diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000000000000000000000000000000000000..ecfbff5f8212ade8fe80254e1683f8769e08eae0 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,53 @@ +ARG BASE_REGISTRY=registry1.dso.mil +ARG BASE_IMAGE=ironbank/opensource/python/python36 +ARG BASE_TAG=3.6 + +FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG} + +COPY *.rpm / +COPY signatures/* / +COPY config/* /opt/zeek/etc/ + +USER 0 + +RUN dnf upgrade -y && \ + rpm --import RPM-GPG-KEY-CentOS-Official && \ + rpm --import RPM-GPG-KEY-EPEL-8 && \ + rpm --import repomd.xml.key && \ + dnf install -y openssl-devel zlib-devel && \ + dnf localinstall -y /libpcap-devel-1.9.1-4.el8.x86_64.rpm && \ + dnf localinstall -y /bind-9.11.20-5.el8_3.1.x86_64.rpm && \ + dnf localinstall -y /zeek-core-4.0.0-1.2.x86_64.rpm && \ + dnf localinstall -y /zeekctl-4.0.0-1.2.x86_64.rpm && \ + dnf localinstall -y /zeek-libcaf-devel-4.0.0-1.2.x86_64.rpm && \ + dnf localinstall -y /libbroker-devel-4.0.0-1.2.x86_64.rpm && \ + dnf localinstall -y /zeek-devel-4.0.0-1.2.x86_64.rpm && \ + dnf localinstall -y /zeek-btest-4.0.0-1.2.x86_64.rpm && \ + dnf localinstall -y /python3-smmap-3.0.1-2.el8.noarch.rpm && \ + dnf localinstall -y /python3-gitdb-4.0.1-2.el8.noarch.rpm && \ + dnf localinstall -y /python3-GitPython-3.1.0-1.el8.noarch.rpm && \ + dnf localinstall -y /python3-semantic_version-2.6.0-5.el8.noarch.rpm && \ + dnf localinstall -y /zeek-zkg-4.0.0-1.2.x86_64.rpm && \ + dnf localinstall -y /zeek-4.0.0-1.2.x86_64.rpm && \ + rm *.rpm RPM-GPG-KEY-CentOS-Official RPM-GPG-KEY-EPEL-8 repomd.xml.key && \ + chmod -R g-s /opt/zeek && \ + rm -f /usr/libexec/openssh/ssh-keysign && \ + dnf clean all && \ + rm -rf /var/cache/dnf + +ENV ZEEKPATH .:/data/config:/opt/zeek/share/zeek:/opt/zeek/share/zeek/policy:/opt/zeek/share/zeek/site +ENV PATH /opt/zeek/bin:$PATH + +WORKDIR /opt/zeek/logs + +VOLUME /opt/zeek/logs + +# accept incoming connections +EXPOSE 9999 + +HEALTHCHECK --start-period=3s --timeout=5s --interval=3s --retries=3 \ + CMD curl -fs http://localhost:9999 || exit 1 + +ENTRYPOINT ["/opt/zeek/bin/zeek"] + +CMD ["-h"] diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000000000000000000000000000000000000..995ff38d65dc2393f60f7631a492e0d228b09cda --- /dev/null +++ b/LICENSE @@ -0,0 +1,34 @@ +Copyright (c) 1995-2021, The Regents of the University of California +through the Lawrence Berkeley National Laboratory and the +International Computer Science Institute. All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + +(1) Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + +(2) Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + +(3) Neither the name of the University of California, Lawrence Berkeley + National Laboratory, U.S. Dept. of Energy, International Computer + Science Institute, nor the names of contributors may be used to endorse + or promote products derived from this software without specific prior + written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE +LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + +Note that some files in the distribution may carry their own copyright +notices. diff --git a/README.md b/README.md index 5dc6fa6db4361c22da2f35edf0544d83ba6001e2..ba24171bb8423f4a4195c5ac34227c1a190ed5ec 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,39 @@ -# +# zeek - The Zeek Network Security Monitor -Project template for all Iron Bank container repositories. \ No newline at end of file +Zeek is a powerful framework for network traffic analysis and security +monitoring. + +## Key Features + +* In-depth Analysis + Zeek ships with analyzers for many protocols, enabling + high-level semantic analysis at the application layer. + +* Adaptable & Flexible + Zeek's domain specific scripting language enables site-specific + monitoring policies and means that it is not restricted to any + particular detection approach. + +* Efficient + Zeek targets high-performance networks and is used operationally + at a variety of large sites. + +* Highly Stateful + Zeek keeps extensive application-layer state about the network + it monitors and provides a high-level archive of a network's + activity. + +## Documentation URLs + +The best place to find information about getting started with Zeek is +our web site https://www.zeek.org + +* Documentation https://www.zeek.org/documentation/index.html +* Installation Guide https://docs.zeek.org/en/stable/install/install.html +* Development https://www.zeek.org/development/index.html +* Community https://www.zeek.org/community/index.html + +## License + +Zeek comes with a BSD license, allowing for free use with virtually no +restrictions. You can find it in this repository. diff --git a/config/node.cfg b/config/node.cfg new file mode 100644 index 0000000000000000000000000000000000000000..7fe1b017d13bb1c3117401529fd81b599bb0c69e --- /dev/null +++ b/config/node.cfg @@ -0,0 +1,4 @@ +[zeek] +type=standalone +host=localhost +interface=eth0 # change this according to your listening interface in ifconfig diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml new file mode 100644 index 0000000000000000000000000000000000000000..2aff4dc7d1dd6136b95d0c80dd71e59affb1e5a7 --- /dev/null +++ b/hardening_manifest.yaml @@ -0,0 +1,119 @@ +--- +apiVersion: v1 + +# The repository name in registry1, excluding /ironbank/ +name: "opensource/zeek/zeek" + +# List of tags to push for the repository in registry1 +# The most specific version should be the first tag and will be shown +# on ironbank.dsop.io +tags: +- "v4.0.0" +- "latest" + +# Build args passed to Dockerfile ARGs +args: + BASE_IMAGE: "opensource/python/python36" + BASE_TAG: "3.6" + +# Docker image labels +labels: + org.opencontainers.image.title: "zeek" + ## Human-readable description of the software packaged in the image + org.opencontainers.image.description: "Zeek is a framework for network traffic analysis and security + monitoring" + ## License(s) under which contained software is distributed + org.opencontainers.image.licenses: "BSD license" + ## URL to find more information on the image + org.opencontainers.image.url: "https://github.com/zeek/zeek" + ## Name of the distributing entity, organization or individual + org.opencontainers.image.vendor: "Zeek" + org.opencontainers.image.version: "v4.0.0" + ## Keywords to help with search (ex. "cicd,gitops,golang") + mil.dso.ironbank.image.keywords: "opensource" + ## This value can be "opensource" or "commercial" + mil.dso.ironbank.image.type: "opensource" + ## Product the image belongs to for grouping multiple images + mil.dso.ironbank.product.name: "Zeek" + +# List of resources to make available to the offline build context +resources: +- filename: zeek-4.0.0-1.2.x86_64.rpm + url: https://download.zeek.org/binary-packages/CentOS_8/x86_64/zeek-4.0.0-1.2.x86_64.rpm + validation: + type: sha256 + value: ea5eec08f4cc416f6dec94016621aa86e8b81665cb3c5ef6d569dbf7971b9160 +- filename: zeek-core-4.0.0-1.2.x86_64.rpm + url: https://download.zeek.org/binary-packages/CentOS_8/x86_64/zeek-core-4.0.0-1.2.x86_64.rpm + validation: + type: sha256 + value: de87b905723a906f608058ab7c053207db3ddcb9be2528ff94a70c260a516e71 +- filename: zeekctl-4.0.0-1.2.x86_64.rpm + url: https://download.zeek.org/binary-packages/CentOS_8/x86_64/zeekctl-4.0.0-1.2.x86_64.rpm + validation: + type: sha256 + value: 17ca199b1bad89488e9afcc78fce01765b4407b869a72573cc9c772b2a7b7bd8 +- filename: zeek-devel-4.0.0-1.2.x86_64.rpm + url: https://download.zeek.org/binary-packages/CentOS_8/x86_64/zeek-devel-4.0.0-1.2.x86_64.rpm + validation: + type: sha256 + value: 73558e4b7d7295b04feca71d6769d92a6f927e7261ece291e0913686c8fdf101 +- filename: zeek-libcaf-devel-4.0.0-1.2.x86_64.rpm + url: https://download.zeek.org/binary-packages/CentOS_8/x86_64/zeek-libcaf-devel-4.0.0-1.2.x86_64.rpm + validation: + type: sha256 + value: 2ee88d08baa0efa0b49374c6864bcaaa29d714976b8a9eddb281cb38491db777 +- filename: libbroker-devel-4.0.0-1.2.x86_64.rpm + url: https://download.zeek.org/binary-packages/CentOS_8/x86_64/libbroker-devel-4.0.0-1.2.x86_64.rpm + validation: + type: sha256 + value: 02eae87f068ce4674157ca8f98d90c3ea832b8f4032c1935314793fbd66bb0ac +- filename: zeek-btest-4.0.0-1.2.x86_64.rpm + url: https://download.zeek.org/binary-packages/CentOS_8/x86_64/zeek-btest-4.0.0-1.2.x86_64.rpm + validation: + type: sha256 + value: bd38666aee10fb430e644bdd95d82adcb8f66b98ceacf65ef400727b7291256f +- filename: zeek-zkg-4.0.0-1.2.x86_64.rpm + url: https://download.zeek.org/binary-packages/CentOS_8/x86_64/zeek-zkg-4.0.0-1.2.x86_64.rpm + validation: + type: sha256 + value: a5c04a319340761202dbe8363621002ded79dbf81b6f2e56412a928038b08253 +- filename: libpcap-devel-1.9.1-4.el8.x86_64.rpm + url: http://mirror.centos.org/centos/8/PowerTools/x86_64/os/Packages/libpcap-devel-1.9.1-4.el8.x86_64.rpm + validation: + type: sha256 + value: 4f967ea5444c35b6c3bf331dbf4a65761582c4084a0e73e723353964a29b6707 +- filename: python3-semantic_version-2.6.0-5.el8.noarch.rpm + url: http://mirror.centos.org/centos/8/AppStream/aarch64/os/Packages/python3-semantic_version-2.6.0-5.el8.noarch.rpm + validation: + type: sha256 + value: a3bd7684ba2b6952c8d7ce3fe9055f9a29ed47ebee5acb0207e8c183d754b659 +- filename: python3-GitPython-3.1.0-1.el8.noarch.rpm + url: https://download-ib01.fedoraproject.org/pub/epel/8/Everything/aarch64/Packages/p/python3-GitPython-3.1.0-1.el8.noarch.rpm + validation: + type: sha256 + value: 76f7a705620e405429fc93d18aeda1d7a2273de42fb7d1861e3877759e6575d4 +- filename: python3-gitdb-4.0.1-2.el8.noarch.rpm + url: https://download-ib01.fedoraproject.org/pub/epel/8/Everything/aarch64/Packages/p/python3-gitdb-4.0.1-2.el8.noarch.rpm + validation: + type: sha256 + value: 04731f6c5b8709d268e7ddf4f180fe92d183709d3e49f7e3520b71f81fee2354 +- filename: python3-smmap-3.0.1-2.el8.noarch.rpm + url: https://download-ib01.fedoraproject.org/pub/epel/8/Everything/aarch64/Packages/p/python3-smmap-3.0.1-2.el8.noarch.rpm + validation: + type: sha256 + value: 4fd61dd28a6a07f205f5dc95e5a6153a6eabe1061b5be60e264aa55ba520e2a6 +- filename: bind-9.11.20-5.el8_3.1.x86_64.rpm + url: http://mirror.centos.org/centos/8/AppStream/x86_64/os/Packages/bind-9.11.20-5.el8_3.1.x86_64.rpm + validation: + type: sha256 + value: 7ef153e7014c76ca1fe36019d58a0bd936e8d07495fc25aa94c2594400a6ea73 + +# List of project maintainers +maintainers: +- email: "shen_vickie@bah.com" +# # The name of the current container owner + name: "Vickie Shen" +# # The gitlab username of the current container owner + username: "shen_vickie" + cht_member: true diff --git a/renovate.json b/renovate.json new file mode 100644 index 0000000000000000000000000000000000000000..7443a86f10201d2abf683a63e1c171c2413cace1 --- /dev/null +++ b/renovate.json @@ -0,0 +1,30 @@ +{ + "assignees": [ + "vickie.shen" + ], + "baseBranches": [ + "development" + ], + "regexManagers": [ + { + "fileMatch": [ + "^hardening_manifest.yaml$" + ], + "matchStrings": [ + "org\\.opencontainers\\.image\\.version:\\s+\"(?.+?)\"" + ], + "depNameTemplate": "zeek/zeek", + "datasourceTemplate": "github-releases" + }, + { + "fileMatch": [ + "^hardening_manifest.yaml$" + ], + "matchStrings": [ + "tags:\\s+-\\s+\"(?.+?)\"" + ], + "depNameTemplate": "zeek/zeek", + "datasourceTemplate": "github-releases" + } + ] +} diff --git a/signatures/RPM-GPG-KEY-CentOS-Official b/signatures/RPM-GPG-KEY-CentOS-Official new file mode 100644 index 0000000000000000000000000000000000000000..94ebc832d22a6991a9941ec5fa96fed3bf104f52 --- /dev/null +++ b/signatures/RPM-GPG-KEY-CentOS-Official @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v2.0.22 (GNU/Linux) + +mQINBFzMWxkBEADHrskpBgN9OphmhRkc7P/YrsAGSvvl7kfu+e9KAaU6f5MeAVyn +rIoM43syyGkgFyWgjZM8/rur7EMPY2yt+2q/1ZfLVCRn9856JqTIq0XRpDUe4nKQ +8BlA7wDVZoSDxUZkSuTIyExbDf0cpw89Tcf62Mxmi8jh74vRlPy1PgjWL5494b3X +5fxDidH4bqPZyxTBqPrUFuo+EfUVEqiGF94Ppq6ZUvrBGOVo1V1+Ifm9CGEK597c +aevcGc1RFlgxIgN84UpuDjPR9/zSndwJ7XsXYvZ6HXcKGagRKsfYDWGPkA5cOL/e +f+yObOnC43yPUvpggQ4KaNJ6+SMTZOKikM8yciyBwLqwrjo8FlJgkv8Vfag/2UR7 +JINbyqHHoLUhQ2m6HXSwK4YjtwidF9EUkaBZWrrskYR3IRZLXlWqeOi/+ezYOW0m +vufrkcvsh+TKlVVnuwmEPjJ8mwUSpsLdfPJo1DHsd8FS03SCKPaXFdD7ePfEjiYk +nHpQaKE01aWVSLUiygn7F7rYemGqV9Vt7tBw5pz0vqSC72a5E3zFzIIuHx6aANry +Gat3aqU3qtBXOrA/dPkX9cWE+UR5wo/A2UdKJZLlGhM2WRJ3ltmGT48V9CeS6N9Y +m4CKdzvg7EWjlTlFrd/8WJ2KoqOE9leDPeXRPncubJfJ6LLIHyG09h9kKQARAQAB +tDpDZW50T1MgKENlbnRPUyBPZmZpY2lhbCBTaWduaW5nIEtleSkgPHNlY3VyaXR5 +QGNlbnRvcy5vcmc+iQI3BBMBAgAhBQJczFsZAhsDBgsJCAcDAgYVCAIJCgsDFgIB +Ah4BAheAAAoJEAW1VbOEg8ZdjOsP/2ygSxH9jqffOU9SKyJDlraL2gIutqZ3B8pl +Gy/Qnb9QD1EJVb4ZxOEhcY2W9VJfIpnf3yBuAto7zvKe/G1nxH4Bt6WTJQCkUjcs +N3qPWsx1VslsAEz7bXGiHym6Ay4xF28bQ9XYIokIQXd0T2rD3/lNGxNtORZ2bKjD +vOzYzvh2idUIY1DgGWJ11gtHFIA9CvHcW+SMPEhkcKZJAO51ayFBqTSSpiorVwTq +a0cB+cgmCQOI4/MY+kIvzoexfG7xhkUqe0wxmph9RQQxlTbNQDCdaxSgwbF2T+gw +byaDvkS4xtR6Soj7BKjKAmcnf5fn4C5Or0KLUqMzBtDMbfQQihn62iZJN6ZZ/4dg +q4HTqyVpyuzMXsFpJ9L/FqH2DJ4exGGpBv00ba/Zauy7GsqOc5PnNBsYaHCply0X +407DRx51t9YwYI/ttValuehq9+gRJpOTTKp6AjZn/a5Yt3h6jDgpNfM/EyLFIY9z +V6CXqQQ/8JRvaik/JsGCf+eeLZOw4koIjZGEAg04iuyNTjhx0e/QHEVcYAqNLhXG +rCTTbCn3NSUO9qxEXC+K/1m1kaXoCGA0UWlVGZ1JSifbbMx0yxq/brpEZPUYm+32 +o8XfbocBWljFUJ+6aljTvZ3LQLKTSPW7TFO+GXycAOmCGhlXh2tlc6iTc41PACqy +yy+mHmSv +=kkH7 +-----END PGP PUBLIC KEY BLOCK----- \ No newline at end of file diff --git a/signatures/RPM-GPG-KEY-EPEL-8 b/signatures/RPM-GPG-KEY-EPEL-8 new file mode 100644 index 0000000000000000000000000000000000000000..30b69a6295afc0e0bfb4aff0bec9b04ae05edfe7 --- /dev/null +++ b/signatures/RPM-GPG-KEY-EPEL-8 @@ -0,0 +1,28 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBFz3zvsBEADJOIIWllGudxnpvJnkxQz2CtoWI7godVnoclrdl83kVjqSQp+2 +dgxuG5mUiADUfYHaRQzxKw8efuQnwxzU9kZ70ngCxtmbQWGmUmfSThiapOz00018 ++eo5MFabd2vdiGo1y+51m2sRDpN8qdCaqXko65cyMuLXrojJHIuvRA/x7iqOrRfy +a8x3OxC4PEgl5pgDnP8pVK0lLYncDEQCN76D9ubhZQWhISF/zJI+e806V71hzfyL +/Mt3mQm/li+lRKU25Usk9dWaf4NH/wZHMIPAkVJ4uD4H/uS49wqWnyiTYGT7hUbi +ecF7crhLCmlRzvJR8mkRP6/4T/F3tNDPWZeDNEDVFUkTFHNU6/h2+O398MNY/fOh +yKaNK3nnE0g6QJ1dOH31lXHARlpFOtWt3VmZU0JnWLeYdvap4Eff9qTWZJhI7Cq0 +Wm8DgLUpXgNlkmquvE7P2W5EAr2E5AqKQoDbfw/GiWdRvHWKeNGMRLnGI3QuoX3U +pAlXD7v13VdZxNydvpeypbf/AfRyrHRKhkUj3cU1pYkM3DNZE77C5JUe6/0nxbt4 +ETUZBTgLgYJGP8c7PbkVnO6I/KgL1jw+7MW6Az8Ox+RXZLyGMVmbW/TMc8haJfKL +MoUo3TVk8nPiUhoOC0/kI7j9ilFrBxBU5dUtF4ITAWc8xnG6jJs/IsvRpQARAQAB +tChGZWRvcmEgRVBFTCAoOCkgPGVwZWxAZmVkb3JhcHJvamVjdC5vcmc+iQI4BBMB +AgAiBQJc9877AhsPBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRAh6kWrL4bW +oWagD/4xnLWws34GByVDQkjprk0fX7Iyhpm/U7BsIHKspHLL+Y46vAAGY/9vMvdE +0fcr9Ek2Zp7zE1RWmSCzzzUgTG6BFoTG1H4Fho/7Z8BXK/jybowXSZfqXnTOfhSF +alwDdwlSJvfYNV9MbyvbxN8qZRU1z7PEWZrIzFDDToFRk0R71zHpnPTNIJ5/YXTw +NqU9OxII8hMQj4ufF11040AJQZ7br3rzerlyBOB+Jd1zSPVrAPpeMyJppWFHSDAI +WK6x+am13VIInXtqB/Cz4GBHLFK5d2/IYspVw47Solj8jiFEtnAq6+1Aq5WH3iB4 +bE2e6z00DSF93frwOyWN7WmPIoc2QsNRJhgfJC+isGQAwwq8xAbHEBeuyMG8GZjz +xohg0H4bOSEujVLTjH1xbAG4DnhWO/1VXLX+LXELycO8ZQTcjj/4AQKuo4wvMPrv +9A169oETG+VwQlNd74VBPGCvhnzwGXNbTK/KH1+WRH0YSb+41flB3NKhMSU6dGI0 +SGtIxDSHhVVNmx2/6XiT9U/znrZsG5Kw8nIbbFz+9MGUUWgJMsd1Zl9R8gz7V9fp +n7L7y5LhJ8HOCMsY/Z7/7HUs+t/A1MI4g7Q5g5UuSZdgi0zxukiWuCkLeAiAP4y7 +zKK4OjJ644NDcWCHa36znwVmkz3ixL8Q0auR15Oqq2BjR/fyog== +=84m8 +-----END PGP PUBLIC KEY BLOCK----- diff --git a/signatures/repomd.xml.key b/signatures/repomd.xml.key new file mode 100644 index 0000000000000000000000000000000000000000..23c0ddb80c628f6e4fca6ea1fe8080515172817c --- /dev/null +++ b/signatures/repomd.xml.key @@ -0,0 +1,20 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.5 (GNU/Linux) + +mQENBFODA6oBCAC1ZlvBSl+aNBm+NH7xGiNa8JRpZ0ujQIc941ozc2T2Pqe3tscZ +Z6KjsqSwTX6jzomTgGyqJDYd308KEHeqIMuZVlCZQDsyHb6YiuOa051ice3eas94 +PVJ+z6Do9zSVOLwc0xsdy4jBdiB7K5XN3iGmmboK3oiFbNJRP0b+saFSJ3R9lQQ6 +c7iD++tFl36/ovwWitwqzJ3cYuWeGxHjBvTV4YCQb2JECQgskfloHcjqMIyevJm1 +4KNmrHn2Q12qPfrHECtnf/hP/9yrCvbekT/aLWx/IV/vIQdHJPwnYDRFDN6tyuDJ +kh4QVYYyFaKaSHNJ2it3lRMeIAzaCnSVJQ8lABEBAAG0MnNlY3VyaXR5IE9CUyBQ +cm9qZWN0IDxzZWN1cml0eUBidWlsZC5vcGVuc3VzZS5vcmc+iQE+BBMBAgAoBQJb +3PRcAhsDBQkMeKCyBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRBp0bKq7j0W +ajhOB/9SXnFdzfUQPHrNIqTC0vzHaSsRueFE4ektdaOG9Luku3gPolJQ/LzVd6Dq +2dApFix96PR9Z4EUI5U/Bgbh0UDhcoOgOFv5hC98h9+cIBpOAXi/j7vOc2vpxdQs +ELvplesgbH+BCoIvG0ssKVbPG0A3bqLCeABUTuG7W0Tb1PtIKXqIl/DoOjfEU7gV +pYVOrke5grPJ5BSV9ZG8Zuz9/GtN3tH4mJVEkMDb6flKZ15epgX7VzLSkEhZodwq +cSYQuuniA9XjMgNnHrdL07jE4zLI9KO5UEnRht9Z4yWU0bzSGzU0zXmbTl4iAjAw +bgf3B7FMvJkcaGYD0ZTVd0X5M73GiEYEExECAAYFAlODA6sACgkQOzARt2udZSO5 +wgCfdn5fA8nzafycfrO4iXjg7/E34E4AnixpDpJ8llW/+4r+MC59fMWa59oj +=CIXb +-----END PGP PUBLIC KEY BLOCK-----