Ashley Mills / CyaSSL_DTLS_Ethernet

CyaSSL example using x509 certs and DTLS over ethernet.

Dependencies:   EthernetInterface NTPClient cyassl-lib mbed-rtos mbed-src CyaSSL_DTLS_Ethernet

Dependents:   CyaSSL_DTLS_Ethernet

Testing DTLS out

To test this client you need to setup a server and use the correct CA certificate, server certificate, and server private key. This will allow the client to authenticate to the server, and enable the server to authenticate the client. The server can authenticate the client because the test program includes a device certificate signed by the server CA.

The server certificate and and CA certificate are identical as this is a self-signed certificate:

-----BEGIN CERTIFICATE-----
MIIClTCCAf6gAwIBAgICEREwDQYJKoZIhvcNAQEFBQAwZzELMAkGA1UEBhMCR0Ix
EjAQBgNVBAgMCUJlcmtzaGlyZTEQMA4GA1UEBwwHTmV3YnVyeTERMA8GA1UECgwI
Vm9kYWZvbmUxDDAKBgNVBAsMA1ImRDERMA8GA1UEAwwIRE1TZXJ2ZXIwHhcNMTMw
OTAzMTQwNjA4WhcNMjMwNzEzMTQwNjA4WjBnMQswCQYDVQQGEwJHQjESMBAGA1UE
CAwJQmVya3NoaXJlMRAwDgYDVQQHDAdOZXdidXJ5MREwDwYDVQQKDAhWb2RhZm9u
ZTEMMAoGA1UECwwDUiZEMREwDwYDVQQDDAhETVNlcnZlcjCBnzANBgkqhkiG9w0B
AQEFAAOBjQAwgYkCgYEAupWZHm51RbMkEkvKAvglM96BcWVScxW7KaXFhm1Artt1
1Vm5KTC0rI+0kiG54kxhvY7euWeUcQqJKHxUTFjUWv8TcJrzmjIe5EthipLpdN+V
/PJCO/FiLXSiykQsC+VhyU8BKNYrpspyiQ109KPoybH8kK7W2IXf2d9AaLrzcgUC
AwEAAaNQME4wHQYDVR0OBBYEFKonGm+IcowtLcJaxXSCpUTRPaMVMB8GA1UdIwQY
MBaAFKonGm+IcowtLcJaxXSCpUTRPaMVMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcN
AQEFBQADgYEAfThlu2u73hm3quZJX57joMRn/N+l2KY4q16YI+gZIoJlLF/uIZw6
4OuxfKNfIvKvCL54LQ+/plh+8CzsmZdjdV9S/1+Jefe+RhEogjSvFjs2oyVaMCjZ
OxWujvZJ3XdhpXZJsdnEx4rgmHij3es3SzarTSjPVW8MpBU4H8NKlWI=
-----END CERTIFICATE-----

The server private key is as follows:

-----BEGIN PRIVATE KEY-----
MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBALqVmR5udUWzJBJL
ygL4JTPegXFlUnMVuymlxYZtQK7bddVZuSkwtKyPtJIhueJMYb2O3rlnlHEKiSh8
VExY1Fr/E3Ca85oyHuRLYYqS6XTflfzyQjvxYi10ospELAvlYclPASjWK6bKcokN
dPSj6Mmx/JCu1tiF39nfQGi683IFAgMBAAECgYEAuAFGQtud7YHQRfbWHv2G+tMp
BqJsoDBDJrxjwsFFs+ucFi5oyzVMSI1j/2UhQwoerekSvvdmTeCdCP8rxysnJ3MG
vepBkUXZ9kek7qZ561JC6qLZNcTeVc/R1rxMsFZSV/Zuzr7KFG47J/Di15GxGoui
x4fRE9ww0coC8PDWbaECQQDgKP48PD2gNaD2jjqd/xNki2kXP9PE1AAnevVaEidS
ceOKXgqx7qGYrN1+NFnRGwJhUSoicmUQeDKkC9CU/5UpAkEA1RZCT9M8lWpqx60d
oZlF9I3oOoQxXrx4RgoF+2y1tT+C7nUwmeYk2mEi/Gat9/NtKz/J9Tlwu3/Ef9eB
G7lVfQJAdvzLl2XSwIw3GSl+bAfOX3yxGCpFWyG9wzc9rcYdIWJbCkPJIZIuLUD1
gdyAIMNZjBbtasOWahujpfivi6fvoQJAHRIdV+CculG7YaR3j21mwtd9YEZaqe8S
hZOmf0e0fpa8mSW5zLU+P+DSshacE2DNewIH3oHIpHvo5fwTrCGbzQJAWaFq9L9C
lAgoPfuKjKQ0RJ8M+lDVOZo/Okl0VtrU/Z5fQm+yR4Lb+o1iogYjgjvdOmoMkPtb
Q/xu4c1qn2ksnA==
-----END PRIVATE KEY-----

Both the certificate and the private key are in PEM format. It is worth noting that all the certificates and keys on the device are in DER format to save space. You might be wondering how to easily get PEM keys and certs into a format suitable for the mbed, well it's easy, you can just use the openssl tools to convert, and then xxd to get a hex sequence which you can put into an array. To convert a cert, use the following command:

openssl x509 -in cert.pem -outform DER | xxd -i

This will dump the x509 cert in DER format and pipe it to xxd, where the -i switch is used to convert the byte sequence into c-include style. All it really does is dump the bytes in hexadecimal, you still need to wrap it in an array like this:

const static unsigned char deviceCertificate[] = {
   OUTPUT OF ABOVE
};
const static int deviceCertificateLength = sizeof(deviceCertificate);

For converting keys, the command is the same buy you use the rsa subcommand of openssl (or dsa if you used DSA keys):

openssl rsa -in key.pem -outform DER | xxd -i

In anycase, to use the PEM files with the CyaSSL server, download the CyaSSL example server from here: http://yassl.com/yaSSL/download/downloadForm.php. Configure it with debugging and dtls before compiling (I've also enabled PSK because I'm testing that):

./configure --enable-psk --enable-debug --enable-dtls

Then do

make

Now, the cyaSSL server needs the PEM certificates above to work with those setup on the mbed device, but it is particular about where these PEM certs are found. You need to put them in the certs directory in the root of the unzipped code (it seems to ignore flags which point it elsewhere).

And for some reason cyaSSL calls the CA certificate the "client-cert.pem", so copy the server certificate above into "certs/client-cert.pem" and also copy it into "certs/server-cert.pem". Copy the server private key into "certs/server-key.pem".

Now change directory into example/server/ and run the server like this:

./server -u -b -f

These flags are -u for UDP i.e DTLS, -b to bind to all interfaces, and -f to group messages (fewer packets). For some reason this last flag is needed to work properly with the mbed.

You should now be able to fire up the mbed, change the code to point to your server, and see the handshake and test messages go back and forth. You can see it works because you should see the message "I hear you fa shizzle!" on the mbed (this is the message they define), and you should see the message "onion" received on the server.

Generating your own keys and certificates

OK so you want to generate your own self-signed certificate for your server and device. Great, but I'm too busy/lazy to write a detailed tutorial right now. Instead I've created you a shell script that randomly generates a new self-signed CA/server-cert and uses this to sign a device certificate.

The device certificate and private key are placed into a directory called mbed/certs where as the server certs are placed in server/certs. You'll have to read up on these commands to work out how to generate and sign more device certs, and how to change options etc. HTH.

#!/bin/sh
CA_KEY_FILE=ca_key.pem
CA_KEY_FORMAT=PEM
CA_KEY_ALGORITHM=rsa
CA_KEY_BITS=1024
# 1. Make a key for the CA (in this case the server)
echo Generating $CA_KEY_ALGORITHM key: $CA_KEY_FILE
openssl genpkey \
	-out $CA_KEY_FILE \
	-outform $CA_KEY_FORMAT \
	-algorithm $CA_KEY_ALGORITHM \
	-pkeyopt rsa_keygen_bits:$CA_KEY_BITS
echo DONE 
# extract public key (for vanity)
openssl pkey \
	-in $CA_KEY_FILE \
	-pubout \
	-out $CA_KEY_FILE.pub

# 2. Make a self signed certificate for the CA (trusted certificate)
# req - PKCS#10 certificate request and certificate generating utility.
CA_CERT_EXPIRY=3600
CA_CERT_SERIAL=0x1111
CA_CERT_FILE=ca_cert.pem
CA_CERT_REQ=ca_cert_req.pem
CA_ID=DMServer
echo Generating self signed root CA certificate: $CA_CERT_FILE
openssl req \
	-new \
	-key $CA_KEY_FILE \
	-days $CA_CERT_EXPIRY \
	-set_serial $CA_CERT_SERIAL \
	-subj "/C=GB/ST=Berkshire/L=Newbury/O=Vodafone/OU=R&D/CN=$CA_ID" \
	-out $CA_CERT_FILE \
	-x509 \
	-verbose 
echo DONE.

# 3. Make a key for the device
DEV_KEY_FILE=dev_key.pem
DEV_KEY_FORMAT=PEM
DEV_KEY_ALGORITHM=rsa
DEV_KEY_BITS=1024
echo Generating $DEV_KEY_ALGORITHM key: $DEV_KEY_FILE
openssl genpkey \
	-out $DEV_KEY_FILE \
	-outform $DEV_KEY_FORMAT \
	-algorithm $DEV_KEY_ALGORITHM \
	-pkeyopt rsa_keygen_bits:$DEV_KEY_BITS
echo DONE 
# extract public key (for vanity)
openssl pkey \
	-in $DEV_KEY_FILE \
	-pubout \
	-out $DEV_KEY_FILE.pub

# 4. Make a certificate request for the device
DEV_CERT_EXPIRY=3600
DEV_CERT_SERIAL=2222
DEV_CERT_REQ_FILE=dev_cert_req.pem
DEV_CERT_FILE=dev_cert.pem
DEV_ID=Device1
echo Generating certificate request for device: $DEV_CERT_REQ_FILE
openssl req \
	-new \
	-key $DEV_KEY_FILE \
	-days $DEV_CERT_EXPIRY \
	-set_serial $DEV_CERT_SERIAL \
	-subj "/C=GB/ST=Berkshire/L=Newbury/O=Vodafone/OU=R&D/CN=$DEV_ID" \
	-out $DEV_CERT_REQ_FILE \
	-verbose 

echo DONE.

# 5. Sign the device certificate using the root CA certificate
echo Creating directories and other stuff I really wish was not needed
mkdir -p demoCA/newcerts
touch demoCA/index.txt
echo $DEV_CERT_SERIAL > demoCA/serial
echo DONE.
# do the actual signing
echo Signing certificate request $DEV_CERT_REQ_FILE with certificate $CA_CERT_FILE
openssl ca \
	-in $DEV_CERT_REQ_FILE \
	-out $DEV_CERT_FILE \
	-days $DEV_CERT_EXPIRY \
	-keyfile $CA_KEY_FILE \
	-cert $CA_CERT_FILE \
	-batch \
	-verbose

echo DONE.

# 6 convert this stuff into a format suitable for mbed
echo Creating mbed include files
MBED_DIR=mbed/certs
mkdir -p $MBED_DIR
# private key
OUT=$MBED_DIR/device_private_key.h
echo "#pragma once" > $OUT
echo "const static unsigned char devicePrivateKey[] = {" >> $OUT
openssl $DEV_KEY_ALGORITHM -in $DEV_KEY_FILE -outform DER | xxd -i >> $OUT
echo "};" >> $OUT
echo "const static int devicePrivateKeyLength = sizeof(devicePrivateKey);" >> $OUT

# device cert
OUT=$MBED_DIR/device_certificate.h
echo "#pragma once" > $OUT
echo "const static unsigned char deviceCertificate[] = {" >> $OUT
openssl x509 -in $DEV_CERT_FILE -outform DER | xxd -i >> $OUT
echo "};" >> $OUT
echo "const static int deviceCertificateLength = sizeof(deviceCertificate);" >> $OUT

# CA cert
OUT=$MBED_DIR/root_certificate.h
echo "#pragma once" > $OUT
echo "const static unsigned char rootCertificate[] = {" >> $OUT
openssl x509 -in $CA_CERT_FILE -outform DER | xxd -i >> $OUT
echo "};" >> $OUT
echo "const static int rootCertificateLength = sizeof(rootCertificate);" >> $OUT
echo DONE.

# create (copy) the server files for CyaSSL
echo Creating PEM file structure of CyaSSL server
OUT=server/certs
mkdir -p $OUT
cp $CA_CERT_FILE $OUT/client_cert.pem
cp $CA_CERT_FILE $OUT/server_cert.pem
cp $CA_KEY_FILE $OUT/server_key.pem
echo DONE.

certs/root_certificate.h@4:df1e7ada3ef2, 2013-09-19 (annotated)

Committer:
ashleymills
Date:
Thu Sep 19 13:26:15 2013 +0000
Revision:
4:df1e7ada3ef2
Parent:
0:00174d07d068 
Added DN verification.

Who changed what in which revision?

UserRevisionLine numberNew contents of line
ashleymills 0:00174d07d068 1 #pragma once
ashleymills 0:00174d07d068 2
ashleymills 0:00174d07d068 3 const static unsigned char rootCertificate[] = {
ashleymills 0:00174d07d068 4 0x30, 0x82, 0x02, 0x95, 0x30, 0x82, 0x01, 0xfe, 0xa0, 0x03, 0x02, 0x01,
ashleymills 0:00174d07d068 5 0x02, 0x02, 0x02, 0x11, 0x11, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48,
ashleymills 0:00174d07d068 6 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, 0x67, 0x31, 0x0b,
ashleymills 0:00174d07d068 7 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x47, 0x42, 0x31,
ashleymills 0:00174d07d068 8 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x09, 0x42, 0x65,
ashleymills 0:00174d07d068 9 0x72, 0x6b, 0x73, 0x68, 0x69, 0x72, 0x65, 0x31, 0x10, 0x30, 0x0e, 0x06,
ashleymills 0:00174d07d068 10 0x03, 0x55, 0x04, 0x07, 0x0c, 0x07, 0x4e, 0x65, 0x77, 0x62, 0x75, 0x72,
ashleymills 0:00174d07d068 11 0x79, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08,
ashleymills 0:00174d07d068 12 0x56, 0x6f, 0x64, 0x61, 0x66, 0x6f, 0x6e, 0x65, 0x31, 0x0c, 0x30, 0x0a,
ashleymills 0:00174d07d068 13 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x03, 0x52, 0x26, 0x44, 0x31, 0x11,
ashleymills 0:00174d07d068 14 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x08, 0x44, 0x4d, 0x53,
ashleymills 0:00174d07d068 15 0x65, 0x72, 0x76, 0x65, 0x72, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x33, 0x30,
ashleymills 0:00174d07d068 16 0x39, 0x30, 0x33, 0x31, 0x34, 0x30, 0x36, 0x30, 0x38, 0x5a, 0x17, 0x0d,
ashleymills 0:00174d07d068 17 0x32, 0x33, 0x30, 0x37, 0x31, 0x33, 0x31, 0x34, 0x30, 0x36, 0x30, 0x38,
ashleymills 0:00174d07d068 18 0x5a, 0x30, 0x67, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06,
ashleymills 0:00174d07d068 19 0x13, 0x02, 0x47, 0x42, 0x31, 0x12, 0x30, 0x10, 0x06, 0x03, 0x55, 0x04,
ashleymills 0:00174d07d068 20 0x08, 0x0c, 0x09, 0x42, 0x65, 0x72, 0x6b, 0x73, 0x68, 0x69, 0x72, 0x65,
ashleymills 0:00174d07d068 21 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x07, 0x4e,
ashleymills 0:00174d07d068 22 0x65, 0x77, 0x62, 0x75, 0x72, 0x79, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03,
ashleymills 0:00174d07d068 23 0x55, 0x04, 0x0a, 0x0c, 0x08, 0x56, 0x6f, 0x64, 0x61, 0x66, 0x6f, 0x6e,
ashleymills 0:00174d07d068 24 0x65, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x03,
ashleymills 0:00174d07d068 25 0x52, 0x26, 0x44, 0x31, 0x11, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x04, 0x03,
ashleymills 0:00174d07d068 26 0x0c, 0x08, 0x44, 0x4d, 0x53, 0x65, 0x72, 0x76, 0x65, 0x72, 0x30, 0x81,
ashleymills 0:00174d07d068 27 0x9f, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
ashleymills 0:00174d07d068 28 0x01, 0x01, 0x05, 0x00, 0x03, 0x81, 0x8d, 0x00, 0x30, 0x81, 0x89, 0x02,
ashleymills 0:00174d07d068 29 0x81, 0x81, 0x00, 0xba, 0x95, 0x99, 0x1e, 0x6e, 0x75, 0x45, 0xb3, 0x24,
ashleymills 0:00174d07d068 30 0x12, 0x4b, 0xca, 0x02, 0xf8, 0x25, 0x33, 0xde, 0x81, 0x71, 0x65, 0x52,
ashleymills 0:00174d07d068 31 0x73, 0x15, 0xbb, 0x29, 0xa5, 0xc5, 0x86, 0x6d, 0x40, 0xae, 0xdb, 0x75,
ashleymills 0:00174d07d068 32 0xd5, 0x59, 0xb9, 0x29, 0x30, 0xb4, 0xac, 0x8f, 0xb4, 0x92, 0x21, 0xb9,
ashleymills 0:00174d07d068 33 0xe2, 0x4c, 0x61, 0xbd, 0x8e, 0xde, 0xb9, 0x67, 0x94, 0x71, 0x0a, 0x89,
ashleymills 0:00174d07d068 34 0x28, 0x7c, 0x54, 0x4c, 0x58, 0xd4, 0x5a, 0xff, 0x13, 0x70, 0x9a, 0xf3,
ashleymills 0:00174d07d068 35 0x9a, 0x32, 0x1e, 0xe4, 0x4b, 0x61, 0x8a, 0x92, 0xe9, 0x74, 0xdf, 0x95,
ashleymills 0:00174d07d068 36 0xfc, 0xf2, 0x42, 0x3b, 0xf1, 0x62, 0x2d, 0x74, 0xa2, 0xca, 0x44, 0x2c,
ashleymills 0:00174d07d068 37 0x0b, 0xe5, 0x61, 0xc9, 0x4f, 0x01, 0x28, 0xd6, 0x2b, 0xa6, 0xca, 0x72,
ashleymills 0:00174d07d068 38 0x89, 0x0d, 0x74, 0xf4, 0xa3, 0xe8, 0xc9, 0xb1, 0xfc, 0x90, 0xae, 0xd6,
ashleymills 0:00174d07d068 39 0xd8, 0x85, 0xdf, 0xd9, 0xdf, 0x40, 0x68, 0xba, 0xf3, 0x72, 0x05, 0x02,
ashleymills 0:00174d07d068 40 0x03, 0x01, 0x00, 0x01, 0xa3, 0x50, 0x30, 0x4e, 0x30, 0x1d, 0x06, 0x03,
ashleymills 0:00174d07d068 41 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0xaa, 0x27, 0x1a, 0x6f, 0x88,
ashleymills 0:00174d07d068 42 0x72, 0x8c, 0x2d, 0x2d, 0xc2, 0x5a, 0xc5, 0x74, 0x82, 0xa5, 0x44, 0xd1,
ashleymills 0:00174d07d068 43 0x3d, 0xa3, 0x15, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18,
ashleymills 0:00174d07d068 44 0x30, 0x16, 0x80, 0x14, 0xaa, 0x27, 0x1a, 0x6f, 0x88, 0x72, 0x8c, 0x2d,
ashleymills 0:00174d07d068 45 0x2d, 0xc2, 0x5a, 0xc5, 0x74, 0x82, 0xa5, 0x44, 0xd1, 0x3d, 0xa3, 0x15,
ashleymills 0:00174d07d068 46 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01,
ashleymills 0:00174d07d068 47 0x01, 0xff, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
ashleymills 0:00174d07d068 48 0x01, 0x01, 0x05, 0x05, 0x00, 0x03, 0x81, 0x81, 0x00, 0x7d, 0x38, 0x65,
ashleymills 0:00174d07d068 49 0xbb, 0x6b, 0xbb, 0xde, 0x19, 0xb7, 0xaa, 0xe6, 0x49, 0x5f, 0x9e, 0xe3,
ashleymills 0:00174d07d068 50 0xa0, 0xc4, 0x67, 0xfc, 0xdf, 0xa5, 0xd8, 0xa6, 0x38, 0xab, 0x5e, 0x98,
ashleymills 0:00174d07d068 51 0x23, 0xe8, 0x19, 0x22, 0x82, 0x65, 0x2c, 0x5f, 0xee, 0x21, 0x9c, 0x3a,
ashleymills 0:00174d07d068 52 0xe0, 0xeb, 0xb1, 0x7c, 0xa3, 0x5f, 0x22, 0xf2, 0xaf, 0x08, 0xbe, 0x78,
ashleymills 0:00174d07d068 53 0x2d, 0x0f, 0xbf, 0xa6, 0x58, 0x7e, 0xf0, 0x2c, 0xec, 0x99, 0x97, 0x63,
ashleymills 0:00174d07d068 54 0x75, 0x5f, 0x52, 0xff, 0x5f, 0x89, 0x79, 0xf7, 0xbe, 0x46, 0x11, 0x28,
ashleymills 0:00174d07d068 55 0x82, 0x34, 0xaf, 0x16, 0x3b, 0x36, 0xa3, 0x25, 0x5a, 0x30, 0x28, 0xd9,
ashleymills 0:00174d07d068 56 0x3b, 0x15, 0xae, 0x8e, 0xf6, 0x49, 0xdd, 0x77, 0x61, 0xa5, 0x76, 0x49,
ashleymills 0:00174d07d068 57 0xb1, 0xd9, 0xc4, 0xc7, 0x8a, 0xe0, 0x98, 0x78, 0xa3, 0xdd, 0xeb, 0x37,
ashleymills 0:00174d07d068 58 0x4b, 0x36, 0xab, 0x4d, 0x28, 0xcf, 0x55, 0x6f, 0x0c, 0xa4, 0x15, 0x38,
ashleymills 0:00174d07d068 59 0x1f, 0xc3, 0x4a, 0x95, 0x62
ashleymills 0:00174d07d068 60 /* PEM
ashleymills 0:00174d07d068 61 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x42, 0x45, 0x47, 0x49, 0x4e, 0x20, 0x43,
ashleymills 0:00174d07d068 62 0x45, 0x52, 0x54, 0x49, 0x46, 0x49, 0x43, 0x41, 0x54, 0x45, 0x2d, 0x2d,
ashleymills 0:00174d07d068 63 0x2d, 0x2d, 0x2d, 0x0a, 0x4d, 0x49, 0x49, 0x43, 0x6c, 0x54, 0x43, 0x43,
ashleymills 0:00174d07d068 64 0x41, 0x66, 0x36, 0x67, 0x41, 0x77, 0x49, 0x42, 0x41, 0x67, 0x49, 0x43,
ashleymills 0:00174d07d068 65 0x45, 0x52, 0x45, 0x77, 0x44, 0x51, 0x59, 0x4a, 0x4b, 0x6f, 0x5a, 0x49,
ashleymills 0:00174d07d068 66 0x68, 0x76, 0x63, 0x4e, 0x41, 0x51, 0x45, 0x46, 0x42, 0x51, 0x41, 0x77,
ashleymills 0:00174d07d068 67 0x5a, 0x7a, 0x45, 0x4c, 0x4d, 0x41, 0x6b, 0x47, 0x41, 0x31, 0x55, 0x45,
ashleymills 0:00174d07d068 68 0x42, 0x68, 0x4d, 0x43, 0x52, 0x30, 0x49, 0x78, 0x0a, 0x45, 0x6a, 0x41,
ashleymills 0:00174d07d068 69 0x51, 0x42, 0x67, 0x4e, 0x56, 0x42, 0x41, 0x67, 0x4d, 0x43, 0x55, 0x4a,
ashleymills 0:00174d07d068 70 0x6c, 0x63, 0x6d, 0x74, 0x7a, 0x61, 0x47, 0x6c, 0x79, 0x5a, 0x54, 0x45,
ashleymills 0:00174d07d068 71 0x51, 0x4d, 0x41, 0x34, 0x47, 0x41, 0x31, 0x55, 0x45, 0x42, 0x77, 0x77,
ashleymills 0:00174d07d068 72 0x48, 0x54, 0x6d, 0x56, 0x33, 0x59, 0x6e, 0x56, 0x79, 0x65, 0x54, 0x45,
ashleymills 0:00174d07d068 73 0x52, 0x4d, 0x41, 0x38, 0x47, 0x41, 0x31, 0x55, 0x45, 0x43, 0x67, 0x77,
ashleymills 0:00174d07d068 74 0x49, 0x0a, 0x56, 0x6d, 0x39, 0x6b, 0x59, 0x57, 0x5a, 0x76, 0x62, 0x6d,
ashleymills 0:00174d07d068 75 0x55, 0x78, 0x44, 0x44, 0x41, 0x4b, 0x42, 0x67, 0x4e, 0x56, 0x42, 0x41,
ashleymills 0:00174d07d068 76 0x73, 0x4d, 0x41, 0x31, 0x49, 0x6d, 0x52, 0x44, 0x45, 0x52, 0x4d, 0x41,
ashleymills 0:00174d07d068 77 0x38, 0x47, 0x41, 0x31, 0x55, 0x45, 0x41, 0x77, 0x77, 0x49, 0x52, 0x45,
ashleymills 0:00174d07d068 78 0x31, 0x54, 0x5a, 0x58, 0x4a, 0x32, 0x5a, 0x58, 0x49, 0x77, 0x48, 0x68,
ashleymills 0:00174d07d068 79 0x63, 0x4e, 0x4d, 0x54, 0x4d, 0x77, 0x0a, 0x4f, 0x54, 0x41, 0x7a, 0x4d,
ashleymills 0:00174d07d068 80 0x54, 0x51, 0x77, 0x4e, 0x6a, 0x41, 0x34, 0x57, 0x68, 0x63, 0x4e, 0x4d,
ashleymills 0:00174d07d068 81 0x6a, 0x4d, 0x77, 0x4e, 0x7a, 0x45, 0x7a, 0x4d, 0x54, 0x51, 0x77, 0x4e,
ashleymills 0:00174d07d068 82 0x6a, 0x41, 0x34, 0x57, 0x6a, 0x42, 0x6e, 0x4d, 0x51, 0x73, 0x77, 0x43,
ashleymills 0:00174d07d068 83 0x51, 0x59, 0x44, 0x56, 0x51, 0x51, 0x47, 0x45, 0x77, 0x4a, 0x48, 0x51,
ashleymills 0:00174d07d068 84 0x6a, 0x45, 0x53, 0x4d, 0x42, 0x41, 0x47, 0x41, 0x31, 0x55, 0x45, 0x0a,
ashleymills 0:00174d07d068 85 0x43, 0x41, 0x77, 0x4a, 0x51, 0x6d, 0x56, 0x79, 0x61, 0x33, 0x4e, 0x6f,
ashleymills 0:00174d07d068 86 0x61, 0x58, 0x4a, 0x6c, 0x4d, 0x52, 0x41, 0x77, 0x44, 0x67, 0x59, 0x44,
ashleymills 0:00174d07d068 87 0x56, 0x51, 0x51, 0x48, 0x44, 0x41, 0x64, 0x4f, 0x5a, 0x58, 0x64, 0x69,
ashleymills 0:00174d07d068 88 0x64, 0x58, 0x4a, 0x35, 0x4d, 0x52, 0x45, 0x77, 0x44, 0x77, 0x59, 0x44,
ashleymills 0:00174d07d068 89 0x56, 0x51, 0x51, 0x4b, 0x44, 0x41, 0x68, 0x57, 0x62, 0x32, 0x52, 0x68,
ashleymills 0:00174d07d068 90 0x5a, 0x6d, 0x39, 0x75, 0x0a, 0x5a, 0x54, 0x45, 0x4d, 0x4d, 0x41, 0x6f,
ashleymills 0:00174d07d068 91 0x47, 0x41, 0x31, 0x55, 0x45, 0x43, 0x77, 0x77, 0x44, 0x55, 0x69, 0x5a,
ashleymills 0:00174d07d068 92 0x45, 0x4d, 0x52, 0x45, 0x77, 0x44, 0x77, 0x59, 0x44, 0x56, 0x51, 0x51,
ashleymills 0:00174d07d068 93 0x44, 0x44, 0x41, 0x68, 0x45, 0x54, 0x56, 0x4e, 0x6c, 0x63, 0x6e, 0x5a,
ashleymills 0:00174d07d068 94 0x6c, 0x63, 0x6a, 0x43, 0x42, 0x6e, 0x7a, 0x41, 0x4e, 0x42, 0x67, 0x6b,
ashleymills 0:00174d07d068 95 0x71, 0x68, 0x6b, 0x69, 0x47, 0x39, 0x77, 0x30, 0x42, 0x0a, 0x41, 0x51,
ashleymills 0:00174d07d068 96 0x45, 0x46, 0x41, 0x41, 0x4f, 0x42, 0x6a, 0x51, 0x41, 0x77, 0x67, 0x59,
ashleymills 0:00174d07d068 97 0x6b, 0x43, 0x67, 0x59, 0x45, 0x41, 0x75, 0x70, 0x57, 0x5a, 0x48, 0x6d,
ashleymills 0:00174d07d068 98 0x35, 0x31, 0x52, 0x62, 0x4d, 0x6b, 0x45, 0x6b, 0x76, 0x4b, 0x41, 0x76,
ashleymills 0:00174d07d068 99 0x67, 0x6c, 0x4d, 0x39, 0x36, 0x42, 0x63, 0x57, 0x56, 0x53, 0x63, 0x78,
ashleymills 0:00174d07d068 100 0x57, 0x37, 0x4b, 0x61, 0x58, 0x46, 0x68, 0x6d, 0x31, 0x41, 0x72, 0x74,
ashleymills 0:00174d07d068 101 0x74, 0x31, 0x0a, 0x31, 0x56, 0x6d, 0x35, 0x4b, 0x54, 0x43, 0x30, 0x72,
ashleymills 0:00174d07d068 102 0x49, 0x2b, 0x30, 0x6b, 0x69, 0x47, 0x35, 0x34, 0x6b, 0x78, 0x68, 0x76,
ashleymills 0:00174d07d068 103 0x59, 0x37, 0x65, 0x75, 0x57, 0x65, 0x55, 0x63, 0x51, 0x71, 0x4a, 0x4b,
ashleymills 0:00174d07d068 104 0x48, 0x78, 0x55, 0x54, 0x46, 0x6a, 0x55, 0x57, 0x76, 0x38, 0x54, 0x63,
ashleymills 0:00174d07d068 105 0x4a, 0x72, 0x7a, 0x6d, 0x6a, 0x49, 0x65, 0x35, 0x45, 0x74, 0x68, 0x69,
ashleymills 0:00174d07d068 106 0x70, 0x4c, 0x70, 0x64, 0x4e, 0x2b, 0x56, 0x0a, 0x2f, 0x50, 0x4a, 0x43,
ashleymills 0:00174d07d068 107 0x4f, 0x2f, 0x46, 0x69, 0x4c, 0x58, 0x53, 0x69, 0x79, 0x6b, 0x51, 0x73,
ashleymills 0:00174d07d068 108 0x43, 0x2b, 0x56, 0x68, 0x79, 0x55, 0x38, 0x42, 0x4b, 0x4e, 0x59, 0x72,
ashleymills 0:00174d07d068 109 0x70, 0x73, 0x70, 0x79, 0x69, 0x51, 0x31, 0x30, 0x39, 0x4b, 0x50, 0x6f,
ashleymills 0:00174d07d068 110 0x79, 0x62, 0x48, 0x38, 0x6b, 0x4b, 0x37, 0x57, 0x32, 0x49, 0x58, 0x66,
ashleymills 0:00174d07d068 111 0x32, 0x64, 0x39, 0x41, 0x61, 0x4c, 0x72, 0x7a, 0x63, 0x67, 0x55, 0x43,
ashleymills 0:00174d07d068 112 0x0a, 0x41, 0x77, 0x45, 0x41, 0x41, 0x61, 0x4e, 0x51, 0x4d, 0x45, 0x34,
ashleymills 0:00174d07d068 113 0x77, 0x48, 0x51, 0x59, 0x44, 0x56, 0x52, 0x30, 0x4f, 0x42, 0x42, 0x59,
ashleymills 0:00174d07d068 114 0x45, 0x46, 0x4b, 0x6f, 0x6e, 0x47, 0x6d, 0x2b, 0x49, 0x63, 0x6f, 0x77,
ashleymills 0:00174d07d068 115 0x74, 0x4c, 0x63, 0x4a, 0x61, 0x78, 0x58, 0x53, 0x43, 0x70, 0x55, 0x54,
ashleymills 0:00174d07d068 116 0x52, 0x50, 0x61, 0x4d, 0x56, 0x4d, 0x42, 0x38, 0x47, 0x41, 0x31, 0x55,
ashleymills 0:00174d07d068 117 0x64, 0x49, 0x77, 0x51, 0x59, 0x0a, 0x4d, 0x42, 0x61, 0x41, 0x46, 0x4b,
ashleymills 0:00174d07d068 118 0x6f, 0x6e, 0x47, 0x6d, 0x2b, 0x49, 0x63, 0x6f, 0x77, 0x74, 0x4c, 0x63,
ashleymills 0:00174d07d068 119 0x4a, 0x61, 0x78, 0x58, 0x53, 0x43, 0x70, 0x55, 0x54, 0x52, 0x50, 0x61,
ashleymills 0:00174d07d068 120 0x4d, 0x56, 0x4d, 0x41, 0x77, 0x47, 0x41, 0x31, 0x55, 0x64, 0x45, 0x77,
ashleymills 0:00174d07d068 121 0x51, 0x46, 0x4d, 0x41, 0x4d, 0x42, 0x41, 0x66, 0x38, 0x77, 0x44, 0x51,
ashleymills 0:00174d07d068 122 0x59, 0x4a, 0x4b, 0x6f, 0x5a, 0x49, 0x68, 0x76, 0x63, 0x4e, 0x0a, 0x41,
ashleymills 0:00174d07d068 123 0x51, 0x45, 0x46, 0x42, 0x51, 0x41, 0x44, 0x67, 0x59, 0x45, 0x41, 0x66,
ashleymills 0:00174d07d068 124 0x54, 0x68, 0x6c, 0x75, 0x32, 0x75, 0x37, 0x33, 0x68, 0x6d, 0x33, 0x71,
ashleymills 0:00174d07d068 125 0x75, 0x5a, 0x4a, 0x58, 0x35, 0x37, 0x6a, 0x6f, 0x4d, 0x52, 0x6e, 0x2f,
ashleymills 0:00174d07d068 126 0x4e, 0x2b, 0x6c, 0x32, 0x4b, 0x59, 0x34, 0x71, 0x31, 0x36, 0x59, 0x49,
ashleymills 0:00174d07d068 127 0x2b, 0x67, 0x5a, 0x49, 0x6f, 0x4a, 0x6c, 0x4c, 0x46, 0x2f, 0x75, 0x49,
ashleymills 0:00174d07d068 128 0x5a, 0x77, 0x36, 0x0a, 0x34, 0x4f, 0x75, 0x78, 0x66, 0x4b, 0x4e, 0x66,
ashleymills 0:00174d07d068 129 0x49, 0x76, 0x4b, 0x76, 0x43, 0x4c, 0x35, 0x34, 0x4c, 0x51, 0x2b, 0x2f,
ashleymills 0:00174d07d068 130 0x70, 0x6c, 0x68, 0x2b, 0x38, 0x43, 0x7a, 0x73, 0x6d, 0x5a, 0x64, 0x6a,
ashleymills 0:00174d07d068 131 0x64, 0x56, 0x39, 0x53, 0x2f, 0x31, 0x2b, 0x4a, 0x65, 0x66, 0x65, 0x2b,
ashleymills 0:00174d07d068 132 0x52, 0x68, 0x45, 0x6f, 0x67, 0x6a, 0x53, 0x76, 0x46, 0x6a, 0x73, 0x32,
ashleymills 0:00174d07d068 133 0x6f, 0x79, 0x56, 0x61, 0x4d, 0x43, 0x6a, 0x5a, 0x0a, 0x4f, 0x78, 0x57,
ashleymills 0:00174d07d068 134 0x75, 0x6a, 0x76, 0x5a, 0x4a, 0x33, 0x58, 0x64, 0x68, 0x70, 0x58, 0x5a,
ashleymills 0:00174d07d068 135 0x4a, 0x73, 0x64, 0x6e, 0x45, 0x78, 0x34, 0x72, 0x67, 0x6d, 0x48, 0x69,
ashleymills 0:00174d07d068 136 0x6a, 0x33, 0x65, 0x73, 0x33, 0x53, 0x7a, 0x61, 0x72, 0x54, 0x53, 0x6a,
ashleymills 0:00174d07d068 137 0x50, 0x56, 0x57, 0x38, 0x4d, 0x70, 0x42, 0x55, 0x34, 0x48, 0x38, 0x4e,
ashleymills 0:00174d07d068 138 0x4b, 0x6c, 0x57, 0x49, 0x3d, 0x0a, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x45,
ashleymills 0:00174d07d068 139 0x4e, 0x44, 0x20, 0x43, 0x45, 0x52, 0x54, 0x49, 0x46, 0x49, 0x43, 0x41,
ashleymills 0:00174d07d068 140 0x54, 0x45, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x0a
ashleymills 0:00174d07d068 141 */
ashleymills 0:00174d07d068 142 };
ashleymills 0:00174d07d068 143
ashleymills 0:00174d07d068 144 static const int rootCertificateLength = sizeof(rootCertificate);