From fd7c2c4a92bfa8362ab90822fb0736cc6eb1ffdf Mon Sep 17 00:00:00 2001 From: Emil Lundberg Date: Wed, 12 Jun 2024 13:14:06 +0200 Subject: [PATCH 1/4] Rename and redirect /static/U2F/ to /static/FIDO/ --- content/.htaccess | 21 ++++++++++++++++++ .../U2F/Attestation_and_Metadata/index.adoc | 6 ++--- static/{U2F => FIDO}/Images/BIO.png | Bin static/{U2F => FIDO}/Images/NEO.png | Bin static/{U2F => FIDO}/Images/PLS.png | Bin static/{U2F => FIDO}/Images/SKY-NFC.png | Bin static/{U2F => FIDO}/Images/SKY.png | Bin static/{U2F => FIDO}/Images/YK4.png | Bin static/{U2F => FIDO}/Images/YK5-series.png | Bin static/{U2F => FIDO}/Images/YK5.png | Bin static/{U2F => FIDO}/Images/YK5Ci.png | Bin static/{U2F => FIDO}/Images/YK5NFC-CNFC.png | Bin static/{U2F => FIDO}/Images/YKE.png | Bin static/{U2F => FIDO}/Images/yubico.png | Bin .../fido-preview-ca-cert-2019.pem | 0 .../fido-preview-ca-cert-2023.pem | 0 static/{U2F => FIDO}/fido-preview-ca-cert.pem | 0 .../yubico-fido-ca-1.pem} | 0 .../yubico-fido-ca-certs.txt} | 0 .../yubico-fido-ca-certs.txt.sig} | Bin static/{U2F => FIDO}/yubico-metadata.json | 0 21 files changed, 24 insertions(+), 3 deletions(-) rename static/{U2F => FIDO}/Images/BIO.png (100%) rename static/{U2F => FIDO}/Images/NEO.png (100%) rename static/{U2F => FIDO}/Images/PLS.png (100%) rename static/{U2F => FIDO}/Images/SKY-NFC.png (100%) rename static/{U2F => FIDO}/Images/SKY.png (100%) rename static/{U2F => FIDO}/Images/YK4.png (100%) rename static/{U2F => FIDO}/Images/YK5-series.png (100%) rename static/{U2F => FIDO}/Images/YK5.png (100%) rename static/{U2F => FIDO}/Images/YK5Ci.png (100%) rename static/{U2F => FIDO}/Images/YK5NFC-CNFC.png (100%) rename static/{U2F => FIDO}/Images/YKE.png (100%) rename static/{U2F => FIDO}/Images/yubico.png (100%) rename static/{U2F => FIDO}/fido-preview-ca-cert-2019.pem (100%) rename static/{U2F => FIDO}/fido-preview-ca-cert-2023.pem (100%) rename static/{U2F => FIDO}/fido-preview-ca-cert.pem (100%) rename static/{U2F/yubico-u2f-ca-1.pem => FIDO/yubico-fido-ca-1.pem} (100%) rename static/{U2F/yubico-u2f-ca-certs.txt => FIDO/yubico-fido-ca-certs.txt} (100%) rename static/{U2F/yubico-u2f-ca-certs.txt.sig => FIDO/yubico-fido-ca-certs.txt.sig} (100%) rename static/{U2F => FIDO}/yubico-metadata.json (100%) diff --git a/content/.htaccess b/content/.htaccess index 6aaf76777..066d57172 100644 --- a/content/.htaccess +++ b/content/.htaccess @@ -14,6 +14,27 @@ RewriteRule ^yubihsm2$ %{ENV:REQUEST_PROTO}://%{HTTP_HOST}/YubiHSM2/ [L,R=301] RewriteRule ^u2f/(.*)$ %{ENV:REQUEST_PROTO}://%{HTTP_HOST}/U2F/$1 [L,R=301] RewriteRule ^u2f$ %{ENV:REQUEST_PROTO}://%{HTTP_HOST}/U2F/ [L,R=301] +# Redirect renamed U2F files +RewriteRule ^U2F/Images/BIO.png$ FIDO/Images/BIO.png [L,R=301] +RewriteRule ^U2F/Images/NEO.png$ FIDO/Images/NEO.png [L,R=301] +RewriteRule ^U2F/Images/PLS.png$ FIDO/Images/PLS.png [L,R=301] +RewriteRule ^U2F/Images/SKY-NFC.png$ FIDO/Images/SKY-NFC.png [L,R=301] +RewriteRule ^U2F/Images/SKY.png$ FIDO/Images/SKY.png [L,R=301] +RewriteRule ^U2F/Images/YK4.png$ FIDO/Images/YK4.png [L,R=301] +RewriteRule ^U2F/Images/YK5-series.png$ FIDO/Images/YK5-series.png [L,R=301] +RewriteRule ^U2F/Images/YK5.png$ FIDO/Images/YK5.png [L,R=301] +RewriteRule ^U2F/Images/YK5Ci.png$ FIDO/Images/YK5Ci.png [L,R=301] +RewriteRule ^U2F/Images/YK5NFC-CNFC.png$ FIDO/Images/YK5NFC-CNFC.png [L,R=301] +RewriteRule ^U2F/Images/YKE.png$ FIDO/Images/YKE.png [L,R=301] +RewriteRule ^U2F/Images/yubico.png$ FIDO/Images/yubico.png [L,R=301] +RewriteRule ^U2F/fido-preview-ca-cert-2019.pem$ FIDO/fido-preview-ca-cert-2019.pem [L,R=301] +RewriteRule ^U2F/fido-preview-ca-cert-2023.pem$ FIDO/fido-preview-ca-cert-2023.pem [L,R=301] +RewriteRule ^U2F/fido-preview-ca-cert.pem$ FIDO/fido-preview-ca-cert.pem [L,R=301] +RewriteRule ^U2F/yubico-metadata.json$ FIDO/yubico-metadata.json [L,R=301] +RewriteRule ^U2F/yubico-u2f-ca-1.pem$ FIDO/yubico-fido-ca-1.pem [L,R=301] +RewriteRule ^U2F/yubico-u2f-ca-certs.txt$ FIDO/yubico-fido-ca-certs.txt [L,R=301] +RewriteRule ^U2F/yubico-u2f-ca-certs.txt.sig$ FIDO/yubico-fido-ca-certs.txt.sig [L,R=301] + # Redirect ssh to SSH RewriteRule ^ssh/(.*)$ %{ENV:REQUEST_PROTO}://%{HTTP_HOST}/SSH/$1 [L,R=301] RewriteRule ^ssh$ %{ENV:REQUEST_PROTO}://%{HTTP_HOST}/SSH/ [L,R=301] diff --git a/content/U2F/Attestation_and_Metadata/index.adoc b/content/U2F/Attestation_and_Metadata/index.adoc index 682697f2b..bceff6077 100644 --- a/content/U2F/Attestation_and_Metadata/index.adoc +++ b/content/U2F/Attestation_and_Metadata/index.adoc @@ -12,10 +12,10 @@ user, when listing his or her registered devices. It's up to each U2F/WebAuthn device vendor to decide what type of information goes into the attestation certificates, and how the authenticity of a certificate is validated. In Yubico's case, all our attestation certificates are signed by -link:/u2f/yubico-u2f-ca-certs.txt[our root CA]. The same attestation certificate is used for both U2F and WebAuthn. +link:/FIDO/yubico-fido-ca-certs.txt[our root CA]. The same attestation certificate is used for both U2F and WebAuthn. NOTE: If you have a YubiKey Preview device, the attestation certificate will -instead be signed by our link:/u2f/fido-preview-ca-cert-2023.pem[2023Yubico FIDO Preview CA] or link:/u2f/fido-preview-ca-cert.pem[Yubico FIDO Preview CA (prior to 2023)]. +instead be signed by our link:/FIDO/fido-preview-ca-cert-2023.pem[2023Yubico FIDO Preview CA] or link:/FIDO/fido-preview-ca-cert.pem[Yubico FIDO Preview CA (prior to 2023)]. === Yubico's metadata format @@ -26,7 +26,7 @@ information about the device model itself. For this reason Yubico has specified metadata format which allows mapping attestation certificates to additional information about the device model and vendor, providing product images, etc. Yubico provides such metadata about our devices -link:/u2f/yubico-metadata.json[here]. Several of our +link:/FIDO/yubico-metadata.json[here]. Several of our link:/Software_Projects/FIDO_U2F/U2F_Server_Libraries/[U2F server libraries] are capable of reading this format. The same attestation certificate is used for both U2F and WebAuthn. diff --git a/static/U2F/Images/BIO.png b/static/FIDO/Images/BIO.png similarity index 100% rename from static/U2F/Images/BIO.png rename to static/FIDO/Images/BIO.png diff --git a/static/U2F/Images/NEO.png b/static/FIDO/Images/NEO.png similarity index 100% rename from static/U2F/Images/NEO.png rename to static/FIDO/Images/NEO.png diff --git a/static/U2F/Images/PLS.png b/static/FIDO/Images/PLS.png similarity index 100% rename from static/U2F/Images/PLS.png rename to static/FIDO/Images/PLS.png diff --git a/static/U2F/Images/SKY-NFC.png b/static/FIDO/Images/SKY-NFC.png similarity index 100% rename from static/U2F/Images/SKY-NFC.png rename to static/FIDO/Images/SKY-NFC.png diff --git a/static/U2F/Images/SKY.png b/static/FIDO/Images/SKY.png similarity index 100% rename from static/U2F/Images/SKY.png rename to static/FIDO/Images/SKY.png diff --git a/static/U2F/Images/YK4.png b/static/FIDO/Images/YK4.png similarity index 100% rename from static/U2F/Images/YK4.png rename to static/FIDO/Images/YK4.png diff --git a/static/U2F/Images/YK5-series.png b/static/FIDO/Images/YK5-series.png similarity index 100% rename from static/U2F/Images/YK5-series.png rename to static/FIDO/Images/YK5-series.png diff --git a/static/U2F/Images/YK5.png b/static/FIDO/Images/YK5.png similarity index 100% rename from static/U2F/Images/YK5.png rename to static/FIDO/Images/YK5.png diff --git a/static/U2F/Images/YK5Ci.png b/static/FIDO/Images/YK5Ci.png similarity index 100% rename from static/U2F/Images/YK5Ci.png rename to static/FIDO/Images/YK5Ci.png diff --git a/static/U2F/Images/YK5NFC-CNFC.png b/static/FIDO/Images/YK5NFC-CNFC.png similarity index 100% rename from static/U2F/Images/YK5NFC-CNFC.png rename to static/FIDO/Images/YK5NFC-CNFC.png diff --git a/static/U2F/Images/YKE.png b/static/FIDO/Images/YKE.png similarity index 100% rename from static/U2F/Images/YKE.png rename to static/FIDO/Images/YKE.png diff --git a/static/U2F/Images/yubico.png b/static/FIDO/Images/yubico.png similarity index 100% rename from static/U2F/Images/yubico.png rename to static/FIDO/Images/yubico.png diff --git a/static/U2F/fido-preview-ca-cert-2019.pem b/static/FIDO/fido-preview-ca-cert-2019.pem similarity index 100% rename from static/U2F/fido-preview-ca-cert-2019.pem rename to static/FIDO/fido-preview-ca-cert-2019.pem diff --git a/static/U2F/fido-preview-ca-cert-2023.pem b/static/FIDO/fido-preview-ca-cert-2023.pem similarity index 100% rename from static/U2F/fido-preview-ca-cert-2023.pem rename to static/FIDO/fido-preview-ca-cert-2023.pem diff --git a/static/U2F/fido-preview-ca-cert.pem b/static/FIDO/fido-preview-ca-cert.pem similarity index 100% rename from static/U2F/fido-preview-ca-cert.pem rename to static/FIDO/fido-preview-ca-cert.pem diff --git a/static/U2F/yubico-u2f-ca-1.pem b/static/FIDO/yubico-fido-ca-1.pem similarity index 100% rename from static/U2F/yubico-u2f-ca-1.pem rename to static/FIDO/yubico-fido-ca-1.pem diff --git a/static/U2F/yubico-u2f-ca-certs.txt b/static/FIDO/yubico-fido-ca-certs.txt similarity index 100% rename from static/U2F/yubico-u2f-ca-certs.txt rename to static/FIDO/yubico-fido-ca-certs.txt diff --git a/static/U2F/yubico-u2f-ca-certs.txt.sig b/static/FIDO/yubico-fido-ca-certs.txt.sig similarity index 100% rename from static/U2F/yubico-u2f-ca-certs.txt.sig rename to static/FIDO/yubico-fido-ca-certs.txt.sig diff --git a/static/U2F/yubico-metadata.json b/static/FIDO/yubico-metadata.json similarity index 100% rename from static/U2F/yubico-metadata.json rename to static/FIDO/yubico-metadata.json From 1003777808c89f6d673a06085a472120d64baa66 Mon Sep 17 00:00:00 2001 From: Emil Lundberg Date: Tue, 2 Jul 2024 17:10:01 +0200 Subject: [PATCH 2/4] Add new FIDO root CA cert --- static/FIDO/yubico-fido-ca-1.pem.sig | Bin 0 -> 119 bytes static/FIDO/yubico-fido-ca-2.pem | 20 +++++++++ static/FIDO/yubico-fido-ca-2.pem.sig | Bin 0 -> 119 bytes static/FIDO/yubico-fido-ca-certs.txt | 51 +++++++++++++++++++---- static/FIDO/yubico-fido-ca-certs.txt.sig | Bin 287 -> 119 bytes static/FIDO/yubico-metadata.json | 3 +- 6 files changed, 64 insertions(+), 10 deletions(-) create mode 100644 static/FIDO/yubico-fido-ca-1.pem.sig create mode 100644 static/FIDO/yubico-fido-ca-2.pem create mode 100644 static/FIDO/yubico-fido-ca-2.pem.sig diff --git a/static/FIDO/yubico-fido-ca-1.pem.sig b/static/FIDO/yubico-fido-ca-1.pem.sig new file mode 100644 index 0000000000000000000000000000000000000000..f80f755d9d95fff4b26944cb2062bfed19f3d3da GIT binary patch literal 119 zcmeAuWnmEGV2~A4WLfog{lPSgqq_q<_I=`aeq@?30Jh{(b{iEWTJ~!}k*vn8(WrqK8K{I0&v-DqYi+{9t`yQ_!5m2msx+Gxq=h literal 0 HcmV?d00001 diff --git a/static/FIDO/yubico-fido-ca-certs.txt b/static/FIDO/yubico-fido-ca-certs.txt index e1338a8b2..f39d97e8f 100644 --- a/static/FIDO/yubico-fido-ca-certs.txt +++ b/static/FIDO/yubico-fido-ca-certs.txt @@ -1,25 +1,31 @@ -Yubico U2F Device Attestation CA +Yubico FIDO Device Attestation CA ================================ -Last Update: 2014-09-01 +Last Update: 2024-07-02 -Yubico manufacturer U2F devices that contains device attestation -certificates signed by a set of Yubico CAs. This file contains the CA -certificates that Relying Parties (RP) need to configure their -software with to be able to verify U2F device certificates. +Yubico manufactures FIDO security keys that contain device attestation +certificates signed by a Yubico CA. This file contains the CA +certificates that Relying Parties (RP) need to configure their software +with to be able to verify FIDO and U2F certificates of Yubico devices. This file has been signed with OpenPGP and you should verify the signature and the authenticity of the public key before trusting the -content. The signature is located next to the file: +content. The signature is located next to the file: - https://developers.yubico.com/u2f/yubico-u2f-ca-certs.txt - https://developers.yubico.com/u2f/yubico-u2f-ca-certs.txt.sig + https://developers.yubico.com/FIDO/yubico-fido-ca-certs.txt + https://developers.yubico.com/FIDO/yubico-fido-ca-certs.txt.sig + +Signing keys and verification instructions are listed here: + + https://developers.yubico.com/Software_Projects/Software_Signing.html We will update this file from time to time when we publish more CA certificates. Name: Yubico U2F Root CA Serial 457200631 Issued: 2014-08-01 +Address: https://developers.yubico.com/FIDO/yubico-fido-ca-1.pem + https://developers.yubico.com/FIDO/yubico-fido-ca-1.pem.sig -----BEGIN CERTIFICATE----- MIIDHjCCAgagAwIBAgIEG0BT9zANBgkqhkiG9w0BAQsFADAuMSwwKgYDVQQDEyNZ @@ -40,3 +46,30 @@ LVVee6/VR6C5+KSTCMCWppMuJIZII2v9o4dkoZ8Y7QRjQlLfYzd3qGtKbw7xaF1U sG/5xUb/Btwb2X2g4InpiB/yt/3CpQXpiWX/K4mBvUKiGn05ZsqeY1gx4g0xLBqc U9psmyPzK+Vsgw2jeRQ5JlKDyqE0hebfC1tvFu0CCrJFcw== -----END CERTIFICATE----- + + +Name: Yubico FIDO Root CA Serial 450203556 +Issued: 2024-05-01 +Address: https://developers.yubico.com/FIDO/yubico-fido-ca-2.pem + https://developers.yubico.com/FIDO/yubico-fido-ca-2.pem.sig + +-----BEGIN CERTIFICATE----- +MIIDMzCCAhugAwIBAgIUSOEjTf//yqRfPW7Qq8qtIyCrAg8wDQYJKoZIhvcNAQEL +BQAwLzEtMCsGA1UEAwwkWXViaWNvIEZJRE8gUm9vdCBDQSBTZXJpYWwgNDUwMjAz +NTU2MCAXDTI0MDUwMTAwMDAwMFoYDzIwNjAwNDMwMDAwMDAwWjAvMS0wKwYDVQQD +DCRZdWJpY28gRklETyBSb290IENBIFNlcmlhbCA0NTAyMDM1NTYwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdvl27w2gu1fPXeEFbIdqx0BalvVDVWrQP +J7HqviuEtZHlxSLxSFtcXpTolvLvof8f4tMerQTkVGzcmYzm1EBT4IJuMmoEqfkE +EhWpsADMFrjZkqlZY9EqxQzLoVEEonE5oGxSdVCxCcLIackpyR/CCXvj1Bt/hTgE +9hTlF4pRqxMkx3plF7y8dDZlRHWs7vbnhmBCGeI0ZPEQ6nl2mCg2r74adF2u6K9r +rLfhBC3QLE8EPrgqUsI+hkuq2tK4M2SMOp8uUVVkqUeu3h0kr3WVI0W02pkgrOgi +FKLFNkSrbYhdjMBDj5izmqfc9xJRKoDX612qd8ZGVHpT5AYFX+1hAgMBAAGjRTBD +MB0GA1UdDgQWBBTZyU5DiQ/a2UEgE7qBK0zhIsRNRjASBgNVHRMBAf8ECDAGAQH/ +AgEAMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAXvnB4SLuUJfY +MSVGAhssL/SmWli3FSccgxydvKlACcidIIWKQqa3q/QSUEQzC9DgEfMgr7iC1BkT +ZbILboV6UZ5knNsvjEZWuMeogJ8tgZs1hVvKwZizwJ+mEcmsjhIrBYuoL1T6yrOJ +vKFg1jv+Cy4ZwA9Bpk/V3UOir1VyK8dCtyHu6vfosotAdYx8FAuR243gRTMV6Jx8 +Jdig2JDIAQMlzVeDpSUHX/K2HXRHxHwfgjbgUjjBu/72r8OfehyhzHXI3K8CFFdf +lO+8nEOJK3y8F1ivgS5uN/8SmcYw/STQYwhrxPuwz3nP8baMum4BB2nnYmpB60sX +3bl5k8QUSw== +-----END CERTIFICATE----- diff --git a/static/FIDO/yubico-fido-ca-certs.txt.sig b/static/FIDO/yubico-fido-ca-certs.txt.sig index 0459eebc152baf9f0000b4bf7635e3549246d474..3c901310efe01f015f5148fe5cde076974a70611 100644 GIT binary patch literal 119 zcmeAuWnmEGV2~A4WLfog{lPSgqq_q<_I=`aeB0d=_XM>Ft}uDyFj?{IRYr#O&aXD5>`ar0nX*ao@7~P@ VyzP4a?T;@yRMkJPE7E?=2LL+&GjIR^ literal 287 zcmV+)0pR|L0UQJX0SEvF1p-tBi(mi>2@r-0f4egH5uHjB2mfuZb|o^T?25CXZOj$3 zojh8T4&Ud#bC?p`Un@nxu;KE7q~Z=^G}bZ5cPluy5u<0XYnCK|wK@_>~GsSrDftv6?f4RP{;mU#QB6)VvrbnH1{063hj!L+ z^`fYWXPvwc{k4%RuxT)vB0w*>g?2w2OF*5jEyqH)!?e7#1S)v(#*uHQBda&BxlbwSB%0X4Z^TcQwW&eX`Jfeh0Xu~ diff --git a/static/FIDO/yubico-metadata.json b/static/FIDO/yubico-metadata.json index a654e2622..53343e75e 100644 --- a/static/FIDO/yubico-metadata.json +++ b/static/FIDO/yubico-metadata.json @@ -7,7 +7,8 @@ "name": "Yubico" }, "trustedCertificates": [ - "-----BEGIN CERTIFICATE-----\nMIIDHjCCAgagAwIBAgIEG1BT9zANBgkqhkiG9w0BAQsFADAuMSwwKgYDVQQDEyNZ\ndWJpY28gVTJGIFJvb3QgQ0EgU2VyaWFsIDQ1NzIwMDYzMTAgFw0xNDA4MDEwMDAw\nMDBaGA8yMDUwMDkwNDAwMDAwMFowLjEsMCoGA1UEAxMjWXViaWNvIFUyRiBSb290\nIENBIFNlcmlhbCA0NTcyMDA2MzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\nAoIBAQC/jwYuhBVlqaiYWEMsrWFisgJ+PtM91eSrpI4TK7U53mwCIawSDHy8vUmk\n5N2KAj9abvT9NP5SMS1hQi3usxoYGonXQgfO6ZXyUA9a+KAkqdFnBnlyugSeCOep\n8EdZFfsaRFtMjkwz5Gcz2Py4vIYvCdMHPtwaz0bVuzneueIEz6TnQjE63Rdt2zbw\nnebwTG5ZybeWSwbzy+BJ34ZHcUhPAY89yJQXuE0IzMZFcEBbPNRbWECRKgjq//qT\n9nmDOFVlSRCt2wiqPSzluwn+v+suQEBsUjTGMEd25tKXXTkNW21wIWbxeSyUoTXw\nLvGS6xlwQSgNpk2qXYwf8iXg7VWZAgMBAAGjQjBAMB0GA1UdDgQWBBQgIvz0bNGJ\nhjgpToksyKpP9xv9oDAPBgNVHRMECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBBjAN\nBgkqhkiG9w0BAQsFAAOCAQEAjvjuOMDSa+JXFCLyBKsycXtBVZsJ4Ue3LbaEsPY4\nMYN/hIQ5ZM5p7EjfcnMG4CtYkNsfNHc0AhBLdq45rnT87q/6O3vUEtNMafbhU6kt\nhX7Y+9XFN9NpmYxr+ekVY5xOxi8h9JDIgoMP4VB1uS0aunL1IGqrNooL9mmFnL2k\nLVVee6/VR6C5+KSTCMCWppMuJIZII2v9o4dkoZ8Y7QRjQlLfYzd3qGtKbw7xaF1U\nsG/5xUb/Btwb2X2g4InpiB/yt/3CpQXpiWX/K4mBvUKiGn05ZsqeY1gx4g0xLBqc\nU9psmyPzK+Vsgw2jeRQ5JlKDyqE0hebfC1tvFu0CCrJFcw==\n-----END CERTIFICATE-----" + "-----BEGIN CERTIFICATE-----\nMIIDHjCCAgagAwIBAgIEG1BT9zANBgkqhkiG9w0BAQsFADAuMSwwKgYDVQQDEyNZ\ndWJpY28gVTJGIFJvb3QgQ0EgU2VyaWFsIDQ1NzIwMDYzMTAgFw0xNDA4MDEwMDAw\nMDBaGA8yMDUwMDkwNDAwMDAwMFowLjEsMCoGA1UEAxMjWXViaWNvIFUyRiBSb290\nIENBIFNlcmlhbCA0NTcyMDA2MzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\nAoIBAQC/jwYuhBVlqaiYWEMsrWFisgJ+PtM91eSrpI4TK7U53mwCIawSDHy8vUmk\n5N2KAj9abvT9NP5SMS1hQi3usxoYGonXQgfO6ZXyUA9a+KAkqdFnBnlyugSeCOep\n8EdZFfsaRFtMjkwz5Gcz2Py4vIYvCdMHPtwaz0bVuzneueIEz6TnQjE63Rdt2zbw\nnebwTG5ZybeWSwbzy+BJ34ZHcUhPAY89yJQXuE0IzMZFcEBbPNRbWECRKgjq//qT\n9nmDOFVlSRCt2wiqPSzluwn+v+suQEBsUjTGMEd25tKXXTkNW21wIWbxeSyUoTXw\nLvGS6xlwQSgNpk2qXYwf8iXg7VWZAgMBAAGjQjBAMB0GA1UdDgQWBBQgIvz0bNGJ\nhjgpToksyKpP9xv9oDAPBgNVHRMECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBBjAN\nBgkqhkiG9w0BAQsFAAOCAQEAjvjuOMDSa+JXFCLyBKsycXtBVZsJ4Ue3LbaEsPY4\nMYN/hIQ5ZM5p7EjfcnMG4CtYkNsfNHc0AhBLdq45rnT87q/6O3vUEtNMafbhU6kt\nhX7Y+9XFN9NpmYxr+ekVY5xOxi8h9JDIgoMP4VB1uS0aunL1IGqrNooL9mmFnL2k\nLVVee6/VR6C5+KSTCMCWppMuJIZII2v9o4dkoZ8Y7QRjQlLfYzd3qGtKbw7xaF1U\nsG/5xUb/Btwb2X2g4InpiB/yt/3CpQXpiWX/K4mBvUKiGn05ZsqeY1gx4g0xLBqc\nU9psmyPzK+Vsgw2jeRQ5JlKDyqE0hebfC1tvFu0CCrJFcw==\n-----END CERTIFICATE-----", + "-----BEGIN CERTIFICATE-----\nMIIDMzCCAhugAwIBAgIUSOEjTf//yqRfPW7Qq8qtIyCrAg8wDQYJKoZIhvcNAQEL\nBQAwLzEtMCsGA1UEAwwkWXViaWNvIEZJRE8gUm9vdCBDQSBTZXJpYWwgNDUwMjAz\nNTU2MCAXDTI0MDUwMTAwMDAwMFoYDzIwNjAwNDMwMDAwMDAwWjAvMS0wKwYDVQQD\nDCRZdWJpY28gRklETyBSb290IENBIFNlcmlhbCA0NTAyMDM1NTYwggEiMA0GCSqG\nSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdvl27w2gu1fPXeEFbIdqx0BalvVDVWrQP\nJ7HqviuEtZHlxSLxSFtcXpTolvLvof8f4tMerQTkVGzcmYzm1EBT4IJuMmoEqfkE\nEhWpsADMFrjZkqlZY9EqxQzLoVEEonE5oGxSdVCxCcLIackpyR/CCXvj1Bt/hTgE\n9hTlF4pRqxMkx3plF7y8dDZlRHWs7vbnhmBCGeI0ZPEQ6nl2mCg2r74adF2u6K9r\nrLfhBC3QLE8EPrgqUsI+hkuq2tK4M2SMOp8uUVVkqUeu3h0kr3WVI0W02pkgrOgi\nFKLFNkSrbYhdjMBDj5izmqfc9xJRKoDX612qd8ZGVHpT5AYFX+1hAgMBAAGjRTBD\nMB0GA1UdDgQWBBTZyU5DiQ/a2UEgE7qBK0zhIsRNRjASBgNVHRMBAf8ECDAGAQH/\nAgEAMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAXvnB4SLuUJfY\nMSVGAhssL/SmWli3FSccgxydvKlACcidIIWKQqa3q/QSUEQzC9DgEfMgr7iC1BkT\nZbILboV6UZ5knNsvjEZWuMeogJ8tgZs1hVvKwZizwJ+mEcmsjhIrBYuoL1T6yrOJ\nvKFg1jv+Cy4ZwA9Bpk/V3UOir1VyK8dCtyHu6vfosotAdYx8FAuR243gRTMV6Jx8\nJdig2JDIAQMlzVeDpSUHX/K2HXRHxHwfgjbgUjjBu/72r8OfehyhzHXI3K8CFFdf\nlO+8nEOJK3y8F1ivgS5uN/8SmcYw/STQYwhrxPuwz3nP8baMum4BB2nnYmpB60sX\n3bl5k8QUSw==\n-----END CERTIFICATE-----" ], "devices": [ { From 6f108441bddf5893631d348d4f72b07f605e1569 Mon Sep 17 00:00:00 2001 From: Emil Lundberg Date: Wed, 12 Jun 2024 15:05:00 +0200 Subject: [PATCH 3/4] Merge preview certs into one file --- content/.htaccess | 6 +- .../U2F/Attestation_and_Metadata/index.adoc | 2 +- static/FIDO/fido-preview-ca-cert-2019.pem | 19 ------ static/FIDO/fido-preview-ca-cert-2023.pem | 19 ------ static/FIDO/fido-preview-ca-cert.pem | 19 ------ static/FIDO/yubico-fido-preview-ca-certs.pem | 57 ++++++++++++++++++ .../FIDO/yubico-fido-preview-ca-certs.pem.sig | Bin 0 -> 119 bytes 7 files changed, 61 insertions(+), 61 deletions(-) delete mode 100644 static/FIDO/fido-preview-ca-cert-2019.pem delete mode 100644 static/FIDO/fido-preview-ca-cert-2023.pem delete mode 100644 static/FIDO/fido-preview-ca-cert.pem create mode 100644 static/FIDO/yubico-fido-preview-ca-certs.pem create mode 100644 static/FIDO/yubico-fido-preview-ca-certs.pem.sig diff --git a/content/.htaccess b/content/.htaccess index 066d57172..647cbd323 100644 --- a/content/.htaccess +++ b/content/.htaccess @@ -27,9 +27,9 @@ RewriteRule ^U2F/Images/YK5Ci.png$ FIDO/Images/YK5Ci.png [L,R=301] RewriteRule ^U2F/Images/YK5NFC-CNFC.png$ FIDO/Images/YK5NFC-CNFC.png [L,R=301] RewriteRule ^U2F/Images/YKE.png$ FIDO/Images/YKE.png [L,R=301] RewriteRule ^U2F/Images/yubico.png$ FIDO/Images/yubico.png [L,R=301] -RewriteRule ^U2F/fido-preview-ca-cert-2019.pem$ FIDO/fido-preview-ca-cert-2019.pem [L,R=301] -RewriteRule ^U2F/fido-preview-ca-cert-2023.pem$ FIDO/fido-preview-ca-cert-2023.pem [L,R=301] -RewriteRule ^U2F/fido-preview-ca-cert.pem$ FIDO/fido-preview-ca-cert.pem [L,R=301] +RewriteRule ^U2F/fido-preview-ca-cert-2019.pem$ FIDO/yubico-fido-preview-ca-certs.pem [L,R=301] +RewriteRule ^U2F/fido-preview-ca-cert-2023.pem$ FIDO/yubico-fido-preview-ca-certs.pem [L,R=301] +RewriteRule ^U2F/fido-preview-ca-cert.pem$ FIDO/yubico-fido-preview-ca-certs.pem [L,R=301] RewriteRule ^U2F/yubico-metadata.json$ FIDO/yubico-metadata.json [L,R=301] RewriteRule ^U2F/yubico-u2f-ca-1.pem$ FIDO/yubico-fido-ca-1.pem [L,R=301] RewriteRule ^U2F/yubico-u2f-ca-certs.txt$ FIDO/yubico-fido-ca-certs.txt [L,R=301] diff --git a/content/U2F/Attestation_and_Metadata/index.adoc b/content/U2F/Attestation_and_Metadata/index.adoc index bceff6077..36f6e17a0 100644 --- a/content/U2F/Attestation_and_Metadata/index.adoc +++ b/content/U2F/Attestation_and_Metadata/index.adoc @@ -15,7 +15,7 @@ validated. In Yubico's case, all our attestation certificates are signed by link:/FIDO/yubico-fido-ca-certs.txt[our root CA]. The same attestation certificate is used for both U2F and WebAuthn. NOTE: If you have a YubiKey Preview device, the attestation certificate will -instead be signed by our link:/FIDO/fido-preview-ca-cert-2023.pem[2023Yubico FIDO Preview CA] or link:/FIDO/fido-preview-ca-cert.pem[Yubico FIDO Preview CA (prior to 2023)]. +instead be signed by one of our link:/FIDO/yubico-fido-preview-ca-certs.pem[FIDO Preview CAs]. === Yubico's metadata format diff --git a/static/FIDO/fido-preview-ca-cert-2019.pem b/static/FIDO/fido-preview-ca-cert-2019.pem deleted file mode 100644 index 8c6bf0320..000000000 --- a/static/FIDO/fido-preview-ca-cert-2019.pem +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDGDCCAgCgAwIBAgIJAOklWRaQTVDkMA0GCSqGSIb3DQEBCwUAMCExHzAdBgNV -BAMMFll1YmljbyBGSURPIFByZXZpZXcgQ0EwHhcNMTkwMjE4MTIxMzA4WhcNMjAw -MjE4MTIxMzA4WjAhMR8wHQYDVQQDDBZZdWJpY28gRklETyBQcmV2aWV3IENBMIIB -IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvKl/0EJyrD0nmaiU2VZrJl1 -EcJgBUrmzD4htni4ndcMJ4kXd0YMVoXZfBb684yghChJMTyJECcSE2qcdH1qZ8Cb -+yGDpxUtghzHWCQ63I1/Q3MeX1GmF6YhqxL5cVeY93a0EbXU8S7HU5ttzKVc+wh0 -ufx6KqmwYUWOV38E28GQyWSKimdB15XG6ASen5GRa5opPdg+NORORuC7tVL80TbV -KvQs2yYKJt0Pp5ZB2hEBS9QS0AuJgitQtEA96yzUSAib0unMRXhvK7reMTA+dVFZ -e5is2HaKe55OQY+TlEkfUJF697HAT4oUFfyyG9uebi4WWqdFtfijaeyu1Mi3OwID -AQABo1MwUTAdBgNVHQ4EFgQUEigaujrPSYpIIPDJc/HrqhEpG0swHwYDVR0jBBgw -FoAUEigaujrPSYpIIPDJc/HrqhEpG0swDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG -9w0BAQsFAAOCAQEAYKOQsm46ysWVP/iv4Xj5EnHuQizOhPgmp9REoKVg/i4lhaqY -293WzUsyRIdWVEFCpNWT3dTeaWm99n62bUSb0JtqU4+SGeMau3B7GiShmRbN7lLx -z/By7KPqICYncLrKLukUCu6S6g4U6sPbDZRcxm8LYhR9DTxHuSxyb3gthFhxptBj -Riceh8yGw4Ic649quLwqZ6dzgcEe9YqiWkLtAhrNWjxGRIayi3fuMGewCRfnHb0K -bdRpjYMJSczrN5Wu5Dx+HIagOHLXsY6xbyh8bOimeoeQDbOpsUffILTXKs57QoHF -tuCnuu0rEp9SIguG51IrUokbMFnUxMdfEkXrgA== ------END CERTIFICATE----- diff --git a/static/FIDO/fido-preview-ca-cert-2023.pem b/static/FIDO/fido-preview-ca-cert-2023.pem deleted file mode 100644 index a48fe804d..000000000 --- a/static/FIDO/fido-preview-ca-cert-2023.pem +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDKjCCAhKgAwIBAgIUef+VvHkcTQnED++wJM/IxzSULk0wDQYJKoZIhvcNAQEL -BQAwJjEkMCIGA1UEAwwbWXViaWNvIDIwMjMgRklETyBQcmV2aWV3IENBMB4XDTIz -MDkyNTExMzI0MVoXDTI0MTIzMTExMzI0MVowJjEkMCIGA1UEAwwbWXViaWNvIDIw -MjMgRklETyBQcmV2aWV3IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC -AQEAouFMTOKaE0YtexOoisSxp+Ebi5IA4esEScx16lzQdqV6/eZ82KtJeNXEuNkB -VZDpc32gStuxLBH8mgsoHBFai2DkjfBn5qbwR/c5+snlwZvjgVA0hzKw9CwAeAwR -D5krWt88/CVyCkMcgLSGwZs/rj7F/Ls3Ebg7MqLbbQJ9CozbbLdJUYIHcPpSZPto -MrZb4Gvni6iVS9UvCKgpqc6LGRmoYGG4ZR3lGJ/XQZfu+GeJW67iimMj/yoXOwxu -cxivZHFk6cQSgwuwioeNm4wvk83LhSuWctf2kAyQcZ7kUnpNee+d4MgrmGU4XMFL -iTgutaB+e9V8d5JTkUOHiLztkQIDAQABo1AwTjAdBgNVHQ4EFgQUM5SB5bHrV+jp -IOMdJl7u7bcnTY8wHwYDVR0jBBgwFoAUM5SB5bHrV+jpIOMdJl7u7bcnTY8wDAYD -VR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEACowR3KTLfidJyQFNqEFfUrfZ -9aa9egpOQtNRJdLStJ6xu2WfLwvG4ojGJlBKNnfa5DIcyQYf/8qJ4eliAVeNXuYm -eMmgNgZZyuY6G1yWCD2V3sD6Z4uj3SbaDOHj3gHvszgQhrhT1h/puHQkn6+hYKAp -77kM7Ic6AZ/RFbjpmLLk2D0sE1lzT/02i+Bh7M8smaiDZ9++JGzxeSun8W1HleZU -m2qKGmRa4XPdryT7x6KGUGnU4a3bpUmVeY9rQ/sfMd5ZToo+3unFWDzoVV2vNu8+ -+VLC9zo40FaKQLr9VAJDJ4yLENR7KrmV8L0cCXKJGZWAWtG5RGTmHIhd+nB41g== ------END CERTIFICATE----- diff --git a/static/FIDO/fido-preview-ca-cert.pem b/static/FIDO/fido-preview-ca-cert.pem deleted file mode 100644 index 1e4f9c68a..000000000 --- a/static/FIDO/fido-preview-ca-cert.pem +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDHzCCAgegAwIBAgIJANpqD52TOTusMA0GCSqGSIb3DQEBCwUAMCYxJDAiBgNV -BAMMG1l1YmljbyBGSURPIFByZXZpZXcgQ0EgMjAyMDAeFw0yMDA4MzExODE3MTFa -Fw0yMTEyMzExODE3MTFaMCYxJDAiBgNVBAMMG1l1YmljbyBGSURPIFByZXZpZXcg -Q0EgMjAyMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOGBLtBmUPJQ -ACQWVEeBxezRgZdqGMP6eTrPty8yvM9xA+j/X4g2lRNMF9a0jw3BjkWSsoWJjYTu -zevGMg2rb9M5qqd/OD498OAk6UEtMybr162CO2wB8Sn2nzfzUdbwZT4dxl251lfX -5JsZVTyJduhlJzbKGetL3JMmCApetSO0xccGSIV9GUoJm78KlQO6smSDAkRFxJ8P -g8bE449qiIqP/K10uReu66UCWdaoXCKqRd5ikbU+6igJFHZz94UBPrsglcY0Fq03 -nrBBvrpEzGnisB/43E9Itjr9ULV4PQQmiuWMcIPmFP1jTNgKKnXZsxe114B/zB3U -xhIB29rRopECAwEAAaNQME4wHQYDVR0OBBYEFALvouKDUnhjGxURR+M1K1mMiBt7 -MB8GA1UdIwQYMBaAFALvouKDUnhjGxURR+M1K1mMiBt7MAwGA1UdEwQFMAMBAf8w -DQYJKoZIhvcNAQELBQADggEBAEO48A+c+1Eac7ZYJvBs3jA40qVhEKeEy2i+JiAf -wuGzcfMUk/4oCZ5V5WDLzGhaScbMLEoVMqxHFUFXI1kU9PNVonygwY0xVs3mNqlC -JM+LZ2QtxGqCrDGxMPAluvsFhr1mMaHk7eCzkJAhhpvUaG9F07jmo5U7HfFyQr0w -QxSiUg5nmjXFgkcui2pMfOeKBddBy7Oc6uheCRyPzOKdYekgbZPrNZ/2OnhJqQ/6 -Sq9Khz6h99AmUpMYUiua0mzFoSnFkyERL0S4h/bbZlSEeCiJCxFEDBZB4ZgOsORL -2DHLjkTnePgs9bjVp3lVelIplqi+K6O+MmMlYFrOOewa5a4= ------END CERTIFICATE----- diff --git a/static/FIDO/yubico-fido-preview-ca-certs.pem b/static/FIDO/yubico-fido-preview-ca-certs.pem new file mode 100644 index 000000000..32714cfb0 --- /dev/null +++ b/static/FIDO/yubico-fido-preview-ca-certs.pem @@ -0,0 +1,57 @@ +-----BEGIN CERTIFICATE----- +MIIDGDCCAgCgAwIBAgIJAOklWRaQTVDkMA0GCSqGSIb3DQEBCwUAMCExHzAdBgNV +BAMMFll1YmljbyBGSURPIFByZXZpZXcgQ0EwHhcNMTkwMjE4MTIxMzA4WhcNMjAw +MjE4MTIxMzA4WjAhMR8wHQYDVQQDDBZZdWJpY28gRklETyBQcmV2aWV3IENBMIIB +IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvKl/0EJyrD0nmaiU2VZrJl1 +EcJgBUrmzD4htni4ndcMJ4kXd0YMVoXZfBb684yghChJMTyJECcSE2qcdH1qZ8Cb ++yGDpxUtghzHWCQ63I1/Q3MeX1GmF6YhqxL5cVeY93a0EbXU8S7HU5ttzKVc+wh0 +ufx6KqmwYUWOV38E28GQyWSKimdB15XG6ASen5GRa5opPdg+NORORuC7tVL80TbV +KvQs2yYKJt0Pp5ZB2hEBS9QS0AuJgitQtEA96yzUSAib0unMRXhvK7reMTA+dVFZ +e5is2HaKe55OQY+TlEkfUJF697HAT4oUFfyyG9uebi4WWqdFtfijaeyu1Mi3OwID +AQABo1MwUTAdBgNVHQ4EFgQUEigaujrPSYpIIPDJc/HrqhEpG0swHwYDVR0jBBgw +FoAUEigaujrPSYpIIPDJc/HrqhEpG0swDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG +9w0BAQsFAAOCAQEAYKOQsm46ysWVP/iv4Xj5EnHuQizOhPgmp9REoKVg/i4lhaqY +293WzUsyRIdWVEFCpNWT3dTeaWm99n62bUSb0JtqU4+SGeMau3B7GiShmRbN7lLx +z/By7KPqICYncLrKLukUCu6S6g4U6sPbDZRcxm8LYhR9DTxHuSxyb3gthFhxptBj +Riceh8yGw4Ic649quLwqZ6dzgcEe9YqiWkLtAhrNWjxGRIayi3fuMGewCRfnHb0K +bdRpjYMJSczrN5Wu5Dx+HIagOHLXsY6xbyh8bOimeoeQDbOpsUffILTXKs57QoHF +tuCnuu0rEp9SIguG51IrUokbMFnUxMdfEkXrgA== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIDHzCCAgegAwIBAgIJANpqD52TOTusMA0GCSqGSIb3DQEBCwUAMCYxJDAiBgNV +BAMMG1l1YmljbyBGSURPIFByZXZpZXcgQ0EgMjAyMDAeFw0yMDA4MzExODE3MTFa +Fw0yMTEyMzExODE3MTFaMCYxJDAiBgNVBAMMG1l1YmljbyBGSURPIFByZXZpZXcg +Q0EgMjAyMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOGBLtBmUPJQ +ACQWVEeBxezRgZdqGMP6eTrPty8yvM9xA+j/X4g2lRNMF9a0jw3BjkWSsoWJjYTu +zevGMg2rb9M5qqd/OD498OAk6UEtMybr162CO2wB8Sn2nzfzUdbwZT4dxl251lfX +5JsZVTyJduhlJzbKGetL3JMmCApetSO0xccGSIV9GUoJm78KlQO6smSDAkRFxJ8P +g8bE449qiIqP/K10uReu66UCWdaoXCKqRd5ikbU+6igJFHZz94UBPrsglcY0Fq03 +nrBBvrpEzGnisB/43E9Itjr9ULV4PQQmiuWMcIPmFP1jTNgKKnXZsxe114B/zB3U +xhIB29rRopECAwEAAaNQME4wHQYDVR0OBBYEFALvouKDUnhjGxURR+M1K1mMiBt7 +MB8GA1UdIwQYMBaAFALvouKDUnhjGxURR+M1K1mMiBt7MAwGA1UdEwQFMAMBAf8w +DQYJKoZIhvcNAQELBQADggEBAEO48A+c+1Eac7ZYJvBs3jA40qVhEKeEy2i+JiAf +wuGzcfMUk/4oCZ5V5WDLzGhaScbMLEoVMqxHFUFXI1kU9PNVonygwY0xVs3mNqlC +JM+LZ2QtxGqCrDGxMPAluvsFhr1mMaHk7eCzkJAhhpvUaG9F07jmo5U7HfFyQr0w +QxSiUg5nmjXFgkcui2pMfOeKBddBy7Oc6uheCRyPzOKdYekgbZPrNZ/2OnhJqQ/6 +Sq9Khz6h99AmUpMYUiua0mzFoSnFkyERL0S4h/bbZlSEeCiJCxFEDBZB4ZgOsORL +2DHLjkTnePgs9bjVp3lVelIplqi+K6O+MmMlYFrOOewa5a4= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIDKjCCAhKgAwIBAgIUef+VvHkcTQnED++wJM/IxzSULk0wDQYJKoZIhvcNAQEL +BQAwJjEkMCIGA1UEAwwbWXViaWNvIDIwMjMgRklETyBQcmV2aWV3IENBMB4XDTIz +MDkyNTExMzI0MVoXDTI0MTIzMTExMzI0MVowJjEkMCIGA1UEAwwbWXViaWNvIDIw +MjMgRklETyBQcmV2aWV3IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC +AQEAouFMTOKaE0YtexOoisSxp+Ebi5IA4esEScx16lzQdqV6/eZ82KtJeNXEuNkB +VZDpc32gStuxLBH8mgsoHBFai2DkjfBn5qbwR/c5+snlwZvjgVA0hzKw9CwAeAwR +D5krWt88/CVyCkMcgLSGwZs/rj7F/Ls3Ebg7MqLbbQJ9CozbbLdJUYIHcPpSZPto +MrZb4Gvni6iVS9UvCKgpqc6LGRmoYGG4ZR3lGJ/XQZfu+GeJW67iimMj/yoXOwxu +cxivZHFk6cQSgwuwioeNm4wvk83LhSuWctf2kAyQcZ7kUnpNee+d4MgrmGU4XMFL +iTgutaB+e9V8d5JTkUOHiLztkQIDAQABo1AwTjAdBgNVHQ4EFgQUM5SB5bHrV+jp +IOMdJl7u7bcnTY8wHwYDVR0jBBgwFoAUM5SB5bHrV+jpIOMdJl7u7bcnTY8wDAYD +VR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEACowR3KTLfidJyQFNqEFfUrfZ +9aa9egpOQtNRJdLStJ6xu2WfLwvG4ojGJlBKNnfa5DIcyQYf/8qJ4eliAVeNXuYm +eMmgNgZZyuY6G1yWCD2V3sD6Z4uj3SbaDOHj3gHvszgQhrhT1h/puHQkn6+hYKAp +77kM7Ic6AZ/RFbjpmLLk2D0sE1lzT/02i+Bh7M8smaiDZ9++JGzxeSun8W1HleZU +m2qKGmRa4XPdryT7x6KGUGnU4a3bpUmVeY9rQ/sfMd5ZToo+3unFWDzoVV2vNu8+ ++VLC9zo40FaKQLr9VAJDJ4yLENR7KrmV8L0cCXKJGZWAWtG5RGTmHIhd+nB41g== +-----END CERTIFICATE----- diff --git a/static/FIDO/yubico-fido-preview-ca-certs.pem.sig b/static/FIDO/yubico-fido-preview-ca-certs.pem.sig new file mode 100644 index 0000000000000000000000000000000000000000..731c6ddd43dc41bc03c208ef77265d8fc40c91a1 GIT binary patch literal 119 zcmeAuWnmEGV2~A4WLfog{lPSgqq_q<_I=`aeH;G zA2<6GdqYLUr8#l8?q|KqQ-UdXq^tfc5!?P`@vO`9)-wEeZTeYg_AGT)UFsT@ef&SJ WBwQ$BzO{<=!t%T9yVd93WCZ{eUN_DF literal 0 HcmV?d00001 From 789440a4168b99426337d29f4321b1d1c657bbd0 Mon Sep 17 00:00:00 2001 From: Emil Lundberg Date: Tue, 2 Jul 2024 17:43:48 +0200 Subject: [PATCH 4/4] Add missing 2018 preview cert --- static/FIDO/yubico-fido-preview-ca-certs.pem | 19 ++++++++++++++++++ .../FIDO/yubico-fido-preview-ca-certs.pem.sig | Bin 119 -> 119 bytes 2 files changed, 19 insertions(+) diff --git a/static/FIDO/yubico-fido-preview-ca-certs.pem b/static/FIDO/yubico-fido-preview-ca-certs.pem index 32714cfb0..efaf6ad5f 100644 --- a/static/FIDO/yubico-fido-preview-ca-certs.pem +++ b/static/FIDO/yubico-fido-preview-ca-certs.pem @@ -1,4 +1,23 @@ -----BEGIN CERTIFICATE----- +MIIDFTCCAf2gAwIBAgIJAIzS8dv4tdTGMA0GCSqGSIb3DQEBCwUAMCExHzAdBgNV +BAMMFll1YmljbyBGSURPIFByZXZpZXcgQ0EwHhcNMTgwNDEyMTA1NzEwWhcNMTgx +MjMxMTA1NzEwWjAhMR8wHQYDVQQDDBZZdWJpY28gRklETyBQcmV2aWV3IENBMIIB +IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvKl/0EJyrD0nmaiU2VZrJl1 +EcJgBUrmzD4htni4ndcMJ4kXd0YMVoXZfBb684yghChJMTyJECcSE2qcdH1qZ8Cb ++yGDpxUtghzHWCQ63I1/Q3MeX1GmF6YhqxL5cVeY93a0EbXU8S7HU5ttzKVc+wh0 +ufx6KqmwYUWOV38E28GQyWSKimdB15XG6ASen5GRa5opPdg+NORORuC7tVL80TbV +KvQs2yYKJt0Pp5ZB2hEBS9QS0AuJgitQtEA96yzUSAib0unMRXhvK7reMTA+dVFZ +e5is2HaKe55OQY+TlEkfUJF697HAT4oUFfyyG9uebi4WWqdFtfijaeyu1Mi3OwID +AQABo1AwTjAdBgNVHQ4EFgQUEigaujrPSYpIIPDJc/HrqhEpG0swHwYDVR0jBBgw +FoAUEigaujrPSYpIIPDJc/HrqhEpG0swDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0B +AQsFAAOCAQEAfZRhQFeG0UY9RWX368Tr9osv5Mb5WQJWOhfS46ScfVfwxMWVSeau +eaCI4Z/SQsfNq/j8mN2/EBLy6+298W4NW3U+KbEXKtG3xe+oszhErPHv8REOokFr +S+uougF7u9iBuqV2cTB/o7BT86JWW4ea1apL6s9lG0iEOHGq1cxtiHn33VkNYRaF +osDQcXOwa4/PRUM1DjaiQ7Pl0xTQ1DwMkuxDkzU3e/qgkrECXwhnm0X0DTe5Dz47 +/+LfxGturIO1yVc4tpe30SB6MdiAo6sz3P5K1RI4EhVZhlAYAP/nxcEnMYXYW7n1 +wBsWwEL9uTBsIg631DNZ5cunuWc+sWJ0fw== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- MIIDGDCCAgCgAwIBAgIJAOklWRaQTVDkMA0GCSqGSIb3DQEBCwUAMCExHzAdBgNV BAMMFll1YmljbyBGSURPIFByZXZpZXcgQ0EwHhcNMTkwMjE4MTIxMzA4WhcNMjAw MjE4MTIxMzA4WjAhMR8wHQYDVQQDDBZZdWJpY28gRklETyBQcmV2aWV3IENBMIIB diff --git a/static/FIDO/yubico-fido-preview-ca-certs.pem.sig b/static/FIDO/yubico-fido-preview-ca-certs.pem.sig index 731c6ddd43dc41bc03c208ef77265d8fc40c91a1..b0c5c06dfd561748409b17181bf65ef05a0fe598 100644 GIT binary patch delta 90 zcmV-g0HyzTcaS1ggdisX3JDMoN9Gihskr6URsj7S3Ap^@aI*DZlQ&$nuR?&%WIT{