227804 2021-07-08 10:33:12 -0700 [WebCrypto] decrypt() does not properly validate padding for AES-CBC algorithm 2022-09-09 10:38:23 -0700 1 1 1 Unclassified WebKit WebCore Misc. WebKit Nightly Build Unspecified Unspecified RESOLVED FIXED InRadar P2 Normal --- 1 cdumez cdumez achristensen a_izquierdogarcia bfulgham darin ews-watchlist ggaren jiewen_tan katherine_cheney sam webkit-bug-importer oldest_to_newest 1775714 0 cdumez 2021-07-08 10:33:12 -0700 decrypt() does not properly validate padding for AES-CBC algorithm: - https://www.w3.org/TR/WebCryptoAPI/#aes-cbc-operations (Decrypt section) 1775718 1 433139 cdumez 2021-07-08 10:36:39 -0700 Created attachment 433139 Patch 1775892 2 433139 ap 2021-07-08 18:20:37 -0700 Comment on attachment 433139 Patch View in context: https://bugs.webkit.org/attachment.cgi?id=433139&action=review > Source/WebCore/ChangeLog:9 > + - https://www.w3.org/TR/WebCryptoAPI/#aes-cbc-operations (Decrypt section) However, please see https://github.com/w3c/webcrypto/issues/177, which is closed bit not for a great reason AFAICT. 1775894 3 433139 katherine_cheney 2021-07-08 18:46:56 -0700 Comment on attachment 433139 Patch View in context: https://bugs.webkit.org/attachment.cgi?id=433139&action=review > Source/WebCore/crypto/mac/CryptoAlgorithmAES_CBCMac.cpp:77 > ASSERT(parameters.ivVector().size() == kCCBlockSizeAES128 || parameters.ivVector().isEmpty()); Based on the spec, don't we want to return an OperationError here if the ivVector is the wrong size? > Source/WebCore/crypto/mac/CryptoAlgorithmAES_CBCMac.cpp:79 > + auto result = transformAES_CBC(kCCDecrypt, parameters.ivVector(), key.key(), cipherText, Padding::No); I am confused as to why we are always passing Padding::No here, can you explain? 1775900 4 cdumez 2021-07-08 19:29:15 -0700 (In reply to Kate Cheney from comment #3) > Comment on attachment 433139 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=433139&action=review > > > Source/WebCore/crypto/mac/CryptoAlgorithmAES_CBCMac.cpp:77 > > ASSERT(parameters.ivVector().size() == kCCBlockSizeAES128 || parameters.ivVector().isEmpty()); > > Based on the spec, don't we want to return an OperationError here if the > ivVector is the wrong size? I haven’t looked into that part and do not know if this is causing any test failure. This seems like an issue separate from what I am fixing. > > Source/WebCore/crypto/mac/CryptoAlgorithmAES_CBCMac.cpp:79 > > + auto result = transformAES_CBC(kCCDecrypt, parameters.ivVector(), key.key(), cipherText, Padding::No); > > I am confused as to why we are always passing Padding::No here, can you > explain? If we pass Yes, then Common Crypto will trim the padding for us but it does not seem to do padding validation that matches the spec, causing us to fail WPT tests if we let common crypto deal with the padding. For this reason, we ask common crypto to NOT deal with padding after decrypting and we validate / trim the padding ourselves as a post processing step. 1775901 5 cdumez 2021-07-08 19:30:18 -0700 (In reply to Alexey Proskuryakov from comment #2) > Comment on attachment 433139 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=433139&action=review > > > Source/WebCore/ChangeLog:9 > > + - https://www.w3.org/TR/WebCryptoAPI/#aes-cbc-operations (Decrypt section) > > However, please see https://github.com/w3c/webcrypto/issues/177, which is > closed bit not for a great reason AFAICT. It was closed for not being backward compatible. We are the only browser behaving this way and I do not think that’s a good thing. 1777244 6 webkit-bug-importer 2021-07-15 10:34:23 -0700 <rdar://problem/80639418> 1897274 7 a_izquierdogarcia 2022-09-09 09:49:31 -0700 I am currently working on this https://github.com/WebKit/WebKit/pull/3819 1897290 8 ews-feeder 2022-09-09 10:38:20 -0700 Committed 254308@main (0062d4332b57): <https://commits.webkit.org/254308@main> Reviewed commits have been landed. Closing PR #3819 and removing active labels. 433139 2021-07-08 10:36:39 -0700 2021-07-08 12:49:14 -0700 Patch bug-227804-20210708103638.patch text/plain 8922 cdumez U3VidmVyc2lvbiBSZXZpc2lvbjogMjc5NzIxCmRpZmYgLS1naXQgYS9Tb3VyY2UvV2ViQ29yZS9D aGFuZ2VMb2cgYi9Tb3VyY2UvV2ViQ29yZS9DaGFuZ2VMb2cKaW5kZXggMmJlMTI1MTkwOTdjZmZj NjQ1MjA5NzA1YjE3NzUxMWI5MWE2ODg4My4uNjYzMTNhODgzNGY2YjE0YjE2OGRlNjI4N2FiMzU2 MTFhZTFiZTUzMiAxMDA2NDQKLS0tIGEvU291cmNlL1dlYkNvcmUvQ2hhbmdlTG9nCisrKyBiL1Nv dXJjZS9XZWJDb3JlL0NoYW5nZUxvZwpAQCAtMSwzICsxLDIyIEBACisyMDIxLTA3LTA4ICBDaHJp cyBEdW1leiAgPGNkdW1lekBhcHBsZS5jb20+CisKKyAgICAgICAgW1dlYkNyeXB0b10gZGVjcnlw dCgpIGRvZXMgbm90IHByb3Blcmx5IHZhbGlkYXRlIHBhZGRpbmcgZm9yIEFFUy1DQkMgYWxnb3Jp dGhtCisgICAgICAgIGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3Nob3dfYnVnLmNnaT9pZD0yMjc4 MDQKKworICAgICAgICBSZXZpZXdlZCBieSBOT0JPRFkgKE9PUFMhKS4KKworICAgICAgICBkZWNy eXB0KCkgZG9lcyBub3QgcHJvcGVybHkgdmFsaWRhdGUgcGFkZGluZyBmb3IgQUVTLUNCQyBhbGdv cml0aG06CisgICAgICAgIC0gaHR0cHM6Ly93d3cudzMub3JnL1RSL1dlYkNyeXB0b0FQSS8jYWVz LWNiYy1vcGVyYXRpb25zIChEZWNyeXB0IHNlY3Rpb24pCisKKyAgICAgICAgTm8gbmV3IHRlc3Rz LCByZWJhc2VsaW5lZCBleGlzdGluZyB0ZXN0cy4KKworICAgICAgICAqIGNyeXB0by9tYWMvQ3J5 cHRvQWxnb3JpdGhtQUVTX0NCQ01hYy5jcHA6CisgICAgICAgIChXZWJDb3JlOjpDcnlwdG9BbGdv cml0aG1BRVNfQ0JDOjpwbGF0Zm9ybURlY3J5cHQpOgorICAgICAgICBTdG9wIHBhc3Npbmcga0ND T3B0aW9uUEtDUzdQYWRkaW5nIG9wdGlvbmFsIHRvIENvbW1vbiBDcnlwdG8gd2hlbiBkZWNyeXB0 aW5nIGFuZAorICAgICAgICB0YWtlIGNhcmUgb2YgdmFsaWRhdGluZyBhbmQgcmVtb3ZpbmcgdGhl IHBhZGRpbmcgb3Vyc2VsdmVzLCBzbyB0aGF0IHdlIGNhbiBwcm9wZXJseQorICAgICAgICB0aHJv dyBhbiBleGNlcHRpb24gZm9yIGludmFsaWQgcGFkZGluZywgYXMgcGVyOgorICAgICAgICAtIGh0 dHBzOi8vd3d3LnczLm9yZy9UUi9XZWJDcnlwdG9BUEkvI2Flcy1jYmMtb3BlcmF0aW9ucyAoRGVj cnlwdCBzZWN0aW9uKQorCiAyMDIxLTA3LTA4ICBBbnR0aSBLb2l2aXN0byAgPGFudHRpQGFwcGxl LmNvbT4KIAogICAgICAgICBTaGFkb3cgaG9zdCBzdG9wcyByZW5kZXJpbmcgYWZ0ZXIgcmVtb3Zp bmcgYSBzbG90LCB1cGRhdGluZyBzdHlsZSwgdGhlbiBpdHMgYXNzaWduZWQgbm9kZQpkaWZmIC0t Z2l0IGEvU291cmNlL1dlYkNvcmUvY3J5cHRvL21hYy9DcnlwdG9BbGdvcml0aG1BRVNfQ0JDTWFj LmNwcCBiL1NvdXJjZS9XZWJDb3JlL2NyeXB0by9tYWMvQ3J5cHRvQWxnb3JpdGhtQUVTX0NCQ01h Yy5jcHAKaW5kZXggYzU3ZjEwNzk5ZDExMGFiMGI0ZmMxZTkyYjE3MTQ0NjNjZmI5ZDM0NC4uZTg5 Nzk5OGMyNzQ3MzIwZTdkNTM5MWY0MTUxODBmZjY2NTc3YmI2MCAxMDA2NDQKLS0tIGEvU291cmNl L1dlYkNvcmUvY3J5cHRvL21hYy9DcnlwdG9BbGdvcml0aG1BRVNfQ0JDTWFjLmNwcAorKysgYi9T b3VyY2UvV2ViQ29yZS9jcnlwdG8vbWFjL0NyeXB0b0FsZ29yaXRobUFFU19DQkNNYWMuY3BwCkBA IC03Niw3ICs3NiwyMyBAQCBFeGNlcHRpb25PcjxWZWN0b3I8dWludDhfdD4+IENyeXB0b0FsZ29y aXRobUFFU19DQkM6OnBsYXRmb3JtRGVjcnlwdChjb25zdCBDcnlwdAogewogICAgIEFTU0VSVChw YXJhbWV0ZXJzLml2VmVjdG9yKCkuc2l6ZSgpID09IGtDQ0Jsb2NrU2l6ZUFFUzEyOCB8fCBwYXJh bWV0ZXJzLml2VmVjdG9yKCkuaXNFbXB0eSgpKTsKICAgICBBU1NFUlQocGFkZGluZyA9PSBQYWRk aW5nOjpZZXMgfHwgIShjaXBoZXJUZXh0LnNpemUoKSAlIGtDQ0Jsb2NrU2l6ZUFFUzEyOCkpOwot ICAgIHJldHVybiB0cmFuc2Zvcm1BRVNfQ0JDKGtDQ0RlY3J5cHQsIHBhcmFtZXRlcnMuaXZWZWN0 b3IoKSwga2V5LmtleSgpLCBjaXBoZXJUZXh0LCBwYWRkaW5nKTsKKyAgICBhdXRvIHJlc3VsdCA9 IHRyYW5zZm9ybUFFU19DQkMoa0NDRGVjcnlwdCwgcGFyYW1ldGVycy5pdlZlY3RvcigpLCBrZXku a2V5KCksIGNpcGhlclRleHQsIFBhZGRpbmc6Ok5vKTsKKyAgICBpZiAocmVzdWx0Lmhhc0V4Y2Vw dGlvbigpKQorICAgICAgICByZXR1cm4gcmVzdWx0LnJlbGVhc2VFeGNlcHRpb24oKTsKKworICAg IGF1dG8gZGF0YSA9IHJlc3VsdC5yZWxlYXNlUmV0dXJuVmFsdWUoKTsKKyAgICBpZiAocGFkZGlu ZyA9PSBQYWRkaW5nOjpZZXMgJiYgIWRhdGEuaXNFbXB0eSgpKSB7CisgICAgICAgIC8vIFZhbGlk YXRlIGFuZCByZW1vdmUgcGFkZGluZyBhcyBwZXIgaHR0cHM6Ly93d3cudzMub3JnL1RSL1dlYkNy eXB0b0FQSS8jYWVzLWNiYy1vcGVyYXRpb25zIChEZWNyeXB0IHNlY3Rpb24pLgorICAgICAgICBh dXRvIHBhZGRpbmdCeXRlID0gZGF0YS5sYXN0KCk7CisgICAgICAgIGlmICghcGFkZGluZ0J5dGUg fHwgcGFkZGluZ0J5dGUgPiAxNiB8fCBwYWRkaW5nQnl0ZSA+IGRhdGEuc2l6ZSgpKQorICAgICAg ICAgICAgcmV0dXJuIEV4Y2VwdGlvbiB7IE9wZXJhdGlvbkVycm9yIH07CisgICAgICAgIGZvciAo c2l6ZV90IGkgPSBkYXRhLnNpemUoKSAtIHBhZGRpbmdCeXRlOyBpIDwgZGF0YS5zaXplKCkgLSAx OyArK2kpIHsKKyAgICAgICAgICAgIGlmIChkYXRhW2ldICE9IHBhZGRpbmdCeXRlKQorICAgICAg ICAgICAgICAgIHJldHVybiBFeGNlcHRpb24geyBPcGVyYXRpb25FcnJvciB9OworICAgICAgICB9 CisgICAgICAgIGRhdGEuc2hyaW5rKGRhdGEuc2l6ZSgpIC0gcGFkZGluZ0J5dGUpOworICAgIH0K KyAgICByZXR1cm4gZGF0YTsKIH0KIAogfSAvLyBuYW1lc3BhY2UgV2ViQ29yZQpkaWZmIC0tZ2l0 IGEvTGF5b3V0VGVzdHMvaW1wb3J0ZWQvdzNjL0NoYW5nZUxvZyBiL0xheW91dFRlc3RzL2ltcG9y dGVkL3czYy9DaGFuZ2VMb2cKaW5kZXggOTIzMTE3MmEwNDRlNzNkMDBlNDJlMTE3MTk0MDZiYzc3 NTAyN2U0OS4uMDQzMGUzNjQ0YWE3YjA3MDQwNWUxY2U3M2UyN2UxYzY4ZGUxMWM4MSAxMDA2NDQK LS0tIGEvTGF5b3V0VGVzdHMvaW1wb3J0ZWQvdzNjL0NoYW5nZUxvZworKysgYi9MYXlvdXRUZXN0 cy9pbXBvcnRlZC93M2MvQ2hhbmdlTG9nCkBAIC0xLDMgKzEsMTUgQEAKKzIwMjEtMDctMDggIENo cmlzIER1bWV6ICA8Y2R1bWV6QGFwcGxlLmNvbT4KKworICAgICAgICBbV2ViQ3J5cHRvXSBkZWNy eXB0KCkgZG9lcyBub3QgcHJvcGVybHkgdmFsaWRhdGUgcGFkZGluZyBmb3IgQUVTLUNCQyBhbGdv cml0aG0KKyAgICAgICAgaHR0cHM6Ly9idWdzLndlYmtpdC5vcmcvc2hvd19idWcuY2dpP2lkPTIy NzgwNAorCisgICAgICAgIFJldmlld2VkIGJ5IE5PQk9EWSAoT09QUyEpLgorCisgICAgICAgIFJl YmFzZWxpbmUgV1BUIHRlc3RzIHRoYXQgYXJlIG5vdyBwYXNzaW5nLgorCisgICAgICAgICogd2Vi LXBsYXRmb3JtLXRlc3RzL1dlYkNyeXB0b0FQSS9lbmNyeXB0X2RlY3J5cHQvYWVzX2NiYy5odHRw cy5hbnktZXhwZWN0ZWQudHh0OgorICAgICAgICAqIHdlYi1wbGF0Zm9ybS10ZXN0cy9XZWJDcnlw dG9BUEkvZW5jcnlwdF9kZWNyeXB0L2Flc19jYmMuaHR0cHMuYW55Lndvcmtlci1leHBlY3RlZC50 eHQ6CisKIDIwMjEtMDctMDcgIENocmlzIER1bWV6ICA8Y2R1bWV6QGFwcGxlLmNvbT4KIAogICAg ICAgICBPdXIgc3RydWN0dXJlZCBjbG9uaW5nIGltcGxlbWVudGF0aW9uIGRvZXMgbm90IGVuY29k ZSBhbGwgb2YgUmVnRXhwJ3MgZmxhZ3MKZGlmZiAtLWdpdCBhL0xheW91dFRlc3RzL2ltcG9ydGVk L3czYy93ZWItcGxhdGZvcm0tdGVzdHMvV2ViQ3J5cHRvQVBJL2VuY3J5cHRfZGVjcnlwdC9hZXNf Y2JjLmh0dHBzLmFueS1leHBlY3RlZC50eHQgYi9MYXlvdXRUZXN0cy9pbXBvcnRlZC93M2Mvd2Vi LXBsYXRmb3JtLXRlc3RzL1dlYkNyeXB0b0FQSS9lbmNyeXB0X2RlY3J5cHQvYWVzX2NiYy5odHRw cy5hbnktZXhwZWN0ZWQudHh0CmluZGV4IDc4MTU1MzIyNzA5Njg5NjcyOTI0Mjk2ZDUyM2MzMDli NmQxMGRlOTIuLjZhMDc1YjUwN2E3MzVmNzI5MDJlYjU4YzFiMDIzMjE0ZWNhNWEzOGYgMTAwNjQ0 Ci0tLSBhL0xheW91dFRlc3RzL2ltcG9ydGVkL3czYy93ZWItcGxhdGZvcm0tdGVzdHMvV2ViQ3J5 cHRvQVBJL2VuY3J5cHRfZGVjcnlwdC9hZXNfY2JjLmh0dHBzLmFueS1leHBlY3RlZC50eHQKKysr IGIvTGF5b3V0VGVzdHMvaW1wb3J0ZWQvdzNjL3dlYi1wbGF0Zm9ybS10ZXN0cy9XZWJDcnlwdG9B UEkvZW5jcnlwdF9kZWNyeXB0L2Flc19jYmMuaHR0cHMuYW55LWV4cGVjdGVkLnR4dApAQCAtMzMs MTMgKzMzLDEzIEBAIFBBU1MgQUVTLUNCQyAxOTItYml0IGtleSwgNjQtYml0IElWIGRlY3J5cHRp b24KIFBBU1MgQUVTLUNCQyAxOTItYml0IGtleSwgMTkyLWJpdCBJViBkZWNyeXB0aW9uCiBQQVNT IEFFUy1DQkMgMjU2LWJpdCBrZXksIDY0LWJpdCBJViBkZWNyeXB0aW9uCiBQQVNTIEFFUy1DQkMg MjU2LWJpdCBrZXksIDE5Mi1iaXQgSVYgZGVjcnlwdGlvbgotRkFJTCBBRVMtQ0JDIDEyOC1iaXQg a2V5LCB6ZXJvUGFkQ2hhciBhc3NlcnRfdW5yZWFjaGVkOiBzaG91bGQgaGF2ZSB0aHJvd24gZXhj ZXB0aW9uIGZvciB0ZXN0IEFFUy1DQkMgMTI4LWJpdCBrZXksIHplcm9QYWRDaGFyIFJlYWNoZWQg dW5yZWFjaGFibGUgY29kZQotRkFJTCBBRVMtQ0JDIDEyOC1iaXQga2V5LCBiaWdQYWRDaGFyIGFz c2VydF91bnJlYWNoZWQ6IHNob3VsZCBoYXZlIHRocm93biBleGNlcHRpb24gZm9yIHRlc3QgQUVT LUNCQyAxMjgtYml0IGtleSwgYmlnUGFkQ2hhciBSZWFjaGVkIHVucmVhY2hhYmxlIGNvZGUKLUZB SUwgQUVTLUNCQyAxMjgtYml0IGtleSwgaW5jb25zaXN0ZW50UGFkQ2hhcnMgYXNzZXJ0X3VucmVh Y2hlZDogc2hvdWxkIGhhdmUgdGhyb3duIGV4Y2VwdGlvbiBmb3IgdGVzdCBBRVMtQ0JDIDEyOC1i aXQga2V5LCBpbmNvbnNpc3RlbnRQYWRDaGFycyBSZWFjaGVkIHVucmVhY2hhYmxlIGNvZGUKLUZB SUwgQUVTLUNCQyAxOTItYml0IGtleSwgemVyb1BhZENoYXIgYXNzZXJ0X3VucmVhY2hlZDogc2hv dWxkIGhhdmUgdGhyb3duIGV4Y2VwdGlvbiBmb3IgdGVzdCBBRVMtQ0JDIDE5Mi1iaXQga2V5LCB6 ZXJvUGFkQ2hhciBSZWFjaGVkIHVucmVhY2hhYmxlIGNvZGUKLUZBSUwgQUVTLUNCQyAxOTItYml0 IGtleSwgYmlnUGFkQ2hhciBhc3NlcnRfdW5yZWFjaGVkOiBzaG91bGQgaGF2ZSB0aHJvd24gZXhj ZXB0aW9uIGZvciB0ZXN0IEFFUy1DQkMgMTkyLWJpdCBrZXksIGJpZ1BhZENoYXIgUmVhY2hlZCB1 bnJlYWNoYWJsZSBjb2RlCi1GQUlMIEFFUy1DQkMgMTkyLWJpdCBrZXksIGluY29uc2lzdGVudFBh ZENoYXJzIGFzc2VydF91bnJlYWNoZWQ6IHNob3VsZCBoYXZlIHRocm93biBleGNlcHRpb24gZm9y IHRlc3QgQUVTLUNCQyAxOTItYml0IGtleSwgaW5jb25zaXN0ZW50UGFkQ2hhcnMgUmVhY2hlZCB1 bnJlYWNoYWJsZSBjb2RlCi1GQUlMIEFFUy1DQkMgMjU2LWJpdCBrZXksIHplcm9QYWRDaGFyIGFz c2VydF91bnJlYWNoZWQ6IHNob3VsZCBoYXZlIHRocm93biBleGNlcHRpb24gZm9yIHRlc3QgQUVT LUNCQyAyNTYtYml0IGtleSwgemVyb1BhZENoYXIgUmVhY2hlZCB1bnJlYWNoYWJsZSBjb2RlCi1G QUlMIEFFUy1DQkMgMjU2LWJpdCBrZXksIGJpZ1BhZENoYXIgYXNzZXJ0X3VucmVhY2hlZDogc2hv dWxkIGhhdmUgdGhyb3duIGV4Y2VwdGlvbiBmb3IgdGVzdCBBRVMtQ0JDIDI1Ni1iaXQga2V5LCBi aWdQYWRDaGFyIFJlYWNoZWQgdW5yZWFjaGFibGUgY29kZQotRkFJTCBBRVMtQ0JDIDI1Ni1iaXQg a2V5LCBpbmNvbnNpc3RlbnRQYWRDaGFycyBhc3NlcnRfdW5yZWFjaGVkOiBzaG91bGQgaGF2ZSB0 aHJvd24gZXhjZXB0aW9uIGZvciB0ZXN0IEFFUy1DQkMgMjU2LWJpdCBrZXksIGluY29uc2lzdGVu dFBhZENoYXJzIFJlYWNoZWQgdW5yZWFjaGFibGUgY29kZQorUEFTUyBBRVMtQ0JDIDEyOC1iaXQg a2V5LCB6ZXJvUGFkQ2hhcgorUEFTUyBBRVMtQ0JDIDEyOC1iaXQga2V5LCBiaWdQYWRDaGFyCitQ QVNTIEFFUy1DQkMgMTI4LWJpdCBrZXksIGluY29uc2lzdGVudFBhZENoYXJzCitQQVNTIEFFUy1D QkMgMTkyLWJpdCBrZXksIHplcm9QYWRDaGFyCitQQVNTIEFFUy1DQkMgMTkyLWJpdCBrZXksIGJp Z1BhZENoYXIKK1BBU1MgQUVTLUNCQyAxOTItYml0IGtleSwgaW5jb25zaXN0ZW50UGFkQ2hhcnMK K1BBU1MgQUVTLUNCQyAyNTYtYml0IGtleSwgemVyb1BhZENoYXIKK1BBU1MgQUVTLUNCQyAyNTYt Yml0IGtleSwgYmlnUGFkQ2hhcgorUEFTUyBBRVMtQ0JDIDI1Ni1iaXQga2V5LCBpbmNvbnNpc3Rl bnRQYWRDaGFycwogCmRpZmYgLS1naXQgYS9MYXlvdXRUZXN0cy9pbXBvcnRlZC93M2Mvd2ViLXBs YXRmb3JtLXRlc3RzL1dlYkNyeXB0b0FQSS9lbmNyeXB0X2RlY3J5cHQvYWVzX2NiYy5odHRwcy5h bnkud29ya2VyLWV4cGVjdGVkLnR4dCBiL0xheW91dFRlc3RzL2ltcG9ydGVkL3czYy93ZWItcGxh dGZvcm0tdGVzdHMvV2ViQ3J5cHRvQVBJL2VuY3J5cHRfZGVjcnlwdC9hZXNfY2JjLmh0dHBzLmFu eS53b3JrZXItZXhwZWN0ZWQudHh0CmluZGV4IDc4MTU1MzIyNzA5Njg5NjcyOTI0Mjk2ZDUyM2Mz MDliNmQxMGRlOTIuLjZhMDc1YjUwN2E3MzVmNzI5MDJlYjU4YzFiMDIzMjE0ZWNhNWEzOGYgMTAw NjQ0Ci0tLSBhL0xheW91dFRlc3RzL2ltcG9ydGVkL3czYy93ZWItcGxhdGZvcm0tdGVzdHMvV2Vi Q3J5cHRvQVBJL2VuY3J5cHRfZGVjcnlwdC9hZXNfY2JjLmh0dHBzLmFueS53b3JrZXItZXhwZWN0 ZWQudHh0CisrKyBiL0xheW91dFRlc3RzL2ltcG9ydGVkL3czYy93ZWItcGxhdGZvcm0tdGVzdHMv V2ViQ3J5cHRvQVBJL2VuY3J5cHRfZGVjcnlwdC9hZXNfY2JjLmh0dHBzLmFueS53b3JrZXItZXhw ZWN0ZWQudHh0CkBAIC0zMywxMyArMzMsMTMgQEAgUEFTUyBBRVMtQ0JDIDE5Mi1iaXQga2V5LCA2 NC1iaXQgSVYgZGVjcnlwdGlvbgogUEFTUyBBRVMtQ0JDIDE5Mi1iaXQga2V5LCAxOTItYml0IElW IGRlY3J5cHRpb24KIFBBU1MgQUVTLUNCQyAyNTYtYml0IGtleSwgNjQtYml0IElWIGRlY3J5cHRp b24KIFBBU1MgQUVTLUNCQyAyNTYtYml0IGtleSwgMTkyLWJpdCBJViBkZWNyeXB0aW9uCi1GQUlM IEFFUy1DQkMgMTI4LWJpdCBrZXksIHplcm9QYWRDaGFyIGFzc2VydF91bnJlYWNoZWQ6IHNob3Vs ZCBoYXZlIHRocm93biBleGNlcHRpb24gZm9yIHRlc3QgQUVTLUNCQyAxMjgtYml0IGtleSwgemVy b1BhZENoYXIgUmVhY2hlZCB1bnJlYWNoYWJsZSBjb2RlCi1GQUlMIEFFUy1DQkMgMTI4LWJpdCBr ZXksIGJpZ1BhZENoYXIgYXNzZXJ0X3VucmVhY2hlZDogc2hvdWxkIGhhdmUgdGhyb3duIGV4Y2Vw dGlvbiBmb3IgdGVzdCBBRVMtQ0JDIDEyOC1iaXQga2V5LCBiaWdQYWRDaGFyIFJlYWNoZWQgdW5y ZWFjaGFibGUgY29kZQotRkFJTCBBRVMtQ0JDIDEyOC1iaXQga2V5LCBpbmNvbnNpc3RlbnRQYWRD aGFycyBhc3NlcnRfdW5yZWFjaGVkOiBzaG91bGQgaGF2ZSB0aHJvd24gZXhjZXB0aW9uIGZvciB0 ZXN0IEFFUy1DQkMgMTI4LWJpdCBrZXksIGluY29uc2lzdGVudFBhZENoYXJzIFJlYWNoZWQgdW5y ZWFjaGFibGUgY29kZQotRkFJTCBBRVMtQ0JDIDE5Mi1iaXQga2V5LCB6ZXJvUGFkQ2hhciBhc3Nl cnRfdW5yZWFjaGVkOiBzaG91bGQgaGF2ZSB0aHJvd24gZXhjZXB0aW9uIGZvciB0ZXN0IEFFUy1D QkMgMTkyLWJpdCBrZXksIHplcm9QYWRDaGFyIFJlYWNoZWQgdW5yZWFjaGFibGUgY29kZQotRkFJ TCBBRVMtQ0JDIDE5Mi1iaXQga2V5LCBiaWdQYWRDaGFyIGFzc2VydF91bnJlYWNoZWQ6IHNob3Vs ZCBoYXZlIHRocm93biBleGNlcHRpb24gZm9yIHRlc3QgQUVTLUNCQyAxOTItYml0IGtleSwgYmln UGFkQ2hhciBSZWFjaGVkIHVucmVhY2hhYmxlIGNvZGUKLUZBSUwgQUVTLUNCQyAxOTItYml0IGtl eSwgaW5jb25zaXN0ZW50UGFkQ2hhcnMgYXNzZXJ0X3VucmVhY2hlZDogc2hvdWxkIGhhdmUgdGhy b3duIGV4Y2VwdGlvbiBmb3IgdGVzdCBBRVMtQ0JDIDE5Mi1iaXQga2V5LCBpbmNvbnNpc3RlbnRQ YWRDaGFycyBSZWFjaGVkIHVucmVhY2hhYmxlIGNvZGUKLUZBSUwgQUVTLUNCQyAyNTYtYml0IGtl eSwgemVyb1BhZENoYXIgYXNzZXJ0X3VucmVhY2hlZDogc2hvdWxkIGhhdmUgdGhyb3duIGV4Y2Vw dGlvbiBmb3IgdGVzdCBBRVMtQ0JDIDI1Ni1iaXQga2V5LCB6ZXJvUGFkQ2hhciBSZWFjaGVkIHVu cmVhY2hhYmxlIGNvZGUKLUZBSUwgQUVTLUNCQyAyNTYtYml0IGtleSwgYmlnUGFkQ2hhciBhc3Nl cnRfdW5yZWFjaGVkOiBzaG91bGQgaGF2ZSB0aHJvd24gZXhjZXB0aW9uIGZvciB0ZXN0IEFFUy1D QkMgMjU2LWJpdCBrZXksIGJpZ1BhZENoYXIgUmVhY2hlZCB1bnJlYWNoYWJsZSBjb2RlCi1GQUlM IEFFUy1DQkMgMjU2LWJpdCBrZXksIGluY29uc2lzdGVudFBhZENoYXJzIGFzc2VydF91bnJlYWNo ZWQ6IHNob3VsZCBoYXZlIHRocm93biBleGNlcHRpb24gZm9yIHRlc3QgQUVTLUNCQyAyNTYtYml0 IGtleSwgaW5jb25zaXN0ZW50UGFkQ2hhcnMgUmVhY2hlZCB1bnJlYWNoYWJsZSBjb2RlCitQQVNT IEFFUy1DQkMgMTI4LWJpdCBrZXksIHplcm9QYWRDaGFyCitQQVNTIEFFUy1DQkMgMTI4LWJpdCBr ZXksIGJpZ1BhZENoYXIKK1BBU1MgQUVTLUNCQyAxMjgtYml0IGtleSwgaW5jb25zaXN0ZW50UGFk Q2hhcnMKK1BBU1MgQUVTLUNCQyAxOTItYml0IGtleSwgemVyb1BhZENoYXIKK1BBU1MgQUVTLUNC QyAxOTItYml0IGtleSwgYmlnUGFkQ2hhcgorUEFTUyBBRVMtQ0JDIDE5Mi1iaXQga2V5LCBpbmNv bnNpc3RlbnRQYWRDaGFycworUEFTUyBBRVMtQ0JDIDI1Ni1iaXQga2V5LCB6ZXJvUGFkQ2hhcgor UEFTUyBBRVMtQ0JDIDI1Ni1iaXQga2V5LCBiaWdQYWRDaGFyCitQQVNTIEFFUy1DQkMgMjU2LWJp dCBrZXksIGluY29uc2lzdGVudFBhZENoYXJzCiAK