DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth-v1/etc/nevis/k8s-ob-auth-d00b0dcbe241793d30daf91c.yaml

@@ -11,8 +11,8 @@ metadata:
 spec:
   type: "NevisAuth"
   replicas: 1
-  version: "8.2505.5"
+  version: "8.2411.1"
-  gitInitVersion: "1.4.0"
+  gitInitVersion: "1.3.0"
   runAsNonRoot: true
   ports:
     management: 9000
@@ -20,10 +20,10 @@ spec:
   resources:
     limits:
       cpu: "1000m"
-      memory: "1200Mi"
+      memory: "1000Mi"
     requests:
       cpu: "20m"
-      memory: "600Mi"
+      memory: "200Mi"
   livenessProbe:
     soap:
       tcpSocket: true
@@ -39,23 +39,20 @@ spec:
     management:
       httpGet:
         path: "/nevisauth/liveness"
-      initialDelaySeconds: 50
       periodSeconds: 5
       timeoutSeconds: 6
-      failureThreshold: 30
+      failureThreshold: 50
   podDisruptionBudget:
     maxUnavailable: "50%"
   git:
-    tag: "r-bba80526cea899b1947578419a14c74492ea501f"
+    tag: "r-1c2c7885c3bbd904e080922c99d4a254fdc92559"
     dir: "DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth-v1"
     credentials: "git-credentials"
   keystores:
-  - "ob-auth-sh4r3d-default-default-signer"
   - "ob-auth-v1-default-identity"
   - "ob-auth-v1-ob-realm-accessapp-registration-nevisfido-tls-client"
   truststores:
   - "ob-auth-v1-ob-realm-accessapp-registration-nevisfido-tls-trust"
-  - "ob-auth-v1-default-default-signer-trust"
   - "ob-auth-v1-default-tls-client-trust"
   - "ob-auth-v1-agov-work-internal-trust-store"
   podSecurity:

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth-v1/etc/nevis/k8s-ob-auth-sh4r3d-default-default-signer-d00b0dcbe241793d30daf91c.yaml

@@ -1,16 +0,0 @@
-apiVersion: "operator.nevis-security.ch/v1"
-kind: "NevisKeyStore"
-metadata:
-  name: "ob-auth-sh4r3d-default-default-signer"
-  namespace: "adn-agov-nevisidm-ob-01-uat"
-  labels:
-    deploymentTarget: "ob-auth-v1"
-  annotations:
-    projectKey: "DEFAULT-ADN-AGOV-WORK-OB-PROJECT"
-    patternId: "d00b0dcbe241793d30daf91c"
-spec:
-  cn: "signer"
-  usage: "signer"
-  san:
-    dns: []
-    email: []

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth-v1/etc/nevis/k8s-ob-auth-v1-default-default-signer-trust-d00b0dcbe241793d30daf91c.yaml

@@ -1,14 +0,0 @@
-apiVersion: "operator.nevis-security.ch/v1"
-kind: "NevisTrustStore"
-metadata:
-  name: "ob-auth-v1-default-default-signer-trust"
-  namespace: "adn-agov-nevisidm-ob-01-uat"
-  labels:
-    deploymentTarget: "ob-auth-v1"
-  annotations:
-    projectKey: "DEFAULT-ADN-AGOV-WORK-OB-PROJECT"
-    patternId: "d00b0dcbe241793d30daf91c"
-spec:
-  keystores:
-  - name: "ob-auth-sh4r3d-default-default-signer"
-    namespace: "adn-agov-nevisidm-ob-01-uat"

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth-v1/var/opt/keys/own/ob-auth-signer/cert.pem

@@ -0,0 +1,17 @@
+-----BEGIN CERTIFICATE-----
+MIICwzCCAmmgAwIBAgIRAIgdSB3tN8ZLL8RUMEGevQQwCgYIKoZIzj0EAwIwGDEW
+MBQGA1UEAxMNc2VsZnNpZ25lZC1jYTAeFw0yNDA3MTcwNzI5MDFaFw0yNTA3MTcw
+NzI5MDFaMFYxCzAJBgNVBAYTAkNIMQwwCgYDVQQIEwNLOFMxDDAKBgNVBAcTA0s4
+UzEMMAoGA1UEChMDSzhTMQwwCgYDVQQLEwNLOFMxDzANBgNVBAMTBnNpZ25lcjCC
+ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOyJFpEW1XRq43YwOU/e9ufh
+128Yct8Q3f6HoRaXpUmygAkUsyBwOLWmwNeS80SLyOVegco6kGOdoMvnZsLX3ujf
+cASkbN+93xhc2MpJXvfWbLbFGrpuQki3V5Banw+UulBuTltFLmxaIRXs1y4Ny2uh
+US98LjFY3YD+3d5WG7UpgRTJ+x+t+8nqnPVOJ5asfcirM8/lRB4drUAwCOv51XLR
+fRbqCaXKpVaiw/vD5KpAOUH2N1cikfOTOY6rce0wgVDGS7eoCfkCN4gT1LG+134M
+p0KT3FBikTGdkH6dQ52nTn7xm5byJvNYzq+2zKGdosYAGurdGGw+KLFsFKCpB40C
+AwEAAaOBijCBhzAOBgNVHQ8BAf8EBAMCB4AwHQYDVR0lBBYwFAYIKwYBBQUHAwEG
+CCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAU+2EaFiIx8JLxYnML
+5NE8f8gOLlEwJwYDVR0RBCAwHoIGc2lnbmVygRRub3JlcGx5QGxvY2FsLmRvbWFp
+bjAKBggqhkjOPQQDAgNIADBFAiBxCyNHGWTpj8oma8cY/rUVMZu/BSDH7zzrDhh6
+Q9eJegIhAIGivTcBUZvogUDfNo7IXmmxDqZHrjpoLeu6+VgTY9Qs
+-----END CERTIFICATE-----

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth-v1/var/opt/keys/own/ob-auth-signer/key.pem

@@ -0,0 +1,30 @@
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIIFKzBVBgkqhkiG9w0BBQ0wSDAnBgkqhkiG9w0BBQwwGgQU5G+vkuO2cctjh5w3
+9UCspxzos1oCAggAMB0GCWCGSAFlAwQBKgQQk38FPw+39UGxhLjFx1ZinwSCBNBF
+yCOvE7KGjMIkIEm1hm+Pi5VKUKUVh4spl3aT4BcYNtcGrQ6YSTHp5V5Y+O24GJTB
+3EzH0Cg1YqFZdu/O361nVd9wQrduk35n4pTfWZrBkZ7LnUIvIfmvwowCk/sIT2R+
+ei/ljQcXlzZB5He5SB4qu7OywIHArp13701sBGYyl4kUqPXx/FVC9gkiK5dzHfoi
+t6PK8nbykDYhiMn7L4CuDGItCjjcdfat/Il3ycPsnvQX6z3iX9sIOxHpLRSZqkB/
+Da/VLC7h+t6J5NpudpGXHhZBTq5ov6LOFsFesV8+ZkHaCqAeuZiUBFYKK9de5KUr
+wxb5HDjA595l/oeiPtbeH9yocZhNf0vza4520AeuwEqmzKYfvmKz/pKTwLy1VbK5
+88+bIPw3vz6VP1riP8ULVBOAV3kAKU0NRQd6lnIorDQ6MkEHO3JOyFNKYNswF8tu
+s7gEzSKg8eBA/B+L8liczo89ItImyudXCHwEWcJY6uzKEaHxg2HS1DDD/pI8w8Sl
+mU6OQnlL5sm2X82H75tAkni03aQueL43qE5LN5QCcXUrVO9Un737fX2/m2fZB/b9
+pmy4CWjwDrXXsABf3mgiaBFbXzxRO8zDtDmNzsZnuywLNepsv1nPEV8tI7WO6c+J
+Bwba8h/Vz9ulNd8u/bX3TPr/FGgAmfIwf8Hz2Rmy4Jy6Dt7nlLOYT6NSx5QNXujC
+0vEnF8WQaCt+KHxOERb/5zb/OlVS+4Fech9NGmmTSfmTakGbmN6H7VpHa20q98fL
+b8jLbQaDDrJ1wOumykfCAzsDpq5uGjLBu7qqTF9ZOFbNc00wAcLiZd7Oavmzocn5
+PbS22IdutIhqJtREqJaZYstXQ1bzdKfPjML+SPjDb9mbqlzDFvikqDyCMpje8X7v
+/bulMe/8ViEn6WemfCULrBbchFZpgRBmZFtUiNqYuv1Ib+mx83Wha8ApdvdclYn4
+S8FBeZ8u+6usCz5QvaiLTyI5CTKf6u8fnaJ3mfa2yPEyq4tKVjoIliVAGMAX2v6b
+Ky5Wq6UzhoRPnDdXxAsPsnypAVmfLBHea10VZd/cGH6eTKdi15PLnFqvlnFaSxVS
+irR77Ze0As/+CZ3sD6vxihHGw94y4gWYYjr3NJwTR9aUQHHondh0UYE0aNarQiRz
+DEVUhM6hCiQZAdp6VqgVlow4TCZ4KLAWlpXthOLml7dcZBPc+kLAhP30LFvbEDFS
+/3TCHZeedFJfyY99fQOe43Qz2cftJhQzYuCxTo+bLG8rR+x3MNY9Mj20a1fVNCDr
+/cc5jEu04tnr9g7UNBeGXXsTfX9oDAJeepp3w05AQKMoPBO1ow6REUDcrOoITmaj
+Xdfr1uY41WQEJGURE/edArpJDsamml5qfecuW18RLGKKN2uMbTPV6+xGhpwlxFyL
+pv08rFkSTuOr8EHCtA4I7YsPE8pwAcVQJX9eveP6JbebxLJcazX5BzYFcZe0fyye
+EvLYNM/ppExaajWNddvluvxiJ36MOXR7Kn4jQIRmRl4nzroQ8OsrNn9GlpXmn7zn
+8yHp19awVyjy5DTRq9b79Dj27bBxsB/nm85DhFUDLLNCBIA80msIg7+GwjCgy4dx
+6joKO6WQzBap8NP2Y5Vk3EA89wHWhw42I1G4s/mXug==
+-----END ENCRYPTED PRIVATE KEY-----

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth-v1/var/opt/keys/own/ob-auth-signer/keypass

@@ -0,0 +1,2 @@
+#!/bin/bash
+echo 'yQ4X0JxsgxmmuG5j14vIdkdkqTJOEqog7Xs5UgVbo='

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth-v1/var/opt/keys/own/ob-auth-signer/keystore.pem

@@ -0,0 +1,48 @@
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIIFKzBVBgkqhkiG9w0BBQ0wSDAnBgkqhkiG9w0BBQwwGgQU5G+vkuO2cctjh5w3
+9UCspxzos1oCAggAMB0GCWCGSAFlAwQBKgQQk38FPw+39UGxhLjFx1ZinwSCBNBF
+yCOvE7KGjMIkIEm1hm+Pi5VKUKUVh4spl3aT4BcYNtcGrQ6YSTHp5V5Y+O24GJTB
+3EzH0Cg1YqFZdu/O361nVd9wQrduk35n4pTfWZrBkZ7LnUIvIfmvwowCk/sIT2R+
+ei/ljQcXlzZB5He5SB4qu7OywIHArp13701sBGYyl4kUqPXx/FVC9gkiK5dzHfoi
+t6PK8nbykDYhiMn7L4CuDGItCjjcdfat/Il3ycPsnvQX6z3iX9sIOxHpLRSZqkB/
+Da/VLC7h+t6J5NpudpGXHhZBTq5ov6LOFsFesV8+ZkHaCqAeuZiUBFYKK9de5KUr
+wxb5HDjA595l/oeiPtbeH9yocZhNf0vza4520AeuwEqmzKYfvmKz/pKTwLy1VbK5
+88+bIPw3vz6VP1riP8ULVBOAV3kAKU0NRQd6lnIorDQ6MkEHO3JOyFNKYNswF8tu
+s7gEzSKg8eBA/B+L8liczo89ItImyudXCHwEWcJY6uzKEaHxg2HS1DDD/pI8w8Sl
+mU6OQnlL5sm2X82H75tAkni03aQueL43qE5LN5QCcXUrVO9Un737fX2/m2fZB/b9
+pmy4CWjwDrXXsABf3mgiaBFbXzxRO8zDtDmNzsZnuywLNepsv1nPEV8tI7WO6c+J
+Bwba8h/Vz9ulNd8u/bX3TPr/FGgAmfIwf8Hz2Rmy4Jy6Dt7nlLOYT6NSx5QNXujC
+0vEnF8WQaCt+KHxOERb/5zb/OlVS+4Fech9NGmmTSfmTakGbmN6H7VpHa20q98fL
+b8jLbQaDDrJ1wOumykfCAzsDpq5uGjLBu7qqTF9ZOFbNc00wAcLiZd7Oavmzocn5
+PbS22IdutIhqJtREqJaZYstXQ1bzdKfPjML+SPjDb9mbqlzDFvikqDyCMpje8X7v
+/bulMe/8ViEn6WemfCULrBbchFZpgRBmZFtUiNqYuv1Ib+mx83Wha8ApdvdclYn4
+S8FBeZ8u+6usCz5QvaiLTyI5CTKf6u8fnaJ3mfa2yPEyq4tKVjoIliVAGMAX2v6b
+Ky5Wq6UzhoRPnDdXxAsPsnypAVmfLBHea10VZd/cGH6eTKdi15PLnFqvlnFaSxVS
+irR77Ze0As/+CZ3sD6vxihHGw94y4gWYYjr3NJwTR9aUQHHondh0UYE0aNarQiRz
+DEVUhM6hCiQZAdp6VqgVlow4TCZ4KLAWlpXthOLml7dcZBPc+kLAhP30LFvbEDFS
+/3TCHZeedFJfyY99fQOe43Qz2cftJhQzYuCxTo+bLG8rR+x3MNY9Mj20a1fVNCDr
+/cc5jEu04tnr9g7UNBeGXXsTfX9oDAJeepp3w05AQKMoPBO1ow6REUDcrOoITmaj
+Xdfr1uY41WQEJGURE/edArpJDsamml5qfecuW18RLGKKN2uMbTPV6+xGhpwlxFyL
+pv08rFkSTuOr8EHCtA4I7YsPE8pwAcVQJX9eveP6JbebxLJcazX5BzYFcZe0fyye
+EvLYNM/ppExaajWNddvluvxiJ36MOXR7Kn4jQIRmRl4nzroQ8OsrNn9GlpXmn7zn
+8yHp19awVyjy5DTRq9b79Dj27bBxsB/nm85DhFUDLLNCBIA80msIg7+GwjCgy4dx
+6joKO6WQzBap8NP2Y5Vk3EA89wHWhw42I1G4s/mXug==
+-----END ENCRYPTED PRIVATE KEY-----
+
+-----BEGIN CERTIFICATE-----
+MIICwzCCAmmgAwIBAgIRAIgdSB3tN8ZLL8RUMEGevQQwCgYIKoZIzj0EAwIwGDEW
+MBQGA1UEAxMNc2VsZnNpZ25lZC1jYTAeFw0yNDA3MTcwNzI5MDFaFw0yNTA3MTcw
+NzI5MDFaMFYxCzAJBgNVBAYTAkNIMQwwCgYDVQQIEwNLOFMxDDAKBgNVBAcTA0s4
+UzEMMAoGA1UEChMDSzhTMQwwCgYDVQQLEwNLOFMxDzANBgNVBAMTBnNpZ25lcjCC
+ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOyJFpEW1XRq43YwOU/e9ufh
+128Yct8Q3f6HoRaXpUmygAkUsyBwOLWmwNeS80SLyOVegco6kGOdoMvnZsLX3ujf
+cASkbN+93xhc2MpJXvfWbLbFGrpuQki3V5Banw+UulBuTltFLmxaIRXs1y4Ny2uh
+US98LjFY3YD+3d5WG7UpgRTJ+x+t+8nqnPVOJ5asfcirM8/lRB4drUAwCOv51XLR
+fRbqCaXKpVaiw/vD5KpAOUH2N1cikfOTOY6rce0wgVDGS7eoCfkCN4gT1LG+134M
+p0KT3FBikTGdkH6dQ52nTn7xm5byJvNYzq+2zKGdosYAGurdGGw+KLFsFKCpB40C
+AwEAAaOBijCBhzAOBgNVHQ8BAf8EBAMCB4AwHQYDVR0lBBYwFAYIKwYBBQUHAwEG
+CCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAU+2EaFiIx8JLxYnML
+5NE8f8gOLlEwJwYDVR0RBCAwHoIGc2lnbmVygRRub3JlcGx5QGxvY2FsLmRvbWFp
+bjAKBggqhkjOPQQDAgNIADBFAiBxCyNHGWTpj8oma8cY/rUVMZu/BSDH7zzrDhh6
+Q9eJegIhAIGivTcBUZvogUDfNo7IXmmxDqZHrjpoLeu6+VgTY9Qs
+-----END CERTIFICATE-----

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth-v1/var/opt/nevisauth/default/conf/LitDict.properties

@@ -1,9 +1,9 @@
 
 accept.button.label=Accept
+button.submit=Submit
 cancel.button.label=Cancel
 continue.button.label=Continue
 deputy.profile.label=(Deputy Profile)
-error.account.exists=Account already exists. Continue to log in.
 error.policy.failed=The new password does not comply with the policy.
 error.saml.failed=Please close your browser and try again.
 error_1=Please check your input.
@@ -85,8 +85,6 @@ pwreset.email.sent=If your user ID exists, an email to reset your password has b
 pwreset.info.linktext=Password forgotten
 pwreset.noticket=Your password reset link is no longer valid. Please generate a new one.
 reject.button.label=Deny
-signup.button.label=Signup
-skip.button.label=Skip
 submit.button.label=Submit
 tan.sent=Please enter the security code which has been sent to your mobile phone.
 title.login=Login
@@ -97,7 +95,6 @@ title.oauth.consent=Client Authorization
 title.pwchange.label=Password Change
 title.pwreset=Password Forgotten
 title.saml.failed=Error
-title.signup=Create account
 title.signup.passwordless=Go passwordless
 title.signup.passwordless.failed=Failed to turn on passwordless
 title.timeout.page=Logout

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth-v1/var/opt/nevisauth/default/conf/LitDict_de.properties

@@ -1,9 +1,9 @@
 
 accept.button.label=Akzeptieren
+button.submit=Senden
 cancel.button.label=Abbrechen
 continue.button.label=Weiter
 deputy.profile.label=(Profil Stellvertreter)
-error.account.exists=Konto existiert bereits. Melden Sie sich an.
 error.policy.failed=Das neue Passwort stimmt nicht mit der Richtlinie überein.
 error.saml.failed=Bitte schliessen Sie Ihren Browser und versuchen Sie es erneut.
 error_1=Bitte überprüfen Sie Ihre Eingabe.
@@ -85,8 +85,6 @@ pwreset.email.sent=Wenn Ihre Benutzer-ID existiert, haben Sie eine E-Mail erhalt
 pwreset.info.linktext=Passwort vergessen
 pwreset.noticket=Ihr Link ist nicht mehr gültig. Bitte generieren Sie ein Neuen.
 reject.button.label=Ablehnen
-signup.button.label=Registrieren
-skip.button.label=Überspringen
 submit.button.label=Senden
 tan.sent=Bitte erfassen Sie den Sicherheitscode, welcher an Ihr Mobiltelefon gesendet wurde.
 title.login=Login
@@ -97,7 +95,6 @@ title.oauth.consent=Client Authorisierung
 title.pwchange.label=Passwort ändern
 title.pwreset=Passwort Vergesssen
 title.saml.failed=Error
-title.signup=Konto erstellen
 title.signup.passwordless=Login ohne Passwort
 title.signup.passwordless.failed=Login ohne Passwort konnte nicht aktiviert werden
 title.timeout.page=Logout

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth-v1/var/opt/nevisauth/default/conf/LitDict_en.properties

@@ -1,9 +1,9 @@
 
 accept.button.label=Accept
+button.submit=Submit
 cancel.button.label=Cancel
 continue.button.label=Continue
 deputy.profile.label=(Deputy Profile)
-error.account.exists=Account already exists. Continue to log in.
 error.policy.failed=The new password does not comply with the policy.
 error.saml.failed=Please close your browser and try again.
 error_1=Please check your input.
@@ -85,8 +85,6 @@ pwreset.email.sent=If your user ID exists, an email to reset your password has b
 pwreset.info.linktext=Password forgotten
 pwreset.noticket=Your password reset link is no longer valid. Please generate a new one.
 reject.button.label=Deny
-signup.button.label=Signup
-skip.button.label=Skip
 submit.button.label=Submit
 tan.sent=Please enter the security code which has been sent to your mobile phone.
 title.login=Login
@@ -97,7 +95,6 @@ title.oauth.consent=Client Authorization
 title.pwchange.label=Password Change
 title.pwreset=Password Forgotten
 title.saml.failed=Error
-title.signup=Create account
 title.signup.passwordless=Go passwordless
 title.signup.passwordless.failed=Failed to turn on passwordless
 title.timeout.page=Logout

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth-v1/var/opt/nevisauth/default/conf/LitDict_fr.properties

@@ -1,9 +1,9 @@
 
 accept.button.label=Accepter
+button.submit=Envoyer
 cancel.button.label=Abandonner
 continue.button.label=Continuer
 deputy.profile.label=(Profil du suppléant)
-error.account.exists=Le compte existe déjà. Continuez à vous connecter.
 error.policy.failed=Votre nouveau mot de passe ne conforme pas aux mesures de sécurité
 error.saml.failed=Fermez votre navigateur et r;eacute;essayez.
 error_1=Veuillez vérifier vos données, s.v.p.
@@ -85,8 +85,6 @@ pwreset.email.sent=Si votre identifiant n'existe pas, vous avez reçu un courrie
 pwreset.info.linktext=Mot de passe oublié
 pwreset.noticket=Votre lien n'est plus valide. Veuillez en générer un nouveau.
 reject.button.label=Refuser
-signup.button.label=Inscription
-skip.button.label=Passer
 submit.button.label=Envoyer
 tan.sent=Veuillez saisir le code de sécurité que vous avez reçu au votre téléphone mobile.
 title.login=Login
@@ -97,7 +95,6 @@ title.oauth.consent=Autorisation du client
 title.pwchange.label=Changer mot de passe
 title.pwreset=Mot de Passe Oublié
 title.saml.failed=Error
-title.signup=Créer un compte
 title.signup.passwordless=Aller sans mot de passe
 title.signup.passwordless.failed=Impossible d'activer le sans mot de passe
 title.timeout.page=Logout

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth-v1/var/opt/nevisauth/default/conf/LitDict_it.properties

@@ -1,9 +1,9 @@
 
-accept.button.label=Accetta
+accept.button.label=Accettare
-cancel.button.label=Annulla
+button.submit=Continua
+cancel.button.label=Abortire
 continue.button.label=Continua
 deputy.profile.label=(profilo del delegato)
-error.account.exists=L'account esiste gi<67>. Prosegui col login.
 error.policy.failed=La nuova password non &egrave; stata accettata. Scegliere una password che sia conforme ai criteri di password.
 error.saml.failed=Chiudi il browser e riprova.
 error_1=Verificare i dati immessi.
@@ -84,9 +84,7 @@ pwreset.done.info=La password &egrave; stata modificata con successo. Fare clic
 pwreset.email.sent=Se il vostro ID utente esiste, vi è stata inviata un'e-mail per reimpostare la password.
 pwreset.info.linktext=Password dimenticata
 pwreset.noticket=Il biglietto per la reimpostazione della password non &egrave; pi&ugrave; valido. Si prega di generarne uno nuovo.
-reject.button.label=Rifiuta
+reject.button.label=Rifiuti
-signup.button.label=Iscriviti
-skip.button.label=Salta
 submit.button.label=Continua
 tan.sent=Inserisci il codice di sicurezza che &egrave; stato inviato al tuo telefono cellulare.
 title.login=Login
@@ -97,7 +95,6 @@ title.oauth.consent=Autorizzazione del client
 title.pwchange.label=Cambiare Password
 title.pwreset=Password Dimenticata
 title.saml.failed=Error
-title.signup=Crea un account
 title.signup.passwordless=Vai senza password
 title.signup.passwordless.failed=Impossibile attivare senza password
 title.timeout.page=Logout

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth-v1/var/opt/nevisauth/default/conf/env.conf

@@ -13,9 +13,8 @@ JAVA_OPTS=(
     "-javaagent:/opt/agent/opentelemetry-javaagent.jar"
     "-Dotel.javaagent.logging=application"
     "-Dotel.javaagent.configuration-file=/var/opt/nevisauth/default/conf/otel.properties"
-    "-Dotel.resource.attributes=service.version=8.2505.5,service.instance.id=$HOSTNAME"
+    "-Dotel.resource.attributes=service.version=8.2411.1,service.instance.id=$HOSTNAME"
     "-Djavax.net.ssl.trustStore=/var/opt/keys/trust/ob-auth-v1-agov-work-internal-trust-store/truststore.p12"
     "-Djavax.net.ssl.trustStorePassword=\${exec:/var/opt/keys/trust/ob-auth-v1-agov-work-internal-trust-store/keypass}"
 )
 
-

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth-v1/var/opt/nevisauth/default/conf/esauth4.xml

@@ -33,9 +33,7 @@
         <!-- source: pattern://d00b0dcbe241793d30daf91c -->
         <KeyStore name="DefaultKeyStore">
             <!-- source: pattern://d00b0dcbe241793d30daf91c -->
-            <KeyObject name="DefaultSigner" certificate="/var/opt/keys/own/ob-auth-sh4r3d-default-default-signer/cert.pem" privateKey="/var/opt/keys/own/ob-auth-sh4r3d-default-default-signer/keystore.jks" passPhrase="pipe:///var/opt/keys/own/ob-auth-sh4r3d-default-default-signer/keypass"/>
+            <KeyObject name="DefaultSigner" certificate="/var/opt/keys/own/ob-auth-signer/cert.pem" privateKey="/var/opt/keys/own/ob-auth-signer/keystore.jks" passPhrase="pipe:///var/opt/keys/own/ob-auth-signer/keypass"/>
-            <!-- source: pattern://d00b0dcbe241793d30daf91c -->
-            <KeyObject name="DefaultSignerTrust" certificate="/var/opt/keys/trust/ob-auth-v1-default-default-signer-trust/truststore.jks"/>
         </KeyStore>
         <!-- source: pattern://25bdd7e6f5b76694f6688ab8 -->
         <KeyStore name="ob-realm-accessapp-registration-nevisfido-tls-trust-store">
@@ -242,6 +240,8 @@
             <!-- source: pattern://e1784eecf2db74484dd1e1bb -->
             <ResultCond name="SOAP:showGui" next="ob-realm_ob-realm-dispatch-cred-type"/>
             <!-- source: pattern://e1784eecf2db74484dd1e1bb -->
+            <ResultCond name="default" next="ob-realm_ob-realm-dispatch-cred-type"/>
+            <!-- source: pattern://e1784eecf2db74484dd1e1bb -->
             <ResultCond name="ok" next="ob-realm_ob-realm-dispatch-cred-type" startOver="true"/>
             <!-- source: pattern://e1784eecf2db74484dd1e1bb -->
             <ResultCond name="showGui" next="ob-realm_ob-realm-idm-pwd-login-IdmPostProcessing"/>
@@ -262,10 +262,6 @@
             <property name="detaillevel.default" value="EXCLUDE"/>
             <!-- source: pattern://e1784eecf2db74484dd1e1bb -->
             <property name="detaillevel.user" value="MEDIUM"/>
-            <!-- source: pattern://e1784eecf2db74484dd1e1bb -->
-            <property name="detaillevel.profile" value="MEDIUM"/>
-            <!-- source: pattern://e1784eecf2db74484dd1e1bb -->
-            <property name="detaillevel.role" value="LOW"/>
         </AuthState>
         <AuthState name="ob-realm_ob-realm-idm-pwd-login-IdmPasswordChange" class="ch.nevis.idm.authstate.IdmChangePasswordState" final="false">
             <!-- source: pattern://e1784eecf2db74484dd1e1bb -->
@@ -343,7 +339,7 @@
                     <!-- source: pattern://e1784eecf2db74484dd1e1bb -->
                     <GuiElem name="isiwebnewpw2" type="pw-text" label="prompt.newpassword.confirm"/>
                     <!-- source: pattern://e1784eecf2db74484dd1e1bb -->
-                    <GuiElem name="submit" type="submit" label="submit.button.label"/>
+                    <GuiElem name="submit" type="submit" label="button.submit"/>
                 </Gui>
             </Response>
             <propertyRef name="nevisIDM_Connector"/>
@@ -352,9 +348,9 @@
         </AuthState>
         <AuthState name="nevisIDM_Connector" class="ch.nevis.esauth.auth.states.standard.AuthGeneric" final="false">
             <!-- source: pattern://e1784eecf2db74484dd1e1bb -->
-            <property name="login.service.connection.0" value="https://idm.adn-agov-nevisidm-admin-01-uat:8989/nevisidm/services/v1/LoginService"/>
+            <property name="login.service.connection.0" value="https://idm.adn-agov-nevisidm-01-uat:8989/nevisidm/services/v1/LoginService"/>
             <!-- source: pattern://e1784eecf2db74484dd1e1bb -->
-            <property name="admin.service.connection.0" value="https://idm.adn-agov-nevisidm-admin-01-uat:8989/nevisidm/services/v1/AdminService"/>
+            <property name="admin.service.connection.0" value="https://idm.adn-agov-nevisidm-01-uat:8989/nevisidm/services/v1/AdminService"/>
         </AuthState>
         <AuthState name="ob-realm_ob-realm-dispatch-cred-type" class="ch.nevis.esauth.auth.states.standard.AuthGeneric" final="true" resumeState="true">
             <!-- source: pattern://5f192f6e91687b30b5868750 -->
@@ -388,7 +384,7 @@
                 <!-- source: pattern://25bdd7e6f5b76694f6688ab8 -->
                 <Gui name="mauth_onboard">
                     <!-- source: pattern://25bdd7e6f5b76694f6688ab8 -->
-                    <GuiElem name="fallback" type="button" label="cancel.button.label" value="true" optional="true"/>
+                    <GuiElem name="fallback" type="button" label="mobile_auth.cancel.button.label" value="true" optional="true"/>
                     <!-- source: pattern://25bdd7e6f5b76694f6688ab8 -->
                     <GuiElem name="mauth_dispatcher_link" type="hidden" value="${sess:mauth_dispatcher_link}" optional="true"/>
                 </Gui>
@@ -424,6 +420,16 @@
                     <!-- source: pattern://3d382e0cf987535b6fa989b4 -->
                     <GuiElem name="info-sub-icon" type="info" label="info.signup.passwordless"/>
                     <!-- source: pattern://3d382e0cf987535b6fa989b4 -->
+                    <GuiElem name="logoName" type="hidden" label="${sess:ch.nevis.idc.logoName}" optional="true"/>
+                    <!-- source: pattern://3d382e0cf987535b6fa989b4 -->
+                    <GuiElem name="brand" type="hidden" label="${sess:ch.nevis.idc.brand}" optional="true"/>
+                    <!-- source: pattern://3d382e0cf987535b6fa989b4 -->
+                    <GuiElem name="primaryColor" type="hidden" label="${sess:ch.nevis.idc.config.branding.primaryColor}" optional="true"/>
+                    <!-- source: pattern://3d382e0cf987535b6fa989b4 -->
+                    <GuiElem name="borderRadius" type="hidden" label="${sess:ch.nevis.idc.config.branding.borderRadius}" optional="true"/>
+                    <!-- source: pattern://3d382e0cf987535b6fa989b4 -->
+                    <GuiElem name="fontFamily" type="hidden" label="${sess:ch.nevis.idc.config.branding.fontFamily}" optional="true"/>
+                    <!-- source: pattern://3d382e0cf987535b6fa989b4 -->
                     <GuiElem name="onclick" type="button" label="continue.button.label"/>
                     <!-- source: pattern://3d382e0cf987535b6fa989b4 -->
                     <GuiElem name="cancel-bottom" type="info" label="info.signup.passwordless.skip"/>
@@ -440,12 +446,6 @@
             <!-- source: pattern://3d382e0cf987535b6fa989b4 -->
             <property name="parameter.userVerification" value="required"/>
             <!-- source: pattern://3d382e0cf987535b6fa989b4 -->
-            <property name="parameter.httpclient.authorization.basic.sectoken.userId" value="#{session['ch.adnovum.nevisidm.user.extId'] != null ? session['ch.adnovum.nevisidm.user.extId'] : session['ch.nevis.idm.User.extId'] != null ? session['ch.nevis.idm.User.extId'] : request.getUserId() != null ? request.getUserId() : notes['userid']}"/>
-            <!-- source: pattern://3d382e0cf987535b6fa989b4 -->
-            <property name="parameter.httpclient.authorization.basic.sectoken.profileId" value="${sess:ch.adnovum.nevisidm.profileId}"/>
-            <!-- source: pattern://3d382e0cf987535b6fa989b4 -->
-            <property name="parameter.httpclient.authorization.basic.sectoken.roles" value="unused"/>
-            <!-- source: pattern://3d382e0cf987535b6fa989b4 -->
             <property name="script" value="file:///var/opt/nevisauth/default/conf/ob-realm-fido2-registration.groovy"/>
         </AuthState>
         <AuthState name="ob-realm_Authentication_Failed" class="ch.nevis.esauth.auth.states.standard.AuthError" final="false">
@@ -487,6 +487,16 @@
                     <!-- source: pattern://3d382e0cf987535b6fa989b4 -->
                     <GuiElem name="onclick" type="button" label="try_again.button.label"/>
                     <!-- source: pattern://3d382e0cf987535b6fa989b4 -->
+                    <GuiElem name="logoName" type="hidden" label="${sess:ch.nevis.idc.logoName}" optional="true"/>
+                    <!-- source: pattern://3d382e0cf987535b6fa989b4 -->
+                    <GuiElem name="brand" type="hidden" label="${sess:ch.nevis.idc.brand}" optional="true"/>
+                    <!-- source: pattern://3d382e0cf987535b6fa989b4 -->
+                    <GuiElem name="primaryColor" type="hidden" label="${sess:ch.nevis.idc.config.branding.primaryColor}" optional="true"/>
+                    <!-- source: pattern://3d382e0cf987535b6fa989b4 -->
+                    <GuiElem name="borderRadius" type="hidden" label="${sess:ch.nevis.idc.config.branding.borderRadius}" optional="true"/>
+                    <!-- source: pattern://3d382e0cf987535b6fa989b4 -->
+                    <GuiElem name="fontFamily" type="hidden" label="${sess:ch.nevis.idc.config.branding.fontFamily}" optional="true"/>
+                    <!-- source: pattern://3d382e0cf987535b6fa989b4 -->
                     <GuiElem name="cancel-bottom" type="info" label="info.signup.passwordless.skip"/>
                 </Gui>
             </Response>
@@ -720,6 +730,4 @@
             </Response>
         </AuthState>
     </AuthEngine>
-    <!-- source: pattern://d00b0dcbe241793d30daf91c -->
-    <RESTService name="ManagementService" class="ch.nevis.esauth.rest.service.session.ManagementService"/>
 </esauth-server>

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth-v1/var/opt/nevisauth/default/conf/filterRedirectionPaths.groovy

@@ -18,7 +18,7 @@ if (request.getSession(false) == null) {
 }
 
 def redirectionPath = getPathFromURL(request['currentResource'])
-def applicationPaths = ["/nevisauth/","/register/","/pwreset/"]
+def applicationPaths = ["/register/","/pwreset/"]
 def denyRegexes = [".*[\\n\\r]+.*"]
 
 def denied = false

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth-v1/var/opt/nevisauth/default/conf/logging.yml

@@ -16,6 +16,12 @@ Configuration:
       level: "INFO"
     - name: "EsAuthStart"
       level: "INFO"
+    - name: "org.apache.catalina.loader.WebappClassLoader"
+      level: "FATAL"
+    - name: "org.apache.catalina.startup.HostConfig"
+      level: "ERROR"
+    - name: "ch.nevis.esauth.events"
+      level: "FATAL"
     - name: "AuthEngine"
       level: "INFO"
     - name: "AuthPerf"

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth-v1/var/opt/nevisauth/default/conf/ob-realm-fido2-registration.groovy

@@ -4,7 +4,6 @@ import groovy.json.JsonSlurper
 
 // we cannot use the name cancel and the -bottom is required in ID Cloud for rendering
 if (inargs.containsKey('cancel-bottom')) {
-    inargs.remove('cancel-bottom') // prevent follow-up cancel in subsequent steps
     response.setResult('cancel')
     return
 }

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-auth-v1/var/opt/nevisauth/default/conf/otel.properties

@@ -1,5 +1,4 @@
 otel.service.name = ob-auth
-otel.traces.sampler = always_on
 otel.traces.exporter = none
 otel.metrics.exporter = none
 otel.logs.exporter = none

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido-uaf-v1/etc/nevis/k8s-ob-fido-uaf-d990accd4fedae1acbc7109d.yaml

@@ -11,8 +11,8 @@ metadata:
 spec:
   type: "NevisFIDO"
   replicas: 1
-  version: "8.2505.5"
+  version: "8.2411.1"
-  gitInitVersion: "1.4.0"
+  gitInitVersion: "1.3.0"
   runAsNonRoot: true
   ports:
     rest: 9443
@@ -40,24 +40,21 @@ spec:
     management:
       httpGet:
         path: "/nevisfido/health"
-      initialDelaySeconds: 30
       periodSeconds: 5
       timeoutSeconds: 6
-      failureThreshold: 30
+      failureThreshold: 50
   podDisruptionBudget:
     maxUnavailable: "50%"
   git:
-    tag: "r-69708a47aa5312498a4e703772715421ce56ae7b"
+    tag: "r-ce13d286f79a538141a71c20083a157bcab70b61"
     dir: "DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido-uaf-v1"
     credentials: "git-credentials"
   database:
     name: "ob-fido-uaf-v1"
-    requiredVersion: "8.2505.5"
+    requiredVersion: "8.2411.1"
   keystores:
   - "ob-fido-uaf-v1-default-server-identity"
-  - "ob-fido-uaf-v1-default-client-identity"
   truststores:
-  - "ob-fido-uaf-v1-default-signer-trust"
   - "ob-fido-uaf-v1-default-client-trust"
   - "ob-fido-uaf-v1-agov-work-internal-trust-store"
   podSecurity:

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido-uaf-v1/etc/nevis/k8s-ob-fido-uaf-v1-default-client-identity-d990accd4fedae1acbc7109d.yaml

@@ -1,18 +0,0 @@
-apiVersion: "operator.nevis-security.ch/v1"
-kind: "NevisKeyStore"
-metadata:
-  name: "ob-fido-uaf-v1-default-client-identity"
-  namespace: "adn-agov-nevisidm-ob-01-uat"
-  labels:
-    deploymentTarget: "ob-fido-uaf-v1"
-  annotations:
-    projectKey: "DEFAULT-ADN-AGOV-WORK-OB-PROJECT"
-    patternId: "d990accd4fedae1acbc7109d"
-spec:
-  cn: "ob-fido-uaf-v1"
-  usage: "<reserved for future use>"
-  san:
-    dns:
-    - "ob-fido-uaf-v1"
-    - "ob-fido-uaf-v1.adn-agov-nevisidm-ob-01-uat"
-    email: []

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido-uaf-v1/etc/nevis/k8s-ob-fido-uaf-v1-default-signer-trust-d990accd4fedae1acbc7109d.yaml

@@ -1,14 +0,0 @@
-apiVersion: "operator.nevis-security.ch/v1"
-kind: "NevisTrustStore"
-metadata:
-  name: "ob-fido-uaf-v1-default-signer-trust"
-  namespace: "adn-agov-nevisidm-ob-01-uat"
-  labels:
-    deploymentTarget: "ob-fido-uaf-v1"
-  annotations:
-    projectKey: "DEFAULT-ADN-AGOV-WORK-OB-PROJECT"
-    patternId: "d990accd4fedae1acbc7109d"
-spec:
-  keystores:
-  - name: "ob-auth-sh4r3d-default-default-signer"
-    namespace: "adn-agov-nevisidm-ob-01-uat"

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido-uaf-v1/etc/nevis/k8s-work-mariadb-session-store-e891ec2f4f924135261d22ce.yaml

@@ -11,7 +11,7 @@ metadata:
 spec:
   type: "NevisFIDO"
   databaseType: "MariaDB"
-  version: "8.2505.5"
+  version: "8.2411.1"
   url: "mariadb-session-store-service.adn-agov-nevisidm-ob-01-uat"
   port: 3306
   database: "nevisfido_uaf"

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido-uaf-v1/var/opt/keys/own/nevisfido-techuser-key/cert.pem

@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIIC6TCCAo+gAwIBAgIQfcfd9dgdKT/5gdDbpAiKlDAKBggqhkjOPQQDAjAYMRYw
+FAYDVQQDEw1zZWxmc2lnbmVkLWNhMB4XDTI0MDUwNTE1NTAzOFoXDTI1MDUwNTE1
+NTAzOFowWDELMAkGA1UEBhMCQ0gxDDAKBgNVBAgTA0s4UzEMMAoGA1UEBxMDSzhT
+MQwwCgYDVQQKEwNLOFMxDDAKBgNVBAsTA0s4UzERMA8GA1UEAxMIZmlkby11YWYw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWcQPIzUN2zbPkB3yISIGw
+mDAd285YKm/ZLbE4WWw2SIHhjfh0XoYZ6QvLMENWcC8/iOX/6g6upQnYegzZKlST
+Lix0zJjEbtMlK8fITiPhwziWPSOeqtuW66Rj+13G6kKYVtZ8vviu73LBDkXKHSNi
+g4knNgACJpIItiDhOmtmD3Wsb8JAIQ161m7D3i2jr/kqBFKLc2DXcCHYSwxBXu3A
+99iqWxoHfprL/L7RfxBo7mKbk+xjRvw6wFHBb76m6hd8fe4yg3g9zZTsZ5KeKqtA
+8NT7CTG26F/MEBEmreU6NcNP62sYBkQiY+K5WweUs5qnDCAUPz+Upu0lX49ZDsvZ
+AgMBAAGjga8wgawwDgYDVR0PAQH/BAQDAgeAMB0GA1UdJQQWMBQGCCsGAQUFBwMB
+BggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFPthGhYiMfCS8WJz
+C+TRPH/IDi5RMEwGA1UdEQRFMEOCCGZpZG8tdWFmgiFmaWRvLXVhZi5hZG4tYWdv
+di1uZXZpc2lkbS0wMS11YXSBFG5vcmVwbHlAbG9jYWwuZG9tYWluMAoGCCqGSM49
+BAMCA0gAMEUCIBCueTTUwnN53/dIs6W4FpbFtF/wkAhYjLZGuKgY08ZAAiEA9VFz
+WoaxaINHqGPR10Sh1hqeuCHRzHxnQUt07sZf2DU=
+-----END CERTIFICATE-----

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido-uaf-v1/var/opt/keys/own/nevisfido-techuser-key/key.pem

@@ -0,0 +1,30 @@
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIIFKzBVBgkqhkiG9w0BBQ0wSDAnBgkqhkiG9w0BBQwwGgQUA8Ytt1cRwiCjGKC1
+2OMoR6wY3WECAggAMB0GCWCGSAFlAwQBKgQQFK48c+H7S8tVJ5n3O1UdwwSCBNAu
+o9BbycGa6LAWyjEK77S3eyKkNHatAaPE+yKklEN22HY9GOTId9wnhyQ0pZgan9ml
+VtHxyz0ExfveT8gajbyV4ezE/OXVFsmx+i1P0aIRCHHRCY0MVbZFgBEhLH73EJVn
+E/+3RUEjz9XJphCDK/Bg2DhYpPN1WnplksRSRCcpsSw7U5qfmbfb2T5ZLmho1oJr
+M6kU+gvtqJ+cZ+rMT7zpDLDz6bzT6O2HRPl4MuvzbrSg5nbBlAnW2kVZzguIqqc9
+9KiY6sKziYhGSdPwJEcek/VyMVJm8gn1Bz4CQdKOrVGIOstSSoXYClCUjOLowL6F
+MxGk25NJJBUy2uApfOQOIs5vvgu55CY1JRcQwL4dSy+5Ueqcw3VG17ExfFqGk5cZ
+b001DIdiL+ResgwvHdrC5mwKZ1mtjLGnX8uL6Uch3C+ullPU592yUXnDsFZn9An1
+UDCjFCbtUFKAi6TcYf3yOCMgfa3iAzhae7CIvC7I9JVJjA8MyNTlWgAqGeM2HalI
+84TEb09r8KotqtlAvD8Hs5uO4Iwf/sjOhSxP2SIG016oXU8KsH8pGvlYyLfA1WkX
+uI+46zAk1AHoAEiTox9tNtWYnIeGukbNBkNuzeWkS56GEZJto6ji7DIj3xsBnhJt
+3ciJnUR46z0SyofDexU60dsduliMeExVe2qde8XS3oKcOnTLBtCHxgIb8T73Zr22
+VkYPcjRF8Aur207DThKJ+D2dRQ0DTj+DBeT1q5gTCAwZUb/tuwEw9CEBGmy9wR5C
+C3M2auRL9QHaXU+kKpnbFPI4xkonJbLCC/VWE/qY60wsHdrL9TFuBOw4Mt+Q/gjC
+w8Vi1V+/2DBIIums/teBbLeeEy/B97k8N5lJwCcp8mGiAl/hXQfHbetksObWNqpj
+V4zl7NCylTgyh2UqzZtQQGLeBT3Q1u4EaQIPt8xwxLrR+wne6wjuLGaM4OqKOVUa
+gWdXdi55q0S1aluqoHTWK0VYy+5BMpBgHREpnZDtAJ06YljAmRk2j8IjFrZi1COK
+quL+Uj6g1iBy2zUZYMLUb73I3f8VX7Qmps0iCrNAwpJjpsWYJOf+HzJFgC+YiYs0
+J1uJcm5ypggCDSP4PRDgvbcs7pIkbQFHZQ1Y7EesX4m61f7Xc72J6Y4lNRfhEjKP
+c2n8XDj6dkxtEDsmegrGfDmUZ9z6PjKjMRWUxHMQIs2FxnCbdZuoDX3IN5EJtW3w
+iEAmOYCcV4Vep4Vckfwz6aTSfbmwmDcH56yYckDBQq2bCuySOgdSUUWXn+MshTUW
+Ef+LvCW0BSqz4p3D0vBySnauzh9YCbva7b9ibuhavwB+Ys2Qn2cWfzcvUPqmXUOb
+mnkq3k9FjgKM4vej7FxdbCffeU8tiAuYSKFZS/CiZU8Qoqy75BwT4bxa7Qfvdmgk
+NkzCkyGV9xYlCiT1gqbX6XU9bmotUuP3VSSO7ehpMW0k99W6ml/NJqEBmZ0f9/Ax
+qaYheAy+9TtHbcSLOcZj6+7SYZNsvayE3HKnGCuKV0TgSi9VOQLZ6QDxkNU/3oHo
+I2g49KDqyvvx/BmZwEKnFsDpKLluCklwLUf8qKm+Kji8W95+JQC2k3qumIZ6Ao8Z
+OKoJStGgA8ZjuENxatZJk42BI++oNZOBA08uKvW1Mw==
+-----END ENCRYPTED PRIVATE KEY-----

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido-uaf-v1/var/opt/keys/own/nevisfido-techuser-key/keypass

@@ -0,0 +1,2 @@
+#!/bin/bash
+echo 'Hsk+IJIkp1oGu8i1S+w6p2QMDB+9WFSNjNlSYdUCfA8='

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido-uaf-v1/var/opt/keys/own/nevisfido-techuser-key/keystore.pem

@@ -0,0 +1,49 @@
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIIFKzBVBgkqhkiG9w0BBQ0wSDAnBgkqhkiG9w0BBQwwGgQUA8Ytt1cRwiCjGKC1
+2OMoR6wY3WECAggAMB0GCWCGSAFlAwQBKgQQFK48c+H7S8tVJ5n3O1UdwwSCBNAu
+o9BbycGa6LAWyjEK77S3eyKkNHatAaPE+yKklEN22HY9GOTId9wnhyQ0pZgan9ml
+VtHxyz0ExfveT8gajbyV4ezE/OXVFsmx+i1P0aIRCHHRCY0MVbZFgBEhLH73EJVn
+E/+3RUEjz9XJphCDK/Bg2DhYpPN1WnplksRSRCcpsSw7U5qfmbfb2T5ZLmho1oJr
+M6kU+gvtqJ+cZ+rMT7zpDLDz6bzT6O2HRPl4MuvzbrSg5nbBlAnW2kVZzguIqqc9
+9KiY6sKziYhGSdPwJEcek/VyMVJm8gn1Bz4CQdKOrVGIOstSSoXYClCUjOLowL6F
+MxGk25NJJBUy2uApfOQOIs5vvgu55CY1JRcQwL4dSy+5Ueqcw3VG17ExfFqGk5cZ
+b001DIdiL+ResgwvHdrC5mwKZ1mtjLGnX8uL6Uch3C+ullPU592yUXnDsFZn9An1
+UDCjFCbtUFKAi6TcYf3yOCMgfa3iAzhae7CIvC7I9JVJjA8MyNTlWgAqGeM2HalI
+84TEb09r8KotqtlAvD8Hs5uO4Iwf/sjOhSxP2SIG016oXU8KsH8pGvlYyLfA1WkX
+uI+46zAk1AHoAEiTox9tNtWYnIeGukbNBkNuzeWkS56GEZJto6ji7DIj3xsBnhJt
+3ciJnUR46z0SyofDexU60dsduliMeExVe2qde8XS3oKcOnTLBtCHxgIb8T73Zr22
+VkYPcjRF8Aur207DThKJ+D2dRQ0DTj+DBeT1q5gTCAwZUb/tuwEw9CEBGmy9wR5C
+C3M2auRL9QHaXU+kKpnbFPI4xkonJbLCC/VWE/qY60wsHdrL9TFuBOw4Mt+Q/gjC
+w8Vi1V+/2DBIIums/teBbLeeEy/B97k8N5lJwCcp8mGiAl/hXQfHbetksObWNqpj
+V4zl7NCylTgyh2UqzZtQQGLeBT3Q1u4EaQIPt8xwxLrR+wne6wjuLGaM4OqKOVUa
+gWdXdi55q0S1aluqoHTWK0VYy+5BMpBgHREpnZDtAJ06YljAmRk2j8IjFrZi1COK
+quL+Uj6g1iBy2zUZYMLUb73I3f8VX7Qmps0iCrNAwpJjpsWYJOf+HzJFgC+YiYs0
+J1uJcm5ypggCDSP4PRDgvbcs7pIkbQFHZQ1Y7EesX4m61f7Xc72J6Y4lNRfhEjKP
+c2n8XDj6dkxtEDsmegrGfDmUZ9z6PjKjMRWUxHMQIs2FxnCbdZuoDX3IN5EJtW3w
+iEAmOYCcV4Vep4Vckfwz6aTSfbmwmDcH56yYckDBQq2bCuySOgdSUUWXn+MshTUW
+Ef+LvCW0BSqz4p3D0vBySnauzh9YCbva7b9ibuhavwB+Ys2Qn2cWfzcvUPqmXUOb
+mnkq3k9FjgKM4vej7FxdbCffeU8tiAuYSKFZS/CiZU8Qoqy75BwT4bxa7Qfvdmgk
+NkzCkyGV9xYlCiT1gqbX6XU9bmotUuP3VSSO7ehpMW0k99W6ml/NJqEBmZ0f9/Ax
+qaYheAy+9TtHbcSLOcZj6+7SYZNsvayE3HKnGCuKV0TgSi9VOQLZ6QDxkNU/3oHo
+I2g49KDqyvvx/BmZwEKnFsDpKLluCklwLUf8qKm+Kji8W95+JQC2k3qumIZ6Ao8Z
+OKoJStGgA8ZjuENxatZJk42BI++oNZOBA08uKvW1Mw==
+-----END ENCRYPTED PRIVATE KEY-----
+
+-----BEGIN CERTIFICATE-----
+MIIC6TCCAo+gAwIBAgIQfcfd9dgdKT/5gdDbpAiKlDAKBggqhkjOPQQDAjAYMRYw
+FAYDVQQDEw1zZWxmc2lnbmVkLWNhMB4XDTI0MDUwNTE1NTAzOFoXDTI1MDUwNTE1
+NTAzOFowWDELMAkGA1UEBhMCQ0gxDDAKBgNVBAgTA0s4UzEMMAoGA1UEBxMDSzhT
+MQwwCgYDVQQKEwNLOFMxDDAKBgNVBAsTA0s4UzERMA8GA1UEAxMIZmlkby11YWYw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWcQPIzUN2zbPkB3yISIGw
+mDAd285YKm/ZLbE4WWw2SIHhjfh0XoYZ6QvLMENWcC8/iOX/6g6upQnYegzZKlST
+Lix0zJjEbtMlK8fITiPhwziWPSOeqtuW66Rj+13G6kKYVtZ8vviu73LBDkXKHSNi
+g4knNgACJpIItiDhOmtmD3Wsb8JAIQ161m7D3i2jr/kqBFKLc2DXcCHYSwxBXu3A
+99iqWxoHfprL/L7RfxBo7mKbk+xjRvw6wFHBb76m6hd8fe4yg3g9zZTsZ5KeKqtA
+8NT7CTG26F/MEBEmreU6NcNP62sYBkQiY+K5WweUs5qnDCAUPz+Upu0lX49ZDsvZ
+AgMBAAGjga8wgawwDgYDVR0PAQH/BAQDAgeAMB0GA1UdJQQWMBQGCCsGAQUFBwMB
+BggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFPthGhYiMfCS8WJz
+C+TRPH/IDi5RMEwGA1UdEQRFMEOCCGZpZG8tdWFmgiFmaWRvLXVhZi5hZG4tYWdv
+di1uZXZpc2lkbS0wMS11YXSBFG5vcmVwbHlAbG9jYWwuZG9tYWluMAoGCCqGSM49
+BAMCA0gAMEUCIBCueTTUwnN53/dIs6W4FpbFtF/wkAhYjLZGuKgY08ZAAiEA9VFz
+WoaxaINHqGPR10Sh1hqeuCHRzHxnQUt07sZf2DU=
+-----END CERTIFICATE-----

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido-uaf-v1/var/opt/keys/trust/ob-auth-signer-trust-store/keypass

@@ -0,0 +1,2 @@
+#!/bin/bash
+echo 'password'

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido-uaf-v1/var/opt/keys/trust/ob-auth-signer-trust-store/truststore.pem

@@ -0,0 +1,17 @@
+-----BEGIN CERTIFICATE-----
+MIICwzCCAmmgAwIBAgIRAIgdSB3tN8ZLL8RUMEGevQQwCgYIKoZIzj0EAwIwGDEW
+MBQGA1UEAxMNc2VsZnNpZ25lZC1jYTAeFw0yNDA3MTcwNzI5MDFaFw0yNTA3MTcw
+NzI5MDFaMFYxCzAJBgNVBAYTAkNIMQwwCgYDVQQIEwNLOFMxDDAKBgNVBAcTA0s4
+UzEMMAoGA1UEChMDSzhTMQwwCgYDVQQLEwNLOFMxDzANBgNVBAMTBnNpZ25lcjCC
+ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOyJFpEW1XRq43YwOU/e9ufh
+128Yct8Q3f6HoRaXpUmygAkUsyBwOLWmwNeS80SLyOVegco6kGOdoMvnZsLX3ujf
+cASkbN+93xhc2MpJXvfWbLbFGrpuQki3V5Banw+UulBuTltFLmxaIRXs1y4Ny2uh
+US98LjFY3YD+3d5WG7UpgRTJ+x+t+8nqnPVOJ5asfcirM8/lRB4drUAwCOv51XLR
+fRbqCaXKpVaiw/vD5KpAOUH2N1cikfOTOY6rce0wgVDGS7eoCfkCN4gT1LG+134M
+p0KT3FBikTGdkH6dQ52nTn7xm5byJvNYzq+2zKGdosYAGurdGGw+KLFsFKCpB40C
+AwEAAaOBijCBhzAOBgNVHQ8BAf8EBAMCB4AwHQYDVR0lBBYwFAYIKwYBBQUHAwEG
+CCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAU+2EaFiIx8JLxYnML
+5NE8f8gOLlEwJwYDVR0RBCAwHoIGc2lnbmVygRRub3JlcGx5QGxvY2FsLmRvbWFp
+bjAKBggqhkjOPQQDAgNIADBFAiBxCyNHGWTpj8oma8cY/rUVMZu/BSDH7zzrDhh6
+Q9eJegIhAIGivTcBUZvogUDfNo7IXmmxDqZHrjpoLeu6+VgTY9Qs
+-----END CERTIFICATE-----

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido-uaf-v1/var/opt/nevisfido/default/conf/env.conf

@@ -6,5 +6,5 @@ JAVA_OPTS=(
     "-javaagent:/opt/agent/opentelemetry-javaagent.jar"
     "-Dotel.javaagent.logging=application"
     "-Dotel.javaagent.configuration-file=/var/opt/nevisfido/default/conf/otel.properties"
-    "-Dotel.resource.attributes=service.version=8.2505.5,service.instance.id=$HOSTNAME"
+    "-Dotel.resource.attributes=service.version=8.2411.1,service.instance.id=$HOSTNAME"
 )

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido-uaf-v1/var/opt/nevisfido/default/conf/metadata/metadata.json

@@ -3,13 +3,14 @@
     "aaid" : "F1D0#0001",
     "description" : "Android NEVIS Mobile Authentication PIN Authenticator",
     "assertionScheme" : "UAFV1TLV",
-    "attestationRootCertificates" : [],
+    "attestationRootCertificates" : [
-    "supportedExtensions" : [
+      "MIIFYDCCA0igAwIBAgIJAOj6GWMU0voYMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMTYwNTI2MTYyODUyWhcNMjYwNTI0MTYyODUyWjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaOBpjCBozAdBgNVHQ4EFgQUNmHhAHyIBQlRi0RsR/8aTMnqTxIwHwYDVR0jBBgwFoAUNmHhAHyIBQlRi0RsR/8aTMnqTxIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwQAYDVR0fBDkwNzA1oDOgMYYvaHR0cHM6Ly9hbmRyb2lkLmdvb2dsZWFwaXMuY29tL2F0dGVzdGF0aW9uL2NybC8wDQYJKoZIhvcNAQELBQADggIBACDIw41L3KlXG0aMiS//cqrG+EShHUGo8HNsw30W1kJtjn6UBwRM6jnmiwfBPb8VA91chb2vssAtX2zbTvqBJ9+LBPGCdw/E53Rbf86qhxKaiAHOjpvAy5Y3m00mqC0w/Zwvju1twb4vhLaJ5NkUJYsUS7rmJKHHBnETLi8GFqiEsqTWpG/6ibYCv7rYDBJDcR9W62BW9jfIoBQcxUCUJouMPH25lLNcDc1ssqvC2v7iUgI9LeoM1sNovqPmQUiG9rHli1vXxzCyaMTjwftkJLkf6724DFhuKug2jITV0QkXvaJWF4nUaHOTNA4uJU9WDvZLI1j83A+/xnAJUucIv/zGJ1AMH2boHqF8CY16LpsYgBt6tKxxWH00XcyDCdW2KlBCeqbQPcsFmWyWugxdcekhYsAWyoSf818NUsZdBWBaR/OukXrNLfkQ79IyZohZbvabO/X+MVT3rriAoKc8oE2Uws6DF+60PV7/WIPjNvXySdqspImSN78mflxDqwLqRBYkA3I75qppLGG9rp7UCdRjxMl8ZDBld+7yvHVgt1cVzJx9xnyGCC23UaicMDSXYrB4I4WHXPGjxhZuCuPBLTdOLU8YRvMYdEvYebWHMpvwGCF6bAx3JBpIeOQ1wDB5y0USicV3YgYGmi+NZfhA4URSh77Yd6uuJOJENRaNVTzk",
-      {
+      "MIIFHDCCAwSgAwIBAgIJANUP8luj8tazMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMTkxMTIyMjAzNzU4WhcNMzQxMTE4MjAzNzU4WjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQBOMaBc8oumXb2voc7XCWnuXKhBBK3e2KMGz39t7lA3XXRe2ZLLAkLM5y3J7tURkf5a1SutfdOyXAmeE6SRo83Uh6WszodmMkxK5GM4JGrnt4pBisu5igXEydaW7qq2CdC6DOGjG+mEkN8/TA6p3cnoL/sPyz6evdjLlSeJ8rFBH6xWyIZCbrcpYEJzXaUOEaxxXxgYz5/cTiVKN2M1G2okQBUIYSY6bjEL4aUN5cfo7ogP3UvliEo3Eo0YgwuzR2v0KR6C1cZqZJSTnghIC/vAD32KdNQ+c3N+vl2OTsUVMC1GiWkngNx1OO1+kXW+YTnnTUOtOIswUP/Vqd5SYgAImMAfY8U9/iIgkQj6T2W6FsScy94IN9fFhE1UtzmLoBIuUFsVXJMTz+Jucth+IqoWFua9v1R93/k98p41pjtFX+H8DslVgfP097vju4KDlqN64xV1grw3ZLl4CiOe/A91oeLm2UHOq6wn3esB4r2EIQKb6jTVGu5sYCcdWpXr0AUVqcABPdgL+H7qJguBw09ojm6xNIrw2OocrDKsudk/okr/AwqEyPKw9WnMlQgLIKw1rODG2NvU9oR3GVGdMkUBZutL8VuFkERQGt6vQ2OCw0sV47VMkuYbacK/xyZFiRcrPJPb41zgbQj9XAEyLKCHex0SdDrx+tWUDqG8At2JHA==",
-        "id" : "ch.nevis.auth.fido.uaf.google-attestation-root-keys",
+      "MIIFHDCCAwSgAwIBAgIJAMNrfES5rhgxMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMjExMTE3MjMxMDQyWhcNMzYxMTEzMjMxMDQyWjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQBTNNZe5cuf8oiq+jV0itTGzWVhSTjOBEk2FQvh11J3o3lna0o7rd8RFHnN00q4hi6TapFhh4qaw/iG6Xg+xOan63niLWIC5GOPFgPeYXM9+nBb3zZzC8ABypYuCusWCmt6Tn3+Pjbz3MTVhRGXuT/TQH4KGFY4PhvzAyXwdjTOCXID+aHud4RLcSySr0Fq/L+R8TWalvM1wJJPhyRjqRCJerGtfBagiALzvhnmY7U1qFcS0NCnKjoO7oFedKdWlZz0YAfu3aGCJd4KHT0MsGiLZez9WP81xYSrKMNEsDK+zK5fVzw6jA7cxmpXcARTnmAuGUeI7VVDhDzKeVOctf3a0qQLwC+d0+xrETZ4r2fRGNw2YEs2W8Qj6oDcfPvq9JySe7pJ6wcHnl5EZ0lwc4xH7Y4Dx9RA1JlfooLMw3tOdJZH0enxPXaydfAD3YifeZpFaUzicHeLzVJLt9dvGB0bHQLE4+EqKFgOZv2EoP686DQqbVS1u+9k0p2xbMA105TBIk7npraa8VM0fnrRKi7wlZKwdH+aNAyhbXRW9xsnODJ+g8eF452zvbiKKngEKirK5LGieoXBX7tZ9D1GNBH2Ob3bKOwwIWdEFle/YF/h6zWgdeoaNGDqVBrLr2+0DtWoiB1aDEjLWl9FmyIUyUm7mD/vFDkzF+wm7cyWpQpCVQ==",
-        "fail_if_unknown" : false,
+      "MIIFHDCCAwSgAwIBAgIJAPHBcqaZ6vUdMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMjIwMzIwMTgwNzQ4WhcNNDIwMzE1MTgwNzQ4WjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQB8cMqTllHc8U+qCrOlg3H7174lmaCsbo/bJ0C17JEgMLb4kvrqsXZs01U3mB/qABg/1t5Pd5AORHARs1hhqGICW/nKMav574f9rZN4PC2ZlufGXb7sIdJpGiO9ctRhiLuYuly10JccUZGEHpHSYM2GtkgYbZba6lsCPYAAP83cyDV+1aOkTf1RCp/lM0PKvmxYN10RYsK631jrleGdcdkxoSK//mSQbgcWnmAEZrzHoF1/0gso1HZgIn0YLzVhLSA/iXCX4QT2h3J5z3znluKG1nv8NQdxei2DIIhASWfu804CA96cQKTTlaae2fweqXjdN1/v2nqOhngNyz1361mFmr4XmaKH/ItTwOe72NI9ZcwS1lVaCvsIkTDCEXdm9rCNPAY10iTunIHFXRh+7KPzlHGewCq/8TOohBRn0/NNfh7uRslOSZ/xKbN9tMBtw37Z8d2vvnXq/YWdsm1+JLVwn6yYD/yacNJBlwpddla8eaVMjsF6nBnIgQOf9zKSe06nSTqvgwUHosgOECZJZ1EuzbH4yswbt02tKtKEFhx+v+OTge/06V+jGsqTWLsfrOCNLuA8H++z+pUENmpqnnHovaI47gC+TNpkgYGkkBT6B/m/U01BuOBBTzhIlMEZq9qkDWuM2cA5kW5V3FJUcfHnw1IdYIg2Wxg7yHcQZemFQg==",
-        "data" : "[ \"MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAQ==\" ]"
+      "MIIC8jCCAdqgAwIBAgIGAZFrLh2fMA0GCSqGSIb3DQEBCwUAMDoxDjAMBgNVBAMMBXRlc3R5MQswCQYDVQQGEwJVUzEbMBkGCSqGSIb3DQEJARYMYWJjQGFjbWUuY29tMB4XDTI0MDgxOTE1MDc1MFoXDTI1MDgxOTE1MDc1MFowOjEOMAwGA1UEAwwFdGVzdHkxCzAJBgNVBAYTAlVTMRswGQYJKoZIhvcNAQkBFgxhYmNAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqitlYBzaxbPF389ZT5xkSS9Le1qdIOuc+dLVpBSWP9PEJhVZROgdOHs5f666iAcBedQm73sew3rpl+02J4fSgGmPkIYm1G2vkIrpt0eB9KzSc0AiLZbrPcFZOLHcOLoqVTfoRhnmAksHDC2f8euNKhCyriK8xlJb/xPfAfCn4r58ZGsQPUS7cJL6FLYh7FjrqfYDS10VOrQvGOALrG5NUj1DdqRq0M+klgs+6oJdUZTtY62BKkWh3N+7moNvrqykpv+ydFUJltgezDcb4Br8Nkw/breSPnomRfyHIcAcfATZcOPJlI8pO0zFZDIz8r7ESMnBhAxNaZgsUhR2XbaqbAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGw5XLY6GeFJMP350+djhcVqAw+E4HZqCJu1BMpYC0qS2D85fFi3gNuV0TnqB52abX1WBDDJK1CA0SPdyo/nX+qQzP6Dba1AVRKpRzdcsDsMDN3eMC08tajHgIIf5tNDv+HGE/MT2br4o5oducmQMOfV1NTJO1xhXYVqbsUnyrq3S6kD9WS8zRl6ruY1rT26eCQ4hTLHPaAiVsoXh5TBRXYCvGlAw7o2d9cmsbySforZ2wgdZwmu43B5eHNnt4NlDxZRyz6iEDP0nT877aB2ffsOKHAkJNuTvF5JSfnVzLmiyfa/7NI1ujfzcpA2UUXoWa7WN0wACiZQot8Zmswonjc=",
-      }
+      "MIIC8jCCAdqgAwIBAgIGAZFrJblQMA0GCSqGSIb3DQEBCwUAMDoxDTALBgNVBAMMBHRlc3QxCzAJBgNVBAYTAkNIMRwwGgYJKoZIhvcNAQkBFg1mYWtlQGFjbWUuY29tMB4XDTI0MDgxOTE0NTg0MFoXDTI1MDgxOTE0NTg0MFowOjENMAsGA1UEAwwEdGVzdDELMAkGA1UEBhMCQ0gxHDAaBgkqhkiG9w0BCQEWDWZha2VAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcWDBNmdq13fYHnhsmLndAW+MfbI6PeU4OenqfbrTtQUxqpyqhP6QccPYKX2SK3JeQo5uuF1jRD/9i9vAXI9NyiMMHSItjt9LjRs7bWnY4lokYGCAcSZooR9fGZX63dBSQo73V7MC8LDFGy5rw6dGDOmh0ktKxFzaT/nav8/Mx8FyG7M9+b5OPIBo2yze5Rd5cdErGJuUYa9No93BBr5tq+JfnmR/gwgCOke97ovhNj+sMu5bt946AxC6t00wNyPNVlJHKi1os0c/pWztTQkoRAx/w0JYKS9Afl0ZnGWQQ5PNLHHecp2GzriBpQAPXq81QTbOh5H7SzvhkaFQ4oxstAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAD8GOaeMDqj2mzMmCqR6Cr3ChkbDAkdsBa5lOAikMKs7/tJyaw8iA5yH0nyobC58Jb61IATuxABPUALhP3RiNsUhnQQF/Dh+6CnCTD/2wsZmr8vUvNqyCLom+xkMT6Wayd9LYW4UONARv1qCLVI4RhiAr5kcomwqZnuj2DRF697lbSQDoz3iuKrCyBYSCBhS+k7UXpqpMyB2D6quRuPqh7JNtMjGSeMiNpMXhx5f4kl1YWb8NU93LDwHFR2kwnGmPA3M272VitcJC4dz3itGRKm9EYGd6d5D7kdC6lqpZPSIopChvXDyVrXjQgckvgtSGKscs6AvYgjthJGsR2z3Eao=",
+      "MIIC8jCCAdqgAwIBAgIGAZFrLh2fMA0GCSqGSIb3DQEBCwUAMDoxDjAMBgNVBAMMBXRlc3R5MQswCQYDVQQGEwJVUzEbMBkGCSqGSIb3DQEJARYMYWJjQGFjbWUuY29tMB4XDTI0MDgxOTE1MDc1MFoXDTI1MDgxOTE1MDc1MFowOjEOMAwGA1UEAwwFdGVzdHkxCzAJBgNVBAYTAlVTMRswGQYJKoZIhvcNAQkBFgxhYmNAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqitlYBzaxbPF389ZT5xkSS9Le1qdIOuc+dLVpBSWP9PEJhVZROgdOHs5f666iAcBedQm73sew3rpl+02J4fSgGmPkIYm1G2vkIrpt0eB9KzSc0AiLZbrPcFZOLHcOLoqVTfoRhnmAksHDC2f8euNKhCyriK8xlJb/xPfAfCn4r58ZGsQPUS7cJL6FLYh7FjrqfYDS10VOrQvGOALrG5NUj1DdqRq0M+klgs+6oJdUZTtY62BKkWh3N+7moNvrqykpv+ydFUJltgezDcb4Br8Nkw/breSPnomRfyHIcAcfATZcOPJlI8pO0zFZDIz8r7ESMnBhAxNaZgsUhR2XbaqbAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGw5XLY6GeFJMP350+djhcVqAw+E4HZqCJu1BMpYC0qS2D85fFi3gNuV0TnqB52abX1WBDDJK1CA0SPdyo/nX+qQzP6Dba1AVRKpRzdcsDsMDN3eMC08tajHgIIf5tNDv+HGE/MT2br4o5oducmQMOfV1NTJO1xhXYVqbsUnyrq3S6kD9WS8zRl6ruY1rT26eCQ4hTLHPaAiVsoXh5TBRXYCvGlAw7o2d9cmsbySforZ2wgdZwmu43B5eHNnt4NlDxZRyz6iEDP0nT877aB2ffsOKHAkJNuTvF5JSfnVzLmiyfa/7NI1ujfzcpA2UUXoWa7WN0wACiZQot8Zmswonjc="
     ],
     "attestationTypes" : [ 15879, 15880 ],
     "upv" : [ {
@@ -33,13 +34,14 @@
     "aaid" : "F1D0#0002",
     "description" : "Android NEVIS Mobile Authentication Fingerprint Authenticator",
     "assertionScheme" : "UAFV1TLV",
-    "attestationRootCertificates" : [],
+    "attestationRootCertificates" : [
-    "supportedExtensions" : [
+      "MIIFYDCCA0igAwIBAgIJAOj6GWMU0voYMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMTYwNTI2MTYyODUyWhcNMjYwNTI0MTYyODUyWjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaOBpjCBozAdBgNVHQ4EFgQUNmHhAHyIBQlRi0RsR/8aTMnqTxIwHwYDVR0jBBgwFoAUNmHhAHyIBQlRi0RsR/8aTMnqTxIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwQAYDVR0fBDkwNzA1oDOgMYYvaHR0cHM6Ly9hbmRyb2lkLmdvb2dsZWFwaXMuY29tL2F0dGVzdGF0aW9uL2NybC8wDQYJKoZIhvcNAQELBQADggIBACDIw41L3KlXG0aMiS//cqrG+EShHUGo8HNsw30W1kJtjn6UBwRM6jnmiwfBPb8VA91chb2vssAtX2zbTvqBJ9+LBPGCdw/E53Rbf86qhxKaiAHOjpvAy5Y3m00mqC0w/Zwvju1twb4vhLaJ5NkUJYsUS7rmJKHHBnETLi8GFqiEsqTWpG/6ibYCv7rYDBJDcR9W62BW9jfIoBQcxUCUJouMPH25lLNcDc1ssqvC2v7iUgI9LeoM1sNovqPmQUiG9rHli1vXxzCyaMTjwftkJLkf6724DFhuKug2jITV0QkXvaJWF4nUaHOTNA4uJU9WDvZLI1j83A+/xnAJUucIv/zGJ1AMH2boHqF8CY16LpsYgBt6tKxxWH00XcyDCdW2KlBCeqbQPcsFmWyWugxdcekhYsAWyoSf818NUsZdBWBaR/OukXrNLfkQ79IyZohZbvabO/X+MVT3rriAoKc8oE2Uws6DF+60PV7/WIPjNvXySdqspImSN78mflxDqwLqRBYkA3I75qppLGG9rp7UCdRjxMl8ZDBld+7yvHVgt1cVzJx9xnyGCC23UaicMDSXYrB4I4WHXPGjxhZuCuPBLTdOLU8YRvMYdEvYebWHMpvwGCF6bAx3JBpIeOQ1wDB5y0USicV3YgYGmi+NZfhA4URSh77Yd6uuJOJENRaNVTzk",
-      {
+      "MIIFHDCCAwSgAwIBAgIJANUP8luj8tazMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMTkxMTIyMjAzNzU4WhcNMzQxMTE4MjAzNzU4WjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQBOMaBc8oumXb2voc7XCWnuXKhBBK3e2KMGz39t7lA3XXRe2ZLLAkLM5y3J7tURkf5a1SutfdOyXAmeE6SRo83Uh6WszodmMkxK5GM4JGrnt4pBisu5igXEydaW7qq2CdC6DOGjG+mEkN8/TA6p3cnoL/sPyz6evdjLlSeJ8rFBH6xWyIZCbrcpYEJzXaUOEaxxXxgYz5/cTiVKN2M1G2okQBUIYSY6bjEL4aUN5cfo7ogP3UvliEo3Eo0YgwuzR2v0KR6C1cZqZJSTnghIC/vAD32KdNQ+c3N+vl2OTsUVMC1GiWkngNx1OO1+kXW+YTnnTUOtOIswUP/Vqd5SYgAImMAfY8U9/iIgkQj6T2W6FsScy94IN9fFhE1UtzmLoBIuUFsVXJMTz+Jucth+IqoWFua9v1R93/k98p41pjtFX+H8DslVgfP097vju4KDlqN64xV1grw3ZLl4CiOe/A91oeLm2UHOq6wn3esB4r2EIQKb6jTVGu5sYCcdWpXr0AUVqcABPdgL+H7qJguBw09ojm6xNIrw2OocrDKsudk/okr/AwqEyPKw9WnMlQgLIKw1rODG2NvU9oR3GVGdMkUBZutL8VuFkERQGt6vQ2OCw0sV47VMkuYbacK/xyZFiRcrPJPb41zgbQj9XAEyLKCHex0SdDrx+tWUDqG8At2JHA==",
-        "id" : "ch.nevis.auth.fido.uaf.google-attestation-root-keys",
+      "MIIFHDCCAwSgAwIBAgIJAMNrfES5rhgxMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMjExMTE3MjMxMDQyWhcNMzYxMTEzMjMxMDQyWjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQBTNNZe5cuf8oiq+jV0itTGzWVhSTjOBEk2FQvh11J3o3lna0o7rd8RFHnN00q4hi6TapFhh4qaw/iG6Xg+xOan63niLWIC5GOPFgPeYXM9+nBb3zZzC8ABypYuCusWCmt6Tn3+Pjbz3MTVhRGXuT/TQH4KGFY4PhvzAyXwdjTOCXID+aHud4RLcSySr0Fq/L+R8TWalvM1wJJPhyRjqRCJerGtfBagiALzvhnmY7U1qFcS0NCnKjoO7oFedKdWlZz0YAfu3aGCJd4KHT0MsGiLZez9WP81xYSrKMNEsDK+zK5fVzw6jA7cxmpXcARTnmAuGUeI7VVDhDzKeVOctf3a0qQLwC+d0+xrETZ4r2fRGNw2YEs2W8Qj6oDcfPvq9JySe7pJ6wcHnl5EZ0lwc4xH7Y4Dx9RA1JlfooLMw3tOdJZH0enxPXaydfAD3YifeZpFaUzicHeLzVJLt9dvGB0bHQLE4+EqKFgOZv2EoP686DQqbVS1u+9k0p2xbMA105TBIk7npraa8VM0fnrRKi7wlZKwdH+aNAyhbXRW9xsnODJ+g8eF452zvbiKKngEKirK5LGieoXBX7tZ9D1GNBH2Ob3bKOwwIWdEFle/YF/h6zWgdeoaNGDqVBrLr2+0DtWoiB1aDEjLWl9FmyIUyUm7mD/vFDkzF+wm7cyWpQpCVQ==",
-        "fail_if_unknown" : false,
+      "MIIFHDCCAwSgAwIBAgIJAPHBcqaZ6vUdMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMjIwMzIwMTgwNzQ4WhcNNDIwMzE1MTgwNzQ4WjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQB8cMqTllHc8U+qCrOlg3H7174lmaCsbo/bJ0C17JEgMLb4kvrqsXZs01U3mB/qABg/1t5Pd5AORHARs1hhqGICW/nKMav574f9rZN4PC2ZlufGXb7sIdJpGiO9ctRhiLuYuly10JccUZGEHpHSYM2GtkgYbZba6lsCPYAAP83cyDV+1aOkTf1RCp/lM0PKvmxYN10RYsK631jrleGdcdkxoSK//mSQbgcWnmAEZrzHoF1/0gso1HZgIn0YLzVhLSA/iXCX4QT2h3J5z3znluKG1nv8NQdxei2DIIhASWfu804CA96cQKTTlaae2fweqXjdN1/v2nqOhngNyz1361mFmr4XmaKH/ItTwOe72NI9ZcwS1lVaCvsIkTDCEXdm9rCNPAY10iTunIHFXRh+7KPzlHGewCq/8TOohBRn0/NNfh7uRslOSZ/xKbN9tMBtw37Z8d2vvnXq/YWdsm1+JLVwn6yYD/yacNJBlwpddla8eaVMjsF6nBnIgQOf9zKSe06nSTqvgwUHosgOECZJZ1EuzbH4yswbt02tKtKEFhx+v+OTge/06V+jGsqTWLsfrOCNLuA8H++z+pUENmpqnnHovaI47gC+TNpkgYGkkBT6B/m/U01BuOBBTzhIlMEZq9qkDWuM2cA5kW5V3FJUcfHnw1IdYIg2Wxg7yHcQZemFQg==",
-        "data" : "[ \"MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAQ==\" ]"
+      "MIIC8jCCAdqgAwIBAgIGAZFrLh2fMA0GCSqGSIb3DQEBCwUAMDoxDjAMBgNVBAMMBXRlc3R5MQswCQYDVQQGEwJVUzEbMBkGCSqGSIb3DQEJARYMYWJjQGFjbWUuY29tMB4XDTI0MDgxOTE1MDc1MFoXDTI1MDgxOTE1MDc1MFowOjEOMAwGA1UEAwwFdGVzdHkxCzAJBgNVBAYTAlVTMRswGQYJKoZIhvcNAQkBFgxhYmNAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqitlYBzaxbPF389ZT5xkSS9Le1qdIOuc+dLVpBSWP9PEJhVZROgdOHs5f666iAcBedQm73sew3rpl+02J4fSgGmPkIYm1G2vkIrpt0eB9KzSc0AiLZbrPcFZOLHcOLoqVTfoRhnmAksHDC2f8euNKhCyriK8xlJb/xPfAfCn4r58ZGsQPUS7cJL6FLYh7FjrqfYDS10VOrQvGOALrG5NUj1DdqRq0M+klgs+6oJdUZTtY62BKkWh3N+7moNvrqykpv+ydFUJltgezDcb4Br8Nkw/breSPnomRfyHIcAcfATZcOPJlI8pO0zFZDIz8r7ESMnBhAxNaZgsUhR2XbaqbAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGw5XLY6GeFJMP350+djhcVqAw+E4HZqCJu1BMpYC0qS2D85fFi3gNuV0TnqB52abX1WBDDJK1CA0SPdyo/nX+qQzP6Dba1AVRKpRzdcsDsMDN3eMC08tajHgIIf5tNDv+HGE/MT2br4o5oducmQMOfV1NTJO1xhXYVqbsUnyrq3S6kD9WS8zRl6ruY1rT26eCQ4hTLHPaAiVsoXh5TBRXYCvGlAw7o2d9cmsbySforZ2wgdZwmu43B5eHNnt4NlDxZRyz6iEDP0nT877aB2ffsOKHAkJNuTvF5JSfnVzLmiyfa/7NI1ujfzcpA2UUXoWa7WN0wACiZQot8Zmswonjc=",
-      }
+      "MIIC8jCCAdqgAwIBAgIGAZFrJblQMA0GCSqGSIb3DQEBCwUAMDoxDTALBgNVBAMMBHRlc3QxCzAJBgNVBAYTAkNIMRwwGgYJKoZIhvcNAQkBFg1mYWtlQGFjbWUuY29tMB4XDTI0MDgxOTE0NTg0MFoXDTI1MDgxOTE0NTg0MFowOjENMAsGA1UEAwwEdGVzdDELMAkGA1UEBhMCQ0gxHDAaBgkqhkiG9w0BCQEWDWZha2VAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcWDBNmdq13fYHnhsmLndAW+MfbI6PeU4OenqfbrTtQUxqpyqhP6QccPYKX2SK3JeQo5uuF1jRD/9i9vAXI9NyiMMHSItjt9LjRs7bWnY4lokYGCAcSZooR9fGZX63dBSQo73V7MC8LDFGy5rw6dGDOmh0ktKxFzaT/nav8/Mx8FyG7M9+b5OPIBo2yze5Rd5cdErGJuUYa9No93BBr5tq+JfnmR/gwgCOke97ovhNj+sMu5bt946AxC6t00wNyPNVlJHKi1os0c/pWztTQkoRAx/w0JYKS9Afl0ZnGWQQ5PNLHHecp2GzriBpQAPXq81QTbOh5H7SzvhkaFQ4oxstAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAD8GOaeMDqj2mzMmCqR6Cr3ChkbDAkdsBa5lOAikMKs7/tJyaw8iA5yH0nyobC58Jb61IATuxABPUALhP3RiNsUhnQQF/Dh+6CnCTD/2wsZmr8vUvNqyCLom+xkMT6Wayd9LYW4UONARv1qCLVI4RhiAr5kcomwqZnuj2DRF697lbSQDoz3iuKrCyBYSCBhS+k7UXpqpMyB2D6quRuPqh7JNtMjGSeMiNpMXhx5f4kl1YWb8NU93LDwHFR2kwnGmPA3M272VitcJC4dz3itGRKm9EYGd6d5D7kdC6lqpZPSIopChvXDyVrXjQgckvgtSGKscs6AvYgjthJGsR2z3Eao=",
+      "MIIC8jCCAdqgAwIBAgIGAZFrLh2fMA0GCSqGSIb3DQEBCwUAMDoxDjAMBgNVBAMMBXRlc3R5MQswCQYDVQQGEwJVUzEbMBkGCSqGSIb3DQEJARYMYWJjQGFjbWUuY29tMB4XDTI0MDgxOTE1MDc1MFoXDTI1MDgxOTE1MDc1MFowOjEOMAwGA1UEAwwFdGVzdHkxCzAJBgNVBAYTAlVTMRswGQYJKoZIhvcNAQkBFgxhYmNAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqitlYBzaxbPF389ZT5xkSS9Le1qdIOuc+dLVpBSWP9PEJhVZROgdOHs5f666iAcBedQm73sew3rpl+02J4fSgGmPkIYm1G2vkIrpt0eB9KzSc0AiLZbrPcFZOLHcOLoqVTfoRhnmAksHDC2f8euNKhCyriK8xlJb/xPfAfCn4r58ZGsQPUS7cJL6FLYh7FjrqfYDS10VOrQvGOALrG5NUj1DdqRq0M+klgs+6oJdUZTtY62BKkWh3N+7moNvrqykpv+ydFUJltgezDcb4Br8Nkw/breSPnomRfyHIcAcfATZcOPJlI8pO0zFZDIz8r7ESMnBhAxNaZgsUhR2XbaqbAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGw5XLY6GeFJMP350+djhcVqAw+E4HZqCJu1BMpYC0qS2D85fFi3gNuV0TnqB52abX1WBDDJK1CA0SPdyo/nX+qQzP6Dba1AVRKpRzdcsDsMDN3eMC08tajHgIIf5tNDv+HGE/MT2br4o5oducmQMOfV1NTJO1xhXYVqbsUnyrq3S6kD9WS8zRl6ruY1rT26eCQ4hTLHPaAiVsoXh5TBRXYCvGlAw7o2d9cmsbySforZ2wgdZwmu43B5eHNnt4NlDxZRyz6iEDP0nT877aB2ffsOKHAkJNuTvF5JSfnVzLmiyfa/7NI1ujfzcpA2UUXoWa7WN0wACiZQot8Zmswonjc="
     ],
     "attestationTypes" : [ 15879, 15880 ],
     "upv" : [ {
@@ -63,13 +65,14 @@
     "aaid" : "F1D0#0003",
     "description" : "Android NEVIS Mobile Authentication Biometric Authenticator",
     "assertionScheme" : "UAFV1TLV",
-    "attestationRootCertificates" : [],
+    "attestationRootCertificates" : [
-    "supportedExtensions" : [
+      "MIIFYDCCA0igAwIBAgIJAOj6GWMU0voYMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMTYwNTI2MTYyODUyWhcNMjYwNTI0MTYyODUyWjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaOBpjCBozAdBgNVHQ4EFgQUNmHhAHyIBQlRi0RsR/8aTMnqTxIwHwYDVR0jBBgwFoAUNmHhAHyIBQlRi0RsR/8aTMnqTxIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwQAYDVR0fBDkwNzA1oDOgMYYvaHR0cHM6Ly9hbmRyb2lkLmdvb2dsZWFwaXMuY29tL2F0dGVzdGF0aW9uL2NybC8wDQYJKoZIhvcNAQELBQADggIBACDIw41L3KlXG0aMiS//cqrG+EShHUGo8HNsw30W1kJtjn6UBwRM6jnmiwfBPb8VA91chb2vssAtX2zbTvqBJ9+LBPGCdw/E53Rbf86qhxKaiAHOjpvAy5Y3m00mqC0w/Zwvju1twb4vhLaJ5NkUJYsUS7rmJKHHBnETLi8GFqiEsqTWpG/6ibYCv7rYDBJDcR9W62BW9jfIoBQcxUCUJouMPH25lLNcDc1ssqvC2v7iUgI9LeoM1sNovqPmQUiG9rHli1vXxzCyaMTjwftkJLkf6724DFhuKug2jITV0QkXvaJWF4nUaHOTNA4uJU9WDvZLI1j83A+/xnAJUucIv/zGJ1AMH2boHqF8CY16LpsYgBt6tKxxWH00XcyDCdW2KlBCeqbQPcsFmWyWugxdcekhYsAWyoSf818NUsZdBWBaR/OukXrNLfkQ79IyZohZbvabO/X+MVT3rriAoKc8oE2Uws6DF+60PV7/WIPjNvXySdqspImSN78mflxDqwLqRBYkA3I75qppLGG9rp7UCdRjxMl8ZDBld+7yvHVgt1cVzJx9xnyGCC23UaicMDSXYrB4I4WHXPGjxhZuCuPBLTdOLU8YRvMYdEvYebWHMpvwGCF6bAx3JBpIeOQ1wDB5y0USicV3YgYGmi+NZfhA4URSh77Yd6uuJOJENRaNVTzk",
-      {
+      "MIIFHDCCAwSgAwIBAgIJANUP8luj8tazMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMTkxMTIyMjAzNzU4WhcNMzQxMTE4MjAzNzU4WjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQBOMaBc8oumXb2voc7XCWnuXKhBBK3e2KMGz39t7lA3XXRe2ZLLAkLM5y3J7tURkf5a1SutfdOyXAmeE6SRo83Uh6WszodmMkxK5GM4JGrnt4pBisu5igXEydaW7qq2CdC6DOGjG+mEkN8/TA6p3cnoL/sPyz6evdjLlSeJ8rFBH6xWyIZCbrcpYEJzXaUOEaxxXxgYz5/cTiVKN2M1G2okQBUIYSY6bjEL4aUN5cfo7ogP3UvliEo3Eo0YgwuzR2v0KR6C1cZqZJSTnghIC/vAD32KdNQ+c3N+vl2OTsUVMC1GiWkngNx1OO1+kXW+YTnnTUOtOIswUP/Vqd5SYgAImMAfY8U9/iIgkQj6T2W6FsScy94IN9fFhE1UtzmLoBIuUFsVXJMTz+Jucth+IqoWFua9v1R93/k98p41pjtFX+H8DslVgfP097vju4KDlqN64xV1grw3ZLl4CiOe/A91oeLm2UHOq6wn3esB4r2EIQKb6jTVGu5sYCcdWpXr0AUVqcABPdgL+H7qJguBw09ojm6xNIrw2OocrDKsudk/okr/AwqEyPKw9WnMlQgLIKw1rODG2NvU9oR3GVGdMkUBZutL8VuFkERQGt6vQ2OCw0sV47VMkuYbacK/xyZFiRcrPJPb41zgbQj9XAEyLKCHex0SdDrx+tWUDqG8At2JHA==",
-        "id" : "ch.nevis.auth.fido.uaf.google-attestation-root-keys",
+      "MIIFHDCCAwSgAwIBAgIJAMNrfES5rhgxMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMjExMTE3MjMxMDQyWhcNMzYxMTEzMjMxMDQyWjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQBTNNZe5cuf8oiq+jV0itTGzWVhSTjOBEk2FQvh11J3o3lna0o7rd8RFHnN00q4hi6TapFhh4qaw/iG6Xg+xOan63niLWIC5GOPFgPeYXM9+nBb3zZzC8ABypYuCusWCmt6Tn3+Pjbz3MTVhRGXuT/TQH4KGFY4PhvzAyXwdjTOCXID+aHud4RLcSySr0Fq/L+R8TWalvM1wJJPhyRjqRCJerGtfBagiALzvhnmY7U1qFcS0NCnKjoO7oFedKdWlZz0YAfu3aGCJd4KHT0MsGiLZez9WP81xYSrKMNEsDK+zK5fVzw6jA7cxmpXcARTnmAuGUeI7VVDhDzKeVOctf3a0qQLwC+d0+xrETZ4r2fRGNw2YEs2W8Qj6oDcfPvq9JySe7pJ6wcHnl5EZ0lwc4xH7Y4Dx9RA1JlfooLMw3tOdJZH0enxPXaydfAD3YifeZpFaUzicHeLzVJLt9dvGB0bHQLE4+EqKFgOZv2EoP686DQqbVS1u+9k0p2xbMA105TBIk7npraa8VM0fnrRKi7wlZKwdH+aNAyhbXRW9xsnODJ+g8eF452zvbiKKngEKirK5LGieoXBX7tZ9D1GNBH2Ob3bKOwwIWdEFle/YF/h6zWgdeoaNGDqVBrLr2+0DtWoiB1aDEjLWl9FmyIUyUm7mD/vFDkzF+wm7cyWpQpCVQ==",
-        "fail_if_unknown" : false,
+      "MIIFHDCCAwSgAwIBAgIJAPHBcqaZ6vUdMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMjIwMzIwMTgwNzQ4WhcNNDIwMzE1MTgwNzQ4WjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQB8cMqTllHc8U+qCrOlg3H7174lmaCsbo/bJ0C17JEgMLb4kvrqsXZs01U3mB/qABg/1t5Pd5AORHARs1hhqGICW/nKMav574f9rZN4PC2ZlufGXb7sIdJpGiO9ctRhiLuYuly10JccUZGEHpHSYM2GtkgYbZba6lsCPYAAP83cyDV+1aOkTf1RCp/lM0PKvmxYN10RYsK631jrleGdcdkxoSK//mSQbgcWnmAEZrzHoF1/0gso1HZgIn0YLzVhLSA/iXCX4QT2h3J5z3znluKG1nv8NQdxei2DIIhASWfu804CA96cQKTTlaae2fweqXjdN1/v2nqOhngNyz1361mFmr4XmaKH/ItTwOe72NI9ZcwS1lVaCvsIkTDCEXdm9rCNPAY10iTunIHFXRh+7KPzlHGewCq/8TOohBRn0/NNfh7uRslOSZ/xKbN9tMBtw37Z8d2vvnXq/YWdsm1+JLVwn6yYD/yacNJBlwpddla8eaVMjsF6nBnIgQOf9zKSe06nSTqvgwUHosgOECZJZ1EuzbH4yswbt02tKtKEFhx+v+OTge/06V+jGsqTWLsfrOCNLuA8H++z+pUENmpqnnHovaI47gC+TNpkgYGkkBT6B/m/U01BuOBBTzhIlMEZq9qkDWuM2cA5kW5V3FJUcfHnw1IdYIg2Wxg7yHcQZemFQg==",
-        "data" : "[ \"MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAQ==\" ]"
+      "MIIC8jCCAdqgAwIBAgIGAZFrLh2fMA0GCSqGSIb3DQEBCwUAMDoxDjAMBgNVBAMMBXRlc3R5MQswCQYDVQQGEwJVUzEbMBkGCSqGSIb3DQEJARYMYWJjQGFjbWUuY29tMB4XDTI0MDgxOTE1MDc1MFoXDTI1MDgxOTE1MDc1MFowOjEOMAwGA1UEAwwFdGVzdHkxCzAJBgNVBAYTAlVTMRswGQYJKoZIhvcNAQkBFgxhYmNAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqitlYBzaxbPF389ZT5xkSS9Le1qdIOuc+dLVpBSWP9PEJhVZROgdOHs5f666iAcBedQm73sew3rpl+02J4fSgGmPkIYm1G2vkIrpt0eB9KzSc0AiLZbrPcFZOLHcOLoqVTfoRhnmAksHDC2f8euNKhCyriK8xlJb/xPfAfCn4r58ZGsQPUS7cJL6FLYh7FjrqfYDS10VOrQvGOALrG5NUj1DdqRq0M+klgs+6oJdUZTtY62BKkWh3N+7moNvrqykpv+ydFUJltgezDcb4Br8Nkw/breSPnomRfyHIcAcfATZcOPJlI8pO0zFZDIz8r7ESMnBhAxNaZgsUhR2XbaqbAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGw5XLY6GeFJMP350+djhcVqAw+E4HZqCJu1BMpYC0qS2D85fFi3gNuV0TnqB52abX1WBDDJK1CA0SPdyo/nX+qQzP6Dba1AVRKpRzdcsDsMDN3eMC08tajHgIIf5tNDv+HGE/MT2br4o5oducmQMOfV1NTJO1xhXYVqbsUnyrq3S6kD9WS8zRl6ruY1rT26eCQ4hTLHPaAiVsoXh5TBRXYCvGlAw7o2d9cmsbySforZ2wgdZwmu43B5eHNnt4NlDxZRyz6iEDP0nT877aB2ffsOKHAkJNuTvF5JSfnVzLmiyfa/7NI1ujfzcpA2UUXoWa7WN0wACiZQot8Zmswonjc=",
-      }
+      "MIIC8jCCAdqgAwIBAgIGAZFrJblQMA0GCSqGSIb3DQEBCwUAMDoxDTALBgNVBAMMBHRlc3QxCzAJBgNVBAYTAkNIMRwwGgYJKoZIhvcNAQkBFg1mYWtlQGFjbWUuY29tMB4XDTI0MDgxOTE0NTg0MFoXDTI1MDgxOTE0NTg0MFowOjENMAsGA1UEAwwEdGVzdDELMAkGA1UEBhMCQ0gxHDAaBgkqhkiG9w0BCQEWDWZha2VAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcWDBNmdq13fYHnhsmLndAW+MfbI6PeU4OenqfbrTtQUxqpyqhP6QccPYKX2SK3JeQo5uuF1jRD/9i9vAXI9NyiMMHSItjt9LjRs7bWnY4lokYGCAcSZooR9fGZX63dBSQo73V7MC8LDFGy5rw6dGDOmh0ktKxFzaT/nav8/Mx8FyG7M9+b5OPIBo2yze5Rd5cdErGJuUYa9No93BBr5tq+JfnmR/gwgCOke97ovhNj+sMu5bt946AxC6t00wNyPNVlJHKi1os0c/pWztTQkoRAx/w0JYKS9Afl0ZnGWQQ5PNLHHecp2GzriBpQAPXq81QTbOh5H7SzvhkaFQ4oxstAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAD8GOaeMDqj2mzMmCqR6Cr3ChkbDAkdsBa5lOAikMKs7/tJyaw8iA5yH0nyobC58Jb61IATuxABPUALhP3RiNsUhnQQF/Dh+6CnCTD/2wsZmr8vUvNqyCLom+xkMT6Wayd9LYW4UONARv1qCLVI4RhiAr5kcomwqZnuj2DRF697lbSQDoz3iuKrCyBYSCBhS+k7UXpqpMyB2D6quRuPqh7JNtMjGSeMiNpMXhx5f4kl1YWb8NU93LDwHFR2kwnGmPA3M272VitcJC4dz3itGRKm9EYGd6d5D7kdC6lqpZPSIopChvXDyVrXjQgckvgtSGKscs6AvYgjthJGsR2z3Eao=",
+      "MIIC8jCCAdqgAwIBAgIGAZFrLh2fMA0GCSqGSIb3DQEBCwUAMDoxDjAMBgNVBAMMBXRlc3R5MQswCQYDVQQGEwJVUzEbMBkGCSqGSIb3DQEJARYMYWJjQGFjbWUuY29tMB4XDTI0MDgxOTE1MDc1MFoXDTI1MDgxOTE1MDc1MFowOjEOMAwGA1UEAwwFdGVzdHkxCzAJBgNVBAYTAlVTMRswGQYJKoZIhvcNAQkBFgxhYmNAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqitlYBzaxbPF389ZT5xkSS9Le1qdIOuc+dLVpBSWP9PEJhVZROgdOHs5f666iAcBedQm73sew3rpl+02J4fSgGmPkIYm1G2vkIrpt0eB9KzSc0AiLZbrPcFZOLHcOLoqVTfoRhnmAksHDC2f8euNKhCyriK8xlJb/xPfAfCn4r58ZGsQPUS7cJL6FLYh7FjrqfYDS10VOrQvGOALrG5NUj1DdqRq0M+klgs+6oJdUZTtY62BKkWh3N+7moNvrqykpv+ydFUJltgezDcb4Br8Nkw/breSPnomRfyHIcAcfATZcOPJlI8pO0zFZDIz8r7ESMnBhAxNaZgsUhR2XbaqbAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGw5XLY6GeFJMP350+djhcVqAw+E4HZqCJu1BMpYC0qS2D85fFi3gNuV0TnqB52abX1WBDDJK1CA0SPdyo/nX+qQzP6Dba1AVRKpRzdcsDsMDN3eMC08tajHgIIf5tNDv+HGE/MT2br4o5oducmQMOfV1NTJO1xhXYVqbsUnyrq3S6kD9WS8zRl6ruY1rT26eCQ4hTLHPaAiVsoXh5TBRXYCvGlAw7o2d9cmsbySforZ2wgdZwmu43B5eHNnt4NlDxZRyz6iEDP0nT877aB2ffsOKHAkJNuTvF5JSfnVzLmiyfa/7NI1ujfzcpA2UUXoWa7WN0wACiZQot8Zmswonjc="
     ],
     "attestationTypes" : [ 15879, 15880 ],
     "upv" : [ {
@@ -93,13 +96,14 @@
     "aaid" : "F1D0#0004",
     "description" : "Android NEVIS Mobile Authentication Device Passcode Authenticator",
     "assertionScheme" : "UAFV1TLV",
-    "attestationRootCertificates" : [],
+    "attestationRootCertificates" : [
-    "supportedExtensions" : [
+      "MIIFYDCCA0igAwIBAgIJAOj6GWMU0voYMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMTYwNTI2MTYyODUyWhcNMjYwNTI0MTYyODUyWjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaOBpjCBozAdBgNVHQ4EFgQUNmHhAHyIBQlRi0RsR/8aTMnqTxIwHwYDVR0jBBgwFoAUNmHhAHyIBQlRi0RsR/8aTMnqTxIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwQAYDVR0fBDkwNzA1oDOgMYYvaHR0cHM6Ly9hbmRyb2lkLmdvb2dsZWFwaXMuY29tL2F0dGVzdGF0aW9uL2NybC8wDQYJKoZIhvcNAQELBQADggIBACDIw41L3KlXG0aMiS//cqrG+EShHUGo8HNsw30W1kJtjn6UBwRM6jnmiwfBPb8VA91chb2vssAtX2zbTvqBJ9+LBPGCdw/E53Rbf86qhxKaiAHOjpvAy5Y3m00mqC0w/Zwvju1twb4vhLaJ5NkUJYsUS7rmJKHHBnETLi8GFqiEsqTWpG/6ibYCv7rYDBJDcR9W62BW9jfIoBQcxUCUJouMPH25lLNcDc1ssqvC2v7iUgI9LeoM1sNovqPmQUiG9rHli1vXxzCyaMTjwftkJLkf6724DFhuKug2jITV0QkXvaJWF4nUaHOTNA4uJU9WDvZLI1j83A+/xnAJUucIv/zGJ1AMH2boHqF8CY16LpsYgBt6tKxxWH00XcyDCdW2KlBCeqbQPcsFmWyWugxdcekhYsAWyoSf818NUsZdBWBaR/OukXrNLfkQ79IyZohZbvabO/X+MVT3rriAoKc8oE2Uws6DF+60PV7/WIPjNvXySdqspImSN78mflxDqwLqRBYkA3I75qppLGG9rp7UCdRjxMl8ZDBld+7yvHVgt1cVzJx9xnyGCC23UaicMDSXYrB4I4WHXPGjxhZuCuPBLTdOLU8YRvMYdEvYebWHMpvwGCF6bAx3JBpIeOQ1wDB5y0USicV3YgYGmi+NZfhA4URSh77Yd6uuJOJENRaNVTzk",
-      {
+      "MIIFHDCCAwSgAwIBAgIJANUP8luj8tazMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMTkxMTIyMjAzNzU4WhcNMzQxMTE4MjAzNzU4WjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQBOMaBc8oumXb2voc7XCWnuXKhBBK3e2KMGz39t7lA3XXRe2ZLLAkLM5y3J7tURkf5a1SutfdOyXAmeE6SRo83Uh6WszodmMkxK5GM4JGrnt4pBisu5igXEydaW7qq2CdC6DOGjG+mEkN8/TA6p3cnoL/sPyz6evdjLlSeJ8rFBH6xWyIZCbrcpYEJzXaUOEaxxXxgYz5/cTiVKN2M1G2okQBUIYSY6bjEL4aUN5cfo7ogP3UvliEo3Eo0YgwuzR2v0KR6C1cZqZJSTnghIC/vAD32KdNQ+c3N+vl2OTsUVMC1GiWkngNx1OO1+kXW+YTnnTUOtOIswUP/Vqd5SYgAImMAfY8U9/iIgkQj6T2W6FsScy94IN9fFhE1UtzmLoBIuUFsVXJMTz+Jucth+IqoWFua9v1R93/k98p41pjtFX+H8DslVgfP097vju4KDlqN64xV1grw3ZLl4CiOe/A91oeLm2UHOq6wn3esB4r2EIQKb6jTVGu5sYCcdWpXr0AUVqcABPdgL+H7qJguBw09ojm6xNIrw2OocrDKsudk/okr/AwqEyPKw9WnMlQgLIKw1rODG2NvU9oR3GVGdMkUBZutL8VuFkERQGt6vQ2OCw0sV47VMkuYbacK/xyZFiRcrPJPb41zgbQj9XAEyLKCHex0SdDrx+tWUDqG8At2JHA==",
-        "id" : "ch.nevis.auth.fido.uaf.google-attestation-root-keys",
+      "MIIFHDCCAwSgAwIBAgIJAMNrfES5rhgxMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMjExMTE3MjMxMDQyWhcNMzYxMTEzMjMxMDQyWjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQBTNNZe5cuf8oiq+jV0itTGzWVhSTjOBEk2FQvh11J3o3lna0o7rd8RFHnN00q4hi6TapFhh4qaw/iG6Xg+xOan63niLWIC5GOPFgPeYXM9+nBb3zZzC8ABypYuCusWCmt6Tn3+Pjbz3MTVhRGXuT/TQH4KGFY4PhvzAyXwdjTOCXID+aHud4RLcSySr0Fq/L+R8TWalvM1wJJPhyRjqRCJerGtfBagiALzvhnmY7U1qFcS0NCnKjoO7oFedKdWlZz0YAfu3aGCJd4KHT0MsGiLZez9WP81xYSrKMNEsDK+zK5fVzw6jA7cxmpXcARTnmAuGUeI7VVDhDzKeVOctf3a0qQLwC+d0+xrETZ4r2fRGNw2YEs2W8Qj6oDcfPvq9JySe7pJ6wcHnl5EZ0lwc4xH7Y4Dx9RA1JlfooLMw3tOdJZH0enxPXaydfAD3YifeZpFaUzicHeLzVJLt9dvGB0bHQLE4+EqKFgOZv2EoP686DQqbVS1u+9k0p2xbMA105TBIk7npraa8VM0fnrRKi7wlZKwdH+aNAyhbXRW9xsnODJ+g8eF452zvbiKKngEKirK5LGieoXBX7tZ9D1GNBH2Ob3bKOwwIWdEFle/YF/h6zWgdeoaNGDqVBrLr2+0DtWoiB1aDEjLWl9FmyIUyUm7mD/vFDkzF+wm7cyWpQpCVQ==",
-        "fail_if_unknown" : false,
+      "MIIFHDCCAwSgAwIBAgIJAPHBcqaZ6vUdMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMjIwMzIwMTgwNzQ4WhcNNDIwMzE1MTgwNzQ4WjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQB8cMqTllHc8U+qCrOlg3H7174lmaCsbo/bJ0C17JEgMLb4kvrqsXZs01U3mB/qABg/1t5Pd5AORHARs1hhqGICW/nKMav574f9rZN4PC2ZlufGXb7sIdJpGiO9ctRhiLuYuly10JccUZGEHpHSYM2GtkgYbZba6lsCPYAAP83cyDV+1aOkTf1RCp/lM0PKvmxYN10RYsK631jrleGdcdkxoSK//mSQbgcWnmAEZrzHoF1/0gso1HZgIn0YLzVhLSA/iXCX4QT2h3J5z3znluKG1nv8NQdxei2DIIhASWfu804CA96cQKTTlaae2fweqXjdN1/v2nqOhngNyz1361mFmr4XmaKH/ItTwOe72NI9ZcwS1lVaCvsIkTDCEXdm9rCNPAY10iTunIHFXRh+7KPzlHGewCq/8TOohBRn0/NNfh7uRslOSZ/xKbN9tMBtw37Z8d2vvnXq/YWdsm1+JLVwn6yYD/yacNJBlwpddla8eaVMjsF6nBnIgQOf9zKSe06nSTqvgwUHosgOECZJZ1EuzbH4yswbt02tKtKEFhx+v+OTge/06V+jGsqTWLsfrOCNLuA8H++z+pUENmpqnnHovaI47gC+TNpkgYGkkBT6B/m/U01BuOBBTzhIlMEZq9qkDWuM2cA5kW5V3FJUcfHnw1IdYIg2Wxg7yHcQZemFQg==",
-        "data" : "[ \"MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAQ==\" ]"
+      "MIIC8jCCAdqgAwIBAgIGAZFrLh2fMA0GCSqGSIb3DQEBCwUAMDoxDjAMBgNVBAMMBXRlc3R5MQswCQYDVQQGEwJVUzEbMBkGCSqGSIb3DQEJARYMYWJjQGFjbWUuY29tMB4XDTI0MDgxOTE1MDc1MFoXDTI1MDgxOTE1MDc1MFowOjEOMAwGA1UEAwwFdGVzdHkxCzAJBgNVBAYTAlVTMRswGQYJKoZIhvcNAQkBFgxhYmNAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqitlYBzaxbPF389ZT5xkSS9Le1qdIOuc+dLVpBSWP9PEJhVZROgdOHs5f666iAcBedQm73sew3rpl+02J4fSgGmPkIYm1G2vkIrpt0eB9KzSc0AiLZbrPcFZOLHcOLoqVTfoRhnmAksHDC2f8euNKhCyriK8xlJb/xPfAfCn4r58ZGsQPUS7cJL6FLYh7FjrqfYDS10VOrQvGOALrG5NUj1DdqRq0M+klgs+6oJdUZTtY62BKkWh3N+7moNvrqykpv+ydFUJltgezDcb4Br8Nkw/breSPnomRfyHIcAcfATZcOPJlI8pO0zFZDIz8r7ESMnBhAxNaZgsUhR2XbaqbAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGw5XLY6GeFJMP350+djhcVqAw+E4HZqCJu1BMpYC0qS2D85fFi3gNuV0TnqB52abX1WBDDJK1CA0SPdyo/nX+qQzP6Dba1AVRKpRzdcsDsMDN3eMC08tajHgIIf5tNDv+HGE/MT2br4o5oducmQMOfV1NTJO1xhXYVqbsUnyrq3S6kD9WS8zRl6ruY1rT26eCQ4hTLHPaAiVsoXh5TBRXYCvGlAw7o2d9cmsbySforZ2wgdZwmu43B5eHNnt4NlDxZRyz6iEDP0nT877aB2ffsOKHAkJNuTvF5JSfnVzLmiyfa/7NI1ujfzcpA2UUXoWa7WN0wACiZQot8Zmswonjc=",
-      }
+      "MIIC8jCCAdqgAwIBAgIGAZFrJblQMA0GCSqGSIb3DQEBCwUAMDoxDTALBgNVBAMMBHRlc3QxCzAJBgNVBAYTAkNIMRwwGgYJKoZIhvcNAQkBFg1mYWtlQGFjbWUuY29tMB4XDTI0MDgxOTE0NTg0MFoXDTI1MDgxOTE0NTg0MFowOjENMAsGA1UEAwwEdGVzdDELMAkGA1UEBhMCQ0gxHDAaBgkqhkiG9w0BCQEWDWZha2VAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcWDBNmdq13fYHnhsmLndAW+MfbI6PeU4OenqfbrTtQUxqpyqhP6QccPYKX2SK3JeQo5uuF1jRD/9i9vAXI9NyiMMHSItjt9LjRs7bWnY4lokYGCAcSZooR9fGZX63dBSQo73V7MC8LDFGy5rw6dGDOmh0ktKxFzaT/nav8/Mx8FyG7M9+b5OPIBo2yze5Rd5cdErGJuUYa9No93BBr5tq+JfnmR/gwgCOke97ovhNj+sMu5bt946AxC6t00wNyPNVlJHKi1os0c/pWztTQkoRAx/w0JYKS9Afl0ZnGWQQ5PNLHHecp2GzriBpQAPXq81QTbOh5H7SzvhkaFQ4oxstAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAD8GOaeMDqj2mzMmCqR6Cr3ChkbDAkdsBa5lOAikMKs7/tJyaw8iA5yH0nyobC58Jb61IATuxABPUALhP3RiNsUhnQQF/Dh+6CnCTD/2wsZmr8vUvNqyCLom+xkMT6Wayd9LYW4UONARv1qCLVI4RhiAr5kcomwqZnuj2DRF697lbSQDoz3iuKrCyBYSCBhS+k7UXpqpMyB2D6quRuPqh7JNtMjGSeMiNpMXhx5f4kl1YWb8NU93LDwHFR2kwnGmPA3M272VitcJC4dz3itGRKm9EYGd6d5D7kdC6lqpZPSIopChvXDyVrXjQgckvgtSGKscs6AvYgjthJGsR2z3Eao=",
+      "MIIC8jCCAdqgAwIBAgIGAZFrLh2fMA0GCSqGSIb3DQEBCwUAMDoxDjAMBgNVBAMMBXRlc3R5MQswCQYDVQQGEwJVUzEbMBkGCSqGSIb3DQEJARYMYWJjQGFjbWUuY29tMB4XDTI0MDgxOTE1MDc1MFoXDTI1MDgxOTE1MDc1MFowOjEOMAwGA1UEAwwFdGVzdHkxCzAJBgNVBAYTAlVTMRswGQYJKoZIhvcNAQkBFgxhYmNAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqitlYBzaxbPF389ZT5xkSS9Le1qdIOuc+dLVpBSWP9PEJhVZROgdOHs5f666iAcBedQm73sew3rpl+02J4fSgGmPkIYm1G2vkIrpt0eB9KzSc0AiLZbrPcFZOLHcOLoqVTfoRhnmAksHDC2f8euNKhCyriK8xlJb/xPfAfCn4r58ZGsQPUS7cJL6FLYh7FjrqfYDS10VOrQvGOALrG5NUj1DdqRq0M+klgs+6oJdUZTtY62BKkWh3N+7moNvrqykpv+ydFUJltgezDcb4Br8Nkw/breSPnomRfyHIcAcfATZcOPJlI8pO0zFZDIz8r7ESMnBhAxNaZgsUhR2XbaqbAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGw5XLY6GeFJMP350+djhcVqAw+E4HZqCJu1BMpYC0qS2D85fFi3gNuV0TnqB52abX1WBDDJK1CA0SPdyo/nX+qQzP6Dba1AVRKpRzdcsDsMDN3eMC08tajHgIIf5tNDv+HGE/MT2br4o5oducmQMOfV1NTJO1xhXYVqbsUnyrq3S6kD9WS8zRl6ruY1rT26eCQ4hTLHPaAiVsoXh5TBRXYCvGlAw7o2d9cmsbySforZ2wgdZwmu43B5eHNnt4NlDxZRyz6iEDP0nT877aB2ffsOKHAkJNuTvF5JSfnVzLmiyfa/7NI1ujfzcpA2UUXoWa7WN0wACiZQot8Zmswonjc="
     ],
     "attestationTypes" : [ 15879, 15880 ],
     "upv" : [ {
@@ -123,13 +127,14 @@
     "aaid" : "F1D0#0005",
     "description" : "Android NEVIS Mobile Authentication Password Authenticator",
     "assertionScheme" : "UAFV1TLV",
-    "attestationRootCertificates" : [],
+    "attestationRootCertificates" : [
-    "supportedExtensions" : [
+      "MIIFYDCCA0igAwIBAgIJAOj6GWMU0voYMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMTYwNTI2MTYyODUyWhcNMjYwNTI0MTYyODUyWjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaOBpjCBozAdBgNVHQ4EFgQUNmHhAHyIBQlRi0RsR/8aTMnqTxIwHwYDVR0jBBgwFoAUNmHhAHyIBQlRi0RsR/8aTMnqTxIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwQAYDVR0fBDkwNzA1oDOgMYYvaHR0cHM6Ly9hbmRyb2lkLmdvb2dsZWFwaXMuY29tL2F0dGVzdGF0aW9uL2NybC8wDQYJKoZIhvcNAQELBQADggIBACDIw41L3KlXG0aMiS//cqrG+EShHUGo8HNsw30W1kJtjn6UBwRM6jnmiwfBPb8VA91chb2vssAtX2zbTvqBJ9+LBPGCdw/E53Rbf86qhxKaiAHOjpvAy5Y3m00mqC0w/Zwvju1twb4vhLaJ5NkUJYsUS7rmJKHHBnETLi8GFqiEsqTWpG/6ibYCv7rYDBJDcR9W62BW9jfIoBQcxUCUJouMPH25lLNcDc1ssqvC2v7iUgI9LeoM1sNovqPmQUiG9rHli1vXxzCyaMTjwftkJLkf6724DFhuKug2jITV0QkXvaJWF4nUaHOTNA4uJU9WDvZLI1j83A+/xnAJUucIv/zGJ1AMH2boHqF8CY16LpsYgBt6tKxxWH00XcyDCdW2KlBCeqbQPcsFmWyWugxdcekhYsAWyoSf818NUsZdBWBaR/OukXrNLfkQ79IyZohZbvabO/X+MVT3rriAoKc8oE2Uws6DF+60PV7/WIPjNvXySdqspImSN78mflxDqwLqRBYkA3I75qppLGG9rp7UCdRjxMl8ZDBld+7yvHVgt1cVzJx9xnyGCC23UaicMDSXYrB4I4WHXPGjxhZuCuPBLTdOLU8YRvMYdEvYebWHMpvwGCF6bAx3JBpIeOQ1wDB5y0USicV3YgYGmi+NZfhA4URSh77Yd6uuJOJENRaNVTzk",
-      {
+      "MIIFHDCCAwSgAwIBAgIJANUP8luj8tazMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMTkxMTIyMjAzNzU4WhcNMzQxMTE4MjAzNzU4WjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQBOMaBc8oumXb2voc7XCWnuXKhBBK3e2KMGz39t7lA3XXRe2ZLLAkLM5y3J7tURkf5a1SutfdOyXAmeE6SRo83Uh6WszodmMkxK5GM4JGrnt4pBisu5igXEydaW7qq2CdC6DOGjG+mEkN8/TA6p3cnoL/sPyz6evdjLlSeJ8rFBH6xWyIZCbrcpYEJzXaUOEaxxXxgYz5/cTiVKN2M1G2okQBUIYSY6bjEL4aUN5cfo7ogP3UvliEo3Eo0YgwuzR2v0KR6C1cZqZJSTnghIC/vAD32KdNQ+c3N+vl2OTsUVMC1GiWkngNx1OO1+kXW+YTnnTUOtOIswUP/Vqd5SYgAImMAfY8U9/iIgkQj6T2W6FsScy94IN9fFhE1UtzmLoBIuUFsVXJMTz+Jucth+IqoWFua9v1R93/k98p41pjtFX+H8DslVgfP097vju4KDlqN64xV1grw3ZLl4CiOe/A91oeLm2UHOq6wn3esB4r2EIQKb6jTVGu5sYCcdWpXr0AUVqcABPdgL+H7qJguBw09ojm6xNIrw2OocrDKsudk/okr/AwqEyPKw9WnMlQgLIKw1rODG2NvU9oR3GVGdMkUBZutL8VuFkERQGt6vQ2OCw0sV47VMkuYbacK/xyZFiRcrPJPb41zgbQj9XAEyLKCHex0SdDrx+tWUDqG8At2JHA==",
-        "id" : "ch.nevis.auth.fido.uaf.google-attestation-root-keys",
+      "MIIFHDCCAwSgAwIBAgIJAMNrfES5rhgxMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMjExMTE3MjMxMDQyWhcNMzYxMTEzMjMxMDQyWjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQBTNNZe5cuf8oiq+jV0itTGzWVhSTjOBEk2FQvh11J3o3lna0o7rd8RFHnN00q4hi6TapFhh4qaw/iG6Xg+xOan63niLWIC5GOPFgPeYXM9+nBb3zZzC8ABypYuCusWCmt6Tn3+Pjbz3MTVhRGXuT/TQH4KGFY4PhvzAyXwdjTOCXID+aHud4RLcSySr0Fq/L+R8TWalvM1wJJPhyRjqRCJerGtfBagiALzvhnmY7U1qFcS0NCnKjoO7oFedKdWlZz0YAfu3aGCJd4KHT0MsGiLZez9WP81xYSrKMNEsDK+zK5fVzw6jA7cxmpXcARTnmAuGUeI7VVDhDzKeVOctf3a0qQLwC+d0+xrETZ4r2fRGNw2YEs2W8Qj6oDcfPvq9JySe7pJ6wcHnl5EZ0lwc4xH7Y4Dx9RA1JlfooLMw3tOdJZH0enxPXaydfAD3YifeZpFaUzicHeLzVJLt9dvGB0bHQLE4+EqKFgOZv2EoP686DQqbVS1u+9k0p2xbMA105TBIk7npraa8VM0fnrRKi7wlZKwdH+aNAyhbXRW9xsnODJ+g8eF452zvbiKKngEKirK5LGieoXBX7tZ9D1GNBH2Ob3bKOwwIWdEFle/YF/h6zWgdeoaNGDqVBrLr2+0DtWoiB1aDEjLWl9FmyIUyUm7mD/vFDkzF+wm7cyWpQpCVQ==",
-        "fail_if_unknown" : false,
+      "MIIFHDCCAwSgAwIBAgIJAPHBcqaZ6vUdMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMjIwMzIwMTgwNzQ4WhcNNDIwMzE1MTgwNzQ4WjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1UdIwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQB8cMqTllHc8U+qCrOlg3H7174lmaCsbo/bJ0C17JEgMLb4kvrqsXZs01U3mB/qABg/1t5Pd5AORHARs1hhqGICW/nKMav574f9rZN4PC2ZlufGXb7sIdJpGiO9ctRhiLuYuly10JccUZGEHpHSYM2GtkgYbZba6lsCPYAAP83cyDV+1aOkTf1RCp/lM0PKvmxYN10RYsK631jrleGdcdkxoSK//mSQbgcWnmAEZrzHoF1/0gso1HZgIn0YLzVhLSA/iXCX4QT2h3J5z3znluKG1nv8NQdxei2DIIhASWfu804CA96cQKTTlaae2fweqXjdN1/v2nqOhngNyz1361mFmr4XmaKH/ItTwOe72NI9ZcwS1lVaCvsIkTDCEXdm9rCNPAY10iTunIHFXRh+7KPzlHGewCq/8TOohBRn0/NNfh7uRslOSZ/xKbN9tMBtw37Z8d2vvnXq/YWdsm1+JLVwn6yYD/yacNJBlwpddla8eaVMjsF6nBnIgQOf9zKSe06nSTqvgwUHosgOECZJZ1EuzbH4yswbt02tKtKEFhx+v+OTge/06V+jGsqTWLsfrOCNLuA8H++z+pUENmpqnnHovaI47gC+TNpkgYGkkBT6B/m/U01BuOBBTzhIlMEZq9qkDWuM2cA5kW5V3FJUcfHnw1IdYIg2Wxg7yHcQZemFQg==",
-        "data" : "[ \"MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAQ==\" ]"
+      "MIIC8jCCAdqgAwIBAgIGAZFrLh2fMA0GCSqGSIb3DQEBCwUAMDoxDjAMBgNVBAMMBXRlc3R5MQswCQYDVQQGEwJVUzEbMBkGCSqGSIb3DQEJARYMYWJjQGFjbWUuY29tMB4XDTI0MDgxOTE1MDc1MFoXDTI1MDgxOTE1MDc1MFowOjEOMAwGA1UEAwwFdGVzdHkxCzAJBgNVBAYTAlVTMRswGQYJKoZIhvcNAQkBFgxhYmNAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqitlYBzaxbPF389ZT5xkSS9Le1qdIOuc+dLVpBSWP9PEJhVZROgdOHs5f666iAcBedQm73sew3rpl+02J4fSgGmPkIYm1G2vkIrpt0eB9KzSc0AiLZbrPcFZOLHcOLoqVTfoRhnmAksHDC2f8euNKhCyriK8xlJb/xPfAfCn4r58ZGsQPUS7cJL6FLYh7FjrqfYDS10VOrQvGOALrG5NUj1DdqRq0M+klgs+6oJdUZTtY62BKkWh3N+7moNvrqykpv+ydFUJltgezDcb4Br8Nkw/breSPnomRfyHIcAcfATZcOPJlI8pO0zFZDIz8r7ESMnBhAxNaZgsUhR2XbaqbAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGw5XLY6GeFJMP350+djhcVqAw+E4HZqCJu1BMpYC0qS2D85fFi3gNuV0TnqB52abX1WBDDJK1CA0SPdyo/nX+qQzP6Dba1AVRKpRzdcsDsMDN3eMC08tajHgIIf5tNDv+HGE/MT2br4o5oducmQMOfV1NTJO1xhXYVqbsUnyrq3S6kD9WS8zRl6ruY1rT26eCQ4hTLHPaAiVsoXh5TBRXYCvGlAw7o2d9cmsbySforZ2wgdZwmu43B5eHNnt4NlDxZRyz6iEDP0nT877aB2ffsOKHAkJNuTvF5JSfnVzLmiyfa/7NI1ujfzcpA2UUXoWa7WN0wACiZQot8Zmswonjc=",
-      }
+      "MIIC8jCCAdqgAwIBAgIGAZFrJblQMA0GCSqGSIb3DQEBCwUAMDoxDTALBgNVBAMMBHRlc3QxCzAJBgNVBAYTAkNIMRwwGgYJKoZIhvcNAQkBFg1mYWtlQGFjbWUuY29tMB4XDTI0MDgxOTE0NTg0MFoXDTI1MDgxOTE0NTg0MFowOjENMAsGA1UEAwwEdGVzdDELMAkGA1UEBhMCQ0gxHDAaBgkqhkiG9w0BCQEWDWZha2VAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcWDBNmdq13fYHnhsmLndAW+MfbI6PeU4OenqfbrTtQUxqpyqhP6QccPYKX2SK3JeQo5uuF1jRD/9i9vAXI9NyiMMHSItjt9LjRs7bWnY4lokYGCAcSZooR9fGZX63dBSQo73V7MC8LDFGy5rw6dGDOmh0ktKxFzaT/nav8/Mx8FyG7M9+b5OPIBo2yze5Rd5cdErGJuUYa9No93BBr5tq+JfnmR/gwgCOke97ovhNj+sMu5bt946AxC6t00wNyPNVlJHKi1os0c/pWztTQkoRAx/w0JYKS9Afl0ZnGWQQ5PNLHHecp2GzriBpQAPXq81QTbOh5H7SzvhkaFQ4oxstAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAD8GOaeMDqj2mzMmCqR6Cr3ChkbDAkdsBa5lOAikMKs7/tJyaw8iA5yH0nyobC58Jb61IATuxABPUALhP3RiNsUhnQQF/Dh+6CnCTD/2wsZmr8vUvNqyCLom+xkMT6Wayd9LYW4UONARv1qCLVI4RhiAr5kcomwqZnuj2DRF697lbSQDoz3iuKrCyBYSCBhS+k7UXpqpMyB2D6quRuPqh7JNtMjGSeMiNpMXhx5f4kl1YWb8NU93LDwHFR2kwnGmPA3M272VitcJC4dz3itGRKm9EYGd6d5D7kdC6lqpZPSIopChvXDyVrXjQgckvgtSGKscs6AvYgjthJGsR2z3Eao=",
+      "MIIC8jCCAdqgAwIBAgIGAZFrLh2fMA0GCSqGSIb3DQEBCwUAMDoxDjAMBgNVBAMMBXRlc3R5MQswCQYDVQQGEwJVUzEbMBkGCSqGSIb3DQEJARYMYWJjQGFjbWUuY29tMB4XDTI0MDgxOTE1MDc1MFoXDTI1MDgxOTE1MDc1MFowOjEOMAwGA1UEAwwFdGVzdHkxCzAJBgNVBAYTAlVTMRswGQYJKoZIhvcNAQkBFgxhYmNAYWNtZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqitlYBzaxbPF389ZT5xkSS9Le1qdIOuc+dLVpBSWP9PEJhVZROgdOHs5f666iAcBedQm73sew3rpl+02J4fSgGmPkIYm1G2vkIrpt0eB9KzSc0AiLZbrPcFZOLHcOLoqVTfoRhnmAksHDC2f8euNKhCyriK8xlJb/xPfAfCn4r58ZGsQPUS7cJL6FLYh7FjrqfYDS10VOrQvGOALrG5NUj1DdqRq0M+klgs+6oJdUZTtY62BKkWh3N+7moNvrqykpv+ydFUJltgezDcb4Br8Nkw/breSPnomRfyHIcAcfATZcOPJlI8pO0zFZDIz8r7ESMnBhAxNaZgsUhR2XbaqbAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGw5XLY6GeFJMP350+djhcVqAw+E4HZqCJu1BMpYC0qS2D85fFi3gNuV0TnqB52abX1WBDDJK1CA0SPdyo/nX+qQzP6Dba1AVRKpRzdcsDsMDN3eMC08tajHgIIf5tNDv+HGE/MT2br4o5oducmQMOfV1NTJO1xhXYVqbsUnyrq3S6kD9WS8zRl6ruY1rT26eCQ4hTLHPaAiVsoXh5TBRXYCvGlAw7o2d9cmsbySforZ2wgdZwmu43B5eHNnt4NlDxZRyz6iEDP0nT877aB2ffsOKHAkJNuTvF5JSfnVzLmiyfa/7NI1ujfzcpA2UUXoWa7WN0wACiZQot8Zmswonjc="
     ],
     "attestationTypes" : [ 15879, 15880 ],
     "upv" : [ {
@@ -263,5 +268,4 @@
     "publicKeyAlgAndEncodings" : [ 257 ],
     "tcDisplay" : 1,
     "tcDisplayContentType" : "text/plain"
-  }
+  }]
-]

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido-uaf-v1/var/opt/nevisfido/default/conf/nevisfido.yml

@@ -33,24 +33,21 @@ fido-uaf:
     max-text-length: 2000
   metadata:
     path: "conf/metadata/metadata.json"
-  idm-connection-type: "rest"
+  idm-connection-type: "soap"
   dispatchers:
   - type: "link"
     registration-redeem-url: "https://auth.agov-w.azure.adnovum.net/nevisfido/token/redeem/registration"
     authentication-redeem-url: "https://auth.agov-w.azure.adnovum.net/nevisfido/token/redeem/authentication"
     deregistration-redeem-url: "https://auth.agov-w.azure.adnovum.net/nevisfido/token/redeem/deregistration"
     base-url: "ch.agov.access-t://x-callback-url/authenticate"
-  full-basic-attestation:
+  basic-full-attestation:
     android-verification-level: "default"
-    android-permissive-mode-enabled: false
-    android-attestation-key-revocation:
-      reload-interval: "21600s"
   authorization:
     registration:
       type: "sectoken"
-      truststore: "/var/opt/keys/trust/ob-fido-uaf-v1-default-signer-trust/truststore.p12"
+      truststore: "/var/opt/keys/trust/ob-auth-signer-trust-store/truststore.p12"
       truststore-type: "pkcs12"
-      truststore-passphrase: "${exec:/var/opt/keys/trust/ob-fido-uaf-v1-default-signer-trust/keypass}"
+      truststore-passphrase: "${exec:/var/opt/keys/trust/ob-auth-signer-trust-store/keypass}"
       username-attribute-names:
       - "loginId"
       - "userid"
@@ -58,17 +55,17 @@ fido-uaf:
       type: "none"
     deregistration:
       type: "sectoken"
-      truststore: "/var/opt/keys/trust/ob-fido-uaf-v1-default-signer-trust/truststore.p12"
+      truststore: "/var/opt/keys/trust/ob-auth-signer-trust-store/truststore.p12"
       truststore-type: "pkcs12"
-      truststore-passphrase: "${exec:/var/opt/keys/trust/ob-fido-uaf-v1-default-signer-trust/keypass}"
+      truststore-passphrase: "${exec:/var/opt/keys/trust/ob-auth-signer-trust-store/keypass}"
       username-attribute-names:
       - "loginId"
       - "userid"
     create-dispatch-target:
       type: "sectoken"
-      truststore: "/var/opt/keys/trust/ob-fido-uaf-v1-default-signer-trust/truststore.p12"
+      truststore: "/var/opt/keys/trust/ob-auth-signer-trust-store/truststore.p12"
       truststore-type: "pkcs12"
-      truststore-passphrase: "${exec:/var/opt/keys/trust/ob-fido-uaf-v1-default-signer-trust/keypass}"
+      truststore-passphrase: "${exec:/var/opt/keys/trust/ob-auth-signer-trust-store/keypass}"
       username-attribute-names:
       - "loginId"
       - "userid"
@@ -76,30 +73,30 @@ fido-uaf:
       type: "none"
     delete-dispatch-target:
       type: "sectoken"
-      truststore: "/var/opt/keys/trust/ob-fido-uaf-v1-default-signer-trust/truststore.p12"
+      truststore: "/var/opt/keys/trust/ob-auth-signer-trust-store/truststore.p12"
       truststore-type: "pkcs12"
-      truststore-passphrase: "${exec:/var/opt/keys/trust/ob-fido-uaf-v1-default-signer-trust/keypass}"
+      truststore-passphrase: "${exec:/var/opt/keys/trust/ob-auth-signer-trust-store/keypass}"
       username-attribute-names:
       - "userid"
 session-repository:
   type: "sql"
   jdbc-url: "jdbc:mariadb://mariadb-session-store-service.adn-agov-nevisidm-ob-01-uat:3306/nevisfido_uaf?sslMode=disable&autocommit=true"
+  max-connection-lifetime: "10m"
   user: "${exec:/var/opt/nevisfido/default/conf/credentials/dbUser}"
   password: "${exec:/var/opt/nevisfido/default/conf/credentials/dbPassword}"
+  schema-user: ""
+  schema-user-password: ""
   automatic-db-schema-setup: false
-  max-connection-lifetime: "1800s"
-  connection-timeout: "30s"
-  min-connection-pool-size: 10
-  max-connection-pool-size: 10
-  max-connection-idle-time: "600s"
 credential-repository:
   type: "nevisidm"
   client-id: "cfa9c9b9-119f-4dff-9bb8-86d7c0cf2720"
   user-attribute: "extId"
-  rest-url: "https://idm.adn-agov-nevisidm-admin-01-uat:8989/nevisidm"
+  administration-url: "https://idm.adn-agov-nevisidm-01-uat:8989/nevisidm/services/v1_46/AdminService"
-  keystore: "/var/opt/keys/own/ob-fido-uaf-v1-default-client-identity/keystore.p12"
+  admin-service-version: "v1_46"
+  rest-url: "https://idm.adn-agov-nevisidm-01-uat:8989/nevisidm"
+  keystore: "/var/opt/keys/own/nevisfido-techuser-key/keystore.p12"
   keystore-type: "pkcs12"
-  keystore-passphrase: "${exec:/var/opt/keys/own/ob-fido-uaf-v1-default-client-identity/keypass}"
+  keystore-passphrase: "${exec:/var/opt/keys/own/nevisfido-techuser-key/keypass}"
   truststore: "/var/opt/keys/trust/ob-fido-uaf-v1-agov-work-internal-trust-store/truststore.p12"
   truststore-type: "pkcs12"
   truststore-passphrase: "${exec:/var/opt/keys/trust/ob-fido-uaf-v1-agov-work-internal-trust-store/keypass}"

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido-uaf-v1/var/opt/nevisfido/default/conf/otel.properties

@@ -1,5 +1,4 @@
 otel.service.name = ob-fido-uaf
-otel.traces.sampler = always_on
 otel.traces.exporter = none
 otel.metrics.exporter = none
 otel.logs.exporter = none

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido2-v1/etc/nevis/k8s-ob-fido2-a2d03bb46b87b90160dc83d7.yaml

@@ -11,8 +11,8 @@ metadata:
 spec:
   type: "NevisFIDO"
   replicas: 1
-  version: "8.2505.5"
+  version: "8.2411.1"
-  gitInitVersion: "1.4.0"
+  gitInitVersion: "1.3.0"
   runAsNonRoot: true
   ports:
     management: 9089
@@ -40,18 +40,16 @@ spec:
     management:
       httpGet:
         path: "/nevisfido/health"
-      initialDelaySeconds: 30
       periodSeconds: 5
       timeoutSeconds: 6
-      failureThreshold: 30
+      failureThreshold: 50
   podDisruptionBudget:
     maxUnavailable: "50%"
   git:
-    tag: "r-69708a47aa5312498a4e703772715421ce56ae7b"
+    tag: "r-ce13d286f79a538141a71c20083a157bcab70b61"
     dir: "DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido2-v1"
     credentials: "git-credentials"
   keystores:
-  - "ob-fido2-v1-default-client-identity"
   - "ob-fido2-v1-default-identity"
   truststores:
   - "ob-fido2-v1-default-tls-client-trust"

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido2-v1/etc/nevis/k8s-ob-fido2-v1-default-client-identity-a2d03bb46b87b90160dc83d7.yaml

@@ -1,18 +0,0 @@
-apiVersion: "operator.nevis-security.ch/v1"
-kind: "NevisKeyStore"
-metadata:
-  name: "ob-fido2-v1-default-client-identity"
-  namespace: "adn-agov-nevisidm-ob-01-uat"
-  labels:
-    deploymentTarget: "ob-fido2-v1"
-  annotations:
-    projectKey: "DEFAULT-ADN-AGOV-WORK-OB-PROJECT"
-    patternId: "a2d03bb46b87b90160dc83d7"
-spec:
-  cn: "ob-fido2-v1"
-  usage: "<reserved for future use>"
-  san:
-    dns:
-    - "ob-fido2-v1"
-    - "ob-fido2-v1.adn-agov-nevisidm-ob-01-uat"
-    email: []

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido2-v1/var/opt/keys/own/nevisfido-techuser-key/cert.pem

@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIIC6TCCAo+gAwIBAgIQfcfd9dgdKT/5gdDbpAiKlDAKBggqhkjOPQQDAjAYMRYw
+FAYDVQQDEw1zZWxmc2lnbmVkLWNhMB4XDTI0MDUwNTE1NTAzOFoXDTI1MDUwNTE1
+NTAzOFowWDELMAkGA1UEBhMCQ0gxDDAKBgNVBAgTA0s4UzEMMAoGA1UEBxMDSzhT
+MQwwCgYDVQQKEwNLOFMxDDAKBgNVBAsTA0s4UzERMA8GA1UEAxMIZmlkby11YWYw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWcQPIzUN2zbPkB3yISIGw
+mDAd285YKm/ZLbE4WWw2SIHhjfh0XoYZ6QvLMENWcC8/iOX/6g6upQnYegzZKlST
+Lix0zJjEbtMlK8fITiPhwziWPSOeqtuW66Rj+13G6kKYVtZ8vviu73LBDkXKHSNi
+g4knNgACJpIItiDhOmtmD3Wsb8JAIQ161m7D3i2jr/kqBFKLc2DXcCHYSwxBXu3A
+99iqWxoHfprL/L7RfxBo7mKbk+xjRvw6wFHBb76m6hd8fe4yg3g9zZTsZ5KeKqtA
+8NT7CTG26F/MEBEmreU6NcNP62sYBkQiY+K5WweUs5qnDCAUPz+Upu0lX49ZDsvZ
+AgMBAAGjga8wgawwDgYDVR0PAQH/BAQDAgeAMB0GA1UdJQQWMBQGCCsGAQUFBwMB
+BggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFPthGhYiMfCS8WJz
+C+TRPH/IDi5RMEwGA1UdEQRFMEOCCGZpZG8tdWFmgiFmaWRvLXVhZi5hZG4tYWdv
+di1uZXZpc2lkbS0wMS11YXSBFG5vcmVwbHlAbG9jYWwuZG9tYWluMAoGCCqGSM49
+BAMCA0gAMEUCIBCueTTUwnN53/dIs6W4FpbFtF/wkAhYjLZGuKgY08ZAAiEA9VFz
+WoaxaINHqGPR10Sh1hqeuCHRzHxnQUt07sZf2DU=
+-----END CERTIFICATE-----

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido2-v1/var/opt/keys/own/nevisfido-techuser-key/key.pem

@@ -0,0 +1,30 @@
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIIFKzBVBgkqhkiG9w0BBQ0wSDAnBgkqhkiG9w0BBQwwGgQUA8Ytt1cRwiCjGKC1
+2OMoR6wY3WECAggAMB0GCWCGSAFlAwQBKgQQFK48c+H7S8tVJ5n3O1UdwwSCBNAu
+o9BbycGa6LAWyjEK77S3eyKkNHatAaPE+yKklEN22HY9GOTId9wnhyQ0pZgan9ml
+VtHxyz0ExfveT8gajbyV4ezE/OXVFsmx+i1P0aIRCHHRCY0MVbZFgBEhLH73EJVn
+E/+3RUEjz9XJphCDK/Bg2DhYpPN1WnplksRSRCcpsSw7U5qfmbfb2T5ZLmho1oJr
+M6kU+gvtqJ+cZ+rMT7zpDLDz6bzT6O2HRPl4MuvzbrSg5nbBlAnW2kVZzguIqqc9
+9KiY6sKziYhGSdPwJEcek/VyMVJm8gn1Bz4CQdKOrVGIOstSSoXYClCUjOLowL6F
+MxGk25NJJBUy2uApfOQOIs5vvgu55CY1JRcQwL4dSy+5Ueqcw3VG17ExfFqGk5cZ
+b001DIdiL+ResgwvHdrC5mwKZ1mtjLGnX8uL6Uch3C+ullPU592yUXnDsFZn9An1
+UDCjFCbtUFKAi6TcYf3yOCMgfa3iAzhae7CIvC7I9JVJjA8MyNTlWgAqGeM2HalI
+84TEb09r8KotqtlAvD8Hs5uO4Iwf/sjOhSxP2SIG016oXU8KsH8pGvlYyLfA1WkX
+uI+46zAk1AHoAEiTox9tNtWYnIeGukbNBkNuzeWkS56GEZJto6ji7DIj3xsBnhJt
+3ciJnUR46z0SyofDexU60dsduliMeExVe2qde8XS3oKcOnTLBtCHxgIb8T73Zr22
+VkYPcjRF8Aur207DThKJ+D2dRQ0DTj+DBeT1q5gTCAwZUb/tuwEw9CEBGmy9wR5C
+C3M2auRL9QHaXU+kKpnbFPI4xkonJbLCC/VWE/qY60wsHdrL9TFuBOw4Mt+Q/gjC
+w8Vi1V+/2DBIIums/teBbLeeEy/B97k8N5lJwCcp8mGiAl/hXQfHbetksObWNqpj
+V4zl7NCylTgyh2UqzZtQQGLeBT3Q1u4EaQIPt8xwxLrR+wne6wjuLGaM4OqKOVUa
+gWdXdi55q0S1aluqoHTWK0VYy+5BMpBgHREpnZDtAJ06YljAmRk2j8IjFrZi1COK
+quL+Uj6g1iBy2zUZYMLUb73I3f8VX7Qmps0iCrNAwpJjpsWYJOf+HzJFgC+YiYs0
+J1uJcm5ypggCDSP4PRDgvbcs7pIkbQFHZQ1Y7EesX4m61f7Xc72J6Y4lNRfhEjKP
+c2n8XDj6dkxtEDsmegrGfDmUZ9z6PjKjMRWUxHMQIs2FxnCbdZuoDX3IN5EJtW3w
+iEAmOYCcV4Vep4Vckfwz6aTSfbmwmDcH56yYckDBQq2bCuySOgdSUUWXn+MshTUW
+Ef+LvCW0BSqz4p3D0vBySnauzh9YCbva7b9ibuhavwB+Ys2Qn2cWfzcvUPqmXUOb
+mnkq3k9FjgKM4vej7FxdbCffeU8tiAuYSKFZS/CiZU8Qoqy75BwT4bxa7Qfvdmgk
+NkzCkyGV9xYlCiT1gqbX6XU9bmotUuP3VSSO7ehpMW0k99W6ml/NJqEBmZ0f9/Ax
+qaYheAy+9TtHbcSLOcZj6+7SYZNsvayE3HKnGCuKV0TgSi9VOQLZ6QDxkNU/3oHo
+I2g49KDqyvvx/BmZwEKnFsDpKLluCklwLUf8qKm+Kji8W95+JQC2k3qumIZ6Ao8Z
+OKoJStGgA8ZjuENxatZJk42BI++oNZOBA08uKvW1Mw==
+-----END ENCRYPTED PRIVATE KEY-----

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido2-v1/var/opt/keys/own/nevisfido-techuser-key/keypass

@@ -0,0 +1,2 @@
+#!/bin/bash
+echo 'Hsk+IJIkp1oGu8i1S+w6p2QMDB+9WFSNjNlSYdUCfA8='

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido2-v1/var/opt/keys/own/nevisfido-techuser-key/keystore.pem

@@ -0,0 +1,49 @@
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIIFKzBVBgkqhkiG9w0BBQ0wSDAnBgkqhkiG9w0BBQwwGgQUA8Ytt1cRwiCjGKC1
+2OMoR6wY3WECAggAMB0GCWCGSAFlAwQBKgQQFK48c+H7S8tVJ5n3O1UdwwSCBNAu
+o9BbycGa6LAWyjEK77S3eyKkNHatAaPE+yKklEN22HY9GOTId9wnhyQ0pZgan9ml
+VtHxyz0ExfveT8gajbyV4ezE/OXVFsmx+i1P0aIRCHHRCY0MVbZFgBEhLH73EJVn
+E/+3RUEjz9XJphCDK/Bg2DhYpPN1WnplksRSRCcpsSw7U5qfmbfb2T5ZLmho1oJr
+M6kU+gvtqJ+cZ+rMT7zpDLDz6bzT6O2HRPl4MuvzbrSg5nbBlAnW2kVZzguIqqc9
+9KiY6sKziYhGSdPwJEcek/VyMVJm8gn1Bz4CQdKOrVGIOstSSoXYClCUjOLowL6F
+MxGk25NJJBUy2uApfOQOIs5vvgu55CY1JRcQwL4dSy+5Ueqcw3VG17ExfFqGk5cZ
+b001DIdiL+ResgwvHdrC5mwKZ1mtjLGnX8uL6Uch3C+ullPU592yUXnDsFZn9An1
+UDCjFCbtUFKAi6TcYf3yOCMgfa3iAzhae7CIvC7I9JVJjA8MyNTlWgAqGeM2HalI
+84TEb09r8KotqtlAvD8Hs5uO4Iwf/sjOhSxP2SIG016oXU8KsH8pGvlYyLfA1WkX
+uI+46zAk1AHoAEiTox9tNtWYnIeGukbNBkNuzeWkS56GEZJto6ji7DIj3xsBnhJt
+3ciJnUR46z0SyofDexU60dsduliMeExVe2qde8XS3oKcOnTLBtCHxgIb8T73Zr22
+VkYPcjRF8Aur207DThKJ+D2dRQ0DTj+DBeT1q5gTCAwZUb/tuwEw9CEBGmy9wR5C
+C3M2auRL9QHaXU+kKpnbFPI4xkonJbLCC/VWE/qY60wsHdrL9TFuBOw4Mt+Q/gjC
+w8Vi1V+/2DBIIums/teBbLeeEy/B97k8N5lJwCcp8mGiAl/hXQfHbetksObWNqpj
+V4zl7NCylTgyh2UqzZtQQGLeBT3Q1u4EaQIPt8xwxLrR+wne6wjuLGaM4OqKOVUa
+gWdXdi55q0S1aluqoHTWK0VYy+5BMpBgHREpnZDtAJ06YljAmRk2j8IjFrZi1COK
+quL+Uj6g1iBy2zUZYMLUb73I3f8VX7Qmps0iCrNAwpJjpsWYJOf+HzJFgC+YiYs0
+J1uJcm5ypggCDSP4PRDgvbcs7pIkbQFHZQ1Y7EesX4m61f7Xc72J6Y4lNRfhEjKP
+c2n8XDj6dkxtEDsmegrGfDmUZ9z6PjKjMRWUxHMQIs2FxnCbdZuoDX3IN5EJtW3w
+iEAmOYCcV4Vep4Vckfwz6aTSfbmwmDcH56yYckDBQq2bCuySOgdSUUWXn+MshTUW
+Ef+LvCW0BSqz4p3D0vBySnauzh9YCbva7b9ibuhavwB+Ys2Qn2cWfzcvUPqmXUOb
+mnkq3k9FjgKM4vej7FxdbCffeU8tiAuYSKFZS/CiZU8Qoqy75BwT4bxa7Qfvdmgk
+NkzCkyGV9xYlCiT1gqbX6XU9bmotUuP3VSSO7ehpMW0k99W6ml/NJqEBmZ0f9/Ax
+qaYheAy+9TtHbcSLOcZj6+7SYZNsvayE3HKnGCuKV0TgSi9VOQLZ6QDxkNU/3oHo
+I2g49KDqyvvx/BmZwEKnFsDpKLluCklwLUf8qKm+Kji8W95+JQC2k3qumIZ6Ao8Z
+OKoJStGgA8ZjuENxatZJk42BI++oNZOBA08uKvW1Mw==
+-----END ENCRYPTED PRIVATE KEY-----
+
+-----BEGIN CERTIFICATE-----
+MIIC6TCCAo+gAwIBAgIQfcfd9dgdKT/5gdDbpAiKlDAKBggqhkjOPQQDAjAYMRYw
+FAYDVQQDEw1zZWxmc2lnbmVkLWNhMB4XDTI0MDUwNTE1NTAzOFoXDTI1MDUwNTE1
+NTAzOFowWDELMAkGA1UEBhMCQ0gxDDAKBgNVBAgTA0s4UzEMMAoGA1UEBxMDSzhT
+MQwwCgYDVQQKEwNLOFMxDDAKBgNVBAsTA0s4UzERMA8GA1UEAxMIZmlkby11YWYw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWcQPIzUN2zbPkB3yISIGw
+mDAd285YKm/ZLbE4WWw2SIHhjfh0XoYZ6QvLMENWcC8/iOX/6g6upQnYegzZKlST
+Lix0zJjEbtMlK8fITiPhwziWPSOeqtuW66Rj+13G6kKYVtZ8vviu73LBDkXKHSNi
+g4knNgACJpIItiDhOmtmD3Wsb8JAIQ161m7D3i2jr/kqBFKLc2DXcCHYSwxBXu3A
+99iqWxoHfprL/L7RfxBo7mKbk+xjRvw6wFHBb76m6hd8fe4yg3g9zZTsZ5KeKqtA
+8NT7CTG26F/MEBEmreU6NcNP62sYBkQiY+K5WweUs5qnDCAUPz+Upu0lX49ZDsvZ
+AgMBAAGjga8wgawwDgYDVR0PAQH/BAQDAgeAMB0GA1UdJQQWMBQGCCsGAQUFBwMB
+BggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFPthGhYiMfCS8WJz
+C+TRPH/IDi5RMEwGA1UdEQRFMEOCCGZpZG8tdWFmgiFmaWRvLXVhZi5hZG4tYWdv
+di1uZXZpc2lkbS0wMS11YXSBFG5vcmVwbHlAbG9jYWwuZG9tYWluMAoGCCqGSM49
+BAMCA0gAMEUCIBCueTTUwnN53/dIs6W4FpbFtF/wkAhYjLZGuKgY08ZAAiEA9VFz
+WoaxaINHqGPR10Sh1hqeuCHRzHxnQUt07sZf2DU=
+-----END CERTIFICATE-----

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido2-v1/var/opt/nevisfido/default/conf/env.conf

@@ -6,5 +6,5 @@ JAVA_OPTS=(
     "-javaagent:/opt/agent/opentelemetry-javaagent.jar"
     "-Dotel.javaagent.logging=application"
     "-Dotel.javaagent.configuration-file=/var/opt/nevisfido/default/conf/otel.properties"
-    "-Dotel.resource.attributes=service.version=8.2505.5,service.instance.id=$HOSTNAME"
+    "-Dotel.resource.attributes=service.version=8.2411.1,service.instance.id=$HOSTNAME"
 )

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido2-v1/var/opt/nevisfido/default/conf/nevisfido.yml

@@ -1,22 +1,3 @@
-fido2:
-  enabled: true
-  user-presence-requirement: "always"
-  rp-name: "AGOV-RelPartName"
-  rp-id: "adnovum.net"
-  origins:
-  - "https://me.agov-w.azure.adnovum.net"
-  - "https://nevisidm.agov-w.azure.adnovum.net"
-  - "https://auth.agov-w.azure.adnovum.net"
-  - "https://ob.agov-w.azure.adnovum.net"
-  signature-algorithms:
-  - "ES256"
-  - "EdDSA"
-  display-name-source: "loginId"
-  metadata:
-    allow-listing-enabled: false
-  timeout:
-    user-verification: "300s"
-    no-user-verification: "120s"
 server:
   port: 9443
   protocol: "https"
@@ -35,13 +16,36 @@ management:
 credential-repository:
   type: "nevisidm"
   client-id: "cfa9c9b9-119f-4dff-9bb8-86d7c0cf2720"
-  rest-url: "https://idm.adn-agov-nevisidm-admin-01-uat:8989/nevisidm"
+  rest-url: "https://idm.adn-agov-nevisidm-01-uat:8989/nevisidm"
-  keystore: "/var/opt/keys/own/ob-fido2-v1-default-client-identity/keystore.p12"
+  keystore: "/var/opt/keys/own/nevisfido-techuser-key/keystore.p12"
-  keystore-passphrase: "${exec:/var/opt/keys/own/ob-fido2-v1-default-client-identity/keypass}"
+  keystore-passphrase: "${exec:/var/opt/keys/own/nevisfido-techuser-key/keypass}"
   keystore-type: "pkcs12"
   truststore: "/var/opt/keys/trust/ob-fido2-v1-agov-work-internal-trust-store/truststore.p12"
   truststore-passphrase: "${exec:/var/opt/keys/trust/ob-fido2-v1-agov-work-internal-trust-store/keypass}"
   truststore-type: "pkcs12"
   user-attribute: "extId"
+fido2:
+  enabled: true
+  rp-name: "AGOV-RelPartName"
+  rp-id: "adnovum.net"
+  origins:
+  - "https://me.agov-w.azure.adnovum.net"
+  - "https://nevisidm.agov-w.azure.adnovum.net"
+  - "https://auth.agov-w.azure.adnovum.net"
+  - "https://ob.agov-w.azure.adnovum.net"
+  signature-algorithms:
+  - "RS1"
+  - "RS256"
+  - "RS384"
+  - "RS512"
+  - "ES256"
+  - "ES384"
+  - "ES512"
+  display-name-source: "loginId"
+  metadata:
+    allow-listing-enabled: false
+  timeout:
+    user-verification: "300s"
+    no-user-verification: "120s"
 session-repository:
   type: "in-memory"

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-fido2-v1/var/opt/nevisfido/default/conf/otel.properties

@@ -1,5 +1,4 @@
 otel.service.name = ob-fido2
-otel.traces.sampler = always_on
 otel.traces.exporter = none
 otel.metrics.exporter = none
 otel.logs.exporter = none

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/etc/nevis/k8s-ob-logrend-bed300e1196a171ca12db431.yaml

@@ -11,8 +11,8 @@ metadata:
 spec:
   type: "NevisLogrend"
   replicas: 1
-  version: "8.2505.5"
+  version: "8.2411.1"
-  gitInitVersion: "1.4.0"
+  gitInitVersion: "1.3.0"
   runAsNonRoot: true
   ports:
     server: 8988
@@ -38,14 +38,13 @@ spec:
   startupProbe:
     server:
       tcpSocket: true
-      initialDelaySeconds: 30
       periodSeconds: 5
       timeoutSeconds: 4
-      failureThreshold: 30
+      failureThreshold: 50
   podDisruptionBudget:
     maxUnavailable: "50%"
   git:
-    tag: "r-7188c402aab16fcbb1e1435446513b8abc18de8e"
+    tag: "r-1c2c7885c3bbd904e080922c99d4a254fdc92559"
     dir: "DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1"
     credentials: "git-credentials"
   podSecurity:

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/conf/env.conf

@@ -10,5 +10,5 @@ JAVA_OPTS=(
     "-javaagent:/opt/agent/opentelemetry-javaagent.jar"
     "-Dotel.javaagent.logging=application"
     "-Dotel.javaagent.configuration-file=/var/opt/nevislogrend/default/conf/otel.properties"
-    "-Dotel.resource.attributes=service.version=8.2505.5,service.instance.id=$HOSTNAME"
+    "-Dotel.resource.attributes=service.version=8.2411.1,service.instance.id=$HOSTNAME"
 )

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/conf/mimetype.properties

@@ -1,5 +1,3 @@
-
 ico=image/x-icon
-json=application/json
 woff=font/woff
 woff2=font/woff2

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/conf/otel.properties

@@ -1,5 +1,4 @@
 otel.service.name = ob-logrend
-otel.traces.sampler = always_on
 otel.traces.exporter = none
 otel.metrics.exporter = none
 otel.logs.exporter = none

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/resources/conf/text.properties

@@ -1,4 +1,5 @@
 
+button.submit=Submit
 error.policy.failed=The new password does not comply with the policy.
 info.login=Please enter your authentication information.
 info.signup.passwordless=Log in quickly and securely next time using this device's fingerprint, face recognition, or PIN.
@@ -17,7 +18,6 @@ pwreset.done.info=Your password was successfully changed. Please click on contin
 pwreset.email.sent=If your user ID exists, an email to reset your password has been sent to you.
 pwreset.info.linktext=Password forgotten
 pwreset.noticket=Your password reset link is no longer valid. Please generate a new one.
-submit.button.label=Submit
 title=NEVIS SSO Portal
 title.login=Login
 title.pwchange.label=Password Change

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/resources/conf/text_de.properties

@@ -1,4 +1,5 @@
 
+button.submit=Senden
 error.policy.failed=Das neue Passwort stimmt nicht mit der Richtlinie überein.
 info.login=Bitte geben Sie Ihre persönlichen Zugangsdaten ein.
 info.signup.passwordless=Melden Sie sich beim nächsten Mal schnell und sicher mit dem Fingerabdruck, der Gesichtserkennung oder der PIN dieses Geräts an.
@@ -17,7 +18,6 @@ pwreset.done.info=Ihr Passwort wurde erfolgreich geändert. Bitte klicken Si
 pwreset.email.sent=Wenn Ihre Benutzer-ID existiert, haben Sie eine E-Mail erhalten, um Ihr Passwort zurückzusetzen..
 pwreset.info.linktext=Passwort vergessen
 pwreset.noticket=Ihr Link ist nicht mehr gültig. Bitte generieren Sie ein Neuen.
-submit.button.label=Senden
 title=NEVIS SSO Portal
 title.login=Login
 title.pwchange.label=Passwort ändern

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/resources/conf/text_en.properties

@@ -1,4 +1,5 @@
 
+button.submit=Submit
 error.policy.failed=The new password does not comply with the policy.
 info.login=Please enter your authentication information.
 info.signup.passwordless=Log in quickly and securely next time using this device's fingerprint, face recognition, or PIN.
@@ -17,7 +18,6 @@ pwreset.done.info=Your password was successfully changed. Please click on contin
 pwreset.email.sent=If your user ID exists, an email to reset your password has been sent to you.
 pwreset.info.linktext=Password forgotten
 pwreset.noticket=Your password reset link is no longer valid. Please generate a new one.
-submit.button.label=Submit
 title=NEVIS SSO Portal
 title.login=Login
 title.pwchange.label=Password Change

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/resources/conf/text_fr.properties

@@ -1,4 +1,5 @@
 
+button.submit=Envoyer
 error.policy.failed=Votre nouveau mot de passe ne conforme pas aux mesures de sécurité
 info.login=Veuillez entrer vos éléments de sécurité ci-après.
 info.signup.passwordless=Connectez-vous rapidement et en toute sécurité la prochaine fois en utilisant l'empreinte digitale, la reconnaissance faciale ou le code PIN de cet appareil.
@@ -17,7 +18,6 @@ pwreset.done.info=Votre mot de passe a été chang&eacute avec succ&
 pwreset.email.sent=Si votre identifiant n'existe pas, vous avez reçu un courriel pour réinitialiser votre mot de passe.
 pwreset.info.linktext=Mot de passe oublié
 pwreset.noticket=Votre lien n'est plus valide. Veuillez en générer un nouveau.
-submit.button.label=Envoyer
 title=NEVIS SSO Portal
 title.login=Login
 title.pwchange.label=Changer mot de passe

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/resources/conf/text_it.properties

@@ -1,4 +1,5 @@
 
+button.submit=Continua
 error.policy.failed=La nuova password non è stata accettata. Scegliere una password che sia conforme ai criteri di password.
 info.login=Per favore inserisca i suoi dati di accesso.
 info.signup.passwordless=Accedi in modo rapido e sicuro la prossima volta utilizzando l'impronta digitale, il riconoscimento facciale o il PIN di questo dispositivo.
@@ -17,7 +18,6 @@ pwreset.done.info=La password è stata modificata con successo. Fare clic
 pwreset.email.sent=Se il vostro ID utente esiste, vi è stata inviata un'e-mail per reimpostare la password.
 pwreset.info.linktext=Password dimenticata
 pwreset.noticket=Il biglietto per la reimpostazione della password non è più valido. Si prega di generarne uno nuovo.
-submit.button.label=Continua
 title=NEVIS SSO Portal
 title.login=Login
 title.pwchange.label=Cambiare Password

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/apple.svg

@@ -1,10 +0,0 @@
-<svg width="19" height="18" viewBox="0 0 19 18" fill="none" xmlns="http://www.w3.org/2000/svg">
-<g clip-path="url(#clip0)">
-<path d="M13.9697 17.2808C12.9941 18.2276 11.9177 18.08 10.8917 17.6336C9.80091 17.1782 8.80371 17.1494 7.65171 17.6336C6.21711 18.2528 5.45571 18.0728 4.59171 17.2808C-0.28628 12.2588 0.433719 4.60879 5.97771 4.32079C7.32231 4.39279 8.26371 5.06419 9.05571 5.11999C10.2329 4.88059 11.3597 4.19479 12.6197 4.28479C14.1335 4.40719 15.2657 5.00479 16.0217 6.07938C12.9077 7.95138 13.6457 12.0554 16.5059 13.2074C15.9335 14.7104 15.1991 16.1954 13.9679 17.2934L13.9697 17.2808ZM8.94771 4.26679C8.80191 2.03479 10.6109 0.198798 12.6917 0.0187988C12.9779 2.59279 10.3517 4.51879 8.94771 4.26679Z" fill="#1F2F33"/>
-</g>
-<defs>
-<clipPath id="clip0">
-<rect width="15.156" height="18" fill="white" transform="translate(1.3335)"/>
-</clipPath>
-</defs>
-</svg>

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/authcloud_login.js

@@ -66,7 +66,7 @@ const Status = {
 };
 
 function setDeepLinkLabel(button) {
-    const text = document.getElementById('info.login.access_app').innerText;
+    const text = document.getElementsByName('info.deeplink')[0].value;
     button.innerHTML = text;
 }
 
@@ -80,13 +80,7 @@ function messageCheckPhone() {
     infoElement.innerHTML = text;
 }
 
-function showError() {
+const Element = {
-    const text = document.getElementsByName('error.authcloud.login')[0].value;
-    errorElement.innerHTML = text;
-    infoElement.style.display = "none";
-}
-
-const AccessAppElement = {
 
     _elem: null, // QR code or deep link depending on device
 
@@ -97,11 +91,8 @@ const AccessAppElement = {
         if (isAndroid || isIphone) {
             this._elem = document.createElement('a');
             this._elem.setAttribute('href', appLink);
-            this._elem.setAttribute('class', 'btn btn-primary w-100 mt-4');
+            this._elem.setAttribute('class', 'btn btn-primary');
             this._elem.setAttribute('target', '_blank');
-            // distinguishes style for platforms
-            dispatcherElement.classList.add('mobile-platform');
-
             dispatcherElement.appendChild(this._elem);
             setDeepLinkLabel(this._elem);
         }
@@ -112,23 +103,13 @@ const AccessAppElement = {
             }
             else {
                 messageScanQR();
-                const qrSize = 280;
-                // Element to render the QR code
                 this._elem = document.createElement('canvas');
-                // Wrapper div to render corners
+                dispatcherElement.appendChild(this._elem);
-                const qrCodeWrapper = document.createElement('div');
+                var qrcode = new QRious({
-                qrCodeWrapper.setAttribute('id','qr-code-wrapper');
-                qrCodeWrapper.style.width = `${qrSize}px`;
-                qrCodeWrapper.style.height = `${qrSize}px`;
-                qrCodeWrapper.appendChild(this._elem)
-                dispatcherElement.style.height = `${qrSize}px`;
-                dispatcherElement.appendChild(qrCodeWrapper);
-                const qrcode = new QRious({
                   element: this._elem,
-                  // use --nevis-gray-900 CSS variable value
+                  foreground: "#168CA9",
-                  foreground: getComputedStyle(document.body).getPropertyValue('--nevis-gray-900'),
                   level: "M",
-                  size: qrSize,
+                  size: 280,
                   value: appLink
                 });
             }
@@ -144,31 +125,20 @@ const AccessAppElement = {
 };
 
 function authenticateUser(appLink) {
-
+    Element.show(appLink);
-    AccessAppElement.show(appLink);
+    console.log('Starting Authentication Cloud status polling...');
-
-    console.log('Starting Auth Cloud status polling...');
-
     Status.startPolling(statusToken, (st, done) => {
-
         if (st.status === 'succeeded') {
-
+            console.log('Authentication Cloud login done.');
-            console.log('Auth Cloud success.');
-
-            // auto submit form with outcome
             submitStatus('succeeded')
         }
         else if (st.status === 'failed') {
-
             // failed: The transaction failed, either by timeout or because the user did not accept.
-            console.warn('Auth Cloud login failed. User abort or timeout.');
+            console.warn('Authentication Cloud login failed. User abort or timeout.');
-
             submitStatus('failed')
         }
         else if (st.status === 'unknown') {
-
+            console.error('Authentication Cloud login failed. Unknown status.');
-            console.error('Auth Cloud login failed. Unknown status.');
-
             submitStatus('unknown')
         }
     });

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/authcloud_onboard.js

@@ -75,12 +75,7 @@ function messageScanQR() {
     infoElement.innerHTML = text;
 }
 
-function messageInstalledAccessApp() {
+const Element = {
-  const text = document.getElementById('info.access_app.installed').innerText;
-  infoElement.innerHTML = text;
-}
-
-const AccessAppElement = {
 
     _elem: null, // QR code or deep link depending on device
 
@@ -89,47 +84,22 @@ const AccessAppElement = {
         const isIphone = 'iPhone' === navigator.platform;
         const isAndroid = /android/i.test(userAgent) && /mobile/i.test(userAgent);
         if (isAndroid || isIphone) {
-            if (isAndroid) {
-                document.getElementById('install_apple').style.display = 'none';
-            }
-            if (isIphone) {
-                document.getElementById('install_google').style.display = 'none';
-            }
             this._elem = document.createElement('a');
             this._elem.setAttribute('href', appLink);
-            this._elem.setAttribute('class', 'btn btn-primary w-100');
+            this._elem.setAttribute('class', 'btn btn-primary');
             this._elem.setAttribute('target', '_blank');
-            // distinguishes style for platforms
-            dispatcherElement.classList.add('mobile-platform');
-            const accessApplinks = document.getElementById('access-app-download-link');
-            accessApplinks.classList.add('access-app-download-link-mobile-spacing');
-
             dispatcherElement.appendChild(this._elem);
             setDeepLinkLabel(this._elem);
-
-            // info text is displayed before access app links
-            accessApplinks.parentNode.insertBefore(infoElement.parentNode, accessApplinks);
-            messageInstalledAccessApp();
         }
         else {
             messageScanQR();
-            const qrSize = 280;
-            // Element to render the QR code
             this._elem = document.createElement('canvas');
-            // Wrapper div to render corners
+            dispatcherElement.appendChild(this._elem);
-            const qrCodeWrapper = document.createElement('div');
+            var qrcode = new QRious({
-            qrCodeWrapper.setAttribute('id','qr-code-wrapper');
-            qrCodeWrapper.style.width = `${qrSize}px`;
-            qrCodeWrapper.style.height = `${qrSize}px`;
-            qrCodeWrapper.appendChild(this._elem)
-            dispatcherElement.style.height = `${qrSize}px`;
-            dispatcherElement.appendChild(qrCodeWrapper);
-            const qrcode = new QRious({
               element: this._elem,
-              // use --nevis-gray-900 CSS variable value
+              foreground: "#168CA9",
-              foreground: getComputedStyle(document.body).getPropertyValue('--nevis-gray-900'),
               level: "M",
-              size: qrSize,
+              size: 280,
               value: appLink
             });
         }
@@ -144,47 +114,25 @@ const AccessAppElement = {
 };
 
 function onboardUser(appLink) {
-
+    Element.show(appLink);
-    AccessAppElement.show(appLink);
+    console.log('Starting Authentication Cloud status polling...');
-
-    console.log('Starting Auth Cloud status polling...');
-
     Status.startPolling(statusToken, (st, done) => {
-
         if (st.status === 'succeeded') {
-
+            console.log('Authentication Cloud onboarding done.');
-            console.log('Auth Cloud success.');
-
-            // auto submit form with outcome
             submitStatus('succeeded')
         }
         else if (st.status === 'failed') {
-
             // failed: The transaction failed, either by timeout or because the user did not accept.
             console.warn('Authentication Cloud onboarding failed. User abort or timeout.');
-
             submitStatus('failed')
         }
         else if (st.status === 'unknown') {
-
             console.error('Authentication Cloud onboarding failed. Unknown status.');
-
             submitStatus('unknown')
         }
     });
 }
 
-const swap = function (nodeA, nodeB) {
-    const parentA = nodeA.parentNode;
-    const siblingA = nodeA.nextSibling === nodeB ? nodeA : nodeA.nextSibling;
-
-    // Move `nodeA` to before the `nodeB`
-    nodeB.parentNode.insertBefore(nodeA, nodeB);
-
-    // Move `nodeB` to before the sibling of `nodeA`
-    parentA.insertBefore(nodeB, siblingA);
-};
-
 function init() {
 
     const form = document.getElementById('authcloud_onboard');
@@ -197,9 +145,6 @@ function init() {
 
     dispatcherElement = document.getElementById('authcloud_dispatch');
 
-    // info texts are displayed underneath QR code
-    swap(infoElement.parentNode, dispatcherElement.parentNode);
-
     const appLink = form.appLink.value;
     onboardUser(appLink);
 }

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/chevron-down.svg

@@ -1,3 +0,0 @@
-<svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg">
-<path d="M12.6667 6L8 10.6667L3.33333 6" stroke="#1F2F33" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-</svg>

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/chevron-right.svg

@@ -1,3 +0,0 @@
-<svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg">
-  <path d="M6 3.33332L10.6667 7.99999L6 12.6667" stroke="#1F2F33" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-</svg>

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/copy-to-clipboard.js

@@ -1,27 +0,0 @@
-function copyToClipboard(containerid) {
-  if (document.selection) {
-    var range = document.body.createTextRange();
-    range.moveToElementText(document.getElementById(containerid));
-    range.select().createTextRange();
-    document.execCommand("copy");
-  } else if (window.getSelection) {
-    var range = document.createRange();
-    range.selectNode(document.getElementById(containerid));
-    window.getSelection().addRange(range);
-    document.execCommand("copy");
-  }
-
-  // clear selection
-  if (window.getSelection) {
-    if (window.getSelection().empty) {
-      // Chrome
-      window.getSelection().empty();
-    } else if (window.getSelection().removeAllRanges) {
-      // Firefox
-      window.getSelection().removeAllRanges();
-    }
-  } else if (document.selection) {
-    // IE
-    document.selection.empty();
-  }
-}

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/customized-bootstrap.css

@@ -1,755 +0,0 @@
-/*!
- * Bootstrap v5.1.3 (https://getbootstrap.com/)
- * Copyright 2011-2021 The Bootstrap Authors
- * Copyright 2011-2021 Twitter, Inc.
- * Licensed under MIT (https://github.com/twbs/bootstrap/blob/main/LICENSE)
-*/
-
-/*
- * This file contains customized bootstrap classes which are in the same name, however differ in the implementation.
- * Classes use CSS custom properties from :root to be runtime modifiable.
- * Used a portion of bootstrap classes which satisfy the requirements without to include the whole bootstrap bundle.
- * If you would like to add new classes as "override" or extension please use the bootstrap naming convention.
-*/
-
-/* Form controls */
-.form-label {
-  margin-bottom: 0.25rem;
-}
-
-.form-check:has(.form-check-label) {
-  padding: 1em 1em 1em 1.6em;
-  border-top: solid 1px lightgray;
-  margin: 0 1em 0 1em;
-}
-
-.form-check-label {
-  font-size: 0.875rem !important;
-}
-
-.form-group {}
-
-.form-control {
-  display: block;
-  width: 100%;
-  padding: 0.5625rem 0.75rem;
-  font-size: 1rem;
-  font-weight: 400;
-  line-height: 1.25rem;
-  color: var(--nevis-black);
-  background-color: var(--nevis-white);
-  background-clip: padding-box;
-  border: 0.0625rem solid var(--nevis-form-control-border-color);
-  border-radius: var(--nevis-border-radius);
-  -webkit-appearance: none;
-  -moz-appearance: none;
-  appearance: none;
-  transition: border-color 0.15s ease-in-out, box-shadow 0.15s ease-in-out;
-}
-
-@media (prefers-reduced-motion: reduce) {
-  .form-control {
-    transition: none;
-  }
-}
-
-.form-control:focus {
-  color: var(--nevis-black);
-  background-color: var(--nevis-white);
-  border-color: var(--nevis-primary);
-  outline: 0;
-  box-shadow: 0 0 0 0.0625rem var(--nevis-primary);
-}
-
-.form-control::-webkit-date-and-time-value {
-  height: 1.5em;
-}
-
-.form-control::-moz-placeholder {
-  color: var(--nevis-secondary);
-  opacity: 1;
-}
-
-.form-control::placeholder {
-  color: var(--nevis-secondary);
-  opacity: 1;
-}
-
-.form-control:disabled {
-  font-size: 0.875rem;
-  background-color: #e9ecef;
-  opacity: 1;
-}
-
-.form-control[readonly] {
-  background: var(--nevis-readonly-bg-color);
-  border-color: var(--nevis-readonly-border-color);
-  border-radius: var(--nevis-border-radius);
-  color: var(--nevis-gray-900);
-  font-size: 0.875rem;
-}
-
-.form-control[readonly]:focus {
-  box-shadow: 0 0 0 0.0625rem var(--nevis-readonly-box-shadow-color);
-}
-
-/* Valdiation */
-.invalid-feedback {
-  display: none;
-  width: 100%;
-  margin-top: 0.25rem;
-  font-size: 0.875em;
-  color: var(--nevis-danger);
-}
-
-.was-validated :invalid~.invalid-feedback,
-.was-validated :invalid~.invalid-tooltip,
-.is-invalid~.invalid-feedback,
-.is-invalid~.invalid-tooltip {
-  display: block;
-}
-
-/* Added for 3rd party International Telephone Input */
-.was-validated .iti~.invalid-feedback.invalid-feedback-ready,
-.was-validated .iti~.invalid-tooltip.invalid-feedback-ready {
-  display: block;
-}
-
-.was-validated .form-control:invalid,
-.form-control.is-invalid {
-  border-color: var(--nevis-danger);
-  border-width: 0.125rem;
-  padding-right: inherit;
-  background-image: none;
-  background-repeat: no-repeat;
-  background-position: inherit;
-  background-size: inherit;
-}
-
-.was-validated .form-control:invalid:focus,
-.form-control.is-invalid:focus {
-  border-color: var(--nevis-danger);
-  box-shadow: none;
-}
-
-.form-control:valid,
-.form-control.is-valid {
-  background-image: none;
-}
-
-/* remove valid feedback classes */
-.was-validated .form-control:valid,
-.form-control.is-valid {
-  border-color: var(--nevis-gray-400);
-  padding-right: inherit;
-  background-image: inherit;
-  background-repeat: no-repeat;
-  background-position: inherit;
-  background-size: inherit;
-}
-
-.was-validated .form-control:valid:focus,
-.form-control.is-valid:focus {
-  border-color: var(--nevis-gray-400);
-  box-shadow: unset;
-}
-
-.was-validated textarea.form-control:valid,
-textarea.form-control.is-valid {
-  padding-right: inherit;
-  background-position: inherit;
-}
-
-.was-validated .form-select:valid,
-.form-select.is-valid {
-  border-color: var(--nevis-gray-400);
-}
-
-.was-validated .form-select:valid:not([multiple]):not([size]),
-.was-validated .form-select:valid:not([multiple])[size="1"],
-.form-select.is-valid:not([multiple]):not([size]),
-.form-select.is-valid:not([multiple])[size="1"] {
-  padding-right: inherit;
-  background-image: none;
-  background-position: inherit;
-  background-size: inherit;
-}
-
-.was-validated .form-select:valid:focus,
-.form-select.is-valid:focus {
-  border-color: var(--nevis-gray-400);
-  box-shadow: unset;
-}
-
-.was-validated .form-check-input:valid,
-.form-check-input.is-valid {
-  border-color: var(--nevis-gray-400);
-}
-
-.was-validated .form-check-input:valid:checked,
-.form-check-input.is-valid:checked {
-  background-color: inherit;
-}
-
-.was-validated .form-check-input:valid:focus,
-.form-check-input.is-valid:focus {
-  box-shadow: unset;
-}
-
-.was-validated .form-check-input:valid~.form-check-label,
-.form-check-input.is-valid~.form-check-label {
-  color: inherit;
-}
-
-/* Buttons */
-.btn {
-  display: inline-block;
-  font-weight: 500;
-  line-height: 1.5rem;
-  color: var(--nevis-black);
-  text-align: center;
-  text-decoration: none;
-  vertical-align: middle;
-  cursor: pointer;
-  -webkit-user-select: none;
-  -moz-user-select: none;
-  user-select: none;
-  background-color: transparent;
-  border: 0.0625rem solid transparent;
-  padding: 0.75rem 1.25rem;
-  font-size: 1rem;
-  border-radius: var(--nevis-border-radius);
-  transition: color 0.15s ease-in-out, background-color 0.15s ease-in-out, border-color 0.15s ease-in-out, box-shadow 0.15s ease-in-out;
-}
-
-@media (prefers-reduced-motion: reduce) {
-  .btn {
-    transition: none;
-  }
-}
-
-.btn:hover {
-  color: var(--nevis-black);
-}
-
-.btn:disabled,
-.btn.disabled,
-fieldset:disabled .btn {
-  pointer-events: none;
-  opacity: 0.65;
-}
-
-/* remove box-shadows by default, enable later by colors */
-.btn:focus {
-  box-shadow: unset;
-}
-
-.btn-check:checked+.btn-primary:focus,
-.btn-check:active+.btn-primary:focus,
-.btn-primary:active:focus,
-.btn-primary.active:focus,
-.show>.btn-primary.dropdown-toggle:focus {
-  box-shadow: unset;
-}
-
-/* Primary Button */
-.btn-primary {
-  color: var(--nevis-white);
-  background-color: var(--nevis-primary);
-  border-color: var(--nevis-primary);
-  box-shadow: 0rem 0.25rem 1.875rem -0.625rem var(--nevis-primary);
-}
-
-.btn-primary:hover {
-  color: var(--nevis-white);
-  filter: brightness(110%);
-  background-color: var(--nevis-primary);
-  border-color: var(--nevis-primary);
-  box-shadow: 0rem 0.25rem 1.875rem -0.625rem var(--nevis-primary);
-}
-
-.btn-primary:focus {
-  color: var(--nevis-white);
-  background-color: var(--nevis-primary);
-  border-color: var(--nevis-primary);
-  filter: brightness(110%);
-  box-shadow: 0rem 0.25rem 1.875rem -0.625rem var(--nevis-primary);
-}
-
-.btn-primary:active,
-.btn-primary.active {
-  color: var(--nevis-white);
-  background-color: var(--nevis-primary);
-  border-color: var(--nevis-primary);
-  filter: brightness(90%);
-}
-
-.btn-primary:active:focus,
-.btn-primary.active:focus {
-  box-shadow: 0rem 0.25rem 1.875rem -0.625rem var(--nevis-primary);
-}
-
-.btn-primary:disabled,
-.btn-primary.disabled {
-  color: var(--nevis-secondary);
-  background-color: var(--nevis-gray-100);
-  border-color: var(--nevis-gray-100);
-  box-shadow: none;
-  filter: brightness(1);
-}
-
-/* Secondary Button */
-.btn-secondary {
-  color: var(--nevis-gray-900);
-  background-color: var(--nevis-gray-200);
-  border-color: var(--nevis-gray-200);
-  box-shadow: 0rem 0.25rem 1.875rem -0.625rem var(--nevis-gray-200);
-}
-
-.btn-secondary:hover {
-  color: var(--nevis-gray-900);
-  filter: brightness(110%);
-  background-color: var(--nevis-gray-200);
-  border-color: var(--nevis-gray-200);
-  box-shadow: 0rem 0.25rem 1.875rem -0.625rem var(--nevis-gray-200);
-}
-
-.btn-secondary:focus {
-  color: var(--nevis-gray-900);
-  background-color: var(--nevis-gray-200);
-  border-color: var(--nevis-gray-200);
-  filter: brightness(110%);
-  box-shadow: 0rem 0.25rem 1.875rem -0.625rem var(--nevis-gray-200);
-}
-
-.btn-secondary:active,
-.btn-secondary.active {
-  color: var(--nevis-gray-900);
-  background-color: var(--nevis-gray-200);
-  border-color: var(--nevis-gray-200);
-  filter: brightness(90%);
-}
-
-.btn-secondary:active:focus,
-.btn-secondary.active:focus {
-  box-shadow: 0rem 0.25rem 1.875rem -0.625rem var(--nevis-gray-200);
-}
-
-.btn-secondary:disabled,
-.btn-secondary.disabled {
-  color: var(--nevis-secondary);
-  background-color: var(--nevis-gray-100);
-  border-color: var(--nevis-gray-100);
-  box-shadow: none;
-  filter: brightness(1);
-}
-
-.btn-link {
-  font-size: 0.875rem !important;
-  vertical-align: baseline;
-  border: none;
-  color: var(--nevis-primary);
-  background: none;
-  text-decoration: none;
-  padding: 0;
-}
-
-/* Componentes */
-.dropdown-toggle::after {
-  display: none !important;
-}
-
-/* Utilities */
-h6,
-.h6,
-h5,
-.h5,
-h4,
-.h4,
-h3,
-.h3,
-h2,
-.h2,
-h1,
-.h1 {
-  margin-top: 0;
-  font-weight: 500;
-  line-height: 1.2;
-}
-
-h1,
-.h1 {
-  font-size: calc(1.375rem + 1.5vw);
-}
-
-@media (min-width: 1200px) {
-
-  h1,
-  .h1 {
-    font-size: 2.5rem;
-  }
-}
-
-h2,
-.h2 {
-  font-size: calc(1.325rem + 0.9vw);
-}
-
-@media (min-width: 1200px) {
-
-  h2,
-  .h2 {
-    font-size: 2rem;
-  }
-}
-
-h3,
-.h3 {
-  font-size: calc(1.3rem + 0.6vw);
-}
-
-@media (min-width: 1200px) {
-
-  h3,
-  .h3 {
-    font-size: 1.75rem;
-  }
-}
-
-h4,
-.h4 {
-  font-size: calc(1.275rem + 0.3vw);
-}
-
-@media (min-width: 1200px) {
-
-  h4,
-  .h4 {
-    font-size: 1.5rem;
-  }
-}
-
-h5,
-.h5 {
-  font-size: 1.25rem;
-}
-
-h6,
-.h6 {
-  font-size: 1rem;
-}
-
-small,
-.small {
-  font-size: 0.875rem !important;
-}
-
-.text-primary {
-  color: var(--nevis-primary) !important;
-}
-
-.text-secondary {
-  color: var(--nevis-secondary) !important;
-}
-
-.text-success {
-  color: var(--nevis-success) !important;
-}
-
-.text-info {
-  color: var(--nevis-info) !important;
-}
-
-.text-warning {
-  color: var(--nevis-warning) !important;
-}
-
-.text-danger {
-  color: var(--nevis-danger) !important;
-}
-
-.text-light {
-  color: var(--nevis-light) !important;
-}
-
-.text-dark {
-  color: var(--nevis-dark) !important;
-}
-
-.text-white {
-  color: var(--nevis-white) !important;
-}
-
-.bg-primary {
-  background-color: var(--nevis-primary) !important;
-}
-
-.bg-secondary {
-  background-color: var(--nevis-secondary) !important;
-}
-
-.bg-success {
-  background-color: var(--nevis-success) !important;
-}
-
-.bg-info {
-  background-color: var(--nevis-info) !important;
-}
-
-.bg-warning {
-  background-color: var(--nevis-warning) !important;
-}
-
-.bg-danger {
-  background-color: var(--nevis-danger) !important;
-}
-
-.bg-light {
-  background-color: var(--nevis-light) !important;
-}
-
-.bg-dark {
-  background-color: var(--nevis-dark) !important;
-}
-
-.bg-body {
-  background-color: var(--nevis-white) !important;
-}
-
-.bg-white {
-  background-color: var(--nevis-white) !important;
-}
-
-.link-primary {
-  color: var(--nevis-primary);
-}
-
-.link-primary:hover,
-.link-primary:focus {
-  color: var(--nevis-primary);
-  filter: brightness(80%);
-}
-
-.link-secondary {
-  color: var(--nevis-secondary);
-}
-
-.link-secondary:hover,
-.link-secondary:focus {
-  color: var(--nevis-secondary);
-  filter: brightness(80%);
-}
-
-.link-success {
-  color: var(--nevis-success);
-}
-
-.link-success:hover,
-.link-success:focus {
-  color: var(--nevis-success);
-  filter: brightness(80%);
-}
-
-.link-info {
-  color: var(--nevis-info);
-}
-
-.link-info:hover,
-.link-info:focus {
-  color: var(--nevis-info);
-  filter: brightness(80%);
-}
-
-.link-warning {
-  color: var(--nevis-warning);
-}
-
-.link-warning:hover,
-.link-warning:focus {
-  color: var(--nevis-warning);
-  filter: brightness(80%);
-}
-
-.link-danger {
-  color: var(--nevis-danger);
-}
-
-.link-danger:hover,
-.link-danger:focus {
-  color: var(--nevis-danger);
-  filter: brightness(80%);
-}
-
-.link-light {
-  color: var(--nevis-light);
-}
-
-.link-light:hover,
-.link-light:focus {
-  color: var(--nevis-light);
-  filter: brightness(80%);
-}
-
-.link-dark {
-  color: var(--nevis-dark);
-}
-
-.link-dark:hover,
-.link-dark:focus {
-  color: var(--nevis-dark);
-  filter: brightness(80%);
-}
-
-.border-primary {
-  border-color: var(--nevis-primary) !important;
-}
-
-.border-secondary {
-  border-color: var(--nevis-secondary) !important;
-}
-
-.border-success {
-  border-color: var(--nevis-success) !important;
-}
-
-.border-info {
-  border-color: var(--nevis-info) !important;
-}
-
-.border-warning {
-  border-color: var(--nevis-warning) !important;
-}
-
-.border-danger {
-  border-color: var(--nevis-danger) !important;
-  border-width: 0.125rem;
-}
-
-.border-light {
-  border-color: var(--nevis-light) !important;
-}
-
-.border-dark {
-  border-color: var(--nevis-dark) !important;
-}
-
-.border-white {
-  border-color: var(--nevis-white) !important;
-}
-
-
-/* EXTENSION PART */
-
-/* Spacing */
-.mt-20 {
-  margin-top: 1.25rem;
-}
-
-.me-5px {
-  margin-right: 0.3125rem;
-}
-
-.my-40 {
-  margin: 2.5rem 0;
-}
-
-.mb-40 {
-  margin-bottom: 2.5rem;
-}
-
-/* Colors */
-
-.text-nevis-blue {
-  color: var(--nevis-blue-600) !important;
-}
-
-.bg-nevis-blue {
-  background-color: var(--nevis-blue-600) !important;
-}
-
-.border-nevis-blue {
-  border-color: var(--nevis-blue-600) !important;
-}
-
-.link-nevis-blue {
-  color: var(--nevis-blue-600);
-}
-
-.link-nevis-blue:hover,
-.link-nevis-blue:focus {
-  color: var(--nevis-blue-600);
-  filter: brightness(80%);
-}
-
-.btn-language-selector {
-  display: inline-flex;
-  justify-content: center;
-  align-items: center;
-  flex-shrink: 0;
-  padding: 0;
-  min-width: 0;
-  box-sizing: border-box;
-  box-shadow: none;
-  font-size: 0.875rem !important;
-  line-height: 1.25rem;
-  font-weight: normal;
-  outline: none;
-  border: none;
-  vertical-align: baseline;
-  text-align: center;
-  background-color: initial;
-  color: var(--nevis-gray-900);
-}
-
-.btn-language-selector:hover {
-  background: initial;
-}
-
-.btn-language-selector:active {
-  background: initial;
-}
-
-.btn-language-selector:focus {
-  box-shadow: none;
-}
-
-.btn-language-selector+.dropdown-menu {
-  min-width: 0;
-  width: 10rem;
-  padding: 0.25rem 0;
-  /* centering the dropdown */
-  margin-left: -0.5rem !important;
-  margin-top: 0.5rem !important;
-  overflow: hidden;
-  box-shadow: 0rem 0rem 0rem 0.0625rem var(--nevis-gray-200),
-    0rem 0.1875rem 1.25rem -0.625rem var(--nevis-gray-900);
-  border-radius: var(--nevis-border-radius);
-  border: 0;
-}
-
-.btn-language-selector+.dropdown-menu>li {
-  overflow: hidden;
-}
-
-.btn-language-selector+.dropdown-menu .dropdown-item {
-  font-style: normal;
-  font-weight: normal;
-  font-size: 0.875rem;
-  line-height: 1.25rem;
-  padding: 0.5rem 1rem;
-  color: var(--nevis-gray-900);
-}
-
-.btn-language-selector+.dropdown-menu .dropdown-item:hover {
-  background: var(--nevis-blue-100);
-}
-
-.btn-language-selector+.dropdown-menu .dropdown-item:focus {
-  background: none;
-}
-
-.btn-language-selector+.dropdown-menu .dropdown-item:active,
-.btn-language-selector+.dropdown-menu .dropdown-item.active {
-  background: var(--nevis-blue-100);
-  filter: brightness(90%);
-}

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/default.css

@@ -0,0 +1,222 @@
+/********************************************************
+ * Layout
+ ********************************************************/
+
+html { /* magic to position footer */
+	position: relative;
+	min-height: 100%;
+}
+
+body {
+	margin-bottom: 76px; /* == footer height */
+}
+
+.container, .container-fluid {
+ 	padding-left: 36px;
+	padding-right: 36px;
+}
+
+nav {
+	min-height: 100px;
+	padding: 36px;
+}
+
+header {
+	margin-bottom: 16px; /* h1.logintitle adds 20px => 36px */
+}
+
+.container {
+ 	min-width: 260px;
+ 	max-width: 700px;
+}
+
+h1 {
+	margin-bottom: 50px;
+}
+
+footer {
+	width: 100%;
+	position: absolute;
+	bottom: 0;
+	padding: 0 36px;
+}
+
+img {
+	width: 100%;
+}
+
+/********************************************************
+ * Header
+ ********************************************************/
+
+header .logo {
+	/* width: 20%;*/
+	/*max-width: 600px;*/
+	max-height: 150px;
+	width: auto;
+}
+
+/********************************************************
+ * Dropdown
+ ********************************************************/
+a.dropdown-toggle {
+	text-decoration: none;
+}
+
+a.dropdown-toggle:hover {
+	color: #168CA9;
+	border-bottom: 3px solid #168CA9;
+}
+
+.dropdown-menu {
+	padding: 5px 0;
+}
+
+.dropdown-menu li > a {
+	padding: 6px 28px;
+}
+
+.dropdown-menu a > .prefix {
+	display: inline-block;
+	min-width: 22px;
+	margin-right: 28px;
+	text-align: right;
+}
+
+/********************************************************
+ * Form
+ ********************************************************/
+
+/* Labels should not be bold */
+label {
+	font-weight: normal;
+}
+
+/* Make error messages bold */
+.has-error .help-block {
+	font-weight: bold;
+}
+
+/* Change button size, by default 116px in width */
+.btn {
+	min-width: 116px;
+	padding: 3px 12px;
+}
+
+/* Disable gradient in buttons, ughhhh */
+.btn.btn-primary {
+	border-color: transparent;
+	background-image: none;
+	text-shadow: none;
+	box-shadow: none;
+	-webkit-box-shadow: none;
+}
+
+.help-block a, .help-block a:visited {
+	color: #168CA9;
+  font-weight: bold;
+  text-decoration: none;
+}
+
+.help-block a:hover {
+	color: #168CA9;
+  text-decoration: underline;
+}
+
+/********************************************************
+ * Footer
+ ********************************************************/
+footer .row {
+	margin: 36px 0 0 0;
+	height: 40px;
+	padding-top: 14px;
+	line-height: 26px; /* to center text: height - padding-top = 26px */
+	border-top: 1px solid #168CA9;
+}
+
+footer .row > div { /* Fix alignment between border + text on Bootstrap grid */
+	padding: 0;
+}
+
+footer .logo-round-container {
+	position: relative;
+}
+
+footer .logo-round {
+	position: absolute;
+	left: 0;
+	right: 0;
+	top: -33px; /* found visually with Chrome Dev Tools */
+	height: 36px;
+	width: 36px;
+	border: 1px solid #00868c;
+	border-radius: 18px;
+	background: #fff;
+	padding: 8px;
+}
+
+footer .logo-round > img {
+	display: block;
+}
+
+#dispatchTargets {
+	margin-top: 20px;
+}
+
+/********************************************************
+ * Social login
+ ********************************************************/
+.btn.line {
+    background-color: transparent;
+    display: block;
+    width: 100%;
+    padding: 0;
+    margin: 1.5em 0 1em;
+    border: 0.5px solid #ccc;
+    pointer-events: none;
+}
+
+.btn.socialLogin {
+    background-color: #fff;
+    border: thin solid #ccc;
+    color: #000;
+    font-weight: 600;
+    position: relative;
+    margin: 5px;
+    min-width: 140px;
+    width: 210px;
+    border-radius: 8px;
+    padding: 8px 12px;
+    text-align: left;
+}
+
+.socialLogin img {
+    width: 1.5em;
+    height: 108%;
+    margin-right: 0.5em;
+}
+
+.btn.apple img {
+    width: 1.2em;
+}
+
+/********************************************************
+ * Show password
+ ********************************************************/
+.icon-inside {
+  position: relative;
+}
+
+.icon-inside input {
+  padding-right: calc(0.75rem + 1.25rem + 0.75rem);
+}
+
+.icon-inside button {
+  position: absolute;
+  right: 0;
+  top: 0;
+  margin-top: 0.45rem;
+  margin-right: 0.45rem;
+  background: #FFFFFF;
+  border: #FFFFFF;
+}

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/display-recovery-codes.js

@@ -1,23 +0,0 @@
-function displayRecoveryCodes() {
-  const recoverCodes = document.getElementById("recovery-codes-raw");
-  // early return if recoverCodes not found
-  if (!recoverCodes) {
-    return;
-  }
-
-  var recoveryCodesContent = recoverCodes.innerHTML;
-  recoveryCodesContent = recoveryCodesContent.replace("[", "");
-  recoveryCodesContent = recoveryCodesContent.replace("]", "");
-  recoveryCodesContent = recoveryCodesContent.split(",");
-  for (let i = 0; i < recoveryCodesContent.length; i++) {
-    if (i % 2 == 0) {
-      document.getElementById("recovery-codes").innerHTML += "<div class=\"recovery-code-gray printable\">" + recoveryCodesContent[i] + "</div>";
-    }
-    else {
-      document.getElementById("recovery-codes").innerHTML += "<div class=\"recovery-code-white printable\">" + recoveryCodesContent[i] + "</div>";
-    }
-  }
-  recoverCodes.remove();
-}
-
-displayRecoveryCodes();

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/download-recovery-codes.js

@@ -1,26 +0,0 @@
-function downloadRecoveryCodes(contentContainerId) {
-  const textToDownload = document.getElementById(contentContainerId).innerText;
-  // It is necessary to create a new blob object with mime-type explicitly set
-  // otherwise only Chrome works like it should
-  const newBlob = new Blob([textToDownload], { type: "text/plain" });
-
-  // IE doesn't allow using a blob object directly as link href
-  // instead it is necessary to use msSaveOrOpenBlob
-  if (window.navigator && window.navigator.msSaveOrOpenBlob) {
-    window.navigator.msSaveOrOpenBlob(newBlob, "recovery-codes.txt");
-    return;
-  }
-
-  // For other browsers:
-  // Create a link pointing to the ObjectURL containing the blob.
-  const data = window.URL.createObjectURL(newBlob);
-  const link = document.createElement("a");
-  link.href = data;
-  link.download = "recovery-codes.txt";
-  link.click();
-  setTimeout(() => {
-    // For Firefox it is necessary to delay revoking the ObjectURL
-    window.URL.revokeObjectURL(data);
-  }, 400);
-  link.remove();
-}

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/dropdown.js

@@ -0,0 +1,36 @@
+(function() {
+  var closeDropdownTimeout;
+
+  function closeDropdown(event) {
+    var dropdowns = document.querySelectorAll('.dropdown');
+    for (var i = 0; i < dropdowns.length; i++) {
+      var dropdownMenu = dropdowns[i].querySelector('.dropdown-menu');
+      if (dropdownMenu.style.display !== 'none' && !dropdowns[i].contains(event.target)) {
+        dropdownMenu.style.display = 'none';
+      }
+    }
+
+    // remove event listener till we have a new dropdown menu open
+    if (document.querySelector('.dropdown-menu:not([style*="display: none"])') === null) {
+      document.removeEventListener('click', closeDropdown);
+    }
+  }
+
+  var dropdowns = document.querySelectorAll('.dropdown');
+  for (var i = 0; i < dropdowns.length; i++) {
+    var dropdownMenu = dropdowns[i].querySelector('.dropdown-menu');
+    dropdownMenu.style.display = 'none'; // ensure menu is initially hidden
+
+    dropdowns[i].addEventListener('click', function(e) {
+      // show dropdown menu
+      var dropdownMenu = this.querySelector('.dropdown-menu');
+      dropdownMenu.style.display = 'block';
+
+      // handle clicking away
+      clearTimeout(closeDropdownTimeout);
+      closeDropdownTimeout = setTimeout(function() {
+        document.addEventListener('click', closeDropdown);
+      }, 10);
+    });
+  }
+}());

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/e2eenc.js

@@ -0,0 +1,98 @@
+var e2eenc = function() {
+
+	this.encryptForm = function(algoString, formId) {
+		// TODO: in case of an error we should return false, to prevent the for to be submitted
+		//       or replace the fields with dummy values, just to prevent the the transmission
+		//       of unencrypted values
+		
+
+		// create the array of input fields to encrypt (needs to be done before setting the form
+		// invisible
+		var fieldsToEncrypt = new Array();
+		$.each($("form input:visible"), function(index, _inputField) { fieldsToEncrypt.push($(_inputField));});
+
+		// hide the form, and display the splash screen
+		$('#loginform').css('display','none');
+		$('#e2eeSplashScreen').css('display','block');
+
+		// encryption logic
+		var pubKey = $("input[name='e2eenc.publicKey']").val();
+
+		var kemSessionKey = readPublicKeyAndGenerateSessionKey(pubKey)
+		var iv = forge.random.getBytesSync(16);
+		keyB64 = forge.util.encode64(kemSessionKey.key);
+		encapsulationB64 = forge.util.encode64(kemSessionKey.encapsulation);
+		ivB64 = forge.util.encode64(iv);
+
+		//console.log("Encrypting form " + formId + " (" + algoString + ")");
+		var fields = "";
+		$.each(fieldsToEncrypt, function(index, _inputField) {
+			var inputField = $(_inputField);
+			if (inputField.attr("type") == "text" || inputField.attr("type") == "password") {
+				//console.log("Encrypting field " + JSON.stringify(inputField));
+				var plainValue = inputField.val();
+
+				var encryptedValueB64 = encrypt(kemSessionKey, iv, plainValue);
+				//console.log("Setting encrypted value in b64: " + encryptedValueB64);
+				inputField.val(encryptedValueB64);
+				if (fields.length > 0) {
+					fields = fields + ","
+				}
+				fields = fields + inputField.attr("name");
+			}
+		});
+		$("input[name='e2eenc.iv']").val(ivB64);
+		$("input[name='e2eenc.encapsulation']").val(encapsulationB64);
+		$("input[name='e2eenc.fields']").val(fields);
+	}
+
+	function getRSApublicKey(pem) {
+	    //console.log("PEM: " + pem);
+
+	    var msg = forge.pem.decode(pem)[0];
+
+	    //console.log("msg type: " + msg.type);
+
+	    if(msg.procType && msg.procType.type === 'ENCRYPTED') {
+		throw new Error('Could not retrieve RSA public key from PEM; PEM is encrypted.');
+	    }
+
+	    // convert DER to ASN.1 object
+	    var asn1obj = forge.asn1.fromDer(msg.body);
+	    //console.log("ASN.1 obj: " + JSON.stringify(asn1obj))
+
+	    var pubKey = forge.pki.publicKeyFromAsn1(asn1obj)
+	    //console.log("PubKey: " + JSON.stringify(pubKey))
+	    return pubKey;
+	}
+
+	function generateKEMSessionKey(rsaPublicKey) {
+	    // generate key-derivation-function and initializes it with sha1
+	    var kdf1 = new forge.kem.kdf1(forge.md.sha1.create());
+	    // creates a KEM function based on the key-derivation-function created above
+	    var kem = forge.kem.rsa.create(kdf1);
+	    // generate and encapsulate a 16-byte secret key. 
+	    // The secret key is generated using the kdf defined above.
+	    var kemSessionKey = kem.encrypt(rsaPublicKey, 16);
+	    // kemSessionKey has 'encapsulation' (= pub key) and 'key' (= generated secret key)
+	    return kemSessionKey;
+	}
+
+	function readPublicKeyAndGenerateSessionKey(pem) {
+	    var rsaPublicKey = getRSApublicKey(pem);
+	    //console.log("PubKey: " + JSON.stringify(rsaPublicKey))
+	    var kemSessionKey = generateKEMSessionKey(rsaPublicKey);
+	    //console.log("KEM session key: " + JSON.stringify(kemSessionKey))
+	    return kemSessionKey;
+	}
+
+	function encrypt(kemSessionKey, iv, msg) {
+		var cipher = forge.cipher.createCipher('AES-CBC', kemSessionKey.key);
+		cipher.start({iv: iv});
+		cipher.update(forge.util.createBuffer(msg, 'utf-8'));
+		cipher.finish();
+		var encrypted = cipher.output.getBytes();
+		encryptedB64 = forge.util.encode64(encrypted);
+		return encryptedB64;
+	}
+};

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/exclamation.svg

@@ -1,3 +0,0 @@
-<svg width="10" height="9" viewBox="0 0 10 9" fill="none" xmlns="http://www.w3.org/2000/svg">
-<path fill-rule="evenodd" clip-rule="evenodd" d="M3.95423 0.859245C4.413 0.0436633 5.58725 0.0436629 6.04602 0.859245L9.3942 6.81157C9.84416 7.61149 9.2661 8.59988 8.34831 8.59988H1.65194C0.734151 8.59988 0.156094 7.61149 0.606052 6.81157L3.95423 0.859245ZM5.60007 6.79995C5.60007 7.13132 5.33144 7.39995 5.00007 7.39995C4.6687 7.39995 4.40007 7.13132 4.40007 6.79995C4.40007 6.46858 4.6687 6.19995 5.00007 6.19995C5.33144 6.19995 5.60007 6.46858 5.60007 6.79995ZM5.00007 1.99995C4.6687 1.99995 4.40007 2.26858 4.40007 2.59995V4.39995C4.40007 4.73132 4.6687 4.99995 5.00007 4.99995C5.33144 4.99995 5.60007 4.73132 5.60007 4.39995V2.59995C5.60007 2.26858 5.33144 1.99995 5.00007 1.99995Z" fill="#F25562"/>
-</svg>

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/face.svg

@@ -1,10 +0,0 @@
-<svg width="80" height="80" viewBox="0 0 80 80" fill="none" xmlns="http://www.w3.org/2000/svg">
-<path d="M54 10H62C66.4183 10 70 13.5817 70 18V26" stroke="#168CA9" stroke-width="4" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M10 26L10 18C10 13.5817 13.5817 10 18 10L26 10" stroke="#168CA9" stroke-width="4" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M26 70L18 70C13.5817 70 10 66.4183 10 62L10 54" stroke="#168CA9" stroke-width="4" stroke-linecap="round" stroke-linejoin="round"/>
-<path d="M70 54L70 62C70 66.4183 66.4183 70 62 70L54 70" stroke="#168CA9" stroke-width="4" stroke-linecap="round" stroke-linejoin="round"/>
-<circle cx="40" cy="40" r="22" stroke="#168CA9" stroke-width="4"/>
-<path d="M48 48.5C43.5817 53.8333 36.4183 53.8333 32 48.5" stroke="#168CA9" stroke-width="4" stroke-linecap="round"/>
-<rect x="49" y="35" width="1" height="4" rx="0.5" stroke="#168CA9" stroke-width="4"/>
-<rect x="30" y="35" width="1" height="4" rx="0.5" stroke="#168CA9" stroke-width="4"/>
-</svg>

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/facebook.svg

@@ -1,4 +0,0 @@
-<svg width="18" height="18" viewBox="0 0 18 18" fill="none" xmlns="http://www.w3.org/2000/svg">
-<path d="M18 9.00002C18 4.02945 13.9706 2.09808e-05 9 2.09808e-05C4.02943 2.09808e-05 0 4.02945 0 9.00002C0 13.4922 3.29117 17.2155 7.59375 17.8907V11.6016H5.30859V9.00002H7.59375V7.01721C7.59375 4.76158 8.93739 3.51565 10.9932 3.51565C11.9779 3.51565 13.0078 3.69143 13.0078 3.69143V5.90627H11.8729C10.7549 5.90627 10.4062 6.60003 10.4062 7.31176V9.00002H12.9023L12.5033 11.6016H10.4062V17.8907C14.7088 17.2155 18 13.4922 18 9.00002Z" fill="#1877F2"/>
-<path d="M12.5033 11.6016L12.9024 9.00006H10.4063V7.3118C10.4063 6.60007 10.7549 5.90631 11.873 5.90631H13.0078V3.69147C13.0078 3.69147 11.9779 3.51569 10.9932 3.51569C8.9374 3.51569 7.59376 4.76162 7.59376 7.01725V9.00006H5.30859V11.6016H7.59376V17.8907C8.05197 17.9626 8.52161 18.0001 9.00001 18.0001C9.47842 18.0001 9.94806 17.9626 10.4063 17.8907V11.6016H12.5033Z" fill="white"/>
-</svg>

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/fido2_auth.js

@@ -2,13 +2,13 @@
   'use strict'
 
   async function assertion(options) {
-    let assertion;
+    let credential;
     try {
-      assertion = await navigator.credentials.get({ "publicKey": options });
+      credential = await navigator.credentials.get({ "publicKey": options });
     }
     // Cancel and timeout can occur besides error
     catch (error) {
-      console.error(`Error while trying to collect WebAuthn credential. ${error}`);
+      console.error(`Failed to get WebAuthn credential: ${error}`);
       throw error;
     }
     // as this is the last call we have to do a top-level request instead of AJAX
@@ -16,11 +16,11 @@
     form.method = "POST";
     form.style.display = "none";
     addInput(form, "path", "/nevisfido/fido2/assertion/result")
-    addInput(form, "id", assertion.id);
+    addInput(form, "id", credential.id);
-    addInput(form, "type", assertion.type);
+    addInput(form, "type", credential.type);
-    addInput(form, "response.clientDataJSON", base64url.encode(assertion.response.clientDataJSON));
+    addInput(form, "response.clientDataJSON", base64url.encode(credential.response.clientDataJSON));
-    addInput(form, "response.authenticatorData", base64url.encode(assertion.response.authenticatorData));
+    addInput(form, "response.authenticatorData", base64url.encode(credential.response.authenticatorData));
-    addInput(form, "response.signature", base64url.encode(assertion.response.signature));
+    addInput(form, "response.signature", base64url.encode(credential.response.signature));
     document.body.appendChild(form);
     form.submit();
   }
@@ -28,7 +28,6 @@
   function authenticate() {
     // WebAuthn feature detection
     if (!isWebAuthnSupportedByTheBrowser()) {
-      // Trigger `Login Passwordless Fallback` pattern
       cancelFido2();
       return;
     };
@@ -51,11 +50,9 @@
         c.id = base64url.decode(c.id);
         return c;
       });
-        
       return assertion(options);
     }).catch((error) => {
-      console.error(`Error at fido2 authentication: ${error}`);
+      console.error(`Error during FIDO2 authentication: ${error}`);
-      // Trigger `Login Passwordless Fallback` pattern
       cancelFido2();
     });
   }

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/fido2_check.js

@@ -1,25 +0,0 @@
-function submit(result) {
-    // we have to do a top-level request instead of AJAX
-    const form = document.createElement("form");
-    form.method = "POST";
-    form.style.display = "none";
-
-    addInput(form, "result", result)
-
-    document.body.appendChild(form);
-
-    form.submit();
-}
-
-function check() {
-  if (isWebAuthnSupportedByTheBrowser()) {
-    submit("ok");
-  }
-  else {
-    submit("error");
-  }
-}
-
-window.onload = () => {
-  check();
-}

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/fido2_onboard.js

@@ -31,7 +31,7 @@ async function attestation(options) {
   form.submit();
 }
 
-function startFido2() {
+function start() {
 
   if (!isWebAuthnSupportedByTheBrowser()) {
     dispatch("unsupported");

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/fido2_utils.js

@@ -1,3 +1,10 @@
+function addInput(form, name, value) {
+    const input = document.createElement("input");
+    input.name = name;
+    input.value = value;
+    form.appendChild(input);
+}
+
 /**
  * Checks whether WebAuthn is supported by the browser or not.
  * @return true if supported, false if it is not supported or not in secure context
@@ -16,7 +23,7 @@ function isWebAuthnSupportedByTheBrowser() {
 }
 
 /**
- * Trigger on cancel pattern at the FIDO2 authentication flow.
+ * Trigger on cancel pattern of the FIDO2 authentication step.
  * 
  * Provides an alternative when the user decides to 
  * cancel the fido2 credential operation(create or fetch) or
@@ -27,10 +34,7 @@ function cancelFido2() {
   const form = document.createElement("form");
   form.method = "POST";
   form.style.display = "none";
-
   addInput(form, "cancel_fido2", "true");
-
   document.body.appendChild(form);
-
   form.submit();
 }

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/finger.svg

@@ -1,9 +0,0 @@
-<svg width="80" height="80" viewBox="0 0 80 80" fill="none" xmlns="http://www.w3.org/2000/svg">
-<path d="M56.2789 49.5761C56.2789 40.4331 48.8671 33.0213 39.7242 33.0213C30.5813 33.0213 23.1694 40.4331 23.1694 49.5761C23.1694 62.2356 32.2583 70.0261 32.2583 70.0261" stroke="#168CA9" stroke-width="4" stroke-linecap="round"/>
-<path d="M47.8393 49.5763C47.8393 45.0945 44.206 41.4612 39.7242 41.4612C35.2424 41.4612 31.6091 45.0945 31.6091 49.5763C31.6091 62.5604 41.6718 68.7279 48.8131 71.0001" stroke="#168CA9" stroke-width="4" stroke-linecap="round"/>
-<path d="M64.7191 49.5748C64.7191 35.7707 53.5287 24.5803 39.7247 24.5803C25.9206 24.5803 14.7302 35.7707 14.7302 49.5748C14.7302 55.093 17.0024 60.6113 17.0024 60.6113" stroke="#168CA9" stroke-width="4" stroke-linecap="round"/>
-<path d="M66.4485 31.0739C60.6836 22.4617 50.8661 16.7914 39.7242 16.7914C28.5824 16.7914 18.7649 22.4617 13 31.0739" stroke="#168CA9" stroke-width="4" stroke-linecap="round"/>
-<path d="M58.1132 13.5444C52.623 10.6428 46.3652 9 39.724 9C33.0827 9 26.825 10.6428 21.3347 13.5444" stroke="#168CA9" stroke-width="4" stroke-linecap="round"/>
-<path d="M64.7185 49.2502C64.7185 53.5527 60.9399 57.0407 56.2788 57.0407C51.6177 57.0407 47.8391 53.5527 47.8391 49.2502" stroke="#168CA9" stroke-width="4" stroke-linecap="round"/>
-<path d="M58.8764 63.8706C57.8276 64.075 56.7421 64.1823 55.6304 64.1823C47.1222 64.1823 40.1431 57.8973 39.4558 49.8997" stroke="#168CA9" stroke-width="4" stroke-linecap="round"/>
-</svg>

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/icons/apple/black.svg

@@ -0,0 +1 @@
+<svg width="842" height="1e3" xmlns="http://www.w3.org/2000/svg"><path d="M702 960c-54.2 52.6-114 44.4-171 19.6-60.6-25.3-116-26.9-180 0-79.7 34.4-122 24.4-170-19.6-271-279-231-704 77-720 74.7 4 127 41.3 171 44.4 65.4-13.3 128-51.4 198-46.4 84.1 6.8 147 40 189 99.7-173 104-132 332 26.9 396-31.8 83.5-72.6 166-141 227zM423 237C414.9 113 515.4 11 631 1c15.9 143-130 250-208 236z"/></svg>

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/icons/microsoft/microsoft.svg

@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" aria-label="Microsoft" role="img" viewBox="0 0 512 512"><rect width="512" height="512" rx="15%" fill="#fff"/><path d="M75 75v171h171v-171z" fill="#f25022"/><path d="M266 75v171h171v-171z" fill="#7fba00"/><path d="M75 266v171h171v-171z" fill="#00a4ef"/><path d="M266 266v171h171v-171z" fill="#ffb900"/></svg>

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/info.svg

@@ -1,3 +0,0 @@
-<svg width="64" height="64" viewBox="0 0 64 64" fill="none" xmlns="http://www.w3.org/2000/svg">
-<path d="M32 18.6667V32M32 45.3333H32.0333M62 32C62 48.5685 48.5685 62 32 62C15.4315 62 2 48.5685 2 32C2 15.4315 15.4315 2 32 2C48.5685 2 62 15.4315 62 32Z" stroke="#EFBA00" stroke-width="4" stroke-linecap="round" stroke-linejoin="round"/>
-</svg>

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/link.svg

@@ -1,3 +0,0 @@
-<svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg">
-    <path d="M6.3335 2.99992H3.00016C2.07969 2.99992 1.3335 3.74611 1.3335 4.66659V12.9999C1.3335 13.9204 2.07969 14.6666 3.00016 14.6666H11.3335C12.254 14.6666 13.0002 13.9204 13.0002 12.9999V9.66659M9.66683 1.33325H14.6668M14.6668 1.33325V6.33325M14.6668 1.33325L6.3335 9.66659" stroke="#168CA9" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-</svg>

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/main.css

@@ -1,429 +0,0 @@
-html,
-body {
-  height: 100%;
-}
-
-body {
-  font-family: var(--nevis-font-sans-serif);
-  font-size: 0.875rem;
-  color: var(--nevis-gray-900);
-  display: flex;
-  align-items: center;
-  padding-top: 2.5rem;
-  padding-bottom: 2.5rem;
-  background-color: #d1d5d6;
-}
-
-a {
-  text-decoration: none;
-  color: var(--nevis-primary);
-}
-
-/* add icon for links to external sites */
-a[rel~="external"]::after {
-  content: url("link.svg");
-  padding-left: 7px;
-  vertical-align: -2px;
-}
-
-/* Chrome, Safari, Edge, Opera */
-input::-webkit-outer-spin-button,
-input::-webkit-inner-spin-button {
-  -webkit-appearance: none;
-  margin: 0;
-}
-
-/* Firefox */
-input[type="number"] {
-  -moz-appearance: textfield;
-}
-
-button:disabled {
-  cursor: not-allowed;
-  pointer-events: all !important;
-}
-
-label {
-  font-size: 0.75rem;
-}
-
-span.text-secondary>div {
-  display: inline-block;
-}
-
-/* Screen specific CSS */
-.login-container {
-  width: 100%;
-  max-width: 22.5rem;
-  margin: auto;
-  background-color: var(--nevis-gray-100);
-  box-shadow: 0rem 0.625rem 2.5rem rgba(31, 47, 51, 0.2);
-  border-radius: 1.25rem;
-}
-
-.login-container-header {
-  padding: 1.25rem;
-  display: flex;
-  flex-direction: column;
-  align-items: center;
-}
-
-.login-container-minimal-header {
-  padding: 1.25rem;
-}
-
-.login-container-body {
-  background: #ffffff;
-  box-shadow: 0rem 0.625rem 2.5rem rgba(31, 47, 51, 0.2);
-  border-radius: 1.25rem;
-  min-height: 31.25rem;
-}
-
-.login-container-body-content {
-  padding: 2.5rem;
-}
-
-.login-container-body-content>.input-error~.input-error {
-  margin-top: 0;
-}
-
-.brand-name {
-  font-size: 1rem;
-  word-wrap: break-word;
-}
-
-.sub-title {
-  font-style: normal;
-  font-weight: 400;
-  font-size: 1rem;
-  line-height: 1.375rem;
-  text-align: center;
-}
-
-.sub-icon {
-  font-style: normal;
-  font-weight: 400;
-  font-size: 1rem;
-  margin-top: 1rem;
-  text-align: center;
-}
-
-.horizontal-line {
-  display: flex;
-  flex-direction: row;
-}
-
-.horizontal-line:before,
-.horizontal-line:after {
-  content: "";
-  flex: 1 1;
-  border-bottom: 0.0625rem solid var(--nevis-gray-200);
-  margin: auto;
-}
-
-.horizontal-line:before {
-  margin-right: 0.625rem;
-  margin-left: -2.5rem;
-}
-
-.horizontal-line:after {
-  margin-left: 0.625rem;
-  margin-right: -2.5rem;
-}
-
-.register-spacing {
-  margin-top: 2rem;
-  margin-bottom: 2.75rem;
-}
-
-.social-login-buttons {
-  display: flex;
-  flex-direction: column;
-  gap: 0.75rem;
-}
-
-.social-login-button {
-  background: none;
-  flex-grow: 1;
-  display: flex;
-  flex-direction: row;
-  justify-content: center;
-  align-items: center;
-  padding: 0.375rem 1.125rem;
-  width: 100%;
-  height: 2.5rem;
-  border: 0.0625rem solid var(--nevis-gray-200);
-  box-sizing: border-box;
-  border-radius: 0.625rem;
-  gap: 0.625rem;
-}
-
-.icon-inside {
-  position: relative;
-}
-
-.icon-inside input {
-  padding-right: calc(0.75rem + 1.25rem + 0.75rem);
-}
-
-.icon-inside button {
-  position: absolute;
-  right: 0;
-  top: 0;
-  margin-top: 0.3125rem;
-  margin-right: 0.75rem;
-}
-
-.icon-button {
-  display: inline-flex;
-  justify-content: center;
-  align-items: center;
-  flex-shrink: 0;
-  width: 1.875rem;
-  height: 1.875rem;
-  padding: 0;
-  margin: 0;
-  min-width: 0;
-  border-radius: 50%;
-  box-sizing: border-box;
-  box-shadow: none;
-  font-size: inherit;
-  font-weight: 500;
-  cursor: pointer;
-  outline: none;
-  border: none;
-  vertical-align: baseline;
-  text-align: center;
-  background-color: initial;
-}
-
-.icon-button:hover {
-  background: var(--nevis-gray-200);
-}
-
-.icon-button:active {
-  background: var(--nevis-gray-300);
-}
-
-.icon-button.nevis-blue-icon:hover {
-  background: var(--nevis-blue-icon-hover-bg-color);
-}
-
-.icon-button.nevis-blue-icon:active {
-  background: var(--nevis-blue-icon-active-bg-color);
-}
-
-.h-icon-button {
-  min-height: 1.875rem;
-}
-
-.max-w-full {
-  max-width: 100%;
-}
-
-.verification-code-wrapper {
-  display: flex;
-  flex-direction: row;
-  align-items: center;
-  justify-content: center;
-}
-
-.verification-code-label {
-  font-size: 1.125rem;
-  line-height: 1.5rem;
-  margin-right: 0.25rem;
-}
-
-.verification-code-input {
-  text-align: center;
-  max-width: 8.75rem;
-  letter-spacing: 0.5rem;
-  text-indent: 0.25rem;
-}
-
-.hidden-verification-code-submit-button {
-  overflow: visible !important;
-  height: 0 !important;
-  width: 0 !important;
-  margin: 0 !important;
-  border: 0 !important;
-  padding: 0 !important;
-  display: block !important;
-}
-
-.totp-code-wrapper {
-  display: flex;
-  flex-direction: row;
-  align-items: center;
-  justify-content: center;
-  margin: 2.5rem 0;
-}
-
-.totp-code-input {
-  text-align: left;
-  max-width: 8.75rem;
-  letter-spacing: 0.5rem;
-  text-indent: 0.25rem;
-}
-
-.hidden {
-  display: none !important;
-}
-
-.success-icon {
-  text-align: center !important;
-  margin-top: 5.625rem;
-  margin-bottom: 11.75rem;
-}
-
-.btn-selection-item {
-  display: flex;
-  flex-direction: row;
-  align-items: center;
-  justify-content: space-between;
-  padding: 0.5rem 0rem;
-  gap: 0.5rem;
-
-  border: 0.0625rem solid var(--nevis-gray-200);
-  border-left-width: 0;
-  border-right-width: 0;
-}
-
-.btn-selection-item+.btn-selection-item {
-  border-top-width: 0;
-}
-
-.btn-selection-item:first-of-type {
-  margin-top: 1.5rem;
-}
-
-.btn-selection-item:last-of-type {
-  margin-bottom: 1.5rem;
-}
-
-.btn-selection-item .selection-label {
-  color: var(--nevis-dark) !important;
-  font-weight: 500;
-  font-size: 0.875rem;
-  line-height: 1.25rem;
-}
-
-.btn-selection-item .selection-description {
-  color: var(--nevis-gray-500) !important;
-  font-weight: 400;
-  font-size: 0.75rem;
-  line-height: 1.125rem;
-}
-
-/* Passwordless */
-
-/* Access App*/
-.access-app-download-link-mobile-spacing {
-  margin-top: 5rem;
-  margin-bottom: 5rem;
-}
-
-/* add rounded border corners around QR code */
-#authcloud_dispatch,
-#authcloud_dispatch>#qr-code-wrapper {
-  position: relative;
-  display: block;
-}
-
-#authcloud_dispatch:not(.mobile-platform):before,
-#authcloud_dispatch:not(.mobile-platform):after,
-#authcloud_dispatch>#qr-code-wrapper:before,
-#authcloud_dispatch>#qr-code-wrapper:after {
-  position: absolute;
-  width: 1.875rem;
-  height: 1.875rem;
-  border-color: var(--nevis-primary);
-  border-style: solid;
-  z-index: 1;
-  content: " ";
-}
-
-#authcloud_dispatch:before {
-  top: 0.5rem;
-  left: 0.5rem;
-  border-width: 0.1875rem 0 0 0.1875rem;
-  border-top-left-radius: 1rem;
-}
-
-#authcloud_dispatch:after {
-  top: 0.5rem;
-  right: 0.5rem;
-  border-width: 0.1875rem 0.1875rem 0 0;
-  border-top-right-radius: 1rem;
-}
-
-#authcloud_dispatch>#qr-code-wrapper:before {
-  bottom: 0.5rem;
-  right: 0.5rem;
-  border-width: 0 0.1875rem 0.1875rem 0;
-  border-bottom-right-radius: 1rem;
-}
-
-#authcloud_dispatch>#qr-code-wrapper:after {
-  bottom: 0.5rem;
-  left: 0.5rem;
-  border-width: 0 0 0.1875rem 0.1875rem;
-  border-bottom-left-radius: 1rem;
-}
-
-.recovery-code-input {
-  text-align: left;
-  letter-spacing: 0.1875rem;
-  font-family: monospace;
-}
-
-.recovery-codes-wrapper {
-  height: 9rem;
-  text-align: center;
-  overflow-y: auto;
-  margin-bottom: 1rem;
-  /* Firefox */
-  scrollbar-color: var(--nevis-gray-300) #ffffff;
-  scrollbar-width: thin;
-  border: 1px solid lightgray;
-  border-radius: 0.5rem;
-}
-
-.recovery-codes-wrapper::-webkit-scrollbar {
-  width: 0.25rem;
-}
-
-.recovery-codes-wrapper::-webkit-scrollbar-track {
-  background: #ffffff;
-}
-
-.recovery-codes-wrapper::-webkit-scrollbar-thumb {
-  background: var(--nevis-gray-300);
-  border-radius: 0.125rem;
-}
-
-.recovery-codes-wrapper::-webkit-scrollbar-thumb:hover {
-  background: var(--nevis-gray-400);
-}
-
-.recovery-code-gray {
-  background: var(--nevis-gray-100);
-  font-size: 0.875rem;
-  line-height: 1.25rem;
-  font-family: monospace;
-  letter-spacing: 0.1875rem;
-}
-
-.recovery-code-white {
-  background: #ffffff;
-  font-size: 0.875rem;
-  line-height: 1.25rem;
-  font-family: monospace;
-  letter-spacing: 0.1875rem;
-}
-
-button.btn-recovery-code {
-  line-height: 0.75rem;
-  margin-top: 0.7rem;
-  width: 100%;
-}

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/mauth_usernameless.js

@@ -110,15 +110,13 @@
                 if (status == 'clientAuthenticating') {
                     // show process icon
                     document.getElementById("mauth_loading").style.display = 'block';
-                    // hide QR code and info message
                     document.getElementById("mauth_qrcode").style.display = 'none';
-                    document.getElementById("mauth_qrcode_info").style.display = 'none';
                 }
                 if (status == 'succeeded') {
                     clearInterval(statusPolling);
                     // as this is the last call we have to do a top-level request instead of AJAX
                     const form = createForm();
-                    addInput(form, "fidoUafDone", "true"); // required for custom dispatching in usernameless
+                    addInput(form, "continue", "true"); // required for custom dispatching in usernameless
                     document.body.appendChild(form);
                     form.submit();
                 } else if (status == 'failed' || status == 'unknown') {

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/microsoft.svg

@@ -1,7 +0,0 @@
-<svg width="18" height="18" viewBox="0 0 18 18" fill="none" xmlns="http://www.w3.org/2000/svg">
-    <path fill="#f3f3f3" d="M0 0h18v18H0z"/>
-    <path fill="#f35325" d="M1 1h8v8H1z"/>
-    <path fill="#81bc06" d="M10 1h8v8H10z"/>
-    <path fill="#05a6f0" d="M1 10h8v8H1z"/>
-    <path fill="#ffba08" d="M10 10h8v8H10z"/>
-</svg>

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/oauth_consent.js

@@ -1,50 +1,43 @@
-document.addEventListener("DOMContentLoaded", function () {
+// display oauth scopes listed in input field 'consentInformation'
-    const consentInformationFieldName = "consentInformation"; // Input field name
+// change 'consentInformation' and 'scope_name' to the values used in your configuration.
-    const scopeDescriptionSource = "scope_name"; // JSON key for scope description
+$(function() {
+
+    var consentInformationFieldName = "consentInformation"; // name of the input field from which to parse the value as the consent information JSON
+    var scopeDescriptionSource = "scope_name";              // key of the field in the consent information JSON of which to get the value as the scope description
 
     function displayOAuthScopesConsent() {
-        const jsonData = parseJson();
+        var jsonData = parseJson();
         if (jsonData !== undefined) {
-            mapJsonToHtml(jsonData);
+            mapJsonToHtml(jsonData)
         }
     }
 
     function mapJsonToHtml(jsonData) {
         mapJsonToHtmlScopeList("listOfRequestedScopesWithExistingConsent", jsonData.requestedScopesWithExistingConsent, "Already accepted scopes:");
-        mapJsonToHtmlScopeList("listOfRequestedScopes", jsonData.requestedScopesRequiringConsent, "Requested scopes that require consent:");
+        mapJsonToHtmlScopeList("listOfRequestedScopes", jsonData.requestedScopesRequiringConsent, "Requested scopes that require a consent:");
     }
 
     function mapJsonToHtmlScopeList(elementId, scopeInformation, title) {
-        if (scopeInformation && Object.keys(scopeInformation).length > 0) {
+        if (scopeInformation !== undefined && Object.keys(scopeInformation).length > 0) {
-            const consentInput = document.querySelector(`input[name="${consentInformationFieldName}"]`);
+            $("input[name=" + consentInformationFieldName +"]").after("<p style='margin-top: 0.5em'>" + title + "</p><div class='scopeinfobox'><ul id='" + elementId + "' /> </div>");
-            if (consentInput) {
+            jQuery.each(scopeInformation, function(key,value) {
-                const container = document.createElement("div");
+                var scopeDescription = value[scopeDescriptionSource];
-                container.innerHTML = `<p style='margin-top: 0.5em'>${title}</p><div class='scopeinfobox'><ul id='${elementId}'></ul></div>`;
+                if (scopeDescription) {
-                consentInput.insertAdjacentElement("afterend", container);
+                    $("#" + elementId).append('<li>' + scopeDescription + '</li>');
-
+                } else {
-                const ulElement = document.getElementById(elementId);
+                    $("#" + elementId).append('<li>' + key + '</li>');
-                for (const key in scopeInformation) {
-                    if (scopeInformation.hasOwnProperty(key)) {
-                        const scopeDescription = scopeInformation[key][scopeDescriptionSource] || key;
-                        const li = document.createElement("li");
-                        li.textContent = scopeDescription;
-                        ulElement.appendChild(li);
-                    }
-                }
                 }
+            });
         }
     }
 
     function parseJson() {
-        const consentInformationField = document.querySelector(`input[name="${consentInformationFieldName}"]`);
+        var consentInformationField = $("input[name=" +consentInformationFieldName +"]");
-        if (consentInformationField) {
+        if (consentInformationField.length > 0) {
-            try {
+            return JSON.parse(consentInformationField.val());
-                return JSON.parse(consentInformationField.value);
-            } catch (e) {
-                console.error("Invalid JSON in consent information field:", e);
-            }
         }
     }
 
     displayOAuthScopesConsent();
 });
+

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/passkey_autofill.js

@@ -1,44 +0,0 @@
-(function() {
-  'use strict'
-
-  async function submit(assertion) {
-    // as this is the last call we have to do a top-level request instead of AJAX
-    const form = document.createElement("form");
-    form.method = "POST";
-    form.style.display = "none";
-    addInput(form, "path", "/nevisfido/fido2/assertion/result")
-    addInput(form, "id", assertion.id);
-    addInput(form, "type", assertion.type);
-    console.log("assertion response:", assertion.response);
-    addInput(form, "response.clientDataJSON", assertion.response.clientDataJSON);
-    addInput(form, "response.authenticatorData", assertion.response.authenticatorData);
-    addInput(form, "response.signature", assertion.response.signature);
-    addInput(form, "response.userHandle", assertion.response.userHandle);
-    document.body.appendChild(form);
-    form.submit();
-  }
-
-  function authenticate() {
-    const hiddenField = document.querySelector("input[name='fido2_attestation_options']");
-    if (hiddenField && hiddenField.value) {
-        try {
-            const options = JSON.parse(hiddenField.value);
-            console.log("parsed attestation options:", JSON.stringify(options));
-
-            SimpleWebAuthnBrowser.startAuthentication({ optionsJSON: options, useBrowserAutofill: true })
-                .then(assertionResponse => {
-                    console.log("Authentication successful:", JSON.stringify(assertionResponse));
-                    submit(assertionResponse);
-                })
-                .catch(error => {
-                    console.log(`Passkey autofill skipped: ${error}`);
-                });
-        } catch (error) {
-            console.error("Error parsing fido2_attestation_options:", error);
-        }
-    } else {
-        console.log("Passkey autofill is disabled.");
-    }
-  }
-  authenticate();
-})();

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/print.css

@@ -1,67 +0,0 @@
-@media print {
-   /* general printing rules */
-
-    body {
-      margin: 0;
-      color: #000000 !important;
-      background-color: #ffffff !important;
-
-      font-size: 12pt;
-      font-family: georgia, times, serif;
-
-      box-shadow: none !important;
-    }
-
-    header, footer, aside, nav, button, h1, h2, h3, h4, h5, h6 {
-      display: none;
-    }
-
-    main {
-      max-width: 100%;
-      box-shadow: none !important;
-    }
-
-    .printable {
-      display: block;
-    }
-
-    div:not(.printable) {
-      display: none;
-    }
-
-    .btn { 
-      display: none;
-    }
-
-    /* screen specific rules */
-
-    .login-container-body {
-      color: #000000 !important;
-      background-color: #ffffff !important;
-      box-shadow: none !important;
-      border-radius: unset;
-    }
-
-    .recovery-codes-wrapper {
-      overflow: unset !important;
-      height: unset !important;
-    }
-
-    #recovery-codes::before {
-      content: "Recovery Codes";
-      font-size: 16pt;
-    }
-
-    .recovery-code-white,
-    .recovery-code-gray {
-      color: #000000 !important;
-      background-color: #ffffff !important;
-
-      font-size: 14pt;
-      margin-top: 5pt;
-    }
-
-    .recovery-code-gray:first-child {
-      margin-top: 15pt;
-    }
-}

DEFAULT-ADN-AGOV-WORK-OB-PROJECT/DEFAULT-DEFAULT-ADN-AGOV-OB-INV/ob-logrend-v1/var/opt/nevislogrend/default/data/applications/ob-mock-me-realm/webdata/resources/saml_idp_logout.js

@@ -1,63 +0,0 @@
-function handleLogout(sp_urls, final_url) {
-
-    const request_urls = sp_urls.filter(function(current_url) {
-        return current_url.indexOf('SAMLRequest') > 0;
-    });
-
-    const response_urls = sp_urls.filter(function(current_url) {
-        return current_url.indexOf('SAMLResponse') > 0;
-    });
-
-    function kill_session() {
-        const current_url = window.location.href;
-        if (current_url.indexOf('?logout') == -1 && current_url.indexOf('&logout') == -1) {
-            console.log("current URL does not terminate the IDP session");
-            let logout_url = '';
-            if (current_url.indexOf('?') > 0) {
-                logout_url = current_url + "&logout";
-            } else {
-            }
-            fetch(logout_url, {
-                method: 'GET',
-                credentials: 'include'
-            }).then(response => {
-                if (!response.ok) {
-                    console.error('Logout request failed');
-                }
-            }).catch(error => {
-                console.error('Logout request error', error);
-            });
-        }
-    }
-
-    const requests = request_urls.map(current_url => {
-        return fetch(current_url, {
-            method: 'GET',
-            credentials: 'include',
-            mode: 'cors'
-        }).then(response => {
-            if (!response.ok) {
-                console.error('Request failed', current_url);
-            }
-        }).catch(error => {
-            console.error('Request error', current_url, error);
-        });
-    });
-
-    // send out the requests in parallel
-    // in any case we then terminate the IDP session and redirect to the correct destination
-    // we have to complete the logout no matter if the requests were successful or if there were failed requests
-    Promise.allSettled(requests).then(() => {
-        kill_session(); // required to terminate IDP session
-    }).finally(() => {
-        if (response_urls.length == 0) {
-            // redirect to root location on the IDP
-            console.log('Finish IDP-initiated SAML logout - redirecting to: ' + final_url);
-            window.location.href = final_url;
-        } else {
-            // only 1 such URL allowed. process ends on SP side
-            console.log('Finish SP-initiated SAML logout - redirecting to: ' + response_urls[0]);
-            window.location.href = response_urls[0];
-        }
-    })
-}