ASR_BASE
Change-Id: Icf3719cc0afe3eeb3edc7fa80a2eb5199ca9dda1
diff --git a/package/kernel/asr-wl/asr-hostapd/asr-hostapd-2023-06-22/eap_example/.gitignore b/package/kernel/asr-wl/asr-hostapd/asr-hostapd-2023-06-22/eap_example/.gitignore
new file mode 100644
index 0000000..4d6d2d1
--- /dev/null
+++ b/package/kernel/asr-wl/asr-hostapd/asr-hostapd-2023-06-22/eap_example/.gitignore
@@ -0,0 +1,4 @@
+*.d
+eap_example
+libeap.so
+libeap.a
diff --git a/package/kernel/asr-wl/asr-hostapd/asr-hostapd-2023-06-22/eap_example/Makefile b/package/kernel/asr-wl/asr-hostapd/asr-hostapd-2023-06-22/eap_example/Makefile
new file mode 100644
index 0000000..691466f
--- /dev/null
+++ b/package/kernel/asr-wl/asr-hostapd/asr-hostapd-2023-06-22/eap_example/Makefile
@@ -0,0 +1,119 @@
+ALL=eap_example
+
+include ../src/build.rules
+
+CFLAGS += -I.
+CFLAGS += -I../src
+CFLAGS += -I../src/utils
+
+
+EAP_LIBS += ../src/utils/libutils.a
+EAP_LIBS += ../src/crypto/libcrypto.a
+EAP_LIBS += ../src/tls/libtls.a
+
+OBJS_both += ../src/eap_common/eap_peap_common.o
+OBJS_both += ../src/eap_common/eap_psk_common.o
+OBJS_both += ../src/eap_common/eap_pax_common.o
+OBJS_both += ../src/eap_common/eap_sake_common.o
+OBJS_both += ../src/eap_common/eap_gpsk_common.o
+OBJS_both += ../src/eap_common/chap.o
+
+OBJS_peer += ../src/eap_peer/eap_tls.o
+OBJS_peer += ../src/eap_peer/eap_peap.o
+OBJS_peer += ../src/eap_peer/eap_ttls.o
+OBJS_peer += ../src/eap_peer/eap_md5.o
+OBJS_peer += ../src/eap_peer/eap_mschapv2.o
+OBJS_peer += ../src/eap_peer/mschapv2.o
+OBJS_peer += ../src/eap_peer/eap_otp.o
+OBJS_peer += ../src/eap_peer/eap_gtc.o
+OBJS_peer += ../src/eap_peer/eap_leap.o
+OBJS_peer += ../src/eap_peer/eap_psk.o
+OBJS_peer += ../src/eap_peer/eap_pax.o
+OBJS_peer += ../src/eap_peer/eap_sake.o
+OBJS_peer += ../src/eap_peer/eap_gpsk.o
+OBJS_peer += ../src/eap_peer/eap.o
+OBJS_peer += ../src/eap_common/eap_common.o
+OBJS_peer += ../src/eap_peer/eap_methods.o
+OBJS_peer += ../src/eap_peer/eap_tls_common.o
+
+CFLAGS += -DEAP_TLS
+CFLAGS += -DEAP_PEAP
+CFLAGS += -DEAP_TTLS
+CFLAGS += -DEAP_MD5
+CFLAGS += -DEAP_MSCHAPv2
+CFLAGS += -DEAP_GTC
+CFLAGS += -DEAP_OTP
+CFLAGS += -DEAP_LEAP
+CFLAGS += -DEAP_PSK
+CFLAGS += -DEAP_PAX
+CFLAGS += -DEAP_SAKE
+CFLAGS += -DEAP_GPSK -DEAP_GPSK_SHA256
+
+CFLAGS += -DEAP_SERVER_IDENTITY
+CFLAGS += -DEAP_SERVER_TLS
+CFLAGS += -DEAP_SERVER_PEAP
+CFLAGS += -DEAP_SERVER_TTLS
+CFLAGS += -DEAP_SERVER_MD5
+CFLAGS += -DEAP_SERVER_MSCHAPV2
+CFLAGS += -DEAP_SERVER_GTC
+CFLAGS += -DEAP_SERVER_PSK
+CFLAGS += -DEAP_SERVER_PAX
+CFLAGS += -DEAP_SERVER_SAKE
+CFLAGS += -DEAP_SERVER_GPSK -DEAP_SERVER_GPSK_SHA256
+
+CFLAGS += -DIEEE8021X_EAPOL
+
+
+# Optional components to add EAP server support
+OBJS_server += ../src/eap_server/eap_server_tls.o
+OBJS_server += ../src/eap_server/eap_server_peap.o
+OBJS_server += ../src/eap_server/eap_server_ttls.o
+OBJS_server += ../src/eap_server/eap_server_md5.o
+OBJS_server += ../src/eap_server/eap_server_mschapv2.o
+OBJS_server += ../src/eap_server/eap_server_gtc.o
+OBJS_server += ../src/eap_server/eap_server_psk.o
+OBJS_server += ../src/eap_server/eap_server_pax.o
+OBJS_server += ../src/eap_server/eap_server_sake.o
+OBJS_server += ../src/eap_server/eap_server_gpsk.o
+OBJS_server += ../src/eap_server/eap_server.o
+OBJS_server += ../src/eap_server/eap_server_identity.o
+OBJS_server += ../src/eap_server/eap_server_methods.o
+OBJS_server += ../src/eap_server/eap_server_tls_common.o
+CFLAGS += -DEAP_SERVER
+
+
+OBJS_lib=$(OBJS_both) $(OBJS_peer) $(OBJS_server)
+_OBJS_VAR := OBJS_lib
+include ../src/objs.mk
+
+OBJS_ex = eap_example.o eap_example_peer.o eap_example_server.o
+_OBJS_VAR := OBJS_ex
+include ../src/objs.mk
+
+_OBJS_VAR := EAP_LIBS
+include ../src/objs.mk
+
+
+ifneq ($(CONFIG_SOLIB), yes)
+LIBEAP = libeap.a
+libeap.a: $(EAP_LIBS) $(OBJS_lib)
+ $(AR) crT libeap.a $^
+ $(RANLIB) libeap.a
+
+else
+CFLAGS += -fPIC -DPIC
+LDFLAGS += -shared
+
+LIBEAP = libeap.so
+libeap.so: $(EAP_LIBS) $(OBJS_lib)
+ $(LDO) $(LDFLAGS) $^ -o $(LIBEAP)
+
+endif
+
+eap_example: $(OBJS_ex) $(LIBEAP)
+ $(LDO) $(LDFLAGS) -o eap_example $(OBJS_ex) -L. -leap $(LIBS)
+
+clean: common-clean
+ rm -f core *~ *.o *.d libeap.a libeap.so
+
+-include $(OBJS:%.o=%.d)
diff --git a/package/kernel/asr-wl/asr-hostapd/asr-hostapd-2023-06-22/eap_example/README b/package/kernel/asr-wl/asr-hostapd/asr-hostapd-2023-06-22/eap_example/README
new file mode 100644
index 0000000..0c2921e
--- /dev/null
+++ b/package/kernel/asr-wl/asr-hostapd/asr-hostapd-2023-06-22/eap_example/README
@@ -0,0 +1,42 @@
+EAP peer/server library and example program
+Copyright (c) 2007, Jouni Malinen <j@w1.fi>
+
+This software may be distributed under the terms of the BSD license.
+See the parent directory README for more details.
+
+
+The interfaces of the EAP server/peer implementation are based on RFC
+4137 (EAP State Machines). This RFC is coordinated with the state
+machines defined in IEEE 802.1X-2004. hostapd and wpa_supplicant
+include implementation of the IEEE 802.1X EAPOL state machines and the
+interface between them and EAP. However, the EAP implementation can be
+used with other protocols, too, by providing a compatible interface
+which maps the EAPOL<->EAP variables to another protocol.
+
+This directory contains an example showing how EAP peer and server
+code from wpa_supplicant and hostapd can be used as a library. The
+example program initializes both an EAP server and an EAP peer
+entities and then runs through an EAP-PEAP/MSCHAPv2 authentication.
+
+eap_example_peer.c shows the initialization and glue code needed to
+control the EAP peer implementation. eap_example_server.c does the
+same for EAP server. eap_example.c is an example that ties in both the
+EAP server and client parts to allow an EAP authentication to be
+shown.
+
+In this example, the EAP messages are passed between the server and
+the peer are passed by direct function calls within the same process.
+In practice, server and peer functionalities would likely reside in
+separate devices and the EAP messages would be transmitted between the
+devices based on an external protocol. For example, in IEEE 802.11
+uses IEEE 802.1X EAPOL state machines to control the transmission of
+EAP messages and WiMax supports optional PMK EAP authentication
+mechanism that transmits EAP messages as defined in IEEE 802.16e.
+
+
+The EAP library links in number of helper functions from src/utils and
+src/crypto directories. Most of these are suitable as-is, but it may
+be desirable to replace the debug output code in src/utils/wpa_debug.c
+by dropping this file from the library and re-implementing the
+functions there in a way that better fits in with the main
+application.
diff --git a/package/kernel/asr-wl/asr-hostapd/asr-hostapd-2023-06-22/eap_example/ca.pem b/package/kernel/asr-wl/asr-hostapd/asr-hostapd-2023-06-22/eap_example/ca.pem
new file mode 100644
index 0000000..b128893
--- /dev/null
+++ b/package/kernel/asr-wl/asr-hostapd/asr-hostapd-2023-06-22/eap_example/ca.pem
@@ -0,0 +1,55 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 15624081837803162817 (0xd8d3e3a6cbe3ccc1)
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=FI, O=w1.fi, CN=Root CA
+ Validity
+ Not Before: Jun 29 16:41:22 2013 GMT
+ Not After : Jun 27 16:41:22 2023 GMT
+ Subject: C=FI, O=w1.fi, CN=Root CA
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (1024 bit)
+ Modulus:
+ 00:be:1e:86:e4:79:03:c1:d1:94:d5:d4:b3:b1:28:
+ 90:76:fb:b8:a6:cd:6d:1c:d1:48:f4:08:9a:67:ff:
+ f9:a6:54:b1:19:29:df:29:1b:cd:f1:6f:66:01:e7:
+ db:79:ce:c0:39:2a:25:13:26:94:0c:2c:7b:5a:2c:
+ 81:0f:94:ee:51:d0:75:e6:46:db:17:46:a7:15:8b:
+ 0e:57:0f:b0:54:76:63:12:ca:86:18:bc:1a:c3:16:
+ c0:70:09:d6:6b:43:39:b8:98:29:46:ac:cb:6a:ad:
+ 38:88:3b:07:dc:81:cd:3a:f6:1d:f6:2f:ef:1d:d7:
+ ae:8a:b6:d1:e7:b3:15:02:b9
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Subject Key Identifier:
+ B8:92:DE:FD:8A:18:B3:30:C3:9F:55:F3:33:5D:B4:C8:29:8A:41:14
+ X509v3 Authority Key Identifier:
+ keyid:B8:92:DE:FD:8A:18:B3:30:C3:9F:55:F3:33:5D:B4:C8:29:8A:41:14
+
+ X509v3 Basic Constraints:
+ CA:TRUE
+ Signature Algorithm: sha1WithRSAEncryption
+ 1a:cf:77:60:44:43:c4:55:0e:99:e0:89:aa:b9:d3:7b:32:b7:
+ 5c:9c:7c:ca:fe:8c:d4:94:c6:5e:f3:83:19:5f:29:59:68:a4:
+ 4f:dc:04:2e:b8:71:c0:6d:3b:ae:01:e4:b9:88:99:cc:ce:82:
+ be:6a:28:c2:ac:6a:94:c6:87:90:ed:85:3c:10:71:c5:ff:3c:
+ 70:64:e2:41:62:31:ea:86:7b:11:8c:93:ea:c6:f3:f3:4e:f9:
+ d4:f2:81:90:d7:f4:fa:a1:91:6e:d4:dd:15:3e:26:3b:ac:1e:
+ c3:c2:1f:ed:bb:34:bf:cb:b2:67:c6:c6:51:e8:51:22:b4:f3:
+ 92:e8
+-----BEGIN CERTIFICATE-----
+MIICLDCCAZWgAwIBAgIJANjT46bL48zBMA0GCSqGSIb3DQEBBQUAMC8xCzAJBgNV
+BAYTAkZJMQ4wDAYDVQQKDAV3MS5maTEQMA4GA1UEAwwHUm9vdCBDQTAeFw0xMzA2
+MjkxNjQxMjJaFw0yMzA2MjcxNjQxMjJaMC8xCzAJBgNVBAYTAkZJMQ4wDAYDVQQK
+DAV3MS5maTEQMA4GA1UEAwwHUm9vdCBDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAw
+gYkCgYEAvh6G5HkDwdGU1dSzsSiQdvu4ps1tHNFI9AiaZ//5plSxGSnfKRvN8W9m
+Aefbec7AOSolEyaUDCx7WiyBD5TuUdB15kbbF0anFYsOVw+wVHZjEsqGGLwawxbA
+cAnWa0M5uJgpRqzLaq04iDsH3IHNOvYd9i/vHdeuirbR57MVArkCAwEAAaNQME4w
+HQYDVR0OBBYEFLiS3v2KGLMww59V8zNdtMgpikEUMB8GA1UdIwQYMBaAFLiS3v2K
+GLMww59V8zNdtMgpikEUMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEA
+Gs93YERDxFUOmeCJqrnTezK3XJx8yv6M1JTGXvODGV8pWWikT9wELrhxwG07rgHk
+uYiZzM6CvmoowqxqlMaHkO2FPBBxxf88cGTiQWIx6oZ7EYyT6sbz80751PKBkNf0
++qGRbtTdFT4mO6wew8If7bs0v8uyZ8bGUehRIrTzkug=
+-----END CERTIFICATE-----
diff --git a/package/kernel/asr-wl/asr-hostapd/asr-hostapd-2023-06-22/eap_example/dh.conf b/package/kernel/asr-wl/asr-hostapd/asr-hostapd-2023-06-22/eap_example/dh.conf
new file mode 100644
index 0000000..7bc8325
--- /dev/null
+++ b/package/kernel/asr-wl/asr-hostapd/asr-hostapd-2023-06-22/eap_example/dh.conf
@@ -0,0 +1,5 @@
+-----BEGIN DH PARAMETERS-----
+MIGHAoGBAP3V8IHq3H2DUlYywsvjYNuS17eCdt0mJo6/os6PHqdhgkMrPxF9u4Gr
+qKXq9e6GqmZYdjta30N3FkXaV924BJ0xOqb2TntiKg4u50/l6hSUneWt6UFBaizd
+XrqjNFIme/5RXMZ7RglXliBpCepAaFLMcKhOS4ulUyYYHSy+oqRjAgEC
+-----END DH PARAMETERS-----
diff --git a/package/kernel/asr-wl/asr-hostapd/asr-hostapd-2023-06-22/eap_example/eap_example.c b/package/kernel/asr-wl/asr-hostapd/asr-hostapd-2023-06-22/eap_example/eap_example.c
new file mode 100644
index 0000000..8a48cd3
--- /dev/null
+++ b/package/kernel/asr-wl/asr-hostapd/asr-hostapd-2023-06-22/eap_example/eap_example.c
@@ -0,0 +1,47 @@
+/*
+ * Example application showing how EAP peer and server code from
+ * wpa_supplicant/hostapd can be used as a library. This example program
+ * initializes both an EAP server and an EAP peer entities and then runs
+ * through an EAP-PEAP/MSCHAPv2 authentication.
+ * Copyright (c) 2007, Jouni Malinen <j@w1.fi>
+ *
+ * This software may be distributed under the terms of the BSD license.
+ * See README for more details.
+ */
+
+#include "includes.h"
+
+#include "common.h"
+
+
+int eap_example_peer_init(void);
+void eap_example_peer_deinit(void);
+int eap_example_peer_step(void);
+
+int eap_example_server_init(void);
+void eap_example_server_deinit(void);
+int eap_example_server_step(void);
+
+
+int main(int argc, char *argv[])
+{
+ int res_s, res_p;
+
+ wpa_debug_level = 0;
+
+ if (eap_example_peer_init() < 0 ||
+ eap_example_server_init() < 0)
+ return -1;
+
+ do {
+ printf("---[ server ]--------------------------------\n");
+ res_s = eap_example_server_step();
+ printf("---[ peer ]----------------------------------\n");
+ res_p = eap_example_peer_step();
+ } while (res_s || res_p);
+
+ eap_example_peer_deinit();
+ eap_example_server_deinit();
+
+ return 0;
+}
diff --git a/package/kernel/asr-wl/asr-hostapd/asr-hostapd-2023-06-22/eap_example/eap_example_peer.c b/package/kernel/asr-wl/asr-hostapd/asr-hostapd-2023-06-22/eap_example/eap_example_peer.c
new file mode 100644
index 0000000..5fe0cb7
--- /dev/null
+++ b/package/kernel/asr-wl/asr-hostapd/asr-hostapd-2023-06-22/eap_example/eap_example_peer.c
@@ -0,0 +1,377 @@
+/*
+ * Example application showing how EAP peer code from wpa_supplicant can be
+ * used as a library.
+ * Copyright (c) 2007, Jouni Malinen <j@w1.fi>
+ *
+ * This software may be distributed under the terms of the BSD license.
+ * See README for more details.
+ */
+
+#include "includes.h"
+
+#include "common.h"
+#include "eap_peer/eap.h"
+#include "eap_peer/eap_config.h"
+#include "wpabuf.h"
+
+void eap_example_server_rx(const u8 *data, size_t data_len);
+
+
+struct eap_peer_ctx {
+ bool eapSuccess;
+ bool eapRestart;
+ bool eapFail;
+ bool eapResp;
+ bool eapNoResp;
+ bool eapReq;
+ bool portEnabled;
+ bool altAccept; /* for EAP */
+ bool altReject; /* for EAP */
+ bool eapTriggerStart;
+
+ struct wpabuf *eapReqData; /* for EAP */
+
+ unsigned int idleWhile; /* for EAP state machine */
+
+ struct eap_peer_config eap_config;
+ struct eap_sm *eap;
+};
+
+
+static struct eap_peer_ctx eap_ctx;
+
+
+static struct eap_peer_config * peer_get_config(void *ctx)
+{
+ struct eap_peer_ctx *peer = ctx;
+ return &peer->eap_config;
+}
+
+
+static bool peer_get_bool(void *ctx, enum eapol_bool_var variable)
+{
+ struct eap_peer_ctx *peer = ctx;
+ if (peer == NULL)
+ return false;
+ switch (variable) {
+ case EAPOL_eapSuccess:
+ return peer->eapSuccess;
+ case EAPOL_eapRestart:
+ return peer->eapRestart;
+ case EAPOL_eapFail:
+ return peer->eapFail;
+ case EAPOL_eapResp:
+ return peer->eapResp;
+ case EAPOL_eapNoResp:
+ return peer->eapNoResp;
+ case EAPOL_eapReq:
+ return peer->eapReq;
+ case EAPOL_portEnabled:
+ return peer->portEnabled;
+ case EAPOL_altAccept:
+ return peer->altAccept;
+ case EAPOL_altReject:
+ return peer->altReject;
+ case EAPOL_eapTriggerStart:
+ return peer->eapTriggerStart;
+ }
+ return false;
+}
+
+
+static void peer_set_bool(void *ctx, enum eapol_bool_var variable, bool value)
+{
+ struct eap_peer_ctx *peer = ctx;
+ if (peer == NULL)
+ return;
+ switch (variable) {
+ case EAPOL_eapSuccess:
+ peer->eapSuccess = value;
+ break;
+ case EAPOL_eapRestart:
+ peer->eapRestart = value;
+ break;
+ case EAPOL_eapFail:
+ peer->eapFail = value;
+ break;
+ case EAPOL_eapResp:
+ peer->eapResp = value;
+ break;
+ case EAPOL_eapNoResp:
+ peer->eapNoResp = value;
+ break;
+ case EAPOL_eapReq:
+ peer->eapReq = value;
+ break;
+ case EAPOL_portEnabled:
+ peer->portEnabled = value;
+ break;
+ case EAPOL_altAccept:
+ peer->altAccept = value;
+ break;
+ case EAPOL_altReject:
+ peer->altReject = value;
+ break;
+ case EAPOL_eapTriggerStart:
+ peer->eapTriggerStart = value;
+ break;
+ }
+}
+
+
+static unsigned int peer_get_int(void *ctx, enum eapol_int_var variable)
+{
+ struct eap_peer_ctx *peer = ctx;
+ if (peer == NULL)
+ return 0;
+ switch (variable) {
+ case EAPOL_idleWhile:
+ return peer->idleWhile;
+ }
+ return 0;
+}
+
+
+static void peer_set_int(void *ctx, enum eapol_int_var variable,
+ unsigned int value)
+{
+ struct eap_peer_ctx *peer = ctx;
+ if (peer == NULL)
+ return;
+ switch (variable) {
+ case EAPOL_idleWhile:
+ peer->idleWhile = value;
+ break;
+ }
+}
+
+
+static struct wpabuf * peer_get_eapReqData(void *ctx)
+{
+ struct eap_peer_ctx *peer = ctx;
+ if (peer == NULL || peer->eapReqData == NULL)
+ return NULL;
+
+ return peer->eapReqData;
+}
+
+
+static void peer_set_config_blob(void *ctx, struct wpa_config_blob *blob)
+{
+ printf("TODO: %s\n", __func__);
+}
+
+
+static const struct wpa_config_blob *
+peer_get_config_blob(void *ctx, const char *name)
+{
+ printf("TODO: %s\n", __func__);
+ return NULL;
+}
+
+
+static void peer_notify_pending(void *ctx)
+{
+ printf("TODO: %s\n", __func__);
+}
+
+
+static int eap_peer_register_methods(void)
+{
+ int ret = 0;
+
+#ifdef EAP_MD5
+ if (ret == 0)
+ ret = eap_peer_md5_register();
+#endif /* EAP_MD5 */
+
+#ifdef EAP_TLS
+ if (ret == 0)
+ ret = eap_peer_tls_register();
+#endif /* EAP_TLS */
+
+#ifdef EAP_MSCHAPv2
+ if (ret == 0)
+ ret = eap_peer_mschapv2_register();
+#endif /* EAP_MSCHAPv2 */
+
+#ifdef EAP_PEAP
+ if (ret == 0)
+ ret = eap_peer_peap_register();
+#endif /* EAP_PEAP */
+
+#ifdef EAP_TTLS
+ if (ret == 0)
+ ret = eap_peer_ttls_register();
+#endif /* EAP_TTLS */
+
+#ifdef EAP_GTC
+ if (ret == 0)
+ ret = eap_peer_gtc_register();
+#endif /* EAP_GTC */
+
+#ifdef EAP_OTP
+ if (ret == 0)
+ ret = eap_peer_otp_register();
+#endif /* EAP_OTP */
+
+#ifdef EAP_SIM
+ if (ret == 0)
+ ret = eap_peer_sim_register();
+#endif /* EAP_SIM */
+
+#ifdef EAP_LEAP
+ if (ret == 0)
+ ret = eap_peer_leap_register();
+#endif /* EAP_LEAP */
+
+#ifdef EAP_PSK
+ if (ret == 0)
+ ret = eap_peer_psk_register();
+#endif /* EAP_PSK */
+
+#ifdef EAP_AKA
+ if (ret == 0)
+ ret = eap_peer_aka_register();
+#endif /* EAP_AKA */
+
+#ifdef EAP_AKA_PRIME
+ if (ret == 0)
+ ret = eap_peer_aka_prime_register();
+#endif /* EAP_AKA_PRIME */
+
+#ifdef EAP_FAST
+ if (ret == 0)
+ ret = eap_peer_fast_register();
+#endif /* EAP_FAST */
+
+#ifdef EAP_PAX
+ if (ret == 0)
+ ret = eap_peer_pax_register();
+#endif /* EAP_PAX */
+
+#ifdef EAP_SAKE
+ if (ret == 0)
+ ret = eap_peer_sake_register();
+#endif /* EAP_SAKE */
+
+#ifdef EAP_GPSK
+ if (ret == 0)
+ ret = eap_peer_gpsk_register();
+#endif /* EAP_GPSK */
+
+#ifdef EAP_WSC
+ if (ret == 0)
+ ret = eap_peer_wsc_register();
+#endif /* EAP_WSC */
+
+#ifdef EAP_IKEV2
+ if (ret == 0)
+ ret = eap_peer_ikev2_register();
+#endif /* EAP_IKEV2 */
+
+#ifdef EAP_VENDOR_TEST
+ if (ret == 0)
+ ret = eap_peer_vendor_test_register();
+#endif /* EAP_VENDOR_TEST */
+
+#ifdef EAP_TNC
+ if (ret == 0)
+ ret = eap_peer_tnc_register();
+#endif /* EAP_TNC */
+
+ return ret;
+}
+
+
+static struct eapol_callbacks eap_cb;
+static struct eap_config eap_conf;
+
+int eap_example_peer_init(void)
+{
+ if (eap_peer_register_methods() < 0)
+ return -1;
+
+ os_memset(&eap_ctx, 0, sizeof(eap_ctx));
+
+ eap_ctx.eap_config.identity = (u8 *) os_strdup("user");
+ eap_ctx.eap_config.identity_len = 4;
+ eap_ctx.eap_config.password = (u8 *) os_strdup("password");
+ eap_ctx.eap_config.password_len = 8;
+ eap_ctx.eap_config.cert.ca_cert = os_strdup("ca.pem");
+ eap_ctx.eap_config.fragment_size = 1398;
+
+ os_memset(&eap_cb, 0, sizeof(eap_cb));
+ eap_cb.get_config = peer_get_config;
+ eap_cb.get_bool = peer_get_bool;
+ eap_cb.set_bool = peer_set_bool;
+ eap_cb.get_int = peer_get_int;
+ eap_cb.set_int = peer_set_int;
+ eap_cb.get_eapReqData = peer_get_eapReqData;
+ eap_cb.set_config_blob = peer_set_config_blob;
+ eap_cb.get_config_blob = peer_get_config_blob;
+ eap_cb.notify_pending = peer_notify_pending;
+
+ os_memset(&eap_conf, 0, sizeof(eap_conf));
+ eap_ctx.eap = eap_peer_sm_init(&eap_ctx, &eap_cb, &eap_ctx, &eap_conf);
+ if (eap_ctx.eap == NULL)
+ return -1;
+
+ /* Enable "port" to allow authentication */
+ eap_ctx.portEnabled = true;
+
+ return 0;
+}
+
+
+void eap_example_peer_deinit(void)
+{
+ eap_peer_sm_deinit(eap_ctx.eap);
+ eap_peer_unregister_methods();
+ wpabuf_free(eap_ctx.eapReqData);
+ os_free(eap_ctx.eap_config.identity);
+ os_free(eap_ctx.eap_config.password);
+ os_free(eap_ctx.eap_config.cert.ca_cert);
+}
+
+
+int eap_example_peer_step(void)
+{
+ int res;
+ res = eap_peer_sm_step(eap_ctx.eap);
+
+ if (eap_ctx.eapResp) {
+ struct wpabuf *resp;
+ printf("==> Response\n");
+ eap_ctx.eapResp = false;
+ resp = eap_get_eapRespData(eap_ctx.eap);
+ if (resp) {
+ /* Send EAP response to the server */
+ eap_example_server_rx(wpabuf_head(resp),
+ wpabuf_len(resp));
+ wpabuf_free(resp);
+ }
+ }
+
+ if (eap_ctx.eapSuccess) {
+ res = 0;
+ if (eap_key_available(eap_ctx.eap)) {
+ const u8 *key;
+ size_t key_len;
+ key = eap_get_eapKeyData(eap_ctx.eap, &key_len);
+ wpa_hexdump(MSG_DEBUG, "EAP keying material",
+ key, key_len);
+ }
+ }
+
+ return res;
+}
+
+
+void eap_example_peer_rx(const u8 *data, size_t data_len)
+{
+ /* Make received EAP message available to the EAP library */
+ eap_ctx.eapReq = true;
+ wpabuf_free(eap_ctx.eapReqData);
+ eap_ctx.eapReqData = wpabuf_alloc_copy(data, data_len);
+}
diff --git a/package/kernel/asr-wl/asr-hostapd/asr-hostapd-2023-06-22/eap_example/eap_example_server.c b/package/kernel/asr-wl/asr-hostapd/asr-hostapd-2023-06-22/eap_example/eap_example_server.c
new file mode 100644
index 0000000..3a132bb
--- /dev/null
+++ b/package/kernel/asr-wl/asr-hostapd/asr-hostapd-2023-06-22/eap_example/eap_example_server.c
@@ -0,0 +1,300 @@
+/*
+ * Example application showing how EAP server code from hostapd can be used as
+ * a library.
+ * Copyright (c) 2007, Jouni Malinen <j@w1.fi>
+ *
+ * This software may be distributed under the terms of the BSD license.
+ * See README for more details.
+ */
+
+#include "includes.h"
+
+#include "common.h"
+#include "crypto/tls.h"
+#include "eap_server/eap.h"
+#include "wpabuf.h"
+
+void eap_example_peer_rx(const u8 *data, size_t data_len);
+
+
+struct eap_server_ctx {
+ struct eap_eapol_interface *eap_if;
+ struct eap_sm *eap;
+ void *tls_ctx;
+};
+
+static struct eap_server_ctx eap_ctx;
+
+
+static int server_get_eap_user(void *ctx, const u8 *identity,
+ size_t identity_len, int phase2,
+ struct eap_user *user)
+{
+ os_memset(user, 0, sizeof(*user));
+
+ if (!phase2) {
+ /* Only allow EAP-PEAP as the Phase 1 method */
+ user->methods[0].vendor = EAP_VENDOR_IETF;
+ user->methods[0].method = EAP_TYPE_PEAP;
+ return 0;
+ }
+
+ if (identity_len != 4 || identity == NULL ||
+ os_memcmp(identity, "user", 4) != 0) {
+ printf("Unknown user\n");
+ return -1;
+ }
+
+ /* Only allow EAP-MSCHAPv2 as the Phase 2 method */
+ user->methods[0].vendor = EAP_VENDOR_IETF;
+ user->methods[0].method = EAP_TYPE_MSCHAPV2;
+ user->password = (u8 *) os_strdup("password");
+ user->password_len = 8;
+
+ return 0;
+}
+
+
+static const char * server_get_eap_req_id_text(void *ctx, size_t *len)
+{
+ *len = 0;
+ return NULL;
+}
+
+
+static struct eapol_callbacks eap_cb;
+static struct eap_config eap_conf;
+
+static int eap_example_server_init_tls(void)
+{
+ struct tls_config tconf;
+ struct tls_connection_params tparams;
+
+ os_memset(&tconf, 0, sizeof(tconf));
+ eap_ctx.tls_ctx = tls_init(&tconf);
+ if (eap_ctx.tls_ctx == NULL)
+ return -1;
+
+ os_memset(&tparams, 0, sizeof(tparams));
+ tparams.ca_cert = "ca.pem";
+ tparams.client_cert = "server.pem";
+ /* tparams.private_key = "server.key"; */
+ tparams.private_key = "server-key.pem";
+ /* tparams.private_key_passwd = "whatever"; */
+ tparams.dh_file = "dh.conf";
+
+ if (tls_global_set_params(eap_ctx.tls_ctx, &tparams)) {
+ printf("Failed to set TLS parameters\n");
+ return -1;
+ }
+
+ if (tls_global_set_verify(eap_ctx.tls_ctx, 0, 1)) {
+ printf("Failed to set check_crl\n");
+ return -1;
+ }
+
+ return 0;
+}
+
+
+static int eap_server_register_methods(void)
+{
+ int ret = 0;
+
+#ifdef EAP_SERVER_IDENTITY
+ if (ret == 0)
+ ret = eap_server_identity_register();
+#endif /* EAP_SERVER_IDENTITY */
+
+#ifdef EAP_SERVER_MD5
+ if (ret == 0)
+ ret = eap_server_md5_register();
+#endif /* EAP_SERVER_MD5 */
+
+#ifdef EAP_SERVER_TLS
+ if (ret == 0)
+ ret = eap_server_tls_register();
+#endif /* EAP_SERVER_TLS */
+
+#ifdef EAP_SERVER_MSCHAPV2
+ if (ret == 0)
+ ret = eap_server_mschapv2_register();
+#endif /* EAP_SERVER_MSCHAPV2 */
+
+#ifdef EAP_SERVER_PEAP
+ if (ret == 0)
+ ret = eap_server_peap_register();
+#endif /* EAP_SERVER_PEAP */
+
+#ifdef EAP_SERVER_TLV
+ if (ret == 0)
+ ret = eap_server_tlv_register();
+#endif /* EAP_SERVER_TLV */
+
+#ifdef EAP_SERVER_GTC
+ if (ret == 0)
+ ret = eap_server_gtc_register();
+#endif /* EAP_SERVER_GTC */
+
+#ifdef EAP_SERVER_TTLS
+ if (ret == 0)
+ ret = eap_server_ttls_register();
+#endif /* EAP_SERVER_TTLS */
+
+#ifdef EAP_SERVER_SIM
+ if (ret == 0)
+ ret = eap_server_sim_register();
+#endif /* EAP_SERVER_SIM */
+
+#ifdef EAP_SERVER_AKA
+ if (ret == 0)
+ ret = eap_server_aka_register();
+#endif /* EAP_SERVER_AKA */
+
+#ifdef EAP_SERVER_AKA_PRIME
+ if (ret == 0)
+ ret = eap_server_aka_prime_register();
+#endif /* EAP_SERVER_AKA_PRIME */
+
+#ifdef EAP_SERVER_PAX
+ if (ret == 0)
+ ret = eap_server_pax_register();
+#endif /* EAP_SERVER_PAX */
+
+#ifdef EAP_SERVER_PSK
+ if (ret == 0)
+ ret = eap_server_psk_register();
+#endif /* EAP_SERVER_PSK */
+
+#ifdef EAP_SERVER_SAKE
+ if (ret == 0)
+ ret = eap_server_sake_register();
+#endif /* EAP_SERVER_SAKE */
+
+#ifdef EAP_SERVER_GPSK
+ if (ret == 0)
+ ret = eap_server_gpsk_register();
+#endif /* EAP_SERVER_GPSK */
+
+#ifdef EAP_SERVER_VENDOR_TEST
+ if (ret == 0)
+ ret = eap_server_vendor_test_register();
+#endif /* EAP_SERVER_VENDOR_TEST */
+
+#ifdef EAP_SERVER_FAST
+ if (ret == 0)
+ ret = eap_server_fast_register();
+#endif /* EAP_SERVER_FAST */
+
+#ifdef EAP_SERVER_WSC
+ if (ret == 0)
+ ret = eap_server_wsc_register();
+#endif /* EAP_SERVER_WSC */
+
+#ifdef EAP_SERVER_IKEV2
+ if (ret == 0)
+ ret = eap_server_ikev2_register();
+#endif /* EAP_SERVER_IKEV2 */
+
+#ifdef EAP_SERVER_TNC
+ if (ret == 0)
+ ret = eap_server_tnc_register();
+#endif /* EAP_SERVER_TNC */
+
+ return ret;
+}
+
+
+int eap_example_server_init(void)
+{
+ struct eap_session_data eap_sess;
+
+ if (eap_server_register_methods() < 0)
+ return -1;
+
+ os_memset(&eap_ctx, 0, sizeof(eap_ctx));
+
+ if (eap_example_server_init_tls() < 0)
+ return -1;
+
+ os_memset(&eap_cb, 0, sizeof(eap_cb));
+ eap_cb.get_eap_user = server_get_eap_user;
+ eap_cb.get_eap_req_id_text = server_get_eap_req_id_text;
+
+ os_memset(&eap_conf, 0, sizeof(eap_conf));
+ eap_conf.eap_server = 1;
+ eap_conf.ssl_ctx = eap_ctx.tls_ctx;
+
+ os_memset(&eap_sess, 0, sizeof(eap_sess));
+ eap_ctx.eap = eap_server_sm_init(&eap_ctx, &eap_cb, &eap_conf,
+ &eap_sess);
+ if (eap_ctx.eap == NULL)
+ return -1;
+
+ eap_ctx.eap_if = eap_get_interface(eap_ctx.eap);
+
+ /* Enable "port" and request EAP to start authentication. */
+ eap_ctx.eap_if->portEnabled = true;
+ eap_ctx.eap_if->eapRestart = true;
+
+ return 0;
+}
+
+
+void eap_example_server_deinit(void)
+{
+ eap_server_sm_deinit(eap_ctx.eap);
+ eap_server_unregister_methods();
+ tls_deinit(eap_ctx.tls_ctx);
+}
+
+
+int eap_example_server_step(void)
+{
+ int res, process = 0;
+
+ res = eap_server_sm_step(eap_ctx.eap);
+
+ if (eap_ctx.eap_if->eapReq) {
+ printf("==> Request\n");
+ process = 1;
+ eap_ctx.eap_if->eapReq = 0;
+ }
+
+ if (eap_ctx.eap_if->eapSuccess) {
+ printf("==> Success\n");
+ process = 1;
+ res = 0;
+ eap_ctx.eap_if->eapSuccess = 0;
+
+ if (eap_ctx.eap_if->eapKeyAvailable) {
+ wpa_hexdump(MSG_DEBUG, "EAP keying material",
+ eap_ctx.eap_if->eapKeyData,
+ eap_ctx.eap_if->eapKeyDataLen);
+ }
+ }
+
+ if (eap_ctx.eap_if->eapFail) {
+ printf("==> Fail\n");
+ process = 1;
+ eap_ctx.eap_if->eapFail = 0;
+ }
+
+ if (process && eap_ctx.eap_if->eapReqData) {
+ /* Send EAP request to the peer */
+ eap_example_peer_rx(wpabuf_head(eap_ctx.eap_if->eapReqData),
+ wpabuf_len(eap_ctx.eap_if->eapReqData));
+ }
+
+ return res;
+}
+
+
+void eap_example_server_rx(const u8 *data, size_t data_len)
+{
+ /* Make received EAP message available to the EAP library */
+ wpabuf_free(eap_ctx.eap_if->eapRespData);
+ eap_ctx.eap_if->eapRespData = wpabuf_alloc_copy(data, data_len);
+ if (eap_ctx.eap_if->eapRespData)
+ eap_ctx.eap_if->eapResp = true;
+}
diff --git a/package/kernel/asr-wl/asr-hostapd/asr-hostapd-2023-06-22/eap_example/server-key.pem b/package/kernel/asr-wl/asr-hostapd/asr-hostapd-2023-06-22/eap_example/server-key.pem
new file mode 100644
index 0000000..0fe2cec
--- /dev/null
+++ b/package/kernel/asr-wl/asr-hostapd/asr-hostapd-2023-06-22/eap_example/server-key.pem
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQC6oHdVIhSFVWWbZCyt7ZvdZTHJ2mBQzjjWNNzovBueMOcS41Ns
+ye1IA3mBaZjOirh3RzZFz8bg8XsecYlU9wHMIq2gQrGoNZ5gqjqYUdD/H+6+jQpj
++6I5F/JkYfZlAjJ5dOGf0YllVanDIJ6/aVaz908/qVTC2o88r/J1VPp+gQIDAQAB
+AoGAR/C5b3DOtkMgAtGPw5AXiDWNBsGOZTfJgxEnovN4Nfel64sDyqjgNeVY/kDl
+baDd0OT7j9ezU1zi1+5uQPlikFSvzgpdLgQhKkvWLzzehafb2uVaJ4VsRqS3WXK8
+RE06cYx4VQRkvQvMAXWsuua9pw36OrlpQnm3HlAbrks8Mm0CQQDgMEu2WPMWP2wj
+Q8735zbj7D0AxEFlcegPZr/QZ3qU//G0HL35FG18lsuTbDzesrf7apo3W1BBQLjS
+ZSNtyNsLAkEA1Ru6aEy/Cj2u1GYHu1u/RcshKC+W7rdVT0wDeiSTUzKafZNiwVhY
+1Epk4k5HnHB327ysTI1LiOzUMMmuNYUkIwJAKUkbmFAXLCCv5GqnYcXluOGXdl2u
+AWWRq8xrRJDZ5TihJV8pqQYXB5upj9Od/hEBir5d+hXJ2Mp3ft97P8t+cwJAGeWQ
+tXP+EySDxlPPxLjVeYnBsbx2vvOQbl5yXblsHcQcef4bFhvCT6nqsIWKtjwElLNM
+zNCuySjecD9R6DcRuQJBAJWrpgny77wP29x1WQ/29J8ZJfxe4N5wAj1SePBVNgZ3
+gfm1O+c6niNwe8RnfQimppLrrR+qK33te2SPGXiwi6g=
+-----END RSA PRIVATE KEY-----
diff --git a/package/kernel/asr-wl/asr-hostapd/asr-hostapd-2023-06-22/eap_example/server.key b/package/kernel/asr-wl/asr-hostapd/asr-hostapd-2023-06-22/eap_example/server.key
new file mode 100644
index 0000000..1416327
--- /dev/null
+++ b/package/kernel/asr-wl/asr-hostapd/asr-hostapd-2023-06-22/eap_example/server.key
@@ -0,0 +1,16 @@
+-----BEGIN PRIVATE KEY-----
+MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBALqgd1UiFIVVZZtk
+LK3tm91lMcnaYFDOONY03Oi8G54w5xLjU2zJ7UgDeYFpmM6KuHdHNkXPxuDxex5x
+iVT3AcwiraBCsag1nmCqOphR0P8f7r6NCmP7ojkX8mRh9mUCMnl04Z/RiWVVqcMg
+nr9pVrP3Tz+pVMLajzyv8nVU+n6BAgMBAAECgYBH8LlvcM62QyAC0Y/DkBeINY0G
+wY5lN8mDESei83g196XriwPKqOA15Vj+QOVtoN3Q5PuP17NTXOLX7m5A+WKQVK/O
+Cl0uBCEqS9YvPN6Fp9va5VonhWxGpLdZcrxETTpxjHhVBGS9C8wBday65r2nDfo6
+uWlCebceUBuuSzwybQJBAOAwS7ZY8xY/bCNDzvfnNuPsPQDEQWVx6A9mv9BnepT/
+8bQcvfkUbXyWy5NsPN6yt/tqmjdbUEFAuNJlI23I2wsCQQDVG7poTL8KPa7UZge7
+W79FyyEoL5but1VPTAN6JJNTMpp9k2LBWFjUSmTiTkeccHfbvKxMjUuI7NQwya41
+hSQjAkApSRuYUBcsIK/kaqdhxeW44Zd2Xa4BZZGrzGtEkNnlOKElXympBhcHm6mP
+053+EQGKvl36FcnYynd+33s/y35zAkAZ5ZC1c/4TJIPGU8/EuNV5icGxvHa+85Bu
+XnJduWwdxBx5/hsWG8JPqeqwhYq2PASUs0zM0K7JKN5wP1HoNxG5AkEAlaumCfLv
+vA/b3HVZD/b0nxkl/F7g3nACPVJ48FU2BneB+bU75zqeI3B7xGd9CKamkuutH6or
+fe17ZI8ZeLCLqA==
+-----END PRIVATE KEY-----
diff --git a/package/kernel/asr-wl/asr-hostapd/asr-hostapd-2023-06-22/eap_example/server.pem b/package/kernel/asr-wl/asr-hostapd/asr-hostapd-2023-06-22/eap_example/server.pem
new file mode 100644
index 0000000..93b39b9
--- /dev/null
+++ b/package/kernel/asr-wl/asr-hostapd/asr-hostapd-2023-06-22/eap_example/server.pem
@@ -0,0 +1,64 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 15624081837803162903 (0xd8d3e3a6cbe3cd17)
+ Signature Algorithm: sha256WithRSAEncryption
+ Issuer: C=FI, O=w1.fi, CN=Root CA
+ Validity
+ Not Before: Oct 3 22:13:55 2018 GMT
+ Not After : Oct 3 22:13:55 2019 GMT
+ Subject: C=FI, O=w1.fi, CN=server.w1.fi
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (1024 bit)
+ Modulus:
+ 00:ba:a0:77:55:22:14:85:55:65:9b:64:2c:ad:ed:
+ 9b:dd:65:31:c9:da:60:50:ce:38:d6:34:dc:e8:bc:
+ 1b:9e:30:e7:12:e3:53:6c:c9:ed:48:03:79:81:69:
+ 98:ce:8a:b8:77:47:36:45:cf:c6:e0:f1:7b:1e:71:
+ 89:54:f7:01:cc:22:ad:a0:42:b1:a8:35:9e:60:aa:
+ 3a:98:51:d0:ff:1f:ee:be:8d:0a:63:fb:a2:39:17:
+ f2:64:61:f6:65:02:32:79:74:e1:9f:d1:89:65:55:
+ a9:c3:20:9e:bf:69:56:b3:f7:4f:3f:a9:54:c2:da:
+ 8f:3c:af:f2:75:54:fa:7e:81
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Basic Constraints:
+ CA:FALSE
+ X509v3 Subject Key Identifier:
+ 31:4F:10:5C:67:9F:BE:4E:88:D6:DC:C5:AB:9E:12:88:86:69:02:4F
+ X509v3 Authority Key Identifier:
+ keyid:B8:92:DE:FD:8A:18:B3:30:C3:9F:55:F3:33:5D:B4:C8:29:8A:41:14
+
+ Authority Information Access:
+ OCSP - URI:http://server.w1.fi:8888/
+
+ X509v3 Subject Alternative Name:
+ DNS:server.w1.fi
+ X509v3 Extended Key Usage:
+ TLS Web Server Authentication
+ Signature Algorithm: sha256WithRSAEncryption
+ b6:98:ae:d9:9b:9a:44:49:b2:06:ee:af:36:83:cb:cd:cb:c9:
+ f3:38:6d:65:cb:e9:81:d2:25:dd:76:12:5c:da:3f:a1:0e:11:
+ a5:04:ed:05:29:2d:66:94:82:a2:80:67:d1:d8:78:71:72:5f:
+ 10:c3:51:a2:7b:f5:0b:5f:ec:70:12:99:cb:65:6f:50:7f:2b:
+ 05:7c:b4:d7:1b:21:77:66:47:33:f3:a7:d6:fb:ce:97:fe:5f:
+ fd:df:1f:1d:6f:ef:22:5a:c6:78:d2:2b:07:1e:55:ec:80:62:
+ 06:7a:be:6a:0d:4d:96:c2:d5:df:76:56:b0:85:6a:f8:a0:27:
+ 62:31
+-----BEGIN CERTIFICATE-----
+MIIClTCCAf6gAwIBAgIJANjT46bL480XMA0GCSqGSIb3DQEBCwUAMC8xCzAJBgNV
+BAYTAkZJMQ4wDAYDVQQKDAV3MS5maTEQMA4GA1UEAwwHUm9vdCBDQTAeFw0xODEw
+MDMyMjEzNTVaFw0xOTEwMDMyMjEzNTVaMDQxCzAJBgNVBAYTAkZJMQ4wDAYDVQQK
+DAV3MS5maTEVMBMGA1UEAwwMc2VydmVyLncxLmZpMIGfMA0GCSqGSIb3DQEBAQUA
+A4GNADCBiQKBgQC6oHdVIhSFVWWbZCyt7ZvdZTHJ2mBQzjjWNNzovBueMOcS41Ns
+ye1IA3mBaZjOirh3RzZFz8bg8XsecYlU9wHMIq2gQrGoNZ5gqjqYUdD/H+6+jQpj
++6I5F/JkYfZlAjJ5dOGf0YllVanDIJ6/aVaz908/qVTC2o88r/J1VPp+gQIDAQAB
+o4GzMIGwMAkGA1UdEwQCMAAwHQYDVR0OBBYEFDFPEFxnn75OiNbcxaueEoiGaQJP
+MB8GA1UdIwQYMBaAFLiS3v2KGLMww59V8zNdtMgpikEUMDUGCCsGAQUFBwEBBCkw
+JzAlBggrBgEFBQcwAYYZaHR0cDovL3NlcnZlci53MS5maTo4ODg4LzAXBgNVHREE
+EDAOggxzZXJ2ZXIudzEuZmkwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDQYJKoZIhvcN
+AQELBQADgYEAtpiu2ZuaREmyBu6vNoPLzcvJ8zhtZcvpgdIl3XYSXNo/oQ4RpQTt
+BSktZpSCooBn0dh4cXJfEMNRonv1C1/scBKZy2VvUH8rBXy01xshd2ZHM/On1vvO
+l/5f/d8fHW/vIlrGeNIrBx5V7IBiBnq+ag1NlsLV33ZWsIVq+KAnYjE=
+-----END CERTIFICATE-----