python3-keylime-6.3.2-150400.4.23.1<>,hifm=p9|yR!7a]z523 eNׂлS:6Ѻ:{V<&9(#ǑKIg *5|2rf 2smO#_<9'6O(PpՍx19CK{qj4$TVZ&׻J&9*34r>'>4JoZg<,lṚXF>3KQoDZ$[w]Ύ!mL>EU|?Uld & g"5 KWz Pkk k k Tk ok r$kwk~k$kL"`dq(r8|9:>b@jFrGkH4kI kX LY P\ dk]k^5b;c<d=e=f=l=u=0kvBwEXkxKkyPzU UU U&UhCpython3-keylime6.3.2150400.4.23.1Open source TPM software for Bootstrapping and Maintaining TrustKeylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution.ifm=h04-ch1c SUSE Linux Enterprise 15SUSE LLC Apache-2.0 AND MIThttps://www.suse.com/Unspecifiedhttps://github.com/keylime/keylimelinuxnoarch# python3_install_alternative: update-alternatives --quiet --install /usr/bin/keylime_verifier keylime_verifier /usr/bin/keylime_verifier-3.6 36 # python3_install_alternative: update-alternatives --quiet --install /usr/bin/keylime_registrar keylime_registrar /usr/bin/keylime_registrar-3.6 36 # python3_install_alternative: update-alternatives --quiet --install /usr/bin/keylime_agent keylime_agent /usr/bin/keylime_agent-3.6 36 # python3_install_alternative: update-alternatives --quiet --install /usr/bin/keylime_tenant keylime_tenant /usr/bin/keylime_tenant-3.6 36 # python3_install_alternative: update-alternatives --quiet --install /usr/bin/keylime_ca keylime_ca /usr/bin/keylime_ca-3.6 36 # python3_install_alternative: update-alternatives --quiet --install /usr/bin/keylime_migrations_apply keylime_migrations_apply /usr/bin/keylime_migrations_apply-3.6 36 # python3_install_alternative: update-alternatives --quiet --install /usr/bin/keylime_userdata_encrypt keylime_userdata_encrypt /usr/bin/keylime_userdata_encrypt-3.6 36 # python3_install_alternative: update-alternatives --quiet --install /usr/bin/keylime_ima_emulator keylime_ima_emulator /usr/bin/keylime_ima_emulator-3.6 36 # python3_install_alternative: update-alternatives --quiet --install /usr/bin/keylime_webapp keylime_webapp /usr/bin/keylime_webapp-3.6 36# python3_uninstall_alternative: if [ ! -e "/usr/bin/keylime_verifier-3.6" ]; then update-alternatives --quiet --remove "keylime_verifier" "/usr/bin/keylime_verifier-3.6" fi # python3_uninstall_alternative: if [ ! -e "/usr/bin/keylime_registrar-3.6" ]; then update-alternatives --quiet --remove "keylime_registrar" "/usr/bin/keylime_registrar-3.6" fi # python3_uninstall_alternative: if [ ! -e "/usr/bin/keylime_agent-3.6" ]; then update-alternatives --quiet --remove "keylime_agent" "/usr/bin/keylime_agent-3.6" fi # python3_uninstall_alternative: if [ ! -e "/usr/bin/keylime_tenant-3.6" ]; then update-alternatives --quiet --remove "keylime_tenant" "/usr/bin/keylime_tenant-3.6" fi # python3_uninstall_alternative: if [ ! -e "/usr/bin/keylime_ca-3.6" ]; then update-alternatives --quiet --remove "keylime_ca" "/usr/bin/keylime_ca-3.6" fi # python3_uninstall_alternative: if [ ! -e "/usr/bin/keylime_migrations_apply-3.6" ]; then update-alternatives --quiet --remove "keylime_migrations_apply" "/usr/bin/keylime_migrations_apply-3.6" fi # python3_uninstall_alternative: if [ ! -e "/usr/bin/keylime_userdata_encrypt-3.6" ]; then update-alternatives --quiet --remove "keylime_userdata_encrypt" "/usr/bin/keylime_userdata_encrypt-3.6" fi # python3_uninstall_alternative: if [ ! -e "/usr/bin/keylime_ima_emulator-3.6" ]; then update-alternatives --quiet --remove "keylime_ima_emulator" "/usr/bin/keylime_ima_emulator-3.6" fi # python3_uninstall_alternative: if [ ! -e "/usr/bin/keylime_webapp-3.6" ]; then update-alternatives --quiet --remove "keylime_webapp" "/usr/bin/keylime_webapp-3.6" fi&*# *" hf__9[9[  xxqdd22115l5l=E=E  W W s s b b@@uu ..ddgg 4 4 | |  zzbPK=1ŎZZNN 99TTv"s} q qss8844>[wu 8 8 [ [a : " "ff/\ \R4Bm& rJ$ + ^ ^#9J &;; 4 4ee``WW00%: \ `D   MMA 0 1 1 ej`#X~u?QU{F  55//.C47^#o JS1,^AA큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤AA큤A큤A큤A큤A큤A큤A큤A큤ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:bMifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:bMif3bMbMbMbMif3ifm:bMifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:bMbMbMbMbMbMbMbMbMbMifm:bMifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:bMbMbMbMbMbMif3bMbMifm:bMifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:bMbMbMifm:bMbMifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:bMbMbMbMbMbMbMbMbMbMifm:bMbMbMifm:bMifm:ifm:ifm:ifm:ifm:bMbMifm:bMbMbMbMbMbMbMbMifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:bMbMbMbMbMbMbMbMbMbMbMif3bMifm:bMifm:ifm:ifm:ifm:ifm:ifm:ifm:bMbMbMbMbMifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:if3bMif3ifm:bMifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:ifm:bMbMbMbMbMbMbMbMbMifm;bMifm;bMbM97f528d014381fc2ae4a938ed426f0a6ef5988bab091869f3d1256e8c01c827b4cf6e6460b150b4d1267c4f059e5c101c9a2fbd33140dffc913093753bc77009c608980c5b58a035d8dd1da623396ef06befeb57490d6d0bbcc8329178e9bbb9a3c21438aef4192f7fe54846b99845a4652f204c8d450bfcafeed52389e5f8896bfbc87e63c6bb43aba52c7604c2e541e727e9330f64199dabb0aa9fed462d571a22f1123ba517efaafdc76d6207968563f7157cae2344e2b6a3ba8266ab5fc5888b60418cb6e6b4a6295958a3694f373de79442c5ed4fd61615b8910f8cb377d8ba22dcc5b9b97c46d9b825dd2e5999b271018876265948e3b7f772d0a33ace2f7080945933f4c0a9cef8927626cd54bd6796bbafebfd53dd7058711d8354a0f6f12a0ac557fd540aa4955252894b8b8ddd4def588da17e3333750493202eea9c026378b0ed1730d5888a42a94d2f4319b9e469aaeebeb162ae9ecc6fde5ce201ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546bf43a0226cb5bbe9a4f22d12773149d49c3251a5ed860cf131047366ae1ba401f01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b4f8272bbfddb679644685e7a14d81ede1b2d0fbe72e8a2f4993042d5f44f9188e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855295971bee1db1e78d026cd62c20a4b6ed92fb353c3c4c32ad070d943c82883da295971bee1db1e78d026cd62c20a4b6ed92fb353c3c4c32ad070d943c82883da3a55067a61a33805efcbdcab561a9f83914582905f42ea84d12c05eb991392863a55067a61a33805efcbdcab561a9f83914582905f42ea84d12c05eb991392865277851d65bb16cb9fc3c30145bf9478a92f0727114edf3df6a8b8dc68ec3cb55277851d65bb16cb9fc3c30145bf9478a92f0727114edf3df6a8b8dc68ec3cb514ae6bfc279607f489f9ff9340a2399379ce40cb746018ac570545ff29042bfc14ae6bfc279607f489f9ff9340a2399379ce40cb746018ac570545ff29042bfc1b7c01e43047dcaece36cd9fd093654bf8edafa1c9cf41fd234f4669c62d7d8d1b7c01e43047dcaece36cd9fd093654bf8edafa1c9cf41fd234f4669c62d7d8d39bf142b483a6301ea7477546d9ab9ba84a8059561128bf9c1e94d58a91a3f2539bf142b483a6301ea7477546d9ab9ba84a8059561128bf9c1e94d58a91a3f253932c05985fac655267e5570ebe0a74a628778e44fa4314f5140b4ebacf3b2e63932c05985fac655267e5570ebe0a74a628778e44fa4314f5140b4ebacf3b2e62196abdad5b76b13dca13793f3916b2f87dcdc310d8e452489590893031414f29d8878779d09eb2144c2344ba652703c603d43b284610fd15684c39fc2f73ac02a425d9d5d152ab0f914b350aa1f0a45c6bb46072745b814605f34915adad9672a425d9d5d152ab0f914b350aa1f0a45c6bb46072745b814605f34915adad967cda37926844e8b7acc64ef9077b8ef973c1cb02b26cd24131486b0dd12e2b896cda37926844e8b7acc64ef9077b8ef973c1cb02b26cd24131486b0dd12e2b8963eb2f2e721b15d037d6adfae6e6372d6324178562273dc8a129ee116de6d043d3eb2f2e721b15d037d6adfae6e6372d6324178562273dc8a129ee116de6d043dda9ea551579895fddb7be7ecdc7dfafc4529ee41041fb61745d96a7b3cd42f89da9ea551579895fddb7be7ecdc7dfafc4529ee41041fb61745d96a7b3cd42f89f16ddfa022854f425461f27a5cd532e75cde3e0b4e4560d34cf5aae047db3d7df16ddfa022854f425461f27a5cd532e75cde3e0b4e4560d34cf5aae047db3d7d94ec1130e87524ef7fcf2360d69bbb472588acaee771bd4ff0ee06061cd9d8c594ec1130e87524ef7fcf2360d69bbb472588acaee771bd4ff0ee06061cd9d8c546496aad8a35ec4d817fa7ebf8a01d77203e7ab5a87deffbc6807a0d1e418e3c46496aad8a35ec4d817fa7ebf8a01d77203e7ab5a87deffbc6807a0d1e418e3c45652ec2df67670aeba073c6af69f333b83d7197892136e4573df895b200e66745652ec2df67670aeba073c6af69f333b83d7197892136e4573df895b200e6679f66df0f392c8d30803e263635f75ac60d0c23fa2b93af5ac7e8ac0f77dd59319f66df0f392c8d30803e263635f75ac60d0c23fa2b93af5ac7e8ac0f77dd5931f4aa7bbdee6a1e3b8eab73a1d06bdec369631d616ae1503580e734cdc1316eb7f4aa7bbdee6a1e3b8eab73a1d06bdec369631d616ae1503580e734cdc1316eb72679f079cfd94a3195971489a7022bf961bc8a985454d328810f521f3c8f327c2679f079cfd94a3195971489a7022bf961bc8a985454d328810f521f3c8f327cf507303b6012e9ee5854bd48bcc76ba3c503bcc4e7f98d4cfff4b872c92c836bf507303b6012e9ee5854bd48bcc76ba3c503bcc4e7f98d4cfff4b872c92c836b2b5e51f63524d3c668b8decd082dd80f86034ea40c2c00cc15696530932201792b5e51f63524d3c668b8decd082dd80f86034ea40c2c00cc156965309322017950998af11ed3f8f6977fcf60d60336cb9603bb2156d21fa533b9bd1fe8f3542250998af11ed3f8f6977fcf60d60336cb9603bb2156d21fa533b9bd1fe8f35422b5eec92820966f94557baea4a2bc35d6b4d97eae9933e213c30821b3af9ec8f3b5eec92820966f94557baea4a2bc35d6b4d97eae9933e213c30821b3af9ec8f307e89821f9507ebf3de5e3cd4ee9de5b341fdace6f5122dc978a85647ea2e2e707e89821f9507ebf3de5e3cd4ee9de5b341fdace6f5122dc978a85647ea2e2e76cc979aa118ab73d406944a496633065de86eeb7329f6077fb14224aba62a9016cc979aa118ab73d406944a496633065de86eeb7329f6077fb14224aba62a901861eec6cb2716e9426d0335d2a510bec43a73427491daded3abadf8b1555f395861eec6cb2716e9426d0335d2a510bec43a73427491daded3abadf8b1555f39516fb893c357e4905338b2542b461deabdec19365e5f96e8dbb5120468fe023bc16fb893c357e4905338b2542b461deabdec19365e5f96e8dbb5120468fe023bc94e20d272d5ce35dfdf3b357c5a0ccb4353a72aa2e9c029837b7b51615fb0fd494e20d272d5ce35dfdf3b357c5a0ccb4353a72aa2e9c029837b7b51615fb0fd4d654d2e77212abb440496686816e7aab933740c3471be25c71d9f180c4c92ce0d654d2e77212abb440496686816e7aab933740c3471be25c71d9f180c4c92ce06c1084d4b5875e3f63a5649f2304b17bd8c1e26defd96841f2dee9b06fe32c8a6c1084d4b5875e3f63a5649f2304b17bd8c1e26defd96841f2dee9b06fe32c8adae9a34eab6d12229cc459e9c82b59e9dab3854f897080fbcabab5dab618da8cdae9a34eab6d12229cc459e9c82b59e9dab3854f897080fbcabab5dab618da8ce80e1b820a343bbbd71edcddc3f0c1100745372ae11dad7185cc747156a89453e80e1b820a343bbbd71edcddc3f0c1100745372ae11dad7185cc747156a89453edbd5fcd45b848cb3320c908ef589d340ab090abcdb783640ed5f8e66e1d00a9edbd5fcd45b848cb3320c908ef589d340ab090abcdb783640ed5f8e66e1d00a92dfecde537b9a64c0582d1eed6c1d3499199bc1d9c94d16af2e4fd78709049252dfecde537b9a64c0582d1eed6c1d3499199bc1d9c94d16af2e4fd7870904925213e687777fe33f152dcc43806df8536b65636ba93980013c4b72b77504dfae9213e687777fe33f152dcc43806df8536b65636ba93980013c4b72b77504dfae90af0fdb1640335209b7143cfd832faf591ac164536b80183da08e7342f76f96f0af0fdb1640335209b7143cfd832faf591ac164536b80183da08e7342f76f96f701dbd1edce3113735727f7474fa025889eedb8ec211b4860895d541c011deff8c98abb4d5fe5dae0afc86f22df76b44e84dbeb8bd9b9aa3b54d9b1b5d52e931b7e390f8ed7534a00fa189dfa828278de586fe8169d98778b55e17b12c50580c0dc22792505bbe113fab1da2e3a2e24e85b18a8874747cd3138366c1d9788b33b743d66967b8e3593d327ca829b234e0043fc6e549b5cc225bc733b52b0da93c4a46b0a9d08737f458f4e5a17486ba994dadfcecd53af2b1544030f7a7115d14efc9a71ae28aa6268e6f4d57bb6fe408ac56d62f7032f94d5d8377b9b144da1ce3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855647223752fb42799133a3e1f45d08ea0c0b514dbea980e4e64ace22058be3f1d647223752fb42799133a3e1f45d08ea0c0b514dbea980e4e64ace22058be3f1dd45653d0ea45123362dcb2abc66adc62522bd031a863c5d2a1b71d3be9de3e9bd45653d0ea45123362dcb2abc66adc62522bd031a863c5d2a1b71d3be9de3e9bd46cf5d5a2cabac71b8c13e1d412e9f872b9931236105634a89230b1af90a18ed46cf5d5a2cabac71b8c13e1d412e9f872b9931236105634a89230b1af90a18e8e9a8c9794fe1b5ce852652a25d325bdbc6db9b39dca4e8721ccee5d8b85b4ef8e9a8c9794fe1b5ce852652a25d325bdbc6db9b39dca4e8721ccee5d8b85b4ef2bf6ae5726f62d165dafea936d4a232288a2a4dfc3e4d765301726c8d2ff70032bf6ae5726f62d165dafea936d4a232288a2a4dfc3e4d765301726c8d2ff700353b38f3898ce16d352b8ff2958ccd08718448be3b1c9470ea36e91ddca06074453b38f3898ce16d352b8ff2958ccd08718448be3b1c9470ea36e91ddca0607447bd5f85ea1592dde79e00993bff395761dfa641418a6c157840a4d94e09584f17bd5f85ea1592dde79e00993bff395761dfa641418a6c157840a4d94e09584f1bb82e1697f1a5ff2b437278da7c9eee93b20c2c1066ca3b2b5991da4c1b82cd4bb82e1697f1a5ff2b437278da7c9eee93b20c2c1066ca3b2b5991da4c1b82cd4b87ba58dccfd1546318e2be4f85b44907756bc15da9ce64eb20f05a18fe3402eb87ba58dccfd1546318e2be4f85b44907756bc15da9ce64eb20f05a18fe3402ecbfb3efcb262ad80f7b55f2939db19b340ca73c11f4cabc70634f63191c6c402cbfb3efcb262ad80f7b55f2939db19b340ca73c11f4cabc70634f63191c6c40275bd13ac03036c7498ffdb77ff91afba35649b0c207f03c932f979c2abab739378418c066686a84f0e46e3c49addd8d077831e854b93f5d47ca9f4e55c246c6225a3315b8b328839b73d960daf05e954701172530308b259336bbf76ea131c17fa2ea7da1eb41df7c256e9156989982e83d237aa7fd78de1a8fab31d87af2dbdf2971be43085453c2eae44b351c59e40e6096da882a7b3cc2e15a24b65eef6abaf91a7cab39dfcc2f9a0466a7f2b6e55274592e8603e5115448c2cc15ce65b9f1f776635886678195534052de05c3bd9ceb7b9d2910b5e1f00efbf4d9b2b342e88ec50f3f94e3c3b6613f8a69d858b78d62834a2b563c885809b4615d31df29195d2accb0b163d2de88840cfd8f7ff687fa54f3c344309f40bd1881c7ac211307c7e4ba8797a42b34e90608d7ccb923fb3ae5fbf709cb318014dcf317cf4b68fe3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b8556aa54d16468278cb028dbb3b4f02c89845dcd4273fd3eb0297c908abfbcf0ade6aa54d16468278cb028dbb3b4f02c89845dcd4273fd3eb0297c908abfbcf0adeb3a15e5c790873b483d6fd345663b1395954c555254664cb250cfde693409517b3a15e5c790873b483d6fd345663b1395954c555254664cb250cfde693409517b12ed6cd53efaa20c0eab909c51daeb7015f517fd20e46f82416ac7f249adf64b12ed6cd53efaa20c0eab909c51daeb7015f517fd20e46f82416ac7f249adf6406a4c073d7cc75bd61f0d17b976a3d39f6e286410ae2a9d2127a6ecf5889bd3e06a4c073d7cc75bd61f0d17b976a3d39f6e286410ae2a9d2127a6ecf5889bd3e5524a6e30b91243488386ca2abf763efbf4de6792d2d0f786ffb9508b5c61b995524a6e30b91243488386ca2abf763efbf4de6792d2d0f786ffb9508b5c61b99c0ef10d646d94409fac185292272c2cf4ec94eda0adc4da6ddd0ce7925eeef29c0ef10d646d94409fac185292272c2cf4ec94eda0adc4da6ddd0ce7925eeef29a4b0a7f82d2ff616c5c702a6de9910ef962b4ba041197bcd9b9e060ebcbd1be3a4b0a7f82d2ff616c5c702a6de9910ef962b4ba041197bcd9b9e060ebcbd1be366d58c0b85feb4d376eb91c1f83086d0f19ba52be251d4130227f724fc83f2ecc32cfeef230110dffb4b0e154f7282cca32f6a1101701fee77bbb796c9e37d0f272a2cfc1b732b07d5bf13e4b3cb527290a28dfd5f4bf57e037b01695b5c38b0af208aa37afa88e70ec99002140d4829b5407954168393c37a0011c628691b0b48170a485f230c650d8b4a7743827bf690b4eebbaa5a5305633fec2d7eefb196e4309f30d74c8c5333926d0314aa7cd712415424613a192d0a6b4e5cb7260cb769e90a60e89c78578972dcfbcfef96ff20a74a70cc13398c8b9887f84f16832cc3d29a30dbcfabe8612744037af8f8ddac4e3c4022054af6494ef55269e28217611d1fadf606ce125450df0361d571f7f43c4f05e9bdddfb757078b494869ffbe3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b8557dd51f7150841184f1e368fa6a0638e2c08a383e09807fbfb3f57d28504fda747dd51f7150841184f1e368fa6a0638e2c08a383e09807fbfb3f57d28504fda74b77afd291d19c43e6254fe90854f10d1c09a7f1a03143b3b7894a8ce914e3fc3b77afd291d19c43e6254fe90854f10d1c09a7f1a03143b3b7894a8ce914e3fc3e15cd1442f98e0118806237596cdfb2876f89b1a8d13342926632ff86df09b37e15cd1442f98e0118806237596cdfb2876f89b1a8d13342926632ff86df09b374b06cbf88018f0343bb94f33ffe67772354fa7fa7ce6757ef0e92415005275b74b06cbf88018f0343bb94f33ffe67772354fa7fa7ce6757ef0e92415005275b754bd27e7ce45a1cd204a95fc9efabc86b8735dd01d6c80a0f3b6b45245185163fd5c37e3ef4e13165762c2fc5257180bc5707686b8e57114b129b47515aba9fb74bb724b96bea7a3b6926662fc343bc524e8784d4f9b4056161e62cdaed89aa060afa5702484068ddbe75b7f311156f4ffd75a18a5db45560d0bf3d6860270bb68cdf959a14f8734b2155dc724a9518d0f49a4162bffe0546728e010827ca0ce304260ce014182c5ba1d371302d4ef952797bfdfb579cd7c4283bc06a1c0ba66304260ce014182c5ba1d371302d4ef952797bfdfb579cd7c4283bc06a1c0ba66212ba3284f91b19da2a60175ec9cefbc2d256abe0d0fbc23496eb6f59755f823212ba3284f91b19da2a60175ec9cefbc2d256abe0d0fbc23496eb6f59755f823743a94392fb1b40f41b346baf48859f3c4c92ea1a193295406239179faa45fe5743a94392fb1b40f41b346baf48859f3c4c92ea1a193295406239179faa45fe52c90005fd19472dc39dd3e6190ea0f49f047f8a1f88f66afe759a6ac0506aa212c90005fd19472dc39dd3e6190ea0f49f047f8a1f88f66afe759a6ac0506aa21e5115169d4b45c1957a5da7eb1417dc4662552de56f34c57c87b480d1b746b91e5115169d4b45c1957a5da7eb1417dc4662552de56f34c57c87b480d1b746b91c95675822697cae944982a0aaacdb8edf31be9396776e87a95edeee2d7451d58a50216831ebe19af288d6185bd7e75d6cc347f934054f44b415ee686ce5b3d47723109c37239bce6cadb3763b2eb17d700acb2a1a1f34f49eb35ada5d5019eef8f58c5b688f7c0052702898b3b51cd2146208e2c632ccf0d667034ee3f7c1ad45d77910152a06104f8b70432dae67897df54949c38505ec1f3822a660e0f66fb2577b6b4883e24378c308ceed333213556c7ea3114da04af2744cbab2805765843b3ac638ab2dea77e776364215658e5c2de0c6719789c798859956f08e90a1ac53f978542e2ce93037816e21271eb6a02baadc8fbbf1d98354b0e16c436297f1ecec644bb1f200d277ed984f821ba7db92681995e938476e31acf5bb575bf8d72ceb43bc11d7a6a3488cecf55e23f29b20dd6171412bfa089df9fa37df6fa38bb39cecd961f3bf3aa67d3073d6bc0ca8e66a43a3743c4883c9025f8f0d2fb38949b6dcc4b35e4652f2fcbb3e86242edf840959c5281b523526bfbe89139c184cecc72bef997e674e97f97649ef04f023b189fdc3418fd62c5512097b592b4ff3a206639e2eccd1506bdf2b75055ac70c097d22d2d79661ff967aba64e0ff702e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b85548f48aa563d076ae2f51b19a67917168269646b83689bc83db4fb35d9ddb817a48f48aa563d076ae2f51b19a67917168269646b83689bc83db4fb35d9ddb817a05cfcfba83edb9e89bad914aad5d26704c2d2017b19cd4ef695bcc9da767dd9005cfcfba83edb9e89bad914aad5d26704c2d2017b19cd4ef695bcc9da767dd90a1d1a261b4348598eaddccba8dc86b2a2c7c9680e2cb4528732291f78e8d9b2226f2e65f5bd4f6e9e891563b6fc8f31673d1280c3caa70e9052037eca7309e35c1822b5d40a0f023305c7a0ad01c0cb392018800b2e593a546bb6faae74afae9bddd88f821f634619009ddfd8a9fbac2990bbd34ade94b191469cfdd5548d8c0e8cc735c51f5a8f47e351c738fb5bfe01a5c70f4a323d1e12b96c9a3903466349f1cc0efccdef3dd27b06402222f82da9605968d7e821a9dca26207affb082ee6e802112e11a883f72a163190200a7cc506251a9c8bd486e6c06f0a00ffc632265d30936651b8cf226f32434ea8caac8908d2e244a3ca77e77733414eff7794a891c69acae93b3cc73ccd62313295d46094d0b668864624c8f02fca7e7727887e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b85546207996dfbd744b35396f3ba4d13d8314ff4fb45f2aeeaa61a7c1ccd3a1151746207996dfbd744b35396f3ba4d13d8314ff4fb45f2aeeaa61a7c1ccd3a11517e0a74f840a771854ea6b981503bc7c0be579330b92eb70ec36370dc30fd6a56de0a74f840a771854ea6b981503bc7c0be579330b92eb70ec36370dc30fd6a56d45f5672f5bced09c973d9f3766d8244762ab39782338cf7b07d597ed2ff6f0d445f5672f5bced09c973d9f3766d8244762ab39782338cf7b07d597ed2ff6f0d43c1538064d0d921e52034225fb1e35572ee3d6ac533fa9dc5db1f9875a19bde23c1538064d0d921e52034225fb1e35572ee3d6ac533fa9dc5db1f9875a19bde2de79aa663f03808a14ab1fd5f7188c2058ec4de83aa3d376ec5f305387477dbdde79aa663f03808a14ab1fd5f7188c2058ec4de83aa3d376ec5f305387477dbd41a37c1e8d8fe6cb769936efc45007d05fe9d58f50adf9bb8e3c66fda245f95a41a37c1e8d8fe6cb769936efc45007d05fe9d58f50adf9bb8e3c66fda245f95a26c1f20810278b1dc8b954215e0fa6a3020b5f87035c1285013704a5a1316c0f26c1f20810278b1dc8b954215e0fa6a3020b5f87035c1285013704a5a1316c0f339d64acdc65fd448f5349b133b5a9a38f616162aefe7bef3b1375a64a614a2f339d64acdc65fd448f5349b133b5a9a38f616162aefe7bef3b1375a64a614a2fc1857731a9fc881a271174ca53efc70c7a32484429b53ec889ad5b680800c21fc1857731a9fc881a271174ca53efc70c7a32484429b53ec889ad5b680800c21ff8fac0efcbdab12535f6346f3e91af4d6f15d69d922d87f2e67699a3d4e476c1f8fac0efcbdab12535f6346f3e91af4d6f15d69d922d87f2e67699a3d4e476c1aba83255b284306e7e695feae1cdbe13f07148459eb319bbeb931034b8dd59e1aba83255b284306e7e695feae1cdbe13f07148459eb319bbeb931034b8dd59e1dc6a5eb73110fb28c387c9411c315ad3af541d65b94efd58f7d5b641c8278dc8dc6a5eb73110fb28c387c9411c315ad3af541d65b94efd58f7d5b641c8278dc8527c6e72e6c0d4e7aa6ab0c2d475b0bc587df7e672ca69e75b2bcfc6449cc18b527c6e72e6c0d4e7aa6ab0c2d475b0bc587df7e672ca69e75b2bcfc6449cc18be28947d44158fe31761a3ff6d1d2180f072eeeefe84083551ead5ff2e868c889e28947d44158fe31761a3ff6d1d2180f072eeeefe84083551ead5ff2e868c8893ef8ce971f48b38c58aafe21378f321b551432e85fc5e308f5241833c48877c63ef8ce971f48b38c58aafe21378f321b551432e85fc5e308f5241833c48877c697271a21cd1b21df116e9e869f026125c2d5dfae8e4d30cc28c9ea025a58be2e97271a21cd1b21df116e9e869f026125c2d5dfae8e4d30cc28c9ea025a58be2e2d98345de1fb5a30d4dbbafc55957e421b878bf13c7bf324653d5b84d8569b7a2d98345de1fb5a30d4dbbafc55957e421b878bf13c7bf324653d5b84d8569b7a98b72212919f4af1f0dd38582708250f07abaa6ba11f2863f600e1db90a03d8098b72212919f4af1f0dd38582708250f07abaa6ba11f2863f600e1db90a03d80764419fe2da2da3d42373d4dfcdc8bbe979e61f285f04a2a6fcf378e9b40db47fe9ef24d1a1b513a1f17a462a4dac5a0dedaf2227b86b70cac699b84139c359d5916a23d09464509193500defaa23900fa508327031884c91da9cf4f73f8bc180bc21bffa4fbe36692ffb7b9e90d539075e0f78a67debb00130e7b098dedd143de496fffe62af8a630f4b2c67993c5b838fdb7d7460f4143c66294310bcfa15e772d452af09e1b55f601ed241866d082383465bdf6e0dc4e80c20a2697ac229e8b15f38155affeab4587d2741e1ecc53b32582b6a4ded1b3308b79617a1dfe6a390f8ae6410324022c4935efc91161691388ecefaec26210c4d56b7863b17319cf564fb7625a3b98e034c30060be2d45876e60f8dab3221ba0e778201c3388353c20dd92688a08bc127658eaeb3b091dd4c61d721b746a8be08eab1770027acadf4a09887c54f718a71ff8dba7845b361182761c814d27d1907157f388f8fa28f316c56c66dceaf8f3fb0717778ccecb0079b063b73ca2032964861e39d65954cb1cf948b8e19d7c20239530f276b5f69840926bdfeb81ac939f49ca30c7c1dee3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855c6cc38c7759722c3641e849f4a8f7105f556086004cc7708672d01f6a3c54f1ac6cc38c7759722c3641e849f4a8f7105f556086004cc7708672d01f6a3c54f1a1621fb20c71f58a0bab2de6f849eccc2b1c349661ee6861d5b419019d422f3331621fb20c71f58a0bab2de6f849eccc2b1c349661ee6861d5b419019d422f333e9a644f524578c27cc142b414df372beb39ba26cfa595d76587eac22b60b5f85e9a644f524578c27cc142b414df372beb39ba26cfa595d76587eac22b60b5f8582f0c469038b6ddd478376bdc096ae9f60d70eaebe1f2bcb9e877c5cb71620537ffc3d01d94bc2aace50fb8544d7bbef7dfe21cb340d1afd3afaacb47163bf8b182208cab4454b0bed36f18df662b2b3270a030b2908f5e2f166f221668ec6c4bac66f799fcaee48c56de163a40411e4612e8e196866689693867a579341713b0a18d86e7b597d516697b6c401cda15069d81919520e252e52ed0d76d210461fcfcb34d19f9985632ab049dc94882a3393f9c5c347e8870dd004476e3be1b9dfb3f22ce84cba8df34011f5d420ec87ad75d7f91700f21cdc8589ee388594325ef7074d5d0144efc2c2347a3e1ead9e5cc4f1f9805fda08ecb9f55325cf1d015d8cc6b2471e621ec93597f70b3569bfc38535b482b430312418eae7c40a45a704cccf6d68e3c0950ef7cc77e8ad860d25bc6c2c73b2bba30e91c3a29928074bc5ce03b281437d0e67d7e864060a73090454a19ff1de52ba006ec5fad2a1a4c5125f101a3abbb2dcdd7e2f13fa5e4be040e7a6c2ec4eafd52d09add263f85f0cae4f19b10e6a5cf124e34a2f82e439a13fba3cbefe5be5037371f8523cb38a8d9c687607e377529e60a1b07dfb17d6dcfa4f4e4f3e2ae1ff5847a5e3b18dcdebdb62ae8833cf44cf0f540154950efc98c6ec024986748bef10c168e1e8ab601f171921c6efa41a77453a0d7a316b3b54683a743a257d39a30d94b54df3e55fd57ab735efec0ae4f99a0d4b65af94c4bdb87e0f3f459bc10b540b48944ecbec7262efc57784de051b85bebb76dffc9c8ce19f5d4481f587a96a5930dbe09113beab49b4458b0cd26fd3eecd2d620713e8ba5813703158924a40bf40c28fb9db2adef8272c2efd093798809af1fa9c091d61189f55a2ec26ad2d7fe820b2bebdb054824e19f5f080791f323482a2f90d3657778fc04867d3514829f6e1f4d8f7171a7943f98def6d598cf8606927378d30757ae53b4973f50c6ed12654245835d595c37e156efca6f13cf566cb5b67cf039311d6f215847b248054e141a40edb1f6e2efeb6c6babea131e9a6c1ba2126c59e5bc8b52be11dc5f136c965abcd39268feca4d34761578df9c77313474d701750cd074eb5e3408bea9a709d05d2af618b209f5c82772090aa514b43a122cce54e3c97da67c162c5bad40837de5a64259618e42f974247240744f1f212056f963c3aec31aff1cc35cbe993d892c9ef2e58af804a3c4911cd162d5941c5b1e6a0f2d746ca6867e36df4adfa4eaed2f8e5a2c48582a8b4fb1c82b41480df27339cd56720e67ee2def5df00c1803098e5a512c92cf6684ad12f72c03f37d9286715c851d257fc52ffd377011ab6f71fa06920892a42ce01ad6007b4e8c0ae64d489a964bf4c93042c911e3eac1ebb2f04ed2b8d197415048d3db2efbe77094da68a3fe0c02abed6d911317653ddc971ac5d1eacc6e43333f374ecf377202b13330c30a58f9dd40cbb06472fadf62318d121ac47a04c10250430890f1b698df7d7d6a2a1312f27d7e760169ca3d4d0d60c0164432e844376bae22fd2cf6cca7e25e53cea795e0b1d8b5e1be9154e72db5d903cd3a46c50bbeb06695b8ef02951b85fb7bfd511ec3bc4ae8d37d67afc80e8e2d0d85fe74a6f86e7edc6b27072f38b8cf876ba5e1b6ca24e4f11bffe0537dcc3d2e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855d86a0952f6f3416e5455b54e7d40e09b0c17b10b8058926909cdc8d1d2db4c6fd86a0952f6f3416e5455b54e7d40e09b0c17b10b8058926909cdc8d1d2db4c6f1142c20575c518164d44296f1eec0bcbe9f6aa85f32bd5ef5c38b71de8f4debd1142c20575c518164d44296f1eec0bcbe9f6aa85f32bd5ef5c38b71de8f4debd83def8eabf720bd4d88348da4e3d5b6198925f2410d605fdcfe3a779d27f788b83def8eabf720bd4d88348da4e3d5b6198925f2410d605fdcfe3a779d27f788b17a76b5dcbf55af4258f0f5f4d7aaa7ff8ba28c6ae191c01ddc13b67e7b5981417a76b5dcbf55af4258f0f5f4d7aaa7ff8ba28c6ae191c01ddc13b67e7b598143d2f6e1f2ac447c3025ba5902d5aa78bf3d30d80daeb2d95876897c138a4ae813d2f6e1f2ac447c3025ba5902d5aa78bf3d30d80daeb2d95876897c138a4ae81cb624a84b6338c4b3c2f962187b26949a643d5275e60b0b45edad6ad3035c20b55153c8240a55a93808813c131ff4ee9817a9e95f4394429b001c37c4362606a8acf7cfad1ee50136f3a7235f77875dc11d99fa4d351e6adfbb1a310a848594da9801d5369c0ed815779adfc4e1369bc75e08c8cd4df8fd5a03450cd8ffbc90921adcc1738194532895dbdbe9f33ed1bdbe9d43440157a7cb430858a46de6bad453ddc364c50cc045535764c00f1f3016ead9781ae5eb939a860944d5b753f18ef17c0102263540f7b5d1254152d084804907e812641b9cc86cf914e61384c5f5b85bf2e773e006593ee2eabae7f26c1bf2ae9cc0729a13a88dcff26e333de1c33138000e18a5ac57a4a5a2c15a583d77c52f38dd4f9249582cdd09acaba38e876c545c2d6653d0d857fa8c33c8551441d8cbad6ef98e868322ebf68a6638531b3f22ce84cba8df34011f5d420ec87ad75d7f91700f21cdc8589ee388594325ecfc7749b96f63bd31c3c42b5c471bf756814053e847c10f3eb003417bc523d30/etc/alternatives/keylime_agent/etc/alternatives/keylime_ca/etc/alternatives/keylime_ima_emulator/etc/alternatives/keylime_migrations_apply/etc/alternatives/keylime_registrar/etc/alternatives/keylime_tenant/etc/alternatives/keylime_userdata_encrypt/etc/alternatives/keylime_verifier/etc/alternatives/keylime_webapp@@@@@@@@@rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootkeylime-6.3.2-150400.4.23.1.src.rpmpython3-keylime@@     /bin/sh/bin/sh/usr/bin/python3.6libtss2-tcti-device0libtss2-tcti-tabrmd0procpspython(abi)python3-M2Cryptopython3-PyYAMLpython3-SQLAlchemypython3-alembicpython3-cryptographypython3-psutilpython3-python-gnupgpython3-pyzmqpython3-requestspython3-simplejsonpython3-tornadorpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PartialHardlinkSets)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)tpm2-0-tsstpm2.0-abrmdtpm2.0-toolsupdate-alternatives3.63.0.4-14.6.0-14.0.4-14.0-15.2-1rust-keylime4.14.3if3dF@dE@cY!@b@b@bUbbV@bs@bs@b a@a@aaq@aq@aaa@a@acaC1`` @`i@````aplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.comaplanas@suse.com- Backport patch to avoid re-registration of clients with same UUID but with different TPM identity (CVE-2025-13609, bsc#1254199) + CVE-2025-13609.patch- Backport patch to avoid the leak of the authorization tag (CVE-2023-38201, boo#1213314) + CVE-2023-38201.patch- Backport patches to avoid DoS via SSL (CVE-2023-38200, boo#1213310) + CVE-2023-38200-01.patch + CVE-2023-38200-02.patch + CVE-2023-38200-03.patch- Backport CVE-2022-3500.patch (CVE-2022-3500) (bsc#1204782) + Moderate vulnerability where a node can seems as attested when in reality it is not properly attested- Drop cfssl default in keylime.conf patch (bsc#1201866)- Use chown -h to adjust persmissions for downgrade migration. This skip following symlinks and make the migration possible (bsc#1201466) - Add logrotate configuration for the services - Create run directory as non-root user - Conflict with rust-keylime - Consolidate in _distconfdir when possible - Add fix_exit.diff patch, to exit properly in SLE- Remove user downgrade mechanism from the package (CVE-2022-31250, bsc#1200885)- Fix "run_as" configuration parameter and set it to keylime:tss - Improve downgrade user migration during package update - Add patches (CVE-2022-1053, boo#1199253): + CVE-2022-1053-01.patch + CVE-2022-1053-02.patch + CVE-2022-1053-03.patch + CVE-2022-1053-04.patch- Update to version v6.3.2: * general: bump Keylime version to 6.3.2 * tpm_main: flush transient objects * pypi: add notice that the Python API is unstable * installer: use OpenSSL by default * Avoid mounting secdir while unmounting it * remove TPM, VTPM and IMA stubbing support * archive: remove all archive files * Change GH reviewers to be from developer group * added suse / opensuse support with zypper * Fix tpm import in test_tpm.py * Fix cfssl configuration in run_tests.sh * tpm_emulator: improve TPM emulator installation * config: Add option to enable DB debugging via DEBUG_DB env var * Enable SQL query cache for JSONPickleType * tpm_emulator: move everything into systemd services * Implement broader key support for Keylime's signing mechanisms * tenant: Use exponential backoff on key verification retries * tenant: Move JSON parsing to capture possible exceptions * tenant: Move verifier stop from do_quote to do_verify * pylint: Fix issues related to W0602 global-variable-not-assigned * tenant: Handle 404 error from registrar gracefully * pylint: Fix remaining code with issue R1732 consider-using-with * pylint: Fix R1732 consider-using-with * pylint: Fix issue detected by pylint-2.13.0 * pylint: Fix issue detected by pylint-2.13.0 * tenant: verify agent quote before adding to verifier * README: remove tpm2-abrmd and OSX sections * pylint: Fix issues related to W0102 dangerous-default-value * pylint: Fix R0201 no-self-use * pylint: remove W1203 logging-format-interpolation from ignore list * pylint: remove R1729 use-a-generator from ignore list * pylint: remove E1120 no-value-for-parameter from ignore list * pylint: remove W1201 logging-not-lazy from ignore list * pylint: fix C0209 consider-using-f-string * pylint: fix C0201 consider-iterating-dictionary * pylint: fix W1509 subprocess-popen-preexec-fn * keylime_tenant non-zero exit code on error * Fix prepare step adjustments in packit-ci.fmf plan * failure: fix Pattern type hint * mypy: add initial Mypy configuration * ima_ast: add type hints * failure: add type hints * logging, config: add type hints for logging module * algorithms: add type hints * json: add type hints and add JSONType as custom type * Full allowlist processing when not adding host * provider, vTPM: remove vTPM manager and provider code * tpm: fix that the set of missing PCRs is not serializable in failure * Restores the option to use keylime agents without mTLS * services: make the services run as keylime user instead of root * State in --help that SHA-256 is used for --allowlist-checksum * config: change cacert.pem to cacert.crt * registrar_client: validate connections against registrar ca certificate * tenant: validate connections against verifier ca certificate * request_client: only add custom adapter if TLS is enabled * setup: add static assets for webapp * Add TESTING.md describing testing details * Fix some remaining log format strings * Fix for database_url parameter with sqlite * Enable test basic-attestation-with-unpriviledged-agent in Packit CI * Use lazy string formatting when logging (#535) * Make Packit CI plan more resource-saving * keylime.conf: Document setting ownership in WORK_DIR (/var/lib/keylime) * agent: Make sure tmpfs is empty even if not mounted or cannot unmount * agent: Drop privileges by switching to normal user and group * agent: Move mounting of tmpfs towards beginning of main() * agent: Read measured boot log near process start * agent: Open file for IMA log file near process start * ima: Refactor read_measurement_list() to take file as argument * Add the policy name to failure event * tpm_main: Check if tpm_cert_store exists (#553) * Remove tag input from container build workflow * Push container images to quay.io/keylime org * Enable code coverage measurement for e2e tests in Packit CI * config: fix config search order * Add defaults for ephemeral keys for agent records * Update outdated greetings Github messages * services: add keylime_agent_secure.mount service * installer.sh: updated tpm2-{tools, tss}, use system packages if possible * revocation_notifier: convert the data to str in the notifiers * revocation_notifier: mark webhook threads as daemon and add timeout * Fix Packit CI test plan Summary * Enable Packit CI testing on CentOS Stream 8 * Enable Packit CI testing on Fedora Rawhide * Remove last trace of TPM 1.2 (hopefully) * verifier: remove start_tornado() function * verifier: wait for connections to be closed before stopping ioloop * revocation_notifier: kill ZeroMQ broker if it blocks more than 5s * Add more e2e tests to Packit CI * Enable EPEL repo on CentOS Stream in packit.yaml - Drop already merged patches * drop_privileges_of_agent_process_after_startup.patch * config_fix_config_search_order.patch * services_add_keylime_agent_secure_mount_service.patch- Add upstream patches: * drop_privileges_of_agent_process_after_startup.patch * config_fix_config_search_order.patch * services_add_keylime_agent_secure_mount_service.patch - Configure the agent to run as non-root (via keylime.conf) - Add keylime sysuser conf file and deploy as part of the tpm certificate subpackage - Prepare the systemd mount unit for /var/lib/keylime/secure- Drop patches beacuse merged upstream: * version.diff * cloud_verifier_tornado-use-fork_processes.patch - Drop binaries not used anymore: * keylime_provider_platform_init * keylime_provider_registrar * keylime_provider_vtpm_add - Update to version v6.3.1: * revocation_notifier: mark webhook threads as daemon and add timeout * Fix Packit CI test plan Summary * Enable Packit CI testing on CentOS Stream 8 * Enable Packit CI testing on Fedora Rawhide * Remove last trace of TPM 1.2 (hopefully) * verifier: remove start_tornado() function * verifier: wait for connections to be closed before stopping ioloop * revocation_notifier: kill ZeroMQ broker if it blocks more than 5s * Add more e2e tests to Packit CI * Enable EPEL repo on CentOS Stream in packit.yaml * agent, crypto: add localhost, server and contact ip to agent certificate * Add better default repo path for run_local.sh * Fix incorrect variable name in test_restful * Run existing agent tests against the rust-keylime agent * Fix small wording mistakes caught while reading the code * agent: move key and certificate logging levels from debug to info * agent: allow absolute paths for rsa_keyname and mtls_cert * Add missing backend parameter * cloud_verifier_tornado: use fork_processes * ci: automatically push release to PyPI * setup.{py,cfg}: Move setup configuration to setup.cfg * Add iproute tool to Dockerfile * Pylint does not like single-line functions. * A small beauty fix * This is a small fix to proactively fix Issue #840 by identifying non-escaped double quotes in the tpm2-tools output * setup.py: add version number and new Python versions, drop unsed binaries * setup.py, config: install default configuration into package path * ci: move old keylime.conf to keylime.conf.orig before running tests * retry: fix pylint issue * Adding Infineon Optiga 034 RSA and ECC certificates for Infineon SLB9675 devices. * Ensure columns "mb_refstate" and "allowlist" are of type LONGTEXT in table "verifiermain" * tenant: add exponential backoff option to retry timings * cloud verifier: add exponential backoff option to retry timings * tpm: add exponential backoff option to retry timings * test, retry: add unit test for retry algorithm * common: add algorithm for retry time calculation * registrar, tpm_main: ensure that correct types are commited to DB. * Fix typo for config param listen_notifications * Lint is _really_ unhappy today. * Linty fixes * Adding a unit test file for tpm_main * tpm_main: check if PCRs for the hash algorithm are available * tpm_main: handle if tpm2_checkquote returns no PCRs for a hash algorithm * agent: output supported_version as result not as a status * Add missing subcommands to -c help message * tests: fix mtls_cert generation in test_restful.py * revocation_notifier: fix socket path permission check * Remove unused database_query config param * Move umask calls only on entry points * config: move directory utilities to fs_util- Change back agent_uuid to hostname - Set tpm_hash_alg to sha256 by default - Update version.diff patch to point to the correct version number - Fix issue with Tornado, when multiple workers are started * Add cloud_verifier_tornado-use-fork_processes.patch (bsc#1195605)- Drop patches beacuse merged upstream: * 0001-Drop-dataclasses-module-usage.patch * 0001-config-support-merge-multiple-config-files.patch * 0001-ca-support-back-old-cyptography-API.patch - Update to version v6.3.0: * Coordinated update to fix: + bsc#1193997 (CVE-2022-23948) + bsc#1193998 (CVE-2021-43310) + bsc#1194000 (CVE-2022-23949) + bsc#1194002 (CVE-2022-23950) + bsc#1194004 (CVE-2022-23951) + bsc#1194005 (CVE-2022-23952) * secure_mount: add umount function * secure_mount: use /proc/self/mountinfo * Validate user ID in all public interfaces * validators: add uuid and agent_id validators * validators: create validators module * revocation_notifier: move zmq socket to /var/run/keylime * Update API version from 1.0 to 2.0 * tpm: do not compress quote with zlib by default * verifier: persist AK and mTLS certificate to DB * verifier: use "supported_version" for agent connections * tenant: add support for "supported_version" option for the verifier * api_version: add the option for basic validation * verifier: add supported_version field to DB and API * agent: add /version to REST API * verifier, tenant: allow agents to not use mTLS * tenant, verifier: allow manual configuration of agent mTLS * tests: migrate to mTLS * tenant: connect to the agent via mTLS * verifier: connect to the agent via mTLS * tornado_requests: handle SSLError * web_util: add mTLS context generation for agent * agent: Enable mTLS for agent REST API * crypto: add helper function for creating self signed certs * registrar: Allow the agent to registrar with a mTLS certificate * request_client: add workaround for handling certificates * request_client: add the option to ignore hostname validation * Better docs and errors about IMA hash mismatches * tests: use JSON instead Python string for IMA tests * verifier: use json.loads(..) instead of ast.literal_eval(..) * Adding Nuvoton certificate for a post 2020 TPM device. The EK cert of the device directs to the following download site: 'https://www.nuvoton.com/security/NTC-TPM-EK-Cert/Nuvoton TPM Root CA 1111.cer' (yes, including the spaces) * Improve revocation notifier IP description in keylime.conf * tornado_requests: set Content-Type header correctly for JSON * tenant: post U key to agent with correct Content-Type header * Explicitly set permissions on new keylime.conf files installed * tpm_main: close file descriptor for aik handle * verifier: do not call finish() twice * agent: fix payload execution * tests: add initial tests for web_util module * config, web_util: move get_restful_params(..) to web_util * verifier: Also retry on HTTP 500 status code * agent: improve startup and shutdown * registrar: cleanup start function * web_util: move echo_json_response(..) out of config.py * verifier: fix failure generation for V key * tornado_requests: cleanup TornadoResponse class * web_util, verifier: move mTLS SSLContext generation into separate module * ca: support back old cyptography API * Fix test branch reference in packit.yaml * ci: disable DeprecationWarning from pylint in tox * Enable new test in Packit CI * tenant: fix reactivate command * config: support merge multiple config files * ci: use only fedora-stable for packit * elchecking: harden example policy against event type manipulation * elchecking: add new tests * tests: fix stdout formatting for agent and verifier * Drop dataclasses module usage * revocation notifier: handle shutdown of process gracefully * verifier: handle SIGINT and SIGTERM correctly * ima_emulator: fix IMA hash validation and add more options * ima_ast: fix handling ToMToU errors * Remove leftovers of TPM 1.2 support * agent: improved validation for post function * agent: better validation for mask and nonce * config: add function to validate hex strings * agent: keys/verify check if challenge was provided * tpm_main: do not append /usr/local/{bin,lib} to default env * db: only set length on Text type if supported * json: do not make sqlalchemy a hard requirement * Enable functional testing with Packit CI * ima_emulator: specify sys.argv as the named parameter argv in main() * elchecking example policy: make it work with Fedora 34 * elchecking example policy: initrd* might be also called initramfs* * scripts: add mb_refstate generator for example policy * config: change tpm_hash_alg to SHA1 by default * parse_mb_bootlog: specify the used hash algorithm used for PCRs * agent: add warning that on kernels <5.10 IMA only works with SHA1 * tpm: explicitly pass hash alg to sim_extend(..) * ima emulator: use IMA AST and support multiple hash algorithms * tests: update IMA allowlist version number * ima: add option 'log_hash_alg' to IMA allowlist * ima: remove hard requirement for SHA1 PCR 10 * algorithms: extend Hash class to simplify computing hash values * config, tpm_main: explicitly handle YAML load errors * config: private_key must be set to -private.pem not -public.pem * agent: add UUID option environment * agent: drop openstack uuid option- Set /var/lib/keylime under the same permissions expected by the code- Add 0001-config-support-merge-multiple-config-files.patch This will allow the merge of config files in /usr/etc and /etc. - Move the configuration file to /usr/etc in new distributions - Add 0001-ca-support-back-old-cyptography-API.patch This is only required for SLE, but the API is compatible with new versions- Add 0001-Drop-dataclasses-module-usage.patch, to support Python 3.6- Fix cfssl bcond logic in Tumbleweed / SLE- Update to version v6.2.1: * Another addition to gitignore * Update .gitignore with more Keylime-specific files * json: add support for sqlalchemy.engine.row.Row in newer sqlalchemy * ima_ast: check if the PCR is the same as in the config * Fix permissions issue on volume mount in run_local.sh * Make run_local.sh use a local copy of the repo * Small updates to GOVERNANCE.md * Move cargo-tarpaulin install to separate command * config: drop registrar_* TLS options in [registrar] section * Fix missing && in Dockerfile * Remove simplejson from scripts and docs * Replace simplejson with built-in json module * Add rust-keylime container dependencies * config: fix getboolean with fallback * Clean up CI scripts and rewrite run_local.sh * ima: for ToMToU errors skip template content validation * ima: Use a set of entry numbers and file offsets to remember multiple positions * Rename CONTRIBUTORS.md to CONTRIBUTING.md * Update GOVERNANCE.md to match MAINTAINERS.md rename * Update MAINTAINERS * Update README: remove Gitter, Travis CI * ca: Use UTC when setting certificate validity * Tenant commands return json * scripts: Allow passing a base policy to create_policy tool * ima: Handle the case of ima-sig with a path with spaces in them * add length to string object * scripts: Implement create_policy to create the JSON allowlist from files * ima: Also add a sha256 default boot_aggregate hash with 64 '0's * ima: Use seek() to get to the last known last entry * ima: Extend allowlist to be able to handle generic ima-buf entries * ima: Extend JSON allowlist with 'ima' entry and 'ignored_keyrings' * ima: Populate verifier keyrings with keys taken from ima-buf log line * ima: Remove methods from ImaKeyring that are now in ImaKeyrings * ima: Start passing ima_keyrings through APIs replacing ima_keyring * Extend AgentAttestState with ima_keyrings field and use it * ima: Implement ImaKeyrings class to support multiple keyrings * verifier: Extend verifier DB to persist learned keyrings * Fix a couple of pylint errors * ima: Fix spurious attestation failures * ima: make ToMToU errors not a failure by default * Simple fix for tenant error message printout. * pylint: Fix errors related to R1714 * pylint: Suppress C0201, C0209 and W0602 newly reported errors * installer: do not install tpm2-abrmd * tpm: by default use /dev/tpmrm0 instead of tpm2-abrmd * verifier: add option to send revocation messages via webhook- Fix keylime configuration file attributes- Requires python-psutil - Disable automatic execution of the payload by default - Use ramdom UUID by default- Introduce a bcond for cfssl detection- Drop cfssl if we are not in openSUSE- Update to version 6.2.0: * Fix bug #757 where revoc cert was treated as text * Code improvement: removal of extra dependencies in measured boot attestation (#755) * Sanitize the exclude list while it is ingested at `tenant` by removing comments (^#) and empty lines. * tenant: show severity level and last event id in status * verifier: move to new failure architecture * pcr validation: move to new failure architecture * measured boot: move to new failure architecture * ima: move to new failure architecture * failure: add infrastructure to tag and collect revocation events in Keylime * Simulating use of SSLContext.minimum_version on ssl v3.6 * verifier: fix minor typos * Add tests for ca_impl_cfssl and ca_util * Replace M2Crypto with python-cryptography * tenant: status now shows if a agent was added to the registrar * tenant: open file to send utf-8 encoded * Correct some comments about and remove vestige in MB policy * fixing a small bug that resulted in malformed refstates not failing MBA * agent: ensure that EK is in PEM format when used as uuid * Solves #703 by adding a "non-trivial" example of a "measured boot policy" (#734) * ci: build and publish container images * codestyle: fix W0612 and R1735 pylint errors * codestyle: fix W1514 pylint error * systemd: Add KillSignal=SIGINT to keylime_agent.service * One-liner to set the minimum version of TLS to v1.2 * pylint fix * Typo fix: return list order confusion between measured_boot.py and tpm_abstract.py * Refactor keylime_logging module * ima: Implement ima-buf validator and validate keys on keyrings (#725) * Remove Python 2 leftovers * Additional fix for the processing of "tpm_policy" * ima: Return an empty allowlist rather than a plain empty list * verifier: convert (v)tpm_policy in DB from string to JSONPickleType * verifier: Create AgentAttestState objects from entries in the db * verifier: Persist the IMA attestation state after running the log verification * db: Add DB migration file for boottime, ima_pcrs, pcr10, and next_ima_ml_entries * verifier: Skip attestation one time if agent's boottime changed * test: Add test case simulating iterative attestation * verifier: Delete an AgentAttestState when deleting an agent * ima: Remember the number of lines successfully processed and last IMA PCR value(s) * ima: Reset the attestation if processing the measurement list fails * debug: Show line number when PCR match occurs * verifier: Extend AgentAttestState with state of the IMA PCR * Consult the AgentAttestState for the next measurement list entry * Introduce an AgentAttestState class for passing state through the APIs * verifier: Request IMA log at entry 0 for now * agent: Get boottime and transfer to verifier * agent: Add support for optional IMA log offset parameter * tests: Add a unit test for the IMA function and run it * agent: Move IMA measurement list reading function to ima.py * Add default verifier-check value * Use tox for pylint * Use Fedora 34 as base image for CI container * Run ci jobs only when needed * config: merge convert and list_convert into the same function * Versioned APIs * Refacator of check_pcrs to parse then validate (#716) * Automatically calculates the boot_aggregate from the measured boot log. (#713) * Set default UUID as lowercase (#699) * tenant: do_cvdelete wait until 404 * Ensures the output of `bulkinfo` command in `keylime_tenant` is JSON * ima: Convert pcrval to bytes to increase efficiency * tests: extend ima tests for signature validation and exclude lists * Allow agents to specify a contact ip address and port for the tenant and CV (#690) * verifer: Fix signature and allowlist evaluation bahavior change * ima: Fix runtime error due to wrong datatype * tenant: add the option to specify the registrar ip and port * measured_boot: drop process_refstate * check_pcrs: match PCR if no mb_refstate is provided * ci: make run_local.sh work with newer docker versions * Fixing pylint errors (#698) * tests: add IMA test where validation should be ignored * ima: Use ima_ast for parsing and validation * tests: Add test for ima AST parser * ima: Introducing a AST for parsing and validation * Make stalebot a bit nicer * enable tenant to fetch all (or verifier specific) agents info in a single call from the verifier * Flush all sessions from TPM device (#682) * multiple named verifiers sharing a single database * webapp: fix tls certs paths (#659) * Corrects markdown to have proper rendering (#673) * ima_file_signatures: Extract keyidv2 from x509 certs * installer: Add '-r' option to cp to copy directory (issue #671) * config: Add optional fallback parameter to get() * agent: Fix the usage of dmidecode during the agent startup (issue #664) * agent: Rename allowlist to ima_allowlist in keylime.conf * Fix decoding error in user_data_encrypt * agent: Fix issue #667 by testing for an empty ima_sign_verification_keys list * Addresses issue #660 (database path while running local tests) (#665) * ima: Return 'None' when ImaKeyring.from_string() called with emtpy string * tests: Move unittests into files with suffix _test.py * Fixes and improvements for database configuration (#654) * Add signature verification support for local and remote IMA signature verification keys (#597) * install: Remove TPM 1.2 support from installer and bundeling scripts * CI/CD: Remove tpm1.2 testing support * Remove duplicated calls to verifier * Remove adding entropy to system rng * Cleanup and fix error case in encryptAIK (#648) * Move measured boot related code into functions to make check_pcrs readable (#642) * Move code related to tpm2_checkquote into its own function (#639) * scripts: Cleanup shell script formatting * installer.sh: Do not delete the local copy of the certificates. * Fix user_data_encrypt to UTF8 decode before print * tpm_abstract: Fix adding of entropy * codestyle: Ignore R1732 implemented by pylint >=2.8.0 * a fix for letting JSON encoding bytes correctly * Adding back reglist to the list of commands that don't need a -t argument * Invoke tpm2_evictcontrol for 4.0 and 4.2 tools if aik_handle exists (#624) * Addresses #436 (#611) * Fixes #620 * Include PCR16 in the quote only when needed * Close leaking file descriptors (#622) * installer.sh: Add missing spaces when efivar is added * More ima_emulator_adapter cleanups (#616) * installer: Add json-c-devel/json-c-dev to BUILD_TOOLS for tpm2-tss build * Remove more commented code in ca_util.py * installer: Only install efi library on x86_64 systems * Create allowlist table and basic API support * installer: Add libuuid-devel/uuid-dev to BUILD_TOOLS for tpm2_tools build * WIP: Some cleanups (#612) * Remove _cLime.c * config: Document the measured boot PCRs and what is using them * Very simple fix for the agent (re: measured boot) The agent code does not need to import "measured boot policies" * ima_emulator_adapater: Remove unnecessary global statement * webapp: Fix private key and certificate path (issue #604) * Add support for keylime_webapp service to read intervals from keylime.conf- Update to Keylime 6.1.1 + keylime_tenant add crash with TypeError: Object of type 'bytes' is not JSON serializable + Whenever Keylime agent starts and cannot contact the registrar, it fails and quits without flushing create EK handles + keylime_tenant -c reglist now requires a "-t" parameter for no reason + Duplicated API calls to verifier in webapp backend + Installer deletes tpm_cert_store files + agent_uuid set to dmidecode crashes Keylime + Copying of tpm_cert_store fails during installation + If the PCR belong to a measured boot list, it is not validated + keylime_tenant --c update fails with a race condition - Drop patches already present in the new version + webapp-fix-tls-certs-paths.patch + check_pcrs-match-PCR-if-no-mb_refstate-is-provided.patch + tenant-do_cvdelete-wait-until-404.patch- Add tenant-do_cvdelete-wait-until-404.patch to fix the update command- Adjust the default revocation notifier binding IP - Default to CFSSL in keylime.conf- Add config-libefivars.diff to adjust the path of the library- Add check_pcrs-match-PCR-if-no-mb_refstate-is-provided.patch (gh#keylime/keylime!695) - Recommends CFSSL in the registrar (actually should be the CA) - Change default value for require_ek_cert to False - Reorder the patches to separate upstream fixes from openSUSE ones- Add webapp-fix-tls-certs-paths.patch (gh#keylime/keylime!659) - Recommend dmidecode for the agent - Require libtss2-tcti-{device0,tabrmd0} to use abrmd service - Add keylime.conf.diff patch to change the default config file - Add keylime.xml for firewalld service definition- Update to version 6.1.0: * Update python cryptography lib to v3.3.2 * installer.sh improvments * run_local.sh: Run unit tests in keylime/tpm/tpm2_objects.py * Fourth and final PR to address #491 (#580) * scripts: Also use pylint-3 if pylint is not installed * agent: Fix the checking for a specific error returned by tpm2_quote * Allowlist verification - Enhancement #16 * Forgot to remove the original, more crude solution (which caused pylint errors) * New and improved code to fix issue #582 * Consistent formatting for logging strings/bin/sh/bin/shh04-ch1c 1768320317  ! #$%&&((**,,..0022456688::<<>>@@BBDDFFHHJJLLNNPPRRTTVVXXZZ\\^^``bbddffhhjjllnopqrstuvwxxzz||~~       !!##%%'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTTVVXXZZ\\^_`abcdefghijk6.3.2-150400.4.23.1   keylime_agentkeylime_cakeylime_ima_emulatorkeylime_migrations_applykeylime_registrarkeylime_tenantkeylime_userdata_encryptkeylime_verifierkeylime_webappkeylime_agentkeylime_agent-3.6keylime_cakeylime_ca-3.6keylime_ima_emulatorkeylime_ima_emulator-3.6keylime_migrations_applykeylime_migrations_apply-3.6keylime_registrarkeylime_registrar-3.6keylime_tenantkeylime_tenant-3.6keylime_userdata_encryptkeylime_userdata_encrypt-3.6keylime_verifierkeylime_verifier-3.6keylime_webappkeylime_webapp-3.6keylimekeylime-6.3.2-py3.6.egg-infoPKG-INFOSOURCES.txtdependency_links.txtentry_points.txtnot-zip-safetop_level.txt__init__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pycagentstates.cpython-36.opt-1.pycagentstates.cpython-36.pycapi_version.cpython-36.opt-1.pycapi_version.cpython-36.pycca_impl_cfssl.cpython-36.opt-1.pycca_impl_cfssl.cpython-36.pycca_impl_openssl.cpython-36.opt-1.pycca_impl_openssl.cpython-36.pycca_util.cpython-36.opt-1.pycca_util.cpython-36.pyccloud_verifier_common.cpython-36.opt-1.pyccloud_verifier_common.cpython-36.pyccloud_verifier_tornado.cpython-36.opt-1.pyccloud_verifier_tornado.cpython-36.pyccmd_exec.cpython-36.opt-1.pyccmd_exec.cpython-36.pycconfig.cpython-36.opt-1.pycconfig.cpython-36.pyccrypto.cpython-36.opt-1.pyccrypto.cpython-36.pyccryptodome.cpython-36.opt-1.pyccryptodome.cpython-36.pycfailure.cpython-36.opt-1.pycfailure.cpython-36.pycfs_util.cpython-36.opt-1.pycfs_util.cpython-36.pycima.cpython-36.opt-1.pycima.cpython-36.pycima_ast.cpython-36.opt-1.pycima_ast.cpython-36.pycima_file_signatures.cpython-36.opt-1.pycima_file_signatures.cpython-36.pycima_test.cpython-36.opt-1.pycima_test.cpython-36.pycjson.cpython-36.opt-1.pycjson.cpython-36.pyckeylime_agent.cpython-36.opt-1.pyckeylime_agent.cpython-36.pyckeylime_logging.cpython-36.opt-1.pyckeylime_logging.cpython-36.pycmeasured_boot.cpython-36.opt-1.pycmeasured_boot.cpython-36.pycregistrar_client.cpython-36.opt-1.pycregistrar_client.cpython-36.pycregistrar_common.cpython-36.opt-1.pycregistrar_common.cpython-36.pycrequests_client.cpython-36.opt-1.pycrequests_client.cpython-36.pycrevocation_notifier.cpython-36.opt-1.pycrevocation_notifier.cpython-36.pycsecure_mount.cpython-36.opt-1.pycsecure_mount.cpython-36.pycsigning.cpython-36.opt-1.pycsigning.cpython-36.pyctenant.cpython-36.opt-1.pyctenant.cpython-36.pyctenant_webapp.cpython-36.opt-1.pyctenant_webapp.cpython-36.pyctornado_requests.cpython-36.opt-1.pyctornado_requests.cpython-36.pyctpm_bootlog_enrich.cpython-36.opt-1.pyctpm_bootlog_enrich.cpython-36.pyctpm_ek_ca.cpython-36.opt-1.pyctpm_ek_ca.cpython-36.pycuser_utils.cpython-36.opt-1.pycuser_utils.cpython-36.pycuser_utils_test.cpython-36.opt-1.pycuser_utils_test.cpython-36.pycweb_util.cpython-36.opt-1.pycweb_util.cpython-36.pycagentstates.pyapi_version.pyca_impl_cfssl.pyca_impl_openssl.pyca_util.pycloud_verifier_common.pycloud_verifier_tornado.pycmd__init__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pycagent.cpython-36.opt-1.pycagent.cpython-36.pycca.cpython-36.opt-1.pycca.cpython-36.pycima_emulator_adapter.cpython-36.opt-1.pycima_emulator_adapter.cpython-36.pycmigrations_apply.cpython-36.opt-1.pycmigrations_apply.cpython-36.pycregistrar.cpython-36.opt-1.pycregistrar.cpython-36.pyctenant.cpython-36.opt-1.pyctenant.cpython-36.pycuser_data_encrypt.cpython-36.opt-1.pycuser_data_encrypt.cpython-36.pycverifier.cpython-36.opt-1.pycverifier.cpython-36.pycwebapp.cpython-36.opt-1.pycwebapp.cpython-36.pycagent.pyca.pyima_emulator_adapter.pymigrations_apply.pyregistrar.pytenant.pyuser_data_encrypt.pyverifier.pywebapp.pycmd_exec.pycommon__init__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pycalgorithms.cpython-36.opt-1.pycalgorithms.cpython-36.pycexception.cpython-36.opt-1.pycexception.cpython-36.pycmetrics.cpython-36.opt-1.pycmetrics.cpython-36.pycretry.cpython-36.opt-1.pycretry.cpython-36.pycstates.cpython-36.opt-1.pycstates.cpython-36.pycvalidators.cpython-36.opt-1.pycvalidators.cpython-36.pycalgorithms.pyexception.pymetrics.pyretry.pystates.pyvalidators.pyconfig.pycrypto.pycryptodome.pydb__init__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pyckeylime_db.cpython-36.opt-1.pyckeylime_db.cpython-36.pycregistrar_db.cpython-36.opt-1.pycregistrar_db.cpython-36.pycverifier_db.cpython-36.opt-1.pycverifier_db.cpython-36.pyckeylime_db.pyregistrar_db.pyverifier_db.pyelchecking__init__.py__main__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pyc__main__.cpython-36.opt-1.pyc__main__.cpython-36.pycexample.cpython-36.opt-1.pycexample.cpython-36.pycpolicies.cpython-36.opt-1.pycpolicies.cpython-36.pyctests.cpython-36.opt-1.pyctests.cpython-36.pycexample.pypolicies.pytests.pyfailure.pyfs_util.pyima.pyima_ast.pyima_file_signatures.pyima_test.pyjson.pykeylime.confkeylime_agent.pykeylime_logging.pymeasured_boot.pymigrations__init__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pycenv.cpython-36.opt-1.pycenv.cpython-36.pycalembic.inienv.pyversions1ac1513ef2a1_fix_mb_and_ima_column_types.py257fe0f0c039_add_fields_for_revocation_context_to_.py63c30820fdc1_add_mtls_cert_and_ak_to_verifier_db.py7d5db1a6ffb0_add_agentstates_columns.py8a44a4364f5a_initial_database_migration.py8da20383f6e1_extend_ip_field.py9169f80345ed_add_supported_version_to_verifiermain_.py__init__.py__pycache__1ac1513ef2a1_fix_mb_and_ima_column_types.cpython-36.opt-1.pyc1ac1513ef2a1_fix_mb_and_ima_column_types.cpython-36.pyc257fe0f0c039_add_fields_for_revocation_context_to_.cpython-36.opt-1.pyc257fe0f0c039_add_fields_for_revocation_context_to_.cpython-36.pyc63c30820fdc1_add_mtls_cert_and_ak_to_verifier_db.cpython-36.opt-1.pyc63c30820fdc1_add_mtls_cert_and_ak_to_verifier_db.cpython-36.pyc7d5db1a6ffb0_add_agentstates_columns.cpython-36.opt-1.pyc7d5db1a6ffb0_add_agentstates_columns.cpython-36.pyc8a44a4364f5a_initial_database_migration.cpython-36.opt-1.pyc8a44a4364f5a_initial_database_migration.cpython-36.pyc8da20383f6e1_extend_ip_field.cpython-36.opt-1.pyc8da20383f6e1_extend_ip_field.cpython-36.pyc9169f80345ed_add_supported_version_to_verifiermain_.cpython-36.opt-1.pyc9169f80345ed_add_supported_version_to_verifiermain_.cpython-36.pyc__init__.cpython-36.opt-1.pyc__init__.cpython-36.pyca79c27ec1054_add_mtls_cert_field_to_registrar.cpython-36.opt-1.pyca79c27ec1054_add_mtls_cert_field_to_registrar.cpython-36.pyca7a64155ab3a_add_ima_filesigning_keys_column.cpython-36.opt-1.pyca7a64155ab3a_add_ima_filesigning_keys_column.cpython-36.pycae898986c6e9_add_mb_refstate_column.cpython-36.opt-1.pycae898986c6e9_add_mb_refstate_column.cpython-36.pycb4d024197413_add_verfier_id_to_verifiermain_table.cpython-36.opt-1.pycb4d024197413_add_verfier_id_to_verifiermain_table.cpython-36.pycc3842cc9ee69_store_keyrings_learned_from_ima_log.cpython-36.opt-1.pycc3842cc9ee69_store_keyrings_learned_from_ima_log.cpython-36.pyccc2630851a1f_receive_the_aik_tpm_from_the_agent.cpython-36.opt-1.pyccc2630851a1f_receive_the_aik_tpm_from_the_agent.cpython-36.pyceb869a77abd1_create_allowlist_table.cpython-36.opt-1.pyceb869a77abd1_create_allowlist_table.cpython-36.pyceeb702f77d7d_allowlist_rename.cpython-36.opt-1.pyceeb702f77d7d_allowlist_rename.cpython-36.pycf35cdd35eb83_move_v_tpm_policy_to_jsonpickletype.cpython-36.opt-1.pycf35cdd35eb83_move_v_tpm_policy_to_jsonpickletype.cpython-36.pycf82c4252bc4f_add_ip_and_port_to_registrar.cpython-36.opt-1.pycf82c4252bc4f_add_ip_and_port_to_registrar.cpython-36.pyca79c27ec1054_add_mtls_cert_field_to_registrar.pya7a64155ab3a_add_ima_filesigning_keys_column.pyae898986c6e9_add_mb_refstate_column.pyb4d024197413_add_verfier_id_to_verifiermain_table.pyc3842cc9ee69_store_keyrings_learned_from_ima_log.pycc2630851a1f_receive_the_aik_tpm_from_the_agent.pyeb869a77abd1_create_allowlist_table.pyeeb702f77d7d_allowlist_rename.pyf35cdd35eb83_move_v_tpm_policy_to_jsonpickletype.pyf82c4252bc4f_add_ip_and_port_to_registrar.pyregistrar_client.pyregistrar_common.pyrequests_client.pyrevocation_actions__init__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pycprint_metadata.cpython-36.opt-1.pycprint_metadata.cpython-36.pycupdate_crl.cpython-36.opt-1.pycupdate_crl.cpython-36.pycprint_metadata.pyupdate_crl.pyrevocation_notifier.pysecure_mount.pysigning.pystaticcsswebapp.cssiconsICON-LICENSEREADME.mdpngban-2x.pngban-3x.pngban-4x.pngban-6x.pngban-8x.pngban.pngbug-2x.pngbug-3x.pngbug-4x.pngbug-6x.pngbug-8x.pngbug.pngkeylime.pngplus-2x.pngplus-3x.pngplus-4x.pngplus-6x.pngplus-8x.pngplus.pngtrash-2x.pngtrash-3x.pngtrash-4x.pngtrash-6x.pngtrash-8x.pngtrash.pngjswebapp.jstenant.pytenant_webapp.pytornado_requests.pytpm__init__.py__pycache____init__.cpython-36.opt-1.pyc__init__.cpython-36.pyctpm2_objects.cpython-36.opt-1.pyctpm2_objects.cpython-36.pyctpm2_objects_test.cpython-36.opt-1.pyctpm2_objects_test.cpython-36.pyctpm_abstract.cpython-36.opt-1.pyctpm_abstract.cpython-36.pyctpm_main.cpython-36.opt-1.pyctpm_main.cpython-36.pyctpm2_objects.pytpm2_objects_test.pytpm_abstract.pytpm_main.pytpm_bootlog_enrich.pytpm_ek_ca.pyuser_utils.pyuser_utils_test.pyweb_util.pypython3-keylimeREADME.mdpython3-keylimeICON-LICENSELICENSE/etc/alternatives//usr/bin//usr/lib/python3.6/site-packages//usr/lib/python3.6/site-packages/keylime-6.3.2-py3.6.egg-info//usr/lib/python3.6/site-packages/keylime//usr/lib/python3.6/site-packages/keylime/__pycache__//usr/lib/python3.6/site-packages/keylime/cmd//usr/lib/python3.6/site-packages/keylime/cmd/__pycache__//usr/lib/python3.6/site-packages/keylime/common//usr/lib/python3.6/site-packages/keylime/common/__pycache__//usr/lib/python3.6/site-packages/keylime/db//usr/lib/python3.6/site-packages/keylime/db/__pycache__//usr/lib/python3.6/site-packages/keylime/elchecking//usr/lib/python3.6/site-packages/keylime/elchecking/__pycache__//usr/lib/python3.6/site-packages/keylime/migrations//usr/lib/python3.6/site-packages/keylime/migrations/__pycache__//usr/lib/python3.6/site-packages/keylime/migrations/versions//usr/lib/python3.6/site-packages/keylime/migrations/versions/__pycache__//usr/lib/python3.6/site-packages/keylime/revocation_actions//usr/lib/python3.6/site-packages/keylime/revocation_actions/__pycache__//usr/lib/python3.6/site-packages/keylime/static//usr/lib/python3.6/site-packages/keylime/static/css//usr/lib/python3.6/site-packages/keylime/static/icons//usr/lib/python3.6/site-packages/keylime/static/icons/png//usr/lib/python3.6/site-packages/keylime/static/js//usr/lib/python3.6/site-packages/keylime/tpm//usr/lib/python3.6/site-packages/keylime/tpm/__pycache__//usr/share/doc/packages//usr/share/doc/packages/python3-keylime//usr/share/licenses//usr/share/licenses/python3-keylime/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:42222/SUSE_SLE-15-SP4_Update/d0ae6d4b4256d493e773b8b16a781d7e-keylime.SUSE_SLE-15-SP4_Updatedrpmxz5noarch-suse-linux    emptyPython script, ASCII text executabledirectoryASCII text, with very long linesASCII textpython 3.6 byte-compiledassembler source, ASCII textUTF-8 Unicode textPNG image data, 16 x 16, 8-bit/color RGBA, non-interlacedPNG image data, 24 x 24, 8-bit/color RGBA, non-interlacedPNG image data, 32 x 32, 8-bit/color RGBA, non-interlacedPNG image data, 48 x 48, 8-bit/color RGBA, non-interlacedPNG image data, 64 x 64, 8-bit/color RGBA, non-interlacedPNG image data, 8 x 8, 8-bit/color RGBA, non-interlacedPNG image data, 721 x 720, 8-bit/color RGBA, non-interlacedPython script, ASCII text executable, with very long lines  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~     RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRu;Wlutf-834e0c085efbb06debba67b1f8b0e4c1222de20b971a80ed06b22b16ec07d5c88?7zXZ !t/<&1]"k%4Pa Ìv,̋uNZrtdpm'ThkhoxkǸNb^WGU&jU1puI04 >4dAJ˯GVnbm &U֗wYE-B[?aAk5RIK-pc7b[jE+;JmnѶ'6Js̫2ʬZ7EPyq)\,Z5Շ>Wo]8 dvcq MՈhB<^Ky:^|o+T`ƾ/;eY=}DW#Eg/\Q5@!z{)45JNwpREkVt[|Cſ5a&%2nϿ!nLDG" Oj] Nt-sA!BF Mf\0.@F$ue>^TD&0?nt3O..x{Tz{. &fQ`/ŔVTgD|Z@|B|B<9ϭLQ 0s q\xf+\lPW;Ccn13-*{D?rŪIjOEv@/I3pFw0X&7QlmyYXݐ"uYzc,Y\Nffɯ`+ ˕A`[XdQ;+QT/g.K ZA1OVɏy; K6ܓ 'ED?!a J^jo1ZpMw\7UQ=tUԂ$ZCծ<%F,% (wd~H=6想;OR9L} #^z=OýʸnJmR<֤Z?jc#ߋ5  uql'سWTn-#d7Dfj8[d%F %EqGfmYLJl:*h|bBV|$5-ձ[yLր#P6==OS1GŬ뷽r/j*6=4s(zncTtuōٲx &Kx;ǪSz!I81uAdX3p'*T XYIdQs*ekT!7qJR) '7N/ty6*fp>Z1&ã&J97)JkGKWI DEb0ȈP}v-IJI4E"HLxK,rh+3(D2Yq&N?D-eek5)@G}L=OzJ J:KƟ*}Dh@Jâv& ű|N lT;c r"ϗ6IwXwJ_l56{xXH%_Ҳ@<5/Mi"}54nmj?SQHl+i(}̒t23с@&{mqQEM,͟\H7k;'o4 Ex'@<>rRARtr?UƔ\@khw8~ -3ؒ(_@UeўhpM$gR1_gR&e`ҲWkb` ECY*7-й()JR0AHFN.]Mm[!A(6`;Z$?`4igG"y@rԄ&wGߐ5* Z88;m.ǻ cv!Gc?8MOww!.V IOI}TQծR%vi;J-e+L`|{A}{M0^\= 9A~kJ"]0X9O"A3R_kKnAcL^%pt=S;qDQO$=ǿv`003Z<Xb*FAf1*L9rZ~151I' nP1oOO Btz~ӡlzbGg&*htNS#Q#$p1{SJh5ȏ<7*jKd%_|KWs!sP2zv@I=lAKPPq* ȁt9| [x ` H.G)W_MO=;ˆ{QH&-WrS=[HVR*Pu5JlA7-0mI (FW{]%Kiy(^T2&)L*Y^Ӳ̏Ek]fXĦlpÓG7nwtARYaK*H2sDQ '#t ѥ|_k9 ked$$B*\L B̃I(YUoRfDx0{Ł/3d$.9 }MX1 J|k&Ȗz|M)m-;>Bq#⠄bq]`YfE$ۆ^>~ƨ jT\f)ng i(w~^#4hG+.8SܪS@{C+>:+h,e܄GiK3#!FX؀G7sK冶PG| %&>Q_ID. fLFUɚMNEff 9ru߶7T RJ!ȝV1bF:q00G$_A[*mݣ{zCMVgOHy;_Nt,C{&jwxn+(a 1ě#nK1a?1\QucOSYky+ec]H:Qv^$?JT 'a4J vu Z&Uh=KN-'>E,(VN3٦RFj_J^ޔ幧 瑣Ot\1@o]sKYG]zq7HN#-nH'p^YJ.Pf`GS=Xb`AD}I{V᜘kYlF/΃{}XfQۛF+V\8_&L?k<g|U\9BuוrmS.ӢEI&o炞0]Oa ջ,6 Oc It[S瀕݅ *j3_6:1KzǸ`HڀؗI~L.x/ƃhb4 ^-̃FRI t/;ܜP oKZ'E/b>C6rd GޮyGbھH#ckgQg.{f2 .oNb>*xBpFΞ'+q?,YIzU (C7/ mr(gvl<#-}"}(W-5:Ůw?SwQ H[k15l{|8v wϋ:8\ L z>%F PDHF"#8c> fJqS%)4|:!„f98p+nE/@$Gяl}ӹ-5]m^/O/ZoԊ8۬$?ZceciGBL~&>Nqs7ʒkV_ń֡K%!gB@/[:i! =.a??n 5w%3h)k뤕d|*[i͓:>קCUOoP^Paqn7@w-귫onYF]ms_C!tL9S3Fen1E@Q~wێ3hrNƚVyjF*ЊEBҁ?**/Og bR0eXqrcc#"Zԭ(8U~.n[.@B=H%j,X+_9}g&H bmx!lrB:w, w]S7W#T)^_w_&>ɇ6Ѓbe~T%zHtFzZs6G[t>=ۤtV1~(uYyՅ:R{&v̹]3ZL&};LrsX&lkn D/AˣV{->![Еr,)c"Wّ aMb~?EJ׍'}4/-Y'P^Jw-.>3}0K`u96dNɻL*Z˭%`4ENﻆrwx` ub[/ȂV8 JE7*Qb~1HY_ 5<JU=7G}HJsA)ocz 7UٖNQC97op~s7ޣcB]mh6C* Qo ަh 9a{Q_7mHղT綻Fim{]d5HR!HZ7GyAD=$d鋖E]ϵqI6  ]ʒ C3sNk^ޕEg;i/bmrJcnƬa5 ^6X_ Gl) +/|O3Ly+Fm YZ