeView|" msgid "Security token" msgstr "Bezpečnostný token" #: ../widgets/CertTreeView.cpp:74 msgctxt "CertTreeView|" msgid "Other token" msgstr "Iný token" #: ../widgets/CertTreeView.cpp:78 msgctxt "CertTreeView|" msgid "Similar Certificate" msgstr "Podobný certifikát" #: ../widgets/CertTreeView.cpp:81 msgctxt "CertTreeView|" msgid "Delete from Security token" msgstr "Odstrániť z Bezpečnostného tokenu" #: ../widgets/CertTreeView.cpp:84 msgctxt "CertTreeView|" msgid "CA" msgstr "CA" #: ../widgets/CertTreeView.cpp:85 msgctxt "CertTreeView|" msgid "Properties" msgstr "Vlastnosti" #: ../widgets/CertTreeView.cpp:86 msgctxt "CertTreeView|" msgid "Generate CRL" msgstr "Generovať CRL" #: ../widgets/CertTreeView.cpp:87 msgctxt "CertTreeView|" msgid "Manage revocations" msgstr "Spravovať odvolania" #: ../widgets/CertTreeView.cpp:91 msgctxt "CertTreeView|" msgid "Import OpenVPN tls-auth key" msgstr "Importovať OpenVPN tls-auth" #: ../widgets/CertTreeView.cpp:95 ../widgets/CertTreeView.cpp:98 msgctxt "CertTreeView|" msgid "Renewal" msgstr "Obnoviť" #: ../widgets/CertTreeView.cpp:100 msgctxt "CertTreeView|" msgid "Revoke" msgstr "Odvolať" #: ../widgets/CertTreeView.cpp:102 msgctxt "CertTreeView|" msgid "Unrevoke" msgstr "Zrušiť odvolanie" #: ../widgets/CertTreeView.cpp:182 msgctxt "CertTreeView|" msgid "Plain View" msgstr "Prosté zobrazenie" #: ../widgets/CertTreeView.cpp:182 msgctxt "CertTreeView|" msgid "Tree View" msgstr "Stromové zobrazenie" #: ../widgets/CertTreeView.cpp:211 msgctxt "CertTreeView|" msgid "days" msgstr "dní" #: ../widgets/CertTreeView.cpp:219 msgctxt "CertTreeView|" msgid "No template" msgstr "Bez šablóny" #: ../widgets/CertTreeView.cpp:224 msgctxt "CertTreeView|" msgid "CA Properties" msgstr "Vlastnosti CA" #: ../widgets/CertTreeView.cpp:266 msgctxt "CertTreeView|" msgid "Certificate export" msgstr "Export certifikátu" #: ../widgets/CertTreeView.cpp:267 msgctxt "CertTreeView|" msgid "X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b )" msgstr "Certifikáty X509 ( *.pem *.cer *.crt *.p12 *.pfx *.p7b )" #: ../widgets/CertTreeView.cpp:268 msgctxt "CertTreeView|" msgid "vCalendar entry ( *.ics )" msgstr "Položka vCalendar ( *.ics )" #: ../widgets/CertTreeView.cpp:269 msgctxt "CertTreeView|" msgid "OpenVPN file ( *.ovpn )" msgstr "Súbor OpenVPN ( *.ovpn )" #: ../widgets/CertTreeView.cpp:270 msgctxt "CertTreeView|" msgid "OpenVPN tls-auth key ( *.key )" msgstr "OpenVPN tls-auth ( *.key )" #: ../widgets/clicklabel.cpp:37 msgctxt "ClickLabel|" msgid "Double click for details" msgstr "Dvojklikom podrobnosti" #: ../ui/CrlDetail.ui:30 msgctxt "CrlDetail|" msgid "Details of the Revocation list" msgstr "Podrobnosti CRL" #: ../ui/CrlDetail.ui:78 msgctxt "CrlDetail|" msgid "&Status" msgstr "&Stav" #: ../ui/CrlDetail.ui:144 msgctxt "CrlDetail|" msgid "Version" msgstr "Verzia" #: ../ui/CrlDetail.ui:163 msgctxt "CrlDetail|" msgid "Signature" msgstr "Podpis" #: ../ui/CrlDetail.ui:170 msgctxt "CrlDetail|" msgid "Signed by" msgstr "Podpísal" #: ../ui/CrlDetail.ui:177 msgctxt "CrlDetail|" msgid "Name" msgstr "Názov" #: ../ui/CrlDetail.ui:184 msgctxt "CrlDetail|" msgid "The internal name of the CRL in the database" msgstr "Interný názov CRL v databáze" #: ../ui/CrlDetail.ui:197 msgctxt "CrlDetail|" msgid "issuing dates" msgstr "dátumy vydania" #: ../ui/CrlDetail.ui:215 msgctxt "CrlDetail|" msgid "Next update" msgstr "Nasled. aktualizácia" #: ../ui/CrlDetail.ui:222 msgctxt "CrlDetail|" msgid "Last update" msgstr "Posledná aktualizácia" #: ../ui/CrlDetail.ui:255 msgctxt "CrlDetail|" msgid "&Issuer" msgstr "&Vydavateľ" #: ../ui/CrlDetail.ui:277 msgctxt "CrlDetail|" msgid "&Extensions" msgstr "&Rozšírenia" #: ../ui/CrlDetail.ui:306 msgctxt "CrlDetail|" msgid "&Revocation list" msgstr "Zoznam &odvolaných" #: ../ui/CrlDetail.ui:340 msgctxt "CrlDetail|" msgid "Comment" msgstr "Komentár" #: ../widgets/CrlDetail.cpp:48 msgctxt "CrlDetail|" msgid "Failed" msgstr "Zlyhalo" #: ../widgets/CrlDetail.cpp:53 msgctxt "CrlDetail|" msgid "Unknown signer" msgstr "Neznámy vydavateľ" #: ../widgets/CrlDetail.cpp:56 msgctxt "CrlDetail|" msgid "Verification not possible" msgstr "Overenie nemožné" #: ../widgets/CrlTreeView.cpp:39 msgctxt "CrlTreeView|" msgid "There are no CA certificates for CRL generation" msgstr "Neexistujú certifikáty CA na generovanie CRL" #: ../widgets/CrlTreeView.cpp:47 msgctxt "CrlTreeView|" msgid "Select CA certificate" msgstr "Vyberte certifikát CA" #: ../widgets/CrlTreeView.cpp:69 msgctxt "CrlTreeView|" msgid "Revocation list export" msgstr "Export zoznamu odvolaných" #: ../widgets/CrlTreeView.cpp:70 msgctxt "CrlTreeView|" msgid "CRL ( *.pem *.der *.crl )" msgstr "CRL ( *.pem *.der *.crl )" #: ../widgets/CrlTreeView.cpp:71 msgctxt "CrlTreeView|" msgid "vCalendar entry ( *.ics )" msgstr "Položka vCalendar ( *.ics )" #: ../ui/ExportDialog.ui:76 msgctxt "ExportDialog|" msgid "Name" msgstr "Názov" #: ../ui/ExportDialog.ui:83 msgctxt "ExportDialog|" msgid "The internal name of the CRL in the database" msgstr "Interný názov CRL v databáze" #: ../ui/ExportDialog.ui:112 msgctxt "ExportDialog|" msgid "..." msgstr "…" #: ../ui/ExportDialog.ui:96 msgctxt "ExportDialog|" msgid "Filename" msgstr "Meno súboru" #: ../ui/ExportDialog.ui:127 msgctxt "ExportDialog|" msgid "Each Item in a separate file" msgstr "Každá položka v samostatnom súbore" #: ../ui/ExportDialog.ui:134 msgctxt "ExportDialog|" msgid "Same encryption password for all items" msgstr "Rovnaké heslo šifrovania pre všetky položky" #: ../ui/ExportDialog.ui:141 msgctxt "ExportDialog|" msgid "Export comment into PEM file" msgstr "Exportovať komentáre do súboru PEM" #: ../ui/ExportDialog.ui:121 msgctxt "ExportDialog|" msgid "Export Format" msgstr "Formát exportu" #: ../widgets/ExportDialog.cpp:43 #, qt-format msgctxt "ExportDialog|" msgid "%n selected item(s)" msgid_plural "%n selected item(s)" msgstr[0] "%n zvolená položka" msgstr[1] "%n zvolené položky" msgstr[2] "%n zvolených položiek" #: ../widgets/ExportDialog.cpp:53 msgctxt "ExportDialog|" msgid "All files ( * )" msgstr "Všetky súbory ( * )" #: ../widgets/ExportDialog.cpp:126 #, qt-format msgctxt "ExportDialog|" msgid "The file: '%1' already exists!" msgstr "Súbor: „%1” už existuje!" #: ../widgets/ExportDialog.cpp:127 msgctxt "ExportDialog|" msgid "Overwrite" msgstr "Prepísať" #: ../widgets/ExportDialog.cpp:128 msgctxt "ExportDialog|" msgid "Do not overwrite" msgstr "Neprepísať" #: ../widgets/ExportDialog.cpp:132 #, qt-format msgctxt "ExportDialog|" msgid "The path: '%1' exist, but is not a file" msgstr "Cesta: „%1” existuje, ale nie je to súbor" #: ../widgets/ExportDialog.cpp:145 #, qt-format msgctxt "ExportDialog|" msgid "The path: '%1' exist, but is not a directory" msgstr "Cesta: „%1” existuje, ale nie je to adresár" #: ../widgets/ExportDialog.cpp:150 #, qt-format msgctxt "ExportDialog|" msgid "The directory: '%1' does not exist. Should it be created?" msgstr "Adresár: „%1” neexistuje. Má byť vytvorený?" #: ../widgets/ExportDialog.cpp:152 msgctxt "ExportDialog|" msgid "Create" msgstr "Vytvoriť" #: ../widgets/ExportDialog.cpp:158 #, qt-format msgctxt "ExportDialog|" msgid "Failed to create directory '%1'" msgstr "Vytvorenie adresára „%1” zlyhalo" #: ../widgets/ExportDialog.cpp:206 msgctxt "ExportDialog|" msgid "Directory" msgstr "Adresár" #: ../ui/TimeInput.ui:32 msgctxt "Form|" msgid "last update" msgstr "posled. aktualizácia" #: ../ui/TimeInput.ui:46 msgctxt "Form|" msgid "next update" msgstr "nasled. aktualizácia" #: ../ui/TimeInput.ui:70 msgctxt "Form|" msgid "Days" msgstr "Dní" #: ../ui/TimeInput.ui:75 msgctxt "Form|" msgid "Months" msgstr "Mesiacov" #: ../ui/TimeInput.ui:80 msgctxt "Form|" msgid "Years" msgstr "Rokov" #: ../ui/TimeInput.ui:88 msgctxt "Form|" msgid "Apply" msgstr "Použiť" #: ../ui/TimeInput.ui:95 msgctxt "Form|" msgid "Midnight" msgstr "Polnoc" #: ../ui/TimeInput.ui:102 msgctxt "Form|" msgid "Local time" msgstr "Lokálny čas" #: ../ui/TimeInput.ui:109 msgctxt "Form|" msgid "No well-defined expiration" msgstr "Bez vypršania" #: ../ui/Help.ui:36 msgctxt "Help|" msgid "<<" msgstr "<<" #: ../ui/Help.ui:46 msgctxt "Help|" msgid ">>" msgstr ">>" #: ../ui/Help.ui:72 msgctxt "Help|" msgid "&Done" msgstr "&Hotovo" #: ../ui/ImportMulti.ui:36 msgctxt "ImportMulti|" msgid "Import PKI Items" msgstr "Importovať položky PKI" #: ../ui/ImportMulti.ui:94 msgctxt "ImportMulti|" msgid "Import &All" msgstr "Importovať &všetky" #: ../ui/ImportMulti.ui:101 msgctxt "ImportMulti|" msgid "&Import" msgstr "&Importovať" #: ../ui/ImportMulti.ui:108 msgctxt "ImportMulti|" msgid "&Done" msgstr "&Hotovo" #: ../ui/ImportMulti.ui:115 msgctxt "ImportMulti|" msgid "&Remove from list" msgstr "&Odstrániť zo zoznamu" #: ../ui/ImportMulti.ui:122 msgctxt "ImportMulti|" msgid "Details" msgstr "Podrobnosti" #: ../ui/ImportMulti.ui:129 msgctxt "ImportMulti|" msgid "Delete from token" msgstr "Odstrániť z tokenu" #: ../ui/ImportMulti.ui:136 msgctxt "ImportMulti|" msgid "Rename on token" msgstr "Premenovať token" #: ../widgets/ImportMulti.cpp:66 #, qt-format msgctxt "ImportMulti|" msgid "" "\n" "Name: %1\n" "Model: %2\n" "Serial: %3" msgstr "" "\n" "Názov: %1\n" "Model: %2\n" "Sér. č.: %3" #: ../widgets/ImportMulti.cpp:71 msgctxt "ImportMulti|" msgid "Manage security token" msgstr "Spravovať bezpečnostný token" #: ../widgets/ImportMulti.cpp:106 ../widgets/ImportMulti.cpp:300 #, qt-format msgctxt "ImportMulti|" msgid "The type of the item '%1' is not recognized" msgstr "Typ položky „%1” nie je rozpoznaný" #: ../widgets/ImportMulti.cpp:252 msgctxt "ImportMulti|" msgid "Could not open the default database" msgstr "Nemožno otvoriť predvolenú databázu" #: ../widgets/ImportMulti.cpp:328 #, qt-format msgctxt "ImportMulti|" msgid "The file '%1' did not contain PKI data" msgstr "Súbor „%1” neobsahuje dáta PKI" #: ../widgets/ImportMulti.cpp:331 #, qt-format msgctxt "ImportMulti|" msgid "The %1 files: '%2' did not contain PKI data" msgstr "%1 súbory: „%2” neobsahuje dáta PKI" #: ../ui/ItemProperties.ui:22 msgctxt "ItemProperties|" msgid "Name" msgstr "Názov" #: ../ui/ItemProperties.ui:32 msgctxt "ItemProperties|" msgid "Source" msgstr "Zdroj" #: ../ui/ItemProperties.ui:42 msgctxt "ItemProperties|" msgid "Insertion date" msgstr "Dátum vloženia" #: ../ui/ItemProperties.ui:54 msgctxt "ItemProperties|" msgid "Comment" msgstr "Komentár" #: ../ui/KeyDetail.ui:82 msgctxt "KeyDetail|" msgid "Name" msgstr "Názov" #: ../ui/KeyDetail.ui:89 msgctxt "KeyDetail|" msgid "The internal name of the key used by xca" msgstr "Interný názov kľúča používaný v xca" #: ../widgets/KeyDetail.cpp:101 msgctxt "KeyDetail|" msgid "Security token" msgstr "Bezpečnostný token" #: ../ui/KeyDetail.ui:286 msgctxt "KeyDetail|" msgid "Manufacturer" msgstr "Výrobca" #: ../ui/KeyDetail.ui:296 msgctxt "KeyDetail|" msgid "Serial" msgstr "Sériové číslo" #: ../ui/KeyDetail.ui:102 ../ui/KeyDetail.ui:182 msgctxt "KeyDetail|" msgid "Key" msgstr "Kľúč" #: ../ui/KeyDetail.ui:110 msgctxt "KeyDetail|" msgid "Public Exponent" msgstr "Verejný exponent" #: ../ui/KeyDetail.ui:136 msgctxt "KeyDetail|" msgid "Keysize" msgstr "Veľkosť kľúča" #: ../ui/KeyDetail.ui:163 msgctxt "KeyDetail|" msgid "Private Exponent" msgstr "Súkromný exponent" #: ../ui/KeyDetail.ui:214 msgctxt "KeyDetail|" msgid "Security Token" msgstr "Bezpečnostný token" #: ../ui/KeyDetail.ui:235 ../ui/KeyDetail.ui:306 msgctxt "KeyDetail|" msgid "Label" msgstr "Menovka" #: ../ui/KeyDetail.ui:245 msgctxt "KeyDetail|" msgid "PKCS#11 ID" msgstr "ID PKCS#11" #: ../ui/KeyDetail.ui:270 msgctxt "KeyDetail|" msgid "Token information" msgstr "Informácie tokenu" #: ../ui/KeyDetail.ui:276 msgctxt "KeyDetail|" msgid "Model" msgstr "Model" #: ../ui/KeyDetail.ui:324 msgctxt "KeyDetail|" msgid "Fingerprint" msgstr "Odtlačok" #: ../ui/KeyDetail.ui:329 msgctxt "KeyDetail|" msgid "Comment" msgstr "Komentár" #: ../widgets/KeyDetail.cpp:84 #, qt-format msgctxt "KeyDetail|" msgid "Details of the %1 key" msgstr "Podrobnosti kľúča %1" #: ../widgets/KeyDetail.cpp:90 msgctxt "KeyDetail|" msgid "Not available" msgstr "Nedostupný" #: ../widgets/KeyDetail.cpp:103 msgctxt "KeyDetail|" msgid "Available" msgstr "Dostupný" #: ../widgets/KeyDetail.cpp:112 msgctxt "KeyDetail|" msgid "Sub prime" msgstr "Sub prime" #: ../widgets/KeyDetail.cpp:113 ../widgets/KeyDetail.cpp:122 #: ../widgets/KeyDetail.cpp:134 msgctxt "KeyDetail|" msgid "Public key" msgstr "Verejný kľúč" #: ../widgets/KeyDetail.cpp:114 ../widgets/KeyDetail.cpp:123 #: ../widgets/KeyDetail.cpp:135 msgctxt "KeyDetail|" msgid "Private key" msgstr "Súkromný kľúč" #: ../widgets/KeyDetail.cpp:124 ../widgets/KeyDetail.cpp:136 msgctxt "KeyDetail|" msgid "Curve name" msgstr "Názov krivky" #: ../widgets/KeyDetail.cpp:143 msgctxt "KeyDetail|" msgid "Unknown key" msgstr "Neznámy kľúč" #: ../widgets/KeyTreeView.cpp:31 msgctxt "KeyTreeView|" msgid "Change password" msgstr "Zmeniť heslo" #: ../widgets/KeyTreeView.cpp:35 msgctxt "KeyTreeView|" msgid "Reset password" msgstr "Odstrániť heslo" #: ../widgets/KeyTreeView.cpp:47 msgctxt "KeyTreeView|" msgid "Change PIN" msgstr "Zmeniť PIN" #: ../widgets/KeyTreeView.cpp:49 msgctxt "KeyTreeView|" msgid "Init PIN with SO PIN (PUK)" msgstr "Inicializovať PIN pomocou SO PIN (PUK)" #: ../widgets/KeyTreeView.cpp:51 msgctxt "KeyTreeView|" msgid "Change SO PIN (PUK)" msgstr "Zmeniť SO PIN (PUK)" #: ../widgets/KeyTreeView.cpp:54 msgctxt "KeyTreeView|" msgid "Security token" msgstr "Bezpečnostný token" #: ../widgets/KeyTreeView.cpp:91 ../widgets/KeyTreeView.cpp:109 #: ../widgets/KeyTreeView.cpp:127 msgctxt "KeyTreeView|" msgid "This is not a token" msgstr "Toto nie je token" #: ../widgets/KeyTreeView.cpp:156 #, qt-format msgctxt "KeyTreeView|" msgid "" "Shall the original key '%1' be replaced by the key on the token?\n" "This will delete the key '%1' and make it unexportable" msgstr "" "Má byť pôvodný kľúč „%1” nahradený kľúčom z tokenu?\n" "Týmto bude kľúč „%1” odstránený a nebude ho možné exportovať" #: ../widgets/KeyTreeView.cpp:203 msgctxt "KeyTreeView|" msgid "Key export" msgstr "Export kľúča" #: ../widgets/KeyTreeView.cpp:204 msgctxt "KeyTreeView|" msgid "Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub )" msgstr "Súkromné kľúče ( *.pem *.der *.pk8 );; Verejné kľúče SSH ( *.pub )" #: ../widgets/KeyTreeView.cpp:206 msgctxt "KeyTreeView|" msgid "SSH Private Keys ( *.priv )" msgstr "Súkromné kľúče SSH ( *.priv )" #: ../widgets/KeyTreeView.cpp:207 msgctxt "KeyTreeView|" msgid "Microsoft PVK Keys ( *.pvk )" msgstr "Kľúče Microsoft PVK ( *.pvk )" #: ../ui/MainWindow.ui:25 msgctxt "MainWindow|" msgid "Private Keys" msgstr "Súkromné kľúče" #: ../ui/MainWindow.ui:49 msgctxt "MainWindow|" msgid "&New Key" msgstr "&Nový kľúč" #: ../ui/MainWindow.ui:56 ../ui/MainWindow.ui:155 ../ui/MainWindow.ui:241 #: ../ui/MainWindow.ui:369 ../ui/MainWindow.ui:434 msgctxt "MainWindow|" msgid "&Export" msgstr "&Exportovať" #: ../ui/MainWindow.ui:63 ../ui/MainWindow.ui:162 ../ui/MainWindow.ui:248 #: ../ui/MainWindow.ui:362 ../ui/MainWindow.ui:441 msgctxt "MainWindow|" msgid "&Import" msgstr "&Importovať" #: ../ui/MainWindow.ui:70 msgctxt "MainWindow|" msgid "Import PFX (PKCS#12)" msgstr "Importovať PFX (PKCS#12)" #: ../ui/MainWindow.ui:77 ../ui/MainWindow.ui:169 ../ui/MainWindow.ui:255 #: ../ui/MainWindow.ui:448 msgctxt "MainWindow|" msgid "&Show Details" msgstr "&Podrobnosti" #: ../ui/MainWindow.ui:84 ../ui/MainWindow.ui:176 ../ui/MainWindow.ui:262 #: ../ui/MainWindow.ui:355 ../ui/MainWindow.ui:455 msgctxt "MainWindow|" msgid "&Delete" msgstr "&Odstrániť" #: ../ui/MainWindow.ui:124 msgctxt "MainWindow|" msgid "Certificate signing requests" msgstr "Žiadosti" #: ../ui/MainWindow.ui:148 msgctxt "MainWindow|" msgid "&New Request" msgstr "&Nová žiadosť" #: ../widgets/MW_menu.cpp:146 ../ui/MainWindow.ui:216 msgctxt "MainWindow|" msgid "Certificates" msgstr "Certifikáty" #: ../ui/MainWindow.ui:234 msgctxt "MainWindow|" msgid "&New Certificate" msgstr "&Nový certifikát" #: ../ui/MainWindow.ui:269 msgctxt "MainWindow|" msgid "Import &PKCS#12" msgstr "Importovať &PKCS#12" #: ../ui/MainWindow.ui:276 msgctxt "MainWindow|" msgid "Import P&KCS#7" msgstr "Importovať P&KCS#7" #: ../ui/MainWindow.ui:283 msgctxt "MainWindow|" msgid "Plain View" msgstr "Prosté zobrazenie" #: ../ui/MainWindow.ui:323 msgctxt "MainWindow|" msgid "Templates" msgstr "Šablóny" #: ../ui/MainWindow.ui:341 msgctxt "MainWindow|" msgid "&New Template" msgstr "&Nová šablóna" #: ../ui/MainWindow.ui:427 msgctxt "MainWindow|" msgid "&New CRL" msgstr "&Nový CRL" #: ../ui/MainWindow.ui:348 msgctxt "MainWindow|" msgid "Ch&ange Template" msgstr "&Zmeniť šablónu" #: ../ui/MainWindow.ui:409 msgctxt "MainWindow|" msgid "Revocation lists" msgstr "Zoznamy odvolaných" #: ../widgets/MainWindow.cpp:628 msgctxt "MainWindow|" msgid "" "Using or exporting private keys will not be possible without providing the " "correct password" msgstr "" "Použitie alebo exportovanie súkromných kľúčov nebude možné bez zadania " "správneho hesla" #: ../widgets/MainWindow.cpp:634 #, qt-format msgctxt "MainWindow|" msgid "" "The currently used default hash '%1' is insecure. Please select at least " "'SHA 224' for security reasons." msgstr "" "Aktuálne použitý predvolený odtlačok „%1” nie je bezpečný. Prosím, kvôli " "bezpečnosti, zvoľte aspoň „SHA 224”." #: ../widgets/MW_menu.cpp:97 msgctxt "MainWindow|" msgid "Recent DataBases" msgstr "Nedávne databázy" #: ../widgets/MW_help.cpp:25 ../widgets/MW_menu.cpp:40 msgctxt "MainWindow|" msgid "System" msgstr "systémový" #: ../widgets/MW_help.cpp:30 msgctxt "MainWindow|" msgid "Croatian" msgstr "Chorvátčina" #: ../widgets/MW_help.cpp:33 msgctxt "MainWindow|" msgid "English" msgstr "Angličtina" #: ../widgets/MW_help.cpp:34 msgctxt "MainWindow|" msgid "French" msgstr "Francúzština" #: ../widgets/MW_help.cpp:36 msgctxt "MainWindow|" msgid "German" msgstr "Nemčina" #: ../widgets/MW_help.cpp:42 msgctxt "MainWindow|" msgid "Japanese" msgstr "Japončina" #: ../widgets/MW_help.cpp:46 msgctxt "MainWindow|" msgid "Korean" msgstr "Kórejčina" #: ../widgets/MW_help.cpp:52 msgctxt "MainWindow|" msgid "Russian" msgstr "Ruština" #: ../widgets/MW_help.cpp:53 msgctxt "MainWindow|" msgid "Slovak" msgstr "Slovenčina" #: ../widgets/MW_help.cpp:55 msgctxt "MainWindow|" msgid "Spanish" msgstr "Španielčina" #: ../widgets/MW_help.cpp:44 msgctxt "MainWindow|" msgid "Persian" msgstr "Peržština" #: ../widgets/MW_help.cpp:26 msgctxt "MainWindow|" msgid "Bulgarian" msgstr "Bulharčina" #: ../widgets/MW_help.cpp:48 msgctxt "MainWindow|" msgid "Polish" msgstr "Poľština" #: ../widgets/MW_help.cpp:40 msgctxt "MainWindow|" msgid "Italian" msgstr "Taliančina" #: ../widgets/MW_help.cpp:28 msgctxt "MainWindow|" msgid "Chinese" msgstr "Čínština" #: ../widgets/MW_help.cpp:32 msgctxt "MainWindow|" msgid "Dutch" msgstr "Holandčina" #: ../widgets/MW_help.cpp:50 msgctxt "MainWindow|" msgid "Portuguese in Brazil" msgstr "Brazílska portugalčina" #: ../widgets/MW_help.cpp:38 msgctxt "MainWindow|" msgid "Indonesian" msgstr "Indonézština" #: ../widgets/MW_help.cpp:57 msgctxt "MainWindow|" msgid "Turkish" msgstr "Turečtina" #: ../widgets/MW_menu.cpp:85 msgctxt "MainWindow|" msgid "Language" msgstr "Jazyk" #: ../widgets/MW_menu.cpp:103 msgctxt "MainWindow|" msgid "&File" msgstr "&Súbor" #: ../widgets/MW_menu.cpp:113 msgctxt "MainWindow|" msgid "Open Remote DataBase" msgstr "Otvoriť vzdialenú databázu" #: ../widgets/MW_menu.cpp:117 msgctxt "MainWindow|" msgid "Set as default DataBase" msgstr "Nastaviť ako predvolenú DB" #: ../widgets/MW_menu.cpp:105 msgctxt "MainWindow|" msgid "New DataBase" msgstr "Nová databáza" #: ../widgets/MW_menu.cpp:109 msgctxt "MainWindow|" msgid "Open DataBase" msgstr "Otvoriť databázu" #: ../widgets/MW_menu.cpp:119 msgctxt "MainWindow|" msgid "Close DataBase" msgstr "Zatvoriť databázu" #: ../widgets/MW_menu.cpp:124 msgctxt "MainWindow|" msgid "Options" msgstr "Možnosti" #: ../widgets/MW_menu.cpp:132 msgctxt "MainWindow|" msgid "Exit" msgstr "Skončiť" #: ../widgets/MW_menu.cpp:143 msgctxt "MainWindow|" msgid "I&mport" msgstr "I&mportovať" #: ../widgets/MW_menu.cpp:144 msgctxt "MainWindow|" msgid "Keys" msgstr "Kľúče" #: ../widgets/MW_menu.cpp:145 msgctxt "MainWindow|" msgid "Requests" msgstr "Žiadosti" #: ../widgets/MW_menu.cpp:147 msgctxt "MainWindow|" msgid "PKCS#12" msgstr "PKCS#12" #: ../widgets/MW_menu.cpp:148 msgctxt "MainWindow|" msgid "PKCS#7" msgstr "PKCS#7" #: ../widgets/MW_menu.cpp:149 msgctxt "MainWindow|" msgid "Template" msgstr "Šablóna" #: ../widgets/MW_menu.cpp:150 msgctxt "MainWindow|" msgid "Revocation list" msgstr "Zoznam odvolaných" #: ../widgets/MW_menu.cpp:151 msgctxt "MainWindow|" msgid "PEM file" msgstr "Súbor PEM" #: ../widgets/MW_menu.cpp:152 msgctxt "MainWindow|" msgid "Paste PEM file" msgstr "Vložte súbor PEM" #: ../widgets/MW_menu.cpp:156 msgctxt "MainWindow|" msgid "Token" msgstr "Token" #: ../widgets/MW_menu.cpp:173 msgctxt "MainWindow|" msgid "Export Certificate &Index hierarchy" msgstr "Exportovať hierarchiu &indexu certifikátov" #: ../widgets/MW_menu.cpp:191 msgctxt "MainWindow|" msgid "Content" msgstr "Obsah" #: ../widgets/MW_menu.cpp:157 msgctxt "MainWindow|" msgid "&Manage Security token" msgstr "&Spravovať Bezpečnostný token" #: ../widgets/MW_menu.cpp:159 msgctxt "MainWindow|" msgid "&Init Security token" msgstr "&Inicializovať Bezpečnostný token" #: ../widgets/MW_menu.cpp:161 msgctxt "MainWindow|" msgid "&Change PIN" msgstr "Zmeniť &PIN" #: ../widgets/MW_menu.cpp:163 msgctxt "MainWindow|" msgid "Change &SO PIN" msgstr "Zmeniť &SO PIN" #: ../widgets/MW_menu.cpp:165 msgctxt "MainWindow|" msgid "Init PIN" msgstr "Inicializovať PIN" #: ../widgets/MW_menu.cpp:168 msgctxt "MainWindow|" msgid "Extra" msgstr "Extra" #: ../widgets/MW_menu.cpp:169 msgctxt "MainWindow|" msgid "&Dump DataBase" msgstr "Vypísať &databázu" #: ../widgets/MW_menu.cpp:171 msgctxt "MainWindow|" msgid "&Export Certificate Index" msgstr "&Exportovať index certifikátov" #: ../widgets/MW_menu.cpp:175 msgctxt "MainWindow|" msgid "C&hange DataBase password" msgstr "Z&meniť heslo databázy" #: ../widgets/MW_menu.cpp:178 msgctxt "MainWindow|" msgid "&Undelete items" msgstr "O&bnoviť zmazané" #: ../widgets/MW_menu.cpp:181 msgctxt "MainWindow|" msgid "Generate DH parameter" msgstr "Generovať parametre DH" #: ../widgets/MW_menu.cpp:183 msgctxt "MainWindow|" msgid "OID Resolver" msgstr "Prekladač OID" #: ../widgets/MW_menu.cpp:190 msgctxt "MainWindow|" msgid "&Help" msgstr "&Pomocník" #: ../widgets/MW_menu.cpp:193 msgctxt "MainWindow|" msgid "About" msgstr "O programe" #: ../widgets/MainWindow.cpp:257 msgctxt "MainWindow|" msgid "Import PEM data" msgstr "Importovať dáta PEM" #: ../widgets/MainWindow.cpp:286 #, qt-format msgctxt "MainWindow|" msgid "Please enter the original SO PIN (PUK) of the token '%1'" msgstr "Prosím, zadajte pôvodný SO PIN (PUK) tokenu „%1”" #: ../widgets/MainWindow.cpp:117 ../widgets/MainWindow.cpp:792 msgctxt "MainWindow|" msgid "Search" msgstr "Hľadať" #: ../widgets/MainWindow.cpp:292 #, qt-format msgctxt "MainWindow|" msgid "Please enter the new SO PIN (PUK) for the token '%1'" msgstr "Prosím, zadajte nový SO PIN (PUK) tokenu „%1”" #: ../widgets/MainWindow.cpp:299 #, qt-format msgctxt "MainWindow|" msgid "The new label of the token '%1'" msgstr "Nová menovka tokenu „%1”" #: ../widgets/MainWindow.cpp:416 #, qt-format msgctxt "MainWindow|" msgid "The token '%1' did not contain any keys or certificates" msgstr "Token „%1” neobsahuje žiadne kľúče ani certifikáty" #: ../widgets/MainWindow.cpp:420 msgctxt "MainWindow|" msgid "Retry with PIN" msgstr "Opakovať s PIN" #: ../widgets/MainWindow.cpp:421 msgctxt "MainWindow|" msgid "Retry with SO PIN" msgstr "Opakovať s SO PIN" #: ../widgets/MainWindow.cpp:484 msgctxt "MainWindow|" msgid "Current Password" msgstr "Aktuálne heslo" #: ../widgets/MainWindow.cpp:485 msgctxt "MainWindow|" msgid "Please enter the current database password" msgstr "Prosím, zadajte heslo aktuálnej databázy" #: ../widgets/MainWindow.cpp:495 msgctxt "MainWindow|" msgid "The entered password is wrong" msgstr "Zadané heslo je zlé" #: ../widgets/MainWindow.cpp:500 msgctxt "MainWindow|" msgid "New Password" msgstr "Nové heslo" #: ../widgets/MainWindow.cpp:500 msgctxt "MainWindow|" msgid "" "Please enter the new password to encrypt your private keys in the database-" "file" msgstr "" "Prosím, zadajte nové heslo na šifrovanie svojich súkromných kľúčov v súbore " "databázy" #: ../widgets/MainWindow.cpp:524 msgctxt "MainWindow|" msgid "Transaction start failed" msgstr "Spustenie transakcie zlyhalo" #: ../widgets/MainWindow.cpp:611 #, qt-format msgctxt "MainWindow|" msgid "Database: %1" msgstr "Databáza: %1" #: ../widgets/MainWindow.cpp:639 #, qt-format msgctxt "MainWindow|" msgid "The currently used PFX / PKCS#12 algorithm '%1' is insecure." msgstr "Aktuálne zvolený algoritmus PFX / PKCS#12 „%1” nie je bezpečný." #: ../widgets/MainWindow.cpp:644 msgctxt "MainWindow|" msgid "Change" msgstr "Zmeniť" #: ../widgets/MainWindow.cpp:711 msgctxt "MainWindow|" msgid "Certificate Index ( index.txt )" msgstr "Index certifikátov (index.txt)" #: ../widgets/MainWindow.cpp:712 ../widgets/MainWindow.cpp:768 msgctxt "MainWindow|" msgid "All files ( * )" msgstr "Všetky súbory ( * )" #: ../widgets/MainWindow.cpp:735 #, qt-format msgctxt "MainWindow|" msgid "Diffie-Hellman parameters saved as: %1" msgstr "Parametre Diffie-Hellman uložené do: %1" #: ../widgets/MainWindow.cpp:753 msgctxt "MainWindow|" msgid "" "Diffie-Hellman parameters are needed for different applications, but not " "handled by XCA.\n" "Please enter the DH parameter bits" msgstr "" "Parametre Diffie-Hellman sú potrebné pre rôzne aplikácie, ale nie sú " "používané v XCA.\n" "Prosím, zadajte bity parametra DH" #: ../ui/NewCrl.ui:32 msgctxt "NewCrl|" msgid "Last update" msgstr "Posledná aktualizácia" #: ../ui/NewCrl.ui:46 msgctxt "NewCrl|" msgid "Next update" msgstr "Nasled. aktualizácia" #: ../ui/NewCrl.ui:70 msgctxt "NewCrl|" msgid "Days" msgstr "Dni" #: ../ui/NewCrl.ui:75 msgctxt "NewCrl|" msgid "Months" msgstr "Mesiace" #: ../ui/NewCrl.ui:80 msgctxt "NewCrl|" msgid "Years" msgstr "Roky" #: ../ui/NewCrl.ui:88 msgctxt "NewCrl|" msgid "Midnight" msgstr "Polnoc" #: ../ui/NewCrl.ui:95 msgctxt "NewCrl|" msgid "Local time" msgstr "Lokálny čas" #: ../ui/NewCrl.ui:102 msgctxt "NewCrl|" msgid "Apply" msgstr "Použiť" #: ../ui/NewCrl.ui:128 msgctxt "NewCrl|" msgid "Options" msgstr "Voľby" #: ../ui/NewCrl.ui:172 msgctxt "NewCrl|" msgid "CRL number" msgstr "Číslo CRL" #: ../ui/NewCrl.ui:144 msgctxt "NewCrl|" msgid "Subject alternative name" msgstr "Alternatívne meno predmetu" #: ../ui/NewCrl.ui:199 msgctxt "NewCrl|" msgid "Revocation reasons" msgstr "Dôvody odvolania" #: ../ui/NewCrl.ui:158 msgctxt "NewCrl|" msgid "Authority key identifier" msgstr "Identifikátor kľúča autority" #: ../ui/NewCrl.ui:134 msgctxt "NewCrl|" msgid "Hash algorithm" msgstr "Algoritmus odtlačku" #: ../widgets/NewCrl.cpp:78 msgctxt "NewCrl|" msgid "Create CRL" msgstr "Vytvoriť CRL" #: ../ui/NewKey.ui:86 msgctxt "NewKey|" msgid "Please give a name to the new key and select the desired keysize" msgstr "Prosím, zadajte meno nového kľúča a zvoľte jeho požadovanú veľkosť" #: ../ui/NewKey.ui:96 msgctxt "NewKey|" msgid "Key properties" msgstr "Vlastnosti kľúča" #: ../ui/NewKey.ui:102 msgctxt "NewKey|" msgid "Name" msgstr "Názov" #: ../ui/NewKey.ui:121 msgctxt "NewKey|" msgid "The internal name of the new key" msgstr "Interný názov nového kľúča" #: ../ui/NewKey.ui:151 msgctxt "NewKey|" msgid "Curve name" msgstr "Názov krivky" #: ../ui/NewKey.ui:171 msgctxt "NewKey|" msgid "Usually at least 2048 bit keys are recommended" msgstr "Zvyčajne sú odporúčané kľúče aspoň 2048 bitov" #: ../ui/NewKey.ui:39 ../ui/NewKey.ui:124 msgctxt "NewKey|" msgid "New Key" msgstr "Nový kľúč" #: ../ui/NewKey.ui:158 msgctxt "NewKey|" msgid "Keysize" msgstr "Veľkosť kľúča" #: ../ui/NewKey.ui:178 msgctxt "NewKey|" msgid "Keytype" msgstr "Typ kľúča" #: ../ui/NewKey.ui:188 msgctxt "NewKey|" msgid "Remember as default" msgstr "Zapamätať ako predvolené" #: ../widgets/NewKey.cpp:135 msgctxt "NewKey|" msgid "Create" msgstr "Vytvoriť" #: ../ui/NewX509.ui:75 msgctxt "NewX509|" msgid "Source" msgstr "Zdroj" #: ../ui/NewX509.ui:97 msgctxt "NewX509|" msgid "Signing request" msgstr "Žiadosť o podpísanie" #: ../ui/NewX509.ui:121 msgctxt "NewX509|" msgid "Show request" msgstr "Zobraziť žiadosť" #: ../ui/NewX509.ui:128 msgctxt "NewX509|" msgid "Sign this Certificate signing &request" msgstr "Podpísať túto Žiadosť o certifikát" #: ../ui/NewX509.ui:135 msgctxt "NewX509|" msgid "Copy extensions from the request" msgstr "Kopírovať rozšírenia zo žiadosti" #: ../ui/NewX509.ui:145 msgctxt "NewX509|" msgid "Modify subject of the request" msgstr "Zmeniť predmet žiadosti" #: ../ui/NewX509.ui:177 msgctxt "NewX509|" msgid "Signing" msgstr "Podpísanie" #: ../ui/NewX509.ui:185 msgctxt "NewX509|" msgid "Create a &self signed certificate" msgstr "Vytvoriť &sebou podpísaný certifikát" #: ../ui/NewX509.ui:199 msgctxt "NewX509|" msgid "Use &this Certificate for signing" msgstr "Podpísať &týmto certifikátom" #: ../ui/NewX509.ui:206 msgctxt "NewX509|" msgid "All certificates in your database that can create valid signatures" msgstr "Všetky certifikáty v databáze, ktoré môžu vytvoriť platný podpis" #: ../ui/NewX509.ui:233 msgctxt "NewX509|" msgid "Signature algorithm" msgstr "Algoritmus podpisu" #: ../ui/NewX509.ui:261 msgctxt "NewX509|" msgid "Template for the new certificate" msgstr "Šablóna nového certifikátu" #: ../ui/NewX509.ui:273 msgctxt "NewX509|" msgid "All available templates" msgstr "Všetky dostupné šablóny" #: ../ui/NewX509.ui:295 msgctxt "NewX509|" msgid "Apply extensions" msgstr "Pridať rozšírenia" #: ../ui/NewX509.ui:302 msgctxt "NewX509|" msgid "Apply subject" msgstr "Pridať predmet" #: ../ui/NewX509.ui:315 msgctxt "NewX509|" msgid "Apply all" msgstr "Pridať všetko" #: ../widgets/NewX509.cpp:611 ../ui/NewX509.ui:344 msgctxt "NewX509|" msgid "Subject" msgstr "Predmet" #: ../ui/NewX509.ui:352 msgctxt "NewX509|" msgid "Internal Name" msgstr "Interný názov" #: ../ui/NewX509.ui:368 msgctxt "NewX509|" msgid "Distinguished name" msgstr "Rozlišovací názov" #: ../ui/NewX509.ui:394 msgctxt "NewX509|" msgid "Add" msgstr "Pridať" #: ../ui/NewX509.ui:401 msgctxt "NewX509|" msgid "Delete" msgstr "Odstrániť" #: ../ui/NewX509.ui:438 msgctxt "NewX509|" msgid "Private key" msgstr "Súkromný kľúč" #: ../ui/NewX509.ui:450 msgctxt "NewX509|" msgid "This list only contains unused keys" msgstr "Tento zoznam obsahuje len nepoužité kľúče" #: ../ui/NewX509.ui:457 msgctxt "NewX509|" msgid "Used keys too" msgstr "Aj použité kľúče" #: ../ui/NewX509.ui:464 msgctxt "NewX509|" msgid "&Generate a new key" msgstr "&Generovať nový kľúč" #: ../ui/NewX509.ui:475 msgctxt "NewX509|" msgid "Extensions" msgstr "Rozšírenia" #: ../ui/NewX509.ui:486 msgctxt "NewX509|" msgid "Type" msgstr "Typ" #: ../ui/NewX509.ui:493 msgctxt "NewX509|" msgid "If this will become a CA certificate or not" msgstr "Či to bude certifikát CA alebo nie" #: ../ui/NewX509.ui:497 msgctxt "NewX509|" msgid "Not defined" msgstr "Nedefinované" #: ../ui/NewX509.ui:502 msgctxt "NewX509|" msgid "Certification Authority" msgstr "Certifikačná autorita" #: ../ui/NewX509.ui:507 msgctxt "NewX509|" msgid "End Entity" msgstr "Koncový certifikát" #: ../ui/NewX509.ui:515 msgctxt "NewX509|" msgid "Path length" msgstr "Dĺžka cesty" #: ../ui/NewX509.ui:522 msgctxt "NewX509|" msgid "How much CAs may be below this." msgstr "Koľko CA môže byť pod týmto." #: ../ui/NewX509.ui:529 msgctxt "NewX509|" msgid "The basic constraints should always be critical" msgstr "Základné obmedzenia by mali byť vždy kritické" #: ../ui/NewX509.ui:542 msgctxt "NewX509|" msgid "Key identifier" msgstr "Identifikátor kľúča" #: ../ui/NewX509.ui:563 msgctxt "NewX509|" msgid "Creates a hash of the key following the PKIX guidelines" msgstr "Vytvorí odtlačok kľúča v súlade s odporúčaním PKIX" #: ../ui/NewX509.ui:573 msgctxt "NewX509|" msgid "Copy the Subject Key Identifier from the issuer" msgstr "Kopírovať Identifikátor kľúča predmetu vydavateľa" #: ../ui/NewX509.ui:619 msgctxt "NewX509|" msgid "Validity" msgstr "Platnosť" #: ../ui/NewX509.ui:625 msgctxt "NewX509|" msgid "Not before" msgstr "Nie pred" #: ../ui/NewX509.ui:639 msgctxt "NewX509|" msgid "Not after" msgstr "Nie po" #: ../ui/NewX509.ui:656 msgctxt "NewX509|" msgid "Time range" msgstr "Časový rozsah" #: ../ui/NewX509.ui:666 msgctxt "NewX509|" msgid "Days" msgstr "Dni" #: ../ui/NewX509.ui:671 msgctxt "NewX509|" msgid "Months" msgstr "Mesiace" #: ../ui/NewX509.ui:676 msgctxt "NewX509|" msgid "Years" msgstr "Roky" #: ../ui/NewX509.ui:704 msgctxt "NewX509|" msgid "Apply" msgstr "Použiť" #: ../ui/NewX509.ui:711 msgctxt "NewX509|" msgid "Set the time to 00:00:00 and 23:59:59 respectively" msgstr "Nastavuje čas na 00:00:00 a 23:59:59" #: ../ui/NewX509.ui:714 msgctxt "NewX509|" msgid "Midnight" msgstr "Polnoc" #: ../ui/NewX509.ui:684 msgctxt "NewX509|" msgid "Local time" msgstr "Lokálny čas" #: ../ui/NewX509.ui:691 msgctxt "NewX509|" msgid "No well-defined expiration" msgstr "Bez vypršania" #: ../ui/NewX509.ui:768 ../ui/NewX509.ui:811 ../ui/NewX509.ui:834 #: ../ui/NewX509.ui:863 msgctxt "NewX509|" msgid "DNS: IP: URI: email: RID:" msgstr "DNS:, IP:, URI:, email:, RID:" #: ../widgets/NewX509.cpp:1029 ../ui/NewX509.ui:775 ../ui/NewX509.ui:801 #: ../ui/NewX509.ui:827 ../ui/NewX509.ui:870 ../ui/NewX509.ui:896 msgctxt "NewX509|" msgid "Edit" msgstr "Upraviť" #: ../ui/NewX509.ui:922 msgctxt "NewX509|" msgid "URI:" msgstr "URI:" #: ../ui/NewX509.ui:932 msgctxt "NewX509|" msgid "Key usage" msgstr "Použitie kľúča" #: ../ui/NewX509.ui:1070 msgctxt "NewX509|" msgid "Netscape" msgstr "Netscape" #: ../ui/NewX509.ui:1228 msgctxt "NewX509|" msgid "Advanced" msgstr "Pokročilé" #: ../widgets/NewX509.cpp:1039 ../ui/NewX509.ui:1252 msgctxt "NewX509|" msgid "Validate" msgstr "Overiť" #: ../ui/NewX509.ui:1275 msgctxt "NewX509|" msgid "Comment" msgstr "Komentár" #: ../ui/NewX509.ui:359 msgctxt "NewX509|" msgid "" "This name is only used internally and does not appear in the resulting " "certificate" msgstr "" "Tento názov je použitý len interne a neobjaví sa vo výslednom certifikáte" #: ../widgets/NewX509.cpp:276 msgctxt "NewX509|" msgid "Critical" msgstr "Kritické" #: ../widgets/NewX509.cpp:317 msgctxt "NewX509|" msgid "Create Certificate signing request" msgstr "Vytvoriť Žiadosť o podpísanie certifikátu" #: ../widgets/NewX509.cpp:343 #, qt-format msgctxt "NewX509|" msgid "minimum size: %1" msgstr "minimálna veľkosť: %1" #: ../widgets/NewX509.cpp:345 #, qt-format msgctxt "NewX509|" msgid "maximum size: %1" msgstr "maximálna veľkosť: %1" #: ../widgets/NewX509.cpp:347 msgctxt "NewX509|" msgid "only a-z A-Z 0-9 '()+,-./:=?" msgstr "len a-z A-Z 0-9 '()+,-./:=?" #: ../widgets/NewX509.cpp:351 msgctxt "NewX509|" msgid "only 7-bit clean characters" msgstr "len prosté 7-b znaky" #: ../widgets/NewX509.cpp:376 msgctxt "NewX509|" msgid "Edit XCA template" msgstr "Upraviť šablónu XCA" #: ../widgets/NewX509.cpp:391 msgctxt "NewX509|" msgid "Create x509 Certificate" msgstr "Vytvoriť certifikát x509" #: ../widgets/NewX509.cpp:779 #, qt-format msgctxt "NewX509|" msgid "Template '%1' applied" msgstr "Šablóna „%1” aplikovaná" #: ../widgets/NewX509.cpp:786 #, qt-format msgctxt "NewX509|" msgid "Subject applied from template '%1'" msgstr "Predmet nastavený zo šablóny „%1”" #: ../widgets/NewX509.cpp:794 #, qt-format msgctxt "NewX509|" msgid "Extensions applied from template '%1'" msgstr "Rozšírenia nastavené zo šablóny „%1”" #: ../widgets/NewX509.cpp:809 #, qt-format msgctxt "NewX509|" msgid "New key '%1' created" msgstr "Vytvorený nový kľúč „%1”" #: ../widgets/NewX509.cpp:1061 msgctxt "NewX509|" msgid "Other Tabs" msgstr "Záložka Iné" #: ../widgets/NewX509.cpp:1077 msgctxt "NewX509|" msgid "Advanced Tab" msgstr "Záložka Pokročilé" #: ../widgets/NewX509.cpp:1084 msgctxt "NewX509|" msgid "Errors" msgstr "Chyby" #: ../widgets/NewX509.cpp:1103 msgctxt "NewX509|" msgid "From PKCS#10 request" msgstr "Zo žiadosti PKCS#10" #: ../widgets/NewX509.cpp:1113 msgctxt "NewX509|" msgid "Error" msgstr "Chyba" #: ../widgets/NewX509.cpp:1113 msgctxt "NewX509|" msgid "duplicate extensions" msgstr "duplicitné rozšírenie" #: ../widgets/NewX509.cpp:1122 msgctxt "NewX509|" msgid "The Name Constraints are invalid" msgstr "Obmedzenia mena sú neplatné" #: ../widgets/NewX509.cpp:1124 msgctxt "NewX509|" msgid "The Subject Alternative Name is invalid" msgstr "Alternatívne meno predmetu (SAN) je neplatné" #: ../widgets/NewX509.cpp:1126 msgctxt "NewX509|" msgid "The Issuer Alternative Name is invalid" msgstr "Alternatívny názov vydavateľa (IAN) je neplatný" #: ../widgets/NewX509.cpp:1128 msgctxt "NewX509|" msgid "The CRL Distribution Point is invalid" msgstr "Distribučné bod CRL je neplatný" #: ../widgets/NewX509.cpp:1130 msgctxt "NewX509|" msgid "The Authority Information Access is invalid" msgstr "Prístup k informácii CA (AIA) je neplatný" #: ../widgets/NewX509.cpp:1241 ../widgets/NewX509.cpp:1254 #: ../widgets/NewX509.cpp:1273 ../widgets/NewX509.cpp:1285 #: ../widgets/NewX509.cpp:1301 ../widgets/NewX509.cpp:1315 #: ../widgets/NewX509.cpp:1349 ../widgets/NewX509.cpp:1368 #: ../widgets/NewX509.cpp:1391 ../widgets/NewX509.cpp:1414 #: ../widgets/NewX509.cpp:1449 ../widgets/NewX509.cpp:1469 #: ../widgets/NewX509.cpp:1502 msgctxt "NewX509|" msgid "Abort rollout" msgstr "Prerušiť operáciu" #: ../widgets/NewX509.cpp:1250 msgctxt "NewX509|" msgid "The following length restrictions of RFC3280 are violated:" msgstr "Nie sú splnené Nasledujúce obmedzenia veľkosti z RFC3280:" #: ../widgets/NewX509.cpp:1253 ../widgets/NewX509.cpp:1314 msgctxt "NewX509|" msgid "Edit subject" msgstr "Upraviť predmet" #: ../widgets/NewX509.cpp:1255 ../widgets/NewX509.cpp:1316 #: ../widgets/NewX509.cpp:1369 ../widgets/NewX509.cpp:1392 #: ../widgets/NewX509.cpp:1415 ../widgets/NewX509.cpp:1450 #: ../widgets/NewX509.cpp:1470 ../widgets/NewX509.cpp:1503 msgctxt "NewX509|" msgid "Continue rollout" msgstr "Pokračovať v operácii" #: ../widgets/NewX509.cpp:1271 msgctxt "NewX509|" msgid "" "The verification of the Certificate request failed.\n" "The rollout should be aborted." msgstr "" "Overenie žiadosti o certifikát zlyhalo.\n" "Operácia by mala byť prerušená." #: ../widgets/NewX509.cpp:1272 msgctxt "NewX509|" msgid "Continue anyway" msgstr "Pokračovať i tak" #: ../widgets/NewX509.cpp:1283 msgctxt "NewX509|" msgid "" "The internal name and the common name are empty.\n" "Please set at least the internal name." msgstr "" "Interný názov a bežný názov sú prázdne.\n" "Prosím, zadajte aspoň interný názov." #: ../widgets/NewX509.cpp:1284 msgctxt "NewX509|" msgid "Edit name" msgstr "Upraviť názov" #: ../widgets/NewX509.cpp:1299 msgctxt "NewX509|" msgid "There is no Key selected for signing." msgstr "Nebol zvolený kľúč na podpísanie." #: ../widgets/NewX509.cpp:1300 msgctxt "NewX509|" msgid "Select key" msgstr "Vybrať kľúč" #: ../widgets/NewX509.cpp:1312 #, qt-format msgctxt "NewX509|" msgid "" "The following distinguished name entries are empty:\n" "%1\n" "though you have declared them as mandatory in the options menu." msgstr "" "Nasledujúce položky rozlišovacieho názvu sú prázdne:\n" "%1\n" "hoci ste ich v nastavení definovali ako povinné." #: ../widgets/NewX509.cpp:1346 msgctxt "NewX509|" msgid "The key you selected for signing is not a private one." msgstr "Kľúč, zvolený na podpísanie, nie je súkromný." #: ../widgets/NewX509.cpp:1347 msgctxt "NewX509|" msgid "Select other signer" msgstr "Zvoliť iného vydavateľa" #: ../widgets/NewX509.cpp:1347 msgctxt "NewX509|" msgid "Select other key" msgstr "Zvoliť iný kľúč" #: ../widgets/NewX509.cpp:1357 #, qt-format msgctxt "NewX509|" msgid "" "The currently selected hash algorithm '%1' is insecure and should not be " "used." msgstr "" "Aktuálne zvolený algoritmus odtlačku „%1” nie je bezpečný a nemá byť " "používaný." #: ../widgets/NewX509.cpp:1358 msgctxt "NewX509|" msgid "Select other algorithm" msgstr "Zvoľte iný algoritmus" #: ../widgets/NewX509.cpp:1359 msgctxt "NewX509|" msgid "Use algorithm anyway" msgstr "Použiť algoritmus aj tak" #: ../widgets/NewX509.cpp:1365 msgctxt "NewX509|" msgid "" "The certificate will be earlier valid than the signer. This is probably not " "what you want." msgstr "" "Certifikát bude platný skôr ako jeho vydavateľ. To asi nie je to, čo chcete." #: ../widgets/NewX509.cpp:1367 ../widgets/NewX509.cpp:1390 #: ../widgets/NewX509.cpp:1413 msgctxt "NewX509|" msgid "Edit dates" msgstr "Upraviť dátumy" #: ../widgets/NewX509.cpp:1370 ../widgets/NewX509.cpp:1393 msgctxt "NewX509|" msgid "Adjust date and continue" msgstr "Opraviť dátum a pokračovať" #: ../widgets/NewX509.cpp:1388 msgctxt "NewX509|" msgid "" "The certificate will be longer valid than the signer. This is probably not " "what you want." msgstr "" "Certifikát bude platný dlhšie ako jeho vydavateľ. To asi nie je to, čo " "chcete." #: ../widgets/NewX509.cpp:1411 msgctxt "NewX509|" msgid "" "The certificate will be out of date before it becomes valid. You most " "probably mixed up both dates." msgstr "" "Certifikát vyprší ešte pred nadobudnutím platnosti. Pravdepodobne ste " "zamenili oba dátumy." #: ../widgets/NewX509.cpp:1433 msgctxt "NewX509|" msgid "" "The certificate contains invalid or duplicate extensions. Check the " "validation on the advanced tab." msgstr "" "Certifikát obsahuje neplatné alebo duplicitné rozšírenia. Skontrolujte " "platnosť na záložke Pokročilé." #: ../widgets/NewX509.cpp:1437 msgctxt "NewX509|" msgid "" "The certificate contains no extensions. You may apply the extensions of one " "of the templates to define the purpose of the certificate." msgstr "" "Certifikát neobsahuje rozšírenia. Na definovanie určenia certifikátu môžete " "pridať rozšírenia jednej zo šablón." #: ../widgets/NewX509.cpp:1441 msgctxt "NewX509|" msgid "The certificate contains invalid extensions." msgstr "Certifikát obsahuje neplatné rozšírenie." #: ../widgets/NewX509.cpp:1448 ../widgets/NewX509.cpp:1468 #: ../widgets/NewX509.cpp:1501 msgctxt "NewX509|" msgid "Edit extensions" msgstr "Upraviť rozšírenia" #: ../widgets/NewX509.cpp:1467 msgctxt "NewX509|" msgid "" "The subject alternative name shall contain a copy of the common name. " "However, the common name is empty." msgstr "" "Alternatívne meno predmetu má obsahovať kópiu bežného mena. Avšak, bežné " "meno je prázdne." #: ../widgets/NewX509.cpp:1498 #, qt-format msgctxt "NewX509|" msgid "A name constraint of the issuer '%1' is violated: %2" msgstr "Obmedzenie mena vydavateľa „%1” je porušené: %2" #: ../widgets/NewX509_ext.cpp:173 #, qt-format msgctxt "NewX509|" msgid "Configfile error on line %1\n" msgstr "Chyba konfiguračného súboru v riadku %1\n" #: ../ui/OidResolver.ui:28 msgctxt "OidResolver|" msgid "OID Resolver" msgstr "Prekladač OID" #: ../ui/OidResolver.ui:38 msgctxt "OidResolver|" msgid "Enter the OID, the Nid, or one of the textual representations" msgstr "Zadajte OID, Nid alebo jednu z textových reprezentácií" #: ../ui/OidResolver.ui:47 msgctxt "OidResolver|" msgid "Search" msgstr "Hľadať" #: ../ui/OidResolver.ui:74 msgctxt "OidResolver|" msgid "OID" msgstr "OID" #: ../ui/OidResolver.ui:119 msgctxt "OidResolver|" msgid "Long name" msgstr "Dlhý názov" #: ../ui/OidResolver.ui:145 ../ui/OidResolver.ui:167 msgctxt "OidResolver|" msgid "OpenSSL internal ID" msgstr "Interné ID OpenSSL" #: ../ui/OidResolver.ui:148 msgctxt "OidResolver|" msgid "Nid" msgstr "Nid" #: ../ui/OidResolver.ui:177 msgctxt "OidResolver|" msgid "Short name" msgstr "Krátky názov" #: ../ui/OpenDb.ui:36 msgctxt "OpenDb|" msgid "Open remote database" msgstr "Otvoriť vzdialené databázu" #: ../ui/OpenDb.ui:98 msgctxt "OpenDb|" msgid "Database type" msgstr "Typ databázy" #: ../ui/OpenDb.ui:108 msgctxt "OpenDb|" msgid "Hostname" msgstr "Názov stroja" #: ../ui/OpenDb.ui:118 msgctxt "OpenDb|" msgid "Username" msgstr "Meno používateľa" #: ../ui/OpenDb.ui:128 msgctxt "OpenDb|" msgid "Password" msgstr "Heslo" #: ../widgets/OpenDb.cpp:57 ../ui/OpenDb.ui:142 msgctxt "OpenDb|" msgid "Database name" msgstr "Názov databázy" #: ../ui/OpenDb.ui:152 msgctxt "OpenDb|" msgid "Table prefix" msgstr "Predpona tabuľky" #: ../widgets/OpenDb.cpp:128 msgctxt "OpenDb|" msgid "" "No SqLite3 driver available. Please install the qt-sqlite package of your " "distribution" msgstr "" "Nie je dostupný ovládač SQLite3. Prosím, nainštalujte balík qt-sqlite svojej " "distribúcie" #: ../ui/Options.ui:28 msgctxt "Options|" msgid "XCA Options" msgstr "Nastavenia XCA" #: ../ui/Options.ui:42 msgctxt "Options|" msgid "Settings" msgstr "Nastavenia" #: ../ui/Options.ui:50 msgctxt "Options|" msgid "Default hash algorithm" msgstr "Predvolený algoritmus odtlačku" #: ../ui/Options.ui:78 msgctxt "Options|" msgid "String types" msgstr "Typy reťazcov" #: ../ui/Options.ui:90 msgctxt "Options|" msgid "Suppress success messages" msgstr "Potlačiť správy o úspechu" #: ../ui/Options.ui:123 msgctxt "Options|" msgid "Don't colorize expired certificates" msgstr "Nezvýrazňovať vypršané certifikáty" #: ../ui/Options.ui:104 #, qt-format msgctxt "Options|" msgid "Translate established x509 terms (%1 -> %2)" msgstr "Preložiť platné položky x509 (%1 -> %2)" #: ../ui/Options.ui:111 msgctxt "Options|" msgid "" "The hashing functionality of the token is not used by XCA.\n" "It may however honor a restricted hash-set propagated by the token.\n" "Especially EC and DSA are only defined with SHA1 in the PKCS#11 " "specification." msgstr "" "Hašovacia funkčnosť tokenu nie je v XCA použitá.\n" "Môže však rešpektovať obmedzenú sadu hašovacích algoritmov zverejnených " "tokenom.\n" "Najmä EC a DSA sú v špecifikácii PKCS#11 definované len s SHA1." #: ../ui/Options.ui:116 msgctxt "Options|" msgid "Only use hashes supported by the token when signing with a token key" msgstr "" "Použiť len odtlačky podporované tokenom pri podpisovaní kľúčom z tokenu" #: ../ui/Options.ui:97 msgctxt "Options|" msgid "Disable legacy Netscape extensions" msgstr "Vypnúť staré rozšírenia Netscape" #: ../ui/Options.ui:64 msgctxt "Options|" msgid "PKCS12 encryption algorithm" msgstr "Algoritmus šifrovania PKCS12" #: ../ui/Options.ui:141 msgctxt "Options|" msgid "Certificate expiry warning threshold" msgstr "Hranica upozornenia vypršania platnosti certifikátu" #: ../ui/Options.ui:160 msgctxt "Options|" msgid "Send vCalendar expiry reminder" msgstr "Poslať pripomienku vCalendar o vypršaní platnosti" #: ../ui/Options.ui:171 msgctxt "Options|" msgid "Serial number length" msgstr "Dĺžka sériového čísla" #: ../ui/Options.ui:178 msgctxt "Options|" msgid " bit" msgstr " bit" #: ../ui/Options.ui:213 msgctxt "Options|" msgid "Distinguished name" msgstr "Rozlišovací názov" #: ../ui/Options.ui:219 msgctxt "Options|" msgid "Mandatory subject entries" msgstr "Povinné položky predmetu" #: ../ui/Options.ui:237 ../ui/Options.ui:298 ../ui/Options.ui:380 msgctxt "Options|" msgid "Add" msgstr "Pridať" #: ../ui/Options.ui:244 ../ui/Options.ui:305 msgctxt "Options|" msgid "Delete" msgstr "Odstrániť" #: ../ui/Options.ui:269 msgctxt "Options|" msgid "Explicit subject entries" msgstr "Explicitné položky predmetu" #: ../ui/Options.ui:287 msgctxt "Options|" msgid "Dynamically arrange explicit subject entries" msgstr "Dynamicky rozložiť explicitné položky predmetu" #: ../ui/Options.ui:312 msgctxt "Options|" msgid "Default" msgstr "Predvolené" #: ../ui/Options.ui:338 msgctxt "Options|" msgid "PKCS#11 provider" msgstr "Poskytovateľ PKCS#11" #: ../ui/Options.ui:393 msgctxt "Options|" msgid "Remove" msgstr "Odstrániť" #: ../ui/Options.ui:400 msgctxt "Options|" msgid "Search" msgstr "Hľadať" #: ../widgets/Options.cpp:36 msgctxt "Options|" msgid "Printable string or UTF8 (default)" msgstr "Tlačiteľné znaky alebo UTF-8 (predvolené)" #: ../widgets/Options.cpp:37 msgctxt "Options|" msgid "PKIX recommendation in RFC2459" msgstr "Odporúčania PKIX v RFC2459" #: ../widgets/Options.cpp:38 msgctxt "Options|" msgid "No BMP strings, only printable and T61" msgstr "Nie reťazce BMP, len tlačiteľné a T61" #: ../widgets/Options.cpp:39 msgctxt "Options|" msgid "UTF8 strings only (RFC2459)" msgstr "Len reťazce UTF-8 (RFC2459)" #: ../widgets/Options.cpp:40 msgctxt "Options|" msgid "All strings" msgstr "Všetky reťazce" #: ../widgets/Options.cpp:62 msgctxt "Options|" msgid "Days" msgstr "Dni" #: ../widgets/Options.cpp:62 msgctxt "Options|" msgid "Weeks" msgstr "Týždne" #: ../ui/PwDialog.ui:118 msgctxt "PwDialog|" msgid "" "The password is parsed as 2-digit hex code. It must have an even number of " "digits (0-9 and a-f)" msgstr "" "Heslo je spracované ako 2-ciferný šestnástkový kód. Musí mať párny počet " "číslic (0-9 a a-f)" #: ../ui/PwDialog.ui:121 msgctxt "PwDialog|" msgid "Take as HEX string" msgstr "Zadajte šestnástkový reťazec" #: ../widgets/PwDialog.cpp:72 #, qt-format msgctxt "PwDialog|" msgid "Repeat %1" msgstr "Opakovať %1" #: ../widgets/PwDialog.cpp:85 #, qt-format msgctxt "PwDialog|" msgid "%1 mismatch" msgstr "%1 nezhoda" #: ../widgets/PwDialog.cpp:92 msgctxt "PwDialog|" msgid "" "Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it " "must consist of an even number of characters" msgstr "" "Šestnástkové heslo môže obsahovať len znaky „0” – „9” a „a” – „f” a musí mať " "párny počet znakov" #: ../widgets/PwDialog.cpp:121 msgctxt "PwDialog|" msgid "Exit" msgstr "Skončiť" #: ../lib/asn1time.cpp:142 msgctxt "QObject|" msgid "Undefined" msgstr "Nedefinované" #: ../lib/asn1time.cpp:144 msgctxt "QObject|" msgid "Broken / Invalid" msgstr "Poškodený/Neplatný" #: ../lib/asn1time.cpp:190 #, qt-format msgctxt "QObject|" msgid "in %1 seconds" msgstr "za %1 sekúnd" #: ../lib/asn1time.cpp:191 #, qt-format msgctxt "QObject|" msgid "%1 seconds ago" msgstr "pred %1 sekundami" #: ../lib/asn1time.cpp:194 #, qt-format msgctxt "QObject|" msgid "in %1 minutes" msgstr "za %1 minút" #: ../lib/asn1time.cpp:195 #, qt-format msgctxt "QObject|" msgid "%1 minutes ago" msgstr "pred %1 minútami" #: ../lib/asn1time.cpp:197 msgctxt "QObject|" msgid "Yesterday" msgstr "Včera" #: ../lib/asn1time.cpp:199 msgctxt "QObject|" msgid "Tomorrow" msgstr "Zajtra" #: ../lib/asn1time.cpp:202 #, qt-format msgctxt "QObject|" msgid "in %1 hours" msgstr "za %1 hodiny" #: ../lib/asn1time.cpp:203 #, qt-format msgctxt "QObject|" msgid "%1 hours ago" msgstr "pred %1 hodinami" #: ../lib/pki_temp.cpp:31 ../lib/pki_temp.cpp:41 msgctxt "QObject|" msgid "Out of data" msgstr "Nedostatok dát" #: ../lib/pki_temp.cpp:52 msgctxt "QObject|" msgid "Error finding endmarker of string" msgstr "Chyba nájdenia koncovej značky reťazca" #: ../lib/load_obj.cpp:20 msgctxt "QObject|" msgid "All files ( * )" msgstr "Všetky súbory ( * )" #: ../lib/load_obj.cpp:56 msgctxt "QObject|" msgid "" "PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK " "Keys ( *.pvk );; SSH Public Keys ( *.pub );;" msgstr "" "Kľúče PKI ( *.pem *.der *.key );; Kľúče PKCS#8 ( *.p8 *.pk8 );; Kľúče " "Microsoft PVK ( *.pvk );; Verejné kľúče SSH ( *.pub );;" #: ../lib/load_obj.cpp:60 msgctxt "QObject|" msgid "Import RSA key" msgstr "Importovať kľúč RSA" #: ../lib/load_obj.cpp:72 msgctxt "QObject|" msgid "PKCS#10 CSR ( *.pem *.der *.csr );; " msgstr "Žiadosť PKCS#10 ( *.pem *.der *.csr );; " #: ../lib/load_obj.cpp:73 msgctxt "QObject|" msgid "Import Request" msgstr "Importovať Žiadosť" #: ../lib/load_obj.cpp:85 msgctxt "QObject|" msgid "Certificates ( *.pem *.der *.crt *.cer );;" msgstr "Certifikáty ( *.pem *.der *.crt *.cer );;" #: ../lib/load_obj.cpp:86 msgctxt "QObject|" msgid "Import X.509 Certificate" msgstr "Importovať Certifikát X.509" #: ../lib/load_obj.cpp:98 msgctxt "QObject|" msgid "PKCS#7 data ( *.p7s *.p7m *.p7b );;" msgstr "Dáta PKCS#7 ( *.p7s *.p7m *.p7b );;" #: ../lib/load_obj.cpp:99 msgctxt "QObject|" msgid "Import PKCS#7 Certificates" msgstr "Importovať Certifikáty PKCS#7" #: ../lib/load_obj.cpp:111 msgctxt "QObject|" msgid "PKCS#12 Certificates ( *.p12 *.pfx );;" msgstr "Certifikáty PKCS#12 ( *.p12 *.pfx );;" #: ../lib/load_obj.cpp:112 msgctxt "QObject|" msgid "Import PKCS#12 Private Certificate" msgstr "Importovať Súkromný certifikát PKCS#12" #: ../lib/load_obj.cpp:125 msgctxt "QObject|" msgid "XCA templates ( *.xca );;" msgstr "Šablóny XCA ( *.xca );;" #: ../lib/load_obj.cpp:126 msgctxt "QObject|" msgid "Import XCA Templates" msgstr "Importovať Šablóny XCA" #: ../lib/load_obj.cpp:138 msgctxt "QObject|" msgid "Revocation lists ( *.pem *.der *.crl );;" msgstr "Zoznamy odvolaných ( *.pem *.der *.crl );;" #: ../lib/load_obj.cpp:139 msgctxt "QObject|" msgid "Import Certificate Revocation List" msgstr "Importovať Zoznam odvolaných certifikátov" #: ../lib/load_obj.cpp:151 msgctxt "QObject|" msgid "XCA Databases ( *.xdb );;" msgstr "Databázy XCA ( *.xdb );;" #: ../lib/load_obj.cpp:152 msgctxt "QObject|" msgid "Open XCA Database" msgstr "Otvoriť databázu XCA" #: ../lib/load_obj.cpp:159 msgctxt "QObject|" msgid "OpenVPN tls-auth key ( *.key );;" msgstr "Kľúč OpenVPN tls-auth ( *.key );;" #: ../lib/load_obj.cpp:160 msgctxt "QObject|" msgid "Import OpenVPN tls-auth key" msgstr "Importovať kľúč OpenVPN tls-auth" #: ../lib/load_obj.cpp:168 msgctxt "QObject|" msgid "PKCS#11 library ( *.dll );;" msgstr "Knižnica PKCS#11 ( *.dll );;" #: ../lib/load_obj.cpp:170 msgctxt "QObject|" msgid "PKCS#11 library ( *.dylib *.so );;" msgstr "Knižnica PKCS#11 ( *.dylib *.so );;" #: ../lib/load_obj.cpp:172 msgctxt "QObject|" msgid "PKCS#11 library ( *.so );;" msgstr "Knižnica PKCS#11 ( *.so );;" #: ../lib/load_obj.cpp:174 msgctxt "QObject|" msgid "Open PKCS#11 shared library" msgstr "Otvoriť zdieľanú knižnicu PKCS#11" #: ../lib/load_obj.cpp:181 msgctxt "QObject|" msgid "PEM files ( *.pem );;" msgstr "Súbory PEM ( *.pem );;" #: ../lib/load_obj.cpp:182 msgctxt "QObject|" msgid "Load PEM encoded file" msgstr "Načítať súbor kódovaný PEM" #: ../lib/pkcs11.cpp:219 msgctxt "QObject|" msgid "Please enter the PIN on the PinPad" msgstr "Prosím, zadajte PIN na PinPad-e" #: ../lib/pkcs11.cpp:236 #, qt-format msgctxt "QObject|" msgid "Please enter the SO PIN (PUK) of the token %1" msgstr "Prosím, zadajte SO PIN (PUK) tokenu %1" #: ../lib/pkcs11.cpp:237 #, qt-format msgctxt "QObject|" msgid "Please enter the PIN of the token %1" msgstr "Prosím, zadajte PIN tokenu %1" #: ../lib/pkcs11.cpp:291 msgctxt "QObject|" msgid "No Security token found" msgstr "Nebol nájdený bezpečnostný token" #: ../lib/pkcs11.cpp:302 msgctxt "QObject|" msgid "Select" msgstr "Zvoliť" #: ../lib/pkcs11.cpp:325 #, qt-format msgctxt "QObject|" msgid "Please enter the new SO PIN (PUK) for the token: '%1'" msgstr "Prosím, zadajte nový SO PIN (PUK) tokenu: „%1”" #: ../lib/pkcs11.cpp:327 #, qt-format msgctxt "QObject|" msgid "Please enter the new PIN for the token: '%1'" msgstr "Prosím, zadajte nový PIN tokenu: '%1'" #: ../lib/pkcs11.h:96 #, qt-format msgctxt "QObject|" msgid "Required PIN size: %1 - %2" msgstr "Požadovaná veľkosť PIN: %1 - %2" #: ../lib/pkcs11_lib.cpp:119 msgctxt "QObject|" msgid "Disabled" msgstr "Vypnuté" #: ../lib/pkcs11_lib.cpp:123 msgctxt "QObject|" msgid "Library loading failed" msgstr "Načítanie knižnice zlyhalo" #: ../lib/pkcs11_lib.cpp:484 #, qt-format msgctxt "QObject|" msgid "PKCS#11 function '%1' failed: %2" msgstr "Funkcia PKCS#11 „%1” zlyhala: %2" #: ../lib/pkcs11_lib.cpp:492 #, qt-format msgctxt "QObject|" msgid "" "PKCS#11 function '%1' failed: %2\n" "In library %3\n" "%4" msgstr "" "Funkcia PKCS#11 „%1” zlyhala: %2\n" "V knižnici %3\n" "%4" #: ../lib/x509name.cpp:104 msgctxt "QObject|" msgid "Invalid" msgstr "Neplatné" #: ../lib/x509name.cpp:220 #, qt-format msgctxt "QObject|" msgid "%1 is shorter than %2 bytes: '%3'" msgstr "%1 je kratšie ako %2 B: „%3”" #: ../lib/x509name.cpp:225 #, qt-format msgctxt "QObject|" msgid "%1 is longer than %2 bytes: '%3'" msgstr "%1 je dlhšie ako %2 B: „%3”" #: ../lib/x509v3ext.cpp:112 #, qt-format msgctxt "QObject|" msgid "String '%1' for '%2' contains invalid characters" msgstr "Reťazec „%1” pre „%2” obsahuje neplatné znaky" #: ../lib/oid.cpp:58 #, qt-format msgctxt "QObject|" msgid "Error reading config file %1 at line %2" msgstr "Chyba čítania konfiguračného súboru %1 na riadku %2" #: ../lib/oid.cpp:96 #, qt-format msgctxt "QObject|" msgid "" "The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and " "should be removed." msgstr "" "Objekt „%1” zo súboru %2 riadok %3 je už známy ako „%4:%5:%6” a mal by byť " "odstránený." #: ../lib/oid.cpp:105 #, qt-format msgctxt "QObject|" msgid "" "The identifier '%1' for OID %2 from file %3 line %4 is already used for a " "different OID as '%5:%6:%7' and should be changed to avoid conflicts." msgstr "" "Identifikátor „%1” pre OID %2 zo súboru %3 riadok %4 je už použitý pre iné " "OID ako „%5:%6:%7” a treba ho zmeniť, aby ste predišli konfliktom." #: ../lib/oid.cpp:170 #, qt-format msgctxt "QObject|" msgid "Unknown object '%1' in file %2 line %3" msgstr "Neznámy objekt „%1” v súbore %2 riadok %3" #: ../lib/sql.h:55 msgctxt "QObject|" msgid "Failed to start a database transaction" msgstr "Zlyhala inicializácia DB transakcie" #: ../lib/func_base.cpp:244 msgctxt "QObject|" msgid "Country code" msgstr "Kód krajiny" #: ../lib/func_base.cpp:245 msgctxt "QObject|" msgid "State or Province" msgstr "Štát alebo provincia" #: ../lib/func_base.cpp:246 msgctxt "QObject|" msgid "Locality" msgstr "Lokalita" #: ../lib/func_base.cpp:247 msgctxt "QObject|" msgid "Organisation" msgstr "Organizácia" #: ../lib/func_base.cpp:248 msgctxt "QObject|" msgid "Organisational unit" msgstr "Organizačná jednotka" #: ../lib/func_base.cpp:249 msgctxt "QObject|" msgid "Common name" msgstr "Bežný názov" #: ../lib/func_base.cpp:250 msgctxt "QObject|" msgid "E-Mail address" msgstr "Emailová adresa" #: ../lib/func_base.cpp:251 msgctxt "QObject|" msgid "Serial number" msgstr "Sériové číslo" #: ../lib/func_base.cpp:252 msgctxt "QObject|" msgid "Given name" msgstr "Rodné meno" #: ../lib/func_base.cpp:253 msgctxt "QObject|" msgid "Surname" msgstr "Priezvisko" #: ../lib/func_base.cpp:254 msgctxt "QObject|" msgid "Title" msgstr "Titul" #: ../lib/func_base.cpp:255 msgctxt "QObject|" msgid "Initials" msgstr "Iniciály" #: ../lib/func_base.cpp:256 msgctxt "QObject|" msgid "Description" msgstr "Popis" #: ../lib/func_base.cpp:257 msgctxt "QObject|" msgid "Role" msgstr "Rola" #: ../lib/func_base.cpp:258 msgctxt "QObject|" msgid "Pseudonym" msgstr "Pseudonym" #: ../lib/func_base.cpp:259 msgctxt "QObject|" msgid "Generation Qualifier" msgstr "Prívlastok generácie" #: ../lib/func_base.cpp:260 msgctxt "QObject|" msgid "x500 Unique Identifier" msgstr "Jedinečný identifikátor x500" #: ../lib/func_base.cpp:261 msgctxt "QObject|" msgid "Name" msgstr "Názov" #: ../lib/func_base.cpp:262 msgctxt "QObject|" msgid "DN Qualifier" msgstr "Prívlastok DN" #: ../lib/func_base.cpp:263 msgctxt "QObject|" msgid "Unstructured name" msgstr "Neštruktúrovaný názov" #: ../lib/func_base.cpp:264 msgctxt "QObject|" msgid "Challenge password" msgstr "Heslo výzvy" #: ../lib/func_base.cpp:266 msgctxt "QObject|" msgid "Basic Constraints" msgstr "Základné obmedzenia" #: ../lib/func_base.cpp:267 msgctxt "QObject|" msgid "Name Constraints" msgstr "Obmedzenia mena" #: ../lib/func_base.cpp:268 msgctxt "QObject|" msgid "Subject alternative name" msgstr "Alternatívne meno predmetu" #: ../lib/func_base.cpp:269 msgctxt "QObject|" msgid "issuer alternative name" msgstr "Alternatívny názov vydavateľa" #: ../lib/func_base.cpp:270 msgctxt "QObject|" msgid "Subject key identifier" msgstr "Identifikátor kľúča predmetu" #: ../lib/func_base.cpp:271 msgctxt "QObject|" msgid "Authority key identifier" msgstr "Identifikátor kľúča autority" #: ../lib/func_base.cpp:272 msgctxt "QObject|" msgid "Key usage" msgstr "Použitie kľúča" #: ../lib/func_base.cpp:273 msgctxt "QObject|" msgid "Extended key usage" msgstr "Rozšírené použitie kľúča" #: ../lib/func_base.cpp:274 msgctxt "QObject|" msgid "CRL distribution points" msgstr "Distribučné body CRL" #: ../lib/func_base.cpp:275 msgctxt "QObject|" msgid "Authority information access" msgstr "Prístup k informácii CA (AIA)" #: ../lib/func_base.cpp:276 msgctxt "QObject|" msgid "Certificate type" msgstr "Typ certifikátu" #: ../lib/func_base.cpp:277 msgctxt "QObject|" msgid "Base URL" msgstr "Základná URL" #: ../lib/func_base.cpp:278 msgctxt "QObject|" msgid "Revocation URL" msgstr "URL odvolaní" #: ../lib/func_base.cpp:279 msgctxt "QObject|" msgid "CA Revocation URL" msgstr "URL odvolaní CA" #: ../lib/func_base.cpp:280 msgctxt "QObject|" msgid "Certificate renewal URL" msgstr "URL obnovenia CRL" #: ../lib/func_base.cpp:281 msgctxt "QObject|" msgid "CA policy URL" msgstr "URL politiky CA" #: ../lib/func_base.cpp:282 msgctxt "QObject|" msgid "SSL server name" msgstr "Meno servera SSL" #: ../lib/func_base.cpp:283 msgctxt "QObject|" msgid "Comment" msgstr "Komentár" #: ../lib/cmdline.cpp:166 #, qt-format msgctxt "QObject|" msgid "Index file written to '%1'" msgstr "Súbor index zapísaný do „%1”" #: ../lib/cmdline.cpp:173 #, qt-format msgctxt "QObject|" msgid "Index hierarchy written to '%1'" msgstr "Hierarchia indexu zapísaná do „%1”" #: ../lib/cmdline.cpp:186 #, qt-format msgctxt "QObject|" msgid "Unknown key type %1" msgstr "Neznámy typ kľúča %1" #: ../lib/cmdline.cpp:273 #, qt-format msgctxt "QObject|" msgid "Failed to write PEM data to '%1'" msgstr "Zlyhal zápis dát PEM do „%1”" #: ../lib/XcaWarningCore.h:23 msgctxt "QObject|" msgid "Password verify error, please try again" msgstr "Chyba overenia hesla, prosím, skúste znova" #: ../lib/XcaWarningCore.h:95 msgctxt "QObject|" msgid "The following error occurred:" msgstr "Nastala nasledujúca chyba:" #: ../lib/database_model.cpp:117 msgctxt "QObject|" msgid "Failed to update the database schema to the current version" msgstr "Zlyhala aktualizácia schémy DB na aktuálnu verziu" #: ../lib/PwDialogCore.cpp:33 msgctxt "QObject|" msgid "Password" msgstr "Heslo" #: ../lib/pki_pkcs12.cpp:217 msgctxt "QObject|" msgid "insecure" msgstr "nie bezpečné" #: ../widgets/ReqTreeView.cpp:27 msgctxt "ReqTreeView|" msgid "Sign" msgstr "Podpísať" #: ../widgets/ReqTreeView.cpp:29 msgctxt "ReqTreeView|" msgid "Unmark signed" msgstr "Zrušiť označenie podpísané" #: ../widgets/ReqTreeView.cpp:32 msgctxt "ReqTreeView|" msgid "Mark signed" msgstr "Označiť podpísané" #: ../widgets/ReqTreeView.cpp:35 msgctxt "ReqTreeView|" msgid "Similar Request" msgstr "Podobná žiadosť" #: ../widgets/ReqTreeView.cpp:75 msgctxt "ReqTreeView|" msgid "Certificate request export" msgstr "Export žiadosti o certifikát" #: ../widgets/ReqTreeView.cpp:76 msgctxt "ReqTreeView|" msgid "Certificate request ( *.pem *.der *.csr )" msgstr "Žiadosť o certifikát ( *.pem *.der *.csr )" #: ../ui/RevocationList.ui:30 msgctxt "RevocationList|" msgid "Manage revocations" msgstr "Spravovať odvolania" #: ../ui/RevocationList.ui:96 msgctxt "RevocationList|" msgid "Add" msgstr "Pridať" #: ../ui/RevocationList.ui:103 msgctxt "RevocationList|" msgid "Delete" msgstr "Odstrániť" #: ../ui/RevocationList.ui:110 msgctxt "RevocationList|" msgid "Edit" msgstr "Upraviť" #: ../widgets/RevocationList.cpp:77 msgctxt "RevocationList|" msgid "No." msgstr "Č." #: ../widgets/RevocationList.cpp:77 msgctxt "RevocationList|" msgid "Serial" msgstr "Sériové číslo" #: ../widgets/RevocationList.cpp:77 msgctxt "RevocationList|" msgid "Revocation" msgstr "Odvolanie" #: ../widgets/RevocationList.cpp:77 msgctxt "RevocationList|" msgid "Reason" msgstr "Dôvod" #: ../widgets/RevocationList.cpp:78 msgctxt "RevocationList|" msgid "Invalidation" msgstr "Zneplatnenie" #: ../widgets/RevocationList.cpp:107 msgctxt "RevocationList|" msgid "Generate CRL" msgstr "Generovať CRL" #: ../ui/Revoke.ui:30 msgctxt "Revoke|" msgid "Certificate revocation" msgstr "Odvolanie certifikátu" #: ../ui/Revoke.ui:87 msgctxt "Revoke|" msgid "Revocation details" msgstr "Podrobnosti odvolania" #: ../ui/Revoke.ui:96 msgctxt "Revoke|" msgid "Revocation reason" msgstr "Dôvod odvolania" #: ../ui/Revoke.ui:110 msgctxt "Revoke|" msgid "Local time" msgstr "Lokálny čas" #: ../ui/Revoke.ui:117 msgctxt "Revoke|" msgid "Invalid since" msgstr "Neplatný od" #: ../ui/Revoke.ui:124 msgctxt "Revoke|" msgid "Serial" msgstr "Sériové číslo" #: ../ui/SearchPkcs11.ui:41 msgctxt "SearchPkcs11|" msgid "Directory" msgstr "Adresár" #: ../ui/SearchPkcs11.ui:57 msgctxt "SearchPkcs11|" msgid "..." msgstr "..." #: ../ui/SearchPkcs11.ui:64 msgctxt "SearchPkcs11|" msgid "Include subdirectories" msgstr "Zahrnúť podadresáre" #: ../ui/SearchPkcs11.ui:71 msgctxt "SearchPkcs11|" msgid "Search" msgstr "Hľadať" #: ../widgets/SearchPkcs11.cpp:76 msgctxt "SearchPkcs11|" msgid "The following files are possible PKCS#11 libraries" msgstr "nasledujúce súbory sú možné knižnice PKCS#11" #: ../ui/SelectToken.ui:39 msgctxt "SelectToken|" msgid "Security token" msgstr "Bezpečnostný token" #: ../ui/SelectToken.ui:86 msgctxt "SelectToken|" msgid "Please select the security token" msgstr "Prosím, vyberte bezpečnostný token" #: ../widgets/TempTreeView.cpp:25 msgctxt "TempTreeView|" msgid "Duplicate" msgstr "Duplikát" #: ../widgets/TempTreeView.cpp:26 msgctxt "TempTreeView|" msgid "Create certificate" msgstr "Vytvoriť certifikát" #: ../widgets/TempTreeView.cpp:27 msgctxt "TempTreeView|" msgid "Create request" msgstr "Vytvoriť žiadosť" #: ../widgets/TempTreeView.cpp:38 msgctxt "TempTreeView|" msgid "copy" msgstr "kopírovať" #: ../widgets/TempTreeView.cpp:86 msgctxt "TempTreeView|" msgid "Preset Template values" msgstr "Predvoľby hodnôt šablóny" #: ../widgets/TempTreeView.cpp:124 msgctxt "TempTreeView|" msgid "Template export" msgstr "Export šablóny" #: ../widgets/TempTreeView.cpp:125 msgctxt "TempTreeView|" msgid "XCA Templates ( *.xca )" msgstr "Šablóny XCA ( *.xca )" #: ../widgets/validity.cpp:91 msgctxt "Validity|" msgid "yyyy-MM-dd hh:mm" msgstr "d. MMM yyyy hh:mm" #: ../widgets/X509SuperTreeView.cpp:28 msgctxt "X509SuperTreeView|" msgid "Transform" msgstr "Transformovať" #: ../widgets/X509SuperTreeView.cpp:29 msgctxt "X509SuperTreeView|" msgid "Template" msgstr "Šablóna" #: ../widgets/X509SuperTreeView.cpp:30 msgctxt "X509SuperTreeView|" msgid "Public key" msgstr "Verejný kľúč" #: ../lib/xfile.h:28 #, qt-format msgctxt "XFile|" msgid "Error opening file: '%1': %2" msgstr "Chyba otvorenia súboru: „%1”: %2" #: ../lib/xfile.h:41 #, qt-format msgctxt "XFile|" msgid "Error rewinding file: '%1': %2" msgstr "Chyba posunu súboru: „%1”: %2" #: ../widgets/XcaDetail.cpp:47 msgctxt "XcaDetail|" msgid "Import" msgstr "Import" #: ../widgets/XcaTreeView.cpp:332 msgctxt "XcaTreeView|" msgid "Item properties" msgstr "Vlastnosti položky" #: ../widgets/XcaTreeView.cpp:402 msgctxt "XcaTreeView|" msgid "Subject entries" msgstr "Položky predmetu" #: ../widgets/XcaTreeView.cpp:403 msgctxt "XcaTreeView|" msgid "X509v3 Extensions" msgstr "Rozšírenia X509v3" #: ../widgets/XcaTreeView.cpp:404 msgctxt "XcaTreeView|" msgid "Netscape extensions" msgstr "Rozšírenia Netscape" #: ../widgets/XcaTreeView.cpp:405 msgctxt "XcaTreeView|" msgid "Key properties" msgstr "Vlastnosti kľúča" #: ../widgets/XcaTreeView.cpp:406 msgctxt "XcaTreeView|" msgid "Reset" msgstr "Vymazať" #: ../widgets/XcaTreeView.cpp:409 msgctxt "XcaTreeView|" msgid "Hide Column" msgstr "Odstrániť stĺpec" #: ../widgets/XcaTreeView.cpp:411 msgctxt "XcaTreeView|" msgid "Details" msgstr "Podrobnosti" #: ../widgets/XcaTreeView.cpp:452 msgctxt "XcaTreeView|" msgid "Columns" msgstr "Stĺpce" #: ../widgets/XcaTreeView.cpp:509 msgctxt "XcaTreeView|" msgid "Export Password" msgstr "Heslo exportu" #: ../widgets/XcaTreeView.cpp:510 #, qt-format msgctxt "" "XcaTreeView|Singular form for 0 or 1 item can be ignored. Will always be " "called with n >= 2" msgid "" "Please enter the password to encrypt all %n exported private key(s) in:\n" "%1" msgid_plural "" "Please enter the password to encrypt all %n exported private key(s) in:\n" "%1" msgstr[0] "" "Prosím, zadajte heslo na šifrovanie exportovaného súkromného kľúča v:\n" "%1" msgstr[1] "" "Prosím, zadajte heslo na šifrovanie %n exportovaných súkromných kľúčov v:\n" "%1" msgstr[2] "" "Prosím, zadajte heslo na šifrovanie %n exportovaných súkromných kľúčov v:\n" "%1" #: ../widgets/XcaTreeView.cpp:553 msgctxt "XcaTreeView|" msgid "New" msgstr "Nový" #: ../widgets/XcaTreeView.cpp:554 msgctxt "XcaTreeView|" msgid "Import" msgstr "Importovať" #: ../widgets/XcaTreeView.cpp:555 msgctxt "XcaTreeView|" msgid "Paste PEM data" msgstr "Vložiť dáta PEM" #: ../widgets/XcaTreeView.cpp:559 msgctxt "XcaTreeView|" msgid "Rename" msgstr "Premenovať" #: ../widgets/XcaTreeView.cpp:560 msgctxt "XcaTreeView|" msgid "Properties" msgstr "Vlastnosti" #: ../widgets/XcaTreeView.cpp:563 msgctxt "XcaTreeView|" msgid "Delete" msgstr "Odstrániť" #: ../widgets/XcaTreeView.cpp:565 msgctxt "XcaTreeView|" msgid "Export" msgstr "Exportovať" #: ../widgets/XcaTreeView.cpp:567 msgctxt "XcaTreeView|" msgid "Clipboard" msgstr "Schránka" #: ../widgets/XcaTreeView.cpp:573 msgctxt "XcaTreeView|" msgid "File" msgstr "Súbor" #: ../widgets/XcaTreeView.cpp:635 msgctxt "XcaTreeView|" msgid "Clipboard format" msgstr "Formát schránky" #: ../lib/database_model.cpp:168 #, qt-format msgctxt "database_model|" msgid "" "Please enter the password to access the database server %2 as user '%1'." msgstr "" "Prosím, zadajte heslo na prístup k databázovému serveru %2 ako používateľ " "„%1”." #: ../lib/database_model.cpp:286 #, qt-format msgctxt "database_model|" msgid "Unable to create '%1': %2" msgstr "Nemožno vytvoriť „%1”: %2" #: ../lib/database_model.cpp:449 #, qt-format msgctxt "database_model|" msgid "The file '%1' is not an XCA database" msgstr "Súbor „%1” nie je databáza XCA" #: ../lib/database_model.cpp:476 msgctxt "database_model|" msgid "" "No SqLite3 driver available. Please install the qt-sqlite package of your " "distribution" msgstr "" "Nie je dostupný ovládač SQLite3. Prosím, nainštalujte balík qt-sqlite svojej " "distribúcie" #: ../lib/database_model.cpp:517 msgctxt "database_model|" msgid "New Password" msgstr "Nové heslo" #: ../lib/database_model.cpp:517 #, qt-format msgctxt "database_model|" msgid "" "Please enter a password, that will be used to encrypt your private keys in " "the database:\n" "%1" msgstr "" "Prosím, zadajte heslo, ktoré bude slúžiť na šifrovanie súkromných kľúčov v " "databáze:\n" "%1" #: ../lib/database_model.cpp:537 msgctxt "database_model|" msgid "Password" msgstr "Heslo" #: ../lib/database_model.cpp:538 #, qt-format msgctxt "database_model|" msgid "" "Please enter the password for unlocking the database:\n" "%1" msgstr "" "Prosím, zadajte heslo na odomknutie databázy:\n" "%1" #: ../lib/db_base.cpp:160 msgctxt "db_base|" msgid "Internal name" msgstr "Interný názov" #: ../lib/db_base.cpp:161 msgctxt "db_base|" msgid "No." msgstr "Č." #: ../lib/db_base.cpp:162 msgctxt "db_base|" msgid "Primary key" msgstr "Primárny kľúč" #: ../lib/db_base.cpp:163 msgctxt "db_base|" msgid "Database unique number" msgstr "Jedinečné číslo databázy" #: ../lib/db_base.cpp:164 msgctxt "db_base|" msgid "Date" msgstr "Dátum" #: ../lib/db_base.cpp:165 msgctxt "db_base|" msgid "Date of creation or insertion" msgstr "Dátum vytvorenia alebo vloženia" #: ../lib/db_base.cpp:166 msgctxt "db_base|" msgid "Source" msgstr "Zdroj" #: ../lib/db_base.cpp:167 msgctxt "db_base|" msgid "Generated, Imported, Transformed" msgstr "Generovaný, Importovaný, Transformovaný" #: ../lib/db_base.cpp:168 msgctxt "db_base|" msgid "Comment" msgstr "Komentár" #: ../lib/db_base.cpp:169 msgctxt "db_base|" msgid "First line of the comment field" msgstr "Prvý riadok poľa komentára" #: ../lib/db_base.cpp:231 #, qt-format msgctxt "db_base|" msgid "Import from: %1" msgstr "Importovať z: %1" #: ../lib/db_base.cpp:374 #, qt-format msgctxt "db_base|" msgid "Could not create directory %1" msgstr "Nemožno vytvoriť adresár %1" #: ../lib/db_crl.cpp:26 msgctxt "db_crl|" msgid "Signer" msgstr "Vydavateľ" #: ../lib/db_crl.cpp:27 msgctxt "db_crl|" msgid "Internal name of the signer" msgstr "Interný názov vydavateľa" #: ../lib/db_crl.cpp:28 msgctxt "db_crl|" msgid "No. revoked" msgstr "Počet odvolaných" #: ../lib/db_crl.cpp:29 msgctxt "db_crl|" msgid "Number of revoked certificates" msgstr "Počet odvolaných certifikátov" #: ../lib/db_crl.cpp:30 msgctxt "db_crl|" msgid "Last update" msgstr "Posledná aktualizácia" #: ../lib/db_crl.cpp:31 msgctxt "db_crl|" msgid "Next update" msgstr "Nasled. aktualizácia" #: ../lib/db_crl.cpp:32 msgctxt "db_crl|" msgid "CRL number" msgstr "Číslo CRL" #: ../lib/db_crl.cpp:95 #, qt-format msgctxt "db_crl|" msgid "" "The revocation list already exists in the database as:\n" "'%1'\n" "and so it was not imported" msgstr "" "Zoznam odvolaní už v databáze existuje ako:\n" "„%1”,\n" "a tak nebol importovaný" #: ../lib/db_crl.cpp:169 msgctxt "db_crl|" msgid "Failed to initiate DB transaction" msgstr "Zlyhala inicializácia DB transakcie" #: ../lib/db_crl.cpp:179 ../lib/db_crl.cpp:187 ../lib/db_crl.cpp:191 #, qt-format msgctxt "db_crl|" msgid "Database error: %1" msgstr "Chyba databázy: %1" #: ../lib/db_key.cpp:53 msgctxt "db_key|" msgid "Type" msgstr "Typ" #: ../lib/db_key.cpp:54 msgctxt "db_key|" msgid "Size" msgstr "Veľkosť" #: ../lib/db_key.cpp:56 msgctxt "db_key|" msgid "EC Group" msgstr "Skupina EC" #: ../lib/db_key.cpp:58 msgctxt "db_key|" msgid "Use" msgstr "Použiť" #: ../lib/db_key.cpp:59 msgctxt "db_key|" msgid "Password" msgstr "Heslo" #: ../lib/db_key.cpp:133 #, qt-format msgctxt "db_key|" msgid "" "The key is already in the database as:\n" "'%1'\n" "and is not going to be imported" msgstr "" "Kľúč už je v databáze ako:\n" "„%1”,\n" "a tak nebude importovaný" #: ../lib/db_key.cpp:138 #, qt-format msgctxt "db_key|" msgid "" "The database already contains the public part of the imported key as\n" "'%1\n" "and will be completed by the new, private part of the key" msgstr "" "Databáza už obsahuje verejnú časť importovaného kľúča ako\n" "„%1”\n" "a bude doplnená novou, súkromnou, časťou kľúča" #: ../lib/db_key.cpp:140 #, qt-format msgctxt "db_key|" msgid "Extending public key from %1 by imported key '%2'" msgstr "Rozšírenie verejného kľúča z %1 importovaním kľúča „%2”" #: ../lib/db_key.cpp:156 msgctxt "db_key|" msgid "Key size too small !" msgstr "Dĺžka kľúča je príliš malá!" #: ../lib/db_key.cpp:160 #, qt-format msgctxt "db_key|" msgid "You are sure to create a key of the size: %1 ?" msgstr "Naozaj chcete vytvoriť kľúč s veľkosťou: %1?" #: ../lib/db_key.cpp:284 #, qt-format msgctxt "db_key|" msgid "" "Internal key update: The keys: %1 must be updated once by resetting and " "setting its private password" msgstr "" "Interná aktualizácia kľúča: Kľúče: %1 musia byť pri zmene a aktualizácii ich " "hesla aktualizované" #: ../lib/db_key.cpp:298 msgctxt "db_key|" msgid "Tried to change password of a token" msgstr "Vyskúšaná zmena hesla tokenu" #: ../lib/db_temp.cpp:59 #, qt-format msgctxt "db_temp|" msgid "Bad template: %1" msgstr "Zlá šablóna: %1" #: ../lib/db_temp.cpp:32 msgctxt "db_temp|" msgid "Empty template" msgstr "Prázdna šablóna" #: ../lib/db_x509.cpp:77 msgctxt "db_x509|" msgid "CA" msgstr "CA" #: ../lib/db_x509.cpp:78 msgctxt "db_x509|" msgid "reflects the basic Constraints extension" msgstr "Odráža rozšírenie Základné obmedzenia" #: ../lib/db_x509.cpp:79 msgctxt "db_x509|" msgid "Serial" msgstr "Sériové číslo" #: ../lib/db_x509.cpp:83 msgctxt "db_x509|" msgid "Start date" msgstr "Dátum začiatku" #: ../lib/db_x509.cpp:85 msgctxt "db_x509|" msgid "Expiry date" msgstr "Dátum vypršania" #: ../lib/db_x509.cpp:80 msgctxt "db_x509|" msgid "MD5 fingerprint" msgstr "Odtlačok MD5" #: ../lib/db_x509.cpp:81 msgctxt "db_x509|" msgid "SHA1 fingerprint" msgstr "Odtlačok SHA1" #: ../lib/db_x509.cpp:82 msgctxt "db_x509|" msgid "SHA256 fingerprint" msgstr "Odtlačok SHA256" #: ../lib/db_x509.cpp:84 msgctxt "db_x509|" msgid "Not before" msgstr "Nie pred" #: ../lib/db_x509.cpp:86 msgctxt "db_x509|" msgid "Not after" msgstr "Nie po" #: ../lib/db_x509.cpp:87 msgctxt "db_x509|" msgid "Revocation" msgstr "Odvolanie" #: ../lib/db_x509.cpp:88 msgctxt "db_x509|" msgid "CRL Expiration" msgstr "CRL vypršania" #: ../lib/db_x509.cpp:314 msgctxt "db_x509|" msgid "Failed to retrieve unique random serial" msgstr "Zlyhalo získanie jedinečného náhodného sériového čísla" #: ../lib/db_x509.cpp:337 #, qt-format msgctxt "db_x509|" msgid "" "The certificate already exists in the database as:\n" "'%1'\n" "and so it was not imported" msgstr "" "Certifikát už v databáze existuje ako:\n" "„%1”,\n" "a tak nebol importovaný" #: ../lib/db_x509.cpp:363 #, qt-format msgctxt "db_x509|" msgid "Signed on %1 by '%2'" msgstr "%1 podpísané „%2”" #: ../lib/db_x509.cpp:364 msgctxt "db_x509|" msgid "Unknown" msgstr "Neznáme" #: ../lib/db_x509.cpp:454 msgctxt "db_x509|" msgid "Invalid public key" msgstr "Neplatný verejný kľúč" #: ../lib/db_x509.cpp:480 msgctxt "db_x509|" msgid "The key you selected for signing is not a private one." msgstr "Kľúč, zvolený na podpísanie, nie je súkromný." #: ../lib/db_x509.cpp:266 #, qt-format msgctxt "db_x509|" msgid "Failed to create directory '%1'" msgstr "Vytvorenie adresára „%1” zlyhalo" #: ../lib/db_x509.cpp:521 #, qt-format msgctxt "db_x509|" msgid "Store the certificate to the key on the token '%1 (#%2)' ?" msgstr "Uložiť certifikát do kľúča na tokene „%1 (#%2)”?" #: ../lib/db_x509.cpp:617 ../lib/db_x509.cpp:703 #, qt-format msgctxt "db_x509|" msgid "There was no key found for the Certificate: '%1'" msgstr "Nebol nájdený kľúč certifikátu: „%1”" #: ../lib/db_x509.cpp:620 #, qt-format msgctxt "db_x509|" msgid "Not possible for a token key: '%1'" msgstr "Nie je možné pre kľúč tokenu: „%1”" #: ../lib/db_x509.cpp:707 #, qt-format msgctxt "db_x509|" msgid "Not possible for the token-key Certificate '%1'" msgstr "Nie je možné pre Certifikát kľúča tokenu „%1”" #: ../lib/db_x509super.cpp:27 msgctxt "db_x509name|" msgid "Subject" msgstr "Predmet" #: ../lib/db_x509super.cpp:28 msgctxt "db_x509name|" msgid "Complete distinguished name" msgstr "Úplný rozlišovací názov" #: ../lib/db_x509super.cpp:29 msgctxt "db_x509name|" msgid "Subject hash" msgstr "Odtlačok predmetu" #: ../lib/db_x509super.cpp:30 msgctxt "db_x509name|" msgid "Hash to lookup certs in directories" msgstr "Odtlačok na hľadanie certifikátov v adresároch" #: ../lib/db_x509req.cpp:29 msgctxt "db_x509req|" msgid "Signed" msgstr "Podpísaný" #: ../lib/db_x509req.cpp:30 msgctxt "db_x509req|" msgid "whether the request is already signed or not" msgstr "Či už bola žiadosť podpísaná alebo nie" #: ../lib/db_x509req.cpp:31 msgctxt "db_x509req|" msgid "Unstructured name" msgstr "Neštruktúrovaný názov" #: ../lib/db_x509req.cpp:33 msgctxt "db_x509req|" msgid "Challenge password" msgstr "Heslo výzvy" #: ../lib/db_x509req.cpp:35 msgctxt "db_x509req|" msgid "Certificate count" msgstr "Počet certifikátov" #: ../lib/db_x509req.cpp:36 msgctxt "db_x509req|" msgid "Number of certificates in the database with the same public key" msgstr "Počet certifikátov s rovnakým verejným kľúčom v databáze" #: ../lib/db_x509req.cpp:53 #, qt-format msgctxt "db_x509req|" msgid "" "The certificate signing request already exists in the database as\n" "'%1'\n" "and thus was not stored" msgstr "" "Žiadosť o podpísanie certifikátu už v databáze existuje ako\n" "„%1”,\n" "a tak nebola uložená" #: ../lib/db_x509super.cpp:77 msgctxt "db_x509super|" msgid "Key name" msgstr "Názov kľúča" #: ../lib/db_x509super.cpp:78 msgctxt "db_x509super|" msgid "Internal name of the key" msgstr "Interný názov kľúča" #: ../lib/db_x509super.cpp:80 msgctxt "db_x509super|" msgid "Signature algorithm" msgstr "Algoritmus podpisu" #: ../lib/db_x509super.cpp:81 msgctxt "db_x509super|" msgid "Key type" msgstr "Typ kľúča" #: ../lib/db_x509super.cpp:82 msgctxt "db_x509super|" msgid "Key size" msgstr "Veľkosť kľúča" #: ../lib/db_x509super.cpp:84 msgctxt "db_x509super|" msgid "EC Group" msgstr "Skupina EC" #: ../lib/db_x509super.cpp:138 #, qt-format msgctxt "db_x509super|" msgid "Extracted from %1 '%2'" msgstr "Vyňaté z %1 „%2”" #: ../lib/db_x509super.cpp:140 ../lib/db_x509super.cpp:168 msgctxt "db_x509super|" msgid "Certificate" msgstr "Certifikát" #: ../lib/db_x509super.cpp:140 ../lib/db_x509super.cpp:168 msgctxt "db_x509super|" msgid "Certificate request" msgstr "Žiadosť o certifikát" #: ../lib/db_x509super.cpp:163 msgctxt "db_x509super|" msgid "The following extensions were not ported into the template" msgstr "Do šablóny neboli prenesené nasledujúce rozšírenia" #: ../lib/db_x509super.cpp:166 #, qt-format msgctxt "db_x509super|" msgid "Transformed from %1 '%2'" msgstr "Transformované z %1 „%2”" #: ../widgets/kvView.cpp:164 msgctxt "kvView|" msgid "Type" msgstr "Typ" #: ../widgets/kvView.cpp:164 msgctxt "kvView|" msgid "Content" msgstr "Obsah" #: ../lib/pass_info.cpp:12 msgctxt "pass_info|" msgid "Password" msgstr "Heslo" #: ../lib/pass_info.cpp:18 msgctxt "pass_info|" msgid "PIN" msgstr "PIN" #: ../lib/pkcs11_lib.cpp:36 #, qt-format msgctxt "pkcs11_lib|" msgid "Failed to open PKCS11 library: %1: %2" msgstr "Zlyhalo otvorenie knižnice PKCS#11: %1: %2" #: ../lib/pkcs11_lib.cpp:42 msgctxt "pkcs11_lib|" msgid "" "This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not " "found." msgstr "" "Toto nevyzerá ako knižnica PKCS#11. Symbol „C_GetFunctionList” nenájdený." #: ../lib/pki_base.cpp:282 msgctxt "pki_base|" msgid "Unknown" msgstr "Neznáme" #: ../lib/pki_base.cpp:283 msgctxt "pki_base|" msgid "Imported" msgstr "Importovaný" #: ../lib/pki_base.cpp:284 msgctxt "pki_base|" msgid "Generated" msgstr "Generovaný" #: ../lib/pki_base.cpp:285 msgctxt "pki_base|" msgid "Transformed" msgstr "Transformovaný" #: ../lib/pki_base.cpp:286 msgctxt "pki_base|" msgid "Token" msgstr "Token" #: ../lib/pki_base.cpp:287 msgctxt "pki_base|" msgid "Legacy Database" msgstr "Stará databáza" #: ../lib/pki_base.cpp:288 msgctxt "pki_base|" msgid "Renewed" msgstr "Obnovené" #: ../lib/pki_base.cpp:433 #, qt-format msgctxt "pki_base|" msgid "Property '%1' not listed in 'pki_base::print'" msgstr "Vlastnosť „%1” nie je zahrnutá v „pki_base::print”" #: ../lib/pki_base.cpp:113 #, qt-format msgctxt "pki_base|" msgid "Internal error: Unexpected message: %1 %2" msgstr "Interná chyba: Neočakávaná správa: %1 %2" #: ../lib/pki_crl.cpp:59 #, qt-format msgctxt "pki_crl|" msgid "Successfully imported the revocation list '%1'" msgstr "Úspešne importovaný Zoznam odvolaní „%1”" #: ../lib/pki_crl.cpp:61 #, qt-format msgctxt "pki_crl|" msgid "Successfully created the revocation list '%1'" msgstr "Úspešne vytvorený Zoznam odvolaní „%1”" #: ../lib/pki_crl.cpp:60 #, qt-format msgctxt "pki_crl|" msgid "Delete the %n revocation list(s): '%1'?" msgid_plural "Delete the %n revocation list(s): '%1'?" msgstr[0] "Odstrániť zoznam odvolaní: '%1'?" msgstr[1] "Odstrániť %n zoznamy odvolaní: '%1'?" msgstr[2] "Odstrániť %n zoznamov odvolaní: '%1'?" #: ../lib/pki_crl.cpp:145 #, qt-format msgctxt "pki_crl|" msgid "" "Unable to load the revocation list in file %1. Tried PEM and DER formatted " "CRL." msgstr "" "Nemožno načítať zoznam odvolaní zo súboru %1. Vyskúšaný formát CRL PEM a DER." #: ../lib/pki_crl.cpp:160 msgctxt "pki_crl|" msgid "No issuer given" msgstr "Nebol zadaný vydavateľ" #: ../lib/pki_crl.cpp:421 #, qt-format msgctxt "pki_crl|" msgid "CRL Renewal of CA '%1' due" msgstr "Termín obnovenia CRL CA „%1”" #: ../lib/pki_crl.cpp:422 #, qt-format msgctxt "pki_crl|" msgid "" "The latest CRL issued by the CA '%1' will expire on %2.\n" "It is stored in the XCA database '%3'" msgstr "" "Posledné CRL vydané CA „%1” vyprší %2.\n" "Je uložené v databáze XCA „%3”" #: ../lib/pki_crl.cpp:430 #, qt-format msgctxt "pki_crl|" msgid "Renew CRL: %1" msgstr "Obnoviť CRL: %1" #: ../lib/pki_crl.cpp:431 #, qt-format msgctxt "pki_crl|" msgid "" "The XCA CRL '%1', issued on %3 will expire on %4.\n" "It is stored in the XCA database '%5'" msgstr "" "XCA CRL „%1”, vydané %3 vyprší %4.\n" "Je uložené v databáze XCA „%5”" #: ../lib/pki_evp.cpp:240 #, qt-format msgctxt "pki_evp|" msgid "Please enter the password to decrypt the private key %1." msgstr "Prosím, zadajte heslo na dešifrovanie súkromného kľúča %1." #: ../lib/pki_evp.cpp:308 #, qt-format msgctxt "pki_evp|" msgid "The key from file '%1' is incomplete or inconsistent." msgstr "Kľúč zo súboru „%1” je nekompletný ale nekonzistentný." #: ../lib/pki_evp.cpp:397 #, qt-format msgctxt "pki_evp|" msgid "" "Please enter the password to decrypt the private key from file:\n" "%1" msgstr "" "Prosím, zadajte heslo na dešifrovanie súkromného kľúča zo súboru:\n" "%1" #: ../lib/pki_evp.cpp:464 #, qt-format msgctxt "pki_evp|" msgid "" "Unable to load the private key in file %1. Tried PEM and DER private, " "public, PKCS#8 key types and SSH2 format." msgstr "" "Nemožno načítať súkromný kľúč zo súboru %1. Vyskúšaný PEM a DER súkromný, " "verejný, typy kľúčov PKCS#8 a formát SSH2." #: ../lib/pki_evp.cpp:487 #, qt-format msgctxt "pki_evp|" msgid "Please enter the password to decrypt the private key: '%1'" msgstr "Prosím, zadajte heslo na dešifrovanie súkromného kľúča: „%1”" #: ../lib/pki_evp.cpp:490 ../lib/pki_evp.cpp:501 msgctxt "pki_evp|" msgid "Password input aborted" msgstr "Zadávanie hesla zrušené" #: ../lib/pki_evp.cpp:497 #, qt-format msgctxt "pki_evp|" msgid "Please enter the database password for decrypting the key '%1'" msgstr "Prosím, zadajte heslo databázy na dešifrovanie kľúča „%1”" #: ../lib/pki_evp.cpp:521 #, qt-format msgctxt "pki_evp|" msgid "Decryption of private key '%1' failed" msgstr "Dešifrovanie súkromného kľúča „%1” zlyhalo" #: ../lib/pki_evp.cpp:649 #, qt-format msgctxt "pki_evp|" msgid "Please enter the password to protect the private key: '%1'" msgstr "Prosím, zadajte heslo na ochranu súkromného kľúča: „%1”" #: ../lib/pki_evp.cpp:667 msgctxt "pki_evp|" msgid "Please enter the database password for encrypting the key" msgstr "Prosím, zadajte heslo databázy na zašifrovanie kľúča" #: ../lib/pki_evp.cpp:849 #, qt-format msgctxt "pki_evp|" msgid "" "Please enter the password to protect the PKCS#8 key '%1' in file:\n" "%2" msgstr "" "Prosím, zadajte heslo na ochranu kľúča PKCS#8 „%1” v súbore:\n" "%2" #: ../lib/pki_evp.cpp:906 #, qt-format msgctxt "pki_evp|" msgid "" "Please enter the password to protect the private key '%1' in file:\n" "%2" msgstr "" "Prosím, zadajte heslo na ochranu súkromného kľúča: „%1” v súbore:\n" "%2" #: ../lib/pki_export.cpp:64 ../lib/pki_export.cpp:99 ../lib/pki_export.cpp:103 msgctxt "pki_export|" msgid "PEM Text format with headers" msgstr "Textový formát PEM s hlavičkami" #: ../lib/pki_export.cpp:65 msgctxt "pki_export|" msgid "PEM selected" msgstr "PEM zvolený" #: ../lib/pki_export.cpp:65 msgctxt "pki_export|" msgid "Concatenated list of all selected certificates in one PEM text file" msgstr "Zlúčený zoznam zvolených certifikátov v jednom textovom súbore PEM" #: ../lib/pki_export.cpp:66 msgctxt "pki_export|" msgid "PEM chain" msgstr "Reťaz PEM" #: ../lib/pki_export.cpp:66 msgctxt "pki_export|" msgid "" "Concatenated text format of the complete certificate chain in one PEM file" msgstr "Zlúčený textový formát úplnej reťaze certifikátu v jednom súbore PEM" #: ../lib/pki_export.cpp:67 msgctxt "pki_export|" msgid "" "The complete certificate chain and the private key of the selected " "certificate with tags usable in OpenVPN configuration files" msgstr "" "Úplná reťaz certifikátu a jeho súkromný kľúč, použiteľný v konfigurácii " "OpenVPN" #: ../lib/pki_export.cpp:68 msgctxt "pki_export|" msgid "PEM + key" msgstr "PEM + kľúč" #: ../lib/pki_export.cpp:68 msgctxt "pki_export|" msgid "" "Concatenation of the certificate and the unencrypted private key in one PEM " "file" msgstr "" "Zlúčenie certifikátu a nešifrovaného súkromného kľúča v jednom súbore PEM" #: ../lib/pki_export.cpp:69 msgctxt "pki_export|" msgid "" "Concatenation of the certificate and the encrypted private key in PKCS#8 " "format in one file" msgstr "" "Zlúčenie certifikátu a šifrovaného súkromného kľúča vo formáte PKCS#8 v " "jednom súbore" #: ../lib/pki_export.cpp:70 msgctxt "pki_export|" msgid "All unusable" msgstr "Všetky nepoužiteľné" #: ../lib/pki_export.cpp:70 msgctxt "pki_export|" msgid "Concatenation of all expired or revoked certificates in one PEM file" msgstr "" "Zlúčenie všetkých vypršaných alebo odvolaných certifikátov v jednom súbore " "PEM" #: ../lib/pki_export.cpp:71 msgctxt "pki_export|" msgid "PKCS#7 encoded single certificate" msgstr "Jeden certifikát, kódovaný PKCS#7" #: ../lib/pki_export.cpp:72 msgctxt "pki_export|" msgid "All selected certificates encoded in one PKCS#7 file" msgstr "Všetky zvolené certifikáty kódované v jednom súbore PKCS#7" #: ../lib/pki_export.cpp:73 msgctxt "pki_export|" msgid "PKCS #7 chain" msgstr "Reťaz PKCS #7" #: ../lib/pki_export.cpp:73 msgctxt "pki_export|" msgid "PKCS#7 encoded complete certificate chain" msgstr "Úplná reťaz certifikátov kódovaná v PKCS#7" #: ../lib/pki_export.cpp:74 msgctxt "pki_export|" msgid "PKCS #7 unusable" msgstr "PKCS#7 nepoužiteľné" #: ../lib/pki_export.cpp:74 msgctxt "pki_export|" msgid "PKCS#7 encoded collection of all expired or revoked certificates" msgstr "" "Kódovaná kolekcia PKCS#7 všetkých vypršaných alebo odvolaných certifikátov" #: ../lib/pki_export.cpp:75 msgctxt "pki_export|" msgid "Binary DER encoded certificate" msgstr "Binárne kódovaný certifikát DER" #: ../lib/pki_export.cpp:76 msgctxt "pki_export|" msgid "PKCS #12 chain" msgstr "Reťaz PKCS #12" #: ../lib/pki_export.cpp:76 msgctxt "pki_export|" msgid "" "The complete certificate chain and the private key as encrypted PKCS#12 file" msgstr "Úplná reťaz certifikátu a súkromný kľúč ako šifrovaný súbor PKCS#12" #: ../lib/pki_export.cpp:77 msgctxt "pki_export|" msgid "PKCS #12" msgstr "PKCS #12" #: ../lib/pki_export.cpp:77 msgctxt "pki_export|" msgid "The certificate and the private key as encrypted PKCS#12 file" msgstr "Certifikát a súkromný kľúč ako šifrovaný súbor PKCS#12" #: ../lib/pki_export.cpp:78 msgctxt "pki_export|" msgid "Certificate Index file" msgstr "Súbor indexu certifikátov" #: ../lib/pki_export.cpp:78 msgctxt "pki_export|" msgid "" "OpenSSL specific Certificate Index file as created by the 'ca' command and " "required by the OCSP tool" msgstr "" "Súbor indexu certifikátov, špecifický pre OpenSSL, vytvorený ako príkazom " "„ca” a vyžadovaný nástrojom OCSP" #: ../lib/pki_export.cpp:79 ../lib/pki_export.cpp:105 msgctxt "pki_export|" msgid "vCalendar" msgstr "vCalendar" #: ../lib/pki_export.cpp:79 msgctxt "pki_export|" msgid "vCalendar expiry reminder for the selected items" msgstr "Pripomienka vCalendar vypršania platnosti zvolených položiek" #: ../lib/pki_export.cpp:80 msgctxt "pki_export|" msgid "CA vCalendar" msgstr "CA vCalendar" #: ../lib/pki_export.cpp:80 msgctxt "pki_export|" msgid "" "vCalendar expiry reminder containing all issued, valid certificates, the CA " "itself and the latest CRL" msgstr "" "Pripomienka vCalendar vypršania platnosti všetkých vydaných, platných " "certifikátov, samotnej CA i posledného CRL" #: ../lib/pki_export.cpp:81 ../lib/pki_export.cpp:101 msgctxt "pki_export|" msgid "OpenSSL config" msgstr "Konfigurácia OpenSSL" #: ../lib/pki_export.cpp:81 ../lib/pki_export.cpp:101 msgctxt "pki_export|" msgid "" "OpenSSL configuration file to create a certificate or request with the " "openssl commandline tool" msgstr "" "Konfiguračný súbor OpenSSL na vytvorenie certifikátu alebo žiadosti pomocou " "nástroja príkazového riadka openssl" #: ../lib/pki_export.cpp:82 msgctxt "pki_export|" msgid "OpenVPN tls-auth key" msgstr "Kľúč OpenVPN tls-auth" #: ../lib/pki_export.cpp:82 msgctxt "pki_export|" msgid "The OpenVPN tls-auth key is a secret key shared between endpoints" msgstr "Kľúč OpenVPN tls-auth je tajný kľúč zdieľaný medzi koncovými bodmi" #: ../lib/pki_export.cpp:83 msgctxt "pki_export|" msgid "JSON Web Kit" msgstr "JSON Web Kit" #: ../lib/pki_export.cpp:83 msgctxt "pki_export|" msgid "" "The public key of the certificate in JSON Web Kit format with X.509 " "Certificate Thumbprint (x5t)" msgstr "" "Verejný kľúč certifikátu vo formáte JSON Web Kit s X.509 Certificate " "Thumbprint (x5t)" #: ../lib/pki_export.cpp:84 msgctxt "pki_export|" msgid "JSON Web Kit chain" msgstr "Reťaz JSON Web Kit" #: ../lib/pki_export.cpp:84 msgctxt "pki_export|" msgid "" "The public key of the certificate in JSON Web Kit format with X.509 " "Certificate Thumbprint (x5t) and certificate chain (x5c)" msgstr "" "Verejný kľúč certifikátu vo formáte JSON Web Kit s X.509 Certificate " "Thumbprint (x5t) a reťazou certifikátu (x5c)" #: ../lib/pki_export.cpp:86 msgctxt "pki_export|" msgid "PEM public" msgstr "PEM verejný" #: ../lib/pki_export.cpp:86 msgctxt "pki_export|" msgid "Text format of the public key in one PEM file" msgstr "Textový formát verejného kľúča v súbore PEM" #: ../lib/pki_export.cpp:87 msgctxt "pki_export|" msgid "PEM private" msgstr "PEM súkromný" #: ../lib/pki_export.cpp:87 ../lib/pki_export.cpp:89 msgctxt "pki_export|" msgid "Unencrypted private key in text format" msgstr "Nešifrovaný súkromný kľúč v textovom formáte" #: ../lib/pki_export.cpp:88 msgctxt "pki_export|" msgid "PEM encrypted" msgstr "PEM šifrovaný" #: ../lib/pki_export.cpp:88 msgctxt "pki_export|" msgid "OpenSSL specific encrypted private key in text format" msgstr "Šifrovaný súkromný kľúč v textovom formáte špecifickom pre OpenSSL" #: ../lib/pki_export.cpp:89 msgctxt "pki_export|" msgid "SSH2 private" msgstr "SSH2 súkromný" #: ../lib/pki_export.cpp:90 msgctxt "pki_export|" msgid "SSH2 public" msgstr "SSH2 verejný" #: ../lib/pki_export.cpp:90 msgctxt "pki_export|" msgid "The public key encoded in SSH2 format" msgstr "Verejný kľúč kódovaný vo formáte SSH2" #: ../lib/pki_export.cpp:91 msgctxt "pki_export|" msgid "DER public" msgstr "DER verejný" #: ../lib/pki_export.cpp:91 msgctxt "pki_export|" msgid "Binary DER format of the public key" msgstr "Binárny formát DER verejného kľúča" #: ../lib/pki_export.cpp:92 msgctxt "pki_export|" msgid "DER private" msgstr "DER súkromný" #: ../lib/pki_export.cpp:92 msgctxt "pki_export|" msgid "Unencrypted private key in binary DER format" msgstr "Nešifrovaný súkromný kľúč v binárnom formáte DER" #: ../lib/pki_export.cpp:93 msgctxt "pki_export|" msgid "PVK private" msgstr "PVK súkromný" #: ../lib/pki_export.cpp:93 msgctxt "pki_export|" msgid "Private key in Microsoft PVK format not encrypted" msgstr "Nešifrovaný súkromný kľúč vo formáte Microsoft PVK" #: ../lib/pki_export.cpp:94 msgctxt "pki_export|" msgid "PKCS #8 encrypted" msgstr "PKCS #8 šifrovaný" #: ../lib/pki_export.cpp:94 msgctxt "pki_export|" msgid "Encrypted private key in PKCS#8 text format" msgstr "Šifrovaný súkromný kľúč v textovom formáte PKCS#8" #: ../lib/pki_export.cpp:95 msgctxt "pki_export|" msgid "PKCS #8" msgstr "PKCS #8" #: ../lib/pki_export.cpp:95 msgctxt "pki_export|" msgid "Unencrypted private key in PKCS#8 text format" msgstr "Nešifrovaný súkromný kľúč v textovom formáte PKCS#8" #: ../lib/pki_export.cpp:96 msgctxt "pki_export|" msgid "JSON Web Key private" msgstr "Súkromný kľúč JSON Web Key" #: ../lib/pki_export.cpp:96 msgctxt "pki_export|" msgid "Unencrypted private key in JSON Web Key format" msgstr "Nešifrovaný súkromný kľúč vo formáte JSON Web Key" #: ../lib/pki_export.cpp:97 msgctxt "pki_export|" msgid "JSON Web Key public" msgstr "Verejný kľúč JSON Web Key" #: ../lib/pki_export.cpp:97 msgctxt "pki_export|" msgid "Public key in JSON Web Key format" msgstr "Verejný kľúč vo formáte JSON Web Key" #: ../lib/pki_export.cpp:100 msgctxt "pki_export|" msgid "Binary DER format of the certificate request" msgstr "Binárny formát DER žiadosti o certifikát" #: ../lib/pki_export.cpp:104 msgctxt "pki_export|" msgid "Binary DER format of the revocation list" msgstr "Binárny formát DER zoznamu odvolaní" #: ../lib/pki_export.cpp:105 msgctxt "pki_export|" msgid "vCalendar reminder for the CRL expiry date" msgstr "Pripomienka vCalendar vypršania platnosti CRL" #: ../lib/pki_export.cpp:107 msgctxt "pki_export|" msgid "" "XCA template in PEM-like format. Templates include the internal name and " "comment" msgstr "" "Šablóna XCA vo formáte podobnom PEM. Šablóna zahŕňa interné meno a komentár" #: ../lib/pki_export.cpp:108 msgctxt "pki_export|" msgid "" "All selected XCA templates in PEM-like format. Templates include the " "internal name and comment" msgstr "" "Všetky zvolené šablóny XCA vo formáte podobnom PEM. Šablóny zahŕňajú interné " "meno a komentár" #: ../lib/pki_key.cpp:59 ../lib/pki_key.cpp:236 ../lib/pki_key.cpp:856 msgctxt "pki_key|" msgid "Public key" msgstr "Verejný kľúč" #: ../lib/pki_key.cpp:212 #, qt-format msgctxt "" "pki_key|%1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name " "of the key" msgid "Successfully imported the %1 public key '%2'" msgstr "Úspešne importovaný %1 verejný kľúč „%2”" #: ../lib/pki_key.cpp:214 #, qt-format msgctxt "" "pki_key|%1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal " "name(s) of the key(s)" msgid "Delete the %n %1 public key(s) '%2'?" msgid_plural "Delete the %n %1 public key(s) '%2'?" msgstr[0] "Odstrániť %1 verejný kľúč „%2”?" msgstr[1] "Odstrániť %1 verejné kľúče „%2”?" msgstr[2] "Odstrániť %1 verejných kľúčov „%2”?" #: ../lib/pki_key.cpp:220 #, qt-format msgctxt "" "pki_key|%1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name " "of the key" msgid "Successfully imported the %1 private key '%2'" msgstr "Úspešne importovaný %1 súkromný kľúč „%2”" #: ../lib/pki_key.cpp:222 #, qt-format msgctxt "" "pki_key|%1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal " "name(s) of the key(s)" msgid "Delete the %n %1 private key(s) '%2'?" msgid_plural "Delete the %n %1 private key(s) '%2'?" msgstr[0] "Odstrániť %1 súkromný kľúč „%2”?" msgstr[1] "Odstrániť %1 súkromné kľúče „%2”?" msgstr[2] "Odstrániť %1 súkromných kľúčov „%2”?" #: ../lib/pki_key.cpp:224 #, qt-format msgctxt "" "pki_key|%1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name " "of the key" msgid "Successfully created the %1 private key '%2'" msgstr "Úspešne vytvorený %1 súkromný kľúč „%2”" #: ../lib/pki_key.cpp:454 msgctxt "pki_key|" msgid "Common" msgstr "Spoločný" #: ../lib/pki_key.cpp:454 msgctxt "pki_key|" msgid "Private" msgstr "Súkromný" #: ../lib/pki_key.cpp:454 msgctxt "pki_key|" msgid "Bogus" msgstr "Pododný" #: ../lib/pki_key.cpp:454 msgctxt "pki_key|" msgid "PIN" msgstr "PIN" #: ../lib/pki_key.cpp:464 msgctxt "pki_key|" msgid "No password" msgstr "Bez hesla" #: ../lib/pki_key.cpp:561 ../lib/pki_key.cpp:666 #, qt-format msgctxt "pki_key|" msgid "Unexpected SSH2 content: '%1'" msgstr "Neočakávaný obsah SSH2: „%1”" #: ../lib/pki_key.cpp:581 ../lib/pki_key.cpp:587 msgctxt "pki_key|" msgid "Invalid SSH2 public key" msgstr "Neplatný verejný kľúč SSH2" #: ../lib/pki_key.cpp:778 #, qt-format msgctxt "pki_key|" msgid "Failed writing to %1" msgstr "Zlyhal zápis do %1" #: ../lib/pki_multi.cpp:138 msgctxt "pki_multi|" msgid "No known PEM encoded items found" msgstr "Nájdené neznáme kódované položky PEM" #: ../lib/pki_pkcs12.cpp:37 #, qt-format msgctxt "pki_pkcs12|" msgid "" "Please enter the password to decrypt the PKCS#12 file:\n" "%1" msgstr "" "Prosím, zadajte heslo na dešifrovanie súboru PKCS#12:\n" "%1" #: ../lib/pki_pkcs12.cpp:51 #, qt-format msgctxt "pki_pkcs12|" msgid "Unable to load the PKCS#12 (pfx) file %1." msgstr "Nemožno načítať súbor PKCS#12 (pfx) %1." #: ../lib/pki_pkcs12.cpp:83 #, qt-format msgctxt "pki_pkcs12|" msgid "The supplied password was wrong (%1)" msgstr "Zadané heslo je zlé (%1)" #: ../lib/pki_pkcs12.cpp:141 #, qt-format msgctxt "pki_pkcs12|" msgid "" "Please enter the password to encrypt the key of certificate '%1' in the " "PKCS#12 file:\n" "%2" msgstr "" "Prosím, zadajte heslo na zašifrovanie kľúča certifikátu „%1” v súbore " "PKCS#12:\n" "%2" #: ../lib/pki_pkcs12.cpp:138 msgctxt "pki_pkcs12|" msgid "No key or no Cert and no pkcs12" msgstr "Nie je to kľúč, ani Certifikát a ani PKCS#12" #: ../lib/pki_pkcs7.cpp:185 #, qt-format msgctxt "pki_pkcs7|" msgid "Unable to load the PKCS#7 file %1. Tried PEM and DER format." msgstr "Nemožno načítať súbor PKCS#7 %1. Vyskúšaný formát PEM a DER." #: ../lib/pki_scard.cpp:46 #, qt-format msgctxt "pki_scard|" msgid "Successfully imported the token key '%1'" msgstr "Úspešne importovaný kľúč tokenu „%1”" #: ../lib/pki_scard.cpp:48 #, qt-format msgctxt "pki_scard|" msgid "Successfully created the token key '%1'" msgstr "úspešne vytvorený kľúč tokenu „%1”" #: ../lib/pki_scard.cpp:47 #, qt-format msgctxt "pki_scard|" msgid "Delete the %n token key(s): '%1'?" msgid_plural "Delete the %n token key(s): '%1'?" msgstr[0] "Odstrániť kľúč tokenu „%1”?" msgstr[1] "Odstrániť %n kľúče tokenu „%1”?" msgstr[2] "Odstrániť %n kľúčov tokenu „%1”?" #: ../lib/pki_scard.cpp:375 #, qt-format msgctxt "pki_scard|" msgid "Delete the private key '%1' from the token '%2 (#%3)' ?" msgstr "Odstrániť súkromný kľúč „%1” z tokenu „%2 (#%3)”?" #: ../lib/pki_scard.cpp:448 msgctxt "pki_scard|" msgid "This Key is already on the token" msgstr "Tento kľúč už je na tokene" #: ../lib/pki_scard.cpp:532 msgctxt "pki_scard|" msgid "PIN input aborted" msgstr "Zadanie PIN zrušené" #: ../lib/pki_scard.cpp:548 msgctxt "pki_scard|" msgid "Unable to find copied key on the token" msgstr "Nemožno nájsť kópiu kľúča na tokene" #: ../lib/pki_scard.cpp:636 #, qt-format msgctxt "pki_scard|" msgid "Please insert card: %1 %2 [%3] with Serial: %4" msgstr "Prosím, vložte kartu: %1 %2 [%3] so sér. číslom: %4" #: ../lib/pki_scard.cpp:690 #, qt-format msgctxt "pki_scard|" msgid "Select Slot of %1" msgstr "Zvoliť slot z %1" #: ../lib/pki_scard.cpp:728 msgctxt "pki_scard|" msgid "Unable to find generated key on card" msgstr "Nemožno nájsť vygenerovaný kľúč na karte" #: ../lib/pki_scard.cpp:739 #, qt-format msgctxt "pki_scard|" msgid "Token %1" msgstr "Token %1" #: ../lib/pki_scard.cpp:748 ../lib/pki_scard.cpp:760 msgctxt "pki_scard|" msgid "Failed to find the key on the token" msgstr "Zlyhalo nájdenie kľúča na tokene" #: ../lib/pki_scard.cpp:754 msgctxt "pki_scard|" msgid "Invalid Pin for the token" msgstr "Neplatný PIN tokenu" #: ../lib/pki_scard.cpp:766 msgctxt "pki_scard|" msgid "Failed to initialize the key on the token" msgstr "Zlyhal inicializácia kľúča na tokene" #: ../lib/pki_temp.cpp:159 #, qt-format msgctxt "pki_temp|" msgid "Successfully imported the XCA template '%1'" msgstr "Úspešne importovaná šablóna XCA „%1”" #: ../lib/pki_temp.cpp:161 #, qt-format msgctxt "pki_temp|" msgid "Successfully created the XCA template '%1'" msgstr "Úspešne vytvorená šablóna XCA „%1”" #: ../lib/pki_temp.cpp:160 #, qt-format msgctxt "pki_temp|" msgid "Delete the %n XCA template(s): '%1'?" msgid_plural "Delete the %n XCA template(s): '%1'?" msgstr[0] "Odstrániť šablónu XCA „%1”?" msgstr[1] "Odstrániť %n šablóny XCA „%1”?" msgstr[2] "Odstrániť %n šablón XCA „%1”?" #: ../lib/pki_temp.cpp:373 #, qt-format msgctxt "pki_temp|" msgid "Wrong Size %1" msgstr "Zlá veľkosť %1" #: ../lib/pki_temp.cpp:471 msgctxt "pki_temp|" msgid "Template file content error (too small)" msgstr "Chyba obsahu súboru šablóny (príliš malá)" #: ../lib/pki_temp.cpp:521 msgctxt "pki_temp|" msgid "Not a PEM encoded XCA Template" msgstr "Šablóna XCA nie je vo formáte PEM" #: ../lib/pki_temp.cpp:528 #, qt-format msgctxt "pki_temp|" msgid "Not an XCA Template, but '%1'" msgstr "Nie je šablóna XCA, ale „%1”" #: ../lib/pki_x509.cpp:65 #, qt-format msgctxt "pki_x509|" msgid "Successfully imported the certificate '%1'" msgstr "Úspešne importovaný certifikát „%1”" #: ../lib/pki_x509.cpp:67 #, qt-format msgctxt "pki_x509|" msgid "Successfully created the certificate '%1'" msgstr "Úspešne vytvorený certifikát „%1”" #: ../lib/pki_x509.cpp:66 #, qt-format msgctxt "pki_x509|" msgid "Delete the %n certificate(s): '%1'?" msgid_plural "Delete the %n certificate(s): '%1'?" msgstr[0] "Odstrániť certifikát „%1”?" msgstr[1] "Odstrániť %n certifikáty „%1”?" msgstr[2] "Odstrániť %n certifikátov „%1”?" #: ../lib/pki_x509.cpp:237 #, qt-format msgctxt "pki_x509|" msgid "" "Unable to load the certificate in file %1. Tried PEM and DER certificate." msgstr "" "Nemožno načítať certifikát zo súboru %1. Vyskúšaný certifikát PEM a DER." #: ../lib/pki_x509.cpp:332 msgctxt "pki_x509|" msgid "Invalid OpenVPN tls-auth key" msgstr "Neplatný kľúč OpenVPN tls-auth" #: ../lib/pki_x509.cpp:362 msgctxt "pki_x509|" msgid "Failed to import tls-auth key" msgstr "Import kľúča tls-auth zlyhal" #: ../lib/pki_x509.cpp:365 msgctxt "pki_x509|" msgid "Same tls-auth key already stored for this CA" msgstr "Táto CA už má nejaký kľúč tls-auth uložený" #: ../lib/pki_x509.cpp:367 msgctxt "pki_x509|" msgid "New tls-auth key successfully imported" msgstr "Nový kľúč tls-auth úspešne importovaný" #: ../lib/pki_x509.cpp:369 msgctxt "pki_x509|" msgid "Existing tls-auth key successfully replaced" msgstr "Existujúci kľúč tls-auth úspešne nahradený" #: ../lib/pki_x509.cpp:473 msgctxt "pki_x509|" msgid "This certificate is already on the security token" msgstr "Tento certifikát už je na bezpečnostnom tokene" #: ../lib/pki_x509.cpp:536 #, qt-format msgctxt "pki_x509|" msgid "Delete the certificate '%1' from the token '%2 (#%3)'?" msgstr "Odstrániť certifikát „%1” z tokenu „%2 (#%3)”?" #: ../lib/pki_x509.cpp:660 msgctxt "pki_x509|" msgid "There is no key for signing !" msgstr "Chýba kľúč na podpísanie!" #: ../lib/pki_x509.cpp:972 msgctxt "pki_x509|" msgid "No" msgstr "Nie" #: ../lib/pki_x509.cpp:974 msgctxt "pki_x509|" msgid "Yes" msgstr "Áno" #: ../lib/pki_x509.cpp:1004 #, qt-format msgctxt "pki_x509|" msgid "Renew certificate: %1" msgstr "Obnoviť certifikát: %1" #: ../lib/pki_x509.cpp:1005 #, qt-format msgctxt "pki_x509|" msgid "" "The XCA certificate '%1', issued on %2 will expire on %3.\n" "It is stored in the XCA database '%4'" msgstr "" "Certifikát XCA „%1”, vydaný %2 vyprší %3.\n" "Je uložený v databáze XCA „%4”" #: ../lib/pki_x509req.cpp:108 msgctxt "pki_x509req|" msgid "Signing key not valid (public key)" msgstr "Podpisujúci kľúč neplatný (verejný kľúč)" #: ../lib/pki_x509req.cpp:147 #, qt-format msgctxt "pki_x509req|" msgid "Successfully imported the PKCS#10 certificate request '%1'" msgstr "Úspešne importovaná žiadosť o certifikát PKCS#10 „%1”" #: ../lib/pki_x509req.cpp:148 #, qt-format msgctxt "pki_x509req|" msgid "Delete the %n PKCS#10 certificate request(s): '%1'?" msgid_plural "Delete the %n PKCS#10 certificate request(s): '%1'?" msgstr[0] "Odstrániť žiadosť o certifikát PKCS#10 „%1”?" msgstr[1] "Odstrániť %n žiadosti o certifikát PKCS#10 „%1”?" msgstr[2] "Odstrániť %n žiadostí o certifikát PKCS#10 „%1”?" #: ../lib/pki_x509req.cpp:149 #, qt-format msgctxt "pki_x509req|" msgid "Successfully created the PKCS#10 certificate request '%1'" msgstr "Úspešne vytvorená žiadosť o certifikát PKCS#10 „%1”" #: ../lib/pki_x509req.cpp:180 #, qt-format msgctxt "pki_x509req|" msgid "" "Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC " "format." msgstr "" "Nemožno načítať žiadosť o certifikát zo súboru %1. Vyskúšané formáty PEM, " "DER a SPKAC." #: ../lib/pki_x509req.cpp:366 msgctxt "pki_x509req|" msgid "Signed" msgstr "Podpísaný" #: ../lib/pki_x509req.cpp:366 msgctxt "pki_x509req|" msgid "Unhandled" msgstr "Nespracované" #: ../ui/v3ext.ui:26 msgctxt "v3ext|" msgid "Copy Common Name" msgstr "Kopírovať bežný názov" #: ../ui/v3ext.ui:56 msgctxt "v3ext|" msgid "Add" msgstr "Pridať" #: ../ui/v3ext.ui:63 msgctxt "v3ext|" msgid "Delete" msgstr "Odstrániť" #: ../ui/v3ext.ui:89 msgctxt "v3ext|" msgid "Apply" msgstr "Použiť" #: ../ui/v3ext.ui:96 msgctxt "v3ext|" msgid "Validate" msgstr "Overiť" #: ../ui/v3ext.ui:125 msgctxt "v3ext|" msgid "Cancel" msgstr "Zrušiť" #: ../widgets/v3ext.cpp:75 msgctxt "v3ext|" msgid "An email address or 'copy'" msgstr "Emailová adresa alebo „copy”" #: ../widgets/v3ext.cpp:77 msgctxt "v3ext|" msgid "An email address" msgstr "Emailová adresa" #: ../widgets/v3ext.cpp:79 msgctxt "v3ext|" msgid "A registered ID: OBJECT IDENTIFIER" msgstr "Registrované ID: IDENTIFIKÁTOR OBJEKTU" #: ../widgets/v3ext.cpp:83 msgctxt "v3ext|" msgid "A uniform resource indicator" msgstr "Jednotný indikátor zdroja" #: ../widgets/v3ext.cpp:88 msgctxt "v3ext|" msgid "A DNS domain name or 'copycn'" msgstr "Doménové meno DNS alebo „copycn”" #: ../widgets/v3ext.cpp:90 msgctxt "v3ext|" msgid "A DNS domain name" msgstr "Doménové meno DNS" #: ../widgets/v3ext.cpp:92 msgctxt "v3ext|" msgid "An IP address" msgstr "Adresa IP" #: ../widgets/v3ext.cpp:95 msgctxt "v3ext|" msgid "Syntax: ;TYPE:text like '1.2.3.4:UTF8:name'" msgstr "Syntax: ;TYP:text ako '1.2.3.4:UTF8:názov'" #: ../widgets/v3ext.cpp:99 msgctxt "v3ext|" msgid "No editing. Only 'copy' allowed here" msgstr "Neupravovať. Je tu dovolené len „copy”" #: ../widgets/v3ext.cpp:168 #, qt-format msgctxt "v3ext|" msgid "" "Validation failed:\n" "'%1'\n" "%2" msgstr "" "Overenie zlyhalo:\n" "„%1”\n" "%2" #: ../widgets/v3ext.cpp:173 #, qt-format msgctxt "v3ext|" msgid "" "Validation successful:\n" "'%1'" msgstr "" "Overenie úspešné:\n" "„%1”" #: ../widgets/XcaWarning.cpp:71 msgctxt "xcaWarningGui|" msgid "Copy to Clipboard" msgstr "Kopírovať do schránky" #~ msgctxt "TrustState|" #~ msgid "Certificate trust" #~ msgstr "D§veryhodnosť o certifikátu" #~ msgctxt "TrustState|" #~ msgid "Trustment" #~ msgstr "Dôveryhodnosť" #~ msgctxt "TrustState|" #~ msgid "&Never trust this certificate" #~ msgstr "Tomuto certifikátu &nikdy nedôverovať" #~ msgctxt "TrustState|" #~ msgid "Only &trust this certificate, if we trust the signer" #~ msgstr "Tomuto certifikátu &dôverovať, ak dôverujem vydavateľovi" #~ msgctxt "TrustState|" #~ msgid "&Always trust this certificate" #~ msgstr "Tomuto certifikátu &vždy dôverovať" #~ msgctxt "db_key|" #~ msgid "Internal error" #~ msgstr "Interná chyba" #, qt-format #~ msgctxt "pki_crl|" #~ msgid "Delete the %1 revocation lists: %2?" #~ msgstr "Odstrániť %1 uoznamov odvolaní: %2?" #, qt-format #~ msgctxt "pki_evp|" #~ msgid "Please enter the password protecting the Microsoft PVK key '%1'" #~ msgstr "Prosím, zadajte heslo na ochranu kľúča Microsoft PVK „%1”" #, qt-format #~ msgctxt "pki_evp|" #~ msgid "Please enter the export password for the private key '%1'" #~ msgstr "Prosím, zadajte heslo exportu súkromného kľúča „%1”" #~ msgctxt "pki_export|" #~ msgid "XCA template in PEM-like format" #~ msgstr "Šablóna XCA vo formáte podobnom PEM" #, qt-format #~ msgctxt "pki_key|" #~ msgid "Delete the %1 keys: %2?" #~ msgstr "Odstrániť %1 kľúčov: %2?" #~ msgctxt "pki_pkcs12|" #~ msgid "Please enter the password to encrypt the PKCS#12 file" #~ msgstr "Prosím, zadajte heslo na zašifrovanie súboru PKCS#12" #, qt-format #~ msgctxt "pki_scard|" #~ msgid "Delete the %1 keys: %2?" #~ msgstr "Odstrániť %1 kľúčov: %2?" #, qt-format #~ msgctxt "pki_temp|" #~ msgid "Delete the %1 XCA templates: %2?" #~ msgstr "Odstrániť %1 šablón XCA: %2?" #, qt-format #~ msgctxt "pki_x509|" #~ msgid "Delete the %1 certificates: %2?" #~ msgstr "Odstrániť %1 certifikátov: %2?" #, qt-format #~ msgctxt "pki_x509req|" #~ msgid "Delete the %1 certificate requests: %2?" #~ msgstr "Odstrániť %1 žiadosť o certifikát: %2?" #~ msgctxt "X509SuperTreeView|" #~ msgid "Save as OpenSSL config" #~ msgstr "Uložiť ako konfiguráciu OpenSSL" #~ msgctxt "X509SuperTreeView|" #~ msgid "Config files ( *.conf *.cnf);; All files ( * )" #~ msgstr "Konfiguračné súbory ( *.conf *.cnf );; Všetky súbory ( * )" #~ msgctxt "pki_export|" #~ msgid "PVK encrypted" #~ msgstr "PVK šifrovaný" #~ msgctxt "pki_export|" #~ msgid "Encrypted private key in Microsoft PVK format" #~ msgstr "Šifrovaný súkromný kľúč vo formáte Microsoft PVK" #~ msgctxt "ExportDialog|" #~ msgid "Concatenated text format of all certificates in one PEM file" #~ msgstr "Zlúčený textový formát všetkých certifikátov v jednom súbore PEM" #~ msgctxt "ExportDialog|" #~ msgid "All unrevoked certificates encoded in one PKCS#7 file" #~ msgstr "Všetky neodvolané certifikáty kódované v jednom súbore PKCS#7" #~ msgctxt "ExportDialog|" #~ msgid "All certificates encoded in one PKCS#7 file" #~ msgstr "Všetky certifikáty kódované v jednom súbore PKCS#7" #, qt-format #~ msgctxt "ImportMulti|" #~ msgid "Details of the item '%1' cannot be shown" #~ msgstr "Podrobnosti položky „%1” nemožno zobraziť" #~ msgctxt "PwDialog|" #~ msgid "Password" #~ msgstr "Heslo" #~ msgctxt "QMessageBox|" #~ msgid "Ok" #~ msgstr "OK" #~ msgctxt "QMessageBox|" #~ msgid "Close" #~ msgstr "Zatvoriť" #~ msgctxt "QMessageBox|" #~ msgid "Cancel" #~ msgstr "Zrušiť" #~ msgctxt "QMessageBox|" #~ msgid "Apply" #~ msgstr "Použiť" #~ msgctxt "QMessageBox|" #~ msgid "Yes" #~ msgstr "Áno" #~ msgctxt "QMessageBox|" #~ msgid "No" #~ msgstr "Nie" #, qt-format #~ msgctxt "QObject|" #~ msgid "Out of Memory at %1:%2" #~ msgstr "Nedostatok pamäte na %1:%2" #, qt-format #~ msgctxt "QObject|" #~ msgid "Invalid filename: %1" #~ msgstr "Neplatné meno súboru: %1" #, qt-format #~ msgctxt "database_model|" #~ msgid "" #~ "Legacy database format detected. Creating a backup copy called: '%1' and " #~ "converting the database to the new format" #~ msgstr "" #~ "Detegovaný starý formát databázy. Vytvorená záložná kópia, nazvaná: „%1” " #~ "a databáza konvertovaná do nového formátu" #~ msgctxt "database_model|" #~ msgid "" #~ "Failed to rename the database file, because the target already exists" #~ msgstr "Premenovanie súboru databázy zlyhalo, pretože cieľ už existuje" #, qt-format #~ msgctxt "db_base|" #~ msgid "How to export the %1 selected items" #~ msgstr "Ako exportovať %1 zvolených položiek" #~ msgctxt "db_base|" #~ msgid "All in one PEM file" #~ msgstr "Všetky v jednom súbore PEM" #, qt-format #~ msgctxt "db_base|" #~ msgid "Save %1 items in one file as" #~ msgstr "Uložiť %1 položiek v jednom súbore ako" #~ msgctxt "db_base|" #~ msgid "PEM files ( *.pem );; All files ( * )" #~ msgstr "Súbory PEM ( *.pem );; Všetky súbory ( * )" #~ msgctxt "db_key|" #~ msgid "Export keys to Clipboard" #~ msgstr "Exportovať kľúče do schránky" #~ msgctxt "db_key|" #~ msgid "Clipboard" #~ msgstr "Schránka" #, qt-format #~ msgctxt "db_key|" #~ msgid "Export public key [%1]" #~ msgstr "Exportovať verejný kľúč [%1]" #, qt-format #~ msgctxt "db_key|" #~ msgid "Export private key [%1]" #~ msgstr "Exportovať súkromný kľúč [%1]" #~ msgctxt "db_temp|" #~ msgid "Save template as" #~ msgstr "Uložiť šablónu ako" #~ msgctxt "db_temp|" #~ msgid "XCA templates ( *.xca );; All files ( * )" #~ msgstr "Šablóny XCA ( *.xca );; Všetky súbory ( * )" #~ msgctxt "db_x509|" #~ msgid "PKCS#7 unrevoked" #~ msgstr "Neodvolané PKCS#7" #~ msgctxt "db_x509|" #~ msgid "PEM unrevoked" #~ msgstr "Neodvolané PEM" #~ msgctxt "db_x509|" #~ msgid "PEM all" #~ msgstr "PEM všetky" #, qt-format #~ msgctxt "pki_crl|" #~ msgid "Wrong Size %1" #~ msgstr "Zlá veľkosť %1" #~ msgctxt "pki_evp|" #~ msgid "Ignoring unsupported private key" #~ msgstr "Ignorujem nepodporovaný súkromný kľúč" #~ msgctxt "pki_scard|" #~ msgid "Ignoring unsupported token key" #~ msgstr "Ignorovanie nepodporovaného kľúča tokenu" #, qt-format #~ msgctxt "pki_scard|" #~ msgid "Wrong Size %1" #~ msgstr "Zlá veľkosť %1" #, qt-format #~ msgctxt "pki_x509|" #~ msgid "Wrong Size %1" #~ msgstr "Zlá veľkosť %1" #, qt-format #~ msgctxt "pki_x509req|" #~ msgid "Wrong Size %1" #~ msgstr "Zlá veľkosť %1" #~ msgctxt "MainWindow|" #~ msgid "No deleted items found" #~ msgstr "Nenájdené žiadne zmazané položky" #, qt-format #~ msgctxt "MainWindow|" #~ msgid "no such option: %1" #~ msgstr "neznáma voľba: %1" #~ msgctxt "OpenDb|" #~ msgid "" #~ "The database driver does not support transactions. This may happen if the " #~ "client and server have different versions. Continue with care." #~ msgstr "" #~ "Ovládač databázy nepodporuje transakcie. Toto môže nastať, ak majú kleint " #~ "a server rôzne verzie. Pokračujte s opatrnosťou." #~ msgctxt "PwDialog|" #~ msgid "E&xit" #~ msgstr "S&končiť" #~ msgctxt "db_x509|" #~ msgid "Plain View" #~ msgstr "Prosté zobrazenie" #, qt-format #~ msgctxt "pki_evp|" #~ msgid "Failed to decrypt the key (bad password) %1" #~ msgstr "Zlyhalo dešifrovanie kľúča (zlé heslo) %1" #~ msgctxt "pki_scard|" #~ msgid "Illegal Key generation method" #~ msgstr "Neprípustná metóda generovania kľúča" #~ msgctxt "QObject|" #~ msgid "DB: Rename: '%1' already in use" #~ msgstr "Premenovanie DB: „%1” už je použité" #~ msgctxt "QObject|" #~ msgid "DB: Entry to rename not found: %1" #~ msgstr "DB: Položka na premenovanie nenájdená: %1" #~ msgctxt "QObject|" #~ msgid "DB: Write error %1 - %2" #~ msgstr "DB: Chyba zápisu %1 – %2" #~ msgctxt "MainWindow|" #~ msgid "&Token" #~ msgstr "&Token" #~ msgctxt "MainWindow|" #~ msgid "&Content" #~ msgstr "&Obsah" #~ msgctxt "MainWindow|" #~ msgid "Error opening file: '%1': %2" #~ msgstr "Chyba otvorenia súboru: „%1”: %2" #~ msgctxt "db_base|" #~ msgid "Error opening file: '%1': %2" #~ msgstr "Chyba otvorenia súboru: „%1”: %2" #~ msgctxt "db_x509|" #~ msgid "Error opening file: '%1': %2" #~ msgstr "Chyba otvorenia súboru: „%1”: %2" #~ msgctxt "pki_base|" #~ msgid "Error writing to file: '%1': %2" #~ msgstr "Chyba zápisu do súboru „%1”: %2" #~ msgctxt "pki_crl|" #~ msgid "unknown" #~ msgstr "neznáme" #~ msgctxt "pki_scard|" #~ msgid "Public Key mismatch. Please re-import card" #~ msgstr "Nezhoda verejného kľúča. Prosím, znova importujte kartu" #~ msgctxt "pki_temp|" #~ msgid "Template file content error (too small): %1" #~ msgstr "Chyba obsahu súboru šablóny (príliš malá): %1" xca-RELEASE.2.9.0/lang/tr.po000066400000000000000000001444021477156507700153120ustar00rootroot00000000000000# Turkish translation for xca # Copyright (c) 2010 Rosetta Contributors and Canonical Ltd 2010 # This file is distributed under the same license as the xca package. # FIRST AUTHOR , 2010. # msgid "" msgstr "" "Project-Id-Version: xca\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2011-04-30 08:24+0200\n" "PO-Revision-Date: 2011-04-28 09:11+0000\n" "Last-Translator: Mesut YETER \n" "Language-Team: Turkish \n" "Language: tr\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "X-Launchpad-Export-Date: 2011-04-30 05:52+0000\n" "X-Generator: Launchpad (build 12915)\n" #: About#1 msgid "Done" msgstr "Bitti" #: CaProperties#1 msgid "CA Properties" msgstr "CA Özellikleri" #: CaProperties#2 msgid "Use random Serial numbers" msgstr "Değişken Seri numaralar kullan" #: CaProperties#3 msgid "Days until next CRL issuing" msgstr "" #: CaProperties#4 msgid "Default template" msgstr "Varsayılan şablon" #: CaProperties#5 msgid "Next serial for signing" msgstr "İmza için sonraki seri" #: CertDetail#1 msgid "Details of the Certificate" msgstr "Sertifika bilgileri" #: CertDetail#2 msgid "S&tatus" msgstr "&Durum" #: CertDetail#3 msgctxt "CertDetail#3" msgid "Serial" msgstr "Seri" #: CertDetail#4 msgid "The serial number of the certificate" msgstr "Sertifika seri numarası" #: CertDetail#5 msgid "The internal name of the certificate in the database" msgstr "Sertifika veritabanındaki isim" #: CertDetail#6 msgctxt "CertDetail#6" msgid "Internal name" msgstr "Dahili adı" #: CertDetail#7 msgctxt "CertDetail#7" msgid "Signature algorithm" msgstr "İmza algoritması" #: CertDetail#8 msgctxt "CertDetail#8" msgid "Signature" msgstr "İmza" #: CertDetail#9 msgctxt "CertDetail#9" msgid "Key" msgstr "Anahtar" #: CertDetail#10 msgid "Fingerprints" msgstr "Parmak izleri" #: CertDetail#11 msgid "SHA1" msgstr "SHA1" #: CertDetail#12 msgid "MD5" msgstr "MD5" #: CertDetail#13 msgid "A SHA-1 hashsum of the certificate" msgstr "A SHA-1 hashsum sertifikası" #: CertDetail#14 msgid "An md5 hashsum of the certificate" msgstr "An md5 hassum sertifikası" #: CertDetail#15 msgctxt "CertDetail#15" msgid "Validity" msgstr "Geçerlilik" #: CertDetail#16 msgid "The time since the certificate is valid" msgstr "Zamana kadar geçerli sertifika" #: CertDetail#17 msgid "The time until the certificate is valid" msgstr "Bu zaman kadar sertifika geçerli" #: CertDetail#18 msgid "&Subject" msgstr "&Konu" #: CertDetail#19 msgctxt "CertDetail#19" msgid "&Issuer" msgstr "&veren" #: CertDetail#20 msgid "Attributes" msgstr "Nitelikler" #: CertDetail#21 msgctxt "CertDetail#21" msgid "&Extensions" msgstr "&Uzantıları" #: CertDetail#22 msgid "Show config" msgstr "Yapılandırmayı göster" #: CertDetail#23 msgid "Show extensions" msgstr "Uzantıları göster" #: CertDetail#24 msgctxt "CertDetail#24" msgid "Not available" msgstr "Kullanılamaz" #: CertDetail#25 msgid "Details of the certificate" msgstr "Sertifika detayları" #: CertDetail#26 msgid "Signer unknown" msgstr "Bilinmeyen imzalayan makam" #: CertDetail#27 msgid "Self signed" msgstr "Kendinden imzalı" #: CertDetail#28 msgctxt "CertDetail#28" msgid "Not trusted" msgstr "Güvenilmeyen" #: CertDetail#29 msgid "Trusted" msgstr "Güvenilir" #: CertDetail#30 msgid "Revoked: " msgstr "İptaledilmiş " #: CertDetail#31 msgid "Not valid" msgstr "Geçersiz" #: CertDetail#32 msgid "Valid" msgstr "Geçerli" #: CertDetail#33 msgid "Details of the certificate signing request" msgstr "sertifika imzalama isteği detayları" #: CertExtend#1 msgid "Certificate renewal" msgstr "Sertifika yenileme" #: CertExtend#2 msgid "" "This will create a new certificate as a copy of the old one with a new " "serial number and adjusted validity values." msgstr "" "Bu yeni bir seri numarası ve düzeltilmiş geçerlilik değerleri ile eski bir " "kopyası olarak yeni bir sertifika oluşturur." #: CertExtend#3 msgctxt "CertExtend#3" msgid "Validity" msgstr "Geçerlilik" #: CertExtend#4 msgctxt "CertExtend#4" msgid "Not before" msgstr "Öncedeğil" #: CertExtend#5 msgctxt "CertExtend#5" msgid "Not after" msgstr "Sonradeğil" #: CertExtend#6 msgctxt "CertExtend#6" msgid "Time range" msgstr "Zaman aralığı" #: CertExtend#7 msgctxt "CertExtend#7" msgid "No well-defined expiration" msgstr "Tanımlanmamış son" #: CertExtend#8 msgctxt "CertExtend#8" msgid "Apply" msgstr "Uygula" #: CertExtend#9 msgctxt "CertExtend#9" msgid "Days" msgstr "Gün" #: CertExtend#10 msgctxt "CertExtend#10" msgid "Months" msgstr "Ay" #: CertExtend#11 msgctxt "CertExtend#11" msgid "Years" msgstr "Yıl" #: CertExtend#12 msgctxt "CertExtend#12" msgid "Midnight" msgstr "Gece Yarısı" #: CertExtend#13 msgctxt "CertExtend#13" msgid "" "The certificate will be earlier valid than the signer. This is probably not " "what you want." msgstr "" "Sertifika önceki imzalayandan daha geçerli olacaktır. Muhtemelen istediğiniz " "bu değildir." #: CertExtend#14 msgid "Edit times" msgstr "Zamanı düzenle" #: CertExtend#15 msgctxt "CertExtend#15" msgid "Abort rollout" msgstr "" #: CertExtend#16 msgctxt "CertExtend#16" msgid "Continue rollout" msgstr "" #: CertExtend#17 msgctxt "CertExtend#17" msgid "Adjust date and continue" msgstr "Tarihi düzenler ve devam eder" #: CertExtend#18 msgctxt "CertExtend#18" msgid "" "The certificate will be longer valid than the signer. This is probably not " "what you want." msgstr "" "Sertifika önceki imzalayandan daha geçerli olacaktır. Muhtemelen istediğiniz " "bu değildir." #: CertView#1 msgctxt "CertView#1" msgid "There was no key found for the Certificate: " msgstr "Sertifikadaki anahtar bulunamıyor. " #: CertView#2 msgctxt "CertView#2" msgid "Import Certificate signing request" msgstr "Sertifika imzalama isteği" #: ClickLabel#1 msgid "Double click for details" msgstr "Detaylariçin çift tıklayın" #: CrlDetail#1 msgid "Details of the Revocation list" msgstr "İptal listesi için çift tıklayın" #: CrlDetail#2 msgid "&Status" msgstr "&Durum" #: CrlDetail#3 msgid "Version" msgstr "Sürüm" #: CrlDetail#4 msgctxt "CrlDetail#4" msgid "Signature" msgstr "İmza" #: CrlDetail#5 msgid "Signed by" msgstr "İmzalayan:" #: CrlDetail#6 msgctxt "CrlDetail#6" msgid "Name" msgstr "İsim" #: CrlDetail#7 msgid "The internal name of the CRL in the database" msgstr "CRL veritabanındaki isim" #: CrlDetail#8 msgid "issuing dates" msgstr "Verilen tarih" #: CrlDetail#9 msgid "Next Update" msgstr "Sonraki Güncelleme" #: CrlDetail#10 msgid "Last Update" msgstr "Son Güncelleme" #: CrlDetail#11 msgctxt "CrlDetail#11" msgid "&Issuer" msgstr "&veren" #: CrlDetail#12 msgctxt "CrlDetail#12" msgid "&Extensions" msgstr "&Uzantıları" #: CrlDetail#13 msgid "&Revocation list" msgstr "&İptal listesi" #: CrlDetail#14 msgid "0" msgstr "0" #: CrlDetail#15 msgctxt "CrlDetail#15" msgid "Serial" msgstr "Seri" #: CrlDetail#16 msgctxt "CrlDetail#16" msgid "Revocation" msgstr "İptal" #: CrlDetail#17 msgid "Reason" msgstr "Neden" #: CrlDetail#18 msgid "Invalidation" msgstr "İptal" #: CrlDetail#19 msgid "Failed" msgstr "Başarısız" #: CrlDetail#20 msgid "Unknown signer" msgstr "Bilinmeyen imzalayan" #: CrlDetail#21 msgid "Verification not possible" msgstr "Doğrulama mümkün değil" #: CrlDetail#22 msgid "Unknown certificate" msgstr "Bilinmeyen sertifika" #: ExportCert#1 msgid "X509 Certificates ( *.cer *.crt *.p12 *.p7b);;All files ( * )" msgstr "X509 sertifikası (*cer *.crt *.p12 *.p7b);;Tüm dosyalar (*)" #: ExportCert#2 msgid "" "DER is a binary format of the Certificate\n" "PEM is a base64 encoded Certificate\n" "PKCS#7 is an official Certificate exchange format\n" "PKCS#12 is an encrypted official Key-Certificate exchange format\n" msgstr "" "DER ikili sertifika formatı\n" "PEM base64 kodlu sertifika\n" "PKCS#7 resmi değişim sertifikası\n" "PKCS#12 kriptolu anahtar sertifikası\n" #: ExportCert#3 msgid "Please enter the filename for the certificate." msgstr "Lütfen sertifika ismini giriniz." #: ExportCert#4 msgid "Certificate export" msgstr "Sertifika dışa aktar" #: ExportDer#1 msgctxt "ExportDer#1" msgid "All files ( * )" msgstr "Bütün dosyalar ( * )" #: ExportDer#2 msgid "" "DER is a binary format\n" "PEM is a base64 encoded DER file\n" msgstr "" "DER ikili biçimdir\n" "PEM base64 kodlanmış DER dosyası\n" #: ExportDialog#1 msgid "..." msgstr "..." #: ExportDialog#2 msgid "Filename" msgstr "Dosya adı" #: ExportDialog#3 msgid "Please enter the filename" msgstr "Lütfen dosya adını giriniz" #: ExportDialog#4 msgid "Export Format" msgstr "Verme biçimi" #: ExportDialog#5 msgid "The file: '%1' already exists!" msgstr "Dosya: 2%1' zaten var" #: ExportDialog#6 msgid "Overwrite" msgstr "Üzerine yaz" #: ExportDialog#7 msgid "Do not overwrite" msgstr "Üzerine yazmayın" #: ExportKey#1 msgid "When exporting the private key it should be encrypted." msgstr "Özel anahtar dışa aktarılırken şifreli olmalıdır." #: ExportKey#2 msgid "When exporting the private part, it should be encrypted." msgstr "Özel bölüm aktarılırken şifreli olmalıdır." #: ExportKey#3 msgid "E&xport the private part of the Key too" msgstr "Dışa aktarılan özel bölüm anahtarı çok" #: ExportKey#4 msgid "Export as PKCS#8" msgstr "PKCS#8 olarak aktar" #: ExportKey#5 msgid "&Encrypt the Key with a password" msgstr "" #: ExportKey#6 msgid "Private keys ( *.pem *.der *.pk8 );;All files ( * )" msgstr "Özel anatarlar (*.pem *.der *.pk8);;Tüm dosyalar ( * )" #: ExportKey#7 msgid "" "DER is a binary format of the key without encryption\n" "PEM is a base64 encoded key with optional encryption\n" "PKCS#8 is an encrypted official Key-exchange format" msgstr "" #: ExportKey#8 msgid "Please enter the filename for the key." msgstr "" #: ExportKey#9 msgid "Public key export" msgstr "" #: ExportKey#10 msgid "Key export" msgstr "" #: Help#1 msgid "<<" msgstr "<<" #: Help#2 msgid ">>" msgstr ">>" #: Help#3 msgctxt "Help#3" msgid "&Done" msgstr "&Bitti" #: ImportMulti#1 msgid "Import PKI Items" msgstr "" #: ImportMulti#2 msgid "Import &All" msgstr "" #: ImportMulti#3 msgctxt "ImportMulti#3" msgid "&Import" msgstr "&İçe Aktar" #: ImportMulti#4 msgctxt "ImportMulti#4" msgid "&Done" msgstr "&Bitti" #: ImportMulti#5 #, fuzzy msgid "&Remove from list" msgstr "&İptal listesi" #: ImportMulti#6 msgid "Details" msgstr "Detaylar" #: ImportMulti#7 msgid "Delete from token" msgstr "" #: ImportMulti#8 msgid "Rename on token" msgstr "" #: ImportMulti#9 msgid "" "\n" "Name: %1\n" "Model: %2\n" "Serial: %3" msgstr "" #: ImportMulti#10 msgid "Manage security token" msgstr "" #: ImportMulti#11 msgid "The type of the Item '%1' is not recognized" msgstr "" #: ImportMulti#12 msgid "Details of the item '%1' cannot be shown" msgstr "" #: ImportMulti#13 msgid "The type of the item '%1' is not recognized" msgstr "" #: ImportMulti#14 msgid "The file '%1' did not contain PKI data" msgstr "" #: ImportMulti#15 msgid "The %1 files: '%2' did not contain PKI data" msgstr "" #: KeyDetail#1 msgctxt "KeyDetail#1" msgid "Name" msgstr "İsim" #: KeyDetail#2 msgid "The internal name of the key used by xca" msgstr "" #: KeyDetail#3 msgctxt "KeyDetail#3" msgid "Security token" msgstr "" #: KeyDetail#4 msgid "Manufacturer" msgstr "" #: KeyDetail#5 msgctxt "KeyDetail#5" msgid "Serial" msgstr "Seri" #: KeyDetail#6 msgctxt "KeyDetail#6" msgid "Key" msgstr "" #: KeyDetail#7 msgid "Public Exponent" msgstr "" #: KeyDetail#8 msgctxt "KeyDetail#8" msgid "Keysize" msgstr "" #: KeyDetail#9 msgid "Private Exponent" msgstr "" #: KeyDetail#10 msgid "Modulus" msgstr "" #: KeyDetail#11 msgid "Details of the %1 key" msgstr "" #: KeyDetail#12 msgctxt "KeyDetail#12" msgid "Not available" msgstr "" #: KeyDetail#13 msgid "Token" msgstr "" #: KeyDetail#14 msgid "Security token ID:%1" msgstr "" #: KeyDetail#15 msgid "Available" msgstr "" #: KeyDetail#16 msgid "Sub prime" msgstr "" #: KeyDetail#17 msgid "Public key" msgstr "" #: KeyDetail#18 msgctxt "KeyDetail#18" msgid "Private key" msgstr "" #: KeyDetail#19 msgid "Curve name" msgstr "" #: KeyDetail#20 msgid "Unknown key" msgstr "" #: MainWindow#1 msgid "Private Keys" msgstr "" #: MainWindow#2 msgid "&New Key" msgstr "" #: MainWindow#3 msgid "&Export" msgstr "" #: MainWindow#4 msgctxt "MainWindow#4" msgid "&Import" msgstr "" #: MainWindow#5 msgid "Import PFX (PKCS#12)" msgstr "" #: MainWindow#6 msgid "&Show Details" msgstr "" #: MainWindow#7 msgid "&Delete" msgstr "&Sil" #: MainWindow#8 msgid "Certificate signing requests" msgstr "" #: MainWindow#9 msgid "&New Request" msgstr "" #: MainWindow#10 msgid "Certificates" msgstr "Sertifikalar" #: MainWindow#11 msgid "&New Certificate" msgstr "" #: MainWindow#12 msgid "Import &PKCS#12" msgstr "" #: MainWindow#13 msgid "Import P&KCS#7" msgstr "" #: MainWindow#14 msgctxt "MainWindow#14" msgid "Plain View" msgstr "" #: MainWindow#15 msgid "Templates" msgstr "" #: MainWindow#16 msgid "&New template" msgstr "" #: MainWindow#17 msgid "Ch&ange Template" msgstr "" #: MainWindow#18 msgid "Revocation lists" msgstr "" #: MainWindow#19 msgid "" "Using or exporting private keys will not be possible without providing the " "correct password" msgstr "" #: MainWindow#20 msgid "Database" msgstr "Veri Tabanı" #: MainWindow#21 msgid "No deleted items found" msgstr "" #: MainWindow#22 msgid "&File" msgstr "&Dosya" #: MainWindow#23 msgid "&New DataBase" msgstr "" #: MainWindow#24 msgid "&Open DataBase" msgstr "" #: MainWindow#25 msgid "Generate DH parameter" msgstr "" #: MainWindow#26 msgid "Set as default DataBase" msgstr "" #: MainWindow#27 msgid "&Close DataBase" msgstr "" #: MainWindow#28 msgid "&Dump DataBase" msgstr "" #: MainWindow#29 msgid "C&hange DataBase password" msgstr "" #: MainWindow#30 msgid "&Import old db_dump" msgstr "" #: MainWindow#31 msgid "&Undelete items" msgstr "" #: MainWindow#32 msgid "Options" msgstr "" #: MainWindow#33 msgid "Exit" msgstr "Çıkış" #: MainWindow#34 msgid "I&mport" msgstr "" #: MainWindow#35 msgid "Keys" msgstr "" #: MainWindow#36 msgid "Requests" msgstr "" #: MainWindow#37 msgid "PKCS#12" msgstr "" #: MainWindow#38 msgctxt "MainWindow#38" msgid "PKCS#7" msgstr "" #: MainWindow#39 msgctxt "MainWindow#39" msgid "Template" msgstr "" #: MainWindow#40 msgid "Revocation list" msgstr "" #: MainWindow#41 msgid "PEM file" msgstr "" #: MainWindow#42 msgid "&Token" msgstr "" #: MainWindow#43 msgid "&Manage Security token" msgstr "" #: MainWindow#44 msgid "&Init Security token" msgstr "" #: MainWindow#45 msgid "&Change PIN" msgstr "" #: MainWindow#46 msgid "Change &SO PIN" msgstr "" #: MainWindow#47 msgid "Init PIN" msgstr "" #: MainWindow#48 msgid "&Help" msgstr "&Yardım" #: MainWindow#49 msgid "&Content" msgstr "" #: MainWindow#50 msgid "&About" msgstr "&Hakkında" #: MainWindow#51 msgid "Donations" msgstr "" #: MainWindow#52 msgid "Database dump ( *.dump );;All files ( * )" msgstr "" #: MainWindow#53 msgid "Import password" msgstr "" #: MainWindow#54 msgid "Please enter the password of the old database" msgstr "" #: MainWindow#55 msgid "Password verification error. Ignore keys ?" msgstr "" #: MainWindow#56 msgid "Import anyway" msgstr "" #: MainWindow#57 #, fuzzy msgctxt "MainWindow#57" msgid "Cancel" msgstr "İptal" #: MainWindow#58 msgid "no such option: %1" msgstr "" #: MainWindow#59 msgid "Import PEM data" msgstr "" #: MainWindow#60 msgid "Please enter the original SO PIN (PUK) of the token '%1'" msgstr "" #: MainWindow#61 msgid "Please enter the new SO PIN (PUK) of the token '%1'" msgstr "" #: MainWindow#62 msgid "The new label of the token '%1'" msgstr "" #: MainWindow#63 msgid "The token '%1' did not contain any keys or certificates" msgstr "" #: MainWindow#64 msgid "New Password" msgstr "Yeni Parola" #: MainWindow#65 msgid "" "Please enter the new password to encrypt your private keys in the database-" "file" msgstr "" #: MainWindow#66 msgid "" "Please enter a password, that will be used to encrypt your private keys in " "the database file:\n" "%1" msgstr "" #: MainWindow#67 msgid "Password verify error, please try again" msgstr "" #: MainWindow#68 #, fuzzy msgctxt "MainWindow#68" msgid "Password" msgstr "Parola" #: MainWindow#69 msgid "" "Please enter the password for unlocking the database:\n" "%1" msgstr "" #: MainWindow#70 msgid "The following error occurred:" msgstr "" #: MainWindow#71 msgid "Copy to Clipboard" msgstr "" #: MainWindow#72 msgid "" "Diffie-Hellman paramters are needed for different applications. They are " "neither used by XCA nor stored in the database. After generating them, XCA " "will ask for a filename to store the DH parameters\n" "Please enter the DH parameter bits" msgstr "" #: MainWindow#73 msgctxt "MainWindow#73" msgid "Error opening file: '%1': %2" msgstr "" #: NewCrl#1 msgid "Create CRL" msgstr "" #: NewCrl#2 msgid "Dates" msgstr "" #: NewCrl#3 msgid "last update" msgstr "" #: NewCrl#4 msgid "next update" msgstr "" #: NewCrl#5 msgctxt "NewCrl#5" msgid "Days" msgstr "Gün" #: NewCrl#6 msgctxt "NewCrl#6" msgid "Months" msgstr "Ay" #: NewCrl#7 msgctxt "NewCrl#7" msgid "Years" msgstr "Yıl" #: NewCrl#8 msgctxt "NewCrl#8" msgid "Midnight" msgstr "" #: NewCrl#9 msgctxt "NewCrl#9" msgid "Apply" msgstr "Uygula" #: NewCrl#10 msgid "Hashing algorithm" msgstr "" #: NewCrl#11 msgctxt "NewCrl#11" msgid "Extensions" msgstr "" #: NewCrl#12 msgid "Authority key identifier" msgstr "" #: NewCrl#13 msgid "Subject alternative name" msgstr "" #: NewCrl#14 msgid "CRL Number" msgstr "" #: NewCrl#15 msgid "Revocation reasons" msgstr "" #: NewKey#1 msgid "New key" msgstr "" #: NewKey#2 msgid "Please give a name to the new key and select the desired keysize" msgstr "" #: NewKey#3 msgid "Key properties" msgstr "" #: NewKey#4 msgctxt "NewKey#4" msgid "Name" msgstr "İsim" #: NewKey#5 msgid "The internal name of the new key" msgstr "" #: NewKey#6 msgctxt "NewKey#6" msgid "New Key" msgstr "" #: NewKey#7 msgid "Curve" msgstr "" #: NewKey#8 msgctxt "NewKey#8" msgid "Keysize" msgstr "" #: NewKey#9 msgid "Usually 1024 or 2048 bit keys are used" msgstr "" #: NewKey#10 msgid "Keytype" msgstr "" #: NewKey#11 msgctxt "NewKey#11" msgid "Create" msgstr "Oluştur" #: NewX509#1 msgctxt "NewX509#1" msgid "Create" msgstr "Oluştur" #: NewX509#2 msgid "Source" msgstr "Kaynak" #: NewX509#3 msgid "Signing request" msgstr "" #: NewX509#4 msgid "" "A certificate signing request can be signed, even if the private key of the " "request is not available. This is the intention of a CSR:\n" "Getting signed by a CA certificate, whoes certificate of course must be in " "the database\n" "Of course you need the private key of the CSR if you want to create a self-" "signed cert from it." msgstr "" #: NewX509#5 msgid "Show request" msgstr "" #: NewX509#6 msgid "Sign this Certificate signing &request" msgstr "" #: NewX509#7 msgid "Copy extensions from the request" msgstr "" #: NewX509#8 msgid "Modify subject of the request" msgstr "" #: NewX509#9 msgid "Signing" msgstr "" #: NewX509#10 msgid "Create a &self signed certificate with the serial" msgstr "" #: NewX509#11 msgid "If you leave this blank the serial 00 will be used" msgstr "" #: NewX509#12 msgid "1" msgstr "1" #: NewX509#13 msgid "Use &this Certificate for signing" msgstr "" #: NewX509#14 msgid "All certificates in your database that can create valid signatures" msgstr "" #: NewX509#15 msgid "" "This list contains all certificates with the CA-flag set to true and whoes " "private key is present in the key-database.\n" "If this list is disabled, you only can create a self-signed certificate." msgstr "" #: NewX509#16 msgctxt "NewX509#16" msgid "Signature algorithm" msgstr "" #: NewX509#17 msgid "Template for the new certificate" msgstr "" #: NewX509#18 msgid "All available templates" msgstr "" #: NewX509#19 msgid "This list contains all templates from the toplevel template Tab" msgstr "" #: NewX509#20 msgid "Apply extensions" msgstr "" #: NewX509#21 msgid "Apply subject" msgstr "" #: NewX509#22 msgid "Apply all" msgstr "" #: NewX509#23 msgctxt "NewX509#23" msgid "Subject" msgstr "Konu" #: NewX509#24 msgid "Organisation" msgstr "Organizasyon" #: NewX509#25 msgid "" "This name is only used internally and does not appear in the resulting " "certificate" msgstr "" #: NewX509#26 msgid "Must be exactly 2 letter of size (DE, UK)" msgstr "" #: NewX509#27 msgid "Country code" msgstr "Ülke kodu" #: NewX509#28 msgid "State or Province" msgstr "" #: NewX509#29 msgid "Locality" msgstr "" #: NewX509#30 msgid "Organisational unit" msgstr "" #: NewX509#31 msgid "E-Mail address" msgstr "E-posta adresi" #: NewX509#32 msgctxt "NewX509#32" msgid "Internal name" msgstr "Dahili adı" #: NewX509#33 msgid "Common name" msgstr "" #: NewX509#34 msgctxt "NewX509#34" msgid "Add" msgstr "Ekle" #: NewX509#35 msgctxt "NewX509#35" msgid "Delete" msgstr "Sil" #: NewX509#36 msgctxt "NewX509#36" msgid "Private key" msgstr "" #: NewX509#37 msgid "This list only contains unused keys" msgstr "" #: NewX509#38 msgid "Used keys too" msgstr "" #: NewX509#39 msgid "&Generate a new key" msgstr "" #: NewX509#40 msgctxt "NewX509#40" msgid "Extensions" msgstr "" #: NewX509#41 msgid "Basic constraints" msgstr "" #: NewX509#42 msgctxt "NewX509#42" msgid "Type" msgstr "Tür" #: NewX509#43 msgid "If this will become a CA certificate or not" msgstr "" #: NewX509#44 msgid "" "Set this to TRUE if you want to create a CA certificate that signs other " "certificates.\n" "This is always set to FALSE for client or server certificates. In most cases " "self-signed certificates are CA certificates.\n" "Self-signed non-CA certificates are unusual although they are possible." msgstr "" #: NewX509#45 msgid "Not defined" msgstr "" #: NewX509#46 msgid "Certification Authority" msgstr "" #: NewX509#47 msgid "End Entity" msgstr "" #: NewX509#48 msgid "Path length" msgstr "" #: NewX509#49 msgid "How much CAs may be below this." msgstr "" #: NewX509#50 msgid "" "If this is left empty the pathlen is not included in the certificate. " "Otherwise it distinguishes the count of chained CA certificates below this " "one.\n" "A pathlen of 0 means, that this certificate may not issue other sub-CA " "certificates. Although it can do it, all chain-checking algorithms in e.g. " "your browser or openssl will (should) fail." msgstr "" #: NewX509#51 msgid "The basic constraints should always be critical" msgstr "" #: NewX509#52 msgid "Key identifier" msgstr "" #: NewX509#53 msgid "Creates a hash of the key following the PKIX guidelines" msgstr "" #: NewX509#54 msgid "Copy the Subject Key Identifier from the issuer" msgstr "" #: NewX509#55 msgid "" "If this box is checked an attempt is made to copy the subject key identifier " "from the signing certificate.\n" "It also copies the issuer and serial number from the issuer certificate. " "Normally this will only be done if the keyid option fails." msgstr "" #: NewX509#56 msgctxt "NewX509#56" msgid "Validity" msgstr "" #: NewX509#57 msgctxt "NewX509#57" msgid "Not before" msgstr "" #: NewX509#58 msgctxt "NewX509#58" msgid "Not after" msgstr "" #: NewX509#59 msgctxt "NewX509#59" msgid "Time range" msgstr "" #: NewX509#60 msgctxt "NewX509#60" msgid "Days" msgstr "Gün" #: NewX509#61 msgctxt "NewX509#61" msgid "Months" msgstr "Ay" #: NewX509#62 msgctxt "NewX509#62" msgid "Years" msgstr "Yıl" #: NewX509#63 msgctxt "NewX509#63" msgid "Apply" msgstr "Uygula" #: NewX509#64 msgid "Set the time to 00:00:00 and 23:59:59 respectively" msgstr "" #: NewX509#65 msgctxt "NewX509#65" msgid "Midnight" msgstr "" #: NewX509#66 msgctxt "NewX509#66" msgid "No well-defined expiration" msgstr "" #: NewX509#67 msgid "Authority Info Access" msgstr "" #: NewX509#68 msgid "CRL distribution point" msgstr "" #: NewX509#69 msgid "issuer alternative name" msgstr "" #: NewX509#70 msgid "URI:" msgstr "" #: NewX509#71 msgid "" "This is a multi-valued extension that supports all the literal options of " "subject alternative name. Of the few software packages that currentlyi " "nterpret this extension most only interpret the URI option.\n" "Currently each option will set a new DistributionPoint with the fullName " "field set to the given value.\n" "Other fields like cRLissuer and reasons cannot currently be set or " "displayed: at this time no examples were available that used these fields.\n" "If you see this extension with when you attempt to print it " "out or it doesn't appear to display correctly then let steve know, including " "the certificate (mail steve at openssl dot org) .\n" "Examples:\n" "URI:http://www.myhost.com/myca.crl\n" "URI:http://www.my.com/my.crl, URI:http://www.oth.com/my.crl" msgstr "" #: NewX509#72 msgid "can be altered by the file \"aia.txt\"" msgstr "" #: NewX509#73 msgid "Edit" msgstr "Düzenle" #: NewX509#74 msgid "DNS: IP: URI: email: RID:" msgstr "" #: NewX509#75 msgid "" "The authority information access extension gives details about how to access " "certain information relating to the CA. Its syntax is accessOID;location " "where 'location' has the same syntax as subject alternative name (except " "that email:copy is not supported). accessOID can be any valid OID but only " "certain values are meaningful for example OCSP and caIssuers. OCSP gives the " "location of an OCSP responder: this is used by Netscape PSM and other " "software.\n" "\n" "Example:\n" "\n" "OCSP;URI:http://ocsp.my.host/\n" "caIssuers;URI:http://my.ca/ca.html" msgstr "" #: NewX509#76 msgid "" "The subject alternative name extension allows various literal values to be " "used. These include \"email\" (an email address) , \"URI\" a uniform " "resource indicator, \"DNS\" (a DNS domain name) , RID (a registered ID: " "OBJECT IDENTIFIER) and IP (an IP address).\n" "Examples:\n" "email:my@other.address, IP: 1.1.1.1 , URI:http://my.url.here/\n" "email:my@other.address, RID:1.2.3.4, DNS: ns.server.tld" msgstr "" #: NewX509#77 msgid "subject alternative name" msgstr "" #: NewX509#78 msgid "" "The issuer alternative name extension allows various literal values to be " "used. These include \"email\" (an email address) , \"URI\" a uniform " "resource indicator, \"DNS\" (a DNS domain name), RID (a registered ID: " "OBJECT IDENTIFIER) and IP (an IP address).\n" "Examples:\n" "email:my@other.address, IP: 1.1.1.1 , URI:http://my.url.here/\n" "email:my@other.address, RID:1.2.3.4, DNS: ns.server.tld" msgstr "" #: NewX509#79 msgid "Key usage" msgstr "" #: NewX509#80 msgid "Extended key usage" msgstr "" #: NewX509#81 msgid "Netscape" msgstr "" #: NewX509#82 msgid "CA Revocation URL" msgstr "" #: NewX509#83 msgid "Revocation URL" msgstr "" #: NewX509#84 msgid "SSL server name" msgstr "" #: NewX509#85 msgid "Certificate renewal URL" msgstr "" #: NewX509#86 msgid "Comment" msgstr "" #: NewX509#87 msgid "CA policy URL" msgstr "" #: NewX509#88 msgid "Base URL" msgstr "" #: NewX509#89 msgid "If you know a more pretty one tell me" msgstr "" #: NewX509#90 msgid "Advanced" msgstr "Gelişmiş" #: NewX509#91 msgctxt "NewX509#91" msgid "Validate" msgstr "" #: NewX509#92 msgid "Create a &self signed certificate with a MD5-hashed QA serial" msgstr "" #: NewX509#93 msgid "Create Certificate signing request" msgstr "" #: NewX509#94 msgid "minimum size: %1" msgstr "" #: NewX509#95 msgid "maximum size: %1" msgstr "" #: NewX509#96 msgid "only a-z A-Z 0-9 '()+,-./:=?" msgstr "" #: NewX509#97 msgid "only 7-bit clean characters" msgstr "" #: NewX509#98 msgid "XCA template" msgstr "" #: NewX509#99 msgid "Create x509 Certificate" msgstr "" #: NewX509#100 msgid "From PKCS#10 request" msgstr "" #: NewX509#101 msgid "Other Tabs" msgstr "" #: NewX509#102 msgid "Advanced Tab" msgstr "" #: NewX509#103 msgid "Errors" msgstr "Hatalar" #: NewX509#104 msgctxt "NewX509#104" msgid "Abort rollout" msgstr "" #: NewX509#105 msgid "The following length restrictions of RFC3280 are violated:" msgstr "" #: NewX509#106 msgid "Edit subject" msgstr "" #: NewX509#107 msgctxt "NewX509#107" msgid "Continue rollout" msgstr "" #: NewX509#108 msgid "" "The verification of the Certificate request failed.\n" "The rollout should be aborted." msgstr "" #: NewX509#109 msgid "Continue anyway" msgstr "" #: NewX509#110 msgid "" "The internal name and the common name are empty.\n" "Please set at least the internal name." msgstr "" #: NewX509#111 msgid "Edit name" msgstr "İsmi Düzenle" #: NewX509#112 msgid "There is no Key selected for signing." msgstr "" #: NewX509#113 msgid "Select key" msgstr "" #: NewX509#114 msgid "" "The following distinguished name entries are empty:\n" "%1\n" "though you have declared them as mandatory in the options menu." msgstr "" #: NewX509#115 msgctxt "NewX509#115" msgid "The key you selected for signing is not a private one." msgstr "" #: NewX509#116 msgid "Select other signer" msgstr "" #: NewX509#117 msgid "Select other key" msgstr "" #: NewX509#118 msgctxt "NewX509#118" msgid "" "The certificate will be earlier valid than the signer. This is probably not " "what you want." msgstr "" #: NewX509#119 msgid "Edit dates" msgstr "" #: NewX509#120 msgctxt "NewX509#120" msgid "Adjust date and continue" msgstr "" #: NewX509#121 msgctxt "NewX509#121" msgid "" "The certificate will be longer valid than the signer. This is probably not " "what you want." msgstr "" #: NewX509#122 msgid "" "The certificate will be out of date before it becomes valid. You most " "probably mixed up both dates." msgstr "" #: NewX509#123 msgid "" "The certificate contains duplicated extensions. Check the validation on the " "advanced tab." msgstr "" #: NewX509#124 msgid "Edit extensions" msgstr "" #: NewX509#125 msgid "Configfile error on line %1\n" msgstr "" #: Options#1 msgid "XCA Options" msgstr "" #: Options#2 msgid "Mandatory subject entries" msgstr "" #: Options#3 msgctxt "Options#3" msgid "Add" msgstr "" #: Options#4 msgctxt "Options#4" msgid "Delete" msgstr "" #: Options#5 msgid "Default hash algorithm" msgstr "" #: Options#6 msgid "String types" msgstr "" #: Options#7 msgid "Suppress success messages" msgstr "" #: Options#8 msgid "PKCS#11 provider" msgstr "" #: Options#9 msgid "Remove" msgstr "" #: Options#10 msgid "Printable string or UTF8 (default)" msgstr "" #: Options#11 msgid "PKIX recommendation in RFC2459" msgstr "" #: Options#12 msgid "No BMP strings, only printable and T61" msgstr "" #: Options#13 msgid "UTF8 strings only (RFC2459)" msgstr "" #: Options#14 msgid "All strings" msgstr "" #: Options#15 msgid "Load failed" msgstr "" #: PwDialog#1 #, fuzzy msgctxt "PwDialog#1" msgid "Password" msgstr "Parola" #: PwDialog#2 msgid "" "The password is parsed as 2-digit hex code. It must have an equal number of " "digits (0-9 and a-f)" msgstr "" #: PwDialog#3 msgid "Take as HEX string" msgstr "" #: PwDialog#4 msgid "Repeat %1" msgstr "" #: PwDialog#5 msgid "%1 mismatch" msgstr "" #: PwDialog#6 msgid "" "Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it " "must consist of an even number of characters" msgstr "" #: PwDialog#7 msgid "E&xit" msgstr "" #: QObject#1 msgid "Undefined" msgstr "" #: QObject#2 msgid "DB: Rename: '%1' already in use" msgstr "" #: QObject#3 msgid "DB: Entry to rename not found: %1" msgstr "" #: QObject#4 msgid "DB: Write error %1 - %2" msgstr "" #: QObject#5 msgid "Out of data" msgstr "" #: QObject#6 msgid "Error finding endmarker of string" msgstr "" #: QObject#7 msgid "Out of Memory at %1:%2" msgstr "" #: QObject#8 msgctxt "QObject#8" msgid "All files ( * )" msgstr "" #: QObject#9 msgid "PKI Keys ( *.pem *.der *.key );;PKCS#8 Keys ( *.p8 *.pk8 );;" msgstr "" #: QObject#10 msgid "Import RSA key" msgstr "" #: QObject#11 msgid "PKCS#10 CSR ( *.pem *.der *.csr );;Netscape Request ( *.spkac *.spc );;" msgstr "" #: QObject#12 msgid "Import Request" msgstr "" #: QObject#13 msgid "Certificates ( *.pem *.der *.crt *.cer );;" msgstr "" #: QObject#14 msgid "Import X.509 Certificate" msgstr "" #: QObject#15 msgid "PKCS#7 data ( *.p7s *.p7m *.p7b );;" msgstr "" #: QObject#16 msgid "Import PKCS#7 Certificates" msgstr "" #: QObject#17 msgid "PKCS#12 Certificates ( *.p12 *.pfx );;" msgstr "" #: QObject#18 msgid "Import PKCS#12 Private Certificate" msgstr "" #: QObject#19 msgid "XCA templates ( *.xca );;" msgstr "" #: QObject#20 msgid "Import XCA Templates" msgstr "" #: QObject#21 msgid "Revocation lists ( *.pem *.der *.crl );;" msgstr "" #: QObject#22 msgid "Import Certificate Revocation List" msgstr "" #: QObject#23 msgid "XCA Databases ( *.xdb );;" msgstr "" #: QObject#24 msgid "Open XCA Database" msgstr "" #: QObject#25 msgid "PKCS#11 library ( *.dll );;" msgstr "" #: QObject#26 msgid "PKCS#11 library ( *.dylib *.so );;" msgstr "" #: QObject#27 msgid "PKCS#11 library ( *.so );;" msgstr "" #: QObject#28 msgid "Open PKCS#11 shared library" msgstr "" #: QObject#29 msgid "PEM files ( *.pem );;" msgstr "" #: QObject#30 msgid "Load PEM encoded file" msgstr "" #: QObject#31 msgid "Please enter the PIN on the PinPad" msgstr "" #: QObject#32 msgid "Please enter the SO PIN (PUK) of the token %1" msgstr "" #: QObject#33 msgid "Please enter the PIN of the token %1" msgstr "" #: QObject#34 msgid "No Security token found" msgstr "" #: QObject#35 msgid "Select" msgstr "" #: QObject#36 msgid "Please enter the new SO PIN (PUK) for the token: '%1'" msgstr "" #: QObject#37 msgid "Please enter the new PIN for the token: '%1'" msgstr "" #: QObject#38 msgid "Required PIN size: %1 - %2" msgstr "" #: QObject#39 msgid "Failed to open PKCS11 library: %1" msgstr "" #: QObject#40 msgid "PKCS#11 function '%1' failed: %2" msgstr "" #: QObject#41 msgid "" "PKCS#11 function '%1' failed: %2\n" "In library %3\n" "%4" msgstr "" #: QObject#42 msgid "Invalid" msgstr "" #: QObject#43 msgid "%1 is shorter than %2 bytes: '%3'" msgstr "" #: QObject#44 msgid "%1 is longer than %2 bytes: '%3'" msgstr "" #: Revoke#1 msgid "Revocation details" msgstr "" #: Revoke#2 msgid "Invalid since" msgstr "" #: Revoke#3 msgid "Revocation reason" msgstr "" #: SelectToken#1 msgid "Select Token" msgstr "" #: SelectToken#2 msgctxt "SelectToken#2" msgid "Security token" msgstr "" #: SelectToken#3 msgid "Please select the security token" msgstr "" #: TrustState#1 msgid "Set trustment of the Certificate" msgstr "" #: TrustState#2 msgid "Trustment" msgstr "" #: TrustState#3 msgid "&Never trust this certificate" msgstr "" #: TrustState#4 msgid "Only &trust this certificate, if we trust the signer" msgstr "" #: TrustState#5 msgid "&Always trust this certificate" msgstr "" #: Validity#1 msgid "yyyy-MM-dd hh:mm" msgstr "" #: db_base#1 msgctxt "db_base#1" msgid "Internal name" msgstr "" #: db_base#2 msgid "Reset" msgstr "" #: db_base#3 msgid "Subject entries" msgstr "" #: db_base#4 msgid "Paste PEM data" msgstr "" #: db_base#5 msgid "Columns" msgstr "" #: db_crl#1 msgid "Signer" msgstr "" #: db_crl#2 msgid "Internal name of the signer" msgstr "" #: db_crl#3 msgid "No. revoked" msgstr "" #: db_crl#4 msgid "Number of revoked certificates" msgstr "" #: db_crl#5 msgid "Last update" msgstr "" #: db_crl#6 msgid "Next update" msgstr "" #: db_crl#7 msgid "CRL number" msgstr "" #: db_crl#8 msgid "" "The revocation list already exists in the database as:\n" "'%1'\n" "and so it was not imported" msgstr "" #: db_crl#9 msgid "CRL ( *.pem *.der *.crl )" msgstr "" #: db_crl#10 msgid "Revocation list export" msgstr "" #: db_crl#11 msgctxt "db_crl#11" msgid "Import" msgstr "" #: db_crl#12 msgctxt "db_crl#12" msgid "Rename" msgstr "" #: db_crl#13 msgctxt "db_crl#13" msgid "Export" msgstr "" #: db_crl#14 msgctxt "db_crl#14" msgid "Clipboard" msgstr "" #: db_crl#15 msgctxt "db_crl#15" msgid "File" msgstr "" #: db_crl#16 msgctxt "db_crl#16" msgid "Delete" msgstr "" #: db_key#1 msgctxt "db_key#1" msgid "Type" msgstr "" #: db_key#2 msgid "Size" msgstr "" #: db_key#3 msgid "Use" msgstr "" #: db_key#4 msgctxt "db_key#4" msgid "Password" msgstr "" #: db_key#5 msgid "" "The key is already in the database as:\n" "'%1'\n" "and is not going to be imported" msgstr "" #: db_key#6 msgid "" "The database already contains the public part of the imported key as\n" "'%1\n" "and will be completed by the new, private part of the key" msgstr "" #: db_key#7 msgid "Key size too small !" msgstr "" #: db_key#8 msgid "You are sure to create a key of the size: %1 ?" msgstr "" #: db_key#9 msgid "" "Shall the original key '%1' be replaced by the key on the token?\n" "This will delete the key '%1' and make it unexportable" msgstr "" #: db_key#10 msgctxt "db_key#10" msgid "New Key" msgstr "" #: db_key#11 msgctxt "db_key#11" msgid "Import" msgstr "" #: db_key#12 msgctxt "db_key#12" msgid "Rename" msgstr "" #: db_key#13 msgctxt "db_key#13" msgid "Show Details" msgstr "" #: db_key#14 msgctxt "db_key#14" msgid "Delete" msgstr "" #: db_key#15 msgctxt "db_key#15" msgid "Export" msgstr "" #: db_key#16 msgid "Change password" msgstr "" #: db_key#17 msgid "Reset password" msgstr "" #: db_key#18 msgid "Change PIN" msgstr "" #: db_key#19 msgid "Init PIN with SO PIN (PUK)" msgstr "" #: db_key#20 msgid "Change SO PIN (PUK)" msgstr "" #: db_key#21 msgid "Store on Security token" msgstr "" #: db_key#22 msgid "Tried to change password of a token" msgstr "" #: db_key#23 msgid "Tried to change PIN of a key" msgstr "" #: db_key#24 msgid "Tried to init PIN of a key" msgstr "" #: db_key#25 msgid "Tried to change SO PIN of a key" msgstr "" #: db_temp#1 msgctxt "db_temp#1" msgid "Type" msgstr "" #: db_temp#2 msgid "Bad template: %1" msgstr "" #: db_temp#3 msgid "Nothing" msgstr "" #: db_temp#4 msgid "Preset Template values" msgstr "" #: db_temp#5 msgid "copy" msgstr "" #: db_temp#6 msgid "Save template as" msgstr "" #: db_temp#7 msgid "XCA templates ( *.xca);; All files ( * )" msgstr "" #: db_temp#8 msgid "New Template" msgstr "" #: db_temp#9 msgctxt "db_temp#9" msgid "Import" msgstr "" #: db_temp#10 msgctxt "db_temp#10" msgid "Rename" msgstr "" #: db_temp#11 msgctxt "db_temp#11" msgid "Export" msgstr "" #: db_temp#12 msgid "Change" msgstr "" #: db_temp#13 msgctxt "db_temp#13" msgid "Delete" msgstr "" #: db_temp#14 msgid "Duplicate" msgstr "" #: db_temp#15 msgid "Create certificate" msgstr "" #: db_temp#16 msgid "Create request" msgstr "" #: db_x509#1 msgid "CA" msgstr "" #: db_x509#2 msgid "reflects the basic Constraints extension" msgstr "" #: db_x509#3 msgctxt "db_x509#3" msgid "Serial" msgstr "" #: db_x509#4 msgid "md5 fingerprint" msgstr "" #: db_x509#5 msgid "sha1 fingerprint" msgstr "" #: db_x509#6 msgid "Start date" msgstr "" #: db_x509#7 msgid "not Before" msgstr "" #: db_x509#8 msgid "Expiry date" msgstr "" #: db_x509#9 msgid "not After" msgstr "" #: db_x509#10 msgid "Trust state" msgstr "" #: db_x509#11 msgctxt "db_x509#11" msgid "Revocation" msgstr "" #: db_x509#12 msgctxt "db_x509#12" msgid "Plain View" msgstr "" #: db_x509#13 msgid "Tree View" msgstr "" #: db_x509#14 msgid "" "The certificate already exists in the database as:\n" "'%1'\n" "and so it was not imported" msgstr "" #: db_x509#15 msgid "Invalid public key" msgstr "" #: db_x509#16 msgid "Please enter the new hexadecimal secret number for the QA process." msgstr "" #: db_x509#17 msgid "The QA process has been terminated by the user." msgstr "" #: db_x509#18 msgctxt "db_x509#18" msgid "The key you selected for signing is not a private one." msgstr "" #: db_x509#19 msgid "Store the certificate to the key on the token '%1 (#%2)' ?" msgstr "" #: db_x509#20 msgid "New Certificate" msgstr "" #: db_x509#21 #, fuzzy msgctxt "db_x509#21" msgid "Import" msgstr "&İçe Aktar" #: db_x509#22 msgid "Import PKCS#12" msgstr "" #: db_x509#23 msgid "Import from PKCS#7" msgstr "" #: db_x509#24 #, fuzzy msgctxt "db_x509#24" msgid "Rename" msgstr "Dosya adı" #: db_x509#25 #, fuzzy msgctxt "db_x509#25" msgid "Show Details" msgstr "Detaylar" #: db_x509#26 msgctxt "db_x509#26" msgid "Extract public Key" msgstr "" #: db_x509#27 #, fuzzy msgctxt "db_x509#27" msgid "Export" msgstr "Verme biçimi" #: db_x509#28 msgctxt "db_x509#28" msgid "Clipboard" msgstr "" #: db_x509#29 #, fuzzy msgctxt "db_x509#29" msgid "File" msgstr "&Dosya" #: db_x509#30 msgid "Request" msgstr "" #: db_x509#31 msgctxt "db_x509#31" msgid "Security token" msgstr "" #: db_x509#32 msgid "Other token" msgstr "" #: db_x509#33 msgctxt "db_x509#33" msgid "Template" msgstr "" #: db_x509#34 #, fuzzy msgctxt "db_x509#34" msgid "OpenSSL config" msgstr "Yapılandırmayı göster" #: db_x509#35 #, fuzzy msgctxt "db_x509#35" msgid "Delete" msgstr "Sil" #: db_x509#36 msgid "Delete from Security token" msgstr "" #: db_x509#37 msgid "Trust" msgstr "" #: db_x509#38 msgid "Properties" msgstr "" #: db_x509#39 msgid "Generate CRL" msgstr "" #: db_x509#40 msgctxt "db_x509#40" msgid "PKCS#7" msgstr "" #: db_x509#41 #, fuzzy msgctxt "db_x509#41" msgid "Sign" msgstr "İmzalayan:" #: db_x509#42 msgid "Encrypt" msgstr "" #: db_x509#43 msgid "Renewal" msgstr "" #: db_x509#44 msgid "Unrevoke" msgstr "" #: db_x509#45 msgid "Revoke" msgstr "" #: db_x509#46 msgid "There was no key found for the Certificate: '%1'" msgstr "" #: db_x509#47 msgid "Not possible for a token key: '%1'" msgstr "" #: db_x509#48 msgid "Not possible for the token-key Certificate '%1'" msgstr "" #: db_x509#49 msgid " days" msgstr "" #: db_x509name#1 msgctxt "db_x509name#1" msgid "Subject" msgstr "" #: db_x509name#2 msgid "Complete distinguished name" msgstr "" #: db_x509name#3 msgid "Subject hash" msgstr "" #: db_x509name#4 msgid "Hash to lookup certs in directories" msgstr "" #: db_x509req#1 msgctxt "db_x509req#1" msgid "Signed" msgstr "" #: db_x509req#2 msgid "whether the request is already signed or not" msgstr "" #: db_x509req#3 msgid "Unstructured name" msgstr "" #: db_x509req#4 #, fuzzy msgid "Challenge password" msgstr "Yeni Parola" #: db_x509req#5 msgid "" "The certificate signing request already exists in the database as\n" "'%1'\n" "and thus was not stored" msgstr "" #: db_x509req#6 msgid "Certificate request ( *.pem *.der *.crl )" msgstr "" #: db_x509req#7 msgid "Certificate request export" msgstr "" #: db_x509req#8 msgid "New Request" msgstr "" #: db_x509req#9 msgctxt "db_x509req#9" msgid "Import" msgstr "" #: db_x509req#10 msgctxt "db_x509req#10" msgid "Extract public Key" msgstr "" #: db_x509req#11 msgctxt "db_x509req#11" msgid "Rename" msgstr "" #: db_x509req#12 msgctxt "db_x509req#12" msgid "Show Details" msgstr "" #: db_x509req#13 msgctxt "db_x509req#13" msgid "Sign" msgstr "" #: db_x509req#14 msgctxt "db_x509req#14" msgid "Export" msgstr "" #: db_x509req#15 msgctxt "db_x509req#15" msgid "Clipboard" msgstr "" #: db_x509req#16 msgctxt "db_x509req#16" msgid "File" msgstr "" #: db_x509req#17 msgctxt "db_x509req#17" msgid "Template" msgstr "" #: db_x509req#18 #, fuzzy msgctxt "db_x509req#18" msgid "OpenSSL config" msgstr "Yapılandırmayı göster" #: db_x509req#19 #, fuzzy msgctxt "db_x509req#19" msgid "Delete" msgstr "Sil" #: db_x509super#1 msgid "Key name" msgstr "" #: db_x509super#2 msgid "Internal name of the key" msgstr "" #: db_x509super#3 msgid "Save as OpenSSL config" msgstr "" #: db_x509super#4 #, fuzzy msgid "Config files ( *.conf *.cnf);; All files ( * )" msgstr "X509 sertifikası (*cer *.crt *.p12 *.p7b);;Tüm dosyalar (*)" #: db_x509super#5 msgid "The following extensions were not ported into the template" msgstr "" #: kvView#1 msgctxt "kvView#1" msgid "Type" msgstr "" #: kvView#2 msgid "Content" msgstr "" #: pass_info#1 msgctxt "pass_info#1" msgid "Password" msgstr "" #: pass_info#2 msgctxt "pass_info#2" msgid "PIN" msgstr "" #: pki_base#1 msgctxt "pki_base#1" msgid "Error opening file: '%1': %2" msgstr "" #: pki_base#2 msgid "Error writing to file: '%1': %2" msgstr "" #: pki_base#3 msgid "Error: " msgstr "" #: pki_base#4 msgid "Internal error: Unexpected message: %1 %2" msgstr "" #: pki_crl#1 msgid "Successfully imported the revocation list '%1'" msgstr "" #: pki_crl#2 msgid "Delete the revocation list '%1'?" msgstr "" #: pki_crl#3 msgid "Successfully created the revocation list '%1'" msgstr "" #: pki_crl#4 msgid "Delete the %1 revocation lists: %2?" msgstr "" #: pki_crl#5 msgid "" "Unable to load the revocation list in file %1. Tried PEM and DER formatted " "CRL." msgstr "" #: pki_crl#6 msgid "No issuer given" msgstr "" #: pki_crl#7 msgctxt "pki_crl#7" msgid "Wrong Size %1" msgstr "" #: pki_crl#8 msgid "unknown" msgstr "" #: pki_evp#1 msgid "Failed to decrypt the key (bad password) " msgstr "" #: pki_evp#2 msgid "Please enter the password to decrypt the private key." msgstr "" #: pki_evp#3 msgid "" "Please enter the password to decrypt the private key from file:\n" "%1" msgstr "" #: pki_evp#4 msgid "" "Unable to load the private key in file %1. Tried PEM and DER private, public " "and PKCS#8 key types." msgstr "" #: pki_evp#5 msgid "Please enter the password to decrypt the private key: '%1'" msgstr "" #: pki_evp#6 msgid "Password input aborted" msgstr "" #: pki_evp#7 msgid "Please enter the database password for decrypting the key '%1'" msgstr "" #: pki_evp#8 msgid "Please enter the password to protect the private key: '%1'" msgstr "" #: pki_evp#9 msgid "Please enter the database password for encrypting the key" msgstr "" #: pki_evp#10 msgid "Please enter the password protecting the PKCS#8 key '%1'" msgstr "" #: pki_evp#11 msgid "Please enter the export password for the private key '%1'" msgstr "" #: pki_key#1 msgid "Successfully imported the %1 public key '%2'" msgstr "" #: pki_key#2 msgid "Delete the %1 public key '%2'?" msgstr "" #: pki_key#3 msgid "Successfully imported the %1 private key '%2'" msgstr "" #: pki_key#4 msgid "Delete the %1 private key '%2'?" msgstr "" #: pki_key#5 msgid "Successfully created the %1 private key '%2'" msgstr "" #: pki_key#6 msgctxt "pki_key#6" msgid "Delete the %1 keys: %2?" msgstr "" #: pki_key#7 msgid "public key" msgstr "" #: pki_key#8 msgid "Common" msgstr "" #: pki_key#9 msgid "Private" msgstr "" #: pki_key#10 msgid "Bogus" msgstr "" #: pki_key#11 msgctxt "pki_key#11" msgid "PIN" msgstr "" #: pki_key#12 msgid "No password" msgstr "" #: pki_multi#1 msgid "Seek failed" msgstr "" #: pki_pkcs12#1 msgid "" "Please enter the password to decrypt the PKCS#12 file:\n" "%1" msgstr "" #: pki_pkcs12#2 msgid "Unable to load the PKCS#12 (pfx) file %1." msgstr "" #: pki_pkcs12#3 msgid "The supplied password was wrong (%1)" msgstr "" #: pki_pkcs12#4 msgid "Please enter the password to encrypt the PKCS#12 file" msgstr "" #: pki_pkcs12#5 msgid "No key or no Cert and no pkcs12" msgstr "" #: pki_pkcs7#1 msgid "Unable to load the PKCS#7 file %1. Tried PEM and DER format." msgstr "" #: pki_scard#1 msgid "Successfully imported the token key '%1'" msgstr "" #: pki_scard#2 msgid "Delete the token key '%1'?" msgstr "" #: pki_scard#3 msgid "Successfully created the token key '%1'" msgstr "" #: pki_scard#4 msgctxt "pki_scard#4" msgid "Delete the %1 keys: %2?" msgstr "" #: pki_scard#5 msgid "Delete the private key '%1' from the token '%2 (#%3)' ?" msgstr "" #: pki_scard#6 msgid "only RSA keys can be stored on tokens" msgstr "" #: pki_scard#7 msgid "This Key is already on the token" msgstr "" #: pki_scard#8 msgid "PIN input aborted" msgstr "" #: pki_scard#9 msgid "Unable to find copied key on the token" msgstr "" #: pki_scard#10 msgid "Please insert card: %1 %2 [%3] with Serial: %4" msgstr "" #: pki_scard#11 msgid "Public Key mismatch. Please re-import card" msgstr "" #: pki_scard#12 msgid "Unable to find generated key on card" msgstr "" #: pki_scard#13 msgctxt "pki_scard#13" msgid "Wrong Size %1" msgstr "" #: pki_scard#14 msgid "Token %1" msgstr "" #: pki_scard#15 msgid "Failed to find the key on the token" msgstr "" #: pki_scard#16 msgid "Invalid Pin for the token" msgstr "" #: pki_temp#1 msgid "Successfully imported the XCA template '%1'" msgstr "" #: pki_temp#2 msgid "Delete the XCA template '%1'?" msgstr "" #: pki_temp#3 msgid "Successfully created the XCA template '%1'" msgstr "" #: pki_temp#4 msgid "Delete the %1 XCA templates: %2?" msgstr "" #: pki_temp#5 msgctxt "pki_temp#5" msgid "Wrong Size %1" msgstr "" #: pki_temp#6 msgid "Template file content error (too small): %1" msgstr "" #: pki_temp#7 msgid "Template file content error (bad size): %1 " msgstr "" #: pki_temp#8 msgid "Template file content error (bad length) :%1" msgstr "" #: pki_x509#1 msgid "Successfully imported the certificate '%1'" msgstr "" #: pki_x509#2 msgid "Delete the certificate '%1'?" msgstr "" #: pki_x509#3 msgid "Successfully created the certificate '%1'" msgstr "" #: pki_x509#4 msgid "Delete the %1 certificates: %2?" msgstr "" #: pki_x509#5 msgid "" "Unable to load the certificate in file %1. Tried PEM and DER certificate." msgstr "" #: pki_x509#6 msgid "This certificate is already on the security token" msgstr "" #: pki_x509#7 msgid "Delete the certificate '%1' from the token '%2 (#%3)'?" msgstr "" #: pki_x509#8 msgid "There is no key for signing !" msgstr "" #: pki_x509#9 msgctxt "pki_x509#9" msgid "Wrong Size %1" msgstr "" #: pki_x509#10 msgctxt "pki_x509#10" msgid "Not trusted" msgstr "" #: pki_x509#11 msgid "Trust inherited" msgstr "" #: pki_x509#12 msgid "Always Trusted" msgstr "" #: pki_x509#13 msgid "CRL expires: %1" msgstr "" #: pki_x509#14 msgid "No" msgstr "" #: pki_x509#15 msgid "Yes" msgstr "" #: pki_x509req#1 msgid "Signing key not valid (public key)" msgstr "" #: pki_x509req#2 msgid "Successfully imported the %1 certificate request '%2'" msgstr "" #: pki_x509req#3 msgid "Delete the %1 certificate request '%2'?" msgstr "" #: pki_x509req#4 msgid "Successfully created the %1 certificate request '%2'" msgstr "" #: pki_x509req#5 msgid "Delete the %1 certificate requests: %2?" msgstr "" #: pki_x509req#6 msgid "" "Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC " "format." msgstr "" #: pki_x509req#7 msgctxt "pki_x509req#7" msgid "Signed" msgstr "" #: pki_x509req#8 msgid "Unhandled" msgstr "" #: pki_x509req#9 msgctxt "pki_x509req#9" msgid "Wrong Size %1" msgstr "" #: v3ext#1 msgctxt "v3ext#1" msgid "Add" msgstr "" #: v3ext#2 msgctxt "v3ext#2" msgid "Delete" msgstr "" #: v3ext#3 msgctxt "v3ext#3" msgid "Apply" msgstr "" #: v3ext#4 msgctxt "v3ext#4" msgid "Validate" msgstr "" #: v3ext#5 msgctxt "v3ext#5" msgid "Cancel" msgstr "" #: v3ext#6 msgid "An email address or 'copy'" msgstr "" #: v3ext#7 msgid "An email address" msgstr "" #: v3ext#8 msgid "a registered ID: OBJECT IDENTIFIER" msgstr "" #: v3ext#9 msgid "a uniform resource indicator" msgstr "" #: v3ext#10 msgid "a DNS domain name" msgstr "" #: v3ext#11 msgid "an IP address" msgstr "" #: v3ext#12 msgid "Syntax: ;TYPE:text like '1.2.3.4:UTF8:name'" msgstr "" #: v3ext#13 msgid "No editing. Only 'copy' allowed here" msgstr "" #: v3ext#14 msgid "" "Validation failed:\n" "'%1'\n" "%2" msgstr "" #: v3ext#15 msgid "" "Validation successful:\n" "'%1'" msgstr "" #: void#1 msgctxt "void#1" msgid "There was no key found for the Certificate: " msgstr "" #: void#2 msgctxt "void#2" msgid "Import Certificate signing request" msgstr "" #, fuzzy #~ msgctxt "db_x509#36" #~ msgid "Delete" #~ msgstr "Sil" #~ msgid "&Remove" #~ msgstr "&Kaldır" xca-RELEASE.2.9.0/lang/xca.pot000066400000000000000000002654701477156507700156350ustar00rootroot00000000000000msgid "" msgstr "" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" "X-Language: en_EN\n" "X-Qt-Contexts: true\n" #: ../ui/CaProperties.ui:14 msgctxt "CaProperties|" msgid "Form" msgstr "" #: ../ui/CaProperties.ui:20 msgctxt "CaProperties|" msgid "Days until next CRL issuing" msgstr "" #: ../ui/CaProperties.ui:30 msgctxt "CaProperties|" msgid "Default template" msgstr "" #: ../widgets/CertDetail.cpp:139 ../ui/CertDetail.ui:30 msgctxt "CertDetail|" msgid "Details of the Certificate" msgstr "" #: ../ui/CertDetail.ui:165 msgctxt "CertDetail|" msgid "Serial" msgstr "" #: ../ui/CertDetail.ui:178 msgctxt "CertDetail|" msgid "The serial number of the certificate" msgstr "" #: ../ui/CertDetail.ui:113 msgctxt "CertDetail|" msgid "The internal name of the certificate in the database" msgstr "" #: ../ui/CertDetail.ui:78 msgctxt "CertDetail|" msgid "Status" msgstr "" #: ../ui/CertDetail.ui:106 msgctxt "CertDetail|" msgid "Internal name" msgstr "" #: ../ui/CertDetail.ui:120 msgctxt "CertDetail|" msgid "Signature" msgstr "" #: ../ui/CertDetail.ui:145 msgctxt "CertDetail|" msgid "Key" msgstr "" #: ../ui/CertDetail.ui:191 msgctxt "CertDetail|" msgid "Fingerprints" msgstr "" #: ../ui/CertDetail.ui:203 msgctxt "CertDetail|" msgid "MD5" msgstr "" #: ../ui/CertDetail.ui:216 msgctxt "CertDetail|" msgid "An md5 hashsum of the certificate" msgstr "" #: ../ui/CertDetail.ui:229 msgctxt "CertDetail|" msgid "SHA1" msgstr "" #: ../ui/CertDetail.ui:242 msgctxt "CertDetail|" msgid "A SHA-1 hashsum of the certificate" msgstr "" #: ../ui/CertDetail.ui:255 msgctxt "CertDetail|" msgid "SHA256" msgstr "" #: ../ui/CertDetail.ui:268 msgctxt "CertDetail|" msgid "A SHA-256 hashsum of the certificate" msgstr "" #: ../ui/CertDetail.ui:278 msgctxt "CertDetail|" msgid "Validity" msgstr "" #: ../ui/CertDetail.ui:296 msgctxt "CertDetail|" msgid "The time since the certificate is valid" msgstr "" #: ../ui/CertDetail.ui:303 msgctxt "CertDetail|" msgid "The time until the certificate is valid" msgstr "" #: ../ui/CertDetail.ui:337 msgctxt "CertDetail|" msgid "Subject" msgstr "" #: ../ui/CertDetail.ui:359 msgctxt "CertDetail|" msgid "Issuer" msgstr "" #: ../ui/CertDetail.ui:391 msgctxt "CertDetail|" msgid "Extensions" msgstr "" #: ../ui/CertDetail.ui:412 msgctxt "CertDetail|" msgid "Validation" msgstr "" #: ../ui/CertDetail.ui:418 msgctxt "CertDetail|" msgid "Purposes" msgstr "" #: ../ui/CertDetail.ui:430 msgctxt "CertDetail|" msgid "Strict RFC 5280 validation" msgstr "" #: ../ui/CertDetail.ui:443 msgctxt "CertDetail|" msgid "Comment" msgstr "" #: ../ui/CertDetail.ui:381 msgctxt "CertDetail|" msgid "Attributes" msgstr "" #: ../widgets/CertDetail.cpp:35 ../ui/CertDetail.ui:404 msgctxt "CertDetail|" msgid "Show config" msgstr "" #: ../widgets/CertDetail.cpp:39 msgctxt "CertDetail|" msgid "Show extensions" msgstr "" #: ../widgets/CertDetail.cpp:71 msgctxt "CertDetail|" msgid "Show public key" msgstr "" #: ../widgets/CertDetail.cpp:74 msgctxt "CertDetail|" msgid "This key is not in the database." msgstr "" #: ../widgets/CertDetail.cpp:78 msgctxt "CertDetail|" msgid "Not available" msgstr "" #: ../widgets/CertDetail.cpp:127 msgctxt "CertDetail|" msgid "No verification errors found." msgstr "" #: ../widgets/CertDetail.cpp:152 msgctxt "CertDetail|" msgid "Signer unknown" msgstr "" #: ../widgets/CertDetail.cpp:156 msgctxt "CertDetail|" msgid "Self signed" msgstr "" #: ../widgets/CertDetail.cpp:186 #, qt-format msgctxt "CertDetail|" msgid "Revoked at %1" msgstr "" #: ../widgets/CertDetail.cpp:191 msgctxt "CertDetail|" msgid "Not valid" msgstr "" #: ../widgets/CertDetail.cpp:195 msgctxt "CertDetail|" msgid "Valid" msgstr "" #: ../widgets/CertDetail.cpp:216 msgctxt "CertDetail|" msgid "Details of the certificate signing request" msgstr "" #: ../ui/CertExtend.ui:30 msgctxt "CertExtend|" msgid "Certificate renewal" msgstr "" #: ../ui/CertExtend.ui:74 msgctxt "CertExtend|" msgid "" "This will create a new certificate as a copy of the old one with a new " "serial number and adjusted validity values." msgstr "" #: ../ui/CertExtend.ui:100 msgctxt "CertExtend|" msgid "Validity" msgstr "" #: ../ui/CertExtend.ui:111 msgctxt "CertExtend|" msgid "Not before" msgstr "" #: ../ui/CertExtend.ui:118 msgctxt "CertExtend|" msgid "Not after" msgstr "" #: ../ui/CertExtend.ui:144 msgctxt "CertExtend|" msgid "Time range" msgstr "" #: ../ui/CertExtend.ui:150 msgctxt "CertExtend|" msgid "Local time" msgstr "" #: ../ui/CertExtend.ui:158 msgctxt "CertExtend|" msgid "Days" msgstr "" #: ../ui/CertExtend.ui:163 msgctxt "CertExtend|" msgid "Months" msgstr "" #: ../ui/CertExtend.ui:168 msgctxt "CertExtend|" msgid "Years" msgstr "" #: ../ui/CertExtend.ui:176 msgctxt "CertExtend|" msgid "No well-defined expiration" msgstr "" #: ../ui/CertExtend.ui:183 msgctxt "CertExtend|" msgid "Midnight" msgstr "" #: ../ui/CertExtend.ui:190 msgctxt "CertExtend|" msgid "Apply" msgstr "" #: ../ui/CertExtend.ui:216 msgctxt "CertExtend|" msgid "Revoke old certificate" msgstr "" #: ../ui/CertExtend.ui:226 msgctxt "CertExtend|" msgid "Replace old certificate" msgstr "" #: ../ui/CertExtend.ui:236 msgctxt "CertExtend|" msgid "Keep serial number" msgstr "" #: ../widgets/CertExtend.cpp:43 msgctxt "CertExtend|" msgid "" "The certificate will be earlier valid than the signer. This is probably not " "what you want." msgstr "" #: ../widgets/CertExtend.cpp:45 ../widgets/CertExtend.cpp:67 msgctxt "CertExtend|" msgid "Edit dates" msgstr "" #: ../widgets/CertExtend.cpp:46 ../widgets/CertExtend.cpp:68 msgctxt "CertExtend|" msgid "Abort rollout" msgstr "" #: ../widgets/CertExtend.cpp:47 ../widgets/CertExtend.cpp:69 msgctxt "CertExtend|" msgid "Continue rollout" msgstr "" #: ../widgets/CertExtend.cpp:48 ../widgets/CertExtend.cpp:70 msgctxt "CertExtend|" msgid "Adjust date and continue" msgstr "" #: ../widgets/CertExtend.cpp:65 msgctxt "CertExtend|" msgid "" "The certificate will be longer valid than the signer. This is probably not " "what you want." msgstr "" #: ../widgets/CertTreeView.cpp:34 msgctxt "CertTreeView|" msgid "Hide unusable certificates" msgstr "" #: ../widgets/CertTreeView.cpp:41 msgctxt "CertTreeView|" msgid "Import PKCS#12" msgstr "" #: ../widgets/CertTreeView.cpp:42 msgctxt "CertTreeView|" msgid "Import from PKCS#7" msgstr "" #: ../widgets/CertTreeView.cpp:70 msgctxt "CertTreeView|" msgid "Request" msgstr "" #: ../widgets/CertTreeView.cpp:72 msgctxt "CertTreeView|" msgid "Security token" msgstr "" #: ../widgets/CertTreeView.cpp:74 msgctxt "CertTreeView|" msgid "Other token" msgstr "" #: ../widgets/CertTreeView.cpp:78 msgctxt "CertTreeView|" msgid "Similar Certificate" msgstr "" #: ../widgets/CertTreeView.cpp:81 msgctxt "CertTreeView|" msgid "Delete from Security token" msgstr "" #: ../widgets/CertTreeView.cpp:84 msgctxt "CertTreeView|" msgid "CA" msgstr "" #: ../widgets/CertTreeView.cpp:85 msgctxt "CertTreeView|" msgid "Properties" msgstr "" #: ../widgets/CertTreeView.cpp:86 msgctxt "CertTreeView|" msgid "Generate CRL" msgstr "" #: ../widgets/CertTreeView.cpp:87 msgctxt "CertTreeView|" msgid "Manage revocations" msgstr "" #: ../widgets/CertTreeView.cpp:91 msgctxt "CertTreeView|" msgid "Import OpenVPN tls-auth key" msgstr "" #: ../widgets/CertTreeView.cpp:95 ../widgets/CertTreeView.cpp:98 msgctxt "CertTreeView|" msgid "Renewal" msgstr "" #: ../widgets/CertTreeView.cpp:100 msgctxt "CertTreeView|" msgid "Revoke" msgstr "" #: ../widgets/CertTreeView.cpp:102 msgctxt "CertTreeView|" msgid "Unrevoke" msgstr "" #: ../widgets/CertTreeView.cpp:182 msgctxt "CertTreeView|" msgid "Plain View" msgstr "" #: ../widgets/CertTreeView.cpp:182 msgctxt "CertTreeView|" msgid "Tree View" msgstr "" #: ../widgets/CertTreeView.cpp:211 msgctxt "CertTreeView|" msgid "days" msgstr "" #: ../widgets/CertTreeView.cpp:219 msgctxt "CertTreeView|" msgid "No template" msgstr "" #: ../widgets/CertTreeView.cpp:224 msgctxt "CertTreeView|" msgid "CA Properties" msgstr "" #: ../widgets/CertTreeView.cpp:266 msgctxt "CertTreeView|" msgid "Certificate export" msgstr "" #: ../widgets/CertTreeView.cpp:267 msgctxt "CertTreeView|" msgid "X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b )" msgstr "" #: ../widgets/CertTreeView.cpp:268 msgctxt "CertTreeView|" msgid "vCalendar entry ( *.ics )" msgstr "" #: ../widgets/CertTreeView.cpp:269 msgctxt "CertTreeView|" msgid "OpenVPN file ( *.ovpn )" msgstr "" #: ../widgets/CertTreeView.cpp:270 msgctxt "CertTreeView|" msgid "OpenVPN tls-auth key ( *.key )" msgstr "" #: ../widgets/clicklabel.cpp:37 msgctxt "ClickLabel|" msgid "Double click for details" msgstr "" #: ../ui/CrlDetail.ui:30 msgctxt "CrlDetail|" msgid "Details of the Revocation list" msgstr "" #: ../ui/CrlDetail.ui:78 msgctxt "CrlDetail|" msgid "&Status" msgstr "" #: ../ui/CrlDetail.ui:144 msgctxt "CrlDetail|" msgid "Version" msgstr "" #: ../ui/CrlDetail.ui:163 msgctxt "CrlDetail|" msgid "Signature" msgstr "" #: ../ui/CrlDetail.ui:170 msgctxt "CrlDetail|" msgid "Signed by" msgstr "" #: ../ui/CrlDetail.ui:177 msgctxt "CrlDetail|" msgid "Name" msgstr "" #: ../ui/CrlDetail.ui:184 msgctxt "CrlDetail|" msgid "The internal name of the CRL in the database" msgstr "" #: ../ui/CrlDetail.ui:197 msgctxt "CrlDetail|" msgid "issuing dates" msgstr "" #: ../ui/CrlDetail.ui:215 msgctxt "CrlDetail|" msgid "Next update" msgstr "" #: ../ui/CrlDetail.ui:222 msgctxt "CrlDetail|" msgid "Last update" msgstr "" #: ../ui/CrlDetail.ui:255 msgctxt "CrlDetail|" msgid "&Issuer" msgstr "" #: ../ui/CrlDetail.ui:277 msgctxt "CrlDetail|" msgid "&Extensions" msgstr "" #: ../ui/CrlDetail.ui:306 msgctxt "CrlDetail|" msgid "&Revocation list" msgstr "" #: ../ui/CrlDetail.ui:340 msgctxt "CrlDetail|" msgid "Comment" msgstr "" #: ../widgets/CrlDetail.cpp:48 msgctxt "CrlDetail|" msgid "Failed" msgstr "" #: ../widgets/CrlDetail.cpp:53 msgctxt "CrlDetail|" msgid "Unknown signer" msgstr "" #: ../widgets/CrlDetail.cpp:56 msgctxt "CrlDetail|" msgid "Verification not possible" msgstr "" #: ../widgets/CrlTreeView.cpp:39 msgctxt "CrlTreeView|" msgid "There are no CA certificates for CRL generation" msgstr "" #: ../widgets/CrlTreeView.cpp:47 msgctxt "CrlTreeView|" msgid "Select CA certificate" msgstr "" #: ../widgets/CrlTreeView.cpp:69 msgctxt "CrlTreeView|" msgid "Revocation list export" msgstr "" #: ../widgets/CrlTreeView.cpp:70 msgctxt "CrlTreeView|" msgid "CRL ( *.pem *.der *.crl )" msgstr "" #: ../widgets/CrlTreeView.cpp:71 msgctxt "CrlTreeView|" msgid "vCalendar entry ( *.ics )" msgstr "" #: ../ui/ExportDialog.ui:76 msgctxt "ExportDialog|" msgid "Name" msgstr "" #: ../ui/ExportDialog.ui:83 msgctxt "ExportDialog|" msgid "The internal name of the CRL in the database" msgstr "" #: ../ui/ExportDialog.ui:112 msgctxt "ExportDialog|" msgid "..." msgstr "" #: ../ui/ExportDialog.ui:96 msgctxt "ExportDialog|" msgid "Filename" msgstr "" #: ../ui/ExportDialog.ui:127 msgctxt "ExportDialog|" msgid "Each Item in a separate file" msgstr "" #: ../ui/ExportDialog.ui:134 msgctxt "ExportDialog|" msgid "Same encryption password for all items" msgstr "" #: ../ui/ExportDialog.ui:141 msgctxt "ExportDialog|" msgid "Export comment into PEM file" msgstr "" #: ../ui/ExportDialog.ui:121 msgctxt "ExportDialog|" msgid "Export Format" msgstr "" #: ../widgets/ExportDialog.cpp:43 #, qt-format msgctxt "ExportDialog|" msgid "%n selected item(s)" msgid_plural "%n selected item(s)" msgstr[0] "" msgstr[1] "" #: ../widgets/ExportDialog.cpp:53 msgctxt "ExportDialog|" msgid "All files ( * )" msgstr "" #: ../widgets/ExportDialog.cpp:126 #, qt-format msgctxt "ExportDialog|" msgid "The file: '%1' already exists!" msgstr "" #: ../widgets/ExportDialog.cpp:127 msgctxt "ExportDialog|" msgid "Overwrite" msgstr "" #: ../widgets/ExportDialog.cpp:128 msgctxt "ExportDialog|" msgid "Do not overwrite" msgstr "" #: ../widgets/ExportDialog.cpp:132 #, qt-format msgctxt "ExportDialog|" msgid "The path: '%1' exist, but is not a file" msgstr "" #: ../widgets/ExportDialog.cpp:145 #, qt-format msgctxt "ExportDialog|" msgid "The path: '%1' exist, but is not a directory" msgstr "" #: ../widgets/ExportDialog.cpp:150 #, qt-format msgctxt "ExportDialog|" msgid "The directory: '%1' does not exist. Should it be created?" msgstr "" #: ../widgets/ExportDialog.cpp:152 msgctxt "ExportDialog|" msgid "Create" msgstr "" #: ../widgets/ExportDialog.cpp:158 #, qt-format msgctxt "ExportDialog|" msgid "Failed to create directory '%1'" msgstr "" #: ../widgets/ExportDialog.cpp:206 msgctxt "ExportDialog|" msgid "Directory" msgstr "" #: ../ui/TimeInput.ui:32 msgctxt "Form|" msgid "last update" msgstr "" #: ../ui/TimeInput.ui:46 msgctxt "Form|" msgid "next update" msgstr "" #: ../ui/TimeInput.ui:70 msgctxt "Form|" msgid "Days" msgstr "" #: ../ui/TimeInput.ui:75 msgctxt "Form|" msgid "Months" msgstr "" #: ../ui/TimeInput.ui:80 msgctxt "Form|" msgid "Years" msgstr "" #: ../ui/TimeInput.ui:88 msgctxt "Form|" msgid "Apply" msgstr "" #: ../ui/TimeInput.ui:95 msgctxt "Form|" msgid "Midnight" msgstr "" #: ../ui/TimeInput.ui:102 msgctxt "Form|" msgid "Local time" msgstr "" #: ../ui/TimeInput.ui:109 msgctxt "Form|" msgid "No well-defined expiration" msgstr "" #: ../ui/Help.ui:36 msgctxt "Help|" msgid "<<" msgstr "" #: ../ui/Help.ui:46 msgctxt "Help|" msgid ">>" msgstr "" #: ../ui/Help.ui:72 msgctxt "Help|" msgid "&Done" msgstr "" #: ../ui/ImportMulti.ui:36 msgctxt "ImportMulti|" msgid "Import PKI Items" msgstr "" #: ../ui/ImportMulti.ui:94 msgctxt "ImportMulti|" msgid "Import &All" msgstr "" #: ../ui/ImportMulti.ui:101 msgctxt "ImportMulti|" msgid "&Import" msgstr "" #: ../ui/ImportMulti.ui:108 msgctxt "ImportMulti|" msgid "&Done" msgstr "" #: ../ui/ImportMulti.ui:115 msgctxt "ImportMulti|" msgid "&Remove from list" msgstr "" #: ../ui/ImportMulti.ui:122 msgctxt "ImportMulti|" msgid "Details" msgstr "" #: ../ui/ImportMulti.ui:129 msgctxt "ImportMulti|" msgid "Delete from token" msgstr "" #: ../ui/ImportMulti.ui:136 msgctxt "ImportMulti|" msgid "Rename on token" msgstr "" #: ../widgets/ImportMulti.cpp:66 #, qt-format msgctxt "ImportMulti|" msgid "" "\n" "Name: %1\n" "Model: %2\n" "Serial: %3" msgstr "" #: ../widgets/ImportMulti.cpp:71 msgctxt "ImportMulti|" msgid "Manage security token" msgstr "" #: ../widgets/ImportMulti.cpp:106 ../widgets/ImportMulti.cpp:300 #, qt-format msgctxt "ImportMulti|" msgid "The type of the item '%1' is not recognized" msgstr "" #: ../widgets/ImportMulti.cpp:252 msgctxt "ImportMulti|" msgid "Could not open the default database" msgstr "" #: ../widgets/ImportMulti.cpp:328 #, qt-format msgctxt "ImportMulti|" msgid "The file '%1' did not contain PKI data" msgstr "" #: ../widgets/ImportMulti.cpp:331 #, qt-format msgctxt "ImportMulti|" msgid "The %1 files: '%2' did not contain PKI data" msgstr "" #: ../ui/ItemProperties.ui:22 msgctxt "ItemProperties|" msgid "Name" msgstr "" #: ../ui/ItemProperties.ui:32 msgctxt "ItemProperties|" msgid "Source" msgstr "" #: ../ui/ItemProperties.ui:42 msgctxt "ItemProperties|" msgid "Insertion date" msgstr "" #: ../ui/ItemProperties.ui:54 msgctxt "ItemProperties|" msgid "Comment" msgstr "" #: ../ui/KeyDetail.ui:82 msgctxt "KeyDetail|" msgid "Name" msgstr "" #: ../ui/KeyDetail.ui:89 msgctxt "KeyDetail|" msgid "The internal name of the key used by xca" msgstr "" #: ../widgets/KeyDetail.cpp:101 msgctxt "KeyDetail|" msgid "Security token" msgstr "" #: ../ui/KeyDetail.ui:286 msgctxt "KeyDetail|" msgid "Manufacturer" msgstr "" #: ../ui/KeyDetail.ui:296 msgctxt "KeyDetail|" msgid "Serial" msgstr "" #: ../ui/KeyDetail.ui:102 ../ui/KeyDetail.ui:182 msgctxt "KeyDetail|" msgid "Key" msgstr "" #: ../ui/KeyDetail.ui:110 msgctxt "KeyDetail|" msgid "Public Exponent" msgstr "" #: ../ui/KeyDetail.ui:136 msgctxt "KeyDetail|" msgid "Keysize" msgstr "" #: ../ui/KeyDetail.ui:163 msgctxt "KeyDetail|" msgid "Private Exponent" msgstr "" #: ../ui/KeyDetail.ui:214 msgctxt "KeyDetail|" msgid "Security Token" msgstr "" #: ../ui/KeyDetail.ui:235 ../ui/KeyDetail.ui:306 msgctxt "KeyDetail|" msgid "Label" msgstr "" #: ../ui/KeyDetail.ui:245 msgctxt "KeyDetail|" msgid "PKCS#11 ID" msgstr "" #: ../ui/KeyDetail.ui:270 msgctxt "KeyDetail|" msgid "Token information" msgstr "" #: ../ui/KeyDetail.ui:276 msgctxt "KeyDetail|" msgid "Model" msgstr "" #: ../ui/KeyDetail.ui:324 msgctxt "KeyDetail|" msgid "Fingerprint" msgstr "" #: ../ui/KeyDetail.ui:329 msgctxt "KeyDetail|" msgid "Comment" msgstr "" #: ../widgets/KeyDetail.cpp:84 #, qt-format msgctxt "KeyDetail|" msgid "Details of the %1 key" msgstr "" #: ../widgets/KeyDetail.cpp:90 msgctxt "KeyDetail|" msgid "Not available" msgstr "" #: ../widgets/KeyDetail.cpp:103 msgctxt "KeyDetail|" msgid "Available" msgstr "" #: ../widgets/KeyDetail.cpp:112 msgctxt "KeyDetail|" msgid "Sub prime" msgstr "" #: ../widgets/KeyDetail.cpp:113 ../widgets/KeyDetail.cpp:122 #: ../widgets/KeyDetail.cpp:134 msgctxt "KeyDetail|" msgid "Public key" msgstr "" #: ../widgets/KeyDetail.cpp:114 ../widgets/KeyDetail.cpp:123 #: ../widgets/KeyDetail.cpp:135 msgctxt "KeyDetail|" msgid "Private key" msgstr "" #: ../widgets/KeyDetail.cpp:124 ../widgets/KeyDetail.cpp:136 msgctxt "KeyDetail|" msgid "Curve name" msgstr "" #: ../widgets/KeyDetail.cpp:143 msgctxt "KeyDetail|" msgid "Unknown key" msgstr "" #: ../widgets/KeyTreeView.cpp:31 msgctxt "KeyTreeView|" msgid "Change password" msgstr "" #: ../widgets/KeyTreeView.cpp:35 msgctxt "KeyTreeView|" msgid "Reset password" msgstr "" #: ../widgets/KeyTreeView.cpp:47 msgctxt "KeyTreeView|" msgid "Change PIN" msgstr "" #: ../widgets/KeyTreeView.cpp:49 msgctxt "KeyTreeView|" msgid "Init PIN with SO PIN (PUK)" msgstr "" #: ../widgets/KeyTreeView.cpp:51 msgctxt "KeyTreeView|" msgid "Change SO PIN (PUK)" msgstr "" #: ../widgets/KeyTreeView.cpp:54 msgctxt "KeyTreeView|" msgid "Security token" msgstr "" #: ../widgets/KeyTreeView.cpp:91 ../widgets/KeyTreeView.cpp:109 #: ../widgets/KeyTreeView.cpp:127 msgctxt "KeyTreeView|" msgid "This is not a token" msgstr "" #: ../widgets/KeyTreeView.cpp:156 #, qt-format msgctxt "KeyTreeView|" msgid "" "Shall the original key '%1' be replaced by the key on the token?\n" "This will delete the key '%1' and make it unexportable" msgstr "" #: ../widgets/KeyTreeView.cpp:203 msgctxt "KeyTreeView|" msgid "Key export" msgstr "" #: ../widgets/KeyTreeView.cpp:204 msgctxt "KeyTreeView|" msgid "Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub )" msgstr "" #: ../widgets/KeyTreeView.cpp:206 msgctxt "KeyTreeView|" msgid "SSH Private Keys ( *.priv )" msgstr "" #: ../widgets/KeyTreeView.cpp:207 msgctxt "KeyTreeView|" msgid "Microsoft PVK Keys ( *.pvk )" msgstr "" #: ../ui/MainWindow.ui:25 msgctxt "MainWindow|" msgid "Private Keys" msgstr "" #: ../ui/MainWindow.ui:49 msgctxt "MainWindow|" msgid "&New Key" msgstr "" #: ../ui/MainWindow.ui:56 ../ui/MainWindow.ui:155 ../ui/MainWindow.ui:241 #: ../ui/MainWindow.ui:369 ../ui/MainWindow.ui:434 msgctxt "MainWindow|" msgid "&Export" msgstr "" #: ../ui/MainWindow.ui:63 ../ui/MainWindow.ui:162 ../ui/MainWindow.ui:248 #: ../ui/MainWindow.ui:362 ../ui/MainWindow.ui:441 msgctxt "MainWindow|" msgid "&Import" msgstr "" #: ../ui/MainWindow.ui:70 msgctxt "MainWindow|" msgid "Import PFX (PKCS#12)" msgstr "" #: ../ui/MainWindow.ui:77 ../ui/MainWindow.ui:169 ../ui/MainWindow.ui:255 #: ../ui/MainWindow.ui:448 msgctxt "MainWindow|" msgid "&Show Details" msgstr "" #: ../ui/MainWindow.ui:84 ../ui/MainWindow.ui:176 ../ui/MainWindow.ui:262 #: ../ui/MainWindow.ui:355 ../ui/MainWindow.ui:455 msgctxt "MainWindow|" msgid "&Delete" msgstr "" #: ../ui/MainWindow.ui:124 msgctxt "MainWindow|" msgid "Certificate signing requests" msgstr "" #: ../ui/MainWindow.ui:148 msgctxt "MainWindow|" msgid "&New Request" msgstr "" #: ../widgets/MW_menu.cpp:146 ../ui/MainWindow.ui:216 msgctxt "MainWindow|" msgid "Certificates" msgstr "" #: ../ui/MainWindow.ui:234 msgctxt "MainWindow|" msgid "&New Certificate" msgstr "" #: ../ui/MainWindow.ui:269 msgctxt "MainWindow|" msgid "Import &PKCS#12" msgstr "" #: ../ui/MainWindow.ui:276 msgctxt "MainWindow|" msgid "Import P&KCS#7" msgstr "" #: ../ui/MainWindow.ui:283 msgctxt "MainWindow|" msgid "Plain View" msgstr "" #: ../ui/MainWindow.ui:323 msgctxt "MainWindow|" msgid "Templates" msgstr "" #: ../ui/MainWindow.ui:341 msgctxt "MainWindow|" msgid "&New Template" msgstr "" #: ../ui/MainWindow.ui:427 msgctxt "MainWindow|" msgid "&New CRL" msgstr "" #: ../ui/MainWindow.ui:348 msgctxt "MainWindow|" msgid "Ch&ange Template" msgstr "" #: ../ui/MainWindow.ui:409 msgctxt "MainWindow|" msgid "Revocation lists" msgstr "" #: ../widgets/MainWindow.cpp:628 msgctxt "MainWindow|" msgid "" "Using or exporting private keys will not be possible without providing the " "correct password" msgstr "" #: ../widgets/MainWindow.cpp:634 #, qt-format msgctxt "MainWindow|" msgid "" "The currently used default hash '%1' is insecure. Please select at least " "'SHA 224' for security reasons." msgstr "" #: ../widgets/MW_menu.cpp:97 msgctxt "MainWindow|" msgid "Recent DataBases" msgstr "" #: ../widgets/MW_help.cpp:25 ../widgets/MW_menu.cpp:40 msgctxt "MainWindow|" msgid "System" msgstr "" #: ../widgets/MW_help.cpp:30 msgctxt "MainWindow|" msgid "Croatian" msgstr "" #: ../widgets/MW_help.cpp:33 msgctxt "MainWindow|" msgid "English" msgstr "" #: ../widgets/MW_help.cpp:34 msgctxt "MainWindow|" msgid "French" msgstr "" #: ../widgets/MW_help.cpp:36 msgctxt "MainWindow|" msgid "German" msgstr "" #: ../widgets/MW_help.cpp:42 msgctxt "MainWindow|" msgid "Japanese" msgstr "" #: ../widgets/MW_help.cpp:46 msgctxt "MainWindow|" msgid "Korean" msgstr "" #: ../widgets/MW_help.cpp:52 msgctxt "MainWindow|" msgid "Russian" msgstr "" #: ../widgets/MW_help.cpp:53 msgctxt "MainWindow|" msgid "Slovak" msgstr "" #: ../widgets/MW_help.cpp:55 msgctxt "MainWindow|" msgid "Spanish" msgstr "" #: ../widgets/MW_help.cpp:44 msgctxt "MainWindow|" msgid "Persian" msgstr "" #: ../widgets/MW_help.cpp:26 msgctxt "MainWindow|" msgid "Bulgarian" msgstr "" #: ../widgets/MW_help.cpp:48 msgctxt "MainWindow|" msgid "Polish" msgstr "" #: ../widgets/MW_help.cpp:40 msgctxt "MainWindow|" msgid "Italian" msgstr "" #: ../widgets/MW_help.cpp:28 msgctxt "MainWindow|" msgid "Chinese" msgstr "" #: ../widgets/MW_help.cpp:32 msgctxt "MainWindow|" msgid "Dutch" msgstr "" #: ../widgets/MW_help.cpp:50 msgctxt "MainWindow|" msgid "Portuguese in Brazil" msgstr "" #: ../widgets/MW_help.cpp:38 msgctxt "MainWindow|" msgid "Indonesian" msgstr "" #: ../widgets/MW_help.cpp:57 msgctxt "MainWindow|" msgid "Turkish" msgstr "" #: ../widgets/MW_menu.cpp:85 msgctxt "MainWindow|" msgid "Language" msgstr "" #: ../widgets/MW_menu.cpp:103 msgctxt "MainWindow|" msgid "&File" msgstr "" #: ../widgets/MW_menu.cpp:113 msgctxt "MainWindow|" msgid "Open Remote DataBase" msgstr "" #: ../widgets/MW_menu.cpp:117 msgctxt "MainWindow|" msgid "Set as default DataBase" msgstr "" #: ../widgets/MW_menu.cpp:105 msgctxt "MainWindow|" msgid "New DataBase" msgstr "" #: ../widgets/MW_menu.cpp:109 msgctxt "MainWindow|" msgid "Open DataBase" msgstr "" #: ../widgets/MW_menu.cpp:119 msgctxt "MainWindow|" msgid "Close DataBase" msgstr "" #: ../widgets/MW_menu.cpp:124 msgctxt "MainWindow|" msgid "Options" msgstr "" #: ../widgets/MW_menu.cpp:132 msgctxt "MainWindow|" msgid "Exit" msgstr "" #: ../widgets/MW_menu.cpp:143 msgctxt "MainWindow|" msgid "I&mport" msgstr "" #: ../widgets/MW_menu.cpp:144 msgctxt "MainWindow|" msgid "Keys" msgstr "" #: ../widgets/MW_menu.cpp:145 msgctxt "MainWindow|" msgid "Requests" msgstr "" #: ../widgets/MW_menu.cpp:147 msgctxt "MainWindow|" msgid "PKCS#12" msgstr "" #: ../widgets/MW_menu.cpp:148 msgctxt "MainWindow|" msgid "PKCS#7" msgstr "" #: ../widgets/MW_menu.cpp:149 msgctxt "MainWindow|" msgid "Template" msgstr "" #: ../widgets/MW_menu.cpp:150 msgctxt "MainWindow|" msgid "Revocation list" msgstr "" #: ../widgets/MW_menu.cpp:151 msgctxt "MainWindow|" msgid "PEM file" msgstr "" #: ../widgets/MW_menu.cpp:152 msgctxt "MainWindow|" msgid "Paste PEM file" msgstr "" #: ../widgets/MW_menu.cpp:156 msgctxt "MainWindow|" msgid "Token" msgstr "" #: ../widgets/MW_menu.cpp:173 msgctxt "MainWindow|" msgid "Export Certificate &Index hierarchy" msgstr "" #: ../widgets/MW_menu.cpp:191 msgctxt "MainWindow|" msgid "Content" msgstr "" #: ../widgets/MW_menu.cpp:157 msgctxt "MainWindow|" msgid "&Manage Security token" msgstr "" #: ../widgets/MW_menu.cpp:159 msgctxt "MainWindow|" msgid "&Init Security token" msgstr "" #: ../widgets/MW_menu.cpp:161 msgctxt "MainWindow|" msgid "&Change PIN" msgstr "" #: ../widgets/MW_menu.cpp:163 msgctxt "MainWindow|" msgid "Change &SO PIN" msgstr "" #: ../widgets/MW_menu.cpp:165 msgctxt "MainWindow|" msgid "Init PIN" msgstr "" #: ../widgets/MW_menu.cpp:168 msgctxt "MainWindow|" msgid "Extra" msgstr "" #: ../widgets/MW_menu.cpp:169 msgctxt "MainWindow|" msgid "&Dump DataBase" msgstr "" #: ../widgets/MW_menu.cpp:171 msgctxt "MainWindow|" msgid "&Export Certificate Index" msgstr "" #: ../widgets/MW_menu.cpp:175 msgctxt "MainWindow|" msgid "C&hange DataBase password" msgstr "" #: ../widgets/MW_menu.cpp:178 msgctxt "MainWindow|" msgid "&Undelete items" msgstr "" #: ../widgets/MW_menu.cpp:181 msgctxt "MainWindow|" msgid "Generate DH parameter" msgstr "" #: ../widgets/MW_menu.cpp:183 msgctxt "MainWindow|" msgid "OID Resolver" msgstr "" #: ../widgets/MW_menu.cpp:190 msgctxt "MainWindow|" msgid "&Help" msgstr "" #: ../widgets/MW_menu.cpp:193 msgctxt "MainWindow|" msgid "About" msgstr "" #: ../widgets/MainWindow.cpp:257 msgctxt "MainWindow|" msgid "Import PEM data" msgstr "" #: ../widgets/MainWindow.cpp:286 #, qt-format msgctxt "MainWindow|" msgid "Please enter the original SO PIN (PUK) of the token '%1'" msgstr "" #: ../widgets/MainWindow.cpp:117 ../widgets/MainWindow.cpp:792 msgctxt "MainWindow|" msgid "Search" msgstr "" #: ../widgets/MainWindow.cpp:292 #, qt-format msgctxt "MainWindow|" msgid "Please enter the new SO PIN (PUK) for the token '%1'" msgstr "" #: ../widgets/MainWindow.cpp:299 #, qt-format msgctxt "MainWindow|" msgid "The new label of the token '%1'" msgstr "" #: ../widgets/MainWindow.cpp:416 #, qt-format msgctxt "MainWindow|" msgid "The token '%1' did not contain any keys or certificates" msgstr "" #: ../widgets/MainWindow.cpp:420 msgctxt "MainWindow|" msgid "Retry with PIN" msgstr "" #: ../widgets/MainWindow.cpp:421 msgctxt "MainWindow|" msgid "Retry with SO PIN" msgstr "" #: ../widgets/MainWindow.cpp:484 msgctxt "MainWindow|" msgid "Current Password" msgstr "" #: ../widgets/MainWindow.cpp:485 msgctxt "MainWindow|" msgid "Please enter the current database password" msgstr "" #: ../widgets/MainWindow.cpp:495 msgctxt "MainWindow|" msgid "The entered password is wrong" msgstr "" #: ../widgets/MainWindow.cpp:500 msgctxt "MainWindow|" msgid "New Password" msgstr "" #: ../widgets/MainWindow.cpp:500 msgctxt "MainWindow|" msgid "" "Please enter the new password to encrypt your private keys in the " "database-file" msgstr "" #: ../widgets/MainWindow.cpp:524 msgctxt "MainWindow|" msgid "Transaction start failed" msgstr "" #: ../widgets/MainWindow.cpp:611 #, qt-format msgctxt "MainWindow|" msgid "Database: %1" msgstr "" #: ../widgets/MainWindow.cpp:639 #, qt-format msgctxt "MainWindow|" msgid "The currently used PFX / PKCS#12 algorithm '%1' is insecure." msgstr "" #: ../widgets/MainWindow.cpp:644 msgctxt "MainWindow|" msgid "Change" msgstr "" #: ../widgets/MainWindow.cpp:711 msgctxt "MainWindow|" msgid "Certificate Index ( index.txt )" msgstr "" #: ../widgets/MainWindow.cpp:712 ../widgets/MainWindow.cpp:768 msgctxt "MainWindow|" msgid "All files ( * )" msgstr "" #: ../widgets/MainWindow.cpp:735 #, qt-format msgctxt "MainWindow|" msgid "Diffie-Hellman parameters saved as: %1" msgstr "" #: ../widgets/MainWindow.cpp:753 msgctxt "MainWindow|" msgid "" "Diffie-Hellman parameters are needed for different applications, but not " "handled by XCA.\n" "Please enter the DH parameter bits" msgstr "" #: ../ui/NewCrl.ui:32 msgctxt "NewCrl|" msgid "Last update" msgstr "" #: ../ui/NewCrl.ui:46 msgctxt "NewCrl|" msgid "Next update" msgstr "" #: ../ui/NewCrl.ui:70 msgctxt "NewCrl|" msgid "Days" msgstr "" #: ../ui/NewCrl.ui:75 msgctxt "NewCrl|" msgid "Months" msgstr "" #: ../ui/NewCrl.ui:80 msgctxt "NewCrl|" msgid "Years" msgstr "" #: ../ui/NewCrl.ui:88 msgctxt "NewCrl|" msgid "Midnight" msgstr "" #: ../ui/NewCrl.ui:95 msgctxt "NewCrl|" msgid "Local time" msgstr "" #: ../ui/NewCrl.ui:102 msgctxt "NewCrl|" msgid "Apply" msgstr "" #: ../ui/NewCrl.ui:128 msgctxt "NewCrl|" msgid "Options" msgstr "" #: ../ui/NewCrl.ui:172 msgctxt "NewCrl|" msgid "CRL number" msgstr "" #: ../ui/NewCrl.ui:144 msgctxt "NewCrl|" msgid "Subject alternative name" msgstr "" #: ../ui/NewCrl.ui:199 msgctxt "NewCrl|" msgid "Revocation reasons" msgstr "" #: ../ui/NewCrl.ui:158 msgctxt "NewCrl|" msgid "Authority key identifier" msgstr "" #: ../ui/NewCrl.ui:134 msgctxt "NewCrl|" msgid "Hash algorithm" msgstr "" #: ../widgets/NewCrl.cpp:78 msgctxt "NewCrl|" msgid "Create CRL" msgstr "" #: ../ui/NewKey.ui:86 msgctxt "NewKey|" msgid "Please give a name to the new key and select the desired keysize" msgstr "" #: ../ui/NewKey.ui:96 msgctxt "NewKey|" msgid "Key properties" msgstr "" #: ../ui/NewKey.ui:102 msgctxt "NewKey|" msgid "Name" msgstr "" #: ../ui/NewKey.ui:121 msgctxt "NewKey|" msgid "The internal name of the new key" msgstr "" #: ../ui/NewKey.ui:151 msgctxt "NewKey|" msgid "Curve name" msgstr "" #: ../ui/NewKey.ui:171 msgctxt "NewKey|" msgid "Usually at least 2048 bit keys are recommended" msgstr "" #: ../ui/NewKey.ui:39 ../ui/NewKey.ui:124 msgctxt "NewKey|" msgid "New Key" msgstr "" #: ../ui/NewKey.ui:158 msgctxt "NewKey|" msgid "Keysize" msgstr "" #: ../ui/NewKey.ui:178 msgctxt "NewKey|" msgid "Keytype" msgstr "" #: ../ui/NewKey.ui:188 msgctxt "NewKey|" msgid "Remember as default" msgstr "" #: ../widgets/NewKey.cpp:135 msgctxt "NewKey|" msgid "Create" msgstr "" #: ../ui/NewX509.ui:75 msgctxt "NewX509|" msgid "Source" msgstr "" #: ../ui/NewX509.ui:97 msgctxt "NewX509|" msgid "Signing request" msgstr "" #: ../ui/NewX509.ui:121 msgctxt "NewX509|" msgid "Show request" msgstr "" #: ../ui/NewX509.ui:128 msgctxt "NewX509|" msgid "Sign this Certificate signing &request" msgstr "" #: ../ui/NewX509.ui:135 msgctxt "NewX509|" msgid "Copy extensions from the request" msgstr "" #: ../ui/NewX509.ui:145 msgctxt "NewX509|" msgid "Modify subject of the request" msgstr "" #: ../ui/NewX509.ui:177 msgctxt "NewX509|" msgid "Signing" msgstr "" #: ../ui/NewX509.ui:185 msgctxt "NewX509|" msgid "Create a &self signed certificate" msgstr "" #: ../ui/NewX509.ui:199 msgctxt "NewX509|" msgid "Use &this Certificate for signing" msgstr "" #: ../ui/NewX509.ui:206 msgctxt "NewX509|" msgid "All certificates in your database that can create valid signatures" msgstr "" #: ../ui/NewX509.ui:233 msgctxt "NewX509|" msgid "Signature algorithm" msgstr "" #: ../ui/NewX509.ui:261 msgctxt "NewX509|" msgid "Template for the new certificate" msgstr "" #: ../ui/NewX509.ui:273 msgctxt "NewX509|" msgid "All available templates" msgstr "" #: ../ui/NewX509.ui:295 msgctxt "NewX509|" msgid "Apply extensions" msgstr "" #: ../ui/NewX509.ui:302 msgctxt "NewX509|" msgid "Apply subject" msgstr "" #: ../ui/NewX509.ui:315 msgctxt "NewX509|" msgid "Apply all" msgstr "" #: ../widgets/NewX509.cpp:611 ../ui/NewX509.ui:344 msgctxt "NewX509|" msgid "Subject" msgstr "" #: ../ui/NewX509.ui:352 msgctxt "NewX509|" msgid "Internal Name" msgstr "" #: ../ui/NewX509.ui:368 msgctxt "NewX509|" msgid "Distinguished name" msgstr "" #: ../ui/NewX509.ui:394 msgctxt "NewX509|" msgid "Add" msgstr "" #: ../ui/NewX509.ui:401 msgctxt "NewX509|" msgid "Delete" msgstr "" #: ../ui/NewX509.ui:438 msgctxt "NewX509|" msgid "Private key" msgstr "" #: ../ui/NewX509.ui:450 msgctxt "NewX509|" msgid "This list only contains unused keys" msgstr "" #: ../ui/NewX509.ui:457 msgctxt "NewX509|" msgid "Used keys too" msgstr "" #: ../ui/NewX509.ui:464 msgctxt "NewX509|" msgid "&Generate a new key" msgstr "" #: ../ui/NewX509.ui:475 msgctxt "NewX509|" msgid "Extensions" msgstr "" #: ../ui/NewX509.ui:486 msgctxt "NewX509|" msgid "Type" msgstr "" #: ../ui/NewX509.ui:493 msgctxt "NewX509|" msgid "If this will become a CA certificate or not" msgstr "" #: ../ui/NewX509.ui:497 msgctxt "NewX509|" msgid "Not defined" msgstr "" #: ../ui/NewX509.ui:502 msgctxt "NewX509|" msgid "Certification Authority" msgstr "" #: ../ui/NewX509.ui:507 msgctxt "NewX509|" msgid "End Entity" msgstr "" #: ../ui/NewX509.ui:515 msgctxt "NewX509|" msgid "Path length" msgstr "" #: ../ui/NewX509.ui:522 msgctxt "NewX509|" msgid "How much CAs may be below this." msgstr "" #: ../ui/NewX509.ui:529 msgctxt "NewX509|" msgid "The basic constraints should always be critical" msgstr "" #: ../ui/NewX509.ui:542 msgctxt "NewX509|" msgid "Key identifier" msgstr "" #: ../ui/NewX509.ui:563 msgctxt "NewX509|" msgid "Creates a hash of the key following the PKIX guidelines" msgstr "" #: ../ui/NewX509.ui:573 msgctxt "NewX509|" msgid "Copy the Subject Key Identifier from the issuer" msgstr "" #: ../ui/NewX509.ui:619 msgctxt "NewX509|" msgid "Validity" msgstr "" #: ../ui/NewX509.ui:625 msgctxt "NewX509|" msgid "Not before" msgstr "" #: ../ui/NewX509.ui:639 msgctxt "NewX509|" msgid "Not after" msgstr "" #: ../ui/NewX509.ui:656 msgctxt "NewX509|" msgid "Time range" msgstr "" #: ../ui/NewX509.ui:666 msgctxt "NewX509|" msgid "Days" msgstr "" #: ../ui/NewX509.ui:671 msgctxt "NewX509|" msgid "Months" msgstr "" #: ../ui/NewX509.ui:676 msgctxt "NewX509|" msgid "Years" msgstr "" #: ../ui/NewX509.ui:704 msgctxt "NewX509|" msgid "Apply" msgstr "" #: ../ui/NewX509.ui:711 msgctxt "NewX509|" msgid "Set the time to 00:00:00 and 23:59:59 respectively" msgstr "" #: ../ui/NewX509.ui:714 msgctxt "NewX509|" msgid "Midnight" msgstr "" #: ../ui/NewX509.ui:684 msgctxt "NewX509|" msgid "Local time" msgstr "" #: ../ui/NewX509.ui:691 msgctxt "NewX509|" msgid "No well-defined expiration" msgstr "" #: ../ui/NewX509.ui:768 ../ui/NewX509.ui:811 ../ui/NewX509.ui:834 #: ../ui/NewX509.ui:863 msgctxt "NewX509|" msgid "DNS: IP: URI: email: RID:" msgstr "" #: ../widgets/NewX509.cpp:1029 ../ui/NewX509.ui:775 ../ui/NewX509.ui:801 #: ../ui/NewX509.ui:827 ../ui/NewX509.ui:870 ../ui/NewX509.ui:896 msgctxt "NewX509|" msgid "Edit" msgstr "" #: ../ui/NewX509.ui:922 msgctxt "NewX509|" msgid "URI:" msgstr "" #: ../ui/NewX509.ui:932 msgctxt "NewX509|" msgid "Key usage" msgstr "" #: ../ui/NewX509.ui:1070 msgctxt "NewX509|" msgid "Netscape" msgstr "" #: ../ui/NewX509.ui:1228 msgctxt "NewX509|" msgid "Advanced" msgstr "" #: ../widgets/NewX509.cpp:1039 ../ui/NewX509.ui:1252 msgctxt "NewX509|" msgid "Validate" msgstr "" #: ../ui/NewX509.ui:1275 msgctxt "NewX509|" msgid "Comment" msgstr "" #: ../ui/NewX509.ui:359 msgctxt "NewX509|" msgid "" "This name is only used internally and does not appear in the resulting " "certificate" msgstr "" #: ../widgets/NewX509.cpp:276 msgctxt "NewX509|" msgid "Critical" msgstr "" #: ../widgets/NewX509.cpp:317 msgctxt "NewX509|" msgid "Create Certificate signing request" msgstr "" #: ../widgets/NewX509.cpp:343 #, qt-format msgctxt "NewX509|" msgid "minimum size: %1" msgstr "" #: ../widgets/NewX509.cpp:345 #, qt-format msgctxt "NewX509|" msgid "maximum size: %1" msgstr "" #: ../widgets/NewX509.cpp:347 msgctxt "NewX509|" msgid "only a-z A-Z 0-9 '()+,-./:=?" msgstr "" #: ../widgets/NewX509.cpp:351 msgctxt "NewX509|" msgid "only 7-bit clean characters" msgstr "" #: ../widgets/NewX509.cpp:376 msgctxt "NewX509|" msgid "Edit XCA template" msgstr "" #: ../widgets/NewX509.cpp:391 msgctxt "NewX509|" msgid "Create x509 Certificate" msgstr "" #: ../widgets/NewX509.cpp:779 #, qt-format msgctxt "NewX509|" msgid "Template '%1' applied" msgstr "" #: ../widgets/NewX509.cpp:786 #, qt-format msgctxt "NewX509|" msgid "Subject applied from template '%1'" msgstr "" #: ../widgets/NewX509.cpp:794 #, qt-format msgctxt "NewX509|" msgid "Extensions applied from template '%1'" msgstr "" #: ../widgets/NewX509.cpp:809 #, qt-format msgctxt "NewX509|" msgid "New key '%1' created" msgstr "" #: ../widgets/NewX509.cpp:1061 msgctxt "NewX509|" msgid "Other Tabs" msgstr "" #: ../widgets/NewX509.cpp:1077 msgctxt "NewX509|" msgid "Advanced Tab" msgstr "" #: ../widgets/NewX509.cpp:1084 msgctxt "NewX509|" msgid "Errors" msgstr "" #: ../widgets/NewX509.cpp:1103 msgctxt "NewX509|" msgid "From PKCS#10 request" msgstr "" #: ../widgets/NewX509.cpp:1113 msgctxt "NewX509|" msgid "Error" msgstr "" #: ../widgets/NewX509.cpp:1113 msgctxt "NewX509|" msgid "duplicate extensions" msgstr "" #: ../widgets/NewX509.cpp:1122 msgctxt "NewX509|" msgid "The Name Constraints are invalid" msgstr "" #: ../widgets/NewX509.cpp:1124 msgctxt "NewX509|" msgid "The Subject Alternative Name is invalid" msgstr "" #: ../widgets/NewX509.cpp:1126 msgctxt "NewX509|" msgid "The Issuer Alternative Name is invalid" msgstr "" #: ../widgets/NewX509.cpp:1128 msgctxt "NewX509|" msgid "The CRL Distribution Point is invalid" msgstr "" #: ../widgets/NewX509.cpp:1130 msgctxt "NewX509|" msgid "The Authority Information Access is invalid" msgstr "" #: ../widgets/NewX509.cpp:1241 ../widgets/NewX509.cpp:1254 #: ../widgets/NewX509.cpp:1273 ../widgets/NewX509.cpp:1285 #: ../widgets/NewX509.cpp:1301 ../widgets/NewX509.cpp:1315 #: ../widgets/NewX509.cpp:1349 ../widgets/NewX509.cpp:1368 #: ../widgets/NewX509.cpp:1391 ../widgets/NewX509.cpp:1414 #: ../widgets/NewX509.cpp:1449 ../widgets/NewX509.cpp:1469 #: ../widgets/NewX509.cpp:1502 msgctxt "NewX509|" msgid "Abort rollout" msgstr "" #: ../widgets/NewX509.cpp:1250 msgctxt "NewX509|" msgid "The following length restrictions of RFC3280 are violated:" msgstr "" #: ../widgets/NewX509.cpp:1253 ../widgets/NewX509.cpp:1314 msgctxt "NewX509|" msgid "Edit subject" msgstr "" #: ../widgets/NewX509.cpp:1255 ../widgets/NewX509.cpp:1316 #: ../widgets/NewX509.cpp:1369 ../widgets/NewX509.cpp:1392 #: ../widgets/NewX509.cpp:1415 ../widgets/NewX509.cpp:1450 #: ../widgets/NewX509.cpp:1470 ../widgets/NewX509.cpp:1503 msgctxt "NewX509|" msgid "Continue rollout" msgstr "" #: ../widgets/NewX509.cpp:1271 msgctxt "NewX509|" msgid "" "The verification of the Certificate request failed.\n" "The rollout should be aborted." msgstr "" #: ../widgets/NewX509.cpp:1272 msgctxt "NewX509|" msgid "Continue anyway" msgstr "" #: ../widgets/NewX509.cpp:1283 msgctxt "NewX509|" msgid "" "The internal name and the common name are empty.\n" "Please set at least the internal name." msgstr "" #: ../widgets/NewX509.cpp:1284 msgctxt "NewX509|" msgid "Edit name" msgstr "" #: ../widgets/NewX509.cpp:1299 msgctxt "NewX509|" msgid "There is no Key selected for signing." msgstr "" #: ../widgets/NewX509.cpp:1300 msgctxt "NewX509|" msgid "Select key" msgstr "" #: ../widgets/NewX509.cpp:1312 #, qt-format msgctxt "NewX509|" msgid "" "The following distinguished name entries are empty:\n" "%1\n" "though you have declared them as mandatory in the options menu." msgstr "" #: ../widgets/NewX509.cpp:1346 msgctxt "NewX509|" msgid "The key you selected for signing is not a private one." msgstr "" #: ../widgets/NewX509.cpp:1347 msgctxt "NewX509|" msgid "Select other signer" msgstr "" #: ../widgets/NewX509.cpp:1347 msgctxt "NewX509|" msgid "Select other key" msgstr "" #: ../widgets/NewX509.cpp:1357 #, qt-format msgctxt "NewX509|" msgid "" "The currently selected hash algorithm '%1' is insecure and should not be " "used." msgstr "" #: ../widgets/NewX509.cpp:1358 msgctxt "NewX509|" msgid "Select other algorithm" msgstr "" #: ../widgets/NewX509.cpp:1359 msgctxt "NewX509|" msgid "Use algorithm anyway" msgstr "" #: ../widgets/NewX509.cpp:1365 msgctxt "NewX509|" msgid "" "The certificate will be earlier valid than the signer. This is probably not " "what you want." msgstr "" #: ../widgets/NewX509.cpp:1367 ../widgets/NewX509.cpp:1390 #: ../widgets/NewX509.cpp:1413 msgctxt "NewX509|" msgid "Edit dates" msgstr "" #: ../widgets/NewX509.cpp:1370 ../widgets/NewX509.cpp:1393 msgctxt "NewX509|" msgid "Adjust date and continue" msgstr "" #: ../widgets/NewX509.cpp:1388 msgctxt "NewX509|" msgid "" "The certificate will be longer valid than the signer. This is probably not " "what you want." msgstr "" #: ../widgets/NewX509.cpp:1411 msgctxt "NewX509|" msgid "" "The certificate will be out of date before it becomes valid. You most " "probably mixed up both dates." msgstr "" #: ../widgets/NewX509.cpp:1433 msgctxt "NewX509|" msgid "" "The certificate contains invalid or duplicate extensions. Check the " "validation on the advanced tab." msgstr "" #: ../widgets/NewX509.cpp:1437 msgctxt "NewX509|" msgid "" "The certificate contains no extensions. You may apply the extensions of one " "of the templates to define the purpose of the certificate." msgstr "" #: ../widgets/NewX509.cpp:1441 msgctxt "NewX509|" msgid "The certificate contains invalid extensions." msgstr "" #: ../widgets/NewX509.cpp:1448 ../widgets/NewX509.cpp:1468 #: ../widgets/NewX509.cpp:1501 msgctxt "NewX509|" msgid "Edit extensions" msgstr "" #: ../widgets/NewX509.cpp:1467 msgctxt "NewX509|" msgid "" "The subject alternative name shall contain a copy of the common name. " "However, the common name is empty." msgstr "" #: ../widgets/NewX509.cpp:1498 #, qt-format msgctxt "NewX509|" msgid "A name constraint of the issuer '%1' is violated: %2" msgstr "" #: ../widgets/NewX509_ext.cpp:173 #, qt-format msgctxt "NewX509|" msgid "Configfile error on line %1\n" msgstr "" #: ../ui/OidResolver.ui:28 msgctxt "OidResolver|" msgid "OID Resolver" msgstr "" #: ../ui/OidResolver.ui:38 msgctxt "OidResolver|" msgid "Enter the OID, the Nid, or one of the textual representations" msgstr "" #: ../ui/OidResolver.ui:47 msgctxt "OidResolver|" msgid "Search" msgstr "" #: ../ui/OidResolver.ui:74 msgctxt "OidResolver|" msgid "OID" msgstr "" #: ../ui/OidResolver.ui:119 msgctxt "OidResolver|" msgid "Long name" msgstr "" #: ../ui/OidResolver.ui:145 ../ui/OidResolver.ui:167 msgctxt "OidResolver|" msgid "OpenSSL internal ID" msgstr "" #: ../ui/OidResolver.ui:148 msgctxt "OidResolver|" msgid "Nid" msgstr "" #: ../ui/OidResolver.ui:177 msgctxt "OidResolver|" msgid "Short name" msgstr "" #: ../ui/OpenDb.ui:36 msgctxt "OpenDb|" msgid "Open remote database" msgstr "" #: ../ui/OpenDb.ui:98 msgctxt "OpenDb|" msgid "Database type" msgstr "" #: ../ui/OpenDb.ui:108 msgctxt "OpenDb|" msgid "Hostname" msgstr "" #: ../ui/OpenDb.ui:118 msgctxt "OpenDb|" msgid "Username" msgstr "" #: ../ui/OpenDb.ui:128 msgctxt "OpenDb|" msgid "Password" msgstr "" #: ../widgets/OpenDb.cpp:57 ../ui/OpenDb.ui:142 msgctxt "OpenDb|" msgid "Database name" msgstr "" #: ../ui/OpenDb.ui:152 msgctxt "OpenDb|" msgid "Table prefix" msgstr "" #: ../widgets/OpenDb.cpp:128 msgctxt "OpenDb|" msgid "" "No SqLite3 driver available. Please install the qt-sqlite package of your " "distribution" msgstr "" #: ../ui/Options.ui:28 msgctxt "Options|" msgid "XCA Options" msgstr "" #: ../ui/Options.ui:42 msgctxt "Options|" msgid "Settings" msgstr "" #: ../ui/Options.ui:50 msgctxt "Options|" msgid "Default hash algorithm" msgstr "" #: ../ui/Options.ui:78 msgctxt "Options|" msgid "String types" msgstr "" #: ../ui/Options.ui:90 msgctxt "Options|" msgid "Suppress success messages" msgstr "" #: ../ui/Options.ui:123 msgctxt "Options|" msgid "Don't colorize expired certificates" msgstr "" #: ../ui/Options.ui:104 #, qt-format msgctxt "Options|" msgid "Translate established x509 terms (%1 -> %2)" msgstr "" #: ../ui/Options.ui:111 msgctxt "Options|" msgid "" "The hashing functionality of the token is not used by XCA.\n" "It may however honor a restricted hash-set propagated by the token.\n" "Especially EC and DSA are only defined with SHA1 in the PKCS#11 " "specification." msgstr "" #: ../ui/Options.ui:116 msgctxt "Options|" msgid "Only use hashes supported by the token when signing with a token key" msgstr "" #: ../ui/Options.ui:97 msgctxt "Options|" msgid "Disable legacy Netscape extensions" msgstr "" #: ../ui/Options.ui:64 msgctxt "Options|" msgid "PKCS12 encryption algorithm" msgstr "" #: ../ui/Options.ui:141 msgctxt "Options|" msgid "Certificate expiry warning threshold" msgstr "" #: ../ui/Options.ui:160 msgctxt "Options|" msgid "Send vCalendar expiry reminder" msgstr "" #: ../ui/Options.ui:171 msgctxt "Options|" msgid "Serial number length" msgstr "" #: ../ui/Options.ui:178 msgctxt "Options|" msgid " bit" msgstr "" #: ../ui/Options.ui:213 msgctxt "Options|" msgid "Distinguished name" msgstr "" #: ../ui/Options.ui:219 msgctxt "Options|" msgid "Mandatory subject entries" msgstr "" #: ../ui/Options.ui:237 ../ui/Options.ui:298 ../ui/Options.ui:380 msgctxt "Options|" msgid "Add" msgstr "" #: ../ui/Options.ui:244 ../ui/Options.ui:305 msgctxt "Options|" msgid "Delete" msgstr "" #: ../ui/Options.ui:269 msgctxt "Options|" msgid "Explicit subject entries" msgstr "" #: ../ui/Options.ui:287 msgctxt "Options|" msgid "Dynamically arrange explicit subject entries" msgstr "" #: ../ui/Options.ui:312 msgctxt "Options|" msgid "Default" msgstr "" #: ../ui/Options.ui:338 msgctxt "Options|" msgid "PKCS#11 provider" msgstr "" #: ../ui/Options.ui:393 msgctxt "Options|" msgid "Remove" msgstr "" #: ../ui/Options.ui:400 msgctxt "Options|" msgid "Search" msgstr "" #: ../widgets/Options.cpp:36 msgctxt "Options|" msgid "Printable string or UTF8 (default)" msgstr "" #: ../widgets/Options.cpp:37 msgctxt "Options|" msgid "PKIX recommendation in RFC2459" msgstr "" #: ../widgets/Options.cpp:38 msgctxt "Options|" msgid "No BMP strings, only printable and T61" msgstr "" #: ../widgets/Options.cpp:39 msgctxt "Options|" msgid "UTF8 strings only (RFC2459)" msgstr "" #: ../widgets/Options.cpp:40 msgctxt "Options|" msgid "All strings" msgstr "" #: ../widgets/Options.cpp:62 msgctxt "Options|" msgid "Days" msgstr "" #: ../widgets/Options.cpp:62 msgctxt "Options|" msgid "Weeks" msgstr "" #: ../ui/PwDialog.ui:118 msgctxt "PwDialog|" msgid "" "The password is parsed as 2-digit hex code. It must have an even number of " "digits (0-9 and a-f)" msgstr "" #: ../ui/PwDialog.ui:121 msgctxt "PwDialog|" msgid "Take as HEX string" msgstr "" #: ../widgets/PwDialog.cpp:72 #, qt-format msgctxt "PwDialog|" msgid "Repeat %1" msgstr "" #: ../widgets/PwDialog.cpp:85 #, qt-format msgctxt "PwDialog|" msgid "%1 mismatch" msgstr "" #: ../widgets/PwDialog.cpp:92 msgctxt "PwDialog|" msgid "" "Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it " "must consist of an even number of characters" msgstr "" #: ../widgets/PwDialog.cpp:121 msgctxt "PwDialog|" msgid "Exit" msgstr "" #: ../lib/asn1time.cpp:142 msgctxt "QObject|" msgid "Undefined" msgstr "" #: ../lib/asn1time.cpp:144 msgctxt "QObject|" msgid "Broken / Invalid" msgstr "" #: ../lib/asn1time.cpp:190 #, qt-format msgctxt "QObject|" msgid "in %1 seconds" msgstr "" #: ../lib/asn1time.cpp:191 #, qt-format msgctxt "QObject|" msgid "%1 seconds ago" msgstr "" #: ../lib/asn1time.cpp:194 #, qt-format msgctxt "QObject|" msgid "in %1 minutes" msgstr "" #: ../lib/asn1time.cpp:195 #, qt-format msgctxt "QObject|" msgid "%1 minutes ago" msgstr "" #: ../lib/asn1time.cpp:197 msgctxt "QObject|" msgid "Yesterday" msgstr "" #: ../lib/asn1time.cpp:199 msgctxt "QObject|" msgid "Tomorrow" msgstr "" #: ../lib/asn1time.cpp:202 #, qt-format msgctxt "QObject|" msgid "in %1 hours" msgstr "" #: ../lib/asn1time.cpp:203 #, qt-format msgctxt "QObject|" msgid "%1 hours ago" msgstr "" #: ../lib/pki_temp.cpp:31 ../lib/pki_temp.cpp:41 msgctxt "QObject|" msgid "Out of data" msgstr "" #: ../lib/pki_temp.cpp:52 msgctxt "QObject|" msgid "Error finding endmarker of string" msgstr "" #: ../lib/load_obj.cpp:20 msgctxt "QObject|" msgid "All files ( * )" msgstr "" #: ../lib/load_obj.cpp:56 msgctxt "QObject|" msgid "" "PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK " "Keys ( *.pvk );; SSH Public Keys ( *.pub );;" msgstr "" #: ../lib/load_obj.cpp:60 msgctxt "QObject|" msgid "Import RSA key" msgstr "" #: ../lib/load_obj.cpp:72 msgctxt "QObject|" msgid "PKCS#10 CSR ( *.pem *.der *.csr );; " msgstr "" #: ../lib/load_obj.cpp:73 msgctxt "QObject|" msgid "Import Request" msgstr "" #: ../lib/load_obj.cpp:85 msgctxt "QObject|" msgid "Certificates ( *.pem *.der *.crt *.cer );;" msgstr "" #: ../lib/load_obj.cpp:86 msgctxt "QObject|" msgid "Import X.509 Certificate" msgstr "" #: ../lib/load_obj.cpp:98 msgctxt "QObject|" msgid "PKCS#7 data ( *.p7s *.p7m *.p7b );;" msgstr "" #: ../lib/load_obj.cpp:99 msgctxt "QObject|" msgid "Import PKCS#7 Certificates" msgstr "" #: ../lib/load_obj.cpp:111 msgctxt "QObject|" msgid "PKCS#12 Certificates ( *.p12 *.pfx );;" msgstr "" #: ../lib/load_obj.cpp:112 msgctxt "QObject|" msgid "Import PKCS#12 Private Certificate" msgstr "" #: ../lib/load_obj.cpp:125 msgctxt "QObject|" msgid "XCA templates ( *.xca );;" msgstr "" #: ../lib/load_obj.cpp:126 msgctxt "QObject|" msgid "Import XCA Templates" msgstr "" #: ../lib/load_obj.cpp:138 msgctxt "QObject|" msgid "Revocation lists ( *.pem *.der *.crl );;" msgstr "" #: ../lib/load_obj.cpp:139 msgctxt "QObject|" msgid "Import Certificate Revocation List" msgstr "" #: ../lib/load_obj.cpp:151 msgctxt "QObject|" msgid "XCA Databases ( *.xdb );;" msgstr "" #: ../lib/load_obj.cpp:152 msgctxt "QObject|" msgid "Open XCA Database" msgstr "" #: ../lib/load_obj.cpp:159 msgctxt "QObject|" msgid "OpenVPN tls-auth key ( *.key );;" msgstr "" #: ../lib/load_obj.cpp:160 msgctxt "QObject|" msgid "Import OpenVPN tls-auth key" msgstr "" #: ../lib/load_obj.cpp:168 msgctxt "QObject|" msgid "PKCS#11 library ( *.dll );;" msgstr "" #: ../lib/load_obj.cpp:170 msgctxt "QObject|" msgid "PKCS#11 library ( *.dylib *.so );;" msgstr "" #: ../lib/load_obj.cpp:172 msgctxt "QObject|" msgid "PKCS#11 library ( *.so );;" msgstr "" #: ../lib/load_obj.cpp:174 msgctxt "QObject|" msgid "Open PKCS#11 shared library" msgstr "" #: ../lib/load_obj.cpp:181 msgctxt "QObject|" msgid "PEM files ( *.pem );;" msgstr "" #: ../lib/load_obj.cpp:182 msgctxt "QObject|" msgid "Load PEM encoded file" msgstr "" #: ../lib/pkcs11.cpp:219 msgctxt "QObject|" msgid "Please enter the PIN on the PinPad" msgstr "" #: ../lib/pkcs11.cpp:236 #, qt-format msgctxt "QObject|" msgid "Please enter the SO PIN (PUK) of the token %1" msgstr "" #: ../lib/pkcs11.cpp:237 #, qt-format msgctxt "QObject|" msgid "Please enter the PIN of the token %1" msgstr "" #: ../lib/pkcs11.cpp:291 msgctxt "QObject|" msgid "No Security token found" msgstr "" #: ../lib/pkcs11.cpp:302 msgctxt "QObject|" msgid "Select" msgstr "" #: ../lib/pkcs11.cpp:325 #, qt-format msgctxt "QObject|" msgid "Please enter the new SO PIN (PUK) for the token: '%1'" msgstr "" #: ../lib/pkcs11.cpp:327 #, qt-format msgctxt "QObject|" msgid "Please enter the new PIN for the token: '%1'" msgstr "" #: ../lib/pkcs11.h:96 #, qt-format msgctxt "QObject|" msgid "Required PIN size: %1 - %2" msgstr "" #: ../lib/pkcs11_lib.cpp:119 msgctxt "QObject|" msgid "Disabled" msgstr "" #: ../lib/pkcs11_lib.cpp:123 msgctxt "QObject|" msgid "Library loading failed" msgstr "" #: ../lib/pkcs11_lib.cpp:484 #, qt-format msgctxt "QObject|" msgid "PKCS#11 function '%1' failed: %2" msgstr "" #: ../lib/pkcs11_lib.cpp:492 #, qt-format msgctxt "QObject|" msgid "" "PKCS#11 function '%1' failed: %2\n" "In library %3\n" "%4" msgstr "" #: ../lib/x509name.cpp:104 msgctxt "QObject|" msgid "Invalid" msgstr "" #: ../lib/x509name.cpp:220 #, qt-format msgctxt "QObject|" msgid "%1 is shorter than %2 bytes: '%3'" msgstr "" #: ../lib/x509name.cpp:225 #, qt-format msgctxt "QObject|" msgid "%1 is longer than %2 bytes: '%3'" msgstr "" #: ../lib/x509v3ext.cpp:112 #, qt-format msgctxt "QObject|" msgid "String '%1' for '%2' contains invalid characters" msgstr "" #: ../lib/oid.cpp:58 #, qt-format msgctxt "QObject|" msgid "Error reading config file %1 at line %2" msgstr "" #: ../lib/oid.cpp:96 #, qt-format msgctxt "QObject|" msgid "" "The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and " "should be removed." msgstr "" #: ../lib/oid.cpp:105 #, qt-format msgctxt "QObject|" msgid "" "The identifier '%1' for OID %2 from file %3 line %4 is already used for a " "different OID as '%5:%6:%7' and should be changed to avoid conflicts." msgstr "" #: ../lib/oid.cpp:170 #, qt-format msgctxt "QObject|" msgid "Unknown object '%1' in file %2 line %3" msgstr "" #: ../lib/sql.h:55 msgctxt "QObject|" msgid "Failed to start a database transaction" msgstr "" #: ../lib/func_base.cpp:244 msgctxt "QObject|" msgid "Country code" msgstr "" #: ../lib/func_base.cpp:245 msgctxt "QObject|" msgid "State or Province" msgstr "" #: ../lib/func_base.cpp:246 msgctxt "QObject|" msgid "Locality" msgstr "" #: ../lib/func_base.cpp:247 msgctxt "QObject|" msgid "Organisation" msgstr "" #: ../lib/func_base.cpp:248 msgctxt "QObject|" msgid "Organisational unit" msgstr "" #: ../lib/func_base.cpp:249 msgctxt "QObject|" msgid "Common name" msgstr "" #: ../lib/func_base.cpp:250 msgctxt "QObject|" msgid "E-Mail address" msgstr "" #: ../lib/func_base.cpp:251 msgctxt "QObject|" msgid "Serial number" msgstr "" #: ../lib/func_base.cpp:252 msgctxt "QObject|" msgid "Given name" msgstr "" #: ../lib/func_base.cpp:253 msgctxt "QObject|" msgid "Surname" msgstr "" #: ../lib/func_base.cpp:254 msgctxt "QObject|" msgid "Title" msgstr "" #: ../lib/func_base.cpp:255 msgctxt "QObject|" msgid "Initials" msgstr "" #: ../lib/func_base.cpp:256 msgctxt "QObject|" msgid "Description" msgstr "" #: ../lib/func_base.cpp:257 msgctxt "QObject|" msgid "Role" msgstr "" #: ../lib/func_base.cpp:258 msgctxt "QObject|" msgid "Pseudonym" msgstr "" #: ../lib/func_base.cpp:259 msgctxt "QObject|" msgid "Generation Qualifier" msgstr "" #: ../lib/func_base.cpp:260 msgctxt "QObject|" msgid "x500 Unique Identifier" msgstr "" #: ../lib/func_base.cpp:261 msgctxt "QObject|" msgid "Name" msgstr "" #: ../lib/func_base.cpp:262 msgctxt "QObject|" msgid "DN Qualifier" msgstr "" #: ../lib/func_base.cpp:263 msgctxt "QObject|" msgid "Unstructured name" msgstr "" #: ../lib/func_base.cpp:264 msgctxt "QObject|" msgid "Challenge password" msgstr "" #: ../lib/func_base.cpp:266 msgctxt "QObject|" msgid "Basic Constraints" msgstr "" #: ../lib/func_base.cpp:267 msgctxt "QObject|" msgid "Name Constraints" msgstr "" #: ../lib/func_base.cpp:268 msgctxt "QObject|" msgid "Subject alternative name" msgstr "" #: ../lib/func_base.cpp:269 msgctxt "QObject|" msgid "issuer alternative name" msgstr "" #: ../lib/func_base.cpp:270 msgctxt "QObject|" msgid "Subject key identifier" msgstr "" #: ../lib/func_base.cpp:271 msgctxt "QObject|" msgid "Authority key identifier" msgstr "" #: ../lib/func_base.cpp:272 msgctxt "QObject|" msgid "Key usage" msgstr "" #: ../lib/func_base.cpp:273 msgctxt "QObject|" msgid "Extended key usage" msgstr "" #: ../lib/func_base.cpp:274 msgctxt "QObject|" msgid "CRL distribution points" msgstr "" #: ../lib/func_base.cpp:275 msgctxt "QObject|" msgid "Authority information access" msgstr "" #: ../lib/func_base.cpp:276 msgctxt "QObject|" msgid "Certificate type" msgstr "" #: ../lib/func_base.cpp:277 msgctxt "QObject|" msgid "Base URL" msgstr "" #: ../lib/func_base.cpp:278 msgctxt "QObject|" msgid "Revocation URL" msgstr "" #: ../lib/func_base.cpp:279 msgctxt "QObject|" msgid "CA Revocation URL" msgstr "" #: ../lib/func_base.cpp:280 msgctxt "QObject|" msgid "Certificate renewal URL" msgstr "" #: ../lib/func_base.cpp:281 msgctxt "QObject|" msgid "CA policy URL" msgstr "" #: ../lib/func_base.cpp:282 msgctxt "QObject|" msgid "SSL server name" msgstr "" #: ../lib/func_base.cpp:283 msgctxt "QObject|" msgid "Comment" msgstr "" #: ../lib/cmdline.cpp:166 #, qt-format msgctxt "QObject|" msgid "Index file written to '%1'" msgstr "" #: ../lib/cmdline.cpp:173 #, qt-format msgctxt "QObject|" msgid "Index hierarchy written to '%1'" msgstr "" #: ../lib/cmdline.cpp:186 #, qt-format msgctxt "QObject|" msgid "Unknown key type %1" msgstr "" #: ../lib/cmdline.cpp:273 #, qt-format msgctxt "QObject|" msgid "Failed to write PEM data to '%1'" msgstr "" #: ../lib/XcaWarningCore.h:23 msgctxt "QObject|" msgid "Password verify error, please try again" msgstr "" #: ../lib/XcaWarningCore.h:95 msgctxt "QObject|" msgid "The following error occurred:" msgstr "" #: ../lib/database_model.cpp:117 msgctxt "QObject|" msgid "Failed to update the database schema to the current version" msgstr "" #: ../lib/PwDialogCore.cpp:33 msgctxt "QObject|" msgid "Password" msgstr "" #: ../lib/pki_pkcs12.cpp:217 msgctxt "QObject|" msgid "insecure" msgstr "" #: ../widgets/ReqTreeView.cpp:27 msgctxt "ReqTreeView|" msgid "Sign" msgstr "" #: ../widgets/ReqTreeView.cpp:29 msgctxt "ReqTreeView|" msgid "Unmark signed" msgstr "" #: ../widgets/ReqTreeView.cpp:32 msgctxt "ReqTreeView|" msgid "Mark signed" msgstr "" #: ../widgets/ReqTreeView.cpp:35 msgctxt "ReqTreeView|" msgid "Similar Request" msgstr "" #: ../widgets/ReqTreeView.cpp:75 msgctxt "ReqTreeView|" msgid "Certificate request export" msgstr "" #: ../widgets/ReqTreeView.cpp:76 msgctxt "ReqTreeView|" msgid "Certificate request ( *.pem *.der *.csr )" msgstr "" #: ../ui/RevocationList.ui:30 msgctxt "RevocationList|" msgid "Manage revocations" msgstr "" #: ../ui/RevocationList.ui:96 msgctxt "RevocationList|" msgid "Add" msgstr "" #: ../ui/RevocationList.ui:103 msgctxt "RevocationList|" msgid "Delete" msgstr "" #: ../ui/RevocationList.ui:110 msgctxt "RevocationList|" msgid "Edit" msgstr "" #: ../widgets/RevocationList.cpp:77 msgctxt "RevocationList|" msgid "No." msgstr "" #: ../widgets/RevocationList.cpp:77 msgctxt "RevocationList|" msgid "Serial" msgstr "" #: ../widgets/RevocationList.cpp:77 msgctxt "RevocationList|" msgid "Revocation" msgstr "" #: ../widgets/RevocationList.cpp:77 msgctxt "RevocationList|" msgid "Reason" msgstr "" #: ../widgets/RevocationList.cpp:78 msgctxt "RevocationList|" msgid "Invalidation" msgstr "" #: ../widgets/RevocationList.cpp:107 msgctxt "RevocationList|" msgid "Generate CRL" msgstr "" #: ../ui/Revoke.ui:30 msgctxt "Revoke|" msgid "Certificate revocation" msgstr "" #: ../ui/Revoke.ui:87 msgctxt "Revoke|" msgid "Revocation details" msgstr "" #: ../ui/Revoke.ui:96 msgctxt "Revoke|" msgid "Revocation reason" msgstr "" #: ../ui/Revoke.ui:110 msgctxt "Revoke|" msgid "Local time" msgstr "" #: ../ui/Revoke.ui:117 msgctxt "Revoke|" msgid "Invalid since" msgstr "" #: ../ui/Revoke.ui:124 msgctxt "Revoke|" msgid "Serial" msgstr "" #: ../ui/SearchPkcs11.ui:41 msgctxt "SearchPkcs11|" msgid "Directory" msgstr "" #: ../ui/SearchPkcs11.ui:57 msgctxt "SearchPkcs11|" msgid "..." msgstr "" #: ../ui/SearchPkcs11.ui:64 msgctxt "SearchPkcs11|" msgid "Include subdirectories" msgstr "" #: ../ui/SearchPkcs11.ui:71 msgctxt "SearchPkcs11|" msgid "Search" msgstr "" #: ../widgets/SearchPkcs11.cpp:76 msgctxt "SearchPkcs11|" msgid "The following files are possible PKCS#11 libraries" msgstr "" #: ../ui/SelectToken.ui:39 msgctxt "SelectToken|" msgid "Security token" msgstr "" #: ../ui/SelectToken.ui:86 msgctxt "SelectToken|" msgid "Please select the security token" msgstr "" #: ../widgets/TempTreeView.cpp:25 msgctxt "TempTreeView|" msgid "Duplicate" msgstr "" #: ../widgets/TempTreeView.cpp:26 msgctxt "TempTreeView|" msgid "Create certificate" msgstr "" #: ../widgets/TempTreeView.cpp:27 msgctxt "TempTreeView|" msgid "Create request" msgstr "" #: ../widgets/TempTreeView.cpp:38 msgctxt "TempTreeView|" msgid "copy" msgstr "" #: ../widgets/TempTreeView.cpp:86 msgctxt "TempTreeView|" msgid "Preset Template values" msgstr "" #: ../widgets/TempTreeView.cpp:124 msgctxt "TempTreeView|" msgid "Template export" msgstr "" #: ../widgets/TempTreeView.cpp:125 msgctxt "TempTreeView|" msgid "XCA Templates ( *.xca )" msgstr "" #: ../widgets/validity.cpp:91 msgctxt "Validity|" msgid "yyyy-MM-dd hh:mm" msgstr "" #: ../widgets/X509SuperTreeView.cpp:28 msgctxt "X509SuperTreeView|" msgid "Transform" msgstr "" #: ../widgets/X509SuperTreeView.cpp:29 msgctxt "X509SuperTreeView|" msgid "Template" msgstr "" #: ../widgets/X509SuperTreeView.cpp:30 msgctxt "X509SuperTreeView|" msgid "Public key" msgstr "" #: ../lib/xfile.h:28 #, qt-format msgctxt "XFile|" msgid "Error opening file: '%1': %2" msgstr "" #: ../lib/xfile.h:41 #, qt-format msgctxt "XFile|" msgid "Error rewinding file: '%1': %2" msgstr "" #: ../widgets/XcaDetail.cpp:47 msgctxt "XcaDetail|" msgid "Import" msgstr "" #: ../widgets/XcaTreeView.cpp:332 msgctxt "XcaTreeView|" msgid "Item properties" msgstr "" #: ../widgets/XcaTreeView.cpp:402 msgctxt "XcaTreeView|" msgid "Subject entries" msgstr "" #: ../widgets/XcaTreeView.cpp:403 msgctxt "XcaTreeView|" msgid "X509v3 Extensions" msgstr "" #: ../widgets/XcaTreeView.cpp:404 msgctxt "XcaTreeView|" msgid "Netscape extensions" msgstr "" #: ../widgets/XcaTreeView.cpp:405 msgctxt "XcaTreeView|" msgid "Key properties" msgstr "" #: ../widgets/XcaTreeView.cpp:406 msgctxt "XcaTreeView|" msgid "Reset" msgstr "" #: ../widgets/XcaTreeView.cpp:409 msgctxt "XcaTreeView|" msgid "Hide Column" msgstr "" #: ../widgets/XcaTreeView.cpp:411 msgctxt "XcaTreeView|" msgid "Details" msgstr "" #: ../widgets/XcaTreeView.cpp:452 msgctxt "XcaTreeView|" msgid "Columns" msgstr "" #: ../widgets/XcaTreeView.cpp:509 msgctxt "XcaTreeView|" msgid "Export Password" msgstr "" #: ../widgets/XcaTreeView.cpp:510 #, qt-format msgctxt "" "XcaTreeView|Singular form for 0 or 1 item can be ignored. Will always be " "called with n >= 2" msgid "" "Please enter the password to encrypt all %n exported private key(s) in:\n" "%1" msgid_plural "" "Please enter the password to encrypt all %n exported private key(s) in:\n" "%1" msgstr[0] "" msgstr[1] "" #: ../widgets/XcaTreeView.cpp:553 msgctxt "XcaTreeView|" msgid "New" msgstr "" #: ../widgets/XcaTreeView.cpp:554 msgctxt "XcaTreeView|" msgid "Import" msgstr "" #: ../widgets/XcaTreeView.cpp:555 msgctxt "XcaTreeView|" msgid "Paste PEM data" msgstr "" #: ../widgets/XcaTreeView.cpp:559 msgctxt "XcaTreeView|" msgid "Rename" msgstr "" #: ../widgets/XcaTreeView.cpp:560 msgctxt "XcaTreeView|" msgid "Properties" msgstr "" #: ../widgets/XcaTreeView.cpp:563 msgctxt "XcaTreeView|" msgid "Delete" msgstr "" #: ../widgets/XcaTreeView.cpp:565 msgctxt "XcaTreeView|" msgid "Export" msgstr "" #: ../widgets/XcaTreeView.cpp:567 msgctxt "XcaTreeView|" msgid "Clipboard" msgstr "" #: ../widgets/XcaTreeView.cpp:573 msgctxt "XcaTreeView|" msgid "File" msgstr "" #: ../widgets/XcaTreeView.cpp:635 msgctxt "XcaTreeView|" msgid "Clipboard format" msgstr "" #: ../lib/database_model.cpp:168 #, qt-format msgctxt "database_model|" msgid "" "Please enter the password to access the database server %2 as user '%1'." msgstr "" #: ../lib/database_model.cpp:286 #, qt-format msgctxt "database_model|" msgid "Unable to create '%1': %2" msgstr "" #: ../lib/database_model.cpp:449 #, qt-format msgctxt "database_model|" msgid "The file '%1' is not an XCA database" msgstr "" #: ../lib/database_model.cpp:476 msgctxt "database_model|" msgid "" "No SqLite3 driver available. Please install the qt-sqlite package of your " "distribution" msgstr "" #: ../lib/database_model.cpp:517 msgctxt "database_model|" msgid "New Password" msgstr "" #: ../lib/database_model.cpp:517 #, qt-format msgctxt "database_model|" msgid "" "Please enter a password, that will be used to encrypt your private keys in " "the database:\n" "%1" msgstr "" #: ../lib/database_model.cpp:537 msgctxt "database_model|" msgid "Password" msgstr "" #: ../lib/database_model.cpp:538 #, qt-format msgctxt "database_model|" msgid "" "Please enter the password for unlocking the database:\n" "%1" msgstr "" #: ../lib/db_base.cpp:160 msgctxt "db_base|" msgid "Internal name" msgstr "" #: ../lib/db_base.cpp:161 msgctxt "db_base|" msgid "No." msgstr "" #: ../lib/db_base.cpp:162 msgctxt "db_base|" msgid "Primary key" msgstr "" #: ../lib/db_base.cpp:163 msgctxt "db_base|" msgid "Database unique number" msgstr "" #: ../lib/db_base.cpp:164 msgctxt "db_base|" msgid "Date" msgstr "" #: ../lib/db_base.cpp:165 msgctxt "db_base|" msgid "Date of creation or insertion" msgstr "" #: ../lib/db_base.cpp:166 msgctxt "db_base|" msgid "Source" msgstr "" #: ../lib/db_base.cpp:167 msgctxt "db_base|" msgid "Generated, Imported, Transformed" msgstr "" #: ../lib/db_base.cpp:168 msgctxt "db_base|" msgid "Comment" msgstr "" #: ../lib/db_base.cpp:169 msgctxt "db_base|" msgid "First line of the comment field" msgstr "" #: ../lib/db_base.cpp:231 #, qt-format msgctxt "db_base|" msgid "Import from: %1" msgstr "" #: ../lib/db_base.cpp:374 #, qt-format msgctxt "db_base|" msgid "Could not create directory %1" msgstr "" #: ../lib/db_crl.cpp:26 msgctxt "db_crl|" msgid "Signer" msgstr "" #: ../lib/db_crl.cpp:27 msgctxt "db_crl|" msgid "Internal name of the signer" msgstr "" #: ../lib/db_crl.cpp:28 msgctxt "db_crl|" msgid "No. revoked" msgstr "" #: ../lib/db_crl.cpp:29 msgctxt "db_crl|" msgid "Number of revoked certificates" msgstr "" #: ../lib/db_crl.cpp:30 msgctxt "db_crl|" msgid "Last update" msgstr "" #: ../lib/db_crl.cpp:31 msgctxt "db_crl|" msgid "Next update" msgstr "" #: ../lib/db_crl.cpp:32 msgctxt "db_crl|" msgid "CRL number" msgstr "" #: ../lib/db_crl.cpp:95 #, qt-format msgctxt "db_crl|" msgid "" "The revocation list already exists in the database as:\n" "'%1'\n" "and so it was not imported" msgstr "" #: ../lib/db_crl.cpp:169 msgctxt "db_crl|" msgid "Failed to initiate DB transaction" msgstr "" #: ../lib/db_crl.cpp:179 ../lib/db_crl.cpp:187 ../lib/db_crl.cpp:191 #, qt-format msgctxt "db_crl|" msgid "Database error: %1" msgstr "" #: ../lib/db_key.cpp:53 msgctxt "db_key|" msgid "Type" msgstr "" #: ../lib/db_key.cpp:54 msgctxt "db_key|" msgid "Size" msgstr "" #: ../lib/db_key.cpp:56 msgctxt "db_key|" msgid "EC Group" msgstr "" #: ../lib/db_key.cpp:58 msgctxt "db_key|" msgid "Use" msgstr "" #: ../lib/db_key.cpp:59 msgctxt "db_key|" msgid "Password" msgstr "" #: ../lib/db_key.cpp:133 #, qt-format msgctxt "db_key|" msgid "" "The key is already in the database as:\n" "'%1'\n" "and is not going to be imported" msgstr "" #: ../lib/db_key.cpp:138 #, qt-format msgctxt "db_key|" msgid "" "The database already contains the public part of the imported key as\n" "'%1\n" "and will be completed by the new, private part of the key" msgstr "" #: ../lib/db_key.cpp:140 #, qt-format msgctxt "db_key|" msgid "Extending public key from %1 by imported key '%2'" msgstr "" #: ../lib/db_key.cpp:156 msgctxt "db_key|" msgid "Key size too small !" msgstr "" #: ../lib/db_key.cpp:160 #, qt-format msgctxt "db_key|" msgid "You are sure to create a key of the size: %1 ?" msgstr "" #: ../lib/db_key.cpp:284 #, qt-format msgctxt "db_key|" msgid "" "Internal key update: The keys: %1 must be updated once by resetting and " "setting its private password" msgstr "" #: ../lib/db_key.cpp:298 msgctxt "db_key|" msgid "Tried to change password of a token" msgstr "" #: ../lib/db_temp.cpp:59 #, qt-format msgctxt "db_temp|" msgid "Bad template: %1" msgstr "" #: ../lib/db_temp.cpp:32 msgctxt "db_temp|" msgid "Empty template" msgstr "" #: ../lib/db_x509.cpp:77 msgctxt "db_x509|" msgid "CA" msgstr "" #: ../lib/db_x509.cpp:78 msgctxt "db_x509|" msgid "reflects the basic Constraints extension" msgstr "" #: ../lib/db_x509.cpp:79 msgctxt "db_x509|" msgid "Serial" msgstr "" #: ../lib/db_x509.cpp:83 msgctxt "db_x509|" msgid "Start date" msgstr "" #: ../lib/db_x509.cpp:85 msgctxt "db_x509|" msgid "Expiry date" msgstr "" #: ../lib/db_x509.cpp:80 msgctxt "db_x509|" msgid "MD5 fingerprint" msgstr "" #: ../lib/db_x509.cpp:81 msgctxt "db_x509|" msgid "SHA1 fingerprint" msgstr "" #: ../lib/db_x509.cpp:82 msgctxt "db_x509|" msgid "SHA256 fingerprint" msgstr "" #: ../lib/db_x509.cpp:84 msgctxt "db_x509|" msgid "Not before" msgstr "" #: ../lib/db_x509.cpp:86 msgctxt "db_x509|" msgid "Not after" msgstr "" #: ../lib/db_x509.cpp:87 msgctxt "db_x509|" msgid "Revocation" msgstr "" #: ../lib/db_x509.cpp:88 msgctxt "db_x509|" msgid "CRL Expiration" msgstr "" #: ../lib/db_x509.cpp:314 msgctxt "db_x509|" msgid "Failed to retrieve unique random serial" msgstr "" #: ../lib/db_x509.cpp:337 #, qt-format msgctxt "db_x509|" msgid "" "The certificate already exists in the database as:\n" "'%1'\n" "and so it was not imported" msgstr "" #: ../lib/db_x509.cpp:363 #, qt-format msgctxt "db_x509|" msgid "Signed on %1 by '%2'" msgstr "" #: ../lib/db_x509.cpp:364 msgctxt "db_x509|" msgid "Unknown" msgstr "" #: ../lib/db_x509.cpp:454 msgctxt "db_x509|" msgid "Invalid public key" msgstr "" #: ../lib/db_x509.cpp:480 msgctxt "db_x509|" msgid "The key you selected for signing is not a private one." msgstr "" #: ../lib/db_x509.cpp:266 #, qt-format msgctxt "db_x509|" msgid "Failed to create directory '%1'" msgstr "" #: ../lib/db_x509.cpp:521 #, qt-format msgctxt "db_x509|" msgid "Store the certificate to the key on the token '%1 (#%2)' ?" msgstr "" #: ../lib/db_x509.cpp:617 ../lib/db_x509.cpp:703 #, qt-format msgctxt "db_x509|" msgid "There was no key found for the Certificate: '%1'" msgstr "" #: ../lib/db_x509.cpp:620 #, qt-format msgctxt "db_x509|" msgid "Not possible for a token key: '%1'" msgstr "" #: ../lib/db_x509.cpp:707 #, qt-format msgctxt "db_x509|" msgid "Not possible for the token-key Certificate '%1'" msgstr "" #: ../lib/db_x509super.cpp:27 msgctxt "db_x509name|" msgid "Subject" msgstr "" #: ../lib/db_x509super.cpp:28 msgctxt "db_x509name|" msgid "Complete distinguished name" msgstr "" #: ../lib/db_x509super.cpp:29 msgctxt "db_x509name|" msgid "Subject hash" msgstr "" #: ../lib/db_x509super.cpp:30 msgctxt "db_x509name|" msgid "Hash to lookup certs in directories" msgstr "" #: ../lib/db_x509req.cpp:29 msgctxt "db_x509req|" msgid "Signed" msgstr "" #: ../lib/db_x509req.cpp:30 msgctxt "db_x509req|" msgid "whether the request is already signed or not" msgstr "" #: ../lib/db_x509req.cpp:31 msgctxt "db_x509req|" msgid "Unstructured name" msgstr "" #: ../lib/db_x509req.cpp:33 msgctxt "db_x509req|" msgid "Challenge password" msgstr "" #: ../lib/db_x509req.cpp:35 msgctxt "db_x509req|" msgid "Certificate count" msgstr "" #: ../lib/db_x509req.cpp:36 msgctxt "db_x509req|" msgid "Number of certificates in the database with the same public key" msgstr "" #: ../lib/db_x509req.cpp:53 #, qt-format msgctxt "db_x509req|" msgid "" "The certificate signing request already exists in the database as\n" "'%1'\n" "and thus was not stored" msgstr "" #: ../lib/db_x509super.cpp:77 msgctxt "db_x509super|" msgid "Key name" msgstr "" #: ../lib/db_x509super.cpp:78 msgctxt "db_x509super|" msgid "Internal name of the key" msgstr "" #: ../lib/db_x509super.cpp:80 msgctxt "db_x509super|" msgid "Signature algorithm" msgstr "" #: ../lib/db_x509super.cpp:81 msgctxt "db_x509super|" msgid "Key type" msgstr "" #: ../lib/db_x509super.cpp:82 msgctxt "db_x509super|" msgid "Key size" msgstr "" #: ../lib/db_x509super.cpp:84 msgctxt "db_x509super|" msgid "EC Group" msgstr "" #: ../lib/db_x509super.cpp:138 #, qt-format msgctxt "db_x509super|" msgid "Extracted from %1 '%2'" msgstr "" #: ../lib/db_x509super.cpp:140 ../lib/db_x509super.cpp:168 msgctxt "db_x509super|" msgid "Certificate" msgstr "" #: ../lib/db_x509super.cpp:140 ../lib/db_x509super.cpp:168 msgctxt "db_x509super|" msgid "Certificate request" msgstr "" #: ../lib/db_x509super.cpp:163 msgctxt "db_x509super|" msgid "The following extensions were not ported into the template" msgstr "" #: ../lib/db_x509super.cpp:166 #, qt-format msgctxt "db_x509super|" msgid "Transformed from %1 '%2'" msgstr "" #: ../widgets/kvView.cpp:164 msgctxt "kvView|" msgid "Type" msgstr "" #: ../widgets/kvView.cpp:164 msgctxt "kvView|" msgid "Content" msgstr "" #: ../lib/pass_info.cpp:12 msgctxt "pass_info|" msgid "Password" msgstr "" #: ../lib/pass_info.cpp:18 msgctxt "pass_info|" msgid "PIN" msgstr "" #: ../lib/pkcs11_lib.cpp:36 #, qt-format msgctxt "pkcs11_lib|" msgid "Failed to open PKCS11 library: %1: %2" msgstr "" #: ../lib/pkcs11_lib.cpp:42 msgctxt "pkcs11_lib|" msgid "" "This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not " "found." msgstr "" #: ../lib/pki_base.cpp:282 msgctxt "pki_base|" msgid "Unknown" msgstr "" #: ../lib/pki_base.cpp:283 msgctxt "pki_base|" msgid "Imported" msgstr "" #: ../lib/pki_base.cpp:284 msgctxt "pki_base|" msgid "Generated" msgstr "" #: ../lib/pki_base.cpp:285 msgctxt "pki_base|" msgid "Transformed" msgstr "" #: ../lib/pki_base.cpp:286 msgctxt "pki_base|" msgid "Token" msgstr "" #: ../lib/pki_base.cpp:287 msgctxt "pki_base|" msgid "Legacy Database" msgstr "" #: ../lib/pki_base.cpp:288 msgctxt "pki_base|" msgid "Renewed" msgstr "" #: ../lib/pki_base.cpp:433 #, qt-format msgctxt "pki_base|" msgid "Property '%1' not listed in 'pki_base::print'" msgstr "" #: ../lib/pki_base.cpp:113 #, qt-format msgctxt "pki_base|" msgid "Internal error: Unexpected message: %1 %2" msgstr "" #: ../lib/pki_crl.cpp:59 #, qt-format msgctxt "pki_crl|" msgid "Successfully imported the revocation list '%1'" msgstr "" #: ../lib/pki_crl.cpp:61 #, qt-format msgctxt "pki_crl|" msgid "Successfully created the revocation list '%1'" msgstr "" #: ../lib/pki_crl.cpp:60 #, qt-format msgctxt "pki_crl|" msgid "Delete the %n revocation list(s): '%1'?" msgid_plural "Delete the %n revocation list(s): '%1'?" msgstr[0] "" msgstr[1] "" #: ../lib/pki_crl.cpp:145 #, qt-format msgctxt "pki_crl|" msgid "" "Unable to load the revocation list in file %1. Tried PEM and DER formatted " "CRL." msgstr "" #: ../lib/pki_crl.cpp:160 msgctxt "pki_crl|" msgid "No issuer given" msgstr "" #: ../lib/pki_crl.cpp:421 #, qt-format msgctxt "pki_crl|" msgid "CRL Renewal of CA '%1' due" msgstr "" #: ../lib/pki_crl.cpp:422 #, qt-format msgctxt "pki_crl|" msgid "" "The latest CRL issued by the CA '%1' will expire on %2.\n" "It is stored in the XCA database '%3'" msgstr "" #: ../lib/pki_crl.cpp:430 #, qt-format msgctxt "pki_crl|" msgid "Renew CRL: %1" msgstr "" #: ../lib/pki_crl.cpp:431 #, qt-format msgctxt "pki_crl|" msgid "" "The XCA CRL '%1', issued on %3 will expire on %4.\n" "It is stored in the XCA database '%5'" msgstr "" #: ../lib/pki_evp.cpp:240 #, qt-format msgctxt "pki_evp|" msgid "Please enter the password to decrypt the private key %1." msgstr "" #: ../lib/pki_evp.cpp:308 #, qt-format msgctxt "pki_evp|" msgid "The key from file '%1' is incomplete or inconsistent." msgstr "" #: ../lib/pki_evp.cpp:397 #, qt-format msgctxt "pki_evp|" msgid "" "Please enter the password to decrypt the private key from file:\n" "%1" msgstr "" #: ../lib/pki_evp.cpp:464 #, qt-format msgctxt "pki_evp|" msgid "" "Unable to load the private key in file %1. Tried PEM and DER private, " "public, PKCS#8 key types and SSH2 format." msgstr "" #: ../lib/pki_evp.cpp:487 #, qt-format msgctxt "pki_evp|" msgid "Please enter the password to decrypt the private key: '%1'" msgstr "" #: ../lib/pki_evp.cpp:490 ../lib/pki_evp.cpp:501 msgctxt "pki_evp|" msgid "Password input aborted" msgstr "" #: ../lib/pki_evp.cpp:497 #, qt-format msgctxt "pki_evp|" msgid "Please enter the database password for decrypting the key '%1'" msgstr "" #: ../lib/pki_evp.cpp:521 #, qt-format msgctxt "pki_evp|" msgid "Decryption of private key '%1' failed" msgstr "" #: ../lib/pki_evp.cpp:649 #, qt-format msgctxt "pki_evp|" msgid "Please enter the password to protect the private key: '%1'" msgstr "" #: ../lib/pki_evp.cpp:667 msgctxt "pki_evp|" msgid "Please enter the database password for encrypting the key" msgstr "" #: ../lib/pki_evp.cpp:849 #, qt-format msgctxt "pki_evp|" msgid "" "Please enter the password to protect the PKCS#8 key '%1' in file:\n" "%2" msgstr "" #: ../lib/pki_evp.cpp:906 #, qt-format msgctxt "pki_evp|" msgid "" "Please enter the password to protect the private key '%1' in file:\n" "%2" msgstr "" #: ../lib/pki_export.cpp:64 ../lib/pki_export.cpp:99 ../lib/pki_export.cpp:103 msgctxt "pki_export|" msgid "PEM Text format with headers" msgstr "" #: ../lib/pki_export.cpp:65 msgctxt "pki_export|" msgid "PEM selected" msgstr "" #: ../lib/pki_export.cpp:65 msgctxt "pki_export|" msgid "Concatenated list of all selected certificates in one PEM text file" msgstr "" #: ../lib/pki_export.cpp:66 msgctxt "pki_export|" msgid "PEM chain" msgstr "" #: ../lib/pki_export.cpp:66 msgctxt "pki_export|" msgid "" "Concatenated text format of the complete certificate chain in one PEM file" msgstr "" #: ../lib/pki_export.cpp:67 msgctxt "pki_export|" msgid "" "The complete certificate chain and the private key of the selected " "certificate with tags usable in OpenVPN configuration files" msgstr "" #: ../lib/pki_export.cpp:68 msgctxt "pki_export|" msgid "PEM + key" msgstr "" #: ../lib/pki_export.cpp:68 msgctxt "pki_export|" msgid "" "Concatenation of the certificate and the unencrypted private key in one PEM " "file" msgstr "" #: ../lib/pki_export.cpp:69 msgctxt "pki_export|" msgid "" "Concatenation of the certificate and the encrypted private key in PKCS#8 " "format in one file" msgstr "" #: ../lib/pki_export.cpp:70 msgctxt "pki_export|" msgid "All unusable" msgstr "" #: ../lib/pki_export.cpp:70 msgctxt "pki_export|" msgid "Concatenation of all expired or revoked certificates in one PEM file" msgstr "" #: ../lib/pki_export.cpp:71 msgctxt "pki_export|" msgid "PKCS#7 encoded single certificate" msgstr "" #: ../lib/pki_export.cpp:72 msgctxt "pki_export|" msgid "All selected certificates encoded in one PKCS#7 file" msgstr "" #: ../lib/pki_export.cpp:73 msgctxt "pki_export|" msgid "PKCS #7 chain" msgstr "" #: ../lib/pki_export.cpp:73 msgctxt "pki_export|" msgid "PKCS#7 encoded complete certificate chain" msgstr "" #: ../lib/pki_export.cpp:74 msgctxt "pki_export|" msgid "PKCS #7 unusable" msgstr "" #: ../lib/pki_export.cpp:74 msgctxt "pki_export|" msgid "PKCS#7 encoded collection of all expired or revoked certificates" msgstr "" #: ../lib/pki_export.cpp:75 msgctxt "pki_export|" msgid "Binary DER encoded certificate" msgstr "" #: ../lib/pki_export.cpp:76 msgctxt "pki_export|" msgid "PKCS #12 chain" msgstr "" #: ../lib/pki_export.cpp:76 msgctxt "pki_export|" msgid "" "The complete certificate chain and the private key as encrypted PKCS#12 file" msgstr "" #: ../lib/pki_export.cpp:77 msgctxt "pki_export|" msgid "PKCS #12" msgstr "" #: ../lib/pki_export.cpp:77 msgctxt "pki_export|" msgid "The certificate and the private key as encrypted PKCS#12 file" msgstr "" #: ../lib/pki_export.cpp:78 msgctxt "pki_export|" msgid "Certificate Index file" msgstr "" #: ../lib/pki_export.cpp:78 msgctxt "pki_export|" msgid "" "OpenSSL specific Certificate Index file as created by the 'ca' command and " "required by the OCSP tool" msgstr "" #: ../lib/pki_export.cpp:79 ../lib/pki_export.cpp:105 msgctxt "pki_export|" msgid "vCalendar" msgstr "" #: ../lib/pki_export.cpp:79 msgctxt "pki_export|" msgid "vCalendar expiry reminder for the selected items" msgstr "" #: ../lib/pki_export.cpp:80 msgctxt "pki_export|" msgid "CA vCalendar" msgstr "" #: ../lib/pki_export.cpp:80 msgctxt "pki_export|" msgid "" "vCalendar expiry reminder containing all issued, valid certificates, the CA " "itself and the latest CRL" msgstr "" #: ../lib/pki_export.cpp:81 ../lib/pki_export.cpp:101 msgctxt "pki_export|" msgid "OpenSSL config" msgstr "" #: ../lib/pki_export.cpp:81 ../lib/pki_export.cpp:101 msgctxt "pki_export|" msgid "" "OpenSSL configuration file to create a certificate or request with the " "openssl commandline tool" msgstr "" #: ../lib/pki_export.cpp:82 msgctxt "pki_export|" msgid "OpenVPN tls-auth key" msgstr "" #: ../lib/pki_export.cpp:82 msgctxt "pki_export|" msgid "The OpenVPN tls-auth key is a secret key shared between endpoints" msgstr "" #: ../lib/pki_export.cpp:83 msgctxt "pki_export|" msgid "JSON Web Kit" msgstr "" #: ../lib/pki_export.cpp:83 msgctxt "pki_export|" msgid "" "The public key of the certificate in JSON Web Kit format with X.509 " "Certificate Thumbprint (x5t)" msgstr "" #: ../lib/pki_export.cpp:84 msgctxt "pki_export|" msgid "JSON Web Kit chain" msgstr "" #: ../lib/pki_export.cpp:84 msgctxt "pki_export|" msgid "" "The public key of the certificate in JSON Web Kit format with X.509 " "Certificate Thumbprint (x5t) and certificate chain (x5c)" msgstr "" #: ../lib/pki_export.cpp:86 msgctxt "pki_export|" msgid "PEM public" msgstr "" #: ../lib/pki_export.cpp:86 msgctxt "pki_export|" msgid "Text format of the public key in one PEM file" msgstr "" #: ../lib/pki_export.cpp:87 msgctxt "pki_export|" msgid "PEM private" msgstr "" #: ../lib/pki_export.cpp:87 ../lib/pki_export.cpp:89 msgctxt "pki_export|" msgid "Unencrypted private key in text format" msgstr "" #: ../lib/pki_export.cpp:88 msgctxt "pki_export|" msgid "PEM encrypted" msgstr "" #: ../lib/pki_export.cpp:88 msgctxt "pki_export|" msgid "OpenSSL specific encrypted private key in text format" msgstr "" #: ../lib/pki_export.cpp:89 msgctxt "pki_export|" msgid "SSH2 private" msgstr "" #: ../lib/pki_export.cpp:90 msgctxt "pki_export|" msgid "SSH2 public" msgstr "" #: ../lib/pki_export.cpp:90 msgctxt "pki_export|" msgid "The public key encoded in SSH2 format" msgstr "" #: ../lib/pki_export.cpp:91 msgctxt "pki_export|" msgid "DER public" msgstr "" #: ../lib/pki_export.cpp:91 msgctxt "pki_export|" msgid "Binary DER format of the public key" msgstr "" #: ../lib/pki_export.cpp:92 msgctxt "pki_export|" msgid "DER private" msgstr "" #: ../lib/pki_export.cpp:92 msgctxt "pki_export|" msgid "Unencrypted private key in binary DER format" msgstr "" #: ../lib/pki_export.cpp:93 msgctxt "pki_export|" msgid "PVK private" msgstr "" #: ../lib/pki_export.cpp:93 msgctxt "pki_export|" msgid "Private key in Microsoft PVK format not encrypted" msgstr "" #: ../lib/pki_export.cpp:94 msgctxt "pki_export|" msgid "PKCS #8 encrypted" msgstr "" #: ../lib/pki_export.cpp:94 msgctxt "pki_export|" msgid "Encrypted private key in PKCS#8 text format" msgstr "" #: ../lib/pki_export.cpp:95 msgctxt "pki_export|" msgid "PKCS #8" msgstr "" #: ../lib/pki_export.cpp:95 msgctxt "pki_export|" msgid "Unencrypted private key in PKCS#8 text format" msgstr "" #: ../lib/pki_export.cpp:96 msgctxt "pki_export|" msgid "JSON Web Key private" msgstr "" #: ../lib/pki_export.cpp:96 msgctxt "pki_export|" msgid "Unencrypted private key in JSON Web Key format" msgstr "" #: ../lib/pki_export.cpp:97 msgctxt "pki_export|" msgid "JSON Web Key public" msgstr "" #: ../lib/pki_export.cpp:97 msgctxt "pki_export|" msgid "Public key in JSON Web Key format" msgstr "" #: ../lib/pki_export.cpp:100 msgctxt "pki_export|" msgid "Binary DER format of the certificate request" msgstr "" #: ../lib/pki_export.cpp:104 msgctxt "pki_export|" msgid "Binary DER format of the revocation list" msgstr "" #: ../lib/pki_export.cpp:105 msgctxt "pki_export|" msgid "vCalendar reminder for the CRL expiry date" msgstr "" #: ../lib/pki_export.cpp:107 msgctxt "pki_export|" msgid "" "XCA template in PEM-like format. Templates include the internal name and " "comment" msgstr "" #: ../lib/pki_export.cpp:108 msgctxt "pki_export|" msgid "" "All selected XCA templates in PEM-like format. Templates include the " "internal name and comment" msgstr "" #: ../lib/pki_key.cpp:59 ../lib/pki_key.cpp:236 ../lib/pki_key.cpp:856 msgctxt "pki_key|" msgid "Public key" msgstr "" #: ../lib/pki_key.cpp:212 #, qt-format msgctxt "" "pki_key|%1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name " "of the key" msgid "Successfully imported the %1 public key '%2'" msgstr "" #: ../lib/pki_key.cpp:214 #, qt-format msgctxt "" "pki_key|%1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal " "name(s) of the key(s)" msgid "Delete the %n %1 public key(s) '%2'?" msgid_plural "Delete the %n %1 public key(s) '%2'?" msgstr[0] "" msgstr[1] "" #: ../lib/pki_key.cpp:220 #, qt-format msgctxt "" "pki_key|%1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name " "of the key" msgid "Successfully imported the %1 private key '%2'" msgstr "" #: ../lib/pki_key.cpp:222 #, qt-format msgctxt "" "pki_key|%1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal " "name(s) of the key(s)" msgid "Delete the %n %1 private key(s) '%2'?" msgid_plural "Delete the %n %1 private key(s) '%2'?" msgstr[0] "" msgstr[1] "" #: ../lib/pki_key.cpp:224 #, qt-format msgctxt "" "pki_key|%1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name " "of the key" msgid "Successfully created the %1 private key '%2'" msgstr "" #: ../lib/pki_key.cpp:454 msgctxt "pki_key|" msgid "Common" msgstr "" #: ../lib/pki_key.cpp:454 msgctxt "pki_key|" msgid "Private" msgstr "" #: ../lib/pki_key.cpp:454 msgctxt "pki_key|" msgid "Bogus" msgstr "" #: ../lib/pki_key.cpp:454 msgctxt "pki_key|" msgid "PIN" msgstr "" #: ../lib/pki_key.cpp:464 msgctxt "pki_key|" msgid "No password" msgstr "" #: ../lib/pki_key.cpp:561 ../lib/pki_key.cpp:666 #, qt-format msgctxt "pki_key|" msgid "Unexpected SSH2 content: '%1'" msgstr "" #: ../lib/pki_key.cpp:581 ../lib/pki_key.cpp:587 msgctxt "pki_key|" msgid "Invalid SSH2 public key" msgstr "" #: ../lib/pki_key.cpp:778 #, qt-format msgctxt "pki_key|" msgid "Failed writing to %1" msgstr "" #: ../lib/pki_multi.cpp:138 msgctxt "pki_multi|" msgid "No known PEM encoded items found" msgstr "" #: ../lib/pki_pkcs12.cpp:37 #, qt-format msgctxt "pki_pkcs12|" msgid "" "Please enter the password to decrypt the PKCS#12 file:\n" "%1" msgstr "" #: ../lib/pki_pkcs12.cpp:51 #, qt-format msgctxt "pki_pkcs12|" msgid "Unable to load the PKCS#12 (pfx) file %1." msgstr "" #: ../lib/pki_pkcs12.cpp:83 #, qt-format msgctxt "pki_pkcs12|" msgid "The supplied password was wrong (%1)" msgstr "" #: ../lib/pki_pkcs12.cpp:141 #, qt-format msgctxt "pki_pkcs12|" msgid "" "Please enter the password to encrypt the key of certificate '%1' in the " "PKCS#12 file:\n" "%2" msgstr "" #: ../lib/pki_pkcs12.cpp:138 msgctxt "pki_pkcs12|" msgid "No key or no Cert and no pkcs12" msgstr "" #: ../lib/pki_pkcs7.cpp:185 #, qt-format msgctxt "pki_pkcs7|" msgid "Unable to load the PKCS#7 file %1. Tried PEM and DER format." msgstr "" #: ../lib/pki_scard.cpp:46 #, qt-format msgctxt "pki_scard|" msgid "Successfully imported the token key '%1'" msgstr "" #: ../lib/pki_scard.cpp:48 #, qt-format msgctxt "pki_scard|" msgid "Successfully created the token key '%1'" msgstr "" #: ../lib/pki_scard.cpp:47 #, qt-format msgctxt "pki_scard|" msgid "Delete the %n token key(s): '%1'?" msgid_plural "Delete the %n token key(s): '%1'?" msgstr[0] "" msgstr[1] "" #: ../lib/pki_scard.cpp:375 #, qt-format msgctxt "pki_scard|" msgid "Delete the private key '%1' from the token '%2 (#%3)' ?" msgstr "" #: ../lib/pki_scard.cpp:448 msgctxt "pki_scard|" msgid "This Key is already on the token" msgstr "" #: ../lib/pki_scard.cpp:532 msgctxt "pki_scard|" msgid "PIN input aborted" msgstr "" #: ../lib/pki_scard.cpp:548 msgctxt "pki_scard|" msgid "Unable to find copied key on the token" msgstr "" #: ../lib/pki_scard.cpp:636 #, qt-format msgctxt "pki_scard|" msgid "Please insert card: %1 %2 [%3] with Serial: %4" msgstr "" #: ../lib/pki_scard.cpp:690 #, qt-format msgctxt "pki_scard|" msgid "Select Slot of %1" msgstr "" #: ../lib/pki_scard.cpp:728 msgctxt "pki_scard|" msgid "Unable to find generated key on card" msgstr "" #: ../lib/pki_scard.cpp:739 #, qt-format msgctxt "pki_scard|" msgid "Token %1" msgstr "" #: ../lib/pki_scard.cpp:748 ../lib/pki_scard.cpp:760 msgctxt "pki_scard|" msgid "Failed to find the key on the token" msgstr "" #: ../lib/pki_scard.cpp:754 msgctxt "pki_scard|" msgid "Invalid Pin for the token" msgstr "" #: ../lib/pki_scard.cpp:766 msgctxt "pki_scard|" msgid "Failed to initialize the key on the token" msgstr "" #: ../lib/pki_temp.cpp:159 #, qt-format msgctxt "pki_temp|" msgid "Successfully imported the XCA template '%1'" msgstr "" #: ../lib/pki_temp.cpp:161 #, qt-format msgctxt "pki_temp|" msgid "Successfully created the XCA template '%1'" msgstr "" #: ../lib/pki_temp.cpp:160 #, qt-format msgctxt "pki_temp|" msgid "Delete the %n XCA template(s): '%1'?" msgid_plural "Delete the %n XCA template(s): '%1'?" msgstr[0] "" msgstr[1] "" #: ../lib/pki_temp.cpp:373 #, qt-format msgctxt "pki_temp|" msgid "Wrong Size %1" msgstr "" #: ../lib/pki_temp.cpp:471 msgctxt "pki_temp|" msgid "Template file content error (too small)" msgstr "" #: ../lib/pki_temp.cpp:521 msgctxt "pki_temp|" msgid "Not a PEM encoded XCA Template" msgstr "" #: ../lib/pki_temp.cpp:528 #, qt-format msgctxt "pki_temp|" msgid "Not an XCA Template, but '%1'" msgstr "" #: ../lib/pki_x509.cpp:65 #, qt-format msgctxt "pki_x509|" msgid "Successfully imported the certificate '%1'" msgstr "" #: ../lib/pki_x509.cpp:67 #, qt-format msgctxt "pki_x509|" msgid "Successfully created the certificate '%1'" msgstr "" #: ../lib/pki_x509.cpp:66 #, qt-format msgctxt "pki_x509|" msgid "Delete the %n certificate(s): '%1'?" msgid_plural "Delete the %n certificate(s): '%1'?" msgstr[0] "" msgstr[1] "" #: ../lib/pki_x509.cpp:237 #, qt-format msgctxt "pki_x509|" msgid "" "Unable to load the certificate in file %1. Tried PEM and DER certificate." msgstr "" #: ../lib/pki_x509.cpp:332 msgctxt "pki_x509|" msgid "Invalid OpenVPN tls-auth key" msgstr "" #: ../lib/pki_x509.cpp:362 msgctxt "pki_x509|" msgid "Failed to import tls-auth key" msgstr "" #: ../lib/pki_x509.cpp:365 msgctxt "pki_x509|" msgid "Same tls-auth key already stored for this CA" msgstr "" #: ../lib/pki_x509.cpp:367 msgctxt "pki_x509|" msgid "New tls-auth key successfully imported" msgstr "" #: ../lib/pki_x509.cpp:369 msgctxt "pki_x509|" msgid "Existing tls-auth key successfully replaced" msgstr "" #: ../lib/pki_x509.cpp:473 msgctxt "pki_x509|" msgid "This certificate is already on the security token" msgstr "" #: ../lib/pki_x509.cpp:536 #, qt-format msgctxt "pki_x509|" msgid "Delete the certificate '%1' from the token '%2 (#%3)'?" msgstr "" #: ../lib/pki_x509.cpp:660 msgctxt "pki_x509|" msgid "There is no key for signing !" msgstr "" #: ../lib/pki_x509.cpp:972 msgctxt "pki_x509|" msgid "No" msgstr "" #: ../lib/pki_x509.cpp:974 msgctxt "pki_x509|" msgid "Yes" msgstr "" #: ../lib/pki_x509.cpp:1004 #, qt-format msgctxt "pki_x509|" msgid "Renew certificate: %1" msgstr "" #: ../lib/pki_x509.cpp:1005 #, qt-format msgctxt "pki_x509|" msgid "" "The XCA certificate '%1', issued on %2 will expire on %3.\n" "It is stored in the XCA database '%4'" msgstr "" #: ../lib/pki_x509req.cpp:108 msgctxt "pki_x509req|" msgid "Signing key not valid (public key)" msgstr "" #: ../lib/pki_x509req.cpp:147 #, qt-format msgctxt "pki_x509req|" msgid "Successfully imported the PKCS#10 certificate request '%1'" msgstr "" #: ../lib/pki_x509req.cpp:148 #, qt-format msgctxt "pki_x509req|" msgid "Delete the %n PKCS#10 certificate request(s): '%1'?" msgid_plural "Delete the %n PKCS#10 certificate request(s): '%1'?" msgstr[0] "" msgstr[1] "" #: ../lib/pki_x509req.cpp:149 #, qt-format msgctxt "pki_x509req|" msgid "Successfully created the PKCS#10 certificate request '%1'" msgstr "" #: ../lib/pki_x509req.cpp:180 #, qt-format msgctxt "pki_x509req|" msgid "" "Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC " "format." msgstr "" #: ../lib/pki_x509req.cpp:366 msgctxt "pki_x509req|" msgid "Signed" msgstr "" #: ../lib/pki_x509req.cpp:366 msgctxt "pki_x509req|" msgid "Unhandled" msgstr "" #: ../ui/v3ext.ui:26 msgctxt "v3ext|" msgid "Copy Common Name" msgstr "" #: ../ui/v3ext.ui:56 msgctxt "v3ext|" msgid "Add" msgstr "" #: ../ui/v3ext.ui:63 msgctxt "v3ext|" msgid "Delete" msgstr "" #: ../ui/v3ext.ui:89 msgctxt "v3ext|" msgid "Apply" msgstr "" #: ../ui/v3ext.ui:96 msgctxt "v3ext|" msgid "Validate" msgstr "" #: ../ui/v3ext.ui:125 msgctxt "v3ext|" msgid "Cancel" msgstr "" #: ../widgets/v3ext.cpp:75 msgctxt "v3ext|" msgid "An email address or 'copy'" msgstr "" #: ../widgets/v3ext.cpp:77 msgctxt "v3ext|" msgid "An email address" msgstr "" #: ../widgets/v3ext.cpp:79 msgctxt "v3ext|" msgid "A registered ID: OBJECT IDENTIFIER" msgstr "" #: ../widgets/v3ext.cpp:83 msgctxt "v3ext|" msgid "A uniform resource indicator" msgstr "" #: ../widgets/v3ext.cpp:88 msgctxt "v3ext|" msgid "A DNS domain name or 'copycn'" msgstr "" #: ../widgets/v3ext.cpp:90 msgctxt "v3ext|" msgid "A DNS domain name" msgstr "" #: ../widgets/v3ext.cpp:92 msgctxt "v3ext|" msgid "An IP address" msgstr "" #: ../widgets/v3ext.cpp:95 msgctxt "v3ext|" msgid "Syntax: ;TYPE:text like '1.2.3.4:UTF8:name'" msgstr "" #: ../widgets/v3ext.cpp:99 msgctxt "v3ext|" msgid "No editing. Only 'copy' allowed here" msgstr "" #: ../widgets/v3ext.cpp:168 #, qt-format msgctxt "v3ext|" msgid "" "Validation failed:\n" "'%1'\n" "%2" msgstr "" #: ../widgets/v3ext.cpp:173 #, qt-format msgctxt "v3ext|" msgid "" "Validation successful:\n" "'%1'" msgstr "" #: ../widgets/XcaWarning.cpp:71 msgctxt "xcaWarningGui|" msgid "Copy to Clipboard" msgstr "" xca-RELEASE.2.9.0/lang/xca.ts000066400000000000000000005022321477156507700154470ustar00rootroot00000000000000 CaProperties Form Days until next CRL issuing Default template CertDetail Details of the Certificate Serial The serial number of the certificate The internal name of the certificate in the database Status Internal name Signature Key Fingerprints MD5 An md5 hashsum of the certificate SHA1 A SHA-1 hashsum of the certificate SHA256 A SHA-256 hashsum of the certificate Validity The time since the certificate is valid The time until the certificate is valid Subject Issuer Extensions Validation Purposes Strict RFC 5280 validation Comment Attributes Show config Show extensions Show public key This key is not in the database. Not available No verification errors found. Signer unknown Self signed Revoked at %1 Not valid Valid Details of the certificate signing request CertExtend Certificate renewal This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. Validity Not before Not after Time range Local time Days Months Years No well-defined expiration Midnight Apply Revoke old certificate Replace old certificate Keep serial number The certificate will be earlier valid than the signer. This is probably not what you want. Edit dates Abort rollout Continue rollout Adjust date and continue The certificate will be longer valid than the signer. This is probably not what you want. CertTreeView Hide unusable certificates Import PKCS#12 Import from PKCS#7 Request Security token Other token Similar Certificate Delete from Security token CA Properties Generate CRL Manage revocations Import OpenVPN tls-auth key Renewal Revoke Unrevoke Plain View Tree View days No template CA Properties Certificate export X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) vCalendar entry ( *.ics ) OpenVPN file ( *.ovpn ) OpenVPN tls-auth key ( *.key ) ClickLabel Double click for details CrlDetail Details of the Revocation list &Status Version Signature Signed by Name The internal name of the CRL in the database issuing dates Next update Last update &Issuer &Extensions &Revocation list Comment Failed Unknown signer Verification not possible CrlTreeView There are no CA certificates for CRL generation Select CA certificate Revocation list export CRL ( *.pem *.der *.crl ) vCalendar entry ( *.ics ) ExportDialog Name The internal name of the CRL in the database ... Filename Each Item in a separate file Same encryption password for all items Export comment into PEM file Export Format %n selected item(s) All files ( * ) The file: '%1' already exists! Overwrite Do not overwrite The path: '%1' exist, but is not a file The path: '%1' exist, but is not a directory The directory: '%1' does not exist. Should it be created? Create Failed to create directory '%1' Directory Form last update next update Days Months Years Apply Midnight Local time No well-defined expiration Help << >> &Done ImportMulti Import PKI Items Import &All &Import &Done &Remove from list Details Delete from token Rename on token Name: %1 Model: %2 Serial: %3 Manage security token The type of the item '%1' is not recognized Could not open the default database The file '%1' did not contain PKI data The %1 files: '%2' did not contain PKI data ItemProperties Name Source Insertion date Comment KeyDetail Name The internal name of the key used by xca Security token Manufacturer Serial Key Public Exponent Keysize Private Exponent Security Token Label PKCS#11 ID Token information Model Fingerprint Comment Details of the %1 key Not available Available Sub prime Public key Private key Curve name Unknown key KeyTreeView Change password Reset password Change PIN Init PIN with SO PIN (PUK) Change SO PIN (PUK) Security token This is not a token Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable Key export Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) SSH Private Keys ( *.priv ) Microsoft PVK Keys ( *.pvk ) MainWindow Private Keys &New Key &Export &Import Import PFX (PKCS#12) &Show Details &Delete Certificate signing requests &New Request Certificates &New Certificate Import &PKCS#12 Import P&KCS#7 Plain View Templates &New Template &New CRL Ch&ange Template Revocation lists Using or exporting private keys will not be possible without providing the correct password The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. Recent DataBases System Croatian English French German Japanese Korean Russian Slovak Spanish Persian Bulgarian Polish Italian Chinese Dutch Portuguese in Brazil Indonesian Turkish Language &File Open Remote DataBase Set as default DataBase New DataBase Open DataBase Close DataBase Options Exit I&mport Keys Requests PKCS#12 PKCS#7 Template Revocation list PEM file Paste PEM file Token Export Certificate &Index hierarchy Content &Manage Security token &Init Security token &Change PIN Change &SO PIN Init PIN Extra &Dump DataBase &Export Certificate Index C&hange DataBase password &Undelete items Generate DH parameter OID Resolver &Help About Import PEM data Please enter the original SO PIN (PUK) of the token '%1' Search Please enter the new SO PIN (PUK) for the token '%1' The new label of the token '%1' The token '%1' did not contain any keys or certificates Retry with PIN Retry with SO PIN Current Password Please enter the current database password The entered password is wrong New Password Please enter the new password to encrypt your private keys in the database-file Transaction start failed Database: %1 The currently used PFX / PKCS#12 algorithm '%1' is insecure. Change Certificate Index ( index.txt ) All files ( * ) Diffie-Hellman parameters saved as: %1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits NewCrl Last update Next update Days Months Years Midnight Local time Apply Options CRL number Subject alternative name Revocation reasons Authority key identifier Hash algorithm Create CRL NewKey Please give a name to the new key and select the desired keysize Key properties Name The internal name of the new key Curve name Usually at least 2048 bit keys are recommended New Key Keysize Keytype Remember as default Create NewX509 Source Signing request Show request Sign this Certificate signing &request Copy extensions from the request Modify subject of the request Signing Create a &self signed certificate Use &this Certificate for signing All certificates in your database that can create valid signatures Signature algorithm Template for the new certificate All available templates Apply extensions Apply subject Apply all Subject Internal Name Distinguished name Add Delete Private key This list only contains unused keys Used keys too &Generate a new key Extensions Type If this will become a CA certificate or not Not defined Certification Authority End Entity Path length How much CAs may be below this. The basic constraints should always be critical Key identifier Creates a hash of the key following the PKIX guidelines Copy the Subject Key Identifier from the issuer Validity Not before Not after Time range Days Months Years Apply Set the time to 00:00:00 and 23:59:59 respectively Midnight Local time No well-defined expiration DNS: IP: URI: email: RID: Edit URI: Key usage Netscape Advanced Validate Comment This name is only used internally and does not appear in the resulting certificate Critical Create Certificate signing request minimum size: %1 maximum size: %1 only a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters Edit XCA template Create x509 Certificate Template '%1' applied Subject applied from template '%1' Extensions applied from template '%1' New key '%1' created Other Tabs Advanced Tab Errors From PKCS#10 request Error duplicate extensions The Name Constraints are invalid The Subject Alternative Name is invalid The Issuer Alternative Name is invalid The CRL Distribution Point is invalid The Authority Information Access is invalid Abort rollout The following length restrictions of RFC3280 are violated: Edit subject Continue rollout The verification of the Certificate request failed. The rollout should be aborted. Continue anyway The internal name and the common name are empty. Please set at least the internal name. Edit name There is no Key selected for signing. Select key The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. The key you selected for signing is not a private one. Select other signer Select other key The currently selected hash algorithm '%1' is insecure and should not be used. Select other algorithm Use algorithm anyway The certificate will be earlier valid than the signer. This is probably not what you want. Edit dates Adjust date and continue The certificate will be longer valid than the signer. This is probably not what you want. The certificate will be out of date before it becomes valid. You most probably mixed up both dates. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. The certificate contains invalid extensions. Edit extensions The subject alternative name shall contain a copy of the common name. However, the common name is empty. A name constraint of the issuer '%1' is violated: %2 Configfile error on line %1 OidResolver OID Resolver Enter the OID, the Nid, or one of the textual representations Search OID Long name OpenSSL internal ID Nid Short name OpenDb Open remote database Database type Hostname Username Password Database name Table prefix No SqLite3 driver available. Please install the qt-sqlite package of your distribution Options XCA Options Settings Default hash algorithm String types Suppress success messages Don't colorize expired certificates Translate established x509 terms (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. Only use hashes supported by the token when signing with a token key Disable legacy Netscape extensions PKCS12 encryption algorithm Certificate expiry warning threshold Send vCalendar expiry reminder Serial number length bit Distinguished name Mandatory subject entries Add Delete Explicit subject entries Dynamically arrange explicit subject entries Default PKCS#11 provider Remove Search Printable string or UTF8 (default) PKIX recommendation in RFC2459 No BMP strings, only printable and T61 UTF8 strings only (RFC2459) All strings Days Weeks PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) Take as HEX string Repeat %1 %1 mismatch Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters Exit QObject Undefined Broken / Invalid in %1 seconds %1 seconds ago in %1 minutes %1 minutes ago Yesterday Tomorrow in %1 hours %1 hours ago Out of data Error finding endmarker of string All files ( * ) PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK Keys ( *.pvk );; SSH Public Keys ( *.pub );; Import RSA key PKCS#10 CSR ( *.pem *.der *.csr );; Import Request Certificates ( *.pem *.der *.crt *.cer );; Import X.509 Certificate PKCS#7 data ( *.p7s *.p7m *.p7b );; Import PKCS#7 Certificates PKCS#12 Certificates ( *.p12 *.pfx );; Import PKCS#12 Private Certificate XCA templates ( *.xca );; Import XCA Templates Revocation lists ( *.pem *.der *.crl );; Import Certificate Revocation List XCA Databases ( *.xdb );; Open XCA Database OpenVPN tls-auth key ( *.key );; Import OpenVPN tls-auth key PKCS#11 library ( *.dll );; PKCS#11 library ( *.dylib *.so );; PKCS#11 library ( *.so );; Open PKCS#11 shared library PEM files ( *.pem );; Load PEM encoded file Please enter the PIN on the PinPad Please enter the SO PIN (PUK) of the token %1 Please enter the PIN of the token %1 No Security token found Select Please enter the new SO PIN (PUK) for the token: '%1' Please enter the new PIN for the token: '%1' Required PIN size: %1 - %2 Disabled Library loading failed PKCS#11 function '%1' failed: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 Invalid %1 is shorter than %2 bytes: '%3' %1 is longer than %2 bytes: '%3' String '%1' for '%2' contains invalid characters Error reading config file %1 at line %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. Unknown object '%1' in file %2 line %3 Failed to start a database transaction Country code State or Province Locality Organisation Organisational unit Common name E-Mail address Serial number Given name Surname Title Initials Description Role Pseudonym Generation Qualifier x500 Unique Identifier Name DN Qualifier Unstructured name Challenge password Basic Constraints Name Constraints Subject alternative name issuer alternative name Subject key identifier Authority key identifier Key usage Extended key usage CRL distribution points Authority information access Certificate type Base URL Revocation URL CA Revocation URL Certificate renewal URL CA policy URL SSL server name Comment Index file written to '%1' Index hierarchy written to '%1' Unknown key type %1 Failed to write PEM data to '%1' Password verify error, please try again The following error occurred: Failed to update the database schema to the current version Password insecure ReqTreeView Sign Unmark signed Mark signed Similar Request Certificate request export Certificate request ( *.pem *.der *.csr ) RevocationList Manage revocations Add Delete Edit No. Serial Revocation Reason Invalidation Generate CRL Revoke Certificate revocation Revocation details Revocation reason Local time Invalid since Serial SearchPkcs11 Directory ... Include subdirectories Search The following files are possible PKCS#11 libraries SelectToken Security token Please select the security token TempTreeView Duplicate Create certificate Create request copy Preset Template values Template export XCA Templates ( *.xca ) Validity yyyy-MM-dd hh:mm X509SuperTreeView Transform Template Public key XFile Error opening file: '%1': %2 Error rewinding file: '%1': %2 XcaDetail Import XcaTreeView Item properties Subject entries X509v3 Extensions Netscape extensions Key properties Reset Hide Column Details Columns Export Password Please enter the password to encrypt all %n exported private key(s) in: %1 Singular form for 0 or 1 item can be ignored. Will always be called with n >= 2 New Import Paste PEM data Rename Properties Delete Export Clipboard File Clipboard format database_model Please enter the password to access the database server %2 as user '%1'. Unable to create '%1': %2 The file '%1' is not an XCA database No SqLite3 driver available. Please install the qt-sqlite package of your distribution New Password Please enter a password, that will be used to encrypt your private keys in the database: %1 Password Please enter the password for unlocking the database: %1 db_base Internal name No. Primary key Database unique number Date Date of creation or insertion Source Generated, Imported, Transformed Comment First line of the comment field Import from: %1 Could not create directory %1 db_crl Signer Internal name of the signer No. revoked Number of revoked certificates Last update Next update CRL number The revocation list already exists in the database as: '%1' and so it was not imported Failed to initiate DB transaction Database error: %1 db_key Type Size EC Group Use Password The key is already in the database as: '%1' and is not going to be imported The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key Extending public key from %1 by imported key '%2' Key size too small ! You are sure to create a key of the size: %1 ? Internal key update: The keys: %1 must be updated once by resetting and setting its private password Tried to change password of a token db_temp Bad template: %1 Empty template db_x509 CA reflects the basic Constraints extension Serial Start date Expiry date MD5 fingerprint SHA1 fingerprint SHA256 fingerprint Not before Not after Revocation CRL Expiration Failed to retrieve unique random serial The certificate already exists in the database as: '%1' and so it was not imported Signed on %1 by '%2' Unknown Invalid public key The key you selected for signing is not a private one. Failed to create directory '%1' Store the certificate to the key on the token '%1 (#%2)' ? There was no key found for the Certificate: '%1' Not possible for a token key: '%1' Not possible for the token-key Certificate '%1' db_x509name Subject Complete distinguished name Subject hash Hash to lookup certs in directories db_x509req Signed whether the request is already signed or not Unstructured name Challenge password Certificate count Number of certificates in the database with the same public key The certificate signing request already exists in the database as '%1' and thus was not stored db_x509super Key name Internal name of the key Signature algorithm Key type Key size EC Group Extracted from %1 '%2' Certificate Certificate request The following extensions were not ported into the template Transformed from %1 '%2' kvView Type Content pass_info Password PIN pkcs11_lib Failed to open PKCS11 library: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. pki_base Unknown Imported Generated Transformed Token Legacy Database Renewed Property '%1' not listed in 'pki_base::print' Internal error: Unexpected message: %1 %2 pki_crl Successfully imported the revocation list '%1' Successfully created the revocation list '%1' Delete the %n revocation list(s): '%1'? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. No issuer given CRL Renewal of CA '%1' due The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' Renew CRL: %1 The XCA CRL '%1', issued on %3 will expire on %4. It is stored in the XCA database '%5' pki_evp Please enter the password to decrypt the private key %1. The key from file '%1' is incomplete or inconsistent. Please enter the password to decrypt the private key from file: %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. Please enter the password to decrypt the private key: '%1' Password input aborted Please enter the database password for decrypting the key '%1' Decryption of private key '%1' failed Please enter the password to protect the private key: '%1' Please enter the database password for encrypting the key Please enter the password to protect the PKCS#8 key '%1' in file: %2 Please enter the password to protect the private key '%1' in file: %2 pki_export PEM Text format with headers PEM selected Concatenated list of all selected certificates in one PEM text file PEM chain Concatenated text format of the complete certificate chain in one PEM file The complete certificate chain and the private key of the selected certificate with tags usable in OpenVPN configuration files PEM + key Concatenation of the certificate and the unencrypted private key in one PEM file Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file All unusable Concatenation of all expired or revoked certificates in one PEM file PKCS#7 encoded single certificate All selected certificates encoded in one PKCS#7 file PKCS #7 chain PKCS#7 encoded complete certificate chain PKCS #7 unusable PKCS#7 encoded collection of all expired or revoked certificates Binary DER encoded certificate PKCS #12 chain The complete certificate chain and the private key as encrypted PKCS#12 file PKCS #12 The certificate and the private key as encrypted PKCS#12 file Certificate Index file OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool vCalendar vCalendar expiry reminder for the selected items CA vCalendar vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL OpenSSL config OpenSSL configuration file to create a certificate or request with the openssl commandline tool OpenVPN tls-auth key The OpenVPN tls-auth key is a secret key shared between endpoints JSON Web Kit The public key of the certificate in JSON Web Kit format with X.509 Certificate Thumbprint (x5t) JSON Web Kit chain The public key of the certificate in JSON Web Kit format with X.509 Certificate Thumbprint (x5t) and certificate chain (x5c) PEM public Text format of the public key in one PEM file PEM private Unencrypted private key in text format PEM encrypted OpenSSL specific encrypted private key in text format SSH2 private SSH2 public The public key encoded in SSH2 format DER public Binary DER format of the public key DER private Unencrypted private key in binary DER format PVK private Private key in Microsoft PVK format not encrypted PKCS #8 encrypted Encrypted private key in PKCS#8 text format PKCS #8 Unencrypted private key in PKCS#8 text format JSON Web Key private Unencrypted private key in JSON Web Key format JSON Web Key public Public key in JSON Web Key format Binary DER format of the certificate request Binary DER format of the revocation list vCalendar reminder for the CRL expiry date XCA template in PEM-like format. Templates include the internal name and comment All selected XCA templates in PEM-like format. Templates include the internal name and comment pki_key Public key Successfully imported the %1 public key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key Delete the %n %1 public key(s) '%2'? %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal name(s) of the key(s) Successfully imported the %1 private key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key Delete the %n %1 private key(s) '%2'? %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal name(s) of the key(s) Successfully created the %1 private key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key Common Private Bogus PIN No password Unexpected SSH2 content: '%1' Invalid SSH2 public key Failed writing to %1 pki_multi No known PEM encoded items found pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 Unable to load the PKCS#12 (pfx) file %1. The supplied password was wrong (%1) Please enter the password to encrypt the key of certificate '%1' in the PKCS#12 file: %2 No key or no Cert and no pkcs12 pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. pki_scard Successfully imported the token key '%1' Successfully created the token key '%1' Delete the %n token key(s): '%1'? Delete the private key '%1' from the token '%2 (#%3)' ? This Key is already on the token PIN input aborted Unable to find copied key on the token Please insert card: %1 %2 [%3] with Serial: %4 Select Slot of %1 Unable to find generated key on card Token %1 Failed to find the key on the token Invalid Pin for the token Failed to initialize the key on the token pki_temp Successfully imported the XCA template '%1' Successfully created the XCA template '%1' Delete the %n XCA template(s): '%1'? Wrong Size %1 Template file content error (too small) Not a PEM encoded XCA Template Not an XCA Template, but '%1' pki_x509 Successfully imported the certificate '%1' Successfully created the certificate '%1' Delete the %n certificate(s): '%1'? Unable to load the certificate in file %1. Tried PEM and DER certificate. Invalid OpenVPN tls-auth key Failed to import tls-auth key Same tls-auth key already stored for this CA New tls-auth key successfully imported Existing tls-auth key successfully replaced This certificate is already on the security token Delete the certificate '%1' from the token '%2 (#%3)'? There is no key for signing ! No Yes Renew certificate: %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' pki_x509req Signing key not valid (public key) Successfully imported the PKCS#10 certificate request '%1' Delete the %n PKCS#10 certificate request(s): '%1'? Successfully created the PKCS#10 certificate request '%1' Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. Signed Unhandled v3ext Copy Common Name Add Delete Apply Validate Cancel An email address or 'copy' An email address A registered ID: OBJECT IDENTIFIER A uniform resource indicator A DNS domain name or 'copycn' A DNS domain name An IP address Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' No editing. Only 'copy' allowed here Validation failed: '%1' %2 Validation successful: '%1' xcaWarningGui Copy to Clipboard xca-RELEASE.2.9.0/lang/xca_bg.ts000066400000000000000000006624551477156507700161350ustar00rootroot00000000000000 CaProperties Form Форма Days until next CRL issuing Дни до следващото издаване на CRL Default template Шаблон по подразбиране CertDetail Details of the Certificate Детайли на сертификата Serial Сериен номер The serial number of the certificate Серийният номер на сертификата The internal name of the certificate in the database Вътрешното име на сертификата в базата данни Status Статус Internal name Вътрешно име Signature Подпис Key Ключ Fingerprints Пръстови отпечатъци MD5 MD5 An md5 hashsum of the certificate Хеш сума md5 на сертификата SHA1 SHA1 A SHA-1 hashsum of the certificate Хеш сума SHA-1 на сертификата SHA256 SHA256 A SHA-256 hashsum of the certificate Хеш сума SHA-256 на сертификата Validity Валидност The time since the certificate is valid Времето, откакто сертификатът е валиден The time until the certificate is valid Времето до кога е валиден сертификата Subject Заглавие Issuer Издател Extensions Разширения Validation Валидиране Purposes Цели Strict RFC 5280 validation Стриктно валидиране на RFC 5280 Comment Коментар Attributes Атрибути Show config Покажи конфигурацията Show extensions Покажи разширенията Show public key Покажи публичния ключ This key is not in the database. Ключът не е в базата данни. Not available Не е достъпно No verification errors found. Няма открити грешки при проверката. Signer unknown Подписващият е неизвестен Self signed Самоподписано Revoked at %1 Анулиран на %1 Not valid Невалиден Valid Валиден Details of the certificate signing request Подробности за заявката за подписване на сертификат CertExtend Certificate renewal Подновяване на сертификат This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. Това ще създаде нов сертификат като копие на стария с нов сериен номер и коригирани стойности за валидност. Validity Валидност Not before Не преди Not after Не след Time range Времеви интервал Local time Местно време Days Дни Months Месеци Years Години No well-defined expiration Няма ясно дефиниран срок на валидност Midnight Полунощ Apply Приложи Revoke old certificate Анулирайте стария сертификат Replace old certificate Заменете стария сертификат Keep serial number Запазете серийния номер The certificate will be earlier valid than the signer. This is probably not what you want. Сертификатът ще бъде валиден по-рано от подписващия. Това вероятно не е това, което искате. Edit dates Редактиране на дати Abort rollout Прекъсване на внедряването Continue rollout Продължаване на внедряването Adjust date and continue Коригирайте датата и продължете The certificate will be longer valid than the signer. This is probably not what you want. Сертификатът ще бъде по-дълъг от този на подписващия. Това вероятно не е това, което искате. CertTreeView Hide unusable certificates Скриване на неизползваемите сертификати Import PKCS#12 Импортиране на PKCS#12 Import from PKCS#7 Импортиране от PKCS#7 Request Заявка Security token Токен за сигурност Other token Друг токен Similar Certificate Подобен сертификат Delete from Security token Изтриване от токена за сигурност CA CA Properties Свойства Generate CRL Създаване на CRL Manage revocations Управление на анулираните Import OpenVPN tls-auth key Импортирайте OpenVPN tl-auth ключ Renewal Подновяване Revoke Анулиране Unrevoke Премахване от анулиране Plain View Обикновен изглед Tree View В дървовиден изглед days дни No template Без шаблон CA Properties CA Свойства Certificate export Експортиране на сертификат X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) X509 Сертификати ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) vCalendar entry ( *.ics ) vCalendar запис ( *.ics ) OpenVPN file ( *.ovpn ) OpenVPN файл ( *.ovpn ) OpenVPN tls-auth key ( *.key ) OpenVPN tls-auth ключ ( *.key ) ClickLabel Double click for details Щракнете два пъти за детайли CrlDetail Details of the Revocation list Детайли на списъка с анулирани &Status &Статус Version Версия Signature Подпис Signed by Подписан от Name Име The internal name of the CRL in the database Вътрешното име на CRL в базата данни issuing dates дати на издаване Next update Следваща актуализация Last update Последна актуализация &Issuer &Издател &Extensions &Разширения &Revocation list &Анулиран списък Comment Коментар Failed Неуспешно Unknown signer Подписващият е неизвестен Verification not possible Проверката е невъзможна CrlTreeView There are no CA certificates for CRL generation Няма CA сертификати за създаването на CRL Select CA certificate Изберете CA сертификат Revocation list export Експортиране на списък с анулирани CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) vCalendar entry ( *.ics ) vCalendar запис ( *.ics ) ExportDialog Name Име The internal name of the CRL in the database Вътрешното име на CRL в базата данни ... ... Filename Име на файл Each Item in a separate file Всеки елемент в отделен файл Same encryption password for all items Една и съща парола за криптиране за всички елементи Export comment into PEM file Експортиране на коментар в PEM файл Export Format Формат за експортирането All files ( * ) Всички файлове ( * ) PEM Text format with headers PEM Текстов формат с хедери Concatenated list of all selected items in one PEM text file Свързан списък на всички избрани елементи в един PEM текстов файл Concatenated text format of the complete certificate chain in one PEM file Свързан текстов формат на пълната верига от сертификати в един PEM файл Concatenated text format of all certificates in one PEM file Свързан текстов формат на всички сертификати в един PEM файл Binary DER encoded file Двоичен DER кодиран файл PKCS#7 encoded single certificate PKCS#7 кодиран единичен сертификат PKCS#7 encoded complete certificate chain PKCS#7 кодирана пълна верига от сертификати Concatenated text format of all unrevoked certificates in one PEM file Свързан текстов формат на всички премахнати от анулиране сертификати в един PEM файл All unrevoked certificates encoded in one PKCS#7 file Всички премахнати от анулиране сертификати криптирани в един PKCS#7 файл All selected certificates encoded in one PKCS#7 file Всички избрани сертификати кодирани в един PKCS#7 файл All certificates encoded in one PKCS#7 file Всички сертификати крипирарни в един PKCS#7 файл The certificate and the private key as encrypted PKCS#12 file Сертификатът и частния ключ като криптиран PKCS#12 файл The complete certificate chain and the private key as encrypted PKCS#12 file Пълната верига от сертификати и частния ключ като криптиран PKCS#12 файл Concatenation of the certificate and the unencrypted private key in one PEM file Свързване на сертификата и некриптирания частен ключ в един PEM файл Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Свързване на сертификата и криптирания частен ключ във формат PKCS#8 в един файл Text format of the public key in one PEM file Текстов формат на публичния ключ в един PEM файл Binary DER format of the public key Двоичен DER формат на публичния ключ Unencrypted private key in text format Некриптиран частен ключ в текстов формат OpenSSL specific encrypted private key in text format Специфичен за OpenSSL криптиран частен ключ в текстов формат Unencrypted private key in binary DER format Некриптиран частен ключ в двоичен DER формат Unencrypted private key in PKCS#8 text format Некриптиран частен ключ в текстов формат PKCS#8 Encrypted private key in PKCS#8 text format Криптиран частен ключ в текстов формат PKCS#8 The public key encoded in SSH2 format Публичният ключ, кодиран във формат SSH2 OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool Специфичен за OpenSSL файл с индекс на сертификат, създаден от командата 'ca' и изискван от OCSP инструмента vCalendar expiry reminder for the selected items vCalendar напомняне за изтичане на избраните елементи vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL Напомняне за изтичане чрез vCalendar, съдържащо всички издадени валидни сертификати, самия CA и последния CRL Private key in Microsoft PVK format not encrypted или шифър Частният ключ във формат Microsoft PVK не е криптиран Encrypted private key in Microsoft PVK format Криптиран частен ключ във формат Microsoft PVK %n selected item(s) %n избран елемент %n избрани елементи The file: '%1' already exists! Файлът:'%1' вече съществува! Overwrite Презаписане Do not overwrite Не презаписвайте The path: '%1' exist, but is not a file Пътят: '%1' съществува, но не е файл The path: '%1' exist, but is not a directory Пътят: '%1' съществува, но не е директория The directory: '%1' does not exist. Should it be created? Директорията: '%1' не съществува. Трябва ли да се създаде? Create Създавай Failed to create directory '%1' Неуспешно създаване на директория '%1' Directory Директория Form last update последна актуализация next update следваща актуализация Days Дни Months Месеци Years Години Apply Приложи Midnight Полунощ Local time Местно време No well-defined expiration Няма ясно дефиниран срок на изтичане Help << << >> >> &Done &Готово ImportMulti Import PKI Items Импортиране на PKI елементи Import &All Импортирай &Всички &Import &Импортиране &Done &Готово &Remove from list &Премахване от списък Details Детайли Delete from token Изтриване от токен Rename on token Преименуване на токен Name: %1 Model: %2 Serial: %3 Име: %1 Модел: %2 Сериен номер: %3 Manage security token Управление на токена за сигурност Details of the item '%1' cannot be shown Подробностите за елемента '%1' не могат да бъдат показани The type of the item '%1' is not recognized Типът на елемента '%1' не е разпознат Could not open the default database Не успях да отворя базата данни по подразбиране The file '%1' did not contain PKI data Файлът '%1' не съдържа PKI данни The %1 files: '%2' did not contain PKI data Файловете %1: '%2' не съдържаха PKI данни ItemProperties Name Име Source Източник Insertion date Дата на вмъкване Comment Коментар KeyDetail Name Име The internal name of the key used by xca Вътрешното име на ключа, използван от xca Security token Токен за сигурност Manufacturer Производител Serial Сериен Key Ключ Public Exponent Публична Експонента Keysize Размер на ключа Private Exponent Частна Експонента Security Token Токен за сигурност Label Етикет PKCS#11 ID PKCS#11 ID Token information Информация за токена Model Модел Fingerprint Пръстов отпечатък Comment Коментар Details of the %1 key Подробности за %1 ключа Not available Недостъпно Available или достъпен? Достъпно Sub prime Второстепенен Public key Публичен ключ Private key Частен ключ Curve name Име на кривата Unknown key Неизвестен ключ KeyTreeView Clipboard format Клипборд формат Change password Промени паролата Reset password Нулиране на паролата Change PIN Промяна на ПИН Init PIN with SO PIN (PUK) Инициализиране на PIN със SO PIN (PUK) Change SO PIN (PUK) Промяна на SO PIN (PUK) Security token Токен за сигурност This is not a token Това не е токен Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable Трябва ли оригиналният ключ '%1' да бъде заменен с ключа на токена? Това ще изтрие ключа '%1' и ще го направи да не може да се експортира Key export Екпортирай ключа SSH Private Keys ( *.priv ) SSH Частни Ключове ( *.priv ) Microsoft PVK Keys ( *.pvk ) Microsoft PVK Ключове ( *.pvk ) Export public key [%1] Експортиране на публичния ключ [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Частни ключове ( *.pem *.der *.pk8 );; SSH Публични ключове ( *.pub ) MainWindow Private Keys Частни ключове &New Key &Нов ключ &Export &Експортиране &Import &Импортиране Import PFX (PKCS#12) Импортиране на PFX (PKCS#12) &Show Details &Покажи детайлите &Delete &Изтрий Certificate signing requests Заявки за подписване на сертификати &New Request &Нова заявка Certificates Сертификати &New Certificate &Нов сертификат Import &PKCS#12 Импортиране на &PKCS#12 Import P&KCS#7 Импортиране на P&KCS#7 Plain View Обикновен изглед Templates Шаблони &New Template &Нов Шаблон &New CRL &Нов CRL Ch&ange Template Про&мени Шаблона Revocation lists Списъци с анулирани сертификати Using or exporting private keys will not be possible without providing the correct password Използването или експортирането на лични ключове няма да е възможно без предоставяне на правилната парола Database База данни The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. Използваният в момента хеш по подразбиране '%1' е несигурен. Моля, изберете поне 'SHA 224' от съображения за сигурност. Recent DataBases Текущи бази данни System Системен Croatian хърватски English английски French френски German немски Japanese японски Korean корейски Russian руски Slovak словашки Spanish испански Persian персийски Bulgarian български Polish полски Italian италиански Chinese китайски Dutch холандски Portuguese in Brazil португалски в Бразилия Indonesian индонезийски Turkish турски Language Език &File &Файл Open Remote DataBase Отваряне на отдалечена базата данни Set as default DataBase Задаване като базата данни по подразбиране New DataBase Нова база данни Open DataBase Отваряне на базата данни Close DataBase Затваряне на базата данни Options Опции Exit Изход I&mport И&мпортиране Keys Ключове Requests Заявки PKCS#12 PKCS#12 PKCS#7 PKCS#7 Template Шаблон Revocation list Списък с анулирани сертификати PEM file PEM файл Paste PEM file Поставяне на данни в PEM файл Token Токен Export Certificate &Index hierarchy Експортиране на &индекс йерархия на сертификат Content Съдържание &Manage Security token &Управление на токена за сигурност &Init Security token &Инициализация на токен за сигурност &Change PIN &Промяна на ПИН Change &SO PIN Промяна на &SO PIN Init PIN Инициализация на ПИН Extra Екстра &Dump DataBase или помисли за дъмпване? &Създаване на копие на базата данни &Export Certificate Index &Експортиране на сертификат индекса C&hange DataBase password П&ромяна на паролата за базата данни &Undelete items &Отмяна на изтритите елементи Generate DH parameter Създаване на DH параметър OID Resolver OID Резолвер &Help &Помощ About За програмата Import PEM data Импортиране на PEM данни Please enter the original SO PIN (PUK) of the token '%1' Моля, въведете оригиналния SO PIN (PUK) на токена '%1' Search или е търси/тестване на превода и виж/оптимизирай Търсене Please enter the new SO PIN (PUK) for the token '%1' Моля, въведете новия SO PIN (PUK) за токена '%1' The new label of the token '%1' Новият етикет на токена '%1' The token '%1' did not contain any keys or certificates Токенът '%1' не съдържа никакви ключове или сертификати Retry with PIN Опитайте отново с ПИН Retry with SO PIN Опитайте отново със SO PIN Current Password Текуща парола Please enter the current database password Моля, въведете текущата парола за базата данни The entered password is wrong Въведената парола е грешна New Password Нова парола Please enter the new password to encrypt your private keys in the database-file Моля, въведете новата парола, за да шифровате личните си ключове във файла с база данни Transaction start failed Стартирането на транзакцията бе неуспешно Database: %1 База данни: %1 The currently used PFX / PKCS#12 algorithm '%1' is insecure. Използваният в момента PFX / PKCS#12 алгоритъм '%1' е несигурен. Change Промени Certificate Index ( index.txt ) Индекс на сертификата ( index.txt ) All files ( * ) Всички файлове ( * ) Diffie-Hellman parameters saved as: %1 Параметрите на Diffie-Hellman са запазени като: %1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits Параметрите на Diffie-Hellman са необходими за различни приложения, но не се обработват от XCA. Моля, въведете битовете на DH параметъра NewCrl Last update Последна актуализация Next update Следваща актуализация Days Дни Months Месеци Years Години Midnight Полунощ Local time Местно време Apply Приложи Options Опции CRL number CRL номер Subject alternative name Алтернативно име на заглавие Revocation reasons Причини за анулиране Authority key identifier Орган идентификатор на ключ Hash algorithm Хеш алгоритъм Create CRL Създай CRL NewKey Please give a name to the new key and select the desired keysize Моля, дайте име на новия ключ и изберете желания размер на ключа Key properties Свойства на ключа Name Име The internal name of the new key Вътрешното име на новия ключ Curve name Име на крива Usually at least 2048 bit keys are recommended Обикновено се препоръчват поне 2048 битови ключове New Key Нов ключ Keysize Размер на ключа Keytype Тип ключ Remember as default Запомни като по подразбиране Create Създавай NewX509 Source Източник Signing request Искане за подписване Show request Покажи заявката Sign this Certificate signing &request Подпишете тази &заявка за подписване на сертификат Copy extensions from the request Копирайте разширенията от заявката Modify subject of the request Промяна на предмета на заявката Signing Подписване Create a &self signed certificate Създаване на &самоподписан сертификат Use &this Certificate for signing Използвайте &този сертификат за подписване All certificates in your database that can create valid signatures Всички сертификати във вашата база данни, които могат да създават валидни подписи Signature algorithm Алгоритъм за подписване Template for the new certificate Шаблон за новия сертификат All available templates Всички налични шаблони Apply extensions Прилагане на разширения Apply subject Прилагане на тема Apply all Приложи навсякъде Subject Тема Internal Name Вътрешно име Distinguished name Отличително име Add Добавяне Delete Изтриване Private key Частен ключ This list only contains unused keys Този списък съдържа само неизползвани ключове Used keys too Както и използваните ключове &Generate a new key &Създаване на нов ключ Extensions Разширения Type Тип If this will become a CA certificate or not Дали това ще стане CA сертификат или не Not defined Не е посочено Certification Authority Помисли дали да остане СА/или Сертифициращ Орган Certification Authority - Сертифициращ Орган End Entity Краен обект сертификат Path length Помисли за оптимизация на превода Дължина на пътя How much CAs may be below this. Колко CA може да са под това. The basic constraints should always be critical Основните ограничения винаги трябва да бъдат критични Key identifier Идентификатор на ключа Creates a hash of the key following the PKIX guidelines Създава хеш на ключа, следвайки указанията на PKIX Copy the Subject Key Identifier from the issuer Помисли за оптимизация на превода Копирайте идентификатора на ключ на темата от издателя Validity Валидност Not before Не преди това Not after Не след това Time range Времеви период Days Дни Months Месеци Years Години Apply Прилагане Set the time to 00:00:00 and 23:59:59 respectively Задайте часа съответно на 00:00:00 и 23:59:59 Midnight Полунощ Local time Местно време No well-defined expiration Няма ясно дефиниран срок на годност DNS: IP: URI: email: RID: DNS: IP: URI: имейл: RID: Edit Редактиране URI: URI: Key usage Използване на ключ Netscape Netscape Advanced Разширено Validate Валидирайте Comment Коментар This name is only used internally and does not appear in the resulting certificate Това име се използва само вътрешно и не се появява в сертификата, който получавате Critical Критичен Create Certificate signing request Създаване на заявка за подписване на сертификат minimum size: %1 минимален размер: %1 maximum size: %1 максимален размер: %1 only a-z A-Z 0-9 '()+,-./:=? само a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters само 7-битови чисти символи Edit XCA template Редактиране на XCA шаблон Create x509 Certificate Създаване на x509 сертификат Template '%1' applied Шаблонът '%1' е приложен Subject applied from template '%1' Приложена тема от шаблона '%1' Extensions applied from template '%1' Приложени разширения от шаблон '%1' New key '%1' created Новият ключ '%1' е създаден Other Tabs Други раздели Advanced Tab Раздел Разширени Errors Грешки From PKCS#10 request От PKCS#10 заявката Error Грешка duplicate extensions дублирани разширения The Name Constraints are invalid Ограниченията на имената са невалидни The Subject Alternative Name is invalid Алтернативното SAN име е невалидно The Issuer Alternative Name is invalid Алтернативното SAN име на издателя е невалидно The CRL Distribution Point is invalid Точката за разпространение на CRL е невалидна The Authority Information Access is invalid Достъпът до информация за органа е невалиден Abort rollout Прекъсване на внедряването The following length restrictions of RFC3280 are violated: Следните ограничения за дължина на RFC3280 са нарушени: Edit subject Редактиране на темата Continue rollout Продължи с внедряването The verification of the Certificate request failed. The rollout should be aborted. Проверката на заявката за сертификат е неуспешна. Внедрряването трябва да бъде прекратено. Continue anyway Продължете все пак The internal name and the common name are empty. Please set at least the internal name. Вътрешното така и общото име са празни. Моля, задайте поне вътрешното име. Edit name Редактиране на име There is no Key selected for signing. Няма избран ключ за подписване. Select key Изберете ключ The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. Следните записи за отличителни имена са празни: %1 въпреки че сте ги декларирали като задължителни в менюто с опции. The key you selected for signing is not a private one. Ключът, който сте избрали за подписване, не е частен. Select other signer Изберете друг подписващ Select other key Изберете друг ключ The currently selected hash algorithm '%1' is insecure and should not be used. Избраният хеш алгоритъм '%1' е несигурен и не трябва да се използва. Select other algorithm Изберете друг алгоритъм Use algorithm anyway Все пак използвайте алгоритъма The certificate will be earlier valid than the signer. This is probably not what you want. Сертификатът ще бъде валиден по-рано от подписващия. Това вероятно не е това, което искате. Edit dates Редактиране на датите Adjust date and continue Коригирайте датата и продължете The certificate will be longer valid than the signer. This is probably not what you want. Сертификатът ще бъде по-дълъг от този на подписващия. Това вероятно не е това, което искате. The certificate will be out of date before it becomes valid. You most probably mixed up both dates. Сертификатът ще бъде изтекъл, преди да стане валиден. Най-вероятно сте сбъркали и двете дати. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. Сертификатът съдържа невалидни или дублирани разширения. Проверете валидирането в разширения раздел. The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. Сертификатът не съдържа разширения. Можете да приложите разширенията на един от шаблоните, за да определите целта на сертификата. The certificate contains invalid extensions. Сертификатът съдържа невалидни разширения. Edit extensions Редактиране на разширенията The subject alternative name shall contain a copy of the common name. However, the common name is empty. Алтернативното име на темата съдържа копие на общоприетото име. Въпреки това, общото име е празно. A name constraint of the issuer '%1' is violated: %2 Ограничение на името на издателя '%1' е нарушено: %2 Configfile error on line %1 Грешка в конфигурационния файл на ред %1 OidResolver OID Resolver Резолвер на OID Enter the OID, the Nid, or one of the textual representations Въведете OID, Nid или едно от текстовите представяния Search Търсене OID OID Long name Дълго име OpenSSL internal ID OpenSSL вътрешен ID Nid Nid Short name Кратко име OpenDb Open remote database Отваряне на отдалечена база данни Database type Тип база данни Hostname Име на хост Username Потребителско име Password Парола Database name Име на база данни Table prefix Префикс на таблицата No SqLite3 driver available. Please install the qt-sqlite package of your distribution Няма наличен SqLite3 драйвер. Моля, инсталирайте пакета qt-sqlite на вашата дистрибуция Options XCA Options XCA Опции Settings Настройки Default hash algorithm Алгоритъм за хеширане по подразбиране String types Типове низове Suppress success messages Потискане на съобщенията за успех Don't colorize expired certificates Не оцветявай изтекли сертификати Translate established x509 terms (%1 -> %2) Превод на установени x509 термини (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. Функцията за хеширане на токена не се използва от XCA. Въпреки това може да се вземе предвид ограничен хеш-набор, разпространяван от токена. По-специално EC и DSA се дефинират само с SHA1 в спецификацията PKCS#11. Only use hashes supported by the token when signing with a token key Използвайте само хешове, поддържани от токена, когато подписвате с ключ за токен Disable legacy Netscape extensions Деактивирайте наследените разширения на Netscape PKCS12 encryption algorithm PKCS12 алгоритъм за криптиране Certificate expiry warning threshold Предупредителен праг за изтичане на сертификата Send vCalendar expiry reminder Изпратете vCalendar за напомняне при изтичане Serial number length Дължина на серийния номер bit бита Distinguished name Отличително име Mandatory subject entries вместо тема - заглавие Задължителни записи с теми Add или добави/провери при тестване Добавяне Delete или изтрий/провери при тестване Изтриване Explicit subject entries Изрични теми със записи Dynamically arrange explicit subject entries Динамично подреждане на изрични теми Default По подразбиране PKCS#11 provider PKCS#11 доставчик Remove Премахване Search или търси/тествай Търсене Printable string or UTF8 (default) Низ за печат или UTF8 (по подразбиране) PKIX recommendation in RFC2459 По PKIX препоръка в RFC2459 No BMP strings, only printable and T61 Без BMP низове, само за печат и T61 UTF8 strings only (RFC2459) Само UTF8 (RFC2459) низове All strings Всички низове Days Дни Weeks Седмици PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) Паролата се анализира като двуцифрен шестнадесетичен код. Трябва да има четен брой цифри (0-9 и a-f) Take as HEX string Взимане като HEX низ Password Парола Repeat %1 Повтаряне на %1 %1 mismatch %1 несъответствие Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters Шестнадесетичната парола трябва да съдържа само знаците '0' - '9' и 'a' - 'f' и трябва да се състои от четен брой знаци Exit Изход QMessageBox Ok Ок Close Затвори Cancel Отказ Apply Приложи Yes Да No Не QObject Undefined Недефиниран Broken / Invalid Повреден / Невалиден in %1 seconds в %1 секунди %1 seconds ago преди %1 секунди in %1 minutes в %1 минути %1 minutes ago преди %1 минути Yesterday вчера Tomorrow утре in %1 hours в %1 часове %1 hours ago преди %1 часа Out of data Няма данни Error finding endmarker of string Грешка при намиране на крайния маркер на низ Out of Memory at %1:%2 Няма памет в %1:%2 All files ( * ) Всички файлове ( * ) PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK Keys ( *.pvk );; SSH Public Keys ( *.pub );; PKI Ключове ( *.pem *.der *.key );; PKCS#8 Ключове ( *.p8 *.pk8 );; Microsoft PVK Ключове ( *.pvk );; SSH Публични Ключове ( *.pub );; Import RSA key Импортиране на RSA ключ PKCS#10 CSR ( *.pem *.der *.csr );; PKCS#10 CSR ( *.pem *.der *.csr );; Import Request Заявка за импортиране Certificates ( *.pem *.der *.crt *.cer );; Сертификати ( *.pem *.der *.crt *.cer );; Import X.509 Certificate Импортиране на X.509 Сертификат PKCS#7 data ( *.p7s *.p7m *.p7b );; PKCS#7 данни ( *.p7s *.p7m *.p7b );; Import PKCS#7 Certificates Импортиране на PKCS#7 Сертификати PKCS#12 Certificates ( *.p12 *.pfx );; PKCS#12 Сертификати ( *.p12 *.pfx );; Import PKCS#12 Private Certificate Импортиране PKCS#12 Частен сертификат XCA templates ( *.xca );; XCA шаблони ( *.xca );; Import XCA Templates Импортиране на XCA Шаблони Revocation lists ( *.pem *.der *.crl );; Списъци за анулирани сертификати ( *.pem *.der *.crl );; Import Certificate Revocation List Импортиране на списък с анулирани сертификати XCA Databases ( *.xdb );; XCA База данни ( *.xdb );; Open XCA Database Отваряне на XCA База данни OpenVPN tls-auth key ( *.key );; OpenVPN tls-auth ключ ( *.key );; Import OpenVPN tls-auth key Импортиране на OpenVPN tls-auth ключ PKCS#11 library ( *.dll );; PKCS#11 библиотека ( *.dll );; PKCS#11 library ( *.dylib *.so );; PKCS#11 бибилиотека ( *.dylib *.so );; PKCS#11 library ( *.so );; PKCS#11 библиотека ( *.so );; Open PKCS#11 shared library Отваряне на PKCS#11 споделена библиотека PEM files ( *.pem );; PEM файлове ( *.pem );; Load PEM encoded file Зареждане на PEM кодиран файл Please enter the PIN on the PinPad Тествай/провери дали трябва да се преведе към пин пад? Моля, въведете PIN на PinPad Please enter the SO PIN (PUK) of the token %1 Моля, въведете SO PIN (PUK) на токена %1 Please enter the PIN of the token %1 Моля, въведете ПИН кода на токена %1 No Security token found Няма намерен токен за сигурност Select Изберете Please enter the new SO PIN (PUK) for the token: '%1' Моля, въведете новия SO PIN (PUK) за токена: '%1' Please enter the new PIN for the token: '%1' Моля, въведете новия ПИН за токена: '%1' Required PIN size: %1 - %2 Необходим размер на ПИН: %1 - %2 Invalid filename: %1 Невалидно име на файл: %1 Failed to open PKCS11 library: %1: %2 Възникна грешка при отваряне на PKCS11 библиотеката: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Това не изглежда като a PKCS#11 библиотека. Символът 'C_GetFunctionList' не е намерен. Disabled Деактивирано Library loading failed Зареждането на библиотеката бе неуспешно PKCS#11 function '%1' failed: %2 PKCS#11 функцията '%1' бе неуспешно: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 PKCS#11 функцията '%1' бе неуспешно: %2 В библиотеката %3 %4 Invalid Невалиден %1 is shorter than %2 bytes: '%3' Провери тук променливити като подредба/тестване %1 е по-къс от %2 байта: '%3' %1 is longer than %2 bytes: '%3' Провери тук променливити като подредба/тестване %1 е по-дълъг от %2 байта:'%3' String '%1' for '%2' contains invalid characters Низът '%1' за '%2' съдържа невалидни символи Error reading config file %1 at line %2 Грешка при четене на конфигурационен файл %1 на ред %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. Обектът '%1' от файла %2 на ред %3 вече е познат като '%4:%5:%6' и трябва да се премахне. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. Идентификаторът '%1' за OID %2 от файла %3 на ред %4 се използва от различен OID като '%5:%6:%7' и трябва да се промени, за да се избегнат конфликти. Unknown object '%1' in file %2 line %3 Неизвестен обект '%1' във файл %2 ред %3 Failed to start a database transaction Неуспешно стартиране на транзакция в база данни Country code Код на държава State or Province Област или Провинция Locality Местност Organisation Организация Organisational unit Организационна единица Common name Общо име E-Mail address Имейл адрес Serial number Сериен номер Given name Собствено име Surname Фамилия Title Заглавие Initials Инициали Description Описание Role Роля Pseudonym Псевдоним Generation Qualifier Квалификатор на генерацията x500 Unique Identifier x500 уникален идентификатор Name Име DN Qualifier DN Квалификатор Unstructured name Неструктурирано име Challenge password Парола за предизвикателство Basic Constraints Основни ограничения Name Constraints Ограничения за име Subject alternative name Алтернативно име на тема issuer alternative name алтернативно име на издателя Subject key identifier Ключ идентификатор на темата Authority key identifier Идентификатор на ключ на орган Key usage Използване на ключ Extended key usage Разширено използване на ключ CRL distribution points CRL разпределителни точки Authority information access Достъп до информация на органа Certificate type Тип сертификат Base URL Базов URL Revocation URL URL отмяна CA Revocation URL CA URL за отмяна Certificate renewal URL URL за подновяване на сертификата CA policy URL Политика на CA URL SSL server name SSL име на сървър Comment Коментар Index file written to '%1' Индексният файл е написан '%1' Index hierarchy written to '%1' Йерархията на индекса е записана на '%1' Unknown key type %1 Неизвестен тип ключ %1 Failed to write PEM data to '%1' Неуспешен запис на PEM данни в '%1' Password verify error, please try again Грешка при проверка на паролата, моля, опитайте отново The following error occurred: Възникна следната грешка: Failed to update the database schema to the current version Неуспешно актуализиране на схемата на базата данни до текущата версия Password Парола insecure несигурен ReqTreeView Sign Подписване Unmark signed Премахване на подписване Mark signed Подпиши маркираните Similar Request Подобна заявка Certificate request export Експортиране на заявка за сертификат Certificate request ( *.pem *.der *.csr ) Заявка за сертификат ( *.pem *.der *.csr ) RevocationList Manage revocations Управление на анулирани сертификати Add Добавяне Delete Изтриване Edit Редактиране No. Номер. Serial Сериен номер Revocation Отмяна Reason Причина Invalidation Връщане на валидация Generate CRL Създаване на CRL Revoke Certificate revocation Отмяна на сертификата Revocation details Детайли за отмяната Revocation reason Причина за отмяна Local time Местно време Invalid since Невалиден от Serial Сериен номер SearchPkcs11 Directory Директория ... ... Include subdirectories Включване на поддиректории Search Търсене The following files are possible PKCS#11 libraries Следните файлове са възможни PKCS#11 библиотеки SelectToken Security token Токен за сигурност Please select the security token Моля изберете тоукън за сигурност TempTreeView Duplicate Дубликат Create certificate Създай сертификат Create request Създай заявка copy копирай Preset Template values Шаблон с предварителна настройка Template export Експортирай шаблон XCA Templates ( *.xca ) XCA Шаблони ( *.xca ) TrustState Certificate trust Доверие в сертификат Trustment Доверие &Never trust this certificate и Никога не се доверявайте на this сертификат Only trust this certificate if you trust the one who signed it Само се доверете на this сертификат, if се доверявате на този, който го е подписал &Always trust this certificate и Винаги се доверявайте на this сертификат Validity yyyy-MM-dd hh:mm гггг-MM-дд чч:мм X509SuperTreeView OpenSSL config OpenSSL конфигурация Transform Преобразуване Template Шаблон Public key Публичен ключ Save as OpenSSL config Съхрани като OpenSSL конфигурация Config files ( *.conf *.cnf);; All files ( * ) Конфигурационни файлове ( *.conf *.cnf);; Всички файлове ( * ) XFile Error opening file: '%1': %2 Грешка при отваряне на файл: '%1': %2 Error rewinding file: '%1': %2 Грешка при превъртане на файла: '%1': %2 XcaDetail Import Импортиране XcaTreeView Item properties Свойства на елемент Subject entries Предмет записи X509v3 Extensions X509v3 Разширения Netscape extensions Netscape разширения Key properties Свойства на ключа Reset Нулирай Hide Column Скрий колона Details Детайли Columns Колони Export Password Експортиране на парола Please enter the password to encrypt all %n exported private key(s) in: %1 Singular form for 0 or 1 item can be ignored. Will always be called with n >= 2 Формата за единствено число за 0 или 1 елемент може да бъде игнорирана. Винаги ще се извиква с n >= 2 Моля, въведете паролата, за да шифровате всички %n експортирани частни ключа в: %1 Моля, въведете паролата, за да шифровате всички %n експортирани частни ключове в: %1 New Нов Import Импортиране Paste PEM data Поставане на PEM данни Rename Преименувай Properties Свойства Delete Изтриване Export Експортиране Clipboard Клипбоарда File Файл Clipboard format Клипборд формат database_model Please enter the password to access the database server %2 as user '%1'. Моля, въведете паролата за достъп до сървъра на база данни %2 като потребител '%1'. Unable to create '%1': %2 Не може да се създаде '%1': %2 The file '%1' is not an XCA database Файлът '%1' не е XCA база данни No SqLite3 driver available. Please install the qt-sqlite package of your distribution Няма наличен SqLite3 драйвер. Моля, инсталирайте пакета qt-sqlite на вашата дистрибуция New Password Нова парола Please enter a password, that will be used to encrypt your private keys in the database: %1 Моля, въведете парола, която ще се използва за криптиране на личните ви ключове в базата данни: %1 Password Парола Please enter the password for unlocking the database: %1 Моля, въведете паролата за отключване на базата данни: %1 db_base Internal name Вътрешно име No. Номер. Primary key Първичен ключ Database unique number Уникален номер на базата данни Date Дата Date of creation or insertion Дата на създаване или добавяне Source Източник Generated, Imported, Transformed Генериран, импортиран, трансформиран Comment Коментар First line of the comment field Първи ред на полето за коментар Import from: %1 Импортирай от: %1 Could not create directory %1 Не можа да се създаде директория %1 Item properties Свойства на елемент How to export the %1 selected items Как да експортирате %1 избраните елементи All in one PEM file Всички в един PEM файл Each item in one file Всеки елемент в един файл Save %1 items in one file as Съхрани %1 елементи в един файл като PEM files ( *.pem );; All files ( * ) PEM файлове ( *.pem );; Всички файлове ( * ) db_crl Signer Подписващ Internal name of the signer Вътрешно име на подписващия No. revoked Номер. на анулираните Number of revoked certificates Брой анулирани сертификати Last update Последна актуализация Next update Следваща актуализация CRL number CRL номер The revocation list already exists in the database as: '%1' and so it was not imported Списъкът за анулиране вече съществува в базата данни като: '%1' и затова не е импортиран Revocation list export Експортиране на списък с анулирани CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) Failed to initiate DB transaction Неуспешно стартиране на DB транзакция Database error: %1 Грешка в базата данни: %1 db_key Type Тип Size Размер EC Group EC Група Use Използвай Password Парола The key is already in the database as: '%1' and is not going to be imported Ключът вече е в базата данни като: '%1' и няма да се импортира The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key Базата данни вече съдържа публичната част на импортирания ключ като '%1 и ще бъде завършен от новата частна част на ключа Extending public key from %1 by imported key '%2' Разширяване на публичния ключ от %1 чрез импортиран ключ '%2' Key size too small ! Размерът на ключа е твърде малък! You are sure to create a key of the size: %1 ? Сигурни ли сте, че създавате ключ с размер: %1? PEM public публичен PEM SSH2 public публичен SSH2 PEM private частен PEM SSH2 private частен SSH2 Export keys to Clipboard Експортиране на ключовете в клипбоарда Clipboard Клипбоарда Export public key [%1] Експортиране на публичния ключ [%1] DER public публичен DER DER private частен DER PEM encryped PEM криптиран PVK private частен PVK PVK encrypted криптиран PVK PKCS#8 encrypted PKCS#8 криптиран Export private key [%1] Експортиране на частния ключ [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Частни ключове ( *.pem *.der *.pk8 );; SSH Публични ключове ( *.pub ) Internal error Вътрешна грешка Internal key update: The keys: %1 must be updated once by resetting and setting its private password Актуализация на вътрешния ключ: Ключовете: %1 трябва да се актуализират веднъж чрез нулиране и задаване на личната му парола Tried to change password of a token Опитах да променя паролата на токен db_temp Bad template: %1 Лош шаблон: %1 Empty template Празен шаблон Save template as Съхраняване на шаблон като XCA templates ( *.xca );; All files ( * ) XCA шаблони ( *.xca );; Всички файлове ( * ) db_x509 CA CA reflects the basic Constraints extension отразява основното разширение на ограниченията Serial Сериен номер Start date Стартова дата Expiry date Дата на изтичане MD5 fingerprint MD5 отпечатък SHA1 fingerprint SHA1 отпечатък SHA256 fingerprint SHA256 отпечатък Not before Не преди Not after Не след Revocation Анулиране CRL Expiration CRL Изтичане Failed to retrieve unique random serial Неуспешно извличане на уникален произволен сериен номер The certificate already exists in the database as: '%1' and so it was not imported Сертификатът вече съществува в базата данни като: '%1' и затова не е импортиран Signed on %1 by '%2' Подписан на %1 от '%2' Unknown Неизвестен Invalid public key Невалиден публичен ключ PKCS#7 unrevoked PKCS#7 не е отменен PEM unrevoked PEM не е отменен vCalendar vCalendar CA vCalendar CA vCalendar X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) X509 Сертификати ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) The key you selected for signing is not a private one. Ключът, който сте избрали за подписване, не е частен. Failed to create directory '%1' Неуспешно създаване на директория '%1' Store the certificate to the key on the token '%1 (#%2)' ? Съхранявайте сертификата в ключа на токена '%1 (#%2)'? PEM chain PEM верига PKCS#7 chain PKCS#7 верига PKCS#12 chain PKCS#12 верига PKCS#7 all Всички PKCS#7 PEM + key PEM + ключ PEM all Всички PEM Certificate Index file Файл с индекс на сертификата Certificate export Експортиране на сертификат There was no key found for the Certificate: '%1' Не беше намерен ключ за сертификата: '%1' Not possible for a token key: '%1' Невъзможно за токен ключ: '%1' Not possible for the token-key Certificate '%1' Невъзможно за сертификата за токен-ключ '%1' db_x509name Subject Заглавие Complete distinguished name Пълно отличително име Subject hash Хеш на заглавието Hash to lookup certs in directories Хеш за търсене на сертификати в директории db_x509req Signed Подписано whether the request is already signed or not дали заявката вече е подписана или не Unstructured name Неструктурирано име Challenge password Парола за предизвикателство Certificate count Брой сертификати Number of certificates in the database with the same public key Брой сертификати в базата данни с един и същ публичен ключ The certificate signing request already exists in the database as '%1' and thus was not stored Заявката за подписване на сертификат вече съществува в базата данни като '%1' и следователно не е бил съхраняван Certificate request export Експортиране на заявка за сертификат Certificate request ( *.pem *.der *.csr ) Заявка за сертификат ( *.pem *.der *.csr ) db_x509super Key name Име на ключ Internal name of the key Вътрешно име на ключа Signature algorithm Алгоритъм за подписване Key type Тип ключ Key size Размер на ключ EC Group EC Група Extracted from %1 '%2' Извлечено от %1 '%2' Certificate Сертификат Certificate request Заявка на сертификат Save as OpenSSL config Съхрани като OpenSSL конфигурация Config files ( *.conf *.cnf);; All files ( * ) Конфигурационни файлове ( *.conf *.cnf);; Всички файлове ( * ) The following extensions were not ported into the template Следните разширения не бяха пренесени в шаблона Transformed from %1 '%2' Трансформирано от %1 '%2' kvView Type Тип Content Съдържание pass_info Password Парола PIN ПИН pkcs11_lib Failed to open PKCS11 library: %1: %2 Възникна грешка при отваряне на PKCS11 библиотеката: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Това не изглежда като a PKCS#11 библиотека. Символът 'C_GetFunctionList' не е намерен. pki_base Unknown Непознат Imported Импортиран Generated Създаден Transformed Преобразен Token Токен Legacy Database Наследена база данни Renewed Обновен Property '%1' not listed in 'pki_base::print' Свойството '%1' не е посочено в 'pki_base::print' Internal error: Unexpected message: %1 %2 Вътрешна грешка: Неочаквано съобщение: %1 %2 pki_crl Successfully imported the revocation list '%1' Успешно импортиране на списъка за анулиране '%1' Delete the revocation list '%1'? Да се изтрие ли списъкът за анулиране '%1'? Successfully created the revocation list '%1' Успешно е създаден списъкът за отмяна '%1' Delete the %1 revocation lists: %2? Изтриване на списъците с анулирани %1: %2? Delete the %n revocation list(s): '%1'? Изтриване на %n списък за отмяна: '%1'? Изтриване на %n списъка за отмяна: '%1'? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. Не може да се зареди списъкът за анулиране във файл %1. Опитах PEM и DER форматиран CRL. No issuer given Не е предоставен издател CRL Renewal of CA '%1' due Предстои подновяване на CRL на CA '%1' The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' Последният CRL, издаден от CA '%1', ще изтече на %2. Той се съхранява в XCA базата данни '%3' Renew CRL: %1 Преиздаване на CRL: %1 The XCA CRL '%1', issued on %3 will expire on %4. It is stored in the XCA database '%5' XCA CRL '%1', издаден на %3, ще изтече на %4. Той се съхранява в XCA базата данни '%5' pki_evp Please enter the password to decrypt the private key %1. Моля, въведете паролата, за да декриптирате частния ключ %1. The key from file '%1' is incomplete or inconsistent. Ключът от файл '%1' е непълен или противоречив. Please enter the password to decrypt the private key from file: %1 Моля, въведете паролата, за да декриптирате частния ключ от файла: %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. Не може да се зареди частният ключ във файл %1. Опитах PEM и DER частни, публични, PKCS#8 типове ключове и SSH2 формат. Please enter the password to decrypt the private key: '%1' Моля, въведете паролата, за да декриптирате частния ключ: '%1' Password input aborted Въвеждането на парола е прекратено Please enter the database password for decrypting the key '%1' Моля, въведете паролата на базата данни за декодиране на ключа '%1' Decryption of private key '%1' failed Дешифриране на частен ключ '%1' се провали Please enter the password to protect the private key: '%1' Моля, въведете паролата, за да защитите частния ключ: '%1' Please enter the database password for encrypting the key Моля, въведете паролата на базата данни за криптиране на ключа Please enter the password to protect the PKCS#8 key '%1' in file: %2 Моля, въведете паролата, за да защитите PKCS#8 ключа '%1' във файл: %2 Please enter the password to protect the private key '%1' in file: %2 Моля, въведете паролата, за да защитите личния ключ '%1' във файл: %2 Please enter the password protecting the PKCS#8 key '%1' Моля, въведете паролата, защитаваща PKCS#8 ключа '%1' Please enter the password protecting the Microsoft PVK key '%1' Моля, въведете паролата, защитаваща Microsoft PVK ключа '%1' Please enter the export password for the private key '%1' Моля, въведете паролата за експортиране на частния ключ '%1' pki_export PEM Text format with headers PEM Текстов формат с хедери Concatenated list of all selected items in one PEM text file Свързан списък на всички избрани елементи в един PEM текстов файл PEM selected PEM избран Concatenated list of all selected certificates in one PEM text file Свързан списък на всички избрани сертификати в един PEM текстов файл PEM chain PEM верига Concatenated text format of the complete certificate chain in one PEM file Свързан текстов формат на пълната верига от сертификати в един PEM файл The complete certificate chain and the private key of the selected certificate with tags usable in OpenVPN configuration files Пълната верига от сертификати и частният ключ на избрания сертификат с тагове, които могат да се използват в конфигурационните файлове на OpenVPN PEM + key PEM + ключ Concatenation of the certificate and the unencrypted private key in one PEM file Свързване на сертификата и некриптирания частен ключ в един PEM файл Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Свързване на сертификата и криптирания частен ключ във формат PKCS#8 в един файл All unusable Всички неизползваеми Concatenation of all expired or revoked certificates in one PEM file Свързване на всички изтекли или отменени сертификати в един PEM файл PKCS#7 encoded single certificate PKCS#7 кодиран единичен сертификат All selected certificates encoded in one PKCS#7 file Всички избрани сертификати кодирани в един PKCS#7 файл PKCS #7 chain PKCS #7 верига PKCS#7 encoded complete certificate chain PKCS#7 кодирана пълна верига от сертификати PKCS #7 unusable PKCS #7 неизползваем PKCS#7 encoded collection of all expired or revoked certificates PKCS#7 кодирана колекция от всички изтекли или отменени сертификати Binary DER encoded certificate Двоично DER кодиран сертификат PKCS #12 chain PKCS #12 верига The complete certificate chain and the private key as encrypted PKCS#12 file Пълната верига от сертификати и частния ключ като криптиран PKCS#12 файл PKCS #12 PKCS #12 The certificate and the private key as encrypted PKCS#12 file Сертификатът и частния ключ като криптиран PKCS#12 файл Certificate Index file Файл с индекс на сертификата OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool Специфичен за OpenSSL файл с индекс на сертификат, създаден от командата 'ca' и изискван от OCSP инструмента vCalendar vCalendar vCalendar expiry reminder for the selected items vCalendar напомняне за изтичане на избраните елементи CA vCalendar CA vCalendar vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL Напомняне за изтичане чрез vCalendar, съдържащо всички издадени валидни сертификати, самия CA и последния CRL OpenSSL config OpenSSL конфигурация OpenSSL configuration file to create a certificate or request with the openssl commandline tool OpenSSL конфигурационен файл за създаване на сертификат или заявка with инструмента за команден ред openssl OpenVPN tls-auth key OpenVPN tls-auth ключ The OpenVPN tls-auth key is a secret key shared between endpoints Ключът OpenVPN tls-auth е таен ключ, споделен между крайни точки JSON Web Kit JSON Web Kit The public key of the certificate in JSON Web Kit format with X.509 Certificate Thumbprint (x5t) Публичният ключ на сертификата във формат JSON Web Kit с Thumbprint X.509 Certificate (x5t) JSON Web Kit chain JSON Web Kit верига The public key of the certificate in JSON Web Kit format with X.509 Certificate Thumbprint (x5t) and certificate chain (x5c) Публичният ключ на сертификата in формат JSON Web Kit with отпечатък на сертификат X.509 (x5t) и верига от сертификати (x5c) PEM public публичен PEM Text format of the public key in one PEM file Текстов формат на публичния ключ в един PEM файл PEM private частен PEM Unencrypted private key in text format Некриптиран частен ключ в текстов формат PEM encrypted PEM криптиран OpenSSL specific encrypted private key in text format Специфичен за OpenSSL криптиран частен ключ in текстов формат SSH2 private частен SSH2 SSH2 public публичен SSH2 The public key encoded in SSH2 format Публичният ключ, кодиран in формат SSH2 DER public публичен DER Binary DER format of the public key Двоичен DER формат на публичния ключ DER private частен DER Unencrypted private key in binary DER format Некриптиран частен ключ in двоичен DER формат PVK private частен PVK Private key in Microsoft PVK format not encrypted Частният ключ in формат Microsoft PVK не е криптиран XCA template in PEM-like format. Templates include the internal name and comment XCA шаблон in формат, подобен на PEM. Шаблоните включват вътрешно име и коментар All selected XCA templates in PEM-like format. Templates include the internal name and comment Всички избрани XCA шаблони в подобен на PEM формат. Шаблоните включват вътрешно име и коментар PVK encrypted криптиран PVK Encrypted private key in Microsoft PVK format Криптиран частен ключ in формат Microsoft PVK PKCS #8 encrypted PKCS #8 криптиран Encrypted private key in PKCS#8 text format Криптиран частен ключ in текстов формат PKCS#8 PKCS #8 PKCS #8 Unencrypted private key in PKCS#8 text format Некриптиран частен ключ в текстов формат PKCS#8 JSON Web Key private JSON Web частен ключ Unencrypted private key in JSON Web Key format Некриптиран частен ключ in формат JSON Web Ключ JSON Web Key public JSON Web публичен Ключ Public key in JSON Web Key format Публичен ключ in формат JSON Web Ключ Binary DER format of the certificate request Двоичен DER формат на заявката за сертификат Binary DER format of the revocation list Двоичен DER формат на списъка за анулиране vCalendar reminder for the CRL expiry date vCalendar напомняне for датата на изтичане на CRL XCA template in PEM-like format XCA шаблон in формат, подобен на PEM All selected XCA templates in PEM-like format Всички избрани XCA шаблони in подобен на PEM формат pki_key Successfully imported the %1 public key '%2' Успешно импортиран публичен ключ %1 '%2' Delete the %1 public key '%2'? Изтриване на публичния ключ %1 '%2'? Successfully imported the %1 private key '%2' Успешно импортиран частен ключ %1 '%2' Delete the %1 private key '%2'? Изтриване на %1 частен ключ '%2'? Successfully created the %1 private key '%2' Успешно създаден %1 частен ключ '%2' Delete the %1 keys: %2? Изтриване на ключовете %1: %2? Public key Публичен ключ Successfully imported the %1 public key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key Успешно импортиран публичен ключ %1 '%2' Delete the %n %1 public key(s) '%2'? %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal name(s) of the key(s) %1 ще бъде заменен от 'RSA', 'DSA', 'EC'. %2 е/са вътрешното име(на) на ключ(ове) Изтриване на %n %1 публичен ключ '%2'? Изтриване на %n %1 публични ключове '%2'? Successfully imported the %1 private key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key Успешно импортиран частен ключ %1 '%2' Delete the %n %1 private key(s) '%2'? %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal name(s) of the key(s) %1 ще бъде заменен от 'RSA', 'DSA', 'EC'. %2 е/са вътрешното име(на) на ключ(ове) Изтриване на %n %1 частен ключ '%2'? Изтриване на %n %1 частни ключове '%2'? Successfully created the %1 private key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key %1 ще бъде заменен от 'RSA', 'DSA', 'EC'. %2 е вътрешното име на ключа Успешно създаден %1 частен ключ '%2' Common Общо Private Частно Bogus Фалшиви PIN ПИН No password Няма парола Unexpected SSH2 content: '%1' Неочаквано SSH2 съдържание:'%1' Invalid SSH2 public key Невалиден SSH2 публичен ключ Failed writing to %1 Възникна грешка при писането в %1 pki_multi No known PEM encoded items found Не са открити познати PEM кодирани елементи pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 Моля, въведете паролата, за да декодирате на файла PKCS#12: %1 Unable to load the PKCS#12 (pfx) file %1. Не може да се зареди файлът PKCS#12 (pfx) %1. The supplied password was wrong (%1) Предоставената парола е грешна (%1) Please enter the password to encrypt the key of certificate '%1' in the PKCS#12 file: %2 Моля, въведете паролата, за да шифровате ключа на сертификата '%1' във файла PKCS#12: %2 Please enter the password to encrypt the PKCS#12 file Моля, въведете паролата, за да кодирате файла PKCS#12 No key or no Cert and no pkcs12 Без ключ или без сертификат и без pkcs12 pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. Не успях да заредя PKCS#7 %1 файла. Опитах с PEM и DER формат. pki_scard Successfully imported the token key '%1' Успешно импортиран ключ за токен '%1' Delete the token key '%1'? Да се изтрие ли токен ключа '%1'? Successfully created the token key '%1' Успешно е създаден ключът на токена '%1' Delete the %1 keys: %2? Изтриване на ключовете %1: %2? Delete the %n token key(s): '%1'? Да се ​​изтрие ли %n токен ключ: '%1'? Да се ​​изтрие ли %n токен ключове: '%1'? Delete the private key '%1' from the token '%2 (#%3)' ? Изтриване на частния ключ '%1' от токена '%2 (#%3)'? This Key is already on the token Този ключ вече е на токена PIN input aborted Въвеждането на PIN е прекратено Unable to find copied key on the token Не може да се намери копиран ключ на токена Please insert card: %1 %2 [%3] with Serial: %4 Моля, поставете карта: %1 %2 [%3] with сериен номер: %4 Select Slot of %1 Изберете слот на %1 Unable to find generated key on card Не може да се намери генериран ключ на картата Token %1 Токен %1 Failed to find the key on the token Неуспешно намиране на ключа на токена Invalid Pin for the token Невалиден ПИН for токена Failed to initialize the key on the token Неуспешно инициализиране на ключа на токена pki_temp Successfully imported the XCA template '%1' Успешно импортиран XCA шаблон '%1' Delete the XCA template '%1'? Изтриване на XCA шаблона '%1'? Successfully created the XCA template '%1' Успешно създаден XCA шаблон '%1' Delete the %1 XCA templates: %2? Желаете ли изтриване на %1 XCA шаблони: %2? Delete the %n XCA template(s): '%1'? Изтриване на %n XCA шаблон: '%1'? Изтриване на %n XCA шаблони: '%1'? Wrong Size %1 Неправилен размер %1 Template file content error (too small) Грешка в съдържанието на файла на шаблона (твърде малък) Not a PEM encoded XCA Template Не е PEM кодиран XCA шаблон Not an XCA Template, but '%1' Не е XCA шаблон, а '%1' pki_x509 Successfully imported the certificate '%1' Успешно импортиран сертификат '%1' Delete the certificate '%1'? Изтриване на сертификата '%1? Successfully created the certificate '%1' Сертификатът '%1 бе създаден успешно Delete the %1 certificates: %2? Изтриване на сертификатите %1: %2? Delete the %n certificate(s): '%1'? Изтриване на %n сертификата: '%1'? Изтриване на %n сертификати: '%1'? Unable to load the certificate in file %1. Tried PEM and DER certificate. Не може да се зареди сертификатът във файл %1. Опитах PEM и DER сертификат. Invalid OpenVPN tls-auth key Невалиден OpenVPN tls-auth ключ Failed to import tls-auth key Неуспешен import на tls-auth ключ Same tls-auth key already stored for this CA Същият tls-auth ключ вече е съхранен for this CA New tls-auth key successfully imported Новият tls-auth ключ е импортиран успешно Existing tls-auth key successfully replaced Съществуващият tls-auth ключ е заменен успешно This certificate is already on the security token Този сертификат вече е на токена за сигурност Delete the certificate '%1' from the token '%2 (#%3)'? Изтриване на сертификата '%1' от токена '%2 (#%3)'? There is no key for signing ! Няма ключ for подписване! No Не Yes Да Renew certificate: %1 Подновяване на сертификат: %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' XCA сертификатът '%1', издаден на %2, ще изтече на %3. Той се съхранява in XCA базата данни '%4' pki_x509req Signing key not valid (public key) Ключът за подписване не е валиден (публичен ключ) Successfully imported the %1 certificate request '%2' Успешно импортирах %1 сертификат заявката '%2' Delete the %1 certificate request '%2'? Изтриване на %1 заявката за сертификат '%2'? Successfully created the %1 certificate request '%2' Успешно създаде %1 заявка за сертификат '%2' Delete the %1 certificate requests: %2? Изтрийте %1 заявките за сертификат: %2? Successfully imported the PKCS#10 certificate request '%1' Успешно импортирана заявка за сертификат PKCS#10 '%1' Delete the %n PKCS#10 certificate request(s): '%1'? Изтриване на %n PKCS#10 заявка за сертификат: '%1'? Изтриване на %n PKCS#10 заявки за сертификат: '%1'? Successfully created the PKCS#10 certificate request '%1' Успешно създаде заявката за сертификат PKCS#10 '%1' Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. Не може да се зареди заявката за сертификат in файл %1. Опитах PEM, DER и SPKAC формат. Signed Подписано Unhandled Необработено v3ext Copy Common Name Копиране на общото име Add Добавяне Delete Изтриване Apply Приложи Validate Валидност Cancel Отказ An email address or 'copy' Имейл адрес или 'копие' An email address Имейл адрес A registered ID: OBJECT IDENTIFIER Регистриран ID: ИДЕНТИФИКАТОР НА ОБЕКТ A uniform resource indicator Единен индикатор за ресурс A DNS domain name or 'copycn' DNS име на домейн или 'copycn' A DNS domain name DNS име на домейн An IP address IP адрес Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' Синтаксис: <OID>;ВЪВЕДЕТЕ:текстов файл като '1.2.3.4:UTF8:name' No editing. Only 'copy' allowed here Без редакция. Тук е разрешено само 'копиране' Validation failed: '%1' %2 Неуспешна проверка: '%1' %2 Validation successful: '%1' Валидирането е успешно: '%1' xcaWarning The following error occurred: Възникна следната грешка: Copy to Clipboard Копиране в клипбоарда xcaWarningGui Copy to Clipboard Копиране в клипбоарда xca-RELEASE.2.9.0/lang/xca_de.ts000066400000000000000000007633571477156507700161400ustar00rootroot00000000000000 About Done Schliessen CaProperties Next serial for signing Nächste Seriennummer beim signieren Form Days until next CRL issuing Tage bis zur nächsten CRL Default template Standard Template CA Properties CA Einstellungen Use random Serial numbers Verwende zufällige Seriennummern CertDetail Show extensions Erweiterungen anzeigen Show public key Öffentlichen Schlüssel anzeigen This key is not in the database. Dieser Schlüssel ist nicht in der Datenbank. Not available Nicht verfügbar No verification errors found. Keine Verifikationsfehler gefunden. Revoked at %1 Zurückgezogen am %1 Details of the certificate Details des Zertifikates Signer unknown Unterzeichner unbekannt Self signed Selbstsigniert Not trusted Nicht vertrauenswürdig Trusted Vertrauenswürdig Revoked: Zurückgezogen: Not valid Nicht gültig Valid Gültig Details of the certificate signing request Details des Zertifikatsantrags Details of the Certificate Details des Zertifikates S&tatus S&tatus Serial Seriennummer The serial number of the certificate Die Seriennummer des Zertifikats The internal name of the certificate in the database Der interne Name des Zerifikats in der Datenbank Internal name Interner Name Signature algorithm Signatur algorithmus Signature Unterschrift Key Schlüssel Fingerprints Fingerprints SHA1 SHA1 MD5 MD5 A SHA-1 hashsum of the certificate Eine SHA-1 Summe des Zertifikats An md5 hashsum of the certificate Eine md5 Summe des Zertifikats Status Status SHA256 SHA256 A SHA-256 hashsum of the certificate Eine SHA-256 Summe des Zertifikats Validity Gültigkeit The time since the certificate is valid Beginn der Zertifikatsgültigkeit The time until the certificate is valid Ablaufdatum des Zertifikats Subject Inhaber Issuer Aussteller Extensions Erweiterungen Validation Überprüfung Purposes Verwendungszweck Strict RFC 5280 validation Strenge Prüfung der RFC 5280 Regeln Comment Kommentar &Subject Inha&ber &Issuer &Aussteller Attributes Attribute &Extensions &Erweiterungen Show config Konfiguration anzeigen CertExtend This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. Hiermit wird ein neues Zertifikat als Kopie des alten Zertifikats erstellt, mit neuer Seriennummer und aktueller Gültigkeit. Validity Gültigkeit Not before Nicht vor dem Not after Nicht nach dem Time range Zeitspanne Days Tage Months Monate Years Jahre Midnight Mitternacht Apply Übernehmen Revoke old certificate Altes Zertifikat zurückziehen Replace old certificate Altes Zertifikat ersetzen Keep serial number Seriennummer übernehmen Certificate renewal Zertifikatsverlängerung Local time Ortszeit No well-defined expiration Undefiniertes Ablaufdatum The certificate will be earlier valid than the signer. This is probably not what you want. Das Zertifikat is früher gültig als der Aussteller. Dies ist wahrscheinlich ungewollt. Edit times Zeiten einstellen Edit dates Zeiten einstellen Abort rollout Ausstellung abbrechen Continue rollout Ausstellung fortführen Adjust date and continue Datum anpassen und fortführen The certificate will be longer valid than the signer. This is probably not what you want. Das Zertifikat ist länger gültig als der Aussteller. Dies ist wahrscheinlich nicht gewollt. CertTreeView Hide unusable certificates Unbenutzbare Zertifikate verbergen Import PKCS#12 Import PKCS#12 Import from PKCS#7 Import aus PKCS #7 Request Zertifikatsantrag Security token Chipkarte Other token Andere Chipkarte Similar Certificate Ähnliches Zertifikat Delete from Security token Von der Chipkarte löschen CA CA Properties Eigenschaften Generate CRL CRL erstellen Manage revocations Sperrlisteneinträge bearbeiten Import OpenVPN tls-auth key OpenVPN tls-auth Schlüssel importieren Plain View Einfache Ansicht Tree View Baumansicht days Tage No template Keine Vorlage CA Properties CA Einstellungen Certificate export Zertifikatsexport X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) X509 Zertifikate ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) vCalendar entry ( *.ics ) vCalendar Ereignisse ( *.ics ) OpenVPN file ( *.ovpn ) OpenVPN Datei ( *.ovpn ) OpenVPN tls-auth key ( *.key ) OpenVPN tls-auth Schlüssel ( *.key ) Trust Vertrauen Renewal Verlängerung Revoke Sperren Unrevoke Sperrung aufheben CertView There was no key found for the Certificate: Es wurde kein Schlüssel gefunden für das Zertifikat: Import Certificate signing request Zertifikatsantrag importieren ClickLabel Double click for details Doppelklick für Details CrlDetail Name Name Serial Seriennummer Revocation Sperrung Reason Grund Invalidation Ungültig seit Failed Fehlgeschlagen Verification not possible Überprüfung nicht möglich Unknown signer Unterzeichner unbekannt Unknown certificate Unbekanntes Zertifikat Details of the Revocation list Details der Sperrliste &Status &Status Version Version Signature Unterschrift Signed by Unterschrieben von The internal name of the CRL in the database Der interne Name der CRL in der Datenbank issuing dates Ausstellungszeiten Next update Nächstes Update Last update Letztes update Comment Kommentar Next Update Nächstes Update Last Update Letztes Update &Issuer &Aussteller &Extensions &Erweiterungen &Revocation list &Sperrliste 0 0 CrlTreeView There are no CA certificates for CRL generation Es existieren keine CA Zertifikate für eine CRL generierung Select CA certificate CA Zertifikat wählen Revocation list export Sperrliste exportieren CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) vCalendar entry ( *.ics ) vCalendar Ereignisse ( *.ics ) ExportCert X509 Certificates ( *.cer *.crt *.p12 *.p7b);;All files ( * ) X509 Zertifikate ( *.cer *.crt *.p12 *.p7b);;Alle Dateien ( * ) DER is a binary format of the Certificate PEM is a base64 encoded Certificate PKCS#7 is an official Certificate exchange format PKCS#12 is an encrypted official Key-Certificate exchange format DER ist das Binärformat des Zertifikats PEM ist ein base64 kodiertes Zertifikat PKCS#7 ist ein offizielles Zertifikatsaustauschformat PKCS#12 ist ein verschlüsseltes, offizielles Austauschformat für Zertifikats/Schlüssel paare Please enter the filename for the certificate. Bitte geben sie den Dateinamen des Zertifikats ein. Certificate export Zertifikatsexport ExportDer All files ( * ) Alle Dateien ( * ) DER is a binary format PEM is a base64 encoded DER file DER ist ein Binärformat PEM ist eine base64 kodierte PEM Datei im Textformat ExportDialog Name Name The internal name of the CRL in the database Der interne Name der CRL in der Datenbank ... ... Filename Dateiname Each Item in a separate file Jedes Element in eine eigene Datei Same encryption password for all items Selbes Verschlüsselungspasswort für alle Elemente Export comment into PEM file Kommentar in die PEM Datei übernehmen Please enter the filename Bitte den Dateinamen eingeben Export Format Exportformat All files ( * ) Alle Dateien ( * ) PEM Text format with headers PEM Textformat mit Kopf- und Fußzeilen Concatenated list of all selected items in one PEM text file Aneinandergereihte Liste aller ausgewählter Einträge in eine PEM Text Datei Concatenated text format of the complete certificate chain in one PEM file Aneinandergehängte Zertifikatskette in einer PEM Datei Concatenated text format of all trusted certificates in one PEM file Alle vertrauenswürdigen Zertifikate aneinandergehängt in einer PEM Datei Concatenated text format of all certificates in one PEM file Alle Zertifikate aneinandergehängt in einer PEM Datei Binary DER encoded file Binäre DER formatierte Datei PKCS#7 encoded single certificate Einzelnes Zertifikat im PKCS#7 format PKCS#7 encoded complete certificate chain Vollständige Zertifikatskette in einer PKCS#7 Datei All trusted certificates encoded in one PKCS#7 file Alle vertrauenswürdigen Zertifikate in einer PKCS#7 Datei Concatenated text format of all unrevoked certificates in one PEM file Alle ungesperrten Zertifikate hintereinander in einer PEM Textdatei All unrevoked certificates encoded in one PKCS#7 file Alle nicht zurückgezogenen Zertifikate in einer PKCS#7 Datei All selected certificates encoded in one PKCS#7 file Alle ausgewählten Zertifikate in einer PKCS#7 Datei All certificates encoded in one PKCS#7 file Alle Zertifikate in einer PKCS#7 Datei The certificate and the private key as encrypted PKCS#12 file Das Zertifikat und der zugehörige private Schlüssel als verschlüsselte PKCS#12 Datei The complete certificate chain and the private key as encrypted PKCS#12 file Die vollständige Zertifikatskette und der private Schlüssel als verschlüsselte PKCS#12 Datei Concatenation of the certificate and the unencrypted private key in one PEM file Das PEM Zertifikat und der unverschlüsselte private PEM Schlüssel in einer Textdatei Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Das PEM Zertifikat und der unverschlüsselte private PKCS#8 Schlüssel in einer Textdatei Text format of the public key in one PEM file Eine PEM Textdatei mit dem öffentlichen Schlüssel Binary DER format of the public key Der öffentliche Schlüssel in einer binären DER Datei Unencrypted private key in text format Der unverschlüsselte private Schlüssel in einer PEM Textdatei OpenSSL specific encrypted private key in text format OpenSSL spezifischer privater Schlüssel im Textformat Unencrypted private key in binary DER format Unverschlüsselter privater Schlüssel in einer binären DER Datei Unencrypted private key in PKCS#8 text format Unverschlüsselter privater Schlüssel in einer PKCS#8 Textdatei Encrypted private key in PKCS#8 text format Verschlüsselter privater Schlüssel in einer PKCS#8 Textdatei The public key encoded in SSH2 format Der öffentliche Schlüssel im SSH2 Format OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool OpenSSL spezifische Zertifikatsindexdatei in dem Format wie sie von dem OpenSSL 'ca' kommando erzeugt und von der OCSP Funktion benötigt wird vCalendar expiry reminder for the selected items Fälligkeitserinnerung für alle ausgewählten Elemente im vCalendar Format vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL Fälligkeitserinnerung für alle ausgestellten Zertifikate, der CA und der letzten CRL im vCalendar Format Private key in Microsoft PVK format not encrypted Nicht verschlüsselter privater Schlüssel im Microsoft PVK Format Encrypted private key in Microsoft PVK format Verschlüsselter privater Schlüssel in einer Microsoft PVK-Datei Certificate Index file Zertifikatsindexdatei %n selected item(s) Ausgewähltes Element %n ausgewählte Elemente The file: '%1' already exists! Die Datei '%1' existiert bereits! Overwrite Überschreiben Do not overwrite Nicht überschreiben The path: '%1' exist, but is not a file Der Pfad: '%1' existiert, ist aber keine Datei The path: '%1' exist, but is not a directory Der Pfad: '%1' existiert, ist aber kein Verzeichnis The directory: '%1' does not exist. Should it be created? Das Verzeichnis: '%1' existiert nicht. Soll es angelegt werden? Create Erstellen Failed to create directory '%1' Das Verzeichnis '%1' konnte nicht angelegt werden Directory Verzeichnis ExportKey Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub );; All files ( * ) Private Schlüssel ( *.pem *.der *.pk8 );; Öffentliche SSH Schlüssel ( *.pub );; Alle Dateien ( * ) Please enter the filename for the key. Bitte geben Sie den Dateinamen für den Schlüssel ein. Export public %1 key Öffentlichen %1 Schlüssel exportieren Export %1 key %1 Schlüssel exportieren DER is a binary format of the key without encryption PEM is a base64 encoded key with optional encryption PKCS#8 is an encrypted official Key-exchange format DER ist ein binärformat ohne Passwort sicherung PEM ist ein base64 codierter Schlüssel mit optionaler Passwort sicherung PKCS#8 ist ein offizielles Austauschformat für Passwort gesicherte Schlüssel When exporting the private key it should be encrypted. Der Private Schlüssel sollte beim Export durch ein Passwort geschützt werden. When exporting the private part, it should be encrypted. Wenn der private Teil mit exportiert wird, sollte er verschlüsselt werden. E&xport the private part of the Key too Den privaten Teil des Schlüssels mit e&xportieren Export as PKCS#8 Exportieren als PKCS#8 &Encrypt the Key with a password D&en Schlüssel mit einem Passwort sichern Private keys ( *.pem *.der *.pk8 );;All files ( * ) Private Schlüssel ( *.pem *.der *.pk8 );;Alle Dateien ( * ) Form last update Letztes Update next update Nächstes Update Days Tage Months Monate Years Jahre Apply Übernehmen Midnight Mitternacht Local time Ortszeit No well-defined expiration Undefiniertes Ablaufdatum Help << << >> >> &Done &Fertig ImportMulti Details Details Import &All &Alle importieren &Import &Import &Done &Fertig The type of the Item '%1' is not recognized Unbekannter Typ bei '%1' Details of the item '%1' cannot be shown Details von '%1' können nicht angezeigt werden The type of the item '%1' is not recognized Unbekannter Typ bei '%1' Could not open the default database Die Standarddatenbank konnte nicht geöffnet werden The file '%1' did not contain PKI data Die Datei '%1' enthielt keine verwendbaren Daten The %1 files: '%2' did not contain PKI data Die %1 Dateien: '%2' enthielten keine verwendbaren Daten Import PKI Items Importieren &Remove from list &Aus Liste entfernen Delete from token Von der Chipkarte löschen Rename on token Auf der Chipkarte umbenennen Name: %1 Model: %2 Serial: %3 Name: %1 Modell: %2 Seriennummer: %3 Manage security token Chipkarte verwalten ItemProperties Name Name Source Herkunft Insertion date Einfügezeitpunkt Comment Kommentar KeyDetail Not available Nicht verfügbar Available Verfügbar Name Name The internal name of the key used by xca Der interne Name in der Datenbank Keysize Schlüssellänge Private Exponent Privater Exponent Security Token Chipkarte Label Bezeichnung PKCS#11 ID PKCS#11 ID Token information Chipkarteninformation Model Modell Fingerprint Fingerabdruck Comment Kommentar Public Exponent Öffentlicher Exponent Modulus Modulus Sub prime Sub prime Public key Öffentlicher Schlüssel Private key Privater Schlüssel Security token Chipkarte Manufacturer Hersteller Serial Seriennummer Key Schlüssel Token Chipkarte Curve name Kurvenname Details of the %1 key Details des %1 Schlüssels Security token ID:%1 Chipkarte ID:%1 Unknown key Unbekannter Schlüssel KeyTreeView Clipboard format Format für die Zwischenablage Change password Passwort ändern Reset password Passwort zurücksetzen Change PIN PIN ändern Init PIN with SO PIN (PUK) PIN mithilfe der SO PIN (PUK) initialisieren Change SO PIN (PUK) SO PIN (PUK) ändern Security token Chipkarte This is not a token Dies ist keine Smartcard Key export Schlüsselexport SSH Private Keys ( *.priv ) Private SSH Schlüssel ( *.priv ) Microsoft PVK Keys ( *.pvk ) Microsoft PVK Schlüssel ( *.pvk ) Export public key [%1] Export des öffentlichen Schlüssels [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Private Schlüssel ( *.pem *.der *.pk8 );; Öffentliche SSH Schlüssel ( *.pub ) Tried to change PIN of a key Die PIN eines Schlüssels ohne Chipkarte kann nicht geändert werden Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable Soll der Originalschlüssel '%1' durch den Chipkartenschlüssel ersetzt werden? Dies löscht den Schlüssel '%1' und macht ihn nicht-exportierbar MainWindow Password Passwort Password verify error, please try again Die Passwort überprüfung ist fehlgeschlagen Search Suchen Please enter the new SO PIN (PUK) for the token '%1' Bitte die neue SO PIN (PUK) für '%1' eingeben Retry with PIN Wiederholen mit PIN Retry with SO PIN Wiederholen mit SO PIN Current Password Aktuelles Passwort Please enter the current database password Bitte das aktuelle Passwort eingeben The entered password is wrong Das angegebene Passwort war falsch New Password Neues Passwort Transaction start failed Transaktionsstart fehlgeschlagen The currently used PFX / PKCS#12 algorithm '%1' is insecure. Der aktuell verwendete PFX/PKCS#12 Algorithmus '%1' ist unsicher. Change Ändern Please enter a password, that will be used to encrypt your private keys in the database: %1 Bitte das Passwort zur Verschlüsselung der privaten Schlüssel in der Datenbank %1 eingeben The following error occurred: Der folgende Fehler ist aufgetreten: Copy to Clipboard In die Zwischenablage &Close DataBase Datenbank s&chliessen &Content &Inhalt &About Ü&ber &File D&atei Recent DataBases Zuletzt geöffnet System System Croatian Kroatisch English Englisch French Französisch German Deutsch Japanese Japanisch Korean Koreanisch Russian Russisch Slovak Slowakisch Spanish Spanisch Persian Persisch Bulgarian Bulgarisch Polish Polnisch Italian Italienisch Chinese Chinesisch Dutch Niederländisch Portuguese in Brazil Brasilianisches Portugiesisch Indonesian Indonesisch Turkish Türkisch Language Sprache Open Remote DataBase Netzwerkdatenbank öffnen Paste PEM file PEM Datei Einfügen Token Chipkarte Extra Extra &Export Certificate Index Zertifikatsindex &exportieren &Export Certificate Index hierarchy Zertifikatsindexhierarchie &exportieren OID Resolver OID Resolver &Help &Hilfe Database dump ( *.dump );; All files ( * ) Datenbankausgabe ( *.dump );; Alle Dateien ( * ) Private Keys Private Schlüssel &New Key &Neuer Schlüssel &Export &Export &Import &Import Import PFX (PKCS#12) Import PFX (PKCS#12) &Show Details Detail&s anzeigen &Delete &Löschen Certificate signing requests Zertifikatsanträge &New Request &Neuer Zertifikatsantrag Certificates Zertifikate &New Certificate &Neues Zertifikat Import &PKCS#12 Import &PKCS#12 Import P&KCS#7 Import P&KCS#7 Plain View Einfache Ansicht Templates Vorlagen &New Template &Neue Vorlage &New CRL &Neue Sperrliste &New template &Neue Vorlage Ch&ange Template Vorl&age ändern Revocation lists Sperrlisten Database: %1 Datenbank: %1 The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. Das aktuell verwendete Standard-Hash-Verfahren '%1' gilt als unsicher. Aus Sicherheitsgründen sollte mindestens SHA-224 gewählt werden. Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Veraltetes Datenbankformat entdeckt. Eine Sicherheitskopie mit dem Namen: '%1' wird erstellt und die Datenbank in das neue Format umgewandelt Failed to rename the database file, because the target already exists Datenbank konnte nicht umbenannt werden, da die Zieldatei bereits existiert No deleted items found Keine gelöschten Einträge gefunden Errors detected and repaired while deleting outdated items from the database. A backup file was created Beim Löschen veralteter Datenbankeinträge wurden Fehler erkannt und repariert. Eine Backup-datei wurde erstellt Removing deleted or outdated items from the database failed. Das Entfernen gelöschter oder veralteter Elemente aus der Datenbank ist Fehlgeschlagen. &Dump DataBase &Datenbank ausgeben &Import old db_dump Alten db_dump &Importieren &Undelete items &Gelöschte Einträge wiederherstellen Options Optionen New DataBase Neue Datenbank Open DataBase Datenbank öffnen Close DataBase Datenbank schliessen Keys Schlüssel Requests Zertifikatsanträge PKCS#12 PKCS#12 PKCS#7 PKCS#7 Template Vorlage Revocation list Sperrliste PEM file PEM Datei Content Inhalt Donations Spenden Import password Import Passwort Please enter the password of the old database Bitte das Passwort der alten Datenbank eingeben Password verification error. Ignore keys ? Falsches Passwort. Schlüssel ignorieren ? Import anyway Trotzdem importieren I&mport I&mport paste PEM file PEM datei (copy+paste) About Über Database dump ( *.dump );;All files ( * ) Database dump ( *.dump );;All files ( * ) Import PEM data PEM daten importieren The new label of the token '%1' Die neue Bezeichnung der Chipkarte '%1' Please enter the new password to encrypt your private keys in the database-file Bitte das neue Passwort zur Verschlüsselung der privaten Schlüssel in der Datenbank eingeben Please enter a password, that will be used to encrypt your private keys in the database file: %1 Bitte geben Sie ein Passwort an um die privaten Schlüssel in der Datenbank %1 zu verschlüsseln Please enter the password for unlocking the database: %1 Bitte geben Sie das Passwort ein um die Datenbank %1 zu öffnen Certificate Index ( index.txt ) Zertifikatsindex ( index.txt ) All files ( * ) Alle Dateien ( * ) Diffie-Hellman parameters saved as: %1 Diffie-Hellmann Parameter gespeichert als: %1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits Diffie-Hellman Parameter werden von anderen Applikationen benötigt. XCA verwendet oder speichert sie aber nicht. Bitte die DH Parameter bits angeben &New DataBase &Neue Datenbank &Open DataBase Datenbank &Öffnen &Init Security token Chipkarte &initialisieren Export Certificate &Index hierarchy Zertifikats&indexhierarchie exportieren C&hange DataBase password Da&tenbankpasswort ändern Exit Beenden no such option: %1 unbekannte option: %1 Using or exporting private keys will not be possible without providing the correct password Die Benutzung oder der Export privater Schlüssel ist nur mit dem richtigen Datenbankpasswort möglich Please enter the original SO PIN (PUK) of the token '%1' Die alte SO PIN (PUK) für die Chipkarte '%1' eingeben Please enter the new SO PIN (PUK) of the token '%1' Die neue SO PIN (PUK) für die Chipkarte '%1' eingeben The token '%1' did not contain any keys or certificates Die Chipkarte '%1' enthält keine Schlüssel oder Zertifikate Error opening file: '%1': %2 Öffnen der Datei '%1' fehlgeschlagen: %2 Generate DH parameter DH Parameter erstellen Set as default DataBase Als Standarddatenbank &Token &Chipkarte &Manage Security token Chipkarte &verwalten &Change PIN &PIN ändern Change &SO PIN &SO PIN ändern Init PIN PIN initialisieren NewCrl Create CRL CRL erstellen Dates Zeiten next update Nächstes Update last update Letztes Update Days Tage Months Monate Years Jahre Midnight Mitternacht Local time Ortszeit Apply Übernehmen CRL number CRL Nummer Hash algorithm Hash algorithmus Hashing algorithm Hash algorithmus Extensions Erweiterungen Authority key identifier Authority key identifier Subject alternative name Subject alternative name Last update Letztes update Next update Nächstes Update Options Optionen CRL Number CRL Nummer Revocation reasons Sperrungsgrund NewKey New key Neuer Schlüssel Please give a name to the new key and select the desired keysize Bitte geben Sie dem Schlüssel einen Namen und wählen Sie die gewünschte Schlüssellänge Key properties Schlüsseleigenschaften Name Name Curve name Kurvenname Keysize Schlüssellänge Usually 1024 or 2048 bit keys are used Normalerweise werden 1024 oder 2048 bit Schlüssel verwendet Remember as default Als Standard speichern The internal name of the new key Interner Name des neuen Schlüssels New Key Neuer Schlüssel Usually at least 2048 bit keys are recommended Heutzutage wird eine Mindestlänge von 2048 bit empfohlen Keytype Schlüsseltyp Curve Kurve Create Erstellen NewX509 Create Erstellen Source Herkunft Signing request Zertifikatsantrag Show request Request anzeigen Country code Länder code State or Province Bundesland, Kreis Locality Ort Organisation Firma Organisational unit Firmenabteilung Common name Üblicher Name E-Mail address E-Mail Adresse Sign this Certificate signing &request Diesen Zertifikatsant&rag unterschreiben Copy extensions from the request Erweiterungen aus dem Zertifikatsantrag kopieren Signing Unterschreiben Create a &self signed certificate with the serial Erstelle ein &Selbst signiertes Zertifikat mit der Serien nummer If you leave this blank the serial 00 will be used Wenn Sie dieses Feld frei lassen wird die Seriennummer 00 verwendet 1 1 All certificates in your database that can create valid signatures Alle Zertifikate aus der Datenbank, die gültige Unterschriften leisten können Signature algorithm Signatur-Algorithmus Template for the new certificate Vorlage für das neue Zertifikat All available templates Alle verfügbaren Vorlagen Internal Name Interner Name Apply Übernehmen Subject Inhaber Create a &self signed certificate Selbst&signiertes Zertifikat erstellen Use &this Certificate for signing Verwende dieses Zertifika&t zum Unterschreiben Distinguished name Eindeutiger Name This name is only used internally and does not appear in the resulting certificate Dieser Name wird nur intern verwendet und erscheint nicht im Zertifikat Must be exactly 2 letter of size (DE, UK) Muss exakt 2 Zeichen lang sein (DE,UK) Internal name Interner Name Add Hinzufügen Delete Löschen Private key Privater Schlüssel This list only contains unused keys Diese Liste enthält nur unbenutzte Schlüssel Used keys too auch verwendete Schlüssel &Generate a new key &Erstelle einen neuen Schlüssel Extensions Erweiterungen Basic constraints Grundsätzliche Einschränkungen Type Typ If this will become a CA certificate or not Ob dies ein CA Zertifikat wird oder nicht Not defined Nicht definiert Certification Authority Zertifikats Authorität End Entity End Instanz Path length Pfadlänge How much CAs may be below this. Wieviele CAs in der Kette unter diesem sein dürfen. The basic constraints should always be critical Die "basic constraints" sollten immer "critical" sein Key identifier Schlüsselkennung Creates a hash of the key following the PKIX guidelines Erstellt eine hashsumme nach PKIX Vorgaben Copy the Subject Key Identifier from the issuer Kopiere den "Subject key identifier" vom Aussteller Validity Gültigkeit Not before Nicht vor dem Not after Nicht nach dem Time range Zeitspanne Days Tage Months Monate Years Jahre Set the time to 00:00:00 and 23:59:59 respectively Stell die Zeiten auf 00:00:00 und 23:59:59 Midnight Mitternacht Local time Ortszeit Authority Info Access Ausstellerinformationszugang CRL distribution point CRL Verteilungsstelle issuer alternative name Alternativer Ausstellername URI: URI: can be altered by the file "aia.txt" Kann in der Datei "aia.txt" angepasst werden Edit Bearbeiten DNS: IP: URI: email: RID: DNS: IP: URI: email: RID: subject alternative name Alternativer Eigentümername Key usage Schlüsselverwendung Extended key usage Erweiterte Schlüsselverwendung Netscape Netscape CA Revocation URL CA Sperrlisten URL Revocation URL Sperrlisten URL SSL server name SSL Servername Certificate renewal URL Zertifikatsverlängerungs URL Comment Kommentar CA policy URL CA Richtlinien URL Base URL Basis URL Create a &self signed certificate with a MD5-hashed QA serial Erstelle ein &Selbst signiertes Zertifikat mit eine MD5-gehashten Serien nummer Create Certificate signing request Erstelle einen Zertifikatsantrag XCA template XCA Vorlage Create x509 Certificate Erstelle x509 Zertifikat Abort rollout Ausstellung abbrechen The following length restrictions of RFC3280 are violated: Die folgenden Längenbeschränkungen aus RFC3280 werden verletzt: The internal name and the common name are empty. Please set at least the internal name. Der interne Name und der commonName sind leer. Bitte mindestens den internen Namen setzen. There is no Key selected for signing. Es ist kein Schlüssel zum Signieren ausgewählt. Continue rollout Ausstellung fortführen The certificate will be out of date before it becomes valid. You most probably mixed up both dates. Das Zertifikat wird abgelaufen sein, bevor es gültig wurde. Wahrscheinlich sind die Zeiten vertauscht. Modify subject of the request Inhaberinformation "subject" des Zertifikatsantrags ändern Advanced Erweitert Validate Überprüfen The verification of the Certificate request failed. The rollout should be aborted. Die Validierung des Requests ist fehlgeschlagen. Die Zertifikatserstellung sollte abgebrochen werden. Continue anyway Trotzdem fortfahren No well-defined expiration Undefiniertes Ablaufdatum Edit name Namen editieren Select key Schlüssel auswählen The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. Die folgenden Subject-name Einträge sind leer: %1, obwohl sie im Optionen-menu als notwendig deklariert wurden. Edit subject Subject editieren Edit dates Zeiten einstellen The key you selected for signing is not a private one. Der ausgewählte Schlüssel zum signieren ist nicht vollständig. Critical Wichtig Create XCA template XCA Vorlage erstellen Edit XCA template XCA Vorlage ändern Template '%1' applied Vorlage '%1' angewendet Subject applied from template '%1' Eigentümerinformation aus Vorlage '%1' angewendet Extensions applied from template '%1' Erweiterungen aus Vorlage '%1' angewendet New key '%1' created Der Schlüssel '%1' wurde neu erstellt Error Fehler duplicate extensions Doppelte Erweiterung The Name Constraints are invalid Die 'Name-Constraints' sind ungültig The Subject Alternative Name is invalid Der alternative Eigentümername (Subject Alternative Name) ist ungültig The Issuer Alternative Name is invalid Der alterative Ausstellername (Issuer Alternative Name) ist ungültig The CRL Distribution Point is invalid Die CRL Verteilungsstelle (CRL Distribution Point) ist ungültig The Authority Information Access is invalid Der Ausstellerinformationszugriff (Authority information access) is ungültig Select other signer Andere CA wählen Select other key Anderen Schlüssel wählen The currently selected hash algorithm '%1' is insecure and should not be used. Der aktuell gewählte Hash-algorithmus '%1' ist nicht sicher und sollte nicht verwendet werden. Select other algorithm Anderen Algorithmus wählen Use algorithm anyway Algirithmus trotzdem verwenden The certificate will be earlier valid than the signer. This is probably not what you want. Das Zertifikat is früher gültig als der Aussteller. Dies ist wahrscheinlich ungewollt. Adjust date and continue Datum anpassen und fortführen The certificate will be longer valid than the signer. This is probably not what you want. Das Zertifikat ist länger gültig als der Aussteller. Dies ist wahrscheinlich nicht gewollt. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. Das Zertifikat enthält ungültige oder duplizierte Extensions. Bitte prüfen Sie die Validierung auf dem Erweitert Reiter. The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. Das Zertifikat enthält keine Erweiterungen. Sie sollten die Erweiterungen aus einer der Vorlagen anwenden, um den Zweck des Zertifikats zu definieren. The certificate contains invalid extensions. Das Zertifikat enthält ungültige Erweiterungen. Edit extensions Extensions editieren The subject alternative name shall contain a copy of the common name. However, the common name is empty. Der 'subject alternative name' (SAN) soll vom 'common name' kopiert werden. Dieser ist allerdings leer. A name constraint of the issuer '%1' is violated: %2 Eine Namenseinschränkung des Ausstellers '%1' wurde verletzt: %2 Apply extensions Erweiterungen übernehmen Apply subject Subject übernehmen Apply all Alles übernehmen minimum size: %1 Mindestlänge: %1 maximum size: %1 Maximallänge: %1 only a-z A-Z 0-9 '()+,-./:=? nur die Zeichen a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters Keine Sonderzeichen oder Umlaute From PKCS#10 request Aus dem PKCS#10 Zertifikatsantrag Other Tabs Andere Tabs Advanced Tab Erweiterter Tab Errors Fehler Configfile error on line %1 Fehler in der Konfigurationsdatei in Zeile %1 OidResolver OID Resolver OID Resolver Enter the OID, the Nid, or one of the textual representations Die OID, die Nid oder den Text eingeben Search Suchen OID OID Long name Kurzbezeichner Ausführliche Bezeichnung OpenSSL internal ID Interne OpenSSL ID Nid Nid Short name Kurzbezeichnung OpenDb Open remote database Netzwerkdatenbank öffnen Database type Datenbanktyp Hostname Rechnername Username Benutzername Password Passwort Database name Datenbankname Table prefix Tabellen Prefix No SqLite3 driver available. Please install the qt-sqlite package of your distribution Kein SQLite3 Treiber verfügbar. Bitte das qt-sqlite Paket der Paketdistribution installieren Please enter the password to access the database server %2 as user '%1'. Bitte das Datenbankpasswort des Benutzers '%1' für die Datenbank auf '%2' eingeben. The database driver does not support transactions. This may happen if the client and server have different versions. Continue with care. Der Datenbanktreiber unterstützt keine Transaktionen. Dies kann vorkommen, wenn client und server unterschiedliche Versionen haben. Options Mandatory subject entries Pflichtfelder im subject-name Add Hinzufügen Delete Löschen Default hash algorithm Standard Hash Algorithmus Settings Einstellungen String types Zeichenkettentyp Suppress success messages Erstellungs- und Importnachrichten unterdrücken Don't colorize expired certificates Abgelaufene Zertifikate nicht farblich markieren Translate established x509 terms (%1 -> %2) Feststehende x509 Begriffe übersetzen (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. Die Hash funktionen der Smartcard werden von XCA nicht verwendet. Die Smartcard kann einen eingeschränkten Satz an Hash-funktionen anbieten. Insbesondere sind in der PKCS#11 Spezifikation EC und DSA signaturen nur mit SHA1 definiert. Only use hashes supported by the token when signing with a token key Verwende nur von der Smartcard angebotene Hash-funktionen Disable legacy Netscape extensions Veraltete Netscape Erweiterungen abschalten PKCS12 encryption algorithm PKCS#12 Verschlüsselungsalgorithmus Certificate expiry warning threshold Zeitpunkt der Zertifikatsablauferinnerung Send vCalendar expiry reminder Zertifikatsablauferinnerung in vCalendar Serial number length Länge der Seriennummer bit bit Distinguished name Eindeutiger Name Explicit subject entries Besondere Namensteile Dynamically arrange explicit subject entries Besondere Namensteile dynamisch anordnen Default Standard PKCS#11 provider PKCS#11 anbieter Remove Entfernen Search Suchen UTF8 strings only (RFC2459) Nur UTF8 Zeichenketten (RFC2459) Printable string or UTF8 (default) PKIX recommendation in RFC2459 No BMP strings, only printable and T61 All strings Days Tage Weeks Wochen Load failed Laden fehlgeschlagen XCA Options XCA Optionen PwDialog Password Passwort Repeat %1 %1 wiederholen %1 mismatch Keine %1 übereinstimmung Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters Das Passwort wird als 2stelliger hex-code interpretiert. Er muss eine gradstellige Anzahl der Zeichen 0-9 und a-f enthalten Exit Beenden E&xit B&eenden The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) Das Passwort wird als 2 stelliger hex-code interpretiert. Er muss eine grade Anzahl an Ziffern enthalten (0-9 und a-f) Take as HEX string Als HEX Zeichenkette interpretieren QMessageBox Close Schliessen Cancel Abbrechen Apply Übernehmen Yes Ja No Nein QObject Import RSA key Import von RSA Schlüssel PKCS#10 CSR ( *.pem *.der *.csr );; PKCS#10 Zertifikatsantrag ( *.pem *.der *.csr );; Import Request Import von Zertifikatsanträgen Import X.509 Certificate Import von X.509 Zertifikaten Import PKCS#7 Certificates Import von PKCS#7 Zertifikaten Import PKCS#12 Private Certificate Import von PKCS#12 Privaten Zertifikaten Import XCA Templates Import von XCA Vorlagen Open XCA Database Öffnen einer XCA Datenbank Import Certificate Revocation List Importiere Zertifikatsrücknahmeliste PKI Keys ( *.pem *.der *.key );;PKCS#8 Keys ( *.p8 *.pk8 );; PKI Schlüssel ( *.pem *.der *.key );;PKCS#8 Schlüssel ( *.p8 *.pk8 );; PKI Keys ( *.pem *.der *.key );;PKCS#8 Keys ( *.p8 *.pk8 );;SSH Public Keys ( *.pub );; PKI Schlüssel ( *.pem *.der *.key );;PKCS#8 Schlüssel ( *.p8 *.pk8 );; Öffentliche SSH2 Schlüssel ( *.pub );; PKCS#10 CSR ( *.pem *.der *.csr );;Netscape Request ( *.spkac *.spc );; PKCS#10 CSR ( *.pem *.der *.csr );;Netscape Request ( *.spkac *.spc );; PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; SSH Public Keys ( *.pub );; PKI Schlüssel ( *.pem *.der *.key );; PKCS#8 Schlüssel ( *.p8 *.pk8 );; Öffentliche SSH Schlüssel ( *.pub );; PKCS#10 CSR ( *.pem *.der *.csr );; Netscape Request ( *.spkac *.spc );; PKCS#10 CSR ( *.pem *.der *.csr );; Netscape Request ( *.spkac *.spc );; PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK Keys ( *.pvk );; SSH Public Keys ( *.pub );; PKI Schlüssel ( *.pem *.der *.key );; PKCS#8 Schlüssel ( *.p8 *.pk8 );; Microsoft PVK Schlüssel ( *.pvk );; Öffentliche SSH Schlüssel ( *.pub );; Certificates ( *.pem *.der *.crt *.cer );; Zertifikate ( *.pem *.der *.crt *.cer );; PKCS#7 data ( *.p7s *.p7m *.p7b );; PKCS#7 Daten ( *.p7s *.p7m *.p7b );; PKCS#12 Certificates ( *.p12 *.pfx );; PKCS#12 Zertifikate ( *.p12 *.pfx );; XCA templates ( *.xca );; XCA Vorlagen ( *.xca);; Revocation lists ( *.pem *.der *.crl );; Sperrliste ( *.pem *.der *.crl );; XCA Databases ( *.xdb );; XCA Datenbanken ( *.xdb );; OpenVPN tls-auth key ( *.key );; OpenVPN tls-auth Schlüssel ( *.key ) Import OpenVPN tls-auth key OpenVPN tls-auth Schlüssel importieren PKCS#11 library ( *.dylib *.so );; PKCS#11 Bibliothek ( *.dylib *.so );; PEM files ( *.pem );; PEM Dateien ( *.pem );; Load PEM encoded file Lade PEM codierte Datei Invalid Ungültig %1 is shorter than %2 bytes: '%3' %1 ist kürzer als %2 bytes: '%3' %1 is longer than %2 bytes: '%3' %1 ist länger als %2 bytes: '%3' All files ( * ) Alle Dateien ( * ) Undefined Undefiniert Broken / Invalid Ungültig in %1 seconds In %1 Sekunden %1 seconds ago Vor %1 Sekunden in %1 minutes In %1 Minuten %1 minutes ago Vor %1 Minuten Yesterday Gestern Tomorrow Morgen in %1 hours In %1 Stunden %1 hours ago Vor %1 Stunden DB: Rename: '%1' already in use DB: Rename: '%1' wird bereits verwendet DB: Entry to rename not found: %1 DB: Eintrag zur Umbenennung nicht gefunden: %1 PKCS#11 library ( *.dll );; PKCS#11 library ( *.so );; Open PKCS#11 shared library PKCS#11 library öffnen DB: Write error %1 - %2 Datenbank: Schreibfehler %1 - %2 Please enter the PIN on the PinPad Bitte die PIN am Lesegerät eingeben Please enter the SO PIN (PUK) of the token %1 Bitte die SO PIN (PUK) der Chipkarte %1 eingeben Please enter the PIN of the token %1 Bitte die PIN der Chipkarte %1 eingeben No Security token found Keine Chipkarte gefunden Out of Memory at %1:%2 Kein Speicher verfügbar %1: %2 Out of data zuwenig Daten Error finding endmarker of string Fehlerhafter String Select Auswählen Please enter the new SO PIN (PUK) for the token: '%1' Bitte die neue SO PIN (PUK) für die Chipkarte '%1' eingeben Please enter the new PIN for the token: '%1' Bitte die neue PIN der Chipkarte %1 eingeben Failed to open PKCS11 library: %1 Die PKCS#11 Bibliothek %1 konnte nicht geöffnet werden Invalid filename: %1 Ungültiger Dateiname: %1 Failed to open PKCS11 library: %1: %2 PKCS11 Bibliothek %1 konnte nicht geöffnet werden: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Dies scheint keine PKCS#11 Bibliothek zu sein. Sie enthält nicht das Symbol 'C_GetFunctionList'. Disabled Deaktiviert Library loading failed Laden der Bibliothek fehlgeschlagen PKCS#11 function '%1' failed: %2 PKCS#11 Funktion '%1' fehlgeschlagen: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 PKCS#11 Funktion '%1' fehlgeschlagen: %2 in Bibliothek %3 %4 Required PIN size: %1 - %2 Benötigte PIN länge: %1 - %2 Country code Länder code State or Province Bundesland, Kreis Locality Ort Organisation Firma Organisational unit Firmenabteilung Common name Allgemeine Bezeichnung E-Mail address E-Mail Adresse Serial number Seriennummer Given name Vorname Surname Nachname Title Titel Initials Initialien Description Beschreibung Role Rolle Pseudonym Pseudonym Generation Qualifier Generierungskennzeichnung x500 Unique Identifier Eindeutige x500 Identifizierung Name Name DN Qualifier DN Kennzeichnung Unstructured name Unstrukturierter Name Challenge password Passwort nach Aufforderung Basic Constraints Basiseinschränkungen Name Constraints Namenseinschränkungen Subject alternative name Alternativer Eigentümername OCSP Must Staple OCSP Stapeling erforderlich subject alternative name Alternativer Eigentümername issuer alternative name Alternativer Ausstellername Subject key identifier Inhaberschlüssel identifizierung Authority key identifier Ausstellerschlüssel identifizierung Key usage Schlüsselverwendung Extended key usage Erweiterte Schlüsselverwendung CRL distribution points CRL Verteilungspunkte Authority information access Aussteller informations zugriff Certificate type Zertifikatstyp Base URL Basis URL Revocation URL Sperrlisten URL CA Revocation URL CA Sperrlisten URL Certificate renewal URL Zertifikatsverlängerungs URL CA policy URL CA Richtlinien URL SSL server name SSL Servername Comment Kommentar String '%1' for '%2' contains invalid characters Der Text '%1' für '%2' enthält ungültige Zeichen Error reading config file %1 at line %2 Fehler beim Einlesen der Konfigurationsdatei %1 in Zeile %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. Das Objekt '%1' aus der Datei %2 in Zeile %3 ist bereits bekannt als '%4:%5:%6' und sollte entfernt werden. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. Der Bezeichner '%1' für die OID %2 aus der Datei %3 in Zeile %4 wird bereits für die OID '%5:%6:%7' verwendet und sollte entfernt werden. Unknown object '%1' in file %2 line %3 Unbekanntes Objekt '%1' in Datei %2 in Zeile %3 Failed to start a database transaction Datenbanktransaktionsinitialisierung fehlgeschlagen Index file written to '%1' Index Datei gespeichert als '%1' Index hierarchy written to '%1' Index Hierarchie gespeichert als '%1' Unknown key type %1 Unbekannter Schlüsseltyp %1 Failed to write PEM data to '%1' Die PEM Daten konnten nicht nach '%1' geschrieben werden Password verify error, please try again Die Passwort überprüfung ist fehlgeschlagen The following error occurred: Der folgende Fehler ist aufgetreten: Failed to update the database schema to the current version Die Datenbank konnte nicht auf das neue Schema aktualisiert werden Password Passwort insecure Unsicher ReqTreeView Sign Unterschreiben Unmark signed Markiere als unsigniert Mark signed Markiere als signiert Similar Request Ähnlicher Zertifikatsantrag Certificate request export Zertifikatsantrag exportieren Certificate request ( *.pem *.der *.csr ) Zertifikatsantrag ( *.pem *.der *.csr ) RevocationList Manage revocations Sperrlisteneinträge bearbeiten Add Hinzufügen Delete Löschen Edit Bearbeiten No. Nr. Serial Seriennummer Revocation Sperrung Reason Grund Invalidation Ungültig seit Generate CRL CRL erstellen Revoke Revocation details Details der Sperrliste Invalid since Ungültig seit Local time Ortszeit Certificate revocation Zertifikatsrückzug Revocation reason Sperrgrund Serial Seriennummer SearchPkcs11 Directory Verzeichnis ... ... Include subdirectories Unterverzeichnisse einschliessen Search Suchen The following files are possible PKCS#11 libraries Die folgenden Dateien sind mögliche PKCS#11 Bibliotheken SelectToken Select Token Chipkarte auswählen Security token Chipkarte Please select the security token Bitte wählen Sie die Chipkarte TempTreeView Duplicate Duplizieren Create certificate Zertifikat erstellen Create request Zertifikatsantrag erstellen copy kopie Preset Template values Vorlagenwerte voreinstellen Template export Vorlagenexport XCA Templates ( *.xca ) XCA Vorlagen ( *.xca ) TrustState Certificate trust Zertifikatsvertrauensstatus Trustment Vertrauen &Never trust this certificate &Niemals diesem Zertifikat vertrauen Only &trust this certificate, if we trust the signer Nur dann ver&trauen, wenn wir dem Aussteller vertrauen &Always trust this certificate Diesem Zertifikat immer vertr&auen Set trustment of the Certificate Vertrauenseinstellung des Zertifikats Validity yyyy-MM-dd hh:mm dd.MM.yyyy hh:mm X509SuperTreeView OpenSSL config OpenSSL Konfiguration Transform Umwandeln Template Vorlage Public key Öffentlicher Schlüssel Save as OpenSSL config OpenSSL Konfiguration speichern Config files ( *.conf *.cnf);; All files ( * ) Konfigurations dateien ( *.conf *.cnf);; Alle Dateien ( * ) Public Key Öffentlicher Schlüssel XFile Error opening file: '%1': %2 Fehler beim Öffnen der Datei %1: %2 Error rewinding file: '%1': %2 Fehler beim Zurückspulen der Datei %1: %2 XcaDetail Import Import XcaTreeView Subject entries Namensteile X509v3 Extensions X509v3 Erweiterungen Netscape extensions Netscape Erweiterungen Key properties Schlüsseleigenschaften Reset Zurücksetzen Remove Column Spalte ausblenden Item properties Eigenschaften Hide Column Spalte ausblenden Details Details Columns Spalten Export Password Exportpasswort Please enter the password to encrypt all %n exported private key(s) in: %1 Singular form for 0 or 1 item can be ignored. Will always be called with n >= 2 Bitte das Passwort eingeben, mit dem der exportierte private Schlüssel in: '%1' verschlüsselt werden soll Bitte das Passwort eingeben mit dem alle %n exportierten privaten Schlüssel in: '%1' verschlüsselt werden sollen New Neu Import Import Paste PEM data Einfügen (PEM) Rename Umbenennen Properties Eigenschaften Delete Löschen Export Export Clipboard Zwischenablage File Datei Clipboard format Format für die Zwischenablage database_model Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Veraltetes Datenbankformat entdeckt. Eine Sicherheitskopie mit dem Namen: '%1' wird erstellt und die Datenbank in das neue Format umgewandelt Failed to rename the database file, because the target already exists Datenbank konnte nicht umbenannt werden, da die Zieldatei bereits existiert Please enter the password to access the database server %2 as user '%1'. Bitte das Datenbankpasswort des Benutzers '%1' für die Datenbank auf '%2' eingeben. Unable to create '%1': %2 Kann '%1' nicht erstellen: %2 The file '%1' is not an XCA database Die Datei '%1' ist keine XCA Datenbank No SqLite3 driver available. Please install the qt-sqlite package of your distribution Kein SQLite3 Treiber verfügbar. Bitte das qt-sqlite Paket der Paketdistribution installieren New Password Neues Passwort Please enter a password, that will be used to encrypt your private keys in the database: %1 Bitte das Passwort zur Verschlüsselung der privaten Schlüssel in der Datenbank %1 eingeben Password Passwort Please enter the password for unlocking the database: %1 Bitte geben Sie das Passwort ein um die Datenbank %1 zu öffnen db_base Internal name Interner Name Reset Zurücksetzen Subject entries Namensteile Bad database item Name: %1 Type: %2 Size: %3 %4 Problematischer Datenbankeintrag Name: %1 Typ: %2 Grösse %3 %4 Do you want to delete the item from the database? The bad item may be extracted into a separate file. Soll der Eintrag aus der Datenbank gelöscht werden? Der problematische Eintrag kann in eine separate Datei extrahiert werden. Delete Löschen Delete and extract Löschen und extrahieren Continue Weiter Error opening file: '%1': %2 Fehler beim Öffnen der Datei %1: %2 No. Nr. Primary key Primärschlüssel Database unique number Eindeutige Nummer des Eintrags in der Datenbank Date Datum Date of creation or insertion Datum der Erstellung oder des Einfügens Source Herkunft Generated, Imported, Transformed Generiert, Importiert, Umgewandelt Comment Kommentar First line of the comment field Erste Zeile des Kommentarfelds Import from: %1 Importiert aus: %1 Could not create directory %1 Verzeichnis %1 konnte nicht erstellt werden Item properties Eigenschaften How to export the %1 selected items Wie sollen die %1 ausgewählten Einträge exportiert werden All in one PEM file Alles in eine PEM Datei Each item in one file Jeder Eintrag in eine separate Datei Save %1 items in one file as %1 Einträge in einer Datei speichern PEM files ( *.pem );; All files ( * ) PEM Dateien ( *.pem );; All files ( * ) PEM Files( *.pem );; All files ( * ) PEM Dateien ( *.pem );; Alle Dateien ( * ) X509v3 Extensions X509v3 Erweiterungen Netscape extensions Netscape Erweiterungen Paste PEM data Einfügen (PEM) Columns Spalten db_crl Signer Aussteller Internal name of the signer Interner Name des Ausstellers No. revoked Anzahl Number of revoked certificates Anzahl zurückgezogener Zertifikate Last update Letztes update Next update Nächstes Update CRL number CRL Nummer CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) There are no CA certificates for CRL generation Es existieren keine CA Zertifikate für eine CRL generierung Select CA certificate CA Zertifikat wählen Create CRL CRL erstellen Failed to initiate DB transaction Datenbanktransaktion konte nicht gestartet werden Database error: %1 Datenbankfehler: %1 Database error: Datenbankfehler: Revocation list export Sperrliste exportieren Import Import Rename Umbenennen Export Export Clipboard Zwischenablage File Datei Delete Löschen The revocation list already exists in the database as: '%1' and so it was not imported Die Sperrliste existiert bereits in der Datenbank als: '%1' daher wurde sie nicht importiert db_key Key size too small ! Schlüsselgrösse zu klein ! New Key Neuer Schlüssel Import Import Rename Umbenennen Show Details Details anzeigen Export Export Delete Löschen Change password Passwort ändern Reset password Passwort zurücksetzen Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable Soll der Originalschlüssel '%1' durch den Chipkartenschlüssel ersetzt werden? Dies löscht den Schlüssel '%1' und macht ihn nicht-exportierbar Type Typ Size Länge EC Group EC Gruppe Use Benutzt Password Passwort Extending public key from %1 by imported key '%2' Öffentlicher Schlüssel vom %1 durch dem importierten Schlüssel '%2' erweitert Clipboard Zwischenablage File Datei Change PIN PIN ändern Init PIN with SO PIN (PUK) PIN mithilfe der SO PIN (PUK) initialisieren Change SO PIN (PUK) SO PIN (PUK) ändern Store on Security token Auf der Chipkarte speichern Export public key [%1] Export des öffentlichen Schlüssels [%1] PEM public PEM öffentlich DER public DER öffentlich SSH2 public SSH2 öffentlich DER private DER privat PEM encryped PEM verschlüsselt PKCS#8 PKCS#8 PEM private PEM privat SSH2 private SSH2 Privat Export keys to Clipboard Schlüssel In die Zwischenablage exportieren PVK private PVK privat PVK encrypted PVK verschlüsselt PKCS#8 encrypted PKCS#8 verschlüsselt Export private key [%1] Privaten Schlüssel exportieren [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Private Schlüssel ( *.pem *.der *.pk8 );; Öffentliche SSH Schlüssel ( *.pub ) Internal error Interner Fehler Internal key update: The keys: %1 must be updated once by resetting and setting its private password Interne Schlüsselaktualisierung: Die Schlüssel: %1 müssen einmal aktualisiert werden indem das Passwort zurück gesetzt und neu gesetzt wird Tried to change password of a token The key is already in the database as: '%1' and is not going to be imported Der Schlüssel ist bereits in der Datenbank als: '%1' und wird daher nicht importiert The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key Die Datenbank enthält schon den öffentlichen Schlüssel '%1' und wird duch den importierten, privaten Teil vervollständigt You are sure to create a key of the size: %1 ? Soll wirklich ein Schlüssel der Grösse %1 erstellt werden ? db_temp Type Typ Nothing Nichts Empty template Leere Vorlage Preset Template values Vorlagenwerte voreinstellen XCA templates ( *.xca );; All files ( * ) XCA Vorlagen ( *.xca );; All files ( * ) copy kopie Save template as Vorlage speichern als New Template Neue Vorlage Import Import Rename Umbenennen Export Export Change Ändern Delete Löschen Duplicate Duplizieren Create certificate Zertifikat erstellen Create request Zertifikatsantrag erstellen XCA templates ( *.xca);; All files ( * ) XCA Vorlagen ( *.xca);; All files ( * ) Bad template: %1 Ungültige Vorlage %1 db_x509 Serial Seriennummer md5 fingerprint md5 Fingerprint sha1 fingerprint sha1 Fingerprint sha256 fingerprint sha256 Fingerprint Start date Gültigkeitsbeginn not Before not Before Expiry date Ablaufdatum not After not After MD5 fingerprint MD5 Kennung SHA1 fingerprint SHA1 Kennung SHA256 fingerprint SHA256 Kennung Not before Nicht vor dem Not after Nicht nach dem Trust state Vertrauensstatus Revocation Sperrung CRL Expiration CRL Ablauf Plain View Einfache Ansicht Tree View Baumansicht Failed to retrieve unique random serial Fehler beim Generieren einer eindeutigen zufälligen Seriennummer Signed on %1 by '%2' Am %1 ausgestellt durch '%2' Unknown Unbekannt Invalid public key Ungültiger öffentlicher Schlüssel PKCS#7 unrevoked PKCS#7 nicht gesperrt PEM unrevoked PEM nicht gesperrt vCalendar vCalendar CA vCalendar CA vCalendar X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) X509 Zertifikate ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) days Tage No template Keine Vorlage The key you selected for signing is not a private one. Der ausgewählte Schlüssel zum signieren ist nicht vollständig. Failed to create directory '%1' Verzeichnis '%1' konnte nicht angelegt werden PKCS#7 chain PKCS#7 Zertifikatskette PKCS#12 chain PKCS#12 Zertifikatskette PKCS#7 trusted PKCS#7 vertrauenswürdig PKCS#7 all Alle PKCS#7 New Certificate Neues Zertifikat Import Import Import PKCS#12 Import PKCS#12 Import from PKCS#7 Import von PKCS #7 Rename Umbenennen Show Details Details anzeigen Extract public Key Öffentlichen Schlüssel extrahieren Export Export Clipboard Zwischenablage File Datei Request Zertifikatsantrag OpenSSL config OpenSSL Konfiguration Delete Löschen Trust Vertrauen CA CA reflects the basic Constraints extension Zeigt den Inhalt der basic constraints erweiterung Transform Umwandeln Public Key Öffentlicher Schlüssel Similar Certificate Ähnliches Zertifikat Properties Eigenschaften Generate CRL CRL erstellen PKCS#7 PKCS#7 Sign Unterschreiben Encrypt Verschlüsseln Renewal Verlängerung Unrevoke Sperrung aufheben Revoke Sperrung Certificate export Zertifikatsexport X509 Certificates ( *.pem *.cer *.crt *.p12 *.p7b ) X509 Zertifikate ( *.cer *.crt *.p12 *.p7b ) Not possible for a token key: '%1' Nicht möglich für einen Chipkartenschlüssel '%1' There was no key found for the Certificate: Es wurde kein Schlüssel gefunden für das Zertifikat: File to be signed Zu signierende Datei All Files ( * ) Alle Dateien ( * ) File to be encrypted Zu verschlüsselnde Datei days Tage Security token Chipkarte Template Vorlage Delete from Security token Von der Chipkarte löschen The certificate already exists in the database as: '%1' and so it was not imported Das Zertifikat existiert bereits in der Datenbank als: '%1' und wurde daher nicht importiert PEM chain PEM Kette PKCS #7 chain PKCS #7 Kette PKCS #12 chain PKCS #12 Kette PEM + key PEM + Schlüssel PKCS #7 trusted PKCS #7 vertrauenswürdig PKCS #7 all PKCS #7 alle PEM trusted PEM vertrauenswürdig PEM all PEM alle Certificate Index file Zertifikatsindexdatei There was no key found for the Certificate: '%1' Es wurde kein Schlüssel für das Zertifikat: '%1' gefunden Error opening file: '%1': %2 Fehler '%2' beim öffnen det Datei '%1' Not possible for the token-key Certificate '%1' Nicht möglich für das Chipkartenzertifikat '%1' Store the certificate to the key on the token '%1 (#%2)' ? Soll das Zertifikat zum privaten Schlüssel auf der Chipkarte '%1' mit der Seriennummer %2 abgelegt werden ? Other token Andere Chipkarte db_x509name Subject Inhaber Complete distinguished name Vollständiger name Subject hash Namenshash Hash to lookup certs in directories OpenSSL Prüfsumme zum Auffinden von Zertifikaten in Verzeichnissen Country code Länder code State or Province Bundesland, Kreis Locality Ort Organisation Firma Organisational unit Firmenabteilung Common name Allgemeine Bezeichnung E-Mail address E-Mail Adresse Serial number Seriennummer Given name Vorname Surname Nachname Title Titel Initials Initialien Description Beschreibung Role Rolle Pseudonym Pseudonym Generation Qualifier Generierungskennzeichnung x500 Unique Identifier Eindeutige x500 Identifizierung Name Name DN Qualifier DN Kennzeichnung Unstructured name Unstrukturierter Name Challenge password Passwort nach Aufforderung Basic Constraints Basiseinschränkungen subject alternative name Alternativer Eigentümername issuer alternative name Alternativer Ausstellername Subject key identifier Inhaberschlüssel identifizierung Authority key identifier Ausstellerschlüssel identifizierung Key usage Schlüsselverwendung Extended key usage Erweiterte Schlüsselverwendung CRL distribution points CRL Verteilungspunkte Authority information access Aussteller informations zugriff Certificate type Zertifikatstyp Base URL Basis URL Revocation URL Sperrlisten URL CA Revocation URL CA Sperrlisten URL Certificate renewal URL Zertifikatsverlängerungs URL CA policy URL CA Richtlinien URL SSL server name SSL Servername Comment Kommentar db_x509req Certificate request ( *.pem *.der *.crl ) Zertifikatsantrag ( *.pem *.der *.crl ) Certificate request export Zertifikatsantrag exportieren New Request Neuer Zertifikatsantrag Import Import Extract public Key Öffentlichen Schlüssel extrahieren Rename Umbenennen Show Details Details anzeigen Sign Unterschreiben Export Export Clipboard Zwischenablage OpenSSL config OpenSSL Konfiguration Transform Umwandeln Public Key Öffentlicher Schlüssel Similar Request Ähnlicher Zertifikatsantrag Delete Löschen Signed Signiert whether the request is already signed or not Ob der Zertifikatsantrag bearbeitet wurde oder nicht Unstructured name unstrukturierter Name Challenge password Challenge-Passwort Certificate count Zertifikatszähler Number of certificates in the database with the same public key Anzahl an Zertifikaten in der Datenbank mit dem gleichen öffentlichen Schlüssel Certificate request ( *.pem *.der *.csr ) Zertifikatsantrag ( *.pem *.der *.csr ) File Datei Template Vorlage The certificate signing request already exists in the database as '%1' and thus was not stored Der Request existiert bereits in der Datenbank als '%1' und wurde daher nicht importiert db_x509super Key name Schlüsselname Internal name of the key Interner name des Schlüssels Signature Algorithm Signatur algorithmus Signature algorithm Signatur algorithmus Key type Schlüsseltyp Key size Schlüsselgröße EC Group EC Gruppe Extracted from %1 '%2' Extrahiert aus %1 '%2' Certificate Zertifikat Certificate request Zertifikatsantrag Save as OpenSSL config OpenSSL Konfiguration speichern Config files ( *.conf *.cnf);; All files ( * ) Konfigurations dateien ( *.conf *.cnf);; Alle Dateien ( * ) The following extensions were not ported into the template Die folgenden Extensions wurden nicht ins Template übertragen Transformed from %1 '%2' Umgewandelt von %1 '%2' kvView Type Typ Content Inhalt pass_info Password Passwort PIN PIN pkcs11_lib Failed to open PKCS11 library: %1: %2 PKCS11 Bibliothek %1 konnte nicht geöffnet werden: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Dies scheint keine PKCS#11 Bibliothek zu sein. Sie enthält nicht das Symbol 'C_GetFunctionList'. pki_base Error opening file: '%1': %2 Öffnen der Datei %1 fehlgeschlagen: %2 Error writing to file: '%1': %2 Fehler beim Schreiben der Datei: '%1': %2 Unknown Unbekannt Imported Importiert Generated Erstellt Transformed Umgewandelt Token Chipkarte Legacy Database Alte Datenbank Renewed Erneuert Property '%1' not listed in 'pki_base::print' Eigenschaft '%1' in 'pki_base::print' nicht aufgeführt Error: Fehler: Internal error: Unexpected message: %1 %2 Interner Fehler: Unerwartete Nachricht: %1 %2 pki_crl Delete the revocation list '%1'? Die Sperrliste '%1' löschen? Successfully created the revocation list '%1' Die Sperrliste '%1' wurde erfolgreich erstellt Delete the %1 revocation lists: %2? Die %1 Sperrlisten: %2 löschen? Delete the %n revocation list(s): '%1'? Die Sperrliste '%1' löschen? Die %n Sperrlisten: %1 löschen? No issuer given Keine Austeller angegeben CRL Renewal of CA '%1' due CRL erneuerung der CA '%1' fällig The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' Die neueste von CA '%1' ausgestellte CRL wird am %2 ablaufen. Sie ist in der XCA Datenbank '%3' gespeichert The XCA CRL '%1', issued on %3 will expire on %4. It is stored in the XCA database '%5' Die am %3 ausgestellte XCA CRL '%1' wird am %4 ablaufen. Diese ist in der XCA Datenbank '%5' gespeichert unknown unbekannt Renew CRL: %1 CRL %1 erneuern The XCA CRL '%1', issued by the CA '%2' on %3 will expire on %4. It is stored in the XCA database '%5' Die XCA CRL '%1', ausgestellt von der CA '%2' am %3 wird am %4 ablaufen. Diese ist in der XCA Datenbank '%5' gespeichert Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. Konnte die Sperrliste %1 nicht laden. Ist weder eine PEM noch eine DER formatierte CRL. Successfully imported the revocation list '%1' Die Sperrliste '%1' wurde erfolgreich importiert Wrong Size %1 Ungültige Größe %1 pki_evp Failed to decrypt the key (bad password) Konnte den Schlüssel nicht entschlüsseln. (Falsches Passwort) Password input aborted Passworteingabe abgebrochen Please enter the password to protect the private key: '%1' Bitte geben sie das Passwort zur Verschlüsselung des privaten Schlüssels: '%1' ein Unable to load the private key in file %1. Tried PEM and DER private, public and PKCS#8 key types. Der Schlüssel aus der Datei %1 konnte nicht geladen werden. Private und öffentliche, sowie PKCS#8 Schlüssel im PEM und DER format wurden versucht. Failed to decrypt the key (bad password) %1 Konnte den Schlüssel nicht entschlüsseln. (Falsches Passwort) %1 Please enter the password to decrypt the private key. Bitte geben sie das Passwort zur Entschlüsselung des privaten Schlüssels ein. Please enter the password to decrypt the private key %1. Bitte das Passwort zur Entschlüsselung des privaten Schlüssels '%1' eingeben. The key from file '%1' is incomplete or inconsistent. Der Schlüssel aus der Datei '%1' ist unvollständig oder inkonsistent. Please enter the password to decrypt the private key from file: %1 Bitte das Passwort zur Entschlüsselung der Schlüsseldatei %1 eingeben Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. Der Schlüssel aus der Datei %1 konnte nicht geladen werden. Private und öffentliche, sowie SSH2 und PKCS#8 Schlüssel im PEM und DER format wurden versucht. Please enter the password to protect the PKCS#8 key '%1' in file: %2 Bitte geben sie das Passwort zur Verschlüsselung des PKCS#8 Schlüssels: '%1' in %2 ein Please enter the password to protect the private key '%1' in file: %2 Bitte geben sie das Passwort zur Verschlüsselung des privaten Schlüssels: '%1' in %2 ein Ignoring unsupported private key Ignoriere nicht unterstützen privaten Schlüssel Please enter the password to decrypt the private key: '%1' Bitte das Passwort zur Entschlüsselung des privaten Schlüssels: '%1' eingeben Decryption of private key '%1' failed Konnte den Schlüssel '%1' nicht entschlüsseln Please enter the database password for encrypting the key Bitte geben sie das Datenbankpasswort zur Verschlüsselung des Schlüssels ein Please enter the password protecting the PKCS#8 key '%1' Bitte das Passwort zum Schutz des PKCS#8 Schlüssels '%1' eingeben Please enter the password protecting the Microsoft PVK key '%1' Bitte das Passwort zum Schutz des Microsoft PVK Schlüssels '%1' eingeben Please enter the export password for the private key '%1' Bitte das Passwort zum Schutz des privaten Schlüssels '%1' eingeben Please enter the database password for decrypting the key '%1' Bitte das Datenbankpasswort zur Entschlüsselung des Schlüssels '%1' eingeben pki_export PEM Text format with headers PEM Textformat mit Kopf- und Fußzeilen Concatenated list of all selected items in one PEM text file Aneinandergereihte Liste aller ausgewählter Einträge in eine PEM Text Datei PEM selected PEM ausgewählt Concatenated list of all selected certificates in one PEM text file Alle Zertifikate aneinandergehängt in einer PEM Datei PEM chain PEM Kette Concatenated text format of the complete certificate chain in one PEM file Aneinandergehängte Zertifikatskette in einer PEM Datei The complete certificate chain and the private key of the selected certificate with tags usable in OpenVPN configuration files Die vollständige Zertifikatskette und der private Schlüssel des ausgewählten Zertifikats mit den passenden Markern zum Einsatz als OpenVPN Konfigurationsdatei PEM + key PEM + Schlüssel Concatenation of the certificate and the unencrypted private key in one PEM file Das PEM Zertifikat und der unverschlüsselte private PEM Schlüssel in einer Textdatei Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Das PEM Zertifikat und der unverschlüsselte private PKCS#8 Schlüssel in einer Textdatei All unusable Alle nicht verwendbaren Concatenation of all expired or revoked certificates in one PEM file Alle abgelaufenen oder gesperrten Zertifikate aneinandergehängt in einer PEM Datei PKCS#7 encoded single certificate Einzelnes Zertifikat im PKCS#7 format All selected certificates encoded in one PKCS#7 file Alle ausgewählten Zertifikate in einer PKCS#7 Datei PKCS #7 chain PKCS #7 Kette PKCS#7 encoded complete certificate chain Vollständige Zertifikatskette in einer PKCS#7 Datei PKCS #7 unusable PKCS #7 unbenutzbar PKCS#7 encoded collection of all expired or revoked certificates Sammlung aller abgelaufenen oder gesperrten Zertifikate im PKCS#7 Format Binary DER encoded certificate Binäre DER formatiertes Zertifikat PKCS #12 chain PKCS #12 Kette The complete certificate chain and the private key as encrypted PKCS#12 file Die vollständige Zertifikatskette und der private Schlüssel als verschlüsselte PKCS#12 Datei PKCS #12 PKCS#12 The certificate and the private key as encrypted PKCS#12 file Das Zertifikat und der zugehörige private Schlüssel als verschlüsselte PKCS#12 Datei Certificate Index file Zertifikatsindexdatei OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool OpenSSL spezifische Zertifikatsindexdatei in dem Format wie sie von dem OpenSSL 'ca' kommando erzeugt und von der OCSP Funktion benötigt wird vCalendar vCalendar vCalendar expiry reminder for the selected items Fälligkeitserinnerung für alle ausgewählten Elemente im vCalendar Format CA vCalendar CA vCalendar vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL Fälligkeitserinnerung für alle ausgestellten Zertifikate, der CA und der letzten CRL im vCalendar Format OpenSSL config OpenSSL Konfiguration OpenSSL configuration file to create a certificate or request with the openssl commandline tool OpenSSL Konfigurationsdatei um ein Zertifikat oder ein Zertifikatsantrag mit dem OpenSSL Kommandozeilenwerkzeug zu erstellen OpenVPN tls-auth key OpenVPN tls-auth Schlüssel The OpenVPN tls-auth key is a secret key shared between endpoints Der tls-auth Schlüssel ist ein geheimer Schlüssel, der von allen Verbindungsteilnehmern geteilt wird JSON Web Kit JSON Web Kit The public key of the certificate in JSON Web Kit format with X.509 Certificate Thumbprint (x5t) Der öffentliche Schlüssel des Zertifikats im JSON Web Kit Format mit X.509 Fingerabdruck (x5t) JSON Web Kit chain JSON Web Kit Liste The public key of the certificate in JSON Web Kit format with X.509 Certificate Thumbprint (x5t) and certificate chain (x5c) Der öffentliche Schlüssel des Zertifikats im JSON Web Kit Format mit X.509 Fingerabdruck (x5t) und Zertifikatskette (x5c) PEM public PEM öffentlich Text format of the public key in one PEM file Eine PEM Textdatei mit dem öffentlichen Schlüssel PEM private PEM privat Unencrypted private key in text format Der unverschlüsselte private Schlüssel in einer PEM Textdatei PEM encrypted PEM verschlüsselt OpenSSL specific encrypted private key in text format OpenSSL spezifischer privater Schlüssel im Textformat SSH2 private SSH2 Privat SSH2 public SSH2 öffentlich The public key encoded in SSH2 format Der öffentliche Schlüssel im SSH2 Format DER public DER öffentlich Binary DER format of the public key Der öffentliche Schlüssel in einer binären DER Datei DER private DER privat Unencrypted private key in binary DER format Unverschlüsselter privater Schlüssel in einer binären DER Datei PVK private PVK privat Private key in Microsoft PVK format not encrypted Nicht verschlüsselter privater Schlüssel im Microsoft PVK Format XCA template in PEM-like format. Templates include the internal name and comment XCA Vorlage in PEM-ähnlichem Format. Vorlagen enthalten auch den internen Namen und die Kommentare All selected XCA templates in PEM-like format. Templates include the internal name and comment Alle ausgewählten XCA Vorlagen in PEM-ähnlichem Format. Vorlagen enthalten auch den internen Namen und die Kommentare PVK encrypted PVK verschlüsselt Encrypted private key in Microsoft PVK format Verschlüsselter privater Schlüssel in einer Microsoft PVK-Datei PKCS #8 encrypted PKCS#8 verschlüsselt Encrypted private key in PKCS#8 text format Verschlüsselter privater Schlüssel in einer PKCS#8 Textdatei PKCS #8 PKCS#8 Unencrypted private key in PKCS#8 text format Unverschlüsselter privater Schlüssel in einer PKCS#8 Textdatei JSON Web Key private JSON Web Key privat Unencrypted private key in JSON Web Key format Unverschlüsselter privater Schlüssel im JSON Web Key Format JSON Web Key public JSON Web Key öffentlich Public key in JSON Web Key format Öffentlicher Schlüssel im JSON Web Key Format Binary DER format of the certificate request Binäres DER Format der Zertifikatsanfrage Binary DER format of the revocation list Binäres DER Format der Sperrliste vCalendar reminder for the CRL expiry date Fälligkeitserinnerung für das CRL Ablaufdatum im vCalendar Format XCA template in PEM-like format XCA Vorlage in PEM ähnlichen Textformat All selected XCA templates in PEM-like format Alle ausgewählten XCA Vorlagen in PEM ähnlichen Textformat pki_key Do you really want to export the private key unencrypted to the clipboard ? Soll der private Schlüssel wirklich unverschlüsselt in die Zwischenablage kopiert werden ? Only export the public key Nur den öffentlichen Schlüssel exportieren Export the private key unencrypted Privaten Schlüssel unverschlüsselt exportieren Successfully imported the %1 public key '%2' Der öffentliche %1 Schlüssel '%2' wurde erfolgreich importiert Delete the %1 public key '%2'? Den öffentlichen %1 Schlüssel '%2' löschen? Successfully imported the %1 private key '%2' Der private %1 Schlüssel '%2' wurde erfolgreich importiert Delete the %1 private key '%2'? Den privaten %1 Schlüssel '%2' löschen? Successfully created the %1 private key '%2' Der private %1 Schlüssel '%2' wurde erfolgreich erstellt Delete the %1 keys: %2? Die %1 Schlüssel: %2 löschen? Public key Öffentlicher Schlüssel public key öffentlicher Schlüssel Successfully imported the %1 public key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key Der öffentliche %1 Schlüssel '%2' wurde erfolgreich importiert Delete the %n %1 public key(s) '%2'? %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal name(s) of the key(s) Den öffentlichen %1 Schlüssel '%2' löschen? Die %n öffentlichen %1 Schlüssel '%2' löschen? Successfully imported the %1 private key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key Der private %1 Schlüssel '%2' wurde erfolgreich importiert Delete the %n %1 private key(s) '%2'? %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal name(s) of the key(s) Den privaten %1 Schlüssel '%2' löschen? Die %n privaten %1 Schlüssel '%2' löschen? Successfully created the %1 private key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key Der private %1 Schlüssel '%2' wurde erfolgreich erstellt Common Standard Private Privat Bogus Nichts No password Kein Passwort Unexpected SSH2 content: '%1' Unerwarteter SSH2 inhalt: '%1' Invalid SSH2 public key Üngültiger öffentlicher SSH2 Schlüssel Failed writing to %1 Fehler beim Schreiben von %1 PIN PIN pki_multi No known PEM encoded items found Keine bekanntes PEM Format gefunden pki_pkcs12 Please enter the password to encrypt the PKCS#12 file Bitte geben Sie das Passwort zur Verschlüsselung der PKCS#12 Datei an No key or no Cert and no pkcs12 Kein Schlüssel oder kein Zertifikat und kein PKCS#12 Unable to load the PKCS#12 (pfx) file %1. Die PKCS#12 (pfx) Datei %1 konnte nicht geladen werden. Please enter the password to decrypt the PKCS#12 file: %1 Bitte geben Sie das Passwort zur Entschlüsselung der PKCS#12 Datei: %1 ein The supplied password was wrong (%1) Das eingegebene Passwort war falsch (%1) Please enter the password to encrypt the key of certificate '%1' in the PKCS#12 file: %2 Bitte geben sie das Passwort zur Verschlüsselung des Schlüssels für Zertifikat '%1' in der PKCS#12 Datei: %2 ein pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. Konnte die PKCS#7 Datei %1 nicht laden. Ist weder im PEM noch im DER Format. pki_scard This Key is already on the token Der Schlüssel ist bereits auf der SmartCard Only RSA and EC keys can be stored on tokens Auf der Chipkarte können nur RSA oder EC Schlüssel gespeichert werden Unable to find copied key on the token Kann den eben kopierten Schlüssel auf der Chipkarte nicht finden Public Key mismatch. Please re-import card Öffentlicher Schlüssel passt nicht. Bitte Chipkarte neu importieren Delete the %n token key(s): '%1'? Den Chipkartenschlüssel '%1' löschen? Die %n Chipkartenschlüssel '%1' löschen? Unable to find generated key on card Kann den erstellten Schlüssel auf der Karte nicht finden Failed to find the key on the token Konnte den Schlüssel auf der Chipkarte nicht finden Invalid Pin for the token Ungültige Pin für die Chipkarte Delete the private key '%1' from the token '%2 (#%3)' ? Soll der private Schlüssel '%1' von der Chipkarte '%2' mit der Seriennummer %3 gelöscht werden ? Successfully imported the token key '%1' Der Chipkartenschlüssel '%1' wurde erfolgreich importiert Delete the token key '%1'? Den Chipkartenschlüssel '%1' löschen? Successfully created the token key '%1' Der Chipkartenschlüssel '%1' wurde erfolgreich erstellt Delete the %1 keys: %2? Die %1 Schlüssel: %2 löschen? PIN input aborted PIN Eingabe abgebrochen Please insert card: %1 %2 [%3] with Serial: %4 Bitte die Chipkarte: %1 %2 [%3] mit Seriennummer: %4 einlegen Select Slot of %1 Wähle die Position auf %1 Illegal Key generation method Ungültige Schlüsselgenerierungsmethode Ignoring unsupported token key Ignoriere nicht unterstützten Chipkartenschlüssel Wrong Size %1 Falsche Größe %1 Token %1 %1 Chipkarte Failed to initialize the key on the token Der Schlüssel auf der Chipkarte konnte nicht initialisiert werden pki_temp Delete the XCA template '%1'? Die XCA Vorlage '%1' löschen? Template file content error (too small) Fehler bei Vorlagendatei (zu klein) Template file content error (bad size) Fehler bei Vorlagendatei (zu klein) Template file content error (too small): %1 Template zu klein: %1 Not a PEM encoded XCA Template Dies ist keine PEM formatierte XCA Vorlage Not an XCA Template, but '%1' Dies ist keine XCA Vorlage, sondern: %1 Template file content error (bad length) :%1 Templatefile ungültig (länge): %1 Wrong Size %1 Ungültige Größe %1 Successfully imported the XCA template '%1' Die XCA Vorlage '%1' wurde erfolgreich importiert Delete the %n XCA template(s): '%1'? Die XCA Vorlage '%1' löschen? Die %n XCA Vorlagen '%1' löschen? Successfully created the XCA template '%1' Die XCA Vorlage '%1' wurde erfolgreich erstellt Delete the %1 XCA templates: %2? Die %1 XCA Vorlagen: %2 löschen? Template file content error (bad size): %1 Templatefile ungültig (Größe): %1 pki_x509 Not trusted Nicht vertrauenswürdig Trust inherited Vertrauensstellung geerbt Always Trusted Immer Vertraut There is no key for signing ! Kein Schlüssel zum Unterschreiben! Delete the certificate '%1'? Das Zertifikat '%1' löschen? Successfully created the certificate '%1' Das Zertifikat '%1' wurde erfolgreich erstellt Delete the %1 certificates: %2? Die %1 Zertifikate: %2 löschen? Delete the %n certificate(s): '%1'? Das Zertifikat '%1' löschen? Die %n Zertifikate '%1' löschen? Unable to load the certificate in file %1. Tried PEM and DER certificate. Das Zertifikat aus der Datei %1 konnte nicht geladen werden. Ist weder PEM noch DER. Invalid OpenVPN tls-auth key Ungültiger OpenVPN tls-auth Schlüssel Failed to import tls-auth key Import des tls-auth Schlüssels fehlgeschlagen Same tls-auth key already stored for this CA Der selbe tls-auth Schlüssel war für diese CA bereits gespeichert New tls-auth key successfully imported Neuer tls-auth Schlüssel erfolgreich importiert Existing tls-auth key successfully replaced Vorhandener tls-auth Schlüssel erfolgreich ersetzt This certificate is already on the security token Dieses Zertifikat ist bereits auf der Chipkarte Delete the certificate '%1' from the token '%2 (#%3)'? Das Zertifikat '%1' von der Chipkarte '%2 (#%3)' löschen? Renew certificate: %1 Zertifikat %1 erneuern The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' Das XCA Zertifikat '%1', ausgestellt am %2 wird am %3 ablaufen. Es ist in der XCA Datenbank '%4' gespeichert CRL Renewal of CA '%1' due CRL erneuerung der CA '%1' fällig The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' Die neueste von CA '%1' ausgestellte CRL wird am %2 ablaufen. Sie ist in der XCA Datenbank '%3' gespeichert CRL expires: %1 CRL ungültig ab: %1 No Nein Yes Ja Successfully imported the certificate '%1' Das Zertifikat '%1' wurde erfolgreich importiert Wrong Size %1 Ungültige Größe %1 pki_x509req Signing key not valid (public key) Signaturschlüssel ungültig (public key) Delete the %1 certificate request '%2'? Den %1 Zertifikatsantrag '%2' löschen? Successfully imported the %1 certificate request '%2' Der %1 Zertifikatsantrag '%2' wurde erfolgreich importiert Successfully created the %1 certificate request '%2' Der %1 Zertifikatsantrag '%2' wurde erfolgreich erstellt Delete the %1 certificate requests: %2? Die %1 Zertifikatsanträge: %2 löschen? Successfully imported the PKCS#10 certificate request '%1' Der Zertifikatsantrag '%1' wurde erfolgreich importiert Delete the %n PKCS#10 certificate request(s): '%1'? Den Zertifikatsantrag '%1' löschen? Die %n Zertifikatsanträge '%1' löschen? Successfully created the PKCS#10 certificate request '%1' Der Zertifikatsantrag '%1' wurde erfolgreich erstellt Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. Konnte den Zertifikatsantrag aus der Datei %1 nicht laden. Versuchte Formate PEM, DER und SPKAC. Signed Signiert Unhandled Unbehandelt Wrong Size %1 Ungültige Größe %1 v3ext Copy Common Name Den allgemeinen Bezeichner (common Name) kopieren Add Hinzufügen Delete Löschen Apply Übernehmen Validate Überprüfen Cancel Abbrechen Validation successful: '%1' Überprüfung erfolgreich: '%1' An email address or 'copy' Eine E-Mail adresse oder 'copy' An email address Eine email Adresse a registered ID: OBJECT IDENTIFIER Eine OID numerisch oder als Text a uniform resource indicator Ein Uniform Resource Identifier a DNS domain name Ein DNS domain Name an IP address Eine IP Adresse No editing. Only 'copy' allowed here Kein Editieren. Nur 'copy' möglich, um Subject alternative name vom Aussteller zu kopieren Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' Format:<OID>;TYPE Beispiel: '1.2.3.4:UTF8:name' A registered ID: OBJECT IDENTIFIER Eine OID numerisch oder als Text A uniform resource indicator Ein Uniform Resource Identifier A DNS domain name or 'copycn' Ein DNS domain Name oder 'copycn' A DNS domain name Ein DNS domain Name An IP address Eine IP Adresse Validation failed: '%1' %2 Überprüfung fehlgeschlagen: '%1' %2 void There was no key found for the Certificate: Es wurde kein Schlüssel gefunden für das Zertifikat: Import Certificate signing request Zertifikatsantrag importieren xcaWarning The following error occurred: Der folgende Fehler ist aufgetreten: Copy to Clipboard In die Zwischenablage xcaWarningGui Copy to Clipboard In die Zwischenablage xca-RELEASE.2.9.0/lang/xca_en.ts000066400000000000000000000105261477156507700161310ustar00rootroot00000000000000 ExportDialog %n selected item(s) selected item %n selected items XcaTreeView Please enter the password to encrypt all %n exported private key(s) in: %1 Singular form for 0 or 1 item can be ignored. Will always be called with n >= 2 Please enter the password to encrypt the exported private key in: %1 Please enter the password to encrypt all %n exported private keys in: %1 pki_crl Delete the %n revocation list(s): '%1'? Delete the revocation list: '%1'? Delete the %n revocation lists: '%1'? pki_key Delete the %n %1 public key(s) '%2'? %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal name(s) of the key(s) Delete the %1 public key '%2'? Delete the %n %1 public keys '%2'? Delete the %n %1 private key(s) '%2'? %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal name(s) of the key(s) Delete the %1 private key '%2'? Delete the %n %1 private keys '%2'? pki_scard Delete the %n token key(s): '%1'? Delete the token key: '%1'? Delete the %n token keys: '%1'? pki_temp Delete the %n XCA template(s): '%1'? Delete the XCA template: '%1'? Delete the %n XCA templates: '%1'? pki_x509 Delete the %n certificate(s): '%1'? Delete the certificate: '%1'? Delete the %n certificates: '%1'? pki_x509req Delete the %n PKCS#10 certificate request(s): '%1'? Delete the PKCS#10 certificate request: '%1'? Delete the %n PKCS#10 certificate requests: '%1'? xca-RELEASE.2.9.0/lang/xca_es.ts000066400000000000000000006714121477156507700161450ustar00rootroot00000000000000 Done Hecho About#1 CA Properties Propiedades de la CA CaProperties#1 Use random Serial numbers Usar números de Serie aleatorios CaProperties#2 Default template Plantilla predeterminada CaProperties#4 Details of the Certificate Detalles del Certificado CertDetail#1 S&tatus Estado CertDetail#2 Serial CertDetail#3 Número de serie CertDetail#3 The serial number of the certificate El número de serie del certificado CertDetail#4 The internal name of the certificate in the database El nombre interno del certificado en la base de datos CertDetail#5 Internal name CertDetail#6 Nombre interno CertDetail#6 Signature algorithm CertDetail#7 Firma CertDetail#7 Signature CertDetail#8 Firma CertDetail#8 Key CertDetail#9 Clave CertDetail#9 Fingerprints Huellas digitales CertDetail#10 SHA1 SHA1 CertDetail#11 MD5 MD5 CertDetail#12 Validity CertDetail#15 Validez CertDetail#15 The time since the certificate is valid El momento desde el que el certificado es válido CertDetail#16 The time until the certificate is valid El momento hasta el que el certificado es válido CertDetail#17 &Subject As&unto CertDetail#18 Attributes Atributos CertDetail#20 &Extensions CertDetail#21 &Extensiones CertDetail#21 Show config Mostrar configuración CertDetail#22 Show extensions Mostrar extensiones CertDetail#23 Not available CertDetail#24 No disponible CertDetail#24 Details of the certificate Detalles del certificado CertDetail#25 Not trusted CertDetail#28 No fiable CertDetail#28 Trusted Fiable CertDetail#29 Revoked: Revocado: CertDetail#30 Not valid No válido CertDetail#31 Valid Válido CertDetail#32 Details of the certificate signing request Detalles de la solicitud CertDetail#33 Certificate renewal Renovación de certificado CertExtend#1 Validity CertExtend#3 Validez CertExtend#3 Not before CertExtend#4 No antes de CertExtend#4 Not after CertExtend#5 No después de CertExtend#5 Time range CertExtend#6 Rango de tiempo CertExtend#6 Apply CertExtend#8 Aplicar CertExtend#8 Days CertExtend#9 Días CertExtend#9 Months CertExtend#10 Meses CertExtend#10 Years CertExtend#11 Años CertExtend#11 Midnight CertExtend#12 Medianoche CertExtend#12 Double click for details Haga doble click para obtener detalles ClickLabel#1 Signature CrlDetail#4 Firma CrlDetail#4 Name CrlDetail#6 Nombre CrlDetail#6 ... ... ExportDialog#1 DER is a binary format of the key without encryption PEM is a base64 encoded key with optional encryption PKCS#8 is an encrypted official Key-exchange format DER es un formato binario sin cifrado PEM es un formato texto bas64 con cifrado opcional PKCS#8 es un formato estandar de intercambio de claves ExportKey#7 Please enter the filename for the key. Introduzca nombre de fichero que contendrá la clave. ExportKey#8 Key export Exportar clave ExportKey#10 Name KeyDetail#1 Nombre KeyDetail#1 Public Exponent Exponente público KeyDetail#7 Keysize KeyDetail#8 Tamaño de clave KeyDetail#8 Private Exponent Exponente secreto KeyDetail#9 Modulus Módulo KeyDetail#10 Not available KeyDetail#12 Disponible KeyDetail#12 Available Disponible KeyDetail#15 Private key KeyDetail#18 Exponente secreto KeyDetail#18 &Import MainWindow#4 Importar MainWindow#4 Cancel MainWindow#58 Cancelar MainWindow#58 Password verify error, please try again Contraeña incorrecta, inténtelo de nuevo MainWindow#68 Password MainWindow#69 Contraseña MainWindow#69 Name NewKey#4 Nombre NewKey#4 New Key NewKey#6 Nueva clave NewKey#6 Keysize NewKey#8 Tamaño de clave NewKey#8 Signature algorithm NewX509#16 Firma NewX509#16 Subject NewX509#23 Sujeto NewX509#23 Private key NewX509#36 Exponente secreto NewX509#36 Validity NewX509#56 Validez NewX509#56 Import db_crl#11 Importar db_crl#11 Password db_key#4 Contraseña db_key#4 New Key db_key#10 Nueva clave db_key#10 Import db_key#11 Importar db_key#11 Export db_key#15 Exportar db_key#15 Change password Cambiar contraseña db_key#16 Reset password Restablecer la contraseña db_key#17 Change PIN Cambiar PIN db_key#18 Import db_temp#9 Importar db_temp#9 Export db_temp#11 Importar db_temp#11 Import db_x509#21 Importar db_x509#21 Export db_x509#27 Exportar db_x509#27 Clipboard db_x509#28 Portapapeles db_x509#28 File db_x509#29 Archivo db_x509#29 Request Solicitud db_x509#30 Template db_x509#33 Plantilla db_x509#33 Delete db_x509#35 Eliminar db_x509#35 Subject db_x509name#1 Sujeto db_x509name#1 Signed db_x509req#1 Firma db_x509req#1 Import db_x509req#9 Importar db_x509req#9 Rename db_x509req#11 Renombrar db_x509req#11 Show Details db_x509req#12 Mostrar detalles db_x509req#12 Sign db_x509req#13 Firma db_x509req#13 Export db_x509req#14 Importar db_x509req#14 Password pass_info#1 Contraseña pass_info#1 Cancel v3ext#5 Cancelar v3ext#5 CaProperties CA Properties Propiedades de la CA Form Days until next CRL issuing Días hasta la emisión de CRL Default template Plantilla predeterminada CertDetail Details of the Certificate Detalles del Certificado Status Estado Internal name Nombre interno The internal name of the certificate in the database El nombre interno del certificado en la base de datos Signature Firma Key Clave Serial Número de serie The serial number of the certificate El número de serie del certificado Fingerprints Huellas digitales MD5 MD5 An md5 hashsum of the certificate Un hash MD5 del certificado SHA1 SHA1 A SHA-1 hashsum of the certificate Un hash SHA-1 del certificado SHA256 SHA256 A SHA-256 hashsum of the certificate Un hash SHA-256 del certificado Validity Validez The time since the certificate is valid El momento desde el que el certificado es válido The time until the certificate is valid El momento hasta el que el certificado es válido Subject Sujeto Issuer Emisor Attributes Atributos Extensions Extensiones Validation Purposes Strict RFC 5280 validation Show config Mostrar configuración Comment Comentarios Show extensions Mostrar extensiones Show public key Mostrar clave pública This key is not in the database. La clave no existe en la base de datos. Not available No disponible No verification errors found. Signer unknown Firmante desconocido Self signed Autofirmado Revoked at %1 Revocado el %1 Revoked: Revocado: Not valid No válido Valid Válido Details of the certificate signing request Detalles de la solicitud de certificado CertExtend Certificate renewal Renovación de certificado This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. Esto creará un nuevo certificado como copia del antiguo con un nuevo número de serie y las fechas de validez modificadas. Validity Validez Not before No antes de Not after No después de Time range Rango de tiempo Local time Hora local Days Días Months Meses Years Años No well-defined expiration Caducidad sin definir Midnight Medianoche Apply Aplicar Revoke old certificate Revocar el certificado antiguo Replace old certificate Keep serial number Mantener el número de serie The certificate will be earlier valid than the signer. This is probably not what you want. El certificado entrará en vigor antes que el certificado firmante. Probablemente no es lo que pretendes. Edit dates Modificar fechas Abort rollout Cancelar la emisión Continue rollout Continuar la emisión Adjust date and continue Ajustar fecha y continuar The certificate will be longer valid than the signer. This is probably not what you want. El certificado caducará después que el certificado firmante. Probablemente no es lo que pretendes. CertTreeView Hide unusable certificates Import PKCS#12 Importar PKCS#12 Import from PKCS#7 Importar desde PKCS#7 Request Solicitud Security token Token de seguridad Other token Otro token Similar Certificate Certificado similar Delete from Security token Eliminar del Token de seguridad CA CA Properties Propiedades Generate CRL Generar CRL Manage revocations Gestionar revocaciones Import OpenVPN tls-auth key Renewal Renovación Revoke Revocar Unrevoke Deshacer revocación Plain View Vista Plana Tree View Vista de árbol days Días No template Sin plantilla CA Properties Propiedades de la CA Certificate export Exportar certificado X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) vCalendar entry ( *.ics ) OpenVPN file ( *.ovpn ) OpenVPN tls-auth key ( *.key ) ClickLabel Double click for details Haga doble click para obtener detalles CrlDetail Details of the Revocation list Detalles de la lista de revocación &Status E&stado Version Versión Signature Firma Signed by Firmante Name Nombre The internal name of the CRL in the database El nombre interno de la CRL en la base de datos issuing dates Fechas de emisión Next update Siguiente actualización Last update Última actualización &Issuer Em&isor &Extensions &Extensiones &Revocation list Lista de &Revocación Comment Comentarios Failed Error Unknown signer Firmante desconocido Verification not possible Verificación imposible CrlTreeView There are no CA certificates for CRL generation No hay certificados de CA para generar la CRL Select CA certificate Seleccione certificado de CA Revocation list export Exportar lista de revocación CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) vCalendar entry ( *.ics ) ExportDialog Name Nombre The internal name of the CRL in the database El nombre interno de la CRL en la base de datos ... ... Filename Archivo Each Item in a separate file Same encryption password for all items Export comment into PEM file Exportar comentarios al archivo Export Format Formato All files ( * ) Todos los archivos ( * ) PEM Text format with headers Formato de Texto PEM con cabeceras Concatenated list of all selected items in one PEM text file Lista concatenada de todos los elementos seleccionados en un archivo PEM Concatenated text format of the complete certificate chain in one PEM file Cadena de certificados completa, concatenados en formato de texto en un archivo PEM Concatenated text format of all unrevoked certificates in one PEM file Todos los certificados no revocados concatenados en formato de texto en un archivo PEM Concatenated text format of all certificates in one PEM file Todos los certificados concatenados en formato de texto en un archivo PEM Binary DER encoded file Archivo codificado DER binario PKCS#7 encoded single certificate Certificado individual codificado en PKCS#7 PKCS#7 encoded complete certificate chain Cadena de certificados completa codificada en PKCS#7 All unrevoked certificates encoded in one PKCS#7 file Todos los certificados no revocados en un fichero con formato PKCS#7 All selected certificates encoded in one PKCS#7 file Todos los certificados seleccionados en un fichero codificado en PKCS#7 All certificates encoded in one PKCS#7 file Todos los certificados codificados en un fichero PKCS#7 The certificate and the private key as encrypted PKCS#12 file Certificado y su clave privada encriptados en fichero PKCS#11 The complete certificate chain and the private key as encrypted PKCS#12 file La cadena completa de certificados y la clave privada encriptados en fichero PKCS#12 Concatenation of the certificate and the unencrypted private key in one PEM file Certificado y la clave privada sin encriptar concatenados en un único fichero PEM Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Certificado y la clave privada encriptada concatenados en un único fichero con formato PKCS#8 Text format of the public key in one PEM file Clave pública en formato texto en un único archivo PEM Binary DER format of the public key Clave pública en formato DER Binario Unencrypted private key in text format Clave privada desencriptada en un fichero de texto OpenSSL specific encrypted private key in text format Clave privada encriptada en formato de texto específico de OpenSSL Unencrypted private key in binary DER format Clave privada desencriptada en formato DER Binario Unencrypted private key in PKCS#8 text format Clave privada desencriptada en formato PKCS#8 Encrypted private key in PKCS#8 text format Clave privada encriptada en formato de texto PKCS#8 The public key encoded in SSH2 format Clave pública codificada en fomrato SSH2 OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool Fichero de índice de certificados específico de OpenSSL como el comando created by the 'ca' y requerido por la herramienta OCSP vCalendar expiry reminder for the selected items vCalendar con el recordatorio de caducidad de los elementos seleccionados vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL vCalendar con la caducidad de todos los certificados emitidos y válidos; de la propia CA y de la última CRL %n selected item(s) The file: '%1' already exists! ¡El archivo '%1' ya existe! Overwrite Sobrescribir Do not overwrite No sobrescribir The path: '%1' exist, but is not a file The path: '%1' exist, but is not a directory The directory: '%1' does not exist. Should it be created? Create Crear Failed to create directory '%1' Directory Directorio Form last update next update Days Días Months Meses Years Años Apply Aplicar Midnight Medianoche Local time Hora local No well-defined expiration Help << << >> >> &Done &Hecho ImportMulti Import PKI Items Importar elementos PKI Import &All Importar &Todos &Import &Importar &Done &Hecho &Remove from list &Eliminar de la lista Details Detalles Delete from token Eliminar del token Rename on token Renombrar en el token Name: %1 Model: %2 Serial: %3 Nombre: %1 Modelo: %2 Nº serie: %3 Manage security token Gestionar token de seguridad The type of the item '%1' is not recognized El tipo del elemento '%1' no ha sido reconocido Could not open the default database Details of the item '%1' cannot be shown Los detalles del elemento '%1' no se pueden mostrar The file '%1' did not contain PKI data El archivo '%1' no contiene datos de PKI The %1 files: '%2' did not contain PKI data Los %1 archivos: '%2' no contienen datos de PKI ItemProperties Name Nombre Source Origen Insertion date Fecha de inserción Comment Comentarios KeyDetail Name Nombre The internal name of the key used by xca El nombre interno de la clave usado por xca Key Clave Public Exponent Exponente público Keysize Tamaño de clave Private Exponent Exponente privado Security Token Token de Seguridad Label Etiqueta PKCS#11 ID ID PKCS#11 Token information Información del token Model Modelo Manufacturer Fabricante Serial Número de serie Fingerprint Huella Comment Comentarios Details of the %1 key Detalles de la clave %1 Not available No disponible Security token Token de seguridad Available Disponible Sub prime Sub prime Public key Clave pública Private key Clave privada Curve name Nombre de curva Unknown key Clave desconocida KeyTreeView Change password Cambiar contraseña Reset password Restablecer la contraseña Change PIN Cambiar PIN Init PIN with SO PIN (PUK) Inicializar PIN con el PIN SO (PUK) Change SO PIN (PUK) Cambiar PIN SO (PUK) Security token Token de seguridad This is not a token Esto no es un token Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable ¿Debe la clave original '%1' ser reemplazada por la clave del token? Esto borrará la clave '%1' y imposibilitará su exportación Key export Exportar clave SSH Private Keys ( *.priv ) Microsoft PVK Keys ( *.pvk ) Export public key [%1] Exportar la clave pública [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Claves privadas ( *.pem *.der *.pk8 );; Claves públicas SSH ( *.pub ) MainWindow Private Keys Claves Privadas &New Key &Nueva Clave &Export &Exportar &Import &Importar Import PFX (PKCS#12) Importar PFX (PKCS#12) &Show Details &Mostrar Detalles &Delete &Borrar Certificate signing requests Solicitudes de certificado &New Request &Nueva Solicitud Certificates Certificados &New Certificate &Nuevo Certificado Import &PKCS#12 Importar &PKCS#12 Import P&KCS#7 Importar P&KCS#7 Plain View Vista Plana Templates Plantillas &New Template &Nueva Plantilla Ch&ange Template C&ambiar Plantilla Revocation lists Listas de Revocación &New CRL &Nueva CRL Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Formato antiguo de base de datos detectado. Creando una copia de seguridad llamada: '%1' y convirtiendo la base de datos al nuevo formato Failed to rename the database file, because the target already exists Error al renombrar el archivo de base de datos, porque el destino ya existe Using or exporting private keys will not be possible without providing the correct password Usar o exportar las claves privadas no será posible sin proporcionar la contraseña correcta The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. El algoritmo de hash '%1' utilizado actualmente no es seguro. Por favor seleccione al menos 'SHA-224' por razones de seguridad. Database Base de datos No deleted items found No se han encontrado elementos eliminados Recent DataBases Bases de datos recientes System Sistema Croatian Croatian English English French French German German Japanese Korean Russian Russian Slovak Slovak Spanish Spanish Persian Bulgarian Polish Polaco Italian Italiano Chinese Chino Dutch Holandés Portuguese in Brazil Portugués de Brasil Indonesian Turkish Turkish Language Idioma &File &Archivo &New DataBase &Nueva base de datos &Open DataBase &Abrir base de datos Open Remote DataBase Abrir base de datos remota Set as default DataBase Establecer Base de datos por defecto &Close DataBase &Cerrar Base de datos New DataBase Nueva Base de datos Open DataBase Abrir Base de datos Close DataBase Cerrar Base de datos Options Opciones Exit Salir I&mport I&mportar Keys Claves Requests Solicitudes PKCS#12 PKCS#12 PKCS#7 PKCS#7 Template Plantilla Revocation list Lista de revocación PEM file Archivo PEM Paste PEM file Pegar archivo PEM Token Token Export Certificate &Index hierarchy Exportar jerarquía del &Indice de Certificados Content Contenido &Token &Token &Manage Security token &Gestionar Token de Seguridad &Init Security token &Iniciar Token de Seguridad &Change PIN &Cambiar PIN Change &SO PIN Cambiar PIN &SO Init PIN Iniciar PIN Extra Extra &Dump DataBase Exportar Base de &Datos &Export Certificate Index &Exportar Índice de Certificados &Export Certificate Index hierarchy &Exportar Jerarquía de Índice de Certificados C&hange DataBase password Ca&mbiar contraseñas de Base de datos &Undelete items Rec&uperar elementos Generate DH parameter Generar parámetro DH OID Resolver Resolución de OID &Help A&yuda &Content &Contenido About Acerca de Search Buscar no such option: %1 No existe la opción: %1 Import PEM data Importar datos PEM Please enter the original SO PIN (PUK) of the token '%1' Por favor, introduzca el PIN SO (PUK) original del token '%1' Please enter the new SO PIN (PUK) for the token '%1' Por favor, introduzca el nuevo PIN SO (PUK) del token '%1' The new label of the token '%1' La nueva etiqueta del token '%1' The token '%1' did not contain any keys or certificates El token '%1' no contiene claves ni certificados Retry with PIN Retry with SO PIN Current Password Contraseña actual Please enter the current database password Por favor, introduzca la contraseña actual de la base de datos The entered password is wrong La contraseña introducida es incorrecta New Password Nueva Contraseña Please enter the new password to encrypt your private keys in the database-file Por favor introduzca la nueva contraseña para encriptar las claves privadas en el archivo de base de datos Transaction start failed Inicio de la transacción fallido Database: %1 The currently used PFX / PKCS#12 algorithm '%1' is insecure. Change Please enter a password, that will be used to encrypt your private keys in the database: %1 Por favor, introduzca una contraseña, que será utilizada para encriptar las claves privadas de la base de datos: %1 Password verify error, please try again Contraseña incorrecta, inténtelo de nuevo Password Contraseña Please enter the password for unlocking the database: %1 Por favor, introduzca la contraseña para desbloquear la base de datos: %1 The following error occurred: El siguiente error ha ocurrido: Copy to Clipboard Copiar al Portapapeles Certificate Index ( index.txt ) Índice de Certificados ( index.txt ) All files ( * ) Todos los archivos ( * ) Diffie-Hellman parameters saved as: %1 Parámetros Diffie-Hellman guardados como: %1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits Los parámetros Diffie-Hellman son necesitados por diferentes aplicaciones, pero no son gestionados por XCA. Por favor, introduzca los bits de parámetros DH Error opening file: '%1': %2 Error abriendo el archivo: '%1': %2 NewCrl Last update Última actualización Next update Siguiente actualización Days Días Months Meses Years Años Midnight Medianoche Local time Hora local Apply Aplicar Options Opciones Hash algorithm Algoritmo hash Subject alternative name Nombre alternativo del sujeto Authority key identifier Indentificador de clave de la autoridad CRL number Número de CRL Revocation reasons Razones de revocación Create CRL Crear CRL NewKey New Key Nueva clave Please give a name to the new key and select the desired keysize Por favor, asigne un nombre a la nueva clave y seleccione el tamaño deseado Key properties Propiedades de la clave Name Nombre The internal name of the new key El nombre interno de la nueva clave Curve name Nombre de curva Keysize Tamaño de clave Usually at least 2048 bit keys are recommended Normalmente se recomiendan claves de al menos 2048 bits Keytype Tipo de clave Remember as default Recordar como valores por defecto Create Crear NewX509 Source Origen Signing request Solicitud de firma Show request Mostrar solicitud Sign this Certificate signing &request &Firmar esta solicitud de firma Copy extensions from the request Copiar extensiones de la solicitud Modify subject of the request Modificar sujeto de la solicitud Signing Firma Create a &self signed certificate Crear un certificado &autofirmado Use &this Certificate for signing Usar &este Certificado para firmar All certificates in your database that can create valid signatures Todos los certificados de la base de datos que pueden crear firmas válidas Signature algorithm Algoritmo de Firma Template for the new certificate Plantilla para el nuevo certificado All available templates Todas las plantillas disponibles Apply extensions Aplicar extensiones Apply subject Aplicar sujeto Apply all Aplicar todo Subject Sujeto Internal Name Nombre interno Distinguished name Nombre distinguido Add Añadir Delete Eliminar Private key Clave privada This list only contains unused keys Esta lista contiene únicamente claves sin utilizar Used keys too También claves utilizadas &Generate a new key &Generar una nueva clave Extensions Extensiones Type Tipo If this will become a CA certificate or not Si este será un certificado de CA o no Not defined No definido Certification Authority Autoridad certificadora End Entity Entidad final Path length Longitud de la ruta How much CAs may be below this. Cuantas CAs puede haber dependiendo de esta. The basic constraints should always be critical Las restricciones básicas deben ser siempre críticas Key identifier Identificador de clave Creates a hash of the key following the PKIX guidelines Crea un hash de la clave siguiendo las sugerencias PKIX Copy the Subject Key Identifier from the issuer Copia la clave del identificador del sujeto del emisor Validity Validez Not before No antes de Not after No después de Time range Rango de tiempo Days Días Months Meses Years Años Apply Aplicar Set the time to 00:00:00 and 23:59:59 respectively Establece la hora a 00:00:00 y 23:59:59 respectivamente Midnight Medianoche Local time Hora local No well-defined expiration Caducidad no definida DNS: IP: URI: email: RID: DNS: IP: URI: email: RID: Edit Editar URI: URI: Key usage Uso de la clave Netscape Netscape Advanced Avanzadas Validate Validar Comment Comentarios This name is only used internally and does not appear in the resulting certificate Este nombre sólo se usa internamente y no aparece en el certificado resultante Internal name Nombre interno Critical Crítica Create Certificate signing request Crear solicitud de firma de certificado minimum size: %1 tamaño mínimo: %1 maximum size: %1 tamaño máximo: %1 only a-z A-Z 0-9 '()+,-./:=? únicamente a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters únicamente caracteres 7-bit Edit XCA template Editar plantilla XCA Create x509 Certificate Crear certificado x509 Template '%1' applied Plantilla '%1' aplicada Subject applied from template '%1' Sujeto aplicado de la plantilla '%1' Extensions applied from template '%1' Extensiones aplicadas de la plantilla '%1' New key '%1' created Nueva clave '%1' creada Other Tabs Otras pestañas Advanced Tab Pestaña avanzadas Errors Errores From PKCS#10 request De la solicitud PKCS#10 Error duplicate extensions The Name Constraints are invalid The Subject Alternative Name is invalid The Issuer Alternative Name is invalid The CRL Distribution Point is invalid The Authority Information Access is invalid Abort rollout Cancelar emisión The following length restrictions of RFC3280 are violated: Se violan las siguientes restricciones de longitud de RFC3280: Edit subject Editar sujeto Continue rollout Continuar emisión The verification of the Certificate request failed. The rollout should be aborted. La verificación de la solicitud de certificado ha fallado. La emisión debería ser cancelada. Continue anyway Continuar de todas formas The internal name and the common name are empty. Please set at least the internal name. El nombre interno y el nombre común están vacíos. Por favor, especifique al menos el nombre interno. Edit name Editar nombre There is no Key selected for signing. No se ha seleccionado Clave para la firma. Select key Clave seleccionada The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. Las siguientes entradas del nombre distinguido están vacías: %1 aunque las has declarado como obligatorias en el menú de opciones. The key you selected for signing is not a private one. La clave seleccionada para la firma no es una clave privada. Select other signer Seleccione otro firmante Select other key Seleccione otra clave The currently selected hash algorithm '%1' is insecure and should not be used. Select other algorithm Use algorithm anyway The certificate will be earlier valid than the signer. This is probably not what you want. El certificado entrará en vigor antes que el certificado firmante. Probablemente no es lo que pretendes. Edit dates Modificar fechas Adjust date and continue Ajustar fecha y continuar The certificate will be longer valid than the signer. This is probably not what you want. El certificado caducará después que el certificado firmante. Probablemente no es lo que pretendes. The certificate will be out of date before it becomes valid. You most probably mixed up both dates. El certificado caducará antes de entrar en vigor. Probablemente has cruzado ambas fechas. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. El certificado contiene extensiones no válidas o duplicadas. Compruebe la validación en la pestaña avanzadas. The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. El certificado no contiene extensiones. Debes aplicar las extensiones de una de las plantillas para definir el propósito del certificado. The certificate contains invalid extensions. Edit extensions Modificar extensiones The subject alternative name shall contain a copy of the common name. However, the common name is empty. El nombre alternativo del sujeto debe contener una copia del nombre común. Sin embargo el nombre común está vacío. A name constraint of the issuer '%1' is violated: %2 Configfile error on line %1 Error en la línea %1 del fichero de configuración OidResolver OID Resolver Resolución de OID Enter the OID, the Nid, or one of the textual representations Introduzca el OID, el Nid, o alguna de las representaciones textuales Search Buscar OID OID Long name Nombre largo OpenSSL internal ID ID interno OpenSSL Nid Nid Short name Nombre corto OpenDb Open remote database Abrir base de datos remota Database type Tipo de base de datos Hostname Servidor Username Usuario Password Contraseña Database name Nombre de la base de datos Table prefix Prefijo de tabla No SqLite3 driver available. Please install the qt-sqlite package of your distribution No hay disponible un driver de SqLite3. Por favor instale el paquete 'qt-sqlite' de la distribución Please enter the password to access the database server %2 as user '%1'. Por favor, introduzca la contraseña de acceso del usuario '%1' al servidor de base de datos %2. The database driver does not support transactions. This may happen if the client and server have different versions. Continue with care. El driver de base de datos no soporta transacciones. Esto puede deberse a que el cliente y el servidor sean de versiones diferentes. Continue con cuidado. Options XCA Options Opciones de XCA Settings Ajustes Default hash algorithm Algoritmo de Hash por defecto String types Tipos de cadenas Suppress success messages Suprimir mensajes de éxito Don't colorize expired certificates No colorear los certificados caducados Translate established x509 terms (%1 -> %2) Traducir los términos de x509 (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. La funcionalidad de hash del token no es utilizada por XCA. Sin embargo, puede respetar un conjunto restringido de algoritmos de hash proporcionados por el token. Especialmente EC y DSA están definidos únicamente con SHA.1 en la especificación de PKCS#11. Only use hashes supported by the token when signing with a token key Utilizar sólo los algoritmos hash soportados por el token cuando se firme con una clave de token Disable legacy Netscape extensions Deshabilitar las antiguas extensiones Netscape PKCS12 encryption algorithm Certificate expiry warning threshold Rango de aviso de caducidad de certificado Send vCalendar expiry reminder Enviar recordatorio de caducidad vCalendar Serial number length Longitud del número de serie bit bits Distinguished name Nombre distinguido Mandatory subject entries Entradas obligatorias en el sujeto Add Añadir Delete Eliminar Explicit subject entries Entradas explícitas en el sujeto Dynamically arrange explicit subject entries Agrupar dinámicamente las entradas explícitas del sujeto Default Por defecto PKCS#11 provider Proveedor PKCS#11 Remove Eliminar Search Buscar Printable string or UTF8 (default) Cadena imprimible o UTF8 (por defecto) PKIX recommendation in RFC2459 Recomendación PKIX de la RFC2459 No BMP strings, only printable and T61 Sin cadenas BMP, sólo imprimible y T61 UTF8 strings only (RFC2459) Sólo cadenas UTF8 (RFC2459) All strings Todas las cadenas Days Días Weeks Semanas Load failed Error en la carga PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) La contraseña se convierte a código de hex de 2 dígitos. Debe contener un número par de dígitos (0-9; a-f) Take as HEX string Considerar cadena HEX Password Contraseña Repeat %1 Repita %1 %1 mismatch %1 no coincide Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters La contraseña HEX debe contener sólo los caracteres '0'-'9' y 'a'-'f' y debe consistir en un número par de caracteres Exit Salir E&xit &Salir QMessageBox Cancel Cancelar Apply Aplicar Yes No No QObject Undefined Sin definir Broken / Invalid Erroneo / Inválido in %1 seconds en %1 segundos %1 seconds ago hace %1 segundos in %1 minutes en %1 minutos %1 minutes ago Hace %1 minutos Yesterday Ayer Tomorrow Mañana in %1 hours en %1 horas %1 hours ago Hace %1 horas DB: Rename: '%1' already in use DB: Renombrar: '%1' ya utilizado DB: Entry to rename not found: %1 DB: Entrada a renombrar no encontrada: %1 DB: Write error %1 - %2 DB: Error de escritura %1 -%2 Out of data Faltan datos Error finding endmarker of string Error encontrando el final de la cadena Out of Memory at %1:%2 Error de memoria en %1:%2 Country code Código de país State or Province Estado o Provincia Locality Localidad Organisation Organización Organisational unit Unidad de organización Common name Nombre común E-Mail address Dirección E-Mail Serial number Número de serie Given name Nombre Surname Apellido Title Título Initials Iniciales Description Descripción Role Rol Pseudonym Pseudónimo Generation Qualifier Calificador de Generación x500 Unique Identifier Identificador único x500 Name Nombre DN Qualifier Calificador DN Unstructured name Nombre estructurado Challenge password Contraseña Basic Constraints Restricciones básicas Name Constraints Subject alternative name Nombre alternativo del sujeto issuer alternative name nombre alternativo del emisor Subject key identifier Indentificador de clave de sujeto Authority key identifier Identificador de clave de autoridad Key usage Uso de la clave Extended key usage Uso extendido de la clave CRL distribution points Puntos de distribución de CRL Authority information access Acceso a la información de Autoridad Certificate type Tipo de Certificado Base URL URL Base Revocation URL URL de revocación CA Revocation URL URL de revocación de CA Certificate renewal URL URL de renovación de certificado CA policy URL URL de políticas de CA SSL server name Nombre de servidor SSL Comment Comentarios All files ( * ) Todos los archivos ( * ) PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; SSH Public Keys ( *.pub );; Claves PKI ( *.pem *.der *.key );; Claves PKCS#8 ( *.p8 *.pk8 );; Claves Públicas SSH ( *.pub );; PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK Keys ( *.pvk );; SSH Public Keys ( *.pub );; Import RSA key Importar clave RSA PKCS#10 CSR ( *.pem *.der *.csr );; PKCS#10 CSR ( *.pem *.der *.csr );; Import Request Importar Solicitud Certificates ( *.pem *.der *.crt *.cer );; Certificados ( *.pem *.der *.crt *.cer );; Import X.509 Certificate Importar certificado X.509 PKCS#7 data ( *.p7s *.p7m *.p7b );; Datos PKCS#7 ( *.p7s *.p7m *.p7b );; Import PKCS#7 Certificates Importar Certificados PKCS#7 PKCS#12 Certificates ( *.p12 *.pfx );; Certificados PKCS#12 ( *.p12 *.pfx );; Import PKCS#12 Private Certificate Importar Certificado Privado PKCS#12 XCA templates ( *.xca );; Plantillas XCA (*.xca);; Import XCA Templates Importar Plantillas XCA Revocation lists ( *.pem *.der *.crl );; Listas de Revocación ( *.pem *.der *.crl );; Import Certificate Revocation List Importar Lista de Revocación (CRL) XCA Databases ( *.xdb );; Base de datos XCA (*xdb);; Open XCA Database Abrir Base de datos XCA OpenVPN tls-auth key ( *.key );; Import OpenVPN tls-auth key PKCS#11 library ( *.dll );; Librería PKCS#11 ( *.dll );; PKCS#11 library ( *.dylib *.so );; Librería PKCS#11 ( *.dylib *.so );; PKCS#11 library ( *.so );; Librería PKCS#11 ( *.so );; Open PKCS#11 shared library Abrir librería compartida PKCS#11 PEM files ( *.pem );; Archivos PEM ( *.pem );; Load PEM encoded file Abrir archivo codificado PEM Error reading config file %1 at line %2 Error leyendo fichero de configuración %1 en la línea %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. El Objeto'%1' del archivo %2 línea %3 ya existe como '%4:%5:%6' y debería ser eliminado. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. El identificador '%1' del OID %2 del archivo %3 línea %4 ya está usado par un OID diferente como '%5:%6:%7' y debería ser modificado para evitar conflictos. Unknown object '%1' in file %2 line %3 Objeto desconocido '%1' en archivo %2 línea %3 Please enter the PIN on the PinPad Por favor, introduzca el PIN en el PinPad Please enter the SO PIN (PUK) of the token %1 Por favor, introduzca el PIN SO (PUK) del token %1 Please enter the PIN of the token %1 Por favor, introduzca el PIN del token %1 No Security token found No se ha encontrado Token de seguridad Select Seleccionar Please enter the new SO PIN (PUK) for the token: '%1' Por favor, introduzca el nuevo PIN SO (PUK) para el token: '%1' Please enter the new PIN for the token: '%1' Por favor, introduzca el nuevo PIN para el token: '%1' Required PIN size: %1 - %2 Tamaño de PIN requerido: %1 - %2 Failed to open PKCS11 library: %1 Error al abrir la librería PKCS11: %1 Failed to open PKCS11 library: %1: %2 Error al abrir la librería PKCS11: %1 %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. No parece una librería PKCS#11. Símbolo 'C_GetFunctionList' no encontrado. Disabled Deshabilitado Library loading failed Error cargando librería PKCS#11 function '%1' failed: %2 La función PKCS#11 '%1' falló: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 La función PKCS#11 '%1' falló: %2 en la librería %3 %4 Failed to start a database transaction Error al iniciar transacción de base de datos Invalid No válido %1 is shorter than %2 bytes: '%3' %1 tiene menos de %2 bytes: '%3' %1 is longer than %2 bytes: '%3' %1 tiene más de %2 bytes: '%3' String '%1' for '%2' contains invalid characters La cadena '%1' para '%2' contiene caracteres no válidos Index file written to '%1' Index hierarchy written to '%1' Unknown key type %1 Failed to write PEM data to '%1' Password verify error, please try again The following error occurred: El siguiente error ha ocurrido: Failed to update the database schema to the current version Password Contraseña insecure ReqTreeView Sign Firma Unmark signed Desmarcar firmado Mark signed Marcar firmado Similar Request Solicitud similar Certificate request export Exportación de solicitud Certificate request ( *.pem *.der *.csr ) Solicitud de firma de certificado ( *.pem *.der *.csr ) RevocationList Manage revocations Gestionar Revocaciones Add Añadir Delete Eliminar Edit Editar No. I understand it as 'Number', right? MRM: Right: that's the spanish 'Number' abbreviation Serial Número de serie Revocation Revocación Reason Razón Invalidation Invalidación Generate CRL Generar CRL Revoke Certificate revocation Revocación de certificados Revocation details Detalles de la revocación Revocation reason Razones de la revocación Local time Hora local Invalid since No válido desde Serial Número de serie SearchPkcs11 Directory Directorio ... ... Include subdirectories Incluir subdirectorios Search Buscar The following files are possible PKCS#11 libraries Los siguientes archivos son posibles librerías PKCS#11 SelectToken Security token Token de seguridad Please select the security token Por favor, seleccione el token de seguridad TempTreeView Duplicate Duplicar Create certificate Crear certificado Create request Solicitud de certificado copy copy Preset Template values Establecer valores de la plantilla Template export XCA Templates ( *.xca ) Validity yyyy-MM-dd hh:mm yyyy-MM-dd hh:mm X509SuperTreeView OpenSSL config Configuración OpenSSL Transform Transformar Template Plantilla Public key Clave pública Save as OpenSSL config Almacenar como configuración OpenSSL Config files ( *.conf *.cnf);; All files ( * ) Archivo de configuración ( *.conf *.cnf);; Todos los archivos ( * ) XFile Error opening file: '%1': %2 Error rewinding file: '%1': %2 XcaDetail Import Importar XcaTreeView Item properties Propiedades del elemento Subject entries Entradas del Sujeto X509v3 Extensions Extensiones X509v3 Netscape extensions Extensiones Netscape Key properties Propiedades de la clave Reset Restablecer Hide Column Ocultar columna Details Detalles Columns Columnas Export Password Please enter the password to encrypt all %n exported private key(s) in: %1 Singular form for 0 or 1 item can be ignored. Will always be called with n >= 2 New Nuevo Import Importar Paste PEM data Pegar datos PEM Rename Renombrar Properties Propiedades Delete Eliminar Export Exportar Clipboard Portapapeles File Archivo Clipboard format database_model Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Formato antiguo de base de datos detectado. Creando una copia de seguridad llamada: '%1' y convirtiendo la base de datos al nuevo formato Failed to rename the database file, because the target already exists Error al renombrar el archivo de base de datos, porque el destino ya existe Please enter the password to access the database server %2 as user '%1'. Por favor, introduzca la contraseña de acceso del usuario '%1' al servidor de base de datos %2. Unable to create '%1': %2 The file '%1' is not an XCA database No SqLite3 driver available. Please install the qt-sqlite package of your distribution No hay disponible un driver de SqLite3. Por favor instale el paquete 'qt-sqlite' de la distribución New Password Nueva Contraseña Please enter a password, that will be used to encrypt your private keys in the database: %1 Por favor, introduzca una contraseña, que será utilizada para encriptar las claves privadas de la base de datos: %1 Password Contraseña Please enter the password for unlocking the database: %1 Por favor, introduzca la contraseña para desbloquear la base de datos: %1 db_base Internal name Nombre interno No. I understand it as 'Number', right? MRM: Right: that's the spanish 'Number' abbreviation Primary key Clave primaria Database unique number Número único de base de datos Date Fecha Date of creation or insertion Fecha de creación o inserción Source Origen Generated, Imported, Transformed Gemerado, Importado, Transformado Comment Comentarios First line of the comment field Primera línea del campo de comentarios Import from: %1 Could not create directory %1 No se pudo crear el directorio %1 Item properties Propiedades del elemento How to export the %1 selected items Como exportar los %1 elementos seleccionados All in one PEM file Todos en un único archivo PEM Each item in one file Cada elemento en un archivo Save %1 items in one file as Guardar %1 elementos en un archivo como PEM files ( *.pem );; All files ( * ) Archivos PEM ( *.pem );; Todos los archivos ( * ) Error opening file: '%1': %2 Error abriendo archivo: '%1': %2 db_crl Signer Firmante Internal name of the signer Nombre interno del firmante No. revoked Nº revocados Number of revoked certificates Número de certificados revocados Last update Última actualización Next update Siguiente actualización CRL number Número de CRL The revocation list already exists in the database as: '%1' and so it was not imported La lista de revocación ya existe en base de datos como: '%1' Y por lo tanto no será importada Revocation list export Exportar lista de revocación CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) There are no CA certificates for CRL generation No hay certificados de CA para generar la CRL Select CA certificate Seleccione certificado de CA Create CRL Crear CRL Failed to initiate DB transaction Error al iniciar la transacción de DB Database error: %1 Error de base de datos: %1 Database error: Error de base de datos: db_key Type Tipo Size Tamaño EC Group Grupo EC Use Uso Password Contraseña The key is already in the database as: '%1' and is not going to be imported La clave ya existe en base de datos como: '%1' Y por lo tanto no será importada The database already contains the public part of the imported key as '%1' and will be completed by the new, private part of the key La base de datos ya contiene la parte pública de la clave importada como: '%1' Y será completada con la nueva parte privada de la clave The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key La base de datos ya contiene la parte pública de la clave importada como '%1' y será completada con la nueva parte privada de la clave Extending public key from %1 by imported key '%2' Extendiendo la clave pública de %1 con la clave importada '%2' Key size too small ! ¡Tamaño de clave demasiado pequeño! You are sure to create a key of the size: %1 ? ¿Está seguro de crear una nueva clave de tamaño: %1? PEM public PEM publico SSH2 public SSH2 publico PEM private PEM privado Export keys to Clipboard Exportar claves al portapapeles Clipboard Portapapeles Export public key [%1] Exportar la clave pública [%1] DER public DER publico DER private DER privado PEM encryped PEM encriptado PKCS#8 encrypted PKCS#8 encriptado Export private key [%1] Exportar clave privada [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Claves privadas ( *.pem *.der *.pk8 );; Claves públicas SSH ( *.pub ) Internal key update: The keys: %1 must be updated once by resetting and setting its private password Tried to change password of a token Intentó cambiar la contraseña de un token db_temp Empty template Plantilla vacía Bad template: %1 Plantilla incorrecta: %1 Preset Template values Establecer valores de la plantilla Save template as Guardar plantilla como XCA templates ( *.xca );; All files ( * ) Plantillas XCA( *.xca );;Todos los archivos( * ) db_x509 CA CA reflects the basic Constraints extension refleja las extensiones de restricciones básicas Serial Número de serie MD5 fingerprint Huella digital MD5 SHA1 fingerprint Huella digital SHA1 SHA256 fingerprint Huella digital SHA256 Start date Fecha de inicio Not before No antes de Expiry date Fecha de caducidad Not after No después de Revocation Revocación CRL Expiration Caducidad de CRL Plain View Vista Plana Tree View Vista de árbol Failed to create directory '%1' Failed to retrieve unique random serial Error al obtener un número de serie aleatorio único The certificate already exists in the database as: '%1' and so it was not imported El certificado ya existe en base de datos como: '%1' Y por lo tanto no será importado Signed on %1 by '%2' Firmado el %1 por '%2' Unknown Desconocido Invalid public key Clave pública no válida The key you selected for signing is not a private one. La clave seleccionada para la firma no es una clave privada. Store the certificate to the key on the token '%1 (#%2)' ? ¿Guardar el certificado a la clave en el token '%1 (#%2)'? PEM chain Cadena PEM PKCS#7 chain Cadena PKCS#7 PKCS#12 chain Cadena PKCS#12 PEM + key PEM + clave PKCS#7 unrevoked PKCS#7 no revocados PKCS#7 all PKCS#7 todos PEM unrevoked PEM no revocados PEM all PEM Todos Certificate Index file Fichero de índice de certificados vCalendar vCalendar CA vCalendar vCalendar CA Certificate export Exportar certificado X509 Certificates ( *.pem *.cer *.crt *.p12 *.p7b ) Certificados X509 ( *.pem *.cer *.crt *.p12 *.p7b ) There was no key found for the Certificate: '%1' No se ha encontrado clave asociada al Certificado '%1' Not possible for a token key: '%1' No es posible para una clave de token '%1' days Días Error opening file: '%1': %2 Error abriendo archivo: '%1': %2 Not possible for the token-key Certificate '%1' No es posible para un certificado con clave de token '%1' days días No template Sin plantilla db_x509name Subject Sujeto Complete distinguished name Nombre completo Subject hash Hash del sujeto Hash to lookup certs in directories Hash para buscar certificados en directorios db_x509req Signed Firmado whether the request is already signed or not Si el certificado está firmado o no Unstructured name Nombre sin estructurar Challenge password Contraseña Certificate count Número de certificados Number of certificates in the database with the same public key Número de certificados en base de datos con la misma clave pública The certificate signing request already exists in the database as '%1' and thus was not stored La solicitud de firma de certificado ya existe en la base de datos como '%1' y por lo tanto no será almacenada Certificate request export Exportación de solicitud Certificate request ( *.pem *.der *.csr ) Solicitud de firma de certificado ( *.pem *.der *.csr ) db_x509super Key name Nombre de clave Internal name of the key Nombre interno de la clave Signature algorithm Algoritmo de firma Key type Key size EC Group Grupo EC Extracted from %1 '%2' Extraído de %1: '%2' Certificate Certificado Certificate request Solicitud de certificado Save as OpenSSL config Almacenar como configuración OpenSSL Config files ( *.conf *.cnf);; All files ( * ) Archivo de configuración ( *.conf *.cnf);; Todos los archivos ( * ) The following extensions were not ported into the template Las siguientes extensiones no fueron importadas en la plantilla Transformed from %1 '%2' Transformado de %1 '%2' kvView Type Tipo Content Contenido pass_info Password Contraseña PIN PIN pkcs11_lib Failed to open PKCS11 library: %1: %2 Error al abrir la librería PKCS11: %1 %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. No parece una librería PKCS#11. Símbolo 'C_GetFunctionList' no encontrado. pki_base Internal error: Unexpected message: %1 %2 Error interno: Mensaje inesperado: %1 %2 Error opening file: '%1': %2 Error abriendo archivo: '%1': %2 Error writing to file: '%1': %2 Error escribiendo en archivo: '%1': %2 Unknown Desconocido Imported Importado Generated Generado Transformed Transformado Token Token Legacy Database Antigua base de datos Renewed Renovado Property '%1' not listed in 'pki_base::print' pki_crl Successfully imported the revocation list '%1' La lista de revocación '%1' se importó con éxito Delete the revocation list '%1'? ¿Eliminar la lista de revocación '%1'? Successfully created the revocation list '%1' Creada con éxito la lista de revocación '%1' Delete the %1 revocation lists: %2? ¿Eliminar las %1 listas de revocación: %2? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. Imposible cargar la lista de revocación del archivo %1. Se intentó con los formatos de PEM y DER de CRL. No issuer given No se proporcionó emisor Wrong Size %1 Tamaño erroneo: %1 Delete the %n revocation list(s): '%1'? CRL Renewal of CA '%1' due Renovación de CRL de CA '%1' debido a The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' La última CRL emitida por la CA '%1' caducará el %2. Está almacenada en la base de datos de XCA '%3' The XCA CRL '%1', issued on %3 will expire on %4. It is stored in the XCA database '%5' unknown desconocido Renew CRL: %1 Renovar CRL: %1 The XCA CRL '%1', issued by the CA '%2' on %3 will expire on %4. It is stored in the XCA database '%5' La CRL de XCA '%1', emitida por la CA '%2' el %3 caducará el %4. Está almacenada en la base de datos de XCA '%5' pki_evp Failed to decrypt the key (bad password) Error al desencriptar la clave (contraseña incorrecta) Failed to decrypt the key (bad password) %1 Error al desencriptar la clave (contraseña erronea) %1 Please enter the password to decrypt the private key. Por favor, introduzca la contraseña para desencriptar la clave privada. Please enter the password to decrypt the private key %1. The key from file '%1' is incomplete or inconsistent. La clave del fichero '%1' está incompleta o es inconsistente. Please enter the password to decrypt the private key from file: %1 Por favor, introduzca la contraseña para desencriptar la clave privada del archivo: %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. Imposible cargar la clave privada del archivo %1. Se intentó con los formatos de PEM y DER privada, pública, tipos de clave PKCS#8 y formato SSH2. Ignoring unsupported private key Ignorar clave privada no soportada Please enter the password to decrypt the private key: '%1' Por favor, introduzca la contraseña para desencriptar la clave privada: '%1' Password input aborted Introducción de la contraseña abortada Please enter the database password for decrypting the key '%1' Por favor, introduzca la contraseña de base de datos para desencriptar la clave: '%1' Decryption of private key '%1' failed Please enter the password to protect the private key: '%1' Por favor, introduzca la contraseña para proteger la clave privada: '%1' Please enter the database password for encrypting the key Por favor, introduzca la contraseña de base de datos para encriptar la clave Please enter the password to protect the PKCS#8 key '%1' in file: %2 Please enter the password to protect the private key '%1' in file: %2 Please enter the password protecting the PKCS#8 key '%1' Por favor, introduzca la contraseña que protege la clave PKCS#8 '%1' Please enter the export password for the private key '%1' Por favor, introduzca la clave de exportación para la clave privada '%1' pki_export PEM Text format with headers Formato de Texto PEM con cabeceras Concatenated list of all selected items in one PEM text file Lista concatenada de todos los elementos seleccionados en un archivo PEM PEM selected Concatenated list of all selected certificates in one PEM text file PEM chain Cadena PEM Concatenated text format of the complete certificate chain in one PEM file Cadena de certificados completa, concatenados en formato de texto en un archivo PEM The complete certificate chain and the private key of the selected certificate with tags usable in OpenVPN configuration files PEM + key PEM + clave Concatenation of the certificate and the unencrypted private key in one PEM file Certificado y la clave privada sin encriptar concatenados en un único fichero PEM Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Certificado y la clave privada encriptada concatenados en un único fichero con formato PKCS#8 All unusable Concatenation of all expired or revoked certificates in one PEM file PKCS#7 encoded single certificate Certificado individual codificado en PKCS#7 All selected certificates encoded in one PKCS#7 file Todos los certificados seleccionados en un fichero codificado en PKCS#7 PKCS #7 chain PKCS#7 encoded complete certificate chain Cadena de certificados completa codificada en PKCS#7 PKCS #7 unusable PKCS#7 encoded collection of all expired or revoked certificates Binary DER encoded certificate PKCS #12 chain The complete certificate chain and the private key as encrypted PKCS#12 file La cadena completa de certificados y la clave privada encriptados en fichero PKCS#12 PKCS #12 The certificate and the private key as encrypted PKCS#12 file Certificado y su clave privada encriptados en fichero PKCS#11 Certificate Index file Fichero de índice de certificados OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool Fichero de índice de certificados específico de OpenSSL como el comando created by the 'ca' y requerido por la herramienta OCSP vCalendar vCalendar vCalendar expiry reminder for the selected items vCalendar con el recordatorio de caducidad de los elementos seleccionados CA vCalendar vCalendar CA vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL vCalendar con la caducidad de todos los certificados emitidos y válidos; de la propia CA y de la última CRL OpenSSL config Configuración OpenSSL OpenSSL configuration file to create a certificate or request with the openssl commandline tool OpenVPN tls-auth key The OpenVPN tls-auth key is a secret key shared between endpoints JSON Web Kit The public key of the certificate in JSON Web Kit format with X.509 Certificate Thumbprint (x5t) JSON Web Kit chain The public key of the certificate in JSON Web Kit format with X.509 Certificate Thumbprint (x5t) and certificate chain (x5c) PEM public PEM publico Text format of the public key in one PEM file Clave pública en formato texto en un único archivo PEM PEM private PEM privado Unencrypted private key in text format Clave privada desencriptada en un fichero de texto PEM encrypted OpenSSL specific encrypted private key in text format Clave privada encriptada en formato de texto específico de OpenSSL SSH2 private SSH2 public SSH2 publico The public key encoded in SSH2 format Clave pública codificada en fomrato SSH2 DER public DER publico Binary DER format of the public key Clave pública en formato DER Binario DER private DER privado Unencrypted private key in binary DER format Clave privada desencriptada en formato DER Binario PVK private Private key in Microsoft PVK format not encrypted PKCS #8 encrypted Encrypted private key in PKCS#8 text format Clave privada encriptada en formato de texto PKCS#8 PKCS #8 Unencrypted private key in PKCS#8 text format Clave privada desencriptada en formato PKCS#8 JSON Web Key private Unencrypted private key in JSON Web Key format JSON Web Key public Public key in JSON Web Key format Binary DER format of the certificate request Binary DER format of the revocation list vCalendar reminder for the CRL expiry date XCA template in PEM-like format. Templates include the internal name and comment All selected XCA templates in PEM-like format. Templates include the internal name and comment pki_key Successfully imported the %1 public key '%2' Importada con éxito la %1 clave pública '%2' Delete the %1 public key '%2'? ¿Eliminar la %1 clave pública '%2'? Successfully imported the %1 private key '%2' Importada con éxito la %1 clave privada '%2' Delete the %1 private key '%2'? ¿Eliminar la %1 clave privada '%2'? Successfully created the %1 private key '%2' Creada con éxito la %1 clave privada '%2' Delete the %1 keys: %2? ¿Eliminar las %1 claves: %2? Public key Clave pública Successfully imported the %1 public key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key Importada con éxito la %1 clave pública '%2' Delete the %n %1 public key(s) '%2'? %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal name(s) of the key(s) Successfully imported the %1 private key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key Importada con éxito la %1 clave privada '%2' Delete the %n %1 private key(s) '%2'? %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal name(s) of the key(s) Successfully created the %1 private key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key Creada con éxito la %1 clave privada '%2' Common Común Private Privada Bogus Falso PIN PIN No password Sin contraseña Unexpected SSH2 content: '%1' Contenido SSH2 inesperado: '%1' Invalid SSH2 public key Clave pública SSH2 no válida Failed writing to %1 Error escribiendo a %1 pki_multi No known PEM encoded items found No se han encontrado elementos PEM codifiicados pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 Por favor, introduzca la contraseña para desencriptar el archvo PKCS#12: %1 Unable to load the PKCS#12 (pfx) file %1. No se puede cargar el archivo PKCS#12 (pfx) %1. The supplied password was wrong (%1) La contraseña introducida es incorrecta (%1) Please enter the password to encrypt the key of certificate '%1' in the PKCS#12 file: %2 Please enter the password to encrypt the PKCS#12 file Por favor, introduzca la contraseña para encriptar el archvo PKCS#12 No key or no Cert and no pkcs12 No existe clave o no existe certifcado y no existe pkcs12 pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. No se puede cargar el archivo PKCS#7 %1. Se he probado con los formatos PEM y DER. pki_scard Successfully imported the token key '%1' Importada con éxito la clave del token '%1' Delete the token key '%1'? ¿Eliminar la clave del token '%1'? Successfully created the token key '%1' Creada con éxito la clave del token '%1' Delete the %1 keys: %2? ¿Eliminar las %1 claves: %2? Delete the %n token key(s): '%1'? Delete the private key '%1' from the token '%2 (#%3)' ? ¿Eliminar la clave privada '%1' del token '%2 (#%3)'? This Key is already on the token Esta Clave ya existe en el token PIN input aborted Introducción de PIN abortada Unable to find copied key on the token No se puede encontrar la clave copiada en el token Please insert card: %1 %2 [%3] with Serial: %4 Por favor, inserte tarjeta: %1 %2 [%3] con Nº de Serie: %4 Select Slot of %1 Public Key mismatch. Please re-import card Error de comprobación de Clave Pública. Por favor, reimporte la tarjeta Illegal Key generation method Método de generación de claves ilegal Unable to find generated key on card No se puede encontrar la clave generada en la tarjeta Ignoring unsupported token key Ignorando clave de token no soportada Wrong Size %1 Tamaño erroneo: %1 Token %1 Token %1 Failed to find the key on the token No se puede encontrar la clave en el token Invalid Pin for the token Pin del token no válido Failed to initialize the key on the token No se puede inicializar la clave en el token pki_temp Successfully imported the XCA template '%1' Importada con éxito la plantilla XCA '%1' Delete the XCA template '%1'? ¿Eliminar la plantilla XCA '%1'? Successfully created the XCA template '%1' Creada con éxito la plantilla XCA '%1' Delete the %1 XCA templates: %2? ¿Eliminar las %1 plantillas XCA: %2? Delete the %n XCA template(s): '%1'? Wrong Size %1 Tamaño erroneo: %1 Template file content error (too small) Error en el contenido del fichero de plantilla (demasiado pequeño) Template file content error (too small): %1 Error en el contenido del fichero de plantilla (demasiado pequeño): %1 Not a PEM encoded XCA Template No es una plantilla XCA codificada en PEM Not an XCA Template, but '%1' No es una Plantilla XCA, sino '%1' pki_x509 Successfully imported the certificate '%1' Importado con éxito el certificado '%1' Delete the certificate '%1'? ¿Eliminar el certificado '%1'? Successfully created the certificate '%1' Creada con éxito el certificado '%1' Delete the %1 certificates: %2? ¿Eliminar los %1 certificados: %2? Delete the %n certificate(s): '%1'? Unable to load the certificate in file %1. Tried PEM and DER certificate. Imposible cargar el certificado del archivo %1. Se intentó con los formatos de PEM y DER de certificado. Invalid OpenVPN tls-auth key Failed to import tls-auth key Same tls-auth key already stored for this CA New tls-auth key successfully imported Existing tls-auth key successfully replaced This certificate is already on the security token Este certificado ya existe en el token de seguridad Delete the certificate '%1' from the token '%2 (#%3)'? ¿Eliminar el certificado '%1' del token '%2 (#%3)'? There is no key for signing ! ¡No existe clave para la firma! Wrong Size %1 Tamaño erroneo: %1 No No Yes Renew certificate: %1 Renovar certificado: %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' El certificado de XCA '%1', emitido el %2 caducará el %3. Está almacenado en la base de datos de XCA '%4' CRL Renewal of CA '%1' due Renovación de CRL de CA '%1' debido a The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' La última CRL emitida por la CA '%1' caducará el %2. Está almacenada en la base de datos de XCA '%3' pki_x509req Signing key not valid (public key) Clave de firma no válida (clave pública) Successfully imported the %1 certificate request '%2' Importada con éxito la %1 solicitud de certificado '%2' Delete the %1 certificate request '%2'? ¿Eliminar las %1 solicitudes de certificado: '%2'? Successfully created the %1 certificate request '%2' Creada con éxito la %1 solicitud de certificado '%2' Delete the %1 certificate requests: %2? ¿Eliminar las %1 solicitudes de certificado: %2? Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. Imposible cargar la solicitud de certificado del archivo %1. Se intentó con los formatos de PEM, DER y SPKAC. Wrong Size %1 Tamaño erroneo: %1 Successfully imported the PKCS#10 certificate request '%1' Delete the %n PKCS#10 certificate request(s): '%1'? Successfully created the PKCS#10 certificate request '%1' Signed Firmado Unhandled No manejado v3ext Copy Common Name Copiar Nombre Común Add Añadir Delete Eliminar Apply Aplicar Validate Validar Cancel Cancelar An email address or 'copy' Una dirección de correo o 'copiar' An email address Una dirección de correo A registered ID: OBJECT IDENTIFIER Un ID registrado: OBJECT IDENTIFIER A uniform resource indicator Un indicador de recurso uniforme (URI) A DNS domain name or 'copycn' Un nombre de dominio DNS o 'copycn' A DNS domain name Un nombre de dominio DNS An IP address Una dirección IP Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' Sintaxis: <OID>;TYPE:text por ejemplo '1.2.3.4:UTF8:name' No editing. Only 'copy' allowed here No editar. Sólo 'copiar' está permitido aquí Validation failed: '%1' %2 Error de validación: '%1' %2 Validation successful: '%1' Validado con éxito: '%1' xcaWarning The following error occurred: El siguiente error ha ocurrido: Copy to Clipboard Copiar al Portapapeles xcaWarningGui Copy to Clipboard Copiar al Portapapeles xca-RELEASE.2.9.0/lang/xca_fa.ts000066400000000000000000006577451477156507700161410ustar00rootroot00000000000000 CaProperties Form برگه Days until next CRL issuing تعداد روزهایی که تا صدور فهرست‌ابطال بعدی مانده Default template قالب پیش‌فرض CA Properties ویژگی‌های مرکز صدور گواهی CertDetail Details of the Certificate جزئیات گواهی Serial شماره‌ی دنباله The serial number of the certificate شماره‌ی دنباله‌ی گواهی The internal name of the certificate in the database نام داخلی گواهی در پایگاه‌داده Status وضعیت Internal name نام درونی Signature امضا Key کلید Fingerprints درهم‌ساز‌شده اثر انگشت MD5 MD5 An md5 hashsum of the certificate چکیده‌ی MD5 از گواهی SHA1 SHA1 A SHA-1 hashsum of the certificate چکیده‌ی SHA1 از گواهی SHA256 SHA256 A SHA-256 hashsum of the certificate چکیده‌ی SHA256 از گواهی Validity اعتبار The time since the certificate is valid زمانی که گواهی معتبر می‌شود The time until the certificate is valid زمانی که گواهی منقضی می‌شود Subject پذیرنده Issuer صادرکننده Extensions افزونه‌ها Validation Purposes Strict RFC 5280 validation Comment دیدگاه‌ها Attributes مشخصه‌ها Show config نمایش پیکربندی‌ Show extensions نمایش افزونه‌ها Show public key نمایش کلید عمومی This key is not in the database. این کلید در پایگاه داده یافت نشد. Not available غیر قابل دسترسی No verification errors found. Signer unknown امضاکننده‌ی ناشناس Self signed خودامضا Revoked at %1 باطل‌شده در %1 Not valid نامعتبر Valid معتبر Details of the certificate signing request جزئیات درخواست امضای گواهی CertExtend Certificate renewal تمدید گواهی This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. این گزینه یک گواهی جدید همانند گواهی پیشین با شماره‌ی دنباله و دوره‌ی اعتبار جدید می‌سازد. Validity محدوده‌‌ی زمانی اعتبار Not before از Not after تا Time range محدوده‌ی زمانی Local time زمان محلی Days روز Months ماه Years سال No well-defined expiration انقضای نامشخص Midnight نیمه‌شب Apply اعمال Revoke old certificate ابطال گواهی پیشین Replace old certificate جایگزینی گواهی پیشین Keep serial number استفاده‌ی مجدد از شماره‌ی دنباله The certificate will be earlier valid than the signer. This is probably not what you want. گواهی پیش ازمحدوده‌ی زمانی اعتبار صادرکننده‌ی خود معتبر می‌باشد. شاید این مورد یک خطا باشد. Edit dates ویرایش تاریخ‌ها Abort rollout لغو صدور مجدد Continue rollout ادامه‌ی صدور دوباره Adjust date and continue پیکربندی تاریخ و ادامه The certificate will be longer valid than the signer. This is probably not what you want. گواهی پس از محدوده‌‌ی زمانی اعتبار صادرکننده‌ی خود معتبر می‌باشد. شاید این مورد یک خطا باشد. CertTreeView Hide unusable certificates Import PKCS#12 درون داد PKCS#12 Import from PKCS#7 معادل import واژه ی import در نظر گرفته شد. درون‌داد از PKCS#7 Request درخواست Security token توکن امنیتی Other token دیگر توکن‌ها Similar Certificate گواهی مشابه Delete from Security token متأسفانه معادل توکن در فارسی یافت نشد. حذف از توکن امنیتی CA مرکز صدور گواهی Properties مشخصه‌ها Generate CRL صدور فهرست ابطال (CRL) Manage revocations مدیریت ابطال Import OpenVPN tls-auth key Renewal تمدید Revoke ابطال Unrevoke لغو ابطال Plain View نمایش بدون قالب Tree View نمایش درختی days روز No template بدون قالب CA Properties ویژگی‌های مرکز صدور گواهی Certificate export برون‌داد گواهی X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) گواهی x509 (با قالب‌های pem, cer, crt, p12, pfx, p7b) vCalendar entry ( *.ics ) OpenVPN file ( *.ovpn ) OpenVPN tls-auth key ( *.key ) ClickLabel Double click for details برای نمایش جزئیات ، انتخاب کنید CrlDetail Details of the Revocation list جزئیات فهرست ابطال &Status &وضعیت Version نگارش Signature امضا Signed by امضا‌شده با Name نام The internal name of the CRL in the database نام درونی فهرست ابطال در پایگاه داده issuing dates زمان صدور Next update به‌روزرسانی بعدی Last update آخرین به‌روزرسانی &Issuer &صادرکننده &Extensions &افزونه‌ها &Revocation list &فهرست ابطال Comment دیدگاه Failed ناموفق Unknown signer امضا‌کننده‌ی نامشخص Verification not possible اعتبارسنجی امکان‌پذیر نیست CrlTreeView There are no CA certificates for CRL generation هیچ گواهی مرکز صدوری برای صدور فهرست ابطال (CRL) وجود ندارد Select CA certificate انتخاب گواهی مرکز صدور Revocation list export برون‌داد فهرست ابطال CRL ( *.pem *.der *.crl ) فهرست ابطال (CRL) (*.pem *der *.crl) vCalendar entry ( *.ics ) ExportDialog Name نام The internal name of the CRL in the database نام درونی فهرست ابطال در پایگاه داده ... ... Filename معادل واژه‌ی file پرونده در نظر گرفته شده است. نام پرونده نام فایل Each Item in a separate file Same encryption password for all items Export comment into PEM file برون‌داد دیدگاه در پرونده PEM Export Format قالب برون‌داد %n selected item(s) All files ( * ) همه‌ی پرونده‌ها (*) The file: '%1' already exists! پرونده‌ی %1 در حال حاضر موجود می‌باشد! Overwrite بازنویسی Do not overwrite بدون بازنویسی The path: '%1' exist, but is not a file The path: '%1' exist, but is not a directory The directory: '%1' does not exist. Should it be created? Create ساختن Failed to create directory '%1' ساخت پوشه‌ی '%1' با خطا مواجه شد Directory مسیر پوشه PEM Text format with headers قالب متنی PEM با سرآیند Concatenated list of all selected items in one PEM text file فهرست همه‌ی موارد در یک پرونده‌ی متنی PEM الحاق‌شده Concatenated text format of the complete certificate chain in one PEM file قالب متنی الحاق‌شده از زنجیره‌ی کامل گواهی در یک پرونده‌ی PEM Concatenated text format of all certificates in one PEM file قالب متنی الحاق‌شده از همه‌ی گواهی‌ها در یک پرونده‌ی PEM Binary DER encoded file پرونده‌ی دودویی در قالب DER PKCS#7 encoded single certificate واژه‌ی encode به جهت استفاده در کنار نام PKCS#7 تک‌‌گواهی در قالب PKCS#7 PKCS#7 encoded complete certificate chain زنجیره‌ی کامل گواهی در قالب PKCS#7 Concatenated text format of all unrevoked certificates in one PEM file قالب متنی الحاق‌شده از همه‌ی گواهی‌های رفع تعلیق‌شده در یک پرونده‌ی متنی PEM All unrevoked certificates encoded in one PKCS#7 file همه‌ی گواهی‌های رفع‌تعلیق‌شده در پرونده با قالب PKCS#7 All selected certificates encoded in one PKCS#7 file همه‌ی گواهی‌های انتخاب‌شده در یک پرونده‌ی در قالب PKCS#7 All certificates encoded in one PKCS#7 file همه‌ی گواهی‌ها در یک پرونده با قالب PKCS#7 The certificate and the private key as encrypted PKCS#12 file گواهی و کلید خصوصی در قالب یک پرونده‌ی PKCS#12 رمزنگاری‌شده The complete certificate chain and the private key as encrypted PKCS#12 file زنچیره‌ی کامل گواهی و کلید خصوصی در قالب یک پرونده‌ی PKCS#12 رمزنگاری‌شده Concatenation of the certificate and the unencrypted private key in one PEM file الحاق کواهی با کلید خصوصی رمزنگاری‌نشده در یک فایل با قالب PEM Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file الحاق گواهی و کلید خصوصی رمزنگاری‌شده در یک فایل با قالب PKCS#8 Text format of the public key in one PEM file قالب متنی کلید عمومی در یک فایل PEM Binary DER format of the public key کلید خصوصی در قالب دودویی DER Unencrypted private key in text format کلید خصوصی رمزنگاری‌نشده در قالب متن OpenSSL specific encrypted private key in text format کلید خصوصی رمزنگاری‌شده مخصوص OpenSSl در قالب متن Unencrypted private key in binary DER format کلید خصوصی رمزنگاری‌نشده در قالب دودویی DER Unencrypted private key in PKCS#8 text format کلید خصوصی رمزنگاری‌نشده در قالب متنی PKCS#8 Encrypted private key in PKCS#8 text format کلید خصوصی رمزنگاری‌شده در قالب متنی PKCS#8 The public key encoded in SSH2 format کلید عمومی در قالب SSH2 OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool پرونده‌ی متنی نمایه‌ی گواهی مختص OpenSSL که با دستور 'ca' ساخته شده و توسط ابزار OCSP مورد نیاز است vCalendar expiry reminder for the selected items یاآوری انقضای vCalander برای موارد انتخاب‌شده vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL یادآوری انقضای vCalander شامل همه‌ی گواهی‌های معتبر صادرشده، خود مرکز صدور و آخرین فهرست ابطال Private key in Microsoft PVK format not encrypted کلید خصوصی در قالب Microsoft PVK به صورت رمزنگاری‌نشده Encrypted private key in Microsoft PVK format کلید خصوصی رمزنگاری‌شده در قالب Microsoft PVK Form last update آخرین به‌رورزرسانی next update به‌روزرسانی بعدی Days روز(ها) Months ماه Years سال Apply اعمال Midnight نیمه‌شب Local time زمان محلی No well-defined expiration انقضای نامشخص Help << << >> >> &Done &انجام‌شده ImportMulti Import PKI Items درون‌داد اشیای زیرساخت کلید عمومی Import &All برون‌داد &همه &Import &درون‌داد &Done &انجام‌شده &Remove from list &حذف از فهرست Details جزئیات Delete from token حذف از توکن Rename on token نام‌جدید بر روی توکن Name: %1 Model: %2 Serial: %3 نام: %1 الگو: %2 شماره‌ی دنباله: %3 Manage security token مدیریت توکن امنیتی The type of the item '%1' is not recognized نوع مورد %1 شناخته‌شده نیست Could not open the default database امکان باز کردن پایگاه داده‌ی پیش‌فرض نیست The file '%1' did not contain PKI data پرونده‌ی '%1' دارای هیچ شئ زیرساخت کلید عمومی نیست The %1 files: '%2' did not contain PKI data %1 قایل: %2 حاوی هیچ داده‌ی زیرساخت کلید عمومی نیست Details of the item '%1' cannot be shown جزئیات مورد '%1' قابل نمایش نیست ItemProperties Name نام Source منبع Insertion date تاریخ درج Comment دیدگاه KeyDetail Name نام The internal name of the key used by xca نام درونی کلید که در xca استفاده می شود Security token توکن امنیتی Manufacturer سازنده Serial شماره ی دنباله Key کلید Public Exponent بخش عمومی توان Keysize اندازه ی کلید Private Exponent بخش خصوصی توان Security Token توکن امنیتی Label برچسب PKCS#11 ID شناسه ی PKCS#11 Token information اطلاعات توکن Model الگو Fingerprint اثرانگشت Comment دیدگاه Details of the %1 key جزئیات کلید %1 Not available غیرقابل دسترس Available در دسترس Sub prime زیرمجموعه‌ی اصلی Public key کلید عمومی Private key کلید خصوصی Curve name نام منحنی Unknown key کلید نامشخص KeyTreeView Clipboard format قالب حافظه‌ی رونوشت Change password تغییر گذرواژه Reset password بازنشانی گذرواژه Change PIN تغییر گذرواژه‌ی عدد (PIN) Init PIN with SO PIN (PUK) مقداردهی اولیه PIN با گذرواژه‌ی عددی مدیر (PUK) Change SO PIN (PUK) تغییر گذرواژه‌ی عددی مدیر (PUK) Security token توکن امنیتی This is not a token این توکن شناخته نشد Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable آیا کلید اصلی '%1' باید با کلید روی توکن جابه‌جا شود؟ این گزینه کلید '%1' را پاک خواهد کرد و آن را غیرقابل استخراج می‌کند Key export پرون‌داد کلید Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) کلید‌های خصوصی ( با قالب‌های pem، der و pk8);; کلیدهای عمومی SSH (با قالب pub) SSH Private Keys ( *.priv ) Microsoft PVK Keys ( *.pvk ) Export public key [%1] برون‌داد کلید مومی [%1] MainWindow Private Keys کلید خصوصی &New Key &کلید جدید &Export &برون‌داد &Import &درون‌داد Import PFX (PKCS#12) درون‌داد با قالب PFX (PKCS#12) &Show Details &نمایش جزئیات &Delete &حذف Certificate signing requests درخواست گواهی امضاشده &New Request &درخواست جدید Certificates گواهی &New Certificate &گواهی جدید Import &PKCS#12 درون‌داد &PKCS#12 Import P&KCS#7 درون‌داد &PKCS#7 Plain View نمایش بدون قالب Templates قالب‌ها &New Template &قالب جدید &New CRL &فهرست ابطال جدید Ch&ange Template &تغییر قالب Revocation lists فهرست های ابطال Using or exporting private keys will not be possible without providing the correct password استفاده و یا برون‌داد کلید‌های خصوصی بدون گذرواژه‌ی درست امکان‌پذیر نیست The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. چکیده‌ساز پیش‌فرض '%1' ناامن است. خواهشمند است به دلایل امنیتی حداقل از SHA 224 استفاده نمائید. Recent DataBases پایگاه‌داده‌های اخیر System سامانه Croatian کرواسی English انگلیسی French فرانسوی German آلمانی Japanese ژاپنی Korean Russian روسی Slovak اسلواکیایی Spanish اسپانیایی Persian فارسی Bulgarian بلغاری Polish لهستانی Italian ایتالیایی Chinese چینی Dutch هلندی Portuguese in Brazil پرتقالی در برزیل Indonesian اندونزیایی Turkish ترکی Language زبان &File &پرونده Open Remote DataBase بازکزدن پایگاه‌داده‌ی غیرمحلی Set as default DataBase انتخاب به عنوان پایگاه‌داده‌ی پیش‌فرض New DataBase پایگاه‌داده‌ی جدید Open DataBase بازکردن پایگاه‌داده Close DataBase بستن پایگاه‌داده Options گزینه‌ها Exit خروج I&mport &درونداد Keys کلیدها Requests درخواست‌ها PKCS#12 PKCS#12 PKCS#7 PKCS#7 Template قالب Revocation list فهرست ابطال PEM file پرونده ی PEM Paste PEM file چسباندن پرونده‌ی PEM Token توکن Export Certificate &Index hierarchy برون‌داد گواهی &سلسه‌مراتب نمایه Content محتوا &Manage Security token &مدیریت توکن امنیتی &Init Security token &مقداردهی اولیه توکن امنیتی &Change PIN &تغییر گذرواژه ی عددی Change &SO PIN تغییر گذرواژه‌ی عددی &SO Init PIN مقداردهی اولیه‌ی گذرواژه‌ی عددی Extra اضافه &Dump DataBase &خروجی پایگاه‌داده &Export Certificate Index &برون‌داد نمایه‌ی گواهی C&hange DataBase password &تغییر گذرواژه‌ی پایگاه‌داده &Undelete items &عدم حذف موارد Generate DH parameter of fbh صدور مقادیر DH OID Resolver تعیین‌کننده ‌ی مقدار OID &Help &راهنمایی About درباره‌ی نرم‌افزار Import PEM data درون‌داد داده‌های PEM Please enter the original SO PIN (PUK) of the token '%1' خواهشمند است گذرواژه‌ی عددی مدیر (PUK) توکن '%1' را وارد نمایید Search جست‌وجو Please enter the new SO PIN (PUK) for the token '%1' خواهشمند است گذرواژه‌ی عددی مدیر (PUK) برای توکن '%1' را وارد نمایید The new label of the token '%1' برچسب جدید برای توکن '%1' The token '%1' did not contain any keys or certificates توکن '%1'دارای هیچ کلید و یا گواهی نیست Retry with PIN Retry with SO PIN Current Password گذرواژه‌ی کنونی Please enter the current database password خواهشمند است گذرواژه‌ی پایگاه‌داده‌ی کنونی را وارد نمایید The entered password is wrong گذرواژه‌ی واردشده نادرست است New Password گذرواژه‌ی جدید Please enter the new password to encrypt your private keys in the database-file خواهشمند است جهت رمزنگاری کلید خصوصی در پرونده‌ی پایگاه‌داده، گذرواژه‌ی جدید را وارد نمایید Transaction start failed آغاز تراکنش با شکست روبه‌رو شد Database: %1 پایگاه‌داده: %1 The currently used PFX / PKCS#12 algorithm '%1' is insecure. الگوریتم کنونی '%1' استفاده‌شده در PFX/PKCS#12 ناامن است. Change تغییر Certificate Index ( index.txt ) نمایه‌ی گواهی ( index.txt ) All files ( * ) همه‌ی پرونده‌ها ( * ) Diffie-Hellman parameters saved as: %1 مقادیر مورد نیاز برای الگوریتم Diffie-Hellman تحت عنوان %1 ذخیره شدند Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits مقادیر مورد نیاز برای الگورتیم Diffie-Hellman برای کاربردهای دیگری است، اما در XCA پشتیبانی نمی‌شود. خواهشمند است مقادیر مورد نیاز برای الگوریتم DH به صورت بیت وارد نمایید Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format پایگاه داده با قالب قدیمی تشخیص داده شد. ساخت یک رونوشت پشتیبان با نام: '%1' و تبدیل پایگاه‌داده به قالب جدید Failed to rename the database file, because the target already exists به دلیل وجود یک پایگاه‌داده‌ی هم‌نام، نام‌گذاری پرونده‌ی پایگاه داده امکان‌پذیر نیست Database پایگاه داده No deleted items found هیچ مورد پاک‌شده ای یافت نشد no such option: %1 چنین گزینه‌ای موجود نیست: %1 Please enter a password, that will be used to encrypt your private keys in the database: %1 خواهشمند است گذرواژه‌‌ای که برای رمزنگاری کلیدهای خصوصی در پایگاه داده‌ی زیر استفاده می‌شود، وارد نمایید: %1 Password verify error, please try again اعتبارسنجی گذرواژه با خطا مواجه شد، خواهشمند است دوباره تلاش کنید Password گذرواژه Please enter the password for unlocking the database: %1 خواهشمند است برای قفل‌گشایی پایگاه‌داده‌: %1 گذرواژه را وارد نمایید The following error occurred: خطای زیر ایجاد شد: Copy to Clipboard ایجاد رونوشت در حافظه‌رونوشت NewCrl Last update آخرین به‌روزرسانی Next update به‌روزرسانی بعدی Days روز Months ماه Years سال Midnight نیمه‌شب Local time زمانی محلی Apply اعمال Options گزینه‌ها CRL number شماره‌ی فهرست ابطال (CRL) Subject alternative name می‌توان ترجمه‌ی موضوع را هم اضافه کرد. نام جایگزین صاحب گواهی Revocation reasons دلیل ابطال Authority key identifier شناسه‌ی کلید مرکز صدور Hash algorithm الگوریتم چکیده‌ساز Create CRL ساخت فهرست ابطال NewKey Please give a name to the new key and select the desired keysize خواهشمند است نام و طول کلید جدید را انتخاب کنید Key properties ویژگی‌های کلید Name نام The internal name of the new key نام درونی کلید جدید Curve name نام منحنی Usually at least 2048 bit keys are recommended به طول معمول کلید با طول ۲۰۴۸ بیت پیشنهاد می‌شود New Key کلید جدید Keysize طول کلید Keytype نوع کلید Remember as default یادآوری به عنوان پیش‌فرض Create ساختن NewX509 Source منبع Signing request درخواست امضای گواهی Show request نمایش درخواست Sign this Certificate signing &request امضای &درخواست صدور گواهی Copy extensions from the request استفاده از افزونه‌های درخواست Modify subject of the request ویرایش اطلاعات صاحب گواهی Signing امضا Create a &self signed certificate ساخت گواهی &خودامضا Use &this Certificate for signing استفاده از &گواهی برای امضا All certificates in your database that can create valid signatures همه‌ی گواهی‌های موجود در پایگاه‌داده‌ی شما که امکان ساخت امضای معتبر دارند Signature algorithm الگوریتم امضا Template for the new certificate قالب برای گواهی جدید All available templates همه‌ی قالب‌های دردسترس Apply extensions اعمال افزونه Apply subject اعمال صاحب‌گواهی Apply all اعمال همه Subject صاحب گواهی Internal Name نام درونی Distinguished name نام متمایزشده Add افزودن Delete پاک‌کردن Private key کلید خصوصی This list only contains unused keys این فهرست فقط شامل کلید‌های استفاده‌نشده است Used keys too همچنین کلید‌های استفاده‌شده &Generate a new key &تولید یک کلید جدید Extensions افزونه‌ها Type نوع If this will become a CA certificate or not واژه‌ی این به این مورد ترجمه شده است. آیا این مورد به یک گواهی مرکز صدور تبدیل خواهد شد یا خیر Not defined تعریف نشده Certification Authority مرکز صدور گواهی End Entity کاربر نهایی Path length طول مسیر How much CAs may be below this. چه تعداد مرکز صدور گواهی ممکن است زیر مجموعه‌ی این مورد قرار گیرند. The basic constraints should always be critical مشخصه‌ی محدودیت پایه می‌بایست همیشه به صورت بحرانی مقداردهی شود Key identifier واژه‌ی Identifier به مشخصه‌ی یکتا ترجمه شده است مشخصه‌ی یکتای کلید Creates a hash of the key following the PKIX guidelines این مورد یک چکیده از کلید مطابق شیوه‌های PKIX ایجاد می‌کند Copy the Subject Key Identifier from the issuer رونوشت از مشخصه‌ی کلید صاحب گواهی صادرکننده Validity اعتبار Not before از Not after تا Time range محدوده‌ی زمانی Days روز Months ماه Years سال Apply اعمال Set the time to 00:00:00 and 23:59:59 respectively پیکربندی زمان به ترتیب به ۰۰:۰۰:۰۰ و ۲۳:۵۹:۵۹ Midnight نیمه‌شب Local time زمان محلی No well-defined expiration انقضای نامشخص DNS: IP: URI: email: RID: در این مورد ترجمه‌ای صورت نگرفت. DNS: IP: URI: email: RID: Edit ویرایش URI: URI: Key usage کاربرد کلید Netscape نت‌اسکیپ Advanced پیشرفته Validate اعتبارسنجی Comment دیدگاه This name is only used internally and does not appear in the resulting certificate این نام تنها به صورت درونی استفاده شده است و در گواهی نهایی ظاهر نمی‌شود Critical بحرانی Create Certificate signing request ساخت درخواست گواهی امضا‌شده minimum size: %1 کمینه‌ی اندازه: %1 maximum size: %1 بیشینه‌ی اندازه: %1 only a-z A-Z 0-9 '()+,-./:=? تنها نویسه‌های a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters تنها نویسه‌ی خالی ۷ بیتی قابل قبول است Edit XCA template ویرایش قالب XCA Create x509 Certificate صدور گواهی X509 Template '%1' applied قالب %1 اعمال شد Subject applied from template '%1' صاحب گواهی از قالب %1 اعمال شد Extensions applied from template '%1' افزونه‌هایی که از قالب '%1' اعمال شده است New key '%1' created کلید جدید '%1 ساخته شد Other Tabs زبانه‌های دیگر Advanced Tab زبانه‌ی پیشرفته Errors خطاها From PKCS#10 request از درخواست PKCS#10 Error duplicate extensions The Name Constraints are invalid The Subject Alternative Name is invalid The Issuer Alternative Name is invalid The CRL Distribution Point is invalid The Authority Information Access is invalid Abort rollout در مورد تجدید The following length restrictions of RFC3280 are violated: محدودیت‌های طول در RFC3280 نقض شده است: Edit subject ویرایش دارنده Continue rollout ادامه‌ی تجدید The verification of the Certificate request failed. The rollout should be aborted. اعتبارسنجی درخواست گواهی با شکست مواجه شد. فرایند تجدید باید لغو شود. Continue anyway ادامه در هر صورت The internal name and the common name are empty. Please set at least the internal name. نام درونی و نام عمومی خالی هستند. خواهشمند است حداقل نام درونی پر کنید. Edit name ویرایش نام There is no Key selected for signing. هیچ کلید انتخاب‌شده‌ای برای امضا موجود نیست. Select key انتخاب کلید The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. نام‌های مدخل متمایزکننده‌ی زیر خالی هستند: %1 بنابراین شما آن‌ها را در فهرست گزینه‌ها الزامی کردید. The key you selected for signing is not a private one. کلیدی که شما برای امضا انتخاب کرده‌اید، کلید خصوصی نیست. Select other signer امضاکننده‌ی دیگری را انتخاب کنید Select other key کلید دیگری را انتخاب کنید The currently selected hash algorithm '%1' is insecure and should not be used. الگوریتم انتخاب‌شده‌ی کنونی '%1' ناامن است و توصیه می‌شود از آن استفاده نشود. Select other algorithm انتخاب دیگر الگوریتم‌ها Use algorithm anyway استفاده از الگوریتم به هر صورت The certificate will be earlier valid than the signer. This is probably not what you want. گواهی پیش از امضاکننده معتبر است. احتمالا این چیزی نیست که شما می‌خواهید. Edit dates ویرایش تاریخ‌ها Adjust date and continue تنظیم تاریخ و ادامه The certificate will be longer valid than the signer. This is probably not what you want. گواهی بیشتر از دوره‌ی اعتبار امضا‌کننده معتبر است. احتمالا این چیزی است که شما نمی‌خواهید. The certificate will be out of date before it becomes valid. You most probably mixed up both dates. گواهی پیش از آن‌که معتبر شود، به روز نیست. شما احتمالا چند تاریخ را با هم اشتباه گرفته‌اید. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. گواهی دارای افزونه‌های غیرمعتبر یا تکراری است. اعتبار آن‌ها را در زبانه‌ی پیشرفته بررسی کنید. The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. گواهی هیچ افزونه‌ای ندارد. شما باید یکی از افزونه‌های مورد نیاز برای استفاده گواهی که در قالب تعریف شده است اعمال کنید. The certificate contains invalid extensions. گواهی دارای افزونه‌های نادرست می‌باشد. Edit extensions ویرایش افزونه‌ها The subject alternative name shall contain a copy of the common name. However, the common name is empty. نام جایگزین دارنده باید شامل یک رونوشت از نام عمومی باشد. در هر حال، نام عمومی خالی است. A name constraint of the issuer '%1' is violated: %2 Configfile error on line %1 خطای پرونده‌ی پیکربندی در خط %1 OidResolver OID Resolver تعیین‌کننده ‌ی مقدار OID Enter the OID, the Nid, or one of the textual representations مقدارهای OID، Nid، و یا یکی از نمایش‌های متنی را وارد کنید Search جست‌وجو OID OID Long name نام بلند OpenSSL internal ID شناسه‌ی درونی OpenSSL Nid Nid Short name نام کوتاه OpenDb Open remote database بازکردن پایگاه‌داده‌ی غیرمحلی Database type نوع پایگاه‌داده Hostname نام میزبان Username نام کاربری Password گذرواژه Database name نام پایگاه‌داده Table prefix پیشوند جدول No SqLite3 driver available. Please install the qt-sqlite package of your distribution راه‌اندازی Sqlite3 در دسترس نیست. خواهشمند است بسته‌ی qt-sqlite را برای توزیع خود نصب کنید Please enter the password to access the database server %2 as user '%1'. خواهشمند است گذرواژه ی دستیابی به خدمت‌گزار پایگاه‌‌داده '%2' به عنوان کاربر '%1' وارد کنید. The database driver does not support transactions. This may happen if the client and server have different versions. Continue with care. راه‌انداز پایگاه‌داده از تراکنش‌ها پشتیبانی نمی‌کند. ممکن است دلیل آن نگارش‌های مختلف مشتری و خدمت‌گزار باشد. با توجه به این ادامه دهید. Options XCA Options گزینه‌های XCA Settings پیکربندی‌ها Default hash algorithm الگوریتم چکیده‌ساز پیش‌فرض String types انواع رشته‌ها Suppress success messages توقف پیام‌های موفقیت Don't colorize expired certificates گواهی‌های منقضی‌شده را رنگی نکن Translate established x509 terms (%1 -> %2) ترجمه‌ی موارد تعیین‌شده در x509 (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. کارکرد چکیده‌سازی توکن در XCA استفاده نمی‌شود. ممکن است از مجموعه‌ی توابع چکیده‌ساز محدود‌شده توسط توکن استفاده شود. به طور ویژه، EC و DSA تنها در SHA1 از مشخصات فنی PKCS#11 تعریف شده است. Only use hashes supported by the token when signing with a token key تنها از چکیده‌سازهایی که در توکن پشتیبانی می‌شود، هنگام امضای با کلید توکن استفاده شود Disable legacy Netscape extensions غیرفعال‌سازی افزونه‌های Netscape قدیمی PKCS12 encryption algorithm الگورتیم رمزنگاری PKCS12 Certificate expiry warning threshold آستانه‌ی هشدار انقضای گواهی Send vCalendar expiry reminder فرستادن شماره‌ی انقضای vCalander Serial number length طول شماره‌ی ردیف bit بیت Distinguished name نام متمازه‌شده Mandatory subject entries ورودی‌های الزامی صاحب‌گواهی Add افزودن Delete برخی موارد پاک‌کردن استفاده شده که باید تصحیح شود. پاک‌کردن Explicit subject entries ورودی‌های صریح صاحب‌گواهی Dynamically arrange explicit subject entries به طور پویا ورودی‌های صریح صاحب گواهی را بچین Default پیش‌فرض PKCS#11 provider فراهم‌کننده‌ی PKCS#11 Remove پاک کردن Search جست‌وجو Printable string or UTF8 (default) رشته‌ی قابل چاپ یا UTF8 (پیش‌فرض) PKIX recommendation in RFC2459 توصیه‌ی PKIX در RFC2459 No BMP strings, only printable and T61 رشته‌های BMP قابل قبول نیست، تنها قابل چاپ و T61 UTF8 strings only (RFC2459) تنها رشته‌های UTF8(RFC2459( All strings همه‌ی رشته‌ها Days روزها Weeks هفته‌ها PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) گذرواژه با عدد ۲ رقمی در مبنای ۱۶ تجزیه شد. باید تعداد زوج از رقم‌ها (0-9 و a-f) داشته باشد Take as HEX string گرفتن به عنوان رشته بر اساس رقم‌های مبنای ۱۶ Repeat %1 تکرار %1 %1 mismatch %1 نامنطبق Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters گذرواژه‌ی با ارقام مبنای ۱۶ باید شامل نویسه‌های '0' تا '9' و 'a' تا'f' باشد و باید شامل تعداد زوج از نویسه‌ها باشد Exit خروج Password گذرواژه E&xit خ&روج QMessageBox Ok تأیید Close بستن Cancel لغو Apply اعمال Yes بله No خیر QObject Undefined تعریف‌نشده Broken / Invalid معیوب / نامعتبر in %1 seconds در %1 ثانیه %1 seconds ago %1 ثانیه پیش in %1 minutes در %1 دقیقه %1 minutes ago %1 دقیقه پیش Yesterday دیروز Tomorrow فردا in %1 hours در %1 ساعت %1 hours ago %1 ساعت پیش Out of data خارج از داده Error finding endmarker of string نشانه‌ی پایانی یافتن خطا در رشته All files ( * ) همه‌ی پرونده‌ها (*) PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK Keys ( *.pvk );; SSH Public Keys ( *.pub );; کلید زیرساخت کلید عمومی (در قالب pem، der ، key);; کلیدهای PKCS#8 (در قالب p8، pk8);; کلیدهای Microsoft PVK (در قالب pvk);; کلیدهای عمومی SSH (در قالب pub) Import RSA key درون‌داد کلید RSA PKCS#10 CSR ( *.pem *.der *.csr );; Import Request درون‌داد درخواست Certificates ( *.pem *.der *.crt *.cer );; گواهی‌های دیجیتال (با پسوند pem، der، crt، cer) Import X.509 Certificate درون‌داد گواهی‌های ‌X509 PKCS#7 data ( *.p7s *.p7m *.p7b );; داده‌های PKCS#7 (با پسوند p7s، p7m، p7b) Import PKCS#7 Certificates درون‌داد گواهی‌های PKCS#7 PKCS#12 Certificates ( *.p12 *.pfx );; گواهی‌های PKCS#12 (با پسوند p12، pfx) Import PKCS#12 Private Certificate درون‌داد گواهی خصوصی PKCS#12 XCA templates ( *.xca );; قالب‌های XCA (با پسوند xca) Import XCA Templates درون‌داد قالب‌های XCA Revocation lists ( *.pem *.der *.crl );; فهرست‌های ابطال (با پسوند pem, der , crl) Import Certificate Revocation List درون‌داد فهرست ابطال گواهی XCA Databases ( *.xdb );; پایگاه‌‌داده های (با پسوند xdb) Open XCA Database باز کردن پایگاه‌داده‌ی XCA OpenVPN tls-auth key ( *.key );; Import OpenVPN tls-auth key PKCS#11 library ( *.dll );; کتاب‌خانه‌ی PKCS#11 (با پسوند dll) PKCS#11 library ( *.dylib *.so );; کتابخانه‌ی PKCS#11 (با پسوند dylib, so) PKCS#11 library ( *.so );; کتابخانه‌ی PKCS#11 (با پسوند so) Open PKCS#11 shared library باز کردن کتابخانه‌‌ی اشتراکی PKCS#11 PEM files ( *.pem );; پرونده‌های PEM (با پسوند pem) Load PEM encoded file بارگذاری پرونده‌های رمزنگاری شده‌ی PEM Please enter the PIN on the PinPad خواهشمند است گذرواژه‌ی عددی (PIN) را بر روی دستگاه رمزخوان (PinPad) وارد کنید Please enter the SO PIN (PUK) of the token %1 خواهشمند است گذرواژه‌ی عددی مدیریتی (PUK) توکن %1 را وارد نمایید Please enter the PIN of the token %1 خواهشمند است گذرواژه‌ی عددی (PIN) %1 را وارد نمائید No Security token found هیچ توکن امنیتی یافت نشد Select انتخاب کنید Please enter the new SO PIN (PUK) for the token: '%1' خواهشمند است گذرواژه‌ی عددی مدیر (PUK) برای توکن '%1' را وارد نمایید Please enter the new PIN for the token: '%1' خواهشمند است گذرواژه‌ی عددی (PIN) جدید برای توکن '%1' را وارد نمایید Required PIN size: %1 - %2 گذرواژه‌ی عدد (PIN) با اندازه‌ی: %1 - %2 مورد نیاز است Disabled غیرفعال‌شده Library loading failed بارگذاری کتابخانه با شکست مواجه شد PKCS#11 function '%1' failed: %2 تابع PKCS#11 در '%1' با شکست مواجه شد: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 تابغ PKCS#11 در '%1' با شکست مواجه شد: %2 در کتابخانه‌ی %3 %4 Invalid نامعتبر %1 is shorter than %2 bytes: '%3' %1 کوتاه‌تر از %2 بایت است: '%3' %1 is longer than %2 bytes: '%3' %1 بلندتر از %2 بایت است: '%3' String '%1' for '%2' contains invalid characters رشته‌ی '%1' برای '%2' دارای نویسه‌های نادرست است Error reading config file %1 at line %2 خطا در خوانش پرونده‌ی پیکربندی %1 در خط %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. شئ '%1' از پرونده‌ی %2 خط %3 در حال حاضر به عنوان %4:%5:%6 شناخته می‌شود و باید حذف شود. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. شناسه‌ی '%1' برای OID با مشخصات %2 از پرونده‌ی %3 خط %4 در حال حاضر برای OID متفاوتی به عنوان '%5:%6:%7 استفاده می شود و باید جهت جلوگیری از ناسازگاری، تغییر یابد. Unknown object '%1' in file %2 line %3 شي ناشناخته '%1' در پرونده‌ی %2 خط %3 Failed to start a database transaction آغاز تراکنش پایگاه داده با شکست مواجه شد Country code کد کشور State or Province ایالت یا استان Locality محلیت Organisation سازمان Organisational unit واحد سازمان Common name نام عمومی گواهی E-Mail address نشانی رایانامه Serial number شماره‌ی ردیف Given name نام مشخص‌شده Surname نام خانوادگی Title عنوان Initials مقادیر اولیه Description توضیحات Role نقش Pseudonym نام مستعار Generation Qualifier شرایط صدور x500 Unique Identifier شناسه‌ی متمایزکننده‌ی X500 Name نام DN Qualifier DN متمایزکننده واجد شرایط Unstructured name نام غیر ساخت‌یافته Challenge password گذرواژه‌ی چالش Basic Constraints محدودکننده‌های پایه (Basic Constraints) Name Constraints Subject alternative name نام جایگزین صاحب گواهی issuer alternative name نام جایگزین صادرکننده گواهی Subject key identifier شناسه‌ی کلید صاحب گواهی Authority key identifier شناسه‌ی کلید صادرکننده گواهی Key usage مورد استفاده کلید Extended key usage مورد استفاده‌ی بسط‌یافته CRL distribution points نشانی توزیع فهرست ابطال (CRL) Authority information access دستیابی به اطلاعات صدور Certificate type نوع گواهی Base URL URL پایه Revocation URL URL ابطال CA Revocation URL URL ابطال مرکز صدور Certificate renewal URL URL تمدید گواهی CA policy URL URL سیاست‌های مرکز صدور SSL server name نام خدمت‌گزار SSL Comment دیدگاه Index file written to '%1' پرونده‌ی نمایه‌ها نوشته شده بر روی '%1' Index hierarchy written to '%1' سلسله‌مراتب نمایه نوشته‌شده بر روی '%1' Unknown key type %1 نوع کلید ناشناخته %1 Failed to write PEM data to '%1' Password verify error, please try again خطا در اعتبارسنجی گذرواژه، خواهشمند است دوباره تلاش کنید The following error occurred: خطای زیر ایجاد شد: Failed to update the database schema to the current version به‌روزرسانی شمای پایگاه‌داده به نگارش کنونی امکان‌پذیر نیست Password گذرواژه Out of Memory at %1:%2 کمبود حافظه در %1:%2 Invalid filename: %1 نام پرونده‌ی نامعتبر: %1 Failed to open PKCS11 library: %1: %2 بازکردن کتابخانه‌ی PKCS#11 با شکست مواجه شد: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. به نظر نمی‌رسد که این کتابخانه‌ی PKCS#11 معتبر باشد. نماد تابع 'C_GetFunctionList' یافت نشد. insecure ReqTreeView Sign امضا Unmark signed عدم انتخاب امضا Mark signed انتخاب امضا Similar Request درخواست مشابه Certificate request export برون‌داد درخواست صدور گواهی Certificate request ( *.pem *.der *.csr ) درخواست صدور گواهی (با قالب‌های pem، der, csr) RevocationList Manage revocations مدیریت ابطال‌ها Add افزودن Delete حذف کردن Edit ویرایش No. شماره‌‌ی. Serial شماره‌ی ردیف Revocation ابطال Reason دلیل Invalidation غیرمعتبرسازی Generate CRL تولید CRL Revoke Certificate revocation ابطال گواهی Revocation details جزئیات ابطال Revocation reason دلیل ابطال Local time زمان محلی Invalid since نامعتبر از Serial شماره ی ردیف SearchPkcs11 Directory مسیر پوشه ... ... Include subdirectories دربرگشتن زیرپوشه‌ها Search جست‌وجو The following files are possible PKCS#11 libraries پرونده‌های زیر کتابخانه‌های مورد استفاده‌ی PKCS#7 هستند SelectToken Security token توکن امنیتی Please select the security token خواهشمند است توکن امنیتی را برگزینید TempTreeView Duplicate تکثیر Create certificate صدور گواهی Create request صدور درخواست copy رونوشت Preset Template values مقادیر قالب از پیش تعیین‌شده Template export برون‌داد قالب XCA Templates ( *.xca ) قالب‌های XCA (با پسوند xca) TrustState Certificate trust گواهی اعتماد Trustment اعتماد &Never trust this certificate &هرگز به این گواهی اعتماد نکن Only &trust this certificate, if we trust the signer فقط به این گواهی &اعتماد کن، اگر ما به امضا کننده اعتماد کردیم &Always trust this certificate &همیشه به این گواهی اعتماد کن Validity yyyy-MM-dd hh:mm yyyy-MM-dd hh:mm X509SuperTreeView OpenSSL config پیکربندی OpenSSL Transform تبدیل Template قالب Public key کلید عمومی Save as OpenSSL config ذخیره به عنوان پیکربندی Open SSL Config files ( *.conf *.cnf);; All files ( * ) پرونده‌های پیکربندی (با قالب conf, cnf) ;; همه‌ی پرونده‌ها (با همه‌ی قالب‌ها) XFile Error opening file: '%1': %2 خطا در بازکردن پرونده: '%1': %2 Error rewinding file: '%1': %2 خطا در بازنویسی پرونده: '%1': %2 XcaDetail Import درون‌داد XcaTreeView Item properties مشخصه‌های موارد Subject entries ورودی‌های صاحب گواهی X509v3 Extensions افزونه‌های X509v3 Netscape extensions افزونه‌های Netscape Key properties مشخصات کلید Reset بازیابی Hide Column پنهان‌کردن ستون Details جزئیات Columns ستون‌ها Export Password Please enter the password to encrypt all %n exported private key(s) in: %1 Singular form for 0 or 1 item can be ignored. Will always be called with n >= 2 New جدید Import درون‌داد Paste PEM data چسباندن داده‌ی PEM Rename تغییرنام Properties مشخصات Delete پاک کردن Export برون‌داد Clipboard حافظه‌ی رونوشت File پرونده Clipboard format قالب حافظه‌ی رونوشت database_model Please enter the password to access the database server %2 as user '%1'. خواهشمند است گذرواژه ی دستیابی به خدمت‌گزار پایگاه‌‌داده '%2' به عنوان کاربر '%1' وارد کنید. Unable to create '%1': %2 امکان ساخت '%1' نیست: %2 The file '%1' is not an XCA database پرونده‌ی '%1' یک پایگاه داده‌ی XCA نیست No SqLite3 driver available. Please install the qt-sqlite package of your distribution راه‌اندازی Sqlite3 در دسترس نیست. خواهشمند است بسته‌ی qt-sqlite را برای توزیع خود نصب کنید New Password گذرواژه‌ی جدید Please enter a password, that will be used to encrypt your private keys in the database: %1 خواهشمند است گذرواژه‌‌ای که برای رمزنگاری کلیدهای خصوصی در پایگاه داده‌ی زیر استفاده می‌شود، وارد نمایید: %1 Password گذرواژه Please enter the password for unlocking the database: %1 خواهشمند است برای قفل‌گشایی پایگاه‌داده‌: %1 گذرواژه را وارد نمایید db_base Internal name نام درونی No. شماره. Primary key کلید اصلی Database unique number شماره‌ی یکتای پایگاه داده Date تاریخ Date of creation or insertion تاریخ ساخت یا درج Source منبع Generated, Imported, Transformed صادر‌شده، درون‌داده‌شده، تبدیل‌شده Comment دیدگاه First line of the comment field نخستین خط از مشخصه‌ی دیدگاه Import from: %1 درون‌داد از: %1 Could not create directory %1 ساخت مسیر %1 امکان پذیر نیست Item properties مشخصه‌های موارد How to export the %1 selected items چگونه %1 مورد انتخاب‌شده را برون‌داد کرد All in one PEM file همه‌چیز یک‌جا در یک پرونده‌ی PEM Each item in one file هر مورد در یک پرونده Save %1 items in one file as ذخیره‌ی %1 مورد از یک فایل به عنوان PEM files ( *.pem );; All files ( * ) پرونده‌های با قالب PEM (*.pem);; همه‌ی پرونده‌ها (*) db_crl Signer امضا‌کننده Internal name of the signer نام درونی امضا‌کننده No. revoked شماره‌‌ی . ابطال‌شده Number of revoked certificates شماره‌ی گواهی‌های ابطال‌شده Last update آخرین به‌روزرسانی Next update به‌روزرسانی بعدی CRL number شماره‌ی فهرست ابطال (CRL) The revocation list already exists in the database as: '%1' and so it was not imported فهرست ابطال در حال حاضر در پایگاه داده به عنوان '%1' وجود دارد و بنابراین فهرست ابطال انتخابی درون‌داد نشد Failed to initiate DB transaction مقداردهی اولیه ناموفق در پایگاه داده‌ی تراکنش‌ها Database error: %1 خطای پایگاه داده: %1 Revocation list export برون‌داد فهرست ابطال CRL ( *.pem *.der *.crl ) فهرست ابطال (CRL) (*.pem *der *.crl) There are no CA certificates for CRL generation هیچ گواهی مرکز صدوری برای صدور فهرست ابطال (CRL) وجود ندارد Select CA certificate انتخاب گواهی مرکز صدور Create CRL ساخت فهرست ابطال db_key Type نوع Size اندازه EC Group گروه EC Use استفاده Password گذرواژه The key is already in the database as: '%1' and is not going to be imported کلید در حال حاضر در پایگاه‌داده به عنوان '%1' قرار دارد و بنا نیست که درو‌ن‌داد شود The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key پایگاه داده هم‌اکنون دارای بخش عمومی کلید درون‌داد‌شده به عنوان %1 می‌باشد و با بخش خصوصی جدید کلید تکمیل خواهد شد Extending public key from %1 by imported key '%2' گسترش کلید عمومی از %1 با کلید درون‌داده‌شده‌ی %2 Key size too small ! طول کلید بسیار کوچک است ! You are sure to create a key of the size: %1 ? آیا از ساخت کلید با اندازه‌ی %1 اطمینان دارید ؟ Internal error خطای درونی Internal key update: The keys: %1 must be updated once by resetting and setting its private password reset و set تنها به بازنشانی ترجمه شد. به روز‌رسانی کلید درونی: کلید‌های: %1 باید به وسیله‌ی بازنشانی گذرواژه‌هایشان، به روز شوند Tried to change password of a token برای تغییر گذرواژه‌ی توکن تلاش شد PEM public PEM عمومی SSH2 public SSH2 عمومی PEM private PEM خصوصی SSH2 private SSH2 خصوصی Export keys to Clipboard برون‌داد کلید‌ها در حافظه‌ی رونوشت Clipboard حافظه‌ی رونوشت Export public key [%1] برون‌داد کلید مومی [%1] DER public DER عمومی DER private DER خصوصی PEM encryped PEM رمزنگاری‌شده PVK private PVK خصوصی PVK encrypted PVK رمزنگاری‌شده PKCS#8 encrypted PKCS#8 رمزنگاری‌شده Export private key [%1] برون‌داد کلید خصوصی [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) کلید‌های خصوصی ( با قالب‌های pem، der و pk8);; کلیدهای عمومی SSH (با قالب pub) db_temp Bad template: %1 قالب نامناسب: %1 Empty template قالب تهی Preset Template values مقادیر قالب از پیش تعیین‌شده Save template as ذخیره‌ی قالب به عنوان XCA templates ( *.xca );; All files ( * ) قالب XCA.(*.xca);; همه‌ی پرونده‌ها (*) db_x509 CA مسیر پوشه reflects the basic Constraints extension افزونه‌ی basic Constraints را منعکس کن Serial شماره‌ی ردیف Start date تاریخ آغز Expiry date تاریخ انقضا MD5 fingerprint اثز انگشت MD5 SHA1 fingerprint اثز انگشت SHA1 SHA256 fingerprint اثزانگشت SHA256 Not before از Not after تا Revocation ابطال CRL Expiration انقضای CRL Failed to retrieve unique random serial تولید شماره‌ی ردیف تصادفی با شکست مواجه شد The certificate already exists in the database as: '%1' and so it was not imported گواهی در حال حاضر در پایگاه داده با نام '%1' وجود دارد و بنابراین درون‌داد نشد Signed on %1 by '%2' امضا‌شده روی %1 با '%2' Unknown ناشناخته Invalid public key کلید عمومی نامعتبر The key you selected for signing is not a private one. کلیدی که شما برای امضا انتخاب کرده‌اید، کلید خصوصی نیست. Failed to create directory '%1' ساخت پوشه‌ی '%1' با خطا مواجه شد Store the certificate to the key on the token '%1 (#%2)' ? ذخیره گواهی برای کلید موجود روی توکن '%1 (#%2)' ؟ There was no key found for the Certificate: '%1' کلیدی برای گواهی'%1' یافت نشد Not possible for a token key: '%1' برای کلید توکن امکان پذیر نیست '%1' Not possible for the token-key Certificate '%1' برای کلید توکنی امکان‌پذیر نیست '%1' Plain View نمایش بدون‌قالب Tree View نمایش درختی PKCS#7 unrevoked PKCS#7 عدم‌تعلیق‌شده PEM unrevoked PEM عدم‌ تعلیق‌شده vCalendar vCalendar CA vCalendar vCalander مرکز صدور X509 Certificates ( *.pem *.cer *.crt *.p12 *.p7b ) گواهی x509 (با قالب‌های pem, cer, crt, p12, p7b) days روزها No template بدون قالب X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) گواهی x509 (با قالب‌های pem, cer, crt, p12, pfx, p7b) PEM chain زنجیره‌ی PEM PKCS#7 chain زنجیره‌ی PKCS#7 PKCS#12 chain زنجیره‌ی PKCS#12 PKCS#7 all همه‌ PKCS#7 PEM + key PEM + کلید PEM all همه PEM Certificate Index file پرونده‌ی نمایه‌ی گواهی Certificate export برون‌داد گواهی db_x509name Subject پذیرنده Complete distinguished name نام کامل متمایز‌شده (dn) Subject hash چکیده‌ی نام پذیرنده Hash to lookup certs in directories چکیده ی گواهی جهت جست‌وجو در پوشه‌ها db_x509req Signed امضا‌شده whether the request is already signed or not آیا درخواست در حال حاضر امضا شده است یا خیر Unstructured name نام غیر ساخت‌یافته Challenge password گذرواژه‌ی چالش Certificate count تعداد گواهی‌ها Number of certificates in the database with the same public key تعداد گواهی‌های موجود در پایگاه داده با کلید عمومی یکسان The certificate signing request already exists in the database as '%1' and thus was not stored درخواست صدور گواهی در حال حاضر در پایگاه داده به عنوان '%1' موجود می‌باشد و بنابراین ذخیره نخواهد شد Certificate request export برون‌داد درخواست صدور گواهی Certificate request ( *.pem *.der *.csr ) درخواست صدور گواهی (با قالب‌های pem، der, csr) db_x509super Key name نام کلید Internal name of the key نام درونی کلید Signature algorithm الگوریتم امضا Key type نوع کلید Key size طول کلید EC Group گروه EC (خم‌های بیضوی) Extracted from %1 '%2' استخراج‌شده از %1 '%2' Certificate گواهی Certificate request درخواست صدور گواهی The following extensions were not ported into the template افزونه‌های زیر به قالب اضافه نشده است Transformed from %1 '%2' تغییر شکل‌داده‌شده از %1 '%2' Save as OpenSSL config ذخیره به عنوان پیکربندی Open SSL Config files ( *.conf *.cnf);; All files ( * ) پرونده‌های پیکربندی (با قالب conf, cnf) ;; همه‌ی پرونده‌ها (با همه‌ی قالب‌ها) kvView Type نوع Content محتوا pass_info Password گذرواژه PIN گذرشماره pkcs11_lib Failed to open PKCS11 library: %1: %2 بازکردن کتابخانه‌ی PKCS#11 با شکست مواجه شد: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. به نظر نمی‌رسد که این کتابخانه‌ی PKCS#11 معتبر باشد. نماد تابع 'C_GetFunctionList' یافت نشد. pki_base Unknown ناشناخته Imported درون‌داد‌شده Generated صادر‌شده Transformed تغییرشکل‌داده‌شده Token توکن Legacy Database پایگاه داده‌ی قدیمی Renewed تمدید‌شده Property '%1' not listed in 'pki_base::print' مشخصه‌ی '%1' در 'pki_base::print' فهرست نشده است Internal error: Unexpected message: %1 %2 خطای درونی: پیام نامنتظره: %1 %2 pki_crl Successfully imported the revocation list '%1' فهرست ابطال '%1' با موفقیت درون‌داد شد Delete the revocation list '%1'? حذف کردن فهرست ابطال '%1'؟ Successfully created the revocation list '%1' فهرست ابطال '%1' با موفقیت ساخته شد Delete the %1 revocation lists: %2? حذف %1 فهرست ابطال‌ها: %2؟ Delete the %n revocation list(s): '%1'? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. بارگذاری فهرست ابطال در پرونده‌ی %1 امکان‌پذیر نیست قالب‌های فهرست ابطال PEM و DER مورد آزمایش قرار گرفت. No issuer given هیچ صادر‌کننده‌ای دریافت نشد CRL Renewal of CA '%1' due تمدید گواهی از مرکز صدور '%1' به دلیل The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' جدیدترین فهرست ابطال صادرشده با مرکز صدور '%1' در تاریخ %2 انقضا می‌یابد. این فهرست ابطال در پایگاه‌داده‌ی XCA با نام '%3' ذخیره شده است Renew CRL: %1 تمدید فهرست ابطال (CRL): %1 The XCA CRL '%1', issued on %3 will expire on %4. It is stored in the XCA database '%5' فهرست ابطال XCA با نام '%1'، صادرضده در %3 در تاریخ %4 انقضا می‌یابد. این فهرست ابطال در پایگاه‌داده‌ی XCA با نام '%5' ذخیره شده است Wrong Size %1 %1 اندازه‌ی نادرست pki_evp Please enter the password to decrypt the private key %1. خواهشمند است برای رمزگشایی کلید خصوصی گذرواژه را وارد نمائید: %1. The key from file '%1' is incomplete or inconsistent. کلید از پرونده‌ی '%1' ناکامل یا نادرست است. Please enter the password to decrypt the private key from file: %1 خواهشمند است برای رمزگشایی کلید از فایل: '%1'، گذرواژه را وارد کنید Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. بارگذاری کلید خصوصی در پرونده‌ی %1 امکان‌پذیر نیست. قالب‌های PEM و DER خصوصی، عمومی، کلید نوع PKCS#8 و قالب SSH2 مورد آزمایش قرار گرفت. Please enter the password to decrypt the private key: '%1' خواهشمند است برای رمزگشایی کلید خصوصی گذرواژه را وارد نمائید: '%1' Password input aborted ورود گذرواژه متوقف شد Please enter the database password for decrypting the key '%1' خواهشمند است برای رمزگشایی کلید گذرواژه‌ی پایگاه‌داده را وارد نمائید: '%1' Decryption of private key '%1' failed رمزگشایی کلید خصوصی '%1' با شکست روبه‌رو شد Please enter the password to protect the private key: '%1' خواهشمند است برای محافظت از کلید خصوصی، گذرواژه را وارد نمائید: %1 Please enter the database password for encrypting the key خواهشمند است برای رمزگشایی کلید، گذرواژه‌ی پایگاه‌داده را وارد نمائید Please enter the password to protect the PKCS#8 key '%1' in file: %2 Please enter the password to protect the private key '%1' in file: %2 Please enter the password protecting the PKCS#8 key '%1' خواهشمند است گذرواژه‌ی محافظت از کلید PKCS#8 را وارد نمائید: '%1' Please enter the password protecting the Microsoft PVK key '%1' خواهشمند است گذرواژه‌ی محافظت از کلید Microsoft PVK را وارد نمائید: '%1' Please enter the export password for the private key '%1' خواهشمند است گذرواژه‌ی برون‌داد کلید خصوصی را وارد نمائید: '%1' Failed to decrypt the key (bad password) %1 رمزگشایی کلید با شکست مواجه شد (گذرواژه‌ی نادرست) %1 Please enter the password to decrypt the private key. خواهشمند است برای رمزگشایی کلید، گذرواژه را وارد کنید. Ignoring unsupported private key کلید خصوصی به دلیل پشتیبانی‌نشدن، در نظر گرفته نشد pki_export PEM Text format with headers قالب متنی PEM با سرآیند Concatenated list of all selected items in one PEM text file فهرست همه‌ی موارد در یک پرونده‌ی متنی PEM الحاق‌شده PEM selected Concatenated list of all selected certificates in one PEM text file PEM chain زنجیره‌ی PEM Concatenated text format of the complete certificate chain in one PEM file قالب متنی الحاق‌شده از زنجیره‌ی کامل گواهی در یک پرونده‌ی PEM The complete certificate chain and the private key of the selected certificate with tags usable in OpenVPN configuration files زنجیره‌ی کامل و کلید خصوصی گواهی گزینش‌شده با برچسب قابل استفاده در پرونده‌های پیکربندی OpenVPN PEM + key PEM + کلید Concatenation of the certificate and the unencrypted private key in one PEM file الحاق کواهی با کلید خصوصی رمزنگاری‌نشده در یک فایل با قالب PEM Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file الحاق گواهی و کلید خصوصی رمزنگاری‌شده در یک فایل با قالب PKCS#8 All unusable Concatenation of all expired or revoked certificates in one PEM file PKCS#7 encoded single certificate تک‌‌گواهی در قالب PKCS#7 All selected certificates encoded in one PKCS#7 file همه‌ی گواهی‌های انتخاب‌شده در یک پرونده‌ی در قالب PKCS#7 PKCS #7 chain زنجیره‌ی PKCS#7 PKCS#7 encoded complete certificate chain زنجیره‌ی کامل گواهی در قالب PKCS#7 PKCS #7 unusable PKCS#7 encoded collection of all expired or revoked certificates Binary DER encoded certificate گواهی دودویی در قالب DER PKCS #12 chain زنجیره‌ی PKCS#12 The complete certificate chain and the private key as encrypted PKCS#12 file زنچیره‌ی کامل گواهی و کلید خصوصی در قالب یک پرونده‌ی PKCS#12 رمزنگاری‌شده PKCS #12 PKCS#12 The certificate and the private key as encrypted PKCS#12 file گواهی و کلید خصوصی در قالب یک پرونده‌ی PKCS#12 رمزنگاری‌شده Certificate Index file پرونده‌ی نمایه‌ی گواهی OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool پرونده‌ی متنی نمایه‌ی گواهی مختص OpenSSL که با دستور 'ca' ساخته شده و توسط ابزار OCSP مورد نیاز است vCalendar vCalendar vCalendar expiry reminder for the selected items یاآوری انقضای vCalander برای موارد انتخاب‌شده CA vCalendar vCalander مرکز صدور vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL یادآوری انقضای vCalander شامل همه‌ی گواهی‌های معتبر صادرشده، خود مرکز صدور و آخرین فهرست ابطال OpenSSL config پیکربندی OpenSSL OpenSSL configuration file to create a certificate or request with the openssl commandline tool OpenVPN tls-auth key The OpenVPN tls-auth key is a secret key shared between endpoints JSON Web Kit The public key of the certificate in JSON Web Kit format with X.509 Certificate Thumbprint (x5t) JSON Web Kit chain The public key of the certificate in JSON Web Kit format with X.509 Certificate Thumbprint (x5t) and certificate chain (x5c) PEM public PEM عمومی Text format of the public key in one PEM file قالب متنی کلید عمومی در یک فایل PEM PEM private PEM خصوصی Unencrypted private key in text format کلید خصوصی رمزنگاری‌نشده در قالب متن PEM encrypted PEM رمزنگاری‌شده OpenSSL specific encrypted private key in text format کلید خصوصی رمزنگاری‌شده مخصوص OpenSSl در قالب متن SSH2 private SSH2 خصوصی SSH2 public SSH2 عمومی The public key encoded in SSH2 format کلید عمومی در قالب SSH2 DER public DER عمومی Binary DER format of the public key کلید خصوصی در قالب دودویی DER DER private DER خصوصی Unencrypted private key in binary DER format کلید خصوصی رمزنگاری‌نشده در قالب دودویی DER PVK private PVK خصوصی Private key in Microsoft PVK format not encrypted کلید خصوصی در قالب Microsoft PVK به صورت رمزنگاری‌نشده XCA template in PEM-like format. Templates include the internal name and comment All selected XCA templates in PEM-like format. Templates include the internal name and comment PVK encrypted PVK رمزنگاری‌شده Encrypted private key in Microsoft PVK format کلید خصوصی رمزنگاری‌شده در قالب Microsoft PVK PKCS #8 encrypted PKCS#8 رمزنگاری‌شده Encrypted private key in PKCS#8 text format کلید خصوصی رمزنگاری‌شده در قالب متنی PKCS#8 PKCS #8 PKCS #8 Unencrypted private key in PKCS#8 text format کلید خصوصی رمزنگاری‌نشده در قالب متنی PKCS#8 JSON Web Key private Unencrypted private key in JSON Web Key format JSON Web Key public Public key in JSON Web Key format Binary DER format of the certificate request قالب دودویی DER درخواست گواهی Binary DER format of the revocation list قالب دودویی DER فهرست ابطال vCalendar reminder for the CRL expiry date یاآوری انقضای vCalander برای تاریخ انقضا XCA template in PEM-like format قالب XCA در قالب مشابه PEM All selected XCA templates in PEM-like format همه ی قالب‌های XCA انتخاب‌شده در قالب مشابه PEM pki_key Successfully imported the %1 public key '%2' %1 کلید عمومی '%2' با موفقیت درون‌داد شد Delete the %1 public key '%2'? آیا %1 با کلید عمومی '%2' حذف شود؟ Successfully imported the %1 private key '%2' شئ %1 با موفقیت کلید خصوصی درون‌داد شد '%2' Delete the %1 private key '%2'? آیا %1 کلید خصوصی '%2' حذف شود؟ Successfully created the %1 private key '%2' %1 کلید خصوصی '%2' با موفقیت ساخته شد Delete the %1 keys: %2? آیا %1 کلید (ها) حدف شوند: %2؟ Public key کلید عمومی Successfully imported the %1 public key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key %1 کلید عمومی '%2' با موفقیت درون‌داد شد Delete the %n %1 public key(s) '%2'? %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal name(s) of the key(s) Successfully imported the %1 private key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key شئ %1 با موفقیت کلید خصوصی درون‌داد شد '%2' Delete the %n %1 private key(s) '%2'? %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal name(s) of the key(s) Successfully created the %1 private key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key %1 کلید خصوصی '%2' با موفقیت ساخته شد Common عمومی Private خصوصی Bogus دارای اشکال PIN گذرشماره No password بدون گذرواژه Unexpected SSH2 content: '%1' محتوای SSH2 غیرقابل قبول: '%1' Invalid SSH2 public key کلید عمومی SSH2 نامعتبر Failed writing to %1 عملیات نوشتن روی %1 با شکست مواجه شد pki_multi No known PEM encoded items found هیچ مورد شناخته‌شده‌ای با قالب PEM یافت نشد pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 خواهشمند است گذرواژه برای رمزگشایی پرونده‌ی PKCS#12 را وارد نمایید: %1 Unable to load the PKCS#12 (pfx) file %1. بارگذاری پرونده‌ی PKCS#12 (pfx) %1 امکان پذیر نیست. The supplied password was wrong (%1) گذرواژه‌ی وارد‌شده اشتباه بود (%1) Please enter the password to encrypt the key of certificate '%1' in the PKCS#12 file: %2 Please enter the password to encrypt the PKCS#12 file خواهشمند است گذرواژه برای رمزنگاری پرونده‌ی PKCS#12 را وارد نمایید No key or no Cert and no pkcs12 کلید یا گواهی و pkcs12 امکان‌پذیر نیست pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. بارگذاری پرونده‌ی %1 با قالب PKCS#7 امکان پذیر نیست. تلاش برای بارگذاری در قالب‌های PEM و DER صورت پذیرفت. pki_scard Successfully imported the token key '%1' کلید توکن '%1' با موفقیت درون‌داد شد Delete the token key '%1'? آیا کلید توکن '%1' حذف شود؟ Successfully created the token key '%1' کلید توکن '%1' با موفقیت صادر شد Delete the %1 keys: %2? آیا %1 کلید (ها) حدف شوند: %2؟ Delete the %n token key(s): '%1'? Delete the private key '%1' from the token '%2 (#%3)' ? آیا کلید خصوصی '%1' از توکن '%2(#%3)' حذف شود؟ This Key is already on the token کلید در حال حاضر بر روی توکن موجود است PIN input aborted ورود گذرشماره متوقف شد Unable to find copied key on the token یافتن کلید روگرفته‌شده بر روی توکن امکان‌پذیر نیست Please insert card: %1 %2 [%3] with Serial: %4 خواهشمند است کارت: %1 %2 [%3] با ردیف: %4 را وارد نمائید Select Slot of %1 Unable to find generated key on card یافتن کلید تولید‌شده بر روی کارت امکان‌پذیر نیست Token %1 توکن %1 Failed to find the key on the token یافتن کلید بر روی توکن با شکست مواجه شد Invalid Pin for the token گذرشماره‌ی نامعتبر برای توکن Failed to initialize the key on the token مقداردهی اولیه کلید بر روی توکن با شکست مواجه شد Ignoring unsupported token key کلید توکن به دلیل پشتیبانی‌نشدن، در نظر گرفته نشد Wrong Size %1 %1 اندازه‌ی نادرست Illegal Key generation method روش تولید کلید نامعتبر است pki_temp Successfully imported the XCA template '%1' قالب XCA با نام '%1' با موفقیت درون‌داد شد Delete the XCA template '%1'? قالب XCA با نام '%1' حذف شود؟ Successfully created the XCA template '%1' قالب XCA با نام '%1' با موفقیت ساخته شد Delete the %1 XCA templates: %2? آیا قالب XCA با نام %1 از '%2' حذف شود؟ Delete the %n XCA template(s): '%1'? Wrong Size %1 %1 اندازه‌ی نادرست Template file content error (too small) پرونده‌ی قالب دارای خطا (بسیار کوچک) Not a PEM encoded XCA Template قالب رمزنگاری‌شده PEM برای XCA شناخته نشد Not an XCA Template, but '%1' به جز '%1'، قالب XCA شناخته نشد pki_x509 Successfully imported the certificate '%1' گواهی '%1' با موفقیت درون‌داد شد Delete the certificate '%1'? آیا گواهی '%1' حذف شود؟ Successfully created the certificate '%1' گواهی '%1' با موفقیت صادر شد Delete the %1 certificates: %2? آیا گواهی‌های %1 حذف شوند:‌ %2؟ Delete the %n certificate(s): '%1'? Unable to load the certificate in file %1. Tried PEM and DER certificate. بارگذاری گواهی از پرونده‌ی %1 امکان‌پذیر نیست. قالب‌های PEM و DER آزمایش شد. Invalid OpenVPN tls-auth key Failed to import tls-auth key Same tls-auth key already stored for this CA New tls-auth key successfully imported Existing tls-auth key successfully replaced This certificate is already on the security token گواهی در حال حاضر بر روی توکن امنیتی موجود است Delete the certificate '%1' from the token '%2 (#%3)'? آیا گواهی '%1' از توکن '%2(#%3)' حذف شود؟ There is no key for signing ! هیچ کلیدی برای امضا وجود ندارد! No خیر Yes بله Renew certificate: %1 تمدید گواهی: %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' گواهی XCA با نام '%1'، صادرشده بر روی %2 در تاریخ %3 منقضی می‌شود. این گواهی در پایگاه داده‌ی XCA '%4' ذخیره شده است Wrong Size %1 اندازه‌ی نادرست %1 pki_x509req Signing key not valid (public key) کلید امضا معتبر نیست (کلید عمومی) Successfully imported the %1 certificate request '%2' با موفقیت '%1' از درخواست گواهی '%2' درون‌داد شد Delete the %1 certificate request '%2'? آیا %1 از درخواست گواهی '%2' حذف شود؟ Successfully created the %1 certificate request '%2' با موفقیت %1 از درخواست گواهی '%2' ساخته شد Delete the %1 certificate requests: %2? حذف %1 از درخواست‌های گواهی:%2؟ Successfully imported the PKCS#10 certificate request '%1' Delete the %n PKCS#10 certificate request(s): '%1'? Successfully created the PKCS#10 certificate request '%1' Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. بارگذاری درخواست گواهی در پرونده‌ی %1 امکان‌پذیر نیست قالب‌های PEM، DER و SPKAC مورد آزمایش قرار گرفت. Signed امضا‌شده Unhandled مورد‌بررسی قرارگرفته Wrong Size %1 اندازه‌ی نامعتبر %1 v3ext Copy Common Name رونوشت از نام عمومی گواهی Add افزودن Delete حذف Apply اعمال Validate اعتبارسنجی Cancel لغو An email address or 'copy' یک نشانی رایانامه یا 'رونوشت' An email address یک نشانی رایانامه A registered ID: OBJECT IDENTIFIER یک شناسه‌ی ثبت‌شده: OBJECT IDENTIFIER A uniform resource indicator یک نشان‌گر یکتای منبع A DNS domain name or 'copycn' یک نام دامنه‌ی DNS یا 'copycn' A DNS domain name یک نام دامنه‌ی DNS An IP address یک نشانی IP Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' روش نوشتار: <OID>; Type: متن مانند '1.2.3.4' UTF8: نام No editing. Only 'copy' allowed here ویرایش نشود. تنها 'رونوشت' در این قسمت دارای مجوز است Validation failed: '%1' %2 اعتبارسنجی با شکست مواجه شد:'%1' %2 Validation successful: '%1' اعتبارسنجی با موفقیت انجام شد: '%1' xcaWarning The following error occurred: خطای زیر ایجاد شد: Copy to Clipboard ایجاد رونوشت در حافظه‌رونوشت xcaWarningGui Copy to Clipboard ایجاد رونوشت در حافظه‌رونوشت xca-RELEASE.2.9.0/lang/xca_fr.ts000066400000000000000000006332671477156507700161530ustar00rootroot00000000000000 fr French <> Patrick Monnerat <.> 2024-10-01 15:58+0200 2018-03-16 18:14+0200 xca 1.3.3 Gtranslator 45.3 # # demonipuch <Unknown>, 2012, 2014, 2015. # Patrick Monnerat <.>, 2011-2024. # Project-Id-Version,Report-Msgid-Bugs-To,POT-Creation-Date,PO-Revision-Date,Last-Translator,Language-Team,Language,MIME-Version,Content-Type,Content-Transfer-Encoding,X-Generator,Plural-Forms,X-Qt-Contexts CaProperties Form Forme Days until next CRL issuing Nombre de jours avant la génération de la prochaine liste de révocation Default template Modèle par défaut CertDetail Details of the Certificate Détails du Certificat Serial Numéro de série The serial number of the certificate Le numéro de série du certificat The internal name of the certificate in the database Le nom interne du certificat dans la base de données Status Etat Internal name Nom interne Signature Signature Key Clé Fingerprints Empreinte MD5 MD5 An md5 hashsum of the certificate La somme de hachage MD5 du certificat SHA1 SHA1 A SHA-1 hashsum of the certificate La somme de hachage SHA-1 du certificat SHA256 SHA256 A SHA-256 hashsum of the certificate La somme de hachage SHA-256 du certificat Validity Validité The time since the certificate is valid Le moment depuis lequel le certificat est valide The time until the certificate is valid Le moment auquel le certificat échoit Subject Sujet Issuer Emetteur Extensions Extensions Validation Validation Purposes Buts Strict RFC 5280 validation Validation RFC 5280 stricte Comment Commentaire Attributes Attributs Show config Afficher la configuration Show extensions Afficher les extensions Show public key Afficher la clé publique This key is not in the database. Cette clé ne figure pas dans la base de données Not available Non disponible No verification errors found. Aucune erreur de validation trouvée. Signer unknown Signataire inconnu Self signed Auto-signé Revoked at %1 Révoqué le %1 Not valid Invalide Valid Valide Details of the certificate signing request Détails de la requête de signature CertExtend Certificate renewal Renouvellement du certificat This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. Créer un nouveau certificat conforme à l'ancien, mais avec un nouveau numéro de série et les limites de validité ajustées. Validity Validité Not before Pas avant Not after Pas après Time range Intervalle de temps Local time Heure locale Days Jours Months Mois Years Années No well-defined expiration Pas de date d'expiration précise Midnight Minuit Apply Appliquer Revoke old certificate Révoquer l'ancien certificat Replace old certificate Remplacer l'ancien certificat Keep serial number Conserver le numéro de série The certificate will be earlier valid than the signer. This is probably not what you want. Le certificat serait valide avant son signataire. Ce n'est probablement pas ce qui est désiré. Edit dates Modifier les limites de validité Abort rollout Interrompre le déploiement Continue rollout Continuer le déploiement Adjust date and continue Ajuster la date et continuer The certificate will be longer valid than the signer. This is probably not what you want. Le certificat serait valide plus longtemps que son signataire. Ce n'est probablement pas ce qui est désiré. CertTreeView Hide unusable certificates Masquer les certificats inutilisables Import PKCS#12 Importer en PKCS#12 Import from PKCS#7 Importer en PKCS#7 Request Requête Security token Jeton de sécurité Other token Autre jeton Similar Certificate Certificat similaire Delete from Security token Détruire sur le jeton de sécurité CA CA Properties Propriétés Generate CRL Générer la liste de révocation Manage revocations Gérer les révocations Import OpenVPN tls-auth key Importer la clé tls-auth de OpenVPN Renewal Renouvellement Revoke Révoquer Unrevoke Dé-révoquer Plain View Vue à plat Tree View Vue arborescente days jours No template Pas de modèle CA Properties Propriétés du CA Certificate export Exportation de certificat X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) Certificats X509 ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) vCalendar entry ( *.ics ) inscription vCalendar ( *ics ) OpenVPN file ( *.ovpn ) Fichier OpenVPN ( *.ovpn ) OpenVPN tls-auth key ( *.key ) Clé tls-auth de OpenVPN ( *.key ) ClickLabel Double click for details Double-cliquer pour afficher les détails CrlDetail Details of the Revocation list Détails de la liste de révocation &Status &Etat Version Version Signature Signature Signed by Signée par Name Nom The internal name of the CRL in the database Le nom interne de la liste de révocation dans la base de données issuing dates dates d'émission Next update Prochaine mise-à-jour Last update Dernière mise-à-jour &Issuer &Emetteur &Extensions &Extensions &Revocation list Liste de &révocation Comment Commentaire Failed Echoué Unknown signer Signataire inconnu Verification not possible Vérification impossible CrlTreeView There are no CA certificates for CRL generation Il n'y a pas de certificat CA pour la génération de la CRL Select CA certificate Sélectionner un certificat d'autorité Revocation list export Exportation d'une liste de révocation CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) vCalendar entry ( *.ics ) inscription vCalendar ( *.ics ) ExportDialog Name Nom The internal name of the CRL in the database Le nom interne de la liste de révocation dans la base de données ... ... Filename Nom du fichier Each Item in a separate file Chaque objet dans un fichier séparé Same encryption password for all items Même mot de passe de chiffrement pour tous les objets Export comment into PEM file Exporter le commentaire dans le fichier PEM Export Format Format d'exportation %n selected item(s) %n objet(s) sélectionné(s) %n objet(s) sélectionné(s) All files ( * ) Tous les fichiers ( * ) The file: '%1' already exists! Le fichier '%1' existe déjà! Overwrite Ecraser Do not overwrite Ne pas écraser The path: '%1' exist, but is not a file Le chemin '%1' existe mais n'est pas un fichier The path: '%1' exist, but is not a directory Le chemin '%1' existe mais n'est pas un répertoire The directory: '%1' does not exist. Should it be created? Le répertoire '%1' n'existe pas. Faut-il le créer ? Create Créer Failed to create directory '%1' Impossible de créer le répertoire '%1' Directory Répertoire Form last update Dernière mise-à-jour next update Prochaine mise-à-jour Days Jours Months Mois Years Années Apply Appliquer Midnight Minuit Local time Heure locale No well-defined expiration Pas de date d'expiration précise Help << << >> << &Done &OK ImportMulti Import PKI Items Importer des objets PKI Import &All Importer &tout &Import &Importer &Done &OK &Remove from list &Retirer de la liste Details Détails Delete from token Enlever du jeton Rename on token Renommer dans le jeton Name: %1 Model: %2 Serial: %3 Nom: %1 Modèle: %2 Numéro de série: %3 Manage security token Gérer les jetons de sécurité The type of the item '%1' is not recognized Le type de l'objet '%1' n'est pas reconnu Could not open the default database Impossible d'ouvrir la base de données par défaut The file '%1' did not contain PKI data Le fichier '%1' ne contient pas de données PKI The %1 files: '%2' did not contain PKI data Les %1 fichiers: '%2' ne contiennent pas de données PKI ItemProperties Name Nom Source Source Insertion date Date d'insertion Comment Commentaire KeyDetail Name Nom The internal name of the key used by xca Le nom interne de la clé utilisé par xca Security token Jeton de sécurité Manufacturer Fabricant Serial Numéro de série Key Clé Public Exponent Exposant public Keysize Taille de la clé Private Exponent Exposant privé Security Token Jeton de sécurité Label Etiquette PKCS#11 ID ID PKCS#11 Token information Information du jeton Model Modèle Fingerprint Empreinte Comment Commentaire Details of the %1 key Détails de la clé %1 Not available Non disponible Available Disponible Sub prime Sous-premier Public key Clé publique Private key Clé privée Curve name Nom de la courbe Unknown key Clé inconnue KeyTreeView Change password Changer le mot de passe Reset password Effacer le mot de passe Change PIN Changer le NIP Init PIN with SO PIN (PUK) Initialiser le NIP avec le PUK Change SO PIN (PUK) Changer le PUK Security token Jeton de sécurité This is not a token Ce n'est pas un jeton Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable La clé originale '%1' doit-elle être remplacée par la clé en provenance du jeton ? Cela détruirait la clé '%1' et la rendrait non-exportable. Key export Exporter la clé Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Clés privées ( *.pem *.der *.pk8 );; Clé publiques SSH ( *.pub ) SSH Private Keys ( *.priv ) Clés SSH privées ( *.priv ) Microsoft PVK Keys ( *.pvk ) Clés Microsoft PVK ( *.pvk ) MainWindow Private Keys Clés privées &New Key &Nouvelle clé &Export &Exporter &Import &Importer Import PFX (PKCS#12) Importer en PFX (PKCS#12) &Show Details &Afficher les Détails &Delete &Détruire Certificate signing requests Requêtes de signature de certificat &New Request &Nouvelle requête Certificates Certificats &New Certificate &Nouveau Certificat Import &PKCS#12 Importer en &PKCS#12 Import P&KCS#7 Importer en P&KCS#7 Plain View Vue à plat Templates Modèles &New Template &Nouveau modèle &New CRL &Nouvelle liste de révocation Ch&ange Template &Modifier le Modèle Revocation lists Listes de révocation Using or exporting private keys will not be possible without providing the correct password Il sera impossible d'utiliser ou d'exporter des clés privées sans fournir le mot de passe correct. The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. L'algorithme de hachage '%1' sélectionné n'est pas sûr. SVP choisissez au moins 'SHA 224' pour raisons de sécurité. Recent DataBases Bases de données utilisées recemment System Système Croatian Croate English Anglais French Français German Allemand Japanese Japonais Korean Coréen Russian Russe Slovak Slovaque Spanish Espagnol Persian Persan Bulgarian Bulgare Polish Polonais Italian Italien Chinese Chinois Dutch Néerlandais Portuguese in Brazil Portugais du Brésil Indonesian Indonésien Turkish Turc Language Langue &File &Fichier Open Remote DataBase Ouvrir une base de données externe Set as default DataBase Définir comme base de données par défaut New DataBase Nouvelle base de données Open DataBase Ouvrir une base de données Close DataBase Fermer la base de données Options Options Exit Quitter I&mport I&mporter Keys Clés Requests Requêtes PKCS#12 PKCS#12 PKCS#7 PKCS#7 Template Modèle Revocation list Liste de révocation PEM file Fichier PEM Paste PEM file Coller un fichier PEM Token Jeton Export Certificate &Index hierarchy Exporter la hiérarchie de l'index des certificats Content Contenu &Manage Security token &Gérer le jeton de sécurité &Init Security token &Initialiser le jeton de sécurité &Change PIN &Changer le NIP Change &SO PIN Changer le P&UK Init PIN Initialiser le NIP Extra Extra &Dump DataBase C&licher la base de données &Export Certificate Index Exporter l'index des certificats C&hange DataBase password C&hanger le mot de passe de la base de données &Undelete items &Récupérer des objets détruits Generate DH parameter Générer le paramètre DH OID Resolver Convertisseur d'OID &Help &Aide About A propos Import PEM data Importer les données PEM Please enter the original SO PIN (PUK) of the token '%1' SVP saisir le PUK original du jeton '%1' Search Rechercher Please enter the new SO PIN (PUK) for the token '%1' SVP saisir le nouveau NIP SO (PUK) pour le jeton: '%1' The new label of the token '%1' La nouvelle étiquette du jeton '%1' The token '%1' did not contain any keys or certificates Le jeton '%1' ne contient aucune clé ni aucun certificat Retry with PIN Réessayer avec le NIP Retry with SO PIN Réessayer avec le NIP d'agende sécurité Current Password Mot de passe actuel Please enter the current database password SVP saisir le mot de passe de la base de données The entered password is wrong Le mot de passe renseigné est inexact New Password Nouveau mot de passe Please enter the new password to encrypt your private keys in the database-file SVP saisir le nouveau mot de passe pour chiffrer les clés privées dans le fichier de base de données Transaction start failed Le démarrage de la transaction a échoué Database: %1 Base de données: %1 The currently used PFX / PKCS#12 algorithm '%1' is insecure. L'algorithme '%1' utilisé pour PFX / PKCS#12 est peu sûr. Change Changer Certificate Index ( index.txt ) Index des certificats ( index.txt ) All files ( * ) Tous les fichiers ( * ) Diffie-Hellman parameters saved as: %1 Les paramètres Diffie-Hellman on été sauvegardés dans: %1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits Les paramètres de Diffie-Hellman sont nécessaires à certaines applications mais ne sont pas gérés par XCA. Saisir le nombre de bits du paramètre de Diffie-Hellman SVP NewCrl Last update Dernière mise-à-jour Next update Prochaine mise-à-jour Days Jours Months Mois Years Années Midnight Minuit Local time Heure locale Apply Appliquer Options Options CRL number Numéro de la liste de révocation Subject alternative name Nom alternatif du sujet Revocation reasons Raisons de la révocation Authority key identifier Identifiant de clé de l'autorité Hash algorithm Algorithme de hachage Create CRL Créer une liste de révocation NewKey Please give a name to the new key and select the desired keysize SVP donner un nom à la nouvelle clé et sélectionner la taille de clé désirée Key properties Propriétés de la clé Name Nom The internal name of the new key Le nom interne de la nouvelle clé Curve name Nom de la courbe Usually at least 2048 bit keys are recommended Généralement une clé de 2048 bits est recommandée New Key Nouvelle Clé Keysize Taille de la clé Keytype Type de clé Remember as default Enregistrer comme valeur par défaut Create Créer NewX509 Source Source Signing request Requête de signature Show request Afficher la requête Sign this Certificate signing &request Signer cette &requête Copy extensions from the request Copier les extensions de la requête Modify subject of the request Modifier le sujet de la requête Signing Signer Create a &self signed certificate Créer un certificat auto-&signé Use &this Certificate for signing Utiliser &ce certificat pour signer All certificates in your database that can create valid signatures Tous les certificats dans la base de données qui peuvent produire des signatures valables Signature algorithm Algorithme de signature Template for the new certificate Modèle pour le nouveau certificat All available templates Tous les modèles disponibles Apply extensions Appliquer les extensions Apply subject Appliquer le sujet Apply all Appliquer tout Subject Sujet Internal Name Nom interne Distinguished name Nom distinctif Add Ajouter Delete Enlever Private key Clé privée This list only contains unused keys Cette liste ne contient que les clés inutilisées Used keys too Inclure les clés utilisées &Generate a new key &Générer une nouvelle clé Extensions Extensions Type Type If this will become a CA certificate or not Si un certificat d'autorité (CA) est en train d'être créé ou non Not defined Non défini Certification Authority Autorité de Certification End Entity Entité Finale Path length Distance aux entités finales How much CAs may be below this. Combien de niveau de sous-CA peuvent apparaître jusqu'à une entité finale. The basic constraints should always be critical Les contraintes basiques doivent toujours être critiques Key identifier Identifiant de clé Creates a hash of the key following the PKIX guidelines Crée un hachage de la clé conformément aux directives PKIX Copy the Subject Key Identifier from the issuer Copie l'identifiant de clé du sujet du signataire Validity Validité Not before Pas avant Not after Pas après Time range Intervalle de temps Days Jours Months Mois Years Années Apply Appliquer Set the time to 00:00:00 and 23:59:59 respectively Définir les heures à 00:00:00 et 23:59:59 respectivement Midnight Minuit Local time Heure locale No well-defined expiration Pas de date d'expiration précise DNS: IP: URI: email: RID: DNS: IP: URI: email: RID: Edit Modifier URI: URI: Key usage Usage de la clé Netscape Netscape Advanced Avancé Validate Valider Comment Commentaire This name is only used internally and does not appear in the resulting certificate Ce nom est seulement utilisé par xca et n'apparaît pas dans le certificat exporté Critical Critique Create Certificate signing request Créer une requête de signature de certificat minimum size: %1 taille minimale: %1 maximum size: %1 taille maximale: %1 only a-z A-Z 0-9 '()+,-./:=? seulement a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters seulement des caractères 7-bit ASCII imprimables Edit XCA template Editer un modèle XCA Create x509 Certificate Créer un certificat x509 Template '%1' applied Le modèle '%1' a été appliqué Subject applied from template '%1' Sujet extrait du modèle '%1' Extensions applied from template '%1' Les extensions du modéle '%1' ont été appliquées New key '%1' created La nouvelle clé '%1' a été créée Other Tabs Autres Onglets Advanced Tab Onglet Avancé Errors Erreurs From PKCS#10 request A partir d'une requête en PKCS#10 Error Erreur duplicate extensions Extensions à double The Name Constraints are invalid Les contraintes sur le nom sont invalides The Subject Alternative Name is invalid Le nom alternatif du sujet est invalide The Issuer Alternative Name is invalid Le nom alternatif de l'émetteur est invalide The CRL Distribution Point is invalid Le point de distribution de la CRL est invalide The Authority Information Access is invalid L'accès à l'information de l'autorité est invalide Abort rollout Interrompre le déploiement The following length restrictions of RFC3280 are violated: Pour être en conformité avec la RFC3280, les règles de restriction de longueur suivantes ne sont pas respectées: Edit subject Modifier le sujet Continue rollout Continuer le déploiement The verification of the Certificate request failed. The rollout should be aborted. La vérification de la requête de signature à échoué. Le déploiement devrait être interrompu. Continue anyway Continuer quand-même The internal name and the common name are empty. Please set at least the internal name. Le nom interne et le nom commun sont vides. SVP saisir au moins le nom interne. Edit name Modifier le nom There is no Key selected for signing. Aucune clé n'est sélectionnée pour la signature. Select key Sélectionner la clé The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. Les indications de nom distinctif suivantes sont vides: %1 bien que vous les avez déclarées comme obligatoires dans le menu des options. The key you selected for signing is not a private one. La clé sélectionnée pour la signature n'est pas une clé privée. Select other signer Sélectionner un autre signataire Select other key Sélectionner une autre clé The currently selected hash algorithm '%1' is insecure and should not be used. L'algorithme de hachage sélectionné '%1' est peu sûr et ne devrait pas être utilisé. Select other algorithm Sélectionner un autre algorithme Use algorithm anyway Utiliser quand même cet algorithme The certificate will be earlier valid than the signer. This is probably not what you want. Le certificat serait valide avant son signataire. Ce n'est probablement pas ce qui est désiré. Edit dates Modifier les limites de validité Adjust date and continue Ajuster la date et continuer The certificate will be longer valid than the signer. This is probably not what you want. Le certificat serait valide plus longtemps que son signataire. Ce n'est probablement pas ce qui est désiré. The certificate will be out of date before it becomes valid. You most probably mixed up both dates. Le certificat serait échu avant de devenir actif. Vous avez probablement interverti les deux dates. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. Le certificat contient des extensions dupliquées ou invalides. Vérifier la validité sur l'onglet "Avancé". The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. Le certificat ne contient aucune extension. Vous pouvez appliquer des extensions à partir de l'un des modèles pour définir l'usage du certificat The certificate contains invalid extensions. Le certificat contient des extensions invalides. Edit extensions Modifier les extensions The subject alternative name shall contain a copy of the common name. However, the common name is empty. Le nom alternatif du sujet devrait contenir une copie du nom commun. Cependant ce dernier est vide. A name constraint of the issuer '%1' is violated: %2 Une contrainte du signataire '%1' sur le nom n'est pas respectée: %2 Configfile error on line %1 Erreur dans le fichier de configuration à la ligne %1 OidResolver OID Resolver Convertisseur d'OID Enter the OID, the Nid, or one of the textual representations Saisir l'OID, le Nid ou une des représentations symboliques Search Rechercher OID OID Long name Nom complet OpenSSL internal ID Identification interne à OpenSSL Nid Nid Short name Nom abrégé OpenDb Open remote database Ouvrir une base de données externe Database type Type de base de données Hostname Nom du serveur Username Nom de l'utilisateur Password Mot de passe Database name Nom de la base de données Table prefix Préfixe du nom des tables No SqLite3 driver available. Please install the qt-sqlite package of your distribution Le pilote SqLite3 n'est pas disponible. SVP installez le paquetage qt-sqlite de votre distribution Options XCA Options Options de XCA Settings Réglages Default hash algorithm Algorithme de hachage par défaut String types Types de chaînes Suppress success messages Supprimer les messages en cas de succès Don't colorize expired certificates Ne pas coloriser les certificats expirés Translate established x509 terms (%1 -> %2) Traduire les termes standards définis par x509 (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. La fonctionalité de hachage du jeton n'est pas utilisée par XCA. Ce dernier peut néanmoins se limiter à un jeu restreint de fonctions de hachage reconnus par le jeton. En particulier, EC et DSA ne sont définis qu'avec SHA1 dans la spécification PKCS#11. Only use hashes supported by the token when signing with a token key N'utiliser que des fonction de hachage supportées par le jeton lors d'une signature avec une clé du jeton Disable legacy Netscape extensions Désactiver les extensions Netscape désuètes PKCS12 encryption algorithm Algorithme de chiffrement de PKCS12 Certificate expiry warning threshold Seuil d'avertissement de l'expiration d'un certificat Send vCalendar expiry reminder Envoyer un message vCalendar de rappel d'expiration Serial number length Longueur du numéro de série bit bits Distinguished name Nom distinctif Mandatory subject entries Inscriptions du sujet obligatoires Add Ajouter Delete Enlever Explicit subject entries Inscriptions explicites du sujet Dynamically arrange explicit subject entries Arranger dynamiquement les éléments explicites du sujet Default Défaut PKCS#11 provider Fournisseur PKCS#11 Remove Enlever Search Rechercher Printable string or UTF8 (default) Chaîne imprimable ou UTF8 (défaut) PKIX recommendation in RFC2459 La recommandation PKIX est dans la RFC2459 No BMP strings, only printable and T61 Pas de chaîne BMP, seulement imprimable et T61 UTF8 strings only (RFC2459) Chaînes UTF8 uniquement (RFC2459) All strings Toutes les chaînes Days Jours Weeks Semaines PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) Le mot de passe doit être exprimé sous forme d'une suite de chiffres hexadécimaux. Il doit contenir un nombre pair de chiffres (0-9 et a-f) Take as HEX string Exprimé en hexadécimal Repeat %1 Répéter %1 %1 mismatch %1 ne correspond pas Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters Un mot de passe hexadécimal peut seulement contenir les caractères '0' à '9' et 'a' à 'f' et il doit consister en un nombre pair de caractères Exit Quitter QObject Undefined Indéfini Broken / Invalid Invalide in %1 seconds dans %1 secondes %1 seconds ago il y a %1 secondes in %1 minutes dans %1 minutes %1 minutes ago il y a %1 minutes Yesterday Hier Tomorrow Demain in %1 hours dans %1 heures %1 hours ago il y a %1 heures Out of data A court de données Error finding endmarker of string Erreur: une marque de fin de chaîne n'a pas été trouvée All files ( * ) Tous les fichiers ( * ) PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK Keys ( *.pvk );; SSH Public Keys ( *.pub );; Clés PKI ( *.pem *.der *.key );; Clés PKCS#8 ( *.p8 *.pk8 );; Clés Microsoft PVK ( *.pvk );; Clés publiques SSH ( *.pub );; Import RSA key Importer une clé RSA PKCS#10 CSR ( *.pem *.der *.csr );; PKCS#10 CSR ( *.pem *.der *.csr );; Import Request Importer une requête Certificates ( *.pem *.der *.crt *.cer );; Certificats ( *.pem *.der *.crt *.cer );; Import X.509 Certificate Importer un certificat X.509 PKCS#7 data ( *.p7s *.p7m *.p7b );; Données PKCS#7 ( *.p7s *.p7m *.p7b );; Import PKCS#7 Certificates Importer un certificat PKCS#7 PKCS#12 Certificates ( *.p12 *.pfx );; Certificats PKCS#12 ( *.p12 *.pfx );; Import PKCS#12 Private Certificate Importer un certificat privé PKCS#12 XCA templates ( *.xca );; Modèles XCA ( *.xca );; Import XCA Templates Importer des modèles XCA Revocation lists ( *.pem *.der *.crl );; Listes de révocation ( *.pem *.der *.crl );; Import Certificate Revocation List Importer une liste de révocation de certificats XCA Databases ( *.xdb );; Bases de données XCA ( *.xdb );; Open XCA Database Ouvrir une Base de Données XCA OpenVPN tls-auth key ( *.key );; clé tls-auth de OpenVPN ( *.key );; Import OpenVPN tls-auth key Importer une clé tls-auth de OpenVPN PKCS#11 library ( *.dll );; Bibliothèque PKCS#11 ( *.dll );; PKCS#11 library ( *.dylib *.so );; Bibliothèque PKCS#11 ( *.dylib *.so );; PKCS#11 library ( *.so );; Bibliothèque PKCS#11 ( *.so );; Open PKCS#11 shared library Ouvrir une bibliothèque partagée PKCS#11 PEM files ( *.pem );; Fichiers PEM ( *.pem );; Load PEM encoded file Charger un fichier en format PEM Please enter the PIN on the PinPad Saisir le NIP sur le pavé prévu à cet effet SVP Please enter the SO PIN (PUK) of the token %1 SVP saisir le PUK du jeton '%1' Please enter the PIN of the token %1 SVP saisir le NIP du jeton '%1' No Security token found Aucun jeton de sécurité trouvé Select Sélectionner Please enter the new SO PIN (PUK) for the token: '%1' SVP saisir le nouveau PUK pour le jeton: '%1' Please enter the new PIN for the token: '%1' SVP saisir le nouveau NIP pour le jeton: '%1' Required PIN size: %1 - %2 Taille du NIP requise: %1 - %2 Disabled Désactivé Library loading failed Le chargement de la bibliothèque a échoué PKCS#11 function '%1' failed: %2 La fonction PKCS#11 '%1' a échoué: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 La fonction PKCS#11 '%1' a échoué: %2 Dans la bibliothèque %3 %4 Invalid Invalide %1 is shorter than %2 bytes: '%3' %1 est plus court que %2 octets: '%3' %1 is longer than %2 bytes: '%3' %1 est plus long que %2 octets: '%3' String '%1' for '%2' contains invalid characters La chaîne '%1' pour '%2' contient des caractères invalides Error reading config file %1 at line %2 Erreur de lecture du fichier de configuration %1 à la ligne %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. L'objet '%1' du fichier %2, ligne %3 est déjà connu comme '%4:%5:%6' et devrait être détruit. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. L'identificateur '%1' de l'OID %2 du fichier %3, ligne %4 est déjà utilisé pour un OID différent connu comme '%5:%6:%7' et devrait être changé pour éviter les conflits. Unknown object '%1' in file %2 line %3 Objet inconnu '%1' dans le fichier %2, ligne %3 Failed to start a database transaction Impossible de démarrer la transaction BDD Country code Code de pays State or Province Etat ou province Locality Localité Organisation Organisation Organisational unit Unité d'organisation Common name Nom commun E-Mail address Adresse de courriel Serial number Numéro de série Given name Prénom Surname Nom de famille Title Titre Initials Initiales Description Description Role Rôle Pseudonym Pseudonyme Generation Qualifier Qualifiant de génération x500 Unique Identifier Identifiant Unique X500 Name Nom DN Qualifier Qualifiant de DN Unstructured name Nom non-structuré Challenge password Mot de passe challenge Basic Constraints Contraintes de base Name Constraints Contraintes sur le nom Subject alternative name Nom alternatif du sujet issuer alternative name Nom alternatif de l'émetteur Subject key identifier Clé d'identification du sujet Authority key identifier Clé d'identification de l'autorité Key usage Usage de la clé Extended key usage Usage étendu de la clé CRL distribution points Points de distribution de la CRL Authority information access Accès à l'information de l'autorité Certificate type Type de certificat Base URL URL de base Revocation URL URL de révocation CA Revocation URL URL de révocation du CA Certificate renewal URL URL de renouvellement du certificat CA policy URL URL de la politique du CA SSL server name Nom du serveur SSL Comment Commentaire Index file written to '%1' Fichier d'index écrit dans '%1' Index hierarchy written to '%1' Hiérarchie d'index écrite dans '%1' Unknown key type %1 Type de clé inconnu %1 Failed to write PEM data to '%1' Impossible d'écrire les données en PEM dans '%1' Password verify error, please try again La vérification du mot de passe a échoué. SVP essayez encore The following error occurred: L'erreur suivante s'est produite: Failed to update the database schema to the current version Impossible de mettre à jour le schéma de la base de données vers la version courante Password Mot de passe insecure précaire ReqTreeView Sign Signer Unmark signed Marquer comme non-signée Mark signed Marquer comme signée Similar Request Requête similaire Certificate request export Exporter la requête de signature Certificate request ( *.pem *.der *.csr ) Requête de signature de certificat ( *.pem *.der *.csr ) RevocationList Manage revocations Gérer les révocations Add Ajouter Delete Enlever Edit Modifier No. No. Serial Numéro de série Revocation Révocation Reason Raison Invalidation Invalidation Generate CRL Générer la liste de révocation Revoke Certificate revocation Révocation du certificat Revocation details Détails de la révocation Revocation reason Raison de la révocation Local time Heure locale Invalid since Non-valide depuis Serial Numéro de série SearchPkcs11 Directory Dossier ... ... Include subdirectories include les sous-dossiers Search Rechercher The following files are possible PKCS#11 libraries Les fichiers suivants sont susceptibles d'être des bibliothèques PKCS#11 SelectToken Security token Jeton de sécurité Please select the security token SVP sélectionner le jeton de sécurité TempTreeView Duplicate Dupliquer Create certificate Créer un certificat Create request Créer une requête copy copier Preset Template values Initialiser les valeurs du modèle Template export Exporter le modèle XCA Templates ( *.xca ) Modèles XCA ( *.xca ) Validity yyyy-MM-dd hh:mm yyyy-MM-dd hh:mm X509SuperTreeView Transform Transformer Template Modèle Public key Clé publique XFile Error opening file: '%1': %2 Erreur d'ouverture du fichier: '%1': %2 Error rewinding file: '%1': %2 Erreur de repositionnement du fichier: '%1' %2 XcaDetail Import Importer XcaTreeView Item properties Propriétés de l'élement Subject entries Inscriptions du sujet X509v3 Extensions Extensions X509v3 Netscape extensions Extensions Netscape Key properties Propriétés de la clé Reset Réinitialisation Hide Column Cacher la colonne Details Détails Columns Colonnes Export Password Mot de passe d'exportation Please enter the password to encrypt all %n exported private key(s) in: %1 Singular form for 0 or 1 item can be ignored. Will always be called with n >= 2 SVP saisir le mot de passe pour chiffrer les %n clé(s) privée(s) exportée(s) vers: %1 SVP saisir le mot de passe pour chiffrer les %n clé(s) privée(s) exportée(s) vers: %1 New Créer Import Importer Paste PEM data Coller les données en format PEM Rename Renommer Properties Propriétés Delete Enlever Export Exporter Clipboard Presse-papier File Fichier Clipboard format Format du presse-papier database_model Please enter the password to access the database server %2 as user '%1'. SVP saisir le mot de passe de l'utilisateur '%1' sur le serveur de base de données %2. Unable to create '%1': %2 Impossible de créer '%1': %2 The file '%1' is not an XCA database Le fichier '%1' n'est pas une base de données XCA No SqLite3 driver available. Please install the qt-sqlite package of your distribution Le pilote SqLite3 n'est pas disponible. SVP installez le paquetage qt-sqlite de votre distribution New Password Nouveau mot de passe Please enter a password, that will be used to encrypt your private keys in the database: %1 Veuillez saisir un mot de passe, qui sera utilisé pour chiffrer vos clés privées dans la base de données: %1 Password Mot de passe Please enter the password for unlocking the database: %1 Veuillez entrer le mot passe pour déverrouiller la base de données: %1 db_base Internal name Nom interne No. No. Primary key Clé primaire Database unique number Numéro unique de la base de données Date Date Date of creation or insertion Date de création ou d'importation Source Source Generated, Imported, Transformed Généré, Importé, Transformé Comment Commentaire First line of the comment field Première ligne du champ de commentaire Import from: %1 Importer à partir de: %1 Could not create directory %1 Impossible de créer le répertoire %1 db_crl Signer Signataire Internal name of the signer Nom interne du signataire No. revoked Numéro révoqué Number of revoked certificates Nombre de certificats révoqués Last update Dernière mise-à-jour Next update Prochaine mise-à-jour CRL number Numéro de la liste de révocation The revocation list already exists in the database as: '%1' and so it was not imported Cette liste de révocation figure déjà dans la base de données sous le nom: '%1' En conséquence, elle n'a pas été importée Failed to initiate DB transaction Impossible de démarrer la transaction BDD Database error: %1 Erreur de la base de données: %1 db_key Type Type Size Taille EC Group Groupe EC Use Usage Password Mot de passe The key is already in the database as: '%1' and is not going to be imported Cette clé figure déjà dans la base de données sous le nom: '%1' En conséquence, elle ne va pas être importée The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key La base de données connait déjà la partie publique de la clé importée sous le nom '%1' En conséquence, cette dernière sera complétée par la partie privée de la clé importée Extending public key from %1 by imported key '%2' Extension de la clé publique de %1 par la clé importée '%2' Key size too small ! Taille de clé trop petite ! You are sure to create a key of the size: %1 ? Etes-vous sûr de vouloir créer une clé de taille %1 ? Internal key update: The keys: %1 must be updated once by resetting and setting its private password Mise-à-jour interne des clés: Les clés: '%1' doivent être mises à jour une seule fois par réinitialisation du mot de passe privé Tried to change password of a token Tentative de changement de mot de passe d'un jeton de sécurité db_temp Bad template: %1 Mauvais modèle: %1 Empty template Modèle vide db_x509 CA CA reflects the basic Constraints extension reflète l'extension des contraintes basiques Serial Numéro de série Start date Date de début Expiry date Date d'expiration MD5 fingerprint Empreinte MD5 SHA1 fingerprint Empreinte SHA1 SHA256 fingerprint Empreinte SHA256 Not before Pas avant Not after Pas après Revocation Révocation CRL Expiration Expiration de la CRL Failed to retrieve unique random serial L'extraction d'un numéro de série aléatoire a échoué The certificate already exists in the database as: '%1' and so it was not imported Ce certificat figure déjà dans la base de données sous le nom: '%1' En conséquence, il n'a pas été importé Signed on %1 by '%2' Signé le %1 par '%2' Unknown Inconnu Invalid public key Clé publique invalide The key you selected for signing is not a private one. La clé sélectionnée pour la signature n'est pas une clé privée. Failed to create directory '%1' Impossible de créer le répertoire %1 Store the certificate to the key on the token '%1 (#%2)' ? Enregistrer le certificate avec la clé sur le jeton '%1 (#%2)' ? There was no key found for the Certificate: '%1' Aucune clé n'a été trouvée pour le Certificat. '%1' Not possible for a token key: '%1' Impossible pour une clé d'un jeton de sécurité: '%1' Not possible for the token-key Certificate '%1' Impossible pour le certificat d'une clé d'un jeton de sécurité: '%1' db_x509name Subject Sujet Complete distinguished name Nom distinctif complet Subject hash Hachage du sujet Hash to lookup certs in directories Hachage de recherche dans un dossier db_x509req Signed Signée whether the request is already signed or not si la requête a déjà été signée ou non Unstructured name Nom non-structuré Challenge password Mot de passe challenge Certificate count Nombre de certificats Number of certificates in the database with the same public key Nombre de certificats dans la base de données avec la même clé The certificate signing request already exists in the database as '%1' and thus was not stored Cette requête de signature figure déjà dans la base de données sous le nom '%1' En conséquence, elle n'a pas été chargée db_x509super Key name Nom de la clé Internal name of the key Nom interne de la clé Signature algorithm Algorithme de signature Key type Type de clé Key size Taille de la clé EC Group Groupe EC Extracted from %1 '%2' Extrait de %1 '%2' Certificate Certificat Certificate request Requête de certificat The following extensions were not ported into the template Les extensions suivantes n'ont pas été enregistrées dans le modèle Transformed from %1 '%2' Transformé à partir de %1 '%2' kvView Type Type Content Contenu pass_info Password Mot de passe PIN NIP pkcs11_lib Failed to open PKCS11 library: %1: %2 L'ouverture de la bibliothèque PKCS11 a échoué: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Cela n'a pas l'air d'une bibliothèque PKCS#11. Le symbole 'C_GetFunctionList' n'a pas été trouvé. pki_base Unknown Inconnu Imported Importé Generated Généré Transformed Transformé Token Jeton Legacy Database Base de données antérieure Renewed Renouvelé Property '%1' not listed in 'pki_base::print' Propriété '%1' non listée dans 'pki_base::print' Internal error: Unexpected message: %1 %2 Erreur interne: message inattendu: %1 %2 pki_crl Successfully imported the revocation list '%1' La liste de révocation '%1' a été importée avec succès Successfully created the revocation list '%1' La liste de révocation '%1' a été créée avec succès Delete the %n revocation list(s): '%1'? Détruire les %n liste(s) de révocation '%1' ? Détruire les %n liste(s) de révocation '%1' ? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. Impossible de charger le liste de révocation du fichier %1. Les formats PEM et DER ont été essayés. No issuer given Aucun signataire spécifié CRL Renewal of CA '%1' due Le renouvellement de la liste de révocation du CA '%1' est nécessaire The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' La dernière liste de révocation générée par le CA '%1' expirera le %2. Elle est stockée dans la base de données XCA '%3' Renew CRL: %1 Renouvellement de CRL: %1 The XCA CRL '%1', issued on %3 will expire on %4. It is stored in the XCA database '%5' La liste de révocation XCA '%1', émise le %3 expirera le %4. Elle est stockée dans la base de données XCA '%5' pki_evp Please enter the password to decrypt the private key %1. SVP saisir le mot de passe pour déchiffrer la clé privée %1, The key from file '%1' is incomplete or inconsistent. La clé dans le fichier '%1' est incomplète ou incorrecte. Please enter the password to decrypt the private key from file: %1 SVP saisir le mot de passe pour déchiffrer la clé privée du fichier: %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. Impossible de charger la clé privée du fichier %1. Les formats PEM et DER ainsi que les types de clés privé, public, PKCS#8 et le format SSH2 ont été essayés. Please enter the password to decrypt the private key: '%1' SVP saisir le mot de passe pour déchiffrer la clé privée: '%1' Password input aborted Saisie du mot de passe abandonnée Please enter the database password for decrypting the key '%1' SVP saisir le mot de passe de la base de données pour déchiffrer la clé '%1' Decryption of private key '%1' failed Le déchiffrement de la clé privée '%1' a échoué Please enter the password to protect the private key: '%1' SVP saisir le mot de passe pour protéger la clé privée: '%1' Please enter the database password for encrypting the key SVP saisir le mot de passe de la base de données pour chiffrer la clé Please enter the password to protect the PKCS#8 key '%1' in file: %2 SVP saisir le mot de passe protégeant la clé en PKCS#8 '%1' dans le fichier %2 Please enter the password to protect the private key '%1' in file: %2 SVP saisir le mot de passe pour protéger la clé privée '%1' dans le fichier: %2 pki_export PEM Text format with headers Format textuel PEM avec des en-têtes PEM selected PEM sélectionné Concatenated list of all selected certificates in one PEM text file Concaténation de tous les certificats sélectionnés dans un seul fichier texte en format PEM PEM chain Chaîne en PEM Concatenated text format of the complete certificate chain in one PEM file Fichier PEM contenant la concaténation de tous les certificats de la chaîne The complete certificate chain and the private key of the selected certificate with tags usable in OpenVPN configuration files La chaîne complète des certificats et la clé privée du certificat sélectionné avec des balises utilisables dans les fichiers de configuration d'OpenVPN PEM + key PEM + clé Concatenation of the certificate and the unencrypted private key in one PEM file La concaténation du certificat et de sa clé privée non-chiffrée dans un seul fichier PEM Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file La concaténation du certificat et de sa clé privée chiffrée en format PKCS#8 dans un seul fichier All unusable Tous les inutilisables Concatenation of all expired or revoked certificates in one PEM file Concaténation de tous les certificats expirés ou révoqués dans un seul fichier texte en format PEM PKCS#7 encoded single certificate Un seul certificat en format PKCS#7 All selected certificates encoded in one PKCS#7 file Tous les certificats sélectionnés dans un seul fichier en format PKCS#7 PKCS #7 chain Chaîne PKCS#7 PKCS#7 encoded complete certificate chain La chaîne complète de certificats en format PKCS#7 PKCS #7 unusable PKCS #7 inutilisable PKCS#7 encoded collection of all expired or revoked certificates Collection PKCS#7 chiffrée de tous les certificats expirés ou révoqués Binary DER encoded certificate Certificat codé en format binaire DER PKCS #12 chain Chaîne PKCS #12 The complete certificate chain and the private key as encrypted PKCS#12 file La chaîne complète des certificats et la clé privée en un seul fichier chiffré en format PKCS#12 PKCS #12 PKCS #12 The certificate and the private key as encrypted PKCS#12 file Le certificat et sa clé privée dans un fichier en format PKCS#12 Certificate Index file Fichier d'index des certificats OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool Fichier d'index des certificats spécifique à OpenSSL, tel que créé par la commande 'ca' et nécessaire à l'outil OCSP vCalendar Message vCalendar vCalendar expiry reminder for the selected items message vCalendar de rappel d'expiration des éléments sélectionnés CA vCalendar message vCalendar pour le CA vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL message vCalendar de rappel d'expiration contenant tous les certificats valides émis, le CA lui-même et la liste de révocation la plus récente OpenSSL config Configuration OpenSSL OpenSSL configuration file to create a certificate or request with the openssl commandline tool Fichier de configuration OpenSSL pour créer un certificat ou une requête au moyen de l'outil openssl en ligne de commande OpenVPN tls-auth key clé tls-auth de OpenVPN The OpenVPN tls-auth key is a secret key shared between endpoints La clé tls-auth de OpenVPN est une clé secrète partagée entre les points d'accès JSON Web Kit JSON Web Kit The public key of the certificate in JSON Web Kit format with X.509 Certificate Thumbprint (x5t) La clé publique du certificat en format JSON Web Kit avec une empreinte lisible du certificat X.509 (x5t) JSON Web Kit chain Chaîne JSON Web Kit The public key of the certificate in JSON Web Kit format with X.509 Certificate Thumbprint (x5t) and certificate chain (x5c) La clé publique du certificat en format JSON Web Kit avec une empreinte du certificat X.509 et la chaîne des certificats signataires (x5c) PEM public clé publique PEM Text format of the public key in one PEM file Formattage textuel de la clé publique dans un fichier PEM PEM private Clé privée PEM Unencrypted private key in text format Clé privée non-chiffrée en format texte PEM encrypted Chiffrée en PEM OpenSSL specific encrypted private key in text format Clé privée chiffrée spécifiquement par OpenSSL en format texte SSH2 private Clé privée SSH2 SSH2 public Clé publique SSH2 The public key encoded in SSH2 format La clé publique codée en format SSH2 DER public Clé publique DER Binary DER format of the public key Format binaire DER de la clé publique DER private Clé privée DER Unencrypted private key in binary DER format Clé privée non-chiffrée en format binaire DER PVK private Clé privée PVK Private key in Microsoft PVK format not encrypted La clé privée en format Microsoft PVK n'est pas chiffrée PKCS #8 encrypted Chiffrée en PKCS #8 Encrypted private key in PKCS#8 text format Clé privée chiffrée en format texte PKCS#8 PKCS #8 PKCS #8 Unencrypted private key in PKCS#8 text format Clé privée non-chiffrée en format texte PKCS#8 JSON Web Key private Clé privée JSON Web Kit Unencrypted private key in JSON Web Key format Clé privée non-chiffrée en format JSON Web Kit JSON Web Key public Clé publique JSON Web Kit Public key in JSON Web Key format La clé publique codée en format JSON Web Kit Binary DER format of the certificate request Format binaire DER de la clé publique Binary DER format of the revocation list Format binaire DER de la liste de révocation vCalendar reminder for the CRL expiry date message vCalendar de rappel d'expiration de la liste de révocation XCA template in PEM-like format. Templates include the internal name and comment Modèle XCA en format similaire à PEM. Les modèles contiennent leurs nom interne et commentaire All selected XCA templates in PEM-like format. Templates include the internal name and comment Tous les modèles XCA sélectionnés en format similaire à PEM. Les modèles contiennent leurs nom interne et commentaire pki_key Public key Clé publique Successfully imported the %1 public key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key La clé %1 publique '%2' a été importée avec succès Delete the %n %1 public key(s) '%2'? %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal name(s) of the key(s) Détruire les %n clé(s) %1 publique(s) '%2' ? Détruire les %n clé(s) %1 publique(s) '%2' ? Successfully imported the %1 private key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key La clé %1 privée '%2' a été importée avec succès Delete the %n %1 private key(s) '%2'? %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal name(s) of the key(s) Détruire les %n clé(s) %1 privée(s) '%2' ? Détruire les %n clé(s) %1 privée(s) '%2' ? Successfully created the %1 private key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key La clé %1 privée '%2' a été créée avec succès Common Global Private Privé Bogus Erroné PIN NIP No password Pas de mot de passe Unexpected SSH2 content: '%1' Contenu SSH2 inattendu: '%1' Invalid SSH2 public key Clé publique SSH2 invalide Failed writing to %1 Echec d'écriture sur %1 pki_multi No known PEM encoded items found Aucun objet PEM connu n'a été trouvé pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 SVP saisir le mot de passe pour déchiffrer le fichier en PKCS#12: %1 Unable to load the PKCS#12 (pfx) file %1. Impossible de charger le fichier en PKCS#12 (pfx) %1. The supplied password was wrong (%1) Le mot de passe renseigné était faux (%1) Please enter the password to encrypt the key of certificate '%1' in the PKCS#12 file: %2 SVP saisir le mot de passe pour chiffrer la clé du certificat '%1' dans le fichier en PKCS#12: %2 No key or no Cert and no pkcs12 Pas de clé ou pas de certificat et pas en PKCS#12 pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. Impossible de charger le fichier en PKCS#7 %1. Les formats PEM et DER ont été essayés. pki_scard Successfully imported the token key '%1' La clé du jeton '%1' a été importée avec succès Successfully created the token key '%1' La clé du jeton '%1' a été créée avec succès Delete the %n token key(s): '%1'? Détruire les %n clé(s) du jeton '%1' ? Détruire les %n clé(s) du jeton '%1' ? Delete the private key '%1' from the token '%2 (#%3)' ? Détruire la clé privée '%1' sur le jeton '%2 (#%3)' ? This Key is already on the token Cette clé est déjà sur le jeton PIN input aborted Saisie du NIP abandonnée Unable to find copied key on the token Impossible de trouver la clé copiée sur le jeton Please insert card: %1 %2 [%3] with Serial: %4 SVP insérer la carte %1 %2 [%3] avec le numéro de série: %4 Select Slot of %1 Sélectionner le créneau de %1 Unable to find generated key on card Impossible de trouver la clé générée sur la carte Token %1 Jeton %1 Failed to find the key on the token Impossible de trouver la clé sur le jeton Invalid Pin for the token NIP invalide pour le jeton Failed to initialize the key on the token Impossible d'initialiser la clé sur le jeton pki_temp Successfully imported the XCA template '%1' Le modèle XCA '%1' a été importé avec succès Successfully created the XCA template '%1' Le modèle XCA '%1' a été créé avec succès Delete the %n XCA template(s): '%1'? Détruire les %n modèle(s) XCA: '%1' ? Détruire les %n modèle(s) XCA: '%1' ? Wrong Size %1 Taille fausse %1 Template file content error (too small) Erreur de contenu du fichier de modèle (trop petit) Not a PEM encoded XCA Template Ce n'est pas un modèle XCA en format PEM Not an XCA Template, but '%1' Ce n'est pas un modèle XCA, mais '%1' pki_x509 Successfully imported the certificate '%1' Le certificat '%1' a été importé avec succès Successfully created the certificate '%1' Le certificat '%1' a été créé avec succès Delete the %n certificate(s): '%1'? Détruire les %n certificat(s): '%1' ? Détruire les %n certificat(s): '%1' ? Unable to load the certificate in file %1. Tried PEM and DER certificate. Impossible de charger le certificat du fichier %1. Les formats PEM et DER ont été essayés. Invalid OpenVPN tls-auth key Clé tls-auth de OpenVPN invalide Failed to import tls-auth key Impossible d'importer la clé tls-auth Same tls-auth key already stored for this CA La même clé tls-auth est déjà stockée pour ce CA New tls-auth key successfully imported La nouvelle clé tls-auth a été importée Existing tls-auth key successfully replaced La clé tls-auth existante a été remplacée This certificate is already on the security token Ce certificat est déjà dans le jeton de sécurité Delete the certificate '%1' from the token '%2 (#%3)'? Détruire le certificat '%1' sur le jeton '%2 (#%3)' ? There is no key for signing ! Il n'y a pas de clé pour signer ! No Non Yes Oui Renew certificate: %1 Renouvellement du certificat: %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' Le certificat XCA '%1' émis le %2 expirera le %3. Il est stocké dans la base de données XCA '%4' pki_x509req Signing key not valid (public key) La clé de signature n'est pas valide (c'est une clé publique) Successfully imported the PKCS#10 certificate request '%1' La requête PKCS#10 de signature '%1' a été importée avec succès Delete the %n PKCS#10 certificate request(s): '%1'? Détruire les requête(s) PKCS#10 de signature: '%1' ? Détruire les requête(s) PKCS#10 de signature: '%1' ? Successfully created the PKCS#10 certificate request '%1' La requête PKCS#10 de signature '%1' a été créée avec succès Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. Impossible de charger la requête de signature du fichier %1. Les formats PEM, DER et SPKAC ont été essayés. Signed Signée Unhandled Non-géré v3ext Copy Common Name Copier le nom commun Add Ajouter Delete Enlever Apply Appliquer Validate Valider Cancel Annuler An email address or 'copy' Une adresse de courriel ou 'copy' An email address Une adresse de courriel A registered ID: OBJECT IDENTIFIER un IDentifiant enregistré: IDENTIFICATEUR.OBJET A uniform resource indicator un indicateur uniforme de ressource A DNS domain name or 'copycn' un nom de domaine DNS ou 'copycn' A DNS domain name un nom de domaine DNS An IP address Une adresse IP Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' Syntaxe: <OID>;TYPE:texte sous la forme '1.2.3.4:UTF8:nom' No editing. Only 'copy' allowed here Pas de modification possible. Seul 'copy' est permis ici Validation failed: '%1' %2 La validation a échoué: '%1' %2 Validation successful: '%1' La validation a été effectuée avec succès: '%1' xcaWarningGui Copy to Clipboard Copier dans le presse-papier xca-RELEASE.2.9.0/lang/xca_hr.ts000066400000000000000000007622451477156507700161540ustar00rootroot00000000000000 About Done Završeno, Obavljeno Gotovo CaProperties CA Properties Svojstva CA Osobine CA Use random Serial numbers Koristi slučajne Serijske brojeve Form Obrazac Days until next CRL issuing Broj dana do izdavanja CRL Broj dana do sljedećeg CRL Default template Osnovni obrazac Zadani predložak Next serial for signing Sljedeći Serijski broj za potpis CertDetail Details of the Certificate Detalji Potvrde S&tatus Status? S&tanje Serial Serijski broj The serial number of the certificate Serijski broj potvrde The internal name of the certificate in the database Interno ime potvrde (u bazi) Internal name Interno ime Signature algorithm Algoritam potpisa Signature Potpis Key Ključ Fingerprints Sažeci potvrde SHA1 SHA1 MD5 MD5 A SHA-1 hashsum of the certificate SHA-1 sažetak potvrde An md5 hashsum of the certificate MD5 sažetak potvrde Status Stanje SHA256 SHA256 A SHA-256 hashsum of the certificate SHA-256 sažetak potvrde Validity Valjanost The time since the certificate is valid Vrijeme od kada je potvrda valjana The time until the certificate is valid Vrijeme do kada je potvrda valjana Subject Subjekt Issuer Izdavatelj Extensions Proširenja Validation Provjera Purposes Namjena Strict RFC 5280 validation Dosljedna RFC 5280 provjera Comment Napomena &Subject Nositelj? &Subjekt &Issuer &Izdavatelj Attributes Svojstva &Extensions Ekstenzije, Produžeci, Dodaci? &Proširenja Show config Prikaži konfiguraciju Show extensions Ekstenzije? Pokaži proširenja Show public key Prikaži javni ključ This key is not in the database. Ovaj ključ nije u bazi podataka. Not available Nije dostupno No verification errors found. Kod provjere nisu pronađene greške. Revoked at %1 Opozvan od %1 Details of the certificate Detalji potvrde Signer unknown Potpisnik (izdavatelj) nepoznat Self signed Samopotpisan Not trusted kome se ne vjeruje Nepouzdan Trusted Pouzdan Revoked: Opozvan: Not valid Nevažeći Valid Važeći Details of the certificate signing request Detalji zahtjeva za izdavanje potvrde CertExtend Certificate renewal Obnova potvrde This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. trajanja, važenja Ovo će izraditi novu potvrdu kao kopiju postojeće s novim serijskim brojem i podešenim vrijednostima valjanosti potvrde. Validity Ispravnost, važenje, Valjanost Not before Ne prije Od Not after Ne nakon Do Time range Vremensko razdoblje Days Dana Months Mjeseci Years Godina Apply Primijeni Revoke old certificate Opozovi staru potvrdu Replace old certificate Zamijeni staru potvrdu Keep serial number Sačuvaj serijski broj Midnight Ponoć Local time Dug naziv, ne stane (stane, promijenjeno neodređeno trajanje) Lokalno vrijeme No well-defined expiration Neodređeno trajanje Neodređeno trajanje The certificate will be earlier valid than the signer. This is probably not what you want. Početak valjanosti potvrde je prije početka valjanosti potvrde potpisnika (ovjeritelja). To vjerojatno nije ono što ste htjeli. Edit times Uredi vremena Edit dates Uredi datume Abort rollout Izdavanju??? teško je reči O uvođenju Continue rollout Nastavi uvođenje Adjust date and continue Podesi datum i nastavi The certificate will be longer valid than the signer. This is probably not what you want. Kraj valjanosti potvrde je nakon isteka valjanosti potvrde potpisnika (ovjeritelja). To vjerojatno nije ono što ste htjeli. CertTreeView Hide unusable certificates Sakrij neupotrebljive potvrde Import PKCS#12 Uvezi PKCS#12 Import from PKCS#7 Uvezi PKCS#7 Request Zahtjev Security token Pametni token Other token Drugi token Similar Certificate Slična Potvrda Delete from Security token Obriši s pametnog tokena CA CA Properties Osobine Generate CRL Izradi CRL Manage revocations Upravljaj opozivima Import OpenVPN tls-auth key Uvezi OpenVPN tls-auth ključ Plain View Običan pregled Tree View Stablast pregled days dana No template Nema predloška CA Properties Osobine CA Certificate export Izvoz potvrde X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) X509 potvrde ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) vCalendar entry ( *.ics ) vCalendar format ( *.ics ) OpenVPN file ( *.ovpn ) OpenVPN datoteka ( *.ovpn ) OpenVPN tls-auth key ( *.key ) OpenVPN tls-auth ključ ( *.key ) Trust Povjerenje Renewal Obnovi Revoke Opozovi Unrevoke Nemoj opozvati CertView There was no key found for the Certificate: Nije pronađen ključ za Potvrdu: Import Certificate signing request Uvezi zahtjev za izdavanje Potvrde (CSR) ClickLabel Double click for details Dvaput klikni za detalje CrlDetail Details of the Revocation list Detalji popisa opozvanih potvrda &Status &Stanje Version Inačica Signature Potpis Signed by Potpisao Name Ime The internal name of the CRL in the database Interno ime popisa povučenih potvrda (u bazi podataka) issuing dates datumi izdavanja Next update Sljedeća obnova Last update Posljednja obnova Comment Napomena Next Update Sljedeća obnova Last Update Posljednja obnova &Issuer &Izdavatelj &Extensions &Proširenja &Revocation list &Popis opoziva 0 0 Serial Serijski broj Revocation Opoziv Reason Razlog Invalidation Poništenje Failed Neuspješno Unknown signer Nepoznat potpisnik (izdavatelj) Verification not possible Nije moguće obaviti provjeru Unknown certificate Nepoznata potvrda CrlTreeView There are no CA certificates for CRL generation Nema CA potvrda za izradu liste opozvanih potvrda Select CA certificate Odaberi CA potvrdu Revocation list export Izvoz popisa opozvanih potvrda CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) vCalendar entry ( *.ics ) vCalendar format ( *.ics ) ExportCert X509 Certificates ( *.cer *.crt *.p12 *.p7b);;All files ( * ) X509 Potvrda ( *.cer *.crt *.p12 *.p7b);;Sve datoteke ( * ) DER is a binary format of the Certificate PEM is a base64 encoded Certificate PKCS#7 is an official Certificate exchange format PKCS#12 is an encrypted official Key-Certificate exchange format DER je binarni format Potvrde PEM je base64 kodirana Potvrde PKCS#7 is službeni format za razmjenu Potvrda PKCS#12 je kriptirani format za razmjenu Ključa i Potvrde Please enter the filename for the certificate. Unesite ime datoteke za potvrdu. Certificate export Izvoz potvrde ExportDer All files ( * ) Sve datoteke ( * ) DER is a binary format PEM is a base64 encoded DER file DER je binarni format PEM je base64 kodirana DER datoteka ExportDialog Name Ime The internal name of the CRL in the database Interno ime popisa povučenih potvrda (u bazi podataka) ... ... Filename Datoteka Each Item in a separate file Svaka stavka u zasebnoj datoteci Same encryption password for all items Ista enkripcijska zaporka za sve stavke Export comment into PEM file Izvezi komentar u PEM datoteku Please enter the filename Unesite ime datoteke Export Format Format izvoza All files ( * ) Sve datoteke ( * ) PEM Text format with headers PEM Tekst format sa zaglavljima Concatenated list of all selected items in one PEM text file Lista svih odabranih stavki spojena u jednu PEM datoteku Concatenated text format of the complete certificate chain in one PEM file Cjelokupni lanac potvrda spojen u jednu tekstualnu PEM datoteku Tekstualni format s cjelokupnim lancem potvrda spojenim u jednu PEM datoteku Concatenated text format of all trusted certificates in one PEM file Tekstualni format sa svim pouzdanim potvrdama u jednoj PEM datoteci Concatenated text format of all certificates in one PEM file Sve potvrde spojene u jednu tekstualnu PEM datoteku Tekstualni format sa svim potvrdama spojenim u jednu PEM datoteku Binary DER encoded file Binarna datoteka kodirana u DER formatu PKCS#7 encoded single certificate Pojedinačni certifikat kodiran u PKCS#7 formatu PKCS#7 encoded complete certificate chain Cjelokupni lanac potvrda kodiran u PKCS#7 formatu All trusted certificates encoded in one PKCS#7 file Sve pouzdane potvrde kodirane u jednoj PKCS#7 datoteci Concatenated text format of all unrevoked certificates in one PEM file Tekstualni format sa svim neopozvanim potvrdama spojenim u jednu PEM datoteku Tekstualni format sa svim neopozvanim potvrdama u jednoj PEM datoteku All unrevoked certificates encoded in one PKCS#7 file Sve neopozvane potvrde kodirane u jednoj PKCS#7 datoteci All selected certificates encoded in one PKCS#7 file Sve odabrane potvrde kodirane u jednoj PKCS#7 datoteci All certificates encoded in one PKCS#7 file Sve potvrde kodirane u jednoj PKCS#7 datoteci The certificate and the private key as encrypted PKCS#12 file Potvrda i privatni ključ u kriptiranoj PKCS#12 datoteci The complete certificate chain and the private key as encrypted PKCS#12 file Cjelokupni lanac potvrda i privatni ključ u kriptiranoj PKCS#12 datoteci Concatenation of the certificate and the unencrypted private key in one PEM file Spajanje potvrde i nekriptiranog privatnog ključa u jednu PEM datoteku Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Spajanje potvrde i kriptiranog privatnog ključa u PKCS#8 formatu u jednu datoteku Text format of the public key in one PEM file Tekstualni format javnog ključa u jednoj PEM datoteci Binary DER format of the public key Binarni DER format javnog ključa Unencrypted private key in text format Nekriptirani privatni ključ u tekstualnom formatu OpenSSL specific encrypted private key in text format Privatni ključ kriptiran na OpenSSL način u tekstualnom formatu Unencrypted private key in binary DER format Nekriptirani privatni ključ u binarnom DER formatu Unencrypted private key in PKCS#8 text format Nekriptirani privatni ključ u PKCS#8 tekst formatu Encrypted private key in PKCS#8 text format Kriptirani privatni ključ u PKCS#8 tekst formatu The public key encoded in SSH2 format Javni ključ kodiran u SSH2 formatu OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool Certificate Index datoteka na OpenSSL način, izrađena pomoću naredbe 'ca' kako zahtjeva OCSP alat vCalendar expiry reminder for the selected items vCalendar podsjetnik o prestanku važenja odabranih stavki vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL vCalendar podsjetnik o prestanku važenja sadrži sve izdane, važeće potvrde, sam CA certifikat i zadnji CRL Private key in Microsoft PVK format not encrypted Privatni ključ u Microsoft PVK formatu nije kriptiran Encrypted private key in Microsoft PVK format Kriptirani privatni ključ u Microsoft PVK formatu Certificate Index file Kazalo datoteka Potvrda %n selected item(s) %n odabrana stavka %n odabrane stavke %n odabrane stavke The file: '%1' already exists! Datoteka: '%1' već postoji! Overwrite Prepiši Do not overwrite Nemoj prepisati The path: '%1' exist, but is not a file Putanja '%1' postoji, no nije datoteka The path: '%1' exist, but is not a directory Putanja '%1' postoji, no nije mapa The directory: '%1' does not exist. Should it be created? Mapa '%1' ne postoji. Treba li ju stvoriti? Create Izradi Failed to create directory '%1' Neuspješno stvaranje mape '%1' Directory Mapa ExportKey When exporting the private key it should be encrypted. Kod izvoza privatni ključ bi trebao biti kriptiran. When exporting the private part, it should be encrypted. Kod izvoza privatni dio bi trebao biti kriptiran. E&xport the private part of the Key too I&zvezi i privatni dio Ključa Export as PKCS#8 Izvezi kao PKCS#8 &Encrypt the Key with a password &Kriptiraj Ključ sa zaporkom Private keys ( *.pem *.der *.pk8 );;All files ( * ) Privatni ključevi ( *.pem *.der *.pk8 );;Sve datoteke ( * ) DER is a binary format of the key without encryption PEM is a base64 encoded key with optional encryption PKCS#8 is an encrypted official Key-exchange format DER je binarni format ključa bez kripcije PEM je base64 kodirani ključ s opcionalnom kripcijom PKCS#8 je službeni format za razmjenu ključeva Please enter the filename for the key. Unesite ime datoteke za ključ. Export public %1 key Izvezi javni %1 ključ Export %1 key Izvezi %1 ključ Form last update posljednja obnova next update sljedeća obnova Days Dana Months Mjeseci Years Godina Apply Primijeni Midnight Ponoć Local time Lokalno vrijeme No well-defined expiration Neodređeno trajanje Help << << >> >> &Done Završeno, Obavljeno &Gotovo ImportMulti Import PKI Items Uvezi PKI stavke Import &All Uvezi &Sve &Import &Uvezi &Done &Gotovo &Remove from list &Obriši s popisa Details Detalji Delete from token Obriši s tokena Rename on token Preimenuj na tokenu Name: %1 Model: %2 Serial: %3 ime, naziv? Ime: %1 Model: %2 Serijski broj: %3 Manage security token Upravljaj pametnim tokenom The type of the Item '%1' is not recognized Vrsta stavke '%1' je nepoznata Details of the item '%1' cannot be shown Detalji stavke '%1' ne mogu se prikazati The type of the item '%1' is not recognized Vrsta stavke '%1' je nepoznata Could not open the default database Ne mogu otvoriti zadanu bazu podataka The file '%1' did not contain PKI data Datoteka '%1' ne sadrži PKI podatke The %1 files: '%2' did not contain PKI data Datoteke %1: '%2'ne sadrže PKI podatke ItemProperties Form Obrazac Name Ime Source Izvor Insertion date Datum unošenja Comment Napomena KeyDetail Name Ime The internal name of the key used by xca Interno ime ključa korišteno od strane xca Security token Pametni token Manufacturer Proizvođač Serial Serijski broj Key Ključ Public Exponent Javni Eksponent Keysize Dužina ključa Private Exponent Privatni Exponent Security Token Pametni token Label Oznaka PKCS#11 ID PKCS#11 ID Token information Podaci o tokenu Model Model Fingerprint Sažetak Comment Napomena Modulus Modul Details of the %1 key Detalji %1 ključa Not available Nije dostupno Token Token Security token ID:%1 Oznaka pametnog tokena:%1 Available Dostupno Sub prime Ostaviti u orginalu? Prosti broj - 1 Public key Javni ključ Private key Privatni ključ Curve name Ime krivulje Unknown key Nepoznati ključ KeyTreeView Clipboard format Format međuspremnika Change password Promjena zaporke Reset password Postavi početnu zaporku Change PIN Promijeni PIN Init PIN with SO PIN (PUK) Pripremi PIN pomoću SO PIN (PUK) Change SO PIN (PUK) Promijeni SO PIN (PUK) Security token Pametni token This is not a token Ovo nije token Key export Izvoz ključa SSH Private Keys ( *.priv ) SSH privatni ključevi ( *.priv ) Microsoft PVK Keys ( *.pvk ) Microsoft PVK ključevi ( *.pvk ) Export public key [%1] Izvezi javni ključ [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Privatni ključevi ( *.pem *.der *.pk8 );; SSH javni ključevi ( *.pub ) Tried to change PIN of a key Pokušaj promjene PIN ključa Tried to init PIN of a key Pokušaj inicijalizacije PIN ključa Tried to change SO PIN of a key Pokušaj inicijalizacije SO PIN ključa Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable Da li originalni ključ '%1' treba biti zamijenjen ključem iz tokena? To će obrisati ključ '%1' i onemogućiti njegov izvoz MainWindow Private Keys Privatni Ključevi &New Key &Novi Ključ &Export &Izvezi &Import &Uvezi Import PFX (PKCS#12) Uvezi PFX (PKCS#12) &Show Details &Prikaži Detalje &Delete &Obriši Certificate signing requests Zahtjev za izdavanje potvrde (CSR) &New Request &Novi Zahtjev Certificates Potvrde &New Certificate &Nova Potvrda Import &PKCS#12 Uvezi &PKCS#12 Import P&KCS#7 Uvezi &PKCS#7 Plain View Običan pregled Templates Predlošci &New Template &Novi predložak &New CRL &Novi CRL &New template &Novi predložak Ch&ange Template Pr&omijeni predložak Revocation lists Popis opozvanih potvrda Using or exporting private keys will not be possible without providing the correct password Korištenje ili izvoz privatnih ključeva neće biti moguće bez davanja ispravne zaporke Database Baza podataka The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. Trenutno korišteni zadani sažetak '%1' je nesiguran. Iz sigurnosnih razloga odaberite barem 'SHA 224'. Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Detektiran stari format baze podataka. Izrađujem rezervnu kopiju s imenom: '%1' i pretvaram bazu podataka u novi format Failed to rename the database file, because the target already exists Nije moguće preimenovati datoteku baze podataka, ciljano ime već postoji No deleted items found Nisu pronađene obrisane stavke Errors detected and repaired while deleting outdated items from the database. A backup file was created Tijekom brisanja zastarjelih stavaka iz baze podataka otkrivene su i popravljene greške. Kreirana je rezervna kopija Removing deleted or outdated items from the database failed. Nije uspjelo uklanjanje obrisanih ili zastarjelih stavki iz baze podataka. Recent DataBases Nedavno korištena baza System Sustav Croatian Hrvatski English Engleski French Francuski German Njemački Japanese Japanski Korean Korejski Russian Ruski Spanish Španjolski Persian Perzijski Bulgarian Bugarski Polish Poljski Italian Talijanski Chinese Kineski Dutch Nizozemski Portuguese in Brazil Brazilski portugalski Indonesian Indonezijski Turkish Turski Language Jezik &File &Datoteka &New DataBase &Nova baza podataka &Open DataBase &Otvori bazu podataka Open Remote DataBase Otvori udaljenu bazu podataka Paste PEM file Ubaci, zalijepi Zalijepi PEM datoteku Token Token &Export Certificate Index &Izvezi kazalo Potvrda &Export Certificate Index hierarchy &Izvezi hijerarhiju kazala Potvrda Generate DH parameter Generiraj DH parametar Database dump ( *.dump );; All files ( * ) Istovar baze podataka ( *dump );; Sve datoteke ( * ) Set as default DataBase Postavi kao zadanu bazu podataka &Close DataBase &Zatvori bazu podataka &Dump DataBase I&stovari bazu podataka C&hange DataBase password P&romijeni zaporku baze podataka &Import old db_dump &Uvezi stari istovar baze podataka &Undelete items &Vrati obrisane stavke Options Opcije Slovak Slovački New DataBase Nova baza podataka Open DataBase Otvori bazu podataka Close DataBase Zatvori bazu podataka Exit Izlaz I&mport U&vezi Keys Ključevi Requests Zahtjevi PKCS#12 PKCS#12 PKCS#7 PKCS#7 Template Predložak Revocation list Popis opozvanih potvrda PEM file PEM datoteka Content Sadržaj paste PEM file zalijepi PEM datoteku &Token &Token &Manage Security token &Upravljaj pametnim tokenom &Init Security token &Inicijaliziraj pametni token &Change PIN &Promijeni PIN Change &SO PIN Promijeni &SO PIN Init PIN Inicijaliziraj PIN Extra Dodatno Export Certificate &Index hierarchy &Izvezi hijerarhiju kazala Potvrda OID Resolver Prevoditelj OID &Help &Pomoć &Content &Sadržaj About O programu &About &O programu Donations Donacije Database dump ( *.dump );;All files ( * ) Istovari baze podataka ( *.dump );;Sve datoteke ( * ) Import password Zaporka za uvoz Please enter the password of the old database Unesite zaporku stare baze podataka Password verification error. Ignore keys ? Greška provjere zaporke. Ignorirati ključeve? Import anyway Ipak uvezi no such option: %1 nema te opcije: %1 Import PEM data Uvezi PEM podatke Please enter the original SO PIN (PUK) of the token '%1' Unesi originalni SO PIN (PUK) pametnog tokena '%1' Please enter the new SO PIN (PUK) of the token '%1' Unesite novi SO PIN (PUK) pametnog tokena '%1' Search Traži Please enter the new SO PIN (PUK) for the token '%1' Unesite novi SO PIN (PUK) za pametni token '%1' The new label of the token '%1' Nova oznaka pametnog tokena '%1' The token '%1' did not contain any keys or certificates Token '%1' ne sadrži ni jedan ključ ili potvrdu Retry with PIN Probajte ponovo s PIN Retry with SO PIN Probajte ponovo sa SO PIN Current Password Trenutna zaporka Please enter the current database password Unesite trenutnu zaporku baze podataka The entered password is wrong Unesena zaporka je neispravna New Password Nova Zaporka Please enter the new password to encrypt your private keys in the database-file Unesite novu zaporku za kripciju privatnih ključeva u bazi podataka Transaction start failed Neuspješan početak transakcije Database: %1 Baza podataka: %1 The currently used PFX / PKCS#12 algorithm '%1' is insecure. Trenutno korišten PFX / PKCS#12 algoritam '%1' je nesiguran. Change Promijeni Please enter a password, that will be used to encrypt your private keys in the database: %1 Unesite zaporku za kripciju privatnih ključeva u bazi podataka: %1 Please enter a password, that will be used to encrypt your private keys in the database file: %1 Unesite novu zaporku, koja će se koristiti za kripciju Vaših privatnih ključeva u datoteci baze podataka: %1 Password verify error, please try again Greška provjere zaporke, pokušajte ponovo Password Zaporka Please enter the password for unlocking the database: %1 Unesite zaporku za otključavanje baze podataka: %1 The following error occurred: Dogodila se sljedeća greška: Copy to Clipboard Kopiraj u Clipboard Certificate Index ( index.txt ) Kazalo Potvrda ( index.txt ) All files ( * ) Sve datoteke ( * ) Diffie-Hellman parameters saved as: %1 Diffie-Hellman parametar spremljen kao: %1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits Diffie-Hellman parametri su potrebni za različite aplikacije, no XCA ih nije obradila. Unesite bitove za DH parametre Error opening file: '%1': %2 Greška u otvaranju datoteke: '%1': %2 NewCrl Create CRL Izradi CRL Dates Datumi last update posljednja obnova next update sljedeća obnova Days Dani? Dana Months Mjeseci Years Godina Midnight Ponoć Local time Lokal. vrijeme Apply Primjeni CRL number Broj CRL Hash algorithm Algoritam sažetka Hashing algorithm Algoritam sažetka Extensions Proširenja Authority key identifier Oznaka ključa Autoriteta Subject alternative name Alternativno ime subjekta Form Obrazac Last update Posljednja obnova Next update Sljedeća obnova Options Opcije CRL Number Broj CRL Revocation reasons Razlog za opoziv NewKey New key Novi ključ Please give a name to the new key and select the desired keysize Unesite ime novog ključa i odaberite njegovu dužinu Key properties Osobine ključa Name Ime The internal name of the new key Interno ime novog ključa Curve name Ime krivulje Usually at least 2048 bit keys are recommended Obično se savjetuje koristiti ključeve dužine najmanje 2048 bitova New Key Novi ključ Curve Krivulja Keysize Dužina ključa Usually 1024 or 2048 bit keys are used Uobičajene dužine ključa su 1024 i 2048 bita Keytype Vrsta ključa Remember as default Zapamti kao zadanu vrijednost Create Izradi NewX509 Create Izradi Source Izvor, mislim da je Zahtjev više u duhu jezika Zahtjev Signing request Zahtjev za izdavanje Show request Pokaži Prikaži zahtjev Sign this Certificate signing &request ovaj - da li treba? Potpiši ovaj &zahtjev za izdavanje potvrde Copy extensions from the request Kopiraj proširenja iz zahtjeva Modify subject of the request Promijeni Subjekt iz zahtjeva Signing Potpisivanje Create a &self signed certificate with the serial Stvori ili napravi ili izradi? Izradi &samopotpisanu potvrdu s ovim serijskim brojem If you leave this blank the serial 00 will be used Ako ovo ne ispunite koristiti će se serijski broj 00 1 1 Use &this Certificate for signing Koristi &ovu Potvrdu za potpisivanje All certificates in your database that can create valid signatures Sve potvrde u vašoj bazi podataka koje mogu izraditi valjani potpis Signature algorithm Algoritam potpisivanja Template for the new certificate Predložak za novu potvrdu All available templates Svi raspoloživi predlošci Apply extensions Primijeni proširenja Apply subject Primijeni subjekt Apply all Primijeni sve Subject Subjekt Distinguished name Jedinstveno ime (DN) Organisation Organizacija This name is only used internally and does not appear in the resulting certificate Ovo ime se samo interno koristi i neće se pojaviti u izrađenoj potvrdi Must be exactly 2 letter of size (DE, UK) Mora biti točno 2 velika slova (HR, UK) Country code Kod države State or Province U smislu savezna država Država ili Pokrajina Locality Mjesto Organisational unit Organizacijska jedinica E-Mail address E-mail adresa Internal name Interno ime Common name Uobičajeno ime Add Dodaj Delete Obriši Private key Privatni ključ This list only contains unused keys Ovaj popis sadrži samo neiskorištene ključeve Used keys too Korišteni ključevi također &Generate a new key &Generiraj novi ključ Extensions Proširenja Basic constraints Osnovna ograničenja Create a &self signed certificate Izradi &samopotpisanu potvrdu Internal Name Interno ime Type Vrsta If this will become a CA certificate or not Da li će ovo postati CA potvrda ili ne Not defined Nije definirano Certification Authority Tijelo ovjeravanja (CA) End Entity Krajnji subjekt Path length Dužina putanje How much CAs may be below this. Koliko CA može biti ispod ove CA. The basic constraints should always be critical Osnovna ograničenja bi uvijek trebala biti kritična osobina potvrde Key identifier Oznaka ključa Creates a hash of the key following the PKIX guidelines Izradi sažetak ključa sljedeći PKIX preporuke Copy the Subject Key Identifier from the issuer Kopiraj Oznaku ključa Subjekta iz izdavatelja Validity Nepobitnost, pravomoćnost, valjanost Valjanost Not before Od Not after Do Time range Vremensko razdoblje Days Dana Months Mjeseci Years Godina Apply Primjeni Set the time to 00:00:00 and 23:59:59 respectively Postavi vrijeme na 00:00:00 odnosno 23:59:59 Midnight Ponoć Local time Lokalno vrijeme No well-defined expiration Neodređeno trajanje subject alternative name Alternativno ime subjekta DNS: IP: URI: email: RID: DNS: IP: URI: email: RID: Edit Uredi issuer alternative name alternativno ime izdavatelja CRL distribution point Točka objave popisa opozvanih potvrda URI: URI: Authority Info Access Dohvat informacija Autoriteta (AIA) can be altered by the file "aia.txt" može biti promijenjeno pomoću datoteke "aia.txt" Key usage Namjena ključa Extended key usage Proširena upotreba ključa Netscape Netscape CA Revocation URL URL opoziva CA Revocation URL URL opoziva SSL server name SSL ime poslužitelja Certificate renewal URL URL za obnovu potvrde Comment Napomena CA policy URL URL politike CA Base URL Osnovni URL If you know a more pretty one tell me !!! Ovo vrijedi i za hrvatski prijevod Ako znate bolje, javite mi Advanced Napredno Validate Potvrditi Create a &self signed certificate with a MD5-hashed QA serial Izradi &samopotpisanu potvrdu s MD5 sažetkom CA serijskog broja Create Certificate signing request Izradi zahtjev za izdavanje potvrde (CSR) minimum size: %1 najmanja veličina: %1 maximum size: %1 najveća veličina: %1 only a-z A-Z 0-9 '()+,-./:=? samo a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters samo 7 bitni znaci XCA template XCA predložak Create x509 Certificate Izradi x509 Potvrdu From PKCS#10 request Iz PKCS#10 zahtjeva Other Tabs Druge Kartice Critical Ključan Create XCA template Izradi XCA predložak Edit XCA template Uredi XCA predložak Template '%1' applied Primijenjen obrazac '%1' Subject applied from template '%1' Subjekt primijenjen iz predloška '%1' Extensions applied from template '%1' Proširenja primijenjena iz predloška '%1' New key '%1' created Izrađen je novi ključ '%1' Advanced Tab Kartica Napredno Errors Greške Error Greška duplicate extensions duplicirana proširenja The Name Constraints are invalid Ograničenja imena su neispravna The Subject Alternative Name is invalid Alternativno ime subjekta je neispravno The Issuer Alternative Name is invalid Alternativno ime izdavatelja je neispravno The CRL Distribution Point is invalid Točka objave popisa opozvanih potvrda je neispravna The Authority Information Access is invalid Dohvat informacija Autoriteta je neispravno Abort rollout O uvođenju The following length restrictions of RFC3280 are violated: Sljedeća ograničenja dužine iz RFC3280 su prekršena: Edit subject Uredi subjekt Continue rollout Nastavi uvođenje The verification of the Certificate request failed. The rollout should be aborted. Provjera zahtjeva za izdavanje Potvrde nije uspješna. Uvođenje će biti prekinuto. Continue anyway Nastavi bez obzira na sve The internal name and the common name are empty. Please set at least the internal name. Interno ime i uobičajeno ime (CN) nisu popunjeni. Popunite barem interno ime. Edit name Uredi ime There is no Key selected for signing. Nije odabran Ključ za potpisivanje. Select key Odaberi ključ The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. Sljedeća polja jedinstvenog imena su nepopunjena: %1 premda ste ih označili kao obavezno prisutnima u meniju s opcijama. The key you selected for signing is not a private one. Ključ kojeg ste odabrali za potpisivanje nije privatni ključ. Select other signer Odaberite drugog potpisnika Select other key Odaberite drugi ključ The currently selected hash algorithm '%1' is insecure and should not be used. Trenutno odabrani algoritam sažetka '%1' je nesiguran i ne bi ga trebalo koristiti. Select other algorithm Odaberite drugi algoritam Use algorithm anyway Koristi ipak taj algoritam The certificate will be earlier valid than the signer. This is probably not what you want. Početak valjanosti potvrde je prije početka valjanosti potvrde potpisnika (ovjeritelja). To vjerojatno nije ono što ste htjeli. Edit dates Uredi datume Adjust date and continue Podesi datum i nastavi The certificate will be longer valid than the signer. This is probably not what you want. Kraj valjanosti potvrde je nakon isteka valjanosti potvrde potpisnika (ovjeritelja). To vjerojatno nije ono što ste htjeli. The certificate will be out of date before it becomes valid. You most probably mixed up both dates. Potvrda će prestati važiti prije nego što je izdana. Vjerojatno ste zamijenili datume. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. Potvrda sadrži neispravna ili duplicirana proširenja. Provjerite valjanost na Kartici Napredno. The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. Potvrda ne sadrži proširenja. Možete primijeniti proširenja na neki od predložaka kako bi definirali svrhu potvrde. The certificate contains invalid extensions. Potvrda sadrži neispravna proširenja. Edit extensions Uredi proširenja The subject alternative name shall contain a copy of the common name. However, the common name is empty. Alternativno ime subjekta treba sadržavati kopiju uobičajenog imena. Međutim, uobičajeno ime nije definirano. A name constraint of the issuer '%1' is violated: %2 Ograničenje naziva izdavatelja '%1' je prekršeno: %2 Configfile error on line %1 Greška u konfiguracijskoj datoteci u liniji %1 OidResolver OID Resolver Prevoditelj OID Enter the OID, the Nid, or one of the textual representations Unesite OID, Nid ili neki oblik imena Search Traži OID OID Long name Puno ime OpenSSL internal ID Interni OpenSSL ID Nid Nid Short name Skraćeno ime OpenDb Dialog Dijalog Open remote database Otvori udaljenu bazu Database type Vrsta baze podataka Hostname Ime stroja Username Korisničko ime Password Zaporka Database name Ime baze podataka Table prefix Predmetak tablice No SqLite3 driver available. Please install the qt-sqlite package of your distribution Nedostaje upravljački program za SqLite3. Iz vaše distribucije instalirajte paket qt-sqlite Please enter the password to access the database server %2 as user '%1'. Unesite zaporku za pristup poslužitelju baze podatka %2 kao korisnik '%1'. The database driver does not support transactions. This may happen if the client and server have different versions. Continue with care. Upravljački program baze podataka ne podržava transakciju. Mogući uzrok je različita verzija na klijentu i poslužitelju. Nastavite oprezno. Options XCA Options XCA Opcije Mandatory subject entries Obavezne stavke subjekta Add Dodaj Delete Obriši Default hash algorithm Zadani algoritam sažetka Settings Postavke String types Vrste nizova Suppress success messages Izostavi poruke o uspješnoj akciji Don't colorize expired certificates Nemoj obojiti istekle potvrde Translate established x509 terms (%1 -> %2) Prevedi uobičajene x509 pojmove (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. XCA ne koristi funkcionalnost sažetka tokena. XCA će možda prihvatiti ograničeni skup sažetka koje pruža token. Posebno EC i DSA su samo definirani sa SHA1 u PKCS#11 specifikaciji. Only use hashes supported by the token when signing with a token key Kod potpisivanja ključem iz tokena koristi samo sažetke koje podržava token Disable legacy Netscape extensions Deaktiviraj/isključi zastarjela Netscape proširenja Onemogući nasljeđena Netscape proširenja PKCS12 encryption algorithm PKCS12 algoritam kriptiranja Certificate expiry warning threshold Prag upozorenja o isteku potvrde Send vCalendar expiry reminder Pošalji vCalendar podsjetnik o isteku Serial number length Dužina serijskog broja bit bita Distinguished name Jedinstveno ime Explicit subject entries Izričite stavke subjekta Dynamically arrange explicit subject entries Dinamički posloži izričite stavke subjekta Default Osnovno Zadano PKCS#11 provider PKCS#11 poslužitelj Remove Izbaci Search Traži Printable string or UTF8 (default) !!! Ispisljivi koja je alternativa za Čitljivi Čitljivi niz ili UTF8 (zadani odabir) PKIX recommendation in RFC2459 PKIX preporuke iz RFC2459 No BMP strings, only printable and T61 Ne BMP nizovi, samo čitljivi i T61 UTF8 strings only (RFC2459) Samo UTF8 nizovi (RFC2459) All strings Svi nizovi Days Dana Weeks Tjedana Load failed Učitavanje nije uspjelo PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) Zaporka se rastavlja i tumači kao 2 znamenkasti heksadecimalni kod. Mora imati paran broj znamenki (0-9 and a-f) Take as HEX string Uzmi heksadekadni niz Password Zaporka Repeat %1 Ponovi %1 %1 mismatch %1 je neodgovarajući Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters Heksadecimalna zaporka smije sadržavati samo znakove '0' - '9' i 'a' - 'f' i mora se sastojati od parnog broja znakova Exit Izlaz E&xit I&zlaz QMessageBox Ok U redu Close Zatvori Cancel Odustani Apply Primijeni Yes Da No Ne QObject Undefined Nedefinirano Broken / Invalid Poništen / Neispravan in %1 seconds za %1 sekundi %1 seconds ago prije %1 sekundi in %1 minutes za %1 minuta %1 minutes ago prije %1 minuta Yesterday Jučer Tomorrow Sutra in %1 hours za %1 sati %1 hours ago prije %1 sati DB: Rename: '%1' already in use DB: Preimenuj: '%1' je već u upotrebi DB: Entry to rename not found: %1 DB: Stavka za preimenovati nije pronađena: %1 DB: Write error %1 - %2 DB: Greška u pisanju %1 - %2 Out of data Nema podatka Error finding endmarker of string Greška u traženju oznake kraja niza Out of Memory at %1:%2 Ponestalo slobodne memorije u %1:%2 All files ( * ) Sve datoteke ( * ) PKI Keys ( *.pem *.der *.key );;PKCS#8 Keys ( *.p8 *.pk8 );; PKI ključevi ( *.pem *.der *.key );;PKCS#8 ključevi ( *.p8 *.pk8 );; PKI Keys ( *.pem *.der *.key );;PKCS#8 Keys ( *.p8 *.pk8 );;SSH Public Keys ( *.pub );; PKI ključevi ( *.pem *.der *.key );;PKCS#8 ključevi ( *.p8 *.pk8 );;SSH javni ključevi ( *.pub );; Import RSA key Uvezi RSA ključ PKCS#10 CSR ( *.pem *.der *.csr );;Netscape Request ( *.spkac *.spc );; PKCS#10 CSR ( *.pem *.der *.csr );;Netscape zahtjev ( *.spkac *.spc );; PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; SSH Public Keys ( *.pub );; PKI ključevi ( *.pem *.der *.key );; PKCS#8 ključevi ( *.p8 *.pk8 );; SSH javni ključevi ( *.pub );; PKCS#10 CSR ( *.pem *.der *.csr );; Netscape Request ( *.spkac *.spc );; PKCS#10 CSR ( *.pem *.der *.csr );; Netscape zahtjev ( *.spkac *.spc );; PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK Keys ( *.pvk );; SSH Public Keys ( *.pub );; PKI ključevi ( *.pem *.der *.key );; PKCS#8 ključevi ( *.p8 *.pk8 );; Microsoft PVK ključevi ( *.pvk );; SSH javni ključevi ( *.pub );; PKCS#10 CSR ( *.pem *.der *.csr );; PKCS#10 CSR ( *.pem *.der *.csr );; Import Request Uvezi zahtjev Certificates ( *.pem *.der *.crt *.cer );; Potvrde ( *.pem *.der *.crt *.cer );; Import X.509 Certificate Uvezi x509 Potvrdu PKCS#7 data ( *.p7s *.p7m *.p7b );; PKCS#7 podaci ( *.p7s *.p7m *.p7b );; Import PKCS#7 Certificates Uvezi PKCS#7 Potvrde PKCS#12 Certificates ( *.p12 *.pfx );; PKCS#12 Potvrde ( *.p12 *.pfx );; Import PKCS#12 Private Certificate Uvezi PKCS#12 Privatne Potvrde XCA templates ( *.xca );; XCA predlošci ( *.xca );; Import XCA Templates Uvezi XCA Predloške Revocation lists ( *.pem *.der *.crl );; Popis opozvanih potvrda ( *.pem *.der *.crl );; Import Certificate Revocation List Uvezi Popis Opozvanih Potvrda XCA Databases ( *.xdb );; XCA Baze podataka ( *.xdb );; Open XCA Database Otvori XCA Bazu podataka OpenVPN tls-auth key ( *.key );; OpenVPN tls-auth ključ ( *.key );; Import OpenVPN tls-auth key Uvezi OpenVPN TLS-auth ključ PKCS#11 library ( *.dll );; PKCS#11 knjižnica ( *.dll );; PKCS#11 library ( *.dylib *.so );; PKCS#11 knjižnica ( *.dylib *.so );; PKCS#11 library ( *.so );; PKCS#11 knjižnica ( *.so );; Open PKCS#11 shared library Otvori PKCS#11 dijeljenu knjižnicu PEM files ( *.pem );; PEM datoteke ( *.pem );; Load PEM encoded file Učitaj PEM kodiranu datoteku Please enter the PIN on the PinPad Unesite PIN u PinPad Please enter the SO PIN (PUK) of the token %1 Unesite SO PIN (PUK) tokena %1 Please enter the PIN of the token %1 Unesite PIN tokena %1 No Security token found Nije pronađen pametni token Select Odaberi Please enter the new SO PIN (PUK) for the token: '%1' Unesite novi SO PIN (PUK) za token: '%1' Please enter the new PIN for the token: '%1' Unesite novi PIN za token: '%1' Required PIN size: %1 - %2 Obavezna dužina PIN: %1 - %2 Failed to open PKCS11 library: %1 Neuspješno otvaranje PKCS11 knjižnice: %1 Invalid filename: %1 ime / naziv Neispravno ime datoteke: %1 Failed to open PKCS11 library: %1: %2 Neuspješno otvaranje PKCS11 knjižnice: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Ovo ne izgleda kao PKCS#11 knjižnica. Simbol 'C_GetFunctionList' nije pronađen. Disabled Onemogućen Library loading failed Neuspješno učitavanje knjižnice PKCS#11 function '%1' failed: %2 PKSC#11 funkcija '%1'prijavila grešku: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 PKCS#11 function '%1' failed: %2 U knjižnici %3 %4 Invalid Neispravno %1 is shorter than %2 bytes: '%3' %1 je kraće od %2 okteta: '%3' %1 is longer than %2 bytes: '%3' %1 je duže od %2 okteta: '%3' Country code Kod države State or Province Država ili Pokrajina Locality Mjesto Organisation Organizacija Organisational unit Organizacijska jedinica Common name Uobičajeno ime E-Mail address E-mail adresa Serial number Serijski broj Given name Ime Surname Prezime Title Titula Initials Inicijali Description Opis Role Funkcija Pseudonym Pseudonim Generation Qualifier Oznaka Generacije x500 Unique Identifier x500 Jedinstveni Identifikator Name Ime DN Qualifier DN Oznaka Unstructured name Nestrukturirano ime Challenge password Zaporka za izazov Basic Constraints Osnovna Ograničenja Name Constraints Ograničenja imena Subject alternative name Alternativno ime subjekta subject alternative name alternativno ime subjekta issuer alternative name alternativno ime izdavatelja Subject key identifier Oznaka ključa Subjekta Authority key identifier Oznaka ključa Autoriteta Key usage Namjena ključa Extended key usage Proširena upotreba ključa CRL distribution points Mjesta objave popisa opozvanih potvrda Authority information access Dohvat informacija Autoriteta Certificate type Vrsta Potvrde Base URL Osnovni URL Revocation URL URL opoziva CA Revocation URL URL opoziva CA Certificate renewal URL URL za obnovu potvrde CA policy URL URL politike CA SSL server name SSL ime poslužitelja Comment Napomena String '%1' for '%2' contains invalid characters Niz'%1' za '%2' sadrži nevažeće znakove Error reading config file %1 at line %2 Greška u konfiguracijskoj datoteci %1 u liniji %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. Objekt '%1' iz datoteke %2 linija %3 je već poznat kao '%4:%5:%6' i potrebno ga je ukloniti. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. Identifikator '%1' za OID %2 iz datoteke %3 linija %4 je već iskorišten za drugi OID kao '%5:%6:%7' i potrebno ga je promijeniti da se izbjegne nesporazum. Unknown object '%1' in file %2 line %3 Nepoznati objekt '%1' u datoteci %2 linija %3 Failed to start a database transaction Neuspješno pokretanje transakcije na bazi podataka Index file written to '%1' Datoteka kazala upisana u '%1' Index hierarchy written to '%1' Hijerarhija kazala upisana u '%1/ Ljestvica kazala upisana u '%1' Unknown key type %1 Nepoznata vrsta ključa %1 Failed to write PEM data to '%1' Neuspješno pisanje PEM podataka u '%1' Password verify error, please try again Greška provjere zaporke, pokušajte ponovo The following error occurred: Dogodila se sljedeća greška: Failed to update the database schema to the current version Nije moguće modernizirati shemu baze podataka na trenutnu inačicu Password Zaporka insecure nesigurno ReqTreeView Sign Potpiši Unmark signed Skini oznaku s potpisanih Mark signed Označi potpisane Similar Request Sličan zahtjev Certificate request export Izvoz zahtjeva za izdavanje potvrde Certificate request ( *.pem *.der *.csr ) Zahtjev za izdavanje potvrde ( *.pem *.der *.csr ) RevocationList Manage revocations Upravljaj opozivima Add Dodaj Delete Obriši Edit Uredi No. Br. Serial Serijski broj Revocation Opoziv Reason Razlog Invalidation Poništenje Generate CRL Izradi CRL Revoke Revocation details Detalji opoziva Invalid since Nevažeće od Local time Lokalno vrijeme Certificate revocation Opoziv potvrde Revocation reason Razlog za opoziv Serial Serijski broj SearchPkcs11 Dialog Dijalog Directory Mapa ... ... Include subdirectories Uključi podmape Search Traži The following files are possible PKCS#11 libraries Sljedeće datoteke su potencijalno PKCS#11 knjižnice SelectToken Select Token Odaberi token Security token Pametni token Please select the security token Odaberite pametni token TempTreeView Duplicate Dupliciraj Create certificate Izradi potvrdu Create request Izradi zahtjev copy kopiraj Preset Template values Postavljanje vrijednosti Predloška Template export Izvoz predloška XCA Templates ( *.xca ) XCA Predlošci ( *.xca ) TrustState Set trustment of the Certificate Podesi pouzdanost Potvrde Certificate trust Povjerenje u potvrdu Trustment Pouzdanost &Never trust this certificate &Nikad ne vjeruj ovoj potvrdi Only &trust this certificate, if we trust the signer &Vjeruj potvrdi, ali samo ako vjerujemo izdavatelju &Always trust this certificate &Uvijek vjeruj ovoj potvrdi Validity yyyy-MM-dd hh:mm yyyy-MM-dd hh:mm X509SuperTreeView OpenSSL config OpenSSL konfiguracija Transform Preobrazi Template Predložak Public key Javni ključ Save as OpenSSL config Spremi kao OpenSSL konfiguraciju Config files ( *.conf *.cnf);; All files ( * ) Konfiguracijske datoteke ( *.conf *.cnf);; Sve datoteke ( * ) Public Key Javni ključ XFile Error opening file: '%1': %2 Greška u otvaranju datoteke: '%1': %2 Error rewinding file: '%1': %2 Greška u premotavanju datoteke: '%1': %2 XcaDetail Import Uvezi XcaTreeView Subject entries Stavke subjekta X509v3 Extensions X509v3 Proširenja Netscape extensions Netscape proširenja Key properties Osobine ključa Reset Vrati na početak Remove Column Izbaci Stupac Item properties Osobine stavke Hide Column Sakrij Stupac Details Detalji Columns Stupci Export Password Zaporka za izvoz Please enter the password to encrypt all %n exported private key(s) in: %1 Singular form for 0 or 1 item can be ignored. Will always be called with n >= 2 Unesite zaporku za kriptiranje %n izvezenog privatnog ključa u: %1 Unesite zaporku za kriptiranje %n izvezena privatna ključa u: %1 Unesite zaporku za kriptiranje svih %n izvezenih privatnih ključeva u: %1 New Novo Import Uvezi Paste PEM data Zalijepi PEM podatke Rename Preimenuj Properties Osobine Delete Obriši Export Izvezi Clipboard Međuspremnik File Datoteka Clipboard format Format međuspremnika database_model Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Detektiran stari format baze podataka. Izrađujem rezervnu kopiju s imenom: '%1' i pretvaram bazu podataka u novi format Failed to rename the database file, because the target already exists Nije moguće preimenovati datoteku baze podataka, ciljano ime već postoji Please enter the password to access the database server %2 as user '%1'. Unesite zaporku za pristup poslužitelju baze podatka %2 kao korisnik '%1'. Unable to create '%1': %2 Nije moguće stvoriti '%1': %2 The file '%1' is not an XCA database Datoteka '%1' nije XCA baza podataka No SqLite3 driver available. Please install the qt-sqlite package of your distribution Nedostaje upravljački program za SqLite3. Iz vaše distribucije instalirajte paket qt-sqlite New Password Nova Zaporka Please enter a password, that will be used to encrypt your private keys in the database: %1 Unesite zaporku za kripciju privatnih ključeva u bazi podataka: %1 Password Zaporka Please enter the password for unlocking the database: %1 Unesite zaporku za otključavanje baze podataka: %1 db_base Internal name Interno ime Bad database item Name: %1 Type: %2 Size: %3 %4 Loša stavka baze podatka Ime: %1 Vrsta: %2 Veličina: %3 %4 Do you want to delete the item from the database? The bad item may be extracted into a separate file. Da li želite izbrisati stavku iz baze podataka? Pogrešne stavke mogu biti izdvojene u zasebnu datoteku. Delete Brisanje Obriši Delete and extract Obriši i izdvoji Continue Nastavi Error opening file: '%1': %2 Greška u otvaranju datoteke: '%1': %2 No. Broj Br. Primary key Osnovni ključ Database unique number Jedinstven broj baze podataka Date Datum Date of creation or insertion Datum stvaranja ili umetanja Source Izvor Generated, Imported, Transformed Izrađen, Uvezen, Preinačen Comment Napomena First line of the comment field Prva linija polja za komentar Import from: %1 Uvoz iz: %1 Could not create directory %1 Ne može se kreirati mapa %1 Item properties Osobine stavke How to export the %1 selected items Kako da izvezemo %1 odabranih stavki All in one PEM file Sve u jednoj PEM datoteci Each item in one file Svaka stavka u zasebnoj datoteci Save %1 items in one file as Spremi %1 stavki u jednoj datoteci kao PEM files ( *.pem );; All files ( * ) PEM datoteke ( *.pem );; Sve datoteke ( * ) PEM Files( *.pem );; All files ( * ) PEM datoteke (*.pem);; Sve datoteke ( * ) Subject entries Stavke subjekta X509v3 Extensions X509v3 Proširenja Netscape extensions Netscape proširenja Reset Vrati na početak Paste PEM data Zalijepi PEM podatke Columns Stupci db_crl Signer Potpisnik Internal name of the signer Interno ime potpisnika No. revoked Broj opozvanih Number of revoked certificates Broj opozvanih potvrda Last update Zadnja obnova Next update Sljedeća obnova CRL number Broj CRL The revocation list already exists in the database as: '%1' and so it was not imported Popis opozvanih potvrda već postoji u bazi podataka kao: '%1' i zbog toga nije uvezen CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) There are no CA certificates for CRL generation Nema CA potvrda za izradu liste opozvanih potvrda Select CA certificate Odaberi CA potvrdu Create CRL Izradi CRL Failed to initiate DB transaction Neuspješno pokretanje promjene baze podataka Database error: %1 Greška u bazi podataka: %1 Database error: Greška u bazi podataka: Revocation list export Izvoz popisa opozvanih potvrda Import Uvezi Rename Preimenuj Export Izvoz Clipboard Clipboard File Datoteka Delete Obriši db_key Type Vrsta Size Dužina EC Group EC Grupa Use Namjena Password Zaporka The key is already in the database as: '%1' and is not going to be imported Ključ već postoji u bazi podataka kao: '%1' i zbog toga nije uvezen The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key Baza podataka već sadrži javni dio uvezenog ključa kao '%1 i biti će nadopunjena s novim, privatnim dijelom ključa Extending public key from %1 by imported key '%2' Proširivanje javnog ključa iz %1 uvezenim ključem '%2' Key size too small ! Prekratki ključ! You are sure to create a key of the size: %1 ? Da li stvarno želite izraditi ključ dužine: %1 ? Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable Da li da originalni ključ '%1' treba biti zamijenjen ključem s tokena? To će obrisati ključ '%1' i zabraniti njegov izvoz New Key Novi ključ Import Uvezi Rename Preimenuj Show Details Prikaži Detalje Delete Obriši Export Izvoz Clipboard Međuspremnik File Datoteka Change password Promjena zaporke Reset password Postavi početnu zaporku Change PIN Promijeni PIN Init PIN with SO PIN (PUK) Pripremi PIN pomoću SO PIN (PUK) Change SO PIN (PUK) Promijeni SO PIN (PUK) Store on Security token Spremi na Pametni token Export public key [%1] Izvezi javni ključ [%1] PEM public PEM javni DER public DER javni SSH2 public SSH2 javni Export keys to Clipboard Izvezi ključeve u Međuspremnik DER private DER privatni PEM encryped PEM kriptirani PKCS#8 PKCS#8 PEM private PEM privatni SSH2 private SSH2 privatni PVK private PVK privatni PVK encrypted PVK kriptirani PKCS#8 encrypted PKCS#8 kriptirani Export private key [%1] Izvezi privatni ključ [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Privatni ključevi ( *.pem *.der *.pk8 );; SSH javni ključevi ( *.pub ) Internal error Interna greška Internal key update: The keys: %1 must be updated once by resetting and setting its private password Obnova internog ključa: Ključevi: %1 moraju biti jednokratno obnovljeni poništenjem i novim postavljanjem privatnih zaporki Tried to change password of a token Pokušaj promjene zaporke tokena Tried to change PIN of a key Pokušaj promjene PIN ključa Tried to init PIN of a key Pokušaj inicijalizacije PIN ključa Tried to change SO PIN of a key Pokušaj inicijalizacije SO PIN ključa db_temp Type Vrsta Bad template: %1 Loš predložak: %1 Nothing Ništa Empty template Prazan predložak Preset Template values Postavljanje vrijednosti Predloška XCA templates ( *.xca );; All files ( * ) XCA predlošci ( *.xca );; Sve datoteke ( * ) copy kopiraj Save template as Spremi predložak kao XCA templates ( *.xca);; All files ( * ) XCA predlošci ( *.xca );; Sve datoteke ( * ) New Template Novi Predložak Import Uvezi Rename Preimenuj Export Izvoz Change Promijeni Delete Brisanje Duplicate Podvostruči Create certificate Izradi potvrdu Create request Izradi zahtjev db_x509 CA CA reflects the basic Constraints extension odražava proširenja osnovna Ograničenja Serial Serijski broj md5 fingerprint md5 sažetak sha1 fingerprint sha1 sažetak sha256 fingerprint sha256 sažetak Start date Početni datum not Before Od Expiry date Datum isteka valjanosti not After Do MD5 fingerprint MD5 sažetak SHA1 fingerprint SHA1 sažetak SHA256 fingerprint SHA256 sažetak Not before Od Not after Do Trust state Stupanj pouzdanosti Revocation Opoziv CRL Expiration Rok trajanja CRL Plain View Običan pregled Tree View Stablast pregled Failed to create directory '%1' Neuspješno stvaranje mape '%1' Failed to retrieve unique random serial Nuspješno pronalaženje jedinstvenog slučajnog broja The certificate already exists in the database as: '%1' and so it was not imported Potvrda već postoji u bazi podataka kao: '%1' i zbog toga nije uvezena Signed on %1 by '%2' Potpisano %1 od '%2' Unknown Nepoznato Invalid public key Neispravan javni ključ PKCS#7 unrevoked PKCS#7 neopozvani vCalendar vCalendar CA vCalendar CA vCalendar X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) X509 potvrde ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) days dana No template Nema predloška Please enter the new hexadecimal secret number for the QA process. !!! Bolji rješenje za QA proces? Unesite novi heksadecimalni tajni broj za QA proces. The QA process has been terminated by the user. QA proces je prekinut od strane korisnika. The key you selected for signing is not a private one. Ključ kojeg ste odabrali za potpisivanje nije privatni ključ. Store the certificate to the key on the token '%1 (#%2)' ? Spremiti potvrdu k ključu na token '%1 (#%2)' ? PKCS#7 chain PKCS#7 lanac PKCS#12 chain PKCS#12 lanac PKCS#7 trusted PKCS#7 pouzdan PKCS#7 all PKCS#7 svi PEM unrevoked PEM nepozovani Certificate Index file Datoteka kazalo Potvrda New Certificate Nova Potvrda Import Uvezi Import PKCS#12 Uvezi PKCS#12 Import from PKCS#7 Uvezi PKCS#7 Rename Preimenuj Show Details Prikaži Detalje PEM chain PEM lanac PKCS #7 chain PKCS #7 lanac PKCS #12 chain PKCS #12 lanac PEM + key PEM + ključ PKCS #7 trusted PKCS #7 pouzdan PKCS #7 all PKCS #7 sve PEM trusted PEM pouzdan PEM all PEM sve Extract public Key Izdvoji javni ključ Export Izvoz Clipboard Clipboard File Datoteka Request Zahtjev Security token Pametni token Other token Drugi token Template Predložak OpenSSL config OpenSSL konfiguracija Transform Preobrazi Public Key Javni ključ Similar Certificate Slična potvrda Delete Brisanje Delete from Security token Obriši s pametnog tokena Trust Povjerenje Properties Osobine Generate CRL Izradi CRL PKCS#7 PKCS#7 Sign Potpiši Encrypt Kriptiraj Renewal Obnovi Unrevoke Nemoj opozvat Revoke Opozovi Certificate export Izvoz potvrde X509 Certificates ( *.pem *.cer *.crt *.p12 *.p7b ) X509 potvrde ( *.pem *.cer *.crt *.p12 *.p7b ) There was no key found for the Certificate: '%1' Nije pronađen ključ za Potvrdu: '%1' Not possible for a token key: '%1' Nije moguće za ključ s tokena: '%1' Error opening file: '%1': %2 Greška u otvaranju datoteke: '%1': %2 Not possible for the token-key Certificate '%1' Nije moguće za potvrdu s ključem na tokenu '%1' There was no key found for the Certificate: Nije pronađen ključ za Potvrdu: days dana db_x509name Subject Subjekt Complete distinguished name Potpuno jedinstveno ime (DN) Subject hash Sažetak subjekta Hash to lookup certs in directories Sažmi za pregledavanje potvrda u katalogu Country code Kod države State or Province Država ili Pokrajina Locality Mjesto Organisation Organizacija Organisational unit Organizacijska jedinica Common name Uobičajeno ime E-Mail address E-mail adresa Serial number Serijski broj Given name Ime Surname Prezime Title Titula Initials Inicijali Description Opis Role Uloga Funkcija Pseudonym Pseudonim Generation Qualifier OID: 2.5.4.44 Oznaka Generacije x500 Unique Identifier x500 Jedinstveni Identifikator Name Ime DN Qualifier DN Oznaka Unstructured name Nestrukturirano ime Challenge password Zaporka za izazov Basic Constraints Osnovna Ograničenja subject alternative name alternativno ime subjekta issuer alternative name alternativno ime izdavatelja Subject key identifier Oznaka ključa Subjekta Authority key identifier Oznaka ključa Autoriteta Key usage Namjena ključa Extended key usage Proširena upotreba ključa CRL distribution points Točka objave popisa opozvanih potvrda Authority information access Dohvat informacija Autoriteta Certificate type Vrsta Potvrde Base URL Osnovni URL Revocation URL URL opoziva CA Revocation URL URL opoziva CA Certificate renewal URL URL za obnovu potvrde CA policy URL URL politike CA SSL server name SSL ime poslužitelja Comment Napomena db_x509req Signed Potpisan whether the request is already signed or not da li je zahtjev već potpisan ili ne Unstructured name Nestrukturirano ime Challenge password Zaporka za izazov Certificate count Broj potvrda Number of certificates in the database with the same public key Broj potvrda s istim javnim ključem spremljenih u bazi podataka The certificate signing request already exists in the database as '%1' and thus was not stored Zahtjev za izdavanje potvrde već postoji u bazi podataka kao '%1' i zbog toga nije spremljen Certificate request ( *.pem *.der *.crl ) Zahtjev za izdavanje potvrde ( *.pem *.der *.crl ) Certificate request export Izvoz zahtjeva za izdavanje potvrde New Request Novi Zahtjev Import Uvezi Extract public Key Izdvoji javni ključ Rename Preimenuj Show Details Prikaži Detalje Sign Potpiši Export Izvoz Clipboard Clipboard File Datoteka Transform Preobrazi Template Predložak OpenSSL config OpenSSL konfiguracija Certificate request ( *.pem *.der *.csr ) Zahtjev za izdavanje potvrde ( *.pem *.der *.csr ) Public Key Javni ključ Similar Request Sličan zahtjev Delete Brisanje db_x509super Key name Ime ključa Internal name of the key Interno ime ključa Signature Algorithm Algoritam potpisa Signature algorithm Algoritam potpisa Key type Vrsta ključa Key size Dužina ključa EC Group EC Grupa Extracted from %1 '%2' Izdvojeno iz %1 '%2' Certificate Potvrda Certificate request Zahtjev za potvrdu Save as OpenSSL config Spremi kao OpenSSL konfiguraciju Config files ( *.conf *.cnf);; All files ( * ) Konfiguracijske datoteke ( *.conf *.cnf);; Sve datoteke ( * ) The following extensions were not ported into the template Sljedeća proširenja neće biti uključena u predložak Transformed from %1 '%2' Preobraženo iz %1 '%2' kvView Type Vrsta Content Sadržaj pass_info Password Zaporka PIN PIN pkcs11_lib Failed to open PKCS11 library: %1: %2 Neuspješno otvaranje PKCS11 knjižnice: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Ovo ne izgleda kao PKCS#11 knjižnica. Simbol 'C_GetFunctionList' nije pronađen. pki_base Error opening file: '%1': %2 Greška u otvaranju datoteke: '%1': %2 Error writing to file: '%1': %2 Greška u pisanju u datoteku: '%1': %2 Unknown Nepoznato Imported Uvezeno Generated Izrađeno Transformed Preobraženo Token Token Legacy Database Nasljeđena baza podataka Renewed Obnovljeno Property '%1' not listed in 'pki_base::print' Karakteristika '%1' nije navedena u 'pki_base::print' Error: Greška: Internal error: Unexpected message: %1 %2 Interna greška: Neočekivana poruka: %1 %2 pki_crl Successfully imported the revocation list '%1' Uspješno uvezen popis opozvanih potvrda '%1' Delete the revocation list '%1'? Obrisati listu opozvanih potvrda '%1'? Successfully created the revocation list '%1' Uspješno izrađen popis opozvanih potvrda '%1' Delete the %1 revocation lists: %2? Obriši %1 popis opozvanih potvrda '%2'? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. Nije moguće učitati popis opozvanih potvrda %1. Proban je PEM i DER format CRL. No issuer given Nije naveden izdavatelj Wrong Size %1 Pogrešna Dužina %1 Delete the %n revocation list(s): '%1'? Obrisati %n listu opozvanih potvrda: '%1'? Obrisati %n liste opozvanih potvrda: '%1'? Obrisati %n lista opozvanih potvrda: '%1'? CRL Renewal of CA '%1' due Krajnji rok za obnovu CRL od CA '%1' The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' Zadnji popis opozvanih potvrda izdan od CA '%1' ističe %2. Spremljen je u XCA bazi '%3' The XCA CRL '%1', issued on %3 will expire on %4. It is stored in the XCA database '%5' XCA CRL '%1', izdan %3 ističe %4. Spremljena je u XCA bazi '%5' unknown nepoznato Renew CRL: %1 Obnovi CRL: %1 The XCA CRL '%1', issued by the CA '%2' on %3 will expire on %4. It is stored in the XCA database '%5' XCA CRL '%1', izdan %3 od CA '%2' ističe %4. Spremljen je u XCA bazi '%5' pki_evp Failed to decrypt the key (bad password) Neuspješno dekriptiran ključ (pogrešna zaporka) Please enter the password to decrypt the private key. Unesite zaporku za dekripciju privatnog ključa. The key from file '%1' is incomplete or inconsistent. Ključ iz datoteke '%1' je nepotpun ili proturječan. Please enter the password to decrypt the private key from file: %1 Unesite zaporku za dekripciju privatnog ključa iz datoteke: %1 Unable to load the private key in file %1. Tried PEM and DER private, public and PKCS#8 key types. Nije moguće učitati privatni ključ u datoteci %1. Probani su PEM i DER privatni, javni i PKCS#8 tip ključeva. Failed to decrypt the key (bad password) %1 Neuspješno dekriptiran ključ (pogrešna zaporka) %1 Please enter the password to decrypt the private key %1. Unesite zaporku za dekripciju privatnog ključa: '%1'. Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. Nije moguće učitati privatni ključ u datoteci %1. Probani su PEM i DER privatni, javni, PKCS#8 tip ključeva i SSH2 format. Ignoring unsupported private key Ignoriram nepodržani privatni ključ Please enter the password to decrypt the private key: '%1' Unesite zaporku za dekripciju privatnog ključa: '%1' Password input aborted Prekinut unos zaporke Please enter the database password for decrypting the key '%1' Unesite zaporku baze podataka za dekripciju ključa '%1' Decryption of private key '%1' failed Dekripcija privatnog ključa '%1' nije uspjela Please enter the password to protect the private key: '%1' Unesite zaporku za zaštitu privatnog ključa: '%1' Please enter the database password for encrypting the key Unesite zaporku baze podataka za kripciju ključa Please enter the password to protect the PKCS#8 key '%1' in file: %2 Unesite zaporku za zaštitu PKCS#8 ključa '%1' u datoteci: %2 Please enter the password to protect the private key '%1' in file: %2 Unesite zaporku za zaštitu privatnog ključa: '%1' u datoteci: %2 Please enter the password protecting the PKCS#8 key '%1' Unesite zaporku za zaštitu PKCS#8 ključa '%1' Please enter the password protecting the Microsoft PVK key '%1' Unesite zaporku za zaštitu Microsoft PVK ključa '%1' Please enter the export password for the private key '%1' Unesite zaporku za izvoz privatnog ključa '%1' pki_export PEM Text format with headers PEM Tekst format sa zaglavljima Concatenated list of all selected items in one PEM text file Lista svih odabranih stavki spojena u jednu PEM datoteku PEM selected PEM odabran Concatenated list of all selected certificates in one PEM text file Lista svih odabranih stavki spojena u jednu PEM datoteku PEM chain PEM lanac Concatenated text format of the complete certificate chain in one PEM file Tekstualni format s cjelokupnim lancem potvrda spojenim u jednu PEM datoteku The complete certificate chain and the private key of the selected certificate with tags usable in OpenVPN configuration files Cijeli lanac povjerenja potvrda i privatni ključ odabrane potvrde s oznakama se može koristiti u OpenVPN konfiguracijskim datotekama PEM + key PEM + ključ Concatenation of the certificate and the unencrypted private key in one PEM file Spajanje potvrde i nekriptiranog privatnog ključa u jednu PEM datoteku Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Spajanje potvrde i kriptiranog privatnog ključa u PKCS#8 formatu u jednu datoteku All unusable Svi neupotrebljivi Concatenation of all expired or revoked certificates in one PEM file Tekstualni format sa isteklim ili povučenim potvrdama spojenim u jednu PEM datoteku PKCS#7 encoded single certificate Pojedinačni certifikat kodiran u PKCS#7 formatu All selected certificates encoded in one PKCS#7 file Sve odabrane potvrde kodirane u jednoj PKCS#7 datoteci PKCS #7 chain PKCS #7 lanac PKCS#7 encoded complete certificate chain Cjelokupni lanac potvrda kodiran u PKCS#7 formatu PKCS #7 unusable PKCS #7 neupotrebljivi PKCS#7 encoded collection of all expired or revoked certificates PKCS#7 kodirana zbirka svih isteklih ili opozvanih potvrda Binary DER encoded certificate Binarno DER kodirana potvrda PKCS #12 chain PKCS #12 lanac The complete certificate chain and the private key as encrypted PKCS#12 file Cjelokupni lanac potvrda i privatni ključ u kriptiranoj PKCS#12 datoteci PKCS #12 PKCS #12 The certificate and the private key as encrypted PKCS#12 file Potvrda i privatni ključ u kriptiranoj PKCS#12 datoteci Certificate Index file Kazalo datoteka Potvrda OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool Certificate Index datoteka na OpenSSL način, izrađena pomoću naredbe 'ca' kako zahtjeva OCSP alat vCalendar vCalendar vCalendar expiry reminder for the selected items vCalendar podsjetnik o prestanku važenja odabranih stavki CA vCalendar CA vCalendar vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL vCalendar podsjetnik o prestanku važenja sadrži sve izdane, važeće potvrde, sam CA certifikat i zadnji CRL OpenSSL config OpenSSL konfiguracija OpenSSL configuration file to create a certificate or request with the openssl commandline tool OpenSSL konfiguracijska datoteka za izradu certifikata ili zahtjev s openssl naredbom iz komandne linije OpenVPN tls-auth key OpenVPN tls-auth ključ The OpenVPN tls-auth key is a secret key shared between endpoints OpenVPN tls-auth ključ je tajni ključ dijeljen između krajnjih točaka JSON Web Kit JSON Web Kit The public key of the certificate in JSON Web Kit format with X.509 Certificate Thumbprint (x5t) Javni ključ potvrde u JSON Web Kit formatu s X.509 otiskom certifikata (x5t) JSON Web Kit chain JSON Web Kit lanac The public key of the certificate in JSON Web Kit format with X.509 Certificate Thumbprint (x5t) and certificate chain (x5c) Javni ključ potvrde u JSON Web Kit formatu s X.509 otiskom certifikata (x5t) i lancem potvrda (x5c) PEM public PEM javni Text format of the public key in one PEM file Tekstualni format javnog ključa u jednoj PEM datoteci PEM private PEM privatni Unencrypted private key in text format Nekriptirani privatni ključ u tekstualnom formatu PEM encrypted PEM kriptirani OpenSSL specific encrypted private key in text format Privatni ključ kriptiran na OpenSSL način u tekstualnom formatu SSH2 private SSH2 privatni SSH2 public SSH2 javni The public key encoded in SSH2 format Javni ključ kodiran u SSH2 formatu DER public DER javni Binary DER format of the public key Binarni DER format javnog ključa DER private DER privatni Unencrypted private key in binary DER format Nekriptirani privatni ključ u binarnom DER formatu PVK private PVK privatni Private key in Microsoft PVK format not encrypted Privatni ključ u Microsoft PVK formatu nije kriptiran XCA template in PEM-like format. Templates include the internal name and comment XCA predložak u formatu nalik PEM. Obrasci uključuju interno ime i komentar All selected XCA templates in PEM-like format. Templates include the internal name and comment Svi odabrni XCA predlošci u formatu nalik PEM. Obrasci uključuju interno ime i komentar PVK encrypted PVK kriptirani Encrypted private key in Microsoft PVK format Kriptirani privatni ključ u Microsoft PVK formatu PKCS #8 encrypted PKCS#8 kriptirani Encrypted private key in PKCS#8 text format Kriptirani privatni ključ u PKCS#8 tekst formatu PKCS #8 PKCS#8 Unencrypted private key in PKCS#8 text format Nekriptirani privatni ključ u PKCS#8 tekst formatu JSON Web Key private JSON Web Ključ privatni Unencrypted private key in JSON Web Key format Nekriptirani privatni ključ u JSON Web Key formatu JSON Web Key public JSON Web Ključ javni Public key in JSON Web Key format Javni ključ u JSON Web Key formatu Binary DER format of the certificate request Binarni DER format zahtjeva za potvrdu Binary DER format of the revocation list Binarni DER format popisa opozvanih potvrda vCalendar reminder for the CRL expiry date vCalendar podsjetnik o datumu isteka CRL XCA template in PEM-like format XCA predložak u formatu nalik PEM All selected XCA templates in PEM-like format Svi odabrani XCA predlošci u formatu nalik PEM pki_key Do you really want to export the private key unencrypted to the clipboard ? Da li stvarno želite izvesti u clipboard nekriptirani privatni ključ? Only export the public key Izvezi samo javni ključ Export the private key unencrypted Izvezi nekriptirani privatni ključ Successfully imported the %1 public key '%2' Uspješno uvezen %1 javni ključ '%2' Delete the %1 public key '%2'? Obrisati %1 javni ključ '%2'? Successfully imported the %1 private key '%2' Uspješno uvezen %1 privatni ključ '%2' Delete the %1 private key '%2'? Obrisati %1 privatni ključ '%2'? Successfully created the %1 private key '%2' Uspješno izrađen %1 privatni ključ '%2' Delete the %1 keys: %2? Obrisati %1 ključeva: %2? public key javni ključ Public key Javni ključ Successfully imported the %1 public key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key Uspješno uvezen %1 javni ključ '%2' Delete the %n %1 public key(s) '%2'? %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal name(s) of the key(s) Successfully imported the %1 private key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key Uspješno uvezen %1 privatni ključ '%2' Delete the %n %1 private key(s) '%2'? %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal name(s) of the key(s) Obrisati %n %1 privatni ključ '%2'? Obrisati %n %1 privatna ključa '%2'? Obrisati %n %1 privatnih ključeva '%2'? Successfully created the %1 private key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key Uspješno izrađen %1 privatni ključ '%2' Common Opće Private Privatno Bogus Lažno PIN PIN No password Bez zaporke Unexpected SSH2 content: '%1' Neočekivani SSH2 sadržaj: '%1' Invalid SSH2 public key Neispravan SSH2 javni ključ Failed writing to %1 Nije moguće pisati u %1 pki_multi Seek failed Neuspješno traženje No known PEM encoded items found Nije pronađena nijedna poznata PEM stavka pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 Unesite zaporku za dekripciju PKCS#12 datoteke: %1 Unable to load the PKCS#12 (pfx) file %1. Nije moguće učitati PKCS#12 (pfx) datoteku %1. The supplied password was wrong (%1) Unesena zaporka je neispravna (%1) Please enter the password to encrypt the key of certificate '%1' in the PKCS#12 file: %2 Unesite zaporku za kripciju ključa certifikata '%1' u PKCS#12 datoteku: %2 Please enter the password to encrypt the PKCS#12 file Unesite zaporku za kripciju PKCS#12 datoteke No key or no Cert and no pkcs12 Nema ključa ili nema Potvrde i nema PKSCS#12 pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. Nije moguće učitati PKCS#7 datoteku %1. Proban je PEM i DER format. pki_scard Successfully imported the token key '%1' !!! Da li je ključ s tokena ili ključ za token??? Uspješno uvezen ključ za token '%1' Delete the token key '%1'? Obrisati ključ za token '%1'? Successfully created the token key '%1' Uspješno izrađen ključ za token '%1' Delete the %1 keys: %2? Obrisati %1 ključeva: %2? Delete the private key '%1' from the token '%2 (#%3)' ? Obrisati privatni ključ '%1' s tokena '%2 (#%3)' ? This Key is already on the token Ovaj ključ se već nalazi na tokenu Select Slot of %1 Odaberi utor od %1 Only RSA and EC keys can be stored on tokens Samo RSA i EC ključevi mogu biti spremljeni na tokenu PIN input aborted Prekinut unos PIN-a Unable to find copied key on the token Nije moguće naći kopirani ključ na tokenu Please insert card: %1 %2 [%3] with Serial: %4 Umetnite karticu: %1 %2 [%3] s sa serijskim brojem: %4 Public Key mismatch. Please re-import card Neodgovarajući javni ključ. Molimo ponovo umetnite karticu Illegal Key generation method Nedozvoljeni način generiranja Ključa Unable to find generated key on card Nemoguće je pronaći ključ generiran na kartici Ignoring unsupported token key Ignoriram nepodržani ključ za token Wrong Size %1 Pogrešna Dužina %1 Delete the %n token key(s): '%1'? Obrisati %n ključ za token '%1'? Obrisati %n ključa za token '%1'? Obrisati %n ključeva za token '%1'? Token %1 Token %1 Failed to find the key on the token Nije moguće naći ključ na tokenu Invalid Pin for the token Pogrešan PIN za token Failed to initialize the key on the token Nije moguće inicijalizirati ključ na tokenu pki_temp Successfully imported the XCA template '%1' Uspješno uvezen XCA predložak '%1' Delete the XCA template '%1'? Obrisati XCA predložak '%1'? Successfully created the XCA template '%1' Uspješno izrađen XCA predložak '%1' Delete the %1 XCA templates: %2? Obrisati %1 XCA predloške: %2? Delete the %n XCA template(s): '%1'? Obrisati %n XCA predložak: '%1'? Obrisati %n XCA predloška: '%1'? Obrisati %n XCA predloška: '%1'? Wrong Size %1 Kriva Dužina %1 Template file content error (too small) Greška u sadržaju datoteke predloška (prekratka) Template file content error (bad size) Greška u sadržaju datoteke predloška (pogrešna dužina) Template file content error (too small): %1 Greška u sadržaju datoteke predloška (prekratka): %1 Not a PEM encoded XCA Template To nije PEM kodirani XCA Predložak Not an XCA Template, but '%1' To nije XCA Predložak, već '%1' Template file content error (bad size): %1 Greška u sadržaju datoteke predloška (pogrešna dužina): %1 Template file content error (bad length) :%1 Greška u sadržaju datoteke predloška (pogrešna veličina): %1 pki_x509 Successfully imported the certificate '%1' Uspješno uvezena potvrda '%1' Delete the certificate '%1'? Obrisati potvrdu '%1'? Successfully created the certificate '%1' Uspješno izrađena potvrda '%1' Delete the %1 certificates: %2? Obrisati %1 potvrdu: '%2'? Delete the %n certificate(s): '%1'? Obrisati %n potvrdu: '%1'? Obrisati %n potvrde: '%1'? Obrisati %n potvrda: '%1'? Unable to load the certificate in file %1. Tried PEM and DER certificate. Nije moguće učitati potvrdu u datoteci %1. Proban je PEM i DER format. Invalid OpenVPN tls-auth key Neispravan OpenVPN tls-auth ključ Failed to import tls-auth key Nije moguće uvesti tls-auth ključ Same tls-auth key already stored for this CA Isti tls-auth ključ je već spremljen za ovaj CA New tls-auth key successfully imported Novi tls-auth ključ je uspješno uvezen Existing tls-auth key successfully replaced Postojeći tls-auth ključ je uspješno zamijenjen This certificate is already on the security token Ova potvrda se već nalazi na pametnom tokenu Delete the certificate '%1' from the token '%2 (#%3)'? Obrisati potvrdu %1 s tokena '%2 (#%3)'? There is no key for signing ! Nema ključa za potpisivanje ! Wrong Size %1 Pogrešna Dužina %1 Renew certificate: %1 Obnovi potvrdu: %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' XCA potvrda '%1', izdana %2 ističe %3. Spremljena je u XCA bazi '%4' CRL Renewal of CA '%1' due Krajnji rok za obnovu CRL od CA '%1' The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' Zadnji popis opozvanih potvrda izdan od CA '%1' ističe %2. Spremljen je u XCA bazi '%3' Not trusted Nepouzdan Trust inherited Povjerenje naslijeđeno Always Trusted Uvijek vjeruj CRL expires: %1 Popis opozvanih potvrda ističe: %1 No Ne Yes Da pki_x509req Signing key not valid (public key) Neispravan ključ za potpisivanje (javni ključ) Successfully imported the %1 certificate request '%2' Uspješno uvezen %1 zahtjev za izdavanje potvrde '%2' Delete the %1 certificate request '%2'? Obriši %1 zahtjev za izdavanje potvrde '%2'? Successfully created the %1 certificate request '%2' Uspješno izrađen %1 zahtjev za izdavanje potvrde '%2' Delete the %1 certificate requests: %2? Obriši %1 zahtjev za izdavanje potvrde %2? Successfully imported the PKCS#10 certificate request '%1' Uspješno uvezen PKCS#10 zahtjev za izdavanje potvrde '%1' Delete the %n PKCS#10 certificate request(s): '%1'? Obriši %n PKCS#10 zahtjev za izdavanje potvrde '%1'? Obriši %n PKCS#10 zahtjeva za izdavanje potvrde '%1'? Obriši %n PKCS#10 zahtjeva za izdavanje potvrde '%1'? Successfully created the PKCS#10 certificate request '%1' Uspješno izrađen PKCS#10 zahtjev za izdavanje potvrde '%1' Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. Nije moguće učitati zahtjev za izdavanje potvrde u datoteci %1. Proban je PEM, DER SPKAC format. Signed Potpisan Unhandled Neobrađen Wrong Size %1 Kriva dužina %1 v3ext Copy Common Name Kopiraj uobičajeno ime Add Dodaj Delete Obriši Apply Primijeni Validate Potvrdi Cancel Odustani An email address or 'copy' Email adresa ili 'kopija' An email address Email adresa a registered ID: OBJECT IDENTIFIER registriran ID: OBJECT IDENTIFIER a uniform resource indicator jedinstveni identifikator resursa a DNS domain name DNS domensko ime an IP address IP adresa A registered ID: OBJECT IDENTIFIER Registriran ID: OBJECT IDENTIFIER A uniform resource indicator Jedinstveni identifikator resursa A DNS domain name or 'copycn' DNS domensko ime ili 'kopija cn' A DNS domain name DNS domensko ime An IP address IP adresa Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' Sintaksa: <OID>;TIP:tekst poput '1.2.3.4:UTF8:name' No editing. Only 'copy' allowed here Nema uređivanja. Ovdje je dozvoljeno samo 'kopija' Validation failed: '%1' %2 Neuspješna provjera: '%1' %2 Validation successful: '%1' Provjera uspješna: '%1' void There was no key found for the Certificate: Nije pronađen ključ za Potvrdu: Import Certificate signing request Uvezi zahtjev za izdavanje Potvrde (CSR) xcaWarning The following error occurred: Dogodila se sljedeća greška: Copy to Clipboard Kopiraj u Međuspremnik xcaWarningGui Copy to Clipboard Kopiraj u Međuspremnik xca-RELEASE.2.9.0/lang/xca_id.ts000066400000000000000000006016511477156507700161300ustar00rootroot00000000000000 CaProperties CA Properties Properti CA Form Formulir Days until next CRL issuing Berapa hari sampai penerbitan CRL selanjutnya Default template Templat baku CertDetail Details of the Certificate Rincian Sertifikat Serial Serial The serial number of the certificate Nomor seri sertifikat The internal name of the certificate in the database Nama internal sertifikat dalam basis data Status Status Internal name Nama internal Signature Tanda tangan Key Kunci Fingerprints Sidik jari MD5 MD5 An md5 hashsum of the certificate Hash md5 dari sertifikat SHA1 SHA1 A SHA-1 hashsum of the certificate Hash SHA-1 dari sertifikat SHA256 SHA256 A SHA-256 hashsum of the certificate Hash SHA-256 dari sertifikat Validity Validitas The time since the certificate is valid Sejak kapan sertifikat valid The time until the certificate is valid Sampai kapan sertifikat valid Subject Subjek Issuer Penerbit Extensions Ekstensi Validation Validasi Purposes Kegunaan Strict RFC 5280 validation Validasi RFC 5280 ketat Comment Komentar Attributes Atribut Show config Tampilkan konfig Show extensions Tampilkan ekstensi Show public key Tampilkan kunci publik This key is not in the database. Kunci ini tidak ada dalam basis data. Not available Tidak tersedia No verification errors found. Tidak ditemukan kesalahan verifikasi. Signer unknown Penandatangan tidak dikenal Self signed Tanda tangan mandiri Revoked at %1 Dicabut pada %1 Not valid Tidak valid Valid Valid Details of the certificate signing request Rincian dari certificate signing request CertExtend Certificate renewal Pembaruan sertifikat This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. Ini akan membuat suatu sertifikat baru sebagai salinan dari yang lama dengan nomor seri baru dan nilai validitas yang disesuaikan. Validity Validitas Not before Tidak sebelum Not after Tidak setelah Time range Rentang waktu Local time Waktu lokal Days Hari Months Bulan Years Tahun No well-defined expiration Tidak ada kedaluwarsa yang jelas Midnight Tengah malam Apply Terapkan Revoke old certificate Cabut sertifikat lama Replace old certificate Gantikan sertifikat lama Keep serial number Pertahankan nomor seri The certificate will be earlier valid than the signer. This is probably not what you want. Sertifikat akan valid lebih dini daripada penandatangan. Ini barangkali bukan yang Anda inginkan. Edit dates Sunting tanggal Abort rollout Gugurkan rollout Continue rollout Lanjutkan rollout Adjust date and continue Sesuaikan tanggal dan lanjutkan The certificate will be longer valid than the signer. This is probably not what you want. Sertifikat akan valid lebih lama daripada penandatangan. Ini barangkali bukan yang Anda inginkan. CertTreeView Hide unusable certificates Sembunyikan sertifikat yang tidak bisa dipakai Import PKCS#12 Impor PKCS#12 Import from PKCS#7 Impor dari PKCS#7 Request Permintaan Security token Token keamanan Other token Token lain Similar Certificate Sertifikat Serupa Delete from Security token Hapus dari Token keamanan CA CA Properties Properti Generate CRL Buat CRL Manage revocations Kelola pencabutan Import OpenVPN tls-auth key Impor kunci tls-auth OpenVPN Renewal Pembaruan Revoke Cabut Unrevoke Tak jadi cabut Plain View Tilikan Polos Tree View Tilikan Pohon days hari No template Tidak ada templat CA Properties Properti CA Certificate export Ekspor sertifikat X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) Sertifikat X509 ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) vCalendar entry ( *.ics ) Entri vCalendar ( *.ics ) OpenVPN file ( *.ovpn ) Berkas OpenVPN ( *.ovpn ) OpenVPN tls-auth key ( *.key ) Kunci tls-auth OpenVPN ( *.key ) ClickLabel Double click for details Klik ganda untuk rincian CrlDetail Details of the Revocation list Rincian dari Daftar pencabutan &Status &Status Version Versi Signature Tanda tangan Signed by Ditandatangani oleh Name Nama The internal name of the CRL in the database Nama internal dari CRL dalam basis data issuing dates tanggal penerbitan Next update Pembaruan selanjutnya Last update Pembaruan terakhir &Issuer Penerb&it &Extensions &Ekstensi &Revocation list Dafta&r pencabutan Comment Komentar Failed Gagal Unknown signer Penandatangan yang tidak dikenal Verification not possible Verifikasi tidak mungkin CrlTreeView There are no CA certificates for CRL generation Tidak ada sertifikat CA untuk pembangkitan CRL Select CA certificate Pilih sertifikat CA Revocation list export Ekspor daftar pencabutan CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) vCalendar entry ( *.ics ) Entri vCalendar ( *.ics ) ExportDialog Name Nama The internal name of the CRL in the database Nama internal CRL dalam basis data ... ... Filename Nama berkas Each Item in a separate file Setiap butir dalam suatu berkas terpisah Same encryption password for all items Kata sandi enkripsi yang sama untuk semua butir Export comment into PEM file Ekspor komentar ke dalam berkas PEM Export Format Format Ekspor All files ( * ) Semua berkas ( * ) PEM Text format with headers Format Teks PEM dengan header Concatenated list of all selected items in one PEM text file Daftar tersambung dari semua butir yang dipilih dalam satu berkas teks PEM Concatenated text format of the complete certificate chain in one PEM file Format teks tersambung dari rantai sertifikat lengkap dalam satu berkas PEM Concatenated text format of all certificates in one PEM file Format teks tersambung dari semua sertifikat dalam satu berkas PEM Binary DER encoded file Berkas terenkode DER biner PKCS#7 encoded single certificate Sertifikat tunggal terenkode PKCS#7 PKCS#7 encoded complete certificate chain Rantai sertifikat lengkap terenkode PKCS#7 Concatenated text format of all unrevoked certificates in one PEM file Format teks tergabung dari semua sertifikat yang belum dicabut dalam satu berkas PEM All unrevoked certificates encoded in one PKCS#7 file Semua sertifikat yang belum dicabut dienkode dalam satu berkas PKCS#7 All selected certificates encoded in one PKCS#7 file Semua sertifikat yang dipilih dienkode dalam satu berkas PKCS#7 All certificates encoded in one PKCS#7 file Semua sertifikat dienkode dalam satu berkas PKCS#7 The certificate and the private key as encrypted PKCS#12 file Sertifikat dan kunci privat sebagai berkas PKCS#12 yang terenkripsi The complete certificate chain and the private key as encrypted PKCS#12 file Rantai sertifikat lengkap dan kunci privat sebagai berkas PKCS#12 terenkripsi Concatenation of the certificate and the unencrypted private key in one PEM file Gabungan dari sertifikat dan kunci privat tidak terenkripsi dalam satu berkas PEM Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Gabungan dari sertifikat dan kunci privat terenkripsi dalam format PKCS#8 di satu berkas Text format of the public key in one PEM file Format teks dari kunci publik dalam satu berkas PEM Binary DER format of the public key Format DER biner dari kunci publik Unencrypted private key in text format Kunci privat tak terenkripsi dalam format teks OpenSSL specific encrypted private key in text format Kunci privat terenkripsi spesifik OpenSSL dalam format teks Unencrypted private key in binary DER format Kunci privat tak terenkripsi dalam format DER biner Unencrypted private key in PKCS#8 text format Kunci privat tak terenkripsi dalam format teks PKCS#8 Encrypted private key in PKCS#8 text format Kunci privat terenkripsi dalam format teks PKCS#8 The public key encoded in SSH2 format Kunci publik terenkode dalam format SSH2 OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool Berkas Indeks Sertifikat spesifik OpenSSL yang dibuat oleh perintah 'ca' dan diperlukan oleh alat OCSP vCalendar expiry reminder for the selected items Pengingat kedaluwarsa vCalendar bagi butir-butir yang dipilih vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL Pengingat kedaluwarsa vCalendar yang memuat semua sertifikat yang diterbitkan dan valid, CA itu sendiri, dan CRL terakhir Private key in Microsoft PVK format not encrypted Kunci privat dalam format PVK Microsoft yang tidak terenkripsi Encrypted private key in Microsoft PVK format Kunci privat terenkripsi dalam format PVK Microsoft %n selected item(s) %n butir yang dipilih The file: '%1' already exists! Berkas '%1' sudah ada! Overwrite Timpa Do not overwrite Jangan timpa The path: '%1' exist, but is not a file Path: '%1' ada, tapi bukan suatu berkas The path: '%1' exist, but is not a directory Path: '%1' ada, tapi bukan suatu direktori The directory: '%1' does not exist. Should it be created? Direktori: '%1' tidak ada. Apakah itu mesti dibuat? Create Buat Failed to create directory '%1' Gagal membuat direktori '%1' Directory Direktori Form last update pembaruan terakhir next update pembaruan selanjutnya Days Hari Months Bulan Years Tahun Apply Terapkan Midnight Tengah malam Local time Waktu lokal No well-defined expiration Tidak ada kedaluwarsa yang jelas Help << << >> >> &Done &Selesai ImportMulti Import PKI Items Impor Butir PKI Import &All Impor Semu&a &Import &Impor &Done &Selesai &Remove from list Hapus da&ri daftar Details Rincian Delete from token Hapus dari token Rename on token Ubah nama pada token Name: %1 Model: %2 Serial: %3 Nama: %1 Model: %2 Serial: %3 Manage security token Kelola token keamanan Details of the item '%1' cannot be shown Rincian dari butir '%1' tidak bisa ditunjukkan The type of the item '%1' is not recognized Tipe dari butir '%1' tidak dikenal Could not open the default database Tidak bisa membuka basis data baku The file '%1' did not contain PKI data Berkas '%1' tidak mengandung data PKI The %1 files: '%2' did not contain PKI data Berkas %1: '%2' tidak mengandung data PKI ItemProperties Name Nama Source Sumber Insertion date Tanggal penyisipan Comment Komentar KeyDetail Name Nama The internal name of the key used by xca Nama internal dari kunci yang dipakai oleh xca Security token Token keamanan Manufacturer Pabrikan Serial Serial Key Kunci Public Exponent Eksponen Publik Keysize Ukuran kunci Private Exponent Eksponen Privat Security Token Token Keamanan Label Label PKCS#11 ID ID PKCS#11 Token information Informasi token Model Model Fingerprint Sidik jari Comment Komentar Details of the %1 key Rincian dari kunci %1 Not available Tidak tersedia Available Tersedia Sub prime Sub prima Public key Kunci publik Private key Kunci privat Curve name Nama kurva Unknown key Kunci tak dikenal KeyTreeView Clipboard format Format papan klip Change password Ubah kata sandi Reset password Reset kata sandi Change PIN Ubah PIN Init PIN with SO PIN (PUK) PIN init dengan PIN SO (PUK) Change SO PIN (PUK) Ubah PIN SO (PUK) Security token Token keamanan This is not a token Ini bukan sebuah token Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable Mestikan kunci asli '%1' digantikan oleh kunci pada token? Ini akan menghapus kunci '%1' dan membuatnya tidak dapat diekspor Key export Ekspor kunci SSH Private Keys ( *.priv ) Kunci Privat SSH ( *.priv ) Microsoft PVK Keys ( *.pvk ) Kunci PVK Microsoft ( *.pvk ) Export public key [%1] Ekspor kunci publik [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Kunci Privat ( *.pem *.der *.pk8 );; Kunci Publik SSH ( *.pub ) MainWindow Private Keys Kunci Privat &New Key Ku&nci Baru &Export &Ekspor &Import &Impor Import PFX (PKCS#12) Impor PFX (PKCS#12) &Show Details &Tampilkan Rincian &Delete &Hapus Certificate signing requests Certificate signing request &New Request Permi&ntaan Baru Certificates Sertifikat &New Certificate Sertifikat &Baru Import &PKCS#12 Impor &PKCS#12 Import P&KCS#7 Impor P&KCS#7 Plain View Tampilan Polos Templates Templat &New Template Templat &Baru &New CRL CRL &Baru Ch&ange Template Ub&ah Templat Revocation lists Daftar pencabutan Using or exporting private keys will not be possible without providing the correct password Memakai atau mengekspor kunci privat tidak akan mungkin tanpa memberikan kata sandi yang benar Database Basis Data The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. Hash baku '%1' yang kini dipakai tidak aman. Harap pilih paling tidak 'SHA 224' untuk alasan keamanan. Recent DataBases Basis Data Baru-baru Ini System Sistem Croatian Kroasia English Inggris French Perancis German Jerman Japanese Jepang Korean Korea Russian Rusia Slovak Slovakia Spanish Spanyol Persian Persia Bulgarian Bulgaria Polish Polandia Italian Italia Chinese Cina Dutch Belanda Portuguese in Brazil Portugis di Brazil Indonesian Indonesia Turkish Turki Language Bahasa &File &Berkas Open Remote DataBase Buka Basis Data Jarak Jauh Set as default DataBase Jadikan Basis Data baku New DataBase Basis Data Baru Open DataBase Buka Basis Data Close DataBase Tutup Basis Data Options Opsi Exit Keluar I&mport I&mpor Keys Kunci Requests Permintaan PKCS#12 PKCS#12 PKCS#7 PKCS#7 Template Templat Revocation list Daftar pencabutan PEM file Berkas PEM Paste PEM file Tempelkan berkas PEM Token Token Export Certificate &Index hierarchy Ekspor hirarki &Indeks Sertifikat Content Konten &Manage Security token Kelola Token kea&manan &Init Security token &Init Token keamanan &Change PIN &Ubah PIN Change &SO PIN Ubah PIN &SO Init PIN Init PIN Extra Ekstra &Dump DataBase Curahkan Basis &Data &Export Certificate Index &Ekspor Indeks Sertifikat C&hange DataBase password Uba&h kata sandi Basis Data &Undelete items Batal hap&us butir Generate DH parameter Bangkitkan parameter DH OID Resolver Pengurai OID &Help &Bantuan About Ihwal Import PEM data Impor data PEM Please enter the original SO PIN (PUK) of the token '%1' Harap masukkan PIN SO asli (PUK) dari token '%1' Search Cari Please enter the new SO PIN (PUK) for the token '%1' Harap masukkan PIN SO baru (PUK) bagi token '%1' The new label of the token '%1' Label baru dari token '%1' The token '%1' did not contain any keys or certificates Token '%1' tidak memuat kunci atau sertifikat apa pun Retry with PIN Coba lagi dengan PIN Retry with SO PIN Coba lagi dengan PIN SO Current Password Kata Sandi Saat Ini Please enter the current database password Harap masukkan kata sandi basis data saat ini The entered password is wrong Kata sandi yang dimasukkan salah New Password Kata Sandi Baru Please enter the new password to encrypt your private keys in the database-file Harap masukkan kata sandi baru untuk mengenkripsi kunci-kunci privat Anda dalam berkas basis data Transaction start failed Gagal memulai transaksi Database: %1 Basis data: %1 The currently used PFX / PKCS#12 algorithm '%1' is insecure. Algoritma PFX / PKCS#12 '%1' yang saat ini dipakai tidak aman. Change Ubah Certificate Index ( index.txt ) Indeks Sertifikat ( index.txt ) All files ( * ) Semua berkas ( * ) Diffie-Hellman parameters saved as: %1 Parameter Diffie-Hellman disimpan sebagai: %1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits Parameter Diffie-Hellman diperlukan bagi aplikasi-aplikasi berbeda, tapi tidak ditangani oelh XCA. Harap masukkan bit parameter DH NewCrl Last update Pembaruan terakhir Next update Pembaruan selanjutnya Days Hari Months Bulan Years Tahun Midnight Tengah malam Local time Waktu lokal Apply Terapkan Options Opsi CRL number Nomor CRL Subject alternative name Nama alternatif subjek Revocation reasons Alasan pencabutan Authority key identifier Identifier kunci Otoritas Hash algorithm Algoritma hash Create CRL Buat CRL NewKey Please give a name to the new key and select the desired keysize Harap berikan sebuah nama ke kunci baru dan pilih ukuran kunci yang diinginkan Key properties Properti kunci Name Nama The internal name of the new key Nama internal dari kunci baru Curve name Nama kurva Usually at least 2048 bit keys are recommended Biasanya disarankan paling tidak kunci 2048 bit New Key Kunci Baru Keysize Ukuran kunci Keytype Tipe kunci Remember as default Ingat sebagai baku Create Buat NewX509 Source Sumber Signing request Permintaan penandatanganan Show request Tunjukkan permintaan Sign this Certificate signing &request Tandatangani Certificate signing &request ini Copy extensions from the request Salin ekstensi dari permintaan Modify subject of the request Ubah subjek permintaan Signing Penandatanganan Create a &self signed certificate Buat sertifikat yang ditandatangani &sendiri Use &this Certificate for signing Gunakan Ser&tifikat ini untuk penandatanganan All certificates in your database that can create valid signatures Semua sertifikat dalam basis data Anda yang dapat membuat tanda tangan yang valid Signature algorithm Algoritma tanda tangan Template for the new certificate Templat bagi sertifikat baru All available templates Semua templat yang tersedia Apply extensions Terapkan ekstensi Apply subject Terapkan subjek Apply all Terapkan semua Subject Subjek Internal Name Nama Internal Distinguished name Distinguished name Add Tambah Delete Hapus Private key Kunci privat This list only contains unused keys Daftar ini hanya memuat kunci-kunci yang tidak dipakai Used keys too Kunci-kunci yang dipakai juga &Generate a new key Ban&gkitkan sebuah kunci baru Extensions Ekstensi Type Tipe If this will become a CA certificate or not Apakah ini akan menjadi sebuah sertifikat CA atau tidak Not defined Tidak didefinisikan Certification Authority Certification Authority End Entity Entitas Akhir Path length Panjang path How much CAs may be below this. Berapa banyak CA mungkin ada di bawah ini. The basic constraints should always be critical Basic constraints mesti selalu kritikal Key identifier Identifier kunci Creates a hash of the key following the PKIX guidelines Membuat sebuah hash dari kunci mengikuti panduan PKIX Copy the Subject Key Identifier from the issuer Salin Subject Key Identifier dari penerbit Validity Validitas Not before Tidak sebelum Not after Tidak setelah Time range Rentang waktu Days Hari Months Bulan Years Tahun Apply Terapkan Set the time to 00:00:00 and 23:59:59 respectively Atur waktu masing-masing ke 00:00:00 dan 23:59:59 Midnight Tengah malam Local time Waktu lokal No well-defined expiration Tidak ada kedaluwarsa yang jelas DNS: IP: URI: email: RID: DNS: IP: URI: email: RID: Edit Sunting URI: URI: Key usage Guna kunci Netscape Netscape Advanced Tingkat lanjut Validate Validasikan Comment Komentar This name is only used internally and does not appear in the resulting certificate Nama ini hanya dipakai secara internal dan tidak muncul dalam sertifikat yang dihasilkan Critical Kritikal Create Certificate signing request Buat Certificate signing request minimum size: %1 ukuran minimum: %1 maximum size: %1 ukuran maksimum: %1 only a-z A-Z 0-9 '()+,-./:=? hanya a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters hanya karakter yang bersih 7 bit Edit XCA template Sunting templat XCA Create x509 Certificate Buat Sertifikat x509 Template '%1' applied Templat '%1' diterapkan Subject applied from template '%1' Subjek diterapkan dari templat '%1' Extensions applied from template '%1' Ekstensi diterapkan dari templat '%1' New key '%1' created Kunci baru '%1' telah dibuat Other Tabs Tab Lain Advanced Tab Tab Tingkat Lanjut Errors Kesalahan From PKCS#10 request Dari permintaan PKCS#10 Error Kesalahan duplicate extensions ekstensi duplikat The Name Constraints are invalid Konstrain Nama tidak valid The Subject Alternative Name is invalid Subject Alternative Name tidak valid The Issuer Alternative Name is invalid Issuer Alternative Name tidak valid The CRL Distribution Point is invalid CRL Distribution Point tidak valid The Authority Information Access is invalid Authority Information Access tidak valid Abort rollout Tentang rollout The following length restrictions of RFC3280 are violated: Pembatasan panjang berikut dari RFC3280 dilanggar: Edit subject Sunting subjek Continue rollout Lanjutkan rollout The verification of the Certificate request failed. The rollout should be aborted. Verifikasi permintaan sertifikat gagal. Rollout mesti digugurkan. Continue anyway Lanjutkan saja The internal name and the common name are empty. Please set at least the internal name. Nama internal dan common name kosong. Harap atur paling tidak nama internal. Edit name Sunting nama There is no Key selected for signing. Tidak ada Kunci yang dipilih untuk penandatanganan. Select key Pilih kunci The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. Entri distinguised name berikut kosong: %1 walaupun Anda telah menyatakan mereka sebagai wajib dalam menu opsi. The key you selected for signing is not a private one. Kunci yang Anda pilih untuk menandatangani bukan kunci privat. Select other signer Pilih penandatangan lain Select other key Pilih kunci lain The currently selected hash algorithm '%1' is insecure and should not be used. Algoritma hash '%1' yang saat ini dipilih tidak aman dan mestinya tidak dipakai. Select other algorithm Pilih algoritma lain Use algorithm anyway Gunakan algoritma itu saja The certificate will be earlier valid than the signer. This is probably not what you want. Sertifikat akan valid lebih dini daripada penandatangan. Ini barangkali bukan yang Anda inginkan. Edit dates Sunting tanggal Adjust date and continue Sesuaikan tanggal dan lanjutkan The certificate will be longer valid than the signer. This is probably not what you want. Sertifikat akan valid lebih lama daripada penandatangan. Ini barangkali bukan yang Anda inginkan. The certificate will be out of date before it becomes valid. You most probably mixed up both dates. Sertifikat akan kedaluwarsa sebelum menjadi valid. Barangkali kedua tanggal tertukar. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. Sertifikat memuat ekstensi yang tidak valid atau duplikat. Periksa validasi pada tab tingkat lanjut. The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. Sertifikat tidak memuat ekstensi. Anda dapat menerapkan ekstensi dari salah satu templat untuk mendefinisikan tujuan sertifikat. The certificate contains invalid extensions. Sertifikat mengandung ekstensi yang tidak valid. Edit extensions Suting ekstensi The subject alternative name shall contain a copy of the common name. However, the common name is empty. Subject alternative name akan memuat salinan dari common name. Namun common name kosong. A name constraint of the issuer '%1' is violated: %2 Suatu konstrain nama dari penerbit '%1' dilanggar: %2 Configfile error on line %1 Kesalahan berkas konfig pada baris %1 OidResolver OID Resolver Pengurai OID Enter the OID, the Nid, or one of the textual representations Masukkan OID, Nid, atau satu dari representasi tekstual Search Cari OID OID Long name Nama panjang OpenSSL internal ID ID internal OpenSSL Nid Nid Short name Nama pendek OpenDb Open remote database Buka basis data jarak jauh Database type Tipe basis data Hostname Nama host Username Nama pengguna Password Kata sandi Database name Nama basis data Table prefix Prefiks tabel No SqLite3 driver available. Please install the qt-sqlite package of your distribution Driver SqLite3 tidak tersedia. Harap pasang paket sq-sqlite dari distribusi Anda Options XCA Options Opsi XCA Settings Pengaturan Default hash algorithm Algoritma hash baku String types Tipe string Suppress success messages Sembunyikan pesan sukses Don't colorize expired certificates Jangan warnai sertifikat yang kedaluwarsa Translate established x509 terms (%1 -> %2) Terjemahkan istilah x509 yang sudah mapan (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. Fungsionalitas hash dari token tidak dipakai oleh XCA. Namun itu menghormati suatu set-hash terbatas yang dipropagasikan oleh token. Khususnya EC dan DSA hanya didefinisiakn dengan SHA1 dalam spesifikasi PKCS#1. Only use hashes supported by the token when signing with a token key Hanya pakai hash yang didukung oleh token ketika menandatangani dengan suatu kunci token Disable legacy Netscape extensions Nonaktifkan ekstensi Netscape warisan PKCS12 encryption algorithm Algoritma enkripsi PKCS12 Certificate expiry warning threshold Ambang peringatan kedaluwarsa sertifikat Send vCalendar expiry reminder Kirim pengingat kedaluwarsa vCalendar Serial number length Panjang nomor seri bit bit Distinguished name Distinguished name Mandatory subject entries Entri subjek yang wajib Add Tambah Delete Hapus Explicit subject entries Entri subjek eksplisit Dynamically arrange explicit subject entries Susun secara dinamis entri subjek yang eksplisit Default Baku PKCS#11 provider Penyedia PKCS#11 Remove Buang Search Cari Printable string or UTF8 (default) String yang dapat dicetak atau UTF8 (baku) PKIX recommendation in RFC2459 Rekomendasi PKIX dalam RFC2459 No BMP strings, only printable and T61 Tidak ada string BMP, hanya yang dapat dicetak dan T61 UTF8 strings only (RFC2459) Hanya string UTF8 (RFC2459) All strings Semua string Days Hari Weeks Minggu PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) Kata sandi diurai sebagai kode heksa 2 digit. Itu mesti memiliki sejumlah genap digit (0-9 dan a-f) Take as HEX string Ambil sebagai string HEKSA Password Kata sandi Repeat %1 Ulangi %1 %1 mismatch %1 tidak cocok Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters Kata sandi heksa hanya boleh memuat karakter '0' - '9' dan 'a' - 'f' dan itu mesti memuat sejumlah genap karakter Exit Keluar QMessageBox Ok Ok Close Tutup Cancel Batal Apply Terapkan Yes Ya No Tidak QObject Undefined Tidak didefinisikan Broken / Invalid Rusak / Tidak valid in %1 seconds dalam %1 detik %1 seconds ago %1 detik yang lalu in %1 minutes dalam %1 menit %1 minutes ago %1 menit yang lalu Yesterday Kemarin Tomorrow Besok in %1 hours dalam %1 jam %1 hours ago %1 jam yang lalu Out of data Kehabisan data Error finding endmarker of string Kesalahan saat mencari penanda akhir string Out of Memory at %1:%2 Habis Memori pada %1: %2 All files ( * ) Semua berkas ( * ) PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK Keys ( *.pvk );; SSH Public Keys ( *.pub );; Kunci PKI ( *.pem *.der *.key );; Kunci PKCS#8 ( *.p8 *.pk8 );; Kunci PVK Microsoft ( *.pvk );; Kunci Publik SSH ( *.pub );; Import RSA key Impor kunci RSA PKCS#10 CSR ( *.pem *.der *.csr );; CSR PKCS#10 ( *.pem *.der *.csr );; Import Request Impor Permintaan Certificates ( *.pem *.der *.crt *.cer );; Sertifikat ( *.pem *.der *.crt *.cer );; Import X.509 Certificate Impor Sertifikat X.509 PKCS#7 data ( *.p7s *.p7m *.p7b );; Data PKCS#7 ( *.p7s *.p7m *.p7b );; Import PKCS#7 Certificates Impor Sertifikat PKCS#7 PKCS#12 Certificates ( *.p12 *.pfx );; Sertifikat PKCS#12 ( *.p12 *.pfx );; Import PKCS#12 Private Certificate Impor Sertifikat Privat PKCS#12 XCA templates ( *.xca );; Templat XVA ( *.xca );; Import XCA Templates Impor Templat XCA Revocation lists ( *.pem *.der *.crl );; Daftar pencabutan ( *.pem *.der *.crl );; Import Certificate Revocation List Impor Certificate Revocation List XCA Databases ( *.xdb );; Basis Data XCA ( *.xdb );; Open XCA Database Buka Basis Data XCA OpenVPN tls-auth key ( *.key );; Kunci tls-auth OpenVPN ( *.key );; Import OpenVPN tls-auth key Impor kunci tls-auth OpenVPN PKCS#11 library ( *.dll );; Pustaka PKCS#11 ( *.dll );; PKCS#11 library ( *.dylib *.so );; Pustaka PKCS#11 ( *.dylib *.so );; PKCS#11 library ( *.so );; Pustaka PKCS#11 ( *.so );; Open PKCS#11 shared library Buka pustaka bersama PKCS#11 PEM files ( *.pem );; Berkas PEM ( *.pem );; Load PEM encoded file Muat berkas terenkode PEM Please enter the PIN on the PinPad Harap masukkan PIN pada PinPad Please enter the SO PIN (PUK) of the token %1 Harap masukkan PIN SO (PUK) dari token %1 Please enter the PIN of the token %1 Harap masukkan PIN dari token %1 No Security token found Tidak ditemukan token keamanan Select Pilih Please enter the new SO PIN (PUK) for the token: '%1' Harap masukkan SO PIN (PUK) baru bagi token: '%1' Please enter the new PIN for the token: '%1' Harap masukkan PIN baru bagi token: '%1' Required PIN size: %1 - %2 Ukuran PIN yang diperlukan: %1 - %2 Invalid filename: %1 Nama berkas tidak valid: %1 Failed to open PKCS11 library: %1: %2 Gagal membuka pustaka PKCS#11: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Ini tidak tampak seperti suatu pustaka PKCS#11. Simbol 'C_GetFunctionList' tidak ditemukan. Disabled Dinonaktifkan Library loading failed Pemuatan pustaka gagal PKCS#11 function '%1' failed: %2 Fungsi PKCS#11 '%1' gagal: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 Fungsi PKCS#11 '%1' gagal: %2 Dalam pustaka %3 %4 Invalid Tidak valid %1 is shorter than %2 bytes: '%3' %1 lebih pendek daripada %2 byte: '%3' %1 is longer than %2 bytes: '%3' %1 lebih panjang dari %2 byte: '%3' String '%1' for '%2' contains invalid characters String '%1' bagi '%2' memuat karakter yang tidak valid Error reading config file %1 at line %2 Kesalahan saat membaca berkas konfig %1 pada baris %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. Objek '%1' dari berkas %2 baris %3 sudah dikenal sebagai '%4:%5:%6' dan mesti dihapus. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. Identifier '%1' bagi OID %2 dari berkas %3 baris %4 sudah dipakai bagi OID lain sebagai '%5:%6:%7' dan mesti diubah untuk menghindari konflik. Unknown object '%1' in file %2 line %3 Objek tak dikenal '%1' dalam berkas %2 baris %3 Failed to start a database transaction Gagal memulai suatu transaksi basis data Country code Kode negara State or Province Negara Bagian atau Provinsi Locality Lokalitas Organisation Organisasi Organisational unit Unit organisasi Common name Common name E-Mail address Alamat surel Serial number Nomor seri Given name Nama depan Surname Nama belakang Title Gelar Initials Inisial Description Deskripsi Role Peran Pseudonym Pseudonim Generation Qualifier Pewatas Generasi x500 Unique Identifier Identifier Unik x500 Name Nama DN Qualifier Pewatas DN Unstructured name Nama tak terstruktur Challenge password Kata sandi tantangan Basic Constraints Konstrain Dasar Name Constraints Konstrain Nama Subject alternative name Nama alternatif subjek issuer alternative name nama alternatif penerbit Subject key identifier Identifier kunci subjek Authority key identifier Identifier kunci otoritas Key usage Key usage Extended key usage Extended key usage CRL distribution points Titik distribusi CRL Authority information access Akses informasi otoritas Certificate type Tipe sertifikat Base URL URL Basis Revocation URL URL Pencabutan CA Revocation URL URL Pencabutan CA Certificate renewal URL URL pembaruan Sertifikat CA policy URL URL kebijakan CA SSL server name Nama server SSL Comment Komentar Index file written to '%1' Berkas indeks ditulis ke '%1' Index hierarchy written to '%1' Hirarki indeks ditulis ke '%1' Unknown key type %1 Tipe kunci tak dikenal %1 Failed to write PEM data to '%1' Gagal menulis data PEM ke '%1' Password verify error, please try again Kesalahan verifikasi kata sandi, harap coba lagi The following error occurred: Terjadi kesalahan berikut: Failed to update the database schema to the current version Gagal memperbarui skema basis data ke versi saat ini Password Kata sandi insecure tidak aman ReqTreeView Sign Tandatangani Unmark signed Hapus tanda yang ditandatangani Mark signed Tandai yang ditandatangani Similar Request Permintaan Serupa Certificate request export Ekspor permintaan sertifikat Certificate request ( *.pem *.der *.csr ) Permintaan sertifikat ( *.pem *.der *.csr ) RevocationList Manage revocations Kelola pencabutan Add Tambah Delete Hapus Edit Sunting No. No. Serial Serial Revocation Pencabutan Reason Alasan Invalidation Invalidasi Generate CRL Buat CRL Revoke Certificate revocation Pencabutan sertifikat Revocation details Rincian pencabutan Revocation reason Alasan pencabutan Local time Waktu lokal Invalid since Tidak valid sejak Serial Serial SearchPkcs11 Directory Direktori ... ... Include subdirectories Sertakan subdirektori Search Cari The following files are possible PKCS#11 libraries Berkas-berkas berikut adalah pustaka PKCS#11 yang mungkin SelectToken Security token Token keamanan Please select the security token Harap pilih token keamanan TempTreeView Duplicate Duplikatkan Create certificate Buat sertifikat Create request Buat permintaan copy salin Preset Template values Pratata nilai-nilai Templat Template export Ekspor templat XCA Templates ( *.xca ) Templat XCA ( *.xca ) TrustState Certificate trust Kepercayaan sertifikat Trustment Kepercayaan &Never trust this certificate Ja&ngan pernah percayai sertifikat ini Only &trust this certificate, if we trust the signer Hanya percayai ser&tifikat ini, bila kita percaya penandatangan &Always trust this certificate Sel&alu percayai sertifikat ini Validity yyyy-MM-dd hh:mm yyyy-MM-dd hh:mm X509SuperTreeView OpenSSL config Konfig OpenSSL Transform Transformasikan Template Templat Public key Kunci publik Save as OpenSSL config Simpan sebagai konfig OpenSSL Config files ( *.conf *.cnf);; All files ( * ) Berkas konfig ( *.conf *.cnf);; Semua berkas ( * ) XFile Error opening file: '%1': %2 Kesalahan saat membuka berkas: '%1': %2 Error rewinding file: '%1': %2 Kesalahan saat menggulung ulang berkas: '%1': %2 XcaDetail Import Impor XcaTreeView Item properties Properti butir Subject entries Entri subjek X509v3 Extensions Ekstensi X509v3 Netscape extensions Ekstensi Netscape Key properties Properti kunci Reset Reset Hide Column Sembunyikan Kolom Details Rincian Columns Kolom Export Password Ekspor Kata Sandi Please enter the password to encrypt all %n exported private key(s) in: %1 Singular form for 0 or 1 item can be ignored. Will always be called with n >= 2 Harap masukkan kata sandi baru untuk mengenkripsi semua %n kunci privat yang diekspor dalam: %1 New Baru Import Impor Paste PEM data Tempelkan data PEM Rename Ubah nama Properties Properti Delete Hapus Export Ekspor Clipboard Papan klip File Berkas Clipboard format Format papan klip database_model Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Format basis data warisan terdeteksi. Membuat sebuah salinan cadangan bernama: '%1' dan mengonversi basis data ke format baru Failed to rename the database file, because the target already exists Gagal mengubah nama berkas basis data, karena target sudah ada Please enter the password to access the database server %2 as user '%1'. Harap masukkan kata sandi untuk mengakses server basis data %2 sebagai pengguna '%1'. Unable to create '%1': %2 Tidak bisa membuat '%1': %2 The file '%1' is not an XCA database Berkas '%1' bukan suatu basis data XCA No SqLite3 driver available. Please install the qt-sqlite package of your distribution Driver SqLite3 tidak tersedia. Harap pasang paket sq-sqlite dari distribusi Anda New Password Kata Sandi Baru Please enter a password, that will be used to encrypt your private keys in the database: %1 Harap masukkan suatu kata sandi, yang akan dipakai untuk mengenkripsi kunci privat Anda dalam basis data: %1 Password Kata sandi Please enter the password for unlocking the database: %1 Harap masukkan kata sandi untuk membuka kunci basis data: %1 db_base Internal name Nama internal No. No. Primary key Kunci primer Database unique number Angka unik basis data Date Tanggal Date of creation or insertion Tanggal pembuatan atau penyisipan Source Sumber Generated, Imported, Transformed Dibuat, Diimpor, Ditransformasi Comment Komentar First line of the comment field Baris pertama dari ruas komentar Import from: %1 Impor dari: %1 Could not create directory %1 Tidak bisa membuat direktori %1 Item properties Properti butir How to export the %1 selected items Bagaimana mengekspor %1 butir yang dipilih All in one PEM file Semua dalam sebuah berkas PEM Each item in one file Masing-masing butir dalam satu berkas Save %1 items in one file as Simpan %1 butir dalam satu berkas sebagai PEM files ( *.pem );; All files ( * ) Berkas PEM ( *.pem );; Semua berkas ( * ) db_crl Signer Penandatangan Internal name of the signer Nama internal dari penandatangan No. revoked Cacah dicabut Number of revoked certificates Banyaknya sertifikat yang dicabut Last update Pembaruan terakhir Next update Pembaruan selanjutnya CRL number Nomor CRL The revocation list already exists in the database as: '%1' and so it was not imported Daftar pencabutan sudah ada dalam basis data sebagai: '%1' sehingga tidak diimpor Revocation list export Ekspor daftar pencabutan CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) Failed to initiate DB transaction Gagal menginisiasi transaksi DB Database error: %1 Kesalahan basis data: %1 db_key Type Tipe Size Ukuran EC Group Grup EC Use Pakai Password Kata sandi The key is already in the database as: '%1' and is not going to be imported Kunci sudah ada dalam basis data sebagai: '%1' dan tidak akan diimpor The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key Basis data sudah memuat bagian publik dari kunci yang diimpor sebagai '%1' dan akan dilengkapi oleh bagian privat dari kunci yang baru Extending public key from %1 by imported key '%2' Memperluas kunci publik dari %1 dengan kunci yang diimpor '%2' Key size too small ! Ukuran kunci terlalu kecil! You are sure to create a key of the size: %1 ? Anda yakin akan membuat kunci dengan ukuran: %1? PEM public PEM publik SSH2 public SSH2 publik PEM private PEM privat SSH2 private SSH2 privat Export keys to Clipboard Ekspor kunci ke Papan Klip Clipboard Papan klip Export public key [%1] Ekspor kunci publik [%1] DER public DER publik DER private DER privat PEM encryped PEM terenkripsi PVK private PVK privat PVK encrypted PVK terenkripsi PKCS#8 encrypted PKCS#8 terenkripsi Export private key [%1] Ekspor kunci privat [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Kunci Privat ( *.pem *.der *.pk8 );; Kunci Publik SSH ( *.pub ) Internal error Kesalahan internal Internal key update: The keys: %1 must be updated once by resetting and setting its private password Pembaruan kunci internal: Kunci: %1 harus diperbarui sekali dengan me-reset dan menata kata sandi privatnya Tried to change password of a token Mencoba mengubah kata sandi dari suatu token db_temp Bad template: %1 Templat buruk: %1 Empty template Templat kosong Save template as Simpan templat sebagai XCA templates ( *.xca );; All files ( * ) Templat XCA ( *.xca );; Semua berkas ( * ) db_x509 CA CA reflects the basic Constraints extension mencerminkan ekstensi basic Constraints Serial Serial Start date Tanggal mulai Expiry date Tanggal kedaluwarsa MD5 fingerprint Sidik jari MD5 SHA1 fingerprint Sidik jari SHA1 SHA256 fingerprint Sidik jari SHA256 Not before Tidak sebelum Not after Tidak setelah Revocation Pencabutan CRL Expiration Kedaluwarsa CRL Failed to retrieve unique random serial Gagal mengambil serial acak unik The certificate already exists in the database as: '%1' and so it was not imported Sertifikat sudah ada dalam basis data sebagai: '%1' sehingga itu tidak diimpor Signed on %1 by '%2' Ditandatangani pada %1 oleh '%2' Unknown Tidak dikenal Invalid public key Kunci publik tidak valid PKCS#7 unrevoked PKCS#7 belum dicabut PEM unrevoked PEM belum dicabut CA vCalendar vCalendar CA X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) Sertifikat X509 ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) days hari No template Tidak ada templat The key you selected for signing is not a private one. Kunci yang Anda pilih untuk penandatanganan bukan privat. Failed to create directory '%1' Gagal membuat direktori '%1' Store the certificate to the key on the token '%1 (#%2)' ? Simpan sertifikat ke kunci pada token '%1 (#%2)' ? PEM chain Rantai PEM PKCS#7 chain Rantai PKCS#7 PKCS#12 chain Rantai PKCS#12 PKCS#7 all PKCS#7 semua PEM + key PEM + kunci PEM all PEM semua Certificate Index file Berkas Indeks Sertifikat Certificate export Ekspor sertifikat There was no key found for the Certificate: '%1' Tidak ditemukan kunci bagi Sertifikat: '%1' Not possible for a token key: '%1' Tidak mungkin bagi sebuah kunci token: '%1' Not possible for the token-key Certificate '%1' Tidak mungkin bagi Sertifikat kunci token '%1' db_x509name Subject Subjek Complete distinguished name Distinguished name lengkap Subject hash Hash subjek Hash to lookup certs in directories Hash untuk mencari sertifikat dalam direktori db_x509req Signed Ditandatangani whether the request is already signed or not apakah permintaan sudah ditandatangani atau belum Unstructured name Nama tak terstruktur Challenge password Kata sandi tantangan Certificate count Cacah sertifikat Number of certificates in the database with the same public key Cacah sertifikat dalam basis data dengan kunci publik yang sama The certificate signing request already exists in the database as '%1' and thus was not stored Certificate signing request sudah ada dalam basis data sebagai '%1' sehingga tidak disimpan Certificate request export Ekspor permintaan sertifikat Certificate request ( *.pem *.der *.csr ) Permintaan sertifikat ( *.pem *.der *.csr ) db_x509super Key name Nama kunci Internal name of the key Nama internal kunci Signature algorithm Algoritma tanda tangan Key type Tipe kunci Key size Ukuran kunci EC Group Grup EC Extracted from %1 '%2' Diekstrak dari %1 '%2' Certificate Sertifikat Certificate request Permintaan sertifikat Save as OpenSSL config Simpan sebagai konfig OpenSSL Config files ( *.conf *.cnf);; All files ( * ) Berkas konfig ( *.conf *.cnf);; Semua berkas ( * ) The following extensions were not ported into the template Ekstensi-ekstensi berikut tidak di-port ke dalam templat Transformed from %1 '%2' Ditransformasikan dari %1 '%2' kvView Type Tipe Content Konten pass_info Password Kata sandi PIN PIN pkcs11_lib Failed to open PKCS11 library: %1: %2 Gagal membuka pustaka PKCS#11: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Ini tidak tampak seperti suatu pustaka PKCS#11. Simbol 'C_GetFunctionList' tidak ditemukan. pki_base Unknown Tidak dikenal Imported Diimpor Generated Dibangkitkan Transformed Ditransformasi Token Token Legacy Database Basis Data Warisan Renewed Diperbarui Property '%1' not listed in 'pki_base::print' Properti '%1' tidak terdaftar dalam 'pki_base::print' Internal error: Unexpected message: %1 %2 Kesalahan internal: Pesan yang tidak diharapkan: %1 %2 pki_crl Successfully imported the revocation list '%1' Sukses mengimpor daftar pencabutan '%1' Delete the revocation list '%1'? Hapus daftar pencabutan '%1'? Successfully created the revocation list '%1' Sukses membuat daftar pencabutan '%1' Delete the %1 revocation lists: %2? Hapus daftar pencabutan %1: %2? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. Tidak bisa memuat daftar pencabutan dalam berkas %1. Dicoba CRL terformat PEM dan DER. No issuer given Tidak ada penerbit yang diberikan Wrong Size %1 Salah Ukuran %1 Delete the %n revocation list(s): '%1'? Hapus %n daftar pencabutan: '%1'? CRL Renewal of CA '%1' due Saatnya Pembaruan CRL dari CA '%1' The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' CRL terakhir yang diterbitkan oleh CA '%1' akan kedaluwarsa pada %2. Itu disimpan dalam basis data XCA '%3' Renew CRL: %1 Perbarui CRL: %1 The XCA CRL '%1', issued on %3 will expire on %4. It is stored in the XCA database '%5' CRL XCA '%1', diterbitkan pada %3 akan kedaluwarsa pada %4. Itu disimpan dalam basis data XCA '%5' pki_evp Please enter the password to decrypt the private key %1. Harap masukkan kata sandi untuk mendekripsi kunci privat %1. The key from file '%1' is incomplete or inconsistent. Kunci dari berkas '%1' tidak lengkap atau tidak konsisten. Please enter the password to decrypt the private key from file: %1 Harap masukkan kata sandi untuk mendekripsi kunci privat dari berkas: %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. Tidak bisa memuat kunci privat dalam berkas %1. Dicoba format tipe kunci PEM dan DER privat, publik, PKCS#8, dan SSH2. Ignoring unsupported private key Mengabaikan kunci privat yang tidak didukung Please enter the password to decrypt the private key: '%1' Harap masukkan kata sandi untuk mendekripsi kunci privat: '%1' Password input aborted Masukan kata sandi digugurkan Please enter the database password for decrypting the key '%1' Harap masukkan kata sandi basis data untuk mendekripsi kunci '%1' Decryption of private key '%1' failed Dekripsi dari kunci privat '%1' gagal Please enter the password to protect the private key: '%1' Harap masukkan kata sandi untuk melindungi kunci privat: '%1' Please enter the database password for encrypting the key Harap masukkan kata sandi basis data untuk mengenkripsi kunci Please enter the password to protect the PKCS#8 key '%1' in file: %2 Harap masukkan kata sandi untuk melindungi kunci PKCS#8 '%1' dalam berkas: %2 Please enter the password to protect the private key '%1' in file: %2 Harap masukkan kata sandi untuk melindungi kunci privat '%s' dalam berkas: %2 Please enter the password protecting the PKCS#8 key '%1' Harap masukkan kata sandi untuk melindungi kunci PKCS#8 '%1' Please enter the password protecting the Microsoft PVK key '%1' Harap masukkan kata sandi untuk melindungi kunci PVK Microsoft '%1' Please enter the export password for the private key '%1' Harap masukkan kata sandi ekspor untuk kunci privat '%1' pki_export PEM Text format with headers Format Teks PEM dengan header Concatenated list of all selected items in one PEM text file Daftar tersambung dari semua butir yang dipilih dalam satu berkas teks PEM PEM selected PEM dipilih Concatenated list of all selected certificates in one PEM text file Daftar terkonkatenasi dari semua sertifikat yang dipilih dalam satu berkas teks PEM PEM chain Rantai PEM Concatenated text format of the complete certificate chain in one PEM file Format teks tersambung dari rantai sertifikat lengkap dalam satu berkas PEM The complete certificate chain and the private key of the selected certificate with tags usable in OpenVPN configuration files Rantai sertifikat lengkap dan kunci privat dari sertifikat yang dipilih dengan tag dapat dipakai dalam berkas konfigurasi OpenVPN PEM + key PEM + kunci Concatenation of the certificate and the unencrypted private key in one PEM file Gabungan dari sertifikat dan kunci privat tidak terenkripsi dalam satu berkas PEM Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Gabungan dari sertifikat dan kunci privat terenkripsi dalam format PKCS#8 di satu berkas All unusable Semua yang tidak bisa dipakai Concatenation of all expired or revoked certificates in one PEM file Konkatenasi dari semua sertifikat yang kedaluwarsa atau dicabut dalam satu berkas PEM PKCS#7 encoded single certificate Sertifikat tunggal terenkode PKCS#7 All selected certificates encoded in one PKCS#7 file Semua sertifikat yang dipilih dienkode dalam satu berkas PKCS#7 PKCS #7 chain Rantai PKCS #7 PKCS#7 encoded complete certificate chain Rantai sertifikat lengkap terenkode PKCS#7 PKCS #7 unusable PKCS #7 yang tidak bisa dipakai PKCS#7 encoded collection of all expired or revoked certificates Koleksi terenkode PKCS#7 dari semua sertifikat yang kedaluwarsa atau dicabut Binary DER encoded certificate Sertifikat terenkode DER biner PKCS #12 chain Rantai PKCS #12 The complete certificate chain and the private key as encrypted PKCS#12 file Rantai sertifikat lengkap dan kunci privat sebagai berkas PKCS#12 terenkripsi PKCS #12 PKCS #12 The certificate and the private key as encrypted PKCS#12 file Sertifikat dan kunci privat sebagai berkas PKCS#12 yang terenkripsi Certificate Index file Berkas Indeks Sertifikat OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool Berkas Indeks Sertifikat spesifik OpenSSL yang dibuat oleh perintah 'ca' dan diperlukan oleh alat OCSP vCalendar vCalendar vCalendar expiry reminder for the selected items Pengingat kedaluwarsa vCalendar bagi butir-butir yang dipilih CA vCalendar vCalendar CA vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL Pengingat kedaluwarsa vCalendar yang memuat semua sertifikat yang diterbitkan dan valid, CA itu sendiri, dan CRL terakhir OpenSSL config Konfig OpenSSL OpenSSL configuration file to create a certificate or request with the openssl commandline tool Berkas konfigurasi OpenSSL untuk membuat suatu sertifikat atau meminta dengan alat baris perintah openssl OpenVPN tls-auth key Kunci tls-auth OpenVPN The OpenVPN tls-auth key is a secret key shared between endpoints Kunci tls-auth OpenVPN adalah sebuah kunci rahasia yang dipakai bersama antar titik akhir JSON Web Kit JSON Web Kit The public key of the certificate in JSON Web Kit format with X.509 Certificate Thumbprint (x5t) Kunci publik dari sertifikat dalam format JSON Web Kit dengan X.509 Certificate Thumbprint (x5t) JSON Web Kit chain Rantai JSON Web Kit The public key of the certificate in JSON Web Kit format with X.509 Certificate Thumbprint (x5t) and certificate chain (x5c) Kunci publik dari sertifikat dalam format JSON Web Kit dengan X.509 Certificate Thumbprint (x5t) dan rantai sertifikat (x5c) PEM public PEM publik Text format of the public key in one PEM file Format teks dari kunci publik dalam satu berkas PEM PEM private PEM privat Unencrypted private key in text format Kunci privat tak terenkripsi dalam format teks PEM encrypted PEM terenkripsi OpenSSL specific encrypted private key in text format Kunci privat terenkripsi spesifik OpenSSL dalam format teks SSH2 private SSH2 privat SSH2 public SSH2 publik The public key encoded in SSH2 format Kunci publik terenkode dalam format SSH2 DER public DER publik Binary DER format of the public key Format DER biner dari kunci publik DER private DER privat Unencrypted private key in binary DER format Kunci privat tak terenkripsi dalam format DER biner PVK private PVK privat Private key in Microsoft PVK format not encrypted Kunci privat dalam format PVK Microsoft yang tidak terenkripsi XCA template in PEM-like format. Templates include the internal name and comment Templat XCA dalam format mirip PEM. Templat termasuk nama internal dan komentar All selected XCA templates in PEM-like format. Templates include the internal name and comment Semua templat XCA yang dipilih dalam format mirip PEM. Templat termasuk nama internal dan komentar PVK encrypted PVK terenkripsi Encrypted private key in Microsoft PVK format Kunci privat terenkripsi dalam format PVK Microsoft PKCS #8 encrypted PKCS #8 terenkripsi Encrypted private key in PKCS#8 text format Kunci privat terenkripsi dalam format teks PKCS#8 PKCS #8 PKCS #8 Unencrypted private key in PKCS#8 text format Kunci privat tak terenkripsi dalam format teks PKCS#8 JSON Web Key private JSON Web Key privat Unencrypted private key in JSON Web Key format Kunci privat tidak terenkripsi dalam format JSON Web Key JSON Web Key public JSON Web Key publik Public key in JSON Web Key format Kunci publik dalam format JSON Web Key Binary DER format of the certificate request Format DER biner dari permintaan sertifikat Binary DER format of the revocation list Format DER biner dari daftar pencabutan vCalendar reminder for the CRL expiry date Pengingat vCalendar bagi tanggal kedaluwarsa CRL XCA template in PEM-like format Templat XCA dalam format mirip PEM All selected XCA templates in PEM-like format Semua templat XCA yang dipilih dalam format mirip PEM pki_key Successfully imported the %1 public key '%2' Sukses mengimpor kunci publik %1 '%2' Delete the %1 public key '%2'? Hapus kunci publik %1 '%2'? Successfully imported the %1 private key '%2' Sukses mengimpor kunci privat %1 '%2' Delete the %1 private key '%2'? Hapus kunci privat %1 '%2'? Successfully created the %1 private key '%2' Sukses membuat kunci privat %1 '%2' Delete the %1 keys: %2? Hapus kunci %1 '%2'? Public key Kunci publik Successfully imported the %1 public key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key Sukses mengimpor kunci publik %1 '%2' Delete the %n %1 public key(s) '%2'? %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal name(s) of the key(s) Hapus %n kunci publik %1 '%2'? Successfully imported the %1 private key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key Sukses mengimpor kunci privat %1 '%2' Delete the %n %1 private key(s) '%2'? %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal name(s) of the key(s) Hapus %n kunci privat %1 '%2'? Successfully created the %1 private key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key Sukses membuat kunci privat %1 '%2' Common Umum Private Privat Bogus Palsu PIN PIN No password Tidak ada kata sandi Unexpected SSH2 content: '%1' Konten SSH2 yang tidak diharapkan: '%1' Invalid SSH2 public key Kunci publik SSH2 yang tidak valid Failed writing to %1 Gagal menulis ke %1 pki_multi No known PEM encoded items found Tidak ditemukan butir terenkode PEM yang dikenal pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 Harap masukkan kata sandi untuk mendekripsi berkas PKCS#12: %1 Unable to load the PKCS#12 (pfx) file %1. Tidak bisa memuat berkas PKCS#12 (pfx) %1. The supplied password was wrong (%1) Kata sandi yang diberikan salah (%1) Please enter the password to encrypt the key of certificate '%1' in the PKCS#12 file: %2 Harap masukkan kata sandi untuk mengenkripsi kunci dari sertifikat '%1' dalam berkas PKCS#12: %2 Please enter the password to encrypt the PKCS#12 file Harap masukkan kata sandi untuk mengenkripsi berkas PKCS#12 No key or no Cert and no pkcs12 Tidak ada kunci atau tidak ada Sertifikat dan tidak ada pkcs12 pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. Tidak bisa memuat berkas PKCS#7 %1. Dicoba format PEM dan DER. pki_scard Successfully imported the token key '%1' Sukses mengimpor kunci token '%1' Delete the token key '%1'? Hapus kunci token '%1'? Successfully created the token key '%1' Sukses membuat kunci token '%1' Delete the %1 keys: %2? Hapus kunci %1 '%2'? Delete the %n token key(s): '%1'? Hapus %n kunci token: '%1'? Delete the private key '%1' from the token '%2 (#%3)' ? Hapus kunci privat '%1' dari token '%2 (#%3)'? This Key is already on the token Kunci ini sudah ada pada token PIN input aborted Masukan PIN digugurkan Unable to find copied key on the token Tidak bisa menemukan kunci yang disalin pada token Please insert card: %1 %2 [%3] with Serial: %4 Harap tancapkan kartu: %1 %2 [%3] dengan Serial: %4 Select Slot of %1 Pilih Slot dari %1 Unable to find generated key on card Tidak bisa menemukan kunci yang dibangkitkan pada kartu Ignoring unsupported token key Mengabaikan kunci token yang tidak didukung Wrong Size %1 Salah Ukuran %1 Token %1 Token %1 Failed to find the key on the token Gagal menemukan kunci pada token Invalid Pin for the token Pin yang tidak valid bagi token Failed to initialize the key on the token Gagal menginisialisasi kunci pada token pki_temp Successfully imported the XCA template '%1' Sukses mengimpor templat XCA '%1' Delete the XCA template '%1'? Hapus templat XCA '%1'? Successfully created the XCA template '%1' Sukses membuat templat XCA '%1' Delete the %1 XCA templates: %2? Hapus templat XCA %1: %2? Delete the %n XCA template(s): '%1'? Hapus %n templat XCA: '%1'? Wrong Size %1 Salah Ukuran %1 Template file content error (too small) Kesalahan konten berkas templat (terlalu kecil) Not a PEM encoded XCA Template Bukan suatu Templat XCA yang terenkode PEM Not an XCA Template, but '%1' Bukan suatu Templat XCA, tapi '%1' pki_x509 Successfully imported the certificate '%1' Sukses mengimpor sertifikat '%1' Delete the certificate '%1'? Hapus sertifikat '%1'? Successfully created the certificate '%1' Sukses membuat sertifikat '%1' Delete the %1 certificates: %2? Hapus sertifikat '%1': %2? Delete the %n certificate(s): '%1'? Hapus %n sertifikat: '%1'? Unable to load the certificate in file %1. Tried PEM and DER certificate. Tidak bisa memuat sertifikat dalam berkas %1. Dicoba sertifikat PEM dan DER. Invalid OpenVPN tls-auth key Kunci tls-auth OpenVPN tidak valid Failed to import tls-auth key Gagal mengimpor kunci tls-auth Same tls-auth key already stored for this CA Kunci tls-auth yang sama sudah disimpan bagi CA ini New tls-auth key successfully imported Kunci tls-auth baru sukses diimpor Existing tls-auth key successfully replaced Kunci tls-auth yang ada sukses digantikan This certificate is already on the security token Sertifikat ini sudah ada dalam token keamanan Delete the certificate '%1' from the token '%2 (#%3)'? Hapus sertifikat '%1' dari token '%2 (#%3)'? There is no key for signing ! Tidak ada kunci untuk penandatanganan ! Wrong Size %1 Salah Ukuran %1 No Tidak Yes Ya Renew certificate: %1 Perbarui sertifikat: %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' Sertifikat XCA '%1', diterbitkan pada %2 akan kedaluwarsa pada %3. Itu disimpan dalam basis data XCA '%4' pki_x509req Signing key not valid (public key) Kunci penandatanganan tidak valid (kunci publik) Successfully imported the %1 certificate request '%2' Sukses mengimpor permintaan sertifikat %1 '%2' Delete the %1 certificate request '%2'? Hapus permintaan sertifikat %1 '%2'? Successfully created the %1 certificate request '%2' Sukses membuat permintaan sertifikat %1 '%2' Delete the %1 certificate requests: %2? Hapus permintaan sertifikat %1: %2? Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. Tidak bisa memuat permintaan sertifikat dalam berkas %1. Dicoba format PEM, DER, dan SPKAC. Wrong Size %1 Salah Ukuran %1 Successfully imported the PKCS#10 certificate request '%1' Sukses mengimpor permintaan sertifikat PKCS#10 '%1' Delete the %n PKCS#10 certificate request(s): '%1'? Hapus %n permintaan sertifikat PKCS#10: '%1'? Successfully created the PKCS#10 certificate request '%1' Sukses membuat permintaan sertifikat PKCS#10 '%1' Signed Ditandatangani Unhandled Tidak tertangani v3ext Copy Common Name Salin Common Name Add Tambah Delete Hapus Apply Terapkan Validate Validasikan Cancel Batal An email address or 'copy' Suatu alamat surel atau 'copy' An email address Suatu alamat surel A registered ID: OBJECT IDENTIFIER A uniform resource indicator Suatu uniform resource indicator A DNS domain name or 'copycn' Suatu nama domain DNS atau 'copycn' A DNS domain name Suatu nama domain DNS An IP address Suatu alamat IP Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' Sintaks: <OID>;TYPE:teks seperti '1.2.3.4:UTF8:nama' No editing. Only 'copy' allowed here Tidak ada penyuntingan. Hanya 'copy' yang diizinkan di sini Validation failed: '%1' %2 Validasi gagal: '%1' %2 Validation successful: '%1' Validasi sukses: '%1' xcaWarning The following error occurred: Terjadi kesalahan berikut: Copy to Clipboard Salin ke Papan Klip xcaWarningGui Copy to Clipboard Salin ke Papan Klip xca-RELEASE.2.9.0/lang/xca_it.ts000066400000000000000000006301371477156507700161510ustar00rootroot00000000000000 CaProperties CA Properties Proprietà della CA Form Modulo Days until next CRL issuing Prossimo rilascio della CRL (giorni) Default template Modello predefinito CertDetail Details of the Certificate Dettagli del certificato Serial Seriale The serial number of the certificate Il numero di serie del certificato The internal name of the certificate in the database Nome interno del certificato nel database Status Stato Internal name Nome interno Signature Firma Key Chiave Fingerprints Fingerprints MD5 MD5 An md5 hashsum of the certificate Un hash MD5 del certificato SHA1 SHA1 A SHA-1 hashsum of the certificate Un hash SHA-1 del certificato SHA256 SHA256 A SHA-256 hashsum of the certificate Un hash SHA-256 del certificato Validity Validità The time since the certificate is valid Data/ora inizio validità The time until the certificate is valid Data/ora fine validità Subject Soggetto Issuer Emittente Extensions Estensioni Validation Convalida Purposes Scopi Strict RFC 5280 validation Convalida rigorosa RFC 5280 Comment Commento Attributes Attributi Show config Visualizza configurazione Show extensions Visualizza estensioni Show public key Visualizza chiave pubblica This key is not in the database. Chiave assente nel database. Not available Non disponibile No verification errors found. Nessun errore di verifica trovato. Signer unknown Firmatario sconosciuto Self signed Auto-firmato Revoked at %1 Revocato il %1 Revoked: Revocato: Not valid Non valido Valid Valido Details of the certificate signing request Dettagli della CSR (richiesta di firma certificato) CertExtend Certificate renewal Rinnovo certificato This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. Sarà creato un nuovo certificato come copia del precedente con un nuovo numero di serie e date di validità adattate. Validity Validità Not before Non prima Not after Non dopo Time range Intervallo di tempo Local time Ora locale Days Giorni Months Mesi Years Anni No well-defined expiration Scadenza non ben definita Midnight Mezzanotte Apply Applica Revoke old certificate Revoca vecchio certificato Replace old certificate Sostituisce vecchio certificato Keep serial number Mantieni numero di serie The certificate will be earlier valid than the signer. This is probably not what you want. La validità del certificato sarebbe antecedente a quella del firmatario. Questo probabilmente non è ciò che si desidera. Edit dates Modifica date Abort rollout Interrompi rilascio Continue rollout Continua rilascio Adjust date and continue Adatta la data e continua The certificate will be longer valid than the signer. This is probably not what you want. La validità del certificato sarebbe posteriore a quella del firmatario. Questo probabilmente non è ciò che si desidera. CertTreeView Hide unusable certificates Nascondi certificati inutilizzabili Import PKCS#12 Importa da PKCS#12 Import from PKCS#7 Importa da PKCS#7 Request Richiesta Security token Token di sicurezza Other token Altro token Similar Certificate Certificato simile Delete from Security token CA CA Properties Proprietà Generate CRL Genera CRL Manage revocations Gestisci revoche Import OpenVPN tls-auth key Importa chiave OpenVPN tls-auth Renewal Rinnovo Revoke Revoca Unrevoke Annulla revoca Plain View Visualizzazione semplice Tree View Visualizzazione ad albero days giorni No template Nessun modello CA Properties Proprietà della CA Certificate export Esportazione Certificato X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) Certificati x509 ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) vCalendar entry ( *.ics ) Voce vCalendar (*.ics) OpenVPN file ( *.ovpn ) File OpenVPN (*.ovpn) OpenVPN tls-auth key ( *.key ) Chiave OpenVPN tls-auth ( *.key ) ClickLabel Double click for details Doppio click per dettagli CrlDetail Details of the Revocation list Dettagli della lista di revoca (CRL) &Status &Stato Version Versione Signature Firma Signed by Firmato da Name Nome The internal name of the CRL in the database Nome interno della CRL nel database issuing dates Date di rilascio Next update Prossimo aggiornamento Last update Ultimo aggiornamento &Issuer &Emittente &Extensions &Estensioni &Revocation list &Lista di revoca Comment Commento Failed Fallito Unknown signer Firmatario sconosciuto Verification not possible Impossibile verificare CrlTreeView There are no CA certificates for CRL generation Non esistono certificati CA per generare la CRL Select CA certificate Seleziona un certificato CA Revocation list export Esportazione lista di revoca CRL ( *.pem *.der *.crl ) vCalendar entry ( *.ics ) Voce vCalendar (*.ics) ExportDialog Name Nome The internal name of the CRL in the database Nome interno della CRL nel database ... ... Filename Nome File Each Item in a separate file Ogni elemento in un file separato Same encryption password for all items Stessa password di crittografia per tutti Export comment into PEM file Esporta commento nel file PEM Export Format Formato di esportazione All files ( * ) Tutti i file (*) PEM Text format with headers Formato testo PEM con intestazioni Concatenated list of all selected items in one PEM text file Lista concatenata di tutti gli oggetti selezionati in un file di testo PEM Concatenated text format of the complete certificate chain in one PEM file Formato testo concatenato della catena di certificazione completa in un file PEM Concatenated text format of all certificates in one PEM file Formato testo concatenato di tutti i certificati in un file PEM Binary DER encoded file File in codifica DER binaria PKCS#7 encoded single certificate Singolo certificato con codifica PKCS#7 PKCS#7 encoded complete certificate chain Catena di certificazione completa con codifica PKCS#7 Concatenated text format of all unrevoked certificates in one PEM file Formato testo concatenato di tutti i certificati non revocati in un file PEM All unrevoked certificates encoded in one PKCS#7 file Tutti i certificati non revocati codificati in un file PKCS#7 All selected certificates encoded in one PKCS#7 file Tutti i certificati selezionati codificati in un file PKCS#7 All certificates encoded in one PKCS#7 file Tutti i certificati codificati in un file PKCS#7 The certificate and the private key as encrypted PKCS#12 file Certificato e chiave privata in un file PKCS#12 crittato The complete certificate chain and the private key as encrypted PKCS#12 file Catena di certificazione completa e chiave privata in un file PKCS#12 crittato Concatenation of the certificate and the unencrypted private key in one PEM file Certificato e chiave privata concatenati in chiaro in unico file con codifica PEM Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Certificato e chiave privata concatenati e crittati in unico file con codifica PKCS#8 Text format of the public key in one PEM file Chiave pubblica formato testo in unico file PEM Binary DER format of the public key Chiave pubblica formato DER binario Unencrypted private key in text format Chiave privata in chiaro in formato testo OpenSSL specific encrypted private key in text format Chiave privata crittata OpenSSL in formato testo Unencrypted private key in binary DER format Chiave privata in chiaro in formato DER binario Unencrypted private key in PKCS#8 text format Chiave privata in chiaro in formato testo PKCS#8 Encrypted private key in PKCS#8 text format Chiave privata crittata in formato testo PKCS#8 The public key encoded in SSH2 format Chiave pubblica codificata in formato SSH2 OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool File indice dei certificati in formato specifico OpenSSL come creato dal comando 'ca' e richiesto dallo strumento OCSP vCalendar expiry reminder for the selected items Promemoria scadenza in formato vCalendar per gli oggetti selezionati vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL Promemoria scadenza in formato vCalendar contenente tutti i certificati rilasciati e validi, la CA stessa e l'ultima CRL Private key in Microsoft PVK format not encrypted Chiave privata non crittata in formato Microsoft PVK Encrypted private key in Microsoft PVK format Chiave privata crittata in formato Microsoft PVK %n selected item(s) %n elemento selezionato %n elementi selezionati The file: '%1' already exists! Il file: '%1' esiste già! Overwrite Sovrascrivi Do not overwrite Non sovrascrivere The path: '%1' exist, but is not a file Il percorso: '%1' esiste, ma non è un file The path: '%1' exist, but is not a directory Il percorso: '%1' esiste, ma non è una directory The directory: '%1' does not exist. Should it be created? La directory: '%1' non esiste. Crearla? Create Crea Failed to create directory '%1' Impossibile creare la directory '%1' Directory Form last update ultimo aggiornamento next update prossimo aggiornamento Days Giorni Months Mesi Years Anni Apply Applica Midnight Mezzanotte Local time Ora locale No well-defined expiration Scadenza non ben definita Help << << >> >> &Done &Eseguito ImportMulti Import PKI Items Importazione oggetti PKI Import &All Importa &Tutto &Import &Importa &Done &Eseguito &Remove from list &Rimuovi dalla lista Details Dettagli Delete from token Elimina dal token Rename on token Rinomina nel token Name: %1 Model: %2 Serial: %3 Nome: %1 Modello: %2 Seriale: %3 Manage security token Gestisci token di sicurezza Details of the item '%1' cannot be shown Dettagli dell'elemento '%1' non possono essere mostrati The type of the item '%1' is not recognized Il tipo dell'elemento '%1' non è riconosciuto Could not open the default database Impossibile aprire il database di default The file '%1' did not contain PKI data Il file '%1' non contiene dati PKI The %1 files: '%2' did not contain PKI data I file %1: '%2' non contengono dati PKI ItemProperties Name Nome Source Sorgente Insertion date Data di inserimento Comment Commento KeyDetail Name Nome The internal name of the key used by xca Nome interno della chiave utilizzato da xca Security token Token di sicurezza Manufacturer Produttore Serial Seriale Key Chiave Public Exponent Esponente pubblico Keysize Dimensione della chiave Private Exponent Esponente privato Security Token Token di sicurezza Label Etichetta PKCS#11 ID ID PKCS#11 Token information Informazioni token Model Modello Fingerprint Fingerprint Comment Commento Details of the %1 key Dettagli della chiave %1 Not available Non disponibile Available Disponibile Sub prime Sub prime Public key Chiave pubblica Private key Chiave privata Curve name Nome della curva Unknown key Chiave sconosciuta KeyTreeView Clipboard format Formato degli appunti Change password Cambio password Reset password Reset della password Change PIN Cambio PIN Init PIN with SO PIN (PUK) Inizializza PIN con SO PIN (PUK) Change SO PIN (PUK) Modifica SO PIN (PUK) Security token Token di sicurezza This is not a token Questo non è un token Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable Si desidera che la chiave originale '%1' sia sostituita nel token? Ciò eliminerà la chiave '%1' e la renderà non esportabile Key export Esportazione chiave SSH Private Keys ( *.priv ) Chiavi Private SSH ( *.priv ) Microsoft PVK Keys ( *.pvk ) Chiavi PVK Microsoft ( *.pvk ) Export public key [%1] Esporta chiave pubblica [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Chiavi private ( *.pem *.der *.pk8 );; Chiavi pubbliche SSH ( *.pub );; MainWindow Private Keys Chiavi private &New Key &Nuova chiave &Export &Esporta &Import &Importa Import PFX (PKCS#12) Importa PFX (PKCS#12) &Show Details &Mostra dettagli &Delete &Elimina Certificate signing requests Richieste di firma certificato (CSR) &New Request &Nuova richiesta Certificates Certificati &New Certificate &Nuovo certificato Import &PKCS#12 Importa &PKCS#12 Import P&KCS#7 Importa P&KCS#7 Plain View Visualizzazione semplice Templates Modelli &New Template &Nuovo modello &New CRL &Nuova CRL Ch&ange Template Modific&a modello Revocation lists Liste di revoca Using or exporting private keys will not be possible without providing the correct password Utilizzo ed esportazione di chiavi private non consentito senza fornire la password corretta Database Database The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. L'hash predefinito corrente '%1' non è sicuro. Prego selezionare almeno SHA 244. Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Rilevato formato database obsoleto. Creo un copia di backup chiamata: '%1' e converto il database nel nuovo formato Failed to rename the database file, because the target already exists Impossibile rinominare il file database: nome destinazione già esistente No deleted items found Non trovati elementi cancellati Recent DataBases Database recenti System Sistema Croatian Croato English Inglese French Francese German Tedesco Japanese Giapponese Korean Russian Russo Slovak Slovacco Spanish Spagnolo Persian Persiano Bulgarian Bulgaro Polish Polacco Italian Italiano Chinese Cinese Dutch Olandese Portuguese in Brazil Portoghese brasiliano Indonesian Indonesiano Turkish Turco Language Lingua &File &File &New DataBase &Nuovo database &Open DataBase &Apri database Open Remote DataBase Apri database remoto Set as default DataBase Imposta come database predefinito &Close DataBase &Chiudi database New DataBase Nuovo database Open DataBase Apri database Close DataBase Chiudi database Options Opzioni Exit Esci I&mport I&mporta Keys Chiavi Requests Richieste PKCS#12 PKCS#12 PKCS#7 PKCS#7 Template Modello Revocation list Lista di revoca PEM file File PEM Paste PEM file Incolla file PEM Token Token Export Certificate &Index hierarchy &Esporta gerarchia degli indici certificati Content Contenuto &Token &Token &Manage Security token &Gestisci token di sicurezza &Init Security token &Inizializza token di sicurezza &Change PIN &Cambia PIN Change &SO PIN Cambia &SO PIN Init PIN Inizializza PIN Extra Extra &Dump DataBase &Database dump &Export Certificate Index &Esporta indice certificati &Export Certificate Index hierarchy &Esporta gerarchia degli indici certificati C&hange DataBase password C&ambia password del database &Undelete items Ann&ulla eliminazione elementi Generate DH parameter Genera parametro DH OID Resolver OID Resolver &Help &Help &Content &Contenuti About A proposito di no such option: %1 opzione inesistente: %1 Import PEM data Importa dati PEM Please enter the original SO PIN (PUK) of the token '%1' Prego inserire il SO PIN (PUK) originale del token '%1' Search Cerca Please enter the new SO PIN (PUK) for the token '%1' Prego inserire il nuovo SO PIN (PUK) del token '%1' The new label of the token '%1' La nuova etichetta del token '%1' The token '%1' did not contain any keys or certificates Il token '%1' non contiene nessuna chiave o certificato Retry with PIN Riprova con PIN Retry with SO PIN Riprova con SO PIN Current Password Password corrente Please enter the current database password Prego inserire la password corrente del database The entered password is wrong La password inserita non è corretta New Password Nuova password Please enter the new password to encrypt your private keys in the database-file Prego inserire la nuova password per crittare le chiavi private nel file di database Transaction start failed Fallito lo start della transazione Database: %1 The currently used PFX / PKCS#12 algorithm '%1' is insecure. L'algoritmo '%1' attualmmnte utilizzato per PFX / PKCS#12 non è sicuro. Change Cambia Please enter a password, that will be used to encrypt your private keys in the database: %1 Prego inserire una password che verrà utilizzata per crittare le chiavi private nel database: %1 Password verify error, please try again Errore di verifica password, prego riprovare Password Password Please enter the password for unlocking the database: %1 Prego inserire la password per sbloccare il database: %1 The following error occurred: Incontrato l'errore seguente: Copy to Clipboard Copia negli appunti Certificate Index ( index.txt ) Indice dei certificati ( index.txt ) All files ( * ) Tutti i file ( * ) Diffie-Hellman parameters saved as: %1 Parametri Diffie-Hellman salvati come: %1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits I parametri Diffie-Hellman sono necessari per varie applicazioni ma non sono gestiti da XCA. Prego inserire i bit dei parametri DH Error opening file: '%1': %2 Errore in apertura file: '%1': %2 NewCrl Last update Ultimo aggiornamento Next update Prossimo aggiornamento Days Giorni Months Mesi Years Anni Midnight Mezzanotte Local time Ora locale Apply Applica Options Opzioni CRL number Numero CRL Subject alternative name Nome alternativo soggetto Revocation reasons Motivi di revoca Authority key identifier Identificatore della chiave dell'Authority Hash algorithm Algoritmo di hash Create CRL Crea CRL NewKey Please give a name to the new key and select the desired keysize Prego dare un nome alla nuova chiave e selezionare la dimensione desiderata Key properties Proprietà della chiave Name Nome The internal name of the new key Nome interno della nuova chiave Curve name Nome della curva Usually at least 2048 bit keys are recommended Sono raccomandate chiavi almeno 2048 bit New Key Nuova chiave Keysize Dimensione chiave Keytype Tipo di chiave Remember as default Ricorda come predefinito Create Crea NewX509 Source Sorgente Signing request Richiesta di firma Show request Mostra richiesta Sign this Certificate signing &request Firma questa &richiesta di firma certificato (CSR) Copy extensions from the request Copia le estensioni dalla richiesta Modify subject of the request Modifica il soggetto della richiesta Signing Firma Create a &self signed certificate &Crea un certificato auto-firmato Use &this Certificate for signing Utilizza ques&to certificato per la firma All certificates in your database that can create valid signatures Tutti i certificati nel database che possono creare firme valide Signature algorithm Algoritmo di firma Template for the new certificate Modello per il nuovo certificato All available templates Tutti i modelli disponibili Apply extensions Applica le estensioni Apply subject Applica il soggetto Apply all Applica tutto Subject Soggetto Internal Name Nome interno Distinguished name Nome distinto Add Aggiungi Delete Elimina Private key Chiave privata This list only contains unused keys Questa lista contiene solo chiavi inutilizzate Used keys too Anche chiavi utilizzate &Generate a new key &Genera una nuova chiave Extensions Estensioni Type Tipo If this will become a CA certificate or not Se questo diventerà un certificato CA o no Not defined Non definito Certification Authority Autorità di certificazione End Entity Entità finale Path length Lunghezza del path How much CAs may be below this. Quante CA possono esistere sotto a questa. The basic constraints should always be critical I vincoli di base dovrebbero sempre essere 'critical' Key identifier Identificatore chiave Creates a hash of the key following the PKIX guidelines Crea un hash della chiave secondo le direttive PKIX Copy the Subject Key Identifier from the issuer Copia il campo Identificatore Chiave Soggetto dall'emittente Validity Validità Not before Non prima Not after Non dopo Time range Intervallo di tempo Days Giorni Months Mesi Years Anni Apply Applica Set the time to 00:00:00 and 23:59:59 respectively Imposta orario a 00:00:00 e 23:59:59 rispettivamente Midnight Mezzanotte Local time Ora locale No well-defined expiration Scadenza non definita DNS: IP: URI: email: RID: DNS: IP: URI: email: RID: Edit Modifica URI: URI: Key usage Utilizzo chiave Netscape Netscape Advanced Avanzate Validate Validazione Comment Commento This name is only used internally and does not appear in the resulting certificate Questo nome è utilizzato solo internamente e non compare nel certificato risultante Critical Critico Create Certificate signing request Crea una richiesta di firma certificato (CSR) minimum size: %1 dimensione minima: %1 maximum size: %1 dimensione massima: %1 only a-z A-Z 0-9 '()+,-./:=? solamente a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters solamente caratteri a 7-bit Edit XCA template Modifica modello XCA Create x509 Certificate Crea certificato x509 Template '%1' applied Applicato modello '%1' Subject applied from template '%1' Applicato soggetto da modello '%1' Extensions applied from template '%1' Applicate estensioni da modello '%1' New key '%1' created Creata nuova chiave '%1' Other Tabs Altre Tab Advanced Tab Tab avanzate Errors Errori From PKCS#10 request Dalla richiesta PKCS#10 Error Errore duplicate extensions duplica estensioni The Name Constraints are invalid Name Constraints non valido The Subject Alternative Name is invalid Il Nome alternativo del soggetto non è valido The Issuer Alternative Name is invalid Il Nome Alternativo dell'Emittente non è valido The CRL Distribution Point is invalid Punto di Distribuzione CRL non valido The Authority Information Access is invalid Informazioni di Accesso all'Authority non valide Abort rollout The following length restrictions of RFC3280 are violated: I seguenti vincoli di lunghezza dall'RFC3280 sono violati: Edit subject Modifica soggetto Continue rollout The verification of the Certificate request failed. The rollout should be aborted. La verifica della richiesta certificato è fallita. Il rollout dovrebbe essere abortito. Continue anyway Continua comunque The internal name and the common name are empty. Please set at least the internal name. I campi nome interno e nome comune sono vuoti. Prego definire almeno il nome interno. Edit name Modifica nome There is no Key selected for signing. Nessuna chiave selezionata per la firma. Select key selezione chiave The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. I seguenti campi "Distinguished name" sono vuoti: %1 nonostante siano stati dichiarati come obbligatori nel menu opzioni. The key you selected for signing is not a private one. La chiave selezionata per la firma non è una chiave privata. Select other signer Seleziona altro firmatario Select other key Seleziona altra chiave The currently selected hash algorithm '%1' is insecure and should not be used. L'algoritmo di hashing selezionato '%1' non è sicuro e non dovrebbe essere utilizzato. Select other algorithm Seleziona altro algoritmo Use algorithm anyway Utilizza comunque l'algoritmo The certificate will be earlier valid than the signer. This is probably not what you want. La validità del certificato sarebbe antecedente a quella del firmatario. Questo probabilmente non è ciò che si desidera. Edit dates Modifica date Adjust date and continue Aggiusta la data e continua The certificate will be longer valid than the signer. This is probably not what you want. La validità del certificato sarebbe posteriore a quella del firmatario. Questo probabilmente non è ciò che si desidera. The certificate will be out of date before it becomes valid. You most probably mixed up both dates. La data di scadenza del certificato è antecedente a quella di inizio validità. Probabilmente sono state scambiate. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. Il certificato contiene estensioni non valide o duplicate. Controllare la validazione nella linguetta "avanzate". The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. Il certificato non contiene estensioni. Puoi applicare le estensioni di uno dei modelli per definire lo scopo del certificato. The certificate contains invalid extensions. Il certificato contiene estesnsioni non valide. Edit extensions Modifica estensioni The subject alternative name shall contain a copy of the common name. However, the common name is empty. Il nome alternativo del soggetto sarà copiato dal nome comune. Tuttavia, il campo nome comune è vuoto. A name constraint of the issuer '%1' is violated: %2 Una restrizione sul nome dell'emittente '%1' è stata violata: %2 Configfile error on line %1 Errore nella linea %1 del file di configurazione OidResolver OID Resolver Enter the OID, the Nid, or one of the textual representations Inserire OID, Nid oppure una delle rappresentazioni testuali Search Ricerca OID OID Long name Nome completo OpenSSL internal ID ID interno OpenSSL Nid Nid Short name Nome breve OpenDb Open remote database Apri database remoto Database type Tipo di database Hostname Nome host Username Nome utente Password Database name Nome database Table prefix Prefisso tabelle No SqLite3 driver available. Please install the qt-sqlite package of your distribution Driver SqLite3 non disponibile. Prego installare il pacchetto qt-sqlite della distribuzione in uso Please enter the password to access the database server %2 as user '%1'. Prego inserire la password di accesso al database server %2 come utente: '%1'. The database driver does not support transactions. This may happen if the client and server have different versions. Continue with care. Il driver database non supporta le transazioni. Questo può succedere se il client e il server hanno versioni differenti. Continuare con attenzione. Options XCA Options Opzioni XCA Settings Impostazioni Default hash algorithm Algoritmo di hash predefinito String types Tipi di stringa Suppress success messages Sopprimi i messaggi di successo Don't colorize expired certificates Non colorare i certificati scaduti Translate established x509 terms (%1 -> %2) Traduci i termini x509 stabiliti (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. La funzionalità hash del token non è utilizzata da XCA. Può comunque onorare un ritretto insieme di hash propagati dal token. Nello specifico EC e DSA sono definiti solo con SHA1 nelle specifiche PKCS#11. Only use hashes supported by the token when signing with a token key Utilizzare solo hash supportati dal token quando si firma con una chiave del token Disable legacy Netscape extensions Disabilita estensioni Netscape obsolete PKCS12 encryption algorithm Algoritmo di crittografia PKCS12 Certificate expiry warning threshold Limite di avviso scdenza certificato Send vCalendar expiry reminder Spedisci promemoria scadenza in formato vCalendar Serial number length Lunghezza del numero di serie bit Distinguished name Mandatory subject entries Elementi obbligatori del soggetto Add Aggiungi Delete Elimina Explicit subject entries Elementi espliciti del soggetto Dynamically arrange explicit subject entries Sistemazione dinamica degli elementi espliciti del soggetto Default Predefinito PKCS#11 provider Provider PKCS#11 Remove Rimuovi Search Ricerca Printable string or UTF8 (default) Stringa stampabile o UTF8 (predefinito) PKIX recommendation in RFC2459 Raccomandazioni PKIX da RFC2459 No BMP strings, only printable and T61 No stringhe BMP, solo stampabili e T61 UTF8 strings only (RFC2459) Solo stringhe UTF8 (RFC2459) All strings Tutte le stringhe Days Giorni Weeks Settimane Load failed Caricamento fallito PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) La password è processata come sequenza di codici esadecimali a 2 cifre. Deve avere un numero pari di caratteri (0-9 e a-f) Take as HEX string Considera come stringa HEX Password Password Repeat %1 Ripeti %1 %1 mismatch %1 mancata corrispondenza Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters La password di tipo hex può contenere solo caratteri '0' -'9' e 'a' - 'f' in numero pari Exit Esci E&xit E&sci QMessageBox Close Chiudi Cancel Annulla Apply Applica Yes No No QObject Undefined Indefinito Broken / Invalid Non valido in %1 seconds entro %1 secondi %1 seconds ago %1 secondi fa in %1 minutes entro %1 minuti %1 minutes ago %1 minuti fa Yesterday Ieri Tomorrow Domani in %1 hours entro %1 ore %1 hours ago %1 ore fa DB: Rename: '%1' already in use DB: Rinomina: '%1' già in uso DB: Entry to rename not found: %1 DB: Elemento da rinominare non trovato: %1 DB: Write error %1 - %2 DB: Errore di scrittura %1 - %2 Out of data Dati esauriti Error finding endmarker of string Errore: non trovato marcatore di fine stringa Out of Memory at %1:%2 Memoria esaurita a %1:%2 Country code Codice paese State or Province Stato o provincia Locality Località Organisation Organizzazione Organisational unit Unità organizzativa Common name Nome comune E-Mail address Indirizzo e-mail Serial number Numero di serie Given name Nome Surname Cognome Title Titolo Initials Iniziali Description Descrizione Role Ruolo Pseudonym Pseudonimo Generation Qualifier Qualificatore di generazione x500 Unique Identifier Identificativo univoco x500 Name Nome DN Qualifier Qualificatore DN Unstructured name Nome non strutturato Challenge password Challenge password Basic Constraints Vincoli base Name Constraints Subject alternative name Nome alternativo soggetto issuer alternative name Nome alternativo emittente Subject key identifier Identificativo chiave soggetto Authority key identifier Identificativo chiave authority Key usage Utilizzo della chiave Extended key usage Utilizzo esteso della chiave CRL distribution points Punti di distribuzione CRL Authority information access Informazioni di accesso all'authority Certificate type Tipo di certificato Base URL URL base Revocation URL URL di revoca CA Revocation URL URL di revoca della CA Certificate renewal URL URL per rinnovo certificato CA policy URL URL delle policy CA SSL server name Nome server SSL Comment Commento All files ( * ) Tutti i file (*) PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK Keys ( *.pvk );; SSH Public Keys ( *.pub );; Chiavi PKI ( *.pem *.der *.key );; Chiavi PKCS#8 ( *.p8 *.pk8 );; Chiavi Microsoft PVK ( *.pvk );; Chiavi pubbliche SSH ( *.pub );; Import RSA key Importa chiave RSA PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; SSH Public Keys ( *.pub );; Chiavi PKI ( *.pem *.der *.key );; Chiavi PKCS#8 ( *.p8 *.pk8 );; Chiavi pubbliche SSH ( *.pub );; PKCS#10 CSR ( *.pem *.der *.csr );; Import Request Importa richiesta Certificates ( *.pem *.der *.crt *.cer );; Certificati ( *.pem *.der *.crt *.cer );; Import X.509 Certificate Importa certificato x509 PKCS#7 data ( *.p7s *.p7m *.p7b );; Dati PKCS#7 ( *.p7s *.p7m *.p7b );; Import PKCS#7 Certificates Importa certificati PKCS#7 PKCS#12 Certificates ( *.p12 *.pfx );; Certificati PKCS#12 ( *.p12 *.pfx );; Import PKCS#12 Private Certificate Importa certificato privato PKCS#12 XCA templates ( *.xca );; Modelli XCA ( *.xca );; Import XCA Templates Importa modelli XCA Revocation lists ( *.pem *.der *.crl );; Liste di revoca ( *.pem *.der *.crl );; Import Certificate Revocation List Importa liste di revoca certificati (CRL) XCA Databases ( *.xdb );; Database XCA ( *.xdb );; Open XCA Database Apri database XCA OpenVPN tls-auth key ( *.key );; Chiave OpenVPN tls-auth ( *.key );; Import OpenVPN tls-auth key Importa chiave OpenVPN tls-auth PKCS#11 library ( *.dll );; Libreria PKCS#11 ( *.dll );; PKCS#11 library ( *.dylib *.so );; Libreria PKCS#11 ( *.dylib *.so );; PKCS#11 library ( *.so );; Libreria PKCS#11 ( *.so );; Open PKCS#11 shared library Apri libreria condivisa PKCS#11 PEM files ( *.pem );; File PEM ( *.pem );; Load PEM encoded file Carica file codificato PEM Please enter the PIN on the PinPad Prego inserire il PIN nella PinPad Please enter the SO PIN (PUK) of the token %1 Prego inserire il SO PIN (PUK) del token %1 Please enter the PIN of the token %1 Prego inserire il PIN del token %1 No Security token found Nessun token di sicurezza trovato Select Seleziona Please enter the new SO PIN (PUK) for the token: '%1' Prego inserire il nuovo SO PIN (PUK) del token: '%1' Please enter the new PIN for the token: '%1' Prego inserire il nuovo PIN del token: '%1' Required PIN size: %1 - %2 Dimensione PIN richiesta: %1 - %2 Failed to open PKCS11 library: %1 Impossibile aprire libreria PKCS#11: %1 Invalid filename: %1 Nome file non valido: %1 Failed to open PKCS11 library: %1: %2 Impossibile aprire libreria PKCS#11: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Questo non sembra essere una libreria PKCS#11. Simbolo 'C_GetFunctionList' non trovato. Disabled Disabilitato Library loading failed Impossibile caricare libreria PKCS#11 function '%1' failed: %2 Funzione PKCS#11 '%1' fallita: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 Funzione PKCS#11 '%1' fallita: %2 nella libreria %3 %4 Invalid Non valido %1 is shorter than %2 bytes: '%3' %1 è minore di %2 bytes: '%3' %1 is longer than %2 bytes: '%3' %1 è maggiore di %2 bytes: '%3' String '%1' for '%2' contains invalid characters La stringa '%1' per '%2' contiene caratteri non validi Error reading config file %1 at line %2 Errore nella lettura del file di configurazione %1 alla linea %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. L'oggetto '%1' nel file %2 alla linea %3 è già conosciuto come '%4:%5:%6' e dovrebbe essere rimosso. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. L'identificativo '%1' per l'OID %2 nel file %3 alla linea %4 è già utilizzato per un OID differente come '%5:%6:%7' e dovrebbe essere modificato per evitare conflitti. Unknown object '%1' in file %2 line %3 Oggetto sconosciuto '%1' nel file %2 linea %3 Failed to start a database transaction Impossibile iniziare una transazione database Index file written to '%1' File indice scritto in '%1' Index hierarchy written to '%1' Gerarchia indici scritta in '%1' Unknown key type %1 Tipo di chiave '%1' sconosciuto Failed to write PEM data to '%1' Impossibile scrivere i dati PEM su '%1' Password verify error, please try again Errore di verifica password, prego riprovare The following error occurred: Incontrato l'errore seguente: Failed to update the database schema to the current version Impossibile aggiornare lo schema del database alll versione corrente Password Password insecure non sicuro ReqTreeView Sign Firma Unmark signed Marca non firmato Mark signed Marca firmato Similar Request Richiesta simile Certificate request export Esportazione richiesta certificato Certificate request ( *.pem *.der *.csr ) Richiesta certificato ( *.pem *.der *.csr ) RevocationList Manage revocations Gestisci revoche Add Aggiungi Delete Elimina Edit Modifica No. Num. Serial Seriale Revocation Revoca Reason Motivo Invalidation Annullamento Generate CRL Genera CRL Revoke Certificate revocation Revoca certificato Revocation details Dettagli della revoca Revocation reason Motivo della revoca Local time Ora locale Invalid since Non valido dal Serial Seriale SearchPkcs11 Directory ... Include subdirectories Includi le subdirectory Search Ricerca The following files are possible PKCS#11 libraries I seguenti file potrebbero essere librerie PKCS#11 SelectToken Security token Token di sicurezza Please select the security token Prego selezionare il token di sicurezza TempTreeView Duplicate Duplica Create certificate Crea certificato Create request Crea richiesta copy Copia Preset Template values Valori modello predefiniti Template export Esportazione modello XCA Templates ( *.xca ) Modelli XCA ( *.xca ) TrustState Certificate trust Attendibilità certificato Trustment Attendibilità &Never trust this certificate &Non fidarti mai di questo certificato Only &trust this certificate, if we trust the signer Fidati di ques&to certificato, solo se il firmatario è fidato &Always trust this certificate Fid&ati sempre di questo certificato Validity yyyy-MM-dd hh:mm dd-MM-yyyy hh:mm X509SuperTreeView OpenSSL config Configurazione OpenSSL Transform Trasforma Template Modello Public key Chiave pubblica Save as OpenSSL config Salva come configurazione OpenSSL Config files ( *.conf *.cnf);; All files ( * ) File di configurazione ( *.conf *.cnf);; Tutti i file ( * ) XFile Error opening file: '%1': %2 Errore in apertura file: '%1': %2 Error rewinding file: '%1': %2 Errore in riavvolgimento file: '%1': %2 XcaDetail Import Importa XcaTreeView Item properties Proprietà elemento Subject entries Elementi del soggetto X509v3 Extensions Estensioni X509v3 Netscape extensions Estensioni Netscape Key properties Proprietà della chiave Reset Reimposta Hide Column Nascondi colonna Details DettagliDettagli Columns Colonne Export Password Password di esportazione Please enter the password to encrypt all %n exported private key(s) in: %1 Singular form for 0 or 1 item can be ignored. Will always be called with n >= 2 Prego inserire la password per crittare la chiave privata esportata in: %1 Prego inserire la password per crittare tutte le %n chiavi private esportate in: %1 New Nuovo Import Importa Paste PEM data Incolla dati PEM Rename Rinomina Properties Proprietà Delete Elimina Export Esporta Clipboard Appunti File File Clipboard format Formato degli appunti database_model Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Rilevato formato database obsoleto. Creo un copia di backup chiamata: '%1' e converto il database nel nuovo formato Failed to rename the database file, because the target already exists Impossibile rinominare il file database: nome destinazione già esistente Please enter the password to access the database server %2 as user '%1'. Prego inserire la password di accesso al database server %2 come utente: '%1'. Unable to create '%1': %2 Impossibile creare '%1': %2 The file '%1' is not an XCA database Il file '%1' non è un database XCA No SqLite3 driver available. Please install the qt-sqlite package of your distribution Driver SqLite3 non disponibile. Prego installare il pacchetto qt-sqlite della distribuzione in uso New Password Nuova password Please enter a password, that will be used to encrypt your private keys in the database: %1 Prego inserire una password che verrà utilizzata per crittare le chiavi private nel database: %1 Password Password Please enter the password for unlocking the database: %1 Prego inserire la password per sbloccare il database: %1 db_base Error opening file: '%1': %2 Errore in apertura file: '%1': %2 Internal name Nome interno No. Primary key Chiave primaria Database unique number Numero univoco database Date Data Date of creation or insertion Data di creazione o inserimento Source Sorgente Generated, Imported, Transformed Generato, importato, trasformato Comment Commento First line of the comment field Prima linea del campo commento Import from: %1 Importa da: %1 Could not create directory %1 Impossibile creare la directory %1 Item properties Proprietà elemento How to export the %1 selected items Come esportare l'elemento selezionato %1 All in one PEM file Tutto in un unico file PEM Each item in one file Ciascun elemento in un singolo file Save %1 items in one file as Salva gli elementi %1 in un singolo file come PEM files ( *.pem );; All files ( * ) File PEM ( *.pem );; Tutti i file ( * ) db_crl Signer Firmatario Internal name of the signer Nome interno del firmatario No. revoked N. Revocati Number of revoked certificates Numero di certificati revocati Last update Ultimo aggiornamento Next update Prossimo aggiornamento CRL number Numero CRL The revocation list already exists in the database as: '%1' and so it was not imported La lista di revoca esiste già nel database come: '%1' quindi non è stata importata Revocation list export Esportazione lista di revoca There are no CA certificates for CRL generation Non esistono certificati CA per generare la CRL Select CA certificate Seleziona un certificato CA Create CRL Crea CRL Failed to initiate DB transaction Inizializzazione transazione DB fallita Database error: %1 Errore database: %1 Database error: Errore database: db_key Type Tipo Size Dimensione EC Group Gruppo EC Use Utilizzo Password Password The key is already in the database as: '%1' and is not going to be imported La chiave esiste già nel DB com: '%1' e non verrà importata The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key Il DB contiene già la parte pubblica della chiave importata come '%1 e sarà completata con la nuova parte privata della chiave Extending public key from %1 by imported key '%2' Estensione chiave pubblica da %1 per mezzo della chiave importata '%2' Key size too small ! Dimensione della chiave troppo piccola ! You are sure to create a key of the size: %1 ? Siete sicuri di voler creare una chiave di dimensione: %1 ? PEM public PEM pubblica SSH2 public SSH2 pubblica PEM private PEM privata SSH2 private SSH2 privata Export keys to Clipboard Esporta chiavi negli appunti Clipboard Appunti Export public key [%1] Esporta chiave pubblica [%1] DER public DER pubblica DER private DER privata PEM encryped PEM crittata PVK private PVK privata PVK encrypted PVK crittata PKCS#8 encrypted PKCS#8 crittata Export private key [%1] Esporta chiave privata [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Chiavi private ( *.pem *.der *.pk8 );; Chiavi pubbliche SSH ( *.pub );; Internal error Errore interno Internal key update: The keys: %1 must be updated once by resetting and setting its private password Aggiornamento chiave interno: la chiave: %1 deve essere aggiornata annullando e reinserendo la password privata Tried to change password of a token Si è tentato di cambiare la password di un token db_temp Bad template: %1 Modello errato: %1 Empty template Modello vuoto Preset Template values Valori modello predefiniti Save template as Salva modello come XCA templates ( *.xca );; All files ( * ) Modelli XCA ( *.xca );; Tutti i file ( * ) db_x509 CA CA reflects the basic Constraints extension riflette le estensioni vincolo di base Serial Seriale Start date Data di inizio Expiry date Data di scadenza MD5 fingerprint SHA1 fingerprint SHA256 fingerprint Not before Non prima Not after Non dopo Revocation Revoca CRL Expiration Scadenza CRL Plain View Visualizzazione semplice Tree View Visualizzazione ad albero Failed to retrieve unique random serial Impossibile reperire un seriale univoco casuale The certificate already exists in the database as: '%1' and so it was not imported Il certificato esiste già nel database come: '%1' pertanto non è stato importato Signed on %1 by '%2' Firmato su %1 da '%2' Unknown Sconosciuto Invalid public key Chiave pubblica non valida PKCS#7 unrevoked PKCS#7 annullata revoca PEM unrevoked PEM annullata revoca vCalendar vCalendar CA vCalendar CA vCalendar X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) Certificati x509 ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) days giorni No template Nessun modello The key you selected for signing is not a private one. La chiave selezionata per la firma non è una chiave privata. Failed to create directory '%1' Impossibile creare la directory %1 Store the certificate to the key on the token '%1 (#%2)' ? Salvare il certificato nella chiave sul token '%1 (#%2)' ? PEM chain Catena PEM PKCS#7 chain Catena PKCS#7 PKCS#12 chain Catena PKCS#12 PKCS#7 all PKCS#7 tutto PEM + key PEM + chiave PEM all PEM tutto Certificate Index file File indice certificati Certificate export Esportazione Certificato X509 Certificates ( *.pem *.cer *.crt *.p12 *.p7b ) Certificati x509 ( *.pem *.cer *.crt *.p12 *.p7b ) There was no key found for the Certificate: '%1' Nessuna chiave trovata per il certificato: '%1' Not possible for a token key: '%1' Impossibile per una chiave token: '%1' Error opening file: '%1': %2 Errore in apertura file: '%1': %2 Not possible for the token-key Certificate '%1' Impossibile per il certificato chiave token: '%1' days giorni db_x509name Subject Soggetto Complete distinguished name Distinguished name completo Subject hash Hash del soggetto Hash to lookup certs in directories Hash per ricerca certificati nelle directory db_x509req Signed Firmato whether the request is already signed or not se la richiesta è già firmata o meno Unstructured name Nome non strutturato Challenge password Challenge password Certificate count Numero certificati Number of certificates in the database with the same public key Numero certificati nel database con la stessa chiave pubblica The certificate signing request already exists in the database as '%1' and thus was not stored La richiesta di firma certificato esiste già nel database come '%1' pertanto non è stata salvata Certificate request export Esportazione richiesta certificato Certificate request ( *.pem *.der *.csr ) Richiesta certificato ( *.pem *.der *.csr ) db_x509super Key name Nome chiave Internal name of the key Nome interno della chiave Signature algorithm Algoritmo di firma Key type Tipo di chiave Key size Dimensione della chiave EC Group Gruppo EC Extracted from %1 '%2' Estratto da %1 '%2' Certificate Certificato Certificate request Richiesta certificato Save as OpenSSL config Salva come configurazione OpenSSL Config files ( *.conf *.cnf);; All files ( * ) File di configurazione ( *.conf *.cnf);; Tutti i file ( * ) The following extensions were not ported into the template Le seguenti estensioni non erano state portate nel modello Transformed from %1 '%2' Trasformato da %1 '%2' kvView Type Tipo Content Contenuto pass_info Password Password PIN PIN pkcs11_lib Failed to open PKCS11 library: %1: %2 Impossibile aprire libreria PKCS#11: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Questo non sembra essere una libreria PKCS#11. Simbolo 'C_GetFunctionList' non trovato. pki_base Error opening file: '%1': %2 Errore in apertura file: '%1': %2 Error writing to file: '%1': %2 Errore scrittura file: '%1': %2 Unknown Sconosciuto Imported Importato Generated Generato Transformed Trasformato Token Token Legacy Database Database obsoleto Renewed Rinnovato Property '%1' not listed in 'pki_base::print' Proprieà '%1' non prevista in 'pki_base::print' Internal error: Unexpected message: %1 %2 Errore interno: Messaggio inaspettato: %1 %2 pki_crl Successfully imported the revocation list '%1' Lista di revoca '%1' importata correttamente Delete the revocation list '%1'? Elimino la lista di revoca '%1'? Successfully created the revocation list '%1' Lista di revoca '%1' creata correttamente Delete the %1 revocation lists: %2? Elimino la lista di revoca %1: '%2'? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. Impossibile caricare la lista di revoca dal file %1. Tentati i formati PEM e DER. No issuer given Non è stato fornito l'emittente Wrong Size %1 Dimensione non corretta %1 Delete the %n revocation list(s): '%1'? Eliminare la lista di revoca: '%1'? Eliminare le %n liste di revoca: '%1'? CRL Renewal of CA '%1' due Rinnovo CRL della CA '%1' scaduto The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' L'ultima CRL rilasciata dalla CA '%1' scadrà il %2. Si trova nel database XCA '%3' The XCA CRL '%1', issued on %3 will expire on %4. It is stored in the XCA database '%5' La CRL XCA '%1', rilasciata il %3 scadrà il %4. Si trova nel database XCA '%5' unknown Sconosciuto Renew CRL: %1 Rinnova CRL: %1 The XCA CRL '%1', issued by the CA '%2' on %3 will expire on %4. It is stored in the XCA database '%5' La CRL XCA '%1', rilasciata dalla CA '%2' il %3, scadrà il %4. E' mantenuta nel database XCA '%5' pki_evp Failed to decrypt the key (bad password) Impossibile decrittare la chiave (password errata) Failed to decrypt the key (bad password) %1 Impossibile decrittare la chiave (password errata) %1 Please enter the password to decrypt the private key. Prego inserire la password per decrittare la chiave privata. Please enter the password to decrypt the private key %1. Prego inserire la password per decrittare la chiave privata %1. The key from file '%1' is incomplete or inconsistent. La chiave nel file '%1' è incompleta o inconsistente. Please enter the password to decrypt the private key from file: %1 Prego inserire la password per decrittare la chiave privata dal file: %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. Impossibile caricare la chiave privata nel file %1. Tentativi con i formati PEM e DER privati, pubblici, tipi chiave PKCS#8 e formato SSH2. Ignoring unsupported private key Ignorata chiave privata non supportata Please enter the password to decrypt the private key: '%1' Prego inserire la password per decrittare la chiave privata: '%1' Password input aborted Inserimento password abortito Please enter the database password for decrypting the key '%1' Prego inserire la password del database per decrittare la chiave: '%1' Decryption of private key '%1' failed Fallita decrittazione della chiave privata '%1' Please enter the password to protect the private key: '%1' Prego inserire la password per proteggere la chiave privata: '%1' Please enter the database password for encrypting the key Prego inserire la password del database per crittare la chiave Please enter the password to protect the PKCS#8 key '%1' in file: %2 Prego inserire la password per proteggere la chiave PKCS#8 '%1' nel file: %2 Please enter the password to protect the private key '%1' in file: %2 Prego inserire la password per proteggere la chiave privata: '%1' nel file: %2 Please enter the password protecting the PKCS#8 key '%1' Prego inserire la password della chiave PKCS#8 '%1' Please enter the password protecting the Microsoft PVK key '%1' Prego inserire la password che protegge la chiave Microsoft PVK '%1' Please enter the export password for the private key '%1' Prego inserire la password per esportare la chiave privata: '%1' pki_export PEM Text format with headers Formato testo PEM con intestazioni Concatenated list of all selected items in one PEM text file Lista concatenata di tutti gli oggetti selezionati in un file di testo PEM PEM selected PEM selezionato Concatenated list of all selected certificates in one PEM text file Lista concatenata di tutti i certificati selezionati in un sigolo file di testo PEM PEM chain Catena PEM Concatenated text format of the complete certificate chain in one PEM file Formato testo concatenato della catena di certificazione completa in un file PEM The complete certificate chain and the private key of the selected certificate with tags usable in OpenVPN configuration files La catena di certificazione completa e la chiave privata del certificato selezionato con annotazioni utilizzabili nei file di configurazione di OpenVPN PEM + key PEM + chiave Concatenation of the certificate and the unencrypted private key in one PEM file Certificato e chiave privata concatenati in chiaro in unico file con codifica PEM Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Certificato e chiave privata concatenati e crittati in unico file con codifica PKCS#8 All unusable Tutti gli inutilizzabili Concatenation of all expired or revoked certificates in one PEM file Concatenazione di tutti i certificati scaduti o revocati in un singolo file PEM PKCS#7 encoded single certificate Singolo certificato con codifica PKCS#7 All selected certificates encoded in one PKCS#7 file Tutti i certificati selezionati codificati in un file PKCS#7 PKCS #7 chain Catena PKCS#7 PKCS#7 encoded complete certificate chain Catena di certificazione completa con codifica PKCS#7 PKCS #7 unusable PKCS #7 inutilizzabili PKCS#7 encoded collection of all expired or revoked certificates Raccolta in codifica PKCS#7 di tutti i certificati scaduti o revocati Binary DER encoded certificate Certificato in codifica DER binaria PKCS #12 chain Catena PKCS#12 The complete certificate chain and the private key as encrypted PKCS#12 file Catena di certificazione completa e chiave privata in un file PKCS#12 crittato PKCS #12 PKCS#12 The certificate and the private key as encrypted PKCS#12 file Certificato e chiave privata in un file PKCS#12 crittato Certificate Index file File indice certificati OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool File indice dei certificati in formato specifico OpenSSL come creato dal comando 'ca' e richiesto dallo strumento OCSP vCalendar vCalendar vCalendar expiry reminder for the selected items Promemoria scadenza in formato vCalendar per gli oggetti selezionati CA vCalendar CA vCalendar vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL Promemoria scadenza in formato vCalendar contenente tutti i certificati rilasciati e validi, la CA stessa e l'ultima CRL OpenSSL config Configurazione OpenSSL OpenSSL configuration file to create a certificate or request with the openssl commandline tool File di configurazione OpenSSL per creare un certificato o una richiesta con il tool a linea di comando openssl OpenVPN tls-auth key Chiave OpenVPN tls-auth The OpenVPN tls-auth key is a secret key shared between endpoints La chiave Chiave OpenVPN tls-auth è una chiave segreta condivisa fra gli endpoint JSON Web Kit The public key of the certificate in JSON Web Kit format with X.509 Certificate Thumbprint (x5t) La chiave pubblica del certificato nel formato JSON Web Kit con identificazione digitale del certificato X509 (x5t) JSON Web Kit chain Catena JSON Web Kit The public key of the certificate in JSON Web Kit format with X.509 Certificate Thumbprint (x5t) and certificate chain (x5c) La chiave pubblica del certificato nel formato JSON Web Kit con identificazione digitale del certificato X509 (x5t) e catena di certificazione (x5c) PEM public PEM pubblica Text format of the public key in one PEM file Chiave pubblica formato testo in unico file PEM PEM private PEM privata Unencrypted private key in text format Chiave privata in chiaro in formato testo PEM encrypted PEM crittata OpenSSL specific encrypted private key in text format Chiave privata crittata OpenSSL in formato testo SSH2 private SSH2 privata SSH2 public SSH2 pubblica The public key encoded in SSH2 format Chiave pubblica codificata in formato SSH2 DER public DER pubblica Binary DER format of the public key Chiave pubblica formato DER binario DER private DER privata Unencrypted private key in binary DER format Chiave privata in chiaro in formato DER binario PVK private PVK privata Private key in Microsoft PVK format not encrypted Chiave privata non crittata in formato Microsoft PVK XCA template in PEM-like format. Templates include the internal name and comment Modello XCA in formato simile a PEM. I modelli includono il nome interno e i commenti All selected XCA templates in PEM-like format. Templates include the internal name and comment Tutti i modelli XCA selezionati in formato simile a PEM. I modelli includono il nome interno e i commenti PVK encrypted PVK crittata Encrypted private key in Microsoft PVK format Chiave privata crittata in formato Microsoft PVK PKCS #8 encrypted PKCS#8 crittata Encrypted private key in PKCS#8 text format Chiave privata crittata in formato testo PKCS#8 PKCS #8 PKCS #8 Unencrypted private key in PKCS#8 text format Chiave privata in chiaro in formato testo PKCS#8 JSON Web Key private JSON Web Key privata Unencrypted private key in JSON Web Key format Chiave privata in chiaro in formato JSON Web Key JSON Web Key public JSON Web Key pubblica Public key in JSON Web Key format Chiave pubblica formato JSON Web Key Binary DER format of the certificate request Richiesta certificato in formato DER binario Binary DER format of the revocation list Lista di revoca in formato DER binario vCalendar reminder for the CRL expiry date Promemoria data di scadenza della CRL in formato vCalendar XCA template in PEM-like format Modello XCA in fortmato PEM-like All selected XCA templates in PEM-like format Tutti i modelli XCA in formato PEM-like selezionati pki_key Successfully imported the %1 public key '%2' Chiave pubblica '%2' di %1 importata correttamente Delete the %1 public key '%2'? Elimina chiave pubblica '%2' di %1? Successfully imported the %1 private key '%2' Chiave privata '%2' di %1 importata correttamente Delete the %1 private key '%2'? Elimina chiave privata '%2' di %1? Successfully created the %1 private key '%2' Chiave privata '%2' di %1 creata correttamente Delete the %1 keys: %2? Eliminare le chiavi di %1: %2? Public key Chiave pubblica Successfully imported the %1 public key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key Importata con successo la chiave pubblica %1 '%2' Delete the %n %1 public key(s) '%2'? %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal name(s) of the key(s) Eliminare la chiave pubblica %1 '%2'? Eliminare le %n chiavi pubbliche %1 '%2'? Successfully imported the %1 private key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key Importata con successo la chiave privata %1 '%2' Delete the %n %1 private key(s) '%2'? %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal name(s) of the key(s) Eliminare la chiave privata %1 '%2'? Eliminare le %n chiavi private %1 '%2'? Successfully created the %1 private key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key Creata con successo la chiave privata %1 '%2' Common Comune Private Privata Bogus Fasullo PIN PIN No password Nessuna password Unexpected SSH2 content: '%1' Contenuto SSH2 non previsto: '%1' Invalid SSH2 public key Chiave pubblica SSH2 non valida Failed writing to %1 Errore scrittura su %1 pki_multi No known PEM encoded items found Non trovato nessun elemento codificato PEM pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 Prego inserire la password per decrittare il file PKCS#12: %1 Unable to load the PKCS#12 (pfx) file %1. Impossibile caricare il file PKCS#12 (pfx) %1. The supplied password was wrong (%1) La password fornita non è corretta (%1) Please enter the password to encrypt the key of certificate '%1' in the PKCS#12 file: %2 Prego inserire la password per crittare la chiave del certificato '%1' nel file PKCS#12: %2 Please enter the password to encrypt the PKCS#12 file Prego inserire la password per crittare il file PKCS#12 No key or no Cert and no pkcs12 Nessuna chiave o nessun certificato e nessun pkcs12 pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. Impossibile caricare il file PKCS#7 %1. Tentati i formati PEM e DER. pki_scard Successfully imported the token key '%1' Chiave token '%1' importata correttamente Delete the token key '%1'? Elimina chiave token '%1'? Successfully created the token key '%1' Chiave token '%1' creata correttamente Delete the %1 keys: %2? Eliminare le chiavi di %1: %2? Delete the %n token key(s): '%1'? Eliminare la chiave del token: '%1'? Eliminare le %n chiavi dei token: '%1'? Delete the private key '%1' from the token '%2 (#%3)' ? Eliminare la chiave privata '%1' dal token '%2 (#%3)' ? This Key is already on the token Questa chiave è già sul token PIN input aborted Inserimento PIN abortito Unable to find copied key on the token Impossibile trovare la chiave copiata sul token Please insert card: %1 %2 [%3] with Serial: %4 Prego inserire la card: %1 %2 [%3] con Seriale: %4 Select Slot of %1 Seleziona lo Slot di %1 Public Key mismatch. Please re-import card Differenza di chiave pubblica. Prego re-importare la card Illegal Key generation method Metodo non previsto per la generazione della chiave Unable to find generated key on card Impossibile trovare la chiave generata sulla card Ignoring unsupported token key Ignorata chiave token non supportata Wrong Size %1 Dimensione non corretta %1 Token %1 Token %1 Failed to find the key on the token Impossibile trovare la chiave sul token Invalid Pin for the token PIN per il token non valido Failed to initialize the key on the token Impossibile inizializzare la chiave sul token pki_temp Successfully imported the XCA template '%1' Modello XCA '%1' importato correttamente Delete the XCA template '%1'? Eliminare modello XCA '%1'? Successfully created the XCA template '%1' Modello XCA '%1' creato correttamente Delete the %1 XCA templates: %2? Eliminare il modello XCA %1: '%2'? Delete the %n XCA template(s): '%1'? Eliminare modello XCA: '%1'? Eliminare i %n modelli XCA: '%1'? Wrong Size %1 Dimensione non corretta %1 Template file content error (too small) Errore contenuto del file del modello (troppo piccolo) Template file content error (too small): %1 Errore contenuto del file del modello (troppo piccolo): %1 Not a PEM encoded XCA Template Non è un modello XCA con codifica PEM Not an XCA Template, but '%1' Non è un modello XCA, ma '%1' pki_x509 Successfully imported the certificate '%1' Certificato '%1' importato correttamente Delete the certificate '%1'? Eliminare certificato '%1'? Successfully created the certificate '%1' Certificato '%1' creato correttamente Delete the %1 certificates: %2? Eliminare i certificati %1: '%2'? Delete the %n certificate(s): '%1'? Eliminare certificato: '%1'? Eliminare %n certificati: '%1'? Unable to load the certificate in file %1. Tried PEM and DER certificate. Impossibile caricare il certificato dal file %1. Tentati i formati PEM e DER. Invalid OpenVPN tls-auth key Chiave OpenVPN tls-auth non valida Failed to import tls-auth key Impossibile importare la chiave tls-auth Same tls-auth key already stored for this CA La stessa chiave tls-auth è già registrata per questa CA New tls-auth key successfully imported Nuova chiave tls-auth importata correttamente Existing tls-auth key successfully replaced Chiave tls-auth esistente sostituita correttamente This certificate is already on the security token Questo certificato si trova già sul token Delete the certificate '%1' from the token '%2 (#%3)'? Eliminare il certificato '%1' dal token '%2 (#%3)'? There is no key for signing ! Nessuna chiave per la firma ! Wrong Size %1 Dimensione non corretta %1 No No Yes Renew certificate: %1 Rinnovo certificato: %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' Il certificato XCA '%1', rilasciato il %2, scadrà il %3. E' mantenuto nel database XCA '%4' CRL Renewal of CA '%1' due Rinnovo CRL della CA '%1' scaduto The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' L'ultima CRL rilasciata dalla CA '%1' scadrà il %2. E' mantenuta nel database XCA '%3' pki_x509req Signing key not valid (public key) Chiave per la firma non valida (chiave pubblica) Successfully imported the %1 certificate request '%2' Richiesta certificato %1 '%2' importata correttamente Delete the %1 certificate request '%2'? Eliminare la richiesta certificato %1 '%2'? Successfully created the %1 certificate request '%2' Richiesta certificato %1 '%2' creata correttamente Delete the %1 certificate requests: %2? Eliminare la richiesta certificato %1: %2? Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. Impossibile caricare la richiesta certificato dal file %1. Tentati i formati PEM, DER e SPKAC. Wrong Size %1 Dimensione non corretta %1 Successfully imported the PKCS#10 certificate request '%1' Richiesta certificato PKCS#10 '%1' importata correttamente Delete the %n PKCS#10 certificate request(s): '%1'? Eliminare la richiesta certificato PKCS#10: '%1'? Eliminare le %n richieste certificato PKCS#10: '%1'? Successfully created the PKCS#10 certificate request '%1' Richiesta certificato PKCS#10 '%1' creata correttamente Signed Firmato Unhandled Non gestito v3ext Copy Common Name Copia nome comune Add Aggiungi Delete Elimina Apply Applica Validate Validazione Cancel Annulla An email address or 'copy' Un indirizzo e-mail oppure 'copy' An email address Un indirizzo e-mail A registered ID: OBJECT IDENTIFIER Un ID registrato: OBJECT IDENTIFIER A uniform resource indicator Una URI (uniform resource indicator) A DNS domain name or 'copycn' Un nome dominio DNS oppure 'copycn' A DNS domain name Un nome dominio DNS An IP address Un indirizzo IP Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' Sintassi: <OID>;TIPO:testo come '1.2.3.4:UTF8:nome' No editing. Only 'copy' allowed here Consentito solo 'copy' qui Validation failed: '%1' %2 Validazione fallita: '%1' %2 Validation successful: '%1' Validazione riuscita: '%1' xcaWarning The following error occurred: Incontrato l'errore seguente: Copy to Clipboard Copia negli appunti xcaWarningGui Copy to Clipboard Copia negli appunti xca-RELEASE.2.9.0/lang/xca_ja.ts000066400000000000000000006345421477156507700161330ustar00rootroot00000000000000 CaProperties CA Properties CAプロパティ Form CAのプロパティ Days until next CRL issuing 次のCRL発行までの日数 Default template デフォルトテンプレート CertDetail Details of the Certificate 証明書の詳細 Serial シリアル番号 The serial number of the certificate 証明書のシリアル番号 The internal name of the certificate in the database データベース内の証明書内部名 Status ステータス Internal name 内部名 Signature 署名アルゴリズム Key 秘密鍵 Fingerprints フィンガープリント MD5 MD5 An md5 hashsum of the certificate 証明書のMD5ハッシュ SHA1 SHA1 A SHA-1 hashsum of the certificate 証明書のSHA-1ハッシュ SHA256 SHA256 A SHA-256 hashsum of the certificate 証明書のSHA-256ハッシュ Validity 有効期限 The time since the certificate is valid 証明書が有効になってからの時間 The time until the certificate is valid 証明書が有効になるまでの時間 Subject サブジェクト Issuer 発行者 Extensions 拡張キー Validation 検証 Purposes 目的 Strict RFC 5280 validation 厳格なRFC 5280検証 Comment コメント Attributes 属性 Show config コンフィグを表示 Show extensions 拡張キーを表示 Show public key 公開キーを表示 This key is not in the database. このキーはデータベースに存在しません。 Not available 使用不可 No verification errors found. 検証エラーは見つかりませんでした。 Signer unknown 署名者不明 Self signed 自己署名 Revoked at %1 %1で取り消し Not valid 無効 Valid 有効 Details of the certificate signing request 証明書署名要求の詳細 CertExtend Certificate renewal 証明書の更新 This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. これにより、新しいシリアル番号と修正された有効値を持つ古い証明書のコピーとして、新しい証明書が作成されます。 Validity 有効期限 Not before 開始日時 Not after 終了日時 Time range 時間の範囲 Local time ローカル時間 Days Months Years No well-defined expiration 有効期限が明確に定義されていない Midnight 深夜時間 Apply 適用 Revoke old certificate 古い証明書の失効 Replace old certificate 古い証明書を置き換える Keep serial number シリアル番号を保持 The certificate will be earlier valid than the signer. This is probably not what you want. 証明書は署名者よりも前に有効になります。これはおそらくあなたが望むものではありません。 Edit dates 日付の編集 Abort rollout 展開の中止 Continue rollout 展開を続ける Adjust date and continue 日付を調整して続行 The certificate will be longer valid than the signer. This is probably not what you want. 証明書は署名者よりも有効期間が長くなります。これはおそらくあなたが望むものではありません。 CertTreeView Hide unusable certificates 使用できない証明書を非表示 Import PKCS#12 PKCS#12形式でインポート Import from PKCS#7 PKCS#7形式でインポート Request リクエスト Security token セキュリティトークン Other token その他のトークン Similar Certificate 類似の証明書 Delete from Security token セキュリティトークンから削除 CA CA Properties プロパティ Generate CRL CRLを作成 Manage revocations 失効の管理 Import OpenVPN tls-auth key OpenVPN tls-auth key形式でインポート Renewal 更新 Revoke 失効 Unrevoke 失効の取消 Plain View 標準ビュー Tree View ツリービュー days No template テンプレートなし CA Properties CAプロパティ Certificate export 証明書のエクスポート X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) vCalendar entry ( *.ics ) vCalendar entry ( *.ics ) OpenVPN file ( *.ovpn ) OpenVPN file ( *.ovpn ) OpenVPN tls-auth key ( *.key ) OpenVPN tls-auth key ( *.key ) ClickLabel Double click for details ダブルクリックして詳細を表示 CrlDetail Details of the Revocation list 失効リストの詳細 &Status ステータス(&S) Version バージョン Signature 署名アルゴリズム Signed by 署名者 Name 名前 The internal name of the CRL in the database データベース内のCRL内部名 issuing dates 発行日 Next update 次回更新日時 Last update 最終更新日時 &Issuer 発行者(&I) &Extensions 拡張キー(&E) &Revocation list 失効リスト(&R) Comment コメント Failed 失敗 Unknown signer 不明な署名者 Verification not possible 検証できません CrlTreeView There are no CA certificates for CRL generation CRL生成のためのCA証明書がありません Select CA certificate CA証明書の選択 Revocation list export 失効リストのエクスポート CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) vCalendar entry ( *.ics ) vCalendar entry ( *.ics ) ExportDialog Name 名前 The internal name of the CRL in the database データベース内のCRL内部名 ... ... Filename ファイル名 Each Item in a separate file 各アイテムを別ファイルにする Same encryption password for all items すべてのアイテムに同じ暗号化パスワード Export comment into PEM file コメントをPEMファイルにエクスポート Export Format エクスポートフォーマット All files ( * ) All files ( * ) PEM Text format with headers ヘッダ付きPEMテキスト形式 Concatenated list of all selected items in one PEM text file 1つのPEMテキストファイルで選択されたすべての項目を連結したリスト Concatenated text format of the complete certificate chain in one PEM file 1つのPEMファイル内の完全な証明書チェーンの連結テキスト形式 Concatenated text format of all certificates in one PEM file 1つのPEMファイルにすべての証明書を連結したテキスト形式 Binary DER encoded file バイナリDERエンコードファイル PKCS#7 encoded single certificate PKCS#7でエンコードされた単一の証明書 PKCS#7 encoded complete certificate chain PKCS#7エンコードされた完全な証明書チェーン Concatenated text format of all unrevoked certificates in one PEM file 1つのPEMファイル内の失効していないすべての証明書を連結したテキスト形式 All unrevoked certificates encoded in one PKCS#7 file 1つのPKCS#7ファイルにエンコードされた、失効していないすべての証明書 All selected certificates encoded in one PKCS#7 file 選択されたすべての証明書が1つのPKCS#7ファイルにエンコードされている All certificates encoded in one PKCS#7 file 1つのPKCS#7ファイルにエンコードされたすべての証明書 The certificate and the private key as encrypted PKCS#12 file 暗号化されたPKCS#12ファイルとしての証明書と秘密鍵 The complete certificate chain and the private key as encrypted PKCS#12 file 完全な証明書チェーンと暗号化されたPKCS#12ファイルとしての秘密鍵 Concatenation of the certificate and the unencrypted private key in one PEM file 1つのPEMファイルでの証明書と暗号化されていない秘密鍵の連結 Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file 証明書と暗号化された秘密鍵をPKCS#8形式で1つのファイルに連結したもの Text format of the public key in one PEM file 1つのPEMファイル内の公開キーのテキスト形式 Binary DER format of the public key 公開キーのバイナリDERフォーマット Unencrypted private key in text format テキスト形式の暗号化されていない秘密鍵 OpenSSL specific encrypted private key in text format OpenSSL固有の暗号化された秘密鍵 (テキスト形式) Unencrypted private key in binary DER format バイナリDER形式の暗号化されていない秘密鍵 Unencrypted private key in PKCS#8 text format PKCS#8テキスト形式の暗号化されていない非公開キー Encrypted private key in PKCS#8 text format 暗号化された秘密鍵 (PKCS#8テキスト形式) The public key encoded in SSH2 format SSH2形式でエンコードされた公開キー OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool 'CA'コマンドで作成され、OCSPツールで必要なOpenSSL固有の証明書インデックスファイル vCalendar expiry reminder for the selected items 選択したアイテムのvCalendar有効期限リマインダ vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL 発行されたすべての有効な証明書、CA自体、および最新のCRLを含むvCalendar有効期限リマインダ Private key in Microsoft PVK format not encrypted Microsoft PVK形式の秘密鍵は暗号化されていません Encrypted private key in Microsoft PVK format Microsoft PVK形式の暗号化された秘密鍵 %n selected item(s) %n 個の選択項目 The file: '%1' already exists! ファイル「%1 」はすでに存在します! Overwrite 上書き Do not overwrite 上書きしない The path: '%1' exist, but is not a file パス '%1' は存在しますが、ファイルではありません The path: '%1' exist, but is not a directory パス: '%1' は存在しますが、ディレクトリではありません The directory: '%1' does not exist. Should it be created? ディレクトリ '%1' が存在しません。 作成しますか? Create 作成 Failed to create directory '%1' ディレクトリ '%1' の作成に失敗しました Directory ディレクトリ Form last update 最終更新日時 next update 次回更新日時 Days Months Years Apply 適用 Midnight 深夜時間 Local time ローカル時間 No well-defined expiration 有効期限が明確に定義されていない Help << << >> >> &Done 完了(&D) ImportMulti Import PKI Items PKIアイテムのインポート Import &All すべてインポート(&A) &Import インポート(&I) &Done 完了(&D) &Remove from list リストから削除(&R) Details 詳細 Delete from token トークンから削除 Rename on token トークンの名前を変更 Name: %1 Model: %2 Serial: %3 製品名: %1 モデル名: %2 シリアル番号: %3 Manage security token セキュリティトークンを管理 Details of the item '%1' cannot be shown アイテム「%1 」の詳細を表示できません The type of the item '%1' is not recognized アイテムのタイプ「%1 」が認識されません Could not open the default database デフォルトのデータベースを開けませんでした The file '%1' did not contain PKI data ファイル「%1 」にPKIデータが含まれていませんでした The %1 files: '%2' did not contain PKI data %1ファイル:「%2 」にPKIデータが含まれていませんでした ItemProperties Name 名前 Source ソース Insertion date 挿入日 Comment コメント KeyDetail Name 名前 The internal name of the key used by xca xcaが使用するキーの内部名 Security token セキュリティトークン Manufacturer 製造元 Serial シリアル Key キー Public Exponent 公開指数 Keysize 鍵長 Private Exponent 秘密指数 Security Token セキュリティトークン Label ラベル PKCS#11 ID PKCS#11 ID Token information トークン情報 Model モデル Fingerprint フィンガープリント Comment コメント Details of the %1 key %1キーの詳細 Not available 使用不可 Available 使用可能 Sub prime サブプライム Public key 公開キー Private key 秘密鍵 Curve name カーブ名 Unknown key 不明なキー KeyTreeView Clipboard format クリップボードフォーマット Change password パスワードの変更 Reset password パスワードリセット Change PIN PINコード変更 Init PIN with SO PIN (PUK) SO PIN (PUK)でPINを初期化します Change SO PIN (PUK) SO PIN (PUK)を変更 Security token セキュリティトークン This is not a token これはトークンではありません Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable 元のキー「%1」をトークンのキーに置き換えますか? キー「%1」が削除され、エクスポートできなくなります Key export キーエクスポート SSH Private Keys ( *.priv ) SSH Private Keys ( *.priv ) Microsoft PVK Keys ( *.pvk ) Microsoft PVK Keys ( *.pvk ) Export public key [%1] 公開キーのエクスポート[%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) MainWindow Private Keys 秘密鍵 &New Key 新しい秘密鍵(&N) &Export エクスポート(&E) &Import インポート(&I) Import PFX (PKCS#12) PFX (PKCS#12)形式でインポート &Show Details 詳細を表示(&S) &Delete 削除(&D) Certificate signing requests 証明書署名要求 &New Request 署名リクエスト(&N) Certificates 署名済証明書 &New Certificate 新しい証明書を作成(&N) Import &PKCS#12 PKCS#12形式でインポート(&P) Import P&KCS#7 PKCS#7形式でインポート(&K) Plain View プレイン表示 Templates テンプレート &New Template 新しいテンプレート(&N) &New CRL 新しいCRLを作成(&N) Ch&ange Template テンプレートを変更(&a) Revocation lists 失効リスト Using or exporting private keys will not be possible without providing the correct password 正しいパスワードを入力しないと、秘密鍵の使用またはエクスポートはできません Database データベース The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. 現在使用されているデフォルトハッシュ「%1」は安全ではありません。セキュリティ上の理由から、少なくとも「SHA 224」を選択してください。 Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format 旧バージョンのデータベース形式が検出されました。「%1」という名前のバックアップコピーを作成し、データベースを新しい形式に変換しています Failed to rename the database file, because the target already exists ターゲットがすでに存在するため、データベースファイルの名前を変更できませんでした No deleted items found 削除されたアイテムは見つかりませんでした Recent DataBases 最近使用したデータベース System システム言語 Croatian クロアチア語 English 英語 French フランス語 German ドイツ語 Japanese 日本語 Korean 韓国語 Russian ロシア語 Slovak スロバキア語 Spanish スペイン語 Persian ペルシャ語 Bulgarian ブルガリア語 Polish ポーランド語 Italian イタリア語 Chinese 中国語 Dutch オランダ語 Portuguese in Brazil ポルトガル語(ブラジル) Indonesian インドネシア語 Turkish トルコ語 Language 言語 &File ファイル(&F) Open Remote DataBase リモートデータベースを開く Set as default DataBase デフォルトデータベースに指定する New DataBase 新しいデータベース Open DataBase データベースを開く Close DataBase データベースを閉じる Options オプション Exit 終了 I&mport インポート(&m) Keys 秘密鍵 Requests 証明書署名要求を作成 PKCS#12 PKCS#12 PKCS#7 PKCS#7 Template テンプレート Revocation list 失効リスト PEM file PEMファイル Paste PEM file PEMファイルを貼り付け Token トークン Export Certificate &Index hierarchy 証明書とインデックスの階層をエクスポート(&I) Content コンテンツ &Manage Security token セキュリティトークンを管理(&M) &Init Security token セキュリティトークンを初期化(&I) &Change PIN PINを変更(&C) Change &SO PIN SO PINを変更(&S) Init PIN PINを初期化 Extra 追加 &Dump DataBase データベースをダンプ(&D) &Export Certificate Index 証明書インデックスのエクスポート(&E) C&hange DataBase password データベースパスワードの変更(&h) &Undelete items 削除取り消し(&U) Generate DH parameter DH parameterを生成 OID Resolver OID 検索 &Help ヘルプ(&H) About XCAについて no such option: %1 そのようなオプションはありません:%1 Import PEM data PEMデータを読み込む Please enter the original SO PIN (PUK) of the token '%1' トークン'%1'の元のSO PIN(PUK)を入力してください Search 検索 Please enter the new SO PIN (PUK) for the token '%1' トークン'%1'の新しいSO PIN(PUK)を入力してください The new label of the token '%1' トークン'%1'の新しいラベル The token '%1' did not contain any keys or certificates トークン「%1」にキーまたは証明書が含まれていませんでした Retry with PIN PINで再試行 Retry with SO PIN SO PINで再試行 Current Password 現在のパスワード Please enter the current database password 現在のデータベースパスワードを入力してください The entered password is wrong 入力したパスワードが間違っています New Password 新しいパスワード Please enter the new password to encrypt your private keys in the database-file データベースファイルの秘密鍵を暗号化するための新しいパスワードを入力してください Transaction start failed トランザクションの開始に失敗しました Database: %1 データベース: %1 The currently used PFX / PKCS#12 algorithm '%1' is insecure. 現在使用されている PFX / PKCS#12 アルゴリズム '%1' は安全ではありません。 Change 変更 Please enter a password, that will be used to encrypt your private keys in the database: %1 データベースの秘密鍵を暗号化するためのパスワードを入力してください: %1 Password verify error, please try again パスワード確認エラーです。再試行してください Password パスワード Please enter the password for unlocking the database: %1 データベースのロックを解除するためのパスワードを入力してください: %1 The following error occurred: 次のエラーが発生しました: Copy to Clipboard クリップボードにコピー Certificate Index ( index.txt ) 証明書インデックス(index。テキスト) All files ( * ) All files ( * ) Diffie-Hellman parameters saved as: %1 Diffie-Hellmanパラメータを%1として保存しました Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits Diffie-Hellmanパラメータはさまざまなアプリケーションに必要ですが、XCAでは処理されません。 DHパラメータビットを入力してください NewCrl Last update 最終更新日時 Next update 次回更新日時 Days Months Years Midnight 深夜時間 Local time ローカル時間 Apply 適用 Options オプション CRL number CRL番号 Subject alternative name サブジェクト代替名 Revocation reasons 失効理由 Authority key identifier 機関キー識別子 Hash algorithm ハッシュアルゴリズム Create CRL CRLの作成 NewKey Please give a name to the new key and select the desired keysize 新しい秘密鍵に名前を付けて、目的の秘密鍵サイズを選択してください Key properties 秘密鍵のプロパティ Name 名前 The internal name of the new key 新しい秘密鍵の内部名 Curve name カーブ名 Usually at least 2048 bit keys are recommended 通常は少なくとも2048ビットの秘密鍵を推奨します New Key 新しい秘密鍵 Keysize 鍵長 Keytype 暗号タイプ Remember as default デフォルトとして保存 Create 作成 NewX509 Source ソース Signing request 署名リクエスト Show request リクエストを表示 Sign this Certificate signing &request この証明書署名要求に署名する(&r) Copy extensions from the request 要求からの拡張キーのコピー Modify subject of the request 証明書署名要求のサブジェクトを変更する Signing 署名 Create a &self signed certificate 自己署名証明書を作成(&s) Use &this Certificate for signing 署名にこの証明書を使用(&t) All certificates in your database that can create valid signatures 有効な署名を作成できるデータベース内のすべての証明書 Signature algorithm 署名アルゴリズム Template for the new certificate 新しい証明書のテンプレート All available templates 使用可能なすべてのテンプレート Apply extensions 拡張キーの適用 Apply subject サブジェクトに適用 Apply all すべてに適用 Subject サブジェクト Internal Name 内部名 Distinguished name 識別名 Add 追加 Delete 削除 Private key 秘密鍵 This list only contains unused keys このリストには未使用のキーのみが含まれています Used keys too 使用しているキー &Generate a new key 新しい秘密鍵を生成(&G) Extensions 拡張キー Type サブジェクトタイプ If this will become a CA certificate or not これがCA証明書になるかどうか Not defined Not defined Certification Authority Certification Authority End Entity End Entity Path length Path length How much CAs may be below this. これより下にあるCAの数。 The basic constraints should always be critical 基本的な制約は常に重要でなければならない Key identifier 機関キー識別子 Creates a hash of the key following the PKIX guidelines PKIXガイドラインに従って、キーのハッシュを作成します Copy the Subject Key Identifier from the issuer 発行者から機関キー識別子をコピーする Validity 有効期間 Not before 有効開始日 Not after 有効終了日 Time range 時間の範囲 Days Months Years Apply 適用 Set the time to 00:00:00 and 23:59:59 respectively 時刻をそれぞれ00:00:00と23:59:59に設定します Midnight 深夜時間 Local time ローカル時間 No well-defined expiration 有効期限が明確に定義されていない DNS: IP: URI: email: RID: DNS: IP: URI: email: RID: Edit 編集 URI: URI: Key usage キー使用法 Netscape Netscape Advanced 詳細設定 Validate 検証 Comment コメント This name is only used internally and does not appear in the resulting certificate この名前は内部でのみ使用され、結果の証明書には表示されません Critical 重要 Create Certificate signing request 証明書署名要求の作成 minimum size: %1 最小サイズ:%1 maximum size: %1 最大サイズ:%1 only a-z A-Z 0-9 '()+,-./:=? a-z A-Z0-9'()+、-./:=? only 7-bit clean characters 7ビットのみ Edit XCA template XCA テンプレートの編集 Create x509 Certificate x509証明書の作成 Template '%1' applied テンプレート「%1 」が適用されました Subject applied from template '%1' テンプレート'%1'から適用されたサブジェクト Extensions applied from template '%1' テンプレート'%1'から適用された拡張キー New key '%1' created 新しい秘密鍵「%1」が作成されました Other Tabs その他のタブ Advanced Tab 詳細設定 タブ Errors エラー From PKCS#10 request PKCS#10要求 Error エラー duplicate extensions エクステンションが重複しています The Name Constraints are invalid 名前制約が無効です The Subject Alternative Name is invalid Subject Alternative Name が無効です The Issuer Alternative Name is invalid Issuer Alternative Name が無効です The CRL Distribution Point is invalid CRL Distribution Point が無効です The Authority Information Access is invalid Authority Information Access が無効です Abort rollout 展開の注視 The following length restrictions of RFC3280 are violated: RFC3280の次の長さ制限に違反しています: Edit subject サブジェクトを編集 Continue rollout 展開を続ける The verification of the Certificate request failed. The rollout should be aborted. 証明書要求の検証に失敗しました。 展開を中止してください。 Continue anyway 続行 The internal name and the common name are empty. Please set at least the internal name. 内部名とコモンネームが空です。 少なくとも内部名を設定してください。 Edit name 名前を変更 There is no Key selected for signing. 署名する秘密鍵が選択されていません。 Select key 秘密鍵を選択 The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. 次の識別名エントリは空です: %1 ただし、オプションメニューで必須として宣言しています。 The key you selected for signing is not a private one. 署名用に選択したキーは秘密鍵ではありません。 Select other signer 他の署名者を選択 Select other key 他の秘密鍵を選択 The currently selected hash algorithm '%1' is insecure and should not be used. 現在選択されているハッシュ・アルゴリズム '%1' は安全ではないので、使用しないでください。 Select other algorithm 他のアルゴリズムを選択 Use algorithm anyway アルゴリズムをとにかく使う The certificate will be earlier valid than the signer. This is probably not what you want. 証明書は署名者よりも前に有効になります。これはおそらくあなたが望むものではありません。 Edit dates 日時を変更 Adjust date and continue 日付を調整して続行 The certificate will be longer valid than the signer. This is probably not what you want. 証明書は署名者よりも有効期間が長くなります。これはおそらくあなたが望むものではありません。 The certificate will be out of date before it becomes valid. You most probably mixed up both dates. 証明書は有効になる前に期限切れになります。おそらく、あなたは両方の日付を間違えているでしょう。 The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. 証明書に無効な拡張キーまたは重複した拡張キーが含まれています。詳細タブで検証を確認します。 The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. 証明書に拡張キーが含まれていません。いずれかのテンプレートの拡張キーを適用して、証明書の目的を定義できます。 The certificate contains invalid extensions. 証明書に無効な拡張子が含まれています。 Edit extensions 拡張キーの編集 The subject alternative name shall contain a copy of the common name. However, the common name is empty. サブジェクト代替名は、コモンネームのコピーを含む。ただし、コモンネームは空です。 A name constraint of the issuer '%1' is violated: %2 発行者 '%1' の名前制約に違反しています: %2 Configfile error on line %1 %1行目のコンフィグエラー OidResolver OID Resolver OID検索 Enter the OID, the Nid, or one of the textual representations OID、Nid、またはテキストのどれかを入力してください Search 検索 OID OID Long name 長い名前 OpenSSL internal ID OpenSSL内部ID Nid Nid Short name 短い名前 OpenDb Open remote database リモートデータベースを開く Database type データベースタイプ Hostname ホスト名 Username ユーザ名 Password パスワード Database name データベース名 Table prefix テーブルプレフィクス No SqLite3 driver available. Please install the qt-sqlite package of your distribution SQLite3ドライバがありません。お使いのディストリビューションのqt-sqliteパッケージをインストールしてください Please enter the password to access the database server %2 as user '%1'. ユーザ'%1'としてデータベースサーバ%2にアクセスするためのパスワードを入力してください。 The database driver does not support transactions. This may happen if the client and server have different versions. Continue with care. データベースドライバはトランザクションをサポートしていません。これは、クライアントとサーバーのバージョンが異なる場合に発生することがあります。注意して続けてください。 Options XCA Options XCA オプション Settings 設定 Default hash algorithm デフォルトハッシュアルゴリズム String types 文字列タイプ Suppress success messages 成功メッセージを表示しない Don't colorize expired certificates 期限切れの証明書に色を付けない Translate established x509 terms (%1 -> %2) x509用語を翻訳(%1->%2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. トークンのハッシュ機能は、XCAでは使用されません。 ただし、トークンによって伝搬される制限されたハッシュ・セットが優先される場合もあります。 特に、ECおよびDSAは、PKCS#11仕様ではSHA1でのみ定義されています。 Only use hashes supported by the token when signing with a token key トークン・キーによる署名時に、トークンがサポートするハッシュのみを使用する Disable legacy Netscape extensions Netscapeのレガシー拡張キーを無効にする PKCS12 encryption algorithm PKCS12暗号化アルゴリズム Certificate expiry warning threshold 証明書有効期限警告しきい値 Send vCalendar expiry reminder vCalendarの有効期限の通知を送信する Serial number length シリアル番号の長さ bit ビット Distinguished name 識別名 Mandatory subject entries 必須のサブジェクトエントリ Add 追加 Delete 削除 Explicit subject entries 明示的なサブジェクトエントリ Dynamically arrange explicit subject entries 明示的なサブジェクトエントリを動的に配置する Default デフォルト PKCS#11 provider PKCS#11 プロバイダ Remove 削除 Search 検索 Printable string or UTF8 (default) 印刷可能な文字列またはUTF8(デフォルト) PKIX recommendation in RFC2459 RFC2459のPKIX勧告 No BMP strings, only printable and T61 BMP文字列なし、印刷可能およびT61のみ UTF8 strings only (RFC2459) UTF8文字列のみ(RFC2459) All strings すべての文字列 Days Weeks PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) パスワードは2桁の16進コードとして解析されます。偶数桁である必要があります(0-9およびa-f) Take as HEX string 16進文字列とみなす Password パスワード Repeat %1 繰り返し%1 %1 mismatch %1の不一致 Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters 16進パスワードには、「0 」-「9 」および「a 」-「f 」の文字のみを使用し、偶数の文字で構成する必要があります Exit 終了 E&xit 終了(&x) QMessageBox Ok OK Close 閉じる Cancel キャンセル Apply 適用 Yes はい No いいえ QObject Undefined 未定義 Broken / Invalid 破損/無効 in %1 seconds %1秒以内 %1 seconds ago %1秒前 in %1 minutes %1分以内 %1 minutes ago %1分前 Yesterday 昨日 Tomorrow 明日 in %1 hours %1時間以内 %1 hours ago %1時間前 Out of data データがありません Error finding endmarker of string 文字列のエンドマーカーの検索中にエラーが発生しました Out of Memory at %1:%2 %1のメモリ不足:%2 All files ( * ) All files ( * ) PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK Keys ( *.pvk );; SSH Public Keys ( *.pub );; PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK Keys ( *.pvk );; SSH Public Keys ( *.pub );; Import RSA key キーをインポート PKCS#10 CSR ( *.pem *.der *.csr );; PKCS#10 CSR ( *.pem *.der *.csr );; Import Request 証明書署名要求のインポート Certificates ( *.pem *.der *.crt *.cer );; Certificates ( *.pem *.der *.crt *.cer );; Import X.509 Certificate X.509形式の証明書をインポート PKCS#7 data ( *.p7s *.p7m *.p7b );; PKCS#7 data ( *.p7s *.p7m *.p7b );; Import PKCS#7 Certificates PKCS#7形式の証明書のインポート PKCS#12 Certificates ( *.p12 *.pfx );; PKCS#12 Certificates ( *.p12 *.pfx );; Import PKCS#12 Private Certificate PKCS#12形式の秘密鍵・証明書をインポート XCA templates ( *.xca );; XCA テンプレート ( *.xca );; Import XCA Templates XCAテンプレートのインポート Revocation lists ( *.pem *.der *.crl );; Revocation lists ( *.pem *.der *.crl );; Import Certificate Revocation List 失効証明書のインポート XCA Databases ( *.xdb );; XCA Databases ( *.xdb );; Open XCA Database XCAデータベースを開く OpenVPN tls-auth key ( *.key );; OpenVPN tls-auth key ( *.key );; Import OpenVPN tls-auth key OpenVPN tls-auth key のインポート PKCS#11 library ( *.dll );; PKCS#11 library ( *.dll );; PKCS#11 library ( *.dylib *.so );; PKCS#11 library ( *.dylib *.so );; PKCS#11 library ( *.so );; PKCS#11 library ( *.so );; Open PKCS#11 shared library PKCS#11共有ライブラリを開く PEM files ( *.pem );; PEM files ( *.pem );; Load PEM encoded file PEMエンコードファイルを読み込み Please enter the PIN on the PinPad ピンパッドにPINを入力してください Please enter the SO PIN (PUK) of the token %1 トークン%1のSO PIN(PUK)を入力してください Please enter the PIN of the token %1 トークン%1のPINを入力してください No Security token found セキュリティトークンが見つかりません Select 選択 Please enter the new SO PIN (PUK) for the token: '%1' トークン'%1'の新しいSO PIN(PUK)を入力してください Please enter the new PIN for the token: '%1' トークンの新しいPINを入力してください:'%1' Required PIN size: %1 - %2 必要なPINのサイズ:%1-%2 Invalid filename: %1 無効なファイル名:%1 Failed to open PKCS11 library: %1: %2 PKCS11ライブラリ%1を開けませんでした:%2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. これはPKCS#11ライブラリとして認識できません。シンボル「C_GetFunctionList」が見つかりません。 Disabled 無効 Library loading failed ライブラリのロードに失敗しました PKCS#11 function '%1' failed: %2 PKCS#11関数「%1 」が失敗しました:%2 PKCS#11 function '%1' failed: %2 In library %3 %4 PKCS#11関数「%1 」が失敗しました:%2 ライブラリ%3内 %4 Invalid 無効 %1 is shorter than %2 bytes: '%3' %1は%2バイトより短い:'%3' %1 is longer than %2 bytes: '%3' %1は%2バイトを超えています:'%3 String '%1' for '%2' contains invalid characters 「%2 」の文字列「%1 」に無効な文字が含まれています Error reading config file %1 at line %2 %2行目の構成ファイル%1の読み取り中にエラーが発生しました The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. ファイル%2の行%3のオブジェクト「%1 」は既に「%4:%5:%6 」として知られているため、削除する必要があります。 The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. ファイル%3行%4のOID%2の識別子「%1 」は、別のOIDで「%5:%6:%7 」としてすでに使用されています。競合を避けるために変更する必要があります。 Unknown object '%1' in file %2 line %3 ファイル%2の%3行目に不明なオブジェクト「%1 」があります Failed to start a database transaction データベーストランザクションを開始できませんでした Country code Country code State or Province State or Province Locality Locality Organisation Organisation Organisational unit Organisational unit Common name Common name E-Mail address E-Mail address Serial number Serial number Given name Given name Surname Surname Title Title Initials Initials Description Description Role Role Pseudonym 偽名 Generation Qualifier x500 Unique Identifier x500 Unique Identifier Name Name DN Qualifier DN Qualifier Unstructured name Unstructured name Challenge password Challenge password Basic Constraints Basic Constraints Name Constraints 名前の制約 Subject alternative name Subject alternative name issuer alternative name issuer alternative name Subject key identifier Subject key identifier Authority key identifier Authority key identifier Key usage Key usage Extended key usage Extended key usage CRL distribution points CRL distribution points Authority information access Authority information access Certificate type Certificate type Base URL Base URL Revocation URL Revocation URL CA Revocation URL CA Revocation URL Certificate renewal URL Certificate renewal URL CA policy URL CA policy URL SSL server name SSL server name Comment Comment Index file written to '%1' インデックス・ファイルを'%1'に書き込みました Index hierarchy written to '%1' インデックス階層が '%1' に書き込まれました Unknown key type %1 不明な鍵タイプ %1 Failed to write PEM data to '%1' PEM データを '%1' に書き込めませんでした Password verify error, please try again パスワード確認エラーです。再試行してください The following error occurred: 次のエラーが発生しました: Failed to update the database schema to the current version データベース・スキーマを現在のバージョンに更新するのに失敗しました Password パスワード insecure 安全でない ReqTreeView Sign 署名 Unmark signed 署名済みのマークを解除 Mark signed 署名済みをマーク Similar Request 類似のリクエスト Certificate request export 証明書要求のエクスポート Certificate request ( *.pem *.der *.csr ) Certificate request ( *.pem *.der *.csr ) RevocationList Manage revocations 失効の管理 Add 追加 Delete 削除 Edit 編集 No. No. Serial シリアル Revocation 失効 Reason 理由 Invalidation 無効化 Generate CRL CRLの生成 Revoke Certificate revocation 証明書の失効 Revocation details 失効の詳細 Revocation reason 失効理由 Local time ローカル時間 Invalid since 失効日時 Serial シリアル SearchPkcs11 Directory ディレクトリ ... ... Include subdirectories サブディレクトリを含める Search 検索 The following files are possible PKCS#11 libraries PKCS#11ライブラリには、次のファイルがあります SelectToken Security token セキュリティトークン Please select the security token セキュリティトークンを選択してください TempTreeView Duplicate 重複 Create certificate 証明書の作成 Create request リクエストの作成 copy コピー Preset Template values プリセットテンプレートの値 Template export テンプレートエクスポート XCA Templates ( *.xca ) XCA Templates ( *.xca ) TrustState Certificate trust 証明書の信頼 Trustment 信頼 &Never trust this certificate この証明書を信用しない(&N) Only &trust this certificate, if we trust the signer 署名者を信頼できる場合のみ、この証明書を信頼する。(&T) &Always trust this certificate この証明書を常に信頼する(&A) Validity yyyy-MM-dd hh:mm yyyy-MM-dd hh:mm X509SuperTreeView OpenSSL config OpenSSL コンフィグ Transform 変換 Template テンプレート Public key 公開キー Save as OpenSSL config OpenSSL設定として保存 Config files ( *.conf *.cnf);; All files ( * ) Config files ( *.conf *.cnf);; All files ( * ) XFile Error opening file: '%1': %2 ファイルを開くときにエラーが発生しました: '%1': %2 Error rewinding file: '%1': %2 ファイルの復旧エラー: '%1': %2 XcaDetail Import インポート XcaTreeView Item properties アイテムのプロパティ Subject entries サブジェクトエンティティ X509v3 Extensions X509v3拡張キー Netscape extensions Netscape 拡張キー Key properties キーのプロパティ Reset リセット Hide Column 項目を非表示 Details 詳細 Columns 項目 Export Password パスワードのエクスポート Please enter the password to encrypt all %n exported private key(s) in: %1 Singular form for 0 or 1 item can be ignored. Will always be called with n >= 2 エクスポートされたすべての秘密鍵 %n を暗号化するパスワードを入力してください: %1 New 新規 Import インポート Paste PEM data PEMデータを貼り付け Rename リネーム Properties プロパティ Delete 削除 Export エクスポート Clipboard クリップボード File ファイル Clipboard format クリップボードフォーマット database_model Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format 旧バージョンのデータベース形式が検出されました。「%1」という名前のバックアップコピーを作成し、データベースを新しい形式に変換しています Failed to rename the database file, because the target already exists ターゲットがすでに存在するため、データベースファイルの名前を変更できませんでした Please enter the password to access the database server %2 as user '%1'. ユーザ'%1'としてデータベースサーバ%2にアクセスするためのパスワードを入力してください。 Unable to create '%1': %2 '%1' を作成できません: %2 The file '%1' is not an XCA database ファイル '%1' は、XCA データベースではありません No SqLite3 driver available. Please install the qt-sqlite package of your distribution SQLite3ドライバがありません。お使いのディストリビューションのqt-sqliteパッケージをインストールしてください New Password 新しいパスワード Please enter a password, that will be used to encrypt your private keys in the database: %1 データベースの秘密鍵を暗号化するためのパスワードを入力してください: %1 Password パスワード Please enter the password for unlocking the database: %1 データベースのロックを解除するためのパスワードを入力してください: %1 db_base Internal name 内部名 No. No. Primary key プライマリキー Database unique number データベースユニーク番号 Date 日付 Date of creation or insertion 作成または挿入の日付 Source ソース Generated, Imported, Transformed 生成済み、インポート済み、変換済み Comment コメント First line of the comment field コメントフィールドの最初の行 Import from: %1 インポート元: %1 Could not create directory %1 ディレクトリ%1を作成できませんでした Item properties アイテムのプロパティ How to export the %1 selected items %1個の選択したアイテムをエクスポートする方法 All in one PEM file 1つのPEMファイル内のすべて Each item in one file 1つのファイル内の各アイテム Save %1 items in one file as %1アイテムを1つのファイルに次の名前で保存する PEM files ( *.pem );; All files ( * ) PEM files ( *.pem );; All files ( * ) db_crl Signer 署名者 Internal name of the signer 署名者の内部名 No. revoked 廃止 Number of revoked certificates 失効した証明書の数 Last update 最終更新 Next update 最終更新 CRL number CRL番号 The revocation list already exists in the database as: '%1' and so it was not imported 失効リストはすでに次のようにデータベースに存在します: '%1' インポートされませんでした Revocation list export 失効リストのエクスポート CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) There are no CA certificates for CRL generation CRL生成のためのCA証明書がありません Select CA certificate CA証明書の選択 Create CRL CRLの作成 Failed to initiate DB transaction DBトランザクションを開始できませんでした Database error: %1 データベースエラー:%1 db_key Type タイプ Size 鍵長 EC Group EC グループ Use 用途 Password パスワード The key is already in the database as: '%1' and is not going to be imported キーはすでに次のようにデータベースに存在します: '%1' インポートされません The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key データベースには、インポートされたキーの公開部分がすでに次のように含まれています。 '%1 キーの新しいプライベート部分によって完了します Extending public key from %1 by imported key '%2' インポートされたキー'%2'によって%1から公開キーを拡張しています Key size too small ! キーサイズが小さすぎます! You are sure to create a key of the size: %1 ? サイズ%1のキーを作成しますか? PEM public PEM public SSH2 public SSH2 public PEM private PEM private SSH2 private SSH2 private Export keys to Clipboard キーをクリップボードにエクスポート Clipboard クリップボード Export public key [%1] 公開キーのエクスポート[%1] DER public DER public DER private DER private PEM encryped PEM encryped PVK private PVKプライベート PVK encrypted PVK暗号化 PKCS#8 encrypted PKCS#8 encrypted Export private key [%1] 秘密鍵をエクスポートする[%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Internal error 内部エラー Internal key update: The keys: %1 must be updated once by resetting and setting its private password 内部キーの更新: プライベート・パスワードをリセットして設定することで、キー %1 を一度更新する必要があります Tried to change password of a token トークンのパスワードを変更しようとしました db_temp Bad template: %1 不正なテンプレート:%1 Empty template 空のテンプレート Preset Template values プリセットテンプレートの値 Save template as テンプレートに名前を付けて保存 XCA templates ( *.xca );; All files ( * ) XCA templates ( *.xca );; All files ( * ) db_x509 CA CA reflects the basic Constraints extension 基本的なConstraints拡張機能を反映する Serial シリアル Start date 開始日 Expiry date 終了日 MD5 fingerprint MD5フィンガープリント SHA1 fingerprint SHA1フィンガープリント SHA256 fingerprint SHA256フィンガープリント Not before Not before Not after Not after Revocation 失効 CRL Expiration CRLの有効期限 Plain View プレインビュー Tree View ツリービュー Failed to retrieve unique random serial 一意のランダムシリアルの取得に失敗しました The certificate already exists in the database as: '%1' and so it was not imported 証明書はすでに次のようにデータベースに存在します: '%1' インポートはされませんでした Signed on %1 by '%2' %1に'%2'によって署名されました Unknown 不明 Invalid public key 公開キーが無効です PKCS#7 unrevoked PKCS#7の取り消し PEM unrevoked PEMの取り消し vCalendar vCalendar CA vCalendar CA vCalendar X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) days No template テンプレートなし The key you selected for signing is not a private one. 署名用に選択したキーはプライベートキーではありません。 Failed to create directory '%1' ディレクトリ '%1' の作成に失敗しました Store the certificate to the key on the token '%1 (#%2)' ? 証明書をトークン上のキーに格納する「%1(#%2) 」? PEM chain PEMチェーン PKCS#7 chain PKCS#7チェーン PKCS#12 chain PKCS#12チェーン PKCS#7 all PKCS#7 すべて PEM + key PEM + key PEM all PEM all Certificate Index file 証明書インデックスファイル Certificate export 証明書のエクスポート X509 Certificates ( *.pem *.cer *.crt *.p12 *.p7b ) X509 Certificates ( *.pem *.cer *.crt *.p12 *.p7b ) There was no key found for the Certificate: '%1' 証明書'%1'のキーが見つかりませんでした Not possible for a token key: '%1' トークンキー'%1'は使用できません Not possible for the token-key Certificate '%1' トークンキー証明書'%1'は使用できません db_x509name Subject サブジェクト Complete distinguished name 完全な識別名 Subject hash サブジェクトハッシュ Hash to lookup certs in directories ディレクトリ内の証明書を検索するためのハッシュ db_x509req Signed 署名済み whether the request is already signed or not 要求がすでに署名されているかどうか Unstructured name 構造化されていない名前 Challenge password チャレンジパスワード Certificate count 証明書の数 Number of certificates in the database with the same public key 同じ公開キーを持つデータベース内の証明書の数 The certificate signing request already exists in the database as '%1' and thus was not stored 証明書署名要求はすでに次のようにデータベースに存在しています: '%1' 保管されなかった Certificate request export 証明書要求のエクスポート Certificate request ( *.pem *.der *.csr ) Certificate request ( *.pem *.der *.csr ) db_x509super Key name 秘密鍵名 Internal name of the key 秘密鍵の内部名 Signature algorithm 署名アルゴリズム Key type キータイプ Key size 鍵長 EC Group EC グループ Extracted from %1 '%2' %1'%2'から抽出 Certificate 証明書 Certificate request 証明書リクエスト Save as OpenSSL config OpenSSL設定として保存 Config files ( *.conf *.cnf);; All files ( * ) Config files ( *.conf *.cnf);; All files ( * ) The following extensions were not ported into the template 次の拡張機能はテンプレートに移植されませんでした Transformed from %1 '%2' %1'%2'から変換されました kvView Type タイプ Content 内容 pass_info Password パスワード PIN PIN番号 pkcs11_lib Failed to open PKCS11 library: %1: %2 PKCS11ライブラリ%1を開けませんでした:%2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. これはPKCS#11ライブラリとして認識できません。シンボル「C_GetFunctionList」が見つかりません。 pki_base Unknown 不明 Imported インポート済み Generated 生成済 Transformed 変換済 Token トークン Legacy Database レガシーデータベース Renewed 更新 Property '%1' not listed in 'pki_base::print' プロパティ '%1' が 'pki_base::print' にリストされていません Internal error: Unexpected message: %1 %2 内部エラー:予期しないメッセージ:%1 %2 pki_crl Successfully imported the revocation list '%1' 失効リスト'%1'が正常にインポートされました Delete the revocation list '%1'? 失効リスト'%1'を削除しますか? Successfully created the revocation list '%1' 失効リスト'%1'が正常に作成されました Delete the %1 revocation lists: %2? %1失効リストを削除しますか:%2? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. ファイル%1の失効リストを読み込めません。PEMおよびDER形式のCRLを試しました。 No issuer given 発行者が指定されていません Wrong Size %1 サイズ%1が間違っています Delete the %n revocation list(s): '%1'? %n 個の失効リストを削除します: '%1'? CRL Renewal of CA '%1' due CA「%1」のCRL更新期限 The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' CAによって発行された最新のCRL「%1」の有効期限は%2になります。 XCAデータベース'%3'に保存されています Renew CRL: %1 CRLの更新:%1 The XCA CRL '%1', issued on %3 will expire on %4. It is stored in the XCA database '%5' %3に発行されたXCA CRL「%1」の有効期限は%4になります。 XCAデータベース'%5'に保存されています pki_evp Failed to decrypt the key (bad password) %1 キー(パスワードが間違っています)%1の暗号化を解除できませんでした Please enter the password to decrypt the private key. 秘密鍵を解読するためのパスワードを入力してください。 Please enter the password to decrypt the private key %1. 秘密鍵 %1 を復号化するためのパスワードを入力してください。 The key from file '%1' is incomplete or inconsistent. ファイル「%1 」のキーが不完全または矛盾しています。 Please enter the password to decrypt the private key from file: %1 ファイルから秘密鍵を復号化するためのパスワードを入力してください: %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. ファイル%1の秘密鍵を読み込めません。PEMおよびDERの秘密鍵、公開キー、PKCS#8キーの種類、およびSSH2形式を試しました。 Ignoring unsupported private key サポートされていない秘密鍵を無視します Please enter the password to decrypt the private key: '%1' 秘密鍵を解読するためのパスワードを入力してください:'%1' Password input aborted パスワードの入力が中断されました Please enter the database password for decrypting the key '%1' キー'%1'を復号化するためのデータベースパスワードを入力してください Decryption of private key '%1' failed 秘密鍵 '%1' の復号化に失敗しました Please enter the password to protect the private key: '%1' 秘密鍵を保護するためのパスワードを入力してください:'%1' Please enter the database password for encrypting the key キーを暗号化するためのデータベースパスワードを入力してください Please enter the password to protect the PKCS#8 key '%1' in file: %2 ファイルの PKCS#8 キー '%1' を保護するパスワードを入力してください: %2 Please enter the password to protect the private key '%1' in file: %2 秘密鍵 '%1' を保護するパスワードをファイルに入力してください: %2 Please enter the password protecting the PKCS#8 key '%1' PKCS#8キー'%1'を保護するパスワードを入力してください Please enter the password protecting the Microsoft PVK key '%1' Microsoft PVKキー'%1'を保護するパスワードを入力してください Please enter the export password for the private key '%1' 秘密鍵'%1'のエクスポートパスワードを入力してください pki_export PEM Text format with headers ヘッダ付きPEMテキスト形式 Concatenated list of all selected items in one PEM text file 1つのPEMテキストファイルで選択されたすべての項目を連結したリスト PEM selected PEMを選択 Concatenated list of all selected certificates in one PEM text file 選択したすべての証明書を1つのPEMテキストファイルに連結したリスト PEM chain PEMチェーン Concatenated text format of the complete certificate chain in one PEM file 1つのPEMファイル内の完全な証明書チェーンの連結テキスト形式 The complete certificate chain and the private key of the selected certificate with tags usable in OpenVPN configuration files 選択された証明書の完全な証明書チェーンと秘密鍵が、OpenVPN コンフィギュレーション・ファイルで使用可能なタグ付きで表示されます PEM + key PEM + key Concatenation of the certificate and the unencrypted private key in one PEM file 1つのPEMファイルでの証明書と暗号化されていない秘密鍵の連結 Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file 証明書と暗号化された秘密鍵をPKCS#8形式で1つのファイルに連結したもの All unusable すべて使用不可 Concatenation of all expired or revoked certificates in one PEM file 期限切れまたは失効したすべての証明書を 1 つの PEM ファイルに連結する PKCS#7 encoded single certificate PKCS#7でエンコードされた単一の証明書 All selected certificates encoded in one PKCS#7 file 選択されたすべての証明書が1つのPKCS#7ファイルにエンコードされている PKCS #7 chain PKCS#7チェーン PKCS#7 encoded complete certificate chain PKCS#7エンコードされた完全な証明書チェーン PKCS #7 unusable PKCS #7は使用不可 PKCS#7 encoded collection of all expired or revoked certificates PKCS#7 でエンコードされた、期限切れまたは失効したすべての証明書のコレクション Binary DER encoded certificate バイナリ DER エンコードされた証明書 PKCS #12 chain PKCS #12 チェーン The complete certificate chain and the private key as encrypted PKCS#12 file 完全な証明書チェーンと暗号化されたPKCS#12ファイルとしての秘密鍵 PKCS #12 PKCS #12 The certificate and the private key as encrypted PKCS#12 file 暗号化されたPKCS#12ファイルとしての証明書と秘密鍵 Certificate Index file 証明書インデックスファイル OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool 'CA'コマンドで作成され、OCSPツールで必要なOpenSSL固有の証明書インデックスファイル vCalendar vCalendar vCalendar expiry reminder for the selected items 選択したアイテムのvCalendar有効期限リマインダ CA vCalendar CA vCalendar vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL 発行されたすべての有効な証明書、CA自体、および最新のCRLを含むvCalendar有効期限リマインダ OpenSSL config OpenSSL コンフィグ OpenSSL configuration file to create a certificate or request with the openssl commandline tool OpenSSLコマンドラインツールを使って証明書またはリクエストを作成するためのOpenSSL設定ファイル OpenVPN tls-auth key OpenVPN tls-auth key The OpenVPN tls-auth key is a secret key shared between endpoints OpenVPN tls-auth key はエンドポイント間で共有される秘密鍵です JSON Web Kit JSON Web Kit The public key of the certificate in JSON Web Kit format with X.509 Certificate Thumbprint (x5t) X.509 証明書サムプリント(x5t)付きの JSON Web Kit 形式の証明書の公開鍵 JSON Web Kit chain JSON Web Kit チェーン The public key of the certificate in JSON Web Kit format with X.509 Certificate Thumbprint (x5t) and certificate chain (x5c) X.509 証明書サムプリント(x5t)および証明書チェーン(x5c)を含む JSON Web Kit 形式の証明書の公開鍵 PEM public PEM public Text format of the public key in one PEM file 1つのPEMファイル内の公開キーのテキスト形式 PEM private PEM private Unencrypted private key in text format テキスト形式の暗号化されていない秘密鍵 PEM encrypted PEM暗号化 OpenSSL specific encrypted private key in text format OpenSSL固有の暗号化された秘密鍵 (テキスト形式) SSH2 private SSH2 private SSH2 public SSH2 public The public key encoded in SSH2 format SSH2形式でエンコードされた公開キー DER public DER public Binary DER format of the public key 公開キーのバイナリDERフォーマット DER private DER private Unencrypted private key in binary DER format バイナリDER形式の暗号化されていない秘密鍵 PVK private PVKプライベート Private key in Microsoft PVK format not encrypted Microsoft PVK形式の秘密鍵は暗号化されていません XCA template in PEM-like format. Templates include the internal name and comment PEM ライクな形式の XCA テンプレート。 テンプレートは内部名とコメントを含む All selected XCA templates in PEM-like format. Templates include the internal name and comment 選択されたすべての XCA テンプレートは PEM ライクな形式。 テンプレートは内部名とコメントを含む PVK encrypted PVK暗号化 Encrypted private key in Microsoft PVK format Microsoft PVK形式の暗号化された秘密鍵 PKCS #8 encrypted PKCS #8 暗号化 Encrypted private key in PKCS#8 text format 暗号化された秘密鍵 (PKCS#8テキスト形式) PKCS #8 PKCS #8 Unencrypted private key in PKCS#8 text format PKCS#8テキスト形式の暗号化されていない非公開キー JSON Web Key private JSONウェブ・キー・プライベート Unencrypted private key in JSON Web Key format JSON Web Key形式の暗号化されていない秘密鍵 JSON Web Key public JSONウェブ鍵公開 Public key in JSON Web Key format JSON Web Key形式の公開鍵 Binary DER format of the certificate request 証明書要求のバイナリ DER フォーマット Binary DER format of the revocation list 失効リストのバイナリDERフォーマット vCalendar reminder for the CRL expiry date vCRL有効期限のカレンダーリマインダー XCA template in PEM-like format PEMライクフォーマットのXCAテンプレート All selected XCA templates in PEM-like format 選択されたすべてのXCAテンプレートはPEMライクフォーマットです pki_key Successfully imported the %1 public key '%2' %1公開キー'%2'のインポートに成功しました Delete the %1 public key '%2'? %1公開キー'%2'を削除しますか? Successfully imported the %1 private key '%2' %1秘密鍵'%2'のインポートに成功しました Delete the %1 private key '%2'? %1形式の秘密鍵'%2'を削除しますか? Successfully created the %1 private key '%2' %1形式の秘密鍵'%2'の作成に成功しました Delete the %1 keys: %2? %1キーを削除しますか:%2? Public key 公開キー Successfully imported the %1 public key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key %1 公開鍵 '%2' のインポートに成功しました Delete the %n %1 public key(s) '%2'? %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal name(s) of the key(s) %n %1 公開鍵 '%2' を削除しますか? Successfully imported the %1 private key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key 秘密鍵 '%2' %1 のインポートに成功しました Delete the %n %1 private key(s) '%2'? %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal name(s) of the key(s) %n %1 プライベート鍵 '%2' を削除しますか? Successfully created the %1 private key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key 秘密鍵 '%2' %1 の作成に成功しました Common 共通 Private プライベート Bogus 偽物 PIN PIN No password パスワードなし Unexpected SSH2 content: '%1' 予期しないSSH2コンテンツ:'%1' Invalid SSH2 public key 無効なSSH2公開キーです Failed writing to %1 %1への書き込みに失敗しました pki_multi No known PEM encoded items found 既知のPEMエンコードされた項目が見つかりません pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 PKCS#12ファイルを復号化するためのパスワードを入力してください: %1 Unable to load the PKCS#12 (pfx) file %1. PKCS#12(pfx)ファイル%1を読み込めません。 The supplied password was wrong (%1) 指定されたパスワードが間違っています(%1) Please enter the password to encrypt the key of certificate '%1' in the PKCS#12 file: %2 証明書 '%1' の鍵を暗号化するパスワードを PKCS#12 ファイルに入力してください: %2 Please enter the password to encrypt the PKCS#12 file PKCS#12ファイルを暗号化するためのパスワードを入力してください No key or no Cert and no pkcs12 キーまたはCertがないか、pkcs12がありません pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. PKCS#7ファイル%1を読み込めません。PEMおよびDER形式を試しました。 pki_scard Successfully imported the token key '%1' トークンキー'%1'が正常にインポートされました Delete the token key '%1'? トークンキー'%1'を削除しますか? Successfully created the token key '%1' トークンキー'%1'が正常に作成されました Delete the %1 keys: %2? %1キーを削除しますか:%2? Delete the %n token key(s): '%1'? %n 個のトークン・キーを削除しますか: '%1'? Delete the private key '%1' from the token '%2 (#%3)' ? トークン「%2(#%3) 」から秘密鍵「%1」を削除しますか? This Key is already on the token このキーはすでにトークン上にあります PIN input aborted PIN入力を中止しました Unable to find copied key on the token トークン上にコピーされたキーが見つかりません Please insert card: %1 %2 [%3] with Serial: %4 カードを挿入してください:%1 %2 [%3]シリアル番号:%4 Select Slot of %1 スロット %1 を選択 Illegal Key generation method 不正なキー生成方法 Unable to find generated key on card カード上に生成されたキーが見つかりません Ignoring unsupported token key サポートされていないトークンキーを無視します Wrong Size %1 サイズ%1が間違っています Token %1 トークン%1 Failed to find the key on the token トークン上のキーが見つかりませんでした Invalid Pin for the token トークンのPINが無効です Failed to initialize the key on the token トークンのキーの初期化に失敗しました pki_temp Successfully imported the XCA template '%1' XCAテンプレート'%1'が正常にインポートされました Delete the XCA template '%1'? XCAテンプレート'%1'を削除しますか? Successfully created the XCA template '%1' XCAテンプレート'%1'が正常に作成されました Delete the %1 XCA templates: %2? %1XCAテンプレートを削除しますか:%2? Delete the %n XCA template(s): '%1'? %n 個の XCA テンプレートを削除しますか: '%1'? Wrong Size %1 サイズ%1が間違っています Template file content error (too small) テンプレートファイルのコンテンツエラー(小さすぎる) Not a PEM encoded XCA Template PEMエンコードされたXCAテンプレートではありません Not an XCA Template, but '%1' XCAテンプレートではありませんが'%1' pki_x509 Successfully imported the certificate '%1' 証明書'%1'が正常にインポートされました Delete the certificate '%1'? 証明書'%1'を削除しますか? Successfully created the certificate '%1' 証明書'%1'が正常に作成されました Delete the %1 certificates: %2? %1証明書を削除しますか:%2? Delete the %n certificate(s): '%1'? %n 個の証明書を削除しますか: '%1'? Unable to load the certificate in file %1. Tried PEM and DER certificate. ファイル%1の証明書を読み込めません。PEMおよびDER証明書を試しました。 Invalid OpenVPN tls-auth key OpenVPN tls-auth key が無効です Failed to import tls-auth key tls-auth key のインポートに失敗しました Same tls-auth key already stored for this CA この CA には同じ tls-auth key が保存されています New tls-auth key successfully imported 新しい tls-auth key を保存しました Existing tls-auth key successfully replaced 既に存在する tls-auth keyを新しい tls-auth keyで正常に置き換えました This certificate is already on the security token この証明書は既にセキュリティトークンにあります Delete the certificate '%1' from the token '%2 (#%3)'? トークン'%2(#%3)'から証明書「%1 」を削除しますか? There is no key for signing ! 署名用のキーがありません! Wrong Size %1 サイズ%1が間違っています No いいえ Yes はい Renew certificate: %1 証明書を書き換える:%1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' %2で発行されたXCA証明書「%1 」は%3に有効期限が切れます。 これはXCAデータベース'%4'に保存されています pki_x509req Signing key not valid (public key) 署名キーが無効です(公開キー) Successfully imported the %1 certificate request '%2' %1証明書要求'%2'が正常にインポートされました Delete the %1 certificate request '%2'? %1証明書要求'%2'を削除しますか? Successfully created the %1 certificate request '%2' %1証明書要求'%2'が正常に作成されました Delete the %1 certificate requests: %2? %1証明書要求を削除しますか:%2? Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. ファイル%1の証明書要求を読み込めません。PEM、DER、およびSPKAC形式を試しました。 Wrong Size %1 サイズ%1が間違っています Successfully imported the PKCS#10 certificate request '%1' PKCS#10 証明書要求 '%1' のインポートに成功しました Delete the %n PKCS#10 certificate request(s): '%1'? %n PKCS#10 証明書要求を削除しますか? Successfully created the PKCS#10 certificate request '%1' PKCS#10 証明書要求 '%1' の作成に成功しました Signed 署名済み Unhandled 未処理 v3ext Copy Common Name コモンネームのコピー Add 追加 Delete 削除 Apply 適用 Validate 検証 Cancel キャンセル An email address or 'copy' 電子メールアドレスまたはコピー An email address 電子メールアドレス A registered ID: OBJECT IDENTIFIER 登録ID:オブジェクト識別子 A uniform resource indicator 統一資源指標 A DNS domain name or 'copycn' DNSドメイン名または'copycn' A DNS domain name DNSドメイン名 An IP address IPアドレス Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' 構文:<OID>;TYPE:text like'1.2.3.4:UTF8:name' No editing. Only 'copy' allowed here 編集なし。ここでは「コピー 」のみ指定してください Validation failed: '%1' %2 検証に失敗しました: '%1' %2 Validation successful: '%1' 検証に成功しました: '%1' xcaWarning The following error occurred: 次のエラーが発生しました: Copy to Clipboard クリップボードにコピー xcaWarningGui Copy to Clipboard クリップボードにコピー xca-RELEASE.2.9.0/lang/xca_ko.ts000066400000000000000000005510511477156507700161430ustar00rootroot00000000000000 CaProperties Form 양식 Days until next CRL issuing 다음 CRL 발급까지 남은 일수 Default template 기본값 CertDetail Details of the Certificate 인증서 세부 정보 Serial 일련번호 The serial number of the certificate 인증서의 일련번호 The internal name of the certificate in the database 데이터베이스의 인증서 내부 이름 Status 상태 Internal name 내부이름 Signature 서명 Key Fingerprints 지문 값들 MD5 MD5 An md5 hashsum of the certificate 인증서의 md5 해시 SHA1 SHA1 A SHA-1 hashsum of the certificate 인증서의 SHA-1 해시 SHA256 SHA256 A SHA-256 hashsum of the certificate 인증서의 SHA-256 해시 Validity 유효성 The time since the certificate is valid 인증서 유효기간 시작일 The time until the certificate is valid 인증서 유효기간 종료일 Subject 주제 Issuer 발행자 Extensions 확장 키 Validation 유효성 Purposes 목적 Strict RFC 5280 validation 엄격한 RFC 5280 검증 Comment 코멘트 Attributes 속성 Show config 구성 보기 Show extensions 확장 키 표시 Show public key 공개키 표시 This key is not in the database. 이 키는 데이터베이스에 없습니다. Not available 사용할 수 없음 No verification errors found. 검증 오류가 발견되지 않았습니다. Signer unknown 서명자 불명 Self signed 자체 서명 Revoked at %1 %1 에서 폐기됨 Not valid 유효하지 않음 Valid 유효함 Details of the certificate signing request 인증서 서명 요청 세부 사항 CertExtend Certificate renewal 인증서 갱신 This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. 새로운 일련 번호와 조정된 유효 값이 포함된 기존 인증서의 사본으로 새 인증서를 생성합니다. Validity 유효성 Not before 시작일시 Not after 종료일시 Time range 기간 지정 Local time 현지시간 Days Months 개월 Years No well-defined expiration 정의된 만료일 없음 Midnight 자정시간 Apply 적용 Revoke old certificate 이전 인증서 폐기 Replace old certificate 이전 인증서 교체 Keep serial number 일련번호 유지 The certificate will be earlier valid than the signer. This is probably not what you want. 인증서의 유효 기간이 서명자의 유효 기간보다 먼저 시작됩니다. 이는 원하지 않는 상황일 수 있습니다. Edit dates 날짜 수정 Abort rollout 배포 중단 Continue rollout 배포 계속 Adjust date and continue 날짜 조정 후 계속 The certificate will be longer valid than the signer. This is probably not what you want. 인증서의 유효 기간이 서명자의 유효 기간보다 더 길어질 것입니다. 이는 원하지 않는 상황일 수 있습니다. CertTreeView Hide unusable certificates 사용할 수 없는 인증서 숨기기 Import PKCS#12 PKCS#12 가져오기 Import from PKCS#7 PKCS#7 가져오기 Request 요청 Security token 보안 토큰 Other token 기타 토큰 Similar Certificate 유사증명서 Delete from Security token 보안 토큰에서 삭제 CA CA Properties 속성 Generate CRL CRL 생성 Manage revocations 폐기 관리 Import OpenVPN tls-auth key OpenVPN TLS-인증키 가져오기 Renewal 갱신 Revoke 폐기 Unrevoke 폐기 취소 Plain View 일반 보기 Tree View 트리 보기 days No template 템플릿 없음 CA Properties CA 속성 Certificate export 인증서 내보내기 X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) X509 인증서 ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) vCalendar entry ( *.ics ) vCalendar 항목( *.ics ) OpenVPN file ( *.ovpn ) OpenVPN 파일 ( *.ovpn ) OpenVPN tls-auth key ( *.key ) OpenVPN TLS 인증키 ( *.key ) ClickLabel Double click for details 자세한 내용은 더블클릭하세요 CrlDetail Details of the Revocation list 폐기 목록 세부정보 &Status 상태(&S) Version 버전 Signature 서명 Signed by 서명자 Name 이름 The internal name of the CRL in the database 데이터베이스의 CRL 내부 이름 issuing dates 발행일 Next update 다음번 업데이트 일시 Last update 마지막 업데이트 일시 &Issuer 발행자(&I) &Extensions 확장 키(&E) &Revocation list 폐기 목록(&R) Comment 코멘트 Failed 실패 Unknown signer 알 수 없는 서명자 Verification not possible 확인 할 수 없습니다. CrlTreeView There are no CA certificates for CRL generation CRL 생성을 위한 CA 인증서가 없습니다. Select CA certificate CA 인증서를 선택하십시오 Revocation list export 폐기 목록 내보내기 CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) vCalendar entry ( *.ics ) vCalendar 항목 ( *.ics ) ExportDialog Name 이름 The internal name of the CRL in the database 데이터베이스의 CRL 내부 이름 ... ... Filename 파일명 Each Item in a separate file 각 항목을 개별 파일로 분리 Same encryption password for all items 모든 항목에 동일한 암호화 비밀번호 사용 Export comment into PEM file 주석을 PEM 파일로 내보내기 Export Format 내보내기 형식 %n selected item(s) %n개의 선택된 항목(들) All files ( * ) 모든 파일 ( * ) The file: '%1' already exists! 파일: '%1'이 이미 존재합니다! Overwrite 덮어쓰기 Do not overwrite 덮어쓰지 않음 The path: '%1' exist, but is not a file 경로: '%1'이 존재하지만 파일이 아닙니다. The path: '%1' exist, but is not a directory 경로: '%1'이 존재하지만 디렉토리가 아닙니다. The directory: '%1' does not exist. Should it be created? 디렉토리: '%1'이 존재하지 않습니다. 생성할까요? Create 생성 Failed to create directory '%1' 디렉토리 '%1'을(를) 생성하지 못했습니다. Directory 디렉토리 Form last update 마지막 업데이트 next update 다음 업데이트 Days Months 개월 Years Apply 적용 Midnight 자정시간 Local time 현지시간 No well-defined expiration 정의된 만료일 없음 Help << << >> >> &Done 완료(&D) ImportMulti Import PKI Items PKI 항목 가져오기 Import &All 모두 가져오기(&A) &Import 가져오기(&I) &Done 완료(&D) &Remove from list 목록에서 제거(&R) Details 상세 Delete from token 토근에서 제거 Rename on token 토큰 이름 변경 Name: %1 Model: %2 Serial: %3 이름: %1 모델: %2 일련번호: %3 Manage security token 보안 토큰 관리 The type of the item '%1' is not recognized 항목 '%1'의 유형을 인식할 수 없습니다. Could not open the default database 기본 데이터베이스를 열 수 없습니다. The file '%1' did not contain PKI data 파일 '%1'에 PKI 데이터가 포함되어 있지 않습니다. The %1 files: '%2' did not contain PKI data %1 파일: '%2'에 PKI 데이터가 포함되어 있지 않습니다. ItemProperties Name 이름 Source 출처 Insertion date 등록 날짜 Comment 코멘트 KeyDetail Name 이름 The internal name of the key used by xca xca에서 사용하는 키의 내부 이름 Security token 보안 토큰 Manufacturer 제조사 Serial 일련번호 Key Public Exponent 공개 지수 Keysize 키 길이 Private Exponent 비밀 지수 Security Token 보안 토큰 Label 라벨 PKCS#11 ID PKCS#11 ID Token information 토큰 정보 Model 모델 Fingerprint 지문 Comment 코멘트 Details of the %1 key %1 키의 세부 정보 Not available 유효하지 않음 Available 유효함 Sub prime 서브프라임 Public key 공개 키 Private key 개인 키 Curve name 곡선 이름 Unknown key 알 수 없는 키 KeyTreeView Change password 비밀번호 변경 Reset password 비밀번호 재설정 Change PIN PIN 변경 Init PIN with SO PIN (PUK) SO PIN(PUK)을 사용한 PIN 초기화 Change SO PIN (PUK) SO PIN(PUK) 변경 Security token 보안 토큰 This is not a token 이것은 토큰이 아닙니다. Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable 원래 키 '%1'을 토큰의 키로 대체하시겠습니까? '%1' 키가 삭제되어 내보낼 수 없게 됩니다. Key export 키 내보내기 Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) SSH Private Keys ( *.priv ) SSH Private Keys ( *.priv ) Microsoft PVK Keys ( *.pvk ) Microsoft PVK Keys ( *.pvk ) MainWindow Private Keys 개인 키 &New Key 새로운 키(&N) &Export 내보내기(&E) &Import 가져오기(&I) Import PFX (PKCS#12) PFX(PKCS#12) 가져오기 &Show Details 세부 정보 보기(&S) &Delete 삭제(&D) Certificate signing requests 인증서 서명 요청 &New Request CSR 생성(&N) Certificates 인증서 &New Certificate 인증서 생성(&N) Import &PKCS#12 PKCS#12 가져오기(&P) Import P&KCS#7 PKCS#7 가져오기(&K) Plain View 일반 보기 Templates 템플릿 &New Template 새로운 템플릿(&N) &New CRL 새로운 CRL(&N) Ch&ange Template 서식 변경(&a) Revocation lists 폐기 목록 Using or exporting private keys will not be possible without providing the correct password 올바른 비밀번호를 제공하지 않으면 개인 키를 사용하거나 내보낼 수 없습니다. The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. 현재 사용되는 기본 해시 '%1'은 안전하지 않습니다. 보안상의 이유로 최소한 'SHA 224'를 선택하세요. Recent DataBases 최근 데이터베이스 System 시스템 언어 Croatian 크로아티아어 English 영어 French 프랑스어 German 독일어 Japanese 일본어 Korean 한국어 Russian 러시아어 Slovak 슬로바키아어 Spanish 스페인어 Persian 페르시아어 Bulgarian 불가리아어 Polish 폴란드어 Italian 이탈리아어 Chinese 중국어 Dutch 네덜란드어 Portuguese in Brazil 브라질의 포르투갈어 Indonesian 인도네시아어 Turkish 튀르키예어 Language 언어 &File 파일(&F) Open Remote DataBase 원격 데이터베이스 열기 Set as default DataBase 기본 데이터베이스로 설정 New DataBase 새로운 데이터베이스 Open DataBase 데이터베이스 열기 Close DataBase 데이터베이스 닫기 Options 옵션 Exit 종료 I&mport 가져오기(&m) Keys Requests 인증서 서명 요청 PKCS#12 PKCS#12 PKCS#7 PKCS#7 Template 템플릿 Revocation list 폐기 목록 PEM file PEM 파일 Paste PEM file PEM 파일 붙여넣기 Token 토큰 Export Certificate &Index hierarchy 인증서 및 인덱스 계층 내보내기(&I) Content 콘텐츠 &Manage Security token 보안 토큰 관리(&M) &Init Security token 보안 토큰 초기화(&I) &Change PIN PIN 변경(&C) Change &SO PIN SO PIN 변경(&S) Init PIN PIN 초기화 Extra 추가 &Dump DataBase 데이터베이스 내보내기(&D) &Export Certificate Index 인증서 목록 내보내기(&E) C&hange DataBase password 데이터베이스 비밀번호 변경(&h) &Undelete items 항목 삭제 취소(&U) Generate DH parameter DH 매개변수 생성 OID Resolver OID 해석기 &Help 도움말(&H) About 소개 Import PEM data PEM 데이터 가져오기 Please enter the original SO PIN (PUK) of the token '%1' 토큰 '%1'의 원래 SO PIN(PUK)을 입력하세요. Search 검색 Please enter the new SO PIN (PUK) for the token '%1' 토큰 '%1'에 대한 새로운 SO PIN(PUK)을 입력하세요. The new label of the token '%1' 토큰 '%1'의 새로운 라벨 The token '%1' did not contain any keys or certificates 토큰 '%1'에 키나 인증서가 포함되어 있지 않습니다. Retry with PIN PIN으로 다시 시도하세요 Retry with SO PIN SO PIN으로 다시 시도하세요 Current Password 현재 비밀번호 Please enter the current database password 현재 데이터베이스 비밀번호를 입력하세요. The entered password is wrong 입력하신 비밀번호가 틀렸습니다. New Password 새로운 비밀번호 Please enter the new password to encrypt your private keys in the database-file 데이터베이스 파일에 있는 개인 키를 암호화하려면 새 비밀번호를 입력하세요. Transaction start failed 트랜잭션 시작에 실패했습니다. Database: %1 데이터베이스: %1 The currently used PFX / PKCS#12 algorithm '%1' is insecure. 현재 사용되는 PFX / PKCS#12 알고리즘 '%1'은 안전하지 않습니다. Change 변경 Certificate Index ( index.txt ) 인증서 인덱스 ( index.txt ) All files ( * ) 모든 파일 ( * ) Diffie-Hellman parameters saved as: %1 Diffie-Hellman 매개변수가 %1로 저장됨 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits Diffie-Hellman 매개변수는 다양한 애플리케이션에 필요하지만 XCA에서는 처리되지 않습니다. DH 매개변수 비트를 입력하세요. NewCrl Last update 마지막 업데이트 일시 Next update 다음번 업데이트 일시 Days Months 개월 Years Midnight 자정시간 Local time 현지시간 Apply 적용 Options 옵션 CRL number CRL 번호 Subject alternative name 주체 대체 이름 (SAN) Revocation reasons 폐기 이유 Authority key identifier 기관 키 식별자 Hash algorithm 해시 알고리즘 Create CRL CRL 생성 NewKey Please give a name to the new key and select the desired keysize 새로운 키 이름을 지정하고 원하는 키 길이를 선택하세요. Key properties 키 속성 Name 이름 The internal name of the new key 새로 키의 내부 이름 Curve name 곡선 이름 Usually at least 2048 bit keys are recommended 일반적으로 최소 2048비트 키가 권장됩니다. New Key 새로운 키 Keysize 키 길이 Keytype 키 유형 Remember as default 기본값으로 설정 Create 생성 NewX509 Source 출처 Signing request 서명 요청 Show request 요청 보기 Sign this Certificate signing &request 이 인증서 서명 요청에 서명(&r) Copy extensions from the request 요청에서 확장 정보 복사 Modify subject of the request 서명 요청의 주제 변경 Signing 서명 Create a &self signed certificate 자체 서명된 인증서 생성(&s) Use &this Certificate for signing 서명에 이 인증서 사용(&t) All certificates in your database that can create valid signatures 유효한 서명을 만들 수 있는 데이터베이스의 모든 인증서 Signature algorithm 서명 알고리즘 Template for the new certificate 새 인증서 템플릿 All available templates 사용 가능한 모든 템플릿 Apply extensions 확장 키 적용 Apply subject 주제에 적용 Apply all 모두 적용 Subject 주제 Internal Name 내부이름 Distinguished name 공유 이름 Add 추가 Delete 삭제 Private key 개인 키 This list only contains unused keys 이 목록에는 사용되지 않은 키만 포함되어 있습니다. Used keys too 사용된 키 표시 &Generate a new key 새로운 키 생성(&G) Extensions 확장 키 Type 유형 If this will become a CA certificate or not 새 인증서가 CA 인증서인지 여부를 지정합니다. Not defined 정의되지 않음 Certification Authority 인증 기관(CA) End Entity 최종 개체(End Entity) Path length 경로 길이 How much CAs may be below this. 하위 CA의 수 The basic constraints should always be critical 기본 제약은 항상 중요해야 합니다. Key identifier 키 속성 Creates a hash of the key following the PKIX guidelines PKIX 지침에 따라 키의 해시를 생성합니다. Copy the Subject Key Identifier from the issuer 발급자로부터 주체 키 식별자를 복사합니다. Validity 유효성 Not before 시작일시 Not after 종료일시 Time range 기간 지정 Days Months 개월 Years Apply 적용 Set the time to 00:00:00 and 23:59:59 respectively 시간을 각각 00:00:00 및 23:59:59로 설정하세요. Midnight 자정시간 Local time 현지시간 No well-defined expiration 정의된 만료일 없음 DNS: IP: URI: email: RID: DNS: IP: URI: email: RID: Edit 편집 URI: URI: Key usage 키 사용 Netscape Netscape Advanced 고급설정 Validate 검증 Comment 코멘트 This name is only used internally and does not appear in the resulting certificate 이 이름은 내부적으로만 사용되며 결과 인증서에는 나타나지 않습니다. Critical 중요한 Create Certificate signing request 인증서 서명 요청 생성 minimum size: %1 최소 크기: %1 maximum size: %1 최대 크기: %1 only a-z A-Z 0-9 '()+,-./:=? a-z A-Z 0-9 '()+,-./:=?만 허용됩니다. only 7-bit clean characters 7비트 클린 문자만 Edit XCA template XCA 템플릿 편집 Create x509 Certificate x509 인증서 생성 Template '%1' applied 템플릿 '%1'이 적용되었습니다. Subject applied from template '%1' 템플릿 '%1'에서 적용된 주제 Extensions applied from template '%1' 템플릿 '%1'에서 확장이 적용되었습니다. New key '%1' created 새로운 키 '%1'이 생성되었습니다. Other Tabs 기타 탭 Advanced Tab 고급 탭 Errors 오류 From PKCS#10 request PKCS#10 요청에서 Error 오류 duplicate extensions 중복된 확장 키 The Name Constraints are invalid 이름 제약 조건이 잘못되었습니다. The Subject Alternative Name is invalid 주체 대체 이름(SAN)이 잘못 되었습니다. The Issuer Alternative Name is invalid 발급자 대체 이름(IAN)이 잘못되었습니다. The CRL Distribution Point is invalid CRL Distribution Point 이 잘못되었습니다. The Authority Information Access is invalid Authority Information Access 이 잘못되었습니다. Abort rollout 배포 중단 The following length restrictions of RFC3280 are violated: RFC3280의 다음 길이 제한을 위반했습니다. Edit subject 주제 수정 Continue rollout 배포 계속 The verification of the Certificate request failed. The rollout should be aborted. 인증서 요청 검증에 실패했습니다. 롤아웃을 중단해야 합니다. Continue anyway 계속 진행 The internal name and the common name are empty. Please set at least the internal name. 내부 이름과 일반 이름이 비어 있습니다. 최소한 내부 이름을 설정하세요. Edit name 이름 수정 There is no Key selected for signing. 서명할 키가 선택되지 않았습니다. Select key 키 선택 The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. 다음과 같은 고유 이름 항목은 비어 있습니다. %1 그러나 옵션 메뉴에서 필수로 선언합니다. The key you selected for signing is not a private one. 서명을 위해 선택한 키는 개인 키가 아닙니다. Select other signer 다른 서명자를 선택하세요 Select other key 다른 키를 선택하세요 The currently selected hash algorithm '%1' is insecure and should not be used. 현재 선택된 해시 알고리즘 '%1'은 안전하지 않으므로 사용해서는 안 됩니다.0 Select other algorithm 다른 알고리즘을 선택하세요 Use algorithm anyway 어쨌든 알고리즘을 사용하세요 The certificate will be earlier valid than the signer. This is probably not what you want. 인증서는 서명자보다 일찍 유효해집니다. 이것은 아마 당신이 원하는 것이 아닐 것입니다. Edit dates 날짜 수정 Adjust date and continue 날짜 조정 후 계속 The certificate will be longer valid than the signer. This is probably not what you want. 인증서의 유효 기간이 서명자의 유효 기간보다 더 길어질 것입니다. 이는 원하지 않는 상황일 수 있습니다. The certificate will be out of date before it becomes valid. You most probably mixed up both dates. 인증서는 유효해지기 전에 만료됩니다. 아마도 두 날짜를 혼동했을 것입니다. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. 인증서에 잘못된 확장자 또는 중복된 확장자가 포함되어 있습니다. 고급 탭에서 유효성 검사를 확인하세요. The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. 인증서에는 확장자가 없습니다. 템플릿 중 하나의 확장자를 적용하여 인증서의 목적을 정의할 수 있습니다. The certificate contains invalid extensions. 인증서에 잘못된 확장자가 포함되어 있습니다. Edit extensions 확장 프로그램 편집 The subject alternative name shall contain a copy of the common name. However, the common name is empty. 주제 대체 이름 (SAN) 에는 일반 이름의 사본이 포함되어야 합니다. 그러나 일반 이름은 비어 있습니다. A name constraint of the issuer '%1' is violated: %2 발급자 '%1'의 이름 제약 조건이 위반되었습니다: %2 Configfile error on line %1 %1번 줄에 Configfile 오류가 있습니다 OidResolver OID Resolver OID 해석기 Enter the OID, the Nid, or one of the textual representations OID, Nid 또는 텍스트 표현 중 하나를 입력하세요. Search 검색 OID OID Long name 긴 이름 OpenSSL internal ID OpenSSL 내부 ID Nid Nid Short name 짧은 이름 OpenDb Open remote database 원격 데이터베이스 열기 Database type 데이터베이스 유형 Hostname 호스트 이름 Username 사용자 이름 Password 비밀번호 Database name 데이터베이스 이름 Table prefix 테이블 접두사 No SqLite3 driver available. Please install the qt-sqlite package of your distribution SqLite3 드라이버를 사용할 수 없습니다. 배포판의 qt-sqlite 패키지를 설치하세요. Options XCA Options XCA 옵션 Settings 설정 Default hash algorithm 기본 해시 알고리즘 String types 문자열 유형 Suppress success messages 성공 메시지를 표시하지 않음 Don't colorize expired certificates 만료된 인증서에 색을 지정하지 않음 Translate established x509 terms (%1 -> %2) 기존 x509 용어 번역(%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. XCA에서는 토큰의 해싱 기능을 사용하지 않습니다. 하지만 토큰에 의해 전파된 제한된 해시 세트를 존중할 수 있습니다. 특히 EC와 DSA는 PKCS#11 사양에서 SHA1로만 정의되어 있습니다. Only use hashes supported by the token when signing with a token key 토큰 키로 서명할 때 토큰이 지원하는 해시만 사용하세요. Disable legacy Netscape extensions 기존 Netscape 확장 프로그램 비활성화 PKCS12 encryption algorithm PKCS12 암호화 알고리즘 Certificate expiry warning threshold 인증서 만료 경고 임계값 Send vCalendar expiry reminder vCalendar 만료 알림 보내기 Serial number length 일련번호 길이 bit bit Distinguished name 공유 이름 Mandatory subject entries 필수 주제 항목 Add 추가 Delete 삭제 Explicit subject entries 명시적 주제 항목 Dynamically arrange explicit subject entries 명시적 주제 항목을 동적으로 정렬합니다. Default 기본 PKCS#11 provider PKCS#11 공급자 Remove 삭제 Search 검색 Printable string or UTF8 (default) 인쇄 가능한 문자열 또는 UTF8(기본값) PKIX recommendation in RFC2459 RFC2459의 PKIX 권장 사항 No BMP strings, only printable and T61 BMP 문자열 없음, 인쇄 가능 및 T61 전용 UTF8 strings only (RFC2459) UTF8 문자열만(RFC2459) All strings 모든 문자열 Days Weeks PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) 비밀번호는 2자리 16진수 코드로 구문 분석되므로 길이가 짝수여야 합니다(0-9 및 a-f만). Take as HEX string HEX 문자열로 가져오기 Repeat %1 %1 반복 %1 mismatch %1 불일치 Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters 16진수 비밀번호는 '0' - '9' 및 'a' - 'f' 문자만 포함해야 하며 짝수 개의 문자로 구성되어야 합니다. Exit 종료 QObject Undefined 정의되지 않음 Broken / Invalid 파손 / 무효 in %1 seconds %1초 안에 %1 seconds ago %1초 전 in %1 minutes %1분 안에 %1 minutes ago %1분 전 Yesterday 어제 Tomorrow 내일 in %1 hours %1시간 안에 %1 hours ago %1시간 전 Out of data 데이터 없음 Error finding endmarker of string 문자열의 종료 표시자를 찾는 중 오류가 발생했습니다. All files ( * ) 모든 파일 ( * ) PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK Keys ( *.pvk );; SSH Public Keys ( *.pub );; PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK Keys ( *.pvk );; SSH Public Keys ( *.pub );; Import RSA key RSA 키 가져오기 PKCS#10 CSR ( *.pem *.der *.csr );; PKCS#10 CSR ( *.pem *.der *.csr );; Import Request 가져오기 요청 Certificates ( *.pem *.der *.crt *.cer );; Certificates ( *.pem *.der *.crt *.cer );; Import X.509 Certificate X.509 인증서 가져오기 PKCS#7 data ( *.p7s *.p7m *.p7b );; PKCS#7 data ( *.p7s *.p7m *.p7b );; Import PKCS#7 Certificates PKCS#7 인증서 가져오기 PKCS#12 Certificates ( *.p12 *.pfx );; PKCS#12 Certificates ( *.p12 *.pfx );; Import PKCS#12 Private Certificate PKCS#12 개인 인증서 가져오기 XCA templates ( *.xca );; XCA 템플릿( *.xca );; Import XCA Templates XCA 템플릿 가져오기 Revocation lists ( *.pem *.der *.crl );; 해지 목록(*.pem *.der *.crl);; Import Certificate Revocation List 인증서 폐기 목록 가져오기 XCA Databases ( *.xdb );; XCA Databases ( *.xdb );; Open XCA Database XCA 데이터베이스 열기 OpenVPN tls-auth key ( *.key );; OpenVPN tls-auth 키 ( *.key );; Import OpenVPN tls-auth key OpenVPN tls-auth 키 가져오기 PKCS#11 library ( *.dll );; PKCS#11 라이브러리( *.dll );; PKCS#11 library ( *.dylib *.so );; PKCS#11 라이브러리( *.dylib *.so );; PKCS#11 library ( *.so );; PKCS#11 라이브러리( *.so );; Open PKCS#11 shared library PKCS#11 공유 라이브러리 열기 PEM files ( *.pem );; PEM files ( *.pem );; Load PEM encoded file PEM 인코딩 파일 로드 Please enter the PIN on the PinPad PinPad에 PIN을 입력해주세요. Please enter the SO PIN (PUK) of the token %1 토큰 %1의 SO PIN(PUK)을 입력하세요. Please enter the PIN of the token %1 토큰 %1의 PIN을 입력하세요 No Security token found 보안 토큰을 찾을 수 없습니다 Select 선택 Please enter the new SO PIN (PUK) for the token: '%1' 토큰 '%1'에 대한 새로운 SO PIN(PUK)을 입력하세요. Please enter the new PIN for the token: '%1' 토큰의 새 PIN을 입력하세요: '%1' Required PIN size: %1 - %2 필요한 PIN 크기: %1 - %2 Disabled 비활성화 Library loading failed 라이브러리 로딩에 실패했습니다 PKCS#11 function '%1' failed: %2 PKCS#11 기능 '%1'이 실패했습니다: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 PKCS#11 함수 '%1' 실패: %2 라이브러리 %3 %4 Invalid 유효하지 않음 %1 is shorter than %2 bytes: '%3' %1은 %2바이트보다 짧습니다: '%3' %1 is longer than %2 bytes: '%3' %1은 %2바이트보다 깁니다: '%3' String '%1' for '%2' contains invalid characters '%2'에 대한 문자열 '%1'에 잘못된 문자가 포함되어 있습니다. Error reading config file %1 at line %2 %2행에서 구성 파일 %1을(를) 읽는 동안 오류가 발생했습니다. The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. %2 파일의 %3 행에 있는 개체 '%1'이(가) 이미 '%4:%5:%6'으로 알려져 있으므로 제거해야 합니다. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. 파일 %3 행 %4의 OID %2에 대한 식별자 '%1'은 이미 다른 OID인 '%5:%6:%7'에 사용되고 있으므로 충돌을 피하기 위해 변경해야 합니다. Unknown object '%1' in file %2 line %3 파일 %2 행 %3에 알 수 없는 개체 '%1'이 있습니다. Failed to start a database transaction 데이터베이스 트랜잭션을 시작하지 못했습니다. Country code 국가 코드 State or Province 주 또는 도 Locality 소재지 Organisation 조직 Organisational unit 조직 단위 Common name 일반 이름 E-Mail address 이메일 주소 Serial number 일련번호 Given name 이름 Surname Title 직함 Initials 이니셜 Description 설명 Role 역할 Pseudonym 가명 Generation Qualifier 세대 구분자 x500 Unique Identifier x500 고유 식별자 Name 이름 DN Qualifier DN 구분자 Unstructured name 구조화되지 않은 이름 Challenge password 챌린지 비밀번호 Basic Constraints 기본 제약 조건 Name Constraints 이름 제약 조건 Subject alternative name 주제 대체 이름 (SAN) issuer alternative name 발급자 대체 이름 Subject key identifier 주제 키 식별자 Authority key identifier 기관 키 식별자 Key usage 키 사용 Extended key usage 확장된 키 사용 CRL distribution points CRL 배포 지점 Authority information access 기관 정보 접근 Certificate type 인증서 유형 Base URL 기본 URL Revocation URL 폐기 URL CA Revocation URL CA 폐기 URL Certificate renewal URL 인증서 갱신 URL CA policy URL CA 정책 URL SSL server name SSL 서버 이름 Comment 코멘트 Index file written to '%1' 인덱스 파일이 '%1'에 기록되었습니다. Index hierarchy written to '%1' 인덱스 계층 구조가 '%1'에 기록되었습니다. Unknown key type %1 알 수 없는 키 유형 %1 Failed to write PEM data to '%1' '%1'에 PEM ​​데이터를 쓰지 못했습니다. Password verify error, please try again 비밀번호 확인 오류입니다. 다시 시도해 주세요. The following error occurred: 다음과 같은 오류가 발생했습니다: Failed to update the database schema to the current version 데이터베이스 스키마를 현재 버전으로 업데이트하지 못했습니다. Password 비밀번호 insecure 안전하지 않음 ReqTreeView Sign 서명 Unmark signed 서명됨 표시 해제 Mark signed 서명됨 표시 Similar Request 유사한 요청 Certificate request export 인증서 요청 내보내기 Certificate request ( *.pem *.der *.csr ) 인증서 요청(*.pem *.der *.csr) RevocationList Manage revocations 폐기 관리 Add 추가 Delete 삭제 Edit 편집 No. No. Serial 일련번호 Revocation 폐기 Reason 이유 Invalidation 무효화 Generate CRL CRL 생성 Revoke Certificate revocation 인증서 폐기 Revocation details 폐기 세부 정보 Revocation reason 폐기 이유 Local time 현지시간 Invalid since 폐기 일시 Serial 일련번호 SearchPkcs11 Directory 디렉토리 ... ... Include subdirectories 하위 디렉토리 포함 Search 검색 The following files are possible PKCS#11 libraries 다음 파일은 사용 가능한 PKCS#11 라이브러리입니다 SelectToken Security token 보안 토큰 Please select the security token 보안 토큰을 선택해주세요. TempTreeView Duplicate 복제 Create certificate 인증서 생성 Create request 요청 생성 copy 복사 Preset Template values 사전 설정 템플릿 값 Template export 템플릿 내보내기 XCA Templates ( *.xca ) XCA 템플릿( *.xca ) TrustState Certificate trust 인증서 신뢰 Trustment 신뢰 &Never trust this certificate 이 인증서를 절대 신뢰하지 마십시오(&N) Only &trust this certificate, if we trust the signer 서명자를 신뢰하는 경우에만 이 인증서를 신뢰하세요.(&T) &Always trust this certificate 이 인증서를 항상 신뢰(&A) Validity yyyy-MM-dd hh:mm yyyy-MM-dd hh:mm X509SuperTreeView Transform 변환 Template 템플릿 Public key 공개 키 XFile Error opening file: '%1': %2 파일 열기 오류: '%1': %2 Error rewinding file: '%1': %2 파일 복원 오류: '%1': %2 XcaDetail Import 가져오기 XcaTreeView Item properties 항목 속성 Subject entries 주제 항목 X509v3 Extensions X509v3 확장 키 Netscape extensions Netscape 확장 키 Key properties 키 속성 Reset 재설정 Hide Column 열 숨기기 Details 상세 Columns Export Password 비밀번호 내보내기 Please enter the password to encrypt all %n exported private key(s) in: %1 Singular form for 0 or 1 item can be ignored. Will always be called with n >= 2 0 또는 1개 항목에 대한 단수형은 무시할 수 있습니다. 항상 n >= 2로 호출됩니다. %n개의 내보낸 개인 키를 모두 암호화하려면 비밀번호를 입력하세요: %1 New 신규 Import 가져오기 Paste PEM data PEM 데이터 붙여넣기 Rename 이름변경 Properties 속성 Delete 삭제 Export 내보내기 Clipboard 클립보드 File 파일 Clipboard format 클립보드 형식 database_model Please enter the password to access the database server %2 as user '%1'. 사용자 '%1'로 데이터베이스 서버 %2에 접속하려면 비밀번호를 입력하세요. Unable to create '%1': %2 '%1'을(를) 생성할 수 없습니다: %2 The file '%1' is not an XCA database 파일 '%1'은 XCA 데이터베이스가 아닙니다. No SqLite3 driver available. Please install the qt-sqlite package of your distribution SqLite3 드라이버를 사용할 수 없습니다. 배포판의 qt-sqlite 패키지를 설치하세요. New Password 새로운 비밀번호 Please enter a password, that will be used to encrypt your private keys in the database: %1 데이터베이스에서 개인 키를 암호화하는 데 사용할 비밀번호를 입력하세요: %1 Password 비밀번호 Please enter the password for unlocking the database: %1 데이터베이스 잠금 해제를 위한 비밀번호를 입력하세요: %1 db_base Internal name 내부이름 No. No. Primary key 기본 키 Database unique number 데이터베이스 고유 번호 Date 날짜 Date of creation or insertion 생성 또는 삽입 날짜 Source 출처 Generated, Imported, Transformed 생성, 가져오기, 변환 Comment 코멘트 First line of the comment field 코멘트 필드의 첫 번째 줄 Import from: %1 다음에서 가져오기: %1 Could not create directory %1 디렉토리 %1을(를) 생성할 수 없습니다. db_crl Signer 서명자 Internal name of the signer 서명자의 내부 이름 No. revoked 폐기 수 Number of revoked certificates 폐지된 인증서 수 Last update 마지막 업데이트 일시 Next update 다음번 업데이트 일시 CRL number CRL 번호 The revocation list already exists in the database as: '%1' and so it was not imported 해지 목록은 이미 데이터베이스에 다음과 같이 존재합니다: '%1' 그로 인해 가져오지 않았습니다. Failed to initiate DB transaction DB 트랜잭션을 초기화하지 못했습니다. Database error: %1 데이터베이스 오류: %1 db_key Type 유형 Size 크기 EC Group EC그룹 Use 사용 Password 비밀번호 The key is already in the database as: '%1' and is not going to be imported 키는 이미 데이터베이스에 다음과 같이 있습니다: '%1' 그로 인해 가져오지 않을 것입니다. The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key 데이터베이스에는 이미 가져온 키의 공개 부분이 '%1 로 포함되어 있으며 키의 새 비공개 부분으로 완료됩니다. Extending public key from %1 by imported key '%2' 가져온 키 '%2'를 사용하여 %1의 공개 키 확장 Key size too small ! 키 크기가 너무 작습니다! You are sure to create a key of the size: %1 ? %1 크기의 키를 생성하시겠습니까? Internal error 내부 오류 Internal key update: The keys: %1 must be updated once by resetting and setting its private password 내부 키 업데이트: 키: %1은(는) 개인 비밀번호를 재설정하고 설정하여 한 번 업데이트해야 합니다. Tried to change password of a token 토큰의 비밀번호를 변경하려고 했습니다. db_temp Bad template: %1 잘못된 템플릿: %1 Empty template 빈 템플릿 db_x509 CA CA reflects the basic Constraints extension 기본 제약 조건 확장을 반영합니다. Serial 일련번호 Start date 시작 날짜 Expiry date 만료일 MD5 fingerprint MD5 지문 SHA1 fingerprint SHA1 지문 SHA256 fingerprint SHA256 지문 Not before 시작일시 Not after 종료일시 Revocation 폐기 CRL Expiration CRL 만료 Failed to retrieve unique random serial 고유한 임의 일련번호를 검색하지 못했습니다. The certificate already exists in the database as: '%1' and so it was not imported 인증서는 이미 데이터베이스에 다음과 같이 존재합니다: '%1' 그로 인해 가져오지 못했습니다. Signed on %1 by '%2' %1에 '%2'가 서명했습니다. Unknown 알 수 없음 Invalid public key 잘못된 공개 키 The key you selected for signing is not a private one. 서명을 위해 선택한 키는 개인 키가 아닙니다. Failed to create directory '%1' 디렉토리 '%1'을(를) 생성하지 못했습니다. Store the certificate to the key on the token '%1 (#%2)' ? 토큰 '%1 (#%2)'의 키에 인증서를 저장하시겠습니까? There was no key found for the Certificate: '%1' 인증서에 대한 키를 찾을 수 없습니다: '%1' Not possible for a token key: '%1' 토큰 키 '%1'을(를) 사용할 수 없습니다 Not possible for the token-key Certificate '%1' 토큰 키 인증서 '%1'을(를) 사용할 수 없습니다. db_x509name Subject 주제 Complete distinguished name 완전한 고유 이름 Subject hash 주제 해시 Hash to lookup certs in directories 디렉토리에서 인증서를 조회하기 위한 해시 db_x509req Signed 서명됨 whether the request is already signed or not 요청이 이미 서명되었는지 여부 Unstructured name 구조화되지 않은 이름 Challenge password 챌린지 비밀번호 Certificate count 인증서 수 Number of certificates in the database with the same public key 동일한 공개 키를 가진 데이터베이스의 인증서 수 The certificate signing request already exists in the database as '%1' and thus was not stored 인증서 서명 요청이 데이터베이스에 이미 존재합니다. '%1' 그로 인해 저장되지 않았습니다. db_x509super Key name 키 이름 Internal name of the key 키의 내부 이름 Signature algorithm 서명 알고리즘 Key type 키 유형 Key size 키 길이 EC Group EC그룹 Extracted from %1 '%2' %1 '%2'에서 추출됨 Certificate 인증서 Certificate request 인증서 요청 The following extensions were not ported into the template 다음 확장자는 템플릿으로 이식되지 않았습니다. Transformed from %1 '%2' %1 '%2'에서 변환됨 kvView Type 유형 Content 콘텐츠 pass_info Password 비밀번호 PIN PIN pkcs11_lib Failed to open PKCS11 library: %1: %2 PKCS11 라이브러리를 열지 못했습니다: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. 이것은 PKCS#11 라이브러리처럼 보이지 않습니다. 심볼 'C_GetFunctionList'를 찾을 수 없습니다. pki_base Unknown 알 수 없음 Imported 가져옴 Generated 생성됨 Transformed 변형됨 Token 토큰 Legacy Database 이전 버전의 데이터베이스 Renewed 갱신됨 Property '%1' not listed in 'pki_base::print' 속성 '%1'이 'pki_base::print'에 나열되어 있지 않습니다. Internal error: Unexpected message: %1 %2 내부 오류: 예상치 못한 메시지: %1 %2 pki_crl Successfully imported the revocation list '%1' 폐기 목록 '%1'을(를) 성공적으로 가져왔습니다. Delete the revocation list '%1'? 폐기 목록 '%1'을(를) 삭제하시겠습니까? Successfully created the revocation list '%1' 폐기 목록 '%1'을(를) 성공적으로 생성했습니다. Delete the %1 revocation lists: %2? %1 폐기 목록을 삭제하시겠습니까? %2? Delete the %n revocation list(s): '%1'? %n개의 폐기 목록(들)을 삭제하시겠습니까: '%1'? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. 파일 %1에서 해지 목록을 로드할 수 없습니다. PEM 및 DER 형식의 CRL을 시도했습니다. No issuer given 발급자가 지정되지 않음 CRL Renewal of CA '%1' due CA '%1'의 CRL 갱신이 만료되었습니다. The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' CA '%1'에서 발급한 최신 CRL은 %2에 만료됩니다. XCA 데이터베이스 '%3'에 저장되어 있습니다. Renew CRL: %1 CRL 갱신: %1 The XCA CRL '%1', issued on %3 will expire on %4. It is stored in the XCA database '%5' %3에 발급된 XCA CRL '%1'은 %4에 만료됩니다. XCA 데이터베이스 '%5'에 저장됨 pki_evp Please enter the password to decrypt the private key %1. 개인 키 %1을(를) 해독하려면 암호를 입력하세요. The key from file '%1' is incomplete or inconsistent. 파일 '%1'의 키가 불완전하거나 일관되지 않습니다. Please enter the password to decrypt the private key from file: %1 파일에서 개인 키를 해독하려면 비밀번호를 입력하세요: %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. %1 파일의 개인 키를 로드할 수 없습니다. PEM 및 DER 개인 키, 공개 키, PKCS#8 키 유형 및 SSH2 형식을 시도했습니다. Please enter the password to decrypt the private key: '%1' 개인 키를 해독하려면 비밀번호를 입력하세요: '%1' Password input aborted 비밀번호 입력이 중단되었습니다. Please enter the database password for decrypting the key '%1' 키 '%1'을 해독하기 위한 데이터베이스 비밀번호를 입력하세요. Decryption of private key '%1' failed 개인 키 '%1'의 암호 해독에 실패했습니다. Please enter the password to protect the private key: '%1' 개인 키를 보호하려면 비밀번호를 입력하세요: '%1' Please enter the database password for encrypting the key 키를 암호화하기 위한 데이터베이스 비밀번호를 입력하세요. Please enter the password to protect the PKCS#8 key '%1' in file: %2 파일에서 PKCS#8 키 '%1'을 보호하려면 비밀번호를 입력하세요: %2 Please enter the password to protect the private key '%1' in file: %2 파일에서 개인 키 '%1'을 보호하려면 비밀번호를 입력하세요: %2 Please enter the password protecting the PKCS#8 key '%1' PKCS#8 키 '%1'을 보호하는 비밀번호를 입력하세요. Please enter the password protecting the Microsoft PVK key '%1' Microsoft PVK 키 '%1'을 보호하는 비밀번호를 입력하세요. Please enter the export password for the private key '%1' 개인 키 '%1'에 대한 내보내기 비밀번호를 입력하세요. pki_export PEM Text format with headers 헤더가 있는 PEM 텍스트 형식 Concatenated list of all selected items in one PEM text file 선택된 모든 항목을 하나의 PEM 텍스트 파일에 연결된 목록 PEM selected PEM 선택됨 Concatenated list of all selected certificates in one PEM text file 선택된 모든 인증서의 연결된 목록을 하나의 PEM 텍스트 파일에 저장 PEM chain PEM 체인 Concatenated text format of the complete certificate chain in one PEM file PEM 파일에서 전체 인증서 체인을 연결한 텍스트 형식 The complete certificate chain and the private key of the selected certificate with tags usable in OpenVPN configuration files OpenVPN 구성 파일에서 사용할 수 있는 태그와 함께 선택한 인증서의 전체 인증서 체인 및 개인 키 PEM + key PEM + key Concatenation of the certificate and the unencrypted private key in one PEM file 인증서와 암호화되지 않은 개인 키를 하나의 PEM 파일에 연결 Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file PKCS#8 형식의 인증서와 암호화된 개인 키를 하나의 파일에 연결 All unusable 모두 사용불가 Concatenation of all expired or revoked certificates in one PEM file 만료되거나 취소된 모든 인증서를 하나의 PEM 파일에 연결 PKCS#7 encoded single certificate PKCS#7 인코딩된 단일 인증서 All selected certificates encoded in one PKCS#7 file 선택된 모든 인증서가 하나의 PKCS#7 파일에 인코딩됨 PKCS #7 chain PKCS #7 chain PKCS#7 encoded complete certificate chain PKCS#7 인코딩된 완전한 인증서 체인 PKCS #7 unusable PKCS #7을 사용할 수 없습니다 PKCS#7 encoded collection of all expired or revoked certificates 만료되거나 취소된 모든 인증서의 PKCS#7 인코딩된 모음 Binary DER encoded certificate 이진 DER 인코딩 인증서 PKCS #12 chain PKCS #12 체인 The complete certificate chain and the private key as encrypted PKCS#12 file 완전한 인증서 체인과 암호화된 PKCS#12 파일로 된 개인 키 PKCS #12 PKCS #12 The certificate and the private key as encrypted PKCS#12 file 인증서와 개인키는 암호화된 PKCS#12 파일로 존재합니다. Certificate Index file 인증서 인덱스 파일 OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool 'ca' 명령으로 생성되고 OCSP 도구에 필요한 OpenSSL 특정 인증서 인덱스 파일 vCalendar vCalendar vCalendar expiry reminder for the selected items 선택한 항목에 대한 vCalendar 만료 알림 CA vCalendar CA vCalendar vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL 발급된 모든 유효한 인증서, CA 자체 및 최신 CRL을 포함하는 vCalendar 만료 알림 OpenSSL config OpenSSL 구성 OpenSSL configuration file to create a certificate or request with the openssl commandline tool openssl 명령줄 도구를 사용하여 인증서나 요청을 생성하기 위한 OpenSSL 구성 파일 OpenVPN tls-auth key OpenVPN TLS 인증 키 The OpenVPN tls-auth key is a secret key shared between endpoints OpenVPN TLS 인증 키는 엔드포인트 간에 공유되는 비밀 키입니다. JSON Web Kit JSON Web Kit The public key of the certificate in JSON Web Kit format with X.509 Certificate Thumbprint (x5t) X.509 인증서 지문(x5t)이 있는 JSON Web Kit 형식의 인증서 공개 키 JSON Web Kit chain JSON Web Kit 체인 The public key of the certificate in JSON Web Kit format with X.509 Certificate Thumbprint (x5t) and certificate chain (x5c) X.509 인증서 지문(x5t) 및 인증서 체인(x5c)이 포함된 JSON Web Kit 형식의 인증서 공개 키 PEM public PEM 공개 Text format of the public key in one PEM file 한 PEM 파일에 있는 공개 키의 텍스트 형식 PEM private PEM 개인 Unencrypted private key in text format 텍스트 형식의 암호화되지 않은 개인 키 PEM encrypted PEM 암호화 OpenSSL specific encrypted private key in text format 텍스트 형식의 OpenSSL 특정 암호화된 개인 키 SSH2 private SSH2 개인 SSH2 public SSH2 공개 The public key encoded in SSH2 format SSH2 형식으로 인코딩된 공개 키 DER public DER 공개 Binary DER format of the public key 공개 키의 2진 DER 형식 DER private DER 개인 Unencrypted private key in binary DER format 이진 DER 형식의 암호화되지 않은 개인 키 PVK private PVK 개인 Private key in Microsoft PVK format not encrypted Microsoft PVK 형식의 개인 키가 암호화되지 않았습니다. PKCS #8 encrypted PKCS #8 암호화 Encrypted private key in PKCS#8 text format PKCS#8 텍스트 형식의 암호화된 개인 키 PKCS #8 PKCS #8 Unencrypted private key in PKCS#8 text format PKCS#8 텍스트 형식의 암호화되지 않은 개인 키 JSON Web Key private JSON 웹 키 비공개 Unencrypted private key in JSON Web Key format JSON Web Key 형식의 암호화되지 않은 개인 키 JSON Web Key public JSON 웹 키 공개 Public key in JSON Web Key format JSON Web Key 형식의 공개 키 Binary DER format of the certificate request 인증서 요청의 2진 DER 형식 Binary DER format of the revocation list 폐지 목록의 2진 DER 형식 vCalendar reminder for the CRL expiry date CRL 만료 날짜에 대한 vCalendar 알림 XCA template in PEM-like format. Templates include the internal name and comment PEM과 유사한 형식의 XCA 템플릿. 템플릿에는 내부 이름과 주석이 포함됩니다. All selected XCA templates in PEM-like format. Templates include the internal name and comment PEM과 유사한 형식의 모든 선택된 XCA 템플릿. 템플릿에는 내부 이름과 주석이 포함됩니다. XCA template in PEM-like format PEM과 유사한 형식의 XCA 템플릿 All selected XCA templates in PEM-like format PEM과 유사한 형식의 선택된 모든 XCA 템플릿 pki_key Successfully imported the %1 public key '%2' %1 공개 키 '%2'을(를) 성공적으로 가져왔습니다. Delete the %1 public key '%2'? %1 공개 키 '%2'을(를) 삭제하시겠습니까? Successfully imported the %1 private key '%2' %1 개인 키 '%2'을(를) 성공적으로 가져왔습니다. Delete the %1 private key '%2'? %1 개인 키 '%2'을(를) 삭제하시겠습니까? Successfully created the %1 private key '%2' %1 개인 키 '%2'을(를) 성공적으로 생성했습니다. Delete the %1 keys: %2? %1 키를 삭제하시겠습니까: %2? Public key 공개 키 Successfully imported the %1 public key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key %1은 'RSA', 'DSA', 'EC'로 대체됩니다. %2는 키의 내부 이름입니다. %1 공개 키 '%2'을(를) 성공적으로 가져왔습니다. Delete the %n %1 public key(s) '%2'? %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal name(s) of the key(s) %1은 'RSA', 'DSA', 'EC'로 대체됩니다. %2는 키의 내부 이름입니다. %n %1 공개 키(들) '%2'을(를) 삭제하시겠습니까? Successfully imported the %1 private key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key %1은 'RSA', 'DSA', 'EC'로 대체됩니다. %2는 키의 내부 이름입니다. %1 개인 키 '%2'을(를) 성공적으로 가져왔습니다. Delete the %n %1 private key(s) '%2'? %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal name(s) of the key(s) %1은 'RSA', 'DSA', 'EC'로 대체됩니다. %2는 키의 내부 이름입니다. %n %1 개인 키(들) '%2'을(를) 삭제하시겠습니까? Successfully created the %1 private key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key %1은 'RSA', 'DSA', 'EC'로 대체됩니다. %2는 키의 내부 이름입니다. %1 개인 키 '%2'을(를) 성공적으로 생성했습니다. Common 코멘트 Private 개인 Bogus 거짓 PIN PIN No password 비밀번호 없음 Unexpected SSH2 content: '%1' 예상치 못한 SSH2 콘텐츠: '%1' Invalid SSH2 public key 잘못된 SSH2 공개 키 Failed writing to %1 %1에 쓰지 못했습니다. pki_multi No known PEM encoded items found 알려진 PEM 인코딩 항목을 찾을 수 없습니다. pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 PKCS#12 파일을 해독하려면 비밀번호를 입력하세요: %1 Unable to load the PKCS#12 (pfx) file %1. PKCS#12(pfx) 파일 %1을 로드할 수 없습니다. The supplied password was wrong (%1) 제공된 비밀번호가 잘못되었습니다 (%1) Please enter the password to encrypt the key of certificate '%1' in the PKCS#12 file: %2 PKCS#12 파일에서 인증서 '%1'의 키를 암호화하기 위한 비밀번호를 입력하세요: %2 Please enter the password to encrypt the PKCS#12 file PKCS#12 파일을 암호화하려면 비밀번호를 입력하세요. No key or no Cert and no pkcs12 키 없음, 인증서 없음, pkcs12 없음 pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. PKCS#7 파일 %1을(를) 로드할 수 없습니다. PEM 및 DER 형식을 시도했습니다. pki_scard Successfully imported the token key '%1' 토큰 키 '%1'을(를) 성공적으로 가져왔습니다. Delete the token key '%1'? 토큰 키 '%1'을(를) 삭제하시겠습니까? Successfully created the token key '%1' 토큰 키 '%1'을(를) 성공적으로 생성했습니다. Delete the %1 keys: %2? %1 키를 삭제하시겠습니까: %2? Delete the %n token key(s): '%1'? %n개의 토큰 키(들)를(을) 삭제하시겠습니까: '%1'? Delete the private key '%1' from the token '%2 (#%3)' ? 토큰 '%2 (#%3)'에서 개인 키 '%1'을(를) 삭제하시겠습니까? This Key is already on the token 이 키는 이미 토큰에 있습니다. PIN input aborted PIN 입력이 중단되었습니다 Unable to find copied key on the token 토큰에서 복사된 키를 찾을 수 없습니다. Please insert card: %1 %2 [%3] with Serial: %4 카드를 삽입하십시오: %1 %2 [%3] 일련 번호: %4 Select Slot of %1 %1의 슬롯을 선택하세요 Unable to find generated key on card 카드에서 생성된 키를 찾을 수 없습니다. Token %1 토큰 %1 Failed to find the key on the token 토큰에서 키를 찾을 수 없습니다. Invalid Pin for the token 토큰에 대한 잘못된 PIN Failed to initialize the key on the token 토큰의 키를 초기화하지 못했습니다. pki_temp Successfully imported the XCA template '%1' XCA 템플릿 '%1'을 성공적으로 가져왔습니다. Delete the XCA template '%1'? XCA 템플릿 '%1'을 삭제하시겠습니까? Successfully created the XCA template '%1' XCA 템플릿 '%1'을 성공적으로 생성했습니다. Delete the %1 XCA templates: %2? %1 XCA 템플릿을 삭제하시겠습니까: %2? Delete the %n XCA template(s): '%1'? %n개의 XCA 템플릿(들)을 삭제하시겠습니까: '%1'? Wrong Size %1 잘못된 크기 %1 Template file content error (too small) 템플릿 파일 내용 오류(너무 작음) Not a PEM encoded XCA Template PEM 인코딩된 XCA 템플릿이 아닙니다. Not an XCA Template, but '%1' XCA 템플릿이 아니지만 '%1' pki_x509 Successfully imported the certificate '%1' 인증서 '%1'을 성공적으로 가져왔습니다. Delete the certificate '%1'? 인증서 '%1'을 삭제하시겠습니까? Successfully created the certificate '%1' 인증서 '%1'을(를) 성공적으로 생성했습니다. Delete the %1 certificates: %2? %1 인증서를 삭제하시겠습니까: %2? Delete the %n certificate(s): '%1'? %n개의 토큰 키(들)를(을) 삭제하시겠습니까: '%1'? Unable to load the certificate in file %1. Tried PEM and DER certificate. %1 파일의 인증서를 로드할 수 없습니다. PEM 및 DER 인증서를 시도했습니다. Invalid OpenVPN tls-auth key 잘못된 OpenVPN TLS 인증 키 Failed to import tls-auth key TLS 인증 키를 가져오지 못했습니다. Same tls-auth key already stored for this CA 이 CA에 대해 동일한 TLS 인증 키가 이미 저장되어 있습니다. New tls-auth key successfully imported 새 TLS 인증 키를 성공적으로 가져왔습니다. Existing tls-auth key successfully replaced 기존 TLS 인증 키가 성공적으로 교체되었습니다. This certificate is already on the security token 이 인증서는 이미 보안 토큰에 있습니다. Delete the certificate '%1' from the token '%2 (#%3)'? 토큰 '%2 (#%3)'에서 인증서 '%1'을 삭제하시겠습니까? There is no key for signing ! 서명할 열쇠가 없습니다! No 아니요 Yes Renew certificate: %1 인증서 갱신: %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' %2에 발급된 XCA 인증서 '%1'은 %3에 만료됩니다. XCA 데이터베이스 '%4'에 저장되어 있습니다. pki_x509req Signing key not valid (public key) 서명 키가 유효하지 않습니다(공개 키) Successfully imported the %1 certificate request '%2' %1 인증서 요청 '%2'을 성공적으로 가져왔습니다. Delete the %1 certificate request '%2'? %1 인증서 요청 '%2'을(를) 삭제하시겠습니까? Successfully created the %1 certificate request '%2' %1 인증서 요청 '%2'을(를) 성공적으로 생성했습니다. Delete the %1 certificate requests: %2? %1 인증서 요청을 삭제하시겠습니까: %2? Successfully imported the PKCS#10 certificate request '%1' PKCS#10 인증서 요청 '%1'을 성공적으로 가져왔습니다. Delete the %n PKCS#10 certificate request(s): '%1'? %n개의 PKCS#10 인증서 요청(들)을 삭제하시겠습니까: '%1'? Successfully created the PKCS#10 certificate request '%1' PKCS#10 인증서 요청 '%1'을(를) 성공적으로 생성했습니다. Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. 파일 %1에서 인증서 요청을 로드할 수 없습니다. PEM, DER 및 SPKAC 형식을 시도했습니다. Signed 서명됨 Unhandled 정의되지 않음 v3ext Copy Common Name 일반 이름 복사 Add 추가 Delete 삭제 Apply 적용 Validate 검증 Cancel 취소 An email address or 'copy' 이메일 주소 또는 복사 An email address 이메일 주소 A registered ID: OBJECT IDENTIFIER 등록된 ID: 객체 식별자 (OBJECT IDENTIFIER) A uniform resource indicator 통일 자원 지표 A DNS domain name or 'copycn' DNS 도메인 이름 또는 'copycn' A DNS domain name DNS 도메인 이름 An IP address IP 주소 Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' 구문: <OID>;TYPE:text like '1.2.3.4:UTF8:name' No editing. Only 'copy' allowed here 편집 불가. 여기서는 '복사'만 허용됩니다. Validation failed: '%1' %2 검증 실패: '%1' %2 Validation successful: '%1' 검증 성공: '%1' xcaWarningGui Copy to Clipboard 클립보드에 복사 xca-RELEASE.2.9.0/lang/xca_nl.ts000066400000000000000000005314531477156507700161470ustar00rootroot00000000000000 CaProperties Form Form Days until next CRL issuing Dagen tot de volgende CRL uitgifte Default template Standaard sjabloon CertDetail Details of the Certificate Eigenschappen van het certificaat Serial Serienummer The serial number of the certificate Het serienummer van het certificaat The internal name of the certificate in the database De interne naam van het certificaat in de database Status Status Internal name Interne naam Signature Handtekening Key Sleutel Fingerprints Fingerprints MD5 MD5 An md5 hashsum of the certificate De MD5 hash van het certificaat SHA1 SHA1 A SHA-1 hashsum of the certificate De SHA-1 hash van het certificaat SHA256 SHA256 A SHA-256 hashsum of the certificate De SHA-256 hash van het certificaat Validity Geldigheid The time since the certificate is valid Het tijdstip sinds het certificaat geldig is The time until the certificate is valid Het tijdstip tot wanneer het certificaat geldig is Subject Onderwerp Issuer Uitgever Extensions Uitbreidingen Validation Validatie Purposes Doelen Strict RFC 5280 validation Strikte RFC 5280 validatie Comment Commentaar Attributes Attributen Show config Toon configuratie Show extensions Toon uitbreidingen Show public key Toon openbare sleutel This key is not in the database. Deze sleutel is niet aanwezig in de database. Not available Niet beschikbaar No verification errors found. Geen verificatie fouten gevonden Signer unknown Onbekende ondertekenaar Self signed Zelf ondertekend Revoked at %1 Ingetrokken op %1 Not valid Niet geldig Valid Geldig Details of the certificate signing request Gegevens van het certificaat onderteken verzoek (CSR) CertExtend Certificate renewal Certificaat vernieuwing This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. Een nieuw certificaat wordt aangemaakt, als kopie van het oude certificaat, met een nieuw serienummer en aangepaste geldigheidswaarden. Validity Geldigheid Not before Niet voor Not after Niet na Time range Tijdspanne Local time Lokale tijdstip Days Dagen Months Maanden Years Jaren No well-defined expiration Geen correct gedefinieerde expiratie Midnight Middernacht Apply Toepassen Revoke old certificate Oude certificaat intrekken Replace old certificate Oude certificaat vervangen Keep serial number Gebruik het oude serienummer The certificate will be earlier valid than the signer. This is probably not what you want. De startdatum van het certificaat ligt voor de datum van ondertekening. Dit is waarschijnlijk niet gewenst. Edit dates Datums aanpassen Abort rollout Uitgave stopzetten Continue rollout Uitgave voortzetten Adjust date and continue Datum aanpassen en doorgaan The certificate will be longer valid than the signer. This is probably not what you want. De einddatum van het certificaat is later dan de einddatum van ondertekening. Dit is waarschijnlijk niet gewenst. CertTreeView Hide unusable certificates Verberg onbruikbare certificaten Import PKCS#12 Importeren van PKCS#12 bestand Import from PKCS#7 Importeren van PKCS#7 bestand Request Verzoek Security token Beveiligingstoken Other token Ander token Similar Certificate Gelijksoortig certificaat Delete from Security token Verwijder van beveiligingstoken CA Certificaat Autoriteit (CA) Properties Eigenschappen Generate CRL Genereer CRL Manage revocations Beheer intrekkingen Import OpenVPN tls-auth key Importeer OpenVPN tls-auth sleutel Renewal Vernieuwing Revoke Intrekken Unrevoke Intrekken ongedaan maken Plain View Tekst weergave Tree View Vertakkingen overzicht days dagen No template Geen sjabloon CA Properties CA Eigenschappen Certificate export Certificaat export X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) X.509 Certificaten ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) vCalendar entry ( *.ics ) vCalendar entiteit ( *.ics ) OpenVPN file ( *.ovpn ) OpenVPN bestand ( *.ovpn ) OpenVPN tls-auth key ( *.key ) OpenVPN tls-auth sleutel ( *.key ) ClickLabel Double click for details Dubbel klik voor details CrlDetail Details of the Revocation list Details van de intrekkingslijst &Status &Status Version Versie Signature Handtekening Signed by Ondertekend door Name Naam The internal name of the CRL in the database De interne naam van de CRL in de database issuing dates datum van afgifte Next update Volgende update Last update Laatste update &Issuer U&itgever &Extensions Uitbr&eidingen &Revocation list Lijst van int&rekkingen Comment Commentaar Failed Mislukt Unknown signer Onbekende ondertekenaar Verification not possible Verificatie is niet mogelijk CrlTreeView There are no CA certificates for CRL generation Er zijn geen CA certificaten voor CRL-generatie Select CA certificate Selecteer CA certificaat Revocation list export Intrekkingslijst exporteren CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) vCalendar entry ( *.ics ) vCalendar entiteit ( *.ics ) ExportDialog Name Naam The internal name of the CRL in the database De interne naam van de CRL in de database ... ... Filename Bestandsnaam Each Item in a separate file Elk item in een apart bestand Same encryption password for all items Gelijk encryptie wachtwoord voor alle bestanden Export comment into PEM file Exporteer commentaar in het PEM bestand Export Format Exporteer formaat %n selected item(s) geselecteerde item %n geselecteerde items All files ( * ) Alle bestanden ( * ) The file: '%1' already exists! Het bestand: '%1' bestaat al! Overwrite Overschrijven Do not overwrite Niet overschrijven The path: '%1' exist, but is not a file Het pad: '%1' bestaat, maar het is geen bestand The path: '%1' exist, but is not a directory Het pad: '%1' bestaat, maar het is geen folder The directory: '%1' does not exist. Should it be created? De folder: '%1' bestaat niet. Moet de folder gemaakt worden? Create Creëren Failed to create directory '%1' Maken van directory is mislukt '%1' Directory Directory (X.500) Form last update Laatste update next update Volgende update Days Dagen Months Maanden Years Jaren Apply Toepassen Midnight Middernacht Local time Lokale tijdstip No well-defined expiration Geen correct gedefinieerde expiratie Help << << >> >> &Done Uitgevoer&d ImportMulti Import PKI Items Importeer PKI gegevens Import &All &Alles importeren &Import &Importeren &Done Uitgevoer&d &Remove from list Ve&rwijder van de lijst Details Details Delete from token Verwijderen uit token Rename on token Hernoem in token Name: %1 Model: %2 Serial: %3 Naam: %1 Model: %2 Serienummer: %3 Manage security token Beheer beveiligingstoken The type of the item '%1' is not recognized Het type van het item '%1' wordt niet herkend Could not open the default database Standaard database openen is niet mogelijk The file '%1' did not contain PKI data Het bestand %1 bevatte geen PKI-gegevens The %1 files: '%2' did not contain PKI data De %1 bestanden: '%2' bevatten geen PKI-gegevens ItemProperties Name Naam Source Bron Insertion date Invoegdatum Comment Commentaar KeyDetail Name Naam The internal name of the key used by xca De interne naam van de sleutel die wordt gebruikt door XCA Security token Beveiligingstoken Manufacturer Fabrikant Serial Serienummer Key Sleutel Public Exponent Openbare Exponent Keysize Sleutelgrootte Private Exponent Privé Exponent Security Token Beveiligingstoken Label Label PKCS#11 ID PKCS#11 ID Token information Token informatie Model Model Fingerprint Fingerprint Comment Commentaar Details of the %1 key Details van de %1-sleutel Not available Niet beschikbaar Available Beschikbaar Sub prime Sub priemgetal Public key Openbare sleutel Private key Privé-sleutel Curve name Curve naam Unknown key Onbekende sleutel KeyTreeView Change password Verander het wachtwoord Reset password Reset het wachtwoord Change PIN Verander de PIN Init PIN with SO PIN (PUK) Initiele PIN met SO PIN (PUK) Change SO PIN (PUK) Verander het SO PIN (PUK) Security token Beveiligingstoken This is not a token Dit is geen token Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable Moet de oorspronkelijke sleutel '%1' worden vervangen door de sleutel van de token? Hiermee wordt de sleutel %1 verwijderd en wordt deze onbruikbaar gemaakt Key export Sleutel export Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Privé-sleutels ( *.pem *.der *.pk8 );; SSH Openbare sleutels ( *.pub ) SSH Private Keys ( *.priv ) SSH Private Sleutels ( *.priv ) Microsoft PVK Keys ( *.pvk ) Microsoft PVK Sleutels ( *.pvk ) MainWindow Private Keys Privé-sleutels &New Key &Nieuwe Sleutel &Export &Exporteren &Import &Importeren Import PFX (PKCS#12) Importeer PFX (PKCS#12) &Show Details Toon Detail&s &Delete Verwij&deren Certificate signing requests Certificaat onderteken verzoeken &New Request &Nieuw Verzoek Certificates Certificaten &New Certificate &Nieuw certificaat Import &PKCS#12 Importeer &PKCS#12 Import P&KCS#7 Importeer P&KCS#7 Plain View Tekst weergave Templates Sjablonen &New Template &Nieuw Sjabloon &New CRL &Nieuwe CRL Ch&ange Template Bewerk Sj&abloon Revocation lists Intrekkingslijsten Using or exporting private keys will not be possible without providing the correct password Het gebruik of exporteren van privé-sleutels is niet mogelijk zonder het juiste wachtwoord op te geven The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. De momenteel gebruikte standaard hash '%1' is onveilig. Selecteer om veiligheidsredenen ten minste 'SHA 224'. Recent DataBases Recente databases System Systeem Croatian Kroatisch English Engels French Frans German Duits Japanese Japans Korean Koreaans Russian Russisch Slovak Slowaaks Spanish Spaans Persian Perzisch Bulgarian Bulgaars Polish Pools Italian Italiaans Chinese Chinees Dutch Nederlands Portuguese in Brazil Braziliaans Portugees Indonesian Indonesisch Turkish Turks Language Taal &File Bestand Open Remote DataBase Open database (op netwerk) Set as default DataBase Stel in als standaard database New DataBase Nieuwe database Open DataBase Open database Close DataBase Sluit database Options Opties Exit Sluiten I&mport I&mport Keys Sleutels Requests Verzoeken PKCS#12 PKCS#12 bestanden PKCS#7 PKCS#7 bestanden Template Sjablonen Revocation list Intrekkingslijsten PEM file PEM bestanden Paste PEM file Plak het PEM bestand Token Token Export Certificate &Index hierarchy Exporteer certificaten &index hiërarchie Content Inhoud &Manage Security token Beheer beveiligingstoken &Init Security token &Initialiseer Beveiligingstoken &Change PIN Verander PIN Change &SO PIN Verander het &SO PIN Init PIN Initialiseer PIN Extra Extra &Dump DataBase &Dump database &Export Certificate Index &Exporteer certificaten index C&hange DataBase password V&erander database wachtwoord &Undelete items Herstel gegevens Generate DH parameter Genereer DH parameter OID Resolver OID Vertaler &Help &Help About Over Import PEM data Importeer PEM gegevens Please enter the original SO PIN (PUK) of the token '%1' Voer de oorspronkelijke SO PIN (PUK) van het token '%1' in Search Zoeken Please enter the new SO PIN (PUK) for the token '%1' Voer de nieuwe SO PIN (PUK) van het token '%1' in The new label of the token '%1' Het nieuwe label van het token '%1' The token '%1' did not contain any keys or certificates Het token '%1' bevatte geen sleutels of certificaten Retry with PIN Opnieuw proberen met PIN Retry with SO PIN Opnieuw proberen met SO PIN Current Password Huidig wachtwoord Please enter the current database password Voer het huidige database wachtwoord in The entered password is wrong Het ingevoerde wachtwoord is niet correct New Password Nieuw wachtwoord Please enter the new password to encrypt your private keys in the database-file Voer het nieuwe wachtwoord in om uw privé-sleutels te versleutelen in het database bestand Transaction start failed Start van de transactie is mislukt Database: %1 Database: %1 The currently used PFX / PKCS#12 algorithm '%1' is insecure. Het huidig gebruikte PFX / PKCS#12 algoritme '%1' is niet veilig. Change Veranderen Certificate Index ( index.txt ) Certificaat Index ( index.txt ) All files ( * ) Alle bestanden ( * ) Diffie-Hellman parameters saved as: %1 Diffie-Hellman parameters opgeslagen als: %1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits Diffie-Hellman parameters zijn nodig voor verschillende toepassingen (zoals b.v. OpenVPN). XCA heeft ze echter niet nodig en gebruikt de parameters zelf niet. Voer de Diffie-Hellman bit modulus in, voor later gebruik (Advies > 2048 bit) NewCrl Last update Laatste update Next update Volgende update Days Dagen Months Maanden Years Jaren Midnight Middernacht Local time Lokale tijdstip Apply Toepassen Options Opties CRL number CRL nummer Subject alternative name Alternatieve naam van het onderwerp Revocation reasons Redenen van intrekken Authority key identifier Autoriteit sleutel-ID Hash algorithm Hash algoritme Create CRL creëer een CRL NewKey Please give a name to the new key and select the desired keysize Geef een naam op voor de nieuwe sleutel en selecteer de gewenste sleutelgrootte Key properties Sleutel eigenschappen Name Naam The internal name of the new key De interne naam van de nieuwe sleutel Curve name Curve naam Usually at least 2048 bit keys are recommended Meestal worden ten minste 2048 bit sleutels aanbevolen New Key Nieuwe sleutel Keysize Sleutelgrootte Keytype Sleuteltype Remember as default Onthoud als standaard Create Creëren NewX509 Source Bron Signing request Ondertekeningsverzoek Show request Verzoek weergeven Sign this Certificate signing &request Onde&rteken dit certificaat ondertekeningsverzoek Copy extensions from the request Kopieer uitbreidingen van het verzoek Modify subject of the request Wijzig het onderwerp van het verzoek Signing Ondertekening Create a &self signed certificate Maak een zelf ondertekend certificaat Use &this Certificate for signing Gebruik di&t certificaat voor ondertekening All certificates in your database that can create valid signatures Alle certificaten in uw database voor het maken van geldige handtekeningen Signature algorithm Handtekening algoritme Template for the new certificate Sjabloon voor het nieuwe certificaat All available templates Alle beschikbare sjablonen Apply extensions Uitbreidingen toepassen Apply subject Onderwerp toepassen Apply all Alles toepassen Subject Onderwerp Internal Name Interne naam Distinguished name DistinguishedName (DN) Add Toevoegen Delete Verwijderen Private key Privé-sleutel This list only contains unused keys Deze lijst bevat alleen ongebruikte sleutels Used keys too Ook gebruikte sleutels &Generate a new key &Genereer een nieuwe sleutel Extensions Uitbreidingen Type Type If this will become a CA certificate or not Of dit een CA certificaat wordt of niet Not defined Niet gedefinieerd Certification Authority Certificaat Authoriteit End Entity Eindentiteit Path length Pad lengte How much CAs may be below this. Hoeveel CA's zitten hier mogelijk onder. The basic constraints should always be critical De basisbeperkingen behoren altijd kritisch te zijn Key identifier Sleutelidentificatie Creates a hash of the key following the PKIX guidelines Creëert een hash van de sleutel volgens de PKIX-richtlijnen Copy the Subject Key Identifier from the issuer Kopieer de Onderwerp Key Identifier van de uitgever Validity Geldigheid Not before Niet voor Not after Niet na Time range Tijdspanne Days Dagen Months Maanden Years Jaren Apply Toepassen Set the time to 00:00:00 and 23:59:59 respectively Stel de tijd in op respectievelijk 00:00:00 en 23:59:59 Midnight Middernacht Local time Lokale tijdstip No well-defined expiration Geen correct gedefinieerde expiratie DNS: IP: URI: email: RID: DNS: IP: URI: email: RID: Edit Bewerken URI: URI: Key usage Sleutelgebruik Netscape Netscape Advanced Gevorderd Validate Valideren Comment Commentaar This name is only used internally and does not appear in the resulting certificate Deze naam wordt alleen intern gebruikt en verschijnt niet in het resulterende certificaat Critical Kritisch Create Certificate signing request Maak een certificaat ondertekeningsverzoek minimum size: %1 minimale grootte: %1 maximum size: %1 maximale grootte: %1 only a-z A-Z 0-9 '()+,-./:=? enkel a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters alleen 7-bits ascii karakters Edit XCA template Bewerk XCA sjabloon Create x509 Certificate Maak een X.509 certificaat Template '%1' applied Sjabloon '%1' wordt toegepast Subject applied from template '%1' Onderwerp toegepast vanuit sjabloon '%1' Extensions applied from template '%1' Uitbreidingen toegepast van sjabloon '%1' New key '%1' created Nieuwe sleutel '%1' gemaakt Other Tabs Andere tabbladen Advanced Tab Geavanceerd tabblad Errors Fouten From PKCS#10 request Vanaf PKCS#10 verzoek Error Fout duplicate extensions dubbele extensies The Name Constraints are invalid De naam beperkingen zijn ongeldig The Subject Alternative Name is invalid De Subject Alternative Name is ongeldig The Issuer Alternative Name is invalid De Issuer Alternative Name is ongeldig The CRL Distribution Point is invalid De CRL Distribution Point is ongeldig The Authority Information Access is invalid De Authority Information Access is ongeldig Abort rollout Uitgave stopzetten The following length restrictions of RFC3280 are violated: De volgende lengtebeperkingen van RFC3280 worden overtreden: Edit subject Onderwerp bewerken Continue rollout Uitgave voortzetten The verification of the Certificate request failed. The rollout should be aborted. De verificatie van de certificaataanvraag is mislukt. De uitrol moet worden afgebroken. Continue anyway Ga toch verder The internal name and the common name are empty. Please set at least the internal name. De interne naam en de commonName (CN) zijn leeg. Stel ten minste de interne naam in. Edit name Bewerk naam There is no Key selected for signing. Er is geen sleutel geselecteerd voor ondertekening. Select key Selecteer sleutel The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. De volgende DistinguishedName (DN) gegevens zijn leeg: %1 hoewel ze als verplicht zijn aangegeven in het optiemenu. The key you selected for signing is not a private one. De sleutel die geselecteerd is voor ondertekening, is geen privésleutel. Select other signer Selecteer andere ondertekenaar Select other key Selecteer andere sleutel The currently selected hash algorithm '%1' is insecure and should not be used. Het huidig geselecteerde hash algoritme '%1' is niet veilig en wordt afgeraden om te gebruiken. Select other algorithm Selecteer een ander algoritme Use algorithm anyway Gebruik het algoritme toch The certificate will be earlier valid than the signer. This is probably not what you want. De startdatum van het certificaat ligt voor de datum van ondertekening. Dit is waarschijnlijk niet gewenst. Edit dates Datums aanpassen Adjust date and continue Datum aanpassen en doorgaan The certificate will be longer valid than the signer. This is probably not what you want. De einddatum van het certificaat is later dan de einddatum van ondertekening. Dit is waarschijnlijk niet gewenst. The certificate will be out of date before it becomes valid. You most probably mixed up both dates. Het certificaat is verouderd voordat het geldig is. Waarschijnlijk zijn beide datums verwisseld. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. Het certificaat bevat ongeldige of dubbele uitbreidingen. Controleer de validatie op het tabblad Geavanceerd. The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. Het certificaat bevat geen uitbreidingen. U kunt de uitbreidingen van een van de sjablonen toepassen om het doel van het certificaat te definiëren. The certificate contains invalid extensions. Het certificaat bevat niet valide uitbreidingen Edit extensions Bewerk uitbreidingen The subject alternative name shall contain a copy of the common name. However, the common name is empty. De alternatieve naam van het onderwerp moet een kopie van de commonName (CN) bevatten. De commonName is echter leeg. A name constraint of the issuer '%1' is violated: %2 Een naam beperking van de uitgever '%1' is geschonden: %2 Configfile error on line %1 Config bestand fout op regel %1 OidResolver OID Resolver OID Vertaler Enter the OID, the Nid, or one of the textual representations Voer de OID, de NID of een van de tekstuele Engelse omschrijvingen in Search Zoeken OID OID (Object IDentifier) Long name Lange naam OpenSSL internal ID OpenSSL interne ID Nid NID (Numeric IDentifier) Short name Korte naam OpenDb Open remote database Open database (op netwerk) Database type Database type Hostname Hostnaam Username Gebruikersnaam Password Wachtwoord Database name Database naam Table prefix Tabel voorvoegsel No SqLite3 driver available. Please install the qt-sqlite package of your distribution Geen SqLite3-stuurprogramma beschikbaar. Installeer alstublieft het qt-sqlite-pakket van uw distributie Options XCA Options XCA Opties Settings Instellingen Default hash algorithm Standaard hash algoritme String types String types Suppress success messages Onderdruk succes berichten Don't colorize expired certificates Verlopen certificaten niet tonen in kleur Translate established x509 terms (%1 -> %2) Vertaal vastgestelde X.509 termen (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. De hash-functionaliteit van het token wordt niet gebruikt door XCA. Het kan echter een beperkte hash-set respecteren die door het token wordt gepropageerd. Vooral EC en DSA worden alleen gedefinieerd met SHA1 in de PKCS#11-specificatie. Only use hashes supported by the token when signing with a token key Gebruik alleen hashes die door het token worden ondersteund bij het ondertekenen met een token sleutel Disable legacy Netscape extensions Verouderde Netscape-uitbreidingen uitschakelen PKCS12 encryption algorithm PKCS12-coderingsalgoritme Certificate expiry warning threshold Waarschuwingsdrempel voor vervallen van certificaat Send vCalendar expiry reminder Verstuur de vCalendar vervaldatum herinnering Serial number length Lengte van serienummer bit bit Distinguished name DistinguishedName (DN) Mandatory subject entries Verplichte onderwerp gegevens Add Toevoegen Delete Verwijderen Explicit subject entries Expliciete onderwerp gegevens Dynamically arrange explicit subject entries Dynamisch georganiseerde, expliciete, onderwerp gegevens Default Standaard PKCS#11 provider PKCS#11 provider Remove Verwijderen Search Zoeken Printable string or UTF8 (default) Afdrukbare reeks of UTF8 (standaard) PKIX recommendation in RFC2459 PKIX-aanbeveling uit RFC2459 No BMP strings, only printable and T61 Geen BMP-reeksen, alleen afdrukbaar en T61 UTF8 strings only (RFC2459) Alleen UTF8 reeksen (RFC2459) All strings Alle reeksen Days Dagen Weeks Weken PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) Het wachtwoord wordt ontbonden als tweecijferige hexadecimale code. Het moet een even aantal cijfers hebben (0-9 en A-F) Take as HEX string Neem als hexadecimale-string Repeat %1 Herhaal %1 %1 mismatch %1 komt niet overeen Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters Hexadecimale-wachtwoord mag alleen de tekens '0' - '9' en 'a' - 'f' bevatten en het moet uit een even aantal tekens bestaan Exit Sluiten QObject Undefined Onbepaald Broken / Invalid Gebroken / Ongeldig in %1 seconds in %1 seconden %1 seconds ago %1 seconde(n) geleden in %1 minutes in %1 minuten %1 minutes ago %1 minuten geleden Yesterday Gisteren Tomorrow Morgen in %1 hours in %1 uur %1 hours ago %1 uur/uren geleden Out of data Geen gegevens meer Error finding endmarker of string Fout bij het vinden van einde markering van tekenreeks All files ( * ) Alle bestanden ( * ) PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK Keys ( *.pvk );; SSH Public Keys ( *.pub );; PKI Sleutels ( *.pem *.der *.key );; PKCS#8 Sleutels ( *.p8 *.pk8 );; Microsoft PVK Sleutels ( *.pvk );; SSH Publieke Sleutels ( *.pub );; Import RSA key RSA-sleutel importeren PKCS#10 CSR ( *.pem *.der *.csr );; PKCS#10 CSR ( *.pem *.der *.csr );; Import Request Importeer verzoek Certificates ( *.pem *.der *.crt *.cer );; Certificaten ( *.pem *.der *.crt *.cer );; Import X.509 Certificate Importeer X.509 certificaat PKCS#7 data ( *.p7s *.p7m *.p7b );; PKCS#7 data ( *.p7s *.p7m *.p7b );; Import PKCS#7 Certificates Importeer PKCS#7 certificaten PKCS#12 Certificates ( *.p12 *.pfx );; PKCS#12 certificaten ( *.p12 *.pfx );; Import PKCS#12 Private Certificate Importeer PKCS#12 privé certificaat XCA templates ( *.xca );; XCA sjablonen ( *.xca );; Import XCA Templates XCA sjablonen importeren Revocation lists ( *.pem *.der *.crl );; Intrekkingslijsten ( *.pem *.der *.crl );; Import Certificate Revocation List Certificaatintrekkingslijst importeren XCA Databases ( *.xdb );; XCA databases ( *.xdb );; Open XCA Database Open XCA database OpenVPN tls-auth key ( *.key );; OpenVPN tls-auth sleutel ( *.key );; Import OpenVPN tls-auth key Importeer OpenVPN tls-auth sleutel PKCS#11 library ( *.dll );; PKCS#11 bibliotheek ( *.dll );; PKCS#11 library ( *.dylib *.so );; PKCS#11 bibliotheek ( *.dylib *.so );; PKCS#11 library ( *.so );; PKCS#11 bibliotheek ( *.so );; Open PKCS#11 shared library Open PKCS#11 gedeelde bibliotheek bestand PEM files ( *.pem );; PEM bestanden ( *.pem );; Load PEM encoded file PEM gecodeerd bestand laden Please enter the PIN on the PinPad Voer de PIN in op het PIN ingave apparaat Please enter the SO PIN (PUK) of the token %1 Voer de SO PIN (PUK) van het token %1 in Please enter the PIN of the token %1 Voer de PIN van het token %1 in No Security token found Geen beveiligingstoken gevonden Select Selecteer Please enter the new SO PIN (PUK) for the token: '%1' Voer de nieuwe SO PIN (PUK) voor het token: '%1' in Please enter the new PIN for the token: '%1' Voer de nieuwe PIN voor het token: '%1' in Required PIN size: %1 - %2 Vereiste PIN grootte: %1 - %2 Disabled Uitgeschakeld Library loading failed Laden van bibliotheek bestand is mislukt PKCS#11 function '%1' failed: %2 PKCS#11 functie '%1' is mislukt: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 PKCS#11 functie '%1' is mislukt: %2 In bibliotheek bestand %3 %4 Invalid Ongeldig %1 is shorter than %2 bytes: '%3' %1 is korter dan %2 bytes: '%3' %1 is longer than %2 bytes: '%3' %1 is langer dan %2 bytes: '%3' String '%1' for '%2' contains invalid characters Tekenreeks '%1' voor '%2' bevat ongeldige tekens Error reading config file %1 at line %2 Fout bij het lezen van configuratiebestand %1 op regel %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. Het object '%1' van bestand %2 op regel %3 staat al bekend als '%4:%5:%6' en moet worden verwijderd. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. De ID %1 voor OID %2 uit bestand %3 op regel %4 wordt al voor een andere OID gebruikt als %5:%6:%7 en moet worden gewijzigd om conflicten te voorkomen. Unknown object '%1' in file %2 line %3 Onbekend object '%1' in bestand %2 op regel %3 Failed to start a database transaction Starten van database transactie is mislukt Country code Landcode State or Province Staat of Provincie Locality Stad Organisation Organisatie Organisational unit Organisatie-eenheid Common name CommonName E-Mail address E-Mail adres Serial number Serienummer Given name Voornaam Surname Achternaam Title Titel Initials Initialen Description Omschrijving Role Rol Pseudonym Pseudoniem Generation Qualifier Generation Qualifier x500 Unique Identifier X.500 Unieke IDentificatie Name Naam DN Qualifier DN kwalificatie Unstructured name Ongestructureerde naam Challenge password Challenge wachtwoord Basic Constraints Basis beperkingen Name Constraints Naam beperking Subject alternative name Alternatieve naam van het onderwerp issuer alternative name Alternatieve naam van de uitgever Subject key identifier ID van onderwerp-sleutel Authority key identifier Autoriteit sleutel-ID Key usage Sleutelgebruik Extended key usage Uitgebreid sleutelgebruik CRL distribution points CRL-distributiepunten Authority information access Authoriteit Informatie toegang (AIA) Certificate type Certificaattype Base URL Basis URL Revocation URL Intrekkings URL CA Revocation URL CA-Intrekkings URL Certificate renewal URL URL voor certificaatvernieuwing CA policy URL CA-beleid URL SSL server name SSL server naam Comment Commentaar Index file written to '%1' Index bestand is opgeslagen in '%1' Index hierarchy written to '%1' Index hiërarchie is opgeslagen in '%1' Unknown key type %1 Onbekend sleuteltype %1 Failed to write PEM data to '%1' PEM-gegevens naar '%1' schrijven is niet gelukt Password verify error, please try again Fout bij wachtwoordverificatie, probeer het opnieuw The following error occurred: De volgende fout is opgetreden: Failed to update the database schema to the current version Kan het databaseschema niet bijwerken naar de huidige versie Password Wachtwoord insecure onveilig ReqTreeView Sign Ondertekenen Unmark signed Niet ondertekend Mark signed Ondertekend Similar Request Gelijksoortig verzoek Certificate request export Exporteren van certificaat verzoeken Certificate request ( *.pem *.der *.csr ) Certificaataanvraag (* .pem * .der * .csr) RevocationList Manage revocations Beheer intrekkingen Add Toevoegen Delete Verwijderen Edit Bewerken No. No. Serial Serienummer Revocation Intrekking Reason Reden Invalidation Ongeldigverklaring Generate CRL Genereer CRL Revoke Certificate revocation Intrekken van certificaat Revocation details Details voor intrekken Revocation reason Reden van intrekken Local time Lokale tijdstip Invalid since Niet geldig sinds Serial Serienummer SearchPkcs11 Directory Directory (X.500) ... ... Include subdirectories Subdirectories opnemen Search Zoeken The following files are possible PKCS#11 libraries De volgende bestanden zijn mogelijk PKCS#11 bibliotheken SelectToken Security token Beveiligingstoken Please select the security token Selecteer het beveiligingstoken TempTreeView Duplicate Dupliceren Create certificate Certificaat aanmaken Create request Verzoek creëren copy kopiëren Preset Template values Preset-sjabloonwaarden Template export Sjabloon export XCA Templates ( *.xca ) XCA sjablonen ( *.xca ) Validity yyyy-MM-dd hh:mm yyyy-MM-dd hh:mm X509SuperTreeView Transform Transformeren Template Sjablonen Public key Openbare sleutel XFile Error opening file: '%1': %2 Fout bij openen van bestand: '%1':%2 Error rewinding file: '%1': %2 Fout bij terugzetten van bestand: '%1': %2 XcaDetail Import Import XcaTreeView Item properties Item eigenschappen Subject entries Onderwerp gegevens X509v3 Extensions X.509v3 Uitbreidingen Netscape extensions Netscape uitbreidingen Key properties Sleutel eigenschappen Reset Reset Hide Column Kolom verbergen Details Details Columns Kolommen Export Password Exporteer wachtwoord Please enter the password to encrypt all %n exported private key(s) in: %1 Singular form for 0 or 1 item can be ignored. Will always be called with n >= 2 Voer het wachtwoord in om de geëxporteerde privé-sleutel te versleutelen: %1 Voer het wachtwoord in om alle %n geëxporteerde privé-sleutels te versleutelen: %1 New Nieuw Import Import Paste PEM data Plak PEM gegevens Rename Hernoemen Properties Eigenschappen Delete Verwijderen Export Exporteren Clipboard Klembord File Bestand Clipboard format Klembord formaat database_model Please enter the password to access the database server %2 as user '%1'. Voer het wachtwoord in om toegang te krijgen tot de database server %2 als gebruiker '%1'. Unable to create '%1': %2 Niet mogelijk om te maken '%1': %2 The file '%1' is not an XCA database Het bestand '%1' is geen XCA database No SqLite3 driver available. Please install the qt-sqlite package of your distribution Geen SqLite3-stuurprogramma beschikbaar. Installeer alstublieft het qt-sqlite-pakket van uw distributie New Password Nieuw wachtwoord Please enter a password, that will be used to encrypt your private keys in the database: %1 Voer een wachtwoord in, dat zal worden gebruikt om uw privé-sleutels in de database te versleutelen: %1 Password Wachtwoord Please enter the password for unlocking the database: %1 Voer het wachtwoord in om de database te ontgrendelen: %1 db_base Internal name Interne naam No. No. Primary key Hoofdsleutel Database unique number Database uniek nummer Date Datum Date of creation or insertion Datum van creatie of invoeging Source Bron Generated, Imported, Transformed Gegenereerd, Geïmporteerd, Getransformeerd Comment Commentaar First line of the comment field Eerste regel van het opmerkingenveld Import from: %1 Importeren van: %1 Could not create directory %1 Maken van folder is mislukt %1 db_crl Signer Ondertekenaar Internal name of the signer Interne naam van de ondertekenaar No. revoked No. ingetrokken Number of revoked certificates Aantal ingetrokken certificaten Last update Laatste update Next update Volgende update CRL number CRL nummer The revocation list already exists in the database as: '%1' and so it was not imported De intrekkingslijst bestaat al in de database als: '%1' en dus werd het niet geïmporteerd Failed to initiate DB transaction Kan DB-transactie niet starten Database error: %1 Database fout: %1 db_key Type Type Size Grootte EC Group EC Groep Use Gebruik Password Wachtwoord The key is already in the database as: '%1' and is not going to be imported De sleutel staat al in de database als: '%1' en wordt niet geïmporteerd The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key De database bevat al het openbare gedeelte van de geïmporteerde sleutel als '%1' en wordt voltooid door het nieuwe, privégedeelte van de sleutel Extending public key from %1 by imported key '%2' Openbare sleutel uitbreiden van %1 door geïmporteerde sleutel '%2' Key size too small ! Sleutellengte te klein ! You are sure to create a key of the size: %1 ? Bent u zeker om een sleutel van deze grootte te maken: %1 ? Internal key update: The keys: %1 must be updated once by resetting and setting its private password Interne sleutel update: De sleutels: '%1' moeten eenmalig aangepast worden door het resetten en ingeven van het privé wachtwoord Tried to change password of a token Het wachtwoord van een token is geprobeerd te wijzigen db_temp Bad template: %1 Incorrect sjabloon: %1 Empty template Lege sjabloon db_x509 CA Certificaat Autoriteit (CA) reflects the basic Constraints extension weerspiegelt de basisbeperkingen uitbreiding Serial Serienummer Start date Startdatum Expiry date Vervaldatum MD5 fingerprint MD5 fingerprint SHA1 fingerprint SHA1 fingerprint SHA256 fingerprint SHA256 fingerprint Not before Niet voor Not after Niet na Revocation Intrekking CRL Expiration CRL Vervaldatum Failed to retrieve unique random serial Het ophalen van een uniek willekeurig getal is mislukt The certificate already exists in the database as: '%1' and so it was not imported Het certificaat bestaat al in de database als: '%1' en dus werd het niet geïmporteerd Signed on %1 by '%2' Ondertekend op %1 door '%2' Unknown Onbekend Invalid public key Ongeldige openbare sleutel The key you selected for signing is not a private one. De sleutel die geselecteerd is voor ondertekening, is geen privésleutel. Failed to create directory '%1' Maken van directory is mislukt '%1' Store the certificate to the key on the token '%1 (#%2)' ? Sla het certificaat op de sleutel op, op token '%1 (#%2)' ? There was no key found for the Certificate: '%1' Er is geen sleutel gevonden voor het certificaat: '%1' Not possible for a token key: '%1' Niet mogelijk voor een tokensleutel: '%1' Not possible for the token-key Certificate '%1' Niet mogelijk voor het tokensleutel-certificaat '%1' db_x509name Subject Onderwerp Complete distinguished name Volledige DistinguishedName (DN) invullen Subject hash Onderwerp hash Hash to lookup certs in directories Hash om certificaten op te zoeken in directories db_x509req Signed Ondertekend whether the request is already signed or not of het verzoek al ondertekend is of niet Unstructured name Ongestructureerde naam Challenge password Challenge wachtwoord Certificate count Certificaat aantal Number of certificates in the database with the same public key Certificaat aantal met de zelfde openbare sleutel in de database The certificate signing request already exists in the database as '%1' and thus was not stored Het ondertekenverzoek voor certificaten bestaat al in de database als '%1' en werd dus niet opgeslagen db_x509super Key name Sleutelnaam Internal name of the key Interne naam van de sleutel Signature algorithm Handtekening algoritme Key type Sleutel type Key size Sleutel grootte EC Group EC Groep Extracted from %1 '%2' Geëxtraheerd van %1 '%2' Certificate Certificaat Certificate request Certificaat verzoek The following extensions were not ported into the template De volgende uitbreidingen zijn niet in het sjabloon opgenomen Transformed from %1 '%2' Getransformeerd van %1 '%2' kvView Type Type Content Inhoud pass_info Password Wachtwoord PIN PIN pkcs11_lib Failed to open PKCS11 library: %1: %2 Openen van PKCS#11-bibliotheek bestand is mislukt: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Dit lijkt geen PKCS#11 bibliotheek bestand. Teken: 'C_GetFunctionList' not found. pki_base Unknown Onbekend Imported geïmporteerd Generated Gegenereerd Transformed Getransformeerd Token Token Legacy Database Legacy database Renewed Vernieuwd Property '%1' not listed in 'pki_base::print' Eigenschap '%1' is niet opgevoerd in 'pki_base::print' Internal error: Unexpected message: %1 %2 Interne fout: Onverwacht bericht: %1 %2 pki_crl Successfully imported the revocation list '%1' De intrekkingslijst '%1' is succesvol geïmporteerd Successfully created the revocation list '%1' De intrekkingslijst '%1' is succesvol aangemaakt Delete the %n revocation list(s): '%1'? De intrekkingslijst verwijderen: '%1'? De %n intrekkingslijsten verwijderen: '%1'? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. Kan de intrekkingslijst niet laden in bestand %1. Geprobeerd met PEM en DER geformatteerde CRL. No issuer given Geen uitgever genoemd CRL Renewal of CA '%1' due CRL Vernieuwing van CA nodig op '%1' The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' De laatste CRL uitgegeven door CA '%1' vervalt op %2. Het is opgeslagen in de XCA database '%3' Renew CRL: %1 CRL vernieuwen: %1 The XCA CRL '%1', issued on %3 will expire on %4. It is stored in the XCA database '%5' De XCA CRL '%1' uitgegeven op %3 zal verlopen op %4. De CRL is opgeslagen in de XCA database '%5' pki_evp Please enter the password to decrypt the private key %1. Geef het wachtwoord voor het decoderen van de privé sleutel %1. The key from file '%1' is incomplete or inconsistent. De sleutel van bestand '%1' is onvolledig of inconsistent. Please enter the password to decrypt the private key from file: %1 Voer het wachtwoord in om de privé-sleutel uit het bestand te decoderen: %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. Laden van de privé-sleutel in bestand %1 niet mogelijk. Gebruikte methoden PEM- en DER privé, openbaar, PKCS#8 sleuteltypen en SSH2 formaat. Please enter the password to decrypt the private key: '%1' Voer het wachtwoord in om de privé-sleutel te decoderen: '%1' Password input aborted Wachtwoordinvoer afgebroken Please enter the database password for decrypting the key '%1' Voer het database wachtwoord in voor het decoderen van de sleutel '%1' Decryption of private key '%1' failed Decodering van de privé-sleutel '%1' is mislukt Please enter the password to protect the private key: '%1' Voer het wachtwoord in om de privé-sleutel te coderen: '%1' Please enter the database password for encrypting the key Voer het database wachtwoord in om de sleutel te versleutelen Please enter the password to protect the PKCS#8 key '%1' in file: %2 Voer het wachtwoord in om de PKCS#8-sleutel '%1' in het bestand te beschermen: %2 Please enter the password to protect the private key '%1' in file: %2 Voer het wachtwoord in om de privésleutel '%1' in het bestand te beschermen: %2 pki_export PEM Text format with headers PEM Tekst formaat met koppen PEM selected Geselecteerde PEM Concatenated list of all selected certificates in one PEM text file Gebundelde lijst van alle geselecteerde certificaten in één PEM-tekstbestand PEM chain PEM reeks Concatenated text format of the complete certificate chain in one PEM file Samengevoegd tekstformaat van de volledige certificaat reeks in één PEM bestand The complete certificate chain and the private key of the selected certificate with tags usable in OpenVPN configuration files De volledige certificaten reeks en de privé-sleutel van het geselecteerde certificaat met labels bruikbaar in OpenVPN configuratie bestanden PEM + key PEM + sleutel Concatenation of the certificate and the unencrypted private key in one PEM file Samenvoeging van het certificaat en de niet-versleutelde privé-sleutel in één PEM bestand Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Samenvoeging van het certificaat en de versleutelde privé-sleutel in PKCS#8 bestand All unusable Allemaal onbruikbaar Concatenation of all expired or revoked certificates in one PEM file Samenvoeging van alle verlopen of ingetrokken certificaten in één PEM-bestand PKCS#7 encoded single certificate PKCS#7 gecodeerd mono certificaat All selected certificates encoded in one PKCS#7 file Alle geselecteerde certificaten gecodeerd in één PKCS#7 bestand PKCS #7 chain PKCS #7 reeks PKCS#7 encoded complete certificate chain PKCS#7 gecodeerde, complete certificaat reeks PKCS #7 unusable PKCS #7 onbruikbaar PKCS#7 encoded collection of all expired or revoked certificates PKCS#7 gecodeerde verzameling van alle verlopen of ingetrokken certificaten Binary DER encoded certificate Binair DER-gecodeerd certificaat PKCS #12 chain PKCS #12 reeks The complete certificate chain and the private key as encrypted PKCS#12 file De volledige certificaat reeks en de privé-sleutel als versleuteld PKCS#12 bestand PKCS #12 PKCS #12 The certificate and the private key as encrypted PKCS#12 file Het certificaat en de privé-sleutel als versleuteld PKCS#12 bestand Certificate Index file Certificaat index bestand OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool OpenSSL-specifiek certificaat-indexbestand, gemaakt met de opdracht 'ca' en vereist voor de OCSP-tool vCalendar vCalendar vCalendar expiry reminder for the selected items vCalendar vervaldatum herinnering voor de geselecteerde items CA vCalendar CA vCalendar vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL vCalendar vervaldatum herinnering met daarin bevattend: alle uitgegeven, geldige certificaten, de CA zelf en de nieuwste CRL OpenSSL config OpenSSL configuratie OpenSSL configuration file to create a certificate or request with the openssl commandline tool OpenSSL-configuratiebestand om een ​​certificaat of verzoek te maken met behulp van OpenSSL opdrachtregels OpenVPN tls-auth key OpenVPN tls-auth sleutel The OpenVPN tls-auth key is a secret key shared between endpoints De OpenVPN tls-auth sleutel is een geheime sleutel die alleen tussen de eindpunten wordt gedeeld JSON Web Kit JSON Web Kit The public key of the certificate in JSON Web Kit format with X.509 Certificate Thumbprint (x5t) De openbare sleutel van het certificaat in JSON Web Kit-formaat met X.509 Certificaat Thumbprint (x5t) JSON Web Kit chain JSON Web Kit-keten The public key of the certificate in JSON Web Kit format with X.509 Certificate Thumbprint (x5t) and certificate chain (x5c) De openbare sleutel van het certificaat in JSON Web Kit-formaat met X.509 Certificaat Thumbprint (x5t) en certificaatketen (x5c) PEM public PEM openbaar Text format of the public key in one PEM file Tekstformaat van de openbare sleutel in één PEM bestand PEM private PEM privé Unencrypted private key in text format Niet-versleutelde privé-sleutel in tekst formaat PEM encrypted PEM-versleuteld OpenSSL specific encrypted private key in text format OpenSSL-specifieke versleutelde privé-sleutel in tekstformaat SSH2 private SSH2 privé SSH2 public SSH2 openbaar The public key encoded in SSH2 format De openbare sleutel gecodeerd in SSH2-indeling DER public DER openbaar Binary DER format of the public key Binair DER-formaat van de openbare sleutel DER private DER privé Unencrypted private key in binary DER format Niet-versleutelde privé-sleutel in binair DER formaat PVK private PVK privé Private key in Microsoft PVK format not encrypted Niet-versleutelde privé-sleutel in Microsoft PVK formaat PKCS #8 encrypted PKCS #8 versleuteld Encrypted private key in PKCS#8 text format Versleutelde privé-sleutel in PKCS#8 formaat PKCS #8 PKCS #8 Unencrypted private key in PKCS#8 text format Niet-versleutelde privé-sleutel in PKCS#8 formaat JSON Web Key private JSON Web sleutel privé Unencrypted private key in JSON Web Key format Niet versleutelde privé-sleutel in JSON Web sleutel-formaat JSON Web Key public JSON Web sleutel publiek Public key in JSON Web Key format Publieke sleutel in JSON Web Sleutel-formaat Binary DER format of the certificate request Binair DER-formaat van de certificaataanvraag Binary DER format of the revocation list Binair DER-formaat van de intrekkingslijst vCalendar reminder for the CRL expiry date vCalendar-herinnering voor de vervaldatum van de CRL XCA template in PEM-like format. Templates include the internal name and comment XCA-sjabloon in PEM-achtig formaat. Sjablonen bevatten de interne naam en opmerking All selected XCA templates in PEM-like format. Templates include the internal name and comment Alle geselecteerde XCA-sjablonen in PEM-achtig formaat. Sjablonen bevatten de interne naam en opmerking pki_key Public key Openbare sleutel Successfully imported the %1 public key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key De %1-openbare sleutel '%2' is succesvol geïmporteerd Delete the %n %1 public key(s) '%2'? %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal name(s) of the key(s) De %1 openbare sleutel '%2' verwijderen? De %n %1 openbare sleutels '%2' verwijderen? Successfully imported the %1 private key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key De %1 privé-sleutel '%2' is geïmporteerd Delete the %n %1 private key(s) '%2'? %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal name(s) of the key(s) De %1 privé-sleutel '%2' verwijderen? De %n %1 privé-sleutels '%2' verwijderen? Successfully created the %1 private key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key De %1 privé-sleutel '%2' is succesvol aangemaakt Common Gemeenschappelijk Private Privé Bogus Onzin PIN PIN No password Geen wachtwoord Unexpected SSH2 content: '%1' Onverwachte SSH2 inhoud: '%1' Invalid SSH2 public key Ongeldige openbare SSH2-sleutel Failed writing to %1 Schrijven naar %1 is mislukt pki_multi No known PEM encoded items found Geen bekende PEM gecodeerde items gevonden pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 Voer het wachtwoord in om het PKCS#12 bestand te decoderen: %1 Unable to load the PKCS#12 (pfx) file %1. Laden van PKCS#12 (pfx) bestand %1 is mislukt. The supplied password was wrong (%1) Het opgegeven wachtwoord was fout (%1) Please enter the password to encrypt the key of certificate '%1' in the PKCS#12 file: %2 Voer het wachtwoord in om de sleutel van certificaat '%1' in het PKCS#12-bestand te versleutelen: %2 No key or no Cert and no pkcs12 Geen sleutel of Cert én geen PKCS#12 pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. Kon het PKCS#7 bestand %1 niet laden. Geprobeerd met PEM- en DER-formaat. pki_scard Successfully imported the token key '%1' De token-sleutel '%1' is succesvol geïmporteerd Successfully created the token key '%1' De token-sleutel '%1' is succesvol aangemaakt Delete the %n token key(s): '%1'? De tokensleutel verwijderen: '%1'? De %n tokensleutels verwijderen: '%1'? Delete the private key '%1' from the token '%2 (#%3)' ? Verwijder de privé-sleutel '%1' uit het token '%2 (#%3)' ? This Key is already on the token Deze sleutel bevindt zich al in het token PIN input aborted PIN-invoer afgebroken Unable to find copied key on the token De gekopieerde sleutel is niet gevonden op het token Please insert card: %1 %2 [%3] with Serial: %4 Voer de kaart in: %1 %2 [%3] met het serienummer: %4 Select Slot of %1 Selecteer Slot van %1 Unable to find generated key on card Kan gegenereerde sleutel niet vinden op kaart Token %1 Token %1 Failed to find the key on the token De sleutel op het token is niet gevonden Invalid Pin for the token Ongeldige PIN voor het token Failed to initialize the key on the token Initialiseren van de sleutel op het token is mislukt pki_temp Successfully imported the XCA template '%1' Het XCA sjabloon '%1' is succesvol geïmporteerd Successfully created the XCA template '%1' Het XCA sjabloon '%1' is succesvol aangemaakt Delete the %n XCA template(s): '%1'? Het XCA-sjabloon verwijderen: '%1'? De %n XCA-sjablonen verwijderen: '%1'? Wrong Size %1 Verkeerde grootte %1 Template file content error (too small) Sjabloon bestand bevat inhoudsfout (te klein) Not a PEM encoded XCA Template Geen PEM gecodeerd XCA sjabloon Not an XCA Template, but '%1' Geen XCA sjabloon, maar '%1' pki_x509 Successfully imported the certificate '%1' Het certificaat '%1' is succesvol geïmporteerd Successfully created the certificate '%1' Het certificaat '%1' is succesvol aangemaakt Delete the %n certificate(s): '%1'? Verwijder het certificaat: '%1'? Verwijder de %n certificaten: '%1'? Unable to load the certificate in file %1. Tried PEM and DER certificate. Kon het certificaat niet laden in bestand %1. Geprobeerd met PEM- en DER-certificaat. Invalid OpenVPN tls-auth key Ongeldige OpenVPN tls-auth sleutel Failed to import tls-auth key Importeren van de tls-auth sleutel is mislukt Same tls-auth key already stored for this CA Deze tls-auth sleutel is al opgeslagen voor deze CA New tls-auth key successfully imported Nieuwe tls-auth sleutel is succesvol geïmporteerd Existing tls-auth key successfully replaced Bestaande tls-auth sleutel is succesvol vervangen This certificate is already on the security token Dit certificaat bevindt zich al in het beveiligingstoken Delete the certificate '%1' from the token '%2 (#%3)'? Verwijder het certificaat '%1' van het token '%2 (#%3)'? There is no key for signing ! Er is geen sleutel voor ondertekening ! No Nee Yes Ja Renew certificate: %1 Certificaat vernieuwen: %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' Het XCA certificaat '%1', uitgegeven op %2, vervalt op %3. Het certificaat is opgeslagen in de XCA database '%4' pki_x509req Signing key not valid (public key) Sleutel voor ondertekening is niet geldig (openbare sleutel) Successfully imported the PKCS#10 certificate request '%1' PKCS#10 certificaataanvraag '%1' is succesvol geïmporteerd Delete the %n PKCS#10 certificate request(s): '%1'? Verwijder de PKCS#10 certificaataanvraag: '%1'? Verwijder de %n PKCS#10 certificaataanvragen: '%1'? Successfully created the PKCS#10 certificate request '%1' Het PKCS#10-certificaatverzoek '%1' is succesvol aangemaakt Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. Het certificaatverzoek is niet geladen in bestand %1. Geprobeerd met PEM-, DER- en SPKAC formaat. Signed Ondertekend Unhandled Onverwerkt v3ext Copy Common Name CommonName (CN) kopiëren Add Toevoegen Delete Verwijderen Apply Toepassen Validate Valideren Cancel Annuleren An email address or 'copy' Een e-mailadres of 'kopie' An email address Een e-mailadres A registered ID: OBJECT IDENTIFIER Een geregistreerd ID: OBJECT IDENTIFIER A uniform resource indicator A uniform resource indicator A DNS domain name or 'copycn' Een DNS domeinnaam of 'copycn' A DNS domain name Een DNS domeinnaam An IP address Een IP adres Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' Syntaxis: <OID>;TYPE:tekst als '1.2.3.4:UTF8:naam' No editing. Only 'copy' allowed here Validation failed: '%1' %2 Validatie mislukt: '%1' %2 Validation successful: '%1' Validatie succesvol: '%1' xcaWarningGui Copy to Clipboard Kopieer naar klembord xca-RELEASE.2.9.0/lang/xca_pl.ts000066400000000000000000005543451477156507700161560ustar00rootroot00000000000000 CaProperties Form Days until next CRL issuing Liczba dni do następnego wydania listy CRL Default template Domyślny szablon CertDetail Details of the Certificate Szczegóły certyfikatu Serial Numer seryjny The serial number of the certificate Numer seryjny certyfikatu The internal name of the certificate in the database Wewnętrzna nazwa certyfikatu w bazie danych Status Status Internal name Nazwa wewnętrzna Signature Podpis Key Klucz Fingerprints Odciski palców MD5 MD5 An md5 hashsum of the certificate Suma kontrolna certyfikatu w formacie MD5 SHA1 SHA1 A SHA-1 hashsum of the certificate Suma kontrolna certyfikatu w formacie SHA-1 SHA256 SHA256 A SHA-256 hashsum of the certificate Suma kontrola certyfikatu w formacie SHA-256 Validity Ważność The time since the certificate is valid Moment, od którego certyfikat jest ważny The time until the certificate is valid Moment, do którego certyfikat jest ważny Subject Podmiot Issuer Wystawca Extensions Rozszerzenia Validation Weryfikacja Purposes Przeznaczenie Strict RFC 5280 validation Ścisła weryfikacja RFC 5280 Comment Komentarz Attributes Atrybuty Show config Pokaż konfigurację Show extensions Pokaż rozszerzenia Show public key Pokaż klucz publiczny This key is not in the database. Tego klucza nie ma w bazie danych. Not available Niedostępne No verification errors found. Nie znaleziono błędów weryfikacji. Signer unknown Podpis nieznany Self signed Samopodpisany Revoked at %1 Unieważniony o %1 Revoked: Unieważniony: Not valid Nieważny Valid Ważny Details of the certificate signing request Szczegóły żądania certyfikacyjnego CertExtend Certificate renewal Odnowienie certyfikatu This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. Zostanie wydany nowy certyfikat będący kopią starego z nadanym nowym numerem seryjnym i kolejnym okresem ważności. Validity Okres ważności Not before Nieważny przed Not after Nieważny po Time range Przedział czasu Local time Czas lokalny Days Dni Months Miesiące Years Lata No well-defined expiration Bezterminowo Midnight Północ Apply Zastosuj Revoke old certificate Unieważnij stary certyfikat Replace old certificate Zamień stary certyfikat Keep serial number Zachowaj numer seryjny The certificate will be earlier valid than the signer. This is probably not what you want. Certyfikat będzie ważny wcześniej niż certyfikat wystawcy, to wygląda na błąd. Edit dates Popraw daty Abort rollout Przerwij operację Continue rollout Kontynuuj operację Adjust date and continue Popraw daty i kontynuuj The certificate will be longer valid than the signer. This is probably not what you want. Certyfikat będzie ważniejszy dłużej niż wystawca, to wygląda na błąd. CertTreeView Hide unusable certificates Ukryj nieprzydatne certyfikaty Import PKCS#12 Importuj plik PKCS#12 Import from PKCS#7 Importuj plik PKCS#7 Request Żądanie certyfikacyjne Security token Bezpieczny token Other token Inny token Similar Certificate Podobny certyfikat Delete from Security token Usuń z bezpiecznego tokena CA Urząd Certyfikacji Properties Parametry Generate CRL Generuj listę unieważnień Manage revocations Zarządzaj unieważnieniami Import OpenVPN tls-auth key Import klucza OpenVPN tls-auth Renewal Odnów Revoke Unieważnij Unrevoke Uchyl unieważnienie Plain View Płaski widok Tree View Widok struktury days dzień/dni No template Brak szablonu CA Properties Parametry Urzędu Certyfikacji Certificate export Eksport certyfikatu X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) Certyfikaty X509 ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) vCalendar entry ( *.ics ) Wpis kalendarza vCalendar ( *.ics ) OpenVPN file ( *.ovpn ) Plik OpenVPN ( *.ovpn ) OpenVPN tls-auth key ( *.key ) Klucz OpenVPN tls-auth ( *.key ) ClickLabel Double click for details Kliknij dwukrotnie, aby wyświetlić szczegóły CrlDetail Details of the Revocation list Szczególy listy unieważnionych certyfikatów &Status &Status Version Wersja Signature Podpis Signed by Podpisane przez Name Nazwa The internal name of the CRL in the database Wewnętrzna nazwa listy CRL w bazie danych issuing dates Daty wydań Next update Następna aktualizacja Last update Ostatnia aktualizacja &Issuer &Wystawca &Extensions &Rozszerzenia &Revocation list &Lista unieważnień Comment Komentarz Failed Nieudane Unknown signer Nieznany Verification not possible Weryfikacja niemożliwa CrlTreeView There are no CA certificates for CRL generation Brakuje certyfikatów urzędów (CA) do wygenerowania listy CRL Select CA certificate Wybierz certyfikat Urzędu Certyfikacji Revocation list export Eksport listy unieważnień CRL ( *.pem *.der *.crl ) vCalendar entry ( *.ics ) Wpis kalendarza vCalendar ( *.ics ) ExportDialog Name Nazwa The internal name of the CRL in the database Wewnętrzna nazwa w bazie danych ... ... Filename Plik Each Item in a separate file Każdy element w oddzielnym pliku Same encryption password for all items Takie samo hasło dla wszystkich elementów Export comment into PEM file Eksportuj komentarz do pliku PEM Export Format Format docelowy %n selected item(s) %n wybrany element %n wybrane elementy %n wybranych elementów All files ( * ) Wszystkie pliki ( * ) The file: '%1' already exists! Plik: '%1' już istnieje! Overwrite Nadpisz Do not overwrite Nie nadpisuj The path: '%1' exist, but is not a file Ścieżka: '%1' istnieje, ale nie jest plikiem The path: '%1' exist, but is not a directory Ścieżka: '%1' istnieje, ale nie jest folderem The directory: '%1' does not exist. Should it be created? Folder: '%1' nie istnieje. Czy chcesz go utworzyć? Create Utwórz Failed to create directory '%1' Nie można utworzyć folderu '%1' Directory Folder Form last update Ostatnia aktualizacja next update Następna aktualizacja Days Dni Months Miesiące Years Lata Apply Zastosuj Midnight Północ Local time Czas lokalny No well-defined expiration Bezterminowo Help << Poprzedni >> Następny &Done &Zamknij ImportMulti Import PKI Items Import elementów PKI Import &All Importuj &wszystko &Import &Importuj &Done &Zakończ &Remove from list &Usuń z listy Details Szczegóły Delete from token Usuń z tokena Rename on token Zmień nazwę na tokenie Name: %1 Model: %2 Serial: %3 Nazwa: %1 Wersja: %2 Numer seryjny: %3 Manage security token Zarządzanie bezpiecznym tokenem Details of the item '%1' cannot be shown Nie można wyświetlić szczegółów elementu '%1' The type of the item '%1' is not recognized Nie rozpoznano typu elementu '%1' Could not open the default database Nie można otworzyć domyśłnej bazy danych The file '%1' did not contain PKI data Plik '%1' nie zawiera danych PKI The %1 files: '%2' did not contain PKI data Pliki: '%2' elementu %1 nie zawierają danych PKI ItemProperties Name Nazwa Source Źródło Insertion date Data utworzenia Comment Komentarz KeyDetail Name Nazwa The internal name of the key used by xca Wewnętrzna nazwa klucza używana przez XCA Security token Token Manufacturer Producent Serial Numer seryjny Key Klucz Public Exponent Wykładnik publiczny Keysize Rozmiar klucza Private Exponent Wykładnik prywatny Security Token Token Label Nazwa PKCS#11 ID Identyfikator PKCS#11 Token information Informacja o tokenie Model Model Fingerprint Odcisk palca Comment Komentarz Details of the %1 key Szczegóły klucza %1 Not available Niedostępny Available Dostępny Sub prime Public key Klucz publiczny Private key Klucz prywatny Curve name Rodzaj krzywej Unknown key Nieznany klucz KeyTreeView Change password Zmień hasło Reset password Usuń hasło Change PIN Zmień PIN Init PIN with SO PIN (PUK) Nadaj PIN używając PUK (SO PIN) Change SO PIN (PUK) Zmień PUK (SO PIN) Security token Bezpieczny token This is not a token To nie jest token Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable Nadpisać oryginalny klucz '%1' pobranym z tokena? Operacja usunie klucz '%1' i oznaczy go jako nieeksportowalny Key export Eksport klucza Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Klucz prywatny ( *.pem *.der *.pk8 );; Klucz publiczny SSH ( *.pub ) SSH Private Keys ( *.priv ) Klucz prywatny SSH ( *.priv ) Microsoft PVK Keys ( *.pvk ) Klucz Microsoft PVK ( *.pvk ) MainWindow Private Keys Klucze prywatne &New Key &Dodaj klucz &Export &Eksportuj &Import &Importuj Import PFX (PKCS#12) Importuj PFX (PKCS#12) &Show Details Pokaż &szczegóły &Delete &Usuń Certificate signing requests Żądania certyfikacyjne &New Request &Dodaj żądanie Certificates Certyfikaty &New Certificate &Dodaj certyfikat Import &PKCS#12 Importuj &PKCS#12 Import P&KCS#7 Importuj P&KCS#7 Plain View Płaski widok Templates Szablony &New Template &Dodaj szablon &New CRL &Dodaj CRL Ch&ange Template &Zmień szablon Revocation lists Listy unieważnień Using or exporting private keys will not be possible without providing the correct password Używanie lub eksportowanie kluczy prywatnych będzie niemożliwe bez podania poprawnego hasła Database Baza danych The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. Używana funkcja skrótu '%1' nie jest bezpieczna. Proszę wybrać conajmniej 'SHA 224' z powodów bezpieczeństwa. Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Wykryto stary format bazy danych. Tworzę kopię pod nazwą: '%1' i konwertuję bazę do nowego formatu Failed to rename the database file, because the target already exists Nieudana zmiana nazwy ponieważ docelowy plik już istnieje No deleted items found Nie znaleziono usuniętych elementów Recent DataBases Ostatnio otwierane bazy System Systemowy Croatian Chorwacki English Angielski French Francuski German Niemiecki Japanese Japośnki Korean Koreański Russian Rosyjski Slovak Słowacki Spanish Hiszpański Persian Perski Bulgarian Bułgarski Polish Polski Italian Włoski Chinese Chiński Dutch Holenderski Portuguese in Brazil Brazylijski portugalski Indonesian Indonezyjski Turkish Turecki Language Język &File &Plik &New DataBase &Dodaj bazę danych &Open DataBase &Otwórz bazę danych Open Remote DataBase Połącz z bazą danych Set as default DataBase Ustaw bazę jako domyślną &Close DataBase &Zamknij bazę danych New DataBase Nowa baza danych Open DataBase Otwórz bazę danych Close DataBase Zamknij bazę danych Options Ustawienia Exit Wyjście I&mport I&mport Keys Klucze Requests Żądania certyfikacyjne PKCS#12 PKCS#12 PKCS#7 PKCS#7 Template Szablon Revocation list Lista CRL PEM file Plik PEM Paste PEM file Wklej zawartość PEM Token Token Export Certificate &Index hierarchy Eksport indeksu certyfikatów wg h&ierarchii Content Zawartość &Token &Token &Manage Security token &Zarządzanie tokenem &Init Security token &Inicjalizacja tokenu &Change PIN &Zmień PIN Change &SO PIN Zmień &SO PIN Init PIN Nadaj PIN Extra Dodatki &Dump DataBase &Zrzut bazy danych &Export Certificate Index &Eksport indeksu certyfikatów &Export Certificate Index hierarchy Eksport indeksu certyfikatów z &hierarchią C&hange DataBase password &Zmień hasło bazy danych &Undelete items &Odzyskaj usunięte elementy Generate DH parameter Generuj parametr DH OID Resolver Rozpoznawanie OID &Help P&omoc &Content &Treść About O programie no such option: %1 brak opcji: %1 Import PEM data Wklej dane PEM Please enter the original SO PIN (PUK) of the token '%1' Podaj obecny SO PIN (PUK) dla tokenu '%1' Search Szukaj Please enter the new SO PIN (PUK) for the token '%1' Podaj nowy SO PIN (PUK) dla tokenu '%1' The new label of the token '%1' Nowa nazwa tokenu '%1' The token '%1' did not contain any keys or certificates Token '%1' nie zawiera żadnych kluczy ani certyfikatów Retry with PIN Ponów z kodem PIN Retry with SO PIN Ponów z kodem SO PIN Current Password Obecne hasło Please enter the current database password Podaj obecne hasło bazy danych The entered password is wrong Wprowadzone hasło jest błędne New Password Zmiana hasła Please enter the new password to encrypt your private keys in the database-file Podaj nowe hasło to szyfrowania twoich kluczy prywatnych w bazie danych Transaction start failed Nieudana transakcja Database: %1 Baza danych: %1 The currently used PFX / PKCS#12 algorithm '%1' is insecure. Używany dla PFX / PKCS#12 algorytm '%1' nie jest bezpieczny. Change Zmień Please enter a password, that will be used to encrypt your private keys in the database: %1 Podaj hasło, które będzie używane do szyfrowania twoich kluczy prywatnych w bazie danych: %1 Password verify error, please try again Błąd weryfikacji hasła, spróbuj ponownie Password Hasło Please enter the password for unlocking the database: %1 Proszę wprowadzić hasło do odblokowania bazy danych: %1 The following error occurred: Wystąpił błąd: Copy to Clipboard Kopiuj do schowka Certificate Index ( index.txt ) Indeks certyfkatów ( index.txt ) All files ( * ) Wszystkie pliki ( * ) Diffie-Hellman parameters saved as: %1 Parametry Diffie-Hellman zapisane jako: %1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits Parametry Diffie-Hellman są wymagane przez różne aplikacje, ale nie są obsługiwane przez XCA. Podaj liczbę bitów parametru DH Error opening file: '%1': %2 Nieudane otwarcie pliku: '%1': %2 NewCrl Last update Ostatnia aktualizacja Next update Następna aktualizacja Days Dni Months Miesiące Years Lata Midnight Północ Local time Czas lokalny Apply Zastosuj Options Parametry CRL number Numer listy CRL Subject alternative name Alternatywna nazwa podmiotu Revocation reasons Powody unieważnień Authority key identifier Identyfikator klucza urzędu Hash algorithm Funkcja skrótu Create CRL Nowa lista CRL NewKey Please give a name to the new key and select the desired keysize Podaj nazwę dla nowego klucza i określ jego parametry Key properties Parametry klucza Name Nazwa The internal name of the new key Wewnętrzna nazwa nowego klucza Curve name Rodzaj krzywej Usually at least 2048 bit keys are recommended Zazwyczaj stosuje się klucze co najmniej 2048 bitowe New Key Nowy klucz Keysize Rozmiar klucza Keytype Rodzaj klucza Remember as default Ustaw jako domyślne Create Wygeneruj NewX509 Source Źródło Signing request Opcjonalne atrybuty dla wystawcy Show request Pokaż żądanie Sign this Certificate signing &request Podpisz to żądanie ce&rtyfikacyjne Copy extensions from the request Skopiuj rozszerzenia z żądania Modify subject of the request Zmień dane podmiotu z żądania Signing Podpisywanie Create a &self signed certificate Utwórz certyfikat &samopodpisany Use &this Certificate for signing Użyj &tego certyfikatu do podpisania All certificates in your database that can create valid signatures Lista wszystkich certyfikatów w bazie umożliwiających podpisanie Signature algorithm Funkcja skrótu Template for the new certificate Szablon nowego certyfikatu All available templates Dostępne szablony Apply extensions Zastosuj rozszerzenia Apply subject Zastosuj dane podmiotu Apply all Zastosuj wszystko Subject Podmiot Internal Name Nazwa wewnętrzna Distinguished name Nazwa wyróżniająca Add Dodaj Delete Usuń Private key Klucz prywatny This list only contains unused keys Lista zawiera tylko nieużywane klucze Used keys too Pokaż wszystkie &Generate a new key Wy&generuj nowy klucz Extensions Rozszerzenia Type Rodzaj If this will become a CA certificate or not Określa, czy podmiot będzie urzędem certyfikacji CA Not defined Nieokreślony Certification Authority Urząd Certyfikacji (CA) End Entity Odbiorca końcowy Path length Długość ścieżki How much CAs may be below this. Określa ile poziomów urzędów CA może być poniżej tworzonego. The basic constraints should always be critical Oznacza, że rozszerzenie zawsze powinno być traktowane jako krytyczne Key identifier Identyfikatory kluczy Creates a hash of the key following the PKIX guidelines Tworzy i zamieszcza skrót kulcza podmiotu zgodnie ze standardem PKIX Copy the Subject Key Identifier from the issuer Kopiuje i zamieszcza identyfiaktor klucza wystawcy Validity Okres ważności Not before Nieważny przed Not after Nieważny po Time range Przedział czasu Days Dni Months Miesiące Years Lata Apply Zastosuj Set the time to 00:00:00 and 23:59:59 respectively Ustaw czasy odpowiednio na 00:00:00 i 23:59:59 Midnight Północ Local time Czas lokalny No well-defined expiration Bezterminowo DNS: IP: URI: email: RID: DNS: IP: URI: email: RID: Edit Zmień URI: URI: Key usage Użycie klucza Netscape Rozszerzenia Netscape Advanced Zaawansowane Validate Weryfikuj Comment Komentarz This name is only used internally and does not appear in the resulting certificate Nazwa używana wewnętrznie, nie będzie widoczna w wynikowym certyfikacie Critical Krytyczne Create Certificate signing request Nowe żądanie certyfikacyjne minimum size: %1 minimalny rozmiar: %1 maximum size: %1 maksymalny rozmiar: %1 only a-z A-Z 0-9 '()+,-./:=? tylko: a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters tylko proste 7-bitowe znaki Edit XCA template Edycja szablonu XCA Create x509 Certificate Nowy certyfikat x509 Template '%1' applied Załadowany szablon '%1' Subject applied from template '%1' Załadowany podmiot z szablonu '%1' Extensions applied from template '%1' Załadowane rozszerzenia z szablonu '%1' New key '%1' created Utworzony nowy klucz '%1' Other Tabs Pozostałe ustawienia Advanced Tab Zaawansowane ustawienia Errors Błędy From PKCS#10 request Na podstawie żądania PKCS#10 Error Błąd duplicate extensions zdublowane rozszerzenia The Name Constraints are invalid Ograniczenia nazwy są niepoprawne The Subject Alternative Name is invalid Alternatywna nazwa podmiotu jest niepoprawna The Issuer Alternative Name is invalid Alternatywna nazwa wystawcy jest niepoprawna The CRL Distribution Point is invalid Punkt dystrybucji CRL jest niepoprawny The Authority Information Access is invalid Informacje o urzędzie certyfikacji są niepoprawne Abort rollout Przerwij operację The following length restrictions of RFC3280 are violated: Następujące ograniczenia długości wg RFC3280 są naruszone: Edit subject Popraw dane podmiotu Continue rollout Kontynuuj operację The verification of the Certificate request failed. The rollout should be aborted. Błąd weryfikacji żądania certyfikacyjnego. Wystawianie powinno zostać przerwane. Continue anyway Kontynuuj mimo wszystko The internal name and the common name are empty. Please set at least the internal name. Nazwa wewnętrzna i kanoniczna są puste. Proszę podać przynajmniej nazwę wewnętrzną. Edit name Popraw nazwę There is no Key selected for signing. Nie wybrano klucza do podpisania. Select key Wybierz klucz The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. Następujące wpisy nazwy wyróżniającej są puste: %1 podczas, gdy ustawiono je jako obowiązkowe w menu opcji. The key you selected for signing is not a private one. Klucz wybrany do podpisu nie jest kluczem prywatnym. Select other signer Wybierz innego podpisującego Select other key Wybierz inny klucz The currently selected hash algorithm '%1' is insecure and should not be used. Wybrany algorytm '%1' nie jest bezpieczny i nie powinien być używany. Select other algorithm Wybierz inny algorytm Use algorithm anyway Użyj tego algorytmu The certificate will be earlier valid than the signer. This is probably not what you want. Certyfikat będzie ważny wcześniej niż certyfikat wystawcy, to wygląda na błąd. Edit dates Popraw daty Adjust date and continue Popraw daty i kontynuuj The certificate will be longer valid than the signer. This is probably not what you want. Certyfikat będzie ważniejszy dłużej niż wystawca, to wygląda na błąd. The certificate will be out of date before it becomes valid. You most probably mixed up both dates. Certyfikat w momencie wystawienia będzie już przeterminowany, to wygląda na błąd. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. Certyfikat zawiera błędne lub powielone rozszerzenia. Zweryfikuj zakładkę Zaawansowane. The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. Certyfikat nie zawiera żadnych rozszerzeń. Możesz załadować rozszerzenia bazując na stosownym szablonie. The certificate contains invalid extensions. Certyfikat zawiera niepoprawne rozszerzenia. Edit extensions Popraw rozszerzenia The subject alternative name shall contain a copy of the common name. However, the common name is empty. Alternatywna nazwa podmiotu powinna zawierać kopię nazwy powszechnej. Jednak nazwa powszechna jest pusta. A name constraint of the issuer '%1' is violated: %2 Ograniczenie nazwy wystawcy '%1' zostało naruszone: %2 Configfile error on line %1 Błąd pliku konfiguracyjnego w linii %1 OidResolver OID Resolver Rozpoznawanie obiektów OID Enter the OID, the Nid, or one of the textual representations Podaj OID, Nid lub jeden z tekstowych opisów Search Szukaj OID Long name Nazwa pełna OpenSSL internal ID Wewnętrzny identyfikator OpenSSL Nid Short name Nazwa skrócona OpenDb Open remote database Połączenie z zewnętrzną bazą danych Database type Rodzaj bazy Hostname Serwer bazy Username Użytkownik Password Hasło Database name Nazwa bazy Table prefix Prefiks tabel No SqLite3 driver available. Please install the qt-sqlite package of your distribution Brak sterownika SqLite3. Zainstaluj pakiet qt-sqlite dla Twojej dystrybucji Please enter the password to access the database server %2 as user '%1'. Podaj hasło dostępu do serwera bazy %2 jako '%1'. The database driver does not support transactions. This may happen if the client and server have different versions. Continue with care. Sterownik bazy danych nie wspiera transakcji. Może to być spowodowane niezgodnością wersji. Zachowaj ostrożność. Options XCA Options Ustawienia XCA Settings Ustawienia Default hash algorithm Domyślna funkcja skrótu String types Rodzaje ciągów znaków Suppress success messages Ograniczaj komunikaty o sukcesie Don't colorize expired certificates Nie koloruj wygasłych certyfikatów Translate established x509 terms (%1 -> %2) Tłumacz standardowe pojęcia X509 (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. Funkcje mieszania z tokenu nie są używane przez XCA. Istnieje jednak możliwość uwzględniania ograniczonego zestawu funkcji zwracanych przez token. W szczególności EC i DSA są zdefiniowane tylko z funkcją SHA1 w specyfikacji PKCS#11. Only use hashes supported by the token when signing with a token key Używaj jedynie skrótów wspieranych przez token podczas podpisywania z użyciem tokenu Disable legacy Netscape extensions Wyłącz starsze rozszerzenia Netscape PKCS12 encryption algorithm Algorytm szyfrowania PKCS12 Certificate expiry warning threshold Moment ostrzegania przed wygaśnięciem certyfikatu Send vCalendar expiry reminder Wyślij przypomnienie vCalendar o wygasaniu Serial number length Długość numeru seryjnego bit bity/bitów Distinguished name Nazwa wyróżniająca Mandatory subject entries Obowiązkowe wpisy dla podmiotu Add Dodaj Delete Usuń Explicit subject entries Jawne wpisy dla podmiotu Dynamically arrange explicit subject entries Dynamicznie układaj wpisy jawne Default Domyślnie PKCS#11 provider Dostawca PKCS#11 Remove Usuń Search Szukaj Printable string or UTF8 (default) Ciąg drukowalny lub UTF8 (domyślnie) PKIX recommendation in RFC2459 PKIX zgodnie z RFC2459 No BMP strings, only printable and T61 Bez ciągów BPM, tylko drukowalne i T61 UTF8 strings only (RFC2459) Tylko UTF8 zgodnie z RFC2459 All strings Wszystkie rodzaje Days Dni Weeks Tygodnie Load failed Błąd ładowania PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) Hasło jest traktowane jako 2-cyfrowy kod szesnastkowy. Musi mieć parzystą liczbę cyfr (0-9 i a-f) Take as HEX string Wprowadź ciąg znaków HEX Password Hasło Repeat %1 Powtórz %1 %1 mismatch %1 niezgodne Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters Ciąg znaków HEX może zawierać jedynie znaki '0' - '9' lub 'a' - 'f' i musi składać się z parzystej liczby znaków Exit Wyjście E&xit &Wyjście QMessageBox Apply Zastosuj QObject Undefined Nieokreślono Broken / Invalid in %1 seconds %1 seconds ago in %1 minutes %1 minutes ago Yesterday Tomorrow in %1 hours %1 hours ago Out of data Error finding endmarker of string All files ( * ) Wszystkie pliki ( * ) PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK Keys ( *.pvk );; SSH Public Keys ( *.pub );; Klucze PKI ( *.pem *.der *.key );; Klucze PKCS#8 ( *.p8 *.pk8 );; Klucze Microsoft PVK ( *.pvk );; Klucze publiczne SSH ( *.pub );; Import RSA key Import klucza RSA PKCS#10 CSR ( *.pem *.der *.csr );; Żądania PKCS#10 ( *.pem *.der *.csr );; Import Request Import żądania certyfikacyjnego Certificates ( *.pem *.der *.crt *.cer );; Certyfikaty ( *.pem *.der *.crt *.cer );; Import X.509 Certificate Import certyfikatu X.509 PKCS#7 data ( *.p7s *.p7m *.p7b );; Certyfikaty PKCS#7 ( *.p7s *.p7m *.p7b );; Import PKCS#7 Certificates Import certyfikatów PKCS#7 PKCS#12 Certificates ( *.p12 *.pfx );; Kontenery PKCS#12 ( *.p12 *.pfx );; Import PKCS#12 Private Certificate Import kontenera PKCS#12 XCA templates ( *.xca );; Szablony XCA ( *.xca );; Import XCA Templates Import szablonów XCA Revocation lists ( *.pem *.der *.crl );; Listy unieważnień ( *.pem *.der *.crl );; Import Certificate Revocation List Import listy unieważnień XCA Databases ( *.xdb );; Bazy danych XCA ( *.xdb );; Open XCA Database Otwieranie bazy danych XCA OpenVPN tls-auth key ( *.key );; Import OpenVPN tls-auth key Import klucza OpenVPN tls-auth PKCS#11 library ( *.dll );; PKCS#11 library ( *.dylib *.so );; PKCS#11 library ( *.so );; Open PKCS#11 shared library PEM files ( *.pem );; Load PEM encoded file Please enter the PIN on the PinPad Podaj PIN na klawiaturze PinPada Please enter the SO PIN (PUK) of the token %1 Podaj SO PIN (PUK) dla tokena %1 Please enter the PIN of the token %1 Podaj PIN dla tokena %1 No Security token found Select Please enter the new SO PIN (PUK) for the token: '%1' Podaj nowy SO PIN (PUK) dla tokena: '%1' Please enter the new PIN for the token: '%1' Podaj nowy PIN dla tokena: '%1' Required PIN size: %1 - %2 Długość PIN: %1 - %2 Disabled Library loading failed PKCS#11 function '%1' failed: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 Invalid %1 is shorter than %2 bytes: '%3' %1 is longer than %2 bytes: '%3' String '%1' for '%2' contains invalid characters Error reading config file %1 at line %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. Unknown object '%1' in file %2 line %3 Failed to start a database transaction Country code Kraj/region State or Province Stan/województwo Locality Miasto Organisation Organizacja Organisational unit Jednostka organizacyjna Common name Nazwa powszechna E-Mail address Adres email Serial number Numer seryjny Given name Imię Surname Nazwisko Title Tytuł Initials Inicjały Description Opis Role Rola Pseudonym Pseudonim Generation Qualifier Kwalifikator generacji x500 Unique Identifier Unikalny identyfikator X500 Name Nazwa DN Qualifier Kwalifikator DN Unstructured name Nazwa niepublikowana Challenge password Hasło do unieważnienia Basic Constraints Ograniczenia podstawowe Name Constraints Subject alternative name Alternatywna nazwa podmiotu issuer alternative name Alternatywna nazwa wystawcy Subject key identifier Identyfikator klucza podmiotu Authority key identifier Identyfikator klucza urzędu Key usage Użycie klucza Extended key usage Rozszerzone użycie klucza CRL distribution points Punkty dystrybucji CRL Authority information access Informacje o urzędzie certyfikacji Certificate type Base URL Revocation URL CA Revocation URL Certificate renewal URL CA policy URL SSL server name Comment Komentarz Index file written to '%1' Index hierarchy written to '%1' Unknown key type %1 Failed to write PEM data to '%1' Password verify error, please try again Błąd weryfikacji hasła, spróbuj ponownie The following error occurred: Wystąpił błąd: Failed to update the database schema to the current version Password Hasło insecure niebezpieczny ReqTreeView Sign Podpisz Unmark signed Oznacz jako niepodpisany Mark signed Oznacz jako podpisany Similar Request Podobne żądanie Certificate request export Eksport żądania certyfikacjnego Certificate request ( *.pem *.der *.csr ) Żądanie certyfikacyjne ( *.pem *.der *.csr ) RevocationList Manage revocations Zarządzaj unieważnieniami Add Dodaj Delete Usuń Edit Zmień No. L.p. Serial Numer seryjny Revocation Data wpisu Reason Przyczyna Invalidation Data unieważnienia Generate CRL Generuj listę unieważnień Revoke Certificate revocation Unieważnienie certyfikatu Revocation details Szczegóły unieważnienia Revocation reason Powód unieważnienia Local time Czas lokalny Invalid since Unieważnij od Serial Numer seryjny SearchPkcs11 Directory Folder ... ... Include subdirectories Dołącz podfoldery Search Szukaj The following files are possible PKCS#11 libraries Poniższe pliki to potencjalne biblioteki PKCS#11 SelectToken Security token Bezpieczny token Please select the security token Wybierz bezpieczny token TempTreeView Duplicate Powiel Create certificate Utwórz certyfikat Create request Utwórz żądanie copy Kopiuj Preset Template values Domyślna zawartość szablonu Template export Eksport szablonu XCA Templates ( *.xca ) Szablon XCA ( *.xca ) Validity yyyy-MM-dd hh:mm yyyy-MM-dd hh:mm X509SuperTreeView OpenSSL config Konfiguracja OpenSSL Transform Przekształć Template Szablon Public key Klucz publiczny XFile Error opening file: '%1': %2 Błąd otwarcia pliku: '%1': %2 Error rewinding file: '%1': %2 Błąd przewijania pliku: '%1': %2 XcaDetail Import Importuj XcaTreeView Item properties Parametry obiektu Subject entries Atrybuty podmiotu X509v3 Extensions Rozszerzenia X509v3 Netscape extensions Rozszerzenia Netscape Key properties Parametry klucza Reset Przywróć domyślne Hide Column Ukryj kolumnę Details Szczegóły Columns Kolumny Export Password Hasło eksportu Please enter the password to encrypt all %n exported private key(s) in: %1 Singular form for 0 or 1 item can be ignored. Will always be called with n >= 2 Podaj hasło do zaszyfrowania %n eksportowanego klucza prywatnego do: %1 Podaj hasło do zaszyfrowania %n eksportowanych kluczy prywatnych do: %1 Podaj hasło do zaszyfrowania %n eksportowanych kluczy prywatnych do: %1 New Dodaj Import Importuj Paste PEM data Wklej dane PEM Rename Zmień nazwę Properties Parametry Delete Usuń Export Eksportuj Clipboard Schowek File Plik Clipboard format Format schowka database_model Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Wykryto stary format bazy danych. Tworzę kopię pod nazwą: '%1' i konwertuję bazę do nowego formatu Failed to rename the database file, because the target already exists Nieudana zmiana nazwy ponieważ docelowy plik już istnieje Please enter the password to access the database server %2 as user '%1'. Podaj hasło dostępu do serwera bazy %2 jako '%1'. Unable to create '%1': %2 Nie mozna utworzyć '%1': %2 The file '%1' is not an XCA database Plik '%1' nie jest bazą danych XCA No SqLite3 driver available. Please install the qt-sqlite package of your distribution Brak sterownika SqLite3. Zainstaluj pakiet qt-sqlite dla Twojej dystrybucji New Password Zmiana hasła Please enter a password, that will be used to encrypt your private keys in the database: %1 Podaj hasło, które będzie używane do szyfrowania twoich kluczy prywatnych w bazie danych: %1 Password Hasło Please enter the password for unlocking the database: %1 Proszę wprowadzić hasło do odblokowania bazy danych: %1 db_base Internal name Nazwa wewnętrzna No. Lp. Primary key Klucz główny Database unique number Unikalny numer w bazie danych Date Data Date of creation or insertion Data dodania Source Źródło Generated, Imported, Transformed Utworzony, zaimportowany lub zmodyfikowany Comment Komentarz First line of the comment field Pierwsza linia komentarza Import from: %1 Import z: %1 Could not create directory %1 Nie można utworzyć folderu %1 Item properties Parametry obiektu db_crl Signer Wystawca Internal name of the signer Wewnętrzna nazwa wystawcy No. revoked Unieważnienia Number of revoked certificates Liczba unieważnionych certyfikatów Last update Ostatnia aktualizacja Next update Następna aktualizacja CRL number Numer CRL The revocation list already exists in the database as: '%1' and so it was not imported Lista unieważnień już istnieje w bazie danych jako: '%1' import został przerwany Revocation list export Eksport listy unieważnień There are no CA certificates for CRL generation Brakuje certyfikatów urzędów (CA) do wygenerowania listy CRL Select CA certificate Wybierz certyfikat Urzędu Certyfikacji Create CRL Nowa lista CRL Failed to initiate DB transaction Nieudane rozpoczęcie transakcji w bazie danych Database error: %1 Błąd bazy danych: %1 db_key Type Rodzaj Size Rozmiar EC Group Grupa EC Use Użycia Password Hasło The key is already in the database as: '%1' and is not going to be imported Ten klucz juz istnieje w bazie danych jako: '%1' i nie będzie ponownie importowany The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key Baza danych zawiera juz publiczną część importowanego klucza jako '%1 i zostanie uzupełniona o nową, prywatną część klucza Extending public key from %1 by imported key '%2' Rozszerzenie klucza publicznego z %1 o zaimportowany klucz '%2' Key size too small ! Rozmiar klucza jest za mały ! You are sure to create a key of the size: %1 ? Czy na pewno chcesz wygenerować klucz o długości: %1 ? Export keys to Clipboard Eksport kluczy do schowka Clipboard Schowek Export private key [%1] Eksport klucza prywatnego [%1] Internal error Błąd wewnętrzny Internal key update: The keys: %1 must be updated once by resetting and setting its private password Aktualizacja klucza wewnętrznego: Klucze: %1 muszą zostać raz zaktualizowane poprzez zresetowanie i ustawienie nowego hasła Tried to change password of a token Próba zmiany hasła do tokena db_temp Bad template: %1 Błędny szablon: %1 Empty template Pusty szablon Preset Template values Domyślna zawartość szablonu Save template as Zapisz szablon jako XCA templates ( *.xca );; All files ( * ) Szablony XCA ( *.xca );; Wszystkie pliki ( * ) db_x509 CA Urząd certyfikacji reflects the basic Constraints extension Określa, czy jest to urząd certyfikacji bazując na podstawowych ograniczeniach Serial Numer seryjny Start date Data wydania Expiry date Data ważności MD5 fingerprint Odcisk palca MD5 SHA1 fingerprint Odcisk palca SHA1 SHA256 fingerprint Odcisk palca SHA256 Not before Nieważny przed Not after Nieważny po Revocation Unieważnienie CRL Expiration Ważność CRL Plain View Widok płaski Tree View Widok struktury Failed to retrieve unique random serial Nie można uzyskać unikalnego losowego numeru seryjnego The certificate already exists in the database as: '%1' and so it was not imported Ten certyfikat już istnieje w bazie danych jako: '%1' i nie został ponownie zaimportowany Signed on %1 by '%2' Podpisany dnia %1 przez '%2' Unknown Nieznany Invalid public key Niewłaściwy klucz publiczny The key you selected for signing is not a private one. Klucz wybrany do podpisu nie jest kluczem prywatnym. Failed to create directory '%1' Nie można utworzyć katalogu '%1' Store the certificate to the key on the token '%1 (#%2)' ? Czy zapisać certyfikat do klucza na bezpiecznym tokenie '%1 (#%2)' ? Certificate export Eksport certyfikatu There was no key found for the Certificate: '%1' Nie znaleziono klucza w certyfikacie: '%1' Not possible for a token key: '%1' Niedostępne dla klucza z tokena: '%1' Not possible for the token-key Certificate '%1' Niedostępne dla klucza certyfikatu z tokena: '%1' db_x509name Subject Podmiot Complete distinguished name Kompletna nazwa wyróżniająca Subject hash Skrót podmiotu Hash to lookup certs in directories Skrót do wyszukiwania certyfikatów w katalogach db_x509req Signed Podpisany whether the request is already signed or not Określa, czy żądanie zostało już podpisane Unstructured name Nazwa niepublikowana Challenge password Hasło do unieważnienia Certificate count Liczba certyfikatów Number of certificates in the database with the same public key Liczba certyfikatów w bazie danych z tym samym kluczem publicznym The certificate signing request already exists in the database as '%1' and thus was not stored Żądanie certyfikacyjne już istnieje w bazie danych jako '%1' i nie zostało ponowanie zapisane Certificate request export Eksport żądania certyfikacjnego Certificate request ( *.pem *.der *.csr ) Żądanie certyfikacyjne ( *.pem *.der *.csr ) db_x509super Key name Nazwa klucza Internal name of the key Wewnętrzna nazwa klucza Signature algorithm Funkcja skrótu Key type Rodzaj klucza Key size Rozmiar klucza EC Group Grupa EC Extracted from %1 '%2' Wyodrębniono z %1 '%2' Certificate certyfikatu Certificate request żądania certyfikacyjnego The following extensions were not ported into the template Następujące rozszerzenia nie zostały przeniesione do szablonu Transformed from %1 '%2' Przekształcono z %1 '%2' kvView Type Rodzaj Content Zawartość pass_info Password Hasło PIN PIN pkcs11_lib Failed to open PKCS11 library: %1: %2 Nieudane otwarcie biblioteki PKCS11: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Plik nie wygląda na bibliotekę PKCS#11. Symbol 'C_GetFunctionList' nie został znaleziony. pki_base Error opening file: '%1': %2 Nieudane otwarcie pliku: '%1': %2 Unknown Nieznany Imported Zaimportowany Generated Wygenerowany Transformed Przekształcony Token Token Legacy Database Starsza baza danych Renewed Odnowiony Property '%1' not listed in 'pki_base::print' Właściwość '%1' nie została wymieniona w 'pki_base::print' Internal error: Unexpected message: %1 %2 Błąd wewnętrzny: Nieoczekiwany komunikat: %1 %2 pki_crl Successfully imported the revocation list '%1' Poprawnie zaimportowano listę unieważnień '%1' Delete the revocation list '%1'? Czy usunąć listę unieważnień '%1'? Successfully created the revocation list '%1' Poprawnie utworzono listę unieważnień '%1' Delete the %1 revocation lists: %2? Czy usunąć %1 listy unieważnień: %2? Delete the %n revocation list(s): '%1'? Usunąć %n listę unieważnień: '%1'? Usunąć %n listy unieważnień: '%1'? Usunąć %n list unieważnień: '%1'? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. Nie można załadować listy unieważnień z pliku %1. Próbowano listy CRL w formacie PEM i DER. No issuer given Brak wystawcy CRL Renewal of CA '%1' due Wymagane odnowienie listy CRL urzędu certyfikacji '%1' The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' Najnowsza lista CRL wydana przez urząd certyfikacji '%1' wygaśnie dnia %2. Lista jest przechowywana w bazie danych XCA '%3' Renew CRL: %1 Odnowienie listy CRL: %1 The XCA CRL '%1', issued on %3 will expire on %4. It is stored in the XCA database '%5' Lista CRL '%1', wydana przez %3 wygaśnie dnia %4. Lista jest przechowywana w bazie danych XCA '%5' pki_evp Failed to decrypt the key (bad password) Błąd deszyfracji klucza (błędne hasło) Please enter the password to decrypt the private key. Podaj hasło, aby odszyfrować klucz prywatny. Please enter the password to decrypt the private key %1. Podaj hasło do odszyfrowania klucza prywatnego %1. The key from file '%1' is incomplete or inconsistent. Klucz z pliku '%1' jest niekompletny lub niespójny. Please enter the password to decrypt the private key from file: %1 Podaj hasło do odszyfrowania klucza prywatnego z pliku: %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. Nie można załadować klucza prywatnego z pliku %1. Próbowano PEM i DER prywatny, publiczny, klucze w formacie PKCS#8 i SSH2. Please enter the password to decrypt the private key: '%1' Podaj hasło do odszyfrowania klucza prywatnego: '%1' Password input aborted Wprowadzanie hasła przerwane Please enter the database password for decrypting the key '%1' Podaj hasło bazy danych do odszyfrowania klucza '%1' Decryption of private key '%1' failed Deszyfracja klucza prywatnego '%1' nie udana Please enter the password to protect the private key: '%1' Podaj hasło do ochrony klucza prywatnego: '%1' Please enter the database password for encrypting the key Podaj hasło bazy danych do zaszyfrowania klucza Please enter the password to protect the PKCS#8 key '%1' in file: %2 Podaj hasło do ochrony klucza PKCS#8 '%1' w pliku: %2 Please enter the password to protect the private key '%1' in file: %2 Podaj hasło do ochrony klucza prywatnego '%1' w pliku: %2 Please enter the password protecting the PKCS#8 key '%1' Podaj hasło do ochrony klucza PKCS#8: '%1' Please enter the password protecting the Microsoft PVK key '%1' Podaj hasło do ochrony klucza Microsoft PVK '%1' Please enter the export password for the private key '%1' Podaj hasło do eksportu klucza prywatnego '%1' pki_export PEM Text format with headers PEM selected Concatenated list of all selected certificates in one PEM text file PEM chain Concatenated text format of the complete certificate chain in one PEM file The complete certificate chain and the private key of the selected certificate with tags usable in OpenVPN configuration files PEM + key Concatenation of the certificate and the unencrypted private key in one PEM file Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file All unusable Concatenation of all expired or revoked certificates in one PEM file PKCS#7 encoded single certificate All selected certificates encoded in one PKCS#7 file PKCS #7 chain PKCS#7 encoded complete certificate chain PKCS #7 unusable PKCS#7 encoded collection of all expired or revoked certificates Binary DER encoded certificate PKCS #12 chain The complete certificate chain and the private key as encrypted PKCS#12 file PKCS #12 The certificate and the private key as encrypted PKCS#12 file Certificate Index file OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool vCalendar vCalendar expiry reminder for the selected items CA vCalendar vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL OpenSSL config Konfiguracja OpenSSL OpenSSL configuration file to create a certificate or request with the openssl commandline tool OpenVPN tls-auth key The OpenVPN tls-auth key is a secret key shared between endpoints JSON Web Kit The public key of the certificate in JSON Web Kit format with X.509 Certificate Thumbprint (x5t) JSON Web Kit chain The public key of the certificate in JSON Web Kit format with X.509 Certificate Thumbprint (x5t) and certificate chain (x5c) PEM public Text format of the public key in one PEM file PEM private Unencrypted private key in text format PEM encrypted OpenSSL specific encrypted private key in text format SSH2 private SSH2 public The public key encoded in SSH2 format DER public Binary DER format of the public key DER private Unencrypted private key in binary DER format PVK private Private key in Microsoft PVK format not encrypted PKCS #8 encrypted Encrypted private key in PKCS#8 text format PKCS #8 Unencrypted private key in PKCS#8 text format JSON Web Key private Unencrypted private key in JSON Web Key format JSON Web Key public Public key in JSON Web Key format Binary DER format of the certificate request Binary DER format of the revocation list vCalendar reminder for the CRL expiry date XCA template in PEM-like format. Templates include the internal name and comment All selected XCA templates in PEM-like format. Templates include the internal name and comment pki_key Successfully imported the %1 public key '%2' Poprawnie zaimportowano klucz publiczny %1 jako '%2' Delete the %1 public key '%2'? Czy usunąć klucz publiczny '%2' typu %1? Successfully imported the %1 private key '%2' Poprawnie zaimportowano klucz prywatny %1 jako '%2' Delete the %1 private key '%2'? Czy usunąć klucz prywatny '%2' typu %1? Successfully created the %1 private key '%2' Poprawnie utworzono klucz prywatny %1 jako '%2' Delete the %1 keys: %2? Czy usunąć %1 klucze: %2? Public key Klucz publiczny Successfully imported the %1 public key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key Zaimportowano klucz publiczny %1 '%2' Delete the %n %1 public key(s) '%2'? %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal name(s) of the key(s) Usunąć %n klucz publiczny %1 '%2'? Usunąć %n klucze publiczne %1 '%2'? Usunąć %n kluczy publicznych %1 '%2'? Successfully imported the %1 private key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key Zaimportowano klucz prywatny %1 '%2' Delete the %n %1 private key(s) '%2'? %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal name(s) of the key(s) Usunąć %n klucz prywatny %1 '%2'? Usunąć %n klucze prywatne %1 '%2'? Usunąć %n kluczy prywatnych %1 '%2'? Successfully created the %1 private key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key Utworzono klucz prywatny %1 '%2' Common Private Bogus PIN PIN No password Bez hasła Unexpected SSH2 content: '%1' Nieoczekiwana zawartość SSH2: '%1' Invalid SSH2 public key Niewłaściwy klucz publiczny SSH2 Failed writing to %1 Nieudany zapis do %1 pki_multi No known PEM encoded items found Nie rozpoznano żadnych elementów w PEM pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 Podaj hasło do odszyfrowania pliku PKCS#12: %1 Unable to load the PKCS#12 (pfx) file %1. Nie można załadować pliku PKCS#12 (pfx): %1. The supplied password was wrong (%1) Podane hasło jest nieprawidłowe (%1) Please enter the password to encrypt the key of certificate '%1' in the PKCS#12 file: %2 Podaj hasło do zaszyfrowania klucza certyfikatu '%1' w pliku PKCS#12: %2 Please enter the password to encrypt the PKCS#12 file Podaj hasło do zaszyfrowania pliku PKCS#12 No key or no Cert and no pkcs12 Brak klucza lub certyfikatu i brak PKCS#12 pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. Nie można załadować pliku PKCS#7: %1. Próbowano format PEM i DER. pki_scard Successfully imported the token key '%1' Successfully created the token key '%1' Delete the %n token key(s): '%1'? Delete the private key '%1' from the token '%2 (#%3)' ? This Key is already on the token PIN input aborted Unable to find copied key on the token Please insert card: %1 %2 [%3] with Serial: %4 Select Slot of %1 Unable to find generated key on card Token %1 Failed to find the key on the token Invalid Pin for the token Failed to initialize the key on the token pki_temp Successfully imported the XCA template '%1' Poprawnie zaimportowano szablon XCA '%1' Delete the XCA template '%1'? Czy usunąć szablon XCA '%1'? Successfully created the XCA template '%1' Poprawnie utworzono szablon XCA '%1' Delete the %1 XCA templates: %2? Czy usunąć %1 szablony XCA: %2? Delete the %n XCA template(s): '%1'? Usunąć %n szablon XCA: '%1'? Usunąć %n szablony XCA: '%1'? Usunąć %n szablonów XCA: '%1'? Wrong Size %1 Błędny rozmiar %1 Template file content error (too small) Błędny format pliku szablonu (za mały rozmiar) Not a PEM encoded XCA Template To nie jestm szablon XCA w formacie PEM Not an XCA Template, but '%1' To nie jest szablon XCA, tylko '%1' pki_x509 Successfully imported the certificate '%1' Poprawnie zaimportowano certyfikat '%1' Delete the certificate '%1'? Czy chcesz usunąć certyfikat '%1'? Successfully created the certificate '%1' Poprawnie utworzono certyfikat '%1' Delete the %1 certificates: %2? Czy usunąć %1 certyfikaty: %2? Delete the %n certificate(s): '%1'? Usunąć %n certyfikat: '%1'? Usunąć %n certyfikaty: '%1'? Usunąć %n certyfikatów: '%1'? Unable to load the certificate in file %1. Tried PEM and DER certificate. Nie można załadować certyfikatu z pliku %1. Próbowano certyfikaty w formacie PEM i DER. Invalid OpenVPN tls-auth key Błędny klucz OpenVPN tls-auth Failed to import tls-auth key Nieudany import klucza tls-auth Same tls-auth key already stored for this CA Taki klucz tls-auth już istnieje w tym CA New tls-auth key successfully imported Zaimportowano nowy klucz tls-auth Existing tls-auth key successfully replaced Zamieniono istniejący klucz tls-auth This certificate is already on the security token Ten certyfikat już istnieje na bezpiecznym tokenie Delete the certificate '%1' from the token '%2 (#%3)'? Usunąć certyfikat '%1' z tokena '%2 (#%3)'? There is no key for signing ! Brak klucza do podpisywania ! No Nie Yes Tak Renew certificate: %1 Odnowienie certyfikatu: %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' Certyfikat '%1', wydany przez %2 wygaśnie dnia %3. Certyfikat jest przechowywany w bazie danych XCA '%4' pki_x509req Signing key not valid (public key) Klucz podpisujący jest nieprawidłowy (klucz publiczny) Successfully imported the %1 certificate request '%2' Poprawnie zaimportowano żądanie certyfikacyjne %1 jako '%2' Delete the %1 certificate request '%2'? Czy usunąć żądanie certyfikacyjne '%2' typu %1? Successfully created the %1 certificate request '%2' Poprawnie utworzono żądanie certyfikacyjne %1 jako '%2' Delete the %1 certificate requests: %2? Czy usunąć %1 żądania certyfikacyjne: %2? Successfully imported the PKCS#10 certificate request '%1' Poprawnie zaimportowano żądanie certyfikacyjne PKCS#10 '%1' Delete the %n PKCS#10 certificate request(s): '%1'? Usunąć %n żądanie certyfikacyjne PKCS#10: '%1'? Usunąć %n żądania certyfikacyjne PKCS#10: '%1'? Usunąć %n żądań certyfikacyjnych PKCS#10: '%1'? Successfully created the PKCS#10 certificate request '%1' Poprawnie utworzono żądanie certyfikacyjne PKCS#10 '%1' Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. Nie można załadować żądania certyfikacyjnego z pliku %1. Próbowano format PEM, DER i SPKAC. Signed Podpisany Unhandled Nieobsłużone v3ext Copy Common Name Skopiuj nazwę powszechną Add Dodaj Delete Usuń Apply Zastosuj Validate Weryfikuj Cancel Anuluj An email address or 'copy' Adres email lub 'copy' An email address Adres email A registered ID: OBJECT IDENTIFIER Zarejestrowany identyfikator: OBJECT IDENTIFIER A uniform resource indicator Adres internetowy A DNS domain name or 'copycn' Nazwa domeny DNS lub 'copycn' A DNS domain name Nazwa domeny DNS An IP address Adres IP Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' Składnia: <OID>;TYPE:text przyklad: '1.2.3.4:UTF8:name' No editing. Only 'copy' allowed here Nie zmienialne. Dozwolone tylko 'copy' Validation failed: '%1' %2 Nieudana weryfikacja: '%1' %2 Validation successful: '%1' Weryfikacja poprawna: '%1' xcaWarning The following error occurred: Wystąpił błąd: Copy to Clipboard Kopiuj do schowka xcaWarningGui Copy to Clipboard Kopiuj do schowka xca-RELEASE.2.9.0/lang/xca_pt_BR.ts000066400000000000000000005521631477156507700165450ustar00rootroot00000000000000 CaProperties Form Parâmetros Days until next CRL issuing Dias até a próxima emissão CRL Default template Modelo padrão CertDetail Details of the Certificate Detalhes do Certificado Serial N° de Série The serial number of the certificate N° de Série do Certificado The internal name of the certificate in the database Nome Interno do Certificado no Banco de Dados Status Situação Internal name Nome Interno Signature Assinatura Key Chave Fingerprints Digital Numérica MD5 MD5 An md5 hashsum of the certificate Um verificador MD5 do Certificado SHA1 SHA1 A SHA-1 hashsum of the certificate Um verificador SHA-1 do Certificado SHA256 SHA256 A SHA-256 hashsum of the certificate Um verificador SHA-256 do Certificado Validity Validade The time since the certificate is valid Desde quando o certificado é valido The time until the certificate is valid Até quando o certificado é valido Subject Finalidade Issuer Emissor Extensions Extensões Validation Validação Purposes Propósito Strict RFC 5280 validation Validação conforme RFC 5280 Comment Comentários Attributes Atributos Show config Mostrar Configuração Show extensions Mostrar Extensões Show public key Mostrar Chave Pública This key is not in the database. Chave não está no Banco de Dados. Not available Indispoível No verification errors found. Verificação sem erros. Signer unknown Assinador Desconhecido Self signed Auto-assinado Revoked at %1 Revogado em %1 Not valid Inválido Valid Válido Details of the certificate signing request Detalhes da requisição de Assinatura do Certificado CertExtend Certificate renewal Renovação do Certificado This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. Será criado um novo certificado como cópia de um antigo com um novo número de série e valores de validade ajustados. Validity Validade Not before Não antes Not after Não após Time range Faixa de tempo Local time Tempo Local Days Dias Months Meses Years Anos No well-defined expiration Tempo de Expiração Indefinida Midnight Zero Hora Apply Aplicar Revoke old certificate Revogar certificado antigo Replace old certificate Substituir certificado antigo Keep serial number Manter o N° de Série The certificate will be earlier valid than the signer. This is probably not what you want. O certificado terá validade anterior a do Assinador. Provavelmente, não seja isto o que queira. Edit dates Editar Datas Abort rollout Abortar o procedimento Continue rollout Continuar o procedimento Adjust date and continue Ajustar data e Continuar The certificate will be longer valid than the signer. This is probably not what you want. O certificado terá período de validade superior ao do Assinador. Provavelmente, não seja isto o que queira. CertTreeView Hide unusable certificates Ocultar certificados inutilizados Import PKCS#12 Importar PKCS#12 Import from PKCS#7 Importar de PKCS#7 Request Requisição Security token Dispositivo de Segurança Other token Outro dispositivo Similar Certificate Certificado Similar Delete from Security token Apagar do Dispositivo de Segurança CA AC Properties Propriedades Generate CRL Gerar CRL Manage revocations Gerenciar revogações Import OpenVPN tls-auth key Importar autent TLS OpenVPN> Renewal Renovar Revoke Revogar Unrevoke Desfazer Revogação Plain View Visualizar Tree View Visualização em Árvore days dias No template Sem Modelo CA Properties Propriedades da AC Certificate export Exportar Certificado X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) Certificados X509 ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) vCalendar entry ( *.ics ) Entrada vCalendar ( *.ics ) OpenVPN file ( *.ovpn ) Arquivo OpenVPN ( *.ovpn ) OpenVPN tls-auth key ( *.key ) Chave autentic TLS OpenVPN ( *.key ) ClickLabel Double click for details Duplo clique para os detalhes CrlDetail Details of the Revocation list Detalhes da Lista de Revogação &Status &Situação Version Versão Signature Assinatura Signed by Assinado por Name Nome The internal name of the CRL in the database Nome Interno do CRL no Banco de Dados issuing dates datas de emissão Next update Próxima Atualização Last update Última Atualização &Issuer Em&issor &Extensions &Extensões &Revocation list Lista de &Revogação Comment Comentários Failed Falha Unknown signer Assinador Desconhecido Verification not possible Verificação Impossível CrlTreeView There are no CA certificates for CRL generation Não há certificados AC para geração de CRL Select CA certificate Selecionar Certificado do AC Revocation list export Exportação de lista de revogação CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) vCalendar entry ( *.ics ) Entrada vCalendar ( *.ics ) ExportDialog Name Nome The internal name of the CRL in the database Nome Interno do CRL no Banco de Dados ... ... Filename Nome do Arquivo Each Item in a separate file Cada item em arquivo separado Same encryption password for all items Mesma senha de criptografia para todos os itens Export comment into PEM file Exportar comentários para o arquivo PEM Export Format Formato da Exportação %n selected item(s) %n item selecionado %n itens selecionados All files ( * ) Todos os Arquivos (*) The file: '%1' already exists! O arquivo: '%1' já existe! Overwrite Sobrescrever Do not overwrite Não Sobrescrever The path: '%1' exist, but is not a file O caminho: '%1' existe, mas não é um arquivo The path: '%1' exist, but is not a directory O caminho: '%1' existe, mas não é um diretório The directory: '%1' does not exist. Should it be created? O diretório: '%1' não existe. Ele deve ser criado? Create Criar Failed to create directory '%1' Falha ao criar o diretório '%1' Directory Diretório Form last update última atualização next update próxima atualização Days Dias Months Meses Years Anos Apply Aplicar Midnight Zero Hora Local time Tempo Local No well-defined expiration Tempo de Expiração Indefinida Help << << >> >> &Done &Pronto ImportMulti Import PKI Items Importar Itens PKI Import &All Import&ar Tudo &Import &Importar &Done &Pronto &Remove from list &Remover da lista Details Detalhes Delete from token Apagar do Dispositivo Rename on token Renomear no dispositivo Name: %1 Model: %2 Serial: %3 Nome: %1 Modelo: %2 Série: %3 Manage security token Gerenciar o dispositivo de Segurança The type of the item '%1' is not recognized O tipo do ítem '%1' é desconhecido Could not open the default database Não foi possível abrir o banco de dados padrão The file '%1' did not contain PKI data O arquivo '%1' não contém dados PKI The %1 files: '%2' did not contain PKI data Os arquivos %1: '%2' não contém dados PKI ItemProperties Name Nome Source Origem Insertion date Data da Inserção Comment Comentário KeyDetail Name Nome The internal name of the key used by xca Nome Interno da chave usada pelo XCA Security token Dispositivo de Segurança Manufacturer Fabricante Serial No. de Série Key Chave Public Exponent Expoente Público Keysize Tamanho da Chave Private Exponent Expoente Privado Security Token Dispositivo de Segurança Label Etiqueta PKCS#11 ID ID PKCS#11 Token information Informação do Dispositivo Model Modelo Fingerprint Dados Digitais Comment Comentário Details of the %1 key Detalhes da chave %1 Not available Indisponível Available Disponível Sub prime Primo Inferior Public key Chave Pública Private key Chave Privada Curve name Método de Curva Unknown key Chave Desconhecida KeyTreeView Clipboard format Formato da Área de Transferência Change password Alterar a Senha Reset password Ressetar a Senha Change PIN Alterar PIN Init PIN with SO PIN (PUK) Iniciar PIN com SO PIN (PUK) Change SO PIN (PUK) Alterar SO PIN (PUK) Security token Dispositivo de Segurança This is not a token Não é um dispositivo Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable Devo substituir a chave original '%1'pela chave do Dispositivo? Esta operação apagará a chave '%1' e a fará não exportável Key export Exportar Chave Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Chaves Privadas ( *.pem *.der *.pk8 );; Chaves Públicas SSH ( *.pub ) SSH Private Keys ( *.priv ) Chaves Privadas SSH ( *.priv ) Microsoft PVK Keys ( *.pvk ) Chaves Microsoft PVK ( *.pvk ) MainWindow Private Keys Chaves Privadas &New Key &Nova Chave &Export &Exportar &Import &Importar Import PFX (PKCS#12) Importar PFX (PKCS#12) &Show Details Mostrar Detalhe&s &Delete &Apagar Certificate signing requests Requisições de Assinatura de Certificado &New Request &Nova Requisição Certificates Certificados &New Certificate &Novo Certificado Import &PKCS#12 Importar &PKCS#12 Import P&KCS#7 Importar P&KCS#7 Plain View Visualizar Templates Modelos &New Template &Novo Modelo &New CRL &Novo CRL Ch&ange Template Alter&ar o Modelo Revocation lists Lista de Revogação Using or exporting private keys will not be possible without providing the correct password Não é possível Usar ou Exportar Chaves Privadas sem fornecer a senha correta The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. O Verificador usado atualmente '%1' é inseguro. Favor selecionar um Verificador 'SHA 224' (ou superior) por motivos de segurança. Recent DataBases Banco de Dados Recentes System Sistema Croatian Croata English Inglês French Francês German Alemão Japanese Japones Korean Coreano Russian Russo Slovak Eslovaco Spanish Espanhol Persian Persa Bulgarian Búlgaro Polish Polonês Italian Italiano Chinese Chinês Dutch Holandês Portuguese in Brazil Português Brasil Indonesian Indonésio Turkish Turco Language Idioma &File &Arquivo Open Remote DataBase Abrir Banco de Dados Remoto Set as default DataBase Definir como Banco de Dados Padrão New DataBase Novo Banco de Dados Open DataBase Abrir Banco de Dados Close DataBase Fechar Banco de Dados Options Opções Exit Sair I&mport I&mportar Keys Chaves Requests Requisições PKCS#12 PKCS#12 PKCS#7 PKCS#7 Template Modelo Revocation list Lista de Revogação PEM file Arquivo PEM Paste PEM file Colar Arquivo PEM Token Dispositivo Export Certificate &Index hierarchy Exportar hierarquicamente &Indice de Certificados Content Conteúdo &Manage Security token &Gerenciar Dispositivo de Segurança &Init Security token &Iniciar Dispositivo de Segurança &Change PIN &Alterar PIN Change &SO PIN Alterar &SO PIN Init PIN Iniciar PIN Extra Extras &Dump DataBase &Descarregar Banco de Dados &Export Certificate Index &Exportar Indexador de Certificado C&hange DataBase password Alterar Se&ha do Banco de Dados &Undelete items Resta&urar ítems removidos Generate DH parameter Gerar parâmetros DH OID Resolver Resolver OID &Help &Ajuda About Sobre Import PEM data Importar dados PEM Please enter the original SO PIN (PUK) of the token '%1' Favor entrar com o SO PIN (PUK) original do dispositivo '%1' Search Busca Please enter the new SO PIN (PUK) for the token '%1' Favor entrar com o novo SO PIN (PUK) para o dispositivo '%1' The new label of the token '%1' A nova etiqueta do dispositivo '%1' The token '%1' did not contain any keys or certificates O dispositivo '%1' não contém qualquer chave ou certificados Retry with PIN Tentar Novamente com PIN Retry with SO PIN Tentar Novamente com PIN SO Current Password Senha Corrente Please enter the current database password Favor entrar com a senha corrente do Banco de Dados The entered password is wrong Senha informada está errada New Password Nova Senha Please enter the new password to encrypt your private keys in the database-file Favor entrar a nova senha para criptografia da sua chave privada no Arquivo do Banco de Dados Transaction start failed Transação Inicial Falhou Database: %1 Banco de Dados: %1 The currently used PFX / PKCS#12 algorithm '%1' is insecure. O algoritmo PFX / PKCS#12 usado '%1' é inseguro. Change Mudar Certificate Index ( index.txt ) Índice de Certificado (Index.txt) All files ( * ) Todos os Arquivos (*) Diffie-Hellman parameters saved as: %1 Parâmetros Diffie-Hellman salvos como: %1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits Os parâmetros Diffie-Hellman são necessários para várias aplicações, mas não são tratados pelo XCA. Entrar com bits dos parâmetros DH NewCrl Last update Última Atualização Next update Próxima Atualização Days Dias Months Meses Years Anos Midnight Zero Hora Local time Tempo Local Apply Aplicar Options Opções CRL number N° CRL Subject alternative name Nome Alternativo da Finalidade Revocation reasons Razões da Revogação Authority key identifier Identificador da Chave da Autoridade Hash algorithm Algoritmo de Verificação Create CRL Criar CRL NewKey Please give a name to the new key and select the desired keysize Favor fornecer um nome para a nova chave e selecinoar o tamanho desejado Key properties Propriedades da Chave Name Nome The internal name of the new key Nome Interno da nova chave Curve name Método de Curva Usually at least 2048 bit keys are recommended Recomenda-se chaves de, pelo menos, 2048 bits New Key Nova Chave Keysize Tamanho da Chave Keytype Tipo da Chave Remember as default Lembrar como Padrão Create Criar NewX509 Source Origem Signing request Assinar a Requisição Show request Mostrar a Requisição Sign this Certificate signing &request Assinar este Certificado com &requisição de assinatura Copy extensions from the request Copiar as Extensões da Requisição Modify subject of the request Modificar a Finalidade da Requisição Signing Assinatura Create a &self signed certificate Criar Certificado Auto-A&ssinado Use &this Certificate for signing Usar es&te Certificado para assinar All certificates in your database that can create valid signatures Todos os Certificados do seu banco de dados que podem criar assinaturas válidas Signature algorithm Algoritmo de Assinatura Template for the new certificate Modelo para novo certificado All available templates Todos os Modelos disponíveis Apply extensions Aplicar extensões Apply subject Aplicar Finalidade Apply all Aplicar Tudo Subject Finalidade Internal Name Nome Interno Distinguished name Nome Indicativo Add Adicionar Delete Apagar Private key Chave Privada This list only contains unused keys A lista contém somente as chaves não usadas Used keys too Chaves usadas também &Generate a new key &Gerar uma nova Chave Extensions Extensões Type Tipo If this will become a CA certificate or not Se este Certificado sera para um AC ou não Not defined Indefinido Certification Authority Autoridade Certificadora End Entity Entidade Final Path length Quantidade de ACs após este How much CAs may be below this. Quantos ACs podem ser criados abaixo deste. The basic constraints should always be critical As restrições básicas devem ser sempre críticas Key identifier Identificador da Chave Creates a hash of the key following the PKIX guidelines Cria um Verificador da chave segundo as recomendações PKIX Copy the Subject Key Identifier from the issuer Copiar o Identificador da Chave de Finalidade do emissor Validity Validade Not before Não Antes Not after Não Após Time range Faixa de Tempo Days Dias Months Meses Years Anos Apply Aplicar Set the time to 00:00:00 and 23:59:59 respectively Define o tempo para 00:00:00 e 23:59:59, respectivamente Midnight Zero Hora Local time Tempo Local No well-defined expiration Tempo de Expiração Indefinida DNS: IP: URI: email: RID: DNS: IP: URI: email: RID: Edit Editar URI: URI: Key usage Aplicação da Chave Netscape Netscape Advanced Avançado Validate Validar Comment Comentário This name is only used internally and does not appear in the resulting certificate Este nome é usado somente internamente e não aparece no certificado Critical Crítico Create Certificate signing request Criar um Certificado com requisição de assinatura minimum size: %1 tamanho Mínimo: %1 maximum size: %1 tamanho Máximo: %1 only a-z A-Z 0-9 '()+,-./:=? somente a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters somente caracteres de 7-bits Edit XCA template Editar Modelo XCA Create x509 Certificate Criar Certificado x509 Template '%1' applied Modelo '%1' aplicado Subject applied from template '%1' Finalidade copiada do Modelo '%1' Extensions applied from template '%1' Extensões copiadas do Modelo '%1' New key '%1' created Nova Chave '%1' criada Other Tabs Outras abas Advanced Tab Abas Avançadas Errors Erros From PKCS#10 request De Requisição PKCS#10 Error Erro duplicate extensions extensões duplicadas The Name Constraints are invalid O Nomes de Vínculos (Constraints) são inválidos The Subject Alternative Name is invalid Nome Aternativo da Finalidade é Inválido The Issuer Alternative Name is invalid Nome Alternativo do Emissor é Inválido The CRL Distribution Point is invalid O Ponto de Distribuição CRL é Inválido The Authority Information Access is invalid O Acesso da Informação da Autoridade CA é inválido Abort rollout Abortar o procedimento The following length restrictions of RFC3280 are violated: Foram violadas as seguintes restrições da RFC3280: Edit subject Editar Finalidade Continue rollout Continuar o procedimento The verification of the Certificate request failed. The rollout should be aborted. A verificação do Certificado Requisitado falhou. O procedimento poderá ser encerrado.. Continue anyway Continuar mesmo assim The internal name and the common name are empty. Please set at least the internal name. O nome Interno e o campo 'common name' estão vazios. Favor definir, pelo menos, o nome interno. Edit name Editar nome There is no Key selected for signing. Não há chave selecionada a ser assinada. Select key Selecionar Chave The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. Os seguintes nomes indicativos estão vazios: %1 entretanto foi configurado que aqueles indicadores são obrigatórios no menu de opções. The key you selected for signing is not a private one. A Chave selecionada para assinar não pe uma Chave Privada. Select other signer Selecionar outro Assinador Select other key Selecionar outra Chave The currently selected hash algorithm '%1' is insecure and should not be used. O algoritmo verificação atualmente selecionado '%1' é inseguro e não deve ser usado. Select other algorithm Selecionar outro algoritmo Use algorithm anyway Usar o algoritmo mesmo assim The certificate will be earlier valid than the signer. This is probably not what you want. O certificado terá validade anterior ao do Assinador. Provavelmente, não seja isto o que queira. Edit dates Editar Datas Adjust date and continue Ajustar data e Continuar The certificate will be longer valid than the signer. This is probably not what you want. O certificado terá período de validade superior ao do Assinador. Provavelmente, não é isto que voce quer. The certificate will be out of date before it becomes valid. You most probably mixed up both dates. O certificado está vencido antes de se tornar válido. Por algum motivo vc se confundiu as duas datas. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. O Certificado contém extensões inválidas ou duplicadas. Verifique a validação na Lapela Avançada. The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. O certificado não contém extensões. Você pode aplicar as extensões de um dos modelos para definir o propósito do certificado. The certificate contains invalid extensions. O certificado contém extensões inválidas. Edit extensions Editar extensões The subject alternative name shall contain a copy of the common name. However, the common name is empty. O Nome Alternativo da Finalidade (Subject Alternative Name) pode conter uma cópia do campo 'common name'. Entretanto, este último campo está vazio. A name constraint of the issuer '%1' is violated: %2 Uma restrição do nome do emissor '%1' foi violada: %2 Configfile error on line %1 Erro no Arquivo de Configuração, linha %1 OidResolver OID Resolver Resolver OID Enter the OID, the Nid, or one of the textual representations Digite o OID, o Nid ou uma representação de texto Search Busca OID OID Long name Nome Longo OpenSSL internal ID ID Interno OpenSSL Nid Nid Short name Nome Abreviado OpenDb Open remote database Abrir Banco de Dados Remoto Database type Tipo do Banco de Dados Hostname Nome do Host ou IP Username Nome de Usuário Password Senha Database name Nome do Banco de Dados Table prefix Prefixo da Tabela No SqLite3 driver available. Please install the qt-sqlite package of your distribution Não há driver SqLite3 disponível. Favor instalar o pacote qt-sqlite da sua distribuição Options XCA Options Opções XCA Settings Configuração Default hash algorithm Algoritmo Verificador padrão String types Tipos de Cadeia de Caracteres Suppress success messages Suprimir mensagens de sucesso Don't colorize expired certificates Não colorir certificados expirados Translate established x509 terms (%1 -> %2) Traduzir os termos X509 establecidos (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. A funcionalidade de verificação do dispositivo não é usada pelo XCA. Entretanto, o XCA pode honrar o conjunto de Verificadores restritos propagados pelo dispositivo. Especificamente, EC e DSA somente são definidos com SHA1 na especificação do PKCS#11. Only use hashes supported by the token when signing with a token key Somente use Verificadores suportados pelo dispositivo ao assinar com uma chave do dispositivo Disable legacy Netscape extensions Desabilitar as extensões Netscape PKCS12 encryption algorithm Algoritmo de criptografia PKCS12 Certificate expiry warning threshold Aviso de Limite de Expiração do Certificado Send vCalendar expiry reminder Enviar aviso de Expiração pelo vCalendar Serial number length Tamanho do N° de Série bit bit Distinguished name Nome Indicativo Mandatory subject entries Entidades com entradas Obrigatórias Add Adicionar Delete Apagar Explicit subject entries Explicitar Entradas de Entidades Dynamically arrange explicit subject entries Arranjar dinamicamente as entradas das Entidades Explicitas Default Padrão PKCS#11 provider Fornecedor PKCS#11 Remove Remover Search Busca Printable string or UTF8 (default) Cadeia imprimível ou UTF8 (padrão) PKIX recommendation in RFC2459 Recomendações PKIX pevistas na RFC2459 No BMP strings, only printable and T61 Sem cadeia BMP, somente imprimíveis e T61 UTF8 strings only (RFC2459) Somente cadeias UTF8 (RFC2459) All strings Todas as cadeias Days Dias Weeks Semanas PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) A senha é analisada como um código hexadecimal de 2 dígitos. Ela deve ter um número par de dígitos (0-9 e a-f) Take as HEX string Considere como uma cadeia HEXadecimal Repeat %1 Repetir %1 %1 mismatch %1 não coincide Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters A senha hexadecimal deve conter apenas os caracteres '0' - '9' e 'a' - 'f' e deve consistir em um número par de caracteres Exit Sair QObject Undefined Indefinido Broken / Invalid Com Defeito / Inválido in %1 seconds em %1 segundo(s) %1 seconds ago há %1 segundo(s) atrás in %1 minutes em %1 minuto(s) %1 minutes ago há %1 minuto(s) atrás Yesterday Ontem Tomorrow Amanhã in %1 hours em %1 hora(s) %1 hours ago há %1 hora(s) atrás Out of data Sem dados Error finding endmarker of string Erro ao localizar o marcador de final de cadeia All files ( * ) Todos os Arquivos ( * ) PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK Keys ( *.pvk );; SSH Public Keys ( *.pub );; Chaves PKI ( *.pem *.der *.key );; Chaves PKCS#8 ( *.p8 *.pk8 );; Chaves Microsoft PVK ( *.pvk );; Chaves Públicas SSH ( *.pub );; Import RSA key Importar Chave RSA PKCS#10 CSR ( *.pem *.der *.csr );; PKCS#10 CSR ( *.pem *.der *.csr );; Import Request Importar Requisição Certificates ( *.pem *.der *.crt *.cer );; Certificados ( *.pem *.der *.crt *.cer );; Import X.509 Certificate Importar Certificado X.509 PKCS#7 data ( *.p7s *.p7m *.p7b );; Dados PKCS#7 ( *.p7s *.p7m *.p7b );; Import PKCS#7 Certificates Importar Certificado PKCS#7 PKCS#12 Certificates ( *.p12 *.pfx );; Certificados PKCS#12 ( *.p12 *.pfx );; Import PKCS#12 Private Certificate Importar Certificado Privado PKCS#12 XCA templates ( *.xca );; Modelos XCA ( *.xca );; Import XCA Templates Importar Modelos XCA Revocation lists ( *.pem *.der *.crl );; Lista de Revogação ( *.pem *.der *.crl );; Import Certificate Revocation List Importar Lista de Revogação de Certificados XCA Databases ( *.xdb );; Banco de Dados XCA ( *.xdb );; Open XCA Database Abrir Banco de Dados XCA OpenVPN tls-auth key ( *.key );; Chave autentic TLS OpenVPN ( *.key );; Import OpenVPN tls-auth key Importar Chave de autenticação TLS do OpenVPN PKCS#11 library ( *.dll );; Biblioteca PKCS#11 ( *.dll );; PKCS#11 library ( *.dylib *.so );; Biblioteca PKCS#11 ( *.dylib *.so );; PKCS#11 library ( *.so );; Biblioteca PKCS#11 ( *.so );; Open PKCS#11 shared library Abrir Biblioteca Compartilhada/Dinâmica PKCS#11 PEM files ( *.pem );; Arquivos PEM ( *.pem );; Load PEM encoded file Carregar Arquivo codificado PEM Please enter the PIN on the PinPad Favor entrar com o PIN no PinPad Please enter the SO PIN (PUK) of the token %1 Favor entrar o SO PIN (PUK) do dispositivo %1 Please enter the PIN of the token %1 Favor entrar o PIN do dispositivo %1 No Security token found Dispositivo de Segurança não encontrado Select Selecionar Please enter the new SO PIN (PUK) for the token: '%1' Favor entrar com o novo SO PIN (PUK) para o dispositivo '%1' Please enter the new PIN for the token: '%1' Favor entrar o novo PIN do dispositivo '%1' Required PIN size: %1 - %2 Tamanho do PIN requisitado: %1 - %2 Disabled Desabilitado Library loading failed Carga da Biblioteca falhou PKCS#11 function '%1' failed: %2 Função PKCS#11 '%1' falhou: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 Função PKCS#11 '%1' falhou: %2 Na biblioteca %3 %4 Invalid Inválido %1 is shorter than %2 bytes: '%3' %1 é menor que %2 bytes: '%3' %1 is longer than %2 bytes: '%3' %1 é maior que %2 bytes: '%3' String '%1' for '%2' contains invalid characters Cadeia '%1' para '%2' contém caracteres inválidos Error reading config file %1 at line %2 Erro de leitura do Arquivo de Configuração %1 na linha %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. O Objeto '%1' do arquivo %2 linha %3 já é conhecido como '%4:%5:%6' e deve ser removido. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. O Identificador '%1' para o OID %2 do arquivo %3 linha %4 já é usado para um OID diferente como '%5:%6:%7' e deve ser alteradopara evitar conflitos. Unknown object '%1' in file %2 line %3 Objeto desconhecido '%1' no arquivo %2 linha %3 Failed to start a database transaction Falha ao inciar uma transação de Banco de Dados Country code Sigla do País State or Province Estado ou Província Locality Cidade Organisation Organização Organisational unit Unidade Organizacional Common name Nome Da Entidade E-Mail address Endereço de E-mail Serial number N° de Série Given name Primeiro Nome Surname Sobrenome Title Título/Designação Initials Inciiais Description Descrição Adicional Role Função Pseudonym Pseudônimo Generation Qualifier Qualificador de Geração x500 Unique Identifier identificação Única X500 Name Nome DN Qualifier Qualificador de Nome Distinto Unstructured name Nome não Estruturado Challenge password Senha Desafio Basic Constraints Restrições Básicas Name Constraints Restrições de Nome Subject alternative name Nome Alternativo da Finalidade issuer alternative name nome alternativo do emissor Subject key identifier Identificador da Chave da Finalidade Authority key identifier Identificador da Chave da Autoridade Key usage Aplicação da Chave Extended key usage Uso Estendido da Chave CRL distribution points Ponto de Distribuição CRL Authority information access Acesso a Informação sobre a Autoridade Certificate type Tipo de Certificado Base URL URL Base Revocation URL URL de Revogação CA Revocation URL URL de Revogação de AC Certificate renewal URL URL de Renovação de Certificado CA policy URL URL de Política do AC SSL server name Nome do Serviço SSL Comment Comentário Index file written to '%1' Arquivo de Índices escrito em '%1' Index hierarchy written to '%1' Hierarquia de Indices escrita em '%1' Unknown key type %1 Tipo de Chave desconhecida %1 Failed to write PEM data to '%1' Falha ao escrever dados PEM em '%1' Password verify error, please try again Erro na Verificação da Senha, favor tentar novamente The following error occurred: Ocorreu o seguinte erro: Failed to update the database schema to the current version Falha ao atualizar o formato do banco de dados para a versão atual Password Senha insecure insegura ReqTreeView Sign Assinar Unmark signed Desmarcar assinado Mark signed Marcar assinado Similar Request Requisição Similar Certificate request export Exportar Requisição de Certificado Certificate request ( *.pem *.der *.csr ) Requisição de Certificados ( *.pem *.der *.csr ) RevocationList Manage revocations Gerenciar revogações Add Adicionar Delete Apagar Edit Editar No. Não. Serial N° de Série Revocation Revogação Reason Motivo Invalidation Invalidação Generate CRL Gerar CRL Revoke Certificate revocation Revogação de Certificado Revocation details Detalhes da Revogação Revocation reason Motivo da Revogação Local time Tempo Local Invalid since Inválido desde Serial N° de Série SearchPkcs11 Directory Diretório ... ... Include subdirectories Incluir Subdiretórios Search Busca The following files are possible PKCS#11 libraries Os seguintes arquivos são possíveis bibliotecas PKCS#11 SelectToken Security token Dispositivo de Segurança Please select the security token Favor Selecionar o Dispositivo de Segurança TempTreeView Duplicate Duplicar Create certificate Criar Certificado Create request Criar Requisição copy copiar Preset Template values Valores Pré-definidos do Modelo Template export Exportar o Modelo XCA Templates ( *.xca ) Modelos XCA ( *.xca ) TrustState Certificate trust Credibilidade do Certificado Trustment Nível de Credibilidade &Never trust this certificate &Nunca confiar neste certificado Only &trust this certificate, if we trust the signer Somente &confiar neste certificado, se confiar no assinador &Always trust this certificate &Sempre confiar neste certificado Validity yyyy-MM-dd hh:mm aaaa-MM-dd hh:mm X509SuperTreeView OpenSSL config Configuração OpenSSL Transform Transformar Template Modelo padrão Public key Chave Pública Save as OpenSSL config Salvar como Configuração OpenSSL Config files ( *.conf *.cnf);; All files ( * ) Arquivos de Configuração OpenSSL ( *.conf *.cnf);; Todos os Arquivos ( * ) XFile Error opening file: '%1': %2 Erro ao abrir o arquivo: '%1': %2 Error rewinding file: '%1': %2 Erro ao acessar o início do arquivo: '%1': %2 XcaDetail Import Importar XcaTreeView Item properties Propriedades do ítem Subject entries Inscrições de Finalidade X509v3 Extensions Extensões X509v3 Netscape extensions Extensões Netscape Key properties Propriedades da Chave Privada Reset Zerar Tudo (Reset) Hide Column Ocultar Coluna Details Detalhes Columns Colunas Export Password Exportar Senha Please enter the password to encrypt all %n exported private key(s) in: %1 Singular form for 0 or 1 item can be ignored. Will always be called with n >= 2 Campo com 0 ou 1 item pode ser ignorado. É sempre necessário quando n >= 2 Favor entrar com a senha para encriptar a %n chave privada exportada em: %1 Favor entrar com a senha para encriptar todas as %n chaves privadas exportadas em: %1 New Novo Import Importar Paste PEM data Colar dados PEM Rename Renomear Properties Propriedades Delete Apagar Export Exportar Clipboard Área de Transferência File Arquivo Clipboard format Formato da Área de Transferência database_model Please enter the password to access the database server %2 as user '%1'. Favor entrar com a senha de acesso do Serviço de Banco de Dados %2 como usuário '%1'. Unable to create '%1': %2 Não foi possível criar '%1': %2 The file '%1' is not an XCA database O arquivo '%1' não é um banco de dados XCA No SqLite3 driver available. Please install the qt-sqlite package of your distribution Não há driver SqLite3 disponível. Favor instalar o pacote qt-sqlite da sua distribuição New Password Nova Senha Please enter a password, that will be used to encrypt your private keys in the database: %1 Favor entrar uma senha que será usada para encriptar sua chave privada no Banco de Dados: %1 Password Senha Please enter the password for unlocking the database: %1 Favor entrar com a senha para desbloquear o Banco de Dados: %1 db_base Internal name Nome Interno No. N°. Primary key Chave Primária Database unique number N° único do Banco de Dados Date Data Date of creation or insertion Data da Criação ou Inserção Source Origem Generated, Imported, Transformed Gerado, Importado, Transformado Comment Comentário First line of the comment field Primeira Linha do Campo Comentário Import from: %1 Importar de: %1 Could not create directory %1 Impossibilidade de criar o diretório %1 db_crl Signer Assinador Internal name of the signer Nome Interno do Assinador No. revoked N° de revogados Number of revoked certificates N° de Certificados Revogados Last update Última Atualização Next update Próxima Atualização CRL number N° do CRL The revocation list already exists in the database as: '%1' and so it was not imported A Lista de Revogação já existe no Banco de Dados como: '%1' e, assim, ela não será importada Failed to initiate DB transaction Falha ao inciar uma transação de Banco de Dados Database error: %1 Erro no Banco de Dados: %1 db_key Type Tipo Size Tamanho EC Group Grupo EC Use Usar Password Senha The key is already in the database as: '%1' and is not going to be imported A chave já está no Banco de Dados como: '%1' e não será importada The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key O Banco de Dados já contém a parte pública da chave importada como '%1 e será importado somente a parte privada da chave Extending public key from %1 by imported key '%2' Estendendo a chave pública de %1 ao ser importado a chave '%2' Key size too small ! O tamanho da Chave é muito pequeno ! You are sure to create a key of the size: %1 ? Tem certeza que quer criar uma chave com tamanho: %1 ? Internal error Erro Interno Internal key update: The keys: %1 must be updated once by resetting and setting its private password Atualização da Chave Interna: As chaves: %1 deve ser atualizada após redefinir e definir sua senha privada Tried to change password of a token Tentei alterar a senha de um dispositivo db_temp Bad template: %1 Modelo com erros: %1 Empty template Modelo Vazio db_x509 CA AC reflects the basic Constraints extension reflete a extensão de restrições básicas Serial N° de Série Start date Data Inciial Expiry date Data de Expiração MD5 fingerprint Impressão Digital MD5 SHA1 fingerprint Impressão Digital SHA1 SHA256 fingerprint Impressão Digital SHA256 Not before Não Antes Not after Não após Revocation Revogação CRL Expiration Validade CRL Failed to retrieve unique random serial Falha ao recuperar uma Série Aleatória Única The certificate already exists in the database as: '%1' and so it was not imported O Certificado já existe no Banco de Dados como: '%1' e, assim, ela não será importada Signed on %1 by '%2' Assinado em %1 por '%2' Unknown Desconhecido Invalid public key Chave Pública Inválida The key you selected for signing is not a private one. A Chave selecionada para assinar não é uma Chave Privada. Failed to create directory '%1' Falha ao criar o diretório '%1' Store the certificate to the key on the token '%1 (#%2)' ? Armazenar o certificado da chave no dispositivo '%1 (#%2)' ? There was no key found for the Certificate: '%1' Não foi encontrada chave para o Certificado: '%1' Not possible for a token key: '%1' Impossível para a chave de dispositivo: '%1' Not possible for the token-key Certificate '%1' Impossível para o Certificado com chave de dispositivo: '%1' db_x509name Subject Finalidade Complete distinguished name Completar o nome distinto Subject hash Verificador de Finalidade Hash to lookup certs in directories Veriificador para a identificar certificados nos diretórios db_x509req Signed Assinado whether the request is already signed or not se a requisição já foi, ou não, assinada Unstructured name Nome não Estruturado Challenge password Senha Desafio Certificate count Contagem de Certificados Number of certificates in the database with the same public key Número de certificados no Banco de Dados com a mesma chave pública The certificate signing request already exists in the database as '%1' and thus was not stored A requisição de assinatura de certificado já existe no Banco de Dados como '%1' e ela não será armazenada db_x509super Key name Nome da Chave Internal name of the key Nome Interno da Chave Signature algorithm Algoritmo de Assinatura Key type Tipo da Chave Key size Tamanho da Chave EC Group Grupo EC Extracted from %1 '%2' Extraido de %1 '%2' Certificate Certificado Certificate request Requisição de Certificado The following extensions were not ported into the template As seguintes extensões não foram portadas para o Modelo Transformed from %1 '%2' Transformado de %1 '%2' kvView Type Tipo Content Conteúdo pass_info Password Senha PIN PIN pkcs11_lib Failed to open PKCS11 library: %1: %2 Falha ao abrir a biblioteca PKCS11: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Não parece ser uma biblioteca PKCS#11: Função 'C_GetFunctionList' não Encontrada. pki_base Unknown Desconhcido Imported Importado Generated Gerado Transformed Transformado Token Dispositivo Legacy Database Banco de Dados de Versão Anterior Renewed Renovado Property '%1' not listed in 'pki_base::print' Propriedade '%1' não está listada em 'pki_base::print' Internal error: Unexpected message: %1 %2 Erro Interno: Mensagem Inesperada: %1 %2 pki_crl Successfully imported the revocation list '%1' Lista de Revogação '%1' importada com sucesso Delete the revocation list '%1'? Apagar a lista de revogação '%1'? Successfully created the revocation list '%1' Lista de Revogação '%1' criada com sucesso Delete the %1 revocation lists: %2? Apagar %1 da lista de revogação: %2? Delete the %n revocation list(s): '%1'? Apagar %n lista de revogação: '%1'? Apagar %n listas de revogações: '%1'? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. Impossibilidade de carregar a lista de revogação do arquivo %1. Tentativas de formato de CRL em PEM e DER falharam. No issuer given Nenhum Emissor foi informado CRL Renewal of CA '%1' due Renovação CRL da AC '%1' devido a The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' A última CRL emitida pela AC '%1' expirará em %2. Ela está armazenada no Banco de Dados XCA '%3' Renew CRL: %1 Renovar CRL: %1 The XCA CRL '%1', issued on %3 will expire on %4. It is stored in the XCA database '%5' A CRL XCA '%1', emitida em %3, expirará em %4. Ela está armazenada no Banco de Dados XCA '%5' pki_evp Please enter the password to decrypt the private key %1. Por favor, entre com a senha para deciptografar a chave privada %1. The key from file '%1' is incomplete or inconsistent. A chave do arquivo '%1' está incompleta ou inconsistente. Please enter the password to decrypt the private key from file: %1 Favor entrar a senha para decriptar a chave privada do arquivo: %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. Não foi possível carregar a Chave Privada do arquivo %1. As tentativas no formato PEM e DER privados, públicos, tipos de chaves PKCS#8 e formato SSH2 falharam. Please enter the password to decrypt the private key: '%1' Favoir entrar com a senha para decriptar a chave privada: '%1' Password input aborted Abortado a entrada da Senha Please enter the database password for decrypting the key '%1' Favor entrar com a senha do Banco de Dados para decriptar a chave '%1' Decryption of private key '%1' failed Decriptografia da chave privada '%1' falhou Please enter the password to protect the private key: '%1' Favor entrar com a senha para proteger a chave privada: '%1' Please enter the database password for encrypting the key Favor entrar a senha do Banco de Dados para encriptar a chave Please enter the password to protect the PKCS#8 key '%1' in file: %2 Favor entrar com a senha para proteger a chave PKCS#8 '%1' no arquivo: %2 Please enter the password to protect the private key '%1' in file: %2 Favor entrar com a senha para proteger a chave privada '%1' no arquivo: %2 Please enter the password protecting the PKCS#8 key '%1' Favor entrar com a senha para proteger a chave PKCS#8: '%1' Please enter the password protecting the Microsoft PVK key '%1' Favor entrar a senha dde proteção da chave Microsoft PVK '%1' Please enter the export password for the private key '%1' Favor entrar com a senha para exportar a chave privada: '%1' pki_export PEM Text format with headers Formato Texto PEM com cabeçalhos Concatenated list of all selected items in one PEM text file Lista Concatenada de todos os ítens selecionados em 1 arquivo texto PEM PEM selected Selecionado PEM Concatenated list of all selected certificates in one PEM text file Lista concatenada com todos os certificados em arquivo formato texto PEM PEM chain Cadeia PEM Concatenated text format of the complete certificate chain in one PEM file Formato Texto Concatenado da cadeia completa de certificados em 1 arquivo PEM The complete certificate chain and the private key of the selected certificate with tags usable in OpenVPN configuration files A cadeia completa de certificados e a chave privada do certificado selecionado com os parâmetros utilizáveis nos arquivos de configuração do OpenVPN PEM + key PEM + Chave Concatenation of the certificate and the unencrypted private key in one PEM file Concatenação de um certificado e a chave privada não criptografada em arquivo PEM Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Concatenação de um certificado e a chave privada criptografada no formato PKCS#8 em arquivo All unusable Tudo inutilizável Concatenation of all expired or revoked certificates in one PEM file Concatenação de todos certificados expirados e revogados em único arquivo PEM PKCS#7 encoded single certificate Único Certificado Codificado em PKCS#7 All selected certificates encoded in one PKCS#7 file Todos certificados selecionados codificados em arquivo PKCS#7 PKCS #7 chain Cadeia PKCS #7 PKCS#7 encoded complete certificate chain Cadeia completa de Certificado Codificados em PKCS#7 PKCS #7 unusable PKCS #7 inutilizável PKCS#7 encoded collection of all expired or revoked certificates Coleção codificada PKCS#7 de todos os certificados expirados e revogados Binary DER encoded certificate Certificado binário certificado em DER PKCS #12 chain Cadeia PKCS #12 The complete certificate chain and the private key as encrypted PKCS#12 file Cadeia Completa de Certificados e Chaves Privadas codificados em arquivo PKCS#12 PKCS #12 PKCS #12 The certificate and the private key as encrypted PKCS#12 file Todos certificados e Chaves Privadas criptografadas em arquivo PKCS#12 Certificate Index file Arquivo de Índice de Certificado OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool Arquivo de índice específico OpenSSL, requerido por ferramenta OCSP, foi criado pelo comando 'ca' vCalendar vCalendar vCalendar expiry reminder for the selected items Lembrete de expiração vCalendar para os ítens selecionados CA vCalendar Calendário (vCalendar) do AC vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL lembrete de expiração por vCalendar contendo todos os certificados emitidos, válidos, além do próprio AC e do último CRL OpenSSL config Configuração OpenSSL OpenSSL configuration file to create a certificate or request with the openssl commandline tool Arquivo de configuração OpenSSL para criar ou requisitar um certificado via linha de comando da aplicação openssl OpenVPN tls-auth key Chave autentic TLS OpenVPN The OpenVPN tls-auth key is a secret key shared between endpoints A Chave autentic TLS OpenVPN é a chave secreta compartilhada entre os pontos extremos do canal JSON Web Kit Kit Web JSON The public key of the certificate in JSON Web Kit format with X.509 Certificate Thumbprint (x5t) Chave pública de certificado no formato Kit Web JSON com impressão digital X.509 (x5t) JSON Web Kit chain Cadeia em Kit Web JSON The public key of the certificate in JSON Web Kit format with X.509 Certificate Thumbprint (x5t) and certificate chain (x5c) A chave privada do certificado no formato Kit Web JSON com impressão digital X.509 (x5t) e cadeia de certificado (x5c) PEM public Pública PEM Text format of the public key in one PEM file Formato texto da chave pública em arquivo PEM PEM private Privada PEM Unencrypted private key in text format Chave Privada não criptografada no formato texto PEM encrypted PEM criptografado OpenSSL specific encrypted private key in text format Chave privada criptografada específica do OpenSSL no formato texto SSH2 private Chave Privada SSH2 SSH2 public Chave Pública SSH2 The public key encoded in SSH2 format Chave Pública codificada no formato SSH2 DER public Pública DER Binary DER format of the public key Chave Pública no Formato Binário DER DER private Privada DER Unencrypted private key in binary DER format Chave privada não criptografada no formato binário DER PVK private Privada PVK Private key in Microsoft PVK format not encrypted Chave Privada no formato Microsoft PVK não criptografada XCA template in PEM-like format. Templates include the internal name and comment Modelo XCA em formato similar PEM. Os modelos incluem o nome interno e comentários All selected XCA templates in PEM-like format. Templates include the internal name and comment Todos os Modelos XCA selecionados em formato similar PEM. Os modelos incluem o nome interno e comentários PVK encrypted PVK criptografada Encrypted private key in Microsoft PVK format Chave Privada criptografada no formato Microsoft PVK PKCS #8 encrypted PKCS #8 criptografado Encrypted private key in PKCS#8 text format Chave privada criptografada no formato texto PKCS#8 PKCS #8 PKCS #8 Unencrypted private key in PKCS#8 text format Chave privada não criptografada no formato texto PKCS#8 JSON Web Key private Chave Privada em Web JSON Unencrypted private key in JSON Web Key format Chave Privada não encriptada no formato Web JSON JSON Web Key public Chave Pública em Web JSON Public key in JSON Web Key format Chave Pública no formato Web JSON Binary DER format of the certificate request Formato DER binário da requisição de certificado Binary DER format of the revocation list Formato DER binário da lista de revogação vCalendar reminder for the CRL expiry date Lembrete vCalendar para a data de expiração da CRL XCA template in PEM-like format Modelo XCA em formato PEM All selected XCA templates in PEM-like format Todos os modelos XCA selecionados estão no formato PEM pki_key Successfully imported the %1 public key '%2' A chave pública %1, '%2', foi importada com sucesso Delete the %1 public key '%2'? Apagar a chave pública tipo %1 de '%2'? Successfully imported the %1 private key '%2' A chave privada tipo %1, '%2', foi importada com sucesso Delete the %1 private key '%2'? Apagar a chave privada %1 de '%2'? Successfully created the %1 private key '%2' Chave privada %1, de '%2', foi criada com sucesso Delete the %1 keys: %2? Apagar a chave %1: %2? Public key Chave Pública Successfully imported the %1 public key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key %1 será substituída por 'RSA', 'DSA', 'EC'. %2 é o nome interno da chave A chave pública %1, '%2', foi importada com sucesso Delete the %n %1 public key(s) '%2'? %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal name(s) of the key(s) %1 será substituída por 'RSA', 'DSA', 'EC'. %2 é/são o(s) nome(s) interno(s) da(s) chave(s) Apagar a %n %1 chave pública '%2'? Apagar as %n %1 chaves públicas '%2'? Successfully imported the %1 private key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key %1 será substituída por 'RSA', 'DSA', 'EC'. %2 é o nome interno da chave A chave privada tipo %1, '%2', foi importada com sucesso Delete the %n %1 private key(s) '%2'? %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal name(s) of the key(s) %1 será substituída por 'RSA', 'DSA', 'EC'. %2 é/são o(s) nome(s) interno(s) da(s) chave(s) Apagar a %n %1 chave privada '%2'? Apagar a %n %1 chaves privadas '%2'? Successfully created the %1 private key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key %1 será substituída por 'RSA', 'DSA', 'EC'. %2 é o nome interno da chave Chave privada %1, de '%2', foi criada com sucesso Common This is a colum name. We suggest that this shoould not be translated. since: Common is thecommonName Common Private Privado Bogus Adulterado PIN PIN No password Sem Senha Unexpected SSH2 content: '%1' Conteúdo SSH2 inesperado: '%1' Invalid SSH2 public key Chave Pública SSH2 Inválida Failed writing to %1 Falha ao escrever em %1 pki_multi No known PEM encoded items found Não foi encontrado itens codificados em PEM pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 Favor entrar com a senha para decriptar o arquivo PKCS#12: %1 Unable to load the PKCS#12 (pfx) file %1. Impossibilidade de carregar o arquivo PKCS#12 (pfx) %1. The supplied password was wrong (%1) A senha informada está errada (%1) Please enter the password to encrypt the key of certificate '%1' in the PKCS#12 file: %2 Favor entrar a senha para encriptar a chave do certificado '%1' no arquivo PKCS#12: %2 Please enter the password to encrypt the PKCS#12 file Foavor entrar com a senha para encriptar o arquivo PKCS#12 No key or no Cert and no pkcs12 Nehuma chave, nem certificado, nem pkcs12 pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. Impossibilidade de carregar o arquivo PKCS#7 %1. Formatos PEM e DER falharam. pki_scard Successfully imported the token key '%1' A chave do dispositivo '%1' foi importada com sucesso Delete the token key '%1'? Apagar a chave do dispositivo '%1'? Successfully created the token key '%1' Chave do dispositivo '%1' foi criada com sucesso Delete the %1 keys: %2? Apagar a chave %2 do dispositivo %1? Delete the %n token key(s): '%1'? Apagar a %n chave no dispositivo: '%1'? Apagar as %n chaves no dispositivo: '%1'? Delete the private key '%1' from the token '%2 (#%3)' ? Apagar a chave privada '%1' do dispositivo '%2 (#%3)' ? This Key is already on the token Esta chave já está no dispositivo PIN input aborted Entrada de PIN cancelada Unable to find copied key on the token Impossibilitado de achar a chave copiada no dispositivo Please insert card: %1 %2 [%3] with Serial: %4 Favor inserir o cartão: %1 %2 [%3] n° de série: %4 Select Slot of %1 Selecionar o Canal de %1 Unable to find generated key on card Imossibibilidade de localizar a chave gerada no cartão Token %1 Dispositivo %1 Failed to find the key on the token A busca pela chave no dispositivo falhou Invalid Pin for the token O PIN para o dispositivo é inválido Failed to initialize the key on the token A inicialização da chave no dispositivo falhou pki_temp Successfully imported the XCA template '%1' O modelo XCA '%1' foi importado com sucesso Delete the XCA template '%1'? Apagar o Modelo XCA '%1'? Successfully created the XCA template '%1' O modelo XCA '%1' foi criado com sucesso Delete the %1 XCA templates: %2? Apagar o Modelo XCA n° %1 dos modelos: %2? Delete the %n XCA template(s): '%1'? Apagar o %n Modelo XCA: '%1'? Apagar os %n Modelos XCA: '%1'? Wrong Size %1 Tamanho Errado %1 Template file content error (too small) Conteúdo do Modelo com erro (muito pequeno) Not a PEM encoded XCA Template Não é Modelo XCA codificado em PEM Not an XCA Template, but '%1' Não é um modelo XCA, mas '%1' pki_x509 Successfully imported the certificate '%1' O certificado '%1' foi importado com sucesso Delete the certificate '%1'? Apagar o Certificado '%1'? Successfully created the certificate '%1' O certificado '%1' criado com sucesso Delete the %1 certificates: %2? Apagar %1 dos certificados: %2? Delete the %n certificate(s): '%1'? Apagar o %n certificado: '%1'? Apagar os %n certificados: '%1'? Unable to load the certificate in file %1. Tried PEM and DER certificate. Impossibilidade de carregar certificado no arquivo %1. Tentativas de certificado PEM e DER falharam. Invalid OpenVPN tls-auth key Chave de Autent TLS OpenVPN Inválida Failed to import tls-auth key Falha ao importar a chave de autent TLS Same tls-auth key already stored for this CA A mesma chave de autentic TLS já foi armazenada para este CA New tls-auth key successfully imported Nova chave de autentic TLS importada com sucesso Existing tls-auth key successfully replaced Chave de autentic TLS existente substituída com sucesso This certificate is already on the security token Este certificado já existe no dispositivo de segurança Delete the certificate '%1' from the token '%2 (#%3)'? Apagar o certificado '%1' do dispositivo '%2 (#%3)' ? There is no key for signing ! Não há qualquer chave para assinar! No Não Yes Sim Renew certificate: %1 Renovar Certificado: %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' O certificado XCA '%1', emitido em %2, expirará em %3. Ela está armazenada no Banco de Dados XCA '%4' pki_x509req Signing key not valid (public key) Chave de Assinatura inválida (chave pública) Successfully imported the %1 certificate request '%2' A requisição de certificado tipo %1, '%2', foi importada com sucesso Delete the %1 certificate request '%2'? Apagar a requisição de certificado do tipo %1, '%2'? Successfully created the %1 certificate request '%2' A requisição de certificado tipo %1, '%2', foi criada com sucesso Delete the %1 certificate requests: %2? Apagar a requisição de certificado do tipo %1, '%2'? Successfully imported the PKCS#10 certificate request '%1' Importado com sucesso a requisição de Certificado PKCS#10 '%1' Delete the %n PKCS#10 certificate request(s): '%1'? Apagar %n requisição de Certificado PKCS#10: '%1'? Apagar as %n requisições de Certificados PKCS#10: '%1'? Successfully created the PKCS#10 certificate request '%1' Criado com sucesso a requisição de certificado PKCS#10 '%1' Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. Impossibilidade de carregar a requisição de certificado no arquivo %1. Tentativas de formato PEM, DER e SPKAC falharam. Signed Assinado Unhandled Não processado v3ext Copy Common Name Copiar o Common Name (CN) Add Adicionar Delete Apagar Apply Aplicar Validate Validar Cancel Cancelar An email address or 'copy' Um e-mail ou 'copy' An email address Um e-mail A registered ID: OBJECT IDENTIFIER Um ID registrado: OBJECT IDENTIFIER A uniform resource indicator Um URI (uniform resource indicator) A DNS domain name or 'copycn' Um nome de domínio DNS ou 'copycn' A DNS domain name Um nome de domínio DNS An IP address Um Endereço IP Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' Sintaxe: <OID>;TYPE:texto similar a '1.2.3.4:UTF8:nome' No editing. Only 'copy' allowed here Edição não permitida. Somente 'copy' é permitido aqui Validation failed: '%1' %2 Falha de Validação: '%1' %2 Validation successful: '%1' Validação com sucesso: '%1' xcaWarningGui Copy to Clipboard Copiar para a Área de Transferência xca-RELEASE.2.9.0/lang/xca_ru.ts000066400000000000000000007255331477156507700161700ustar00rootroot00000000000000 About Done Готово CaProperties Next serial for signing "подписи" благозвучнее, чем "подписания" / better wording Следующий серийный номер для подписи Form От Days until next CRL issuing 'CRL' лучше не переводить, мне кажется Дней до следующего выпуска CRL Default template Шаблон по-умолчанию CA Properties Свойства ЦС Use random Serial numbers Использовать случайные cерийные номера CertDetail Show extensions there was a typo, sorry Показать расширения Show public key показать открытый ключ This key is not in the database. Этого ключа нет в базе данных. Not available Недоступен No verification errors found. Signer unknown Издатель неизвестен Self signed Самозаверенный Revoked at %1 Отозван %1 Not trusted Не доверенный Trusted Доверенный Revoked: Отозванный: Not valid Недействительный Valid Действительный Details of the certificate signing request Сведения о запросе на получение сертификата Details of the Certificate Сведения о сертификате S&tatus С&татус Serial Серийный номер The serial number of the certificate Серийный номер сертификата The internal name of the certificate in the database Внутреннее имя сертификата Internal name Внутреннее имя Signature algorithm Алгоритм подписи Signature Подпись Key Ключ Fingerprints Отпечатки SHA1 SHA1 MD5 MD5 A SHA-1 hashsum of the certificate SHA-1 отпечаток сертификата An md5 hashsum of the certificate MD5 отпечаток сертификата Status Состояние SHA256 SHA256 A SHA-256 hashsum of the certificate SHA-256 отпечаток сертификата Validity Период действия The time since the certificate is valid Сертификат действителен с The time until the certificate is valid Сертификат действителен по Subject Субъект Issuer Издатель Extensions Расширения Validation Purposes Strict RFC 5280 validation Comment Комментарий &Subject &Субъект &Issuer &Издатель Attributes Атрибуты &Extensions &Расширения Show config Показать конфигурацию CertExtend This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. Это позволит создать копию сертификата с новым серийным номером и скорректированным значением срока действия. Validity единообразия для Период действия Not before Сертификат действителен с Not after Сертификат действителен по Time range Выбор периода Days Дней Months Месяцев Years Лет Midnight Начинать с полуночи Apply Применить Revoke old certificate Отозвать старый сертификат Replace old certificate Заменить старый сертификат Keep serial number Сохранить серийный номер Certificate renewal Продление сертификата Local time По местному времени No well-defined expiration Конечный срок не определён The certificate will be earlier valid than the signer. This is probably not what you want. Срок действия сертификата начинается раньше срока действия издателя. Скорее всего, здесь ошибка. Edit dates Изменить период Abort rollout Прервать Continue rollout Продолжить всё равно Adjust date and continue Скорректировать дату и продолжить The certificate will be longer valid than the signer. This is probably not what you want. Срок действия сертификата больше срока действия издателя. Скорее всего, здесь ошибка. CertTreeView Hide unusable certificates Import PKCS#12 Ипорт PKCS#12 Import from PKCS#7 Импорт из PKCS#7 Request Запрос Security token Модуль защиты Other token Другой модуль защиты Similar Certificate Похожий сертификат Delete from Security token Удалить из модуля защиты CA ЦС Properties Свойства Generate CRL Сгенерировать CRL Manage revocations Управление отзывами Import OpenVPN tls-auth key Plain View В виде списка Tree View В виде дерева days дней No template Нет шаблона CA Properties Свойства ЦС Certificate export Экспортировать сертификат X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) Сертификаты X509 ( *.pem *.cer *.crt *.p12 *.p7b ) vCalendar entry ( *.ics ) OpenVPN file ( *.ovpn ) OpenVPN tls-auth key ( *.key ) Trust Доверять Renewal Продлить Revoke Отозвать Unrevoke Вернуть ClickLabel Double click for details Щёлкните дважды, чтобы просмотреть сведения CrlDetail Name Внутреннее имя Failed Ошибка Unknown signer Неизвестный издатель Verification not possible Проверка не возможна Details of the Revocation list Сведения о CRL &Status &Состояние Version Версия Signature Подпись Signed by Подписан The internal name of the CRL in the database 'CRL' лучше не переводить, мне кажется Внутреннее имя CRL issuing dates Даты публикации Next update Следующее обновление Last update Последнее обновление &Issuer &Издатель &Extensions &Расширения &Revocation list &Список отзыва Comment Комментарий CrlTreeView There are no CA certificates for CRL generation Нет ЦС для генерирования CRL Select CA certificate Выберите сертификат ЦС Revocation list export Экспорт списка отзывов CRL ( *.pem *.der *.crl ) Списки отзыва ( *.pem *.der *.crl );; vCalendar entry ( *.ics ) ExportDialog Name Внутреннее имя The internal name of the CRL in the database Внутреннее имя CRL ... ... Filename Имя файла Each Item in a separate file Same encryption password for all items Export comment into PEM file Экспортировать комментарий в файл PEM Export Format Формат для экспорта All files ( * ) Все файлы ( * ) PEM Text format with headers Текстовый PEM формат с заголовками Concatenated list of all selected items in one PEM text file Все выбранные элементы в одном PEM файле Concatenated text format of the complete certificate chain in one PEM file Вся цепочка сертификации в одном PEM файле Concatenated text format of all trusted certificates in one PEM file Сцепленные вместе все доверенные сертификаты в одном PEM файле Concatenated text format of all certificates in one PEM file Все сертификаты в одном PEM файле Binary DER encoded file Двоичный DER формат PKCS#7 encoded single certificate Отдельный сертификат в формате PKCS#7 PKCS#7 encoded complete certificate chain Вся цепочка сертификации в формате PKCS#7 All trusted certificates encoded in one PKCS#7 file Все доверенные сертификаты в одном PKCS#7 файле Concatenated text format of all unrevoked certificates in one PEM file Все неотозванные сертификаты в одном PEM файле All unrevoked certificates encoded in one PKCS#7 file Все неотозванные сертификаты в одном PKCS#7 файле All selected certificates encoded in one PKCS#7 file Все выбранные сертификаты в одном PKCS#7 файле All certificates encoded in one PKCS#7 file Все сертификаты в одном PKCS#7 файле The certificate and the private key as encrypted PKCS#12 file Сертификат и закрытый ключ в зашифрованном PKCS#12 файле The complete certificate chain and the private key as encrypted PKCS#12 file Вся цепочка сертификатов и закртый ключ в зашифрованном PKCS#12 файле Concatenation of the certificate and the unencrypted private key in one PEM file Сертификат и нешифрованный закрытый ключ в одном PEM файле Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Сертификат и зашифрованный закрытый ключ в одном PKCS#8 файле Text format of the public key in one PEM file Открытый ключ в текстовом формате PEM Binary DER format of the public key Открытый ключ в двоичном формате DER Unencrypted private key in text format Закрытый ключ в тектовом формате без пароля OpenSSL specific encrypted private key in text format Закрытый ключ в тектовом формате OpenSSL без пароля Unencrypted private key in binary DER format Закрытый ключ в двоичном формате DER без пароля Unencrypted private key in PKCS#8 text format Закрытый ключ в текстовом формате PKCS#8 без пароля Encrypted private key in PKCS#8 text format Закрытый ключ в текстовом формате PKCS#8 с паролем The public key encoded in SSH2 format Открытый ключ в формате SSH2 OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool Список сертификатов в тектовом формате OpenSSL, который создаётся командой 'ca', необходимый для OCSP vCalendar expiry reminder for the selected items Напоминание об окончании срока для выбранных сертификатов в формате vCalendar vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL Напоминание об окончании срока для всех сертификатов ЦС и CRL в формате vCalendar Private key in Microsoft PVK format not encrypted Закрытый ключ в формате Microsoft PVK без пароля Encrypted private key in Microsoft PVK format Закрытый ключ в формате Microsoft PVK с паролем %n selected item(s) The file: '%1' already exists! Файл '%1' уже существует! Overwrite Перезаписать Do not overwrite Не перезаписывать The path: '%1' exist, but is not a file The path: '%1' exist, but is not a directory The directory: '%1' does not exist. Should it be created? Create Создать Failed to create directory '%1' Не удалось создать папку '%1' Directory Папка Form last update последнее обновление next update слегдующее обновление Days Дней Months Месяцев Years Лет Apply Применить Midnight Начинать с полуночи Local time По местному времени No well-defined expiration Конечный срок не определён Help << << >> >> &Done &Готово ImportMulti Details Показать сведения Import &All Импортировать &всё &Import &Импортировать &Done &Готово Details of the item '%1' cannot be shown Невозможно отобразить сведения о '%1' The type of the item '%1' is not recognized Тип элемента '%1' невозможно определить Could not open the default database Не удалось открыть базу данных по умолчанию The file '%1' did not contain PKI data В файле '%1' данных PKI не обнаружено The %1 files: '%2' did not contain PKI data %1 файла(ов) не содержали данных PKI: '%2' Import PKI Items Импортировать элементы PKI &Remove from list &Удалить из списка Delete from token Удалить из модуля защиты Rename on token Переименовать в модуле защиты Name: %1 Model: %2 Serial: %3 Название: %1 Модель: %2 Серийный номер: %3 Manage security token Управление модулями защиты ItemProperties Name Внутреннее имя Source Источник Insertion date Дата добавления Comment Комментарий KeyDetail Available Известна Not available Неизвестна Name Внутреннее имя The internal name of the key used by xca Внутреннее имя ключа Keysize Длина ключа Private Exponent Закрытая экспонента Security Token Модуль защиты Label Название PKCS#11 ID Идентификатор PKCS#11 Token information Сведения о модуле защиты Model Модель Fingerprint Отпечаток Comment Комментарий Public Exponent Открытая экспонента Modulus Модуль Sub prime Полупростое Public key Открытый ключ Private key Закрытый ключ Security token Модуль защиты Manufacturer Изготовитель Serial Серийный номер Key Ключ Token Модуль защиты Curve name Эллиптическая кривая Details of the %1 key Сведения о ключе %1 Security token ID:%1 ID модуля защиты:%1 Unknown key Неизвестный ключ KeyTreeView Clipboard format формат буфера обмена Change password Изменить пароль Reset password Сбросить пароль Change PIN Изменить PIN Init PIN with SO PIN (PUK) Инициализировать PIN при помощи SO PIN (PUK) Change SO PIN (PUK) Изменить SO PIN (PUK) Security token Модуль защиты This is not a token Это не модуль защиты Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable Заменить ли исходный ключ '%1' на ключ в модуле защиты? Ключ '%1' будет безвозвратно удалён Key export экспорт ключа SSH Private Keys ( *.priv ) Microsoft PVK Keys ( *.pvk ) Export public key [%1] Экспортировать открытый ключ [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Закрытые ключи ( *.pem *.der *.pk8 );; Открытые ключи SSH ( *.pub ) MainWindow Password Пароль Password verify error, please try again Неверный пароль, попробуйте еще раз &Close DataBase &Закрыть базу данных &Content &Справка &File &Файл Recent DataBases Недавно открытые базы данных System Язык системы Croatian Хорватский English Английский French Французский German Немецкий Japanese Японский Korean Russian Русский Slovak Словацкий Spanish Испанский Persian Персидский Bulgarian Болгарский Polish Польский Italian Итальянский Chinese Китайский Dutch Нидерландский Portuguese in Brazil Бразильский португальский Indonesian Индонезийский Turkish Турецкий Language Язык Open Remote DataBase Открыть сетевую базу данных Paste PEM file Вставить файл PEM Token Модуль защиты Extra Дополнительно &Export Certificate Index Экспортировать &список сертификатов &Export Certificate Index hierarchy Экспортировать &иерархию сертификатов OID Resolver Поиск OID &Help &Помощь New Password Новый Пароль The following error occurred: Произошла ошибка: Copy to Clipboard Копировать в буфер обмена Private Keys Закрытые ключи &New Key &Новый ключ &Export &Экспорт &Import &Импорт Import PFX (PKCS#12) Импорт PFX (PKCS#12) &Show Details &Показать сведения &Delete &Удалить Certificate signing requests Запросы на получение сертификата &New Request &Новый запрос Certificates Сертификаты &New Certificate &Новый сертификат Import &PKCS#12 Импорт &PKCS#12 Import P&KCS#7 Импорт P&KCS#7 Plain View В виде списка Templates Шаблоны &New Template &Новый шаблон Ch&ange Template Из&менить шаблон Revocation lists Списки отзыва сертификатов &New CRL &Новый CRL Database База данных The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. Выбранная в данный момент хэш-функция '%1' не надёжна. Пожалуйста, выберите хотя бы 'SHA 224' из соображений безопасности. Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Открываемая база данных сохранена в старом формате. Создаём запасную копию в файле '%1' и преобразуем базу данных в новый формат Failed to rename the database file, because the target already exists Не удалось переименовать файл базы данных, потому что файл с таким именем уже существует No deleted items found Нет удаленных записей Errors detected and repaired while deleting outdated items from the database. A backup file was created Во время удаления устаревших данных из базы данных были обнаружены и исправлены ошибки. Создана запасная копия базы данных Removing deleted or outdated items from the database failed. Во время удаления устаревших данных из базы данных произошла ошибка. &Dump DataBase &Сделать дамп базы данных &Import old db_dump &Импорт дампа базы данных &Undelete items &Восстановить удаленные элементы Options Настройки New DataBase Новая база данных Open DataBase Открыть базу данных Close DataBase Закрыть базу данных Keys Ключи Requests Запросы PKCS#12 PKCS#12 PKCS#7 PKCS#7 Template Шаблоны Revocation list Список отзыва сертификатов PEM file PEM файл Database dump ( *.dump );; All files ( * ) Дамп базы данных ( *.dump );; Все файлы ( * ) Import password Пароль при импорте Please enter the password of the old database Пожалуйста, введите пароль от старой базы данных Password verification error. Ignore keys ? Неверный пароль. Игнорировать ключи? Import anyway Импортировать всё равно I&mport И&мпорт Export Certificate &Index hierarchy Экспортировать &иерархию сертификатов Content Содержание About О программе Search Поиск Import PEM data Импортировать PEM данные Please enter the new SO PIN (PUK) for the token '%1' Пожалуйста, введите новый PIN SO (PUK) для модуля защиты '%1' The new label of the token '%1' Новое название модуля защиты '%1' Please enter the new password to encrypt your private keys in the database-file Пожалуйста, введите новый пароль для шифрования закрытых ключей в базе данных Please enter a password, that will be used to encrypt your private keys in the database file: %1 Пожалуйста, введите пароль для шифрования закрытых ключей в базе данных: %1 Please enter the password for unlocking the database: %1 Пожалуйста, введите пароль для разблокировки базы данных %1 Certificate Index ( index.txt ) Список сертификатов ( index.txt ) All files ( * ) Все файлы ( * ) Diffie-Hellman parameters saved as: %1 Параметры Диффи — Хеллмана сохранены в %1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits Параметры Диффи — Хеллмана нужны для других приложений, и не используются в XCA. Пожалуйста, введите желаемую длину параметров &New DataBase &Новая база данных &Open DataBase &Открыть базу данных &Init Security token &Инициализировать модуль защиты C&hange DataBase password Из&менить пароль базы данных Exit Выход no such option: %1 нет таких параметров: %1 Using or exporting private keys will not be possible without providing the correct password Использование или экспорт закрытых ключей будет невозможен без ввода правильного пароля Please enter the original SO PIN (PUK) of the token '%1' Пожалуйста, введите первоначальный PIN SO (PUK) для модуля защиты '%1' The token '%1' did not contain any keys or certificates Модуль защиты '%1' не содержит ни ключей, ни сертификатов Retry with PIN Повторить ввод PIN Retry with SO PIN Повторить ввод SO PIN Current Password Действующий пароль Please enter the current database password Пожалуйста, введите действующий пароль от базы данных The entered password is wrong Введённый пароль неверен Transaction start failed Не удалось начать транзакцию Database: %1 можно сократить как БД База данных: %1 The currently used PFX / PKCS#12 algorithm '%1' is insecure. Используемый алгоритм "%1" PFX / PKCS#12 небезопасен. Change Изменить Please enter a password, that will be used to encrypt your private keys in the database: %1 Пожалуйста, введите пароль, который будет использован для зашифровки закрытых ключей в базе данных: %1 Error opening file: '%1': %2 Ошибка при открытии файла: '%1': %2 Generate DH parameter Сгенерировать параметры Диффи — Хеллмана Set as default DataBase Установить как базу данных по умолчанию &Token as translated in firefox for example &Модуль защиты &Manage Security token &Управление модулями защиты &Change PIN &Изменить PIN Change &SO PIN Изменить &SO PIN Init PIN Инициализировать PIN NewCrl Create CRL Новый CRL Days Дней Months Месяцев Years Лет Midnight Начинать с полуночи Local time По местному времени Apply Применить CRL number Порядковый номер CRL Hash algorithm Алгоритм подписи Authority key identifier Идентификатор ключа ЦС Subject alternative name Альтернативное имя субъекта Options Параметры Last update Последнее обновление Next update Следующее обновление Revocation reasons Указывать причину отзыва NewKey Please give a name to the new key and select the desired keysize Пожалуйста, введите название нового ключа и задайте длину ключа Key properties Параметры ключа Name Внутреннее имя Curve name Эллиптическая кривая Keysize Длина ключа Remember as default Использовать заданные здесь параметры по умолчанию The internal name of the new key Внутреннее имя нового ключа New Key Новый ключ Usually at least 2048 bit keys are recommended Обычно рекомендуется генерировать как минимум 2048-битные ключи Keytype Тип ключа Create Создать NewX509 Source Первоисточник Signing request Запрос на подпись Show request Показать запрос Sign this Certificate signing &request Подписать этот &запрос на подпись Copy extensions from the request Копировать расширения из запроса Signing Подписание Create a &self signed certificate with the serial Создать &самоподписанный сертификат с серийным номером If you leave this blank the serial 00 will be used Если оставить это поле пустым, будет использован серийный номер 00 1 1 All certificates in your database that can create valid signatures Все сертификаты в базе данных, которыми можно создать действительные подписи Signature algorithm Алгоритм подписи Template for the new certificate Шаблон для нового сертификата All available templates Все доступные шаблоны Internal Name Внутреннее имя Apply Применить Subject Субъект Create a &self signed certificate Создать &самозаверенный сертификат Use &this Certificate for signing вероятно, имеется в виду ЦС &Использовать этот сертификат для подписи Distinguished name Уникальное имя This name is only used internally and does not appear in the resulting certificate Это имя используется XCA и не оказывается в итоговом сертификате Internal name Внутреннее имя Add Добавить Delete Удалить Private key Закрытый ключ This list only contains unused keys Этот список содержит только неиспользованные ключи Used keys too Добавить в список использованные ключи &Generate a new key &Сгенерировать новый ключ Extensions Расширения Type Тип If this will become a CA certificate or not Это будет сертификат для ЦС или для конечного субъекта Not defined Не определен Certification Authority Центр Сертификации End Entity Конечный субъект Path length Длина цепочки How much CAs may be below this. Сколько ЦС может быть в цепочке. The basic constraints should always be critical Основные ограничения всегда должны быть отмечены критичными Key identifier Идентификотор ключа Creates a hash of the key following the PKIX guidelines Создаёт хэш ключа в соответствии с инструкциями PKIX Copy the Subject Key Identifier from the issuer Копировать идентификатор ключа субъекта у издателя Validity Период действия Not before Сертификат действителен с Not after Сертификат действителен по Time range Выбор периода Days Дней Months Месяцев Years Лет Set the time to 00:00:00 and 23:59:59 respectively Начало и конец - в полночь Midnight Начинать с полуночи Local time По местному времени URI: URI: Comment Комментарий can be altered by the file "aia.txt" может быть изменен в файле "aia.txt" Edit Редактировать DNS: IP: URI: email: RID: DNS: IP: URI: email: RID: Key usage Область применения ключа Netscape Netscape Create a &self signed certificate with a MD5-hashed QA serial Создать &самоподписанный сертификат с серийным номером хэшированным MD5 Create Certificate signing request Создать запрос на сертификат Create x509 Certificate Создать сертификат x509 Abort rollout Прервать The following length restrictions of RFC3280 are violated: Требования RFC3280 по длине нарушены: The internal name and the common name are empty. Please set at least the internal name. Поля "Внутреннее имя" и "Общее имя"пусты. Пожалуйста, укажите хотябы внутреннее имя. There is no Key selected for signing. Не выбран ключ для подписи. Continue rollout Продолжить The certificate will be out of date before it becomes valid. You most probably mixed up both dates. Срок действия сертификата истечёт до того, как он станет действительным. Скорее всего, даты перепутаны. Modify subject of the request Изменить субъекта в запросе Advanced Дополнительно Validate Проверить The verification of the Certificate request failed. The rollout should be aborted. Проверка запроса на подпись завершилась ошибкой. Необходимо отменить операцию. Continue anyway Продолжать всё равно No well-defined expiration Конечный срок не определён Edit name Изменить имя Select key Выберите ключ The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. Следующие уникальные имена пусты: %1 хотя они были объявлены обязательными в параметрах. Edit subject Изменить субъекта Edit dates Изменить даты The key you selected for signing is not a private one. Выбранный для подписи ключ не закрытый. Critical Критично Create XCA template Создать шаблон XCA Edit XCA template Редактировать шаблон XCA Template '%1' applied Применён шаблон %1 Subject applied from template '%1' Субъект подставлен из шаблона '%1' Extensions applied from template '%1' Расширения подставлены из шаблона '%1' New key '%1' created Создан новый ключ '%1' Error Ошибка duplicate extensions повторяющиеся расширения The Name Constraints are invalid The Subject Alternative Name is invalid Недопустимое альтернативное имя субъекта The Issuer Alternative Name is invalid эмитента или издатель? Недопустимое Альтернативное имя издателя The CRL Distribution Point is invalid Недопустимая точка распространения списка отозванных сертификатов The Authority Information Access is invalid Недопустимая информация о полномочиях доступа Select other signer Выберите другого издателя Select other key Выберите другой ключ The currently selected hash algorithm '%1' is insecure and should not be used. Выбранный алгоритм хэширования '%1' небезопасен и не должен использоваться. Select other algorithm Выбрать другой алгоритм Use algorithm anyway Всё равно использовать этот алгоритм The certificate will be earlier valid than the signer. This is probably not what you want. Срок действия сертификата начинается раньше срока действия издателя. Скорее всего, здесь ошибка. Adjust date and continue Скорректировать дату и продолжить The certificate will be longer valid than the signer. This is probably not what you want. Срок действия сертификата больше срока действия издателя. Скорее всего, здесь ошибка. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. Сертификат содержит недействительные либо дублированные расширения. Необходимо выполнить проверку во вкладке "Дополнительно". The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. У сертификата отсутствуют расширения. Вы можете подставить расширения из одного из шаблонов, чтобы определить назначение сертификата. The certificate contains invalid extensions. Сертификат содержит недопустимые расширения. Edit extensions Редактировать расширения The subject alternative name shall contain a copy of the common name. However, the common name is empty. Поле "Альтернативное имя субъекта" должно быть скопировано из поля "Общее имя". Но поле "Общее имя" пусто. A name constraint of the issuer '%1' is violated: %2 Apply extensions Применить расширения Apply subject Применить субъекта Apply all Применить всё minimum size: %1 минимальный размер: %1 maximum size: %1 максимальный размер: %1 only a-z A-Z 0-9 '()+,-./:=? только a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters только 7-битные символы From PKCS#10 request Из запроса PKCS#10 Other Tabs Другие вкладки Advanced Tab Вкладка "Дополнительно" Errors Ошибки Configfile error on line %1 Ошибкав кофигурационном файле в строке %1 OidResolver OID Resolver Поиск OID Enter the OID, the Nid, or one of the textual representations Введите OID, Nid, или одно из текстовых представлений Search Поиск OID OID Long name Полное название OpenSSL internal ID Внутренний ID OpenSSL Nid Nid Short name Краткое название OpenDb Dialog Поиск Open remote database Открыть сетевую базу данных Database type Тип базы данных Hostname Имя хоста Username Имя пользователя Password Пароль Database name Название базы данных Table prefix Префикс для таблиц No SqLite3 driver available. Please install the qt-sqlite package of your distribution Драйвер SqLite3 недоступен. Пожалуйста, установите пакет qt-sqlite вашего дистрибутива Please enter the password to access the database server %2 as user '%1'. Пожалуйста, введите пароль для доступа к серверу баз данных %2 от имени пользователя '%1'. The database driver does not support transactions. This may happen if the client and server have different versions. Continue with care. Драйвер сервера баз данных не поддерживает транзакции. Это может произойти, если сервер и клиент разных версий. Продолжайте с осторожностью. Options Mandatory subject entries Обязательные поля Add Добавить Delete Удалить Default hash algorithm Алгоритм подписи по-умолчанию Settings Настройки String types Типы строк Suppress success messages Не выводить сообщения об успешном выполнении Don't colorize expired certificates Не выделять цветом просроченные сертификаты Translate established x509 terms (%1 -> %2) Преобразовывать устоявшиеся поля x509 (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. Хэш-функции из модуля защиты не используются XCA. Однако можно ограничить используемые хэш-функции согласно модулю защиты. В-особенности с EC и DSA, которые в спецификации PKCS#11 определены с SHA1. Only use hashes supported by the token when signing with a token key При использовании модуля защиты применять только те хэш-функции, которые доступны в модуле Disable legacy Netscape extensions Отключить устаревшие расширения Netscape PKCS12 encryption algorithm алгоритм шифрования PKCS12 Certificate expiry warning threshold Порог для уведомления об истечении срока действия Send vCalendar expiry reminder Отправить напоминание об окончании срока в формате vCalendar Serial number length Длина серийного номера bit бит Distinguished name Уникальное имя Explicit subject entries Явно заданные поля Dynamically arrange explicit subject entries Динамически отсортировать элементы Default По-умолчанию PKCS#11 provider Провайдер PKCS#11 Remove Удалить Search Поиск UTF8 strings only (RFC2459) Только строки UTF8 (RFC2459) Printable string or UTF8 (default) Печатаемые строки или UTF8 (по-умолчанию) PKIX recommendation in RFC2459 Рекоммендации PKIX из RFC2459 No BMP strings, only printable and T61 Без строк из BMP, только печатаемые и T61 All strings Все строки Days Дней Weeks Недель Load failed Ошибка при загрузке XCA Options Параметры XCA PwDialog Password Пароль Repeat %1 Повторите %1 %1 mismatch %1 не соответствуют Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters Шестнадцатеричный пароль должен содержать символы '0 '- '9' и 'a' - 'f' и должен состоять из четного числа символов Exit Выход E&xit &Выход The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) Пароль обрабатывается как 2-символьный шестнадцатеричный код, должен содержать символы '0 '- '9' и 'a' - 'f' и состоять из четного числа символов Take as HEX string Считать шестнадцатеричной строкой QMessageBox Close Закрыть Cancel Отменить Apply Применить Yes Да No Нет QObject PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK Keys ( *.pvk );; SSH Public Keys ( *.pub );; Ключи PKI ( *.pem *.der *.key );; Ключи PKCS#8 ( *.p8 *.pk8 );; Ключи Microsoft PVK ( *.pvk );; Открытые ключи SSH ( *.pub );; Import RSA key Импортировать RSA ключ PKCS#10 CSR ( *.pem *.der *.csr );; Запрос на сертификат PKCS#10 ( *.pem *.der *.csr );; Import Request Импортировать запрос Import X.509 Certificate Импортировать X.509 сертификат Import PKCS#7 Certificates Импортировать сертификат PKCS#7 Import PKCS#12 Private Certificate Импортировать закрытый сертификат PKCS#12 Import XCA Templates Импортировать шаблоны XCA Import Certificate Revocation List Импортировать CRL Open XCA Database Открыть базу данных XCA PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; SSH Public Keys ( *.pub );; Ключи PKI ( *.pem *.der *.key );; Ключи PKCS#8 ( *.p8 *.pk8 );; Открытые ключи SSH ( *.pub );; PKCS#10 CSR ( *.pem *.der *.csr );; Netscape Request ( *.spkac *.spc );; PKCS#10 CSR ( *.pem *.der *.csr );; Запрос Netscape ( *.spkac *.spc );; Certificates ( *.pem *.der *.crt *.cer );; Сертификаты ( *.pem *.der *.crt *.cer );; PKCS#7 data ( *.p7s *.p7m *.p7b );; Данные PKCS#7 ( *.p7s *.p7m *.p7b );; PKCS#12 Certificates ( *.p12 *.pfx );; Сертификаты PKCS#12 ( *.p12 *.pfx );; XCA templates ( *.xca );; Шаблоны XCA ( *.xca );; Revocation lists ( *.pem *.der *.crl );; Списки отзыва ( *.pem *.der *.crl );; XCA Databases ( *.xdb );; Базы данных XCA ( *.xdb );; OpenVPN tls-auth key ( *.key );; Import OpenVPN tls-auth key PKCS#11 library ( *.dylib *.so );; Библиотека PKCS#11 ( *.dylib *.so );; PEM files ( *.pem );; Файлы PEM ( *.pem );; Load PEM encoded file Открыть файл PEM Invalid Неверный %1 is shorter than %2 bytes: '%3' %1 короче, чем %2 байт: '%3' %1 is longer than %2 bytes: '%3' %1 длиннее, чем %2 байт: '%3' All files ( * ) Все файлы ( * ) Undefined Неопределённый Broken / Invalid Испорчен / Недействителен in %1 seconds Через %1 секунд %1 seconds ago %1 секунд назад in %1 minutes Через %1 минут %1 minutes ago %1 минут назад Yesterday Вчера Tomorrow Завтра in %1 hours Через %1 часов %1 hours ago %1 часов назад DB: Rename: '%1' already in use DB: Rename: '%1' уже используется DB: Entry to rename not found: %1 DB: Не найдено значение для переименования: %1 PKCS#11 library ( *.dll );; Библиотека PKCS#11 ( *.dll );; PKCS#11 library ( *.so );; Библиотека PKCS#11 ( *.so );; Open PKCS#11 shared library Открыть библиотеку PKCS#11 DB: Write error %1 - %2 DB: Ошибка записи %1 - %2 Please enter the PIN on the PinPad Пожалуйста, введите PIN-код Please enter the SO PIN (PUK) of the token %1 Пожалуйста, введите SO PIN (PUK) модуля защиты %1 Please enter the PIN of the token %1 Пожалуйста, введите PIN-код модуля защиты %1 No Security token found Не найдено модулей защиты Out of Memory at %1:%2 Недостаточно памяти %1:%2 Out of data Нет данных Error finding endmarker of string Не найден символ конца строки Select Выберите Please enter the new SO PIN (PUK) for the token: '%1' Пожалуйста, введите новый PIN SO (PUK) для модуля защиты '%1' Please enter the new PIN for the token: '%1' Пожалуйста, введите новый PIN SO (PUK) для модуля защиты '%1' Required PIN size: %1 - %2 Требуемая длина PIN-кода: %1 - %2 Failed to open PKCS11 library: %1 Невозможно открыть библиотеку PKCS#11: %1 Invalid filename: %1 Недействительное имя файла: %1 Failed to open PKCS11 library: %1: %2 Невозможно открыть библиотеку PKCS#11 %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Это не похоже на библиотеку PKCS#11. Не найден символ 'C_GetFunctionList'. Disabled Отключено Library loading failed Загрузка библиотеки не удалась PKCS#11 function '%1' failed: %2 PKCS#11 функция '%1' завершилась ошибкой: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 PKCS#11 функция '%1' завершилась ошибкой: %2 в библиотеке %3 %4 Country code Код страны State or Province Республика, край, область Locality Город, поселок, село Organisation Организация Organisational unit Департамент, отдел Common name Общее имя E-Mail address Адрес электронной почты Serial number Серийный номер Given name Имя Surname Фамилия Title Звание Initials Инициалы Description Описание Role Должность Pseudonym Псевдоним Generation Qualifier трудно подобрать Именная приставка x500 Unique Identifier Уникальный идентификатор x500 Name Имя DN Qualifier трудно подобрать Информация для устранения неоднозначности Unstructured name трудно подобрать Произвольное имя Challenge password Пароль Basic Constraints Основные ограничения Name Constraints Subject alternative name Альтернативное название субъекта issuer alternative name Альтернативное название издателя Subject key identifier Идентификатор ключа субъекта Authority key identifier Идентификатор ключа ЦС Key usage Область применения ключа Extended key usage Расширенная область применения ключа CRL distribution points Адреса CRL Authority information access Доступ к информации о ЦС Certificate type Тип сертификата Base URL Основной URL Revocation URL URL отзывов CA Revocation URL URL отзывов ЦС Certificate renewal URL URL обновления сертификата CA policy URL URL на политики ЦС SSL server name Имя SSL сервера Comment Комментарий String '%1' for '%2' contains invalid characters Строка '%1' содержит неподходящие символы для '%2' Error reading config file %1 at line %2 Ошибка чтения файла настроек %1 в строке %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. Элемент '%1' из файла %2 на строке %3 уже известен как '%4:%5:%6' и должен быть удалён. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. Идентификатор '%1' OID %2 из файла %3 на строке %4 уже использован для другого OID '%5:%6:%7' и должен быть изменён во избежание конфликтов. Unknown object '%1' in file %2 line %3 Низвестный объект '%1' в файле %2 на строке %3 Failed to start a database transaction Не удалось начать транзакцию Index file written to '%1' Файл индекса сохранён как '%1' Index hierarchy written to '%1' Иерархия индекса сохранена как '%1' Unknown key type %1 Неизвестный тип ключа %1 Failed to write PEM data to '%1' Password verify error, please try again Неверный пароль, попробуйте еще раз The following error occurred: Произошла ошибка: Failed to update the database schema to the current version Ошибка обновления схемы БД до текущей версии Password Пароль insecure опасный ReqTreeView Sign Подписать Unmark signed Отметить неподписанные Mark signed Отметить подписанные Similar Request Похожий запрос Certificate request export Экспорт запроса на сертификат Certificate request ( *.pem *.der *.csr ) Запрос на сертификат ( *.pem *.der *.csr ) RevocationList Manage revocations Управление отзывами Add Добавить Delete Удалить Edit Редактировать No. №. Serial Серийный номер Revocation Аннулирован Reason Причина Invalidation Недействительность Generate CRL Сгенерировать CRL Revoke Revocation details Сведения об отзыве Invalid since Недействителен с Local time По местному времени Certificate revocation Отзыв сертификата Revocation reason Причина отзыва Serial Серийный номер SearchPkcs11 Dialog Поиск Directory Папка ... ... Include subdirectories Включая подпапки Search Поиск The following files are possible PKCS#11 libraries Ниже приведён список файлов, которые могут быть библиотеками провайдеров PKCS#11 SelectToken Select Token Выберите Токен Security token Модуль защиты Please select the security token Пожалуйста, выберите модуль защиты TempTreeView Duplicate Дублировать Create certificate Создать сертификат Create request Создать запрос copy копировать Preset Template values Взять значения из шаблона Template export Экспорт шаблона XCA Templates ( *.xca ) Шаблоны XCA ( *.xca ) TrustState Certificate trust Доверие к сертификату Trustment Доверие &Never trust this certificate &Никогда не доверять этому сертификату Only &trust this certificate, if we trust the signer Доверять этому сертификату &только, если есть доверие к подписавшему &Always trust this certificate &Всегда доверять этому сертификату Validity yyyy-MM-dd hh:mm гггг-ММ-дд чч:мм X509SuperTreeView OpenSSL config Конфигурация OpenSSL Transform Преобразовать Template Шаблон Public key Открытый ключ Save as OpenSSL config Сохранить конфигурацию OpenSSL Config files ( *.conf *.cnf);; All files ( * ) Файлы настроек ( *.conf *.cnf );; Все файлы ( * ) XFile Error opening file: '%1': %2 Ошибка при открытии файла: '%1': %2 Error rewinding file: '%1': %2 Ошибка перемотки файла: '%1': %2 XcaDetail Import Импорт XcaTreeView Subject entries Поля субъекта X509v3 Extensions Расширения X509v3 Netscape extensions Расширения Netscape Key properties Параметры ключа Reset Сбросить Remove Column Убрать колонку Item properties Свойства элемента Hide Column Спрятать колонку Details Сведения Columns Колонки Export Password Please enter the password to encrypt all %n exported private key(s) in: %1 Singular form for 0 or 1 item can be ignored. Will always be called with n >= 2 New Новый Import Импорт Paste PEM data Вставить данные PEM Rename Переименовать Properties Свойства Delete Удалить Export Экспорт Clipboard Буфер обмена File Файл Clipboard format формат буфера обмена database_model Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Открываемая база данных сохранена в старом формате. Создаём запасную копию в файле '%1' и преобразуем базу данных в новый формат Failed to rename the database file, because the target already exists Не удалось переименовать файл базы данных, потому что файл с таким именем уже существует Please enter the password to access the database server %2 as user '%1'. Пожалуйста, введите пароль для доступа к серверу баз данных %2 от имени пользователя '%1'. Unable to create '%1': %2 Невозможно создать '%1': %2 The file '%1' is not an XCA database Файл '%1' не является базой данных XCA No SqLite3 driver available. Please install the qt-sqlite package of your distribution Драйвер SqLite3 недоступен. Пожалуйста, установите пакет qt-sqlite вашего дистрибутива New Password Новый Пароль Please enter a password, that will be used to encrypt your private keys in the database: %1 Пожалуйста, введите пароль, который будет использован для зашифровки закрытых ключей в базе данных: %1 Password Пароль Please enter the password for unlocking the database: %1 Пожалуйста, введите пароль для разблокировки базы данных %1 db_base Internal name Внутреннее имя Bad database item Name: %1 Type: %2 Size: %3 %4 Плохой элемент базы данных Имя: %1 Тип: %2 Размер: %3 %4 Do you want to delete the item from the database? The bad item may be extracted into a separate file. Удалить элемент из базы данных? Плохой элемент можно извлечь в отдельный файл. Delete Удалить Delete and extract Удалить и извлечь Continue Продолжить Error opening file: '%1': %2 Ошибка при открытии файла: '%1': %2 No. №. Primary key Первичный ключ Database unique number Уникальный номер в базе данных Date Дата Date of creation or insertion Дата создания или добавления Source Источник Generated, Imported, Transformed Сгенерировано, Импортировано, Преобразовано Comment Комментарий First line of the comment field Первая строчка поля комментария Import from: %1 Импортировать из %1 Could not create directory %1 Не удалось создать папку '%1' Item properties Свойства элемента How to export the %1 selected items Как экспортировать %1 выбранных элементов All in one PEM file Все в один PEM файл Each item in one file Каждый в свой файл Save %1 items in one file as Сохранить %1 элементов в одном файле как PEM files ( *.pem );; All files ( * ) Файлы PEM ( *.pem );; Все файлы ( * ) db_crl Signer Подписавший Internal name of the signer Внутреннее имя подписавего No. revoked Кол. отозванных Number of revoked certificates Количество отозванных сертификатов Last update Последнее обновление Next update Следующее обновление CRL number Кол. отозванных CRL ( *.pem *.der *.crl ) Списки отзыва ( *.pem *.der *.crl );; There are no CA certificates for CRL generation Нет ЦС для генерирования CRL Select CA certificate Выберите сертификат ЦС Create CRL Создать CRL Failed to initiate DB transaction Не удалось начать транзакцию в БД Database error: %1 Ошибка БД: %1 Database error: Ошибка БД: Revocation list export Экспорт списка отзывов The revocation list already exists in the database as: '%1' and so it was not imported Список отзывов уже существует в базе данных: '%1' и поэтому не был импортирован db_key Key size too small ! Слишком маленькая длина ключа! Type Тип Size Длина EC Group Группа EC Use Использован Password Пароль Extending public key from %1 by imported key '%2' Дополняем открытый ключ %1 импортированным ключом '%2' Clipboard Буфер обмена Export public key [%1] Экспортировать открытый ключ [%1] PEM public Открытый ключ PEM DER public Открытый ключ DER SSH2 public Открытый ключ SSH2 DER private Закрытый ключ DER PEM encryped Зашифрованный PEM PEM private Закрытый ключ PEM SSH2 private Закрытый ключ SSH2 Export keys to Clipboard Экспортировать ключи в буфер обмена PVK private Закрытый ключ PVK PVK encrypted Зашифрованный PVK PKCS#8 encrypted Зашифрованный PKCS#8 Export private key [%1] Экспортировать закрытый ключ [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Закрытые ключи ( *.pem *.der *.pk8 );; Открытые ключи SSH ( *.pub ) Internal error Внутренняя ошибка Internal key update: The keys: %1 must be updated once by resetting and setting its private password Обновление внутреннего ключа: Ключи %1 необходимо обновить один раз путем сброса и установки личного пароля Tried to change password of a token Попытка изменить пароль модуля защиты The key is already in the database as: '%1' and is not going to be imported Ключ уже существует в базе данных: '%1' и поэтому не был импортирован The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key Открытый ключ уже существует в базе данных: '%1' и будет дополнен закрытой частью ключа You are sure to create a key of the size: %1 ? Вы уверены, что хотите создать ключ длиной %1 ? db_temp Type Тип Nothing Ничего Empty template Пустой шаблон Preset Template values Взять значения из шаблона Save template as Сохранить шаблон как XCA templates ( *.xca );; All files ( * ) XCA шаблоны ( *.xca );; Все файлы ( * ) Bad template: %1 Неправильный шаблон: %1 db_x509 Serial Серийный номер Trust state Состояние доверия Revocation Аннулирован Expiry date Действителен до reflects the basic Constraints extension отражает расширение основных настроек Start date Действителен с CRL Expiration CRL действителен до Plain View В виде списка Tree View В виде дерева Failed to retrieve unique random serial Не удалось получить уникальный случайный серийный номер Signed on %1 by '%2' Подписан %1 '%2' Unknown Неизвестный Invalid public key Недействительный открытый ключ PKCS#7 unrevoked Неотозванные PKCS#7 vCalendar vCalendar CA vCalendar ЦС vCalendar X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) Сертификаты X509 ( *.pem *.cer *.crt *.p12 *.p7b ) No template Нет шаблона Please enter the new hexadecimal secret number for the QA process. Пожалуйста, введите новое секретное шестнадцатеричное число для QA. The QA process has been terminated by the user. Процесс QA был прерван пользователем. The key you selected for signing is not a private one. Выбранный для подписи ключ не закрытый. CA ЦС MD5 fingerprint Отпечаток MD5 SHA1 fingerprint Отпечаток SHA1 SHA256 fingerprint Отпечаток SHA256 Failed to create directory '%1' Не удалось создать папку '%1' PKCS#7 chain Цепочка PKCS#7 PKCS#12 chain Цепочка PKCS#12 PKCS#7 trusted Доверенный PKCS#7 PKCS#7 all Всё PKCS#7 PEM unrevoked Неотозванные PEM Certificate Index file Файл списка сертификатов Certificate export Экспортировать сертификат X509 Certificates ( *.pem *.cer *.crt *.p12 *.p7b ) Сертификаты X509 ( *.pem *.cer *.crt *.p12 *.p7b ) Not possible for a token key: '%1' Невозможно для модуля защиты: '%1' Error opening file: '%1': %2 Ошибка при открытии файла: '%1': %2 days дней The certificate already exists in the database as: '%1' and so it was not imported Сертификат уже существует в базе данных: '%1' и поэтому не был импортирован Not before Сертификат действителен с Not after Сертификат действителен по PEM chain Цепочка PEM PEM + key PEM + ключ PEM trusted Доверенный PEM PEM all Всё PEM There was no key found for the Certificate: '%1' Для сертификата '%1' не был найден ключ Not possible for the token-key Certificate '%1' Невозможно для сертификата модуля защиты: '%1' Store the certificate to the key on the token '%1 (#%2)' ? Сохранить сертификат ключа в модуле защиты '%1 (#%2)'? db_x509name Subject Субъект Complete distinguished name Полное уникальное имя Subject hash Хэш субъекта Hash to lookup certs in directories Хэш для поиска сертификатов в директориях db_x509req Challenge password Пароль Certificate request export Экспорт запроса на сертификат Certificate request ( *.pem *.der *.csr ) Запрос на сертификат ( *.pem *.der *.csr ) Signed Подписанный whether the request is already signed or not запрос подписан или нет Unstructured name Произвольное имя Certificate count Количество сертификатов Number of certificates in the database with the same public key Количество сертификатов в базе данных с одинаковым открытым ключом The certificate signing request already exists in the database as '%1' and thus was not stored Запрос на подпись уже существует в базе данных: '%1' и поэтому не был импортирован db_x509super Key name Имя ключа Internal name of the key Внутреннее имя ключа Signature algorithm Алгоритм подписи Key type Тип ключа Key size Длина ключа EC Group Группа EC Extracted from %1 '%2' Извлечено из %1 '%2 Certificate Сертификат Certificate request Запрос на сертификат Save as OpenSSL config Сохранить конфигурацию OpenSSL Config files ( *.conf *.cnf);; All files ( * ) Файлы настроек ( *.conf *.cnf );; Все файлы ( * ) The following extensions were not ported into the template Следующие расширения не были перенесены в шаблон Transformed from %1 '%2' Преобразован из %1 '%2' kvView Type Тип Content Содержание pass_info Password Пароль PIN для единообразия PIN-код pkcs11_lib Failed to open PKCS11 library: %1: %2 Невозможно открыть библиотеку PKCS#11 %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Это не похоже на библиотеку PKCS#11. Не найден символ 'C_GetFunctionList'. pki_base Error opening file: '%1': %2 Ошибка при открытии файла: '%1': %2 Error writing to file: '%1': %2 Ошибка при записи в файл: '%1': %2 Unknown Неизвестный Imported Импортирован Generated Сгенерирован Transformed Преобразован Token Модуль защиты Legacy Database База данных в старом формате Renewed Продлён Property '%1' not listed in 'pki_base::print' Свойство '%1' не числится в 'pki_base::print' Error: Ошибка: Internal error: Unexpected message: %1 %2 Внутренняя ошибка: Неожиданное сообщение: %1 %2 pki_crl No issuer given Не указан издатель unknown неизвестный Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. Не удается загрузить список отзыва сертификатов из файла %1. Формат файла, содержащий CRL, должен быть PEM или DER. Successfully imported the revocation list '%1' Список отзыва '%1' импортирован успешно Delete the revocation list '%1'? Удалить список отзыва '%1'? Successfully created the revocation list '%1' Список отзыва '%1' создан успешно Delete the %1 revocation lists: %2? Удалить %1 списки отзыва: %2? Wrong Size %1 Неправильный размер %1 Delete the %n revocation list(s): '%1'? CRL Renewal of CA '%1' due Срок обновления CRL для ЦС '%1' The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' Срок действия новейшего CRL ЦС '%1' истечёт %2. Он сохранён в базе данных '%3' Renew CRL: %1 Продлить CRL %1 The XCA CRL '%1', issued on %3 will expire on %4. It is stored in the XCA database '%5' Срок действия выпущенного %3 XCA CRL '%1' истечёт %4. Он сохранён в базе данных '%5' pki_evp Failed to decrypt the key (bad password) Не удалось расшифровать ключ (неверный пароль) Password input aborted Ввод пароля прерван Please enter the password to protect the private key: '%1' Пожалуйста, введите пароль для защиты закрытого ключа '%1' Please enter the password to decrypt the private key. Пожалуйста, введите пароль для расшифровки закрытого ключа. Please enter the password to decrypt the private key %1. Пожалуйста, введите пароль для расшифровки закрытого ключа %1. The key from file '%1' is incomplete or inconsistent. Ключ из файла '%1' либо неполный, либо ошибочный. Please enter the password to decrypt the private key from file: %1 Пожалуйста, введите пароль для расшифровки закрытого ключа из файла: %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. Не удалось загрузить закрытый ключ из файла %1. Испробованные форматы: PEM, DER закрытый, открытый, ключи типа PKCS#8 и SSH2. Please enter the password to protect the PKCS#8 key '%1' in file: %2 Please enter the password to protect the private key '%1' in file: %2 Ignoring unsupported private key Неподдерживаемый закрытый ключ проигнорирован Please enter the password to decrypt the private key: '%1' Пожалуйста, введите пароль для расшифровки закрытого ключа: '%1' Decryption of private key '%1' failed Не удалось расшифровать закрытый ключ "%1" Please enter the database password for encrypting the key Пожалуйста, введите пароль к базе данных для шифрования ключа Please enter the password protecting the PKCS#8 key '%1' Пожалуйста, введите пароль для защиты PKCS#8 ключа '%1' Please enter the password protecting the Microsoft PVK key '%1' Пожалуйста, введите пароль для защиты ключа Microsoft PVK '%1' Please enter the export password for the private key '%1' Пожалуйста, введите пароль для экспорта закрытого ключа '%1' Please enter the database password for decrypting the key '%1' Пожалуйста, введите пароль к базе данных для расшифровки ключа '%1' pki_export PEM Text format with headers Текстовый PEM формат с заголовками Concatenated list of all selected items in one PEM text file Все выбранные элементы в одном PEM файле PEM selected Concatenated list of all selected certificates in one PEM text file PEM chain Цепочка PEM Concatenated text format of the complete certificate chain in one PEM file Вся цепочка сертификации в одном PEM файле The complete certificate chain and the private key of the selected certificate with tags usable in OpenVPN configuration files Полная цепочка сертификатов и закрытый ключ выбранного сертификата с тегами, которые можно использовать в файлах конфигурации OpenVPN PEM + key PEM + ключ Concatenation of the certificate and the unencrypted private key in one PEM file Сертификат и нешифрованный закрытый ключ в одном PEM файле Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Сертификат и зашифрованный закрытый ключ в одном PKCS#8 файле All unusable Concatenation of all expired or revoked certificates in one PEM file PKCS#7 encoded single certificate Отдельный сертификат в формате PKCS#7 All selected certificates encoded in one PKCS#7 file Все выбранные сертификаты в одном PKCS#7 файле PKCS #7 chain цепочка PKCS#7 PKCS#7 encoded complete certificate chain Вся цепочка сертификации в формате PKCS#7 PKCS #7 unusable PKCS#7 encoded collection of all expired or revoked certificates Binary DER encoded certificate Двоичный DER формат PKCS #12 chain Цепочка PKCS#12 The complete certificate chain and the private key as encrypted PKCS#12 file Вся цепочка сертификатов и закртый ключ в зашифрованном PKCS#12 файле PKCS #12 PKCS#12 The certificate and the private key as encrypted PKCS#12 file Сертификат и закрытый ключ в зашифрованном PKCS#12 файле Certificate Index file Файл списка сертификатов OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool Список сертификатов в тектовом формате OpenSSL, который создаётся командой 'ca', необходимый для OCSP vCalendar vCalendar vCalendar expiry reminder for the selected items Напоминание об окончании срока для выбранных сертификатов в формате vCalendar CA vCalendar ЦС vCalendar vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL Напоминание об окончании срока для всех сертификатов ЦС и CRL в формате vCalendar OpenSSL config Конфигурация OpenSSL OpenSSL configuration file to create a certificate or request with the openssl commandline tool Файл конфигурации OpenSSL для создания сертификата или запроса с помощью openssl OpenVPN tls-auth key ключ tls-аутентификации OpenVPN The OpenVPN tls-auth key is a secret key shared between endpoints Ключ tls-auth OpenVPN — это секретный ключ, общий для всех конечных точек JSON Web Kit The public key of the certificate in JSON Web Kit format with X.509 Certificate Thumbprint (x5t) JSON Web Kit chain The public key of the certificate in JSON Web Kit format with X.509 Certificate Thumbprint (x5t) and certificate chain (x5c) PEM public Открытый ключ PEM Text format of the public key in one PEM file Открытый ключ в текстовом формате PEM PEM private Закрытый ключ PEM Unencrypted private key in text format Закрытый ключ в тектовом формате без пароля PEM encrypted Зашифрованный PEM OpenSSL specific encrypted private key in text format Закрытый ключ в тектовом формате OpenSSL без пароля SSH2 private Закрытый ключ SSH2 SSH2 public Открытый ключ SSH2 The public key encoded in SSH2 format Открытый ключ в формате SSH2 DER public Открытый ключ DER Binary DER format of the public key Открытый ключ в двоичном формате DER DER private Закрытый ключ DER Unencrypted private key in binary DER format Закрытый ключ в двоичном формате DER без пароля PVK private Закрытый ключ PVK Private key in Microsoft PVK format not encrypted Закрытый ключ в формате Microsoft PVK без пароля XCA template in PEM-like format. Templates include the internal name and comment All selected XCA templates in PEM-like format. Templates include the internal name and comment PVK encrypted Зашифрованный PVK Encrypted private key in Microsoft PVK format Закрытый ключ в формате Microsoft PVK с паролем PKCS #8 encrypted Зашифрованный PKCS#8 Encrypted private key in PKCS#8 text format Закрытый ключ в текстовом формате PKCS#8 с паролем PKCS #8 PKCS #8 Unencrypted private key in PKCS#8 text format Закрытый ключ в текстовом формате PKCS#8 без пароля JSON Web Key private Unencrypted private key in JSON Web Key format JSON Web Key public Public key in JSON Web Key format Binary DER format of the certificate request Запрос на сертификат в двоичном формате DER Binary DER format of the revocation list Список отзыва в двоичном формате DER vCalendar reminder for the CRL expiry date Напоминание об окончании срока действия CRL в формате vCalendar XCA template in PEM-like format Шаблон XCA в PEM-подобном формате All selected XCA templates in PEM-like format Все выбранные шаблоны XCA в PEM-подобном формате pki_key Successfully imported the %1 public key '%2' Открытый ключ %1 '%2' импортирован успешно Delete the %1 public key '%2'? Удалить открытый ключ %1 '%2'? Successfully imported the %1 private key '%2' Закрытый ключ %1 '%2' импортирован успешно Delete the %1 private key '%2'? Удалить закрытый ключ %1 '%2'? Successfully created the %1 private key '%2' Закрытый ключ %1 '%2' создан успешно Delete the %1 keys: %2? Удалить ключ %1: %2? Public key Открытый ключ Successfully imported the %1 public key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key Открытый ключ %1 '%2' импортирован успешно Delete the %n %1 public key(s) '%2'? %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal name(s) of the key(s) Successfully imported the %1 private key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key Закрытый ключ %1 '%2' импортирован успешно Delete the %n %1 private key(s) '%2'? %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal name(s) of the key(s) Successfully created the %1 private key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key Закрытый ключ %1 '%2' создан успешно Common Общий Private Закрытый Bogus Поддельный No password Без пароля Unexpected SSH2 content: '%1' Неожиданное содержимое SSH2: '%1' Invalid SSH2 public key Недействительный открытый ключ SSH2 Failed writing to %1 Ошибка записи в %1 PIN PIN-код pki_multi Seek failed Ошибка позиционирования No known PEM encoded items found Не найдено PEM элементов pki_pkcs12 Please enter the password to encrypt the PKCS#12 file Пожалуйста, введите пароль для защиты файла PKCS#12 No key or no Cert and no pkcs12 Нет ключа, нет Сертификата, нет PKCS#12 Unable to load the PKCS#12 (pfx) file %1. Не удалось загрузить PKCS#12 (pfx) файл %1. Please enter the password to decrypt the PKCS#12 file: %1 Пожалуйста, введите пароль для расшифровки файла PKCS#12: %1 The supplied password was wrong (%1) Введённый пароль неверен (%1) Please enter the password to encrypt the key of certificate '%1' in the PKCS#12 file: %2 pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. Не удалось загрузить PKCS#7 файл %1. Формат файла должен быть PEM или DER. pki_scard This Key is already on the token Этот ключ уже есть в модуле защиты Unable to find copied key on the token Не удалось найти ключ в модуле защиты Public Key mismatch. Please re-import card Ошибка открытого ключа. Пожалуйста, импортируйте карту снова Delete the %n token key(s): '%1'? Unable to find generated key on card Не удалось найти сгенерированный ключ на карте Failed to find the key on the token Не удалось найти ключ в модуле защиты Invalid Pin for the token Введён неверный PIN-код для модуля защиты Delete the private key '%1' from the token '%2 (#%3)' ? Удалить закрытый ключ '%1' из модуля защиты '%2 (#%3)'? Successfully imported the token key '%1' Ключ '%1' импортирован успешно из модуля защиты Delete the token key '%1'? Удалить ключ '%1' из модуля защиты? Successfully created the token key '%1' Ключ '%1' создан успешно в модуле защиты Delete the %1 keys: %2? Удалить ключи %1: %2? PIN input aborted Ввод PIN-кода прерван Please insert card: %1 %2 [%3] with Serial: %4 Пожалуйста, вставьте карту %1 %2 [%3] с серийным номером %4 Select Slot of %1 Выберите слот %1 Illegal Key generation method Недопустимый способ генерирования ключа Ignoring unsupported token key Неподдерживаемый ключ в модуле защиты проигнорирован Wrong Size %1 Неправильный размер %1 Token %1 Модуль защиты %1 Failed to initialize the key on the token Не удалось инициализировать ключ в модуле защиты pki_temp Template file content error (too small): %1 Содержимое файла шаблона ошибочно (слишком мал) :%1 Wrong Size %1 Неправильный размер %1 Successfully imported the XCA template '%1' Шаблон XCA '%1' ипортирован успешно Delete the XCA template '%1'? Удалить шаблон XCA '%1'? Successfully created the XCA template '%1' Шаблон XCA '%1' создан успешно Delete the %1 XCA templates: %2? Удалить %1 шаблоны XCA: %2? Template file content error (too small) Содержимое файла шаблона ошибочно (слишком мал) Template file content error (bad size) Содержимое файла шаблона ошибочно (неверный размер) Delete the %n XCA template(s): '%1'? Not a PEM encoded XCA Template Не шаблон XCA в формате PEM Not an XCA Template, but '%1' Не шаблон XCA, а '%1' pki_x509 Successfully imported the certificate '%1' Сертификат '%1' импортирован успешно Delete the certificate '%1'? Удалить сертификат '%1'? Successfully created the certificate '%1' Сертификат '%1' создан успешно Delete the %1 certificates: %2? Удалить %1 сертификатов: %2? Invalid OpenVPN tls-auth key Failed to import tls-auth key Same tls-auth key already stored for this CA New tls-auth key successfully imported Existing tls-auth key successfully replaced Delete the certificate '%1' from the token '%2 (#%3)'? Удалить сертификат '%1' из модуля защиты '%2 (#%3)'? Renew certificate: %1 Продлить сертификат %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' Срок действия выпущенного %2 XCA сертификата '%1' истечёт %3. Он сохранён в базе данных '%4' Not trusted Не доверенный Trust inherited Доверие унаследовано Always Trusted Всегда доверять No Нет Yes Да There is no key for signing ! Не выбран ключ для подписи! Delete the %n certificate(s): '%1'? Unable to load the certificate in file %1. Tried PEM and DER certificate. Не удалось загрузить сертификат из файла %1. Испробованные форматы: PEM и DER. This certificate is already on the security token Этот сертификат уже есть в модуле защиты Wrong Size %1 Неправильный размер %1 pki_x509req Signing key not valid (public key) Ключ для подписи не действителен (открытый ключ) Successfully imported the %1 certificate request '%2' Запрос %1 '%2' импортирован успешно Delete the %1 certificate request '%2'? Удалить запрос %1: %2? Successfully created the %1 certificate request '%2' Запрос на сертификат %1 '%2' создан успешно Delete the %1 certificate requests: %2? Удалить запрос %1: %2? Successfully imported the PKCS#10 certificate request '%1' Delete the %n PKCS#10 certificate request(s): '%1'? Successfully created the PKCS#10 certificate request '%1' Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. Не удлось загрузить запрос на подпись из файла %1. Испробованные форматы: PEM, DER и SPKAC. Signed Подписан Unhandled Не обработан Wrong Size %1 Неправильный размер %1 v3ext Copy Common Name Копировать общее имя Add Добавить Delete Удалить Apply Применить Validate Проверить Cancel Отменить Validation successful: '%1' Проверка успешна: '%1' An email address or 'copy' Адрес электронной почты или 'copy' An email address Адрес электронной почты a registered ID: OBJECT IDENTIFIER зарегистрированный ID: OBJECT IDENTIFIER a uniform resource indicator унифицированный идентификатор ресурса a DNS domain name DNS имя домена an IP address IP адрес No editing. Only 'copy' allowed here Редактирование запрещено. Разрешено только копирование Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' Синтаксис: <OID>;TYPE:text like '1.2.3.4:UTF8:name' A registered ID: OBJECT IDENTIFIER Зарегистрированный идентификатор A uniform resource indicator Унифицированный идентификатор ресурса A DNS domain name or 'copycn' DNS имя домена или 'copycn' A DNS domain name DNS имя домена An IP address IP адрес Validation failed: '%1' %2 Проверка завершилась ошибкой: '%1' %2 xcaWarning The following error occurred: Произошла ошибка: Copy to Clipboard Копировать в буфер обмена xcaWarningGui Copy to Clipboard Копировать в буфер обмена xca-RELEASE.2.9.0/lang/xca_sk.ts000066400000000000000000006536601477156507700161600ustar00rootroot00000000000000 sk slovenčina <linux@slavino.sk> Slavko <linux@slavino.sk> 2024-10-01 14:52+0200 2018-03-16 18:14+0200 X Certificate and Key management 2..6.0 Gtranslator 46.1 # This file is distributed under the same license as the XCA package. # Slavko <linux@slavino.sk>, 2016-2024. # Project-Id-Version,Report-Msgid-Bugs-To,POT-Creation-Date,PO-Revision-Date,Last-Translator,Language-Team,Language,MIME-Version,Content-Type,Content-Transfer-Encoding,X-Generator,Plural-Forms,X-Qt-Contexts CaProperties Form Forma Days until next CRL issuing Dní do nasledujúceho vydania CRL Default template Predvolená šablóna CertDetail Details of the Certificate Podrobnosti certifikátu Serial Sériové číslo The serial number of the certificate Sériové číslo certifikátu The internal name of the certificate in the database Interný názov certifikátu v databáze Status Stav Internal name Interný názov Signature Podpis Key Kľúč Fingerprints Odtlačky MD5 MD5 An md5 hashsum of the certificate Odtlačok certifikátu MD5 SHA1 SHA1 A SHA-1 hashsum of the certificate Odtlačok certifikátu SHA-1 SHA256 SHA256 A SHA-256 hashsum of the certificate Odtlačok certifikátu SHA-256 Validity Platnosť The time since the certificate is valid Čas odkedy je certifikát platný The time until the certificate is valid Čas dokedy je certifikát platný Subject Predmet Issuer Vydavateľ Extensions Rozšírenia Validation Overenie Purposes Účely Strict RFC 5280 validation Striktné overenie RFC 5280 Comment Komentár Attributes Atribúty Show config Zobraziť konfiguráciu Show extensions Zobraziť rozšírenia Show public key Zobraziť verejný kľúč This key is not in the database. Tento kľúč nie je v databáze. Not available Nedostupné No verification errors found. Neboli nájdené žiadne chyby overenia. Signer unknown Neznámy podpis Self signed Sebou podpísaný Revoked at %1 Odvolaný %1 Not valid Neplatný Valid Platný Details of the certificate signing request Podrobnosti žiadosti o podpísanie certifikátu CertExtend Certificate renewal Obnovenie certifikátu This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. Týmto vytvoríte nový certifikát ako kópiu starého s novým sériovým číslom a novými hodnotami platnosti. Validity Platnosť Not before Nie pred Not after Nie po Time range Časový rozsah Local time Lokálny čas Days Dni Months Mesiace Years Roky No well-defined expiration Bez vypršania Midnight Polnoc Apply Použiť Revoke old certificate Odvolať starý certifikát Replace old certificate Nahradiť starý certifikát Keep serial number Zachovať sériové číslo The certificate will be earlier valid than the signer. This is probably not what you want. Certifikát bude platný skôr ako jeho vydavateľ. To asi nie je to, čo chcete. Edit dates Upraviť dátumy Abort rollout Prerušiť operáciu Continue rollout Pokračovať v operácii Adjust date and continue Opraviť dátum a pokračovať The certificate will be longer valid than the signer. This is probably not what you want. Certifikát bude platný dlhšie ako jeho vydavateľ. To asi nie je to, čo chcete. CertTreeView Hide unusable certificates Skryť nepoužiteľné certifikáty Import PKCS#12 Import PKCS#12 Import from PKCS#7 Importovať z PKCS#7 Request Žiadosť Security token Bezpečnostný token Other token Iný token Similar Certificate Podobný certifikát Delete from Security token Odstrániť z Bezpečnostného tokenu CA CA Properties Vlastnosti Generate CRL Generovať CRL Manage revocations Spravovať odvolania Import OpenVPN tls-auth key Importovať OpenVPN tls-auth Renewal Obnoviť Revoke Odvolať Unrevoke Zrušiť odvolanie Plain View Prosté zobrazenie Tree View Stromové zobrazenie days dní No template Bez šablóny CA Properties Vlastnosti CA Certificate export Export certifikátu X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) Certifikáty X509 ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) vCalendar entry ( *.ics ) Položka vCalendar ( *.ics ) OpenVPN file ( *.ovpn ) Súbor OpenVPN ( *.ovpn ) OpenVPN tls-auth key ( *.key ) OpenVPN tls-auth ( *.key ) ClickLabel Double click for details Dvojklikom podrobnosti CrlDetail Details of the Revocation list Podrobnosti CRL &Status &Stav Version Verzia Signature Podpis Signed by Podpísal Name Názov The internal name of the CRL in the database Interný názov CRL v databáze issuing dates dátumy vydania Next update Nasled. aktualizácia Last update Posledná aktualizácia &Issuer &Vydavateľ &Extensions &Rozšírenia &Revocation list Zoznam &odvolaných Comment Komentár Failed Zlyhalo Unknown signer Neznámy vydavateľ Verification not possible Overenie nemožné CrlTreeView There are no CA certificates for CRL generation Neexistujú certifikáty CA na generovanie CRL Select CA certificate Vyberte certifikát CA Revocation list export Export zoznamu odvolaných CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) vCalendar entry ( *.ics ) Položka vCalendar ( *.ics ) ExportDialog Name Názov The internal name of the CRL in the database Interný názov CRL v databáze ... Filename Meno súboru Each Item in a separate file Každá položka v samostatnom súbore Same encryption password for all items Rovnaké heslo šifrovania pre všetky položky Export comment into PEM file Exportovať komentáre do súboru PEM Export Format Formát exportu %n selected item(s) %n zvolená položka %n zvolené položky %n zvolených položiek All files ( * ) Všetky súbory ( * ) The file: '%1' already exists! Súbor: „%1” už existuje! Overwrite Prepísať Do not overwrite Neprepísať The path: '%1' exist, but is not a file Cesta: „%1” existuje, ale nie je to súbor The path: '%1' exist, but is not a directory Cesta: „%1” existuje, ale nie je to adresár The directory: '%1' does not exist. Should it be created? Adresár: „%1” neexistuje. Má byť vytvorený? Create Vytvoriť Failed to create directory '%1' Vytvorenie adresára „%1” zlyhalo Directory Adresár Concatenated text format of all certificates in one PEM file Zlúčený textový formát všetkých certifikátov v jednom súbore PEM All unrevoked certificates encoded in one PKCS#7 file Všetky neodvolané certifikáty kódované v jednom súbore PKCS#7 All certificates encoded in one PKCS#7 file Všetky certifikáty kódované v jednom súbore PKCS#7 Form last update posled. aktualizácia next update nasled. aktualizácia Days Dní Months Mesiacov Years Rokov Apply Použiť Midnight Polnoc Local time Lokálny čas No well-defined expiration Bez vypršania Help << << >> >> &Done &Hotovo ImportMulti Import PKI Items Importovať položky PKI Import &All Importovať &všetky &Import &Importovať &Done &Hotovo &Remove from list &Odstrániť zo zoznamu Details Podrobnosti Delete from token Odstrániť z tokenu Rename on token Premenovať token Name: %1 Model: %2 Serial: %3 Názov: %1 Model: %2 Sér. č.: %3 Manage security token Spravovať bezpečnostný token The type of the item '%1' is not recognized Typ položky „%1” nie je rozpoznaný Could not open the default database Nemožno otvoriť predvolenú databázu The file '%1' did not contain PKI data Súbor „%1” neobsahuje dáta PKI The %1 files: '%2' did not contain PKI data %1 súbory: „%2” neobsahuje dáta PKI Details of the item '%1' cannot be shown Podrobnosti položky „%1” nemožno zobraziť ItemProperties Name Názov Source Zdroj Insertion date Dátum vloženia Comment Komentár KeyDetail Name Názov The internal name of the key used by xca Interný názov kľúča používaný v xca Security token Bezpečnostný token Manufacturer Výrobca Serial Sériové číslo Key Kľúč Public Exponent Verejný exponent Keysize Veľkosť kľúča Private Exponent Súkromný exponent Security Token Bezpečnostný token Label Menovka PKCS#11 ID ID PKCS#11 Token information Informácie tokenu Model Model Fingerprint Odtlačok Comment Komentár Details of the %1 key Podrobnosti kľúča %1 Not available Nedostupný Available Dostupný Sub prime Sub prime Public key Verejný kľúč Private key Súkromný kľúč Curve name Názov krivky Unknown key Neznámy kľúč KeyTreeView Change password Zmeniť heslo Reset password Odstrániť heslo Change PIN Zmeniť PIN Init PIN with SO PIN (PUK) Inicializovať PIN pomocou SO PIN (PUK) Change SO PIN (PUK) Zmeniť SO PIN (PUK) Security token Bezpečnostný token This is not a token Toto nie je token Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable Má byť pôvodný kľúč „%1” nahradený kľúčom z tokenu? Týmto bude kľúč „%1” odstránený a nebude ho možné exportovať Key export Export kľúča Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Súkromné kľúče ( *.pem *.der *.pk8 );; Verejné kľúče SSH ( *.pub ) SSH Private Keys ( *.priv ) Súkromné kľúče SSH ( *.priv ) Microsoft PVK Keys ( *.pvk ) Kľúče Microsoft PVK ( *.pvk ) MainWindow Private Keys Súkromné kľúče &New Key &Nový kľúč &Export &Exportovať &Import &Importovať Import PFX (PKCS#12) Importovať PFX (PKCS#12) &Show Details &Podrobnosti &Delete &Odstrániť Certificate signing requests Žiadosti &New Request &Nová žiadosť Certificates Certifikáty &New Certificate &Nový certifikát Import &PKCS#12 Importovať &PKCS#12 Import P&KCS#7 Importovať P&KCS#7 Plain View Prosté zobrazenie Templates Šablóny &New Template &Nová šablóna &New CRL &Nový CRL Ch&ange Template &Zmeniť šablónu Revocation lists Zoznamy odvolaných Using or exporting private keys will not be possible without providing the correct password Použitie alebo exportovanie súkromných kľúčov nebude možné bez zadania správneho hesla The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. Aktuálne použitý predvolený odtlačok „%1” nie je bezpečný. Prosím, kvôli bezpečnosti, zvoľte aspoň „SHA 224”. Recent DataBases Nedávne databázy System systémový Croatian Chorvátčina English Angličtina French Francúzština German Nemčina Japanese Japončina Korean Kórejčina Russian Ruština Slovak Slovenčina Spanish Španielčina Persian Peržština Bulgarian Bulharčina Polish Poľština Italian Taliančina Chinese Čínština Dutch Holandčina Portuguese in Brazil Brazílska portugalčina Indonesian Indonézština Turkish Turečtina Language Jazyk &File &Súbor Open Remote DataBase Otvoriť vzdialenú databázu Set as default DataBase Nastaviť ako predvolenú DB New DataBase Nová databáza Open DataBase Otvoriť databázu Close DataBase Zatvoriť databázu Options Možnosti Exit Skončiť I&mport I&mportovať Keys Kľúče Requests Žiadosti PKCS#12 PKCS#12 PKCS#7 PKCS#7 Template Šablóna Revocation list Zoznam odvolaných PEM file Súbor PEM Paste PEM file Vložte súbor PEM Token Token Export Certificate &Index hierarchy Exportovať hierarchiu &indexu certifikátov Content Obsah &Manage Security token &Spravovať Bezpečnostný token &Init Security token &Inicializovať Bezpečnostný token &Change PIN Zmeniť &PIN Change &SO PIN Zmeniť &SO PIN Init PIN Inicializovať PIN Extra Extra &Dump DataBase Vypísať &databázu &Export Certificate Index &Exportovať index certifikátov C&hange DataBase password Z&meniť heslo databázy &Undelete items O&bnoviť zmazané Generate DH parameter Generovať parametre DH OID Resolver Prekladač OID &Help &Pomocník About O programe Import PEM data Importovať dáta PEM Please enter the original SO PIN (PUK) of the token '%1' Prosím, zadajte pôvodný SO PIN (PUK) tokenu „%1” Search Hľadať Please enter the new SO PIN (PUK) for the token '%1' Prosím, zadajte nový SO PIN (PUK) tokenu „%1” The new label of the token '%1' Nová menovka tokenu „%1” The token '%1' did not contain any keys or certificates Token „%1” neobsahuje žiadne kľúče ani certifikáty Retry with PIN Opakovať s PIN Retry with SO PIN Opakovať s SO PIN Current Password Aktuálne heslo Please enter the current database password Prosím, zadajte heslo aktuálnej databázy The entered password is wrong Zadané heslo je zlé New Password Nové heslo Please enter the new password to encrypt your private keys in the database-file Prosím, zadajte nové heslo na šifrovanie svojich súkromných kľúčov v súbore databázy Transaction start failed Spustenie transakcie zlyhalo Database: %1 Databáza: %1 The currently used PFX / PKCS#12 algorithm '%1' is insecure. Aktuálne zvolený algoritmus PFX / PKCS#12 „%1” nie je bezpečný. Change Zmeniť Certificate Index ( index.txt ) Index certifikátov (index.txt) All files ( * ) Všetky súbory ( * ) Diffie-Hellman parameters saved as: %1 Parametre Diffie-Hellman uložené do: %1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits Parametre Diffie-Hellman sú potrebné pre rôzne aplikácie, ale nie sú používané v XCA. Prosím, zadajte bity parametra DH No deleted items found Nenájdené žiadne zmazané položky no such option: %1 neznáma voľba: %1 &Token &Token &Content &Obsah Error opening file: '%1': %2 Chyba otvorenia súboru: „%1”: %2 NewCrl Last update Posledná aktualizácia Next update Nasled. aktualizácia Days Dni Months Mesiace Years Roky Midnight Polnoc Local time Lokálny čas Apply Použiť Options Voľby CRL number Číslo CRL Subject alternative name Alternatívne meno predmetu Revocation reasons Dôvody odvolania Authority key identifier Identifikátor kľúča autority Hash algorithm Algoritmus odtlačku Create CRL Vytvoriť CRL NewKey Please give a name to the new key and select the desired keysize Prosím, zadajte meno nového kľúča a zvoľte jeho požadovanú veľkosť Key properties Vlastnosti kľúča Name Názov The internal name of the new key Interný názov nového kľúča Curve name Názov krivky Usually at least 2048 bit keys are recommended Zvyčajne sú odporúčané kľúče aspoň 2048 bitov New Key Nový kľúč Keysize Veľkosť kľúča Keytype Typ kľúča Remember as default Zapamätať ako predvolené Create Vytvoriť NewX509 Source Zdroj Signing request Žiadosť o podpísanie Show request Zobraziť žiadosť Sign this Certificate signing &request Podpísať túto Žiadosť o certifikát Copy extensions from the request Kopírovať rozšírenia zo žiadosti Modify subject of the request Zmeniť predmet žiadosti Signing Podpísanie Create a &self signed certificate Vytvoriť &sebou podpísaný certifikát Use &this Certificate for signing Podpísať &týmto certifikátom All certificates in your database that can create valid signatures Všetky certifikáty v databáze, ktoré môžu vytvoriť platný podpis Signature algorithm Algoritmus podpisu Template for the new certificate Šablóna nového certifikátu All available templates Všetky dostupné šablóny Apply extensions Pridať rozšírenia Apply subject Pridať predmet Apply all Pridať všetko Subject Predmet Internal Name Interný názov Distinguished name Rozlišovací názov Add Pridať Delete Odstrániť Private key Súkromný kľúč This list only contains unused keys Tento zoznam obsahuje len nepoužité kľúče Used keys too Aj použité kľúče &Generate a new key &Generovať nový kľúč Extensions Rozšírenia Type Typ If this will become a CA certificate or not Či to bude certifikát CA alebo nie Not defined Nedefinované Certification Authority Certifikačná autorita End Entity Koncový certifikát Path length Dĺžka cesty How much CAs may be below this. Koľko CA môže byť pod týmto. The basic constraints should always be critical Základné obmedzenia by mali byť vždy kritické Key identifier Identifikátor kľúča Creates a hash of the key following the PKIX guidelines Vytvorí odtlačok kľúča v súlade s odporúčaním PKIX Copy the Subject Key Identifier from the issuer Kopírovať Identifikátor kľúča predmetu vydavateľa Validity Platnosť Not before Nie pred Not after Nie po Time range Časový rozsah Days Dni Months Mesiace Years Roky Apply Použiť Set the time to 00:00:00 and 23:59:59 respectively Nastavuje čas na 00:00:00 a 23:59:59 Midnight Polnoc Local time Lokálny čas No well-defined expiration Bez vypršania DNS: IP: URI: email: RID: DNS:, IP:, URI:, email:, RID: Edit Upraviť URI: URI: Key usage Použitie kľúča Netscape Netscape Advanced Pokročilé Validate Overiť Comment Komentár This name is only used internally and does not appear in the resulting certificate Tento názov je použitý len interne a neobjaví sa vo výslednom certifikáte Critical Kritické Create Certificate signing request Vytvoriť Žiadosť o podpísanie certifikátu minimum size: %1 minimálna veľkosť: %1 maximum size: %1 maximálna veľkosť: %1 only a-z A-Z 0-9 '()+,-./:=? len a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters len prosté 7-b znaky Edit XCA template Upraviť šablónu XCA Create x509 Certificate Vytvoriť certifikát x509 Template '%1' applied Šablóna „%1” aplikovaná Subject applied from template '%1' Predmet nastavený zo šablóny „%1” Extensions applied from template '%1' Rozšírenia nastavené zo šablóny „%1” New key '%1' created Vytvorený nový kľúč „%1” Other Tabs Záložka Iné Advanced Tab Záložka Pokročilé Errors Chyby From PKCS#10 request Zo žiadosti PKCS#10 Error Chyba duplicate extensions duplicitné rozšírenie The Name Constraints are invalid Obmedzenia mena sú neplatné The Subject Alternative Name is invalid Alternatívne meno predmetu (SAN) je neplatné The Issuer Alternative Name is invalid Alternatívny názov vydavateľa (IAN) je neplatný The CRL Distribution Point is invalid Distribučné bod CRL je neplatný The Authority Information Access is invalid Prístup k informácii CA (AIA) je neplatný Abort rollout Prerušiť operáciu The following length restrictions of RFC3280 are violated: Nie sú splnené Nasledujúce obmedzenia veľkosti z RFC3280: Edit subject Upraviť predmet Continue rollout Pokračovať v operácii The verification of the Certificate request failed. The rollout should be aborted. Overenie žiadosti o certifikát zlyhalo. Operácia by mala byť prerušená. Continue anyway Pokračovať i tak The internal name and the common name are empty. Please set at least the internal name. Interný názov a bežný názov sú prázdne. Prosím, zadajte aspoň interný názov. Edit name Upraviť názov There is no Key selected for signing. Nebol zvolený kľúč na podpísanie. Select key Vybrať kľúč The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. Nasledujúce položky rozlišovacieho názvu sú prázdne: %1 hoci ste ich v nastavení definovali ako povinné. The key you selected for signing is not a private one. Kľúč, zvolený na podpísanie, nie je súkromný. Select other signer Zvoliť iného vydavateľa Select other key Zvoliť iný kľúč The currently selected hash algorithm '%1' is insecure and should not be used. Aktuálne zvolený algoritmus odtlačku „%1” nie je bezpečný a nemá byť používaný. Select other algorithm Zvoľte iný algoritmus Use algorithm anyway Použiť algoritmus aj tak The certificate will be earlier valid than the signer. This is probably not what you want. Certifikát bude platný skôr ako jeho vydavateľ. To asi nie je to, čo chcete. Edit dates Upraviť dátumy Adjust date and continue Opraviť dátum a pokračovať The certificate will be longer valid than the signer. This is probably not what you want. Certifikát bude platný dlhšie ako jeho vydavateľ. To asi nie je to, čo chcete. The certificate will be out of date before it becomes valid. You most probably mixed up both dates. Certifikát vyprší ešte pred nadobudnutím platnosti. Pravdepodobne ste zamenili oba dátumy. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. Certifikát obsahuje neplatné alebo duplicitné rozšírenia. Skontrolujte platnosť na záložke Pokročilé. The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. Certifikát neobsahuje rozšírenia. Na definovanie určenia certifikátu môžete pridať rozšírenia jednej zo šablón. The certificate contains invalid extensions. Certifikát obsahuje neplatné rozšírenie. Edit extensions Upraviť rozšírenia The subject alternative name shall contain a copy of the common name. However, the common name is empty. Alternatívne meno predmetu má obsahovať kópiu bežného mena. Avšak, bežné meno je prázdne. A name constraint of the issuer '%1' is violated: %2 Obmedzenie mena vydavateľa „%1” je porušené: %2 Configfile error on line %1 Chyba konfiguračného súboru v riadku %1 OidResolver OID Resolver Prekladač OID Enter the OID, the Nid, or one of the textual representations Zadajte OID, Nid alebo jednu z textových reprezentácií Search Hľadať OID OID Long name Dlhý názov OpenSSL internal ID Interné ID OpenSSL Nid Nid Short name Krátky názov OpenDb Open remote database Otvoriť vzdialené databázu Database type Typ databázy Hostname Názov stroja Username Meno používateľa Password Heslo Database name Názov databázy Table prefix Predpona tabuľky No SqLite3 driver available. Please install the qt-sqlite package of your distribution Nie je dostupný ovládač SQLite3. Prosím, nainštalujte balík qt-sqlite svojej distribúcie The database driver does not support transactions. This may happen if the client and server have different versions. Continue with care. Ovládač databázy nepodporuje transakcie. Toto môže nastať, ak majú kleint a server rôzne verzie. Pokračujte s opatrnosťou. Options XCA Options Nastavenia XCA Settings Nastavenia Default hash algorithm Predvolený algoritmus odtlačku String types Typy reťazcov Suppress success messages Potlačiť správy o úspechu Don't colorize expired certificates Nezvýrazňovať vypršané certifikáty Translate established x509 terms (%1 -> %2) Preložiť platné položky x509 (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. Hašovacia funkčnosť tokenu nie je v XCA použitá. Môže však rešpektovať obmedzenú sadu hašovacích algoritmov zverejnených tokenom. Najmä EC a DSA sú v špecifikácii PKCS#11 definované len s SHA1. Only use hashes supported by the token when signing with a token key Použiť len odtlačky podporované tokenom pri podpisovaní kľúčom z tokenu Disable legacy Netscape extensions Vypnúť staré rozšírenia Netscape PKCS12 encryption algorithm Algoritmus šifrovania PKCS12 Certificate expiry warning threshold Hranica upozornenia vypršania platnosti certifikátu Send vCalendar expiry reminder Poslať pripomienku vCalendar o vypršaní platnosti Serial number length Dĺžka sériového čísla bit bit Distinguished name Rozlišovací názov Mandatory subject entries Povinné položky predmetu Add Pridať Delete Odstrániť Explicit subject entries Explicitné položky predmetu Dynamically arrange explicit subject entries Dynamicky rozložiť explicitné položky predmetu Default Predvolené PKCS#11 provider Poskytovateľ PKCS#11 Remove Odstrániť Search Hľadať Printable string or UTF8 (default) Tlačiteľné znaky alebo UTF-8 (predvolené) PKIX recommendation in RFC2459 Odporúčania PKIX v RFC2459 No BMP strings, only printable and T61 Nie reťazce BMP, len tlačiteľné a T61 UTF8 strings only (RFC2459) Len reťazce UTF-8 (RFC2459) All strings Všetky reťazce Days Dni Weeks Týždne PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) Heslo je spracované ako 2-ciferný šestnástkový kód. Musí mať párny počet číslic (0-9 a a-f) Take as HEX string Zadajte šestnástkový reťazec Repeat %1 Opakovať %1 %1 mismatch %1 nezhoda Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters Šestnástkové heslo môže obsahovať len znaky „0” – „9” a „a” – „f” a musí mať párny počet znakov Exit Skončiť Password Heslo E&xit S&končiť QObject Undefined Nedefinované Broken / Invalid Poškodený/Neplatný in %1 seconds za %1 sekúnd %1 seconds ago pred %1 sekundami in %1 minutes za %1 minút %1 minutes ago pred %1 minútami Yesterday Včera Tomorrow Zajtra in %1 hours za %1 hodiny %1 hours ago pred %1 hodinami Out of data Nedostatok dát Error finding endmarker of string Chyba nájdenia koncovej značky reťazca All files ( * ) Všetky súbory ( * ) PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK Keys ( *.pvk );; SSH Public Keys ( *.pub );; Kľúče PKI ( *.pem *.der *.key );; Kľúče PKCS#8 ( *.p8 *.pk8 );; Kľúče Microsoft PVK ( *.pvk );; Verejné kľúče SSH ( *.pub );; Import RSA key Importovať kľúč RSA PKCS#10 CSR ( *.pem *.der *.csr );; Žiadosť PKCS#10 ( *.pem *.der *.csr );; Import Request Importovať Žiadosť Certificates ( *.pem *.der *.crt *.cer );; Certifikáty ( *.pem *.der *.crt *.cer );; Import X.509 Certificate Importovať Certifikát X.509 PKCS#7 data ( *.p7s *.p7m *.p7b );; Dáta PKCS#7 ( *.p7s *.p7m *.p7b );; Import PKCS#7 Certificates Importovať Certifikáty PKCS#7 PKCS#12 Certificates ( *.p12 *.pfx );; Certifikáty PKCS#12 ( *.p12 *.pfx );; Import PKCS#12 Private Certificate Importovať Súkromný certifikát PKCS#12 XCA templates ( *.xca );; Šablóny XCA ( *.xca );; Import XCA Templates Importovať Šablóny XCA Revocation lists ( *.pem *.der *.crl );; Zoznamy odvolaných ( *.pem *.der *.crl );; Import Certificate Revocation List Importovať Zoznam odvolaných certifikátov XCA Databases ( *.xdb );; Databázy XCA ( *.xdb );; Open XCA Database Otvoriť databázu XCA OpenVPN tls-auth key ( *.key );; Kľúč OpenVPN tls-auth ( *.key );; Import OpenVPN tls-auth key Importovať kľúč OpenVPN tls-auth PKCS#11 library ( *.dll );; Knižnica PKCS#11 ( *.dll );; PKCS#11 library ( *.dylib *.so );; Knižnica PKCS#11 ( *.dylib *.so );; PKCS#11 library ( *.so );; Knižnica PKCS#11 ( *.so );; Open PKCS#11 shared library Otvoriť zdieľanú knižnicu PKCS#11 PEM files ( *.pem );; Súbory PEM ( *.pem );; Load PEM encoded file Načítať súbor kódovaný PEM Please enter the PIN on the PinPad Prosím, zadajte PIN na PinPad-e Please enter the SO PIN (PUK) of the token %1 Prosím, zadajte SO PIN (PUK) tokenu %1 Please enter the PIN of the token %1 Prosím, zadajte PIN tokenu %1 No Security token found Nebol nájdený bezpečnostný token Select Zvoliť Please enter the new SO PIN (PUK) for the token: '%1' Prosím, zadajte nový SO PIN (PUK) tokenu: „%1” Please enter the new PIN for the token: '%1' Prosím, zadajte nový PIN tokenu: '%1' Required PIN size: %1 - %2 Požadovaná veľkosť PIN: %1 - %2 Disabled Vypnuté Library loading failed Načítanie knižnice zlyhalo PKCS#11 function '%1' failed: %2 Funkcia PKCS#11 „%1” zlyhala: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 Funkcia PKCS#11 „%1” zlyhala: %2 V knižnici %3 %4 Invalid Neplatné %1 is shorter than %2 bytes: '%3' %1 je kratšie ako %2 B: „%3” %1 is longer than %2 bytes: '%3' %1 je dlhšie ako %2 B: „%3” String '%1' for '%2' contains invalid characters Reťazec „%1” pre „%2” obsahuje neplatné znaky Error reading config file %1 at line %2 Chyba čítania konfiguračného súboru %1 na riadku %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. Objekt „%1” zo súboru %2 riadok %3 je už známy ako „%4:%5:%6” a mal by byť odstránený. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. Identifikátor „%1” pre OID %2 zo súboru %3 riadok %4 je už použitý pre iné OID ako „%5:%6:%7” a treba ho zmeniť, aby ste predišli konfliktom. Unknown object '%1' in file %2 line %3 Neznámy objekt „%1” v súbore %2 riadok %3 Failed to start a database transaction Zlyhala inicializácia DB transakcie Country code Kód krajiny State or Province Štát alebo provincia Locality Lokalita Organisation Organizácia Organisational unit Organizačná jednotka Common name Bežný názov E-Mail address Emailová adresa Serial number Sériové číslo Given name Rodné meno Surname Priezvisko Title Titul Initials Iniciály Description Popis Role Rola Pseudonym Pseudonym Generation Qualifier Prívlastok generácie x500 Unique Identifier Jedinečný identifikátor x500 Name Názov DN Qualifier Prívlastok DN Unstructured name Neštruktúrovaný názov Challenge password Heslo výzvy Basic Constraints Základné obmedzenia Name Constraints Obmedzenia mena Subject alternative name Alternatívne meno predmetu issuer alternative name Alternatívny názov vydavateľa Subject key identifier Identifikátor kľúča predmetu Authority key identifier Identifikátor kľúča autority Key usage Použitie kľúča Extended key usage Rozšírené použitie kľúča CRL distribution points Distribučné body CRL Authority information access Prístup k informácii CA (AIA) Certificate type Typ certifikátu Base URL Základná URL Revocation URL URL odvolaní CA Revocation URL URL odvolaní CA Certificate renewal URL URL obnovenia CRL CA policy URL URL politiky CA SSL server name Meno servera SSL Comment Komentár Index file written to '%1' Súbor index zapísaný do „%1” Index hierarchy written to '%1' Hierarchia indexu zapísaná do „%1” Unknown key type %1 Neznámy typ kľúča %1 Failed to write PEM data to '%1' Zlyhal zápis dát PEM do „%1” Password verify error, please try again Chyba overenia hesla, prosím, skúste znova The following error occurred: Nastala nasledujúca chyba: Failed to update the database schema to the current version Zlyhala aktualizácia schémy DB na aktuálnu verziu Password Heslo insecure nie bezpečné Out of Memory at %1:%2 Nedostatok pamäte na %1:%2 Invalid filename: %1 Neplatné meno súboru: %1 DB: Rename: '%1' already in use Premenovanie DB: „%1” už je použité DB: Entry to rename not found: %1 DB: Položka na premenovanie nenájdená: %1 DB: Write error %1 - %2 DB: Chyba zápisu %1 – %2 ReqTreeView Sign Podpísať Unmark signed Zrušiť označenie podpísané Mark signed Označiť podpísané Similar Request Podobná žiadosť Certificate request export Export žiadosti o certifikát Certificate request ( *.pem *.der *.csr ) Žiadosť o certifikát ( *.pem *.der *.csr ) RevocationList Manage revocations Spravovať odvolania Add Pridať Delete Odstrániť Edit Upraviť No. Č. Serial Sériové číslo Revocation Odvolanie Reason Dôvod Invalidation Zneplatnenie Generate CRL Generovať CRL Revoke Certificate revocation Odvolanie certifikátu Revocation details Podrobnosti odvolania Revocation reason Dôvod odvolania Local time Lokálny čas Invalid since Neplatný od Serial Sériové číslo SearchPkcs11 Directory Adresár ... ... Include subdirectories Zahrnúť podadresáre Search Hľadať The following files are possible PKCS#11 libraries nasledujúce súbory sú možné knižnice PKCS#11 SelectToken Security token Bezpečnostný token Please select the security token Prosím, vyberte bezpečnostný token TempTreeView Duplicate Duplikát Create certificate Vytvoriť certifikát Create request Vytvoriť žiadosť copy kopírovať Preset Template values Predvoľby hodnôt šablóny Template export Export šablóny XCA Templates ( *.xca ) Šablóny XCA ( *.xca ) Validity yyyy-MM-dd hh:mm d. MMM yyyy hh:mm X509SuperTreeView Transform Transformovať Template Šablóna Public key Verejný kľúč Save as OpenSSL config Uložiť ako konfiguráciu OpenSSL Config files ( *.conf *.cnf);; All files ( * ) Konfiguračné súbory ( *.conf *.cnf );; Všetky súbory ( * ) XFile Error opening file: '%1': %2 Chyba otvorenia súboru: „%1”: %2 Error rewinding file: '%1': %2 Chyba posunu súboru: „%1”: %2 XcaDetail Import Import XcaTreeView Item properties Vlastnosti položky Subject entries Položky predmetu X509v3 Extensions Rozšírenia X509v3 Netscape extensions Rozšírenia Netscape Key properties Vlastnosti kľúča Reset Vymazať Hide Column Odstrániť stĺpec Details Podrobnosti Columns Stĺpce Export Password Heslo exportu Please enter the password to encrypt all %n exported private key(s) in: %1 Singular form for 0 or 1 item can be ignored. Will always be called with n >= 2 Prosím, zadajte heslo na šifrovanie exportovaného súkromného kľúča v: %1 Prosím, zadajte heslo na šifrovanie %n exportovaných súkromných kľúčov v: %1 Prosím, zadajte heslo na šifrovanie %n exportovaných súkromných kľúčov v: %1 New Nový Import Importovať Paste PEM data Vložiť dáta PEM Rename Premenovať Properties Vlastnosti Delete Odstrániť Export Exportovať Clipboard Schránka File Súbor Clipboard format Formát schránky database_model Please enter the password to access the database server %2 as user '%1'. Prosím, zadajte heslo na prístup k databázovému serveru %2 ako používateľ „%1”. Unable to create '%1': %2 Nemožno vytvoriť „%1”: %2 The file '%1' is not an XCA database Súbor „%1” nie je databáza XCA No SqLite3 driver available. Please install the qt-sqlite package of your distribution Nie je dostupný ovládač SQLite3. Prosím, nainštalujte balík qt-sqlite svojej distribúcie New Password Nové heslo Please enter a password, that will be used to encrypt your private keys in the database: %1 Prosím, zadajte heslo, ktoré bude slúžiť na šifrovanie súkromných kľúčov v databáze: %1 Password Heslo Please enter the password for unlocking the database: %1 Prosím, zadajte heslo na odomknutie databázy: %1 Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format Detegovaný starý formát databázy. Vytvorená záložná kópia, nazvaná: „%1” a databáza konvertovaná do nového formátu Failed to rename the database file, because the target already exists Premenovanie súboru databázy zlyhalo, pretože cieľ už existuje db_base Internal name Interný názov No. Č. Primary key Primárny kľúč Database unique number Jedinečné číslo databázy Date Dátum Date of creation or insertion Dátum vytvorenia alebo vloženia Source Zdroj Generated, Imported, Transformed Generovaný, Importovaný, Transformovaný Comment Komentár First line of the comment field Prvý riadok poľa komentára Import from: %1 Importovať z: %1 Could not create directory %1 Nemožno vytvoriť adresár %1 How to export the %1 selected items Ako exportovať %1 zvolených položiek All in one PEM file Všetky v jednom súbore PEM Save %1 items in one file as Uložiť %1 položiek v jednom súbore ako PEM files ( *.pem );; All files ( * ) Súbory PEM ( *.pem );; Všetky súbory ( * ) Error opening file: '%1': %2 Chyba otvorenia súboru: „%1”: %2 db_crl Signer Vydavateľ Internal name of the signer Interný názov vydavateľa No. revoked Počet odvolaných Number of revoked certificates Počet odvolaných certifikátov Last update Posledná aktualizácia Next update Nasled. aktualizácia CRL number Číslo CRL The revocation list already exists in the database as: '%1' and so it was not imported Zoznam odvolaní už v databáze existuje ako: „%1”, a tak nebol importovaný Failed to initiate DB transaction Zlyhala inicializácia DB transakcie Database error: %1 Chyba databázy: %1 db_key Type Typ Size Veľkosť EC Group Skupina EC Use Použiť Password Heslo The key is already in the database as: '%1' and is not going to be imported Kľúč už je v databáze ako: „%1”, a tak nebude importovaný The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key Databáza už obsahuje verejnú časť importovaného kľúča ako „%1” a bude doplnená novou, súkromnou, časťou kľúča Extending public key from %1 by imported key '%2' Rozšírenie verejného kľúča z %1 importovaním kľúča „%2” Key size too small ! Dĺžka kľúča je príliš malá! You are sure to create a key of the size: %1 ? Naozaj chcete vytvoriť kľúč s veľkosťou: %1? Internal key update: The keys: %1 must be updated once by resetting and setting its private password Interná aktualizácia kľúča: Kľúče: %1 musia byť pri zmene a aktualizácii ich hesla aktualizované Tried to change password of a token Vyskúšaná zmena hesla tokenu Internal error Interná chyba Export keys to Clipboard Exportovať kľúče do schránky Clipboard Schránka Export public key [%1] Exportovať verejný kľúč [%1] Export private key [%1] Exportovať súkromný kľúč [%1] db_temp Bad template: %1 Zlá šablóna: %1 Empty template Prázdna šablóna Save template as Uložiť šablónu ako XCA templates ( *.xca );; All files ( * ) Šablóny XCA ( *.xca );; Všetky súbory ( * ) db_x509 CA CA reflects the basic Constraints extension Odráža rozšírenie Základné obmedzenia Serial Sériové číslo Start date Dátum začiatku Expiry date Dátum vypršania MD5 fingerprint Odtlačok MD5 SHA1 fingerprint Odtlačok SHA1 SHA256 fingerprint Odtlačok SHA256 Not before Nie pred Not after Nie po Revocation Odvolanie CRL Expiration CRL vypršania Failed to retrieve unique random serial Zlyhalo získanie jedinečného náhodného sériového čísla The certificate already exists in the database as: '%1' and so it was not imported Certifikát už v databáze existuje ako: „%1”, a tak nebol importovaný Signed on %1 by '%2' %1 podpísané „%2” Unknown Neznáme Invalid public key Neplatný verejný kľúč The key you selected for signing is not a private one. Kľúč, zvolený na podpísanie, nie je súkromný. Failed to create directory '%1' Vytvorenie adresára „%1” zlyhalo Store the certificate to the key on the token '%1 (#%2)' ? Uložiť certifikát do kľúča na tokene „%1 (#%2)”? There was no key found for the Certificate: '%1' Nebol nájdený kľúč certifikátu: „%1” Not possible for a token key: '%1' Nie je možné pre kľúč tokenu: „%1” Not possible for the token-key Certificate '%1' Nie je možné pre Certifikát kľúča tokenu „%1” PKCS#7 unrevoked Neodvolané PKCS#7 PEM unrevoked Neodvolané PEM PEM all PEM všetky Plain View Prosté zobrazenie Error opening file: '%1': %2 Chyba otvorenia súboru: „%1”: %2 db_x509name Subject Predmet Complete distinguished name Úplný rozlišovací názov Subject hash Odtlačok predmetu Hash to lookup certs in directories Odtlačok na hľadanie certifikátov v adresároch db_x509req Signed Podpísaný whether the request is already signed or not Či už bola žiadosť podpísaná alebo nie Unstructured name Neštruktúrovaný názov Challenge password Heslo výzvy Certificate count Počet certifikátov Number of certificates in the database with the same public key Počet certifikátov s rovnakým verejným kľúčom v databáze The certificate signing request already exists in the database as '%1' and thus was not stored Žiadosť o podpísanie certifikátu už v databáze existuje ako „%1”, a tak nebola uložená db_x509super Key name Názov kľúča Internal name of the key Interný názov kľúča Signature algorithm Algoritmus podpisu Key type Typ kľúča Key size Veľkosť kľúča EC Group Skupina EC Extracted from %1 '%2' Vyňaté z %1 „%2” Certificate Certifikát Certificate request Žiadosť o certifikát The following extensions were not ported into the template Do šablóny neboli prenesené nasledujúce rozšírenia Transformed from %1 '%2' Transformované z %1 „%2” kvView Type Typ Content Obsah pass_info Password Heslo PIN PIN pkcs11_lib Failed to open PKCS11 library: %1: %2 Zlyhalo otvorenie knižnice PKCS#11: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. Toto nevyzerá ako knižnica PKCS#11. Symbol „C_GetFunctionList” nenájdený. pki_base Unknown Neznáme Imported Importovaný Generated Generovaný Transformed Transformovaný Token Token Legacy Database Stará databáza Renewed Obnovené Property '%1' not listed in 'pki_base::print' Vlastnosť „%1” nie je zahrnutá v „pki_base::print” Internal error: Unexpected message: %1 %2 Interná chyba: Neočakávaná správa: %1 %2 Error writing to file: '%1': %2 Chyba zápisu do súboru „%1”: %2 pki_crl Successfully imported the revocation list '%1' Úspešne importovaný Zoznam odvolaní „%1” Successfully created the revocation list '%1' Úspešne vytvorený Zoznam odvolaní „%1” Delete the %n revocation list(s): '%1'? Odstrániť zoznam odvolaní: '%1'? Odstrániť %n zoznamy odvolaní: '%1'? Odstrániť %n zoznamov odvolaní: '%1'? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. Nemožno načítať zoznam odvolaní zo súboru %1. Vyskúšaný formát CRL PEM a DER. No issuer given Nebol zadaný vydavateľ CRL Renewal of CA '%1' due Termín obnovenia CRL CA „%1” The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' Posledné CRL vydané CA „%1” vyprší %2. Je uložené v databáze XCA „%3” Renew CRL: %1 Obnoviť CRL: %1 The XCA CRL '%1', issued on %3 will expire on %4. It is stored in the XCA database '%5' XCA CRL „%1”, vydané %3 vyprší %4. Je uložené v databáze XCA „%5” Delete the %1 revocation lists: %2? Odstrániť %1 uoznamov odvolaní: %2? Wrong Size %1 Zlá veľkosť %1 unknown neznáme pki_evp Please enter the password to decrypt the private key %1. Prosím, zadajte heslo na dešifrovanie súkromného kľúča %1. The key from file '%1' is incomplete or inconsistent. Kľúč zo súboru „%1” je nekompletný ale nekonzistentný. Please enter the password to decrypt the private key from file: %1 Prosím, zadajte heslo na dešifrovanie súkromného kľúča zo súboru: %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. Nemožno načítať súkromný kľúč zo súboru %1. Vyskúšaný PEM a DER súkromný, verejný, typy kľúčov PKCS#8 a formát SSH2. Please enter the password to decrypt the private key: '%1' Prosím, zadajte heslo na dešifrovanie súkromného kľúča: „%1” Password input aborted Zadávanie hesla zrušené Please enter the database password for decrypting the key '%1' Prosím, zadajte heslo databázy na dešifrovanie kľúča „%1” Decryption of private key '%1' failed Dešifrovanie súkromného kľúča „%1” zlyhalo Please enter the password to protect the private key: '%1' Prosím, zadajte heslo na ochranu súkromného kľúča: „%1” Please enter the database password for encrypting the key Prosím, zadajte heslo databázy na zašifrovanie kľúča Please enter the password to protect the PKCS#8 key '%1' in file: %2 Prosím, zadajte heslo na ochranu kľúča PKCS#8 „%1” v súbore: %2 Please enter the password to protect the private key '%1' in file: %2 Prosím, zadajte heslo na ochranu súkromného kľúča: „%1” v súbore: %2 Please enter the password protecting the Microsoft PVK key '%1' Prosím, zadajte heslo na ochranu kľúča Microsoft PVK „%1” Please enter the export password for the private key '%1' Prosím, zadajte heslo exportu súkromného kľúča „%1” Ignoring unsupported private key Ignorujem nepodporovaný súkromný kľúč Failed to decrypt the key (bad password) %1 Zlyhalo dešifrovanie kľúča (zlé heslo) %1 pki_export PEM Text format with headers Textový formát PEM s hlavičkami PEM selected PEM zvolený Concatenated list of all selected certificates in one PEM text file Zlúčený zoznam zvolených certifikátov v jednom textovom súbore PEM PEM chain Reťaz PEM Concatenated text format of the complete certificate chain in one PEM file Zlúčený textový formát úplnej reťaze certifikátu v jednom súbore PEM The complete certificate chain and the private key of the selected certificate with tags usable in OpenVPN configuration files Úplná reťaz certifikátu a jeho súkromný kľúč, použiteľný v konfigurácii OpenVPN PEM + key PEM + kľúč Concatenation of the certificate and the unencrypted private key in one PEM file Zlúčenie certifikátu a nešifrovaného súkromného kľúča v jednom súbore PEM Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file Zlúčenie certifikátu a šifrovaného súkromného kľúča vo formáte PKCS#8 v jednom súbore All unusable Všetky nepoužiteľné Concatenation of all expired or revoked certificates in one PEM file Zlúčenie všetkých vypršaných alebo odvolaných certifikátov v jednom súbore PEM PKCS#7 encoded single certificate Jeden certifikát, kódovaný PKCS#7 All selected certificates encoded in one PKCS#7 file Všetky zvolené certifikáty kódované v jednom súbore PKCS#7 PKCS #7 chain Reťaz PKCS #7 PKCS#7 encoded complete certificate chain Úplná reťaz certifikátov kódovaná v PKCS#7 PKCS #7 unusable PKCS#7 nepoužiteľné PKCS#7 encoded collection of all expired or revoked certificates Kódovaná kolekcia PKCS#7 všetkých vypršaných alebo odvolaných certifikátov Binary DER encoded certificate Binárne kódovaný certifikát DER PKCS #12 chain Reťaz PKCS #12 The complete certificate chain and the private key as encrypted PKCS#12 file Úplná reťaz certifikátu a súkromný kľúč ako šifrovaný súbor PKCS#12 PKCS #12 PKCS #12 The certificate and the private key as encrypted PKCS#12 file Certifikát a súkromný kľúč ako šifrovaný súbor PKCS#12 Certificate Index file Súbor indexu certifikátov OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool Súbor indexu certifikátov, špecifický pre OpenSSL, vytvorený ako príkazom „ca” a vyžadovaný nástrojom OCSP vCalendar vCalendar vCalendar expiry reminder for the selected items Pripomienka vCalendar vypršania platnosti zvolených položiek CA vCalendar CA vCalendar vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL Pripomienka vCalendar vypršania platnosti všetkých vydaných, platných certifikátov, samotnej CA i posledného CRL OpenSSL config Konfigurácia OpenSSL OpenSSL configuration file to create a certificate or request with the openssl commandline tool Konfiguračný súbor OpenSSL na vytvorenie certifikátu alebo žiadosti pomocou nástroja príkazového riadka openssl OpenVPN tls-auth key Kľúč OpenVPN tls-auth The OpenVPN tls-auth key is a secret key shared between endpoints Kľúč OpenVPN tls-auth je tajný kľúč zdieľaný medzi koncovými bodmi JSON Web Kit JSON Web Kit The public key of the certificate in JSON Web Kit format with X.509 Certificate Thumbprint (x5t) Verejný kľúč certifikátu vo formáte JSON Web Kit s X.509 Certificate Thumbprint (x5t) JSON Web Kit chain Reťaz JSON Web Kit The public key of the certificate in JSON Web Kit format with X.509 Certificate Thumbprint (x5t) and certificate chain (x5c) Verejný kľúč certifikátu vo formáte JSON Web Kit s X.509 Certificate Thumbprint (x5t) a reťazou certifikátu (x5c) PEM public PEM verejný Text format of the public key in one PEM file Textový formát verejného kľúča v súbore PEM PEM private PEM súkromný Unencrypted private key in text format Nešifrovaný súkromný kľúč v textovom formáte PEM encrypted PEM šifrovaný OpenSSL specific encrypted private key in text format Šifrovaný súkromný kľúč v textovom formáte špecifickom pre OpenSSL SSH2 private SSH2 súkromný SSH2 public SSH2 verejný The public key encoded in SSH2 format Verejný kľúč kódovaný vo formáte SSH2 DER public DER verejný Binary DER format of the public key Binárny formát DER verejného kľúča DER private DER súkromný Unencrypted private key in binary DER format Nešifrovaný súkromný kľúč v binárnom formáte DER PVK private PVK súkromný Private key in Microsoft PVK format not encrypted Nešifrovaný súkromný kľúč vo formáte Microsoft PVK PKCS #8 encrypted PKCS #8 šifrovaný Encrypted private key in PKCS#8 text format Šifrovaný súkromný kľúč v textovom formáte PKCS#8 PKCS #8 PKCS #8 Unencrypted private key in PKCS#8 text format Nešifrovaný súkromný kľúč v textovom formáte PKCS#8 JSON Web Key private Súkromný kľúč JSON Web Key Unencrypted private key in JSON Web Key format Nešifrovaný súkromný kľúč vo formáte JSON Web Key JSON Web Key public Verejný kľúč JSON Web Key Public key in JSON Web Key format Verejný kľúč vo formáte JSON Web Key Binary DER format of the certificate request Binárny formát DER žiadosti o certifikát Binary DER format of the revocation list Binárny formát DER zoznamu odvolaní vCalendar reminder for the CRL expiry date Pripomienka vCalendar vypršania platnosti CRL XCA template in PEM-like format. Templates include the internal name and comment Šablóna XCA vo formáte podobnom PEM. Šablóna zahŕňa interné meno a komentár All selected XCA templates in PEM-like format. Templates include the internal name and comment Všetky zvolené šablóny XCA vo formáte podobnom PEM. Šablóny zahŕňajú interné meno a komentár XCA template in PEM-like format Šablóna XCA vo formáte podobnom PEM PVK encrypted PVK šifrovaný Encrypted private key in Microsoft PVK format Šifrovaný súkromný kľúč vo formáte Microsoft PVK pki_key Public key Verejný kľúč Successfully imported the %1 public key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key Úspešne importovaný %1 verejný kľúč „%2” Delete the %n %1 public key(s) '%2'? %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal name(s) of the key(s) Odstrániť %1 verejný kľúč „%2”? Odstrániť %1 verejné kľúče „%2”? Odstrániť %1 verejných kľúčov „%2”? Successfully imported the %1 private key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key Úspešne importovaný %1 súkromný kľúč „%2” Delete the %n %1 private key(s) '%2'? %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal name(s) of the key(s) Odstrániť %1 súkromný kľúč „%2”? Odstrániť %1 súkromné kľúče „%2”? Odstrániť %1 súkromných kľúčov „%2”? Successfully created the %1 private key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key Úspešne vytvorený %1 súkromný kľúč „%2” Common Spoločný Private Súkromný Bogus Pododný PIN PIN No password Bez hesla Unexpected SSH2 content: '%1' Neočakávaný obsah SSH2: „%1” Invalid SSH2 public key Neplatný verejný kľúč SSH2 Failed writing to %1 Zlyhal zápis do %1 Delete the %1 keys: %2? Odstrániť %1 kľúčov: %2? pki_multi No known PEM encoded items found Nájdené neznáme kódované položky PEM pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 Prosím, zadajte heslo na dešifrovanie súboru PKCS#12: %1 Unable to load the PKCS#12 (pfx) file %1. Nemožno načítať súbor PKCS#12 (pfx) %1. The supplied password was wrong (%1) Zadané heslo je zlé (%1) Please enter the password to encrypt the key of certificate '%1' in the PKCS#12 file: %2 Prosím, zadajte heslo na zašifrovanie kľúča certifikátu „%1” v súbore PKCS#12: %2 No key or no Cert and no pkcs12 Nie je to kľúč, ani Certifikát a ani PKCS#12 Please enter the password to encrypt the PKCS#12 file Prosím, zadajte heslo na zašifrovanie súboru PKCS#12 pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. Nemožno načítať súbor PKCS#7 %1. Vyskúšaný formát PEM a DER. pki_scard Successfully imported the token key '%1' Úspešne importovaný kľúč tokenu „%1” Successfully created the token key '%1' úspešne vytvorený kľúč tokenu „%1” Delete the %n token key(s): '%1'? Odstrániť kľúč tokenu „%1”? Odstrániť %n kľúče tokenu „%1”? Odstrániť %n kľúčov tokenu „%1”? Delete the private key '%1' from the token '%2 (#%3)' ? Odstrániť súkromný kľúč „%1” z tokenu „%2 (#%3)”? This Key is already on the token Tento kľúč už je na tokene PIN input aborted Zadanie PIN zrušené Unable to find copied key on the token Nemožno nájsť kópiu kľúča na tokene Please insert card: %1 %2 [%3] with Serial: %4 Prosím, vložte kartu: %1 %2 [%3] so sér. číslom: %4 Select Slot of %1 Zvoliť slot z %1 Unable to find generated key on card Nemožno nájsť vygenerovaný kľúč na karte Token %1 Token %1 Failed to find the key on the token Zlyhalo nájdenie kľúča na tokene Invalid Pin for the token Neplatný PIN tokenu Failed to initialize the key on the token Zlyhal inicializácia kľúča na tokene Delete the %1 keys: %2? Odstrániť %1 kľúčov: %2? Ignoring unsupported token key Ignorovanie nepodporovaného kľúča tokenu Wrong Size %1 Zlá veľkosť %1 Illegal Key generation method Neprípustná metóda generovania kľúča Public Key mismatch. Please re-import card Nezhoda verejného kľúča. Prosím, znova importujte kartu pki_temp Successfully imported the XCA template '%1' Úspešne importovaná šablóna XCA „%1” Successfully created the XCA template '%1' Úspešne vytvorená šablóna XCA „%1” Delete the %n XCA template(s): '%1'? Odstrániť šablónu XCA „%1”? Odstrániť %n šablóny XCA „%1”? Odstrániť %n šablón XCA „%1”? Wrong Size %1 Zlá veľkosť %1 Template file content error (too small) Chyba obsahu súboru šablóny (príliš malá) Not a PEM encoded XCA Template Šablóna XCA nie je vo formáte PEM Not an XCA Template, but '%1' Nie je šablóna XCA, ale „%1” Delete the %1 XCA templates: %2? Odstrániť %1 šablón XCA: %2? Template file content error (too small): %1 Chyba obsahu súboru šablóny (príliš malá): %1 pki_x509 Successfully imported the certificate '%1' Úspešne importovaný certifikát „%1” Successfully created the certificate '%1' Úspešne vytvorený certifikát „%1” Delete the %n certificate(s): '%1'? Odstrániť certifikát „%1”? Odstrániť %n certifikáty „%1”? Odstrániť %n certifikátov „%1”? Unable to load the certificate in file %1. Tried PEM and DER certificate. Nemožno načítať certifikát zo súboru %1. Vyskúšaný certifikát PEM a DER. Invalid OpenVPN tls-auth key Neplatný kľúč OpenVPN tls-auth Failed to import tls-auth key Import kľúča tls-auth zlyhal Same tls-auth key already stored for this CA Táto CA už má nejaký kľúč tls-auth uložený New tls-auth key successfully imported Nový kľúč tls-auth úspešne importovaný Existing tls-auth key successfully replaced Existujúci kľúč tls-auth úspešne nahradený This certificate is already on the security token Tento certifikát už je na bezpečnostnom tokene Delete the certificate '%1' from the token '%2 (#%3)'? Odstrániť certifikát „%1” z tokenu „%2 (#%3)”? There is no key for signing ! Chýba kľúč na podpísanie! No Nie Yes Áno Renew certificate: %1 Obnoviť certifikát: %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' Certifikát XCA „%1”, vydaný %2 vyprší %3. Je uložený v databáze XCA „%4” Delete the %1 certificates: %2? Odstrániť %1 certifikátov: %2? Wrong Size %1 Zlá veľkosť %1 pki_x509req Signing key not valid (public key) Podpisujúci kľúč neplatný (verejný kľúč) Successfully imported the PKCS#10 certificate request '%1' Úspešne importovaná žiadosť o certifikát PKCS#10 „%1” Delete the %n PKCS#10 certificate request(s): '%1'? Odstrániť žiadosť o certifikát PKCS#10 „%1”? Odstrániť %n žiadosti o certifikát PKCS#10 „%1”? Odstrániť %n žiadostí o certifikát PKCS#10 „%1”? Successfully created the PKCS#10 certificate request '%1' Úspešne vytvorená žiadosť o certifikát PKCS#10 „%1” Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. Nemožno načítať žiadosť o certifikát zo súboru %1. Vyskúšané formáty PEM, DER a SPKAC. Signed Podpísaný Unhandled Nespracované Delete the %1 certificate requests: %2? Odstrániť %1 žiadosť o certifikát: %2? Wrong Size %1 Zlá veľkosť %1 v3ext Copy Common Name Kopírovať bežný názov Add Pridať Delete Odstrániť Apply Použiť Validate Overiť Cancel Zrušiť An email address or 'copy' Emailová adresa alebo „copy” An email address Emailová adresa A registered ID: OBJECT IDENTIFIER Registrované ID: IDENTIFIKÁTOR OBJEKTU A uniform resource indicator Jednotný indikátor zdroja A DNS domain name or 'copycn' Doménové meno DNS alebo „copycn” A DNS domain name Doménové meno DNS An IP address Adresa IP Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' Syntax: <OID>;TYP:text ako '1.2.3.4:UTF8:názov' No editing. Only 'copy' allowed here Neupravovať. Je tu dovolené len „copy” Validation failed: '%1' %2 Overenie zlyhalo: „%1” %2 Validation successful: '%1' Overenie úspešné: „%1” xcaWarningGui Copy to Clipboard Kopírovať do schránky TrustState Certificate trust D§veryhodnosť o certifikátu Trustment Dôveryhodnosť &Never trust this certificate Tomuto certifikátu &nikdy nedôverovať Only &trust this certificate, if we trust the signer Tomuto certifikátu &dôverovať, ak dôverujem vydavateľovi &Always trust this certificate Tomuto certifikátu &vždy dôverovať QMessageBox Ok OK Close Zatvoriť Cancel Zrušiť Apply Použiť Yes Áno No Nie xca-RELEASE.2.9.0/lang/xca_tr.ts000066400000000000000000006760571477156507700161750ustar00rootroot00000000000000 Done Bitti About#1 CA Properties CA Özellikleri CaProperties#1 Use random Serial numbers Değişken Seri numaralar kullan CaProperties#2 Default template Varsayılan şablon CaProperties#4 Next serial for signing İmza için sonraki seri CaProperties#5 Details of the Certificate Sertifika bilgileri CertDetail#1 S&tatus &Durum CertDetail#2 Serial CertDetail#3 Seri CertDetail#3 The serial number of the certificate Sertifika seri numarası CertDetail#4 The internal name of the certificate in the database Sertifika veritabanındaki isim CertDetail#5 Internal name CertDetail#6 Dahili adı CertDetail#6 Signature algorithm CertDetail#7 İmza algoritması CertDetail#7 Signature CertDetail#8 İmza CertDetail#8 Key CertDetail#9 Anahtar CertDetail#9 Fingerprints Parmak izleri CertDetail#10 SHA1 SHA1 CertDetail#11 MD5 MD5 CertDetail#12 A SHA-1 hashsum of the certificate A SHA-1 hashsum sertifikası CertDetail#13 An md5 hashsum of the certificate An md5 hassum sertifikası CertDetail#14 Validity CertDetail#15 Geçerlilik CertDetail#15 The time since the certificate is valid Zamana kadar geçerli sertifika CertDetail#16 The time until the certificate is valid Bu zaman kadar sertifika geçerli CertDetail#17 &Subject &Konu CertDetail#18 &Issuer CertDetail#19 &veren CertDetail#19 Attributes Nitelikler CertDetail#20 &Extensions CertDetail#21 &Uzantıları CertDetail#21 Show config Yapılandırmayı göster CertDetail#22 Show extensions Uzantıları göster CertDetail#23 Not available CertDetail#24 Kullanılamaz CertDetail#24 Details of the certificate Sertifika detayları CertDetail#25 Signer unknown Bilinmeyen imzalayan makam CertDetail#26 Self signed Kendinden imzalı CertDetail#27 Not trusted CertDetail#28 Güvenilmeyen CertDetail#28 Trusted Güvenilir CertDetail#29 Revoked: İptaledilmiş CertDetail#30 Not valid Geçersiz CertDetail#31 Valid Geçerli CertDetail#32 Details of the certificate signing request sertifika imzalama isteği detayları CertDetail#33 Certificate renewal Sertifika yenileme CertExtend#1 This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. Bu yeni bir seri numarası ve düzeltilmiş geçerlilik değerleri ile eski bir kopyası olarak yeni bir sertifika oluşturur. CertExtend#2 Validity CertExtend#3 Geçerlilik CertExtend#3 Not before CertExtend#4 Öncedeğil CertExtend#4 Not after CertExtend#5 Sonradeğil CertExtend#5 Time range CertExtend#6 Zaman aralığı CertExtend#6 No well-defined expiration CertExtend#7 Tanımlanmamış son CertExtend#7 Apply CertExtend#8 Uygula CertExtend#8 Days CertExtend#9 Gün CertExtend#9 Months CertExtend#10 Ay CertExtend#10 Years CertExtend#11 Yıl CertExtend#11 Midnight CertExtend#12 Gece Yarısı CertExtend#12 The certificate will be earlier valid than the signer. This is probably not what you want. CertExtend#13 Sertifika önceki imzalayandan daha geçerli olacaktır. Muhtemelen istediğiniz bu değildir. CertExtend#13 Edit times Zamanı düzenle CertExtend#14 Adjust date and continue CertExtend#17 Tarihi düzenler ve devam eder CertExtend#17 The certificate will be longer valid than the signer. This is probably not what you want. CertExtend#18 Sertifika önceki imzalayandan daha geçerli olacaktır. Muhtemelen istediğiniz bu değildir. CertExtend#18 There was no key found for the Certificate: CertView#1 Sertifikadaki anahtar bulunamıyor. CertView#1 Import Certificate signing request CertView#2 Sertifika imzalama isteği CertView#2 Double click for details Detaylariçin çift tıklayın ClickLabel#1 Details of the Revocation list İptal listesi için çift tıklayın CrlDetail#1 &Status &Durum CrlDetail#2 Version Sürüm CrlDetail#3 Signature CrlDetail#4 İmza CrlDetail#4 Signed by İmzalayan: CrlDetail#5 Name CrlDetail#6 İsim CrlDetail#6 The internal name of the CRL in the database CRL veritabanındaki isim CrlDetail#7 issuing dates Verilen tarih CrlDetail#8 Next Update Sonraki Güncelleme CrlDetail#9 Last Update Son Güncelleme CrlDetail#10 &Issuer CrlDetail#11 &veren CrlDetail#11 &Extensions CrlDetail#12 &Uzantıları CrlDetail#12 &Revocation list &İptal listesi CrlDetail#13 0 0 CrlDetail#14 Serial CrlDetail#15 Seri CrlDetail#15 Revocation CrlDetail#16 İptal CrlDetail#16 Reason Neden CrlDetail#17 Invalidation İptal CrlDetail#18 Failed Başarısız CrlDetail#19 Unknown signer Bilinmeyen imzalayan CrlDetail#20 Verification not possible Doğrulama mümkün değil CrlDetail#21 Unknown certificate Bilinmeyen sertifika CrlDetail#22 X509 Certificates ( *.cer *.crt *.p12 *.p7b);;All files ( * ) X509 sertifikası (*cer *.crt *.p12 *.p7b);;Tüm dosyalar (*) ExportCert#1 DER is a binary format of the Certificate PEM is a base64 encoded Certificate PKCS#7 is an official Certificate exchange format PKCS#12 is an encrypted official Key-Certificate exchange format DER ikili sertifika formatı PEM base64 kodlu sertifika PKCS#7 resmi değişim sertifikası PKCS#12 kriptolu anahtar sertifikası ExportCert#2 Please enter the filename for the certificate. Lütfen sertifika ismini giriniz. ExportCert#3 Certificate export Sertifika dışa aktar ExportCert#4 All files ( * ) ExportDer#1 Bütün dosyalar ( * ) ExportDer#1 DER is a binary format PEM is a base64 encoded DER file DER ikili biçimdir PEM base64 kodlanmış DER dosyası ExportDer#2 ... ... ExportDialog#1 Filename Dosya adı ExportDialog#2 Please enter the filename Lütfen dosya adını giriniz ExportDialog#3 Export Format Verme biçimi ExportDialog#4 The file: '%1' already exists! Dosya: 2%1' zaten var ExportDialog#5 Overwrite Üzerine yaz ExportDialog#6 Do not overwrite Üzerine yazmayın ExportDialog#7 When exporting the private key it should be encrypted. Özel anahtar dışa aktarılırken şifreli olmalıdır. ExportKey#1 When exporting the private part, it should be encrypted. Özel bölüm aktarılırken şifreli olmalıdır. ExportKey#2 E&xport the private part of the Key too Dışa aktarılan özel bölüm anahtarı çok ExportKey#3 Export as PKCS#8 PKCS#8 olarak aktar ExportKey#4 Private keys ( *.pem *.der *.pk8 );;All files ( * ) Özel anatarlar (*.pem *.der *.pk8);;Tüm dosyalar ( * ) ExportKey#6 << << Help#1 >> >> Help#2 &Done Help#3 &Bitti Help#3 &Import ImportMulti#3 &İçe Aktar ImportMulti#3 &Done ImportMulti#4 &Bitti ImportMulti#4 &Remove from list &İptal listesi ImportMulti#5 Details Detaylar ImportMulti#6 Name KeyDetail#1 İsim KeyDetail#1 Serial KeyDetail#5 Seri KeyDetail#5 &Delete &Sil MainWindow#7 Certificates Sertifikalar MainWindow#10 Database Veri Tabanı MainWindow#20 &File &Dosya MainWindow#22 Exit Çıkış MainWindow#33 &Help &Yardım MainWindow#48 &About &Hakkında MainWindow#50 Cancel MainWindow#57 İptal MainWindow#57 New Password Yeni Parola MainWindow#64 Password MainWindow#68 Parola MainWindow#68 Days NewCrl#5 Gün NewCrl#5 Months NewCrl#6 Ay NewCrl#6 Years NewCrl#7 Yıl NewCrl#7 Apply NewCrl#9 Uygula NewCrl#9 Name NewKey#4 İsim NewKey#4 Create NewKey#11 Oluştur NewKey#11 Create NewX509#1 Oluştur NewX509#1 Source Kaynak NewX509#2 1 1 NewX509#12 Subject NewX509#23 Konu NewX509#23 Organisation Organizasyon NewX509#24 Country code Ülke kodu NewX509#27 E-Mail address E-posta adresi NewX509#31 Internal name NewX509#32 Dahili adı NewX509#32 Add NewX509#34 Ekle NewX509#34 Delete NewX509#35 Sil NewX509#35 Type NewX509#42 Tür NewX509#42 Days NewX509#60 Gün NewX509#60 Months NewX509#61 Ay NewX509#61 Years NewX509#62 Yıl NewX509#62 Apply NewX509#63 Uygula NewX509#63 Edit Düzenle NewX509#73 Advanced Gelişmiş NewX509#90 Errors Hatalar NewX509#103 Edit name İsmi Düzenle NewX509#111 Password PwDialog#1 Parola PwDialog#1 Import db_x509#21 &İçe Aktar db_x509#21 Rename db_x509#24 Dosya adı db_x509#24 Show Details db_x509#25 Detaylar db_x509#25 Export db_x509#27 Verme biçimi db_x509#27 File db_x509#29 &Dosya db_x509#29 OpenSSL config db_x509#34 Yapılandırmayı göster db_x509#34 Delete db_x509#35 Sil db_x509#35 Sign db_x509#41 İmzalayan: db_x509#41 Challenge password Yeni Parola db_x509req#4 OpenSSL config db_x509req#18 Yapılandırmayı göster db_x509req#18 Delete db_x509req#19 Sil db_x509req#19 Config files ( *.conf *.cnf);; All files ( * ) X509 sertifikası (*cer *.crt *.p12 *.p7b);;Tüm dosyalar (*) db_x509super#4 Delete db_x509#36 Sil &Remove &Kaldır CaProperties Form Days until next CRL issuing Default template Varsayılan şablon CertDetail Details of the Certificate Sertifika bilgileri Status Internal name Dahili adı The internal name of the certificate in the database Sertifika veritabanındaki isim Signature İmza Key Anahtar Serial Seri The serial number of the certificate Sertifika seri numarası Fingerprints Parmak izleri MD5 MD5 An md5 hashsum of the certificate An md5 hassum sertifikası SHA1 SHA1 A SHA-1 hashsum of the certificate A SHA-1 hashsum sertifikası SHA256 SHA256 A SHA-256 hashsum of the certificate A SHA-1 hashsum sertifikası {256 ?} Validity Geçerlilik The time since the certificate is valid Zamana kadar geçerli sertifika The time until the certificate is valid Bu zaman kadar sertifika geçerli Subject Konu Issuer Attributes Nitelikler Extensions Validation Purposes Strict RFC 5280 validation Show config Yapılandırmayı göster Comment Show extensions Uzantıları göster Show public key This key is not in the database. Not available Kullanılamaz No verification errors found. Signer unknown Bilinmeyen imzalayan makam Self signed Kendinden imzalı Revoked at %1 Not valid Geçersiz Valid Geçerli Details of the certificate signing request sertifika imzalama isteği detayları CertExtend Certificate renewal Sertifika yenileme This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. Bu yeni bir seri numarası ve düzeltilmiş geçerlilik değerleri ile eski bir kopyası olarak yeni bir sertifika oluşturur. Validity Geçerlilik Not before Öncedeğil Not after Sonradeğil Time range Zaman aralığı Local time Days Gün Months Ay Years Yıl No well-defined expiration Tanımlanmamış son Midnight Gece Yarısı Apply Uygula Revoke old certificate Replace old certificate Keep serial number The certificate will be earlier valid than the signer. This is probably not what you want. Sertifika önceki imzalayandan daha geçerli olacaktır. Muhtemelen istediğiniz bu değildir. Edit dates Abort rollout Continue rollout Adjust date and continue Tarihi düzenler ve devam eder The certificate will be longer valid than the signer. This is probably not what you want. Sertifika önceki imzalayandan daha geçerli olacaktır. Muhtemelen istediğiniz bu değildir. CertTreeView Hide unusable certificates Import PKCS#12 Import from PKCS#7 Request Security token Other token Similar Certificate Delete from Security token CA Properties Generate CRL Manage revocations Import OpenVPN tls-auth key Renewal Revoke Unrevoke Plain View Tree View days No template CA Properties CA Özellikleri Certificate export Sertifika dışa aktar X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) vCalendar entry ( *.ics ) OpenVPN file ( *.ovpn ) OpenVPN tls-auth key ( *.key ) ClickLabel Double click for details Detaylariçin çift tıklayın CrlDetail Details of the Revocation list İptal listesi için çift tıklayın &Status &Durum Version Sürüm Signature İmza Signed by İmzalayan: Name İsim The internal name of the CRL in the database CRL veritabanındaki isim issuing dates Verilen tarih Next update Last update &Issuer &veren &Extensions &Uzantıları &Revocation list &İptal listesi Comment Failed Başarısız Unknown signer Bilinmeyen imzalayan Verification not possible Doğrulama mümkün değil CrlTreeView There are no CA certificates for CRL generation Select CA certificate Revocation list export CRL ( *.pem *.der *.crl ) vCalendar entry ( *.ics ) ExportDialog Name İsim The internal name of the CRL in the database CRL veritabanındaki isim Filename Dosya adı ... ... Each Item in a separate file Same encryption password for all items Export comment into PEM file Export Format Verme biçimi %n selected item(s) All files ( * ) Bütün dosyalar ( * ) The file: '%1' already exists! Dosya: 2%1' zaten var Overwrite Üzerine yaz Do not overwrite Üzerine yazmayın The path: '%1' exist, but is not a file The path: '%1' exist, but is not a directory The directory: '%1' does not exist. Should it be created? Create Oluştur Failed to create directory '%1' Directory Form last update next update Days Gün Months Ay Years Yıl Apply Uygula Midnight Gece Yarısı Local time No well-defined expiration Tanımlanmamış son Help << << >> >> &Done &Bitti ImportMulti Import PKI Items Import &All &Import &İçe Aktar &Done &Bitti &Remove from list &İptal listesi Details Detaylar Delete from token Rename on token Name: %1 Model: %2 Serial: %3 Manage security token The type of the item '%1' is not recognized Could not open the default database The file '%1' did not contain PKI data The %1 files: '%2' did not contain PKI data ItemProperties Name İsim Source Kaynak Insertion date Comment KeyDetail Name İsim The internal name of the key used by xca Key Anahtar Public Exponent Keysize Private Exponent Security Token Label PKCS#11 ID Token information Model Manufacturer Serial Seri Fingerprint Comment Details of the %1 key Not available Kullanılamaz Security token Available Sub prime Public key Private key Curve name Unknown key KeyTreeView Change password Reset password Change PIN Init PIN with SO PIN (PUK) Change SO PIN (PUK) Security token This is not a token Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable Key export Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) SSH Private Keys ( *.priv ) Microsoft PVK Keys ( *.pvk ) MainWindow Private Keys &New Key &Export &Import &İçe Aktar Import PFX (PKCS#12) &Show Details &Delete &Sil Certificate signing requests &New Request Certificates Sertifikalar &New Certificate Import &PKCS#12 Import P&KCS#7 Plain View Templates &New Template Ch&ange Template Revocation lists &New CRL Search Import PEM data Please enter the original SO PIN (PUK) of the token '%1' Please enter the new SO PIN (PUK) for the token '%1' The new label of the token '%1' The token '%1' did not contain any keys or certificates Retry with PIN Retry with SO PIN Current Password Please enter the current database password The entered password is wrong New Password Yeni Parola Please enter the new password to encrypt your private keys in the database-file Transaction start failed Database: %1 Using or exporting private keys will not be possible without providing the correct password The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. The currently used PFX / PKCS#12 algorithm '%1' is insecure. Change Certificate Index ( index.txt ) All files ( * ) Bütün dosyalar ( * ) Diffie-Hellman parameters saved as: %1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits System Chinese Croatian Dutch English French German Italian Japanese Korean Polish Portuguese in Brazil Russian Slovak Spanish Indonesian Turkish Persian Bulgarian Recent DataBases Language &File &Dosya New DataBase Open DataBase Open Remote DataBase Set as default DataBase Close DataBase Options Exit Çıkış I&mport Keys Requests PKCS#12 PKCS#7 Template Revocation list PEM file Paste PEM file Token &Manage Security token &Init Security token &Change PIN Change &SO PIN Init PIN Extra &Dump DataBase &Export Certificate Index Export Certificate &Index hierarchy C&hange DataBase password &Undelete items Generate DH parameter OID Resolver &Help &Yardım Content About NewCrl Last update Next update Days Gün Months Ay Years Yıl Midnight Gece Yarısı Local time Apply Uygula Options Hash algorithm Subject alternative name Authority key identifier CRL number Revocation reasons Create CRL NewKey New Key Please give a name to the new key and select the desired keysize Key properties Name İsim The internal name of the new key Curve name Keysize Usually at least 2048 bit keys are recommended Keytype Remember as default Create Oluştur NewX509 Source Kaynak Signing request Show request Sign this Certificate signing &request Copy extensions from the request Modify subject of the request Signing Create a &self signed certificate Use &this Certificate for signing All certificates in your database that can create valid signatures Signature algorithm İmza algoritması Template for the new certificate All available templates Apply extensions Apply subject Apply all Subject Konu Internal Name This name is only used internally and does not appear in the resulting certificate Distinguished name Add Ekle Delete Sil Private key This list only contains unused keys Used keys too &Generate a new key Extensions Type Tür If this will become a CA certificate or not Not defined Certification Authority End Entity Path length How much CAs may be below this. The basic constraints should always be critical Key identifier Creates a hash of the key following the PKIX guidelines Copy the Subject Key Identifier from the issuer Validity Geçerlilik Not before Öncedeğil Not after Sonradeğil Time range Zaman aralığı Days Gün Months Ay Years Yıl Apply Uygula Set the time to 00:00:00 and 23:59:59 respectively Midnight Gece Yarısı Local time No well-defined expiration Tanımlanmamış son DNS: IP: URI: email: RID: Edit Düzenle URI: Key usage Netscape Advanced Gelişmiş Validate Comment Critical Create Certificate signing request minimum size: %1 maximum size: %1 only a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters Edit XCA template Create x509 Certificate Template '%1' applied Subject applied from template '%1' Extensions applied from template '%1' New key '%1' created Other Tabs Advanced Tab Errors Hatalar From PKCS#10 request Error duplicate extensions The Name Constraints are invalid The Subject Alternative Name is invalid The Issuer Alternative Name is invalid The CRL Distribution Point is invalid The Authority Information Access is invalid Abort rollout The following length restrictions of RFC3280 are violated: Edit subject Continue rollout The verification of the Certificate request failed. The rollout should be aborted. Continue anyway The internal name and the common name are empty. Please set at least the internal name. Edit name İsmi Düzenle There is no Key selected for signing. Select key The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. The key you selected for signing is not a private one. Select other signer Select other key The currently selected hash algorithm '%1' is insecure and should not be used. Select other algorithm Use algorithm anyway The certificate will be earlier valid than the signer. This is probably not what you want. Sertifika önceki imzalayandan daha geçerli olacaktır. Muhtemelen istediğiniz bu değildir. Edit dates Adjust date and continue Tarihi düzenler ve devam eder The certificate will be longer valid than the signer. This is probably not what you want. Sertifika önceki imzalayandan daha geçerli olacaktır. Muhtemelen istediğiniz bu değildir. The certificate will be out of date before it becomes valid. You most probably mixed up both dates. The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. The certificate contains invalid extensions. Edit extensions The subject alternative name shall contain a copy of the common name. However, the common name is empty. A name constraint of the issuer '%1' is violated: %2 Configfile error on line %1 OidResolver OID Resolver Enter the OID, the Nid, or one of the textual representations Search OID Long name OpenSSL internal ID Nid Short name OpenDb Open remote database Database type Hostname Username Password Parola Database name Table prefix No SqLite3 driver available. Please install the qt-sqlite package of your distribution Options XCA Options Settings Default hash algorithm PKCS12 encryption algorithm String types Suppress success messages Disable legacy Netscape extensions Translate established x509 terms (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. Only use hashes supported by the token when signing with a token key Don't colorize expired certificates Certificate expiry warning threshold Send vCalendar expiry reminder Serial number length bit Distinguished name Mandatory subject entries Add Ekle Delete Sil Explicit subject entries Dynamically arrange explicit subject entries Default PKCS#11 provider Remove Search Printable string or UTF8 (default) PKIX recommendation in RFC2459 No BMP strings, only printable and T61 UTF8 strings only (RFC2459) All strings Days Gün Weeks PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) Take as HEX string Repeat %1 %1 mismatch Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters Exit Çıkış QObject Undefined Broken / Invalid in %1 seconds %1 seconds ago in %1 minutes %1 minutes ago Yesterday Tomorrow in %1 hours %1 hours ago Failed to update the database schema to the current version Country code Ülke kodu State or Province Locality Organisation Organizasyon Organisational unit Common name E-Mail address E-posta adresi Serial number Given name Surname Title Initials Description Role Pseudonym Generation Qualifier x500 Unique Identifier Name İsim DN Qualifier Unstructured name Challenge password Yeni Parola Basic Constraints Name Constraints Subject alternative name issuer alternative name Subject key identifier Authority key identifier Key usage Extended key usage CRL distribution points Authority information access Certificate type Base URL Revocation URL CA Revocation URL Certificate renewal URL CA policy URL SSL server name Comment All files ( * ) Bütün dosyalar ( * ) PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK Keys ( *.pvk );; SSH Public Keys ( *.pub );; Import RSA key PKCS#10 CSR ( *.pem *.der *.csr );; Import Request Certificates ( *.pem *.der *.crt *.cer );; Import X.509 Certificate PKCS#7 data ( *.p7s *.p7m *.p7b );; Import PKCS#7 Certificates PKCS#12 Certificates ( *.p12 *.pfx );; Import PKCS#12 Private Certificate XCA templates ( *.xca );; Import XCA Templates Revocation lists ( *.pem *.der *.crl );; Import Certificate Revocation List XCA Databases ( *.xdb );; Open XCA Database OpenVPN tls-auth key ( *.key );; Import OpenVPN tls-auth key PKCS#11 library ( *.dll );; PKCS#11 library ( *.dylib *.so );; PKCS#11 library ( *.so );; Open PKCS#11 shared library PEM files ( *.pem );; Load PEM encoded file Index file written to '%1' Index hierarchy written to '%1' Unknown key type %1 Failed to write PEM data to '%1' Error reading config file %1 at line %2 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. Unknown object '%1' in file %2 line %3 Please enter the PIN on the PinPad Please enter the SO PIN (PUK) of the token %1 Please enter the PIN of the token %1 No Security token found Select Please enter the new SO PIN (PUK) for the token: '%1' Please enter the new PIN for the token: '%1' Required PIN size: %1 - %2 Disabled Library loading failed PKCS#11 function '%1' failed: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 Out of data Error finding endmarker of string Password Parola Failed to start a database transaction Invalid %1 is shorter than %2 bytes: '%3' %1 is longer than %2 bytes: '%3' String '%1' for '%2' contains invalid characters Password verify error, please try again The following error occurred: insecure ReqTreeView Sign İmzalayan: Unmark signed Mark signed Similar Request Certificate request export Certificate request ( *.pem *.der *.csr ) RevocationList Manage revocations Add Ekle Delete Sil Edit Düzenle No. Serial Seri Revocation İptal Reason Neden Invalidation İptal Generate CRL Revoke Certificate revocation Revocation details Revocation reason Local time Invalid since Serial Seri SearchPkcs11 Directory ... ... Include subdirectories Search The following files are possible PKCS#11 libraries SelectToken Security token Please select the security token TempTreeView Duplicate Create certificate Create request copy Preset Template values Template export XCA Templates ( *.xca ) Validity yyyy-MM-dd hh:mm X509SuperTreeView OpenSSL config Yapılandırmayı göster Transform Template Public key Config files ( *.conf *.cnf);; All files ( * ) X509 sertifikası (*cer *.crt *.p12 *.p7b);;Tüm dosyalar (*) XFile Error opening file: '%1': %2 Error rewinding file: '%1': %2 XcaDetail Import &İçe Aktar XcaTreeView Item properties Subject entries X509v3 Extensions Netscape extensions Key properties Reset Hide Column Details Detaylar Columns Export Password Please enter the password to encrypt all %n exported private key(s) in: %1 Singular form for 0 or 1 item can be ignored. Will always be called with n >= 2 New Import &İçe Aktar Paste PEM data Rename Dosya adı Properties Delete Sil Export Verme biçimi Clipboard File &Dosya Clipboard format database_model Please enter the password to access the database server %2 as user '%1'. Unable to create '%1': %2 The file '%1' is not an XCA database No SqLite3 driver available. Please install the qt-sqlite package of your distribution New Password Yeni Parola Please enter a password, that will be used to encrypt your private keys in the database: %1 Password Parola Please enter the password for unlocking the database: %1 db_base Internal name Dahili adı No. Primary key Database unique number Date Date of creation or insertion Source Kaynak Generated, Imported, Transformed Comment First line of the comment field Import from: %1 Could not create directory %1 db_crl Signer Internal name of the signer No. revoked Number of revoked certificates Last update Next update CRL number The revocation list already exists in the database as: '%1' and so it was not imported Failed to initiate DB transaction Database error: %1 db_key Type Tür Size EC Group Use Password Parola The key is already in the database as: '%1' and is not going to be imported The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key Extending public key from %1 by imported key '%2' Key size too small ! You are sure to create a key of the size: %1 ? Internal key update: The keys: %1 must be updated once by resetting and setting its private password Tried to change password of a token db_temp Empty template Bad template: %1 db_x509 CA reflects the basic Constraints extension Serial Seri MD5 fingerprint SHA1 fingerprint SHA256 fingerprint Start date Not before Öncedeğil Expiry date Not after Sonradeğil Revocation İptal CRL Expiration Failed to create directory '%1' Failed to retrieve unique random serial The certificate already exists in the database as: '%1' and so it was not imported Signed on %1 by '%2' Unknown Invalid public key The key you selected for signing is not a private one. Store the certificate to the key on the token '%1 (#%2)' ? There was no key found for the Certificate: '%1' Not possible for a token key: '%1' Not possible for the token-key Certificate '%1' db_x509name Subject Konu Complete distinguished name Subject hash Hash to lookup certs in directories db_x509req Signed whether the request is already signed or not Unstructured name Challenge password Yeni Parola Certificate count Number of certificates in the database with the same public key The certificate signing request already exists in the database as '%1' and thus was not stored db_x509super Key name Internal name of the key Signature algorithm İmza algoritması Key type Key size EC Group Extracted from %1 '%2' Certificate Certificate request The following extensions were not ported into the template Transformed from %1 '%2' kvView Type Tür Content pass_info Password Parola PIN pkcs11_lib Failed to open PKCS11 library: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. pki_base Internal error: Unexpected message: %1 %2 Unknown Imported Generated Transformed Token Legacy Database Renewed Property '%1' not listed in 'pki_base::print' pki_crl Successfully imported the revocation list '%1' Successfully created the revocation list '%1' Delete the %n revocation list(s): '%1'? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. No issuer given CRL Renewal of CA '%1' due The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' Renew CRL: %1 The XCA CRL '%1', issued on %3 will expire on %4. It is stored in the XCA database '%5' pki_evp Please enter the password to decrypt the private key %1. The key from file '%1' is incomplete or inconsistent. Please enter the password to decrypt the private key from file: %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. Please enter the password to decrypt the private key: '%1' Password input aborted Please enter the database password for decrypting the key '%1' Decryption of private key '%1' failed Please enter the password to protect the private key: '%1' Please enter the database password for encrypting the key Please enter the password to protect the PKCS#8 key '%1' in file: %2 Please enter the password to protect the private key '%1' in file: %2 pki_export PEM Text format with headers PEM selected Concatenated list of all selected certificates in one PEM text file PEM chain Concatenated text format of the complete certificate chain in one PEM file The complete certificate chain and the private key of the selected certificate with tags usable in OpenVPN configuration files PEM + key Concatenation of the certificate and the unencrypted private key in one PEM file Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file All unusable Concatenation of all expired or revoked certificates in one PEM file PKCS#7 encoded single certificate All selected certificates encoded in one PKCS#7 file PKCS #7 chain PKCS#7 encoded complete certificate chain PKCS #7 unusable PKCS#7 encoded collection of all expired or revoked certificates Binary DER encoded certificate PKCS #12 chain The complete certificate chain and the private key as encrypted PKCS#12 file PKCS #12 The certificate and the private key as encrypted PKCS#12 file Certificate Index file OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool vCalendar vCalendar expiry reminder for the selected items CA vCalendar vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL OpenSSL config Yapılandırmayı göster OpenSSL configuration file to create a certificate or request with the openssl commandline tool OpenVPN tls-auth key The OpenVPN tls-auth key is a secret key shared between endpoints JSON Web Kit The public key of the certificate in JSON Web Kit format with X.509 Certificate Thumbprint (x5t) JSON Web Kit chain The public key of the certificate in JSON Web Kit format with X.509 Certificate Thumbprint (x5t) and certificate chain (x5c) PEM public Text format of the public key in one PEM file PEM private Unencrypted private key in text format PEM encrypted OpenSSL specific encrypted private key in text format SSH2 private SSH2 public The public key encoded in SSH2 format DER public Binary DER format of the public key DER private Unencrypted private key in binary DER format PVK private Private key in Microsoft PVK format not encrypted PKCS #8 encrypted Encrypted private key in PKCS#8 text format PKCS #8 Unencrypted private key in PKCS#8 text format JSON Web Key private Unencrypted private key in JSON Web Key format JSON Web Key public Public key in JSON Web Key format Binary DER format of the certificate request Binary DER format of the revocation list vCalendar reminder for the CRL expiry date XCA template in PEM-like format. Templates include the internal name and comment All selected XCA templates in PEM-like format. Templates include the internal name and comment pki_key Public key Successfully imported the %1 public key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key Delete the %n %1 public key(s) '%2'? %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal name(s) of the key(s) Successfully imported the %1 private key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key Delete the %n %1 private key(s) '%2'? %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal name(s) of the key(s) Successfully created the %1 private key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key Common Private Bogus PIN No password Unexpected SSH2 content: '%1' Invalid SSH2 public key Failed writing to %1 pki_multi No known PEM encoded items found pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 Unable to load the PKCS#12 (pfx) file %1. The supplied password was wrong (%1) Please enter the password to encrypt the key of certificate '%1' in the PKCS#12 file: %2 No key or no Cert and no pkcs12 pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. pki_scard Successfully imported the token key '%1' Successfully created the token key '%1' Delete the %n token key(s): '%1'? Delete the private key '%1' from the token '%2 (#%3)' ? This Key is already on the token PIN input aborted Unable to find copied key on the token Please insert card: %1 %2 [%3] with Serial: %4 Select Slot of %1 Unable to find generated key on card Token %1 Failed to find the key on the token Invalid Pin for the token Failed to initialize the key on the token pki_temp Successfully imported the XCA template '%1' Successfully created the XCA template '%1' Delete the %n XCA template(s): '%1'? Wrong Size %1 Template file content error (too small) Not a PEM encoded XCA Template Not an XCA Template, but '%1' pki_x509 Successfully imported the certificate '%1' Successfully created the certificate '%1' Delete the %n certificate(s): '%1'? Unable to load the certificate in file %1. Tried PEM and DER certificate. Invalid OpenVPN tls-auth key Failed to import tls-auth key Same tls-auth key already stored for this CA New tls-auth key successfully imported Existing tls-auth key successfully replaced This certificate is already on the security token Delete the certificate '%1' from the token '%2 (#%3)'? There is no key for signing ! No Yes Renew certificate: %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' pki_x509req Signing key not valid (public key) Successfully imported the PKCS#10 certificate request '%1' Delete the %n PKCS#10 certificate request(s): '%1'? Successfully created the PKCS#10 certificate request '%1' Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. Signed Unhandled v3ext Copy Common Name Add Ekle Delete Sil Apply Uygula Validate Cancel İptal An email address or 'copy' An email address A registered ID: OBJECT IDENTIFIER A uniform resource indicator A DNS domain name or 'copycn' A DNS domain name An IP address Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' No editing. Only 'copy' allowed here Validation failed: '%1' %2 Validation successful: '%1' xcaWarningGui Copy to Clipboard xca-RELEASE.2.9.0/lang/xca_zh_CN.ts000066400000000000000000005774431477156507700165500ustar00rootroot00000000000000 CaProperties CA Properties CA属性 Form 表单 Days until next CRL issuing CRL发布间隔 Default template 默认模板 CertDetail Details of the Certificate 证书详情 Serial 序列号 The serial number of the certificate 证书的序列号 The internal name of the certificate in the database XCA内部使用的证书名称 Status 状态 Internal name 内部名称 Signature 签名 Key 密钥 Fingerprints 指纹信息 MD5 MD5 An md5 hashsum of the certificate 证书的MD5哈希值 SHA1 SHA1 A SHA-1 hashsum of the certificate 证书的SHA-1哈希值 SHA256 SHA256 A SHA-256 hashsum of the certificate 证书的SHA-256哈希值 Validity 有效期 The time since the certificate is valid 生效时间 The time until the certificate is valid 失效时间 Subject 主题 Issuer 颁发者 Extensions 扩展 Validation Purposes Strict RFC 5280 validation Comment 备注 Attributes 属性 Show config 显示配置 Show extensions 显示扩展 Show public key 显示公钥 This key is not in the database. 密钥不在XCA数据库中。 Not available 不可用 No verification errors found. Signer unknown 未知的签发人 Self signed 自签名 Revoked at %1 于%1吊销 Revoked: 已吊销: Not valid 无效 Valid 有效 Details of the certificate signing request 证书签名请求(CSR)的详细信息 CertExtend Certificate renewal 证书续签 This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. 这将以旧证书为模板创建新证书,证书序列号和有效期将发生改变。 Validity 有效期 Not before 生效时间 Not after 失效时间 Time range 指定时间跨度 Local time 使用本地时间 Days Months Years No well-defined expiration 不指定失效时间 Midnight 使用GMT午夜时间 Apply 应用 Revoke old certificate 同时吊销旧证书 Replace old certificate 同时替换旧证书 Keep serial number 保持序列号不变 The certificate will be earlier valid than the signer. This is probably not what you want. 新证书的生效时间早于签发人,请再次确认。 Edit dates 手动调整 Abort rollout 中止操作 Continue rollout 仍然继续 Adjust date and continue 将证书的生效时间自动调整为签名者的生效时间,或将证书的失效时间自动调整为签名者的失效时间 自动调整 The certificate will be longer valid than the signer. This is probably not what you want. 新证书的失效时间晚于签发人,请再次确认。 CertTreeView Hide unusable certificates Import PKCS#12 导入PKCS#12 Import from PKCS#7 导入PKCS#7 Request 证书签名请求(CSR) Security token 安全令牌 Other token 其他令牌 Similar Certificate 证书副本 Delete from Security token 从安全令牌中删除 CA CA Properties 属性 Generate CRL 生成证书吊销列表(CRL) Manage revocations 吊销管理 Import OpenVPN tls-auth key 导入OpenVPN TLS认证密钥 Renewal 续签 Revoke 吊销 Unrevoke 反吊销 Plain View 扁平视图 Tree View 树形视图 days No template 无模板 CA Properties CA属性 Certificate export 证书导出 X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b ) vCalendar entry ( *.ics ) OpenVPN file ( *.ovpn ) OpenVPN tls-auth key ( *.key ) ClickLabel Double click for details 双击查看详情 CrlDetail Details of the Revocation list 吊销列表详情 &Status 状态 Version 版本 Signature 签名算法 Signed by 签名CA Name 内部名称 The internal name of the CRL in the database XCA内部使用的CRL名称 issuing dates 发布时间 Next update 下次更新时间 Last update 最近更新时间 &Issuer 签发人 &Extensions 扩展 &Revocation list 吊销列表 Comment 备注 Failed 失败 Unknown signer 未知的签发人 Verification not possible 无法验证 CrlTreeView There are no CA certificates for CRL generation 没有可用于生成CRL的CA证书 Select CA certificate 选择CA证书 Revocation list export 导出吊销列表 CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) vCalendar entry ( *.ics ) ExportDialog Name 内部名称 The internal name of the CRL in the database XCA内部使用的CRL名称 ... ... Filename 文件名 Each Item in a separate file Same encryption password for all items Export comment into PEM file 导出备注至PEM文件 Export Format 导出格式 All files ( * ) All files ( * ) PEM Text format with headers 带头部的PEM文本格式 Concatenated list of all selected items in one PEM text file 导出选定的条目到一个PEM文本文件中 Concatenated text format of the complete certificate chain in one PEM file 导出完整的证书链到一个PEM文件中 Concatenated text format of all certificates in one PEM file 导出所有的证书到一个PEM文件中 Binary DER encoded file 二进制DER编码文件 PKCS#7 encoded single certificate PKCS#7编码的单个证书 PKCS#7 encoded complete certificate chain PKCS#7编码的完整证书链 Concatenated text format of all unrevoked certificates in one PEM file 导出所有未吊销的证书到一个PEM文件中 All unrevoked certificates encoded in one PKCS#7 file 导出所有未吊销的证书到一个PKCS#7文件中 All selected certificates encoded in one PKCS#7 file 导出选定的证书到一个PKCS#7文件中 All certificates encoded in one PKCS#7 file 导出所有的证书到一个PKCS#7文件中 The certificate and the private key as encrypted PKCS#12 file 导出证书和加密私钥到PKCS#12文件中 The complete certificate chain and the private key as encrypted PKCS#12 file 导出完整证书链和加密私钥到PKCS#12文件中 Concatenation of the certificate and the unencrypted private key in one PEM file 导出证书和未加密私钥到一个PEM文件中 Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file 导出证书和加密私钥到PKCS#8文件中 Text format of the public key in one PEM file 导出公钥到PEM文本文件中 Binary DER format of the public key 导出公钥到DER二进制文件中 Unencrypted private key in text format 导出未加密私钥到文本文件中 OpenSSL specific encrypted private key in text format 导出OpenSSL风格的加密私钥到文本文件中 Unencrypted private key in binary DER format 导出未加密的私钥到DER二进制文件中 Unencrypted private key in PKCS#8 text format 导出未加密私钥到PKCS#8文本文件中 Encrypted private key in PKCS#8 text format 导出加密私钥到PKCS#8文本文件中 The public key encoded in SSH2 format 以SSH2格式编码的公钥 OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool 导出OpenSSL风格的证书索引文件(Index),该文件由'openssl ca'命令创建,通常OCSP工具需要使用它 vCalendar expiry reminder for the selected items 所选条目的vCalendar到期提醒 vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL 包含所有已颁发的有效证书,CA本身和最新的CRL的vCalendar到期提醒 %n selected item(s) The file: '%1' already exists! 文件'%1'已存在 Overwrite 覆盖 Do not overwrite 不覆盖 The path: '%1' exist, but is not a file The path: '%1' exist, but is not a directory The directory: '%1' does not exist. Should it be created? Create 创建 Failed to create directory '%1' 创建目录'%1'失败 Directory 目录 Form last update 最近更新时间 next update 下次更新时间 Days Months Years Apply 应用 Midnight 使用GMT午夜时间 Local time 使用本地时间 No well-defined expiration 不指定失效时间 Help << << >> >> &Done 关闭 ImportMulti Import PKI Items 导入PKI条目 Import &All 导入全部 &Import 导入 &Done 完成 &Remove from list 从列表中移除 Details 详细信息 Delete from token 从令牌中删除 Rename on token 重命名令牌 Name: %1 Model: %2 Serial: %3 名称: %1 型号: %2 序列号: %3 Manage security token 管理安全令牌 Details of the item '%1' cannot be shown 无法显示条目'%1'的详细信息 The type of the item '%1' is not recognized 条目'%1'的类型无法识别 Could not open the default database 无法打开默认数据库 The file '%1' did not contain PKI data 文件'%1'不包含PKI数据 The %1 files: '%2' did not contain PKI data 这%1个文件: '%2'不包含PKI数据 ItemProperties Name 内部名称 Source 来源 Insertion date 添加日期 Comment 备注 KeyDetail Name 内部名称 The internal name of the key used by xca XCA内部使用的密钥名称 Security token 安全令牌 Manufacturer 生产厂商 Serial 序列号 Key 密钥 Public Exponent Public Exponent Keysize 密钥长度 Private Exponent Private Exponent Security Token 安全令牌 Label 标签 PKCS#11 ID PKCS#11 ID Token information 令牌信息 Model 型号 Fingerprint 指纹 Comment 备注 Details of the %1 key %1密钥详情 Not available 不可用 Available 可用 Sub prime Sub prime Public key 公钥 Private key 私钥 Curve name 曲线名称 Unknown key 未知的密钥 KeyTreeView Clipboard format 剪贴板格式 Change password 修改密码 Reset password 重置密码 Change PIN 修改PIN Init PIN with SO PIN (PUK) 使用SO PIN (PUK)初始化PIN Change SO PIN (PUK) 修改SO PIN (PUK) Security token 安全令牌 This is not a token 这不是有效令牌 Shall the original key '%1' be replaced by the key on the token? This will delete the key '%1' and make it unexportable 旧密钥 '%1'是否应该被令牌上的密钥替换? 这将删除密钥 '%1'并使其无法导出 Key export 导出密钥 SSH Private Keys ( *.priv ) Microsoft PVK Keys ( *.pvk ) Export public key [%1] 导出公钥 [%1] Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) Private Keys ( *.pem *.der *.pk8 );; SSH Public Keys ( *.pub ) MainWindow Private Keys 私钥 &New Key 创建密钥 &Export 导出 &Import 导入 Import PFX (PKCS#12) 导入PKCS#12 &Show Details 查看详情 &Delete 删除 Certificate signing requests 证书签名请求 &New Request 创建CSR Certificates 证书 &New Certificate 创建证书 Import &PKCS#12 导入PKCS#12 Import P&KCS#7 导入PKCS#7 Plain View 平铺视图 Templates 模板 &New Template 创建模板 &New CRL 创建CRL Ch&ange Template 编辑模板 Revocation lists 吊销列表 Using or exporting private keys will not be possible without providing the correct password 若没有提供正确的密码,将无法使用或导出私钥 Database 数据库 The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons. 当前使用的默认哈希算法'%1'是不安全的。 出于安全原因,请至少选择'SHA 224'。 Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format 检测到旧版数据库格式。 创建名为'%1'的备份副本,并将数据库转换为新格式 Failed to rename the database file, because the target already exists 无法重命名数据库文件,因为目标已存在 No deleted items found 找不到已删除的项目 Recent DataBases 最近打开的数据库 System 使用系统语言 Croatian 克罗地亚语 English 英语 French 法语 German 德语 Japanese 日语 Korean Russian 俄语 Slovak 斯洛伐克语 Spanish 西班牙语 Persian 波斯语 Bulgarian 保加利亚语 Polish 波兰语 Italian 意大利语 Chinese 简体中文 Dutch 荷兰语 Portuguese in Brazil 巴西葡萄牙语 Indonesian 印度尼西亚语 Turkish 土耳其语 Language 语言 &File 文件 &New DataBase 新建数据库 &Open DataBase 打开数据库 Open Remote DataBase 打开远程数据库 Set as default DataBase 设置为默认数据库 &Close DataBase 关闭数据库 New DataBase 新建数据库 Open DataBase 打开数据库 Close DataBase 关闭数据库 Options 选项 Exit 退出 I&mport 导入 Keys 密钥 Requests 证书签名请求(CSR) PKCS#12 PKCS#12 PKCS#7 PKCS#7 Template 模板 Revocation list 证书吊销列表(CRL) PEM file PEM文件 Paste PEM file 粘贴PEM文件 Token 令牌 Export Certificate &Index hierarchy 导出证书清单(按CA) Content 使用文档 &Token 令牌 &Manage Security token 管理安全令牌 &Init Security token 初始化安全令牌 &Change PIN 修改PIN Change &SO PIN 修改SO PIN Init PIN 初始化PIN Extra 其他工具 &Dump DataBase 导出XCA数据库内容 &Export Certificate Index 导出证书清单 &Export Certificate Index hierarchy 分CA导出证书索引(Index) C&hange DataBase password 修改XCA数据库密码 &Undelete items 反删除 Generate DH parameter DH参数生成器 OID Resolver OID解析器 &Help 帮助 &Content 帮助 About 关于 no such option: %1 没有这个选项: %1 Import PEM data 导入PEM数据 Please enter the original SO PIN (PUK) of the token '%1' 请输入安全令牌'%1'的旧SO PIN(PUK) Search 搜索 Please enter the new SO PIN (PUK) for the token '%1' 请输入安全令牌'%1'的新SO PIN(PUK) The new label of the token '%1' 令牌的新标签 '%1' The token '%1' did not contain any keys or certificates 安全令牌'%1'不包含任何密钥和证书 Retry with PIN 使用PIN重试 Retry with SO PIN 使用SO PIN重试 Current Password 当前密码 Please enter the current database password 请输入数据库的当前密码 The entered password is wrong 输入的密码错误 New Password 新密码 Please enter the new password to encrypt your private keys in the database-file 请输入数据库的新密码,用于加密数据库中的私钥信息 Transaction start failed 数据库事务失败 Database: %1 数据库: %1 The currently used PFX / PKCS#12 algorithm '%1' is insecure. 当前使用了不安全的PKCS#12算法:%1。 Change 更改 Please enter a password, that will be used to encrypt your private keys in the database: %1 请输入数据库的密码,用于加密数据库中的私钥信息: %1 Password verify error, please try again 密码校验错误,请再试一次 Password 密码 Please enter the password for unlocking the database: %1 请输入数据库密码,用于解锁数据库: %1 The following error occurred: 下列错误发生: Copy to Clipboard 复制到剪贴板 Certificate Index ( index.txt ) Certificate Index ( index.txt ) All files ( * ) All files ( * ) Diffie-Hellman parameters saved as: %1 DH参数保存在:%1 Diffie-Hellman parameters are needed for different applications, but not handled by XCA. Please enter the DH parameter bits 有些应用程序需要Diffie-Hellman参数。 请输入所需DH参数的位数: Error opening file: '%1': %2 打开文件错误: '%1': %2 NewCrl Last update 最近更新时间 Next update 下次更新时间 Days Months Years Midnight 使用GMT午夜时间 Local time 使用本地时间 Apply 应用 Options 选项 CRL number CRL编号 Subject alternative name 主题可选名称(SAN) Revocation reasons 吊销原因 Authority key identifier CA主题密钥标识符 Hash algorithm 哈希算法 Create CRL 创建CRL NewKey Please give a name to the new key and select the desired keysize 请指定新密钥名称,并选择所需的密钥长度 Key properties 密钥属性 Name 内部名称 The internal name of the new key XCA内部使用的新密钥名称 Curve name 曲线名称 Usually at least 2048 bit keys are recommended 通常建议至少使用2048位密钥 New Key 新密钥 Keysize 密钥长度 Keytype 密钥类型 Remember as default 将以上设置作为默认值 Create 创建 NewX509 Source 来源 Signing request 证书签名请求(CSR) Show request 显示签名请求 Sign this Certificate signing &request 签发证书签名请求(CSR) Copy extensions from the request 从CSR复制扩展信息 Modify subject of the request 修改CSR的主题信息 Signing 签名 Create a &self signed certificate 创建自签名证书 Use &this Certificate for signing 使用此CA证书签名 All certificates in your database that can create valid signatures 所有可用的CA证书 Signature algorithm 签名算法 Template for the new certificate 使用模板创建新证书 All available templates 所有可用的模板 Apply extensions 应用扩展信息 Apply subject 应用主题信息 Apply all 应用所有信息 Subject 主题 Internal Name 内部名称 Distinguished name 识别名称 Add 添加 Delete 删除 Private key 私钥 This list only contains unused keys 默认仅显示未使用的密钥 Used keys too 显示已使用的密钥 &Generate a new key 生成新密钥 Extensions 扩展 Type 类型 If this will become a CA certificate or not 指定新证书是否为CA证书 Not defined 未定义 Certification Authority CA End Entity 终端实体(End Entity) Path length CA路径长度 How much CAs may be below this. 此项限制CA证书下最多还能拥有几级CA。 The basic constraints should always be critical 基本约束应当始终是关键的 Key identifier 密钥标识符 Creates a hash of the key following the PKIX guidelines 根据PKIX准则创建密钥的哈希值 Copy the Subject Key Identifier from the issuer 从签发人复制其主题密钥标识符 Validity 有效期 Not before 生效时间 Not after 失效时间 Time range 指定时间跨度 Days Months Years Apply 应用 Set the time to 00:00:00 and 23:59:59 respectively 将时间设置为00:00:00和23:59:59 Midnight 使用GMT午夜时间 Local time 使用本地时间 No well-defined expiration 不指定失效时间 DNS: IP: URI: email: RID: DNS: IP: URI: email: RID: Edit 编辑 URI: URI: Key usage 密钥用法 Netscape Netscape Advanced 高级 Validate 验证 Comment 备注 This name is only used internally and does not appear in the resulting certificate 此名称仅在XCA内部使用,不会出现在生成的证书中 Critical Critical Create Certificate signing request 创建证书签名请求(CSR) minimum size: %1 最小长度: %1 maximum size: %1 最大长度: %1 only a-z A-Z 0-9 '()+,-./:=? 只允许使用 a-z A-Z 0-9 '()+,-./:=? only 7-bit clean characters 只允许使用7-bit可打印字符 Edit XCA template 编辑XCA模板 Create x509 Certificate 创建x509证书 Template '%1' applied 模板'%1'已应用 Subject applied from template '%1' 模板'%1'的主题信息已应用 Extensions applied from template '%1' 模板'%1'的扩展信息已应用 New key '%1' created 新密钥'%1'已创建 Other Tabs 其他标签页 Advanced Tab 高级标签页 Errors 错误 From PKCS#10 request 来自PKCS#10请求 Error 错误 duplicate extensions 重复扩展 The Name Constraints are invalid The Subject Alternative Name is invalid 无效的主题可选名称(SAN) The Issuer Alternative Name is invalid 无效的签发人可选名称(IAN) The CRL Distribution Point is invalid 无效的CRL吊销点 The Authority Information Access is invalid 无效的CA信息访问 Abort rollout 中止创建 The following length restrictions of RFC3280 are violated: 违反了RFC3280长度限制: Edit subject 编辑主题信息 Continue rollout 仍然继续 The verification of the Certificate request failed. The rollout should be aborted. 证书签名请求(CSR)的有效性验证失败。 本次操作应当中止。 Continue anyway 仍然继续 The internal name and the common name are empty. Please set at least the internal name. 内部名称和通用名称(CN)均为空白。 请至少设置内部名称。 Edit name 编辑名称 There is no Key selected for signing. 没有选择密钥进行签名。 Select key 选择密钥 The following distinguished name entries are empty: %1 though you have declared them as mandatory in the options menu. 以下识别名称条目为空: %1 但是您已在设置中将其声明为必需项。 The key you selected for signing is not a private one. 您选择的用于签名的密钥不是私钥。 Select other signer 选择其他签名CA Select other key 选择其他密钥 The currently selected hash algorithm '%1' is insecure and should not be used. 当前选择的哈希算法'%1'是不安全的,因此不应被使用。 Select other algorithm 选择其他算法 Use algorithm anyway 仍然使用 The certificate will be earlier valid than the signer. This is probably not what you want. 新证书的生效时间早于签发人,请再次确认。 Edit dates 手动调整 Adjust date and continue 自动调整 The certificate will be longer valid than the signer. This is probably not what you want. 新证书的失效时间晚于签发人,请再次确认。 The certificate will be out of date before it becomes valid. You most probably mixed up both dates. 新证书的失效日期早于生效日期,请再次确认。 The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab. 证书包含无效或重复的扩展信息。检查高级标签页上的验证信息。 The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate. 证书不包含任何扩展。您可以应用模板的扩展信息来定义证书的用途。 The certificate contains invalid extensions. 新证书包含无效的扩展。 Edit extensions 编辑扩展信息 The subject alternative name shall contain a copy of the common name. However, the common name is empty. 主题可选名称(SAN)应包含通用名称(CN),但通用名称为空。 A name constraint of the issuer '%1' is violated: %2 Configfile error on line %1 配置文件错误位于行%1 OidResolver OID Resolver OID解析器 Enter the OID, the Nid, or one of the textual representations 输入OID、Nid或文本表示 Search 搜索 OID OID Long name 长名称 OpenSSL internal ID OpenSSL内部ID Nid Nid Short name 短名称 OpenDb Open remote database 打开远程数据库 Database type 数据库类型 Hostname 主机名 Username 用户名 Password 密码 Database name 数据库名 Table prefix 表前缀 No SqLite3 driver available. Please install the qt-sqlite package of your distribution SqLite3数据库驱动不可用,请安装qt-sqlite包。 Please enter the password to access the database server %2 as user '%1'. 请输入密码,用于以用户身份'%1'访问数据库服务器%2。 The database driver does not support transactions. This may happen if the client and server have different versions. Continue with care. 数据库驱动不支持事务。 这通常是客户端和服务器版本不一致导致的。请谨慎操作。 Options XCA Options XCA设置 Settings 设置 Default hash algorithm 默认哈希算法 String types 字符串类型 Suppress success messages 操作成功时不显示提示消息 Don't colorize expired certificates 过期证书不使用彩色高亮显示 Translate established x509 terms (%1 -> %2) 翻译x509专有名词(如'%1'将显示为'%2') The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. XCA不使用令牌的哈希功能。 但是,XCA可以遵守令牌规定的有限的哈希算法集合。 特别的,在PKCS#11规范中,EC和DSA仅仅使用SHA1定义。 Only use hashes supported by the token when signing with a token key 当使用令牌签名时仅使用令牌支持的哈希算法 Disable legacy Netscape extensions 禁用Netscape扩展信息 PKCS12 encryption algorithm PKCS#12加密算法 Certificate expiry warning threshold 证书到期提醒 Send vCalendar expiry reminder 发送vCalendar到期提醒 Serial number length 证书序列号长度 bit bit Distinguished name 证书识别名称 Mandatory subject entries 必填的主题信息条目 Add 添加 Delete 删除 Explicit subject entries 默认列出的主题信息条目 Dynamically arrange explicit subject entries 动态排列 Default 默认 PKCS#11 provider PKCS#11 provider Remove 移除 Search 搜索 Printable string or UTF8 (default) 可打印字符或UTF8(默认) PKIX recommendation in RFC2459 PKIX建议(RFC2459) No BMP strings, only printable and T61 无BMP字符,仅可打印字符和T61 UTF8 strings only (RFC2459) 仅UTF8字符(RFC2459) All strings 所有字符 Days Weeks Load failed 加载失败 PwDialog The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) 密码被解析为2位十六进制码,因此长度必须为偶数(仅含0-9和a-f)。 Take as HEX string 作为HEX字符串 Password 密码 Repeat %1 重复%1 %1 mismatch %1不匹配 Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters 十六进制密码只能包含字符0-9和a-f,且长度必须为偶数 Exit 退出 E&xit 退出 QMessageBox Cancel 取消 Apply 应用 Yes No QObject Undefined 未定义 Broken / Invalid 损坏的 / 无效的 in %1 seconds %1秒内 %1 seconds ago %1秒前 in %1 minutes %1分钟内 %1 minutes ago %1分钟前 Yesterday 昨天 Tomorrow 明天 in %1 hours %1小时内 %1 hours ago %1小时前 DB: Rename: '%1' already in use 数据库: 重命名: '%1'正在使用 DB: Entry to rename not found: %1 数据库: 找不到待重命名的条目: %1 DB: Write error %1 - %2 数据库: 写入错误 %1 - %2 Out of data 无数据 Error finding endmarker of string 查找字符串的结束标记出现错误 Out of Memory at %1:%2 内存不足 %1:%2 Country code 国家代码 State or Province 省份名称 Locality 城市名称 Organisation 组织名称 Organisational unit 内设机构名称 Common name 通用名称 E-Mail address 电子邮件地址 Serial number 序列号 Given name Surname Title 职位 Initials 缩写 Description 描述 Role 角色 Pseudonym 假名 Generation Qualifier 生成限定符 x500 Unique Identifier x500唯一标识符 Name 内部名称 DN Qualifier DN限定符 Unstructured name 非结构化名称 Challenge password 挑战密码 Basic Constraints 基本约束 Name Constraints Subject alternative name 主体可选名称(SAN) issuer alternative name 签发人可选名称 Subject key identifier 主题密钥标识符 Authority key identifier CA密钥标识符 Key usage 密钥用法 Extended key usage 扩展密钥用法 CRL distribution points CRL发布点 Authority information access CA信息访问 Certificate type 证书类型 Base URL 基本URL Revocation URL 吊销URL CA Revocation URL CA吊销URL Certificate renewal URL 证书更新URL CA policy URL CA政策URL SSL server name SSL服务器名称 Comment 备注 All files ( * ) All files ( * ) PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK Keys ( *.pvk );; SSH Public Keys ( *.pub );; PKI Keys ( *.pem *.der *.key );; PKCS#8 Keys ( *.p8 *.pk8 );; Microsoft PVK Keys ( *.pvk );; SSH Public Keys ( *.pub );; Import RSA key 导入RSA密钥 PKCS#10 CSR ( *.pem *.der *.csr );; PKCS#10 CSR ( *.pem *.der *.csr );; Import Request 导入证书签名请求(CSR) Certificates ( *.pem *.der *.crt *.cer );; Certificates ( *.pem *.der *.crt *.cer );; Import X.509 Certificate 导入X.509证书 PKCS#7 data ( *.p7s *.p7m *.p7b );; PKCS#7 data ( *.p7s *.p7m *.p7b );; Import PKCS#7 Certificates 导入PKCS#7证书 PKCS#12 Certificates ( *.p12 *.pfx );; PKCS#12 Certificates ( *.p12 *.pfx );; Import PKCS#12 Private Certificate 导入PKCS#12证书 XCA templates ( *.xca );; XCA templates ( *.xca );; Import XCA Templates 导入XCA模板 Revocation lists ( *.pem *.der *.crl );; Revocation lists ( *.pem *.der *.crl );; Import Certificate Revocation List 导入证书吊销列表(CRL) XCA Databases ( *.xdb );; XCA Databases ( *.xdb );; Open XCA Database 打开XCA数据库 OpenVPN tls-auth key ( *.key );; Import OpenVPN tls-auth key 导入OpenVPN TLS认证密钥 PKCS#11 library ( *.dll );; PKCS#11 library ( *.dll );; PKCS#11 library ( *.dylib *.so );; PKCS#11 library ( *.dylib *.so );; PKCS#11 library ( *.so );; PKCS#11 library ( *.so );; Open PKCS#11 shared library 打开PKCS#11动态链接库 PEM files ( *.pem );; PEM files ( *.pem );; Load PEM encoded file 加载PEM文件 Please enter the PIN on the PinPad 请输入PIN Please enter the SO PIN (PUK) of the token %1 请输入令牌%1的SO PIN (PUK) Please enter the PIN of the token %1 请输入令牌%1的PIN No Security token found 未找到安全令牌 Select 选择 Please enter the new SO PIN (PUK) for the token: '%1' 请输入令牌 '%1'的新SO PIN (PUK): Please enter the new PIN for the token: '%1' 请输入令牌 '%1'的新PIN: Required PIN size: %1 - %2 合法的PIN长度: %1 - %2 Failed to open PKCS11 library: %1 打开PKCS11动态库失败: %1 Failed to open PKCS11 library: %1: %2 打开PKCS11动态库失败: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. 这好像不是PKCS#11动态库。找不到符号'C_GetFunctionList'。 Disabled 已禁用 Library loading failed 动态链接库加载失败 PKCS#11 function '%1' failed: %2 PKCS#11函数 '%1'失败: %2 PKCS#11 function '%1' failed: %2 In library %3 %4 PKCS#11函数 '%1'失败: %2 位于动态库 %3 %4 Invalid 无效 %1 is shorter than %2 bytes: '%3' %1小于%2 bytes: '%3' %1 is longer than %2 bytes: '%3' %1大于%2 bytes: '%3' String '%1' for '%2' contains invalid characters 字符串 '%2'中的 '%1'包含无效字符 Error reading config file %1 at line %2 读取配置文件%1(行%2)错误 The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed. 文件%2(行%3)中的对象 '%1'已经存在 '%4:%5:%6',应当被移除。 The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts. 文件%3(行%4)中用于OID %2的标识符 '%1'已经用于另一个OID '%5:%6:%7',应当修改以避免冲突。 Unknown object '%1' in file %2 line %3 文件 %2(行%3)中的未知对象'%1' Failed to start a database transaction 数据库事务开始失败 Index file written to '%1' 证书清单文件'%1'已创建 Index hierarchy written to '%1' 证书清单文件(按CA)'%1'已创建 Unknown key type %1 未知密钥类型%1 Failed to write PEM data to '%1' Password verify error, please try again 密码错误,请重试 The following error occurred: 发生以下错误: Failed to update the database schema to the current version 更新XCA数据库格式至当前版本失败 Password 密码 insecure 不安全的 ReqTreeView Sign 签名 Unmark signed 标记为未签名 Mark signed 标记为已签名 Similar Request 证书签名请求(CSR)副本 Certificate request export 导出证书签名请求 Certificate request ( *.pem *.der *.csr ) Certificate request ( *.pem *.der *.csr ) RevocationList Manage revocations 吊销管理 Add 添加 Delete 删除 Edit 编辑 No. No. Serial 序列号 Revocation 吊销时间 Reason 原因 Invalidation 失效时间 Generate CRL 生成证书吊销列表(CRL) Revoke Certificate revocation 吊销证书 Revocation details 吊销详情 Revocation reason 吊销原因 Local time 使用本地时间 Invalid since 失效时间 Serial 序列号 SearchPkcs11 Directory 目录 ... ... Include subdirectories 包含子目录 Search 搜索 The following files are possible PKCS#11 libraries 下列是可能的PKCS#11动态链接库 SelectToken Security token 安全令牌 Please select the security token 请选择安全令牌 TempTreeView Duplicate 创建副本 Create certificate 创建证书 Create request 创建证书签名请求(CSR) copy 复制 Preset Template values 内置模板 Template export 导出模板 XCA Templates ( *.xca ) XCA Templates ( *.xca ) TrustState Certificate trust 信任证书 Trustment 信任 &Never trust this certificate 永不信任该证书 Only &trust this certificate, if we trust the signer 仅当受信任的签发人时信任该证书 &Always trust this certificate 总是信任该证书 Validity yyyy-MM-dd hh:mm yyyy-MM-dd hh:mm X509SuperTreeView OpenSSL config OpenSSL配置 Transform 转换 Template 模板 Public key 公钥 Save as OpenSSL config 保存为OpenSSL配置 Config files ( *.conf *.cnf);; All files ( * ) Config files ( *.conf *.cnf);; All files ( * ) XFile Error opening file: '%1': %2 打开文件错误: '%1': %2 Error rewinding file: '%1': %2 重置文件指针错误: '%1': %2 XcaDetail Import 导入 XcaTreeView Item properties 条目属性 Subject entries 主题条目 X509v3 Extensions X503v3扩展 Netscape extensions Netscape扩展 Key properties 密钥属性 Reset 恢复默认 Hide Column 隐藏该列 Details 详细信息 Columns Export Password Please enter the password to encrypt all %n exported private key(s) in: %1 Singular form for 0 or 1 item can be ignored. Will always be called with n >= 2 New 创建 Import 导入 Paste PEM data 粘贴PEM数据 Rename 重命名 Properties 属性 Delete 删除 Export 导出 Clipboard 剪贴板 File 文件 Clipboard format 剪贴板格式 database_model Legacy database format detected. Creating a backup copy called: '%1' and converting the database to the new format 检测到旧版数据库格式。 创建名为'%1'的备份副本,并将数据库转换为新格式 Failed to rename the database file, because the target already exists 无法重命名数据库文件,因为目标已存在 Please enter the password to access the database server %2 as user '%1'. 请输入密码,以用户'%1'身份访问数据库服务器%2。 Unable to create '%1': %2 无法创建'%1': %2 The file '%1' is not an XCA database '%1'不是有效的XCA数据库 No SqLite3 driver available. Please install the qt-sqlite package of your distribution SqLite3数据库驱动不可用。 请安装您的发行版的qt-sqlite包 New Password 新密码 Please enter a password, that will be used to encrypt your private keys in the database: %1 请输入XCA数据库的密码,用于加密数据库中的私钥信息: %1 Password 密码 Please enter the password for unlocking the database: %1 请输入XCA数据库密码,用于解锁数据库: %1 db_base Error opening file: '%1': %2 打开文件错误: '%1': %2 Internal name 内部名称 No. No. Primary key 主键 Database unique number 数据库唯一编号 Date 日期 Date of creation or insertion 创建日期 Source 来源 Generated, Imported, Transformed 生成,导入,转换 Comment 备注 First line of the comment field 备注栏首行 Import from: %1 从%1导入 Could not create directory %1 无法创建文件夹 %1 Item properties 条目属性 How to export the %1 selected items 如何导出选定的%1个条目 All in one PEM file 将全部条目导出到一个PEM文件 Each item in one file 每个条目导出到单个文件 Save %1 items in one file as 保存%1个条目到单个文件 db_crl Signer 签名人 Internal name of the signer 签名人的内部名称 No. revoked 数量 Number of revoked certificates 已吊销证书的数量 Last update 最近更新时间 Next update 下次更新时间 CRL number CRL编号 The revocation list already exists in the database as: '%1' and so it was not imported 证书吊销列表在数据库中已存在: '%1' 因此未被导入 Revocation list export 吊销列表导出 CRL ( *.pem *.der *.crl ) CRL ( *.pem *.der *.crl ) There are no CA certificates for CRL generation 没有可用于生成CRL的CA证书 Select CA certificate 选择CA证书 Create CRL 创建CRL Failed to initiate DB transaction 初始化数据库事务失败 Database error: %1 数据库错误: %1 Database error: 数据库错误: db_key Type 类型 Size 长度 EC Group 椭圆曲线簇 Use 使用 Password 密码 The key is already in the database as: '%1' and is not going to be imported 密钥在数据库中已存在: '%1' 因此未被导入 The database already contains the public part of the imported key as '%1 and will be completed by the new, private part of the key 数据库中已存在导入密钥的公钥部分: '%1' 将与新导入的私钥部分组成完整密钥 Extending public key from %1 by imported key '%2' 通过导入的密钥'%2'从%1扩展公钥 Key size too small ! 密钥长度太小! You are sure to create a key of the size: %1 ? 确认创建长度为%1的密钥? Export keys to Clipboard 导出密钥到剪贴板 Clipboard 剪贴板 Export public key [%1] 导出公钥 [%1] Export private key [%1] 导出私钥 [%1] Internal error 内部错误 Internal key update: The keys: %1 must be updated once by resetting and setting its private password 内部密钥更新:密钥%1必须设置或重新设置保护私钥密码 Tried to change password of a token 尝试修改令牌密码 db_temp Bad template: %1 损坏的模板: %1 Empty template 空模板 Preset Template values 内置模板 Save template as 将模板保存为 db_x509 CA reflects the basic Constraints extension 显示基本约束扩展 Serial 序列号 Start date 生效日期 Expiry date 失效时间 MD5 fingerprint MD5指纹 SHA1 fingerprint SHA1指纹 SHA256 fingerprint SHA256指纹 Not before 生效时间 Not after 失效时间 Revocation 吊销 CRL Expiration CRL过期 Plain View 平铺视图 Tree View 层次视图 Failed to retrieve unique random serial 获取唯一随机序列号失败 The certificate already exists in the database as: '%1' and so it was not imported 证书在数据库中已存在: '%1' 因此未被导入 Signed on %1 by '%2' 由'%2'在%1上签名 Unknown 未知 Invalid public key 无效的公钥 PKCS#7 unrevoked PKCS#7反吊销 PEM unrevoked PEM反吊销 days No template 无模板 The key you selected for signing is not a private one. 您选择的用于签名的密钥不是私钥。 Failed to create directory '%1' 创建目录'%1'失败 Store the certificate to the key on the token '%1 (#%2)' ? 将证书保存到令牌'%1 (#%2)'? PEM chain PEM证书链 PKCS#7 chain PKCS#7证书链 PKCS#12 chain PKCS#12证书链 PKCS#7 all PKCS#7 全部 Certificate Index file 证书索引文件(Index) Certificate export 证书导出 There was no key found for the Certificate: '%1' 找不到证书'%1'的密钥 Not possible for a token key: '%1' 令牌密钥'%1'不可用 Error opening file: '%1': %2 打开文件错误: '%1': %2 Not possible for the token-key Certificate '%1' 令牌证书'%1'不可用 days db_x509name Subject 主题 Complete distinguished name 完整的识别名称 Subject hash 主题哈希 Hash to lookup certs in directories 在目录中查找证书的哈希值 db_x509req Signed 已签名 whether the request is already signed or not CSR是否已签名 Unstructured name 非结构化名称 Challenge password 挑战密码 Certificate count 证书数量 Number of certificates in the database with the same public key 数据库中具有相同公钥的证书数量 The certificate signing request already exists in the database as '%1' and thus was not stored 证书签名请求(CSR)在数据库中已存在: '%1' 因此未被导入 Certificate request export 证书请求导出 db_x509super Key name 密钥名称 Internal name of the key 密钥的内部名称 Signature algorithm 签名算法 Key type 密钥类型 Key size 密钥长度 EC Group 椭圆曲线簇 Extracted from %1 '%2' 从%1中提取得到'%2' Certificate 证书 Certificate request 证书请求 Save as OpenSSL config 保存为OpenSSL配置 The following extensions were not ported into the template 以下扩展未进入到模板中 Transformed from %1 '%2' 从%1转换得到'%2' kvView Type 类型 Content 内容 pass_info Password 密码 PIN PIN pkcs11_lib Failed to open PKCS11 library: %1: %2 打开PKCS11动态链接库失败: %1: %2 This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found. 这好像不是PKCS#11动态链接库。找不到符号'C_GetFunctionList'。 pki_base Error opening file: '%1': %2 打开文件错误: '%1': %2 Error writing to file: '%1': %2 写入文件错误: '%1': %2 Unknown 未知 Imported 导入 Generated 生成 Transformed 转换 Token 令牌 Legacy Database 旧版的数据库 Renewed 已续签 Property '%1' not listed in 'pki_base::print' 属性'%1'未在'pki_base::print'中列出 Internal error: Unexpected message: %1 %2 内部错误: 意料之外的消息: %1 %2 pki_crl Successfully imported the revocation list '%1' 成功导入CRL '%1' Delete the revocation list '%1'? 删除CRL '%1'? Successfully created the revocation list '%1' 成功创建CRL '%1' Delete the %1 revocation lists: %2? 删除这%1个CRL: %2? Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL. 无法从文件%1加载CRL。尝试使用PEM或DER格式的CRL。 No issuer given 未指定签发人 Wrong Size %1 错误的大小%1 Delete the %n revocation list(s): '%1'? CRL Renewal of CA '%1' due CA '%1'的CRL更新时间到了 The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' 由CA '%1'签发的最新CRL将在%2到期。 它存储在XCA数据库'%3'中 The XCA CRL '%1', issued on %3 will expire on %4. It is stored in the XCA database '%5' %3 签发的CRL '%1'将在%4到期。 它存储在XCA数据库'%5'中 unknown 未知 Renew CRL: %1 更新CRL: %1 The XCA CRL '%1', issued by the CA '%2' on %3 will expire on %4. It is stored in the XCA database '%5' 由%3上的CA '%2'发布的XCA CRL '%1'将在'%4'到期。 它存储在XCA数据库'%5'中 pki_evp Failed to decrypt the key (bad password) 无法解密密钥(密码错误) Failed to decrypt the key (bad password) %1 无法解密密钥(密码错误) %1 Please enter the password to decrypt the private key. 请输入密码,用于解锁私钥。 Please enter the password to decrypt the private key %1. 请输入解密私钥'%1'的密码。 The key from file '%1' is incomplete or inconsistent. 文件'%1'中的密钥不完整或不一致。 Please enter the password to decrypt the private key from file: %1 请输入密码,用于从文件中解密私钥: %1 Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format. 无法从文件%1中加载私钥。尝试使用PEM和DER私钥,公钥,PKCS#8密钥类型和SSH2格式。 Ignoring unsupported private key 忽略不支持的私钥 Please enter the password to decrypt the private key: '%1' 请输入密码,用于解密私钥: '%1' Password input aborted 密码输入中断 Please enter the database password for decrypting the key '%1' 请输入数据库密码,用于解密密钥 '%1' Decryption of private key '%1' failed 解密私钥'%1'失败 Please enter the password to protect the private key: '%1' 请输入密码,用于保护私钥: '%1' Please enter the database password for encrypting the key 请输入数据库密码,用于加密密钥 Please enter the password to protect the PKCS#8 key '%1' in file: %2 Please enter the password to protect the private key '%1' in file: %2 Please enter the password protecting the PKCS#8 key '%1' 请输入密码,用于保护PKCS#8密钥 '%1' Please enter the password protecting the Microsoft PVK key '%1' 请输入密码,用于保护Microsoft PVK密钥 '%1' Please enter the export password for the private key '%1' 请输入私钥'%1'的导出密码 pki_export PEM Text format with headers 带头部的PEM格式 Concatenated list of all selected items in one PEM text file 导出选定的条目至PEM文件 PEM selected Concatenated list of all selected certificates in one PEM text file PEM chain PEM证书链 Concatenated text format of the complete certificate chain in one PEM file 导出完整的证书链至PEM文件 The complete certificate chain and the private key of the selected certificate with tags usable in OpenVPN configuration files 完整的证书链和所选证书的私钥,带有OpenVPN配置文件中可用的标记 PEM + key PEM格式+私钥 Concatenation of the certificate and the unencrypted private key in one PEM file 导出证书和未加密私钥至PEM文件 Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file 导出证书和加密私钥至PKCS#8文件 All unusable Concatenation of all expired or revoked certificates in one PEM file PKCS#7 encoded single certificate PKCS#7编码的单个证书 All selected certificates encoded in one PKCS#7 file 导出选定的证书至PKCS#7文件 PKCS #7 chain PKCS#7证书链 PKCS#7 encoded complete certificate chain PKCS#7编码的完整证书链 PKCS #7 unusable PKCS#7 encoded collection of all expired or revoked certificates Binary DER encoded certificate 二进制DER编码的证书 PKCS #12 chain PKCS#12证书链 The complete certificate chain and the private key as encrypted PKCS#12 file 导出完整证书链和加密私钥至PKCS#12文件 PKCS #12 PKCS#12 The certificate and the private key as encrypted PKCS#12 file 导出证书和加密私钥至PKCS#12文件 Certificate Index file 证书清单文件(Index) OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool 导出OpenSSL风格的证书清单文件(Index)。该文件由'openssl ca'命令创建,通常OCSP工具需要使用它。 vCalendar vCalendar vCalendar expiry reminder for the selected items 所选条目的vCalendar到期提醒 CA vCalendar CA vCalendar vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL vCalendar到期提醒(包含所有已签发的有效证书,CA本身和最新CRL) OpenSSL config OpenSSL配置 OpenSSL configuration file to create a certificate or request with the openssl commandline tool OpenSSL配置文件,用于使用OpenSSL命令行工具创建证书或请求 OpenVPN tls-auth key OpenVPN TLS认证密钥 The OpenVPN tls-auth key is a secret key shared between endpoints OpenVPN tls认证密钥是端点之间共享的密钥 JSON Web Kit The public key of the certificate in JSON Web Kit format with X.509 Certificate Thumbprint (x5t) JSON Web Kit chain The public key of the certificate in JSON Web Kit format with X.509 Certificate Thumbprint (x5t) and certificate chain (x5c) PEM public PEM公钥 Text format of the public key in one PEM file 导出公钥至PEM文件 PEM private PEM私钥 Unencrypted private key in text format 导出未加密的私钥至PEM文件 PEM encrypted PEM加密 OpenSSL specific encrypted private key in text format 导出OpenSSL风格的加密私钥至PEM文件 SSH2 private SSH2私钥 SSH2 public SSH2公钥 The public key encoded in SSH2 format 以SSH2格式编码的公钥 DER public DER公钥 Binary DER format of the public key 导出公钥至DER二进制文件 DER private DER私钥 Unencrypted private key in binary DER format 导出未加密的私钥至DER二进制文件 PVK private PVK私钥 Private key in Microsoft PVK format not encrypted 导出未加密的私钥至Microsoft PVK文件 XCA template in PEM-like format. Templates include the internal name and comment All selected XCA templates in PEM-like format. Templates include the internal name and comment PVK encrypted PVK加密 Encrypted private key in Microsoft PVK format 导出加密的私钥至Microsoft PVK文件 PKCS #8 encrypted PKCS#8加密 Encrypted private key in PKCS#8 text format 导出加密私钥至PKCS#8文件 PKCS #8 PKCS#8 Unencrypted private key in PKCS#8 text format 导出未加密私钥至PKCS#8文件 JSON Web Key private Unencrypted private key in JSON Web Key format JSON Web Key public Public key in JSON Web Key format Binary DER format of the certificate request 证书签名请求(CSR)的DER二进制格式 Binary DER format of the revocation list 证书吊销列表(CRL)的DER二进制格式 vCalendar reminder for the CRL expiry date vCalendar到期提醒(CRL失效日期) XCA template in PEM-like format 导出XCA模板至PEM-like文件 All selected XCA templates in PEM-like format 导出选定的XCA模板至PEM-like文件 pki_key Successfully imported the %1 public key '%2' 成功导入%1个公钥 '%2' Delete the %1 public key '%2'? 删除%1个公钥 '%2'? Successfully imported the %1 private key '%2' 成功导入%1个私钥 '%2' Delete the %1 private key '%2'? 删除%1个私钥 '%2'? Successfully created the %1 private key '%2' %1私钥'%2'创建成功 Delete the %1 keys: %2? 删除%1个密钥 '%2'? Public key 公钥 Successfully imported the %1 public key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key 成功导入%1个公钥 '%2' Delete the %n %1 public key(s) '%2'? %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal name(s) of the key(s) Successfully imported the %1 private key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key 成功导入%1个私钥 '%2' Delete the %n %1 private key(s) '%2'? %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal name(s) of the key(s) Successfully created the %1 private key '%2' %1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key %1私钥'%2'创建成功 Common Private 私钥 Bogus 伪造的 PIN PIN No password 无密码 Unexpected SSH2 content: '%1' 意料之外的SSH2内容:'%1' Invalid SSH2 public key 无效的SSH2公钥 Failed writing to %1 写入%1失败 pki_multi No known PEM encoded items found 找不到已知的PEM编码条目 pki_pkcs12 Please enter the password to decrypt the PKCS#12 file: %1 请输入密码,用于解密PKCS#12文件: %1 Unable to load the PKCS#12 (pfx) file %1. 无法加载PKCS#12 (pfx)文件 %1. The supplied password was wrong (%1) 提供的密码有误 (%1) Please enter the password to encrypt the key of certificate '%1' in the PKCS#12 file: %2 Please enter the password to encrypt the PKCS#12 file 请输入密码,用于加密PKCS#12文件 No key or no Cert and no pkcs12 没有证书或没有密钥 pki_pkcs7 Unable to load the PKCS#7 file %1. Tried PEM and DER format. 无法加载PKCS#7文件 %1。尝试使用PEM或DER格式。 pki_scard Successfully imported the token key '%1' 成功导入令牌密钥 '%1' Delete the token key '%1'? 删除令牌密钥 '%1'? Successfully created the token key '%1' 成功创建令牌密钥 '%1' Delete the %1 keys: %2? 删除%1个密钥: %2? Delete the %n token key(s): '%1'? Delete the private key '%1' from the token '%2 (#%3)' ? 从令牌 '%2 (#%3)'中删除私钥 '%1'? This Key is already on the token 令牌中已存在该密钥 PIN input aborted PIN输入中止 Unable to find copied key on the token 无法在令牌上找到复制的密钥 Please insert card: %1 %2 [%3] with Serial: %4 请插入智能卡: %1 %2 [%3] 序列号: %4 Select Slot of %1 选择%1的插槽 Public Key mismatch. Please re-import card 公钥不匹配。请重新导入智能卡 Illegal Key generation method 不合法的密钥生成方法 Unable to find generated key on card 无法在智能卡上找到生成的密钥 Ignoring unsupported token key 忽略不支持的令牌密钥 Wrong Size %1 错误的大小%1 Token %1 令牌 %1 Failed to find the key on the token 无法在令牌上找到密钥 Invalid Pin for the token 无效的令牌PIN Failed to initialize the key on the token 初始化令牌密钥失败 pki_temp Successfully imported the XCA template '%1' 成功导入XCA模板 '%1' Delete the XCA template '%1'? 删除XCA模板 '%1'? Successfully created the XCA template '%1' 成功创建XCA模板 '%1' Delete the %1 XCA templates: %2? 删除%1个XCA模板: %2? Delete the %n XCA template(s): '%1'? Wrong Size %1 错误的大小%1 Template file content error (too small) 模板文件内容错误 (太小) Template file content error (too small): %1 模板文件内容错误 (太小): %1 Not a PEM encoded XCA Template 不是PEM编码的XCA模板 Not an XCA Template, but '%1' 不是一个XCA模板,而是 '%1' pki_x509 Successfully imported the certificate '%1' 成功导入证书 '%1' Delete the certificate '%1'? 删除证书 '%1'? Successfully created the certificate '%1' 成功创建证书 '%1' Delete the %1 certificates: %2? 删除%1个证书: %2? Delete the %n certificate(s): '%1'? Unable to load the certificate in file %1. Tried PEM and DER certificate. 无法从文件%1加载证书。尝试使用PEM或DER格式的证书。 Invalid OpenVPN tls-auth key 无效的OpenVPN TLS认证密钥 Failed to import tls-auth key 导入OpenVPN TLS认证密钥失败 Same tls-auth key already stored for this CA 此CA中已存在相同的OpenVPN TLS认证密钥 New tls-auth key successfully imported 新的OpenVPN TLS认证密钥已导入 Existing tls-auth key successfully replaced 旧的OpenVPN TLS认证密钥被替换 This certificate is already on the security token 安全令牌上已存在该证书 Delete the certificate '%1' from the token '%2 (#%3)'? 从令牌 '%2 (#%3)'中删除证书 '%1'? There is no key for signing ! 没有可用于签名的密钥 ! Wrong Size %1 错误的大小%1 No Yes Renew certificate: %1 续签证书: %1 The XCA certificate '%1', issued on %2 will expire on %3. It is stored in the XCA database '%4' 由%2签发的XCA证书 '%1'将在'%3'到期。 它存储在XCA数据库'%4'中 CRL Renewal of CA '%1' due CA '%1'的CRL更新时间到了 The latest CRL issued by the CA '%1' will expire on %2. It is stored in the XCA database '%3' 由CA '%1'签发的最新CRL将在%2到期。 它存储在XCA数据库'%3'中 pki_x509req Signing key not valid (public key) 签名密钥无效 (公钥) Successfully imported the %1 certificate request '%2' 成功导入%1个证书请求 '%2' Delete the %1 certificate request '%2'? 删除%1个证书请求: '%2'? Successfully created the %1 certificate request '%2' 成功创建%1个证书请求 '%2' Delete the %1 certificate requests: %2? 删除%1个证书请求: %2? Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format. 无法从文件%1加载证书请求。尝试使用PEM、DER或SPKAC格式。 Wrong Size %1 错误的大小%1 Successfully imported the PKCS#10 certificate request '%1' Delete the %n PKCS#10 certificate request(s): '%1'? Successfully created the PKCS#10 certificate request '%1' Signed 已签发 Unhandled 未处理 v3ext Copy Common Name 复制通用名称(CN) Add 添加 Delete 删除 Apply 应用 Validate 验证 Cancel 取消 An email address or 'copy' 一个email地址或'copy' An email address 一个email地址 A registered ID: OBJECT IDENTIFIER 一个已注册ID: 对象标识符 A uniform resource indicator 统一资源定位符 A DNS domain name or 'copycn' 一个DNS域名或'copycn' A DNS domain name DNS域名 An IP address IP地址 Syntax: <OID>;TYPE:text like '1.2.3.4:UTF8:name' 语法: <OID>;TYPE:形如 '1.2.3.4:UTF8:name'的文本 No editing. Only 'copy' allowed here 不允许编辑,此处只允许填写'copy' Validation failed: '%1' %2 验证失败: '%1' %2 Validation successful: '%1' 验证成功: '%1' xcaWarning The following error occurred: 下列错误发生: Copy to Clipboard 复制到剪贴板 xcaWarningGui Copy to Clipboard 复制到剪贴板 xca-RELEASE.2.9.0/lib/000077500000000000000000000000001477156507700141455ustar00rootroot00000000000000xca-RELEASE.2.9.0/lib/BioByteArray.cpp000066400000000000000000000056451477156507700172170ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "BioByteArray.h" #include "func_base.h" #include BioByteArray::BioByteArray(const BIGNUM *bn, int bits) { int len = (bits+7) >> 3; qDebug() << bits << len; if (!bn) return; store.resize(BN_num_bytes(bn)); BN_bn2bin(bn, (unsigned char *)store.data()); openssl_error(); if (store.size() > 0 && (unsigned char)store[0] >= 0x80) store.prepend('\0'); if (len > 0 && store.size() < len) store.prepend(len - store.size(), 0); } void BioByteArray::set(const QByteArray &qba) { if (read_write) { char buf[1024]; qWarning() << "BioByteArray already in use"; while (BIO_read(read_write, buf, sizeof buf) > 0) ; memset(buf, 0, sizeof buf); } store.fill(0); store.clear(); add(qba); } void BioByteArray::add(const QByteArray &qba) { if (read_only) { qWarning() << "BioByteArray is read-only"; return; } if (read_write) biowrite(qba); else store += qba; } void BioByteArray::biowrite(const QByteArray &qba) { BIO_write(read_write, qba.data(), qba.size()); } void BioByteArray::cleanse_and_free(BIO *bio) { if (!bio) return; char *p; long l = BIO_get_mem_data(bio, &p); OPENSSL_cleanse(p, l); BIO_free(bio); } BioByteArray::~BioByteArray() { store.fill(0); store.clear(); cleanse_and_free(read_write); if (read_only) BIO_free(read_only); } BIO *BioByteArray::bio() { if (!read_write) { read_write = BIO_new(BIO_s_mem()); Q_CHECK_PTR(read_write); biowrite(store); store.fill(0); store.clear(); } return read_write; } BIO *BioByteArray::ro() { if (!read_only) read_only = BIO_new_mem_buf( (void*)store.constData(), store.length()); Q_CHECK_PTR(read_only); return read_only; } QByteArray BioByteArray::byteArray() const { if (read_only || !read_write) return store; /* "read_write" Bio may differ from "store" */ const char *p; int l = BIO_get_mem_data(read_write, &p); return QByteArray(p, l); } int BioByteArray::size() const { if (read_only || !read_write) return store.size(); /* "read_write" Bio may differ from "store" */ const char *p; return BIO_get_mem_data(read_write, &p); } QString BioByteArray::qstring() const { return QString::fromUtf8(byteArray().constData()); } BioByteArray::operator BIO*() { return bio(); } BioByteArray::operator QByteArray() { return byteArray(); } BioByteArray &BioByteArray::operator = (const BioByteArray &other) { set(other.byteArray()); return *this; } BioByteArray &BioByteArray::operator = (const QByteArray &qba) { set(qba); return *this; } BioByteArray &BioByteArray::operator += (const BioByteArray &other) { add(other.byteArray()); return *this; } BioByteArray &BioByteArray::operator += (const QByteArray &qba) { add(qba); return *this; } QString BioByteArray::base64UrlEncode() const { return QString::fromLatin1(byteArray().toBase64( QByteArray::Base64UrlEncoding | QByteArray::OmitTrailingEquals)); } xca-RELEASE.2.9.0/lib/BioByteArray.h000066400000000000000000000021111477156507700166450ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __BIOBYTEARRAY_H #define __BIOBYTEARRAY_H #include #include #include #include class BioByteArray { protected: BIO *read_write{}; BIO *read_only{}; QByteArray store{}; void set(const QByteArray &qba); void add(const QByteArray &qba); void biowrite(const QByteArray &qba); void cleanse_and_free(BIO *bio); public: BioByteArray(const QByteArray &qba) : store(qba) { } BioByteArray(const BioByteArray &bba) : store(bba.byteArray()) { } BioByteArray(const BIGNUM *bn, int len = 0); BioByteArray() { } ~BioByteArray(); int size() const; BIO *bio(); BIO *ro(); QByteArray byteArray() const; QString qstring() const; QString base64UrlEncode() const; operator BIO*(); operator QByteArray(); BioByteArray &operator = (const BioByteArray &other); BioByteArray &operator = (const QByteArray &qba); BioByteArray &operator += (const BioByteArray &other); BioByteArray &operator += (const QByteArray &qba); }; #endif xca-RELEASE.2.9.0/lib/CMakeLists.txt000066400000000000000000000054731477156507700167160ustar00rootroot00000000000000 list(APPEND xcadoc_sources arguments.cpp arguments.h xcadoc.cpp) list(APPEND xcaexport_sources pki_export.cpp pki_export.h xcaexport.cpp) list(APPEND xcalib_sources BioByteArray.cpp dbhistory.cpp pki_key.cpp BioByteArray.h dbhistory.h pki_key.h Passwd.cpp entropy.cpp pki_lookup.h Passwd.h entropy.h pki_multi.cpp arguments.cpp exception.h pki_multi.h arguments.h func.cpp pki_pkcs12.cpp asn1int.cpp func.h pki_pkcs12.h asn1int.h headerlist.h pki_pkcs7.cpp asn1time.cpp ipvalidator.h pki_pkcs7.h asn1time.h load_obj.cpp pki_scard.cpp base.h load_obj.h pki_scard.h builtin_curves.cpp pki_temp.cpp builtin_curves.h pki_temp.h database_model.cpp oid.cpp pki_x509.cpp database_model.h oid.h pki_x509.h db_base.cpp opensc-pkcs11.h pki_x509req.cpp db_base.h openssl_compat.h pki_x509req.h db_crl.cpp pass_info.cpp pki_x509super.cpp db_crl.h pass_info.h pki_x509super.h db_key.cpp pk11_attribute.cpp settings.cpp db_key.h pk11_attribute.h settings.h db_temp.cpp pkcs11.cpp sql.cpp db_temp.h pkcs11.h sql.h db_token.cpp pkcs11_lib.cpp version.cpp db_token.h pkcs11_lib.h x509name.cpp db_x509.cpp pki_base.cpp x509name.h db_x509.h pki_base.h x509rev.cpp db_x509req.cpp pki_crl.cpp x509rev.h db_x509req.h pki_crl.h x509v3ext.cpp db_x509super.cpp pki_evp.cpp x509v3ext.h db_x509super.h pki_evp.h xfile.h dhgen.cpp dhgen.h XcaProgress.cpp XcaProgress.h XcaWarningCore.cpp XcaWarningCore.h PwDialogCore.cpp PwDialogCore.h digest.h digest.cpp pki_export.cpp debug_info.h func_base.cpp func_base.h debug_info.cpp cmdline.cpp ) macro(ExpandSources target) list(TRANSFORM ${target}_sources PREPEND ${PROJECT_SOURCE_DIR}/lib/) list(APPEND ${target} ${PROJECT_BINARY_DIR}/local.h) target_sources(${target} PRIVATE ${${target}_sources}) endmacro() ExpandSources(xcalib) ExpandSources(xcadoc) ExpandSources(xcaexport) macro(Test name) set(${name}_sources ${ARGN}) add_executable(${name} ${name}.cpp) ExpandSources(${name}) target_link_libraries(${name} PRIVATE OpenSSL::Crypto ${QT}::Core ${QT}::Test ${QT}::Sql ${ASAN_LIB} ) add_test(NAME ${name} COMMAND ${name}) set_target_properties(${name} PROPERTIES MACOSX_BUNDLE FALSE) add_dependencies(tests ${name}) set_tests_properties(${name} PROPERTIES LABELS "console;lib") endmacro() if(BUILD_TESTING) Test(test_biobytearray BioByteArray.cpp BioByteArray.h func_base.cpp func_base.h) Test(test_asn1int asn1int.cpp asn1int.h func_base.h func_base.cpp) Test(test_asn1time asn1time.cpp asn1time.h func_base.h func_base.cpp) Test(test_entropy entropy.cpp entropy.h func.h func_base.cpp xfile.h) Test(test_x509name x509name.cpp x509name.h func_base.h func_base.cpp BioByteArray.h BioByteArray.cpp ) Test(test_digest digest.cpp digest.h func_base.cpp func_base.h) endif() xca-RELEASE.2.9.0/lib/Passwd.cpp000066400000000000000000000005401477156507700161110ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2012 Christian Hohnstaedt. * * All rights reserved. */ #include #include "Passwd.h" void Passwd::cleanse() { memset(data(), 0, size()); clear(); } Passwd::~Passwd() { Passwd::cleanse(); } unsigned char *Passwd::constUchar() const { return (unsigned char *)(size() ? constData() : ""); } xca-RELEASE.2.9.0/lib/Passwd.h000066400000000000000000000007241477156507700155620ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2011 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PASSWD_H #define __PASSWD_H #include class Passwd: public QByteArray { public: void cleanse(); ~Passwd(); unsigned char *constUchar() const; Passwd & operator= (const char *p) { return (Passwd&)QByteArray::operator=(p); } Passwd & operator= (const QByteArray &other) { return (Passwd&)QByteArray::operator=(other); } }; #endif xca-RELEASE.2.9.0/lib/PwDialogCore.cpp000066400000000000000000000024561477156507700171770ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "lib/func.h" #include "lib/base.h" #include "lib/Passwd.h" #include "lib/exception.h" #include "XcaWarningCore.h" #include "PwDialogCore.h" #include #include PwDialogUI_i *PwDialogCore::pwdialog; Passwd PwDialogCore::cmdline_passwd; enum open_result PwDialogCore::execute(pass_info *p, Passwd *passwd, bool write, bool abort) { if (!cmdline_passwd.isEmpty()) { *passwd = cmdline_passwd; cmdline_passwd.cleanse(); return pw_ok; } if (pwdialog) return pwdialog->execute(p, passwd, write, abort); #if !defined(Q_OS_WIN32) console_write(stdout, QString(COL_CYAN "%1\n" COL_LRED "%2:" COL_RESET) .arg(p->getDescription()) .arg(QObject::tr("Password")).toUtf8()); *passwd = readPass(); return pw_ok; #else throw pw_exit; #endif } int PwDialogCore::pwCallback(char *buf, int size, int rwflag, void *userdata) { Passwd passwd; enum open_result result; pass_info *p = static_cast(userdata); result = execute(p, &passwd, rwflag, false); size = MIN(size, passwd.size()); memcpy(buf, passwd.constData(), size); p->setResult(result); return result == pw_ok ? size : 0; } void PwDialogCore::setGui(PwDialogUI_i *p) { delete pwdialog; pwdialog = p; } xca-RELEASE.2.9.0/lib/PwDialogCore.h000066400000000000000000000013311477156507700166330ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2011 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PWDIALOGCORE_H #define __PWDIALOGCORE_H #include #include "Passwd.h" #include "pass_info.h" class PwDialogUI_i { public: virtual enum open_result execute(pass_info *p, Passwd *passwd, bool write = false, bool abort = false) = 0; virtual ~PwDialogUI_i() { }; }; class PwDialogCore { private: static PwDialogUI_i *pwdialog; public: static Passwd cmdline_passwd; static enum open_result execute(pass_info *p, Passwd *passwd, bool write = false, bool abort = false); static int pwCallback(char *buf, int size, int rwflag, void *userdata); static void setGui(PwDialogUI_i *p); }; #endif xca-RELEASE.2.9.0/lib/XcaProgress.cpp000066400000000000000000000017201477156507700171110ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2018 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include #include #include "base.h" #include "XcaProgress.h" void XcaProgressCmd::stop() { puts(" finished."); } void XcaProgressCmd::start(const QString &what, int) { puts(""); puts(CCHAR(what)); } void XcaProgressCmd::increment() { static const char *spinner = "|/-\\"; printf("\rGenerating %c ...", spinner[i++%4]); fflush(stdout); } XcaProgress_i *XcaProgress::progress; XcaProgress::XcaProgress(const QString &what, int max) { if (!progress) progress = new XcaProgressCmd(); progress->start(what, max); } XcaProgress::~XcaProgress() { progress->stop(); } void XcaProgress::increment() { progress->increment(); } void XcaProgress::inc(int, int, void *p) { XcaProgress *prog = static_cast(p); if (prog) prog->increment(); } void XcaProgress::setGui(XcaProgress_i *p) { delete progress; progress = p; } xca-RELEASE.2.9.0/lib/XcaProgress.h000066400000000000000000000014501477156507700165560ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2018 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __XCAPROGRESS_H #define __XCAPROGRESS_H #include class XcaProgress_i { public: XcaProgress_i() = default; virtual void start(const QString &what, int max) = 0; virtual void stop() = 0; virtual void increment() = 0; virtual ~XcaProgress_i() = default; }; class XcaProgressCmd : public XcaProgress_i { private: int i{}; public: void start(const QString &what, int max); void stop(); void increment(); }; class XcaProgress { private: static XcaProgress_i *progress; public: XcaProgress(const QString &what = QString(), int max = 100); ~XcaProgress(); void increment(); static void inc(int, int, void *p); static void setGui(XcaProgress_i *p); }; #endif xca-RELEASE.2.9.0/lib/XcaWarningCore.cpp000066400000000000000000000022071477156507700175240ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2018 Christian Hohnstaedt. * * All rights reserved. */ #include "XcaWarningCore.h" #include "lib/func.h" #include #include class xcaWarning_i *xcaWarning::gui; bool xcaWarningCore::print_cmdline(const char *color, const QString &msg) { console_write(stdout, QString("%1:" COL_RESET " %2\n") .arg(color).arg(msg).toUtf8()); return true; } void xcaWarningCore::information(const QString &msg) { print_cmdline(COL_CYAN "Information", msg); } void xcaWarningCore::warning(const QString &msg) { print_cmdline(COL_RED "Warning", msg); } bool xcaWarningCore::yesno(const QString &msg) { return print_cmdline(COL_BLUE "Question", msg); } bool xcaWarningCore::okcancel(const QString &msg) { return print_cmdline(COL_BLUE "Question", msg); } void xcaWarningCore::sqlerror(QSqlError err) { warning(err.text()); } void xcaWarningCore::error(const QString &msg) { print_cmdline(COL_RED "Error", msg); } void xcaWarningCore::warningv3(const QString &msg, const extList &el) { warning(QString(" " COL_CYAN "%1" COL_RESET "\n%2") .arg(msg).arg(el.getConsole(QString(" ")))); } xca-RELEASE.2.9.0/lib/XcaWarningCore.h000066400000000000000000000046531477156507700172000ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2018 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __XCAWARNINGCORE_H #define __XCAWARNINGCORE_H #include "base.h" #include "exception.h" #include "x509v3ext.h" #include #include #define XCA_INFO(msg) xcaWarning::information(msg) #define XCA_WARN(msg) xcaWarning::warning(msg) #define XCA_YESNO(msg) xcaWarning::yesno(msg) #define XCA_OKCANCEL(msg) xcaWarning::okcancel(msg) #define XCA_ERROR(err) xcaWarning::error(err) #define XCA_SQLERROR(err) xcaWarning::sqlerror(err) #define XCA_PASSWD_ERROR() XCA_WARN(QObject::tr("Password verify error, please try again")) class xcaWarning_i { public: virtual void information(const QString &msg) = 0; virtual void warning(const QString &msg) = 0; virtual void warningv3(const QString &msg, const extList &el) = 0; virtual bool yesno(const QString &msg) = 0; virtual bool okcancel(const QString &msg) = 0; virtual void sqlerror(QSqlError err) = 0; virtual void error(const QString &msg) = 0; virtual ~xcaWarning_i() { }; }; class xcaWarningCore : public QObject, public xcaWarning_i { Q_OBJECT protected: virtual bool print_cmdline(const char *color, const QString &msg); public: void information(const QString &msg); void warning(const QString &msg); bool yesno(const QString &msg); bool okcancel(const QString &msg); void sqlerror(QSqlError err); void warningv3(const QString &msg, const extList &el); void error(const QString &msg); }; class xcaWarning { static class xcaWarning_i *gui; public: xcaWarning() = delete; xcaWarning(const xcaWarningCore &) = delete; ~xcaWarning() = delete; static void information(const QString &msg) { gui->information(msg); } static void warning(const QString &msg) { gui->warning(msg); } static void warningv3(const QString &msg, const extList &el) { gui->warningv3(msg, el); } static bool yesno(const QString &msg) { return gui->yesno(msg); } static bool okcancel(const QString &msg) { return gui->okcancel(msg); } static void sqlerror(QSqlError err) { if (!err.isValid()) err = QSqlDatabase::database().lastError(); if (err.isValid()) gui->sqlerror(err); } static void error(const errorEx &err) { if (err.isEmpty()) return; QString msg = QObject::tr("The following error occurred:") + "\n" + err.getString(); gui->error(msg); } static void setGui(class xcaWarning_i *g) { delete gui; gui = g; } }; #endif xca-RELEASE.2.9.0/lib/arguments.cpp000066400000000000000000000250521477156507700166620ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2020 Christian Hohnstaedt. * * All rights reserved. */ #include #include #include "arguments.h" #include #include #include #if !defined(Q_OS_WIN32) #include #endif const QList arguments::opts = { arg_option("crlgen", "ca-identifier", required_argument, true, true, "Generate CRL for . Use the 'name' option to set the internal name of the new CRL."), arg_option("database", "database", file_argument, false, false, "File name (*.xdb) of the SQLite database or a remote database descriptor: [user@host/TYPE:dbname#prefix]."), arg_option("exit", NULL, no_argument, false, false, "Exit after importing items."), arg_option("help", NULL, no_argument, true, false, "Print this help and exit."), arg_option("hierarchy", "directory", file_argument, true, true, "Save OpenSSL index hierarchy in

."), arg_option("index", "file", file_argument, true, true, "Save OpenSSL index in ."), arg_option("import", NULL, no_argument, false, true, "Import all provided items into the database."), arg_option("import-names", NULL, required_argument, false, true, "A semicolon separated list of names applied to the imported items in the order found in the PEM file and on the commandline."), arg_option("issuers", NULL, no_argument, true, true, "Print all known issuer certificates that have an associated private key and the CA basic constraints set to 'true'."), arg_option("keygen", "type", required_argument, true, true, "Generate a new key and import it into the database. Use the 'name' option to set the internal name of the new key. The parameter has the format: '[RSA|DSA|EC]:[|]."), arg_option("list-curves", NULL, no_argument, true, false, "Prints all known Elliptic Curves."), arg_option("list-items", NULL, no_argument, true, true, "List all items in the database."), arg_option("name", "internal-name", required_argument, false, true, "Provides the name of new generated items. An automatic name will be generated if omitted."), arg_option("no-native-dialogs", NULL, no_argument, false, false, "Disables the native dialogs of the operating system for messages and file operations and uses Qt specific dialogs instead."), arg_option("no-gui", NULL, no_argument, true, false, "Do not start the GUI. Alternatively set environment variable XCA_NO_GUI=1 or call xca as 'xca-console' symlink."), arg_option("password", "password", required_argument, false, false, "Database password for unlocking the database. See below for password format options."), arg_option("pem", NULL, no_argument, true, false, "Print PEM representation of provided files. Prints only the public part of private keys."), arg_option("pem-file", NULL, file_argument, true, false, "Specify a file name for the PEM data. Implies '--pem'."), arg_option("print", NULL, no_argument, true, false, "Print a synopsis of provided files."), arg_option("select", "id-list", required_argument, true, true, "Selects all items in the comma separated id-list to be shown with 'print', 'text' or 'pem'."), arg_option("sqlpass", "password", required_argument, false, false, "Password to access the remote SQL server. See below for password format options."), arg_option("text", NULL, no_argument, true, false, "Print the content of provided files as OpenSSL does."), arg_option("verbose", NULL, no_argument, false, false, "Print debug log on stderr. Same as setting XCA_DEBUG=all. See XCA_DEBUG"), arg_option("version", NULL, no_argument, true, false, "Print version information and exit."), }; static QMap getPassDoc() { QMap passdoc; passdoc["pass:password"] = "The actual password is password. Since the password is visible to utilities (like 'ps' under Unix) this form should only be used where security is not important."; passdoc["env:var"] = "Obtain the password from the environment variable var. Since the environment of other processes is visible on certain platforms (e.g. ps under certain Unix OSes) this option should be used with caution."; passdoc["file:pathname"] = "The first line of pathname is the password. If the same pathname argument is supplied to password and sqlpassword arguments then the first line will be used for both passwords. pathname need not refer to a regular file: it could for example refer to a device or named pipe."; passdoc["fd:number"] = "Read the password from the file descriptor number. This can be used to send the data via a pipe for example."; passdoc["stdin"] = "Read the password from standard input."; return passdoc; } arg_option::arg_option(const char *l, const char *a, int has, bool n, bool nd, const char *h) : long_opt(l), arg(a), arg_type(has), no_gui(n), need_db(nd), help(h) { } QCommandLineOption arg_option::getCmdOption() const { switch (arg_type) { case no_argument: return QCommandLineOption(long_opt, help); default: return QCommandLineOption(long_opt, help, long_opt); } } static QString splitQstring(int offset, int width, const QString &text) { QStringList lines; QString line; foreach(const QString &word, text.split(" ")) { if (line.size() + word.size() < width - offset) { line += " " + word; continue; } lines += line; line = word; } lines += line; return lines.join(QString("\n") +QString().fill(' ', offset)); } QString arguments::man() { QString s; QMap passdoc = getPassDoc(); for (auto i = opts.begin(); i != opts.end(); ++i) { QString longopt = i->long_opt; if (i->arg) longopt += QString("=<%1>").arg(i->arg); s += QString(".TP\n.B \\-\\-%1%3\n%2\n") .arg(longopt) .arg(i->help) .arg(i->need_db ? " *" : ""); } s += ".br\n.TP\n" "Options marked with an asterisk need a database. Either from the commandline or as default database.\n" "\n.SH PASS PHRASE ARGUMENTS\n" "The password options accept the same syntax as openssl does:\n"; foreach(QString key, passdoc.keys()) s += QString(".TP\n.B %1\n%2\n").arg(key).arg(passdoc[key]); return s; } static QString esc(QString msg) { return msg.replace(QRegularExpression("([\\*@:'_])"), "\\\\1"); } QString arguments::rst() { QString s = "..\n" " Automatically created by\n" " XCA_ARGUMENTS=rst ./xca arguments.rst\n\n"; QMap passdoc = getPassDoc(); int space = (maxOptWidth() + 4) * -1; for (auto i = opts.begin(); i != opts.end(); ++i) { QString longopt = i->long_opt; if (i->arg) longopt += QString("=%1").arg(esc(i->arg)); s += QString("--%1 %2%3\n") .arg(esc(longopt), space) .arg(esc(i->help)) .arg(i->need_db ? " [#need-db]_" : ""); } s += "\n\n" ".. [#need-db] Requires a database. Either from the commandline or as default database.\n\n" "Passphrase arguments\n" ".....................\n" "The password options accept the same syntax as openssl does:\n\n"; foreach(QString key, passdoc.keys()) s += QString("%1\n %2\n").arg(esc(key)).arg(esc(passdoc[key])); return s; } QString arguments::completion() { QStringList sl; for (auto i = opts.begin(); i != opts.end(); ++i) sl << QString("--%1").arg(i->long_opt); return sl.join(" "); } QString arguments::doc(const QString &which) { if (which == "rst") return rst(); if (which == "man") return man(); if (which == "completion") return completion(); return QString(); } size_t arguments::maxOptWidth() { size_t len = 0; foreach(const arg_option &a, opts) { size_t l = strlen(a.long_opt); if (a.arg) l += strlen(a.arg); if (l > len) len = l; } return len; } QString arguments::help() { QString s; size_t len; int width = 80, offset; #if !defined(Q_OS_WIN32) struct winsize w; ioctl(0, TIOCGWINSZ, &w); if (w.ws_col > 20) width = w.ws_col; #endif QMap passdoc = getPassDoc(); len = maxOptWidth() +4; offset = len + 7; for (auto i = opts.begin(); i != opts.end(); ++i) { QString longopt = i->long_opt; if (i->arg) longopt += QString("=<%1>").arg(i->arg); QString help = splitQstring(offset, width, i->help); s += QString(" " COL_CYAN "%3 " COL_RESET COL_BOLD "--%1" COL_RESET " %2\n") .arg(longopt, len*-1) .arg(help) .arg(i->need_db ? "*" : " "); } s += "\n[" COL_CYAN "*" COL_RESET "]" + splitQstring(sizeof("[*] ") -1, width, QString("Needs a database. Either from the commandline or as default database")) + "\n"; s += "\n" + splitQstring(0, width, QString("The password options accept the same syntax as openssl does:\n")); foreach(QString key, passdoc.keys()) s += QString("\n " COL_BOLD "%1" COL_RESET).arg(key, -14) + splitQstring(18, width, passdoc[key]); return s; } int arguments::parse(int argc, char *argv[]) { files.clear(); need_db = false; QCommandLineParser parser; foreach(const arg_option &opt, opts) parser.addOption(opt.getCmdOption()); /* Parse cmdline options argv */ QStringList args; for (int i =0; i < argc; i++) args << QString::fromUtf8(argv[i]); parser.process(args); QStringList found = parser.optionNames(); foreach(const arg_option &opt, opts) { if (found.contains(opt.long_opt)) { found_options[opt.long_opt] = parser.value(opt.long_opt); if (opt.need_db) need_db = true; } } foreach(const QString &file, parser.positionalArguments()) { if (!has("database") && file.endsWith(".xdb")) { /* No database given, but here is an xdb file * Try to be clever. */ found_options["database"] = file; } else { files << file; } } return result; } arguments::arguments(int argc, char *argv[]) { parse(argc, argv); } arguments::arguments(const arguments &a) { *this = a; } arguments &arguments::operator = (const arguments &a) { files = a.files; found_options = a.found_options; return *this; } QString arguments::operator [] (const QString &key) const { return found_options[key]; } bool arguments::has(const QString &opt) const { return found_options.contains(opt); } QStringList arguments::getFiles() const { return files; } bool arguments::needDb() const { return need_db; } bool arguments::is_console(int argc, char *argv[]) { const char *nogui = getenv("XCA_NO_GUI"); if (nogui && *nogui) return true; if (argc > 0 && QString(argv[0]).endsWith("xca-console")) return true; /* Setup "no-gui" options */ QStringList console_opts; for (auto i = opts.begin(); i != opts.end(); ++i) { if (i->no_gui) console_opts << QString("-%1").arg(i->long_opt); } qDebug() << "NOGUI_OPTS" << console_opts; for (int i = 1; i < argc; i++) { QString arg = QString(argv[i]); if (arg.startsWith("--")) arg = arg.mid(1); foreach(QString opt, console_opts) { if (arg.startsWith(opt)) return true; } } return false; } xca-RELEASE.2.9.0/lib/arguments.h000066400000000000000000000024121477156507700163220ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __ARGUMENTS_H #define __ARGUMENTS_H #include "base.h" #include #include #include #include enum { file_argument, required_argument, no_argument, }; class arg_option { public: const char *long_opt{}; const char *arg{}; int arg_type{}; bool no_gui{}; bool need_db{}; QString help{}; arg_option(const char *l, const char *a, int has_arg, bool n, bool nd, const char *h); QCommandLineOption getCmdOption() const; }; class arguments { private: static const QList opts; int result{}; QMap found_options{}; QStringList files{}; bool need_db{ false }; public: static bool is_console(int argc, char *argv[]); static QString help(); static QString man(); static QString rst(); static QString completion(); static size_t maxOptWidth(); static QString doc(const QString &which); arguments(int argc, char *argv[]); arguments(const arguments &a); QString operator [] (const QString &) const; arguments &operator = (const arguments &); bool has(const QString &opt) const; int parse(int argc, char *argv[]); QStringList getFiles() const; bool needDb() const; }; #endif xca-RELEASE.2.9.0/lib/asn1int.cpp000066400000000000000000000071461477156507700162360ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #include "asn1int.h" #include "func_base.h" #include "exception.h" #include "limits.h" #include #include static const QSharedPointer a1init(const ASN1_INTEGER *i) { ASN1_INTEGER *a; if (i) { a = ASN1_INTEGER_dup(i); Q_CHECK_PTR(a); } else { a = ASN1_INTEGER_new(); Q_CHECK_PTR(a); ASN1_INTEGER_set(a, 0); } QSharedPointer r(a, ASN1_INTEGER_free); openssl_error(); return r; } a1int::a1int() : in(a1init(nullptr)) { } a1int::a1int(const ASN1_INTEGER *i) : in(a1init(i)) { } a1int::a1int(const a1int &a) : in(a1init(a.get0())) { } a1int::a1int(const QString &hex) : in(a1init(nullptr)) { setHex(hex); } a1int::a1int(long l) : in(a1init(nullptr)) { set(l); } a1int &a1int::set(const ASN1_INTEGER *i) { in = a1init(i); return *this; } a1int &a1int::set(long l) { ASN1_INTEGER_set(in.data(), l); openssl_error(); return *this; } QString a1int::toQString(int dec) const { QString r; if (in->length == 0) { return r; } QSharedPointer bn(ASN1_INTEGER_to_BN(get0(), NULL), BN_free); openssl_error(); char *res = dec ? BN_bn2dec(bn.data()) : BN_bn2hex(bn.data()); r = res; OPENSSL_free(res); openssl_error(); return r; } QString a1int::toHex() const { return toQString(0); } QString a1int::toDec() const { return toQString(1); } a1int &a1int::setQString(const QString &s, int dec) { BIGNUM *bn = nullptr; if (s.isEmpty()) { return *this; } if (dec) BN_dec2bn(&bn, s.toLatin1()); else BN_hex2bn(&bn, s.toLatin1()); openssl_error(); BN_to_ASN1_INTEGER(bn, in.data()); BN_free(bn); openssl_error(); return *this; } a1int &a1int::setHex(const QString &s) { return setQString(s, 0); } a1int &a1int::setDec(const QString &s) { return setQString(s, 1); } a1int &a1int::setRaw(const unsigned char *data, unsigned len) { QSharedPointer bn(BN_bin2bn(data, len, NULL), BN_free); openssl_error(); Q_CHECK_PTR(bn); BN_to_ASN1_INTEGER(bn.data(), in.data()); openssl_error(); return *this; } ASN1_INTEGER *a1int::get() const { return ASN1_INTEGER_dup(get0()); } const ASN1_INTEGER *a1int::get0() const { return in.data(); } long a1int::getLong() const { int64_t value; int r = ASN1_INTEGER_get_int64(&value,get0()); if (r == 0 || value > LONG_MAX || value < LONG_MIN) throw errorEx(QString("ASN1 Integer: Failed to convert %1 to long").arg(toDec())); return (long)value; } a1int &a1int::operator ++ (void) { QSharedPointer bn(ASN1_INTEGER_to_BN(get0(), NULL), BN_free); openssl_error(); BN_add(bn.data(), bn.data(), BN_value_one()); openssl_error(); BN_to_ASN1_INTEGER(bn.data(), in.data()); openssl_error(); return *this; } a1int a1int::operator ++ (int) { a1int tmp = *this; operator ++ (); return tmp; } a1int &a1int::operator = (const a1int &a) { set(a.get0()); return *this; } a1int &a1int::operator = (long i) { ASN1_INTEGER_set(in.data(), i); openssl_error(); return *this; } bool a1int::operator > (const a1int &a) const { return (ASN1_INTEGER_cmp(get0(), a.get0()) > 0); } bool a1int::operator < (const a1int &a) const { return (ASN1_INTEGER_cmp(get0(), a.get0()) < 0); } bool a1int::operator == (const a1int &a) const { return (ASN1_INTEGER_cmp(get0(), a.get0()) == 0); } bool a1int::operator != (const a1int &a) const { return (ASN1_INTEGER_cmp(get0(), a.get0()) != 0); } a1int::operator QString() const { return toHex(); } QByteArray a1int::i2d() { return i2d_bytearray(I2D_VOID(i2d_ASN1_INTEGER), get0()); } int a1int::derSize() const { return i2d_ASN1_INTEGER(in.data(), nullptr); } xca-RELEASE.2.9.0/lib/asn1int.h000066400000000000000000000022261477156507700156750ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __ASN1INTEGER_H #define __ASN1INTEGER_H #include #include #include class a1int { private: QSharedPointer in{}; a1int &setQString(const QString &s, int dec); QString toQString(int dec) const; public: a1int(); a1int(const ASN1_INTEGER *i); a1int(const a1int &a); a1int(long l); a1int(const QString &hex); a1int &set(const ASN1_INTEGER *i); a1int &set(long l); QString toHex() const; QString toDec() const; a1int &setHex(const QString &s); a1int &setDec(const QString &s); a1int &setRaw(const unsigned char *data, unsigned len); long getLong() const; ASN1_INTEGER *get() const; const ASN1_INTEGER *get0() const; QByteArray i2d(); int derSize() const; a1int &operator ++ (void); a1int operator ++ (int); a1int &operator = (const a1int &a); a1int &operator = (long i); bool operator > (const a1int &a) const; bool operator < (const a1int &a) const; bool operator == (const a1int &a) const; bool operator != (const a1int &a) const; operator QString() const; }; #endif xca-RELEASE.2.9.0/lib/asn1time.cpp000066400000000000000000000107241477156507700163760ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2012 Christian Hohnstaedt. * * All rights reserved. */ #include #include "base.h" #include "func.h" #include "exception.h" #include "asn1time.h" #include #include #include #include #include #include /* As defined in rfc-5280 4.1.2.5 */ #define UNDEFINED_DATE "99991231235959Z" #define UTC_FORMAT "yyMMddHHmmss'Z'" #define GEN_FORMAT "yy" UTC_FORMAT bool a1time::isUndefined() const { return toSecsSinceEpoch() == 0; } a1time &a1time::setUndefined() { /* This way we handle "Jan 01, 1970 00:00:00" * like RFC-5280 undefined date. I dare it */ setTimeZone(QTimeZone::utc()); setSecsSinceEpoch(0); return *this; } int a1time::from_asn1(const ASN1_TIME *a) { ASN1_GENERALIZEDTIME *gt; QString t; *this = QDateTime(); if (!a) return -1; gt = ASN1_TIME_to_generalizedtime((ASN1_TIME*)a, NULL); if (!gt) return -1; t = QString::fromLatin1((char*)gt->data, gt->length); ASN1_GENERALIZEDTIME_free(gt); return fromPlain(t); } int a1time::fromPlain(const QString &plain) { setTimeZone(QTimeZone::systemTimeZone()); if (plain == UNDEFINED_DATE) setUndefined(); else *this = fromString(plain, GEN_FORMAT); setTimeZone(QTimeZone::utc()); return isValid() ? 0 : -1; } int a1time::set_asn1(const QString &str, int type) const { if (!atime) atime = ASN1_TIME_new(); if (!atime) return -1; atime->type = type; if (ASN1_STRING_set(atime, str.toLatin1(), str.length())) return -1; return 0; } a1time &a1time::operator = (const a1time &a) { if (atime) ASN1_TIME_free(atime); QDateTime::operator=(a); return *this; } a1time::a1time() { *this = now(); } a1time::a1time(const ASN1_TIME *a) { from_asn1(a); } a1time::a1time(const QString &plain) { fromPlain(plain); } a1time::~a1time() { if (atime) ASN1_TIME_free(atime); } const ASN1_TIME *a1time::get_utc() const { int year = date().year(); if (!isValid() || isUndefined() || year > 2049 || year < 1950) return get(); set_asn1(toUTC().toString(UTC_FORMAT), V_ASN1_UTCTIME); return atime; } const ASN1_TIME *a1time::get() const { if (isUndefined()) set_asn1(UNDEFINED_DATE, V_ASN1_GENERALIZEDTIME); else if (!isValid()) throw errorEx("Invalid Time"); else set_asn1(toUTC().toString(GEN_FORMAT), V_ASN1_GENERALIZEDTIME); return atime; } a1time &a1time::set(const ASN1_TIME *a) { from_asn1(a); return *this; } QString a1time::toString(QString fmt, Qt::TimeSpec spec) const { if (isUndefined()) return QObject::tr("Undefined"); if (!isValid()) return QObject::tr("Broken / Invalid"); return QLocale().toString( spec == Qt::UTC ? toUTC() : toLocalTime(), fmt); } QString a1time::toPretty() const { QString fmt = QLocale().dateTimeFormat(); return toString(fmt, Qt::LocalTime); } QString a1time::toPrettyGMT() const { return toString("yyyy-MM-dd'T'HH:mm:ss' GMT'"); } QString a1time::toSortable() const { return toString("yyyy-MM-dd"); } QString a1time::toPlain(const QString &fmt) const { if (isUndefined()) return QString(UNDEFINED_DATE); if (!isValid()) return QString("Broken-InvalidZ"); return toString(fmt.isEmpty() ? GEN_FORMAT : fmt); } qint64 a1time::age() const { return secsTo(now()); } QString a1time::toFancy() const { QString fmt("Dunno"); qint64 diff = age(); int dtn = toLocalTime().daysTo(now().toLocalTime()); bool future = false; if (diff < 0) { future = true; diff *= -1; } if (diff < 2 * SECS_PER_MINUTE) { fmt = future ? QObject::tr("in %1 seconds") : QObject::tr("%1 seconds ago"); } else if (diff < 2 *SECS_PER_HOUR) { diff /= SECS_PER_MINUTE; fmt = future ? QObject::tr("in %1 minutes") : QObject::tr("%1 minutes ago"); } else if (dtn == 1) { return QObject::tr("Yesterday"); } else if (dtn == -1) { return QObject::tr("Tomorrow"); } else if (diff < SECS_PER_DAY) { diff /= SECS_PER_HOUR; fmt = future ? QObject::tr("in %1 hours") : QObject::tr("%1 hours ago"); } else { return QLocale().toString(date(), QLocale::ShortFormat); } return fmt.arg(diff); } QString a1time::toPlainUTC() const { return toPlain(UTC_FORMAT); } QDateTime a1time::now(int delta) { return QDateTime::currentDateTime().toUTC().addSecs(delta); } void a1time::d2i(QByteArray &ba) { ASN1_TIME *n = (ASN1_TIME*)d2i_bytearray( D2I_VOID(d2i_ASN1_TIME), ba); openssl_error(); if (n) { from_asn1(n); ASN1_TIME_free(n); } } QByteArray a1time::i2d() const { return i2d_bytearray(I2D_VOID(i2d_ASN1_TIME), get()); } xca-RELEASE.2.9.0/lib/asn1time.h000066400000000000000000000026211477156507700160400ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2012, 2018 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __ASN1TIME_H #define __ASN1TIME_H #include #include #include #define SECS_PER_MINUTE (60) #define SECS_PER_HOUR (SECS_PER_MINUTE *60) #define SECS_PER_DAY (SECS_PER_HOUR*24) #define MSECS_PER_MINUTE (SECS_PER_MINUTE*1000) #define MSECS_PER_HOUR (SECS_PER_HOUR*1000) class a1time : public QDateTime { private: mutable ASN1_TIME *atime{}; int from_asn1(const ASN1_TIME *a); int set_asn1(const QString &str, int type) const; public: a1time(); a1time(const QDateTime &a) : QDateTime(a) { }; a1time(const a1time &a) : QDateTime(a) { }; a1time(const ASN1_TIME *a); a1time(const QString &plain); a1time &operator = (const a1time &a); ~a1time(); a1time &set(const ASN1_TIME *a); int fromPlain(const QString &plain); a1time &setUndefined(); bool isUndefined() const; QString toString(QString fmt, Qt::TimeSpec spec = Qt::UTC) const; QString toPretty() const; QString toPrettyGMT() const; QString toPlain(const QString &fmt = QString()) const; QString toPlainUTC() const; QString toSortable() const; QString toFancy() const; QString isoLocalDate() const; const ASN1_TIME *get() const; const ASN1_TIME *get_utc() const; static QDateTime now(int delta = 0); QByteArray i2d() const; void d2i(QByteArray &ba); qint64 age() const; }; #endif xca-RELEASE.2.9.0/lib/base.h000066400000000000000000000027351477156507700152370ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __BASE_H #define __BASE_H #define QT_NO_CAST_TO_ASCII #define OPENSSL_NO_STDIO // Disable advertisement for crappy, insecure, non-conformant MS BS _s functions #define _CRT_SECURE_NO_WARNINGS #pragma warning(disable:4996) #ifndef PACKAGE_NAME #define XCA_TITLE "X Certificate and Key management" #else #define XCA_TITLE PACKAGE_NAME #endif #include #include "local.h" #define CCHAR(x) qPrintable(x) #define TRACE qDebug("File: %s Func: %s Line: %d", __FILE__, __func__, __LINE__); #define nativeSeparator(s) QDir::toNativeSeparators(s) #define ARRAY_SIZE(x) (sizeof(x)/sizeof((x)[0])) #define MIN(a,b) ((a)<(b)) ? (a) : (b) #if Q_BYTE_ORDER == Q_BIG_ENDIAN #define xhtonl(x) (x) #define xntohl(x) (x) #elif Q_BYTE_ORDER == Q_LITTLE_ENDIAN #if defined(Q_OS_WIN32) #include #define xhtonl(x) (_byteswap_ulong(x)) #define xntohl(x) (_byteswap_ulong(x)) #else #define xhtonl(x) (__builtin_bswap32(x)) #define xntohl(x) (__builtin_bswap32(x)) #endif #else # error "What kind of system is this?" #endif #define COL_CYAN "\x1b[36m" #define COL_BLUE "\x1b[94m" #define COL_GREEN "\x1b[92m" #define COL_LRED "\x1b[91m" #define COL_YELL "\x1b[33m" #define COL_RED "\x1b[31m" #define COL_DGREEN "\x1b[32m" #define COL_MAGENTA "\x1b[35m" #define COL_RESET "\x1b[0m" #define COL_BOLD "\x1b[1m" #define COL_DIM "\x1b[2m" #define COL_UNDER "\x1b[4m" #endif xca-RELEASE.2.9.0/lib/builtin_curves.cpp000066400000000000000000000071711477156507700177140ustar00rootroot00000000000000/* * Copyright (C) 2014 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include #include #include #include "builtin_curves.h" #include "exception.h" #include "func.h" #ifndef OPENSSL_NO_EC #include #include "opensc-pkcs11.h" static const QList rfc5480_curve_nids() { return QList { NID_X9_62_prime192v1, NID_secp224r1, NID_X9_62_prime256v1, NID_secp384r1, NID_secp521r1, }; }; static const QList x962_curve_nids() { return QList { NID_X9_62_prime192v1, NID_X9_62_prime192v2, NID_X9_62_prime192v3, NID_X9_62_prime239v1, NID_X9_62_prime239v2, NID_X9_62_prime239v3, NID_X9_62_prime256v1, NID_X9_62_c2pnb163v1, NID_X9_62_c2pnb163v2, NID_X9_62_c2pnb163v3, NID_X9_62_c2pnb176v1, NID_X9_62_c2tnb191v1, NID_X9_62_c2tnb191v2, NID_X9_62_c2tnb191v3, NID_X9_62_c2pnb208w1, NID_X9_62_c2tnb239v1, NID_X9_62_c2tnb239v2, NID_X9_62_c2tnb239v3, NID_X9_62_c2pnb272w1, NID_X9_62_c2pnb304w1, NID_X9_62_c2tnb359v1, NID_X9_62_c2pnb368w1, NID_X9_62_c2tnb431r1 }; }; static const QList other_curve_nids() { return QList { NID_sect113r1, NID_sect113r2, NID_sect131r1, NID_sect131r2, NID_sect163k1, NID_sect163r1, NID_sect163r2, NID_sect193r1, NID_sect193r2, NID_sect233k1, NID_sect233r1, NID_sect239k1, NID_sect283k1, NID_sect283r1, NID_sect409k1, NID_sect409r1, NID_sect571k1, NID_sect571r1, NID_secp112r1, NID_secp112r2, NID_secp128r1, NID_secp128r2, NID_secp160k1, NID_secp160r1, NID_secp160r2, NID_secp192k1, NID_secp224k1, NID_secp224r1, NID_secp256k1, NID_secp384r1, NID_secp521r1, NID_wap_wsg_idm_ecid_wtls1, NID_wap_wsg_idm_ecid_wtls3, NID_wap_wsg_idm_ecid_wtls4, NID_wap_wsg_idm_ecid_wtls5, NID_wap_wsg_idm_ecid_wtls6, NID_wap_wsg_idm_ecid_wtls7, NID_wap_wsg_idm_ecid_wtls8, NID_wap_wsg_idm_ecid_wtls9, NID_wap_wsg_idm_ecid_wtls10, NID_wap_wsg_idm_ecid_wtls11, NID_wap_wsg_idm_ecid_wtls12, #ifdef NID_brainpoolP160r1 NID_brainpoolP160r1, NID_brainpoolP160t1, NID_brainpoolP192r1, NID_brainpoolP192t1, NID_brainpoolP224r1, NID_brainpoolP224t1, NID_brainpoolP256r1, NID_brainpoolP256t1, NID_brainpoolP320r1, NID_brainpoolP320t1, NID_brainpoolP384r1, NID_brainpoolP384t1, NID_brainpoolP512r1, NID_brainpoolP512t1 #endif }; }; builtin_curves::builtin_curves() { int i, num_curves = EC_get_builtin_curves(NULL, 0); EC_builtin_curve *curves = new EC_builtin_curve[num_curves]; Q_CHECK_PTR(curves); BIGNUM *order = BN_new(); Q_CHECK_PTR(order); EC_get_builtin_curves(curves, num_curves); for (i=0; i < num_curves; i++) { int flag = 0, nid = curves[i].nid; unsigned long type = 0; if (rfc5480_curve_nids().contains(nid)) flag = CURVE_RFC5480; else if (x962_curve_nids().contains(nid)) flag = CURVE_X962; else if (other_curve_nids().contains(nid)) flag = CURVE_OTHER; else continue; EC_GROUP *group = EC_GROUP_new_by_curve_name(nid); EC_GROUP_get_order(group, order, NULL); switch (EC_METHOD_get_field_type(EC_GROUP_method_of(group))) { case NID_X9_62_prime_field: type = CKF_EC_F_P; break; case NID_X9_62_characteristic_two_field: type = CKF_EC_F_2M; break; default: continue; } #undef PRINT_KNOWN_CURVES #ifdef PRINT_KNOWN_CURVES qDebug() << QString(curves[i].comment).leftJustified(50) << QString(OBJ_nid2sn(nid)).leftJustified(27) << OBJ_obj2QString(OBJ_nid2obj(nid),1).leftJustified(20) << (type == CKF_EC_F_P ? "Fp" : "F2m"); #endif append(builtin_curve(nid, QString(curves[i].comment), BN_num_bits(order), flag, type)); EC_GROUP_free(group); } BN_free(order); delete[] curves; } #else builtin_curves::builtin_curves() { } #endif xca-RELEASE.2.9.0/lib/builtin_curves.h000066400000000000000000000014711477156507700173560ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2014 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __BUILTIN_EC_CURVES_H #define __BUILTIN_EC_CURVES_H #include #include #include "base.h" #define CURVE_X962 1 #define CURVE_OTHER 2 #define CURVE_RFC5480 3 class builtin_curve { public: int nid{}; QString comment{}; unsigned order_size{}; int flags{}; /* type: CKF_EC_F_P || CKF_EC_F_2M */ unsigned long type{}; builtin_curve(int n, QString c, int s, int f, int t) : nid(n), comment(c), order_size(s), flags(f), type(t) { }; builtin_curve() = delete; }; class builtin_curves: public QList { public: builtin_curves(); bool containNid(int nid) { foreach(const builtin_curve &c, *this) if (c.nid == nid) return true; return false; } }; #endif xca-RELEASE.2.9.0/lib/cmdline.cpp000066400000000000000000000172661477156507700163000ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2023 Christian Hohnstaedt. * * All rights reserved. */ #include #include #include #include "func.h" #include "database_model.h" #include "debug_info.h" #include "pki_multi.h" #include "pki_evp.h" #include "pki_base.h" #include "pki_x509.h" #include "pki_crl.h" #include "arguments.h" #include "pki_export.h" #include "PwDialogCore.h" #include "BioByteArray.h" #include "db_x509.h" #include "db_crl.h" static const char *xca_name = "xca"; static void cmd_version(FILE *fp) { console_write(fp, QString(XCA_TITLE "\nVersion %1\n") .arg(version_str(false)).toUtf8()); } static int cmd_help(int exitcode = EXIT_SUCCESS, const char *msg = NULL) { FILE *fp = exitcode == EXIT_SUCCESS ? stdout : stderr; QString s; cmd_version(fp); s = QString("\nUsage %1 ...\n\n%2\n") .arg(xca_name).arg(arguments::help()); if (msg) s += QString("\nError: %1\n").arg(msg); console_write(fp, s.toUtf8()); return exitcode; } static Passwd acquire_password(QString source) { Passwd pass; pass.append(source.toUtf8()); if (source == "stdin") source = "fd:0"; if (source.startsWith("pass:")) { pass = source.mid(5).toLatin1(); } else if (source.startsWith("file:")) { XFile f(source.mid(5)); f.open_read(); pass = f.readLine(128).trimmed(); } else if (source.startsWith("env:")) { pass = getenv(source.mid(4).toLocal8Bit()); } else if (source.startsWith("fd:")) { int fd = source.mid(3).toInt(); QFile f; f.open(fd, QIODevice::ReadOnly); pass = f.readLine(128).trimmed(); } return pass; } static bool compare_pki_base(pki_base* a, pki_base* b) { return (a->getSqlItemId().toULongLong() < b->getSqlItemId().toULongLong()); } int read_cmdline(int argc, char *argv[], bool console_only, pki_multi **_cmdline_items) { pki_multi *cmdline_items; if (argc > 0) xca_name = argv[0]; arguments cmd_opts(argc, argv); PwDialogCore::cmdline_passwd = acquire_password(cmd_opts["password"]); Passwd sqlpw = acquire_password(cmd_opts["sqlpass"]); if (cmd_opts.has("verbose")) { QString all = cmd_opts["verbose"]; debug_info::set_debug(all.isEmpty() ? QString("all") : all); } if (console_only) database_model::open_without_password = true; if (cmd_opts.has("no-native-dialogs")) QCoreApplication::setAttribute(Qt::AA_DontUseNativeDialogs, true); if (cmd_opts.has("database")) Database.open(cmd_opts["database"], sqlpw); *_cmdline_items = cmdline_items = new pki_multi(); foreach(QString file, cmd_opts.getFiles()) { qDebug() << "Probe" << file; cmdline_items->probeAnything(file); } QStringList names = cmd_opts["import-names"].split(";"); foreach(pki_base *pki, cmdline_items->get()) { if (names.isEmpty()) break; QString name = names.takeFirst(); if (!name.isEmpty()) pki->setIntName(name); } if (cmdline_items->failed_files.size() > 0) { XCA_WARN(QString("Failed to import from '%1'") .arg(cmdline_items->failed_files.join("' '"))); } if (cmd_opts.needDb() && !Database.isOpen()) { /* We need a database for the following operations * but there is none, yet. Try the default database */ try { Database.open(QString()); } catch (errorEx &err) { return cmd_help(EXIT_FAILURE, CCHAR(err.getString())); } catch (enum open_result opt) { static const char * const msg[] = { /* pw_cancel */ "Password input aborted", /* pw_ok */ "Password accepted??", /* pw_exit */ "Exit selected", /* open_abort*/ "No database given", }; return cmd_help(EXIT_FAILURE, msg[opt]); } } database_model::open_without_password = false; if (cmd_opts.has("list-curves")) { QStringList list; foreach(const builtin_curve &c, builtinCurves) { list << QString(COL_YELL "%1" COL_RESET "%2") .arg(OBJ_nid2sn(c.nid), -26) .arg(c.comment); } console_write(stdout, list.join("\n").toUtf8() + '\n'); } if (cmd_opts.has("list-items")) { QStringList list; QList items = Store.getAll(); std::sort(items.begin(), items.end(), compare_pki_base); foreach(pki_base *pki, items) { list << QString(COL_YELL "%1 " COL_GREEN "%2 " COL_RESET "%3") .arg(pki->getSqlItemId().toString(), 7) .arg(pki->getTypeString(), -27) .arg(pki->getIntName()); } console_write(stdout, list.join("\n").toUtf8() + '\n'); } if (!cmd_opts["index"].isEmpty()) { qDebug() << cmd_opts["index"]; db_x509 *certs = Database.model(); certs->writeIndex(cmd_opts["index"], false); XCA_INFO(QObject::tr("Index file written to '%1'") .arg(cmd_opts["index"])); } if (!cmd_opts["hierarchy"].isEmpty()) { qDebug() << cmd_opts["hierarchy"]; db_x509 *certs = Database.model(); certs->writeIndex(cmd_opts["hierarchy"], true); XCA_INFO(QObject::tr("Index hierarchy written to '%1'") .arg(cmd_opts["hierarchy"])); } if (cmd_opts.has("help")) cmd_help(); if (cmd_opts.has("version")) cmd_version(stdout); if (cmd_opts.has("keygen")) { keyjob task(cmd_opts["keygen"]); if (!task.isValid()) { Database.close(); throw errorEx(QObject::tr("Unknown key type %1") .arg(cmd_opts["keygen"])); } db_key *keys = Database.model(); pki_key *pki = keys->newKey(task, cmd_opts["name"]); if (pki) cmdline_items->append_item(pki); } if (cmd_opts.has("issuers")) { QStringList out; db_x509 *certs = Database.model(); QListissuers = certs->getAllIssuers(); std::sort(issuers.begin(), issuers.end(), compare_pki_base); foreach(pki_x509 *iss, issuers) { pki_key *key = iss->getRefKey(); QString keytype = key ? key->getTypeString() : ""; out << QString(COL_YELL "%1 " COL_GREEN "%2 " COL_RESET "%3") .arg(iss->getSqlItemId().toULongLong(), 7) .arg(keytype, -13) .arg(iss->getIntName()); } console_write(stdout, out.join("\n").toUtf8() + '\n'); } if (cmd_opts.has("crlgen")) { db_crl *crls = Database.model(); db_x509 *certs = Database.model(); QListissuers = certs->getAllIssuers(); pki_x509 *issuer = NULL; QString ca = cmd_opts["crlgen"]; foreach(pki_x509 *iss, issuers) { if (iss->getIntName() == ca || iss->getSqlItemId().toString() == ca) { issuer = iss; break; } } if (!issuer) { XCA_ERROR(QString("Issuer '%1' not found") .arg(cmd_opts["crlgen"])); } else { crljob task(issuer); pki_crl *crl = crls->newCrl(task, cmd_opts["name"]); if (crl) cmdline_items->append_item(crl); } } if (!cmd_opts["select"].isEmpty()) { foreach(QString item, cmd_opts["select"].split(",")) { bool ok; qDebug() << "Select" << item; qulonglong id = item.toULongLong(&ok); pki_base *pki = Store.lookupPki(QVariant(id)); if (pki) cmdline_items->append_item(pki); } } BioByteArray bba, bbafile; foreach(pki_base *pki, cmdline_items->get()) { QString filename = pki->getFilename(); if ((cmd_opts.has("text") || cmd_opts.has("print")) && filename.size() > 0) { bba += QString("\n" COL_GREEN COL_UNDER "File: %1" COL_RESET "\n").arg(filename).toUtf8(); } if (cmd_opts.has("print")) pki->print(bba, pki_base::print_coloured); if (cmd_opts.has("text")) pki->print(bba, pki_base::print_openssl_txt); if (cmd_opts.has("pem-file")) pki->print(bbafile, pki_base::print_pem); else if (cmd_opts.has("pem")) pki->print(bba, pki_base::print_pem); } if (bba.size() > 0) console_write(stdout, bba); if (bbafile.size() > 0) { QString filename = cmd_opts["pem-file"]; XFile f(filename); if (f.open_write()) f.write(bbafile); else XCA_ERROR(QObject::tr("Failed to write PEM data to '%1'") .arg(filename)); f.close(); } if (cmd_opts.has("import")) { Database.insert(cmdline_items); *_cmdline_items = nullptr; } return EXIT_SUCCESS; } xca-RELEASE.2.9.0/lib/database_model.cpp000066400000000000000000000333411477156507700176010ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2020 Christian Hohnstaedt. * * All rights reserved. */ #include #include #include "XcaWarningCore.h" #include "PwDialogCore.h" #include "exception.h" #include "database_model.h" #include "pki_temp.h" #include "pki_x509req.h" #include "pki_evp.h" #include "pki_scard.h" #include "pki_multi.h" #include "entropy.h" #include "db_base.h" #include "sql.h" #include "func.h" #include "settings.h" #include "entropy.h" #include "pass_info.h" #include "db_key.h" #include "db_x509.h" #include "db_crl.h" #include "db_x509req.h" #include "db_temp.h" xca_db Database; bool database_model::open_without_password = false; const QString &database_model::detect_provider() { // Since we may access the database via ODBC, we need to ask // the backend engine directly. static const QList db_probes { { "SELECT sqlite_version()", "3", "SQLITE" }, { "SELECT version()", "postgresql", "POSTGRES" }, { "SELECT @@version", "mysql", "MARIADB" }, { "SELECT @@version", "mariadb", "MARIADB" }, { "SELECT @@version", "microsoft", "MICROSOFT" }, }; if (db_provider.isEmpty()) { QSqlDatabase db = QSqlDatabase::database(); if (!db.isOpen()) return db_provider; db_provider = "UNKNOWN"; XSqlQuery q; foreach(QStringList probe, db_probes) { qDebug() << probe[0]; if (q.exec(probe[0]) && !q.lastError().isValid() && q.next()) { QString id = q.value(0).toString().simplified(); qDebug() << probe[1] << id; if (id.contains(probe[1], Qt::CaseInsensitive)) { db_provider = probe[2]; break; } } } } qDebug() << "db_provider:" << db_provider; return db_provider; } QSqlError database_model::initSqlDB() { #define MAX_SCHEMAS 8 /* The initial SQL creation data creates a version "7" * database. Then an update to Version 8 by creating "takeys" * is executed. */ #define INITIAL_SCHEMA_VERSION "7" QStringList schemas[MAX_SCHEMAS]; #include "database_schema.cpp" XSqlQuery q; QSqlDatabase db = QSqlDatabase::database(); QStringList tables; unsigned int i; if (!db.isOpen()) return QSqlError(); QString b64_blob = "TEXT"; if (detect_provider() == "MARIADB") b64_blob = "LONGTEXT"; Transaction; if (!TransBegin()) return db.lastError(); for (;;) { i = XSqlQuery::schemaVersion(); if (i >= ARRAY_SIZE(schemas)) break; foreach(QString sql, schemas[i]) { sql.replace("_B64_BLOB_", b64_blob); qDebug("EXEC[%d]: '%s'", i, CCHAR(sql)); if (!q.exec(sql) || q.lastError().isValid()) { TransRollback(); return q.lastError(); } } } if (i < MAX_SCHEMAS) throw errorEx(QObject::tr("Failed to update the database schema to the current version")); TransCommit(); return QSqlError(); } bool database_model::checkForOldDbFormat(const QString &dbfile) const { // 0x ca db 19 69 static const unsigned char magic[] = { 0xca, 0xdb, 0x19, 0x69 }; char head[4]; XFile file(dbfile); if (!file.exists()) return 0; if (!file.open(QIODevice::ReadOnly)) return 0; file.read(head, sizeof head); file.close(); return !memcmp(head, magic, sizeof head); } database_model::database_model(const QString &name, const Passwd &pass) { enum open_result result; QSqlError err; #ifndef APPSTORE_COMPLIANT dbName = name; #else (void)name; dbName = "default.xdb"; #endif if (dbName.isEmpty()) dbName = get_default_db(); if (dbName.isEmpty()) throw open_abort; Passwd passwd(pass); do { try { openDatabase(dbName, passwd); break; } catch (errorEx &err) { if (!isRemoteDB(dbName)) throw err; if (!passwd.isEmpty()) XCA_ERROR(err); DbMap params = splitRemoteDbName(dbName); pass_info p(XCA_TITLE, tr("Please enter the password to access the database server %2 as user '%1'.") .arg(params["user"]).arg(params["host"])); result = PwDialogCore::execute(&p, &passwd); if (result != pw_ok) throw result; } } while (1); Entropy::seed_rng(); initSqlDB(); result = initPass(dbName, Settings["pwhash"]); if (result == pw_exit) throw pw_exit; if (result != pw_ok && Settings["pwhash"].empty()) throw open_abort; /* Assure initialisation order: * keys first, followed by x509[req], and crls last. * Templates don't care. */ db_key *dbkey = new db_key(); models << dbkey; models << new db_x509req(); models << new db_x509(); models << new db_crl(); models << new db_temp(); if (dbkey) dbkey->updateKeyEncryptionScheme(); foreach(db_base *m, models) { Q_CHECK_PTR(m); connect(m, SIGNAL(pkiChanged(pki_base*)), this, SLOT(pkiChangedSlot(pki_base*))); } pkcs11::libraries.load(Settings["pkcs11path"]); restart_timer(); } db_base *database_model::modelForPki(const pki_base *pki) const { if (dynamic_cast(pki)) return model(); if (dynamic_cast(pki)) return model(); if (dynamic_cast(pki)) return model(); if (dynamic_cast(pki)) return model(); if (dynamic_cast(pki)) return model(); return NULL; } pki_base *database_model::insert(pki_base *pki) { db_base *db = modelForPki(pki); if (db) return db->insert(pki); pki_multi *multi = dynamic_cast(pki); if (multi) { QList items = multi->pull(); foreach(pki_base *i, items) insert(i); } delete pki; return NULL; } void database_model::restart_timer() { if (!IS_GUI_APP) return; killTimer(dbTimer); dbTimer = startTimer(1500); foreach(db_base *m, models) m->restart_timer(); } void database_model::timerEvent(QTimerEvent *event) { quint64 stamp; if (event->timerId() != dbTimer) return; XSqlQuery q; SQL_PREPARE(q, "SELECT MAX(stamp) from items"); q.exec(); if (!q.first()) return; stamp = q.value(0).toULongLong(); q.finish(); if (stamp > DbTransaction::DatabaseStamp) { SQL_PREPARE(q, "SELECT DISTINCT type FROM items WHERE stamp=?"); q.bindValue(0, stamp); q.exec(); QList typelist; while (q.next()) typelist << (enum pki_type)q.value(0).toInt(); q.finish(); qDebug() << "CHANGED" << typelist; foreach(db_base *model, models) model->reloadContainer(typelist); } DbTransaction::DatabaseStamp = stamp; } void database_model::dump_database(const QString &dirname) const { if (dirname.isEmpty()) return; QDir d(dirname); if (!d.exists() && !d.mkdir(dirname)) { throw errorEx(tr("Unable to create '%1': %2").arg(dirname)); return; } qDebug() << "Dumping to" << dirname; foreach(db_base *model, models) model->dump(dirname); } static QString defaultdb() { return getUserSettingsDir() + "/defaultdb"; } QString database_model::get_default_db() const { if (QSqlDatabase::database().isOpen()) return QString(); QFile inputFile(defaultdb()); if (!inputFile.open(QIODevice::ReadOnly)) return QString(); char buf[2048]; int ret = inputFile.readLine(buf, sizeof buf); if (ret < 1) return 0; inputFile.close(); QString dbfile = QString::fromUtf8(QByteArray(buf, ret)).trimmed(); if (QFile::exists(dbfile) || isRemoteDB(dbfile)) return dbfile; return QString(); } void database_model::as_default_database(const QString &db) { QFile file(defaultdb()); if (db.isEmpty()) { file.remove(); return; } if (file.open(QIODevice::ReadWrite | QIODevice::Truncate)) { QByteArray ba = isRemoteDB(db) ? db.toUtf8() : relativePath(db).toUtf8(); file.write(ba + '\n'); /* write() failed? Harmless. Only inconvenient */ } file.close(); } database_model::~database_model() { QByteArray ba; QString connName = QSqlDatabase::database().connectionName(); if (!QSqlDatabase::database().isOpen()) { QSqlDatabase::removeDatabase(connName); Settings.clear(); return; } killTimer(dbTimer); qDeleteAll(models); models.clear(); Store.flush(); XSqlQuery q("VACUUM"); QSqlDatabase::database().close(); pki_evp::passwd.cleanse(); pkcs11::libraries.remove_libs(); QSqlDatabase::removeDatabase(connName); Settings.clear(); XSqlQuery::clearTablePrefix(); } #define NUM_PARAM 6 #define NUM_PARAM_LEAST 5 DbMap database_model::splitRemoteDbName(const QString &db) { static const char * const names[NUM_PARAM] = { "all", "user", "host", "type", "dbname", "prefix" }; DbMap map; auto match = QRegularExpression("(.*)@(.*)/(.*):([^#]*)#?([^#]*)") .match(db); QStringList list = match.capturedTexts(); if (match.hasMatch() && list.size() >= NUM_PARAM_LEAST) { if (list.size() == NUM_PARAM_LEAST) list[NUM_PARAM_LEAST] = ""; list[NUM_PARAM_LEAST] = list[NUM_PARAM_LEAST].toLower(); for (int i=0; i < NUM_PARAM; i++) { map[names[i]] = list[i]; } qDebug() << "SPLIT DB:" << map; } return map; } bool database_model::isRemoteDB(const QString &db) { DbMap remote_param = splitRemoteDbName(db); return remote_param.size() == NUM_PARAM; } void database_model::openRemoteDatabase(const QString &connName, const DbMap ¶ms, const Passwd &pass) { QSqlDatabase db = QSqlDatabase::database(connName, false); db.setDatabaseName(params["dbname"]); QStringList hostport = params["host"].split(":"); if (hostport.size() > 0) db.setHostName(hostport[0]); if (hostport.size() > 1) db.setPort(hostport[1].toInt()); db.setUserName(params["user"]); db.setPassword(pass); const QStringList sql_opt_files = { QString("%1-%2.options").arg(db.driverName()).arg(params["host"]), QString("%1.options").arg(db.driverName()) }; for (const QString &file : sql_opt_files) { QString path = getUserSettingsDir() + "/" + file; qDebug() << "TRYING" << path; XFile f(getUserSettingsDir() + "/" + file); if (f.exists() && f.open_read()) { qDebug() << "READING" << file; QString opts = f.readAll(); db.setConnectOptions(opts); break; } f.close(); } QString envvar(QString("XCA_%1_OPTIONS").arg(db.driverName())); const char *opts = getenv(envvar.toLatin1()); if (opts) db.setConnectOptions(opts); XSqlQuery::setTablePrefix(params["prefix"]); db.open(); QSqlError e = db.lastError(); if (e.isValid() || !db.isOpen()) { XSqlQuery::clearTablePrefix(); db.close(); throw errorEx(e); } /* This is MySQL specific. Execute it always, because * dbType() could return "ODBC" but connect to MariaDB */ XSqlQuery q("SET SESSION SQL_MODE='ANSI'"); q.exec("PRAGMA secure_delete = 'true'"); } void database_model::openLocalDatabase(const QString &connName, const QString &descriptor) { QSqlDatabase db = QSqlDatabase::database(connName); XFile f(descriptor); qDebug() << connName << descriptor; if (!f.exists(descriptor)) { f.open(QIODevice::WriteOnly); f.setPermissions(QFile::WriteOwner | QFile::ReadOwner); } if (f.size() != 0) { f.open(QIODevice::ReadOnly); QByteArray ba = f.read(6); qDebug() << "FILE:" << f.fileName() << ba; if (ba != "SQLite") { throw errorEx(tr("The file '%1' is not an XCA database") .arg(f.fileName())); } } f.close(); db.setDatabaseName(descriptor); db.open(); QSqlError e = db.lastError(); if (e.isValid()) { db.close(); throw errorEx(e); } } void database_model::openDatabase(const QString &descriptor, const Passwd &pass) { DbMap params = splitRemoteDbName(descriptor); bool isRemote = params.size() == NUM_PARAM; QString connName, type = isRemote ? params["type"] : QString("QSQLITE"); qDebug() << "IS REMOTE?" << params.size() << NUM_PARAM << type << params; try { QSqlDatabase db = QSqlDatabase::addDatabase(type); connName = db.connectionName(); if (!isRemote) { if (!db.isDriverAvailable("QSQLITE")) throw errorEx(tr("No SqLite3 driver available. Please install the qt-sqlite package of your distribution")); openLocalDatabase(connName, descriptor); } else { openRemoteDatabase(connName, params, pass); } DbTransaction::setHasTransaction( db.driver()->hasFeature(QSqlDriver::Transactions)); } catch (errorEx &err) { QSqlDatabase::removeDatabase(connName); throw err; } } static void pwhash_upgrade() { /* Start automatic update from sha512 to sha512*8000 * if the password is correct. The old sha512 hash does * start with 'S', while the new hash starts with T. */ /* Start automatic update from md5 to salted sha512*8000 * if the password is correct. The md5 hash does not * start with 'S' or 'T, but with a hex-digit */ if (pki_evp::passHash.startsWith("T")) { /* Fine, current hash function used. */ return; } if (pki_evp::sha512passwd(pki_evp::passwd, pki_evp::passHash) == pki_evp::passHash || pki_evp::md5passwd(pki_evp::passwd) == pki_evp::passHash) { QString salt = Entropy::makeSalt(); pki_evp::passHash = pki_evp::sha512passwT( pki_evp::passwd, salt); } } enum open_result database_model::initPass(const QString &dbName, const QString &passhash) const { QString salt, pass; enum open_result result = pw_cancel; pass_info p(tr("New Password"), tr("Please enter a password, " "that will be used to encrypt your private keys " "in the database:\n%1"). arg(compressFilename(dbName))); pki_evp::passHash = passhash; if (pki_evp::passHash.isEmpty()) { result = PwDialogCore::execute(&p, &pki_evp::passwd,true,true); if (result != pw_ok) return result; salt = Entropy::makeSalt(); pki_evp::passHash =pki_evp::sha512passwT(pki_evp::passwd,salt); Settings["pwhash"] = pki_evp::passHash; } else if (!open_without_password) { pwhash_upgrade(); while (pki_evp::sha512passwT(pki_evp::passwd, pki_evp::passHash) != pki_evp::passHash) { if (result == pw_ok) XCA_PASSWD_ERROR(); p.setTitle(tr("Password")); p.setDescription(tr("Please enter the password for unlocking the database:\n%1").arg(compressFilename(dbName))); result = PwDialogCore::execute(&p, &pki_evp::passwd, false, true); if (result != pw_ok) { pki_evp::passwd = QByteArray(); return result; } pwhash_upgrade(); } } open_without_password = false; if (pki_evp::passwd.isNull()) pki_evp::passwd = ""; return pw_ok; } void database_model::pkiChangedSlot(pki_base *pki) { emit pkiChanged(pki); } xca-RELEASE.2.9.0/lib/database_model.h000066400000000000000000000064761477156507700172570ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __DATABASE_MODEL_H #define __DATABASE_MODEL_H #include #include #include #include #include #include "sql.h" #include "db_base.h" #include "lib/Passwd.h" typedef QMap DbMap; class database_model: public QObject { Q_OBJECT private: QList models{}; int dbTimer{}; QString dbName{}; QString db_provider{}; void openSqlDB(); QSqlError initSqlDB(); const QString &detect_provider(); bool checkForOldDbFormat(const QString &dbfile) const; enum open_result verifyOldDbPass(const QString &dbname) const; void importOldDatabase(const QString &dbfile); QString get_default_db() const; QString checkPre2Xdatabase() const; enum open_result initPass(const QString &dbName, const QString &passhash) const; void restart_timer(); static void openDatabase(const QString &descriptor, const Passwd &pass); static void openRemoteDatabase(const QString &connName, const DbMap ¶ms, const Passwd &pass); static void openLocalDatabase(const QString &connName, const QString &descriptor); private slots: void pkiChangedSlot(pki_base *pki); public: static bool open_without_password; database_model(const QString &dbName, const Passwd &pass = Passwd()); ~database_model(); void timerEvent(QTimerEvent *event); db_base *modelForPki(const pki_base *pki) const; QString dbname() const { return dbName; } void dump_database(const QString &dirname) const; QList getModels() const { return models; } template T *model() const { foreach(db_base *model, models) { T *m = dynamic_cast(model); if (m) return m; } return nullptr; } pki_base *insert(pki_base *pki); static DbMap splitRemoteDbName(const QString &db); static bool isRemoteDB(const QString &db); static void as_default_database(const QString &db); signals: void pkiChanged(pki_base *pki) const; }; class xca_db { private: database_model *db{}; public: xca_db() { } ~xca_db() { close(); } void open(const QString &dbName, const Passwd &pass = Passwd()) { close(); db = new database_model(dbName, pass); qDebug() << "Opening database:" << name(); } void open_default() { open(QString()); } void close() { if (db) { qDebug() << "Closing database:" << name(); delete db; db = NULL; } } QString name() const { return db ? db->dbname() : QString(); } bool isOpen() { return db != NULL; } template T *model() const { return db ? db->model() : NULL; } void dump(const QString &dirname) const { if (db) db->dump_database(dirname); } void as_default() const { database_model::as_default_database(name()); } QList getModels() const { return db ? db->getModels() : QList(); } pki_base *insert(pki_base *pki) { return db ? db->insert(pki) : NULL; } db_base *modelForPki(const pki_base *pki) const { return db ? db->modelForPki(pki) : NULL; } void connectToDbChangeEvt(QObject *o, const char *slot) { if (db) QObject::connect( db, SIGNAL(pkiChanged(pki_base*)), o, slot); } }; extern xca_db Database; #endif xca-RELEASE.2.9.0/lib/database_schema.cpp000066400000000000000000000304541477156507700177430ustar00rootroot00000000000000/* The "32bit hash" in public_keys, x509super, requests, certs and crls * is used to quickly find items in the DB by reference. * It consists of the first 4 bytes of a SHA1 hash. * Collisions are of course possible. * * All binaries are stored Base64 encoded in a column of type * ' B64_BLOB ' It is defined here as 'TEXT' which is huge, except * on mysql where LONGTEXT is used. */ #define B64_BLOB "_B64_BLOB_" /* * The B64(DER(something)) function means DER encode something * and then Base64 encode that. * So finally this is PEM without newlines, header and footer * * Dates are always stored as 'CHAR(15)' in the * ASN.1 Generalized time 'yyyyMMddHHmmssZ' format */ #define DB_DATE "CHAR(15)" /* * Configuration settings from * the Options dialog, window size, last export directory, * default key type and size, * table column (position, sort order, visibility) */ schemas[0] << "CREATE TABLE settings (" "key_ CHAR(20) UNIQUE, " // mySql does not like 'key' or 'option" "value " B64_BLOB ")" << "INSERT INTO settings (key_, value) VALUES ('schema', '" INITIAL_SCHEMA_VERSION "')" /* * All items (keys, tokens, requests, certs, crls, templates) * are stored here with the primary key and some common data * The other tables containing the details reference the 'id' * as FOREIGN KEY. */ << "CREATE TABLE items(" "id INTEGER PRIMARY KEY, " "name VARCHAR(128), " // Internal name of the item "type INTEGER, " // enum pki_type "source INTEGER, " // enum pki_source "date " DB_DATE ", " // Time of insertion (creation/import) "comment VARCHAR(2048), " "stamp INTEGER NOT NULL DEFAULT 0, " // indicate concurrent access "del SMALLINT NOT NULL DEFAULT 0)" /* * Storage of public keys. Private keys and tokens also store * their public part here. */ << "CREATE TABLE public_keys (" "item INTEGER, " // reference to items(id) "type CHAR(4), " // RSA DSA EC (as text) "hash INTEGER, " // 32 bit hash "len INTEGER, " // key size in bits "\"public\" " B64_BLOB ", " // B64(DER(public key)) "FOREIGN KEY (item) REFERENCES items (id))" /* * The private part of RSA, DSA, EC keys. * references to 'items' and 'public_keys' */ << "CREATE TABLE private_keys (" "item INTEGER, " // reference to items(id) "ownPass INTEGER, " // Encrypted by DB pwd or own pwd "private " B64_BLOB ", " // B64(Encrypt(DER(private key))) "FOREIGN KEY (item) REFERENCES items (id))" /* * Smart cards or other PKCS#11 tokens * references to 'items' and 'public_keys' */ << "CREATE TABLE tokens (" "item INTEGER, " // reference to items(id) "card_manufacturer VARCHAR(64), " // Card location data "card_serial VARCHAR(64), " // as text "card_model VARCHAR(64), " "card_label VARCHAR(64), " "slot_label VARCHAR(64), " "object_id VARCHAR(64), " // Unique ID on the token "FOREIGN KEY (item) REFERENCES items (id))" /* * Encryption and hash mechanisms supported by a token */ << "CREATE TABLE token_mechanism (" "item INTEGER, " // reference to items(id) "mechanism INTEGER, " // PKCS#11: CK_MECHANISM_TYPE "FOREIGN KEY (item) REFERENCES items (id))" /* * An X509 Super class, consisting of a * - Distinguishd name hash * - Referenced key in the database * - hash of the public key, used for lookups if there * is no key to reference * used by Requests and certificates and the use-counter of keys: * 'SELECT from x509super WHERE pkey=?' */ << "CREATE TABLE x509super (" "item INTEGER, " // reference to items(id) "subj_hash INTEGER, " // 32 bit hash of the Distinguished name "pkey INTEGER, " // reference to the key items(id) "key_hash INTEGER, " // 32 bit hash of the public key "FOREIGN KEY (item) REFERENCES items (id), " "FOREIGN KEY (pkey) REFERENCES items (id)) " /* * PKCS#10 Certificate request details * also takes information from the 'x509super' table. */ << "CREATE TABLE requests (" "item INTEGER, " // reference to items(id) "hash INTEGER, " // 32 bit hash of the request "signed INTEGER, " // Whether it was once signed. "request " B64_BLOB ", " // B64(DER(PKCS#10 request)) "FOREIGN KEY (item) REFERENCES items (id)) " /* * X509 certificate details * also takes information from the 'x509super' table. * The content of the columns: hash, iss_hash, serial, ca * can also be retrieved directly from the certificate, but are good * to lurk around for faster lookup */ << "CREATE TABLE certs (" "item INTEGER, " // reference to items(id) "hash INTEGER, " // 32 bit hash of the cert "iss_hash INTEGER, " // 32 bit hash of the issuer DN "serial VARCHAR(64), " // Serial number of the certificate "issuer INTEGER, " // The items(id) of the issuer or NULL "ca INTEGER, " // CA: yes / no from BasicConstraints "cert " B64_BLOB ", " // B64(DER(certificate)) "FOREIGN KEY (item) REFERENCES items (id), " "FOREIGN KEY (issuer) REFERENCES items (id)) " /* * X509 cartificate Authority data */ << "CREATE TABLE authority (" "item INTEGER, " // reference to items(id) "template INTEGER, " // items(id) of the default template "crlExpire " DB_DATE ", " // CRL expiry date "crlNo INTEGER, " // Last CRL Number "crlDays INTEGER, " // CRL days until renewal "dnPolicy VARCHAR(1024), " // DistinguishedName policy (UNUSED) "FOREIGN KEY (item) REFERENCES items (id), " "FOREIGN KEY (template) REFERENCES items (id)) " /* * Storage of CRLs */ << "CREATE TABLE crls (" "item INTEGER, " // reference to items(id) "hash INTEGER, " // 32 bit hash of the CRL "num INTEGER, " // Number of revoked certificates "iss_hash INTEGER, " // 32 bit hash of the issuer DN "issuer INTEGER, " // The items(id) of the issuer or NULL "crl " B64_BLOB ", " // B64(DER(revocation list)) "FOREIGN KEY (item) REFERENCES items (id), " "FOREIGN KEY (issuer) REFERENCES items (id)) " /* * Revocations (serial, date, reason, issuer) used to create new * CRLs. 'Manage revocations' */ << "CREATE TABLE revocations (" "caId INTEGER, " // reference to certs(item) "serial VARCHAR(64), " // Serial of the revoked certificate "date " DB_DATE ", " // Time of creating the revocation "invaldate " DB_DATE ", " // Time of invalidation "crlNo INTEGER, " // Crl Number of CRL of first appearance "reasonBit INTEGER, " // Bit number of the revocation reason "FOREIGN KEY (caId) REFERENCES items (id))" /* * Templates */ << "CREATE TABLE templates (" "item INTEGER, " // reference to items(id) "version INTEGER, " // Version of the template format "template " B64_BLOB ", " // The base64 encoded template "FOREIGN KEY (item) REFERENCES items (id))" /* Views */ << "CREATE VIEW view_public_keys AS SELECT " "items.id, items.name, items.type AS item_type, items.date, " "items.source, items.comment, " "public_keys.type as key_type, public_keys.len, public_keys.\"public\", " "private_keys.ownPass, " "tokens.card_manufacturer, tokens.card_serial, tokens.card_model, " "tokens.card_label, tokens.slot_label, tokens.object_id " "FROM public_keys LEFT JOIN items ON public_keys.item = items.id " "LEFT JOIN private_keys ON private_keys.item = public_keys.item " "LEFT JOIN tokens ON public_keys.item = tokens.item" << "CREATE VIEW view_certs AS SELECT " "items.id, items.name, items.type, items.date AS item_date, " "items.source, items.comment, " "x509super.pkey, " "certs.serial AS certs_serial, certs.issuer, certs.ca, certs.cert, " "authority.template, authority.crlExpire, " "authority.crlNo AS auth_crlno, authority.crlDays, authority.dnPolicy, " "revocations.serial, revocations.date, revocations.invaldate, " "revocations.crlNo, revocations.reasonBit " "FROM certs LEFT JOIN items ON certs.item = items.id " "LEFT JOIN x509super ON x509super.item = certs.item " "LEFT JOIN authority ON authority.item = certs.item " "LEFT JOIN revocations ON revocations.caId = certs.issuer " "AND revocations.serial = certs.serial" << "CREATE VIEW view_requests AS SELECT " "items.id, items.name, items.type, items.date, " "items.source, items.comment, " "x509super.pkey, " "requests.request, requests.signed " "FROM requests LEFT JOIN items ON requests.item = items.id " "LEFT JOIN x509super ON x509super.item = requests.item" << "CREATE VIEW view_crls AS SELECT " "items.id, items.name, items.type, items.date, " "items.source, items.comment, " "crls.num, crls.issuer, crls.crl " "FROM crls LEFT JOIN items ON crls.item = items.id " << "CREATE VIEW view_templates AS SELECT " "items.id, items.name, items.type, items.date, " "items.source, items.comment, " "templates.version, templates.template " "FROM templates LEFT JOIN items ON templates.item = items.id" << "CREATE VIEW view_private AS SELECT " "name, private FROM private_keys JOIN items ON " "items.id = private_keys.item" << "CREATE INDEX i_settings_key_ ON settings (key_)" << "CREATE INDEX i_items_id ON items (id)" << "CREATE INDEX i_public_keys_item ON public_keys (item)" << "CREATE INDEX i_public_keys_hash ON public_keys (hash)" << "CREATE INDEX i_private_keys_item ON private_keys (item)" << "CREATE INDEX i_tokens_item ON tokens (item)" << "CREATE INDEX i_token_mechanism_item ON token_mechanism (item)" << "CREATE INDEX i_x509super_item ON x509super (item)" << "CREATE INDEX i_x509super_subj_hash ON x509super (subj_hash)" << "CREATE INDEX i_x509super_key_hash ON x509super (key_hash)" << "CREATE INDEX i_x509super_pkey ON x509super (pkey)" << "CREATE INDEX i_requests_item ON requests (item)" << "CREATE INDEX i_requests_hash ON requests (hash)" << "CREATE INDEX i_certs_item ON certs (item)" << "CREATE INDEX i_certs_hash ON certs (hash)" << "CREATE INDEX i_certs_iss_hash ON certs (iss_hash)" << "CREATE INDEX i_certs_serial ON certs (serial)" << "CREATE INDEX i_certs_issuer ON certs (issuer)" << "CREATE INDEX i_certs_ca ON certs (ca)" << "CREATE INDEX i_authority_item ON authority (item)" << "CREATE INDEX i_crls_item ON crls (item)" << "CREATE INDEX i_crls_hash ON crls (hash)" << "CREATE INDEX i_crls_iss_hash ON crls (iss_hash)" << "CREATE INDEX i_crls_issuer ON crls (issuer)" << "CREATE INDEX i_revocations_caId_serial ON revocations (caId, serial)" << "CREATE INDEX i_templates_item ON templates (item)" << "CREATE INDEX i_items_stamp ON items (stamp)" ; /* Schema Version 2: Views added to quickly load the data */ /* Schema Version 3: Add indexes over hashes and primary, foreign keys */ /* Schema Version 4: Add private key view to extract a private key with: mysql: mysql -sNp -u xca xca_msq -e or sqlite: sqlite3 ~/sqlxdb.xdb or psql: psql -t -h 192.168.140.7 -U xca -d xca_pg -c 'SELECT private FROM view_private WHERE name=\"pk8key\";' |\ base64 -d | openssl pkcs8 -inform DER * First mysql/psql will ask for a password and then OpenSSL will ask for * the database password. */ /* Schema Version 5: Extend settings value size from 1024 to B64_BLOB * SQLite does not support 'ALTER TABLE settings MODIFY ...' */ schemas[5] << "ALTER TABLE settings RENAME TO __settings" << "CREATE TABLE settings (" "key_ CHAR(20) UNIQUE, " // mySql does not like 'key' or 'option' "value " B64_BLOB ")" << "INSERT INTO settings(key_, value) " "SELECT key_, value " "FROM __settings" << "DROP TABLE __settings" << "UPDATE settings SET value='6' WHERE key_='schema'" ; schemas[6] << "ALTER TABLE items ADD del SMALLINT NOT NULL DEFAULT 0" << "CREATE INDEX i_items_del ON items (del)" << "UPDATE settings SET value='7' WHERE key_='schema'" ; schemas[7] // OpenVPN TA (tls-auth) keys associated to the CA to be // the same for all issued certificates << "CREATE TABLE takeys (" "item INTEGER UNIQUE, " // reference to items(id) of the CA "value " B64_BLOB ", " // The base64 encoded 2048 bit key "FOREIGN KEY (item) REFERENCES items (id))" << "UPDATE settings SET value='8' WHERE key_='schema'" ; /* When adding new tables or views, also add them to the list * in XSqlQuery::rewriteQuery(QString) in lib/sql.cpp */ xca-RELEASE.2.9.0/lib/db_base.cpp000066400000000000000000000401341477156507700162320ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #include "db_base.h" #include "func.h" #include "exception.h" #include "XcaWarningCore.h" #include #include #include #include void db_base::restart_timer() { if (!IS_GUI_APP) return; maintenanceTimer.setSingleShot(true); maintenanceTimer.setInterval(1000); maintenanceTimer.start(); } db_base::db_base(const char *classname) :QAbstractItemModel() { rootItem = new pki_base(QString("ROOTitem(%1)").arg(classname)); treeItem = new pki_base(QString("TREEitem(%1)").arg(classname)); class_name = classname; connect(&maintenanceTimer, SIGNAL(timeout()), this, SLOT(timerMaintenance())); restart_timer(); } db_base::~db_base() { saveHeaderState(); qDeleteAll(allHeaders); delete rootItem; delete treeItem; } pki_base *db_base::newPKI(enum pki_type) { return new pki_base(); } void db_base::createSuccess(const pki_base *pki) const { if (!pki) return; if (Settings["suppress_messages"]) return; XCA_INFO(pki->getMsg(pki_base::msg_create).arg(pki->getIntName())); } void db_base::remFromCont(const QModelIndex &idx) { if (!idx.isValid()) return; pki_base *pki = fromIndex(idx); pki_base *parent_pki = pki->getParent(); int row = rownumber(pki); beginRemoveRows(parent(idx), row, row); parent_pki->takeChild(pki); rootItem->takeChild(pki); endRemoveRows(); emit columnsContentChanged(); } QString db_base::sqlItemSelector() { QStringList sl; QString selector; foreach(enum pki_type pt, pkitype) sl << QString("type=%1").arg(pt); return sl.join(" OR "); } void db_base::loadContainer() { XSqlQuery q; QSqlError e; QString stmt; SQL_PREPARE(q, QString("SELECT * FROM view_") + sqlHashTable); q.exec(); e = q.lastError(); XCA_SQLERROR(e); while (q.next()) try { enum pki_type t; QSqlRecord rec = q.record(); t = (enum pki_type)q.value(VIEW_item_type).toInt(); pki_base *pki = newPKI(t); pki->restoreSql(rec); rootItem->insert(pki); treeItem->insert(pki); Store.add(q.value(VIEW_item_id), pki); } catch (errorEx &ex) { XCA_ERROR(ex); } QString view = Settings[class_name + "_hdView"]; if (view.isEmpty()) { for (int i=0; i< allHeaders.count(); i++) { allHeaders[i]->reset(); } } else { allHeaders.fromData(view); } restart_timer(); emit columnsContentChanged(); } void db_base::reloadContainer(const QList &typelist) { bool match = false; QList all_types = pkitype + pkitype_depends; foreach(enum pki_type t, typelist) { if (all_types.contains(t)) { match = true; break; } } if (!match) return; qDebug() << "RELOAD" << class_name << all_types << typelist; beginResetModel(); rootItem->clear(); treeItem->clear(); endResetModel(); loadContainer(); } void db_base::updateHeaders() { QString s = allHeaders.toData(); qDeleteAll(allHeaders); allHeaders = getHeaders(); allHeaders.fromData(s); } dbheaderList db_base::getHeaders() { dbheaderList h; /* "No." handled in XcaProxyModel */ h << new dbheader(HD_internal_name, true, tr("Internal name")) << new num_dbheader(HD_counter, false, tr("No.")) << new num_dbheader(HD_primary_key, false, tr("Primary key"), tr("Database unique number")) << new date_dbheader(HD_creation, false, tr("Date"), tr("Date of creation or insertion")) << new dbheader(HD_source, false, tr("Source"), tr("Generated, Imported, Transformed")) << new dbheader(HD_comment, false, tr("Comment"), tr("First line of the comment field")); return h; } void db_base::saveHeaderState() { if (QSqlDatabase::database().isOpen()) Settings[class_name + "_hdView"] = allHeaders.toData(); } void db_base::setVisualIndex(int i, int visualIndex) { if (colResizing) return; allHeaders[i]->visualIndex = visualIndex; } void db_base::sectionResized(int i, int, int newSize) { if (!allHeaders[i]->show || newSize <= 0 || colResizing) return; allHeaders[i]->size = newSize; } bool db_base::fixedHeaderSize(int sect) { return allHeaders[sect]->size != -1; } void db_base::initHeaderView(QHeaderView *hv) { int max = allHeaders.count(); colResizeStart(); for (int i=0; isetupHeaderView(i, hv); } for (int i=0; ivisualIndex == -1) continue; if (hv->visualIndex(i) != allHeaders[i]->visualIndex) { hv->moveSection(hv->visualIndex(i), allHeaders[i]->visualIndex); } } colResizeEnd(); } void db_base::sortIndicatorChanged(int logicalIndex, Qt::SortOrder order) { int max = allHeaders.count(); if (!isValidCol(logicalIndex)) return; for (int i=0; isortIndicator = -1; } allHeaders[logicalIndex]->sortIndicator = order; } pki_base *db_base::insertPKI(pki_base *pki) { QString filename = pki->getFilename(); if (!filename.isEmpty()) { pki->selfComment(tr("Import from: %1").arg(filename)); pki->setFilename(QString()); } Transaction; if (!TransBegin()) { delete pki; return NULL; } QSqlError e = pki->insertSql(); if (e.isValid()) { XCA_SQLERROR(e); TransRollback(); delete pki; return NULL; } Store.add(pki->getSqlItemId(), pki); inToCont(pki); TransCommit(); restart_timer(); emit columnsContentChanged(); return pki; } QString db_base::pem2QString(QModelIndexList indexes) const { BioByteArray bba; foreach(QModelIndex idx, indexes) { if (idx.column() != 0) continue; pki_base *pki = fromIndex(idx); pki->pem(bba); openssl_error(); } return bba.qstring(); } void db_base::deletePKI(QModelIndex idx) { pki_base *pki = fromIndex(idx); QSqlDatabase db = QSqlDatabase::database(); try { try { pki->deleteFromToken(); } catch (errorEx &err) { XCA_ERROR(err); } Transaction; if (TransBegin()) { QSqlError e = pki->deleteSql(); TransDone(e); if (!e.isValid()) remFromCont(idx); AffectedItems(pki->getSqlItemId()); XCA_SQLERROR(e); Store.remove(pki->getSqlItemId()); delete pki; } } catch (errorEx &err) { XCA_ERROR(err); } } void db_base::insertChild(pki_base *child, pki_base *parent) { QModelIndex idx = QModelIndex(); pki_base *curr_parent = child->getParent(); if (!parent || parent == child) parent = treeItem; if (parent != treeItem && treeview) idx = index(parent); if (curr_parent) { int row = curr_parent->indexOf(child); beginMoveRows(index(curr_parent), row, row, idx, 0); curr_parent->takeChild(child); } else { beginInsertRows(idx, 0, 0); } rootItem->insert(child); parent->insert(child); if (curr_parent) endMoveRows(); else endInsertRows(); qDebug() << "insertChild" << *child << "To parent" << *parent << "From" << (curr_parent ? QString(*curr_parent) : "NEW") << "COUNT root" << rootItem->childCount() << "Count tree" << treeItem->childCount(); } int db_base::rownumber(const pki_base *child) const { pki_base *parent = treeview ? child->getParent() : rootItem; return parent ? parent->indexOf(child) : 0; } /* Does all the linking from existing keys, crls, certs * to the new imported or generated item * called before the new item will be inserted into the database */ void db_base::inToCont(pki_base *pki) { insertChild(pki); } pki_base *db_base::getByName(QString desc) { QList list = Store.sqlSELECTpki( QString("SELECT id FROM items WHERE name=? AND del=0 AND ") + sqlItemSelector(), QList() << QVariant(desc)); return list.isEmpty() ? NULL : list[0]; } pki_base *db_base::getByReference(pki_base *refpki) { if (refpki == NULL) return NULL; QList list = Store.sqlSELECTpki( QString("SELECT item FROM %1 WHERE hash=?").arg(sqlHashTable), QList() << QVariant(refpki->hash())); foreach(pki_base *pki, list) { if (refpki->compare(pki)) return pki; } return NULL; } pki_base *db_base::insert(pki_base *item) { return insertPKI(item); } void db_base::dump(const QString &dir) const { QString dirname = dir + "/" + class_name; QDir d(dirname); if (!d.exists() && !d.mkdir(dirname)) { throw errorEx(tr("Could not create directory %1") .arg(nativeSeparator(dirname))); } try { foreach(pki_base *pki, Store.getAll()) { if (pkitype.contains(pki->getType())) pki->writeDefault(dirname); } } catch (errorEx &err) { XCA_ERROR(err); } } QModelIndex db_base::index(int row, int column, const QModelIndex &parent) const { pki_base *parentItem = treeview ? treeItem : rootItem; if (parent.isValid() && treeview) parentItem = fromIndex(parent); pki_base *childItem = parentItem->child(row); return childItem ? createIndex(row, column, childItem) : QModelIndex(); } QModelIndex db_base::index(pki_base *pki) const { if (!pki || pki == treeItem || rootItem->indexOf(pki) == -1) return QModelIndex(); return createIndex(rownumber(pki), 0, pki); } QModelIndex db_base::parent(const QModelIndex &idx) const { if (!idx.isValid()) return QModelIndex(); pki_base *childItem = fromIndex(idx); pki_base *parentItem = childItem->getParent(); if (parentItem == treeItem || !treeview) parentItem = NULL; return index(parentItem); } int db_base::rowCount(const QModelIndex &parent) const { pki_base *parentItem = treeview ? treeItem : rootItem; if (parent.isValid()) parentItem = treeview ? fromIndex(parent) : NULL; return parentItem ? parentItem->childCount() : 0; } int db_base::columnCount(const QModelIndex &) const { return allHeaders.count(); } QVariant db_base::data(const QModelIndex &index, int role) const { if (!index.isValid()) return QVariant(); dbheader *hd = allHeaders[index.column()]; pki_base *item = fromIndex(index); switch (role) { case Qt::EditRole: case Qt::DisplayRole: if (hd->id==HD_internal_name || item->isVisible()==1) return item->column_data(hd); break; case Qt::DecorationRole: return item->getIcon(hd); case Qt::TextAlignmentRole: return int((hd->isNumeric() ? Qt::AlignRight : Qt::AlignLeft) | Qt::AlignVCenter); case Qt::BackgroundRole: return item->bg_color(hd); case Qt::UserRole: return item->isVisible() != 0 && (!Settings["hide_unusable"] || !item->unusable()); case Qt::ToolTipRole: if (hd->id==HD_internal_name || item->isVisible()==1) return item->column_tooltip(hd); break; } return QVariant(); } static QVariant getHeaderViewInfo(dbheader *h) { return QVariant( #if 0 QString("H[%1] Show:%2%3 Size:%4 VI:%5 Indi:%6"). arg(sect).arg(h->show).arg(h->showDefault).arg(h->size). arg(h->visualIndex).arg(h->sortIndicator) #else h->getTooltip() #endif ); } void db_base::changeView() { beginResetModel(); treeview = !treeview; endResetModel(); } QVariant db_base::headerData(int section, Qt::Orientation orientation, int role) const { if (!isValidCol(section)) return QVariant(); if (orientation == Qt::Horizontal) { switch (role) { case Qt::DisplayRole: return QVariant(allHeaders[section]->getName()); case Qt::ToolTipRole: return getHeaderViewInfo(allHeaders[section]); } } return QVariant(); } Qt::ItemFlags db_base::flags(const QModelIndex &index) const { if (!index.isValid()) return Qt::NoItemFlags; Qt::ItemFlags flags = QAbstractItemModel::flags(index) | Qt::ItemIsDragEnabled; pki_base *item = fromIndex(index); if (item->isVisible() == 2) flags &= ~Qt::ItemIsEnabled; else if (index.column() == 0) flags |= Qt::ItemIsEditable; return flags; } bool db_base::setData(const QModelIndex &index, const QVariant &value, int role) { QString newname; pki_base *item; if (index.isValid() && role == Qt::EditRole) { newname = value.toString(); item = fromIndex(index); if (newname == item->getIntName()) return true; item->setIntName(newname); updateItem(item); return true; } return false; } void db_base::updateItem(pki_base *pki) { XSqlQuery q; QSqlError e; if (!pki->getSqlItemId().isValid()) return; Transaction; TransThrow(); SQL_PREPARE(q, "UPDATE items SET name=?, comment=? WHERE id=?"); q.bindValue(0, pki->getIntName()); q.bindValue(1, pki->getComment()); q.bindValue(2, pki->getSqlItemId()); q.exec(); e = q.lastError(); AffectedItems(pki->getSqlItemId()); XCA_SQLERROR(e); TransDone(e); pki->recheckVisibility(); QModelIndex i, j; i = index(pki); j = index(i.row(), allHeaders.size(), i.parent()); emit dataChanged(i, j); emit pkiChanged(pki); restart_timer(); } void db_base::timerMaintenance() { int youngest = SECS_PER_DAY; bool minuteElapsed = false, hourElapsed = false; if (!rootItem) return; if (minuteMarker.age() > SECS_PER_MINUTE) { minuteElapsed = true; minuteMarker = a1time::now(); } if (hourMarker.age() > SECS_PER_HOUR) { hourElapsed = true; hourMarker = a1time::now(); } qDebug() << "Maintenance start" << class_name << minuteElapsed << hourElapsed << rootItem->getChildItems().count(); foreach(pki_base *pki, rootItem->getChildItems()) { for (int idx=0; idx < allHeaders.count(); idx++) { dbheader *hd = allHeaders[idx]; if (hd->type != dbheader::hd_asn1time) continue; a1time t = pki->column_a1time(hd); if (t.isUndefined()) continue; int age = t.age(); if (age < 0) age *= -1; bool do_emit = false; if (age < youngest) youngest = age; if (!hd->show) continue; if ((age < SECS_PER_MINUTE *2 || age % SECS_PER_MINUTE < 2)) do_emit = true; if (minuteElapsed && (age % SECS_PER_HOUR < SECS_PER_MINUTE *2)) do_emit = true; if (hourElapsed && (age % SECS_PER_DAY < SECS_PER_HOUR *2)) do_emit = true; if (do_emit) { qDebug() << "Date changed for" << pki->getIntName() << ":" << hd->getName() << "Col:" << idx << t.toSortable(); QModelIndex i; i = createIndex(rownumber(pki), idx, pki); #if (QT_VERSION >= QT_VERSION_CHECK(6, 0, 0)) emit dataChanged(i, i, QList{Qt::DisplayRole}); #else emit dataChanged(i, i, QVector{Qt::DisplayRole}); #endif } } } int delay = youngest * 100; if (delay < 1000) delay = 1000; if (delay > SECS_PER_HOUR *1000) delay = SECS_PER_HOUR *1000; maintenanceTimer.setInterval(delay); maintenanceTimer.start(); qDebug() << "Maintenance end" << class_name << delay << youngest; } bool db_base::columnHidden(int col) const { if (!isValidCol(col)) return true; if (Settings["disable_netscape"] && allHeaders[col]->type == dbheader::hd_v3ext_ns) return true; return !allHeaders[col]->show; } void db_base::columnResetDefaults() { dbheader *hd; foreach(hd, allHeaders) { hd->reset(); } emit resetHeader(); } bool db_base::isValidCol(int col) const { return col >= allHeaders.size() || col < 0 ? false : true; } QMimeData *db_base::mimeData(const QModelIndexList &indexes) const { QString data = pem2QString(indexes); if (data.isEmpty()) return NULL; QMimeData *mimeData = new QMimeData(); mimeData->setText(data.toLatin1()); mimeData->setData(X_XCA_DRAG_DATA, QByteArray()); return mimeData; } void db_base::writeVcalendar(XFile &file, QStringList vcal) const { QStringList ics; ics << "BEGIN:VCALENDAR" << "VERSION:2.0" << "PRODID:-//" XCA_TITLE "//" XCA_VERSION "//" << vcal << "END:VCALENDAR"; file.write(ics.join("\r\n").toUtf8()); } void db_base::exportItems(const QModelIndexList &indexes, const pki_export *xport, XFile &file) const { if (xport->match_all(F_JWK) && indexes.size() > 1) { QJsonArray arr; QSet names; foreach(QModelIndex idx, indexes) { QJsonObject jwk; pki_base *pki = fromIndex(idx); if (pki) { pki->fillJWK(jwk, xport); QString name = jwk["kid"].toString(); for (int i = 1; names.contains(name); i++) name = QString("%1 (%2)").arg(jwk["kid"].toString()).arg(i); jwk["kid"] = name; names.insert(name); arr.append(jwk); } } QJsonObject obj { { "keys", arr } }; QJsonDocument doc(obj); file.write(doc.toJson()); } else { foreach(QModelIndex idx, indexes) exportItem(idx, xport, file); } } void db_base::exportItem(const QModelIndex &index, const pki_export *xport, XFile &file) const { pki_base *pki = fromIndex(index); if (xport->match_all(F_JWK)) pki->exportToJWK(file, xport); } int db_base::exportFlags(const QModelIndexList &indexes) const { int disabled_flags = 0; foreach(const QModelIndex &idx, indexes) disabled_flags |= exportFlags(idx); return disabled_flags; } void db_base::setSelected(const QVariant &v) { selected = v; } xca-RELEASE.2.9.0/lib/db_base.h000066400000000000000000000102021477156507700156700ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __DB_BASE_H #define __DB_BASE_H #include #include "base.h" #include "pki_base.h" #include "headerlist.h" #include #include #include #define X_XCA_DRAG_DATA "application/x-xca-drag-data" class QContextMenuEvent; class XcaTreeView; class NewX509; class db_base: public QAbstractItemModel { Q_OBJECT protected: a1time minuteMarker{}, hourMarker{}; QTimer maintenanceTimer{}; QList pkitype{}; QList pkitype_depends{}; QString class_name{}; /* Sql table containing the 'hash' of this items */ QString sqlHashTable{}; dbheaderList allHeaders{}; int colResizing{}; bool treeview{ true }; pki_base *rootItem{}; pki_base *treeItem{}; QVariant selected{}; void _writePKI(pki_base *pki, bool overwrite); virtual dbheaderList getHeaders(); QString sqlItemSelector(); bool isValidCol(int col) const; public: void restart_timer(); void updateItem(pki_base *pki); virtual pki_base *newPKI(enum pki_type type = none); db_base(const char *classname); virtual void updateHeaders(); virtual ~db_base(); virtual pki_base *insertPKI(pki_base *pki); pki_base *getByName(QString desc); pki_base *getByReference(pki_base *refpki); virtual void loadContainer(); void reloadContainer(const QList &typelist); virtual pki_base* insert(pki_base *item); virtual void inToCont(pki_base *pki); virtual void remFromCont(const QModelIndex &idx); void changeView(); int exportFlags(const QModelIndexList &indexes) const; virtual int exportFlags(const QModelIndex &) const { return 0; } virtual void exportItem(const QModelIndex &, const pki_export *, XFile &) const; virtual void exportItems(const QModelIndexList &indexes, const pki_export *xport, XFile &file) const; void dump(const QString &dirname) const; QModelIndex index(int row, int column, const QModelIndex &parent = QModelIndex()) const; QModelIndex index(pki_base *pki) const; QModelIndex parent(const QModelIndex &index) const; int rowCount(const QModelIndex &parent = QModelIndex()) const; int allItemsCount() const { return rootItem->childCount(); } int columnCount(const QModelIndex &parent) const; QVariant data(const QModelIndex &index, int role) const; QVariant headerData(int section, Qt::Orientation orientation, int role) const; Qt::ItemFlags flags(const QModelIndex &index) const; bool setData(const QModelIndex &index, const QVariant &value, int role); void deleteSelectedItems(QModelIndexList indexes); static pki_base *fromIndex(const QModelIndex &index) { if (!index.isValid()) return NULL; return static_cast(index.internalPointer()); } template static T *fromIndex(const QModelIndex &index) { return dynamic_cast(fromIndex(index)); } void insertChild(pki_base *child, pki_base *parent = NULL); int rownumber(const pki_base *child) const; void createSuccess(const pki_base *pki) const; bool columnHidden(int col) const; virtual void saveHeaderState(); void initHeaderView(QHeaderView *hv); void setVisualIndex(int i, int visualIndex); bool fixedHeaderSize(int sect); bool treeViewMode() { return treeview; } void colResizeStart() { colResizing++; } void colResizeEnd() { colResizing--; } dbheaderList getAllHeaders() { return allHeaders; } QString pem2QString(QModelIndexList indexes) const; void deletePKI(QModelIndex idx); QMimeData *mimeData(const QModelIndexList &indexes) const; void emitDataChanged(pki_base *pki); bool containsType(enum pki_type t) const; void writeVcalendar(XFile &file, QStringList vcal) const; public slots: virtual void newItem() { } void columnResetDefaults(); void sectionResized(int i, int, int newSize); void sortIndicatorChanged(int, Qt::SortOrder); void setSelected(const QVariant &v); void timerMaintenance(); signals: void resetHeader() const; void updateHeader() const; void columnsContentChanged() const; void pkiChanged(pki_base *pki) const; }; #endif xca-RELEASE.2.9.0/lib/db_crl.cpp000066400000000000000000000117411477156507700161020ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "db_crl.h" #include "db_x509.h" #include "exception.h" #include "database_model.h" db_crl::db_crl() : db_x509name("crls") { sqlHashTable = "crls"; pkitype << revocation; pkitype_depends << x509; updateHeaders(); loadContainer(); } dbheaderList db_crl::getHeaders() { dbheaderList h = db_x509name::getHeaders(); h << new dbheader(HD_crl_signer, true, tr("Signer"), tr("Internal name of the signer")) << new num_dbheader(HD_crl_revoked, true, tr("No. revoked"), tr("Number of revoked certificates")) << new date_dbheader(HD_crl_lastUpdate,false, tr("Last update")) << new date_dbheader(HD_crl_nextUpdate, true, tr("Next update")) << new num_dbheader(HD_crl_crlnumber, false, tr("CRL number")); return h; } pki_base *db_crl::newPKI(enum pki_type type) { (void)type; return new pki_crl(); } void db_crl::revokeCerts(pki_crl *crl) { db_x509 *certs = Database.model(); x509revList revlist; if (!certs || !crl) return; pki_x509 *signer = crl->getIssuer(); if (!signer) return; revlist = crl->getRevList(); signer->mergeRevList(revlist); foreach(x509rev revok, revlist) { pki_x509 *crt = signer->getBySerial(revok.getSerial()); if (crt) crt->setRevoked(revok); } } void db_crl::removeSigner(pki_base *signer) { foreach(pki_crl *crl, Store.getAll()) { if (crl->getIssuer() == signer) { crl->setIssuer(NULL); } } } void db_crl::inToCont(pki_base *pki) { pki_crl *crl = dynamic_cast(pki); unsigned hash = crl->getSubject().hashNum(); QList items; items = Store.sqlSELECTpki( "SELECT x509super.item FROM x509super " "JOIN certs ON certs.item = x509super.item " "WHERE x509super.subj_hash=? AND certs.ca=1", QList() << QVariant(hash)); foreach(pki_x509 *x, items) { qDebug() << "Possible Crl issuer:" << x->getIntName(); crl->verify(x); } db_base::inToCont(pki); } pki_base *db_crl::insert(pki_base *item) { pki_crl *crl = dynamic_cast(item); pki_crl *oldcrl = dynamic_cast(getByReference(crl)); if (oldcrl) { XCA_INFO(tr("The revocation list already exists in the database as:\n'%1'\nand so it was not imported").arg(oldcrl->getIntName())); delete(crl); return NULL; } Transaction; if (TransBegin()) { crl = dynamic_cast(insertPKI(crl)); if (crl) { revokeCerts(crl); TransCommit(); } } return crl; } void db_crl::exportItems(const QModelIndexList &indexes, const pki_export *xport, XFile &file) const { QStringList vcal; foreach(QModelIndex idx, indexes) { pki_crl *crl = fromIndex(idx); if (!crl) continue; if (xport->match_all(F_CAL)) vcal << crl->icsVEVENT(); else crl->writeCrl(file, xport->match_all(F_PEM)); } if (vcal.size() > 0) writeVcalendar(file, vcal); } pki_crl *db_crl::newCrl(const crljob &task, QString name) { pki_crl *crl = NULL; pki_x509 *cert = task.issuer; QSqlDatabase db = QSqlDatabase::database(); try { x509v3ext e; X509V3_CTX ext_ctx; X509V3_set_ctx(&ext_ctx, cert->getCert(), NULL, NULL, NULL, 0); X509V3_set_ctx_nodb(&ext_ctx); XSqlQuery q; if (name.isEmpty()) name = cert->getIntName(); crl = new pki_crl(); crl->createCrl(name, cert); crl->pkiSource = generated; foreach(x509rev rev, cert->getRevList()) crl->addRev(rev, task.withReason); if (task.authKeyId) { crl->addV3ext(e.create(NID_authority_key_identifier, "keyid,issuer", &ext_ctx)); } if (task.subAltName) { if (cert->hasExtension(NID_subject_alt_name)) { crl->addV3ext(e.create(NID_issuer_alt_name, "issuer:copy", &ext_ctx)); } } if (task.setCrlNumber) { crl->setCrlNumber(task.crlNumber); cert->setCrlNumber(task.crlNumber); } crl->setIssuer(cert); crl->setLastUpdate(task.lastUpdate); crl->setNextUpdate(task.nextUpdate); crl->sign(cert->getRefKey(), task.hashAlgo); Transaction; if (!TransBegin()) throw errorEx(tr("Failed to initiate DB transaction")); cert->setCrlExpire(task.nextUpdate); SQL_PREPARE(q, "UPDATE authority set crlNo=?, crlExpire=? WHERE item=?"); q.bindValue(0, (uint)cert->getCrlNumber().getLong()); q.bindValue(1, task.nextUpdate.toPlain()); q.bindValue(2, cert->getSqlItemId()); AffectedItems(cert->getSqlItemId()); q.exec(); QSqlError err = q.lastError(); if (err.isValid()) throw errorEx(tr("Database error: %1").arg(err.text())); SQL_PREPARE(q, "UPDATE revocations set crlNo=? " "WHERE crlNo IS NULL AND caId=?"); q.bindValue(0, (uint)crl->getCrlNumber().getLong()); q.bindValue(1, cert->getSqlItemId()); q.exec(); err = q.lastError(); if (err.isValid()) throw errorEx(tr("Database error: %1").arg(err.text())); crl = dynamic_cast(insertPKI(crl)); err = db.lastError(); if (err.isValid()) throw errorEx(tr("Database error: %1").arg(err.text())); TransCommit(); createSuccess(crl); } catch (errorEx &err) { XCA_ERROR(err); delete crl; crl = NULL; } return crl; } xca-RELEASE.2.9.0/lib/db_crl.h000066400000000000000000000012551477156507700155460ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2007 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __DB_CRL_H #define __DB_CRL_H #include "db_x509super.h" #include "pki_crl.h" class db_crl: public db_x509name { Q_OBJECT protected: dbheaderList getHeaders(); public: db_crl(); pki_base *newPKI(enum pki_type type); void revokeCerts(pki_crl *crl); void inToCont(pki_base *pki); pki_base *insert(pki_base *item); void removeSigner(pki_base *signer); void updateCertView(); pki_crl *newCrl(const crljob &crljob, QString name = QString()); void exportItems(const QModelIndexList &indexes, const pki_export *xport, XFile &file) const; }; #endif xca-RELEASE.2.9.0/lib/db_key.cpp000066400000000000000000000176451477156507700161230ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #include "db_key.h" #include "pki_evp.h" #include "pki_scard.h" #include "pki_x509super.h" #include "exception.h" #include "pkcs11.h" #include "XcaWarningCore.h" #include "PwDialogCore.h" db_key::db_key() : db_base("keys") { sqlHashTable = "public_keys"; pkitype << asym_key << smartCard; updateHeaders(); loadContainer(); } void db_key::loadContainer() { XSqlQuery q; db_base::loadContainer(); foreach(pki_key *key, Store.getAll()) key->setUcount(0); SQL_PREPARE(q, "SELECT pkey, COUNT(*) FROM x509super WHERE pkey IS NOT NULL GROUP by pkey"); q.exec(); while (q.next()) { pki_key *key = Store.lookupPki(q.value(0)); if (!key) { qDebug() << "Unknown key" << q.value(0).toULongLong(); continue; } key->setUcount(q.value(1).toInt()); } XCA_SQLERROR(q.lastError()); } dbheaderList db_key::getHeaders() { dbheaderList h = db_base::getHeaders(); h << new dbheader(HD_key_type, true, tr("Type")) << new num_dbheader(HD_key_size, true, tr("Size")) << #ifndef OPENSSL_NO_EC new dbheader(HD_key_curve, false,tr("EC Group")) << #endif new num_dbheader(HD_key_use, true, tr("Use")) << new dbheader(HD_key_passwd, true, tr("Password")); return h; } pki_base *db_key::newPKI(enum pki_type type) { if (type == asym_key) return new pki_evp(""); return new pki_scard(""); } QList db_key::getAllKeys() { return Store.sqlSELECTpki("SELECT item from public_keys"); } QList db_key::getUnusedKeys() { return Store.sqlSELECTpki( "SELECT public_keys.item FROM public_keys " "LEFT OUTER JOIN x509super ON x509super.pkey= public_keys.item " "WHERE x509super.item IS NULL"); } void db_key::remFromCont(const QModelIndex &idx) { db_base::remFromCont(idx); XSqlQuery q; QList items = Store.sqlSELECTpki( "SELECT item FROM x509super WHERE pkey is NULL"); foreach(pki_x509super *x509s, items) { x509s->setRefKey(NULL); } /* "UPDATE x509super SET pkey=NULL WHERE pkey=?" done in * pki->deleteSqlData() */ } void db_key::inToCont(pki_base *pki) { db_base::inToCont(pki); pki_key *key = static_cast(pki); unsigned hash = key->hash(); QList items = Store.sqlSELECTpki( "SELECT item FROM x509super WHERE pkey IS NULL AND key_hash=?", QList() << QVariant(hash)); XSqlQuery q; SQL_PREPARE(q, "UPDATE x509super SET pkey=? WHERE item=?"); q.bindValue(0, key->getSqlItemId()); foreach(pki_x509super *x509s, items) { if (!x509s->compareRefKey(key)) continue; /* Found item matching this key */ x509s->setRefKey(key); q.bindValue(1, x509s->getSqlItemId()); AffectedItems(x509s->getSqlItemId()); q.exec(); XCA_SQLERROR(q.lastError()); } } pki_base* db_key::insert(pki_base *item) { pki_key *lkey = dynamic_cast(item); pki_key *oldkey; pki_evp *evp = dynamic_cast(lkey); if (evp) evp->setOwnPass(pki_evp::ptCommon); oldkey = static_cast(getByReference(lkey)); if (oldkey != NULL) { if ((oldkey->isPrivKey() && lkey->isPrivKey()) || lkey->isPubKey()){ XCA_INFO( tr("The key is already in the database as:\n'%1'\nand is not going to be imported").arg(oldkey->getIntName())); delete lkey; return NULL; } else { XCA_INFO( tr("The database already contains the public part of the imported key as\n'%1\nand will be completed by the new, private part of the key").arg(oldkey->getIntName())); lkey->setComment(oldkey->getComment()); lkey->selfComment(tr("Extending public key from %1 by imported key '%2'") .arg(oldkey->getInsertionDate().toPretty()) .arg(lkey->getIntName())); lkey->setIntName(oldkey->getIntName()); deletePKI(index(oldkey)); } } return insertPKI(lkey); } pki_key *db_key::newKey(const keyjob &task, const QString &name) { pki_key *key = NULL; if (!task.isEC() && !task.isED25519()) { if (task.size < 32) { XCA_WARN(tr("Key size too small !")); return NULL; } if (task.size < 1024 || task.size > 8192) if (!XCA_YESNO(tr("You are sure to create a key of the size: %1 ?").arg(task.size))) { return NULL; } } try { if (task.isToken()) { key = new pki_scard(name); } else { key = new pki_evp(name); } key->generate(task); key->pkiSource = generated; if (key->getIntName().isEmpty()) key->autoIntName(name); key = dynamic_cast(insert(key)); emit keyDone(key); createSuccess(key); } catch (errorEx &err) { delete key; key = NULL; XCA_ERROR(err); } return key; } int db_key::exportFlags(const QModelIndex &index) const { int disable_flags = 0; pki_key *key = fromIndex(index); if (!index.isValid() || !key) return 0; int keytype = key->getKeyType(); if (keytype != EVP_PKEY_RSA && keytype != EVP_PKEY_DSA) disable_flags |= F_PVK; #ifdef EVP_PKEY_ED25519 if (keytype == EVP_PKEY_ED25519) disable_flags |= F_TRADITION; #endif if (!key->SSH2_compatible()) disable_flags |= F_SSH2; if (key->isPubKey() || key->isToken()) disable_flags |= F_PRIVATE; if (keytype != EVP_PKEY_RSA && key->getJWKcrv().isEmpty()) disable_flags |= F_JWK; return disable_flags; } void db_key::exportItem(const QModelIndex &index, const pki_export *xport, XFile &file) const { const EVP_CIPHER *algo = NULL; pki_key *key = fromIndex(index); pki_evp *privkey = dynamic_cast(key); int(*pwCallback)(char *, int, int, void *) = NULL; if (xport->match_all(F_CRYPT)) { algo = EVP_aes_256_cbc(); pwCallback = PwDialogCore::pwCallback; } if (privkey && xport->match_all(F_DER | F_PRIVATE)) privkey->writeKey(file, NULL, NULL, false); else if (privkey && xport->match_all(F_PEM | F_PRIVATE)) privkey->writeKey(file, algo, pwCallback, true); else if (xport->match_all(F_DER)) key->writePublic(file, false); else if (xport->match_all(F_PEM)) key->writePublic(file, true); else if (privkey && xport->match_all(F_PKCS8)) privkey->writePKCS8(file, algo, pwCallback, true); else if (privkey && xport->match_all(F_SSH2 | F_PRIVATE)) privkey->writeSSH2private(file); else if (xport->match_all(F_SSH2)) key->writeSSH2public(file); else if (privkey && xport->match_all(F_PVK)) privkey->writePVKprivate(file); else db_base::exportItem(index, xport, file); } void db_key::updateKeyEncryptionScheme() { bool common_success = true; if (!pki_evp::validateDatabasePassword(pki_evp::passwd)) return; if (Settings["legacy-keys-updated"]) return; QList privates, withOwnPassword; privates = Store.sqlSELECTpki("SELECT item from private_keys"); qDebug() << "Updating encryption scheme of" << privates.size() << "keys"; Transaction; if (!TransBegin()) return; for (pki_evp *key : privates) { if (key->isPubKey()) { qWarning() << "BUG: private key" << key << "is not private"; continue; // Should not happen } bool conv_success = key->updateLegacyEncryption(); if (!conv_success && key->getOwnPass() == pki_key::ptPrivate) { withOwnPassword << key; } else { common_success &= conv_success; } } qDebug() << "Success:" << common_success << "Legacy keys:" << withOwnPassword.size(); ign_openssl_error(); TransCommit(); if (withOwnPassword.size() > 0) { QString items; for (pki_evp *key : withOwnPassword) items += "'" + key->getIntName() + "' "; XCA_WARN(tr("Internal key update: The keys: %1 must be updated once by resetting and setting its private password").arg(items)); } if (common_success && withOwnPassword.isEmpty()) Settings["legacy-keys-updated"] = true; } void db_key::setOwnPass(QModelIndex idx, enum pki_key::passType x) { pki_evp *targetKey = fromIndex(idx); enum pki_key::passType old_type; if (!idx.isValid() || !targetKey) return; if (targetKey->isToken()) { throw errorEx(tr("Tried to change password of a token")); } old_type = targetKey->getOwnPass(); targetKey->setOwnPass(x); if (!targetKey->sqlUpdatePrivateKey()) targetKey->setOwnPass(old_type); } xca-RELEASE.2.9.0/lib/db_key.h000066400000000000000000000020401477156507700155470ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __DB_KEY_H #define __DB_KEY_H #include "pki_export.h" #include "db_base.h" #include "pki_key.h" #include "xfile.h" class QModelIndex; class QContextMenuEvent; class db_key: public db_base { Q_OBJECT protected: virtual dbheaderList getHeaders(); public: db_key(); QList getUnusedKeys(); QList getAllKeys(); pki_base *newPKI(enum pki_type type = none); void inToCont(pki_base *pki); void remFromCont(const QModelIndex &idx); pki_base* insert(pki_base *item); void setOwnPass(QModelIndex idx, enum pki_key::passType); void loadContainer(); pki_key *newKey(const keyjob &task, const QString &name); int exportFlags(const QModelIndex &index) const; void exportItem(const QModelIndex &index, const pki_export *xport, XFile &file) const; void updateKeyEncryptionScheme(); signals: void delKey(pki_key *delkey); void newKey(pki_key *newkey); void keyDone(pki_key *nkey); }; #endif xca-RELEASE.2.9.0/lib/db_temp.cpp000066400000000000000000000050161477156507700162650ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "db_temp.h" #include "pki_temp.h" #include "load_obj.h" #include "func.h" #include "XcaWarningCore.h" #include #include db_temp::db_temp() : db_x509name("templates") { /* XCA loads templates from private space ($HOME/.local/) * Host specific (/usr/local) and distribution (/usr) * The first .xca found avoids other .xca to be loaded */ QSet template_files; load_temp l; sqlHashTable = "templates"; pkitype << tmpl; updateHeaders(); loadContainer(); pki_temp *tmpl = new pki_temp(tr("Empty template")); tmpl->setAsPreDefined(); predefs << tmpl; QStringList dirs = QStandardPaths::standardLocations( QStandardPaths::AppDataLocation); #ifdef INSTALL_DATA_PREFIX dirs << QString(INSTALL_DATA_PREFIX); #endif foreach(QString d, dirs) { qDebug() << "Looking for templates at" << d; QFileInfoList list = QDir(d).entryInfoList( QStringList("*.xca"), QDir::Files | QDir::NoSymLinks | QDir::NoDot | QDir::Readable); foreach(QFileInfo fileInfo, list) { if (template_files.contains(fileInfo.fileName())) continue; qDebug() << "Loading template" << fileInfo.fileName() << fileInfo.absoluteFilePath(); try { tmpl = dynamic_cast(l.loadItem( fileInfo.absoluteFilePath())); if (tmpl) { tmpl->setAsPreDefined(); predefs << tmpl; template_files << fileInfo.fileName(); } } catch(errorEx &) { XCA_WARN(tr("Bad template: %1") .arg(nativeSeparator( fileInfo.absoluteFilePath()))); } } } } db_temp::~db_temp() { qDeleteAll(predefs); } pki_base *db_temp::newPKI(enum pki_type type) { (void)type; return new pki_temp(""); } QList db_temp::getPredefs() const { return predefs; } bool db_temp::alterTemp(pki_temp *temp) { XSqlQuery q; QSqlError e; Transaction; if (!TransBegin()) return false; SQL_PREPARE(q, "UPDATE templates SET version=?, template=? WHERE item=?"); q.bindValue(0, TMPL_VERSION); q.bindValue(1, temp->toB64Data()); q.bindValue(2, temp->getSqlItemId()); q.exec(); e = q.lastError(); XCA_SQLERROR(e); if (e.isValid()) { TransRollback(); return false; } updateItem(temp); TransCommit(); return true; } void db_temp::exportItem(const QModelIndex &index, const pki_export *, XFile &file) const { pki_temp *temp = fromIndex(index); if (temp) temp->writeTemp(file); } xca-RELEASE.2.9.0/lib/db_temp.h000066400000000000000000000011211477156507700157230ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2007 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __DB_TEMP_H #define __DB_TEMP_H #include "db_x509super.h" class pki_temp; class db_temp: public db_x509name { Q_OBJECT protected: QList predefs{}; public: db_temp(); ~db_temp(); pki_base *newPKI(enum pki_type type = none); void fillContextMenu(QMenu *menu, const QModelIndex &index); QList getPredefs() const; bool alterTemp(pki_temp *temp); void exportItem(const QModelIndex &index, const pki_export *, XFile &file) const; }; #endif xca-RELEASE.2.9.0/lib/db_token.cpp000066400000000000000000000024601477156507700164400ustar00rootroot00000000000000 #include "db_token.h" #include "exception.h" #include "pki_scard.h" #include "sql.h" #include "XcaWarningCore.h" db_token::db_token() : db_base("manageTokens") { updateHeaders(); } void db_token::saveHeaderState() { } void db_token::rename_token_in_database(pki_scard *token) { if (!token) return; Transaction; if (!TransBegin()) return; QList list = Store.sqlSELECTpki( QString("SELECT item FROM tokens " "WHERE card_serial=? AND card_model=? and object_id=?"), QList() << QVariant(token->getSerial()) << QVariant(token->getModel()) << QVariant(token->getId())); foreach(pki_scard *item, list) { if (token->compare(item)) item->updateLabel(token->getIntName()); } TransCommit(); } bool db_token::setData(const QModelIndex &index, const QVariant &value, int role) { QString on, nn; pki_base *item; if (index.isValid() && role == Qt::EditRole) { nn = value.toString(); item = fromIndex(index); on = item->getIntName(); if (on == nn) return true; try { if (item->renameOnToken(slot, nn)) { item->setIntName(nn); rename_token_in_database( dynamic_cast(item)); emit dataChanged(index, index); return true; } } catch (errorEx &err) { XCA_ERROR(err); } } return false; } xca-RELEASE.2.9.0/lib/db_token.h000066400000000000000000000010201477156507700160740ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __DB_TOKEN_H #define __DB_TOKEN_H #include "pkcs11_lib.h" #include "db_base.h" class pki_scard; class db_token: public db_base { Q_OBJECT private: slotid slot{}; public: db_token(); bool setData(const QModelIndex &index, const QVariant &value, int role); void setSlot(const slotid &s) { slot = s; } void saveHeaderState(); void rename_token_in_database(pki_scard *token); }; #endif xca-RELEASE.2.9.0/lib/db_x509.cpp000066400000000000000000000600051477156507700160240ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "db_x509.h" #include "db_x509req.h" #include "db_crl.h" #include "pki_x509.h" #include "pki_crl.h" #include "pki_temp.h" #include "pki_pkcs12.h" #include "pki_pkcs7.h" #include "pki_evp.h" #include "pki_scard.h" #include "pass_info.h" #include "database_model.h" #include "entropy.h" #include "XcaWarningCore.h" #include "PwDialogCore.h" #pragma message ("drop UI dependencies") #include "ui_NewX509.h" #include "widgets/CertExtend.h" #include "widgets/RevocationList.h" #include "widgets/NewX509.h" #include "widgets/MainWindow.h" #include "ui_RevocationList.h" #include "ui_MainWindow.h" #include "ui_CertExtend.h" #include "ui_Revoke.h" #include "ui_Help.h" #include db_x509::db_x509() : db_x509super("certificates") { sqlHashTable = "certs"; pkitype << x509; pkitype_depends << x509_req; updateHeaders(); loadContainer(); } void db_x509::loadContainer() { db_x509super::loadContainer(); XSqlQuery q("SELECT item, issuer FROM certs WHERE issuer is NOT NULL"); while (q.next()) { pki_base *root = treeItem; pki_x509 *cert = Store.lookupPki(q.value(0)); pki_x509 *issuer = Store.lookupPki(q.value(1)); if (cert && issuer) { cert->setSigner(issuer); if (cert != issuer) root = issuer; } if (cert && cert->getParent() != root) { qDebug() << "MOVE" << cert->getIntName() << "from" << cert->getParent()->getIntName() << "to" << root->getIntName(); treeItem->takeChild(cert); root->insert(cert); } } emit columnsContentChanged(); } dbheaderList db_x509::getHeaders() { dbheaderList h = db_x509super::getHeaders(); h << new dbheader(HD_cert_ca, true, tr("CA"), tr("reflects the basic Constraints extension")) << new num_dbheader(HD_cert_serial, true, tr("Serial")) << new num_dbheader(HD_cert_md5fp, false,tr("MD5 fingerprint")) << new num_dbheader(HD_cert_sha1fp,false,tr("SHA1 fingerprint")) << new num_dbheader(HD_cert_sha256fp,false,tr("SHA256 fingerprint")) << new date_dbheader(HD_cert_notBefore, false,tr("Start date"), tr("Not before")) << new date_dbheader(HD_cert_notAfter, true, tr("Expiry date"), tr("Not after")) << new date_dbheader(HD_cert_revocation,false, tr("Revocation")) << new date_dbheader(HD_cert_crl_expire,true, tr("CRL Expiration")); return h; } pki_base *db_x509::newPKI(enum pki_type type) { (void)type; return new pki_x509(); } QList db_x509::getAllIssuers() { /* Select X509 CA certificates with available private key */ return Store.sqlSELECTpki( "SELECT x509super.item FROM x509super " "JOIN private_keys ON x509super.pkey = private_keys.item " "JOIN certs ON certs.item = x509super.item " "WHERE certs.ca=1") + Store.sqlSELECTpki( "SELECT x509super.item FROM x509super " "JOIN tokens ON x509super.pkey = tokens.item " "JOIN certs ON certs.item = x509super.item " "WHERE certs.ca=1"); } void db_x509::remFromCont(const QModelIndex &idx) { if (!idx.isValid()) return; db_crl *crls = Database.model(); db_x509super::remFromCont(idx); pki_base *pki = fromIndex(idx); pki_x509 *child; pki_base *new_parent; QList childs; Transaction; if (!TransBegin()) return; while (pki->childCount()) { child = dynamic_cast(pki->takeFirst()); child->delSigner(dynamic_cast(pki)); new_parent = child->findIssuer(); insertChild(child, new_parent); if (new_parent) childs << child; } XSqlQuery q; SQL_PREPARE(q, "UPDATE certs SET issuer=? WHERE item=?"); foreach(pki_x509 *child, childs) { q.bindValue(0, child->getSigner()->getSqlItemId()); q.bindValue(1, child->getSqlItemId()); AffectedItems(child->getSqlItemId()); q.exec(); } crls->removeSigner(pki); TransCommit(); } static bool recursiveSigning(pki_x509 *cert, pki_x509 *client) { /* recursive signing check */ for (pki_x509 *s = cert->getSigner(); s; s = s->getSigner()) { if (s == s->getSigner()) { return false; } if (s == client) { qWarning() << "Recursive signing:" << s->getIntName() << "<->" << cert->getIntName(); return true; } } return false; } void db_x509::inToCont(pki_base *pki) { pki_x509 *cert = dynamic_cast(pki); cert->setParent(nullptr); pki_base *root = cert->getSigner(); insertChild(cert, root); QList childs; QList items; unsigned pubhash = cert->pubHash(); unsigned namehash = cert->getSubject().hashNum(); x509revList revList; /* Search for another certificate (name and key) * and use its childs if we are newer */ items = Store.sqlSELECTpki( "SELECT x509super.item FROM x509super " "JOIN certs ON certs.item = x509super.item " "WHERE certs.ca=1 AND x509super.subj_hash=? " "AND x509super.key_hash=?", QList() << namehash << pubhash); foreach(pki_x509 *other, items) { if (other == cert) continue; if (!other->compareNameAndKey(cert)) continue; if (cert->getNotAfter() < other->getNotAfter()) continue; foreach(pki_base *b, other->getChildItems()) { pki_x509 *child = dynamic_cast(b); if (!child) continue; child->delSigner(other); childs << child; } revList.merge(other->getRevList()); } /* Search rootItem childs, whether they are ours */ foreach(pki_base *b, treeItem->getChildItems()) { pki_x509 *child = dynamic_cast(b); if (!child || child == cert || child->getSigner() == child) continue; if (child->verify_only(cert)) childs << child; } /* move collected childs to us */ XSqlQuery q; x509revList revokedChilds; SQL_PREPARE(q, "UPDATE certs SET issuer=? WHERE item=?"); q.bindValue(0, cert->getSqlItemId()); foreach(pki_x509 *child, childs) { if (recursiveSigning(cert, child)) continue; if (!child->verify(cert)) continue; insertChild(child, cert); q.bindValue(1, child->getSqlItemId()); AffectedItems(child->getSqlItemId()); q.exec(); XCA_SQLERROR(q.lastError()); if (child->isRevoked()) revokedChilds << child->getRevocation(); } q.finish(); revList.merge(revokedChilds); cert->setRevocations(revList); /* Update CRLs */ QList crls = Store.sqlSELECTpki( "SELECT item FROM crls WHERE iss_hash=?", QList() << namehash); SQL_PREPARE(q, "UPDATE crls SET issuer=? WHERE item=?"); foreach(pki_crl *crl, crls) { crl->verify(cert); if (cert != crl->getIssuer()) continue; q.bindValue(0, cert->getSqlItemId()); q.bindValue(1, crl->getSqlItemId()); AffectedItems(crl->getSqlItemId()); q.exec(); XCA_SQLERROR(q.lastError()); } } QList db_x509::getCerts(bool unrevoked) { QList c; c.clear(); foreach(pki_x509 *pki, Store.getAll()) { if (unrevoked && pki->isRevoked()) continue; c.append(pki); } return c; } void db_x509::writeIndex(const QString &fname, bool hierarchy) const { if (hierarchy) { QString dir = fname + "/"; if (!QDir().mkpath(fname)) { throw errorEx(tr("Failed to create directory '%1'") .arg(fname)); } QList issuers = Store.sqlSELECTpki( "SELECT DISTINCT issuer FROM certs WHERE issuer != item"); foreach(pki_x509 *ca, issuers) { XFile file(dir + ca->getUnderlinedName() + ".txt"); file.open_write(); writeIndex(file, Store.sqlSELECTpki( "SELECT item FROM certs WHERE issuer=?", QList()<getSqlItemId())) ); } } else { XFile file(fname); file.open_write(); writeIndex(file, Store.sqlSELECTpki( "SELECT item FROM certs")); } } static a1int randomSerial() { unsigned char buf[SHA512_DIGEST_LENGTH]; unsigned char md[SHA512_DIGEST_LENGTH]; Entropy::seed_rng(); RAND_bytes(buf, SHA512_DIGEST_LENGTH); SHA512(buf, SHA512_DIGEST_LENGTH, md); a1int serial; if (md[0] && md[0] < 0x80) serial.setRaw(md, (int)Settings["serial_len"] / 8); return serial; } a1int db_x509::getUniqueSerial(pki_x509 *signer) { // returns an unused unique serial a1int serial, signer_serial; x509rev rev; x509revList revList; if (signer) { signer_serial = signer->getSerial(); revList = signer->getRevList(); } for (int i=0; ; i++) { if (i > 100) throw errorEx(tr("Failed to retrieve unique random serial")); serial = randomSerial(); if (serial == a1int(0L)) continue; if (!signer) break; if (signer_serial == serial) continue; rev.setSerial(serial); if (revList.contains(rev)) continue; if (signer->getBySerial(serial)) continue; break; } return serial; } pki_base *db_x509::insert(pki_base *item) { pki_x509 *cert = dynamic_cast(item); pki_x509 *oldcert = dynamic_cast(getByReference(cert)); if (oldcert) { XCA_INFO(tr("The certificate already exists in the database as:\n'%1'\nand so it was not imported").arg(oldcert->getIntName())); delete cert; return NULL; } return insertPKI(cert); } void db_x509::markRequestSigned(pki_x509req *req, pki_x509 *cert) { if (!req || !cert) return; pki_x509 *issuer = cert->getSigner(); Transaction; if (!TransBegin()) return; XSqlQuery q; req->setDone(); SQL_PREPARE(q, "UPDATE requests SET signed=? WHERE item=?"); q.bindValue(0, 1); q.bindValue(1, req->getSqlItemId()); AffectedItems(req->getSqlItemId()); q.exec(); a1time a; req->selfComment(tr("Signed on %1 by '%2'").arg(a.toPretty()) .arg(issuer ? issuer->getIntName() : tr("Unknown"))); SQL_PREPARE(q, "UPDATE items SET comment=? WHERE id=?"); q.bindValue(0, req->getComment()); q.bindValue(1, req->getSqlItemId()); q.exec(); TransCommit(); } void db_x509::newItem() { NewX509 *dlg = new NewX509(); dlg->setCert(); pki_x509 *sigcert = Store.lookupPki(selected); qDebug() << "SIGCERT" << (sigcert ? sigcert->getIntName() : "NULL"); dlg->defineSigner(sigcert, true); if (dlg->exec()) { newCert(dlg); } delete dlg; } void db_x509::newCert(pki_x509req *req) { NewX509 *dlg = new NewX509(); pki_x509 *sigcert = Store.lookupPki(selected); qDebug() << "SIGCERT" << (sigcert ? sigcert->getIntName() : "NULL"); dlg->setCert(); dlg->defineRequest(req); dlg->defineSigner(sigcert, true); if (dlg->exec()) { newCert(dlg); } delete dlg; } void db_x509::newCert(pki_temp *temp) { NewX509 *dlg = new NewX509(); dlg->setCert(); dlg->defineTemplate(temp); if (dlg->exec()) { newCert(dlg); } delete dlg; } void db_x509::newCert(pki_x509 *cert) { NewX509 *dlg = new NewX509(); dlg->setCert(); dlg->fromX509super(cert, false); if (dlg->exec()) { newCert(dlg); } delete dlg; } pki_x509 *db_x509::newCert(NewX509 *dlg) { pki_x509 *cert = NULL; pki_x509 *signcert = NULL; pki_x509req *req = NULL; pki_key *signkey = NULL, *clientkey = NULL, *tempkey = NULL; a1int serial; QString intname; try { Transaction; // Step 1 - Subject and key if (!dlg->fromReqCB->isChecked()) { clientkey = dlg->getSelectedKey(); if (!clientkey) return NULL; intname = dlg->description->text(); } else { // A PKCS#10 Request was selected req = dlg->getSelectedReq(); if (!req) return NULL; clientkey = req->getRefKey(); if (clientkey == NULL) { clientkey = req->getPubKey(); tempkey = clientkey; } intname = req->getIntName(); } TransThrow(); if (clientkey == NULL) throw errorEx(tr("Invalid public key")); // initially create cert cert = new pki_x509(); cert->setIntName(intname); cert->setSubject(dlg->getX509name()); cert->setPubKey(clientkey); // Step 2 - select Signing if (dlg->foreignSignRB->isChecked()) { signcert = dlg->getSelectedSigner(); if (!signcert) { delete cert; return NULL; } serial = getUniqueSerial(signcert); signkey = signcert->getRefKey(); } else { signcert = cert; signkey = clientkey; serial = getUniqueSerial(NULL); } dlg->initCtx(cert, signcert, NULL); // if we can not sign if (! signkey || signkey->isPubKey()) { delete cert; throw errorEx(tr("The key you selected for signing is not a private one.")); } // set the issuers name cert->setIssuer(signcert->getSubject()); cert->setSerial(serial); // Step 3 - Choose the Date // Date handling cert->setNotBefore(dlg->notBefore->getDate()); a1time a; if (dlg->noWellDefinedExpDate->isChecked()) a.setUndefined(); else a = dlg->notAfter->getDate(); cert->setNotAfter(a); // STEP 4 handle extensions // apply all extensions to the subject cert in the context dlg->getAllExt(); // apply extensions from CSR if requested if (dlg->copyReqExtCB->isChecked() && dlg->fromReqCB->isChecked()) { extList el = req->getV3ext(); int m = el.count(); for (int i=0; iaddV3ext(el[i], true); } // and finally sign the request cert->sign(signkey, dlg->hashAlgo->current()); // set the comment field cert->setComment(dlg->comment->toPlainText()); cert->pkiSource = dlg->getPkiSource(); cert = dynamic_cast(insert(cert)); createSuccess(cert); if (cert && clientkey->isToken()) { pki_scard *card = (pki_scard*)clientkey; if (XCA_YESNO(tr("Store the certificate to the key on the token '%1 (#%2)' ?"). arg(card->getCardLabel()).arg(card->getSerial()))) { try { cert->store_token(false); } catch (errorEx &err) { XCA_ERROR(err); } } } delete tempkey; markRequestSigned(req, cert); TransCommit(); } catch (errorEx &err) { XCA_ERROR(err); delete cert; if (tempkey != NULL) delete(tempkey); cert = NULL; } return cert; } int db_x509::exportFlags(const QModelIndex &idx) const { QStringList filt; int disable_flags = 0; pki_x509 *crt = fromIndex(idx); if (!crt) return 0; pki_key *privkey = crt->getRefKey(); if (!crt->getSigner() || crt->getSigner() == crt) disable_flags |= F_CHAIN; if (!privkey || !privkey->isPrivKey() || privkey->isToken()) disable_flags |= F_PRIVATE; if (!crt->isCA()) disable_flags |= F_CA; pki_key *key = crt->getPubKey(); if (key && key->getKeyType() != EVP_PKEY_RSA && key->getJWKcrv().isEmpty()) disable_flags |= F_JWK; delete key; return disable_flags; } void db_x509::writeTaggedPEM(const BioByteArray &b, const QString &tag, XFile &file) { if (b.size() > 0) { file.write(QString("<%1>\n").arg(tag).toLatin1()); file.write(b.byteArray()); file.write(QString("\n").arg(tag).toLatin1()); } } void db_x509::exportItems(const QModelIndexList &list, const pki_export *xport, XFile &file) const { if (list.empty()) return; pki_x509 *oldcrt = nullptr, *crt = fromIndex(list[0]); QList certs; foreach(QModelIndex idx, list) { pki_x509 *x = fromIndex(idx); if (x) certs << x; } if (xport->match_all(F_PEM)) { if (xport->match_all(F_CHAIN)) { for (; crt && crt != oldcrt; oldcrt = crt, crt = crt->getSigner()) crt->writeCert(file, true); } else if (xport->match_all(F_UNREVOKED)) { foreach(pki_x509 *pki, Store.getAll()) if (!pki->isRevoked()) pki->writeCert(file, true); } else if (xport->match_all(F_UNUSABLE)) { foreach(pki_x509 *pki, Store.getAll()) if (pki->unusable()) pki->writeCert(file, true); } else if (xport->match_all(F_ALL)) { foreach(pki_x509 *pki, Store.getAll()) pki->writeCert(file, true); } else { if (xport->match_all(F_PRIVATE)) { pki_evp *pkey = (pki_evp *)crt->getRefKey(); if (!pkey || pkey->isPubKey()) throw errorEx(tr("There was no key found for the Certificate: '%1'"). arg(crt->getIntName())); if (pkey->isToken()) throw errorEx(tr("Not possible for a token key: '%1'"). arg(crt->getIntName())); if (xport->match_all(F_PKCS8)) { pkey->writePKCS8(file, EVP_aes_256_cbc(), PwDialogCore::pwCallback, true); } else { pkey->writeKey(file, NULL, NULL, true); } } foreach(crt, certs) crt->writeCert(file, true); } } else if (xport->match_all(F_OVPN)) { BioByteArray key, cert, extra, ca; pki_evp *pkey = (pki_evp *)crt->getRefKey(); if (pkey) pkey->pem(key, pki_export::by_id(20)); // PEM unencrypted for (; crt && crt != oldcrt; oldcrt = crt, crt = crt->getSigner()) { if (crt == crt->getSigner()) crt->pem(ca); else if (cert.size() == 0) crt->pem(cert); else crt->pem(extra); } writeTaggedPEM(ca, "ca", file); writeTaggedPEM(extra, "extra-certs", file); writeTaggedPEM(cert, "cert", file); writeTaggedPEM(key, "key", file); writeTaggedPEM(crt->getTaKey().toLatin1(), "tls-auth", file); } else if (xport->match_all(F_PKCS7)) { writePKCS7(crt, file, xport->flags, list); } else if (xport->match_all(F_INDEX)) { writeIndex(file, certs); } else if (xport->match_all(F_CAL)) { QStringList vcal; foreach(crt, certs) { vcal += xport->match_all(F_CA) ? crt->icsVEVENT_ca() : crt->icsVEVENT(); } writeVcalendar(file, vcal); } else if (xport->match_all(F_TAKEY)) { file.write(crt->getTaKey().toLatin1()); } else { qDebug() << "exportItems: db_base"; db_base::exportItems(list, xport, file); } } void db_x509::exportItem(const QModelIndex &index, const pki_export *xport, XFile &file) const { pki_x509 *crt = fromIndex(index); if (xport->match_all(F_DER)) { crt->writeCert(file, false); } else if (xport->match_all(F_PKCS12)) { writePKCS12(crt, file, xport->match_all(F_CHAIN)); } else if (xport->match_all(F_CONFIG)) { crt->opensslConf(file); } else { db_base::exportItem(index, xport, file); } } void db_x509::writeIndex(XFile &file, QList items) const { QString index; foreach(pki_x509 *cert, items) { if (cert) index += cert->getIndexEntry(); } file.write(index.toUtf8()); } void db_x509::writePKCS12(pki_x509 *cert, XFile &file, bool chain) const { QStringList filt; pki_pkcs12 *p12 = NULL; try { pki_evp *privkey = (pki_evp *)cert->getRefKey(); if (!privkey || privkey->isPubKey()) { XCA_WARN(tr("There was no key found for the Certificate: '%1'").arg(cert->getIntName())); return; } if (privkey->isToken()) { XCA_WARN(tr("Not possible for the token-key Certificate '%1'").arg(cert->getIntName())); return; } p12 = new pki_pkcs12(cert->getIntName(), cert, privkey); pki_x509 *signer = cert->getSigner(); while ((signer != NULL ) && (signer != cert) && chain) { p12->append_item(signer); cert = signer; signer = signer->getSigner(); } encAlgo encAlgo((QString) Settings["pkcs12_enc_algo"]); p12->writePKCS12(file, encAlgo); } catch (errorEx &err) { XCA_ERROR(err); } delete p12; } void db_x509::writePKCS7(pki_x509 *cert, XFile &file, int flags, const QModelIndexList &list) const { pki_pkcs7 *p7 = new pki_pkcs7(QString()); try { if (flags & F_CHAIN) { while (cert) { p7->append_item(cert); if (cert->getSigner() == cert) break; cert = cert->getSigner(); } } else if (flags & (F_UNREVOKED | F_ALL)) { foreach(pki_x509 *cer, Store.getAll()) { if ((flags & F_ALL) || !cer->isRevoked()) p7->append_item(cer); } } else if (flags & F_UNUSABLE) { foreach(pki_x509 *cer, Store.getAll()) { if (cer->unusable()) p7->append_item(cer); } } else if (flags) { foreach(QModelIndex idx, list) { cert = fromIndex(idx); if (cert) p7->append_item(cert); } } else { p7->append_item(cert); } p7->writeP7(file, false); } catch (errorEx &err) { XCA_ERROR(err); } delete p7; } void db_x509::certRenewal(QModelIndexList indexes) { pki_x509 *oldcert = NULL, *signer = NULL, *newcert =NULL; pki_key *signkey = NULL; a1time time; a1int serial; CertExtend *dlg = NULL; x509rev r; bool doRevoke = false; bool doReplace = false; if (indexes.size() == 0) return; QModelIndex idx = indexes[0]; try { oldcert = fromIndex(idx); if (!oldcert || !(signer = oldcert->getSigner()) || !(signkey = signer->getRefKey()) || signkey->isPubKey()) return; bool renew_myself = signer == oldcert; dlg = new CertExtend(NULL, renew_myself ? NULL : signer); dlg->revoke->setEnabled(!renew_myself); if (!dlg->exec()) { delete dlg; return; } if (dlg->revoke->isChecked() && !renew_myself) { Revocation *revoke = new Revocation(indexes); doRevoke = revoke->exec(); r = revoke->getRevocation(); delete revoke; } doReplace = dlg->replace->isChecked(); foreach(idx, indexes) { oldcert = fromIndex(idx); if (!oldcert) continue; newcert = new pki_x509(oldcert); newcert->pkiSource = renewed; serial = dlg->keepSerial->isChecked() ? oldcert->getSerial() : getUniqueSerial(signer); newcert->setRevoked(x509rev()); // change date and serial newcert->setSerial(serial); newcert->setNotBefore(dlg->notBefore->getDate()); a1time a; if (dlg->noWellDefinedExpDate->isChecked()) a.setUndefined(); else a = dlg->notAfter->getDate(); newcert->setNotAfter(a); // and finally sign the cert newcert->sign(signkey, oldcert->getDigest()); newcert = dynamic_cast(insert(newcert)); createSuccess(newcert); } if (doRevoke) do_revoke(indexes, r); // delete old certificates if requested if (doReplace) { foreach(idx, indexes) { if (fromIndex(idx)) deletePKI(idx); } } } catch (errorEx &err) { XCA_ERROR(err); delete newcert; } delete dlg; emit columnsContentChanged(); } void db_x509::revoke(QModelIndexList indexes) { if (indexes.size() == 0) return; Revocation *revoke = new Revocation(indexes); if (revoke->exec()) { do_revoke(indexes, revoke->getRevocation()); } delete revoke; emit columnsContentChanged(); } void db_x509::do_revoke(QModelIndexList indexes, const x509rev &r) { pki_x509 *parent = NULL, *cert, *iss; x509revList revlist; foreach(QModelIndex idx, indexes) { cert = fromIndex(idx); if (!cert) continue; iss = cert->getSigner(); if (parent == NULL) { parent = iss; } else if (parent != iss) { parent = NULL; break; } } if (!parent) { qWarning("%s(%d): Certs have different/no signer", __func__, __LINE__); } foreach(QModelIndex idx, indexes) { cert = fromIndex(idx); if (!cert) continue; x509rev rev(r); rev.setSerial(cert->getSerial()); cert->setRevoked(rev); revlist << rev; } parent->mergeRevList(revlist); } void db_x509::unRevoke(QModelIndexList indexes) { pki_x509 *parent = NULL; x509revList revList; foreach(QModelIndex idx, indexes) { pki_x509 *cert = fromIndex(idx); if (!cert) continue; pki_x509 *iss = cert->getSigner(); if (parent == NULL) { parent = iss; } else if (parent != iss) { parent = NULL; break; } } if (!parent) { qWarning("%s(%d): Certs have different/no issuer\n", __func__, __LINE__); return; } revList = parent->getRevList(); foreach(QModelIndex idx, indexes) { int i; x509rev rev; pki_x509 *cert = fromIndex(idx); if (!cert) continue; cert->setRevoked(x509rev()); rev.setSerial(cert->getSerial()); i = revList.indexOf(rev); if (i != -1) revList.takeAt(i); } parent->setRevocations(revList); emit columnsContentChanged(); } void db_x509::toCertificate(QModelIndex index) { pki_x509 *cert = fromIndex(index); if (!cert) return; if (!cert->getRefKey() && cert->getSigner() != cert) extractPubkey(index); cert->pkiSource = transformed; newCert(cert); } void db_x509::toRequest(QModelIndex idx) { db_x509req *reqs = Database.model(); pki_x509 *cert = fromIndex(idx); if (!cert) return; try { pki_x509req *req = new pki_x509req(); Q_CHECK_PTR(req); req->pkiSource = transformed; req->setIntName(cert->getIntName()); req->createReq(cert->getRefKey(), cert->getSubject(), cert->getDigest(), cert->getV3ext()); createSuccess(reqs->insert(req)); } catch (errorEx &err) { XCA_ERROR(err); } } void db_x509::toToken(QModelIndex idx, bool alwaysSelect) { pki_x509 *cert = fromIndex(idx); if (!cert) return; try { cert->store_token(alwaysSelect); } catch (errorEx &err) { XCA_ERROR(err); } } void db_x509::updateCaProperties(pki_x509 *cert) { XSqlQuery q; Transaction; TransThrow(); SQL_PREPARE(q, "UPDATE authority SET crlDays=?, " "template=? WHERE item=?"); q.bindValue(0, cert->getCrlDays()); q.bindValue(1, cert->getTemplateSqlId()); q.bindValue(2, cert->getSqlItemId()); AffectedItems(cert->getSqlItemId()); q.exec(); TransDone(q.lastError()); XCA_SQLERROR(q.lastError()); } xca-RELEASE.2.9.0/lib/db_x509.h000066400000000000000000000041461477156507700154750ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __DB_X509_H #define __DB_X509_H #include "pki_export.h" #include "db_x509super.h" #include "asn1int.h" #include "x509rev.h" class pki_x509req; class pki_x509; class pki_temp; class pki_crl; class db_x509: public db_x509super { Q_OBJECT static void writeTaggedPEM(const BioByteArray &b, const QString &tag, XFile &file); protected: dbheaderList getHeaders(); void dereferenceIssuer(); public: db_x509(); pki_base *newPKI(enum pki_type type = none); pki_x509 *findIssuer(pki_x509 *client); virtual void loadContainer(); bool updateView(); void updateViewAll(); void updateViewPKI(pki_base *pki); void remFromCont(const QModelIndex &idx); QList getAllIssuers(); QList getCerts(bool unrevoked); void writeIndex(const QString &fname, bool hierarchy) const; void writeIndex(XFile &file, QList items) const; pki_base *insert(pki_base *item); void markRequestSigned(pki_x509req *req, pki_x509 *cert); pki_x509 *newCert(NewX509 *dlg); void newCert(pki_x509 *cert); void writePKCS12(pki_x509 *cert, XFile &file, bool chain) const; void writePKCS7(pki_x509 *cert, XFile &file, int flags, const QModelIndexList &list) const; void fillContextMenu(QMenu *menu, const QModelIndex &index); void inToCont(pki_base *pki); a1int getUniqueSerial(pki_x509 *signer); void toToken(QModelIndex idx, bool alwaysSelect); void toRequest(QModelIndex idx); void updateCaProperties(pki_x509 *cert); void toCertificate(QModelIndex index); void certRenewal(QModelIndexList indexes); void revoke(QModelIndexList indexes); void do_revoke(QModelIndexList indexes, const x509rev &r); void unRevoke(QModelIndexList indexes); int exportFlags(const QModelIndex &idx) const; void exportItems(const QModelIndexList &indexes, const pki_export *xport, XFile &file) const; void exportItem(const QModelIndex &, const pki_export *, XFile &) const; public slots: void newItem(); void newCert(pki_temp *); void newCert(pki_x509req *); }; #endif xca-RELEASE.2.9.0/lib/db_x509req.cpp000066400000000000000000000057411477156507700165420ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "db_x509req.h" #include "pki_x509req.h" #include "pki_temp.h" #include "XcaWarningCore.h" #pragma message ("drop UI dependencies") #include "widgets/NewX509.h" db_x509req::db_x509req() : db_x509super("requests") { sqlHashTable = "requests"; pkitype << x509_req; pkitype_depends << x509; updateHeaders(); loadContainer(); } dbheaderList db_x509req::getHeaders() { dbheaderList h = db_x509super::getHeaders(); h << new dbheader(HD_req_signed, true, tr("Signed"), tr("whether the request is already signed or not")) << new dbheader(HD_req_unstr_name, false, tr("Unstructured name"), QString(OBJ_nid2ln(NID_pkcs9_unstructuredName))) << new dbheader(HD_req_chall_pass, false, tr("Challenge password"), QString(OBJ_nid2ln(NID_pkcs9_challengePassword))) << new num_dbheader(HD_req_certs, false, tr("Certificate count"), tr("Number of certificates in the database with the same public key")); return h; } pki_base *db_x509req::newPKI(enum pki_type type) { (void)type; return new pki_x509req(); } pki_base *db_x509req::insert(pki_base *item) { pki_x509req *oldreq, *req; req = (pki_x509req *)item; oldreq = (pki_x509req *)getByReference(req); if (oldreq) { XCA_INFO(tr("The certificate signing request already exists in the database as\n'%1'\nand thus was not stored").arg(oldreq->getIntName())); delete req; return NULL; } return insertPKI(req); } void db_x509req::newItem() { newItem(NULL, NULL); } void db_x509req::newItem(pki_temp *temp, pki_x509req *orig) { pki_x509req *req = NULL; NewX509 *dlg = new NewX509(); if (temp) { dlg->defineTemplate(temp); } else if (orig) { dlg->fromX509super(orig, true); } dlg->setRequest(); if (!dlg->exec()){ delete dlg; return; } try { pki_key *key = dlg->getSelectedKey(); x509name xn = dlg->getX509name(); req = new pki_x509req(); req->pkiSource = dlg->getPkiSource(); req->setIntName(dlg->description->text()); dlg->getReqAttributes(req); req->createReq(key, xn, dlg->hashAlgo->current(), dlg->getAllExt()); // set the comment field req->setComment(dlg->comment->toPlainText()); createSuccess(insert(req)); } catch (errorEx &err) { XCA_ERROR(err); delete req; } } void db_x509req::exportItem(const QModelIndex &index, const pki_export *xport, XFile &file) const { pki_x509req *req = fromIndex(index); if (!req) return; if (xport->match_all(F_CONFIG)) { req->opensslConf(file); } else { req->writeReq(file, xport->match_all(F_PEM)); } } void db_x509req::setSigned(QModelIndex index, bool signe) { pki_x509req *req = fromIndex(index); if (!req) return; req->markSigned(signe); emit columnsContentChanged(); } void db_x509req::resetX509count() { foreach(pki_x509req *r, getAllRequests()) r->resetX509count(); } QList db_x509req::getAllRequests() { return Store.sqlSELECTpki("SELECT item FROM requests"); } xca-RELEASE.2.9.0/lib/db_x509req.h000066400000000000000000000014301477156507700161760ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2007 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __DB_X509REQ_H #define __DB_X509REQ_H #include "db_x509super.h" class pki_temp; class pki_x509req; class db_x509req: public db_x509super { Q_OBJECT protected: dbheaderList getHeaders(); public: db_x509req(); pki_base* insert(pki_base *item); pki_base *newPKI(enum pki_type type = none); void fillContextMenu(QMenu *menu, const QModelIndex &index); QList getAllRequests(); void resetX509count(); void setSigned(QModelIndex index, bool signe); void exportItem(const QModelIndex &index, const pki_export *xport, XFile &file) const; public slots: void newItem(pki_temp *temp, pki_x509req *orig = NULL); void newItem(); }; #endif xca-RELEASE.2.9.0/lib/db_x509super.cpp000066400000000000000000000103621477156507700171040ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "pki_base.h" #include "pki_temp.h" #include "db_x509super.h" #include "db_temp.h" #include "database_model.h" #include "oid.h" #include "XcaWarningCore.h" #include db_x509name::db_x509name(const char *classname) :db_base(classname) { } dbheaderList db_x509name::getHeaders() { dbheaderList h = db_base::getHeaders(); h << new dbheader(HD_subject_name, false, tr("Subject"), tr("Complete distinguished name")) << new num_dbheader(HD_subject_hash, false, tr("Subject hash"), tr("Hash to lookup certs in directories")); foreach(int nid, distname_nid) h << new nid_dbheader(nid, dbheader::hd_x509name); return h; } db_x509super::db_x509super(const char *classname) :db_x509name(classname) { pkitype_depends << asym_key << smartCard; } void db_x509super::loadContainer() { db_x509name::loadContainer(); /* Resolve Key references */ foreach(pki_x509super *pki, Store.getAll()) { QVariant keySqlId = pki->getKeySqlId(); if (!keySqlId.isValid()) continue; pki->setRefKey(Store.lookupPki(keySqlId)); } } dbheaderList db_x509super::getHeaders() { dbheaderList h = db_x509name::getHeaders(); NIDlist v3nid, v3ns_nid; v3nid << NID_subject_alt_name << NID_issuer_alt_name << NID_subject_key_identifier << NID_authority_key_identifier << NID_key_usage << NID_ext_key_usage << NID_crl_distribution_points << NID_info_access; v3ns_nid << NID_netscape_cert_type << NID_netscape_base_url << NID_netscape_revocation_url << NID_netscape_ca_revocation_url << NID_netscape_renewal_url << NID_netscape_ca_policy_url << NID_netscape_ssl_server_name << NID_netscape_comment; h << new dbheader(HD_x509key_name, false, tr("Key name"), tr("Internal name of the key")) << new dbheader(HD_x509_sigalg, false, tr("Signature algorithm")) << new key_dbheader(HD_key_type, tr("Key type")) << new key_dbheader(HD_key_size, tr("Key size")) #ifndef OPENSSL_NO_EC << new key_dbheader(HD_key_curve, tr("EC Group")) #endif ; foreach(int nid, v3nid) h << new nid_dbheader(nid, dbheader::hd_v3ext); foreach(int nid, v3ns_nid) h << new nid_dbheader(nid, dbheader::hd_v3ext_ns); return h; } pki_key *db_x509super::findKey(pki_x509super *ref) { db_key *keys = Database.model(); pki_key *key, *refkey; if (!ref) return NULL; if ((key = ref->getRefKey()) != NULL ) return key; refkey = ref->getPubKey(); if (!refkey) return NULL; key = dynamic_cast(keys->getByReference(refkey)); ref->setRefKey(key); delete refkey; return key; } QList db_x509super::findByPubKey(pki_key *refkey) { QList list; foreach(pki_x509super *pki, Store.getAll()) { pki_key *key = pki->getPubKey(); if (!key) continue; if (refkey->compare(key)) list << pki; delete key; } return list; } void db_x509super::extractPubkey(QModelIndex index) { db_key *keys = Database.model(); pki_key *key; pki_x509super *pki = fromIndex(index); if (!pki) return; key = pki->getPubKey(); if (!key) return; key->setIntName(pki->getIntName()); key->pkiSource = transformed; key->selfComment(tr("Extracted from %1 '%2'") .arg(pki->getType() == x509 ? tr("Certificate") : tr("Certificate request")) .arg(pki->getIntName())); key = dynamic_cast(keys->insert(key)); if (!key) return; if (Settings["suppress_messages"]) return; XCA_INFO(key->getMsg(pki_base::msg_import).arg(pki->getIntName())); } void db_x509super::toTemplate(QModelIndex index) { db_temp *temps = Database.model(); pki_x509super *pki = fromIndex(index); if (!pki || !temps) return; try { pki_temp *temp = new pki_temp(); Q_CHECK_PTR(temp); temp->setIntName(pki->getIntName()); extList el = temp->fromCert(pki); if (el.size()) { xcaWarning::warningv3(tr("The following extensions were not ported into the template"), el); } temp->pkiSource = transformed; temp->selfComment(tr("Transformed from %1 '%2'") .arg(pki->getType() == x509 ? tr("Certificate") : tr("Certificate request")) .arg(pki->getIntName())); createSuccess(temps->insert(temp)); } catch (errorEx &err) { XCA_ERROR(err); } } xca-RELEASE.2.9.0/lib/db_x509super.h000066400000000000000000000013131477156507700165450ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2011 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __DB_X509SUPER_H #define __DB_X509SUPER_H #include "db_key.h" #include "pki_x509super.h" #include class db_x509name: public db_base { Q_OBJECT protected: dbheaderList getHeaders(); public: db_x509name(const char *classname); }; class db_x509super: public db_x509name { Q_OBJECT protected: dbheaderList getHeaders(); void loadContainer(); public: db_x509super(const char *classname); pki_key *findKey(pki_x509super *ref); QList findByPubKey(pki_key *refkey); void extractPubkey(QModelIndex index); void toTemplate(QModelIndex index); }; #endif xca-RELEASE.2.9.0/lib/dbhistory.cpp000066400000000000000000000030721477156507700166620ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2020 Christian Hohnstaedt. * * All rights reserved. */ #include #include #include "xfile.h" #include "func.h" #include "dbhistory.h" #include "database_model.h" static QString dbhistory_file() { return getUserSettingsDir() + "/dbhistory"; } QString dbhistory::lastRemote; dbhistory::dbhistory() { QString name; XFile file(dbhistory_file()); try { file.open_read(); } catch (...) { return; } while (!file.atEnd()) { QByteArray ba; ba = file.readLine(1024); if (ba.size() == 0) break; name = QString::fromUtf8(ba).trimmed(); if (name.size() == 0) continue; if (history.indexOf(name) == -1) history << name; } file.close(); foreach(name, history) { if (database_model::isRemoteDB(name)) { setLastRemote(name); break; } } } void dbhistory::addEntry(const QString &name) { int pos; QString fname = name; if (!database_model::isRemoteDB(fname)) fname = relativePath(fname); pos = history.indexOf(fname); if (pos == 0) return; /* no changes */ if (pos > 0) history.removeAt(pos); history.prepend(fname); while (history.size() > 10) history.removeLast(); XFile file(dbhistory_file()); if (!file.open_write()) return; QString all = history.join("\n"); if (file.write(all.toUtf8()) <= 0) qDebug() << "Error writing history" << file.fileName() << file.errorString(); file.close(); } void dbhistory::setLastRemote(const QString &db) { if (database_model::isRemoteDB(db)) lastRemote = db; } QString dbhistory::getLastRemote() { return lastRemote; } xca-RELEASE.2.9.0/lib/dbhistory.h000066400000000000000000000007361477156507700163330ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __DBHISTORY_H #define __DBHISTORY_H #include #include class dbhistory { private: QStringList history{}; static QString lastRemote; public: dbhistory(); void addEntry(const QString &name); QStringList get() const { return history; } static void setLastRemote(const QString &db); static QString getLastRemote(); }; #endif xca-RELEASE.2.9.0/lib/debug_info.cpp000066400000000000000000000100111477156507700167430ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2023 Christian Hohnstaedt. * * All rights reserved. */ #include #include #include #include #include #include #include "debug_info.h" #include "base.h" #include "func.h" QList debug_info::patternlist; bool debug_info::all = false; dbg_pattern::dbg_pattern(QString part) : first(0), last(INT_MAX), inv(false) { bool ok; if (part[0] == '-') { inv = true; part.remove(0, 1); } file = func = part; QStringList file_num = part.split(":"); if (file_num.size() == 2) { file = file_num[0]; file_num = file_num[1].split("-"); if (file_num.size() == 1) { first = last = file_num[0].toUInt(); } else { if (!file_num[0].isEmpty()) { first = file_num[0].toUInt(&ok); Q_ASSERT(ok); } if (!file_num[1].isEmpty()) { last = file_num[1].toUInt(&ok); Q_ASSERT(ok); } } } file = QDir::cleanPath(file); qDebug() << "New debug match" << (inv ? "Not" : "") << file << func << first << last; } bool dbg_pattern::match(const QString &curr_file, const QString &curr_func, unsigned line) const { // QTextStream out(stdout); // out << QString("MATCH %1:%2(%3)\n").arg(curr_file).arg(curr_func).arg(line); if (curr_func == func) return true; if (curr_func.endsWith(QString("::%1").arg(func))) return true; if (curr_file != file && !file.endsWith(QString("/%1").arg(curr_file))) return false; if (line >= first && line <= last) return true; return false; } void debug_info::set_debug(const QString &dbg) { bool local_all = false; all = true; if (isEmpty()) { foreach(QString part, dbg.split(",")) { if (part.toLower() == "all") { local_all = true; continue; } dbg_pattern d(part); patternlist.insert(d.invert() ? 0 : patternlist.size(), d); } } all = local_all; } debug_info::debug_info(const QMessageLogContext &ctx) : line(0) { line = ctx.line; if (ctx.file && ctx.line) { QFileInfo f(ctx.file); short_file = f.fileName(); short_func = ctx.function; int pos = short_func.indexOf("("); short_func.remove(pos, short_func.size()); pos = short_func.lastIndexOf(" "); short_func.remove(0, pos +1); } //std::cerr << "DBG '" << (ctx.function ?: "(NULL)" )<< "' '" << CCHAR(short_func) << "' " << short_file << std::endl; } QString debug_info::log_prefix() const { if (short_file == nullptr && line == 0) return QString(); return QString(" " COL_MAGENTA "%1" COL_GREEN COL_BOLD ":%2 " COL_BLUE "%3") .arg(short_file).arg(line).arg(short_func); } bool debug_info::do_debug() const { foreach(dbg_pattern pattern, patternlist) { if (pattern.match(short_file, short_func, line)) return !pattern.invert(); } return all; } static void myMessageOutput(QtMsgType type, const QMessageLogContext &ctx, const QString &msg) { static QElapsedTimer *t; static int abort_on_warning = -1; const char *severity = "Unknown", *warn_msg = NULL; int el; if (!t) { t = new QElapsedTimer(); t->start(); } if (abort_on_warning == -1) { char *a = getenv("XCA_ABORT_ON_WARNING"); abort_on_warning = a && *a; } debug_info dinfo(ctx); el = t->elapsed(); switch (type) { case QtDebugMsg: if (!dinfo.do_debug()) return; severity = COL_CYAN "Debug"; break; case QtWarningMsg: warn_msg = "WARNING"; severity = COL_LRED "Warning"; break; case QtCriticalMsg: warn_msg = "CRITICAL"; severity = COL_RED "Critical"; break; case QtFatalMsg: warn_msg = "FATAL"; severity = COL_RED "Fatal"; break; case QtInfoMsg: severity = COL_CYAN "Info"; break; default: severity = COL_CYAN "Default"; break; } console_write(stderr, QString(COL_YELL "%1%2 %3:%5" COL_RESET " %4\n") .arg(el/1000, 4) .arg((el%1000)/100, 2, 10, QChar('0')) .arg(severity).arg(msg) .arg(dinfo.log_prefix()).toUtf8()); if (abort_on_warning == 1 && warn_msg) { qFatal("Abort on %s", warn_msg); } } void debug_info::init() { qInstallMessageHandler(myMessageOutput); const char *d = getenv("XCA_DEBUG"); if (d && *d) debug_info::set_debug(QString(d)); } xca-RELEASE.2.9.0/lib/debug_info.h000066400000000000000000000015011477156507700164140ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2023 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __DEBUG_INFO_H #define __DEBUG_INFO_H #include #include class dbg_pattern { QString file, func; unsigned first, last; bool inv; public: bool invert() const { return inv; } dbg_pattern(QString); bool match(const QString &curr_file, const QString &curr_func, unsigned line) const; }; class debug_info { private: QString short_file; QString short_func; unsigned line; static QList patternlist; public: static bool all; static void set_debug(const QString &dbg); static void init(); debug_info(const QMessageLogContext &c); QString log_prefix() const; bool do_debug() const; static bool isEmpty() { return patternlist.size() == 0; } }; #endif xca-RELEASE.2.9.0/lib/dhgen.cpp000066400000000000000000000011521477156507700157350ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 Christian Hohnstaedt. * * All rights reserved. */ #include "func.h" #include "dhgen.h" #include "entropy.h" #include "xfile.h" #include "BioByteArray.h" #include #include #include void DHgen::run() { DH *dh = NULL; BioByteArray b; try { dh = DH_new(); Q_CHECK_PTR(dh); DH_generate_parameters_ex(dh, bits, 2, NULL); openssl_error(); PEM_write_bio_DHparams(b, dh); openssl_error(); } catch (errorEx &e) { err = e; } XFile file(fname); file.open_write(); file.write(b); if (dh) DH_free(dh); } xca-RELEASE.2.9.0/lib/dhgen.h000066400000000000000000000007421477156507700154060ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2012 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __DHGEN_H #define __DHGEN_H #include "exception.h" #include #include class DHgen: public QThread { QString fname{}; int bits{}; errorEx err{}; public: DHgen(const QString &n, int b) : QThread(), fname(n), bits(b) {} QString filename() const { return fname; } errorEx error() const { return err; } protected: void run(); }; #endif xca-RELEASE.2.9.0/lib/digest.cpp000066400000000000000000000027341477156507700161360ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2021 Christian Hohnstaedt. * * All rights reserved. */ #include "func_base.h" #include "digest.h" #include "lib/base.h" #include #include const QList digest::all_digests( { NID_md5, NID_ripemd160, NID_sha1, NID_sha224, NID_sha256, NID_sha384, NID_sha512, #ifndef LIBRESSL_VERSION_NUMBER NID_sha3_224, NID_sha3_256, NID_sha3_384, NID_sha3_512, #endif }); int digest::default_md(NID_sha256); digest::digest(int nid) : md_nid(nid) { } digest::digest(const EVP_MD *md) : md_nid(default_md) { if (!md) return; if (!OBJ_find_sigid_algs(EVP_MD_type(md), &md_nid, NULL)) md_nid = EVP_MD_type(md); } digest::digest(const QString &name) : md_nid(default_md) { QString s(name); // Workaround for Ed25519 if (s.isEmpty()) { md_nid = NID_undef; return; } md_nid = OBJ_txt2nid(CCHAR(s.remove(QChar(' ')))); ign_openssl_error(); } void digest::adjust(QList nids) { if (!nids.contains(md_nid)) md_nid = nids.last(); } bool digest::isInsecure() const { switch (md_nid) { case NID_md5: case NID_ripemd160: case NID_sha1: return true; } return false; } const EVP_MD *digest::MD() const { return md_nid == NID_undef ? NULL : EVP_get_digestbynid(md_nid); } QString digest::name() const { return QString(md_nid == NID_undef ? "" : OBJ_nid2sn(md_nid)); } const digest digest::getDefault() { return digest(default_md); } void digest::setDefault(const QString &def) { default_md = digest(def).md_nid; } xca-RELEASE.2.9.0/lib/digest.h000066400000000000000000000012551477156507700156000ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2021 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __DIGEST_H #define __DIGEST_H #include #include class digest { private: static int default_md; int md_nid{ NID_sha256 }; public: static const QList all_digests; digest() { }; digest(int nid); digest(const EVP_MD *md); digest(const QString &name); digest(const digest &d) = default; digest& operator=(const digest &d) = default; void adjust(QList nids); bool isInsecure() const; const EVP_MD *MD() const; QString name() const; static void setDefault(const QString &def); static const digest getDefault(); }; #endif xca-RELEASE.2.9.0/lib/entropy.cpp000066400000000000000000000103141477156507700163500ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2015 Christian Hohnstaedt. * * All rights reserved. */ #include #include #if !defined(Q_OS_WIN32) #include #include #endif #include #include #include #include "func.h" #include "xfile.h" #include "entropy.h" /* Entropy sources for XCA * * Entropy is a very important topic for key generation. * * XCA uses the following sources for entropy: * * 1) During startup * RAND_poll() * The OpenSSL seeding mechanism. * It uses /dev/urandom where possible and the * Screen content on Windows. * * If "/dev/random" exists, it will be used for additional * 256bit entropy. Same is true for "/dev/hwrng" * * 2) Before any key or parameter generation a "reseeding" * is done. Some say reseeding is not necessary, but * all say it does not harm. * * Entropy by Mouse and keyboard events * main.cpp: bool XcaApplication::eventFilter() * 256bit from /dev/urandom (unix/Mac) * * 3) A .rnd state file in the XCA application directory * is written on exit and read on startup. * After reading it, the file will be erased to avoid replays. * * 4) When managing a token that supports C_GenerateRandom * and C_SeedRandom, XCA will seed the token and in return * seed himself from the token. */ #undef DEBUG_ENTROPY #define pool_siz (sizeof(pool)/sizeof(pool[0])) unsigned char Entropy::pool[512]; unsigned Entropy::pool_pos = 0; QElapsedTimer Entropy::timer; unsigned Entropy::seed_strength = 0; QString Entropy::makeSalt(void) { QString s = "T"; unsigned char rand[8]; Entropy::get(rand, sizeof rand); for (unsigned i=0; i< sizeof rand; i++) s += QString("%1").arg(rand[i], 2, 16, QChar('0')); return s; } void Entropy::add(int rand) { unsigned char entropy = (rand ^ timer.elapsed()) & 0xff; pool[pool_pos++ % pool_siz] = entropy; } void Entropy::add_buf(const unsigned char *buf, int buflen) { RAND_seed(buf, buflen); seed_strength += buflen; } int Entropy::get(unsigned char *buf, int num) { seed_rng(); return RAND_bytes(buf, num); } void Entropy::seed_rng() { if (pool_pos > pool_siz) pool_pos = pool_siz; RAND_seed(pool, pool_pos); seed_strength += pool_pos; random_from_file("/dev/urandom", 32); #ifdef DEBUG_ENTROPY { QDebug dbg = qDebug(); dbg << QString("Seeding %1 bytes:").arg(pool_pos); for (unsigned i=0; i 0;) { int len = read(fd, buf, amount > sizeof buf ? sizeof buf : amount); if (len > 0) { RAND_seed(buf, len); seed_strength += len / weakness; amount -= len; sum += len; } if (len == -1) { if (errno != EWOULDBLOCK) qWarning("Error '%s' while reading '%s'\n", strerror(errno), CCHAR(fname)); len = 0; } if (len == 0) break; } #ifdef DEBUG_ENTROPY qDebug("Entropy from file '%s' = %d bytes", CCHAR(fname), sum); #endif return sum; #else (void)fname; (void)amount; (void)weakness; return 0; #endif } unsigned Entropy::strength() { return seed_strength; } Entropy::Entropy() { timer.start(); rnd = getUserSettingsDir() + "/.rnd"; random_from_file(rnd, 1024, 128); QFile::remove(rnd); // don't use it again RAND_poll(); seed_strength += 8; random_from_file("/dev/random", 32); random_from_file("/dev/hwrng", 32); } Entropy::~Entropy() { unsigned char buf[1024]; if (RAND_bytes(buf, sizeof buf) == 1) { XFile file(rnd); try { file.open_key(); file.write((char*)buf, sizeof buf); } catch (errorEx &e) { qDebug() << "random_from_file" << rnd << e.getString(); } file.close(); } memset(buf, 0, sizeof buf); #ifdef DEBUG_ENTROPY qDebug("Seed strength: %d", seed_strength); #endif } xca-RELEASE.2.9.0/lib/entropy.h000066400000000000000000000013051477156507700160150ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2012 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __ENTROPY_H #define __ENTROPY_H #include #include class Entropy { protected: QString rnd{}; static QElapsedTimer timer; static unsigned char pool[512]; static unsigned pool_pos; static unsigned seed_strength; static int random_from_file(QString fname, unsigned amount, int weakness=1); public: Entropy(); ~Entropy(); static void add(int rand); static void add_buf(const unsigned char *buf, int buflen); static int get(unsigned char *buf, int num); static void seed_rng(); static unsigned strength(); static QString makeSalt(void); }; #endif xca-RELEASE.2.9.0/lib/exception.h000066400000000000000000000014421477156507700163150ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2012 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_EXCEPTION_H #define __PKI_EXCEPTION_H #include #include #include #include "base.h" enum open_result { pw_cancel, pw_ok, pw_exit, open_abort }; class errorEx { protected: QString msg{}; public: errorEx(QString txt = "", QString className = "") { msg = txt; if (!className.isEmpty()) msg += " (" + className + ")"; } errorEx(const QSqlError &e) { msg = e.text(); } void appendString(QString s) { msg = msg + " " + s; } QString getString() const { return msg; } const char *getCString() const { return msg.toLatin1(); } bool isEmpty() const { return msg.isEmpty(); } }; #endif xca-RELEASE.2.9.0/lib/func.cpp000066400000000000000000000212261477156507700156070ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "func.h" #include "exception.h" #include "asn1time.h" #include "settings.h" #include "XcaWarningCore.h" #include #include #include #include #include #include #include #ifdef Q_OS_MACOS #include #define I18N_DIR "" #else #define I18N_DIR "i18n/" #endif #include #include #include #include #include #include #include #include #if defined(Q_OS_WIN32) #include #include #ifndef ENABLE_VIRTUAL_TERMINAL_PROCESSING #define ENABLE_VIRTUAL_TERMINAL_PROCESSING 0x04 #endif #else #include #include #define getch() getchar() #endif int console_write(FILE *fp, const QByteArray &ba) { if (ba.size() == 0) return 0; #if defined(Q_OS_WIN32) HANDLE con = GetStdHandle(fp == stderr ? STD_ERROR_HANDLE : STD_OUTPUT_HANDLE); if (con != INVALID_HANDLE_VALUE) { QString string = QString::fromUtf8(ba); WriteConsoleW(con, string.utf16(), string.size(), NULL, NULL); //return 0; } #endif fputs(ba.constData(), fp); fflush(fp); return 0; } Passwd readPass() { Passwd pw; #if !defined(Q_OS_WIN32) struct termios t, back; if (tcgetattr(0, &t)) throw errorEx(strerror(errno)); back = t; t.c_lflag &= ~(ECHO | ICANON); if (tcsetattr(0, TCSAFLUSH, &t)) throw errorEx(strerror(errno)); #else qFatal("Password input not supported"); #endif while(1) { char p = getch(); if (p == '\n' || p == '\r') break; if (p == 0x7f) pw.chop(1); else pw += p; } fputc('\n', stdout); #if !defined(Q_OS_WIN32) if (tcsetattr(0, TCSAFLUSH, &back)) throw errorEx(strerror(errno)); #endif return pw; } #if defined(Q_OS_WIN32) static QString registryInstallDir() { QString dir; wchar_t inst_dir[2048] = L""; ULONG len = sizeof inst_dir; if (RegGetValueW(HKEY_LOCAL_MACHINE, L"Software\\xca", L"Install_Dir64", RRF_RT_REG_SZ, NULL, inst_dir, &len) != ERROR_SUCCESS) return dir; /* "len" is in octets */ len /= sizeof inst_dir[0]; /* "len" includes the trailing \0\0 */ dir = QString::fromWCharArray(inst_dir, len -1); return QFileInfo(dir).canonicalFilePath(); } #endif int portable_app() { static int portable = -1; qDebug() << "portable" << portable; QString f1, f2; if (portable == -1) { #if defined(Q_OS_WIN32) f1 = registryInstallDir(); f2 = QCoreApplication::applicationDirPath(); /* f1 == f2 Registry entry of install dir exists and matches * path of this xca.exe -> Installed. Not the portable app */ portable = f1 == f2 ? 0 : 1; qDebug() << "Portable:" << f1 << " != " << f2; #else const char *p = getenv("XCA_PORTABLE"); portable = p && *p; #endif } return portable; } #if defined(Q_OS_WIN32) static QString specialFolder(int csidl) { LPITEMIDLIST pidl = NULL; wchar_t buf[MAX_PATH] = L""; if (SUCCEEDED(SHGetSpecialFolderLocation(NULL, csidl, &pidl))) SHGetPathFromIDListW(pidl, buf); QString f = QString::fromWCharArray(buf); qDebug() << "Special Folder" << csidl << f; return QFileInfo(f).canonicalFilePath(); } #endif const QString getHomeDir() { return portable_app() ? QCoreApplication::applicationDirPath() : QStandardPaths::writableLocation( QStandardPaths::DocumentsLocation); } /* For portable APP remove leading file name if it is * the app directory. */ QString relativePath(QString path) { QFileInfo fi_path(path); QFileInfo fi_home(getHomeDir()); QString prefix = fi_home.absoluteFilePath(); path = fi_path.absoluteFilePath(); if (portable_app()) { if (path.startsWith(prefix)) path = path.mid(prefix.length()+1); } return path; } const QString getLibDir() { #if defined(Q_OS_WIN32) return specialFolder(CSIDL_SYSTEM); #else QString ulib = "/usr/lib/"; QString lib = "/lib/"; QString multi; QString hd = ulib; QFile f(ulib + "pkg-config.multiarch"); if (f.open(QIODevice::ReadOnly)) { QTextStream in(&f); multi = in.readLine(); if (!multi.isEmpty()) multi += "/"; } QStringList dirs; dirs << ulib + multi + "pkcs11/" << lib + multi + "pkcs11/" << ulib + "pkcs11/" << lib + "pkcs11/" << ulib + multi << lib + multi << ulib << lib; foreach(QString dir, dirs) { if (QDir(dir).exists()) { hd = dir; break; } } return QFileInfo(hd).canonicalFilePath(); #endif } const QString getDocDir() { static QString docdir; if (!docdir.isEmpty()) return docdir; QStringList docs; #ifdef DOCDIR docs << QString(DOCDIR); #endif #ifdef INSTALL_DATA_PREFIX docs << QString(INSTALL_DATA_PREFIX); #endif docs += QStandardPaths::standardLocations(QStandardPaths::AppDataLocation); foreach (docdir, docs) { #ifndef Q_OS_MACOS docdir += "/html"; #endif if (QFileInfo::exists(docdir + "/xca.qhc")) { qDebug() << "Detected" << docdir + "/xca.qhc"; return docdir; } } docdir = QString(); return docdir; } // The intent of this function is to return the proper location for // user-controlled settings on the current platform const QString getUserSettingsDir() { static QString dir; if (!dir.isEmpty()) return dir; dir = QStandardPaths::writableLocation(QStandardPaths::AppDataLocation); #if defined(Q_OS_WIN32) if (portable_app()) dir = QCoreApplication::applicationDirPath() + "/settings"; #endif if (!QDir().mkpath(dir)) qCritical("Failed to create Path: '%s'", CCHAR(dir)); return dir; } const QString getI18nDir() { static QString qm; if (!qm.isEmpty()) return qm; #ifdef INSTALL_DATA_PREFIX if (QFileInfo::exists(INSTALL_DATA_PREFIX "/xca_de.qm")) qm = INSTALL_DATA_PREFIX "/xca_de.qm"; #endif if (qm.isEmpty()) qm = QStandardPaths::locate(QStandardPaths::AppDataLocation, I18N_DIR "xca_de.qm"); if (qm.isEmpty()) qm = QCoreApplication::applicationDirPath() + "/xca_de.qm"; qm = QFileInfo(qm).path(); qDebug() << "QM" << qm; return qm; } void migrateOldPaths() { QString old; #if defined(Q_OS_UNIX) old = QDir::homePath() + "/.xca"; #elif defined(Q_OS_MACOS) old = QStandardPaths::writableLocation( QStandardPaths::GenericDataLocation) + "/data/" + QCoreApplication::applicationName(); #endif QDir old_dir(old); if (old.isEmpty() || !old_dir.exists()) return; qDebug() << "Old XCA directory exists" << old; QString new_dir = getUserSettingsDir() + "/"; foreach(QString n, QStringList({"dbhistory", "defaultdb", "defaultlang", ".rnd"})) { old_dir.rename(n, new_dir + n); qDebug() << "Move file" << old + "/" + n << new_dir + n; } old_dir.rmdir(old); } QString hostId() { static QString id; unsigned char guid[100] = "", md[SHA_DIGEST_LENGTH]; if (!id.isEmpty()) return id; #if defined(Q_OS_WIN32) #define REG_CRYPTO "SOFTWARE\\Microsoft\\Cryptography" #define REG_GUID "MachineGuid" ULONG dwGuid = sizeof guid; HKEY hKey; if (RegOpenKeyExA(HKEY_LOCAL_MACHINE, REG_CRYPTO, 0, KEY_READ, &hKey) != ERROR_SUCCESS) { XCA_WARN("Registry Key: '" REG_CRYPTO "' not found"); } else { if (RegQueryValueExA(hKey, REG_GUID, NULL, NULL, guid, &dwGuid) != ERROR_SUCCESS) { XCA_WARN("Registry Key: '" REG_CRYPTO "\\" REG_GUID "' not found"); } } RegCloseKey(hKey); #elif defined(Q_OS_MACOS) io_registry_entry_t ioRegistryRoot = IORegistryEntryFromPath( kIOMasterPortDefault, "IOService:/"); CFStringRef uuidCf = (CFStringRef)IORegistryEntryCreateCFProperty( ioRegistryRoot, CFSTR(kIOPlatformUUIDKey), kCFAllocatorDefault, 0); CFStringGetCString(uuidCf, (char*)guid, sizeof guid, kCFStringEncodingMacRoman); qDebug() << QString::fromCFString(uuidCf) << (char*)guid; IOObjectRelease(ioRegistryRoot); CFRelease(uuidCf); #else QString mach_id; const QStringList dirs = { "/etc", "/var/lib/dbus", "/var/db/dbus" }; for (const QString &dir : dirs) { QFile file(dir + "/machine-id"); if (file.open(QIODevice::ReadOnly)) { QTextStream in(&file); mach_id = in.readLine().trimmed(); file.close(); } qDebug() << "ID:" << mach_id; if (!mach_id.isEmpty()) { snprintf((char*)guid, sizeof guid, "%s", CCHAR(mach_id)); break; } } if (mach_id.isEmpty()) sprintf((char*)guid, "%ld", gethostid()); #endif guid[sizeof guid -1] = 0; SHA1(guid, strlen((char*)guid), md); id = QByteArray((char*)md, (int)sizeof md).toBase64().mid(0, 8); qDebug() << "GUID:" << guid << "ID:" << id; return id; } QString fingerprint(const QByteArray &data, const EVP_MD *type) { return formatHash(Digest(data, type), Settings["fp_separator"], Settings["fp_digits"]); } void update_workingdir(const QString &file) { QFileInfo fi(file); if (fi.isDir()) Settings["workingdir"] = fi.absoluteFilePath(); else Settings["workingdir"] = fi.absolutePath(); } xca-RELEASE.2.9.0/lib/func.h000066400000000000000000000014621477156507700152540ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2012 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __FUNC_H #define __FUNC_H #include #include #include "base.h" #include "func_base.h" #include "Passwd.h" #include #include #define IS_GUI_APP (is_gui_app) class Validity; class QPixmap; extern bool is_gui_app; int console_write(FILE *fp, const QByteArray &ba); Passwd readPass(); int portable_app(); const QString getHomeDir(); QString relativePath(QString path); const QString getLibDir(); const QString getDocDir(); const QString getUserSettingsDir(); const QString getI18nDir(); void migrateOldPaths(); QString hostId(); QString fingerprint(const QByteArray &data, const EVP_MD *type); void update_workingdir(const QString &file); #endif xca-RELEASE.2.9.0/lib/func_base.cpp000066400000000000000000000174011477156507700166010ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "func_base.h" #include #include #include #include #include #include #include #include #include #include #include #include #include "exception.h" bool is_gui_app = false; const QStringList getLibExtensions() { return QStringList { #if defined(Q_OS_WIN32) QString("*.dll"), QString("*.DLL"), #elif defined(Q_OS_MACOS) QString("*.dylib"), QString("*.so"), #else QString("*.so"), #endif }; } // Qt's open and save dialogs result in some undesirable quirks. // This function makes sure that a filename has the user-selected extension. QString getFullFilename(const QString & filename, const QString & selectedFilter) { QString rv = filename.trimmed(), ext; auto match = QRegularExpression(".* \\( ?\\*(.[a-z]{1,3}) ?\\)") .match(selectedFilter); ext = match.captured(1); if (ext.isEmpty() || rv.endsWith(ext)) return rv; return rv + ext; } QString compressFilename(const QString &filename, int maxlen) { QString fn = filename; if (fn.length() >= maxlen) { fn.replace("\\", "/"); int len, lastslash = fn.lastIndexOf('/'); QString base = filename.mid(lastslash); len = maxlen - base.length() - 3; if (len < 0) { fn = "..." + base.right(maxlen -3); } else { fn = fn.left(len); lastslash = fn.lastIndexOf('/'); fn = filename.left(lastslash + 1) + "..." + base; } } return nativeSeparator(fn); } QString asn1ToQString(const ASN1_STRING *str, bool quote) { unsigned char *out = NULL; int len; QString utf8; len = ASN1_STRING_to_UTF8(&out, str); if (len != -1) { utf8 = QString::fromUtf8((const char*)out, len); OPENSSL_free(out); } if (quote) utf8.replace('\n', "\\n\\"); return utf8; } /* returns an encoded ASN1 string from QString for a special nid*/ ASN1_STRING *QStringToAsn1(const QString s, int nid) { QByteArray ba = s.toUtf8(); const unsigned char *utf8 = (const unsigned char *)ba.constData(); unsigned long global_mask = ASN1_STRING_get_default_mask(); unsigned long mask = DIRSTRING_TYPE & global_mask; ASN1_STRING *out = NULL; ASN1_STRING_TABLE *tbl; tbl = ASN1_STRING_TABLE_get(nid); if (tbl) { mask = tbl->mask; if (!(tbl->flags & STABLE_NO_MASK)) mask &= global_mask; } ASN1_mbstring_copy(&out, utf8, -1, MBSTRING_UTF8, mask); openssl_error_msg(QString("'%1' (%2)").arg(s).arg(OBJ_nid2ln(nid))); return out; } const char *OBJ_ln2sn(const char *ln) { return OBJ_nid2sn(OBJ_ln2nid(ln)); } const char *OBJ_sn2ln(const char *sn) { return OBJ_nid2ln(OBJ_sn2nid(sn)); } const char *OBJ_obj2sn(ASN1_OBJECT *a) { OBJ_obj2nid(a); openssl_error(); return OBJ_nid2sn(OBJ_obj2nid(a)); } QString OBJ_obj2QString(const ASN1_OBJECT *a, int no_name) { char buf[512]; int len; len = OBJ_obj2txt(buf, sizeof buf, a, no_name); openssl_error(); return QString::fromLatin1(buf, len); } QByteArray i2d_bytearray(int(*i2d)(const void*, unsigned char **), const void *data) { QByteArray ba; ba.resize(i2d(data, NULL)); unsigned char *p = (unsigned char*)ba.data(); i2d(data, &p); openssl_error(); return ba; } void *d2i_bytearray(void *(*d2i)(void *, unsigned char **, long), QByteArray &ba) { unsigned char *p, *p1; void *ret; p = p1 = (unsigned char *)ba.constData(); ret = d2i(NULL, &p1, ba.size()); ba = ba.mid(p1-p); openssl_error(); return ret; } static int __ecb(const char *st, size_t len, void *u) { QByteArray *ba = (QByteArray *)u; ba->append(st, len); return 1; } void _openssl_error(const QString &txt, const char *file, int line) { QString error; QByteArray ba; ERR_print_errors_cb(__ecb, &ba); if (!ba.isEmpty()) { fputs(CCHAR(QString("OpenSSL error (%1:%2) : %3\n"). arg(file).arg(line).arg(QString::fromLatin1(ba))), stderr); } if (!error.isEmpty()) { if (!txt.isEmpty()) error = txt + "\n" + error + "\n" + QString("(%1:%2)").arg(file).arg(line); throw errorEx(error); } } #undef PRINT_IGNORED_ANYWAY bool _ign_openssl_error(const QString &txt, const char *file, int line) { // ignore openssl errors QString errtxt; #if PRINT_IGNORED_ANYWAY if (!txt.isEmpty() && ERR_peek_error()) qDebug() << txt; #else (void)txt; (void)file; (void)line; #endif while (int i = ERR_get_error() ) { errtxt = ERR_error_string(i, NULL); #if PRINT_IGNORED_ANYWAY qDebug() << QString("IGNORED (%1:%2) : %3\n") .arg(file).arg(line).arg(errtxt); #endif } return !errtxt.isEmpty(); } QString formatHash(const QByteArray &data, QString sep, int width) { return QString(data.toHex()).toUpper() .replace(QRegularExpression(QString("(.{%1})(?=.)").arg(width)), QString("\\1") + sep); } QByteArray Digest(const QByteArray &data, const EVP_MD *type) { unsigned int n; unsigned char m[EVP_MAX_MD_SIZE]; EVP_Digest(data.constData(), data.size(), m, &n, type, NULL); openssl_error(); return QByteArray((char*)m, (int)n); } QString get_ossl_verify_error(int err) { // https://docs.openssl.org/master/man3/X509_STORE_CTX_get_error/#error-codes static const QMap ossl_verify_errors = { #define V_ERR(x) { x, #x }, V_ERR(X509_V_OK) #include "openssl_v_err.c" }; return ossl_verify_errors.value(err, "Unknown error"); } QMap dn_translations; void dn_translations_setup() { QMap D; D[NID_countryName] = QObject::tr("Country code"); D[NID_stateOrProvinceName] = QObject::tr("State or Province"); D[NID_localityName] = QObject::tr("Locality"); D[NID_organizationName] = QObject::tr("Organisation"); D[NID_organizationalUnitName] = QObject::tr("Organisational unit"); D[NID_commonName] = QObject::tr("Common name"); D[NID_pkcs9_emailAddress] = QObject::tr("E-Mail address"); D[NID_serialNumber] = QObject::tr("Serial number"); D[NID_givenName] = QObject::tr("Given name"); D[NID_surname] = QObject::tr("Surname"); D[NID_title] = QObject::tr("Title"); D[NID_initials] = QObject::tr("Initials"); D[NID_description] = QObject::tr("Description"); D[NID_role] = QObject::tr("Role"); D[NID_pseudonym] = QObject::tr("Pseudonym"); D[NID_generationQualifier] = QObject::tr("Generation Qualifier"); D[NID_x500UniqueIdentifier] = QObject::tr("x500 Unique Identifier"); D[NID_name] = QObject::tr("Name"); D[NID_dnQualifier] = QObject::tr("DN Qualifier"); D[NID_pkcs9_unstructuredName] = QObject::tr("Unstructured name"); D[NID_pkcs9_challengePassword] = QObject::tr("Challenge password"); D[NID_basic_constraints] = QObject::tr("Basic Constraints"); D[NID_name_constraints] = QObject::tr("Name Constraints"); D[NID_subject_alt_name] = QObject::tr("Subject alternative name"); D[NID_issuer_alt_name] = QObject::tr("issuer alternative name"); D[NID_subject_key_identifier] = QObject::tr("Subject key identifier"); D[NID_authority_key_identifier] = QObject::tr("Authority key identifier"); D[NID_key_usage] = QObject::tr("Key usage"); D[NID_ext_key_usage] = QObject::tr("Extended key usage"); D[NID_crl_distribution_points] = QObject::tr("CRL distribution points"); D[NID_info_access] = QObject::tr("Authority information access"); D[NID_netscape_cert_type] = QObject::tr("Certificate type"); D[NID_netscape_base_url] = QObject::tr("Base URL"); D[NID_netscape_revocation_url] = QObject::tr("Revocation URL"); D[NID_netscape_ca_revocation_url] = QObject::tr("CA Revocation URL"); D[NID_netscape_renewal_url] = QObject::tr("Certificate renewal URL"); D[NID_netscape_ca_policy_url] = QObject::tr("CA policy URL"); D[NID_netscape_ssl_server_name] = QObject::tr("SSL server name"); D[NID_netscape_comment] = QObject::tr("Comment"); dn_translations = D; } QString appendXcaComment(QString current, QString msg) { if (!current.endsWith("\n") && !current.isEmpty()) current += "\n"; return current + QString("(%1)\n").arg(msg); } xca-RELEASE.2.9.0/lib/func_base.h000066400000000000000000000036341477156507700162510ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2012 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __FUNC_BASE_H #define __FUNC_BASE_H #include #include #include #include #include #include "base.h" #include "Passwd.h" #include #include #define IS_GUI_APP (is_gui_app) class Validity; class QPixmap; extern bool is_gui_app; QString getFullFilename(const QString &filename, const QString &selectedFilter); const QStringList getLibExtensions(); QString formatHash(const QByteArray &data, QString sep = ":", int width = 2); QString compressFilename(const QString &filename, int maxlen = 50); QString asn1ToQString(const ASN1_STRING *str, bool quote = false); ASN1_STRING *QStringToAsn1(QString s, int nid); QByteArray Digest(const QByteArray &data, const EVP_MD *type); const char *OBJ_ln2sn(const char *ln); const char *OBJ_sn2ln(const char *sn); const char *OBJ_obj2sn(ASN1_OBJECT *a); QString OBJ_obj2QString(const ASN1_OBJECT *a, int no_name = 0); extern QMap dn_translations; void dn_translations_setup(); #define openssl_error_msg(x) _openssl_error(QString(x), __FILE__, __LINE__) #define openssl_error() openssl_error_msg("") #define ign_openssl_error() _ign_openssl_error(QString(), __FILE__, __LINE__) void _openssl_error(const QString &txt, const char *file, int line); bool _ign_openssl_error(const QString &txt, const char *file, int line); QByteArray i2d_bytearray(int(*i2d)(const void*, unsigned char**), const void*); void *d2i_bytearray(void *(*d2i)(void*, unsigned char**, long), QByteArray &ba); #define I2D_VOID(a) ((int (*)(const void *, unsigned char **))(a)) #define D2I_VOID(a) ((void *(*)(void *, unsigned char **, long))(a)) QString appendXcaComment(QString current, QString msg); QString get_ossl_verify_error(int err); /* from version.cpp */ const char *version_str(bool html); #endif xca-RELEASE.2.9.0/lib/headerlist.h000066400000000000000000000126111477156507700164430ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2010 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __HEADERLIST_H #define __HEADERLIST_H #include #include #include #include #include #include #include "settings.h" #include "pki_base.h" #include "func.h" #define HD_undef NID_undef #define HD_internal_name -2 #define HD_subject_name -3 #define HD_subject_hash -4 #define HD_x509key_name -5 #define HD_counter -6 #define HD_x509_sigalg -7 #define HD_creation -8 #define HD_comment -9 #define HD_source -100 #define HD_primary_key -101 #define HD_cert_serial -10 #define HD_cert_notBefore -11 #define HD_cert_notAfter -12 //#define HD_cert_trust -13 #define HD_cert_revocation -14 #define HD_cert_ca -15 #define HD_cert_md5fp -16 #define HD_cert_sha1fp -17 #define HD_cert_sha256fp -18 #define HD_cert_crl_expire -19 #define HD_req_signed -20 #define HD_req_unstr_name -21 #define HD_req_chall_pass -22 #define HD_req_certs -23 //#define HD_temp_type -30 #define HD_crl_signer -40 #define HD_crl_revoked -42 #define HD_crl_lastUpdate -43 #define HD_crl_nextUpdate -44 #define HD_crl_crlnumber -45 #define HD_key_type -50 #define HD_key_size -51 #define HD_key_use -52 #define HD_key_passwd -53 #define HD_key_curve -54 class dbheader { protected: QString name{}, tooltip{}; public: enum hdr_type { hd_default, hd_x509name, hd_v3ext, hd_v3ext_ns, hd_number, hd_asn1time, hd_key, }; int id{ HD_undef }; bool show{ false }; bool showDefault{ false }; QAction *action{}; int size{ -1 }; int visualIndex{ -1 }; int sortIndicator{ -1 }; enum hdr_type type{ hd_default }; virtual QString getName() { return name; } virtual QString getTooltip() { return tooltip; } dbheader(QString aname = QString()) : name(aname) { } dbheader(int aid, bool ashow = false, QString aname = QString(), QString atip = QString()) : name(aname), tooltip(atip), id(aid), show(ashow), showDefault(ashow) { } virtual ~dbheader() { } bool mustSave() { return size != -1 || visualIndex != -1 || sortIndicator != -1 || show != showDefault; } bool operator == (const dbheader *h) const { if (h->id == HD_undef) return name == h->name; return id == h->id; } bool isNumeric() { switch (id) { case NID_subject_key_identifier: case NID_authority_key_identifier: case HD_key_size: return true; } return type == hd_number; } QString toData() { QStringList sl{ QString::number(visualIndex), QString::number(sortIndicator), QString::number(size), QString::number(show) }; return sl.join(" "); } void fromData(QString s) { QStringList sl = s.split(" "); if (sl.count() != 4) { qCritical() << "Invalid header data for" << id << name << s; return; } visualIndex = sl[0].toInt(); if (visualIndex < -1) visualIndex = -1; sortIndicator = sl[1].toInt(); if (sortIndicator != Qt::AscendingOrder && sortIndicator != Qt::DescendingOrder) sortIndicator = -1; size = sl[2].toInt(); if (size == 0) size = -1; show = sl[3].toInt(); } void setupHeaderView(int sect, QHeaderView *hv) { hv->setSectionHidden(sect, !show); if (size != -1) hv->resizeSection(sect, size); if (sortIndicator != -1) { hv->setSortIndicator(sect, sortIndicator ? Qt::DescendingOrder : Qt::AscendingOrder); } } void reset() { action = NULL; show = showDefault; size = -1; visualIndex = -1; sortIndicator = -1; } }; class nid_dbheader : public dbheader { private: QString sn{}; public: nid_dbheader(int aid, enum hdr_type atype) : dbheader(aid, aid == NID_commonName) { type = atype; tooltip = dn_translations[id]; name = OBJ_nid2ln(id); sn = OBJ_nid2sn(id); if (tooltip.isEmpty()) tooltip = name; } QString getName() { return Settings["translate_dn"] ? tooltip : name; } QString getTooltip() { return QString("[%1] %2").arg(sn) .arg(Settings["translate_dn"] ? name : tooltip); } }; class num_dbheader : public dbheader { public: num_dbheader(int aid, bool ashow = false, QString aname = QString(), QString atip = QString()) : dbheader(aid, ashow, aname, atip) { type = hd_number; } }; class date_dbheader : public dbheader { public: date_dbheader(int aid, bool ashow = false, QString aname = QString(), QString atip = QString()) : dbheader(aid, ashow, aname, atip) { type = hd_asn1time; } }; class key_dbheader : public dbheader { public: key_dbheader(int aid, QString aname) : dbheader(aid, false, aname) { type = hd_key; } }; class dbheaderList: public QList { public: dbheaderList(dbheader *h) :QList() { append(h); } dbheaderList() :QList() { } QString toData() { QStringList sl; for (int i=0; imustSave()) continue; seq << QString("%1").arg(h->id); if (h->id > 0) { seq << OBJ_obj2QString( OBJ_nid2obj(h->id), 1); } seq << h->toData(); sl << seq.join(":"); } return sl.join(","); } void fromData(QString s) { QStringList sl = s.split(","); foreach(QString hd, sl) { QStringList sl1 = hd.split(":"); int id = sl1.takeFirst().toInt(); if (id > 0) { id = OBJ_txt2nid(CCHAR(sl1.takeFirst())); } for (int i=0; iid == id) { h->fromData(sl1.takeFirst()); break; } } } } }; #endif xca-RELEASE.2.9.0/lib/ipvalidator.h000066400000000000000000000025011477156507700166320ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2018 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __IPVALIDATOR_H #define __IPVALIDATOR_H #include #include #include #include /* Validating IPv4/6 is not as trivial as thought. * - The QHostAddress class requires the network library * and i don't want to add many megabytes for this validator * - I failed to and actually don't want to write my own validator * as there are already thoroughly tested functions. * - inet_pton() does what I want, but * on Windows there is no inet_pton(). * - Openssl validates the result anyway. * So we reduce the validation on windows to the RegEx */ #if !defined(Q_OS_WIN32) #include #include #include #include unsigned char buf[sizeof(struct in6_addr)]; #else #define inet_pton(a,b,c) (1) #endif class ipValidator : public QValidator { public: QValidator::State validate(QString &input, int&) const { if (!QRegularExpression("^[0-9a-fA-F:\\.]*$").match(input).hasMatch()) return Invalid; return inet_pton(AF_INET, CCHAR(input), buf) == 1 || inet_pton(AF_INET6, CCHAR(input), buf) == 1 ? Acceptable : Intermediate; } void fixup(QString &input) const { input = input.toLower(); } }; #endif xca-RELEASE.2.9.0/lib/load_obj.cpp000066400000000000000000000067771477156507700164430ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "load_obj.h" #include "pki_x509.h" #include "pki_evp.h" #include "pki_x509req.h" #include "pki_pkcs7.h" #include "pki_pkcs12.h" #include "pki_multi.h" #include "pki_temp.h" #include "pki_crl.h" load_base::load_base() { filter = QObject::tr("All files ( * )"); caption = ""; } pki_base *load_base::loadItem(const QString &s) { pki_base *pki = newItem(); if (!pki) return NULL; try { pki->fload(s); openssl_error(); } catch (errorEx &err){ delete pki; throw err; } pki->pkiSource = imported; pki->autoIntName(s); pki->setFilename(s); return pki; } pki_base * load_base::newItem() { return NULL; } load_base::~load_base() { } /* Keys */ load_key::load_key() :load_base() { filter = QObject::tr("PKI Keys ( *.pem *.der *.key );; " "PKCS#8 Keys ( *.p8 *.pk8 );; " "Microsoft PVK Keys ( *.pvk );; " "SSH Public Keys ( *.pub );;") + filter; caption = QObject::tr("Import RSA key"); } pki_base * load_key::newItem() { return new pki_evp(); } /* Requests */ load_req::load_req() :load_base() { filter = QObject::tr("PKCS#10 CSR ( *.pem *.der *.csr );; ") + filter; caption = QObject::tr("Import Request"); } pki_base * load_req::newItem() { return new pki_x509req(); } /* Certificates */ load_cert::load_cert() :load_base() { filter = QObject::tr("Certificates ( *.pem *.der *.crt *.cer );;") + filter; caption = QObject::tr("Import X.509 Certificate"); } pki_base * load_cert::newItem() { return new pki_x509(); } /* PKCS#7 Certificates */ load_pkcs7::load_pkcs7() :load_base() { filter = QObject::tr("PKCS#7 data ( *.p7s *.p7m *.p7b );;") + filter; caption = QObject::tr("Import PKCS#7 Certificates"); } pki_base * load_pkcs7::newItem() { return new pki_pkcs7(); } /* PKCS#12 Certificates */ load_pkcs12::load_pkcs12() :load_base() { filter = QObject::tr("PKCS#12 Certificates ( *.p12 *.pfx );;") + filter; caption = QObject::tr("Import PKCS#12 Private Certificate"); } pki_base * load_pkcs12::loadItem(const QString &s) { pki_base *p12 = new pki_pkcs12(s); return p12; } /* Templates */ load_temp::load_temp() :load_base() { filter = QObject::tr("XCA templates ( *.xca );;") + filter; caption = QObject::tr("Import XCA Templates"); } pki_base * load_temp::newItem() { return new pki_temp(); } /* CRLs */ load_crl::load_crl() :load_base() { filter = QObject::tr("Revocation lists ( *.pem *.der *.crl );;") + filter; caption = QObject::tr("Import Certificate Revocation List"); } pki_base * load_crl::newItem() { return new pki_crl(); } /* Database */ load_db::load_db() :load_base() { filter = QObject::tr("XCA Databases ( *.xdb );;") + filter; caption = QObject::tr("Open XCA Database"); } /* OpenVPN TA key */ load_takey::load_takey() :load_base() { filter = QObject::tr("OpenVPN tls-auth key ( *.key );;") + filter; caption = QObject::tr("Import OpenVPN tls-auth key"); } /* Shared library */ load_pkcs11::load_pkcs11() :load_base() { #if defined(Q_OS_WIN32) filter = QObject::tr("PKCS#11 library ( *.dll );;") + filter; #elif defined(Q_OS_MACOS) filter = QObject::tr("PKCS#11 library ( *.dylib *.so );;") + filter; #else filter = QObject::tr("PKCS#11 library ( *.so );;") + filter; #endif caption = QObject::tr("Open PKCS#11 shared library"); } /* General PEM loader */ load_pem::load_pem() :load_base() { filter = QObject::tr("PEM files ( *.pem );;") + filter; caption = QObject::tr("Load PEM encoded file"); } pki_base *load_pem::newItem() { return new pki_multi(); } xca-RELEASE.2.9.0/lib/load_obj.h000066400000000000000000000024171477156507700160730ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __LOAD_OBJ_H #define __LOAD_OBJ_H #include class pki_base; class load_base { public: QString filter{}; QString caption{}; load_base(); virtual ~load_base(); virtual pki_base *loadItem(const QString &s); virtual pki_base *newItem(); }; class load_key: public load_base { public: load_key(); pki_base *newItem(); }; class load_req: public load_base { public: load_req(); pki_base *newItem(); }; class load_cert: public load_base { public: load_cert(); pki_base *newItem(); }; class load_pkcs7: public load_base { public: load_pkcs7(); pki_base *newItem(); }; class load_pkcs12: public load_base { public: load_pkcs12(); pki_base *loadItem(const QString &s); }; class load_temp: public load_base { public: load_temp(); pki_base *newItem(); }; class load_crl: public load_base { public: load_crl(); pki_base *newItem(); }; class load_db: public load_base { public: load_db(); }; class load_takey: public load_base { public: load_takey(); }; class load_pkcs11: public load_base { public: load_pkcs11(); }; class load_pem: public load_base { public: load_pem(); pki_base *newItem(); }; #endif xca-RELEASE.2.9.0/lib/main.cpp000066400000000000000000000114061477156507700155770ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #include #include #include #include "widgets/MainWindow.h" #include "ui_MainWindow.h" #include "widgets/XcaApplication.h" #include "func.h" #include "entropy.h" #include "settings.h" #include "pki_multi.h" #include "arguments.h" #include "pki_export.h" #include "debug_info.h" #if defined(Q_OS_WIN32) //For the segfault handler #include #endif #if (OPENSSL_VERSION_NUMBER >= 0x30000000L) #include #endif #include #include char segv_data[1024]; #if defined(Q_OS_WIN32) static LONG CALLBACK w32_segfault(LPEXCEPTION_POINTERS e) { if (e->ExceptionRecord->ExceptionCode == EXCEPTION_ACCESS_VIOLATION) { if (segv_data[0]) { XCA_WARN(QString(segv_data)); abort(); } return EXCEPTION_CONTINUE_EXECUTION; } else return EXCEPTION_CONTINUE_SEARCH; } #else static void segv_handler_gui(int) { if (segv_data[0]) XCA_WARN(QString(segv_data)); abort(); } #endif int uiwriter(UI *, UI_STRING *uis) { qWarning() << "ui-writer called:" << UI_get0_action_string(uis) << UI_get0_output_string(uis); return 1; } int read_cmdline(int, char **, bool, pki_multi **); int main(int argc, char *argv[]) { const char *xca_special = getenv("XCA_ARGUMENTS"); if (xca_special && *xca_special) { puts(CCHAR(arguments::doc(xca_special))); return 0; } debug_info::init(); #if defined(Q_OS_WIN32) // If no style provided externally if (!QApplication::style()) QApplication::setStyle("Fusion"); AttachConsole(-1); int wargc; wchar_t **wargv = CommandLineToArgvW(GetCommandLineW(), &wargc); if (wargv && wargc) { int i; if (argc != wargc) qWarning() << "argc != wargc" << argc << wargc; if (argc > wargc) argc = wargc; qDebug() << "wargc" << wargc << argc; for (i = 0; i < argc; i++) { QString s = QString::fromWCharArray(wargv[i]); QByteArray ba = s.toUtf8(); argv[i] = strdup(ba.constData()); qDebug() << "wargv" << i << argv[i] << s; } argv[i] = NULL; LocalFree(wargv); } SetUnhandledExceptionFilter(w32_segfault); #else signal(SIGSEGV, segv_handler_gui); #endif bool console_only = arguments::is_console(argc, argv); XcaApplication *gui = nullptr; QCoreApplication *coreApp = nullptr; #if !defined(Q_OS_WIN32) if (console_only) { coreApp = new QCoreApplication(argc, argv); } else #endif { /* On windows, always instantiate a GUI app */ coreApp = gui = new XcaApplication(argc, argv); is_gui_app = true; } #if (OPENSSL_VERSION_NUMBER >= 0x30000000L) { QString path; #if defined(Q_OS_WIN32) path = QCoreApplication::applicationDirPath(); #elif defined(Q_OS_MACOS) path = QCoreApplication::applicationDirPath() + "/../PlugIns"; #endif if (!path.isEmpty()) { OSSL_PROVIDER_set_default_search_path(NULL, path.toUtf8().data()); qDebug() << "OSSL_PROVIDER_set_default_search_path" << path; } } MainWindow::legacy_loaded = OSSL_PROVIDER_try_load(0, "legacy", 1); if (MainWindow::legacy_loaded) qDebug() << "Legacy provider loaded"; else qWarning() << "Legacy provider NOT loaded"; #endif QSharedPointer uimeth( UI_create_method("xca-method"), UI_destroy_method); UI_method_set_writer(uimeth.data(), uiwriter); UI_set_default_method(uimeth.data()); coreApp->setApplicationName("de.hohnstaedt.xca"); coreApp->setOrganizationDomain("hohnstaedt.de"); coreApp->setApplicationVersion(XCA_VERSION); xcaWarning::setGui(new xcaWarningCore()); migrateOldPaths(); pki_multi *cmdline_items = nullptr; Entropy entropy; Settings.clear(); try { initOIDs(); } catch (errorEx &e) { XCA_ERROR(e); } int ret = EXIT_SUCCESS; for (int i=0; i < argc; i++) qDebug() << "wargv" << argc << i << argv[i]; try { if (gui && !console_only) { mainwin = new MainWindow(); gui->setMainwin(mainwin); read_cmdline(argc, argv, console_only, &cmdline_items); if (cmdline_items) qDebug() << "CMD Items" << cmdline_items->get().size(); if (cmdline_items && cmdline_items->get().size() > 0) { mainwin->importMulti(cmdline_items, 1); cmdline_items = nullptr; } else { delete cmdline_items; enum open_result r = open_abort; if (!Database.isOpen()) r = mainwin->init_database(QString()); else r = mainwin->setup_open_database(); qDebug() << "PWret" << r << pw_cancel << pw_ok; if (r != pw_exit) { mainwin->show(); gui->exec(); } } } else { ret = read_cmdline(argc, argv, console_only, &cmdline_items); delete cmdline_items; } } catch (errorEx &ex) { XCA_ERROR(ex); } catch (enum open_result r) { qDebug() << "DB open failed: " << r; } Database.close(); delete mainwin; delete gui; pki_export::free_elements(); #if defined(Q_OS_WIN32) FreeConsole(); #endif return ret; } xca-RELEASE.2.9.0/lib/oid.cpp000066400000000000000000000124771477156507700154370ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2014 Christian Hohnstaedt. * * All rights reserved. */ /* here we have the possibility to add our own OIDS */ #include #include #include #include #include #include #include "func.h" #include "oid.h" #include "XcaWarningCore.h" int first_additional_oid = 0; NIDlist extkeyuse_nid; NIDlist distname_nid; QMap oid_name_clash; QMap oid_lower_map; static QStringList searchdirs() { QStringList dirs = QStandardPaths::standardLocations( QStandardPaths::AppDataLocation); #ifdef INSTALL_DATA_PREFIX dirs << QString(INSTALL_DATA_PREFIX); #endif return dirs; } static void addToLowerMap(int nid) { QString n = OBJ_nid2sn(nid); QString l = n.toLower(); if (n != l) oid_lower_map[l] = nid; n = OBJ_nid2ln(nid); l = n.toLower(); if (n != l) oid_lower_map[l] = nid; } /* reads additional OIDs from a file: oid, sn, ln */ static void insert_new_oid(const QStringList &sl, QString fname, int line) { bool differs = false; QByteArray in_use, oid, sn, ln; if (sl.count() != 3) { XCA_WARN(QObject::tr("Error reading config file %1 at line %2") .arg(fname).arg(line)); return; } oid = sl[0].toLatin1(); sn = sl[1].toLatin1(); ln = sl[2].toLatin1(); int nid = OBJ_txt2nid(oid.constData()); if (nid != NID_undef) { /* OID already known by OpenSSL */ if (sn != OBJ_nid2sn(nid)) { /* ... but with a different ShortName */ qWarning() << "OID: " << oid << "SN differs: " << sn << " " << OBJ_nid2sn(nid); oid_name_clash[sn] = OBJ_nid2sn(nid); differs = true; } if (ln != OBJ_nid2ln(nid)) { /* ... but with a different LongName */ qWarning() << "OID: " << oid << "LN differs: " << ln << " " << OBJ_nid2ln(nid); oid_name_clash[ln] = OBJ_nid2ln(nid); differs = true; } } else { /* Check whether ShortName or LongName are already in use * for a different OID */ if (OBJ_txt2nid(sn.constData()) != NID_undef) in_use = sn; if (OBJ_txt2nid(ln.constData()) != NID_undef) in_use = ln; } ign_openssl_error(); if (differs) { /* OID exists with different SN or LN. The differing names * are added as "alias" in "oid_name_clash" used when loading * dn.txt and eku.txt */ XCA_WARN(QObject::tr("The Object '%1' from file %2 line %3 is already known as '%4:%5:%6' and should be removed.") .arg(sl.join(":")).arg(fname).arg(line) .arg(OBJ_obj2QString(OBJ_nid2obj(nid), 1)) .arg(OBJ_nid2sn(nid)).arg(OBJ_nid2ln(nid)) ); } else if (!in_use.isEmpty()) { /* OID does not exist, but SN or LN however do. * Do NOT create OID and tell the user about */ nid = OBJ_txt2nid(in_use.constData()); XCA_WARN(QObject::tr("The identifier '%1' for OID %2 from file %3 line %4 is already used for a different OID as '%5:%6:%7' and should be changed to avoid conflicts.") .arg(in_use.constData()) .arg(oid.constData()) .arg(fname).arg(line) .arg(OBJ_obj2QString(OBJ_nid2obj(nid), 1)) .arg(OBJ_nid2sn(nid)).arg(OBJ_nid2ln(nid)) ); } else if (nid == NID_undef) { nid=OBJ_create(oid.constData(), sn.constData(), ln.constData()); qDebug() << "Creating OID:" << fname << line << nid << oid << sn << ln; try { openssl_error(); addToLowerMap(nid); } catch (errorEx &e) { errorEx err(errorEx(e.getString() + QString("%1:%2 OID: %3") .arg(fname).arg(line).arg(oid.constData()))); XCA_ERROR(err); } } } static void readOIDs(const QString &fname) { int line = 0; QFile file(fname); if (!file.open(QIODevice::ReadOnly)) return; qDebug() << "Read additional OIDs from" << fname; QTextStream in(&file); while (!in.atEnd()) { QString entry = in.readLine().trimmed(); line++; if (entry.startsWith('#') || entry.isEmpty()) continue; insert_new_oid(entry.split(QRegularExpression("\\s*:\\s*")), fname, line); } } /* reads a list of OIDs/SNs from a file and turns them into a QValueList * of integers, representing the NIDs. Usually to be used by NewX509 for * the list of ExtendedKeyUsage and Distinguished Name */ static NIDlist readNIDlist(const QString &fname) { int line = 0, nid; NIDlist nl; QFile file(fname); if (!file.open(QIODevice::ReadOnly)) return nl; QTextStream in(&file); while (!in.atEnd()) { const char *userdefined; QString entry = in.readLine().trimmed(); line++; if (entry.startsWith('#') || entry.isEmpty()) continue; userdefined = oid_name_clash[entry]; if (userdefined) entry = userdefined; nid = OBJ_txt2nid(CCHAR(entry)); if (nid == NID_undef) XCA_WARN(QObject::tr("Unknown object '%1' in file %2 line %3") .arg(entry).arg(fname).arg(line)); else nl += nid; } openssl_error(); return nl; } /* creates a new nid list from the given filename */ static NIDlist read_nidlist(const QString &name) { NIDlist nl; foreach(QString d, searchdirs()) { nl = readNIDlist(d + "/" + name); qDebug() << "Read" << nl.count() << "NIDs from" << d + "/" + name; if (nl.count() > 0) break; } return nl; } void initOIDs() { first_additional_oid = OBJ_new_nid(0); openssl_error(); for (int i=0; i #include typedef QList NIDlist; extern NIDlist extkeyuse_nid; extern NIDlist distname_nid; extern int first_additional_oid; extern QMap oid_name_clash; extern QMap oid_lower_map; /* reads additional OIDs from a file: oid, sn, ln */ void initOIDs(); #endif xca-RELEASE.2.9.0/lib/opensc-pkcs11.h000066400000000000000000001236531477156507700167170ustar00rootroot00000000000000/* pkcs11.h Copyright 2006, 2007 g10 Code GmbH Copyright 2006 Andreas Jellinghaus This file is free software; as a special exception the author gives unlimited permission to copy and/or distribute it, with or without modifications, as long as this notice is preserved. This file is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY, to the extent permitted by law; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. */ /* Please submit changes back to the Scute project at http://www.scute.org/ (or send them to marcus@g10code.com), so that they can be picked up by other projects from there as well. */ /* This file is a modified implementation of the PKCS #11 standard by RSA Security Inc. It is mostly a drop-in replacement, with the following change: This header file does not require any macro definitions by the user (like CK_DEFINE_FUNCTION etc). In fact, it defines those macros for you (if useful, some are missing, let me know if you need more). There is an additional API available that does comply better to the GNU coding standard. It can be switched on by defining CRYPTOKI_GNU before including this header file. For this, the following changes are made to the specification: All structure types are changed to a "struct ck_foo" where CK_FOO is the type name in PKCS #11. All non-structure types are changed to ck_foo_t where CK_FOO is the lowercase version of the type name in PKCS #11. The basic types (CK_ULONG et al.) are removed without substitute. All members of structures are modified in the following way: Type indication prefixes are removed, and underscore characters are inserted before words. Then the result is lowercased. Note that function names are still in the original case, as they need for ABI compatibility. CK_FALSE, CK_TRUE and NULL_PTR are removed without substitute. Use . If CRYPTOKI_COMPAT is defined before including this header file, then none of the API changes above take place, and the API is the one defined by the PKCS #11 standard. */ #ifndef PKCS11_H #define PKCS11_H 1 #if defined(__cplusplus) extern "C" { #endif /* The version of cryptoki we implement. The revision is changed with each modification of this file. If you do not use the "official" version of this file, please consider deleting the revision macro (you may use a macro with a different name to keep track of your versions). */ #define CRYPTOKI_VERSION_MAJOR 2 #define CRYPTOKI_VERSION_MINOR 20 #define CRYPTOKI_VERSION_REVISION 6 /* Compatibility interface is default, unless CRYPTOKI_GNU is given. */ #ifndef CRYPTOKI_GNU #ifndef CRYPTOKI_COMPAT #define CRYPTOKI_COMPAT 1 #endif #endif /* System dependencies. */ #if defined(_WIN32) || defined(CRYPTOKI_FORCE_WIN32) /* There is a matching pop below. */ #pragma pack(push, cryptoki, 1) #ifdef CRYPTOKI_EXPORTS #define CK_SPEC __declspec(dllexport) #else #define CK_SPEC __declspec(dllimport) #endif #else #define CK_SPEC #endif #ifdef CRYPTOKI_COMPAT /* If we are in compatibility mode, switch all exposed names to the PKCS #11 variant. There are corresponding #undefs below. */ #define ck_flags_t CK_FLAGS #define ck_version _CK_VERSION #define ck_info _CK_INFO #define cryptoki_version cryptokiVersion #define manufacturer_id manufacturerID #define library_description libraryDescription #define library_version libraryVersion #define ck_notification_t CK_NOTIFICATION #define ck_slot_id_t CK_SLOT_ID #define ck_slot_info _CK_SLOT_INFO #define slot_description slotDescription #define hardware_version hardwareVersion #define firmware_version firmwareVersion #define ck_token_info _CK_TOKEN_INFO #define serial_number serialNumber #define max_session_count ulMaxSessionCount #define session_count ulSessionCount #define max_rw_session_count ulMaxRwSessionCount #define rw_session_count ulRwSessionCount #define max_pin_len ulMaxPinLen #define min_pin_len ulMinPinLen #define total_public_memory ulTotalPublicMemory #define free_public_memory ulFreePublicMemory #define total_private_memory ulTotalPrivateMemory #define free_private_memory ulFreePrivateMemory #define utc_time utcTime #define ck_session_handle_t CK_SESSION_HANDLE #define ck_user_type_t CK_USER_TYPE #define ck_state_t CK_STATE #define ck_session_info _CK_SESSION_INFO #define slot_id slotID #define device_error ulDeviceError #define ck_object_handle_t CK_OBJECT_HANDLE #define ck_object_class_t CK_OBJECT_CLASS #define ck_hw_feature_type_t CK_HW_FEATURE_TYPE #define ck_key_type_t CK_KEY_TYPE #define ck_certificate_type_t CK_CERTIFICATE_TYPE #define ck_attribute_type_t CK_ATTRIBUTE_TYPE #define ck_attribute _CK_ATTRIBUTE #define value pValue #define value_len ulValueLen #define ck_date _CK_DATE #define ck_mechanism_type_t CK_MECHANISM_TYPE #define ck_mechanism _CK_MECHANISM #define parameter pParameter #define parameter_len ulParameterLen #define ck_mechanism_info _CK_MECHANISM_INFO #define min_key_size ulMinKeySize #define max_key_size ulMaxKeySize #define ck_rv_t CK_RV #define ck_notify_t CK_NOTIFY #define ck_function_list _CK_FUNCTION_LIST #define ck_createmutex_t CK_CREATEMUTEX #define ck_destroymutex_t CK_DESTROYMUTEX #define ck_lockmutex_t CK_LOCKMUTEX #define ck_unlockmutex_t CK_UNLOCKMUTEX #define ck_c_initialize_args _CK_C_INITIALIZE_ARGS #define create_mutex CreateMutex #define destroy_mutex DestroyMutex #define lock_mutex LockMutex #define unlock_mutex UnlockMutex #define reserved pReserved #endif /* CRYPTOKI_COMPAT */ typedef unsigned long ck_flags_t; struct ck_version { unsigned char major; unsigned char minor; }; struct ck_info { struct ck_version cryptoki_version; unsigned char manufacturer_id[32]; ck_flags_t flags; unsigned char library_description[32]; struct ck_version library_version; }; typedef unsigned long ck_notification_t; #define CKN_SURRENDER (0) typedef unsigned long ck_slot_id_t; struct ck_slot_info { unsigned char slot_description[64]; unsigned char manufacturer_id[32]; ck_flags_t flags; struct ck_version hardware_version; struct ck_version firmware_version; }; #define CKF_TOKEN_PRESENT (1 << 0) #define CKF_REMOVABLE_DEVICE (1 << 1) #define CKF_HW_SLOT (1 << 2) #define CKF_ARRAY_ATTRIBUTE (1 << 30) struct ck_token_info { unsigned char label[32]; unsigned char manufacturer_id[32]; unsigned char model[16]; unsigned char serial_number[16]; ck_flags_t flags; unsigned long max_session_count; unsigned long session_count; unsigned long max_rw_session_count; unsigned long rw_session_count; unsigned long max_pin_len; unsigned long min_pin_len; unsigned long total_public_memory; unsigned long free_public_memory; unsigned long total_private_memory; unsigned long free_private_memory; struct ck_version hardware_version; struct ck_version firmware_version; unsigned char utc_time[16]; }; #define CKF_RNG (1 << 0) #define CKF_WRITE_PROTECTED (1 << 1) #define CKF_LOGIN_REQUIRED (1 << 2) #define CKF_USER_PIN_INITIALIZED (1 << 3) #define CKF_RESTORE_KEY_NOT_NEEDED (1 << 5) #define CKF_CLOCK_ON_TOKEN (1 << 6) #define CKF_PROTECTED_AUTHENTICATION_PATH (1 << 8) #define CKF_DUAL_CRYPTO_OPERATIONS (1 << 9) #define CKF_TOKEN_INITIALIZED (1 << 10) #define CKF_SECONDARY_AUTHENTICATION (1 << 11) #define CKF_USER_PIN_COUNT_LOW (1 << 16) #define CKF_USER_PIN_FINAL_TRY (1 << 17) #define CKF_USER_PIN_LOCKED (1 << 18) #define CKF_USER_PIN_TO_BE_CHANGED (1 << 19) #define CKF_SO_PIN_COUNT_LOW (1 << 20) #define CKF_SO_PIN_FINAL_TRY (1 << 21) #define CKF_SO_PIN_LOCKED (1 << 22) #define CKF_SO_PIN_TO_BE_CHANGED (1 << 23) #define CKF_EC_F_P (1 << 20) #define CKF_EC_F_2M (1 << 21) #define CKF_EC_ECPARAMETERS (1 << 22) #define CKF_EC_NAMEDCURVE (1 << 23) #define CKF_EC_UNCOMPRESS (1 << 24) #define CKF_EC_COMPRESS (1 << 25) #define CK_UNAVAILABLE_INFORMATION ((unsigned long) -1) #define CK_EFFECTIVELY_INFINITE (0) typedef unsigned long ck_session_handle_t; #define CK_INVALID_HANDLE (0) typedef unsigned long ck_user_type_t; #define CKU_SO (0) #define CKU_USER (1) #define CKU_CONTEXT_SPECIFIC (2) typedef unsigned long ck_state_t; #define CKS_RO_PUBLIC_SESSION (0) #define CKS_RO_USER_FUNCTIONS (1) #define CKS_RW_PUBLIC_SESSION (2) #define CKS_RW_USER_FUNCTIONS (3) #define CKS_RW_SO_FUNCTIONS (4) struct ck_session_info { ck_slot_id_t slot_id; ck_state_t state; ck_flags_t flags; unsigned long device_error; }; #define CKF_RW_SESSION (1 << 1) #define CKF_SERIAL_SESSION (1 << 2) typedef unsigned long ck_object_handle_t; typedef unsigned long ck_object_class_t; #define CKO_DATA (0) #define CKO_CERTIFICATE (1) #define CKO_PUBLIC_KEY (2) #define CKO_PRIVATE_KEY (3) #define CKO_SECRET_KEY (4) #define CKO_HW_FEATURE (5) #define CKO_DOMAIN_PARAMETERS (6) #define CKO_MECHANISM (7) #define CKO_VENDOR_DEFINED ((unsigned long) (1 << 31)) typedef unsigned long ck_hw_feature_type_t; #define CKH_MONOTONIC_COUNTER (1) #define CKH_CLOCK (2) #define CKH_USER_INTERFACE (3) #define CKH_VENDOR_DEFINED ((unsigned long) (1 << 31)) typedef unsigned long ck_key_type_t; #define CKK_RSA (0) #define CKK_DSA (1) #define CKK_DH (2) #define CKK_ECDSA (3) #define CKK_EC (3) #define CKK_X9_42_DH (4) #define CKK_KEA (5) #define CKK_GENERIC_SECRET (0x10) #define CKK_RC2 (0x11) #define CKK_RC4 (0x12) #define CKK_DES (0x13) #define CKK_DES2 (0x14) #define CKK_DES3 (0x15) #define CKK_CAST (0x16) #define CKK_CAST3 (0x17) #define CKK_CAST128 (0x18) #define CKK_RC5 (0x19) #define CKK_IDEA (0x1a) #define CKK_SKIPJACK (0x1b) #define CKK_BATON (0x1c) #define CKK_JUNIPER (0x1d) #define CKK_CDMF (0x1e) #define CKK_AES (0x1f) #define CKK_BLOWFISH (0x20) #define CKK_TWOFISH (0x21) #define CKK_EC_EDWARDS (0x40) #define CKK_EC_MONTGOMERY (0x41) #define CKK_VENDOR_DEFINED ((unsigned long) (1 << 31)) typedef unsigned long ck_certificate_type_t; #define CKC_X_509 (0) #define CKC_X_509_ATTR_CERT (1) #define CKC_WTLS (2) #define CKC_VENDOR_DEFINED ((unsigned long) (1 << 31)) typedef unsigned long ck_attribute_type_t; #define CKA_CLASS (0UL) #define CKA_TOKEN (1UL) #define CKA_PRIVATE (2UL) #define CKA_LABEL (3UL) #define CKA_APPLICATION (0x10UL) #define CKA_VALUE (0x11UL) #define CKA_OBJECT_ID (0x12UL) #define CKA_CERTIFICATE_TYPE (0x80UL) #define CKA_ISSUER (0x81UL) #define CKA_SERIAL_NUMBER (0x82UL) #define CKA_AC_ISSUER (0x83UL) #define CKA_OWNER (0x84UL) #define CKA_ATTR_TYPES (0x85UL) #define CKA_TRUSTED (0x86UL) #define CKA_CERTIFICATE_CATEGORY (0x87UL) #define CKA_JAVA_MIDP_SECURITY_DOMAIN (0x88UL) #define CKA_URL (0x89UL) #define CKA_HASH_OF_SUBJECT_PUBLIC_KEY (0x8aUL) #define CKA_HASH_OF_ISSUER_PUBLIC_KEY (0x8bUL) #define CKA_CHECK_VALUE (0x90UL) #define CKA_KEY_TYPE (0x100UL) #define CKA_SUBJECT (0x101UL) #define CKA_ID (0x102UL) #define CKA_SENSITIVE (0x103UL) #define CKA_ENCRYPT (0x104UL) #define CKA_DECRYPT (0x105UL) #define CKA_WRAP (0x106UL) #define CKA_UNWRAP (0x107UL) #define CKA_SIGN (0x108UL) #define CKA_SIGN_RECOVER (0x109UL) #define CKA_VERIFY (0x10aUL) #define CKA_VERIFY_RECOVER (0x10bUL) #define CKA_DERIVE (0x10cUL) #define CKA_START_DATE (0x110UL) #define CKA_END_DATE (0x111UL) #define CKA_MODULUS (0x120UL) #define CKA_MODULUS_BITS (0x121UL) #define CKA_PUBLIC_EXPONENT (0x122UL) #define CKA_PRIVATE_EXPONENT (0x123UL) #define CKA_PRIME_1 (0x124UL) #define CKA_PRIME_2 (0x125UL) #define CKA_EXPONENT_1 (0x126UL) #define CKA_EXPONENT_2 (0x127UL) #define CKA_COEFFICIENT (0x128UL) #define CKA_PRIME (0x130UL) #define CKA_SUBPRIME (0x131UL) #define CKA_BASE (0x132UL) #define CKA_PRIME_BITS (0x133UL) #define CKA_SUB_PRIME_BITS (0x134UL) #define CKA_VALUE_BITS (0x160UL) #define CKA_VALUE_LEN (0x161UL) #define CKA_EXTRACTABLE (0x162UL) #define CKA_LOCAL (0x163UL) #define CKA_NEVER_EXTRACTABLE (0x164UL) #define CKA_ALWAYS_SENSITIVE (0x165UL) #define CKA_KEY_GEN_MECHANISM (0x166UL) #define CKA_MODIFIABLE (0x170UL) #define CKA_ECDSA_PARAMS (0x180UL) #define CKA_EC_PARAMS (0x180UL) #define CKA_EC_POINT (0x181UL) #define CKA_SECONDARY_AUTH (0x200UL) #define CKA_AUTH_PIN_FLAGS (0x201UL) #define CKA_ALWAYS_AUTHENTICATE (0x202UL) #define CKA_WRAP_WITH_TRUSTED (0x210UL) #define CKA_HW_FEATURE_TYPE (0x300UL) #define CKA_RESET_ON_INIT (0x301UL) #define CKA_HAS_RESET (0x302UL) #define CKA_PIXEL_X (0x400UL) #define CKA_PIXEL_Y (0x401UL) #define CKA_RESOLUTION (0x402UL) #define CKA_CHAR_ROWS (0x403UL) #define CKA_CHAR_COLUMNS (0x404UL) #define CKA_COLOR (0x405UL) #define CKA_BITS_PER_PIXEL (0x406UL) #define CKA_CHAR_SETS (0x480UL) #define CKA_ENCODING_METHODS (0x481UL) #define CKA_MIME_TYPES (0x482UL) #define CKA_MECHANISM_TYPE (0x500UL) #define CKA_REQUIRED_CMS_ATTRIBUTES (0x501UL) #define CKA_DEFAULT_CMS_ATTRIBUTES (0x502UL) #define CKA_SUPPORTED_CMS_ATTRIBUTES (0x503UL) #define CKA_WRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x211UL) #define CKA_UNWRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x212UL) #define CKA_ALLOWED_MECHANISMS (CKF_ARRAY_ATTRIBUTE | 0x600UL) #define CKA_VENDOR_DEFINED ((unsigned long) (1 << 31)) struct ck_attribute { ck_attribute_type_t type; void *value; unsigned long value_len; }; struct ck_date { unsigned char year[4]; unsigned char month[2]; unsigned char day[2]; }; typedef unsigned long ck_mechanism_type_t; #define CKM_RSA_PKCS_KEY_PAIR_GEN (0) #define CKM_RSA_PKCS (1) #define CKM_RSA_9796 (2) #define CKM_RSA_X_509 (3) #define CKM_MD2_RSA_PKCS (4) #define CKM_MD5_RSA_PKCS (5) #define CKM_SHA1_RSA_PKCS (6) #define CKM_RIPEMD128_RSA_PKCS (7) #define CKM_RIPEMD160_RSA_PKCS (8) #define CKM_RSA_PKCS_OAEP (9) #define CKM_RSA_X9_31_KEY_PAIR_GEN (0xa) #define CKM_RSA_X9_31 (0xb) #define CKM_SHA1_RSA_X9_31 (0xc) #define CKM_RSA_PKCS_PSS (0xd) #define CKM_SHA1_RSA_PKCS_PSS (0xe) #define CKM_DSA_KEY_PAIR_GEN (0x10) #define CKM_DSA (0x11) #define CKM_DSA_SHA1 (0x12) #define CKM_DH_PKCS_KEY_PAIR_GEN (0x20) #define CKM_DH_PKCS_DERIVE (0x21) #define CKM_X9_42_DH_KEY_PAIR_GEN (0x30) #define CKM_X9_42_DH_DERIVE (0x31) #define CKM_X9_42_DH_HYBRID_DERIVE (0x32) #define CKM_X9_42_MQV_DERIVE (0x33) #define CKM_SHA256_RSA_PKCS (0x40) #define CKM_SHA384_RSA_PKCS (0x41) #define CKM_SHA512_RSA_PKCS (0x42) #define CKM_SHA256_RSA_PKCS_PSS (0x43) #define CKM_SHA384_RSA_PKCS_PSS (0x44) #define CKM_SHA512_RSA_PKCS_PSS (0x45) #define CKM_RC2_KEY_GEN (0x100) #define CKM_RC2_ECB (0x101) #define CKM_RC2_CBC (0x102) #define CKM_RC2_MAC (0x103) #define CKM_RC2_MAC_GENERAL (0x104) #define CKM_RC2_CBC_PAD (0x105) #define CKM_RC4_KEY_GEN (0x110) #define CKM_RC4 (0x111) #define CKM_DES_KEY_GEN (0x120) #define CKM_DES_ECB (0x121) #define CKM_DES_CBC (0x122) #define CKM_DES_MAC (0x123) #define CKM_DES_MAC_GENERAL (0x124) #define CKM_DES_CBC_PAD (0x125) #define CKM_DES2_KEY_GEN (0x130) #define CKM_DES3_KEY_GEN (0x131) #define CKM_DES3_ECB (0x132) #define CKM_DES3_CBC (0x133) #define CKM_DES3_MAC (0x134) #define CKM_DES3_MAC_GENERAL (0x135) #define CKM_DES3_CBC_PAD (0x136) #define CKM_CDMF_KEY_GEN (0x140) #define CKM_CDMF_ECB (0x141) #define CKM_CDMF_CBC (0x142) #define CKM_CDMF_MAC (0x143) #define CKM_CDMF_MAC_GENERAL (0x144) #define CKM_CDMF_CBC_PAD (0x145) #define CKM_MD2 (0x200) #define CKM_MD2_HMAC (0x201) #define CKM_MD2_HMAC_GENERAL (0x202) #define CKM_MD5 (0x210) #define CKM_MD5_HMAC (0x211) #define CKM_MD5_HMAC_GENERAL (0x212) #define CKM_SHA_1 (0x220) #define CKM_SHA_1_HMAC (0x221) #define CKM_SHA_1_HMAC_GENERAL (0x222) #define CKM_RIPEMD128 (0x230) #define CKM_RIPEMD128_HMAC (0x231) #define CKM_RIPEMD128_HMAC_GENERAL (0x232) #define CKM_RIPEMD160 (0x240) #define CKM_RIPEMD160_HMAC (0x241) #define CKM_RIPEMD160_HMAC_GENERAL (0x242) #define CKM_SHA256 (0x250) #define CKM_SHA256_HMAC (0x251) #define CKM_SHA256_HMAC_GENERAL (0x252) #define CKM_SHA384 (0x260) #define CKM_SHA384_HMAC (0x261) #define CKM_SHA384_HMAC_GENERAL (0x262) #define CKM_SHA512 (0x270) #define CKM_SHA512_HMAC (0x271) #define CKM_SHA512_HMAC_GENERAL (0x272) #define CKM_CAST_KEY_GEN (0x300) #define CKM_CAST_ECB (0x301) #define CKM_CAST_CBC (0x302) #define CKM_CAST_MAC (0x303) #define CKM_CAST_MAC_GENERAL (0x304) #define CKM_CAST_CBC_PAD (0x305) #define CKM_CAST3_KEY_GEN (0x310) #define CKM_CAST3_ECB (0x311) #define CKM_CAST3_CBC (0x312) #define CKM_CAST3_MAC (0x313) #define CKM_CAST3_MAC_GENERAL (0x314) #define CKM_CAST3_CBC_PAD (0x315) #define CKM_CAST5_KEY_GEN (0x320) #define CKM_CAST128_KEY_GEN (0x320) #define CKM_CAST5_ECB (0x321) #define CKM_CAST128_ECB (0x321) #define CKM_CAST5_CBC (0x322) #define CKM_CAST128_CBC (0x322) #define CKM_CAST5_MAC (0x323) #define CKM_CAST128_MAC (0x323) #define CKM_CAST5_MAC_GENERAL (0x324) #define CKM_CAST128_MAC_GENERAL (0x324) #define CKM_CAST5_CBC_PAD (0x325) #define CKM_CAST128_CBC_PAD (0x325) #define CKM_RC5_KEY_GEN (0x330) #define CKM_RC5_ECB (0x331) #define CKM_RC5_CBC (0x332) #define CKM_RC5_MAC (0x333) #define CKM_RC5_MAC_GENERAL (0x334) #define CKM_RC5_CBC_PAD (0x335) #define CKM_IDEA_KEY_GEN (0x340) #define CKM_IDEA_ECB (0x341) #define CKM_IDEA_CBC (0x342) #define CKM_IDEA_MAC (0x343) #define CKM_IDEA_MAC_GENERAL (0x344) #define CKM_IDEA_CBC_PAD (0x345) #define CKM_GENERIC_SECRET_KEY_GEN (0x350) #define CKM_CONCATENATE_BASE_AND_KEY (0x360) #define CKM_CONCATENATE_BASE_AND_DATA (0x362) #define CKM_CONCATENATE_DATA_AND_BASE (0x363) #define CKM_XOR_BASE_AND_DATA (0x364) #define CKM_EXTRACT_KEY_FROM_KEY (0x365) #define CKM_SSL3_PRE_MASTER_KEY_GEN (0x370) #define CKM_SSL3_MASTER_KEY_DERIVE (0x371) #define CKM_SSL3_KEY_AND_MAC_DERIVE (0x372) #define CKM_SSL3_MASTER_KEY_DERIVE_DH (0x373) #define CKM_TLS_PRE_MASTER_KEY_GEN (0x374) #define CKM_TLS_MASTER_KEY_DERIVE (0x375) #define CKM_TLS_KEY_AND_MAC_DERIVE (0x376) #define CKM_TLS_MASTER_KEY_DERIVE_DH (0x377) #define CKM_SSL3_MD5_MAC (0x380) #define CKM_SSL3_SHA1_MAC (0x381) #define CKM_MD5_KEY_DERIVATION (0x390) #define CKM_MD2_KEY_DERIVATION (0x391) #define CKM_SHA1_KEY_DERIVATION (0x392) #define CKM_PBE_MD2_DES_CBC (0x3a0) #define CKM_PBE_MD5_DES_CBC (0x3a1) #define CKM_PBE_MD5_CAST_CBC (0x3a2) #define CKM_PBE_MD5_CAST3_CBC (0x3a3) #define CKM_PBE_MD5_CAST5_CBC (0x3a4) #define CKM_PBE_MD5_CAST128_CBC (0x3a4) #define CKM_PBE_SHA1_CAST5_CBC (0x3a5) #define CKM_PBE_SHA1_CAST128_CBC (0x3a5) #define CKM_PBE_SHA1_RC4_128 (0x3a6) #define CKM_PBE_SHA1_RC4_40 (0x3a7) #define CKM_PBE_SHA1_DES3_EDE_CBC (0x3a8) #define CKM_PBE_SHA1_DES2_EDE_CBC (0x3a9) #define CKM_PBE_SHA1_RC2_128_CBC (0x3aa) #define CKM_PBE_SHA1_RC2_40_CBC (0x3ab) #define CKM_PKCS5_PBKD2 (0x3b0) #define CKM_PBA_SHA1_WITH_SHA1_HMAC (0x3c0) #define CKM_KEY_WRAP_LYNKS (0x400) #define CKM_KEY_WRAP_SET_OAEP (0x401) #define CKM_SKIPJACK_KEY_GEN (0x1000) #define CKM_SKIPJACK_ECB64 (0x1001) #define CKM_SKIPJACK_CBC64 (0x1002) #define CKM_SKIPJACK_OFB64 (0x1003) #define CKM_SKIPJACK_CFB64 (0x1004) #define CKM_SKIPJACK_CFB32 (0x1005) #define CKM_SKIPJACK_CFB16 (0x1006) #define CKM_SKIPJACK_CFB8 (0x1007) #define CKM_SKIPJACK_WRAP (0x1008) #define CKM_SKIPJACK_PRIVATE_WRAP (0x1009) #define CKM_SKIPJACK_RELAYX (0x100a) #define CKM_KEA_KEY_PAIR_GEN (0x1010) #define CKM_KEA_KEY_DERIVE (0x1011) #define CKM_FORTEZZA_TIMESTAMP (0x1020) #define CKM_BATON_KEY_GEN (0x1030) #define CKM_BATON_ECB128 (0x1031) #define CKM_BATON_ECB96 (0x1032) #define CKM_BATON_CBC128 (0x1033) #define CKM_BATON_COUNTER (0x1034) #define CKM_BATON_SHUFFLE (0x1035) #define CKM_BATON_WRAP (0x1036) #define CKM_ECDSA_KEY_PAIR_GEN (0x1040) #define CKM_EC_KEY_PAIR_GEN (0x1040) #define CKM_ECDSA (0x1041) #define CKM_ECDSA_SHA1 (0x1042) #define CKM_ECDH1_DERIVE (0x1050) #define CKM_ECDH1_COFACTOR_DERIVE (0x1051) #define CKM_ECMQV_DERIVE (0x1052) #define CKM_EDDSA (0x1057) #define CKM_JUNIPER_KEY_GEN (0x1060) #define CKM_JUNIPER_ECB128 (0x1061) #define CKM_JUNIPER_CBC128 (0x1062) #define CKM_JUNIPER_COUNTER (0x1063) #define CKM_JUNIPER_SHUFFLE (0x1064) #define CKM_JUNIPER_WRAP (0x1065) #define CKM_FASTHASH (0x1070) #define CKM_AES_KEY_GEN (0x1080) #define CKM_AES_ECB (0x1081) #define CKM_AES_CBC (0x1082) #define CKM_AES_MAC (0x1083) #define CKM_AES_MAC_GENERAL (0x1084) #define CKM_AES_CBC_PAD (0x1085) #define CKM_DSA_PARAMETER_GEN (0x2000) #define CKM_DH_PKCS_PARAMETER_GEN (0x2001) #define CKM_X9_42_DH_PARAMETER_GEN (0x2002) #define CKM_VENDOR_DEFINED ((unsigned long) (1 << 31)) struct ck_mechanism { ck_mechanism_type_t mechanism; void *parameter; unsigned long parameter_len; }; struct ck_mechanism_info { unsigned long min_key_size; unsigned long max_key_size; ck_flags_t flags; }; #define CKF_HW (1 << 0) #define CKF_ENCRYPT (1 << 8) #define CKF_DECRYPT (1 << 9) #define CKF_DIGEST (1 << 10) #define CKF_SIGN (1 << 11) #define CKF_SIGN_RECOVER (1 << 12) #define CKF_VERIFY (1 << 13) #define CKF_VERIFY_RECOVER (1 << 14) #define CKF_GENERATE (1 << 15) #define CKF_GENERATE_KEY_PAIR (1 << 16) #define CKF_WRAP (1 << 17) #define CKF_UNWRAP (1 << 18) #define CKF_DERIVE (1 << 19) #define CKF_EXTENSION ((unsigned long) (1 << 31)) /* Flags for C_WaitForSlotEvent. */ #define CKF_DONT_BLOCK (1) typedef unsigned long ck_rv_t; typedef ck_rv_t (*ck_notify_t) (ck_session_handle_t session, ck_notification_t event, void *application); /* Forward reference. */ struct ck_function_list; #define _CK_DECLARE_FUNCTION(name, args) \ typedef ck_rv_t (*CK_ ## name) args; \ ck_rv_t CK_SPEC name args _CK_DECLARE_FUNCTION (C_Initialize, (void *init_args)); _CK_DECLARE_FUNCTION (C_Finalize, (void *reserved)); _CK_DECLARE_FUNCTION (C_GetInfo, (struct ck_info *info)); _CK_DECLARE_FUNCTION (C_GetFunctionList, (struct ck_function_list **function_list)); _CK_DECLARE_FUNCTION (C_GetSlotList, (unsigned char token_present, ck_slot_id_t *slot_list, unsigned long *count)); _CK_DECLARE_FUNCTION (C_GetSlotInfo, (ck_slot_id_t slot_id, struct ck_slot_info *info)); _CK_DECLARE_FUNCTION (C_GetTokenInfo, (ck_slot_id_t slot_id, struct ck_token_info *info)); _CK_DECLARE_FUNCTION (C_WaitForSlotEvent, (ck_flags_t flags, ck_slot_id_t *slot, void *reserved)); _CK_DECLARE_FUNCTION (C_GetMechanismList, (ck_slot_id_t slot_id, ck_mechanism_type_t *mechanism_list, unsigned long *count)); _CK_DECLARE_FUNCTION (C_GetMechanismInfo, (ck_slot_id_t slot_id, ck_mechanism_type_t type, struct ck_mechanism_info *info)); _CK_DECLARE_FUNCTION (C_InitToken, (ck_slot_id_t slot_id, unsigned char *pin, unsigned long pin_len, unsigned char *label)); _CK_DECLARE_FUNCTION (C_InitPIN, (ck_session_handle_t session, unsigned char *pin, unsigned long pin_len)); _CK_DECLARE_FUNCTION (C_SetPIN, (ck_session_handle_t session, unsigned char *old_pin, unsigned long old_len, unsigned char *new_pin, unsigned long new_len)); _CK_DECLARE_FUNCTION (C_OpenSession, (ck_slot_id_t slot_id, ck_flags_t flags, void *application, ck_notify_t notify, ck_session_handle_t *session)); _CK_DECLARE_FUNCTION (C_CloseSession, (ck_session_handle_t session)); _CK_DECLARE_FUNCTION (C_CloseAllSessions, (ck_slot_id_t slot_id)); _CK_DECLARE_FUNCTION (C_GetSessionInfo, (ck_session_handle_t session, struct ck_session_info *info)); _CK_DECLARE_FUNCTION (C_GetOperationState, (ck_session_handle_t session, unsigned char *operation_state, unsigned long *operation_state_len)); _CK_DECLARE_FUNCTION (C_SetOperationState, (ck_session_handle_t session, unsigned char *operation_state, unsigned long operation_state_len, ck_object_handle_t encryption_key, ck_object_handle_t authentiation_key)); _CK_DECLARE_FUNCTION (C_Login, (ck_session_handle_t session, ck_user_type_t user_type, unsigned char *pin, unsigned long pin_len)); _CK_DECLARE_FUNCTION (C_Logout, (ck_session_handle_t session)); _CK_DECLARE_FUNCTION (C_CreateObject, (ck_session_handle_t session, struct ck_attribute *templ, unsigned long count, ck_object_handle_t *object)); _CK_DECLARE_FUNCTION (C_CopyObject, (ck_session_handle_t session, ck_object_handle_t object, struct ck_attribute *templ, unsigned long count, ck_object_handle_t *new_object)); _CK_DECLARE_FUNCTION (C_DestroyObject, (ck_session_handle_t session, ck_object_handle_t object)); _CK_DECLARE_FUNCTION (C_GetObjectSize, (ck_session_handle_t session, ck_object_handle_t object, unsigned long *size)); _CK_DECLARE_FUNCTION (C_GetAttributeValue, (ck_session_handle_t session, ck_object_handle_t object, struct ck_attribute *templ, unsigned long count)); _CK_DECLARE_FUNCTION (C_SetAttributeValue, (ck_session_handle_t session, ck_object_handle_t object, struct ck_attribute *templ, unsigned long count)); _CK_DECLARE_FUNCTION (C_FindObjectsInit, (ck_session_handle_t session, struct ck_attribute *templ, unsigned long count)); _CK_DECLARE_FUNCTION (C_FindObjects, (ck_session_handle_t session, ck_object_handle_t *object, unsigned long max_object_count, unsigned long *object_count)); _CK_DECLARE_FUNCTION (C_FindObjectsFinal, (ck_session_handle_t session)); _CK_DECLARE_FUNCTION (C_EncryptInit, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_Encrypt, (ck_session_handle_t session, unsigned char *data, unsigned long data_len, unsigned char *encrypted_data, unsigned long *encrypted_data_len)); _CK_DECLARE_FUNCTION (C_EncryptUpdate, (ck_session_handle_t session, unsigned char *part, unsigned long part_len, unsigned char *encrypted_part, unsigned long *encrypted_part_len)); _CK_DECLARE_FUNCTION (C_EncryptFinal, (ck_session_handle_t session, unsigned char *last_encrypted_part, unsigned long *last_encrypted_part_len)); _CK_DECLARE_FUNCTION (C_DecryptInit, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_Decrypt, (ck_session_handle_t session, unsigned char *encrypted_data, unsigned long encrypted_data_len, unsigned char *data, unsigned long *data_len)); _CK_DECLARE_FUNCTION (C_DecryptUpdate, (ck_session_handle_t session, unsigned char *encrypted_part, unsigned long encrypted_part_len, unsigned char *part, unsigned long *part_len)); _CK_DECLARE_FUNCTION (C_DecryptFinal, (ck_session_handle_t session, unsigned char *last_part, unsigned long *last_part_len)); _CK_DECLARE_FUNCTION (C_DigestInit, (ck_session_handle_t session, struct ck_mechanism *mechanism)); _CK_DECLARE_FUNCTION (C_Digest, (ck_session_handle_t session, unsigned char *data, unsigned long data_len, unsigned char *digest, unsigned long *digest_len)); _CK_DECLARE_FUNCTION (C_DigestUpdate, (ck_session_handle_t session, unsigned char *part, unsigned long part_len)); _CK_DECLARE_FUNCTION (C_DigestKey, (ck_session_handle_t session, ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_DigestFinal, (ck_session_handle_t session, unsigned char *digest, unsigned long *digest_len)); _CK_DECLARE_FUNCTION (C_SignInit, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_Sign, (ck_session_handle_t session, unsigned char *data, unsigned long data_len, unsigned char *signature, unsigned long *signature_len)); _CK_DECLARE_FUNCTION (C_SignUpdate, (ck_session_handle_t session, unsigned char *part, unsigned long part_len)); _CK_DECLARE_FUNCTION (C_SignFinal, (ck_session_handle_t session, unsigned char *signature, unsigned long *signature_len)); _CK_DECLARE_FUNCTION (C_SignRecoverInit, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_SignRecover, (ck_session_handle_t session, unsigned char *data, unsigned long data_len, unsigned char *signature, unsigned long *signature_len)); _CK_DECLARE_FUNCTION (C_VerifyInit, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_Verify, (ck_session_handle_t session, unsigned char *data, unsigned long data_len, unsigned char *signature, unsigned long signature_len)); _CK_DECLARE_FUNCTION (C_VerifyUpdate, (ck_session_handle_t session, unsigned char *part, unsigned long part_len)); _CK_DECLARE_FUNCTION (C_VerifyFinal, (ck_session_handle_t session, unsigned char *signature, unsigned long signature_len)); _CK_DECLARE_FUNCTION (C_VerifyRecoverInit, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_VerifyRecover, (ck_session_handle_t session, unsigned char *signature, unsigned long signature_len, unsigned char *data, unsigned long *data_len)); _CK_DECLARE_FUNCTION (C_DigestEncryptUpdate, (ck_session_handle_t session, unsigned char *part, unsigned long part_len, unsigned char *encrypted_part, unsigned long *encrypted_part_len)); _CK_DECLARE_FUNCTION (C_DecryptDigestUpdate, (ck_session_handle_t session, unsigned char *encrypted_part, unsigned long encrypted_part_len, unsigned char *part, unsigned long *part_len)); _CK_DECLARE_FUNCTION (C_SignEncryptUpdate, (ck_session_handle_t session, unsigned char *part, unsigned long part_len, unsigned char *encrypted_part, unsigned long *encrypted_part_len)); _CK_DECLARE_FUNCTION (C_DecryptVerifyUpdate, (ck_session_handle_t session, unsigned char *encrypted_part, unsigned long encrypted_part_len, unsigned char *part, unsigned long *part_len)); _CK_DECLARE_FUNCTION (C_GenerateKey, (ck_session_handle_t session, struct ck_mechanism *mechanism, struct ck_attribute *templ, unsigned long count, ck_object_handle_t *key)); _CK_DECLARE_FUNCTION (C_GenerateKeyPair, (ck_session_handle_t session, struct ck_mechanism *mechanism, struct ck_attribute *public_key_template, unsigned long public_key_attribute_count, struct ck_attribute *private_key_template, unsigned long private_key_attribute_count, ck_object_handle_t *public_key, ck_object_handle_t *private_key)); _CK_DECLARE_FUNCTION (C_WrapKey, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t wrapping_key, ck_object_handle_t key, unsigned char *wrapped_key, unsigned long *wrapped_key_len)); _CK_DECLARE_FUNCTION (C_UnwrapKey, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t unwrapping_key, unsigned char *wrapped_key, unsigned long wrapped_key_len, struct ck_attribute *templ, unsigned long attribute_count, ck_object_handle_t *key)); _CK_DECLARE_FUNCTION (C_DeriveKey, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t base_key, struct ck_attribute *templ, unsigned long attribute_count, ck_object_handle_t *key)); _CK_DECLARE_FUNCTION (C_SeedRandom, (ck_session_handle_t session, unsigned char *seed, unsigned long seed_len)); _CK_DECLARE_FUNCTION (C_GenerateRandom, (ck_session_handle_t session, unsigned char *random_data, unsigned long random_len)); _CK_DECLARE_FUNCTION (C_GetFunctionStatus, (ck_session_handle_t session)); _CK_DECLARE_FUNCTION (C_CancelFunction, (ck_session_handle_t session)); struct ck_function_list { struct ck_version version; CK_C_Initialize C_Initialize; CK_C_Finalize C_Finalize; CK_C_GetInfo C_GetInfo; CK_C_GetFunctionList C_GetFunctionList; CK_C_GetSlotList C_GetSlotList; CK_C_GetSlotInfo C_GetSlotInfo; CK_C_GetTokenInfo C_GetTokenInfo; CK_C_GetMechanismList C_GetMechanismList; CK_C_GetMechanismInfo C_GetMechanismInfo; CK_C_InitToken C_InitToken; CK_C_InitPIN C_InitPIN; CK_C_SetPIN C_SetPIN; CK_C_OpenSession C_OpenSession; CK_C_CloseSession C_CloseSession; CK_C_CloseAllSessions C_CloseAllSessions; CK_C_GetSessionInfo C_GetSessionInfo; CK_C_GetOperationState C_GetOperationState; CK_C_SetOperationState C_SetOperationState; CK_C_Login C_Login; CK_C_Logout C_Logout; CK_C_CreateObject C_CreateObject; CK_C_CopyObject C_CopyObject; CK_C_DestroyObject C_DestroyObject; CK_C_GetObjectSize C_GetObjectSize; CK_C_GetAttributeValue C_GetAttributeValue; CK_C_SetAttributeValue C_SetAttributeValue; CK_C_FindObjectsInit C_FindObjectsInit; CK_C_FindObjects C_FindObjects; CK_C_FindObjectsFinal C_FindObjectsFinal; CK_C_EncryptInit C_EncryptInit; CK_C_Encrypt C_Encrypt; CK_C_EncryptUpdate C_EncryptUpdate; CK_C_EncryptFinal C_EncryptFinal; CK_C_DecryptInit C_DecryptInit; CK_C_Decrypt C_Decrypt; CK_C_DecryptUpdate C_DecryptUpdate; CK_C_DecryptFinal C_DecryptFinal; CK_C_DigestInit C_DigestInit; CK_C_Digest C_Digest; CK_C_DigestUpdate C_DigestUpdate; CK_C_DigestKey C_DigestKey; CK_C_DigestFinal C_DigestFinal; CK_C_SignInit C_SignInit; CK_C_Sign C_Sign; CK_C_SignUpdate C_SignUpdate; CK_C_SignFinal C_SignFinal; CK_C_SignRecoverInit C_SignRecoverInit; CK_C_SignRecover C_SignRecover; CK_C_VerifyInit C_VerifyInit; CK_C_Verify C_Verify; CK_C_VerifyUpdate C_VerifyUpdate; CK_C_VerifyFinal C_VerifyFinal; CK_C_VerifyRecoverInit C_VerifyRecoverInit; CK_C_VerifyRecover C_VerifyRecover; CK_C_DigestEncryptUpdate C_DigestEncryptUpdate; CK_C_DecryptDigestUpdate C_DecryptDigestUpdate; CK_C_SignEncryptUpdate C_SignEncryptUpdate; CK_C_DecryptVerifyUpdate C_DecryptVerifyUpdate; CK_C_GenerateKey C_GenerateKey; CK_C_GenerateKeyPair C_GenerateKeyPair; CK_C_WrapKey C_WrapKey; CK_C_UnwrapKey C_UnwrapKey; CK_C_DeriveKey C_DeriveKey; CK_C_SeedRandom C_SeedRandom; CK_C_GenerateRandom C_GenerateRandom; CK_C_GetFunctionStatus C_GetFunctionStatus; CK_C_CancelFunction C_CancelFunction; CK_C_WaitForSlotEvent C_WaitForSlotEvent; }; typedef ck_rv_t (*ck_createmutex_t) (void **mutex); typedef ck_rv_t (*ck_destroymutex_t) (void *mutex); typedef ck_rv_t (*ck_lockmutex_t) (void *mutex); typedef ck_rv_t (*ck_unlockmutex_t) (void *mutex); struct ck_c_initialize_args { ck_createmutex_t create_mutex; ck_destroymutex_t destroy_mutex; ck_lockmutex_t lock_mutex; ck_unlockmutex_t unlock_mutex; ck_flags_t flags; void *reserved; }; #define CKF_LIBRARY_CANT_CREATE_OS_THREADS (1 << 0) #define CKF_OS_LOCKING_OK (1 << 1) #define CKR_OK (0) #define CKR_CANCEL (1) #define CKR_HOST_MEMORY (2) #define CKR_SLOT_ID_INVALID (3) #define CKR_GENERAL_ERROR (5) #define CKR_FUNCTION_FAILED (6) #define CKR_ARGUMENTS_BAD (7) #define CKR_NO_EVENT (8) #define CKR_NEED_TO_CREATE_THREADS (9) #define CKR_CANT_LOCK (0xa) #define CKR_ATTRIBUTE_READ_ONLY (0x10) #define CKR_ATTRIBUTE_SENSITIVE (0x11) #define CKR_ATTRIBUTE_TYPE_INVALID (0x12) #define CKR_ATTRIBUTE_VALUE_INVALID (0x13) #define CKR_DATA_INVALID (0x20) #define CKR_DATA_LEN_RANGE (0x21) #define CKR_DEVICE_ERROR (0x30) #define CKR_DEVICE_MEMORY (0x31) #define CKR_DEVICE_REMOVED (0x32) #define CKR_ENCRYPTED_DATA_INVALID (0x40) #define CKR_ENCRYPTED_DATA_LEN_RANGE (0x41) #define CKR_FUNCTION_CANCELED (0x50) #define CKR_FUNCTION_NOT_PARALLEL (0x51) #define CKR_FUNCTION_NOT_SUPPORTED (0x54) #define CKR_KEY_HANDLE_INVALID (0x60) #define CKR_KEY_SIZE_RANGE (0x62) #define CKR_KEY_TYPE_INCONSISTENT (0x63) #define CKR_KEY_NOT_NEEDED (0x64) #define CKR_KEY_CHANGED (0x65) #define CKR_KEY_NEEDED (0x66) #define CKR_KEY_INDIGESTIBLE (0x67) #define CKR_KEY_FUNCTION_NOT_PERMITTED (0x68) #define CKR_KEY_NOT_WRAPPABLE (0x69) #define CKR_KEY_UNEXTRACTABLE (0x6a) #define CKR_MECHANISM_INVALID (0x70) #define CKR_MECHANISM_PARAM_INVALID (0x71) #define CKR_OBJECT_HANDLE_INVALID (0x82) #define CKR_OPERATION_ACTIVE (0x90) #define CKR_OPERATION_NOT_INITIALIZED (0x91) #define CKR_PIN_INCORRECT (0xa0) #define CKR_PIN_INVALID (0xa1) #define CKR_PIN_LEN_RANGE (0xa2) #define CKR_PIN_EXPIRED (0xa3) #define CKR_PIN_LOCKED (0xa4) #define CKR_SESSION_CLOSED (0xb0) #define CKR_SESSION_COUNT (0xb1) #define CKR_SESSION_HANDLE_INVALID (0xb3) #define CKR_SESSION_PARALLEL_NOT_SUPPORTED (0xb4) #define CKR_SESSION_READ_ONLY (0xb5) #define CKR_SESSION_EXISTS (0xb6) #define CKR_SESSION_READ_ONLY_EXISTS (0xb7) #define CKR_SESSION_READ_WRITE_SO_EXISTS (0xb8) #define CKR_SIGNATURE_INVALID (0xc0) #define CKR_SIGNATURE_LEN_RANGE (0xc1) #define CKR_TEMPLATE_INCOMPLETE (0xd0) #define CKR_TEMPLATE_INCONSISTENT (0xd1) #define CKR_TOKEN_NOT_PRESENT (0xe0) #define CKR_TOKEN_NOT_RECOGNIZED (0xe1) #define CKR_TOKEN_WRITE_PROTECTED (0xe2) #define CKR_UNWRAPPING_KEY_HANDLE_INVALID (0xf0) #define CKR_UNWRAPPING_KEY_SIZE_RANGE (0xf1) #define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT (0xf2) #define CKR_USER_ALREADY_LOGGED_IN (0x100) #define CKR_USER_NOT_LOGGED_IN (0x101) #define CKR_USER_PIN_NOT_INITIALIZED (0x102) #define CKR_USER_TYPE_INVALID (0x103) #define CKR_USER_ANOTHER_ALREADY_LOGGED_IN (0x104) #define CKR_USER_TOO_MANY_TYPES (0x105) #define CKR_WRAPPED_KEY_INVALID (0x110) #define CKR_WRAPPED_KEY_LEN_RANGE (0x112) #define CKR_WRAPPING_KEY_HANDLE_INVALID (0x113) #define CKR_WRAPPING_KEY_SIZE_RANGE (0x114) #define CKR_WRAPPING_KEY_TYPE_INCONSISTENT (0x115) #define CKR_RANDOM_SEED_NOT_SUPPORTED (0x120) #define CKR_RANDOM_NO_RNG (0x121) #define CKR_DOMAIN_PARAMS_INVALID (0x130) #define CKR_BUFFER_TOO_SMALL (0x150) #define CKR_SAVED_STATE_INVALID (0x160) #define CKR_INFORMATION_SENSITIVE (0x170) #define CKR_STATE_UNSAVEABLE (0x180) #define CKR_CRYPTOKI_NOT_INITIALIZED (0x190) #define CKR_CRYPTOKI_ALREADY_INITIALIZED (0x191) #define CKR_MUTEX_BAD (0x1a0) #define CKR_MUTEX_NOT_LOCKED (0x1a1) #define CKR_FUNCTION_REJECTED (0x200) #define CKR_VENDOR_DEFINED ((unsigned long) (1 << 31)) /* Compatibility layer. */ #ifdef CRYPTOKI_COMPAT #undef CK_DEFINE_FUNCTION #define CK_DEFINE_FUNCTION(retval, name) retval CK_SPEC name /* For NULL. */ #include typedef unsigned char CK_BYTE; typedef unsigned char CK_CHAR; typedef unsigned char CK_UTF8CHAR; typedef unsigned char CK_BBOOL; typedef unsigned long int CK_ULONG; typedef long int CK_LONG; typedef CK_BYTE *CK_BYTE_PTR; typedef CK_CHAR *CK_CHAR_PTR; typedef CK_UTF8CHAR *CK_UTF8CHAR_PTR; typedef CK_ULONG *CK_ULONG_PTR; typedef void *CK_VOID_PTR; typedef void **CK_VOID_PTR_PTR; #define CK_FALSE 0 #define CK_TRUE 1 #ifndef CK_DISABLE_TRUE_FALSE #ifndef FALSE #define FALSE 0 #endif #ifndef TRUE #define TRUE 1 #endif #endif typedef struct ck_version CK_VERSION; typedef struct ck_version *CK_VERSION_PTR; typedef struct ck_info CK_INFO; typedef struct ck_info *CK_INFO_PTR; typedef ck_slot_id_t *CK_SLOT_ID_PTR; typedef struct ck_slot_info CK_SLOT_INFO; typedef struct ck_slot_info *CK_SLOT_INFO_PTR; typedef struct ck_token_info CK_TOKEN_INFO; typedef struct ck_token_info *CK_TOKEN_INFO_PTR; typedef ck_session_handle_t *CK_SESSION_HANDLE_PTR; typedef struct ck_session_info CK_SESSION_INFO; typedef struct ck_session_info *CK_SESSION_INFO_PTR; typedef ck_object_handle_t *CK_OBJECT_HANDLE_PTR; typedef ck_object_class_t *CK_OBJECT_CLASS_PTR; typedef struct ck_attribute CK_ATTRIBUTE; typedef struct ck_attribute *CK_ATTRIBUTE_PTR; typedef struct ck_date CK_DATE; typedef struct ck_date *CK_DATE_PTR; typedef ck_mechanism_type_t *CK_MECHANISM_TYPE_PTR; typedef struct ck_mechanism CK_MECHANISM; typedef struct ck_mechanism *CK_MECHANISM_PTR; typedef struct ck_mechanism_info CK_MECHANISM_INFO; typedef struct ck_mechanism_info *CK_MECHANISM_INFO_PTR; typedef struct ck_function_list CK_FUNCTION_LIST; typedef struct ck_function_list *CK_FUNCTION_LIST_PTR; typedef struct ck_function_list **CK_FUNCTION_LIST_PTR_PTR; typedef struct ck_c_initialize_args CK_C_INITIALIZE_ARGS; typedef struct ck_c_initialize_args *CK_C_INITIALIZE_ARGS_PTR; #define NULL_PTR NULL /* Delete the helper macros defined at the top of the file. */ #undef ck_flags_t #undef ck_version #undef ck_info #undef cryptoki_version #undef manufacturer_id #undef library_description #undef library_version #undef ck_notification_t #undef ck_slot_id_t #undef ck_slot_info #undef slot_description #undef hardware_version #undef firmware_version #undef ck_token_info #undef serial_number #undef max_session_count #undef session_count #undef max_rw_session_count #undef rw_session_count #undef max_pin_len #undef min_pin_len #undef total_public_memory #undef free_public_memory #undef total_private_memory #undef free_private_memory #undef utc_time #undef ck_session_handle_t #undef ck_user_type_t #undef ck_state_t #undef ck_session_info #undef slot_id #undef device_error #undef ck_object_handle_t #undef ck_object_class_t #undef ck_hw_feature_type_t #undef ck_key_type_t #undef ck_certificate_type_t #undef ck_attribute_type_t #undef ck_attribute #undef value #undef value_len #undef ck_date #undef ck_mechanism_type_t #undef ck_mechanism #undef parameter #undef parameter_len #undef ck_mechanism_info #undef min_key_size #undef max_key_size #undef ck_rv_t #undef ck_notify_t #undef ck_function_list #undef ck_createmutex_t #undef ck_destroymutex_t #undef ck_lockmutex_t #undef ck_unlockmutex_t #undef ck_c_initialize_args #undef create_mutex #undef destroy_mutex #undef lock_mutex #undef unlock_mutex #undef reserved #endif /* CRYPTOKI_COMPAT */ /* System dependencies. */ #if defined(_WIN32) || defined(CRYPTOKI_FORCE_WIN32) #pragma pack(pop, cryptoki) #endif #if defined(__cplusplus) } #endif #endif /* PKCS11_H */ xca-RELEASE.2.9.0/lib/openssl_compat.h000066400000000000000000000016631477156507700173520ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2017 Christian Hohnstaedt. * * All rights reserved. */ /* This header equalizes a lot of OpenSSL 1.1.0 vs. 1.1.1 API clashes by defining some macros if OpenSSL < 1.1.1 is used. This way the code is written with the new API and have much less #ifdefs */ #ifndef __OPENSS_COMPAT_XCA_H #define __OPENSS_COMPAT_XCA_H #include #if OPENSSL_VERSION_NUMBER < 0x10101000L static inline int EVP_DigestSign(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen, const unsigned char *tbs, size_t tbslen) { return EVP_DigestSignUpdate(ctx, tbs, tbslen) && EVP_DigestSignFinal(ctx, sigret, siglen); } static inline int EVP_DigestVerify(EVP_MD_CTX *ctx, const unsigned char *sigret, size_t siglen, const unsigned char *tbs, size_t tbslen) { return EVP_DigestVerifyUpdate(ctx, tbs, tbslen) && EVP_DigestVerifyFinal(ctx, (unsigned char *)sigret, siglen); } #endif #endif xca-RELEASE.2.9.0/lib/pass_info.cpp000066400000000000000000000006071477156507700166350ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2007 Christian Hohnstaedt. * * All rights reserved. */ #include "pass_info.h" pass_info::pass_info(const QString &t, const QString &d, QWidget *w) : title(t), description(d), widget(w), type(tr("Password")), pixmap(QString(":keyImg")), result(pw_ok) { } void pass_info::setPin() { type = tr("PIN"); pixmap = QString(":scardImg"); } xca-RELEASE.2.9.0/lib/pass_info.h000066400000000000000000000021301477156507700162730ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2007 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PASS_INFO_H #define __PASS_INFO_H #include #include #include #include "lib/exception.h" class QWidget; class pass_info: public QObject { Q_OBJECT private: QString title{}; QString description{}; QWidget *widget{}; QString type{}; QString pixmap{}; enum open_result result{}; public: pass_info(const QString &t, const QString &d, QWidget *w = nullptr); QString getTitle() const { return title; } QString getDescription() const { return description; } QWidget *getWidget() { if (!widget) widget = qApp->activeWindow(); return widget; } QString getType() const { return type; } QString getImage() const { return pixmap; } enum open_result getResult() const { return result; } void setTitle(QString t) { title = t; } void setDescription(QString d) { description = d; } void setWidget(QWidget *w) { widget = w; } void setResult(enum open_result r) { result = r; } void setPin(); }; #endif xca-RELEASE.2.9.0/lib/pk11_attribute.cpp000066400000000000000000000064331477156507700175160ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2009 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #include "pkcs11.h" #include "pk11_attribute.h" #include "exception.h" #include void pk11_attribute::load(const slotid &slot, CK_SESSION_HANDLE sess, CK_OBJECT_HANDLE obj) { CK_RV rv; rv = slot.p11()->C_GetAttributeValue(sess, obj, &attr, 1); if (rv != CKR_OK) pk11error("C_GetAttribute()", rv); } void pk11_attr_data::load(const slotid &slot, CK_SESSION_HANDLE sess, CK_OBJECT_HANDLE obj) { CK_RV rv; if (attr.pValue) { free(attr.pValue); attr.pValue = NULL; } attr.ulValueLen = 0; rv = slot.p11()->C_GetAttributeValue(sess, obj, &attr, 1); if (rv == CKR_OK) { attr.pValue = malloc(attr.ulValueLen +1); Q_CHECK_PTR(attr.pValue); rv = slot.p11()->C_GetAttributeValue(sess, obj, &attr, 1); \ if (rv == CKR_OK) return; } pk11error("C_GetAttributeValue(data)", rv); \ } void pk11_attr_data::setValue(const unsigned char *ptr, unsigned long len) { if (attr.pValue) free(attr.pValue); if (!ptr || len == 0) { attr.ulValueLen = 0; attr.pValue = NULL; return; } attr.pValue = malloc(len+1); Q_CHECK_PTR(attr.pValue); memcpy(attr.pValue, ptr, len); attr.ulValueLen = len; ((char*)attr.pValue)[len] = 0; } void pk11_attr_data::setConstBignum(const BIGNUM *bn) { attr.ulValueLen = BN_num_bytes(bn); if (attr.pValue) free(attr.pValue); attr.pValue = malloc(attr.ulValueLen); Q_CHECK_PTR(attr.pValue); attr.ulValueLen = BN_bn2bin(bn, (unsigned char *)attr.pValue); } void pk11_attr_data::setBignum(BIGNUM *bn, bool consume) { setConstBignum(bn); if (consume) BN_free(bn); } void pk11_attribute::store(const slotid &slot, CK_SESSION_HANDLE sess, CK_OBJECT_HANDLE obj) { CK_RV rv; rv = slot.p11()->C_SetAttributeValue(sess, obj, &attr, 1); if (rv != CKR_OK) pk11error("C_SetAttributeValue", rv); } void pk11_attlist::copy(const pk11_attlist &a) { reset(); attlen = a.attlen; alloc_len = a.alloc_len; if (alloc_len) { attributes = (CK_ATTRIBUTE *)malloc(alloc_len *sizeof(*attributes)); Q_CHECK_PTR(attributes); memcpy(attributes, a.attributes, attlen *sizeof(*attributes)); } for (unsigned long i=0; itype = a.attr.type; attr->ulValueLen = a.attr.ulValueLen; attr->pValue = malloc(attr->ulValueLen +1); Q_CHECK_PTR(attr->pValue); memcpy(attr->pValue, a.attr.pValue, attr->ulValueLen); ((char*)attr->pValue)[attr->ulValueLen] = 0; } void pk11_attlist::reset() { for (unsigned long i=0; i #include #include #include "opensc-pkcs11.h" #include "exception.h" #define UTF8QSTRING(x,s) QString::fromUtf8((const char*)(x), s).trimmed() #define ASCIIQSTRING(x,s) QString::fromLatin1((const char*)(x), s).trimmed() class pk11_attlist; class pk11_attribute { friend class pk11_attlist; protected: CK_ATTRIBUTE attr{}; public: pk11_attribute(unsigned long type) { attr.type = type; } virtual ~pk11_attribute() { } const CK_ATTRIBUTE *getAttribute() const { return &attr; } unsigned long type() const { return attr.type; } QByteArray getData() const { return QByteArray((char*)attr.pValue, attr.ulValueLen); } virtual void store(const slotid &slot, CK_SESSION_HANDLE sess, CK_OBJECT_HANDLE obj); virtual void load(const slotid &slot, CK_SESSION_HANDLE sess, CK_OBJECT_HANDLE obj); bool cmp(const pk11_attribute &other) const { return (attr.type == other.attr.type) && (attr.ulValueLen == other.attr.ulValueLen) && !memcmp(attr.pValue, other.attr.pValue, attr.ulValueLen); } bool operator == (const pk11_attribute &other) const { return cmp(other); } }; class pk11_attr_bool: public pk11_attribute { protected: unsigned char value; public: pk11_attr_bool(unsigned long type, bool v = false) :pk11_attribute(type) { attr.pValue = &value; attr.ulValueLen = sizeof(value); setValue(v); } pk11_attr_bool(const pk11_attr_bool &p) :pk11_attribute(p.type()) { attr.pValue = &value; attr.ulValueLen = sizeof(value); setValue(p.value); } bool getValue() const { return value ? true : false; } void setValue(unsigned long v) { value = v ? 1 : 0; } }; class pk11_attr_ulong: public pk11_attribute { protected: unsigned long value; public: pk11_attr_ulong(unsigned long type, unsigned long v = 0) :pk11_attribute(type) { attr.pValue = &value; attr.ulValueLen = sizeof(value); setValue(v); } pk11_attr_ulong(const pk11_attr_ulong &p) :pk11_attribute(p.type()) { attr.pValue = &value; attr.ulValueLen = sizeof(value); setValue(p.value); } unsigned long getValue() const { return value; } void setValue(unsigned long v) { value = v; } }; class pk11_attr_data: public pk11_attribute { public: pk11_attr_data() :pk11_attribute(0) { } pk11_attr_data(unsigned long type, const unsigned char *v = NULL, unsigned long len = 0) :pk11_attribute(type) { setValue(v, len); } pk11_attr_data(const pk11_attr_data &p) :pk11_attribute(p.type()) { const unsigned char *ptr; unsigned long size = p.getValue(&ptr); setValue(ptr, size); } pk11_attr_data(unsigned long type, QByteArray ba) :pk11_attribute(type) { setValue((const unsigned char *)ba.constData(), ba.size()); } pk11_attr_data(unsigned long type, BIGNUM *bn, bool consume=true) :pk11_attribute(type) { setBignum(bn, consume); } pk11_attr_data(unsigned long type, const BIGNUM *bn) :pk11_attribute(type) { setConstBignum(bn); } pk11_attr_data(unsigned long type, unsigned long value) :pk11_attribute(type) { setULong(value); } void setULong(unsigned long value) { BIGNUM *bn = BN_new(); Q_CHECK_PTR(bn); BN_set_word(bn, value); setBignum(bn, true); } unsigned long getValue(const unsigned char **ptr) const { *ptr = (const unsigned char*)attr.pValue; return attr.ulValueLen; } ~pk11_attr_data() { if (attr.pValue) { memset(attr.pValue, 0, attr.ulValueLen); free(attr.pValue); } } QString getText() const { unsigned long len = attr.ulValueLen; char *p = (char*)attr.pValue; /* Fixup 0 padded attributes, returned by some broken libs like OpenLimit */ while (p[len-1] == 0 && len > 0) len--; return UTF8QSTRING(attr.pValue, len); } BIGNUM *getBignum() const { return BN_bin2bn((unsigned char*)attr.pValue, attr.ulValueLen, NULL); } void setBignum(BIGNUM *bn, bool consume=true); void setConstBignum(const BIGNUM *bn); void load(const slotid &slot, CK_SESSION_HANDLE sess, CK_OBJECT_HANDLE obj); void setValue(const unsigned char *ptr, unsigned long len); pk11_attr_data &operator = (const pk11_attr_data &p) { const unsigned char *ptr; unsigned long size = p.getValue(&ptr); attr.type = p.attr.type; setValue(ptr, size); return *this; } }; class pk11_attlist { private: CK_ATTRIBUTE *attributes; unsigned long attlen; unsigned long alloc_len; void init() { attlen = 0; alloc_len = 0; attributes = NULL; } public: pk11_attlist() { init(); } pk11_attlist(const pk11_attlist &a); pk11_attlist(const pk11_attribute &a) { init(); addAttribute(a); } ~pk11_attlist(); unsigned long get(CK_ATTRIBUTE **attp) { *attp = attributes; return attlen; } void addAttribute(const pk11_attribute &a); pk11_attlist &operator << (const pk11_attribute &a) { addAttribute(a); return *this; } CK_ATTRIBUTE *getAttributes() { return attributes; } unsigned long length() { return attlen; } pk11_attlist &operator = (const pk11_attlist &a) { copy(a); return *this; } void copy(const pk11_attlist &a); void reset(); }; #endif xca-RELEASE.2.9.0/lib/pkcs11.cpp000066400000000000000000000572341477156507700157660ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2009 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "pkcs11_lib.h" #include "pkcs11.h" #include "pk11_attribute.h" #include "exception.h" #include "db_base.h" #include "func.h" #include "pass_info.h" #include "Passwd.h" #include "entropy.h" #include #include #include #include #include #include "PwDialogCore.h" #include "XcaWarningCore.h" #pragma message ("split PwDialog into console and GUI") #include "ui_SelectToken.h" #include void waitcursor(int start, int line) { qDebug() << "Waitcursor" << (start ? "start" : "end") << line; ign_openssl_error(); if (!IS_GUI_APP) return; if (start) QApplication::setOverrideCursor(QCursor(Qt::WaitCursor)); else QApplication::restoreOverrideCursor(); } pkcs11_lib_list pkcs11::libraries; int pkcs11::pctr; pkcs11::pkcs11() { session = CK_INVALID_HANDLE; p11obj = CK_INVALID_HANDLE; qDebug() << "PKCS11 Counter"<< ++pctr; } pkcs11::~pkcs11() { try { closeSession(p11slot); } catch ( ... ) { } qDebug() << "PKCS11 Counter"<< --pctr; } void pkcs11::closeSession(const slotid &slot) { if (session != CK_INVALID_HANDLE && slot.p11()) { CK_RV rv; CALL_P11_C(p11slot.lib, C_CloseSession, session); if (rv != CKR_OK) pk11error(slot, "C_CloseSession", rv); } session = CK_INVALID_HANDLE; } void pkcs11::startSession(const slotid &slot, bool rw) { CK_RV rv; unsigned long flags = CKF_SERIAL_SESSION | (rw ? CKF_RW_SESSION : 0); closeSession(slot); CALL_P11_C(slot.lib, C_OpenSession, slot.id, flags, NULL, NULL, &session); if (rv != CKR_OK) pk11error(slot, "C_OpenSession", rv); p11slot = slot; } void pkcs11::getRandom() { CK_BYTE buf[64]; CK_ULONG len = sizeof buf; CK_RV rv; if (Entropy::get(buf, len)) { CALL_P11_C(p11slot.lib, C_SeedRandom, session, buf, len); } CALL_P11_C(p11slot.lib, C_GenerateRandom, session, buf, len); if (rv == CKR_OK) Entropy::add_buf(buf, len); else qDebug("C_GenerateRandom: %s", pk11errorString(rv)); } QList pkcs11::mechanismList(const slotid &slot) { CK_RV rv; CK_MECHANISM_TYPE *m; QList ml; unsigned long count; CALL_P11_C(slot.lib, C_GetMechanismList, slot.id, NULL, &count); if (count != 0) { m = (CK_MECHANISM_TYPE *)malloc(count *sizeof(*m)); Q_CHECK_PTR(m); CALL_P11_C(slot.lib, C_GetMechanismList, slot.id, m, &count); if (rv != CKR_OK) { free(m); pk11error(slot, "C_GetMechanismList", rv); } for (unsigned i=0; ilogin(NULL, 0, so); } catch (errorEx &e) { err = e; } } }; static QDialog *newPinPadBox() { QDialog *box = new QDialog(NULL, Qt::WindowStaysOnTopHint); box->setWindowTitle(XCA_TITLE); QHBoxLayout *h = new QHBoxLayout(box); QLabel *l = new QLabel(); l->setPixmap(QPixmap(":scardImg")); l->setMaximumSize(QSize(95, 40)); l->setScaledContents(true); h->addWidget(l); l = new QLabel(QObject::tr("Please enter the PIN on the PinPad")); h->addWidget(l); return box; } bool pkcs11::tokenLoginForModification() { tkInfo ti = tokenInfo(); return !tokenLogin(ti.label(), ti.need_SO_for_object_mod()).isNull(); } QString pkcs11::tokenLogin(const QString &name, bool so, bool force) { Passwd pin; bool need_login; QString text = so ? QObject::tr("Please enter the SO PIN (PUK) of the token %1"): QObject::tr("Please enter the PIN of the token %1"); pass_info p(XCA_TITLE, text.arg(name)); p.setPin(); need_login = needsLogin(so); if (force || need_login) { if (!need_login) logout(); if (tokenInfo().protAuthPath()) { pin = ""; // Indicate success QDialog *pinpadbox = newPinPadBox(); pinpadbox->show(); pinPadLoginThread ppt(this, so); ppt.start(); while(!ppt.wait(20)) { qApp->processEvents(); pinpadbox->raise(); } delete pinpadbox; if (!ppt.err.isEmpty()) throw errorEx(ppt.err); } else { if (PwDialogCore::execute(&p, &pin, false) != 1) return QString(); login(pin.constUchar(), pin.size(), so); } } else { return QString(""); } return QString(pin); } bool pkcs11::selectToken(slotid *slot, QWidget *w) { slotidList p11_slots = getSlotList(); QStringList slotnames; QList slotsWithToken; for (int i = 0; i < p11_slots.count(); i++) { try { tkInfo info; CK_RV rv = tokenInfo(p11_slots[i], &info); if (rv == CKR_TOKEN_NOT_PRESENT) continue; slotsWithToken.append(i); slotnames << QString("%1 (#%2)"). arg(info.label()).arg(info.serial()); } catch (errorEx &e) { XCA_WARN(QString("Error: %1").arg(e.getString())); } } switch (slotnames.count()) { case 0: XCA_WARN(QObject::tr("No Security token found")); return false; case 1: *slot = p11_slots[slotsWithToken[0]]; return true; } Ui::SelectToken ui; QDialog *select_slot = new QDialog(w); ui.setupUi(select_slot); ui.image->setPixmap(QPixmap(":scardImg")); ui.tokenBox->addItems(slotnames); ui.buttonBox->button(QDialogButtonBox::Ok)->setText(QObject::tr("Select")); select_slot->setWindowTitle(XCA_TITLE); if (select_slot->exec() == 0) { delete select_slot; return false; } int selected = ui.tokenBox->currentIndex(); *slot = p11_slots[slotsWithToken[selected]]; delete select_slot; return true; } void pkcs11::setPin(unsigned char *oldPin, unsigned long oldPinLen, unsigned char *pin, unsigned long pinLen) { CK_RV rv; p11slot.isValid(); CALL_P11_C(p11slot.lib, C_SetPIN, session, oldPin, oldPinLen, pin, pinLen); if (rv != CKR_OK) pk11error("C_SetPIN", rv); } static QString newSoPinTxt = QObject::tr( "Please enter the new SO PIN (PUK) for the token: '%1'"); static QString newPinTxt = QObject::tr( "Please enter the new PIN for the token: '%1'"); void pkcs11::changePin(const slotid &slot, bool so) { Passwd newPin, pinp; QString pin; startSession(slot, true); tkInfo ti = tokenInfo(); if (ti.protAuthPath()) { setPin(NULL, 0, NULL, 0); return; } pin = tokenLogin(ti.label(), so, true); if (pin.isNull()) return; QString msg = so ? newSoPinTxt : newPinTxt; pass_info p(XCA_TITLE, msg.arg(ti.label()) + "\n" + ti.pinInfo()); p.setPin(); if (PwDialogCore::execute(&p, &newPin, true) == 1) { pinp = pin.toLatin1(); setPin(pinp.constUchar(), pinp.size(), newPin.constUchar(), newPin.size()); } logout(); } void pkcs11::initPin(const slotid &slot) { Passwd newPin, pinp; int ret = 1; startSession(slot, true); tkInfo ti = tokenInfo(); if (tokenLogin(ti.label(), true, false).isNull()) return; pass_info p(XCA_TITLE, newPinTxt.arg(ti.label()) + "\n" + ti.pinInfo()); p.setPin(); if (!ti.protAuthPath()) { ret = PwDialogCore::execute(&p, &newPin, true); pinp = newPin; } p11slot.isValid(); if (ret == 1) { CK_RV rv; CALL_P11_C(p11slot.lib, C_InitPIN, session, pinp.constUchar(), pinp.size()); if (rv != CKR_OK) pk11error("C_InitPIN", rv); } logout(); } void pkcs11::initToken(const slotid &slot, unsigned char *pin, int pinlen, QString label) { CK_RV rv; unsigned char clabel[32]; QByteArray ba = label.toUtf8().left(32); memset(clabel, ' ', 32); memcpy(clabel, ba.constData(), ba.size()); CALL_P11_C(slot.lib, C_InitToken, slot.id, pin, pinlen, clabel); if (rv != CKR_OK) pk11error(slot, "C_InitToken", rv); } tkInfo pkcs11::tokenInfo(const slotid &slot) const { tkInfo ti; CK_RV rv = tokenInfo(slot, &ti); if (rv != CKR_OK) { pk11error(slot, "C_GetTokenInfo", rv); } return ti; } CK_RV pkcs11::tokenInfo(const slotid &slot, tkInfo *tkinfo) const { CK_TOKEN_INFO token_info; CK_RV rv; CALL_P11_C(slot.lib, C_GetTokenInfo, slot.id, &token_info); if (rv == CKR_OK) tkinfo->set(&token_info); return rv; } void pkcs11::loadAttribute(pk11_attribute &attribute, CK_OBJECT_HANDLE object) { p11slot.isValid(); attribute.load(p11slot, session, object); } void pkcs11::storeAttribute(pk11_attribute &attribute, CK_OBJECT_HANDLE object) { p11slot.isValid(); attribute.store(p11slot, session, object); } CK_OBJECT_HANDLE pkcs11::createObject(pk11_attlist &attrs) { CK_RV rv; CK_OBJECT_HANDLE obj; p11slot.isValid(); CALL_P11_C(p11slot.lib, C_CreateObject, session, attrs.getAttributes(), attrs.length(), &obj); if (rv != CKR_OK) { pk11error("C_CreateObject", rv); } return obj; } int pkcs11::deleteObjects(QList objects) { CK_RV rv; p11slot.isValid(); for (int i=0; i< objects.count(); i++) { CALL_P11_C(p11slot.lib, C_DestroyObject, session, objects[i]); if (rv != CKR_OK) { pk11error("C_DestroyObject", rv); } } return objects.count(); } #define ID_LEN 8 pk11_attr_data pkcs11::findUniqueID(unsigned long oclass) const { pk11_attr_data id(CKA_ID); pk11_attr_ulong class_att(CKA_CLASS, oclass); while (1) { unsigned char buf[ID_LEN]; pk11_attlist atts(class_att); RAND_bytes(buf, ID_LEN); id.setValue(buf, ID_LEN); atts << id; if (objectList(atts).count() == 0) break; } return id; } pk11_attr_data pkcs11::generateKey(QString name, unsigned long mech, unsigned long bits, int nid, const pk11_attr_data &id) { #ifdef OPENSSL_NO_EC (void)nid; #endif tkInfo ti = tokenInfo(); CK_RV rv; CK_OBJECT_HANDLE pubkey, privkey, dsa_param_obj; pk11_attlist priv_atts, pub_atts, dsa_param; CK_MECHANISM mechanism = {mech, NULL_PTR, 0}; pk11_attr_data label(CKA_LABEL, name.toUtf8()); pub_atts << label << id << pk11_attr_ulong(CKA_CLASS, CKO_PUBLIC_KEY) << pk11_attr_bool(CKA_TOKEN, true) << pk11_attr_bool(CKA_PRIVATE, false) << pk11_attr_bool(CKA_ENCRYPT, true) << pk11_attr_bool(CKA_VERIFY, true) << pk11_attr_bool(CKA_WRAP, true); priv_atts << label << id << pk11_attr_ulong(CKA_CLASS, CKO_PRIVATE_KEY) << pk11_attr_bool(CKA_TOKEN, true) << pk11_attr_bool(CKA_PRIVATE, true) << pk11_attr_bool(CKA_SENSITIVE, true) << pk11_attr_bool(CKA_DECRYPT, true) << pk11_attr_bool(CKA_SIGN, true) << pk11_attr_bool(CKA_UNWRAP, true); switch (mech) { case CKM_RSA_PKCS_KEY_PAIR_GEN: pub_atts << pk11_attr_ulong(CKA_MODULUS_BITS, bits) << pk11_attr_data(CKA_PUBLIC_EXPONENT, 0x10001); break; case CKM_DSA_KEY_PAIR_GEN: { //DSA: Spec Page 191 (175) C_GenerateKey CK_MECHANISM mechanism = {CKM_DSA_PARAMETER_GEN, NULL_PTR, 0}; dsa_param << label << pk11_attr_ulong(CKA_CLASS, CKO_DOMAIN_PARAMETERS) << pk11_attr_ulong(CKA_KEY_TYPE, CKK_DSA) << pk11_attr_bool(CKA_TOKEN, !ti.set_token_attr_false_dsa_param()) << pk11_attr_bool(CKA_PRIVATE, false) << pk11_attr_ulong(CKA_PRIME_BITS, bits); p11slot.isValid(); CALL_P11_C(p11slot.lib, C_GenerateKey, session, &mechanism, dsa_param.getAttributes(), dsa_param.length(), &dsa_param_obj); if (rv != CKR_OK) pk11error("C_GenerateKey(DSA_PARAMETER)", rv); pk11_attr_data p(CKA_PRIME), q(CKA_SUBPRIME), g(CKA_BASE); loadAttribute(p, dsa_param_obj); loadAttribute(q, dsa_param_obj); loadAttribute(g, dsa_param_obj); pub_atts << p << q << g; break; } #ifndef OPENSSL_NO_EC case CKM_EC_KEY_PAIR_GEN: { CK_MECHANISM_INFO info; mechanismInfo(p11slot, CKM_EC_KEY_PAIR_GEN, &info); EC_GROUP *group = EC_GROUP_new_by_curve_name(nid); EC_GROUP_set_asn1_flag(group, ((info.flags & CKF_EC_NAMEDCURVE) || ti.force_keygen_named_curve()) ? OPENSSL_EC_NAMED_CURVE : 0); priv_atts << pk11_attr_bool(CKA_DERIVE, false); pub_atts << pk11_attr_data(CKA_EC_PARAMS, i2d_bytearray(I2D_VOID(i2d_ECPKParameters), group)); EC_GROUP_free(group); break; } #endif default: throw errorEx(("Unsupported Key generation mechanism")); } p11slot.isValid(); CALL_P11_C(p11slot.lib, C_GenerateKeyPair, session, &mechanism, pub_atts.getAttributes(), pub_atts.length(), priv_atts.getAttributes(), priv_atts.length(), &pubkey, &privkey); if (rv != CKR_OK) { pk11error("C_GenerateKeyPair", rv); } return id; } QList pkcs11::objectList(pk11_attlist &atts) const { CK_RV rv; CK_OBJECT_HANDLE objects[256]; QList list; unsigned long len, i, att_num; CK_ATTRIBUTE *attribute; att_num = atts.get(&attribute); p11slot.isValid(); CALL_P11_C(p11slot.lib, C_FindObjectsInit, session, attribute, att_num); if (rv != CKR_OK) pk11error("C_FindObjectsInit", rv); do { CALL_P11_C(p11slot.lib, C_FindObjects, session, objects, 256, &len); if (rv != CKR_OK) pk11error("C_FindObjects", rv); for (i=0; i= 0x30000000L) static int eng_pmeth_copy(EVP_PKEY_CTX *dst, const EVP_PKEY_CTX *src) #else static int eng_pmeth_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src) #endif { void *p = EVP_PKEY_CTX_get_app_data((EVP_PKEY_CTX *)src); EVP_PKEY_CTX_set_app_data(dst, p); return 1; } #endif static int rsa_privdata_free(RSA *rsa) { pkcs11 *priv = (pkcs11*)RSA_get_app_data(rsa); delete priv; return 0; } static int rsa_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA * rsa, int padding) { pkcs11 *priv = (pkcs11*)RSA_get_app_data(rsa); const BIGNUM *n = NULL; if (padding != RSA_PKCS1_PADDING) { return -1; } RSA_get0_key(rsa, &n, NULL, NULL); return priv->encrypt(flen, from, to, BN_num_bytes(n), CKM_RSA_PKCS); } static int rsa_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA * rsa, int padding) { pkcs11 *priv = (pkcs11*)RSA_get_app_data(rsa); if (padding != RSA_PKCS1_PADDING) { return -1; } return priv->decrypt(flen, from, to, flen, CKM_RSA_PKCS); } static int dsa_privdata_free(DSA *dsa) { pkcs11 *p11 = (pkcs11*)DSA_get_ex_data(dsa, 0); delete p11; return 0; } static DSA_SIG *dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa) { int len, rs_len; unsigned char rs_buf[128]; pkcs11 *p11 = (pkcs11*)DSA_get_ex_data(dsa, 0); DSA_SIG *dsa_sig = DSA_SIG_new(); BIGNUM *r, *s; // siglen is unsigned and can't cope with -1 as return value len = p11->encrypt(dlen, dgst, rs_buf, sizeof rs_buf, CKM_DSA); if (len & 0x01) // Must be even goto out; rs_len = len / 2; r = BN_bin2bn(rs_buf, rs_len, NULL); s = BN_bin2bn(rs_buf + rs_len, rs_len, NULL); DSA_SIG_set0(dsa_sig, r, s); if (r && s) return dsa_sig; out: DSA_SIG_free(dsa_sig); ign_openssl_error(); return NULL; } #ifndef OPENSSL_NO_EC static void ec_privdata_free(EC_KEY *ec) { pkcs11 *p11 = (pkcs11*)EC_KEY_get_ex_data(ec, 0); delete p11; } static int ec_sign_setup(EC_KEY *ec, BN_CTX *ctx, BIGNUM **kinvp, BIGNUM **rp) { (void) ec; (void) ctx; (void) kinvp; (void) rp; return 1; } static ECDSA_SIG *ec_do_sign(const unsigned char *dgst, int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *ec) { int len, rs_len; unsigned char rs_buf[512]; ECDSA_SIG *ec_sig = ECDSA_SIG_new(); pkcs11 *p11 = (pkcs11 *) EC_KEY_get_ex_data(ec, 0); BIGNUM *r, *s; (void) in_kinv; (void) in_r; // siglen is unsigned and can' cope with -1 as return value len = p11->encrypt(dgst_len, dgst, rs_buf, sizeof rs_buf, CKM_ECDSA); if (len & 0x01) // Must be even goto out; /* The buffer contains r and s concatenated * Both of equal size * pkcs-11v2-20.pdf chapter 12.13.1, page 232 */ rs_len = len / 2; r = BN_bin2bn(rs_buf, rs_len, NULL); s = BN_bin2bn(rs_buf + rs_len, rs_len, NULL); ECDSA_SIG_set0(ec_sig, r, s); if (r && s) return ec_sig; out: ECDSA_SIG_free(ec_sig); ign_openssl_error(); return NULL; } static int ec_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig, unsigned int *siglen, const BIGNUM *kinv, const BIGNUM *r, EC_KEY *ec) { ECDSA_SIG *ec_sig; int ret = 0; int len; (void) type; ec_sig = ec_do_sign(dgst, dlen, kinv, r, ec); if (!ec_sig) return 0; len = i2d_ECDSA_SIG(ec_sig, &sig); if (len <= 0) goto out; *siglen = len; ret = 1; out: ECDSA_SIG_free(ec_sig); ign_openssl_error(); return ret; } static EC_KEY_METHOD *setup_ec_key_meth() { EC_KEY_METHOD *ec_key_meth; int (*ec_init_proc)(EC_KEY *key); void (*ec_finish_proc)(EC_KEY *key); int (*ec_copy_proc)(EC_KEY *dest, const EC_KEY *src); int (*ec_set_group_proc)(EC_KEY *key, const EC_GROUP *grp); int (*ec_set_private_proc)(EC_KEY *key, const BIGNUM *priv_key); int (*ec_set_public_proc)(EC_KEY *key, const EC_POINT *pub_key); ec_key_meth = EC_KEY_METHOD_new(EC_KEY_get_default_method()); EC_KEY_METHOD_set_sign(ec_key_meth, ec_sign, ec_sign_setup, ec_do_sign); EC_KEY_METHOD_get_init(ec_key_meth, &ec_init_proc, &ec_finish_proc, &ec_copy_proc, &ec_set_group_proc, &ec_set_private_proc, &ec_set_public_proc); EC_KEY_METHOD_set_init(ec_key_meth, ec_init_proc, ec_privdata_free, ec_copy_proc, ec_set_group_proc, ec_set_private_proc, ec_set_public_proc); return ec_key_meth; } #ifdef EVP_PKEY_ED25519 static EVP_PKEY_METHOD *p11_eddsa_method; static int eddsa_eng_meths(ENGINE *e, EVP_PKEY_METHOD **m, const int **nids, int nid) { static const int my_nids[] = {EVP_PKEY_ED25519 }; (void)e; if (m) { switch (nid) { case EVP_PKEY_ED25519: *m = p11_eddsa_method; return 1; return 0; } } if (nids) { *nids = my_nids; return ARRAY_SIZE(my_nids); } return -1; } static int eng_pmeth_sign_eddsa(EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen, const unsigned char *tbs, size_t tbslen) { int len, ret = -1; unsigned char rs_buf[64]; EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(EVP_MD_CTX_pkey_ctx(ctx)); pkcs11 *p11 = (pkcs11 *)ENGINE_get_ex_data(EVP_PKEY_get0_engine(pkey), eng_idx); *siglen = EVP_PKEY_size(pkey); if (sig == NULL) { // caller needs only size ret = 1; goto out; } // siglen is unsigned and can' cope with -1 as return value len = p11->encrypt(tbslen, tbs, rs_buf, sizeof rs_buf, CKM_EDDSA); if ((len & 0x01) || (*siglen != (size_t)len)) // Must be even goto out; memcpy(sig, rs_buf, len); *siglen = len; ret = 1; out: ign_openssl_error(); return ret; } static int eng_pmeth_ctrl_eddsa(EVP_PKEY_CTX *, int type, int p1, void *p2) { (void)p1; switch (type) { case EVP_PKEY_CTRL_MD: if (p2 == NULL || (const EVP_MD *)p2 == EVP_md_null()) return 1; ECerr(EC_F_PKEY_ECD_CTRL, EC_R_INVALID_DIGEST_TYPE); return 0; } qWarning() << "EC Don't call me" << type; return -2; } #endif #endif EVP_PKEY *pkcs11::getPrivateKey(EVP_PKEY *pub, CK_OBJECT_HANDLE obj) { static RSA_METHOD *rsa_meth = NULL; static DSA_METHOD *dsa_meth = NULL; #ifndef OPENSSL_NO_EC static EC_KEY_METHOD *ec_key_meth = NULL; EC_KEY *ec; #ifdef EVP_PKEY_ED25519 static ENGINE *e = NULL; if (!e) { e = ENGINE_new(); Q_CHECK_PTR(e); ENGINE_set_pkey_meths(e, eddsa_eng_meths); ENGINE_set_finish_function(e, eng_finish); if (eng_idx == -1) eng_idx = ENGINE_get_ex_new_index(0, NULL, NULL, NULL, 0); ENGINE_set_ex_data(e, eng_idx, NULL); // Why is engine attached to pubkey? I'm commenting it, as I do // not want it to be attached to RSA/DSA/EC //CRYPTO_add(&pub->references, 1, CRYPTO_LOCK_EVP_PKEY); //pub->engine = e; if (!p11_eddsa_method) { p11_eddsa_method = EVP_PKEY_meth_new(EVP_PKEY_ED25519, EVP_PKEY_FLAG_SIGCTX_CUSTOM); EVP_PKEY_meth_set_digestsign(p11_eddsa_method, eng_pmeth_sign_eddsa); EVP_PKEY_meth_set_ctrl(p11_eddsa_method, eng_pmeth_ctrl_eddsa, NULL); EVP_PKEY_meth_set_copy(p11_eddsa_method, eng_pmeth_copy); } } #endif #endif RSA *rsa; DSA *dsa; EVP_PKEY *evp = NULL; int keytype; p11slot.isValid(); keytype = EVP_PKEY_id(pub); switch (EVP_PKEY_type(keytype)) { case EVP_PKEY_RSA: rsa = RSAPublicKey_dup(EVP_PKEY_get0_RSA(pub)); openssl_error(); if (!rsa_meth) { rsa_meth = RSA_meth_dup(RSA_get_default_method()); RSA_meth_set_priv_enc(rsa_meth, rsa_encrypt); RSA_meth_set_priv_dec(rsa_meth, rsa_decrypt); RSA_meth_set_finish(rsa_meth, rsa_privdata_free); } p11obj = obj; RSA_set_method(rsa, rsa_meth); RSA_set_app_data(rsa, this); evp = EVP_PKEY_new(); openssl_error(); EVP_PKEY_assign_RSA(evp, rsa); break; case EVP_PKEY_DSA: dsa = DSAparams_dup(EVP_PKEY_get0_DSA(pub)); openssl_error(); if (!dsa_meth) { dsa_meth = DSA_meth_dup(DSA_get_default_method()); DSA_meth_set_sign(dsa_meth, dsa_sign); DSA_meth_set_finish(dsa_meth, dsa_privdata_free); } p11obj = obj; DSA_set_method(dsa, dsa_meth); DSA_set_ex_data(dsa, 0, this); evp = EVP_PKEY_new(); openssl_error(); EVP_PKEY_assign_DSA(evp, dsa); break; #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: ec = EC_KEY_dup(EVP_PKEY_get0_EC_KEY(pub)); openssl_error(); if (!ec_key_meth) { ec_key_meth = setup_ec_key_meth(); } p11obj = obj; EC_KEY_set_method(ec, ec_key_meth); EC_KEY_set_ex_data(ec, 0, this); evp = EVP_PKEY_new(); openssl_error(); EVP_PKEY_assign_EC_KEY(evp, ec); break; #ifdef EVP_PKEY_ED25519 case EVP_PKEY_ED25519: size_t len; if (ENGINE_get_ex_data(e, eng_idx)) qWarning() << "We forgot to free the previous Card key."; ENGINE_set_ex_data(e, eng_idx, this); p11obj = obj; EVP_PKEY_get_raw_public_key(pub, NULL, &len); unsigned char *pubkey = (unsigned char *)OPENSSL_malloc(len); Q_CHECK_PTR(pubkey); EVP_PKEY_get_raw_public_key(pub, pubkey, &len); evp = EVP_PKEY_new_raw_public_key(EVP_PKEY_ED25519, e, pubkey, len); openssl_error(); OPENSSL_free(pubkey); //EVP_PKEY_set1_engine(evp, e); break; #endif #endif } return evp; } xca-RELEASE.2.9.0/lib/pkcs11.h000066400000000000000000000132761477156507700154310ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2009 - 2011 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __XCA_PKCS11_H #define __XCA_PKCS11_H #include "pkcs11_lib.h" #include "opensc-pkcs11.h" #include #include #include #include "pk11_attribute.h" #include "func.h" void waitcursor(int start, int line); #define WAITCURSOR_START waitcursor(1, __LINE__); #define WAITCURSOR_END waitcursor(0, __LINE__); extern char segv_data[1024]; #define CALL_P11_C(l, func, ...) do { \ snprintf(segv_data, sizeof segv_data, "Crashed in %s in %s from %s:%d\n" \ "This looks like a bug in the PKC#11 library and not in XCA\n", \ #func, CCHAR((l)->filename()), __func__, __LINE__); \ if (IS_GUI_APP) \ QApplication::setOverrideCursor(QCursor(Qt::WaitCursor)); \ rv = l->ptr()->func(__VA_ARGS__); \ segv_data[0] = 0; \ if (IS_GUI_APP) \ QApplication::restoreOverrideCursor(); \ ign_openssl_error(); \ } while(0); class tkInfo { private: CK_TOKEN_INFO token_info{}; public: tkInfo() { } tkInfo(const CK_TOKEN_INFO *ti) { set(ti); } tkInfo(const tkInfo &tk) { set(&tk.token_info); } void set(const CK_TOKEN_INFO *ti) { memcpy(&token_info, ti, sizeof(token_info)); // sanitize strings for (int i=0; i<32; i++) { if (token_info.label[i] == 0) token_info.label[i] = ' '; if (token_info.manufacturerID[i] == 0) token_info.manufacturerID[i] = ' '; } for (int i=0; i<16; i++) { if (token_info.model[i] == 0) token_info.model[i] = ' '; if (token_info.serialNumber[i] == 0) token_info.serialNumber[i] = ' '; } } QString label() const { return UTF8QSTRING(token_info.label, 32); } QString manufacturerID() const { return UTF8QSTRING(token_info.manufacturerID, 32); } QString model() const { return UTF8QSTRING(token_info.model, 16); } QString serial() const { return ASCIIQSTRING(token_info.serialNumber, 16); } bool protAuthPath() const { return !!(token_info.flags & CKF_PROTECTED_AUTHENTICATION_PATH); } bool tokenInitialized() const { return !!(token_info.flags & CKF_TOKEN_INITIALIZED); } QString pinInfo() const { return QObject::tr("Required PIN size: %1 - %2"). arg(token_info.ulMinPinLen). arg(token_info.ulMaxPinLen); } bool force_keygen_named_curve() const { // Workaround for "www.CardContact.de" bug return manufacturerID() == "www.CardContact.de"; } bool need_SO_for_object_mod() const { // Yubikey Need SO Pin to modify objects return manufacturerID() == "Yubico (www.yubico.com)"; } bool set_token_attr_false_dsa_param() const { // nCipher Attributes // as on 10/26/2015 - Thales' PKCS11 provider has // issue to generate Domain Parameters return manufacturerID() == "nCipher Corp. Ltd"; } QList fixed_ids() const { // Yubi keys have fixed set of IDs // Use QStringList to not invent a new type: (QString + unsigned) static const QList ids { { "9a: PIV Authentication", "1" }, { "9c: Digital Signature", "2" }, { "9d: Key Management", "3" }, { "9e: Card Authentication", "4" } }; if (manufacturerID() == "Yubico (www.yubico.com)") { if (model() == "YubiKey NEO") return ids; if (model() == "YubiKey YK4" || model() == "YubiKey YK5") { QList retired(ids); for (int i=0; i< 20; i++) retired.append(QStringList { QString("%1: Retired Key %2") .arg(i+0x82, 0, 16).arg(i+1), QString::number(i + 5) }); return retired; } } return QList(); } }; class pkcs11 { friend class pk11_attribute; friend class pk11_attr_ulong; friend class pk11_attr_data; private: slotid p11slot; CK_SESSION_HANDLE session; CK_OBJECT_HANDLE p11obj; static int pctr; public: static pkcs11_lib_list libraries; pkcs11(); ~pkcs11(); CK_RV tokenInfo(const slotid &slot, tkInfo *tkinfo) const; tkInfo tokenInfo(const slotid &slot) const; tkInfo tokenInfo() const { return tokenInfo(p11slot); } QString driverInfo(const slotid &slot) const { return slot.lib->driverInfo(); } static slotidList getSlotList() { return libraries.getSlotList(); } void closeSession(const slotid &slot); bool selectToken(slotid *slot, QWidget *w); void changePin(const slotid &slot, bool so); void initPin(const slotid &slot); void initToken(const slotid &slot, unsigned char *pin, int pinlen, QString label); QList mechanismList(const slotid &slot); void mechanismInfo(const slotid &slot, CK_MECHANISM_TYPE m, CK_MECHANISM_INFO *info); void startSession(const slotid &slot, bool rw = false); /* Session based functions */ void loadAttribute(pk11_attribute &attribute, CK_OBJECT_HANDLE object); void storeAttribute(pk11_attribute &attribute, CK_OBJECT_HANDLE object); QList objectList(pk11_attlist &atts) const; QString tokenLogin(const QString &name, bool so, bool force=false); bool tokenLoginForModification(); void getRandom(); void logout(); bool needsLogin(bool so); void login(unsigned char *pin, unsigned long pinlen, bool so); void setPin(unsigned char *oldPin, unsigned long oldPinLen, unsigned char *pin, unsigned long pinLen); CK_OBJECT_HANDLE createObject(pk11_attlist &attrs); pk11_attr_data findUniqueID(unsigned long oclass) const; pk11_attr_data generateKey(QString name, unsigned long ec_rsa_mech, unsigned long bits, int nid, const pk11_attr_data &id); int deleteObjects(QList objects); EVP_PKEY *getPrivateKey(EVP_PKEY *pub, CK_OBJECT_HANDLE obj); int encrypt(int flen, const unsigned char *from, unsigned char *to, int tolen, unsigned long m); int decrypt(int flen, const unsigned char *from, unsigned char *to, int tolen, unsigned long m); }; #endif xca-RELEASE.2.9.0/lib/pkcs11_lib.cpp000066400000000000000000000277201477156507700166110ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2009 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #include "pkcs11.h" #include "pk11_attribute.h" #include "exception.h" #include "db_base.h" #include "func.h" #include "pass_info.h" #include #include #include "ui_SelectToken.h" pkcs11_lib::pkcs11_lib(const QString &f) { CK_RV (*c_get_function_list)(CK_FUNCTION_LIST_PTR_PTR); CK_RV rv; file = name2File(f, &enabled); if (!enabled) return; try { /* PKCS11 libs without path should be looked up locally */ QString realfile = file; if (!realfile.contains("/") && !realfile.isEmpty()) realfile.prepend("./"); setFileName(realfile); if (!load()) throw errorEx(tr("Failed to open PKCS11 library: %1: %2").arg(file).arg(errorString())); /* Get the list of function pointers */ c_get_function_list = (CK_RV (*)(CK_FUNCTION_LIST_PTR_PTR)) resolve("C_GetFunctionList"); if (!c_get_function_list) throw errorEx(tr("This does not look like a PKCS#11 library. Symbol 'C_GetFunctionList' not found.")); qDebug() << "Trying to load PKCS#11 provider" << file; rv = c_get_function_list(&p11); if (rv != CKR_OK) pk11error("C_GetFunctionList", rv); CALL_P11_C(this, C_Initialize, NULL); if (rv != CKR_OK && rv != CKR_CRYPTOKI_ALREADY_INITIALIZED) pk11error("C_Initialize", rv); qDebug() << "Successfully loaded PKCS#11 provider" << file; } catch (errorEx &err) { load_error = err.getString(); WAITCURSOR_END; if (p11) p11 = NULL; unload(); qDebug() << "Failed to load PKCS#11 provider" << file; } } pkcs11_lib::~pkcs11_lib() { CK_RV rv; (void)rv; if (!isLoaded()) return; qDebug() << "Unloading PKCS#11 provider" << file; CALL_P11_C(this, C_Finalize, NULL); unload(); qDebug() << "Unloaded PKCS#11 provider" << file; } QList pkcs11_lib::getSlotList() { CK_RV rv; CK_SLOT_ID *p11_slots = NULL; QList sl; unsigned long i, num_slots = 0; if (!isLoaded()) return sl; qDebug() << "sizeof CK_SLOT_ID" << sizeof(CK_SLOT_ID) << sizeof(unsigned long); /* This one helps to avoid errors. * Fist time it fails, 2nd time it works */ CALL_P11_C(this, C_GetSlotList, CK_TRUE, p11_slots, &num_slots); while (1) { CALL_P11_C(this, C_GetSlotList, CK_TRUE, p11_slots, &num_slots); if (rv != CKR_OK && rv != CKR_BUFFER_TOO_SMALL) pk11error("C_GetSlotList", rv); if (num_slots == 0) break; if ((rv == CKR_OK) && p11_slots) break; p11_slots = (CK_SLOT_ID *)realloc(p11_slots, num_slots *sizeof(CK_SLOT_ID)); Q_CHECK_PTR(p11_slots); } for (i=0; iisLib(fname)) continue; if (model_data.contains(i)) return l; idx = i; break; } if (idx == -1) { pkcs11_lib *l = new pkcs11_lib(fname); idx = libs.size(); libs << l; } beginInsertRows(QModelIndex(), model_data.size(), model_data.size()); model_data << idx; endInsertRows(); return l; } void pkcs11_lib_list::load(const QString &list) { beginResetModel(); QString orig = getPkcs11Provider(); QList newlist; foreach(QString name, list.split('\n')) { pkcs11_lib *newitem = NULL; name = name.trimmed(); if (name.isEmpty()) continue; for (int i = 0; i < libs.size(); i++) { if (name == libs[i]->toData()) { newitem = libs.takeAt(i); break; } } if (!newitem) { newitem = new pkcs11_lib(name); } newlist << newitem; } qDeleteAll(libs); libs = newlist; model_data.clear(); for (int i = 0; i < libs.size(); i++) model_data << i; endResetModel(); qDebug() << "Libs reloaded from" << orig << "to" << getPkcs11Provider(); } slotidList pkcs11_lib_list::getSlotList() const { slotidList list; QString ex; bool success = false; foreach(pkcs11_lib *l, libs) { if (!l->isLoaded()) continue; try { QList realids; realids = l->getSlotList(); for (CK_SLOT_ID id : realids) list << slotid(l, id); success = true; } catch (errorEx &e) { ex = e.getString(); } } if (success || ex.isEmpty()) return list; throw errorEx(ex); } QString pkcs11_lib_list::getPkcs11Provider() const { QStringList prov; foreach(int i, model_data) prov << libs[i]->toData(); return prov.size() == 0 ? QString() : prov.join("\n"); } void pkcs11_lib_list::remove_libs() { if (libs.isEmpty()) return; beginRemoveRows(QModelIndex(), 0, libs.size() -1); qDeleteAll(libs); libs.clear(); model_data.clear(); endRemoveRows(); } pkcs11_lib_list::~pkcs11_lib_list() { remove_libs(); } bool pkcs11_lib_list::loaded() const { foreach(pkcs11_lib *l, libs) if (l->isLoaded()) return true; return false; } int pkcs11_lib_list::rowCount(const QModelIndex &) const { return model_data.size(); } pkcs11_lib *pkcs11_lib_list::libByModelIndex(const QModelIndex &index) const { if (!index.isValid()) return NULL; int idx = model_data[index.row()]; return (idx >= 0 && idx < libs.size()) ? libs[idx] : NULL; } QVariant pkcs11_lib_list::data(const QModelIndex &index, int role) const { pkcs11_lib *l = libByModelIndex(index); if (!l) return QVariant(); QString pixmap; switch (role) { case Qt::DisplayRole: return QVariant(nativeSeparator(l->filename())); case Qt::DecorationRole: pixmap = l->pixmap(); if (pixmap.isEmpty()) { QPixmap p(QSize(20, 20)); p.fill(Qt::transparent); return QVariant(p); } return QVariant(QPixmap(pixmap)); case Qt::ToolTipRole: return QVariant(l->driverInfo().trimmed()); case Qt::CheckStateRole: return l->checked(); } return QVariant(); } QMap pkcs11_lib_list::itemData(const QModelIndex &index) const { QMap map; if (index.isValid()) map[Qt::UserRole] = QVariant(model_data[index.row()]); return map; } bool pkcs11_lib_list::setItemData(const QModelIndex &index, const QMap &roles) { if (index.isValid() && roles[Qt::UserRole].isValid()) { model_data[index.row()] = roles[Qt::UserRole].toInt(); return true; } return false; } bool pkcs11_lib_list::setData(const QModelIndex &index, const QVariant &value, int role) { pkcs11_lib *l = libByModelIndex(index); if (!l || role != Qt::CheckStateRole) return false; if (value == l->checked()) { /* No changes */ return true; } QString file = l->toData(value == Qt::Checked); delete l; int idx = model_data[index.row()]; libs[idx] = new pkcs11_lib(file); emit dataChanged(index, index); return true; } Qt::ItemFlags pkcs11_lib_list::flags(const QModelIndex & index) const { if (index.isValid()) return Qt::ItemIsEnabled | Qt::ItemIsSelectable | Qt::ItemIsDragEnabled | Qt::ItemIsUserCheckable; return QAbstractListModel::flags(index) | Qt::ItemIsDropEnabled; } Qt::DropActions pkcs11_lib_list::supportedDropActions() const { return Qt::MoveAction; } bool pkcs11_lib_list::removeRows(int row, int count, const QModelIndex &parent) { if (parent.isValid() || row < 0 || count == 0 || row + count > model_data.size()) return false; beginRemoveRows(parent, row, row + count - 1); while (count-- > 0 && row < model_data.size()) model_data.removeAt(row); endRemoveRows(); return true; } bool pkcs11_lib_list::insertRows(int row, int count, const QModelIndex &parent) { if (parent.isValid() || row < 0 || count == 0) return false; beginInsertRows(parent, row, row +count -1); for (int i = 0; i < count; i++) model_data.insert(row +i, 0); endInsertRows(); return true; } const char *pk11errorString(unsigned long rv) { #define PK11_ERR(x) case x : return #x; switch (rv) { PK11_ERR(CKR_OK) PK11_ERR(CKR_CANCEL) PK11_ERR(CKR_HOST_MEMORY) PK11_ERR(CKR_SLOT_ID_INVALID) PK11_ERR(CKR_GENERAL_ERROR) PK11_ERR(CKR_FUNCTION_FAILED) PK11_ERR(CKR_ARGUMENTS_BAD) PK11_ERR(CKR_NO_EVENT) PK11_ERR(CKR_NEED_TO_CREATE_THREADS) PK11_ERR(CKR_CANT_LOCK) PK11_ERR(CKR_ATTRIBUTE_READ_ONLY) PK11_ERR(CKR_ATTRIBUTE_SENSITIVE) PK11_ERR(CKR_ATTRIBUTE_TYPE_INVALID) PK11_ERR(CKR_ATTRIBUTE_VALUE_INVALID) PK11_ERR(CKR_DATA_INVALID) PK11_ERR(CKR_DATA_LEN_RANGE) PK11_ERR(CKR_DEVICE_ERROR) PK11_ERR(CKR_DEVICE_MEMORY) PK11_ERR(CKR_DEVICE_REMOVED) PK11_ERR(CKR_ENCRYPTED_DATA_INVALID) PK11_ERR(CKR_ENCRYPTED_DATA_LEN_RANGE) PK11_ERR(CKR_FUNCTION_CANCELED) PK11_ERR(CKR_FUNCTION_NOT_PARALLEL) PK11_ERR(CKR_FUNCTION_NOT_SUPPORTED) PK11_ERR(CKR_KEY_HANDLE_INVALID) PK11_ERR(CKR_KEY_SIZE_RANGE) PK11_ERR(CKR_KEY_TYPE_INCONSISTENT) PK11_ERR(CKR_KEY_NOT_NEEDED) PK11_ERR(CKR_KEY_CHANGED) PK11_ERR(CKR_KEY_NEEDED) PK11_ERR(CKR_KEY_INDIGESTIBLE) PK11_ERR(CKR_KEY_FUNCTION_NOT_PERMITTED) PK11_ERR(CKR_KEY_NOT_WRAPPABLE) PK11_ERR(CKR_KEY_UNEXTRACTABLE) PK11_ERR(CKR_MECHANISM_INVALID) PK11_ERR(CKR_MECHANISM_PARAM_INVALID) PK11_ERR(CKR_OBJECT_HANDLE_INVALID) PK11_ERR(CKR_OPERATION_ACTIVE) PK11_ERR(CKR_OPERATION_NOT_INITIALIZED) PK11_ERR(CKR_PIN_INCORRECT) PK11_ERR(CKR_PIN_INVALID) PK11_ERR(CKR_PIN_LEN_RANGE) PK11_ERR(CKR_PIN_EXPIRED) PK11_ERR(CKR_PIN_LOCKED) PK11_ERR(CKR_SESSION_CLOSED) PK11_ERR(CKR_SESSION_COUNT) PK11_ERR(CKR_SESSION_HANDLE_INVALID) PK11_ERR(CKR_SESSION_PARALLEL_NOT_SUPPORTED) PK11_ERR(CKR_SESSION_READ_ONLY) PK11_ERR(CKR_SESSION_EXISTS) PK11_ERR(CKR_SESSION_READ_ONLY_EXISTS) PK11_ERR(CKR_SESSION_READ_WRITE_SO_EXISTS) PK11_ERR(CKR_SIGNATURE_INVALID) PK11_ERR(CKR_SIGNATURE_LEN_RANGE) PK11_ERR(CKR_TEMPLATE_INCOMPLETE) PK11_ERR(CKR_TEMPLATE_INCONSISTENT) PK11_ERR(CKR_TOKEN_NOT_PRESENT) PK11_ERR(CKR_TOKEN_NOT_RECOGNIZED) PK11_ERR(CKR_TOKEN_WRITE_PROTECTED) PK11_ERR(CKR_UNWRAPPING_KEY_HANDLE_INVALID) PK11_ERR(CKR_UNWRAPPING_KEY_SIZE_RANGE) PK11_ERR(CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT) PK11_ERR(CKR_USER_ALREADY_LOGGED_IN) PK11_ERR(CKR_USER_NOT_LOGGED_IN) PK11_ERR(CKR_USER_PIN_NOT_INITIALIZED) PK11_ERR(CKR_USER_TYPE_INVALID) PK11_ERR(CKR_USER_ANOTHER_ALREADY_LOGGED_IN) PK11_ERR(CKR_USER_TOO_MANY_TYPES) PK11_ERR(CKR_WRAPPED_KEY_INVALID) PK11_ERR(CKR_WRAPPED_KEY_LEN_RANGE) PK11_ERR(CKR_WRAPPING_KEY_HANDLE_INVALID) PK11_ERR(CKR_WRAPPING_KEY_SIZE_RANGE) PK11_ERR(CKR_WRAPPING_KEY_TYPE_INCONSISTENT) PK11_ERR(CKR_RANDOM_SEED_NOT_SUPPORTED) PK11_ERR(CKR_RANDOM_NO_RNG) PK11_ERR(CKR_DOMAIN_PARAMS_INVALID) PK11_ERR(CKR_BUFFER_TOO_SMALL) PK11_ERR(CKR_SAVED_STATE_INVALID) PK11_ERR(CKR_INFORMATION_SENSITIVE) PK11_ERR(CKR_STATE_UNSAVEABLE) PK11_ERR(CKR_CRYPTOKI_NOT_INITIALIZED) PK11_ERR(CKR_CRYPTOKI_ALREADY_INITIALIZED) PK11_ERR(CKR_MUTEX_BAD) PK11_ERR(CKR_MUTEX_NOT_LOCKED) PK11_ERR(CKR_VENDOR_DEFINED) } return "unknown PKCS11 error"; } void pk11error(const QString &func, int rv) { WAITCURSOR_END errorEx err(QObject::tr("PKCS#11 function '%1' failed: %2").arg(func). arg(pk11errorString(rv))); throw err; } void pk11error(const slotid &slot, const QString &func, int rv) { WAITCURSOR_END errorEx err(QObject::tr("PKCS#11 function '%1' failed: %2\nIn library %3\n%4"). arg(func).arg(pk11errorString(rv)).arg(slot.lib->filename()). arg(slot.lib->driverInfo())); throw err; } xca-RELEASE.2.9.0/lib/pkcs11_lib.h000066400000000000000000000054501477156507700162520ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2009 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __XCA_PKCS11_LIB_H #define __XCA_PKCS11_LIB_H #include "lib/exception.h" #include "opensc-pkcs11.h" #include #include #include #include #include class pkcs11_lib : public QLibrary { Q_OBJECT private: CK_FUNCTION_LIST *p11{}; QString file, load_error{}; bool enabled{}; public: static QString name2File(const QString &name, bool *enabled = nullptr); pkcs11_lib(const QString &file); pkcs11_lib() = delete; ~pkcs11_lib(); QList getSlotList(); QString driverInfo() const; QString filename() const { return file; } CK_FUNCTION_LIST *ptr() const { return p11; } bool isLoaded() const { return p11 != NULL; } enum Qt::CheckState checked() const { return enabled ? Qt::Checked : Qt::Unchecked; } bool isLib(const QString &name) const { return name2File(name) == file; } QString toData(int enabled) const { return QString("%1:%2").arg(enabled).arg(file); } QString toData() const { return toData(enabled); } QString pixmap() const { if (!enabled) return QString(); return isLoaded() ? ":doneIco" : ":warnIco"; } }; class slotid { public: pkcs11_lib *lib; CK_SLOT_ID id; slotid() = default; slotid(pkcs11_lib *l, CK_SLOT_ID i) : lib(l), id(i) { } void isValid() const { if (!lib) throw errorEx("InternalError: slotid is invalid"); } CK_FUNCTION_LIST *p11() const { return lib->ptr(); } }; typedef QList slotidList; class pkcs11_lib_list: public QAbstractListModel { QList libs; QList model_data; public: ~pkcs11_lib_list(); pkcs11_lib *add_lib(const QString &fname); void load(const QString &list); slotidList getSlotList() const; QString getPkcs11Provider() const; void remove_libs(); bool loaded() const; /* Helper for QAbstractListModel */ pkcs11_lib *libByModelIndex(const QModelIndex &index) const; /* Reimplementation from QAbstractListModel */ int rowCount(const QModelIndex &parent = QModelIndex()) const; QVariant data(const QModelIndex &index, int role = Qt::DisplayRole) const; bool setData(const QModelIndex &index, const QVariant &value, int role); QMap itemData(const QModelIndex &index) const; bool setItemData(const QModelIndex &index, const QMap &roles); Qt::ItemFlags flags(const QModelIndex& index) const; Qt::DropActions supportedDropActions() const; bool removeRows(int row, int count, const QModelIndex &p = QModelIndex()); bool insertRows(int row, int count, const QModelIndex &p = QModelIndex()); }; void pk11error(const QString &fmt, int r); void pk11error(const slotid &slot, const QString &func, int rv); const char *pk11errorString(unsigned long rv); #endif xca-RELEASE.2.9.0/lib/pki_base.cpp000066400000000000000000000263021477156507700164310ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "func.h" #include "xfile.h" #include "pki_base.h" #include "exception.h" #include "XcaWarningCore.h" #include #include #include #include pki_lookup Store; QRegularExpression pki_base::limitPattern; bool pki_base::pem_comment; QBrush pki_base::red, pki_base::cyan, pki_base::yellow; pki_base::pki_base(const QString &name) : desc(name) { } pki_base::pki_base(const pki_base *p) { desc = p->desc; pkiType = p->pkiType; pkiSource = p->pkiSource; p->inheritFilename(this); } pki_base::~pki_base(void) { } QString pki_base::comboText() const { return desc; } void pki_base::autoIntName(const QString &file) { setIntName(rmslashdot(file)); } void pki_base::deleteFromToken() { } void pki_base::deleteFromToken(const slotid &) { } void pki_base::writeDefault(const QString&) const { } void pki_base::fromPEM_BIO(BIO *, const QString &) { } void pki_base::fload(const QString &) { } int pki_base::renameOnToken(const slotid &, const QString &) { return 0; } QString pki_base::getUnderlinedName() const { QString name = getIntName(); QRegularExpression rx("^(CON|PRN|AUX|NUL|COM[1-9]|LPT[1-9])$"); if (rx.match(name).hasMatch()) name += "_"; return name.replace(QRegularExpression("[ $&;`/\\\\<>:\"/\\|?*]+"), "_"); } bool pki_base::visible() const { return getIntName().contains(limitPattern) || comment.contains(limitPattern); } QByteArray pki_base::PEM_comment() const { if (!pem_comment) return QByteArray(); return QString("XCA internal name: %1\n%2\n") .arg(getIntName()).arg(getComment()).toUtf8(); } void pki_base::clear() { childItems.clear(); } bool pki_base::childVisible() const { foreach(pki_base *child, childItems) if (child->isVisible()) return true; return false; } int pki_base::isVisible() { qDebug() << limitPattern << lastPattern; if (limitPattern.pattern().isEmpty()) iamvisible = 1; else if (limitPattern != lastPattern) { lastPattern = limitPattern; iamvisible = visible() ? 1 : childVisible() ? 2 : 0; } return iamvisible; } QString pki_base::getMsg(msg_type msg, int) const { return tr("Internal error: Unexpected message: %1 %2") .arg(getClassName()).arg(msg); } QByteArray pki_base::i2d() const { return QByteArray(); } bool pki_base::pem(BioByteArray &) { return false; } const char *pki_base::getClassName() const { return typeid(*this).name(); } void pki_base::my_error(const QString &error) const { if (!error.isEmpty()) { qCritical() << "Error:" << error; throw errorEx(error, getClassName()); } } void pki_base::fromPEMbyteArray(const QByteArray &ba, const QString &name) { fromPEM_BIO(BioByteArray(ba).ro(), name); autoIntName(name); setFilename(name); } QString pki_base::rmslashdot(const QString &s) { QByteArray a = s.toLatin1().replace("\\", "/"); int r = a.lastIndexOf('.'); int l = a.lastIndexOf('/'); return s.mid(l+1,r-l-1); } QSqlError pki_base::insertSql() { XSqlQuery q; QString insert; QSqlError e; insertion_date.now(); SQL_PREPARE(q, "SELECT MAX(id) +1 from items"); q.exec(); if (q.first()) sqlItemId = q.value(0); if (sqlItemId.toULongLong() == 0) sqlItemId = 1; SQL_PREPARE(q, "INSERT INTO items " "(id, name, type, date, source, comment) " "VALUES (?, ?, ?, ?, ?, ?)"); q.bindValue(0, sqlItemId); q.bindValue(1, getIntName()); q.bindValue(2, getType()); q.bindValue(3, insertion_date.toPlain()); q.bindValue(4, pkiSource); q.bindValue(5, getComment()); q.exec(); e = q.lastError(); if (!e.isValid()) { e = insertSqlData(); } return e; } void pki_base::restoreSql(const QSqlRecord &rec) { sqlItemId = rec.value(VIEW_item_id); desc = rec.value(VIEW_item_name).toString(); insertion_date.fromPlain(rec.value(VIEW_item_date).toString()); comment = rec.value(VIEW_item_comment).toString(); pkiSource = (enum pki_source)rec.value(VIEW_item_source).toInt(); } QSqlError pki_base::deleteSql() { XSqlQuery q; QString insert; QSqlError e; if (!sqlItemId.isValid()) { qDebug("INVALID sqlItemId (DELETE %s)", CCHAR(getIntName())); return sqlItemNotFound(QVariant()); } e = deleteSqlData(); if (e.isValid()) return e; SQL_PREPARE(q, "UPDATE items SET del=1 WHERE id=?"); q.bindValue(0, sqlItemId); q.exec(); return q.lastError(); } QSqlError pki_base::sqlItemNotFound(QVariant sqlId) const { return QSqlError(QString("XCA SQL database inconsistent"), QString("Item %2 not found %1") .arg(getClassName()) .arg(sqlId.toString()), QSqlError::UnknownError); } pki_base *pki_base::getParent() const { return parent; } void pki_base::setParent(pki_base *p) { parent = p; } pki_base *pki_base::child(int row) { return childItems.value(row); } void pki_base::insert(pki_base *item) { if (!childItems.contains(item)) { childItems.prepend(item); item->setParent(this); } } int pki_base::childCount() const { return childItems.size(); } int pki_base::indexOf(const pki_base *child) const { return childItems.indexOf(const_cast(child)); } void pki_base::takeChild(pki_base *pki) { if (childItems.removeOne(pki)) pki->setParent(nullptr); } QList pki_base::getChildItems() const { //#warning need to collect all children below folders (later) return childItems; } pki_base *pki_base::takeFirst() { pki_base *pki = childItems.takeFirst(); if (pki) pki->setParent(nullptr); return pki; } QString pki_base::pki_source_name() const { switch (pkiSource) { default: case unknown: return tr("Unknown"); case imported: return tr("Imported"); case generated: return tr("Generated"); case transformed: return tr("Transformed"); case token: return tr("Token"); case legacy_db: return tr("Legacy Database"); case renewed: return tr("Renewed"); } return QString("???"); } QVariant pki_base::column_data(const dbheader *hd) const { switch (hd->id) { case HD_internal_name: return QVariant(getIntName()); case HD_comment: return QVariant(comment.section('\n', 0, 0)); case HD_source: return QVariant(pki_source_name()); case HD_primary_key: return sqlItemId; } if (hd->type == dbheader::hd_asn1time) { a1time t = column_a1time(hd); if (!t.isUndefined()) return QVariant(t.toFancy()); } return QVariant(); } a1time pki_base::column_a1time(const dbheader *hd) const { switch (hd->id) { case HD_creation: return insertion_date; } return a1time().setUndefined(); } QVariant pki_base::getIcon(const dbheader *hd) const { (void)hd; return QVariant(); } QVariant pki_base::column_tooltip(const dbheader *hd) const { switch (hd->id) { case HD_comment: return QVariant(comment); } if (hd->type == dbheader::hd_asn1time) { a1time t = column_a1time(hd); if (!t.isUndefined()) return QVariant(t.toPretty()); } return QVariant(); } bool pki_base::compare(const pki_base *ref) const { bool ret; ret = (i2d() == ref->i2d()); pki_openssl_error(); return ret; } /* Unsigned 32 bit integer */ unsigned pki_base::hash(const QByteArray &ba) { unsigned char md[EVP_MAX_MD_SIZE]; SHA1((const unsigned char *)ba.constData(), ba.length(), md); return (((unsigned)md[0] ) | ((unsigned)md[1]<<8L) | ((unsigned)md[2]<<16L) | ((unsigned)md[3]<<24L) ) & 0x7fffffffL; } unsigned pki_base::hash() const { if (!hashcache) hashcache = hash(i2d()); return hashcache; } QString pki_base::get_dump_filename(const QString &dir, const QString &ext) const { QString ctr = "", fn; int count = 0; while (count++ < 1000) { fn = dir + "/" + getUnderlinedName() + ctr + ext; if (!QFile::exists(fn)) return fn; ctr = QString("_%1").arg(count); } return fn; } void pki_base::selfComment(QString msg) { setComment(appendXcaComment(getComment(), msg)); } void pki_base::collect_properties(QMap &prp) const { QString t; prp["Descriptor"] = getIntName(); if (getComment().size() > 0) prp["Comment"] = "\n" + getComment().replace('\n', "\n "); prp["Type"] = getTypeString(); } QString pki_base::getTypeString() const { QString t; switch (pkiType) { case asym_key: t = "Asymmetric Key"; break; case x509_req: t = "PKCS#10 Certificate request"; break; case x509: t = "x.509 Certificate"; break; case revocation: t = "Certificate revocation list"; break; case tmpl: t = "XCA Template"; break; case smartCard: t = "Token Key"; break; default: t = "Unknown"; break; } return t; } void pki_base::print(BioByteArray &bba, enum print_opt opt) const { static const QStringList order = { "Type", "Descriptor", "Subject", "Issuer", "Serial", "Not Before", "Not After", "Verify Ok", "Unstructured Name", "Challenge Password", "Last Update", "Next Update", "CA", "Self signed", "Key", "Signature", "Extensions", "Comment", "Algorithm", "Friendly Name" }; if (opt == print_coloured) { QMap prp; QStringList keys; int w = 0; collect_properties(prp); keys = prp.keys(); foreach (const QString &key, keys) { if (key.size() > w) w = key.size(); if (!order.contains(key)) XCA_WARN(tr("Property '%1' not listed in 'pki_base::print'").arg(key)); } w = (w + 1) * -1; foreach (const QString &key, order) { if (!prp.contains(key)) continue; bba += QString(COL_YELL "%1" COL_RESET " %2\n") .arg(key + ":", w).arg(prp[key]).toUtf8(); } } } static QString icsValue(QString s) { int n = 60; QStringList lines; QString t = s.replace(QRegularExpression("([,;\\\\])"), "\\\\1") .replace("\n", "\\n") .replace("\r", "\\r"); qDebug() << "S:" << s; for (int j = n; !s.isEmpty(); j--) { QString sub = s.left(j); if (sub.endsWith("\\") || sub.toUtf8().length() > n) continue; s.remove(0, j); lines << sub; j = n = 74; } return lines.join("\r\n "); } QStringList pki_base::icsVEVENT(const a1time &expires, const QString &summary, const QString &description) const { QString uniqueid = formatHash(Digest(i2d(), EVP_sha1()), ""); QString desc = icsValue(description + "\n----------\n" + comment); QString alarm = Settings["ical_expiry"]; return QStringList() << "BEGIN:VEVENT" << QString("DTSTAMP:%1").arg(a1time().toString("yyyyMMdd'T'HHmmss'Z'")) << QString("UID:EXP-%1@xca.ovh").arg(uniqueid) << "STATUS:CONFIRMED" << QString("DTSTART:%1").arg(expires.toString("yyyyMMdd")) << "DURATION:P1D" << QString("SUMMARY:%1").arg(icsValue(summary)) << QString("DESCRIPTION:%1").arg(desc) << "BEGIN:VALARM" << "ACTION:DISPLAY" << QString("SUMMARY:%1").arg(icsValue(summary)) << QString("DESCRIPTION:%1").arg(desc) << QString("TRIGGER:-P%1").arg(alarm) << "END:VALARM" << "END:VEVENT"; } void pki_base::setupColors(const QPalette &pal) { int factor = 50; if (pal.window().color().value() > pal.windowText().color().value()) factor = 125; qDebug() << "WindowColor" << pal.window().color().value() << "TextColor" << pal.windowText().color().value() << "Factor" << factor; red = QBrush(QColor(255, 0, 0).lighter(factor)); yellow = QBrush(QColor(255, 255, 0).lighter(factor)); cyan = QBrush(QColor(127, 255, 212).lighter(factor)); } QString pki_base::base64UrlEncode(const BIGNUM *bn, int bits) const { BioByteArray big(bn, bits); return big.base64UrlEncode(); } void pki_base::exportToJWK(XFile &file, const pki_export *xport) const { QJsonObject json; fillJWK(json, xport); file.write(QJsonDocument(json).toJson()); }xca-RELEASE.2.9.0/lib/pki_base.h000066400000000000000000000126351477156507700161020ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_BASE_H #define __PKI_BASE_H #include #include #include #include #include #include #include "BioByteArray.h" #include "asn1time.h" #include "pkcs11_lib.h" #include "base.h" #include "pki_lookup.h" #include "headerlist.h" #include "sql.h" #include "xfile.h" #include "pki_export.h" #define pki_openssl_error() _openssl_error(*this, __FILE__, __LINE__) #define pki_ign_openssl_error() _ign_openssl_error(*this, __FILE__, __LINE__) enum pki_source { unknown, imported, generated, transformed, token, legacy_db, renewed }; #define VIEW_item_id 0 #define VIEW_item_name 1 #define VIEW_item_type 2 #define VIEW_item_date 3 #define VIEW_item_source 4 #define VIEW_item_comment 5 extern pki_lookup Store; class pki_base : public QObject { Q_OBJECT mutable unsigned hashcache{}; public: /* static */ static QRegularExpression limitPattern; static QString rmslashdot(const QString &fname); static unsigned hash(const QByteArray &ba); static bool pem_comment; static int count; static void setupColors(const QPalette &pal); protected: QVariant sqlItemId{}; QString desc{}, comment{}; a1time insertion_date{}; enum pki_type pkiType{ none }; /* model data */ pki_base *parent{}; QString filename{}; QList childItems{}; mutable QRegularExpression lastPattern{}; int iamvisible{ 1 }; static QBrush red, yellow, cyan; void my_error(const QString &error) const; virtual QByteArray PEM_comment() const; virtual void collect_properties(QMap &) const; public: enum msg_type { msg_import, msg_delete, msg_create, }; enum print_opt { print_openssl_txt, print_pem, print_coloured, }; enum pki_source pkiSource{ unknown }; pki_base(const QString &d = QString()); pki_base(const pki_base *p); virtual ~pki_base(); QList getChildItems() const; void clear(); void recheckVisibility() { lastPattern = QRegularExpression(); } QString getIntName() const { return desc; } void setFilename(const QString &s) { recheckVisibility(); filename = s; } QString getFilename() const { return filename; } void inheritFilename(pki_base *pki) const { pki->setFilename(getFilename()); } virtual QString comboText() const; virtual void print(BioByteArray &b, enum print_opt opt) const; QString getUnderlinedName() const; void setIntName(const QString &d) { recheckVisibility(); desc = d; } virtual void autoIntName(const QString &file); QString getComment() const { return comment; } void setComment(const QString &c) { recheckVisibility(); comment = c; } QVariant getSqlItemId() const { return sqlItemId; } enum pki_type getType() const { return pkiType; } QString getTypeString() const; QString i2d_b64() const { return QString::fromLatin1(i2d().toBase64()); } QString base64UrlEncode(const BIGNUM *bn, int bits = 0) const; a1time getInsertionDate() const { return insertion_date; } virtual QByteArray i2d() const; virtual bool compare(const pki_base *) const; virtual QString getMsg(msg_type msg, int n = 1) const; virtual const char *getClassName() const; /* Tree View management */ void setParent(pki_base *p); pki_base *getParent() const; pki_base *child(int row); void insert(pki_base *item); int childCount() const; void takeChild(pki_base *pki); pki_base *takeFirst(); int indexOf(const pki_base *child) const; /* Token handling */ virtual void deleteFromToken(); virtual void deleteFromToken(const slotid &); virtual int renameOnToken(const slotid &, const QString &); /* Import / Export management */ virtual bool pem(BioByteArray &b); virtual void fromPEM_BIO(BIO *, const QString &); virtual void fromPEMbyteArray(const QByteArray &, const QString &); virtual void fload(const QString &); virtual void writeDefault(const QString&) const; virtual void fillJWK(QJsonObject &, const pki_export *) const { }; void exportToJWK(XFile &file, const pki_export *xport) const; /* Qt Model-View methods */ virtual QVariant bg_color(const dbheader *) const { return QVariant(); } virtual QVariant column_data(const dbheader *hd) const; virtual QVariant getIcon(const dbheader *hd) const; virtual QVariant column_tooltip(const dbheader *hd) const; virtual a1time column_a1time(const dbheader *hd) const; virtual bool visible() const; virtual bool unusable() const { return false; } int isVisible(); bool childVisible() const; /* SQL management methods */ QSqlError insertSql(); virtual QSqlError insertSqlData() { return QSqlError(); } QSqlError deleteSql(); virtual QSqlError deleteSqlData() { return QSqlError(); } virtual void restoreSql(const QSqlRecord &rec); QSqlError sqlItemNotFound(QVariant sqlId) const; unsigned hash() const; QString pki_source_name() const; QString get_dump_filename(const QString &dirname, const QString &ext) const; void selfComment(QString msg); QStringList icsVEVENT(const a1time &expires, const QString &summary, const QString &description) const; operator QString() const { return QString("(%1[%2]:%3)").arg(getClassName()) .arg(getSqlItemId().toString()).arg(getIntName()); } }; Q_DECLARE_METATYPE(pki_base *); #endif xca-RELEASE.2.9.0/lib/pki_crl.cpp000066400000000000000000000227331477156507700163030ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "pki_crl.h" #include "func.h" #include "exception.h" #include "database_model.h" #include pki_crl::pki_crl(const QString &name) :pki_x509name(name) { crl = X509_CRL_new(); pki_openssl_error(); pkiType=revocation; } pki_x509 *pki_crl::getIssuer() const { return Store.lookupPki(issuerSqlId); } QString pki_crl::getIssuerName() const { pki_x509 *issuer = getIssuer(); return issuer ? issuer->getIntName() : QString(); } void pki_crl::setIssuer(pki_x509 *iss) { issuerSqlId = iss ? iss->getSqlItemId() : QVariant(); } void pki_crl::fromPEM_BIO(BIO *bio, const QString &name) { X509_CRL *_crl; _crl = PEM_read_bio_X509_CRL(bio, NULL, NULL, NULL); openssl_error_msg(name); if (!_crl) throw errorEx(); X509_CRL_free(crl); crl = _crl; } QString pki_crl::getMsg(msg_type msg, int n) const { /* * We do not construct english sentences from fragments * to allow proper translations. * * %1 will be replaced by the internal name of the CRL */ switch (msg) { case msg_import: return tr("Successfully imported the revocation list '%1'"); case msg_delete: return tr("Delete the %n revocation list(s): '%1'?", "", n); case msg_create: return tr("Successfully created the revocation list '%1'"); } return pki_base::getMsg(msg); } QSqlError pki_crl::lookupIssuer() { XSqlQuery q; unsigned name_hash = getSubject().hashNum(); SQL_PREPARE(q, "SELECT x509super.item FROM x509super " "JOIN certs ON certs.item = x509super.item " "WHERE x509super.subj_hash=? AND certs.ca=1"); q.bindValue(0, name_hash); q.exec(); if (q.lastError().isValid()) return q.lastError(); while (q.next()) { pki_x509 *x = Store.lookupPki(q.value(0)); if (!x) { qDebug("CA certificate with id %d not found", q.value(0).toInt()); continue; } verify(x); } return q.lastError(); } QSqlError pki_crl::insertSqlData() { QSqlError e = lookupIssuer(); if (e.isValid()) return e; XSqlQuery q; SQL_PREPARE(q, "INSERT INTO crls (item, hash, num, iss_hash, issuer, crl) " "VALUES (?, ?, ?, ?, ?, ?)"); q.bindValue(0, sqlItemId); q.bindValue(1, hash()); q.bindValue(2, numRev()); q.bindValue(3, (uint)getSubject().hashNum()); q.bindValue(4, issuerSqlId); q.bindValue(5, i2d_b64()); q.exec(); return q.lastError(); } void pki_crl::restoreSql(const QSqlRecord &rec) { pki_base::restoreSql(rec); QByteArray ba = QByteArray::fromBase64( rec.value(VIEW_crls_crl).toByteArray()); d2i(ba); setIssuer(Store.lookupPki(rec.value(VIEW_crls_issuer))); } QSqlError pki_crl::deleteSqlData() { XSqlQuery q; QSqlError e; SQL_PREPARE(q, "DELETE FROM crls WHERE item=?"); q.bindValue(0, sqlItemId); q.exec(); return q.lastError(); } void pki_crl::fload(const QString &fname) { X509_CRL *_crl; XFile file(fname); file.open_read(); QByteArray ba(file.readAll()); _crl = PEM_read_bio_X509_CRL(BioByteArray(ba).ro(), NULL, NULL, NULL); if (!_crl) { pki_ign_openssl_error(); _crl = d2i_X509_CRL_bio(BioByteArray(ba).ro(), NULL); } if (pki_ign_openssl_error() || !_crl) { if (_crl) X509_CRL_free(_crl); throw errorEx(tr("Unable to load the revocation list in file %1. Tried PEM and DER formatted CRL.").arg(fname)); } X509_CRL_free(crl); crl = _crl; } QString pki_crl::getSigAlg() const { return QString(OBJ_nid2ln(X509_CRL_get_signature_nid(crl))); } void pki_crl::createCrl(const QString d, pki_x509 *iss) { setIntName(d); if (!iss) my_error(tr("No issuer given")); X509_CRL_set_version(crl, 1); /* version 2 CRL */ X509_CRL_set_issuer_name(crl, (X509_NAME*)iss->getSubject().get0()); setIssuer(iss); pki_openssl_error(); } a1int pki_crl::getVersion() { return a1int(X509_CRL_get_version(crl)); } void pki_crl::setLastUpdate(const a1time &a) { a1time t(a); X509_CRL_set_lastUpdate(crl, t.get_utc()); pki_openssl_error(); } void pki_crl::setNextUpdate(const a1time &a) { a1time t(a); X509_CRL_set_nextUpdate(crl, t.get_utc()); pki_openssl_error(); } pki_crl::~pki_crl() { X509_CRL_free(crl); pki_openssl_error(); } void pki_crl::d2i(QByteArray &ba) { X509_CRL *c = (X509_CRL*)d2i_bytearray(D2I_VOID(d2i_X509_CRL), ba); pki_openssl_error(); if (c) { X509_CRL_free(crl); crl = c; } pki_openssl_error(); } QByteArray pki_crl::i2d() const { return i2d_bytearray(I2D_VOID(i2d_X509_CRL), crl); } void pki_crl::addRev(const x509rev &xrev, bool withReason) { X509_CRL_add0_revoked(crl, xrev.get(withReason)); pki_openssl_error(); } void pki_crl::addV3ext(const x509v3ext &e) { X509_EXTENSION *ext = e.get(); X509_CRL_add_ext(crl, ext, -1); X509_EXTENSION_free(ext); pki_openssl_error(); } extList pki_crl::extensions() const { extList el; el.setStack(X509_CRL_get0_extensions(crl)); pki_openssl_error(); return el; } bool pki_crl::visible() const { if (pki_x509name::visible()) return true; if (getSigAlg().contains(limitPattern)) return true; return extensions().search(limitPattern); } void pki_crl::sign(pki_key *key, const digest &digest) { EVP_PKEY *pkey; if (!key || key->isPubKey()) return; X509_CRL_sort(crl); pkey = key->decryptKey(); X509_CRL_sign(crl, pkey, digest.MD()); EVP_PKEY_free(pkey); pki_openssl_error(); } void pki_crl::writeDefault(const QString &dirname) const { XFile file(get_dump_filename(dirname, ".crl")); file.open_write(); writeCrl(file, true); } void pki_crl::writeCrl(XFile &file, bool pem) const { BioByteArray b; if (pem) { b += PEM_comment(); PEM_write_bio_X509_CRL(b, crl); } else { i2d_X509_CRL_bio(b, crl); } pki_openssl_error(); file.write(b); } bool pki_crl::pem(BioByteArray &b) { return PEM_write_bio_X509_CRL(b, crl); } a1time pki_crl::getLastUpdate() const { return a1time(X509_CRL_get0_lastUpdate(crl)); } a1time pki_crl::getNextUpdate() const { return a1time(X509_CRL_get0_nextUpdate(crl)); } int pki_crl::numRev() const { STACK_OF(X509_REVOKED) *st = X509_CRL_get_REVOKED(crl); return st ? sk_X509_REVOKED_num(st) : 0; } x509revList pki_crl::getRevList() { x509revList ret; int i, num = numRev(); STACK_OF(X509_REVOKED) *st = X509_CRL_get_REVOKED(crl); for (i=0; igetSubject()) return false; pki_key *key = issuer->getPubKey(); if (!key) return false; int ret = X509_CRL_verify(crl, key->getPubKey()); pki_ign_openssl_error(); if (ret != 1) { delete key; return false; } delete key; pki_x509 *curr = getIssuer(); if (curr && curr->getNotAfter() > issuer->getNotAfter()) return true; setIssuer(issuer); return true; } void pki_crl::setCrlNumber(a1int num) { ASN1_INTEGER *tmpser = num.get(); pki_openssl_error(); X509_CRL_add1_ext_i2d(crl, NID_crl_number, tmpser, 0, 0); ASN1_INTEGER_free(tmpser); pki_openssl_error(); } a1int pki_crl::getCrlNumber() const { a1int num; if (!getCrlNumber(&num)) num.set(0L); return num; } bool pki_crl::getCrlNumber(a1int *num) const { int j; ASN1_INTEGER *i; i = (ASN1_INTEGER *)X509_CRL_get_ext_d2i(crl, NID_crl_number, &j, NULL); pki_openssl_error(); if (j == -1) return false; num->set(i); ASN1_INTEGER_free(i); return true; } x509v3ext pki_crl::getExtByNid(int nid) { extList el = extensions(); x509v3ext e; for (int i=0; i< el.count(); i++){ if (el[i].nid() == nid) return el[i]; } return e; } QString pki_crl::printV3ext() { QString text = extensions().getHtml("
"); pki_openssl_error(); return text; } QVariant pki_crl::column_data(const dbheader *hd) const { switch (hd->id) { case HD_crl_signer: return QVariant(getIssuerName()); case HD_crl_revoked: return QVariant(numRev()); case HD_crl_crlnumber: a1int a; if (getCrlNumber(&a)) return QVariant(a.toDec()); return QVariant(); } return pki_x509name::column_data(hd); } a1time pki_crl::column_a1time(const dbheader *hd) const { switch (hd->id) { case HD_crl_lastUpdate: return getLastUpdate(); case HD_crl_nextUpdate: return getNextUpdate(); } return pki_base::column_a1time(hd); } QVariant pki_crl::getIcon(const dbheader *hd) const { return hd->id == HD_internal_name ? QVariant(QPixmap(":crlIco")) : QVariant(); } QStringList pki_crl::icsVEVENT() const { pki_x509 *ca = getIssuer(); if (ca) { return pki_base::icsVEVENT(getNextUpdate(), tr("CRL Renewal of CA '%1' due").arg(ca->getIntName()), tr("The latest CRL issued by the CA '%1' will expire on %2.\n" "It is stored in the XCA database '%3'") .arg(ca->getIntName()) .arg(getNextUpdate().toPretty()) .arg(nativeSeparator(Database.name())) ); } return pki_base::icsVEVENT(getNextUpdate(), tr("Renew CRL: %1").arg(getIntName()), tr("The XCA CRL '%1', issued on %3 will expire on %4.\n" "It is stored in the XCA database '%5'") .arg(getIntName()) .arg(getLastUpdate().toPretty()) .arg(getNextUpdate().toPretty()) .arg(nativeSeparator(Database.name())) ); } void pki_crl::collect_properties(QMap &prp) const { prp["Last Update"] = getLastUpdate().toPretty(); prp["Next Update"] = getNextUpdate().toPretty(); pki_x509name::collect_properties(prp); } void pki_crl::print(BioByteArray &bba, enum print_opt opt) const { pki_x509name::print(bba, opt); switch (opt) { case print_openssl_txt: X509_CRL_print(bba, crl); break; case print_pem: PEM_write_bio_X509_CRL(bba, crl); break; case print_coloured: break; } } xca-RELEASE.2.9.0/lib/pki_crl.h000066400000000000000000000054071477156507700157470ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_CRL_H #define __PKI_CRL_H #include #include "pki_x509.h" #include "pki_key.h" #include "x509name.h" #define VIEW_crls_num 6 #define VIEW_crls_issuer 7 #define VIEW_crls_crl 8 #include "digest.h" class crljob { public: pki_x509 *issuer{}; bool withReason{}; bool authKeyId{}; bool subAltName{}; bool setCrlNumber{}; a1int crlNumber{}; int crlDays{}; digest hashAlgo{}; a1time lastUpdate{}; a1time nextUpdate{}; crljob(pki_x509 *x = nullptr) : issuer(x), withReason(true), authKeyId(true), subAltName(true), setCrlNumber(issuer->getCrlNumber().getLong() > 0), crlNumber(issuer->getCrlNumber()), crlDays(issuer->getCrlDays()), hashAlgo(digest::getDefault()), nextUpdate(lastUpdate.addDays(crlDays)) { crlNumber++; if (x) { pki_key *key = x->getPubKey(); if (key) hashAlgo.adjust(key->possibleHashNids()); delete key; } } }; class pki_crl: public pki_x509name { Q_OBJECT friend class pki_x509; protected: QVariant issuerSqlId{}; X509_CRL *crl{}; extList extensions() const; void collect_properties(QMap &prp) const; public: pki_crl(const QString &name = QString()); ~pki_crl(); void fromPEM_BIO(BIO *bio, const QString &name); void fload(const QString &fname); QString getSigAlg() const; void writeDefault(const QString &dirname) const; void createCrl(const QString d, pki_x509 *iss); void addRev(const x509rev &rev, bool withReason=true); void addExt(int nid, QString value); void addV3ext(const x509v3ext &e); void sign(pki_key *key, const digest &digest); void writeCrl(XFile &file, bool pem = true) const; pki_x509 *getIssuer() const; QString getIssuerName() const; void setIssuer(pki_x509 *iss); x509name getSubject() const; void setLastUpdate(const a1time &t); void setNextUpdate(const a1time &t); a1time getNextUpdate() const; a1time getLastUpdate() const; bool verify(pki_x509 *issuer); int numRev() const; x509revList getRevList(); QString printV3ext(); x509v3ext getExtByNid(int nid); a1int getVersion(); QVariant column_data(const dbheader *hd) const; QVariant getIcon(const dbheader *hd) const; a1time column_a1time(const dbheader *hd) const; QString getMsg(msg_type msg, int n = 1) const; void d2i(QByteArray &ba); QByteArray i2d() const; void setCrlNumber(a1int num); bool getCrlNumber(a1int *num) const; a1int getCrlNumber() const; bool pem(BioByteArray &); bool visible() const; QSqlError lookupIssuer(); QSqlError insertSqlData(); QSqlError deleteSqlData(); void restoreSql(const QSqlRecord &rec); QStringList icsVEVENT() const; void print(BioByteArray &b, enum print_opt opt) const; }; #endif xca-RELEASE.2.9.0/lib/pki_evp.cpp000066400000000000000000000611151477156507700163120ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include #include "pki_evp.h" #include "pass_info.h" #include "func.h" #include "entropy.h" #include "BioByteArray.h" #include "XcaProgress.h" #include "openssl_compat.h" #include "PwDialogCore.h" #include "XcaWarningCore.h" #include #include #include #include #include #if (OPENSSL_VERSION_NUMBER >= 0x30000000L) #include #endif Passwd pki_evp::passwd; QString pki_evp::passHash = QString(); void pki_evp::init() { ownPass = ptCommon; pkiType = asym_key; } void pki_evp::setOwnPass(enum passType x) { EVP_PKEY *pk=NULL, *pk_back = key; enum passType oldOwnPass = ownPass; if (ownPass == x || isPubKey()) return; try { pk = decryptKey(); if (pk == NULL) return; key = pk; ownPass = x; encryptKey(); } catch (errorEx &err) { if (pk) EVP_PKEY_free(pk); key = pk_back; ownPass = oldOwnPass; throw(err); } } bool pki_evp::sqlUpdatePrivateKey() { if (encKey.size() <= 0) return false; Transaction; if (!TransBegin()) return false; XSqlQuery q; SQL_PREPARE(q, "UPDATE private_keys SET private=?, ownPass=? " "WHERE item=?"); q.bindValue(0, encKey_b64()); q.bindValue(1, ownPass); q.bindValue(2, sqlItemId); AffectedItems(sqlItemId); q.exec(); encKey.fill(0); encKey.clear(); if (!q.lastError().isValid() && q.numRowsAffected() == 1) { TransCommit(); return true; } return false; } void pki_evp::generate(const keyjob &task) { Entropy::seed_rng(); XcaProgress progress; BN_GENCB *bar = BN_GENCB_new(); BN_GENCB_set_old(bar, XcaProgress::inc, &progress); switch (task.ktype.type) { case EVP_PKEY_RSA: { RSA *rsakey = RSA_new(); BIGNUM *e = BN_new(); BN_set_word(e, 0x10001); if (RSA_generate_key_ex(rsakey, task.size, e, bar)) EVP_PKEY_assign_RSA(key, rsakey); else RSA_free(rsakey); BN_free(e); break; } case EVP_PKEY_DSA: { DSA *dsakey = DSA_new(); if (DSA_generate_parameters_ex(dsakey, task.size, NULL, 0, NULL, NULL, bar) && DSA_generate_key(dsakey)) EVP_PKEY_assign_DSA(key, dsakey); else DSA_free(dsakey); break; } #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: { EC_KEY *eckey; EC_GROUP *group = EC_GROUP_new_by_curve_name(task.ec_nid); if (!group) break; eckey = EC_KEY_new(); if (eckey == NULL) { EC_GROUP_free(group); break; } EC_GROUP_set_asn1_flag(group, 1); if (EC_KEY_set_group(eckey, group)) { if (EC_KEY_generate_key(eckey)) { EVP_PKEY_assign_EC_KEY(key, eckey); EC_GROUP_free(group); break; } } EC_KEY_free(eckey); EC_GROUP_free(group); break; } #ifdef EVP_PKEY_ED25519 case EVP_PKEY_ED25519: { EVP_PKEY *pkey = NULL; EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_ED25519, NULL); Q_CHECK_PTR(pctx); EVP_PKEY_keygen_init(pctx); EVP_PKEY_keygen(pctx, &pkey); EVP_PKEY_CTX_free(pctx); EVP_PKEY_free(key); key = pkey; } #endif #endif } BN_GENCB_free(bar); isPub = false; pkiSource = generated; pki_openssl_error(); encryptKey(); } pki_evp::pki_evp(const pki_evp *pk) :pki_key(pk) { init(); pki_openssl_error(); ownPass = pk->ownPass; isPub = pk->isPub; encKey = pk->getEncKey(); } pki_evp::pki_evp(const QString &n, int type) :pki_key(n) { init(); EVP_PKEY_set_type(key, type); pki_openssl_error(); } static bool EVP_PKEY_isPrivKey(EVP_PKEY *key) { const BIGNUM *b; int keytype = EVP_PKEY_id(key); switch (EVP_PKEY_type(keytype)) { case EVP_PKEY_RSA: RSA_get0_key(EVP_PKEY_get0_RSA(key), NULL, NULL, &b); return b ? true: false; case EVP_PKEY_DSA: DSA_get0_key(EVP_PKEY_get0_DSA(key), NULL, &b); return b ? true: false; #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: return EC_KEY_get0_private_key( EVP_PKEY_get0_EC_KEY(key)) ? true: false; #ifdef EVP_PKEY_ED25519 case EVP_PKEY_ED25519: { unsigned char buf[ED25519_KEYLEN]; size_t len = sizeof buf; int ret = EVP_PKEY_get_raw_private_key(key, buf, &len); ign_openssl_error(); return ret && len == ED25519_KEYLEN; } #endif #endif } return false; } pki_evp::pki_evp(EVP_PKEY *pkey) :pki_key() { init(); set_EVP_PKEY(pkey); } bool pki_evp::openssl_pw_error() const { unsigned long e = ERR_peek_error(); switch (ERR_PACK(ERR_GET_LIB(e), 0, ERR_GET_REASON(e))) { case ERR_PACK(ERR_LIB_PEM, 0, PEM_R_BAD_DECRYPT): case ERR_PACK(ERR_LIB_PEM, 0, PEM_R_BAD_PASSWORD_READ): case ERR_PACK(ERR_LIB_EVP, 0, EVP_R_BAD_DECRYPT): #if (OPENSSL_VERSION_NUMBER >= 0x30000000L) case ERR_PACK(ERR_LIB_PROV, 0, PROV_R_BAD_DECRYPT): #endif case ERR_PACK(ERR_LIB_PKCS12, 0, PKCS12_R_PKCS12_CIPHERFINAL_ERROR): pki_ign_openssl_error(); return true; } return false; } void pki_evp::fromPEMbyteArray(const QByteArray &ba, const QString &name) { EVP_PKEY *pkey; pass_info p(XCA_TITLE, tr("Please enter the password to decrypt the private key %1.") .arg(name)); pkey = load_ssh_ed25519_privatekey(ba, p); pki_ign_openssl_error(); while (!pkey) { pkey = PEM_read_bio_PrivateKey(BioByteArray(ba).ro(), NULL, PwDialogCore::pwCallback, &p); if (p.getResult() != pw_ok) throw p.getResult(); if (openssl_pw_error()) XCA_PASSWD_ERROR(); if (pki_ign_openssl_error()) break; } if (!pkey) { pki_ign_openssl_error(); pkey = PEM_read_bio_PUBKEY(BioByteArray(ba).ro(), NULL, NULL,0); } pki_openssl_error(); set_EVP_PKEY(pkey, name); } static void search_ec_oid(EVP_PKEY *pkey) { #ifndef OPENSSL_NO_EC EC_GROUP *builtin; const EC_KEY *ec; const EC_GROUP *ec_group; int keytype = EVP_PKEY_id(pkey); if (keytype != EVP_PKEY_EC) return; ec = EVP_PKEY_get0_EC_KEY(pkey); if (!ec) return; ec_group = EC_KEY_get0_group(ec); if (!ec_group) return; if (EC_GROUP_get_curve_name(ec_group)) return; /* There is an EC_GROUP with a missing OID * because of explicit parameters */ foreach(builtin_curve curve, builtinCurves) { builtin = EC_GROUP_new_by_curve_name(curve.nid); if (EC_GROUP_cmp(builtin, ec_group, NULL) == 0) { EC_GROUP_set_curve_name((EC_GROUP *)ec_group, curve.nid); EC_GROUP_set_asn1_flag((EC_GROUP *)ec_group, 1); EC_GROUP_free(builtin); break; } EC_GROUP_free(builtin); } #else (void)pkey; #endif } void pki_evp::set_EVP_PKEY(EVP_PKEY *pkey, QString name) { if (!pkey) return; if (!verify(pkey)) { pki_ign_openssl_error(); EVP_PKEY_free(pkey); throw errorEx(tr("The key from file '%1' is incomplete or inconsistent.").arg(name)); } if (key) EVP_PKEY_free(key); key = pkey; isPub = !EVP_PKEY_isPrivKey(key); if (!isPub) bogusEncryptKey(); search_ec_oid(pkey); autoIntName(name); setFilename(name); pki_openssl_error(); } EVP_PKEY *pki_evp::load_ssh_ed25519_privatekey(const QByteArray &ba, const pass_info &p) { EVP_PKEY *pkey = NULL; unsigned char *pdata; long plen; QByteArray chunk, enc_algo, kdfname, kdf, pub, priv; (void)p; // Will be used later for decryption if (!PEM_bytes_read_bio(&pdata, &plen, NULL, PEM_STRING_OPENSSH_KEY, BioByteArray(ba).ro(), NULL, NULL)) return NULL; QByteArray content((const char*)pdata, plen); OPENSSL_free(pdata); if (!content.startsWith("openssh-key-v1") || // also check trailing \0 content.constData()[sizeof "openssh-key-v1" -1]) return NULL; content.remove(0, sizeof "openssh-key-v1"); // encryption: "none", "aes256-ctr" enc_algo = ssh_key_next_chunk(&content); // KDFName "bcrypt" kdfname = ssh_key_next_chunk(&content); kdf = ssh_key_next_chunk(&content); if (enc_algo != "none" || kdfname != "none") { throw(errorEx(tr("Encrypted SSH ED25519 keys not supported, yet"))); } // check bytes 00 00 00 01 const char *d = content.constData(); if (d[0] || d[1] || d[2] || d[3] != 1) return NULL; content.remove(0, 4); // Handle first occurrence of the public key pub = ssh_key_next_chunk(&content); ssh_key_check_chunk(&pub, "ssh-ed25519"); pub = ssh_key_next_chunk(&pub); if (pub.size() != ED25519_KEYLEN) return NULL; // Followed by the private key priv = ssh_key_next_chunk(&content); // Drop 64bit random nonce priv.remove(0, 8); ssh_key_check_chunk(&priv, "ssh-ed25519"); // The first pubkey must match the second occurrence // in front of the private one if (pub != ssh_key_next_chunk(&priv)) return NULL; priv = ssh_key_next_chunk(&priv); // The private key is concatenated by the public key in one chunk if (priv.size() != 2 * ED25519_KEYLEN) return NULL; // The last ED25519_KEYLEN bytes must match the public key if (pub != priv.mid(ED25519_KEYLEN)) return NULL; // The first ED25519_KEYLEN octets are the private key #ifndef OPENSSL_NO_EC #ifdef EVP_PKEY_ED25519 pkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_ED25519, NULL, (const unsigned char *)priv.constData(), ED25519_KEYLEN); #endif #endif pki_openssl_error(); return pkey; } void pki_evp::fload(const QString &fname) { pass_info p(XCA_TITLE, tr("Please enter the password to decrypt the private key from file:\n%1"). arg(compressFilename(fname))); pem_password_cb *cb = PwDialogCore::pwCallback; pki_ign_openssl_error(); XFile file(fname); file.open_read(); QByteArray ba = file.readAll(); EVP_PKEY *pkey; do { pkey = PEM_read_bio_PrivateKey(BioByteArray(ba).ro(), NULL, cb, &p); if (p.getResult() != pw_ok) throw p.getResult(); if (openssl_pw_error()) XCA_PASSWD_ERROR(); if (pki_ign_openssl_error()) break; } while (!pkey); if (!pkey) { pki_ign_openssl_error(); pkey = d2i_PrivateKey_bio(BioByteArray(ba).ro(), NULL); } if (!pkey) { pki_ign_openssl_error(); pkey = d2i_PKCS8PrivateKey_bio(BioByteArray(ba).ro(), NULL, cb, &p); } if (!pkey) { PKCS8_PRIV_KEY_INFO *p8inf; pki_ign_openssl_error(); p8inf = d2i_PKCS8_PRIV_KEY_INFO_bio(BioByteArray(ba).ro(), NULL); if (p8inf) { pkey = EVP_PKCS82PKEY(p8inf); PKCS8_PRIV_KEY_INFO_free(p8inf); } } if (!pkey) { pki_ign_openssl_error(); pkey = b2i_PVK_bio(BioByteArray(ba).ro(), cb, &p); } if (!pkey) { pki_ign_openssl_error(); pkey = load_ssh_ed25519_privatekey(ba, p); } if (!pkey) { pki_ign_openssl_error(); pkey = PEM_read_bio_PUBKEY(BioByteArray(ba).ro(), NULL, cb, &p); } if (!pkey) { pki_ign_openssl_error(); pkey = d2i_PUBKEY_bio(BioByteArray(ba).ro(), NULL); } if (!pkey) { pki_ign_openssl_error(); pkey = load_ssh2_key(ba); } if (!pkey) { pki_ign_openssl_error(); pkey = b2i_PublicKey_bio(BioByteArray(ba).ro()); } if (pki_ign_openssl_error() || !pkey) { if (pkey) EVP_PKEY_free(pkey); throw errorEx(tr("Unable to load the private key in file %1. Tried PEM and DER private, public, PKCS#8 key types and SSH2 format.").arg(fname)); } set_EVP_PKEY(pkey, fname); } bool pki_evp::validateDatabasePassword(const Passwd &passwd) { return !passHash.isEmpty() && (sha512passwT(passwd, passHash) == passHash || sha512passwd(passwd, passHash) == passHash); } EVP_PKEY *pki_evp::tryDecryptKey() const { Passwd ownPassBuf; int ret; if (isPubKey()) { QByteArray ba = i2d_bytearray(I2D_VOID(i2d_PUBKEY), key); return (EVP_PKEY*)d2i_bytearray(D2I_VOID(d2i_PUBKEY), ba); } /* This key has its own password */ if (ownPass == ptPrivate) { pass_info pi(XCA_TITLE, tr("Please enter the password to decrypt the private key: '%1'").arg(getIntName())); ret = PwDialogCore::execute(&pi, &ownPassBuf, false); if (ret != 1) throw errorEx(tr("Password input aborted"), getClassName()); } else if (ownPass == ptBogus) { // BOGUS pass ownPassBuf = "Bogus"; } else { ownPassBuf = passwd; while (!validateDatabasePassword(ownPassBuf)) { pass_info p(XCA_TITLE, tr("Please enter the database password for decrypting the key '%1'").arg(getIntName())); ret = PwDialogCore::execute(&p, &ownPassBuf, passHash.isEmpty()); if (ret != 1) throw errorEx(tr("Password input aborted"), getClassName()); } } QByteArray myencKey = getEncKey(); qDebug() << "myencKey.size()"< 200) // break the loop after 200 tries throw errorEx(tr("Internal error decrypting the private key")); } return priv; } EVP_PKEY *pki_evp::priv2pub(EVP_PKEY* key) { int keylen; unsigned char *p, *p1; EVP_PKEY *pubkey; keylen = i2d_PUBKEY(key, NULL); p1 = p = (unsigned char *)OPENSSL_malloc(keylen); Q_CHECK_PTR(p); /* convert rsa/dsa/ec to Pubkey */ keylen = i2d_PUBKEY(key, &p); pki_openssl_error(); p = p1; pubkey = d2i_PUBKEY(NULL, (const unsigned char**)&p, keylen); OPENSSL_free(p1); pki_openssl_error(); return pubkey; } void pki_evp::encryptKey(const char *password) { Passwd ownPassBuf; pki_openssl_error(); /* This key has its own, private password */ if (ownPass == ptPrivate) { int ret; pass_info p(XCA_TITLE, tr("Please enter the password to protect the private key: '%1'"). arg(getIntName())); ret = PwDialogCore::execute(&p, &ownPassBuf, true); if (ret != 1) throw errorEx("Password input aborted", getClassName()); pki_openssl_error(); } else if (ownPass == ptBogus) { // BOGUS password ownPassBuf = "Bogus"; pki_openssl_error(); } else { if (password) { /* use the password parameter * if this is a common password */ ownPassBuf = password; pki_openssl_error(); } else { int ret = 0; ownPassBuf = passwd; pass_info p(XCA_TITLE, tr("Please enter the database password for encrypting the key")); while (!validateDatabasePassword(ownPassBuf)) { ret = PwDialogCore::execute(&p, &ownPassBuf, passHash.isEmpty()); if (ret != 1) throw errorEx("Password input aborted", getClassName()); } } } /* Convert private key to DER(PKCS8-aes) */ BioByteArray bba; i2d_PKCS8PrivateKey_bio(bba, key, EVP_aes_256_cbc(), ownPassBuf.data(), ownPassBuf.size(), NULL, 0); pki_openssl_error(); encKey = bba; /* Replace private key by public key and have the encrypted private in "encKey" */ EVP_PKEY *pkey1 = priv2pub(key); Q_CHECK_PTR(pkey1); EVP_PKEY_free(key); key = pkey1; pki_openssl_error(); } void pki_evp::set_evp_key(EVP_PKEY *pkey) { if (key) EVP_PKEY_free(key); key = pkey; } void pki_evp::bogusEncryptKey() { ownPass = ptBogus; isPub = false; encryptKey(); } pki_evp::~pki_evp() { encKey.fill(0); } QSqlError pki_evp::insertSqlData() { XSqlQuery q; QSqlError e = pki_key::insertSqlData(); if (e.isValid()) return e; if (isPubKey()) return QSqlError(); SQL_PREPARE(q, "INSERT INTO private_keys (item, ownPass, private) " "VALUES (?, ?, ?)"); q.bindValue(0, sqlItemId); q.bindValue(1, ownPass); q.bindValue(2, encKey_b64()); q.exec(); encKey.fill(0); encKey.clear(); return q.lastError(); } void pki_evp::restoreSql(const QSqlRecord &rec) { pki_key::restoreSql(rec); isPub = rec.isNull(VIEW_private_ownpass); if (!isPub) ownPass =(enum passType)rec.value(VIEW_private_ownpass).toInt(); } QByteArray pki_evp::getEncKey() const { XSqlQuery q; QSqlError e; QByteArray ba; if (encKey.size() > 0 || !sqlItemId.isValid()) return encKey; SQL_PREPARE(q, "SELECT private FROM private_keys WHERE item=?"); q.bindValue(0, sqlItemId); q.exec(); e = q.lastError(); if (e.isValid() || !q.first()) return QByteArray(); return QByteArray::fromBase64(q.value(0).toByteArray().trimmed()); } QSqlError pki_evp::deleteSqlData() { XSqlQuery q; QSqlError e = pki_key::deleteSqlData(); if (e.isValid()) return e; SQL_PREPARE(q, "DELETE FROM private_keys WHERE item=?"); q.bindValue(0, sqlItemId); q.exec(); return q.lastError(); } #ifndef LIBRESSL_VERSION_NUMBER int PEM_write_bio_PrivateKey_traditional(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc, unsigned char *kstr, int klen, pem_password_cb *cb, void *u) { QString pem = keytype::byPKEY(x).traditionalPemName(); return PEM_ASN1_write_bio((i2d_of_void *)i2d_PrivateKey, pem.toLatin1(), bp, (char*)x, enc, kstr, klen, cb, u); } #endif bool pki_evp::pem(BioByteArray &b, const pki_export *xport) { EVP_PKEY *pkey; if (xport->match_all(F_PEM | F_PRIVATE)) { pkey = decryptKey(); PEM_write_bio_PrivateKey_traditional(b, pkey, nullptr, nullptr, 0, nullptr, nullptr); EVP_PKEY_free(pkey); } else if (xport->match_all(F_PKCS8 | F_PRIVATE)) { const EVP_CIPHER *algo = xport->match_all(F_CRYPT) ? EVP_aes_256_cbc() : NULL; pkey = decryptKey(); PEM_write_bio_PrivateKey(b, pkey, algo, passwd.constUchar(), passwd.size(), NULL, NULL); EVP_PKEY_free(pkey); } else return pki_key::pem(b, xport); return true; } void pki_evp::fillJWK(QJsonObject &json, const pki_export *xport) const { pki_key::fillJWK(json, xport); if (!xport->match_all(F_PRIVATE)) return; EVP_PKEY *pkey = decryptKey(); switch (getKeyType()) { case EVP_PKEY_RSA: { const RSA *rsa = EVP_PKEY_get0_RSA(pkey); const BIGNUM *p, *q, *d, *dp, *dq, *qi; Q_CHECK_PTR(rsa); RSA_get0_key(rsa, NULL, NULL, &d); RSA_get0_factors(rsa, &p, &q); RSA_get0_crt_params(rsa, &dp, &dq, &qi); json["p"] = base64UrlEncode(p); json["q"] = base64UrlEncode(q); json["d"] = base64UrlEncode(d); json["dp"] = base64UrlEncode(dp); json["dq"] = base64UrlEncode(dq); json["qi"] = base64UrlEncode(qi); break; } #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: { const EC_KEY *ec = EVP_PKEY_get0_EC_KEY(pkey); Q_CHECK_PTR(ec); json["d"] = base64UrlEncode(EC_KEY_get0_private_key(ec), EVP_PKEY_bits(key)); break; } #endif } EVP_PKEY_free(pkey); }; void pki_evp::writePKCS8(XFile &file, const EVP_CIPHER *enc, pem_password_cb *cb, bool pem) const { pass_info p(XCA_TITLE, tr("Please enter the password to protect the PKCS#8 key '%1' in file:\n%2") .arg(getIntName()).arg(nativeSeparator(file.fileName()))); EVP_PKEY *pkey = decryptKey(); if (!pkey) { pki_openssl_error(); return; } BioByteArray b; if (pem) { b += PEM_comment(); PEM_write_bio_PKCS8PrivateKey(b, pkey, enc, NULL, 0, cb, &p); } else { i2d_PKCS8PrivateKey_bio(b, pkey, enc, NULL, 0, cb, &p); } EVP_PKEY_free(pkey); file.write(b); } void pki_evp::writePVKprivate(XFile &file) const { EVP_PKEY *pkey = decryptKey(); if (!pkey) { pki_openssl_error(); return; } /* In case of success! the error * PEMerr(PEM_F_I2B_PVK_BIO, PEM_R_BIO_WRITE_FAILURE) * is set. Workaround this behavior */ BioByteArray b; if (i2b_PVK_bio(b, pkey, 0, nullptr, nullptr) == -1) { pki_openssl_error(); PEMerr(PEM_F_I2B_PVK_BIO, PEM_R_BIO_WRITE_FAILURE); pki_openssl_error(); } ign_openssl_error(); EVP_PKEY_free(pkey); file.write(b); } static int mycb(char *buf, int size, int, void *) { strncpy(buf, pki_evp::passwd, size); return strlen(pki_evp::passwd); } void pki_evp::writeDefault(const QString &dirname) const { XFile file(get_dump_filename(dirname, ".pem")); file.open_key(); writeKey(file, pki_evp::passwd.isEmpty() ? NULL : EVP_aes_256_cbc(), mycb, true); } void pki_evp::writeKey(XFile &file, const EVP_CIPHER *enc, pem_password_cb *cb, bool pem) const { pass_info p(XCA_TITLE, tr("Please enter the password to protect the private key '%1' in file:\n%2") .arg(getIntName()).arg(nativeSeparator(file.fileName()))); if (isPubKey()) { writePublic(file, pem); return; } EVP_PKEY *pkey = key ? decryptKey() : NULL; if (!pkey) { pki_openssl_error(); return; } BioByteArray b; if (pem) { b += PEM_comment(); PEM_write_bio_PrivateKey_traditional(b, pkey, enc, NULL, 0, cb, &p); } else { i2d_PrivateKey_bio(b, pkey); } EVP_PKEY_free(pkey); pki_openssl_error(); file.write(b); } void pki_evp::write_SSH2_ed25519_private(BIO *b, const EVP_PKEY *pkey) const { #ifndef OPENSSL_NO_EC static const char data0001[] = { 0, 0, 0, 1}; char buf_nonce[8]; QByteArray data, priv, pubfull; pubfull = SSH2publicQByteArray(true); RAND_bytes((unsigned char*)buf_nonce, sizeof buf_nonce); priv.append(buf_nonce, sizeof buf_nonce); priv += pubfull; ssh_key_QBA2data(ed25519PrivKey(pkey) + ed25519PubKey(), &priv); data = "openssh-key-v1"; data.append('\0'); ssh_key_QBA2data("none", &data); // enc-alg ssh_key_QBA2data("none", &data); // KDF name ssh_key_QBA2data("", &data); // KDF data data.append(data0001, sizeof data0001); ssh_key_QBA2data(pubfull, &data); ssh_key_QBA2data(priv, &data); PEM_write_bio(b, PEM_STRING_OPENSSH_KEY, (char*)"", (unsigned char*)(data.data()), data.size()); pki_openssl_error(); #else (void)b; (void)pkey; #endif } void pki_evp::writeSSH2private(XFile &file) const { EVP_PKEY *pkey = decryptKey(); if (!pkey) { pki_openssl_error(); return; } #ifdef EVP_PKEY_ED25519 if (getKeyType() == EVP_PKEY_ED25519) { BioByteArray b; write_SSH2_ed25519_private(b, pkey); file.write(b); } else #endif writeKey(file, nullptr, nullptr, true); EVP_PKEY_free(pkey); } bool pki_evp::verify(EVP_PKEY *pkey) const { if (!EVP_PKEY_isPrivKey(pkey)) return pki_key::verify(pkey); EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new(pkey, NULL); Q_CHECK_PTR(ctx); int verify = EVP_PKEY_check(ctx); EVP_PKEY_CTX_free(ctx); if (verify == -2) { // Operation not supported assume true pki_ign_openssl_error(); } pki_openssl_error(); return verify; } QVariant pki_evp::getIcon(const dbheader *hd) const { if (hd->id != HD_internal_name) return QVariant(); return QVariant(QPixmap(isPubKey() ? ":pubkeyIco" : ":keyIco")); } QString pki_evp::md5passwd(QByteArray pass) { return formatHash(Digest(pass, EVP_md5())); } QString pki_evp::_sha512passwd(QByteArray pass, QString salt, int size, int repeat) { if (salt.length() < size) return QString(); salt = salt.left(size); pass = salt.toLatin1() + pass; while (repeat--) pass = Digest(pass, EVP_sha512()); return salt + formatHash(pass, ""); } QString pki_evp::sha512passwd(QByteArray pass, QString salt) { return _sha512passwd(pass, salt, 5, 1); } QString pki_evp::sha512passwT(QByteArray pass, QString salt) { return _sha512passwd(pass, salt, 17, 8000); } xca-RELEASE.2.9.0/lib/pki_evp.h000066400000000000000000000050031477156507700157510ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_EVP_H #define __PKI_EVP_H #include #include #include #include #include "pki_key.h" #include "Passwd.h" #define VIEW_private_ownpass 9 class pass_info; class pki_evp: public pki_key { Q_OBJECT QByteArray encKey; void init(); QByteArray getEncKey() const; QString encKey_b64() { return QString::fromLatin1(encKey.toBase64()); } static QString _sha512passwd(QByteArray pass, QString salt, int size, int repeat); void set_EVP_PKEY(EVP_PKEY *pkey, QString name = QString()); protected: bool openssl_pw_error() const; public: static QString passHash; static Passwd passwd; static QString md5passwd(QByteArray pass); static QString sha512passwd(QByteArray pass, QString salt); static QString sha512passwT(QByteArray pass, QString salt); static bool validateDatabasePassword(const Passwd &passwd); pki_evp(const QString &n = QString(), int type = EVP_PKEY_RSA); pki_evp(const pki_evp *pkey); pki_evp(EVP_PKEY *pkey); virtual ~pki_evp(); void generate(const keyjob &task); void setOwnPass(enum passType); void set_evp_key(EVP_PKEY *pkey); void encryptKey(const char *password = NULL); void bogusEncryptKey(); bool updateLegacyEncryption(); EVP_PKEY *decryptKey() const; EVP_PKEY *tryDecryptKey() const; EVP_PKEY *legacyDecryptKey(QByteArray &myencKey, Passwd &ownPassBuf) const; EVP_PKEY *priv2pub(EVP_PKEY* key); static QString removeTypeFromIntName(QString n); void fromPEMbyteArray(const QByteArray &ba, const QString &name); void fload(const QString &fname); virtual bool pem(BioByteArray &b, const pki_export *xport); EVP_PKEY *load_ssh_ed25519_privatekey(const QByteArray &ba, const pass_info &p); void writeDefault(const QString &dirname) const; void writeKey(XFile &file, const EVP_CIPHER *enc, pem_password_cb *cb, bool pem) const; void writePKCS8(XFile &file, const EVP_CIPHER *enc, pem_password_cb *cb, bool pem) const; void writePVKprivate(XFile &file) const; void writeSSH2private(XFile &file) const; void write_SSH2_ed25519_private(BIO *b, const EVP_PKEY *pkey) const; void fillJWK(QJsonObject &json, const pki_export *xport) const; bool verify(EVP_PKEY *pkey) const; QVariant getIcon(const dbheader *hd) const; bool sqlUpdatePrivateKey(); QSqlError insertSqlData(); QSqlError deleteSqlData(); void restoreSql(const QSqlRecord &rec); }; #endif xca-RELEASE.2.9.0/lib/pki_export.cpp000066400000000000000000000175631477156507700170510ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2021 Christian Hohnstaedt. * * All rights reserved. */ #include "pki_export.h" #include pki_export::pki_export(int i, enum pki_type p, const QString &e, const QString &d, int f, const QString &h) : id(i), pki_type(p), extension(e), flags(f), desc(d), help(h) { } bool pki_export::match_all(int match_flags) const { return (flags & match_flags) == match_flags; } QList pki_export::select(enum pki_type pki_type, int disable) { QList ret; foreach(const pki_export *exp, elements) { if (exp->pki_type == pki_type) qDebug() << exp->id << QString("Disable %1 %2").arg(disable, 0, 16).arg(disable & exp->flags, 0, 16); if (exp->pki_type == pki_type && (disable & exp->flags) == 0) ret << exp; } return ret; } const pki_export *pki_export::by_id(int id) { foreach(const pki_export *exp, elements) { if (exp->id == id) return exp; } return NULL; } void pki_export::free_elements() { #ifndef QT_NO_DEBUG QList ids; foreach(pki_export *e, elements) { Q_ASSERT(!ids.contains(e->id)); ids << e->id; } #endif qDeleteAll(elements); elements.clear(); } QList pki_export::elements; void pki_export::init_elements() { free_elements(); elements = QList { new pki_export( 1, x509, "crt", "PEM", F_PEM | F_USUAL | F_SINGLE | F_CLIPBOARD, tr("PEM Text format with headers")), new pki_export( 3, x509, "pem", tr("PEM selected"), F_PEM | F_MULTI, tr("Concatenated list of all selected certificates in one PEM text file")), new pki_export( 2, x509, "pem", tr("PEM chain"), F_PEM | F_USUAL | F_CHAIN | F_SINGLE | F_CLIPBOARD, tr("Concatenated text format of the complete certificate chain in one PEM file")), new pki_export( 4, x509, "ovpn", "OpenVPN", F_OVPN | F_CHAIN | F_PRIVATE | F_SINGLE, tr("The complete certificate chain and the private key of the selected certificate with tags usable in OpenVPN configuration files")), new pki_export( 6, x509, "pem", tr("PEM + key"), F_PEM | F_PRIVATE| F_SINGLE | F_CLIPBOARD, tr("Concatenation of the certificate and the unencrypted private key in one PEM file")), new pki_export( 7, x509, "pem", "PEM + PKCS#8", F_PEM | F_PKCS8 | F_PRIVATE | F_CRYPT | F_SINGLE | F_CLIPBOARD, tr("Concatenation of the certificate and the encrypted private key in PKCS#8 format in one file")), new pki_export(40, x509, "pem", tr("All unusable"), F_PEM | F_UNUSABLE, tr("Concatenation of all expired or revoked certificates in one PEM file")), new pki_export( 8, x509, "p7b", "PKCS #7", F_PKCS7 | F_USUAL | F_SINGLE, tr("PKCS#7 encoded single certificate")), new pki_export(10, x509, "p7b", "PKCS #7", F_PKCS7 | F_USUAL | F_MULTI, tr("All selected certificates encoded in one PKCS#7 file")), new pki_export(12, x509, "p7b", tr("PKCS #7 chain"), F_PKCS7 | F_USUAL | F_CHAIN | F_SINGLE, tr("PKCS#7 encoded complete certificate chain")), new pki_export(41, x509, "p7b", tr("PKCS #7 unusable"), F_PKCS7 | F_UNUSABLE, tr("PKCS#7 encoded collection of all expired or revoked certificates")), new pki_export(13, x509, "cer", "DER", F_DER | F_SINGLE, tr("Binary DER encoded certificate")), new pki_export(14, x509, "pfx", tr("PKCS #12 chain"),F_PKCS12 | F_USUAL | F_CHAIN | F_CRYPT | F_PRIVATE | F_SINGLE, tr("The complete certificate chain and the private key as encrypted PKCS#12 file")), new pki_export(15, x509, "pfx", tr("PKCS #12"), F_PKCS12 | F_USUAL | F_CRYPT | F_PRIVATE | F_SINGLE, tr("The certificate and the private key as encrypted PKCS#12 file")), new pki_export(16, x509, "txt", tr("Certificate Index file"), F_INDEX | F_CA, tr("OpenSSL specific Certificate Index file as created by the 'ca' command and required by the OCSP tool")), new pki_export(17, x509, "ics", tr("vCalendar"), F_CAL, tr("vCalendar expiry reminder for the selected items")), new pki_export(18, x509, "ics", tr("CA vCalendar"), F_CAL | F_CA, tr("vCalendar expiry reminder containing all issued, valid certificates, the CA itself and the latest CRL")), new pki_export(38, x509, "conf", tr("OpenSSL config"), F_SINGLE | F_CONFIG, tr("OpenSSL configuration file to create a certificate or request with the openssl commandline tool")), new pki_export(39, x509, "key", tr("OpenVPN tls-auth key"), F_SINGLE | F_TAKEY, tr("The OpenVPN tls-auth key is a secret key shared between endpoints")), new pki_export(42, x509, "jwk", tr("JSON Web Kit"), F_JWK, tr("The public key of the certificate in JSON Web Kit format with X.509 Certificate Thumbprint (x5t)")), new pki_export(43, x509, "jwk", tr("JSON Web Kit chain"), F_JWK | F_JWK_X5C, tr("The public key of the certificate in JSON Web Kit format with X.509 Certificate Thumbprint (x5t) and certificate chain (x5c)")), new pki_export(19, asym_key, "pem", tr("PEM public"), F_PEM | F_CLIPBOARD, tr("Text format of the public key in one PEM file")), new pki_export(20, asym_key, "pem", tr("PEM private"), F_PEM | F_PRIVATE | F_USUAL | F_CLIPBOARD, tr("Unencrypted private key in text format")), new pki_export(21, asym_key, "pem", tr("PEM encrypted"), F_PEM | F_PRIVATE | F_CRYPT | F_SINGLE | F_TRADITION, tr("OpenSSL specific encrypted private key in text format")), new pki_export(22, asym_key, "priv",tr("SSH2 private"), F_PRIVATE | F_SSH2 | F_SINGLE, tr("Unencrypted private key in text format")), new pki_export(23, asym_key, "pub" ,tr("SSH2 public"), F_SSH2, tr("The public key encoded in SSH2 format")), new pki_export(24, asym_key, "der", tr("DER public"), F_DER | F_SINGLE, tr("Binary DER format of the public key")), new pki_export(25, asym_key, "der", tr("DER private"), F_DER | F_PRIVATE | F_SINGLE, tr("Unencrypted private key in binary DER format")), new pki_export(26, asym_key, "pvk", tr("PVK private"), F_PVK | F_PRIVATE | F_SINGLE, tr("Private key in Microsoft PVK format not encrypted")), new pki_export(28, asym_key, "pk8", tr("PKCS #8 encrypted"), F_PKCS8 | F_PRIVATE | F_CRYPT | F_USUAL | F_SINGLE, tr("Encrypted private key in PKCS#8 text format")), new pki_export(29, asym_key, "pk8", tr("PKCS #8"), F_PKCS8 | F_PRIVATE | F_CLIPBOARD | F_SINGLE, tr("Unencrypted private key in PKCS#8 text format")), new pki_export(50, asym_key, "jwk", tr("JSON Web Key private"), F_JWK | F_PRIVATE, tr("Unencrypted private key in JSON Web Key format")), new pki_export(51, asym_key, "jwk", tr("JSON Web Key public"), F_JWK, tr("Public key in JSON Web Key format")), new pki_export(30, x509_req, "csr", "PEM", F_PEM, tr("PEM Text format with headers")), new pki_export(31, x509_req, "der", "DER", F_DER | F_SINGLE, tr("Binary DER format of the certificate request")), new pki_export(37, x509_req, "conf", tr("OpenSSL config"), F_SINGLE | F_CONFIG, tr("OpenSSL configuration file to create a certificate or request with the openssl commandline tool")), new pki_export(32, revocation, "crl", "PEM", F_PEM, tr("PEM Text format with headers")), new pki_export(33, revocation, "der", "DER", F_DER | F_SINGLE, tr("Binary DER format of the revocation list")), new pki_export(34, revocation, "ics", tr("vCalendar"), F_CAL, tr("vCalendar reminder for the CRL expiry date")), new pki_export(35, tmpl, "xca", "PEM", F_PEM | F_SINGLE, tr("XCA template in PEM-like format. Templates include the internal name and comment")), new pki_export(36, tmpl, "pem", "PEM", F_PEM | F_MULTI, tr("All selected XCA templates in PEM-like format. Templates include the internal name and comment")), }; } xca-RELEASE.2.9.0/lib/pki_export.h000066400000000000000000000042301477156507700165010ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2021 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_EXPORT_H #define __PKI_EXPORT_H #include #include #include #include #define BIT(n) (1< select(enum pki_type, int); static const pki_export *by_id(int id); static void free_elements(); static void init_elements(); bool match_all(int match_flags) const; private: static QList elements; }; #endif xca-RELEASE.2.9.0/lib/pki_key.cpp000066400000000000000000000466361477156507700163230ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2009 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include #include "pki_key.h" #include "pki_x509super.h" #include "func.h" #include "pkcs11.h" #include "pki_export.h" #include "XcaWarningCore.h" #include #include builtin_curves builtinCurves; keyjob keyjob::defaultjob; pki_key::pki_key(const QString &name) :pki_base(name) { key = EVP_PKEY_new(); key_size = 0; isPub = true; useCount = -1; } pki_key::pki_key(const pki_key *pk) :pki_base(pk) { if (pk->key) { QByteArray ba = i2d_bytearray(I2D_VOID(i2d_PUBKEY), pk->key); key = NULL; d2i(ba); sqlItemId = pk->sqlItemId; } else { key = EVP_PKEY_new(); } key_size = pk->key_size; useCount = -1; } pki_key::~pki_key() { if (key) EVP_PKEY_free(key); } void pki_key::autoIntName(const QString &file) { pki_base::autoIntName(file); if (!getIntName().isEmpty()) return; setIntName(QString("%1 %2%3").arg(length(), getTypeString(), isPubKey() ? QString(" ") + tr("Public key") : QString())); } void pki_key::d2i(QByteArray &ba) { EVP_PKEY *k = (EVP_PKEY*)d2i_bytearray(D2I_VOID(d2i_PUBKEY), ba); pki_openssl_error(); if (k) { if (key) EVP_PKEY_free(key); key = k; } } void pki_key::d2i_old(QByteArray &ba, int type) { const unsigned char *p, *p1; p = p1 = (const unsigned char *)ba.constData(); EVP_PKEY *k = d2i_PublicKey(type, NULL, &p1, ba.size()); pki_openssl_error(); if (k) { if (key) EVP_PKEY_free(key); key = k; } ba = ba.mid(p1-p); } QByteArray pki_key::i2d() const { return i2d_bytearray(I2D_VOID(i2d_PUBKEY), key); } bool pki_key::pem(BioByteArray &b) { return pem(b, pki_export::by_id(Settings["KeyFormat"])); } bool pki_key::pem(BioByteArray &b, const pki_export *xport) { if (xport->match_all(F_PRIVATE)) return false; if (xport->match_all(F_SSH2)) b += SSH2publicQByteArray(); else if (xport->match_all(F_PEM)) PEM_write_bio_PUBKEY(b, key); return true; } QString pki_key::getJWKcrv() const { const char *name = nullptr; #ifndef OPENSSL_NO_EC if (getKeyType() == EVP_PKEY_EC) { const EC_KEY *ec = EVP_PKEY_get0_EC_KEY(key); int nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec)); switch (nid) { case NID_X9_62_prime256v1: case NID_secp384r1: case NID_secp521r1: case NID_secp256k1: name = EC_curve_nid2nist(nid); if (!name) name = OBJ_nid2sn(nid); } qDebug() << name << OBJ_nid2sn(nid) << nid; } #endif return QString(name); } void pki_key::fillJWK(QJsonObject &json, const pki_export *) const { json["kid"] = getIntName(); switch (getKeyType()) { case EVP_PKEY_RSA: { const RSA *rsa = EVP_PKEY_get0_RSA(key); Q_CHECK_PTR(rsa); const BIGNUM *n, *e; RSA_get0_key(rsa, &n, &e, NULL); json["n"] = base64UrlEncode(n); json["e"] = base64UrlEncode(e); json["kty"] = "RSA"; break; } #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: { const EC_KEY *ec = EVP_PKEY_get0_EC_KEY(key); BIGNUM *x = BN_new(), *y = BN_new(); Q_CHECK_PTR(x); Q_CHECK_PTR(y); if (EC_POINT_get_affine_coordinates_GFp(EC_KEY_get0_group(ec), EC_KEY_get0_public_key(ec), x, y, NULL)) { int bits = EVP_PKEY_bits(key); json["x"] = base64UrlEncode(x, bits); json["y"] = base64UrlEncode(y, bits); json["kty"] = "EC"; json["crv"] = getJWKcrv(); } BN_free(x); BN_free(y); break; } #endif } }; QString pki_key::length() const { bool dsa_unset = false; if (getKeyType() == EVP_PKEY_DSA) { const BIGNUM *p = NULL; const DSA *dsa = EVP_PKEY_get0_DSA(key); if (dsa) DSA_get0_pqg(dsa, &p, NULL, NULL); dsa_unset = p == NULL; } if (dsa_unset) return QString("???"); return QString("%1 bit").arg(EVP_PKEY_bits(key)); } /* getKeyTypeString() returns RSA * getTypeString() returns RSA or "Token RSA" for tokens */ QString pki_key::getKeyTypeString() const { return keytype::byPKEY(key).name; } QString pki_key::getTypeString() const { return getKeyTypeString(); } QString pki_key::getMsg(msg_type msg, int n) const { /* * We do not construct english sentences (just a little bit) * from fragments to allow proper translations. * The drawback are all the slightly different duplicated messages */ QString ktype = getTypeString(); if (isPubKey()) { switch (msg) { case msg_import: return tr("Successfully imported the %1 public key '%2'", "%1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key").arg(ktype); case msg_delete: return tr("Delete the %n %1 public key(s) '%2'?", "%1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal name(s) of the key(s)", n).arg(ktype); default: break; } } else { switch (msg) { case msg_import: return tr("Successfully imported the %1 private key '%2'", "%1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key").arg(ktype); case msg_delete: return tr("Delete the %n %1 private key(s) '%2'?", "%1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is/are the internal name(s) of the key(s)", n).arg(ktype); case msg_create: return tr("Successfully created the %1 private key '%2'", "%1 will be replaced by 'RSA', 'DSA', 'EC'. %2 is the internal name of the key").arg(ktype); default: break; } } return pki_base::getMsg(msg); } QString pki_key::comboText() const { return QString("%1 (%2:%3%4)").arg(getIntName()).arg(getTypeString()). arg(length()).arg(isPubKey() ? QString(" ") + tr("Public key") : QString("")); } bool pki_key::isToken() { return false; } bool pki_key::isPrivKey() const { return !isPubKey(); } int pki_key::getUcount() const { XSqlQuery q; if (useCount != -1) return useCount; int size = -1; SQL_PREPARE(q, "SELECT COUNT(*) FROM x509super WHERE pkey=?"); q.bindValue(0, sqlItemId); q.exec(); if (q.first()) size = q.value(0).toInt(); else qDebug("Failed to get key count for %s", CCHAR(getIntName())); XCA_SQLERROR(q.lastError()); useCount = size; return size; } int pki_key::getKeyType() const { return EVP_PKEY_id(key); } QString pki_key::modulus() const { if (getKeyType() == EVP_PKEY_RSA) { const BIGNUM *n = NULL; const RSA *rsa = EVP_PKEY_get0_RSA(key); RSA_get0_key(rsa, &n, NULL, NULL); return BN2QString(n); } return QString(); } QString pki_key::pubEx() const { if (getKeyType() == EVP_PKEY_RSA) { const BIGNUM *e = NULL; const RSA *rsa = EVP_PKEY_get0_RSA(key); RSA_get0_key(rsa, NULL, &e, NULL); return BN2QString(e); } return QString(); } QString pki_key::subprime() const { if (getKeyType() == EVP_PKEY_DSA) { const BIGNUM *q = NULL; const DSA *dsa = EVP_PKEY_get0_DSA(key); if (dsa) DSA_get0_pqg(dsa, NULL, &q, NULL); return BN2QString(q); } return QString(); } QString pki_key::pubkey() const { if (getKeyType() == EVP_PKEY_DSA) { const BIGNUM *pubkey = NULL; const DSA *dsa = EVP_PKEY_get0_DSA(key); if (dsa) DSA_get0_key(dsa, &pubkey, NULL); return BN2QString(pubkey); } return QString(); } #ifndef OPENSSL_NO_EC int pki_key::ecParamNid() const { const EC_KEY *ec; if (getKeyType() != EVP_PKEY_EC) return NID_undef; ec = EVP_PKEY_get0_EC_KEY(key); return EC_GROUP_get_curve_name(EC_KEY_get0_group(ec)); } BIGNUM *pki_key::ecPubKeyBN() const { if (getKeyType() != EVP_PKEY_EC) return NULL; const EC_KEY *ec = EVP_PKEY_get0_EC_KEY(key); return EC_POINT_point2bn(EC_KEY_get0_group(ec), EC_KEY_get0_public_key(ec), EC_KEY_get_conv_form(ec), NULL, NULL); } QString pki_key::ecPubKey() const { QString pub; BIGNUM *pub_key = ecPubKeyBN(); if (pub_key) { pub = BN2QString(pub_key); BN_free(pub_key); } return pub; } #ifdef EVP_PKEY_ED25519 static QByteArray ed25519Key(int(*EVP_PKEY_get_raw) (const EVP_PKEY*, unsigned char *, size_t *), const EVP_PKEY *pkey) { unsigned char k[ED25519_KEYLEN]; size_t len = sizeof k; if (EVP_PKEY_id(pkey) == EVP_PKEY_ED25519 && EVP_PKEY_get_raw(pkey, k, &len)) return QByteArray((char*)k, len); return QByteArray(); } QByteArray pki_key::ed25519PubKey() const { return ed25519Key(EVP_PKEY_get_raw_public_key, key); } QByteArray pki_key::ed25519PrivKey(const EVP_PKEY *pkey) const { return ed25519Key(EVP_PKEY_get_raw_private_key, pkey); } #else QByteArray pki_key::ed25519PubKey() const { return QByteArray(); } QByteArray pki_key::ed25519PrivKey(const EVP_PKEY *) const { return QByteArray(); } #endif #endif QList pki_key::possibleHashNids() { QList nids; QList allSha2 = { NID_sha224, NID_sha256, NID_sha384, NID_sha512 }; #ifndef LIBRESSL_VERSION_NUMBER QList allSha3 = { NID_sha3_224, NID_sha3_256, NID_sha3_384, NID_sha3_512 }; #else QList allSha3; #endif switch (EVP_PKEY_type(getKeyType())) { case EVP_PKEY_RSA: nids << NID_md5 << NID_ripemd160 << NID_sha1; nids += allSha2 + allSha3; break; case EVP_PKEY_DSA: nids << NID_sha1 << NID_sha224 << NID_sha256; break; #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: nids << NID_sha1; nids += allSha2 + allSha3; break; #ifdef EVP_PKEY_ED25519 case EVP_PKEY_ED25519: nids << NID_undef; #endif #endif } return nids; }; bool pki_key::compare(const pki_base *ref) const { const pki_key *kref = (pki_key *)ref; if (kref->getKeyType() != getKeyType()) return false; if (!kref || !kref->key || !key) return false; int r = EVP_PKEY_cmp(key, kref->key); pki_openssl_error(); return r == 1; } void pki_key::writePublic(XFile &file, bool pem) const { BioByteArray b; if (pem) { b += PEM_comment(); PEM_write_bio_PUBKEY(b, key); } else { i2d_PUBKEY_bio(b, key); } pki_openssl_error(); file.write(b); } QString pki_key::BN2QString(const BIGNUM *bn) const { QByteArray hex, ba = BioByteArray(bn); for(int i = 0; iid) { case HD_key_type: return QVariant(getTypeString()); case HD_key_size: return QVariant(length()); case HD_key_use: return QVariant(getUcount()); case HD_key_passwd: if (isPubKey()) return QVariant(tr("No password")); if (ownPass<0 || ownPass>3) return QVariant("Holla die Waldfee"); return QVariant(sl[ownPass]); case HD_key_curve: QString r; #ifndef OPENSSL_NO_EC if (getKeyType() == EVP_PKEY_EC) r = OBJ_nid2sn(ecParamNid()); #endif return QVariant(r); } return pki_base::column_data(hd); } QSqlError pki_key::insertSqlData() { unsigned myhash = hash(); XSqlQuery q; QList list; SQL_PREPARE(q, "SELECT item FROM x509super WHERE key_hash=? AND " "pkey IS NULL"); q.bindValue(0, myhash); q.exec(); if (q.lastError().isValid()) return q.lastError(); while (q.next()) { pki_x509super *x; x = Store.lookupPki(q.value(0)); if (!x) { qDebug("X509 Super class with id %d not found", q.value(0).toInt()); continue; } if (x->compareRefKey(this)) { x->setRefKey(this); list << x; } } q.finish(); SQL_PREPARE(q, "UPDATE x509super SET pkey=? WHERE item=?"); q.bindValue(0, sqlItemId); foreach(pki_x509super* x, list) { q.bindValue(1, x->getSqlItemId()); q.exec(); AffectedItems(x->getSqlItemId()); if (q.lastError().isValid()) return q.lastError(); } q.finish(); SQL_PREPARE(q, "INSERT INTO public_keys (item, type, hash, len, \"public\") " "VALUES (?, ?, ?, ?, ?)"); q.bindValue(0, sqlItemId); q.bindValue(1, getKeyTypeString().left(4)); q.bindValue(2, myhash); q.bindValue(3, EVP_PKEY_bits(key)); q.bindValue(4, i2d_b64()); q.exec(); return q.lastError(); } void pki_key::restoreSql(const QSqlRecord &rec) { pki_base::restoreSql(rec); QByteArray ba = QByteArray::fromBase64( rec.value(VIEW_public_keys_public).toByteArray()); d2i(ba); key_size = rec.value(VIEW_public_keys_len).toInt(); } QSqlError pki_key::deleteSqlData() { XSqlQuery q; QSqlError e; SQL_PREPARE(q, "DELETE FROM public_keys WHERE item=?"); q.bindValue(0, sqlItemId); q.exec(); e = q.lastError(); if (e.isValid()) return e; SQL_PREPARE(q, "UPDATE x509super SET pkey=NULL WHERE pkey=?"); q.bindValue(0, sqlItemId); AffectedItems(sqlItemId); q.exec(); return q.lastError(); } void pki_key::ssh_key_check_chunk(QByteArray *ba, const char *expect) const { QByteArray chunk = ssh_key_next_chunk(ba); if (chunk != expect) throw errorEx(tr("Unexpected SSH2 content: '%1'") .arg(QString(chunk))); } BIGNUM *pki_key::ssh_key_data2bn(QByteArray *ba) const { QByteArray chunk = ssh_key_next_chunk(ba); BIGNUM *bn = BN_bin2bn((const unsigned char *)chunk.constData(), chunk.size(), NULL); Q_CHECK_PTR(bn); return bn; } QByteArray pki_key::ssh_key_next_chunk(QByteArray *ba) const { QByteArray chunk; const char *d; int len; if (!ba || ba->size() < 4) throw errorEx(tr("Invalid SSH2 public key")); d = ba->constData(); len = (d[0] << 24) + (d[1] << 16) + (d[2] << 8) + d[3]; if (ba->size() < len + 4) throw errorEx(tr("Invalid SSH2 public key")); chunk = ba->mid(4, len); ba->remove(0, len +4); return chunk; } EVP_PKEY *pki_key::load_ssh2_key(const QByteArray &b) { /* See RFC 4253 Section 6.6 */ QStringList sl; EVP_PKEY *pk = NULL; QByteArray ba(b); #if (QT_VERSION >= QT_VERSION_CHECK(5, 14, 0)) sl = QString(ba).split(" ", Qt::SkipEmptyParts); #else sl = QString(ba).split(" ", QString::SkipEmptyParts); #endif if (sl.size() < 2) return NULL; ba = QByteArray::fromBase64(sl[1].toLatin1()); if (sl[0].startsWith("ssh-rsa")) { ssh_key_check_chunk(&ba, "ssh-rsa"); BIGNUM *e = ssh_key_data2bn(&ba); BIGNUM *n = ssh_key_data2bn(&ba); RSA *rsa = RSA_new(); Q_CHECK_PTR(rsa); RSA_set0_key(rsa, n, e, NULL); pk = EVP_PKEY_new(); Q_CHECK_PTR(pk); EVP_PKEY_assign_RSA(pk, rsa); } else if (sl[0].startsWith("ssh-dss")) { ssh_key_check_chunk(&ba, "ssh-dss"); BIGNUM *p = ssh_key_data2bn(&ba); BIGNUM *q = ssh_key_data2bn(&ba); BIGNUM *g = ssh_key_data2bn(&ba); BIGNUM *pubkey = ssh_key_data2bn(&ba); DSA *dsa = DSA_new(); Q_CHECK_PTR(dsa); DSA_set0_pqg(dsa, p, q, g); DSA_set0_key(dsa, pubkey, NULL); pk = EVP_PKEY_new(); Q_CHECK_PTR(pk); EVP_PKEY_assign_DSA(pk, dsa); #ifndef OPENSSL_NO_EC } else if (sl[0].startsWith("ecdsa-sha2-nistp256")) { EC_KEY *ec; /* Skip "ecdsa-sha2..." */ ssh_key_check_chunk(&ba, "ecdsa-sha2-nistp256"); ssh_key_check_chunk(&ba, "nistp256"); BIGNUM *bn = ssh_key_data2bn(&ba); ec = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); Q_CHECK_PTR(ec); EC_KEY_set_asn1_flag(ec, OPENSSL_EC_NAMED_CURVE); EC_KEY_set_public_key(ec, EC_POINT_bn2point( EC_KEY_get0_group(ec), bn, NULL, NULL)); BN_free(bn); pki_openssl_error(); pk = EVP_PKEY_new(); Q_CHECK_PTR(pk); EVP_PKEY_assign_EC_KEY(pk, ec); #ifdef EVP_PKEY_ED25519 } else if (sl[0].startsWith("ssh-ed25519")) { ssh_key_check_chunk(&ba, "ssh-ed25519"); QByteArray pub = ssh_key_next_chunk(&ba); pk = EVP_PKEY_new_raw_public_key(EVP_PKEY_ED25519, NULL, (const unsigned char *)pub.constData(), pub.size()); pki_openssl_error(); #endif #endif } else { throw errorEx(tr("Unexpected SSH2 content: '%1'").arg(sl[0])); } if (sl.size() > 2 && pk) setComment(sl[2].section('\n', 0, 0)); return pk; } void pki_key::ssh_key_QBA2data(const QByteArray &ba, QByteArray *data) const { int size = ba.size(); unsigned char p[4]; p[0] = (size >> 24) & 0xff; p[1] = (size >> 16) & 0xff; p[2] = (size >> 8) & 0xff; p[3] = size & 0xff; data->append((char*)p, sizeof p); data->append(ba); } void pki_key::ssh_key_bn2data(const BIGNUM *bn, QByteArray *data) const { ssh_key_QBA2data(BioByteArray(bn), data); } bool pki_key::SSH2_compatible() const { switch (getKeyType()) { #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: return ecParamNid() == NID_X9_62_prime256v1; #ifdef EVP_PKEY_ED25519 case EVP_PKEY_ED25519: #endif #endif case EVP_PKEY_RSA: case EVP_PKEY_DSA: return true; } return false; } QByteArray pki_key::SSH2publicQByteArray(bool raw) const { QByteArray txt, data; switch (getKeyType()) { case EVP_PKEY_RSA: txt = "ssh-rsa"; ssh_key_QBA2data(txt, &data); { const RSA *rsa = EVP_PKEY_get0_RSA(key); const BIGNUM *n, *e; RSA_get0_key(rsa, &n, &e, NULL); ssh_key_bn2data(e, &data); ssh_key_bn2data(n, &data); } break; case EVP_PKEY_DSA: txt = "ssh-dss"; ssh_key_QBA2data(txt, &data); { const DSA *dsa = EVP_PKEY_get0_DSA(key); const BIGNUM *p, *q, *g, *pubkey; DSA_get0_pqg(dsa, &p, &q, &g); DSA_get0_key(dsa, &pubkey, NULL); ssh_key_bn2data(p, &data); ssh_key_bn2data(q, &data); ssh_key_bn2data(g, &data); ssh_key_bn2data(pubkey, &data); } break; #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: if (ecParamNid() != NID_X9_62_prime256v1) return QByteArray(); txt = "ecdsa-sha2-nistp256"; ssh_key_QBA2data(txt, &data); ssh_key_QBA2data("nistp256", &data); { BIGNUM *bn = ecPubKeyBN(); ssh_key_bn2data(bn, &data); BN_free(bn); } pki_openssl_error(); break; #ifdef EVP_PKEY_ED25519 case EVP_PKEY_ED25519: txt = "ssh-ed25519"; ssh_key_QBA2data(txt, &data); ssh_key_QBA2data(ed25519PubKey(), &data); break; #endif #endif default: return QByteArray(); } if (raw) return data; txt += " " + data.toBase64(); QString comm = comment.section('\n', 0, 0).simplified(); if (comm.size() > 0) txt += " " + comm.toUtf8(); return txt + "\n"; } void pki_key::writeSSH2public(XFile &file) const { QByteArray txt = SSH2publicQByteArray(); if (file.write(txt) != txt.size()) throw errorEx(tr("Failed writing to %1").arg(file.fileName())); } bool pki_key::verify(EVP_PKEY *pkey) const { #ifndef LIBRESSL_VERSION_NUMBER EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new(pkey, NULL); Q_CHECK_PTR(ctx); int verify = EVP_PKEY_public_check(ctx); EVP_PKEY_CTX_free(ctx); if (verify == -2) { // Operation not supported assume true pki_ign_openssl_error(); } pki_openssl_error(); return verify != 0; #else (void)pkey; return true; #endif } QString pki_key::fingerprint(const QString &format) const { const EVP_MD *md; QByteArray data; QStringList sl = format.toLower().split(" "); if (sl.size() < 2) return QString("Invalid format: %1").arg(format); if (sl[0] == "ssh") data = SSH2publicQByteArray(true); else if (sl[0] == "x509") data = X509_PUBKEY_public_key(); else if (sl[0] == "der") data = i2d_bytearray(I2D_VOID(i2d_PUBKEY), key); else return QString("Invalid format: %1").arg(sl[0]); md = EVP_get_digestbyname(CCHAR(sl[1])); if (!md) return QString("Invalid hash: %1").arg(sl[1]); if (sl.size() > 2 && sl[2] == "b64") { QString s(Digest(data, md).toBase64()); s.chop(1); return s; } return ::fingerprint(data, md); } QByteArray pki_key::X509_PUBKEY_public_key() const { X509_PUBKEY *pk = NULL; const unsigned char *p; int len; X509_PUBKEY_set(&pk, key); X509_PUBKEY_get0_param(NULL, &p, &len, NULL, pk); QByteArray data((const char*)p, len); X509_PUBKEY_free(pk); return data; } QByteArray pki_key::PEM_comment() const { if (!pem_comment) return QByteArray(); return pki_base::PEM_comment() + QString("%1 %2\n").arg(length(), getTypeString()).toUtf8(); } void pki_key::collect_properties(QMap &prp) const { QStringList sl; sl << getTypeString() << length(); if (isPubKey()) sl << tr("Public key"); #ifndef OPENSSL_NO_EC if (getKeyType() == EVP_PKEY_EC) sl << QString(OBJ_nid2ln(ecParamNid())); #endif prp["Key"] = sl.join(" "); pki_base::collect_properties(prp); } void pki_key::print(BioByteArray &bba, enum print_opt opt) const { pki_base::print(bba, opt); switch (opt) { case print_openssl_txt: EVP_PKEY_print_public(bba, key, 0, NULL); break; case print_pem: PEM_write_bio_PUBKEY(bba, key); break; case print_coloured: break; } } xca-RELEASE.2.9.0/lib/pki_key.h000066400000000000000000000141401477156507700157510ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_KEY_H #define __PKI_KEY_H #include #include #include #include #include #include #include "pki_base.h" #include "builtin_curves.h" #define PEM_STRING_OPENSSH_KEY "OPENSSH PRIVATE KEY" #define DEFAULT_KEY_LENGTH 2048 #define ED25519_KEYLEN 32 #define VIEW_public_keys_type 6 #define VIEW_public_keys_len 7 #define VIEW_public_keys_public 8 extern builtin_curves builtinCurves; class keytype { public: static QList types() { return QList { keytype(EVP_PKEY_RSA, "RSA", CKM_RSA_PKCS_KEY_PAIR_GEN, false, true), keytype(EVP_PKEY_DSA, "DSA", CKM_DSA_KEY_PAIR_GEN, false, true), #ifndef OPENSSL_NO_EC keytype(EVP_PKEY_EC, "EC", CKM_EC_KEY_PAIR_GEN, true, false), #ifdef EVP_PKEY_ED25519 keytype(EVP_PKEY_ED25519, "ED25519", CKM_VENDOR_DEFINED, false, false), #endif #endif }; } int type{}; QString name{}; CK_MECHANISM_TYPE mech{}; bool curve{}, length{}; keytype(int t, const QString &n, CK_MECHANISM_TYPE m, bool c, bool l) : type(t), name(n), mech(m), curve(c), length(l) { } keytype() : type(-1), name(QString()), mech(0), curve(false), length(true) { } bool isValid() { return type != -1; } QString traditionalPemName() const { return #ifdef EVP_PKEY_ED25519 type == EVP_PKEY_ED25519 ? QString("PRIVATE KEY") : #endif QString("%1 PRIVATE KEY").arg(name); } static const keytype byType(int type) { foreach(const keytype t, types()) { if (t.type == type) return t; } return keytype(); } static const keytype byMech(CK_MECHANISM_TYPE mech) { foreach(const keytype t, types()) { if (t.mech == mech) return t; } return keytype(); } static const keytype byName(const QString &name) { foreach(const keytype t, types()) { if (t.name == name.toUpper()) return t; } return keytype(); } static const keytype byPKEY(EVP_PKEY *pkey) { return byType(EVP_PKEY_type(EVP_PKEY_id(pkey))); } }; class keyjob { public: static keyjob defaultjob; keytype ktype; int size; int ec_nid; slotid slot; keyjob() { size = DEFAULT_KEY_LENGTH; ktype = keytype::byName("RSA"); ec_nid = NID_undef; slot = slotid(); } keyjob(const QString &desc) { QStringList sl = desc.split(':'); if (sl.size() == 1) sl += ""; if (sl.size() != 2) return; ktype = keytype::byName(sl[0]); size = DEFAULT_KEY_LENGTH; ec_nid = NID_undef; if (isEC()) ec_nid = OBJ_txt2nid(sl[1].toLatin1()); else if (!isED25519()) size = sl[1].toInt(); slot = slotid(); ign_openssl_error(); } QString toString() { if (isED25519()) return ktype.name; return QString("%1:%2").arg(ktype.name) .arg(isEC() ? OBJ_obj2QString(OBJ_nid2obj(ec_nid)) : QString::number(size)); } bool isToken() const { return slot.lib != NULL; } bool isEC() const { return ktype.type == EVP_PKEY_EC; } bool isED25519() const { #ifdef EVP_PKEY_ED25519 return ktype.type == EVP_PKEY_ED25519; #else return false; #endif } bool isValid() { if (!ktype.isValid()) return false; if (isED25519()) return true; if (isEC() && builtinCurves.containNid(ec_nid)) return true; if (!isEC() && size > 0) return true; return false; } }; class pki_key: public pki_base { Q_OBJECT friend class pki_x509super; public: enum passType { ptCommon, ptPrivate, ptBogus, ptPin }; protected: enum passType ownPass; int key_size; bool isPub; EVP_PKEY *key; QString BN2QString(const BIGNUM *bn) const; QByteArray SSH2publicQByteArray(bool raw=false) const; QByteArray X509_PUBKEY_public_key() const; QByteArray PEM_comment() const; void collect_properties(QMap &prp) const; BIGNUM *ssh_key_data2bn(QByteArray *ba) const; void ssh_key_check_chunk(QByteArray *ba, const char *expect) const; QByteArray ssh_key_next_chunk(QByteArray *ba) const; void ssh_key_QBA2data(const QByteArray &ba, QByteArray *data) const; void ssh_key_bn2data(const BIGNUM *bn, QByteArray *data) const; private: mutable int useCount; // usage counter public: pki_key(const QString &name = QString()); pki_key(const pki_key *pk); virtual ~pki_key(); void autoIntName(const QString &file); QString length() const; QString comboText() const; QString getKeyTypeString(void) const; virtual EVP_PKEY *decryptKey() const = 0; virtual bool isToken(); virtual QString getTypeString(void) const; virtual QList possibleHashNids(); QString getMsg(msg_type msg, int n = 1) const; void writePublic(XFile &file, bool pem) const; QString getJWKcrv() const; void fillJWK(QJsonObject &json, const pki_export *xport) const; bool compare(const pki_base *ref) const; int getKeyType() const; bool isPrivKey() const; virtual bool verify(EVP_PKEY *pkey) const; int getUcount() const; void setUcount(int c) { useCount = c; } enum passType getOwnPass(void) { return ownPass; } EVP_PKEY *getPubKey() { return key; } bool isPubKey() const { return isPub; } virtual void generate(const keyjob &) { qFatal("generate in pki_key"); } bool pem(BioByteArray &); virtual bool pem(BioByteArray &b, const pki_export *xport); QVariant column_data(const dbheader *hd) const; QString modulus() const; QString pubEx() const; QString subprime() const; QString pubkey() const; #ifndef OPENSSL_NO_EC int ecParamNid() const; QString ecPubKey() const; QByteArray ed25519PubKey() const; QByteArray ed25519PrivKey(const EVP_PKEY *pkey) const; BIGNUM *ecPubKeyBN() const; #endif void d2i(QByteArray &ba); void d2i_old(QByteArray &ba, int type); QByteArray i2d() const; EVP_PKEY *load_ssh2_key(const QByteArray &ba); void writeSSH2public(XFile &file) const; QString fingerprint(const QString &format) const; bool SSH2_compatible() const; void print(BioByteArray &b, enum print_opt opt) const; void resetUcount() { useCount = -1; } QSqlError insertSqlData(); QSqlError deleteSqlData(); void restoreSql(const QSqlRecord &rec); }; Q_DECLARE_METATYPE(pki_key *); #endif xca-RELEASE.2.9.0/lib/pki_lookup.h000066400000000000000000000045141477156507700164760ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_LOOKUP_H #define __PKI_LOOKUP_H #include #include #include #include #include #include "XcaWarningCore.h" #include "base.h" #include "sql.h" class pki_base; class pki_lookup { private: QHash lookup; pki_base *get(quint64 id) const { if (id > 0 && !lookup.keys().contains(id)) qCritical("pki_lookup: ID %u not found", (unsigned)id); return lookup[id]; } public: ~pki_lookup() { flush(); } void add(QVariant id, pki_base *pki) { add(id.toULongLong(), pki); } void remove(QVariant id) { lookup.remove(id.toULongLong()); } void add(quint64 id, pki_base *pki) { if (id == 0) qCritical("pki_lookup: ID 0 not permitted"); if (!pki) qCritical("pki_lookup: Refusing to add NULL item " "with ID %u", (unsigned)id); if (lookup.keys().contains(id)) qCritical("pki_lookup: ID %u in use", (unsigned)id); lookup[id] = pki; } XSqlQuery sqlSELECTpki(QString query, QList values = QList()) { XSqlQuery q; int i, num_values = values.size(); SQL_PREPARE(q, query); for (i = 0; i < num_values; i++) q.bindValue(i, values[i]); q.exec(); XCA_SQLERROR(q.lastError()); return q; } template QList sqlSELECTpki(QString query, QList values = QList()) { XSqlQuery q = sqlSELECTpki(query, values); QList x; while (q.next()) { T *pki = lookupPki(q.value(0)); if (pki) x << pki; } return x; } template T *lookupPki(QVariant v) const { quint64 id = v.toULongLong(); if (id == 0) return NULL; T *pki = dynamic_cast(get(id)); if (pki) return pki; pki_base *p = get(id); qCritical() << QString("Invalid Type of ItemId(%1) %2 %3. Expected %4.") .arg(id).arg(typeid(p).name()) .arg("") //p ? p->getIntName() : "") .arg(typeid(T*).name()); return NULL; } template QList getAll() const { QList result; foreach(pki_base *pki, lookup.values()) { T *p = dynamic_cast(pki); if (p) result << p; } return result; } pki_base *operator[](quint64 id) const { return get(id); } void flush() { qDeleteAll(lookup); lookup.clear(); } }; #endif xca-RELEASE.2.9.0/lib/pki_multi.cpp000066400000000000000000000101661477156507700166520ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "pki_multi.h" #include "pki_x509.h" #include "pki_key.h" #include "pki_x509req.h" #include "pki_pkcs7.h" #include "pki_pkcs12.h" #include "pki_crl.h" #include "pki_temp.h" #include "pki_evp.h" #include "load_obj.h" #include "exception.h" #include "func.h" #include "xfile.h" #include "XcaWarningCore.h" #include pki_multi::pki_multi(const QString &name) :pki_base(name) { multi.clear(); failed_files.clear(); } pki_multi::~pki_multi() { foreach(pki_base *pki, multi) { if (pki->getSqlItemId().toInt() == 0) delete pki; } } void pki_multi::append_item(pki_base *pki) { pki_multi *m = dynamic_cast(pki); if (m) { multi += m->multi; m->multi.clear(); delete m; } else { multi << pki; } } #define D5 "-----" #define BEGIN D5 "BEGIN " /* General PEM loader */ static pki_base *pkiByPEM(QString text, int *skip) { int pos = text.indexOf(BEGIN); if (skip) *skip = pos; if (pos < 0) return NULL; text = text.remove(0, pos + sizeof(BEGIN)-1); if (text.startsWith(PEM_STRING_X509_OLD D5) || text.startsWith(PEM_STRING_X509 D5) || text.startsWith(PEM_STRING_X509_TRUSTED D5)) return new pki_x509(); if (text.startsWith(PEM_STRING_PKCS7 D5)) return new pki_pkcs7(); if (text.startsWith(PEM_STRING_X509_REQ_OLD D5) || text.startsWith(PEM_STRING_X509_REQ D5)) return new pki_x509req(); if (text.startsWith(PEM_STRING_X509_CRL D5)) return new pki_crl(); if (text.startsWith(PEM_STRING_XCA_TEMPLATE D5)) return new pki_temp(); if (text.startsWith(PEM_STRING_EVP_PKEY D5) || text.startsWith(PEM_STRING_PUBLIC D5) || text.startsWith(PEM_STRING_RSA D5) || text.startsWith(PEM_STRING_RSA_PUBLIC D5) || text.startsWith(PEM_STRING_DSA D5) || text.startsWith(PEM_STRING_DSA_PUBLIC D5) || text.startsWith(PEM_STRING_ECDSA_PUBLIC D5) || text.startsWith(PEM_STRING_ECPRIVATEKEY D5) || text.startsWith(PEM_STRING_PKCS8 D5) || text.startsWith(PEM_STRING_PKCS8INF D5) || text.startsWith(PEM_STRING_OPENSSH_KEY D5)) return new pki_evp(); return NULL; } void pki_multi::fload(const QString &fname) { XFile file(fname); QByteArray ba; file.open_read(); ba = file.readAll(); fromPEMbyteArray(ba, fname); }; void pki_multi::fromPEMbyteArray(const QByteArray &_ba, const QString &name) { pki_base *item = NULL; int startpos, old_count = multi.size(); QByteArray ba = _ba; for (;;) { try { item = pkiByPEM(QString::fromLatin1(ba), &startpos); if (!item) break; ba.remove(0, startpos); item->fromPEMbyteArray(ba, name); item->pkiSource = imported; openssl_error(); append_item(item); } catch (errorEx &err) { XCA_ERROR(err); delete item; item = NULL; } catch (...) { delete item; item = NULL; } ba.remove(0, sizeof BEGIN -1); } pki_ign_openssl_error(); if (multi.size() == old_count) throw errorEx(tr("No known PEM encoded items found")); } void pki_multi::probeAnything(const QString &fname) { pki_base *item = NULL; load_base *lb; QList lbs; int old_count = multi.size(); /* Check for file accessibility to report * a reasonable error early thrown by file.open_read() */ XFile file(fname); file.open_read(); file.close(); lbs << new load_pem() << new load_cert() << new load_pkcs7() << new load_pkcs12() << new load_crl() << new load_req() << new load_key() << new load_temp(); foreach(lb, lbs) { try { item = lb->loadItem(fname); if (item) { append_item(item); break; } } catch (errorEx &) { continue; } catch (enum open_result r) { if (r == pw_cancel) break; } } if (multi.count() == old_count && !fname.isEmpty()) failed_files << fname; qDeleteAll(lbs); } void pki_multi::print(BioByteArray &bba, enum print_opt opt) const { pki_base::print(bba, opt); foreach(pki_base *pki, multi) pki->print(bba, opt); } void pki_multi::collect_properties(QMap &) const { } QList pki_multi::pull() { QList temp = multi; multi.clear(); return temp; } QList pki_multi::get() const { return multi; } xca-RELEASE.2.9.0/lib/pki_multi.h000066400000000000000000000013511477156507700163130ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_MULTI_H #define __PKI_MULTI_H #include #include "pki_base.h" class pki_multi: public pki_base { Q_OBJECT protected: QList multi{}; public: pki_multi(const QString &name = ""); ~pki_multi(); QStringList failed_files; void fromPEMbyteArray(const QByteArray &, const QString &); void fload(const QString &fname); void probeAnything(const QString &fname); void append_item(pki_base *pki); void print(BioByteArray &b, enum print_opt opt) const; void collect_properties(QMap &prp) const; QList pull(); QList get() const; }; #endif xca-RELEASE.2.9.0/lib/pki_pkcs12.cpp000066400000000000000000000141621477156507700166230ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "pki_pkcs12.h" #include "pki_evp.h" #include "pki_x509.h" #include "pass_info.h" #include "exception.h" #include "func.h" #include "PwDialogCore.h" #include "XcaWarningCore.h" #include #include #include #include pki_pkcs12::pki_pkcs12(const QString &d, pki_x509 *acert, pki_key *akey) :pki_multi(d), cert(acert), key(akey) { append_item(key); append_item(cert); } pki_pkcs12::pki_pkcs12(const QString &fname) :pki_multi(fname) { Passwd pass; EVP_PKEY *mykey = NULL; X509 *mycert = NULL; pass_info p(XCA_TITLE, tr("Please enter the password to decrypt the PKCS#12 file:\n%1").arg(compressFilename(fname))); const X509_ALGOR *macalgid = NULL; const ASN1_INTEGER *maciter = NULL; const ASN1_OBJECT *macobj = NULL; setFilename(fname); XFile file(fname); file.open_read(); BioByteArray b(file.readAll()); PKCS12 *pkcs12 = d2i_PKCS12_bio(b.ro(), NULL); if (pki_ign_openssl_error()) { if (pkcs12) PKCS12_free(pkcs12); throw errorEx(tr("Unable to load the PKCS#12 (pfx) file %1.") .arg(fname)); } PKCS12_get0_mac(NULL, &macalgid, NULL, &maciter, pkcs12); if (macalgid) X509_ALGOR_get0(&macobj, NULL, NULL, macalgid); if (macobj) { algorithm = OBJ_obj2QString(macobj); if (maciter) algorithm += QString(", iteration %1").arg(a1int(maciter).toDec()); } while (!PKCS12_verify_mac(pkcs12, pass.constData(), pass.size())) { if (pass.size() > 0) XCA_PASSWD_ERROR(); enum open_result result = PwDialogCore::execute(&p, &pass); if (result != pw_ok) { /* cancel pressed */ PKCS12_free(pkcs12); failed_files << fname; throw result; } } STACK_OF(X509) *certstack = sk_X509_new_null(); PKCS12_parse(pkcs12, pass.constData(), &mykey, &mycert, &certstack); int error = ERR_peek_error(); if (ERR_GET_REASON(error) == PKCS12_R_MAC_VERIFY_FAILURE) { pki_ign_openssl_error(); PKCS12_free(pkcs12); sk_X509_free(certstack); failed_files << fname; throw errorEx(getClassName(), tr("The supplied password was wrong (%1)") .arg(ERR_reason_error_string(error))); } pki_ign_openssl_error(); if (mycert) { unsigned char *str = X509_alias_get0(mycert, NULL); if (str) alias = QString::fromUtf8((const char *)str); alias = QString::fromUtf8(alias.toLatin1()); cert = new pki_x509(mycert); Q_CHECK_PTR(cert); if (alias.isEmpty()) { cert->autoIntName(fname); alias = cert->getIntName(); } else { cert->setIntName(alias); } cert->pkiSource = imported; inheritFilename(cert); append_item(cert); } if (mykey) { key = new pki_evp(mykey); key->setIntName(alias + "_key"); key->pkiSource = imported; inheritFilename(key); append_item(key); } for (int i = 0; i < sk_X509_num(certstack); ++i) { X509 *crt = sk_X509_value(certstack, i); if (!crt) continue; pki_x509 *cacert = new pki_x509(crt); Q_CHECK_PTR(cacert); if (alias.isEmpty()) { cacert->autoIntName(QString()); } else { cacert->setIntName(QString(alias + "_ca_%1").arg(i)); } cacert->pkiSource = imported; inheritFilename(cacert); append_item(cacert); } sk_X509_free(certstack); PKCS12_free(pkcs12); pki_openssl_error(); } void pki_pkcs12::writePKCS12(XFile &file, encAlgo &encAlgo) const { Passwd pass; PKCS12 *pkcs12; if (cert == NULL || key == NULL) my_error(tr("No key or no Cert and no pkcs12")); pass_info p(XCA_TITLE, tr("Please enter the password to encrypt the key of certificate '%1' " "in the PKCS#12 file:\n%2") .arg(cert->getIntName()).arg(nativeSeparator(file.fileName()))); if (PwDialogCore::execute(&p, &pass, true) != 1) return; STACK_OF(X509) *certstack = sk_X509_new_null(); foreach(pki_base *pki, multi) { pki_x509 *x = dynamic_cast(pki); if (x && x != cert) sk_X509_push(certstack, x->getCert()); } int certAlgoNid, keyAlgoNid; certAlgoNid = keyAlgoNid = encAlgo.getEncAlgoNid(); // The very ancient 40BitRC2_CBC algorithm at least can // be combined with TripleDES_CBC for the keys. if (keyAlgoNid == NID_pbe_WithSHA1And40BitRC2_CBC) keyAlgoNid = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; EVP_PKEY *pkey = key->decryptKey(); for (const QString &line : key->getComment().split('\n')) { QStringList kv = line.split(":"); qDebug() << line << kv; if (kv.size() != 2 || kv[0] != "CSP") continue; QByteArray csp = kv[1].trimmed().toLatin1(); EVP_PKEY_add1_attr_by_NID(pkey, NID_ms_csp_name, MBSTRING_ASC, (const unsigned char*)csp.constData(), csp.size()); } pkcs12 = PKCS12_create(pass.data(), getIntName().toUtf8().data(), pkey, cert->getCert(), certstack, keyAlgoNid, certAlgoNid, 0, 0, 0); pki_openssl_error(); EVP_PKEY_free(pkey); Q_CHECK_PTR(pkcs12); if (encAlgo.legacy()) PKCS12_set_mac(pkcs12, pass.data(), -1, NULL, 0, 1, EVP_sha1()); BioByteArray b; i2d_PKCS12_bio(b, pkcs12); sk_X509_free(certstack); pki_openssl_error(); PKCS12_free(pkcs12); file.write(b); } void pki_pkcs12::collect_properties(QMap &prp) const { if (!algorithm.isEmpty()) prp["Algorithm"] = algorithm; if (!alias.isEmpty()) prp["Friendly Name"] = alias; } // see https://www.rfc-editor.org/rfc/rfc8018 Appendix B.2 for possible encryption schemes const QList encAlgo::all_encAlgos( { NID_pbe_WithSHA1And40BitRC2_CBC, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, NID_aes_256_cbc }); int encAlgo::default_encAlgo(NID_pbe_WithSHA1And3_Key_TripleDES_CBC); encAlgo::encAlgo(int nid) : encAlgo_nid(nid) { } encAlgo::encAlgo(const QString &name) : encAlgo_nid(default_encAlgo) { QString s(name); encAlgo_nid = OBJ_txt2nid(CCHAR(s.remove(QChar(' ')))); ign_openssl_error(); } QString encAlgo::name() const { return QString(encAlgo_nid == NID_undef ? "" : OBJ_nid2sn(encAlgo_nid)); } QString encAlgo::displayName() const { QString n = name(); if (legacy()) n += QString(" (%1)").arg(QObject::tr("insecure")); return n; } int encAlgo::getEncAlgoNid() const { return encAlgo_nid; } const encAlgo encAlgo::getDefault() { return encAlgo(default_encAlgo); } void encAlgo::setDefault(const QString &def) { default_encAlgo = encAlgo(def).encAlgo_nid; } xca-RELEASE.2.9.0/lib/pki_pkcs12.h000066400000000000000000000024471477156507700162730ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_PKCS12_H #define __PKI_PKCS12_H #include "pki_multi.h" class pki_key; class pki_x509; class encAlgo { private: static int default_encAlgo; int encAlgo_nid { NID_undef }; public: static const QList all_encAlgos; encAlgo(int nid); encAlgo(const QString &name); encAlgo(const encAlgo &d) = default; encAlgo& operator=(const encAlgo &d) = default; QString name() const; QString displayName() const; int getEncAlgoNid() const; bool legacy() const { return encAlgo_nid == NID_pbe_WithSHA1And3_Key_TripleDES_CBC || encAlgo_nid == NID_pbe_WithSHA1And40BitRC2_CBC; } static void setDefault(const QString &def); static const encAlgo getDefault(); }; class pki_pkcs12: public pki_multi { Q_OBJECT friend class pki_x509; friend class pki_evp; protected: QString alias{}, algorithm{}; pki_x509 *cert{}; pki_key *key{}; public: pki_pkcs12(const QString &d, pki_x509 *acert, pki_key *akey); pki_pkcs12(const QString &fname); pki_key *getKey() const { return key; } pki_x509 *getCert() const { return cert; } void writePKCS12(XFile &file, encAlgo &encAlgo) const; void collect_properties(QMap &prp) const; }; #endif xca-RELEASE.2.9.0/lib/pki_pkcs7.cpp000066400000000000000000000076731477156507700165600ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "pki_pkcs7.h" #include "pki_x509.h" #include "pki_key.h" #include "func.h" #include "exception.h" #include pki_pkcs7::pki_pkcs7(const QString &name) :pki_multi(name) { } pki_pkcs7::~pki_pkcs7() { if (p7) PKCS7_free(p7); } void pki_pkcs7::encryptFile(pki_x509 *crt, const QString &filename) { XFile f(filename); encryptBio(crt, BioByteArray(f.readAll()).ro()); } void pki_pkcs7::encryptBio(pki_x509 *crt, BIO *bio) { STACK_OF(X509) *certstack; if (!crt) return; certstack = sk_X509_new_null(); sk_X509_push(certstack, crt->getCert()); openssl_error(); if (p7) PKCS7_free(p7); p7 = PKCS7_encrypt(certstack, bio, EVP_aes_256_cbc(), PKCS7_BINARY); openssl_error(); sk_X509_free(certstack); } void pki_pkcs7::signBio(pki_x509 *crt, BIO *bio) { pki_key *privkey; EVP_PKEY *pk; STACK_OF(X509) *certstack; if (!crt) return; privkey = crt->getRefKey(); if (!privkey) throw errorEx("No private key for signing found", getClassName()); certstack = sk_X509_new_null(); pki_x509 *signer = crt->getSigner(); if (signer == crt) signer = NULL; while (signer != NULL ) { sk_X509_push(certstack, signer->getCert()); openssl_error(); if (signer == signer->getSigner() ) signer = NULL; else signer = signer->getSigner(); } if (p7) PKCS7_free(p7); pk = privkey->decryptKey(); p7 = PKCS7_sign(crt->getCert(), pk, certstack, bio, PKCS7_BINARY); EVP_PKEY_free(pk); openssl_error(); sk_X509_free(certstack); } void pki_pkcs7::signFile(pki_x509 *crt, const QString &filename) { XFile f(filename); f.open_read(); if (crt) signBio(crt, BioByteArray(f.readAll()).ro()); } void pki_pkcs7::signCert(pki_x509 *crt, pki_x509 *contCert) { BioByteArray bba; i2d_X509_bio(bba, contCert->getCert()); signBio(crt, bba); openssl_error(); } void pki_pkcs7::writeP7(XFile &file, bool PEM) { if (!p7) { p7 = PKCS7_new(); PKCS7_set_type(p7, NID_pkcs7_signed); PKCS7_content_new(p7, NID_pkcs7_data); pki_openssl_error(); } foreach(pki_base *pki, multi) { pki_x509 *x = dynamic_cast(pki); if (x) PKCS7_add_certificate(p7, X509_dup(x->getCert())); } BioByteArray b; if (PEM) PEM_write_bio_PKCS7(b, p7); else i2d_PKCS7_bio(b, p7); openssl_error(); file.write(b); } void pki_pkcs7::append_certs(PKCS7 *myp7, const QString &name) { STACK_OF(X509) *certstack = NULL; pki_openssl_error(); if (myp7 == NULL) return; setFilename(name); autoIntName(name); switch (OBJ_obj2nid(myp7->type)) { case NID_pkcs7_signed: certstack = myp7->d.sign->cert; myp7->d.sign->cert = NULL; break; case NID_pkcs7_signedAndEnveloped: certstack = myp7->d.signed_and_enveloped->cert; myp7->d.signed_and_enveloped->cert = NULL; break; } if (!certstack) return; for (int x = 0; x < sk_X509_num(certstack); x++) { X509 *c = X509_dup(sk_X509_value(certstack, x)); pki_x509 *cert = new pki_x509(c); openssl_error(); cert->autoIntName(getIntName()); cert->pkiSource = imported; inheritFilename(cert); append_item(cert); } sk_X509_free(certstack); PKCS7_free(myp7); } void pki_pkcs7::fromPEM_BIO(BIO *bio, const QString &name) { PKCS7 *myp7 = PEM_read_bio_PKCS7(bio, NULL, NULL, NULL); append_certs(myp7, name); } void pki_pkcs7::fromPEMbyteArray(const QByteArray &ba, const QString &name) { // Skip the pki_multi::fromPEMbyteArray(), // which would cause an endless loop pki_base::fromPEMbyteArray(ba, name); } void pki_pkcs7::fload(const QString &name) { PKCS7 *myp7; XFile file(name); file.open_read(); QByteArray ba(file.readAll()); myp7 = PEM_read_bio_PKCS7(BioByteArray(ba).ro(), NULL, NULL, NULL); if (!myp7) { ign_openssl_error(); myp7 = d2i_PKCS7_bio(BioByteArray(ba).ro(), NULL); } if (ign_openssl_error()) { if (myp7) PKCS7_free(myp7); throw errorEx(tr("Unable to load the PKCS#7 file %1. Tried PEM and DER format.").arg(name)); } append_certs(myp7, name); } xca-RELEASE.2.9.0/lib/pki_pkcs7.h000066400000000000000000000016401477156507700162110ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_PKCS7_H #define __PKI_PKCS7_H #include #include "pki_multi.h" #include class pki_x509; class pki_pkcs7: public pki_multi { Q_OBJECT friend class pki_x509; protected: PKCS7 *p7{}; void signBio(pki_x509 *crt, BIO *bio); void encryptBio(pki_x509 *crt, BIO *bio); void append_certs(PKCS7 *myp7, const QString &name); public: pki_pkcs7(const QString &name = QString()); virtual ~pki_pkcs7(); void signFile(pki_x509 *crt, const QString &filename); void signCert(pki_x509 *crt, pki_x509 *contCert); void encryptFile(pki_x509 *crt, const QString &filename); void writeP7(XFile &file, bool PEM); void fromPEM_BIO(BIO *bio, const QString &name); void fromPEMbyteArray(const QByteArray &, const QString &); void fload(const QString &name); }; #endif xca-RELEASE.2.9.0/lib/pki_scard.cpp000066400000000000000000000461261477156507700166210ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2009 -2014 Christian Hohnstaedt. * * All rights reserved. */ #include "pki_scard.h" #include "pass_info.h" #include "pk11_attribute.h" #include "exception.h" #include "db_base.h" #include "pkcs11.h" #include "x509name.h" #include "func.h" #include "XcaProgress.h" #include "XcaWarningCore.h" #include #include void pki_scard::init(void) { ownPass = ptPin; pkiType = smartCard; isPub = false; } pki_scard::pki_scard(const QString &name) :pki_key(name) { init(); } QString pki_scard::getMsg(msg_type msg, int n) const { /* * We do not construct english sentences from fragments * to allow proper translations. * * %1 will be replaced by the name of the smartcard */ switch (msg) { case msg_import: return tr("Successfully imported the token key '%1'"); case msg_delete: return tr("Delete the %n token key(s): '%1'?", "", n); case msg_create: return tr("Successfully created the token key '%1'"); } return pki_base::getMsg(msg); } QSqlError pki_scard::insertSqlData() { XSqlQuery q; QSqlError e = pki_key::insertSqlData(); if (e.isValid()) return e; SQL_PREPARE(q, "INSERT INTO tokens (item, card_manufacturer, card_serial, " "card_model, card_label, slot_label, " "object_id) " "VALUES (?, ?, ?, ?, ?, ?, ?)"); q.bindValue(0, sqlItemId); q.bindValue(1, card_manufacturer); q.bindValue(2, card_serial); q.bindValue(3, card_model); q.bindValue(4, card_label); q.bindValue(5, slot_label); q.bindValue(6, object_id); q.exec(); e = q.lastError(); if (e.isValid()) return e; SQL_PREPARE(q, "INSERT INTO token_mechanism (item, mechanism) " "VALUES (?, ?)"); q.bindValue(0, sqlItemId); foreach(CK_MECHANISM_TYPE m, mech_list) { q.bindValue(1, QVariant((uint)m)); q.exec(); } return q.lastError(); } void pki_scard::restoreSql(const QSqlRecord &rec) { pki_key::restoreSql(rec); card_manufacturer = rec.value(VIEW_tokens_card_manufacturer).toString(); card_serial = rec.value(VIEW_tokens_card_serial).toString(); card_model = rec.value(VIEW_tokens_card_model).toString(); card_label = rec.value(VIEW_tokens_card_label).toString(); slot_label = rec.value(VIEW_tokens_slot_label).toString(); object_id = rec.value(VIEW_tokens_object_id).toString(); card_manufacturer = rec.value(VIEW_tokens_card_manufacturer).toString(); isPub = false; qDebug() << card_manufacturer <data, os->length, NULL); pki_openssl_error(); EC_POINT *point = EC_POINT_bn2point(group, bn, NULL, NULL); BN_free(bn); ASN1_OCTET_STRING_free(os); pki_openssl_error(); EC_KEY_set_public_key(ec, point); pki_openssl_error(); pkey = EVP_PKEY_new(); EVP_PKEY_assign_EC_KEY(pkey, ec); break; } #ifdef EVP_PKEY_ED25519 case CKK_EC_EDWARDS: { QByteArray ba; ASN1_OCTET_STRING *os; pk11_attr_data grp(CKA_EC_PARAMS); p11.loadAttribute(grp, object); pk11_attr_data pt(CKA_EC_POINT); p11.loadAttribute(pt, object); ba = pt.getData(); os = (ASN1_OCTET_STRING *) d2i_bytearray(D2I_VOID(d2i_ASN1_OCTET_STRING), ba); pki_openssl_error(); pkey = EVP_PKEY_new_raw_public_key(EVP_PKEY_ED25519, NULL, (const uint8_t *)os->data, os->length); pki_openssl_error(); ASN1_OCTET_STRING_free(os); pki_openssl_error(); break; } #endif #endif default: throw errorEx(QString("Unsupported CKA_KEY_TYPE: %1\n").arg(keytype)); } pki_openssl_error(); return pkey; } void pki_scard::load_token(pkcs11 &p11, CK_OBJECT_HANDLE object) { tkInfo ti = p11.tokenInfo(); card_label = ti.label(); card_manufacturer = ti.manufacturerID(); card_serial = ti.serial(); card_model = ti.model(); pkiSource = token; isPub = false; pk11_attr_data id(CKA_ID); p11.loadAttribute(id, object); if (id.getAttribute()->ulValueLen > 0) { object_id = QString(id.getData().toHex()); } try { pk11_attr_data label(CKA_LABEL); p11.loadAttribute(label, object); slot_label = label.getText(); } catch (errorEx &err) { qDebug() << "No PubKey Label:" << err.getString(); // ignore } if (slot_label.isEmpty()) { try{ x509name xn; pk11_attr_data subj(CKA_SUBJECT); p11.loadAttribute(subj, object); QByteArray der = subj.getData(); xn.d2i(der); slot_label = xn.getMostPopular(); pki_openssl_error(); } catch (errorEx &err) { qDebug() << "No Pubkey Subject:" << err.getString(); // ignore } } EVP_PKEY *pkey = load_pubkey(p11, object); if (pkey) { if (key) EVP_PKEY_free(key); key = pkey; } setIntName(slot_label); pki_openssl_error(); } pk11_attr_data pki_scard::getIdAttr() const { pk11_attr_data id(CKA_ID); if (object_id.isEmpty()) return id; QByteArray val = QByteArray::fromHex(object_id.toLocal8Bit()); id.setValue(reinterpret_cast(val.constData()), val.length()); return id; } void pki_scard::deleteFromToken() { slotid slot; if (!prepare_card(&slot)) return; deleteFromToken(slot); } pk11_attlist pki_scard::objectAttributesNoId(EVP_PKEY *pk, bool priv) const { QByteArray ba; const RSA *rsa; const DSA *dsa; #ifndef OPENSSL_NO_EC const EC_KEY *ec; #endif const BIGNUM *n = NULL; const BIGNUM *e = NULL; const BIGNUM *p = NULL; const BIGNUM *q = NULL; const BIGNUM *g = NULL; pk11_attlist attrs(pk11_attr_ulong(CKA_CLASS, priv ? CKO_PRIVATE_KEY : CKO_PUBLIC_KEY)); switch (EVP_PKEY_type(EVP_PKEY_id(pk))) { case EVP_PKEY_RSA: rsa = EVP_PKEY_get0_RSA(pk); RSA_get0_key(rsa, &n, &e, NULL); attrs << pk11_attr_ulong(CKA_KEY_TYPE, CKK_RSA) << pk11_attr_data(CKA_MODULUS, n) << pk11_attr_data(CKA_PUBLIC_EXPONENT, e); break; case EVP_PKEY_DSA: dsa = EVP_PKEY_get0_DSA(pk); DSA_get0_pqg(dsa, &p, &q, &g); attrs << pk11_attr_ulong(CKA_KEY_TYPE, CKK_DSA) << pk11_attr_data(CKA_PRIME, p) << pk11_attr_data(CKA_SUBPRIME, q) << pk11_attr_data(CKA_BASE, g); break; #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: ec = EVP_PKEY_get0_EC_KEY(pk); ba = i2d_bytearray(I2D_VOID(i2d_ECPKParameters), EC_KEY_get0_group(ec)); attrs << pk11_attr_ulong(CKA_KEY_TYPE, CKK_EC) << pk11_attr_data(CKA_EC_PARAMS, ba); break; #ifdef EVP_PKEY_ED25519 case EVP_PKEY_ED25519: attrs << pk11_attr_ulong(CKA_KEY_TYPE, CKK_EC_EDWARDS); // should it also return params, somehow? break; #endif #endif default: throw errorEx(QString("Unknown Keytype %d") .arg(EVP_PKEY_type(EVP_PKEY_id(pk)))); } return attrs; } pk11_attlist pki_scard::objectAttributes(bool priv) const { pk11_attlist attrs = objectAttributesNoId(key, priv); attrs << getIdAttr(); return attrs; } void pki_scard::deleteFromToken(const slotid &slot) { pkcs11 p11; p11.startSession(slot, true); tkInfo ti = p11.tokenInfo(); if (!XCA_YESNO(tr("Delete the private key '%1' from the token '%2 (#%3)' ?"). arg(getIntName()).arg(ti.label()).arg(ti.serial()))) return; if (!p11.tokenLoginForModification()) return; pk11_attlist atts = objectAttributes(true); QList priv_objects = p11.objectList(atts); atts = objectAttributes(false); QList pub_objects = p11.objectList(atts); p11.deleteObjects(priv_objects); p11.deleteObjects(pub_objects); } int pki_scard::renameOnToken(const slotid &slot, const QString &name) { pkcs11 p11; p11.startSession(slot, true); QList objs; if (!p11.tokenLoginForModification()) return 0; pk11_attr_data label(CKA_LABEL, name.toUtf8()); /* Private key */ pk11_attlist attrs = objectAttributes(true); objs = p11.objectList(attrs); if (!objs.count()) return 0; p11.storeAttribute(label, objs[0]); /* Public key */ attrs = objectAttributes(false); objs = p11.objectList(attrs); if (objs.count()) p11.storeAttribute(label, objs[0]); return 1; } void pki_scard::store_token(const slotid &slot, EVP_PKEY *pkey) { QByteArray ba; const RSA *rsa; const DSA *dsa; #ifndef OPENSSL_NO_EC const EC_KEY *ec; #endif pk11_attlist pub_atts; pk11_attlist priv_atts; QList objects; const BIGNUM *d = NULL; const BIGNUM *p = NULL; const BIGNUM *q = NULL; const BIGNUM *dmp1 = NULL; const BIGNUM *dmq1 = NULL; const BIGNUM *iqmp = NULL; const BIGNUM *priv_key = NULL; const BIGNUM *pub_key = NULL; pub_atts = objectAttributesNoId(pkey, false); priv_atts = objectAttributesNoId(pkey, true); pkcs11 p11; p11.startSession(slot, true); QList objs = p11.objectList(pub_atts); if (objs.count() == 0) objs = p11.objectList(priv_atts); if (objs.count() != 0) { XCA_INFO(tr("This Key is already on the token")); load_token(p11, objs[0]); return; } pk11_attr_data new_id = select_id(p11); pub_atts << new_id << pk11_attr_bool(CKA_TOKEN, true) << pk11_attr_data(CKA_LABEL, getIntName().toUtf8()) << pk11_attr_bool(CKA_PRIVATE, false) << pk11_attr_bool(CKA_WRAP, true) << pk11_attr_bool(CKA_ENCRYPT, true) << pk11_attr_bool(CKA_VERIFY, true); priv_atts << new_id << pk11_attr_bool(CKA_TOKEN, true) << pk11_attr_data(CKA_LABEL, desc.toUtf8()) << pk11_attr_bool(CKA_PRIVATE, true) << pk11_attr_bool(CKA_UNWRAP, true) << pk11_attr_bool(CKA_DECRYPT, true) << pk11_attr_bool(CKA_SIGN, true); switch (EVP_PKEY_type(EVP_PKEY_id(pkey))) { case EVP_PKEY_RSA: rsa = EVP_PKEY_get0_RSA(pkey); RSA_get0_key(rsa, NULL, NULL, &d); RSA_get0_factors(rsa, &p, &q); RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp); priv_atts << pk11_attr_data(CKA_PRIVATE_EXPONENT, d) << pk11_attr_data(CKA_PRIME_1, p) << pk11_attr_data(CKA_PRIME_2, q) << pk11_attr_data(CKA_EXPONENT_1, dmp1) << pk11_attr_data(CKA_EXPONENT_2, dmq1) << pk11_attr_data(CKA_COEFFICIENT, iqmp); break; case EVP_PKEY_DSA: dsa = EVP_PKEY_get0_DSA(pkey); DSA_get0_key(dsa, &pub_key, &priv_key); priv_atts << pk11_attr_data(CKA_VALUE, priv_key); pub_atts << pk11_attr_data(CKA_VALUE, pub_key); break; #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: { /* Public Key */ BIGNUM *point; int size; unsigned char *buf; ASN1_OCTET_STRING *os; ec = EVP_PKEY_get0_EC_KEY(pkey); point = EC_POINT_point2bn(EC_KEY_get0_group(ec), EC_KEY_get0_public_key(ec), EC_KEY_get_conv_form(ec), NULL, NULL); pki_openssl_error(); size = BN_num_bytes(point); buf = (unsigned char *)OPENSSL_malloc(size); Q_CHECK_PTR(buf); BN_bn2bin(point, buf); os = ASN1_OCTET_STRING_new(); /* set0 -> ASN1_OCTET_STRING_free() also free()s buf */ ASN1_STRING_set0(os, buf, size); ba = i2d_bytearray(I2D_VOID(i2d_ASN1_OCTET_STRING), os); ASN1_OCTET_STRING_free(os); BN_free(point); pki_openssl_error(); pub_atts << pk11_attr_data(CKA_EC_POINT, ba); /* Private key */ priv_atts << pk11_attr_data(CKA_VALUE, EC_KEY_get0_private_key(ec)); break; } #endif default: throw errorEx(QString("Unknown Keytype %d") .arg(EVP_PKEY_id(pkey))); } if (!p11.tokenLoginForModification()) throw errorEx(tr("PIN input aborted")); try { p11.createObject(pub_atts); } catch (errorEx &e) { XCA_ERROR(e); } p11.createObject(priv_atts); pub_atts.reset(); pub_atts = objectAttributesNoId(pkey, false); pub_atts << new_id; objs = p11.objectList(pub_atts); if (objs.count() == 0) throw errorEx(tr("Unable to find copied key on the token")); load_token(p11, objs[0]); } QList pki_scard::possibleHashNids() { QList nids; if (!Settings["only_token_hashes"]) return pki_key::possibleHashNids(); foreach(CK_MECHANISM_TYPE mechanism, mech_list) { switch (EVP_PKEY_type(getKeyType())) { case EVP_PKEY_RSA: switch (mechanism) { case CKM_MD5_RSA_PKCS: nids << NID_md5; break; case CKM_RIPEMD160_RSA_PKCS: nids << NID_ripemd160; break; case CKM_SHA1_RSA_PKCS: nids << NID_sha1; break; case CKM_SHA256_RSA_PKCS: nids << NID_sha256; break; case CKM_SHA384_RSA_PKCS: nids << NID_sha384; break; case CKM_SHA512_RSA_PKCS: nids << NID_sha512; break; } break; case EVP_PKEY_DSA: switch (mechanism) { case CKM_DSA_SHA1: nids << NID_sha1; break; } break; #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: switch (mechanism) { case CKM_ECDSA_SHA1: nids << NID_sha1; break; } break; #endif } } if (nids.count() == 0) { switch (EVP_PKEY_type(getKeyType())) { case EVP_PKEY_RSA: nids << NID_md5 << NID_sha1 << NID_sha256 << NID_sha384 << NID_sha512 << NID_ripemd160; break; case EVP_PKEY_DSA: #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: #endif nids << NID_sha1; break; } } return nids; } bool pki_scard::find_key_on_card(slotid *slot) const { pkcs11 p11; slotid sl; pk11_attlist cls(pk11_attr_ulong(CKA_CLASS, CKO_PUBLIC_KEY)); cls << getIdAttr(); foreach(sl, p11.getSlotList()) { pkcs11 p11sess; p11sess.startSession(sl); foreach(CK_OBJECT_HANDLE object, p11sess.objectList(cls)) { EVP_PKEY *pkey = load_pubkey(p11sess, object); bool match = EVP_PKEY_cmp(key, pkey) == 1; EVP_PKEY_free(pkey); if (match) { *slot = sl; return true; } } } return false; } /* Assures the correct card is inserted and * returns the slot ID in slot true on success */ bool pki_scard::prepare_card(slotid *slot) const { if (!pkcs11::libraries.loaded()) return false; QString msg = tr("Please insert card: %1 %2 [%3] with Serial: %4"). arg(card_manufacturer).arg(card_model). arg(card_label).arg(card_serial); do { try { if (find_key_on_card(slot)) return true; } catch (errorEx &err) { qDebug() << "find_key_on_card:" << err.getString(); } catch (...) { qDebug() << "find_key_on_card exception"; } } while (XCA_OKCANCEL(msg)); return false; } class keygenThread: public QThread { public: errorEx err; const keyjob task; QString name; pkcs11 *p11; pk11_attr_data id; keygenThread(const keyjob &t, const QString &n, pkcs11 *_p11, const pk11_attr_data &_id) : QThread(), task(t), name(n), p11(_p11), id(_id) { } void run() { try { id = p11->generateKey(name, task.ktype.mech, task.size, task.ec_nid, id); } catch (errorEx &e) { err = e; } } }; pk11_attr_data pki_scard::select_id(const pkcs11 &p11) const { tkInfo ti = p11.tokenInfo(); pk11_attr_data new_id(CKA_ID); QList fixed_ids = ti.fixed_ids(); if (fixed_ids.size() > 0) { QMap map; QStringList items; for (QStringList item : fixed_ids) { items << item[0]; map[item[0]] = item[1].toULong(); } QString idname = QInputDialog::getItem(nullptr, XCA_TITLE, tr("Select Slot of %1").arg(ti.model()), items, 0, false); if (map.contains(idname)) new_id.setULong(map[idname]); } else { new_id = p11.findUniqueID(CKO_PUBLIC_KEY); } return new_id; } void pki_scard::generate(const keyjob &task) { pk11_attlist atts; pkcs11 p11; p11.startSession(task.slot, true); p11.getRandom(); pk11_attr_data new_id = select_id(p11); if (!p11.tokenLoginForModification()) return; XcaProgress progress; keygenThread kt(task, getIntName(), &p11, new_id); kt.start(); while (!kt.wait(20)) { progress.increment(); } if (!kt.err.isEmpty()) throw errorEx(kt.err); atts << pk11_attr_ulong(CKA_CLASS, CKO_PUBLIC_KEY) << kt.id; QList objects = p11.objectList(atts); if (objects.count() != 1) qCritical() << "OBJECTS found:" << objects.count(); if (objects.count() == 0) throw errorEx(tr("Unable to find generated key on card")); load_token(p11, objects[0]); } pki_scard::~pki_scard() { } QString pki_scard::getTypeString(void) const { return tr("Token %1").arg(pki_key::getTypeString()); } EVP_PKEY *pki_scard::decryptKey() const { slotid slot_id; QString key_id; if (!prepare_card(&slot_id)) throw errorEx(tr("Failed to find the key on the token")); pkcs11 *p11 = new pkcs11(); p11->startSession(slot_id); if (p11->tokenLogin(card_label, false).isNull()) { delete p11; throw errorEx(tr("Invalid Pin for the token")); } pk11_attlist atts = objectAttributes(true); QList priv_objects = p11->objectList(atts); if (priv_objects.count() != 1) { delete p11; throw errorEx(tr("Failed to find the key on the token")); } EVP_PKEY *pkey = p11->getPrivateKey(key, priv_objects[0]); if (!pkey) { delete p11; throw errorEx(tr("Failed to initialize the key on the token")); } pki_openssl_error(); return pkey; } void pki_scard::changePin() { slotid slot; if (!prepare_card(&slot)) return; pkcs11 p11; p11.changePin(slot, false); } void pki_scard::changeSoPin() { slotid slot; if (!prepare_card(&slot)) return; pkcs11 p11; p11.changePin(slot, true); } void pki_scard::initPin() { slotid slot; if (!prepare_card(&slot)) return; pkcs11 p11; p11.initPin(slot); } bool pki_scard::isToken() { return true; } QVariant pki_scard::getIcon(const dbheader *hd) const { return hd->id == HD_internal_name ? QVariant(QPixmap(":scardIco")) : QVariant(); } bool pki_scard::visible() const { QStringList sl; if (pki_base::visible()) return true; sl << card_serial << card_manufacturer << card_model << card_label << slot_label << object_id; foreach(QString s, sl) { if (s.contains(limitPattern)) return true; } return false; } void pki_scard::updateLabel(QString label) { XSqlQuery q; Transaction; if (slot_label == label) return; if (!TransBegin()) return; slot_label = label; SQL_PREPARE(q, "UPDATE tokens SET slot_label=? WHERE item=?"); q.bindValue(0, slot_label); q.bindValue(1, sqlItemId); q.exec(); AffectedItems(sqlItemId); TransCommit(); } xca-RELEASE.2.9.0/lib/pki_scard.h000066400000000000000000000046431477156507700162640ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2009 - 2011 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_SCARD_H #define __PKI_SCARD_H #include #include #include #include "pkcs11.h" #include "pki_key.h" #define VIEW_tokens_card_manufacturer 10 #define VIEW_tokens_card_serial 11 #define VIEW_tokens_card_model 12 #define VIEW_tokens_card_label 13 #define VIEW_tokens_slot_label 14 #define VIEW_tokens_object_id 15 class pki_scard: public pki_key { Q_OBJECT protected: QString card_serial{}; QString card_manufacturer{}; QString card_model{}; QString card_label{}; QString slot_label{}; QString object_id{}; QList mech_list{}; void init(void); public: pki_scard(const QString &name); virtual ~pki_scard(); void load_token(pkcs11 &p11, CK_OBJECT_HANDLE object); bool prepare_card(slotid *slot) const; bool find_key_on_card(slotid *slot) const; QString getTypeString(void) const; QString getManufacturer() const { return card_manufacturer; } QString getSerial() const { return card_serial; } QString getModel() const { return card_model; } QString getLabel() const { return slot_label; } void updateLabel(QString label); QString getId() const { return object_id; } pk11_attr_data getIdAttr() const; QString getCardLabel() const { return card_label; } EVP_PKEY *decryptKey() const; QString scardLogin(pkcs11 &p11, bool so, bool force=false)const; void changePin(); void initPin(); void changeSoPin(); bool isToken(); QVariant getIcon(const dbheader *hd) const; QList getMech_list() { return mech_list; } pk11_attr_data select_id(const pkcs11 &p11) const; pk11_attlist objectAttributes(bool priv) const; pk11_attlist objectAttributesNoId(EVP_PKEY *pk, bool priv) const; void setMech_list(QList ml) { mech_list = ml; }; QList possibleHashNids(); EVP_PKEY *load_pubkey(pkcs11 &p11, CK_OBJECT_HANDLE object) const; void generate(const keyjob &task); void deleteFromToken(); void deleteFromToken(const slotid &slot); void store_token(const slotid &slot, EVP_PKEY *pkey); int renameOnToken(const slotid &slot, const QString &name); QString getMsg(msg_type msg, int n = 1) const; bool visible() const; QSqlError insertSqlData(); QSqlError deleteSqlData(); void restoreSql(const QSqlRecord &rec); }; #endif xca-RELEASE.2.9.0/lib/pki_temp.cpp000066400000000000000000000335461477156507700164740ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "pki_temp.h" #include "pki_x509.h" #include "func.h" #include "oid.h" #include "exception.h" #include #include #include #include #define TEMPLATE_DS_VERSION (QDataStream::Qt_4_2) namespace db { QByteArray intToData(uint32_t val) { uint32_t v = xhtonl(val); return QByteArray((char*)&v, sizeof(uint32_t)); } uint32_t intFromData(QByteArray &ba) { uint32_t ret; if ((unsigned)(ba.size()) < sizeof(uint32_t)) { throw errorEx(QObject::tr("Out of data")); } memcpy(&ret, ba.constData(), sizeof(uint32_t)); ba = ba.mid(sizeof(uint32_t)); return xntohl(ret); } bool boolFromData(QByteArray &ba) { unsigned char c; if (ba.size() < 1) throw errorEx(QObject::tr("Out of data")); c = ba.constData()[0]; ba = ba.mid(1); return c ? true : false; } QString stringFromData(QByteArray &ba) { int idx = ba.indexOf('\0'); if (idx == -1) throw errorEx(QObject::tr("Error finding endmarker of string")); QString ret = QString::fromUtf8(ba.constData(), idx); ba = ba.mid(idx+1); return ret; } }; const QList pki_temp::tmpl_keys = { "nameCons", "subAltName", "issAltName", "crlDist", "authInfAcc", "nsCertType", "nsComment", "nsBaseUrl", "nsRevocationUrl", "nsCARevocationUrl", "nsRenewalUrl", "nsCaPolicyUrl", "nsSslServerName", "ca", "bcCritical", "ekuCritical", "kuCritical", "subKey", "authKey", "basicPath", "validN", "validM", "validMidn", "keyUse", "eKeyUse", "adv_ext", "noWellDefinedExpDate", "OCSPstaple", }; pki_temp::pki_temp(const pki_temp *pk) :pki_x509name(pk->getIntName()), xname(pk->xname), settings(pk->settings) { } pki_temp::pki_temp(const QString &d) :pki_x509name(d) { pkiType = tmpl; foreach(QString key, tmpl_keys) { settings[key] = QString(); } settings["nsComment"] = "xca certificate"; settings["validN"] = "365"; } QString pki_temp::comboText() const { return pre_defined ? QString("[default] ") + pki_base::comboText() : pki_base::comboText(); } QSqlError pki_temp::insertSqlData() { XSqlQuery q; QSqlError e = pki_x509name::insertSqlData(); if (e.isValid()) return e; SQL_PREPARE(q, "INSERT INTO templates (item, version, template) " "VALUES (?, ?, ?)"); q.bindValue(0, sqlItemId); q.bindValue(1, TMPL_VERSION); q.bindValue(2, toB64Data()); q.exec(); return q.lastError(); } void pki_temp::restoreSql(const QSqlRecord &rec) { pki_base::restoreSql(rec); int version = rec.value(VIEW_temp_version).toInt(); QByteArray ba = QByteArray::fromBase64( rec.value(VIEW_temp_template).toByteArray()); fromData(ba, version); } QSqlError pki_temp::deleteSqlData() { XSqlQuery q; QSqlError e = pki_x509name::deleteSqlData(); if (e.isValid()) return e; SQL_PREPARE(q, "DELETE FROM templates WHERE item=?"); q.bindValue(0, sqlItemId); q.exec(); return q.lastError(); } QString pki_temp::getMsg(msg_type msg, int n) const { /* * We do not construct english sentences from fragments * to allow proper translations. * * %1 will be replaced by the internal name of the template */ switch (msg) { case msg_import: return tr("Successfully imported the XCA template '%1'"); case msg_delete: return tr("Delete the %n XCA template(s): '%1'?", "", n); case msg_create: return tr("Successfully created the XCA template '%1'"); } return pki_base::getMsg(msg); } x509name pki_temp::getSubject() const { return xname; } static int bitsToInt(extList &el, int nid, bool *crit) { int ret = 0, i = el.idxByNid(nid); if (i != -1) { if (crit) *crit = el[i].getCritical(); ASN1_BIT_STRING *bits; bits = (ASN1_BIT_STRING *)el[i].d2i(); for (int j=0; j<9; j++) { if (ASN1_BIT_STRING_get_bit(bits, j)) ret |= 1 << j; } el.removeAt(i); } return ret; } void pki_temp::fromExtList(extList *el, int nid, const char *item) { QString target; el->genConf(nid, &target, &adv_ext); if (nid == NID_subject_alt_name || nid == NID_issuer_alt_name || nid == NID_name_constraints) { QStringList sl = target.split(","); QRegularExpression match("([a-z]+;)*otherName:msUPN;UTF8:"); for (int i=0; igetV3ext(); adv_ext.clear(); settings["nsComment"] = ""; n = cert_or_req->getSubject(); foreach(QString sn, Settings["explicit_dn"].split(",")) { int nid = OBJ_sn2nid(CCHAR(sn)); QString ne = n.popEntryByNid(nid); if (!ne.isNull()) xname.addEntryByNid(nid, ne); } for (int i=0; i> 1)); bool kuCritical; settings["keyUse"] = QString::number( bitsToInt(el, NID_key_usage, &kuCritical)); settings["kuCritical"] = kuCritical ? "1" : "0"; fromExtList(&el, NID_ext_key_usage, "eKeyUse"); QStringList eKeyUse = settings["eKeyUse"] .split(QRegularExpression(",\\s*")); settings["ekuCritical"] = "0"; if (eKeyUse.contains("critical")) { eKeyUse.removeOne("critical"); settings["eKeyUse"] = eKeyUse.join(", "); settings["ekuCritical"] = "1"; } qDebug() << "eKeyUse" << settings["kuCritical"] << settings["eKeyUse"]; el.genGenericConf(&adv_ext); settings["adv_ext"] = adv_ext; if (cert_or_req->getType() == x509) { pki_x509 *cert = (pki_x509*)cert_or_req; if (cert->getNotAfter().isUndefined()) { settings["noWellDefinedExpDate"] = "1"; } else { a1time notBefore = cert->getNotBefore(); a1time notAfter = cert->getNotAfter(); if (notBefore.toPlain().endsWith("000000Z") && notAfter.toPlain().endsWith("235959Z")) { settings["validMidn"] = "1"; } int diff = notBefore.daysTo(notAfter); settings["validM"] = "0"; if (diff > 60) { settings["validM"] = "1"; diff /= 30; if (diff > 24) { settings["validM"] = "2"; diff /= 12; } } settings["validN"] = QString::number(diff); } } return el; } static QString old_eKeyUse2QString(int old) { QStringList sl; for (int i = 0; i < extkeyuse_nid.size(); i++) { if (old & (1< 5) { settings["basicPath"] = db::stringFromData(ba); } else { settings["basicPath"] = QString::number(db::intFromData(ba)); if (settings["basicPath"] == "0") settings["basicPath"] = ""; } settings["validN"] = QString::number(db::intFromData(ba)); settings["validM"] = QString::number(db::intFromData(ba)); settings["keyUse"] = QString::number(db::intFromData(ba)); if (version > 4) { settings["eKeyUse"] = db::stringFromData(ba); } else { int old = db::intFromData(ba); settings["eKeyUse"] = old_eKeyUse2QString(old); } settings["nsCertType"] = QString::number(db::intFromData(ba)); settings["subAltName"] = db::stringFromData(ba); settings["issAltName"] = db::stringFromData(ba); settings["crlDist"] = db::stringFromData(ba); settings["nsComment"] = db::stringFromData(ba); settings["nsBaseUrl"] = db::stringFromData(ba); settings["nsRevocationUrl"] = db::stringFromData(ba); settings["nsCARevocationUrl"] = db::stringFromData(ba); settings["nsRenewalUrl"] = db::stringFromData(ba); settings["nsCaPolicyUrl"] = db::stringFromData(ba); settings["nsSslServerName"] = db::stringFromData(ba); xname.d2i(ba); settings["authInfAcc"] = db::stringFromData(ba); /* certPol = */ db::stringFromData(ba); settings["validMidn"] = QString::number(db::boolFromData(ba)); if (version>2) settings["adv_ext"] = db::stringFromData(ba); if (version>3) settings["noWellDefinedExpDate"] = QString::number(db::boolFromData(ba)); if (ba.size() > 0) { my_error(tr("Wrong Size %1").arg(ba.size())); } } QByteArray pki_temp::toData(bool for_export) const { QByteArray ba(xname.i2d()); QBuffer buf(&ba); buf.open(QIODevice::WriteOnly | QIODevice::Append); QDataStream out(&buf); out.setVersion(TEMPLATE_DS_VERSION); QMap export_settings = settings; if (for_export) { export_settings["internal_name"] = getIntName(); export_settings["internal_comment"] = getComment(); } out << export_settings; buf.close(); return ba; } void pki_temp::fromData(QByteArray &ba, int version) { xname.d2i(ba); QBuffer buf(&ba); buf.open(QIODevice::ReadOnly); QDataStream in(&buf); in.setVersion(TEMPLATE_DS_VERSION); in >> settings; QMap translate; translate["eKyUseCritical"] = "ekuCritical"; translate["keyUseCritical"] ="kuCritical"; for (const QString &key : translate.keys()) { if (settings.contains(key)) settings[translate[key]] = settings.take(key); } if (settings.contains("internal_name")) { qDebug() << "Import internal_name" << settings["internal_name"]; setIntName(settings.take("internal_name")); } if (settings.contains("internal_comment")) { qDebug() << "Import internal_comment" << settings["internal_comment"]; setComment(settings.take("internal_comment")); } buf.close(); (void)version; //if (version < 11) .... } void pki_temp::fromData(const unsigned char *p, int size, int version) { if (version < 10) { old_fromData(p, size, version); } else { QByteArray ba((const char*)p, size); fromData(ba, version); } } QByteArray pki_temp::toExportData() const { QByteArray data, header; BioByteArray b; data = toData(true); header = db::intToData(data.size()); header += db::intToData(TMPL_VERSION); header += data; PEM_write_bio(b, PEM_STRING_XCA_TEMPLATE, (char*)"", (unsigned char*)(header.data()), header.size()); return b.byteArray(); } void pki_temp::writeTemp(XFile &file) const { file.write(PEM_comment() + toExportData()); } void pki_temp::writeDefault(const QString &dirname) const { XFile file(get_dump_filename(dirname, ".xca")); file.open_write(); writeTemp(file); } bool pki_temp::pem(BioByteArray &b) { b += toExportData(); return true; } void pki_temp::fromExportData(QByteArray data) { int version; if (data.size() < (int)sizeof(uint32_t)) my_error(tr("Template file content error (too small)")); db::intFromData(data); version = db::intFromData(data); fromData((const unsigned char*)data.constData(), data.size(), version); } void pki_temp::try_fload(XFile &file) { QByteArray ba = file.read(4096*1024); try { fromPEM_BIO(BioByteArray(ba).ro(), file.fileName()); } catch (errorEx &) { fromExportData(ba); } pki_openssl_error(); } void pki_temp::fload(const QString &fname) { try { XFile file(fname); file.open_read(); try_fload(file); #if defined(Q_OS_WIN32) } catch (errorEx &) { /* Try again in ascii mode on Windows * to support pre 1.1.0 template exports */ XFile file(fname); file.open(QIODevice::ReadOnly | QIODevice::QIODevice::Text); try_fload(file); #else } catch (errorEx &err) { throw err; #endif } } void pki_temp::fromPEM_BIO(BIO *bio, const QString &) { QByteArray ba; QString msg; char *nm = NULL, *header = NULL; unsigned char *data = NULL; long len; PEM_read_bio(bio, &nm, &header, &data, &len); if (ign_openssl_error()) throw errorEx(tr("Not a PEM encoded XCA Template"), getClassName()); if (!strcmp(nm, PEM_STRING_XCA_TEMPLATE)) { ba = QByteArray::fromRawData((char*)data, len); fromExportData(ba); } else { msg = tr("Not an XCA Template, but '%1'").arg(nm); } OPENSSL_free(nm); OPENSSL_free(header); OPENSSL_free(data); if (!msg.isEmpty()) my_error(msg); } pki_temp::~pki_temp() { } bool pki_temp::compare(const pki_base *) const { // we don't care if templates with identical contents // are stored in the database ... return false; } QVariant pki_temp::getIcon(const dbheader *hd) const { return hd->id == HD_internal_name ? QVariant(QPixmap(":templateIco")) : QVariant(); } void pki_temp::autoIntName(const QString &file) { if (getIntName().isEmpty()) setIntName(rmslashdot(file)); if (getIntName().isEmpty()) pki_x509name::autoIntName(file); } xca-RELEASE.2.9.0/lib/pki_temp.h000066400000000000000000000046541477156507700161370ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_TEMP_H #define __PKI_TEMP_H #include "pki_base.h" #include "x509name.h" #include "asn1time.h" #include "pki_x509super.h" #define D5 "-----" #define PEM_STRING_XCA_TEMPLATE "XCA TEMPLATE" #define TMPL_VERSION 10 #define CHECK_TMPL_KEY if (!tmpl_keys.contains(key)) { qFatal("Unknown template key: %s(%s)", __func__, CCHAR(key)); } #define VIEW_temp_version 6 #define VIEW_temp_template 7 class pki_temp: public pki_x509name { Q_OBJECT protected: static const QList tmpl_keys; int dataSize(); void try_fload(XFile &file); bool pre_defined{ false }; x509name xname{}; QMap settings{}; QString adv_ext{}; void fromExtList(extList *el, int nid, const char *item); public: pki_temp(const pki_temp *pk); pki_temp(const QString &d = QString()); ~pki_temp(); QString getSetting(const QString &key) { CHECK_TMPL_KEY return settings[key]; } int getSettingInt(const QString &key) { CHECK_TMPL_KEY return settings[key].toInt(); } void setSetting(const QString &key, const QString &value) { CHECK_TMPL_KEY settings[key] = value; } void setSetting(const QString &key, int value) { CHECK_TMPL_KEY settings[key] = QString::number(value); } void fload(const QString &fname); void writeDefault(const QString &dirname) const ; void fromData(const unsigned char *p, int size, int version); void old_fromData(const unsigned char *p, int size, int version); void fromData(QByteArray &ba, int version); void setAsPreDefined() { pre_defined = true; } QString comboText() const; QByteArray toData(bool for_export = false) const; QString toB64Data() { return QString::fromLatin1(toData().toBase64()); } bool compare(const pki_base *ref) const; void writeTemp(XFile &file) const; QVariant getIcon(const dbheader *hd) const; QString getMsg(msg_type msg, int n = 1) const; x509name getSubject() const; void setSubject(x509name n) { xname = n; } bool pem(BioByteArray &); QByteArray toExportData() const; void fromPEM_BIO(BIO *, const QString &); void fromExportData(QByteArray data); extList fromCert(pki_x509super *cert_or_req); QSqlError insertSqlData(); QSqlError deleteSqlData(); void restoreSql(const QSqlRecord &rec); void autoIntName(const QString &file); }; Q_DECLARE_METATYPE(pki_temp *); #endif xca-RELEASE.2.9.0/lib/pki_x509.cpp000066400000000000000000000716171477156507700162350ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "pki_x509.h" #include "pki_x509req.h" #include "pki_evp.h" #include "pki_scard.h" #include "pki_crl.h" #include "db_base.h" #include "func.h" #include "base.h" #include "exception.h" #include "pass_info.h" #include #include #include #include pki_x509::pki_x509(X509 *c) :pki_x509super(), cert(c) { init(); } pki_x509::pki_x509(const pki_x509 *crt) :pki_x509super(crt) { init(); cert = X509_dup(crt->cert); pki_openssl_error(); issuerSqlId = crt->issuerSqlId; setRefKey(crt->getRefKey()); caTemplateSqlId = crt->caTemplateSqlId; revocation = crt->revocation; crlDays = crt->crlDays; crlExpire = crt->crlExpire; pki_openssl_error(); } pki_x509::pki_x509(const QString &name) :pki_x509super(name) { init(); cert = X509_new(); X509_set_version(cert, 2); pki_openssl_error(); } QString pki_x509::getMsg(msg_type msg, int n) const { /* * We do not construct english sentences from fragments * to allow proper translations. * The drawback are all the slightly different duplicated messages * * %1 will be replaced by the internal name of the certificate */ switch (msg) { case msg_import: return tr("Successfully imported the certificate '%1'"); case msg_delete: return tr("Delete the %n certificate(s): '%1'?", "", n); case msg_create: return tr("Successfully created the certificate '%1'"); } return pki_base::getMsg(msg); } void pki_x509::resetX509ReqCount() const { QList reqs = Store.sqlSELECTpki( "SELECT item FROM x509super LEFT JOIN items ON items.id = x509super.item " "WHERE key_hash=? AND items.type=?", QList() << QVariant(pubHash()) << QVariant(x509_req)); foreach(pki_x509req *req, reqs) req->resetX509count(); } QSqlError pki_x509::insertSqlData() { XSqlQuery q; a1time now; pki_x509 *signer = findIssuer(); QSqlError e = pki_x509super::insertSqlData(); if (e.isValid()) return e; SQL_PREPARE(q, "INSERT INTO certs (item, hash, iss_hash, serial, issuer, " "ca, cert) " "VALUES (?, ?, ?, ?, ?, ?, ?)"); q.bindValue(0, sqlItemId); q.bindValue(1, hash()); q.bindValue(2, getIssuerName().hashNum()); q.bindValue(3, getSerial().toHex()); q.bindValue(4, signer ? signer->getSqlItemId() : QVariant()); q.bindValue(5, (int)isCA()); q.bindValue(6, i2d_b64()); q.exec(); resetX509ReqCount(); if (!isCA()) return q.lastError(); SQL_PREPARE(q, "INSERT INTO authority (item, template, crlExpire, crlNo, crlDays) " "VALUES (?, ?, ?, 0, ?)"); q.bindValue(0, sqlItemId); q.bindValue(1, caTemplateSqlId); q.bindValue(2, crlExpire.toPlain()); q.bindValue(3, crlDays); q.exec(); if (fromDataRevList.size() > 0) fromDataRevList.sqlUpdate(sqlItemId); return q.lastError(); } void pki_x509::restoreSql(const QSqlRecord &rec) { pki_x509super::restoreSql(rec); QByteArray ba = QByteArray::fromBase64( rec.value(VIEW_x509_cert).toByteArray()); d2i(ba); issuerSqlId = rec.value(VIEW_x509_issuer); crlNumber.set(rec.value(VIEW_x509_auth_crlNo).toUInt()); crlExpire.fromPlain(rec.value(VIEW_x509_auth_crlExpire).toString()); caTemplateSqlId = rec.value(VIEW_x509_auth_template); if (!rec.isNull(VIEW_x509_auth_crlDays)) crlDays = rec.value(VIEW_x509_auth_crlDays).toInt(); else crlDays = 30; if (!rec.isNull(VIEW_x509_revocation)) revocation = x509rev(rec, VIEW_x509_revocation); } QSqlError pki_x509::deleteSqlData() { XSqlQuery q; QSqlError e = pki_x509super::deleteSqlData(); QStringList tasks; tasks << "DELETE FROM certs WHERE item=?" << "DELETE FROM authority WHERE item=?" << "UPDATE crls SET issuer=NULL WHERE issuer=?" << "UPDATE certs SET issuer=NULL WHERE issuer=?" << "DELETE FROM revocations WHERE caId=?" << "DELETE FROM takeys WHERE item=?" ; foreach(QString task, tasks) { SQL_PREPARE(q, task); q.bindValue(0, sqlItemId); q.exec(); e = q.lastError(); if (e.isValid()) return e; } // Select affected items q = Store.sqlSELECTpki( "SELECT DISTINCT items.id FROM items, certs, crls " "WHERE (items.id = certs.item OR items.id = crls.item) " "AND crls.issuer = ? AND certs.issuer = ?", QList() << QVariant(sqlItemId) << QVariant(sqlItemId)); while (q.next()) AffectedItems(q.value(0)); resetX509ReqCount(); return q.lastError(); } pki_x509 *pki_x509::findIssuer() { XSqlQuery q; pki_x509 *issuer = NULL; unsigned hash; if ((issuer = getSigner()) != NULL) return issuer; // first check for self-signed if (verify(this)) return this; hash = getIssuerName().hashNum(); /* Select X509 CA certificates with subject-hash == hash */ SQL_PREPARE(q, "SELECT x509super.item from x509super " "JOIN certs ON certs.item = x509super.item " "WHERE certs.ca=1 AND x509super.subj_hash=?"); q.bindValue(0, hash); q.exec(); while (q.next()) { pki_x509 *an_issuer = Store.lookupPki(q.value(0)); qDebug() << "Possible Issuer of" << *this << *an_issuer << an_issuer->getNotAfter(); if (!an_issuer) { qDebug("Certificate with id %d not found", q.value(0).toInt()); continue; } if (verify_only(an_issuer)) { if (!issuer || (issuer->getNotAfter() < an_issuer->getNotAfter())) { qDebug() << "New issuer of" << *this << *an_issuer << an_issuer->getNotAfter(); issuer = an_issuer; } } } verify(issuer); return issuer; } void pki_x509::fromPEM_BIO(BIO *bio, const QString &fname) { X509 *_cert; _cert = PEM_read_bio_X509(bio, NULL, NULL, NULL); openssl_error_msg(fname); if (!_cert) throw errorEx(); X509_free(cert); cert = _cert; } void pki_x509::fload(const QString &fname) { X509 *_cert; XFile file(fname); file.open_read(); QByteArray ba(file.readAll()); _cert = PEM_read_bio_X509(BioByteArray(ba).ro(), NULL, NULL, NULL); if (!_cert) { pki_ign_openssl_error(); _cert = d2i_X509_bio(BioByteArray(ba).ro(), NULL); } if (pki_ign_openssl_error() || !_cert) { if (_cert) X509_free(_cert); throw errorEx(tr("Unable to load the certificate in file %1. Tried PEM and DER certificate.").arg(fname)); } X509_free(cert); cert = _cert; } pki_x509::~pki_x509() { if (cert) { X509_free(cert); } pki_openssl_error(); } void pki_x509::init() { crlExpire.setUndefined(); pkiType = x509; } void pki_x509::setSerial(const a1int &serial) { X509_set_serialNumber(cert, serial.get()); pki_openssl_error(); } a1int pki_x509::getSerial() const { a1int a(X509_get_serialNumber(cert)); pki_openssl_error(); return a; } pki_x509 *pki_x509::getBySerial(const a1int &a) const { foreach(pki_base *p, childItems) { pki_x509 *pki = static_cast(p); if (a == pki->getSerial()) return pki; } return NULL; } #define D5 "-----" #define OVPN_TA_KEY "OpenVPN Static key V1" QString pki_x509::getTaKey() { XSqlQuery q; QByteArray b; pki_x509 *issuer = getSigner(); if (!isCA() && issuer && issuer != this) return issuer->getTaKey(); Transaction; if (!TransBegin()) return QString(); SQL_PREPARE(q, "SELECT value FROM takeys WHERE item = ?"); q.bindValue(0, sqlItemId); q.exec(); if (q.next()) { b = QByteArray::fromBase64(q.value(0).toByteArray()); qDebug() << "Loaded TA key" << this << b.size() << QString::fromLatin1(b.toHex()).left(6); } else { b.resize(2048/8); RAND_bytes((unsigned char*)b.data(), 2048/8); SQL_PREPARE(q, "INSERT INTO takeys (item, value) VALUES ( ?, ? )"); q.bindValue(0, sqlItemId); q.bindValue(1, b.toBase64()); q.exec(); qDebug() << "Generated TA key" << this << b.size() << QString::fromLatin1(b.toHex()).left(6); } TransCommit(); QString takey(D5 "BEGIN " OVPN_TA_KEY D5 "\n"); QString hex(QString::fromLatin1(b.toHex())); for (int i=0; i<16; i++) takey += hex.mid(32*i, 32) + "\n"; takey += D5 "END " OVPN_TA_KEY D5 "\n"; return takey; } bool pki_x509::importTaKey(const QByteArray &takey) { int start = takey.indexOf(D5 "BEGIN " OVPN_TA_KEY D5); int end = takey.indexOf(D5 "END " OVPN_TA_KEY D5); QByteArray data, existing_takey; bool existed= false; if (start >= 0 && end > 0 && start < end) { start += sizeof D5 "BEGIN " OVPN_TA_KEY D5; data = QByteArray::fromHex(takey.mid(start, end-start)); qDebug() << "TAKEY content" << start << end << data.size(); } if (data.size() != 2048/8) { XCA_ERROR(tr("Invalid OpenVPN tls-auth key")); return false; } XSqlQuery q; Transaction; if (!TransBegin()) return false; SQL_PREPARE(q, "SELECT value FROM takeys WHERE item = ?"); q.bindValue(0, sqlItemId); q.exec(); if (q.next()) { existed = true; existing_takey = QByteArray::fromBase64(q.value(0).toByteArray()); qDebug() << "Existing TA key" << this << existing_takey.size() << QString::fromLatin1(existing_takey.toHex()).left(6); } if (existing_takey != data) { if (existed) SQL_PREPARE(q, "UPDATE takeys SET value = ? WHERE item = ?"); else SQL_PREPARE(q, "INSERT INTO takeys (item, value) VALUES ( ?, ? )"); q.bindValue(0, sqlItemId); q.bindValue(1, data.toBase64()); q.exec(); } TransCommit(); QSqlError e = q.lastError(); if (e.isValid()) { XCA_ERROR(tr("Failed to import tls-auth key")); return false; } else if (existing_takey == data) { XCA_INFO(tr("Same tls-auth key already stored for this CA")); } else if (existing_takey.isEmpty()) { XCA_INFO(tr("New tls-auth key successfully imported")); } else { XCA_INFO(tr("Existing tls-auth key successfully replaced")); } return true; } a1int pki_x509::hashInfo(const EVP_MD *md) const { unsigned char digest[EVP_MAX_MD_SIZE]; unsigned len = 0; if (!X509_digest(cert, md, digest, &len)) pki_openssl_error(); a1int a; a.setRaw(digest,len); return a; } void pki_x509::load_token(pkcs11 &p11, CK_OBJECT_HANDLE object) { QString desc; pk11_attr_ulong type(CKA_CERTIFICATE_TYPE); p11.loadAttribute(type, object); if (type.getValue() != CKC_X_509) throw errorEx(QString("Unsupported Certificate type %1" ).arg(type.getValue())); try { pk11_attr_data label(CKA_LABEL); p11.loadAttribute(label, object); desc = label.getText(); } catch(errorEx &err) { qDebug("No Cert Label: %s", err.getCString()); // IGNORE } pk11_attr_data x509(CKA_VALUE); p11.loadAttribute(x509, object); QByteArray der = x509.getData(); d2i(der); if (desc.isEmpty()) { try { x509name xn; pk11_attr_data subj(CKA_SUBJECT); p11.loadAttribute(subj, object); QByteArray der = subj.getData(); xn.d2i(der); desc = xn.getMostPopular(); pki_openssl_error(); } catch(errorEx &err) { qDebug("No Cert Subject: %s", err.getCString()); // IGNORE } } setIntName(desc); pkiSource = token; pki_openssl_error(); } void pki_x509::d2i(QByteArray &ba) { X509 *c = (X509*)d2i_bytearray(D2I_VOID(d2i_X509), ba); if (c) { X509_free(cert); cert = c; } pki_openssl_error(); } QByteArray pki_x509::i2d() const { return i2d_bytearray(I2D_VOID(i2d_X509), cert); } void pki_x509::store_token(bool alwaysSelect) { pki_scard *card = NULL; slotid slot; x509name xname; QList objects; pkcs11 p11; pki_key *privkey = getRefKey(); if (!privkey || !privkey->isToken() || alwaysSelect) { if (!p11.selectToken(&slot, NULL)) return; } else { card = dynamic_cast(privkey); if (!card || !card->prepare_card(&slot)) return; } pk11_attlist p11_atts; p11_atts << pk11_attr_ulong(CKA_CLASS, CKO_CERTIFICATE) << pk11_attr_ulong(CKA_CERTIFICATE_TYPE, CKC_X_509) << pk11_attr_data(CKA_VALUE, i2d()); p11.startSession(slot, true); QList objs = p11.objectList(p11_atts); if (objs.count() != 0) { XCA_WARN(tr("This certificate is already on the security token")); return; } p11_atts << pk11_attr_bool(CKA_TOKEN, true) << pk11_attr_bool(CKA_PRIVATE, false) << pk11_attr_data(CKA_SUBJECT, getSubject().i2d()) << pk11_attr_data(CKA_ISSUER, getIssuerName().i2d()) << pk11_attr_data(CKA_SERIAL_NUMBER, getSerial().i2d()) << pk11_attr_data(CKA_LABEL, desc.toUtf8()) << (card ? card->getIdAttr() : p11.findUniqueID(CKO_CERTIFICATE)); if (!p11.tokenLoginForModification()) return; p11.createObject(p11_atts); } void pki_x509::deleteFromToken() { pki_key *privkey = getRefKey(); pki_scard *card = dynamic_cast(privkey); slotidList p11_slots; if (!card || !pkcs11::libraries.loaded()) return; if (privkey && privkey->isToken()) { slotid slot; if (!card->prepare_card(&slot)) return; p11_slots << slot; } else { pkcs11 p11; p11_slots = p11.getSlotList(); } for (int i=0; i objs = p11.objectList(atts); if (!objs.count()) return; tkInfo ti = p11.tokenInfo(); if (!XCA_YESNO(tr("Delete the certificate '%1' from the token '%2 (#%3)'?"). arg(getIntName()).arg(ti.label()).arg(ti.serial()))) { return; } if (!p11.tokenLoginForModification()) return; p11.deleteObjects(objs); } int pki_x509::renameOnToken(const slotid &slot, const QString &name) { pkcs11 p11; p11.startSession(slot, true); pk11_attlist attrs = objectAttributes(); QList objs = p11.objectList(attrs); if (!objs.count()) return 0; pk11_attr_data label(CKA_LABEL, name.toUtf8()); if (!p11.tokenLoginForModification()) return 0; p11.storeAttribute(label, objs[0]); return 1; } void pki_x509::setNotBefore(const a1time &a) { a1time t(a); X509_set_notBefore(cert, t.get_utc()); pki_openssl_error(); } void pki_x509::setNotAfter(const a1time &a) { a1time t(a); X509_set_notAfter(cert, t.get_utc()); pki_openssl_error(); } a1time pki_x509::getNotBefore() const { a1time a(X509_get_notBefore(cert)); return a; } a1time pki_x509::getNotAfter() const { a1time a(X509_get_notAfter(cert)); return a; } x509name pki_x509::getSubject() const { x509name x(X509_get_subject_name(cert)); pki_openssl_error(); return x; } x509name pki_x509::getIssuerName() const { x509name x(X509_get_issuer_name(cert)); pki_openssl_error(); return x; } void pki_x509::setSubject(const x509name &n) { X509_set_subject_name(cert, n.get()); pki_openssl_error(); } void pki_x509::setIssuer(const x509name &n) { X509_set_issuer_name(cert, n.get()); pki_openssl_error(); } bool pki_x509::addV3ext(const x509v3ext &e, bool skip_existing) { if (!e.isValid()) return false; if (skip_existing && X509_get_ext_by_NID(cert, e.nid(), -1) != -1) return false; X509_EXTENSION *ext = e.get(); X509_add_ext(cert, ext, -1); X509_EXTENSION_free(ext); pki_openssl_error(); return true; } void pki_x509::delSigner(pki_base *s) { if (s && (s->getSqlItemId() == issuerSqlId)) issuerSqlId = QVariant(); } bool pki_x509::isCA() const { return X509_check_ca(cert) == 1; } bool pki_x509::canSign() const { pki_key *privkey = getRefKey(); if (!privkey || privkey->isPubKey()) return false; if (privkey->isToken() && !pkcs11::libraries.loaded()) return false; return isCA(); } bool pki_x509::hasExtension(int nid) const { return getV3ext().idxByNid(nid) != -1; } void pki_x509::sign(pki_key *signkey, const digest &digest) { EVP_PKEY *tkey; if (!signkey) { my_error(tr("There is no key for signing !")); } tkey = signkey->decryptKey(); pki_openssl_error(); X509_sign(cert, tkey, digest.MD()); pki_openssl_error(); EVP_PKEY_free(tkey); pki_openssl_error(); } void pki_x509::writeDefault(const QString &dirname) const { XFile file(get_dump_filename(dirname, ".crt")); file.open_write(); writeCert(file, true); } void pki_x509::writeCert(XFile &file, bool PEM) const { if (!cert) return; BioByteArray b; if (PEM) { b += PEM_comment(); PEM_write_bio_X509(b, cert); } else { i2d_X509_bio(b, cert); } pki_openssl_error(); file.write(b); } QString pki_x509::getIndexEntry() { QString flag = NULL; bool revoked = isRevoked(); if (revoked) flag = "R"; else if (checkDate()) flag = "V"; else flag = "E"; return QString("%1\t%2\t%3\t%4\tunknown\t%5\n").arg( flag, getNotAfter().toPlainUTC(), revoked ? revocation.getDate().toPlainUTC() : "", getSerial(), QString(X509_NAME_oneline(getSubject().get(), NULL, 0))); } bool pki_x509::pem(BioByteArray &b) { const pki_export *xport = pki_export::by_id(Settings["CertFormat"]); if (xport->match_all(F_PEM | F_CHAIN)) { pki_x509 *iss, *prev; for (iss = this, prev = nullptr; iss && iss != prev; prev = iss, iss = iss->getSigner()) { qDebug() << "Exporting to ClipBoard" << iss->getIntName(); if (!PEM_write_bio_X509(b, iss->cert)) return false; } } else if (xport->match_all(F_PEM | F_PRIVATE)) { pki_key *key = getRefKey(); if (!key || !PEM_write_bio_X509(b, cert)) return false; return key->pem(b, xport); } else { return PEM_write_bio_X509(b, cert); } return true; } void pki_x509::fillJWK(QJsonObject &json, const pki_export *xport) const { QByteArray der = i2d(); pki_key *key = getPubKey(); key->fillJWK(json, xport); json["kid"] = getIntName(); json["x5t"] = BioByteArray(Digest(der, EVP_sha1())).base64UrlEncode(); json["x5t#256"] = BioByteArray(Digest(der, EVP_sha256())).base64UrlEncode(); if (xport->match_all(F_JWK_X5C)) { QJsonArray x5c; for (const pki_x509 *cert = this, *prev = nullptr; cert && cert != prev; prev = cert, cert = cert->getSigner()) { x5c.append(cert->i2d_b64()); } json["x5c"] = x5c; } delete key; } bool pki_x509::cmpIssuerAndSerial(pki_x509 *refcert) { bool ret = X509_issuer_and_serial_cmp(cert, refcert->cert); pki_openssl_error(); return ret; } bool pki_x509::verify_only(const pki_x509 *signer) const { return X509_check_issued(signer->getCert(), cert) == X509_V_OK; } bool pki_x509::verify(pki_x509 *signer) { if (getSigner() || !signer) return false; if (signer == this && issuerSqlId == sqlItemId && issuerSqlId != QVariant()) return true; if (signer && verify_only(signer)) { int idx; x509rev r; x509revList rl(revocation); r.setSerial(getSerial()); setSigner(signer); signer->mergeRevList(rl); rl = signer->getRevList(); idx = rl.indexOf(r); if (idx != -1) revocation = rl[idx]; return true; } return false; } x509revList pki_x509::getRevList() const { return isCA() ? x509revList::fromSql(sqlItemId) : x509revList(); } void pki_x509::mergeRevList(x509revList &l) { x509revList revList = getRevList(); revList.merge(l); if (revList.merged) revList.sqlUpdate(sqlItemId); } void pki_x509::setRevocations(const x509revList &rl) { x509rev rev; x509revList revList = rl; foreach(pki_base *p, childItems) { pki_x509 *pki = static_cast(p); rev.setSerial(pki->getSerial()); int idx = revList.indexOf(rev); if (idx != -1) pki->revocation = revList[idx]; else pki->revocation = x509rev(); } revList.sqlUpdate(sqlItemId); } pki_key *pki_x509::getPubKey() const { EVP_PKEY *pkey = X509_get_pubkey(cert); pki_ign_openssl_error(); if (pkey == NULL) return NULL; pki_evp *key = new pki_evp(pkey); pki_openssl_error(); return key; } bool pki_x509::compareNameAndKey(pki_x509 *other) { int r; X509_NAME *s1, *s2; EVP_PKEY *pub1, *pub2; if (!cert || !other->cert) return false; s1 = X509_get_subject_name(cert); s2 = X509_get_subject_name(other->cert); pki_openssl_error(); if (!s1 || !s2) return false; /* X509_NAME_cmp returns 0 if they match */ r = X509_NAME_cmp(s1, s2); pki_openssl_error(); if (r) return false; pub1 = X509_get_pubkey(cert); pub2 = X509_get_pubkey(other->cert); pki_ign_openssl_error(); if (!pub1 || !pub2) return false; /* EVP_PKEY_cmp() return 1 if the keys match */ r = EVP_PKEY_cmp(pub1, pub2); pki_openssl_error(); return r == 1; } void pki_x509::setPubKey(pki_key *key) { X509_set_pubkey(cert, key->getPubKey()); pki_openssl_error(); } QString pki_x509::fingerprint(const EVP_MD *digest) const { return ::fingerprint(i2d(), digest); } bool pki_x509::checkDate() { a1time n, b, a; n = a1time::now(), b = getNotBefore(); a = getNotAfter(); pki_openssl_error(); if (!a.isValid() || !b.isValid()) return false; if (!a.isUndefined() && (a < n)) return false; if (b > n) return false; pki_openssl_error(); return true; } extList pki_x509::getV3ext() const { extList el; el.setStack(X509_get0_extensions(cert)); return el; } x509v3ext pki_x509::getExtByNid(int nid) const { extList el = getV3ext(); int i = el.idxByNid(nid); try { pki_openssl_error(); } catch(errorEx &err) { XCA_WARN(err.getString()); } if (i == -1) return x509v3ext(); return el[i]; } int pki_x509::sigAlg() const { return X509_get_signature_nid(cert); } pki_x509 *pki_x509::getSigner() const { return Store.lookupPki(issuerSqlId); } bool pki_x509::isRevoked() const { return revocation.isValid(); } void pki_x509::setRevoked(const x509rev &revok) { revocation = revok; } bool pki_x509::caAndPathLen(bool *ca, a1int *pathlen, bool *hasLen) const { x509v3ext e = getExtByNid(NID_basic_constraints); if (e.nid() != NID_basic_constraints) return false; BASIC_CONSTRAINTS *bc = (BASIC_CONSTRAINTS *)e.d2i(); if (hasLen) *hasLen = bc->pathlen ? true : false; if (pathlen && bc->pathlen) pathlen->set(bc->pathlen); if (ca) *ca = bc->ca; BASIC_CONSTRAINTS_free(bc); pki_openssl_error(); return true; } QVariant pki_x509::column_data(const dbheader *hd) const { switch (hd->id) { case HD_cert_serial: return QVariant(getSerial().toHex()); case HD_cert_md5fp: return QVariant(fingerprint(EVP_md5())); case HD_cert_sha1fp: return QVariant(fingerprint(EVP_sha1())); case HD_cert_sha256fp: return QVariant(fingerprint(EVP_sha256())); case HD_cert_ca: { a1int len; bool ca, haslen; if (caAndPathLen(&ca, &len, &haslen)) { if (ca && haslen) return QVariant(len.toDec()); if (!ca) return QVariant(tr("No")); else return QVariant(tr("Yes")); } break; } } return pki_x509super::column_data(hd); } a1time pki_x509::column_a1time(const dbheader *hd) const { switch (hd->id) { case HD_cert_notBefore: return getNotBefore(); case HD_cert_notAfter: return getNotAfter(); case HD_cert_revocation: if (isRevoked()) return revocation.getDate(); break; case HD_cert_crl_expire: if (canSign()) return crlExpire; break; } return pki_base::column_a1time(hd); } QStringList pki_x509::icsVEVENT() const { return pki_base::icsVEVENT(getNotAfter(), tr("Renew certificate: %1").arg(getIntName()), tr("The XCA certificate '%1', issued on %2 " "will expire on %3.\n" "It is stored in the XCA database '%4'") .arg(getIntName()) .arg(getNotBefore().toPretty()) .arg(getNotAfter().toPretty()) .arg(nativeSeparator(Database.name())) ); } void pki_x509::collect_properties(QMap &prp) const { prp["Issuer"] = getIssuerName().oneLine(XN_FLAG_RFC2253); prp["Serial"] = getSerial().toHex(); prp["CA"] = isCA() ? "Yes" : "No"; prp["Not Before"] = getNotBefore().toPretty(); prp["Not After"] = getNotAfter().toPretty(); prp["Self signed"] = verify_only(this) ? "Yes" : "No"; pki_x509super::collect_properties(prp); } void pki_x509::print(BioByteArray &bba, enum print_opt opt) const { pki_x509super::print(bba, opt); switch (opt) { case print_openssl_txt: X509_print(bba, cert); break; case print_pem: PEM_write_bio_X509(bba, cert); break; case print_coloured: break; } } QStringList pki_x509::icsVEVENT_ca() const { QStringList ics; pki_crl *crl = NULL; ics << icsVEVENT(); foreach(pki_base *p, childItems) { pki_x509 *pki = static_cast(p); if (pki->getNotAfter() > a1time() && !isRevoked()) ics << pki->icsVEVENT(); } QList list = Store.sqlSELECTpki( "SELECT item FROM crls WHERE issuer = ?", QList() << QVariant(sqlItemId)); /* Get latest CRL */ foreach(pki_crl *pki, list) { if (!crl || crl->getNextUpdate() < pki->getNextUpdate()) crl = pki; } if (crl) ics << crl->icsVEVENT(); return ics; } QVariant pki_x509::getIcon(const dbheader *hd) const { int pixnum = 0; bool ca; QStringList icon_names { ":validcertIco", ":validcertkeyIco", ":invalidcertIco", ":invalidcertkeyIco" }; switch (hd->id) { case HD_cert_ca: if (!caAndPathLen(&ca, NULL, NULL)) return QVariant(); if (!ca) return QVariant(); return QVariant(QPixmap(":doneIco")); case HD_internal_name: if (hasPrivKey()) pixnum += 1; if (isRevoked()) pixnum += 2; break; default: return pki_x509super::getIcon(hd); } return QVariant(QPixmap(icon_names[pixnum])); } bool pki_x509::unusable() const { return getNotAfter() < a1time::now() || isRevoked(); } bool pki_x509::visible() const { if (pki_x509super::visible()) return true; if (getIssuerName().search(limitPattern)) return true; if (fingerprint(EVP_md5()).contains(limitPattern)) return true; if (fingerprint(EVP_sha1()).contains(limitPattern)) return true; if (fingerprint(EVP_sha256()).contains(limitPattern)) return true; if (getSerial().toHex().contains(limitPattern)) return true; return false; } QVariant pki_x509::bg_color(const dbheader *hd) const { if (Settings["no_expire_colors"]) return QVariant(); QString unit, cert_expiry_num = Settings["cert_expiry"]; unit = cert_expiry_num.right(1); cert_expiry_num.chop(1); int n = cert_expiry_num.toInt(); a1time nb, na, now, certwarn; nb = getNotBefore(); na = getNotAfter(); now = a1time::now(); if (unit == "%") { quint64 lifetime = nb.secsTo(na); certwarn = nb.addSecs(lifetime *n /100); } else if (unit == "D") { certwarn = na.addDays(-n); } else if (unit == "W") { certwarn = na.addDays(-n*7); } switch (hd->id) { case HD_cert_notBefore: if (nb > now || !nb.isValid() || nb.isUndefined()) return QVariant(red); break; case HD_cert_notAfter: { if (na.isUndefined()) return QVariant(cyan); if (na < now) return QVariant(red); if (certwarn < now) return QVariant(yellow); break; } case HD_cert_crl_expire: if (canSign()) { QDateTime crlwarn, crlex; crlex = crlExpire; if (!crlExpire.isUndefined()) { crlwarn = crlex.addSecs(-2 *60*60*24); if (crlex < now) return QVariant(red); if (crlwarn < now || !crlex.isValid()) return QVariant(yellow); } } } return QVariant(); } static int verify_cb(int ok, X509_STORE_CTX *ctx) { int cert_error = X509_STORE_CTX_get_error(ctx); QList *errors = (QList*)X509_STORE_CTX_get_app_data(ctx); if (cert_error != X509_V_OK && errors->indexOf(cert_error) == -1) errors->append(cert_error); qDebug() << "OK:" << ok << "Error:" << cert_error << get_ossl_verify_error(cert_error); return 1; } QList pki_x509::ossl_verify() const { STACK_OF(X509) *untrusted = sk_X509_new_null(); Q_CHECK_PTR(untrusted); STACK_OF(X509) *trusted = sk_X509_new_null(); Q_CHECK_PTR(trusted); X509_STORE_CTX *csc = X509_STORE_CTX_new(); Q_CHECK_PTR(csc); for (pki_x509 *crt = getSigner(), *oldcrt = nullptr; crt && crt != oldcrt; oldcrt = crt, crt = crt->getSigner()) { if (crt && crt == crt->getSigner()) sk_X509_push(trusted, crt->getCert()); else sk_X509_push(untrusted, crt->getCert()); } QList errors; X509_STORE_CTX_init(csc, NULL, cert, untrusted); X509_STORE_CTX_set0_trusted_stack(csc, trusted); X509_STORE_CTX_set_verify_cb(csc, verify_cb); X509_STORE_CTX_set_app_data(csc, (void *)&errors); X509_VERIFY_PARAM *param = X509_VERIFY_PARAM_new(); Q_CHECK_PTR(param); X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_POLICY_CHECK | X509_V_FLAG_X509_STRICT); X509_VERIFY_PARAM_set_depth(param, 20); X509_STORE_CTX_set0_param(csc, param); qDebug() << "########### START VERIFY" << getIntName(); int i = X509_verify_cert(csc); for (int cert_error : errors) { qDebug() << "VERIFY_CB" << getIntName() << cert_error << get_ossl_verify_error(cert_error) << X509_verify_cert_error_string(cert_error); } qDebug() << "########### END VERIFY" << getIntName() << i; X509_STORE_CTX_free(csc); sk_X509_free(untrusted); sk_X509_free(trusted); pki_ign_openssl_error(); return errors; } QList pki_x509::purposes() const { QList purposes; for (int i = 0; i< X509_PURPOSE_get_count(); i++) { X509_PURPOSE *purp = X509_PURPOSE_get0(i); int id = X509_PURPOSE_get_id(purp); if (id == X509_PURPOSE_ANY) continue; Q_CHECK_PTR(purp); int r = X509_check_purpose(cert, id, 0); qDebug() << "Purpose" << i << X509_PURPOSE_get0_name(purp) << isCA() << r; if (r) purposes << purp; } return purposes; } int pki_x509::name_constraint_check(pki_x509 *issuer) const { int rc = X509_V_OK; if (!issuer || issuer == this) return rc; x509v3ext e = issuer->getExtByNid(NID_name_constraints); if (e.nid() != NID_name_constraints) return rc; NAME_CONSTRAINTS *nc = (NAME_CONSTRAINTS *)e.d2i(); Q_CHECK_PTR(nc); rc = NAME_CONSTRAINTS_check(cert, nc); #ifndef LIBRESSL_VERSION_NUMBER if (!isCA() && rc == X509_V_OK) rc = NAME_CONSTRAINTS_check_CN(cert, nc); #endif NAME_CONSTRAINTS_free(nc); pki_openssl_error(); qDebug() << getIntName() << issuer->getIntName() << get_ossl_verify_error(rc); return rc; } xca-RELEASE.2.9.0/lib/pki_x509.h000066400000000000000000000111321477156507700156640ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_X509_H #define __PKI_X509_H #include #include #include #include "database_model.h" #include "pki_x509super.h" #include "x509rev.h" #include "x509v3ext.h" #include "pkcs11.h" #define VIEW_x509_serial 7 #define VIEW_x509_issuer 8 #define VIEW_x509_ca 9 #define VIEW_x509_cert 10 #define VIEW_x509_auth_template 11 #define VIEW_x509_auth_crlExpire 12 #define VIEW_x509_auth_crlNo 13 #define VIEW_x509_auth_crlDays 14 #define VIEW_x509_auth_dnPolicy_UNUSED 15 #define VIEW_x509_revocation 16 class pki_key; class pki_x509 : public pki_x509super { Q_OBJECT private: QVariant issuerSqlId{}; a1time crlExpire{}; a1int crlNumber{}; int crlDays{ 30 }; QVariant caTemplateSqlId{}; X509 *cert{}; x509rev revocation{}; x509revList fromDataRevList{}; void init(); void resetX509ReqCount() const; protected: int sigAlg() const; void collect_properties(QMap &prp) const; public: pki_x509(X509 *c); pki_x509(const pki_x509 *crt); pki_x509(const QString &name = QString()); ~pki_x509(); void setSigner(pki_x509 *s) { issuerSqlId = s ? s->getSqlItemId() : QVariant(); } void fload(const QString &fname); void load_token(pkcs11 &p11, CK_OBJECT_HANDLE object); void store_token(bool alwaysSelect); void fromPEM_BIO(BIO *bio, const QString &name); void writeDefault(const QString &dirname) const; a1int hashInfo(const EVP_MD *md) const; void setSerial(const a1int &serial); a1int getSerial() const; void setNotBefore(const a1time &a); void setNotAfter(const a1time &a); a1time getNotBefore() const; a1time getNotAfter() const; x509name getSubject() const; x509name getIssuerName() const; void setSubject(const x509name &n); void setIssuer(const x509name &n); bool caAndPathLen(bool *ca, a1int *pathlen, bool *hasLen) const; bool isCA() const; bool canSign() const; void writeCert(XFile &file, bool PEM) const; void fillJWK(QJsonObject &json, const pki_export *xport) const; QString getIndexEntry(); bool verify(pki_x509 *signer); bool verify_only(const pki_x509 *signer) const; pki_key *getPubKey() const; void setPubKey(pki_key *key); pki_x509 *getSigner() const; void delSigner(pki_base *s); QString fingerprint(const EVP_MD *digest) const; extList getV3ext() const; bool checkDate(); bool addV3ext(const x509v3ext &e, bool skip_existing = false); void sign(pki_key *signkey, const digest &digest); pki_x509 *findIssuer(); X509 *getCert() const { return cert; } void setRevoked(bool rev, a1time inval = a1time(), QString reason = QString()); void setRevoked(const x509rev &revok); bool isRevoked() const; pki_x509 *getBySerial(const a1int &a) const; a1int getCrlNumber() const { return crlNumber; } void setCrlNumber(a1int n) { if (n > crlNumber) crlNumber = n; } void setTemplateSqlId(QVariant sqlId) { caTemplateSqlId = sqlId; } QVariant getTemplateSqlId() { return caTemplateSqlId; } void setCrlDays(int s) { if (s > 0) crlDays = s; } int getCrlDays() { return crlDays; } x509rev getRevocation() { return revocation; } pk11_attlist objectAttributes(); bool hasExtension(int nid) const; bool cmpIssuerAndSerial(pki_x509 *refcert); bool visible() const; bool unusable() const; void updateView(); void print(BioByteArray &b, enum print_opt opt) const; x509v3ext getExtByNid(int nid) const; QVariant column_data(const dbheader *hd) const; QVariant getIcon(const dbheader *hd) const; a1time column_a1time(const dbheader *hd) const; QByteArray i2d() const; void d2i(QByteArray &ba); void deleteFromToken(); void deleteFromToken(const slotid &slot); QString getMsg(msg_type msg, int n = 1) const; int renameOnToken(const slotid &slot, const QString &name); bool pem(BioByteArray &); QVariant bg_color(const dbheader *hd) const; void mergeRevList(x509revList &l); void setRevocations(const x509revList &rl); x509revList getRevList() const; bool compareNameAndKey(pki_x509 *other); void setCrlExpire(a1time a) { crlExpire = a; } QSqlError insertSqlData(); QSqlError deleteSqlData(); void restoreSql(const QSqlRecord &rec); QStringList icsVEVENT() const; QStringList icsVEVENT_ca() const; QString getTaKey(); bool importTaKey(const QByteArray &takey); QList ossl_verify() const; bool check_ca() const; QList purposes() const; int name_constraint_check(pki_x509 *issuer) const; }; Q_DECLARE_METATYPE(pki_x509 *); #endif xca-RELEASE.2.9.0/lib/pki_x509req.cpp000066400000000000000000000213161477156507700167340ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include #include "pki_x509.h" #include "pki_x509req.h" #include "pki_evp.h" #include "func.h" #include "db_base.h" #include "x509name.h" #include "exception.h" #include pki_x509req::pki_x509req(const QString &name) : pki_x509super(name) { request = X509_REQ_new(); pki_openssl_error(); pkiType = x509_req; resetX509count(); } pki_x509req::pki_x509req(const pki_x509req *req) : pki_x509super(req) { request = X509_REQ_dup(request); done = req->done; resetX509count(); pki_openssl_error(); } pki_x509req::~pki_x509req() { if (request) X509_REQ_free(request); } QSqlError pki_x509req::insertSqlData() { XSqlQuery q; QSqlError e = pki_x509super::insertSqlData(); if (e.isValid()) return e; SQL_PREPARE(q, "INSERT INTO requests (item, hash, signed, request) " "VALUES (?, ?, ?, ?)"); q.bindValue(0, sqlItemId); q.bindValue(1, hash()); q.bindValue(2, done ? 1 : 0); q.bindValue(3, i2d_b64()); q.exec(); return q.lastError(); } void pki_x509req::markSigned(bool signe) { XSqlQuery q; Transaction; TransThrow(); SQL_PREPARE(q, "UPDATE requests SET signed=? WHERE item=?"); q.bindValue(0, signe ? 1 : 0); q.bindValue(1, sqlItemId); q.exec(); if (q.lastError().isValid()) return; done = signe; AffectedItems(sqlItemId); TransCommit(); } void pki_x509req::restoreSql(const QSqlRecord &rec) { pki_x509super::restoreSql(rec); QByteArray ba = QByteArray::fromBase64( rec.value(VIEW_x509req_request).toByteArray()); d2i(ba); done = rec.value(VIEW_x509req_signed).toBool(); } QSqlError pki_x509req::deleteSqlData() { XSqlQuery q; QSqlError e = pki_x509super::deleteSqlData(); if (e.isValid()) return e; SQL_PREPARE(q, "DELETE FROM requests WHERE item=?"); q.bindValue(0, sqlItemId); q.exec(); return q.lastError(); } void pki_x509req::createReq(pki_key *key, const x509name &dn, const digest &digest, extList el) { QList bad_nids; bad_nids << NID_authority_key_identifier << NID_issuer_alt_name << NID_undef; EVP_PKEY *privkey = NULL; if (key->isPubKey()) { my_error(tr("Signing key not valid (public key)")); return; } X509_REQ_set_version(request, 0L); X509_REQ_set_pubkey(request, key->getPubKey()); setSubject(dn); pki_openssl_error(); foreach(int nid , bad_nids) el.delByNid(nid); el.delInvalid(); if (el.count() > 0) { STACK_OF(X509_EXTENSION) *sk; sk = el.getStack(); X509_REQ_add_extensions(request, sk); sk_X509_EXTENSION_pop_free(sk, X509_EXTENSION_free); } pki_openssl_error(); privkey = key->decryptKey(); X509_REQ_sign(request, privkey, digest.MD()); pki_openssl_error(); EVP_PKEY_free(privkey); } QString pki_x509req::getMsg(msg_type msg, int n) const { /* * We do not construct english sentences from fragments * to allow proper translations. * The drawback are all the slightly different duplicated messages * * %1 will be replaced by the internal name of the request */ switch (msg) { case msg_import: return tr("Successfully imported the PKCS#10 certificate request '%1'"); case msg_delete: return tr("Delete the %n PKCS#10 certificate request(s): '%1'?", "", n); case msg_create: return tr("Successfully created the PKCS#10 certificate request '%1'"); } return pki_base::getMsg(msg); } void pki_x509req::fromPEM_BIO(BIO *bio, const QString &name) { X509_REQ *req; req = PEM_read_bio_X509_REQ(bio, NULL, NULL, NULL); openssl_error_msg(name); if (!req) throw errorEx(); X509_REQ_free(request); request = req; } void pki_x509req::fload(const QString &fname) { X509_REQ *_req; XFile file(fname); file.open_read(); QByteArray ba(file.readAll()); _req = PEM_read_bio_X509_REQ(BioByteArray(ba).ro(), NULL, NULL, NULL); if (!_req) { pki_ign_openssl_error(); _req = d2i_X509_REQ_bio(BioByteArray(ba).ro(), NULL); } if (pki_ign_openssl_error() || !_req) { if (_req) X509_REQ_free(_req); throw errorEx(tr("Unable to load the certificate request in file %1. Tried PEM, DER and SPKAC format.").arg(fname)); } X509_REQ_free(request); request = _req; } void pki_x509req::d2i(QByteArray &ba) { X509_REQ *r= (X509_REQ*)d2i_bytearray(D2I_VOID(d2i_X509_REQ), ba); if (r) { X509_REQ_free(request); request = r; } } QByteArray pki_x509req::i2d() const { return i2d_bytearray(I2D_VOID(i2d_X509_REQ), request); } void pki_x509req::addAttribute(int nid, QString content) { if (content.isEmpty()) return; ASN1_STRING *a = QStringToAsn1(content, nid); X509_REQ_add1_attr_by_NID(request, nid, a->type, a->data, a->length); ASN1_STRING_free(a); openssl_error_msg(QString("'%1' (%2)").arg(content).arg(OBJ_nid2ln(nid))); } x509name pki_x509req::getSubject() const { x509name x(X509_REQ_get_subject_name(request)); pki_openssl_error(); return x; } int pki_x509req::sigAlg() const { return X509_REQ_get_signature_nid(request); } void pki_x509req::setSubject(const x509name &n) { X509_REQ_set_subject_name(request, n.get()); } void pki_x509req::writeDefault(const QString &dirname) const { XFile file(get_dump_filename(dirname, ".csr")); file.open_write(); writeReq(file, true); } void pki_x509req::writeReq(XFile &file, bool pem) const { BioByteArray b; if (!request) return; if (pem) { b += PEM_comment(); PEM_write_bio_X509_REQ(b, request); } else { i2d_X509_REQ_bio(b, request); } pki_openssl_error(); file.write(b); } bool pki_x509req::pem(BioByteArray &b) { return PEM_write_bio_X509_REQ(b, request); } bool pki_x509req::verify() const { EVP_PKEY *pkey = X509_REQ_get_pubkey(request); bool x = X509_REQ_verify(request,pkey) > 0; pki_ign_openssl_error(); EVP_PKEY_free(pkey); return x; } pki_key *pki_x509req::getPubKey() const { EVP_PKEY *pkey = X509_REQ_get_pubkey(request); pki_ign_openssl_error(); if (pkey == NULL) return NULL; pki_evp *key = new pki_evp(pkey); pki_openssl_error(); return key; } extList pki_x509req::getV3ext() const { extList el; STACK_OF(X509_EXTENSION) *sk; sk = X509_REQ_get_extensions(request); el.setStack(sk); sk_X509_EXTENSION_pop_free(sk, X509_EXTENSION_free); return el; } QString pki_x509req::getAttribute(int nid) const { int n; int count; QStringList ret; n = X509_REQ_get_attr_by_NID(request, nid, -1); if (n == -1) return QString(""); X509_ATTRIBUTE *att = X509_REQ_get_attr(request, n); if (!att) return QString(""); count = X509_ATTRIBUTE_count(att); for (int j = 0; j < count; j++) ret << asn1ToQString(X509_ATTRIBUTE_get0_type(att, j)-> value.asn1_string); return ret.join(", "); } int pki_x509req::issuedCerts() const { XSqlQuery q; int count = 0; if (x509count != -1) return x509count; pki_key *k = getPubKey(); if (!k) return 0; QList certs = Store.sqlSELECTpki( "SELECT item FROM x509super LEFT JOIN items ON items.id = x509super.item " "WHERE key_hash=? AND items.type=?", QList() << QVariant(pubHash()) << QVariant(x509)); foreach(pki_x509 *x, certs) { if (x->compareRefKey(k)) count++; qDebug() << "Req:" << getIntName() << "Cert with hash" << x->getIntName() << count; } delete k; x509count = count; return count; } void pki_x509req::collect_properties(QMap &prp) const { QString s = getAttribute(NID_pkcs9_unstructuredName); if (!s.isEmpty()) prp["Unstructured Name"] = s; s = getAttribute(NID_pkcs9_challengePassword); if (!s.isEmpty()) prp["Challenge Password"] = s; pki_x509super::collect_properties(prp); prp["Verify Ok"] = verify() ? "Yes" : "No"; } void pki_x509req::print(BioByteArray &bba, enum print_opt opt) const { pki_x509super::print(bba, opt); switch (opt) { case print_openssl_txt: X509_REQ_print(bba, request); break; case print_pem: PEM_write_bio_X509_REQ(bba, request); break; case print_coloured: break; } } QVariant pki_x509req::column_data(const dbheader *hd) const { switch (hd->id) { case HD_req_signed: return QVariant(done ? tr("Signed") : tr("Unhandled")); case HD_req_unstr_name: return getAttribute(NID_pkcs9_unstructuredName); case HD_req_chall_pass: return getAttribute(NID_pkcs9_challengePassword); case HD_req_certs: return QVariant(issuedCerts()); } return pki_x509super::column_data(hd); } QVariant pki_x509req::getIcon(const dbheader *hd) const { switch (hd->id) { case HD_internal_name: return QVariant(QPixmap(hasPrivKey() ? ":reqkeyIco" : ":reqIco")); case HD_req_signed: if (done) return QVariant(QPixmap(":doneIco")); break; default: return pki_x509super::getIcon(hd); } return QVariant(); } bool pki_x509req::visible() const { if (pki_x509super::visible()) return true; if (getAttribute(NID_pkcs9_unstructuredName).contains(limitPattern)) return true; if (getAttribute(NID_pkcs9_challengePassword).contains(limitPattern)) return true; return false; } xca-RELEASE.2.9.0/lib/pki_x509req.h000066400000000000000000000036661477156507700164110ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_X509REQ_H #define __PKI_X509REQ_H #include #include #include "pki_key.h" #include "pki_x509super.h" #include "x509v3ext.h" #include "x509name.h" #include "digest.h" #define VIEW_x509req_request 7 #define VIEW_x509req_signed 8 class pki_x509; class pki_x509req : public pki_x509super { Q_OBJECT mutable int x509count{}; protected: X509_REQ *request{}; bool done{ false }; int sigAlg() const; void collect_properties(QMap &prp) const; public: pki_x509req(const QString &name = QString()); pki_x509req(const pki_x509req *req); ~pki_x509req(); extList getV3ext() const; void fromPEM_BIO(BIO *bio, const QString &name); void fload(const QString &fname); void writeDefault(const QString &dirname) const; x509name getSubject() const; void writeReq(XFile &file, bool pem) const; void markSigned(bool signe); void print(BioByteArray &b, enum print_opt opt) const; X509_REQ *getReq() { return request; } void addAttribute(int nid, QString content); QString getAttribute(int nid) const; int issuedCerts() const; bool verify() const; pki_key *getPubKey() const; void createReq(pki_key *key, const x509name &dn, const digest &digest, extList el); void setSubject(const x509name &n); QVariant column_data(const dbheader *hd) const; QVariant getIcon(const dbheader *hd) const; void setDone(bool d = true) { done = d; } bool getDone() const { return done; } void resetX509count() const { x509count = -1; } virtual QString getMsg(msg_type msg, int n = 1) const; void d2i(QByteArray &ba); QByteArray i2d() const; bool pem(BioByteArray &); bool visible() const; QSqlError insertSqlData(); QSqlError deleteSqlData(); void restoreSql(const QSqlRecord &rec); }; Q_DECLARE_METATYPE(pki_x509req *); #endif xca-RELEASE.2.9.0/lib/pki_x509super.cpp000066400000000000000000000143431477156507700173050ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "func.h" #include "oid.h" #include "pki_x509super.h" #include "db_base.h" pki_x509super::pki_x509super(const QString &name) : pki_x509name(name) { } pki_x509super::pki_x509super(const pki_x509super *x) : pki_x509name(x) { keySqlId = x->keySqlId; } pki_x509super::~pki_x509super() { } QSqlError pki_x509super::lookupKey() { XSqlQuery q; unsigned hash = pubHash(); SQL_PREPARE(q, "SELECT item FROM public_keys WHERE hash=?"); q.bindValue(0, hash); q.exec(); if (q.lastError().isValid()) return q.lastError(); while (q.next()) { pki_key *x = Store.lookupPki(q.value(0)); if (!x) { qDebug("Public key with id %d not found", q.value(0).toInt()); continue; } x->resetUcount(); if (compareRefKey(x)) { setRefKey(x); break; } } return q.lastError(); } QSqlError pki_x509super::insertSqlData() { QSqlError e = lookupKey(); if (e.isValid()) return e; XSqlQuery q; SQL_PREPARE(q, "INSERT INTO x509super (item, subj_hash, pkey, key_hash) " "VALUES (?, ?, ?, ?)"); q.bindValue(0, sqlItemId); q.bindValue(1, getSubject().hashNum()); q.bindValue(2, keySqlId); q.bindValue(3, pubHash()); q.exec(); return q.lastError(); } void pki_x509super::restoreSql(const QSqlRecord &rec) { pki_base::restoreSql(rec); keySqlId = rec.value(VIEW_x509super_keyid).toULongLong(); } QSqlError pki_x509super::deleteSqlData() { XSqlQuery q; pki_key *privkey = getRefKey(); if (privkey) privkey->resetUcount(); SQL_PREPARE(q, "DELETE FROM x509super WHERE item=?"); q.bindValue(0, sqlItemId); q.exec(); return q.lastError(); } pki_key *pki_x509super::getRefKey() const { return Store.lookupPki(keySqlId); } unsigned pki_x509super::pubHash() const { unsigned hash = 0; pki_key *privkey = getRefKey(); if (privkey) { hash = privkey->hash(); } else { pki_key *x = getPubKey(); if (x) { hash = x->hash(); delete x; } } return hash; } bool pki_x509super::compareRefKey(pki_key *ref) const { bool x; if (ref == NULL) return false; pki_key *mk = getPubKey(); if (mk == NULL) return false; x = ref->compare(mk); delete mk; return x; } void pki_x509super::setRefKey(pki_key *ref) { keySqlId = ref ? ref->sqlItemId : QVariant(); } QString pki_x509super::getSigAlg() const { return QString(OBJ_nid2ln(sigAlg())); } const digest pki_x509super::getDigest() const { return digest(sigAlg()); } bool pki_x509super::hasPrivKey() const { pki_key *k = getRefKey(); return k && k->isPrivKey(); } QVariant pki_x509super::getIcon(const dbheader *hd) const { if (hd->id == HD_x509key_name) return hasPrivKey() ? QVariant(QPixmap(":doneIco")) : QVariant(); return pki_base::getIcon(hd); } QVariant pki_x509super::column_data(const dbheader *hd) const { if (hd->id == HD_x509key_name) { pki_key *privkey = getRefKey(); if (!privkey) return QVariant(""); return QVariant(privkey->getIntName()); } if (hd->id == HD_x509_sigalg) { return QVariant(getSigAlg()); } if (hd->type == dbheader::hd_key) { QVariant v; pki_key *key = getRefKey(), *tmpkey = NULL; if (!key) tmpkey = key = getPubKey(); if (key) v = key->column_data(hd); delete tmpkey; return v; } if (hd->type == dbheader::hd_v3ext || hd->type == dbheader::hd_v3ext_ns) { extList el = getV3ext(); int idx = el.idxByNid(hd->id); if (idx == -1) return QVariant(""); return QVariant(el[idx].getConsoleValue("")); } return pki_x509name::column_data(hd); } static QString oid_sect() { QString ret; int i, max = OBJ_new_nid(0); for (i=first_additional_oid; i < max; i++) { const char *sn = OBJ_nid2sn(i); if (!sn) break; ret += QString("%1 = %2\n"). arg(OBJ_nid2sn(i)). arg(OBJ_obj2QString(OBJ_nid2obj(i), 1)); } if (!ret.isEmpty()) { ret = QString("oid_section = xca_oids\n\n" "[ xca_oids ]\n") + ret + "\n"; } return ret; } void pki_x509super::opensslConf(XFile &file) { QString extensions; extList el = getV3ext(); x509name n = getSubject(); el.genGenericConf(&extensions); QString name = n.taggedValues(); QString final = oid_sect(); final += QString("[ req ]\n" "default_bits = 1024\n" "default_keyfile = privkey.pem\n" "distinguished_name = xca_dn\n" "x509_extensions = xca_extensions\n" "req_extensions = xca_extensions\n" "string_mask = MASK:0x%3\n" "utf8 = yes\n" "prompt = no\n\n" "[ xca_dn ]\n" "%1\n" "[ xca_extensions ]\n" "%2").arg(name).arg(extensions). arg(ASN1_STRING_get_default_mask(), 0, 16); file.write(final.toUtf8()); } bool pki_x509super::visible() const { if (pki_x509name::visible()) return true; if (getSigAlg().contains(limitPattern)) return true; return getV3ext().search(limitPattern); } void pki_x509super::collect_properties(QMap &prp) const { pki_key *key = getPubKey(); if (key) key->collect_properties(prp); delete key; prp["Signature"] = getSigAlg(); prp["Extensions"] = getV3ext().getConsole(" "); pki_x509name::collect_properties(prp); } // Start class pki_x509name pki_x509name::pki_x509name(const QString &name) : pki_base(name) { } pki_x509name::pki_x509name(const pki_x509name *n) : pki_base(n) { } void pki_x509name::autoIntName(const QString &file) { QString name = getSubject().getMostPopular(); pki_base::autoIntName(file); if (!name.isEmpty()) setIntName(name); if (getIntName().isEmpty()) setIntName("Pasted"); } QVariant pki_x509name::column_data(const dbheader *hd) const { switch (hd->id) { case HD_subject_name: return QVariant(getSubject().oneLine( XN_FLAG_ONELINE & ~ASN1_STRFLGS_ESC_MSB)); case HD_subject_hash: return QVariant(getSubject().hash()); default: if (hd->type == dbheader::hd_x509name) return QVariant(getSubject().getEntryByNid(hd->id)); } return pki_base::column_data(hd); } bool pki_x509name::visible() const { if (pki_base::visible()) return true; return getSubject().search(limitPattern); } QByteArray pki_x509name::PEM_comment() const { if (!pem_comment) return QByteArray(); return pki_base::PEM_comment() + getSubject().oneLine(XN_FLAG_RFC2253).toUtf8() + "\n"; } void pki_x509name::collect_properties(QMap &prp) const { prp["Subject"] = getSubject().oneLine(XN_FLAG_RFC2253); pki_base::collect_properties(prp); } xca-RELEASE.2.9.0/lib/pki_x509super.h000066400000000000000000000033141477156507700167460ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKI_X509SUPER_H #define __PKI_X509SUPER_H #include #include #include "pki_key.h" #include "x509name.h" #include "x509v3ext.h" #include "digest.h" #define VIEW_x509super_keyid 6 class pki_x509name : public pki_base { protected: QByteArray PEM_comment() const; public: pki_x509name(const QString &name = QString()); pki_x509name(const pki_x509name *n); virtual x509name getSubject() const = 0; void autoIntName(const QString &file); QVariant column_data(const dbheader *hd) const; bool visible() const; void collect_properties(QMap &prp) const; }; class pki_x509super : public pki_x509name { Q_OBJECT protected: QVariant keySqlId{}; virtual int sigAlg() const = 0; void collect_properties(QMap &prp) const; public: pki_x509super(const QString &name = QString()); pki_x509super(const pki_x509super *x); virtual ~pki_x509super(); unsigned pubHash() const; virtual pki_key *getPubKey() const = 0; virtual extList getV3ext() const = 0; virtual QString getSigAlg() const; virtual const digest getDigest() const; QVariant getKeySqlId() { return keySqlId; } pki_key *getRefKey() const; bool compareRefKey(pki_key* ref) const; void setRefKey(pki_key *ref); void delRefKey(pki_key *ref); QVariant column_data(const dbheader *hd) const; void opensslConf(XFile &file); bool visible() const; bool hasPrivKey() const; QVariant getIcon(const dbheader *hd) const; QSqlError lookupKey(); QSqlError insertSqlData(); QSqlError deleteSqlData(); void restoreSql(const QSqlRecord &rec); }; #endif xca-RELEASE.2.9.0/lib/settings.cpp000066400000000000000000000077741477156507700165300ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2018 Christian Hohnstaedt. * * All rights reserved. */ #include "settings.h" #include "func.h" #include "sql.h" #include "pki_key.h" #include "digest.h" #include "pki_pkcs12.h" #include "pki_export.h" #include #include #include settings Settings; svalue::svalue(settings *s, const QString &k) : setting(s), key(k) { } QString svalue::get() const { return setting ? setting->get(key) : QString(); } void svalue::set(const QString &val) { if (setting) setting->set(key, val); } settings::settings() { hostspecific = QStringList({ "pkcs11path", "workingdir", "mw_geometry" }); } const QMap settings::defaults() const { return QMap { { "mandatory_dn", "" }, { "explicit_dn", "C,ST,L,O,OU,CN,emailAddress" }, { "string_opt", "MASK:0x2002" }, { "workingdir", getHomeDir() + "/" }, { "default_hash", digest::getDefault().name() }, { "pkcs12_enc_algo", encAlgo::getDefault().name() }, { "ical_expiry", "1W" }, { "cert_expiry", "80%" }, { "serial_len", "64" }, { "fp_separator", ":" }, { "fp_digits", "2" }, { "hide_unusable", "no" }, { "KeyFormat", QString::number(DEFAULT_KEY_CLIPBOARD_TYPE) }, { "CertFormat", QString::number(DEFAULT_CERT_CLIPBOARD_TYPE) }, }; } void settings::clear() { loaded = false; values.clear(); db_keys.clear(); const QMap def = defaults(); for(QString key : def.keys()) setAction(key, def[key]); } void settings::setAction(const QString &key, const QString &value) { if (key == "string_opt") ASN1_STRING_set_default_mask_asc((char*)CCHAR(value)); else if (key == "default_hash") digest::setDefault(value); else if (key == "pkcs12_enc_algo") encAlgo::setDefault(value); else if (key == "defaultkey") keyjob::defaultjob = keyjob(value); else if (key == "optionflags") { XSqlQuery q; Transaction; if (!TransBegin()) return; SQL_PREPARE(q, "DELETE FROM settings where key_='optionflags'"); q.exec(); foreach(QString flag, value.split(",")) { if (flag == "dont_colorize_expiries") flag = "no_expire_colors"; setAction(flag, "yes"); } TransCommit(); return; } values[key] = value; } QString settings::defaults(const QString &key) { return defaults()[key]; } void settings::load_settings() { if (loaded || !QSqlDatabase::database().isOpen()) return; XSqlQuery q("SELECT key_, value FROM settings"); while (q.next()) { QString key = q.value(0).toString().simplified(); QString value = q.value(1).toString(); QStringList l = key.split(":"); if (l.size() == 2 && l[1] != hostId()) continue; // Skip key with non-matching host ID if (l[0] == "workingdir") { if (!QDir(value).exists()) continue; // Skip non-existing working-dir if (!value.isEmpty() && !value.endsWith("/")) value += "/"; if (value.isEmpty()) value = getHomeDir() + "/"; } db_keys << key; // Key with host ID setAction(l[0], value); // Key without host ID } loaded = true; } QString settings::get(QString key) { load_settings(); if (key == "schema" && QSqlDatabase::database().isOpen()) { XSqlQuery q("SELECT value FROM settings WHERE key_='schema'"); if (q.first()) setAction("schema", q.value(0).toString()); } return values.contains(key) ? values[key] : QString(); } void settings::set(QString key, QString value) { XSqlQuery q; load_settings(); QString origkey = key; if (key == "workingdir") { if (!QDir(value).exists()) return; value = relativePath(value); if (!value.isEmpty() && !value.endsWith("/")) value += "/"; } if (hostspecific.contains(key)) key += QString(":%1").arg(hostId()); if (db_keys.contains(key) && values[origkey] == value) return; Transaction; if (!TransBegin()) return; if (db_keys.contains(key)) { SQL_PREPARE(q, "UPDATE settings SET value=? WHERE key_=?"); } else { SQL_PREPARE(q, "INSERT INTO settings (value, key_) VALUES (?,?)"); db_keys << key; } q.bindValue(0, value); q.bindValue(1, key); q.exec(); setAction(origkey, value); TransCommit(); } xca-RELEASE.2.9.0/lib/settings.h000066400000000000000000000035671477156507700161710ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2018 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __SETTINGS_H #define __SETTINGS_H #include #include #include #include class settings; class svalue { private: settings *setting{}; QString key{}; QString get() const; void set(const QString &val); public: svalue(settings *s, const QString &k); QStringList split(QString sep) { return get().split(sep); } bool empty() { return get().isEmpty(); } const QString &operator = (const QString &val) { set(val); return val; } int operator = (int val) { set(QString("%1").arg(val)); return val; } unsigned operator = (unsigned val) { set(QString("%1").arg(val)); return val; } bool operator = (bool val) { set(QString(val ? "yes" : "no")); return val; } enum Qt::CheckState operator = (enum Qt::CheckState val) { set(QString(val == Qt::Checked ? "yes" : "no")); return val; } operator QString() { return get(); } operator int() { return get().toInt(); } operator unsigned() { return get().toUInt(); } operator bool() { return get() == "yes"; } operator enum Qt::CheckState() { return get() == "yes" ? Qt::Checked : Qt::Unchecked; } QString operator +(const QString &other) { return get() + other; } QString operator +(const char *other) { return get() + other; } }; class settings { friend class svalue; private: bool loaded{}; QStringList db_keys{}, hostspecific{}; QMap values{}; void load_settings(); QString get(QString key); void set(QString key, QString value); void setAction(const QString &key, const QString &value); const QMap defaults() const; public: settings(); void clear(); QString defaults(const QString &key); svalue operator[] (QString x) { return svalue(this, x); } }; extern settings Settings; #endif xca-RELEASE.2.9.0/lib/sql.cpp000066400000000000000000000113721477156507700154540ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2017 Christian Hohnstaedt. * * All rights reserved. */ #include #include #include #include "base.h" #include "sql.h" #include "settings.h" #include "XcaWarningCore.h" int DbTransaction::mutex; int DbTransaction::error; bool DbTransaction::hasTransaction; QList DbTransaction::items; quint64 DbTransaction::DatabaseStamp; void DbTransaction::debug(const char *func, const char *file, int line) { qDebug() << QString("%1(%2) Transaction: %3 Level %4, E:%5 ") .arg(file + QString(file).lastIndexOf("/") +1) .arg(line).arg(func).arg(mutex).arg(error); } DbTransaction::~DbTransaction() { if (has_begun) rollback("Destructor", 0); } bool DbTransaction::begin(const char *file, int line) { mutex++; has_begun = true; debug("Begin", file, line); if (mutex > 1 || !hasTransaction) return true; QSqlDatabase db = QSqlDatabase::database(); bool ret = db.transaction(); if (!ret) XCA_SQLERROR(db.lastError()); return ret; } bool DbTransaction::finish(const char *oper, const char *file, int line) { if (!has_begun) return true; if (mutex > 0) mutex--; else qCritical() << "Unbalanced DB Transaction in " << oper; debug(oper, file, line); has_begun = false; if (mutex > 0) return true; QSqlDatabase db = QSqlDatabase::database(); if (error) { error = 0; items.clear(); return hasTransaction ? db.rollback() : true; } mutex++; XSqlQuery q; SQL_PREPARE(q, "SELECT MAX(stamp) +1 from items"); q.exec(); if (q.first()) DatabaseStamp = q.value(0).toULongLong(); SQL_PREPARE(q, "UPDATE items SET stamp=? WHERE stamp=0"); q.bindValue(0, DatabaseStamp); q.exec(); SQL_PREPARE(q, "UPDATE items SET stamp=? WHERE id=?"); q.bindValue(0, DatabaseStamp); foreach(quint64 id, DbTransaction::items) { q.bindValue(1, id); q.exec(); } mutex--; items.clear(); bool ret = hasTransaction ? db.commit() : true; if (!ret) XCA_SQLERROR(db.lastError()); return ret; } bool DbTransaction::commit(const char *file, int line) { return finish("Commit", file, line); } bool DbTransaction::rollback(const char *file, int line) { error++; return finish("Rollback", file, line); } bool DbTransaction::done(QSqlError e, const char *file, int line) { return e.isValid() ? rollback(file, line) : commit(file, line); } QString XSqlQuery::table_prefix; int XSqlQuery::schemaVersion() { qDebug() << "table_prefix:" << table_prefix;; return QSqlDatabase::database().tables() .contains(table_prefix + "settings") ? Settings["schema"] : 0; } QString XSqlQuery::rewriteQuery(QString _q) { static const QStringList tables { "items" , "crls" , "private_keys" , "public_keys" , "tokens" , "token_mechanism" , "templates" , "certs" , "authority" , "revocations" , "requests" , "x509super" , "settings" , "takeys", "view_public_keys" , "view_certs" , "view_requests" , "view_crls" , "view_templates" , "view_private", }; lastq = query = _q; if (table_prefix.isEmpty()) return query; QString m = tables.join("|") + "|i_" + tables.join("|i_"); m = QString("\\b(%1)").arg(m); query = query.replace(QRegularExpression(m), table_prefix + "\\1"); return query; } QString XSqlQuery::query_details() { QString lq = lastq; #if (QT_VERSION >= QT_VERSION_CHECK(6, 0, 0)) QVariantList list = boundValues(); #else QVariantList list = boundValues().values(); #endif QStringList sl; if (query != lastq) { lq = QString("%1 (PREFIX[%2]: %3)").arg(lastq) .arg(table_prefix).arg(query); } for (int i = 0; i < list.size(); ++i) sl << list.at(i).toString(); if (sl.size()) lq += QString("[%1]").arg(sl.join(", ")); return QString("%1:%2 (%3)").arg(file).arg(line).arg(lq); } QSqlError XSqlQuery::lastError() { QSqlError e = QSqlQuery::lastError(); if (!e.isValid()) return e; return QSqlError(QString("%1 - %2").arg(e.driverText()) .arg(query_details()), e.databaseText(), e.type(), e.nativeErrorCode() ); } XSqlQuery::XSqlQuery() : QSqlQuery() { } XSqlQuery::XSqlQuery(QString q) : QSqlQuery() { exec(q); } bool XSqlQuery::exec(QString q) { q = rewriteQuery(q); file = ""; line = 0; return QSqlQuery::exec(q); } bool XSqlQuery::exec() { QString res; setForwardOnly(true); bool r = QSqlQuery::exec(); if (isSelect()) { res = QString("Rows selected: %1").arg(size()); } else { res = QString("Rows affected: %1").arg(numRowsAffected()); if (!DbTransaction::active()) { qCritical("########## MISSING Transaction in %s(%d)", file, line); } } qDebug() << QString("QUERY: %1 - %2").arg(query_details()).arg(res); return r; } bool XSqlQuery::prepare(QString q) { q = rewriteQuery(q); setForwardOnly(true); return QSqlQuery::prepare(q); } void XSqlQuery::location(const char *f, int l) { file = f + QString(f).lastIndexOf("/") +1; line = l; } xca-RELEASE.2.9.0/lib/sql.h000066400000000000000000000037741477156507700151300ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2017 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __SQL_H #define __SQL_H #include #include #define SQL_PREPARE(q,cmd) do { \ (q).prepare(cmd); \ (q).location(__FILE__,__LINE__); \ } while (0) class DbTransaction { private: static int mutex; static int error; static QList items; static bool hasTransaction; bool has_begun{}; void debug(const char *func, const char *file, int line); bool finish(const char *oper, const char *file, int line); public: DbTransaction() { }; ~DbTransaction(); bool begin(const char *file, int line); bool commit(const char *file, int line); bool rollback(const char *file, int line); bool done(QSqlError e, const char *file, int line); static quint64 DatabaseStamp; static bool active() { return mutex > 0; } static void addItems(QVariant v) { items << v.toULongLong(); } static void setHasTransaction(bool trans) { hasTransaction = trans; } }; #define Transaction DbTransaction __trans #define TransBegin() __trans.begin(__FILE__, __LINE__) #define TransThrow() if (!__trans.begin(__FILE__, __LINE__)) { \ throw errorEx(QObject::tr("Failed to start a database transaction")); } #define TransCommit() __trans.commit(__FILE__, __LINE__) #define TransRollback() __trans.rollback(__FILE__, __LINE__) #define TransDone(e) __trans.done(e, __FILE__, __LINE__); #define AffectedItems(v) (DbTransaction::addItems(v)) class XSqlQuery: public QSqlQuery { private: QString lastq, query; const char *file; int line; QString rewriteQuery(QString query); static QString table_prefix; public: XSqlQuery(); XSqlQuery(QString q); static int schemaVersion(); static void setTablePrefix(QString p) { table_prefix = p; } static void clearTablePrefix() { table_prefix.clear(); } QString query_details(); QSqlError lastError(); bool exec(QString q); bool exec(); bool prepare(QString q); void location(const char *f, int l); }; #endif xca-RELEASE.2.9.0/lib/test_asn1int.cpp000066400000000000000000000030031477156507700172610ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2023 Christian Hohnstaedt. * * All rights reserved. */ #include #include #include "asn1int.h" #include class test_asn1int: public QObject { Q_OBJECT private slots: void constructors(); void setter(); void ops(); void der(); void get(); }; void test_asn1int::constructors() { a1int a(123456), b(QString("0472ae4F")); a1int c(a), d(b.get0()); QCOMPARE(a.toHex(), "01E240"); QCOMPARE(a.toDec(), "123456"); QCOMPARE(b.toHex(), "0472AE4F"); QCOMPARE(c, a); QCOMPARE(d, b); } void test_asn1int::setter() { unsigned char raw[] = { 7, 0x81, 0xea, 0x11, 0xf }; a1int a(123456), b; b.set(a.get0()); QCOMPARE(b, a); b.setHex("ABcd"); QCOMPARE(b.toHex(), "ABCD"); b.setRaw(raw, sizeof raw); QCOMPARE(b, a1int("0781EA110F")); } void test_asn1int::ops() { a1int f = 388; QCOMPARE(f.getLong(), 388); QCOMPARE(f++.getLong(), 388); QCOMPARE((++f).getLong(), 390); QCOMPARE(f.getLong(), 390); a1int s(f); QCOMPARE(s, f++); QCOMPARE(++s, f); QVERIFY(++s != f); QCOMPARE(s.getLong(), 392); QCOMPARE(f.getLong(), 391); QVERIFY(f < s); QVERIFY(s > f); QCOMPARE(QString(a1int(0x18929)), "018929"); } void test_asn1int::get() { a1int f(42); ASN1_INTEGER *g = f.get(); QVERIFY(g != f.get0()); QCOMPARE(f.get0(), f.get0()); ASN1_INTEGER_free(g); } void test_asn1int::der() { a1int f(12388); QByteArray b(f.i2d()); QCOMPARE(b.toHex(), "02023064"); QCOMPARE(f.derSize(), 4); } QTEST_MAIN(test_asn1int) #include "test_asn1int.moc" xca-RELEASE.2.9.0/lib/test_asn1time.cpp000066400000000000000000000026721477156507700174400ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2023 Christian Hohnstaedt. * * All rights reserved. */ #include #include #include #include "asn1time.h" #include #include class test_asn1time: public QObject { Q_OBJECT private slots: void construct_op(); void output(); }; void test_asn1time::construct_op() { a1time b, a("20191125153015Z"); QVERIFY(a.isValid()); QVERIFY(!a.isUndefined()); QVERIFY(b != a); QVERIFY(b > a); b = a; QCOMPARE(b , a); a1time c(a.get()); QCOMPARE(c , a); a1time d(a.get_utc()); QCOMPARE(d , a.toUTC()); } void test_asn1time::output() { QLocale::setDefault(QLocale::C); #if !defined(Q_OS_WIN32) setenv("TZ","UTC", 1); tzset(); #endif a1time a("20191125153015Z"); QCOMPARE(a.toString("yyyy MM"), "2019 11"); QCOMPARE(a.toSortable(), "2019-11-25"); QCOMPARE(a.toPlain(), "20191125153015Z"); QCOMPARE(a.toPlainUTC(), "191125153015Z"); #if !defined(Q_OS_WIN32) a.setTimeZone(QTimeZone("UTC")); #if (QT_VERSION >= QT_VERSION_CHECK(6, 7, 0)) #define UTC "GMT" #else #define UTC "UTC" #endif QCOMPARE(a.toPretty(), "Monday, 25 November 2019 15:30:15 " UTC); a.setTimeZone(QTimeZone("Europe/Berlin")); QCOMPARE(a.toPretty(), "Monday, 25 November 2019 14:30:15 " UTC); a.setTimeZone(QTimeZone("UTC+07:00")); QCOMPARE(a.toPretty(), "Monday, 25 November 2019 08:30:15 " UTC); #endif } QTEST_MAIN(test_asn1time) #include "test_asn1time.moc" xca-RELEASE.2.9.0/lib/test_biobytearray.cpp000066400000000000000000000043121477156507700204040ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2023 Christian Hohnstaedt. * * All rights reserved. */ #include #include "BioByteArray.h" #include class test_biobytearray: public QObject { Q_OBJECT private slots: void set(); void add(); void bio_ro(); void bio_wr(); void bio_BN(); void bio_base64UrlEncode(); }; void test_biobytearray::set() { BioByteArray ba("Hello"); QCOMPARE(ba.qstring(), QString("Hello")); QCOMPARE(ba.byteArray(), QByteArray("Hello")); ba = "Wärme"; QCOMPARE(ba.qstring(), QString("Wärme")); QCOMPARE(ba.byteArray(), QByteArray("Wärme")); } void test_biobytearray::add() { BioByteArray ba("Wärme"); ba += "Bad"; QCOMPARE(ba.qstring(), QString("WärmeBad")); QCOMPARE(ba.byteArray(), QByteArray("WärmeBad")); } void test_biobytearray::bio_ro() { char buf[256]; BioByteArray ba("Wärmetauscher"); int l = BIO_read(ba.ro(), buf, sizeof buf); QCOMPARE(l, 14); QCOMPARE(l, ba.size()); QCOMPARE(QByteArray(buf, l), ba.byteArray()); } void test_biobytearray::bio_wr() { BioByteArray ba("Suppe"); ba += "n"; BIO_puts(ba, "grün"); BIO_write(ba, "einlage", 7); QCOMPARE(ba.byteArray(), QByteArray("Suppengrüneinlage")); QCOMPARE(ba.size(), sizeof "Suppengrüneinlage" -1); } void test_biobytearray::bio_BN() { BIGNUM *bn = nullptr; BN_hex2bn(&bn, "1234567890abcdef"); BioByteArray ba(bn, 64); BioByteArray bb(bn, 80); QCOMPARE(ba.byteArray().size(), 8); QCOMPARE(ba.byteArray(), QByteArray::fromHex("1234567890abcdef")); QCOMPARE(bb.byteArray().size(), 10); QCOMPARE(bb.byteArray(), QByteArray::fromHex("00001234567890abcdef")); BN_hex2bn(&bn, "7FFFFFFF"); BioByteArray bc(bn); QCOMPARE(bc.byteArray().size(), 4); QCOMPARE(bc.byteArray(), QByteArray::fromHex("7fffffff")); BN_hex2bn(&bn, "80000000"); BioByteArray bd(bn); QCOMPARE(bd.byteArray().size(), 5); QCOMPARE(bd.byteArray(), QByteArray::fromHex("0080000000")); } void test_biobytearray::bio_base64UrlEncode() { BioByteArray ba("Suppe"); QCOMPARE(ba.base64UrlEncode(), QString("U3VwcGU")); BioByteArray bb(QByteArray::fromBase64("abc+def/ghijAA==")); QCOMPARE(bb.base64UrlEncode(), QString("abc-def_ghijAA")); } QTEST_MAIN(test_biobytearray) #include "test_biobytearray.moc" xca-RELEASE.2.9.0/lib/test_digest.cpp000066400000000000000000000014161477156507700171710ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2023 Christian Hohnstaedt. * * All rights reserved. */ #include #include #include "digest.h" #include class test_digest: public QObject { Q_OBJECT private slots: void default_digest(); void convert(); }; void test_digest::default_digest() { digest d(digest::getDefault()); QCOMPARE(d.name(), "SHA256"); digest::setDefault("md5"); QVERIFY(digest::getDefault().isInsecure()); } void test_digest::convert() { digest d(EVP_sha512()); digest e("sha512"); QCOMPARE(d.name(), "SHA512"); QCOMPARE(d.MD(), e.MD()); QVERIFY(!d.isInsecure()); d.adjust(QList({ NID_md5, NID_sha256, NID_sha384 })); QCOMPARE(d.name(), "SHA384"); } QTEST_MAIN(test_digest) #include "test_digest.moc" xca-RELEASE.2.9.0/lib/test_entropy.cpp000066400000000000000000000023701477156507700174120ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2023 Christian Hohnstaedt. * * All rights reserved. */ #include #include #include #include #include #include #include "entropy.h" QString getUserSettingsDir() { return QString("."); } void dbg(QtMsgType , const QMessageLogContext &, const QString &) { } class test_entropy: public QObject { Q_OBJECT Entropy *e{}; QString rnd{}; private slots: void initTestCase(); void cleanupTestCase(); void start(); void muchSalt(); }; void test_entropy::initTestCase() { rnd = getUserSettingsDir() + "/.rnd"; qInstallMessageHandler(dbg); e = new Entropy(); QCOMPARE(QFileInfo::exists(rnd), false); } void test_entropy::cleanupTestCase() { delete e; QVERIFY(QFileInfo::exists(rnd)); QFile::remove(rnd); qInstallMessageHandler(0); } void test_entropy::start() { e->add(17); QVERIFY(e->strength() > 0); e->add_buf((unsigned char*)"SomeText", 8); } void test_entropy::muchSalt() { QRegularExpression rx("^T[0-9a-z]{16}$"); QString s1, s2; for (int i=0; i<100; i++) { s1 = e->makeSalt(); QVERIFY(s1.contains(rx)); QCOMPARE(s1.size(), 17); QVERIFY(s1 != s2); s2 = s1; } } QTEST_MAIN(test_entropy) #include "test_entropy.moc" xca-RELEASE.2.9.0/lib/test_x509name.cpp000066400000000000000000000052271477156507700172640ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2023 Christian Hohnstaedt. * * All rights reserved. */ #include #include "x509name.h" class test_x509name: public QObject { Q_OBJECT x509name x; private slots: void init(); void construct(); void d2i2d(); void entries(); void entrystack(); }; void test_x509name::init() { // Reset "x" for each test run x = x509name(); x.addEntryByNid(NID_countryName, "DE"); x.addEntryByNid(NID_stateOrProvinceName, "Berlin"); } void test_x509name::construct() { x509name y; QCOMPARE(x.entryCount(), 2); QCOMPARE(y.entryCount(), 0); QVERIFY(x != y); } void test_x509name::d2i2d() { QByteArray b = x.i2d(); x509name y; y.d2i(b); QCOMPARE(x, y); } void test_x509name::entries() { QCOMPARE(x.oneLine(), "C = DE, ST = Berlin"); x.addEntryByNid(NID_organizationName, "Firma"); QCOMPARE(x.oneLine(), "C = DE, ST = Berlin, O = Firma"); x509name z(x); QCOMPARE(z.oneLine(XN_FLAG_RFC2253), "O=Firma,ST=Berlin,C=DE"); QCOMPARE(x.nid(0), NID_countryName); QCOMPARE(x.nid(1), NID_stateOrProvinceName); QCOMPARE(x.nid(2), NID_organizationName); QCOMPARE(x.entryList(1).join(":"), "ST:stateOrProvinceName:Berlin:UTF8STRING"); z = x509name(x.get0()); QCOMPARE(x.getEntryByNid(NID_countryName), "DE"); QCOMPARE(x.getEntryByNid(NID_organizationName), "Firma"); QCOMPARE(x.getMostPopular(), "Firma"); x.addEntryByNid(NID_commonName, "Ich Persönlich"); QCOMPARE(x.getMostPopular(), "Ich Persönlich"); QCOMPARE(x.getEntry(0), "DE"); QCOMPARE(x.getEntry(2), "Firma"); QCOMPARE(x.getEntry(3), "Ich Persönlich"); QCOMPARE(x.getEntryTag(0), "PRINTABLESTRING"); QCOMPARE(x.getEntryTag(2), "UTF8STRING"); QCOMPARE(x.getEntryTag(3), "UTF8STRING"); QCOMPARE(x.popEntryByNid(NID_stateOrProvinceName), "Berlin"); QCOMPARE(x.entryCount(), 3); QCOMPARE(x.oneLine(XN_FLAG_ONELINE & ~ASN1_STRFLGS_ESC_MSB), "C = DE, O = Firma, CN = Ich Persönlich"); } void test_x509name::entrystack() { x.addEntryByNid(NID_organizationName, "Firma"); x.addEntryByNid(NID_commonName, "Ich Persönlich"); STACK_OF(X509_NAME_ENTRY) *xname = sk_X509_NAME_ENTRY_new_null(); for (int i=0; i < x.entryCount(); i++) { QByteArray b = x.getEntry(i).toUtf8(); X509_NAME_ENTRY *ne = X509_NAME_ENTRY_create_by_NID(nullptr, x.nid(i), MBSTRING_UTF8, (const unsigned char*)b.constData(), b.size()); sk_X509_NAME_ENTRY_push(xname, ne); } x509name z(xname); QCOMPARE(z.oneLine(XN_FLAG_ONELINE & ~ASN1_STRFLGS_ESC_MSB), "C = DE, ST = Berlin, O = Firma, CN = Ich Persönlich"); QCOMPARE(x, z); sk_X509_NAME_ENTRY_pop_free(xname, X509_NAME_ENTRY_free); } QTEST_MAIN(test_x509name) #include "test_x509name.moc" xca-RELEASE.2.9.0/lib/version.cpp000066400000000000000000000011071477156507700163350ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2018 Christian Hohnstaedt. * * All rights reserved. * Compiles much faster than MW_help.cpp * and needs to get recompiled every time */ #include "local.h" #define VERSION XCA_VERSION #ifdef GIT_LOCAL_CHANGES #define COMMITHASH GIT_COMMIT_REV "+local-changes" #else #define COMMITHASH GIT_COMMIT_REV #endif const char *version_str(bool html) { if (!COMMITHASH[0]) return html ? "" VERSION "" : VERSION; return html ? "" VERSION "-dev
commit: " COMMITHASH "" : VERSION "-dev\ncommit: " COMMITHASH; } xca-RELEASE.2.9.0/lib/x509name.cpp000066400000000000000000000132161477156507700162220ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "x509name.h" #include "base.h" #include "func_base.h" #include "BioByteArray.h" #include #include #include "exception.h" static const QSharedPointer x509init(const X509_NAME *other) { X509_NAME *xname = other ? X509_NAME_dup((X509_NAME *)other) : X509_NAME_new(); Q_CHECK_PTR(xname); QSharedPointer r(xname, X509_NAME_free); openssl_error(); return r; } x509name::x509name() : xn(x509init(nullptr)) { } x509name::x509name(const X509_NAME *n) : xn(x509init(n)) { } x509name::x509name(STACK_OF(X509_NAME_ENTRY) *entries) : xn(x509init(nullptr)) { set(entries); } x509name::x509name(const x509name &n) : xn(x509init(n.get0())) { } x509name &x509name::set(const X509_NAME *n) { xn = x509init(n); return *this; } x509name &x509name::set(const STACK_OF(X509_NAME_ENTRY) *entries) { xn = x509init(nullptr); if (entries) { int count = sk_X509_NAME_ENTRY_num(entries); for (int i = 0; i < count; i++) { X509_NAME_ENTRY *entry = sk_X509_NAME_ENTRY_value(entries, i); X509_NAME_add_entry(xn.data(), entry, -1, 0); } } return *this; } QString x509name::oneLine(unsigned long flags) const { BioByteArray bba; X509_NAME_print_ex(bba, get0(), 0, flags); return bba.qstring(); } QString x509name::getEntryByNid(int nid) const { int i = X509_NAME_get_index_by_NID(_get(), nid, -1); return i < 0 ? QString() : getEntry(i); } QString x509name::getMostPopular() const { static const int nids[] = { NID_commonName, NID_pkcs9_emailAddress, NID_organizationalUnitName, NID_organizationName }; int pos = -1; for (unsigned i = 0; i < ARRAY_SIZE(nids) && pos < 0; i++) { pos = X509_NAME_get_index_by_NID(xn.data(), nids[i], -1); } if (pos < 0) pos = 0; return getEntry(pos); } QString x509name::getEntry(int i) const { QString ret; ASN1_STRING *d; if ( i<0 || i>entryCount() ) return ret; d = X509_NAME_ENTRY_get_data(X509_NAME_get_entry(get0(), i)); return asn1ToQString(d); } QString x509name::getEntryTag(int i) const { QString s = QObject::tr("Invalid"); ASN1_STRING *d; if (i<0 || i>=entryCount()) i = entryCount() - 1; d = X509_NAME_ENTRY_get_data(X509_NAME_get_entry(get0(),i)); if (!d) return s; s = ASN1_tag2str(d->type); return s; } QString x509name::popEntryByNid(int nid) { int i = X509_NAME_get_index_by_NID(_get(), nid, -1); if (i < 0) return QString(); QString n = getEntry(i); X509_NAME_ENTRY *del = X509_NAME_delete_entry(xn.data(), i); if (del) X509_NAME_ENTRY_free(del); return n; } QString x509name::hash() const { return QString("%1").arg(X509_NAME_hash(_get()), 8, 16, QChar('0')); } /* 32 bit signed integer */ unsigned x509name::hashNum() const { return X509_NAME_hash(_get()) & 0x7fffffffL; } QStringList x509name::entryList(int i) const { QStringList sl; int n = nid(i); if (n == NID_undef) { QString oid = getOid(i); sl << oid << oid; } else { sl << OBJ_nid2sn(n) << OBJ_nid2ln(n); } sl << getEntry(i) << getEntryTag(i); return sl; } int x509name::nid(int i) const { X509_NAME_ENTRY *ne = X509_NAME_get_entry(get0(), i); return ne ? OBJ_obj2nid(X509_NAME_ENTRY_get_object(ne)) : NID_undef; } QString x509name::getOid(int i) const { X509_NAME_ENTRY *ne = X509_NAME_get_entry(_get(), i); return ne ? OBJ_obj2QString(X509_NAME_ENTRY_get_object(ne), 1) : QString(); } void x509name::d2i(QByteArray &ba) { X509_NAME *n = (X509_NAME*)d2i_bytearray(D2I_VOID(d2i_X509_NAME), ba); xn = x509init(n); X509_NAME_free(n); } QByteArray x509name::i2d() const { return i2d_bytearray(I2D_VOID(i2d_X509_NAME), get0()); } bool x509name::operator == (const x509name &x) const { return X509_NAME_cmp(get0(), x.get0()) == 0; } bool x509name::operator != (const x509name &x) const { return X509_NAME_cmp(get0(), x.get0()) != 0; } x509name &x509name::operator = (const x509name &x) { set(x.get0()); return *this; } int x509name::entryCount() const { return X509_NAME_entry_count(get0()); } int x509name::getNidByName(const QString &nid_name) { return OBJ_txt2nid(nid_name.toLatin1()); } QString x509name::checkLength() const { ASN1_STRING_TABLE *tab; int i, max = entryCount(); QString warn; for (i=0; iminsize > entry.size()) { warn += QObject::tr("%1 is shorter than %2 bytes: '%3'"). arg(OBJ_nid2ln(n)).arg(tab->maxsize).arg(entry); warn += "\n"; } if ((tab->maxsize != -1) && (tab->maxsize < entry.size())) { warn += QObject::tr("%1 is longer than %2 bytes: '%3'"). arg(OBJ_nid2ln(n)).arg(tab->maxsize).arg(entry); warn += "\n"; } } return warn; } bool x509name::search(const QRegularExpression &pattern) const { int i, max = entryCount(); for (i=0; itype, a->data, a->length, -1, 0); ASN1_STRING_free(a); openssl_error_msg(QString("'%1' (%2)").arg(entry).arg(OBJ_nid2ln(nid))); } X509_NAME *x509name::get() const { return X509_NAME_dup(_get()); } const X509_NAME *x509name::get0() const { return xn.data(); } X509_NAME *x509name::_get() const { return xn.data(); } xca-RELEASE.2.9.0/lib/x509name.h000066400000000000000000000027221477156507700156670ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __X509NAME_H #define __X509NAME_H #include #include #include #include #include class x509name { private: QSharedPointer xn{}; X509_NAME *_get() const; public: x509name(); x509name(const X509_NAME *n); x509name(const x509name &n); x509name(STACK_OF(X509_NAME_ENTRY) *entries); x509name &set(const X509_NAME *n); x509name &set(const STACK_OF(X509_NAME_ENTRY) *entries); QString oneLine(unsigned long flags = XN_FLAG_ONELINE) const; int nid(int i) const; QString getOid(int i) const; QByteArray i2d() const; void d2i(QByteArray &ba); QStringList entryList(int i) const; QString getEntryByNid(int nid) const; QString getEntry(int i) const; QString getEntryTag(int i) const; int entryCount() const; x509name &operator = (const x509name &x); bool operator == (const x509name &x) const; bool operator != (const x509name &x) const; static int getNidByName(const QString &nid_name); void addEntryByNid(int nid, const QString &entry); QString checkLength() const; QString popEntryByNid(int nid); X509_NAME *get() const; const X509_NAME *get0() const; QString getMostPopular() const; QString taggedValues() const; QString hash() const; unsigned hashNum() const; bool search(const QRegularExpression &pattern) const; }; #endif xca-RELEASE.2.9.0/lib/x509rev.cpp000066400000000000000000000145371477156507700161050ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2012 Christian Hohnstaedt. * * All rights reserved. */ #include "x509rev.h" #include "pki_base.h" #include "func.h" #include "exception.h" #include #include #include #include #define CRL_REASON_UNSPECIFIED 0 #define CRL_REASON_KEY_COMPROMISE 1 #define CRL_REASON_CA_COMPROMISE 2 #define CRL_REASON_AFFILIATION_CHANGED 3 #define CRL_REASON_SUPERSEDED 4 #define CRL_REASON_CESSATION_OF_OPERATION 5 #define CRL_REASON_CERTIFICATE_HOLD 6 #define CRL_REASON_REMOVE_FROM_CRL 8 #define CRL_REASON_PRIVILEGE_WITHDRAWN 9 #define CRL_REASON_AA_COMPROMISE 10 static ENUMERATED_NAMES crl_reasons[] = { {CRL_REASON_UNSPECIFIED, "Unspecified", "unspecified"}, {CRL_REASON_KEY_COMPROMISE, "Key Compromise", "keyCompromise"}, {CRL_REASON_CA_COMPROMISE, "CA Compromise", "CACompromise"}, {CRL_REASON_AFFILIATION_CHANGED, "Affiliation Changed", "affiliationChanged"}, {CRL_REASON_SUPERSEDED, "Superseded", "superseded"}, {CRL_REASON_CESSATION_OF_OPERATION, "Cessation Of Operation", "cessationOfOperation"}, {CRL_REASON_CERTIFICATE_HOLD, "Certificate Hold", "certificateHold"}, {CRL_REASON_REMOVE_FROM_CRL, "Remove From CRL", "removeFromCRL"}, {CRL_REASON_PRIVILEGE_WITHDRAWN, "Privilege Withdrawn", "privilegeWithdrawn"}, {CRL_REASON_AA_COMPROMISE, "AA Compromise", "AACompromise"}, {-1, NULL, NULL} }; QStringList x509rev::crlreasons() { QStringList l; for (int i=0; crl_reasons[i].lname; i++) l << crl_reasons[i].lname; return l; } QString x509rev::getReason() const { return crl_reasons[reason_idx].lname; } static int reasonBit2Idx(int bit) { for (int i=0; crl_reasons[i].lname; i++) { if (bit == crl_reasons[i].bitnum) { return i; } } return 0; } void x509rev::fromREVOKED(const X509_REVOKED *rev) { ASN1_ENUMERATED *reason; ASN1_TIME *at; int j = -1, r; if (!rev) return; serial = a1int(X509_REVOKED_get0_serialNumber(rev)); date = a1time(X509_REVOKED_get0_revocationDate(rev)); reason = (ASN1_ENUMERATED *)X509_REVOKED_get_ext_d2i( (X509_REVOKED *)rev, NID_crl_reason, &j, NULL); openssl_error(); reason_idx = 0; if (reason) { r = ASN1_ENUMERATED_get(reason); openssl_error(); reason_idx = reasonBit2Idx(r); ASN1_ENUMERATED_free(reason); } ivalDate.setUndefined(); at = (ASN1_TIME *)X509_REVOKED_get_ext_d2i((X509_REVOKED *)rev, NID_invalidity_date, &j, NULL); openssl_error(); if (at) { ivalDate = a1time(at); ASN1_GENERALIZEDTIME_free(at); } qDebug() << *this; } X509_REVOKED *x509rev::toREVOKED(bool withReason) const { X509_REVOKED *rev = X509_REVOKED_new(); Q_CHECK_PTR(rev); X509_REVOKED_set_serialNumber(rev, serial.get()); X509_REVOKED_set_revocationDate(rev, (ASN1_TIME*)date.get_utc()); X509_REVOKED_add1_ext_i2d(rev, NID_invalidity_date, (ASN1_TIME*)ivalDate.get(), 0, 0); /* RFC says to not add the extension if it is "unspecified" */ if (reason_idx != 0 && withReason) { ASN1_ENUMERATED *a = ASN1_ENUMERATED_new(); ASN1_ENUMERATED_set(a, crl_reasons[reason_idx].bitnum); X509_REVOKED_add1_ext_i2d(rev, NID_crl_reason, a, 0, 0); ASN1_ENUMERATED_free(a); } openssl_error(); qDebug() << *this; return rev; } void x509rev::d2i(QByteArray &ba) { X509_REVOKED *r; r = (X509_REVOKED *)d2i_bytearray(D2I_VOID(d2i_X509_REVOKED), ba); if (!r) return; fromREVOKED(r); X509_REVOKED_free(r); } QByteArray x509rev::i2d() const { QByteArray ba; X509_REVOKED *r = toREVOKED(); ba = i2d_bytearray(I2D_VOID(i2d_X509_REVOKED), r); X509_REVOKED_free(r); return ba; } void x509rev::set(const x509rev &x) { serial = x.serial; date = x.date; ivalDate = x.ivalDate; reason_idx = x.reason_idx; crlNo = x.crlNo; } bool x509rev::identical(const x509rev &x) const { return serial == x.serial && date == x.date && ivalDate == x.ivalDate && reason_idx == x.reason_idx; } x509rev::operator QString() const { return QString("Rev: %1 D:%2 I:%3 Reason: %4 '%5'\n") .arg(serial.toHex(), date.toSortable(), ivalDate.toSortable()) .arg(reason_idx).arg(crl_reasons[reason_idx].lname); } x509rev::x509rev(QSqlRecord rec, int offset) { serial.setHex(rec.value(offset).toString()); date.fromPlain(rec.value(offset +1).toString()); ivalDate.fromPlain(rec.value(offset +2).toString()); crlNo = rec.value(offset +3).toInt(); reason_idx = reasonBit2Idx(rec.value(offset +4).toInt()); qDebug() << *this; } void x509rev::executeQuery(XSqlQuery &q) { // 0 is the caId q.bindValue(1, serial.toHex()); q.bindValue(2, date.toPlain()); q.bindValue(3, ivalDate.toPlain()); q.bindValue(4, crlNo ? QVariant(crlNo) : QVariant()); q.bindValue(5, crl_reasons[reason_idx].bitnum); q.exec(); } void x509revList::merge(const x509revList &other) { foreach(x509rev r, other) { if (r.isValid() && !contains(r)) { merged = true; append(r); } } } bool x509revList::identical(const x509revList &other) const { if (size() != other.size()) return false; for (int i=0; i #include #include #include #include #include "asn1time.h" #include "asn1int.h" #include "pki_base.h" class x509rev { private: a1int serial{}; a1time date{}, ivalDate{}; int reason_idx{}, crlNo{}; void set(const x509rev &x); X509_REVOKED *toREVOKED(bool withReason=true) const; void fromREVOKED(const X509_REVOKED *rev); public: operator QString() const; static QStringList crlreasons(); void d2i(QByteArray &ba); QByteArray i2d() const; QString getReason() const; bool identical(const x509rev &x) const; x509rev() { date.setUndefined(); } x509rev(X509_REVOKED *n) { fromREVOKED(n); } x509rev(const x509rev &n) { set(n); } x509rev(QSqlRecord rec, int offset = 0); void executeQuery(XSqlQuery &q); bool isValid() const { return serial != a1int(0L) && !date.isUndefined(); } x509rev &set(const X509_REVOKED *r) { fromREVOKED(r); return *this; } bool operator == (const x509rev &x) const { return serial == x.serial; } x509rev &operator = (const x509rev &x) { set(x); return *this; } void setSerial(const a1int &i) { serial = i; } void setDate(const a1time &t) { date = t; } void setInvalDate(const a1time &t) { ivalDate = t; } void setReason(const QString &reason) { reason_idx = crlreasons().indexOf(reason); } void setCrlNo(int n) { crlNo = n; } a1int getSerial() const { return serial; } a1time getDate() const { return date; } a1time getInvalDate() const { return ivalDate; } int getCrlNo() const { return crlNo; } X509_REVOKED *get(bool withReason=true) const { return toREVOKED(withReason); } }; class x509revList : public QList { public: static x509revList fromSql(QVariant caId); bool merged; void merge(const x509revList &other); bool identical(const x509revList &other) const; x509revList() : QList() { merged = false; } x509revList(const x509revList &r) : QList(r) { merged = r.merged; } x509revList(const x509rev &r) : QList() { if (r.isValid()) { merged = false; append(r); } } x509revList &operator = (const x509revList &r) { QList::operator=(r); merged = r.merged; return *this; } bool sqlUpdate(QVariant caId); }; #endif xca-RELEASE.2.9.0/lib/x509v3ext.cpp000066400000000000000000000656451477156507700163700ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2011 Christian Hohnstaedt. * * All rights reserved. */ #include "x509v3ext.h" #include "x509name.h" #include "asn1int.h" #include "func.h" #include "exception.h" #include #include #include #include #include #include "base.h" #include "BioByteArray.h" x509v3ext::x509v3ext() { } x509v3ext::x509v3ext(const X509_EXTENSION *n) { if (n) { ext = X509_EXTENSION_dup((X509_EXTENSION *)n); Q_CHECK_PTR(ext); } } x509v3ext::x509v3ext(const x509v3ext &n) { set(n.ext); } x509v3ext::x509v3ext(int nid, const QString &et, X509V3_CTX *ctx) { create(nid, et, ctx); } x509v3ext::~x509v3ext() { if (ext) X509_EXTENSION_free(ext); } x509v3ext &x509v3ext::set(const X509_EXTENSION *n) { if (n) { ASN1_OCTET_STRING *str = X509_EXTENSION_get_data((X509_EXTENSION *)n); if (!str || !str->length) n = nullptr; } if (ext != nullptr) X509_EXTENSION_free(ext); ext = n ? X509_EXTENSION_dup((X509_EXTENSION *)n) : nullptr; openssl_error(); return *this; } x509v3ext &x509v3ext::create(int nid, const QString &et, X509V3_CTX *ctx) { if (ext) { X509_EXTENSION_free(ext); ext = nullptr; } openssl_error(); if (!et.isEmpty()) { QString etext = et; if (et.contains("DNS:copycn") && ctx && ctx->subject_cert && nid == NID_subject_alt_name) { x509name xn(X509_get_subject_name(ctx->subject_cert)); QStringList new_san; int i, max = xn.entryCount(); for (i=0; i < max; i++) { if (xn.nid(i) == NID_commonName) new_san << QString("DNS:%1").arg(xn.getEntry(i)); } qDebug() << "COUNT" << new_san.size() << new_san.join(","); if (new_san.size() > 0) etext.replace(QString("DNS:copycn"), new_san.join(",")); } if (nid == NID_subject_alt_name || nid == NID_issuer_alt_name || nid == NID_name_constraints) { QStringList sl = etext.split(","); QRegularExpression match("([a-z]+;)*UPN:"); for (int i=0; isubject_cert) { X509_add_ext(ctx->subject_cert, ext, -1); } } ign_openssl_error(); return *this; } x509v3ext &x509v3ext::create_ia5(int nid, const QString &et, X509V3_CTX *ctx) { QByteArray ba = et.toLocal8Bit(); for (int i=0; i"), ">"); text.replace(QRegularExpression("\n"), "
\n"); return text; } QString x509v3ext::getConsoleValue(const QString &indent) const { QString text = getValue(); text.replace(QRegularExpression("\n"), QString("\n") + indent); return text; } static QString vlist2Section(QStringList vlist, QString tag, QString *sect) { /* Check for commas in the text */ if (!vlist.join("").contains(",")) return vlist.join(", "); *sect += QString("\n[%1_sect]\n").arg(tag); for (int i=0; itype) { case GEN_EMAIL: ret = "email:%1"; break; case GEN_DNS: ret = "DNS:%1"; break; case GEN_URI: ret = "URI:%1"; break; case GEN_DIRNAME: { tag += "_dirname"; x509name xn(gen->d.dirn); *sect += QString("\n[%1]\n"). arg(tag); *sect += xn.taggedValues(); *single = QString("dirName:") + tag; return true; } case GEN_IPADD: p = gen->d.ip->data; if (gen->d.ip->length == 4) { *single = QString("IP:%1.%2.%3.%4"). arg(p[0]).arg(p[1]).arg(p[2]).arg(p[3]); return true; } else if(gen->d.ip->length == 8) { *single = QString("IP:%1.%2.%3.%4/%5.%6.%7.%8"). arg(p[0]).arg(p[1]).arg(p[2]).arg(p[3]). arg(p[4]).arg(p[5]).arg(p[6]).arg(p[7]); return true; } else if(gen->d.ip->length == 16) { *single = "IP:" + ipv6_from_binary(gen->d.ip->data); return true; } else if(gen->d.ip->length == 32) { *single = "IP:" + ipv6_from_binary(gen->d.ip->data) + "/" + ipv6_from_binary(gen->d.ip->data +16); return true; } return false; case GEN_RID: *single = QString("RID:%1"). arg(obj2SnOid(gen->d.rid)); return true; case GEN_OTHERNAME: { int type = gen->d.otherName->value->type; ASN1_STRING *a; a = gen->d.otherName->value->value.asn1_string; if (asn1TypePrintable(type)) { *single = QString("otherName:%1;%2:%3"). arg(obj2SnOid(gen->d.otherName->type_id)). arg(asn1Type2Name(type)). arg(asn1ToQString(a, true)); } else { *single = QString("otherName:%1;FORMAT:HEX,%2"). arg(obj2SnOid(gen->d.otherName->type_id)). arg(asn1Type2Name(type)); for (int i=0; ilength; i++) { *single += QString(":%1"). arg((int)(a->data[i]), 2, 16, QChar('0')); } } return true; } default: return false; } if (!ret.isEmpty()) *single = ret.arg(asn1ToQString(gen->d.ia5, true)); return true; } static bool genNameStack2conf(STACK_OF(GENERAL_NAME) *gens, QString tag, QString *single, QString *sect) { int i; QStringList sl; for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) { QString one; if (!genName2conf(sk_GENERAL_NAME_value(gens, i), QString("%1_%2").arg(tag).arg(i), &one, sect)) { return false; } sl << one; } *single = vlist2Section(sl, tag, sect); return true; } QString x509v3ext::parse_critical() const { return QString(getCritical() ? "critical," : ""); } #define TEXTS (\ B_ASN1_TIME | B_ASN1_DIRECTORYSTRING | B_ASN1_DISPLAYTEXT | \ B_ASN1_NUMERICSTRING | B_ASN1_T61STRING | B_ASN1_UNIVERSALSTRING) bool x509v3ext::parse_ia5(QString *single, QString *adv) const { ASN1_STRING *str = (ASN1_STRING *)d2i(); QString ret; if (!isValid()) return false; if (!str) { const unsigned char *p = getData()->data; str = d2i_ASN1_OCTET_STRING(NULL, &p, getData()->length); if (ign_openssl_error() || !str) return false; ret = QString("%2"). arg(asn1Type2Name(str->type)). arg(QString(asn1ToQString(str))); } else { ret = QString(asn1ToQString(str)); } if (single) *single = ret; else if (adv) *adv = QString("%1=%2\n").arg(OBJ_nid2sn(nid())).arg(ret) +*adv; ASN1_STRING_free(str); return true; } bool x509v3ext::parse_generalName(QString *single, QString *adv) const { bool retval = true; QString sect, ret; STACK_OF(GENERAL_NAME) *gens = (STACK_OF(GENERAL_NAME) *)d2i(); if (!gens) return false; QString tag = OBJ_nid2sn(nid()); if (!genNameStack2conf(gens, tag, &ret, §)) retval = false; else if (sect.isEmpty() && single) { *single = parse_critical() + ret; } else if (adv) { *adv = QString("%1=%2\n").arg(tag). arg(parse_critical() +ret) + *adv + sect; } sk_GENERAL_NAME_free(gens); return retval; } bool x509v3ext::parse_eku(QString *single, QString *adv) const { EXTENDED_KEY_USAGE *eku = (EXTENDED_KEY_USAGE *)d2i(); QStringList sl; int i; if (!eku) return false; for (i = 0; i < sk_ASN1_OBJECT_num(eku); i++) { sl << QString(OBJ_obj2sn(sk_ASN1_OBJECT_value(eku, i))); } QString r = parse_critical() + sl.join(", "); if (single) *single = r; else if (adv) *adv = QString("%1=%2\n").arg(OBJ_nid2sn(nid())).arg(r) + *adv; EXTENDED_KEY_USAGE_free(eku); return true; } bool x509v3ext::parse_ainfo(QString *single, QString *adv) const { bool retval = true; QString sect, ret; QString tag = OBJ_nid2sn(nid()); QStringList sl; int i; AUTHORITY_INFO_ACCESS *ainfo = (AUTHORITY_INFO_ACCESS *)d2i(); if (!ainfo) return false; for (i = 0; i < sk_ACCESS_DESCRIPTION_num(ainfo); i++) { QString one; ACCESS_DESCRIPTION *desc = sk_ACCESS_DESCRIPTION_value(ainfo, i); if (!genName2conf(desc->location, QString("%1_%2").arg(tag).arg(i), &one, §)) { retval = false; break; } sl << QString("%1;%2").arg(OBJ_obj2sn(desc->method)).arg(one); } if (retval) { ret = vlist2Section(sl, tag, §); if (sect.isEmpty() && sk_ACCESS_DESCRIPTION_num(ainfo) == 1 && single) { *single = parse_critical() + ret; } else if (adv) { *adv = QString("%1=%2\n").arg(tag). arg(parse_critical() + ret) + *adv + sect; } } AUTHORITY_INFO_ACCESS_free(ainfo); return retval; } static const BIT_STRING_BITNAME reason_flags[] = { {0, "", "unused"}, {1, "", "keyCompromise"}, {2, "", "CACompromise"}, {3, "", "affiliationChanged"}, {4, "", "superseded"}, {5, "", "cessationOfOperation"}, {6, "", "certificateHold"}, {7, "", "privilegeWithdrawn"}, {8, "", "AACompromise"}, {-1, NULL, NULL} }; static QString parse_bits(const BIT_STRING_BITNAME *flags, ASN1_BIT_STRING *str) { const BIT_STRING_BITNAME *pbn; QStringList r; for (pbn = flags; pbn->sname; pbn++) { if (ASN1_BIT_STRING_get_bit(str, pbn->bitnum)) r << QString(pbn->sname); } return r.join(", "); } bool x509v3ext::parse_Crldp(QString *single, QString *adv) const { QString othersect; QStringList crldps; const char *sn = OBJ_nid2sn(nid()); STACK_OF(DIST_POINT) *crld = (STACK_OF(DIST_POINT)*)d2i(); if (!crld) return false; if (sk_DIST_POINT_num(crld) == 1 && single) { DIST_POINT *point = sk_DIST_POINT_value(crld, 0); if (point->distpoint && !point->reasons && !point->CRLissuer && !point->distpoint->type) { QString sect, ret; if (!genNameStack2conf(point->distpoint->name.fullname, "", &ret, §)) goto could_not_parse; if (sect.isEmpty()) { if (single) *single = parse_critical() +ret; else if (adv) *adv = QString("%1=%2\n").arg(sn). arg(parse_critical() +ret) +*adv; return true; } } } for(int i = 0; i < sk_DIST_POINT_num(crld); i++) { DIST_POINT *point = sk_DIST_POINT_value(crld, i); QString tag = QString("crlDistributionPoint%1_sect").arg(i); QString crldpsect = QString("\n[%1]\n").arg(tag); if (point->distpoint) { if (!point->distpoint->type) { QString ret; if (!genNameStack2conf(point->distpoint->name.fullname, tag + "_fullname", &ret, &othersect)) goto could_not_parse; crldpsect += "fullname=" + ret +"\n"; } else { QString mysect = tag + "_relativename"; x509name xn(point->distpoint->name.relativename); crldpsect += "relativename=" + mysect + "\n"; othersect += QString("\n[%1]\n").arg(mysect) + xn.taggedValues(); } } if (point->reasons) { crldpsect += QString("reasons=%1\n"). arg(parse_bits(reason_flags, point->reasons)); } if (point->CRLissuer) { QString ret; if (genNameStack2conf(point->CRLissuer, tag +"_crlissuer", &ret, &othersect)) goto could_not_parse; crldpsect += "CRLissuer=" + ret + "\n"; } crldps << tag; othersect = crldpsect + othersect; } sk_DIST_POINT_free(crld); if (crldps.size() == 0) return true; if (adv) { *adv = QString("%1=%2\n").arg(sn). arg(parse_critical() + crldps.join(", ")) + *adv + othersect; } return true; could_not_parse: sk_DIST_POINT_free(crld); return false; } static void gen_cpol_notice(QString tag, USERNOTICE *notice, QString *adv) { *adv += QString("\n[%1]\n").arg(tag); if (notice->exptext) { *adv += QString("explicitText=%1\n"). arg(asn1ToQString(notice->exptext, true)); } if (notice->noticeref) { NOTICEREF *ref = notice->noticeref; QStringList sl; int i; *adv += QString("organization=%1\n"). arg(asn1ToQString(ref->organization, true)); for (i = 0; i < sk_ASN1_INTEGER_num(ref->noticenos); i++) { a1int num(sk_ASN1_INTEGER_value(ref->noticenos, i)); sl << num.toDec(); } if (sl.size()) *adv += QString("noticeNumbers=%1\n"). arg(sl.join(", ")); } } static bool gen_cpol_qual_sect(QString tag, POLICYINFO *pinfo, QString *adv) { QString polsect = QString("\n[%1]\n").arg(tag); QString noticetag, _adv; STACK_OF(POLICYQUALINFO) *quals = pinfo->qualifiers; int i; if (!quals) return false; if (!adv) adv = &_adv; polsect += QString("policyIdentifier=%1\n"). arg(obj2SnOid(pinfo->policyid)); for (i = 0; i < sk_POLICYQUALINFO_num(quals); i++) { POLICYQUALINFO *qualinfo = sk_POLICYQUALINFO_value(quals, i); switch (OBJ_obj2nid(qualinfo->pqualid)) { case NID_id_qt_cps: polsect += QString("CPS.%1=%2\n").arg(i). arg(asn1ToQString(qualinfo->d.cpsuri, true)); break; case NID_id_qt_unotice: noticetag = QString("%1_notice%2_sect").arg(tag).arg(i); polsect += QString("userNotice.%1=@%2\n").arg(i). arg(noticetag); gen_cpol_notice(noticetag, qualinfo->d.usernotice, adv); break; default: return false; } } *adv = polsect + *adv; return true; } bool x509v3ext::parse_certpol(QString *, QString *adv) const { bool retval = true; QStringList pols; QString myadv; int i; STACK_OF(POLICYINFO) *pol = (STACK_OF(POLICYINFO) *)d2i(); if (!pol) return false; for (i = 0; i < sk_POLICYINFO_num(pol); i++) { POLICYINFO *pinfo = sk_POLICYINFO_value(pol, i); if (!pinfo->qualifiers) { pols << obj2SnOid(pinfo->policyid); continue; } QString tag = QString("certpol%1_sect").arg(i); pols << QString("@") + tag; if (!gen_cpol_qual_sect(tag, pinfo, &myadv)) { retval = false; break; } } if (retval && adv) *adv = QString("certificatePolicies=%1ia5org,%2\n"). arg(parse_critical()).arg(pols.join(", ")) + *adv + myadv; sk_POLICYINFO_free(pol); return retval; } bool x509v3ext::parse_bc(QString *single, QString *adv) const { BASIC_CONSTRAINTS *bc = (BASIC_CONSTRAINTS *)d2i(); if (!bc) return false; QString ret = a1int(bc->pathlen).toDec(); if (!ret.isEmpty()) ret = ",pathlen:" + ret; ret = parse_critical() + (bc->ca ? "CA:TRUE" : "CA:FALSE") + ret; if (single) *single = ret; else if (adv) *adv = QString("%1=%2\n").arg(OBJ_nid2sn(nid())).arg(ret) +*adv; BASIC_CONSTRAINTS_free(bc); return true; } static const BIT_STRING_BITNAME key_usage_type_table[] = { {0, "Digital Signature", "digitalSignature"}, {1, "Non Repudiation", "nonRepudiation"}, {2, "Key Encipherment", "keyEncipherment"}, {3, "Data Encipherment", "dataEncipherment"}, {4, "Key Agreement", "keyAgreement"}, {5, "Certificate Sign", "keyCertSign"}, {6, "CRL Sign", "cRLSign"}, {7, "Encipher Only", "encipherOnly"}, {8, "Decipher Only", "decipherOnly"}, {-1, NULL, NULL} }; static const BIT_STRING_BITNAME ns_cert_type_table[] = { {0, "SSL Client", "client"}, {1, "SSL Server", "server"}, {2, "S/MIME", "email"}, {3, "Object Signing", "objsign"}, {4, "Unused", "reserved"}, {5, "SSL CA", "sslCA"}, {6, "S/MIME CA", "emailCA"}, {7, "Object Signing CA", "objCA"}, {-1, NULL, NULL} }; bool x509v3ext::parse_bitstring(QString *single, QString *adv) const { ASN1_BIT_STRING *bs; const BIT_STRING_BITNAME *bnames; int n = nid(); switch (n) { case NID_key_usage: bnames = key_usage_type_table; break; case NID_netscape_cert_type: bnames = ns_cert_type_table; break; default: return false; } bs = (ASN1_BIT_STRING *)d2i(); if (!bs) return false; QString ret = parse_critical() + parse_bits(bnames, bs); if (single) *single = ret; else if (adv) *adv = QString("%1=%2\n").arg(OBJ_nid2sn(nid())).arg(ret) +*adv; ASN1_BIT_STRING_free(bs); return true; } bool x509v3ext::parse_sKeyId(QString *, QString *adv) const { if (adv) *adv = QString("%1=hash\n").arg(OBJ_nid2sn(nid())) + *adv; return true; } bool x509v3ext::parse_aKeyId(QString *, QString *adv) const { QStringList ret; AUTHORITY_KEYID *akeyid = (AUTHORITY_KEYID *)d2i(); ign_openssl_error(); if (!akeyid) return false; if (akeyid->keyid) ret << "keyid"; if (akeyid->issuer) ret << "issuer:always"; if (adv) *adv = QString("%1=%2\n").arg(OBJ_nid2sn(nid())). arg(ret.join(", ")) + *adv; AUTHORITY_KEYID_free(akeyid); return true; } bool x509v3ext::parse_generic(QString *, QString *adv) const { if (!isValid()) return false; const ASN1_OBJECT *o = object(); QString der, obj = o ? obj2SnOid(o) : QString("INVALID"); ASN1_OCTET_STRING *v = getData(); for (int i=0; v && i < v->length; i++) der += QString(":%1").arg((int)(v->data[i]), 2, 16, QChar('0')); if (adv) *adv = QString("%1=%2DER%3\n").arg(obj). arg(parse_critical()).arg(der) + *adv; return true; } bool x509v3ext::parse_inhibitAnyPolicy(QString *, QString *adv) const { ASN1_INTEGER *a = (ASN1_INTEGER *)d2i(); ign_openssl_error(); if (!a) return false; a1int val(a); if (adv) { *adv = QString("%1=%2%3\n").arg(OBJ_nid2sn(nid())). arg(parse_critical()).arg(val.toDec()) + *adv; } ASN1_INTEGER_free(a); return true; } bool x509v3ext::parse_policyConstraints(QString *, QString *adv) const { QStringList v; a1int a1null(0L), a; POLICY_CONSTRAINTS *pol = (POLICY_CONSTRAINTS *)d2i(); ign_openssl_error(); if (!pol) return false; a = a1int(pol->requireExplicitPolicy); if (a != a1null) v << QString("requireExplicitPolicy:%1").arg(a.toDec()); a = a1int(pol->inhibitPolicyMapping); if (a != a1null) v << QString("inhibitPolicyMapping:%1").arg(a.toDec()); if (adv) *adv = QString("%1=%2%3\n").arg(OBJ_nid2sn(nid())). arg(parse_critical()).arg(v.join(", ")) + *adv; POLICY_CONSTRAINTS_free(pol); return true; } bool x509v3ext::parse_policyMappings(QString *, QString *adv) const { bool retval = true; QStringList polMaps; QString myadv; POLICY_MAPPINGS *pmaps = (POLICY_MAPPINGS *)d2i(); ign_openssl_error(); if (!pmaps) return false; for (int i = 0; i < sk_POLICY_MAPPING_num(pmaps); i++) { POLICY_MAPPING *pmap = sk_POLICY_MAPPING_value(pmaps, i); polMaps << QString("%1 = %2"). arg(obj2SnOid(pmap->issuerDomainPolicy)). arg(obj2SnOid(pmap->subjectDomainPolicy)); } if (polMaps.size() > 0 && adv) { *adv = QString("policyMappings=%1@policyMappings_sect\n"). arg(parse_critical()) + *adv + QString("[policyMappings_sect]\n") + polMaps.join("\n"); } sk_POLICY_MAPPING_free(pmaps); return retval; } static bool nameConstraint(STACK_OF(GENERAL_SUBTREE) *trees, QString prefix, QString tag, QString *single, QString *sect) { QStringList sl; for (int i = 0; i < sk_GENERAL_SUBTREE_num(trees); i++) { QString one; GENERAL_SUBTREE *tree = sk_GENERAL_SUBTREE_value(trees, i); if (!genName2conf(tree->base, QString("%1_%2").arg(tag).arg(i), &one, sect)) { return false; } qDebug("%s: %d '%s'\n", __func__, i, CCHAR(one)); sl << prefix + ";" + one; } *single = vlist2Section(sl, tag+prefix, sect); qDebug("Single: '%s'\n", CCHAR(*single)); return true; } bool x509v3ext::parse_nameConstraints(QString *single, QString *adv) const { bool retval = true; QString sect, ret; QStringList permEx; QString tag = OBJ_nid2sn(nid()); NAME_CONSTRAINTS *cons = (NAME_CONSTRAINTS *)d2i(); ign_openssl_error(); if (!cons) return false; if (!nameConstraint(cons->permittedSubtrees, "permitted", tag, &ret, §)) retval = false; if (ret.size() > 0) permEx << ret; if (!nameConstraint(cons->excludedSubtrees, "excluded", tag, &ret, §)) retval = false; if (ret.size() > 0) permEx << ret; if (retval && permEx.size() > 0) { ret = permEx.join(", "); qDebug() << retval << ret; if (single) *single = ret; else if (adv) *adv = QString("%1=%2\n").arg(tag). arg(parse_critical() +ret) + *adv + sect; } NAME_CONSTRAINTS_free(cons); return retval; } bool x509v3ext::genConf(QString *single, QString *adv) const { int n = nid(); switch (n) { case NID_crl_distribution_points: return parse_Crldp(single, adv); case NID_subject_alt_name: case NID_issuer_alt_name: return parse_generalName(single, adv); case NID_info_access: return parse_ainfo(single, adv); case NID_ext_key_usage: return parse_eku(single, adv); case NID_certificate_policies: return parse_certpol(single, adv); case NID_netscape_comment: case NID_netscape_base_url: case NID_netscape_revocation_url: case NID_netscape_ca_revocation_url: case NID_netscape_renewal_url: case NID_netscape_ca_policy_url: case NID_netscape_ssl_server_name: return parse_ia5(single, adv); case NID_basic_constraints: return parse_bc(single, adv); case NID_key_usage: case NID_netscape_cert_type: return parse_bitstring(single, adv); case NID_subject_key_identifier: return parse_sKeyId(single, adv); case NID_authority_key_identifier: return parse_aKeyId(single, adv); case NID_inhibit_any_policy: return parse_inhibitAnyPolicy(single, adv); case NID_policy_constraints: return parse_policyConstraints(single, adv); case NID_policy_mappings: return parse_policyMappings(single, adv); case NID_name_constraints: return parse_nameConstraints(single, adv); case NID_id_pkix_OCSP_noCheck: if (adv) *adv = "noCheck = ignored\n" + *adv; return true; default: return parse_generic(single, adv); } return false; } QString x509v3ext::getHtml() const { QString html; html = "" + getObject(); if (getCritical() != 0) html += " critical"; html += ":
" + getHtmlValue() + ""; return html; } QString x509v3ext::getConsole(const QString &indent) const { QString text, twoind = indent + indent; text = indent + COL_BOLD COL_UNDER + getObject(); if (getCritical() != 0) text += " " COL_RED COL_UNDER "[critical]"; text += COL_RESET "\n" + twoind + getConsoleValue(twoind); return text; } X509_EXTENSION *x509v3ext::get() const { return ext ? X509_EXTENSION_dup(ext) : nullptr; } bool x509v3ext::isValid() const { return ext && getData() && getData()->length > 0 && OBJ_obj2nid(X509_EXTENSION_get_object(ext)) != NID_undef; } /*************************************************************/ bool extList::genConf(int nid, QString *single, QString *adv) { int i = idxByNid(nid); if (i != -1) { if (at(i).genConf(single, adv)) removeAt(i); ign_openssl_error(); return true; } return false; } void extList::genGenericConf(QString *adv) { for (int i=0; i< size();) { if (at(i).genConf(NULL, adv) || at(i).parse_generic(NULL, adv)) removeAt(i); else i++; ign_openssl_error(); } } void extList::setStack(const STACK_OF(X509_EXTENSION) *st, int start) { clear(); int cnt = sk_X509_EXTENSION_num(st); x509v3ext e; for (int i=start; i i(*this); while (i.hasNext()) { if (!i.next().isValid()) { i.remove(); removed=1; } } return removed; } xca-RELEASE.2.9.0/lib/x509v3ext.h000066400000000000000000000051631477156507700160220ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __X509V3EXT_H #define __X509V3EXT_H #include #include #include #include #include class QString; class x509v3ext { private: X509_EXTENSION *ext{}; const ASN1_OBJECT *object() const; public: x509v3ext(); x509v3ext(const X509_EXTENSION *n); x509v3ext(const x509v3ext &n); x509v3ext(int nid, const QString &et, X509V3_CTX *ctx); ~x509v3ext(); x509v3ext &set(const X509_EXTENSION *n); x509v3ext &create(int nid, const QString &et, X509V3_CTX *ctx = NULL); x509v3ext &create_ia5(int nid, const QString &et, X509V3_CTX *ctx = NULL); x509v3ext &operator = (const x509v3ext &x); // bool operator == (const x509v3ext &x) const; QString getObject() const; int getCritical() const; ASN1_OCTET_STRING *getData() const; QString getValue() const; QString getHtmlValue() const; QString getConsoleValue(const QString &indent) const; QString getHtml() const; QString getConsole(const QString &indent) const; X509_EXTENSION *get() const; bool isValid() const; int nid() const; void *d2i() const; bool genConf(QString *single, QString *adv) const; bool parse_generic(QString *single, QString *adv) const; protected: QString parse_critical() const; bool parse_certpol(QString *single, QString *adv) const; bool parse_ainfo(QString *single, QString *adv) const; bool parse_Crldp(QString *single, QString *adv) const; bool parse_eku(QString *single, QString *adv) const; bool parse_generalName(QString *single, QString *adv) const; bool parse_ia5(QString *single, QString *adv) const; bool parse_bc(QString *single, QString *adv) const; bool parse_bitstring(QString *single, QString *adv) const; bool parse_sKeyId(QString *single, QString *adv) const; bool parse_aKeyId(QString *single, QString *adv) const; bool parse_inhibitAnyPolicy(QString *, QString *adv) const; bool parse_policyConstraints(QString *, QString *adv) const; bool parse_policyMappings(QString *, QString *adv) const; bool parse_nameConstraints(QString *, QString *adv) const; }; class extList : public QList { public: void setStack(const STACK_OF(X509_EXTENSION) *st, int start=0); STACK_OF(X509_EXTENSION) *getStack() const; QString getHtml(const QString &sep) const; QString getConsole(const QString &indent) const; bool delByNid(int nid); int delInvalid(); int idxByNid(int nid) const; bool genConf(int nid, QString *single, QString *adv = NULL); void genGenericConf(QString *adv); bool search(const QRegularExpression &pattern) const; }; #endif xca-RELEASE.2.9.0/lib/xcadoc.cpp000066400000000000000000000011021477156507700161040ustar00rootroot00000000000000#include #include #include #include #include "arguments.h" int main(int argc, char *argv[]) { if (argc < 2) { qWarning() << "Need type argument: "; return EXIT_FAILURE; } QByteArray doc = arguments::doc(argv[1]).toUtf8(); if (doc.isEmpty()) { qWarning() << QString("Doc was empty: %1").arg(argv[1]); return EXIT_FAILURE; } if (argc > 2) { QFile f(argv[2]); f.open(QIODevice::WriteOnly); f.write(doc); f.close(); } else { QTextStream out(stdout); out << doc; } return EXIT_SUCCESS; } xca-RELEASE.2.9.0/lib/xcaexport.cpp000066400000000000000000000026151477156507700166720ustar00rootroot00000000000000#include #include #include #include #include "pki_export.h" static const QMap typeMap = { {"x509", x509}, {"x509-clp", x509}, {"key", asym_key}, {"key-clp", asym_key}, {"request", x509_req}, {"revocation", revocation}, {"template", tmpl}, }; static void noop(QtMsgType , const QMessageLogContext &, const QString &) { } static QString make_doc(const QString &which) { pki_type typ = typeMap[which]; int match = which.endsWith("-clp") ? F_CLIPBOARD : 0; QString doc; for (const pki_export *exp : pki_export::select(typ, 0)) { if (exp->match_all(match)) { doc += QString(" - **%1:** (\\*.%2) %3\n").arg(exp->desc).arg(exp->extension).arg(exp->help); } } return doc; } int main(int argc, char *argv[]) { qInstallMessageHandler(noop); if (argc < 2) { qWarning() << "Need type argument: "; return EXIT_FAILURE; } pki_export::init_elements(); if (!typeMap.contains(argv[1])) { qWarning() << QString("Unknown type: %1").arg(argv[1]); return EXIT_FAILURE; } QByteArray doc = make_doc(argv[1]).toUtf8(); if (argc > 2) { QFile f(argv[2]); f.open(QIODevice::WriteOnly); f.write(doc); f.close(); } else { QTextStream out(stdout); out << doc; } pki_export::free_elements(); return EXIT_SUCCESS; } xca-RELEASE.2.9.0/lib/xfile.h000066400000000000000000000017171477156507700154330ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2019 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __X_FILE_H #define __X_FILE_H #include #include #include #include "exception.h" #include class XFile : public QFile { Q_OBJECT public: bool open(OpenMode flags) { bool o = QFile::open(flags | Unbuffered); if (error()) { throw errorEx(tr("Error opening file: '%1': %2") .arg(fileName()).arg(strerror(errno))); } return o; } XFile(const QString &name) : QFile(name) { } void retry_read() { seek(0); if (error()) { throw errorEx( tr("Error rewinding file: '%1': %2") .arg(fileName()) .arg(strerror(errno))); } } bool open_key() { bool o = open_write(); setPermissions(ReadOwner | WriteOwner); return o; } bool open_write() { return open(ReadWrite | Truncate); } bool open_read() { return open(ReadOnly); } }; #endif xca-RELEASE.2.9.0/local.h.in000066400000000000000000000007521477156507700152530ustar00rootroot00000000000000#define XCA_VERSION "@PROJECT_VERSION@" /* usually "xca" */ #define PACKAGE_TARNAME "@PROJECT_NAME@" /* usually "X Certificate and Key management" */ #define PACKAGE_NAME "@PROJECT_DESCRIPTION@" #define GIT_COMMIT_REV "@GIT_REV@" #cmakedefine GIT_LOCAL_CHANGES /* Build an AppStore compliant version */ #cmakedefine APPSTORE_COMPLIANT /* Install PREFIX (linux only) */ #if defined Q_OS_UNIX && ! defined Q_OS_MACOS #define INSTALL_DATA_PREFIX "@CMAKE_INSTALL_PREFIX@/share/xca" #endif xca-RELEASE.2.9.0/misc/000077500000000000000000000000001477156507700143325ustar00rootroot00000000000000xca-RELEASE.2.9.0/misc/.gitignore000066400000000000000000000000461477156507700163220ustar00rootroot00000000000000dn.txt eku.txt oids.txt variables.wxi xca-RELEASE.2.9.0/misc/CA.xca000066400000000000000000000024341477156507700153150ustar00rootroot00000000000000-----BEGIN XCA TEMPLATE----- AAADkgAAAAowAAAAAB4AAAAUAE8AQwBTAFAAcwB0AGEAcABsAGUAAAACADAAAAAO AGEAZAB2AF8AZQB4AHQAAAAAAAAAFABhAHUAdABoAEkAbgBmAEEAYwBjAAAAAAAA AA4AYQB1AHQAaABLAGUAeQAAAAIAMQAAABIAYgBhAHMAaQBjAFAAYQB0AGgAAAAA AAAAFABiAGMAQwByAGkAdABpAGMAYQBsAAAAAgAxAAAABABjAGEAAAACADEAAAAO AGMAcgBsAEQAaQBzAHQAAAAAAAAADgBlAEsAZQB5AFUAcwBl/////wAAABYAZQBr AHUAQwByAGkAdABpAGMAYQBsAAAAAgAwAAAAIABpAG4AdABlAHIAbgBhAGwAXwBj AG8AbQBtAGUAbgB0AAAAAAAAABoAaQBuAHQAZQByAG4AYQBsAF8AbgBhAG0AZQAA AAQAQwBBAAAAFABpAHMAcwBBAGwAdABOAGEAbQBlAAAAAAAAAAwAawBlAHkAVQBz AGUAAAAEADkANgAAABQAawB1AEMAcgBpAHQAaQBjAGEAbAAAAAIAMAAAABAAbgBh AG0AZQBDAG8AbgBzAAAAAAAAACgAbgBvAFcAZQBsAGwARABlAGYAaQBuAGUAZABF AHgAcABEAGEAdABlAAAAAgAwAAAAEgBuAHMAQgBhAHMAZQBVAHIAbAAAAAAAAAAi AG4AcwBDAEEAUgBlAHYAbwBjAGEAdABpAG8AbgBVAHIAbAAAAAAAAAAaAG4AcwBD AGEAUABvAGwAaQBjAHkAVQByAGwAAAAAAAAAFABuAHMAQwBlAHIAdABUAHkAcABl AAAABgAxADEAMgAAABIAbgBzAEMAbwBtAG0AZQBuAHQAAAAeAHgAYwBhACAAYwBl AHIAdABpAGYAaQBjAGEAdABlAAAAGABuAHMAUgBlAG4AZQB3AGEAbABVAHIAbAAA AAAAAAAeAG4AcwBSAGUAdgBvAGMAYQB0AGkAbwBuAFUAcgBsAAAAAAAAAB4AbgBz AFMAcwBsAFMAZQByAHYAZQByAE4AYQBtAGUAAAAAAAAAFABzAHUAYgBBAGwAdABO AGEAbQBlAAAAAAAAAAwAcwB1AGIASwBlAHkAAAACADEAAAAMAHYAYQBsAGkAZABN AAAAAgAyAAAAEgB2AGEAbABpAGQATQBpAGQAbgAAAAIAMAAAAAwAdgBhAGwAaQBk AE4AAAAEADEAMA== -----END XCA TEMPLATE----- xca-RELEASE.2.9.0/misc/CMakeLists.txt000066400000000000000000000053601477156507700170760ustar00rootroot00000000000000 set(S "${PROJECT_SOURCE_DIR}/misc") set(D "${PROJECT_BINARY_DIR}/misc") file(MAKE_DIRECTORY ${D}) configure_file(${S}/Info.plist.in ${D}/Info.plist) configure_file(${S}/dynamic.wxs.in ${D}/dynamic.wxs) set(CPACK_RESOURCE_FILE_LICENSE "${S}/copyright.rtf") set(CPACK_BUNDLE_PLIST ${D}/Info.plist) set(CPACK_DMG_DS_STORE ${S}/dmg.DS_Store) set_property(TARGET ${PROJECT_NAME} PROPERTY MACOSX_BUNDLE_INFO_PLIST ${D}/Info.plist) ##### XCA Templates list(APPEND XCA_TEMPLATES CA.xca TLS_server.xca TLS_client.xca) list(TRANSFORM XCA_TEMPLATES PREPEND ${S}/) target_sources(${CMAKE_PROJECT_NAME} PRIVATE ${XCA_TEMPLATES}) list(APPEND APP_RESOURCES "${XCA_TEMPLATES}") ##### Text Files oids.txt eku.txt dn.txt macro(Text_header file) if (APPLE) set(DIR_HINT "HOME/Library/Application Support/data/de.hohnstaedt.xca/${file}.txt") elseif (WIN32) set(DIR_HINT "PROFILE\\Application Data\\xca\\${file}.txt") else() set(DIR_HINT "${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_DATADIR}/${file}.txt or \$HOME/.local/share/de.hohnstaedt.xca/${file}.txt") endif() file(READ "${S}/preamble.txt" PREAMBLE) file(READ "${S}/${file}.text" CONT) file(WRITE "${D}/${file}.txt" ${PREAMBLE} "\n# " ${DIR_HINT} "\n" ${CONT} ) list(APPEND TEXT_FILES "${D}/${file}.txt") endmacro() Text_header(dn) Text_header(eku) Text_header(oids) foreach(misc_name ${TEXT_FILES} ${XCA_TEMPLATES}) string(REGEX REPLACE ".*/" "" misc_basename ${misc_name}) guid(${misc_basename}) list(APPEND MISC_COMPREFS " \n") list(APPEND MISC_COMPS " \n") endforeach() string(APPEND WIX_MISC_CONTENT "\n" ${MISC_COMPS} " \n" ${MISC_COMPREFS} "") WixFile(${D}/misc.wxs ${WIX_MISC_CONTENT}) target_sources(${CMAKE_PROJECT_NAME} PRIVATE ${TEXT_FILES}) list(APPEND APP_RESOURCES ${TEXT_FILES}) if (UNIX AND NOT APPLE) install(FILES ${TEXT_FILES} ${XCA_TEMPLATES} DESTINATION ${CMAKE_INSTALL_DATADIR}/${CMAKE_PROJECT_NAME} ) install(FILES misc/de.hohnstaedt.xca.desktop DESTINATION ${CMAKE_INSTALL_DATADIR}/applications ) install(FILES misc/xca.completion DESTINATION ${CMAKE_INSTALL_DATADIR}/bash-completion/completions RENAME xca ) install(FILES misc/xca.xml DESTINATION ${CMAKE_INSTALL_DATADIR}/mime/packages ) install(FILES misc/de.hohnstaedt.xca.metainfo.xml DESTINATION ${CMAKE_INSTALL_DATADIR}/metainfo ) elseif(WIN32) install(FILES ${TEXT_FILES} ${XCA_TEMPLATES} DESTINATION ${RUNTIME_DEST} ) endif() xca-RELEASE.2.9.0/misc/Info.plist.in000066400000000000000000000104661477156507700167160ustar00rootroot00000000000000 CFBundleExecutable xca NSHumanReadableCopyright © 2022, Christian Hohnstädt NSHighResolutionCapable True CFBundleShortVersionString @PROJECT_VERSION@ CFBundleVersion @PROJECT_VERSION@ CFBundleIconFile xca-icons.icns CFBundleIdentifier de.hohnstaedt.xca CFBundleName @CMAKE_PROJECT_NAME@ CFBundleDisplayName @CMAKE_PROJECT_NAME@ CFBundlePackageType APPL CFBundleSupportedPlatforms MacOSX LSApplicationCategoryType public.app-category.utilities LSMinimumSystemVersion @OSX_SDK_MINIMUM@ ITSAppUsesNonExemptEncryption no CFBundleLocalizations @LANGUAGES_PLIST@ CFBundleDocumentTypes CFBundleTypeExtensions xdb CFBundleTypeIconFile xca-mac-icon.icns CFBundleTypeMIMETypes application/x-xca-database CFBundleTypeName XCA Database CFBundleTypeRole Editor LSHandlerRank Owner CFBundleTypeExtensions xca CFBundleTypeIconFile xca-mac-icon.icns CFBundleTypeMIMETypes application/x-xca-template CFBundleTypeName XCA Template CFBundleTypeRole Editor LSHandlerRank Owner CFBundleTypeExtensions cert cer der crt p7c CFBundleTypeName certificate CFBundleTypeRole Editor LSHandlerRank Default CFBundleTypeExtensions pem CFBundleTypeName printable encoded archive CFBundleTypeRole Editor LSTypeIsPackage LSHandlerRank Default CFBundleTypeExtensions p7b CFBundleTypeName certificate bundle CFBundleTypeRole Viewer LSTypeIsPackage LSHandlerRank Default CFBundleTypeExtensions p7r CFBundleTypeName certificate request response CFBundleTypeRole Viewer LSTypeIsPackage LSHandlerRank Default CFBundleTypeExtensions p10 csr CFBundleTypeName certificate request CFBundleTypeRole Editor LSTypeIsPackage LSHandlerRank Default CFBundleTypeExtensions p12 pkcs12 pfx CFBundleTypeName personal information exchange file CFBundleTypeRole Editor LSTypeIsPackage LSHandlerRank Default xca-RELEASE.2.9.0/misc/Makefile000066400000000000000000000026521477156507700157770ustar00rootroot00000000000000 SRCPATH=$(VPATH)/ ifeq ($(TOPDIR),) TOPDIR=.. BUILD=.. endif include $(TOPDIR)/Rules.mak CONFIG_OBJ = dn.txt oids.txt eku.txt INSTALLS = Info.plist xca.completion xca.desktop xca.xml .install-stamp all: $(CONFIG_OBJ) .install-stamp: $(INSTALLS) MSG := \# Do not edit this file, rather use %.txt: preamble.txt %.text @$(PRINT) " GEN [$(BASENAME)] $@" ifeq ($(HOST), WINDOWS) (echo "$(MSG) PROFILE\Application Data\xca\$@" && cat $^) | sed 's/$$/\r/' > $@ else ifeq ($(HOST), DARWIN) (echo "$(MSG) HOME/Library/Application Support/data/xca/$@" && cat $^) > $@ else (echo "$(MSG) /etc/xca/$@ or HOME/.xca/$@" && cat $^) > $@ endif install: install -m 755 -d $(DESTDIR)$(xca_prefix) \ $(DESTDIR)$(datarootdir)/applications \ $(DESTDIR)$(datarootdir)/mime/packages \ $(DESTDIR)$(datarootdir)/bash-completion/completions install -m 644 $(CONFIG_OBJ) $(SRCPATH)*.xca \ $(DESTDIR)$(xca_prefix) install -m 644 $(SRCPATH)xca.desktop $(DESTDIR)$(datarootdir)/applications install -m 644 $(SRCPATH)xca.xml $(DESTDIR)$(datarootdir)/mime/packages install -m 644 $(SRCPATH)xca.completion $(DESTDIR)$(datarootdir)/bash-completion/completions/xca if test -z "$(DESTDIR)"; then \ update-mime-database $(datarootdir)/mime || :; \ update-desktop-database || :; \ fi app: Info.plist PkgInfo | $(CONFIG_OBJ) mkdir -p $(APPDIR)/Resources install -m 644 $^ $(APPDIR) install -m 644 $(CONFIG_OBJ) $(SRCPATH)*.xca $(APPDIR)/Resources xca-RELEASE.2.9.0/misc/PkgInfo000066400000000000000000000000111477156507700156020ustar00rootroot00000000000000APPLcxca xca-RELEASE.2.9.0/misc/TLS_client.xca000066400000000000000000000025101477156507700170250ustar00rootroot00000000000000-----BEGIN XCA TEMPLATE----- AAADtAAAAAowAAAAAB4AAAAUAE8AQwBTAFAAcwB0AGEAcABsAGUAAAACADAAAAAO AGEAZAB2AF8AZQB4AHQAAAAAAAAAFABhAHUAdABoAEkAbgBmAEEAYwBjAAAAAAAA AA4AYQB1AHQAaABLAGUAeQAAAAIAMQAAABIAYgBhAHMAaQBjAFAAYQB0AGgAAAAA AAAAFABiAGMAQwByAGkAdABpAGMAYQBsAAAAAgAxAAAABABjAGEAAAACADIAAAAO AGMAcgBsAEQAaQBzAHQAAAAAAAAADgBlAEsAZQB5AFUAcwBlAAAAFABjAGwAaQBl AG4AdABBAHUAdABoAAAAFgBlAGsAdQBDAHIAaQB0AGkAYwBhAGwAAAACADAAAAAg AGkAbgB0AGUAcgBuAGEAbABfAGMAbwBtAG0AZQBuAHQAAAAAAAAAGgBpAG4AdABl AHIAbgBhAGwAXwBuAGEAbQBlAAAAFABUAEwAUwBfAGMAbABpAGUAbgB0AAAAFABp AHMAcwBBAGwAdABOAGEAbQBlAAAAAAAAAAwAawBlAHkAVQBzAGUAAAAEADIAOQAA ABQAawB1AEMAcgBpAHQAaQBjAGEAbAAAAAIAMAAAABAAbgBhAG0AZQBDAG8AbgBz AAAAAAAAACgAbgBvAFcAZQBsAGwARABlAGYAaQBuAGUAZABFAHgAcABEAGEAdABl AAAAAgAwAAAAEgBuAHMAQgBhAHMAZQBVAHIAbAAAAAAAAAAiAG4AcwBDAEEAUgBl AHYAbwBjAGEAdABpAG8AbgBVAHIAbAAAAAAAAAAaAG4AcwBDAGEAUABvAGwAaQBj AHkAVQByAGwAAAAAAAAAFABuAHMAQwBlAHIAdABUAHkAcABlAAAAAgA1AAAAEgBu AHMAQwBvAG0AbQBlAG4AdAAAAB4AeABjAGEAIABjAGUAcgB0AGkAZgBpAGMAYQB0 AGUAAAAYAG4AcwBSAGUAbgBlAHcAYQBsAFUAcgBsAAAAAAAAAB4AbgBzAFIAZQB2 AG8AYwBhAHQAaQBvAG4AVQByAGwAAAAAAAAAHgBuAHMAUwBzAGwAUwBlAHIAdgBl AHIATgBhAG0AZQAAAAAAAAAUAHMAdQBiAEEAbAB0AE4AYQBtAGUAAAAAAAAADABz AHUAYgBLAGUAeQAAAAIAMQAAAAwAdgBhAGwAaQBkAE0AAAACADAAAAASAHYAYQBs AGkAZABNAGkAZABuAAAAAgAwAAAADAB2AGEAbABpAGQATgAAAAYAMwA2ADU= -----END XCA TEMPLATE----- xca-RELEASE.2.9.0/misc/TLS_server.xca000066400000000000000000000025451477156507700170650ustar00rootroot00000000000000-----BEGIN XCA TEMPLATE----- AAADyAAAAAowAAAAAB4AAAAUAE8AQwBTAFAAcwB0AGEAcABsAGUAAAACADAAAAAO AGEAZAB2AF8AZQB4AHQAAAAAAAAAFABhAHUAdABoAEkAbgBmAEEAYwBjAAAAAAAA AA4AYQB1AHQAaABLAGUAeQAAAAIAMQAAABIAYgBhAHMAaQBjAFAAYQB0AGgAAAAA AAAAFABiAGMAQwByAGkAdABpAGMAYQBsAAAAAgAxAAAABABjAGEAAAACADIAAAAO AGMAcgBsAEQAaQBzAHQAAAAAAAAADgBlAEsAZQB5AFUAcwBlAAAAFABzAGUAcgB2 AGUAcgBBAHUAdABoAAAAFgBlAGsAdQBDAHIAaQB0AGkAYwBhAGwAAAACADAAAAAg AGkAbgB0AGUAcgBuAGEAbABfAGMAbwBtAG0AZQBuAHQAAAAAAAAAGgBpAG4AdABl AHIAbgBhAGwAXwBuAGEAbQBlAAAAFABUAEwAUwBfAHMAZQByAHYAZQByAAAAFABp AHMAcwBBAGwAdABOAGEAbQBlAAAAAAAAAAwAawBlAHkAVQBzAGUAAAAEADIAMwAA ABQAawB1AEMAcgBpAHQAaQBjAGEAbAAAAAIAMAAAABAAbgBhAG0AZQBDAG8AbgBz AAAAAAAAACgAbgBvAFcAZQBsAGwARABlAGYAaQBuAGUAZABFAHgAcABEAGEAdABl AAAAAgAwAAAAEgBuAHMAQgBhAHMAZQBVAHIAbAAAAAAAAAAiAG4AcwBDAEEAUgBl AHYAbwBjAGEAdABpAG8AbgBVAHIAbAAAAAAAAAAaAG4AcwBDAGEAUABvAGwAaQBj AHkAVQByAGwAAAAAAAAAFABuAHMAQwBlAHIAdABUAHkAcABlAAAAAgAyAAAAEgBu AHMAQwBvAG0AbQBlAG4AdAAAAB4AeABjAGEAIABjAGUAcgB0AGkAZgBpAGMAYQB0 AGUAAAAYAG4AcwBSAGUAbgBlAHcAYQBsAFUAcgBsAAAAAAAAAB4AbgBzAFIAZQB2 AG8AYwBhAHQAaQBvAG4AVQByAGwAAAAAAAAAHgBuAHMAUwBzAGwAUwBlAHIAdgBl AHIATgBhAG0AZQAAAAAAAAAUAHMAdQBiAEEAbAB0AE4AYQBtAGUAAAAUAEQATgBT ADoAYwBvAHAAeQBjAG4AAAAMAHMAdQBiAEsAZQB5AAAAAgAxAAAADAB2AGEAbABp AGQATQAAAAIAMAAAABIAdgBhAGwAaQBkAE0AaQBkAG4AAAACADAAAAAMAHYAYQBs AGkAZABOAAAABgAzADYANQ== -----END XCA TEMPLATE----- xca-RELEASE.2.9.0/misc/copyright.rtf000066400000000000000000000044141477156507700170620ustar00rootroot00000000000000{\rtf1\ansi\ansicpg1252\deff0\nouicompat{\fonttbl{\f0\fnil\fcharset0 Arial;}} {\colortbl ;\red0\green0\blue255;} {\*\generator Riched20 10.0.17134}\viewkind4\uc1 \pard\qc\ul\fs32\lang1031 XCA - X Certificate and Key management\par \pard\par \ulnone\fs16 Copyright (C) 2001 - 2024 Christian Hohnstaedt.\par \par All rights reserved.\par \par \par Redistribution and use in source and binary forms, with or without\par modification, are permitted provided that the following conditions are met:\par \par - Redistributions of source code must retain the above copyright notice,\par this list of conditions and the following disclaimer.\par \pard\ri-74 - Redistributions in binary form must reproduce the above copyright notice,\par \pard this list of conditions and the following disclaimer in the documentation\par and/or other materials provided with the distribution.\par - Neither the name of the author nor the names of its contributors may be\par used to endorse or promote products derived from this software without\par specific prior written permission.\par \par \par \pard\qj THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\par \pard\par \par This program links to software with different licenses from:\par \par - {{\field{\*\fldinst{HYPERLINK https://www.openssl.org }}{\fldrslt{https://www.openssl.org\ul0\cf0}}}}\f0\fs16 which includes cryptographic software\par written by Eric Young (eay@cryptsoft.com)"\par \par - {{\field{\*\fldinst{HYPERLINK https://www.qt.io }}{\fldrslt{https://www.qt.io\ul0\cf0}}}}\f0\fs16\par \par } xca-RELEASE.2.9.0/misc/de.hohnstaedt.xca.desktop000066400000000000000000000021271477156507700212310ustar00rootroot00000000000000[Desktop Entry] Name=XCA Type=Application Comment=A graphical user interface for handling and issuing X.509 compliant Certificates Comment[de]=Eine graphische Oberfläche zur Erstellung von X.509 konformen Zertifikaten Comment[fi]=Graafinen X.509-varmenteiden hallintatyökalu Comment[fr]=Création et gestion de certificats conformes à la norme X.509 Comment[hr]=Grafičko korisničko sučelje za upravljanje životnim ciklusom X.509 sukladnih potvrda Comment[id]=Antar muka pengguna grafis untuk menangani dan menerbitkan Sertifikat yang patuh X.509 Comment[nl]=Een grafische gebruikers interface voor behandeling en uitgifte van X.509 conforme certificaten Comment[sk]=GUI na spracovanie a vydávanie Certifikátov X.509 Comment[pt_BR]=Interface gráfica para gerenciar e emitir Certificados X.509 Comment[it]=Interfaccia grafica per generare e gestire certificati X.509 Exec=xca %F Icon=de.hohnstaedt.xca Terminal=false Categories=Utility;Qt MimeType=application/x-xca-database;application/x-xca-template;application/x-x509-ca-cert;application/pkcs10;application/x-pkcs7-certificates;application/x-pkcs12; xca-RELEASE.2.9.0/misc/de.hohnstaedt.xca.metainfo.xml000066400000000000000000000057721477156507700221720ustar00rootroot00000000000000 de.hohnstaedt.xca XCA X Certificate and Key management CC0-1.0 BSD-3-Clause io.github.chris2511.xca xca io.github.chris2511.xca de.hohnstaedt.xca.desktop

XCA is intended for creating and managing X.509 certificates, certificate requests, RSA, DSA and EC private keys, Smartcards and CRLs. Everything that is needed for a CA is implemented. All CAs can sign sub-CAs recursively. These certificate chains are shown clearly. For an easy company-wide use there are customiseable templates that can be used for certificate or request generation.

Features:

  • Start your own PKI and create all kinds of private keys, certificates, requests or CRLs
  • Import and export them in any format like PEM, DER, PKCS#7, PKCS#12
  • Use them for your IPsec, OpenVPN, TLS or any other certificate based setup
  • Manage your Smart-Cards via PKCS#11 interface
  • Export certificates and requests as OpenSSL config file
  • Create Subject- and/or Extension- templates to ease issuing similar certs
  • Convert existing certificates or requests to templates
  • Get the broad support of x509v3 extensions as flexible as OpenSSL but user friendlier
  • Adapt the columns to have your important information at a glance
 Christian Hohnstädt https://www.hohnstaedt.de/xca/images/screenshots/XCA-Screenshot-certs.png https://www.hohnstaedt.de/xca/images/screenshots/XCA-Screenshot-keygen.png https://www.hohnstaedt.de/xca/ https://github.com/chris2511/xca/issues https://www.hohnstaedt.de/xca/index.php/documentation/manual xca-RELEASE.2.9.0/misc/dmg.DS_Store000066400000000000000000000240041477156507700165050ustar00rootroot00000000000000Bud1   trNon  @ @ @ @.GRP0ustrNone.bRsVbool.bwspblobbplist00 ]ShowStatusBar[ShowToolbar[ShowTabView_ContainerShowSidebar\WindowBounds[ShowSidebar_{{853, 501}, {646, 254}}#/;R_klmno .icvpblobbplist00 _backgroundColorBlue_showIconPreviewXtextSize_backgroundColorRed^backgroundType_backgroundColorGreen[gridOffsetX[gridOffsetY\showItemInfo_viewOptionsVersionYarrangeBy]labelOnBottomXiconSize[gridSpacing#?0#@0#?##?y`#Tgrid #@`#@Y%;MVkz ()./8A.vSrnlong.vstltypenone .backgroundbwspblobbplist00 ]ShowStatusBar[ShowToolbar[ShowTabView_ContainerShowSidebar\WindowBounds[ShowSidebar  _{{61, 566}, {732, 436}} #/;R_klmno .backgroundlsvCblobbplist00 UVWX_useRelativeDates_showIconPreviewWcolumns_calculateAllSizesXtextSizeZsortColumnXiconSize_viewOptionsVersion "&+05:>CGLP  ZidentifierUwidthYascendingWvisibleTname,  WvisibleUwidthYascending#Xubiquity  \dateModified #[dateCreated '( Tsizea ,- Tkinds 12 Ulabeld  67 WversionK  ; Xcomments  ?@^dateLastOpened FYdateAdded HIZshareOwner MI_shareLastEditor QI_invitationStatus#@(Tname#@0,>FZcnw $012;@BCDMRTUV_eghirz|}~ %.Y0 .backgroundlsvpblobYbplist00 EFG5_useRelativeDates_showIconPreviewWcolumns_calculateAllSizesXtextSizeZsortColumnXiconSize_viewOptionsVersion #(-26;?XcommentsUlabelWversion[dateCreatedTsize\dateModifiedTkindTname^dateLastOpened WvisibleUwidthYascendingUindex,  "d % 'K *, /1 a *5  8 : s   > AC#@(Tname#@0,>FZcnw&')*,5689;DEGHJSTVWYbcdfoprsu~H .backgroundvSrnlong.docIlocblob \.docvSrnlong ApplicationsIlocblobrR manual.htmlIlocblobRxca.appIlocblobUO E DSDB `(0@ @ @ '( Tsizea ,- Tkinds 12 Ulabeld  67 WversionK  ; Xcomments  ?@^dateLastOpened FYdateAdded HIZshareOwner MI_shareLastEditor QI_invitationStatus#@(Tname#@0,>FZcnw $012;@BCDMRTUV_eghirz|}~ %.Y0 .backgroundlsvpblobYbplist00 EFG5_useRelativeDates_showIconPreviewWcolumns_calculateAllSizesXtextSizeZsortColumnXiconSize_viewOptionsVersion #(-26;?XcommentsUlabelWversion[dateCreatedTsize\dateModifiedTkindTname^dateLastOpened WvisibleUwidthYascendxca-RELEASE.2.9.0/misc/dn.text000066400000000000000000000003261477156507700156420ustar00rootroot00000000000000C ST L O OU CN emailAddress serialNumber givenName surname title initials description role pseudonym name dnQualifier generationQualifier x500UniqueIdentifier businessCategory streetAddress localityName postalCode xca-RELEASE.2.9.0/misc/docker_start.sh000077500000000000000000000011651477156507700173600ustar00rootroot00000000000000#!/bin/bash set -e default_userid=1000 file_path="/home/user/.Xauthority" if [ -n "$USER_ID" ]; then if [[ "$USER_ID" =~ ^[0-9]+$ ]] && [ "$USER_ID" -gt 0 ]; then echo "using USER_ID from environment: $USER_ID" else echo "USER_ID from environment not numeric, aborting" exit 1 fi else if [ -e "$filepath" ]; then USER_ID=$(stat -c "%u" "$filepath") echo "using USER_ID from .Xauthority: $USER_ID" else USER_ID=$default_userid echo "using default USER_ID: $USER_ID" fi fi useradd -u "$USER_ID" -M -s /bin/bash user exec su user -c "xca $*" xca-RELEASE.2.9.0/misc/dynamic.wxs.in000066400000000000000000000062721477156507700171350ustar00rootroot00000000000000 xca-RELEASE.2.9.0/misc/eku.text000066400000000000000000000005321477156507700160240ustar00rootroot00000000000000serverAuth clientAuth codeSigning emailProtection timeStamping msCodeInd msCodeCom msCTLSign msSGC msEFS nsSGC msEFSFR ipsecEndSystem ipsecTunnel ipsecUser iKEIntermediate msSmartcardLogin OCSPSigning id-kp-eapOverPPP id-kp-eapOverLAN pkInitKDC pkInitClientAuth secureShellClient adobePDFSigning msofficeSigning driveEncryption dataRecoveryAgent xca-RELEASE.2.9.0/misc/entitlement-appstore-compliant.plist000066400000000000000000000005761477156507700235660ustar00rootroot00000000000000 com.apple.security.app-sandbox com.apple.security.files.user-selected.read-write com.apple.application-identifier HWR8GSJ73M.de.hohnstaedt.xca xca-RELEASE.2.9.0/misc/entitlement.plist000066400000000000000000000006431477156507700177420ustar00rootroot00000000000000 com.apple.security.network.client com.apple.security.files.user-selected.read-write com.apple.security.cs.disable-library-validation com.apple.security.smartcard xca-RELEASE.2.9.0/misc/oids.text000066400000000000000000000017021477156507700161760ustar00rootroot00000000000000 # OID short name long name 1.3.6.1.4.1.311.20.2: dom: Domain Controller 1.3.6.1.4.1.311.21.1: MsCaV: Microsoft CA Version 1.3.6.1.4.1.311.10.3.4.1:msEFSFR: Microsoft EFS File Recovery 1.3.6.1.5.5.8.2.2: iKEIntermediate: IP security end entity 0.2.262.1.10.7.20: nameDistinguisher: Name distinguisher # RFC 4334 1.3.6.1.5.5.7.3.13: id-kp-eapOverPPP: EAP over PPP 1.3.6.1.5.5.7.3.14: id-kp-eapOverLAN: EAP over Lan 1.3.6.1.5.2.3.5: pkInitKDC: Signing KDC Response 1.3.6.1.5.5.7.3.21: secureShellClient: SSH Client 1.3.6.1.5.2.3.4: pkInitClientAuth: PKINIT Client Auth # document signing 1.2.840.113583.1.1.5: adobePDFSigning: Adobe PDF Signing 1.3.6.1.4.1.311.10.3.12: msofficeSigning: Microsoft Office Signing # Microsoft BitLocker 1.3.6.1.4.1.311.67.1.1: driveEncryption: Microsoft BitLocker Drive Encryption 1.3.6.1.4.1.311.67.1.2: dataRecoveryAgent: Microsoft BitLocker Data Recovery Agent xca-RELEASE.2.9.0/misc/preamble.txt000066400000000000000000000003511477156507700166610ustar00rootroot00000000000000# The path of the user settings directory depends on the # operating system and version. # The path where XCA looks for this file is shown in the # "About" dialog of XCA as "User settings path" # # Do not edit this file, rather use: xca-RELEASE.2.9.0/misc/qsqlmysql.patch000066400000000000000000000027601477156507700174260ustar00rootroot00000000000000diff --git a/qtbase/src/plugins/sqldrivers/mysql/CMakeLists.txt b/qtbase/src/plugins/sqldrivers/mysql/CMakeLists.txt index fb28abd9..d7a3f2da 100644 --- a/qtbase/src/plugins/sqldrivers/mysql/CMakeLists.txt +++ b/qtbase/src/plugins/sqldrivers/mysql/CMakeLists.txt @@ -21,4 +21,3 @@ qt_internal_add_plugin(QMYSQLDriverPlugin Qt::SqlPrivate ) -qt_internal_force_macos_intel_arch(QMYSQLDriverPlugin) diff --git a/qtbase/src/plugins/sqldrivers/mysql/qsql_mysql.cpp b/qtbase/src/plugins/sqldrivers/mysql/qsql_mysql.cpp index 3525c257..84081b22 100644 --- a/qtbase/src/plugins/sqldrivers/mysql/qsql_mysql.cpp +++ b/qtbase/src/plugins/sqldrivers/mysql/qsql_mysql.cpp @@ -1288,6 +1288,12 @@ bool QMYSQLDriver::open(const QString &db, #endif #if defined(MYSQL_VERSION_ID) && MYSQL_VERSION_ID >= 50711 && !defined(MARIADB_VERSION_ID) {"MYSQL_OPT_SSL_MODE"_L1, MYSQL_OPT_SSL_MODE, setOptionSslMode}, +#endif +#if defined(MARIADB_VERSION_ID) + {"MYSQL_OPT_SSL_ENFORCE"_L1, MYSQL_OPT_SSL_ENFORCE, setOptionBool}, + {"MYSQL_OPT_SSL_VERIFY_SERVER_CERT"_L1, MYSQL_OPT_SSL_VERIFY_SERVER_CERT, setOptionBool}, + {"MARIADB_OPT_TLS_PEER_FP"_L1, MARIADB_OPT_TLS_PEER_FP, setOptionString}, + {"MARIADB_OPT_TLS_PEER_FP_LIST"_L1, MARIADB_OPT_TLS_PEER_FP_LIST, setOptionString}, #endif {"MYSQL_OPT_CONNECT_TIMEOUT"_L1, MYSQL_OPT_CONNECT_TIMEOUT, setOptionInt}, {"MYSQL_OPT_READ_TIMEOUT"_L1, MYSQL_OPT_READ_TIMEOUT, setOptionInt}, xca-RELEASE.2.9.0/misc/xca.completion000066400000000000000000000002321477156507700171750ustar00rootroot00000000000000 _XCA_WORDS="$(XCA_ARGUMENTS=completion xca)" _xca() { COMPREPLY=($(compgen -f -W "$_XCA_WORDS" -- "${COMP_WORDS[COMP_CWORD]}")) } complete -F _xca xca xca-RELEASE.2.9.0/misc/xca.rc000077500000000000000000000001011477156507700154260ustar00rootroot00000000000000IDI_APPICON ICON DISCARDABLE "img\key.ico" xca-RELEASE.2.9.0/misc/xca.wxs000066400000000000000000000262351477156507700156600ustar00rootroot00000000000000 WIXUI_EXITDIALOGOPTIONALCHECKBOX = 1 and NOT Installed xca-RELEASE.2.9.0/misc/xca.xml000066400000000000000000000006601477156507700156310ustar00rootroot00000000000000 XCA database XCA template xca-RELEASE.2.9.0/release/000077500000000000000000000000001477156507700150175ustar00rootroot00000000000000xca-RELEASE.2.9.0/release/binary-hashes.json000066400000000000000000000157571477156507700204660ustar00rootroot00000000000000{ "setup_xca-1.3.0.exe": "c8695943ec3a3066c867c2370bc99f79fd7ebba6b2f1ad37bf467d07649892a4", "xca-1.3.0.dmg": "4a3ce20b302c400d431613c17e27dcf9468b61c2eac936b87bc0ce3e34519cd4", "xca-1.3.0.tar.gz": "ef5b6e4ed93abb02eb53925edd222bfeb5c26a3b0698af90a416d8e92869414c", "setup_xca-1.3.1.exe": "84052c8f9832b176052d5d0f3ac74de7c3764385467d823d9577bff02858bd28", "xca-1.3.1.dmg": "d1abde80b27ade30a465ba063921cbd744aa83e0730c1a8e1d558e783b9cad6f", "xca-1.3.1.tar.gz": "c2dd8d79b37440126d9fe7281e8c6802b95537c50ad464f6f7799ffa81aa3d83", "setup_xca-1.3.2.exe":"99f68030520c64f52026f09a18a6fca8f6c7dfd570d174eba0aedb301f276080", "xca-1.3.2.dmg": "8117821eef637c3fb78ce6e583fe0a3e667c714525e992b37d4d977a279a967e", "xca-1.3.2.tar.gz": "04f11f2148c8369c1a1b4e109956ed8cc807ec266d0d936410624ba8ee4b5ce4", "setup_xca-1.4.0.exe":"676eaf24348a76bc311db959694c88be86386395686ba05fc1e63f985292aaf6", "xca-1.4.0.dmg": "21d3f6e8199918173a188987de093dc9f16a867ccefb8c348950bb7d843cb1d8", "xca-1.4.0.tar.gz": "ffd4bf247ef49b9977c3166bf9e3269fb96d869ef59877810f794849a791cfbf", "setup_xca-1.4.1-pre02.exe":"54152b8852108e2578b68c2fdeadb469855cf9d596076fd42ce33397120111fd", "xca-1.4.1-pre02.dmg":"a0ad3691ef722c53153ef0e2cb4907582c77548c1084c5771f964358d52b5f0f", "xca-1.4.1-pre02.tar.gz":"619fcd13267c3f4c194003d65c37a534cb1ee1068b5d877e7d17027447f19e4a", "setup_xca-1.4.1.exe":"f2caa3a7aa8c474d546531fbf03ca394069214ca63e8d980c7ea61085a73967f", "xca-1.4.1.dmg":"6d76ac92774d6bc336b1ac21a5bfeb6c83d2426421a39a9fd7b22ef16cd894cb", "xca-1.4.1.tar.gz":"7898ff900d7e1b9b176edc2ce0d16b7bbe593e29b06518ce9d5c7b52c58cd186", "setup_xca-2.0.0-pre01.exe":"c38a844297527e6154f6dc081622cb51251ee9d4f645cab35ed8817a5968d183", "xca-2.0.0-pre01.dmg":"7b84141e86275da53c710067320afa17665824b229766f65e9be52e3bf65f231", "xca-2.0.0-pre01.tar.gz":"6db93a73300cd1c717117223f992847755ab8cf98539baee9aa8c25ca1ea276f", "setup_xca-2.0.0-pre02.exe":"9bb3de4f4b1f4e6c1ba3cc424e25dbf0ea00745a8feb9718ae8bdeae21b10d5c", "xca-2.0.0-pre02.dmg":"c37ab9718a8d76dd5f3bf2d16db0d00059614476548949df2155374da30b1bb0", "xca-2.0.0-pre02.tar.gz":"38849ab27e69e4ed954361e2d3bf856ad3f23289957901b6105943d14743f144", "setup_xca-2.0.0-pre03.exe":"4ef1274b2112f16395bf26f36f15c06122dbcd483386fb228d7d07f7abc8acfe", "xca-2.0.0-pre03.dmg":"5bd77be6a5a25552c8cfda36441d87c2c5538fb107aa9359e919addb1708bfde", "xca-2.0.0-pre03.tar.gz":"42ba9eb3e884cd29188ea75face6e8c653f31459047afd478a1a088a628043d8", "setup_xca-2.0.0-pre04.exe":"5464c91e965d6c250b3e877ca443323ec7380760b4590affa23b90b93d834e83", "xca-2.0.0-pre04.dmg":"2d805e99ac47e6ede577c8e3794c867d5eb636a5afaa140287b7f3ea139fc40d", "xca-2.0.0-pre04.tar.gz":"211c85e9e25145c95fa03d5c80e0f5e15a312ad010c1595cc3a0770cd1a22975", "setup_xca-2.0.0.exe":"300bba922d4720df20ef412a0956cef2348f6f01eda161a9d65667fc0ad427f1", "xca-2.0.0.dmg":"2fa713dc2d4edc55fdde7714d32f953939b6a43597a20601c08614e5270f3d8d", "xca-2.0.0.tar.gz":"881438542d43ede935dace87b50e2a15eccf6ab63f2fe6f2908ced940e9d9a19", "setup_xca-2.0.1.exe":"aefd79221d8148f06a2d38a968fc1b22a025b0aea649db3c7bc7dc245516315b", "xca-2.0.1-High-Sierra.dmg":"6432f049855aadabf4c358f03f448ebc5722528c98cb50e0fa087908fcfe2763", "xca-2.0.1.tar.gz":"4aefcb113bc464af9bf72cea7b760b3e996bc745746e18f9934030595866de89", "setup_xca-2.1.0.exe":"b519aec836d9d4888a2606dc1f3b40077ed17f67caf73ce8b8b3b38f7ccb71db", "xca-2.1.0.dmg":"ad90848e29f199d5b9957e6f8c92bb0de38b8cc869c61ecb707b4199c68bee89", "xca-2.1.0.tar.gz":"9d6adf3f6ae8a471a6f5fa3b76b98bf1c09baddb60847ceeae597aab400e36c9", "setup_xca-2.1.1.exe":"42635b17c3a92b3aa4bc59307a80225cbfa7c553957c1dd59c1fd3aeee022df0", "xca-2.1.1.dmg":"d376bba09657477a20b89b324154c7a76bd3360df37488153727f5d0861a857f", "xca-2.1.1.tar.gz":"6c410e4f7e340681284059d2b7f46828e08dce6ff64e4a48baa02239c2f9d2de", "setup_xca-2.1.2.exe":"8dbdabde2df929019a8f3ce7bd7e1b5de180076edb4ccd5c76625d90fb97e3c0", "xca-2.1.2.dmg":"1cb7d23045ef64b2c30ce927a40d4bcae20b776aa0c94e067029b3b6be63bc49", "xca-2.1.2.tar.gz":"fc845470a02b0b4534b46590be307f784662071fc412fdcad605c3bce901fe05", "xca-portable-2.1.2.zip":"37d2e315dc36c7060a50dd7203339dfa8c8b43cea34f340d456a900a6e5232a6", "xca-2.2.0.dmg":"0f4539d4ce90dc7881afd58c09cc8d7480b341a66017d862ae19c1cbab21dc0a", "xca-2.2.0.msi":"44cdd4df0369d36e0063a86a3cb5713575a41627c92cd7412b39071e3b5794de", "xca-2.2.0.tar.gz":"b07ffbe5ca8e3fbb7c5ad2ef5a0f7c022b3c4a55f1dd41fab5b076992db07b61", "xca-portable-2.2.0.zip":"2bd5c3cc1b428014a038df09d0f6d11399316b3d8de09fe935b317f000b257fb", "xca-2.2.1.dmg":"329b71d8ab203317198cc502a61174db7c56f24caa8688947282bacf24cd3e9b", "xca-2.2.1.msi":"45c797871a611abd4a8f2bf353c56aabb4242f776b11aec7d2651a5bcb36a447", "xca-2.2.1.tar.gz":"82941071e35bc534a13056315341435b4e31226077c318c491c0f88da43bdf78", "xca-portable-2.2.1.zip":"4c033d11a0c21b2dd46df67a2a0e86bbadd757f17983c2982e32a468f33981aa", "xca-2.3.0.dmg":"798dcad616837b33ad7a92f6f62a7afba3d9eb049ad26ecccfc8747c8ac9d551", "xca-2.3.0.msi":"a3d2295af4720455f20c366bd5c2c5a50625abab97b0209618e8a1e3c3c71168", "xca-2.3.0.tar.gz":"3d168a225efaf9b2213e9ad2ba0abbccfcad139181dd2be668c2bbe21955a248", "xca-portable-2.3.0.zip":"4a70dc13a20d5f749f5519f0b0aa5d83698b2b6cd39d365940288e48f36fb260", "xca-2.4.0.dmg":"1fb5fa69759f9bfd15e0a8ddabc6b9e2cf52e9c41ad2346b2f4c293d950c6bc4", "xca-2.4.0.msi":"3479fe69feed931ce4e8a9945c6cc30b0f1a947980a2288fdbdd7faf1d78ec59", "xca-2.4.0.tar.gz":"66da8954fe9709ace965c6fcb1cfbb7b08ce75b7222988acb9e2b8b5fac7cf10", "xca-portable-2.4.0.zip":"35fa8e4c973a899bc360da3b313ba1172a36eabb1d82deed0cfafda244de65a3", "xca-2.5.0-Darwin.dmg":"0042758b99d09aa254d721e1e94fd97adfc186727891093e9eeec4d18e9d734f", "xca-2.5.0-win64.msi":"6a3a67e4fc96c6fb4d007b883f373b9cb26613b35a90cfcb614a3e859ce3d758", "xca-2.5.0.tar.gz":"b50ef50c4850a1c1d20fce41971783cb0a2fb9155caa05300029b28b53311d37", "xca-portable-2.5.0.zip":"5eaf8764160f41243aedb3ed2fbf0970995b0732f21113070b4d226f158c5a56", "xca-2.6.0-Darwin.dmg":"34caf717016921c19707719db35c967c2b18fe59efca76473a9008f7d462ba9b", "xca-2.6.0-win64.msi":"fdc03e4546fb44ac69f4703419cb8fcce4cc6ff094d3aba2745f17b544dcf3eb", "xca-2.6.0.tar.gz":"55a39f22eabadcce4532ebfcf07f796372bdb0d323720db6b6e0deaf267b1709", "xca-portable-2.6.0.zip":"1cff363a7772d6e33faa50b4c24eb0def9778567514c218e7a78fd50edb2b6de", "xca-2.7.0-Darwin.dmg":"14652229069a75c7c2346d1c67bc84136c12ed95caced7bff2548b0debb8d066", "xca-2.7.0-win64.msi":"f32c7a13fa67f978b005b1172d8627e70909e70bc56eca6b8da3d08be58282ca", "xca-2.7.0.tar.gz":"15ff6fbe4c004ac2ad18885ab35ae6940364a8246d5fe8562a41312fe45ec15e", "xca-portable-2.7.0.zip":"44202a13ca29d59dc5b31e8b6e66ec7c80bf2d2d450dfb2b4296936f3d805700", "xca-2.8.0-Darwin.dmg":"c53c6cee47572bdfc68d9090c1268e406fdb73384cc240119cf069ac8c8ddf76", "xca-2.8.0-win64.msi":"67d6d36411b29f94e50b013f27ba851cf26f3aa08cffab9cf5412120a7e7771f", "xca-2.8.0.tar.gz":"87955987ad6e05ba3dcac826cd22f7d9cedf00e4a409a1931e94e5347e79a7d0", "xca-portable-2.8.0.zip":"ca8bbc72e278e96b34237bdd26de7300f5561e332ffc3c02cda832582e581721", "last":"" } xca-RELEASE.2.9.0/release/build-mac.sh000077500000000000000000000125441477156507700172210ustar00rootroot00000000000000#!/bin/sh -e set -x do_openssl() { test -x $INSTALL_DIR/lib/libcrypto.dylib && return test -f "$OSSL".tar.gz || curl -L -O https://github.com/openssl/openssl/releases/download/$OSSL/${OSSL}.tar.gz test -d "$OSSL" || tar zxf "$OSSL".tar.gz mkdir -p ${INSTALL_DIR}/lib for arch in x86_64 arm64; do mkdir -p "${OSSL}-${arch}" (cd ${OSSL}-${arch} ../$OSSL/Configure darwin64-${arch}-cc shared no-module \ --prefix="${INSTALL_DIR}" \ -mmacosx-version-min="$SDK" make -j $JOBS build_libs && make install_sw ) PARTS_crypto="$PARTS_crypto ${OSSL}-${arch}/libcrypto.${OSSL_MAJOR}.dylib" PARTS_ssl="$PARTS_ssl ${OSSL}-${arch}/libssl.${OSSL_MAJOR}.dylib" done rm -f "$INSTALL"/lib/libcrypto.${OSSL_MAJOR}.dylib \ "$INSTALL"/lib/libssl.${OSSL_MAJOR}.dylib lipo -create -output "$INSTALL_DIR"/lib/libcrypto.${OSSL_MAJOR}.dylib $PARTS_crypto lipo -create -output "$INSTALL_DIR"/lib/libssl.${OSSL_MAJOR}.dylib $PARTS_ssl } do_zstd() { ZSTDV=1.5.6 ARCHIVE=zstd-${ZSTDV}.tar.gz test -f $ARCHIVE || curl -L https://github.com/facebook/zstd/archive/refs/tags/v${ZSTDV}.tar.gz -o ${ARCHIVE} ZBUILD=zstd-$ZSTDV tar -zxf ${ARCHIVE} (cd "$ZBUILD" export CFLAGS="-arch x86_64 -arch arm64 -mmacosx-version-min=$SDK" export PREFIX="$INSTALL_DIR" make -j$JOBS && make install unset CFLAGS PREFIX ) } do_mariadb_connector_c() { REPO=mariadb-connector-c-3.4.1-src ARCHIVE=${REPO}.tar.gz test -f $ARCHIVE || curl -LO https://mirror.kumi.systems/mariadb/connector-c-3.4.1/$ARCHIVE test -d $REPO || tar zxf "$ARCHIVE" B="$TOP_DIR/mariadb-build" mkdir -p ${B} cmake -B ${B} -DCMAKE_C_FLAGS=-Wno-deprecated-non-prototype \ -DCMAKE_BUILD_TYPE=RelWithDebInfo \ -DCMAKE_OSX_ARCHITECTURES="arm64;x86_64" \ -DCMAKE_PREFIX_PATH="$INSTALL_DIR" \ -DINSTALL_LIBDIR=lib -DCMAKE_MACOSX_RPATH=1 \ -DWITH_EXTERNAL_ZLIB=OFF \ -DCMAKE_OSX_DEPLOYMENT_TARGET=$SDK \ -S $TOP_DIR/$REPO cmake --build ${B} -j$JOBS cmake --install ${B} --prefix="$INSTALL_DIR" } do_postgres() { PGV=17.4 ARCHIVE=postgresql-$PGV.tar.gz test -f $ARCHIVE || curl -L https://ftp.postgresql.org/pub/source/v$PGV/$ARCHIVE -O tar -zxf ${ARCHIVE} (cd postgresql-$PGV CFLAGS="-arch x86_64 -arch arm64 -mmacosx-version-min=$SDK" \ ./configure --with-ssl=openssl --without-icu --prefix="${INSTALL_DIR}" \ --with-includes="$INSTALL_DIR"/include --with-libraries="$INSTALL_DIR"/lib make -j$JOBS && make install ) } # need to install ninja via "brew install ninja" do_qsql() { PLUGIN="$QT_DIR/plugins/sqldrivers/libqsqlmysql.dylib" # test -f "$PLUGIN" && return SQL_BUILD="$TOP_DIR/build-sqlplugins" ( cd "$QT_DIR/../Src/qtbase" ./configure -cmake-generator Ninja -release -no-feature-x86intrin -sql-mysql -sql-psql \ CMAKE_BUILD_TYPE=Release \ CMAKE_PREFIX_PATH="$INSTALL_DIR" \ CMAKE_OSX_DEPLOYMENT_TARGET=$SDK \ ) rm -rf "$SQL_BUILD" mkdir -p "$SQL_BUILD" cmake -B $SQL_BUILD -G "Ninja" \ -DCMAKE_OSX_ARCHITECTURES="arm64;x86_64" \ -DCMAKE_INSTALL_PREFIX="$QT_DIR" \ -DCMAKE_OSX_DEPLOYMENT_TARGET=$SDK \ -DMySQL_ROOT="$INSTALL_DIR" \ -DPostgreSQL_ROOT="$INSTALL_DIR" \ -DFEATURE_sql_odbc=OFF -DFEATURE_sql_sqlite=OFF \ "$QT_SQL_SRC" cmake --build $SQL_BUILD -j$JOBS cmake --install $SQL_BUILD # Replace @rpath name by full path in the installed file, # to trigger macdeployqt to pick up this library. # This is a hack, but it works. we need to revert it # after macdeployqt has run. install_name_tool -change @rpath/libmariadb.3.dylib \ "$INSTALL_DIR"/lib/libmariadb.3.dylib \ $QT_DIR/plugins/sqldrivers/libqsqlmysql.dylib file $QT_DIR/plugins/sqldrivers/libqsqlmysql.dylib otool -L $QT_DIR/plugins/sqldrivers/libqsqlmysql.dylib } OSSL_MAJOR="3" OSSL="openssl-3.4.1" XCA_DIR="$(cd `dirname $0`/.. && pwd)" TOP_DIR="`dirname $XCA_DIR`" QT_DIR="$TOP_DIR/6.8.3/macos" QT_SQL_SRC="$QT_DIR/../Src/qtbase/src/plugins/sqldrivers" BUILDDIR="$TOP_DIR/osx-release-dmg" BUILDDIR_APPSTORE="$TOP_DIR/osx-release-appstore" INSTALL_DIR="$TOP_DIR/install" SDK="11.0" JOBS=7 cd $TOP_DIR do_openssl #do_zstd #do_mariadb_connector_c #do_postgres # aqt install-src mac 6.8.3 --archives qtbase if grep qt_internal_force_macos_intel_arch $QT_SQL_SRC/mysql/CMakeLists.txt; then (cd $QT_SQL_SRC && patch -p5 < $XCA_DIR/misc/qsqlmysql.patch) fi do_qsql cmake -B "$BUILDDIR" "$XCA_DIR" \ -DCMAKE_OSX_ARCHITECTURES="arm64;x86_64" \ -DCMAKE_PREFIX_PATH="$QT_DIR/lib/cmake;$INSTALL_DIR" \ -DCMAKE_BUILD_TYPE=Release \ -DCMAKE_OSX_DEPLOYMENT_TARGET=$SDK cmake --build "$BUILDDIR" -j$JOBS (cd "$BUILDDIR" && cpack) ######## Create the AppStore Package cmake -B "$BUILDDIR_APPSTORE" "$XCA_DIR" \ -DCMAKE_OSX_ARCHITECTURES="arm64;x86_64" \ -DCMAKE_PREFIX_PATH="$QT_DIR/lib/cmake;$INSTALL_DIR" \ -DCMAKE_OSX_DEPLOYMENT_TARGET=$SDK \ -DAPPSTORE_COMPLIANT=ON \ -DCMAKE_BUILD_TYPE=Release \ -DPROVISIONPROFILE="$TOP_DIR/XCA_AppStore_Provisioning.provisionprofile" read xca_version < "$BUILDDIR_APPSTORE"/PKGVERSION.txt cmake --build "$BUILDDIR_APPSTORE" -j$JOBS productbuild --component "$BUILDDIR_APPSTORE/xca.app" /Applications \ --sign "3rd Party Mac Developer Installer" "$BUILDDIR_APPSTORE/xca-${xca_version}-appstore.pkg" if find "${BUILDDIR_APPSTORE}/xca.app" "${BUILDDIR}/xca.app" -name "*.dylib" | xargs otool -L | grep -e "/Applications/\|\t$HOME" then echo echo "Error: some libraries are linked to /Applications or $HOME" exit 1 fi xca-RELEASE.2.9.0/release/build-w64.bat000066400000000000000000000002411477156507700172210ustar00rootroot00000000000000REM Build xca on Windows set BUILD=build cmake -B %BUILD% -G "MinGW Makefiles" xca cmake --build %BUILD% -j5 cmake --build %BUILD% -t install cd %BUILD% cpack xca-RELEASE.2.9.0/release/build-w64.sh000066400000000000000000000014371477156507700170750ustar00rootroot00000000000000#!/bin/sh # in C:\msys64\msys2.ini: MSYS2_PATH_TYPE=inherit # pacman -S vim make zip # Build xca on Windows do_openssl() { test -f $INSTALL_DIR/bin/libcrypto-3-x64.dll && return test -f "$OSSL".tar.gz || curl -L -O https://www.openssl.org/source/"$OSSL".tar.gz test -d "$OSSL" || tar zxf "$OSSL".tar.gz cd "$OSSL" ./Configure mingw64 --prefix=$INSTALL_DIR --libdir=lib no-module make -j4 make install } OSSL="openssl-3.4.1" XCA_DIR="$(cd `dirname $0`/.. && pwd)" TOP_DIR="`dirname $XCA_DIR`" BUILDDIR="$TOP_DIR/w64-release" INSTALL_DIR="$TOP_DIR/OpenSSL" JOBS=7 cd $TOP_DIR do_openssl cd $TOP_DIR cmake -B "$BUILDDIR" -G "MinGW Makefiles" -DCMAKE_PREFIX_PATH="$INSTALL_DIR" $XCA_DIR cmake --build "$BUILDDIR" -j$JOBS cmake --build "$BUILDDIR" -t install cd "$BUILDDIR" && cpack xca-RELEASE.2.9.0/release/flatpak.txt000066400000000000000000000003531477156507700172030ustar00rootroot00000000000000 export B=flatpak-build export YAML=misc/de.hohnstaedt.xca.yaml export REPO=xca-origin flatpak-builder --force-clean $B $YAML flatpak-builder --force-clean --user --install $B $YAML flatpak-builder --force-clean --repo=$REPO $B $YAML xca-RELEASE.2.9.0/release/gen-binary-hash000077500000000000000000000004521477156507700177220ustar00rootroot00000000000000#!/bin/sh set -ex hashes="$(dirname $0)/binary-hashes.json" export dir="$1" ( head -n -2 test -z "$dir" || cd $dir sha256sum *xca* | while read md file; do echo ' "'$file'":"'$md'",' done cat <<-EOF "last":"" } EOF ) < "$hashes" > "$hashes".tmp && mv "$hashes".tmp "$hashes" xca-RELEASE.2.9.0/release/git.publish000077500000000000000000000010231477156507700171710ustar00rootroot00000000000000#!/bin/sh set -e test -s VERSION.txt && test -s changelog && test -s README.md test -d .git read TVERSION < VERSION.txt export TVERSION releasedir="$HOME/xca-$TVERSION" ./release/gen-binary-hash "$releasedir" git commit -a -m "Release XCA $TVERSION done" ./release/github.release.py "$TVERSION" "${releasedir}/"xca*"$TVERSION"* cat << EOF After verifying the commits, tags and github release, finally do: git push origin --tags main scp -r ${releasedir}/html hohnstaedt.de:xca-doc/ Un-draft the release on github EOF xca-RELEASE.2.9.0/release/git.release000077500000000000000000000032301477156507700171450ustar00rootroot00000000000000#!/bin/sh set -e type git || exit 1 test -s VERSION.txt && test -s changelog && test -d ../qt export TVERSION="$1" commit=HEAD test -z "$2" || commit="$2" if test -z "$TVERSION"; then echo "usage: $0 [commit]" echo " if commit is omitted, 'HEAD' is used" exit 1 fi TAG="RELEASE.$TVERSION" if git tag | grep "$TAG"; then echo Tag $TVERSION already exists exit 1 fi if ! git diff-index --quiet HEAD --; then echo "You have local changes, please commit, reset or stash them" exit 1 fi lasttag=$(git describe --abbrev=0 HEAD) unset unchanged for i in changelog README.md; do if git diff --quiet "$lasttag" -- $i; then echo "File $i untouched since $lasttag" unchanged="x" fi done if test -n "$unchanged"; then echo "Are you sure to not change the file(s) above?" read a fi x=$(git grep "^xca $TVERSION " changelog || git grep "^$TVERSION\$" VERSION.txt || :) if test -n "$x"; then echo "$x" echo Release $TVERSION already exists exit 1 fi echo "$TVERSION" > VERSION.txt ( MSG=$(LANG=C date +"xca $TVERSION %a %b %d %Y") echo "$MSG" head -c ${#MSG} /dev/zero | tr '\0' '-' echo '\n' cat changelog ) > changelog.new mv changelog.new changelog sed -i "s|\(\)|\1\n |"\ misc/de.hohnstaedt.xca.metainfo.xml git commit VERSION.txt changelog misc/de.hohnstaedt.xca.metainfo.xml \ -m "Prepare XCA $TVERSION" git tag -a "$TAG" -m "Release version $TVERSION" # Create the tar.gz git archive --format=tar.gz --prefix=xca-$TVERSION/ --output xca-$TVERSION.tar.gz "$TAG" releasedir="$HOME/xca-$TVERSION" mkdir -p "$releasedir" cp xca-$TVERSION.tar.gz "$releasedir" xca-RELEASE.2.9.0/release/git.release.something000077500000000000000000000013131477156507700211410ustar00rootroot00000000000000#!/bin/sh set -e type git || exit 1 export TVERSION="$1" commit=master test -z "$2" || commit="$2" if test -z "$TVERSION"; then echo "usage: $0 [commit]" echo " if commit is omitted, 'master' is used" exit 1 fi if ! git diff-index --quiet HEAD --; then echo "You have local changes, please commit, reset or stash them" exit 1 fi branchname="build-$TVERSION" git checkout -b "$branchname" "$commit" echo "$TVERSION" > VERSION.txt git commit VERSION.txt -m "$TVERSION" git tag RELEASE.$TVERSION # Create the tar.gz make dist # Return to master git checkout master # Cleanup # Delete temporary branch git branch -D "$branchname" # Delete the temporary tag git tag -d RELEASE.$TVERSION xca-RELEASE.2.9.0/release/github.release.py000077500000000000000000000020521477156507700202740ustar00rootroot00000000000000#!/usr/bin/python3 import sys import requests import json import os import re readme = open("README.md", "r").read() #.replace('\n', '\\n').replace('"','\\"') user = "chris2511" if len(sys.argv) < 2: print("Usage: " + sys.argv[0] + " full-path-binaries ... ") exit(1) version = sys.argv[1] url = 'https://api.github.com/repos/' + user + '/xca/releases' data = { "tag_name" : "RELEASE." + version, "target_commitish": "master", "name": "XCA " + version, "body": readme, "draft": True, "prerelease": True } passwd = input("Github token for " + user + ": ") r = [] response = requests.post(url, json=data, auth=(user, passwd)) r.append(response.json()) upload_url = response.json().get('upload_url') print(upload_url) headers = {'Content-Type': 'text/plain'} for file in sys.argv[2:]: name = re.sub(".*/", "", file) url = upload_url.replace("{?name,label}", "?name=" + name) print("Upload", file) response = requests.post(url, headers=headers, data=open(file, 'rb'), auth=(user, passwd)) r.append(response.json()) print(r) xca-RELEASE.2.9.0/release/osslsign.sh000077500000000000000000000020441477156507700172170ustar00rootroot00000000000000#!/bin/sh set -x V="${1##*xca-}" V="${V%%-*}" case "$OSTYPE" in darwin*) engine=/opt/homebrew/lib/engines-3/pkcs11.dylib module=/usr/local/lib/libSimplySignPKCS.dylib ;; linux*) engine=/usr/lib/x86_64-linux-gnu/engines-3/libpkcs11.so module=/opt/SimplySignDesktop/SimplySignPKCS_64-MS-1.0.20.so ;; *) echo "Unknown operating system $OSTYPE" esac pkcs11_id="9d8aad00d9fa2bc1f104e9744108d4551b53d2b7" do_sign() { echo "#### Signing $1" osslsigncode sign \ -key "$pkcs11_id" -pkcs11cert "$pkcs11_id" \ -pkcs11engine "$engine" -pkcs11module "$module" \ -n "XCA ${V}" -i https://hohnstaedt.de/xca \ -t http://timestamp.comodoca.com -h sha2 \ -in "${1}" -out "${1}.signed" && mv "${1}.signed" "${1}" } case "$1" in xca-portable-*.zip) unzip "$1" for file in xca-portable-*/lib*.dll xca-portable-*/xca.exe; do test -f "$file" do_sign "$file" done rm -f "$1" zip "$1" xca-portable-* ;; *.msi|*.exe) do_sign "$1" ;; *) echo "Unexpected file : $1" ;; esac xca-RELEASE.2.9.0/release/release.txt000066400000000000000000000020571477156507700172040ustar00rootroot00000000000000Release schedule cheat sheet - Test, test, test - Test again - Check - ign_openssl_error() - for TRACE - update translation (cmake -B . && cmake --build . -t trans) - update changelog.txt and README.md - ./release/git.release VERSION - Create xca.dmg - Create (and sign) MSI Installer and portable app - update xca.hohnstaedt.de: scp changelog git.hohnstaedt.de:/var/cache/git/projects/changelog.txt - ./release/git.publish Apple Notarization ------------------------ https://developer.apple.com/documentation/xcode/notarizing_macos_software_before_distribution/customizing_the_notarization_workflow DMG=xca-2.4.0-High-Sierra.dmg xcrun notarytool submit "$DMG" --keychain-profile "AC_PASSWORD" --key-id HWR8GSJ73M --wait xcrun stapler staple "$DMG" MS Code signing --------------- Currently only works on MAC.... ./release/osslsign.sh xca-portable-*.zip ./release/osslsign.sh xca-*.msi Microsoft Store ----------------- OpenSSL: ./Configure mingw64 --prefix=/c/OpenSSL --libdir=lib https://partner.microsoft.com ("Partner Center") MSIX Packaging Tool xca-RELEASE.2.9.0/test/000077500000000000000000000000001477156507700143565ustar00rootroot00000000000000xca-RELEASE.2.9.0/test/CMakeLists.txt000066400000000000000000000011321477156507700171130ustar00rootroot00000000000000 list(APPEND srcs PwDialogMock.h importPEM.cpp main.cpp main.h newKey.cpp pem.cpp export.cpp renewal.cpp validity.cpp) list(TRANSFORM srcs PREPEND ${PROJECT_SOURCE_DIR}/test/) add_executable(testxca img/imgres.qrc ${srcs} ${UI_FILES} ${PROJECT_BINARY_DIR}/local.h) add_test(NAME testxca COMMAND testxca) set_tests_properties(testxca PROPERTIES LABELS gui) add_dependencies(tests testxca) target_link_libraries(testxca ${ASAN_LIB} ${QT}::Test xcalib) target_link_options(testxca PRIVATE -pthread) if (APPLE) target_link_libraries(testxca ${IOKIT_LIBRARY} ${COREFOUNDATION_LIBRARY} ) endif() xca-RELEASE.2.9.0/test/PwDialogMock.h000066400000000000000000000024611477156507700170520ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2023 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PWDIALOGMOCK_H #define __PWDIALOGMOCK_H #include #include "lib/debug_info.h" #include "lib/PwDialogCore.h" class pw_expect { public: bool write; bool abort; pass_info pi; Passwd pass_return; enum open_result result; pw_expect(const char *p, enum open_result r) : write(false), abort(false), pi(QString(), QString()), pass_return(), result(r) { pass_return = p; } }; class PwDialogMock: public PwDialogUI_i { enum open_result execute(pass_info *p, Passwd *passwd, bool write = false, bool abort = false) { if (pw_expectations.size() <= expect_idx) return open_abort; pw_expect *pwe = pw_expectations[expect_idx++]; pwe->write = write; pwe->abort = abort; pwe->pi.setTitle(p->getTitle()); pwe->pi.setDescription(p->getDescription()); qWarning() << "PwDialogMock" << p->getDescription() << expect_idx << "Password:" << pwe->pass_return; *passwd = pwe->pass_return; return pwe->result; } ~PwDialogMock() { qDeleteAll(pw_expectations); } public: int expect_idx{}; QList pw_expectations{}; void setExpectations(const QList pwe) { qDeleteAll(pw_expectations); pw_expectations = pwe; expect_idx = 0; } }; #endif xca-RELEASE.2.9.0/test/export.cpp000066400000000000000000000571321477156507700164130ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2024 Christian Hohnstaedt. * * All rights reserved. */ #include #include #include #include #include #include #include "lib/pki_multi.h" #include "lib/db_x509.h" #include "lib/db_temp.h" #include "lib/pki_x509.h" #include "lib/pki_temp.h" #include "lib/xfile.h" #include "lib/database_model.h" #include #include "main.h" void check_pems(const QString &name, int n, QStringList matches = QStringList()) { int begin = 0, end = 0; qDebug() << "Expecting" << n << "PEMs in" << name; #if 0 // This is an endless loop: open_read() succeeds, // but isOpen returns false. Stop investigating, use POSIX open() XFile F(name); while (!F.isOpen()) { qDebug() << "OPEN" << name; F.close(); Q_ASSERT(F.open_read()); } QByteArray all = F.readAll(); #else int fd = open(qPrintable(name), O_RDONLY); Q_ASSERT(fd != -1); char buf[65536]; ssize_t ret = read(fd, buf, sizeof buf); Q_ASSERT(ret != -1); QByteArray all(buf, ret); close(fd); #endif qDebug() << "ALL" << name << all.size(); foreach(QByteArray b, all.split('\n')) { if (b.indexOf("-----BEGIN ") == 0) begin++; if (b.indexOf("-----END ") == 0) end++; QMutableStringListIterator i(matches); while (i.hasNext()) { QByteArray match = i.next().toUtf8(); if (b.indexOf(match) != -1) i.remove(); } } QCOMPARE(begin, n); QCOMPARE(end, n); foreach(QString m, matches) { qDebug() << QString("Pattern %1 not found in %2").arg(m).arg(name); } QCOMPARE(matches.size(), 0); } void verify_key(const QString &name, QList hashes, bool priv) { pki_multi *pems = new pki_multi(); QVERIFY(pems != nullptr); pems->probeAnything(name); QCOMPARE(pems->get().size(), hashes.size()); foreach (pki_base *pki, pems->get()) { unsigned hash = pki->hash(); qDebug() << pki->getIntName() << hash; QVERIFY2(hashes.contains(hash), qPrintable(QString("%1 not expected in %2 (%3)") .arg(pki->getIntName()) .arg(name).arg(hash) ) ); pki_key *key = dynamic_cast(pki); if (key) { QCOMPARE(key->isPrivKey(), priv); } } } void verify_file(const QString &name, QList hashes) { verify_key(name, hashes, false); } void verify_template(const QString &name) { pki_multi *pems = new pki_multi(); pems->probeAnything(name); QList temps = pems->pull(); QCOMPARE(temps.size(), 1); pki_temp *temp = dynamic_cast(temps[0]); QVERIFY(temp != nullptr); QCOMPARE(temp->getIntName(), "My Template Internal Name"); QCOMPARE(temp->getComment(), "My XCA TEMPLATE comment"); x509name xn = temp->getSubject(); QCOMPARE(xn.getEntryByNid(NID_commonName), "CA Template"); QCOMPARE(xn.getEntryByNid(NID_pkcs9_emailAddress), "mail@address.to"); } QJsonValue jsonFromFile(const QString &name) { QFile file(name); if (file.open(QIODevice::ReadOnly)) { QJsonDocument doc = QJsonDocument::fromJson(file.readAll()); return doc.object(); } return QJsonValue(); } QString urldecode(const QJsonValue &in) { if (!in.isString()) return QString(); QByteArray ba = in.toString().toLatin1(); return QByteArray::fromBase64(ba, QByteArray::Base64UrlEncoding).toHex(':').toUpper(); } void export_by_id(int id, const QString &name, QModelIndexList &list, db_base *db) { const pki_export *xport = pki_export::by_id(id); QVERIFY(xport != nullptr); XFile F(name); F.open_write(); if (xport->match_all(F_PEM)) { QString prefix = QString("%1\n").arg(xport->help); foreach (QModelIndex idx, list) { pki_base *pki = db_base::fromIndex(idx); QVERIFY(pki != nullptr); prefix += QString(" - %1[%2]\n") .arg(pki->getIntName()) .arg(pki->getTypeString()); } F.write(prefix.toUtf8()); } db->exportItems(list, xport, F); F.close(); } void test_main::exportFormat() { int l=0; QModelIndex idx; QModelIndexList list; QDir d; d.mkpath("testdata"); try { ign_openssl_error(); openDB(); dbstatus(); pki_multi *pem = new pki_multi(); QString all = pemdata["Inter CA 1"] + pemdata["Inter CA 1 Key"] + pemdata["Root CA"] + pemdata["Endentity"] + pemdata["CA CRL Test"] + pemdata["XCA Template"] + pemdata["SECP-521"]; pem->fromPEMbyteArray(all.toUtf8(), QString()); QCOMPARE(pem->failed_files.count(), 0); Database.insert(pem); dbstatus(); db_base *certs = Database.model(); QVERIFY(certs != nullptr); // Root CA as only item: No chain, no private key idx = certs->index(certs->getByName("Root CA")); list << idx; QCOMPARE(certs->exportFlags(idx) , F_CHAIN | F_PRIVATE); QCOMPARE(certs->exportFlags(list) , F_CHAIN | F_PRIVATE); // Inter CA 1: All export options permitted // Together with "Root CA" in "list": No chain, private or single idx = certs->index(certs->getByName("Inter CA 1")); list << idx; QCOMPARE(certs->exportFlags(idx) , 0); QCOMPARE(certs->exportFlags(list) , F_CHAIN | F_PRIVATE); // Endentity has no private key and id no CA idx = certs->index(certs->getByName("Endentity")); list << idx; QVERIFY(idx.isValid()); QCOMPARE(certs->exportFlags(idx) , F_PRIVATE | F_CA); pki_key *key = new pki_evp(); key->fromPEMbyteArray(pemdata["Endentity Key"].toUtf8(), QString()); openssl_error(); Database.insert(key); dbstatus(); // Endentity now has a private key, but is still no CA QCOMPARE(certs->exportFlags(idx) , F_CA); #define ROOT_HASH 531145749 #define INTER_HASH 376625776 #define END_HASH 94304590 #define EXPIRED_HASH 1359605174 #define ENDKEY_HASH 1121702347 #define ED25519_HASH 318722247 #define xstr(s) str(s) #define str(s) #s #define AUTOFILE(type) "testdata/" # type "_Line" xstr(__LINE__) ".data" ; const char *file = AUTOFILE(ALLCERT) // Export All certs in one PEM File export_by_id(3, file, list, certs); verify_file(file, QList { ROOT_HASH, INTER_HASH, END_HASH }); check_pems(file, 3); // Export 2 cert Chain from Inter CA1 file = AUTOFILE(CERTCHAIN) list.clear(); list << certs->index(certs->getByName("Inter CA 1")); export_by_id(2, file, list, certs); verify_file(file, QList { ROOT_HASH, INTER_HASH }); check_pems(file, 2); // Export 3 cert Chain from Endentity file = AUTOFILE(CERTCHAIN) list.clear(); list << certs->index(certs->getByName("Endentity")); export_by_id(2, file, list, certs); verify_file(file, QList { ROOT_HASH, INTER_HASH, END_HASH }); check_pems(file, 3); // Export Endentity + corresponding key file = AUTOFILE(CERTKEY) export_by_id(6, file, list, certs); verify_key(file, QList { END_HASH, ENDKEY_HASH }, true); check_pems(file, 2, QStringList { " RSA PRIVATE KEY-", " CERTIFICATE-" }); // Export Endentity + corresponding PKCS#8 key file = AUTOFILE(CERTPK8) pwdialog->setExpectations(QList{ new pw_expect("pass", pw_ok), new pw_expect("pass", pw_ok), }); export_by_id(7, file, list, certs); verify_key(file, QList { END_HASH, ENDKEY_HASH }, true); check_pems(file, 2, QStringList { " ENCRYPTED PRIVATE KEY-", " CERTIFICATE-" }); // Export OpenVPN format file = AUTOFILE(OPENVPN) export_by_id(4, file, list, certs); verify_key(file, QList { ROOT_HASH, INTER_HASH, END_HASH, ENDKEY_HASH }, true); check_pems(file, 5, QStringList { " RSA PRIVATE KEY-", " CERTIFICATE-", " CERTIFICATE-"," CERTIFICATE-", "", "", "", "", "", "", "", "", "", "" }); // Export Endentity as PKCS#7 file = AUTOFILE(CERTP7) export_by_id(8, file, list, certs); verify_file(file, QList { END_HASH }); check_pems(file, 0); // Export Endentity as PKCS#7 chain file = AUTOFILE(CERTP7) export_by_id(12, file, list, certs); verify_file(file, QList { ROOT_HASH, INTER_HASH, END_HASH }); check_pems(file, 0); // Export Endentity as DER certificate file = AUTOFILE(CERTDER) export_by_id(13, file, list, certs); verify_file(file, QList { END_HASH }); check_pems(file, 0); // Export Endentity as OpenVPN config file file = AUTOFILE(OPENVPNTA) export_by_id(39, file, list, certs); check_pems(file, 1, QStringList { "BEGIN OpenVPN Static key V1", "END OpenVPN Static key V1" }); // Revoke endentity pki_x509 *endentity = dynamic_cast(certs->getByName("Endentity")); QVERIFY(endentity != nullptr); x509rev rev; rev.setSerial(endentity->getSerial()); rev.setDate(a1time::now()); endentity->setRevoked(rev); QVERIFY(endentity->isRevoked()); // List must not be empty, but may contain anything list.clear(); list << certs->index(certs->getByName("Inter CA 1")); // Export unusable as PEM file = AUTOFILE(UNUSABLEPEM) export_by_id(40, file, list, certs); verify_file(file, QList { END_HASH, EXPIRED_HASH }); check_pems(file, 2); // Once more as PKCS#7 file = AUTOFILE(UNUSABLEP7) export_by_id(41, file, list, certs); verify_file(file, QList { END_HASH, EXPIRED_HASH }); check_pems(file, 0); // Export Endentity as JWK file = AUTOFILE(JWK) list.clear(); list << certs->index(certs->getByName("Endentity")); export_by_id(42, file, list, certs); QJsonValue jwk = jsonFromFile(file); QVERIFY(jwk.isObject()); QJsonObject o = jwk.toObject(); QCOMPARE(o["kty"].toString(), "RSA"); QCOMPARE(o["kid"].toString(), "Endentity"); QCOMPARE(urldecode(o["x5t"]), "4E:F9:9E:05:EF:7D:0D:DE:DB:A4:56:D6:86:93:49:11:58:FA:45:73"); QCOMPARE(urldecode(o["x5t#256"]), "2E:3C:84:81:13:00:0D:41:65:4E:60:B4:52:FA:D1:CB:C0:DF:26:A1:DD:0F:E8:AD:F4:84:24:7B:BF:9B:94:8F"); QCOMPARE(urldecode(o["n"]), "00:A6:83:93:C4:A8:8A:56:77:1C:E4:62:F4:C9:F8:A7:78:85:3B:8D:E8:7D:A6:CB:17:AF:17:59:D9:EB:82:DB:81:64:E0:E6:2C:05:E2:9C:49:6D:EB:67:9D:19:FA:3D:EB:2C:E1:49:07:41:DC:71:B6:ED:70:D1:C7:18:3E:A1:1F:57:52:55:3F:EC:1E:C1:8D:E4:C9:E4:B5:11:D3:74:12:43:6D:15:0B:CC:8A:7C:3D:BC:79:37:41:B8:3B:43:CD:61:61:72:26:D7:A8:8E:B6:F9:D0:5F:C6:F4:E2:C4:6D:2D:96:45:A8:8D:79:00:12:79:1C:6D:F0:D2:94:58:FE:E8:2E:7A:4F:9F:87:37:DA:C0:A1:FB:03:A5:57:02:59:8D:96:EF:57:2B:78:EE:53:6F:93:37:7A:4E:FD:6F:06:A0:8C:02:3C:CC:93:A7:82:0C:4C:35:15:98:06:27:AD:40:75:36:92:2F:1C:52:EA:3D:20:E7:64:0D:1D:EC:6B:CE:C0:0C:0B:53:90:38:D2:E0:B3:F0:FB:0E:D8:40:31:68:36:67:9B:F3:2D:7A:75:B9:95:B5:53:F4:01:2E:9C:2A:F0:18:69:61:73:20:40:B8:DA:F2:FA:CA:2A:E5:7F:AD:BA:FA:02:1F:54:BC:6E:69:48:79:9F:9D:5C:0F:99"); QCOMPARE(urldecode(o["e"]), "01:00:01"); QVERIFY(o["x5c"].isNull()); file = AUTOFILE(JWK5C) list.clear(); list << certs->index(certs->getByName("Endentity")); export_by_id(43, file, list, certs); jwk = jsonFromFile(file); QVERIFY(jwk.isObject()); o = jwk.toObject(); QCOMPARE(o["kty"].toString(), "RSA"); QCOMPARE(o["kid"].toString(), "Endentity"); QCOMPARE(urldecode(o["x5t"]), "4E:F9:9E:05:EF:7D:0D:DE:DB:A4:56:D6:86:93:49:11:58:FA:45:73"); QCOMPARE(urldecode(o["x5t#256"]), "2E:3C:84:81:13:00:0D:41:65:4E:60:B4:52:FA:D1:CB:C0:DF:26:A1:DD:0F:E8:AD:F4:84:24:7B:BF:9B:94:8F"); QCOMPARE(urldecode(o["n"]), "00:A6:83:93:C4:A8:8A:56:77:1C:E4:62:F4:C9:F8:A7:78:85:3B:8D:E8:7D:A6:CB:17:AF:17:59:D9:EB:82:DB:81:64:E0:E6:2C:05:E2:9C:49:6D:EB:67:9D:19:FA:3D:EB:2C:E1:49:07:41:DC:71:B6:ED:70:D1:C7:18:3E:A1:1F:57:52:55:3F:EC:1E:C1:8D:E4:C9:E4:B5:11:D3:74:12:43:6D:15:0B:CC:8A:7C:3D:BC:79:37:41:B8:3B:43:CD:61:61:72:26:D7:A8:8E:B6:F9:D0:5F:C6:F4:E2:C4:6D:2D:96:45:A8:8D:79:00:12:79:1C:6D:F0:D2:94:58:FE:E8:2E:7A:4F:9F:87:37:DA:C0:A1:FB:03:A5:57:02:59:8D:96:EF:57:2B:78:EE:53:6F:93:37:7A:4E:FD:6F:06:A0:8C:02:3C:CC:93:A7:82:0C:4C:35:15:98:06:27:AD:40:75:36:92:2F:1C:52:EA:3D:20:E7:64:0D:1D:EC:6B:CE:C0:0C:0B:53:90:38:D2:E0:B3:F0:FB:0E:D8:40:31:68:36:67:9B:F3:2D:7A:75:B9:95:B5:53:F4:01:2E:9C:2A:F0:18:69:61:73:20:40:B8:DA:F2:FA:CA:2A:E5:7F:AD:BA:FA:02:1F:54:BC:6E:69:48:79:9F:9D:5C:0F:99"); QCOMPARE(urldecode(o["e"]), "01:00:01"); QVERIFY(o["x5c"].isArray()); QJsonArray x5c = o["x5c"].toArray(); QCOMPARE(x5c.size(), 3); QCOMPARE(x5c[0].toString(), certs->getByName("Endentity")->i2d_b64()); QCOMPARE(x5c[1].toString(), certs->getByName("Inter CA 1")->i2d_b64()); QCOMPARE(x5c[2].toString(), certs->getByName("Root CA")->i2d_b64()); // Export Endentity key list.clear(); key = dynamic_cast(certs->getByName("Endentity"))->getRefKey(); db_base *keys = Database.model(); list << keys->index(key); // Public Key file = AUTOFILE(PUBKEY) export_by_id(19, file, list, keys); verify_key(file, QList { ENDKEY_HASH }, false); check_pems(file, 1, QStringList{ "PUBLIC KEY" }); // Private Key file = AUTOFILE(PRIVKEY) export_by_id(20, file, list, keys); verify_key(file, QList { ENDKEY_HASH }, true); check_pems(file, 1, QStringList{ "RSA PRIVATE KEY" }); // Private Key Openssl Encrypted file = AUTOFILE(PRIVKEY) pwdialog->setExpectations(QList{ new pw_expect("pass", pw_ok), new pw_expect("pass", pw_ok), }); export_by_id(21, file, list, keys); verify_key(file, QList { ENDKEY_HASH }, true); check_pems(file, 1, QStringList { "DEK-Info: ", "Proc-Type: 4,ENCRYPTED", "BEGIN RSA PRIVATE KEY" }); // Private SSH Key file = AUTOFILE(PRIVSSH) export_by_id(22, file, list, keys); verify_key(file, QList { ENDKEY_HASH }, true); check_pems(file, 1, QStringList{ "RSA PRIVATE KEY" }); // Public SSH Key file = AUTOFILE(PUBSSH) export_by_id(23, file, list, keys); verify_key(file, QList { ENDKEY_HASH }, false); check_pems(file, 0, QStringList{ "ssh-rsa " }); // Public DER Key file = AUTOFILE(PUBDER) export_by_id(24, file, list, keys); verify_key(file, QList { ENDKEY_HASH }, false); check_pems(file, 0); // Private DER Key file = AUTOFILE(PRIVDER) export_by_id(25, file, list, keys); verify_key(file, QList { ENDKEY_HASH }, true); check_pems(file, 0); // Private PVK Key file = AUTOFILE(PVK) export_by_id(26, file, list, keys); verify_key(file, QList { ENDKEY_HASH }, true); check_pems(file, 0); // Private PVK Key file = AUTOFILE(JWK_RSA) export_by_id(50, file, list, keys); jwk = jsonFromFile(file); QVERIFY(jwk.isObject()); o = jwk.toObject(); QCOMPARE(o["kty"].toString(), "RSA"); QCOMPARE(o["kid"].toString(), "2048 bit RSA"); QCOMPARE(urldecode(o["n"]), "00:A6:83:93:C4:A8:8A:56:77:1C:E4:62:F4:C9:F8:A7:78:85:3B:8D:E8:7D:A6:CB:17:AF:17:59:D9:EB:82:DB:81:64:E0:E6:2C:05:E2:9C:49:6D:EB:67:9D:19:FA:3D:EB:2C:E1:49:07:41:DC:71:B6:ED:70:D1:C7:18:3E:A1:1F:57:52:55:3F:EC:1E:C1:8D:E4:C9:E4:B5:11:D3:74:12:43:6D:15:0B:CC:8A:7C:3D:BC:79:37:41:B8:3B:43:CD:61:61:72:26:D7:A8:8E:B6:F9:D0:5F:C6:F4:E2:C4:6D:2D:96:45:A8:8D:79:00:12:79:1C:6D:F0:D2:94:58:FE:E8:2E:7A:4F:9F:87:37:DA:C0:A1:FB:03:A5:57:02:59:8D:96:EF:57:2B:78:EE:53:6F:93:37:7A:4E:FD:6F:06:A0:8C:02:3C:CC:93:A7:82:0C:4C:35:15:98:06:27:AD:40:75:36:92:2F:1C:52:EA:3D:20:E7:64:0D:1D:EC:6B:CE:C0:0C:0B:53:90:38:D2:E0:B3:F0:FB:0E:D8:40:31:68:36:67:9B:F3:2D:7A:75:B9:95:B5:53:F4:01:2E:9C:2A:F0:18:69:61:73:20:40:B8:DA:F2:FA:CA:2A:E5:7F:AD:BA:FA:02:1F:54:BC:6E:69:48:79:9F:9D:5C:0F:99"); QCOMPARE(urldecode(o["e"]), "01:00:01"); QCOMPARE(urldecode(o["d"]), "01:6B:1B:01:E0:96:A7:14:66:2A:5A:DE:6F:6E:FF:0C:33:84:55:99:DE:A2:22:56:3E:0F:52:9C:5C:D9:75:41:B5:A8:85:C5:67:BA:6D:AE:E1:71:11:25:A1:30:44:C1:41:55:5C:F0:23:23:3B:D3:BD:53:89:F1:EA:76:B4:1C:26:7C:04:CE:61:D6:44:3B:4F:70:D9:D2:22:07:FD:53:DF:7F:A9:1F:7B:DB:4D:22:20:7E:1E:D6:A0:39:5F:03:3B:9A:5F:24:CE:0E:F9:42:3D:40:05:64:D6:36:AD:4A:29:CA:7F:26:E7:A7:99:74:CE:D3:CB:6A:F2:FC:41:02:CD:55:AA:24:CB:25:AE:B1:0F:8F:B0:C1:C7:23:B1:18:AF:E0:B5:58:D1:54:C4:28:9B:4E:E0:5C:DB:5F:93:A0:44:EE:E8:D4:96:A5:65:5F:7E:34:CC:F7:E2:F0:E7:2D:C0:AA:B5:D7:8D:E7:A1:3C:9F:31:56:80:D7:95:30:78:0F:8A:28:5B:AF:3F:E7:EA:47:AD:8A:32:E4:EC:32:55:8C:19:15:2B:5E:E4:1F:76:9A:1C:36:F9:53:CB:61:9E:CF:A8:DE:02:29:52:1B:08:78:E0:0C:DC:0F:B3:76:18:51:4C:0C:C9:0F:F2:0B:E5:69:60:96:B9:CD:26:A9:25"); QCOMPARE(urldecode(o["p"]), "00:D7:D1:5A:40:CC:9F:15:53:79:5D:5B:F1:06:3A:F5:6B:5E:64:A5:4D:AC:86:06:A9:FC:39:30:23:1D:6F:3A:9D:86:7F:B9:89:9E:60:F4:27:B3:87:08:86:94:65:A8:6C:8E:F1:E0:2B:A3:97:69:20:1E:BD:DB:DC:86:41:31:9D:C5:A5:C5:DC:99:99:15:81:63:80:45:B6:8F:D3:C5:B4:B9:68:BD:5D:E6:2C:4A:24:CC:07:95:22:C8:FF:1F:23:08:20:41:04:6A:80:BE:90:56:95:AF:81:F2:6E:C5:9C:42:65:AA:0E:CA:67:BB:26:CA:B7:48:8A:E6:4C:5C:75"); QCOMPARE(urldecode(o["q"]), "00:C5:84:3A:8F:52:2C:31:52:15:0D:AC:F5:8C:AA:71:DF:68:38:F3:3D:59:13:ED:56:76:AF:21:7C:B0:44:7D:2A:5D:43:13:D9:98:D2:F6:D0:82:22:FC:C7:EB:4D:E6:04:58:CB:AC:7D:D1:B6:25:2C:A1:54:2A:83:EE:F1:CC:EB:26:B1:FE:B7:8F:D9:7B:F7:AE:1F:6E:FE:BC:A7:7F:C3:73:03:A7:83:27:42:D4:F4:D5:CB:13:E7:E6:ED:B1:60:79:49:49:73:B7:A7:D0:BE:4C:3F:A7:29:40:82:52:A9:92:D4:DF:8C:46:8B:A1:57:8B:4E:89:4A:E2:2F:52:15"); QCOMPARE(urldecode(o["dp"]), "00:A2:29:F0:C3:17:FD:C1:2C:83:D9:1E:A8:B0:A1:C4:9E:F4:C2:73:63:35:EB:4F:3E:93:02:F5:A4:AD:0D:52:E1:E2:9A:3E:73:A5:C9:FC:2B:88:BE:42:2D:BD:7B:D5:5E:1C:DA:AA:32:A0:2D:B9:14:25:85:4B:9B:1C:56:08:4E:20:A1:3B:57:53:22:B0:02:15:1D:E1:44:18:36:6C:2C:2B:D5:03:D5:76:8A:78:FB:C5:43:3D:50:71:EF:21:1A:55:94:C6:C5:E6:B0:EE:7F:CE:4F:93:1C:F5:69:3E:9A:F7:59:24:BB:10:63:79:40:E0:B9:6F:8C:CF:17:39:B1"); QCOMPARE(urldecode(o["dq"]), "1A:7F:5A:BB:CF:72:4E:4B:8C:B7:80:F4:90:22:6D:94:63:0F:00:D2:C2:18:82:46:8F:35:7F:70:92:D5:1D:55:89:9D:6E:14:4B:04:42:48:46:AD:1A:EC:57:0C:E4:46:C1:02:D1:E9:2F:31:18:5B:9C:69:06:2B:1C:EB:23:6A:88:8E:68:75:87:BE:CD:7A:B4:C9:52:C2:A9:DC:6E:AF:71:C6:93:BA:6C:91:F2:AF:C5:DE:B0:94:F3:CD:FF:75:C9:CF:A3:22:FB:08:70:60:97:2A:12:EA:DD:D4:9D:F2:51:D8:6D:05:0C:91:BE:DB:57:BC:F9:7E:2A:49:DE:E1"); QCOMPARE(urldecode(o["qi"]), "00:83:14:28:86:46:00:AA:63:07:8C:20:37:D2:8D:D1:EC:CA:CA:DF:C6:76:DF:FF:1B:B0:C7:D8:5A:A7:F1:02:F5:4A:42:70:02:F1:D5:A4:69:61:86:FF:74:E5:DA:C1:29:D7:E9:2A:B7:A3:F0:2E:20:13:69:A6:14:A6:3E:26:3E:57:2C:B3:CD:14:16:E2:FD:8A:98:4C:40:FB:98:9B:E6:C0:3C:F6:7F:CE:15:B9:48:25:73:D5:98:8A:A8:AB:D2:20:E0:C0:90:97:5C:E7:9F:4D:F1:5F:11:3B:B6:22:68:D7:6E:7D:9E:FB:27:F9:D2:BD:E3:93:AC:8C:93:83:24"); // 2 Keys, 521 bit EC and 2048 bit RSA file = AUTOFILE(JWK_RSA_EC) list << keys->index(keys->getByName("521 bit EC")); export_by_id(50, file, list, keys); jwk = jsonFromFile(file); QVERIFY(jwk.isObject()); o = jwk.toObject(); QJsonArray jkeys = o["keys"].toArray(); QVERIFY(jkeys.size() == 2); o = jkeys[0].toObject(); QCOMPARE(o["kty"].toString(), "RSA"); QCOMPARE(o["kid"].toString(), "2048 bit RSA"); QCOMPARE(urldecode(o["n"]), "00:A6:83:93:C4:A8:8A:56:77:1C:E4:62:F4:C9:F8:A7:78:85:3B:8D:E8:7D:A6:CB:17:AF:17:59:D9:EB:82:DB:81:64:E0:E6:2C:05:E2:9C:49:6D:EB:67:9D:19:FA:3D:EB:2C:E1:49:07:41:DC:71:B6:ED:70:D1:C7:18:3E:A1:1F:57:52:55:3F:EC:1E:C1:8D:E4:C9:E4:B5:11:D3:74:12:43:6D:15:0B:CC:8A:7C:3D:BC:79:37:41:B8:3B:43:CD:61:61:72:26:D7:A8:8E:B6:F9:D0:5F:C6:F4:E2:C4:6D:2D:96:45:A8:8D:79:00:12:79:1C:6D:F0:D2:94:58:FE:E8:2E:7A:4F:9F:87:37:DA:C0:A1:FB:03:A5:57:02:59:8D:96:EF:57:2B:78:EE:53:6F:93:37:7A:4E:FD:6F:06:A0:8C:02:3C:CC:93:A7:82:0C:4C:35:15:98:06:27:AD:40:75:36:92:2F:1C:52:EA:3D:20:E7:64:0D:1D:EC:6B:CE:C0:0C:0B:53:90:38:D2:E0:B3:F0:FB:0E:D8:40:31:68:36:67:9B:F3:2D:7A:75:B9:95:B5:53:F4:01:2E:9C:2A:F0:18:69:61:73:20:40:B8:DA:F2:FA:CA:2A:E5:7F:AD:BA:FA:02:1F:54:BC:6E:69:48:79:9F:9D:5C:0F:99"); QCOMPARE(urldecode(o["e"]), "01:00:01"); QStringList rsa = o.keys(); for (QString k : QStringList{ "d", "p", "q", "dp", "dq", "qi" }) QVERIFY(rsa.contains(k)); o = jkeys[1].toObject(); QCOMPARE(o["kty"].toString(), "EC"); QCOMPARE(o["kid"].toString(), "521 bit EC"); QCOMPARE(o["crv"].toString(), "P-521"); QCOMPARE(urldecode(o["x"]),"01:53:3D:93:CC:5A:BA:01:5D:B4:AF:05:CF:1F:58:AA:F9:96:7F:72:71:BD:59:0C:61:EA:0A:73:6B:E1:21:C9:2D:EB:2D:CD:D9:33:AF:AA:17:5D:01:56:D0:DD:2A:2E:F5:F1:65:A2:58:C4:B3:45:0F:B8:9F:27:12:C9:8B:75:C1:30"); QCOMPARE(urldecode(o["y"]),"01:C1:AD:BC:1F:A2:A2:00:A2:44:40:09:7A:C4:06:31:D0:D1:D6:81:EA:70:EA:6C:38:A4:55:DF:80:0A:8E:A7:35:2D:3C:49:B6:84:35:A3:8D:4B:52:A3:E8:92:05:12:3A:3A:99:AE:0C:86:56:53:DE:DD:D9:40:C2:8F:E9:21:E4:FD"); QCOMPARE(urldecode(o["d"]),"00:1B:8B:37:1E:26:E2:22:2C:2F:BD:99:19:76:90:D5:BF:70:AF:DD:59:DE:35:9E:D4:93:37:B4:1E:6D:48:F1:31:F5:22:3D:12:0F:EF:DD:EF:40:51:42:17:16:44:8C:D9:AF:71:E6:B5:2D:24:0F:CA:98:7C:CA:38:E4:2F:11:4A:3D"); // 2 Keys, 521 bit EC and 2048 bit RSA as PUBLIC KEYS file = AUTOFILE(JWK_RSA_EC_PUB) export_by_id(51, file, list, keys); jwk = jsonFromFile(file); QVERIFY(jwk.isObject()); o = jwk.toObject(); jkeys = o["keys"].toArray(); QVERIFY(jkeys.size() == 2); o = jkeys[0].toObject(); QCOMPARE(o["kty"].toString(), "RSA"); QCOMPARE(o["kid"].toString(), "2048 bit RSA"); QCOMPARE(urldecode(o["n"]), "00:A6:83:93:C4:A8:8A:56:77:1C:E4:62:F4:C9:F8:A7:78:85:3B:8D:E8:7D:A6:CB:17:AF:17:59:D9:EB:82:DB:81:64:E0:E6:2C:05:E2:9C:49:6D:EB:67:9D:19:FA:3D:EB:2C:E1:49:07:41:DC:71:B6:ED:70:D1:C7:18:3E:A1:1F:57:52:55:3F:EC:1E:C1:8D:E4:C9:E4:B5:11:D3:74:12:43:6D:15:0B:CC:8A:7C:3D:BC:79:37:41:B8:3B:43:CD:61:61:72:26:D7:A8:8E:B6:F9:D0:5F:C6:F4:E2:C4:6D:2D:96:45:A8:8D:79:00:12:79:1C:6D:F0:D2:94:58:FE:E8:2E:7A:4F:9F:87:37:DA:C0:A1:FB:03:A5:57:02:59:8D:96:EF:57:2B:78:EE:53:6F:93:37:7A:4E:FD:6F:06:A0:8C:02:3C:CC:93:A7:82:0C:4C:35:15:98:06:27:AD:40:75:36:92:2F:1C:52:EA:3D:20:E7:64:0D:1D:EC:6B:CE:C0:0C:0B:53:90:38:D2:E0:B3:F0:FB:0E:D8:40:31:68:36:67:9B:F3:2D:7A:75:B9:95:B5:53:F4:01:2E:9C:2A:F0:18:69:61:73:20:40:B8:DA:F2:FA:CA:2A:E5:7F:AD:BA:FA:02:1F:54:BC:6E:69:48:79:9F:9D:5C:0F:99"); QCOMPARE(urldecode(o["e"]), "01:00:01"); for (QString k : QStringList{ "d", "p", "q", "dp", "dq", "qi" }) QVERIFY(o[k].isNull()); o = jkeys[1].toObject(); QCOMPARE(o["kty"].toString(), "EC"); QCOMPARE(o["kid"].toString(), "521 bit EC"); QCOMPARE(o["crv"].toString(), "P-521"); QCOMPARE(urldecode(o["x"]),"01:53:3D:93:CC:5A:BA:01:5D:B4:AF:05:CF:1F:58:AA:F9:96:7F:72:71:BD:59:0C:61:EA:0A:73:6B:E1:21:C9:2D:EB:2D:CD:D9:33:AF:AA:17:5D:01:56:D0:DD:2A:2E:F5:F1:65:A2:58:C4:B3:45:0F:B8:9F:27:12:C9:8B:75:C1:30"); QCOMPARE(urldecode(o["y"]),"01:C1:AD:BC:1F:A2:A2:00:A2:44:40:09:7A:C4:06:31:D0:D1:D6:81:EA:70:EA:6C:38:A4:55:DF:80:0A:8E:A7:35:2D:3C:49:B6:84:35:A3:8D:4B:52:A3:E8:92:05:12:3A:3A:99:AE:0C:86:56:53:DE:DD:D9:40:C2:8F:E9:21:E4:FD"); QVERIFY(o["d"].isNull()); // Import ED25519 Key key = new pki_evp(); key->fromPEMbyteArray(pemdata["ED25519 Key"].toUtf8(), QString("ED25519 Key")); openssl_error(); Database.insert(key); dbstatus(); list.clear(); key = dynamic_cast(keys->getByName("ED25519 Key")); list << keys->index(key); // Export ED25519 as Private SSH Key file = AUTOFILE(ED25519PRIVSSH) export_by_id(22, file, list, keys); verify_key(file, QList { ED25519_HASH }, true); check_pems(file, 1, QStringList{ "BEGIN OPENSSH PRIVATE KEY" }); // Export ED25519 as unencrypted PEM Private Key file = AUTOFILE(ED25519PRIVPEM) export_by_id(20, file, list, keys); verify_key(file, QList { ED25519_HASH }, true); check_pems(file, 1, QStringList{ "BEGIN PRIVATE KEY" }); // Export ED25519 as unencrypted PKCS#8 Key (Same output as above) file = AUTOFILE(ED25519PRIVPKCS8) export_by_id(29, file, list, keys); verify_key(file, QList { ED25519_HASH }, true); check_pems(file, 1, QStringList{ "BEGIN PRIVATE KEY" }); // Export ED25519 as encrypted PKCS#8 Key file = AUTOFILE(ED25519PRIVPKCS8ENC) pwdialog->setExpectations(QList{ new pw_expect("pass", pw_ok), new pw_expect("pass", pw_ok), }); export_by_id(28, file, list, keys); verify_key(file, QList { ED25519_HASH }, true); check_pems(file, 1, QStringList{ "BEGIN ENCRYPTED PRIVATE KEY" }); // Export XCA Template and verify the internal name and comment file = AUTOFILE(XCA_TEMPLATE) db_base *temps = Database.model(); list.clear(); pki_base *temp = temps->getByName("CA Template"); // The common name Q_ASSERT(temp != nullptr); Q_ASSERT(temp->getComment().isEmpty()); temp->setComment("My XCA TEMPLATE comment"); temp->setIntName("My Template Internal Name"); list << temps->index(temp); export_by_id(35, file, list, temps); verify_template(file); check_pems(file, 1, QStringList{ "BEGIN XCA TEMPLATE" }); } catch (...) { QString m = QString("Exception thrown L %1").arg(l); QVERIFY2(false, m.toUtf8().constData()); } } xca-RELEASE.2.9.0/test/importPEM.cpp000066400000000000000000000025741477156507700167460ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2023 Christian Hohnstaedt. * * All rights reserved. */ #include #include "widgets/MainWindow.h" #include "ui_MainWindow.h" #include "widgets/ImportMulti.h" #include "ui_ImportMulti.h" #include "lib/pki_multi.h" #include "main.h" void test_main::importPEM() { try { ign_openssl_error(); openDB(); dbstatus(); pki_multi *pem = new pki_multi(); pem->fromPEMbyteArray(pemdata["Inter CA 1"].toUtf8(), QString()); pem->fromPEMbyteArray(pemdata["Root CA"].toUtf8(), QString()); // Enter a wrong password and then abort pwdialog->setExpectations(QList{ new pw_expect("wrongPassword", pw_ok), }); QVERIFY_EXCEPTION_THROWN(pem->fromPEMbyteArray( pemdata["Inter CA 1 EncKey"].toUtf8(), QString()), errorEx); // Enter a wrong password and then the correct one pwdialog->setExpectations(QList{ new pw_expect("BadPassword", pw_ok), new pw_expect("pass", pw_ok), }); pem->fromPEMbyteArray(pemdata["Inter CA 1 Key"].toUtf8(), QString()); QCOMPARE(pem->failed_files.count(), 0); ImportMulti *dlg = new ImportMulti(mainwin); dlg->addItem(pem); dlg->show(); Q_ASSERT(QTest::qWaitForWindowActive(dlg)); dlg->on_butOk_clicked(); delete dlg; QList allitems = Store.getAll(); QCOMPARE(allitems.count() , 3); } catch (...) { QVERIFY2(false, "Exception thrown"); } dbstatus(); } xca-RELEASE.2.9.0/test/main.cpp000066400000000000000000000032651477156507700160140ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2023 Christian Hohnstaedt. * * All rights reserved. */ #include #include #include #if (OPENSSL_VERSION_NUMBER >= 0x30000000L) #include #else #define OSSL_PROVIDER_try_load(a,b,c) do{}while(0) #endif #include "widgets/MainWindow.h" #include "ui_MainWindow.h" #include "lib/debug_info.h" #include "lib/entropy.h" #include "lib/pki_evp.h" #include "main.h" char segv_data[1024]; void test_main::initTestCase() { OSSL_PROVIDER_try_load(0, "legacy", 1); debug_info::init(); entropy = new Entropy; Settings.clear(); initOIDs(); mainwin = new MainWindow(); mainwin->show(); pwdialog = new PwDialogMock(); PwDialogCore::setGui(pwdialog); xcaWarning::setGui(new xcaWarningCore()); } void test_main::cleanupTestCase() { mainwin->close_database(); delete entropy; delete mainwin; pki_export::free_elements(); QFile::remove("testdb.xdb"); } void test_main::cleanup() { mainwin->close_database(); dbstatus(); QFile::remove("testdb.xdb"); } void test_main::openDB() { pwdialog->setExpectations(QList{ new pw_expect("testdbpass", pw_ok), }); mainwin->close_database(); QFile::remove("testdb.xdb"); Database.open("testdb.xdb"); Settings["pkcs12_keep_legacy"] = true; mainwin->setup_open_database(); dbstatus(); } void test_main::dbstatus() { QList allitems = Store.getAll(); QStringList out; foreach(pki_base *p, allitems) out << QString("%1[%2]").arg(p->getIntName()).arg(p->getTypeString()); qDebug("%s ALL: %ld %s", Database.isOpen() ? "OPEN" : "CLOSED", (long)allitems.size(), out.join(", ").toUtf8().constData()); } QTEST_MAIN(test_main) xca-RELEASE.2.9.0/test/main.h000066400000000000000000000022541477156507700154560ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2023 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __MAIN_H #define __MAIN_H #include "lib/entropy.h" #include "lib/pki_evp.h" #include "PwDialogMock.h" #include #include class test_main: public QObject { Q_OBJECT Entropy *entropy {}; PwDialogMock *pwdialog{}; void openDB(); void dbstatus(); static const QMap pemdata; private slots: void initTestCase(); void cleanupTestCase(); void cleanup(); void newKey(); void importPEM(); void exportFormat(); void revoke(); void testValidity(); public: template static T *findWindow(const QString &name) { T *ret = nullptr; for (int i=0; i < 200; i++) { foreach (QWidget *w, QApplication::allWidgets()) { T *dest = dynamic_cast(w); if (dest && name == dest->objectName() && dest->isVisible()) { qDebug() << "Widget found:" << name << dest << i << dest->isVisible(); ret = dest; } } if (ret) { if (!QTest::qWaitForWindowActive(ret)) return nullptr; return ret; } QThread::msleep(50); } qWarning() << "Widget not found:" << name; return nullptr; } }; #endif xca-RELEASE.2.9.0/test/newKey.cpp000066400000000000000000000054711477156507700163330ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2023 Christian Hohnstaedt. * * All rights reserved. */ #include #include "widgets/MainWindow.h" #include "ui_MainWindow.h" #include "widgets/NewKey.h" #include "ui_NewKey.h" #include "main.h" void test_main::newKey() { /* RSA 3012 bit key - Remember as default */ NewKey *dlg = new NewKey(mainwin, "Alfons"); dlg->show(); Q_ASSERT(QTest::qWaitForWindowActive(dlg)); dlg->keyLength->setEditText("3012 bit"); QCOMPARE(dlg->rememberDefault->isChecked(), false); dlg->rememberDefault->setChecked(true); dlg->accept(); keyjob job = dlg->getKeyJob(); QCOMPARE(job.ktype.name, "RSA"); QCOMPARE(job.size, 3012); delete dlg; /* Remembered RSA:3012 key. Change to EC:secp521r1 */ dlg = new NewKey(mainwin, "Erwin"); dlg->show(); Q_ASSERT(QTest::qWaitForWindowActive(dlg)); QCOMPARE(dlg->rememberDefault->isChecked(), false); QCOMPARE(job.toString(), dlg->getKeyJob().toString()); #ifndef OPENSSL_NO_EC /* Curve box visible after selecting EC Key */ QCOMPARE(dlg->curveBox->isVisible(),false); QCOMPARE(dlg->curveLabel->isVisible(),false); dlg->keyType->setCurrentIndex(2); QCOMPARE(dlg->curveBox->isVisible(),true); QCOMPARE(dlg->curveLabel->isVisible(),true); dlg->curveBox->setCurrentIndex(2); QCOMPARE(dlg->getKeyJob().toString(), "EC:secp521r1"); #ifdef EVP_PKEY_ED25519 /* Select Edwards Curve */ dlg->keyType->setCurrentIndex(3); QCOMPARE(dlg->getKeyJob().toString(), "ED25519"); /* Neither key size nor curve is visible */ QCOMPARE(dlg->curveBox->isVisible(),false); QCOMPARE(dlg->curveLabel->isVisible(),false); QCOMPARE(dlg->keyLength->isVisible(),false); QCOMPARE(dlg->keySizeLabel->isVisible(),false); #endif /* Back to EC and previously set curve is set */ dlg->keyType->setCurrentIndex(2); QCOMPARE(dlg->getKeyJob().toString(), "EC:secp521r1"); #endif dlg->accept(); delete dlg; /* Open dialog again and RSA:3012 is remembered */ dlg = new NewKey(mainwin, "Otto"); dlg->show(); Q_ASSERT(QTest::qWaitForWindowActive(dlg)); QCOMPARE(dlg->rememberDefault->isChecked(), false); QCOMPARE(job.toString(), dlg->getKeyJob().toString()); QCOMPARE(dlg->curveBox->isVisible(),false); QCOMPARE(dlg->curveLabel->isVisible(),false); #ifndef OPENSSL_NO_EC /* Select EC and remember as default */ dlg->keyType->setCurrentIndex(2); dlg->curveBox->setCurrentIndex(2); QCOMPARE(dlg->curveBox->isVisible(),true); QCOMPARE(dlg->curveLabel->isVisible(),true); QCOMPARE(dlg->getKeyJob().toString(), "EC:secp521r1"); dlg->rememberDefault->setChecked(true); dlg->accept(); delete dlg; /* Now "EC:secp521r1" is remembered as default */ dlg = new NewKey(mainwin, "Heini"); dlg->show(); Q_ASSERT(QTest::qWaitForWindowActive(dlg)); QCOMPARE(dlg->getKeyJob().toString(), "EC:secp521r1"); QCOMPARE(dlg->rememberDefault->isChecked(), false); #endif dlg->accept(); delete dlg; } xca-RELEASE.2.9.0/test/pem.cpp000066400000000000000000000325761477156507700156600ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2023 Christian Hohnstaedt. * * All rights reserved. */ #include "main.h" const QMap test_main::pemdata = { { "Root CA", R"PEM( -----BEGIN CERTIFICATE----- MIIDGDCCAgCgAwIBAgIIOrvWy5vvDTwwDQYJKoZIhvcNAQELBQAwEjEQMA4GA1UE AxMHUm9vdCBDQTAeFw0yMzA5MTkxMzE0MDBaFw0zMzA5MTkxMzE0MDBaMBIxEDAO BgNVBAMTB1Jvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCG ykFQQcbPjwcwY1iXd0U0zTWQA8R2UZCHveyZtza55e55vTRtfeVzAgTxSbmOkgyn TR4S3yM6inZiNcVRFUkhrFPYMFbHUSpw/DykgbxYAUszE+KTx77JZ3A3pNL/wjlr XQOGeGENBeVdrMtzSgeeM8jLys3P5FE3s3itKV5xxlZZthcbxrADSTLF85a69iJ+ yGIy7tm1fLYkLIJzwtUz+MSyIWzg/K+82sPQEWGg3EBEj6zpT+01dk0AAGwOyZHz 0HlvEoZl/py2CYFItycMM8fpvh/u2QIVCYxeqM2TwojwKhDrtmD/Vd9SfCoKqYRj rjgu3ZCjGyRzHlpSFSlNAgMBAAGjcjBwMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0O BBYEFGOFvC6Qk0JQDPYJ9tlJOFP30mKZMAsGA1UdDwQEAwIBBjARBglghkgBhvhC AQEEBAMCAAcwHgYJYIZIAYb4QgENBBEWD3hjYSBjZXJ0aWZpY2F0ZTANBgkqhkiG 9w0BAQsFAAOCAQEAaSU6u95lFkvXxT2kbFvAfJRN1VmVr2GXDjsRQF+DdcSnu7eg ush8bWWlI9tmQbnmu4Ob8/vBT/Ou+lQ2+BxvBi+6cCCHyK1Lg4zv0KuRb6KYy5On aZNT6KJRnFggu/IgzDiR5LD/uWUEpOPHjbFuD60pOid6Obj3zcDeqHnN/S76QK+G MgodESssqwuCWqVt4ACD2/tAKizoiXP85Hx/EtHOY0fKcPqPfcXlVAgMszRgQfsx 0kc3z3mlwPxvFf8V7h0wcjjaIbkeDqsQxfdfeyErSIgRJj7h1rXFOUNLjksg9877 zul7Vd4O/kY0MN/PmL6no6CtLm7DavZNbYLVQw== -----END CERTIFICATE----- )PEM" }, { "Inter CA 1", R"PEM( -----BEGIN CERTIFICATE----- MIIDGzCCAgOgAwIBAgIILcPKkEW8ow0wDQYJKoZIhvcNAQELBQAwEjEQMA4GA1UE AxMHUm9vdCBDQTAeFw0yMzA5MTgxNjQyMDBaFw0zMzA5MTgxNjQyMDBaMBUxEzAR BgNVBAMTCkludGVyIENBIDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDJlExG3+oLO6GFuD4pa9sI5mJL/9fADcoe9bv1SAnRKu/GPtCMaruVTKBAt5x4 mwt5My6WhyPdpYp0z6yUgSCrbkSAMvMzGlS1W5Ke4UU4GaufCRjHeXNVpx9wXEPY y46HO5vSZZiGzl46UMmeVkV5kGeh8y2giS/M0prVqpOLdIloeJykgp8k29llkFj/ OEa2WPiKhUnBvna5IDyrjjTKUGo5mxi9RVuArZwZ16kdJPG292WOVtQ8uTg391XQ 2uOho/nv/IoWysZLnwvHIZkcH413owvBULqM5fVda0j9qkvQEKa4GAiitx2HX0wW YNvtUhZrXnHU/DzYkbhZrW7VAgMBAAGjcjBwMA8GA1UdEwEB/wQFMAMBAf8wHQYD VR0OBBYEFE5aAJMfa9ksd7718xYlNHF/YSjtMAsGA1UdDwQEAwIBBjARBglghkgB hvhCAQEEBAMCAAcwHgYJYIZIAYb4QgENBBEWD3hjYSBjZXJ0aWZpY2F0ZTANBgkq hkiG9w0BAQsFAAOCAQEAd4H25/1Dkt3mqhGI+fepvlskg+FHPQgLNQR7cmJOcYJf 4uHR3MuxXUDQrY4PcFgZQRiUNHrEDtifZHENLCYOSr1xNKX6HzO/b1jpIOvgPgc5 JJBFziq0ShtP8l+2aXZwgifwxL3wcrqKXqSYJkox+xUvNU5gQ1+ea7zCZoRHp8Vd 3iLNYSkb8QnoffZXr6WLENQjHd3n7ETMTgGnQy0zXhTOAounnkp3uFUa0QUwiwLj qi43yEB8GCW+5k96q/bPLgYDnGsSGUgdT9Fq+zHWnW0FqycRR5JivqdUkRrkJP/G 9UaWItdzIg7z3JJnWocON2UPXiRCwXIinFOY8B3cZg== -----END CERTIFICATE----- )PEM" }, { "Endentity", R"PEM( -----BEGIN CERTIFICATE----- MIIDRzCCAi+gAwIBAgIIRnZrxljA1L0wDQYJKoZIhvcNAQELBQAwFTETMBEGA1UE AxMKSW50ZXIgQ0EgMTAeFw0yMzA5MTgxNjQzMDBaFw0yNDA5MTcxNjQzMDBaMBQx EjAQBgNVBAMTCUVuZGVudGl0eTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKaDk8SoilZ3HORi9Mn4p3iFO43ofabLF68XWdnrgtuBZODmLAXinElt62ed Gfo96yzhSQdB3HG27XDRxxg+oR9XUlU/7B7BjeTJ5LUR03QSQ20VC8yKfD28eTdB uDtDzWFhcibXqI62+dBfxvTixG0tlkWojXkAEnkcbfDSlFj+6C56T5+HN9rAofsD pVcCWY2W71creO5Tb5M3ek79bwagjAI8zJOnggxMNRWYBietQHU2ki8cUuo9IOdk DR3sa87ADAtTkDjS4LPw+w7YQDFoNmeb8y16dbmVtVP0AS6cKvAYaWFzIEC42vL6 yirlf626+gIfVLxuaUh5n51cD5kCAwEAAaOBmzCBmDAMBgNVHRMBAf8EAjAAMB0G A1UdDgQWBBR7iRaxAf1OaeoxkupqrpeexvALjjALBgNVHQ8EBAMCA+gwEwYDVR0l BAwwCgYIKwYBBQUHAwEwFAYDVR0RBA0wC4IJRW5kZW50aXR5MBEGCWCGSAGG+EIB AQQEAwIGQDAeBglghkgBhvhCAQ0EERYPeGNhIGNlcnRpZmljYXRlMA0GCSqGSIb3 DQEBCwUAA4IBAQAWUnY5on/xftnW8YsFeChSLWKEAP0YaaOGoCETdfWd4OIZnr8s AzbHV3V+7I57wz956R2WB8m98FuOrtosqwyAmKwvA5Jv5jYSj7DytY3RP8w/mb9u +W1NTpKQ5UvaMjVorA/lgvd/IccoSK0oUBfjUD2+0kzUGHUtaNJivCe2DG0pUfTP qAwuZyTlUyVW77eCBj5Pl+R/eFjlDQaxikG+AKlmJ77eu15Pw3nOPTVBme8wTzQH Sb2DLoQbi4Fe69NXtOZ8SX2H3M2w2+HnjhYTYWZN7/6OR6cafJAlRzBPeGQHC0MG LWMLAcF8GJP9sx58pIJ3g9gOzOuWTs/KqUSu -----END CERTIFICATE----- )PEM" }, { "Inter CA 1 Key", R"PEM( -----BEGIN PRIVATE KEY----- MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDJlExG3+oLO6GF uD4pa9sI5mJL/9fADcoe9bv1SAnRKu/GPtCMaruVTKBAt5x4mwt5My6WhyPdpYp0 z6yUgSCrbkSAMvMzGlS1W5Ke4UU4GaufCRjHeXNVpx9wXEPYy46HO5vSZZiGzl46 UMmeVkV5kGeh8y2giS/M0prVqpOLdIloeJykgp8k29llkFj/OEa2WPiKhUnBvna5 IDyrjjTKUGo5mxi9RVuArZwZ16kdJPG292WOVtQ8uTg391XQ2uOho/nv/IoWysZL nwvHIZkcH413owvBULqM5fVda0j9qkvQEKa4GAiitx2HX0wWYNvtUhZrXnHU/DzY kbhZrW7VAgMBAAECggEAAJXerCywTadhrmASRiUwYKk9Sy02CjJquNuhLR2FcccR z93qKyOQNzx0EVwMfJ6D/QPKCdk19cnU9MaO9hYd6yw0eg7WfU/WmSQ9RnAvDEep eO/E06d6+e+0pqs4mI5BdAvB8G19G5Rz2kWBIGWYaWRNo2nFDdH4LTxwrgLYei+I zeOJE1KURbLG3Ni1vpTYO5qB5DOC5+KobiO4qLA7I1r3ne2fMDPnnO+r4Onky2gg O8uCVKjbb2VEPk1tLShj3e5USsewdUMkc6es4XN9nNOFISEzsbfmhsRNERXUKN2h lVRjNNaXxn4FogOFlmEu6+ZfL8Eg0wusuLGi5q8HzQKBgQDsno5nvGPSa6dC4j7Q jbpwaKVY3MrUDWIxZwhpRWzR4yDuhYwcnDV7jsyiXxQRAknjIsvqgVSU+tWlB9Hz 2PGhC3Pu2FBSJMAwMrT4IUE66lXH4bbbPj4v1YD7AC0rRCPN1b6/sXq/K4U3bdgz +Uhedqr0jA1dVxMML+HHXH/P2wKBgQDaFwUnpcheDzhRFEHxaRPUzdOvwye1uzlT Cw1WNdut4hywv2Too2cZi7lSnCKV6Ez4RLZLv6Rq2rl3+IxN53UbmQ/pUftA+jNS OQYMwLm5rVm/VOqiDFwwJtBar23COgfn1n4D3TBpoZxvPhVOC+tAYLz8CtSPjO5v YOuqnjkTDwKBgQCGlmVPsgNhY6Re0cuC2qqqV4t9MREZbodkrENHhZqxA6zunv2k JGHzZrUUwlnqls+qJ1evimKu3sH4var5NXOy84281ENThd3fTGhNHrU4qqOiLsvQ huXeVWWo31/R1U88PBDkfjHgXQPIFG2+mlNEj+ELekH7zpRiATY+LGnyswKBgGkM zZ7bbDhifG4Ro/H0+2h1/JGdH3OaS3KE0FfGeZq4X7mDd8fXbcIQW6Q/MSmkS+8K qgSyuy/9S3lOb8bWxsIUaGWq56vU2QOyFAfwjYWyypgu/xYvffhzucj015nG+ifi WbDiyn8XKZMsBHcjpp3L+zwsu1aqO+/Kb7ovnK5hAoGAf2ILN0I+/pDWg1nsEe1T dX+8tSj9hdbKO/vMNaBEYseY+MwHIFD511QmtTF0180LmxEgoHfZh+XFYE+RWYz+ saTRaU4ruH+IW2N+sKB7tXsLwEWmfaTNnn0PRdHCxxPABmMDphHNHXmJ/16hkjGZ xCjKmukuObM35daa7xgorTo= -----END PRIVATE KEY----- )PEM" }, { "Inter CA 1 EncKey", R"PEM( -----BEGIN ENCRYPTED PRIVATE KEY----- MIIFLTBXBgkqhkiG9w0BBQ0wSjApBgkqhkiG9w0BBQwwHAQItXrspWS+BjoCAggA MAwGCCqGSIb3DQIJBQAwHQYJYIZIAWUDBAEqBBBMHfnuPQPDqap4RrxNS9IrBIIE 0HCHV+CSY8QSdAyZJXd4H19mg37IL4OW1gtmDQB9KWK19T+d3O7abLPQ1c9RDAck M23IPVIjkhKakLJnOc4blYsWDXUqcBHdhzB2RIJ4v19aM+Uwni1BoIl2EFXSmwdh Pf4fweKurefQwkLHagNXffKlzh7VY0KCEMLd2YEUzRmmXXCFsWKwMZydMQghFnrT XIbvTqMcv0diYLP4v1+c4a90u/UM2C/REry8gZUj4Sql+vSyx+/zvsQDSXRzYwRP rbw7UuQLp+WNOYtJ84WfK+Pn40dJ9q7EU46KjeA83RB/otRBlYb7Lqsde2bf0loh BfAcZUR+5IrLMi4+Ag/QqFNfRnPPKNTEdU16Sz2soqh1gveHhupYBQ2hrUyglyXj S1uavMvMx4k/MNAQAVQ7zi4coS+I3KRgA9RDyClLebWj6kLdg3udhfUK7a9n9o0K 19IKH7SxHLIXrKUY69oDB6xMGt+YuL/YHz59fLay64K9gaNSy1P8ZAAZsEEjQf2J nrblN8n9aWXpJ+H/L+C/Wun5otypP1CZj+OTmbV7uhiXTN4aj3uBROd2NR80F8tf kTrgJu35fZD0Fg2pbRgiZPsexGaId+IcPUHjucmjucDRgEtQk35x/uv+earVlVWk ucxEtIFuqncAgCBUklh18cgva3TkiMySGa1rG+EcM7E8IcWBpUL8CkiRkhilzWnQ 70zgpshieg+F4luuUEfwlWDiRMAPPSRjAutoaAmuyVhbwOztlz2Fp1/bC9R4dnf3 5/GJx60uBUG0nd9AQ3FRBd8+YT6V3N5K6cQWKqztJrp83Vo7oPYtUMEzW+/zMRFi FxEnEdNZn4r01f8yWUdgyzEa/nKlcfAJO86XAmBEZAoKEes5w2PK+2NeDvePULNF N3Gm/6al2ncJlICPQipG3QG56in4tOY9gaSVaQ9cpACabarNaHD08Kt8vAxDryx6 3Yv5c0wyAZpFMwyNx8BRXsZocZ+1QYZwksdMKIMWUV4YreTwyh7HKpNCuDqWBfmS rgHlAqFd71LlN3LQMaXJz/JDWHGWjE9YxSUr2JHi/2Q3rRGEZgxApknQuNlhPgfe x31Ei9pO/bzdXyLOzc6QiTsEkUSYBhWk+4CXZyByQurSO4gjNY1VtDiziFyULNsw NEdCf/SPHzk7YMXH0X1NDarLoHg+9/kGU6jv38H/wKABBw2FYsKXYNC4H/8yBDHf 4QVC0wBSY6NeiX1BSQKgzV2cmOUUCqrR6NkweVK7R+g1fRvDMFk8bFSfCg/44ASA tObItm/QEh+P0coivlA5ZB+I/jAP8+glVXQS64hW23DeWLNNyFO/4bpi0urctJ5m y8au5feWuyS9cTyfsfKWG/dfIU7H2tplju+aUJ/BfpmEyAo4Pntb/BXVxjLtXtkS uRKLz2OlwF1W1rErcdrqzXUuK7LzSS4gZTjLtNG+zXZsIUPxgY/uy46z1djwkgF9 3FBv8e225XG/kUnQPptwr03Qpy7G49bPlp13Z9hf2xb9e4OIvQRoaPXqDLDuhwih J23mPxmpMo2cDvsoX4qJrCoCStSTUTw4RyLh8oxUn7S8FIbZZxXB29APjakmUAfg MEDr+LxWq7s3f1ggp6I8OrS3fJWU9Ucn7VFNu/nSeDcK -----END ENCRYPTED PRIVATE KEY----- )PEM" }, { "Endentity Key", R"PEM( -----BEGIN PRIVATE KEY----- MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCmg5PEqIpWdxzk YvTJ+Kd4hTuN6H2myxevF1nZ64LbgWTg5iwF4pxJbetnnRn6Pess4UkHQdxxtu1w 0ccYPqEfV1JVP+wewY3kyeS1EdN0EkNtFQvMinw9vHk3Qbg7Q81hYXIm16iOtvnQ X8b04sRtLZZFqI15ABJ5HG3w0pRY/uguek+fhzfawKH7A6VXAlmNlu9XK3juU2+T N3pO/W8GoIwCPMyTp4IMTDUVmAYnrUB1NpIvHFLqPSDnZA0d7GvOwAwLU5A40uCz 8PsO2EAxaDZnm/MtenW5lbVT9AEunCrwGGlhcyBAuNry+soq5X+tuvoCH1S8bmlI eZ+dXA+ZAgMBAAECggEAAWsbAeCWpxRmKlreb27/DDOEVZneoiJWPg9SnFzZdUG1 qIXFZ7ptruFxESWhMETBQVVc8CMjO9O9U4nx6na0HCZ8BM5h1kQ7T3DZ0iIH/VPf f6kfe9tNIiB+HtagOV8DO5pfJM4O+UI9QAVk1jatSinKfybnp5l0ztPLavL8QQLN VaokyyWusQ+PsMHHI7EYr+C1WNFUxCibTuBc21+ToETu6NSWpWVffjTM9+Lw5y3A qrXXjeehPJ8xVoDXlTB4D4ooW68/5+pHrYoy5OwyVYwZFSte5B92mhw2+VPLYZ7P qN4CKVIbCHjgDNwPs3YYUUwMyQ/yC+VpYJa5zSapJQKBgQDX0VpAzJ8VU3ldW/EG OvVrXmSlTayGBqn8OTAjHW86nYZ/uYmeYPQns4cIhpRlqGyO8eAro5dpIB6929yG QTGdxaXF3JmZFYFjgEW2j9PFtLlovV3mLEokzAeVIsj/HyMIIEEEaoC+kFaVr4Hy bsWcQmWqDspnuybKt0iK5kxcdQKBgQDFhDqPUiwxUhUNrPWMqnHfaDjzPVkT7VZ2 ryF8sER9Kl1DE9mY0vbQgiL8x+tN5gRYy6x90bYlLKFUKoPu8czrJrH+t4/Ze/eu H27+vKd/w3MDp4MnQtT01csT5+btsWB5SUlzt6fQvkw/pylAglKpktTfjEaLoVeL TolK4i9SFQKBgQCiKfDDF/3BLIPZHqiwocSe9MJzYzXrTz6TAvWkrQ1S4eKaPnOl yfwriL5CLb171V4c2qoyoC25FCWFS5scVghOIKE7V1MisAIVHeFEGDZsLCvVA9V2 inj7xUM9UHHvIRpVlMbF5rDuf85Pkxz1aT6a91kkuxBjeUDguW+Mzxc5sQKBgBp/ WrvPck5LjLeA9JAibZRjDwDSwhiCRo81f3CS1R1ViZ1uFEsEQkhGrRrsVwzkRsEC 0ekvMRhbnGkGKxzrI2qIjmh1h77NerTJUsKp3G6vccaTumyR8q/F3rCU883/dcnP oyL7CHBglyoS6t3UnfJR2G0FDJG+21e8+X4qSd7hAoGBAIMUKIZGAKpjB4wgN9KN 0ezKyt/Gdt//G7DH2Fqn8QL1SkJwAvHVpGlhhv905drBKdfpKrej8C4gE2mmFKY+ Jj5XLLPNFBbi/YqYTED7mJvmwDz2f84VuUglc9WYiqir0iDgwJCXXOefTfFfETu2 ImjXbn2e+yf50r3jk6yMk4Mk -----END PRIVATE KEY----- )PEM" }, { "Root CA Key", R"PEM( -----BEGIN PRIVATE KEY----- MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCGykFQQcbPjwcw Y1iXd0U0zTWQA8R2UZCHveyZtza55e55vTRtfeVzAgTxSbmOkgynTR4S3yM6inZi NcVRFUkhrFPYMFbHUSpw/DykgbxYAUszE+KTx77JZ3A3pNL/wjlrXQOGeGENBeVd rMtzSgeeM8jLys3P5FE3s3itKV5xxlZZthcbxrADSTLF85a69iJ+yGIy7tm1fLYk LIJzwtUz+MSyIWzg/K+82sPQEWGg3EBEj6zpT+01dk0AAGwOyZHz0HlvEoZl/py2 CYFItycMM8fpvh/u2QIVCYxeqM2TwojwKhDrtmD/Vd9SfCoKqYRjrjgu3ZCjGyRz HlpSFSlNAgMBAAECggEACJu7Lx58TX4zddYqbsX5wAUJEjEDZ5EO+3RYO3r1fkre f5zjT8jWEhHDcguE08OlFjw5GvhwPglgxSXs+6Ax4vooAqsXp7QZ00xwrQryFebD QDhZZJnBqAg4pP0cUqQ7WY1/r6NZg2TogKKL/clxEhv5i3ZgzZGl1DpcjyaQtxBd cagQfuSD8fr0FMB2EwmUFtYaWO7b22wwHFCDb//KLsDPyss1rZkzRMp3i5qNDM1r +i5apaldMSTInEXGIzH9SLUXF4s7eH5hkaXfFueNwVo9kSMOOIadVO+KuiKxBJF9 hnukhIRuwXeXdJITTdvHCX569ubYlamqolBZMor+uwKBgQC8auGD7XZ6jTn/WQ5u 8gCIwxyPKOLSfhQGb9pXPloSairBxuhLCceg0tbkbN4IixgDBeRhjtOYy2MJJP3d DQUWfdXucicptBvjgWiSQxbIdFObdiYs3/5syxrhZIBSbDxp+T3Auad/MbKA8VS5 Cf6Tay/cTPdtOAnW8kcUf24tqwKBgQC3Ix/rSiRdTzoKzNuviZ18mAgb4gC5y/jw QyksfgbrLycvYNcuNRnJlfZGE6bI5qRLdYM2T+8sWg1JPAW+n+XozymuhApXLSOl DOgVO3jg8EHbU1pV/C2uutE8/olLJ9wcdV5ScuT/t+djI+1vekGAcZipahdYYqRp 2pGjKkHc5wKBgQCOLSSg9ZYaoejqyxu+EjTe/kPVryeBaIvZ05txi+ZR0PUUpfBx dx7BN3fahGADGFp1JYQRLcJzoL3Jj7VUkVeOgkPlGxR8PqFwyhzLiX5uooDYZY4m /JszIwvUmo7OI0hvOxkjDbTboPeunuyseGM2gIJr/VQTgV7DaKzERegw4wKBgCsd bNVS9i61iT+jrRCtgFMl47rUwUD8oVXHKflcjjpuNnZ0ARTS0Yhg8sLau4hOrF1L hCGUPgWeCcS1CdEwCct+ghyg32JYsSyZVkYxYyrpxUdiX0EhBow9VSdb8WytLKfS hes5O2psnF/9xFdbW/JmS/+Oh4J6bqSxHVphh3H/AoGAWqJA+jO2d75r9JI6+GVx 9XDO7qQt6XgCELypxDXI+rr9qJP1uIKEGrbrw3gs8Z6QVtTWCvwOfa6AiQf4f9aD 0xO29mRaLHZgvh9/iPtROM43CVPnS3fb+H+C5oA2aAXrbqU4kEcvCHaEkNw2oONx PHyIfBzGNa1JrRLkQwrfR2E= -----END PRIVATE KEY----- )PEM" }, { "ED25519 Key", R"PEM( -----BEGIN PRIVATE KEY----- MC4CAQAwBQYDK2VwBCIEIPsR1kBH7fqfR0vUA+tjRUoRpgkfP8EJ/tjsh1dfCRmQ -----END PRIVATE KEY----- )PEM" }, { "CA CRL Test", /* Expired */ R"PEM( -----BEGIN CERTIFICATE----- MIIDOzCCAiOgAwIBAgIIXF5qBr98tlYwDQYJKoZIhvcNAQELBQAwMTEOMAwGA1UE CBMFU3RhdGUxDDAKBgNVBAoTA29yZzERMA8GA1UEAxMIcGFzc3QgQ0EwHhcNMjEx MTEzMTE1MTAwWhcNMjIxMTEzMTE1MTAwWjAWMRQwEgYDVQQDEwtDQSBDUkwgVGVz dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOZceZv6lEdz2jLAAzsZ 3igdO6QlWsGuPVIJ2xgxTgRuulYtHvprLKiBNpU/yWBfbkJ38oUzt8iLI5mUUGAB SQCKowQmbaHUzhw3WKexNPJy85p+3eHuR5jtUftO2HcYie5kEXbOi9F3WNbqHAtR +/npeOYJCJaPmjQ8GnTAw+SiyB86kl7VyJyCfGxpVf2RYNo3kXrFixW+rWtgH7n9 VYiKkFeqKdPMFnGu+DgoXMBo4IM0GEKgkT1vV+q5iv4SgAbuSciIukq791Uz2IeX VmfmNK68rrLipYlQkG9Xr0sLe178co2W8XXhKfiflmGn5FW/xNhFFDn8C/+/+BiE o9kCAwEAAaNyMHAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUPPLlhZfgXy7M VLcoWb9fUSe46nswCwYDVR0PBAQDAgEGMBEGCWCGSAGG+EIBAQQEAwIABzAeBglg hkgBhvhCAQ0EERYPeGNhIGNlcnRpZmljYXRlMA0GCSqGSIb3DQEBCwUAA4IBAQBm HuY/X6DBPvPlF2TP7SPMiJEXDLrcjuazIyLwpMnU6Zw45g3DlNIuaG0q0onQtzeh MuNDaTlun0gM+4MA3rXLs0XFwWz4G4y0j5PufN78mUEqk+9IiVjPIjnDrA39uLrd pDiBYVhdfDZsUkzB3R3xEhQpyEYZPFYPQEDe5gLpjQoARjfIWHhQ/WqXhOeQurKy WEeS3FFEcMZUINaarX8gQG1Ibxo3fPQY2y9+RaGmYxxN0/IBYEf/4BPL32/rj8CA o5ddfKnVVLLfaf7uf1IvCsouRYr2Eo7WklH2UCOvffXoK6DwZAQ4pA9f8shI08b/ UDcS3B0AFHkYZOFWmpBL -----END CERTIFICATE----- )PEM" }, { "XCA Template", R"PEM( -----BEGIN XCA TEMPLATE----- AAADQgAAAAowNjEUMBIGA1UEAxMLQ0EgVGVtcGxhdGUxHjAcBgkqhkiG9w0BCQEW D21haWxAYWRkcmVzcy50bwAAABsAAAAUAE8AQwBTAFAAcwB0AGEAcABsAGUAAAAC ADAAAAAOAGEAZAB2AF8AZQB4AHQAAAAAAAAAFABhAHUAdABoAEkAbgBmAEEAYwBj AAAAAAAAAA4AYQB1AHQAaABLAGUAeQAAAAIAMAAAABIAYgBhAHMAaQBjAFAAYQB0 AGgAAAAAAAAAFABiAGMAQwByAGkAdABpAGMAYQBsAAAAAgAxAAAABABjAGEAAAAC ADEAAAAOAGMAcgBsAEQAaQBzAHQAAAAAAAAADgBlAEsAZQB5AFUAcwBl/////wAA ABYAZQBrAHUAQwByAGkAdABpAGMAYQBsAAAAAgAwAAAAFABpAHMAcwBBAGwAdABO AGEAbQBlAAAAAAAAAAwAawBlAHkAVQBzAGUAAAAEADkANgAAABQAawB1AEMAcgBp AHQAaQBjAGEAbAAAAAIAMAAAACgAbgBvAFcAZQBsAGwARABlAGYAaQBuAGUAZABF AHgAcABEAGEAdABlAAAAAgAwAAAAEgBuAHMAQgBhAHMAZQBVAHIAbAAAAAAAAAAi AG4AcwBDAEEAUgBlAHYAbwBjAGEAdABpAG8AbgBVAHIAbAAAAAAAAAAaAG4AcwBD AGEAUABvAGwAaQBjAHkAVQByAGwAAAAAAAAAFABuAHMAQwBlAHIAdABUAHkAcABl AAAABAAxADYAAAASAG4AcwBDAG8AbQBtAGUAbgB0AAAAAAAAABgAbgBzAFIAZQBu AGUAdwBhAGwAVQByAGwAAAAAAAAAHgBuAHMAUgBlAHYAbwBjAGEAdABpAG8AbgBV AHIAbAAAAAAAAAAeAG4AcwBTAHMAbABTAGUAcgB2AGUAcgBOAGEAbQBlAAAAAAAA ABQAcwB1AGIAQQBsAHQATgBhAG0AZQAAAAAAAAAMAHMAdQBiAEsAZQB5AAAAAgAx AAAADAB2AGEAbABpAGQATQAAAAIAMgAAABIAdgBhAGwAaQBkAE0AaQBkAG4AAAAC ADAAAAAMAHYAYQBsAGkAZABOAAAABAAxADA= -----END XCA TEMPLATE----- )PEM" }, { "SECP-521", R"PEM( -----BEGIN PRIVATE KEY----- MGACAQAwEAYHKoZIzj0CAQYFK4EEACMESTBHAgEBBEIAG4s3HibiIiwvvZkZdpDV v3Cv3VneNZ7Ukze0Hm1I8TH1Ij0SD+/d70BRQhcWRIzZr3HmtS0kD8qYfMo45C8R Sj0= -----END PRIVATE KEY----- )PEM" } }; xca-RELEASE.2.9.0/test/renewal.cpp000066400000000000000000000073721477156507700165300ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2024 Christian Hohnstaedt. * * All rights reserved. */ #include #include #include #include #include "widgets/MainWindow.h" #include "ui_MainWindow.h" #include "widgets/ImportMulti.h" #include "ui_ImportMulti.h" #include "widgets/CertExtend.h" #include "ui_CertExtend.h" #include "widgets/RevocationList.h" #include "ui_RevocationList.h" #include "ui_Revoke.h" #include "lib/pki_multi.h" #include "main.h" #define ZERO_SECS "yyyyMMddHHmm'00Z'" a1time not_after = a1time::now(3*356*24*60*60); void revoke_and_renew() { CertExtend *dlg = test_main::findWindow("CertExtend"); if (!dlg) return; dlg->replace->setCheckState(Qt::Checked); dlg->revoke->setCheckState(Qt::Checked); dlg->notAfter->setDate(not_after); dlg->buttonBox->button(QDialogButtonBox::Ok)->click(); Revocation *rev = test_main::findWindow("Revoke"); rev->buttonBox->button(QDialogButtonBox::Ok)->click(); } void renew() { CertExtend *dlg = test_main::findWindow("CertExtend"); if (!dlg) return; dlg->validNumber->setText("1"); dlg->validRange->setCurrentIndex(1); dlg->applyTime->click(); not_after = dlg->notAfter->getDate(); dlg->replace->setCheckState(Qt::Unchecked); dlg->revoke->setCheckState(Qt::Unchecked); dlg->buttonBox->button(QDialogButtonBox::Ok)->click(); } void renew_del_keep_serial() { CertExtend *dlg = test_main::findWindow("CertExtend"); if (!dlg) return; dlg->replace->setCheckState(Qt::Checked); dlg->revoke->setCheckState(Qt::Unchecked); dlg->noWellDefinedExpDate->setCheckState(Qt::Checked); dlg->keepSerial->setCheckState(Qt::Checked); dlg->buttonBox->button(QDialogButtonBox::Ok)->click(); } QList getcerts(const QString &name) { QList l; foreach(pki_x509 *pki, Store.getAll()) { if (pki->getIntName() == name) l << pki; } return l; } void test_main::revoke() { try { ign_openssl_error(); openDB(); dbstatus(); pki_multi *pem = new pki_multi(); pem->fromPEMbyteArray(pemdata["Inter CA 1"].toUtf8(), QString()); pem->fromPEMbyteArray(pemdata["Root CA"].toUtf8(), QString()); pem->fromPEMbyteArray(pemdata["Root CA Key"].toUtf8(), QString()); Database.insert(pem); dbstatus(); QThread *job; QList l; db_x509 *certs = Database.model(); pki_x509 *cert; a1int serial; // Revoke and renew cert = dynamic_cast(certs->getByName("Inter CA 1")); serial = cert->getSerial(); job = QThread::create(revoke_and_renew); job->start(); certs->certRenewal({ certs->index(cert) }); job->wait(); delete job; dbstatus(); l = getcerts("Inter CA 1"); QCOMPARE(1, l.size()); bool found = false; x509revList revs = dynamic_cast(certs->getByName("Root CA"))->getRevList(); for (x509rev r : revs) { if (r.getSerial() == serial) found = true; } QVERIFY2(found, "Revoked serial not found"); // renew job = QThread::create(renew); job->start(); certs->certRenewal({ certs->index(certs->getByName("Inter CA 1")) }); job->wait(); delete job; dbstatus(); l = getcerts("Inter CA 1"); QCOMPARE(2, l.size()); // Delete one of the certs if (l.size() > 0) certs->deletePKI(certs->index(l[0])); l = getcerts("Inter CA 1"); QCOMPARE(1, l.size()); // renew, keep serial cert = dynamic_cast(certs->getByName("Inter CA 1")); serial = cert->getSerial(); job = QThread::create(renew_del_keep_serial); job->start(); certs->certRenewal({ certs->index(certs->getByName("Inter CA 1")) }); job->wait(); delete job; dbstatus(); l = getcerts("Inter CA 1"); QCOMPARE(1, l.size()); not_after.setUndefined(); if (l.size() > 0) QCOMPARE(l[0]->getNotAfter().toPlain(), not_after.toPlain()); } catch (...) { QVERIFY2(false, "Exception thrown"); } } xca-RELEASE.2.9.0/test/validity.cpp000066400000000000000000000030301477156507700167030ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2023 Christian Hohnstaedt. * * All rights reserved. */ #include #include "widgets/MainWindow.h" #include "widgets/validity.h" #include "main.h" void test_main::testValidity() { try { Validity *start = new Validity(mainwin); Validity *end = new Validity(mainwin); QCOMPARE(start->displayFormat(), "yyyy-MM-dd hh:mm 'GMT'"); QCOMPARE(end->displayFormat(), "yyyy-MM-dd hh:mm 'GMT'"); end->setEndDate(true); start->hideTime(true); end->hideTime(true); QCOMPARE(start->displayFormat(), "yyyy-MM-dd 00:00 'GMT'"); QCOMPARE(end->displayFormat(), "yyyy-MM-dd 23:59 'GMT'"); start->setDate(a1time("20130921094317Z")); end->setDiff(start, 7, 0); QCOMPARE(start->getDate().toPlain(), "20130921000000Z"); QCOMPARE(end->getDate().toPlain(), "20130927235959Z"); start->hideTime(false); end->hideTime(false); QCOMPARE(start->getDate().toPlain(), "20130921094300Z"); QCOMPARE(end->getDate().toPlain(), "20130928094300Z"); start->hideTime(false); QCOMPARE(start->getDate().toPlain(), "20130921094300Z"); start->hideTime(true); end->hideTime(true); QCOMPARE(start->getDate().toPlain(), "20130921000000Z"); QCOMPARE(end->getDate().toPlain(), "20130927235959Z"); end->setDiff(start, 2, 1); QCOMPARE(end->getDate().toPlain(), "20131120235959Z"); end->hideTime(true); QCOMPARE(end->getDate().toPlain(), "20131120235959Z"); end->hideTime(false); QCOMPARE(end->getDate().toPlain(), "20131121094300Z"); } catch (...) { QVERIFY2(false, "Exception thrown"); } } xca-RELEASE.2.9.0/ui/000077500000000000000000000000001477156507700140145ustar00rootroot00000000000000xca-RELEASE.2.9.0/ui/.gitignore000066400000000000000000000000041477156507700157760ustar00rootroot00000000000000*.h xca-RELEASE.2.9.0/ui/CaProperties.ui000066400000000000000000000022071477156507700167540ustar00rootroot00000000000000 CaProperties 0 0 405 97 Form Days until next CRL issuing Default template itemComboTemp QComboBox
widgets/ItemCombo.h
 xca-RELEASE.2.9.0/ui/CertDetail.ui000066400000000000000000000374241477156507700164050ustar00rootroot00000000000000 CertDetail 0 0 712 502 Arial 14 50 false false false false Details of the Certificate Qt::Horizontal QSizePolicy::Expanding 20 20 95 40 95 40 true 0 Status Qt::Vertical QSizePolicy::Expanding 20 20 QFrame::Sunken Internal name The internal name of the certificate in the database Signature Key 0 0 Serial 0 0 The serial number of the certificate Fingerprints 0 0 MD5 0 0 An md5 hashsum of the certificate 0 0 SHA1 0 0 A SHA-1 hashsum of the certificate 0 0 SHA256 0 0 A SHA-256 hashsum of the certificate Validity 8 8 8 8 The time since the certificate is valid The time until the certificate is valid Qt::Vertical QSizePolicy::Expanding 20 20 Subject 11 11 11 11 Issuer 11 11 11 11 Attributes Extensions true Show config Validation Purposes Strict RFC 5280 validation Comment <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd"> <html><head><meta name="qrichtext" content="1" /><style type="text/css"> p, li { white-space: pre-wrap; } </style></head><body style=" font-family:'Ubuntu'; font-size:11pt; font-weight:400; font-style:normal;"> <p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; font-family:'Sans Serif'; font-size:9pt;"><br /></p></body></html> false QDialogButtonBox::Cancel|QDialogButtonBox::Ok ClickLabel QLabel
widgets/clicklabel.h
 DistName QWidget
widgets/distname.h
1 CopyLabel QLabel
widgets/clicklabel.h
 buttonBox accepted() CertDetail accept() 378 488 235 405 buttonBox rejected() CertDetail reject() 485 475 530 428 xca-RELEASE.2.9.0/ui/CertExtend.ui000066400000000000000000000236061477156507700164270ustar00rootroot00000000000000 CertExtend 0 0 411 416 Arial 14 50 false false false false Certificate renewal Qt::Horizontal QSizePolicy::Expanding 78 20 95 40 95 40 true This will create a new certificate as a copy of the old one with a new serial number and adjusted validity values. true Qt::Vertical QSizePolicy::Expanding 368 16 Validity 8 Not before Not after true true Time range Local time Days Months Years No well-defined expiration Midnight Apply Qt::Vertical 20 2 Revoke old certificate false Replace old certificate true Keep serial number Qt::Vertical QSizePolicy::Expanding 368 16 QDialogButtonBox::Cancel|QDialogButtonBox::Ok Validity QDateTimeEdit
widgets/validity.h
1 hideTimeCheck(int) localTime(int) validNumber validRange midnightCB applyTime midnightCB stateChanged(int) notAfter hideTimeCheck(int) 453 197 231 187 noWellDefinedExpDate clicked(bool) notAfter setDisabled(bool) 738 193 331 200 midnightCB stateChanged(int) notBefore hideTimeCheck(int) 453 197 239 157 buttonBox accepted() CertExtend accept() 124 253 28 255 buttonBox rejected() CertExtend reject() 217 257 74 220 midnightCB clicked(bool) checkBox setDisabled(bool) 421 182 544 197 checkBox stateChanged(int) notBefore localTime(int) 518 189 331 164 checkBox stateChanged(int) notAfter localTime(int) 505 190 331 200 xca-RELEASE.2.9.0/ui/CrlDetail.ui000066400000000000000000000301311477156507700162140ustar00rootroot00000000000000 CrlDetail 0 0 530 381 Arial 14 50 false false false false Details of the Revocation list Qt::Horizontal QSizePolicy::Expanding 20 20 95 40 95 40 true 0 &Status 8 8 8 8 Qt::Vertical QSizePolicy::Expanding 20 20 QFrame::Box QFrame::Sunken 8 8 8 8 0 0 Version 0 0 Signature Signed by Name The internal name of the CRL in the database issuing dates 8 8 8 8 Next update Last update Qt::Vertical QSizePolicy::Expanding 20 20 &Issuer 11 11 11 11 &Extensions 11 11 11 11 false true &Revocation list 11 11 11 11 true QAbstractItemView::NoSelection 1 Comment <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd"> <html><head><meta name="qrichtext" content="1" /><style type="text/css"> p, li { white-space: pre-wrap; } </style></head><body style=" font-family:'Cantarell'; font-size:11pt; font-weight:400; font-style:normal;"> <p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; font-family:'Sans Serif'; font-size:9pt;"><br /></p></body></html> false QDialogButtonBox::Cancel|QDialogButtonBox::Ok ClickLabel QLabel
widgets/clicklabel.h
 DistName QWidget
widgets/distname.h
1 CopyLabel QLabel
widgets/clicklabel.h
 buttonBox accepted() CrlDetail accept() 364 371 169 308 buttonBox rejected() CrlDetail reject() 387 353 529 345 xca-RELEASE.2.9.0/ui/ExportDialog.ui000066400000000000000000000142531477156507700167610ustar00rootroot00000000000000 ExportDialog 0 0 671 385 Arial 14 50 false false false false Qt::Horizontal QSizePolicy::Expanding 20 20 95 40 95 40 true Name The internal name of the CRL in the database 0 0 Filename 0 0 ... Export Format Each Item in a separate file Same encryption password for all items Export comment into PEM file 0 0 0 100 QFrame::Box QFrame::Sunken Qt::AlignLeading|Qt::AlignLeft|Qt::AlignTop true QDialogButtonBox::Cancel|QDialogButtonBox::Ok focusCombo QComboBox
widgets/FocusCombo.h
 fileBut buttonBox accepted() ExportDialog accept() 358 304 232 274 buttonBox rejected() ExportDialog reject() 463 300 130 280 xca-RELEASE.2.9.0/ui/Help.ui000066400000000000000000000065201477156507700152460ustar00rootroot00000000000000 Help 0 0 737 619 8 6 0 6 << true >> true Qt::Horizontal QSizePolicy::Expanding 20 20 &Done true true buttonOk clicked() Help hide() 668 26 520 19 forward clicked() textbox forward() 128 33 189 161 back clicked() textbox backward() 57 25 61 254 textbox backwardAvailable(bool) back setEnabled(bool) textbox forwardAvailable(bool) forward setEnabled(bool) xca-RELEASE.2.9.0/ui/ImportMulti.ui000066400000000000000000000117351477156507700166470ustar00rootroot00000000000000 ImportMulti 0 0 516 477 6 0 Arial 14 50 false false false false Import PKI Items Qt::Horizontal QSizePolicy::Expanding 20 20 95 40 95 40 true QFrame::Box QFrame::Sunken Import &All &Import &Done &Remove from list Details Delete from token Rename on token Qt::Vertical QSizePolicy::Expanding 204 21 0 0 QFrame::Box butCancel clicked() ImportMulti accept() 373 131 287 358 xca-RELEASE.2.9.0/ui/ItemProperties.ui000066400000000000000000000036451477156507700173360ustar00rootroot00000000000000 ItemProperties 0 0 400 295 Name Source Insertion date Comment false CopyLabel QLabel
widgets/clicklabel.h
 xca-RELEASE.2.9.0/ui/KeyDetail.ui000066400000000000000000000274201477156507700162330ustar00rootroot00000000000000 KeyDetail 0 0 572 403 Arial 14 50 false false false false Qt::Horizontal QSizePolicy::Expanding 20 20 0 0 95 40 95 40 true Name The internal name of the key used by xca 0 Key Public Exponent Qt::Horizontal QSizePolicy::MinimumExpanding 20 20 Keysize 0 0 0 0 Private Exponent 0 0 Key QFrame::NoFrame QFrame::Sunken Qt::ScrollBarAlwaysOff false Qt::TextSelectableByKeyboard|Qt::TextSelectableByMouse false Security Token Qt::Vertical 20 33 Label PKCS#11 ID Qt::Vertical 20 32 Token information Model Manufacturer Serial Label Fingerprint Comment false <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd"> <html><head><meta name="qrichtext" content="1" /><style type="text/css"> p, li { white-space: pre-wrap; } </style></head><body style=" font-family:'Ubuntu'; font-size:11pt; font-weight:400; font-style:normal;"> <p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; font-family:'Sans Serif'; font-size:9pt;"><br /></p></body></html> QDialogButtonBox::Cancel|QDialogButtonBox::Ok ClickLabel QLabel
widgets/clicklabel.h
 CopyLabel QLabel
widgets/clicklabel.h
 buttonBox accepted() KeyDetail accept() 485 405 258 379 buttonBox rejected() KeyDetail reject() 485 475 530 428 xca-RELEASE.2.9.0/ui/MainWindow.ui000066400000000000000000000624041477156507700164350ustar00rootroot00000000000000 MainWindow 0 0 702 511 true 2 Private Keys 0 0 QFrame::Box QFrame::Sunken &New Key &Export &Import Import PFX (PKCS#12) &Show Details &Delete Qt::Vertical QSizePolicy::Expanding 20 20 200 94 true Certificate signing requests 0 0 QFrame::Box QFrame::Sunken &New Request &Export &Import &Show Details &Delete Qt::Vertical QSizePolicy::Expanding 20 20 200 94 true Certificates QFrame::Box QFrame::Sunken &New Certificate &Export &Import &Show Details &Delete Import &PKCS#12 Import P&KCS#7 Plain View Qt::Vertical QSizePolicy::Expanding 20 20 200 94 true Templates QFrame::Box QFrame::Sunken &New Template Ch&ange Template &Delete &Import &Export Qt::Vertical QSizePolicy::Expanding 20 20 200 94 true Revocation lists QFrame::Box QFrame::Sunken &New CRL &Export &Import &Show Details &Delete Qt::Vertical QSizePolicy::Expanding 20 20 200 94 true KeyTreeView QTreeView
widgets/KeyTreeView.h
 TempTreeView QTreeView
widgets/TempTreeView.h
 ReqTreeView QTreeView
widgets/ReqTreeView.h
 CertTreeView QTreeView
widgets/CertTreeView.h
loadPKCS12() loadPKCS7() changeView() CrlTreeView QTreeView
widgets/CrlTreeView.h
 BNimportKey clicked() keyView load() 505 129 382 135 BNnewKey clicked() keyView newItem() 488 67 392 67 BNexportKey clicked() keyView exportItems() 526 99 393 99 BNdetailsKey clicked() keyView showItems() 473 200 405 200 BNdeleteKey clicked() keyView deleteItems() 470 229 404 230 BNnewReq clicked() reqView newItem() 496 57 371 58 BNexportReq clicked() reqView exportItems() 489 91 400 95 BNimportReq clicked() reqView load() 500 123 412 130 BNdetailsReq clicked() reqView showItems() 497 157 419 166 BNdeleteReq clicked() reqView deleteItems() 475 196 399 196 BNnewCert clicked() certView newItem() 478 63 398 63 BNexportCert clicked() certView exportItems() 499 97 401 99 BNimportCert clicked() certView load() 475 127 401 128 BNdetailsCert clicked() certView showItems() 486 162 395 165 BNdeleteCert clicked() certView deleteItems() 482 203 357 207 BNnewTemp clicked() tempView newItem() 513 60 363 62 BNchangeTemp clicked() tempView showItems() 481 94 415 97 BNdeleteTemp clicked() tempView deleteItems() 482 126 428 126 BNimportTemp clicked() tempView load() 487 165 407 165 BNexportTemp clicked() tempView exportItems() 488 201 428 201 BNexportCrl clicked() crlView exportItems() 472 70 381 70 BNimportCrl clicked() crlView load() 496 99 382 99 BNdetailsCrl clicked() crlView showItems() 477 131 391 131 BNdeleteCrl clicked() crlView deleteItems() 471 173 386 172 BNimportPKCS12 clicked() certView loadPKCS12() 504 239 420 234 BNimportPKCS7 clicked() certView loadPKCS7() 544 265 406 260 BNimportPFX clicked() certView loadPKCS12() 483 170 230 263 BNviewState clicked() certView changeView() 472 304 402 301 BNnewCrl clicked() crlView newItem() 568 62 235 264 xca-RELEASE.2.9.0/ui/NewCrl.ui000066400000000000000000000207141477156507700155510ustar00rootroot00000000000000 NewCrl 0 0 354 428 QLayout::SetMinAndMaxSize Last update true Next update true Days Months Years Midnight Local time Apply Qt::Vertical 20 1 Options Hash algorithm Subject alternative name Authority key identifier CRL number QLayout::SetDefaultConstraint true Revocation reasons true hashBox QComboBox
widgets/hashBox.h
 Validity QDateTimeEdit
widgets/validity.h
1 hideTimeCheck(int) localTime(int) setCrlNumber clicked(bool) crlNumber setEnabled(bool) 204 369 325 370 midnightCB stateChanged(int) nextUpdate hideTimeCheck(int) 81 182 195 93 midnightCB stateChanged(int) lastUpdate hideTimeCheck(int) 53 178 161 51 midnightCB clicked(bool) checkBox setDisabled(bool) 106 176 146 183 checkBox stateChanged(int) nextUpdate localTime(int) 164 182 170 88 checkBox stateChanged(int) lastUpdate localTime(int) 197 175 189 60 xca-RELEASE.2.9.0/ui/NewKey.ui000066400000000000000000000150071477156507700155600ustar00rootroot00000000000000 NewKey 0 0 449 320 6 0 Arial 14 50 false false false false New Key Qt::Horizontal QSizePolicy::Expanding 20 20 95 40 95 40 true Please give a name to the new key and select the desired keysize true Key properties Name 0 0 32767 32767 The internal name of the new key New Key 0 0 0 0 Curve name Keysize 0 0 Usually at least 2048 bit keys are recommended Keytype Remember as default Qt::Vertical QSizePolicy::Expanding 351 16 QDialogButtonBox::Cancel|QDialogButtonBox::Ok keyDesc keyType keyLength curveBox buttonBox accepted() NewKey accept() 303 274 173 248 buttonBox rejected() NewKey reject() 408 270 56 236 xca-RELEASE.2.9.0/ui/NewX509.ui000066400000000000000000001367751477156507700155150ustar00rootroot00000000000000 NewX509 0 0 747 640 Arial 14 50 false false false false Qt::Horizontal QSizePolicy::Expanding 20 20 95 40 95 40 true 0 Source Qt::Vertical QSizePolicy::Expanding 20 16 Signing request 0 0 0 0 Show request Sign this Certificate signing &request Copy extensions from the request true Modify subject of the request Qt::Vertical QSizePolicy::Expanding 20 16 Signing Create a &self signed certificate true Use &this Certificate for signing All certificates in your database that can create valid signatures Qt::Vertical 20 16 Signature algorithm Qt::Vertical QSizePolicy::Expanding 20 16 Template for the new certificate 0 0 All available templates Qt::Horizontal 13 20 Apply extensions Apply subject 0 0 Apply all Qt::Vertical QSizePolicy::Expanding 20 16 Subject Internal Name This name is only used internally and does not appear in the resulting certificate Distinguished name Distinguished name 200 true Add Delete Qt::Vertical 20 40 QFrame::Panel QFrame::Sunken Private key 0 0 This list only contains unused keys Used keys too &Generate a new key Extensions Type If this will become a CA certificate or not Not defined Certification Authority End Entity Path length How much CAs may be below this. The basic constraints should always be critical Critical Key identifier Key identifier 8 8 8 8 Creates a hash of the key following the PKIX guidelines &Subject Key Identifier Copy the Subject Key Identifier from the issuer &Authority Key Identifier Qt::Vertical 20 40 true 0 0 0 0 Validity Not before true Not after true Time range Days Months Years Local time No well-defined expiration 0 0 Apply Set the time to 00:00:00 and 23:59:59 respectively Midnight Qt::Vertical 20 40 OCSP Must Staple 20 20 20 20 DNS: IP: URI: email: RID: Edit 20 20 20 20 Edit DNS: IP: URI: email: RID: Edit DNS: IP: URI: email: RID: 20 20 20 20 DNS: IP: URI: email: RID: Edit 20 20 20 20 Edit 20 20 20 20 URI: Key usage 8 8 8 8 8 8 8 8 Critical QAbstractItemView::MultiSelection QAbstractItemView::SelectRows Digital Signature Non Repudiation Key Encipherment Data Encipherment Key Agreement Certificate Sign CRL Sign Encipher Only Decipher Only 8 8 8 8 Critical QAbstractItemView::MultiSelection QAbstractItemView::SelectRows Netscape QAbstractItemView::MultiSelection SSL Client SSL Server S/MIME Object Signing SSL CA S/MIME CA Object Signing CA Qt::Horizontal QSizePolicy::Expanding 20 20 107 107 true Qt::Vertical QSizePolicy::Expanding 20 20 If you know a more pretty one tell me Advanced Qt::Horizontal 40 20 Validate Qt::Horizontal 40 20 Comment QDialogButtonBox::Cancel|QDialogButtonBox::Ok hashBox QComboBox
widgets/hashBox.h
 Validity QDateTimeEdit
widgets/validity.h
1 hideTimeCheck(int) localTime(int) kvView QTableView
widgets/kvView.h
addKvRow() deleteCurrentRow() DoubleClickLabel QLabel
widgets/clicklabel.h
 itemComboReq QComboBox
widgets/ItemCombo.h
 itemComboKey QComboBox
widgets/ItemCombo.h
 itemComboCert QComboBox
widgets/ItemCombo.h
 itemComboTemp QComboBox
widgets/ItemCombo.h
 fromReqCB reqList copyReqExtCB showReqBut reqSubChange selfSignRB foreignSignRB certList hashAlgo tempList applyExtensions applySubject applyTemplate extDNlist extDNadd extDNdel keyList usedKeysToo genKeyBut basicCA basicPath bcCritical subKey authKey notBefore notAfter validN validMidn checkBox noWellDefinedExpDate validRange applyTime subAltName editSubAlt issAltName editIssAlt crlDist editCrlDist authInfAcc editAuthInfAcc kuCritical keyUsage ekuCritical ekeyUsage nsCertType nsBaseUrl nsRevocationUrl nsCARevocationUrl nsRenewalUrl nsCaPolicyUrl nsSslServerName nsComment nconf_data adv_validate buttonBox tabWidget noWellDefinedExpDate clicked(bool) notAfter setDisabled(bool) 595 341 203 342 fromReqCB clicked(bool) reqList setEnabled(bool) 292 147 402 147 extDNdel clicked() extDNlist deleteCurrentRow() 713 199 57 251 extDNadd clicked() extDNlist addKvRow() 713 167 57 251 foreignSignRB toggled(bool) certList setEnabled(bool) 279 344 388 332 validMidn stateChanged(int) notBefore hideTimeCheck(int) 384 341 203 311 validMidn stateChanged(int) notAfter hideTimeCheck(int) 384 341 203 342 buttonBox accepted() NewX509 accept() 566 627 285 570 buttonBox rejected() NewX509 reject() 652 627 405 566 checkBox stateChanged(int) notAfter localTime(int) 451 329 290 328 checkBox stateChanged(int) notBefore localTime(int) 459 337 268 301 validMidn clicked(bool) checkBox setDisabled(bool) 431 348 447 337 selfSignRB toggled(bool) authKey setDisabled(bool) 372 319 625 172 xca-RELEASE.2.9.0/ui/OidResolver.ui000066400000000000000000000127221477156507700166140ustar00rootroot00000000000000 OidResolver 0 0 404 241 Arial 14 50 false false false false OID Resolver Qt::AlignCenter Enter the OID, the Nid, or one of the textual representations Search Qt::Horizontal QFormLayout::AllNonFixedFieldsGrow Qt::AlignLeading|Qt::AlignLeft|Qt::AlignVCenter OID 0 0 0 18 0 0 0 18 Long name 0 0 0 18 OpenSSL internal ID Nid 0 0 0 18 OpenSSL internal ID Short name CopyLabel QLabel
widgets/clicklabel.h
 input textChanged(QString) OidResolver searchOid(QString) 207 103 144 47 searchOid(QString) xca-RELEASE.2.9.0/ui/OpenDb.ui000066400000000000000000000127551477156507700155340ustar00rootroot00000000000000 OpenDb 0 0 441 292 6 0 Arial 14 50 false false false false Open remote database Qt::Horizontal QSizePolicy::Expanding 20 20 95 40 95 40 true Qt::Vertical 20 20 Database type Hostname Username Password QLineEdit::Password Database name Table prefix Qt::Vertical 20 21 Qt::Horizontal Qt::Horizontal QDialogButtonBox::Cancel|QDialogButtonBox::Ok buttonBox accepted() Dialog accept() 248 254 157 274 buttonBox rejected() Dialog reject() 316 260 286 274 xca-RELEASE.2.9.0/ui/Options.ui000066400000000000000000000360031477156507700160100ustar00rootroot00000000000000 Options 0 0 635 500 Arial 14 50 false false false false XCA Options Qt::AlignCenter 0 Settings Default hash algorithm PKCS12 encryption algorithm String types Suppress success messages Disable legacy Netscape extensions Translate established x509 terms (%1 -> %2) The hashing functionality of the token is not used by XCA. It may however honor a restricted hash-set propagated by the token. Especially EC and DSA are only defined with SHA1 in the PKCS#11 specification. Only use hashes supported by the token when signing with a token key Don't colorize expired certificates QLayout::SetDefaultConstraint 0 0 Certificate expiry warning threshold Send vCalendar expiry reminder Serial number length bit 8 256 8 64 Qt::Vertical 20 241 Distinguished name Mandatory subject entries Add Delete Qt::Vertical 20 40 Explicit subject entries QAbstractItemView::InternalMove Dynamically arrange explicit subject entries Add Delete Default Qt::Vertical 20 18 PKCS#11 provider true true false QAbstractItemView::InternalMove QAbstractItemView::SelectRows QListView::Snap QListView::Adjust true 0 0 Add 0 0 Remove Search Qt::Vertical 77 17 Qt::Horizontal QDialogButtonBox::Cancel|QDialogButtonBox::Ok focusCombo QComboBox
widgets/FocusCombo.h
 hashBox QComboBox
widgets/hashBox.h
 pkcs12EncBox QComboBox
widgets/pkcs12EncBox.h
 hashAlgo buttonBox accepted() Options accept() 376 495 109 380 buttonBox rejected() Options reject() 453 495 194 374 noColorize toggled(bool) cert_expiry_num setDisabled(bool) 139 241 333 267 noColorize toggled(bool) cert_expiry_unit setDisabled(bool) 448 242 529 266 xca-RELEASE.2.9.0/ui/PwDialog.ui000066400000000000000000000101721477156507700160620ustar00rootroot00000000000000 PwDialog 0 0 400 264 6 0 Arial 14 50 false false false false Qt::Horizontal QSizePolicy::Expanding 20 20 95 40 95 40 true QFrame::NoFrame QFrame::Box QFrame::Sunken QLineEdit::Password QLineEdit::Password The password is parsed as 2-digit hex code. It must have an even number of digits (0-9 and a-f) Take as HEX string Qt::Horizontal QDialogButtonBox::Cancel|QDialogButtonBox::Ok buttonBox clicked(QAbstractButton*) PwDialog buttonPress(QAbstractButton*) 63 221 102 21 buttonPress(QAbstractButton*) xca-RELEASE.2.9.0/ui/RevocationList.ui000066400000000000000000000103541477156507700173230ustar00rootroot00000000000000 RevocationList 0 0 628 320 Arial 14 50 false false false false Manage revocations Qt::Horizontal QSizePolicy::Expanding 20 20 95 40 95 40 true true QAbstractItemView::MultiSelection QAbstractItemView::SelectRows 1 Add Delete Edit Qt::Vertical 20 40 QDialogButtonBox::Cancel|QDialogButtonBox::Ok buttonBox accepted() RevocationList accept() 341 291 292 254 buttonBox rejected() RevocationList reject() 445 292 445 237 xca-RELEASE.2.9.0/ui/Revoke.ui000066400000000000000000000117601477156507700156130ustar00rootroot00000000000000 Revoke 0 0 417 282 Arial 14 50 false false false false Certificate revocation Qt::Horizontal QSizePolicy::Expanding 78 20 95 40 95 40 true Qt::Vertical 20 10 Revocation details Revocation reason true Local time Invalid since Serial Qt::Horizontal QDialogButtonBox::Cancel|QDialogButtonBox::Ok Validity QDateTimeEdit
widgets/validity.h
1 hideTimeCheck(int) localTime(int) buttonBox accepted() Revoke accept() 242 277 157 164 checkBox stateChanged(int) invalid localTime(int) 398 194 389 167 buttonBox rejected() Revoke reject() 97 268 109 59 xca-RELEASE.2.9.0/ui/SearchPkcs11.ui000066400000000000000000000077371477156507700165610ustar00rootroot00000000000000 SearchPkcs11 0 0 480 378 0 0 QFrame::Box QFrame::Sunken 0 0 Directory 0 0 ... Include subdirectories Search Qt::PlainText false QAbstractItemView::NoEditTriggers false Qt::Horizontal QDialogButtonBox::Cancel|QDialogButtonBox::Ok|QDialogButtonBox::Open buttonBox clicked(QAbstractButton*) SearchPkcs11 buttonPress(QAbstractButton*) 229 362 368 104 liblist itemDoubleClicked(QListWidgetItem*) SearchPkcs11 loadItem(QListWidgetItem*) 339 279 368 225 buttonPress(QAbstractButton*) loadItem(QListWidgetItem*) xca-RELEASE.2.9.0/ui/SelectToken.ui000066400000000000000000000070671477156507700166050ustar00rootroot00000000000000 SelectToken 0 0 369 162 6 0 Arial 14 50 false false false false Security token Qt::Horizontal QSizePolicy::Expanding 20 20 95 40 95 40 true Please select the security token Qt::AlignCenter Qt::Vertical QSizePolicy::Expanding 351 16 QDialogButtonBox::Cancel|QDialogButtonBox::Ok buttonBox accepted() SelectToken accept() 222 138 90 114 buttonBox rejected() SelectToken reject() 331 129 144 103 xca-RELEASE.2.9.0/ui/TimeInput.ui000066400000000000000000000134741477156507700163020ustar00rootroot00000000000000 Form 0 0 491 224 QLayout::SetMinAndMaxSize last update true next update true Days Months Years Apply Midnight Local time No well-defined expiration Validity QDateTimeEdit
widgets/validity.h
1 hideTimeCheck(int) localTime(int) midnightCB clicked(bool) checkBox setDisabled(bool) 128 189 256 189 checkBox stateChanged(int) nextUpdate localTime(int) 187 187 360 100 checkBox stateChanged(int) lastUpdate localTime(int) 256 189 360 64 midnightCB stateChanged(int) lastUpdate hideTimeCheck(int) 131 189 360 64 midnightCB stateChanged(int) nextUpdate hideTimeCheck(int) 146 189 360 100 applyTime clicked() Form applyTimeRange() 310 195 297 228 applyTimeRange() xca-RELEASE.2.9.0/ui/XcaDialog.ui000066400000000000000000000112301477156507700162030ustar00rootroot00000000000000 XcaDialog 0 0 435 177 QLayout::SetMinimumSize 0 0 95 40 16777215 40 Arial 14 50 false false false false true Qt::Horizontal QSizePolicy::Expanding 20 20 0 0 95 40 95 40 true Qt::Vertical 20 40 Qt::Vertical 20 1 0 0 QDialogButtonBox::Cancel|QDialogButtonBox::Ok buttonBox accepted() XcaDialog accept() 286 264 83 245 buttonBox rejected() XcaDialog reject() 386 260 430 85 xca-RELEASE.2.9.0/ui/v3ext.ui000066400000000000000000000107341477156507700154310ustar00rootroot00000000000000 v3ext 0 0 473 233 Critical Copy Common Name QFrame::Panel QFrame::Sunken Add Delete Qt::Vertical 20 40 Apply Validate Qt::Horizontal QSizePolicy::Expanding 20 20 0 0 Cancel kvView QTableView
widgets/kvView.h
addKvRow() deleteCurrentRow() cancel clicked() v3ext reject() 375 221 227 150 delEntry clicked() tab deleteCurrentRow() 323 51 222 52 addEntry clicked() tab addKvRow() 307 31 270 30 xca-RELEASE.2.9.0/widgets/000077500000000000000000000000001477156507700150455ustar00rootroot00000000000000xca-RELEASE.2.9.0/widgets/CMakeLists.txt000066400000000000000000000024001477156507700176010ustar00rootroot00000000000000list(APPEND xca_sources CertDetail.cpp NewCrl.cpp XcaApplication.h CertDetail.h NewCrl.h XcaDialog.cpp CertExtend.cpp NewKey.cpp XcaDialog.h CertExtend.h NewKey.h XcaHeaderView.cpp CertTreeView.cpp NewX509.cpp XcaHeaderView.h CertTreeView.h NewX509.h CrlDetail.cpp NewX509_ext.cpp XcaProxyModel.cpp CrlDetail.h OidResolver.cpp XcaProxyModel.h CrlTreeView.cpp OidResolver.h XcaTreeView.cpp CrlTreeView.h OpenDb.cpp XcaTreeView.h ExportDialog.cpp OpenDb.h XcaWarning.cpp ExportDialog.h Options.cpp XcaWarning.h FocusCombo.h Options.h clicklabel.cpp Help.cpp PwDialog.cpp clicklabel.h Help.h PwDialog.h ImportMulti.cpp ReqTreeView.cpp ImportMulti.h ReqTreeView.h distname.cpp ItemCombo.h RevocationList.cpp distname.h KeyDetail.cpp RevocationList.h hashBox.cpp KeyDetail.h SearchPkcs11.cpp hashBox.h KeyTreeView.cpp SearchPkcs11.h kvView.cpp KeyTreeView.h TempTreeView.cpp kvView.h MW_help.cpp TempTreeView.h v3ext.cpp MW_menu.cpp X509SuperTreeView.cpp v3ext.h MainWindow.cpp X509SuperTreeView.h validity.cpp MainWindow.h XcaApplication.cpp validity.h pkcs12EncBox.h XcaDetail.h pkcs12EncBox.cpp XcaDetail.cpp ) list(TRANSFORM xca_sources PREPEND ${PROJECT_SOURCE_DIR}/widgets/) target_sources(xcalib PRIVATE ${xca_sources}) xca-RELEASE.2.9.0/widgets/CertDetail.cpp000066400000000000000000000203071477156507700175730ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "CertDetail.h" #include "KeyDetail.h" #include "MainWindow.h" #include "distname.h" #include "clicklabel.h" #include "Help.h" #include "OidResolver.h" #include "lib/func_base.h" #include "lib/func.h" #include "lib/XcaWarningCore.h" #include #include #include #include CertDetail::CertDetail(QWidget *w) : XcaDetail(w) { setupUi(this); tabwidget->setCurrentIndex(0); } void CertDetail::on_showExt_clicked() { if (showConf) { showConf = false; v3extensions->document()->setHtml(exts); showExt->setText(tr("Show config")); } else { showConf = true; v3extensions->document()->setPlainText(conf); showExt->setText(tr("Show extensions")); } } int CertDetail::tabIndexByName(const QString &tabname) const { for (int i=0; icount(); i++) { if (tabwidget->widget(i)->objectName() == tabname) return i; } return -1; } void CertDetail::setX509super(pki_x509super *x) { description->setText(x->getIntName()); thisSqlId = x->getSqlItemId(); connect_pki(x); // examine the key myPubKey = x->getRefKey(); if (myPubKey) { privKey->setText(myPubKey->getIntName()); privKey->setClickText(myPubKey->getSqlItemId().toString()); if (myPubKey->isPrivKey()) { privKey->setGreen(); } else { privKey->setRed(); } } else { tmpPubKey = myPubKey = x->getPubKey(); privKey->setText(tr("Show public key")); privKey->setRed(); myPubKey->setIntName(x->getIntName()); myPubKey->setComment(tr("This key is not in the database.")); } if (!myPubKey) { privKey->setText(tr("Not available")); privKey->setDisabled(true); privKey->disableToolTip(); } else { keySqlId = myPubKey->getSqlItemId(); } connect(privKey, SIGNAL(doubleClicked(QString)), this, SLOT(showPubKey())); // details of the subject subject->setX509name(x->getSubject()); // V3 extensions extList el = x->getV3ext(); if (el.count() == 0) { tabwidget->removeTab(tabIndexByName("extensionsTab")); tabwidget->removeTab(tabIndexByName("validationTab")); } else { exts = el.getHtml("
"); el.genGenericConf(&conf); v3extensions->document()->setHtml(exts); } // Algorithm sigAlgo->setText(x->getSigAlg()); connect(sigAlgo, SIGNAL(doubleClicked(QString)), MainWindow::getResolver(), SLOT(searchOid(QString))); // Comment comment->setPlainText(x->getComment()); setCert(dynamic_cast(x)); setReq(dynamic_cast(x)); } void CertDetail::setCert(pki_x509 *cert) { if (!cert) return; QList errors; init("certdetail", ":certImg"); errors = cert->ossl_verify(); QString html; for (int err : errors) { html += QString("
  • %1:
    %2
    • \n") .arg(get_ossl_verify_error(err)) .arg(X509_verify_cert_error_string(err)); } if (html.isEmpty()) html = tr("No verification errors found."); else html = "
      \n" + html + "
    \n"; validation->setHtml(html); QList purposes = cert->purposes(); for (X509_PURPOSE *purp : purposes) { QString purpname = X509_PURPOSE_get0_name(purp); int id = X509_PURPOSE_get_id(purp); qDebug() << "Purpose: " << purpname << " (" << id << ")"; purposeList->addItem(QString("%1 (%2)").arg(purpname).arg(id)); } headerLabel->setText(tr("Details of the Certificate")); try { // No attributes tabwidget->removeTab(tabIndexByName("attributesTab")); if (cert->isCA()) { tabwidget->removeTab(tabIndexByName("validationTab")); } else { if (errors.size() > 0) tabwidget->tabBar()->setTabTextColor(tabIndexByName("validationTab"),Qt::red); } // examine the signature if (cert->getSigner() == NULL) { signature->setText(tr("Signer unknown")); signature->setDisabled(true); signature->disableToolTip(); } else if (cert == cert->getSigner()) { signature->setText(tr("Self signed")); signature->setGreen(); signature->disableToolTip(); } else { pki_x509 *issuer = cert->getSigner(); signature->setText(issuer->getIntName()); signature->setClickText(issuer->getSqlItemId().toString()); signature->setGreen(); issuerSqlId = issuer->getSqlItemId(); connect(signature, SIGNAL(doubleClicked(QString)), this, SLOT(showIssuer())); } // the serial serialNr->setText(cert->getSerial()); // details of the issuer issuer->setX509name(cert->getIssuerName()); // The dates notBefore->setText(cert->getNotBefore().toPretty()); notBefore->setToolTip(cert->getNotBefore().toPrettyGMT()); notAfter->setText(cert->getNotAfter().toPretty()); notAfter->setToolTip(cert->getNotAfter().toPrettyGMT()); // validation of the Date dateValid->disableToolTip(); if (cert->isRevoked()) { x509rev rev = cert->getRevocation(); dateValid->setText(tr("Revoked at %1") .arg(rev.getDate().toPretty())); dateValid->setRed(); dateValid->setToolTip(rev.getDate().toPrettyGMT()); } else if (!cert->checkDate()) { dateValid->setText(tr("Not valid")); dateValid->setRed(); } else { dateValid->setGreen(); dateValid->setText(tr("Valid")); } // the fingerprints fpMD5->setText(cert->fingerprint(EVP_md5())); fpSHA1->setText(cert->fingerprint(EVP_sha1())); QString fp = cert->fingerprint(EVP_sha256()); int x = fp.size() / 2; fp = fp.mid(0,x) + "\n" + fp.mid(x+1, -1); fpSHA256->setText(fp); openssl_error(); } catch (errorEx &err) { XCA_WARN(err.getString()); } } void CertDetail::setReq(pki_x509req *req) { if (!req) return; init("csrdetail", ":csrImg"); headerLabel->setText(tr("Details of the certificate signing request")); try { // No issuer tabwidget->removeTab(tabIndexByName("issuerTab")); tabwidget->removeTab(tabIndexByName("validationTab")); // verification if (!req->verify() ) { signature->setRed(); signature->setText("Failed"); } else { signature->setGreen(); signature->setText("PKCS#10"); } signature->disableToolTip(); fingerprints->hide(); validity->hide(); serialLabel->hide(); serialNr->hide(); // The non extension attributes int cnt = X509_REQ_get_attr_count(req->getReq()); int added = 0; QGridLayout *attrLayout = new QGridLayout(attributes); attrLayout->setAlignment(Qt::AlignTop); attrLayout->setSpacing(6); attrLayout->setContentsMargins(11, 11, 11, 11); for (int i = 0, ii = 0; igetReq(), i); nid = OBJ_obj2nid(X509_ATTRIBUTE_get0_object(att)); if (X509_REQ_extension_nid(nid)) { continue; } label = new QLabel(this); trans = dn_translations[nid]; if (Settings["translate_dn"] && !trans.isEmpty()) { label->setText(trans); label->setToolTip(QString(OBJ_nid2sn(nid))); } else { label->setText(QString(OBJ_nid2ln(nid))); label->setToolTip(trans); } label->setText(QString(OBJ_nid2ln(nid))); label->setToolTip(QString(OBJ_nid2sn(nid))); attrLayout->addWidget(label, ii, 0); added++; int count = X509_ATTRIBUTE_count(att); for (int j=0; jvalue.asn1_string); attrLayout->addWidget(label, ii, j +1); } ii++; } if (!added) { tabwidget->removeTab(tabIndexByName("attributesTab")); } openssl_error(); } catch (errorEx &err) { XCA_WARN(err.getString()); } } QLabel *CertDetail::labelFromAsn1String(ASN1_STRING *s) { QLabel *label; label = new CopyLabel(this); label->setText(asn1ToQString(s)); label->setToolTip(QString(ASN1_tag2str(s->type))); return label; } void CertDetail::itemChanged(pki_base *pki) { QVariant pkiSqlId = pki->getSqlItemId(); if (pkiSqlId == keySqlId) privKey->setText(pki->getIntName()); if (pkiSqlId == issuerSqlId) signature->setText(pki->getIntName()); if (pkiSqlId == thisSqlId) description->setText(pki->getIntName()); } void CertDetail::showPubKey() { KeyDetail::showKey(this, myPubKey, keySqlId.isValid()); } void CertDetail::showIssuer() { showCert(this, Store.lookupPki(issuerSqlId)); } void CertDetail::showCert(QWidget *parent, pki_x509super *x) { if (!x) return; CertDetail *dlg = new CertDetail(parent); dlg->setX509super(x); dlg->exec(); delete dlg; } CertDetail::~CertDetail() { delete tmpPubKey; } xca-RELEASE.2.9.0/widgets/CertDetail.h000066400000000000000000000016761477156507700172500ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __CERTDETAIL_H #define __CERTDETAIL_H #include "ui_CertDetail.h" #include "lib/pki_x509req.h" #include "lib/pki_x509.h" #include "XcaDetail.h" class pki_x509; class CertDetail: public XcaDetail, public Ui::CertDetail { Q_OBJECT bool showConf{ false }; QVariant keySqlId{}, issuerSqlId{}, thisSqlId{}; QString conf{}, exts{}; QLabel *labelFromAsn1String(ASN1_STRING *s); pki_key *myPubKey{}, *tmpPubKey{}; void setCert(pki_x509 *cert); void setReq(pki_x509req *req); int tabIndexByName(const QString &tabname) const; public: CertDetail(QWidget *w = nullptr); ~CertDetail(); void setX509super(pki_x509super *x); static void showCert(QWidget *parent, pki_x509super *x); private slots: void on_showExt_clicked(); void itemChanged(pki_base *pki) override; void showPubKey(); void showIssuer(); }; #endif xca-RELEASE.2.9.0/widgets/CertExtend.cpp000066400000000000000000000052151477156507700176210ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "CertExtend.h" #include "lib/base.h" #include "lib/func.h" #include "widgets/validity.h" #include "widgets/XcaWarning.h" #include #include #include #include #include CertExtend::CertExtend(QWidget *parent, pki_x509 *s) :QDialog(parent) { setupUi(this); setWindowTitle(XCA_TITLE); image->setPixmap(QPixmap(":certImg")); validNumber->setText("1"); validRange->setCurrentIndex(2); on_applyTime_clicked(); signer = s; notAfter->setEndDate(true); } void CertExtend::on_applyTime_clicked() { notAfter->setDiff(notBefore, validNumber->text().toInt(), validRange->currentIndex()); } void CertExtend::on_keepSerial_toggled(bool checked) { if (checked) { old_revoke = revoke->isChecked(); revoke->setEnabled(false); revoke->setChecked(false); old_replace = replace->isChecked(); replace->setEnabled(false); replace->setChecked(true); } else { revoke->setEnabled(true); revoke->setChecked(old_revoke); replace->setEnabled(true); replace->setChecked(old_replace); } } void CertExtend::accept() { if (signer && notBefore->getDate() < signer->getNotBefore()) { QString text = tr("The certificate will be earlier valid than the signer. This is probably not what you want."); xcaWarningBox msg(this, text); msg.addButton(QMessageBox::Ok, tr("Edit dates")); msg.addButton(QMessageBox::Close, tr("Abort rollout")); msg.addButton(QMessageBox::Apply, tr("Continue rollout")); msg.addButton(QMessageBox::Yes, tr("Adjust date and continue")); switch (msg.exec()) { case QMessageBox::Ok: case QMessageBox::Cancel: return; case QMessageBox::Close: reject(); return; case QMessageBox::Apply: break; case QMessageBox::Yes: notBefore->setDate(signer->getNotBefore()); } } if (signer && notAfter->getDate() > signer->getNotAfter() && !noWellDefinedExpDate->isChecked()) { QString text = tr("The certificate will be longer valid than the signer. This is probably not what you want."); xcaWarningBox msg(this, text); msg.addButton(QMessageBox::Ok, tr("Edit dates")); msg.addButton(QMessageBox::Close, tr("Abort rollout")); msg.addButton(QMessageBox::Apply, tr("Continue rollout")); msg.addButton(QMessageBox::Yes, tr("Adjust date and continue")); switch (msg.exec()) { case QMessageBox::Ok: case QMessageBox::Cancel: return; case QMessageBox::Close: reject(); return; case QMessageBox::Apply: break; case QMessageBox::Yes: notAfter->setDate(signer->getNotAfter()); } } QDialog::accept(); } xca-RELEASE.2.9.0/widgets/CertExtend.h000066400000000000000000000010111477156507700172540ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __CERTEXTEND_H #define __CERTEXTEND_H #include "ui_CertExtend.h" #include "lib/pki_x509.h" class pki_key; class CertExtend: public QDialog, public Ui::CertExtend { Q_OBJECT pki_x509 *signer{}; bool old_replace{}; bool old_revoke{}; public: CertExtend(QWidget *parent, pki_x509 *s); public slots: void on_applyTime_clicked(); void on_keepSerial_toggled(bool); void accept(); }; #endif xca-RELEASE.2.9.0/widgets/CertTreeView.cpp000066400000000000000000000150771477156507700201330ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2015 Christian Hohnstaedt. * * All rights reserved. */ #include "ui_CaProperties.h" #include "CertTreeView.h" #include "XcaWarning.h" #include "XcaDialog.h" #include "MainWindow.h" #include "RevocationList.h" #include "ExportDialog.h" #include "NewCrl.h" #include "lib/database_model.h" #include "lib/db_crl.h" #include "lib/load_obj.h" #include #include #include #include void CertTreeView::fillContextMenu(QMenu *menu, QMenu *subExport, const QModelIndex &index, QModelIndexList indexes) { QMenu *subCa; bool parentCanSign, multi, hasScard, sameParent, allRevoked, allUnrevoked; X509SuperTreeView::fillContextMenu(menu, subExport, index, indexes); QAction *a = menu->addAction(tr("Hide unusable certificates")); a->setCheckable(true); a->setChecked(Settings["hide_unusable"]); connect(a, SIGNAL(triggered(bool)), this, SLOT(toggleHideExpired(bool))); menu->addAction(tr("Import PKCS#12"), this, SLOT(loadPKCS12())); menu->addAction(tr("Import from PKCS#7"), this, SLOT(loadPKCS7())); pki_x509 *cert = db_base::fromIndex(index); if (indexes.size() == 0 || !cert) return; pki_key *privkey = cert->getRefKey(); pki_x509 *parent = cert->getSigner(); parentCanSign = parent && parent->canSign() && (parent != cert); hasScard = pkcs11::libraries.loaded(); multi = indexes.size() > 1; allUnrevoked = allRevoked = sameParent = true; foreach(QModelIndex i, indexes) { pki_x509 *c = db_base::fromIndex(i); if (!c) continue; if (c->getSigner() != parent) sameParent = false; if (c->isRevoked()) allUnrevoked = false; else allRevoked = false; } if (!multi) { transform->addAction(tr("Request"), this, SLOT(toRequest()))-> setEnabled(privkey && privkey->isPrivKey()); subExport->addAction(tr("Security token"), this, SLOT(toToken()))->setEnabled(hasScard); subExport->addAction(tr("Other token"), this, SLOT(toOtherToken()))->setEnabled( hasScard && privkey && privkey->isToken()); transform->addAction(tr("Similar Certificate"), this, SLOT(toCertificate())); menu->addAction(tr("Delete from Security token"), this, SLOT(deleteFromToken()))->setEnabled(hasScard); subCa = menu->addMenu(tr("CA")); subCa->addAction(tr("Properties"), this, SLOT(caProperties())); subCa->addAction(tr("Generate CRL"), this, SLOT(genCrl())); subCa->addAction(tr("Manage revocations"), this, SLOT(manageRevocations())); subCa->setEnabled(cert->canSign()); menu->addAction(tr("Import OpenVPN tls-auth key"), this, SLOT(loadTaKey()))->setEnabled(cert->isCA()); } if (parent == cert && parent->canSign()) menu->addAction(tr("Renewal"), this, SLOT(certRenewal())); if (sameParent && parentCanSign) { QString n = multi ? QString(" [%1]").arg(indexes.size()) : ""; menu->addAction(tr("Renewal") +n, this, SLOT(certRenewal())); if (allUnrevoked) menu->addAction(tr("Revoke") +n, this, SLOT(revoke())); if (allRevoked) menu->addAction(tr("Unrevoke") +n, this, SLOT(unRevoke())); } } void CertTreeView::toRequest() { if (basemodel) certs()->toRequest(currentIndex()); } void CertTreeView::toToken() { if (basemodel) certs()->toToken(currentIndex(), false); } void CertTreeView::toOtherToken() { if (basemodel) certs()->toToken(currentIndex(), true); } void CertTreeView::loadPKCS12() { load_pkcs12 l; load_default(&l); } void CertTreeView::loadPKCS7() { load_pkcs7 l; load_default(&l); } void CertTreeView::loadTaKey() { pki_x509 *ca = db_base::fromIndex(currentIndex()); if (!ca || !ca->isCA()) return; load_takey l; QString fname = QFileDialog::getOpenFileName(this, l.caption, getHomeDir(), l.filter); if (fname.isEmpty()) return; XFile f(fname); f.open_read(); ca->importTaKey(f.read(4096)); } void CertTreeView::genCrl() { pki_x509 *ca = db_base::fromIndex(currentIndex()); NewCrl::newCrl(this, ca); } void CertTreeView::toCertificate() { if (basemodel) certs()->toCertificate(currentIndex()); } void CertTreeView::deleteFromToken() { pki_x509 *cert = db_base::fromIndex(currentIndex()); try { cert->deleteFromToken(); } catch (errorEx &err) { XCA_ERROR(err); } } void CertTreeView::changeView() { if (!basemodel) return; XcaTreeView::changeView(); mainwin->BNviewState->setText(basemodel->treeViewMode() ? tr("Plain View") : tr("Tree View")); } void CertTreeView::manageRevocations() { pki_x509 *cert = db_base::fromIndex(currentIndex()); if (!cert) return; RevocationList *dlg = new RevocationList(); dlg->setRevList(cert->getRevList(), cert); if (dlg->exec()) { cert->setRevocations(dlg->getRevList()); columnsChanged(); } } void CertTreeView::caProperties() { Ui::CaProperties ui; XcaDialog *dlg; QWidget *w; pki_x509 *cert = db_base::fromIndex(currentIndex()); if (!cert || !basemodel) return; w = new QWidget(); ui.setupUi(w); ui.days->setSuffix(QString(" ") + tr("days")); ui.days->setMaximum(1000000); ui.days->setValue(cert->getCrlDays()); QVariant tmplId = cert->getTemplateSqlId(); pki_temp *templ = Store.lookupPki(tmplId); ui.temp->insertPkiItems(Store.getAll()); ui.temp->setNullItem(tr("No template")); ui.temp->setCurrentIndex(0); if (templ) ui.temp->setCurrentPkiItem(templ); dlg = new XcaDialog(this, x509, w, tr("CA Properties"), cert->getIntName(), "ca_properties"); if (dlg->exec()) { templ = ui.temp->currentPkiItem(); tmplId = templ ? templ->getSqlItemId() : QVariant(); cert->setTemplateSqlId(tmplId); cert->setCrlDays(ui.days->value()); certs()->updateCaProperties(cert); columnsChanged(); } delete dlg; } void CertTreeView::certRenewal() { if (basemodel) certs()->certRenewal(getSelectedIndexes()); } void CertTreeView::revoke() { if (basemodel) certs()->revoke(getSelectedIndexes()); } void CertTreeView::unRevoke() { if (basemodel) certs()->unRevoke(getSelectedIndexes()); } void CertTreeView::load() { load_cert c; load_default(&c); } ExportDialog *CertTreeView::exportDialog(const QModelIndexList &indexes) { return new ExportDialog(this, tr("Certificate export"), tr("X509 Certificates ( *.pem *.cer *.crt *.p12 *.pfx *.p7b )") + ";;"+ tr("vCalendar entry ( *.ics )") + ";;" + tr("OpenVPN file ( *.ovpn )") + ";;" + tr("OpenVPN tls-auth key ( *.key )"), indexes, QPixmap(":certImg"), pki_export::select(x509, basemodel->exportFlags(indexes)), "certexport"); } void CertTreeView::toggleHideExpired(bool hide) { qDebug() << "Hide expired certificates" << hide; Settings["hide_unusable"] = hide; columnsChanged(); }xca-RELEASE.2.9.0/widgets/CertTreeView.h000066400000000000000000000020041477156507700175620ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2015 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __CERTTREEVIEW_H #define __CERTTREEVIEW_H #include "X509SuperTreeView.h" #include "lib/db_x509.h" class CertTreeView: public X509SuperTreeView { Q_OBJECT db_x509 *certs() const { return dynamic_cast(basemodel); } public: CertTreeView(QWidget *parent) : X509SuperTreeView(parent) { ClipboardSettings = "CertFormat"; ClipboardPki_type = x509; } void fillContextMenu(QMenu *menu, QMenu *subExport, const QModelIndex &index, QModelIndexList indexes); ExportDialog *exportDialog(const QModelIndexList &index); public slots: void changeView(); void toRequest(); void toCertificate(); void toToken(); void toOtherToken(); void genCrl(); void loadPKCS7(); void loadPKCS12(); void deleteFromToken(); void manageRevocations(); void certRenewal(); void caProperties(); void revoke(); void unRevoke(); void load(); void loadTaKey(); void toggleHideExpired(bool); }; #endif xca-RELEASE.2.9.0/widgets/CrlDetail.cpp000066400000000000000000000047471477156507700174300ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2012 Christian Hohnstaedt. * * All rights reserved. */ #include "CrlDetail.h" #include "CertDetail.h" #include "MainWindow.h" #include "Help.h" #include "distname.h" #include "clicklabel.h" #include "RevocationList.h" #include "OpenDb.h" #include "OidResolver.h" #include "lib/pki_crl.h" #include #include #include CrlDetail::CrlDetail(QWidget *w) : XcaDetail(w) { setupUi(this); init("crldetail", ":revImg"); } void CrlDetail::setCrl(pki_crl *crl) { pki_x509 *iss; x509v3ext e1, e2; connect_pki(crl); iss = crl->getIssuer(); crlSqlId = crl->getSqlItemId(); signCheck->disableToolTip(); signCheck->setClickText(crl->getSigAlg()); if (iss != NULL) { issuerIntName->setText(iss->getIntName()); issuerIntName->setClickText(iss->getSqlItemId().toString()); issuerIntName->setGreen(); if (crl->verify(iss)) { signCheck->setText(crl->getSigAlg()); signCheck->setGreen(); } else { signCheck->setText(tr("Failed")); signCheck->setRed(); } issuerSqlId = iss->getSqlItemId(); } else { issuerIntName->setText(tr("Unknown signer")); issuerIntName->setDisabled(true); issuerIntName->disableToolTip(); signCheck->setText(tr("Verification not possible")); signCheck->setDisabled(true); } connect(signCheck, SIGNAL(doubleClicked(QString)), MainWindow::getResolver(), SLOT(searchOid(QString))); connect(issuerIntName, SIGNAL(doubleClicked(QString)), this, SLOT(showIssuer())); description->setText(crl->getIntName()); lUpdate->setText(crl->getLastUpdate().toPretty()); lUpdate->setToolTip(crl->getLastUpdate().toPrettyGMT()); nUpdate->setText(crl->getNextUpdate().toPretty()); nUpdate->setToolTip(crl->getNextUpdate().toPrettyGMT()); version->setText((++crl->getVersion())); issuer->setX509name(crl->getSubject()); RevocationList::setupRevocationView(certList, crl->getRevList(), iss); v3extensions->document()->setHtml(crl->printV3ext()); comment->setPlainText(crl->getComment()); } void CrlDetail::itemChanged(pki_base *pki) { QVariant pkiSqlId = pki->getSqlItemId(); if (pkiSqlId == issuerSqlId) issuerIntName->setText(pki->getIntName()); if (pkiSqlId == crlSqlId) description->setText(pki->getIntName()); } void CrlDetail::showIssuer() { CertDetail::showCert(this, Store.lookupPki(issuerSqlId)); } void CrlDetail::showCrl(QWidget *parent, pki_crl *crl) { if (!crl) return; CrlDetail *dlg = new CrlDetail(parent); dlg->setCrl(crl); dlg->exec(); delete dlg; } xca-RELEASE.2.9.0/widgets/CrlDetail.h000066400000000000000000000010711477156507700170600ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2007 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __CRLDETAIL_H #define __CRLDETAIL_H #include "ui_CrlDetail.h" #include "XcaDetail.h" class pki_crl; class pki_base; class CrlDetail: public XcaDetail, public Ui::CrlDetail { Q_OBJECT private: QVariant issuerSqlId{}, crlSqlId{}; public: CrlDetail(QWidget *w = nullptr); void setCrl(pki_crl *crl); static void showCrl(QWidget *parent, pki_crl *crl); public slots: void itemChanged(pki_base *pki) override; void showIssuer(); }; #endif xca-RELEASE.2.9.0/widgets/CrlTreeView.cpp000066400000000000000000000030231477156507700177420ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2019 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "CrlTreeView.h" #include "CrlDetail.h" #include "NewCrl.h" #include "XcaDialog.h" #include "MainWindow.h" #include "ItemCombo.h" #include "XcaWarning.h" #include "ExportDialog.h" #include "lib/db_crl.h" #include "lib/pki_x509.h" #include "lib/database_model.h" #include "lib/load_obj.h" void CrlTreeView::showPki(pki_base *pki) { CrlDetail::showCrl(this, dynamic_cast(pki)); } void CrlTreeView::newItem(pki_x509 *cert) { NewCrl::newCrl(this, cert); } void CrlTreeView::newItem() { db_x509 *certs = Database.model(); QList cas = certs->getAllIssuers(); pki_x509 *ca = NULL; switch (cas.size()) { case 0: XCA_INFO(tr("There are no CA certificates for CRL generation")); return; case 1: ca = cas[0]; break; default: { itemComboCert *c = new itemComboCert(NULL); XcaDialog *d = new XcaDialog(this, revocation, c, tr("Select CA certificate"), QString()); c->insertPkiItems(cas); if (!d->exec()) { delete d; return; } ca = c->currentPkiItem(); delete d; } } newItem(ca); } void CrlTreeView::load() { load_crl l; load_default(&l); } ExportDialog *CrlTreeView::exportDialog(const QModelIndexList &indexes) { return new ExportDialog(this, tr("Revocation list export"), tr("CRL ( *.pem *.der *.crl )") + ";;" + tr("vCalendar entry ( *.ics )"), indexes, QPixmap(":revImg"), pki_export::select(revocation, basemodel->exportFlags(indexes)), "crlexport"); } xca-RELEASE.2.9.0/widgets/CrlTreeView.h000066400000000000000000000011231477156507700174060ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2006 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __CRLTREEVIEW_H #define __CRLTREEVIEW_H #include "XcaTreeView.h" #include "lib/db_crl.h" class pki_x509; class CrlTreeView: public XcaTreeView { Q_OBJECT db_crl *crls() const { return dynamic_cast(basemodel); } public: CrlTreeView(QWidget *parent) : XcaTreeView(parent) { } void showPki(pki_base *pki); ExportDialog *exportDialog(const QModelIndexList &index); public slots: void newItem(pki_x509 *cert); void newItem(); void load(); }; #endif xca-RELEASE.2.9.0/widgets/ExportDialog.cpp000066400000000000000000000131101477156507700201460ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "ExportDialog.h" #include "MainWindow.h" #include "Help.h" #include "XcaWarning.h" #include "lib/base.h" #include #include #include #include #include #include ExportDialog::ExportDialog(QWidget *w, const QString &title, const QString &filt, const QModelIndexList &indexes, const QPixmap &img, QList types, const QString &help_ctx) : QDialog(w ? w : mainwin), filter(filt), savedFile(), alltypes(types) { QString fname = "selected_items"; setupUi(this); setWindowTitle(XCA_TITLE); if (indexes.size() == 1) { pki_base *pki = db_base::fromIndex(indexes[0]); if (pki) { description->setText(pki->getIntName()); fname = pki->getUnderlinedName(); } separateFiles->hide(); samePassword->hide(); setupExportFormat(F_MULTI); } else { // Plural form not required for < 2 items // Will only be called for 2 or more items description->setText(tr("%n selected item(s)", "", indexes.size())); setupExportFormat(F_SINGLE); } description->setReadOnly(true); image->setPixmap(img); label->setText(title); mainwin->helpdlg->register_ctxhelp_button(this, help_ctx); fname = Settings["workingdir"] + fname + "." + types[0]->extension; filename->setText(nativeSeparator(fname)); filter = tr("All files ( * )") + ";;" + filter; filenameLabelOrig = filenameLabel->text(); } void ExportDialog::setupExportFormat(int disable_flag) { QList usual, normal; for (const pki_export *t : alltypes) { if (t->flags & disable_flag) continue; if (t->flags & F_USUAL) usual << t; else normal << t; } exportFormat->clear(); foreach(const pki_export *t, usual + normal) { exportFormat->addItem(QString("%1 (*.%2)"). arg(t->desc).arg(t->extension), QVariant(t->id)); } if (usual.size() > 0 && normal.size() > 0) exportFormat->insertSeparator(usual.size()); exportFormat->setCurrentIndex(0); on_exportFormat_highlighted(0); } ExportDialog::~ExportDialog() { pki_base::pem_comment = 0; } void ExportDialog::on_fileBut_clicked() { QString s; if (separateFiles->isChecked()) { s = QFileDialog::getExistingDirectory(this, QString(), filename->text(), QFileDialog::ShowDirsOnly | QFileDialog::DontResolveSymlinks); } else { s = QFileDialog::getSaveFileName(this, QString(), filename->text(), filter, NULL, QFileDialog::DontConfirmOverwrite); } if (!s.isEmpty()) filename->setText(nativeSeparator(s)); } void ExportDialog::on_exportFormat_activated(int selected) { QString fn = filename->text(); const pki_export *t_sel = export_type(selected); for (int i=0; i< exportFormat->count(); i++) { const pki_export *t = export_type(i); if (t && fn.endsWith(QString(".") + t->extension)) { fn = fn.left(fn.length() - t->extension.length()) + t_sel->extension; break; } } if (filename->isEnabled()) filename->setText(fn); on_exportFormat_highlighted(selected); } bool ExportDialog::mayWriteFile(const QString &fname, bool inSeparateFiles) { QFileInfo fi(fname); QString dirname(fname); if (!inSeparateFiles) { if (fi.exists()) { if (fi.isFile()) { xcaWarningBox msg(NULL, tr("The file: '%1' already exists!").arg(fname)); msg.addButton(QMessageBox::Ok, tr("Overwrite")); msg.addButton(QMessageBox::Cancel, tr("Do not overwrite")); if (msg.exec() != QMessageBox::Ok) return false; } else { XCA_ERROR(tr("The path: '%1' exist, but is not a file") .arg(nativeSeparator(fname))); return false; } } dirname = fi.path(); } QFileInfo dir(dirname); qDebug() << "Checking" << fname << dirname << "isDir" << dir.isDir() << "exists" << dir.exists(); if (dir.isDir()) return true; if (dir.exists()) { XCA_ERROR(tr("The path: '%1' exist, but is not a directory") .arg(nativeSeparator(fname))); return false; } xcaWarningBox msg(NULL, tr("The directory: '%1' does not exist. Should it be created?") .arg(nativeSeparator(dirname))); msg.addButton(QMessageBox::Ok, tr("Create")); msg.addButton(QMessageBox::Cancel); if (msg.exec() != QMessageBox::Ok) return false; if (!QDir().mkpath(dirname)) { xcaWarningBox msg(NULL, tr("Failed to create directory '%1'") .arg(nativeSeparator(fname))); msg.exec(); return false; } return true; } void ExportDialog::accept() { QString fn = filename->text(); pki_base::pem_comment = pemComment->isChecked(); if (!filename->isEnabled()) { QDialog::accept(); return; } if (fn.isEmpty()) { reject(); return; } if (mayWriteFile(fn, separateFiles->isChecked())) { update_workingdir(fn); QDialog::accept(); } } const pki_export *ExportDialog::export_type(int idx) const { if (idx == -1) idx = exportFormat->currentIndex(); idx = exportFormat->itemData(idx).toInt(); return idx ? pki_export::by_id(idx) : NULL; } void ExportDialog::on_exportFormat_highlighted(int index) { const pki_export *x = export_type(index); if (!x) return; infoBox->setText(x->help); pemComment->setEnabled(x->flags & F_PEM); samePassword->setEnabled(x->flags & F_CRYPT); } void ExportDialog::on_separateFiles_clicked(bool checked) { if (checked) { filenameLabel->setText(tr("Directory")); QFileInfo fi(filename->text()); savedFile = fi.fileName(); filename->setText(nativeSeparator(fi.path())); setupExportFormat(F_MULTI); } else { filenameLabel->setText(filenameLabelOrig); if (!savedFile.isEmpty()) { QString completefile = filename->text() + "/" + savedFile; filename->setText(nativeSeparator(completefile)); } setupExportFormat(F_SINGLE); } }xca-RELEASE.2.9.0/widgets/ExportDialog.h000066400000000000000000000020351477156507700176170ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2014 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __EXPORTDIALOG_H #define __EXPORTDIALOG_H #include "ui_ExportDialog.h" #include "lib/pki_export.h" #include class QPixmap; class pki_base; class ExportDialog: public QDialog, public Ui::ExportDialog { Q_OBJECT protected: QString filter{}, savedFile{}, filenameLabelOrig{}; QList alltypes; public: ExportDialog(QWidget *w, const QString &title, const QString &filt, const QModelIndexList &indexes, const QPixmap &img, QList types, const QString &help_ctx = QString()); ~ExportDialog(); const pki_export *export_type(int idx = -1) const; static bool mayWriteFile(const QString &fname, bool inSeparateFiles); void setupExportFormat(int disable_flag); public slots: void on_fileBut_clicked(); void on_separateFiles_clicked(bool checked); void on_exportFormat_activated(int); void on_exportFormat_highlighted(int index); void accept(); }; #endif xca-RELEASE.2.9.0/widgets/FocusCombo.h000066400000000000000000000013401477156507700172530ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2014 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __FOCUSCOMBO_H #define __FOCUSCOMBO_H #include class focusCombo : public QComboBox { public: focusCombo(QWidget *parent) : QComboBox(parent) { } void hidePopup() { QComboBox::hidePopup(); emit highlighted(currentIndex()); } QVariant currentItemData() { return QComboBox::itemData(currentIndex()); } void addItemsData(const QStringList &textdata, const QString &selected) { int c = 0; Q_ASSERT(textdata.size() % 2 == 0); for (int i=0; i< textdata.size(); i+=2) { addItem(textdata[i], textdata[i+1]); if (textdata[i+1] == selected) c = i/2; } setCurrentIndex(c); } }; #endif xca-RELEASE.2.9.0/widgets/Help.cpp000066400000000000000000000043401477156507700164420ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2012 Christian Hohnstaedt. * * All rights reserved. */ #include "Help.h" #include "lib/func.h" #include #include #include #include #if (QT_VERSION >= QT_VERSION_CHECK(5, 15, 0)) #include #endif Help::Help() : QWidget(NULL) { setupUi(this); setWindowTitle(XCA_TITLE); textbox->setSearchPaths(QStringList(getDocDir())); textbox->setOpenExternalLinks(true); textbox->clearHistory(); if (!getDocDir().isEmpty()) helpengine = new QHelpEngineCore(getDocDir() + "/xca.qhc"); } Help::~Help() { delete helpengine; } void Help::display(const QUrl &url) { textbox->setSource(QUrl(url.fileName())); textbox->scrollToAnchor(url.fragment()); show(); raise(); } void Help::content() { display(QUrl("qthelp://org.sphinx.xca/doc/index.html")); } QList Help::url_by_ctx(const QString &ctx) const { if (!helpengine) return QList(); #if (QT_VERSION >= QT_VERSION_CHECK(5, 15, 0)) QList l; foreach(QHelpLink hl, helpengine->documentsForIdentifier(QString("%1.%1").arg(ctx))) { l << hl.url; } return l; #else return helpengine->linksForIdentifier(QString("%1.%1").arg(ctx)).values(); #endif } void Help::contexthelp(const QString &context) { QList helpctx = url_by_ctx(context); if (helpctx.count()) display(helpctx.at(0)); } void Help::contexthelp() { QObject *o = sender(); if (!o) return; QString ctx = o->property("help_ctx").toString(); if (ctx.isEmpty()) return; contexthelp(ctx); } void Help::register_ctxhelp_button(QDialog *dlg, const QString &help_ctx) const { QDialogButtonBox *buttonBox = dlg->findChild("buttonBox"); if (!buttonBox || help_ctx.isEmpty()) return; dlg->setWindowModality(Qt::WindowModal); buttonBox->addButton(QDialogButtonBox::Help); buttonBox->setProperty("help_ctx", QVariant(help_ctx)); connect(buttonBox, SIGNAL(helpRequested()), this, SLOT(contexthelp())); if (url_by_ctx(help_ctx).count() == 0) { qWarning() << "Unknown help context: " << help_ctx; buttonBox->button(QDialogButtonBox::Help)->setEnabled(false); } } void Help::changeEvent(QEvent *event) { if (event->type() == QEvent::LanguageChange) retranslateUi(this); } xca-RELEASE.2.9.0/widgets/Help.h000066400000000000000000000011641477156507700161100ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2021 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __HELP_H #define __HELP_H #include "ui_Help.h" #include class QHelpEngineCore; class Help: public QWidget, public Ui::Help { Q_OBJECT QHelpEngineCore *helpengine{}; void display(const QUrl &url); public: Help(); ~Help(); void register_ctxhelp_button(QDialog *dlg, const QString &help_ctx) const; QList url_by_ctx(const QString &ctx) const; public slots: void changeEvent(QEvent *event); void contexthelp(); void contexthelp(const QString &context); void content(); }; #endif xca-RELEASE.2.9.0/widgets/ImportMulti.cpp000066400000000000000000000175511477156507700200470ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "ImportMulti.h" #include "XcaWarning.h" #include "MainWindow.h" #include "lib/pki_base.h" #include "lib/pki_pkcs7.h" #include "lib/pki_pkcs12.h" #include "lib/pki_crl.h" #include "lib/pki_multi.h" #include "lib/pki_scard.h" #include "lib/pki_evp.h" #include "lib/pki_temp.h" #include "CrlDetail.h" #include "CertDetail.h" #include "KeyDetail.h" #include "NewX509.h" #include #include #include #include #include #include #include ImportMulti::ImportMulti(QWidget *w) : QDialog(w && w->isVisible() ? w : nullptr) { setupUi(this); setWindowTitle(XCA_TITLE); image->setPixmap(QPixmap(":certImg")); listView->setEditTriggers(QAbstractItemView::NoEditTriggers); mcont = new db_token(); listView->setModel(mcont); listView->setIconSize(QPixmap(":key").size()); listView->setSelectionMode(QAbstractItemView::ExtendedSelection); connect( listView, SIGNAL(doubleClicked(const QModelIndex &)), this, SLOT(on_butDetails_clicked())); deleteToken->hide(); renameToken->hide(); slotInfo->hide(); setAcceptDrops(true); setWindowModality(Qt::WindowModal); } void ImportMulti::tokenInfo(const slotid &s) { slot = s; mcont->setSlot(slot); deleteToken->show(); renameToken->show(); slotInfo->show(); listView->setEditTriggers(QAbstractItemView::EditKeyPressed); pkcs11 p11; QString info = p11.driverInfo(slot); tkInfo ti = p11.tokenInfo(slot); info += tr("\nName: %1\nModel: %2\nSerial: %3"). arg(ti.label()).arg(ti.model()).arg(ti.serial()); slotInfo->setText(info); image->setPixmap(QPixmap(":scardImg")); heading->setText(tr("Manage security token")); setAcceptDrops(false); } void ImportMulti::addItem(pki_base *pki) { if (!pki) return; if (pki->pkiSource == unknown) pki->pkiSource = imported; pki_multi *pm = dynamic_cast(pki); if (pm) { QList items = pm->pull(); foreach(pki_base *inner, items) addItem(inner); delete pm; return; } if (Database.isOpen()) { pki_x509 *cert = dynamic_cast(pki); pki_crl *crl = dynamic_cast(pki); pki_x509super *cert_or_req = dynamic_cast(pki); if (cert) cert->setSigner(cert->findIssuer()); if (cert_or_req) cert_or_req->lookupKey(); if (crl) crl->lookupIssuer(); } if (!dynamic_cast(pki) && !dynamic_cast(pki)) { XCA_WARN(tr("The type of the item '%1' is not recognized"). arg(pki->getClassName())); delete pki; return; } mcont->inToCont(pki); mcont->rename_token_in_database(dynamic_cast(pki)); } bool ImportMulti::openDB() const { if (!Database.isOpen()) { if (mainwin->init_database(QString()) == 2) return false; if (!Database.isOpen()) mainwin->load_database(); } return Database.isOpen(); } void ImportMulti::dragEnterEvent(QDragEnterEvent *event) { if (event->mimeData()->hasUrls()) event->acceptProposedAction(); } void ImportMulti::dropEvent(QDropEvent *event) { QList urls = event->mimeData()->urls(); QUrl u; QStringList failed; pki_multi *pki = new pki_multi(); foreach(u, urls) pki->probeAnything(u.toLocalFile()); failed << pki->failed_files; importError(failed); addItem(pki); event->acceptProposedAction(); } void ImportMulti::on_butRemove_clicked() { QItemSelectionModel *selectionModel = listView->selectionModel(); QModelIndexList indexes = selectionModel->selectedIndexes(); QModelIndex index; QString items; foreach(index, indexes) { if (index.column() != 0) continue; mcont->remFromCont(index); pki_base *pki = db_base::fromIndex(index); delete pki; } if (mcont->rowCount(QModelIndex()) == 0) accept(); } void ImportMulti::on_butOk_clicked() { QModelIndexList indexes; for (int i = 0; i < mcont->rowCount(); i++) indexes << mcont->index(i, 0, QModelIndex()); importIndexes(indexes); } void ImportMulti::on_butImport_clicked() { QItemSelectionModel *selectionModel = listView->selectionModel(); importIndexes(selectionModel->selectedIndexes()); } void ImportMulti::importIndexes(const QModelIndexList &indexes) { if (!openDB()) return; Transaction; if (!TransBegin()) return; foreach(QModelIndex index, indexes) { import(index); } TransCommit(); if (mcont->rowCount(QModelIndex()) == 0) accept(); } void ImportMulti::on_deleteToken_clicked() { QItemSelectionModel *selectionModel = listView->selectionModel(); QModelIndexList indexes = selectionModel->selectedIndexes(); QModelIndex index; QString items; foreach(index, indexes) { if (index.column() != 0) continue; pki_base *pki = db_base::fromIndex(index); try { pki->deleteFromToken(slot); mcont->remFromCont(index); delete pki; } catch (errorEx &err) { XCA_ERROR(err); } } } void ImportMulti::on_renameToken_clicked() { QItemSelectionModel *selectionModel = listView->selectionModel(); QModelIndexList indexes = selectionModel->selectedIndexes(); QModelIndex index; foreach(index, indexes) { if (index.column() != 0) continue; listView->edit(index); break; } } pki_base *ImportMulti::import(const QModelIndex &idx) { return idx.column() == 0 ? import(mcont->fromIndex(idx)) : nullptr; } pki_base *ImportMulti::import(pki_base *pki) { if (!pki || pki->getSqlItemId().isValid()) return NULL; QModelIndex idx = mcont->index(pki); if (idx.isValid()) mcont->remFromCont(idx); if (!Database.isOpen()) { try { Database.open_default(); } catch(...) { XCA_INFO(tr("Could not open the default database")); }; } if (!Database.isOpen()) { delete pki; return NULL; } return Database.insert(pki); } void ImportMulti::on_butDetails_clicked() { QItemSelectionModel *selectionModel = listView->selectionModel(); if (selectionModel->selectedIndexes().count()) showDetail(selectionModel->selectedIndexes().first()); if (mcont->rowCount(QModelIndex()) == 0) accept(); } void ImportMulti::showDetail(const QModelIndex &idx) { showDetail(db_base::fromIndex(idx)); } void ImportMulti::showDetail(pki_base *pki) { if (pki) try { pki_x509super *pki_super = dynamic_cast(pki); if (pki_super) { CertDetail::showCert(this, pki_super); return; } pki_key *key = dynamic_cast(pki); if (key) { KeyDetail::showKey(this, key); return; } pki_crl *crl = dynamic_cast(pki); if (crl) { CrlDetail::showCrl(this, crl); return; } pki_temp *temp = dynamic_cast(pki); if (temp) { NewX509::showTemp(this, temp); return; } XCA_WARN(tr("The type of the item '%1' is not recognized"). arg(pki->getClassName())); } catch (errorEx &err) { XCA_ERROR(err); } } ImportMulti::~ImportMulti() { QModelIndex idx = listView->currentIndex(); while (idx != QModelIndex()) { mcont->remFromCont(idx); delete db_base::fromIndex(idx); idx = listView->currentIndex(); } listView->setModel(NULL); delete mcont; } int ImportMulti::entries() { return mcont->allItemsCount(); } void ImportMulti::importError(QStringList failed) { if (failed.count() == 1) { XCA_INFO(tr("The file '%1' did not contain PKI data"). arg(failed[0])); } else if (failed.count() > 1) { XCA_INFO(tr("The %1 files: '%2' did not contain PKI data"). arg(failed.count()). arg(failed.join("', '"))); } } void ImportMulti::execute(int force, QStringList failed) { importError(failed); /* if there is nothing to import don't pop up */ if (entries() == 0) { accept(); return; } /* if there is only 1 item and force is 0 import it silently */ if (entries() == 1) { QModelIndex idx = mcont->index(0, 0, QModelIndex()); if (force == 0 && openDB()) { pki_base *pki = import(idx); if (pki && !Settings["suppress_messages"]) XCA_INFO(pki->getMsg(pki_base::msg_import). arg(pki->getIntName())); } else { showDetail(idx); } return; } /* the behaviour for more than one item */ exec(); } xca-RELEASE.2.9.0/widgets/ImportMulti.h000066400000000000000000000022741477156507700175100ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __IMPORTMULTI_H #define __IMPORTMULTI_H #include "ui_ImportMulti.h" #include "lib/db_token.h" #include "lib/db_base.h" #include class pki_x509; class pki_key; class ImportMulti: public QDialog, private Ui::ImportMulti { Q_OBJECT private: slotid slot{}; db_token *mcont{}; void importError(QStringList failed); public: ImportMulti(QWidget *parent); ~ImportMulti(); void addItem(pki_base *pki); pki_base *getSelected(); pki_base *import(const QModelIndex &idx); pki_base *import(pki_base *pki); void importIndexes(const QModelIndexList &indexes); void execute(int force=0, QStringList failed = QStringList()); int entries(); void tokenInfo(const slotid &s); void dragEnterEvent(QDragEnterEvent *event); void dropEvent(QDropEvent *event); bool openDB() const; void showDetail(pki_base *pki); void showDetail(const QModelIndex &idx); public slots: void on_butRemove_clicked(); void on_butImport_clicked(); void on_butDetails_clicked(); void on_butOk_clicked(); void on_deleteToken_clicked(); void on_renameToken_clicked(); }; #endif xca-RELEASE.2.9.0/widgets/ItemCombo.h000066400000000000000000000021031477156507700170700ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2015 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __ITEMCOMBO_H #define __ITEMCOMBO_H #include #include #include "lib/pki_base.h" #include "lib/pki_x509.h" #include "lib/pki_x509req.h" #include "lib/pki_temp.h" template class itemCombo : public QComboBox { public: itemCombo(QWidget *parent) : QComboBox(parent) { } void insertPkiItems(QList items) { clear(); foreach(T *p, items) { addItem(p->comboText(), QVariant::fromValue(p)); } } T *currentPkiItem() { return itemData(currentIndex()).template value(); } void setNullItem(QString text) { if (itemData(0).template value() == NULL) removeItem(0); insertItem(0, text, QVariant()); } int setCurrentPkiItem(T *p) { int idx = findData(QVariant::fromValue(p)); setCurrentIndex(idx); return idx; } }; typedef class itemCombo itemComboTemp; typedef class itemCombo itemComboReq; typedef class itemCombo itemComboCert; typedef class itemCombo itemComboKey; #endif xca-RELEASE.2.9.0/widgets/KeyDetail.cpp000066400000000000000000000100021477156507700174150ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #include "lib/pki_evp.h" #include "lib/pki_scard.h" #include "KeyDetail.h" #include "MainWindow.h" #include "Help.h" #include "distname.h" #include "clicklabel.h" #include "XcaApplication.h" #include "OidResolver.h" #include #include #include KeyDetail::KeyDetail(QWidget *w) : XcaDetail(w) { setupUi(this); keyModulus->setFont(XcaApplication::tableFont); tabWidget->setCurrentIndex(0); init("keydetail", ":keyImg"); } #ifndef OPENSSL_NO_EC static QString CurveComment(int nid) { foreach(builtin_curve curve, builtinCurves) { if (curve.nid == nid) return curve.comment; } return QString(); } #endif void KeyDetail::setupFingerprints(pki_key *key) { int pos = 0; QWidget *widget = new QWidget(fingerprint); QVBoxLayout *v = new QVBoxLayout(fingerprint); QGridLayout *grid = new QGridLayout(widget); v->addStretch(); v->addWidget(widget); v->addStretch(); QStringList sl = { "x509 SHA1", "DER SHA256" }; if (key->SSH2_compatible()) sl += QStringList({ "ssh MD5", "ssh SHA256 B64" }); foreach(QString type, sl) { qDebug() << type << key->fingerprint(type); QLabel *left = new QLabel(widget); CopyLabel *right = new CopyLabel(widget); left->setTextFormat(Qt::PlainText); left->setText(type); right->setText(key->fingerprint(type)); grid->addWidget(left, pos, 0); grid->addWidget(right, pos, 1); pos++; } } void KeyDetail::setKey(pki_key *key, bool import) { keySqlId = key->getSqlItemId(); description->setText(key->getIntName()); keyLength->setText(key->length()); if (import) connect_pki(key); keyPrivEx->disableToolTip(); if (!key->isToken()) tabWidget->removeTab(1); tlHeader->setText(tr("Details of the %1 key").arg(key->getTypeString())); comment->setPlainText(key->getComment()); setupFingerprints(key); if (key->isPubKey()) { keyPrivEx->setText(tr("Not available")); keyPrivEx->setRed(); } else if (key->isToken()) { image->setPixmap(QPixmap(":scardImg")); pki_scard *card = static_cast(key); cardLabel->setText(card->getCardLabel()); cardModel->setText(card->getModel()); cardManufacturer->setText(card->getManufacturer()); cardSerial->setText(card->getSerial()); slotLabel->setText(card->getLabel()); cardId->setText(card->getId()); keyPrivEx->setText(tr("Security token")); } else { keyPrivEx->setText(tr("Available")); keyPrivEx->setGreen(); } switch (key->getKeyType()) { case EVP_PKEY_RSA: keyPubEx->setText(key->pubEx()); keyModulus->setText(key->modulus()); break; case EVP_PKEY_DSA: tlPubEx->setText(tr("Sub prime")); tlModulus->setTitle(tr("Public key")); tlPrivEx->setText(tr("Private key")); keyPubEx->setText(key->subprime()); keyModulus->setText(key->pubkey()); break; #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: int nid; nid = key->ecParamNid(); tlModulus->setTitle(tr("Public key")); tlPrivEx->setText(tr("Private key")); tlPubEx->setText(tr("Curve name")); keyPubEx->setText(OBJ_nid2sn(nid)); connect(keyPubEx, SIGNAL(doubleClicked(QString)), MainWindow::getResolver(), SLOT(searchOid(QString))); keyPubEx->setToolTip(CurveComment(nid)); keyModulus->setText(key->ecPubKey()); break; #ifdef EVP_PKEY_ED25519 case EVP_PKEY_ED25519: tlModulus->setTitle(tr("Public key")); tlPrivEx->setText(tr("Private key")); tlPubEx->setText(tr("Curve name")); keyPubEx->setText("ed25519"); keyModulus->setText(key->ed25519PubKey().toHex()); break; #endif #endif default: tlHeader->setText(tr("Unknown key")); } } void KeyDetail::itemChanged(pki_base *pki) { if (pki->getSqlItemId() == keySqlId) description->setText(pki->getIntName()); } void KeyDetail::showKey(QWidget *parent, pki_key *key, bool import) { if (!key) return; KeyDetail *dlg = new KeyDetail(parent); bool ro = !key->getSqlItemId().isValid(); dlg->setKey(key, import); dlg->description->setReadOnly(ro); dlg->comment->setReadOnly(ro); dlg->exec(); delete dlg; } xca-RELEASE.2.9.0/widgets/KeyDetail.h000066400000000000000000000011311477156507700170650ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2009 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __KEYDETAIL_H #define __KEYDETAIL_H #include "ui_KeyDetail.h" #include "XcaDetail.h" class pki_key; class pki_base; class KeyDetail: public XcaDetail, public Ui::KeyDetail { Q_OBJECT QVariant keySqlId{}; public: KeyDetail(QWidget *w = nullptr); void setKey(pki_key *key, bool import = true); void setupFingerprints(pki_key *key); static void showKey(QWidget *parent, pki_key *key, bool import = true); public slots: void itemChanged(pki_base *pki) override; }; #endif xca-RELEASE.2.9.0/widgets/KeyTreeView.cpp000066400000000000000000000106551477156507700177630ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "lib/pki_scard.h" #include "lib/load_obj.h" #include "KeyTreeView.h" #include "MainWindow.h" #include "KeyDetail.h" #include "NewKey.h" #include "ExportDialog.h" #include "XcaWarning.h" #include #include void KeyTreeView::fillContextMenu(QMenu *menu, QMenu *subExport, const QModelIndex &index, QModelIndexList indexes) { bool multi = indexes.size() > 1; pki_key *key = db_base::fromIndex(index); if (indexes.size() == 0 || !key) return; if (!multi && key && key->isPrivKey() && !key->isToken()) { switch (key->getOwnPass()) { case pki_key::ptCommon: menu->addAction(tr("Change password"), this, SLOT(setOwnPass())); break; case pki_key::ptPrivate: menu->addAction(tr("Reset password"), this, SLOT(resetOwnPass())); break; default: break; } } if (!pkcs11::libraries.loaded() || multi) return; if (key->isToken()) { menu->addAction(tr("Change PIN"), this, SLOT(changePin())); menu->addAction(tr("Init PIN with SO PIN (PUK)"), this, SLOT(initPin())); menu->addAction(tr("Change SO PIN (PUK)"), this, SLOT(changeSoPin())); } else if (subExport) { subExport->addAction(tr("Security token"), this, SLOT(toToken())); } } void KeyTreeView::setOwnPass() { if (!basemodel) return; try { keys()->setOwnPass(currentIndex(), pki_key::ptPrivate); } catch (errorEx &err) { XCA_ERROR(err); } } void KeyTreeView::resetOwnPass() { if (!basemodel) return; try { keys()->setOwnPass(currentIndex(), pki_key::ptCommon); } catch (errorEx &err) { XCA_ERROR(err); } } void KeyTreeView::changePin() { pki_scard *scard; QModelIndex currentIdx = currentIndex(); if (!currentIdx.isValid()) return; scard = db_base::fromIndex(currentIdx); try { if (!scard->isToken()) { throw errorEx(tr("This is not a token")); } scard->changePin(); } catch (errorEx &err) { XCA_ERROR(err); } } void KeyTreeView::initPin() { pki_scard *scard; QModelIndex currentIdx = currentIndex(); if (!currentIdx.isValid()) return; scard = db_base::fromIndex(currentIdx); try { if (!scard->isToken()) { throw errorEx(tr("This is not a token")); } scard->initPin(); } catch (errorEx &err) { XCA_ERROR(err); } } void KeyTreeView::changeSoPin() { pki_scard *scard; QModelIndex currentIdx = currentIndex(); if (!currentIdx.isValid()) return; scard = db_base::fromIndex(currentIdx); try { if (!scard->isToken()) { throw errorEx(tr("This is not a token")); } scard->changeSoPin(); } catch (errorEx &err) { XCA_ERROR(err); } } void KeyTreeView::toToken() { QModelIndex currentIdx = currentIndex(); if (!currentIdx.isValid() || !basemodel) return; pki_key *key = db_base::fromIndex(currentIdx); if (!key || !pkcs11::libraries.loaded() || key->isToken()) return; pki_scard *card = NULL; try { pkcs11 p11; slotid slot; if (!p11.selectToken(&slot, mainwin)) return; card = new pki_scard(key->getIntName()); card->store_token(slot, key->decryptKey()); card->pkiSource = key->pkiSource; QString msg = tr("Shall the original key '%1' be replaced by the key on the token?\nThis will delete the key '%1' and make it unexportable"). arg(key->getIntName()); if (XCA_YESNO(msg)) { keys()->deletePKI(currentIdx); keys()->insertPKI(card); card = NULL; } } catch (errorEx &err) { XCA_ERROR(err); } delete card; } void KeyTreeView::showPki(pki_base *pki) { pki_key *key = dynamic_cast(pki); KeyDetail::showKey(this, key); } void KeyTreeView::newItem() { newItem(""); } void KeyTreeView::newItem(const QString &name) { if (!basemodel) return; NewKey *dlg = new NewKey(this, name); if (dlg->exec()) keys()->newKey(dlg->getKeyJob(), dlg->keyDesc->text()); delete dlg; } void KeyTreeView::load(void) { load_key l; load_default(&l); } ExportDialog *KeyTreeView::exportDialog(const QModelIndexList &indexes) { if (indexes.size() == 0) return NULL; pki_key *key = db_base::fromIndex(indexes[0]); return new ExportDialog(this, tr("Key export"), tr("Private Keys ( *.pem *.der *.pk8 );; " "SSH Public Keys ( *.pub )") + ";;" + tr("SSH Private Keys ( *.priv )") + ";;" + tr("Microsoft PVK Keys ( *.pvk )"), indexes, QPixmap(key->isToken() ? ":scardImg" : ":keyImg"), pki_export::select(asym_key, basemodel->exportFlags(indexes)), "keyexport"); } xca-RELEASE.2.9.0/widgets/KeyTreeView.h000066400000000000000000000015711477156507700174250ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2006 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __KEYTREEVIEW_H #define __KEYTREEVIEW_H #include "XcaTreeView.h" #include "lib/db_key.h" class QAction; class KeyTreeView: public XcaTreeView { Q_OBJECT db_key *keys() const { return dynamic_cast(basemodel); } public: KeyTreeView(QWidget *parent) : XcaTreeView(parent) { ClipboardSettings = "KeyFormat"; ClipboardPki_type = asym_key; } void fillContextMenu(QMenu *menu, QMenu *subExport, const QModelIndex &index, QModelIndexList indexes); void showPki(pki_base *pki); ExportDialog *exportDialog(const QModelIndexList &indexes); public slots: void resetOwnPass(); void setOwnPass(); void changePin(); void initPin(); void changeSoPin(); void toToken(); void newItem(); void load(); void newItem(const QString &name); }; #endif xca-RELEASE.2.9.0/widgets/MW_help.cpp000066400000000000000000000107371477156507700171140ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "MainWindow.h" #include #include #include #include #ifndef OPENSSL_NO_EC #include #endif #include "XcaDialog.h" #include "ui_Help.h" #include "lib/func.h" #include "lib/entropy.h" const QList MainWindow::getTranslators() const { return QList { QStringList{ "", tr("System") }, QStringList{ "bg", tr("Bulgarian"), "Svetoslav Slavkov", "contact", "sslavkov.eu" }, QStringList{ "zh_CN", tr("Chinese"), "Xczh", "xczh.me", "foxmail.com" }, QStringList{ "hr", tr("Croatian"), "Nevenko Bartolincic", "nevenko.bartolincic", "gmail.com" }, QStringList{ "nl", tr("Dutch"), "Guido Pennings" }, QStringList{ "en", tr("English") }, QStringList{ "fr", tr("French"), "Patrick Monnerat", "patrick", "monnerat.net" }, QStringList{ "de", tr("German"), "Christian Hohnstädt", "christian", "hohnstaedt.de" }, QStringList{ "id", tr("Indonesian"), "Andika Triwidada", "andika", "gmail.com" }, QStringList{ "it", tr("Italian"), "Paolo Basenghi", "paul69", "libero.it" }, QStringList{ "ja", tr("Japanese"), "D2N", "gritty.hat3143", "mx.d2-networks.jp" }, QStringList{ "fa", tr("Persian"), "Erfan Esmayili Barzi", "erfankam", "gmail.com" }, QStringList{ "ko", tr("Korean"), "Kim Dongil", "icoicoya", "naver.com" }, QStringList{ "pl", tr("Polish"), "Jacek Tyborowski", "jacek", "tyborowski.pl" }, QStringList{ "pt_BR", tr("Portuguese in Brazil"), "Ulisses Guedes", "uli1958", "hotmail.com" }, QStringList{ "ru", tr("Russian") }, QStringList{ "sk", tr("Slovak"), "Slavko", "linux", "slavino.sk" }, QStringList{ "es", tr("Spanish"), "Miguel Romera", "mrmsoftdonation", "gmail.com" }, QStringList{ "tr", tr("Turkish") }, }; }; void MainWindow::about() { QTextEdit *textbox = new QTextEdit(NULL); XcaDialog *about = new XcaDialog(this, x509, textbox, QString(), QString()); about->aboutDialog(QPixmap(":scardImg")); QString openssl, qt, cont, version, brainpool; #ifdef OPENSSL_NO_EC brainpool = "(Elliptic Curve Cryptography support disabled)"; #endif openssl = SSLeay_version(SSLEAY_VERSION); qt = qVersion(); if (openssl != OPENSSL_VERSION_TEXT || qt != QT_VERSION_STR) { version = QString("" "" "" "" "" "" "" "" "
    Compile time:" OPENSSL_VERSION_TEXT "QT version: " QT_VERSION_STR "
    Run time:%1QT version: %2
    ").arg(openssl).arg(qt); } else { version = QString("%1
    QT version: %2").arg(openssl).arg(qt); } QStringList rows; foreach(QStringList sl, getTranslators()) { QString email; QStringList tag { "", "" }; if (sl.size() < 3) continue; if (sl.size() > 4) email = QString("<%1@%2>").arg(sl[3]).arg(sl[4]); QString lang(QLocale::languageToString(QLocale(sl[0]).language())); QStringList row { QString("%1").arg(lang), sl[2].toHtmlEscaped(), email.toHtmlEscaped(), }; rows << tag[0] + row.join(tag[0] + tag[1]) + tag[1]; } Entropy::seed_rng(); cont = QString( "

    XCA%7

    " "

    Copyright 2001 - 2024 by Christian Hohnstädt\n" "

    Version: %3

    %1" /* commithash, OpenSSL & Qt Version */ "

    https://hohnstaedt.de/xca" "

    OpenSSL legacy provider%2 loaded" "

    " "" "" "" "
    Installation path:%4
    User settings path:%5
    Working directory:%6

    " "

    " "" "" "" "" "
    Christian Hohnstädt<christian@hohnstaedt.de>
    Programming, Translation and Testing
    Kerstin Steinhauff<tine@kerstine.de>
    Arts and Graphics
    Maintained Translations
    " "

    %8
    ") .arg(version) .arg(legacy_loaded ? "" : " not") .arg(version_str(true)) .arg(nativeSeparator(QCoreApplication::applicationDirPath())) .arg(nativeSeparator(getUserSettingsDir())) .arg(nativeSeparator(QString(Settings["workingdir"]))) #ifndef APPSTORE_COMPLIANT .arg(portable_app() ? " (Portable)" : "") #else .arg(" (App Store)") #endif .arg(rows.join("")); textbox->setHtml(cont); textbox->setReadOnly(true); about->exec(); delete about; } xca-RELEASE.2.9.0/widgets/MW_menu.cpp000066400000000000000000000163531477156507700171300ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "MainWindow.h" #include "XcaApplication.h" #include "PwDialog.h" #include "Options.h" #include "lib/load_obj.h" #include "lib/pass_info.h" #include "lib/pkcs11.h" #include "lib/pki_evp.h" #include "lib/pki_scard.h" #include "lib/func.h" #include "lib/db_x509super.h" #include "lib/database_model.h" #include "ui_Options.h" #include "hashBox.h" #include "OidResolver.h" #include "OpenDb.h" #include "Help.h" #include #include #include #include #include #include QAction *MainWindow::languageMenuEntry(const QStringList &sl) { QString lang, tooltip; QLocale locale; if (sl[0].isEmpty()) { locale = QLocale::system(); lang = MainWindow::tr("System"); } else { locale = QLocale(sl[0]); lang = QString("%1 (%2)").arg(sl[1]) .arg(QLocale::languageToString(locale.language())); } tooltip = locale.nativeLanguageName(); if (sl.length() > 2) tooltip += " - " + sl[2]; QAction *a = new QAction(lang, this); a->setToolTip(tooltip); a->setData(QVariant(locale)); a->setDisabled(!XcaApplication::languageAvailable(locale)); a->setCheckable(true); if (locale == QLocale()) a->setChecked(true); return a; } void MainWindow::init_menu() { static QMenu *file = NULL, *help = NULL, *import = NULL, *token = NULL, *languageMenu = NULL, *extra = NULL; static QActionGroup * langGroup = NULL; QAction *a, *options; delete file; delete help; delete import; delete token; delete extra; delete languageMenu; delete historyMenu; delete langGroup; wdMenuList.clear(); scardList.clear(); acList.clear(); setMenuBar(new QMenuBar(nullptr)); langGroup = new QActionGroup(this); languageMenu = new tipMenu(tr("Language"), this); connect(languageMenu, SIGNAL(triggered(QAction*)), qApp, SLOT(switchLanguage(QAction*))); foreach(const QStringList &sl, getTranslators()) { a = languageMenuEntry(sl); langGroup->addAction(a); languageMenu->addAction(a); } #ifndef APPSTORE_COMPLIANT historyMenu = new tipMenu(tr("Recent DataBases") + " ...", this); update_history_menu(); connect(historyMenu, SIGNAL(triggered(QAction*)), this, SLOT(open_database(QAction*))); file = menuBar()->addMenu(tr("&File")); a = file->addAction(tr("New DataBase"), this, SLOT(new_database())); a->setShortcut(QKeySequence::New); a->setEnabled(OpenDb::hasSqLite()); a = file->addAction(tr("Open DataBase"), this, SLOT(load_database())); a->setShortcut(QKeySequence::Open); a->setEnabled(OpenDb::hasSqLite()); file->addAction(tr("Open Remote DataBase"), this, SLOT(openRemoteSqlDB()))-> setEnabled(OpenDb::hasRemoteDrivers()); file->addMenu(historyMenu); file->addAction(tr("Set as default DataBase"), this, SLOT(default_database())); a = file->addAction(tr("Close DataBase"), this, SLOT(close_database())); a->setShortcut(QKeySequence::Close); acList += a; #endif options = new QAction(tr("Options"), this); connect(options, SIGNAL(triggered()), this, SLOT(setOptions())); options->setMenuRole(QAction::PreferencesRole); #ifndef APPSTORE_COMPLIANT file->addAction(options); #endif acList += options; a = new QAction(tr("Exit"), this); connect(a, SIGNAL(triggered()), qApp, SLOT(quit()), Qt::QueuedConnection); a->setMenuRole(QAction::QuitRole); a->setShortcut(QKeySequence::Quit); #ifndef APPSTORE_COMPLIANT file->addMenu(languageMenu); file->addSeparator(); file->addAction(a); #endif import = menuBar()->addMenu(tr("I&mport")); import->addAction(tr("Keys"), keyView, SLOT(load()) ); import->addAction(tr("Requests"), reqView, SLOT(load()) ); import->addAction(tr("Certificates"), certView, SLOT(load()) ); import->addAction(tr("PKCS#12"), certView, SLOT(loadPKCS12()) ); import->addAction(tr("PKCS#7"), certView, SLOT(loadPKCS7()) ); import->addAction(tr("Template"), tempView, SLOT(load()) ); import->addAction(tr("Revocation list"), crlView, SLOT(load())); import->addAction(tr("PEM file"), this, SLOT(loadPem()) ); import->addAction(tr("Paste PEM file"), this, SLOT(pastePem()))-> setShortcut(QKeySequence::Paste); #ifndef APPSTORE_COMPLIANT token = menuBar()->addMenu(tr("Token")); token->addAction(tr("&Manage Security token"), this, SLOT(manageToken())); token->addAction(tr("&Init Security token"), this, SLOT(initToken())); token->addAction(tr("&Change PIN"), this, SLOT(changePin()) ); token->addAction(tr("Change &SO PIN"), this, SLOT(changeSoPin()) ); token->addAction(tr("Init PIN"), this, SLOT(initPin()) ); #endif extra = menuBar()->addMenu(tr("Extra")); acList += extra->addAction(tr("&Dump DataBase"), this, SLOT(dump_database())); acList += extra->addAction(tr("&Export Certificate Index"), this, SLOT(exportIndex())); acList += extra->addAction(tr("Export Certificate &Index hierarchy"), this, SLOT(exportIndexHierarchy())); acList += extra->addAction(tr("C&hange DataBase password"), this, SLOT(changeDbPass())); #if 0 acList += extra->addAction(tr("&Undelete items"), this, SLOT(undelete())); #endif extra->addAction(tr("Generate DH parameter"), this, SLOT(generateDHparam())); extra->addAction(tr("OID Resolver"), resolver, SLOT(show())); #ifdef APPSTORE_COMPLIANT extra->addSeparator(); extra->addMenu(languageMenu); extra->addAction(options); #endif help = menuBar()->addMenu(tr("&Help") ); help->addAction(tr("Content"), helpdlg, SLOT(content()))-> setShortcut(QKeySequence::HelpContents); a = new QAction(tr("About"), this); connect(a, SIGNAL(triggered()), this, SLOT(about())); a->setMenuRole(QAction::AboutRole); a->setShortcut(QKeySequence::WhatsThis); help->addAction(a); wdMenuList += import; #ifndef APPSTORE_COMPLIANT scardList += token; #endif setItemEnabled(Database.isOpen()); } void MainWindow::update_history_menu() { QStringList hist = history.get(); if (!historyMenu) return; historyMenu->clear(); for (int i = 0, j = 0; i < hist.size(); i++) { QAction *a; QString txt = hist[i]; if (!QFile::exists(txt) && !database_model::isRemoteDB(txt)) continue; if (txt.size() > 33) txt = QString("...") + txt.mid(txt.size() - 30); a = historyMenu->addAction(QString("%1 %2").arg(j++).arg(txt)); a->setData(QVariant(hist[i])); a->setToolTip(hist[i]); } } void MainWindow::open_database(QAction* a) { init_database(a->data().toString()); } void MainWindow::new_database() { load_db l; QString selectedFilter; QString fname = QFileDialog::getSaveFileName(this, l.caption, homedir, l.filter, &selectedFilter, QFileDialog::DontConfirmOverwrite); // make sure that, if the 3 letter extension was left selected // in Qt's OS X file open dialog, // the filename actually ends with that extension. // Otherwise usability breaks in jarring ways. init_database(getFullFilename(fname, selectedFilter)); } void MainWindow::load_database() { load_db l; QString fname = QFileDialog::getOpenFileName(this, l.caption, homedir, l.filter); init_database(fname); } void MainWindow::setOptions() { if (!QSqlDatabase::database().isOpen()) return; Options *opt = new Options(this); if (opt->exec()) { reqView->showHideSections(); certView->showHideSections(); } delete opt; pkcs11::libraries.load(Settings["pkcs11path"]); enableTokenMenu(pkcs11::libraries.loaded()); } xca-RELEASE.2.9.0/widgets/MainWindow.cpp000066400000000000000000000444501477156507700176340ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #include "MainWindow.h" #include "XcaApplication.h" #include "ImportMulti.h" #include "hashBox.h" #include #include #include #include #include #include #include #include #include #include #include #include #include #include "lib/entropy.h" #include "lib/Passwd.h" #include "lib/database_model.h" #include "lib/exception.h" #include "lib/pki_evp.h" #include "lib/pki_multi.h" #include "lib/pki_scard.h" #include "lib/dhgen.h" #include "lib/load_obj.h" #include "lib/pki_pkcs12.h" #include "XcaDialog.h" #include "XcaWarning.h" #include "XcaProgressGui.h" #include "PwDialog.h" #include "OpenDb.h" #include "Help.h" #include "OidResolver.h" OidResolver *MainWindow::resolver; MainWindow *mainwin; bool MainWindow::legacy_loaded; void MainWindow::enableTokenMenu(bool enable) { foreach(QWidget *w, scardList) { w->setEnabled(enable); } } void MainWindow::initResolver() { bool shown = false; QString search; if (resolver) { shown = resolver->isVisible(); search = resolver->input->text(); delete resolver; } resolver = new OidResolver(NULL); resolver->setWindowTitle(XCA_TITLE); if (shown) resolver->searchOid(search); } MainWindow::MainWindow() : QMainWindow() { dbindex = new QLabel(); dbindex->setFrameStyle(QFrame::Plain | QFrame::NoFrame); dbindex->setMargin(6); dn_translations_setup(); pki_export::init_elements(); statusBar()->addWidget(dbindex, 1); setupUi(this); setWindowTitle(XCA_TITLE); OpenDb::checkSqLite(); initResolver(); wdList << keyButtons << reqButtons << certButtons << tempButtons << crlButtons; OpenDb::initDatabases(); helpdlg = new Help(); init_menu(); setItemEnabled(false); init_images(); homedir = getHomeDir(); ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); EVP_add_digest_alias(SN_sha1,SN_ecdsa_with_SHA1); EVP_add_digest_alias(SN_sha224,SN_ecdsa_with_SHA224); EVP_add_digest_alias(SN_sha256,SN_ecdsa_with_SHA256); EVP_add_digest_alias(SN_sha256,SN_dsa_with_SHA256); EVP_add_digest_alias(SN_sha384,SN_ecdsa_with_SHA384); EVP_add_digest_alias(SN_sha512,SN_ecdsa_with_SHA512); setAcceptDrops(true); searchEdit = new QLineEdit(); searchEdit->setPlaceholderText(tr("Search")); keyView->setIconSize(QPixmap(":keyIco").size()); reqView->setIconSize(QPixmap(":reqIco").size()); certView->setIconSize(QPixmap(":validcertIco").size()); tempView->setIconSize(QPixmap(":templateIco").size()); crlView->setIconSize(QPixmap(":crlIco").size()); views << keyView << reqView << certView << crlView << tempView; pki_base::setupColors(palette()); foreach(XcaTreeView *v, views) v->setMainwin(this, searchEdit); XcaProgress::setGui(new XcaProgressGui(this)); xcaWarning::setGui(new xcaWarningGui()); PwDialogCore::setGui(new PwDialogUI()); } void MainWindow::dropEvent(QDropEvent *event) { if (event->mimeData()->hasUrls()) { QList urls = event->mimeData()->urls(); QUrl u; QStringList files; foreach(u, urls) { QString s = u.toLocalFile(); files << s; } openURLs(files); event->acceptProposedAction(); } else if (event->mimeData()->hasText()) { event->acceptProposedAction(); pastePem(event->mimeData()->text()); } } void MainWindow::openURLs(QStringList &files) { urlsToOpen = files; QTimer::singleShot(100, this, SLOT(openURLs())); } void MainWindow::openURLs() { foreach(QString file, urlsToOpen) { if (file.endsWith(".xdb") || !database_model::splitRemoteDbName(file).isEmpty()) { init_database(file); if (Database.isOpen()) { urlsToOpen.removeAll(file); break; } } } importAnything(urlsToOpen); urlsToOpen.clear(); } void MainWindow::dragEnterEvent(QDragEnterEvent *event) { if (event->mimeData()->hasFormat(X_XCA_DRAG_DATA)) return; if (event->mimeData()->hasUrls() || event->mimeData()->hasText()) event->acceptProposedAction(); } void MainWindow::setItemEnabled(bool enable) { foreach(QWidget *w, wdList) { w->setEnabled(enable); } foreach(QWidget *w, wdMenuList) { w->setEnabled(enable); } foreach(QAction *a, acList) { a->setEnabled(enable); } enableTokenMenu(pkcs11::libraries.loaded()); } void MainWindow::init_images() { bigKey->setPixmap(QPixmap(":keyImg")); bigCsr->setPixmap(QPixmap(":csrImg")); bigCert->setPixmap(QPixmap(":certImg")); bigTemp->setPixmap(QPixmap(":tempImg")); bigRev->setPixmap(QPixmap(":revImg")); setWindowIcon(QPixmap(":appIco")); } void MainWindow::loadPem() { load_pem l; keyView->load_default(&l); } bool MainWindow::pastePem(const QString &text, bool silent) { bool success = false; QByteArray pemdata = text.toLatin1(); if (pemdata.size() == 0) return false; pki_multi *pem = NULL; try { pem = new pki_multi(); pem->fromPEMbyteArray(pemdata, QString()); success = pem->failed_files.count() == 0; importMulti(pem, 1); } catch (errorEx &err) { delete pem; if (!silent) XCA_ERROR(err); } return success; } void MainWindow::pastePem() { QClipboard *cb = QApplication::clipboard(); QString text; text = cb->text(QClipboard::Selection); if (text.isEmpty()) text = cb->text(QClipboard::Clipboard); if (!text.isEmpty()) if (pastePem(text, true)) return; QTextEdit *textbox = new QTextEdit(); textbox->setPlainText(text); XcaDialog *input = new XcaDialog(this, x509, textbox, tr("Import PEM data"), QString()); input->noSpacer(); if (input->exec()) { text = textbox->toPlainText(); if (!text.isEmpty()) pastePem(text); } delete input; } void MainWindow::initToken() { bool ok; if (!pkcs11::libraries.loaded()) return; try { pkcs11 p11; slotid slot; Passwd pin; int ret; if (!p11.selectToken(&slot, this)) return; tkInfo ti = p11.tokenInfo(slot); QString slotname = QString("%1 (#%2)"). arg(ti.label()).arg(ti.serial()); pass_info p(XCA_TITLE, tr("Please enter the original SO PIN (PUK) of the token '%1'"). arg(slotname) + "\n" + ti.pinInfo()); p.setPin(); if (ti.tokenInitialized()) { ret = PwDialogCore::execute(&p, &pin, false); } else { p.setDescription(tr("Please enter the new SO PIN (PUK) for the token '%1'"). arg(slotname) + "\n" + ti.pinInfo()); ret = PwDialogCore::execute(&p, &pin, true); } if (ret != 1) return; QString label = QInputDialog::getText(this, XCA_TITLE, tr("The new label of the token '%1'"). arg(slotname), QLineEdit::Normal, QString(), &ok); if (!ok) return; p11.initToken(slot, pin.constUchar(), pin.size(), label); } catch (errorEx &err) { XCA_ERROR(err); } } void MainWindow::changePin(bool so) { if (!pkcs11::libraries.loaded()) return; try { pkcs11 p11; slotid slot; if (!p11.selectToken(&slot, this)) return; p11.changePin(slot, so); } catch (errorEx &err) { XCA_ERROR(err); } } void MainWindow::changeSoPin() { changePin(true); } void MainWindow::initPin() { if (!pkcs11::libraries.loaded()) return; try { pkcs11 p11; slotid slot; if (!p11.selectToken(&slot, this)) return; p11.initPin(slot); } catch (errorEx &err) { XCA_ERROR(err); } } void MainWindow::manageToken() { pkcs11 p11; slotid slot; pki_scard *card = NULL; pki_x509 *cert = NULL; ImportMulti *dlgi = NULL; enum logintype { none, userlogin, sologin } login = none; if (!pkcs11::libraries.loaded()) return; try { if (!p11.selectToken(&slot, this)) return; tkInfo ti(p11.tokenInfo(slot)); ImportMulti *dlgi = new ImportMulti(this); while (true) { dlgi->tokenInfo(slot); QList objects; QList ml = p11.mechanismList(slot); if (ml.count() == 0) ml << CKM_SHA1_RSA_PKCS; pk11_attlist atts(pk11_attr_ulong(CKA_CLASS, CKO_PUBLIC_KEY)); p11.startSession(slot); p11.getRandom(); if (login != none) { if (p11.tokenLogin(ti.label(), login == sologin).isNull()) break; } objects = p11.objectList(atts); for (int j=0; j< objects.count(); j++) { card = new pki_scard(""); try { card->load_token(p11, objects[j]); card->setMech_list(ml); dlgi->addItem(card); } catch (errorEx &err) { XCA_ERROR(err); delete card; } card = NULL; } atts.reset(); atts << pk11_attr_ulong(CKA_CLASS, CKO_CERTIFICATE) << pk11_attr_ulong(CKA_CERTIFICATE_TYPE,CKC_X_509); objects = p11.objectList(atts); for (int j=0; j< objects.count(); j++) { cert = new pki_x509(""); try { cert->load_token(p11, objects[j]); dlgi->addItem(cert); } catch (errorEx &err) { XCA_ERROR(err); delete cert; } cert = NULL; } if (dlgi->entries() == 0) { p11.closeSession(slot); QString txt = tr("The token '%1' did not contain any keys or certificates") .arg(ti.label()); xcaWarningBox msg(this, txt); msg.addButton(QMessageBox::Ok); msg.addButton(QMessageBox::Retry, tr("Retry with PIN")); msg.addButton(QMessageBox::Apply, tr("Retry with SO PIN")); switch (msg.exec()) { case QMessageBox::Retry: login = userlogin; continue; case QMessageBox::Apply: login = sologin; continue; case QMessageBox::Ok: // fall default: break; } } else { p11.closeSession(slot); dlgi->execute(true); } break; } } catch (errorEx &err) { XCA_ERROR(err); } delete card; delete cert; delete dlgi; } MainWindow::~MainWindow() { ERR_free_strings(); EVP_cleanup(); OBJ_cleanup(); delete dbindex; delete searchEdit; delete helpdlg; XcaProgress::setGui(nullptr); xcaWarning::setGui(nullptr); PwDialogCore::setGui(nullptr); } void MainWindow::closeEvent(QCloseEvent *e) { if (dhgen) { if (!XCA_YESNO("Abort Diffie-Hellmann parameter generation?")){ e->ignore(); return; } dhgen->terminate(); } delete resolver; resolver = NULL; delete helpdlg; helpdlg = NULL; close_database(); QMainWindow::closeEvent(e); } int MainWindow::checkOldGetNewPass(Passwd &pass) { QString passHash = Settings["pwhash"]; if (!passHash.isEmpty()) { pass_info p(tr("Current Password"), tr("Please enter the current database password"), this); /* Try empty password */ if (pki_evp::sha512passwT(pass, passHash) != passHash) { /* Not the empty password, check it */ if (PwDialogCore::execute(&p, &pass, false) != 1) return 0; } if (pki_evp::sha512passwT(pass, passHash) != passHash) { XCA_WARN(tr("The entered password is wrong")); return 0; } } pass_info p(tr("New Password"), tr("Please enter the new password " "to encrypt your private keys in the database-file"), this); return PwDialogCore::execute(&p, &pass, true) != 1 ? 0 : 1; } void MainWindow::changeDbPass() { Passwd pass; XSqlQuery q; QSqlDatabase db = QSqlDatabase::database(); if (!checkOldGetNewPass(pass)) return; QString salt = Entropy::makeSalt(); QString passhash = pki_evp::sha512passwT(pass, salt); QList key_list = Store.sqlSELECTpki( "SELECT item FROM private_keys WHERE ownPass=0"); try { Transaction; if (!TransBegin()) { errorEx e(tr("Transaction start failed")); XCA_ERROR(e); return; } foreach(pki_evp *key, key_list) { EVP_PKEY *evp = key->decryptKey(); key->set_evp_key(evp); key->encryptKey(pass.constData()); key->sqlUpdatePrivateKey(); } Settings["pwhash"] = passhash; TransCommit(); pki_evp::passHash = passhash; pki_evp::passwd = pass; } catch (errorEx &e) { XCA_ERROR(e); } } void MainWindow::importAnything(QString file) { importAnything(QStringList(file)); } void MainWindow::importAnything(const QStringList &files) { pki_multi *multi = new pki_multi(); foreach(QString s, files) multi->probeAnything(s); importMulti(multi, 1); } void MainWindow::importMulti(pki_multi *multi, int force) { if (!multi) return; QStringList failed_files = multi->failed_files; ImportMulti *dlgi = new ImportMulti(this); // dlgi->addItem() deletes "multi" if appropriate dlgi->addItem(multi); dlgi->execute(force, failed_files); delete dlgi; } void MainWindow::openRemoteSqlDB() { OpenDb *opendb = new OpenDb(this, QString()); QString descriptor; Passwd pass; DbMap params; if (opendb->exec()) { descriptor = opendb->getDescriptor(); pass = opendb->dbPassword->text().toLatin1(); params = database_model::splitRemoteDbName(descriptor); } delete opendb; if (descriptor.isEmpty()) return; init_database(descriptor, pass); } enum open_result MainWindow::init_database(const QString &name, const Passwd &pass) { close_database(); try { Database.open(name, pass); return setup_open_database(); } catch (errorEx &err) { XCA_ERROR(err); return open_abort; } catch (enum open_result r) { return r; } return pw_ok; } void MainWindow::showDatabaseName() { if (Database.isOpen()) dbindex->setText(tr("Database: %1") .arg(compressFilename(Database.name()))); } enum open_result MainWindow::setup_open_database() { if (!Database.isOpen()) return open_abort; if (!database_model::isRemoteDB(Database.name())) homedir = QFileInfo(Database.name()).canonicalPath(); setItemEnabled(true); showDatabaseName(); set_geometry(Settings["mw_geometry"]); if (pki_evp::passwd.isNull()) XCA_INFO(tr("Using or exporting private keys will not be possible without providing the correct password")); enableTokenMenu(pkcs11::libraries.loaded()); digest defdig(digest::getDefault()); if (defdig.isInsecure()) { XCA_WARN(tr("The currently used default hash '%1' is insecure. Please select at least 'SHA 224' for security reasons.").arg(defdig.name())); setOptions(); } encAlgo encalg = encAlgo::getDefault(); if (encalg.legacy() && !Settings["pkcs12_keep_legacy"]) { QString text(tr("The currently used PFX / PKCS#12 algorithm '%1' is insecure.") .arg(encalg.name())); xcaWarningBox msg(this, text); msg.addButton(QMessageBox::Ok); msg.addButton(QMessageBox::Ignore); msg.addButton(QMessageBox::Apply, tr("Change")); switch (msg.exec()) { case QMessageBox::Ok: break; case QMessageBox::Ignore: Settings["pkcs12_keep_legacy"] = true; break; case QMessageBox::Apply: setOptions(); break; } } keyView->setModel(Database.model()); reqView->setModel(Database.model()); certView->setModel(Database.model()); tempView->setModel(Database.model()); crlView->setModel(Database.model()); searchEdit->setText(""); searchEdit->show(); statusBar()->addWidget(searchEdit, 1); connect(tempView, SIGNAL(newCert(pki_temp *)), Database.model(), SLOT(newCert(pki_temp *))); connect(tempView, SIGNAL(newReq(pki_temp *)), Database.model(), SLOT(newItem(pki_temp *))); return pw_ok; } void MainWindow::set_geometry(QString geo) { QStringList sl = geo.split(","); if (sl.size() != 3) return; resize(sl[0].toInt(), sl[1].toInt()); int i = sl[2].toInt(); if (i != -1) tabView->setCurrentIndex(i); } void MainWindow::close_database() { if (!Database.isOpen()) return; Settings["mw_geometry"] = QString("%1,%2,%3") .arg(size().width()) .arg(size().height()) .arg(tabView->currentIndex()); history.addEntry(Database.name()); foreach(XcaTreeView *v, views) v->setModel(NULL); Database.close(); setItemEnabled(false); dbindex->clear(); update_history_menu(); enableTokenMenu(pkcs11::libraries.loaded()); } void MainWindow::exportIndex() { exportIndex(QFileDialog::getSaveFileName(this, XCA_TITLE, Settings["workingdir"], tr("Certificate Index ( index.txt )") + ";;" + tr("All files ( * )")), false); } void MainWindow::exportIndexHierarchy() { exportIndex(QFileDialog::getExistingDirectory( this, XCA_TITLE, Settings["workingdir"]), true); } void MainWindow::exportIndex(const QString &fname, bool hierarchy) const { qDebug() << fname << hierarchy; if (fname.isEmpty() || !Database.isOpen()) return; db_x509 *certs = Database.model(); certs->writeIndex(fname, hierarchy); } void MainWindow::generateDHparamDone() { errorEx e(dhgen->error()); if (e.isEmpty()) XCA_INFO(tr("Diffie-Hellman parameters saved as: %1") .arg(dhgen->filename())); else XCA_ERROR(e); dhgen->deleteLater(); dhgen = NULL; delete dhgenProgress; dhgenProgress = nullptr; } void MainWindow::generateDHparam() { bool ok; int bits; if (dhgen) return; bits = QInputDialog::getDouble(this, XCA_TITLE, tr("Diffie-Hellman parameters are needed for different applications, but not handled by XCA.\nPlease enter the DH parameter bits"), 1024, 1024, 4096, 0, &ok); if (!ok) return; /* * 1024: 6 sec * 2048: 38 sec * 4096: 864 sec */ Entropy::seed_rng(); try { QString fname = QString("%1/dh%2.pem").arg(homedir).arg(bits); fname = QFileDialog::getSaveFileName(this, QString(), fname, tr("All files ( * )"), NULL); if (fname == "") throw errorEx(""); dhgen = new DHgen(fname, bits); dhgenProgress = new XcaProgress(QString("Diffie-Hellman"), 0); dhgen->start(QThread::LowestPriority); connect(dhgen, SIGNAL(finished()), this, SLOT(generateDHparamDone())); } catch (errorEx &err) { XCA_ERROR(err); } } void MainWindow::changeEvent(QEvent *event) { if (event->type() == QEvent::LanguageChange) { retranslateUi(this); dn_translations_setup(); pki_export::init_elements(); init_menu(); foreach(db_base *model, Database.getModels()) model->updateHeaders(); showDatabaseName(); searchEdit->setPlaceholderText(tr("Search")); } QMainWindow::changeEvent(event); } void MainWindow::keyPressEvent(QKeyEvent *e) { if (e->modifiers() != Qt::ControlModifier) { QMainWindow::keyPressEvent(e); return; } int size = XcaApplication::tableFont.pointSize(); switch (e->key()) { case Qt::Key_Plus: XcaApplication::tableFont.setPointSize(size +1); break; case Qt::Key_Minus: if (size > 4) { XcaApplication::tableFont.setPointSize(size -1); } break; case Qt::Key_V: if (e->modifiers() == Qt::ControlModifier) { pastePem(); break; } /* FALLTHROUGH */ default: QMainWindow::keyPressEvent(e); return; } foreach(XcaTreeView *v, views) { if (v) { v->header()->resizeSections( QHeaderView::ResizeToContents); v->reset(); } } update(); } void MainWindow::dump_database() { QString dirname = QFileDialog::getExistingDirectory( NULL, XCA_TITLE, Settings["workingdir"]); try { Database.dump(dirname); } catch (errorEx &err) { XCA_ERROR(err); } } void MainWindow::default_database() { Database.as_default(); } xca-RELEASE.2.9.0/widgets/MainWindow.h000066400000000000000000000066261477156507700173040ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __MAINWINDOW_H #define __MAINWINDOW_H #include "ui_MainWindow.h" #include "lib/oid.h" #include "lib/Passwd.h" #include "lib/database_model.h" #include "lib/dbhistory.h" #include "lib/dhgen.h" #include "lib/XcaProgress.h" #include #include #include #include class db_x509; class pki_multi; class NewX509; class OidResolver; class QProgressBar; class DHgen; class Help; extern MainWindow *mainwin; class tipMenu : public QMenu { Q_OBJECT public: tipMenu(QString n, QWidget *w) : QMenu(n, w) {} bool event (QEvent * e) { if (e->type() == QEvent::ToolTip && activeAction() && activeAction()->toolTip() != activeAction()->text()) { const QHelpEvent *helpEvent = static_cast (e); QToolTip::showText(helpEvent->globalPos(), activeAction()->toolTip()); } else { QToolTip::hideText(); } return QMenu::event(e); } }; class MainWindow: public QMainWindow, public Ui::MainWindow { Q_OBJECT private: static OidResolver *resolver; QString string_opt{}; QList wdList{}; QList wdMenuList{}; QList scardList{}; QList acList{}; tipMenu *historyMenu{}; QLineEdit *searchEdit{}; QStringList urlsToOpen{}; XcaProgress *dhgenProgress{}; DHgen *dhgen{}; QList views{}; dbhistory history{}; void set_geometry(QString geo); int checkOldGetNewPass(Passwd &pass); void checkDB(); const QList getTranslators() const; void exportIndex(const QString &fname, bool hierarchy) const; QAction *languageMenuEntry(const QStringList &sl); protected: void init_images(); void init_menu(); int force_load; NIDlist *read_nidlist(QString name); QLabel *statusLabel; QString homedir; void keyPressEvent(QKeyEvent *e); void update_history_menu(); void showDatabaseName(); public: static bool legacy_loaded; int exitApp; QLabel *dbindex; Help *helpdlg; MainWindow(); virtual ~MainWindow(); void loadSettings(); void saveSettings(); void load_engine(); static OidResolver *getResolver() { return resolver; } bool mkDir(QString dir); void setItemEnabled(bool enable); void enableTokenMenu(bool enable); void importAnything(QString file); void importAnything(const QStringList &files); void importMulti(pki_multi *multi, int force); void dropEvent(QDropEvent *event); void dragEnterEvent(QDragEnterEvent *event); void initResolver(); public slots: enum open_result init_database(const QString &dbName, const Passwd &pass = Passwd()); enum open_result setup_open_database(); void new_database(); void load_database(); void close_database(); void dump_database(); void default_database(); void about(); void loadPem(); bool pastePem(const QString &text, bool silent=false); void pastePem(); void changeDbPass(); void openURLs(QStringList &files); void openURLs(); void changeEvent(QEvent *event); void exportIndex(); void exportIndexHierarchy(); void openRemoteSqlDB(); void generateDHparamDone(); protected slots: void closeEvent(QCloseEvent * event); private slots: void setOptions(); void manageToken(); void initToken(); void changePin(bool so=false); void changeSoPin(); void initPin(); void generateDHparam(); void open_database(QAction* a); }; #endif xca-RELEASE.2.9.0/widgets/NewCrl.cpp000066400000000000000000000040101477156507700167360ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2010 - 2011 Christian Hohnstaedt. * * All rights reserved. */ #include "NewCrl.h" #include "XcaDialog.h" #include "validity.h" #include "MainWindow.h" #include "lib/base.h" #include "lib/func.h" #include #include #include #include #include NewCrl::NewCrl(const crljob &j, QWidget *w) : QWidget(w ? w : mainwin), task(j) { pki_x509 *issuer = task.issuer; pki_key *key = issuer->getRefKey(); setupUi(this); dateBox->setTitle(issuer->getIntName()); validNumber->setText(QString::number(task.crlDays)); validRange->setCurrentIndex(0); on_applyTime_clicked(); nextUpdate->setEndDate(true); hashAlgo->setupHashes(key->possibleHashNids()); hashAlgo->setCurrent(task.hashAlgo); crlNumber->setText(task.crlNumber.toDec()); if (issuer->hasExtension(NID_subject_alt_name)) { subAltName->setEnabled(true); subAltName->setChecked(task.subAltName); } else { subAltName->setEnabled(false); } revocationReasons->setChecked(task.withReason); authKeyId->setChecked(task.authKeyId); } crljob NewCrl::getCrlJob() const { crljob t = task; t.withReason = revocationReasons->isChecked(); t.authKeyId = authKeyId->isChecked(); t.subAltName = subAltName->isChecked(); t.setCrlNumber = setCrlNumber->isChecked(); t.lastUpdate = lastUpdate->getDate(); t.nextUpdate = nextUpdate->getDate(); t.hashAlgo = hashAlgo->current(); t.crlNumber = crlNumber->text().toLong(); return t; } void NewCrl::on_applyTime_clicked() { nextUpdate->setDiff(lastUpdate, validNumber->text().toInt(), validRange->currentIndex()); } NewCrl::~NewCrl() { qDebug() << "NewCrl::~NewCrl() -- DELETED"; } void NewCrl::newCrl(QWidget *parent, pki_x509 *issuer) { crljob task(issuer); NewCrl *widget = new NewCrl(task); XcaDialog *dlg = new XcaDialog(parent, revocation, widget, tr("Create CRL"), QString(), "crlgenerate"); if (dlg->exec()) { db_crl *db = Database.model(); if (db) db->newCrl(widget->getCrlJob()); } delete dlg; } xca-RELEASE.2.9.0/widgets/NewCrl.h000066400000000000000000000007571477156507700164210ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2010 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __NEWCRL_H #define __NEWCRL_H #include "ui_NewCrl.h" #include "lib/pki_crl.h" class pki_key; class NewCrl: public QWidget, public Ui::NewCrl { Q_OBJECT crljob task{}; public: NewCrl(const crljob &task, QWidget *w = nullptr); ~NewCrl(); crljob getCrlJob() const; static void newCrl(QWidget *parent, pki_x509 *issuer); public slots: void on_applyTime_clicked(); }; #endif xca-RELEASE.2.9.0/widgets/NewKey.cpp000066400000000000000000000126121477156507700167550ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "NewKey.h" #include "MainWindow.h" #include "Help.h" #include "lib/pki_evp.h" #include "lib/pkcs11.h" #include "distname.h" #include "clicklabel.h" #include "ItemCombo.h" #include #include #include #include class keyListItem { public: bool card; keytype ktype; QString printname; slotid slot; unsigned minKeySize; unsigned maxKeySize; unsigned long ec_flags; keyListItem(pkcs11 *p11, slotid nslot, CK_MECHANISM_TYPE m) { slot = nslot; CK_MECHANISM_INFO mechinfo; p11->mechanismInfo(slot, m, &mechinfo); minKeySize = mechinfo.ulMinKeySize; maxKeySize = mechinfo.ulMaxKeySize; if (maxKeySize == 0) { /* Fallback for libraries not * filling in the maxKeySize */ maxKeySize = INT_MAX; } ktype = keytype::byMech(m); tkInfo ti = p11->tokenInfo(slot); #ifndef OPENSSL_NO_EC if (m == CKM_EC_KEY_PAIR_GEN) { CK_MECHANISM_INFO info; p11->mechanismInfo(slot, m, &info); ec_flags = info.flags & (CKF_EC_F_P | CKF_EC_F_2M); if (!ec_flags) { /* Fallback: Assume to support both for * libraries leaving this flag empty */ ec_flags = CKF_EC_F_P | CKF_EC_F_2M; } } #endif printname = QString("%1 #%2 (%3 Key of %4 - %5 bits)"). arg(ti.label()).arg(ti.serial()). arg(ktype.name). arg(minKeySize). arg(maxKeySize); card = true; } keyListItem(const keytype &t = keytype()) : ktype(t) { printname = ktype.name; card = false; slot = slotid(); minKeySize = 0; maxKeySize = INT_MAX; ec_flags = 0; } int type() const { return ktype.type; } }; Q_DECLARE_METATYPE(keyListItem); NewKey::NewKey(QWidget *parent, const QString &name) :QDialog(parent ? parent : mainwin) { static const QList sizeList = { 1024, 2048, 4096, 8192 }; slotidList p11_slots; QList keytypes; setupUi(this); setWindowTitle(XCA_TITLE); image->setPixmap(QPixmap(":keyImg")); mainwin->helpdlg->register_ctxhelp_button(this, "keygen"); if (!name.isEmpty()) keyDesc->setText(name); keyLength->setEditable(true); foreach (int size, sizeList) keyLength->addItem(QString("%1 bit").arg(size)); foreach (const keytype t, keytype::types()) keytypes << keyListItem(t); updateCurves(); keyLength->setEditText(QString("%1 bit").arg(keyjob::defaultjob.size)); keyDesc->setFocus(); if (pkcs11::libraries.loaded()) try { pkcs11 p11; p11_slots = p11.getSlotList(); foreach(slotid slot, p11_slots) { QList ml = p11.mechanismList(slot); foreach(keytype t, keytype::types()) if (ml.contains(t.mech)) keytypes << keyListItem(&p11, slot, t.mech); } } catch (errorEx &) { p11_slots.clear(); } for (int i=0; iaddItem(keytypes[i].printname, q); if (!keytypes[i].card && keytypes[i].type() == keyjob::defaultjob.ktype.type) { keyType->setCurrentIndex(i); } } buttonBox->button(QDialogButtonBox::Ok)->setText(tr("Create")); } void NewKey::addCurveBoxCurves(const QList &curves) { foreach(builtin_curve curve, curves) { QString sn(OBJ_nid2sn(curve.nid)); QString p, comment = curve.comment; if (comment.isEmpty()) comment = "---"; p = sn + ": " + comment; curveBox->addItem(sn + ": " + comment, curve.nid); } } void NewKey::updateCurves(unsigned min, unsigned max, unsigned long ec_flags) { #ifndef OPENSSL_NO_EC QList curve_rfc5480, curve_x962, curve_other; foreach(builtin_curve curve, builtinCurves) { const char *sn = OBJ_nid2sn(curve.nid); if (!sn || curve.order_size < min || curve.order_size > max) continue; if (ec_flags && (curve.type & ec_flags) == 0) continue; switch (curve.flags) { case CURVE_RFC5480: curve_rfc5480 << curve; break; case CURVE_X962: curve_x962 << curve; break; case CURVE_OTHER: curve_other << curve; break; } } curveBox->clear(); addCurveBoxCurves(curve_rfc5480); curveBox->insertSeparator(curveBox->count()); addCurveBoxCurves(curve_x962); curveBox->insertSeparator(curveBox->count()); addCurveBoxCurves(curve_other); int default_index = curveBox->findData( QVariant(keyjob::defaultjob.ec_nid)); curveBox->setCurrentIndex(default_index == -1 ? 0 : default_index); #else (void)min; (void)max; (void)ec_flags; #endif } void NewKey::on_keyType_currentIndexChanged(int idx) { keyListItem ki = keyType->itemData(idx).value(); curveBox->setVisible(ki.ktype.curve); curveLabel->setVisible(ki.ktype.curve); keySizeLabel->setVisible(ki.ktype.length); keyLength->setVisible(ki.ktype.length); rememberDefault->setEnabled(!ki.card); if (ki.ktype.curve && ki.card) { updateCurves(ki.minKeySize, ki.maxKeySize, ki.ec_flags); } } keyjob NewKey::getKeyJob() const { keyjob job; keyListItem selected = keyType->itemData(keyType->currentIndex()) .value(); job.ktype = selected.ktype; if (job.isEC()) { int idx = curveBox->currentIndex(); job.ec_nid = curveBox->itemData(idx).toInt(); } else { QString size = keyLength->currentText(); size.replace(QRegularExpression("[^0-9]"), ""); job.size = size.toInt(); } job.slot = selected.slot; return job; } void NewKey::accept() { if (rememberDefault->isChecked()) { keyjob::defaultjob = getKeyJob(); Settings["defaultkey"] = keyjob::defaultjob.toString(); } QDialog::accept(); } xca-RELEASE.2.9.0/widgets/NewKey.h000066400000000000000000000012371477156507700164230ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __NEWKEY_H #define __NEWKEY_H #include "ui_NewKey.h" #include "lib/pkcs11_lib.h" #include "lib/pki_key.h" #include "lib/builtin_curves.h" #include class NewKey: public QDialog, public Ui::NewKey { Q_OBJECT private: void updateCurves(unsigned min=0, unsigned max=INT_MAX, unsigned long ec_flags=0); void addCurveBoxCurves(const QList &curves); public: NewKey(QWidget *parent, const QString &name); keyjob getKeyJob() const; public slots: void accept(); void on_keyType_currentIndexChanged(int); }; #endif xca-RELEASE.2.9.0/widgets/NewX509.cpp000066400000000000000000001143461477156507700167010ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "NewX509.h" #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "XcaWarning.h" #include "NewKey.h" #include "CertDetail.h" #include "OidResolver.h" #include "MainWindow.h" #include "Help.h" #include "v3ext.h" #include "lib/x509name.h" #include "lib/db_key.h" #include "lib/db_x509req.h" #include "lib/db_x509.h" #include "lib/db_temp.h" #include "lib/oid.h" #include "lib/func.h" #include "lib/pki_evp.h" void NewX509::setupExplicitDN(NIDlist my_dn_nid = NIDlist()) { NIDlist expl_dn_nid; /* Create configured explicit_dn list */ if (!Settings["explicit_dn"].empty()) { foreach(QString dn, Settings["explicit_dn"].split(",")) { int nid = OBJ_sn2nid(CCHAR(dn)); if (!my_dn_nid.contains(nid)) expl_dn_nid << nid; } } nameEdits = setupExplicitInputs(my_dn_nid + expl_dn_nid, dnWidget, description, 2); } QList NewX509::setupExplicitInputs(NIDlist nid_list, QWidget *parent, QWidget *old, int columns) { QList edits; QGridLayout *layout = dynamic_cast(parent->layout()); if (layout) { QLayoutItem *child; while ((child = layout->takeAt(0))) { delete child->widget(); delete child; } } else { layout = new QGridLayout(parent); layout->setAlignment(Qt::AlignTop); layout->setSpacing(6); layout->setContentsMargins(0, 0, 0, 0); layout->setContentsMargins(11, 11, 11, 11); } int n = 0, col = 0; foreach(int nid, nid_list) { DoubleClickLabel *label; QLineEdit *edit; QString trans = dn_translations[nid]; QString ln = OBJ_nid2ln(nid), sn = OBJ_nid2sn(nid); label = new DoubleClickLabel(parent); if (Settings["translate_dn"] && !trans.isEmpty()) { label->setText(trans); label->setToolTip(QString("[%1] %2").arg(sn, ln)); if (sn == ln) label->setToolTip(ln); } else { label->setText(ln); label->setToolTip(QString("[%1] %2").arg(sn, trans)); if (trans == sn) label->setToolTip(trans); } label->setClickText(OBJ_nid2sn(nid)); connect(label, SIGNAL(doubleClicked(QString)), MainWindow::getResolver(), SLOT(searchOid(QString))); edit = new QLineEdit(parent); setupLineEditByNid(nid, edit); edits << nameEdit(nid, edit, label); layout->addWidget(label, n, col); layout->addWidget(edit, n, col +1); n++; if (n > (nid_list.size()-1)/columns) { col += 2; n = 0; } QWidget::setTabOrder(old, edit); old = edit; } return edits; } NewX509::NewX509(QWidget *w) : XcaDetail(w) { QStringList keys; db_key *keymodel = Database.model(); db_x509req *reqmodel = Database.model(); attr_nid << NID_pkcs9_unstructuredName << NID_pkcs9_challengePassword; setupUi(this); mainwin->helpdlg->register_ctxhelp_button(this, "wizard"); /* temporary storage for creating temporary X509V3_CTX */ foreach(int nid, distname_nid) keys << QString(OBJ_nid2ln(nid)); tabnames = QStringList({ "wizard_src", "wizard_subject", "wizard_extensions", "wizard_keyusage", "wizard_netscape", "wizard_advanced", "wizard_comment"}); extDNlist->setKeys(keys); extDNlist->setInfoLabel(extDNinfo); connect(extDNlist->itemDelegateForColumn(1), SIGNAL(setupLineEdit(const QString &, QLineEdit *)), this, SLOT(setupExtDNwidget(const QString &, QLineEdit *))); connect(nameCons, SIGNAL(textChanged(const QString &)), this, SLOT(checkNameConstraints(const QString &))); connect(subAltName, SIGNAL(textChanged(const QString &)), this, SLOT(checkSubAltName(const QString &))); connect(issAltName, SIGNAL(textChanged(const QString &)), this, SLOT(checkIssAltName(const QString &))); connect(crlDist, SIGNAL(textChanged(const QString &)), this, SLOT(checkCrlDist(const QString &))); connect(authInfAcc, SIGNAL(textChanged(const QString &)), this, SLOT(checkAuthInfAcc(const QString &))); if (keymodel) connect(keymodel, SIGNAL(keyDone(pki_key*)), this, SLOT(newKeyDone(pki_key*))); if (reqmodel) connect(reqmodel, SIGNAL(pkiChanged(pki_base*)), this, SLOT(itemChanged(pki_base*))); setWindowTitle(XCA_TITLE); for (int i=0; icount(); i++) { tabWidget->widget(i)->setObjectName(tabnames[i]); qDebug() << "TAB:" << i << tabWidget->tabText(i); } nsImg->setPixmap(QPixmap(":nsImg")); // are there any usable private keys ? newKeyDone(NULL); // any PKCS#10 requests to be used ? QList requests = getAllRequests(); if (requests.isEmpty()) { fromReqCB->setDisabled(true); fromReqCB->setChecked(false); } else { reqList->insertPkiItems(requests); } on_fromReqCB_clicked(); // How about signing certificates ? QList issuers = getAllIssuers(); if (issuers.isEmpty()) { foreignSignRB->setDisabled(true); } else { certList->insertPkiItems(issuers); } // set dates to now and now + 1 year validN->setText("1"); validRange->setCurrentIndex(2); on_applyTime_clicked(); // settings for the templates .... tempList->insertPkiItems(getAllTempsAndPredefs()); // setup Extended keyusage foreach(int nid, extkeyuse_nid) ekeyUsage->addItem(OBJ_nid2ln(nid)); // init the X509 v3 context X509V3_set_ctx(&ext_ctx, NULL , NULL, NULL, NULL, 0); X509V3_set_ctx_nodb(&ext_ctx); // Setup dnWidget setupExplicitDN(); // Setup Request Attributes attrEdits = setupExplicitInputs(attr_nid, attrWidget, reqSubChange, 1); // last polish on_certList_currentIndexChanged(0); certList->setDisabled(true); tabWidget->setCurrentIndex(0); attrWidget->hide(); notAfter->setEndDate(true); basicPath->setValidator(new QIntValidator(0, 1000, this)); QMap nidWidget; nidWidget[NID_name_constraints] = nameConsLbl; nidWidget[NID_subject_alt_name] = sanLbl; nidWidget[NID_issuer_alt_name] = ianLbl; nidWidget[NID_crl_distribution_points] = crldpLbl; nidWidget[NID_info_access] = aiaLbl; nidWidget[NID_netscape_base_url] = nsBaseLbl; nidWidget[NID_netscape_revocation_url] = nsRevLbl; nidWidget[NID_netscape_ca_revocation_url] = nsCaRevLbl; nidWidget[NID_netscape_renewal_url] = nsRenewLbl; nidWidget[NID_netscape_ca_policy_url] = nsCaPolicyLbl; nidWidget[NID_netscape_ssl_server_name] = nsSslServerLbl; nidWidget[NID_netscape_comment] = nsCommentLbl; nidWidget[NID_basic_constraints] = bcBox; nidWidget[NID_key_usage] = kuBox; nidWidget[NID_ext_key_usage] = ekuBox; nidWidget[NID_netscape_cert_type] = nsCertTypeBox; nidWidget[NID_subject_key_identifier] = subKey; nidWidget[NID_authority_key_identifier] = authKey; foreach(int nid, nidWidget.keys()) { QString text = OBJ_nid2ln(nid); QString tooltip = dn_translations[nid]; QWidget *w = nidWidget[nid]; QString tt = w->toolTip(); if (Settings["translate_dn"]) text.swap(tooltip); if (!tt.isEmpty()) tooltip = QString("%1 (%2)").arg(tt).arg(tooltip); w->setToolTip(tooltip); DoubleClickLabel *l = dynamic_cast(w); QGroupBox *g = dynamic_cast(w); QCheckBox *c = dynamic_cast(w); if (l) { l->setText(text); l->setClickText(OBJ_nid2sn(nid)); connect(l, SIGNAL(doubleClicked(QString)), MainWindow::getResolver(), SLOT(searchOid(QString))); } else if (g) { g->setTitle(text); } else if (c) { c->setText(text); } } if (Settings["translate_dn"]) { QList gb { distNameBox, keyIdentBox }; foreach(QGroupBox *g, gb) { QString tt = g->toolTip(); g->setToolTip(g->title()); g->setTitle(tt); } QList cbList { bcCritical,kuCritical,ekuCritical }; foreach(QCheckBox* cb, cbList) { cb->setText(tr("Critical")); } } if (Settings["disable_netscape"]) tabWidget->removeTab(4); // Setup widget <-> Template mapping #define MAP_LE(name) templateLineEdits[#name] = name; MAP_LE(nameCons); MAP_LE(subAltName); MAP_LE(issAltName); MAP_LE(crlDist); MAP_LE(authInfAcc); MAP_LE(nsComment); MAP_LE(nsBaseUrl); MAP_LE(nsRevocationUrl); MAP_LE(nsCARevocationUrl); MAP_LE(nsRenewalUrl); MAP_LE(nsCaPolicyUrl); MAP_LE(nsSslServerName); MAP_LE(validN); MAP_LE(basicPath); #define MAP_CB(name) templateCheckBoxes[#name] = name; MAP_CB(bcCritical); MAP_CB(kuCritical); MAP_CB(ekuCritical); MAP_CB(subKey); MAP_CB(authKey); MAP_CB(OCSPstaple); MAP_CB(validMidn); MAP_CB(noWellDefinedExpDate); } void NewX509::setRequest() { reqWidget->hide(); attrWidget->show(); signerBox->setEnabled(false); timewidget->setEnabled(false); capt->setText(tr("Create Certificate signing request")); authKey->setEnabled(false); image->setPixmap(QPixmap(":csrImg")); pt = x509_req; } NewX509::~NewX509() { delete ctx_cert; } void NewX509::setupExtDNwidget(const QString &s, QLineEdit *l) { setupLineEditByNid(OBJ_txt2nid(CCHAR(s)), l); } void NewX509::setupLineEditByNid(int nid, QLineEdit *l) { ASN1_STRING_TABLE *tab = ASN1_STRING_TABLE_get(nid); QValidator *validator = NULL; QStringList info; info << QString("[%1]").arg(OBJ_nid2sn(nid)); if (tab) { if (tab->minsize > 1) info << tr("minimum size: %1").arg(tab->minsize); if (tab->maxsize != -1) info << tr("maximum size: %1").arg(tab->maxsize); if (tab->mask == B_ASN1_PRINTABLESTRING) { info << tr("only a-z A-Z 0-9 '()+,-./:=?"); QRegularExpression rx("[a-zA-Z0-9'()+,-./:=?]+"); validator = new QRegularExpressionValidator(rx, this); } else if (tab->mask == B_ASN1_IA5STRING) { info << tr("only 7-bit clean characters"); } } l->setToolTip(info.join(" ")); l->setValidator(validator); } void NewX509::getReqAttributes(pki_x509req *req) { foreach(nameEdit e, attrEdits) { req->addAttribute(e.nid, e.edit->text()); } } void NewX509::setReqAttributes(pki_x509req *req) { foreach(nameEdit e, attrEdits) { e.edit->setText(req->getAttribute(e.nid)); } } /* Initialize dialog for Template creation */ void NewX509::setTemp(pki_temp *temp, bool create) { description->setText(temp->getIntName()); capt->setText(tr("Edit XCA template")); tabWidget->removeTab(0); privKeyBox->setEnabled(false); validityBox->setEnabled(false); image->setPixmap(QPixmap(":tempImg")); pt = tmpl; fromTemplate(temp); comment->setPlainText(temp->getComment()); if (!create) connect_pki(temp); } /* Initialize dialog for Certificate creation */ void NewX509::setCert() { capt->setText(tr("Create x509 Certificate")); image->setPixmap(QPixmap(":certImg")); pt = x509; } /* Select a template and apply it */ void NewX509::defineTemplate(pki_temp *temp) { fromTemplate(temp); templateChanged(temp); pkiSource = transformed; } /* Select a Request for signing it */ void NewX509::defineRequest(pki_x509req *req) { fromReqCB->setEnabled(true); fromReqCB->setChecked(true); reqList->setCurrentPkiItem(req); pkiSource = transformed; on_fromReqCB_clicked(); } /* Preset all values from another request to create a similar one */ void NewX509::fromX509super(pki_x509super *cert_or_req, bool applyTemp) { pki_temp *temp = new pki_temp(""); temp->fromCert(cert_or_req); defineTemplate(temp); delete temp; description->setText(cert_or_req->getIntName()); pki_key *key = cert_or_req->getRefKey(); if (key) { usedKeysToo->setChecked(true); keyList->setCurrentPkiItem(key); } hashAlgo->setCurrent(cert_or_req->getDigest()); switch(cert_or_req->getType()) { case x509: { pki_x509 *cert = (pki_x509*)cert_or_req; pki_x509 *signer = cert->getSigner(); if (signer == cert) { foreignSignRB->setChecked(false); } else if (signer) { defineSigner(signer, applyTemp); } notBefore->setDate(cert->getNotBefore()); notAfter->setDate(cert->getNotAfter()); break; } case x509_req: { pki_x509req *req = (pki_x509req*)cert_or_req; setReqAttributes(req); break; } default: break; } } pki_temp *NewX509::caTemplate(pki_x509 *ca) const { QVariant sqlId = ca->getTemplateSqlId(); if (!sqlId.isValid()) return NULL; return Store.lookupPki(sqlId); } /* Preset the signing certificate */ void NewX509::defineSigner(pki_x509 *defcert, bool applyTemp) { // suggested from: Andrey Brindeew if (defcert && defcert->canSign() ) { if (certList->setCurrentPkiItem(defcert) != -1) { foreignSignRB->setChecked(true); certList->setEnabled(true); if (applyTemp && defcert->getTemplateSqlId().isValid()) { on_applyTemplate_clicked(); } } } } static int lb2int(QListWidget *lb) { int i, x=0, c=lb->count(); for (i=0; iitem(i)->isSelected()) x |= 1<count(); i++) lb->item(i)->setSelected((1< items; for (int i=0; ifindItems(lname, Qt::MatchExactly); if (items.size() > 0) items[0]->setSelected(true); } } static QString lb2QString(QListWidget *lb) { QStringList sl; for (int i=0; icount(); i++) { QListWidgetItem *item = lb->item(i); if (item->isSelected()) sl << QString(OBJ_ln2sn(CCHAR(item->text()))); } return sl.join(", "); } void NewX509::subjectFromTemplate(pki_temp *temp) { if (temp) setX509name(temp->getSubject()); } void NewX509::extensionsFromTemplate(pki_temp *temp) { if (!temp) return; QMapIterator l(templateLineEdits); while (l.hasNext()) { l.next(); qDebug() << "APPLY LineEdits" << l.key() << temp->getSetting(l.key()); l.value()->setText(temp->getSetting(l.key())); } QMapIterator i(templateCheckBoxes); while (i.hasNext()) { i.next(); i.value()->setChecked(temp->getSettingInt(i.key())); } int2lb(nsCertType, temp->getSettingInt("nsCertType")); basicCA->setCurrentIndex(temp->getSettingInt("ca")); int2lb(keyUsage, temp->getSettingInt("keyUse")); QString2lb(ekeyUsage, temp->getSetting("eKeyUse")); validRange->setCurrentIndex(temp->getSettingInt("validM")); nconf_data->document()->setPlainText(temp->getSetting("adv_ext")); on_applyTime_clicked(); } void NewX509::fromTemplate(pki_temp *temp) { subjectFromTemplate(temp); extensionsFromTemplate(temp); } void NewX509::updateNameComment() { // If we display a template, import all changes to the template pki_temp *temp = dynamic_cast(pki); toTemplate(temp); } void NewX509::toTemplate(pki_temp *temp) { if (!temp) return; temp->setIntName(description->text()); temp->setSubject(getX509name()); QMapIterator l(templateLineEdits); while (l.hasNext()) { l.next(); temp->setSetting(l.key(), l.value()->text()); } QMapIterator i(templateCheckBoxes); while (i.hasNext()) { i.next(); temp->setSetting(i.key(), i.value()->isChecked()); } temp->setSetting("nsCertType", lb2int(nsCertType)); temp->setSetting("ca", basicCA->currentIndex()); temp->setSetting("keyUse", lb2int(keyUsage)); temp->setSetting("eKeyUse", lb2QString(ekeyUsage)); temp->setSetting("validN", validN->text().toInt()); temp->setSetting("validM", validRange->currentIndex()); if (!temp->getSetting("basicPath").isEmpty()) temp->setSetting("basicPath", temp->getSettingInt("basicPath")); if (nconf_data->isReadOnly()) { temp->setSetting("adv_ext", v3ext_backup); } else { temp->setSetting("adv_ext", nconf_data->toPlainText()); } temp->setComment(comment->toPlainText()); } void NewX509::on_fromReqCB_clicked() { bool request = fromReqCB->isChecked(); bool subj_tab_present = tabWidget->widget(1) == tab_1; bool subChange = reqSubChange->isChecked(); if (request && subj_tab_present && !subChange) tabWidget->removeTab(1); else if ((!request || subChange) && !subj_tab_present) tabWidget->insertTab(1, tab_1, tr("Subject")); reqList->setEnabled(request); copyReqExtCB->setEnabled(request); showReqBut->setEnabled(request); reqSubChange->setEnabled(request); switchHashAlgo(); } void NewX509::on_reqSubChange_clicked() { if (reqSubChange->isChecked()) { pki_x509req *req = getSelectedReq(); description->setText(req->getIntName()); setX509name(req->getSubject()); usedKeysToo->setEnabled(false); keyList->setEnabled(false); genKeyBut->setEnabled(false); } on_fromReqCB_clicked(); } void NewX509::on_keyList_currentIndexChanged(int) { switchHashAlgo(); } void NewX509::on_reqList_currentIndexChanged(int) { switchHashAlgo(); } void NewX509::switchHashAlgo() { pki_key *key; pki_x509super *sig; if (foreignSignRB->isChecked()) sig = getSelectedSigner(); else if (fromReqCB->isChecked()) sig = getSelectedReq(); else sig = NULL; key = sig ? sig->getRefKey() : getSelectedKey(); if (key) hashAlgo->setupHashes(key->possibleHashNids()); else hashAlgo->setupAllHashes(); } void NewX509::on_showReqBut_clicked() { CertDetail::showCert(this, reqList->currentPkiItem()); } QList NewX509::getAllRequests() const { db_x509req *db = Database.model(); return db ? db->getAllRequests() : QList(); } QList NewX509::getAllIssuers() const { db_x509 *db = Database.model(); return db ? db->getAllIssuers() : QList(); } QList NewX509::getAllTempsAndPredefs() const { db_temp *db = Database.model(); return db ? db->getPredefs() + Store.getAll() : QList(); } QList NewX509::getAllKeys() const { db_key *db = Database.model(); return db ? db->getAllKeys() : QList(); } QList NewX509::getUnusedKeys() const { db_key *db = Database.model(); return db ? db->getUnusedKeys() : QList(); } void NewX509::itemChanged(pki_base* req) { reqList->insertPkiItems(getAllRequests()); reqList->setCurrentPkiItem(dynamic_cast(req)); } void NewX509::on_genKeyBut_clicked() { if (!Database.isOpen()) return; QString name = description->text(); if (name.isEmpty()) name = getX509name().getMostPopular(); NewKey *dlg = new NewKey(this, name); if (dlg->exec()) { db_key *keys = Database.model(); keys->newKey(dlg->getKeyJob(), dlg->keyDesc->text()); } delete dlg; } void NewX509::on_certList_currentIndexChanged(int) { a1time snb, sna; pki_x509 *cert = getSelectedSigner(); switchHashAlgo(); if (!cert) return; pki_temp *templ = caTemplate(cert); snb = cert->getNotBefore(); sna = cert->getNotAfter(); if (snb > notBefore->getDate()) notBefore->setDate(snb); if (sna < notAfter->getDate()) notAfter->setDate(sna); if (templ) templateChanged(templ); } void NewX509::templateChanged(QString tempname) { int index; if (!tempList->isEnabled()) return; if ((index = tempList->findText(tempname)) <0) return; tempList->setCurrentIndex(index); } void NewX509::templateChanged(pki_temp *templ) { tempList->setCurrentPkiItem(templ); } pki_temp *NewX509::currentTemplate() { if (!tempList->isEnabled()) return NULL; return tempList->currentPkiItem(); } void NewX509::selfComment(QString msg) { comment->setPlainText(appendXcaComment(comment->toPlainText(), msg)); } void NewX509::on_applyTemplate_clicked() { pki_temp *t = currentTemplate(); if (!t) return; fromTemplate(t); selfComment(tr("Template '%1' applied").arg(t->comboText())); } void NewX509::on_applySubject_clicked() { pki_temp *t = currentTemplate(); subjectFromTemplate(t); selfComment(tr("Subject applied from template '%1'") .arg(t->comboText())); } void NewX509::on_applyExtensions_clicked() { pki_temp *t = currentTemplate(); extensionsFromTemplate(t); selfComment(tr("Extensions applied from template '%1'") .arg(t->comboText())); } void NewX509::on_foreignSignRB_toggled(bool) { switchHashAlgo(); } void NewX509::newKeyDone(pki_key *nkey) { allKeys = getAllKeys(); unusedKeys = getUnusedKeys(); on_usedKeysToo_toggled(true); if (nkey) { selfComment(tr("New key '%1' created") .arg(nkey->comboText())); keyList->setCurrentPkiItem(nkey); } else { keyList->setCurrentIndex(0); } } void NewX509::on_usedKeysToo_toggled(bool) { pki_key *cur = keyList->currentPkiItem(); keyList->clear(); keyList->insertPkiItems(usedKeysToo->isChecked() ? allKeys : unusedKeys); keyList->setCurrentPkiItem(cur); } pki_key *NewX509::getSelectedKey() { return keyList->currentPkiItem(); } pki_x509 *NewX509::getSelectedSigner() { return certList->currentPkiItem(); } pki_x509req *NewX509::getSelectedReq() { return reqList->currentPkiItem(); } x509name NewX509::getX509name(int _throw) { x509name x; int j, row, nid; if (fromReqCB->isChecked() && !reqSubChange->isChecked()) return getSelectedReq()->getSubject(); try { foreach(nameEdit ne, nameEdits) { x.addEntryByNid(ne.nid, ne.edit->text()); } row = extDNlist->rowCount(); for (j=0; jgetRow(j); nid = OBJ_txt2nid(CCHAR(l[0])); x.addEntryByNid(nid, l[1]); } } catch (errorEx &err) { if (!err.isEmpty()) { if (_throw) throw err; else XCA_WARN(err.getString()); } } return x; } void NewX509::setX509name(const x509name &n) { extDNlist->deleteAllRows(); foreach(nameEdit ne, nameEdits) { ne.edit->setText(""); } if (Settings["adapt_explicit_subj"]) { NIDlist mydn; for (int i=0; i< n.entryCount(); i++) mydn << n.nid(i); setupExplicitDN(mydn); } for (int i=0, j=0; i< n.entryCount(); i++) { int nid = n.nid(i); bool done = false; QStringList sl = n.entryList(i); for ( ; j < nameEdits.size(); j++) { nameEdit ne(nameEdits[j]); if (nid == ne.nid && ne.edit->text().isEmpty()) { ne.edit->setText(sl[2]); done = true; break; } } if (!done) { extDNlist->addRow(sl.mid(1, 2)); } } } void NewX509::on_applyTime_clicked() { notAfter->setDiff(notBefore, validN->text().toInt(), validRange->currentIndex()); } void NewX509::setupTmpCtx() { pki_x509 *signcert; pki_x509req *req = NULL; pki_key *key = NULL; a1int serial(1); QString errtxt; // initially create temporary ctx cert delete ctx_cert; ctx_cert = new pki_x509(); ctx_cert->setSubject(getX509name()); if (fromReqCB->isChecked()) { req = getSelectedReq(); if (req) key = req->getRefKey(); } else { key = getSelectedKey(); } if (key) ctx_cert->setPubKey(key); // Step 2 - select Signing if (foreignSignRB->isChecked()) { signcert = getSelectedSigner(); ctx_cert->setIssuer(signcert->getSubject()); } else { signcert = ctx_cert; ctx_cert->setIssuer(ctx_cert->getSubject()); } ctx_cert->setSerial(serial); ctx_cert->setNotBefore(notBefore->getDate()); ctx_cert->setNotAfter(notAfter->getDate()); initCtx(ctx_cert, signcert, req); } void NewX509::editV3ext(QLineEdit *le, QString types, int n) { v3ext *dlg; dlg = new v3ext(this); setupTmpCtx(); dlg->addInfo(le, types.split(','), n, &ext_ctx); dlg->exec(); delete dlg; } void NewX509::on_adv_validate_clicked() { if (!nconf_data->isReadOnly()) { /* switch from edit to display mode */ do_validateExtensions(); } else { /* switch back to edit mode */ undo_validateExtensions(); } } void NewX509::checkIcon(const QString &text, int nid, QLabel *img) { x509v3ext ext; if (text.isEmpty()) { img->clear(); return; } setupTmpCtx(); ign_openssl_error(); switch (nid) { case NID_name_constraints: ext = getNameConstraints(); break; case NID_subject_alt_name: ext = getSubAltName(); break; case NID_issuer_alt_name: ext = getIssAltName(); break; case NID_crl_distribution_points: ext = getCrlDist(); break; case NID_info_access: ext = getAuthInfAcc(); break; } img->setPixmap(ext.isValid() ? QPixmap(":doneIco") : QPixmap(":warnIco")); } void NewX509::checkNameConstraints(const QString & text) { checkIcon(text, NID_name_constraints, nameConsIco); } void NewX509::checkSubAltName(const QString & text) { checkIcon(text, NID_subject_alt_name, subAltIco); } void NewX509::checkIssAltName(const QString & text) { checkIcon(text, NID_issuer_alt_name, issAltIco); } void NewX509::checkCrlDist(const QString & text) { checkIcon(text, NID_crl_distribution_points, crlDistIco); } void NewX509::checkAuthInfAcc(const QString & text) { checkIcon(text, NID_info_access, authInfAccIco); } enum NewX509::extension_error NewX509::do_validateExtensions() { QString result; extension_error ret; if (!nconf_data->isReadOnly()) { v3ext_backup = nconf_data->toPlainText(); } ret = validateExtensions(result); nconf_data->document()->setHtml(result); nconf_data->setReadOnly(true); adv_validate->setText(tr("Edit")); return ret; } void NewX509::undo_validateExtensions() { if (nconf_data->isReadOnly()) { nconf_data->document()->setPlainText(v3ext_backup); } nconf_data->setReadOnly(false); adv_validate->setText(tr("Validate")); } enum NewX509::extension_error NewX509::validateExtensions(QString &result) { enum extension_error ee = ee_none; QStringList errors; extList el, el_all, req_el; ign_openssl_error(); setupTmpCtx(); try { el = getGuiExt(); if (!Settings["disable_netscape"]) el += getNetscapeExt(); el.delInvalid(); } catch (errorEx &err) { errors += err.getString(); el.clear(); } if (el.size() > 0) { result += "

    "; result += tr("Other Tabs") + "

    \n"; result += el.getHtml("
    "); } setupTmpCtx(); el_all += el; try { el = getAdvanced(); } catch (errorEx &err) { errors += err.getString(); el.clear(); } el_all += el; if (el.size() > 0) { if (!result.isEmpty()) result += "\n

    \n"; result += "

    "; result += tr("Advanced Tab") + "

    \n"; result += el.getHtml("
    "); } if (errors.size()) { if (!result.isEmpty()) result += "\n

    \n"; result += "

    "; result += tr("Errors") + "

    • \n"; result += errors.join("
    • \n"); result += "
    "; ee = ee_invaldup; } el.clear(); setupTmpCtx(); if (fromReqCB->isChecked() && copyReqExtCB->isChecked()) { req_el = getSelectedReq()->getV3ext(); for (int i=0; iaddV3ext(req_el[i], true)) el += req_el[i]; } } el_all += el; if (el.size() > 0) { if (!result.isEmpty()) result += "\n
    \n"; result += "

    "; result += tr("From PKCS#10 request") +"

    \n"; result += el.getHtml("
    "); } el = getExtDuplicates(el_all); if (el.size() > 0) { QString errtxt; ee = ee_invaldup; errtxt = QString("

    " "%1: %2:" "

      \n") .arg(tr("Error")).arg(tr("duplicate extensions")); for(int i = 0; i< el.size(); i++) { errtxt += "
    • " +el[i].getObject() +"
      • \n"; } errtxt += "
    \n
    \n"; result = errtxt + result; } QString lineext; if (!nameCons->text().isEmpty() && !getNameConstraints().isValid()) lineext += tr("The Name Constraints are invalid") + "
    \n"; if (!subAltName->text().isEmpty() && !getSubAltName().isValid()) lineext += tr("The Subject Alternative Name is invalid") + "
    \n"; if (!issAltName->text().isEmpty() && !getIssAltName().isValid()) lineext += tr("The Issuer Alternative Name is invalid") + "
    \n"; if (!crlDist->text().isEmpty() && !getCrlDist().isValid()) lineext += tr("The CRL Distribution Point is invalid") + "
    \n"; if (!authInfAcc->text().isEmpty() && !getAuthInfAcc().isValid()) lineext += tr("The Authority Information Access is invalid") + "
    \n"; if (!lineext.isEmpty()) { if (!result.isEmpty()) result += "\n
    \n"; result += lineext; ee = ee_inval; } if (ee == ee_none && el_all.size() == 0 && pt == x509) ee = ee_empty; ign_openssl_error(); return ee; } void NewX509::on_editNameCons_clicked() { QStringList permut; for (const QString &group : QStringList { "permitted", "excluded" }) { for(const QString &type : QStringList { "URI", "email", "RID", "DNS", "IP", "UPN", "othername" }) { permut << QString("%1;%2").arg(group).arg(type); } } editV3ext(nameCons, permut.join(","), NID_name_constraints); } void NewX509::on_editSubAlt_clicked() { QString s = "URI,email,RID,DNS,IP,UPN,otherName"; editV3ext(subAltName, s, NID_subject_alt_name); } void NewX509::on_editIssAlt_clicked() { QString s = "URI,email,RID,DNS,IP,UPN,otherName,issuer"; editV3ext(issAltName, s, NID_issuer_alt_name); } void NewX509::on_editCrlDist_clicked() { editV3ext(crlDist, "URI", NID_crl_distribution_points); } void NewX509::on_editAuthInfAcc_clicked() { QStringList permut, groups { "OCSP", "caIssuers" }, types{ "URI", "email", "RID", "DNS", "IP" }; foreach(QString group, groups) { foreach(QString type, types) { permut << QString("%1;%2").arg(group).arg(type); } } editV3ext(authInfAcc, permut.join(","), NID_info_access); } void NewX509::on_tabWidget_currentChanged(int tab) { QString tab_name = tabWidget->widget(tab)->objectName(); if (tab_name == tabnames[5]) do_validateExtensions(); buttonBox->setProperty("help_ctx", QVariant(tab_name)); } QString NewX509::mandatoryDnRemain() { QStringList remain, dnl = QString(Settings["mandatory_dn"]).split(","); x509name n; int i; if (QString(Settings["mandatory_dn"]).isEmpty()) return QString(); n = getX509name(); for (i=0; i< n.entryCount(); i++) { int j = dnl.indexOf(QString(OBJ_nid2sn(n.nid(i)))); if (j>=0) dnl.removeAt(j); } if (dnl.size() == 0) return QString(); foreach(QString x, dnl) remain << QString(OBJ_sn2ln(x.toLatin1())); return QString("'%1'").arg(remain.join("','")); } void NewX509::gotoTab(int tab) { for (int i=0; icount(); i++) { if (tabWidget->widget(i)->objectName() == tabnames[tab]) { tabWidget->setCurrentIndex(i); break; } } } enum pki_source NewX509::getPkiSource() const { return pkiSource; } void NewX509::accept() { x509name xn; on_tabWidget_currentChanged(0); try { xn = getX509name(1); } catch (errorEx &err) { gotoTab(1); xcaWarningBox msg(this, err.getString()); msg.addButton(QMessageBox::Ok); msg.addButton(QMessageBox::Close, tr("Abort rollout")); if (msg.exec() == QMessageBox::Close) { reject(); } return; } QString lenErr = xn.checkLength(); if (!lenErr.isEmpty()) { gotoTab(1); lenErr = tr("The following length restrictions of RFC3280 are violated:") + "\n" + lenErr; xcaWarningBox msg(this, lenErr); msg.addButton(QMessageBox::Ok, tr("Edit subject")); msg.addButton(QMessageBox::Close, tr("Abort rollout")); msg.addButton(QMessageBox::Apply, tr("Continue rollout")); switch (msg.exec()) { case QMessageBox::Ok: case QMessageBox::Cancel: return; case QMessageBox::Close: reject(); return; case QMessageBox::Apply: break; } } if (fromReqCB->isChecked() && !getSelectedReq()->verify()) { gotoTab(0); xcaWarningBox msg(this, tr("The verification of the Certificate request failed.\nThe rollout should be aborted.")); msg.addButton(QMessageBox::Ok, tr("Continue anyway")); msg.addButton(QMessageBox::Close, tr("Abort rollout")); if (msg.exec() == QMessageBox::Close) { reject(); } } if (description->text().isEmpty() && !fromReqCB->isChecked()) { QString cn = getX509name().getMostPopular(); if (cn.isEmpty()) { gotoTab(1); xcaWarningBox msg(this, tr("The internal name and the common name are empty.\nPlease set at least the internal name.")); msg.addButton(QMessageBox::Ok, tr("Edit name")); msg.addButton(QMessageBox::Close, tr("Abort rollout")); if (msg.exec() == QMessageBox::Close) { reject(); } return; } else { description->setText(cn); } } if (keyList->count() == 0 && keyList->isEnabled() && !fromReqCB->isChecked()) { gotoTab(1); xcaWarningBox msg(this, tr("There is no Key selected for signing.")); msg.addButton(QMessageBox::Ok, tr("Select key")); msg.addButton(QMessageBox::Close, tr("Abort rollout")); if (msg.exec() == QMessageBox::Close) { reject(); } return; } QString unsetDN; if (pt != tmpl) unsetDN = mandatoryDnRemain(); if (!unsetDN.isEmpty()) { gotoTab(1); QString text = tr("The following distinguished name entries are empty:\n%1\nthough you have declared them as mandatory in the options menu.").arg(unsetDN); xcaWarningBox msg(this, text); msg.addButton(QMessageBox::Ok, tr("Edit subject")); msg.addButton(QMessageBox::Close, tr("Abort rollout")); msg.addButton(QMessageBox::Apply, tr("Continue rollout")); switch (msg.exec()) { case QMessageBox::Ok: case QMessageBox::Cancel: return; case QMessageBox::Close: reject(); return; case QMessageBox::Apply: break; } } pki_key *signkey = NULL; pki_x509 *signer = NULL; if (foreignSignRB->isChecked()) { signer = getSelectedSigner(); if (signer) signkey = signer->getRefKey(); } else if (fromReqCB->isChecked()) { pki_x509req *req = getSelectedReq(); if (req) signkey = req->getRefKey(); } else { signkey = getSelectedKey(); } if ((!signkey || signkey->isPubKey()) && pt != tmpl) { QString txt; gotoTab(signer ? 0 : 1); xcaWarningBox msg(this, tr("The key you selected for signing is not a private one.")); txt = signer ? tr("Select other signer"):tr("Select other key"); msg.addButton(QMessageBox::Ok, txt); msg.addButton(QMessageBox::Close, tr("Abort rollout")); if (msg.exec() == QMessageBox::Close) { reject(); } return; } if (hashAlgo->count() > 0 && hashAlgo->current().isInsecure()) { gotoTab(0); xcaWarningBox msg(this, tr("The currently selected hash algorithm '%1' is insecure and should not be used.").arg(hashAlgo->current().name())); msg.addButton(QMessageBox::Ok, tr("Select other algorithm")); msg.addButton(QMessageBox::Yes, tr("Use algorithm anyway")); if (msg.exec() == QMessageBox::Ok) return; } if (signer && notBefore->getDate() < signer->getNotBefore()) { gotoTab(2); QString text = tr("The certificate will be earlier valid than the signer. This is probably not what you want."); xcaWarningBox msg(this, text); msg.addButton(QMessageBox::Ok, tr("Edit dates")); msg.addButton(QMessageBox::Close, tr("Abort rollout")); msg.addButton(QMessageBox::Apply, tr("Continue rollout")); msg.addButton(QMessageBox::Yes, tr("Adjust date and continue")); switch (msg.exec()) { case QMessageBox::Ok: case QMessageBox::Cancel: return; case QMessageBox::Close: reject(); return; case QMessageBox::Apply: break; case QMessageBox::Yes: notBefore->setDate(signer->getNotBefore()); } } if (signer && notAfter->getDate() > signer->getNotAfter() && !noWellDefinedExpDate->isChecked()) { gotoTab(2); QString text = tr("The certificate will be longer valid than the signer. This is probably not what you want."); xcaWarningBox msg(this, text); msg.addButton(QMessageBox::Ok, tr("Edit dates")); msg.addButton(QMessageBox::Close, tr("Abort rollout")); msg.addButton(QMessageBox::Apply, tr("Continue rollout")); msg.addButton(QMessageBox::Yes, tr("Adjust date and continue")); switch (msg.exec()) { case QMessageBox::Ok: case QMessageBox::Cancel: return; case QMessageBox::Close: reject(); return; case QMessageBox::Apply: break; case QMessageBox::Yes: notAfter->setDate(signer->getNotAfter()); } } if (validityBox->isEnabled() && notBefore->getDate() > notAfter->getDate()) { gotoTab(2); QString text = tr("The certificate will be out of date before it becomes valid. You most probably mixed up both dates."); xcaWarningBox msg(this, text); msg.addButton(QMessageBox::Ok, tr("Edit dates")); msg.addButton(QMessageBox::Close, tr("Abort rollout")); msg.addButton(QMessageBox::Apply, tr("Continue rollout")); switch (msg.exec()) { case QMessageBox::Ok: case QMessageBox::Cancel: return; case QMessageBox::Close: reject(); return; case QMessageBox::Apply: break; } } enum extension_error ee = do_validateExtensions(); if (ee != ee_none) { QString text; switch (ee) { case ee_invaldup: text = tr("The certificate contains invalid or duplicate extensions. Check the validation on the advanced tab."); gotoTab(5); break; case ee_empty: text = tr("The certificate contains no extensions. You may apply the extensions of one of the templates to define the purpose of the certificate."); gotoTab(0); break; case ee_inval: text = tr("The certificate contains invalid extensions."); gotoTab(2); break; case ee_none: break; } xcaWarningBox msg(this, text); msg.addButton(QMessageBox::Ok, tr("Edit extensions")); msg.addButton(QMessageBox::Close, tr("Abort rollout")); msg.addButton(QMessageBox::Apply, tr("Continue rollout")); switch (msg.exec()) { case QMessageBox::Ok: case QMessageBox::Cancel: return; case QMessageBox::Close: reject(); return; case QMessageBox::Apply: break; } } QString cn = xn.getEntryByNid(NID_commonName); QStringList san = subAltName->text().split(QRegularExpression(" *, *")); if (cn.isEmpty() && san.contains("DNS:copycn") && pt != tmpl) { gotoTab(2); xcaWarningBox msg(this, tr("The subject alternative name shall contain a copy of the common name. However, the common name is empty.")); msg.addButton(QMessageBox::Ok, tr("Edit extensions")); msg.addButton(QMessageBox::Close, tr("Abort rollout")); msg.addButton(QMessageBox::Apply, tr("Continue rollout")); switch (msg.exec()) { case QMessageBox::Ok: case QMessageBox::Cancel: return; case QMessageBox::Close: reject(); return; case QMessageBox::Apply: break; } } if (foreignSignRB->isChecked()) { setupTmpCtx(); // Update SAN and BC of ctx_cert getBasicConstraints(); getSubAltName(); for (pki_x509 *crt = getSelectedSigner(), *oldcrt = nullptr; crt && crt != oldcrt; oldcrt = crt, crt = crt->getSigner()) { int rc = ctx_cert->name_constraint_check(crt); qDebug() << ctx_cert->getIntName() << "Issuer" << crt->getIntName()<< get_ossl_verify_error(rc); if (rc == X509_V_OK) continue; gotoTab(2); xcaWarningBox msg(this, tr("A name constraint of the issuer '%1' is violated: %2") .arg(crt->getIntName()).arg(get_ossl_verify_error(rc))); msg.setInformativeText(crt->getExtByNid(NID_name_constraints).getValue()); msg.addButton(QMessageBox::Ok, tr("Edit extensions")); msg.addButton(QMessageBox::Close, tr("Abort rollout")); msg.addButton(QMessageBox::Apply, tr("Continue rollout")); switch (msg.exec()) { case QMessageBox::Ok: case QMessageBox::Cancel: return; case QMessageBox::Close: reject(); return; case QMessageBox::Apply: break; } } } XcaDetail::accept(); } void NewX509::showTemp(QWidget *parent, pki_temp *x) { if (!x) return; NewX509 *dlg = new NewX509(parent); dlg->setTemp(x); dlg->exec(); delete dlg; } xca-RELEASE.2.9.0/widgets/NewX509.h000066400000000000000000000114761477156507700163460ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2012 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __NEWX509_H #define __NEWX509_H #include "ui_NewX509.h" #include "lib/oid.h" #include "kvView.h" #include "XcaDetail.h" #include #include class MainWindow; class extList; class pki_temp; class pki_x509req; class pki_x509super; class pki_x509; class pki_key; class QPixmap; class QListbox; class x509name; class x509v3ext; class extList; class nameEdit { public: int nid{}; QLineEdit *edit{}; QLabel *label{}; nameEdit(int n, QLineEdit *e, QLabel *l) { nid = n; edit = e; label = l; } }; class NewX509: public XcaDetail, public Ui::NewX509 { Q_OBJECT private: NIDlist aia_nid{}; NIDlist attr_nid{}; QList attrEdits{}; QList nameEdits{}; X509V3_CTX ext_ctx{}; void editV3ext(QLineEdit *le, QString types, int n); enum pki_type pt{ none }; enum pki_source pkiSource{ generated }; enum extension_error { ee_none, ee_invaldup, ee_empty, ee_inval }; void templateChanged(QString templatename); QString mandatoryDnRemain(); QStringList tabnames{}; QList unusedKeys, allKeys{}; pki_x509 *ctx_cert{}; QString v3ext_backup{}; kvmodel *extDNmodel{}; extList getExtDuplicates(const extList &el); void checkIcon(const QString &text, int nid, QLabel*img); void selfComment(QString msg); QMap templateLineEdits{}; QMap templateCheckBoxes{}; pki_temp *caTemplate(pki_x509 *ca) const; void setupExplicitDN(NIDlist my_dn_nid); QList setupExplicitInputs(NIDlist nid_list, QWidget *parent, QWidget *old, int columns); protected: void updateNameComment(); public: NewX509(QWidget *w = nullptr); virtual ~NewX509(); void initCtx(); void setRequest(); // reduce to request form void setTemp(pki_temp *temp, bool create = false); // reduce to template form void setCert(); // reduce to certificate form void toTemplate(pki_temp *temp); void fromTemplate(pki_temp *temp); void defineTemplate(pki_temp *temp); void defineRequest(pki_x509req *req); void defineSigner(pki_x509 *defcert, bool applyTemp); void fromX509super(pki_x509super *cert_or_req, bool applyTemp); void templateChanged(pki_temp *templ); pki_key *getSelectedKey(); pki_x509 *getSelectedSigner(); pki_x509req *getSelectedReq(); x509name getX509name(int _throw = 0); void setX509name(const x509name &n); x509v3ext getBasicConstraints(); x509v3ext getSubKeyIdent(); x509v3ext getAuthKeyIdent(); x509v3ext getOCSPstaple(); x509v3ext getKeyUsage(); x509v3ext getEkeyUsage(); x509v3ext getNameConstraints(); x509v3ext getSubAltName(); x509v3ext getIssAltName(); x509v3ext getCrlDist(); x509v3ext getAuthInfAcc(); extList getGuiExt(); extList getNetscapeExt(); extList getAdvanced(); extList getAllExt(); void setupTmpCtx(); void initCtx(pki_x509 *subj, pki_x509 *iss, pki_x509req *req); void switchHashAlgo(); void setReqAttributes(pki_x509req *req); void getReqAttributes(pki_x509req *req); int checkExtDuplicates(); void subjectFromTemplate(pki_temp *temp); void extensionsFromTemplate(pki_temp *temp); pki_temp *currentTemplate(); void gotoTab(int tab); void setupLineEditByNid(int nid, QLineEdit *l); enum extension_error validateExtensions(QString &result); enum extension_error do_validateExtensions(); void undo_validateExtensions(); enum pki_source getPkiSource() const; QList getAllRequests() const; QList getAllIssuers() const; QList getAllTempsAndPredefs() const; QList getUnusedKeys() const; QList getAllKeys() const; static void showTemp(QWidget *parent, pki_temp *x); public slots: void on_fromReqCB_clicked(); void on_keyList_currentIndexChanged(int); void on_reqList_currentIndexChanged(int); void newKeyDone(pki_key *nkey); void on_applyTime_clicked(); void on_editNameCons_clicked(); void on_editSubAlt_clicked(); void on_editIssAlt_clicked(); void on_editCrlDist_clicked(); void on_editAuthInfAcc_clicked(); void on_foreignSignRB_toggled(bool checked); void on_genKeyBut_clicked(); void on_showReqBut_clicked(); void on_certList_currentIndexChanged(int index); void on_applyTemplate_clicked(); void on_applySubject_clicked(); void on_applyExtensions_clicked(); void on_adv_validate_clicked(); void on_usedKeysToo_toggled(bool checked); void on_tabWidget_currentChanged(int idx); void on_reqSubChange_clicked(); void accept(); void itemChanged(pki_base*); void setupExtDNwidget(const QString &s, QLineEdit *w); void checkNameConstraints(const QString & text); void checkSubAltName(const QString & text); void checkIssAltName(const QString & text); void checkCrlDist(const QString & text); void checkAuthInfAcc(const QString & text); }; #endif xca-RELEASE.2.9.0/widgets/NewX509_ext.cpp000066400000000000000000000151101477156507700175460ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "NewX509.h" #include #include #include #include #include #include #include "MainWindow.h" #include "lib/x509v3ext.h" #include "lib/BioByteArray.h" #include "lib/func.h" x509v3ext NewX509::getBasicConstraints() { QStringList cont; x509v3ext ext; QString ca[] = { "", "CA:TRUE", "CA:FALSE" }; if (basicCA->currentIndex() > 0) { if (bcCritical->isChecked()) cont << "critical"; cont << ca[basicCA->currentIndex()]; if (basicCA->currentIndex() == 1 && !basicPath->text().isEmpty()) { cont << QString("pathlen:") + QString::number(basicPath->text().toInt()); } ext.create(NID_basic_constraints, cont.join(", "), &ext_ctx); } return ext; } x509v3ext NewX509::getSubKeyIdent() { x509v3ext ext; if (subKey->isChecked()) ext.create(NID_subject_key_identifier, "hash", &ext_ctx); return ext; } x509v3ext NewX509::getOCSPstaple() { x509v3ext ext; if (OCSPstaple->isChecked()) ext.create(NID_tlsfeature, "status_request", &ext_ctx); return ext; } x509v3ext NewX509::getAuthKeyIdent() { x509v3ext ext; if (!authKey->isChecked() || !authKey->isEnabled() || selfSignRB->isChecked()) return ext; QString x = "keyid,issuer"; ext.create(NID_authority_key_identifier, x, &ext_ctx); return ext; } x509v3ext NewX509::getKeyUsage() { QString keyusage[] = { "digitalSignature", "nonRepudiation", "keyEncipherment", "dataEncipherment", "keyAgreement", "keyCertSign", "cRLSign", "encipherOnly", "decipherOnly" }; QStringList cont; int rows = keyUsage->count(); for (int i=0; iitem(i)->isSelected()) cont << keyusage[i]; } if (kuCritical->isChecked() && cont.count() > 0) cont.prepend("critical"); return x509v3ext(NID_key_usage, cont.join(", "), &ext_ctx); } x509v3ext NewX509::getEkeyUsage() { QStringList cont; int rows = ekeyUsage->count(); for (int i=0; iitem(i)->isSelected()) cont << QString(OBJ_nid2sn(extkeyuse_nid[i])); } if (ekuCritical->isChecked() && cont.count() > 0) cont.prepend("critical"); return x509v3ext(NID_ext_key_usage, cont.join(", "), &ext_ctx); } x509v3ext NewX509::getNameConstraints() { return x509v3ext(NID_name_constraints, nameCons->text(), &ext_ctx); } x509v3ext NewX509::getSubAltName() { QString s = subAltName->text(); if (pt == x509_req) { QStringList sn, sl = s.split(','); foreach (QString str, sl) { if (str != "email:copy") sn += str; } s = sn.join(","); } return x509v3ext(NID_subject_alt_name, s, &ext_ctx); } x509v3ext NewX509::getIssAltName() { QString s = issAltName->text(); if (pt == x509_req) { QStringList sn, sl = s.split(','); foreach (QString str, sl) { if (str != "issuer:copy") sn += str; } s = sn.join(","); } return x509v3ext(NID_issuer_alt_name, s, &ext_ctx); } x509v3ext NewX509::getCrlDist() { return x509v3ext(NID_crl_distribution_points, crlDist->text(), &ext_ctx); } x509v3ext NewX509::getAuthInfAcc() { return x509v3ext(NID_info_access, authInfAcc->text(), &ext_ctx); } extList NewX509::getAdvanced() { QString conf_str; CONF *conf; extList elist; long err_line=0; STACK_OF(X509_EXTENSION) **sk, *sk_tmp = NULL; const STACK_OF(X509_EXTENSION) *csk; const char *ext_name = "default"; int ret, start; if (nconf_data->isReadOnly()) { conf_str = v3ext_backup; } else { conf_str = nconf_data->toPlainText(); } if (conf_str.isEmpty()) return elist; conf = NCONF_new(NULL); ret = NCONF_load_bio(conf, BioByteArray(conf_str.toLatin1()).ro(), &err_line); if (ret != 1) { openssl_error_msg(tr("Configfile error on line %1\n"). arg(err_line)); return elist; } if (ext_ctx.subject_cert) { csk = X509_get0_extensions(ext_ctx.subject_cert); start = csk? sk_X509_EXTENSION_num(csk): 0; } else { sk = &sk_tmp; start = 0; } X509V3_set_nconf(&ext_ctx, conf); if (ext_ctx.subject_cert) { if (X509V3_EXT_add_nconf(conf, &ext_ctx, (char *) ext_name, ext_ctx.subject_cert)) openssl_error(); csk = X509_get0_extensions(ext_ctx.subject_cert); } else { if (X509V3_EXT_add_nconf_sk(conf, &ext_ctx, (char *)ext_name, sk)) openssl_error(); csk = *sk; } elist.setStack(csk, start); if (!ext_ctx.subject_cert) sk_X509_EXTENSION_pop_free(sk_tmp, X509_EXTENSION_free); X509V3_set_nconf(&ext_ctx, NULL); NCONF_free(conf); openssl_error(); return elist; } extList NewX509::getGuiExt() { extList ne; ne << getBasicConstraints(); ne << getSubKeyIdent(); ne << getAuthKeyIdent(); ne << getKeyUsage(); ne << getEkeyUsage(); ne << getNameConstraints(); ne << getSubAltName(); ne << getIssAltName(); ne << getCrlDist(); ne << getAuthInfAcc(); ne << getOCSPstaple(); openssl_error(); return ne; } extList NewX509::getAllExt() { extList ne; ne = getGuiExt(); ne += getAdvanced(); if (!Settings["disable_netscape"]) ne += getNetscapeExt(); ne.delInvalid(); return ne; } extList NewX509::getNetscapeExt() { QString certTypeList[] = { "client", "server", "email", "objsign", "sslCA", "emailCA", "objCA" }; QStringList cont; x509v3ext ext; extList el; int rows = nsCertType->count(); for (int i=0; iitem(i)->isSelected()) cont << certTypeList[i]; } el << x509v3ext(NID_netscape_cert_type, cont.join(", "), &ext_ctx); el << ext.create_ia5(NID_netscape_base_url, nsBaseUrl->text(), &ext_ctx); el << ext.create_ia5(NID_netscape_revocation_url, nsRevocationUrl->text(), &ext_ctx); el << ext.create_ia5(NID_netscape_ca_revocation_url, nsCARevocationUrl->text(), &ext_ctx); el << ext.create_ia5(NID_netscape_renewal_url, nsRenewalUrl->text(), &ext_ctx); el << ext.create_ia5(NID_netscape_ca_policy_url, nsCaPolicyUrl->text(), &ext_ctx); el << ext.create_ia5(NID_netscape_ssl_server_name, nsSslServerName->text(), &ext_ctx); el << ext.create_ia5(NID_netscape_comment, nsComment->text(), &ext_ctx); return el; } void NewX509::initCtx(pki_x509 *subj, pki_x509 *iss, pki_x509req *req) { X509 *s = NULL, *s1 = NULL; X509_REQ *r = NULL; if (subj) s1 = subj->getCert(); if (iss) s = iss->getCert(); if (req) r = req->getReq(); X509V3_set_ctx(&ext_ctx, s, s1, r, NULL, 0); } extList NewX509::getExtDuplicates(const extList &el) { int i, start, cnt, n1, n; x509v3ext e; extList el_dup; QString olist; cnt = el.size(); for (start=0; start < cnt; start++) { n1 = el[start].nid(); for (i = start+1; i #include "OidResolver.h" #include "lib/oid.h" #include "lib/base.h" #include "lib/func.h" #include "lib/exception.h" OidResolver::OidResolver(QWidget *parent) :QWidget(parent) { setupUi(this); setWindowTitle(XCA_TITLE); } void OidResolver::searchOid(QString s) { bool ok; int n; if (input->text() != s) // Avoid moving the cursor at end if unchanged. input->setText(s); s = s.trimmed(); n = s.toUInt(&ok); if (!ok) n = OBJ_txt2nid(CCHAR(s)); if (n == NID_undef) { const char *clash = oid_name_clash[s]; if (clash) n = OBJ_txt2nid(clash); } QString lo = s.toLower(); if (n == NID_undef && s != lo) n = OBJ_txt2nid(CCHAR(lo)); if (n == NID_undef && oid_lower_map.contains(lo)) n = oid_lower_map[lo]; ign_openssl_error(); if (n == NID_undef) { ln->clear(); sn->clear(); oid->clear(); nid->clear(); } else { const ASN1_OBJECT *a = OBJ_nid2obj(n); ln->setText(OBJ_nid2ln(n)); sn->setText(OBJ_nid2sn(n)); nid->setText(QString("%1").arg(n)); if (a) { try { oid->setText(OBJ_obj2QString(a, 1)); } catch (errorEx &) { oid->clear(); } } else { oid->clear(); } } ign_openssl_error(); show(); raise(); } xca-RELEASE.2.9.0/widgets/OidResolver.h000066400000000000000000000005321477156507700174530ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2015 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __OID_RESOLVER_H #define __OID_RESOLVER_H #include "ui_OidResolver.h" class OidResolver: public QWidget, public Ui::OidResolver { Q_OBJECT public: OidResolver(QWidget *w); public slots: void searchOid(QString s); }; #endif xca-RELEASE.2.9.0/widgets/OpenDb.cpp000066400000000000000000000067321477156507700167300ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2017 Christian Hohnstaedt. * * All rights reserved. */ #include #include #include #include #include "MainWindow.h" #include "OpenDb.h" #include "Help.h" #include "XcaWarning.h" #include "lib/base.h" #include "lib/dbhistory.h" DbMap OpenDb::databases { { "QPSQL", "PostgreSQL" }, { "QMYSQL", "MySQL / MariaDB" }, { "QODBC", "Open Database Connectivity (ODBC)" } }; void OpenDb::initDatabases() { QStringList list = QSqlDatabase::drivers(); qDebug() << "SQL Plugins:" << list.join(",");; foreach (QString driver, databases.keys()) { if (!list.contains(driver)) databases.take(driver); { QSqlDatabase db = QSqlDatabase::addDatabase(driver, driver + "_C"); if (!db.isValid()) { qDebug() << "Database" << driver << "is Invalid"; databases.take(driver); } } QSqlDatabase::removeDatabase(driver + "_C"); } qDebug() << "Valid Remote DB Drivers: " << databases.size() << "[" << databases.keys().join(",") << "]"; } bool OpenDb::hasSqLite() { return QSqlDatabase::isDriverAvailable("QSQLITE"); } void OpenDb::driver_selected() { if (getDbType() == "QODBC") dbName_label->setText("DSN"); else dbName_label->setText(tr("Database name")); } bool OpenDb::hasRemoteDrivers() { return databases.size() > 0; } void OpenDb::fillDbDropDown(const QString ¤t) { dbType->clear(); foreach(QString driver, databases.keys()) { dbType->insertItem(0, databases[driver], driver); if (driver == current) dbType->setCurrentIndex(0); } if (dbType->count() == 1) { dbType->setCurrentIndex(0); } } void OpenDb::setupDatabaseName(const QString &db) { if (!database_model::isRemoteDB(db)) return; DbMap remote_param = database_model::splitRemoteDbName(db); userName->setText(remote_param["user"]); hostName->setText(remote_param["host"]); dbName->setText(remote_param["dbname"]); prefix->setText(remote_param["prefix"]); fillDbDropDown(remote_param["type"]); } OpenDb::OpenDb(QWidget *parent, const QString &db) :QDialog(parent) { setupUi(this); setWindowTitle(XCA_TITLE); fillDbDropDown(QString()); if (database_model::isRemoteDB(db)) { setupDatabaseName(db); sqlite = false; show_connection_settings = true; } else if (hasSqLite() && !db.isEmpty()) { dbName->setText(db); sqlite = true; show_connection_settings = false; } else { sqlite = false; show_connection_settings = true; } driver_selected(); connect(dbType, SIGNAL(currentIndexChanged(int)), this, SLOT(driver_selected())); mainwin->helpdlg->register_ctxhelp_button(this, "remote_db"); } QString OpenDb::getDbType() const { return sqlite ? hasSqLite() ? QString("QSQLITE") : QString("") : dbType->itemData(dbType->currentIndex()).toString(); } void OpenDb::checkSqLite() { if (hasSqLite()) return; XCA_WARN(tr("No SqLite3 driver available. Please install the qt-sqlite package of your distribution")); } QString OpenDb::getDescriptor() const { QString pref = prefix->text(); if (!pref.isEmpty()) pref = QString("#%1").arg(pref.toLower()); return sqlite ? dbName->text() : QString("%1@%2/%3:%4%5") .arg(userName->text()) .arg(hostName->text()) .arg(getDbType()) .arg(dbName->text()) .arg(pref); } int OpenDb::exec() { if (!hasSqLite() && !hasRemoteDrivers()) return 0; if (!show_connection_settings) return 1; setupDatabaseName(dbhistory::getLastRemote()); bool ret = QDialog::exec(); if (ret && !sqlite) dbhistory::setLastRemote(getDescriptor()); return ret; } xca-RELEASE.2.9.0/widgets/OpenDb.h000066400000000000000000000015141477156507700163660ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2017 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __OPENDB_H #define __OPENDB_H #include "lib/database_model.h" #include "ui_OpenDb.h" #include #include class OpenDb: public QDialog, public Ui::OpenDb { Q_OBJECT private: static DbMap databases; static QString lastRemote; bool sqlite{}, show_connection_settings{}; void setupDatabaseName(const QString &db); QString getDbType() const; void fillDbDropDown(const QString ¤t); public: static void initDatabases(); OpenDb(QWidget *parent, const QString &db); QString getDescriptor() const; static bool hasSqLite(); static void checkSqLite(); static bool hasRemoteDrivers(); static void setLastRemote(const QString &db); public slots: int exec(); void driver_selected(); }; #endif xca-RELEASE.2.9.0/widgets/Options.cpp000066400000000000000000000126021477156507700172050ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2012 Christian Hohnstaedt. * * All rights reserved. */ #include "lib/func.h" #include "lib/load_obj.h" #include "Options.h" #include "SearchPkcs11.h" #include "XcaWarning.h" #include "Help.h" #include "lib/pki_scard.h" #include "lib/oid.h" #include #include #include #include Options::Options(QWidget *parent) :QDialog(parent) { setWindowTitle(XCA_TITLE); setupUi(this); mainwin->helpdlg->register_ctxhelp_button(this, "options"); foreach(int nid, distname_nid) { QString n = OBJ_nid2ln(nid); extDNobj->addItem(n); expDNobj->addItem(n); } string_opts << "MASK:0x2002" << "pkix" << "nombstr" << "utf8only" << "default"; QStringList s; s << tr("Printable string or UTF8 (default)") << tr("PKIX recommendation in RFC2459") << tr("No BMP strings, only printable and T61") << tr("UTF8 strings only (RFC2459)") << tr("All strings"); mbstring->addItems(s); mbstring->setCurrentIndex(string_opts.indexOf( QString(Settings["string_opt"]))); transDnEntries->setText(transDnEntries->text() .arg(OBJ_nid2ln(NID_commonName)) .arg(dn_translations[NID_commonName])); setDnString(Settings["mandatory_dn"], extDNlist); setDnString(Settings["explicit_dn"], expDNlist); suppress->setCheckState(Settings["suppress_messages"]); noColorize->setCheckState(Settings["no_expire_colors"]); transDnEntries->setCheckState(Settings["translate_dn"]); onlyTokenHashes->setCheckState(Settings["only_token_hashes"]); disableNetscape->setCheckState(Settings["disable_netscape"]); adapt_explicit_subj->setCheckState(Settings["adapt_explicit_subj"]); QStringList units; QString x = Settings["ical_expiry"]; units << tr("Days") << "D" << tr("Weeks") << "W"; ical_expiry_unit->addItemsData(units, x.right(1)); x.chop(1); ical_expiry_num->setText(x); units << "%" << "%"; x = QString(Settings["cert_expiry"]); cert_expiry_unit->addItemsData(units, x.right(1)); x.chop(1); cert_expiry_num->setText(x); serial_len->setValue(Settings["serial_len"]); pkcs11List->setModel(&pkcs11::libraries); pkcs11List->showDropIndicator(); pkcs11List->setSelectionMode(QAbstractItemView::ExtendedSelection); #ifdef APPSTORE_COMPLIANT onlyTokenHashes->hide(); tabWidget->removeTab(2); #endif } Options::~Options() { delete searchP11; } void Options::on_extDNadd_clicked() { extDNlist->addItem(extDNobj->currentText()); } void Options::on_extDNdel_clicked() { extDNlist->takeItem(extDNlist->currentRow()); } void Options::on_expDNadd_clicked() { expDNlist->addItem(expDNobj->currentText()); } void Options::on_expDNdel_clicked() { expDNlist->takeItem(expDNlist->currentRow()); } void Options::on_expDNdefault_clicked() { setDnString(Settings.defaults("explicit_dn"), expDNlist); } void Options::setDnString(QString dn, QListWidget *w) { QStringList dnl; if (!dn.isEmpty()) dnl = dn.split(","); w->clear(); for (int i=0; i < dnl.count(); i++) { int nid = OBJ_sn2nid(CCHAR(dnl[i])); w->addItem(OBJ_nid2ln(nid)); } } QString Options::getDnString(QListWidget *w) { QStringList dn; for (int j=0; jcount(); j++) { int nid = OBJ_ln2nid(CCHAR(w->item(j)->text())); dn << QString(OBJ_nid2sn(nid)); } return dn.join(","); } int Options::exec() { if (QDialog::exec() == QDialog::Rejected) return QDialog::Rejected; Transaction; if (!TransBegin()) return QDialog::Rejected; Settings["suppress_messages"] = suppress->checkState(); Settings["no_expire_colors"] = noColorize->checkState(); Settings["translate_dn"] = transDnEntries->checkState(); Settings["only_token_hashes"] = onlyTokenHashes->checkState(); Settings["disable_netscape"] = disableNetscape->checkState(); Settings["default_hash"] = hashAlgo->current().name(); Settings["pkcs12_enc_algo"] = pkcs12EncAlgo->current().name(); Settings["mandatory_dn"] = getDnString(extDNlist); Settings["explicit_dn"] = getDnString(expDNlist); Settings["string_opt"] = string_opts[mbstring->currentIndex()]; Settings["pkcs11path"] = pkcs11::libraries.getPkcs11Provider(); Settings["cert_expiry"] = cert_expiry_num->text() + cert_expiry_unit->currentItemData().toString(); Settings["ical_expiry"] = ical_expiry_num->text() + ical_expiry_unit->currentItemData().toString(); Settings["serial_len"] = serial_len->value(); Settings["adapt_explicit_subj"] = adapt_explicit_subj->checkState(); return TransCommit() ? QDialog::Accepted : QDialog::Rejected; } void Options::on_addButton_clicked(void) { load_pkcs11 l; QString fname; fname = QFileDialog::getOpenFileName(this, l.caption, getLibDir(), l.filter, nullptr, QFileDialog::DontResolveSymlinks); addLib(fname); } void Options::addLib(QString fname) { fname = QDir::cleanPath(fname); pkcs11_lib *l = pkcs11::libraries.add_lib(fname); if (searchP11 && l) QToolTip::showText(searchP11->mapToGlobal( QPoint(0,0)), l->driverInfo().trimmed()); } void Options::on_removeButton_clicked(void) { QList indexes; foreach(QModelIndex i, pkcs11List->selectionModel()->selectedIndexes()) indexes << i.row(); /* Delete from highest to lowest index */ std::sort(indexes.begin(), indexes.end(), std::greater()); foreach(int i, indexes) pkcs11List->model()->removeRow(i); } void Options::on_searchPkcs11_clicked(void) { if (!searchP11) { searchP11 = new SearchPkcs11(this, getLibDir()); connect(searchP11, SIGNAL(addLib(QString)), this, SLOT(addLib(QString))); } searchP11->show(); } xca-RELEASE.2.9.0/widgets/Options.h000066400000000000000000000015421477156507700166530ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 20012 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __OPTIONS_H #define __OPTIONS_H #include "ui_Options.h" #include #include "lib/base.h" #include "SearchPkcs11.h" #include "MainWindow.h" class Options: public QDialog, public Ui::Options { Q_OBJECT private: SearchPkcs11 *searchP11{}; QStringList string_opts{}; QString getDnString(QListWidget *w); void setDnString(QString dn, QListWidget *w); public: Options(QWidget *parent); ~Options(); int exec(); public slots: void on_extDNadd_clicked(); void on_extDNdel_clicked(); void on_expDNadd_clicked(); void on_expDNdel_clicked(); void on_expDNdefault_clicked(); void on_addButton_clicked(void); void on_removeButton_clicked(void); void on_searchPkcs11_clicked(void); void addLib(QString); }; #endif xca-RELEASE.2.9.0/widgets/PwDialog.cpp000066400000000000000000000047331477156507700172660ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "lib/func.h" #include "lib/base.h" #include "lib/Passwd.h" #include "lib/exception.h" #include "XcaWarning.h" #include "PwDialog.h" #include static int hex2bin(QString &x, Passwd *final) { bool ok = false; int len = x.length(); if (len % 2) return -1; len /= 2; final->clear(); for (int i=0; iappend((x.mid(i*2, 2).toInt(&ok, 16)) & 0xff); if (!ok) return -1; } return len; } enum open_result PwDialogUI::execute(pass_info *p, Passwd *passwd, bool write, bool abort) { PwDialog *dlg = new PwDialog(p, write); if (abort) dlg->addAbortButton(); enum open_result result = (enum open_result)dlg->exec(); *passwd = dlg->getPass(); delete dlg; if (result == pw_exit) throw pw_exit; return result; } PwDialog::PwDialog(pass_info *p, bool write) :QDialog(p->getWidget()), pi(p) { pi = p; setupUi(this); image->setPixmap(QPixmap(pi->getImage())); description->setText(pi->getDescription()); title->setText(pi->getType()); if (!pi->getTitle().isEmpty()) setWindowTitle(pi->getTitle()); else setWindowTitle(XCA_TITLE); if (pi->getType() != "PIN") takeHex->hide(); setRW(write); } void PwDialog::setRW(bool write) { wrDialog = write; if (write) { label->setText(pi->getType()); repeatLabel->setText(tr("Repeat %1").arg(pi->getType())); label->show(); passA->show(); } else { repeatLabel->setText(pi->getType()); label->hide(); passA->hide(); } } void PwDialog::accept() { if (wrDialog && (passA->text() != passB->text())) { XCA_WARN(tr("%1 mismatch").arg(pi->getType())); return; } QString pw = passB->text(); if (takeHex->isChecked()) { int ret = hex2bin(pw, &final); if (ret == -1) { XCA_WARN(tr("Hex password must only contain the characters '0' - '9' and 'a' - 'f' and it must consist of an even number of characters")); return; } } else { final = pw.toLatin1(); } QDialog::accept(); } void PwDialog::buttonPress(QAbstractButton *but) { qDebug() << "buttonBox->standardButton(but)" << buttonBox->buttonRole(but) << QDialogButtonBox::DestructiveRole; switch (buttonBox->buttonRole(but)) { case QDialogButtonBox::AcceptRole: accept(); break; case QDialogButtonBox::RejectRole: reject(); break; case QDialogButtonBox::ResetRole: done(pw_exit); break; default: break; } } void PwDialog::addAbortButton() { buttonBox->addButton(tr("Exit"), QDialogButtonBox::ResetRole); } xca-RELEASE.2.9.0/widgets/PwDialog.h000066400000000000000000000015151477156507700167260ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2011 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PWDIALOG_H #define __PWDIALOG_H #include "ui_PwDialog.h" #include "lib/PwDialogCore.h" #include "lib/pass_info.h" class PwDialog: public QDialog, public Ui::PwDialog { Q_OBJECT private: pass_info *pi{}; Passwd final{}; bool wrDialog{}; public: PwDialog(pass_info *p, bool write = false); Passwd getPass() { return final; } void addAbortButton(); void setRW(bool write); enum open_result execute(pass_info *p, Passwd *passwd, bool write = false, bool abort = false); public slots: void accept(); void buttonPress(QAbstractButton *but); }; class PwDialogUI: public PwDialogUI_i { enum open_result execute(pass_info *p, Passwd *passwd, bool write = false, bool abort = false); }; #endif xca-RELEASE.2.9.0/widgets/ReqTreeView.cpp000066400000000000000000000034211477156507700177530ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2015 Christian Hohnstaedt. * * All rights reserved. */ #include "lib/pki_x509req.h" #include "lib/load_obj.h" #include "ReqTreeView.h" #include "MainWindow.h" #include "ExportDialog.h" #include #include #include void ReqTreeView::fillContextMenu(QMenu *menu, QMenu *subExport, const QModelIndex &index, QModelIndexList indexes) { X509SuperTreeView::fillContextMenu(menu, subExport, index, indexes); pki_x509req *req = db_base::fromIndex(index); if (indexes.size() != 1 || !req) return; menu->addAction(tr("Sign"), this, SLOT(signReq())); if (req->getDone()) menu->addAction(tr("Unmark signed"), this, SLOT(unmarkSigned())); else menu->addAction(tr("Mark signed"), this, SLOT(markSigned())); if (transform) { transform->addAction(tr("Similar Request"), this, SLOT(toRequest())); } } void ReqTreeView::signReq() { pki_x509req *req = db_base::fromIndex(currentIndex()); db_x509 *certs = Database.model(); certs->newCert(req); } void ReqTreeView::toRequest() { pki_x509req *req = db_base::fromIndex(currentIndex()); if (basemodel) reqs()->newItem(NULL, req); } void ReqTreeView::markSigned() { if (basemodel) reqs()->setSigned(currentIndex(), true); } void ReqTreeView::unmarkSigned() { if (basemodel) reqs()->setSigned(currentIndex(), false); } void ReqTreeView::load(void) { load_req l; load_default(&l); } ExportDialog *ReqTreeView::exportDialog(const QModelIndexList &indexes) { return new ExportDialog(this, tr("Certificate request export"), tr("Certificate request ( *.pem *.der *.csr )"), indexes, QPixmap(":csrImg"), pki_export::select(x509_req, basemodel->exportFlags(indexes)), "csrexport"); } xca-RELEASE.2.9.0/widgets/ReqTreeView.h000066400000000000000000000013071477156507700174210ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2015 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __REQTREEVIEW_H #define __REQTREEVIEW_H #include "X509SuperTreeView.h" #include "lib/db_x509req.h" class ReqTreeView: public X509SuperTreeView { Q_OBJECT db_x509req *reqs() const { return dynamic_cast(basemodel); } public: ReqTreeView(QWidget *parent) : X509SuperTreeView(parent) { } void fillContextMenu(QMenu *menu, QMenu *subExport, const QModelIndex &index, QModelIndexList indexes); ExportDialog *exportDialog(const QModelIndexList &indexes); public slots: void toRequest(); void signReq(); void markSigned(); void unmarkSigned(); void load(); }; #endif xca-RELEASE.2.9.0/widgets/RevocationList.cpp000066400000000000000000000134341477156507700205230ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2015 Christian Hohnstaedt. * * All rights reserved. */ #include #include #include "RevocationList.h" #include "MainWindow.h" #include "NewCrl.h" #include "Help.h" #include "lib/asn1int.h" #include "lib/pki_x509.h" enum revCol { Cnumber, Cserial, Cdate, Creason, CiDate, Cmax }; class revListItem : public QTreeWidgetItem { public: revListItem(QTreeWidget *w) : QTreeWidgetItem(w) { }; bool operator < (const QTreeWidgetItem &other) const { int col = treeWidget()->sortColumn(); switch (col) { case Cserial: { return a1int(text(Cserial)) < a1int(other.text(Cserial)); } case Cnumber: return text(Cnumber).toLong() < other.text(Cnumber).toLong(); default: return QTreeWidgetItem::operator < (other); } } }; static void setup_revRevItem(QTreeWidgetItem *item, const x509rev &revit, const pki_x509 *iss) { pki_x509 *rev = iss ? iss->getBySerial(revit.getSerial()) : NULL; if (rev != NULL) { for (int i = 0; i < Cmax; i++) item->setToolTip(i, rev->getIntName()); } item->setText(Cserial, revit.getSerial()); item->setText(Cdate, revit.getDate().toSortable()); item->setText(Creason, revit.getReason()); item->setTextAlignment(Cnumber, Qt::AlignRight); item->setTextAlignment(Cserial, Qt::AlignRight); a1time a = revit.getInvalDate(); if (!a.isUndefined()) item->setText(CiDate, a.toSortable()); } static void addRevItem(QTreeWidget *certList, const x509rev &revit, int no, const pki_x509 *iss) { revListItem *current; current = new revListItem(certList); current->setText(Cnumber, QString("%1").arg(no)); setup_revRevItem(current, revit, iss); } void RevocationList::setupRevocationView(QTreeWidget *certList, const x509revList &revList, const pki_x509 *iss) { QStringList sl; int cols, i; certList->clear(); sl << tr("No.") << tr("Serial") << tr("Revocation") << tr("Reason") << tr("Invalidation"); cols = sl.size(); certList->setColumnCount(cols); certList->setHeaderLabels(sl); certList->setItemsExpandable(false); certList->setRootIsDecorated(false); certList->sortItems(Cnumber, Qt::AscendingOrder); i=1; foreach(x509rev revit, revList) { addRevItem(certList, revit, i++, iss); } for (i=0; iresizeColumnToContents(i); certList->setSortingEnabled(true); certList->setSelectionBehavior(QAbstractItemView::SelectRows); certList->setSelectionMode(QAbstractItemView::ExtendedSelection); } RevocationList::RevocationList(QWidget *w) : QDialog(w && w->isVisible() ? w : nullptr) { QPushButton *genCrl; setupUi(this); setWindowTitle(XCA_TITLE); image->setPixmap(QPixmap(":revImg")); mainwin->helpdlg->register_ctxhelp_button(this, "crlmanage"); genCrl = buttonBox->addButton(tr("Generate CRL"), QDialogButtonBox::ActionRole); connect(genCrl, SIGNAL(clicked()), this, SLOT(gencrl())); } void RevocationList::gencrl() { issuer->setRevocations(getRevList()); NewCrl::newCrl(this, issuer); } void RevocationList::setRevList(const x509revList &rl, pki_x509 *iss) { issuer = iss; revList = rl; setupRevocationView(certList, revList, issuer); } const x509revList &RevocationList::getRevList() { return revList; } void RevocationList::on_addRev_clicked() { Revocation *revoke = new Revocation(QModelIndexList(), this); if (revoke->exec()) { x509rev revit = revoke->getRevocation(); revList << revit; addRevItem(certList, revit, revList.size(), issuer); } } void RevocationList::on_delRev_clicked() { QTreeWidgetItem *current = certList->currentItem(); x509rev rev; int idx; if (!current) return; idx = certList->indexOfTopLevelItem(current); certList->takeTopLevelItem(idx); rev.setSerial(a1int(current->text(Cserial))); idx = revList.indexOf(rev); if (idx != -1) revList.takeAt(idx); } void RevocationList::on_editRev_clicked() { on_certList_itemDoubleClicked(certList->currentItem()); } void RevocationList::on_certList_itemDoubleClicked(QTreeWidgetItem *current) { x509rev rev; int idx; if (!current) return; rev.setSerial(a1int(current->text(Cserial))); idx = revList.indexOf(rev); if (idx == -1) return; rev = revList[idx]; Revocation *revoke = new Revocation(QModelIndexList(), this); revoke->setRevocation(rev); if (revoke->exec()) { a1time a1 = rev.getDate(); rev = revoke->getRevocation(); rev.setDate(a1); revList[idx] = rev; setup_revRevItem(current, rev, issuer); } delete revoke; } Revocation::Revocation(QModelIndexList indexes, QWidget *w) : QDialog(w ? w : mainwin) { setupUi(this); setWindowTitle(XCA_TITLE); mainwin->helpdlg->register_ctxhelp_button(this, "crlrevocation"); reason->addItems(x509rev::crlreasons()); invalid->setNow(); if (indexes.size() > 1) { QList serials; QStringList sl; serial->setText(QString("Batch revocation of %1 Certificates"). arg(indexes.size())); foreach(QModelIndex idx, indexes) { pki_x509 *cert = db_base::fromIndex(idx); if (cert) serials << cert->getSerial(); } std::sort(serials.begin(), serials.end()); foreach(a1int a, serials) sl << a; serial->setToolTip(sl.join("\n")); serial->setEnabled(false); } else if (indexes.size() == 1) { pki_x509 *cert = db_base::fromIndex(indexes[0]); serial->setText(cert->getSerial()); serial->setEnabled(false); } else { serial->setValidator( new QRegularExpressionValidator( QRegularExpression("[A-Fa-f0-9]+"), serial)); } } x509rev Revocation::getRevocation() { x509rev r; r.setSerial(a1int(serial->text())); r.setInvalDate(invalid->getDate()); r.setDate(a1time()); r.setCrlNo(0); r.setReason(reason->currentText()); return r; } void Revocation::setRevocation(x509rev r) { serial->setText(r.getSerial()); invalid->setDate(r.getInvalDate()); int i = reason->findText(r.getReason()); if (i == -1) i = 0; reason->setCurrentIndex(i); } xca-RELEASE.2.9.0/widgets/RevocationList.h000066400000000000000000000020301477156507700201560ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2015 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __REVOCATIONLIST_H #define __REVOCATIONLIST_H #include "ui_RevocationList.h" #include "ui_Revoke.h" #include "lib/x509rev.h" #include class pki_x509; class RevocationList: public QDialog, public Ui::RevocationList { Q_OBJECT private: x509revList revList{}; pki_x509 *issuer{}; public: static void setupRevocationView(QTreeWidget *certList, const x509revList &revList, const pki_x509 *iss); RevocationList(QWidget *w = nullptr); void setRevList(const x509revList &rl, pki_x509 *issuer); const x509revList &getRevList(); public slots: void on_addRev_clicked(); void on_delRev_clicked(); void on_editRev_clicked(); void gencrl(); void on_certList_itemDoubleClicked(QTreeWidgetItem *); }; class Revocation: public QDialog, public Ui::Revoke { Q_OBJECT public: Revocation(QModelIndexList indexes, QWidget *w = nullptr); x509rev getRevocation(); void setRevocation(x509rev r); }; #endif xca-RELEASE.2.9.0/widgets/SearchPkcs11.cpp000066400000000000000000000100041477156507700177340ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2011 Christian Hohnstaedt. * * All rights reserved. */ #include "SearchPkcs11.h" #include "lib/base.h" #include "lib/func.h" #include "lib/pkcs11_lib.h" #include #include #include #include #include #include #include SearchPkcs11::SearchPkcs11(QWidget *parent, const QString &fname) :QDialog(parent) { setupUi(this); filename->setText(nativeSeparator(fname)); setWindowTitle(XCA_TITLE); liblist->setSelectionMode(QAbstractItemView::ExtendedSelection); searching = NULL; } SearchPkcs11::~SearchPkcs11() { if (searching) search->click(); } void SearchPkcs11::on_fileBut_clicked() { QString s = QFileDialog::getExistingDirectory(this, QString(XCA_TITLE), filename->text(), QFileDialog::ShowDirsOnly | QFileDialog::DontResolveSymlinks); if (!s.isEmpty()) filename->setText(nativeSeparator(s)); } void SearchPkcs11::on_search_clicked() { if (searching) { return; } searching = new searchThread(filename->text(), getLibExtensions(), subdirs->isChecked()); liblist->clear(); connect(searching, SIGNAL(updateLibs(QString)), this, SLOT(updateLibs(QString))); connect(searching, SIGNAL(updateCurrFile(QString)), this, SLOT(updateCurrFile(QString))); connect(searching, SIGNAL(finished()), this, SLOT(finishSearch())); connect(search, SIGNAL(clicked()), searching, SLOT(cancelSearch())); search->setText("Cancel"); searching->start(); } void SearchPkcs11::finishSearch() { search->setText("Start"); currFile->setText(tr("The following files are possible PKCS#11 libraries")); if (!searching) return; searching->wait(1000); delete searching; searching = NULL; } void SearchPkcs11::buttonPress(QAbstractButton *but) { QList libitems; QListWidgetItem *lib; switch (buttonBox->standardButton(but)) { case QDialogButtonBox::Ok: accept(); break; default: case QDialogButtonBox::Cancel: reject(); break; case QDialogButtonBox::Open: libitems = liblist->selectedItems(); foreach(lib, libitems) loadItem(lib); break; } } void SearchPkcs11::loadItem(QListWidgetItem *lib) { emit addLib(lib->whatsThis()); delete lib; } void SearchPkcs11::updateCurrFile(QString f) { f = nativeSeparator(f); int len = f.length(); QString reduced = f; QFontMetrics fm(currFile->font()); currFile->setToolTip(f); #if (QT_VERSION >= QT_VERSION_CHECK(5, 11, 0)) while ((currFile->width() < (fm.horizontalAdvance(reduced) -10)) && #else while ((currFile->width() < (fm.width(reduced) -10)) && #endif (len > 0)) { len -= 10; reduced = compressFilename(f, len); } currFile->setText(reduced); currFile->update(); } void SearchPkcs11::updateLibs(QString f) { QListWidgetItem *i = new QListWidgetItem(nativeSeparator(f)); i->setWhatsThis(f); liblist->addItem(i); liblist->update(); } searchThread::searchThread(QString _dir, const QStringList _ext, bool _recursive) { dirname = _dir; ext = _ext; recursive = _recursive; keepOnRunning = true; } void searchThread::cancelSearch() { keepOnRunning = false; } bool searchThread::checkLib(QString file) { qint64 size; int r = -1; QFile qf(file); size = qf.size(); if (qf.open(QIODevice::ReadOnly)) { uchar *p = qf.map(0, size); r = QByteArray::fromRawData((char*)p, size) .indexOf("C_GetFunctionList"); qf.unmap(p); qf.close(); } return r != -1; } void searchThread::search(QString mydir) { QDir dir = QDir(mydir); QStringList files = dir.entryList( QStringList(ext), QDir::Files | QDir::Readable); while (!files.isEmpty() && keepOnRunning) { QString file = files.takeFirst(); if (file.isEmpty()) continue; file = mydir + "/" + file; emit updateCurrFile(file); if (checkLib(file)) emit updateLibs(file); } if (recursive && keepOnRunning) { QString d; QStringList dirs = dir.entryList(QStringList(), QDir::AllDirs | QDir::NoDotAndDotDot); foreach(d, dirs) { if (!keepOnRunning) break; QString s = mydir + "/" + d; emit updateCurrFile(s); search(s); } } } xca-RELEASE.2.9.0/widgets/SearchPkcs11.h000066400000000000000000000022531477156507700174100ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2011 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __SEARCHPKCS11DIALOG_H #define __SEARCHPKCS11DIALOG_H #include #include "ui_SearchPkcs11.h" class SearchPkcs11; class searchThread: public QThread { Q_OBJECT protected: QString dirname; QStringList ext; bool recursive; bool keepOnRunning; bool checkLib(QString file); public: searchThread(QString _dir, const QStringList _ext, bool _recursive); void search(QString mydir); void run() { search(dirname); } public slots: void cancelSearch(); signals: void updateCurrFile(QString f); void updateLibs(QString f); }; class SearchPkcs11: public QDialog, public Ui::SearchPkcs11 { Q_OBJECT protected: void searchDir(QString dirname, bool subdirs); searchThread *searching; public: SearchPkcs11(QWidget *parent, const QString &fname); ~SearchPkcs11(); public slots: void on_search_clicked(); void on_fileBut_clicked(); void buttonPress(QAbstractButton *but); void loadItem(QListWidgetItem *lib); void updateLibs(QString f); void updateCurrFile(QString f); void finishSearch(); signals: void addLib(QString); }; #endif xca-RELEASE.2.9.0/widgets/TempTreeView.cpp000066400000000000000000000052051477156507700201330ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2015 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #include "lib/pki_temp.h" #include "lib/load_obj.h" #include "TempTreeView.h" #include "ExportDialog.h" #include "NewX509.h" #include "XcaDialog.h" #include "MainWindow.h" #include #include #include void TempTreeView::fillContextMenu(QMenu *menu, QMenu *, const QModelIndex &, QModelIndexList indexes) { if (indexes.size() != 1) return; menu->addAction(tr("Duplicate"), this, SLOT(duplicateTemp())); menu->addAction(tr("Create certificate"), this, SLOT(certFromTemp())); menu->addAction(tr("Create request"), this, SLOT(reqFromTemp())); } void TempTreeView::duplicateTemp() { pki_temp *temp = db_base::fromIndex(currentIndex()); db_temp* db_temp = temps(); if (!temp || !basemodel || !db_temp) return; pki_temp *newtemp = new pki_temp(temp); newtemp->setIntName(newtemp->getIntName() + " " + tr("copy")); db_temp->insertPKI(newtemp); } void TempTreeView::certFromTemp() { pki_temp *temp = db_base::fromIndex(currentIndex()); if (temp) emit newCert(temp); } void TempTreeView::reqFromTemp() { pki_temp *temp = db_base::fromIndex(currentIndex()); if (temp) emit newReq(temp); } void TempTreeView::showPki(pki_base *pki) { alterTemp(dynamic_cast(pki)); } bool TempTreeView::runTempDlg(pki_temp *temp) { NewX509 *dlg = new NewX509(this); dlg->setTemp(temp, true); if (!dlg->exec()) { delete dlg; return false; } dlg->toTemplate(temp); delete dlg; return true; } void TempTreeView::newItem() { pki_temp *temp = NULL; QString type; if (!basemodel) return; itemComboTemp *ic = new itemComboTemp(NULL); ic->insertPkiItems(temps()->getPredefs()); XcaDialog *dlg = new XcaDialog(this, tmpl, ic, tr("Preset Template values"), QString()); if (dlg->exec()) { temp = new pki_temp(ic->currentPkiItem()); if (temp) { temp->pkiSource = generated; if (runTempDlg(temp)) { temp = dynamic_cast( temps()->insertPKI(temp)); temps()->createSuccess(temp); } else { delete temp; } } } delete dlg; } bool TempTreeView::alterTemp(pki_temp *temp) { if (!basemodel || !temp) return false; if (!runTempDlg(temp)) return false; temps()->alterTemp(temp); return true; } void TempTreeView::load() { load_temp l; load_default(&l); } ExportDialog *TempTreeView::exportDialog(const QModelIndexList &indexes) { return new ExportDialog(this, tr("Template export"), tr("XCA Templates ( *.xca )"), indexes, QPixmap(":tempImg"), pki_export::select(tmpl, basemodel->exportFlags(indexes))); } xca-RELEASE.2.9.0/widgets/TempTreeView.h000066400000000000000000000015321477156507700175770ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2006 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __TEMPTREEVIEW_H #define __TEMPTREEVIEW_H #include "XcaTreeView.h" #include "lib/db_temp.h" class TempTreeView: public XcaTreeView { Q_OBJECT db_temp *temps() const { return dynamic_cast(basemodel); } bool runTempDlg(pki_temp *temp); public: TempTreeView(QWidget *parent) : XcaTreeView(parent) { } void fillContextMenu(QMenu *menu, QMenu *subExport, const QModelIndex &index, QModelIndexList indexes); void showPki(pki_base *pki); bool alterTemp(pki_temp *temp); ExportDialog *exportDialog(const QModelIndexList &index); public slots: void certFromTemp(); void reqFromTemp(); void duplicateTemp(); void newItem(); void load(); signals: void newReq(pki_temp *); void newCert(pki_temp *); }; #endif xca-RELEASE.2.9.0/widgets/X509SuperTreeView.cpp000066400000000000000000000023201477156507700207050ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2015 Christian Hohnstaedt. * * All rights reserved. */ #include "lib/db_x509super.h" #include "lib/database_model.h" #include "X509SuperTreeView.h" #include "CertDetail.h" #include "MainWindow.h" #include #include #include #include void X509SuperTreeView::fillContextMenu(QMenu *menu, QMenu *, const QModelIndex &index, QModelIndexList indexes) { pki_x509super *x = dynamic_cast( db_base::fromIndex(index)); if (indexes.size() != 1 || !x) return; transform = menu->addMenu(tr("Transform")); transform->addAction(tr("Template"), this, SLOT(toTemplate())); transform->addAction(tr("Public key"), this, SLOT(extractPubkey()))->setEnabled(!x->getRefKey()); } void X509SuperTreeView::extractPubkey() { QModelIndex idx = currentIndex(); if (idx.isValid() && basemodel) x509super()->extractPubkey(idx); } void X509SuperTreeView::toTemplate() { QModelIndex idx = currentIndex(); if (idx.isValid() && basemodel) x509super()->toTemplate(idx); } void X509SuperTreeView::showPki(pki_base *pki) { pki_x509super *x = dynamic_cast(pki); CertDetail::showCert(this, x); } xca-RELEASE.2.9.0/widgets/X509SuperTreeView.h000066400000000000000000000012431477156507700203550ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2006 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __X509SUPERTREEVIEW_H #define __X509SUPERTREEVIEW_H #include "XcaTreeView.h" #include "lib/db_x509req.h" class X509SuperTreeView: public XcaTreeView { Q_OBJECT db_x509super *x509super() const { return dynamic_cast(basemodel); } protected: QMenu *transform{}; public: X509SuperTreeView(QWidget *parent) : XcaTreeView(parent) { } void fillContextMenu(QMenu *menu, QMenu *, const QModelIndex &index, QModelIndexList indexes); public slots: void showPki(pki_base *pki); void extractPubkey(); void toTemplate(); }; #endif xca-RELEASE.2.9.0/widgets/XcaApplication.cpp000066400000000000000000000103021477156507700204440ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #include "XcaApplication.h" #include "MainWindow.h" #include "XcaWarning.h" #include "lib/entropy.h" #include #include #include #include QFont XcaApplication::tableFont; QList XcaApplication::langAvail; void XcaApplication::setMainwin(MainWindow *m) { mainw = m; } bool XcaApplication::languageAvailable(const QLocale &l) { return langAvail.contains(l); } static QString defaultlang() { return getUserSettingsDir() + "/defaultlang"; } XcaApplication::XcaApplication(int &argc, char *argv[]) : QApplication(argc, argv) { QLocale lang; QFile file(defaultlang()); if (file.open(QIODevice::ReadOnly)) { lang = QLocale(QString(file.read(128))); } langAvail << QLocale::system(); langAvail << QLocale("en"); QDirIterator qmIt(getI18nDir(), QStringList() << "*.qm", QDir::Files); while (qmIt.hasNext()) { XcaTranslator t; qmIt.next(); QString language = qmIt.fileInfo().baseName().mid(4, -1); if (t.load(QLocale(language), "xca", getI18nDir())) langAvail << QLocale(language); } setupLanguage(lang); #ifdef Q_OS_MACOS QStringList libp = libraryPaths(); libp.prepend(applicationDirPath() + "/../Plugins"); setLibraryPaths(libp); #endif tableFont = QFont("Courier New", QApplication::font().pointSize() #if defined (Q_OS_WIN32) +1 #else +2 #endif ); installEventFilter(this); } #if QT_VERSION >= QT_VERSION_CHECK(6, 0, 0) #define QT_MAJOR "qt6" #else #define QT_MAJOR "qt5" #endif void XcaApplication::setupLanguage(const QLocale &lang) { if (qtTr) { removeTranslator(qtTr); delete qtTr; } qtTr = new XcaTranslator(); if (xcaTr) { removeTranslator(xcaTr); delete xcaTr; } xcaTr = new XcaTranslator(); const QStringList dirs = { #ifdef XCA_DEFAULT_QT_TRANSLATE XCA_DEFAULT_QT_TRANSLATE, #endif getI18nDir(), #ifndef WIN32 "/usr/local/share/" QT_MAJOR "/translations/", "/usr/share/" QT_MAJOR "/translations/" #endif }; for (const QString &dir : dirs) { qDebug() << "Search QT translations for:" << lang << "in" << lang; if (qtTr->load(lang, "qtbase", dir)) { qDebug() << "Found QT translations for:" << lang << "in" << lang; break; } } xcaTr->load(lang, "xca", getI18nDir()); QLocale::setDefault(lang); setLayoutDirection(lang.textDirection()); installTranslator(qtTr); installTranslator(xcaTr); if (mainw) mainw->initResolver(); } void XcaApplication::quit() { if (mainw) mainw->close(); } void XcaApplication::switchLanguage(QAction* a) { QLocale lang = a->data().toLocale(); setupLanguage(lang); QFile file(defaultlang()); if (lang == QLocale::system()) { file.remove(); return; } if (file.open(QIODevice::WriteOnly)) { file.write(lang.name().toUtf8()); } } bool XcaApplication::eventFilter(QObject *watched, QEvent *ev) { static int mctr; QMouseEvent *me; QStringList l; XcaTreeView *treeview; int key; switch (ev->type()) { case QEvent::FileOpen: l << static_cast(ev)->file(); mainw->openURLs(l); return true; case QEvent::MouseMove: case QEvent::NonClientAreaMouseMove: if (mctr++ > 8) { me = static_cast(ev); #if (QT_VERSION >= QT_VERSION_CHECK(6, 0, 0)) QPoint p = me->globalPosition().toPoint(); #else QPoint p = me->globalPos(); #endif Entropy::add(p.x()); Entropy::add(p.y()); mctr = 0; } break; case QEvent::KeyPress: key = static_cast(ev)->key(); if (key < 0x100) { Entropy::add(key); } break; case QEvent::MouseButtonPress: me = static_cast(ev); treeview = watched ? dynamic_cast(watched->parent()) : NULL; if ((watched == mainw || treeview) && me->button() == Qt::MiddleButton && QApplication::clipboard()->supportsSelection()) { mainw->pastePem(); return true; } break; default: break; } return false; } bool XcaApplication::notify(QObject* receiver, QEvent* event) { try { return QApplication::notify(receiver, event); } catch (errorEx &err) { XCA_ERROR(err); } catch (...) { qWarning() << QString("Event exception: ") << receiver << event; } return false; } XcaApplication::~XcaApplication() { delete xcaTr; delete qtTr; } xca-RELEASE.2.9.0/widgets/XcaApplication.h000066400000000000000000000021251477156507700201150ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __XCAAPPLICATION_H #define __XCAAPPLICATION_H #include #include #include class MainWindow; class QAction; class XcaTranslator : public QTranslator { Q_OBJECT public: XcaTranslator(QObject *p = NULL) : QTranslator(p) { } bool load(const QLocale &locale, const QString &filename, const QString &dir) { return QTranslator::load(locale, filename, "_", dir, ".qm"); } }; class XcaApplication : public QApplication { Q_OBJECT private: MainWindow *mainw{}; XcaTranslator *qtTr{}; XcaTranslator *xcaTr{}; static QList langAvail; public: XcaApplication(int &argc, char *argv[]); virtual ~XcaApplication(); void setMainwin(MainWindow *m); void setupLanguage(const QLocale &lang); static QFont tableFont; static bool languageAvailable(const QLocale &l); bool eventFilter(QObject *watched, QEvent *ev); bool notify(QObject* receiver, QEvent* event); public slots: void switchLanguage(QAction* a); void quit(); }; #endif xca-RELEASE.2.9.0/widgets/XcaDetail.cpp000066400000000000000000000046751477156507700174230ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2023 Christian Hohnstaedt. * * All rights reserved. */ #include #include #include #include #include #include "MainWindow.h" #include "XcaDetail.h" #include "Help.h" #include "ImportMulti.h" #include "lib/pki_base.h" #include "lib/database_model.h" XcaDetail::XcaDetail(QWidget *w) : QDialog(w && w->isVisible() ? w : nullptr) { importmulti = dynamic_cast(w); setWindowTitle(XCA_TITLE); Database.connectToDbChangeEvt(this, SLOT(itemChanged(pki_base*))); } void XcaDetail::init(const char *helpctx, const char *img) { mainwin->helpdlg->register_ctxhelp_button(this, helpctx); QLabel *image = findChild("image"); if (image) image->setPixmap(QPixmap(img)); } void XcaDetail::itemChanged(pki_base *) { } void XcaDetail::connect_pki(pki_base *p) { QDialogButtonBox *buttonBox = findChild("buttonBox"); pki = p; if (buttonBox && pki && pki->getSqlItemId() == QVariant()) { importbut = buttonBox->addButton(tr("Import"), QDialogButtonBox::ApplyRole); connect(importbut, SIGNAL(clicked(bool)), this, SLOT(import())); } QPushButton *but = buttonBox->button(QDialogButtonBox::Ok); if (but) connect(but, SIGNAL(clicked(bool)), this, SLOT(accept())); } void XcaDetail::updateNameComment() { if (!pki) return; QLineEdit *description = findChild("description"); if (description) pki->setIntName(description->text()); QTextEdit *comment = findChild("comment"); if (comment) pki->setComment(comment->toPlainText()); } void XcaDetail::import() { updateNameComment(); qDebug() << "ImportMulti" << importmulti; if (pki) pki = importmulti ? importmulti->import(pki) : Database.insert(pki); if (pki && !Settings["suppress_messages"]) XCA_INFO(pki->getMsg(pki_base::msg_import).arg(pki->getIntName())); QDialogButtonBox *buttonBox = findChild("buttonBox"); if (buttonBox && !pki && importbut) { buttonBox->removeButton(importbut); importbut = nullptr; QLineEdit *description = findChild("description"); if (description) description->setReadOnly(true); QTextEdit *comment = findChild("comment"); if (comment) comment->setReadOnly(true); } } void XcaDetail::accept() { db_base *db = Database.modelForPki(pki); updateNameComment(); if (pki && pki->getSqlItemId().isValid() && db) db->updateItem(pki); QDialog::accept(); } xca-RELEASE.2.9.0/widgets/XcaDetail.h000066400000000000000000000011131477156507700170500ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2023 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __XCADETAIL_H #define __XCADETAIL_H #include class pki_base; class ImportMulti; class XcaDetail: public QDialog { Q_OBJECT protected: pki_base *pki{}; ImportMulti *importmulti{}; QPushButton *importbut{}; virtual void updateNameComment(); public: XcaDetail(QWidget *w); void init(const char *help, const char *img); void connect_pki(pki_base *p); public slots: void accept(); void import(); virtual void itemChanged(pki_base*); }; #endif xca-RELEASE.2.9.0/widgets/XcaDialog.cpp000066400000000000000000000024611477156507700174070ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2015 Christian Hohnstaedt. * * All rights reserved. */ #include #include "XcaDialog.h" #include "MainWindow.h" #include "Help.h" // index = enum pki_type static const char * const PixmapMap[] = { "", ":keyImg", ":csrImg", ":certImg", ":revImg", ":tempImg", "", ":scardImg", }; XcaDialog::XcaDialog(QWidget *parent, enum pki_type type, QWidget *w, const QString &t, const QString &desc, const QString &help_ctx) : QDialog(parent ? parent : mainwin) { setupUi(this); setWindowTitle(XCA_TITLE); image->setPixmap(QPixmap(PixmapMap[type])); content->addWidget(w); mainwin->helpdlg->register_ctxhelp_button(this, help_ctx); widg = w; title->setText(t); if (desc.isEmpty()) { verticalLayout->removeWidget(description); delete description; } else { description->setText(desc); } } void XcaDialog::noSpacer() { verticalLayout->removeItem(topSpacer); verticalLayout->removeItem(bottomSpacer); delete topSpacer; delete bottomSpacer; if (widg) widg->setSizePolicy(QSizePolicy::Expanding, QSizePolicy::Expanding); } void XcaDialog::aboutDialog(const QPixmap &left) { title->setPixmap(left.scaledToHeight(title->height())); noSpacer(); resize(560, 400); buttonBox->setStandardButtons(QDialogButtonBox::Ok); buttonBox->centerButtons(); } xca-RELEASE.2.9.0/widgets/XcaDialog.h000066400000000000000000000010031477156507700170430ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2015 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __XCADIALOG_H__ #define __XCADIALOG_H__ #include #include "ui_XcaDialog.h" #include "lib/pki_base.h" class XcaDialog : public QDialog, public Ui::XcaDialog { QWidget *widg; public: XcaDialog(QWidget *parent, enum pki_type type, QWidget *w, const QString &t, const QString &desc, const QString &help_ctx = QString()); void noSpacer(); void aboutDialog(const QPixmap &left); }; #endif xca-RELEASE.2.9.0/widgets/XcaHeaderView.cpp000066400000000000000000000012221477156507700202250ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2015 Christian Hohnstaedt. * * All rights reserved. */ #include "XcaHeaderView.h" #include "XcaTreeView.h" #include XcaHeaderView::XcaHeaderView() :QHeaderView(Qt::Horizontal) { setSectionsMovable(true); } void XcaHeaderView::contextMenuEvent(QContextMenuEvent *e) { XcaTreeView *tv = static_cast(parentWidget()); if (tv) tv->headerEvent(e, logicalIndexAt(e->pos())); } void XcaHeaderView::resetMoves() { for (int i=0; i class XcaHeaderView: public QHeaderView { Q_OBJECT public: XcaHeaderView(); void contextMenuEvent(QContextMenuEvent *e); public slots: void resetMoves(); }; #endif xca-RELEASE.2.9.0/widgets/XcaProgressGui.h000066400000000000000000000017751477156507700201350ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2018 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __XCAPROGRESSGUI_H #define __XCAPROGRESSGUI_H #include "lib/base.h" #include "lib/XcaProgress.h" #include #include #include class XcaProgressGui : public XcaProgress_i { private: QMainWindow *mwin{}; QProgressBar *bar{}; public: XcaProgressGui() = delete; XcaProgressGui(QMainWindow *m) : XcaProgress_i(), mwin(m) { bar = new QProgressBar(); bar->setMinimum(0); bar->setTextVisible(true); } void start(const QString &what, int max) { bar->setValue(0); bar->setMaximum(max); bar->setFormat(what); mwin->statusBar()->addPermanentWidget(bar, 1); bar->show(); mwin->repaint(); } void stop() { mwin->statusBar()->removeWidget(bar); } ~XcaProgressGui() { delete bar; } void increment() { int value = bar->value(); if (value == bar->maximum()) { bar->reset(); } else { bar->setValue(value +1); } } }; #endif xca-RELEASE.2.9.0/widgets/XcaProxyModel.cpp000066400000000000000000000040271477156507700203120ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2006 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #include "XcaProxyModel.h" #include "lib/db_base.h" bool XcaProxyModel::lessThan(const QModelIndex &left, const QModelIndex &right) const { db_base *db = dynamic_cast(sourceModel()); if (!db) return QSortFilterProxyModel::lessThan(left, right); dbheaderList headers = db->getAllHeaders(); if (left.column() < 0 || left.column() >= headers.size() || right.column() < 0 || right.column() >= headers.size()) { qDebug("BAD COLUMN: %d %d\n", left.column(), right.column()); return true; } dbheader *hd_left = headers[left.column()]; dbheader *hd_right = headers[right.column()]; if (hd_left->isNumeric() && hd_right->isNumeric()) { int diff; QString l = sourceModel()->data(left).toString(); QString r = sourceModel()->data(right).toString(); diff = l.size() - r.size(); if (diff<0) return true; else if (diff>0) return false; else return l < r; } if (hd_left->type == dbheader::hd_asn1time && hd_right->type == dbheader::hd_asn1time) { pki_base *l = db_base::fromIndex(left); pki_base *r = db_base::fromIndex(right); if (l && r) return l->column_a1time(hd_left) < r->column_a1time(hd_right); } return QSortFilterProxyModel::lessThan(left, right); } bool XcaProxyModel::filterAcceptsRow(int sourceRow, const QModelIndex &sourceParent) const { if (!sourceModel()) return false; QModelIndex idx = sourceModel()->index(sourceRow, 0, sourceParent); return sourceModel()->data(idx, Qt::UserRole).toBool(); } QVariant XcaProxyModel::data(const QModelIndex &index, int role) const { QModelIndex i; QString number; if (index.column() != 1) return QSortFilterProxyModel::data(index, role); /* Row number */ switch (role) { case Qt::EditRole: case Qt::DisplayRole: for (i = index; i.isValid(); i = i.parent()) number += QString(" %1").arg(i.row()+1); return QVariant(number); default: return QSortFilterProxyModel::data(index, role); } return QVariant(); } xca-RELEASE.2.9.0/widgets/XcaProxyModel.h000066400000000000000000000011451477156507700177550ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2006 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __XCAPROXYMODEL_H #define __XCAPROXYMODEL_H #include #include #include class XcaProxyModel: public QSortFilterProxyModel { Q_OBJECT public: XcaProxyModel(QWidget *parent = 0) :QSortFilterProxyModel(parent) { } bool lessThan(const QModelIndex &left, const QModelIndex &right) const; bool filterAcceptsRow(int sourceRow, const QModelIndex &sourceParent) const; QVariant data(const QModelIndex &index, int role) const; }; #endif xca-RELEASE.2.9.0/widgets/XcaTreeView.cpp000066400000000000000000000364571477156507700177560ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2006 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #include #include #include #include #include #include #include #include #include #include "OidResolver.h" #include "XcaHeaderView.h" #include "XcaTreeView.h" #include "XcaProxyModel.h" #include "MainWindow.h" #include "XcaWarning.h" #include "XcaDialog.h" #include "XcaApplication.h" #include "ExportDialog.h" #include "ImportMulti.h" #include "lib/load_obj.h" #include "lib/pass_info.h" #include "lib/PwDialogCore.h" #include "ui_ItemProperties.h" XcaTreeView::XcaTreeView(QWidget *parent) :QTreeView(parent) { setHeader(new XcaHeaderView()); setAlternatingRowColors(true); setSelectionMode(QAbstractItemView::ExtendedSelection); setEditTriggers(QAbstractItemView::EditKeyPressed); setRootIsDecorated(false); setUniformRowHeights(true); setDragEnabled(true); //setAnimated(true); proxy = new XcaProxyModel(this); proxy->setDynamicSortFilter(true); sortByColumn(0, Qt::AscendingOrder); connect(header(), SIGNAL(sectionHandleDoubleClicked(int)), this, SLOT(resizeColumnToContents(int))); connect(this, SIGNAL(doubleClicked(const QModelIndex &)), this, SLOT(doubleClick(const QModelIndex &))); header()->setSectionsClickable(true); throttle.setSingleShot(true); connect(&throttle, SIGNAL(timeout()), this, SLOT(columnsResize())); connect(&throttle, SIGNAL(timeout()), proxy, SLOT(invalidate())); setFocusPolicy(Qt::StrongFocus); setExpandsOnDoubleClick(false); setFont(XcaApplication::tableFont); } XcaTreeView::~XcaTreeView() { delete proxy; } void XcaTreeView::contextMenuEvent(QContextMenuEvent * e) { QModelIndex index; if (!basemodel) return; index = indexAt(e->pos()); showContextMenu(e, getIndex(index)); } void XcaTreeView::showHideSections() { if (!basemodel) return; int i, max = basemodel->columnCount(QModelIndex()); basemodel->colResizeStart(); for (i=0; icolumnHidden(i)) header()->hideSection(i); else header()->showSection(i); } basemodel->colResizeEnd(); columnsResize(); } void XcaTreeView::setMainwin(MainWindow *mw, QLineEdit *filter) { mainwin = mw; connect(filter, SIGNAL(textChanged(const QString &)), this, SLOT(setFilter(const QString&))); } void XcaTreeView::setModel(QAbstractItemModel *model) { QByteArray ba; header()->setStretchLastSection(false); setSortingEnabled(false); basemodel = dynamic_cast(model); proxy->setSourceModel(model); QTreeView::setModel(model ? proxy : nullptr); if (basemodel) { setRootIsDecorated(basemodel->treeViewMode()); connect(basemodel, SIGNAL(resetHeader()), header(), SLOT(resetMoves())); connect(basemodel, SIGNAL(resetHeader()), this, SLOT(columnsResize())); connect(header(), SIGNAL(sectionMoved(int,int,int)), this, SLOT(sectionMoved(int,int,int))); connect(header(), SIGNAL(sectionResized(int,int,int)), basemodel, SLOT(sectionResized(int,int,int))); connect(header(), SIGNAL(sortIndicatorChanged(int,Qt::SortOrder)), basemodel, SLOT(sortIndicatorChanged(int,Qt::SortOrder))); connect(basemodel, SIGNAL(columnsContentChanged()), this, SLOT(columnsChanged())); connect(selectionModel(), SIGNAL(currentChanged(const QModelIndex &, const QModelIndex &)), this, SLOT(itemSelectionChanged(const QModelIndex &, const QModelIndex &))); basemodel->initHeaderView(header()); setSortingEnabled(true); header()->setStretchLastSection(true); } showHideSections(); } void XcaTreeView::headerEvent(QContextMenuEvent *e, int col) { contextMenu(e, NULL, col); } QModelIndex XcaTreeView::getIndex(const QModelIndex &index) { return proxy->mapToSource(index); } QModelIndex XcaTreeView::getProxyIndex(const QModelIndex &index) { return proxy->mapFromSource(index); } void XcaTreeView::itemSelectionChanged(const QModelIndex &m, const QModelIndex &) { QModelIndex index = getIndex(m); QVariant v; qDebug() << "selectionChanged()" << index.isValid() << index.row() << index.column(); if (m.isValid()) { pki_base *pki = db_base::fromIndex(index); if (pki) v = pki->getSqlItemId(); } if (basemodel) basemodel->setSelected(v); } QModelIndexList XcaTreeView::getSelectedIndexes() { QModelIndexList list; QItemSelection indexes = selectionModel()->selection(); list = proxy->mapSelectionToSource(indexes).indexes(); /* Reduce list to column 0 items */ QModelIndexList::iterator it = list.begin(); while (it != list.end()) { if ((*it).column() != 0) it = list.erase(it); else ++it; } return list; } void XcaTreeView::columnsChanged() { throttle.start(200); } void XcaTreeView::columnsResize() { int cnt, i; if (!basemodel) return; cnt = basemodel->columnCount(QModelIndex()); basemodel->colResizeStart(); for (i=0; ifixedHeaderSize(i)) { resizeColumnToContents(i); } } basemodel->colResizeEnd(); } void XcaTreeView::sectionMoved(int, int, int) { int cnt = header()->count(); for (int i=0; isetVisualIndex(i, header()->visualIndex(i)); } } QModelIndex XcaTreeView::currentIndex() { QModelIndex idx = QTreeView::currentIndex(); idx = getIndex(idx); idx = basemodel->index(idx.row(), 0, idx.parent()); if (!idx.isValid()) { QModelIndexList l = getSelectedIndexes(); if (l.size() > 0) idx = l[0]; } return idx; } void XcaTreeView::editIdx() { edit(getProxyIndex(currentIndex())); } void XcaTreeView::setFilter(const QString &pattern) { pki_base::limitPattern = QRegularExpression(pattern, QRegularExpression::CaseInsensitiveOption); // Only to tell the model about the changed filter proxy->setFilterFixedString(pattern); } void XcaTreeView::deleteItems() { QModelIndex index; QModelIndexList indexes = getSelectedIndexes(); QStringList items; pki_base *pki = NULL; if (indexes.count() == 0 || !basemodel) return; foreach(index, indexes) { pki = db_base::fromIndex(index); if (pki) items << pki->getIntName(); } Transaction; if (!TransBegin()) return; if (!XCA_OKCANCEL(pki->getMsg(pki_base::msg_delete, items.size()).arg(items.join("', '")))) return; foreach(index, indexes) { basemodel->deletePKI(index); } TransCommit(); } void XcaTreeView::exportItems() { exportItems(getSelectedIndexes()); } void XcaTreeView::showItems() { QModelIndexList indexes = getSelectedIndexes(); foreach(QModelIndex index, indexes) showItem(index); } void XcaTreeView::newItem() { if (basemodel) basemodel->newItem(); } void XcaTreeView::load_default(load_base *load) { QString s; QStringList slist = QFileDialog::getOpenFileNames(NULL, load->caption, Settings["workingdir"], load->filter); if (!slist.count()) return; update_workingdir(slist[0]); ImportMulti *dlgi = new ImportMulti(NULL); foreach(s, slist) { pki_base *item = NULL; try { item = load->loadItem(s); dlgi->addItem(item); } catch (errorEx &err) { XCA_ERROR(err); delete item; } } dlgi->execute(); delete dlgi; } void XcaTreeView::doubleClick(const QModelIndex &m) { showItem(getIndex(m)); } void XcaTreeView::editComment() { pki_base *item = db_base::fromIndex(currentIndex()); if (!basemodel || !item) return; QWidget *w = new QWidget(nullptr); Ui::ItemProperties *prop = new Ui::ItemProperties(); prop->setupUi(w); prop->comment->setPlainText(item->getComment()); prop->name->setText(item->getIntName()); prop->source->setText(item->pki_source_name()); prop->insertionDate->setText(item->getInsertionDate().toPretty()); XcaDialog *d = new XcaDialog(this, item->getType(), w, tr("Item properties"), QString(), "itemproperties"); if (d->exec()) { item->setIntName(prop->name->text()); item->setComment(prop->comment->toPlainText()); basemodel->updateItem(item); } delete d; } void XcaTreeView::pem2clipboard() { if (basemodel) try { QString msg = basemodel->pem2QString(getSelectedIndexes()); QClipboard *cb = QApplication::clipboard(); if (cb->supportsSelection()) cb->setText(msg, QClipboard::Selection); cb->setText(msg); } catch (errorEx &err) { XCA_ERROR(err); } } void XcaTreeView::headerDetails() { if (curr_hd && curr_hd->id > 0 && mainwin) mainwin->getResolver()->searchOid(QString::number(curr_hd->id)); } void XcaTreeView::columnRemove(void) { if (curr_hd->action) curr_hd->action->setChecked(false); } void XcaTreeView::showItem(const QModelIndex &index) { pki_base *pki = db_base::fromIndex(index); showItem(pki); } void XcaTreeView::showItem(const QString &name) { pki_base *pki = Store.lookupPki(name.toULongLong()); showItem(pki); } void XcaTreeView::showItem(pki_base *pki) { if (pki && pki->isVisible() == 1) showPki(pki); } static void addSubmenu(tipMenu *menu, tipMenu *sub) { if (sub->isEmpty()) delete sub; else menu->addMenu(sub); } void XcaTreeView::contextMenu(QContextMenuEvent *e, QMenu *parent, int col) { int shown = 0; tipMenu *menu, *dn, *v3ext, *current, *v3ns, *keyprop; QAction *a; dbheader *hd; dbheaderList allHeaders = basemodel->getAllHeaders(); menu = new tipMenu(QString(), mainwin); dn = new tipMenu(tr("Subject entries"), mainwin); v3ext = new tipMenu(tr("X509v3 Extensions"), mainwin); v3ns = new tipMenu(tr("Netscape extensions"), mainwin); keyprop = new tipMenu(tr("Key properties"), mainwin); menu->addAction(tr("Reset"), basemodel, SLOT(columnResetDefaults())); if (col >= 0 && col < allHeaders.size()) { curr_hd = allHeaders[col]; menu->addAction(tr("Hide Column"), this,SLOT(columnRemove())); if (curr_hd->id > 0) menu->addAction(tr("Details"), this, SLOT(headerDetails())); } menu->addSeparator(); foreach(hd, allHeaders) { switch (hd->type) { case dbheader::hd_x509name: current = dn; break; case dbheader::hd_v3ext: current = v3ext; break; case dbheader::hd_v3ext_ns: if (Settings["disable_netscape"]) continue; current = v3ns; break; case dbheader::hd_key: current = keyprop; break; default: current = menu; break; } a = current->addAction(hd->getName()); a->setCheckable(true); a->setChecked(hd->show); a->setToolTip(hd->getTooltip()); hd->action = a; } menu->addSeparator(); addSubmenu(menu, dn); addSubmenu(v3ext, v3ns); addSubmenu(menu, v3ext); addSubmenu(menu, keyprop); if (parent) { parent->addSeparator(); parent->addMenu(menu)->setText(tr("Columns")); parent->exec(e->globalPos()); } else { menu->exec(e->globalPos()); } foreach(hd, allHeaders) { if (hd->action) hd->show = hd->action->isChecked(); shown += hd->show ? 1 : 0; hd->action = NULL; } if (!shown) allHeaders[0]->show = true; delete menu; delete parent; showHideSections(); } void XcaTreeView::changeView() { if (!basemodel) return; hide(); basemodel->changeView(); show(); } void XcaTreeView::exportItems(const QModelIndexList &indexes, const QString &filename, const pki_export *xport) { XFile file(filename); if (xport->match_all(F_PRIVATE)) file.open_key(); else file.open_write(); basemodel->exportItems(indexes, xport, file); } void XcaTreeView::exportItems(const QModelIndexList &indexes) { if (!basemodel || indexes.empty()) return; ExportDialog *dlg = exportDialog(indexes); if (dlg && dlg->exec()) { try { QString fname = dlg->filename->text(); const pki_export *xport = dlg->export_type(); if (dlg->separateFiles->isChecked()) { Passwd pass; if (xport->match_all(F_CRYPT) && dlg->samePassword->isChecked()) { // Plural form not required for < 2 items // Will only be called for 2 or more items pass_info p(tr("Export Password"), tr("Please enter the password to encrypt all %n " "exported private key(s) in:\n%1", "Singular form for 0 or 1 item can be ignored. Will always be called with n >= 2", indexes.size()).arg(fname), this); // Ask for an encryption password once if (PwDialogCore::execute(&p, &pass, true) != 1) return; } for (QModelIndex idx : indexes) { pki_base *pki = db_base::fromIndex(idx); // Will be cleared by PwDialogCore PwDialogCore::cmdline_passwd = pass; QString fn = pki->get_dump_filename(fname, QString(".%1").arg(xport->extension)); exportItems(QModelIndexList() << idx, fn, xport); } PwDialogCore::cmdline_passwd.cleanse(); } else { exportItems(indexes, fname, xport); } } catch (errorEx &err) { XCA_ERROR(err); } } delete dlg; } ExportDialog *XcaTreeView::exportDialog(const QModelIndexList &) { return nullptr; } void XcaTreeView::showContextMenu(QContextMenuEvent *e, const QModelIndex &idx) { QMenu *menu = new QMenu(mainwin); QMenu *subExport = NULL; QModelIndexList indexes = getSelectedIndexes(); QModelIndex index; index = idx.isValid() ? idx : currentIndex(); menu->addAction(tr("New"), this, SLOT(newItem())); menu->addAction(tr("Import"), this, SLOT(load())); menu->addAction(tr("Paste PEM data"), mainwin, SLOT(pastePem()))-> setShortcut(QKeySequence::Paste); if (indexes.size() == 1) { menu->addAction(tr("Rename"), this, SLOT(editIdx())); menu->addAction(tr("Properties"), this, SLOT(editComment())); } if (indexes.size() > 0) { menu->addAction(tr("Delete"), this, SLOT(deleteItems()))-> setShortcut(QKeySequence::Delete); subExport = menu->addMenu(tr("Export")); const pki_export *xport = pki_export::by_id(Settings[ClipboardSettings]); QString clipboard = tr("Clipboard"); if (xport) clipboard = QString("%1 (%2)").arg(clipboard).arg(xport->desc); subExport->addAction(clipboard, this, SLOT(pem2clipboard()))->setShortcut(QKeySequence::Copy); subExport->addAction(tr("File"), this, SLOT(exportItems()))-> setShortcut(QKeySequence::Save); } clipboardFormatMenu(menu); fillContextMenu(menu, subExport, index, indexes); contextMenu(e, menu, -1); } void XcaTreeView::keyPressEvent(QKeyEvent *event) { switch (event->key()) { case Qt::Key_Backspace: case Qt::Key_Delete: deleteItems(); return; case Qt::Key_Enter: case Qt::Key_Return: if (state() != QAbstractItemView::EditingState) showItems(); return; case Qt::Key_F2: editIdx(); return; case Qt::Key_Escape: clearSelection(); return; } if (event->matches(QKeySequence::Save)) { exportItems(); return; } if (event->matches(QKeySequence::Copy)) { pem2clipboard(); return; } QTreeView::keyPressEvent(event); } void XcaTreeView::changeEvent(QEvent *event) { switch (event->type()) { case QEvent::StyleChange: case QEvent::PaletteChange: qDebug() << "Style change event" << event->type(); pki_base::setupColors(palette()); break; default: break; } QTreeView::changeEvent(event); } void XcaTreeView::clipboardFormatMenu(QMenu *menu) { if (!ClipboardSettings || !ClipboardPki_type) return; int exp_type = Settings[ClipboardSettings]; QActionGroup *group = new QActionGroup(menu); QMenu *clipboard = menu->addMenu(tr("Clipboard format")); foreach(const pki_export *x, pki_export::select(ClipboardPki_type, 0)) { if (!(x->flags & F_CLIPBOARD)) continue; QAction *a = clipboard->addAction(x->desc); a->setData(x->id); a->setCheckable(true); a->setChecked(exp_type == x->id); group->addAction(a); } connect(group, SIGNAL(triggered(QAction*)), this, SLOT(clipboardFormat(QAction*))); } void XcaTreeView::clipboardFormat(QAction *a) { if (ClipboardSettings) Settings[ClipboardSettings] = a->data().toInt(); } xca-RELEASE.2.9.0/widgets/XcaTreeView.h000066400000000000000000000050641477156507700174110ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2006 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __XCATREEVIEW_H #define __XCATREEVIEW_H #include #include #include #include #include #include "lib/pki_export.h" class database_model; class MainWindow; class db_base; class dbheader; class pki_base; class QKeyEvent; class QContextMenuEvent; class QMenu; class load_base; class ExportDialog; class XcaTreeView: public QTreeView { Q_OBJECT dbheader *curr_hd{}; QTimer throttle{}; protected: db_base *basemodel{}; QSortFilterProxyModel *proxy{}; MainWindow *mainwin{}; const char *ClipboardSettings{}; enum pki_type ClipboardPki_type{ none }; void clipboardFormatMenu(QMenu *menu); public: XcaTreeView(QWidget *parent = nullptr); virtual ~XcaTreeView(); void contextMenuEvent(QContextMenuEvent *e); void setModel(QAbstractItemModel *model); void setMainwin(MainWindow *mw, QLineEdit *filter); QModelIndex getIndex(const QModelIndex &index); QModelIndex getProxyIndex(const QModelIndex &index); QModelIndexList getSelectedIndexes(); void headerEvent(QContextMenuEvent *e, int col); QModelIndex currentIndex(); void showContextMenu(QContextMenuEvent *e, const QModelIndex &index); virtual void fillContextMenu(QMenu *menu, QMenu *subExport, const QModelIndex &index, QModelIndexList indexes) { (void)menu; (void)subExport; (void)index; (void)indexes; } void contextMenu(QContextMenuEvent *e, QMenu *parent = NULL, int sect = -1); void keyPressEvent(QKeyEvent *event); void changeEvent(QEvent *event); virtual void showPki(pki_base *) {}; virtual void exportItems(const QModelIndexList &indexes); virtual void load_default(load_base *load); virtual ExportDialog *exportDialog(const QModelIndexList &indexes); virtual void exportItems(const QModelIndexList &indexes, const QString &filename, const pki_export *xport); public slots: void changeView(); void showHideSections(); void sectionMoved(int idx, int oldI, int newI); void columnsResize(); void editIdx(); void setFilter(const QString &pattern); void deleteItems(); void exportItems(); void showItems(); void newItem(); void doubleClick(const QModelIndex &m); void pem2clipboard(); void headerDetails(); void columnRemove(); void columnsChanged(); void editComment(); void showItem(pki_base *); void showItem(const QModelIndex &index); void showItem(const QString &name); void itemSelectionChanged(const QModelIndex &m, const QModelIndex &); void clipboardFormat(QAction*); }; #endif xca-RELEASE.2.9.0/widgets/XcaWarning.cpp000066400000000000000000000042171477156507700176160ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2018 Christian Hohnstaedt. * * All rights reserved. */ #include "XcaWarning.h" #include "XcaDialog.h" #include "lib/func.h" #include #include #include #include #include #include xcaWarningBox::xcaWarningBox(QWidget *w, const QString &txt, QMessageBox::Icon icn) : QMessageBox(icn, XCA_TITLE, txt, QMessageBox::NoButton, w) { setTextFormat(Qt::PlainText); } void xcaWarningBox::addButton(QMessageBox::StandardButton button, const QString &text) { QPushButton *b = QMessageBox::addButton(button); if (b && !text.isEmpty()) b->setText(text); } int xcaWarningGui::showBox(const QString &txt, QMessageBox::Icon icn, QMessageBox::StandardButtons b) { QMessageBox w(icn, XCA_TITLE, txt, b, nullptr); return w.exec(); } void xcaWarningGui::information(const QString &msg) { showBox(msg, QMessageBox::Information, QMessageBox::Ok); } void xcaWarningGui::warning(const QString &msg) { showBox(msg, QMessageBox::Warning, QMessageBox::Ok); } bool xcaWarningGui::yesno(const QString &msg) { return showBox(msg, QMessageBox::Question, QMessageBox::Yes | QMessageBox::No) == QMessageBox::Yes; } bool xcaWarningGui::okcancel(const QString &msg) { return showBox(msg, QMessageBox::Warning, QMessageBox::Ok | QMessageBox::Cancel) == QMessageBox::Ok; } void xcaWarningGui::sqlerror(QSqlError err) { qCritical() << "SQL ERROR:" << err.text(); } void xcaWarningGui::error(const QString &msg) { xcaWarningBox box(NULL, msg); box.addButton(QMessageBox::Apply, tr("Copy to Clipboard")); box.addButton(QMessageBox::Ok); if (box.exec() == QMessageBox::Apply) { QClipboard *cb = QApplication::clipboard(); cb->setText(msg); if (cb->supportsSelection()) cb->setText(msg, QClipboard::Selection); } } void xcaWarningGui::warningv3(const QString &msg, const extList &el) { QString etext = QString("

    ") + msg + QString("

    ") + el.getHtml("
    "); QTextEdit *textbox = new QTextEdit(etext); XcaDialog *d = new XcaDialog(NULL, x509, textbox, QString(), QString()); d->aboutDialog(QPixmap(":certImg")); d->exec(); delete d; } xca-RELEASE.2.9.0/widgets/XcaWarning.h000066400000000000000000000016171477156507700172640ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2018 - 2020 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __XCAWARNING_H #define __XCAWARNING_H #include "lib/XcaWarningCore.h" #include class xcaWarningBox: public QMessageBox { Q_OBJECT public: xcaWarningBox(QWidget *w, const QString &txt, QMessageBox::Icon icn = QMessageBox::Warning); void addButton(QMessageBox::StandardButton button, const QString &text = QString()); }; class xcaWarningGui : public QObject, public xcaWarning_i { Q_OBJECT int showBox(const QString &txt, QMessageBox::Icon icn, QMessageBox::StandardButtons b); public: void information(const QString &msg); void warning(const QString &msg); void warningv3(const QString &msg, const extList &el); bool yesno(const QString &msg); bool okcancel(const QString &msg); void sqlerror(QSqlError err); void error(const QString &msg); }; #endif xca-RELEASE.2.9.0/widgets/clicklabel.cpp000066400000000000000000000031611477156507700176370ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2007 Christian Hohnstaedt. * * All rights reserved. */ #include "clicklabel.h" #include #include #include void DoubleClickLabel::mouseDoubleClickEvent(QMouseEvent * e) { QWidget::mouseDoubleClickEvent(e); if (clicktext.isEmpty()) emit doubleClicked(text()); else emit doubleClicked(clicktext); } void DoubleClickLabel::setClickText(QString s) { clicktext = s; } ClickLabel::ClickLabel(QWidget *parent) :DoubleClickLabel(parent) { QFont fnt( font() ); fnt.setBold(true); setFont( fnt ); setFrameShape( QLabel::Panel ); setFrameShadow( QLabel::Sunken ); setAlignment( Qt::AlignCenter ); setToolTip( tr("Double click for details") ); setAutoFillBackground(true); QPalette pal = palette(); QColor col = QColor(0xff, 0xff, 0xff); pal.setColor(QPalette::Normal, QPalette::Window, col ); pal.setColor(QPalette::Inactive, QPalette::Window, col ); setPalette( pal ); setTextFormat(Qt::PlainText); } void ClickLabel::setColor(const QColor &col) { QPalette pal = palette(); pal.setColor(QPalette::Normal, QPalette::WindowText, col ); pal.setColor(QPalette::Inactive, QPalette::WindowText, col ); setPalette( pal ); } void ClickLabel::setRed() { setColor( QColor( 192, 32, 32) ); } void ClickLabel::setGreen() { setColor( QColor( 32, 192, 32) ); } void ClickLabel::disableToolTip() { setToolTip(QString()); } CopyLabel::CopyLabel(QWidget *parent) :DoubleClickLabel(parent) { setFrameStyle(QFrame::StyledPanel); setTextFormat(Qt::PlainText); setTextInteractionFlags( Qt::TextSelectableByMouse | Qt::TextSelectableByKeyboard ); } xca-RELEASE.2.9.0/widgets/clicklabel.h000066400000000000000000000014321477156507700173030ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2007 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __CLICKLABEL_H #define __CLICKLABEL_H #include class QMouseEvent; class DoubleClickLabel : public QLabel { Q_OBJECT QString clicktext{}; public: DoubleClickLabel(QWidget *parent) : QLabel(parent) { } void setClickText(QString s); protected: void mouseDoubleClickEvent ( QMouseEvent * e ); signals: void doubleClicked(QString text); }; class ClickLabel : public DoubleClickLabel { Q_OBJECT public: ClickLabel(QWidget *parent); void setRed(); void setGreen(); void disableToolTip(); protected: void setColor(const QColor &col); }; class CopyLabel : public DoubleClickLabel { Q_OBJECT public: CopyLabel(QWidget *parent); }; #endif xca-RELEASE.2.9.0/widgets/distname.cpp000066400000000000000000000042161477156507700173600ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2010 Christian Hohnstaedt. * * All rights reserved. */ #include "distname.h" #include #include #include #include "lib/x509name.h" #include "lib/db_x509super.h" #include "lib/base.h" #include "clicklabel.h" #include "OidResolver.h" #include "MainWindow.h" DistName::DistName(QWidget* parent) : QWidget(parent) { DistNameLayout = new QGridLayout(); DistNameLayout->setAlignment(Qt::AlignTop); DistNameLayout->setSpacing(6); DistNameLayout->setContentsMargins(11, 11, 11, 11); QGridLayout *g = new QGridLayout(); g->setAlignment(Qt::AlignTop); g->setSpacing(6); g->setContentsMargins(11, 11, 11, 11); QVBoxLayout *v = new QVBoxLayout(this); v->setSpacing(6); v->setContentsMargins(11, 11, 11, 11); v->addLayout(DistNameLayout); v->addStretch(); v->addLayout(g); rfc2253 = new QLineEdit(this); rfc2253->setReadOnly(true); g->addWidget(new QLabel(QString("RFC 2253:"), this), 0, 0); g->addWidget(rfc2253, 0, 1); namehash = new QLineEdit(this); namehash->setReadOnly(true); g->addWidget(new QLabel(QString("Hash:"), this), 1, 0); g->addWidget(namehash, 1, 1); } void DistName::setX509name(const x509name &n) { DoubleClickLabel *l1; QLabel *l2; QStringList sl; for (int i=0; isetTextFormat(Qt::PlainText); l1->setText(label); l1->setClickText(sl[1]); if (l1->text().isEmpty()) l1->setText(sl[0]); l2->setText(sl[2]); l1->setToolTip(QString("[%1] %2").arg(sl[0]).arg(toolt)); l2->setToolTip(sl[3]); connect(l1, SIGNAL(doubleClicked(QString)), MainWindow::getResolver(), SLOT(searchOid(QString))); DistNameLayout->addWidget(l1, i, 0); DistNameLayout->addWidget(l2, i, 1); } rfc2253->setText(n.oneLine(XN_FLAG_RFC2253)); rfc2253->setCursorPosition(0); namehash->setText(n.hash()); updateGeometry(); } xca-RELEASE.2.9.0/widgets/distname.h000066400000000000000000000007721477156507700170300ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2001 - 2007 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __DISTNAME_H #define __DISTNAME_H #include #include class x509name; class QLabel; class QComboBox; class QLineEdit; class myGridlayout; class DistName : public QWidget { Q_OBJECT public: DistName(QWidget *parent); void setX509name(const x509name &n); protected: QGridLayout* DistNameLayout{}; QLineEdit *rfc2253{}; QLineEdit *namehash{}; }; #endif xca-RELEASE.2.9.0/widgets/hashBox.cpp000066400000000000000000000017411477156507700171500ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2007 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #include "hashBox.h" #include "lib/base.h" #include hashBox::hashBox(QWidget *parent) :QComboBox(parent) { setupAllHashes(); } const digest hashBox::current() const { return digest(currentText()); } void hashBox::setCurrent(const digest &md) { int idx = findText(md.name()); if (idx != -1) { setCurrentIndex(idx); wanted_md = ""; } else { wanted_md = md.name(); } } void hashBox::setupHashes(QList nids) { QString md = currentText(); if (!wanted_md.isEmpty()) md = wanted_md; clear(); foreach(int nid, digest::all_digests) { if (nids.contains(nid)) addItem(digest(nid).name()); } setEnabled(count() > 0); setDefaultHash(); if (!md.isEmpty()) setCurrent(digest(md)); else setDefaultHash(); } void hashBox::setupAllHashes() { setupHashes(digest::all_digests); } void hashBox::setDefaultHash() { setCurrent(digest::getDefault()); } xca-RELEASE.2.9.0/widgets/hashBox.h000066400000000000000000000007731477156507700166210ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2007 - 2011 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __HASH_BOX_H #define __HASH_BOX_H #include #include "lib/digest.h" class hashBox: public QComboBox { Q_OBJECT private: QString wanted_md{}; int backup{}; int key_type{}; public: hashBox(QWidget *parent); const digest current() const; void setCurrent(const digest &md); void setupHashes(QList nids); void setupAllHashes(); void setDefaultHash(); }; #endif xca-RELEASE.2.9.0/widgets/kvView.cpp000066400000000000000000000131701477156507700170260ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2010 Christian Hohnstaedt. * * All rights reserved. */ #include "lib/func.h" #include "widgets/kvView.h" #include #include QWidget *comboDelegate::createEditor(QWidget *parent, const QStyleOptionViewItem &, const QModelIndex &) const { QComboBox *editor = new QComboBox(parent); editor->addItems(keys); return editor; } void comboDelegate::setEditorData(QWidget *editor, const QModelIndex &index) const { QString v = index.model()->data(index, Qt::EditRole).toString(); QComboBox *c = static_cast(editor); c->setCurrentIndex(c->findText(v)); } void comboDelegate::setModelData(QWidget *editor, QAbstractItemModel *model, const QModelIndex &index) const { QComboBox *c = static_cast(editor); model->setData(index, c->currentText(), Qt::EditRole); } QWidget *lineDelegate::createEditor(QWidget *parent, const QStyleOptionViewItem &, const QModelIndex &) const { return new QLineEdit(parent); } void lineDelegate::setEditorData(QWidget *editor, const QModelIndex &index) const { QString v, k; v = index.model()->data(index, Qt::EditRole).toString(); QModelIndex key = index.sibling(index.row(), 0); QLineEdit *l = static_cast(editor); l->setText(v); if (key.isValid()) { k = key.model()->data(key, Qt::DisplayRole).toString(); emit setupLineEdit(k, l); } if (infoLabel) infoLabel->setText(k + ": " + l->toolTip()); } void lineDelegate::setModelData(QWidget *editor, QAbstractItemModel *model, const QModelIndex &index) const { QLineEdit *l = static_cast(editor); model->setData(index, l->text(), Qt::EditRole); } kvmodel::kvmodel(const QStringList &heads) { header = heads; myCols = heads.size(); } QStringList kvmodel::getRow(int i) { QStringList sl; sl << items[i*myCols] << items[i *myCols +1]; return sl; } void kvmodel::addRow(const QStringList &newrow) { int row = rowCount(QModelIndex()); beginInsertRows(QModelIndex(), row, row); for (int i = 0; i= newrow.size()) items << QString(); else items << newrow[i].trimmed(); } endInsertRows(); } QVariant kvmodel::data(const QModelIndex &index, int role) const { int id = index.internalId(); QString s = items[id]; switch (role) { case Qt::EditRole: case Qt::DisplayRole: return QVariant(s); } return QVariant(); } QVariant kvmodel::headerData(int section, Qt::Orientation orientation, int role) const { if (role == Qt::DisplayRole) { if (orientation == Qt::Horizontal) return QVariant(header[section]); if (orientation == Qt::Vertical) return QVariant(section); } return QVariant(); } bool kvmodel::insertRows(int row, int count, const QModelIndex &) { beginInsertRows(QModelIndex(), row, row+count-1); for (int i=0; i< count *myCols; i++) { items.insert(row*myCols, QString()); } endInsertRows(); return true; } bool kvmodel::removeRows(int row, int count, const QModelIndex &) { beginRemoveRows(QModelIndex(), row, row+count-1); for (int i=0; i< count*myCols; i++) { items.removeAt(row*myCols); } endRemoveRows(); return true; } bool kvmodel::setData(const QModelIndex &index, const QVariant &value, int role) { if (index.isValid() && role == Qt::EditRole) { items[index.internalId()] = value.toString().trimmed(); emit dataChanged(index, index); return true; } return false; } void kvmodel::moveRow(int oldi, int newi) { QStringList line = items.mid(oldi*myCols, myCols); removeRows(oldi, 1); insertRows(newi, 1); for (int i=0; isetDefaultSectionSize(200); horizontalHeader()->setStretchLastSection(true); verticalHeader()->setSectionsMovable(true); verticalHeader()->setDefaultSectionSize(24); setEditTriggers(QAbstractItemView::AllEditTriggers); connect(verticalHeader(), SIGNAL(sectionMoved(int,int,int)), this, SLOT(moveRow(int,int,int))); infoLabel = NULL; initLineDelegate(); } void kvView::initCols(QStringList &heads) { QAbstractItemModel *m = model(); setModel(new kvmodel(heads)); delete m; } kvView::~kvView() { delete model(); } void kvView::initLineDelegate(int col) { lineDelegate *d = new lineDelegate(infoLabel, this); setItemDelegateForColumn(col, d); connect(static_cast(d), SIGNAL(closeEditor(QWidget *, QAbstractItemDelegate::EndEditHint)), this, SLOT(editorExited())); } void kvView::setKeys(const QStringList &k, int col) { if (!col) keys0 = k; comboDelegate *d = new comboDelegate(k, this); setItemDelegateForColumn(col, d); } void kvView::moveRow(int, int oldi, int newi) { static int moving = 0; if (moving) return; moving = 1; verticalHeader()->moveSection(newi, oldi); static_cast(model())->moveRow(oldi, newi); repaint(); moving = 0; } void kvView::addRow(const QStringList &newrow) { int max = MIN(model()->columnCount(QModelIndex()), newrow.size()); for (int i = 0; i(itemDelegateForColumn(i))->addKey(key); } static_cast(model())->addRow(newrow); } void kvView::addKvRow() { QString k; if (keys0.count() > 0) k = keys0[rowCount() % keys0.count()]; addRow(QStringList(k)); } void kvView::deleteCurrentRow() { if (!currentIndex().isValid()) return; model()->removeRows(currentIndex().row(), 1, QModelIndex()); } void kvView::editorExited() { if (infoLabel) infoLabel->clear(); } xca-RELEASE.2.9.0/widgets/kvView.h000066400000000000000000000074251477156507700165010ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2010 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __KVVIEW_H #define __KVVIEW_H #include #include #include #include #include #include "lib/base.h" class kvView; class kvDelegate : public QItemDelegate { Q_OBJECT public: kvDelegate(QObject *parent) :QItemDelegate(parent) { } virtual void addKey(QString &) {}; }; class comboDelegate : public kvDelegate { Q_OBJECT QStringList keys{}; public: comboDelegate(QStringList k, QObject *parent = nullptr) :kvDelegate(parent), keys(k) { } void addKey(QString &key) { if (!key.isEmpty() && (keys.count() == 0 || !keys.contains(key))) keys << key; } QWidget *createEditor(QWidget *parent, const QStyleOptionViewItem &option, const QModelIndex &index) const; void setEditorData(QWidget *editor, const QModelIndex &index) const; void setModelData(QWidget *editor, QAbstractItemModel *model, const QModelIndex &index) const; void updateEditorGeometry(QWidget *editor, const QStyleOptionViewItem &option, const QModelIndex &index) const { (void)index; editor->setGeometry(option.rect); } }; class lineDelegate : public kvDelegate { Q_OBJECT QLabel *infoLabel{}; public: lineDelegate(QLabel *lbl = nullptr, QObject *parent = nullptr) : kvDelegate(parent), infoLabel(lbl) { } QWidget *createEditor(QWidget *parent, const QStyleOptionViewItem &option, const QModelIndex &index) const; void setEditorData(QWidget *editor, const QModelIndex &index) const; void setModelData(QWidget *editor, QAbstractItemModel *model, const QModelIndex &index) const; void updateEditorGeometry(QWidget *editor, const QStyleOptionViewItem &option, const QModelIndex &) const { editor->setGeometry(option.rect); } signals: void setupLineEdit(const QString &s, QLineEdit *l) const; }; class kvmodel: public QAbstractTableModel { QStringList items{}; QStringList header{}; int myCols{}; public: kvmodel(const QStringList &heads); QStringList getRow(int i); void addRow(const QStringList &newrow); Qt::ItemFlags flags(const QModelIndex &index) const { return QAbstractTableModel::flags(index) | Qt::ItemIsEditable; } QModelIndex index(int row, int column, const QModelIndex &parent = QModelIndex()) const { (void)parent; return createIndex(row, column, row*myCols +column); } QVariant data(const QModelIndex &index, int role) const; QVariant headerData(int section, Qt::Orientation orientation, int role) const; bool insertRows(int row, int count, const QModelIndex &parent = QModelIndex()); bool removeRows(int row, int count, const QModelIndex & parent = QModelIndex()); int rowCount(const QModelIndex &parent) const { (void)parent; return items.count()/myCols; } int columnCount(const QModelIndex &parent) const { (void)parent; return myCols; } bool setData(const QModelIndex &index, const QVariant &value, int role); void moveRow(int oldi, int newi); }; class kvView: public QTableView { Q_OBJECT QStringList keys0{}; QLabel *infoLabel{}; public: kvView(QWidget *parent = nullptr); ~kvView(); int rowCount() { return model()->rowCount(QModelIndex()); } QStringList getRow(int i) { return static_cast(model())->getRow(i); } void addRow(const QStringList &newrow); void deleteAllRows() { if (model()->rowCount() > 0) model()->removeRows(0, rowCount(), QModelIndex()); } void setInfoLabel(QLabel *lbl, int col = 1) { infoLabel = lbl; initLineDelegate(col); } void initLineDelegate(int col = 1); void setKeys(const QStringList &k, int col = 0); void initCols(QStringList &heads); private slots: void moveRow(int logical, int oldi, int newi); void editorExited(); public slots: void addKvRow(); void deleteCurrentRow(); }; #endif xca-RELEASE.2.9.0/widgets/pkcs12EncBox.cpp000066400000000000000000000021531477156507700177540ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2007 - 2015 Christian Hohnstaedt. * * All rights reserved. */ #include "pkcs12EncBox.h" #include pkcs12EncBox::pkcs12EncBox(QWidget *parent) :QComboBox(parent) { setupAllEncAlgos(); } const encAlgo pkcs12EncBox::current() const { return encAlgo(currentData().toInt()); } void pkcs12EncBox::setCurrent(const encAlgo &md) { int idx = findData(QVariant(md.getEncAlgoNid())); if (idx != -1) { setCurrentIndex(idx); wanted_encAlgo = NID_undef; } else { wanted_encAlgo = md.getEncAlgoNid(); } } void pkcs12EncBox::setupEncAlgos(QList nids) { int md = currentData().toInt(); if (wanted_encAlgo != NID_undef) md = wanted_encAlgo; clear(); foreach(int nid, encAlgo::all_encAlgos) { if (nids.contains(nid)) addItem(encAlgo(nid).displayName(), QVariant(nid)); } setEnabled(count() > 0); setDefaultEncAlgo(); if (md != NID_undef) setCurrent(encAlgo(md)); else setDefaultEncAlgo(); } void pkcs12EncBox::setupAllEncAlgos() { setupEncAlgos(encAlgo::all_encAlgos); } void pkcs12EncBox::setDefaultEncAlgo() { setCurrent(encAlgo::getDefault()); } xca-RELEASE.2.9.0/widgets/pkcs12EncBox.h000066400000000000000000000010041477156507700174130ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2007 - 2011 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __PKCS12_ENC_BOX_H #define __PKCS12_ENC_BOX_H #include #include "lib/pki_pkcs12.h" class pkcs12EncBox: public QComboBox { Q_OBJECT private: int wanted_encAlgo{}; public: pkcs12EncBox(QWidget *parent); const encAlgo current() const; void setCurrent(const encAlgo &md); void setupEncAlgos(QList nids); void setupAllEncAlgos(); void setDefaultEncAlgo(); }; #endif xca-RELEASE.2.9.0/widgets/v3ext.cpp000066400000000000000000000075751477156507700166400ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2005 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #include "v3ext.h" #include #include #include #include #include #include #include #include #include "XcaWarning.h" #include "lib/exception.h" #include "lib/ipvalidator.h" #include "lib/x509v3ext.h" #include v3ext::v3ext(QWidget *parent) :QDialog(parent) { setupUi(this); setWindowTitle(XCA_TITLE); tab->horizontalHeader()->setDefaultSectionSize(80); } void v3ext::addInfo(QLineEdit *myle, const QStringList &sl, int n, X509V3_CTX *ctx) { nid = n; le = myle; ext_ctx = ctx; tab->setKeys(sl); keys = sl; tab->setInfoLabel(infoLabel); connect(tab->itemDelegateForColumn(1), SIGNAL(setupLineEdit(const QString &, QLineEdit *)), this, SLOT(setupLineEdit(const QString &, QLineEdit *))); if (le && !le->text().trimmed().isEmpty()) addItem(le->text()); if (n != NID_subject_alt_name) copy_cn->hide(); } void v3ext::addItem(const QString &list) { int i; QStringList sl; sl = list.split(','); if (sl[0] == "critical") { sl.takeFirst(); critical->setChecked(true); } for (i=0; i< sl.count(); i++) { if (sl[i] == "DNS:copycn" && nid == NID_subject_alt_name) copy_cn->setChecked(true); else addEntry(sl[i]); } } void v3ext::setupLineEdit(const QString &s, QLineEdit *l) { QString tt; QValidator *v = NULL; if (s == "email") { if (nid == NID_subject_alt_name) tt = tr("An email address or 'copy'"); else tt = tr("An email address"); } else if (s == "RID") { tt = tr("A registered ID: OBJECT IDENTIFIER"); QRegularExpression rx("[a-zA-Z0-9.]+"); v = new QRegularExpressionValidator(rx, this); } else if (s == "URI") { tt = tr("A uniform resource indicator"); QRegularExpression rx("[a-z][a-z0-9\\.\\+\\-]*://.*"); v = new QRegularExpressionValidator(rx, this); } else if (s == "DNS") { if (nid == NID_subject_alt_name) tt = tr("A DNS domain name or 'copycn'"); else tt = tr("A DNS domain name"); } else if (s == "IP") { tt = tr("An IP address"); v = new ipValidator(); } else if (s == "otherName") { tt = tr("Syntax: ;TYPE:text like '1.2.3.4:UTF8:name'"); QRegularExpression rx("[a-zA-Z0-9.]+;.*"); v = new QRegularExpressionValidator(rx, this); } else if (s == "issuer") { tt = tr("No editing. Only 'copy' allowed here"); l->setText(QString("copy")); l->setReadOnly(true); QRegularExpression rx("copy"); v = new QRegularExpressionValidator(rx, this); } l->setToolTip(tt); l->setValidator(v); } /* for one TYPE:Content String */ void v3ext::addEntry(const QString &l) { int idx; QString type, value, line(l); line = line.trimmed(); idx = line.indexOf(':'); if (idx == -1) { value = line; } else { type = line.left(idx); value = line.mid(idx+1); } if (!keys.contains(type)) { type = keys[0]; value = line; } tab->addRow(QStringList(type) << value); } QString v3ext::toString() { QStringList str; int i, row = tab->rowCount(); if (critical->isChecked()) str << "critical"; if (copy_cn->isChecked()) str << "DNS:copycn"; for (i=0; igetRow(i); str += s[0] + ":" +s[1]; } return str.join(", "); } void v3ext::on_apply_clicked() { __validate(false); if (le) le->setText(toString()); accept(); } bool v3ext::__validate(bool showSuccess) { x509v3ext ext; QString str, error; validate->setFocus(Qt::OtherFocusReason); str = prefix + toString(); ext.create(nid, str, ext_ctx); while (int i = ERR_get_error() ) { error += ERR_error_string(i ,NULL); error += "\n"; } if (!error.isEmpty()) { XCA_WARN(tr("Validation failed:\n'%1'\n%2"). arg(str).arg(error)); return false; } if (showSuccess) { XCA_INFO(tr("Validation successful:\n'%1'"). arg(ext.getValue())); } return true; } void v3ext::on_validate_clicked() { __validate(true); } xca-RELEASE.2.9.0/widgets/v3ext.h000066400000000000000000000016561477156507700162770ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2005 - 2014 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __V3EXT_H #define __V3EXT_H #include "ui_v3ext.h" #include "lib/pki_base.h" #include #include #include #include "widgets/kvView.h" class pki_x509; class pki_key; class v3ext: public QDialog, public Ui::v3ext { Q_OBJECT private: int nid{}; QLineEdit *le{}; X509V3_CTX *ext_ctx{}; QStringList keys{}; QString prefix{}; bool __validate(bool showSuccess); public: v3ext( QWidget *parent); void addItem(const QString &list); void addEntry(const QString &list); QString toString(); void addInfo(QLineEdit *myle, const QStringList &sl, int n, X509V3_CTX *ctx); void setPrefix(const QString &p) { prefix = p; } public slots: void on_apply_clicked(); void on_validate_clicked(); void setupLineEdit(const QString &s, QLineEdit *l); }; #endif xca-RELEASE.2.9.0/widgets/validity.cpp000066400000000000000000000050721477156507700174020ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2003 - 2012 Christian Hohnstaedt. * * All rights reserved. */ #include "validity.h" #include #include "lib/asn1time.h" #include "lib/func.h" Validity::Validity(QWidget *parent) : QDateTimeEdit(parent) { setTimeSpec(Qt::UTC); setNow(); hideTime(false); connect(this, SIGNAL(timeChanged(const QTime &)), this, SLOT(setMyTime(const QTime &))); updateFormatString(); } Validity::~Validity() { } a1time Validity::getDate() const { a1time date(dateTime()); QTime time; if (midnight) { time = endDate ? QTime(23,59,59) : QTime(0,0,0); date.setTimeSpec(Qt::UTC); } else { time = date.time(); time.setHMS(time.hour(), time.minute(), 0); } date.setTime(time); return date; } void Validity::localTime(int state) { if (midnight) return; switch (state) { case Qt::Checked: setTimeSpec(Qt::LocalTime); setDateTime(dateTime().toLocalTime()); break; case Qt::Unchecked: setTimeSpec(Qt::UTC); setDateTime(dateTime().toUTC()); break; } updateFormatString(); } void Validity::hideTimeCheck(int state) { switch (state) { case Qt::Checked: hideTime(true); break; case Qt::Unchecked: hideTime(false); break; } } void Validity::hideTime(bool hide) { if (hide) { if (!midnight && endDate) setDateTime(dateTime().addDays(-1)); midnight = true; } else { if (midnight && endDate) setDateTime(dateTime().addDays(1)); midnight = false; setTime(mytime); } updateFormatString(); } void Validity::updateFormatString() { QString formatDate = tr("yyyy-MM-dd hh:mm"); QString format; if (midnight) { if (!endDate) format = QTime(0,0,0).toString(formatDate); else format = QTime(23,59,59).toString(formatDate); } else { format = formatDate; } if (timeSpec() == Qt::UTC || midnight) { format += " 'GMT'"; } else { format += QString(" '%1'") .arg(QTime::currentTime().toString("t")); } setDisplayFormat(format); } void Validity::setDate(const a1time &a) { setDateTime(a); setMyTime(a.time()); } void Validity::setDiff(const Validity *start, int number, int range) { QDateTime dt = start->dateTime(); switch (range) { case 0: dt = dt.addDays(number); break; case 1: dt = dt.addMonths(number); break; case 2: dt = dt.addYears(number); break; } // one day less if we go from 0:00:00 to 23:59:59 if (midnight) dt = dt.addDays(-1); setDateTime(dt); setMyTime(start->mytime); } void Validity::setNow() { setDate(a1time()); } void Validity::setMyTime(const QTime &time) { mytime = time; } void Validity::setEndDate(bool ed) { endDate = ed; hideTime(midnight); } xca-RELEASE.2.9.0/widgets/validity.h000066400000000000000000000013261477156507700170450ustar00rootroot00000000000000/* vi: set sw=4 ts=4: * * Copyright (C) 2003 - 2012 Christian Hohnstaedt. * * All rights reserved. */ #ifndef __VALIDITY_H #define __VALIDITY_H #include #include class Validity : public QDateTimeEdit { Q_OBJECT bool midnight{}, endDate{}; void updateFormatString(); protected: QTime mytime{}; public: Validity( QWidget* parent); ~Validity(); a1time getDate() const; void setDate(const a1time &a); void setDiff(const Validity *start, int number, int range); void hideTime(bool hide); void setEndDate(bool ed); protected slots: void setMyTime(const QTime & time); public slots: void setNow(); void hideTimeCheck(int state); void localTime(int); }; #endif xca-RELEASE.2.9.0/xcf/000077500000000000000000000000001477156507700141575ustar00rootroot00000000000000xca-RELEASE.2.9.0/xcf/cert.xcf000066400000000000000000011536001477156507700156240ustar00rootroot00000000000000gimp xcf file BBj/ gimp-commentCreated with The GIMPݐp1  E#revoked     jT x $4DTdt&6IdH   1|T vq 2BRbrԂԒԢԲ=<=<<<=<<===<===<==<===<=<=<==<=<==<<<=<<<<<<=<===<<<<=<======<=<<=<<<<<<=<=<=<<=====<<==<<=<<=<<<<<<==<===<<=<<<==<<<<<======<<=====<========<===<<<<<==<<<<<=<<===<<<<<=<ϒte_cfv[* 2PY 9|݌. 5n. )% f I   )+#Z#,Pp_C1($  x-.2A˜Q& kov  'ܫ    l #z  =  :Y 4    | ![ N  F %{\    "q  C%:    LN  !V)  )",$ w.  ,8*/! ]/ 'A<(  0y( B E)  1#Sދ E!2  ^"WsN4  ^$_[h.7  Mlݿ.=   < o1   / w$    )~G   lހ     }U X   yT ^1@   vOo  pL"^"   da"d8'  fX rv*  gln #A 4z#   _wh!ڈ/|  \t U)dѧ #"  Vs&&dwg#    [t ;e;   da6 5|x h  "sN |m3{By $:C= D   0& %A8 U"    /yT[]^?  g3  08   ίvQ  20 6  ̘Z  j! -    ݘN  Y '   t cI  ? W޿݃  t Gc -˨o %&5g 5L ?elS Mmާt  KnzZN  Qjtu   jW߇  }EB '  2ɼŨ ϓvheejtZ(!5Q_9|؎&  !%>k7 ! &b O  "*6! !!T! $'0On`A30$  !  #uڻ3!"-*?F !"$ ip{  . k !'٘~  A  !EZ 9!~ #[)L I)y`!  &t = :  OU " R$  (-- v+  / <-2'     \3!A5&     2w- C A)(   3/ Sڋ G8  _.TuQ8 \# a\n3?  H"nܿ#/= =' m.  1&w  *O  p!}     }W"X   vV_+> vP!!i  kK 'N  hc!ۼj;,iZ$j 'x4    gp#j=7x!bxd*ߋ3~" YrS.\Ϊ  Vt //c{`؀"   [t :f# >  c` 3 ;~u  g#   "lRvl7}  ?w!  ':E8D   1&   %@< W( 1xyKS^\>  k,  ,8 ̪vS :*    0  ˓a  l$   $  ڛP   Y#   *! s aM(   ;  Ձ    V  ڂ    qʃ N e     ,˨o% ڀ,     7h 4M       Df k  X   Mkz Gkw\ ހO   Zlr s   n^    "~IF *    %:ǽǧ ا}vy|p;#!%Afk &$%!(KޓB !'$  !#2P|42B@2#&"# !"'#!)8xL "$(*(@L&&5&#'&*!n'   (t%kZA_!<;}  H/T"ed$%lE@7 #L#/ N) :#N6I8  /j8.KQC"  B6 J# [DE >5 aޒd>Xk. cxj6R6 j0%kc5K[[/$x@P_J-!"|M# <+%2 3&,*[ /t)) *`$-k,  )_#+w =N-+`0*+z4*W =2k9,|hlZJ *xc #u 9K)2w{%q0U#JF!+t~j(@ 8=',l|h.@tײ1 '=* )iz9 @tǁ  m@. -ox  3Mv+  A62"3ri6 +N !jހ231;Vzo&D G-5?UJD"R%?19 D\@ c- $ISXdbA !w/< 6I?   ԳZB-: 2=:   ўc"t-A 1<5 ߡ[ h0B  -D%   |  t`=9  4X#    ݾۇ ';@  9l   ގ 5   #9υ [  l. &  -IϪw 1"  :!;   -Um7d  /   ,Yl r  b     *Yx ,    *[tf Z      cx y  }   0u_  '  8M E>    4D˿ʭ ?J5 .9   .`?   DZ O   #   J )J . DO   p &&k&D'%9D#O!` p     D  J  O D p ? #{ `kpv   UZ  k 9 #  #  O pU pv U  ǭȵĽԹӹȱęЩ໛»ֺݽ֭׷پˠӻ@ܸϲۀַpЭֿ´ҾǬȴҾƼ &ؿƴ1AɺͲߵ kͿ׺ϸ.ݱʸȸؾYָԾӯڿ϶ɰCȳ݀ؿзwŨʳҲϩݺغRغٿtڿեĨ ͣު˺W<.Ԩ޾ֺ2'ǕܑⲤًܿ) h۬㽞îӸ-Wݽßȶɭ+*w˚Ďնӹm  '׹޳ޜǶQ B㮟մ93ނ注غ"'`ե ]Ե޺ #nȶjz!/ݢ8J]ĹDzcŰζ }߾ٵ# ʤݷ   2ὣހ߃  SrȥN  aYӭڍ# v=FظK  #f?߿݀׋"  6hŬt; 4   T!wϳA0O  _ ߲ 'K l ' / ! DϰO4  2 ߡ G' m 61R  _f Q  t <ȧ G 8 'ᬡ)  Qʀ w Y攓O  cݨ qɕp vѿS fɵ v̘ |J a  I縝 }F iDZŵľޙ澖лϸƱŲ́޻ٺҺ߀ؼհ׹ֿǣѻ6¬׷ɲҹ rͯԽ܀ƭŵѿ¾!/Ƶ; F˻ϵ !nܖӽι!0ʹȺ ]ۓջӾϯ ֻ˸Ű ! IǶԿϹܺ  y©ʴϲέٸԺ UѺܙؿ oؿϫ¨̤ݪ˺[!@:ӫܲػ޿4&ĖಧՍ- !lڭ἟įθ) V۽¢˶ǭ“* )xʛÏ۪Գλq,ӺݠƸM !$Aݶ߯Ѻ?$6ڌⶩӶ,%+\ͨ_Թ#*sʺo{6ª3K¿#WŻIJ ců˶ !~յ(ϥٷ   3ݽ   QqǦJ   _[ùϭڋ#  x>FָJ -f Bݿ۳Ԍ* ! :eĭr? 2 T'wͲ?.P]"޵ ,M p1ê 4 %D̯R   5  8ܦ  A+iۣ6ؿ0 N  _ۿf  E t!Bŭ L   >ـ@ '⨥) U˄  u \ߓQ eޣ u"Șo  z;^ f˶ u˙s־I c Qⷞ tG k˸˼ĘտټʶȞijѯ«սíֱ׻ͤıӼIůغϳ¨sѰԿŸôɱθ®-2°ɸ+ Iξй" qҿ!$#9ͻ˽£   _ټ׶%$!!ĶҺɵ' # I˹Լ "#zįθڷ!#%г޿ٿ %aؿƩƬ  tĦڪǬ#Ψ㯚о\"H;װŘݾ6&ɛ๬īڏ, m߲çDzԿ0  `è˧Ϲϲ,#+BРɖٺԻv" Aپ塮ʺ\1<\簤ؽO&3(C껪ԳB .Dlīѫ !+j׸ƾ!)@ιo~2L9c& cŻȸ!qƲҹ,ܺ5"ժݼ! , @߁ * Z}˪O   ij¾ֱ-   TWغW   ;yS°ٓ) ,  G}!uȱwA 8  d7շI!  2X $i9㶦   /M  )~Eĭ   0  2!Xҳ^   0  ?+ð   C0 k!Lƹ< R&  1oíq  P#  u*Vɫ   J  @  .H泪%  Sϋ  xޣ"1f㗕`  eŤݬ(  2Зu  v` /xϺǿ Р  uR4m[侜 uQ#s@=<D;<;9:9986764 5 4 337J688889v!Uv)!"74 J2 2 /D e     `     4        9 `   { k e ٲ៍ݾ±ҿƳ߫βïзĽͿøIJʷ̶Ѳ۴ڳѮ˭ѹŰȹս__݀úm ֽ׽q rǯʺr  ֿٻ  +ҽߏŭ ŦͰ  hܲ߻׺ɬ B͗£: ]۴ȵ  mӮ۷  iݳc  Mګϝ  9ݹ޽  gϚЏ|ɤ   M˓])ݾ 5і  "߀ϱ fֵ&  &  )ͦG &ϲ   E<  ճc   Z9  $͖N . R  ݀⾚w  ^زJ 4h|ٱg   ๯) @Z I۶H S kǭ.( ڛ9   * +  5  N Ű j8 ,Y  Ǜ/b  S°lՓ 8hˮ+:`n֧[X  z mg    l  쥣ֶߞؾߘµ˵˳óʷƽøIJ̷˶ҳ׵ܳѬͯзijƹҼc%"ażp տ޺ؿl nȰɹr ϼվ  1ϽŰ Ƨ߂˭ eٶ׽Ĭ A͛ħ6 ^ڲʶ mϨڷ jٰ]  Qڮ۶ˠ $:ܹ  "iΞђɥ Rʗ_)ށ۾ 8͙ %ί fԱ& .  ,̥K *γ   IA  Ҷf  ];  +ڀ͚T 5 ĪR  ῜z   ]ֲM 1h xױi  ݺ) 8]  HַK  U  mDz5 #*  ܀ݝ@     .   6  H &Ǯn  < 5Z  ʠ<  `   U dҖ  8 bǫ ̾) =e gթ ^ S  mh  h  򥩥ởūƸ÷θϹɶκ»ùƽȷμл׸߹߹ִϳűԻȷɺh"*'^Ǿp vqʶξv ݿ 2DZ! ȫմ nἤ²Ȯ SҢƩ; mܷκ .}խ߽  (v⸖ħp#,_ⱟר"1K⿒ƞ  $2qԣӕΪ  !*ZЙd<«   )>֛7϶  %)nڼ,BĴ    ;ѧU >Ը#    OI   "׻p   cD 2ҟZ < "ĬW Ġ|    eճX=n  y۵m   +޽6 O` BںO a tͱ44, ޤC   .*++  .     V:ƲƑ n  J  $" Af     (ͨ/ ]  !Y±  bݗ  #F  aϳ 3  $Cke׫ c $e    5up    $r    7644577565434 )2 D       k k            9  ?9          D    ܸٺȽܮ;ܽοجͱëͮԶӺ¨̮݀ѽҼᾩ˶ճ˷ķ䴕ɳ_fүnEѿ彡̫+¾Z y³ٹŢƍɭl˾͢˻U  ®/AÓģZ  4ǯژ   ι޲Dz@ H#  cس˰G Sż۳(  Ƴά bǾHoּ ܾ} oj ߱  j VΨa  D  Ʒ䶤  : AѨL   ճ  'ƸD hȶ ʻ<  л  -Ÿ  kk Į  ǵ   ҾǸ) ֻƹU  ռǶݩ  ѷȻɺ3 9Ҵů  AǮΰO̶Ʃه  Q' [ӻ   rߔ2 _ĵ   e7 kù 1U qøzp  k yδ* pp x׳  ds c }xS% t T ţxb^  UuN X rB ףh /mD  [Z~  4T\uH QBʯr  h ?x ޲js ѫP䤡DԼA,ؼ˾yγ5 pУ עⰡdڻ׷ƾڱͿھ׭Ͷ¯ɯӶڀԽͱѻѼܽǰش̴Ķ޶˴imԱxM̿ݿȬ۶4ds¶ԺŦď ǰt̥݀0˼X  1 @ǽå] 4˳ך   λڲŰE  Iʾ*   dùڳDzI NȻ״,  ŴЪ¶ dO jԸڽƈ  kk  ౭ q QͦbC   Ź㶥  ;   AΩM     Թݓ   %ùE   fǹ   ɺ ݡB    λ  -ȷ  iݳl ǯ    ƶ  $ Ѻ+   ʽ߽Z ڿȷ  ηȺ  !˽ȹ)  .ӷ  =DZ˱ !ھ J˹ƪ׎ [- Vҽ    !s9 Zõ   d@   h¹    1[ l¸yr  ݙo t͵/ lxuյ*   cy `  {xR7  !v S%  ĦeYSyL  Wx @  ϡi  2n G ` Z 5؁ U_ oI J;ϯ|   e    A u~pu   ЪV   ڪJֿJ  %} δ9   fͤԦ$  }ݵ_߻߻߶ñìòߴθŲѰ׻¿Ǫѯh¾ò˶ۺͺǺ滘̷txٶT´ϲ 7j !{ɺܽɪȖ ҳy#÷Щ[  Ų<9Ɯƪj *ʶÿ٢$ Ӽ⸧ιRK5   fú߸ϸPQ۹7     ɷұŻ fQ f׿Ǩʎ jq ³渰  {  ZҬj#J( ȼ꺫&C  @ҪY غ!  ,ɼP    i˺    ;J         .ɼ  lƴv   IJ    ɹ   ǻ1   ̿]   ¼ʺ  ҽȽ   ˽)   .۷²    Bʹϴ  #  Iҷʭޒ  [5  P     qD  ]Ǹ   ]I iƼ  (^  oƼr    w  wԹ9     k  p۷1     e|  _' Z9     V+ ˩~i_ P I  ^ } B  اn(  1t  D  d Y  2 Sj nP K 9ϴ (   h    GÝq  x w  ح ^  ܫQĭK 7ȇ Ӹ?   nץܧ-  ߺh#!k " $ $ ' &  )v ) ++---/00 / 2 2 2 2 2 3          Z k  Up  p OU ` J D  k   )  O k 9#   4 # _ƺ߫ҶƱݥȶѼб͜ƻ¸Ȥʬû֩ݿӴÛƹƵϳöȼھ͘ɾ߿ǫϪɰʚ׶ɵҲͽùҵۖİӷ¹Ѽܔ׸ż±ӷľ̻Ͱ´Ĺ̠۬ƴQƼɿۼŸξIõϴ0ڀ ³"ȶռ˵Įǻͺ¼ϸóɵȵ禲̸ʪրǷgٰͳĶɶɸT ة׿νǴL ͟ѳ׼Ź\ΦƲѸխбڹ׺ŷĬ߉ĭϽԽƫ۽֠Ϳо֊ּʭؾ߹ظ\ģ HgX|vH+< Fޒ> ʥ~A QҸ#)   9ٻ_'  )Կc!  #¡1c ?ȫ ͳCX ¬ Y 4~ xȥ8&  ƺ h ^3 7ǵ݀ź۬ѹů٥ǵӼҴ߸¸̠ûÀ˥ǯŻ٭IJɨϵƖ¹˶ôζŸǿ׿͝Ǭ̥ͱʛԾ׹ȵҳ˽¹ն³Ӷ¹ϻٹŽո˻ͱޙú̢õZŻƾ£̻Oĵʹ:׾-ɷ¨սʵƻ6ͻ¥̹ƾأɸĸʶƫǸlձ˵ɷ˸[֬ξƵ] ˟׀̳Ҹųý`̧ŰͷӪ̳ٻ¸ĬоҽǮӀ׻ǾϾ½Իɪ޹¾ֶ^ Fm^ zOx(C ?E ̬KVи ,- <պ\)  &݄о ^!  1c   FǮ   y˶7W  ] 3~  rǤ 4&   ƻa^7;ŵĸ᯶ǰ־Ͷ߫˺պùСȲƿþѭ˶ɿݲŹغǡſŨλĸԺͽưҞ°ʮӲ̸ӣúܻʹظƽؼĺȵپż©߾Ķ۽ƵýշƹȿƲҧǺaþȨ¬PǺɹƲҹ>ƴ߇ĭƸ.νôϺȲԿêſѽۀŸƷީνȻͽѰ˼wݶѸɻͺ̽e߬ހȨIJλdԨѲӽʸĹpѫʷսúӴԷʼȹȯɳéȳè¿ĩ˯忨ۼ_ǩ Co` vS w 'H" HM ҪT XӾ '9  0׿\0 Ĩ [0  ʧ+o  >޵̳ + ~Ӿ :h  !Ķe  :ܝ   wʬ /7   ` a= A˹?========<<==>?==OpJO    J   )p꡸歳쫴ƿѾͷ̽õнuT^̾Ķ 6  Q   ] 5  Y  D  O B R  ]  ?    6  `o  В< /мe  zӿƬ`  nIJէO  JĬΘ@  Yศ¨ϋ@   7TӿǑI  `̳ȃ+ (t7 ?ȢРG   %uӷѼn( 4⽨ĐA  *ҵQ  ֤߉ qR( (V   Eֱh   a2x  sU JJ   t61   8W2  -z r$   21 4   /n O   ܾ.  l   󣸱⟞֕殮箱ݮž°ɷʼĴ̼wS`ƽ$ø9 N ^  4 X  ?  J  A H X  7      D   _ہ  ЙF  ̹i   uѿƧ_   nòѣS%   IıЛF  P۴ѕJ    1SǘZ"   ^εȇ1  &o6  <ţТH   %pϸѺs,   4ȓI  +ؠӸY   ֨  h֩ ֪T+'+a  Fֲj  W5  m[ JT   u=8   <Q3   'w  m/   ,?-   1pW  5i   롺ܦ֚ꫨⱸﲸź÷ôлȺ~_bĻ%ƻ6  R  ]6 Z  ;  I =  F  Q   A $    ^    J    ԠL   տm    |òũf   pɷڬY!    Iɴ֨T    Pܸŭ٣S   -MöΟ^(   f  Ի·4   *p?  8˫֨M    &qսx4   7ªϚN   )֪f    g  [/!0g ;n   X8   q[IT  z9B  AE@    ! mE .C/ -y{f! =i)  `9e8987J4 4 3 2 10/.--,v,,+,..$&p D'*.) 1 04 2 , * )4{ & J$ % # " k  =<==<<<=====<<==<<<=r<6=`<<========<==<=<=<<=<?=<====<<<<====<<<=<=p<4=]<=<==<<<<====<=<<<=<<?=<<<====<==<<=<==<<=~<?=a<<<===<============<<@<> H  -%&щ   ?1̶Gތ   [Fռ-   uj Lŵ7   cHѲB    W]޼Q*Tq̮~ 7Q س   6E ɧ I  2: ϲ˩vW ( #7 ڼ}dR@% uɮ-ɴuS; 3O%ΰ~-  (ղb#  ԫ@2    Q_    !)99  (]zoe^SA5)   6n z QoW-  &: ` 6~G$   ! g ] $ލ€6   WE٣_  nܾp,   Ŝ\   -ކ!  ފ'  ً6ю7  jдӛBԽЪkT´¼пƸ?P   2&#׿Ҋ}   C&/˹R&  \GҾ'    skJ<   "i GҮ?    ([ \ڿQ  0W rʱ|    8Vش܀  # =G ɩ#  I )B³ŽvhV>%    ˱>͹ĆpZ) !   4Gc3ϵ@       52ڵr/  #%دFO   gހ+s        6DX@ ;nwphWK?,#  4:@V   j̿rM  2@H_q "" %QΎbA =7{ l 9ɐO0   OVs4  sńS/  ϭp  # 1( <!ܛK$Ԛ?oչ֥L ´Ҳr^˼ôƼ? O 4&v&&%%` 9&&U# O)k9UJ#%* ,  O#k`vv)#*`J. 2 5799<   ٩ u/ &˷   wͧ  m$ ?;   hʜ"  Z 3p XÒA  2 3۶ .Ṗh G/  %߲ Føt ݭ QŨ¨  ٨ N֮%  ˤ,  :Ƴƽ1  qؿT +Yͬȱʼ% Xֽk ˮζ'   Xγu ݹ̳"  _Ŵk פмr  V߶q ӯگл  UۮB| 챙 TŸ.w ՟ۀ]437 I FO  2\s@{  $  j  6aԄ- ޺ @. { ή (KI    2Э0 9J  Od  LהO    L Nڿs ((AP!   87oڈܽ  Ph  9 "x̨ܼm  w'    C쥎b  D`Sتݚn   *Tֻ6 Tˢדւ>(7Tζ   vѵۨ݇­ >ܸжʺN PǤϸx`Yɨ̴͵ܵаֺ̹׸ǸƝĪôހֶ̭íȫһͯƹͷ̴ȵյĮŴػҳɯıèޥ˵ͳЮε? ݯ y, *Ƕ/ |ϡ  r& <ƻjɟ& U ;oT“C  2  <ٵ/ܹk   N½4$۵  L¹r$۰   Mի Mѿ"Ǩ/ @Ƴļ3t׿P 4\ʭŲļ$Yָf ʱͶ''Uα׀q ٷ˴ ]ȸk  ֤̼q Tٷu  ϯϻ  $Q֯D~ 뱜  %Tģ/u ֣`856  M =R 5[t   ?}    l} 9c֌ ) ĭ ۻ K( z{  ΰ ,EJ  4Ѯ, !4J  _k IԘR      M Oq  'AR)    <5p܉ھ*    Qj  ;*zڼ˥h  tٲ+   ;־餔`Ka X֪ܚk 0SکԻ: YɢՐӃD5>V͸$  $wڀ϶٥±  A۹̷˻HJǥ˹s`Z˩˴̶ϳ˸ոַǹȞªõҴʰɮެϾʲŷϹ͸ƸѶìŷ׼Ӹdzòǫʶʶϭ˸? -߭  y8 Cͻ "~ԫ   p/"P,tС*  ]L{7bʔN   1I!F侟m   _E?幥   XȽz@ߴ  bʰҫ9ܬ  Xų.2Ϭ4 H˹ǿ<+~ƥY  :fαͷ1.k׼p $Ҳн63oϷx  !⾤ѹ8.uʹw ٭ޅv #mܶx شѾ  ,qܱC 񹞨݀Ľ ,lȤ=   ؤf>;7  a  Fc  " 5i|  _  .  ! l XsՍ  '  ¯⿦4M !   '*ҳ&  -MX  ,Pհ8    JX bt/a֝Z   " T 1`ĩ {  +Ѫo4 1 (   $Uŝo#4$&0dg- *k߭⟛}3*FqުվD  -lϪܙܔT>KoѺ)/ֺƴŴ Jһ;L^ͨһĺzdcѮͻѷ׵ѻݿܼ˺ͣȮȶڻϴȵγôϷŮߺʻԼѶʼٺʰʸۿؼεȶʯӸԼյԺ?  {     O          J  `   D U#  Z e      O e   Z58:#   M +  T ' a { l 7 a q M  E ve-/ ~.   & + ~ 5  x" H¿ {, W  y d  b ſٺ  Խ1 {  ~ x  ʤG  0 A eͿ   v xi  J_  F  =2  ~w    |:U d !i͖<o 7$P .  ~}    }7V   e bЖ:s'     2# R          }    ʨ _   $     F  $e    r | [j   X   B:  {   @ ^ g  +i؟C u%    G+[     J0$  'XgY  Y4 p   %ؼ+ Q0  LX [}?wҕ? J       e       ` 9 ? 9  J  k  Z  e  ? 9    D  e         v   !`D!k  Z4 # 4 D J 3 68;?*Ҭ  ͍Zֽ ԹT׻y ѸY ѱl,d ǰ3A ?] r\ 5idxݭFL WȼIe EŽJD , .*  UP>ߠ y޶E(0l|GH񭬬K C!Ƈ yׁt ߵj~m> ۯթF5iyk⺐![* ᠡӉ G~ 9֢;LG8 L翦!I; Zجͥs4(aH wȵW f Y ɔ[ # {G _  .:U}'wz n΅  :F  mŢ\ Lk YʼnI   2IJ   X^%  < $ ݾ E -; c  LW  ^  I0 Ƒ t߁ۇ  q ޾v oJ ۀ񰚟TAs pc' g;⫣Ӑ  V # DৱK  NQ -Në  %U :Tկɬv?+h {P  nʹZ   s T ϛk  -   B i ,@T -{ hӌ(  5P   wͱm,   My  ^ˌO E, J߾d "jV   $/ I|   i3  /O4-  Wq5Gx #ϣH1"k믖ųʠܭ˙ٮʬͩŮ?        U p k   #  Z  )    4 k 4   4   e          ?v  O 4p.   k 9 .9 ߗ X\¸Ї g rɭԔ .`  ܶL -qNTȦJX #k  xbu! Z x \  } ( L  l 6 <  =<  NV ۚa 5ڨU < Gǜbހ6  >  nն{) Ӳ  M MÝ fc  aӳ؜   ˶ɦ y  ·ͫ   dٿ3  0Ӷ̻nUc ؽn   e  5ȧn VЍ Ͼe| ݹ â  eGvէ ؏  xt  jA g [  *?F "- ,3 4  o6" L V޾  Dȱǥ`LFE?1  ; 1y  + 0خɱǛX    Qc514  c\ಟѴЎ?  tٺt< 2ע­̩D 3۬rJ~1(aŚ̷׹= XȢЯߴJ &ԮǨݭHΛطd ހغĪNϰڣ۽ƴ˧жѷĜ?ٚ Z ]̈́ h  qɰ͓ -g  , ڴH/yU^  ƦJ^  q   ݶ!j  u,Wz W! ڀ   %'M u > F   @G J]   b 9ة] !  D  Dǝb۴= ! z@nԷ &t0 дN Q`m  dҵ  !̳Ǧs  ͯ     eĪԽ<    6ϳμrGh 󶟤ؽҀq  ijhݪ  5ɩsTА  ˾eݺ  ! cLxѭ  ֑  qunG  j  _ 0   7ۯF(鿑3$ 4 { 8%  gɃ3"  N U۾ BŵĩaSHF;*    ;  0w 0,ޮƱŗX    Lg11<  h \ݵʹόA  qն|81Ԧ˾ͯN *ٯvHׅ;.eşɵֿL  ]ȤҬݸV   !ڀׯʥخ#AΟҹj ׻ŮQϱ٤޿ɵȫ̴͸ٽ׿?   c_ƽב n,  rβљ @x2  ߻Q 4|Tb   ͫMl %v  (u   x3\   ])    &5 K  z N P#"  DƮSG߸j #  q@஗* f#%  NNͥ bF!* |I& tڽ ! y>ֹ    X Wɦ bފx    kػ     #ϽϬ!!t   þձ  1   hŮĭD   ,վڀzTn  -ðs     Ʒs   <ѰPџ  Ɨ]  Ǧ%kP|ظ   ޛ o~ hI   n e   +   ?L09 - 6 ڃE.   fЍ0.     Q"^#  F̵˭dQBAB/     : O  A n G    J   N  & X > ^ ^ qq r ~V   5   " + < 3 p Hy  "  CP  @ 92    F  @,  @ A   K I  N J   \ R  R.K  L   Mq  <=  (<   Uiײy   f[ Blކ   bޤ*  k1  NC  Ƀ6   eۨ5  ӟ> k. 7I(}V :#      ]f   6 +  -  @  8!  P  6  i B    E   L   W  @ \  Zmu  m wX   x C  (    + 6  8   l  9~   ;\   K >5   >  ?7  I =&  B  E K  F S Q  M .U   M &  F  h 9 >   ' =    V    g  ι  t   ]]   Bp#  (fߪ1   iݩ5  DJ   |dž8  cܫA  اDl9 4R&{V5       ]r# $  H  0  3&  >  4   N <#l E    H    N # R  > ]   Y  l %  n  vf' y R %   $0  * @  -  f  B  % G[ 8 =I  H ;A  8  ?5  F  D  G C   U  T   O  /] M '  Lk < ? -A   Z   e    s  Xl   "Mz/      ,j: t;  LR    ѓF  lܵI  %کJ wB =U"V  4       U       vO .    ! ! ! ! ! ! !9 ! ! ! !  ! # !    #&(*k-` 2 46:q@D " E#rev     Yդ `lx݄ dtքִ֤֔z 0@ۧ'ܐܠܰ 0@P"85 20 6' + * ) !  ''* 7<<<., * 79:r+ )       4 5;8++         ;:99/*  , $  ,:4 / ' """ -9t#5 3   "  #*/3 (:) %" ###<<<3   $&*9+ * * * * % %**/0 <<;;   4   I;::;;51 - @D "  E#sealsign     7 [ '7GW +;K[~.>N^n~ / '  =======                                         #)=>=============<=@D " E#seal      pppp AQFw   $''49>GGH<HLH\HlR)RuRip{ppp ? <#;+::4I:=R:#>S:":3E:4E:3>:3;:7;:'=A:UD;._=, ?<;$1:,>:3E:4E:3>:3;:7;:'=A:UD;._=,  7&(,(%!6ENNF>4,( 3Z]WME?944, 1[Y`]VOG?;?D8,!.VcbdfaYOF@IMH>/ ,U`cmprlbVKFMRMH9'*R[dqzypeZPLMRTOJ=,(PTdryyrg\PMSUSPC:, &Raoy~vj^RPUVQJ@4' $RT_mw|obWRTXQMC9-" "\V]jwznaXWXSNG=4*! !ug\gvse^[[UOJC:3+#  'jjfsxjc_]WRMGA<5.% !fkq}tld^YUPLGC?:2,(  Cfsy}tjd^YUQLJHGC@7*  Nhxzof_[WUSOONF8* Pm{tld^YVTSPRUWSH9*  4Suzph`[WTURRVYZWK7%  @atld_XVUTQSX]_WD/$ !Dozpia[VTTRRW]cbU@-%  7Nttlf`YVUTSX`gkeR<,&# *R{|rkd^XUUSW`jqqeM7+'! ,_xnha[WUTU\gqwsaG3,' 7 !%!69AA92*%! 3LNHA:4.+)$ 1LJOMHA;4057.$.HRSSUPIA95<@;3' ,HPR[]]YQF=9?C@;/*FLS^fe\SJB>?BDA=1# (DGS_dfd^UKA?BDD@5/#'DEQ]djkhbXMCADEA:3( $DGOZdkqof\PFCCE@<4," "NGNXblpomeZOGFFA=7/(! !bWMVblosqj^SLIHC>94-'"  !ZYU`jpssncWPLJEA<73/*% !TZ_horsph_XQLGC>;863/)%! !9U^enrtsog^WPJFB?<<:97/# !BWdjqttrndZSLGDBA?@ACD<0# DZgpttqh^WPJFBA@?BGLI?1#  +DaosstsncZTMGDAC?AGLONB/  6Pjpsutqh^WPJEBAA?CJQVO;( 8]lrtusncZTMGDAC@AHPXZM8& .A`osutqh^WQKFBBAAIR[b]J3$ !Dfrttsne\VPJEBB@ER^gh\E." $OksutrlaXSMGDBABLZgnjX>*"  7 !%!69AA92*%! 3LNHA:4.+)$ 1LJOMHA;4057.$.HRSSUPIA95<@;3' ,HPR[]]YQF=9?C@;/*FLS^fe\SJB>?BDA=1# (DGS_dfd^UKA?BDD@5/#'DEQ]djkhbXMCADEA:3( $DGOZdkqof\PFCCE@<4," "NGNXblpomeZOGFFA=7/(! !bWMVblosqj^SLIHC>94-'"  !ZYU`jpssncWPLJEA<73/*% !TZ_horsph_XQLGC>;863/)%! !9U^enrtsog^WPJFB?<<:97/# !BWdjqttrndZSLGDBA?@ACD<0# DZgpttqh^WPJFBA@?BGLI?1#  +DaosstsncZTMGDAC?AGLONB/  6Pjpsutqh^WPJEBAA?CJQVO;( 8]lrtusncZTMGDAC@AHPXZM8& .A`osutqh^WQKFBBAAIR[b]J3$ !Dfrttsne\VPJEBB@ER^gh\E." $OksutrlaXSMGDBABLZgnjX>*"  ; : 8 |5 2r1  <:9863/ -  .--3/HZdheT;-,- ʶ~yqdXWM&.* ƶtcYV>K( s_[Z= 'ĽytP2!!rüwP@?- ù|7  ZĻ} ɿݻu! Ǿr |ɻt˿Ȼ ɺ… ǹ|´׺ɿޣ굶|  + ( %$"       @=======8q~rjd^XVURXdoz|oV7.#6fzphc^XW]s~bE9>@2"H{~tkea[WZl~dG;=D8## *ixohc^YYf~~hM=%5c~xrmiecerybJ@=Y1<%#Uv{vpkfdgpzdK@>X,;%Dl}wqmiggnzvaJ@>W*7& 7d|~ysnigjqzxaK@>U%. & .[vxroljjmxw_J@>T''&(Om{~ytqmkkowx_JA?Q+'Cbv}zvrponpv}z_J@?N5'3Wo{zwsrpprw}zaJA?J; ( 'Mgwzwtsrqrw}zdI@?I@ (C`qwvutsqrv{zfJ@?GD):Whtvvtuttw{ziL@?GK)0O`nuvuuttw{zkN@?FN%()FTgsuuvvuwzymP@?FP*(!8I^puvwwvwyyoS@>EZ-(+?VlsuwxwxzypW@>FVC(#9LfqvxyxxyxoYA>FVO)1B_nuxzxyzxn[C>EWB),9VjtxzyywmZD=D[/)%1OgtxzzyzvlYC=B`0*)*GcrxzyywmZB;@a=) 'A_owxzzxvm]E;>]8*%;Zktxyyxul\H:=ZJ$) 3RgrwxxvsiZG;5Cdc5+ .Pcklmmh]M>2Gk^)+ (K`ijlleZI:2OlG+,$H]egihcVH90VvB- BXadgf_TE60_F$-?T^`ba[OA3.L@/9OY^a`XL>2../4JVY\ZSH;.(0/EPUYWOD7+%1*?LQTRK?3(#2%8CILJB90$2 0:@C@91) 2 %07:70("2$)+)# 2 !#! 3  3  447-_quutpg\UOJEBB@FUcpsfM2%"!FhsuuslaXTOJEBACSamur\=*%" !-WpuvtogaXQLHDBAP_mxxeC+('!"=dsuurnf[TOJEBBN_lwziJ2)*&!#Nltvtpi`WPLHDBH]kx|tZ<,+)!"4]pvtrmdZSNJEBEZiw~zdC/+.("Fgsttoh_VPLGDCRht~}nR6,/+$#,UortqkbYRNJECLguuV7,02(";epssnf]UPLGDG_t~uZ;-/5,# "Vkqspi`XRNJEEWsu\@/.75#Bbmrqld\TOJGFOj~zfI2-76,"+Siprof]UOKGGPg|~jK3.8+'*F[cca_`_`cjrpS;10<0 ( =Taba`aacjroV:00:4 (6O[``abgnoX;0097)/GT]``addeino\=008<)(@MY_abddejnn^?008@ ( !8CS]`befgimn_B008B# ( .:KZ`cfggimlcC0/7K$ (#2DW^cfhijmmdI1/7F8 ) -=R\bgiijllbL1/7HB )'4MYafjkkmlaM3/7G6)"-EVagjjklk`L4/5L')&?R`fkllj_J4-3P(#)  8P_gjkkj_K3-2P3) 3M]dhkmliaO6,0M.* .HXbhjkkh^M8,0I>)'CTagikjf]L9,.HJ"* ;P_eijidZI8+.IT%* 5N]dfhgbWF5+0KX** -JZadee_UD4(2P[,+ (FX^acb]Q@0)5SS-+#AS\`aa[O>/':YO$,=QY]`_XL;,%@[<$-:OVZ\[VI:,%Hd9-5JSXZZRF7)&Q:.2FOSUTNB4'%@7/-BKRTTL>1&%'/)>HLOMG;-# 0$9CJMKC7+!1 4?EHF?3(2 .8>@>7.%2&0585.&2'-0-' 2 !#! 2 3  3 458-_quutpg\UOJEBB@FUcpsfM2%"!FhsuuslaXTOJEBACSamur\=*%" !-WpuvtogaXQLHDBAP_mxxeC+('!"=dsuurnf[TOJEBBN_lwziJ2)*&!#Nltvtpi`WPLHDBH]kx|tZ<,+)!"4]pvtrmdZSNJEBEZiw~zdC/+.("Fgsttoh_VPLGDCRht~}nR6,/+$#,UortqkbYRNJECLguuV7,02(";epssnf]UPLGDG_t~uZ;-/5,# "Vkqspi`XRNJEEWsu\@/.75#Bbmrqld\TOJGFOj~zfI2-76,"+Siprof]UOKGGPg|~jK3.8+'*F[cca_`_`cjrpS;10<0 ( =Taba`aacjroV:00:4 (6O[``abgnoX;0097)/GT]``addeino\=008<)(@MY_abddejnn^?008@ ( !8CS]`befgimn_B008B# ( .:KZ`cfggimlcC0/7K$ (#2DW^cfhijmmdI1/7F8 ) -=R\bgiijllbL1/7HB )'4MYafjkkmlaM3/7G6)"-EVagjjklk`L4/5L')&?R`fkllj_J4-3P(#)  8P_gjkkj_K3-2P3) 3M]dhkmliaO6,0M.* .HXbhjkkh^M8,0I>)'CTagikjf]L9,.HJ"* ;P_eijidZI8+.IT%* 5N]dfhgbWF5+0KX** -JZadee_UD4(2P[,+ (FX^acb]Q@0)5SS-+#AS\`aa[O>/':YO$,=QY]`_XL;,%@[<$-:OVZ\[VI:,%Hd9-5JSXZZRF7)&Q:.2FOSUTNB4'%@7/-BKRTTL>1&%'/)>HLOMG;-# 0$9CJMKC7+!1 4?EHF?3(2 .8>@>7.%2&0585.&2'-0-' 2 !#! 2 3  3 4581 . |+J*6v) B(O'/' '¾'þ'վ'ջ' ֺ'(ÿ(?( (0½)ÿ*w*+ ¾,, »- .ƻ/ ÷0 3 ͻ4 5 6r:<<W<=2 8 W7+W3+ 0 /r 0| 1=3"3^ 3 7q h, *((''''&&&&&&$$$%'''())) * + ,. 0 055689;<===>;:9863 .- , ,+,-,-.//0 'ȿ䪫 ¸ɾڜźۚ÷ڕ󿲬ޏ۹}‰~Ύ¨ܘݧݖݧזΨ􈉈ߍ̦݌ǣ􆇆⋍Ģ򅄅߈á񄈋߆Ġ߆£󌉈å냂ᅈ¤¡ق숆́Ѐ¨ڂ®ŀςǻɁºȁż၃ž󰬪ށ貭ǂ¿κþݛ. J݁Ź݌ E ¼ Z ü $ q !u&20j 0W 2 º e %!#$&%'()* ++ * )447             v  % % %-0 =7<0;ӻr8}8"7+6oW 3۬ 2ݯ1}1ݼ112222 132 24r33 4ܯ 5r6r8ȸr========<<;:9776532110/////{/e///001112 2 3 57<~< <<%=5050E:4''$$@TG3 HLNMKP\S1'4LXcdb`^]Y0-4D[ellmlhc`\/455Ifonnmlie`,+DO\_hnooponlgb+)*5Qcidgoqoopmid*$@::;\ekoolopopoomid*DNLQ\msqroprqpoonkhd !$>ASctms{zvvsrsrppnmjhd#!!#-;ObjXAk}z|zwuvusrssrplh$XNNLOSVdr|~}|zyxxvtpmi )W]OF4Qkxss{}|{{xwsplh !+2?M[blv{~}||{zvsplh '/6D[m{}}zxtpnjf$,5AN_q}}{wuqlieb(/9DQ_mz~{wspljhfb`%09BMXgt~ztqnkifbb^Z"-6?HUamz~yuromiec`[\V (4BLD1 !+@JQRRONMJ0&+8LTZYZYVROL/+,,=U\[[ZYVSN,$8ALOU[\[\[ZXUP+##,CRWRT\\[Z[[ZXUQ*6102LSY\\X[[ZYXUQ*9AADK[_\][\]\[ZYXVTP 47FSjaZ`ed``_\^\ZZXWVSQ'2CT[I7Zn{xieeda``_][]\[YVSJBB@BEIT`hnnxzyvqkggeecc`b``]ZXT #JPC<,EZkktqkf`agntwxxvtqnkjigedcca`\YVS$*5AMS\dij~~|yupopqwwutsponmkjhffddb`]ZWT '-:N]itwwz~{xyxwvtrpqnmkhgffca^[WTR%+6AQanv|z{{}{xvurspnkiggfa^ZVTQO!&/8DQ^ku{{|{y|{xxuupokiea]ZVUSRNL'/6@JXepx~|y|{vuqoje_[XVTRNNKG $+4;GS_ku|}~{vtpid_\YXUQOLHID *08CMYdox~zuqkea_\YVROKJHEC%+4=HR^ju}~wsmfda_\XURNKHGDE &/8BLXdoz}uoieb_\ZWUQNJFFBD *3<84-< <<<,(5(914!!5E;3<@A@>BLD1 !+@JQRRONMJ0&+8LTZYZYVROL/+,,=U\[[ZYVSN,$8ALOU[\[\[ZXUP+##,CRWRT\\[Z[[ZXUQ*6102LSY\\X[[ZYXUQ*9AADK[_\][\]\[ZYXVTP 47FSjaZ`ed``_\^\ZZXWVSQ'2CT[I7Zn{xieeda``_][]\[YVSJBB@BEIT`hnnxzyvqkggeecc`b``]ZXT #JPC<,EZkktqkf`agntwxxvtqnkjigedcca`\YVS$*5AMS\dij~~|yupopqwwutsponmkjhffddb`]ZWT '-:N]itwwz~{xyxwvtrpqnmkhgffca^[WTR%+6AQanv|z{{}{xvurspnkiggfa^ZVTQO!&/8DQ^ku{{|{y|{xxuupokiea]ZVUSRNL'/6@JXepx~|y|{vuqoje_[XVTRNNKG $+4;GS_ku|}~{vtpid_\YXUQOLHID *08CMYdox~zuqkea_\YVROKJHEC%+4=HR^ju}~wsmfda_\XURNKHGDE &/8BLXdoz}uoieb_\ZWUQNJFFBD *3<84-< : : 87*75% 6;*! 5J5$ 4UE0 3YP>*4[RH5!  4]TI9%4^UK:( 4^WL<' 4_XN=' 4b[O?* 3e]SC/!3c]SF5& 3d]TH;+!!3b\SH>/&# 2_[SG@2)# 2ZUQG@/- 2WPNG>2( 2TPLFB) 2QOJJ2% 2NPI?1 3NKB84GC7#8>6)88+ 8. 8* 9<: : 9 7# 7, 60! 5<, 4F9(3HB3! 4JC;+ 4KD8+@K9 0G: 0 r0.. - -   .  . / / 0  "!1  $&%%2 #'*+3  !%++3# !(.4 %&!!$-5 *)%#(6 %*,'(7'.-+7,718"4<9'::' r0.. - -   .  . / / 0  "!1  $&%%2 #'*+3  !%++3# !(.4 %&!!$-5 *)%#(6 %*,'(7'.-+7,718"4<9'::' @=; : 7 7 0 (! .*,'# *$21/-'%  (#.44630.*'$# %$%(-488641/,*(# .)'&+087651.,))'&%$$&'*)+'(%$"/.-.6>ET^de`\TOLGEA>><;996511)+)873368>EMTX[\[XWUSOLKHFCA?=<77/10><::;=@CFHIJJIHIGGEEDCA@@=?:;574=@C@@ABA@?>==>==>?@?AG;+  :BGGFECA?=;9:88776656678::8CJ<-% "!7@HMMLJIFC@=;997755421//../-18<84.**&,6;;976542/.,,*+*++,/0033220-3.<;CFORRQOMJGDA>>;988521100/..--,,+,+,..2.0(*.E@DBLSUUTRPMKHHECAACDCBA?=<:76320.,+**,//2.!$LKJFIPUXYXVWVXWUTTVSSQPMLIHDC?=:7420,+)(()+,21 FSTQLMQW\]__^__^[YWVSRONKHEC@=<952/-*)'&&'),  @=;: 8  7  0 .!" *'%$" ("((*'%#! &"'+*)(%"!   $ !%+*)(%#!!!" $#)06CLQRNJC?<96200..-,**&'!#",+(')+06><;9630.++*)(&&$"!  ! "%%')*))'%*% 0/58?@@?=;8530..+*))&%$$##"!!"$%(&'!$&7264<:865310//1211//,,*('&$#"  "'&)%>;<7:>CDDCBBCAA@@A??=<:96510-,*(%$"  "#))  9DCA==?EHIJJIJIHECB@?=;97420/,,*'%" !$  @=;: 8  7  0 .!" *'%$" ("((*'%#! &"'+*)(%"!   $ !%+*)(%#!!!" $#)06CLQRNJC?<96200..-,**&'!#",+(')+06><;9630.++*)(&&$"!  ! "%%')*))'%*% 0/58?@@?=;8530..+*))&%$$##"!!"$%(&'!$&7264<:865310//1211//,,*('&$#"  "'&)%>;<7:>CDDCBBCAA@@A??=<:96510-,*(%$"  "#))  9DCA==?EHIJJIJIHECB@?=;97420/,,*'%" !$ # WW 9 W9WW9jԗ 8 ݀8 ݘ8|5++5l 6|7q 7Wݼ 8 j  6<;;::98886654 4 4344 45{677" $)5?LWep|znkje^ZVTRQNHC:1"%,7CQ\goz}ojid\VRPNKFA:3*"((/5@N[gr||rjge\TOMJD=8-")+-2;FR^lzzqhheYMIGC?8,! (+-09ER_juzqhfaSHEB=73, '*,.4?LXdpz~vmea]QE?=;7.'%(+.09FS^it}|vma[YQE:82.( &'+/3?KWbkuzx}|xph^TUPF3/.$&  ""'+2;EPZdnqkwzwvrmeYOPQF0/&$$-8@IS\cd`o~zurpmf^SLKOD.*#%28AIRXZYcrwvuqnke_YOGHL?+%,2:CKQSRYekmmkifaYPGCGB5&  %-4=DJLLPY`dfgfaYPIFD>7( )/7>CFFHPX\]^[\VPE>61'! #,38BEFHKOMGA5(" ! "+059;>??@BAB>3  " "#(-/159:<<61-& !"#'09EQ_lxwncXWRH>;964-$ "#&-8ER\hs{}undXUOB:751-*% !#$)4@KWbnw|{sk`VPLA8320-%  "$&-;FR\gquw{zwqj_SJHB8/,(%! !%)3?JU^inmw{usrme[OEEB8(%&")0:CMWbfam~|vpmlhaXK?AA9'&$-5>GPWXVdtwupkhfb[QF>>@8%!  (.6>GMONYhmlkgda[SLC:8=2"  "(08@EHGO[bdcb_\VND;8:6+%*2:?ABFOWZ]^\WOE>:82*    &-38;<61-& !"#'09EQ_lxwncXWRH>;964-$ "#&-8ER\hs{}undXUOB:751-*% !#$)4@KWbnw|{sk`VPLA8320-%  "$&-;FR\gquw{zwqj_SJHB8/,(%! !%)3?JU^inmw{usrme[OEEB8(%&")0:CMWbfam~|vpmlhaXK?AA9'&$-5>GPWXVdtwupkhfb[QF>>@8%!  (.6>GMONYhmlkgda[SLC:8=2"  "(08@EHGO[bdcb_\VND;8:6+%*2:?ABFOWZ]^\WOE>:82*    &-38;;752.,(%#"#$%'-*4$!  2NcbYV\``baa``_^\ZYXVVSROMKIFEC@>971/)%#"!!$&)-'4!$3Oac]_b`aa_`__\ZZYWVTRPNKJHFEB@:5.(%#" !! $#')'.' 1O__]aZ`^a]__^[ZXVUSQPMLKIHFC>61/.,+)('&%#" !!'(/ 1KXS]U]\_^^__][ZXVTSPPNNMKHDB=<763300.-+*(&# #$- -FIVTV\\_]_`__]\\YXUUSQNKIEB?<9663210/.-+)'$"$&%5BIVOY[]_]__`^]]ZVOKHED@><:86543210..,+)(%# +& )7AQTQY[^_^_^^_ZUOKFDBA>=;988766543210.-,*'%!(-# ")CFRVVX[]__]YTOLIGEDAA>=;;9::9976655421//.,)%$"&+"'  0GNUZ]^]\YVRONIHHFFCD@A>><==<;:9987554432//-,(%')&,&6@OZ]\\[\ZVTPMLKLIJGGEDCBABBA??>>=::997554432.+'**'1! .GQVX[]^][[XVSRQPNNMLLJKIJIJHEEB@@?>;;:850,(+)'+/9GMRWZ]]^]\[YWUVUTTRSRRQPMMHEBCBCBB@=60*)-)"$6:FITX[\]^]\[YXYXYXXYXVTUTUQQMLLMKF<4*)%6$ #)4:HMTTZ\^_]]\]]^\]\]\]_`aa`_a\\]YXXZ[\\WQF?5-)5!"  +1 %*039AFNOV\abcgjpquxz}~~}~}}xtoe\NB !"'+07@HKQV\_`diopy{􅄃zukaTG $.289@GJPXYZ_cjox{|ul_Q  !047;BGJOSUW\blswyx|{~~{ti[ 8JHGJMNQXfkpoqsswvy{}{~|~|~|~}}|~|~~|vn` -CH>@BGJL\`edghjmmptwuwvwvwvxvwwvwvwxytnb 5?76:@EHSW[[]_`dcgknnonooppqrstusrokd"--,06IVZ[[\]]^^`abbcbcegfeffghhjijjii !',37@INQSWWXWZ]__^^_bddbcdcdcdc #(-7CHJKPRRQTVYYZ\]^]^]]^]^]^]^ #)-0349?GJKMPQRUUWVW W  &-38;?CEKNNONONONONON #(-8>@AACBDCDD #)+--.132455778  $#'')0 6 89 :);GJD?>DGKLKKJIIEDBB??<;96521.-+)'$" $"'(?MOF@BHKKJHEDBB??<<975310/-*(&$"!%#,)@QOGDHKKMKLJJHHEDCB@@=<:864210-,('%!!$ +*@NPJKMKLKKIJIHFCCBA?><;965432/-)& ! &  (AMMJLGKJKHIHHGECBA?><;9865430,%#! & (=GAJBHHIIHIIGEDBA?><;:98641.+)'%$"" $ %8:CBCHHJHIIHFCB@A><9652/-*''%$#"! *5:D=EFHIHJJIHHEA:7521.-+)(&%$##!" !!  ,3@B?FGJJKJEA:7310.-+*)(''%%$#"" % 57ACCGIILJHD@;86421..++))''(''&&%%$$#"!!$  &8=DHJIIGEB>;965523/1-/,,++)(('&%$$#"!!$ +3@GIJHIHFB@<998:6856332110.--,))((&%%$$#"  ! ( $9AEGHIKIIGEC@?>><<;;:99885410//-+**)&# "!#%.8>BFJKJKIIGECBBA@A@A@A@A??>;<;<8774221.($ # */8;CGKKLIIGEEFFGFGFGFGGECDCD?@?@=;<;<<60( + !*/;?EEJLLMJKILJMJLJKKLOOQPPQMLLMHGHHJKMMID:4+$ * "(17<@FIMNNPOQNPOPQQRTVWVUWXWWXZXWWZ\``\UPG;,%"" $)24<@FKMPQSTSVUVUWVWXYZZYYZZ\^__abfhjjid^VI;2'# %..8:CGLNQUVXXZ[Z]\^]_`bcb``__`abegijjif`VK?3* ")+35>BIJOSVXY[_`baddghkmnonmnjigfeefhjkmllf`WL?4#(+07@FMNPTX_enputxyy|{}{}{}{}|}|{|{{zyvrkbUF '*-08<>DHJKQWahlnnqqttvwxxyxywxvqj^Q-;;=ABELZ_ddfhhlloqsqtrtrtrtstsstsutsldV %69246;>@PTZX[\^aaejlkllmllmlmnojdW +2+*/59;FJNNQRSWW[`ccdeffhijjhgd`X$""&+/7AKPORQSSTTVYZZ[[\^`bdefgfdc_\$(1;FJKKMNNPORSTTUTVWYYZ[]]_^__^^"'+09?ABFFGGJMPOOPTVVTUVUVU #*389;>AA@CFIJIKLNONONNOO "$&'+17::=>>=?=?=?=?=?= "+01211323233 !""#$&%&'')(*- 0 6 89 :);GJD?>DGKLKKJIIEDBB??<;96521.-+)'$" $"'(?MOF@BHKKJHEDBB??<<975310/-*(&$"!%#,)@QOGDHKKMKLJJHHEDCB@@=<:864210-,('%!!$ +*@NPJKMKLKKIJIHFCCBA?><;965432/-)& ! &  (AMMJLGKJKHIHHGECBA?><;9865430,%#! & (=GAJBHHIIHIIGEDBA?><;:98641.+)'%$"" $ %8:CBCHHJHIIHFCB@A><9652/-*''%$#"! *5:D=EFHIHJJIHHEA:7521.-+)(&%$##!" !!  ,3@B?FGJJKJEA:7310.-+*)(''%%$#"" % 57ACCGIILJHD@;86421..++))''(''&&%%$$#"!!$  &8=DHJIIGEB>;965523/1-/,,++)(('&%$$#"!!$ +3@GIJHIHFB@<998:6856332110.--,))((&%%$$#"  ! ( $9AEGHIKIIGEC@?>><<;;:99885410//-+**)&# "!#%.8>BFJKJKIIGECBBA@A@A@A@A??>;<;<8774221.($ # */8;CGKKLIIGEEFFGFGFGFGGECDCD?@?@=;<;<<60( + !*/;?EEJLLMJKILJMJLJKKLOOQPPQMLLMHGHHJKMMID:4+$ * "(17<@FIMNNPOQNPOPQQRTVWVUWXWWXZXWWZ\``\UPG;,%"" $)24<@FKMPQSTSVUVUWVWXYZZYYZZ\^__abfhjjid^VI;2'# %..8:CGLNQUVXXZ[Z]\^]_`bcb``__`abegijjif`VK?3* ")+35>BIJOSVXY[_`baddghkmnonmnjigfeefhjkmllf`WL?4#(+07@FMNPTX_enputxyy|{}{}{}{}|}|{|{{zyvrkbUF '*-08<>DHJKQWahlnnqqttvwxxyxywxvqj^Q-;;=ABELZ_ddfhhlloqsqtrtrtrtstsstsutsldV %69246;>@PTZX[\^aaejlkllmllmlmnojdW +2+*/59;FJNNQRSWW[`ccdeffhijjhgd`X$""&+/7AKPORQSSTTVYZZ[[\^`bdefgfdc_\$(1;FJKKMNNPORSTTUTVWYYZ[]]_^__^^"'+09?ABFFGGJMPOOPTVVTUVUVU #*389;>AA@CFIJIKLNONONNOO "$&'+17::=>>=?=?=?=?=?= "+01211323233 !""#$&%&'')(*- 0 6 89 :;'! :)% 9.+)%96.0*9:12,&9<332-9D944B8L>;-;:7SB9:$;7VF8A%3#6XN;69< 6a\QJ>5,4gfb^VNB6-!/dcdca^WOA7.$ -]^^_]YOG?3( -WXYY[ZYUOF<.# ,OPRSTVVTOG?3) +EGHLLOPQPMHB8/  +:=>ACFHJJGC=6(  *,02695+!-GHIJLLMLID;3' ,?@BDDFFGGB<5*"+568;;5-& +*-.03589::850*  *!#%'*,/135531,%*#%)*.0110,(! )!$&)+-..+'! )!$&')++)$! )"$'((&  )  %((&! - !%$ .  /  0 0  2 55 ;  : !9# 9,&'#90(($92*)(%9:.*+6 8B41$117H9/117K;.6)6MB2-/16UPF@4,%4\[WSKC8-& /VWURKD7.& -OPQRRPMD>5+!-GHIJLLMLID;3' ,?@BDDFFGGB<5*"+568;;5-& +*-.03589::850*  *!#%'*,/135531,%*#%)*.0110,(! )!$&)+-..+'! )!$&')++)$! )"$'((&  )  %((&! - !%$ .  /  0 0  2 55@D " E#text     Fq q % rVrfrvrrrrrrrrssvQy,zWzgzwzzzz|$AQaq<, +++ +* <<<            <<=<@   P<<;;=/:(95443,+*(<<<<<<<<<<<89:2//0......-./78:9:8   E'' ' & & &           &1 <=z@D " E#band       ,(8HXhxHXhx9IYiyƉM-peu ^[Z7^\ZZ7^]ZY[:]XX[:]XWY:\XWX;YY; [< <=^;^9^6 ^" 7 7: : : ; ; < <;96 " 7 7: : : ; ; < <;96 " 2 0001 3 5 689:;<>=765 2/, @8ZYZ[]^3]\ZYXXZ]]^0]\^][ZYXXWX[]^^-[__`^\ZYXYYXX[]^^*[^_cdeb_[YXYZYXXZ\^^)Z]`eiid`\ZYYZ[YYXY[\^^'Z[`fiiea]ZYZ[ZZXWXZ\]^^%[Z_dimnlhb^ZZ[[ZXWWXZ\]^^$[^diosqkd_[Z[\ZYWWY[\]^^"\]biosrpjd_\[\ZYXWWXY[\]^^!]`horvtnf`^]][YXWWXY[\]]^! `fmsvuqib_^][ZYXWWXY[[\\]^^ dkruvsmgc`^\[YYXWWXXYZ[\\]]^^ $iptwvrlgb`^\[ZYXXYY[\]^^ +msxxuqjea^][[ZYYZZYZ[\]]^^jrwwxtmgc`^\[ZZYZ[\[ZYYZ[\]]^ (puvxvrkea^][Z[ZZ[\\ZYZZ[\]^!7rvxxungc`^\[[ZZ\]^\ZYYZ[[]^ !otwyvrkeb_][ZZ[]__\YYZ\^^ eqvxyungca^\[[ZZ\^ab_[YYZ]^^ \iswxvrlfc`^\[[Z[^bdd_ZYXXY\^^ mvxyupida_\[[Z[]aege^ZXXZ]^ @8 4 1  -  *!##  )%,*# '(+,+% %&,120*! $$-4:7.$ "!+6:95-# !*5:?;3( ! %2;?>7,"  ".9>?:1)#  )6=@>91)"  $0;AA>8.%  +9@AA<2)# !!6=?A?9.&  ".8=BA=3*# !1;@B@9.& !!5=BA=3*$!! (:@A@90(#"&# "/=BA>7-%  '*$  @8 4 1  -  *!##  )%,*# '(+,+% %&,120*! $$-4:7.$ "!+6:95-# !*5:?;3( ! %2;?>7,"  ".9>?:1)#  )6=@>91)"  $0;AA>8.%  +9@AA<2)# !!6=?A?9.&  ".8=BA=3*# !1;@B@9.& !!5=BA=3*$!! (:@A@90(#"&# "/=BA>7-%  '*$  4/,*'$#! !" $%$$##"#"# ^1^/^.^-^.^-^-^,^-^.^.^/^0 ^1 ^1 ^1 ^1 ^1 ^2 ^1 ^1 ^1 ^1 ^2 ^2 ^1 ^2 ^2 ^2 ^2 ^3 ^3 ^3 ^3 ^3 ^3 ^4 ^4 ^4 ^4 ^4 ^4 ^4 ^4 ^4 ^4 ^4 ^4 ^4 ^4 ^5 ^5 ^5 ^5 ^5 ^5 ^5 ^5^6^6^6^6^6^/ 1/.-.--,-../0 1 1 1 1 1 2 1 1 1 1 2 2 1 2 2 2 2 3 3 3 3 3 3 4 4 4 4 4 4 4 4 4 4 4 4 4 4 5 5 5 5 5 5 5 566666/ 1/.-.--,-../0 1 1 1 1 1 2 1 1 1 1 2 2 1 2 2 2 2 3 3 3 3 3 3 4 4 4 4 4 4 4 4 4 4 4 4 4 4 5 5 5 5 5 5 5 566666/(''&''((***+*++,++,+,,,-,,,------.......///////000000000 1 1 1 1 1 1 1 -&rwyxtmfb`^\[[Z\`diic\XXY[^"kuxyvpieb`^\[Z[_chkh_YXWXZ]^!qwyxtnida_][[Z_chmkbZWWX]^^! gtxyvsmfb`^\[[^bhmld[XWWX[^^!mwywuoida_][[\bgmni_YWWZ]^"dsywwrlfb_^\[\bgmplcZXWWY\^^!jwwtoic`_\[[_flpog]XWWX\^^"`ruwvqkeb_^\[]flqqj_XWWZ^^#Zjrwwsmhc`_\[\clqqj_YWWXX]^^"Zaotwuojea_^\\`lrqkaZWWXXY]^"\[hqwvqlfb`^\\^hprnd[WVXX[]#Z`otvtngc`^\]_gpspf\XWXYWY\#]Ziqutnhca_^]^eospf\WVWZWX[^"^Zbnttojfb`^]_dnsof\XWW[WV[^$[hqtqkgca_^^blsof^XWW[WVZ^^#Yantrnhda_^_bksrk`YWW\WV[^^#[issnhdb`_^bjsqj_YWW\WW[^^$Yepsnifca__biqrj`YWW\WW\^^$_mrojfdb`_`fppi_XWW\XW\^^$[hpolieca`aempi`YWW\WW]^^%Ycnpmifdbaadjog^XWW[XX]^^%Y`lonjgdbabejnh^YWW[YX]^^%]hnnjfecbbdinh^XWVZYY]^^%Zckmjgfdccdhlh^XWWZYZ^^%X_hmkhfeddehki^XWWYY\^^&X\dkkigfeefhkj_XWWXY\^^&YZaikiggfefhkj`XWWXX\^^&[X^eiihgfefhjj`XWWXX\^^'X[aghhgghjjbYWWXY[^^'XZ^dhhghjjbYWWXYY^^'X[aghhghjicZWWXZY]^^'XY^ehhidZWVW\Y]^^(X[cghiihijie[WVX[X\^^(YWY`fhiid\WWX[Z]^^(ZXX^dhijiijid]WVW[Y[^^([XW[bgijiihc\WVW]W\^^)YWZagijjijhc\WVW^Z]^^)YXX_fijiihc\WVW^[^^)ZXX^ehijjihc]XVV]Z^^)ZXW\cgiigc]XVV\Z^^)ZXWZafhiihfb\XWV[\]^^*ZXY_eghhea\XVV\_\^^*[YW^dggfd_[WVW]a[^^*\ZW]beec_ZWVW^bZ^^*][W[addedb^YVVW__Z^^+\WZ_bcca]YWVXb^Z^^+]XY^bbcc`\XVVZbZ\^^+^XX]`aba_[XVV[fZ\^^+^YW\_`a`^[WVV^YY]^^+^ZW[^^__]YWVVYY[^^+^ZWY\^_^\YWVVW[]^^+^[WX[\]\ZXWVWY]^^*\WXZ[\[YWVWY]^^+\WWYZ[ZYWVWZ^^+]XVWXYXWVVX[^^+]YWWVWY[^^+]ZWWVWXZ\^^+^[YWWVVWXY[\^^+^\[YXXY[\]^^+^]\ZZYYZ[\]]^^+^]]\[[\]^)^]\] ^ )^] ^*^( 8ABA<2("&-, " ,=BB@7-&"%-0) !6ACA<3-% $-40" &@A<5,$+3:7(  "8=A>8/'!*4<;. # *9?@;3*#%4;;/ #3<@=6-&! 3=<0  ")7>>91)"-<>5$  #2;?<3*#+;?9(  # ,7=<4+%!(9?9( "2;=5.'"'8?8( $*7<70*$ #4?9* #2;93+$ #1@>2  $,9:3*%""/?=0  % $694-(# ".==0  $185/)%"):;.  $*761,'#  &5;.  % "462-(%" !&08, %053/*%" "(07- %*33.)'$#"&.6- %#/2/+(%##&-4. & +1/,)'&%',30 &%//-*)'').30 &,.-+*)()-30  & &,,+*)((,10  ' ),+*+**-11" '%+,++**-00$ ' )++,,-00$ '&+,--,-//' ( #),-.-.0/(  ((+..-.//' ( %+-//0.&  ("*././/.% ))-/0//-$ )(.//-% ) &,./0/-& ) #*-./.,%  ) )-./-*# *'+--)" * %)+,+' *#'())%  *!%'('#  +#%&&" +!#%%   +!#" $+  !! +  + + ,  +  +  + + ++ ++++, 8ABA<2("&-, " ,=BB@7-&"%-0) !6ACA<3-% $-40" &@A<5,$+3:7(  "8=A>8/'!*4<;. # *9?@;3*#%4;;/ #3<@=6-&! 3=<0  ")7>>91)"-<>5$  #2;?<3*#+;?9(  # ,7=<4+%!(9?9( "2;=5.'"'8?8( $*7<70*$ #4?9* #2;93+$ #1@>2  $,9:3*%""/?=0  % $694-(# ".==0  $185/)%"):;.  $*761,'#  &5;.  % "462-(%" !&08, %053/*%" "(07- %*33.)'$#"&.6- %#/2/+(%##&-4. & +1/,)'&%',30 &%//-*)'').30 &,.-+*)()-30  & &,,+*)((,10  ' ),+*+**-11" '%+,++**-00$ ' )++,,-00$ '&+,--,-//' ( #),-.-.0/(  ((+..-.//' ( %+-//0.&  ("*././/.% ))-/0//-$ )(.//-% ) &,./0/-& ) #*-./.,%  ) )-./-*# *'+--)" * %)+,+' *#'())%  *!%'('#  +#%&&" +!#%%   +!#" $+  !! +  + + ,  +  +  + + ++ ++++,"!"!"!            !!! !!!!"""#####$$$$$$$%%%%%&&&&&&''''''(?^=^<^<^;^\9^][8^[Y7^ZX6\[ZZ[\ZX5[XXWZ[Y4ZWZZYZ][3XZ\__^]\1[Z]`bbcba_^]0YXY`ccba`^/Z[]^accddca_,YY[_a_`cdccdca`+YXX]_accbccdcdca`*[Z[]beddccddccba`']^dcbehgffeddcba_!\ZZ\^_]\`gophghgfefeddcba]\\[[\\_bdffkprqnkiihhgffedcba &,,' beiigdcceimpqrqpoljjiihggfedcba 8JTYYU]^_``binsqqpmkjklopponnllkjihggfedcb` ,MZ[[Z[]`dhiiloquwustutrpqpoonmllkjjihggfedcba` ,R\[[^bgknnoprsswyyvusrqpnnllkjihggfedcba__ ^^]\\[[\^aejnoppopty~{wurqoommjjhhfedcaa``_^ ^\[]_chloqqpps{~yvtrpomljihfdcba``__^\ ^]\[[\^aejnqturqyyutrpolkjhedcbb`__^]]\ ^]\[[\]_cglqtvwuxzvtrpmkiheddcba`_^^]\[ -\^^]]\\[[\^aejnsvyx{~wtroljheeddcba`^^]\[[ -\^^]]\[[\]_cglquxzzytrokhfeddcba`_^]\\[[ 'V^^]\[[\^aejotxzz~}urpkgeedbba``_^]\\Z[ K^^]\[]_chmrvyz|~vqolfddbaa``_^^][[ZZ 9^^]\[\^aejptwy{wqokfdcaa`__^^]\ZYY ^ W^^]\[]_chlqtwy}{snjecca__^^]]\[ZYY^9]^^]]\[[\^aeinqtx||tnkebba_^]]\[[ZZY?=<<;:976 5 4  3 1  0   /   ! , !! +   *  '  ##!! ! )-%##!  #,0/,($$#"!! !!"(,//..,)%$$#!  $--,+)&%&',--,*('&%$"!!  "'*/421243/-/.--*)((&%$"!!  &)')),./599;;74310-,+))'%#"!   &+,,)*19AGNMF>:730--**&&#!  ").10-*/ITZXUOE;751,(# "+38=?>GQWZYUL?851*%  '/7?BKTXYUQG;41,"  (07:730--**&&#!  ").10-*/ITZXUOE;751,(# "+38=?>GQWZYUL?851*%  '/7?BKTXYUQG;41,"  (079^M^^]\]]\[[\_bginruz~~}wplgba`_^]\\[[ZYO^^]\]\[[\]_bfjnsy}~zzwplhb``_]\\[[ZZYZJ]^^]]\\[]_cglrwz}{yxuplhc``_]\[[ZZ[\M]^^]\\[\^afkotw{}~zvusokgc``_][[ZZYYZ[\]Y^^]\\[\^`dhmqsw{|xsrqnjgc`_^\[ZZYZ]^H^^]\\[]_bfjmosxzvqpomieb_^]\ZZYZZ[]^/\^]\\[\^`dgijovwtolljheb^]]\ZZ[]^^T^^\\[\^adffjstqliihfc`^\\[ZZ[Z\]^^B^^]]\[[\]_bcaenomjgfedb_][[\ZZ[Z[\]^^)[^]]\[[\]__^bhjigedcb`^\[[Z[\]]^^ O^]]^]]\[[\]_cfeecba_^\[Z[[ZZ[\]]^^5\^]][Z[\[\_abbaa`^\[ZZ[\]]^^U^^]^\[ZZ[\^_``^\[ZZ[Z]]^^A]^^]^\[ZZ[\]]^]]\[ZYY[\^^#[^^][ZYYZ[\[ZYY[Y]^^Q^^][ZZYYZYZ[\^^D^^][YXXYXYYZ[[\[Z\]^^<^^]\ZYXXYZ[[]\\^^;]^^]WXWWXWXXY[ZZ[\]]^^ <]^^\YXWWYZ[\]]\\]]^!8]^ ^\[[\[\^^"/]^^#'X^^%K^^&^9\^^&^ N^^( ,R^^* ,N^^, ^^.^ ^1 ^1 ^2 ^3 ^4^6^7^9^9^;^ "&.5;AGMOLIIG?3-$    (08?EIMLHDC>4-&   ",5;92,$  &-48>DEA:861*$  ").18@C>754/)"  $(*2<>;3/.,'!  "")7:6.*)($  "030+&$#    (+)&#!   $##                !"  #$%'&&+-./ 1 1 2 3 46799; "&.5;AGMOLIIG?3-$    (08?EIMLHDC>4-&   ",5;92,$  &-48>DEA:861*$  ").18@C>754/)"  $(*2<>;3/.,'!  "")7:6.*)($  "030+&$#    (+)&#!   $##                !"  #$%'&&+-./ 1 1 2 3 46799;'-..-,,,+***))(('&%$#  !!"%' ()*,-/0 1 2 3 4689:;<<<`Z[\]^^6[\]^^7]^^7^8^9^9^:^;^<^=^ ~677899:;<= ~677899:;<= ~ 4 4 4 566799:;;<= ~>X=\>=>=:;<=>VW[][YYZ\^__^]\[[ZZYYXXWWVVUVWXZX]^^XVY^_[YZ\^__^_^^]\[[ZZYYXXWWVVUVWVWVVWWXYZ]^^XVY`_\[]^^__^]\\[[ZYXXWWVVUVWXWXZ\^^YVY_`]^_^__^]\\[ZYYXWWVUVWXWZ[^^VY^^]_\^^_]^^\[ZYXWVUUVWXW\^^VX[Z]Z]]^^]\\[[ZZYYXXWVVU UVW[]^^VWX[Z[]]^]^^]\[ZZYXXWVV UVWXYZ[]]^^VWW[Y\\]^]^^]\[YXWVV UTUTUUVWVY[]]^VWZZY\\^^\ZYXWVVUVWXZ]]^^XWZ[[\]^^]\ZYXWWVVUVWXY\]^^XY[\]^]]\[YYXWWVUVUUVWWXWY]^^ Y\]]\]\[ZYXXWXWW V UVWWXWY]^[[\]^]\\[[ZZYYXXWXWXWWVUVWWXW\^5[\]]^]]\\[Z[ZZYXWVWVWVVWXYZ^ FZ\\]]^]]\\[\[\[[\[[Z[Z[YYXYXWVVWX\^  +XYZZ\]^^]]^]]^_^_]]\[[\][ZXWWYZ FWXYZ[]^^_^_^__`aa``aa`acdca^]ZXWWX TWWYZ\]^^_`_``a`aabbabbcdefghhgeb_[XWW 9VWWYZ\\^_`aabacbccddeedcdefghhgfc_[XWV  EWVXY[[]^_``acddfghijjkjjiggfghiihfc_[XW LWWXYY[]__abefhijlmopqqrqrqrppnnmmlmlligd`]YW !"MWWXYZ[]^^`bdejknpprrsttsrqponmjgc_[X $NWWXYZ\\^_bdikmmnppqqrqrqrqrrqponkgc^Z  YWWXXYZ[[]_cfijikkmmnoopopoonomkgb]]ZWXXYZ\`cedeffhhjklkmkmkmlmllmlmmkhd^]ZWWXVWWXXY]^``aabddegihihihihihiihihiijgd_]\XVWVVWXZ[\]]^^`_acddedeefghgfec`]ZXWVVWY\^]^^_abcdeeffedca\[YWWVVX[\\]^_`aa`aab][ZXWWVVWXYZZ[[\]^^_``_`_`_`_^]\ZYXWWVWWXXYZZYZ[\\]^]^]]^]^]^]^]\\ZYYXWWVVWXXYYZ[[^]]\\[[ZYXWVVWXY Y^]]\]\\[ZZYWWVVWVVWVWW^][XWW V^][[ZYXWV^]\[ZYY* ^]\[ZZ3^\[[ZY4^]\[Z<]\     !    !                                         "#"!"#""#$""$%(('#    ! "!"!#"##$$#$$%&&'')),-//-)$   !"#$%$&%'&((**)((''()+-.//.+&    !"$'')(++-.02332/.-,,+,-//10/+&   #&*+/1368:<>=>=>=>=;:87656551,)!  !$)*348;>=<;973.&    %)1377:;;>=?=?=?=?>?>=>==<;84.'  ',01244778::;:9:84-$"%))+,-/024647575757676676775/(  "!##%''*.0/001002.)   #'))*)*+-.-,)'!  "#"##$#%'(**+,,*)&#  !""#$$&%&&%%                  "+45 =     !    !                                         "#"!"#""#$""$%(('#    ! "!"!#"##$$#$$%&&'')),-//-)$   !"#$%$&%'&((**)((''()+-.//.+&    !"$'')(++-.02332/.-,,+,-//10/+&   #&*+/1368:<>=>=>=>=;:87656551,)!  !$)*348;>=<;973.&    %)1377:;;>=?=?=?=?>?>=>==<;84.'  ',01244778::;:9:84-$"%))+,-/024647575757676676775/(  "!##%''*.0/001002.)   #'))*)*+-.-,)'!  "#"##$#%'(**+,,*)&#  !""#$$&%&&%%                  "+45 = l==;;:88/4. 2 2 1 0  /  . .--,,,!**)((!%&&&% 8<@^=^=^<^:^9^8^7^7 ^5 ^4 ^4[]^^3YZ\]^^2WXY[^^2WY\^^1WXZ^^0WVVY^^0WVVW^ ^/WVVWX\^ ^.YWVWWX]^ ^-ZWVWXWZ^ ^-[XVWXVW\^ ^,\YWVW\W]^ ^,_]ZXWWYY]^ ^+a_^[YWWYZ\]]^^+`_`__^[YWWXY[\]^^*]^^]\YXWWXZ\]^^*[\[YWWVXZ\]^^)YZ[ZYXWVWXZ]]^^'WXYXWVVWY[]^^'VWXWVWZ[]^^&VWVWYZ]^^&XW VXY]]^^%YXXWWV VWY\]^^%YXXWWVWY\\^^%YZYXWVVWXY[\]^^%\][YWWVVWXY[\]^^&^][YXWVVWWXYY[\]^^-\ZXWWXYZ[]]^^/[YXWXXYZ]]^^1YXYZ\]]^1[ZY[\\]]^^2[\\]]^^4 ^4 ^6^9^:^'==<:9877 5 4 4 3 2210 0  /   .   -   -  ,   ,  +#  + ! * * ) ' '  &  &  % % %%&-/1 1 2 4 4 69:'==<:9877 5 4 4 3 2210 0  /   .   -   -  ,   ,  +#  + ! * * ) ' '  &  &  % % %%&-/1 1 2 4 4 69:'==<:988766 4 4 3 2 110/.-,,++*)(('&%%$$$##""""""$(+-./02 5 68::@D " E#Paper     y P\ht 9IO(.222A@o$ɆI<[~8Lְ 0@ G= 3.-)*&## #  $&%$#"   !"" G= 3.-)*&## #  $&%$#"!!"#" G= 3.-)*&## #  $&%$#"! !!""\Wgd6.𨚒adoQ%f̿$ !T T4ԡi6xY/)گG!ީD w#ľx% G$ 5(!u)C%'$A#e" 8!nQٮVP< ; 5 Nd."%5    ෇bR% МgUV7& սd_Q?/)$  Ǵmi]I81+! ʵvrfZWSI>1# ɺqXF?9.& ؽyoc[[VG0* ; 5 Nd."%5    ෇bR% МgUV7& սd_Q?/)$  Ǵmi]I81+! ʵvrfZWSI>1# ɺqXF?9.& ؽyoc[[VG0* ; 5 ;M$)골kNA ڷ~SDF/! tSPE7*$   役x]ZQ?2+& ⽾|gcZOLI@7+ ݼ{dM>72)  ⺻xkcWPPLJ?*$ <s:~# 6ƜsS2 1ؾV7.i7* ь8  !ýnS6.)%  ƿs[? ϶sV4թzX5ɡ]@$  Ѡb=1-18EOI- ij~Ê{fɩʿ<<<9/# 6‰mn^2-(  -گƈ{1)  ƹ{1)   ɾӾ{1)  򭠗񸷷 >7"L2@.3Ty#Rɳ帓K =fݿ-آ  7[|   (E  М ѕҷ  9641-*     f 8641,)   a 8640,) 븺⸻䶸뻼  I󷶶峲뵴㻼㹸󰯯䰯״갯:75l켌2 _ݿA!0 eӸ/ (-[*X% V" 9!F $F  H  D  > OŖ`5ߪíИ`V   82 /-+)&# !#      򿼽ɾ𹺼Ӱ籰82/-+)&#           ֜վ𹺼Ӱ籰82/-+)&# 𸻹      ¾    꽾 综ݺ۷´񯰯ï𺼽ȭᯰ̪⯰˧宯ʤ۞ˠ笭̜ȗΚΖϘ픓⟡91^)1wſO+ (D~U)QȯU$ Hj!8j  P kC8q 'CjF{- CmG !~F# ̥y#T Ϧ. &+ͫ  A¹; ʞzo`Ɍf(㼌pVյC nO3       !"#$%&''' ====<;;;:9987654 3 2 1 1 0 //. ====<;;;:9987654 3 2 1 1 0 //. ====<;;;:998654432110 // .== <<<9;2;?;:1: 998U8[7E6!5f4 .3U3#2r2]1O1t0Ǘ/8.- -- , + * * <)"('$$$%&'') * * ,,-...//0112222*2ľ3_43}4 f}5$r68z63889;;<<- ''' )6== 6 )            $$$%&'')**, , - . ..//011ܲ2222)23[41y4 by5"n66t61889;;<<- ''' '3:: 4 '            $%%%&'()**, , . . .. //󪫪0󫳭1򶞢1򶥅2󜓠2󢤑2223E4%[5IZ5R7)W6%889;;<<- ''' ',, '              !!+"$ #T $0֋0%o%t%&Y'=(ސ?)ݢ*++--../0022233345567 .EH;. /&E~#4P`t Se 9Ii*|Lg@ = 9ف . %u: z B % 9b x   3׼ x 0$% ^  żz򾼻禥ݤþ ¾ ½¾ÿ򨦧  ſ¼þþ ¾ ¾ݝþ驧Ŀ ¿|uȿgļ ݟT6Ľ۟JýڞĿſĿ¼ żz 踹߷¿񽾼򯮮ÿ½ 󪩪Ŀÿ 赳¿밮¾󷴴 ľþþ ſſ𬩨Ŀȝ񟞟 þvǾoĽc ݟQĽ4û۟G۞¾ÿĿÿ¼ſٹ|~ulpﱲ𷸹ľ鷸˴鷹鯰Ѵ󳴴δ먧ⲳƳᱲ󱰰쭬ߧ𹶲乸궴ﲰ결 ஬쟜ⶴḶﹸ𗔔繸긷ḷܷⷶﵴ蛚 괵 𵳯 봰 㴳ⲯ󏐐򰭫񲯪񱭨󯳲赴讉ݑY䑒T ┕K=ԑ' 5갮巶񣢣񶴲ﷸ󡟟丷践 巺ⷺƿ   !499988777, & ! !!    ""&%%('&()'%%      pY\PBKRavD:0$$⛐|!彼ٸ㻺ޯ 񭬬 =y񡠠  靜  %"坜ߞ󞝝  죤pY\PBKRavD:0$$⛐|   ߦ 顢%?0⠟  %)  '%"坜ߞ󞝝  죤bMOD:BJWfly:0($܊||pupou}밯üɾƿ̷Ϭ̣򫬬š⠣۟험 . '4>1    鎏돐ꑒ向   䑐񖕕Ւ󔒒ܔ┕陘򘙚񚛝񚙙  瞝󜞝񔕖󝞝󕔖"  ?;;  *Nn¿¿ڣĽ֡򷶴󯮭!(|<92/)   򞝝       䝞  띞  󣢢 硢򣢢᪩  )Ml¿¿Ľ֡󯮭"851("             䝞  띞  󣢢 硢򣢢᪩ 9R츹ſﺸ ߽򹸸𻺹¿𴲰Ӿגג      󓒒ߔ󒓔򏐐Ў 폎6.,"  򒑑񑒒󙘘옙왘왚虘𚛜𙚘 團򛜜𜞝ݡ뜞 㜞眝鞝𞝜 뢎  &+60, % ٺٳ񽼻ﵴ ⧦$*.l8501-*%""    򡣤񠣤񞝜  򟞞  󢡢󪩪 򧨨 &* - .32ٺٳ񽼻ﵴ ⧦$*.-9621-*'#"        񠣤񞜜  򟞞  󢡢󪩪 򧨨 &* - .32򶵵鮭㨦𠞞䤥 얕!)/<52.&!򏐐 򎐐􏐐鏐 񐏎򐏎򐎎 򓒒򓒒 򔕖 𖘙씖 񝞟ᖗ󨥘򨧧򔕕󧦧򗖗薗 򧦦 殮𚛛랟 #󥣢%'+9s366 $'* .2469 𧩪޵䯱줢Чݨ֡뢣١렟ܡ柠埡⟠硣론㠡ޝ렠ڭ쟟֞ۥꞞѠ鞞ͣ睞Π坞ɠ睞ؠ랟㟞⟟򠡣៟桢򡢥ݡ꺼ڧ軾ة׫֭֮й֯춷د𵳳ٱ紵ۭ쳲߫簯߫仼ެ笭ذت浶֪񬭭㴵ת𴶵ת۰תԫ֪ګت̫۪૬ݪѬު Ԯު ѭݪ ܪ Ѯڪ𭮯ڪ׮٪նڪӫϫ𧩪޵䯱줢񧨩᪫ݨ֡񥧥١렟ڞ柠 埡ݝ졡 硣㠡ޝܭ쟟̥֞ꞞѠ鞞ͣ睞Π坞ɠ睞ؠ랟㟞⟟򠡣៟桢򡢥ݡ꺼ڧ軾ة׫֭֮й֯춷د𵳳ٱ紵ۭ쳲߫簯߫仼ެ笭ذت浶֪񬭭괵֪𴶵֪װתث֪ޫت櫬۪㫬ݪѬު Ԯު ѭݪ ԰ܪ Ѯڪ𭮯ڪ׮٪Ȭ٪تӫϫ䚙ȓӘÒΔ’Ԓ¾ ޑ  ޏ򵷶󏑓提ۏ⏐向둓񸹺 ޑ 呓㒔蔕򖘘갱咓哔벳𓔕𓔕簱训鱰믛񩪪橪񪨨󩪫󪩪𥦧򨧨ꦧ릥礣򧦦饧碣ۢ 뢣#颣&(񤥧(򫪪&飥%$頻#!𫬬 ꩫ妧復뮭񭮮󨩪(())** ( ( ( ' )+,*//01122287786;;<==>~<::;B,+* ( ' ' & & % $ # " "!!                 ,+* ( ' ' & & % $ # " "!!                     , +* ( ' ' & & % $ # " "񽿾! !]   󼽿     󽻼 󹺻    򴵷 ﱲ    챲 밲 뱳 ﱳ붷 ﻺ򹺻굴鳲챳 Ǹ챳 ÿ 𳴵 봵 ﵶ쵷񶸺󸹻  鼽  ﻼ  궷 羿   򾼽 󴶸  󭮯 /&%$ $ # " ! T! ,    m~U+a;& M5~)     H     I r m    ?            & A               *  ++*(&%$"!  "  %                *  ++*(&%$"!" %                *  ++*(&%$"!" %   {   1 D  S ;  s 4 & 0  VǶ8   %* /* ) +'F %3 $P #! Ҳ㲂ݓX)   Ǹ%ÿ ň)i I20ü ſ¼Ŀ񥤣ÿÿʰ氯׮¸۽yvWVUYISS^epo|ǢbP;:*&!*2DNPRcmq}}qjkkljhgc_`hmpx֧pUB494*  !"$/;GWji[TRLFIMLLSYTMN! #$(./-.0.--,(%""( -  ¼  ľý¿ÿ¿乶   ¾¿¶~ĩxrmkNMLPCJKV^fht}ƻ|XG54&!&-@IKM[fluukegfgedb_\\ejmtydL:/3.%   !,8CRccVPNHCEJIIOTQKJ!  "',,+,-,**+*'#!!(  - ż Ḽ廼𢟝貱⯮豰򝛚򥤣𥤢󳲲쮭 鯰찯 򳰭     󵴳  렙ѪҨ{roba`b]__b_cfjkorvy|~||{{}|~Ҫ~|trYTPO:98<267@ELMU]`ajmlnrrprtiba_`dhkᨠle_\B4'&".679DKPVWOKKIHFCDJOQVܧpZK8+"%"  *2;78!   ( -    #(&%#$&%&&&'(&&#"  ¿ſ͹ù{ήιylTOLKG@9./228HPT]hmou /Rje_kʙoaUHIL]gk  #'1$01$󣢢󟠠窱䪫𫬭잟񫬫񠟟󟡟򮯮ퟠ󡢠򥧦𧨧거񯮮乺붷󻼼ߵ[!괹򁉉OG>@B957956AJP[kor   '**3@946855AJPZkor~   '**3Z!a^`6:ήkj_hfVZ E_^b'CmbghW^*N^^bGv ldefW];WK)AcT^`AߍȬ*bgeeW^;ad_Y^b#ι=WhgfW^=6qt@HY^_dRDeigW]=9}UU@MY^W ׋B`jgW^=;gS^DCR[Y_G".K\]9z+^igX_=;"4@=k)wY_H[>-޿`edX_=8}GuM&[_8~@Lb_W_=7D1]^0 u'0H_\V_?70]\Jqߍh.\YX_V60]ZM=֖%[WZ^^5aO0]VG#^7#_[]^^68+'w`U)\S_B8)[^^`8tJ-Tuo(]T~?d*"63N^^a5.Aa)+J'^VeCzH^^_K{v?a5R,`>C0i4_^^PRZ7^*9a;!;sTw [^^[>Hq KveL`:uW5X^^_;|ßJfa`6oFV^^]%L``71tH_^^_^?`^`8shE`^^_IM+[^^`7.ғW*[^^_;` 'ZY[^`6#(*OhfodD-b^^`M Ap a^\X]^US^^]+ :`cd_X[^U-]^^]]\]^b]9. 4EWieecaYZ^V\`\ZZ[YZ^^`]O58IBKqlnpmigeaYY^X D]XWWVXY[]]`RJ^^isu{rlhc`]YY[BYVVYXWVVX^bW][`oyrida][Y_2 DZUWWVUUVVWXH^\\hvtf`_[Y[a>WVYZXWVVUVV@X][`m|vf^[ZZ^P'U]]^^[ZXVUU$a\\drype]ZZ]^(J_^^]ZYWUUR][^enga[Z[_=!I\^^ZXUU.`][[a`\Z[\7#N][YWWU^YXY[YZ^-%W]]\^]P^\YXZ\_!&%Z]`bdgIR^^_T(7X[ajo:[^^_]#&VVY_aQ^_X,1ZWXZX^N.E`]]%`:/,**S<9kizYI7[+ =  +$k%*$,Fw (8 %OQ<1 (T[$>&"9/#R%:6>w]N70MXB ~!A++ ο% 38 2$s <'/" V7ί..-' &2!)- Dv1&') WK)Ac߈Ƭ'+(( ed_"͸.,+* 9qt@H `U'-, =}UU@M Ԏ /, ?gS^DCR[ ,HWY6t /+ ="4@=k(vW:+׼ )& <}GtMx=;! ;D p%4;Glԇj:+:ԗ:aO5![5;8+'w`UT?6.tJ-Tuo{<ޱ`( 3,.Aa)+J`?~p~v?a5Q@.~dQZ7^* 8nPrHr KvepSwŸIen9/qncC+vSɼѻR%%G]\dZ<Eo     "! )'*.($  !/3K>2)!  /   7A6    2' " # %'"%)-*#2:(   #/06S <*PN\B7 7 D`+񷶓- +Q򹾬n*$,4򷶣Y (8 %;=<1 (?D&>&1) #=:63jTE0*BK5|洳a A++  Ǻᵳ38 2s賮[<'/" C*..-'  2!)- yyq3`1&') oLC$9Wf'+(( X}YT%,+* 3􏎎cg8?~ H·E'-, 5nJK8uD s/, 6[IS<T+65PfW6 ,{5]L(`D(65)&s[R?f`/_(*x|nF*Ppj\-H&#*=\')FrH/_Xqk<\3Mq0f"`^K`qGS3Yyy)r *R`?YR+fr#}USJ 2 Yte=>5FEKsfC- 4Tcs     "! )'*.($  !/3K>2)!  /   7A6    2' " # %'"%)-*#2:(   #/06R*67еZ6 *֖5ۿ=( l'T8'"'&vRL746(   ο9[%y-wƸ V!" Jw ^tAZ@>>sSޢ& *z _ 2- k ] 6[ b Y@ !Pm"AB $k' N( 1*\n,W-7y,2 ]0 L.  )8e+JE(/ !SC1Ykd[Ad3տizCOfֿg9<Bvնdn~5i BUMnӿ<˫FKZz+6`,|  #^˯@p܁eSfW6^6i6:=d?uYg5] ƻܳOſRzQFDuk3ǻDü_SyubD^I%#`EfdĺϢ0úoSwOONM[wA m^ࣆ Żt|fdL}F?#}Dbf^էX@ż<Oy\K;g |"yFT{{ L }ɭA6"^G1}L__ZWVVZa>0y*~؀2 X0 I.  )8e+HE(- !P?/~?fIAY=;k ?QIiÓ |   "\˱H$ƻCǻ(nĺ n󬫪^飆  zDbf^զY v L#.S4]"[l}P<,?;$?W+J7S $o90tB6Z2:w󞝠c+VLy?.ih*gb2M( uJLV0Z&of<  7usF`P3Vw^=[;f.i_`+_PBcP+NZM`fVDT2K3Gƫpx;O]ȫ%rS+KU):{wxq~`]ɬiW63JL0]-r\=bMS*I)$kW(.p|ʒytxU%nM{U axD LD6[ʮ*ݺuk- dgM?#hOHDY~wo9-jsƬʽtpclݷ0E1xgKjnj}#eZH@Q ޹5m1~5-j|KBogVҘlrZY9J7F^թ 6Dzb/X\]q~mWXa':887 65.,+.. 4=>=<9.4(++-// 22 4 1y^`5 B·h0 6hºi.eþļ) *M+6p3(!rͽŤ !;0#^kf0T;tyyx|õ 0kI0ǣh1VȠ /=7Oeſ} ^F{Ӻ>¾ : ؙ$V¨WĕrUxc>Zʓ]UO_Cz %Jv.RP_nG4{)247L&A0I c2|*f:/}Q,~}4m[(ECvk7(\\&\W,D$iCEN,U#h`8}1ih?XI~/NlV7S6]+bZ[*[M?_L*?SFz{W]zRA~R1H1D9 3Cz ;wÓ˗x+VÔN9=)++(  HÙ򜞠3w먚{k957C~o#񟠡Q> ⢥*#wvAZ2" ᢥt9_ga W;𤫫|ks9L񱬤Y}"iJ}३(GQ'7tqz{sky\YcQ2/DG,ݢX*kW9\H|N{(D'"dR&+hv񋧣qmoդP{#hHtP\q@ H@2UǢ'|md* ^`H*4Ge﵏ +w3\깺J#CEFUivmaa__^`dkquiz}RBCJ:887 65.,+.. 4=>=<9.4(++-// 22 4 1; .SN6V2 *`0H-}D*M⪼'e;R%nC/TP 8rԿB  YG}   ,aﳷ             ݺ  B;vqtӵ)6H6Kɻ ^ 7l¬ǽq, -EEDDC@AAD0!7+6J54 3|3r2 '1 0 ~0 / y/vNm1B3   M    o        0  :  sNHvNm1B3   M    o     v 1  7  rKHv;`S©%Ň2a& Ġ e Ĺ: o Ŭ  T æ í ² ¸ ò { b Y ô% j ) q c V}j8HJzk' #  [  H  m   O     =  > }  % < T$'2./n?@"< >6 8WXXWY_G9,U\`G:Oa[;(%>:<2:<2@N5Z7k90r;;pK#%< dialog.jpg     P<Q !<Q~,DZ$b@@@@@@\(mm! 󚛝孮쯰㫩שׂ㙘䦥ۦ馥ۦ棢󮱱䒐礣ޝ眛󛚘০󦥤옔٨󢠝ک ֬٫ }񱰰ݕ||~퓒}~ΰ~~|}󭬬咑{{z}笪{{z~񬪦吖|zyyڬ}vwxx߬~ruxuyݴyuoqwx젡޳}wootu߰xomqrޱ~zplmo󚛜ޯ}|~}smkm󖗗߱}z{}~xpkk}ywy{}~~skj~zwuxz}~vkj}xtsrvwy{ynjŕ~~}yurqquwy|}qkŖ}{yuqoopuvy|vmȓ~~|yuqnnoptvy|{oΎ}{{xrnmmoprtx{qю~zyzvpllmopprvz~vؒ{wvwsnjjlmnnquz~|ƒ~yusuqliikllmpty}~~~͓}xutqmifghjjloruy~~~~ˆ{vsrmjgfgijklnqux}~~~}~ytpnigffgijjkmqtw|~~|}~}wrnkfedeghhkmprvz~}}~~|{{|}~~ݎzupkhedcdfgfejlnqty~~}}{yzz{||}|vqmiecbbdeedikmpsw|~}}|zxzyyxyz{|}~~vpmjeba`_`ceehjmorv{~~}}|ywyyxxyz{{|}zrmjgc__^]_begghjloquz}zzyxxzxvvwxx|{{z{}{uoje_]_]^__``aacfjmpswyxxyyxxwwxwvuvwwzyyz{}~xrlgb]\^]]^_`aacfjmpsvxuvvwwvvuvvuvwvvwxyz{{~~~{tngc^YY\\^_abdgjmoruw}sstuuvwvutvwtuvwxxyz{~{vnhb^ZVVY[ZZ[\_acdgikmpsv{}pqrsttvwwutuwstuuvvyz}~}yrlga\ZWTUXZYY[]`bdehjlorux{lmnpqqrrstuuttsrsyzyvqjd``[XWVTTWYYZ\^_bcegjmquvzghjkmnnqrsrqprqponnotspia[YZZWUVVTUXXYZ[\]`acehlqttx~deghjkklonnoqqomqpnljjklmkf^VRUYVTTVVUUXXYZZ[[^`bdgkqttx~Ŀ¿¿Ľ佻¿ÿĿ¿ü½º ǿ ĹķǼö˽ŷ˾ĸȿľó½Ǹ̿ķƼ̾ľȺՠ¼̿ûȺ¹బʽµǿȻƿ뼽ļǷ蹸º̾񶷸²Ʒ˺ſǻIJü蟡Ǵﱲ½ʳﯰꘙʲװɲѰư²Ů백┕ī欭蔕éү¦ߑﯰ搒索Đ𔖘 þÿĿûﲰ򜛛 홚𘚛¾¾񷹺ƹ򷹺Ǽǽ»񽾿ý⮯򭮮Ŀﷹ¾މ񥦨½ÿ죦²㡢õ֞ûþ~»}|︺ù|ż|ˬ|zxz쟡﻽º|zyryý|zzpqw{yyootżzxwlonlqɷ{xvijlkkrůþ~ywjefkmmw歯{xedcbdjorѾ~eecbcgkoeddbabfjvĻdcbb`_bgnƾeb`a_]_dhy~hb_`_\^beq»nd^__[\`ej󵷸ÁĿrf^__[Z]ffrf[XYYXY]aqwj]YYXX\ao~~p`ZXWWXZ`lsbYWVVWX^iubYUTUWV\e{wdYUTTUT[avü|h\WSRSSZ^s½k^XSQQRY]q¿o`UNMQOSZk~raUNMONRYi|ᴵxbTOMLNQVfy}~eTOMJLOSbu|{ԨhTOLHJMQ_ryy}~kVMJGIKO^qxx{|~nWKHHGJO^qwvz{|}~oXJGHFIN^qwvy{{}~        ¿ ¾ ÿ ¿½ľƿþüĿ»żȾ¹Ǿǿżɿ¸Ļɾ¾Ŀʽꐕÿ˾ùżŴƵŸļ򺼾¿}̙ο|ν~}}ν~}}|񳴶     ɫĿ¿ľƾɾýżżǼ˿ùĹŸȸ˸κѻҼ箫񴵶𦤥宱$姬$堦$䜡#䙚#噗$䔙#㔗"㕔"陠"񔐐󟝞!蒕!񑒑󞝞!␓!ꋌ 荌 򜛛䊉㇆߅߄򂃃怂~}~끂}|}~~툍z{|}~~큈xz{|}}yxwvvwxyyxy|~yxwvuuvwwxz{x|wutssrsuvuvvwxyz}vtsrqqpqsttvyvusrqppqssrsttwvusqpoopoopqqpqrsu|vusqponnomllnonmoqrrwvusqponnmkiikllknqqos}sqommlkhiijjijpomrxuromlkjhiihhijilkkqu|vsolkihfjhgffghjhhgioouvsokjhgfhgfeefghfchmkp}vrnjihhgeedchebfkilxvsnjihhgddcbaafeachgis|yuokhggfdccbaa``dd``efgmx~{wpkhfedeca`__`aad`]bdeiv}~yrkfdcca`_^^\[\_cgqy~}}~{tlhedca`_^^]]\[]admu{|{|}}~vnigeca`_^]\\[Z[^`fox{zz{{wojgdb`_^]\[[Z[ZYXXZ\_itzzyyzwojfb__^][ZYYZYWWXZdpxzyyzꌃxojfa]]\[YXWVVWXYYWVVW^juyxxy~ꏆzqlhb]\[YXVUTTUWYYWUUSXdqxwwx|ے|smic^[ZXWUTSSTVXYWVUUQU_nvvuv|㚎sia^^ZXUTSSQPQRSRPOPQTP\nssp{ۜtjb^_ZXUTSRQPQRRQPOPPRO[lqqrp|xlc__YWUSSRPOQPPO[joopp~۞ynfaaYWTSRQPOPONNPPOMLP]jnllm۠|qga`XVTRRQONOMLMOONMKTakmjik}rhbbXVSRQPONLLMNMMO[eklgfk~shaaWUSQQPOMJKLLMWciihefnܢ~shaaWURQPPNMIKLLKKLN\hkhfcfp$$$####""!⿻!!!񻾽!깺 黺!ู丷߶㵴߲߳򲳳𲳲氲뱲娩½ꩫ¾䣤者줥롢ܧܧ뜝띜ܩꙚ떛薕ܬܮ򵯨𑕘򸲪򻴫뎏򽵫򌎘󋒞ú󇌘ƼƽǾȿ·¹ù􍙟ù%$$$####""!!!!!! 뽾Ǿ½ý𲳲ļƼ????????????????33 g 33 fgfeefhkkllmnoppnmljihggiaWSUWVTUUWXZ[\\_behlorptz~bbccbcfhjjklmmnnligfdcba[USTVUTSSUVWXYZ\^bdfilnorx|]^_``bcfghijkllmjfdb`^\VTRRSUTSQQSTUVXY\^acdfikmpvy}~\]__^^_`ccdefhhijgdba^ZVPPRSSRQRSTVWX[]`bcfhkloux{}]^__^]]^__`bceffedcb`\WSNPRSSQPPQRSTVXYY\_acfiklntvz|\]][\]\\]_abcdbcca]XSQNPQQPNNPPQRSUWXX[^`cehkkmruxz~WXXWXZ\YZ[]_abbcb^XROONNM NOPRTVWXZ]_acehikprux|RSTSTVY\XYZ\^`abcdb[SMLMNLKKLMML LMNPRTUXZ\^_`bdginpsvz}RQPPQRSTSWYWY^^\^a^SKIIKLMKIIJLIIJKKJKLLMOQSTVXZ\^_bdfiloqswyOOPQSTUTVWWY[\[_^XPJHJJKLLKIIJLHIJJKLMOPRSUWZ\]_bdfhknpsvxLMNOPQRSSRSVWWXZ_WOJIHIKKJIIJKGHIIJIIJKLNPQRTVY[\^acegjmoruwJKLLKKLMMKLQTSUZZPGGIHHJJIHIFGGHHGIIJKMOPQSUXZ[]_aceikmpsvHIIGEDDFFDFLOPSXSICEHHGHIHGGEFGGFHIJLNOPRTVXY[^`adgjlnrtEFEB??ACDCEHKMQTKFBCGGFEGFEDEFEECDEEFEEGHIKMNOPRUWXZ]_`behjmpr@AA?=>CGHIHGHKMMEECACFGEFDCBDDCBCDDEDDFGHJLMNOQTVWY\^_adgiloq;=>=<@FLMOMHFJJHCED@@EGFECAACCABBCDDCFFGHIKMNOQTUWY[]^`dfhknq=:;BEGIPRWWNIJHD@ABBCCBA@ACDEFHJKKOPQRSVZ]^`dfgjln<?@@AA?>?@AABBCDEGHJJLMPRSUXZ\^bdehjlCDA=BTgrpk`MB?AB>??@@?=<=>?@AABCDFGIIJLOQRTVX[]`bcfik??@K]inqi[I>;=?=>>?>>==;;:;<=>>?@@BCEFGHHKMPQRUWY[_abegi8;BLXcdcf\OA;:;==<;::9:;<==>??ABDEFGHJLNOQTVXZ]_`cfh?BLW^_\[ULA::;=><<;::98:;<>?@ACEFFHIKLMPSVVX\^_begMNU]\XUXMC:68;;:<<;:998:;>?ACDEFHIJKLOSVVX[]^adfTUUTUWRKH>679988;;::9876779::466=79FBFBNiwss|upup}{~bX_ccfgPRSTVUNEC;569877998237655697:0BE0NrpeSGDDCEILSRM_Tbk\^dOPPQTRI@<73588776/2443259937H;Rq7CE<;EHADHAPJVrkS`xhSPOOQNF?64358876654102236:9?7Gug8C::99=A@=CI@J@RoX\nZgSQPRQKA92345788755461/24245:Dsl67G9=748=@BF;DCHIb\LXSevhaPPRTQF91035567544340/44225FqO3=54438<<;<>?BDCAHmRQMQY^ex}ONOPI<1,.35313432210/1322>Mx61618159=?=BGDMFlPLEONNUZZ^JOL>0-03221102100-3+30Wi3013322358;==>@AAFGpKLJKMQTVWXKH@5-,/110100//0.-//Oa6:0122112357:<<=?EFoIKIJLQSUVWH=1+*+-.00//.0/..-..,29p913/0110012368::;<==CDmGIHIKOQTUU=1('*+,..-.--,,+4.gA)4/./0/..01246889:;<?hCDCDEIJLL$''$%)'#(('('&&'4j,).3&++*)*,./1233468677<=fABCCEHIKK)**+*)(('')($%,-.Y51)$*&*,,-,++,.0(.7+:883=Ai<@=HBHKHTS'(()('&&%%&$!% )$(`3(%'.(+*++*))+,(24,;4*:77D96nFF=;JJGMIF%%&%$#&!$ &"3W-#%)+%*())()+-+0-)9<65>&E=b>>?8;@DEEI#$$%$#")! #$*O;%&(&$!''(('()+%/(;06=iio}lt^G8J>@GCIK##$#(#%%#,c&#*'##%&'(('(*+0),.9ko4@,A6AZ:;CA?DDA""##$##"&$ %d#%'""'(&%&''(*+'-68iC9857;8;>K=AE]DB6+  ! !%!  &"^#"!"# ""#$$%')).$s1-3317/~G5=vjZRAC  ""##X$# "$$%&&'(($4JC42g9/.556v5<7_.H  %$ S #$$%%&''(3].(+_7(>&44c3+R    !V$!#!"# !!"#$$3L,03S3+0614^&R "Y!!%&''())*&=L62[L2*053]G"# W$'!"!# !!"#$$%,%/ta)A.0)sI6 !"Y #NIJLR\QQRRSTUUVZQsTlA&\VOSW&#\ S*"!!""#$$%*"-)rQr9&  k*X)"[$"!!"##$%%'%+**c^ Bb)^%^ & !!""&$#'&&ErhDKQO1_&0Z  !%&!!'%[$ L>e!!   !$$*(M +`9L ""$%!PY5c &!!# S "Z!:M # H S?R= !  D b!o"   H   ߛݍ𡞜狌嗘ω̈臈둒膇 ʄ Ԃ~~􀁂~~~~}~~}~ҁ~}~~~|}~~~~Ҁ||~}}~}~{||}}|~~}~~|zyy{{y{~xz}}|}~}||z{||{}~z{zwttvxyxz}{wx||{z|{zyz{zzxyzz{zz|}~uvvtrsx|}~}|}zzxvx{|z{yxwyyxwxyyzyy{|}prsrqu{}{}xzyuuz|{zxvvxxvwwxyyx{{|}~nmnuz||}{uuvwwxxwvuvxyz{}morvzyvsmuuvwwvutuvwxxy{}~quvtwwsrotuuvvtstuvvwwxyz|}twtpwurtssttuutrqrstuvvwxy{|~~prrs~qnpprsstssrrppopqrsstuuwxz{|}}inuvnmnnrrqpoonopqrrsttvwyz{|}puvomnpoqqpoonmopqstuvxz{{}~~{okknnkqqponnmopstvxyz{}~~{qijllkknnmmlonmllmlnlqjhuprnzxvnhilkjjllkijkkjhhimkmaqs^yurrqswz~x|sojfhkkjjifhifegkjdfvi}iuwnmwzsvzsz{yrigfhkkjiihedeehldjbrbmnnmmqutqw}u}s~tlefghjkkjhhgjebeedcddnabrdqkhlqtvzrxw||}yldcfhhijhggfgcbeeaadpzakdeefkoonoqrvxvty|od_afhfdfgfeedcbbdaam|d_ebkeijnpnmpstlqquw{z}~zrf__`egdbdeddcbcbba]d}_iadjeggjfgnrolmqvszt{w{}oa^adccbbacbaa_e\c^Zabddccdfilnnorqtwyx{|~|yqf^]`bbabaa``a`^a_}_cabccbbcdfhkmmnqposvwwz{}ynb\[\^_aa``_a`__^__^]agd\\`abbaabcdgikklmonmqtuuyz|~nbYX[\]__^_^^]]Yc\oWa\_`a`__abcegiijkmmlostsxy{}^YW[]\\^]]\]\\[[UKbXb^__^]^`abcfggijmmkortsvwy{|}}TUY\][[\[[Z[ZYYZW^V^\V_]^^]\\^`abdeefhilljnqsruvxy{z{{SVYYZZYXZZYXZYXXRjV_YY\]][Z[^``bcddegijjhloqptuvxyyUXXUVZXTYYXYXWWX[VW^KeX\\[Z[]_`bcddegihhgjmonttvwxxWXXYXWVVUUWWVXQ\VVa\VQXTWZZ[ZYYZ\bY_hYieelkenojnowostoyxUVVWVUTTSSTSSXRWMP^SRT\VYXYYXWWYZYceZiaWgffshcqqnlxwrvrnSSTSRQSPPVRTLZXNRVYSXVWWVWY^\a[Xfic_iQnffgohlnqsptQRRSRQPSOQUORRvfPQUSROUUVVUVWYV]Vj]chƒlhwlnvrwyQQRQRPSUOPUPMTTPQQSTUVVUVXY^W[[f_gSh[gȬdhpnlqqpPPQQRQQMNTTNMNLNPNOUVTSTUUVXYVZcenba^`d`cdqƭcinem]fOOPOPKQPNMIONKLOSTSQSSTSTVX[S^{YYjpabfgf[RC>MNNONOMJLJNQJLKJNOLNQPQRRSUWV[Q\V\a_e]q]e{scfB*@p]=;@@>?JJIGKKLIGIJMxstv|}}~~|xzeJx|:B:A~M:8>A=CJJHCGHJHGJHG{RJBDGJJKKLMMNPHROv[OC5A0G>Q9=>A;<@IIHEIIFDF~QJFFGLJHHIJJKLLMIPPOD1;>EgO:9=;@9CDGG}DEMFIKHHIIJJKKNLKONNmeqzz\>7<<=>FE~GTBCLGHHIJMNIIOMDBzF><>77?::;;<<==DDl_>IICGGHHIIJFLLRP@0k636869:99:;=:;6899::;;C>}ZBGDDEEFGHMHHJB513r:6445:799:;CCDDEEFF@GH:,173e9638778778899::??=D?F@@CCDEIGC90580i@9374376678Ⱦݿ¼罾ýϻ̺þ蹺Ŀ踹㾿ſ ʶṺÿº Դ߻Ǽ泴๺ҵᵶҴ೴ṵ̀߱IJݮͱ۩ͰڤҬڦԮӥǹӭөʹЫѬǶЭШ²٭ΡŶէͨľש̶ſתþǧڿμɡIJȼĻ˞͞¬¿ȞŔֿű追ͣʔŵɻǠϭֹлȜ֘ӯҽ͜ϓ̮¾󞠔Ƒ祭ͭ뜟夫̫윗З姨ʩ앛ǡ奦Ȩ팶}񤥠ȨΕɈǧ喕ťLj喕ãܓӨԑҨ䓕􍊌㑒ﭖ͌єӠ퉋䒔ˣޔΈ|ؤ陋{䏑Ցߒ૘аώɝ֓xϑŔutz~{{xꌆ煔Ë}k{|z~w~Ꮠ}xyz~ώɶڟ|iz|zxόʩ|s{s{xy{~~}ㄅģĉpyg{sĈt{{z{ϊ|Ӯrxy|~st{~{zyױun||}~}y}苆vstzsrxzz{{||}}t}~nkmtxvwyyz{|y{鉈~yzqw~yxyyzz{{zw~vrttuyyz|yyz{|}~򇄈{yyuquy~~{xyyzz{{mp{}otzvpsr{zxxwwxxyyzz~w{uz|sx{sutpxurwvvwxĉtZJGECCI[osrwvwy{{|~óv[JECBCI[nrqvuvxzz{}~w]JDAABIZmqotsuwxxy{}|~z_JC@@BHZlomrqrtvvwy{z||aKBA?AHZjljpnprssuwxy{~ą}cLDC=AHYijhnlnpqqrtvxy|}}Ă~eNEE<@HYhhfljlnooqstuwz{{}~Ɂ~fNGG<@HYghekikmnnprssuxyy{}~|lTDB;;FYcbcihiklmnprpqtuwyz{æ}mTBA;;FYcbbhfgikklnpnorsuwxy~pU@?;:DXbaagceghijlmlloqstuw||}~}~~rV?=;9CU``ebcegghjljknoqstuzz{~|{||sY@:;8@S^^babdffgikijmnprstyyz}yzyr\C8:6=P\\`_acddegihhklopqswxy|~vyxuq`F794;NZZ^]^`bbcegefijlnopvvwz|}tyxsobH783:LYYX\[\^``acecdghklmntuvyz{}~rw|u`G8445BTWUYZZ[]_`abbcdfgijkqrsuvyzz}~qrw{u`H8233>PVUVXXY[]^_`bbceghijqqrtuxyy{|~ppuys`H80119JTUSUVWYZ\]^`abceghhooprsvwwyy{~noswraI8004CQTQTTUWYZ[\^_`acdfflmnpqtuuwwy|lmqtqbJ80/.2=LRPSSTVXYZ[\\^_abcdjjkmnqrsuvx{~jloqobK71-,/6CNNQRSTVXYYZZ[]_`abhhikloppttvy|hjmpncL71**-0:HMOOPRTUVWXYZ[]_``ffgijmnnqqswy|}gjmnncL70'(,,4CKMMNPRSTUWXY[\^_`eefhilmnooquwz{}~~`imkifP40&')*/;QOPRRSVWWXY[\]^bbcefijjnnpqtuvxzz{}}~hhaeqdG<0&()),5HLNPQQRSUUVWYZ[\``acdghhllnorstuyyz{|~z^gmkd_Q:/&(('(-=IKNOOPQRSTUVWXY]^^`beefijklopqswwxzz|}}~{wpedlm`I5,%(('&(5FILNNOPQRSTVWW[\]_`cddggijmnoqtuuwxzz|}~xtxbfbI@)$(('((3EGKLMLMMOOPRSTUVZZ[]^abcefhilmnorrtuwwxy|}~|tplxk[G.'"&&')*3DFIJJKLMNOPQRSTXYY[]``acdfgjkkmooprrtuuwx{||wrmvz\A1&!$#%)*3BDFGGIKJKLMOPQQVVWYZ]^^aacdghijmmnpqrssuuwyxtnig{ks:,% #!#(*2@BCDDEGIHIJKMNOOTTUWX[\\^_abefghllmooqrrsuwuqjfVbb`-&"% .)5BBCDEFGGIIJKLMNNRRSUVYZ[^^`adefgllnpnquuprcBV__BqG""$%*'/8@@ABCDEFGGHIJKLLQQRTUXYZ[\^_bcdejjlnptqpr_@1[Wa]~o2u7"!+(3;>>?@ABCCDEFGHIIJOPPRTWWXYY[\_`abggiklolmdC'$PL_[Wx;&Z( !(24<<=>?@ABCCDEFGHHMMNPQTUVWWYZ]^_`eegigdjbC,&$VZR[NH~#NM'(+678;;<=>?@ABBCDEFGGJKLNORSSUUWX[\]^ccdefghhge_G)$)&QXTQR67\Z2(/.>59:;<=>??@AABCDEFHIIKMPPQSSUVYZ[\aabcdeffjeG(!$#%[TLS?4$o>?@ABCCFGHJKNOOPPRSVWXZ^^_`abcceQ/! $RSQEF)),Zs*3962556789:;<<=>?@AAEFGIJMNNPQTUVW\\]^_`aa[5#&LNSP@( a0>[<7276789:;<<=>?@ABBDEEHIKLMNNPPSTUV[ZXY\`]V&$"!!"$%POOI9$5W/k865.556789::;;<=>?@@BCCFHIJKLLNNQRSTZ[YVZ^L3 "&*,EHKF2k,a?45.234567889:;<=>>@@ADEFHHIIKLOOPQZTVZWC+ #'+-DIL@+#PCBY4-2122345677889:;<=>??BDEFGGHIJMNNOUSWT@$ "%(,.LH>0!(3[3k8(.012345566789:;;<=>>ACDEFFHILLMNRYP7"#',024,"&3_3a5--//01234556789:;<<=@ABDDFGJJKLSI4  !#%),/1(3\2[-/,--./0122334567889::=?@ABBCDGHHJ@)$%&(*,./$)&`0h))'++,-./011234567788<=>?@@ABEFFH#!"%(,024LNQSTUWX[][4X--'+,,-.//0223344557::<>B>BA0!"%&'*-/13 "#$&'#'2$U*,**+,-..00112233588:;<BDEGIKLMNQRUXZ[ZZBDGHIIKLTNRQMNRSSTTUVWWYYZ[\]]^^_^b^N@?@@DFHJLNNQSVYZYXWEGIKKLMNKGJH~KQQRRSTUUVVXXYYZZ[[\\]]^a[N@=AEDEFIKMNOOQSVXYWUSCEHIIJKLKLNMMRMQQRSTTUUWWXY[Z[\[\\]aN>>AABFFGHKLNOORSVWWURPACEFFHIHILOJQMOOPQRRSSTUUVVWWXYZOA;?DA@EGGHIKMOPRSUVUSPN@ADEEFGIHJOEMMNOPQQRSSTUVWXWXX9<=>ADDBGGHIKMOQSSTTSQOM@ABCDEFGGEDCMIKLLMNNOQQRTSUZXJ9<<=?@ABCEFGIKMNNQPRQOKOT@@ABDEFF?MBIGONLLMNPQRSQSVVNB9<<=?@ABCEFGIKMNOPOONLQX?@@ACDDEFBcmKEIJKKLLMMNNOOPQPSUNA::<=>?@BCCDFHJLNOOMKKLMV^>??@ABCCM9MGJBGJJKLMNPQSOC86;<=>?ABCCDFHKMNNOMJHJKPZc=>>?@@AAW~@DJEIHHIIJJKKLMQPD858;==>?ABCDEFIKMMLIGJOU^g==>?@JHDBIDFFGGHHIIJKMH<46;;==>@ABCDEGIKLLKJKHJNTY`g<<=>eu7KC>E>EEFGHID=768;;=>?@ACDDFGIKKJIHJILSZ]ag<<=:F@CGBADDEFGHIG<4599;=>?@ACDDFGIKKIGFIJNV\_cfòŲdzɴ˶̶ѼҼս׾ĬȯʱòóóĴ⟮ŵŶƷ˛Ʒȹʿư¼̾²Ỽäʴ»㷸ԺоѣɬԺíϔͧϼĎӝ緸ӗ~괵vw󤥦xЌѳĔ䊌{LJ͊řࠪଣ~|~阙Ӡ~ˆܞ¡y|~~ɝ|~˝~z~~򗛙}{~~ҐϜ}yޗ{z~膇~w}~}~탄~vxy|~yѐv||}|ϒv||}Ϗxx|}~~rƈʏvty|}~}~~v}뎒yvy|}}~}}~sߌ}uw||}}~||}~oߌzy{~~}~||}l~~wx||~}~ܦyidb]VSQOONMKIHJKIGMTlnjea]dr|kdb]TRPNMLKJJIIHKT]jmha][fw򥘊|lec^RQPNKIIJIHGIO\hjmf]Y[jܧ|leb]QRQNJHHIIHGGKTblikd[V[o蓮}mgc^RRQNJHHIGGHNYcjhiaXW]tݦ}mgb]SRPNJHGHFFGKT^efed^VXb{ݦ~ofd\SQNLJHFEFFGLYegdc`YRXgݦ~ogd\RPLJIGECFFGN\ijd`^UOWlݢ~pd[VRMIIHECEFFJT`gfb\VNKXtݠ~pe\WSNJIGCBBDEKVbfdaZTNN]zݞ|oe]XSNIHFB@@BCLZdd`^YPKPcޝ{nd[WQLHGEA?@@CO^ea\[VOJTkޜylaXSNIEED@?@>ER_c^XWSLMZuޚwj_VQLGDDC@>?>IV__[VSOLPcޗuh^UQLGCCA><=?MZ][YTOLKUnޔtg^UQMHDCA=:;?P\[XXTMJKXs{ocYSNGEEA;89DSZWXULF>PeߎzmbXRMHECB>98;ESYVVSKFCVoߌxk_VPLGDA?;78LUVRPIDETk}qdYPKHA?=;759@RVTPKDAG^uzn`VNIF@=:855711..8GOMNG@?DTl ibYOH>5.,+,2@LOKKB=?L`y gaWH<3-,+(-:GLKIE?Lax]P=-((+.,1;EKIC?>>EVmTD2'(++*,7BGIIC;<>I_v')**))*,2=DCCF@60EZo'())()-08@EC@?:38Kat&'(''*17<@DB=857CXm|&''&'-6=>?@@958>Odx&'((*09@?==<73:G\o~&'),05;@@=:946@Mfw'(+059<==:643;IVp}(),29<<:86404@Q`t+18<<;;<4.-4@N`m.27::99:0-.9GWfr24788765,,3AQanw~4567752/-0;J[jtx~356752.+/8CSdouw~~34553/,+6AP[hruv}||}|}~~3442.,,.=JYdkswvzyxyz{zytvvuuy{343/+*-1BQ_hovyxxvuvwxvupqqoonptx-.,)(,7AX^hmpqruqqonmkjhgfghiox,+)')1>H\aimoopsoonmljihfeccdeis)(&&-8GQaejlnmmpllkjhgedba`^^_ai%&%*4CPZdfjjkkmiigfdb`_]\[ZZdz#%*2?KW]deghihijfeda_]\[YYXWWVVWaq#(0;HSZ^bbddfeeba_][YXXUUTSQ\j&,6CLV[]`abbcb`_^]ZXVUUTRRQPPOMWd(0;FPVZ^``aab_\[[YWUSRRPONMMIT^/8EPUZ`c]]\ZYXWVSSRQONMMKJJIIJDMU6=HRWY]^ZZYXVUTSPPONMKKJIHHGGCKT?DNRVVXZVVUTRQPPLLKJIHGGFEEDDEAIREJPSUTUVSRQPOMLLHHGGFEDDCB?FOILOSRRQSPONMKJIIEEDCCBBA@@A=BLLMOONLKJIHGFECBBAA@@?>>?:?IMLKJHHGEDCBA??>=<;<9==<;:99:8;Fǿ~}~|ǿ~~}ƾ~~~}|~ž}}~~}||ļ}}~||}ü}|}{{|ü}{z{{|ü~|zx{{|~~}zxz{{޿~|xwwyzݽ~}{wuuwx޼}|zvtuux޻~zzyutusz޹|yyxusts~߶|xxvsqrt~~޳}yxvropt|~|zzvpmny{y߰}zxwsnmpz{|߭|yvtplmq|}zદ}zwtrnkms~yzৢ~{vtrpljnuyv|ट|yuromjjqz}uw࢝ywuqmifit~zuz࡜~xvvqkfciw|yu}|xtrjbbely|wsx᜕|vrlhbagr}}zvt| ᖑyqiddaakzztsw |rh__^_es~|upr{|pg`]^[`mz~|vpmu{nb^]__^et~}yxpmo{{la[\]__dnx~|vrllt|o`[[_][_juz||vnjlxXZ[[ZZ[]fqxvvwqgfvXYZZYZ^altyvspkdl|WXYXX[bhptwunifftWXXWX^gnpqsqjdgm}WXYY[ajqqonmebitWXZ]aflqqnkgbcmzXY\afjmnnkgbahvYZ]cjmmkigb^am~Y_fjjiijhb]`hv\`ehhgghd_^eo|`beffedc^]akxbcdeec`][^eqacdec`\Y[blyabcca]ZY_juabb`\ZZ\eq}aba]YX[_hva`]WRT]etz񈇆^]ZTSXblx}~||}~TSU_kt}󈄄}|{zywwx}~UTRT[hs{~|zxwutsrrwyQT[dox}~}|ywutsqqpoonntu~OQXbktz}~}}{zywusqppmmlkprwOU^hpvz|}~}}{zxuvurpnmmljjihhgklqQXbkqvy{}}|zwtqsqomkjjgfeddgilX`jqtuwxxwutsrqmmlkihggeddccdeca^elrstsuutsqponjjihgeedcbbaada`diorrqppqqpomlkkffedcbaa`__^^_b_^ikpqqnmnmlkjigffbbaa`_^^]\`\[ilmonlkjjihgedcc__^]]\\[ZZ[^XXhikkihhfedcba`_]\\[[ZZYXXY[UUgfdcbba_^]\[XXWVUTUZRSihfeebba__^\[ZYXVVUTSRRSYQRĽĻ𯲻ù챰¸ƿ¹þĻ¼ǿľýĿ½Ļ묦ú¿Ž¼ÿĿĿƿ½¿ะ߰ߒߑޑޑݑݒݓĽ¾ݕܘܜ񞟠ܝ㝞ܝ񘓎񱰯𙘕䖔򓐍⏎菓䎔ꢡ䙝非    6g($} H 9N0%w!  F    BM##u!   G    CU0g0#  H      Ec+`E   F    0o%Qc%  C      !cV PS5%  E         *WM 0RFP6 I   A^      .OT &DSPVR  O\1       POB'  #G[I%        :MQLI=GEJNIKL4                                                                                                       !    "    "    #                          _    Ԏ  #sn   {u 6È$  m:    &        7e        =>        1)x糘 P VJEEDGHGNQHTVPEQP=DEE Y&t  þĶǿк x         $̦ O   7C    & vĸ>4   p uxlJ    C   _& + D& ! zmλ ^F   "*s  1   >ܻʸɼݩc TP  0  3  %t     ~$ .  } AK < d& "W nn   89<>?>=<==>?@>>?>D3ZHB>C?A;DBFBEB6531;4l554456468877:<569;<==@=G9\oPC?>?F>GCD@3278952j445754456623468:<<==<=<<;<>5@cnCGE3DCD=@=3530943k3433534678987112468:;;<=<<;9<4A@>fx?TT7E7HF7,-+.4/4l44211246752246211346889:;<<=<>;rqeJ1(+0/9#)7/31Fj~lH-+:220/001221210.1A\ptol`jhmqlnoV>0/.261221012132-/42062,,24//2001.+,058+/942402210 140391).)-23.*-31.31/3346.,--02213425:4.23/++/31-.,//..*(-23133122 102430/0.+-*,/21/.-/1/02011/--/121/22 10 231/-*2.,/.,.2)2-/2.1370372032../01101-./0,-..//00-./0)**++,,./01//.,-./0)*+,-..//--,-./0*+))**+,,-++,-./0++()*+))+,-./+*+,-./*)+*+,-./)*+*+,-,-)*+*+,-,,-)*+*+,+,,-)*+*+,+,-))*)*++,+,)*)*+,++,)*)*+*++,)*)*+*+,*)*'())*-.*,'..%,.**)*,)%(-+(,0.- *)1|))* )*'/3.(*-,1#,45))*)())*0%',&$**()Bц!,))*)()*+3.',.)*$ِ,%1#))*)()&+"'4+.Rם;#/#*/((*) ()+$.0.W/.&#-&/((*) ()+&.?5%)")-),)((-2"&%'!*$.$)((),''(.+,,$*(*"!I}&,))(,#2) $7-"-0''+''$)$'%,,$"LJ )())(')),0,"-2"( -))+,'++)*+/XF8&-*,,'!(/&..'+*$*'%$i,".%$/f_[[Z^aa]cf[hmdWcfT_[['&'o:Շ,$('Ƕžý'"򦈒1-)2)%%&'*+$0'&/$- "'&&'$/'6Ԯ:!$)&((,+'&)i+%!+(+.**'+%#/SU**&,(%,%+''%)+(,>''!&/)V#F/$)-#'+"&''$-&+"'' 1.,/凃n]$''*$%&$''*&&^.#'', !* !KTJZ&)*"*#.%''$#(`%"&''&$+(!3!9s,,% '(&)''%V,&%&& 0 (#'-ب$%K2&"*"+''/_%-'&&/ ,%%&/"3l#Hw>$*#)(''(C!$()"&&'()$%%$$(U0!=;0.#''&}#, .&&)$!+"}a#")*()'('$&(0*(+$"%%&!(8* %="&+ &%#.#!@-)#$%)(($&#"#R&(*r& bO')& .&9 !# ##!&"'+)<'+"6ޡ.2%*5 #((&&*($&&%*%*'+"((#&8*#A )(%(+(##&%$%-%)-(&'%`l#, ]$*)'($))%+&&#*!"u8&&"7l'+##'!%%&yz}~}~~p{ts}|somhrnpsruwxy{zzwwz|vwz|}~~ς}uuv|~qputtplorruwyzyvvuvvtstuwy{}}~~}~}}{}|pzvws~tvtpytmnrqtuwvwyxywvurrsuwy{||}~}}|z}s|xlu{xppnqytnorprstwyxvsprtsrrtuwyyz{|}}~}}Հz||yxhx~{zmuwuzvwlnqpstvttsqrtvytsrrstuuvxyz{|{{|}~~|{{r|{h{whilottyilpquwysstuwuqlttssrrssqrstuvvwxxyyz{||xq|uwtl`~`fqntmkmqquvyssusooquttsspqruvwyz{{yy{xuq{yxe|bgiuqoprprstmsupnssqpqrsstsswrtpqinnotfodljfk_pfssqpqrs swvwphnuoi`cfis]cqimk~ecrssqpqqrssrussqmjjgmn~{mlkosnssrqrsrtslnrmkqqkkqqlilmmnkhimrxkoytrtpssrq rusorxpglimrqlhioolqomqqrxpnoorttssrsqtyuosuqmkoqoknloonnjhotusuustss rqsronqooqnpssrnmlprpqsqrrnllnpqpnss rqsprtrsqpvrppokmqjsnpsortunqupnqppqrssrsopqrnoppqqrropqrkllmmnnpqrsqqpnopqrklmnoppqqoonopqrlmkkllmnnommnopqrmmjklmkkmnopqmlmnopqlkmlmnopqljmkmklmopljmkmklmoopljmkmklnoopljmkmklnoplljmjljkklnoljmjljklnnoljmjljkmnnoljmjljkmnojijbgjkkjgfhjbkmepvjjijekpkgiinvlqd\iij ij_issonolvisvmiijihiijg`fpmknlxkqPdiijihijcqmkpnie\NTssiijihidjdgtdbe[qjpthhji hioiqpT_yZimovfhhji hirlr_uOmmbhjdjgiiepfrrqgkflblqrkgjjk}fqlk`hfucTqaolligarmej}eg\iqnciihhfde^_\eekc~ZlqjjifdaRenbvXgo[ceYdeeijeikijkVnaSa`hhfe`RYRopjapd`𶹽ؿɳhmbcc{ti`zhqgU[gkylKhrbTɢ`\xmMZ\ooV\ch]_jirfnchmpphnpZ\jff[UmbbeijihCkdjabghjddhkhgmRblcfb_fb`qqhhl^wdhlyhhclv^]xfքtchlcgmhlhhct`hѪWthhdygsfZĕpmejmghhfhhft_c\shhrgjqaVtylopksi`nbhhbgrUtfhhgitpepCY]^]olipkfchhd[`zbgg_pfng_ceMlleHamkmaehh\Ospeggi]lfhiobyq{j\miehbhhbqbc}c^gg^`fdfhhcahenXvem]hhfWm`fgg`Jc|ichgbierg\[fyFlja_^bkkgi\q]YehhinTdqmk[b_g_mm`]bmbbgyeigtogeea`pf[Smpi^nftkohhmffgjeuheKnmYelKYYhu^]WfhccdfeefiYn]P`[ctqYJ]\\dkOfib`fijjfdZpZ_gXgkk\e[Zl]Rhqjejkggfr`fc[ft^hky]i`dY]bgpidmnbb m "$" %).6;?CD Y6!! '+07@@A X9 !&.15<>>=\7 %)028:;<:9e&   !'-14679887Hb   #*.3354(    !&+.2232233   $(+-110//. !$(+,/..--,, "&(),++*)( #%))('& "&''&%$   "$%%$#   !#$$##"!   !"#$!!                                                                                                    (RsmD     ,`yH  >_̉8    ص6   D@    &        Ya        gd 3P      GGʊ 2:       w}*K        -oy2       F  oT Dg    n_ '          L   s;        -     B:m     I~*J    I  &۩v      <  Hyė坴    \{ E r~cܷRߊD   ~M nms5A c   %  pd'Se 44  D:) ju .   QBƋ !go TǖD       % B  #'ȾiſƷéd¼(  xpϵ  -yC$ TrЮʎ    8 [ V޶# fL   Bƒ  Pdv _ '׷X     Z4>Xw|FA* + ܌  o >V= ƾnKC<i/    ^ .( zϒz^  %   m=S?  9=957>6A@??@BCAABBCCDDCFECDHJH>9326:;;==>?@BCDJKKIFEDHLRY_cefA58B4>|W??>>?@ABAABCECDGGD96457:;:==>?ACDEJJIGFEFJOTZ`cde.<@1:{Z9==>?@@ABCBCCDEA=34579::<=>@BDEFIIHEEGJNRV\_aba?41>]6:<<=>?@AB@ABCCA<6247889:<=?ACDEFHGDBBEIMPSX\__^]*7:_5?9::;<<=>?@A@@ABA=734687668:<=?ACDEEDCABEKPSUXZ\[YYA@J1D3=99:;<<=>?@??@A>8326787668:<>@BCCBCGMQTTVXXWUUi56<1E689:;<<;;<<==>>??>?@;42467789;=>@BBA@BDEINRTTRQJ/<32=6;89:;<<;;<<=>?>??921545789:;;=>@BBA@?=?CDGJORSSRQQPP56789:;;<=<>=9402434689::>?AA@?@A>?ADHKNPPONNM455667789;<=;8312445679::;>@A@?>?@>?BEHKNONMMLLKK456789:;<=;85323455678:;<>??>=<<==?BFHKLLJJIHG4455667789::;=9522344668:<=>>=;:;<=?CEGIIHGFE456789:72013446678:<==>=;:9:;>@ADFGGEFFEDC34455667897410134366789:<=<<:88:;=?@BDCCBA3456789421012335679:;<<::98679;>>?@AABBAA@?>33445566566782112334679;;987679;>>?@AA??>=234565567752001233445689::998779:<:;==>>=23456556764200123344567998987789;::<==>><123456531001123445789987765678:89;;<==;12345431001233445688776654456878::;;901234310//00123345677655443234575688998012323441/..//01223344566544321123544677887/01213430.--//00123345655332100124235567 7/01213430-,-//00123345543210//01323556 6/0//01/021/0483343/01-..//00232210/.--.//0234 4.,.032/,/./11//121//*'+-../0210/.--,,-../0234434431.-.//+)*,-++.,,.)$*--.//0110/.-,,-.0123433(+-../10/.0014.*-,,6,--..//0/.-,,++,--./113322100//0//22101233,22/2/+/,,-./.-,++*+,,-.01221-+(*./,(-/0.-.00,-,++--++,,-..-,+**)*+,-/01 1*+-,++.2$*.,))**0*,*&+-$++,,--.--,+*))*+-./0100+..).HsɧZ2++,-.--,+))()*++,./0 0%AwȐa?5--/.--0//b֙O20)+4..+(,/)'*))(())*,,-./ /ǗN%,2'4.*,//./++%)&),BkҜP%/"20++%#'))(),-.//.//@0%))&(0,**-/..)(04#& (*10un,*))&(*#))(()+,-. .*''+.,)),,-,++.),,('zy5!,Pg.$&*":))(()+,-. .)22'$-0,-..-++,++)('&_[֙4.-CU+-)((''(()*+,- -#05/+/,--++-.-'**(-#+,,(1Տ:#(dמ(('(*+,--,),-)(+..*,,)*-.+,++,*&F+2,1&*|ϑ2&%H"((''()*+, ,%(('*.-(*,,)*-+',''/"(],#()(.-+l'T}((''()*+,,+&0'%##{**))("Eɩ1.ġ/ ' ..'**+,++('(##)-c))(,(,R-#*&& "/** +,)6*0!0,++* %Nސ&%+$,$**+*Ǟ*%&,))*)^VccdYi]\\[[Z\_`Wb0&.($))*(ɻה$"{&w$!(()('*'-({}0&&%%$1 a #B{$3K)(()'(#)!(&g))($"\$=;::99878872:EDCBA@@>=<;:987767619A@?>=<;:99865545443509=<;:988766543223323/8;::9766544332112 1-78765433221100//00/0/,6543210//.-.-/.+632210..--,+,+/-*5.-,++*))+*(-,+*))((*)'-)('&')'&,'& %(&$+%$'$#+$"%"*"#!$ ) ! $ ) !% %%$$##"                                                                  /B  dcba`_^\\[ZYWVVUUTSRRSRMa`_^]\\ZYXWVUTSSRQRQL\[ZYXWVUTTSQPPOPOO NQPLXWVUTSSRQQPONMMNNMLOKVUUTRQQPOONNMLLMLJMJSRQPONNMMLLKKJJKKJIKLIONMLKJIIHGHGHJKIMLLKJHHGGFEFEHIJHKJIHHGFFEFHIAIHGFFEEDEGHAFEDCDCEG@DCBDE?BABD?A?@C>?@>A==>=>A=<=>9<=>9;<=9:;<8 9;8 8:778797676965674578145454560434324.324322100/2,232100/..-0,1321/.-0+10210//-0,0100/..--,,-0,/10-,0(/100/-,0(.0/.-,0( .-,0( -, +,0( ,+*+,0(,+*)++,0(+*)*+,0()*+/()*+/()*+*/')*.')*)-&()*(-&()*(,%()*',%('+$('+$('+$ '+$ '+$ '+$ '+$ '+$$("( *&&%)#.$!'#!(*&&%)#3)$&"(&&%)#5"*$!-%&&%)#%$'%&'#+&&%)#1"'&))(&&%)#B1$!-#&&%)#W**(&&%)#񕔓 򒑐 𐏎񌋊 򍌌~񉈇 }|~~{~~}~|~~}}|}|~}|{|{|{~}|z{z|yz|xyz}wxzvxy{|vwytvxyzuwytvxxywvttxvuttwxvtstvwusrsusqstrprstrorrsqnoqsrstzvprspqsxtorosrqurmqptsrrqpprpkpqprqpponnpnkosrqonmpnjonrqpoonpnknqpponnmmnpnkonmnmongonmmlnmongnmlknmong nmlmong mlklmong lkjlong lkjllong kjklongjknmgjknmgjkmfjkjmlfjlkeijkeijkjdijdijicijicijichjichjichjichjichjicdef]ag_hgghgbpebgc`ghgghgb^wlhibecgghgbuebogbkagghgb_`iikjagghgb^Tciml^dgghgbjRoifncgghgbTmnbhgghgb   e8 $zM  9<)zB       6Q  I >    !b ,%   x xc:     -ɋ@     >     b#Z` ^|r   b/{ _r -AEIHFHJFRj    8ӫ B        : E~    ݷֵ   >      5A      0?b    R6M  þ u{ ,з/   þ V&/~  ¾ GdZ3¾ M + n* ½ :K  ½EI T zP(& ߻A {,  }H ]     : +A H A f H XU D  b b zD  hq EM  F2  G   ;@  Z?$xx& C    |J  J2:@ 4  7G  xK `B?D о¼û漳ǩە   kG  > yO3f  eEӰ}ѥK   xK  # !#?B>+   zH Z   ^      zD    g / F  )P ;  {B   ^ D  M   }H        wE   d  qd tG   +   wN   ]   貮׮⼫񶺰ҰĮ0  xT   '5+   |> UA?9ACA?M   ~G      x: f iu  {J  e  $  I  h%    w?f 1   wN w   <'    a      %      eԸH     \ˁI     + }B  ĒL +cg vG  BF   5`|űt+ H   (SǾĻwT  wN  2C?=D;( ~I  z     L         oC?A>BC@@BB@QHHFIV    wt}{AJ    zJ"D_   D} +/   H  L{6#   LE  E  H  DJ*vJ E C  P3~<  EA*f D  E  DQA uG  E  G  m" ~;  E Fe   {@ E Da zD E  D ]  |D  E 4   e! |D  E 7 U   |D  E?M7   |D  EH !A  |D  EMm   |D  EI  W    |D  EC ?   |D  E  @ )##!Q*&#!6"'!3+#+Y%$$ $&($$[%$'?Y%!)*%!%&'*%$%"'%)!-$/,'$k(*,&"*,Z!)*#B$(!$& ($$[%$'1HY"%&)2a.1%%-!%%O #(@ ##F)#%^+&W$$''($$[%$'-4r$#$+'[%*,)'.":+&q/&#($)*#)(#$"o)&&!$($$[%$'+)3}"!,+ X (&% -4''j* ''(+""%1" (e%!,#)*($$[%$'!','("*'P/#%&$.)5$/Q(##!) $&"'5*$!*r %$*&($$[%$')#--/%V*(16l#$*>$!&)~ '-%/"")F&+$*'($$[%$'-$0'}:#5+#*#^Me[YZ+)#'>R#*"%#[2))0'$%(&"($$[%$')! &"#,*w* ,!,OO##!&/O|00Q-+'"/ '!*$&#"%]'$((Q('!QP%$*%&)p\",%7~4&$ J+%$#"_!$&NM$NP&%#&&!")I, (.$$#'++NT"&.'%)%'%!$_$'&&$/cRIU/"*ҽϿ㞴""&'# !c_,(!#(S̸+)*"##*)#')(!b#*&&$+>o&&.'/'%%*pQժS!+$" !!(a' $$')6Ú1'+*."!2)&&B[[VE#-+.4+(&&*+$ * !`"+((#m'"ё#*&% !+w!%)#(!'&"!&#+#&&#%%($.&%'b!+'$$*8'&ѐ$ | $('$C#""! ]!$' *#&*'"C$-ɖ'*!b,(+!M&*&&#)'\&*&$)3%(3${-,č(%5Q(9%^$)++(##d!#*"'#+"!(+.+#К$!$%%$/-&'!!$(+b)(&/$(*+)"~ "/&Ə%#-"&")~#%&&%_'##$% "D%(˒/0$+.'%0-&#''% 'd%'$%!'&j$/!(!*##,!0"/% (##"$b!# '0="%'%Ó @,(& %%$'\'%'."(m$%&*$"̐R_`_[]^'j+(#'%%#'d!*3#!'$%&*$"̐%)&&!$%/')+"&&%%))T)%/&}("&$%&*$"̐%#$%!$&#('&&%%!%&a2""}-#))$%&*$"̐ "(*$&)@$&$#"(%%#(`);*!)$%&*$"̐#&+(#'&)%%&#%%-&U$-|8'"*%$%&*$"̐"%)"#'G"")&*+ %%$%(c&6!%'*$$%&*$"̐"'*%!++$)#%''&%%"0Q:.2&$ $%&*$"̐!&*&$(#(&#"!!%,'))'-&)*)'%%&' #$&*$!!*v*%%$%&*$"̐"&($!'%&++&"!$"& !'$$##&('%%.$"# "'(259*%%$%&*$"̐"&($!'%*% $'))"$"$$!$"##%(%!"'$#.0$'*}Z%&%%$%&*$"̐"&($!'%!$$#$(-#$$((&''+&$%%"$*%.*+r*^'%)%%$%&*$"̐"&($!'%'&&')($ +((&$%&('! '.,&"!$<ʜ0!&X'.%%$%&*$"̐"&($!'%߬c.&* !&##'$#$')'$#%("+%%(##(,+@ '&'!&($$[%$'%%(&%#['&$Q2$%%0)"0!r7# &"&)!)($$[%$'%%(&%#[&'#Y%"%%1!%jT"())$*#'($$[%$'%%(&%#[#'"b!&%%+ '&?^)%%!$#$'$"($$[%$'%%(&%#[ "'"g!*%%$!#-)%$(""&&($$[%$'%%(&%#["$'#c")%%(&+v=$)%*%&(# &)($$[%$'%%(&%#[ &&$]%%#)<^&"%$"&($""($$[%$'%%(&%#[%%Z)$h`s^XΈ_dXiцRfqgزfahYIekkcdhfjbcjewrhqdldlVoVcg^fegkinl`qj]hbh]]sdcld[WleindohgfbfjbcjeWts]phu\lkYlm[fcchm^_x_\[jenbdf`kgaTjr^ă\keggifjbcjeVay\knmXvbh^momq[Xjesf[opeXr_td^see^]}[immd^ffjbcjekh]qedjfp]didej]b_]vYk`k_bgbse]lang\yaehsfilfjbcjejfl`]^T^tl_kkek_aTgi^in`Hcjcahfcm`cmj`lkZjhfjbcjeejZpSDp^ho^mMbMi^r`]mbלUpebiiGXedarfrk^jifjbcjeYtgYpi`\hrlaqcSpӍfck\~sZauWz_nW|SdflkfdfjbcjerXWmkY_lk]alhilPĴT|df|`Xpyae^Qm^e_hbdcjc]odfftqLucc]kcc^eglgpZ_غseok`sWgmflfgjngdpkkuL}kjqrhYha_aaQtpPkaqbggjl[_ztX\d][_[]^bYY``X\Leep[mWrkz_f`iwkF^\pomMQ~chnabbihbfhke_a`meeq^X]_jolfcbalhX¨KyМЁVjegiged`bfb]ebac_ddrgVfbޠgo`aeieudRjsdea{vUdelXvoommqrkgmkc`mnkkfasd`_^k|cZaeNlk]^ZjkumjhlehZZgdffie^oeha[nfeeWb[cQݭiZfch]qfrxiggfl`ĉ`mindlcfjcnefOlkdn[ܐthb`]{Ogii\j_}^k_bdUl]`m`RSXvޝeiyM~jmof̣[nccilcalkinhpgdknfXekllkrq][qWQib]iiZf`^f\lcg[jf_WYZrkژ`W`ZbInyhbsg``njcajplotvojeTykersrVnptdd^gj[p[iibd`^cd^ddm^aQOaqah֨pjVXmlZliRacT^``bcb_bcT``e[ga^XrY]`޹cw[\qm`ffsgYgh\o`rt^aeeh[liۯ舘_ߔ^iihcffmnTaidazUUZgeeh[liۯ`fUfdV\XS`qkjbffoc^st\rbXhobeeh[liۯccWig[cRennhaffbg[mjrbXYmq_eeh[liۯegarn`jhZgifbffbhRÖjuXVtirZ]eeh[liۯhmfqj_j\_nedfgffk]]i^Z_c~c[aeeh[liۯflakf_jflpbaliffbf^Z]g]i^bjmeeh[liۯdk`lkdjijzj_\gtff`pQ~rXemeL`rveeh[liۯ`h^kk_aabfjkidbdjedd`d]dedb``abgf``c`_entPcffeh[liۯbi_lkcftqk`Y[fojneffdjgjiilnmkkhflupg`VkSbkn`ffeh[liۯbi_lkcffimsqj^Thjhjjdgeffhkhdejjcfc\j{{B~dlnffeh[liۯbi_lkcfbdc`]bir\]]adbccd_]^^[]cal`alTa\jokffeh[liۯbi_lkcf]\X[bhlmgddehjc]\cjhb^mhi_p_]bf]bffeh[liۯbi_lkcfљqbba^cdkjlrqpilnlihjmYjjgchcdiZffeh[liۯbi_lkcfclZ[`XZfddUYYT_ܳ}ilpn]l^ȍ_mbffeh[liۯbi_lkcfUY^^iڻ̣lig`Z]d`fed`xkffeh[liۯbi_lkcffc\jpddggdffnjgcrmioqmknoljb^`hSdfaim_effe^^cf_[\jeabfigdff`aa\f_cVUacXWbibaafedgbnmZ`ffmkgccdecefhihggf`fV_kW_fXhffehfdcfgdghgeddfiffiP¼¾ꎩffklnmlgffccdeffdcffgrgUYUSR\y{_]]dm]gObhXYffjefjifeijhghihfcffqkl‚]m[ecc[hhddlk\f\ja\cffgdcddaadfedcdehiffhmdqxkccdcfnk][[a^^d\ifffecdcb`ehjiecegffVdPŔl\`ddbadc`uhoqldgk_lrffbg`najfTt^njffhebekeag\lieffgcgbciWmwf]rffhebekedi\jf_ffhohbj\ui^}dp_ffhebekedi[id]ffkiglZ[_\[aigffhebekebg[jgaffen_]R\`r^`alffhebekeag\lidffi\f{`_jeea~^n_ffhebekedi]lhbffXphhdk]iqd]idffhebekedi\kf`ffd]aecfshm]^hbffhebekebg[jf`ffcekgpY[Yqbicfeffjbcjeffhebekeigag~mffedfnYha_ahghbgfjbcjeffhebekemhcerffp\jdp]kdagcgjbjfjbcjeffhebekeogddedffYq_acZijj`ekdhfjbcjeffhebekeoddcahffk`db{hdfbedehecfjbcjeffhebekepcdcalffd^^fUjbf_eiccggfjbcjeffhebekereddbkfficdt`llkfgidagjfjbcjeffhebekepgceegffdfrVbalfecgieccfjbcjeffhebekelfbfifi !jH cX gd q               )      eB<@F5                         0   ,=PK,    !MS4      ]>  KLL7 JU ZN SX    #KX $VC    UM 3`   ZL \/   `R FN    N[ (c    k o   j n e i   l" j   V/W  i 4N  l H"   X f   A0T   ] F |("$%%&#+{^#'"%%&#sm %&%%&#yy,* &0%%&#-2) %%&#+($'&%%&##&$+)#%%&#%")#+!*%%&# %&# %&# %&# %&# %&# %&# %&# %&#*)*!/(&&%)#%,*!'0$&&%)#4#.(-!)&&%)#<&$*.!&&%)#0"((#$&&%)#%&&#%%)#'&!%%)#y"*%%)#`Z]cR1!%%&#$"%)% (%%&##%&##%((%%&#!$&##$!%%&#'%$%&''(%%&#*&$&&""%%&#%$%&&#"$%%&#('%#$'(%%&# %&# %&# %&# %&# %&# %&# %&# %&#%#"%&! $&$&&"(+%%&#*(&%$$&)"'$!$&%&%%&##&'$&*&%))%$%&(%%&#M-&%,(#'#&%%%&#IZmhH0& #)*$!&)%%&#()'%>joP'+# '"%%&#&",#!/:{[:(##$"%%&#fgfQ, &%#2gr8(%%&#.#n['#+%"%%&#'$(#.+um3."$J}.-%1&%%&#%+%!)$ )&5yj"*%%vL"3(*%%&#!')!"%!-!;~p$'&&`k3&%%&#,%(($'* %*%7mz6 $B,%%&#!+*#$" %*#')!&'5%72(%%&#+&'&$*,!%$/!"+&%!0%%&#%'2&#(%,!!&!%&#%+=& 1,2*"'"%&#%(,&pI'6q$)$(.%&#%#/"%0'!Nk"&-%&#%$'!'+%&&e?)%,%&#%*)!)9v&%&%# %&#%+&* . $_K*$3q-(&%&#%&$ -'")x,*#c;'$%&#TpliffhdbDjmbffhdbМ`lg_ffhdbƦfpdfhffhdbɲOqYsfZffhdbQmbjaddffhdbXbpc_agjffhdbaillY__tffhdbfhdbfhdbfhdbfhdbfhdbfhdbfhdbfhdbs`fcZofugghgbkoj`f]pdgghgbi\`tnmZ^gghgbd^ku_jWgghgbX_rsjgghgbVdninffhgbMaiiffhgbKZkffhgbk[affhdb^\_ea]_gffhdbbdeddhkkffhdbafheghgcffhdbigfijmmnffhdbjfegieekffhdbbabffdceffhdbcb`dghffhdbfhdbfhdbfhdbfhdbfhdbfhdbfhdbfhdbecdgjedjlgigchkbffhdbjhfgfhjmejebefeffhdbadgdflh]fjjfdefhffhdbi]ef[`of]cgcfgZffhdboea\_ehdchkffhdb`aa_z_e]\he_jffhdb_S[g^^lwtdbfigffhdbg[abWhwameffhdb`navbRhtfh_Xffg_gjjgffhdbn_dh_viZ_bU{]fakec^ffhdbmahj\_kfgTibfjlc^qffhdbkqkekgajYhZYe``^qQejffhdbfejlefjdmaXtVW_aSod]ffhdblehiekndgkkcTknY]{fXaffhdb^hgcddbgmf]gg_bcm\Wplbffhdbb^acajlc_aobfqdpYk]^Yjffhdbfhji[[db\\mdcjghdbfl_gr]\oiqTkdkfhdbfnYk`Weq`hejarhdbfgqbaXkb\ag]o_hdbfehcgjW^_a{he^nhdbfj[lcchs_^Xeecbhdbfhgpfr`^c\mkhfhdbfcefucg\]eb]ygdhdb      {B  F   ˿    J       M  Ǯvk }L  !ňY   H    }C    }  E    `Ȇ    E   <ь   E    >Ԓ; E    *;  E      e E     d E     uƅ E 0cϟE .=ϴI  6̽@   )@9 !ۛS   ~˸_þ     % ,#(*&$"$($!$$Z$*)(&*$$%"*Ƶ*&#.1-0'&(([$%##$&((%"+!!*!#$!!$'!$$Z!"#'#$$%*$!-'%'#*$&&[$! &'%&&%-!$&%3+ӈ}4(,#6,)&&[(&"##$&&%,&&7֓p5( &"Y"&%"%$'!&'*.((W")($"#((%' ($*2˺$"*%)"%$''"$)[#%&(% %(#&!+&2tݙ3*$&#$$ %*"[#%&(% %(&&$/&+R.#&#*'"#)%[#%&(% %"$(("#+*$,SI!&%)'**&[#%&(% %(&#)(!$#9ϤK&.''%'![#%&(% %()"#(&&(#&/-v''*#"[#%&(% % #)&$&# "*+%3p3)(($[#%&(% %' (("(('''/( *|˖1%&"#[#%&(%0%sݪ#+,\"),/&%.%(P-+$Y&!%!%""%+F*!W#"&!&)%.%6"9EW!!,(%&&%$-!/e* %$ !"" %".%%/%2!"#|%!,("-%.!'&$#(""" %f\ah`Vne`__f]kjeecmg_cmeefh^pjgnfop^mrikkjnfcgokkfhkrgecicjeddg`dd`eba_`ddfdodM\oogqj\i^eefhbcgleefdQebfSam][F]g^kZS``be[X[b``fm_ir\j[rgiiakk‘biilnkkfqmwzXM_^t^eaffenh`bhffh`hdg[m]bp`adgdgfcfmekebehffidfahcRmeNsqjege`fmdekebehffigg_dlc[\db{khmjedjfekebehffeibchgp\afgmbkmjeekebehffkifji_adpoJtl^ZnkkhhaekebehffnlefigfhqjfboآXWgnafbekebehffiliegd`dtjkXidTkmjgekebehffmfnkeiihfTfhdS`iekfeekebehf.f޼YuoWbgmghaeef\xXfgmqndffhhfTkUpeji]cieefsfmj}dkoedjhhfbqja`їkdb[\e``fd^ndfafoT`ukgUfckc^kepd[]kh_aekee f   x  {H  E E8" B E  D    \    J E  D5/  |? E  D[ڵH  E E  &A     E F   M      E E S  E  D :   F}3  G    F9  N   HNrJ>G6a6  ?  "XDC 5^Y 5"  9G I8q G   E> Jz   H  8E  I     J  U  K}]K = b nCf    I  C  \J~ V  C 3 +NF} K ;IEN@=>yBB% VJ1/N`   C (E;F?>% W  3$   SM  :   E# [  > p F5  A $< T  A  ]T  A ^ ;: A  ); _  A H0 c  A  \b  A   g f A i  j     Asq    G  gZB  H v 0b     ? PG a$    3%^  RT,   %+P7 3BS   =  CZ! \?  C& WM  PKLD"   B& WO AQ?ON:N& Jc >QHB&   $6rfOLk|:'*(%%$"$$*`-#+GdZe^][b`]]^``[abR:(&+#(-+2n:)$ "*"B>%&+.(%%#$"+%IF#) K  7 \     PPh   R(=n}  ?V ~Z   !.T  =R@y       A O vAIQ>=@FA=?EFC>CCH?<=:L M N       K B     KB      MA  N P    O  V  L $>T^ Y J0  P5D *96 C   N  P  @#   X  S  @)   T  34 I G `  K+W f F%  )Y  Z  j     r   p  s   ,b EO    \3    ^  HH   MW   OW  "cJ  #TZ8  %'*+($$"%$K) _%24#,%(%%&'&$*&Z!,]!,Y(*&'(!&'"!!("%#'%]#%]' 5XbnZd[L:-%##*'%&)*(%"!'#'(,U$$\'#"l(* "4LZZY\d_[]cda\aaf]Z[Yk$#['(%g'**+$$+,&$')&#%()'$" (%%*(-$#Y)%&[#($%$#$')'%##$$#$*"&'%$"#$#Y%#+\#+$('(&""'(&#%'&#"$''!"&&$#%$#[&![$%"!%'%%'&$%%&&%%&#"!$&$#&$$\&)&j)))&&'&%$%'(&%&()'%$*&$(&$%#%]&%)t)'"'%%#'Y&*A\$ %$%%&!a/{%'&'%%&f&gL(,*$%%#+]Q`)$'!%%#DFR$,)$ &%%']-&0&+"%%(h!'#!!$*"&%%&j%&%'$,VF(%$))!#(n4$%$(!%&%$)i'"%("**%]>'%%(!+!&"+q *#%$&#(!PR$% %$)* -g/)#%&'$%%=e("*%$%&(!.0z#"%&#%$#*hE*%&#%$%%$#'!>t)'%&#%$%%$##*$'!.%&#%$!/cA$"$(%&#%$%&'$Cs"$*"%&#%&%$#$&)*7s++!(%&#%&%##$'*,$' $#')%&#%($$!'&)&$%%&" %%&#%$!&#%)#%%,(%!.%%&#%#"&! '$'!&";.&%%&#%$&$ #&%$+#J+$#%%&#%#(##,&#, bm * %%&#%"'!$( *&vM+*$)%%&#%#!&!%;?w3)$* *%%&#%$ $*#'xca-RELEASE.2.9.0/xcf/icons.xcf000066400000000000000000000404111477156507700157740ustar00rootroot00000000000000gimp xcf file@@BBrK gimp-commentCreated with The GIMPgimp-image-grid(style solid) (fgcolor (color-rgba 0.000000 0.000000 0.000000 1.000000)) (bgcolor (color-rgba 1.000000 1.000000 1.000000 1.000000)) (xspacing 10.000000) (yspacing 10.000000) (spacing-unit inches) (xoffset 0.000000) (yoffset 0.000000) (offset-unit inches)  z@S+K2@@ Pasted Layer     n{@@@@;BZ35NlqvvpskD1 G/r .,:s T *8e~ )@qx?({n%p[^90##>hxtxG<,^WKk@Q~y5UA( g|oU{Ꮛjjk^nrlonl]`iko8p*lUfC6QF 9o7MZFnTbt 8 po;zPag >oyNJlcceccf >(mq^#qm9 >K[wy23aM @e,+4Nl yk:vxuoNNMNNB9BNNIMNN4 pwz0H_kho3#1{{$couT).mt3*-t+1 o-SP0GF6(1GGF$*~wSRRSF=FRRMRRS7 x3Nfsqx8#5 $jw~Z)1u}7*0} +5 x-!ZU0MK6+6MML(*_] E4Դ0)H.++ K) F)(JR& aȣ`Y}4DD9BH T9;5.   /0&ef)#'' + $!') , #0 ^N !)-% ( &% `& (L  & r! %   " #e 50 'Z   d.71?      +$E&F O  E  68'      .$      %m1>%( >#)5$8#8k SE9B4 ! 0*#B2/#lm.' )*&&&"./+-)*'! !5*-7  ^V 3"71+ .) F+R"#* 0  ) #  # 'n&! B 3 6\   $U7M#$<Y  * $   ,%I' $/)J U    N"7@2#      7'))'      & !.#4Y-0A#/L#3>%8!v  <];K !3KI5KA[#em%o>Xt>LxK:`C%xexy?Ck\2cټQT,OōjOFwJy7ż$WVEΔhr@Gj W҇{/Vs“EaߎS~U Y>UC,ތaa7' [AуMЖqT /r w6+<ܹ\q0C6hp)^ /IYOG0<*,"ڏ@}_jsSK%34 _ : @@E#rev     Y@@0@@@A:4Nqd >7! *=,LJ'Zou5cljg,_)c?]ؙwW3k<-2 cte-Ke0 3J6F,$=d&o\8-s\A,/P)86:~v7,M54 4t&.`pj Sj;ko{B @@ E#sealsign     @@@@"$%38gDpF1U;6]aWh#:'5I8rg] 5ck%j_KU5a*|?7Z7 8GUW5 8 @@E#seal     @@@@9o=*2tzmV3gjf35›ƚ3yɢh0g}91}ťn2ZIӬ91aĽ[_ . H@K&&+_'>,z}P{'2;<f_;QD@:NE .&:/ǫRH@4 G3<2E2A1>2o0"3-Tq GNo} /4(0$<?R:\;9( T@@E#text     Fd@@x@@V8N -4^$/ZI/  IL-NFM^jRbrz`gt +6#'Q' ;BYZCUQ+,)DWC4{  J:-`MgYG%aU:--Wg\rw~iQ1  87 ";H& @@ New Layer     o@@@@%Mxµ}~vnӾ}zwu{ȵ}zxuqnki_Ĭzw¾xµ}~vnӾ}zwu{ȵ}zxuqnki_Ĭzw¾Txtµ}~vnӾ}zwu{ȵ}zxuqnki_Ĭzw¾{Mį}zuqlgbWK7ǹ{wrmjea]WTaKFBb]YTOIC5+!¿{wsnie`\XSOKFB>95TNHB;9.)/ÿ{wrnjea\XSOKFB=941,'$>820{wr|uplgT>9YTOJD?80{w~}zupfc^[SKį}zuqlgbWK7ǹ{wrmjea]WTaKFBb]YTOIC5+!¿{wsnie`\XSOKFB>95TNHB;9.)/ÿ{wrnjea\XSOKFB=941,'$>820{wr|uplgT>9YTOJD?80{w~}zupfc^[SKTį}zuqlgbWK71ǹ{wrmjea]WTaKFBb]YTOIC5+!¿{wsnie`\XSOKFB>95TNHB;9.)/ÿ{wrnjea\XSOKFB=941,'$>820{wr|uplgT>9YTOJD?80{w~}zupfc^[SK8M¿}zvspmhda\WOD1zwtomiea^[WTQMJFU?<8YUQNJC?2(!տ~zwsolheb^ZWTPMJFB?<951.LHD?68.)/ɴzwsplieb^[XTQMIGC?<851.+'$ ;620źolifb^}zvsogd`\K52QNIE@<50¾fbl{zwspmid[XURKE¿}zvspmhda\WOD1zwtomiea^[WTQMJFU?<8YUQNJC?2(!տ~zwsolheb^ZWTPMJFB?<951.LHD?68.)/ɴzwsplieb^[XTQMIGC?<851.+'$ ;620źolifb^}zvsogd`\K52QNIE@<50¾fbl{zwspmid[XURKETտ¿}zvspmhda\WOD1,zwtomiea^[WTQMJFU?<8YUQNJC?2(!տ~zwsolheb^ZWTPMJFB?<951.LHD?68.)/ɴzwsplieb^[XTQMIGC?<851.+'$ ;620źolifb^}zvsogd`\K52QNIE@<50չ¾fbl{zwspmid[XURKE4M.?QdwȺwdQ?.4d(՛d4N2NN2N4d(՛d4.?QdwȺwdQ?..?QdwȺwdQ?.4d(՛d4N2NN2N4d(՛d4.?QdwȺwdQ?.T '@WlǻlW@' >s(Ǡs>22>s(Ǡs> '@WlǻlW@' @@E#band     +@@,@@,-D8&1*%JI@*29 BkZK 3>BYc^A21SQ#"/lcT1?T;ReY;1DN: 9hX;1GI2+*fW61IJ+_V70PCMV=0Q?2GYE/BA6>_R.;=%2`U,.@;_ZE*AR8'M`U6+"@ZT<#2^_U<8 $!E=DNb`TE!MY[ZP?6($T]}td_J7*HUXY[RE8 )Uexr^Z?%%AS\XVYTB';]cfZI+;V[WUVYG-"*@_#" +<  ;3+ 3, 2.# 3"%3)3&32 11=/1 - +  =2 $?4   ! ##((! '-)  5  ;3+ 3, 2.# 3"%3)3&32 11=/1 - +  =2 $?4   ! ##((! '-)  5  'EA;#8bm3I*2| 61Y_g1 80R0#<0".l0"#>0"ũ0+щ />| Z/sy}-Kw.)MxE!$*Nwo;ĀD!NM9!J" BQ!Q 8= )] 6G\-^ ]"%.X/ˀ< @@E#Paper     3y@@3@@345:v 'gM`k!Vg>N}6o%ໟ{$b~ nռN I^ *sûmƺbjý񝠬OȵnȷtP .fIJ󯴹 Lħ򭳾M +}h׻䢣 佮kջ ir𬭭l ߯¿S 8ޒ ;.PK4argjtԦ"@YدTq&Lm|ŵǶC' 43:p 'dK\f!RVg=Jx-}o$ճt"`~ i̶N D^ (nžûmǻbf¼񝠬Kȴn Ƶ栟tN -b󯴹 H򭳾M (wcзغ䢣 ٴgտҹ 融dmʿ𬭭k ߧ¿K 6ସݑ 8(Gz}C.[lbhrԦ"@YٮRq&JhyǶC& 4&:Rm'L8o EL!;ANˬ-8jjaY!\hVpžqqdW E^Ŀ³`N}tzhE 2fitqƩG R|œR`JK됏ɻq8ˣRm햜ɌW: "J{i 6~; Y|J񡠤ȉc a|fM򡢣Ȏi euiJRĂP }c8 (nĿm *5[]f1"BOIMVi{}" -Ag=V&4KXlsvswuy3 p 7$r=Wd7 <6NnC* %7XpN0#  +HReu~b"H3%r  %N3 i ! 32 _0 \ +   E C IkUhyd;';fz _%):ZotK- Mxca-RELEASE.2.9.0/xcf/key.xcf000066400000000000000000001725141477156507700154630ustar00rootroot00000000000000gimp xcf fileBBS gimp-commentCreated with The GIMPgimp-image-grid(style intersections) (fgcolor (color-rgba 0.000000 0.000000 0.000000 1.000000)) (bgcolor (color-rgba 1.000000 1.000000 1.000000 1.000000)) (xspacing 32.000000) (yspacing 32.000000) (spacing-unit inches) (xoffset 0.000000) (yoffset 0.000000) (offset-unit inches) ³$ Schatten      s4aqX 7Xcccf]#3CScs===  *#m}gys@CWz[!# oƙl: Aݼ:zl<  vٵ]/",-RݲTQ:PĿлU31;ȪpL pasяv4 CLzЩ7$^{¹ƚr8eƺuF6_¿qiD\]Z "ǻ{B 'vϼq(bûqPlnlX@ b軄n:  *#m}gys@CWz[!# oƙl: Aݼ:zl<  vٵ]/",-RݲTQ:PĿлU31;ȪpL pasяv4 CLzЩ7$^{¹ƚr8eƺuF6_¿qiD\]Z "ǻ{B 'vϼq(bûqPlnlX@ b軄n:  *#m}gys@CWz[!# oƙl: Aݼ:zl<  vٵ]/",-RݲTQ:PĿлU31;ȪpL pasяv4 CLzЩ7$^{¹ƚr8eƺuF6_¿qiD\]Z "ǻ{B 'vϼq(bûqPlnlX@ b軄n: Z(!& #$$)(+9IKA<9:;4&!95! %,7?8EVfgaUNIJKH=17LK$  %5DFO_mwxulaZY]^bd`d]; "!#.:IR`o|upkdd`[\ipdG-#! %,,5HT[iw~{tnpxxfP?+ '14?M[epy~obK>, +:IWemwhJ=?4" %8Ocqw}jF/# $9Qhw}xvt}znZE2  &;Uky}tsnjq|p`K<.  *=Vjuyywqqkfwmj`V@2)% ,AVcotw~{xzul`f|f\LI8/#  -CS`ls{~riqusddpvqbNC>0+&"  .@N\ht}n_[egkwplhXF;4,'&$#  -8407:<65/6*+><;;: Q: : w9*|p9 28lp8 "-78'$8<9 ;<= ><;;: Q: : w9*|p9 28lp8 "-78'$8<9 ;<= ><;;: Q: : w9*|p9 28lp8 "-78'$8<9 ;<= ?<<<== *ߡdF%bثkN6ⰁY;ֺn;,vItC㘷κd$𚣾ԻǦ Л̲Ƨxҙ厉k\pļ[jFQ ?ˏ^G+$ fzuvqz z"PXs2'\WRFMJi\W5E_;; 9hiZ+f! @JMt9靈ଜ)$Qy+ F!vob,g[icGM]~-0>E> $=N??2 *ߡdF%bثkN6ⰁY;ֺn;,vItC㘷κd$𚣾ԻǦ Л̲Ƨxҙ厉k\pļ[jFQ ?ˏ^G+$ fzuvqz z"PXs2'\WRFMJi\W5E_;; 9hiZ+f! @JMt9靈ଜ)$Qy+ F!vob,g[icGM]~-0>E> $=N??2 *ߡdF%bثkN6ⰁY;ֺn;,vItC㘷κd$𚣾ԻǦ Л̲Ƨxҙ厉k\pļ[jFQ ?ˏ^G+$ fzuvqz z"PXs2'\WRFMJi\W5E_;; 9hiZ+f! @JMt9靈ଜ)$Qy+ F!vob,g[icGM]~-0>E> $=N??2 #-E]xumi^cgf`WLE?;6<@DB@7&1I4%%:Ros^jk`_\WLKID9=@88+" 4J\oxynXcneWVSNJF@96EQRJGDLRK:13*  ->P_bcuaJJMPIE;315,1AIBFFMQUOD=3+  (6GI|v\q_\gnD?EDC2%- &.3748DHPKHE>5%!  ,9Je|RA0%+/56799?D7,   ;KO3  ,=44564=ELPZ<%2A53/2>KSXKO#, &-:50-/?MTQ50A+ -7*+7.3@P=8N,!1*#A4)4;J5 .G!+2*0K8  &2--.  , 1 3$&/($##/BL`>jf]QWk\P'Y"9KT_js|~q [ B>i`x& fntrvûN%O̳ƻԕd% )Ľ5&sƿC>rͿ[>uŮ`^Ҿ0%,f{ϻmF-/2 IZyͫ}fp^  )Yk~۾TC(RhؽR +Mvص\.^۵BF@t̡a#H 2Xg˷Q&7$?`_r¥V#$67d{ͼoX0  Vwy͓K))IbuݸK&)DDjضoC)Upץv3$(AuЌbE($|ܻ\W*Nڼ}(+%zŨ *F޸>*xjf* A}skr̿L)dtaXiŮ)0SG6E`ϻ) &"@{{) *_yrvhrt~{M(ATi`eMOeX`]Zij9(*DLJF(cSDH;7I]L,!4!3(OTJ.5408B?," 5E93,B:<3$&/($##/BL`>jf]QWk\P'Y"9KT_js|~q [ B>i`x& fntrvûN%O̳ƻԕd% )Ľ5&sƿC>rͿ[>uŮ`^Ҿ0%,f{ϻmF-/2 IZyͫ}fp^  )Yk~۾TC(RhؽR +Mvص\.^۵BF@t̡a#H 2Xg˷Q&7$?`_r¥V#$67d{ͼoX0  Vwy͓K))IbuݸK&)DDjضoC)Upץv3$(AuЌbE($|ܻ\W*Nڼ}(+%zŨ *F޸>*xjf* A}skr̿L)dtaXiŮ)0SG6E`ϻ) &"@{{) *_yrvhrt~{M(ATi`eMOeX`]Zij9(*DLJF(cSDH;7I]L,!4!3(OTJ.5408B?," 5E93,B:<3$&/($##/BL`>jf]QWk\P'Y"9KT_js|~q [ B>i`x& fntrvûN%O̳ƻԕd% )Ľ5&sƿC>rͿ[>uŮ`^Ҿ0%,f{ϻmF-/2 IZyͫ}fp^  )Yk~۾TC(RhؽR +Mvص\.^۵BF@t̡a#H 2Xg˷Q&7$?`_r¥V#$67d{ͼoX0  Vwy͓K))IbuݸK&)DDjضoC)Upץv3$(AuЌbE($|ܻ\W*Nڼ}(+%zŨ *F޸>*xjf* A}skr̿L)dtaXiŮ)0SG6E`ϻ) &"@{{) *_yrvhrt~{M(ATi`eMOeX`]Zij9(*DLJF(cSDH;7I]L,!4!3(OTJ.5408B?," 5E93,B:<*)$   -  )  "$$!!!)  &%'(%!!( #+*+--*#(  !%..01231-   %*12258641.'  #*45779:9620,  $ !*3887;<<;970)&  " #-587:<>><;74.+-  &-359;660)  &-36:@BAA>97996&  #)28>ACECA>99:<3." ".5=@DHEC?=;9=:50.%"(.+ %/8753/(  '26:MTKCA==:;::>@>=6." &'T_WIB=;:78:;:BE>3+   AcdOG?:8678<;>ED<2( !  'Mn^OC><96779/& (1853:CB+. "4458BJC- $'+58@JM:.-*-3# / !%)~">r"t"!z髩Io",T?a_mOdH`/ZBR",l$DG*fgzfcC(&dɹ}jA. !K~ľl^[G! >jǹj?.)'iľ~kD0G`(8BD!][sWRRZ^]PH( (tпǽP|Sw Zu QN:Νz\H) 1Vh+-+>YO?"RbCku~S_*)& `rX-"$C0 M<ĄlnlhT,&*[Jly}y~s#X׿yZR ld9F55XL Q}α̻ƻ½-h%`(hý<ɻP 1ʬǥ棛 (_|>W?p{ - 54&m8 )\;3}r+0~2LZ~/ s滺. ,s("XhKu"s}pSI9gw!䭚!{#|#">~">r"t"!z髩Io",T?a_mOdH`/ZBR",l$DG*fgzfcC(&dɹ}jA. !K~ľl^[G! >jǹj?.)'iľ~kD0G`(8BD!][sWRRZ^]PH( (tпǽP|Sw Zu QN:Νz\H) 1Vh+-+>YO?"RbCku~S_*)& `rX-"$C0 M<ĄlnlhT,&*[Jly}y~s#X׿yZR ld9F55XL Q}α̻ƻ½-h%`(hý<ɻP 1ʬǥ棛 (_|>W?p{ - 54&m8 )\;3}r+0~2LZ~/ s滺. ,s("XhKu"s}pSI9gw!䭚!{#|#">~">r"t"!z髩Io",T?a_mOdH`/ZBR",l$DG*fgzfcC(&dɹ}jA. !K~ľl^[G! >jǹj?.)'iľ~kD0G`(8BD!][sWRRZ^]PH( (tпǽP|Sw Zu QN:Νz\H) 1Vh+-+>YO?"RbCku~S_*)& `rX-"$C0 M<ĄlnlhT,&*[Jly}y~s#X׿yZR ld9F55XL Q}α̻ƻ½-h%`(hý<ɻP 1ʬǥ棛 (_|>W?p{ - 555  4"!  0 0=A4""*>@//0O__XMU\MI5- ,%&Gdet||wphu&),#6RQfvL"  /GL_s| !12%(;GRZirG%2!;c^J=48EMZgmpzbV #ZtlmqqrxY #j}tnlsȳh#,h|zqe]am}Żj5"-c{sjdkvla("  Y|umpwjJ[%"GrxcI[ki`_YLUTYldNL11DX8%3!)\_A! B[`U+ 5=3"$4#%A1o1+%1!18,*1! ,!(=@9@@:79;%)?PZKw~Wyw|]]XnjSRHM[X>(%%BM1BM1@f]@Z]5 04  %%%%6    -#  !']J533/68*"     BofRHKKDC=6-"  !!"" "K{kaWYWSTNF?AFED>2,-7<72)',(&$$" "$" !%,.-)')+*)(&&('' Huxsicedge`^dlib\YYZRRQK>5:DDA;940*'%(--/533650.++-/.-.,. 'Gsyqrvwz|zy|{zyzwpkmnga_XQIED=6-'" ")372+)-540))+,./++-)e|xuuxyyvtvzwtsocTIMNI9!B# .~}zv3   < ʷ£}qY)0Ȣm /ӶR/țmO:.ɞTK@0.Α//|4縄oliZJ'*˪fzhV (ɮY]`K'ܳڹ( 411KA FC>9!B# .~}zv3   < ʷ£}qY)0Ȣm /ӶR/țmO:.ɞTK@0.Α//|4縄oliZJ'*˪fzhV (ɮY]`K'ܳڹ( 411KA FC>9!B# .~}zv3   < 3#!  1:960-($ /KHGEB<2*(/SRROH>8*0VUUWWN=% 3WUSY^V?$4MKQRNI0 1:9?@;899<&/&$#.  4     )**,-,,*'$! "$#"02469::840-*'$#"##"##&,/1010--*# /136677530-)&&$$#"##'*.//-143* 24699761.*'%$$%$##&',.0029:% 8:<>ACDC@=94/++**()*-/257:<3/;/,*-7<930473.+,& $*'&,'1F3 $<%$7@1(9:1  21 /7/3"1 %$9 29 -W9 6Kx9U9wy9#mr9h9"w: c9 G9N:]:U:V: 0r::j:#G=<<-<9 9 29 -W9 6Kx9U9wy9#mr9h9"w: c9 G9N:]:U:V: 0r::j:#G=<<-<9 9 29 -W9 6Kx9U9wy9#mr9h9"w: c9 G9N:]:U:V: 0r::j:#G=<<-<9 <;;=;;; << < ; ; <<= :%:8>6:bG:.|TGJ(慎vpn& ݨ^Z3IF  /RN;9  "*7<Ϯǔq]R8lwvDEb=9j\bpn ׹ø<$()֙ƿĹxuF/,2 ӾҼo_n]*ѿy{i@" տtS,x~_îɷq ıqч:e::^:IR&vq}+Ta@IcoGK^4  LjLL0 M~dbwKSwa7 B]tʾq]= =uʷM! Ryλt  (@kԹqbJ =`ִ) ?hĤS& ,HuϹ{>^ǿftA[I"CJmù#/]l+3qzY+99S|%]l Db ;^a5pZ^5>p/i_*Hr𭻨ɾ$ehWtMmyxtaP+4"T>>,)Yrdcq`+-7# 6:%:8>6:bG:.|TGJ(慎vpn& ݨ^Z3IF  /RN;9  "*7<Ϯǔq]R8lwvDEb=9j\bpn ׹ø<$()֙ƿĹxuF/,2 ӾҼo_n]*ѿy{i@" տtS,x~_îɷq ıqч:e::^:IR&vq}+Ta@IcoGK^4  LjLL0 M~dbwKSwa7 B]tʾq]= =uʷM! Ryλt  (@kԹqbJ =`ִ) ?hĤS& ,HuϹ{>^ǿftA[I"CJmù#/]l+3qzY+99S|%]l Db ;^a5pZ^5>p/i_*Hr𭻨ɾ$ehWtMmyxtaP+4"T>>,)Yrdcq`+-7# 6:%:8>6:bG:.|TGJ(慎vpn& ݨ^Z3IF  /RN;9  "*7<Ϯǔq]R8lwvDEb=9j\bpn ׹ø<$()֙ƿĹxuF/,2 ӾҼo_n]*ѿy{i@" տtS,x~_îɷq ıqч:e::^:IR&vq}+Ta@IcoGK^4  LjLL0 M~dbwKSwa7 B]tʾq]= =uʷM! Ryλt  (@kԹqbJ =`ִ) ?hĤS& ,HuϹ{>^ǿftA[I"CJmù#/]l+3qzY+99S|%]l Db ;^a5pZ^5>p/i_*Hr𭻨ɾ$ehWtMmyxtaP+4"T>>,)Yrdcq`+-7# 6=<; :  # 0&&   (7.-0'     -6?<6/+*( (..'&$&&(" "# ;HHA?=60*%""/8>DBACBBAE@:1*! &$+IMLKDA7/,-/6=HOUY[Z_^ZUI<4/(" .8,7MPKG@;5//13>GV`chpqmh`VNF==4&.6:3BMHC=84059=ASZcjtwutolgb^VK>1+  &0EHPZ`ekrvxvutqojcQ@4)& ,:>C;HLKHKHNNZbfiorvxwwtsoh]N=/#!!' //6@G@OY]V[Xakpqtrrqmmoqplg^VG8((.0""/,5@P_ed`ovomhd``^]\\`gjhec_[`fa]]bbW, 2>GNRZcgonlhgffdcafjnpmkgbdhgcaa^\C0  %+09>EP]djkmnnjiimqssplkbY\b\YWVJ@/  &.5?LZcjptsrstwxutrmge^UPQPNKHA4'"  "/:@KYcovz~{xrkif\]TMCGDC=5.+&! !+6=CO\ju}yrh_ZVTTKE>>:43.,( %0=MV_gq{zqe[UTPKIC@<83.-(#  #-7DOU[jwpf[SQMHDA>><5/)&$!  ",7@FO^kzsg^UNMJE@<:@<0-(%    '4FN\kx{uj`UOONIE=;BSH@5-%    (:2jlnhc^g`VUSY`eZVPFQfXM@31,"!LJR8:MTV^\WZ]clpedkspi[[REA620-+& ##"'*3 1(BHNY[^_`gnzx}wlcTJJGA:635:::;<<;<;<<:=:::<:::<::::;:::99::<;::::::=:::9:::<<:<<<<: !.-----,555"!!!#- -:%$!! # ""!       !!$" # $ %  ! ! ##! ! ! $ & ===============================================================1 ===============================================================1 ===============================================================1:::<;::<<<;<;:::99::=:::99::= ') % !" # " ! <;::<:::<:===:::<< =======1 =======1 =======1dd22Text 1     ^tawM *:Jz6FVfv?????? 5<977779996 5 4444??? (&%% ' ) +  5 ,?????????====================================================================================================================================================================================4:::;<=>>>>>>6976 5 43::::::;<=<:;=?<54=<;;<=> 8:<<<==<;99 !#%&*,)>>>>>=<;. // + ) ('&%$$$"" "  " %%% &)(''%$#$ % 3 * ) ) ( ================================================================================================================================================================================================:>==97555569;;;<==>>>> (     !#'+ .:::::2 2 2 1.- 210/ . . . . . <;;::;<=>a========================dd22Rand     [{›§#+AWmq+E%j/?O_o???<<<=??? % !478989999:;;;;;;;;;;<>??? >>>:><>?=>?>?=?=>>>>>=>>>>> ?????????====================================================================================================================================================================================;=<<<=<<=<<=<<<<=<====<====2333233445445555555555544332211 1 0==== )% $" ====>================<<;<;!#& )%4>=>=>=>=>==>===<>  21 0 "       ( ) <.9<<======>>>9+9=<=====?=?8        -?@??@???;!%$,"33232 1>=>=>>>>>>=;><<<<7<<<<<<<<<<,<<================================================================================================================================================================================================1====>>==>===>=>>===>=>=>=>?>=>>>>>>>>>>>====<<;;<>==><:<; ><<<====<==<==<=<<<=<=<=<=<<<<;;::9:9:::;::9778:71 $<;<& 069 * 3&'<<&========================dd22 Schlüssel     Zz s yԹ֮ہ})6<;;:<;;:<;;:<<<; e #&)+- / 0 2 3456789:;<~ e #&)+- / 0 2 3456789:;<~ e #&)+- / 0 2 3456789:;<~ e #&),-0 1 2 4 56789:;<= @=95 2 -*(&$#!  "#%'(*+,-/ 0 1  @=95 2 -*(&$#!  "#%'(*+,-/ 0 1  @=95 2 -*(&$#!  "#%'(*+,-/ 0 1  @=9 5 2-*(&$#! !#$&')*,-./1 2 3 ;::99888776665544443 3 3 3 2 2 2 2 223334566766666666445666666533210 0 / 0 0 ;::99888776665544443 3 3 3 2 2 2 2 223334566766666666445666666533210 0 / 0 0 ;::99888776665544443 3 3 3 2 2 2 2 223334566766666666445666666533210 0 / 0 0 ;::99888776665 5 4 4 4 4 3 3 3 3 2 2 2 2 2 2 4 4 4 566687777777744 566666663 3 2 100000Ð-($#!                   !#&)'Ò-($#!                   !#&)'Û-($#!                   !#&)'.*%#"!!                     !""$(*-)2 3 455667788889999;>=== 2 3 455667788889999;>=== 2 3 455667788889999;>=== 4 5 5 667788999::::< Q52 0 .         <;;=Ɛ989:;;;;;;;:989Ő:9:;;;;;;;:989?Q52 0 .         <;;=ƒ989:;;;;;;;:989Œ:9:;;;;;;;:989?Q52 0 .         <;;=ƛ989:;;;;;;;:989ś:9:;;;;;;;:989?Q5 2 1/     % ' *  K     ,??@????     ,??@????     ,??@????        !- <! ! !!##/ / 0 0 1 2 3 45678:876643 2 1 0 / .-,+*))'<! ! !!##/ / 0 0 1 2 3 45678:876643 2 1 0 / .-,+*))'<! ! !!##/ / 0 0 1 2 3 45678:876643 2 1 0 / .-,+*))'<!  !""##/001 1 2 3 4 5 6789:98765 4 3 2 1 0/.-,+*)(0 0 0 0 1 1 1 2 2 2 3 3 4455556677899:;<<>0 0 0 0 1 1 1 2 2 2 3 3 4455556677899:;<<>0 0 0 0 1 1 1 2 2 2 3 3 4455556677899:;<<>00001 1 1 2 2 2 3 3 4 4 5 5 5 5 6677899:;<=>2 =<;;:98755 3 2 1 0 /-,*(%#$'*/ 3 2 =<;;:98755 3 2 1 0 /-,*(%#$'*/ 3 2 =<;;:98755 3 2 1 0 /-,*(%#$'*/ 3  m===<;:977 5 4 3 2 1/.,+(&#$'*/3 <:;;:::::998887766555443 3 2 1 0 0 .-,+)(&%"  "$&* / 13<:;;:::::998887766555443 3 2 1 0 0 .-,+)(&%"  "$&* / 13<:;;:::::998887766555443 3 2 1 0 0 .-,+)(&%"  "$&* / 13>=<<<;;;;::99988776665 5 4 4 3 2 1 1 0.-,+)(&%"  "$&*/ 1 3%$%&' 27: k%$%&' 27: k%$%&' 27: k$&&(3 8; k?@?@?@@&%%Z&%%Z&%%Z'&%Zdd22 Hintergrund     (4@hx(8HXhxdd22xca-RELEASE.2.9.0/xcf/smartcard.xcf000066400000000000000000000622411477156507700166460ustar00rootroot00000000000000gimp xcf file^BBEHjpeg-settings Ugimp-image-grid(style intersections) (fgcolor (color-rgba 0.000000 0.000000 0.000000 1.000000)) (bgcolor (color-rgba 1.000000 1.000000 1.000000 1.000000)) (xspacing 32.000000) (yspacing 32.000000) (spacing-unit inches) (xoffset 0.000000) (yoffset 0.000000) (offset-unit inches) 'l+Xy Serial     N #gimp-text-layer(text "982845235693219567941432") (font "Sans") (font-size 8.000000) (font-size-unit pixels) (hinting yes) (antialias yes) (language "en-us") (base-direction ltr) (color (color-rgb 0.000000 0.000000 0.000000)) (justify left) (box-mode dynamic) (box-unit pixels) y y dy=iikii%kZy=Z4444?44?@㰲 44@?44A44+QA<Q6<A8TRJ+TRuPJ+UP8UJ 44m-44Km-EK44 Em-T}T>|}:::qky=y=%%Zk44 t44@?Q6C++<A+8P$8uuUJ+ K44| Em-T>|?}p<@@ Pasted Layer     Q@@@@1~yX1-+p)`ؾd(v'lq'm&n&p&p&p"e  {͈͊߼͈v͆W޳˅?ܲ˄ڰ̃ ˨ٯ̃Ԁح˂ ۇj֮Ƀ @؏ǾԬȂ ٫Ɂ ڒȀ ʲ~ ٘ «| { yxְv݂`bestϕiiYANmtte/׷r˯w>pM CѸZflQk\Fܨ_mMކ}ǐIuܕwܙ#ȝ7ﶡEĦ+dضq  p¾z("PZ$ $?F, (*/ $1~yX1-+p)`ؾd(v'lq'm&n&p&p&p"e  {͈͈͊v͆W߳˅?ݳ˄۱̃ ˨ٰ̃Ԁخ˂ ۈk׮Ƀ @ؐȿլȂ ٫Ɂ ړȀ ʳ~ ٘ «| { yxְv݂`bestϕiiYANmtte/׷r˯w>pM CѸZflQk\Fܨ_mMކ}ǐIuܕwܙ#ȝ7ﶡEĦ+dضq  p¾z("PZ$ $?F, (*/ $1~yX1-+p)`ؾd(v'lq'm&n&p&p&p"e  {͈͊߼͈v͆W޳˅?ܲ˄ڰ̃ ˨ٯ̃Ԁح˂ ۆi֮Ƀ @؏ǾԬȂ ٪Ɂ ڑȀ ɱ~ ٗ | { yxְv݂`bestϕiiYANmtte/׷r˯w>pM CѸZflQk\Fܨ_mMކ}ǐIuܕwܙ#ȝ7ﶡEĦ+dضq  p¾z("PZ$ $?F, (*/ $2 0\a.Z, ) *M`{ B )e(l' p'q& r& 't&wt$hj!dy}= 5O)wb; fD%<fF)MiF*VkF** #lF*-L|nF*Syrkd> 2pF* UޤsF) w#vF) -$xF) e${F) $F)  y$E) N$E) $E) $E)  !#E)#E) "E).ةE)rWGDJYE) !H0"&8RE( *. :[F)1G )P|.6 #! 9j :|F 8 ! 5\ /W (OCD.7_# )N;\txyxutvw _WYBex}|zyy{ bjYT dl\W fndW eniU cmiT cljS ajkS _fiQ ]8|􋌋rgA ^9qrkjjkijibUCg1ESSVTQMKJ bhiJ ckhL eohO docN di a/9 aMBCCBBFHGJMLMMk _`0 bfJ _fM agH `CsIϻ _&QOOPPOOLJGGHD3Gf443.24224 ae٢NM bhPM ahQN _eNG _eOI _fMJ `fMJ ahNJ _^ԠLJ a97557;BEGJ6F;]rpoqpqrq _U깳K9_nolnnoo `gKJ ahOJ agVI `fZH `fYH afYH bhXG ceZG a8w}e\< `8ke_^^_]]VK3X)AKDFHGEB? beٙXC bfWH ahWI _gUI `a/HONKHIHIKKIW\ZZP5 aU틌}~}}h7 * * * * * * * * * * 4 4 4 4 4 4 4 4   : ) ; )FNPMIEHHJYP=JFHIIJ= ' ;w||~}y{z~(,q|}zyyz|wwt ) U{pfbeiihgkns!x{noigffgffdbfgghfiji ] FogfddejyOcmeiodeffeffdcefiijihf ,nffiUxh_beZaggfggfegifghh ~a~khhfbi v|mefi^gllklkklnmlghfefhi ]{lfggfkk|ywy||}}zwljfccehk ]*}cbeddedfow  crjdbbehl ]1|`_baadcbcluOUUVYYU[_\XXYXXVMnlkdcbehk _5}`cffefdjqptomnmhpssrsstrpmgeefhj _8iillkjjkls}!mhdbcb^dffeffgjihihgghh `>rpqqrqwzggdcgheeffecadejiihgf e*PDEFFGJSSOON mddfklhghhghffhjqp\Xcfefddi i%#""#! #pecfjhaceghedchmy8 `>ysttwutv~hcbgkibceghedbioqYt{~vuvql Z.spgcdegghhilxr`]aglicdegheddhoq\pztihgfi Z*nhfeffhgikjjmc_cdhkicdegheddgoohtpj`cb]b ].qiighiijldbgghigabeghedchqikunh^adch ^2ulgeffghnikmihhf`beghedchojilgb\bgfh ^/rjgghiol!qqiffaceghedchojhiebahmii ]-qhdbbcdnm"qogdegedeghedchokkmhghoqjg ]1xqjggfggmiljcafjjfeghedchojjkfflja^ `9zywvvtwz{wofjf__ekkfeghfddholqwtutywnm j"'(%#ke\^dhgeeghfeejpp.22324301 b6nkb__^XPNPTY!nf__ehedeghfeejqr:47757765 ]7|soonopr|nfbcghddeghfeejpnr~ywuz|yz [-skiggihgfhsi!mhggiicdeghfeejql`ijc]bhfh \,mefgghgflY$kijijhcdeghfeejpnjoib]chhj ^/qidcciS$kjkkhcdeghfdejoolnhb\agej _3umgeejT$jiijkhcdeghfdekqmopke_cgfj ^1unjhhnW$khghjicdeghfdfjpgklie^bebe \,qlgffgr\%kgefhhcdeghfdfiqckkhbeeac [1}ytrrsrrvh$ghgdfieedcefedhre!uvxwruvqr ]==@@?AJ^D"bolccjihc^aghcdokSOSRNS^ae \.(()&(&nsnfejkic`bhhcdom#"$%"#! ];{yyz|{vu^%kjjeeinmgbejicdol#wwyutywop [3sfdccdcedcdgP&ohca__fnkfhmlefpjkjpminnhi \0yfbbcdgY.ujib]enkfhmlefpiiikhcggcf ]/uafhhiijkkjlW.~}uorxvns|shife`cdad ^/ydabbdepe "(%'$!/..79qmliejkhh `-{idccdeeiyMGG@GLHGHFCFK?: 7ɽ 7&7%7&7%7 7[< n:d#S9z: j8eos+8hypT8kfm97kdfrX 7qfXfj 7ofZak7lf_fl7igell7ghkrp7jlnqn7 7ihnrr7ignww7cbgqt7lsu7mnlrv7da]fn 7a\X`j 7fe_en7~|7656:A 71010,7yuz{7filtx7fbcnr7gfdkq7lkflr7lkeip7hg_fo7tpkpu7f`a`_ 7 7popp7a`fpo 7dglvv7los|7[Ybov7[\dpn 7=:9998888888888888888888888888888888888888 ( ( ( ( ( ( ( ( ( (((((((((((((((((((((((((((((((((((((((((((((((((((( ( ( ( ( ( ( ( ( ( (((((((((((((((((((((((((((((((((((((((((((((((((((( ( ( ( ( ( ( ( ( ( (((((((((((((((((((((((((((((((((((((((((((((((((((( f:V ~m ] P X݉\ %%E ݣ# lvF 4,Oy r;cuJ Ӏ-      4 4 4 4 4 4 4 4 * * * * * * * * * * c4M |b YF T ԁS #! ܅< ݣ"ai9 / &Kuh/[~lD ւ.     4 4 4 4 4 4 4 4 * * * * * * * * * * dtphffhingemziowogmkgkstrr~a"tfdb]cfdg |Z|jfhhijihfgoibgtehnhafdafnmfj{D!ufb_]aece ӽ)ofhlonkgcbhhghjhhihgjfdjnibjyAunggdcfgd LUvgde`abdfhkllkjkc\\qyD srokhgiijl  S~wkd]^chlgddbim`YgN]qgfbaab`dl  =|~urv|xttsvvz}v:o|wstqruwwm 1 '@FCDHJIIHHIHD>;E>DWNHJIGIGIH8 })   4 4 4 4 4 4 4 4 * * * * * * * * * *+++**D(('D f̪̪f?7s$7+S7`8q`8O R9!d:Q<7o!7'P7[8j\8KM9`:N<fgn~X7dgv87YazvM8fu1 8|<Y8['O9 ^:P<88898:;=~((((((((((((((((( ( ( ( ( ( ( ( ( ( ((((((((((((((((( ( ( ( ( ( ( ( ( ( ((((((((((((((((( ( ( ( ( ( ( ( ( ( d/2^Card     X^Xdd^X\\``bbdy.R0R 1R 2R 3R 3R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R.Z0Z 1Z 2Z 3Z 3Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z.y0y 1y 2y 3y 3y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y.0 1 2 3 3 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4@R@Z@y@R.R,R+R*R)R)R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(Z.Z,Z+Z*Z)Z)Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(y.y,y+y*y)y)y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(.,+*))((((((((((((((((((((((((((((((((((((((((((((((((((((((( 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 4R 3R 3R 2R 1R0R.R 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 4Z 3Z 3Z 2Z 1Z0Z.Z 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 4y 3y 3y 2y 1y0y.y 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 3 3 2 10.RZyR(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R(R)R)R*R+R,RZ(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z(Z)Z)Z*Z+Z,Zy(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y(y)y)y*y+y,y((((((((((((((((((((())*+,d/2